Jump to:

7935 Posts in 1536 Topics by 943 members

DataObjectManager Module

SilverStripe Forums » DataObjectManager Module » Bug Reports

Discuss the DataObjectManager module, and the related ImageGallery module.

Moderators: martimiz, UncleCheese, Sean, biapar, Willr, Ingo, swaiba, simon_w

Page: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38
Go to End
Author Topic: 47770 Views
  • Ben Gribaudo
    Avatar
    Community Member
    181 Posts

    Re: Bug Reports Link to this post

    Re my "SecurityID doesn't match, possible CRSF attack" post of 10/28:

    Some sleuthing revealed that this problem appeared in revision 223 of DOM. Tthe constructor of DataObjectManager_Popup (in DataObjectManager.php) contains an if statement that determines whether or not a number of Requirements should be set. In revision 222, the if statement used the following expression:

    $this->controller->hasNested


    In revision 223, this changed to:

    $this->hasNestedDOM()

    There is something about hasNestedDom()'s call to $this->Fields() that causes this error.

    Got to run for an appointment...when I have time, hopefully I can dig more on this problem.

  • keeny
    Avatar
    Community Member
    48 Posts

    Re: Bug Reports Link to this post

    Hiya wmk,

    Thanks for that. I have SWFUpload installed, so would that be affected by changeset r77012 mentioned in http://open.silverstripe.org/ticket/2862?

    I also stepped through FileDataObjectManager_Controller::handleswfupload() with a die() statement. It seems if I comment out line 641...

    else {
                $ownerID = $_POST['parentIDName'];
                //$file->$ownerID = $_POST['controllerID'];
                $file->write();
                echo $file->ID;
             }

    The file uploads to the right place but the DOM doesn't refresh. I have to manually refresh the File & Images area to see the newly uploaded file. Also I don't really know what the consequence of commenting this line out is.

    Any more ideas?

    Cheers,

    Keeny.

  • UncleCheese
    Avatar
    4085 Posts

    Re: Bug Reports Link to this post

    $_POST['parentIDName'];
    $_POST['controllerID'];

    One of those fields is not coming through. If you have SWFUpload in debug mode, you can see in the debug window what the post params are. Something is coming through null.

  • keeny
    Avatar
    Community Member
    48 Posts

    Re: Bug Reports Link to this post

    Hiya Uncle,

    I get this....

    DEBUG: Post Params:
    SWF DEBUG: fileClassName=File
    SWF DEBUG: hasDataObject=0
    SWF DEBUG: parentIDName=ParentID
    SWF DEBUG: dataObjectFieldName=
    SWF DEBUG: dataObjectClassName=File
    SWF DEBUG: OverrideUploadFolder=assets/Palmerston-North/Home/
    SWF DEBUG: controllerID=13
    SWF DEBUG: fileFieldName=Files

    I'm totally lost with this. BTW it works fine on my local Wamp machine. The problem is on our production server.

  • Howard
    Avatar
    Community Member
    215 Posts

    Re: Bug Reports Link to this post

    Hi UncleCheese,

    Trivial bug here, in the nested popup popup the close image was not showing when SS was installed in a subfolder but it was just a case of changing the reference to the image in dataobject_manager.css line 153 from:

    a.nested-close {display:block;text-indent:-9999em;width:30px;height:30px;background: url('/dataobject_manager/images/closebox.png') no-repeat top left;position:absolute;top:-15px;right:-15px;}


    to

    a.nested-close {display:block;text-indent:-9999em;width:30px;height:30px;background: url('../images/closebox.png') no-repeat top left;position:absolute;top:-15px;right:-15px;}

    I *really* like this feature btw!

    Cheers

  • UncleCheese
    Avatar
    4085 Posts

    Re: Bug Reports Link to this post

    SWF DEBUG: dataObjectFieldName=

    There's your null value. Make sure you're defining everything correctly in your constructor.

  • UncleCheese
    Avatar
    4085 Posts

    Re: Bug Reports Link to this post

    Thanks for that. Make sure you're on the latest version. I believe someone put in this patch several weeks ago.

  • Ben Gribaudo
    Avatar
    Community Member
    181 Posts

    Re: Bug Reports Link to this post

    Re my "SecurityID doesn't match, possible CRSF attack" posts of 10/28 and 10/31:

    More on what's going on:
    When the DataObjectManager_popup window is initialized for the first time, class Form's loadDataFrom method is called. The form knows it should have a SecurityID field (from the call to $this->fields->dataFields() on http://open.silverstripe.org/browser/modules/sapphire/trunk/forms/Form.php?rev=90075#L919). However, when loadDataFrom() iterates through $data, setting field values, it sets that SecurityID field's value to NULL because $data doesn't contain a SecurityID value (see http://open.silverstripe.org/browser/modules/sapphire/trunk/forms/Form.php?rev=90075#L950).

    Can someone help me resolve this?

    Ben

    47770 Views
Page: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38
Go to Top

Want to know more about the company that brought you SilverStripe? Then check out SilverStripe.com

Comments on this website? Please give feedback.