Tim Düsterhus [Fri, 24 Jun 2022 09:02:04 +0000 (11:02 +0200)]
Use \SensitiveParameterValue as the replacement value in exception handling
Use the standard PHP 8.2 replacement value, instead of the `[redacted]` string
for consistency. This works as expected, because `SensitiveParameterValue` is
polyfilled.
Tim Düsterhus [Thu, 23 Jun 2022 13:36:23 +0000 (15:36 +0200)]
Merge pull request #4872 from WoltLab/request-route-cleanup
Clean up route implementation
Tim Düsterhus [Thu, 23 Jun 2022 12:37:51 +0000 (14:37 +0200)]
Mark LookupRequestRoute as final
Tim Düsterhus [Thu, 23 Jun 2022 12:15:50 +0000 (14:15 +0200)]
Inline DynamicRequestRoute::getControllerName()
Tim Düsterhus [Thu, 23 Jun 2022 12:11:34 +0000 (14:11 +0200)]
Explicitly implement StaticRequestRoute::isACP()
The removes dependencies on the implementation in DynamicRequestRoute, possibly
allowing StaticRequestRoute to not inherit from DynamicRequestRoute in the
future.
Tim Düsterhus [Thu, 23 Jun 2022 12:09:37 +0000 (14:09 +0200)]
Remove LookupRequestRoute::setIsACP()
This method always throws and is no longer required by the interface.
Tim Düsterhus [Thu, 23 Jun 2022 12:07:48 +0000 (14:07 +0200)]
Remove IRequestRoute::setIsACP()
This is not a method that can usefully be generically called, because one needs
to know how the properties of the route implementation to usefully modify it.
There are already route implementations that always throw in this method.
Tim Düsterhus [Thu, 23 Jun 2022 12:00:06 +0000 (14:00 +0200)]
Improve typing in RequestHandler
Tim Düsterhus [Thu, 23 Jun 2022 11:56:03 +0000 (13:56 +0200)]
Tim Düsterhus [Thu, 23 Jun 2022 11:52:22 +0000 (13:52 +0200)]
Tim Düsterhus [Wed, 22 Jun 2022 15:11:00 +0000 (17:11 +0200)]
Merge pull request #4871 from WoltLab/route-data
Clean up default controller processing
Tim Düsterhus [Wed, 22 Jun 2022 14:37:17 +0000 (16:37 +0200)]
Improve RequestHandler::buildRequest()'s control flow
Perform the default controller processing within a single block, instead of
first branching based on whether the ACP or frontend was accessed.
Tim Düsterhus [Wed, 22 Jun 2022 14:33:56 +0000 (16:33 +0200)]
Unify the handling of the default controller for ACP requests
Tim Düsterhus [Wed, 22 Jun 2022 14:32:10 +0000 (16:32 +0200)]
Enforce that routes return a controller name XOR the default controller
It is not useful to return both a name and pretending that it's the default
controller, as the controller name would be overriden anyway.
see
5da310cc32d5300cb393dd127ce5ec7abc9315bf
Tim Düsterhus [Wed, 22 Jun 2022 15:03:15 +0000 (17:03 +0200)]
Merge pull request #4869 from WoltLab/handle-default-controller
Remove dead branch in RequestHandler::handleDefaultController()
Tim Düsterhus [Wed, 22 Jun 2022 14:01:46 +0000 (16:01 +0200)]
Inline RequestHandler::handleDefaultController()
This makes the data flow easier to grasp, as one does not need to jump around
in the file.
Tim Düsterhus [Wed, 22 Jun 2022 13:48:41 +0000 (15:48 +0200)]
Remove dead branch in RequestHandler::handleDefaultController()
It turns out that that the third and last remaining change of
000c0c8a26491708b2af995bdd6f0e627cc75161 is also broken.
After effectively reverting / removing the logic in the other two files
modified by that commit in
e0976fcfdbeeafc80bc202f80ae2f946326d465d and
416dafddb18a3e82750c6e8ca089d4f9132b39dc, this commit cleans up the last
change.
Since
000c0c8a26491708b2af995bdd6f0e627cc75161 is is impossible for this
redirect to happen and the reason is simple:
The logic will only ever be executed for non-CMS pages, as these are the only
ones where `->lookupDefaultController()` returns an application.
The `controller` return value of `->lookupDefaultController()` will contain the
`routePart` (i.e. `board-list`). However the application overrides are keyed by
the controller name (i.e. `BoardList`), causing the lookup to always fail,
resulting in the given `$application` being returned as-is in `$override`. As
both values are identical, the branch will never be taken and the redirect will
never be executed.
Tim Düsterhus [Wed, 22 Jun 2022 13:33:56 +0000 (15:33 +0200)]
Replace emptiness check of $this->routeData with strict comparison in LookupRequestRoute
Tim Düsterhus [Wed, 22 Jun 2022 13:32:44 +0000 (15:32 +0200)]
Add return type to ControllerMap::resolveCustomController()
Tim Düsterhus [Wed, 22 Jun 2022 13:26:02 +0000 (15:26 +0200)]
Rename local `$controller` to `$routePart` in ControllerMap::lookupDefaultController()
Tim Düsterhus [Wed, 22 Jun 2022 12:57:47 +0000 (14:57 +0200)]
Make usage of ControllerMap::$landingPages easier to inspect
By removing the use of the local variable one can simple search for
$this->landingPages to find all locations.
Tim Düsterhus [Wed, 22 Jun 2022 12:53:59 +0000 (14:53 +0200)]
Mark ControllerMap as final
Tim Düsterhus [Tue, 21 Jun 2022 09:02:11 +0000 (11:02 +0200)]
Reinstall all composer packages
Tim Düsterhus [Tue, 21 Jun 2022 09:00:38 +0000 (11:00 +0200)]
Tighten up composer constraints
Tim Düsterhus [Tue, 21 Jun 2022 08:59:31 +0000 (10:59 +0200)]
Merge branch '5.5'
Tim Düsterhus [Tue, 21 Jun 2022 08:58:32 +0000 (10:58 +0200)]
Merge remote-tracking branch 'origin/5.5' into 5.5
Tim Düsterhus [Tue, 21 Jun 2022 08:58:08 +0000 (10:58 +0200)]
Merge branch '5.4' into 5.5
Tim Düsterhus [Tue, 21 Jun 2022 08:57:19 +0000 (10:57 +0200)]
Merge branch '5.3' into 5.4
Tim Düsterhus [Tue, 21 Jun 2022 08:52:30 +0000 (10:52 +0200)]
Tim Düsterhus [Tue, 21 Jun 2022 08:48:28 +0000 (10:48 +0200)]
Merge branch '5.4' into 5.5
Tim Düsterhus [Tue, 21 Jun 2022 08:47:11 +0000 (10:47 +0200)]
Merge branch '5.3' into 5.4
Tim Düsterhus [Tue, 21 Jun 2022 08:44:38 +0000 (10:44 +0200)]
Update guzzlehttp/psr7
This is a dependency for an updated Guzzle.
see guzzle/psr7@
e98e3e6d4f86621a9b75f623996e6bbdeb4b9318
see guzzle/guzzle@
a52f0440530b54fa079ce76e8c5d196a42cad981
Tim Düsterhus [Tue, 21 Jun 2022 08:44:10 +0000 (10:44 +0200)]
Merge branch '5.4' into 5.5
Tim Düsterhus [Tue, 21 Jun 2022 08:43:19 +0000 (10:43 +0200)]
Merge branch '5.3' into 5.4
Tim Düsterhus [Tue, 21 Jun 2022 08:41:51 +0000 (10:41 +0200)]
Regenerate composer files
Tim Düsterhus [Mon, 20 Jun 2022 17:11:29 +0000 (19:11 +0200)]
Merge pull request #4868 from WoltLab/request-handler-early-response
Use PSR-7 responses in RequestHandler
Tim Düsterhus [Mon, 20 Jun 2022 15:13:17 +0000 (17:13 +0200)]
Redirect requests to app-specific ACP landing pages using PSR-7
Tim Düsterhus [Mon, 20 Jun 2022 15:10:31 +0000 (17:10 +0200)]
Use PSR-7 to generate the redirect to the canonical domain
Tim Düsterhus [Mon, 20 Jun 2022 15:08:10 +0000 (17:08 +0200)]
Pass the PSR-7 RequestInterface to RequestHandler::buildRequest()
Tim Düsterhus [Mon, 20 Jun 2022 15:02:28 +0000 (17:02 +0200)]
Support returning responses in RequestHandler::buildRequest()
The return type of `->buildRequest()` is a little ugly now, but this will be
better than a hard call to `exit;` whenever a redirect is desired.
This whole routing and request building logic would ideally move into a
Middleware, this can be considered a first step to clean that up.
Tim Düsterhus [Mon, 20 Jun 2022 17:06:49 +0000 (19:06 +0200)]
Merge pull request #4848 from WoltLab/fix-is-default-controller
Fix ControllerMap::isDefaultController() to properly take into account overriden applications
Alexander Ebert [Mon, 20 Jun 2022 15:38:01 +0000 (17:38 +0200)]
Release 5.5.0 RC 2
WoltLab [Mon, 20 Jun 2022 15:02:28 +0000 (15:02 +0000)]
Updating minified JavaScript files
Tim Düsterhus [Mon, 20 Jun 2022 14:27:41 +0000 (16:27 +0200)]
Use proper placeholders in SQL queries in RoutingCacheBuilder
Tim Düsterhus [Thu, 2 Jun 2022 13:44:53 +0000 (15:44 +0200)]
Fix ControllerMap::isDefaultController() to properly take into account overriden applications
Previously virtually moving a CMS page (e.g. the Dashboard) into a different
app and making that page the landing page for that app would not drop the
controller string from the URL.
Tim Düsterhus [Mon, 20 Jun 2022 13:42:50 +0000 (15:42 +0200)]
Merge branch '5.5'
Tim Düsterhus [Mon, 20 Jun 2022 13:42:01 +0000 (15:42 +0200)]
Add missing newline at EOF in acp/style/layout.scss
see
89763fcf8fea68d5cda6bda419a5bd8326d4db58
Tim Düsterhus [Mon, 20 Jun 2022 13:40:24 +0000 (15:40 +0200)]
Merge branch '5.5'
Alexander Ebert [Sat, 18 Jun 2022 13:48:56 +0000 (15:48 +0200)]
Skip the search close handler if it was not open
Executing the callback causes some unintentional changes to the page state.
See https://www.woltlab.com/community/thread/295991-dialoge-hintergrund-scrollt/
Alexander Ebert [Sat, 18 Jun 2022 12:32:10 +0000 (14:32 +0200)]
Align the mobile ACP user drop-down to the right
See https://www.woltlab.com/community/thread/295980-acp-men%C3%BC-mobil-ausrichtung-%C3%A4ndern/
Tim Düsterhus [Fri, 17 Jun 2022 15:34:46 +0000 (17:34 +0200)]
Merge pull request #4867 from WoltLab/landing-page-overriden-app
Remove RoutingCacheBuilder::handleLandingPageWithOverriddenApplication()
Marcel Werk [Fri, 17 Jun 2022 13:13:17 +0000 (15:13 +0200)]
Merge branch '5.5' of https://github.com/WoltLab/WCF into 5.5
Marcel Werk [Fri, 17 Jun 2022 13:13:15 +0000 (15:13 +0200)]
Fix non-functioning template scripting in language variable
Tim Düsterhus [Fri, 17 Jun 2022 12:34:13 +0000 (14:34 +0200)]
Indent the closing heredoc/nowdoc marker in StyleCompiler
Tim Düsterhus [Mon, 13 Jun 2022 12:53:57 +0000 (14:53 +0200)]
Remove RoutingCacheBuilder::handleLandingPageWithOverriddenApplication()
This logic was introduced in
000c0c8a26491708b2af995bdd6f0e627cc75161 which
intended to (and actually did) fix #2905.
However the commit makes more changes than are actually necessary to fix the
issue:
The change in ControllerMap caused the branch condition to become impossible.
This change might have been required to fix the issue, but the logic was
unneccessarily complex, because of the dead branch. It was subsequently removed
in commit
416dafddb18a3e82750c6e8ca089d4f9132b39dc.
Likewise the change to RoutingCacheBuilder does not have any effect on the bug
reported in #2905. After reverting the change within RoutingCacheBuilder the
bug is not reproducible. It is reproducible however when reverting the change
in RequestHandler, indicating that this change is the only relevant in that
commit.
This commit reverts the change to RoutingCacheBuilder, because it is not
neccessary and because it actually introduced intransparent behavior into the
routing system:
If the landing page of `wcf` (i.e. the page that previously was considered to
be the global landing page before removing the distinction in
64a1be56f2ef06f8b4b2bea0cccc7c8b8374588a) is a page that is assigned to
`packageID = 1` (i.e. to `wcf`), but virtually relocated into an application
(e.g. `wbb`), then the application's configured landing page will be ignored
and wcf's landing page will be used instead.
This implicit override is not exposed to the administrator and it is also not
necessary. It works perfectly fine to move wcf's landing page into a different
app where it is not considered to be the landing page: The URLs generated by
the link handler will simply include the controller name and the redirect
performed by the URL canonicalization feature will go to the right place.
Tim Düsterhus [Fri, 17 Jun 2022 10:08:03 +0000 (12:08 +0200)]
Merge branch '5.5'
Tim Düsterhus [Wed, 15 Jun 2022 13:56:41 +0000 (15:56 +0200)]
Merge branch '5.4' into 5.5
Tim Düsterhus [Wed, 15 Jun 2022 13:45:38 +0000 (15:45 +0200)]
Match foreign keys independent of referenced column casing in PHP DDL
Early versions of MySQL 8 contained a bug that would return the column names of
the referenced table in lowercase whenever querying the FOREIGN KEY or when
showing the table's structure:
https://bugs.mysql.com/bug.php?id=88718
This issue also affects the any created database dumps and is not corrected
when importing the dump into a fixed version of MySQL:
https://bugs.mysql.com/bug.php?id=98976
Thus any instances that were ever dumped with an affected version of MySQL 8
will have foreign keys with a mismatching column case.
The FOREIGN KEY itself will be completely functional, MySQL does not care about
the casing of column names.
However the PHP DDL considers those FOREIGN KEYs to be different when
attempting to find an existing FOREIGN KEY to update, thus believing that the
FOREIGN KEY does not yet exist. As a result it attemtps to create it,
generating a name that is identical to the existing FOREIGN KEY's, leading to
conflicts when attempting to log the change into package_installation_sql_log.
Fix this issue by lowercasing the referenced column names when grabbing the
`->getDiffData()`. The PHP DDL will then find the existing FOREIGN KEY, but it
will realize that it is different when diffing the `->getData()`.
This will lead to the "broken" FOREIGN KEY being dropped and it being recreated
correctly, both avoiding the duplicate key error and also actually correcting
the column name.
Tim Düsterhus [Wed, 15 Jun 2022 11:34:05 +0000 (13:34 +0200)]
Merge branch 'php8.2'
Tim Düsterhus [Fri, 10 Jun 2022 08:24:03 +0000 (10:24 +0200)]
Allow PHP 8.2 in CheckSystemEnvironment
Tim Düsterhus [Wed, 15 Jun 2022 11:33:49 +0000 (13:33 +0200)]
Merge branch '5.5'
Tim Düsterhus [Wed, 15 Jun 2022 11:33:36 +0000 (13:33 +0200)]
Merge remote-tracking branch 'origin/5.5' into 5.5
Tim Düsterhus [Wed, 15 Jun 2022 11:33:13 +0000 (13:33 +0200)]
Merge branch 'php8.2-fixes' into 5.5
Tim Düsterhus [Fri, 10 Jun 2022 08:22:13 +0000 (10:22 +0200)]
Fix PHP 8.2 compatibility in TemplateEngine
> Creation of dynamic property wcf\system\template\TemplateEngine::$pluginObjects is deprecated
> Creation of dynamic property wcf\system\template\TemplateEngine::$tagStack is deprecated
Tim Düsterhus [Fri, 10 Jun 2022 08:03:15 +0000 (10:03 +0200)]
Fix PHP 8.2 compatibility in HascontentPrefilterTemplatePlugin
> Use of "self" in callables is deprecated
Marcel Werk [Wed, 15 Jun 2022 10:54:32 +0000 (12:54 +0200)]
Fix saving box for page assignments
The methods still contained code that became obsolete with the PR linked below.
see https://github.com/WoltLab/WCF/pull/4866
Tim Düsterhus [Wed, 15 Jun 2022 10:05:16 +0000 (12:05 +0200)]
Merge branch '5.5'
Marcel Werk [Tue, 14 Jun 2022 10:26:35 +0000 (12:26 +0200)]
Removed obsolete update script for box condition conversion
see https://github.com/WoltLab/WCF/pull/4866
Tim Düsterhus [Tue, 14 Jun 2022 07:26:12 +0000 (09:26 +0200)]
Update composer dependencies
Tim Düsterhus [Tue, 14 Jun 2022 07:25:56 +0000 (09:25 +0200)]
Merge branch '5.5'
Tim Düsterhus [Tue, 14 Jun 2022 07:25:11 +0000 (09:25 +0200)]
Merge remote-tracking branch 'origin/5.5' into 5.5
Tim Düsterhus [Tue, 14 Jun 2022 07:24:50 +0000 (09:24 +0200)]
Update composer dependencies
Alexander Ebert [Mon, 13 Jun 2022 17:08:33 +0000 (19:08 +0200)]
Merge pull request #4866 from WoltLab/box-visibility-conditions
Hiding boxes did not work properly
Alexander Ebert [Mon, 13 Jun 2022 16:37:29 +0000 (18:37 +0200)]
Modernized the embedded JavaScript
Marcel Werk [Mon, 13 Jun 2022 15:47:58 +0000 (17:47 +0200)]
Hiding boxes did not work properly
Tim Düsterhus [Mon, 13 Jun 2022 14:07:10 +0000 (16:07 +0200)]
Merge pull request #4865 from WoltLab/controllermap-lookup-default-controller
Remove dead branch on ControllerMap::lookupDefaultController()
Tim Düsterhus [Mon, 13 Jun 2022 13:58:23 +0000 (15:58 +0200)]
Merge branch '5.5'
Tim Düsterhus [Mon, 13 Jun 2022 13:57:56 +0000 (15:57 +0200)]
Tim Düsterhus [Mon, 13 Jun 2022 13:52:50 +0000 (15:52 +0200)]
Merge pull request #4864 from WoltLab/linkhandler-cms-link
Clean up data flow in LinkHandler::getCmsLink()
Tim Düsterhus [Mon, 13 Jun 2022 13:50:54 +0000 (15:50 +0200)]
Remove dead branch in RequestHandler::handleDefaultController()
`->lookupDefaultController()` will not return a `redirect` key since the
previous commit.
Tim Düsterhus [Mon, 13 Jun 2022 13:28:28 +0000 (15:28 +0200)]
Remove dead branch on ControllerMap::lookupDefaultController()
It is impossible for this branch to ever be taken:
To even reach this branch it is a necessary precondition that the landing page
of the accessed application is a non-system CMS page.
A non-system CMS page can either be user-created (originIsSystem = 0) or
installed by a package (e.g. the Dashboard). These two have differently with
regard to application overrides: Only package-installed CMS pages can ever have
an application override. For a user-created CMS page instead of creating an
override the page's packageID will simply be updated.
1)
Let's first look into user-created CMS pages: For the reasons outlined above
the call to `->getApplicationOverride()` will simply pass through the
`$application`, because no override can exist. `$application !== $application`
will never be true, thus this branch will never be taken.
2)
The same is true for a package-installed CMS page without an override: The
second half of the condition will not be true.
3)
Thus the remaining case to look into is a package-installed CMS page with an
override.
Let us consider the situation with 3 installed apps, `wcf`, `forum` and `blog`.
The CMS page was installed by `blog` and virtually reassigned to `forum`. The
application overrides will look like the following:
array (size=2)
'lookup' =>
array (size=1)
'wbb' =>
array (size=1)
'testing' => string 'blog' (length=4)
'reverse' =>
array (size=1)
'blog' =>
array (size=1)
'testing' => string 'wbb' (length=3)
And only the `reverse` case is relevant here.
Now when accessing the `blog` the first half of the condition will be false:
The accessed application matches the actual application.
When accessing any other app, the second half of the condition will be false,
as the `reverse` lookup maps from `blog` to `wbb` which was already ruled out
in the previous paragraph. As the lookup will not match, the `$application`
will be passed through unmodified.
In none of the cases can both parts of the conditional branch ever be true at
the same time, making this a dead branch.
The logic was last modified in commit
000c0c8a26491708b2af995bdd6f0e627cc75161.
Peeking at the code as of that commit does not indicate that the behavior of
`getApplicationOverride()` was different back then, indicating that that commit
broke the `redirect` return case.
It is likely that it was intended that `$cmsPageData['application']` was to be
passed as a parameter instead of `$application`. However this code being broken
for that long of a time indicates that it wasn't important after all.
Tim Düsterhus [Mon, 13 Jun 2022 12:00:56 +0000 (14:00 +0200)]
Clean up data flow in LinkHandler::getCmsLink()
Tim Düsterhus [Mon, 13 Jun 2022 10:09:22 +0000 (12:09 +0200)]
Merge branch '5.5'
Tim Düsterhus [Mon, 13 Jun 2022 10:07:09 +0000 (12:07 +0200)]
Mark closure in KeywordHighlighter as static
see
406348deb7debaeaa908db6fc1a724a40e82e8a3
Tim Düsterhus [Mon, 13 Jun 2022 08:18:49 +0000 (10:18 +0200)]
Fix typo in PHPDoc of CheckboxFormField
Alexander Ebert [Fri, 10 Jun 2022 14:25:59 +0000 (16:25 +0200)]
Skip the highlighting of words with a length < 3
See https://www.woltlab.com/community/thread/295850-highlighter-in-suchergebnissen-hebt-zu-kurze-begriffe-hervor/
Alexander Ebert [Fri, 10 Jun 2022 13:35:54 +0000 (15:35 +0200)]
Quote links now imply the `https` protocol if not set
Alexander Ebert [Fri, 10 Jun 2022 13:31:20 +0000 (15:31 +0200)]
Default to `https` for protocol-less links
Alexander Ebert [Fri, 10 Jun 2022 13:26:42 +0000 (15:26 +0200)]
Use the same icon for quotes in the editor
Alexander Ebert [Fri, 10 Jun 2022 13:22:23 +0000 (15:22 +0200)]
Right sidebar boxes did not span the entire width
See https://www.woltlab.com/community/thread/295902-rechte-sidebardarstellung-im-userprofil-mobil-fehlerhaft/
The CSS was accidentally removed in
c00bdb0694b993be21d779ecef6badc8524e8967
Tim Düsterhus [Fri, 10 Jun 2022 12:32:38 +0000 (14:32 +0200)]
Merge pull request #4863 from WoltLab/thumbnail-graceful
Gracefully ignore Thumbnail generation failures in DefaultUploadFileSaveStrategy
Tim Düsterhus [Fri, 10 Jun 2022 10:14:45 +0000 (12:14 +0200)]
Gracefully ignore Thumbnail generation failures in DefaultUploadFileSaveStrategy
`->generateThumbnails()` might already not do anything of the memory limit is
likely going to be exceeded, causing image upload to be thumbnail-less. Extend
this to all cases of thumbnail generation failure by catching exceptions thrown
when loading the image or when performing the resizing operation.
Tim Düsterhus [Fri, 10 Jun 2022 09:52:44 +0000 (11:52 +0200)]
Use Header::splitList() instead of Header::normalize()
see guzzle/psr7#477
Tim Düsterhus [Fri, 10 Jun 2022 09:13:49 +0000 (11:13 +0200)]
Merge branch '5.5'
Tim Düsterhus [Fri, 10 Jun 2022 09:13:18 +0000 (11:13 +0200)]
Fix SCSS formatting
Tim Düsterhus [Fri, 10 Jun 2022 07:29:43 +0000 (09:29 +0200)]
Tighten up composer version constraints
Tim Düsterhus [Fri, 10 Jun 2022 07:28:28 +0000 (09:28 +0200)]
Sort dependencies in composer.json
Tim Düsterhus [Fri, 10 Jun 2022 07:25:19 +0000 (09:25 +0200)]
Update composer dependencies
Tim Düsterhus [Fri, 10 Jun 2022 07:24:59 +0000 (09:24 +0200)]
Merge branch '5.5'
Tim Düsterhus [Fri, 10 Jun 2022 07:24:28 +0000 (09:24 +0200)]
Update composer dependencies
Especially for guzzle/guzzle@
e3ff079b22820c2029d4c2a87796b6a0b8716ad8.