diff --git a/civicrm.php b/civicrm.php
index eb63e3a98271aec29945527c3aa597054637f8e6..7c9a2a8fc72c5948c89381e9334180363e0b38bd 100644
--- a/civicrm.php
+++ b/civicrm.php
@@ -2,7 +2,7 @@
/**
* Plugin Name: CiviCRM
* Description: CiviCRM - Growing and Sustaining Relationships
- * Version: 5.36.0
+ * Version: 5.36.1
* Requires at least: 4.9
* Requires PHP: 7.2
* Author: CiviCRM LLC
@@ -54,7 +54,7 @@ if (!defined('ABSPATH')) {
}
// Set version here: when it changes, will force Javascript & CSS to reload.
-define('CIVICRM_PLUGIN_VERSION', '5.36.0');
+define('CIVICRM_PLUGIN_VERSION', '5.36.1');
// Store reference to this file.
if (!defined('CIVICRM_PLUGIN_FILE')) {
diff --git a/civicrm/CRM/Contact/Form/DedupeRules.php b/civicrm/CRM/Contact/Form/DedupeRules.php
index 1d6d2eb507712766a05a36a54487c21ff220eb1e..176214de8144e538e6199296b30c16b356687676 100644
--- a/civicrm/CRM/Contact/Form/DedupeRules.php
+++ b/civicrm/CRM/Contact/Form/DedupeRules.php
@@ -143,7 +143,6 @@ class CRM_Contact_Form_DedupeRules extends CRM_Admin_Form {
if (!empty($fields["weight_$count"])) {
$actualThreshold += $fields["weight_$count"];
}
- break;
}
}
if (empty($fields['threshold'])) {
diff --git a/civicrm/CRM/Core/Payment.php b/civicrm/CRM/Core/Payment.php
index 74892574f8dece8a9209fc73e0ab5e90223a26fe..3d694b7d5460c1aacb1a9dc522b9eb5c33177ef1 100644
--- a/civicrm/CRM/Core/Payment.php
+++ b/civicrm/CRM/Core/Payment.php
@@ -1174,7 +1174,11 @@ abstract class CRM_Core_Payment {
* @throws \CRM_Core_Exception
*/
protected function getAmount($params = []) {
- return CRM_Utils_Money::format($params['amount'], NULL, NULL, TRUE);
+ if (!CRM_Utils_Rule::numeric($params['amount'])) {
+ CRM_Core_Error::deprecatedWarning('Passing Amount value that is not numeric is deprecated please report this in gitlab');
+ return CRM_Utils_Money::formatLocaleNumericRoundedByPrecision(filter_var($params['amount'], FILTER_SANITIZE_NUMBER_FLOAT, FILTER_FLAG_ALLOW_FRACTION), 2);
+ }
+ return CRM_Utils_Money::formatLocaleNumericRoundedByPrecision($params['amount'], 2);
}
/**
diff --git a/civicrm/CRM/Core/Resources.php b/civicrm/CRM/Core/Resources.php
index 77467b61203eeba218c6dc50c47bb17eaaec6e1a..faadb5c7545bef1ed06b1b91082925b5e9959156 100644
--- a/civicrm/CRM/Core/Resources.php
+++ b/civicrm/CRM/Core/Resources.php
@@ -425,8 +425,8 @@ class CRM_Core_Resources implements CRM_Core_Resources_CollectionAdderInterface
$config = CRM_Core_Config::singleton();
$vars = [
'moneyFormat' => json_encode(CRM_Utils_Money::format(1234.56)),
- 'contactSearch' => json_encode($config->includeEmailInName ? ts('Start typing a name or email...') : ts('Start typing a name...')),
- 'otherSearch' => json_encode(ts('Enter search term...')),
+ 'contactSearch' => json_encode($config->includeEmailInName ? ts('Search by name/email or id...') : ts('Search by name or id...')),
+ 'otherSearch' => json_encode(ts('Enter search term or id...')),
'entityRef' => self::getEntityRefMetadata(),
'ajaxPopupsEnabled' => self::singleton()->ajaxPopupsEnabled,
'allowAlertAutodismissal' => (bool) Civi::settings()->get('allow_alert_autodismissal'),
diff --git a/civicrm/CRM/Member/Form.php b/civicrm/CRM/Member/Form.php
index d450a7ba40b019dd671d3a3d3025b7976e95d11f..741b5ad188a7d5e41b5c80cd3e6f65b7baba7a44 100644
--- a/civicrm/CRM/Member/Form.php
+++ b/civicrm/CRM/Member/Form.php
@@ -483,7 +483,7 @@ class CRM_Member_Form extends CRM_Contribute_Form_AbstractEditPayment {
if ($priceSetDetails[$this->order->getPriceSetID()]['is_quick_config'] && isset($formValues['total_amount'])) {
// Amount overrides only permitted on quick config.
// Possibly Order object should enforce this...
- $this->order->setOverrideTotalAmount($formValues['total_amount']);
+ $this->order->setOverrideTotalAmount((float) $formValues['total_amount']);
}
$this->order->setOverrideFinancialTypeID((int) $formValues['financial_type_id']);
return $formValues;
diff --git a/civicrm/CRM/Member/Form/Membership.php b/civicrm/CRM/Member/Form/Membership.php
index 5a1c37eff22cac813fd658458ab062df8ffd5328..7e0bd64505d86e7159d97882345aafcc3e2622b0 100644
--- a/civicrm/CRM/Member/Form/Membership.php
+++ b/civicrm/CRM/Member/Form/Membership.php
@@ -1410,7 +1410,7 @@ DESC limit 1");
$membershipParams = array_merge($params, $membershipTypeValues[$lineItemValues['membership_type_id']]);
if (!empty($softParams)) {
- $membershipParams['soft_credit'] = $softParams;
+ $params['soft_credit'] = $softParams;
}
unset($membershipParams['contribution_status_id']);
$membershipParams['skipLineItem'] = TRUE;
diff --git a/civicrm/CRM/Price/BAO/PriceField.php b/civicrm/CRM/Price/BAO/PriceField.php
index 4827d2f132f1d7c2316072cc3ace0dc914f2fc1e..bb5dd9c1b033ca2e1270c8f50dc2a5d43101af1e 100644
--- a/civicrm/CRM/Price/BAO/PriceField.php
+++ b/civicrm/CRM/Price/BAO/PriceField.php
@@ -433,13 +433,6 @@ class CRM_Price_BAO_PriceField extends CRM_Price_DAO_PriceField {
if ($is_pay_later) {
$qf->add('text', 'txt-' . $elementName, $label, ['size' => '4']);
}
-
- // CRM-6902 - Add "max" option for a price set field
- if (in_array($opId, $freezeOptions)) {
- self::freezeIfEnabled($choice[$opId], $customOption[$opId]);
- // CRM-14696 - Improve display for sold out price set options
- $choice[$opt['id']] = '<span class="sold-out-option">' . $opt['label'] . ' (' . ts('Sold out') . ')</span>';
- }
}
if (!empty($qf->_membershipBlock) && $field->name == 'contribution_amount') {
$choice['-1'] = ts('No thank you');
@@ -467,6 +460,14 @@ class CRM_Price_BAO_PriceField extends CRM_Price_DAO_PriceField {
}
$element = &$qf->addRadio($elementName, $label, $choice, [], NULL, FALSE, $choiceAttrs);
+ foreach ($element->getElements() as $radioElement) {
+ // CRM-6902 - Add "max" option for a price set field
+ if (in_array($radioElement->getValue(), $freezeOptions)) {
+ self::freezeIfEnabled($radioElement, $customOption[$radioElement->getValue()]);
+ // CRM-14696 - Improve display for sold out price set options
+ $radioElement->setText('<span class="sold-out-option">' . $radioElement->getText() . ' (' . ts('Sold out') . ')</span>');
+ }
+ }
// make contribution field required for quick config when membership block is enabled
if (($field->name == 'membership_amount' || $field->name == 'contribution_amount')
diff --git a/civicrm/CRM/Upgrade/Incremental/sql/5.36.1.mysql.tpl b/civicrm/CRM/Upgrade/Incremental/sql/5.36.1.mysql.tpl
new file mode 100644
index 0000000000000000000000000000000000000000..be3c0315ccf8ccec703a52c38616bbbc5f4eebd3
--- /dev/null
+++ b/civicrm/CRM/Upgrade/Incremental/sql/5.36.1.mysql.tpl
@@ -0,0 +1 @@
+{* file to handle db changes in 5.36.1 during upgrade *}
diff --git a/civicrm/Civi/Api4/Query/Api4SelectQuery.php b/civicrm/Civi/Api4/Query/Api4SelectQuery.php
index e588e710853bc946af3c6f5631f5c3338b1c447c..894d14e07b1c1feb9e7cb06fee6c0f3fc460c941 100644
--- a/civicrm/Civi/Api4/Query/Api4SelectQuery.php
+++ b/civicrm/Civi/Api4/Query/Api4SelectQuery.php
@@ -81,6 +81,11 @@ class Api4SelectQuery {
*/
private $explicitJoins = [];
+ /**
+ * @var array
+ */
+ private $entityAccess = [];
+
/**
* @param \Civi\Api4\Generic\DAOGetAction $apiGet
*/
@@ -100,6 +105,8 @@ class Api4SelectQuery {
$tableName = CoreUtil::getTableName($this->getEntity());
$this->query = \CRM_Utils_SQL_Select::from($tableName . ' ' . self::MAIN_TABLE_ALIAS);
+ $this->entityAccess[$this->getEntity()] = TRUE;
+
// Add ACLs first to avoid redundant subclauses
$baoName = CoreUtil::getBAOFromApiName($this->getEntity());
$this->query->where($this->getAclClause(self::MAIN_TABLE_ALIAS, $baoName));
@@ -566,6 +573,25 @@ class Api4SelectQuery {
return $field;
}
+ /**
+ * Check the "gatekeeper" permissions for performing "get" on a given entity.
+ *
+ * @param $entity
+ * @return bool
+ */
+ public function checkEntityAccess($entity) {
+ if (!$this->getCheckPermissions()) {
+ return TRUE;
+ }
+ if (!isset($this->entityAccess[$entity])) {
+ $this->entityAccess[$entity] = (bool) civicrm_api4($entity, 'getActions', [
+ 'where' => [['name', '=', 'get']],
+ 'select' => ['name'],
+ ])->first();
+ }
+ return $this->entityAccess[$entity];
+ }
+
/**
* Join onto other entities as specified by the api call.
*
@@ -578,6 +604,10 @@ class Api4SelectQuery {
$entity = array_shift($join);
// Which might contain an alias. Split on the keyword "AS"
list($entity, $alias) = array_pad(explode(' AS ', $entity), 2, NULL);
+ // Ensure permissions
+ if (!$this->checkEntityAccess($entity)) {
+ continue;
+ }
// Ensure alias is a safe string, and supply default if not given
$alias = $alias ? \CRM_Utils_String::munge($alias, '_', 256) : strtolower($entity);
// First item in the array is a boolean indicating if the join is required (aka INNER or LEFT).
diff --git a/civicrm/Civi/Api4/Service/Schema/Joiner.php b/civicrm/Civi/Api4/Service/Schema/Joiner.php
index a412d6571c2bcd947975c84f3dc0f141169ea4dd..ce92405683f640478139721b950218231c8a225e 100644
--- a/civicrm/Civi/Api4/Service/Schema/Joiner.php
+++ b/civicrm/Civi/Api4/Service/Schema/Joiner.php
@@ -19,7 +19,9 @@
namespace Civi\Api4\Service\Schema;
+use Civi\API\Exception\UnauthorizedException;
use Civi\Api4\Query\Api4SelectQuery;
+use Civi\Api4\Utils\CoreUtil;
class Joiner {
/**
@@ -70,9 +72,14 @@ class Joiner {
foreach ($fullPath as $link) {
$target = $link->getTargetTable();
$alias = $link->getAlias();
- $bao = \CRM_Core_DAO_AllCoreTables::getBAOClassName(\CRM_Core_DAO_AllCoreTables::getClassForTable($target));
+ $joinEntity = CoreUtil::getApiNameFromTableName($target);
+
+ if ($joinEntity && !$query->checkEntityAccess($joinEntity)) {
+ throw new UnauthorizedException('Cannot join to ' . $joinEntity);
+ }
+
+ $bao = $joinEntity ? CoreUtil::getBAOFromApiName($joinEntity) : NULL;
$conditions = $link->getConditionsForJoin($baseTableAlias);
- // Custom fields do not have a bao, and currently do not have field-specific ACLs
if ($bao) {
$conditions = array_merge($conditions, $query->getAclClause($alias, $bao, $joinPath));
}
diff --git a/civicrm/api/v3/Generic/Getlist.php b/civicrm/api/v3/Generic/Getlist.php
index 917922806db6bb1d7b3ff4e3024c0ca2b69c02fb..91a55b0aa3153b436be5d0de1d95cb57fcc7c473 100644
--- a/civicrm/api/v3/Generic/Getlist.php
+++ b/civicrm/api/v3/Generic/Getlist.php
@@ -24,7 +24,7 @@
function civicrm_api3_generic_getList($apiRequest) {
$entity = CRM_Core_DAO_AllCoreTables::convertEntityNameToLower($apiRequest['entity']);
$request = $apiRequest['params'];
- $meta = civicrm_api3_generic_getfields(['action' => 'get'] + $apiRequest, FALSE);
+ $meta = civicrm_api3_generic_getfields(['action' => 'get'] + $apiRequest, FALSE)['values'];
// If the user types an integer into the search
$forceIdSearch = empty($request['id']) && !empty($request['input']) && CRM_Utils_Rule::positiveInteger($request['input']);
@@ -40,7 +40,7 @@ function civicrm_api3_generic_getList($apiRequest) {
// Hey api, would you like to provide default values?
$fnName = "_civicrm_api3_{$entity}_getlist_defaults";
$defaults = function_exists($fnName) ? $fnName($request) : [];
- _civicrm_api3_generic_getList_defaults($entity, $request, $defaults, $meta['values']);
+ _civicrm_api3_generic_getList_defaults($entity, $request, $defaults, $meta);
// Hey api, would you like to format the search params?
$fnName = "_civicrm_api3_{$entity}_getlist_params";
@@ -78,7 +78,7 @@ function civicrm_api3_generic_getList($apiRequest) {
// Hey api, would you like to format the output?
$fnName = "_civicrm_api3_{$entity}_getlist_output";
$fnName = function_exists($fnName) ? $fnName : '_civicrm_api3_generic_getlist_output';
- $values = $fnName($result, $request, $entity, $meta['values']);
+ $values = $fnName($result, $request, $entity, $meta);
_civicrm_api3_generic_getlist_postprocess($result, $request, $values);
diff --git a/civicrm/civicrm-version.php b/civicrm/civicrm-version.php
index 56d1f9e34e82c1956c5e1dcf9bac83471fa18204..b9fdd61e0e91dcf4f4f28ca484d0c4d907378688 100644
--- a/civicrm/civicrm-version.php
+++ b/civicrm/civicrm-version.php
@@ -1,7 +1,7 @@
<?php
/** @deprecated */
function civicrmVersion( ) {
- return array( 'version' => '5.36.0',
+ return array( 'version' => '5.36.1',
'cms' => 'Wordpress',
'revision' => '' );
}
diff --git a/civicrm/composer.lock b/civicrm/composer.lock
index 156effe2551613b8c02f247caab31917bf80f32a..b8e248fbf55f227dd74db227a01bbbef1a6711b9 100644
--- a/civicrm/composer.lock
+++ b/civicrm/composer.lock
@@ -24,6 +24,11 @@
"dflydev/apache-mime-types": "^1.0"
},
"type": "library",
+ "extra": {
+ "patches_applied": {
+ "Update gitignore to ensure that sites that manage via git don't miss out on the important db.json file": "https://patch-diff.githubusercontent.com/raw/adrienrn/php-mimetyper/pull/15.patch"
+ }
+ },
"autoload": {
"psr-4": {
"MimeTyper\\": "src/"
@@ -40,12 +45,7 @@
}
],
"description": "PHP mime type and extension mapping library: compatible with Symfony, powered by jshttp/mime-db",
- "time": "2018-09-27T09:45:05+00:00",
- "extra": {
- "patches_applied": {
- "Update gitignore to ensure that sites that manage via git don't miss out on the important db.json file": "https://patch-diff.githubusercontent.com/raw/adrienrn/php-mimetyper/pull/15.patch"
- }
- }
+ "time": "2018-09-27T09:45:05+00:00"
},
{
"name": "brick/math",
@@ -91,12 +91,6 @@
"brick",
"math"
],
- "funding": [
- {
- "url": "https://tidelift.com/funding/github/packagist/brick/math",
- "type": "tidelift"
- }
- ],
"time": "2020-04-15T15:59:35+00:00"
},
{
@@ -143,12 +137,6 @@
"currency",
"money"
],
- "funding": [
- {
- "url": "https://tidelift.com/funding/github/packagist/brick/money",
- "type": "tidelift"
- }
- ],
"time": "2020-05-31T14:17:02+00:00"
},
{
@@ -411,6 +399,10 @@
}
],
"description": "Define a 'compile' event for all packages in the dependency-graph",
+ "support": {
+ "issues": "https://github.com/civicrm/composer-compile-plugin/issues",
+ "source": "https://github.com/civicrm/composer-compile-plugin/tree/v0.15"
+ },
"time": "2021-01-13T05:12:30+00:00"
},
{
@@ -646,6 +638,11 @@
"shasum": ""
},
"type": "library",
+ "extra": {
+ "patches_applied": {
+ "PHP7.4 Fix for array access using {} instead of []": "https://raw.githubusercontent.com/civicrm/civicrm-core/fe45bdfc4f3e3d3deb27e3d853cdbc7f616620a9/tools/scripts/composer/patches/php74_array_access_fix_phpquery.patch"
+ }
+ },
"autoload": {
"classmap": [
"phpQuery/"
@@ -669,12 +666,7 @@
],
"description": "phpQuery is a server-side, chainable, CSS3 selector driven Document Object Model (DOM) API based on jQuery JavaScript Library",
"homepage": "http://code.google.com/p/phpquery/",
- "time": "2013-03-21T12:39:33+00:00",
- "extra": {
- "patches_applied": {
- "PHP7.4 Fix for array access using {} instead of []": "https://raw.githubusercontent.com/civicrm/civicrm-core/fe45bdfc4f3e3d3deb27e3d853cdbc7f616620a9/tools/scripts/composer/patches/php74_array_access_fix_phpquery.patch"
- }
- }
+ "time": "2013-03-21T12:39:33+00:00"
},
{
"name": "firebase/php-jwt",
@@ -1381,6 +1373,11 @@
"pear/pear-core-minimal": "*"
},
"type": "library",
+ "extra": {
+ "patches_applied": {
+ "Apply CiviCRM Customisations for the pear:db package": "https://raw.githubusercontent.com/civicrm/civicrm-core/a48a43c2b5f6d694fff1cfb99d522c5d9e2459a0/tools/scripts/composer/pear_db_civicrm_changes.patch"
+ }
+ },
"autoload": {
"psr-0": {
"DB": "./"
@@ -1416,12 +1413,7 @@
}
],
"description": "More info available on: http://pear.php.net/package/DB",
- "time": "2020-04-19T19:45:59+00:00",
- "extra": {
- "patches_applied": {
- "Apply CiviCRM Customisations for the pear:db package": "https://raw.githubusercontent.com/civicrm/civicrm-core/a48a43c2b5f6d694fff1cfb99d522c5d9e2459a0/tools/scripts/composer/pear_db_civicrm_changes.patch"
- }
- }
+ "time": "2020-04-19T19:45:59+00:00"
},
{
"name": "pear/log",
@@ -1501,6 +1493,11 @@
"pear/net_smtp": "Install optionally via your project's composer.json"
},
"type": "library",
+ "extra": {
+ "patches_applied": {
+ "Apply CiviCRM Customisations for CRM-1367 and CRM-5946": "https://raw.githubusercontent.com/civicrm/civicrm-core/36319938a5bf26c1e7e2110a26a65db6a5979268/tools/scripts/composer/patches/pear-mail.patch"
+ }
+ },
"autoload": {
"psr-0": {
"Mail": "./"
@@ -1532,12 +1529,7 @@
],
"description": "Class that provides multiple interfaces for sending emails.",
"homepage": "http://pear.php.net/package/Mail",
- "time": "2017-04-11T17:27:29+00:00",
- "extra": {
- "patches_applied": {
- "Apply CiviCRM Customisations for CRM-1367 and CRM-5946": "https://raw.githubusercontent.com/civicrm/civicrm-core/36319938a5bf26c1e7e2110a26a65db6a5979268/tools/scripts/composer/patches/pear-mail.patch"
- }
- }
+ "time": "2017-04-11T17:27:29+00:00"
},
{
"name": "pear/mail_mime",
@@ -1557,6 +1549,11 @@
"pear/pear-core-minimal": "*"
},
"type": "library",
+ "extra": {
+ "patches_applied": {
+ "Apply patch for CRM-3133 wordwrap body to be 750 characters to apply with RFC 2821": "https://raw.githubusercontent.com/civicrm/civicrm-core/74e25f27bb3be32519657539afe8a285c6c99a08/tools/scripts/composer/patches/mail_mime_crm_3133.patch"
+ }
+ },
"autoload": {
"psr-0": {
"Mail": "./"
@@ -1583,12 +1580,7 @@
],
"description": "Mail_Mime provides classes to create MIME messages",
"homepage": "http://pear.php.net/package/Mail_Mime",
- "time": "2020-06-27T08:35:27+00:00",
- "extra": {
- "patches_applied": {
- "Apply patch for CRM-3133 wordwrap body to be 750 characters to apply with RFC 2821": "https://raw.githubusercontent.com/civicrm/civicrm-core/74e25f27bb3be32519657539afe8a285c6c99a08/tools/scripts/composer/patches/mail_mime_crm_3133.patch"
- }
- }
+ "time": "2020-06-27T08:35:27+00:00"
},
{
"name": "pear/net_smtp",
@@ -1616,6 +1608,11 @@
"pear/auth_sasl": "Install optionally via your project's composer.json"
},
"type": "library",
+ "extra": {
+ "patches_applied": {
+ "Add in CiviCRM custom error message for CRM-8744": "https://raw.githubusercontent.com/civicrm/civicrm-core/a6a0ff13d2a155ad962529595dceaef728116f96/tools/scripts/composer/patches/net-smtp-patch.patch"
+ }
+ },
"autoload": {
"psr-0": {
"Net": "./"
@@ -1648,12 +1645,7 @@
"mail",
"smtp"
],
- "time": "2019-11-30T23:40:31+00:00",
- "extra": {
- "patches_applied": {
- "Add in CiviCRM custom error message for CRM-8744": "https://raw.githubusercontent.com/civicrm/civicrm-core/a6a0ff13d2a155ad962529595dceaef728116f96/tools/scripts/composer/patches/net-smtp-patch.patch"
- }
- }
+ "time": "2019-11-30T23:40:31+00:00"
},
{
"name": "pear/net_socket",
@@ -1955,6 +1947,11 @@
"squizlabs/php_codesniffer": "2.*"
},
"type": "library",
+ "extra": {
+ "patches_applied": {
+ "Fix handling of libxml_disable_entity_loader": "https://raw.githubusercontent.com/civicrm/civicrm-core/9d93748a36c7c5d44422911db1c98fb2f7067b34/tools/scripts/composer/patches/phpoffice-common-xml-entity-fix.patch"
+ }
+ },
"autoload": {
"psr-4": {
"PhpOffice\\Common\\": "src/Common/"
@@ -1981,12 +1978,7 @@
"office",
"php"
],
- "time": "2018-07-13T14:12:34+00:00",
- "extra": {
- "patches_applied": {
- "Fix handling of libxml_disable_entity_loader": "https://raw.githubusercontent.com/civicrm/civicrm-core/9d93748a36c7c5d44422911db1c98fb2f7067b34/tools/scripts/composer/patches/phpoffice-common-xml-entity-fix.patch"
- }
- }
+ "time": "2018-07-13T14:12:34+00:00"
},
{
"name": "phpoffice/phpword",
@@ -2102,16 +2094,16 @@
},
{
"name": "phpseclib/phpseclib",
- "version": "2.0.31",
+ "version": "2.0.29",
"source": {
"type": "git",
"url": "https://github.com/phpseclib/phpseclib.git",
- "reference": "233a920cb38636a43b18d428f9a8db1f0a1a08f4"
+ "reference": "497856a8d997f640b4a516062f84228a772a48a8"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/233a920cb38636a43b18d428f9a8db1f0a1a08f4",
- "reference": "233a920cb38636a43b18d428f9a8db1f0a1a08f4",
+ "url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/497856a8d997f640b4a516062f84228a772a48a8",
+ "reference": "497856a8d997f640b4a516062f84228a772a48a8",
"shasum": ""
},
"require": {
@@ -2119,7 +2111,7 @@
},
"require-dev": {
"phing/phing": "~2.7",
- "phpunit/phpunit": "^4.8.35|^5.7|^6.0|^9.4",
+ "phpunit/phpunit": "^4.8.35|^5.7|^6.0",
"squizlabs/php_codesniffer": "~2.0"
},
"suggest": {
@@ -2203,7 +2195,7 @@
"type": "tidelift"
}
],
- "time": "2021-04-06T13:56:45+00:00"
+ "time": "2020-09-08T04:24:43+00:00"
},
{
"name": "psr/cache",
@@ -2654,20 +2646,6 @@
],
"description": "Symfony Config Component",
"homepage": "https://symfony.com",
- "funding": [
- {
- "url": "https://symfony.com/sponsor",
- "type": "custom"
- },
- {
- "url": "https://github.com/fabpot",
- "type": "github"
- },
- {
- "url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
- "type": "tidelift"
- }
- ],
"time": "2020-04-12T14:33:46+00:00"
},
{
@@ -2739,20 +2717,6 @@
],
"description": "Symfony DependencyInjection Component",
"homepage": "https://symfony.com",
- "funding": [
- {
- "url": "https://symfony.com/sponsor",
- "type": "custom"
- },
- {
- "url": "https://github.com/fabpot",
- "type": "github"
- },
- {
- "url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
- "type": "tidelift"
- }
- ],
"time": "2020-04-13T09:33:40+00:00"
},
{
@@ -2816,20 +2780,6 @@
],
"description": "Symfony EventDispatcher Component",
"homepage": "https://symfony.com",
- "funding": [
- {
- "url": "https://symfony.com/sponsor",
- "type": "custom"
- },
- {
- "url": "https://github.com/fabpot",
- "type": "github"
- },
- {
- "url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
- "type": "tidelift"
- }
- ],
"time": "2020-03-15T09:38:08+00:00"
},
{
@@ -2880,20 +2830,6 @@
],
"description": "Symfony Filesystem Component",
"homepage": "https://symfony.com",
- "funding": [
- {
- "url": "https://symfony.com/sponsor",
- "type": "custom"
- },
- {
- "url": "https://github.com/fabpot",
- "type": "github"
- },
- {
- "url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
- "type": "tidelift"
- }
- ],
"time": "2020-04-12T16:54:01+00:00"
},
{
@@ -3001,20 +2937,6 @@
"polyfill",
"portable"
],
- "funding": [
- {
- "url": "https://symfony.com/sponsor",
- "type": "custom"
- },
- {
- "url": "https://github.com/fabpot",
- "type": "github"
- },
- {
- "url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
- "type": "tidelift"
- }
- ],
"time": "2020-05-12T16:14:59+00:00"
},
{
@@ -3074,20 +2996,6 @@
"portable",
"shim"
],
- "funding": [
- {
- "url": "https://symfony.com/sponsor",
- "type": "custom"
- },
- {
- "url": "https://github.com/fabpot",
- "type": "github"
- },
- {
- "url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
- "type": "tidelift"
- }
- ],
"time": "2020-05-12T16:47:27+00:00"
},
{
@@ -3150,20 +3058,6 @@
"portable",
"shim"
],
- "funding": [
- {
- "url": "https://symfony.com/sponsor",
- "type": "custom"
- },
- {
- "url": "https://github.com/fabpot",
- "type": "github"
- },
- {
- "url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
- "type": "tidelift"
- }
- ],
"time": "2020-05-12T16:47:27+00:00"
},
{
@@ -3292,20 +3186,6 @@
"portable",
"shim"
],
- "funding": [
- {
- "url": "https://symfony.com/sponsor",
- "type": "custom"
- },
- {
- "url": "https://github.com/fabpot",
- "type": "github"
- },
- {
- "url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
- "type": "tidelift"
- }
- ],
"time": "2020-05-12T16:47:27+00:00"
},
{
@@ -3355,20 +3235,6 @@
],
"description": "Symfony Process Component",
"homepage": "https://symfony.com",
- "funding": [
- {
- "url": "https://symfony.com/sponsor",
- "type": "custom"
- },
- {
- "url": "https://github.com/fabpot",
- "type": "github"
- },
- {
- "url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
- "type": "tidelift"
- }
- ],
"time": "2020-04-12T14:33:46+00:00"
},
{
@@ -3969,6 +3835,11 @@
"zetacomponents/unit-test": "*"
},
"type": "library",
+ "extra": {
+ "patches_applied": {
+ "CiviCRM Custom Patches for ZetaCompoents mail": "https://raw.githubusercontent.com/civicrm/civicrm-core/9d93748a36c7c5d44422911db1c98fb2f7067b34/tools/scripts/composer/patches/civicrm-custom-patches-zetacompoents-mail.patch"
+ }
+ },
"autoload": {
"classmap": [
"src"
@@ -4021,12 +3892,7 @@
],
"description": "The component allows you construct and/or parse Mail messages conforming to the mail standard. It has support for attachments, multipart messages and HTML mail. It also interfaces with SMTP to send mail or IMAP, POP3 or mbox to retrieve e-mail.",
"homepage": "https://github.com/zetacomponents",
- "time": "2020-06-13T12:38:26+00:00",
- "extra": {
- "patches_applied": {
- "CiviCRM Custom Patches for ZetaCompoents mail": "https://raw.githubusercontent.com/civicrm/civicrm-core/9d93748a36c7c5d44422911db1c98fb2f7067b34/tools/scripts/composer/patches/civicrm-custom-patches-zetacompoents-mail.patch"
- }
- }
+ "time": "2020-06-13T12:38:26+00:00"
}
],
"packages-dev": [],
diff --git a/civicrm/release-notes.md b/civicrm/release-notes.md
index d89c4d61ae38de5a6742ba4b4fe2f207f71cb5b1..ba3f5d08e810a56ac87bdd8b97a1b46c4fe03193 100644
--- a/civicrm/release-notes.md
+++ b/civicrm/release-notes.md
@@ -15,6 +15,25 @@ Other resources for identifying changes are:
* https://github.com/civicrm/civicrm-joomla
* https://github.com/civicrm/civicrm-wordpress
+## CiviCRM 5.36.1
+
+Released April 21, 2021
+
+- **[Synopsis](release-notes/5.36.1.md#synopsis)**
+- **[Security advisories](release-notes/5.36.1.md#security)**
+- **[Bugs resolved](release-notes/5.36.1.md#bugs)**
+- **[Credits](release-notes/5.36.1.md#credits)**
+- **[Feedback](release-notes/5.36.1.md#feedback)**
+
+## CiviCRM 5.35.2
+
+Released April 21, 2021
+
+- **[Synopsis](release-notes/5.35.2.md#synopsis)**
+- **[Security advisories](release-notes/5.35.2.md#security)**
+- **[Credits](release-notes/5.35.2.md#credits)**
+- **[Feedback](release-notes/5.35.2.md#feedback)**
+
## CiviCRM 5.36.0
Released April 7, 2021
diff --git a/civicrm/release-notes/5.35.2.md b/civicrm/release-notes/5.35.2.md
new file mode 100644
index 0000000000000000000000000000000000000000..ba71f7fb9997730f6056ce1d0ef6f0cbb8a71017
--- /dev/null
+++ b/civicrm/release-notes/5.35.2.md
@@ -0,0 +1,39 @@
+# CiviCRM 5.35.2
+
+Released April 21, 2021
+
+- **[Synopsis](#synopsis)**
+- **[Bugs resolved](#bugs)**
+- **[Credits](#credits)**
+- **[Feedback](#feedback)**
+
+## <a name="synopsis"></a>Synopsis
+
+| *Does this version...?* | |
+| --------------------------------------------------------------- | -------- |
+| Change the database schema? | no |
+| Alter the API? | no |
+| Require attention to configuration options? | no |
+| Fix problems installing or upgrading to a previous version? | no |
+| Introduce features? | no |
+| **Fix bugs?** | **yes** |
+
+## <a name="security"></a>Security advisories
+
+- **[CIVI-SA-2021-08](https://civicrm.org/advisory/civi-sa-2021-08-access-bypass-apiv4)**: Access Bypass in APIv4
+
+## <a name="credits"></a>Credits
+
+Special support from Deutsche Gesellschaft für Internationale Zusammenarbeit
+GmbH contributed significantly to this release and other contemporaneous
+security improvements.
+
+This release was developed by the following authors and reviewers:
+
+JMA Consulting - Seamus Lee; CiviCRM - Coleman Watts;
+
+## <a name="feedback"></a>Feedback
+
+These release notes are edited by Tim Otten and Andrew Hunt. If you'd like to
+provide feedback on them, please login to https://chat.civicrm.org/civicrm and
+contact `@agh1`.
diff --git a/civicrm/release-notes/5.36.1.md b/civicrm/release-notes/5.36.1.md
new file mode 100644
index 0000000000000000000000000000000000000000..5025300a5f22b431f2c3b551c0072f59d40c5412
--- /dev/null
+++ b/civicrm/release-notes/5.36.1.md
@@ -0,0 +1,51 @@
+# CiviCRM 5.36.1
+
+Released April 21, 2021
+
+- **[Synopsis](#synopsis)**
+- **[Bugs resolved](#bugs)**
+- **[Credits](#credits)**
+- **[Feedback](#feedback)**
+
+## <a name="synopsis"></a>Synopsis
+
+| *Does this version...?* | |
+| --------------------------------------------------------------- | -------- |
+| Change the database schema? | no |
+| Alter the API? | no |
+| Require attention to configuration options? | no |
+| **Fix problems installing or upgrading to a previous version?** | **yes** |
+| Introduce features? | no |
+| **Fix bugs?** | **yes** |
+
+## <a name="security"></a>Security advisories
+
+- **[CIVI-SA-2021-08](https://civicrm.org/advisory/civi-sa-2021-08-access-bypass-apiv4)**: Access Bypass in APIv4
+
+## <a name="bugs"></a>Bugs resolved
+
+* **_CiviContribute_: Fix incorrect truncation of payment amount on certain processors ([dev/core#2493](https://lab.civicrm.org/dev/core/-/issues/2493): [#20040](https://github.com/civicrm/civicrm-core/pull/20040))**
+* **_CiviEvent_: Fix issue with "Sold Out" options not being properly frozen when options are displayed as radio ([dev/event#53](https://lab.civicrm.org/dev/event/-/issues/53): [#20073](https://github.com/civicrm/civicrm-core/pull/20073))**
+* **_CiviMember_: Fix soft crediting for memberships when created via back office form ([#20025](https://github.com/civicrm/civicrm-core/pull/20025))**
+* **_CiviMember_: Fix editing memberships when no payments have been created ([dev/core#2543](https://lab.civicrm.org/dev/core/-/issues/2543): [#20083](https://github.com/civicrm/civicrm-core/pull/20083))**
+* **_Dedupe_: Fix saving of dedupe rules ([dev/core#2498](https://lab.civicrm.org/dev/core/-/issues/2498): [#20071](https://github.com/civicrm/civicrm-core/pull/20071))**
+* **_Search Kit_: Fix finding Soft Credit Contact by contact ID ([dev/core#2532](https://lab.civicrm.org/dev/core/-/issues/2532): [#20050](https://github.com/civicrm/civicrm-core/pull/20050))**
+
+## <a name="credits"></a>Credits
+
+Special support from Deutsche Gesellschaft für Internationale Zusammenarbeit
+GmbH contributed significantly to this release and other contemporaneous
+security improvements.
+
+This release was developed by the following authors and reviewers:
+
+Wikimedia Foundation - Eileen McNaughton; MJW Consulting - Matthew Wire; Korlon - Stuart
+Gaston; Greenleaf Advancement Partners - Bruce Thompson; JMA Consulting - Seamus Lee;
+Fuzion - Jitendra Purohit; Coop SymbioTIC - Stéphane Lussier, Mathieu Lutfy; CiviCRM -
+Tim Otten, Coleman Watts; Agileware - Justin Freeman
+
+## <a name="feedback"></a>Feedback
+
+These release notes are edited by Tim Otten and Andrew Hunt. If you'd like to
+provide feedback on them, please login to https://chat.civicrm.org/civicrm and
+contact `@agh1`.
diff --git a/civicrm/sql/civicrm_data.mysql b/civicrm/sql/civicrm_data.mysql
index ec08e922a53a6f2834745fcfcd09fef5363e2c65..39dfb4422cc8fb29568e72999da85d14681caa17 100644
--- a/civicrm/sql/civicrm_data.mysql
+++ b/civicrm/sql/civicrm_data.mysql
@@ -23873,4 +23873,4 @@ INSERT INTO `civicrm_report_instance`
( `domain_id`, `title`, `report_id`, `description`, `permission`, `form_values`)
VALUES
( @domainID, 'Survey Details', 'survey/detail', 'Detailed report for canvassing, phone-banking, walk lists or other surveys.', 'access CiviReport', 'a:39:{s:6:"fields";a:2:{s:9:"sort_name";s:1:"1";s:6:"result";s:1:"1";}s:22:"assignee_contact_id_op";s:2:"eq";s:25:"assignee_contact_id_value";s:0:"";s:12:"sort_name_op";s:3:"has";s:15:"sort_name_value";s:0:"";s:17:"street_number_min";s:0:"";s:17:"street_number_max";s:0:"";s:16:"street_number_op";s:3:"lte";s:19:"street_number_value";s:0:"";s:14:"street_name_op";s:3:"has";s:17:"street_name_value";s:0:"";s:15:"postal_code_min";s:0:"";s:15:"postal_code_max";s:0:"";s:14:"postal_code_op";s:3:"lte";s:17:"postal_code_value";s:0:"";s:7:"city_op";s:3:"has";s:10:"city_value";s:0:"";s:20:"state_province_id_op";s:2:"in";s:23:"state_province_id_value";a:0:{}s:13:"country_id_op";s:2:"in";s:16:"country_id_value";a:0:{}s:12:"survey_id_op";s:2:"in";s:15:"survey_id_value";a:0:{}s:12:"status_id_op";s:2:"eq";s:15:"status_id_value";s:1:"1";s:11:"custom_1_op";s:2:"in";s:14:"custom_1_value";a:0:{}s:11:"custom_2_op";s:2:"in";s:14:"custom_2_value";a:0:{}s:17:"custom_3_relative";s:1:"0";s:13:"custom_3_from";s:0:"";s:11:"custom_3_to";s:0:"";s:11:"description";s:75:"Detailed report for canvassing, phone-banking, walk lists or other surveys.";s:13:"email_subject";s:0:"";s:8:"email_to";s:0:"";s:8:"email_cc";s:0:"";s:10:"permission";s:17:"access CiviReport";s:6:"groups";s:0:"";s:9:"domain_id";i:1;}');
-UPDATE civicrm_domain SET version = '5.36.0';
+UPDATE civicrm_domain SET version = '5.36.1';
diff --git a/civicrm/sql/civicrm_generated.mysql b/civicrm/sql/civicrm_generated.mysql
index 71b8c6a6adb23f623403f12bd00c21698c3a3ded..d31287bcc06bc591be5ecaf5a95221fdd0461ae3 100644
--- a/civicrm/sql/civicrm_generated.mysql
+++ b/civicrm/sql/civicrm_generated.mysql
@@ -399,7 +399,7 @@ UNLOCK TABLES;
LOCK TABLES `civicrm_domain` WRITE;
/*!40000 ALTER TABLE `civicrm_domain` DISABLE KEYS */;
-INSERT INTO `civicrm_domain` (`id`, `name`, `description`, `version`, `contact_id`, `locales`, `locale_custom_strings`) VALUES (1,'Default Domain Name',NULL,'5.36.0',1,NULL,'a:1:{s:5:\"en_US\";a:0:{}}');
+INSERT INTO `civicrm_domain` (`id`, `name`, `description`, `version`, `contact_id`, `locales`, `locale_custom_strings`) VALUES (1,'Default Domain Name',NULL,'5.36.1',1,NULL,'a:1:{s:5:\"en_US\";a:0:{}}');
/*!40000 ALTER TABLE `civicrm_domain` ENABLE KEYS */;
UNLOCK TABLES;
diff --git a/civicrm/vendor/autoload.php b/civicrm/vendor/autoload.php
index cf671454a156119641e4f43ba14a9fc5db4fb21e..9b7fe927fe255fa9d77d075481ab5831bf3528a7 100644
--- a/civicrm/vendor/autoload.php
+++ b/civicrm/vendor/autoload.php
@@ -4,4 +4,4 @@
require_once __DIR__ . '/composer/autoload_real.php';
-return ComposerAutoloaderInita14ae5914bcd3e4eec4eb20d17f602b6::getLoader();
+return ComposerAutoloaderInit0dbc77f5b64a42583beba4f4cba7283d::getLoader();
diff --git a/civicrm/vendor/composer/autoload_real.php b/civicrm/vendor/composer/autoload_real.php
index 06abcf17a6b75fffccf73b1c5b48e59fe49d5a07..800c33e8625a2328cfecaeac3b7a17c09097cf65 100644
--- a/civicrm/vendor/composer/autoload_real.php
+++ b/civicrm/vendor/composer/autoload_real.php
@@ -2,7 +2,7 @@
// autoload_real.php @generated by Composer
-class ComposerAutoloaderInita14ae5914bcd3e4eec4eb20d17f602b6
+class ComposerAutoloaderInit0dbc77f5b64a42583beba4f4cba7283d
{
private static $loader;
@@ -19,9 +19,9 @@ class ComposerAutoloaderInita14ae5914bcd3e4eec4eb20d17f602b6
return self::$loader;
}
- spl_autoload_register(array('ComposerAutoloaderInita14ae5914bcd3e4eec4eb20d17f602b6', 'loadClassLoader'), true, true);
+ spl_autoload_register(array('ComposerAutoloaderInit0dbc77f5b64a42583beba4f4cba7283d', 'loadClassLoader'), true, true);
self::$loader = $loader = new \Composer\Autoload\ClassLoader();
- spl_autoload_unregister(array('ComposerAutoloaderInita14ae5914bcd3e4eec4eb20d17f602b6', 'loadClassLoader'));
+ spl_autoload_unregister(array('ComposerAutoloaderInit0dbc77f5b64a42583beba4f4cba7283d', 'loadClassLoader'));
$includePaths = require __DIR__ . '/include_paths.php';
$includePaths[] = get_include_path();
@@ -31,7 +31,7 @@ class ComposerAutoloaderInita14ae5914bcd3e4eec4eb20d17f602b6
if ($useStaticLoader) {
require_once __DIR__ . '/autoload_static.php';
- call_user_func(\Composer\Autoload\ComposerStaticInita14ae5914bcd3e4eec4eb20d17f602b6::getInitializer($loader));
+ call_user_func(\Composer\Autoload\ComposerStaticInit0dbc77f5b64a42583beba4f4cba7283d::getInitializer($loader));
} else {
$map = require __DIR__ . '/autoload_namespaces.php';
foreach ($map as $namespace => $path) {
@@ -52,19 +52,19 @@ class ComposerAutoloaderInita14ae5914bcd3e4eec4eb20d17f602b6
$loader->register(true);
if ($useStaticLoader) {
- $includeFiles = Composer\Autoload\ComposerStaticInita14ae5914bcd3e4eec4eb20d17f602b6::$files;
+ $includeFiles = Composer\Autoload\ComposerStaticInit0dbc77f5b64a42583beba4f4cba7283d::$files;
} else {
$includeFiles = require __DIR__ . '/autoload_files.php';
}
foreach ($includeFiles as $fileIdentifier => $file) {
- composerRequirea14ae5914bcd3e4eec4eb20d17f602b6($fileIdentifier, $file);
+ composerRequire0dbc77f5b64a42583beba4f4cba7283d($fileIdentifier, $file);
}
return $loader;
}
}
-function composerRequirea14ae5914bcd3e4eec4eb20d17f602b6($fileIdentifier, $file)
+function composerRequire0dbc77f5b64a42583beba4f4cba7283d($fileIdentifier, $file)
{
if (empty($GLOBALS['__composer_autoload_files'][$fileIdentifier])) {
require $file;
diff --git a/civicrm/vendor/composer/autoload_static.php b/civicrm/vendor/composer/autoload_static.php
index dc1ca3a4dbe0bd9bb3d1ec255a4fad0d328b4ca8..1346d90af9139a5fed0ed906022628d29835f799 100644
--- a/civicrm/vendor/composer/autoload_static.php
+++ b/civicrm/vendor/composer/autoload_static.php
@@ -4,7 +4,7 @@
namespace Composer\Autoload;
-class ComposerStaticInita14ae5914bcd3e4eec4eb20d17f602b6
+class ComposerStaticInit0dbc77f5b64a42583beba4f4cba7283d
{
public static $files = array (
'320cde22f66dd4f5d3fd621d3e88b98f' => __DIR__ . '/..' . '/symfony/polyfill-ctype/bootstrap.php',
@@ -575,11 +575,11 @@ class ComposerStaticInita14ae5914bcd3e4eec4eb20d17f602b6
public static function getInitializer(ClassLoader $loader)
{
return \Closure::bind(function () use ($loader) {
- $loader->prefixLengthsPsr4 = ComposerStaticInita14ae5914bcd3e4eec4eb20d17f602b6::$prefixLengthsPsr4;
- $loader->prefixDirsPsr4 = ComposerStaticInita14ae5914bcd3e4eec4eb20d17f602b6::$prefixDirsPsr4;
- $loader->prefixesPsr0 = ComposerStaticInita14ae5914bcd3e4eec4eb20d17f602b6::$prefixesPsr0;
- $loader->fallbackDirsPsr0 = ComposerStaticInita14ae5914bcd3e4eec4eb20d17f602b6::$fallbackDirsPsr0;
- $loader->classMap = ComposerStaticInita14ae5914bcd3e4eec4eb20d17f602b6::$classMap;
+ $loader->prefixLengthsPsr4 = ComposerStaticInit0dbc77f5b64a42583beba4f4cba7283d::$prefixLengthsPsr4;
+ $loader->prefixDirsPsr4 = ComposerStaticInit0dbc77f5b64a42583beba4f4cba7283d::$prefixDirsPsr4;
+ $loader->prefixesPsr0 = ComposerStaticInit0dbc77f5b64a42583beba4f4cba7283d::$prefixesPsr0;
+ $loader->fallbackDirsPsr0 = ComposerStaticInit0dbc77f5b64a42583beba4f4cba7283d::$fallbackDirsPsr0;
+ $loader->classMap = ComposerStaticInit0dbc77f5b64a42583beba4f4cba7283d::$classMap;
}, null, ClassLoader::class);
}
diff --git a/civicrm/xml/version.xml b/civicrm/xml/version.xml
index e9905f2fe6ce34380a838eefd9bc44bd2c207442..b1d5876048d6d7e911bceca38eb236781ff357e8 100644
--- a/civicrm/xml/version.xml
+++ b/civicrm/xml/version.xml
@@ -1,4 +1,4 @@
<?xml version="1.0" encoding="iso-8859-1" ?>
<version>
- <version_no>5.36.0</version_no>
+ <version_no>5.36.1</version_no>
</version>