mirror_php/winter
1
0
Fork 0
mirror of https://github.com/wintercms/winter.git synced 2024-06-28 05:33:29 +02:00
Code Issues Projects Releases Wiki Activity
5,317 Commits 35 Branches 172 Tags
Commit Graph

5317 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Luke Towers
d52ea0ccf8 further WIP on rebrand 2021-03-08 02:41:13 -06:00
Luke Towers
62fbbdc182 Further WIP on October -> Winter rebrand 2021-03-07 02:24:21 -06:00
Luke Towers
8a78cd01cd Swap october.png in theme to winter.png 2021-03-06 16:25:17 -06:00
Luke Towers
3e6055a425 Remove files present in the org .github repo 2021-03-06 16:24:46 -06:00
Luke Towers
7d80b771fe Initial work on Winter rebrand for 1.0 branch 2021-03-06 04:06:19 -06:00
Ben Thomson
cb06f5965a
Backport fix to drop library tests from October CMS test suite. 
Refs: 505b1ce0db
 2021-01-13 10:17:39 +08:00
Luke Towers
dd4e325298 more fixes 2021-01-04 17:35:33 -06:00
Luke Towers
4c068bd506 fix tests again 2021-01-04 17:29:48 -06:00
Luke Towers
e5732b575b fix tests 2021-01-04 17:22:33 -06:00
Luke Towers
3f5dcde710 Fix tests by using composer v1 2021-01-04 17:17:39 -06:00
Luke Towers
873fce4603 backport composer.json fixes for composer 2.0 2021-01-04 13:11:47 -06:00
Ben Thomson
f638d3f78c Add app.trustedHosts config and force host checks on password reset (#5423) 
Add app.trustedHosts config and force host checks on backend password reset.

Related: octobercms/library@f29865a
(cherry picked from commit f555ab6)
 2021-01-04 13:07:00 -06:00
Luke Towers
ea67b615e4 Further improvements to the Twig SecurityPolicy 2020-12-18 12:15:12 -06:00
Luke Towers
61e49d9e0b Improve Twig security policy 
Follow up to 106daa2...7cb148c. Thanks to @ka1n4t for the additional review.
v1.0.471 v1.0.470 		2020-11-13 03:50:39 -06:00
Samuel Georges
c5af6c226c Recompile JS 
To apply fix found in d49266ad90246fcf90565de8ccdcdbad492de0fe

Refs #5222
 2020-10-19 10:04:51 +11:00
Luke Towers
1fa076d475 Change Twig template loading fallbacks 
Previously:
- registered Laravel view file
- attempt to load file as a CMS partial

Now:
- registered Laravel view file
- valid CMS partials
- any file that Twig can access (from the project root) rendered as a plain twig template (but with support for the CMS twig environment)

Fixes 80aab47f04 (commitcomment-42223643), https://github.com/octobercms/october/issues/5261#issuecomment-691235167

(cherry picked from commit dca6128501890473043cbe2bfd3016b4f48d39d6)
 2020-09-11 15:48:58 -06:00
Luke Towers
a95d1c8852 Temporarily fixed an issue with existing code-bases that abuse the Twig engine by loading template files in unsupported ways (.js / .svg files rendered as partials through {% partial %}, {% include %}, or $this->renderPartial()). NOTE: This hotfix will not be available in Build 1.1.x so existing code still needs to be fixed to not use those unsupported file types. 
Related: https://github.com/octobercms/october/issues/5272 & https://github.com/skydiver/october-plugin-forms/issues/213
Somewhat related (not fixed by this commit though): 80aab47f04 (commitcomment-42223643)
 2020-09-11 03:45:22 -06:00
Luke Towers
78a37298a4 Tightened up the default permissions granted to the "Publisher" system role out of the box 
(cherry picked from commit 8a785e439395aa901d2b9d7bcb6a343a071c7870)
 2020-09-11 02:12:28 -06:00
Luke Towers
fd2d634b5e Composer updates for 1.0.469 v1.0.469 2020-09-06 21:05:00 -06:00
Luke Towers
e9e4210842 Allow infinitely nested CmsObjects that may have been permitted to load previously through the filesystem continue to load. 2020-09-04 15:22:48 -06:00
Luke Towers
7cb148c167 minor cleanup and docblocks 2020-09-04 01:23:03 -06:00
Samuel Georges
ceb2ff8a6e Clean up redundancies 2020-09-04 13:35:21 +10:00
Samuel Georges
4c650bb775 Security fixes for v1.0.469 
Introduces sandbox policy to block extendable methods allowing arbitrary code execution
 2020-09-04 13:02:01 +10:00
Ben Thomson
d49266ad90
Make popup textarea HTML5-compliant in Inspector editor. 
Previously, this was a self-closing tag with a value attribute. Neither are supported for the textarea tag in HTML5. It appears that browsers now are actually checking this and/or won't work with it.

Fixes #5222.
v1.0.468 		2020-07-25 22:52:23 +08:00
Luke Towers
a56e0cdf61 Use Arabic numerals instead of Indic ones for Arabic date translations. 
Fixes #5213
 2020-07-19 01:15:07 -06:00
Luke Towers
5a5208bd0b Document caveat with uploaded file URL generation when installing October in a subfolder 
Fixes #5204
 2020-07-19 01:08:01 -06:00
Luke Towers
c1fd1b9346 Fix support for ignoreTimezone in date filter types 
Fixes #5197
 2020-07-19 01:01:09 -06:00
Klaas Poortinga
517c588ef7
Fix filter type "group" when 500+ options are available (#5141) 
When 500 options or more are presented in a group filter, PHP `max_input_vars` limits may prevent the filter from working. This fix passes selected options through as a JSON string to get around the limits.
 2020-07-17 17:12:41 +08:00
Ben Thomson
70eac9b0e2
Recompile assets 2020-07-16 18:00:19 +08:00
Patrick Boivin
987dfa4eb7
Add Paragraph Formats to Editor Settings (#4861) 
Co-authored-by: Luke Towers <github@luketowers.ca>
Co-authored-by: Ben Thomson <ben@abweb.com.au>
 2020-07-16 17:54:21 +08:00
Ruben van Erk
3be6e26e84
Clear input after creating tag (#5053) 
When using the taglist field type, the input isn't cleared after a tag has been created. This problem is described here: https://github.com/select2/select2/issues/4698
This change fixes that issue.
 2020-07-16 17:26:49 +08:00
Romain 'Maz' BILLOIR
745bdf9022
Add missing French translations (#5210) 2020-07-16 16:42:28 +08:00
Luke Towers
c1bb695f4b
Fix "use statement with non-compound names has no effect" (#5206) 
Fixes #5205.
 2020-07-09 02:19:36 -06:00
Meysam
9082a231a6
Document Select2's dynamic option creation (#5052) v1.0.467 2020-07-01 10:11:16 +08:00
Luke Towers
dea03a698c Use the Lang facade rather than the trans helper function 2020-06-28 11:14:35 -06:00
Luke Towers
c84c51c820 Improve error message when attempting to fork an unforkable component. 
Fixes #5142 and rainlab/forum-plugin#141
 2020-06-28 10:57:47 -06:00
Saifur Rahman Mohsin
869625aef2
Minor code standards fix (#5138) 2020-06-25 10:18:21 -06:00
Luke Towers
b2d88d6da9 Fix issue when refreshing an entire form that occurs because the toggleEmptyTabs timer runs after the elements it was based on have all been replaced. 2020-06-24 11:33:44 -06:00
Giuseppe Montuoro
cbbc82ac86
Use the current context when making redirects in FormController onSave handlers (#5132) 
Related: d0546599d1
 2020-06-20 16:04:57 -06:00
Luke Towers
ef36399cf7 Improve error handling for invalid counter properties on backend menu items 2020-06-19 23:54:44 -06:00
Luke Towers
1b8fae0ef0 Fix visual glitch on inspector autocomplete fields. 
Fixes #5085
 2020-06-18 11:55:14 -06:00
Luke Towers
dc400a0e20 Fix issue where the throttle feature was no longer logging IP addresses. 
Fixes #5128
 2020-06-18 11:27:53 -06:00
Luke Towers
b384954a29 Improve Froala sanitization of pasted content. 2020-06-18 11:03:48 -06:00
Luke Towers
0cdda52eb8 Fix bug where a field with @context in the name would completely break forms if it also depended on other fields. 
The bug occurred because if specific fields aren't detected in onRefresh(), the entire Form widget HTML will be returned as the result instead of specific fields. This created a problem because the october.form.js JS is not setup to gracefully handle having the entire root form DOM node completely replaced in the middle of a request being completed. Specifically, this would cause problems when trying to detect empty tabs, and then the problems would cascade from there as there would be an instance of october.form.js attached to the page with broken references to no-longer existing DOM nodes.

This fix solves the immediate issue of `field@context` using the `dependsOn` feature breaking by ensuring that the actual final field name for a given field is used instead of the name used in the configuration of the field. Future work should probably be done to better support an entire form being re-rendered if no fields are detected in onRefresh however.
 2020-06-17 03:05:40 -06:00
Tomasz Strojny
68d0667bd4
Updated Polish translation (#5129) 2020-06-17 16:10:37 +08:00
Romain 'Maz' BILLOIR
81a11f70c4
Fix Froala strip empty tags issue (#5126) 
Co-authored-by: Ben Thomson <git@alfreido.com>
 2020-06-16 14:59:40 +08:00
Luke Towers
24f87ae10e Also remove custom sorts from relationcontroller lists / pivot manage modes. 
Fixes https://github.com/octobercms/october/issues/4335#issuecomment-643706004, refs: 5f8a5454ee
 2020-06-14 14:29:21 -06:00
Ben Thomson
b7d9bd1ca6
Remove Subsplit from repo 2020-06-12 11:52:28 +08:00
Ben Thomson
c3800c4196
Switch to checkout-v1, v2 is doing something wrong with auth 2020-06-11 13:24:46 +08:00
Ben Thomson
5d66b74378
Fix auth for subsplit on checkout-v2 2020-06-11 13:21:47 +08:00