Ruben Rodriguez [Fri, 10 Jun 2016 19:05:21 +0000 (15:05 -0400)]
Tuned up PdfLatex font settings
k [Tue, 15 Mar 2016 17:41:14 +0000 (13:41 -0400)]
redisabling mail tracking
k [Tue, 15 Mar 2016 17:37:59 +0000 (13:37 -0400)]
redoing replacement of "Confirm Contribution" with "Review Contribution"
k [Tue, 15 Mar 2016 17:13:26 +0000 (13:13 -0400)]
Solving RT ticket #
1092988
adding civicrm ID to contributin record
Lisa Marie Maginnis [Thu, 15 Oct 2015 03:10:17 +0000 (23:10 -0400)]
reverted js changes back to upstream
Lisa Marie Maginnis [Mon, 21 Sep 2015 17:33:03 +0000 (13:33 -0400)]
ipn receiver for external api
Lisa Marie Maginnis [Mon, 21 Sep 2015 17:28:53 +0000 (13:28 -0400)]
Priceset 2nd half
Lisa Marie Maginnis [Mon, 21 Sep 2015 17:28:43 +0000 (13:28 -0400)]
Priceset/debugwatchdog
Lisa Marie Maginnis [Mon, 21 Sep 2015 17:18:43 +0000 (13:18 -0400)]
Removed cache rebuild from the GroupContact
Lisa Marie Maginnis [Mon, 21 Sep 2015 17:15:03 +0000 (13:15 -0400)]
RT#765026, patch for null values in civicrm_acl_cache
Ruben Rodriguez [Thu, 10 Sep 2015 22:24:23 +0000 (18:24 -0400)]
Added the current uncommited changes to production code, and rebased to 4.6.8
Lisa Marie Maginnis [Thu, 1 May 2014 21:29:27 +0000 (17:29 -0400)]
Additional files for PDF/Latex
Lisa Marie Maginnis [Thu, 1 May 2014 21:04:18 +0000 (17:04 -0400)]
Our changes
CiviCRM [Wed, 15 May 2019 17:47:07 +0000 (17:47 +0000)]
Set version to 5.13.4
totten [Wed, 15 May 2019 17:32:48 +0000 (17:32 +0000)]
Merge branch '5_13_1_release_notes' into 'security-fixes'
Release Notes for security release
See merge request security/core!72
totten [Wed, 15 May 2019 15:48:00 +0000 (15:48 +0000)]
Update 5.13.4.md
Seamus Lee [Tue, 14 May 2019 21:19:22 +0000 (07:19 +1000)]
Update date of 5.13.3 release and add in APIv4 SA into 5.13.4
totten [Tue, 14 May 2019 10:34:04 +0000 (10:34 +0000)]
Update 5.13.4.md
Seamus Lee [Wed, 1 May 2019 02:40:10 +0000 (12:40 +1000)]
WIP Release Notes for security release
Update Release notes based on Tim's Review and likely drop of 5.13.3
Tim Otten [Wed, 8 May 2019 23:41:55 +0000 (16:41 -0700)]
civicrm/file - Be forgiving about old image hyperlinks
Previous versions of Civi sometimes generated URLs for contact-images with incorrect `&mime-type` values:
http://dmaster.bknix:8001/civicrm/file?reset=1&filename=Hello_cca4153cb14beab37c68ab7f07162425.jpg&mime-type=image/jpg
The recent security update will generate an error if the mime-type is incorrect, so this patch relaxes it
to allow the old links to continue working.
Seamus Lee [Fri, 3 May 2019 04:53:48 +0000 (14:53 +1000)]
Add whitelist back in and validate extension of file is permtted for the mime-type supplied and use mime-type from db if supplied with an fid and eid
Switch to different libary that is php5.6 compatable
Seamus Lee [Fri, 29 Mar 2019 23:34:47 +0000 (10:34 +1100)]
Strength mime checking by comparing mime-type to the file path mime-type if we have entity_id and file id otherwise only permit image mime_types to be accepted if going via the filename route
Ensure mimetype is set in the case where we are passing it through and its valid
Remove Whitelisting of mime-types as not useful and only check mime-types if we have had one passed in
Seamus Lee [Sun, 3 Mar 2019 01:14:16 +0000 (12:14 +1100)]
Resolve security/core#45 by validating the mimeType of the file with the supplied mime-type
Seamus Lee [Mon, 29 Apr 2019 04:05:15 +0000 (14:05 +1000)]
Resolve security/core#52 by validating that an installtype is sensible
Seamus Lee [Sat, 30 Mar 2019 05:19:58 +0000 (16:19 +1100)]
security/core#49 Ensure that only intergers are passed to the IN build options in address
Fix Rule checking and add a unit test
Add in unit test on building country_id options too
Add in a unit test for building county options with a state_province_id filter
Seamus Lee [Sun, 28 Apr 2019 22:32:58 +0000 (08:32 +1000)]
Also escape subtype to fix POC#2 found by Patrick
Seamus Lee [Mon, 22 Apr 2019 07:45:52 +0000 (17:45 +1000)]
Fix security/core#51 by paramatising the Event Type part of the wuere clause
Jamie McClelland [Wed, 20 Feb 2019 17:59:34 +0000 (12:59 -0500)]
escape alphanumeric/checkbox custom data
Seamus Lee [Wed, 24 Apr 2019 20:03:57 +0000 (06:03 +1000)]
Resolve security/core#53 by updating tcpdf to latest version of 6.2.x
Tim Otten [Tue, 23 Apr 2019 23:00:35 +0000 (16:00 -0700)]
(security/core#50) Update jQuery to address prototype pollution
Coleman Watts [Tue, 26 Mar 2019 22:16:18 +0000 (18:16 -0400)]
Don't expose condition to api.getoptions
Tim Otten [Tue, 5 Mar 2019 00:05:06 +0000 (16:05 -0800)]
Harden against serialization vulnerabilities (#46)
Tim Otten [Tue, 14 May 2019 10:54:21 +0000 (11:54 +0100)]
contributor-key.yml, 5.13.13.md - Fix typo in credit
I saw a typo and asked Patrick for preferred text.
Eileen McNaughton [Sun, 12 May 2019 04:35:55 +0000 (16:35 +1200)]
Merge pull request #14232 from seamuslee001/release_notes_5_13_4
Add in release notes for 5.13.3 and bump version to 5.13.3
Seamus Lee [Sun, 12 May 2019 00:45:52 +0000 (10:45 +1000)]
Merge pull request #14231 from eileenmcnaughton/513-3
dev/core#942 fix failure to render names for some activities
Seamus Lee [Sat, 11 May 2019 20:37:18 +0000 (06:37 +1000)]
Proper fix tests
Seamus Lee [Sat, 11 May 2019 08:07:24 +0000 (18:07 +1000)]
Merge pull request #14234 from seamuslee001/participant_count_search_fix_5_13
dev/core#956 Fix hard breakage in find participants form when you do a filter on o…
Seamus Lee [Sat, 11 May 2019 07:25:11 +0000 (17:25 +1000)]
Fix Failing Activity Test
Tim Otten [Sat, 11 May 2019 08:04:52 +0000 (09:04 +0100)]
Update 5.13.3.md
Tim Otten [Sat, 11 May 2019 08:03:11 +0000 (09:03 +0100)]
Update 5.13.3.md
eileenmcnaugton [Fri, 10 May 2019 04:13:11 +0000 (16:13 +1200)]
dev/core#942 fix failure to render names for some activities
Overview
----------------------------------------
Set limit for activity_contact retrieval to 0, allowing to retrieve more than 25 activity contacts when rendering the first 25 activities on the activity contact tab
Before
----------------------------------------
![before](https://user-images.githubusercontent.com/336308/
57439801-
e42a0580-729a-11e9-80a1-
45df93d0c5eb.jpg)
After
----------------------------------------
![after](https://user-images.githubusercontent.com/336308/
57439960-
39fead80-729b-11e9-9701-
acd79ff73497.jpg)
Technical Details
----------------------------------------
This moves the logic for retrieving the target contacts back into the getActivities function. We are stil not wanting to bypass the ACLs so still using the
api but strictly limiting the number of contacts we retrieve (at the cost of extra queries, but cheap ones).
Some tests added on the Bulk Mail activity.
Comments
----------------------------------------
Seamus Lee [Sat, 11 May 2019 01:59:59 +0000 (11:59 +1000)]
Update release notes
Seamus Lee [Fri, 10 May 2019 23:56:29 +0000 (09:56 +1000)]
Merge pull request #14230 from eileenmcnaughton/5.13
Fixes to layout on activity date time on search page
Seamus Lee [Fri, 10 May 2019 23:53:53 +0000 (09:53 +1000)]
Merge pull request #14229 from seamuslee001/5.13
core/issues/923, Fixed notice error when creating/editing profile
Seamus Lee [Fri, 10 May 2019 23:24:47 +0000 (09:24 +1000)]
dev/core#956 Fix hard breakage in find participants form when you do a filter on one event and n participant statues
Seamus Lee [Fri, 10 May 2019 22:43:16 +0000 (08:43 +1000)]
Set version to 5.13.3
Seamus Lee [Fri, 10 May 2019 22:42:58 +0000 (08:42 +1000)]
Add in Release notes for 5.13.3 Drop
Pradeep Nayak [Thu, 9 May 2019 21:35:00 +0000 (22:35 +0100)]
core/issues/923, Fixed notice error when creating/editing profile
Seamus Lee [Fri, 10 May 2019 00:16:19 +0000 (10:16 +1000)]
Add in Wrapper template around DatePickerRange template to have better layout of Activity Search Form
Allow for colspan and class to be set when adding in wrapper
Update the wrapper to be only one td and not all and fix activity template appropriately
Seamus Lee [Fri, 10 May 2019 22:10:12 +0000 (08:10 +1000)]
Merge pull request #14228 from eileenmcnaughton/5.13
Remove deprecated :hover jQuery selector
Jitendra Purohit [Wed, 8 May 2019 04:40:18 +0000 (10:10 +0530)]
Add select2 to input field of datepicker
Coleman Watts [Thu, 9 May 2019 21:50:53 +0000 (17:50 -0400)]
Remove deprecated :hover jQuery selector
Tim Otten [Tue, 7 May 2019 00:16:11 +0000 (17:16 -0700)]
Merge pull request #14209 from seamuslee001/release_notes_update_dev_core_940
(dev/core#940) Update release notes
Seamus Lee [Mon, 6 May 2019 23:52:40 +0000 (09:52 +1000)]
Merge pull request #14207 from seamuslee001/dev_core_940
(dev/core#940) Fix regression involving Email Processor and ".unknown" attachments
Tim Otten [Mon, 6 May 2019 23:32:12 +0000 (16:32 -0700)]
Update 5.13.2.md
Seamus Lee [Mon, 6 May 2019 22:35:55 +0000 (08:35 +1000)]
Update Release notes for dev/core#940
Include Dave D for review purposes
Seamus Lee [Mon, 6 May 2019 22:29:50 +0000 (08:29 +1000)]
Fix Regression in Email Processor filing all emails as .unknown attachments
Tim Otten [Mon, 6 May 2019 19:31:11 +0000 (12:31 -0700)]
Add 5.13.2 release notes
Tim Otten [Mon, 6 May 2019 19:03:11 +0000 (12:03 -0700)]
Set version to 5.13.2
Tim Otten [Mon, 6 May 2019 19:34:37 +0000 (12:34 -0700)]
(dev/core#934; followup) Fix escaping on new query code
This updates a line which was added in the past day (#14194) to ensure that
the data is escaped.
eileen [Fri, 3 May 2019 02:37:14 +0000 (14:37 +1200)]
dev/core#934 Fix regression on sorting activity tab by 'Added by'
Tim Otten [Thu, 2 May 2019 23:24:41 +0000 (16:24 -0700)]
Merge pull request #14190 from seamuslee001/5_13_1_drop_notes
Add in 5.13.1 release notes and increment version to 5.13.1
Seamus Lee [Thu, 2 May 2019 23:15:07 +0000 (09:15 +1000)]
Merge pull request #14186 from MegaphoneJon/wordpress-26
Fix REST on WordPress
Tim Otten [Thu, 2 May 2019 22:48:16 +0000 (15:48 -0700)]
Update 5.13.1.md
Seamus Lee [Thu, 2 May 2019 22:07:48 +0000 (08:07 +1000)]
Merge pull request #14187 from seamuslee001/dev_core_931
Resolve dev/core#931 by not doing translation on the query if field e…
Seamus Lee [Thu, 2 May 2019 21:32:46 +0000 (07:32 +1000)]
Set version 5.13.1
Seamus Lee [Thu, 2 May 2019 21:30:39 +0000 (07:30 +1000)]
Add in release notes for 5.13.1 drop
Seamus Lee [Thu, 2 May 2019 20:22:41 +0000 (06:22 +1000)]
Resolve dev/core#931 by not doing translation on the query if field exists during the upgrade process
Jon Goldberg [Thu, 2 May 2019 20:00:19 +0000 (16:00 -0400)]
wordpress#26 - fix REST
CiviCRM [Thu, 2 May 2019 03:00:55 +0000 (03:00 +0000)]
Set version to 5.13.0
Tim Otten [Thu, 2 May 2019 02:23:55 +0000 (19:23 -0700)]
Merge pull request #14056 from agh1/5.13.0-releasenotes
5.13.0 release notes
Tim Otten [Wed, 1 May 2019 23:50:50 +0000 (16:50 -0700)]
Update 5.13.0.md
Andrew Hunt [Wed, 1 May 2019 21:23:38 +0000 (17:23 -0400)]
5.13.0 release notes: late changes
Alice Frumin [Thu, 25 Apr 2019 20:12:08 +0000 (16:12 -0400)]
uppercase if work is continued or begun
Alice Frumin [Thu, 25 Apr 2019 20:06:12 +0000 (16:06 -0400)]
moving gitlab issues to the end
Alice Frumin [Tue, 16 Apr 2019 17:21:09 +0000 (13:21 -0400)]
5.13.0 release notes: bulk of edits
Andrew Hunt [Mon, 15 Apr 2019 21:01:28 +0000 (17:01 -0400)]
5.13.0 release notes: added boilerplate
Andrew Hunt [Mon, 15 Apr 2019 19:21:33 +0000 (15:21 -0400)]
5.13.0 release notes: raw from script
Seamus Lee [Wed, 1 May 2019 00:25:06 +0000 (10:25 +1000)]
Merge pull request #14163 from seamuslee001/flexmailer_26
(flexmailer#29) civicrm/mailing/view - Use Mailing.preview API. Fix compatibility with Flexmailer.
Eileen McNaughton [Tue, 30 Apr 2019 23:41:42 +0000 (11:41 +1200)]
Merge pull request #14164 from eileenmcnaughton/in_fix
Fix deprecation handling [intra-rc-follow up] on #13999]
Seamus Lee [Tue, 30 Apr 2019 23:11:56 +0000 (09:11 +1000)]
Return MailingID rather than ['id'] as id may not always be supplied
Tim Otten [Tue, 30 Apr 2019 22:50:21 +0000 (15:50 -0700)]
(flexmailer#29) civicrm/mailing/view - Generate content via Mailing.preview API
A root cause of flexmailer#29 is that the flexmailer has to override
multiple parts of CiviMail. Case in point: it overrides the
`civicrm/mailing/view` and forces it to generate content via
`Mailing.preview` API. This is unfortunate because flexmailer's variant is
missing other features (regarding permissioning and contact IDs).
This revision makes it unnecessary for flexmailer to override
`civicrm/mailing/view`.
Tim Otten [Tue, 30 Apr 2019 22:42:20 +0000 (15:42 -0700)]
(flexmailer#29) Mailing.preview API - Fix array access warning. Make unit-test pass.
Tim Otten [Tue, 30 Apr 2019 22:40:46 +0000 (15:40 -0700)]
(flexmailer#29) Mailing.preview API - Add unit-test for call without contact ID
Seamus Lee [Tue, 30 Apr 2019 20:57:32 +0000 (06:57 +1000)]
flexmailer#26 Fix Flexmailer handling of annonmous user access to view Mailings by porting handling of annon situation to api
eileen [Tue, 30 Apr 2019 21:33:26 +0000 (09:33 +1200)]
Fix deprecation handling
Turns out we were one of the sites naughtily using the BAO directly who needed this handling
to work - but because we passed a number in quote it didn't - this fixes
Tim Otten [Tue, 30 Apr 2019 05:50:32 +0000 (22:50 -0700)]
Merge pull request #14156 from totten/5.13-mail-tokens
CiviMail - Restore support for preview of "mailing"/"action" tokens via TokenProcessor/Flexmailer
Tim Otten [Tue, 30 Apr 2019 04:26:15 +0000 (21:26 -0700)]
CRM_Mailing_TokensTest - Update spec to match expected behavior
The preceding commits revised the behavior of `{mailing.*}` and `{action.*}`
when previewed via `TokenProcessor` (so that they match the preview
logic in other cases).
This simply changes the spec to match.
Eileen McNaughton [Tue, 30 Apr 2019 02:54:23 +0000 (14:54 +1200)]
Merge pull request #14155 from seamuslee001/php_7_2_bin_cli_class
dev/core#907 Fix Deprecation notice for PHP7.2 in bin/cli.class.php
Tim Otten [Mon, 29 Apr 2019 23:59:35 +0000 (16:59 -0700)]
CiviMail - Restore support for previewing mailing-tokens via TokenProcessor/Flexmailer
See preceding commit for general description - this simply applies the same
concept for another set of tokens.
Tim Otten [Mon, 29 Apr 2019 20:35:48 +0000 (13:35 -0700)]
CiviMail - Restore support for previewing action-tokens via TokenProcessor/Flexmailer
Overview
--------
When using `TokenProcessor` to generate a mailing (e.g. as with Flexmailer/Mosaico), the action-tokens (e.g.
`{action.optOutUrl}`) are generated via `CRM_Mailing_ActionTokens`. To properly generate them,
`CRM_Mailing_ActionTokens` relies on certain information (e.g. mailing/job ID). However, that information is no
longer available when performing a "Preview" -- leading to misbehavior in previews. This patch allows Flexmailer to
restore parity for previewing those tokens.
Before (Pre-5.6)
----------------
* When a user begins composing a mailing, CiviMail creates a draft mailing with a concrete ID (e.g. `mailing #123`).
* To preview the mailing, the UI calls `Mailing.preview` API with the ID of the mailing.
* Flexmailer/Mosaico generates the preview by calling `TokenProcessor` and therefore `CRM_Mailing_ActionTokens`.
* `CRM_Mailing_ActionTokens` has strictness checks. These pass because the ID is available.
Before (5.6-5.12)
----------------
As a performance enhancement, CiviCRM 5.6 (PR #12509; [dev/mail#20](https://lab.civicrm.org/dev/mail/issues/20)) revised
the signature for `Mailing.preview` API to allow previews *without* having a specific mailing record/job/ID. Consequently:
* When a user begins composing a mailing, CiviMail creates a draft mailing with a concrete ID (e.g. `mailing #123`).
* To preview the mailing, the UI calls `Mailing.preview` API ~~with~~ **without** the ID of the mailing.
* Flexmailer/Mosaico generates the preview by calling `TokenProcessor` and therefore `CRM_Mailing_ActionTokens`.
* `CRM_Mailing_ActionTokens` has strictness checks. These ~~pass~~ **fail** because the ID is ~~available~~ **unavailable**.
After
----------------
* When a user begins composing a mailing, CiviMail creates a draft mailing with a concrete ID (e.g. `mailing #123`).
* To preview the mailing, the UI calls `Mailing.preview` API ~~with~~ **without** the ID of the mailing.
* Flexmailer/Mosaico generates the preview by calling `TokenProcessor` and therefore `CRM_Mailing_ActionTokens`.
* `CRM_Mailing_ActionTokens` has ~~strictness~~ **less strict** checks. These **pass** because the `context[schema]` hints that
a mailing ID *will be available* when needed.
Seamus Lee [Mon, 29 Apr 2019 21:52:49 +0000 (07:52 +1000)]
dev/core#907 Fix Deprecation notice for PHP7.2 in bin/cli.class.php
Matthew Wire [Mon, 29 Apr 2019 10:32:41 +0000 (11:32 +0100)]
Merge pull request #14145 from demeritcowboy/submitOften
dev/core#904 - undo part of 13333
DemeritCowboy [Sat, 27 Apr 2019 20:28:47 +0000 (16:28 -0400)]
fix save and new
Seamus Lee [Fri, 26 Apr 2019 01:03:59 +0000 (11:03 +1000)]
Merge pull request #14132 from seamuslee001/5.13
Add 5.12.4 release notes
Tim Otten [Thu, 25 Apr 2019 23:42:50 +0000 (16:42 -0700)]
Update 5.12.4.md
Tim Otten [Thu, 25 Apr 2019 23:42:03 +0000 (16:42 -0700)]
Update 5.12.4.md
Seamus Lee [Thu, 25 Apr 2019 23:31:42 +0000 (09:31 +1000)]
Update release notes
Seamus Lee [Thu, 25 Apr 2019 01:11:43 +0000 (11:11 +1000)]
Add 5.12.4 release notes
Seamus Lee [Thu, 25 Apr 2019 09:38:10 +0000 (19:38 +1000)]
Merge pull request #14126 from seamuslee001/dev_core_880
Fix typo in DROP table query.