mirror_php/TCPDF
1
0
Fork 0
mirror of https://github.com/tecnickcom/TCPDF.git synced 2025-03-21 06:29:40 +01:00
Code Issues Projects Releases Wiki Activity
865 Commits 1 Branch 135 Tags
Commit Graph

865 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Den
0eb62a7d5f Fixed large count of notices 2021-03-26 13:56:12 +03:00
Marc van Tilburg
e5c11046f8 PHP 8 (deprecation) fixes 2021-03-03 10:13:36 +01:00
Ayesh Karunaratne
65cc96b190
Curl Security: Limit protocols and redirects 
In `include/tcpdf_static.php` file, there are couple Curl calls that could use some additional Curl hardening.

1. Limit the maximum number of redirects Curl is allowed to follow. Currently, it is configured in PHP source code to 20. However, as a [security precaution, limit it to 5](https://php.watch/articles/php-curl-security-hardening#infinite-redirects).

2. Curl is used here for HTTP, HTTPS, and in one instance, for FTP URLs. With `CURLOPT_FOLLOWLOCATION` option enabled, this allows a malicious remote server to perform SSRF attacks and utilize all protocols Curl supports, such as LDAP, FTP, etc that are highly undesired. Setting a restricted [`CURLOPT_PROTOCOLS` value mitigates this vulnerability](https://php.watch/articles/php-curl-security-hardening#ssrf). In older Curl versions, it even allows local file inclusion attacks with `file:///etc/passwd` style redirect URLs.
 2021-01-23 14:57:33 +07:00
Nicola Asuni
456b794f1f
Merge pull request #298 from nullx2/fix-fontspace 
Fix font_space
 2020-12-09 07:15:50 +00:00
Nicola Asuni
b691a7f457
Merge pull request #302 from mvorisek/fix_eol 
Fix EOL of text files
 2020-12-09 07:14:23 +00:00
Nicola Asuni
2a75e5ac4e
Merge pull request #289 from przemekperon/php74-fix 
Fix for PHP 7.4
 2020-12-09 07:13:46 +00:00
Nicola Asuni
89f9e5f616
Merge pull request #293 from cedric-anne/fix/php8 
Fix optionnal parameters declaration (PHP8)
 2020-12-09 07:11:17 +00:00
Michael Voříšek
b1d5922525 Fix EOL of text files 2020-11-23 10:59:42 +01:00
Yuya Yabe
481e46d365 Fix width calc 2020-11-11 15:44:33 +09:00
Cédric Anne
9616e9e44b
Fix optionnal "$tagvspaces" parameter declaration 2020-10-14 10:35:46 +02:00
Cédric Anne
292fc741f8
Fix optionnal "$k" parameter declaration 2020-10-14 10:35:08 +02:00
Cédric Anne
e5f4da5a76
Fix optionnal "$currentfont" parameter declaration 2020-10-14 10:33:59 +02:00
Przemek Peron
9e8861b4dc Fix for PHP 7.4 2020-10-01 20:27:22 +02:00
Roy Van Ginneken
038d0d5266 Minimize other outgoing image calls 2020-09-28 10:55:17 +02:00
Roy Van Ginneken
210ff2239f Make sure we don\t check the same for existing multiple times 2020-09-28 09:51:01 +02:00
Roy Van Ginneken
5a3b44c729 Fix duplicate retrieval of the same file 2020-09-28 09:38:13 +02:00
BrainFooLong
310624076e removed mb_internal_encoding as it is useless 2020-09-03 11:12:30 +02:00
Jakub Jelen
0727b9598f Remove file_id from the cloned object before destruction 
This prevents the cloned object from removing temporary files
owned by the original object during cleanup, potentially
leaving some that were created during the transaction,
but these should be cleaned with the original object

Fixes #205
 2020-04-10 17:40:02 +02:00
Nicola Asuni
485956db63
Merge pull request #197 from SuperVirus/php53-compat 
Changed [] to array() to maintain PHP 5.3 compat.
 2020-04-01 14:36:47 +01:00
SuperVirus
6617ab2cd9
Changed [] to array() to maintain PHP 5.3 compat. 2020-03-08 23:19:12 +01:00
nicolaasuni
19a535eaa7 Bump version 6.3.5 2020-02-14 14:20:12 +00:00
Nicola Asuni
6ca08645e2
Merge pull request #183 from bolduz/bolduz-tcpdf-fix-176 
Fix #176: syntax error on line 12387 (invalid usage of array index)
 2020-02-14 14:17:28 +00:00
Nicola Asuni
51ae053e81
Merge pull request #178 from Findus23/some-more-curly-brace-fixes 
fix curly braces in pdf417
 2020-02-14 14:10:16 +00:00
Enrico
cea137671f
Fix #176: syntax error on line 12387 (invalid usage of array index) 
Fix a syntax error issue when accessing an index of a casted variable
 2020-02-14 11:47:31 +01:00
Lukas Winkler
c09bef348d
fix curly braces in pdf417 2020-02-13 12:46:53 +01:00
nicolaasuni
510070b5e0 Unlink only images in cache 6.3.4 2020-02-12 13:26:24 +00:00
nicolaasuni
84d41c66fd Check if imagekeys exist 2020-02-12 13:14:52 +00:00
nicolaasuni
185eb13f21 Fix syntax error 6.3.3 2020-02-12 11:32:17 +00:00
Nicola Asuni
fe779adc9e
Merge pull request #145 from woytam/patch-1 
Problem with $imagekeys undefined or unlinked
 2020-02-12 11:18:46 +00:00
Nicola Asuni
2260343cfa
Merge branch 'master' into patch-1 2020-02-12 11:18:38 +00:00
Nicola Asuni
06ac099478
Merge pull request #148 from ivan-koliadynskyy/patch 
Update tcpdf_static.php
 2020-02-12 11:16:19 +00:00
Nicola Asuni
91b3fde146
Merge pull request #146 from itrocks/svg-fixes 
FIX SVGPath elliptical arc with rx/ry=0 + z should return to initial …
 2020-02-12 11:11:40 +00:00
Nicola Asuni
e6f06ee9f8
Merge pull request #166 from sasanyasari/#165 
set background image in RTL mode debugged
 2020-02-12 11:10:54 +00:00
Nicola Asuni
c25f6d642b
Merge pull request #150 from upsite4k/patch-1 
Valid PDF/A XMP Information
 2020-02-12 11:05:55 +00:00
Nicola Asuni
ceda0aa97c
Merge branch 'master' into patch-1 2020-02-12 11:05:46 +00:00
Nicola Asuni
c50c07fade
Merge pull request #143 from DaRealFreak/fix/no-list-access 
Prevent crash in case of no list access in cache path
 2020-02-12 11:01:36 +00:00
Nicola Asuni
add4b458d5
Merge pull request #142 from DominiqueFERET/patch-1 
Prevents crash and files deletion.
 2020-02-12 11:00:35 +00:00
Nicola Asuni
ae7d45fc59
Merge pull request #141 from gabema/RemoveBackupFiles 
Removing backup changelog files from repo
 2020-02-12 10:59:44 +00:00
Nicola Asuni
3f56071806
Merge pull request #138 from tanelt/fix_pdf_a_3b_compatibility 
Fix PDF/A-3b compatibility and validation
 2020-02-12 10:57:43 +00:00
Nicola Asuni
9fa49f7da9
Merge pull request #149 from SunMar/patch-1 
Fix license in composer.json
 2020-02-12 10:53:54 +00:00
Nicola Asuni
8a55479acf
set license to LGPL 3.0 2020-02-12 10:53:43 +00:00
Nicola Asuni
621723c929
Merge pull request #137 from fisharebest/patch-1 
PHP 7.4 - cannot use array offset on integers
 2020-02-12 10:51:01 +00:00
Nicola Asuni
97c0e35a7a
Merge branch 'master' into patch-1 2020-02-12 10:50:50 +00:00
Nicola Asuni
f6fe2d7195
Merge pull request #162 from LDAV/patch-1 
Fix php7.4 error
 2020-02-12 10:49:18 +00:00
Nicola Asuni
59be217aa0
Merge branch 'master' into patch-1 2020-02-12 10:49:03 +00:00
Nicola Asuni
febd7bc5b2
Merge pull request #168 from gpenverne/fix-for-167 
FIX - cast int pages to string
 2020-02-12 10:47:30 +00:00
Nicola Asuni
822e66063b
Merge pull request #164 from mhedderich/master 
Fixed datamatrix.php for PHP 7.4
 2020-02-12 10:46:56 +00:00
Nicola Asuni
f08c237c56
Create FUNDING.yml 2020-02-01 10:23:41 +00:00
gpenverne
9c75c9c7d2 handle integers for pages 2020-01-28 10:08:38 +01:00
Sasan
b543e4df62 you can now set background image in RTL version too #165 2020-01-24 17:49:56 +03:30