mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-01-17 20:58:30 +01:00
Code Issues Releases Wiki Activity
13,696 Commits 2 Branches 22 Tags
Commit Graph

419 Commits

Author SHA1 Message Date
Cameron
025ff07aab Fixes #4737 Removal of type="text/javascript" and type="text/css" 2022-03-31 08:24:34 -07:00
Cameron
35eab787be Composer update on e107_tests 2022-03-29 16:24:17 -07:00
Cameron
f922456a8f Fixes #4706 'quote' bbcode in TinyMce and fixes fatal error under PHP 8.1 (LAN_WROTE) 2022-03-29 13:59:25 -07:00
Cameron
8f2776bc46 Linkwords: Ignore commented HTML code during processing. 2022-03-15 13:47:46 -07:00
Cameron
a459057d68 Possible fix for failing tests. 2022-03-12 12:01:20 -08:00
Cameron
748fd4b9b6 Fixes #4700 - linkwords inconsistencies. 2022-03-12 11:50:27 -08:00
Cameron
4032c2954f Issue #3778 - page/e_sitelink cleanup and optimization. Test added. Fixed bookNav() which should only return book links. 2022-03-11 18:01:56 -08:00
Cameron
9c6a5e96fe Composer update on e107_tests packages. 2022-03-10 12:18:11 -08:00
Cameron
fde53794ca
Merge pull request #4688 from Deltik/fix/4686 
New API to concatenate an array of HTML attributes
 2022-02-22 13:41:22 -08:00
dependabot[bot]
3a246f7505
Bump twig/twig from 3.3.4 to 3.3.8 in /e107_tests 
Bumps [twig/twig](https://github.com/twigphp/Twig) from 3.3.4 to 3.3.8.
- [Release notes](https://github.com/twigphp/Twig/releases)
- [Changelog](https://github.com/twigphp/Twig/blob/3.x/CHANGELOG)
- [Commits](https://github.com/twigphp/Twig/compare/v3.3.4...v3.3.8)

---
updated-dependencies:
- dependency-name: twig/twig
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-02-11 02:35:35 +00:00
Nick Liu
169efa09b9
e_parse::toAttributes(): New API to concatenate HTML attributes 
`e_parse::toAttributes()` is an expansion of the formerly private method
`e_form::attributes()`. Now, all client code can use
`e_parse::toAttributes()` to make it easy to concatenate variable-length
HTML attributes. Values are guaranteed to be encoded so that they cannot
escape an HTML attribute value.

All client code usages are encouraged to build HTML tags with this new
method to prevent cross-site scripting (XSS) attacks and prevent
breaking the HTML validity due to improperly escaped HTML attributes.

This new method is an extension to `e_parse::toAttribute()`, which
escaped one single HTML attribute value.
 2022-02-06 16:49:56 +01:00
Cameron
56bb8200a1 Corrected PHP 8.1 warnings. 2022-01-13 11:31:20 -08:00
Nick Liu
3f59b3bc14
Suppress uncaught Hybridauth exceptions in e_user_provider 
And add a check for those exceptions in
`social_ui::generateSocialLoginSection()`

Fixes: #4192
 2021-12-28 12:04:28 +01:00
Cameron
c96d64e275 Closes #618, #2599 Added simple options for including 'async' or 'defer' when using e107::js('header') and/or e107::js('footer'). 
Usage example: e107::js('footer', 'https://www.google.com/recaptcha/api.js?hl=en', ['defer','async']);
 2021-12-27 15:21:18 -08:00
Cameron
90108eab3c Checking of remote file-types during import and other cleanup. 2021-12-17 11:31:37 -08:00
Cameron
6f309bb326 e107 installation updated for PHP8.1. Bootstrap5 is now the default theme. Acceptance test updated. 2021-11-29 13:45:02 -08:00
Cameron
9d6a9611e2 PHP 8.1 fixes. 2021-11-25 10:18:53 -08:00
Cameron
98b8955185 Rolled back e_dateAlternateTest() Windows fix. 2021-11-25 09:13:14 -08:00
Cameron
4aa66c1732 strftime() added to php_compatibility_handler.php and all references updated. README updated. dateAlternativeTest updated to pass on Windows. (TBD) 2021-11-25 08:51:32 -08:00
Cameron
904cea1af4 Added missing file 2021-11-25 08:06:51 -08:00
Cameron
9fffa59a01 Fixes #4586, Fixes #2774, Fixes #49 - Workaround added for page dropdown navigation. Use {CPAGENAV: tmpl=dropdown} in page_template.php 2021-11-24 13:48:20 -08:00
Cameron
81cbe51228 Remove PHP Warnings. Next/Prev test added. 2021-11-24 13:08:04 -08:00
Cameron
f5dbec04ed Issue #4610 - Possible BC fix for outdated html attributes. 2021-11-24 11:07:52 -08:00
Cameron
35808e5eb9 Issue #4609 - Was still failing in earlier PHP versions. More tests added. 'empty' attribute added to news_render_type 2021-11-04 13:58:05 -07:00
Cameron
54cb89b87d Fix for <title> tag containing single or double quotes. Tests added. 2021-11-03 13:55:56 -07:00
Cameron
7930aba4ca Fixes #4609 - Quick fix for inconsistent drop-down behavior PHP7 -> PHP8. 2021-11-01 14:41:40 -07:00
Cameron
c3036f975c Issue #4609 - Test added for option_multi() to check for consistent behavior. 2021-11-01 14:23:57 -07:00
Cameron
9de838b93e Admin-ui type=dropdown tests added with 'multiple' option enabled. 2021-11-01 13:01:07 -07:00
Cameron
038d88aa2a Lazy loading added to bbcode images and avatar images by default. 2021-10-26 14:57:01 -07:00
Cameron
723974a0ba Fix for poorly formatted text emails derived from html tables. 2021-10-25 09:34:13 -07:00
Cameron
b91b1c36b0 Closes #4600, Fixes #4597 - Encoding of 'national characters' in TinyMce. 2021-10-19 09:10:32 -07:00
Cameron
236248503a Make sure FontAwesome still loads using CSS for TinyMce when using Bootstrap5. 2021-10-18 13:18:13 -07:00
Cameron
73dfbf0d74 Issue #4299 - PHP8 fatal error fixes 2021-10-17 08:43:07 -07:00
Cameron
d6b0391a2d Fixed corruption of carousel attributes and other 'data-' keys. Test added. 2021-10-14 08:08:43 -07:00
Cameron
78d72fa139 Added 'defer' to bootstrap5 and fontawesome5 <script> tags. 2021-10-12 08:00:41 -07:00
Cameron
0442ba138a addJs() method cleanup. Work-in-progress. 2021-10-11 19:06:03 -07:00
Cameron
7755dd1743 Added option for themes to load only the css or js portion of a library via theme.xml attribute. See bootstrap5/theme.xml for an example. 
Empty comments in glyphs removed due to conflict with Fontawesome JS. Tests updated.
 2021-10-11 12:33:59 -07:00
Nick Liu
840e818f40
e_form: Allow HTML attribute "value" keys with blank values 
Otherwise, something like `<option>Nope</option>` will get a value of
"Nope" instead of "" as in `<option value=''>Nope</option>`.
 2021-10-08 18:03:44 -05:00
Nick Liu
2fa9d10c57
e_form: Handle attribute HTML entities properly for most form elements 
The result is a much more consistent form experience with less fear that
some values put into an `e_form` method will break the web page.

This commit covers the most common uses of `e_form` with HTML attribute
quoting via `e_form::attributes()`.
 2021-10-06 20:14:51 -05:00
Nick Liu
19f48180dc
Restore htmlspecialchars() for e_parse::filter(…, 'str') 
Fixes regression from 20882920a0b68937570264949512acc0c4841dbd where
data would get inserted into the database with literal quotation marks,
but e107 has always expected `&quot;` and `&#39;` to come directly from
the database
 2021-10-06 13:06:31 -05:00
Nick Liu
010492b67e
Stub e_date::convert_date() in e_parse_shortcodeTest 
Prevents this flaky error:

---------
1) e_parse_shortcodeTest: Forum shortcodes
 Test  tests/unit/e_parse_shortcodeTest.php:testForumShortcodes
{INFO} != sc_info()
Failed asserting that two strings are equal.
- Expected | + Actual
@@ @@
'Welcome e107-cli<br />There are no new posts since your last visit.<br />
You last visited at  <br />
-			It is now Tuesday 28 September 2021 - 16:25:39'
+			It is now Tuesday 28 September 2021 - 16:25:38'
#1  /__w/e107/e107/e107_tests/tests/unit/e_parse_shortcodeTest.php:1656
#2  /__w/e107/e107/e107_tests/tests/unit/e_parse_shortcodeTest.php:1147
#3  e_parse_shortcodeTest->testForumShortcodes
#4  {closure}
 2021-09-28 12:27:09 -05:00
Cameron
06e88e5fb7 Linkwords plugin update. 
Fixes issue with admin preferences not being respected or no linking occurring.
Prefs now moved out of core and into plugin prefs.
Test page added to admin area.
Relationship field added.
e_tohtml.php deprecated in favor of e_parse.php
Tests updated.
 2021-09-28 08:56:54 -07:00
Cameron
320287f6ad Fix PHP error on some legacy themes that are missing meta-data. e107_tests composer update. 2021-09-27 10:45:06 -07:00
Nick Liu
45bce2a7aa
#4572: e_form: No htmlspecialchars() on "other" attributes 
Fixes: #4572

Discussion:
https://github.com/e107inc/e107/pull/4554#issuecomment-926113601
 2021-09-23 16:12:52 -05:00
Nick Liu
64cd796605
Update test dependencies 
Fixes: #4551
 2021-09-04 15:08:15 +02:00
Cameron
f173b59672 Closes #4539 2021-08-13 10:58:42 -07:00
Cameron
64e705ced0 {SITELINKS_ALT} fix and test. 2021-08-07 12:26:23 -07:00
Cameron
c4f76c3687 Issue #4270 - perform all webp conversion checks within e_thumbnail class. WebP conversion now works with SEF media URLS. 2021-06-18 09:31:45 -07:00
Cameron
7302803a75 Issue #4270 Added .webp browser-support detection. Media-Manager "Convert to webp during render" can now be safely enabled and will temporarily fallback to the regular image if the browser does not support webp images. 2021-06-18 08:43:53 -07:00
Cameron
5652fd2bd9
Merge pull request #4515 from Deltik/fix/4512 
#4512: faqs_shortcodes::sc_faq_count(): Return blank string instead of 0
 2021-06-14 16:55:10 -07:00