Joshua Rüsweg [Fri, 6 Nov 2020 16:00:10 +0000 (17:00 +0100)]
Use constant time encoding / decoding of security critical code (#3699)
* Use `Hex::decode` to convert hex2bin
Previously we used the internal PHP function `hex2bin` which has the problem with cache-timing leaks. The Hex class converts the given string without cache-timing leaks.
* Use `Hex::encode` to convert bin2hex
Previously we used the internal PHP function `bin2hex` which has the problem with cache-timing leaks. The Hex class converts the given string without cache-timing leaks.
Matthias Schmidt [Fri, 6 Nov 2020 14:24:44 +0000 (15:24 +0100)]
Move types dev dependencies to normal dependencies
Matthias Schmidt [Fri, 6 Nov 2020 13:45:07 +0000 (14:45 +0100)]
Fix storing ids in `Ui/Dialog` elements
See
b6b1bdd4461e8a841b3d0aff02043aef5acceb3a
Alexander Ebert [Fri, 6 Nov 2020 11:46:53 +0000 (12:46 +0100)]
Merge pull request #3696 from WoltLab/54-typescript-message
Convert message modules to TypeScript
Alexander Ebert [Fri, 6 Nov 2020 11:28:59 +0000 (12:28 +0100)]
Outdated JS files
Alexander Ebert [Fri, 6 Nov 2020 11:24:15 +0000 (12:24 +0100)]
Use the twitter definitions and cleaned up the code
Tim Düsterhus [Fri, 6 Nov 2020 09:04:40 +0000 (10:04 +0100)]
Avoid using PasswordUtil
Tim Düsterhus [Fri, 6 Nov 2020 08:57:13 +0000 (09:57 +0100)]
Replace use MathUtil::getRandomValue() by random_int()
Tim Düsterhus [Fri, 6 Nov 2020 08:49:48 +0000 (09:49 +0100)]
Remove legacy auto login remains from AccountManagementForm
Alexander Ebert [Thu, 5 Nov 2020 22:22:43 +0000 (23:22 +0100)]
Use the native click event if available
Alexander Ebert [Thu, 5 Nov 2020 22:22:06 +0000 (23:22 +0100)]
Merge branch '5.3'
Alexander Ebert [Thu, 5 Nov 2020 22:20:36 +0000 (23:20 +0100)]
Convert `Ui/Message/Replay` to TypeScript
Marcel Werk [Thu, 5 Nov 2020 22:05:51 +0000 (23:05 +0100)]
Merge branch '5.2' into 5.3
Marcel Werk [Thu, 5 Nov 2020 22:05:15 +0000 (23:05 +0100)]
Use native click event if available
Alexander Ebert [Thu, 5 Nov 2020 19:05:04 +0000 (20:05 +0100)]
Convert `Controller/Captcha` to TypeScript
This module was intentionally kept as an object instead of simple function exports because of the `delete()` function being a reserved keyword.
Alexander Ebert [Thu, 5 Nov 2020 18:44:31 +0000 (19:44 +0100)]
Convert `Ui/Message/TwitterEmbed` to TypeScript
Marcel Werk [Thu, 5 Nov 2020 17:21:09 +0000 (18:21 +0100)]
Replaced <b> tags with <strong>
Alexander Ebert [Thu, 5 Nov 2020 17:20:09 +0000 (18:20 +0100)]
Convert `Ui/Message/UserConsent` to TypeScript
Alexander Ebert [Thu, 5 Nov 2020 17:07:54 +0000 (18:07 +0100)]
Convert `Ui/Message/Share` to TypeScript
Alexander Ebert [Thu, 5 Nov 2020 16:56:51 +0000 (17:56 +0100)]
Merge branch 'master' into 54-typescript-message
Alexander Ebert [Thu, 5 Nov 2020 16:34:23 +0000 (17:34 +0100)]
Merge pull request #3695 from WoltLab/54-typescript-redactor
Convert modules for Redactor to TypeScript
Alexander Ebert [Thu, 5 Nov 2020 16:27:36 +0000 (17:27 +0100)]
Filter the keys in `localStorage` before processing them
Alexander Ebert [Thu, 5 Nov 2020 16:26:03 +0000 (17:26 +0100)]
Slightly modified the `prism-meta.js` to satisfy Prettier
Alexander Ebert [Thu, 5 Nov 2020 16:20:27 +0000 (17:20 +0100)]
Convert `Ui/Message/Manager` to TypeScript
Tim Düsterhus [Thu, 5 Nov 2020 10:46:15 +0000 (11:46 +0100)]
Add paragonie/constant_time_encoding composer dependency
Alexander Ebert [Thu, 5 Nov 2020 15:09:06 +0000 (16:09 +0100)]
Convert `Ui/Message/InlineEditor` to TypeScript
Alexander Ebert [Thu, 5 Nov 2020 12:53:29 +0000 (13:53 +0100)]
Simplified code for better readability
Alexander Ebert [Thu, 5 Nov 2020 10:41:09 +0000 (11:41 +0100)]
Improved the code readability
Alexander Ebert [Thu, 5 Nov 2020 10:10:25 +0000 (11:10 +0100)]
Convert `Ui/Redactor/Table` to TypeScript
Alexander Ebert [Thu, 5 Nov 2020 09:50:47 +0000 (10:50 +0100)]
Convert `Ui/Redactor/Spoiler` to TypeScript
Alexander Ebert [Wed, 4 Nov 2020 23:48:30 +0000 (00:48 +0100)]
Convert `Ui/Redactor/Quote` to TypeScript
Alexander Ebert [Wed, 4 Nov 2020 23:20:59 +0000 (00:20 +0100)]
Convert `Ui/Redactor/Page` to TypeScript
Alexander Ebert [Wed, 4 Nov 2020 23:17:10 +0000 (00:17 +0100)]
Convert `Ui/Redactor/Mention` to TypeScript
Alexander Ebert [Wed, 4 Nov 2020 22:14:52 +0000 (23:14 +0100)]
Convert `Ui/Redactor/Link` to TypeScript
Alexander Ebert [Wed, 4 Nov 2020 19:38:15 +0000 (20:38 +0100)]
Convert `Ui/Redactor/Html` to TypeScript
Heads up! The old JS file did include references to dialogs (if was a shameless copy of `Ui/Redactor/Code`), but that was never implemented. I have removed the reminders and stripped properties/methods that have never been in use.
Alexander Ebert [Wed, 4 Nov 2020 19:27:26 +0000 (20:27 +0100)]
Incorrect handling of the default state of code blocks
Alexander Ebert [Wed, 4 Nov 2020 18:13:33 +0000 (19:13 +0100)]
`StringUtil` no longer has a circular dependency on `Language`
Alexander Ebert [Wed, 4 Nov 2020 16:24:55 +0000 (17:24 +0100)]
Make use of the s modifier to parse the highlighter file
Matthias Schmidt [Wed, 4 Nov 2020 15:16:53 +0000 (16:16 +0100)]
Delete obsolete `Ui/Poll/Editor` JS file in `ts` directory
Matthias Schmidt [Wed, 4 Nov 2020 15:15:13 +0000 (16:15 +0100)]
Convert `Ui/Poll/Editor` to TypeScript (#3690)
* Convert `Ui/Poll/Editor` to TypeScript
* Fix eslint issues in `Ui/Poll/Editor`
* Apply changes from code review
* Use prettier on `Ui/Poll/Editor`
* Scope variables in case statements in `Ui/Poll/Editor`
* Fix tsc errors in `Ui/Poll/Editor`
Alexander Ebert [Wed, 4 Nov 2020 15:04:43 +0000 (16:04 +0100)]
Convert `Ui/Redactor/Format` to TypeScript
Tim Düsterhus [Wed, 4 Nov 2020 13:04:51 +0000 (14:04 +0100)]
Make the type-only import explicit in PasswordStrength.ts
Tim Düsterhus [Wed, 4 Nov 2020 13:00:36 +0000 (14:00 +0100)]
Make prism-meta compatible with TypeScript
Alexander Ebert [Wed, 4 Nov 2020 12:36:22 +0000 (13:36 +0100)]
Export `Ui/Redactor/DragAndDrop` to TypeScript
Alexander Ebert [Wed, 4 Nov 2020 12:06:47 +0000 (13:06 +0100)]
Convert `Ui/Redactor/Code` to TypeScript
Tim Düsterhus [Wed, 4 Nov 2020 10:01:23 +0000 (11:01 +0100)]
Ignore changes to package-lock.json in workflows
Tim Düsterhus [Wed, 4 Nov 2020 09:52:05 +0000 (10:52 +0100)]
Commit package-lock.json from npm 7
Alexander Ebert [Wed, 4 Nov 2020 09:42:56 +0000 (10:42 +0100)]
Convert `Ui/Redactor/PseudoHeader` to TypeScript
Alexander Ebert [Tue, 3 Nov 2020 23:44:43 +0000 (00:44 +0100)]
Convert `Ui/Redactor/Autosave` to TypeScript
Alexander Ebert [Tue, 3 Nov 2020 23:44:27 +0000 (00:44 +0100)]
Import typings for jQuery
Alexander Ebert [Tue, 3 Nov 2020 22:32:23 +0000 (23:32 +0100)]
Convert `Ui/Redactor/Metacode` to TypeScript
Alexander Ebert [Tue, 3 Nov 2020 19:21:12 +0000 (20:21 +0100)]
Convert `Ui/Redactor/Article` to TypeScript
Alexander Ebert [Tue, 3 Nov 2020 18:45:45 +0000 (19:45 +0100)]
Upgrade scssphp/scssphp to v1.3
Alexander Ebert [Tue, 3 Nov 2020 18:44:20 +0000 (19:44 +0100)]
Merge branch '5.3'
Marcel Werk [Tue, 3 Nov 2020 18:42:06 +0000 (19:42 +0100)]
Merge branch '5.2' into 5.3
Marcel Werk [Tue, 3 Nov 2020 18:41:50 +0000 (19:41 +0100)]
Merge branch '3.1' into 5.2
Marcel Werk [Tue, 3 Nov 2020 18:41:31 +0000 (19:41 +0100)]
Block search keyword list if permissions for the search function are denied
Closes #3681
Alexander Ebert [Tue, 3 Nov 2020 16:24:39 +0000 (17:24 +0100)]
Merge pull request #3691 from WoltLab/bump-scss
Update to scssphp/scssphp 1.3
Tim Düsterhus [Tue, 3 Nov 2020 16:23:46 +0000 (17:23 +0100)]
Clean up Core/Date/Util (#3692)
- Reduce scope of char and hours.
- Consistently use .padStart instead of `slice`
- Fix 'y' for years starting with 10000 AD
Matthias Schmidt [Tue, 3 Nov 2020 14:52:48 +0000 (15:52 +0100)]
Merge branch '5.3'
Matthias Schmidt [Tue, 3 Nov 2020 14:50:57 +0000 (15:50 +0100)]
Merge branch '5.2' into 5.3
Matthias Schmidt [Tue, 3 Nov 2020 14:50:45 +0000 (15:50 +0100)]
Fix `Ui/Poll/Editor._reset()`
Tim Düsterhus [Tue, 3 Nov 2020 14:44:50 +0000 (15:44 +0100)]
Update to scssphp/scssphp 1.3
Tim Düsterhus [Tue, 3 Nov 2020 13:30:18 +0000 (14:30 +0100)]
Tim Düsterhus [Tue, 3 Nov 2020 13:26:13 +0000 (14:26 +0100)]
Fix typo in de.xml
Alexander Ebert [Tue, 3 Nov 2020 12:34:54 +0000 (13:34 +0100)]
Outdated phrase refering to a specific package server
Alexander Ebert [Tue, 3 Nov 2020 12:27:00 +0000 (13:27 +0100)]
Bump the head.js timeout from 7s to 60s
head.js will fire the ready event even when the script is still loading, causing the callback to be invoked on slow 3G networks before the script arrived.
See https://github.com/headjs/headjs/issues/330
Alexander Ebert [Tue, 3 Nov 2020 11:41:09 +0000 (12:41 +0100)]
Merge pull request #3689 from WoltLab/54-typescript
Convert the reaction handling to TypeScript
Alexander Ebert [Tue, 3 Nov 2020 11:32:41 +0000 (12:32 +0100)]
Moved variables into the module scope
Alexander Ebert [Tue, 3 Nov 2020 11:02:05 +0000 (12:02 +0100)]
Convert `Ui/Like/Handler` to TypeScript
Alexander Ebert [Tue, 3 Nov 2020 10:47:42 +0000 (11:47 +0100)]
Merge pull request #3667 from Krymonota/patch-16
Update version number to 5.3 in README.md
Matthias Schmidt [Tue, 3 Nov 2020 10:21:53 +0000 (11:21 +0100)]
Add missing changes in previous commit
Matthias Schmidt [Tue, 3 Nov 2020 10:21:17 +0000 (11:21 +0100)]
Merge branch '5.3'
Matthias Schmidt [Tue, 3 Nov 2020 10:14:50 +0000 (11:14 +0100)]
Merge branch '5.2' into 5.3
Matthias Schmidt [Tue, 3 Nov 2020 10:14:08 +0000 (11:14 +0100)]
Fix polls in AJAX form builder forms
Matthias Schmidt [Tue, 3 Nov 2020 10:13:14 +0000 (11:13 +0100)]
Add data and options getters in poll editor js module
Matthias Schmidt [Tue, 3 Nov 2020 10:12:30 +0000 (11:12 +0100)]
Fire event if field is registered in form builder manager
Alexander Ebert [Mon, 2 Nov 2020 20:10:51 +0000 (21:10 +0100)]
Convert `Ui/Reaction/Profile/Loader` to TypeScript
Alexander Ebert [Mon, 2 Nov 2020 19:55:49 +0000 (20:55 +0100)]
Convert `Ui/Reaction/Handler` to TypeScript
Matthias Schmidt [Mon, 2 Nov 2020 17:56:32 +0000 (18:56 +0100)]
Merge branch '5.3'
Matthias Schmidt [Mon, 2 Nov 2020 17:56:18 +0000 (18:56 +0100)]
Merge branch '5.2' into 5.3
Matthias Schmidt [Mon, 2 Nov 2020 17:56:03 +0000 (18:56 +0100)]
Merge branch '3.1' into 5.2
Matthias Schmidt [Mon, 2 Nov 2020 17:55:46 +0000 (18:55 +0100)]
Fix GDPR export if invalid user id is given
… and stop using deprecated method `UserProfile::getUserProfile()`.
Matthias Schmidt [Mon, 2 Nov 2020 17:12:05 +0000 (18:12 +0100)]
Fix class name of invalid password algorithm
See #3580
Alexander Ebert [Mon, 2 Nov 2020 17:10:30 +0000 (18:10 +0100)]
Convert `Ui/Reaction/CountButton` to TypeScript
Matthias Schmidt [Mon, 2 Nov 2020 16:23:49 +0000 (17:23 +0100)]
Support rebuilding activity points on user rank list page (#3684)
Close #3532
Matthias Schmidt [Mon, 2 Nov 2020 15:40:53 +0000 (16:40 +0100)]
Merge branch '5.3'
Matthias Schmidt [Mon, 2 Nov 2020 15:40:35 +0000 (16:40 +0100)]
Support moderation filters if no outstanding entries exist
Matthias Schmidt [Mon, 2 Nov 2020 15:32:12 +0000 (16:32 +0100)]
Add permissions for attachments in signatures (#3683)
* Add permissions for attachments in signatures
Close #3675
* Add missing `module_user_signature` option
* Add `enableoptions` for `user.signature.attachment.canUpload`
Alexander Ebert [Mon, 2 Nov 2020 15:29:35 +0000 (16:29 +0100)]
Incorrect detection of datetime values
Fixes #3673
Marcel Werk [Mon, 2 Nov 2020 14:56:28 +0000 (15:56 +0100)]
Merge pull request #3682 from WoltLab/menu_item_add
Menu item add
Joshua Rüsweg [Mon, 2 Nov 2020 14:50:18 +0000 (15:50 +0100)]
Merge pull request #3645 from WoltLab/user-session-list
User session list
joshuaruesweg [Mon, 2 Nov 2020 09:57:48 +0000 (10:57 +0100)]
Add more compact view for sessions
joshuaruesweg [Mon, 2 Nov 2020 09:52:45 +0000 (10:52 +0100)]
Add new UserAgent Util class
joshuaruesweg [Sat, 31 Oct 2020 20:37:53 +0000 (21:37 +0100)]
Sort active sessions by last activity time
joshuaruesweg [Fri, 30 Oct 2020 13:55:13 +0000 (14:55 +0100)]
Add session list for user
joshuaruesweg [Fri, 30 Oct 2020 13:49:47 +0000 (14:49 +0100)]
Add helper methods for the session class
joshuaruesweg [Fri, 30 Oct 2020 13:47:19 +0000 (14:47 +0100)]
Add action to delete an own session
joshuaruesweg [Thu, 29 Oct 2020 12:57:29 +0000 (13:57 +0100)]
Add UserUtil::isMobileBrowser() method
joshuaruesweg [Thu, 29 Oct 2020 12:55:47 +0000 (13:55 +0100)]
Add UserUtil::isTablet() method