Matthias Schmidt [Wed, 7 Jul 2021 08:25:33 +0000 (10:25 +0200)]
Explicitly show error message if import queue is empty
Close #3804
See #4379
Matthias Schmidt [Wed, 7 Jul 2021 07:05:42 +0000 (09:05 +0200)]
Merge branch '5.3' into 5.4
Matthias Schmidt [Wed, 7 Jul 2021 07:01:14 +0000 (09:01 +0200)]
Fix reading value of `CheckboxFormField`
In contrast to `BooleanFormField` for which an explicit "no" input field exists, a normal checkbox does not submit any data if no checked.
Alexander Ebert [Tue, 6 Jul 2021 12:47:11 +0000 (14:47 +0200)]
Merge branch '5.4' of https://github.com/WoltLab/WCF into 5.4
Alexander Ebert [Tue, 6 Jul 2021 12:47:03 +0000 (14:47 +0200)]
Incorrect type cast to `number`
Matthias Schmidt [Tue, 6 Jul 2021 12:34:01 +0000 (14:34 +0200)]
Fix conversion of `Dictionary` to `Map` in `Acp/Ui/Menu/Item/Handler`
See
2727575fbe8a2ca2fe4a19288c7a982969170882
Alexander Ebert [Tue, 6 Jul 2021 12:33:14 +0000 (14:33 +0200)]
Search for articles toggled the incorrect container
Matthias Schmidt [Tue, 6 Jul 2021 12:24:10 +0000 (14:24 +0200)]
Merge branch '5.3' into 5.4
Matthias Schmidt [Tue, 6 Jul 2021 12:23:51 +0000 (14:23 +0200)]
Remove obsolete style logo upload field descriptions
See #3456
Marcel Werk [Tue, 6 Jul 2021 11:08:46 +0000 (13:08 +0200)]
Fixed missing language version for embedded articles
Tim Düsterhus [Tue, 6 Jul 2021 10:48:04 +0000 (12:48 +0200)]
Merge remote-tracking branch 'origin/5.4' into 5.4
Tim Düsterhus [Tue, 6 Jul 2021 10:47:52 +0000 (12:47 +0200)]
Merge branch '5.3' into 5.4
Tim Düsterhus [Tue, 6 Jul 2021 10:46:01 +0000 (12:46 +0200)]
Add missing encoding of `$family` in font download requests
Matthias Schmidt [Tue, 6 Jul 2021 09:42:35 +0000 (11:42 +0200)]
Add missing since tag for `User::requiresMultifactor()`
Tim Düsterhus [Tue, 6 Jul 2021 08:23:25 +0000 (10:23 +0200)]
Merge branch '5.3' into 5.4
Tim Düsterhus [Tue, 6 Jul 2021 07:34:53 +0000 (09:34 +0200)]
Merge branch '5.2' into 5.3
Tim Düsterhus [Tue, 6 Jul 2021 07:34:26 +0000 (09:34 +0200)]
Merge branch '3.1' into 5.2
Tim Düsterhus [Tue, 6 Jul 2021 07:32:45 +0000 (09:32 +0200)]
Remove duplicate `class` attribute in cacheList.tpl
Tim Düsterhus [Mon, 5 Jul 2021 12:18:15 +0000 (14:18 +0200)]
Check for WebP support in update_com.woltlab.wcf_5.4_checkSystemRequirements.php
Tim Düsterhus [Mon, 5 Jul 2021 12:17:29 +0000 (14:17 +0200)]
Merge branch '5.3' into 5.4
Tim Düsterhus [Mon, 5 Jul 2021 12:09:42 +0000 (14:09 +0200)]
Merge pull request #4368 from WoltLab/upgrade-check-webp
Add check for GD support to PackageEnableUpgradeOverrideForm
Tim Düsterhus [Mon, 5 Jul 2021 11:57:40 +0000 (13:57 +0200)]
Add check for GD support to PackageEnableUpgradeOverrideForm
Tim Düsterhus [Mon, 5 Jul 2021 10:45:33 +0000 (12:45 +0200)]
Merge branch '5.3' into 5.4
Tim Düsterhus [Mon, 5 Jul 2021 10:39:50 +0000 (12:39 +0200)]
Validate the `actionName` in MessageQuoteAction
Matthias Schmidt [Mon, 5 Jul 2021 09:53:05 +0000 (11:53 +0200)]
Fix adding pages if only one language is available
See
128dbea9130f7decfb255d0d6e04f83e291021e6
Matthias Schmidt [Mon, 5 Jul 2021 09:32:03 +0000 (11:32 +0200)]
Fix code formatting issue
Matthias Schmidt [Fri, 2 Jul 2021 11:23:40 +0000 (13:23 +0200)]
Ensure that app abbreviation is unique before app installation
Close #4344
Matthias Schmidt [Mon, 5 Jul 2021 09:25:37 +0000 (11:25 +0200)]
Fix path of database PIP file located in `files_wcf/` for DevTools syncs
Close #4359
Tim Düsterhus [Mon, 5 Jul 2021 07:56:34 +0000 (09:56 +0200)]
Merge branch '5.3' into 5.4
Also applied the second change from #4366.
Co-authored-by: Sascha Greuel <sascha@softcreatr.de>
Tim Düsterhus [Mon, 5 Jul 2021 07:54:22 +0000 (09:54 +0200)]
Merge branch '5.2' into 5.3
Tim Düsterhus [Mon, 5 Jul 2021 07:54:10 +0000 (09:54 +0200)]
Merge branch '3.1' into 5.2
Tim Düsterhus [Mon, 5 Jul 2021 07:53:22 +0000 (09:53 +0200)]
Fix typo in de.xml
Closes #4366
Co-authored-by: Sascha Greuel <sascha@softcreatr.de>
Tim Düsterhus [Mon, 5 Jul 2021 07:01:02 +0000 (09:01 +0200)]
Add missing `@since` to AbstractOauth2Action
Tim Düsterhus [Sun, 4 Jul 2021 13:35:07 +0000 (15:35 +0200)]
Make AbstractOauth2Action::getHttpClient() non-final
It might be desirable to be able to add custom headers, specifically a custom
`user-agent`, for non-stock IDPs.
Tim Düsterhus [Thu, 1 Jul 2021 13:49:00 +0000 (15:49 +0200)]
Fix TOTP QR code in dark styles
Alexander Ebert [Thu, 1 Jul 2021 12:13:27 +0000 (14:13 +0200)]
Release 5.3.10
Tim Düsterhus [Thu, 1 Jul 2021 09:48:22 +0000 (11:48 +0200)]
Merge branch '5.3' into 5.4
Tim Düsterhus [Thu, 1 Jul 2021 09:41:48 +0000 (11:41 +0200)]
Merge pull request #4354 from WoltLab/systemcheck-performance
Improve performance of SystemCheckPage::validateWritableDirectories()
Tim Düsterhus [Thu, 1 Jul 2021 09:21:08 +0000 (11:21 +0200)]
Improve performance of SystemCheckPage::validateWritableDirectories()
The previous implementation resulted in a syscall hell for large attachment or
image directories. RecursiveDirectoryIterator requires two syscalls for
directory entry just for iteration and that does not yet include any custom
logic.
Replace the implementation by a simple `glob()`. This is a small behavior
change, as a `*` will only check the files immediately below the directory in
question instead of recursing all the way down. However this likely is what was
intended anyway.
WoltLab [Thu, 1 Jul 2021 08:32:22 +0000 (08:32 +0000)]
Updating minified JavaScript files
Alexander Ebert [Wed, 30 Jun 2021 13:15:45 +0000 (15:15 +0200)]
Modified update instructions
Tim Düsterhus [Wed, 30 Jun 2021 10:57:11 +0000 (12:57 +0200)]
Handle Facebook not providing an email address
Fixes #4241
Tim Düsterhus [Tue, 29 Jun 2021 07:51:13 +0000 (09:51 +0200)]
Register reauthentication after MFA in ACP only
It was not desired that a login within the frontend also registers a
reauthentication, as the actions requiring a reauthentication are very rarely
used and can benefit from this additional password check. In the ACP however
each request requires a reauthentication, thus it makes sense to register it
during login.
see
4624ceeda0e19109245d19e883dc6fd388e95519
Tim Düsterhus [Mon, 28 Jun 2021 15:39:00 +0000 (17:39 +0200)]
Merge pull request #4350 from WoltLab/update-server-db
Adjust the URL of the update servers in install.sql
Marcel Werk [Mon, 28 Jun 2021 15:27:17 +0000 (17:27 +0200)]
Merge branch '5.3' into 5.4
Marcel Werk [Mon, 28 Jun 2021 15:25:12 +0000 (17:25 +0200)]
Sorting in article category had no effect
Tim Düsterhus [Mon, 28 Jun 2021 15:22:25 +0000 (17:22 +0200)]
Adjust the URL of the update servers in install.sql
This is technically unnecessary as the proper URLs will be inserted during
runtime, but might improve debugging, as it is clear which version was used to
install the software.
Tim Düsterhus [Mon, 28 Jun 2021 15:01:25 +0000 (17:01 +0200)]
Add acpTemplate PIP to update instructions from 5.4.0 Beta 2
Tim Düsterhus [Mon, 28 Jun 2021 15:00:08 +0000 (17:00 +0200)]
Use RejectEverythingFormField in PackageEnableUpgradeOverrideForm
Tim Düsterhus [Mon, 28 Jun 2021 14:59:04 +0000 (16:59 +0200)]
Clear WCF::AVAILABLE_UPGRADE_VERSION
Tim Düsterhus [Mon, 28 Jun 2021 14:58:50 +0000 (16:58 +0200)]
Merge branch '5.3' into 5.4
Tim Düsterhus [Mon, 28 Jun 2021 14:44:53 +0000 (16:44 +0200)]
Add support for version upgrades (#4160)
* Add WCF::AVAILABLE_UPGRADE_VERSION
* Expose the available upgrade version to packageList.tpl
* Show notice in packageList if an upgrade is available
* Add upgrade override support to PackageUpdateServer
* Show notice about enabled upgrade override in packageList and packageUpdateServerList
* Add PackageEnableUpgradeOverrideForm
* Support disabling the upgrade override if there are issues
* Add version checks from update_com.woltlab.wcf_5.4_checkSystemRequirements.php to PackageEnableUpgradeOverrideForm
* Add language items for WoltLab Suite upgrades
* Clear package lists when toggling the upgrade override
* Add requested-woltlab-suite-version header to package list requests
* Improved the messages and restrict the upgrade to the maintenance mode
* Restrict the experimental upgrade to the maintenance mode
* Removed the upgrade notice from the package server list
Co-authored-by: Alexander Ebert <ebert@woltlab.com>
Alexander Ebert [Mon, 28 Jun 2021 13:37:04 +0000 (15:37 +0200)]
Release 5.4.0 RC 1
WoltLab [Mon, 28 Jun 2021 13:34:02 +0000 (13:34 +0000)]
Updating minified JavaScript files
Tim Düsterhus [Mon, 28 Jun 2021 08:27:34 +0000 (10:27 +0200)]
Add modified PIPs to 5.3 -> 5.4 instructions
Tim Düsterhus [Mon, 28 Jun 2021 08:23:15 +0000 (10:23 +0200)]
Revert "Removed the upgrade support from 5.3.*"
This reverts commit
466ac360246fc568e0e3f6e1527c218f70bf158e.
Tim Düsterhus [Fri, 25 Jun 2021 15:33:12 +0000 (17:33 +0200)]
Remove unused `DevicesContainer::$devices` property
Alexander Ebert [Fri, 25 Jun 2021 15:04:45 +0000 (17:04 +0200)]
Type hint instead of a type cast
The type hint is only meant to narrow the type, not replace it.
Alexander Ebert [Fri, 25 Jun 2021 14:27:40 +0000 (16:27 +0200)]
Incorrect access of an element that is not always present
Joshua Rüsweg [Fri, 25 Jun 2021 10:54:16 +0000 (12:54 +0200)]
Merge pull request #4341 from WoltLab/unfurl-download-fail-no-log
Prevent unfurling DownloadFailed exceptions from ending up in the error log
Matthias Schmidt [Fri, 25 Jun 2021 08:30:12 +0000 (10:30 +0200)]
Fix code style issue
Tim Düsterhus [Fri, 25 Jun 2021 08:18:21 +0000 (10:18 +0200)]
Encode non-UTF-8 parameters as hexadecimal in Benchmark
Some database queries, such as the new Flood Control framework, contain binary
fields that might break proper rendering or further processing.
Encode all parameters that are not valid UTF-8 as hexadecimal and wrap them
into a call of `UNHEX()` to maintain copyability.
see
048aaf0c318f01d11da4f6b8c01b6fdd1acbcb7a
Matthias Schmidt [Fri, 25 Jun 2021 06:40:13 +0000 (08:40 +0200)]
Merge branch '5.3' into 5.4
Matthias Schmidt [Fri, 25 Jun 2021 06:34:51 +0000 (08:34 +0200)]
Fix poll insertion after message edit if no poll exists
Previously, an empty `div.jsInlineEditorHideContent` element was added.
Tim Düsterhus [Thu, 24 Jun 2021 12:27:51 +0000 (14:27 +0200)]
Prevent unfurling DownloadFailed exceptions from ending up in the error log
Resolves #4237
Tim Düsterhus [Wed, 23 Jun 2021 11:44:46 +0000 (13:44 +0200)]
Make return types in HttpFactory more readable
see
f5b3800800e74296ca1411b25496a6b964c0600e
see #4337
Tim Düsterhus [Wed, 23 Jun 2021 11:38:21 +0000 (13:38 +0200)]
Improve return types in HttpFactory
Resolves #4337
Alexander Ebert [Wed, 23 Jun 2021 09:54:23 +0000 (11:54 +0200)]
Force non-cursive font for code listings inside quotes
Tim Düsterhus [Wed, 23 Jun 2021 07:44:38 +0000 (09:44 +0200)]
Merge branch '5.3' into 5.4
Tim Düsterhus [Wed, 23 Jun 2021 07:43:22 +0000 (09:43 +0200)]
Merge branch '5.2' into 5.3
Tim Düsterhus [Wed, 23 Jun 2021 07:42:23 +0000 (09:42 +0200)]
Merge branch '3.1' into 5.2
Tim Düsterhus [Wed, 23 Jun 2021 07:40:44 +0000 (09:40 +0200)]
Merge branch '5.3' into 5.4
Tim Düsterhus [Wed, 23 Jun 2021 07:39:40 +0000 (09:39 +0200)]
Merge branch '5.2' into 5.3
Tim Düsterhus [Wed, 23 Jun 2021 07:39:21 +0000 (09:39 +0200)]
Fix typo in de.xml
Tim Düsterhus [Wed, 23 Jun 2021 07:37:13 +0000 (09:37 +0200)]
Use “Moderation” instead of “Moderatoren” in de.xml
Matthias Schmidt [Wed, 23 Jun 2021 07:33:25 +0000 (09:33 +0200)]
Update XSD paths in XML files generated by PHP code
See #4268
Matthias Schmidt [Wed, 23 Jun 2021 07:31:21 +0000 (09:31 +0200)]
Update XSD paths in XML files
See #4268
Alexander Ebert [Mon, 21 Jun 2021 14:47:42 +0000 (16:47 +0200)]
Embedded object ids are now explicitly casted to int
https://wiki.php.net/rfc/string_to_number_comparison changed the behavior of PHP when comparing strings to numbers.
`123 == "123foo"` is true in PHP <8.0, but false starting with PHP 8.0.
Alexander Ebert [Mon, 21 Jun 2021 14:39:57 +0000 (16:39 +0200)]
Revert "Cast values of simple embedded objects to int"
This reverts commit
2e3b2fcc855f50238dbe930ea3392cf48894b85f.
Alexander Ebert [Mon, 21 Jun 2021 14:13:38 +0000 (16:13 +0200)]
Cast values of simple embedded objects to int
These values are not guaranteed to be pure numbers. Any value could be followed by a helper comment, such as `13#Fancy page`. Explicitly calling `intval()` truncates the value to just contain the leading digits as it was intended to be.
Alexander Ebert [Mon, 21 Jun 2021 14:08:30 +0000 (16:08 +0200)]
Improved the regex for simple embedded objects
The previous version was borderline erroneous and while it worked so far, it could easily break in future versions of PHP.
Matthias Schmidt [Mon, 21 Jun 2021 06:49:37 +0000 (08:49 +0200)]
Merge branch '5.3' into 5.4
Matthias Schmidt [Mon, 21 Jun 2021 06:48:22 +0000 (08:48 +0200)]
Reset link-related fields after creating box
Tim Düsterhus [Fri, 18 Jun 2021 13:57:18 +0000 (15:57 +0200)]
Merge branch '5.3' into 5.4
Tim Düsterhus [Fri, 18 Jun 2021 13:47:39 +0000 (15:47 +0200)]
Merge branch '5.2' into 5.3
Tim Düsterhus [Fri, 18 Jun 2021 13:47:18 +0000 (15:47 +0200)]
Merge branch '3.1' into 5.2
Tim Düsterhus [Fri, 18 Jun 2021 13:44:21 +0000 (15:44 +0200)]
Set 'accept-encoding: identity' by default in HTTPRequest
RFC 7231#5.3.4 allows a server to use an arbitrary 'content-encoding' when no
'accept-encoding' request header is sent.
Make it clear that no 'content-encoding' is acceptable by only accepting the
'identity' encoding.
Tim Düsterhus [Fri, 18 Jun 2021 09:37:24 +0000 (11:37 +0200)]
Revert "Ignore security token for guests"
Due to the age of this commit it's a bit unclear why exactly it was necessary
at that time, but records indicate that it was related to the URL based session
system (`?s=…`) in combination with with virtual sessions effectively changing
the session ID during login, the `SID` constants being constant and the CSRF
token being stored in the session.
As none of this applies any longer, this workaround should no longer be
necessary and thus reverted. It certainly violates the principle of least
astonishment, because it only applies to AbstractSecureAction, but not forms
and it's questionable from a security perspective.
This reverts commit
e5c2467f717632b47f935a0e59a310de2e2867f3.
Tim Düsterhus [Thu, 17 Jun 2021 15:15:56 +0000 (17:15 +0200)]
Merge pull request #4309 from WoltLab/acp-cannotuse
Set __isLogin if a logged-in user lacks `admin.general.canUseAcp`
Tim Düsterhus [Thu, 17 Jun 2021 13:02:14 +0000 (15:02 +0200)]
Rename the third gender from 'Other' to 'Non-Binary' in en.xml
Tim Düsterhus [Thu, 17 Jun 2021 12:52:15 +0000 (14:52 +0200)]
Improve name of the 'image_proxy_host_whitelist' option
Whitelist implies that only the given domains will be passes through the proxy.
Additionally the German version already uses “Ausnahme” which translates to
“Exception”.
Tim Düsterhus [Thu, 17 Jun 2021 12:43:15 +0000 (14:43 +0200)]
Merge branch '5.3' into 5.4
Tim Düsterhus [Thu, 17 Jun 2021 12:42:53 +0000 (14:42 +0200)]
Merge branch '5.2' into 5.3
Tim Düsterhus [Thu, 17 Jun 2021 12:42:42 +0000 (14:42 +0200)]
Merge branch '3.1' into 5.2
Tim Düsterhus [Thu, 17 Jun 2021 12:41:10 +0000 (14:41 +0200)]
Fix 'to its full extent' in en.xml
Tim Düsterhus [Thu, 17 Jun 2021 12:09:34 +0000 (14:09 +0200)]
Set __isLogin if a logged-in user lacks `admin.general.canUseAcp`
Resolves #4307
Alexander Ebert [Wed, 16 Jun 2021 15:27:06 +0000 (17:27 +0200)]
Release 5.4.0 Beta 2
WoltLab [Wed, 16 Jun 2021 13:58:51 +0000 (13:58 +0000)]
Updating minified JavaScript files
Alexander Ebert [Wed, 16 Jun 2021 12:08:27 +0000 (14:08 +0200)]
Revert "Strip the `loading` attribute from smileys for AMP output"
This reverts commit
4cfc175da480a13704dd6b52e49723c9a84cb62d.
Alexander Ebert [Wed, 16 Jun 2021 12:01:20 +0000 (14:01 +0200)]
Incorrect use of DOM attributes
See #4290