Tim Düsterhus [Tue, 3 May 2022 13:07:53 +0000 (15:07 +0200)]
Merge pull request #4768 from WoltLab/sitemap-page
Fix handling of CMS pages in sitemap
Tim Düsterhus [Tue, 3 May 2022 11:57:49 +0000 (13:57 +0200)]
Fix handling of CMS pages in sitemap
Delegate the visibility control and access control to the appropriate methods
in \wcf\data\page\Page instead of reimplementing it from scratch. Most notably
the inversion of the page ACL was not implemented correctly within the sitemap.
see
92fba0538afc1d88f411db1a80553af2d17c09b4
Closes #4767
Co-authored-by: mutec <mysterycode@mysterycode.de>
Tim Düsterhus [Mon, 2 May 2022 07:25:38 +0000 (09:25 +0200)]
Merge pull request #4766 from mutec/appmanmudose
fix application management in multi domain setups
mutec [Sun, 1 May 2022 20:53:53 +0000 (22:53 +0200)]
fix application management in multi domain setups
Changing the landing pages of apps was failing since the domain name for single-domain-setups was validated for any case, but is not set when using a multi-domain-setup.
This lead to an un-meaningful error-message saying something is incorrect.
Tim Düsterhus [Thu, 28 Apr 2022 10:36:23 +0000 (12:36 +0200)]
Add the Drupal8 hashing algorithm
Tim Düsterhus [Thu, 28 Apr 2022 10:21:19 +0000 (12:21 +0200)]
Fix the TPhpass algorithm
The salt extraction used `mb_strpos` where `mb_substr` needs to be used.
see
c586e46e62dd1d714b7c7db7911eb6cf5d96cc7e
Tim Düsterhus [Wed, 27 Apr 2022 07:20:17 +0000 (09:20 +0200)]
Match stop words case insensitively in MysqlSearchEngine
Tim Düsterhus [Wed, 27 Apr 2022 07:18:47 +0000 (09:18 +0200)]
Replace MysqlSearchEngine::getStopWords() by ::isStopWord()
Sascha Greuel [Mon, 25 Apr 2022 10:32:11 +0000 (12:32 +0200)]
Set explicit `referrerpolicy` for Vimeo embeds
see
936c0f6d5d3f5a811110f7add4fa688a3e9a8377
see https://www.woltlab.com/community/thread/295351/?postID=
1891462#post1891462
Resolves #4755
Tim Düsterhus [Mon, 25 Apr 2022 10:49:48 +0000 (12:49 +0200)]
Set explicit `referrerpolicy` for YouTube embeds
YouTube requires the `Referer` header to be set for (some) embeds to work. By
using the attribute any `referrer-policy` header set on the top level document
is overridden (e.g. `same-origin`).
Co-authored-by: Sascha Greuel <github@1-2.dev>
Tim Düsterhus [Fri, 22 Apr 2022 13:26:13 +0000 (15:26 +0200)]
Remove reference to CONTRIBUTING.md from README.md
see
5d7b7d602e0f6efb077bffda4b3ecceed8534810
Alexander Ebert [Thu, 21 Apr 2022 13:12:48 +0000 (15:12 +0200)]
Detect italic/underline text pasted from Google Docs
Marcel Werk [Wed, 20 Apr 2022 09:17:27 +0000 (11:17 +0200)]
Fetching a remote avatar didn't work if user doesn't have to permission to upload avatars
joshuaruesweg [Tue, 19 Apr 2022 08:18:31 +0000 (10:18 +0200)]
Fix fetching userID for multilanguage articles
joshuaruesweg [Mon, 18 Apr 2022 08:36:19 +0000 (10:36 +0200)]
Use spaces instead of tabs
joshuaruesweg [Mon, 18 Apr 2022 08:31:40 +0000 (10:31 +0200)]
Prevent firing notifications for awarding own trophies
Alexander Ebert [Thu, 14 Apr 2022 14:57:41 +0000 (16:57 +0200)]
Release 5.4.16
Alexander Ebert [Thu, 14 Apr 2022 14:47:23 +0000 (16:47 +0200)]
Merge branch '5.3' into 5.4
Alexander Ebert [Thu, 14 Apr 2022 14:45:23 +0000 (16:45 +0200)]
Release 5.3.22
Alexander Ebert [Thu, 14 Apr 2022 14:25:02 +0000 (16:25 +0200)]
Removed the outdated `CONTRIBUTING.md`
The file is heavily outdated and badly presented on GitHub. With WoltLab Suite 5.4 we switched to PSR-12 and Prettier anyway, so there is no need to explain any special rules.
Closes #4600
Marcel Werk [Thu, 14 Apr 2022 12:26:23 +0000 (14:26 +0200)]
Attached images with mismatched proportions got mangled
Alexander Ebert [Thu, 14 Apr 2022 09:47:35 +0000 (11:47 +0200)]
Empty code boxes partially collapsed the layout
See https://www.woltlab.com/community/thread/295182-leere-code-box-ist-kaputt/
Tim Düsterhus [Wed, 13 Apr 2022 07:17:30 +0000 (09:17 +0200)]
Fix typo in en.xml
Alexander Ebert [Tue, 12 Apr 2022 13:20:42 +0000 (15:20 +0200)]
Release 5.4.16 dev 1
WoltLab [Tue, 12 Apr 2022 12:39:44 +0000 (12:39 +0000)]
Updating minified JavaScript files
Alexander Ebert [Tue, 12 Apr 2022 12:32:56 +0000 (14:32 +0200)]
Removing an attachment did not purge copies
See https://www.woltlab.com/community/thread/295032-dateianh%C3%A4nge-aktualsieren-sich-nicht-beim-l%C3%B6schen/
WoltLab [Tue, 12 Apr 2022 09:53:44 +0000 (09:53 +0000)]
Updating minified JavaScript files
Alexander Ebert [Mon, 11 Apr 2022 15:05:49 +0000 (17:05 +0200)]
Overlaying images discarded the transparency
See https://www.woltlab.com/community/thread/295124-imagickimageadapter-overlayen-zweier-bilder-mit-alpha-channel-entfernt-transpare/
Alexander Ebert [Mon, 11 Apr 2022 14:00:58 +0000 (16:00 +0200)]
Merge pull request #4700 from WoltLab/54-disallow-default-value-for-blob-text
Disallow default values for BLOB and TEXT columns
Tim Düsterhus [Mon, 11 Apr 2022 11:51:00 +0000 (13:51 +0200)]
Allow `null` in `TUnsupportedDefaultValue`
When fetching the column definition from the database MySQL will return `null`
as the default value for BLOB and TEXT column even if the column itself is
`NOT NULL`.
Alexander Ebert [Mon, 11 Apr 2022 10:45:24 +0000 (12:45 +0200)]
Incorrect code formatting
Alexander Ebert [Mon, 11 Apr 2022 10:41:36 +0000 (12:41 +0200)]
Missing cache reset after manually adding phrases
See https://www.woltlab.com/community/thread/295020-text-hinzuf%C3%BCgen-cache-wird-nicht-geleert/
Tim Düsterhus [Fri, 8 Apr 2022 10:03:23 +0000 (12:03 +0200)]
Remove accidentally added space in MysqlSearchEngine
Tim Düsterhus [Fri, 8 Apr 2022 10:00:53 +0000 (12:00 +0200)]
Do not add the `+` prefix to search terms matching an InnoDB stop word
This is issue is effectively identical to the one fixed in commit
247d9cc51af9cd78395e2e7600bacbc2ffdf918b.
Tim Düsterhus [Wed, 6 Apr 2022 11:02:02 +0000 (13:02 +0200)]
Ignore prefixes that are not separated with a space in MysqlSearchEngine::splitIntoTerms()
Marcel Werk [Tue, 5 Apr 2022 09:20:31 +0000 (11:20 +0200)]
Banning a user without entering an unbanning date leads to error message
Alexander Ebert [Mon, 4 Apr 2022 17:08:41 +0000 (19:08 +0200)]
Detect Firefox in Favico.js based on CSS
See https://www.woltlab.com/community/thread/294994-verwendung-von-installtrigger-in-favico-js-vermeiden/
Alexander Ebert [Mon, 4 Apr 2022 17:01:12 +0000 (19:01 +0200)]
Verify that the active dialog is closable
See https://www.woltlab.com/community/thread/294867-verschachtelte-dialoge-verwerfen-optionen-des-1-dialogs/
Sir-Will [Sun, 3 Apr 2022 01:19:51 +0000 (03:19 +0200)]
Update google console link
Closes #4716
Marcel Werk [Thu, 31 Mar 2022 12:05:56 +0000 (14:05 +0200)]
Article system allowed access to titles of hidden articles
The problem was caused by a redirect to the Canonical URL before the permissions were checked.
Marcel Werk [Tue, 29 Mar 2022 12:36:13 +0000 (14:36 +0200)]
Floating of attachments in simplified HTML did not work properly
Marcel Werk [Tue, 29 Mar 2022 12:01:36 +0000 (14:01 +0200)]
Incorrect handling of GIF cover photos when rebuilding users
Tim Düsterhus [Wed, 23 Mar 2022 08:10:40 +0000 (09:10 +0100)]
Whitelist `basename` in enterprise mode
Tim Düsterhus [Mon, 21 Mar 2022 10:08:46 +0000 (11:08 +0100)]
Merge branch '5.3' into 5.4
Tim Düsterhus [Mon, 21 Mar 2022 10:03:59 +0000 (11:03 +0100)]
Merge pull request #4706 from WoltLab/guzzle-psr7-backport
Update guzzlehttp/psr7 to a custom fork
Tim Düsterhus [Sun, 20 Mar 2022 14:22:29 +0000 (15:22 +0100)]
Update guzzlehttp/psr7 to a custom fork
see WoltLab/guzzle-psr7@
ff7be9fcf7da87f971990b1a61d8a7f2b5aeac9b
see WoltLab/guzzle-psr7@
986596de01529f6e837a5cadfef9ec714ace7914
Tim Düsterhus [Fri, 18 Mar 2022 13:59:50 +0000 (14:59 +0100)]
Prevent possible brick when the upgrade to 5.5 fails between unpacking of files and unpacking of acptemplates
Alexander Ebert [Thu, 17 Mar 2022 16:41:10 +0000 (17:41 +0100)]
Release 5.4.15
Alexander Ebert [Thu, 17 Mar 2022 16:36:32 +0000 (17:36 +0100)]
Release 5.3.21
Alexander Ebert [Thu, 17 Mar 2022 16:34:59 +0000 (17:34 +0100)]
Merge branch '5.2' into 5.3
Alexander Ebert [Thu, 17 Mar 2022 16:33:49 +0000 (17:33 +0100)]
Release 5.2.20
Alexander Ebert [Thu, 17 Mar 2022 16:32:53 +0000 (17:32 +0100)]
Merge branch '3.1' into 5.2
Alexander Ebert [Thu, 17 Mar 2022 16:31:13 +0000 (17:31 +0100)]
Release 3.1.28
Alexander Ebert [Thu, 17 Mar 2022 14:43:27 +0000 (15:43 +0100)]
Release 3.1.28
Tim Düsterhus [Thu, 17 Mar 2022 13:31:44 +0000 (14:31 +0100)]
Merge branch '5.3' into 5.4
Tim Düsterhus [Thu, 17 Mar 2022 13:28:38 +0000 (14:28 +0100)]
Merge branch '5.2' into 5.3
WoltLab [Thu, 17 Mar 2022 13:27:24 +0000 (13:27 +0000)]
Updating minified JavaScript files
Tim Düsterhus [Thu, 17 Mar 2022 13:25:53 +0000 (14:25 +0100)]
Merge branch '3.1' into 5.2
WoltLab [Thu, 17 Mar 2022 13:23:56 +0000 (13:23 +0000)]
Updating minified JavaScript files
Tim Düsterhus [Thu, 17 Mar 2022 13:22:22 +0000 (14:22 +0100)]
Merge branch '5.3' into 5.4
Tim Düsterhus [Thu, 17 Mar 2022 13:21:34 +0000 (14:21 +0100)]
Merge branch '5.2' into 5.3
Tim Düsterhus [Thu, 17 Mar 2022 13:20:55 +0000 (14:20 +0100)]
Merge branch '3.1' into 5.2
Tim Düsterhus [Wed, 16 Mar 2022 16:55:20 +0000 (17:55 +0100)]
Escape HTML in the filename of the progress indicator during attachment upload
(cherry picked from commit
81b770284267db5dc8c8df86e303a20c3ccb8dce)
Tim Düsterhus [Thu, 17 Mar 2022 13:12:25 +0000 (14:12 +0100)]
Merge branch 'cronjobLogList-xss' into 3.1
Tim Düsterhus [Thu, 17 Mar 2022 08:10:12 +0000 (09:10 +0100)]
Fix XSS in the cronjob's error message in cronjobLogList
This can happen if untrusted information, such as the HTTP response body for a
failed Guzzle request, is embedded into the error message.
Thanks to @SoftCreatR for responsibly reporting the issue.
Alexander Ebert [Wed, 16 Mar 2022 19:01:43 +0000 (20:01 +0100)]
Release 5.4.15 dev 3
WoltLab [Wed, 16 Mar 2022 17:31:50 +0000 (17:31 +0000)]
Updating minified JavaScript files
WoltLab [Wed, 16 Mar 2022 17:17:31 +0000 (17:17 +0000)]
Updating minified JavaScript files
Tim Düsterhus [Wed, 16 Mar 2022 16:56:10 +0000 (17:56 +0100)]
Merge branch '5.3' into 5.4
Tim Düsterhus [Wed, 16 Mar 2022 16:55:20 +0000 (17:55 +0100)]
Escape HTML in the filename of the progress indicator during attachment upload
Marcel Werk [Wed, 16 Mar 2022 10:20:11 +0000 (11:20 +0100)]
An array as query string resulted in an error
joshuaruesweg [Wed, 16 Mar 2022 08:28:37 +0000 (09:28 +0100)]
Remove `Template.grammar.jison`
joshuaruesweg [Wed, 16 Mar 2022 08:24:48 +0000 (09:24 +0100)]
Delete old JS dir, before recompile TS
This ensures, that there are no superfluous files commited in the JS dir.
Tim Düsterhus [Wed, 16 Mar 2022 08:02:41 +0000 (09:02 +0100)]
Merge pull request #4702 from WoltLab/5.4-unfurl-charset
Catch `ValueError` while convert encoding
joshuaruesweg [Tue, 15 Mar 2022 18:00:53 +0000 (19:00 +0100)]
Catch `ValueError` while convert encoding
Since PHP 8.0 the function `mb_convert_encoding` throws an `ValueError` if the given charset is unknown. Prior to this, a PHP notice is thrown.
Fixes #4697
Alexander Ebert [Tue, 15 Mar 2022 17:12:54 +0000 (18:12 +0100)]
Release 5.4.15 dev 2
Tim Düsterhus [Tue, 15 Mar 2022 15:31:19 +0000 (16:31 +0100)]
Merge pull request #4701 from WoltLab/mysql-search-plus-min-token
Do not add the `+` prefix to search terms shorter than InnoDB's ft_min_token_size
Tim Düsterhus [Tue, 15 Mar 2022 14:40:39 +0000 (15:40 +0100)]
Do not add the `+` prefix to search terms shorter than InnoDB's ft_min_token_size
see https://www.woltlab.com/community/thread/294842-suchindex-richtig-vorbereiten/
Tim Düsterhus [Tue, 15 Mar 2022 14:39:53 +0000 (15:39 +0100)]
Add MysqlSearchEngine::getMinTokenSize() as a replacement for getFulltextMinimumWordLength()
This new method is private, because it is considered an implementation detail.
Marcel Werk [Mon, 14 Mar 2022 09:30:12 +0000 (10:30 +0100)]
Merge branch '5.3' into 5.4
Marcel Werk [Mon, 14 Mar 2022 09:27:14 +0000 (10:27 +0100)]
Only revert points when revoking a reaction
Tim Düsterhus [Fri, 11 Mar 2022 09:08:41 +0000 (10:08 +0100)]
Use explicit `return null` in DatabaseObjectList::search()
Tim Düsterhus [Thu, 10 Mar 2022 16:30:13 +0000 (17:30 +0100)]
Merge pull request #4699 from WoltLab/ds-store
Rerun the .DS_Store deletion script
Alexander Ebert [Thu, 10 Mar 2022 16:17:59 +0000 (17:17 +0100)]
Disallow default values for BLOB and TEXT columns
Alexander Ebert [Thu, 10 Mar 2022 16:08:07 +0000 (17:08 +0100)]
Gracefully handle integers exceeding 32bit
See https://www.woltlab.com/community/thread/294731-profilfeld-wert-integer/
Tim Düsterhus [Thu, 10 Mar 2022 14:47:57 +0000 (15:47 +0100)]
Rerun the .DS_Store deletion script
Apparently some installations still contain .DS_Store files assigned to
official packages. These might come from 5.3 installations that were
immediately upgraded to 5.4.4 or higher, without going through 5.4.3.
see
2bd8c2dba79878269981aac94c1ad51e94b2308e
Alexander Ebert [Thu, 10 Mar 2022 11:48:11 +0000 (12:48 +0100)]
Release 5.4.15 dev 1
WoltLab [Thu, 10 Mar 2022 10:45:53 +0000 (10:45 +0000)]
Updating minified JavaScript files
Alexander Ebert [Wed, 9 Mar 2022 18:28:07 +0000 (19:28 +0100)]
Set `toFloat()` to `protected` for compatibility
Alexander Ebert [Wed, 9 Mar 2022 18:06:45 +0000 (19:06 +0100)]
Missing conversion of localized search values
Fixes https://www.woltlab.com/community/thread/294505-eingabefeld-profilfeld-dezimalzeichen-problem/
Alexander Ebert [Wed, 9 Mar 2022 18:05:41 +0000 (19:05 +0100)]
Moved the conversion of localized values to floats
Alexander Ebert [Wed, 9 Mar 2022 16:50:23 +0000 (17:50 +0100)]
Show the erroneous tab on submit
Fixes https://www.woltlab.com/community/thread/294204-meldung-bei-nicht-erfolgreichem-box-speichern-wegen-quellcode-modus/
Alexander Ebert [Wed, 9 Mar 2022 16:19:40 +0000 (17:19 +0100)]
Workaround for the selection of the quote tooltip
Fixes https://www.woltlab.com/community/thread/294684-sprung-zum-seitenanfang-beim-markieren-auf-mobilen-ger%C3%A4ten/
Alexander Ebert [Wed, 9 Mar 2022 15:14:14 +0000 (16:14 +0100)]
Improved the UX for page object id suggestions
See https://www.woltlab.com/community/thread/294550-men%C3%BCpunkt-mit-artikelbezug-artikel-id-heraussuchen-klick-%C3%B6ffnet-artikel/
Tim Düsterhus [Wed, 9 Mar 2022 14:23:47 +0000 (15:23 +0100)]
Merge branch '5.3' into 5.4
Tim Düsterhus [Wed, 9 Mar 2022 14:16:41 +0000 (15:16 +0100)]
Upgrade to `actions/checkout@v3`
Tim Düsterhus [Wed, 9 Mar 2022 14:14:53 +0000 (15:14 +0100)]
Merge branch '5.2' into 5.3
Tim Düsterhus [Wed, 9 Mar 2022 14:14:35 +0000 (15:14 +0100)]
Upgrade to `actions/checkout@v3`
Tim Düsterhus [Wed, 9 Mar 2022 13:44:09 +0000 (14:44 +0100)]
Update npm dependencies
Tim Düsterhus [Wed, 9 Mar 2022 13:08:53 +0000 (14:08 +0100)]
Add missing space in indentation in LikeAction
projects / GitHub / WoltLab / WCF.git / log