mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-10-09 03:56:24 +02:00
Code Issues Releases Wiki Activity
13,695 Commits 2 Branches 22 Tags
91f90202a48d45f901b60f22d66c53ae78c09a8e
Commit Graph

5330 Commits

Author SHA1 Message Date
Cameron
91f90202a4 Merge pull request #4732 from Jimmi08/load-bbcode-buttons-only-if-HTML-is-allowed-for-user 
Fixes #4708 load bbcode buttons only if posting HTML is allowed for user
 2022-04-01 11:13:31 -07:00
Cameron
c510885b43 Merge pull request #4735 from Jimmi08/rank-issue-for-first-level 
Fixes #4670 ranks issue for first level
 2022-04-01 11:06:05 -07:00
Cameron
025ff07aab Fixes #4737 Removal of type="text/javascript" and type="text/css" 2022-03-31 08:24:34 -07:00
Jimmi08
79a300e7bb #4670 ranks issue for first level 
CLOSES #4670
 2022-03-31 12:55:32 +02:00
Jimmi08
64dcf0c056 #4665 load bbcode buttons only if HTML is allowed for user 
CLOSES #4665

Tested scenarios:

- site wysiwyg on, html access  -  result tinymce
- site wysiwyg on,  no html access  - result bbcodes
- site wysiwyg off,  forum wysiwyg on,  no html access  - result bbcodes
- site wysiwyg off,  forum wysiwyg on,  html access  - result tinymce

It worked like this before too, but bbcodes were always rendered (not visible with tinymce)
 2022-03-31 12:22:04 +02:00
Cameron
e1059b8001 Fixes #4711 - BS4/5 button classes in TinyMce. 2022-03-27 12:10:41 -07:00
Cameron
f6d0164f94 Composer update. 2022-03-27 10:23:34 -07:00
Cameron
3d3b2ec85d PHP Notice fix. 2022-03-15 13:48:32 -07:00
Cameron
748fd4b9b6 Fixes #4700 - linkwords inconsistencies. 2022-03-12 11:50:27 -08:00
Cameron
7fd6fdf478 Fixes #3778 - SEF URL issue on custom page comments. Also introduces pageHelper class with use added to e_related, e_search and e_sitelink. 2022-03-11 12:23:31 -08:00
Cameron
2400c1ef09 Fixes #4698 - Load front-end inline editing javasript only when necessary. 2022-03-10 11:08:27 -08:00
Cameron
7952e9188b Notify admins when script access is disabled. 2022-03-07 12:40:45 -08:00
Cameron
ce489e5b0f Upgraded intervention/image (2.7.0 => 2.7.1) 
Upgraded phpmailer/phpmailer (v6.5.3 => v6.6.0)
 2022-03-06 14:25:23 -08:00
Nick Liu
169efa09b9 e_parse::toAttributes(): New API to concatenate HTML attributes 
`e_parse::toAttributes()` is an expansion of the formerly private method
`e_form::attributes()`. Now, all client code can use
`e_parse::toAttributes()` to make it easy to concatenate variable-length
HTML attributes. Values are guaranteed to be encoded so that they cannot
escape an HTML attribute value.

All client code usages are encouraged to build HTML tags with this new
method to prevent cross-site scripting (XSS) attacks and prevent
breaking the HTML validity due to improperly escaped HTML attributes.

This new method is an extension to `e_parse::toAttribute()`, which
escaped one single HTML attribute value.
 2022-02-06 16:49:56 +01:00
Cameron
2097778cc5 Experimental schema template added to FAQs. 2022-02-04 13:26:52 -08:00
Cameron
c17b985441 Experimental schema template 2022-02-04 12:04:21 -08:00
Cameron
c3d65075d0 Extracted toGlyphEmbed() method from toGlyph() and fixed some backward compatibility issues. 2022-01-27 16:50:42 -08:00
Cameron
24f0dcadb6 Issue #4657 - Add to rolling log. 2022-01-20 09:02:28 -08:00
Cameron
4a0b8a7aa3 Issue #4657 - drop session instead of trigger login failure. (which can causing auto-bans) 2022-01-20 08:39:16 -08:00
Nick Liu
754c29d230 #4661: Don't double-encode ampersand in e_form::thead() 
I guessed the `filter_var(…, FILTER_SANITIZE_STRING)` intention
mentioned in 20882920a0.  I guessed wrong.
This fixes the guess to be just HTML tag removal.

Fixes: https://github.com/e107inc/e107/issues/4661
 2022-01-17 13:20:34 +01:00
Nick Liu
f1a2f2e768 #4633: Default to user_tracking "session" in user_model.php 
Second part of
https://github.com/e107inc/e107/commit/94f3162

Fixes: #4633
 2022-01-17 09:59:05 +01:00
Cameron
56bb8200a1 Corrected PHP 8.1 warnings. 2022-01-13 11:31:20 -08:00
Cameron
fd42d2325f Issue #4657 - Improved handling to prevent multiple sessions running on the same user account. 2022-01-13 11:18:31 -08:00
Cameron
a617918256 Avoid PHP warnings. 2022-01-10 15:23:27 -08:00
Cameron
7de11ed496 Added tokens to some links. 2022-01-01 13:05:17 -08:00
Nick Liu
3f59b3bc14 Suppress uncaught Hybridauth exceptions in e_user_provider 
And add a check for those exceptions in
`social_ui::generateSocialLoginSection()`

Fixes: #4192
 2021-12-28 12:04:28 +01:00
Nick Liu
b40288d665 Tolerate broken or removed social plugin in e_user_provider 
Fixes: #4199
 2021-12-28 12:04:27 +01:00
Nick Liu
8e8622f12d social_login_config::getSupportedConfiguredProviderConfigs() 
is a better name than
`\social_login_config::getValidConfiguredProviderConfigs()` because the
method does not validate the provider configs.
 2021-12-28 11:48:00 +01:00
Cameron
c96d64e275 Closes #618, #2599 Added simple options for including 'async' or 'defer' when using e107::js('header') and/or e107::js('footer'). 
Usage example: e107::js('footer', 'https://www.google.com/recaptcha/api.js?hl=en', ['defer','async']);
 2021-12-27 15:21:18 -08:00
Moc
1621bfb249 Fixes #4521 - Added %d.%m.%Y date format 
Co-Authored-By: Jimako <5429548+Jimmi08@users.noreply.github.com>
 2021-12-22 13:57:36 +01:00
Moc
484ef69dd3 #3778 - Add SEF URL configuration to 'pages' in comment_menu (WIP) 
WIP - one URL configuration not working yet. See notes in issue #3778
 2021-12-20 21:29:33 +01:00
Cameron
90108eab3c Checking of remote file-types during import and other cleanup. 2021-12-17 11:31:37 -08:00
Cameron
d8ce385929 Fixes #4631 - Edit button modal caption and submit button issue. 2021-12-15 11:52:46 -08:00
Cameron
0d8f3e9086 PHPDoc fixes and code optimization. 2021-12-03 14:58:33 -08:00
Cameron
aff6daf590 Fixes #4628 - Static URLs containing /./ 2021-12-02 15:36:05 -08:00
Cameron
e03e077a8c PHP 8.1 Notice fix. 2021-12-02 14:08:24 -08:00
Cameron
762befb092 Fixes #4500 - Avoid e_sitelink.php being loaded when plugin not installed. 2021-12-02 11:35:12 -08:00
Cameron
7b7040287b PHP Notice removal. 2021-12-01 15:33:48 -08:00
Cameron
0ddcd4d23d Intervention upgraded to v2.7.0 
PHPMailer upgraded to v6.5.3
 2021-12-01 12:10:23 -08:00
Cameron
c93990bbc5 Updated jquery.once version in test. 2021-11-29 11:44:59 -08:00
Cameron
2c9afc83ee More PHP 8.1 fixes. 2021-11-26 12:36:25 -08:00
Cameron
9d6a9611e2 PHP 8.1 fixes. 2021-11-25 10:18:53 -08:00
Cameron
4aa66c1732 strftime() added to php_compatibility_handler.php and all references updated. README updated. dateAlternativeTest updated to pass on Windows. (TBD) 2021-11-25 08:51:32 -08:00
Cameron
d885a2d40e Added missing file. 2021-11-25 08:04:56 -08:00
Cameron
de25bdc898 Closes #4619 - strftime() shim with intl locale support by @Deltik 2021-11-25 07:36:07 -08:00
Cameron
81cbe51228 Remove PHP Warnings. Next/Prev test added. 2021-11-24 13:08:04 -08:00
Cameron
f2e5a033b8 Issue #4610 - More valid tags added. 2021-11-24 11:56:35 -08:00
Cameron
f5dbec04ed Issue #4610 - Possible BC fix for outdated html attributes. 2021-11-24 11:07:52 -08:00
Nick Liu
31ea9bf787 CI: Try to fix intermittent failures on e_parse::toImage() 
Perhaps the first argument to `debug_backtrace()` should be `0` instead
of the default?
 2021-11-23 16:30:30 -06:00
Nick Liu
fb420ccfb1 PHP 8.1: Fix some more null value issues 
* `e_form::attributes()`
* `e_parse::toImage()`
 2021-11-23 13:57:38 -06:00