mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-01-17 20:58:30 +01:00
Code Issues Releases Wiki Activity
13,624 Commits 2 Branches 22 Tags
Commit Graph

13624 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nick Liu
cf86267e62
#4686: download_shortcodes: Consistency for agreement text alert box 
Extract all accesses of the `agree_text` pref and reformat the value
into a JavaScript `alert()` box

Uses the new `e_parse::toAttributes()` method

Fixes: #4686
 2022-02-06 17:14:16 +01:00
Nick Liu
169efa09b9
e_parse::toAttributes(): New API to concatenate HTML attributes 
`e_parse::toAttributes()` is an expansion of the formerly private method
`e_form::attributes()`. Now, all client code can use
`e_parse::toAttributes()` to make it easy to concatenate variable-length
HTML attributes. Values are guaranteed to be encoded so that they cannot
escape an HTML attribute value.

All client code usages are encouraged to build HTML tags with this new
method to prevent cross-site scripting (XSS) attacks and prevent
breaking the HTML validity due to improperly escaped HTML attributes.

This new method is an extension to `e_parse::toAttribute()`, which
escaped one single HTML attribute value.
 2022-02-06 16:49:56 +01:00
Cameron
2097778cc5 Experimental schema template added to FAQs. 2022-02-04 13:26:52 -08:00
Cameron
c17b985441 Experimental schema template 2022-02-04 12:04:21 -08:00
Cameron
c3d65075d0 Extracted toGlyphEmbed() method from toGlyph() and fixed some backward compatibility issues. 2022-01-27 16:50:42 -08:00
Cameron
26afb93b4e Fixes #4682 - Dasherize News Tag SEF URL. 2022-01-27 10:49:53 -08:00
Cameron
24f0dcadb6 Issue #4657 - Add to rolling log. 2022-01-20 09:02:28 -08:00
Cameron
4a0b8a7aa3 Issue #4657 - drop session instead of trigger login failure. (which can causing auto-bans) 2022-01-20 08:39:16 -08:00
Nick Liu
754c29d230
#4661: Don't double-encode ampersand in e_form::thead() 
I guessed the `filter_var(…, FILTER_SANITIZE_STRING)` intention
mentioned in 20882920a0b68937570264949512acc0c4841dbd.  I guessed wrong.
This fixes the guess to be just HTML tag removal.

Fixes: https://github.com/e107inc/e107/issues/4661
 2022-01-17 13:20:34 +01:00
Nick Liu
f1a2f2e768
#4633: Default to user_tracking "session" in user_model.php 
Second part of
https://github.com/e107inc/e107/commit/94f3162

Fixes: #4633
 2022-01-17 09:59:05 +01:00
Cameron
404425caf1 Added PHP 8.1 image to workflow. 2022-01-13 12:26:48 -08:00
Cameron
56bb8200a1 Corrected PHP 8.1 warnings. 2022-01-13 11:31:20 -08:00
Cameron
fd42d2325f Issue #4657 - Improved handling to prevent multiple sessions running on the same user account. 2022-01-13 11:18:31 -08:00
Cameron
a617918256 Avoid PHP warnings. 2022-01-10 15:23:27 -08:00
Cameron
7de11ed496 Added tokens to some links. 2022-01-01 13:05:17 -08:00
Cameron
cfa36ccb45
Merge pull request #4643 from Deltik/fix/4192 
Handle previously unhandled exceptions with `social` plugin and Hybridauth
 2021-12-29 10:32:43 -08:00
Nick Liu
3f59b3bc14
Suppress uncaught Hybridauth exceptions in e_user_provider 
And add a check for those exceptions in
`social_ui::generateSocialLoginSection()`

Fixes: #4192
 2021-12-28 12:04:28 +01:00
Nick Liu
b40288d665
Tolerate broken or removed social plugin in e_user_provider 
Fixes: #4199
 2021-12-28 12:04:27 +01:00
Nick Liu
8e8622f12d
social_login_config::getSupportedConfiguredProviderConfigs() 
is a better name than
`\social_login_config::getValidConfiguredProviderConfigs()` because the
method does not validate the provider configs.
 2021-12-28 11:48:00 +01:00
Cameron
c96d64e275 Closes #618, #2599 Added simple options for including 'async' or 'defer' when using e107::js('header') and/or e107::js('footer'). 
Usage example: e107::js('footer', 'https://www.google.com/recaptcha/api.js?hl=en', ['defer','async']);
 2021-12-27 15:21:18 -08:00
Moc
f58734346e
Code clean-up 
Formatting (tabs)
 2021-12-27 21:13:24 +01:00
Moc
29b98ef9a6
Closes #3742 - Added perm check for PM icon in Admin Area 2021-12-27 21:12:59 +01:00
Moc
b4ded935b7
Closes #4538 - Improved LAN on multiple login warning 2021-12-22 14:56:16 +01:00
Moc
c0c78c46d0
Closes #4447 - Add extra check for presence of log plugin 
Avoids fatal error when prefs are still stored for some reason.
 2021-12-22 14:43:51 +01:00
Moc
f426ffc729
Fixes #4194 - Use correct LAN for XUP login/register action 2021-12-22 14:24:04 +01:00
Moc
1621bfb249
Fixes #4521 - Added %d.%m.%Y date format 
Co-Authored-By: Jimako <5429548+Jimmi08@users.noreply.github.com>
 2021-12-22 13:57:36 +01:00
Moc
311308a6d9
Closes #4320 - Use radio_switch() for radio buttons in COPPA form 2021-12-21 18:00:37 +01:00
Moc
dfc4fa5a1e
Fixes #4048 - Valid HTML when no search results are found 
Moved alert <div> outside of <ul> tags.
 2021-12-21 12:01:42 +01:00
Moc
1779170933
Improved accessibility in Search (labels) 
HTML is now valid
 2021-12-21 11:53:29 +01:00
Moc
de8af179a4
Closes #3723 - Hide users that have not logged in yet from lastseen menu 2021-12-21 10:35:59 +01:00
Moc
484ef69dd3
#3778 - Add SEF URL configuration to 'pages' in comment_menu (WIP) 
WIP - one URL configuration not working yet. See notes in issue #3778
 2021-12-20 21:29:33 +01:00
Moc
305f0816f8
Add space between "Posted by" and author name in comment_menu 2021-12-20 21:11:44 +01:00
Cameron
90108eab3c Checking of remote file-types during import and other cleanup. 2021-12-17 11:31:37 -08:00
Cameron
d8ce385929 Fixes #4631 - Edit button modal caption and submit button issue. 2021-12-15 11:52:46 -08:00
Cameron
0d8f3e9086 PHPDoc fixes and code optimization. 2021-12-03 14:58:33 -08:00
Cameron
aff6daf590 Fixes #4628 - Static URLs containing /./ 2021-12-02 15:36:05 -08:00
Cameron
f8d5157121 Updated ver.php to v2.3.2 (git) 
Removed closing PHP tag from generated ver.php file during build.
 2021-12-02 14:51:18 -08:00
Cameron
cf7bfb39d5 Version set to v2.3.1 2021-12-02 14:23:33 -08:00
Cameron
e03e077a8c PHP 8.1 Notice fix. v2.3.1 2021-12-02 14:08:24 -08:00
Cameron
762befb092 Fixes #4500 - Avoid e_sitelink.php being loaded when plugin not installed. 2021-12-02 11:35:12 -08:00
Cameron
8dc26f1068 Fixes #4566 - List-New plugin - select options were not being displayed in admin area. 2021-12-02 11:28:10 -08:00
Cameron
9743cb4e95 Fixes #4528 - Frontend modal now functional with Bootstrap5. 2021-12-02 11:20:58 -08:00
Cameron
d9d606f615 Fixes #4583 - filetype values missing from forum attachment tooltip message. 2021-12-02 10:22:52 -08:00
Cameron
e4984a6e39 Fixes #4584 - LAN issue on upload page. 2021-12-02 09:42:03 -08:00
Cameron
c064dcb4f0 Fixes #4621 - "Members" missing from pref dropdown. 2021-12-02 08:56:11 -08:00
Cameron
7b7040287b PHP Notice removal. 2021-12-01 15:33:48 -08:00
Cameron
852f2175f2 PHP 8.1 fix. 2021-12-01 12:11:14 -08:00
Cameron
0ddcd4d23d Intervention upgraded to v2.7.0 
PHPMailer upgraded to v6.5.3
 2021-12-01 12:10:23 -08:00
Cameron
577bcb89e1 Fix for long text in Admin control panel. Check for missing intl extension when non-English languages in use and display alert on PHPInfo page when missing. 2021-12-01 11:59:49 -08:00
Cameron
b0c3c9cd17 Fixes #4624 - Fall back to require() when loading legacy template if require_once() returns nothing (likely due to third-party plugin) or theme. 2021-11-30 11:00:17 -08:00