mirror_php/TCPDF
1
0
Fork 0
mirror of https://github.com/tecnickcom/TCPDF.git synced 2025-03-20 22:19:39 +01:00
Code Issues Projects Releases Wiki Activity
851 Commits 1 Branch 135 Tags
Commit Graph

851 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nagy Imre
2dfe16d413
Update tcpdf.php version info (#390) 
Update tcpdf.php version info

Co-authored-by: Nicola Asuni <nicolaasuni@users.noreply.github.com>
 2021-07-10 07:45:09 +01:00
Niklas
6cb2475ef4
Fix docblock spelliong error (#392) 2021-07-10 07:43:47 +01:00
Martin Vobruba
cf8a66c8ec
Remove pointless assignments (#361) 2021-04-06 16:35:45 +01:00
William Desportes
c979d00f60
PHP error fixes and final phpdoc fixes (#348) 
* Fix a PHP array offset error

* Fix PHP 8.1 type error with TCPDF_STATIC::pregSplit on preg_split

* More phpdoc blocks fixes

* Add CHANGELOG entries

* Update file descriptions for barcode examples

Co-authored-by: Nicola Asuni <nicolaasuni@users.noreply.github.com>
 2021-04-02 12:45:14 +01:00
William Desportes
989a00f330
Add a CI for docs and running examples + (generating coverage !!) (#349) 
* Add lint docs workflow and a testing workflow

* Add scripts to run tests on examples

* Add Doctum config

* Adjust examples source detection

Co-authored-by: Nicola Asuni <nicolaasuni@users.noreply.github.com>
 2021-04-02 12:43:30 +01:00
Thorsten Rinne
be4514d896
fix: corrected year of release dates (#351) 2021-04-02 12:39:35 +01:00
William Desportes
206a131d72
Drop a PHP 4 polyfill and add a .gitattributes file (#346) 
* Drop PHP 4 polyfill for str_split

* Add a .gitattributes file

Co-authored-by: Nicola Asuni <nicolaasuni@users.noreply.github.com>
 2021-03-28 11:59:03 +01:00
William Desportes
4f1d629d24
Fix all phpdoc blocks (#345) 
* Add a @since on a function

* Refresh phpdoc blocks

Using `@param (\$[a-zA-Z0-9_]+)\s\(([a-z]+)\)`

* Fix phpdoc blocks

* Fix typos and phpdoc mistakes

* More phpdoc block fixes

Co-authored-by: Nicola Asuni <nicolaasuni@users.noreply.github.com>
 2021-03-28 11:55:50 +01:00
William Desportes
03629b7c4e
Add missing CHANGELOG entries (#344) 2021-03-28 11:55:09 +01:00
nicolaasuni
5ba838befd Update version 6.4.1 2021-03-27 16:00:33 +00:00
nicolaasuni
7a666c317c Bump version 6.4.0 2021-03-27 09:20:31 +00:00
Roy Van Ginneken
869ab2651b
Fix image file type for urls with query params (#287) 
Co-authored-by: Nicola Asuni <nicolaasuni@users.noreply.github.com>
 2021-03-27 09:17:09 +00:00
Nicola Asuni
0fb31c9ddd
Complex gmbh file proto main (#342) 
* Allow enabling local file:// protocol

the option is disabled for security reasons by default, since it might be exploited, when a PDF is generated based on HTML provided by the enduser.

* Update tcpdf.php

Co-authored-by: William Desportes <williamdes@wdes.fr>

* Update tcpdf.php

Co-authored-by: William Desportes <williamdes@wdes.fr>

* fix whitespaces

Co-authored-by: Markus Staab <m.staab@complex-it.de>
Co-authored-by: Markus Staab <47448731+clxmstaab@users.noreply.github.com>
Co-authored-by: William Desportes <williamdes@wdes.fr>
 2021-03-27 09:13:54 +00:00
mtreuberg
978eb8c824
check if file exists before calling unlink (#327) 
* check if file exists before calling unlink

file_exists has a known vulnerability.
Replacing with the internal one.

Co-authored-by: Nicola Asuni <nicolaasuni@users.noreply.github.com>
 2021-03-27 09:08:05 +00:00
nicolaasuni
14fd6779f3 Revert "temporary files never deleted (#263)" 
This reverts commit 7edddd21167870f65ff3f8eba772dfc165de461f.
 2021-03-27 09:00:42 +00:00
Dario B
7edddd2116
temporary files never deleted (#263) 
When creating PNG files, temporary file are not removed (search for __tcpdf_* in your temp directory). After this changes temp directory never has temporary files created by tcpdf

Co-authored-by: Nicola Asuni <nicolaasuni@users.noreply.github.com>
 2021-03-27 08:56:08 +00:00
Christoph Flathmann
b34328ae87
allow styles on <HR> tags (#250) 
* allow styles on <HR> tags

* filter lineStyles before adding

Co-authored-by: Nicola Asuni <nicolaasuni@users.noreply.github.com>
 2021-03-27 08:48:54 +00:00
Florian Mortgat
e17b28015d
Fix vulnerability to roman numeral bombs (#315) 
Co-authored-by: Nicola Asuni <nicolaasuni@users.noreply.github.com>
 2021-03-27 08:47:48 +00:00
Alexander Rakushin
f0e42daeae
Optimized regular expression (#268) 
Fix: Empty result for big reports with writeHTML()
 2021-03-27 08:45:34 +00:00
Teemu Koskinen
da030d11b7
Second parameter of TCPDF::cell() must be a number (#283) 
Co-authored-by: Nicola Asuni <nicolaasuni@users.noreply.github.com>
 2021-03-27 08:44:38 +00:00
Roy Van Ginneken
c29df4acb4
Make sure parser follows the correct scope and gets unset (#286) 
Co-authored-by: Nicola Asuni <nicolaasuni@users.noreply.github.com>
 2021-03-27 08:43:35 +00:00
Baptiste Pillot
f9046e0e2e
FIX SVGPath should accept 1.19.30 (equiv 1.19,.30) compacted values list (#297) 
Co-authored-by: Nicola Asuni <nicolaasuni@users.noreply.github.com>
 2021-03-27 08:42:23 +00:00
Nicola Asuni
f37a6610d6
Merge pull request #278 from brainfoolong/mb_encoding_change 
removed mb_internal_encoding as it is useless
 2021-03-27 08:41:34 +00:00
Nicola Asuni
60ed532e5d
Merge branch 'main' into mb_encoding_change 2021-03-27 08:41:26 +00:00
Nicola Asuni
843235b4d6
Merge pull request #288 from rvanginneken/fix-duplicate-file-retrieval 
Fix duplicate file retrieval
 2021-03-27 08:40:41 +00:00
Nicola Asuni
80decf0234
Merge branch 'main' into fix-duplicate-file-retrieval 2021-03-27 08:40:34 +00:00
Nicola Asuni
e0a7a053aa
Merge pull request #280 from Jakuje/rollback 
Remove file_id from the cloned object before destruction
 2021-03-27 08:39:18 +00:00
Nicola Asuni
26abef749a
Merge branch 'main' into rollback 2021-03-27 08:39:10 +00:00
Nicola Asuni
f930ac7cea
Merge pull request #319 from Ayesh/curl-hardening 
Curl Security: Limit protocols and redirects
 2021-03-27 08:36:19 +00:00
Nicola Asuni
76864e25f5
Merge branch 'main' into curl-hardening 2021-03-27 08:36:10 +00:00
Nicola Asuni
2a1241bfc5
Merge pull request #341 from dionisvl/main 
Fixed large count of notices
 2021-03-27 08:35:33 +00:00
Nicola Asuni
3894e0563f
Merge branch 'main' into main 2021-03-27 08:35:27 +00:00
Nicola Asuni
b9b011916b
Merge pull request #330 from DISPI-dev/dispi 
General fixes and PHP 8 deprecation fixes
 2021-03-27 08:34:19 +00:00
Nicola Asuni
d943b38655
Merge branch 'main' into dispi 2021-03-27 08:33:52 +00:00
nicolaasuni
a9525646a1 Merge branch 'main' of github.com:tecnickcom/TCPDF into main 2021-03-27 08:32:34 +00:00
nicolaasuni
3b1b063876 ignore .phpdoc 2021-03-27 08:30:57 +00:00
Den
0eb62a7d5f Fixed large count of notices 2021-03-26 13:56:12 +03:00
Marc van Tilburg
e5c11046f8 PHP 8 (deprecation) fixes 2021-03-03 10:13:36 +01:00
Ayesh Karunaratne
65cc96b190
Curl Security: Limit protocols and redirects 
In `include/tcpdf_static.php` file, there are couple Curl calls that could use some additional Curl hardening.

1. Limit the maximum number of redirects Curl is allowed to follow. Currently, it is configured in PHP source code to 20. However, as a [security precaution, limit it to 5](https://php.watch/articles/php-curl-security-hardening#infinite-redirects).

2. Curl is used here for HTTP, HTTPS, and in one instance, for FTP URLs. With `CURLOPT_FOLLOWLOCATION` option enabled, this allows a malicious remote server to perform SSRF attacks and utilize all protocols Curl supports, such as LDAP, FTP, etc that are highly undesired. Setting a restricted [`CURLOPT_PROTOCOLS` value mitigates this vulnerability](https://php.watch/articles/php-curl-security-hardening#ssrf). In older Curl versions, it even allows local file inclusion attacks with `file:///etc/passwd` style redirect URLs.
 2021-01-23 14:57:33 +07:00
Nicola Asuni
456b794f1f
Merge pull request #298 from nullx2/fix-fontspace 
Fix font_space
 2020-12-09 07:15:50 +00:00
Nicola Asuni
b691a7f457
Merge pull request #302 from mvorisek/fix_eol 
Fix EOL of text files
 2020-12-09 07:14:23 +00:00
Nicola Asuni
2a75e5ac4e
Merge pull request #289 from przemekperon/php74-fix 
Fix for PHP 7.4
 2020-12-09 07:13:46 +00:00
Nicola Asuni
89f9e5f616
Merge pull request #293 from cedric-anne/fix/php8 
Fix optionnal parameters declaration (PHP8)
 2020-12-09 07:11:17 +00:00
Michael Voříšek
b1d5922525 Fix EOL of text files 2020-11-23 10:59:42 +01:00
Yuya Yabe
481e46d365 Fix width calc 2020-11-11 15:44:33 +09:00
Cédric Anne
9616e9e44b
Fix optionnal "$tagvspaces" parameter declaration 2020-10-14 10:35:46 +02:00
Cédric Anne
292fc741f8
Fix optionnal "$k" parameter declaration 2020-10-14 10:35:08 +02:00
Cédric Anne
e5f4da5a76
Fix optionnal "$currentfont" parameter declaration 2020-10-14 10:33:59 +02:00
Przemek Peron
9e8861b4dc Fix for PHP 7.4 2020-10-01 20:27:22 +02:00
Roy Van Ginneken
038d0d5266 Minimize other outgoing image calls 2020-09-28 10:55:17 +02:00