Tim Düsterhus [Thu, 15 Oct 2020 14:01:01 +0000 (16:01 +0200)]
Merge branch 'master' into session-meta
Tim Düsterhus [Wed, 14 Oct 2020 09:24:23 +0000 (11:24 +0200)]
Use \hash_equals in CryptoUtil::validateSignedString()
Tim Düsterhus [Thu, 15 Oct 2020 10:53:30 +0000 (12:53 +0200)]
Merge pull request #3607 from WoltLab/import-user-group-option-value
Create user group option values during group import
Tim Düsterhus [Thu, 15 Oct 2020 09:31:36 +0000 (11:31 +0200)]
Merge branch '5.2' into master
Marcel Werk [Thu, 15 Oct 2020 09:10:50 +0000 (11:10 +0200)]
Fixed parameter validation of 'captionEnableHtml'
Tim Düsterhus [Thu, 15 Oct 2020 08:56:44 +0000 (10:56 +0200)]
Fix handling of default headers in HttpFactory::makeClient()
If a `headers` array is given the default user agent would not be applied, even
if the `user-agent` key is not part of the `headers` that are given. This
caused Guzzle to use its default user agent.
Tim Düsterhus [Thu, 15 Oct 2020 08:34:56 +0000 (10:34 +0200)]
Create user group option values during group import
Resolves #3534
Alexander Ebert [Wed, 14 Oct 2020 16:47:16 +0000 (18:47 +0200)]
Log NamedUserException to the console when running in debug mode
Closes #3541
Tim Düsterhus [Wed, 14 Oct 2020 12:26:09 +0000 (14:26 +0200)]
Merge pull request #3605 from WoltLab/recommend-curl
Recommend cURL during WCFSetup
Tim Düsterhus [Wed, 14 Oct 2020 11:41:38 +0000 (13:41 +0200)]
Recommend cURL during WCFSetup
Resolves #3601
Marcel Werk [Wed, 14 Oct 2020 10:25:55 +0000 (12:25 +0200)]
Merge pull request #3604 from ChristopherWalz/master
Add DatabaseObjectList::setConditionBuilder
Christopher Walz [Wed, 14 Oct 2020 10:16:53 +0000 (12:16 +0200)]
Add DatabaseObjectList::setConditionBuilder
Marcel Werk [Wed, 14 Oct 2020 09:06:37 +0000 (11:06 +0200)]
Merge branch '5.2'
Marcel Werk [Wed, 14 Oct 2020 09:06:14 +0000 (11:06 +0200)]
Added link to new manual
Alexander Ebert [Tue, 13 Oct 2020 16:03:47 +0000 (18:03 +0200)]
Merge branch '5.2'
Alexander Ebert [Tue, 13 Oct 2020 16:03:33 +0000 (18:03 +0200)]
Suppress the edit button for boxes on touch devices
The first tap on the box will trigger the hover, preventing any other elements, such as links, from responding.
Alexander Ebert [Tue, 13 Oct 2020 14:10:10 +0000 (16:10 +0200)]
Prevent the official servers from being disabled
Alexander Ebert [Tue, 13 Oct 2020 13:10:34 +0000 (15:10 +0200)]
Prepared an update script for the missing database columns in 5.3.0 RC 1
Alexander Ebert [Tue, 13 Oct 2020 12:59:42 +0000 (14:59 +0200)]
Updated the files for the pre upgrade deployment
Alexander Ebert [Tue, 13 Oct 2020 11:26:48 +0000 (13:26 +0200)]
MySQL 5.7 does not support the syntax for non-capturing groups
Alexander Ebert [Tue, 13 Oct 2020 11:25:13 +0000 (13:25 +0200)]
Use `display: inline-table` to mimic the previous behavior
The commit
9b6a008c7c15ce8fb61e45f6e592421af9c3dc54 introduced `table` instead of `inline-block`.
Tim Düsterhus [Tue, 13 Oct 2020 11:03:35 +0000 (13:03 +0200)]
Merge pull request #3602 from WoltLab/53-update-style
Update defaultStyle after migrating styles
Tim Düsterhus [Tue, 13 Oct 2020 10:45:23 +0000 (12:45 +0200)]
Merge pull request #3603 from WoltLab/exception-parse-invalid-stack
Convert exceptions during stack trace parsing to InvalidArgumentExcep…
Tim Düsterhus [Tue, 13 Oct 2020 10:13:22 +0000 (12:13 +0200)]
Convert exceptions during stack trace parsing to InvalidArgumentException
Tim Düsterhus [Tue, 13 Oct 2020 09:58:01 +0000 (11:58 +0200)]
Update defaultStyle after migrating styles
It appears that importing the defaultStyle causes the style specific asset folder to be created, leading to issues with the style migration.
Tim Düsterhus [Tue, 13 Oct 2020 08:06:48 +0000 (10:06 +0200)]
Merge branch 'master' into session-meta
For the version number bump.
Matthias Schmidt [Mon, 12 Oct 2020 16:52:23 +0000 (18:52 +0200)]
Merge branch '5.2'
Matthias Schmidt [Mon, 12 Oct 2020 16:51:54 +0000 (18:51 +0200)]
Fix add PIP entry via GUI if only delete element exists in XML file
Close #3599
Matthias Schmidt [Mon, 12 Oct 2020 16:37:11 +0000 (18:37 +0200)]
Fix missing language item
Close #3597
Alexander Ebert [Mon, 12 Oct 2020 16:10:59 +0000 (18:10 +0200)]
Merge branch '5.2'
Alexander Ebert [Mon, 12 Oct 2020 16:10:32 +0000 (18:10 +0200)]
Merge pull request #3600 from WoltLab/exception-parse-alphanumeric-code
Support alphanumeric error code in ExceptionLogUtil::parseException()
Tim Düsterhus [Mon, 12 Oct 2020 16:09:06 +0000 (18:09 +0200)]
Support alphanumeric error code in ExceptionLogUtil::parseException()
PDO error codes might contain letters.
Tim Düsterhus [Mon, 12 Oct 2020 11:38:32 +0000 (13:38 +0200)]
Fix calling HTTPRequest::getReply() if the response is missing
The only case where the response might be missing is if Guzzle fails to connect
to the remote server (ConnectException). Return default data that is consistent
with 5.2 in this case.
Alexander Ebert [Sun, 11 Oct 2020 11:42:16 +0000 (13:42 +0200)]
Merge branch '5.2'
Alexander Ebert [Sun, 11 Oct 2020 11:42:03 +0000 (13:42 +0200)]
Use a literal string to avoid escaping
See #3595
Alexander Ebert [Sun, 11 Oct 2020 11:41:39 +0000 (13:41 +0200)]
Merge branch '3.1' into 5.2
Alexander Ebert [Sun, 11 Oct 2020 11:41:20 +0000 (13:41 +0200)]
Use a literal string to avoid escaping
See #3595
Alexander Ebert [Sun, 11 Oct 2020 11:38:16 +0000 (13:38 +0200)]
Merge pull request #3598 from WoltLab/php8_form_builder
Fix deprecation warnings in form builder in PHP 8
Matthias Schmidt [Sat, 10 Oct 2020 15:54:50 +0000 (17:54 +0200)]
Fix deprecation warnings in form builder in PHP 8
Close #3489
Alexander Ebert [Sat, 10 Oct 2020 12:38:19 +0000 (14:38 +0200)]
Updated the files archive
Tim Düsterhus [Fri, 9 Oct 2020 14:16:22 +0000 (16:16 +0200)]
Merge pull request #3596 from WoltLab/guzzle-head-encoding-regression
Fix HEAD requests with `accept-encoding` header set
Tim Düsterhus [Fri, 9 Oct 2020 13:47:20 +0000 (15:47 +0200)]
Fix HEAD requests with `accept-encoding` header set
This backports the change in guzzle/guzzle#2804.
Alexander Ebert [Fri, 9 Oct 2020 09:52:34 +0000 (11:52 +0200)]
Force buttons to align with the top of the flex
See
fff15f8566
Alexander Ebert [Thu, 8 Oct 2020 18:00:57 +0000 (20:00 +0200)]
Adjusted the package date
Alexander Ebert [Thu, 8 Oct 2020 11:46:20 +0000 (13:46 +0200)]
Internal release 5.3.0 RC 1
Alexander Ebert [Thu, 8 Oct 2020 10:48:25 +0000 (12:48 +0200)]
Incorrect tag being used
woltlab.com [Thu, 8 Oct 2020 10:40:59 +0000 (10:40 +0000)]
Updating minified JavaScript files
Alexander Ebert [Wed, 7 Oct 2020 11:10:25 +0000 (13:10 +0200)]
Merge pull request #3589 from WoltLab/system-check-gd
Check for the "jpeg" and "png" support of GD
Tim Düsterhus [Tue, 6 Oct 2020 07:39:25 +0000 (09:39 +0200)]
Merge branch '5.2' into master
Olaf Braun [Mon, 5 Oct 2020 12:05:24 +0000 (14:05 +0200)]
Fix 'Undefined index: additionalData' in Box
This error can be encountered when calling `new Box(123)` with
`123` not being the ID of a valid box.
Closes #3594
Matthias Schmidt [Sun, 4 Oct 2020 15:58:45 +0000 (17:58 +0200)]
Merge branch '5.2'
Matthias Schmidt [Sun, 4 Oct 2020 15:58:31 +0000 (17:58 +0200)]
Fix page title for system check page
Close #3591
Alexander Ebert [Sun, 4 Oct 2020 11:08:39 +0000 (13:08 +0200)]
Removed the warning for `innodb_flush_log_at_trx_commit`
The value is now displayed as a server variable on the index page for manual review.
Closes #3535
Alexander Ebert [Sun, 4 Oct 2020 10:54:32 +0000 (12:54 +0200)]
Log form validation errors to the console when running in debug mode
Closes #3541
Marcel Werk [Sun, 4 Oct 2020 09:09:20 +0000 (11:09 +0200)]
Merge branch '5.2'
Marcel Werk [Sun, 4 Oct 2020 09:09:03 +0000 (11:09 +0200)]
Merge branch '3.1' into 5.2
Marcel Werk [Sun, 4 Oct 2020 09:07:18 +0000 (11:07 +0200)]
Removed obsolete code
There is no article counter for users (wcf1_user.articles) in version 3.1.
joshuaruesweg [Sun, 4 Oct 2020 08:44:49 +0000 (10:44 +0200)]
Merge branch '5.2'
joshuaruesweg [Sun, 4 Oct 2020 08:41:58 +0000 (10:41 +0200)]
Add missing language variable `wcf.upload.error.uploadFailed`
Alexander Ebert [Sat, 3 Oct 2020 23:13:03 +0000 (01:13 +0200)]
Merge pull request #3590 from WoltLab/article-meta-tags
Custom meta title and meta description for articles
Marcel Werk [Sat, 3 Oct 2020 22:42:05 +0000 (00:42 +0200)]
Custom meta title and meta description for articles
Closes #3575
Alexander Ebert [Sat, 3 Oct 2020 18:20:40 +0000 (20:20 +0200)]
Removed the legacy database encoding converter
Closes #3570
Alexander Ebert [Fri, 2 Oct 2020 21:26:53 +0000 (23:26 +0200)]
Workaround for a Safari bug
See https://community.woltlab.com/thread/286084-safari-fehlerhaft-dargestellter-schatten-in-code-box/
Alexander Ebert [Fri, 2 Oct 2020 20:00:42 +0000 (22:00 +0200)]
Overhauled the appearance of the list of purchased plugins
Alexander Ebert [Fri, 2 Oct 2020 17:42:11 +0000 (19:42 +0200)]
Check for the "jpeg" and "png" support of GD
Tim Düsterhus [Fri, 2 Oct 2020 13:16:12 +0000 (15:16 +0200)]
Merge pull request #3587 from WoltLab/session-remove-virtual
Remove virtual sessions
Alexander Ebert [Fri, 2 Oct 2020 13:05:40 +0000 (15:05 +0200)]
Release 5.3.0 Beta 2
Tim Düsterhus [Fri, 2 Oct 2020 12:27:34 +0000 (14:27 +0200)]
Remove database tables related to virtual sessions
Tim Düsterhus [Fri, 2 Oct 2020 08:53:19 +0000 (10:53 +0200)]
Remove virtual session DBO classes
Virtual sessions are no longer supported. The TODO comments will be fixed with
a later commit.
woltlab.com [Fri, 2 Oct 2020 10:41:53 +0000 (10:41 +0000)]
Updating minified JavaScript files
Tim Düsterhus [Fri, 2 Oct 2020 08:46:17 +0000 (10:46 +0200)]
Remove obsolete imports
Tim Düsterhus [Fri, 2 Oct 2020 08:43:37 +0000 (10:43 +0200)]
Remove virtualSession property from SessionHandler
This property is always `false`, because it is never written.
Tim Düsterhus [Fri, 2 Oct 2020 08:43:00 +0000 (10:43 +0200)]
Remove obsolete SessionHandler::loadVirtualSession() method
Tim Düsterhus [Fri, 2 Oct 2020 08:38:24 +0000 (10:38 +0200)]
Stop loading virtual sessions when changeUser() is called
As of this commit virtual sessions will no longer be created.
Tim Düsterhus [Fri, 2 Oct 2020 08:37:21 +0000 (10:37 +0200)]
Stop loading virtual sessions when a new session is created
After this change virtual sessions are only created when `changeUser()` is
being called.
Matthias Schmidt [Thu, 1 Oct 2020 17:15:52 +0000 (19:15 +0200)]
Build form after checking permissions
Building the form after checking the permissions and the login status allows for the save usage of `WCF::getUser()` as a logged-in user.
Marcel Werk [Thu, 1 Oct 2020 16:27:35 +0000 (18:27 +0200)]
Merge branch '5.2'
Marcel Werk [Thu, 1 Oct 2020 16:27:19 +0000 (18:27 +0200)]
Automatic removal of commas from tag names
Alexander Ebert [Thu, 1 Oct 2020 16:26:38 +0000 (18:26 +0200)]
Use a separate element to repesent the "limit reached" state of item lists
Alexander Ebert [Thu, 1 Oct 2020 15:45:52 +0000 (17:45 +0200)]
Merge branch '3.1' into 5.2
Alexander Ebert [Thu, 1 Oct 2020 15:45:29 +0000 (17:45 +0200)]
Merge pull request #3585 from WoltLab/overdue-cronjob
Improved the wording of the cronjob error message
Alexander Ebert [Thu, 1 Oct 2020 15:45:10 +0000 (17:45 +0200)]
Improved readability
Co-authored-by: Matthias Schmidt <gravatronics@live.com>
Marcel Werk [Thu, 1 Oct 2020 15:16:15 +0000 (17:16 +0200)]
Merge branch '5.2'
Marcel Werk [Thu, 1 Oct 2020 15:16:01 +0000 (17:16 +0200)]
Removed obsolete code
Marcel Werk [Thu, 1 Oct 2020 14:53:21 +0000 (16:53 +0200)]
Merge branch '5.2'
Marcel Werk [Thu, 1 Oct 2020 14:52:57 +0000 (16:52 +0200)]
Merge branch '3.1' into 5.2
Marcel Werk [Thu, 1 Oct 2020 14:52:40 +0000 (16:52 +0200)]
Default value blocked saving of empty date fields
Marcel Werk [Thu, 1 Oct 2020 14:47:43 +0000 (16:47 +0200)]
Fixed parameter documentation
Alexander Ebert [Thu, 1 Oct 2020 14:41:22 +0000 (16:41 +0200)]
Incorrect parameter order
Co-authored-by: Tim Düsterhus <duesterhus@woltlab.com>
Marcel Werk [Thu, 1 Oct 2020 14:28:21 +0000 (16:28 +0200)]
Merge branch 'master' of https://github.com/WoltLab/WCF
Marcel Werk [Thu, 1 Oct 2020 14:28:18 +0000 (16:28 +0200)]
Hide language chooser on cms pages if only one active language is available
Tim Düsterhus [Thu, 1 Oct 2020 09:32:15 +0000 (11:32 +0200)]
Stop loading virtual sessions when a session is being resumed
This change causes the wcf1_session_virtual table to not necessarily contain a
row matching the current userAgent and ipAddress, even if the user has a valid
session. This is not too bad, considered that after the previous commits the
lastActivityTime was not being updated anyway.
Tim Düsterhus [Thu, 1 Oct 2020 09:24:04 +0000 (11:24 +0200)]
Stop maintaining the virtual session's lastActivityTime
Virtual sessions are about to be removed. This change does not affect user
visible behavior, apart from possibly expiring the session faster.
Tim Düsterhus [Wed, 30 Sep 2020 14:42:02 +0000 (16:42 +0200)]
Remove session_enable_virtualization option
This option became useless with the previous commit that removed the support
for disabling virtual sessions.
Tim Düsterhus [Wed, 30 Sep 2020 14:39:52 +0000 (16:39 +0200)]
Always enable virtual sessions
Virtual sessions will be removed shortly, making this commit technically
useless. However it allows us to remove some code paths, allowing this future
commit to be smaller.
Tim Düsterhus [Wed, 30 Sep 2020 14:36:54 +0000 (16:36 +0200)]
Remove loading of the virtual session from SessionHandler::getExistingSession()
The loading will be performed in loadVirtualSession(), so this change does not
result in a visible behavioral change.
Tim Düsterhus [Thu, 1 Oct 2020 14:09:43 +0000 (16:09 +0200)]
Merge pull request #3583 from WoltLab/session-remove-validation
Remove session validation options
Tim Düsterhus [Wed, 30 Sep 2020 14:36:14 +0000 (16:36 +0200)]
Remove SessionHandler::validate()
This method became a no-op since the validation options were removed.
Tim Düsterhus [Wed, 30 Sep 2020 14:34:07 +0000 (16:34 +0200)]
Remove session_validate_user_agent option
This option will not play well with long-lived user sessions and the security
benefit is roughly nil. After all almost anyone is using Google Chrome on
either Windows or Android.
Additionally since the session ID is no longer embedded within the URL losing
the session ID to a 3rd party is hard.
Tim Düsterhus [Wed, 30 Sep 2020 14:32:46 +0000 (16:32 +0200)]
Remove session_validate_ip_address option
This option basically is useless in the age of CGNAT and mobile networks.