mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-08-10 08:34:09 +02:00
Code Issues Releases Wiki Activity
11,396 Commits 2 Branches 22 Tags
a6476e680e95c44dbb72c3b27b281b108bd9c042
Commit Graph

11396 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
phibel
9ca28b8fa4 FIX user can transfer his moderator permissions from one forum to an other forum 
I am working further on the moderator permissions and discovered that my previous commit
692509f is a bad solution. Because the moderator submits the threadId and postID for the post
who he wants to delete. This threadId was used to check the moderator permissions of the postId.

So if a moderator has only permissions for one forum, he could change the transmitted threadId
in an other forum to get there also moderator permisssions...

Sorry that I did not noticed this glitch before I made the previous commit. :-/
 2018-10-13 15:55:31 +02:00
Gábor
714fd6bb08 Add files via upload 2018-10-13 07:11:18 +02:00
Gábor
2cc644c5f7 Update lan_ren_help.php 2018-10-13 07:05:09 +02:00
Gábor
034bc41793 Update English_global.php 2018-10-10 22:35:04 +02:00
Gábor
36b6afcd31 Update e_search.php 2018-10-10 22:30:03 +02:00
Gábor
b1c3a20f3d Update English.php 2018-10-10 22:28:19 +02:00
Tijn Kuyper
690db62a88 Fixes #3494 - additional fix in poll html markup 2018-10-09 12:20:07 +02:00
Tijn Kuyper
72f6534eae Fixes #3494 - wrong HTML markup with poll_answer id 2018-10-08 17:04:19 +02:00
Gábor
c31623e2fd Update e_search.php 2018-10-07 09:14:01 +02:00
Gábor
5c40dba1af Update English.php 2018-10-07 09:11:54 +02:00
Cameron
0d82695503 Fixes #3489 Download Name length increased to 255 chars. 2018-10-04 16:36:09 -07:00
Tijn Kuyper
94adbd06cc Optimise PHP version check for Github sync 2018-10-04 15:54:02 +02:00
Tijn Kuyper
5acf54d93a Added check for minimal PHP version when syncing with Github 2018-10-03 18:53:16 +02:00
Cameron
5db55ff20a Admin-UI: Fix for type userclasses 2018-10-02 17:00:38 -07:00
Cameron
0d9e2a77ca Addition default fields added. 2018-10-02 15:26:42 -07:00
Cameron
0e8576c254 Issue #3202 - Reproduce configuration in _blank plugin. 2018-10-02 13:43:28 -07:00
Cameron
5cc1b18f80 Fixes #3486 - Fixes issue with files containing spaces. 2018-10-02 13:07:26 -07:00
Cameron
bf49853f67 Fixes #3460 - Zip upload issue. 2018-10-02 12:29:16 -07:00
Cameron
7eeb23d5c2 Issue #3473 - menu button URL fix (part 2) 2018-10-02 12:20:40 -07:00
Cameron
3959c998c4 Issue #3463 - Alt-auth missing port field. 2018-10-02 12:15:58 -07:00
Cameron
a78b44f48e Fixes #3473 Menu Button URL with {e_BASE} not converting correctly. 2018-10-02 11:48:09 -07:00
Cameron
30b8d03df9 Changed git sync error to warning. 2018-10-02 11:36:42 -07:00
Cameron
692509f40c Merge pull request #3482 from phibel/forum_moderator_delete_permissions 
FIX check if user has moderator permissions for the thread/forum
 2018-10-02 09:47:27 -07:00
phibel
98213ec03c FIX check if user has moderator permissions for the thread/forum 
Without admin permissions (member of user class 254) it was not possible
to delete a post in the forum. This fix add the threadId to the ajax query
and fetchs the forum-moderator for the thread which will then checked
against the user permissions/classes.

I added also an additional error message, if something goes wrong.
 2018-09-30 23:21:43 +02:00
Cameron
3b25fe86b6 Merge pull request #3479 from yesszus/patch-1 
Update English_admin_rss_menu.php
 2018-09-30 11:51:48 -07:00
Cameron
b60f9950ca Consolidate v2.x upgrade routines. 2018-09-30 11:29:35 -07:00
Gábor
c7f3360eed Update rss.php 2018-09-30 08:38:17 +02:00
Gábor
d9298745fc Update rss_setup.php 2018-09-30 08:36:52 +02:00
Gábor
56835bb144 Update English_admin_rss_menu.php 
Issue: #3410
 2018-09-30 08:34:18 +02:00
Cameron
1d6a957793 Fixes #3426 - Pages : Custom Fields on Create. 2018-09-27 14:51:20 -07:00
Cameron
f99e2fbca0 Merge pull request #3471 from Deltik/fix-3437 
Matching scope for e_form::$_inline_token
 2018-09-27 14:32:44 -07:00
Cameron
b757b0988c Merge pull request #3469 from Jimmi08/patch-6 
{LOGIN_TABLE_FPW_LINK} - added class #3466
 2018-09-27 14:32:23 -07:00
Cameron
abcc3d54c9 Merge pull request #3468 from Jimmi08/patch-5 
{LOGIN_TABLE_SIGNUP_LINK} - added class option #3466
 2018-09-27 14:31:34 -07:00
Cameron
ad647d5baf Merge pull request #3467 from Jimmi08/patch-4 
{LOGIN_TABLE_SUBMIT} -  added class parameter
 2018-09-27 14:31:23 -07:00
Cameron
1f4bfa256c Fix for custom class on select 2018-09-27 12:02:35 -07:00
Nick Liu
8c7b61fb29 Matching scope for e_form::_inline_token 
Should be private to match private function inlineToken()
 2018-09-27 11:34:10 -05:00
Jimako
e1a9355eaf {LOGIN_TABLE_FPW_LINK} - added class #3466 2018-09-27 14:42:14 +02:00
Jimako
02ef130feb {LOGIN_TABLE_SIGNUP_LINK} - added class option #3466 2018-09-27 14:29:21 +02:00
Jimako
a650d16573 {LOGIN_TABLE_SUBMIT} - added class parameter 2018-09-27 14:09:22 +02:00
Cameron
c69184848c Merge pull request #3447 from Jimmi08/patch-3 
{COMMENT_INPUT} - added class parameters #3444
 2018-09-24 16:18:48 -07:00
Cameron
ac34a71508 Merge pull request #3446 from Jimmi08/patch-2 
{AUTHOR_INPUT} - added classes parameters #3444
 2018-09-24 16:18:25 -07:00
Cameron
e830812e2b Merge pull request #3445 from Jimmi08/patch-1 
{COMMENT_BUTTON} - added class parameter #3444
 2018-09-24 16:17:28 -07:00
Cameron
47d616000a Merge pull request #3451 from Deltik/fix-3450 
Fixes #3450 – SITELINKS_ALT parent button fix
 2018-09-24 16:16:23 -07:00
Cameron
9a39046db0 Merge pull request #3449 from Deltik/fix-3437 
Fixes #3437 – e_form::inlineToken() performance
 2018-09-24 16:14:55 -07:00
Nick Liu
a70d027f65 Fixes #3450 – SITELINKS_ALT parent button fix 
Parent links in sitelinks_alt::sitelinks_alt_shortcode() now have their
button image URI parsed by e_parse::replaceConstants(), bringing it into
consistency with the children, which are already parsed the same way.

There is no corresponding test for this in e107-test because hard-coded
dependencies in sitelinks_alt::sitelinks_alt_shortcode() are difficult
to monkey-patch without crippling the performance of e107-test.
 2018-09-23 18:39:30 -05:00
Nick Liu
a374886425 Fixes #3437 – e_form::inlineToken() performance 
This "inline token" is generated 30 times in my test, but it's the same
session_id() being hashed. This is wasteful and can be mitigated in two
ways:

* Reducing the time cost like so: return password_hash(session_id(),
PASSWORD_DEFAULT, ['cost' => 04]);
* Storing the hash as an instance variable the first time it's
generated

This commit applies both mitigations.
 2018-09-23 15:32:57 -05:00
Jimako
6f8fdf51e6 Mandatory class for reply to work #3444 2018-09-21 23:09:00 +02:00
Jimako
439c57f3c5 {COMMENT_INPUT} - added class parameters #3444 2018-09-21 22:31:21 +02:00
Jimako
44fd129daa fix for PR 2018-09-21 22:18:40 +02:00
Jimako
2a56ce28bd {AUTHOR_INPUT} - added classes parameters 2018-09-21 22:12:04 +02:00