mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-01-17 20:58:30 +01:00
Code Issues Releases Wiki Activity
13,929 Commits 2 Branches 22 Tags
Commit Graph

5420 Commits

Author SHA1 Message Date
Cameron
2400c1ef09 Fixes #4698 - Load front-end inline editing javasript only when necessary. 2022-03-10 11:08:27 -08:00
Cameron
7952e9188b Notify admins when script access is disabled. 2022-03-07 12:40:45 -08:00
Cameron
ce489e5b0f Upgraded intervention/image (2.7.0 => 2.7.1) 
Upgraded phpmailer/phpmailer (v6.5.3 => v6.6.0)
 2022-03-06 14:25:23 -08:00
Nick Liu
169efa09b9
e_parse::toAttributes(): New API to concatenate HTML attributes 
`e_parse::toAttributes()` is an expansion of the formerly private method
`e_form::attributes()`. Now, all client code can use
`e_parse::toAttributes()` to make it easy to concatenate variable-length
HTML attributes. Values are guaranteed to be encoded so that they cannot
escape an HTML attribute value.

All client code usages are encouraged to build HTML tags with this new
method to prevent cross-site scripting (XSS) attacks and prevent
breaking the HTML validity due to improperly escaped HTML attributes.

This new method is an extension to `e_parse::toAttribute()`, which
escaped one single HTML attribute value.
 2022-02-06 16:49:56 +01:00
Cameron
2097778cc5 Experimental schema template added to FAQs. 2022-02-04 13:26:52 -08:00
Cameron
c17b985441 Experimental schema template 2022-02-04 12:04:21 -08:00
Cameron
c3d65075d0 Extracted toGlyphEmbed() method from toGlyph() and fixed some backward compatibility issues. 2022-01-27 16:50:42 -08:00
Cameron
24f0dcadb6 Issue #4657 - Add to rolling log. 2022-01-20 09:02:28 -08:00
Cameron
4a0b8a7aa3 Issue #4657 - drop session instead of trigger login failure. (which can causing auto-bans) 2022-01-20 08:39:16 -08:00
Nick Liu
754c29d230
#4661: Don't double-encode ampersand in e_form::thead() 
I guessed the `filter_var(…, FILTER_SANITIZE_STRING)` intention
mentioned in 20882920a0b68937570264949512acc0c4841dbd.  I guessed wrong.
This fixes the guess to be just HTML tag removal.

Fixes: https://github.com/e107inc/e107/issues/4661
 2022-01-17 13:20:34 +01:00
Nick Liu
f1a2f2e768
#4633: Default to user_tracking "session" in user_model.php 
Second part of
https://github.com/e107inc/e107/commit/94f3162

Fixes: #4633
 2022-01-17 09:59:05 +01:00
Cameron
56bb8200a1 Corrected PHP 8.1 warnings. 2022-01-13 11:31:20 -08:00
Cameron
fd42d2325f Issue #4657 - Improved handling to prevent multiple sessions running on the same user account. 2022-01-13 11:18:31 -08:00
Cameron
a617918256 Avoid PHP warnings. 2022-01-10 15:23:27 -08:00
Cameron
7de11ed496 Added tokens to some links. 2022-01-01 13:05:17 -08:00
Nick Liu
3f59b3bc14
Suppress uncaught Hybridauth exceptions in e_user_provider 
And add a check for those exceptions in
`social_ui::generateSocialLoginSection()`

Fixes: #4192
 2021-12-28 12:04:28 +01:00
Nick Liu
b40288d665
Tolerate broken or removed social plugin in e_user_provider 
Fixes: #4199
 2021-12-28 12:04:27 +01:00
Nick Liu
8e8622f12d
social_login_config::getSupportedConfiguredProviderConfigs() 
is a better name than
`\social_login_config::getValidConfiguredProviderConfigs()` because the
method does not validate the provider configs.
 2021-12-28 11:48:00 +01:00
Cameron
c96d64e275 Closes #618, #2599 Added simple options for including 'async' or 'defer' when using e107::js('header') and/or e107::js('footer'). 
Usage example: e107::js('footer', 'https://www.google.com/recaptcha/api.js?hl=en', ['defer','async']);
 2021-12-27 15:21:18 -08:00
Moc
1621bfb249
Fixes #4521 - Added %d.%m.%Y date format 
Co-Authored-By: Jimako <5429548+Jimmi08@users.noreply.github.com>
 2021-12-22 13:57:36 +01:00
Moc
484ef69dd3
#3778 - Add SEF URL configuration to 'pages' in comment_menu (WIP) 
WIP - one URL configuration not working yet. See notes in issue #3778
 2021-12-20 21:29:33 +01:00
Cameron
90108eab3c Checking of remote file-types during import and other cleanup. 2021-12-17 11:31:37 -08:00
Cameron
d8ce385929 Fixes #4631 - Edit button modal caption and submit button issue. 2021-12-15 11:52:46 -08:00
Cameron
0d8f3e9086 PHPDoc fixes and code optimization. 2021-12-03 14:58:33 -08:00
Cameron
aff6daf590 Fixes #4628 - Static URLs containing /./ 2021-12-02 15:36:05 -08:00
Cameron
e03e077a8c PHP 8.1 Notice fix. 2021-12-02 14:08:24 -08:00
Cameron
762befb092 Fixes #4500 - Avoid e_sitelink.php being loaded when plugin not installed. 2021-12-02 11:35:12 -08:00
Cameron
7b7040287b PHP Notice removal. 2021-12-01 15:33:48 -08:00
Cameron
0ddcd4d23d Intervention upgraded to v2.7.0 
PHPMailer upgraded to v6.5.3
 2021-12-01 12:10:23 -08:00
Cameron
c93990bbc5 Updated jquery.once version in test. 2021-11-29 11:44:59 -08:00
Cameron
2c9afc83ee More PHP 8.1 fixes. 2021-11-26 12:36:25 -08:00
Cameron
9d6a9611e2 PHP 8.1 fixes. 2021-11-25 10:18:53 -08:00
Cameron
4aa66c1732 strftime() added to php_compatibility_handler.php and all references updated. README updated. dateAlternativeTest updated to pass on Windows. (TBD) 2021-11-25 08:51:32 -08:00
Cameron
d885a2d40e Added missing file. 2021-11-25 08:04:56 -08:00
Cameron
de25bdc898 Closes #4619 - strftime() shim with intl locale support by @Deltik 2021-11-25 07:36:07 -08:00
Cameron
81cbe51228 Remove PHP Warnings. Next/Prev test added. 2021-11-24 13:08:04 -08:00
Cameron
f2e5a033b8 Issue #4610 - More valid tags added. 2021-11-24 11:56:35 -08:00
Cameron
f5dbec04ed Issue #4610 - Possible BC fix for outdated html attributes. 2021-11-24 11:07:52 -08:00
Nick Liu
31ea9bf787
CI: Try to fix intermittent failures on e_parse::toImage() 
Perhaps the first argument to `debug_backtrace()` should be `0` instead
of the default?
 2021-11-23 16:30:30 -06:00
Nick Liu
fb420ccfb1
PHP 8.1: Fix some more null value issues 
* `e_form::attributes()`
* `e_parse::toImage()`
 2021-11-23 13:57:38 -06:00
Cameron
fea46ed7ee Fixes #4605 - Custom home icon support and fallback icon for non-FontAwesome breadcrumbs. 2021-11-17 15:21:10 -08:00
Cameron
db6035f844 Experimental embedding of FA svg. 2021-11-15 13:51:01 -08:00
Cameron
35808e5eb9 Issue #4609 - Was still failing in earlier PHP versions. More tests added. 'empty' attribute added to news_render_type 2021-11-04 13:58:05 -07:00
Cameron
54cb89b87d Fix for <title> tag containing single or double quotes. Tests added. 2021-11-03 13:55:56 -07:00
Cameron
6d5b4f5c3a Moved experimental e_ROUTE constant to registry. 2021-11-01 15:46:39 -07:00
Cameron
7930aba4ca Fixes #4609 - Quick fix for inconsistent drop-down behavior PHP7 -> PHP8. 2021-11-01 14:41:40 -07:00
Cameron
038d88aa2a Lazy loading added to bbcode images and avatar images by default. 2021-10-26 14:57:01 -07:00
Cameron
723974a0ba Fix for poorly formatted text emails derived from html tables. 2021-10-25 09:34:13 -07:00
Cameron
b91b1c36b0 Closes #4600, Fixes #4597 - Encoding of 'national characters' in TinyMce. 2021-10-19 09:10:32 -07:00
Cameron
fe7e99f136 Fixed formatting of admin > mailout form elements. 2021-10-19 07:41:33 -07:00