1
0
mirror of https://github.com/e107inc/e107.git synced 2025-03-15 18:09:46 +01:00

12504 Commits

Author SHA1 Message Date
Nick Liu
379a963902
New API to detect if social login is enabled site-wide
The site-wide social login system is now backwards-compatible with how
the social_login_active core pref worked since commit
3b2d8333b62290688f64e061023669463fd8f04c.

social_login_active's least significant bit is now treated as a global
bit, so if it's not set, no other bits are allowed to be set. This
un-breaks all existing checks for whether social_login_active is empty.

Except in themes, the social_login_active check has been replaced with
an e_user_provider API to check if social login is enabled site-wide.
2020-02-22 23:55:20 +01:00
Cameron
aa9753a174 Automatic password rehashing added to admin login page. 2020-02-22 11:45:35 -08:00
Cameron
d23c65b30c Fixes #4083 Column selector displaying improperly defined field.
Admin-UI: Multi-language database language only displays when a table match is found.
2020-02-22 10:03:41 -08:00
Cameron
79c5b3e694 Issue #4049 - Media-Manager Url fix. Fixed Media Preview.
Admin-ui: type='media' example added to blank plugin.
2020-02-21 14:20:33 -08:00
Cameron
3d47a39f7f Issue #4100 Possible Fix for filename cleaning issue. 2020-02-21 11:43:26 -08:00
Cameron
e4b5f062f1
Merge pull request #4065 from LaocheXe/master
Delete Account Option
2020-02-21 11:32:31 -08:00
Cameron
33a7685095 Issue #4086 - admin-ui Respect boolean true/false writeParms in filter and batch dropdowns. 2020-02-20 08:53:32 -08:00
Cameron
ca61cd7de5 Issue #4086 Boolean admin-ui form element readParm/writeParm consistency. 2020-02-20 08:12:09 -08:00
Cameron
aaae9d0e0d Fixes #3759 Legacy code cleanup 2020-02-20 07:30:01 -08:00
Cameron
68e722791f Increased jpeg compression on preview images. 2020-02-20 07:21:50 -08:00
Cameron
716c6c5ddb User login audit cleanup. 2020-02-20 07:15:14 -08:00
Nick Liu
616add5c93
Code deduplication in signup_shortcodes for XUP login
Also fixed variable passing weirdness in API of e_user_provider
2020-02-20 00:03:16 +01:00
Nick Liu
bc4ade5a27
Disable system/xup/test by default
Now guests can't snoop there unless the admin allows it.
Documentation has been improved accordingly.
2020-02-19 23:30:24 +01:00
Nick Liu
c260152b57
Redirect improvements for social logins
- FIX: Duplicate invalid login messages in userlogin::login()
- NEW: e_user_provider: Return URL passthrough to go back where intended
- MOD: Cleanup of some confusing APIs in e_user_provider
- MOD: Return URL passthrough in system/xup/*
- MOD: system/xup/test: Logout test renamed into something clearer
2020-02-19 21:22:53 +01:00
Cameron
b59e55339c Added options to e_form->carousel() to disable navigation and indicators. Custom navigation can now display a custom label when 'label' is included in the carousel array. 2020-02-19 10:25:22 -08:00
Nick Liu
dc66b508bf
Factory for e_user_provider 2020-02-19 18:25:25 +01:00
Nick Liu
a91fa2c9b8
Don't duplicate Hybridauth config in e107::getHybridAuth() 2020-02-19 17:11:26 +01:00
Nick Liu
0bacc5903c
Prevent error if 'social_login' pref is not an array 2020-02-19 17:11:21 +01:00
Cameron
0dbad5d72b Issue #4101 toASCII characters added and test added to confirm. 2020-02-17 13:43:39 -08:00
Cameron
df764389a8 Issue #4102 Parsing of < or > 2020-02-17 13:13:06 -08:00
Nick Liu
5edcee8ad0
PHP bug 66773 workaround in Hybridauth
In PHP 7.0.12 and earlier, a class could not be loaded with the same
name as another class in a different namespace.  This commit patches the
Hybridauth dependency to avoid PHP bug 66773.  Unfortunately, the fix
will be rolled back any time Hybridauth is updated or overwritten.

PHP bug link: https://bugs.php.net/bug.php?id=66773
2020-02-17 14:49:57 +01:00
Nick Liu
91bfc1df23
Core modifications to support Hybridauth 3
- MOD: Replaced e107::getPref('social_login') with
       SocialLoginConfigManager::getValidConfiguredProviderConfigs()
- FIX: signup_shortcodes updated with new social login providers
- MOD: e107::filter_request() code de-duplication: HTTP 400 exits
- MOD: Deprecated e107::getHybridAuth() to discourage direct access to
       third-party dependency Hybridauth
- FIX: Updated e_user_provider for Hybridauth 3
- FIX: e_user::tryProviderSession() and Hybridauth 3
- NEW: Dynamic auth provider support in social_adminarea
- NEW: Database migration for social plugin's social_login pref
2020-02-17 10:38:49 +01:00
Nick Liu
46c75ae4d0
Updated Hybridauth from v2.9.6 to v3.1.1 2020-02-17 10:38:49 +01:00
Nick Liu
adcd3734d1
Documented migration plan to Composer dependencies 2020-02-17 10:38:48 +01:00
Nick Liu
7484d52d66
composer.json: Enforce compatibility with lowest supported PHP version 2020-02-17 10:38:48 +01:00
Deltik
f8d0b628e0
Forward compatibility with Composer autoloading 2020-02-17 10:38:48 +01:00
Nick Liu
2a69227135
Exclude Composer files in GitHub sync for e107 v2 2020-02-17 10:38:47 +01:00
Nick Liu
7269c80468
Initialized composer.json 2020-02-17 10:38:47 +01:00
Cameron
15c97cf73a Fixes #4096 - GDPR value missing from contact form results. 2020-02-15 10:29:56 -08:00
Cameron
3a4b89f803 PHP Notice fix. 2020-02-10 15:38:04 -08:00
Cameron
20b43d47e9 Closes #4092 - check for 'order' param in news grid. 2020-02-10 12:01:38 -08:00
Cameron
734b92c342 Fixes #4095 - Userclass selection was not being saved in "Quick Add User" due to modification for Issue #1728. Both issues now resolved. 2020-02-10 11:42:23 -08:00
Cameron
d4870293e1 Fix for data-disable attribute on ajax link. 2020-02-09 11:08:11 -08:00
Cameron
b8717c04bb Added 'autoplay' and 'controls' support to the toAudio() method. 2020-02-05 13:26:07 -08:00
Cameron
89fff6faad Improved line-breaks handling and added test. 2020-02-02 15:11:36 -08:00
Cameron
e15a10234e Parser: Fix for line-breaks when converting HTML back to plain text. 2020-02-02 14:54:29 -08:00
Cameron
955af62106 Support for data-disable='true' when using class 'e-ajax'. ie. prevent double-clicking. 2020-02-02 14:06:56 -08:00
Cameron
b824bc028e Fix typo in last commit. 2020-01-31 07:10:24 -08:00
Cameron
a1f8c931c5 Admin-UI Issue #4081 Support for 'target' and 'class' readParm attributes when using type = url and type = email 2020-01-29 12:33:35 -08:00
Cameron
ac2700dd2d toAvatar() added support for 'style' attribute. 2020-01-27 19:49:01 -08:00
Cameron
60d64c5398 PHP Notice removal 2020-01-27 12:17:34 -08:00
Cameron
d966705c3b Fixes #4075 - Prevent incorrect class name in e_url.php file from breaking entire list. Also added debug message for worst case scenario. 2020-01-27 12:13:02 -08:00
Cameron
ab0b4ec49b Support for high-resolution avatar rendering. 2020-01-27 11:37:57 -08:00
Cameron
48ae6455a4 getUsersInClass() now accepts extended user field names - just prefix those fields with "ue.". 2020-01-23 14:59:01 -08:00
Cameron
c18edcac43 PHP Notice removal 2020-01-23 13:15:24 -08:00
Nick Liu
beedf081ab
Fix infinite recursion in compatibility strptime() for Windows
\e107\Shims\Internal\InternalTrait::strptime() now tries to run the internal PHP strptime()
function first instead of what's defined, which should defend against accidental infinite
recursion if something else like ./e107_handlers/php_compatibility_handler.php declares
strptime() and calls eShims::strptime().
2020-01-23 09:42:46 +01:00
Cameron
3fd23555a8
Merge pull request #4077 from Deltik/fix-4076
Have e_date::strptime() use eShims::strptime()
2020-01-22 12:06:42 -08:00
Cameron
692cee83ca Make sure user_id is an integer. 2020-01-22 12:04:59 -08:00
Nick Liu
f23aec7395
Replaced e_date::strptime() with eShims::strptime()
- NEW: Added \e107\Shims\Internal\StrptimeTrait, which implements PHP internal function
       strptime(). On not-Windows, the built-in function is called. If that function fails
       or if the operating system is Windows, the alternative pure PHP implementation is
       attempted. The first successful call is returned, or false if none are successful.
- MOD: Deprecated e_date::strptime() in favor of eShims::strptime()
- FIX: License misatributed for e_date::strptime() (now eShims::strptime()). The library
       used was public domain, not CC BY-NC-SA 2.0 FR by Lionel Sauron.
- MOD: Removed STRPTIME_COMPAT constant now that eShims::strptime() exists
- MOD: Removed support for calling e_date::strptime() with:
       - a localized full month name
       - a localized abbreviated month name
       - AM or PM
       - am or pm
       because these features were only implemented in Windows mode (STRPTIME_COMPAT).
- MOD: php_compatibility_handler.php now defines global strptime() using the
       eShims::strptime() implementation
- NEW: Test all(?) the possibilities of eShims::strptime()
2020-01-22 09:07:27 +01:00
Nick Liu
f93ab61372
Moved readfile() shim to its own trait 2020-01-22 00:40:26 +01:00