Andrew Engelbrecht [Wed, 19 Jul 2017 20:31:29 +0000 (16:31 -0400)]
remove unneeded file (latex.patch)
this was apparently not removed in the git rebase.
Ruben Rodriguez [Thu, 1 Dec 2016 21:59:27 +0000 (16:59 -0500)]
Comment cleanup
Ruben Rodriguez [Thu, 1 Dec 2016 21:28:53 +0000 (16:28 -0500)]
Updated the LaTeX header for letters
Ruben Rodriguez [Fri, 10 Jun 2016 19:06:07 +0000 (15:06 -0400)]
Added hack for scaping curly brackets on smarty LaTeX templates
Ruben Rodriguez [Fri, 10 Jun 2016 19:05:21 +0000 (15:05 -0400)]
Tuned up PdfLatex font settings
k [Tue, 15 Mar 2016 17:41:14 +0000 (13:41 -0400)]
redisabling mail tracking
k [Tue, 15 Mar 2016 17:37:59 +0000 (13:37 -0400)]
redoing replacement of "Confirm Contribution" with "Review Contribution"
k [Tue, 15 Mar 2016 17:13:26 +0000 (13:13 -0400)]
Solving RT ticket #
1092988
adding civicrm ID to contributin record
Lisa Marie Maginnis [Thu, 15 Oct 2015 03:10:17 +0000 (23:10 -0400)]
reverted js changes back to upstream
Lisa Marie Maginnis [Mon, 21 Sep 2015 17:33:03 +0000 (13:33 -0400)]
ipn receiver for external api
Lisa Marie Maginnis [Mon, 21 Sep 2015 17:28:53 +0000 (13:28 -0400)]
Priceset 2nd half
Lisa Marie Maginnis [Mon, 21 Sep 2015 17:28:43 +0000 (13:28 -0400)]
Priceset/debugwatchdog
Lisa Marie Maginnis [Mon, 21 Sep 2015 17:18:43 +0000 (13:18 -0400)]
Removed cache rebuild from the GroupContact
Lisa Marie Maginnis [Mon, 21 Sep 2015 17:15:03 +0000 (13:15 -0400)]
RT#765026, patch for null values in civicrm_acl_cache
Ruben Rodriguez [Thu, 10 Sep 2015 22:24:23 +0000 (18:24 -0400)]
Added the current uncommited changes to production code, and rebased to 4.6.8
Lisa Marie Maginnis [Thu, 1 May 2014 21:29:27 +0000 (17:29 -0400)]
Additional files for PDF/Latex
Lisa Marie Maginnis [Thu, 1 May 2014 21:04:18 +0000 (17:04 -0400)]
Our changes
Tim Otten [Wed, 4 Dec 2019 20:38:51 +0000 (12:38 -0800)]
release-notes.md - Fix 5.19.4 TOC
CiviCRM [Wed, 4 Dec 2019 20:36:22 +0000 (20:36 +0000)]
Set version to 5.19.4
totten [Wed, 4 Dec 2019 17:21:28 +0000 (17:21 +0000)]
Update 5.19.4.md
totten [Wed, 4 Dec 2019 17:14:07 +0000 (17:14 +0000)]
Merge branch '5_19_4_release_notes' into 'security-fixes'
Add in release notes for 5.19.4 drop
See merge request security/core!98
totten [Wed, 4 Dec 2019 17:04:52 +0000 (17:04 +0000)]
Update 5.19.4.md
seamuslee [Wed, 4 Dec 2019 05:15:59 +0000 (05:15 +0000)]
Merge branch 'security_core_71' into 'security-fixes'
security/core#71 Only permit requests where there is the header `HTTP_X_REQUESTED_WITH` and it's value is XMLHttpRequest for APIv4 to prevent CSRF
See merge request security/core!94
Seamus Lee [Tue, 3 Dec 2019 19:39:14 +0000 (06:39 +1100)]
Update release notes for latest PR backported
Seamus Lee [Mon, 2 Dec 2019 18:51:22 +0000 (05:51 +1100)]
Also update composer.lock
Coleman Watts [Mon, 2 Dec 2019 18:47:40 +0000 (13:47 -0500)]
Upgrade CKEditor to v4.13.0
Matthew Wire [Tue, 3 Dec 2019 15:22:51 +0000 (15:22 +0000)]
Merge pull request #16014 from seamuslee001/1435_519
dev/core#1435 Fix lack of filtering in Contribution tab on Membership…
eileen [Tue, 3 Dec 2019 05:46:21 +0000 (18:46 +1300)]
dev/core#1435 Fix lack of filtering in Contribution tab on Membership or Participant View
Seamus Lee [Mon, 2 Dec 2019 01:54:39 +0000 (12:54 +1100)]
Merge pull request #16003 from seamuslee001/handle_custom_field_deleted_519
Handle custom field deleted 519
Seamus Lee [Mon, 2 Dec 2019 00:10:14 +0000 (11:10 +1100)]
Catch CiviCRM APIv3 Error if custom field no longer exists in the database
Seamus Lee [Sun, 1 Dec 2019 23:52:46 +0000 (10:52 +1100)]
Add in unit test demonstrating the regression where smart group fails to load if a custom field has been deleted which was stored in the form values array
Seamus Lee [Sun, 1 Dec 2019 23:09:30 +0000 (10:09 +1100)]
Add in release notes for 5.19.4 drop
Seamus Lee [Sat, 30 Nov 2019 22:42:41 +0000 (09:42 +1100)]
Remove the check statement as not relevant to apiv4
Seamus Lee [Fri, 29 Nov 2019 07:46:51 +0000 (18:46 +1100)]
Also ensure that updates etc cannot be done via get only via post as per APIv3
Seamus Lee [Thu, 28 Nov 2019 23:03:00 +0000 (10:03 +1100)]
Ensure that API Explorer passes through necessary header
Seamus Lee [Thu, 28 Nov 2019 21:33:44 +0000 (08:33 +1100)]
security/core#71 Prevent CSRF by ensuring that AJAX endpoint of the API Explorer can only be hit by javascript clinets
Seamus Lee [Sat, 30 Nov 2019 01:20:30 +0000 (12:20 +1100)]
Merge pull request #15991 from seamuslee001/relative_non_date_range_5.19
Only add in relative key when its a custom date field
Seamus Lee [Sat, 30 Nov 2019 00:37:03 +0000 (11:37 +1100)]
Port int custom data handling in the CustomDataTrait
Seamus Lee [Fri, 29 Nov 2019 22:08:48 +0000 (09:08 +1100)]
Merge pull request #15984 from eileenmcnaughton/badge
dev/core#1422 Ensure that the form values are correctly passed onto t…
Seamus Lee [Thu, 28 Nov 2019 03:22:11 +0000 (14:22 +1100)]
Only add in relative key when its a custom date field
Ensure that we strip the _to _from _high _low from the element name first
Seamus Lee [Tue, 26 Nov 2019 00:43:48 +0000 (11:43 +1100)]
dev/core#1422 Ensure that the form values are correctly passed onto the Badge label task and others
Tim Otten [Mon, 25 Nov 2019 23:02:16 +0000 (15:02 -0800)]
Merge pull request #15961 from totten/5.19-bump3
5.19.3 release notes
Tim Otten [Mon, 25 Nov 2019 22:31:20 +0000 (14:31 -0800)]
Add release-notes/5.19.3.md
Tim Otten [Mon, 25 Nov 2019 22:18:10 +0000 (14:18 -0800)]
Set version to 5.19.3
Seamus Lee [Fri, 22 Nov 2019 22:04:25 +0000 (09:04 +1100)]
Merge pull request #15932 from seamuslee001/5.19
Reinstate traversal as "method of last resort" to find WordPress
Christian Wach [Fri, 22 Nov 2019 18:05:49 +0000 (18:05 +0000)]
Reinstate traversal as "method of last resort" to find WordPress
Seamus Lee [Fri, 22 Nov 2019 02:44:08 +0000 (13:44 +1100)]
Merge pull request #15925 from seamuslee001/dev_core_1412
dev/core/1412 CiviMail sent via wp-cli and cron mangles mailing urls on WP
Tim Otten [Thu, 21 Nov 2019 21:58:38 +0000 (13:58 -0800)]
(dev/core#1412) E2E - Add test case for path+URL construction in CLI
Overview
--------
In dev/core#1412, the regression involved CLI processes producing incorrect URLs.
This adds some test-coverage.
Before
------
No test coverage for URLs in CLI environment.
After
-----
There is some test-coverage. It's able to reveal the existence of the bug from 1412.
Comments
--------
A lot of path/URL construction is dependent on the environment/site-build.
The test does not, on its own, guarantee that all environments work.
Rather, it adds a new slice of cheese to the stack.
This slice is moderately generic - in that I've successfully tested it
localy on `drupal-demo` and `wp-demo` builds. In theory, it should work on
other build types (as long as they set variables `CIVI_CORE`, `CMS_ROOT`,
`CMS_URL`).
Kevin Cristiano [Thu, 21 Nov 2019 20:12:01 +0000 (15:12 -0500)]
dev/core/1412 CiviMail sent via wp-cli and cron mangles mailing urls on WP
CiviCRM [Wed, 20 Nov 2019 22:34:27 +0000 (22:34 +0000)]
Set version to 5.19.2
CiviCRM [Wed, 20 Nov 2019 22:33:01 +0000 (22:33 +0000)]
Merge remote-tracking branch 'security/security-fixes' into 5.19
Seamus Lee [Wed, 20 Nov 2019 22:17:37 +0000 (09:17 +1100)]
Merge pull request #15897 from seamuslee001/dev_core_1409_519
dev/core#1409 Remove net_amount from Addtional Payment form
totten [Wed, 20 Nov 2019 21:53:34 +0000 (21:53 +0000)]
Merge branch 'security_release_release_notes' into 'security-fixes'
Release notes for 5.19.2 Release
See merge request security/core!89
eileen [Wed, 20 Nov 2019 04:54:22 +0000 (17:54 +1300)]
dev/core#1409 Remove net_amount from Addtional Payment form
This is causing a validation problem. We used to have an issue on the contribution form which we eventually
resolved by removing net_amount as it's best calculated anyway
In order to make this changed I had to ensure Payment.create adds the net_amount & had
to do a couple of tweaks for the test to pass
Backport additional test functions and update API to get tests to pass
totten [Wed, 20 Nov 2019 20:10:03 +0000 (20:10 +0000)]
Merge branch 'public_release_fixes' into 'security_release_release_notes'
Update release notes for Public MRs being merged into 5.19
See merge request security/core!93
totten [Wed, 20 Nov 2019 20:09:10 +0000 (20:09 +0000)]
Update 5.19.2.md
totten [Wed, 20 Nov 2019 19:59:12 +0000 (19:59 +0000)]
Update 5.19.2.md
Seamus Lee [Wed, 20 Nov 2019 19:54:01 +0000 (06:54 +1100)]
Merge pull request #15893 from seamuslee001/cce_fix_cancel_date_5_19
dev/core#1391 - Fix contribution cancel_date not being loaded
Seamus Lee [Wed, 20 Nov 2019 19:47:12 +0000 (06:47 +1100)]
Merge pull request #15896 from seamuslee001/dev_core_1374_5_19
dev/core#1374 Fix search formValue handling on contribu…
Seamus Lee [Wed, 20 Nov 2019 19:44:58 +0000 (06:44 +1100)]
Merge pull request #15894 from seamuslee001/dev_core_1406_519
dev/core#1406 Ensure that we use the CRM_Member_DAO_Membership as dao…
Seamus Lee [Wed, 20 Nov 2019 19:23:24 +0000 (06:23 +1100)]
Update release notes for Public MRs being merged into 5.19
Seamus Lee [Wed, 20 Nov 2019 18:56:43 +0000 (05:56 +1100)]
dev/core#1374 dev/core#1374 Fix search formValue handling on contribution search
Seamus Lee [Wed, 20 Nov 2019 04:42:52 +0000 (15:42 +1100)]
dev/core#1406 Ensure that we use the CRM_Member_DAO_Membership as dao for the civicrm_membership table
Patrick Figel [Thu, 14 Nov 2019 13:19:04 +0000 (14:19 +0100)]
dev/core#1391 - Fix contribution cancel_date not being loaded
This fixes an issue where the contribution cancel_date is not loaded
in the contribution search, causing cancelled contributions not to be
greyed out and the cancel date not to be shown.
totten [Wed, 20 Nov 2019 08:14:02 +0000 (08:14 +0000)]
Update 5.19.2.md
totten [Wed, 20 Nov 2019 08:05:07 +0000 (08:05 +0000)]
Update 5.19.2.md
totten [Wed, 20 Nov 2019 07:35:07 +0000 (07:35 +0000)]
Update 5.19.2.md
totten [Wed, 20 Nov 2019 06:10:06 +0000 (06:10 +0000)]
Merge branch 'security_core_70' into 'security-fixes'
security/core#70 Update Symfony packages to be the latest versions
See merge request security/core!92
totten [Wed, 20 Nov 2019 05:54:08 +0000 (05:54 +0000)]
Merge branch 'security_core_62_apiv4_join' into 'security-fixes'
Ensure that APIv4 Properly filters out permissable fields when no permission to view field exists
See merge request security/core!91
Tim Otten [Wed, 20 Nov 2019 03:50:11 +0000 (19:50 -0800)]
ContactApiKeyTest - Add additional test-case
This case was failing before but now passes with the update
Seamus Lee [Wed, 20 Nov 2019 03:14:16 +0000 (14:14 +1100)]
Ensure that APIv4 Properly filters out permissable fields when no permission to view field exists
Seamus Lee [Wed, 20 Nov 2019 02:13:35 +0000 (13:13 +1100)]
Update to latest versions of polyfill-ctype and polyfill-iconv
Seamus Lee [Wed, 20 Nov 2019 02:03:22 +0000 (13:03 +1100)]
securiry/core#70 Upgrade Symfony version to 2.8.50
Seamus Lee [Tue, 19 Nov 2019 22:18:42 +0000 (09:18 +1100)]
Minor update to release notes
Seamus Lee [Mon, 18 Nov 2019 05:38:23 +0000 (16:38 +1100)]
Update release notes as per Tim's copy editing of the SA
Seamus Lee [Mon, 18 Nov 2019 05:34:14 +0000 (16:34 +1100)]
Release notes for 5.19.2 Release
seamuslee [Tue, 12 Nov 2019 04:31:42 +0000 (04:31 +0000)]
Merge branch 'security_core_46' into 'security-fixes'
Implement xKerman/restricted-unserialize package to guard against unsafe unserialize
See merge request security/core!87
Jenkins [Sat, 9 Nov 2019 07:16:07 +0000 (07:16 +0000)]
Update unit test to match the output of the CRM_Utils_String function
Tim Otten [Tue, 29 Oct 2019 01:55:18 +0000 (18:55 -0700)]
SavedSearch API - Only accept safe inputs
Tim Otten [Tue, 29 Oct 2019 01:53:03 +0000 (18:53 -0700)]
CRM_Utils_String::unserialize() - Add wrapper for parsing safe exprs (int/string/array/etc)
Seamus Lee [Sun, 3 Nov 2019 06:20:31 +0000 (17:20 +1100)]
[NFC] Update Doc block as per Patrick
Seamus Lee [Tue, 29 Oct 2019 22:34:55 +0000 (09:34 +1100)]
Revert changes in CRM/Core/BAO{Cache|ConfigSetting}.php CRM/Extension/ClassLoader.php CRM/Queue and CRM/Utils/Cache
Seamus Lee [Tue, 29 Oct 2019 04:26:57 +0000 (15:26 +1100)]
Return FALSE instead of throwing Exception if package throws Exception
Seamus Lee [Tue, 29 Oct 2019 04:21:06 +0000 (15:21 +1100)]
Implement xKerman/restricted-unserialize package to guard against unsafe unserialize
Tim Otten [Thu, 31 Oct 2019 06:00:21 +0000 (23:00 -0700)]
ContactInterchangeTest - Add coverage for APIv4 joins/chains
Tim Otten [Fri, 25 Oct 2019 03:59:08 +0000 (20:59 -0700)]
(security/core#67) Port APIv3's escaping scheme to APIv4
Tim Otten [Fri, 25 Oct 2019 03:57:34 +0000 (20:57 -0700)]
HTMLInputCoder - Add more variants for encoding arrays
Seamus Lee [Wed, 9 Oct 2019 09:24:42 +0000 (20:24 +1100)]
Fix unit test for APIv4 format
Coleman Watts [Mon, 1 Jul 2019 00:47:47 +0000 (20:47 -0400)]
Fix api_key handling from joins
Patrick Figel [Wed, 9 Oct 2019 10:45:33 +0000 (12:45 +0200)]
security/core#65 - Fix XSS in Dashboard Report Title
This fixes an XSS in report titles displayed on the dashboard page
by escaping the title on output.
Seamus Lee [Thu, 8 Aug 2019 21:38:06 +0000 (07:38 +1000)]
security/core#65 Fix Display of Report title that contains XSS in it when shown on dashboard
Patrick Figel [Fri, 5 Jul 2019 18:49:44 +0000 (20:49 +0200)]
security/core#59 - Fix SQL injection in civicrm/ajax/dedupefind
This fixes an SQL injection in civicrm/ajax/dedupefind by validating
the order direction parameter.
Fixes #59
Tim Otten [Sat, 9 Nov 2019 02:33:35 +0000 (18:33 -0800)]
Merge pull request #15788 from seamuslee001/5_19_1_version_bump_release_notes
Bump version and add in release notes for a 5.19.1 drop
Tim Otten [Sat, 9 Nov 2019 02:32:54 +0000 (18:32 -0800)]
Update 5.19.1.md
Seamus Lee [Sat, 9 Nov 2019 01:39:44 +0000 (12:39 +1100)]
Add in release notes for 5.19.1 drop
Seamus Lee [Sat, 9 Nov 2019 01:31:12 +0000 (12:31 +1100)]
Set version to 5.19.1
Seamus Lee [Fri, 8 Nov 2019 23:33:36 +0000 (10:33 +1100)]
Merge pull request #15780 from seamuslee001/dev_mailing_56_5_19
dev/mailing#56 dev/mailing#57 Ensure that we don't pass in any namesp…
Seamus Lee [Fri, 8 Nov 2019 21:27:41 +0000 (08:27 +1100)]
dev/mailing#56 dev/mailing#57 Ensure that we don't pass in any namespaced fields when building the row array for mailing reports
Eileen McNaughton [Fri, 8 Nov 2019 02:19:56 +0000 (15:19 +1300)]
Merge pull request #15766 from seamuslee001/dev_core_1376_5_19
dev/core#1376 Catch Invalid Argument Exception when looking for APIv4…
Seamus Lee [Thu, 7 Nov 2019 23:35:30 +0000 (10:35 +1100)]
Merge pull request #15763 from seamuslee001/dev_core_1371_5_19
dev/core#1371 Fix e-notice caused by trying to pass in known info to …
projects / civicrm-core.git / log