GitHub/WoltLab/WCF.git
19 months agoMerge pull request #5418 from WoltLab/middleware-error-handling
Tim Düsterhus [Fri, 14 Apr 2023 12:00:32 +0000 (14:00 +0200)]
Merge pull request #5418 from WoltLab/middleware-error-handling

Stop using Exceptions to return error responses outside of a controller

19 months agoMerge pull request #5424 from WoltLab/wcf-node-identifier-generation
Tim Düsterhus [Fri, 14 Apr 2023 11:59:41 +0000 (13:59 +0200)]
Merge pull request #5424 from WoltLab/wcf-node-identifier-generation

Improve performance of `<wcfNode-*>` identifier generation

19 months agoRemove the final IllegalLinkException from RequestHandler::handle()
Tim Düsterhus [Thu, 13 Apr 2023 15:11:02 +0000 (17:11 +0200)]
Remove the final IllegalLinkException from RequestHandler::handle()

19 months agoCreate the PSR request before checking if any route matches in RequestHandler::handle()
Tim Düsterhus [Thu, 13 Apr 2023 15:09:41 +0000 (17:09 +0200)]
Create the PSR request before checking if any route matches in RequestHandler::handle()

19 months agoLeverage the NotFoundHandler in RequestHandler::buildRequest()
Tim Düsterhus [Thu, 13 Apr 2023 15:07:31 +0000 (17:07 +0200)]
Leverage the NotFoundHandler in RequestHandler::buildRequest()

19 months agoPrefer JSON error responses over HTML
Tim Düsterhus [Thu, 13 Apr 2023 14:51:46 +0000 (16:51 +0200)]
Prefer JSON error responses over HTML

19 months agoSend the exception in JSON response in error controllers
Tim Düsterhus [Thu, 13 Apr 2023 14:45:49 +0000 (16:45 +0200)]
Send the exception in JSON response in error controllers

19 months agoAccept `exception` in JSON error responses
Tim Düsterhus [Thu, 13 Apr 2023 14:44:16 +0000 (16:44 +0200)]
Accept `exception` in JSON error responses

This is a replacement for the separate file, line, stacktrace and previous
fields and matches the HTML version of these error responses.

19 months agoStop wrapping selected exceptions into an AJAXException
Tim Düsterhus [Thu, 13 Apr 2023 14:22:36 +0000 (16:22 +0200)]
Stop wrapping selected exceptions into an AJAXException

These exceptions are converted into clean responses using the HandleExceptions
middleware.

19 months agoDo not require the `previous` array in JSON error responses
Tim Düsterhus [Thu, 13 Apr 2023 14:18:42 +0000 (16:18 +0200)]
Do not require the `previous` array in JSON error responses

19 months agoRevert "Add FixAcceptHeader middleware"
Tim Düsterhus [Thu, 13 Apr 2023 14:03:08 +0000 (16:03 +0200)]
Revert "Add FixAcceptHeader middleware"

This does not appear to be generally useful. The JavaScript was modified to
send appropriate headers now.

This reverts commit fcdb3da3976359f8077c2f3a5ef2af5ebdd2d89c.

19 months agoSet explicit `Accept` header in Ajax/Request.ts
Tim Düsterhus [Thu, 13 Apr 2023 14:01:52 +0000 (16:01 +0200)]
Set explicit `Accept` header in Ajax/Request.ts

19 months agoSet explicit `accept` header in DboAction.ts
Tim Düsterhus [Thu, 13 Apr 2023 14:00:21 +0000 (16:00 +0200)]
Set explicit `accept` header in DboAction.ts

19 months agoAdd a dummy exception in ErrorDetail::fromMessage()
Tim Düsterhus [Thu, 13 Apr 2023 12:29:08 +0000 (14:29 +0200)]
Add a dummy exception in ErrorDetail::fromMessage()

19 months agoDetect exceptions that erroneously escape the middleware stack
Tim Düsterhus [Thu, 13 Apr 2023 11:53:53 +0000 (13:53 +0200)]
Detect exceptions that erroneously escape the middleware stack

19 months agoAdd FixAcceptHeader middleware
Tim Düsterhus [Thu, 13 Apr 2023 10:46:04 +0000 (12:46 +0200)]
Add FixAcceptHeader middleware

19 months agoAdd XsrfValidationFailedHandler
Tim Düsterhus [Thu, 13 Apr 2023 12:18:05 +0000 (14:18 +0200)]
Add XsrfValidationFailedHandler

19 months agoMerge pull request #5423 from WoltLab/wcf-node-autoloader
Tim Düsterhus [Fri, 14 Apr 2023 11:53:49 +0000 (13:53 +0200)]
Merge pull request #5423 from WoltLab/wcf-node-autoloader

Stop needlessly invoking the autoloader to `<wcfNode-*>` tags

19 months agoMerge pull request #5422 from WoltLab/script-pip-directory
Tim Düsterhus [Fri, 14 Apr 2023 11:53:33 +0000 (13:53 +0200)]
Merge pull request #5422 from WoltLab/script-pip-directory

Unify package directory calculation of database and script PIP with file pip

19 months agoRemove the legacy jQuery based comment implementation
Alexander Ebert [Fri, 14 Apr 2023 11:45:11 +0000 (13:45 +0200)]
Remove the legacy jQuery based comment implementation

19 months agoMerge branch 'master' of https://github.com/WoltLab/WCF
Marcel Werk [Fri, 14 Apr 2023 11:38:41 +0000 (13:38 +0200)]
Merge branch 'master' of https://github.com/WoltLab/WCF

19 months agoAdd disabled appearance for icon inside disabled elements
Marcel Werk [Fri, 14 Apr 2023 11:38:39 +0000 (13:38 +0200)]
Add disabled appearance for icon inside disabled elements

19 months agoRemove legacy `-o` suffix from icon name in UploadFile::getIconName()
Tim Düsterhus [Fri, 14 Apr 2023 10:50:19 +0000 (12:50 +0200)]
Remove legacy `-o` suffix from icon name in UploadFile::getIconName()

Fixes #5406

19 months agoImprove performance of `<wcfNode-*>` identifier generation
Tim Düsterhus [Fri, 14 Apr 2023 09:29:42 +0000 (11:29 +0200)]
Improve performance of `<wcfNode-*>` identifier generation

StringUtil::getRandomID() leverages the CSPRNG and constant time encoder to
generate IDs which is the secure, but slow, default choice.

For generation of the identifiers of `<wcfNode-*>` it is not required that the
values are absolutely unguessable, instead uniqueness and reasonable
unpredictability is sufficient, especially as the values are regenerated for
every request.

For content with a large number of BBCodes the overhead of a secure ID
generation can add up:

For a post with 300 BBCodes that is rendered 50 times the old ID generator
resulted in ~3300ms total rendering time, whereas the new ID generator with PHP
8.2 (thus leveraging xoshiro256**) is down to ~2500ms, a 25% reduction. However
even with PHP 8.1 the new generator will be faster, because it does not use the
constant time encoder. It will become even faster if PHP 8.2 is required and
the extra `$engine` closure can be removed.

19 months agoStop needlessly invoking the autoloader to `<wcfNode-*>` tags
Tim Düsterhus [Fri, 14 Apr 2023 08:31:46 +0000 (10:31 +0200)]
Stop needlessly invoking the autoloader to `<wcfNode-*>` tags

These node names are randomly generated and will never match an existing class.
In fact the tag name transformation did not even result in valid classnames in
the majority of cases, because the randomly generated ID might start with a
number, thus including a hyphen in the classname.

Stop needlessly invoking the autoloader, and thus accessing the disk, for these
tags.

19 months agoUnify package directory calculation of database and script PIP with file pip
Tim Düsterhus [Fri, 14 Apr 2023 08:03:14 +0000 (10:03 +0200)]
Unify package directory calculation of database and script PIP with file pip

Fixes #5392

19 months agoMerge branch '5.5'
Alexander Ebert [Thu, 13 Apr 2023 13:24:44 +0000 (15:24 +0200)]
Merge branch '5.5'

19 months agoMerge pull request #5420 from darkwood-studios/5.5
Alexander Ebert [Thu, 13 Apr 2023 13:24:30 +0000 (15:24 +0200)]
Merge pull request #5420 from darkwood-studios/5.5

added new articleLikeButtons template event to article template

19 months agoReplace the use of Exceptions in middlewares
Tim Düsterhus [Thu, 13 Apr 2023 09:29:09 +0000 (11:29 +0200)]
Replace the use of Exceptions in middlewares

This is problematic, because Exceptions will skip the response direction of the
middleware stack. Instead appropriate responses are either generated directly
or forwarded to an appropriate request handler.

19 months agoAdd HandleExceptions middleware with request handlers to generate error responses
Tim Düsterhus [Wed, 12 Apr 2023 13:25:13 +0000 (15:25 +0200)]
Add HandleExceptions middleware with request handlers to generate error responses

This allows controllers to still leverage Exception, but prevents the
Exceptions from skipping the response direction of the middleware stack.

19 months agoFix JavaScript relocation in HTML responses in middlewares
Tim Düsterhus [Thu, 13 Apr 2023 10:25:49 +0000 (12:25 +0200)]
Fix JavaScript relocation in HTML responses in middlewares

19 months agoAdd HeaderUtil::parseOutputStream()
Tim Düsterhus [Thu, 13 Apr 2023 07:49:45 +0000 (09:49 +0200)]
Add HeaderUtil::parseOutputStream()

19 months agoMerge branch '5.5'
Tim Düsterhus [Thu, 13 Apr 2023 08:58:27 +0000 (10:58 +0200)]
Merge branch '5.5'

19 months agoRe-randomize cronjobs when upgrading to 6.0
Tim Düsterhus [Thu, 13 Apr 2023 08:57:20 +0000 (10:57 +0200)]
Re-randomize cronjobs when upgrading to 6.0

see #5202
see #4678

19 months agoadded new articleLikeButtons template event to article template
daniel [Thu, 13 Apr 2023 07:46:30 +0000 (09:46 +0200)]
added new articleLikeButtons template event to article template

19 months agoUpdating minified JavaScript files
WoltLab [Thu, 13 Apr 2023 07:20:19 +0000 (07:20 +0000)]
Updating minified JavaScript files

19 months agoMerge pull request #5410 from WoltLab/ckeditor5-translations
Alexander Ebert [Wed, 12 Apr 2023 15:18:35 +0000 (17:18 +0200)]
Merge pull request #5410 from WoltLab/ckeditor5-translations

Add the localization files for CKEditor 5

19 months agoImprove the readability of the code for CKEditor localizations
Alexander Ebert [Wed, 12 Apr 2023 13:22:35 +0000 (15:22 +0200)]
Improve the readability of the code for CKEditor localizations

19 months agoExplicitly force the editor language
Alexander Ebert [Fri, 7 Apr 2023 20:23:13 +0000 (22:23 +0200)]
Explicitly force the editor language

CKEditor implicitly detects an available translation, but only if it is defined first. Explicitly setting the language avoids any race conditions that could take place.

19 months agoRebuild the CKEditor 5 bundle to match the exported localization
Alexander Ebert [Fri, 7 Apr 2023 16:02:50 +0000 (18:02 +0200)]
Rebuild the CKEditor 5 bundle to match the exported localization

19 months agoLoad the matching localization file on demand
Alexander Ebert [Fri, 7 Apr 2023 16:00:15 +0000 (18:00 +0200)]
Load the matching localization file on demand

19 months agoExport the localizations for CKEditor except for 'en'
Alexander Ebert [Fri, 7 Apr 2023 15:58:01 +0000 (17:58 +0200)]
Export the localizations for CKEditor except for 'en'

19 months agoMerge pull request #5415 from WoltLab/amd-unset
Tim Düsterhus [Wed, 12 Apr 2023 13:34:57 +0000 (15:34 +0200)]
Merge pull request #5415 from WoltLab/amd-unset

Do not interact with `require()` while `define.amd` is unset

19 months agoMerge pull request #5416 from WoltLab/plural-template
Tim Düsterhus [Wed, 12 Apr 2023 13:30:58 +0000 (15:30 +0200)]
Merge pull request #5416 from WoltLab/plural-template

Improve error reporting for `value=null` in `{plural}` template function

19 months agoMerge pull request #5417 from WoltLab/ckeditor-37
Tim Düsterhus [Wed, 12 Apr 2023 12:24:24 +0000 (14:24 +0200)]
Merge pull request #5417 from WoltLab/ckeditor-37

Migrate to proper CKEditor 37 types

19 months agoMigrate to proper CKEditor 37 types
Tim Düsterhus [Wed, 12 Apr 2023 11:01:07 +0000 (13:01 +0200)]
Migrate to proper CKEditor 37 types

19 months agoImprove error reporting for `value=null` in `{plural}` template function
Tim Düsterhus [Wed, 12 Apr 2023 09:17:04 +0000 (11:17 +0200)]
Improve error reporting for `value=null` in `{plural}` template function

Accidental `null`s are a common issue when dealing with database objects,
explicitly detect a `null` to not misleadingly report that the `value`
attribute is missing.

see https://www.woltlab.com/community/thread/299515-fatal-error-nach-update-missing-attribute-value/

19 months agoDo not interact with `require()` while `define.amd` is unset
Tim Düsterhus [Wed, 12 Apr 2023 08:20:56 +0000 (10:20 +0200)]
Do not interact with `require()` while `define.amd` is unset

During development I noticed that regularly `focus-trap` failed to load
properly, likely due to being pulled in by some module while `define.amd` was
unset and thus failing to register itself as a module due to the UMD header.

Fix this by moving the `define.amd` unsetting and resetting into dedicated
`<script>` tags that wrap jQuery + WCF.js and nothing else.

19 months agoMerge remote-tracking branch 'origin/master'
Tim Düsterhus [Tue, 11 Apr 2023 13:56:51 +0000 (15:56 +0200)]
Merge remote-tracking branch 'origin/master'

19 months agoTransmit checkbox data as string in `Checked` form field
Tim Düsterhus [Tue, 11 Apr 2023 13:56:01 +0000 (15:56 +0200)]
Transmit checkbox data as string in `Checked` form field

This makes the “on-the-wire” representation consistent with regular forms.

see #5412

19 months agoMerge branch '5.5'
Tim Düsterhus [Tue, 11 Apr 2023 13:54:09 +0000 (15:54 +0200)]
Merge branch '5.5'

19 months agoFix reading boolean field values in form builder dialogs
Marcel Werk [Mon, 10 Apr 2023 14:52:48 +0000 (16:52 +0200)]
Fix reading boolean field values in form builder dialogs

For normal forms, the value of `BooleanFormField` is passed as a string. In
form builder dialogs, however, it is passed as an int.

Resolves #5412

19 months agoFixed JSON encoding in IconPreFilterTemplatePlugin (#5413)
Sascha Greuel [Tue, 11 Apr 2023 08:55:54 +0000 (10:55 +0200)]
Fixed JSON encoding in IconPreFilterTemplatePlugin (#5413)

see 50589568f191c4a3b2c015b60974378b22ccd24c

19 months agoMerge branch '5.5'
Tim Düsterhus [Tue, 11 Apr 2023 07:39:49 +0000 (09:39 +0200)]
Merge branch '5.5'

19 months agoUpdate composer dependencies
Tim Düsterhus [Mon, 10 Apr 2023 22:36:37 +0000 (00:36 +0200)]
Update composer dependencies

19 months agoMerge pull request #5308 from WoltLab/article-mark-as-read
Marcel Werk [Mon, 10 Apr 2023 12:40:29 +0000 (14:40 +0200)]
Merge pull request #5308 from WoltLab/article-mark-as-read

Migrate 'article mark as read' to new ajax api

19 months agoMerge pull request #5374 from SoftCreatR/bugfix/userBBCodeTag-sync
Alexander Ebert [Sat, 8 Apr 2023 10:23:58 +0000 (12:23 +0200)]
Merge pull request #5374 from SoftCreatR/bugfix/userBBCodeTag-sync

Add `userBBCodeTag` to the shared templates

19 months agoFix the mismatching icon sizes of the new desktop user panel
Alexander Ebert [Sat, 8 Apr 2023 10:19:53 +0000 (12:19 +0200)]
Fix the mismatching icon sizes of the new desktop user panel

Fixes #5408

19 months agoUpdate composer dependencies
Tim Düsterhus [Thu, 6 Apr 2023 19:24:43 +0000 (21:24 +0200)]
Update composer dependencies

19 months agoDisable the image upload when attachments are disabled
Alexander Ebert [Thu, 6 Apr 2023 16:32:54 +0000 (18:32 +0200)]
Disable the image upload when attachments are disabled

Fixes WoltLab/editor#27

19 months agoImprove the visuals of the placeholder to add a comment
Alexander Ebert [Thu, 6 Apr 2023 16:07:46 +0000 (18:07 +0200)]
Improve the visuals of the placeholder to add a comment

Closes #5395

19 months agoFix the visuals of the users online list
Alexander Ebert [Thu, 6 Apr 2023 15:52:18 +0000 (17:52 +0200)]
Fix the visuals of the users online list

Fixes #5397

19 months agoPreserve the `Image` plugin
Alexander Ebert [Thu, 6 Apr 2023 15:24:52 +0000 (17:24 +0200)]
Preserve the `Image` plugin

This provides the general handling of image type content, such as smilies or media.

19 months agoFix the removal of the loading indicator when editing messages
Alexander Ebert [Thu, 6 Apr 2023 14:26:02 +0000 (16:26 +0200)]
Fix the removal of the loading indicator when editing messages

19 months agoFix the position of the error message for replies
Alexander Ebert [Thu, 6 Apr 2023 14:18:03 +0000 (16:18 +0200)]
Fix the position of the error message for replies

Fixes #5401

19 months agoStrip the `border-radius` from the page search input
Alexander Ebert [Thu, 6 Apr 2023 14:09:59 +0000 (16:09 +0200)]
Strip the `border-radius` from the page search input

Fixes #5394

19 months agoFix the visuals of next/previous article without images
Alexander Ebert [Thu, 6 Apr 2023 14:00:24 +0000 (16:00 +0200)]
Fix the visuals of next/previous article without images

Fixes #5403

19 months agoFix the stacking of notification messages
Alexander Ebert [Thu, 6 Apr 2023 13:49:13 +0000 (15:49 +0200)]
Fix the stacking of notification messages

Fixes #5396

19 months agoEnforce the default box-sizing of buttons
Alexander Ebert [Thu, 6 Apr 2023 12:09:30 +0000 (14:09 +0200)]
Enforce the default box-sizing of buttons

The `inherit` value does not work well with `all: unset`, causing it to inherit the default value from the UA style sheet which is `content-box` instead of `border-box`.

Fixes #5402

19 months agoMerge branch 'master' of https://github.com/WoltLab/WCF
Marcel Werk [Thu, 6 Apr 2023 12:08:58 +0000 (14:08 +0200)]
Merge branch 'master' of https://github.com/WoltLab/WCF

19 months agoSimplify implementation of the report function
Marcel Werk [Thu, 6 Apr 2023 12:08:51 +0000 (14:08 +0200)]
Simplify implementation of the report function

19 months agoRemove obsolete language variable
Marcel Werk [Thu, 6 Apr 2023 12:08:24 +0000 (14:08 +0200)]
Remove obsolete language variable

19 months agoMerge branch 'master' of https://github.com/WoltLab/WCF
Alexander Ebert [Thu, 6 Apr 2023 12:01:05 +0000 (14:01 +0200)]
Merge branch 'master' of https://github.com/WoltLab/WCF

19 months agoImprove the collection of message meta data
Alexander Ebert [Thu, 6 Apr 2023 12:00:59 +0000 (14:00 +0200)]
Improve the collection of message meta data

Fixes #5393

19 months agoMerge branch '5.5'
Tim Düsterhus [Thu, 6 Apr 2023 11:59:39 +0000 (13:59 +0200)]
Merge branch '5.5'

19 months agoFix redirect after submitting ContactForm
Tim Düsterhus [Thu, 6 Apr 2023 11:56:09 +0000 (13:56 +0200)]
Fix redirect after submitting ContactForm

The empty string is an invalid controller name. The landing page link is
requested by either passing `null` or leaving out all parameters.

This misuse will throw an Exception in WoltLab Suite 6.0.

Fixes #5407

19 months agoRevert "Inline DynamicRequestRoute::getControllerName()"
Tim Düsterhus [Thu, 6 Apr 2023 11:47:15 +0000 (13:47 +0200)]
Revert "Inline DynamicRequestRoute::getControllerName()"

The inlining of the method resulted in an unintentional and silent breaking
change for classes that register custom routes that, due to the missing
`final`, derive from DynamicRequestRoute and overwrite the method with a custom
implementation.

This reverts commit f9a440759dcf65edd108046b53babde404853ee8.

19 months agoAdd `individualScssDarkMode` to update_com.woltlab.wcf_6.0_styleVariables.php
Tim Düsterhus [Thu, 6 Apr 2023 10:41:42 +0000 (12:41 +0200)]
Add `individualScssDarkMode` to update_com.woltlab.wcf_6.0_styleVariables.php

see c292cfc3763a07281deb3b0767a5d84a6021b9a9
see 65bfb75589155b9ac1cbe8308cd7a79b07d699b7

19 months agoFix update_com.woltlab.wcf_6.0_styleVariables.php
Tim Düsterhus [Thu, 6 Apr 2023 09:15:02 +0000 (11:15 +0200)]
Fix update_com.woltlab.wcf_6.0_styleVariables.php

19 months agoUpdate preliminary update instructions from 5.5
Tim Düsterhus [Thu, 6 Apr 2023 09:10:53 +0000 (11:10 +0200)]
Update preliminary update instructions from 5.5

19 months agoMerge pull request #5404 from WoltLab/tmp-dir-separator
Tim Düsterhus [Thu, 6 Apr 2023 07:34:53 +0000 (09:34 +0200)]
Merge pull request #5404 from WoltLab/tmp-dir-separator

Unify the directory separators for the temporary directory

19 months agoMerge pull request #5405 from WoltLab/mention-conversion
Alexander Ebert [Wed, 5 Apr 2023 19:38:11 +0000 (21:38 +0200)]
Merge pull request #5405 from WoltLab/mention-conversion

Align the implementation of mentions in CKEditor

19 months agoSkip the mention plugins when disabled
Alexander Ebert [Wed, 5 Apr 2023 17:23:17 +0000 (19:23 +0200)]
Skip the mention plugins when disabled

19 months agoSynchronize the implementation of mentions in CKEditor
Alexander Ebert [Wed, 5 Apr 2023 17:20:44 +0000 (19:20 +0200)]
Synchronize the implementation of mentions in CKEditor

19 months agoCompare the paths with unified directory separator in PackageInstallationDispatcher...
Tim Düsterhus [Wed, 5 Apr 2023 14:30:38 +0000 (16:30 +0200)]
Compare the paths with unified directory separator in PackageInstallationDispatcher::getArchive()

This is necessary for Windows which uses backslashes, whereas the entire
software hardcodes the slash as a directory separator (which is also accepted
by Windows).

Fixes #5370

19 months agoUnify the directory separator for `TMP_DIR`
Tim Düsterhus [Wed, 5 Apr 2023 14:30:11 +0000 (16:30 +0200)]
Unify the directory separator for `TMP_DIR`

see #5370

19 months agoFix compiling styles with individual SCSS for dark mode
Tim Düsterhus [Wed, 5 Apr 2023 14:23:35 +0000 (16:23 +0200)]
Fix compiling styles with individual SCSS for dark mode

The variable was not properly cleared after using including the contents within
the SCSS and then was attempted to be parsed as an SCSS value to provide it as
a SCSS variable.

Introduced in ba7168323f6632361b694d7eb2c09439902fe447.

Fixes #5398

19 months agoMerge remote-tracking branch 'origin/master'
Tim Düsterhus [Wed, 5 Apr 2023 08:10:13 +0000 (10:10 +0200)]
Merge remote-tracking branch 'origin/master'

19 months agoUpdate composer dependencies
Tim Düsterhus [Wed, 5 Apr 2023 08:08:22 +0000 (10:08 +0200)]
Update composer dependencies

19 months agoFix the styling of mentions
Alexander Ebert [Tue, 4 Apr 2023 18:29:23 +0000 (20:29 +0200)]
Fix the styling of mentions

See #5382

19 months agoPreserve empty paragraphs created in CKEditor 5
Alexander Ebert [Tue, 4 Apr 2023 16:23:11 +0000 (18:23 +0200)]
Preserve empty paragraphs created in CKEditor 5

Fixes WoltLab/editor#15

19 months agoFix incorrect migration to DateTimeImmutable
Tim Düsterhus [Tue, 4 Apr 2023 14:44:48 +0000 (16:44 +0200)]
Fix incorrect migration to DateTimeImmutable

This was broken in 48aad6ed4800f20d3e12fcf7e9a351d8791cd90d.

Fixes #5391

19 months agoMerge branch '5.5'
Tim Düsterhus [Tue, 4 Apr 2023 13:47:55 +0000 (15:47 +0200)]
Merge branch '5.5'

19 months agoMerge pull request #5389 from WoltLab/user-profile-about-events
Marcel Werk [Tue, 4 Apr 2023 13:44:15 +0000 (15:44 +0200)]
Merge pull request #5389 from WoltLab/user-profile-about-events

Add template events in `userProfileAbout`

19 months agoUpdate TS StringUtil's HTML escaper to be consistent with PHP's
Olaf Braun [Sun, 2 Apr 2023 15:44:47 +0000 (17:44 +0200)]
Update TS StringUtil's HTML escaper to be consistent with PHP's

Commit f631a7de6506e52095299c15042c25a3979a8200 updated the HTML escaper on the
server to encode a single quote (`'`) as `&#039;`, however it did not update
the frontend / TypeScript implementation.

This specifically breaks loading of existing data for i18n fields containing
the single quote, because the JavaScript expects the value to be first JS
encoded and then HTML encoded and manually performs HTML decoding. This is
questionable, but likely not fixable without introducing security issues,
because some users *might* rely on the fact that the JS escaping already
happened and it's impossible to detect whether the given values are already
escaped or not.

Resolves #5381

[Tim: Written the entire commit message]

19 months agoMerge branch '5.5'
Tim Düsterhus [Tue, 4 Apr 2023 13:28:22 +0000 (15:28 +0200)]
Merge branch '5.5'

19 months agoAdd `is_string` as template modifier
Tim Düsterhus [Tue, 4 Apr 2023 13:27:00 +0000 (15:27 +0200)]
Add `is_string` as template modifier

Resolves #5388

19 months agoAdd template events in `userProfileAbout`
Marcel Werk [Tue, 4 Apr 2023 11:35:28 +0000 (13:35 +0200)]
Add template events in `userProfileAbout`

These events allow content to be displayed in the 'about' tab that is not based on user options.

19 months agoMerge remote-tracking branch 'origin/master'
Tim Düsterhus [Tue, 4 Apr 2023 10:08:51 +0000 (12:08 +0200)]
Merge remote-tracking branch 'origin/master'

19 months agoMerge branch '5.5'
Tim Düsterhus [Tue, 4 Apr 2023 10:00:33 +0000 (12:00 +0200)]
Merge branch '5.5'