Message of the day:
Latest 3.x release: 3.7.3 - it runs on php 7! This is the channel for any SS3-related questions
Backend discussions on SilverStripe 3. For version 4 or newer, see #C36U3BDHN|ss4 or #C0QSDASKT|general. If you are using a version lower than SS3.4, please state, because it makes a difference!
but... I got my physical helper do it instead.. I'm just doing a little bit to feel the pain
@Firesphere - Got any jobs going at your place, I dream of having a PM who will go back to the client and say “tough luck” rather than bending over backwards to please them even when they are idiots, much to the distain of the dev team lol
Well, always backup before deploy there?
@Firesphere one thing that would probably work would be to add a helper field saving the filename, re-export the data, upload all assets and re-sync on prod and then loop through all records and update the FileID on filename match
but only if you very clearly set it up from the start.. I didn't really (this time)
Changing topic - Silverstripe inbuilt search and XSS, is there no inbuilt protection? I have a XSS vulnerability where you can search for say “<script>alert(“Hello World”);</script>” and it will be executed on the search results page.
I am looking at this module - http://addons.silverstripe.org/add-ons/zirak/htmlpurifier - but as it only references the need to use it for ‘custom search’ I am wondering if I am missing something with the inbuilt search?
yeah, I agree that you need to be pretty hardline in some cases
Even when they get it wrong, they are right asd they are paying your wages lol
if I was the client and had myself come back and tell me to do all my content entry all over again I would totally freak out at myself