1
0
mirror of https://github.com/e107inc/e107.git synced 2025-02-16 12:34:41 +01:00

5342 Commits

Author SHA1 Message Date
Cameron
02a7e08902 Fixes - News image placeholder. Adds another news-grid layout. 2022-04-06 12:09:58 -07:00
Cameron
196f952db8 Closes Theme developers can now set the default style, just as they would with the default layout. 2022-04-06 08:37:13 -07:00
Cameron
6eff4cb5f7 Closes - Bootstrap5 Theme enhancements. Bootswatch 5. 2022-04-05 19:49:08 -07:00
Cameron
45372f285c Fixes - wysiwyg editor value retention. 2022-04-05 09:56:25 -07:00
Cameron
ba82fec626 Closes - check for xml/install.xml during plugin installation. 2022-04-04 18:30:33 -07:00
Cameron
412b0b2efe Reducing e_SECURITY_LEVEL to 3 with disable ValidateRemoteAddr. 2022-04-04 14:47:53 -07:00
Cameron
22b9bd1721 Updated e107.org urls. 2022-04-04 14:46:42 -07:00
Cameron
55980a29a8 Generated PHPDoc for all classes in e107_handlers where one was missing. toNumber() updated to always return int or float. 2022-04-04 10:54:24 -07:00
Cameron
bf10c58c50
Merge pull request from Jimmi08/user-last-visit-shortcodes
Fixes  correct user last visit information
2022-04-02 12:41:52 -07:00
Cameron
e801b02dee Closes - Media-Manager default set to Grid. New CSS grid added. Extra tests added for toGlyph(). Added wildcard mime-type filters in Media-Manager. 2022-04-02 09:34:06 -07:00
Jimmi08
2fa73df934 correct user last visit information
CLOSES 
2022-04-02 14:57:37 +02:00
Cameron
9e8e7966a5 Fixes - news category link on print pages. 2022-04-01 12:00:37 -07:00
Cameron
91f90202a4
Merge pull request from Jimmi08/load-bbcode-buttons-only-if-HTML-is-allowed-for-user
Fixes  load bbcode buttons only if posting HTML is allowed for user
2022-04-01 11:13:31 -07:00
Cameron
c510885b43
Merge pull request from Jimmi08/rank-issue-for-first-level
Fixes  ranks issue for first level
2022-04-01 11:06:05 -07:00
Cameron
025ff07aab Fixes Removal of type="text/javascript" and type="text/css" 2022-03-31 08:24:34 -07:00
Jimmi08
79a300e7bb ranks issue for first level
CLOSES 
2022-03-31 12:55:32 +02:00
Jimmi08
64dcf0c056 load bbcode buttons only if HTML is allowed for user
CLOSES 

Tested scenarios:

- site wysiwyg on, html access  -  result tinymce
- site wysiwyg on,  no html access  - result bbcodes
- site wysiwyg off,  forum wysiwyg on,  no html access  - result bbcodes
- site wysiwyg off,  forum wysiwyg on,  html access  - result tinymce

It worked like this before too, but bbcodes were always rendered (not visible with tinymce)
2022-03-31 12:22:04 +02:00
Cameron
e1059b8001 Fixes - BS4/5 button classes in TinyMce. 2022-03-27 12:10:41 -07:00
Cameron
f6d0164f94 Composer update. 2022-03-27 10:23:34 -07:00
Cameron
3d3b2ec85d PHP Notice fix. 2022-03-15 13:48:32 -07:00
Cameron
748fd4b9b6 Fixes - linkwords inconsistencies. 2022-03-12 11:50:27 -08:00
Cameron
7fd6fdf478 Fixes - SEF URL issue on custom page comments. Also introduces pageHelper class with use added to e_related, e_search and e_sitelink. 2022-03-11 12:23:31 -08:00
Cameron
2400c1ef09 Fixes - Load front-end inline editing javasript only when necessary. 2022-03-10 11:08:27 -08:00
Cameron
7952e9188b Notify admins when script access is disabled. 2022-03-07 12:40:45 -08:00
Cameron
ce489e5b0f Upgraded intervention/image (2.7.0 => 2.7.1)
Upgraded phpmailer/phpmailer (v6.5.3 => v6.6.0)
2022-03-06 14:25:23 -08:00
Nick Liu
169efa09b9
e_parse::toAttributes(): New API to concatenate HTML attributes
`e_parse::toAttributes()` is an expansion of the formerly private method
`e_form::attributes()`. Now, all client code can use
`e_parse::toAttributes()` to make it easy to concatenate variable-length
HTML attributes. Values are guaranteed to be encoded so that they cannot
escape an HTML attribute value.

All client code usages are encouraged to build HTML tags with this new
method to prevent cross-site scripting (XSS) attacks and prevent
breaking the HTML validity due to improperly escaped HTML attributes.

This new method is an extension to `e_parse::toAttribute()`, which
escaped one single HTML attribute value.
2022-02-06 16:49:56 +01:00
Cameron
2097778cc5 Experimental schema template added to FAQs. 2022-02-04 13:26:52 -08:00
Cameron
c17b985441 Experimental schema template 2022-02-04 12:04:21 -08:00
Cameron
c3d65075d0 Extracted toGlyphEmbed() method from toGlyph() and fixed some backward compatibility issues. 2022-01-27 16:50:42 -08:00
Cameron
24f0dcadb6 Issue - Add to rolling log. 2022-01-20 09:02:28 -08:00
Cameron
4a0b8a7aa3 Issue - drop session instead of trigger login failure. (which can causing auto-bans) 2022-01-20 08:39:16 -08:00
Nick Liu
754c29d230
: Don't double-encode ampersand in e_form::thead()
I guessed the `filter_var(…, FILTER_SANITIZE_STRING)` intention
mentioned in 20882920a0b68937570264949512acc0c4841dbd.  I guessed wrong.
This fixes the guess to be just HTML tag removal.

Fixes: https://github.com/e107inc/e107/issues/4661
2022-01-17 13:20:34 +01:00
Nick Liu
f1a2f2e768
: Default to user_tracking "session" in user_model.php
Second part of
https://github.com/e107inc/e107/commit/94f3162

Fixes: 
2022-01-17 09:59:05 +01:00
Cameron
56bb8200a1 Corrected PHP 8.1 warnings. 2022-01-13 11:31:20 -08:00
Cameron
fd42d2325f Issue - Improved handling to prevent multiple sessions running on the same user account. 2022-01-13 11:18:31 -08:00
Cameron
a617918256 Avoid PHP warnings. 2022-01-10 15:23:27 -08:00
Cameron
7de11ed496 Added tokens to some links. 2022-01-01 13:05:17 -08:00
Nick Liu
3f59b3bc14
Suppress uncaught Hybridauth exceptions in e_user_provider
And add a check for those exceptions in
`social_ui::generateSocialLoginSection()`

Fixes: 
2021-12-28 12:04:28 +01:00
Nick Liu
b40288d665
Tolerate broken or removed social plugin in e_user_provider
Fixes: 
2021-12-28 12:04:27 +01:00
Nick Liu
8e8622f12d
social_login_config::getSupportedConfiguredProviderConfigs()
is a better name than
`\social_login_config::getValidConfiguredProviderConfigs()` because the
method does not validate the provider configs.
2021-12-28 11:48:00 +01:00
Cameron
c96d64e275 Closes , Added simple options for including 'async' or 'defer' when using e107::js('header') and/or e107::js('footer').
Usage example: e107::js('footer', 'https://www.google.com/recaptcha/api.js?hl=en', ['defer','async']);
2021-12-27 15:21:18 -08:00
Moc
1621bfb249
Fixes - Added %d.%m.%Y date format
Co-Authored-By: Jimako <5429548+Jimmi08@users.noreply.github.com>
2021-12-22 13:57:36 +01:00
Moc
484ef69dd3
- Add SEF URL configuration to 'pages' in comment_menu (WIP)
WIP - one URL configuration not working yet. See notes in issue 
2021-12-20 21:29:33 +01:00
Cameron
90108eab3c Checking of remote file-types during import and other cleanup. 2021-12-17 11:31:37 -08:00
Cameron
d8ce385929 Fixes - Edit button modal caption and submit button issue. 2021-12-15 11:52:46 -08:00
Cameron
0d8f3e9086 PHPDoc fixes and code optimization. 2021-12-03 14:58:33 -08:00
Cameron
aff6daf590 Fixes - Static URLs containing /./ 2021-12-02 15:36:05 -08:00
Cameron
e03e077a8c PHP 8.1 Notice fix. 2021-12-02 14:08:24 -08:00
Cameron
762befb092 Fixes - Avoid e_sitelink.php being loaded when plugin not installed. 2021-12-02 11:35:12 -08:00
Cameron
7b7040287b PHP Notice removal. 2021-12-01 15:33:48 -08:00