Tim Otten [Thu, 21 Feb 2019 06:02:47 +0000 (22:02 -0800)]
Set version to 5.10.3
Seamus Lee [Sat, 16 Feb 2019 03:59:52 +0000 (14:59 +1100)]
Add in 5.10.3 Security Release Notes
Seamus Lee [Tue, 19 Feb 2019 01:39:50 +0000 (12:39 +1100)]
Fix file e-notice by using the correct url variables
Seamus Lee [Wed, 13 Feb 2019 23:33:45 +0000 (10:33 +1100)]
Fix variables to match image file hash generation
Tim Otten [Wed, 13 Feb 2019 22:34:33 +0000 (14:34 -0800)]
CRM_Profile_Form - Add fcs for download link on custom field
Tim Otten [Wed, 13 Feb 2019 20:58:33 +0000 (12:58 -0800)]
(REF) Clearer docblocks and file names
Tim Otten [Wed, 13 Feb 2019 20:50:02 +0000 (12:50 -0800)]
Fix multiple issues with file URLs. Use clearer variables and docblocks to reduce confusion.
Seamus Lee [Wed, 13 Feb 2019 20:09:26 +0000 (07:09 +1100)]
Try and use the correct variable for file id in custom field uploads and use the standard checksum timout as well
Tim Otten [Tue, 12 Feb 2019 23:58:57 +0000 (15:58 -0800)]
generateFileHash() - If we can't generate a secure, then don't generate any token
Falling back to a constant negates any security benefit of using a hash.
IMHO, the edge-case where `CIVICRM_SITE_KEY` is missing should be
obscure/rare and signifies broader problems for the deployment. It needs to
be corrected. If you're worried that having an error-symptom here is too
obscure, then let's add a more prominent error-message via
`CRM_Utils_Check`.
NOTE: There is one pre-existing case in core where (in absence of a key) it
procedes with a constant in lieu of a `CIVICRM_SITE_KEY` . Specifically,
`CRM_Core_Error::generateLogFileHash()`. That is not a good example to
follow because it is qualitiatively different:
* In `generateLogFileHash`(), `CIVICRM_SITE_KEY` functions as one of
multiple redundant security mechanisms -- e.g. even if
`CIVICRM_SITE_KEY` is missing, the log file remains hard-to-access because
(1) the DSN is part of the hash and (2) the httpd protects `ConfigAndLog`.
(Contrast: The file-hash-code is not *redundant* in the same way.)
* In the context of logging, raising any error (even if it's real error
condition) can provoke a weird loop (because then that error needs to be
logged). The log needs to avoid such loops. (Contrast:
`generateFileHash()` is part of the normal post-boot application logic, so
it's free to register errors normally.)
Tim Otten [Tue, 12 Feb 2019 23:50:40 +0000 (15:50 -0800)]
generateFileHash() and validateFileHash() should be colocated
The two functions (`generateFileHash()` and `validateFileHash()`) are
tightly-coupled. Most changes to one would require a matching change in the
other. So they should be parallel.
It'd be OK to say "the hash formula is a general utility for any party using
file APIs" (so put `generateFileHash()` and `validateFileHash()` in `CRM_Core_BAO_File`).
It'd be OK to say "the hash formula is specific to the end-point/page which
serves files" (so put `generateFileHash()` and `validateFileHash()` in
`CRM_Core_Page_File`).
The former feels a bit more accurate, so I pushed it toward that.
Seamus Lee [Mon, 4 Feb 2019 21:48:25 +0000 (08:48 +1100)]
Switch to Sha256 and add in a ttl
Further WHIP fixing hmac implementation now need to get it generating consistant hashes
Remove debugging
Seamus Lee [Tue, 22 Jan 2019 19:11:45 +0000 (06:11 +1100)]
Block access if no Hash is supplied
Seamus Lee [Fri, 18 Jan 2019 22:01:17 +0000 (09:01 +1100)]
security/core#26 Add in a generated Hash to download files so that URLs can't just be tested by annon users
Seamus Lee [Fri, 8 Feb 2019 03:46:36 +0000 (14:46 +1100)]
prevent timing attacks on the contact checksum validation
eileen [Mon, 14 Jan 2019 04:03:28 +0000 (17:03 +1300)]
Remove support for passing a filename into civicrm/file.
I can find no evidence this is used & it feels like a security risk, albeit they still need
the path
eileen [Mon, 14 Jan 2019 01:25:29 +0000 (14:25 +1300)]
Remove unused file parameters
Coleman Watts [Wed, 23 Jan 2019 02:14:03 +0000 (21:14 -0500)]
security/core#33 - Patch jQuery for CVE-2015-9251
See https://github.com/jquery/jquery/issues/2432#issuecomment-
403761229
This will no longer be needed after upgrading to jQuery 3.x.
Tim Otten [Tue, 15 Jan 2019 00:01:26 +0000 (16:01 -0800)]
(NFC) Cleanup new docblocks
Tim Otten [Mon, 14 Jan 2019 23:58:53 +0000 (15:58 -0800)]
Follow-up security/core#25 - Consistently change interface
The previous commit
4c1e702f96403bdc84b6900027d1be61ea601321 expanded the
signature of `fillWithSql()` to accept a third argument, but it wasn't
consistent about whether the third argument was optional or required.
This makes it consistently optional (default `[]`).
Seamus Lee [Sat, 27 Oct 2018 21:44:08 +0000 (08:44 +1100)]
Resolve security/core#25 Escape use of cacheKey to prevent SQLI when populating the prevNextCache
Security #25 Update Redis implementation to match function sig of interface function
Patrick Figel [Sun, 6 Jan 2019 17:30:30 +0000 (18:30 +0100)]
security/core#16 - Smarty - Fix XSS in crmMoney plugin
This fixes an XSS in the crmMoney smarty plugin by checking the
currency against the currency list and adds some basic tests.
Fixes security/core#16
Patrick Figel [Sun, 6 Jan 2019 21:16:40 +0000 (22:16 +0100)]
security/core#28 - CRM_Contact - Use uniqid() for table alias
Patrick Figel [Sat, 27 Oct 2018 19:08:32 +0000 (21:08 +0200)]
security/core#28 - CRM_Contact - Fix SQL injection in group/tag search
This fixes various SQL injections in CRM_Contact_BAO_Query in the group
and tag search code. CRM_Contact_BAO_Query is used by the API and some
other core features such as the advanced contact search.
For CRM_Contact_BAO_Query::tag, the lack of input validation meant that
API syntax that would typically not work for other parameters works for
tag search, so the fix attempts to not break backwards-compatibility
for API calls like Contact.get tag="1, 2" (i.e. using a comma-separated
list with spaces).
Seamus Lee [Sun, 30 Dec 2018 01:09:45 +0000 (12:09 +1100)]
security/core#32 Fix Reflected XSS in Logging Detail report
Seamus Lee [Sat, 27 Oct 2018 04:08:25 +0000 (15:08 +1100)]
Also Purify the output of the frozen entity reference and that of a select2 output as well
Seamus Lee [Tue, 3 Jul 2018 23:49:35 +0000 (09:49 +1000)]
Resolve #9 by purifying label of entity reference values
Seamus Lee [Tue, 19 Feb 2019 21:32:12 +0000 (08:32 +1100)]
Merge pull request #13641 from eileenmcnaughton/reg
dev/core#737 - SMS not sent if 'Send Immediately' option is chosen on
Jitendra Purohit [Tue, 19 Feb 2019 04:02:20 +0000 (09:32 +0530)]
dev/core#737 - SMS not sent if 'Send Immediately' option is chosen on the last screen
Tim Otten [Thu, 14 Feb 2019 22:17:56 +0000 (14:17 -0800)]
Set version to 5.10.2
Tim Otten [Thu, 14 Feb 2019 22:17:17 +0000 (14:17 -0800)]
Merge pull request #13598 from seamuslee001/5.10
Add in release notes for 5.10.2
Tim Otten [Thu, 14 Feb 2019 22:14:38 +0000 (14:14 -0800)]
Update 5.10.2.md
Tim Otten [Thu, 14 Feb 2019 22:14:19 +0000 (14:14 -0800)]
Update 5.10.2.md
Minor copy-edits:
* Punctuation to match other point-release docs
* Use consistent reverse-alpha in credits
* Add some more authors+reviewers from Github
Seamus Lee [Thu, 14 Feb 2019 21:48:40 +0000 (08:48 +1100)]
Merge pull request #13597 from eileenmcnaughton/acl_reg510
dev/core#721 Fix regression on refreshing group_contact cache before checking acls
Seamus Lee [Thu, 14 Feb 2019 20:34:43 +0000 (07:34 +1100)]
Add in release notes for 5.10.2
Update release notes as per Eileen's comment
Add in notes on merge of dev/core#715 fix
Seamus Lee [Thu, 14 Feb 2019 20:26:21 +0000 (07:26 +1100)]
Merge pull request #13595 from mlutfy/5.10-case-close-fatal
dev/core#681 Fatal Error on submitting "Change Case Status" activity form
eileen [Thu, 14 Feb 2019 05:37:14 +0000 (18:37 +1300)]
Fix regression on refreshing group_contact cache before checking acls
We seem to be checking if the cache needs a rebuild and IF SO doing 2 actions
1) rebuilding it
2) permitting access to contacts related to it
When really it should do only 1) above - this patch changes as such
This seems to be whackamole off https://github.com/civicrm/civicrm-core/pull/12344
going too far one way & https://github.com/civicrm/civicrm-core/pull/13448
fixing but adding this new variant
Jitendra Purohit [Wed, 23 Jan 2019 09:54:23 +0000 (15:24 +0530)]
dev/core#681 - Fatal Error on submitting "Change Case Status" activity form
Eileen McNaughton [Wed, 13 Feb 2019 20:16:47 +0000 (09:16 +1300)]
Merge pull request #13590 from eileenmcnaughton/rel_del510
dev/core#715 - Fix delete action on RelationshipType form
Coleman Watts [Tue, 12 Feb 2019 17:08:48 +0000 (12:08 -0500)]
dev/core#715 - Fix delete action on RelationshipType form
CiviCRM [Tue, 12 Feb 2019 03:26:15 +0000 (03:26 +0000)]
Set version to 5.10.1
Seamus Lee [Mon, 11 Feb 2019 23:31:01 +0000 (10:31 +1100)]
Merge pull request #13574 from seamuslee001/5_10_1_release_notes
Release notes for 5.10.1 release
Seamus Lee [Mon, 11 Feb 2019 21:43:32 +0000 (08:43 +1100)]
Merge pull request #13570 from eileenmcnaughton/cc_510
Fix regression whereby making receive_date required breaks back office cc
Seamus Lee [Mon, 11 Feb 2019 21:09:03 +0000 (08:09 +1100)]
Release notes for 5.10.1 release
eileen [Mon, 11 Feb 2019 20:16:22 +0000 (09:16 +1300)]
Fix regression whereby making receive_date required breaks back office cc
Regression from https://lab.civicrm.org/dev/core/issues/680
led to https://civicrm.stackexchange.com/questions/28410/unable-to-take-credit-card-payment-after-civi-update
Tim Otten [Thu, 7 Feb 2019 00:30:09 +0000 (19:30 -0500)]
Update 5.10.0.md
CiviCRM [Thu, 7 Feb 2019 00:24:28 +0000 (00:24 +0000)]
Set version to 5.10.0
Seamus Lee [Wed, 6 Feb 2019 20:47:11 +0000 (12:47 -0800)]
Merge pull request #13494 from agh1/5.10.0-releasenotes
5.10.0 release notes
Andrew Hunt [Wed, 6 Feb 2019 14:49:40 +0000 (09:49 -0500)]
5.10.0 release notes: late changes, credits, and last-minute fixes
Tim Otten [Wed, 16 Jan 2019 22:12:16 +0000 (14:12 -0800)]
Add release-notes/5.9.1.md
Alice Frumin [Wed, 6 Feb 2019 14:29:08 +0000 (09:29 -0500)]
5.10.0 release notes: bulk of edits
* pulling out misc and organizing lines with gitlab issue numbers
* linking to gitlab issues
* update lines with gitlab issues to have the gitlab titles
* progress
* second pass
* finished first pass of notes
* deleting rows related to merge
* reorganizing sections
Andrew Hunt [Tue, 22 Jan 2019 19:05:14 +0000 (14:05 -0500)]
5.10.0 release notes: added boilerplate
Andrew Hunt [Tue, 22 Jan 2019 19:01:53 +0000 (14:01 -0500)]
5.10.0 release notes: raw from script
Monish Deb [Wed, 6 Feb 2019 04:16:32 +0000 (09:46 +0530)]
Merge pull request #13536 from eileenmcnaughton/export_sc
dev/core#651 Fix group by on export soft credits (possible recent regression, clearly wrong).
eileen [Tue, 5 Feb 2019 06:04:21 +0000 (19:04 +1300)]
dev/core#651 Fix group by on export soft credits (possible recent regression, clearly wrong).
As pointed out by the reporter the group by is being calculated as if it were a string but it's an array, this fixes.
This code has been touched recently so it might be a recent regression. 5.10 is the first release in a long time where
export is working in some mysql / output configs after a big refactor to get rid of wide temp tables
Monish Deb [Tue, 5 Feb 2019 13:51:09 +0000 (19:21 +0530)]
Merge pull request #13537 from eileenmcnaughton/cont_comp
dev/core#680 make receive_date required on backoffice contribution form
eileen [Tue, 5 Feb 2019 08:07:16 +0000 (21:07 +1300)]
dev/core#680 make receive_date required on backoffice contribution form
and api
Discussion on https://lab.civicrm.org/dev/core/issues/680#note_13205
Eileen McNaughton [Tue, 5 Feb 2019 04:18:40 +0000 (17:18 +1300)]
Merge pull request #13533 from eileenmcnaughton/prev_next
Prev next
eileen [Tue, 5 Feb 2019 01:58:53 +0000 (14:58 +1300)]
Disable full group by mode whe groupContacts is TRUE
This prevents an error when using the cache and allows us to move
past this without untangling the messy way other tables are joined back in
for now.
Note it became necessary due to query changes off the cache but the query is no
different in accuracy
Aidan Saunders [Mon, 4 Feb 2019 17:50:30 +0000 (17:50 +0000)]
dev/core#695 - Make custom searches slightly less fragile
eileen [Mon, 4 Feb 2019 23:59:51 +0000 (12:59 +1300)]
dev/core#679 fix loss of search results when including tags or groups.
The bug as described was a bit tricksy to replicate as it is inconsistent and the
code is not actually outputting the tags/ groups. I think these are pre-existing issues
I was able to replicate by having 2 search profiles - one with only tags & one one with only groups & switching back & and force on output - once I replicated I found that there was a regression due to
https://github.com/eileenmcnaughton/civicrm-core/commit/
2ca46d4d5a8cd15929ac0939ca2bb380a3de027e#diff-e54381bfdf51e31cab376c71ca0d66ffR4967
whereby the groupBy had been dropped, causing the results to be squashed into a single row
Seamus Lee [Mon, 4 Feb 2019 07:37:07 +0000 (23:37 -0800)]
Merge pull request #13524 from eileenmcnaughton/search_rc
Revert fix causing unreleased regression
eileen [Mon, 4 Feb 2019 05:03:49 +0000 (18:03 +1300)]
Revert "Assign the translated formValues to itself"
This reverts commit
e8ef090642f0ff5639166b847a31f4e50eec3dd6.
eileen [Mon, 4 Feb 2019 04:39:41 +0000 (17:39 +1300)]
Revert "Rewrite testHiddenSmartGroup"
This reverts commit
7810fa53a7f5d8be82ebda7fde122d0fd349d358.
colemanw [Wed, 23 Jan 2019 22:02:25 +0000 (17:02 -0500)]
Merge pull request #13478 from pradpnayak/eventRegression
dev/core/issues/653, fixed regression on creating new event using event template
Pradeep Nayak [Wed, 16 Jan 2019 23:16:48 +0000 (23:16 +0000)]
dev/core/issues/653, fixed regression on creating new event using event template
Use core function to over-ride values
Tim Otten [Wed, 16 Jan 2019 21:42:36 +0000 (13:42 -0800)]
Merge pull request #13451 from eileenmcnaughton/everyone_510
(dev/core#660) Address regression whereby Anonymous users can no longer register for an event if they have ACLs to see a contact
eileen [Tue, 15 Jan 2019 00:48:18 +0000 (13:48 +1300)]
Remove foreign key on civicrm_acl_contact_id.user_id.
This won't actually remove it from installs - we need to address that separately via ensuring people can and do run
the System.updateIndices api call but it removes it from new installs and from
tests, hence the test should pass
eileen [Mon, 14 Jan 2019 23:48:36 +0000 (12:48 +1300)]
Fix mishandling / loss of check_permission flag
eileen [Mon, 14 Jan 2019 23:44:50 +0000 (12:44 +1300)]
Add test to demonstrate fatal error when accessing permitted users that are cached using the acl_cache.
This has arisen during investigation of a possible regression - it turns out that if you give the 'everyone' group
access to a contact using ACLs (or hooks I believe) they get a fatal error on any attempt at event or other registration.
The issue is that when attempting to check for duplicates the call is made using check_permission. This in itself is a possible
regression as the CRM_Dedupe_Finder::dupesByParams function now drops the check_permission key when it is equal to 0 from
https://github.com/civicrm/civicrm-core/commit/
4f33e78b901fb7cdb38a3026f88b59a2f9fd2c68
So we have an issue that
1) we are now applying check_permission when doing a dupe_check from front end forms - this probably is resulting in 5.9
sites getting too many duplicates are they would always be null for anon users
2) if we DO do a permissions check when an acl or hook has been used to give anon users permission to access
contacts then they will get a fatal error. This is because it sets contact_id to 0 and attempts to insert it into the
acl_contact_cache.
I think we need to either remove the array_filter line that we think we may not need per code comments
or add specific handling for the check_permission flag
AND drop the foreign key constraint on the civicm_acl_contact_cache table. This means they will
no longer be removed when a contact is deleted but this is a clean up issue rather than one with
functionaly implications & we *should* have some form of cleanup in play on that table. In addition,
removing the constraint will reduce write contention
Eileen McNaughton [Mon, 14 Jan 2019 23:03:01 +0000 (12:03 +1300)]
Merge pull request #13448 from eileenmcnaughton/everyone_510
Fix unreleased regression on building GroupContact clause
Eileen McNaughton [Mon, 14 Jan 2019 23:01:43 +0000 (12:01 +1300)]
Merge pull request #13449 from colemanw/caseDateSearch
Fix broken case activity date filter
eileen [Mon, 14 Jan 2019 10:39:03 +0000 (23:39 +1300)]
Fix unreleased regression whereby acls are skipped for groups
Coleman Watts [Mon, 14 Jan 2019 17:22:07 +0000 (12:22 -0500)]
Fix broken case activity date filter
eileen [Mon, 14 Jan 2019 09:04:45 +0000 (22:04 +1300)]
Add unit test to cover granting everyone' group permission to access a group
Seamus Lee [Mon, 14 Jan 2019 02:01:53 +0000 (13:01 +1100)]
Merge pull request #13445 from seamuslee001/dev-656
(dev/core#656) unreleased regression - attendee report generates unde…
yashodha [Thu, 10 Jan 2019 12:07:34 +0000 (17:37 +0530)]
(dev/core#656) unreleased regression - attendee report generates undefined property notice
Seamus Lee [Thu, 10 Jan 2019 10:03:41 +0000 (21:03 +1100)]
Merge pull request #13429 from seamuslee001/5.10
Port Test fixes to 5.10
Seamus Lee [Mon, 7 Jan 2019 21:17:13 +0000 (08:17 +1100)]
(NFC) Ensure that when loading in the test data it is done with UTF8 encoding
Seamus Lee [Mon, 7 Jan 2019 23:55:29 +0000 (10:55 +1100)]
(dev/core#647) Fix up Test Class names and file names to ensure all test classes are run by Jenkins
Seamus Lee [Tue, 8 Jan 2019 01:18:10 +0000 (12:18 +1100)]
(dev/core#647) Fix Up Contact Selector Test by changing class name to get test to run and make changes following code changes that affect clauses and calling get rows
CRM_Contact_SelectorTest - Fix escaping
(dev/core#217) CRM_Contact_SelectorTest - Remove stale/unnecessary assertion
The table `civicrm_prevnext_cache` includes three columns (`entity_id1`,
`entity_id2`, `entity_table`). These columns have some use-cases (e.g. for
deduping) and some historical value, but the only one needed for
caching search-results is `entity_id1`.
dev/core#217 introduced an interface `CRM_Core_PrevNextCache_Interface` for
caching search-results. This interface only passes through a list of CID's
(effectively `entity_id1`); because we don't need `entity_id2` and
`entity_table`, it makes no provisions for passing them through, and they're
not saved. This simplifies the interface and makes it more realistic to
implement alternative prevnext storage mechanisms.
Seamus Lee [Tue, 8 Jan 2019 02:28:30 +0000 (13:28 +1100)]
Merge pull request #13414 from eileenmcnaughton/count
Fix php 7.2 countable warning
eileen [Mon, 7 Jan 2019 22:32:03 +0000 (11:32 +1300)]
Fix php 7.2 countable warning
per https://lab.civicrm.org/dev/core/issues/406#note_12393
Warning: count(): Parameter must be an array or an object that implements Countable in CRM_Event_Form_Participant->submit() (line 1722 of .../all/modules/civicrm/CRM/Event/Form/Participant.php).
CiviCRM [Thu, 3 Jan 2019 03:23:31 +0000 (03:23 +0000)]
Set version to 5.10.beta1
Seamus Lee [Thu, 3 Jan 2019 02:24:38 +0000 (13:24 +1100)]
Merge pull request #13389 from civicrm/5.9
5.9
Seamus Lee [Thu, 3 Jan 2019 02:24:22 +0000 (13:24 +1100)]
Merge pull request #13388 from totten/5.9-msg-tweak
Five Nine - Revise upgrade notice about Money/Int/Float fields
Tim Otten [Thu, 3 Jan 2019 00:36:39 +0000 (16:36 -0800)]
FineNine - Revise upgrade notice to be less alarming
Based on discussion at https://github.com/civicrm/civicrm-core/pull/13384/files#r244890998
Tim Otten [Thu, 3 Jan 2019 00:24:08 +0000 (16:24 -0800)]
(NFC) FiveNine.php - Whitespace
Eileen McNaughton [Thu, 3 Jan 2019 00:13:34 +0000 (13:13 +1300)]
Merge pull request #13386 from civicrm/5.9
5.9
Eileen McNaughton [Thu, 3 Jan 2019 00:12:58 +0000 (13:12 +1300)]
Merge pull request #13387 from seamuslee001/release_notes_update
Update 5.9 Release notes for final fixes
Seamus Lee [Thu, 3 Jan 2019 00:10:29 +0000 (11:10 +1100)]
Merge pull request #13385 from eileenmcnaughton/5.9
dev/core#619 fix regression on Address contact-reference fields not rendering results
Seamus Lee [Wed, 2 Jan 2019 23:27:03 +0000 (10:27 +1100)]
Update 5.9 Release notes for final fixes
Seamus Lee [Wed, 2 Jan 2019 23:19:32 +0000 (10:19 +1100)]
Merge pull request #13384 from seamuslee001/dev_core_337
dev/core#337 Add in upgrade script to set search by range to be false…
Seamus Lee [Wed, 2 Jan 2019 22:49:58 +0000 (09:49 +1100)]
Merge pull request #13189 from JMAConsulting/core-564
dev-core#564: Differentiate case relationships in Contact Summary page
eileen [Wed, 2 Jan 2019 22:05:20 +0000 (11:05 +1300)]
dev/core#619 fix regression on Address contact-reference fields not rendering results.
Fixing results not rendering on onbehalf profiles broke addresses - this
limits the handling added for onbehalf to only apply to onbehalf.
Eileen McNaughton [Wed, 2 Jan 2019 21:34:41 +0000 (10:34 +1300)]
Merge pull request #13314 from colemanw/dev/core#337
dev/core#337 - Fix search range for select/radio custom fields
Seamus Lee [Wed, 2 Jan 2019 21:30:00 +0000 (08:30 +1100)]
dev/core#337 Add in upgrade script to set search by range to be false for Fields of money, float, int with widget types radio and select which were how they were effectively implementeted originally
Eileen McNaughton [Wed, 2 Jan 2019 20:19:09 +0000 (09:19 +1300)]
Merge pull request #13381 from civicrm/5.9
5.9.0 release notes (#13244) to master
Andrew Hunt [Wed, 2 Jan 2019 20:18:04 +0000 (15:18 -0500)]
5.9.0 release notes (#13244)
Eileen McNaughton [Wed, 2 Jan 2019 20:08:50 +0000 (09:08 +1300)]
Merge pull request #13380 from yashodha/campaign_report_clean
(dev/core#491) campaign cleanup for member summary report and show di…
Eileen McNaughton [Wed, 2 Jan 2019 19:47:10 +0000 (08:47 +1300)]
Merge pull request #13338 from eileenmcnaughton/export
Export merge to household - fix DB error relating to fields too long for table.