Tim Düsterhus [Wed, 11 Aug 2021 14:25:45 +0000 (16:25 +0200)]
Simplify proxy_sourcemap.php using the Laminas libraries
Tim Düsterhus [Wed, 11 Aug 2021 11:40:48 +0000 (13:40 +0200)]
Merge pull request #4454 from WoltLab/psr-7-cache-control-private
Add `cache-control: private` to PSR-7 responses
Tim Düsterhus [Wed, 11 Aug 2021 11:32:06 +0000 (13:32 +0200)]
Clean up the `cache-control` processing in RequestHandler::sendPsr7Response()
Tim Düsterhus [Tue, 10 Aug 2021 15:21:31 +0000 (17:21 +0200)]
Add `cache-control: private` to PSR-7 responses
see #4273
Tim Düsterhus [Tue, 10 Aug 2021 14:08:56 +0000 (16:08 +0200)]
Merge branch 'master' into meta-psr-7
Tim Düsterhus [Tue, 10 Aug 2021 14:06:44 +0000 (16:06 +0200)]
Merge branch '5.4'
Tim Düsterhus [Tue, 10 Aug 2021 14:06:04 +0000 (16:06 +0200)]
Add missing `@since` tags for PSR-7 methods
Tim Düsterhus [Tue, 10 Aug 2021 13:48:44 +0000 (15:48 +0200)]
Merge pull request #4436 from WoltLab/psr-7
Add initial support for sending PSR-7 responses
Tim Düsterhus [Tue, 10 Aug 2021 13:40:25 +0000 (15:40 +0200)]
Merge pull request #4452 from WoltLab/markQuotesForRemoval
Deprecate MessageQuoteAction::markForRemoval()
WoltLab [Tue, 10 Aug 2021 13:30:36 +0000 (13:30 +0000)]
Updating minified JavaScript files
Alexander Ebert [Tue, 10 Aug 2021 13:26:04 +0000 (15:26 +0200)]
Release 5.4.4
Tim Düsterhus [Tue, 10 Aug 2021 13:15:22 +0000 (15:15 +0200)]
Deprecate MessageQuoteAction::markForRemoval()
This method is no longer used as of commit
9d118fa4c035827b399acdcb4c6c05ad1be5f3c5 (3.0.x).
Tim Düsterhus [Tue, 10 Aug 2021 12:36:32 +0000 (14:36 +0200)]
Tim Düsterhus [Tue, 10 Aug 2021 12:34:12 +0000 (14:34 +0200)]
Tim Düsterhus [Tue, 10 Aug 2021 10:19:35 +0000 (12:19 +0200)]
Merge branch '5.4'
mutec [Tue, 10 Aug 2021 10:06:27 +0000 (12:06 +0200)]
use the sessions language id instead of the user's default in `I18nDatabaseObjectList`
`WCF::getUser()->languageID` doesn't return a valid language id as integer in every case. Additionally we (normally) want to use a specific language or the session's language - which might be different from the user's default in some moments.
see #4407
Alexander Ebert [Tue, 10 Aug 2021 09:05:07 +0000 (11:05 +0200)]
Release 5.4.3
WoltLab [Mon, 9 Aug 2021 16:39:16 +0000 (16:39 +0000)]
Updating minified JavaScript files
Alexander Ebert [Mon, 9 Aug 2021 16:36:13 +0000 (18:36 +0200)]
Workaround for unfreezing the screen in iOS Safari
The change to the CSS class and the properties cause a recalculation that could sometimes interfere with the page scrolling.
Forcing the scrolling into the next iteration of the event loop solves this issue by separating both actions. Since the scrolling does depend on the actions in the lines above it, this is reasonably safe to do.
Tim Düsterhus [Mon, 9 Aug 2021 15:18:13 +0000 (17:18 +0200)]
Merge pull request #4451 from WoltLab/multiselect-condition
Fix conditions for MultiSelectOptionType
joshuaruesweg [Mon, 9 Aug 2021 13:22:31 +0000 (15:22 +0200)]
Fix sorting status column in emailLogList.tpl
Tim Düsterhus [Fri, 9 Jul 2021 14:58:42 +0000 (16:58 +0200)]
Fix conditions for MultiSelectOptionType
This cleans up the SQL conditions used for searching for users with a specific
selection and fixes the following issues:
- It avoids the use of `escapeString()` in favor of proper prepared statements.
- It avoids the use of `preg_quote()` to escape a regular expression for use in
MySQL, which might not be safe.
- It fixes matching when the options are later reordered, as the saved value is
not being normalized and instead reused the order of the options within the
select.
The generated query does not look great, but is not really worse than the
regular expression either.
In the future it might be possible to migrate this option type to a JSON based
storage and to use `JSON_CONTAINS()`.
Tim Düsterhus [Mon, 9 Aug 2021 12:39:01 +0000 (14:39 +0200)]
Merge branch '5.4'
Alexander Ebert [Mon, 9 Aug 2021 12:00:00 +0000 (14:00 +0200)]
Skip XML that have been unchanged for 5.3 -> 5.4
Alexander Ebert [Mon, 9 Aug 2021 10:53:43 +0000 (12:53 +0200)]
Merge pull request #4445 from WoltLab/template-sandbox-foreachvars
Sandbox `foreachVars` in templates
Tim Düsterhus [Mon, 9 Aug 2021 09:48:45 +0000 (11:48 +0200)]
Merge branch '5.4'
Marcel Werk [Mon, 9 Aug 2021 09:35:07 +0000 (11:35 +0200)]
Merge pull request #4446 from WoltLab/mfa-setup-allocation-failed
Show nicer error message if allocating the MFA setup fails
Tim Düsterhus [Mon, 9 Aug 2021 09:27:51 +0000 (11:27 +0200)]
Show nicer error message if allocating the MFA setup fails
`Setup::allocateSetUpId` can deadlock if the form is submitted twice at the
same time. This error should not be normally seen by the user. If they do they
will be directed to "Try again" and then see that MFA is active, because one of
the requests succeeded. They will also receive the info mail letting them know
where to regenerate their backup codes if necessary.
Tim Düsterhus [Mon, 9 Aug 2021 09:07:27 +0000 (11:07 +0200)]
Add RejectEverythingFormField if email MFA is already active
We must not allow submitting the form in this case, because we will trigger the
assertion otherwise.
Tim Düsterhus [Mon, 9 Aug 2021 09:06:39 +0000 (11:06 +0200)]
Fix assertion in EmailMultifactorMethod::processManagementForm()
Alexander Ebert [Sun, 8 Aug 2021 09:29:26 +0000 (11:29 +0200)]
Sandbox `foreachVars` in templates
Nesting the same template inside a `foreach` loop that is also accessed inside the nested call will overwrite the values from the outer template due to identical identifiers being used.
The sandbox did not protected `$this->foreachVars` despite being stateful.
See #4431
Fixes #4444
Marcel Werk [Sat, 7 Aug 2021 09:42:38 +0000 (11:42 +0200)]
Search for not filled user option fields was not possible
Marcel Werk [Sat, 7 Aug 2021 09:18:22 +0000 (11:18 +0200)]
Improved acp search
Closes #3335
Alexander Ebert [Sat, 7 Aug 2021 08:48:34 +0000 (10:48 +0200)]
Merge branch '5.4'
Alexander Ebert [Sat, 7 Aug 2021 08:48:11 +0000 (10:48 +0200)]
Merge pull request #4442 from SoftCreatR/css-optimizations
Prefixed CSS First
Sascha Greuel [Fri, 6 Aug 2021 18:42:21 +0000 (20:42 +0200)]
Prefixed CSS First
Ensured vendor-prefixed versions of a CSS property are listed before the standardized, unprefixed version.
When multiple versions of the same CSS property are specified, the last supported one will be used due to how browsers handle fallback values. This means the order matters when using both vendor-prefixed and unprefixed versions of the same property. Specifically, the unprefixed version must be listed last to ensure standardized behavior takes precedence.
Alexander Ebert [Fri, 6 Aug 2021 16:15:55 +0000 (18:15 +0200)]
Removing inline formatting yielded empty elements and broke the selection
See https://community.woltlab.com/thread/291496-fettmarkierung-bei-einem-einzelnen-wort-kann-nicht-mehr-entfernt-werden/
Alexander Ebert [Fri, 6 Aug 2021 14:44:42 +0000 (16:44 +0200)]
Strip de fact empty paragraphs in messages
Tim Düsterhus [Fri, 6 Aug 2021 13:25:14 +0000 (15:25 +0200)]
Merge branch '5.4'
WoltLab [Fri, 6 Aug 2021 12:52:45 +0000 (12:52 +0000)]
Updating minified JavaScript files
Tim Düsterhus [Fri, 6 Aug 2021 12:44:42 +0000 (14:44 +0200)]
Merge pull request #4440 from WoltLab/sourcemap-proxy
Add proxy_sourcemap.php
Alexander Ebert [Fri, 6 Aug 2021 12:41:10 +0000 (14:41 +0200)]
Merge branch '5.3' into 5.4
Alexander Ebert [Fri, 6 Aug 2021 12:41:00 +0000 (14:41 +0200)]
Prevent submitting an empty message to the preview
Tim Düsterhus [Fri, 6 Aug 2021 12:34:52 +0000 (14:34 +0200)]
Merge pull request #4441 from WoltLab/acp-logout-to-reauth
Redirect the user to ACP reauthentication instead of frontend after logout
Tim Düsterhus [Fri, 6 Aug 2021 08:04:23 +0000 (10:04 +0200)]
Add proxy_sourcemap.php
Tim Düsterhus [Fri, 6 Aug 2021 11:43:36 +0000 (13:43 +0200)]
Redirect the user to ACP reauthentication instead of frontend after logout
Tim Düsterhus [Fri, 6 Aug 2021 11:34:59 +0000 (13:34 +0200)]
Revert "Update Open Sans"
This reverts Open Sans back to the non-variable version, as the variable one
appears to render pretty badly on Windows.
This reverts commit
33c8866a790e9e6bc46358f6e82df76d2e32f56e.
Tim Düsterhus [Fri, 6 Aug 2021 10:32:25 +0000 (12:32 +0200)]
Merge branch '5.4'
Tim Düsterhus [Fri, 6 Aug 2021 10:31:18 +0000 (12:31 +0200)]
Merge branch '5.3' into 5.4
Tim Düsterhus [Fri, 6 Aug 2021 10:26:36 +0000 (12:26 +0200)]
Merge branch '5.2' into 5.3
Joshua Rüsweg [Fri, 6 Aug 2021 09:22:18 +0000 (11:22 +0200)]
Merge pull request #4439 from xopez/5.2
Fixes Bings Sitemap Howto
Marcel Werk [Thu, 5 Aug 2021 15:56:02 +0000 (17:56 +0200)]
Reactions were not displayed in article list when sorted by title
Marcel Werk [Thu, 5 Aug 2021 15:48:20 +0000 (17:48 +0200)]
Mark as read doesn't removed the badge in the mobile menu
xopez [Thu, 5 Aug 2021 14:55:45 +0000 (16:55 +0200)]
Fixes Bings Sitemap Howto
This includes the correct links if the Bing Webmaster Tools help & how-to for sitemaps.
Tim Düsterhus [Thu, 5 Aug 2021 13:44:44 +0000 (15:44 +0200)]
Merge pull request #4438 from WoltLab/5.4-fix-missing-salts
Fix having an incorrect parameter if a hash does not contains a salt
Tim Düsterhus [Thu, 5 Aug 2021 13:03:09 +0000 (15:03 +0200)]
Use less specific return type for ReauthenticationForm::getRedirectResponse()
Tim Düsterhus [Thu, 5 Aug 2021 12:58:38 +0000 (14:58 +0200)]
Add AbstractPage::hasPsr7Response()
Tim Düsterhus [Thu, 5 Aug 2021 12:55:36 +0000 (14:55 +0200)]
Use less generic name for the PSR-7 methods in AbstractPage
joshuaruesweg [Thu, 5 Aug 2021 12:43:29 +0000 (14:43 +0200)]
Fix having an incorrect parameter if a hash does not contains a salt
Fixes #4416
Tim Düsterhus [Thu, 5 Aug 2021 11:50:22 +0000 (13:50 +0200)]
Use PSR-7 responses for if-none-match in MediaPage
Tim Düsterhus [Thu, 5 Aug 2021 11:48:40 +0000 (13:48 +0200)]
Use PSR-7 responses for if-none-match in AttachmentPage
Tim Düsterhus [Thu, 5 Aug 2021 11:43:09 +0000 (13:43 +0200)]
Use PSR-7 responses for redirect in ReauthenticationForm
Alexander Ebert [Thu, 5 Aug 2021 11:39:03 +0000 (13:39 +0200)]
Reset the avatar cache to force the use of the WebP variants
Fixes #4424
joshuaruesweg [Thu, 5 Aug 2021 11:04:46 +0000 (13:04 +0200)]
Delete reaction type icon on delete action
Tim Düsterhus [Thu, 5 Aug 2021 10:52:28 +0000 (12:52 +0200)]
Allow the use of `return` for PSR-7 responses in AbstractForm/AbstractPage
Tim Düsterhus [Thu, 5 Aug 2021 10:42:47 +0000 (12:42 +0200)]
Add PSR-7 support to AbstractPage and AbstractForm
Tim Düsterhus [Thu, 5 Aug 2021 10:01:30 +0000 (12:01 +0200)]
Use PSR-7 responses in RescueModeForm::__run()
Tim Düsterhus [Thu, 5 Aug 2021 08:42:39 +0000 (10:42 +0200)]
Use PSR-7 responses in ImageProxyAction
Tim Düsterhus [Thu, 5 Aug 2021 08:41:17 +0000 (10:41 +0200)]
Use PSR-7 responses in DeleteSessionAction
Tim Düsterhus [Thu, 5 Aug 2021 08:40:00 +0000 (10:40 +0200)]
Use PSR-7 responses in LogoutAction
Tim Düsterhus [Tue, 13 Jul 2021 14:02:33 +0000 (16:02 +0200)]
Pass through the return value of parent::__run() in controllers
Tim Düsterhus [Thu, 5 Aug 2021 08:37:07 +0000 (10:37 +0200)]
Support sending PSR-7 responses in AbstractAction
Tim Düsterhus [Thu, 5 Aug 2021 08:36:06 +0000 (10:36 +0200)]
Support sending PSR-7 responses from controllers
Tim Düsterhus [Thu, 5 Aug 2021 08:34:55 +0000 (10:34 +0200)]
Add laminas/laminas-httphandlerrunner to composer dependencies
Tim Düsterhus [Thu, 5 Aug 2021 08:33:04 +0000 (10:33 +0200)]
Add laminas/laminas-diactoros to composer dependencies
Tim Düsterhus [Thu, 5 Aug 2021 09:40:52 +0000 (11:40 +0200)]
Merge branch '5.2' into 5.3
Tim Düsterhus [Thu, 5 Aug 2021 09:40:26 +0000 (11:40 +0200)]
Merge branch '5.4'
Tim Düsterhus [Thu, 5 Aug 2021 09:40:15 +0000 (11:40 +0200)]
Run SCSS prettier
Tim Düsterhus [Thu, 5 Aug 2021 07:16:18 +0000 (09:16 +0200)]
Fix typo in watchedArticleList.tpl
Tim Düsterhus [Wed, 4 Aug 2021 13:32:52 +0000 (15:32 +0200)]
Merge branch '5.4'
Tim Düsterhus [Wed, 4 Aug 2021 13:32:36 +0000 (15:32 +0200)]
Merge branch '5.3' into 5.4
Marcel Werk [Wed, 4 Aug 2021 13:27:50 +0000 (15:27 +0200)]
Some external links in the admin panel did not open in a new window
Alexander Ebert [Wed, 4 Aug 2021 12:23:34 +0000 (14:23 +0200)]
Trim the preview height using traditional overflow
`-webkit-line-clamp` is broken in Firefox and Safari once complex HTML is used.
See https://community.woltlab.com/thread/291373-rich-embeds-mit-liste-fehlerhaft/
Alexander Ebert [Wed, 4 Aug 2021 11:49:05 +0000 (13:49 +0200)]
Skip the user menu initialization if there are no items
Alexander Ebert [Wed, 4 Aug 2021 10:33:43 +0000 (12:33 +0200)]
Detect `<center>` as a block element
Tim Düsterhus [Wed, 4 Aug 2021 09:26:15 +0000 (11:26 +0200)]
Merge branch '5.2' into 5.3
Tim Düsterhus [Wed, 4 Aug 2021 09:25:25 +0000 (11:25 +0200)]
Merge pull request #4435 from WoltLab/php-ddl-diff
PHP DDL Fixes
Tim Düsterhus [Wed, 4 Aug 2021 08:57:06 +0000 (10:57 +0200)]
Take the array key into account when checking whether a column is up to date in DatabaseTableChangeProcessor
Previously updating a column that looks like this:
column VARCHAR(1) NOT NULL
to:
column VARCHAR(1) NULL
would not do anything.
Converted into the `getData()` representation of the PHP DDL API these would
look like:
[ 'default' => null
, 'notNull' => 1
, 'type' => 'VARCHAR'
, 'length' => 1
]
and
[ 'default' => null
, 'notNull' => 0
, 'type' => 'VARCHAR'
, 'length' => 1
]
respectively.
Now taking the diff of the first array against the second array (subtracting
the second from the first) will remove *both* 1 values, resulting in an
empty difference, thus believing both columns are identical.
Fix this issue by using `array_diff_assoc` which will also take the key into
account.
Tim Düsterhus [Wed, 4 Aug 2021 08:36:12 +0000 (10:36 +0200)]
Take the array key into account when checking whether a KEY is up to date in DatabaseTableChangeProcessor
Previously updating a (pretty contrived) KEY that looks like this:
[…] UNIQUE KEY someIndex (`UNIQUE`)
to:
[…] KEY someIndex (`UNIQUE`)
would not do anything.
Converted into the `getData()` representation of the PHP DDL API these would
look like:
[ 'columns' => 'UNIQUE'
, 'type' => 'UNIQUE'
]
and
[ 'columns' => 'UNIQUE'
, 'type' => null
]
respectively.
Now taking the diff of the first array against the second array (subtracting
the second from the first) will remove *both* 'UNIQUE' values, resulting in an
empty difference, thus believing both KEYs are identical.
Fix this issue by using `array_diff_assoc` which will also take the key into
account.
Alexander Ebert [Tue, 3 Aug 2021 15:17:12 +0000 (17:17 +0200)]
Incorrect handling of `null` values for metacode attributes
Tim Düsterhus [Tue, 3 Aug 2021 15:09:29 +0000 (17:09 +0200)]
Merge branch '5.2' into 5.3
Tim Düsterhus [Tue, 3 Aug 2021 15:08:35 +0000 (17:08 +0200)]
Merge pull request #4433 from WoltLab/php-ddl-diff
PHP DDL Fixes
Tim Düsterhus [Tue, 3 Aug 2021 14:33:43 +0000 (16:33 +0200)]
Take the array key into account when checking whether a FOREIGN KEY is up to date in DatabaseTableChangeProcessor
Previously updating a FOREIGN KEY that looks like this:
[…] FOREIGN KEY (fooID) REFERENCES wcf1_foo (fooID) ON DELETE SET NULL ON UPDATE CASCADE
to:
[…] FOREIGN KEY (fooID) REFERENCES wcf1_foo (fooID) ON DELETE CASCADE ON UPDATE SET NULL
would not do anything.
Converted into the `getData()` representation of the PHP DDL API these would
look identical when looking at the values only. Both span the same column and
reference the same column on the same table. The `ON …` actions are one
`CASCADE` and one `SET NULL` for both.
For this reason the diff is empty, believing that the FOREIGN KEY already
matches the expected configuration.
Fix this issue by using `array_diff_assoc` which will also take the key into
account.
Tim Düsterhus [Tue, 3 Aug 2021 14:13:58 +0000 (16:13 +0200)]
Take the array key into account when matching up FOREIGN KEYs in DatabaseTableChangeProcessor
Previously a FOREIGN KEY within the database that looks like this:
[…] FOREIGN KEY (someOtherUserID) REFERENCES wcf1_user (userID) […]
would match up a FOREIGN KEY definition like the following:
[…] FOREIGN KEY (userID) REFERENCES wcf1_user (userID) […]
Converted into the `getDiffData()` representation of the PHP DDL API these
would like:
[ 'columns' => 'someOtherUserID'
, 'referencedColumns' => 'userID'
, 'referencedTable' => 'wcf1_user'
]
and
[ 'columns' => 'userID'
, 'referencedColumns' => 'userID'
, 'referencedTable' => 'wcf1_user'
]
respectively.
Now taking the diff of the second array against the first array (subtracting
the first from the second) will remove *both* 'userID' values, resulting in an
empty difference, thus believing both FOREIGN KEYs are identical
Fix this issue by using `array_diff_assoc` which will also take the key into
account.
Alexander Ebert [Tue, 3 Aug 2021 12:36:05 +0000 (14:36 +0200)]
Merge pull request #4430 from WoltLab/js-legacy-inheritance
Resolved side effects from previous inheritance approach
Tim Düsterhus [Tue, 3 Aug 2021 12:35:40 +0000 (14:35 +0200)]
Merge pull request #4429 from WoltLab/form-field-data-handler-es6
Support ES 6 default exports for form builder field JavaScript data handlers
Tim Düsterhus [Mon, 2 Aug 2021 15:05:36 +0000 (17:05 +0200)]
Support ES 6 default exports for form builder field JavaScript data handlers
For legacy exports the value loaded by `require()` (`FormBuilderField`) will be
whatever the module author returned within the module definition. ES 6 modules
on the other hand will be passed as an object containing the exported values,
with the default export residing in the `default` key.
tslib's `__importDefault` will transform a legacy export into a ES 6 module, by
putting the exported value into the `default` key of an freshly created object.
This allows us to handle both legacy as well as ES 6 default exports identically
by simply using the `default` value of the `FormBuilderField` variable.
Tim Düsterhus [Tue, 3 Aug 2021 12:19:31 +0000 (14:19 +0200)]
Merge pull request #4432 from WoltLab/package-server-optional
Do not store optional information from update servers within the database
Tim Düsterhus [Tue, 3 Aug 2021 10:39:49 +0000 (12:39 +0200)]
Merge branch '5.4'
Tim Düsterhus [Tue, 3 Aug 2021 10:39:34 +0000 (12:39 +0200)]
Merge branch '5.3' into 5.4