Marcel Werk [Mon, 29 Mar 2021 16:24:45 +0000 (18:24 +0200)]
Merge branch '5.2' into 5.3
Marcel Werk [Mon, 29 Mar 2021 16:24:08 +0000 (18:24 +0200)]
Merge branch '3.1' into 5.2
Marcel Werk [Mon, 29 Mar 2021 16:23:50 +0000 (18:23 +0200)]
Update the user rank after users change their profile
Marcel Werk [Mon, 29 Mar 2021 13:52:14 +0000 (15:52 +0200)]
Removed obsolete Chrome workaround for dialogs with scrollbars
Marcel Werk [Sun, 28 Mar 2021 12:29:18 +0000 (14:29 +0200)]
Removed obsolete whitespaces
Marcel Werk [Sun, 28 Mar 2021 12:13:50 +0000 (14:13 +0200)]
Delete trophy images when deleting tropies
Marcel Werk [Sun, 28 Mar 2021 12:13:14 +0000 (14:13 +0200)]
Fixed wrong parameter type
Marcel Werk [Sun, 28 Mar 2021 11:17:59 +0000 (13:17 +0200)]
Missing margin for trophies with images
Marcel Werk [Sun, 28 Mar 2021 11:02:52 +0000 (13:02 +0200)]
Hide comment counter when comments are disabled
Marcel Werk [Sun, 28 Mar 2021 10:48:19 +0000 (12:48 +0200)]
Made sure ids in toc are unique
Marcel Werk [Sun, 28 Mar 2021 09:51:29 +0000 (11:51 +0200)]
Merge branch '5.2' into 5.3
Marcel Werk [Sun, 28 Mar 2021 09:38:13 +0000 (11:38 +0200)]
Merge branch '3.1' into 5.2
Marcel Werk [Sun, 28 Mar 2021 09:37:09 +0000 (11:37 +0200)]
Strip rtl override char
Alexander Ebert [Fri, 26 Mar 2021 11:36:18 +0000 (12:36 +0100)]
Permit the use of `array_diff` in templates
If only developers would stop moving business logic into templates…
joshuaruesweg [Sat, 20 Mar 2021 15:38:02 +0000 (16:38 +0100)]
Throw `UserInputException` insteadof `InvalidArgumentException` for invalid captchas
Currently, bots are deliberately manipulating the field to provoke an exception. This is prevented with this fix.
Tim Düsterhus [Wed, 17 Mar 2021 15:17:10 +0000 (16:17 +0100)]
Merge pull request #4092 from WoltLab/woltlab-source-isactive
Use WoltLabSource.isActive() to check whether the source view is enabled
Tim Düsterhus [Wed, 17 Mar 2021 14:58:36 +0000 (15:58 +0100)]
Use WoltLabSource.isActive() to check whether the source view is enabled
Apparently the previous version, checking the height of the textarea, is broken
in the Kiwi Browser for Android even though it pretends to be a standard Chrome
88 without indicating anywhere within the User-Agent that it is not.
Luckily the fix is easy enough and technically the more correct solution even
for non-broken browsers.
I verified the correct functionality using Kiwi on Android and Firefox on
Linux.
Tim Düsterhus [Mon, 15 Mar 2021 11:34:08 +0000 (12:34 +0100)]
Refuse to proxy non-standard ports in ImageProxy
Tim Düsterhus [Mon, 15 Mar 2021 11:16:06 +0000 (12:16 +0100)]
Add whitespace before condition in UserSearchForm
Currently a query like the following is generated:
SELECT user_table.userID
FROM wcf1_user user_table
LEFT JOIN wcf1_user_option_value option_value
ON (option_value.userID = user_table.userID)WHERE option_value.userOption4 = ?
This works due to the parentheses around the `ON` part of the `JOIN`, but it
certainly is not pretty and it will cause issues if the parentheses are removed
(as it happened for WoltLab Suite 5.4).
Insert a newline between the base query and the condition to fix the issue.
Resolves #4078
Co-Authored-By: mutec <mysterycode@mysterycode.de>
Tim Düsterhus [Fri, 12 Mar 2021 09:58:20 +0000 (10:58 +0100)]
Ensure that the 'wcf' application is untainted
This fixes up commit
fc2b721517646af2e4d901d95eeba802c1eb6a7d.
see #4057
joshuaruesweg [Wed, 10 Mar 2021 21:06:29 +0000 (22:06 +0100)]
Fix user awaiting approval link
Matthias Schmidt [Tue, 9 Mar 2021 15:22:53 +0000 (16:22 +0100)]
Merge branch '5.2' into 5.3
Matthias Schmidt [Tue, 9 Mar 2021 15:21:04 +0000 (16:21 +0100)]
Fix reading ACL values in non-Ajax form builder forms (#4060)
The wrong data source was used in `AclFormField` (the whole `$_POST` array instead of the dedicated entry) and the data was always stored in `aclValues` instead of a dedicated entry per form field.
Matthias Schmidt [Tue, 9 Mar 2021 15:15:45 +0000 (16:15 +0100)]
Fix Ajax user form fields with pre-set values
`values[i].objectId` is only set for users added manually via the UI. For pre-existing usernames, only `values[i].value` exists.
Tim Düsterhus [Tue, 9 Mar 2021 12:47:53 +0000 (13:47 +0100)]
Merge pull request #4057 from WoltLab/app-install-taint
Taint apps until a directory is selected
Tim Düsterhus [Tue, 9 Mar 2021 09:50:33 +0000 (10:50 +0100)]
Skip tainted applications during evaluation check on IndexPage
Tim Düsterhus [Tue, 9 Mar 2021 09:41:33 +0000 (10:41 +0100)]
Taint installed apps until the directory is selected
The row in wcf1_application is created very early in the installation process,
even before the application directory is selected. This causes it to contain
bogus data. Now when pressing F5 during the folder section for whatever reason
the application technically is installed, but it's not usable due to the
missing XXXCore class. When the cache is being cleared this will brick the
whole community.
Taint apps until a proper application directory is selected. This reduces the
time window for human error, because it's likely that the `file` PIP runs very
soon after.
Alexander Ebert [Wed, 3 Mar 2021 10:43:55 +0000 (11:43 +0100)]
Merge branch '5.2' into 5.3
Alexander Ebert [Wed, 3 Mar 2021 10:27:35 +0000 (11:27 +0100)]
Release 5.2.13
Alexander Ebert [Wed, 3 Mar 2021 09:42:41 +0000 (10:42 +0100)]
Merge branch '3.1' into 5.2
Alexander Ebert [Wed, 3 Mar 2021 09:18:54 +0000 (10:18 +0100)]
Release 3.1.21
Alexander Ebert [Wed, 3 Mar 2021 09:14:28 +0000 (10:14 +0100)]
Merge branch '3.0' into 3.1
Tim Düsterhus [Tue, 2 Mar 2021 08:38:51 +0000 (09:38 +0100)]
Add missing permission check to ModerationQueueAction::validateAssignUser()
This only affected registered users. Guests never could trigger this action,
because it is not listed in `$allowGuestAccess`.
WoltLab [Tue, 2 Mar 2021 17:47:17 +0000 (17:47 +0000)]
Updating minified JavaScript files
Alexander Ebert [Tue, 2 Mar 2021 16:35:56 +0000 (17:35 +0100)]
Release 5.3.5
Tim Düsterhus [Mon, 1 Mar 2021 16:08:18 +0000 (17:08 +0100)]
Merge branch '5.2' into 5.3
Tim Düsterhus [Mon, 1 Mar 2021 16:08:05 +0000 (17:08 +0100)]
Merge branch '3.1' into 5.2
Tim Düsterhus [Mon, 1 Mar 2021 16:07:24 +0000 (17:07 +0100)]
Merge branch '3.0' into 3.1
Tim Düsterhus [Mon, 1 Mar 2021 16:01:25 +0000 (17:01 +0100)]
Release 3.0.27
Tim Düsterhus [Mon, 1 Mar 2021 15:59:43 +0000 (16:59 +0100)]
Tim Düsterhus [Mon, 1 Mar 2021 15:55:23 +0000 (16:55 +0100)]
Add upgrade instructions for 2.1.24 pl 3
Marcel Werk [Mon, 1 Mar 2021 15:29:38 +0000 (16:29 +0100)]
Merge pull request #4044 from WoltLab/commentResponse-avatar
Fix avatar size in commentResponseList.tpl
Tim Düsterhus [Mon, 1 Mar 2021 14:49:00 +0000 (15:49 +0100)]
Fix avatar size in commentResponseList.tpl
see
72c85f64e77a014ebb4a0358424578ce62f5f893
Resolves #4042
Tim Düsterhus [Fri, 26 Feb 2021 11:01:57 +0000 (12:01 +0100)]
Disable attachment scaling for GIFs
Resolves #4030
Alexander Ebert [Wed, 24 Feb 2021 15:56:30 +0000 (16:56 +0100)]
Reset the internal state of the embedded object manager to its previous state (#4021)
* Reset the internal state of the embedded object manager to its previous state
See #4018
* Isolate the active message for each call
* Typo
* Redundant call to a semi internal API
* Explicit global scope for `array_pop`
Tim Düsterhus [Tue, 23 Feb 2021 14:12:19 +0000 (15:12 +0100)]
Merge branch '5.2' into 5.3
Tim Düsterhus [Tue, 23 Feb 2021 14:11:55 +0000 (15:11 +0100)]
Properly handle empty logfiles in ExceptionLogUtil::splitLog()
Tim Düsterhus [Tue, 23 Feb 2021 14:10:22 +0000 (15:10 +0100)]
Properly handle corrupted or huge log files in exception mailer
Alexander Ebert [Tue, 23 Feb 2021 09:27:07 +0000 (10:27 +0100)]
Race condition when subscribing to the same object in parallel
Tim Düsterhus [Tue, 23 Feb 2021 08:48:09 +0000 (09:48 +0100)]
Merge branch '5.2' into 5.3
Tim Düsterhus [Tue, 23 Feb 2021 08:47:42 +0000 (09:47 +0100)]
Merge branch '3.1' into 5.2
Tim Düsterhus [Tue, 23 Feb 2021 08:46:31 +0000 (09:46 +0100)]
Match all prefixes for store.woltlab.com in PackageAction::validateSearchForPurchasedItems()
see #3910
Tim Düsterhus [Tue, 23 Feb 2021 08:13:05 +0000 (09:13 +0100)]
Remove return types from ContactRecipient for 5.3
Alexander Ebert [Mon, 22 Feb 2021 23:15:17 +0000 (00:15 +0100)]
Generic error messages for failed text option validation
Alexander Ebert [Mon, 22 Feb 2021 23:05:56 +0000 (00:05 +0100)]
Uploading too many attachments yields an incorrect error type
Alexander Ebert [Mon, 22 Feb 2021 23:01:26 +0000 (00:01 +0100)]
Restrict the maximum length of menu items
Alexander Ebert [Mon, 22 Feb 2021 22:56:14 +0000 (23:56 +0100)]
Clicking on notifications did not close the user menu overlay
Alexander Ebert [Mon, 22 Feb 2021 22:39:56 +0000 (23:39 +0100)]
Remove inaccessible search results
Alexander Ebert [Mon, 22 Feb 2021 22:23:29 +0000 (23:23 +0100)]
Requesting the preview caused Firefox to submit the form
Tim Düsterhus [Thu, 18 Feb 2021 10:08:05 +0000 (11:08 +0100)]
Fix use of localized recipient email addresses in contact form
Tim Düsterhus [Tue, 16 Feb 2021 11:40:15 +0000 (12:40 +0100)]
Merge branch '5.2' into 5.3
Tim Düsterhus [Tue, 16 Feb 2021 11:40:03 +0000 (12:40 +0100)]
Merge branch '3.1' into 5.2
Tim Düsterhus [Tue, 16 Feb 2021 11:38:24 +0000 (12:38 +0100)]
Merge branch '3.0' into 3.1
Tim Düsterhus [Tue, 16 Feb 2021 11:37:59 +0000 (12:37 +0100)]
Merge pull request #3997 from WoltLab/major-upgrade-no-upload
Reject major com.woltlab.wcf upgrades via package upload
Tim Düsterhus [Tue, 16 Feb 2021 11:11:21 +0000 (12:11 +0100)]
Reject major com.woltlab.wcf upgrades via package upload
Tim Düsterhus [Tue, 16 Feb 2021 08:23:58 +0000 (09:23 +0100)]
Stream the response in ImageProxyAction
see
5fc80baf9a348a63baaaa6fa150b1732adfc9f3c
Tim Düsterhus [Tue, 16 Feb 2021 08:18:58 +0000 (09:18 +0100)]
Merge branch '5.2' into 5.3
Sir-Will [Mon, 15 Feb 2021 18:48:20 +0000 (19:48 +0100)]
Fixes twitch clips which contain a dash char
Twitch clips can contain a dash (´-`).
Example: https://clips.twitch.tv/NeighborlyManlyBaconMikeHogu-_9zfXbRK47vik1WO
Resolves #3996
joshuaruesweg [Sun, 14 Feb 2021 12:37:54 +0000 (13:37 +0100)]
Merge branch '5.2' into 5.3
joshuaruesweg [Sun, 14 Feb 2021 12:35:03 +0000 (13:35 +0100)]
Fix deleting an empty list of objects
It can happen that content that was previously counted no longer exists and therefore fewer runs are required than initially assumed. This can happen if, for example, a user's posts and threads are deleted and the user has only written posts in his or her own threads (the posts are then deleted along with the threads). This may have led to errors before because an empty list of objects was passed.
Tim Düsterhus [Fri, 12 Feb 2021 14:55:58 +0000 (15:55 +0100)]
Merge pull request #3992 from WoltLab/export-mail-address-permission
Bind exportMailAddress bulk process to `canEditMailAddress` instead of `canMailUser`
Tim Düsterhus [Fri, 12 Feb 2021 14:46:44 +0000 (15:46 +0100)]
Bind exportMailAddress bulk process to `canEditMailAddress` instead of `canMailUser`
Unfortunately the `permissions` form a logical disjunction, not a conjunction,
thus we can't check both permissions. The `canEditMailAddress` is more fitting,
because even without `canMailUser` the admin could simply look up all users
manually if they are allowed to edit (and thus see) mail addresses. It's just a
larger effort.
Resolves #3963
Tim Düsterhus [Thu, 11 Feb 2021 15:57:19 +0000 (16:57 +0100)]
Tim Düsterhus [Thu, 11 Feb 2021 15:55:15 +0000 (16:55 +0100)]
Deprecate \wcf\util\exception\HTTPException
see
5ff8745012d43b1bcdc5df3c74a19532379d182f
Marcel Werk [Thu, 11 Feb 2021 08:52:51 +0000 (09:52 +0100)]
Merge branch '5.2' into 5.3
Marcel Werk [Thu, 11 Feb 2021 08:52:33 +0000 (09:52 +0100)]
Additional template event in articleAdd template
Matthias Schmidt [Fri, 5 Feb 2021 10:33:18 +0000 (11:33 +0100)]
Merge branch '5.2' into 5.3
Matthias Schmidt [Fri, 5 Feb 2021 10:33:03 +0000 (11:33 +0100)]
Fix mixed boolean operators in condition in `TI18nFormField::validate()`
… and improve the preceding comment.
See #3926
Matthias Schmidt [Wed, 3 Feb 2021 15:12:48 +0000 (16:12 +0100)]
Tim Düsterhus [Wed, 3 Feb 2021 14:57:05 +0000 (15:57 +0100)]
Download Google fonts before validating the individual SCSS
The individual SCSS will compile the style and this compiled CSS will later be
used for the style itself.
When first downloading a new Google font the font will not yet be available
during this test, thus the necessary CSS will not be included which in turn
will cause the font to fail to display.
Tim Düsterhus [Wed, 3 Feb 2021 09:07:47 +0000 (10:07 +0100)]
Merge branch '5.2' into 5.3
Tim Düsterhus [Wed, 3 Feb 2021 09:06:55 +0000 (10:06 +0100)]
Merge branch '3.1' into 5.2
Tim Düsterhus [Wed, 3 Feb 2021 09:06:19 +0000 (10:06 +0100)]
Merge branch '3.0' into 3.1
Tim Düsterhus [Wed, 3 Feb 2021 08:18:31 +0000 (09:18 +0100)]
Fix typo in phrases
Matthias Schmidt [Tue, 2 Feb 2021 12:26:39 +0000 (13:26 +0100)]
Merge branch '5.2' into 5.3
Matthias Schmidt [Tue, 2 Feb 2021 12:26:09 +0000 (13:26 +0100)]
Ignore name of primary keys during creation (#3921)
Marcel Werk [Tue, 2 Feb 2021 10:28:22 +0000 (11:28 +0100)]
Long file name caused SQL error
Alexander Ebert [Mon, 1 Feb 2021 12:07:47 +0000 (13:07 +0100)]
Release 5.3.4
Alexander Ebert [Mon, 1 Feb 2021 12:04:25 +0000 (13:04 +0100)]
Merge branch '5.2' into 5.3
Alexander Ebert [Mon, 1 Feb 2021 12:00:53 +0000 (13:00 +0100)]
Release 5.2.12
Alexander Ebert [Mon, 1 Feb 2021 11:59:33 +0000 (12:59 +0100)]
Merge branch '3.1' into 5.2
Alexander Ebert [Mon, 1 Feb 2021 11:56:07 +0000 (12:56 +0100)]
Release 3.1.20
Alexander Ebert [Mon, 1 Feb 2021 11:55:02 +0000 (12:55 +0100)]
Merge branch '3.0' into 3.1
Alexander Ebert [Mon, 1 Feb 2021 11:50:17 +0000 (12:50 +0100)]
Release 3.0.26
Alexander Ebert [Mon, 1 Feb 2021 11:48:01 +0000 (12:48 +0100)]
Merge branch '5.2' into 5.3
Alexander Ebert [Mon, 1 Feb 2021 11:47:42 +0000 (12:47 +0100)]
Merge branch '3.1' into 5.2
Alexander Ebert [Mon, 1 Feb 2021 11:47:24 +0000 (12:47 +0100)]
Merge branch '3.0' into 3.1
Alexander Ebert [Mon, 1 Feb 2021 11:47:09 +0000 (12:47 +0100)]
Missing check for accessible user groups
Alexander Ebert [Mon, 1 Feb 2021 11:38:59 +0000 (12:38 +0100)]
Merge branch '3.0' into 3.1
Alexander Ebert [Mon, 1 Feb 2021 11:38:49 +0000 (12:38 +0100)]
Notify users of the expiring support
projects / GitHub / WoltLab / WCF.git / log