mirror/php-flarum
1
0
Fork 0
mirror of https://github.com/flarum/core.git synced 2025-08-28 10:30:54 +02:00
Code Issues Releases Wiki Activity
8,592 Commits 89 Branches 54 Tags
fe5d5438642b35cc8d78366eeebf18aab6ba70c7
Commit Graph

8592 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Franz Liedke
aa43d1475e Implement middleware for CSRF token verification 
This fixes a rather large oversight in Flarum's codebase, which was that
we had no explicit CSRF protection using the traditional token approach.

The JS frontend was actually sending these tokens, but the backend did
not require them.
 2019-06-13 00:13:58 +02:00
Franz Liedke
69fdd82ffc Add tests for CSRF token check 2019-06-13 00:13:57 +02:00
Franz Liedke
53cc505037 Integration tests: Configure vendor path 
Now that this is possible, make the easy change...
 2019-06-13 00:13:57 +02:00
Franz Liedke
a7259bbd5f Integration tests: Memoize request handler as well 
This is useful to send HTTP requests (or their PSR-7 equivalents)
through the entire application's middleware stack (instead of
talking to specific controllers, which should be considered
implementation detail).
 2019-06-13 00:13:57 +02:00
Franz Liedke
5632ffb62b Integration tests: Fix test setup 2019-06-13 00:13:38 +02:00
Franz Liedke
3f2d1ffd02 Fix syntax error 2019-06-13 00:11:57 +02:00
Franz Liedke
ae409751c1 Apply fixes from StyleCI (#1793) 
[ci skip] [skip ci]
 2019-06-12 23:50:21 +02:00
Franz Liedke
a5b70d5175 Introduce a vendor path 
This lets us or anyone modify the path from where dependencies (usually
installed into /vendor by Composer) are loaded. We need to be able to
tweak this in our integration tests, where the application code under
test needs access to certain dependencies.
 2019-06-12 23:48:22 +02:00
Franz Liedke
ab731f090f Inject app, not container, to avoid global helpers 2019-06-12 23:48:22 +02:00
Daniël Klabbers
20207e1294 Update CHANGELOG.md 
added fix for js compiler tmp path fix to changelog
 2019-06-12 17:18:21 +02:00
Daniël Klabbers
e8beafa1d4 Merge branch 'master' of github.com:flarum/core 2019-06-12 16:47:15 +02:00
Daniël Klabbers
23f2082f07 fixed issue with the Js compiler being unable to use the system tmp directory, using the one in storage is much safer across different operating systems 2019-06-12 16:46:53 +02:00
Daniël Klabbers
8c3065680a Update CHANGELOG.md 
fixed missing link markdown
 2019-06-12 00:43:57 +02:00
Daniël Klabbers
6b3e2c6205 Update CHANGELOG.md 
added missing changelog item for #1738
 2019-06-12 00:43:09 +02:00
Daniël Klabbers
b939539149 Update CHANGELOG.md 
referenced incorrect (parent) commit in changelog
 2019-06-12 00:38:54 +02:00
Daniël Klabbers
c65b3e5cec patched constraint for components/font-awesome, fixes #1790 2019-06-11 20:22:35 +02:00
Annim Banerjee
4c731ac621 Updated names to match components in fontawsome (#1791) 
fa-* named components are not present, hence updated to matching names.
 2019-06-11 20:17:59 +02:00
Franz Liedke
77025c7bfd Load LESS variables via path traversal 
Since these files are part of the same package, there is no need
to assume a Composer context to load these from. Instead, we can
just load them via the path relative to the current PHP file.

This assumption may break in certain environments, and it is
already broken when running (integration) tests.
 2019-06-09 00:19:06 +02:00
Franz Liedke
836351f0cc This method should be private 2019-06-09 00:19:05 +02:00
Franz Liedke
2637e83490 Do not rely on extensions_enabled being present 
This mostly simplifies setup in complex integration tests.
 2019-06-09 00:19:05 +02:00
NomisCZ
812b1f5c1b Merge branch 'master' of https://github.com/flarum/tags 2019-06-04 20:50:59 +02:00
NomisCZ
11fae08b50 Add custom icon functionality 
Add database 'icon' column
Add admin modal icon field
Add icon render to TagHero, tagLabel
Change tagIcon helper functionality
 2019-06-04 20:49:16 +02:00
Daniël Klabbers
57463f4862 remove use of like which might cause unwanted side effects (#1787) 2019-06-03 12:04:17 +02:00
Thomas Lang
0536d10739 if a tag does not exist, we dont want the query to crash (#61) 
* if a tag does not exist, we dont want the query to crash

* incorrect solution
Revert "if a tag does not exist, we dont want the query to crash"

This reverts commit 6680e5a6e838ff9f53d338581d655671597b7bc5.

* repaired getIdForSlug function to return int or null

* changed where, removed isempty not needed
 2019-06-03 12:00:23 +02:00
flarum-bot
554e906c2b Bundled output for commit c65aa52726 [skip ci] 2019-06-03 09:48:09 +00:00
David Sevilla Martín
c65aa52726 Update code to work with latest html5sortable (#62) 
* Update code to work with latest html5sortable (0.9.16)

* Move forEach function callback to constant variable

* Extract inline function into method
 2019-06-03 11:46:48 +02:00
Franz Liedke
c740c7f593 Update changelog 2019-06-01 20:12:30 +02:00
flarum-bot
50eda14bf3 Bundled output for commit 046c3d0da8 [skip ci] 2019-06-01 18:10:13 +00:00
Franz Liedke
046c3d0da8 Update insecure jQuery version 
Thanks, GitHub security alerts!
 2019-06-01 20:03:07 +02:00
Franz Liedke
8a4d6f5179 Restore "originalUri" request attribute 
This is helpful when Flarum is installed in subfolders.

Fixes #778.
 2019-06-01 12:51:05 +02:00
Franz Liedke
7850fc3b52 Use the settings repository's default value 
Updates commit 860ac26841.
 2019-05-24 20:11:34 +02:00
Franz Liedke
eb4796ef69 Update changelog 2019-05-24 20:11:31 +02:00
Daniël Klabbers
ad43aaebbd Update SECURITY.md 
fixed typo
 2019-05-23 11:15:55 +02:00
Franz Liedke
59ec16cc5d Add a security policy 2019-05-23 11:10:53 +02:00
Toby Zerner
7e5b9b3d38 Merge pull request #140 from milescellar/patch-4 
Add ends_with validation message
 2019-05-12 19:48:18 +09:30
Toby Zerner
61587ba530 Merge pull request #141 from milescellar/patch-5 
Fix translation sorting
 2019-05-12 19:47:44 +09:30
Miles Cellar
ec652583b5 Fix translation sorting 
As reported by @Hiobi on the French language pack ([see commit](416cbd9da9)).
 2019-05-12 11:50:09 +02:00
Miles Cellar
b0bf8f9c0c Add ends_with validation message 
See: 93c6874189 (diff-9c04f727a922ad4f105b9ad764ec221d)
 2019-05-12 11:45:19 +02:00
Toby Zerner
4357ad3d54 Merge pull request #1779 from clarkwinkelmann/fix-userpage-card-dropdown 
Fix dropdown icon not showing in UserCard when on UserPage
 2019-05-02 19:21:39 +09:30
Toby Zerner
d10a9aa6f7 Merge pull request #1780 from clarkwinkelmann/remove-notification-id 
Remove notification id from serializer attributes
 2019-05-02 19:20:42 +09:30
Clark Winkelmann
89e8823404 Remove notification id from serializer attributes 2019-05-01 23:05:25 +02:00
Clark Winkelmann
f843764365 Fix dropdown icon not showing in UserCard when on UserPage 
The rule hiding the icon in the UserHero was too broad and applied to UserCard in the list of posts as well
The float rule was redundant
 2019-05-01 22:54:13 +02:00
Clark Winkelmann
4ea1b80ac1 Remove post id from serializer attributes (#1775) 2019-04-19 21:37:14 +02:00
Daniël Klabbers
860ac26841 This small fix prevents that the forum frontend breaks whenever 
custom_less is NULL or unavailable in the database. We cannot rely
on this value to exist or is incorrectly set to null and thus
completely bricking the app.
 2019-04-12 14:10:20 +02:00
flarum-bot
9292606fa4 Bundled output for commit 02048cd075 [skip ci] 2019-04-11 07:26:29 +00:00
Daniël Klabbers
02048cd075 Merge pull request #7 from datitisev/initiate-if-reflect-present 
Add markdown bar if Reflect API is present
 2019-04-11 09:23:36 +02:00
David Sevilla Martín
3726307f16 Add custom-elements pollyfill & markdown bar if Reflect API is present 
Ref #1702
 2019-04-10 18:13:09 -04:00
lubo
8ec05c4905 bugfix when posts is not needed when showing discussion (#17) 
When accessing /api/discussion/[id]?include=user, NOTICE occurs
 2019-03-25 11:04:30 +01:00
Toby Zerner
bbc2deeca2 Update changelog 2019-03-24 12:26:02 +10:30
Toby Zerner
a917dbc652 Fix is:unread gambit 2019-03-24 12:24:44 +10:30