Marcel Werk [Mon, 15 Aug 2022 14:29:37 +0000 (16:29 +0200)]
Disable text selection in dropdown menus
Alexander Ebert [Sat, 13 Aug 2022 09:07:32 +0000 (11:07 +0200)]
Fix the property name for CSS classes
Alexander Ebert [Fri, 12 Aug 2022 19:25:45 +0000 (21:25 +0200)]
Set the `pointer` cursor for buttons
Alexander Ebert [Fri, 12 Aug 2022 19:15:05 +0000 (21:15 +0200)]
Merge pull request #4955 from WoltLab/button-explicit-styling
Permit the use of the native `<button>` element
Alexander Ebert [Fri, 12 Aug 2022 16:16:14 +0000 (18:16 +0200)]
Update the compiled JS files
Tim Düsterhus [Fri, 12 Aug 2022 13:08:54 +0000 (15:08 +0200)]
Merge branch '5.5'
Alexander Ebert [Fri, 12 Aug 2022 12:52:07 +0000 (14:52 +0200)]
Merge pull request #4953 from WoltLab/group-permission-check
Remove broken check for UserGroupPermissionCache consistency
Tim Düsterhus [Fri, 12 Aug 2022 12:22:37 +0000 (14:22 +0200)]
Remove broken check for UserGroupPermissionCache consistency
The purpose of this check is not entirely clear, as it exists since the very
first commit in git. Back then it was not yet broken, it got broken when the
caching system was refactored to reorder parameters, probably in order to
improve the cache hit rates:
When running the `worker`s using the CLI interface, for some reason, the cache
for guests gets rebuilt with the `$parameters` array (and thus by extension the
`groupIDs` value) being equal to `[2, 1]`, whereas everywhere else the
`$parameters` are consistently `[1, 2]`.
Now when rebuilding the data via the CLI, the cache will have the `[2, 1]`
order and when reloading the cache in a regular HTTP session this check will
fail, as `[2, 1] != [1, 2]`, thus completely disregarding the cache contents
and using an empty permissions array instead. This in turn leads to guests not
being able to access anything.
Fix this by removing the safety check:
- It's exceedingly unlikely for two unrelated `$parameters` to collide in the
cache filename, thus applying incorrect permissions.
- If the CacheBuilder itself is buggy, then all bets are off anyway.
Marcel Werk [Fri, 12 Aug 2022 11:38:46 +0000 (13:38 +0200)]
Remove obsolete code
WoltLab [Fri, 12 Aug 2022 11:38:24 +0000 (11:38 +0000)]
Updating minified JavaScript files
Tim Düsterhus [Fri, 12 Aug 2022 09:24:21 +0000 (11:24 +0200)]
Merge branch '5.4' into 5.5
Tim Düsterhus [Fri, 12 Aug 2022 09:23:54 +0000 (11:23 +0200)]
Unify “Datenbanktabelle” in de.xml
Tim Düsterhus [Fri, 12 Aug 2022 09:23:11 +0000 (11:23 +0200)]
Fix typo in de.xml
see #4952
Tim Düsterhus [Thu, 11 Aug 2022 12:46:55 +0000 (14:46 +0200)]
Merge branch '5.5'
Tim Düsterhus [Thu, 11 Aug 2022 12:46:41 +0000 (14:46 +0200)]
Merge branch '5.4' into 5.5
Tim Düsterhus [Thu, 11 Aug 2022 12:45:33 +0000 (14:45 +0200)]
Improve character class definition in explanation for PIP identifiers
see #4952
Tim Düsterhus [Thu, 11 Aug 2022 12:43:58 +0000 (14:43 +0200)]
Unify phrasing for PIP identifier explanations
see #4952
Tim Düsterhus [Thu, 11 Aug 2022 12:40:52 +0000 (14:40 +0200)]
Improve phrasing in PIP identifier description
see #4952
Tim Düsterhus [Thu, 11 Aug 2022 12:38:50 +0000 (14:38 +0200)]
Fix grammar in de.xml
Resolves #4952
Reported-by: Dennis Kraffczyk <github@dennis-kraffczyk.de>
Tim Düsterhus [Thu, 11 Aug 2022 12:37:14 +0000 (14:37 +0200)]
Replace “Example” by “Beispiel” in de.xml
see #4952
Alexander Ebert [Wed, 10 Aug 2022 16:51:14 +0000 (18:51 +0200)]
Fix the check for the provided element
The implementation expects an input element, but an additional guard is in place to only accept DOM elements. The intention was to reject other values such as strings which were common with the previous jQuery implementation.
Tim Düsterhus [Wed, 10 Aug 2022 13:43:09 +0000 (15:43 +0200)]
Merge pull request #4950 from WoltLab/oauth-return-types
Add proper types to OAuth controllers
Tim Düsterhus [Wed, 10 Aug 2022 13:39:23 +0000 (15:39 +0200)]
Use typed property for AbstractOauth2Action::$httpClient
Tim Düsterhus [Wed, 10 Aug 2022 13:38:14 +0000 (15:38 +0200)]
Add proper types to the `*AuthAction` controllers
Tim Düsterhus [Wed, 10 Aug 2022 13:36:05 +0000 (15:36 +0200)]
Mark TwitterAuthAction as final
Tim Düsterhus [Wed, 10 Aug 2022 10:03:40 +0000 (12:03 +0200)]
Use `Hex::encode()` in PackageInstallationDispatcher
This must be safe at this point, because WCFSetup relies on composer's
autoloader to work.
Tim Düsterhus [Wed, 10 Aug 2022 10:33:48 +0000 (12:33 +0200)]
Merge pull request #4949 from WoltLab/package-php-requirements-remove
Remove remnants of PHP requirement checking logic in package installation
Tim Düsterhus [Wed, 10 Aug 2022 10:29:44 +0000 (12:29 +0200)]
Merge pull request #4948 from WoltLab/clear-cache-command
Add ClearCache command
Tim Düsterhus [Wed, 10 Aug 2022 09:05:57 +0000 (11:05 +0200)]
Remove PackageInstallationDispatcher::convertShorthandByteValue()
This method existed for use with compareSetting().
Tim Düsterhus [Wed, 10 Aug 2022 09:04:51 +0000 (11:04 +0200)]
Remove PackageInstallationDispatcher::compareSetting()
This method existed for use with validatePHPRequirements().
Tim Düsterhus [Wed, 10 Aug 2022 09:03:56 +0000 (11:03 +0200)]
Remove PackageInstallationDispatcher::validatePHPRequirements()
This code is completely unused and its API is built for internal use.
Tim Düsterhus [Wed, 10 Aug 2022 09:02:15 +0000 (11:02 +0200)]
Remove PackageArchive::unzipPackageArchive()
The `Tar` class is perfectly able to handle compressed tar archives, no need to
explicitly extract.
Tim Düsterhus [Wed, 10 Aug 2022 08:56:28 +0000 (10:56 +0200)]
Remove PackageInstallationDispatcher::functionExists()
This method is trivially replaced.
Tim Düsterhus [Wed, 10 Aug 2022 10:17:16 +0000 (12:17 +0200)]
Use ClearCacheCommand in CacheClearAction
Tim Düsterhus [Fri, 5 Aug 2022 09:43:16 +0000 (11:43 +0200)]
Add ClearCache command
Tim Düsterhus [Fri, 5 Aug 2022 09:38:28 +0000 (11:38 +0200)]
Add CacheCleared event
Tim Düsterhus [Tue, 9 Aug 2022 13:33:43 +0000 (15:33 +0200)]
Use `->prepare()` in Package(Un)InstallationNodeBuilder
Alexander Ebert [Tue, 9 Aug 2022 12:23:57 +0000 (14:23 +0200)]
Merge pull request #4944 from WoltLab/legacy-user-panel
Remove the legacy user panel
Alexander Ebert [Tue, 9 Aug 2022 12:23:27 +0000 (14:23 +0200)]
Merge pull request #4945 from WoltLab/deprecated-js-modules
Removal of unused legacy components
Alexander Ebert [Mon, 8 Aug 2022 17:28:45 +0000 (19:28 +0200)]
Remove the unused `WCF.Search.Message.js` file
Alexander Ebert [Mon, 8 Aug 2022 17:00:32 +0000 (19:00 +0200)]
Remove the legacy user panel
Tim Düsterhus [Tue, 9 Aug 2022 10:41:20 +0000 (12:41 +0200)]
Merge pull request #4946 from WoltLab/remove-package-cli
Remove PackageCLICommand
Tim Düsterhus [Tue, 9 Aug 2022 10:29:58 +0000 (12:29 +0200)]
Remove PackageCLICommand
This is broken by design and completely unmaintained.
Tim Düsterhus [Tue, 9 Aug 2022 10:27:49 +0000 (12:27 +0200)]
Use `->prepare()` in PackageInstallationDispatcher
Tim Düsterhus [Tue, 9 Aug 2022 07:43:52 +0000 (09:43 +0200)]
Initialize LegacySession with `null`
Otherwise ACP will access an uninitialized property during shutdown.
see
0867fa82fd1faaf2e1e9192102cae97a9759df70
Alexander Ebert [Mon, 8 Aug 2022 17:26:20 +0000 (19:26 +0200)]
Remove unused legacy components
Alexander Ebert [Mon, 8 Aug 2022 17:23:04 +0000 (19:23 +0200)]
Removed the unused `flexibleArea.js` plugin
Alexander Ebert [Mon, 8 Aug 2022 17:21:04 +0000 (19:21 +0200)]
Remove unused legacy components
Alexander Ebert [Mon, 8 Aug 2022 17:11:05 +0000 (19:11 +0200)]
Remove an unused legacy component
Alexander Ebert [Mon, 8 Aug 2022 16:41:04 +0000 (18:41 +0200)]
Remove the unused smartphone detection in jQuery
This was a custom detection that was entirely flawed and hard-coded to always return `false` since 5.5.
Alexander Ebert [Mon, 8 Aug 2022 16:38:51 +0000 (18:38 +0200)]
Remove an unused and dangerous window extension
Alexander Ebert [Mon, 8 Aug 2022 16:37:43 +0000 (18:37 +0200)]
Remove a workaround for `window.console` in IE<11
Tim Düsterhus [Mon, 8 Aug 2022 14:55:03 +0000 (16:55 +0200)]
Merge pull request #4942 from WoltLab/fileutil-downloadFileFromHttp
Remove FileUtil::downloadFileFromHttp()
Tim Düsterhus [Mon, 8 Aug 2022 14:54:14 +0000 (16:54 +0200)]
Merge pull request #4941 from WoltLab/legacy-mail
Remove the legacy Mail class
Tim Düsterhus [Mon, 8 Aug 2022 14:53:59 +0000 (16:53 +0200)]
Merge pull request #4940 from WoltLab/prism-deprecation
Remove deprecated Prism.wscSplitIntoLines
Tim Düsterhus [Mon, 8 Aug 2022 14:42:24 +0000 (16:42 +0200)]
Remove FileUtil::downloadFileFromHttp()
This method is deprecated since roughly forever, has a super questionable API
and even itself relies on the deprecated HTTPRequest API. Users really should
migrate to Guzzle.
Resolves #4373
Tim Düsterhus [Mon, 8 Aug 2022 14:37:23 +0000 (16:37 +0200)]
Remove the legacy Mail class
This one is long-deprecated and comes with quite a few limitations compared to
the modern Email API. It's time to remove it for good.
see
4fb6319f03fe22334e6e16ce15bf736ff87c0b67
see #2756
Tim Düsterhus [Mon, 8 Aug 2022 14:30:51 +0000 (16:30 +0200)]
Remove deprecated cookie management methods from SessionHandler
These are for internal use, third party code should not have any reason to call
those.
Tim Düsterhus [Mon, 8 Aug 2022 14:29:44 +0000 (16:29 +0200)]
Add proper types to SessionHandler
Tim Düsterhus [Mon, 8 Aug 2022 14:12:50 +0000 (16:12 +0200)]
Merge pull request #4939 from WoltLab/wcfacp-initAuth-middleware
Move ACP authentication check into middleware
Tim Düsterhus [Mon, 8 Aug 2022 13:40:01 +0000 (15:40 +0200)]
Remove deprecated Prism.wscSplitIntoLines
This method was primarily meant for internal use, hijacks the original Prism
object, is not TypeScript and has a clean replacement in Prism/Helper.ts.
Tim Düsterhus [Mon, 8 Aug 2022 12:51:33 +0000 (14:51 +0200)]
Remove obsolete imports in WCFACP
Tim Düsterhus [Mon, 8 Aug 2022 12:45:10 +0000 (14:45 +0200)]
Move ACP authentication check into middleware
This is similar to #4935 /
51154ba3f8f1d09b54560d5d1933f9053ef409cb.
Tim Düsterhus [Mon, 8 Aug 2022 11:42:08 +0000 (13:42 +0200)]
Merge pull request #4935 from WoltLab/ban-middleware
Move ban checking from WCF boot to middleware
Tim Düsterhus [Mon, 8 Aug 2022 10:50:38 +0000 (12:50 +0200)]
Merge pull request #4937 from WoltLab/5.6-to-6.0
Adjust references to 5.6 to 6.0
Tim Düsterhus [Mon, 8 Aug 2022 10:33:20 +0000 (12:33 +0200)]
Drop obsolete update_com.woltlab.wcf_5.5_deleteDsStore.php
Tim Düsterhus [Mon, 8 Aug 2022 10:32:09 +0000 (12:32 +0200)]
Adjust references to 5.6 to 6.0
Tim Düsterhus [Mon, 8 Aug 2022 09:39:25 +0000 (11:39 +0200)]
Use `Helper::isAjaxRequest()`
Tim Düsterhus [Mon, 8 Aug 2022 09:38:18 +0000 (11:38 +0200)]
Add `\wcf\http\Helper`
Tim Düsterhus [Mon, 8 Aug 2022 09:25:13 +0000 (11:25 +0200)]
Move ban checking from WCF boot to middleware
The previous location in WCF made sense back when `initBlacklist()` also
checked the IP address, User-Agent, or hostname blocklist to prevent processing
the request as much as possible. As all these checks are gone now, the only
thing that remains is the inexpensive ban check.
Move it into a middleware, it does not really belong into WCF which should just
be responsible for booting the framework independently of the request in
question.
Tim Düsterhus [Mon, 8 Aug 2022 09:23:35 +0000 (11:23 +0200)]
Merge pull request #4934 from WoltLab/remove-security-token-constants
Remove the `SECURITY_TOKEN` PHP constants
Tim Düsterhus [Mon, 8 Aug 2022 09:23:24 +0000 (11:23 +0200)]
Merge pull request #4933 from WoltLab/searchengine-parseSearchQuery
Remove always-throwing methods from AbstractSearchEngine
Tim Düsterhus [Mon, 8 Aug 2022 09:11:52 +0000 (11:11 +0200)]
Use typed properties in Session class
Tim Düsterhus [Mon, 8 Aug 2022 09:07:03 +0000 (11:07 +0200)]
Use typed property in UserLoggedIn event
Tim Düsterhus [Mon, 8 Aug 2022 08:54:57 +0000 (10:54 +0200)]
Remove the `SECURITY_TOKEN` PHP constants
These are trivially replaced by the `{csrfToken}` template tag which was
backported all the way to 5.2.
see #3612
Tim Düsterhus [Fri, 5 Aug 2022 12:54:19 +0000 (14:54 +0200)]
Remove always-throwing methods from AbstractSearchEngine
These dangerous methods were not immediately removed to allow pointing the
developer to the appropriate documentation, instead of them just seeing a call
to an undefined method.
Since they now served their purpose and don't do anything useful, they can be
removed.
Tim Düsterhus [Fri, 5 Aug 2022 14:34:31 +0000 (16:34 +0200)]
Merge pull request #4932 from WoltLab/scssphp-compatibility-include
Remove scss.inc.php compatiblity include
Tim Düsterhus [Fri, 5 Aug 2022 13:29:34 +0000 (15:29 +0200)]
Remove obsolete PHPDoc type in SearchIndexManager
Apparently the file did not properly safe before commiting.
see
bd0439ac21208b02c347f7075632e7433e8235d0
Tim Düsterhus [Fri, 5 Aug 2022 13:17:41 +0000 (15:17 +0200)]
Fix signature in SearchIndexManager::getTableName()
see
db4325a863919ee1eea073b8ab8ac1fab377584e
Tim Düsterhus [Fri, 5 Aug 2022 13:02:03 +0000 (15:02 +0200)]
Fix CronjobPackageInstallationPlugin
This fixes:
> 6 arguments are required, 5 given
The `startMinute` got lost in
b355b1c75179f724cb0353247ce9b0b0f4712975.
Tim Düsterhus [Fri, 5 Aug 2022 12:47:46 +0000 (14:47 +0200)]
Remove scss.inc.php compatiblity include
This is longish-deprecated and the fix is trivial: Just remove the include, the
classes are implicitly available by composer's autoloader.
Tim Düsterhus [Fri, 5 Aug 2022 12:24:56 +0000 (14:24 +0200)]
Merge pull request #4929 from WoltLab/remove-gravatar
Remove Gravatar support
Tim Düsterhus [Thu, 19 May 2022 12:10:00 +0000 (14:10 +0200)]
Remove Gravatar support
Resolves #3894
Tim Düsterhus [Fri, 5 Aug 2022 12:18:28 +0000 (14:18 +0200)]
Tim Düsterhus [Fri, 5 Aug 2022 12:11:53 +0000 (14:11 +0200)]
Merge pull request #4928 from WoltLab/remove-memcached
Remove Memcached support
Tim Düsterhus [Fri, 5 Aug 2022 12:10:16 +0000 (14:10 +0200)]
Merge pull request #4927 from WoltLab/template-wcfversion
Remove __wcfVersion template variable
Tim Düsterhus [Fri, 5 Aug 2022 12:09:50 +0000 (14:09 +0200)]
Merge pull request #4926 from WoltLab/remove-php-highlighters
Remove PHP-based syntax highlighters
Tim Düsterhus [Fri, 5 Aug 2022 12:08:57 +0000 (14:08 +0200)]
Merge pull request #4925 from WoltLab/cleanup-search-index-manager
Clean up SearchIndexManager
Tim Düsterhus [Fri, 5 Aug 2022 12:08:26 +0000 (14:08 +0200)]
Merge pull request #4924 from WoltLab/cleanup-cryptoutil
Clean up CryptoUtil
Tim Düsterhus [Fri, 5 Aug 2022 08:00:47 +0000 (10:00 +0200)]
Remove Memcached support
While Memcached is only deprecated since 5.4, it also is effectively
unmaintained and untested since longer than that.
The Disk cache works fine for the vast majority of users and Redis is available
for the others and even more featureful compared to Memcached.
Resolves #3642
Tim Düsterhus [Fri, 5 Aug 2022 07:42:49 +0000 (09:42 +0200)]
Remove PHP-based syntax highlighters
These are long-deprecated. If someone desires to still use them over Prism,
they can grab them from the commit history.
Resolves #4296
Tim Düsterhus [Fri, 5 Aug 2022 07:50:36 +0000 (09:50 +0200)]
Remove long-deprecated methods from PasswordUtil
PasswordUtil itself is wholly deprecated, but these two methods are trivially
replaced and developers should to so, if only to improve the clarity of the
code.
Tim Düsterhus [Fri, 5 Aug 2022 07:46:47 +0000 (09:46 +0200)]
Remove __wcfVersion template variable
This one is long-deprecated, breaks very obviously and is trivially replaced.
Tim Düsterhus [Fri, 5 Aug 2022 07:37:04 +0000 (09:37 +0200)]
Add types to SearchIndexManager where easily possible
Parameter types to delete() and reset() could not be added, because they
violate LSP unless the interface is modified as well / modified first.
Tim Düsterhus [Fri, 5 Aug 2022 07:34:35 +0000 (09:34 +0200)]
Remove deprecated methods from SearchIndexManager
As these are long deprecated and thin wrappers only, they can be trivially
adjusted.
Tim Düsterhus [Fri, 5 Aug 2022 07:31:56 +0000 (09:31 +0200)]
Add parameter types to CryptoUtil
Tim Düsterhus [Fri, 5 Aug 2022 07:30:52 +0000 (09:30 +0200)]
Remove deprecated methods from CryptoUtil
These are trivially replaced by their native counterparts.
Tim Düsterhus [Fri, 5 Aug 2022 07:29:55 +0000 (09:29 +0200)]
Merge branch '5.5'
Tim Düsterhus [Fri, 5 Aug 2022 07:29:45 +0000 (09:29 +0200)]
Merge branch '5.4' into 5.5
Tim Düsterhus [Thu, 4 Aug 2022 12:22:38 +0000 (14:22 +0200)]
Merge pull request #4923 from WoltLab/crontab
Offload cronjob calculations to a library