From 380583a92cdc07aec149a08092019e63c803c349 Mon Sep 17 00:00:00 2001 From: Ryan Cramer Date: Fri, 24 Jul 2020 14:44:39 -0400 Subject: [PATCH] Various minor updates --- install.php | 37 +++++++++++++++---- wire/core/Page.php | 9 +++-- wire/core/Sanitizer.php | 2 +- .../InputfieldRepeater.module | 2 +- .../LanguageSupport/LanguageSupport.module | 7 +++- 5 files changed, 43 insertions(+), 14 deletions(-) diff --git a/install.php b/install.php index 00d8f762..d476d410 100644 --- a/install.php +++ b/install.php @@ -786,11 +786,22 @@ class Installer { */ protected function dbSaveConfigFile(array $values) { - if(self::TEST_MODE) return true; + if(self::TEST_MODE) return true; + + $file = __FILE__; + $time = time(); + $host = empty($values['httpHosts']) ? '' : implode(',', $values['httpHosts']); - $salt = md5(mt_rand() . microtime(true)); - - $cfg = "\n/**" . + if(function_exists('random_bytes')) { + $authSalt = sha1(random_bytes(random_int(40, 128))); + $tableSalt = sha1(random_int(0, 65535) . "$host$file$time"); + } else { + $authSalt = md5(mt_rand() . microtime(true)); + $tableSalt = md5(mt_rand() . "$host$file$time"); + } + + $cfg = + "\n/**" . "\n * Installer: Database Configuration" . "\n * " . "\n */" . @@ -807,11 +818,23 @@ class Installer { "\n" . "\n/**" . "\n * Installer: User Authentication Salt " . - "\n * " . - "\n * Must be retained if you migrate your site from one server to another" . + "\n * " . + "\n * This value was randomly generated for your system on " . date('Y/m/d') . "." . + "\n * This should be kept as private as a password and never stored in the database." . + "\n * Must be retained if you migrate your site from one server to another." . + "\n * Do not change this value, or user passwords will no longer work." . "\n * " . "\n */" . - "\n\$config->userAuthSalt = '$salt'; " . + "\n\$config->userAuthSalt = '$authSalt'; " . + "\n" . + "\n * Installer: Table Salt (General Purpose) " . + "\n * " . + "\n * Use this rather than userAuthSalt when a hashing salt is needed for non user " . + "\n * authentication purposes. Like with userAuthSalt, you should never change " . + "\n * this value or it may break internal system comparisons that use it. " . + "\n * " . + "\n */" . + "\n\$config->tableSalt = '$tableSalt'; " . "\n" . "\n/**" . "\n * Installer: File Permission Configuration" . diff --git a/wire/core/Page.php b/wire/core/Page.php index d1012635..79719e27 100644 --- a/wire/core/Page.php +++ b/wire/core/Page.php @@ -1753,7 +1753,8 @@ class Page extends WireData implements \Countable, WireMatchable { /** * Same as getMarkup() except returned value is plain text * - * Returned value is entity encoded, unless $entities argument is false. + * If no `$entities` argument is provided, returned value is entity encoded when output formatting + * is on, and not entity encoded when output formatting is off. * * #pw-advanced * @@ -1769,12 +1770,12 @@ class Page extends WireData implements \Countable, WireMatchable { $length = strlen($value); if(!$length) return ''; $options = array( - 'entities' => (is_null($entities) ? $this->outputFormatting() : (bool) $entities) + 'entities' => ($entities === null ? $this->outputFormatting() : (bool) $entities) ); if($oneLine) { - $value = $this->wire('sanitizer')->markupToLine($value, $options); + $value = $this->wire()->sanitizer->markupToLine($value, $options); } else { - $value = $this->wire('sanitizer')->markupToText($value, $options); + $value = $this->wire()->sanitizer->markupToText($value, $options); } // if stripping tags from non-empty value made it empty, just indicate that it was markup and length if(!strlen(trim($value))) $value = "markup($length)"; diff --git a/wire/core/Sanitizer.php b/wire/core/Sanitizer.php index 87690d27..ae64fcdd 100644 --- a/wire/core/Sanitizer.php +++ b/wire/core/Sanitizer.php @@ -1566,7 +1566,7 @@ class Sanitizer extends Wire { } // remove entities - $value = $this->wire('sanitizer')->unentities($value); + $value = $this->unentities($value); if(strpos($value, '<') !== false) { // tag replacements before strip_tags() diff --git a/wire/modules/Fieldtype/FieldtypeRepeater/InputfieldRepeater.module b/wire/modules/Fieldtype/FieldtypeRepeater/InputfieldRepeater.module index 9d0c381a..f8c1d0f3 100644 --- a/wire/modules/Fieldtype/FieldtypeRepeater/InputfieldRepeater.module +++ b/wire/modules/Fieldtype/FieldtypeRepeater/InputfieldRepeater.module @@ -389,8 +389,8 @@ class InputfieldRepeater extends Inputfield implements InputfieldItemList { $wrap = $this->wire('modules')->get('InputfieldFieldset'); $wrap->addClass('InputfieldRepeaterItem InputfieldNoFocus'); - $wrap->entityEncodeLabel = false; if(!$isPost) { + $wrap->entityEncodeLabel = false; $wrap->label = "" . $this->entityEncode($this->renderRepeaterLabel($label, ++$cnt, $page)) . diff --git a/wire/modules/LanguageSupport/LanguageSupport.module b/wire/modules/LanguageSupport/LanguageSupport.module index c27f2ec4..b086541a 100644 --- a/wire/modules/LanguageSupport/LanguageSupport.module +++ b/wire/modules/LanguageSupport/LanguageSupport.module @@ -314,7 +314,9 @@ class LanguageSupport extends WireData implements Module, ConfigurableModule { /** @var Inputfield $inputfield */ $inputfield = $event->object; - $user = $this->wire('user'); + if(!$inputfield->useLanguages) return; + + $user = $this->wire()->user; $userLanguage = $user->language; if(!$userLanguage) return; @@ -619,6 +621,9 @@ class LanguageSupport extends WireData implements Module, ConfigurableModule { } $inputfield->set('value' . $language->id, $languageValue); } + + // following this hookInputfieldBeforeRender() completes the process after + // Fieldgroup::getPageInputfields() which sets the value attribute of Inputfields } $event->return = $inputfield;