1
0
mirror of https://github.com/phpbb/phpbb.git synced 2025-10-25 13:46:50 +02:00
Commit Graph

21 Commits

Author SHA1 Message Date
Marc Alexander
e7be47c93d Merge branch 'ticket/security/210' into ticket/security/210-rhea 2017-07-10 21:18:45 +02:00
Marc Alexander
fa631947f1 [ticket/security/210] Adjust regex and add tests for IPv6
SECURITY-210
2017-07-10 21:17:52 +02:00
Marc Alexander
3fc3f55d34 Merge branch 'ticket/security/210' into ticket/security/210-rhea 2017-07-09 16:24:49 +02:00
Marc Alexander
a281d526dc [ticket/security/210] Prevent using IP addresses or ports for remote avatar
SECURITY-210
2017-07-09 15:38:18 +02:00
Marc Alexander
44303aa425 Merge branch '3.1.x' into 3.2.x 2016-07-17 10:46:51 +02:00
Jakub Senko
9ca3cd519a [ticket/14615] Fix HTML5 validation errors on avatar deletion
PHPBB3-14615
2016-05-16 22:21:31 +02:00
Marc Alexander
1af6f052d8 [ticket/13904] Load upload class using factory
PHPBB3-13904
2015-09-09 08:27:37 +02:00
Marc Alexander
39d6180c68 [ticket/8672] Use fastImageSize in classes
PHPBB3-8672
2015-04-24 13:33:14 +02:00
Marc Alexander
2fa99602c6 [ticket/8672] Add class for retrieving imagesize without download
getimagesize() always downloads the complete file before checking
the actual image dimensions. This class will be able to do the same
without having to download possibly large files.

PHPBB3-8672
2015-04-24 13:31:36 +02:00
Nils Adermann
4e4c3de103 [ticket/13227] Properly handle curlwrapper headers in remote avatars
Read a bit of the file to ensure header values are populated and then
handle headers in the nested array structure too.

PHPBB3-13227
2014-10-27 16:49:30 -07:00
Marc Alexander
e0c2013bb9 [ticket/12822] Add method for deleting avatars and use confirm_box
The method will take care of the actual deletion process in the avatar manager.
Additionally, we'll be using a confirm box while deleting the avatar to prevent
users from accidentally deleting their avatars.

PHPBB3-12822
2014-08-07 17:29:33 +02:00
Tristan Darricau
569ebd1592 [ticket/12715] Cleanup comments in \phpbb\avatar\driver\*
PHPBB3-12715
2014-06-15 16:39:30 +02:00
Yuriy Rusko
a759704b39 [ticket/12594] Remove @package tags and update file headers
PHPBB3-12594
2014-05-27 20:51:13 +02:00
Marc Alexander
6618f0ea24 [ticket/11859] Make avatar drivers return template filename
The service name might not follow the expected naming scheme which would
cause abnormally long filenames and confusion for authors that might add
more avatar drivers.

PHPBB3-11859
2013-11-27 15:18:42 +01:00
Nathan Guse
cc54e6a9e5 Merge pull request #1819 from marc1706/ticket/11534
[ticket/11534] Check remote avatar content type if possible
2013-11-04 10:22:28 -08:00
Andreas Fischer
7aa8f6461f [task/code-sniffer] Remove the IN_PHPBB check side-effect from class files.
PHPBB3-11980
2013-10-30 13:05:28 +01:00
Marc Alexander
9b0b5481fe [ticket/11534] Check remote avatar content type if possible
This should make sure that error pages like 404 or 503 pages are not treated
as remote avatar images.

PHPBB3-11534
2013-10-24 23:43:40 +02:00
Nils Adermann
21bbb58503 Merge remote-tracking branch 'github-phpbb/develop' into ticket/11700
* github-phpbb/develop: (586 commits)
  [ticket/11735] Display disabled checkbox in subsilver for read notifications
  [ticket/11735] Display disabled checkbox when notification is already read
  [ticket/11844] update acp/authentication language var
  [ticket/11795] Remove PM popup
  [ticket/11795] Remove outdated comment from forum_fn.js
  [ticket/11795] Move find user JS to forum_fn
  [ticket/11795] Replace TWIG with phpBB syntax in ACP
  [ticket/11795] Move MSN scripts to forum_fn.js
  [ticket/11795] Use phpBB template syntax instead of TWIG
  [ticket/11795] Move PM popup JS to forum_fn.js
  [ticket/11795] Get rid of pagination JS variables
  [ticket/11795] Get rid of onload_functions
  [ticket/11795] Use data-reset-on-edit attr to reset elements
  [ticket/11795] Redo form elements auto-focus
  [ticket/11811] Remove outline on :focus
  [ticket/11836] Fix subsilver fatal error
  [ticket/11837] Replace escaped single quote with utf-8 single quote
  [ticket/11836] Fix fatal error on unsupported provider for auth link
  [ticket/11837] Translate UCP_AUTH_LINK_NOT_SUPPORTED
  [ticket/11809] Ensure code.js is first script included after jQuery
  ...

Conflicts:
	phpBB/config/services.yml
	phpBB/develop/create_schema_files.php
	phpBB/develop/mysql_upgrader.php
	phpBB/download/file.php
	phpBB/includes/bbcode.php
	phpBB/includes/functions_container.php
	phpBB/install/database_update.php
	phpBB/install/index.php
	phpBB/phpbb/controller/helper.php
	phpBB/phpbb/controller/resolver.php
	phpBB/phpbb/request/request_interface.php
	phpBB/phpbb/session.php
	phpBB/phpbb/style/extension_path_provider.php
	phpBB/phpbb/style/path_provider.php
	phpBB/phpbb/style/path_provider_interface.php
	phpBB/phpbb/style/resource_locator.php
	phpBB/phpbb/style/style.php
	phpBB/phpbb/template/locator.php
	phpBB/phpbb/template/template.php
	phpBB/phpbb/template/twig/node/includeasset.php
	phpBB/phpbb/template/twig/node/includecss.php
	phpBB/phpbb/template/twig/node/includejs.php
	phpBB/phpbb/template/twig/twig.php
	tests/controller/helper_url_test.php
	tests/di/create_container_test.php
	tests/extension/style_path_provider_test.php
	tests/notification/notification_test.php
	tests/session/continue_test.php
	tests/session/creation_test.php
	tests/template/template_events_test.php
	tests/template/template_test_case.php
	tests/template/template_test_case_with_tree.php
	tests/test_framework/phpbb_functional_test_case.php
2013-09-16 01:24:05 +02:00
Nils Adermann
b95fdacdd3 [ticket/11700] Move all recent code to namespaces
PHPBB3-11700
2013-09-16 00:25:27 +02:00
Marc Alexander
a0e5f83311 [ticket/11706] Use @ to suppress errors for getimagesize in remote avatar
PHPBB3-11706
2013-07-14 15:13:09 -04:00
Nils Adermann
7030578bbe [ticket/11698] Moving all autoloadable files to phpbb/
PHPBB3-11698
2013-07-14 01:32:34 -04:00