Commit Graph

17803 Commits

Author SHA1 Message Date
Moayad Mardini 3776926cfe Fixed #22493 - Added warnings to raw() and extra() docs about SQL injection
Thanks Erik Romijn for the suggestion.
2014-04-25 09:54:49 -04:00
Tim Graham 9e7f86b890 Fixed #22515 -- Fixed the object_id of the LogEntry that's created after a user password change in the admin.
Thanks ross at servercode.co.uk for the report.
2014-04-25 08:20:25 -04:00
Aymeric Augustin e368912902 Set some transaction-related feature flags on SQLite.
Refs #22496.
2014-04-25 11:43:20 +02:00
Shai Berger 843613add4 Fixed #22498 -- constraint name was not quoted in FK creation SQL 2014-04-25 01:30:43 +03:00
Shai Berger 53d97e4fe3 Made sure cursor.close() does not complain if cursor is already closed on Oracle
Refs #22483
2014-04-25 00:36:40 +03:00
Aymeric Augustin 25209715d4 Prevented a crash in the cursor wrappers on Oracle.
Fixed #22483 (again).

Forwardport of 5cd6429620 from stable/1.7.x
2014-04-24 09:14:42 -04:00
Aymeric Augustin b0f4eecfa7 Ignored repeated calls to connection.close().
Forwardport of 9bbb43dd1a from stable/1.7.x
2014-04-24 09:14:26 -04:00
Tim Graham d238c58912 Fixed #22499 -- Fixed a typo in an admin_views test that caused failure on Oracle. 2014-04-24 07:06:02 -04:00
Claude Paroz 7c24027bad Renamed Transifex project from django-core to django
See also http://blog.transifex.com/post/83622601443/new-teams-management-transifex
2014-04-24 11:38:18 +02:00
Kevin Christopher Henry 91afc00513 Fixed #21157 -- Fixed problems with ResolverMatch
- Fixed bug in get_callable() that caused resolve() to put a string
  in ResolverMatch.func.
- Made ResolverMatch.url_name match the actual url name (or None).
- Updated tests that used the string value in ResolverMatch.func, and
  added regression tests for this bug.
- Corrected test urls whose dummy view paths caused failures (behavior
  that was previously masked by this bug).
2014-04-23 20:12:34 -04:00
Aymeric Augustin 0aa4c6c391 Used the same instance of atomic for entry and exit.
Since all state is maintained on the connection at this time and none in
the atomic, it doesn't matter, but it could introduce some subtle bugs
if the implementation changed in the future.
2014-04-23 21:44:36 +02:00
Aymeric Augustin e74d2183c2 Wrapped migrations in a transaction only on DBs with transactional DDL. 2014-04-23 21:44:36 +02:00
Claude Paroz 3a435a057c Set compile messages options as class variable
Refs #18714. Same logic as options for makemessages commands.
2014-04-23 15:15:03 +02:00
Malcolm Box af5f688392 Fixed #22495 -- Locmem cache.add() failed with infinite timeouts
cache.add() incorrectly succeeded when there was an existing key
with an infinite (None) timeout.
2014-04-23 14:49:46 +02:00
Claude Paroz 2ffa6ca73a Added Spatialite support to the new migration framework
Refs #22451.
2014-04-23 13:46:11 +02:00
Claude Paroz 48c4ea4146 Used migration framework in GIS test tearDown 2014-04-23 13:45:41 +02:00
Preston Timmons 3c06b2f2a3 Fixed #22486 -- Restored the ability to reverse views created using functools.partial.
Regression in 8b93b31487.

Thanks rcoup for the report.
2014-04-23 07:27:52 -04:00
Alex Gaynor c3152e5bcd Merge pull request #2602 from intgr/typofix
Various documentation typo/spelling fixes
2014-04-22 16:42:44 -07:00
Marti Raudsepp 11d453bcad Various documentation typo/spelling fixes
Errors detected by Topy (https://github.com/intgr/topy), all changes
verified by hand.
2014-04-23 02:31:49 +03:00
Ray Ashman 9853779805 Updated grammar in description of django.contrib.auth. 2014-04-22 18:28:47 -04:00
Donald Stufft 03401701f3 Merge pull request #2600 from alex/builtin-constant-time-compare
Use the stdlib's compare_digest for constant time comparisons when available
2014-04-22 17:53:08 -04:00
Alex Gaynor 58176dee88 Use the stdlib's compare_digest for constant time comparisons when available 2014-04-22 14:45:00 -07:00
Tim Graham 9fb95dfc9f Added 1.6.4 release note stub. 2014-04-22 11:44:03 -04:00
Florian Apolloner f286721f7f Fixed #22426 -- Added support old-style d.c.messages format.
Forward ported code from 1.5 that adds backwards compatibility with legacy message length.
See commit 9e7183073f for details.

Thanks to Ofir Ovadia for the initial patch.
2014-04-22 10:46:18 +02:00
Erik Romijn c07f3e60c2 Added information on resolved security issues to release notes. 2014-04-21 18:11:26 -04:00
Erik Romijn 75c0d4ea3a Fixed queries that may return unexpected results on MySQL due to typecasting.
This is a security fix; disclosure to follow shortly.
2014-04-21 18:11:26 -04:00
Aymeric Augustin c083e3815a Prevented leaking the CSRF token through caching.
This is a security fix. Disclosure will follow shortly.
2014-04-21 18:11:26 -04:00
Tim Graham 8b93b31487 Fixed a remote code execution vulnerabilty in URL reversing.
Thanks Benjamin Bach for the report and initial patch.

This is a security fix; disclosure to follow shortly.
2014-04-21 18:11:26 -04:00
Claude Paroz ab90c4707b Fixed table cleanup in GIS migration tests 2014-04-21 23:08:00 +02:00
Claude Paroz 1667e736a7 Fixed PostGIS remove_field implementation
Fixed bad code introduced in 2f9d1576e8.
2014-04-21 22:42:11 +02:00
Claude Paroz 2f9d1576e8 Fixed removal of GIS column in PostGIS 1.x migration
Refs #22481.
2014-04-21 21:17:14 +02:00
Claude Paroz fb09a489ca Fixed adding new GIS column in PostGIS 1.x migration
Refs #22451.
2014-04-21 20:58:09 +02:00
Matt Lauber b2514c02e1 Corrected the section identifier for MySQL unicode reference. 2014-04-21 13:19:46 -04:00
Aymeric Augustin c54e7ec9ca Merge pull request #2592 from prestontimmons/remove-test-runner-cases
Removed old test runner test cases.
2014-04-21 18:06:19 +02:00
Florian Apolloner 405b13fe83 Fixed migrate when called inside a transaction.
This is useful for tests manually calling migrate inside a testcase,
for normal usage this should make no difference, since there is no
surrounding transaction after all. If there is one we still try to
leave the transaction in a useable state (for postgres at least).

If this commit turns out to be causing issues, settings savepoint=False
is probably the right fix :)
2014-04-21 15:37:12 +02:00
Florian Apolloner a4553e0510 Fixed monkeypatching in a staticfiles test. 2014-04-21 14:51:52 +02:00
Aymeric Augustin 428c0bbe1b Appeased flake8 2.1.0. 2014-04-21 12:27:34 +02:00
Aymeric Augustin df3b1a01c7 Consolidated expressions tests. 2014-04-21 12:15:04 +02:00
Aymeric Augustin 25b2ce896b Consolidated get_or_create tests. 2014-04-21 12:12:09 +02:00
Aymeric Augustin 3f01e82c59 Further consolidated the model_inheritance tests. 2014-04-21 11:50:53 +02:00
Aymeric Augustin 3f76339355 Fixed #22402 -- Consolidated model_inheritance tests.
The model_inheritance_same_model_name tests couldn't be run without the
model_inheritance tests. Make the problem go away by merging them.

Thanks timo for the report.
2014-04-21 11:43:08 +02:00
Preston Timmons 251e833c75 Removed old test runner test cases.
These files were added as part of #12658, which pertained to the old django.test.simple test runner. No tests call them anymore.
2014-04-20 22:00:39 -05:00
Tim Graham 471fb04a30 Fixed flake8 errors. 2014-04-20 13:08:04 -04:00
Aymeric Augustin bbe818b23c Changed paths in docs that referred to Python 2. 2014-04-20 08:34:01 +02:00
Tim Graham 1b3a3fc1e4 Fixed #22417 -- Added additional documentation for refs #16969.
Thanks Jon Foster for the report.
2014-04-19 21:39:08 -04:00
Andrew Gorcester 956bd64424 Fixed #22397 -- Issues removing M2M field with explicit through model
Changed the migration autodetector to remove models last so that FK
and M2M fields will not be left as dangling references. Added a check
in the migration state renderer to error out in the presence of
dangling references instead of leaving them as strings. Fixed a bug
in the sqlite backend to handle the deletion of M2M fields with
"through" models properly (i.e., do nothing successfully).

Thanks to melinath for report, loic for tests and andrewgodwin and
charettes for assistance with architecture.
2014-04-18 16:44:47 -04:00
Tim Graham 26d118c3fe Moved RemoteUserBackend documentation to reference guide. 2014-04-18 16:06:26 -04:00
Moayad Mardini 11ac50b18e Fixed #22458 -- Added a note about MySQL utf8_unicode_ci collation
Thanks tobami at gmail.com for the report.
2014-04-18 15:10:21 -04:00
Tim Graham b43bbd6d39 Fixed #22473 -- Emphasized that Model.clean() is not called from Model.save(). 2014-04-18 15:00:26 -04:00
Claude Paroz 275811a93c Adapted fixture read mode to file type
Binary mode added in ed532a6a1e is not supported by ZipFile.
Refs #22399.
2014-04-18 18:54:46 +02:00