Alexander Ebert [Fri, 7 Aug 2020 17:35:11 +0000 (19:35 +0200)]
Merge pull request #3482 from WoltLab/style-image-upload
Add upload for custom style assets
Joshua Rüsweg [Fri, 7 Aug 2020 14:04:58 +0000 (16:04 +0200)]
Use a more defined description
Co-authored-by: Tim Düsterhus <duesterhus@woltlab.com>
joshuaruesweg [Fri, 7 Aug 2020 13:45:11 +0000 (15:45 +0200)]
Merge branch '5.2'
joshuaruesweg [Fri, 7 Aug 2020 13:43:27 +0000 (15:43 +0200)]
Remove superfluous `array_unique` call
No double value can occur in the array. When deleting, we already check if the object still exists in our file array and delete it only if it really still exists.
Marcel Werk [Fri, 7 Aug 2020 10:43:47 +0000 (12:43 +0200)]
Merge pull request #3488 from WoltLab/external-link-handling
External link handling
Marcel Werk [Fri, 7 Aug 2020 10:11:10 +0000 (12:11 +0200)]
Applied suggestions
Tim Düsterhus [Fri, 7 Aug 2020 09:56:58 +0000 (11:56 +0200)]
Fix return value of sort callback in TemplateListPage
Found using PHP 8's new warning:
> Message: uasort(): Returning bool from comparison function is deprecated,
> return an integer less than, equal to, or greater than zero
Tim Düsterhus [Fri, 7 Aug 2020 09:42:09 +0000 (11:42 +0200)]
Merge branch '5.2' into master
Tim Düsterhus [Fri, 7 Aug 2020 09:31:45 +0000 (11:31 +0200)]
Fix PHP 8 compatibility for WCFSetup's error handler
see
0267fa9af7e18aa6449726f748e672cdac192d12
Marcel Werk [Fri, 7 Aug 2020 08:28:47 +0000 (10:28 +0200)]
Applied suggestions
Marcel Werk [Fri, 7 Aug 2020 08:18:00 +0000 (10:18 +0200)]
Merge pull request #3487 from WoltLab/improved-package-search-results
Improve results when searching for packages
Alexander Ebert [Thu, 6 Aug 2020 22:14:51 +0000 (00:14 +0200)]
Merge pull request #3477 from WoltLab/style-cleanup-update
Add update script for style cleanup
Marcel Werk [Thu, 6 Aug 2020 21:24:22 +0000 (23:24 +0200)]
Added rel attribute for external links in menus
Marcel Werk [Thu, 6 Aug 2020 21:19:27 +0000 (23:19 +0200)]
Add rel="ugc" for links within user generated content
Marcel Werk [Thu, 6 Aug 2020 20:45:09 +0000 (22:45 +0200)]
isInternalURL() treats everything as internal that resides on the same subdomain
Marcel Werk [Thu, 6 Aug 2020 20:37:05 +0000 (22:37 +0200)]
Removed EXTERNAL_LINK_REL_NOFOLLOW
Marcel Werk [Thu, 6 Aug 2020 20:36:49 +0000 (22:36 +0200)]
New method to generate attributes for <a> tags
Marcel Werk [Thu, 6 Aug 2020 20:35:54 +0000 (22:35 +0200)]
Use of StringUtil::getAnchorTag()
Marcel Werk [Thu, 6 Aug 2020 19:51:51 +0000 (21:51 +0200)]
use StringUtil::getAnchorTag()
Alexander Ebert [Thu, 6 Aug 2020 17:24:52 +0000 (19:24 +0200)]
Merge pull request #3486 from Krymonota/use-generic-default-cookie-prefix
Use generic value for default cookie prefix
Marcel Werk [Thu, 6 Aug 2020 15:47:47 +0000 (17:47 +0200)]
Fixed image path issue
Marcel Werk [Thu, 6 Aug 2020 15:42:47 +0000 (17:42 +0200)]
Improve results when searching for packages
Closes #3407
Niklas (Krymonota) [Thu, 6 Aug 2020 15:23:31 +0000 (17:23 +0200)]
Use generic value for default cookie prefix
... so that it doesn't have to be adjusted for new versions.
Marcel Werk [Thu, 6 Aug 2020 14:26:20 +0000 (16:26 +0200)]
Merge branch '5.2'
Marcel Werk [Thu, 6 Aug 2020 14:25:45 +0000 (16:25 +0200)]
Added missing informal variant
Tim Düsterhus [Thu, 6 Aug 2020 12:59:46 +0000 (14:59 +0200)]
Merge pull request #3484 from WoltLab/wcfsetup-cookietest
Detect misconfigured hostnames during WCFSetup
Tim Düsterhus [Thu, 6 Aug 2020 12:38:02 +0000 (14:38 +0200)]
Detect misconfigured hostnames during WCFSetup
Misconfigured reverse reverse proxies might rewrite the `host` header to the
upstream's hostname, instead of preserving the `host` as it was sent by the
web browser. Such a misconfiguration will cause WoltLab Suite to generate
incorrect absolute URLs and more importantly this also causes it to specify
an incorrect `domain` within cookies. The latter leads to the browser ignoring
the cookie. At the end of WCFSetup this ultimately leads to the ACP session
cookie being ignored, which in turn leads to failing the transition from
WCFSetup into the package installation. Instead the user will be bounced to
the LoginForm which fails to load, because the necessary option.xml was not
yet installed.
An example HAProxy configuration that reproduces the issue is as follows:
listen test
mode http
bind *:80
http-request set-header host 172.19.0.5
server nginx 172.19.0.5:80
If the WCFSetup is accepted via any hostname that is not `172.19.0.5`, e.g.
by using `localhost` then cookies will fail to stick within the web browser.
This commit extends the system requirements step to:
- Compare the HTTP_HOST as seen by the web server against both:
1) The `Referer` header.
2) The `window.location.host` value in JavaScript.
If any of those mismatches, then the web server is not correctly configured.
- Read a cookie that was set earlier.
If this cookie is missing, then most likely the `domain` property was
incorrectly specified.
This commit most likely resolves #3024.
Tim Düsterhus [Wed, 5 Aug 2020 14:22:35 +0000 (16:22 +0200)]
Merge branch '5.2' into master
Tim Düsterhus [Wed, 5 Aug 2020 14:21:45 +0000 (16:21 +0200)]
Merge branch '3.1' into 5.2
Tim Düsterhus [Wed, 5 Aug 2020 14:17:16 +0000 (16:17 +0200)]
Fix PHP 5.5 compatibility
see
b044815dd9b6509fc44219684d7076cd28a80aa6
see #3480
Matthias Schmidt [Wed, 5 Aug 2020 13:51:11 +0000 (15:51 +0200)]
Merge branch '5.2'
Matthias Schmidt [Wed, 5 Aug 2020 13:48:58 +0000 (15:48 +0200)]
Fix handling of hidden form field values via AJAX
See #3053
Tim Düsterhus [Wed, 5 Aug 2020 13:34:58 +0000 (15:34 +0200)]
Add upload for custom style assets
Resolves #3364
Tim Düsterhus [Wed, 5 Aug 2020 11:54:50 +0000 (13:54 +0200)]
Fix UploadField::supportMultipleFiles() for unlimited maxFiles
Tim Düsterhus [Wed, 5 Aug 2020 11:37:45 +0000 (13:37 +0200)]
Do not hardcode the style's asset path in the update script
Co-authored-by: Alexander Ebert <ebert@woltlab.com>
Alexander Ebert [Wed, 5 Aug 2020 10:57:55 +0000 (12:57 +0200)]
Merge branch '5.2'
Alexander Ebert [Wed, 5 Aug 2020 10:57:22 +0000 (12:57 +0200)]
Merge branch '3.1' into 5.2
Alexander Ebert [Wed, 5 Aug 2020 10:56:18 +0000 (12:56 +0200)]
Merge pull request #3462 from SoftCreatR/patch-14
Add detection for Chromium based Edge browser
Alexander Ebert [Wed, 5 Aug 2020 10:54:21 +0000 (12:54 +0200)]
Merge branch '5.2'
Alexander Ebert [Wed, 5 Aug 2020 10:51:35 +0000 (12:51 +0200)]
Merge pull request #3471 from WoltLab/disable-spider-visit-tracking
Disable visit tracking for search engines
Tim Düsterhus [Wed, 5 Aug 2020 10:07:01 +0000 (12:07 +0200)]
Merge branch '5.2' into master
Tim Düsterhus [Wed, 5 Aug 2020 10:06:26 +0000 (12:06 +0200)]
Merge branch '3.1' into 5.2
Tim Düsterhus [Wed, 5 Aug 2020 10:05:08 +0000 (12:05 +0200)]
Do not decrement wcf1_user.articles when deleting unpublished articles
see
b044815dd9b6509fc44219684d7076cd28a80aa6
see #3480
Tim Düsterhus [Wed, 5 Aug 2020 10:00:31 +0000 (12:00 +0200)]
Merge branch '5.2' into master
Tim Düsterhus [Wed, 5 Aug 2020 09:59:38 +0000 (11:59 +0200)]
Merge branch '3.1' into 5.2
Tim Düsterhus [Wed, 5 Aug 2020 09:58:13 +0000 (11:58 +0200)]
Update wcf1_user.articles when deleting articles
Fixes #3480
Marcel Werk [Wed, 5 Aug 2020 09:23:54 +0000 (11:23 +0200)]
Merge pull request #3479 from WoltLab/jump-to-content
Rename "Mark as Read" button to "Jump To Content" in notification mails
Marcel Werk [Wed, 5 Aug 2020 09:16:51 +0000 (11:16 +0200)]
Improved german phrasing
Tim Düsterhus [Wed, 5 Aug 2020 09:10:09 +0000 (11:10 +0200)]
Rename "Mark as Read" button to "Jump To Content" in notification mails
Resolves #3257
Tim Düsterhus [Wed, 5 Aug 2020 07:33:33 +0000 (09:33 +0200)]
Merge pull request #3475 from WoltLab/image-scale-memory
Add checkMemoryLimit() method to ImageAdapter
Alexander Ebert [Tue, 4 Aug 2020 18:55:20 +0000 (20:55 +0200)]
Prevent the incorrect focus of the close button for confirmation dialogs
Tim Düsterhus [Tue, 4 Aug 2020 14:57:48 +0000 (16:57 +0200)]
Duplicate logo on import of pageLogo = pageLogoMobile
Fixes #3478
Tim Düsterhus [Tue, 4 Aug 2020 13:07:31 +0000 (15:07 +0200)]
Add update script for style cleanup
Resolves #3468
Tim Düsterhus [Tue, 4 Aug 2020 11:43:02 +0000 (13:43 +0200)]
Merge pull request #3456 from WoltLab/style-cleanup
Clean up asset handling of styles
Tim Düsterhus [Tue, 4 Aug 2020 08:29:28 +0000 (10:29 +0200)]
Make use of ImageAdapter::checkMemoryLimit()
Tim Düsterhus [Tue, 4 Aug 2020 08:26:34 +0000 (10:26 +0200)]
Add ImageAdapter::checkMemoryLimit()
Resolves #3229
Sascha Greuel [Sun, 26 Jul 2020 15:19:00 +0000 (17:19 +0200)]
Added detection for Chromium based Edge browser
joshuaruesweg [Mon, 3 Aug 2020 16:27:49 +0000 (18:27 +0200)]
Merge branch '5.2'
joshuaruesweg [Mon, 3 Aug 2020 16:23:12 +0000 (18:23 +0200)]
Add note, that the page.xml PIP instruction is needed with the next update
See #3474
joshuaruesweg [Mon, 3 Aug 2020 16:14:59 +0000 (18:14 +0200)]
Merge branch '3.1'
joshuaruesweg [Mon, 3 Aug 2020 16:12:07 +0000 (18:12 +0200)]
Fix updating `requireObjectID` for existing pages
Olaf Braun [Mon, 3 Aug 2020 11:34:00 +0000 (13:34 +0200)]
Add all environment to event listener (#3145)
Alexander Ebert [Mon, 3 Aug 2020 10:52:19 +0000 (12:52 +0200)]
Merge pull request #3472 from WoltLab/user-rank-live-preview
User rank live preview
Tim Düsterhus [Mon, 3 Aug 2020 10:35:57 +0000 (12:35 +0200)]
Add cache buster for pageLogo
Tim Düsterhus [Mon, 3 Aug 2020 10:33:58 +0000 (12:33 +0200)]
Remove old pageLogo(|Mobile) file when logo is deleted or updated
Tim Düsterhus [Mon, 3 Aug 2020 09:43:35 +0000 (11:43 +0200)]
Merge branch 'master' into style-cleanup
Alexander Ebert [Sat, 1 Aug 2020 17:36:02 +0000 (19:36 +0200)]
Missing semicolons
Alexander Ebert [Sat, 1 Aug 2020 17:33:53 +0000 (19:33 +0200)]
Support for custom block level tag names
Closes #3270
Alexander Ebert [Sat, 1 Aug 2020 17:28:55 +0000 (19:28 +0200)]
Prevent auto-focus on search suggestions
Closes #3263
Alexander Ebert [Sat, 1 Aug 2020 15:23:13 +0000 (17:23 +0200)]
Merge branch '5.2'
Alexander Ebert [Sat, 1 Aug 2020 15:22:54 +0000 (17:22 +0200)]
The `data-user-id` is already set by the ReactionHandler
Fixes #3463
Alexander Ebert [Sat, 1 Aug 2020 15:04:56 +0000 (17:04 +0200)]
Live preview for user ranks
Alexander Ebert [Sat, 1 Aug 2020 15:00:38 +0000 (17:00 +0200)]
Modernize the JavaScript for the live preview for labels
Inlining the JavaScript made it much easier plus prevents increasing the bundle size.
Marcel Werk [Fri, 31 Jul 2020 15:29:09 +0000 (17:29 +0200)]
Improved detection of duplicate key errors
Alexander Ebert [Fri, 31 Jul 2020 15:10:25 +0000 (17:10 +0200)]
Prevent writes to the session rather than reads
Alexander Ebert [Fri, 31 Jul 2020 11:40:37 +0000 (13:40 +0200)]
Merge branch '5.2'
Alexander Ebert [Fri, 31 Jul 2020 11:40:14 +0000 (13:40 +0200)]
Disable visit tracking for search engines
Tim Düsterhus [Fri, 31 Jul 2020 09:11:22 +0000 (11:11 +0200)]
Merge pull request #3470 from WoltLab/db-expose-driver-specific-code
Allow retrieving the driver specific error code from DatabaseQueryExe…
Tim Düsterhus [Fri, 31 Jul 2020 08:50:32 +0000 (10:50 +0200)]
Allow retrieving the driver specific error code from DatabaseQueryExecutionException
A single ANSI SQLSTATE can indicate several distinct error conditions. The
driver code appears to be unique for MySQL.
Marcel Werk [Thu, 30 Jul 2020 16:07:09 +0000 (18:07 +0200)]
Typo
Marcel Werk [Thu, 30 Jul 2020 16:06:52 +0000 (18:06 +0200)]
Typo
Marcel Werk [Thu, 30 Jul 2020 16:05:18 +0000 (18:05 +0200)]
Made use of the new method "createOrIgnore"
Marcel Werk [Thu, 30 Jul 2020 16:03:14 +0000 (18:03 +0200)]
New method that will ignore duplicate key errors while inserting rows into the database
Tim Düsterhus [Thu, 30 Jul 2020 09:26:47 +0000 (11:26 +0200)]
Revert "Whitelist `unserialize()` when running in enterprise mode"
`unserialize()` is unsafe, because it potentially allows for arbitrary
code execution.
This reverts commit
564ba8525e42c9d4677ee1ddac58c4c9c67fc113.
Tim Düsterhus [Wed, 29 Jul 2020 07:03:59 +0000 (09:03 +0200)]
Merge pull request #3467 from WoltLab/avoid-getFont
Avoid use of getFont.php
Alexander Ebert [Tue, 28 Jul 2020 16:35:22 +0000 (18:35 +0200)]
Place the code and inline-code button next to each other
Closes #3241
Tim Düsterhus [Tue, 28 Jul 2020 12:18:10 +0000 (14:18 +0200)]
Inject proper getFont() version depending on isMultiDomainSetup()
Tim Düsterhus [Tue, 28 Jul 2020 12:13:20 +0000 (14:13 +0200)]
Use getFont SCSS function
Tim Düsterhus [Tue, 28 Jul 2020 12:12:55 +0000 (14:12 +0200)]
Add getFont() SCSS helper function
Tim Düsterhus [Tue, 28 Jul 2020 10:47:47 +0000 (12:47 +0200)]
Use filename parameter of getFont.php for FontAwesome
Matthias Schmidt [Mon, 27 Jul 2020 16:45:49 +0000 (18:45 +0200)]
Merge branch '5.2'
Matthias Schmidt [Mon, 27 Jul 2020 16:44:45 +0000 (18:44 +0200)]
Clear language cache when clearing cronjob cache
Close #3465
Tim Düsterhus [Mon, 27 Jul 2020 09:33:23 +0000 (11:33 +0200)]
Fix Style::getCoverPhotoUrl()
Make sure to return an absolute URL.
Tim Düsterhus [Mon, 27 Jul 2020 09:15:30 +0000 (11:15 +0200)]
Merge branch 'master' into style-cleanup
Tim Düsterhus [Mon, 27 Jul 2020 07:22:48 +0000 (09:22 +0200)]
Merge pull request #3460 from WoltLab/ship-open-sans
Ship Open Sans by default
Marcel Werk [Fri, 24 Jul 2020 14:03:33 +0000 (16:03 +0200)]
Prevent images in comments in the sidebar box from becoming too large
Tim Düsterhus [Fri, 24 Jul 2020 11:52:37 +0000 (13:52 +0200)]
Remove Google Font Embed from ACP
Tim Düsterhus [Fri, 24 Jul 2020 11:40:39 +0000 (13:40 +0200)]
Bake Open Sans into default installation
Resolves #3458
Tim Düsterhus [Fri, 24 Jul 2020 12:13:48 +0000 (14:13 +0200)]
Unbreak WCFSetup
Tim Düsterhus [Fri, 24 Jul 2020 10:20:13 +0000 (12:20 +0200)]
Expand style upload field definitions to store image size constraints
projects / GitHub / WoltLab / WCF.git / log