TCPDF

mirror of https://github.com/tecnickcom/TCPDF.git synced 2025-03-24 07:59:55 +01:00

Author	SHA1	Message	Date
nicolaasuni	3cfc830d70	Bump version	2021-12-28 12:31:24 +00:00
Simon Stücher	8a1907437d	Fix type hint for \TCPDF_STATIC::_freadint (#414 ) Co-authored-by: Nicola Asuni <nicolaasuni@users.noreply.github.com>	2021-12-28 12:09:50 +00:00
Vincent Langlet	df4a8e6f96	Fix phpdoc and prefer null as default value (#444 ) * Fix phpdoc and prefer null as default value Co-authored-by: Michael Voříšek <mvorisek@mvorisek.cz> Co-authored-by: Nicola Asuni <nicolaasuni@users.noreply.github.com>	2021-12-28 12:00:30 +00:00
SuperVirus	cd683e3d83	Fix AES128 encryption if the OpenSSL extension is installed (#453 ) * Fix AES128 encryption if the OpenSSL extension is installed * Simplified code Co-authored-by: Nicola Asuni <nicolaasuni@users.noreply.github.com>	2021-12-28 11:56:41 +00:00
nicolaasuni	172540dcbf	Bump version	2021-07-20 15:43:20 +01:00
Simon Stücher	bf02c1cb62	Fix type hints (#399 ) * Fix type hints * More accurate type hint Co-authored-by: William Desportes <williamdes@wdes.fr> * document void return * document void return * Update include/tcpdf_fonts.php Co-authored-by: William Desportes <williamdes@wdes.fr> * Fix type hints Co-authored-by: William Desportes <williamdes@wdes.fr> Co-authored-by: Nicola Asuni <nicolaasuni@users.noreply.github.com>	2021-07-20 15:25:22 +01:00
Paul Holden	7f650ee925	Increase internal version number to 6.4.1. (#366 ) Fixes #357. Co-authored-by: Nicola Asuni <nicolaasuni@users.noreply.github.com>	2021-07-10 08:05:58 +01:00
William Desportes	c979d00f60	PHP error fixes and final phpdoc fixes (#348 ) * Fix a PHP array offset error * Fix PHP 8.1 type error with TCPDF_STATIC::pregSplit on preg_split * More phpdoc blocks fixes * Add CHANGELOG entries * Update file descriptions for barcode examples Co-authored-by: Nicola Asuni <nicolaasuni@users.noreply.github.com>	2021-04-02 12:45:14 +01:00
William Desportes	206a131d72	Drop a PHP 4 polyfill and add a .gitattributes file (#346 ) * Drop PHP 4 polyfill for str_split * Add a .gitattributes file Co-authored-by: Nicola Asuni <nicolaasuni@users.noreply.github.com>	2021-03-28 11:59:03 +01:00
William Desportes	4f1d629d24	Fix all phpdoc blocks (#345 ) * Add a @since on a function * Refresh phpdoc blocks Using `@param (\$[a-zA-Z0-9_]+)\s$([a-z]+)$` * Fix phpdoc blocks * Fix typos and phpdoc mistakes * More phpdoc block fixes Co-authored-by: Nicola Asuni <nicolaasuni@users.noreply.github.com>	2021-03-28 11:55:50 +01:00
Roy Van Ginneken	869ab2651b	Fix image file type for urls with query params (#287 ) Co-authored-by: Nicola Asuni <nicolaasuni@users.noreply.github.com>	2021-03-27 09:17:09 +00:00
Florian Mortgat	e17b28015d	Fix vulnerability to roman numeral bombs (#315 ) Co-authored-by: Nicola Asuni <nicolaasuni@users.noreply.github.com>	2021-03-27 08:47:48 +00:00
Nicola Asuni	76864e25f5	Merge branch 'main' into curl-hardening	2021-03-27 08:36:10 +00:00
Marc van Tilburg	e5c11046f8	PHP 8 (deprecation) fixes	2021-03-03 10:13:36 +01:00
Ayesh Karunaratne	65cc96b190	Curl Security: Limit protocols and redirects In `include/tcpdf_static.php` file, there are couple Curl calls that could use some additional Curl hardening. 1. Limit the maximum number of redirects Curl is allowed to follow. Currently, it is configured in PHP source code to 20. However, as a [security precaution, limit it to 5](https://php.watch/articles/php-curl-security-hardening#infinite-redirects). 2. Curl is used here for HTTP, HTTPS, and in one instance, for FTP URLs. With `CURLOPT_FOLLOWLOCATION` option enabled, this allows a malicious remote server to perform SSRF attacks and utilize all protocols Curl supports, such as LDAP, FTP, etc that are highly undesired. Setting a restricted [`CURLOPT_PROTOCOLS` value mitigates this vulnerability](https://php.watch/articles/php-curl-security-hardening#ssrf). In older Curl versions, it even allows local file inclusion attacks with `file:///etc/passwd` style redirect URLs.	2021-01-23 14:57:33 +07:00
Cédric Anne	9616e9e44b	Fix optionnal "$tagvspaces" parameter declaration	2020-10-14 10:35:46 +02:00
Cédric Anne	292fc741f8	Fix optionnal "$k" parameter declaration	2020-10-14 10:35:08 +02:00
Cédric Anne	e5f4da5a76	Fix optionnal "$currentfont" parameter declaration	2020-10-14 10:33:59 +02:00
SuperVirus	6617ab2cd9	Changed [] to array() to maintain PHP 5.3 compat.	2020-03-08 23:19:12 +01:00
nicolaasuni	19a535eaa7	Bump version	2020-02-14 14:20:12 +00:00
Lukas Winkler	c09bef348d	fix curly braces in pdf417	2020-02-13 12:46:53 +01:00
nicolaasuni	84d41c66fd	Check if imagekeys exist	2020-02-12 13:14:52 +00:00
nicolaasuni	185eb13f21	Fix syntax error	2020-02-12 11:32:17 +00:00
Nicola Asuni	06ac099478	Merge pull request #148 from ivan-koliadynskyy/patch Update tcpdf_static.php	2020-02-12 11:16:19 +00:00
Ivan Koliadynskyy	0f84e8e754	Fix for deprecated PHP features Update encodeUrlQuery to make method static and prevent errors related to call non static method in static way	2020-01-23 14:57:37 +02:00
mhedderich	8d20c494fb	Fixed datamatrix.php for PHP 7.4 Resolved deprecation error: "Deprecated: Array and string offset access syntax with curly braces is deprecated"	2020-01-15 22:24:49 +01:00
Ivan Koliadynskyy	a428c95eaf	Update tcpdf_static.php	2019-11-01 15:07:12 +02:00
nicolaasuni	9fde7bb9b4	Update ICC profile	2019-09-20 10:35:01 +01:00
nicolaasuni	898eba141c	Bump version	2019-09-20 07:48:57 +01:00
Remi Collet	cabbccc022	Fix reported version	2019-09-19 13:02:12 +02:00
nicolaasuni	b41a5ca311	new setExtraXMPRDF function to set custom RDF XMP data	2019-09-19 10:41:12 +01:00
Nicola Asuni	8a07572324	Merge pull request #130 from erichk4/patch-1 file_get_contents	2019-09-19 09:51:01 +01:00
Remi Collet	e2deae00e5	fix PHP Warning: chr() expects parameter 1 to be int	2019-09-13 11:23:30 +02:00
Remi Collet	b0948269a6	Fix Array and string offset access syntax with curly braces is deprecated	2019-09-13 11:13:56 +02:00
Erich Munz	d144ad0078	file_get_contents return value should also be checked for a non-empty string	2019-08-28 11:44:18 +02:00
Nicola Asuni	756908329d	Merge pull request #105 from fschaeffer/patch-1 [BUGFIX] fix SpotColor handling in HTML	2019-01-16 11:51:36 +00:00
Martin Auswöger	b83e325c38	Fix TCPDF_STATIC::fileGetContents() Currently only the first path in the `$alt` array gets checked. This pull request fixes this so that all paths are checked.	2019-01-07 13:19:28 +01:00
Florian Schaeffer	14b1dee166	fix SpotColor handling in HTML As the spot color array contains the user defined spotcolors provided by AddColor() we need to use the original color name here (as stored in $hcolor) and not the flattened one. Example for usage <span style="color:SPOTCOLOR 15/5;">Your text here</span>	2018-11-15 10:54:44 +01:00
nicolaasuni	367241059c	Format code	2018-10-16 18:24:05 +01:00
Nicola Asuni	a38e94f98f	Merge pull request #100 from visual4/master Fix unsupported operand types error when codepoints arrays are merged	2018-10-16 18:22:08 +01:00
nicolaasuni	5ec5211b82	Update sRGB.icc with the one from the Debian package icc-profiles-free	2018-10-16 18:17:17 +01:00
Jonas Nutz	b9b5a0b77f	Fix unsupported operand types error when codepoints arrays are merged - corrected assignment of resulting array	2018-10-05 13:04:08 +02:00
Jonas Nutz	d06fee8012	Fix unsupported operand types error when codepoints arrays are merged	2018-10-01 13:48:27 +02:00
nicolaasuni	a5135e2cf0	Fix support for image URLs	2018-09-23 08:52:24 +01:00
nicolaasuni	aee50eb2bf	Support remote files in file_exists	2018-09-22 12:50:04 +01:00
nicolaasuni	98799ea173	Simplify file_exists function	2018-09-22 10:37:08 +01:00
nicolaasuni	ac6e92fccc	Fix for security vulnerability: Using the phar:// wrapper it was possible to trigger the unserialization of user provided data.	2018-09-14 16:26:29 +01:00
nicolaasuni	a3273af312	Remove typo comment	2018-09-14 14:49:09 +01:00
nicolaasuni	1861e33fe0	Fix for security vulnerability: Using the phar:// wrapper it was possible to trigger the unserialization of user provided data.	2018-09-14 14:28:55 +01:00
nicolaasuni	b32e75e1ec	Bump version	2018-09-14 13:08:15 +01:00

1 2 3 4

174 Commits