GitHub/WoltLab/WCF.git
2 years agoAlways restrict valid template modifiers to an allow list
Tim Düsterhus [Wed, 11 May 2022 12:32:19 +0000 (14:32 +0200)]
Always restrict valid template modifiers to an allow list

Previously this allow list was only used in enterprise mode, but it is
generally a useful security feature. Thus the allow list previously known as
`$enterpriseFunctions` is applied in call cases.

This also makes it easier for developers, as there will be less differences
between the enterprise mode and the non-enterprise mode.

As before this allow list can easily be extended if a useful function is
missing from it.

2 years agoAdd update_com.woltlab.wcf_5.5_checkSystemRequirements.php
Tim Düsterhus [Wed, 11 May 2022 12:02:15 +0000 (14:02 +0200)]
Add update_com.woltlab.wcf_5.5_checkSystemRequirements.php

see 48b47a4a8ba0260d52226c80063ebac081fa719b

2 years agoDrop obsolete upgrade instructions from 5.4 to 5.5
Tim Düsterhus [Wed, 11 May 2022 09:40:37 +0000 (11:40 +0200)]
Drop obsolete upgrade instructions from 5.4 to 5.5

2 years agoMerge branch '5.5'
Tim Düsterhus [Wed, 11 May 2022 09:39:22 +0000 (11:39 +0200)]
Merge branch '5.5'

2 years agoMerge branch '5.4' into 5.5
Tim Düsterhus [Wed, 11 May 2022 09:39:12 +0000 (11:39 +0200)]
Merge branch '5.4' into 5.5

2 years agoDrop obsolete update_com.woltlab.wcf_5.4.15_deleteDsStore.php
Tim Düsterhus [Wed, 11 May 2022 09:38:47 +0000 (11:38 +0200)]
Drop obsolete update_com.woltlab.wcf_5.4.15_deleteDsStore.php

2 years agoDrop obsolete fileDelete_5.5.xml
Tim Düsterhus [Wed, 11 May 2022 09:37:38 +0000 (11:37 +0200)]
Drop obsolete fileDelete_5.5.xml

2 years agoMerge branch '5.5'
Tim Düsterhus [Wed, 11 May 2022 08:41:46 +0000 (10:41 +0200)]
Merge branch '5.5'

2 years agoFix language items in recommended section of system requirements in WCFSetup
Tim Düsterhus [Wed, 11 May 2022 08:40:35 +0000 (10:40 +0200)]
Fix language items in recommended section of system requirements in WCFSetup

see 3445cbe2a005ead9843d9e17709a915631dd11b5
see e88d06dc88bc263b7424fbccfa47c13907413b8c

2 years agoRun php-cs-fixer using PHP 8.1
Tim Düsterhus [Wed, 11 May 2022 08:01:03 +0000 (10:01 +0200)]
Run php-cs-fixer using PHP 8.1

2 years agoMerge pull request #4782 from WoltLab/system-requirements
Tim Düsterhus [Wed, 11 May 2022 07:58:47 +0000 (09:58 +0200)]
Merge pull request #4782 from WoltLab/system-requirements

Increase minimum PHP requirement

2 years agoRelease 5.5.0 Beta 2 5.5.0_Beta_2
Alexander Ebert [Tue, 10 May 2022 20:58:18 +0000 (22:58 +0200)]
Release 5.5.0 Beta 2

2 years agoIncorrect dialog position on smartphones
Alexander Ebert [Tue, 10 May 2022 16:06:08 +0000 (18:06 +0200)]
Incorrect dialog position on smartphones

See https://www.woltlab.com/community/thread/295560-neues-thema-erstellen-au%C3%9Ferhalb-des-bildschirms/

2 years agoFix php.yml workflow
Tim Düsterhus [Tue, 10 May 2022 15:36:21 +0000 (17:36 +0200)]
Fix php.yml workflow

see 7cb8935ef0ef6707e0ed1cb8fe26ac17dd155400

2 years agoUpgrade laminas/laminas-httphandlerrunner to 2.1.0
Tim Düsterhus [Mon, 9 May 2022 09:04:51 +0000 (11:04 +0200)]
Upgrade laminas/laminas-httphandlerrunner to 2.1.0

2 years agoTighten up version constraints in composer.json
Tim Düsterhus [Mon, 9 May 2022 09:02:43 +0000 (11:02 +0200)]
Tighten up version constraints in composer.json

2 years agoRemove obsolete Symfony polyfills
Tim Düsterhus [Mon, 9 May 2022 09:00:44 +0000 (11:00 +0200)]
Remove obsolete Symfony polyfills

2 years agoUpdate PHP platform version in composer.json
Tim Düsterhus [Mon, 9 May 2022 09:00:13 +0000 (11:00 +0200)]
Update PHP platform version in composer.json

2 years agoRemove PHP < 8.1 from php.yml workflow
Tim Düsterhus [Mon, 9 May 2022 08:59:06 +0000 (10:59 +0200)]
Remove PHP < 8.1 from php.yml workflow

2 years agoIncrease minimum PHP version to 8.1.2
Tim Düsterhus [Mon, 9 May 2022 08:58:47 +0000 (10:58 +0200)]
Increase minimum PHP version to 8.1.2

2 years agoAdd the 5.5 branch to GitHub workflows
Tim Düsterhus [Tue, 10 May 2022 15:33:34 +0000 (17:33 +0200)]
Add the 5.5 branch to GitHub workflows

2 years agoRelease 5.5.0 Beta 1 5.5.0_Beta_1
Alexander Ebert [Tue, 10 May 2022 14:30:34 +0000 (16:30 +0200)]
Release 5.5.0 Beta 1

2 years agoRemoved the upgrade instructions from 5.4.*
Alexander Ebert [Tue, 10 May 2022 14:12:26 +0000 (16:12 +0200)]
Removed the upgrade instructions from 5.4.*

2 years agoUpdating minified JavaScript files
WoltLab [Tue, 10 May 2022 13:53:32 +0000 (13:53 +0000)]
Updating minified JavaScript files

2 years agoMerge branch '5.4'
Tim Düsterhus [Tue, 10 May 2022 07:26:40 +0000 (09:26 +0200)]
Merge branch '5.4'

2 years agoFix English versions of `wcf.user.security.multifactor.backup.authenticationEmail...
Tim Düsterhus [Tue, 10 May 2022 07:25:42 +0000 (09:25 +0200)]
Fix English versions of `wcf.user.security.multifactor.backup.authenticationEmail.body.*`

The phrases contained broken template scripting, due to the use of the `'`
apostroph within a single quoted string.

2 years agoDialogs could become too wide with lots of text
Alexander Ebert [Mon, 9 May 2022 13:51:17 +0000 (15:51 +0200)]
Dialogs could become too wide with lots of text

2 years agoSuppress the redundant loading indicator
Alexander Ebert [Mon, 9 May 2022 12:17:55 +0000 (14:17 +0200)]
Suppress the redundant loading indicator

See https://www.woltlab.com/community/thread/295539-doppelte-ladebalken/

2 years agoMerge pull request #4781 from WoltLab/ci-check
Tim Düsterhus [Mon, 9 May 2022 11:31:31 +0000 (13:31 +0200)]
Merge pull request #4781 from WoltLab/ci-check

Flip only the file name casing on AbstractFileDeletePackageInstallationPlugin::isFilesystemCaseSensitive()

2 years agoAdd fileDelete_5.5.xml
Tim Düsterhus [Mon, 9 May 2022 10:42:53 +0000 (12:42 +0200)]
Add fileDelete_5.5.xml

These files never were part of the git repository, but were accidentally
included in an upgrade package, because an unclean source directory was used
when building the upgrade.

2 years agoFlip only the file name casing on AbstractFileDeletePackageInstallationPlugin::isFile...
Tim Düsterhus [Mon, 9 May 2022 09:06:38 +0000 (11:06 +0200)]
Flip only the file name casing on AbstractFileDeletePackageInstallationPlugin::isFilesystemCaseSensitive()

Flipping the whole path does not provide any real benefit, because we only care
about whether the file system where WoltLab Suite resides is case sensitive or
not. It does however break when `open_basedir` is configured.

2 years agoMerge branch '5.4'
Tim Düsterhus [Mon, 9 May 2022 08:49:45 +0000 (10:49 +0200)]
Merge branch '5.4'

2 years agoRemove the codestyle workflow from branches that are not master
Tim Düsterhus [Fri, 6 May 2022 13:11:45 +0000 (15:11 +0200)]
Remove the codestyle workflow from branches that are not master

2 years agoLazy loading the user’s avatar causes flashes
Alexander Ebert [Sun, 8 May 2022 11:54:02 +0000 (13:54 +0200)]
Lazy loading the user’s avatar causes flashes

Safari (macOS and iOS) does not handle lazy loaded images above the fold gracefully. This causes the user’s avatar to flicker noticeably on ever page navigation.

2 years agoMerge pull request #4779 from WoltLab/search-result-pagination
Alexander Ebert [Sun, 8 May 2022 11:42:21 +0000 (13:42 +0200)]
Merge pull request #4779 from WoltLab/search-result-pagination

Tracked the result page number in the url

2 years agoMerge pull request #4777 from WoltLab/article-comment-like-notifications
Alexander Ebert [Sun, 8 May 2022 11:38:09 +0000 (13:38 +0200)]
Merge pull request #4777 from WoltLab/article-comment-like-notifications

Notifications about reactions to article comments

2 years agoMerge pull request #4776 from WoltLab/scroll-to-comments
Alexander Ebert [Sun, 8 May 2022 11:29:21 +0000 (13:29 +0200)]
Merge pull request #4776 from WoltLab/scroll-to-comments

Scrolling to a comment not visible by default did not work

2 years agoProper prototype creation
Marcel Werk [Sat, 7 May 2022 17:11:55 +0000 (19:11 +0200)]
Proper prototype creation

2 years agoTracked the result page number in the url
Marcel Werk [Sat, 7 May 2022 17:09:50 +0000 (19:09 +0200)]
Tracked the result page number in the url

2 years agoProper history navigation for searches
Marcel Werk [Sat, 7 May 2022 16:51:22 +0000 (18:51 +0200)]
Proper history navigation for searches

2 years agoTrack the page number of search result in the url
Marcel Werk [Sat, 7 May 2022 16:38:01 +0000 (18:38 +0200)]
Track the page number of search result in the url

2 years agoVisual separator for specialized search filters
Alexander Ebert [Sat, 7 May 2022 16:13:12 +0000 (18:13 +0200)]
Visual separator for specialized search filters

See https://www.woltlab.com/community/thread/295502-kategorie-auswahl-ist-verrutscht/

2 years agoMerge branch '5.4'
Marcel Werk [Sat, 7 May 2022 15:42:08 +0000 (17:42 +0200)]
Merge branch '5.4'

2 years agoMerge branch '5.3' into 5.4
Marcel Werk [Sat, 7 May 2022 15:41:59 +0000 (17:41 +0200)]
Merge branch '5.3' into 5.4

2 years agoMerge branch '5.2' into 5.3
Marcel Werk [Sat, 7 May 2022 15:41:46 +0000 (17:41 +0200)]
Merge branch '5.2' into 5.3

2 years agoRevert "Show always an no selection option in custom select options build with the...
Marcel Werk [Sat, 7 May 2022 15:40:48 +0000 (17:40 +0200)]
Revert "Show always an no selection option in custom select options build with the OptionHandler"

This reverts commit 6fef8b82e15794eee5317e6b15bb0670f137315c.

2 years agoIncorrect margin of `.formSubmit` in dialogs
Alexander Ebert [Sat, 7 May 2022 14:59:03 +0000 (16:59 +0200)]
Incorrect margin of `.formSubmit` in dialogs

This was caused by the negative margin introduced in 1d224f10cdd05e7f5d09f869ee1fbbbdff025749 which caused the calculation to be off by 10px, causing a visible gap.

See https://www.woltlab.com/community/thread/295497-fehlerhafte-mobile-darstellung-von-dialogen/

2 years agoRemoved obsolete imports
Marcel Werk [Fri, 6 May 2022 21:54:31 +0000 (23:54 +0200)]
Removed obsolete imports

2 years agoNotifications about reactions to article comments
Marcel Werk [Fri, 6 May 2022 21:47:38 +0000 (23:47 +0200)]
Notifications about reactions to article comments

2 years agoUse generic trait in existing notifications for article comments
Marcel Werk [Fri, 6 May 2022 21:47:11 +0000 (23:47 +0200)]
Use generic trait in existing notifications for article comments

2 years agoAdded generic trait for article comment tests
Marcel Werk [Fri, 6 May 2022 21:46:46 +0000 (23:46 +0200)]
Added generic trait for article comment tests

2 years agoNotification type was not hidden when modules were disabled
Marcel Werk [Fri, 6 May 2022 15:57:21 +0000 (17:57 +0200)]
Notification type was not hidden when modules were disabled

2 years agoScrolling to a comment not visible by default did not work
Marcel Werk [Fri, 6 May 2022 15:49:54 +0000 (17:49 +0200)]
Scrolling to a comment not visible by default did not work

2 years agoInline editors had been not initialized properly
Alexander Ebert [Fri, 6 May 2022 15:27:59 +0000 (17:27 +0200)]
Inline editors had been not initialized properly

2 years agoUnified phrases
Marcel Werk [Fri, 6 May 2022 15:19:44 +0000 (17:19 +0200)]
Unified phrases

2 years agoMerge pull request #4774 from WoltLab/focus-trap-tabbable
Tim Düsterhus [Fri, 6 May 2022 07:20:09 +0000 (09:20 +0200)]
Merge pull request #4774 from WoltLab/focus-trap-tabbable

Update focus-trap and tabbable npm dependencies

2 years agoFix dependency sync check in javascript.yml
Tim Düsterhus [Fri, 6 May 2022 07:17:19 +0000 (09:17 +0200)]
Fix dependency sync check in javascript.yml

2 years agoAdd check that dependencies are in sync to javascript.yml
Tim Düsterhus [Fri, 6 May 2022 07:12:15 +0000 (09:12 +0200)]
Add check that dependencies are in sync to javascript.yml

2 years agoUpdate focus-trap and tabbable npm dependencies
Tim Düsterhus [Thu, 5 May 2022 13:25:48 +0000 (15:25 +0200)]
Update focus-trap and tabbable npm dependencies

2 years agoMerge branch '5.4'
Tim Düsterhus [Thu, 5 May 2022 13:24:11 +0000 (15:24 +0200)]
Merge branch '5.4'

2 years agoUpdate npm dependencies
Tim Düsterhus [Thu, 5 May 2022 13:23:19 +0000 (15:23 +0200)]
Update npm dependencies

2 years agoAdd PHP 8.1 to the php.yml workflow
Tim Düsterhus [Thu, 5 May 2022 12:52:05 +0000 (14:52 +0200)]
Add PHP 8.1 to the php.yml workflow

2 years agoDrop obsolete exclude in php.yml workflow
Tim Düsterhus [Thu, 5 May 2022 12:42:57 +0000 (14:42 +0200)]
Drop obsolete exclude in php.yml workflow

This should no longer be required since 123aedf297e0402e6bd3562fe08e2d74e24760d1.

2 years agoUpdate version constraints in composer.json
Tim Düsterhus [Thu, 5 May 2022 09:04:03 +0000 (11:04 +0200)]
Update version constraints in composer.json

Require the currently locked versions as the minimum versions.

2 years agoMerge pull request #4772 from WoltLab/htmlpurifier-4.14
Tim Düsterhus [Thu, 5 May 2022 07:04:44 +0000 (09:04 +0200)]
Merge pull request #4772 from WoltLab/htmlpurifier-4.14

Update to ezyang/htmlpurifier 4.14.*

2 years agoLabeling for buttons (trash and delete) was identical
Marcel Werk [Wed, 4 May 2022 16:32:08 +0000 (18:32 +0200)]
Labeling for buttons (trash and delete) was identical

2 years agoUpdate to ezyang/htmlpurifier 4.14.*
Tim Düsterhus [Wed, 4 May 2022 15:32:26 +0000 (17:32 +0200)]
Update to ezyang/htmlpurifier 4.14.*

2 years agoSort dependencies in composer.json
Tim Düsterhus [Wed, 4 May 2022 15:26:27 +0000 (17:26 +0200)]
Sort dependencies in composer.json

2 years agoAdd explicit composer dependency for guzzlehttp/psr7
Tim Düsterhus [Wed, 4 May 2022 15:25:13 +0000 (17:25 +0200)]
Add explicit composer dependency for guzzlehttp/psr7

2 years agoRemove validation attributes from __sourceCodeFormField.tpl
Tim Düsterhus [Wed, 4 May 2022 13:27:22 +0000 (15:27 +0200)]
Remove validation attributes from __sourceCodeFormField.tpl

These are not supported with CodeMirror, because it only syncs the entered data
upon `submit()` which notably runs *after* validation.

see codemirror/CodeMirror#5092
Fixes #4732

2 years agoFix typo in function name in AbstractFileDeletePackageInstallationPlugin
Tim Düsterhus [Tue, 3 May 2022 21:36:15 +0000 (23:36 +0200)]
Fix typo in function name in AbstractFileDeletePackageInstallationPlugin

This must be `strtr` not `strstr`.

see #4714

2 years agoLoad the page logo using the `eager` policy
Alexander Ebert [Wed, 4 May 2022 12:34:15 +0000 (14:34 +0200)]
Load the page logo using the `eager` policy

Using `loading="lazy"` for the page logo causes the image to flicker noticeably in Safari on both macOS and iOS.

See https://www.woltlab.com/community/thread/295403-logo-auf-der-startseite-beim-aktualisieren-ein-rechteck/

2 years agoMerge branch '5.4'
Tim Düsterhus [Tue, 3 May 2022 13:26:36 +0000 (15:26 +0200)]
Merge branch '5.4'

2 years agoMerge pull request #4768 from WoltLab/sitemap-page
Tim Düsterhus [Tue, 3 May 2022 13:07:53 +0000 (15:07 +0200)]
Merge pull request #4768 from WoltLab/sitemap-page

Fix handling of CMS pages in sitemap

2 years agoFix handling of CMS pages in sitemap
Tim Düsterhus [Tue, 3 May 2022 11:57:49 +0000 (13:57 +0200)]
Fix handling of CMS pages in sitemap

Delegate the visibility control and access control to the appropriate methods
in \wcf\data\page\Page instead of reimplementing it from scratch. Most notably
the inversion of the page ACL was not implemented correctly within the sitemap.

see 92fba0538afc1d88f411db1a80553af2d17c09b4
Closes #4767

Co-authored-by: mutec <mysterycode@mysterycode.de>
2 years agoRelease 5.5.0 Alpha 6 5.5.0_Alpha_6
Alexander Ebert [Mon, 2 May 2022 15:27:06 +0000 (17:27 +0200)]
Release 5.5.0 Alpha 6

2 years agoUpdating minified JavaScript files
WoltLab [Mon, 2 May 2022 15:25:33 +0000 (15:25 +0000)]
Updating minified JavaScript files

2 years agoMerge pull request #4764 from WoltLab/content-interaction-button-icons
Alexander Ebert [Mon, 2 May 2022 13:21:13 +0000 (15:21 +0200)]
Merge pull request #4764 from WoltLab/content-interaction-button-icons

Use icons in content interaction buttons

2 years agoAdapt icon dynamically to the actual sort order
Marcel Werk [Mon, 2 May 2022 10:53:35 +0000 (12:53 +0200)]
Adapt icon dynamically to the actual sort order

2 years agoRemoved a superfluous data attribute
Alexander Ebert [Mon, 2 May 2022 08:37:07 +0000 (10:37 +0200)]
Removed a superfluous data attribute

This was a temporary part of the development process.

Fixes #4765

2 years agoMerge pull request #4766 from mutec/appmanmudose
Tim Düsterhus [Mon, 2 May 2022 07:25:38 +0000 (09:25 +0200)]
Merge pull request #4766 from mutec/appmanmudose

fix application management in multi domain setups

2 years agofix application management in multi domain setups
mutec [Sun, 1 May 2022 20:53:53 +0000 (22:53 +0200)]
fix application management in multi domain setups

Changing the landing pages of apps was failing since the domain name for single-domain-setups was validated for any case, but is not set when using a multi-domain-setup.
This lead to an un-meaningful error-message saying something is incorrect.

2 years agoPage change in search results scrolls to top automatically
Marcel Werk [Sun, 1 May 2022 17:54:36 +0000 (19:54 +0200)]
Page change in search results scrolls to top automatically

2 years agoAdded parameter to configure the scroll behavior
Marcel Werk [Sun, 1 May 2022 17:54:24 +0000 (19:54 +0200)]
Added parameter to configure the scroll behavior

2 years agoIncorrect pronoun in article comment notifications
Marcel Werk [Sun, 1 May 2022 17:29:01 +0000 (19:29 +0200)]
Incorrect pronoun in article comment notifications

2 years agoReduced size of form submit buttons (on mobile)
Marcel Werk [Sun, 1 May 2022 12:42:14 +0000 (14:42 +0200)]
Reduced size of form submit buttons (on mobile)

2 years agoSwapped the position of the user and page menu
Alexander Ebert [Sun, 1 May 2022 09:18:03 +0000 (11:18 +0200)]
Swapped the position of the user and page menu

See https://www.woltlab.com/community/thread/295422-position-des-hamburger-men%C3%BCs/

2 years agoUse icons in content interaction buttons
Marcel Werk [Fri, 29 Apr 2022 16:22:52 +0000 (18:22 +0200)]
Use icons in content interaction buttons

2 years agoStop hiding icons in content interaction buttons
Marcel Werk [Fri, 29 Apr 2022 16:22:40 +0000 (18:22 +0200)]
Stop hiding icons in content interaction buttons

2 years agoMerge pull request #4753 from WoltLab/article-timestamp
Marcel Werk [Fri, 29 Apr 2022 15:10:13 +0000 (17:10 +0200)]
Merge pull request #4753 from WoltLab/article-timestamp

Ensures that the date of a published article is not in the future.

2 years agoShow error message if article date is in the future
Marcel Werk [Fri, 29 Apr 2022 14:38:15 +0000 (16:38 +0200)]
Show error message if article date is in the future

2 years agoRelease 5.5.0 Alpha 5 5.5.0_Alpha_5
Alexander Ebert [Fri, 29 Apr 2022 11:31:26 +0000 (13:31 +0200)]
Release 5.5.0 Alpha 5

2 years agoUpdating minified JavaScript files
WoltLab [Fri, 29 Apr 2022 11:30:00 +0000 (11:30 +0000)]
Updating minified JavaScript files

2 years agoMerge pull request #4763 from WoltLab/user-profile-buttons
Alexander Ebert [Fri, 29 Apr 2022 11:18:14 +0000 (13:18 +0200)]
Merge pull request #4763 from WoltLab/user-profile-buttons

Overhauled user profile buttons

2 years agoIgnore connection errors caused by page navigation
Alexander Ebert [Thu, 28 Apr 2022 17:45:12 +0000 (19:45 +0200)]
Ignore connection errors caused by page navigation

See WoltLab/com.woltlab.wbb#539

2 years agoDelay menu interaction until the page is loaded
Alexander Ebert [Thu, 28 Apr 2022 16:30:02 +0000 (18:30 +0200)]
Delay menu interaction until the page is loaded

User menu providers are registered asynchronously and the UI does not know once they are all ready.

See https://www.woltlab.com/community/thread/295264-userpanel-l%C3%A4dt-unvollst%C3%A4ndig/

2 years agoSimplified the code logic
Alexander Ebert [Thu, 28 Apr 2022 14:58:46 +0000 (16:58 +0200)]
Simplified the code logic

2 years agoUse icons to represent the moderation queue types
Alexander Ebert [Thu, 28 Apr 2022 14:09:12 +0000 (16:09 +0200)]
Use icons to represent the moderation queue types

Fixes #4742

2 years agoAdded standalone button for "edit profile"
Marcel Werk [Thu, 28 Apr 2022 14:03:21 +0000 (16:03 +0200)]
Added standalone button for "edit profile"

2 years agoRemoved duplicate link to avatar form
Marcel Werk [Thu, 28 Apr 2022 13:53:12 +0000 (15:53 +0200)]
Removed duplicate link to avatar form

The avatar itself is already linked to the avatar form.