mirror/php-typemill
1
0
Fork 0
mirror of https://github.com/typemill/typemill.git synced 2025-08-05 13:47:37 +02:00
Code Issues Releases Wiki Activity

Merge branch 'master' into develop

Browse Source
This commit is contained in:
trendschau
2020-07-11 20:30:41 +02:00
parent 2965a068d8 8df40a1902
commit c3141ef214
11 changed files with 81 additions and 70 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
composer.lock generated
View File

@@ -686,16 +686,16 @@
},
{
"name": "symfony/polyfill-ctype",
"version": "v1.17.0",
"version": "v1.17.1",
"source": {
"type": "git",
"url": "https://github.com/symfony/polyfill-ctype.git",
"reference": "e94c8b1bbe2bc77507a1056cdb06451c75b427f9"
"reference": "2edd75b8b35d62fd3eeabba73b26b8f1f60ce13d"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/polyfill-ctype/zipball/e94c8b1bbe2bc77507a1056cdb06451c75b427f9",
"reference": "e94c8b1bbe2bc77507a1056cdb06451c75b427f9",
"url": "https://api.github.com/repos/symfony/polyfill-ctype/zipball/2edd75b8b35d62fd3eeabba73b26b8f1f60ce13d",
"reference": "2edd75b8b35d62fd3eeabba73b26b8f1f60ce13d",
"shasum": ""
},
"require": {
@@ -708,6 +708,10 @@
"extra": {
"branch-alias": {
"dev-master": "1.17-dev"
},
"thanks": {
"name": "symfony/polyfill",
"url": "https://github.com/symfony/polyfill"
}
},
"autoload": {
@@ -740,7 +744,7 @@
"polyfill",
"portable"
],
"time": "2020-05-12T16:14:59+00:00"
"time": "2020-06-06T08:46:27+00:00"
},
{
"name": "symfony/yaml",

24
system/Controllers/ArticleApiController.php
View File

@@ -22,7 +22,7 @@ class ArticleApiController extends ContentController
{
# get params from call
$this->params = $request->getParams();
$this->uri = $request->getUri();
$this->uri = $request->getUri()->withUserInfo('');
# validate input only if raw mode
if($this->params['raw'])
@@ -98,7 +98,7 @@ class ArticleApiController extends ContentController
{
# get params from call
$this->params = $request->getParams();
$this->uri = $request->getUri();
$this->uri = $request->getUri()->withUserInfo('');
# set structure
if(!$this->setStructure($draft = true)){ return $response->withJson($this->errors, 404); }
@@ -176,7 +176,7 @@ class ArticleApiController extends ContentController
{
# get params from call
$this->params = $request->getParams();
$this->uri = $request->getUri();
$this->uri = $request->getUri()->withUserInfo('');
# set structure
if(!$this->setStructure($draft = true)){ return $response->withJson($this->errors, 404); }
@@ -215,7 +215,7 @@ class ArticleApiController extends ContentController
{
# get params from call
$this->params = $request->getParams();
$this->uri = $request->getUri();
$this->uri = $request->getUri()->withUserInfo('');
# set url to base path initially
$url = $this->uri->getBaseUrl() . '/tm/content/' . $this->settings['editor'];
@@ -274,7 +274,7 @@ class ArticleApiController extends ContentController
{
# get params from call
$this->params = $request->getParams();
$this->uri = $request->getUri();
$this->uri = $request->getUri()->withUserInfo('');
# validate input
if(!$this->validateEditorInput()){ return $response->withJson($this->errors,422); }
@@ -318,7 +318,7 @@ class ArticleApiController extends ContentController
{
# get params from call
$this->params = $request->getParams();
$this->uri = $request->getUri();
$this->uri = $request->getUri()->withUserInfo('');
# url is only needed, if an active page is moved to another folder, so user has to be redirected to the new url
$url = false;
@@ -425,7 +425,7 @@ class ArticleApiController extends ContentController
{
# get params from call
$this->params = $request->getParams();
$this->uri = $request->getUri();
$this->uri = $request->getUri()->withUserInfo('');
# url is only needed, if an active page is moved
$url = false;
@@ -492,7 +492,7 @@ class ArticleApiController extends ContentController
{
# get params from call
$this->params = $request->getParams();
$this->uri = $request->getUri();
$this->uri = $request->getUri()->withUserInfo('');
# url is only needed, if an active page is moved
$url = false;
@@ -607,7 +607,7 @@ class ArticleApiController extends ContentController
{
# get params from call
$this->params = $request->getParams();
$this->uri = $request->getUri();
$this->uri = $request->getUri()->withUserInfo('');
# url is only needed, if an active page is moved
$url = false;
@@ -708,7 +708,7 @@ class ArticleApiController extends ContentController
{
# get params from call
$this->params = $request->getParams();
$this->uri = $request->getUri();
$this->uri = $request->getUri()->withUserInfo('');
# set structure
if(!$this->setStructure($draft = true, $cache = false)){ return $response->withJson(array('data' => false, 'errors' => $this->errors, 'url' => $url), 404); }
@@ -729,7 +729,7 @@ class ArticleApiController extends ContentController
{
/* get params from call */
$this->params = $request->getParams();
$this->uri = $request->getUri();
$this->uri = $request->getUri()->withUserInfo('');
# set structure
if(!$this->setStructure($draft = true)){ return $response->withJson(array('data' => false, 'errors' => $this->errors), 404); }
@@ -776,7 +776,7 @@ class ArticleApiController extends ContentController
{
/* get params from call */
$this->params = $request->getParams();
$this->uri = $request->getUri();
$this->uri = $request->getUri()->withUserInfo('');
# set structure
if(!$this->setStructure($draft = true)){ return $response->withJson(array('data' => false, 'errors' => $this->errors), 404); }

26
system/Controllers/BlockApiController.php
View File

@@ -19,7 +19,7 @@ class BlockApiController extends ContentController
{
/* get params from call */
$this->params = $request->getParams();
$this->uri = $request->getUri();
$this->uri = $request->getUri()->withUserInfo('');
/* validate input */
if(!$this->validateBlockInput()){ return $response->withJson($this->errors,422); }
@@ -199,7 +199,7 @@ class BlockApiController extends ContentController
{
/* get params from call */
$this->params = $request->getParams();
$this->uri = $request->getUri();
$this->uri = $request->getUri()->withUserInfo('');
/* validate input */
if(!$this->validateBlockInput()){ return $response->withJson($this->errors,422); }
@@ -338,7 +338,7 @@ class BlockApiController extends ContentController
{
# get params from call
$this->params = $request->getParams();
$this->uri = $request->getUri();
$this->uri = $request->getUri()->withUserInfo('');
# validate input
# if(!$this->validateBlockInput()){ return $response->withJson($this->errors,422); }
@@ -430,7 +430,7 @@ class BlockApiController extends ContentController
{
/* get params from call */
$this->params = $request->getParams();
$this->uri = $request->getUri();
$this->uri = $request->getUri()->withUserInfo('');
$errors = false;
# set structure
@@ -514,7 +514,7 @@ class BlockApiController extends ContentController
{
# get params from call
$this->params = $request->getParams();
$this->uri = $request->getUri();
$this->uri = $request->getUri()->withUserInfo('');
$imageProcessor = new ProcessImage($this->settings['images']);
if(!$imageProcessor->checkFolders('images'))
@@ -531,7 +531,7 @@ class BlockApiController extends ContentController
{
# get params from call
$this->params = $request->getParams();
$this->uri = $request->getUri();
$this->uri = $request->getUri()->withUserInfo('');
$fileProcessor = new ProcessFile();
if(!$fileProcessor->checkFolders())
@@ -548,7 +548,7 @@ class BlockApiController extends ContentController
{
# get params from call
$this->params = $request->getParams();
$this->uri = $request->getUri();
$this->uri = $request->getUri()->withUserInfo('');
$this->setStructure($draft = true, $cache = false);
@@ -573,7 +573,7 @@ class BlockApiController extends ContentController
{
# get params from call
$this->params = $request->getParams();
$this->uri = $request->getUri();
$this->uri = $request->getUri()->withUserInfo('');
$this->setStructure($draft = true, $cache = false);
@@ -597,7 +597,7 @@ class BlockApiController extends ContentController
{
# get params from call
$this->params = $request->getParams();
$this->uri = $request->getUri();
$this->uri = $request->getUri()->withUserInfo('');
# do this shit in the model ...
$imagename = explode('.', $this->params['name']);
@@ -623,7 +623,7 @@ class BlockApiController extends ContentController
{
# get params from call
$this->params = $request->getParams();
$this->uri = $request->getUri();
$this->uri = $request->getUri()->withUserInfo('');
$finfo = finfo_open( FILEINFO_MIME_TYPE );
$mtype = finfo_file( $finfo, $this->params['file'] );
@@ -688,7 +688,7 @@ class BlockApiController extends ContentController
{
# get params from call
$this->params = $request->getParams();
$this->uri = $request->getUri();
$this->uri = $request->getUri()->withUserInfo('');
if(!isset($this->params['name']))
{
@@ -710,7 +710,7 @@ class BlockApiController extends ContentController
{
# get params from call
$this->params = $request->getParams();
$this->uri = $request->getUri();
$this->uri = $request->getUri()->withUserInfo('');
if(!isset($this->params['name']))
{
@@ -732,7 +732,7 @@ class BlockApiController extends ContentController
{
/* get params from call */
$this->params = $request->getParams();
$this->uri = $request->getUri();
$this->uri = $request->getUri()->withUserInfo('');
$class = false;
$imageUrl = $this->params['markdown'];

4
system/Controllers/ContentBackendController.php
View File

@@ -21,7 +21,7 @@ class ContentBackendController extends ContentController
public function showContent(Request $request, Response $response, $args)
{
# get params from call
$this->uri = $request->getUri();
$this->uri = $request->getUri()->withUserInfo('');
$this->params = isset($args['params']) ? ['url' => $this->uri->getBasePath() . '/' . $args['params']] : ['url' => $this->uri->getBasePath()];
# set structure
@@ -89,7 +89,7 @@ class ContentBackendController extends ContentController
public function showBlox(Request $request, Response $response, $args)
{
# get params from call
$this->uri = $request->getUri();
$this->uri = $request->getUri()->withUserInfo('');
$this->params = isset($args['params']) ? ['url' => $this->uri->getBasePath() . '/' . $args['params']] : ['url' => $this->uri->getBasePath()];
# set structure

18
system/Controllers/MediaApiController.php
View File

@@ -15,7 +15,7 @@ class MediaApiController extends ContentController
{
# get params from call
$this->params = $request->getParams();
$this->uri = $request->getUri();
$this->uri = $request->getUri()->withUserInfo('');
$imageProcessor = new ProcessImage($this->settings['images']);
if(!$imageProcessor->checkFolders('images'))
@@ -32,7 +32,7 @@ class MediaApiController extends ContentController
{
# get params from call
$this->params = $request->getParams();
$this->uri = $request->getUri();
$this->uri = $request->getUri()->withUserInfo('');
$fileProcessor = new ProcessFile();
if(!$fileProcessor->checkFolders())
@@ -49,7 +49,7 @@ class MediaApiController extends ContentController
{
# get params from call
$this->params = $request->getParams();
$this->uri = $request->getUri();
$this->uri = $request->getUri()->withUserInfo('');
$this->setStructure($draft = true, $cache = false);
@@ -73,7 +73,7 @@ class MediaApiController extends ContentController
{
# get params from call
$this->params = $request->getParams();
$this->uri = $request->getUri();
$this->uri = $request->getUri()->withUserInfo('');
$this->setStructure($draft = true, $cache = false);
@@ -97,7 +97,7 @@ class MediaApiController extends ContentController
{
# get params from call
$this->params = $request->getParams();
$this->uri = $request->getUri();
$this->uri = $request->getUri()->withUserInfo('');
$imageProcessor = new ProcessImage($this->settings['images']);
@@ -123,7 +123,7 @@ class MediaApiController extends ContentController
{
# get params from call
$this->params = $request->getParams();
$this->uri = $request->getUri();
$this->uri = $request->getUri()->withUserInfo('');
# make sure only allowed filetypes are uploaded
$finfo = finfo_open( FILEINFO_MIME_TYPE );
@@ -205,7 +205,7 @@ class MediaApiController extends ContentController
{
# get params from call
$this->params = $request->getParams();
$this->uri = $request->getUri();
$this->uri = $request->getUri()->withUserInfo('');
if(!isset($this->params['name']))
{
@@ -230,7 +230,7 @@ class MediaApiController extends ContentController
{
# get params from call
$this->params = $request->getParams();
$this->uri = $request->getUri();
$this->uri = $request->getUri()->withUserInfo('');
if(!isset($this->params['name']))
{
@@ -251,7 +251,7 @@ class MediaApiController extends ContentController
{
/* get params from call */
$this->params = $request->getParams();
$this->uri = $request->getUri();
$this->uri = $request->getUri()->withUserInfo('');
$class = false;
$imageUrl = $this->params['markdown'];

4
system/Controllers/MetaApiController.php
View File

@@ -67,7 +67,7 @@ class MetaApiController extends ContentController
{
/* get params from call */
$this->params = $request->getParams();
$this->uri = $request->getUri();
$this->uri = $request->getUri()->withUserInfo('');
# set structure
if(!$this->setStructure($draft = true)){ return $response->withJson($this->errors, 404); }
@@ -132,7 +132,7 @@ class MetaApiController extends ContentController
{
# get params from call
$this->params = $request->getParams();
$this->uri = $request->getUri();
$this->uri = $request->getUri()->withUserInfo('');
$tab = isset($this->params['tab']) ? $this->params['tab'] : false;
$metaInput = isset($this->params['data']) ? $this->params['data'] : false ;

2
system/Controllers/PageController.php
View File

@@ -33,7 +33,7 @@ class PageController extends Controller
$settings = $this->c->get('settings');
$pathToContent = $settings['rootPath'] . $settings['contentFolder'];
$cache = new WriteCache();
$uri = $request->getUri();
$uri = $request->getUri()->withUserInfo('');
$base_url = $uri->getBaseUrl();
$this->pathToContent = $pathToContent;

32
system/Controllers/SettingsController.php
View File

@@ -35,15 +35,16 @@ class SettingsController extends Controller
if($request->isPost())
{
$referer = $request->getHeader('HTTP_REFERER');
$uri = $request->getUri();
$uri = $request->getUri()->withUserInfo('');
$base_url = $uri->getBaseUrl();
# security, users should not be able to fake post with settings from other typemill pages.
/* security, users should not be able to fake post with settings from other typemill pages.
if(!isset($referer[0]) OR $referer[0] !== $base_url . '/tm/settings' )
{
$this->c->flash->addMessage('error', 'illegal referer');
return $response->withRedirect($this->c->router->pathFor('settings.show'));
}
*/
$settings = \Typemill\Settings::getUserSettings();
$defaultSettings = \Typemill\Settings::getDefaultSettings();
@@ -316,15 +317,16 @@ class SettingsController extends Controller
if($request->isPost())
{
$referer = $request->getHeader('HTTP_REFERER');
$uri = $request->getUri();
$uri = $request->getUri()->withUserInfo('');
$base_url = $uri->getBaseUrl();
# users should not be able to fake post with settings from other typemill pages.
/* users should not be able to fake post with settings from other typemill pages.
if(!isset($referer[0]) OR $referer[0] !== $base_url . '/tm/themes' )
{
$this->c->flash->addMessage('error', 'illegal referer');
return $response->withRedirect($this->c->router->pathFor('themes.show'));
}
*/
$userSettings = \Typemill\Settings::getUserSettings();
$params = $request->getParams();
@@ -413,16 +415,17 @@ class SettingsController extends Controller
if($request->isPost())
{
$referer = $request->getHeader('HTTP_REFERER');
$uri = $request->getUri();
$uri = $request->getUri()->withUserInfo('');
$base_url = $uri->getBaseUrl();
# security, users should not be able to fake post with settings from other typemill pages.
/* security, users should not be able to fake post with settings from other typemill pages.
if(!isset($referer[0]) OR $referer[0] !== $base_url . '/tm/plugins' )
{
$this->c->flash->addMessage('error', 'illegal referer');
return $response->withRedirect($this->c->router->pathFor('plugins.show'));
}
*/
$userSettings = \Typemill\Settings::getUserSettings();
$pluginSettings = array();
$userInput = $request->getParams();
@@ -651,15 +654,16 @@ class SettingsController extends Controller
if($request->isPost())
{
$referer = $request->getHeader('HTTP_REFERER');
$uri = $request->getUri();
$uri = $request->getUri()->withUserInfo('');
$base_url = $uri->getBaseUrl();
# security, users should not be able to fake post with settings from other typemill pages.
/* security, users should not be able to fake post with settings from other typemill pages.
if(!isset($referer[0]) OR $referer[0] !== $base_url . '/tm/user/new' )
{
$this->c->flash->addMessage('error', 'illegal referer');
return $response->withRedirect($this->c->router->pathFor('user.new'));
}
*/
$params = $request->getParams();
$user = new User();
@@ -686,15 +690,16 @@ class SettingsController extends Controller
if($request->isPost())
{
$referer = $request->getHeader('HTTP_REFERER');
$uri = $request->getUri();
$uri = $request->getUri()->withUserInfo('');
$base_url = $uri->getBaseUrl();
# security, users should not be able to fake post with settings from other typemill pages.
/* security, users should not be able to fake post with settings from other typemill pages.
if(!isset($referer[0]) OR strpos($referer[0], $base_url . '/tm/user/') === false )
{
$this->c->flash->addMessage('error', 'illegal referer');
return $response->withRedirect($this->c->router->pathFor('user.list'));
}
*/
$params = $request->getParams();
$user = new User();
@@ -743,15 +748,16 @@ class SettingsController extends Controller
if($request->isPost())
{
$referer = $request->getHeader('HTTP_REFERER');
$uri = $request->getUri();
$uri = $request->getUri()->withUserInfo('');
$base_url = $uri->getBaseUrl();
# security, users should not be able to fake post with settings from other typemill pages.
/* security, users should not be able to fake post with settings from other typemill pages.
if(!isset($referer[0]) OR strpos($referer[0], $base_url . '/tm/user/') === false )
{
$this->c->flash->addMessage('error', 'illegal referer');
return $response->withRedirect($this->c->router->pathFor('user.list'));
}
*/
$params = $request->getParams();
$validate = new Validation();

2
system/Plugin.php
View File

@@ -63,7 +63,7 @@ abstract class Plugin implements EventSubscriberInterface
protected function getRoute()
{
return $this->container['request']->getUri();
return $this->container['request']->getUri()->withUserInfo('');
}
protected function getPath()

2
system/Settings.php
View File

@@ -78,7 +78,7 @@ class Settings
'contentFolder' => 'content',
'cache' => true,
'cachePath' => $rootPath . 'cache',
'version' => '1.3.7.1',
'version' => '1.3.7.2',
'setup' => true,
'welcome' => true,
'images' => ['live' => ['width' => 820], 'thumbs' => ['width' => 250, 'height' => 150]],

23
system/system.php
View File

@@ -118,14 +118,16 @@ $container['dispatcher'] = function($container) use ($dispatcher)
return $dispatcher;
};
# delete username and password from uri
$uri = $container['request']->getUri()->withUserInfo('');
/********************************
* ADD ASSET-FUNCTION FOR TWIG *
********************************/
$container['assets'] = function($c)
$container['assets'] = function($c) use ($uri)
{
return new \Typemill\Assets($c['request']->getUri()->getBaseUrl());
return new \Typemill\Assets($uri->getBaseUrl());
};
/************************
@@ -138,7 +140,7 @@ $session_segments = array('setup', 'tm/', 'api/', '/setup', '/tm/', '/api/');
$client_segments = $dispatcher->dispatch('onSessionSegmentsLoaded', new OnSessionSegmentsLoaded([]))->getData();
$session_segments = array_merge($session_segments, $client_segments);
$path = $container['request']->getUri()->getPath();
$path = $uri->getPath();
$container['flash'] = false;
$container['csrf'] = false;
@@ -149,7 +151,7 @@ foreach($session_segments as $segment)
// configure session
ini_set('session.cookie_httponly', 1 );
ini_set('session.use_strict_mode', 1);
if($container['request']->getUri()->getScheme() == 'https')
if($uri->getScheme() == 'https')
{
ini_set('session.cookie_secure', 1);
session_name('__Secure-typemill-session');
@@ -183,7 +185,7 @@ foreach($session_segments as $segment)
* LOAD TWIG VIEW *
************************/
$container['view'] = function ($container)
$container['view'] = function ($container) use ($uri)
{
$path = array($container->get('settings')['themePath'], $container->get('settings')['authorPath']);
@@ -194,18 +196,18 @@ $container['view'] = function ($container)
]);
// Instantiate and add Slim specific extension
$basePath = rtrim(str_ireplace('index.php', '', $container['request']->getUri()->getBasePath()), '/');
$basePath = rtrim(str_ireplace('index.php', '', $uri->getBasePath()), '/');
$view->addExtension(new Slim\Views\TwigExtension($container['router'], $basePath));
$view->addExtension(new Twig_Extension_Debug());
$view->addExtension(new Typemill\Extensions\TwigUserExtension());
$view->addExtension(new Typemill\Extensions\TwigMarkdownExtension());
$view->addExtension(new Typemill\Extensions\TwigMetaExtension());
$view->addExtension(new Typemill\Extensions\TwigPagelistExtension());
/* use {{ base_url() }} in twig templates */
$view['base_url'] = $container['request']->getUri()->getBaseUrl();
$view['current_url'] = $container['request']->getUri()->getPath();
# use {{ base_url() }} in twig templates
$view['base_url'] = $uri->getBaseUrl();
$view['current_url'] = $uri->getPath();
/* if session route, add flash messages and csrf-protection */
if($container['flash'])
{
@@ -216,7 +218,6 @@ $container['view'] = function ($container)
/* add asset-function to all views */
$view->getEnvironment()->addGlobal('assets', $container->assets);
/******************************
* LOAD TRANSLATIONS *
******************************/