mirror_php/TCPDF
1
0
Fork 0
mirror of https://github.com/tecnickcom/TCPDF.git synced 2025-03-20 14:09:39 +01:00
Code Issues Projects Releases Wiki Activity
837 Commits 1 Branch 135 Tags
Commit Graph

837 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
nicolaasuni
14fd6779f3 Revert "temporary files never deleted (#263)" 
This reverts commit 7edddd21167870f65ff3f8eba772dfc165de461f.
 2021-03-27 09:00:42 +00:00
Dario B
7edddd2116
temporary files never deleted (#263) 
When creating PNG files, temporary file are not removed (search for __tcpdf_* in your temp directory). After this changes temp directory never has temporary files created by tcpdf

Co-authored-by: Nicola Asuni <nicolaasuni@users.noreply.github.com>
 2021-03-27 08:56:08 +00:00
Christoph Flathmann
b34328ae87
allow styles on <HR> tags (#250) 
* allow styles on <HR> tags

* filter lineStyles before adding

Co-authored-by: Nicola Asuni <nicolaasuni@users.noreply.github.com>
 2021-03-27 08:48:54 +00:00
Florian Mortgat
e17b28015d
Fix vulnerability to roman numeral bombs (#315) 
Co-authored-by: Nicola Asuni <nicolaasuni@users.noreply.github.com>
 2021-03-27 08:47:48 +00:00
Alexander Rakushin
f0e42daeae
Optimized regular expression (#268) 
Fix: Empty result for big reports with writeHTML()
 2021-03-27 08:45:34 +00:00
Teemu Koskinen
da030d11b7
Second parameter of TCPDF::cell() must be a number (#283) 
Co-authored-by: Nicola Asuni <nicolaasuni@users.noreply.github.com>
 2021-03-27 08:44:38 +00:00
Roy Van Ginneken
c29df4acb4
Make sure parser follows the correct scope and gets unset (#286) 
Co-authored-by: Nicola Asuni <nicolaasuni@users.noreply.github.com>
 2021-03-27 08:43:35 +00:00
Baptiste Pillot
f9046e0e2e
FIX SVGPath should accept 1.19.30 (equiv 1.19,.30) compacted values list (#297) 
Co-authored-by: Nicola Asuni <nicolaasuni@users.noreply.github.com>
 2021-03-27 08:42:23 +00:00
Nicola Asuni
f37a6610d6
Merge pull request #278 from brainfoolong/mb_encoding_change 
removed mb_internal_encoding as it is useless
 2021-03-27 08:41:34 +00:00
Nicola Asuni
60ed532e5d
Merge branch 'main' into mb_encoding_change 2021-03-27 08:41:26 +00:00
Nicola Asuni
843235b4d6
Merge pull request #288 from rvanginneken/fix-duplicate-file-retrieval 
Fix duplicate file retrieval
 2021-03-27 08:40:41 +00:00
Nicola Asuni
80decf0234
Merge branch 'main' into fix-duplicate-file-retrieval 2021-03-27 08:40:34 +00:00
Nicola Asuni
e0a7a053aa
Merge pull request #280 from Jakuje/rollback 
Remove file_id from the cloned object before destruction
 2021-03-27 08:39:18 +00:00
Nicola Asuni
26abef749a
Merge branch 'main' into rollback 2021-03-27 08:39:10 +00:00
Nicola Asuni
f930ac7cea
Merge pull request #319 from Ayesh/curl-hardening 
Curl Security: Limit protocols and redirects
 2021-03-27 08:36:19 +00:00
Nicola Asuni
76864e25f5
Merge branch 'main' into curl-hardening 2021-03-27 08:36:10 +00:00
Nicola Asuni
2a1241bfc5
Merge pull request #341 from dionisvl/main 
Fixed large count of notices
 2021-03-27 08:35:33 +00:00
Nicola Asuni
3894e0563f
Merge branch 'main' into main 2021-03-27 08:35:27 +00:00
Nicola Asuni
b9b011916b
Merge pull request #330 from DISPI-dev/dispi 
General fixes and PHP 8 deprecation fixes
 2021-03-27 08:34:19 +00:00
Nicola Asuni
d943b38655
Merge branch 'main' into dispi 2021-03-27 08:33:52 +00:00
nicolaasuni
a9525646a1 Merge branch 'main' of github.com:tecnickcom/TCPDF into main 2021-03-27 08:32:34 +00:00
nicolaasuni
3b1b063876 ignore .phpdoc 2021-03-27 08:30:57 +00:00
Den
0eb62a7d5f Fixed large count of notices 2021-03-26 13:56:12 +03:00
Marc van Tilburg
e5c11046f8 PHP 8 (deprecation) fixes 2021-03-03 10:13:36 +01:00
Ayesh Karunaratne
65cc96b190
Curl Security: Limit protocols and redirects 
In `include/tcpdf_static.php` file, there are couple Curl calls that could use some additional Curl hardening.

1. Limit the maximum number of redirects Curl is allowed to follow. Currently, it is configured in PHP source code to 20. However, as a [security precaution, limit it to 5](https://php.watch/articles/php-curl-security-hardening#infinite-redirects).

2. Curl is used here for HTTP, HTTPS, and in one instance, for FTP URLs. With `CURLOPT_FOLLOWLOCATION` option enabled, this allows a malicious remote server to perform SSRF attacks and utilize all protocols Curl supports, such as LDAP, FTP, etc that are highly undesired. Setting a restricted [`CURLOPT_PROTOCOLS` value mitigates this vulnerability](https://php.watch/articles/php-curl-security-hardening#ssrf). In older Curl versions, it even allows local file inclusion attacks with `file:///etc/passwd` style redirect URLs.
 2021-01-23 14:57:33 +07:00
Nicola Asuni
456b794f1f
Merge pull request #298 from nullx2/fix-fontspace 
Fix font_space
 2020-12-09 07:15:50 +00:00
Nicola Asuni
b691a7f457
Merge pull request #302 from mvorisek/fix_eol 
Fix EOL of text files
 2020-12-09 07:14:23 +00:00
Nicola Asuni
2a75e5ac4e
Merge pull request #289 from przemekperon/php74-fix 
Fix for PHP 7.4
 2020-12-09 07:13:46 +00:00
Nicola Asuni
89f9e5f616
Merge pull request #293 from cedric-anne/fix/php8 
Fix optionnal parameters declaration (PHP8)
 2020-12-09 07:11:17 +00:00
Michael Voříšek
b1d5922525 Fix EOL of text files 2020-11-23 10:59:42 +01:00
Yuya Yabe
481e46d365 Fix width calc 2020-11-11 15:44:33 +09:00
Cédric Anne
9616e9e44b
Fix optionnal "$tagvspaces" parameter declaration 2020-10-14 10:35:46 +02:00
Cédric Anne
292fc741f8
Fix optionnal "$k" parameter declaration 2020-10-14 10:35:08 +02:00
Cédric Anne
e5f4da5a76
Fix optionnal "$currentfont" parameter declaration 2020-10-14 10:33:59 +02:00
Przemek Peron
9e8861b4dc Fix for PHP 7.4 2020-10-01 20:27:22 +02:00
Roy Van Ginneken
038d0d5266 Minimize other outgoing image calls 2020-09-28 10:55:17 +02:00
Roy Van Ginneken
210ff2239f Make sure we don\t check the same for existing multiple times 2020-09-28 09:51:01 +02:00
Roy Van Ginneken
5a3b44c729 Fix duplicate retrieval of the same file 2020-09-28 09:38:13 +02:00
BrainFooLong
310624076e removed mb_internal_encoding as it is useless 2020-09-03 11:12:30 +02:00
Jakub Jelen
0727b9598f Remove file_id from the cloned object before destruction 
This prevents the cloned object from removing temporary files
owned by the original object during cleanup, potentially
leaving some that were created during the transaction,
but these should be cleaned with the original object

Fixes #205
 2020-04-10 17:40:02 +02:00
Nicola Asuni
485956db63
Merge pull request #197 from SuperVirus/php53-compat 
Changed [] to array() to maintain PHP 5.3 compat.
 2020-04-01 14:36:47 +01:00
SuperVirus
6617ab2cd9
Changed [] to array() to maintain PHP 5.3 compat. 2020-03-08 23:19:12 +01:00
nicolaasuni
19a535eaa7 Bump version 6.3.5 2020-02-14 14:20:12 +00:00
Nicola Asuni
6ca08645e2
Merge pull request #183 from bolduz/bolduz-tcpdf-fix-176 
Fix #176: syntax error on line 12387 (invalid usage of array index)
 2020-02-14 14:17:28 +00:00
Nicola Asuni
51ae053e81
Merge pull request #178 from Findus23/some-more-curly-brace-fixes 
fix curly braces in pdf417
 2020-02-14 14:10:16 +00:00
Enrico
cea137671f
Fix #176: syntax error on line 12387 (invalid usage of array index) 
Fix a syntax error issue when accessing an index of a casted variable
 2020-02-14 11:47:31 +01:00
Lukas Winkler
c09bef348d
fix curly braces in pdf417 2020-02-13 12:46:53 +01:00
nicolaasuni
510070b5e0 Unlink only images in cache 6.3.4 2020-02-12 13:26:24 +00:00
nicolaasuni
84d41c66fd Check if imagekeys exist 2020-02-12 13:14:52 +00:00
nicolaasuni
185eb13f21 Fix syntax error 6.3.3 2020-02-12 11:32:17 +00:00