GitHub/WoltLab/WCF.git
4 months agoSwap the parameters `$application` and `$template`
Cyperghost [Wed, 26 Jun 2024 08:58:19 +0000 (10:58 +0200)]
Swap the parameters `$application` and `$template`

4 months agoAdds the option of a template that is also included for the extra buttons
Cyperghost [Wed, 26 Jun 2024 08:54:59 +0000 (10:54 +0200)]
Adds the option of a template that is also included for the extra buttons
Use `unsafe:` instead of `@`

4 months agoUse media breakpoints to set the number of columns
Cyperghost [Wed, 26 Jun 2024 08:44:31 +0000 (10:44 +0200)]
Use media breakpoints to set the number of columns

4 months agoIntegrate the upload progressbar to file processor form field
Cyperghost [Wed, 26 Jun 2024 08:39:14 +0000 (10:39 +0200)]
Integrate the upload progressbar to file processor form field

4 months agoSet array-key to the fileID
Cyperghost [Wed, 26 Jun 2024 08:38:43 +0000 (10:38 +0200)]
Set array-key to the fileID

4 months agoFixes the problem that the DOM element was not removed when the file was deleted
Cyperghost [Wed, 26 Jun 2024 08:17:06 +0000 (10:17 +0200)]
Fixes the problem that the DOM element was not removed when the file was deleted

4 months agoMove upload progressbar from attachment to fileList
Cyperghost [Mon, 24 Jun 2024 08:21:45 +0000 (10:21 +0200)]
Move upload progressbar from attachment to fileList

4 months agoMerge branch 'refs/heads/master' into upload-form-field-v2
Cyperghost [Mon, 24 Jun 2024 08:18:04 +0000 (10:18 +0200)]
Merge branch 'refs/heads/master' into upload-form-field-v2

# Conflicts:
# wcfsetup/install/files/style/ui/attachment.scss

4 months agoEnable the Sandbox for Templates Inside of BBCodes
Alexander Ebert [Sun, 23 Jun 2024 11:35:09 +0000 (13:35 +0200)]
Enable the Sandbox for Templates Inside of BBCodes

See #5910

4 months agoRemove files for the upgrade 5.5 → 6.0
Alexander Ebert [Sat, 22 Jun 2024 12:08:12 +0000 (14:08 +0200)]
Remove files for the upgrade 5.5 → 6.0

4 months agoAdd a workaround for the migration of the spider data
Alexander Ebert [Sat, 22 Jun 2024 12:07:51 +0000 (14:07 +0200)]
Add a workaround for the migration of the spider data

Fixes #5941

4 months agoRemove files for the upgrade 5.5 → 6.0
Alexander Ebert [Sat, 22 Jun 2024 12:02:34 +0000 (14:02 +0200)]
Remove files for the upgrade 5.5 → 6.0

4 months agoAdd a chunk-based progress tracking
Alexander Ebert [Fri, 21 Jun 2024 12:46:27 +0000 (14:46 +0200)]
Add a chunk-based progress tracking

There will be no progress bar if there is only a single chunk to be uploaded.

4 months agoAdd extra buttons to FileProcessorFormField
Cyperghost [Fri, 21 Jun 2024 08:47:51 +0000 (10:47 +0200)]
Add extra buttons to FileProcessorFormField

4 months agoImprove visuals of selects when used in the sidebar
Marcel Werk [Thu, 20 Jun 2024 13:58:05 +0000 (15:58 +0200)]
Improve visuals of selects when used in the sidebar

Closes #5924

4 months agoMove the file list under the input field
Cyperghost [Thu, 20 Jun 2024 11:34:09 +0000 (13:34 +0200)]
Move the file list under the input field

4 months agoCombine the CSS of Attachment and FileProcessorFormField to fileList
Cyperghost [Thu, 20 Jun 2024 11:24:54 +0000 (13:24 +0200)]
Combine the CSS of Attachment and FileProcessorFormField to fileList

4 months agoAdd `item__` prefix to the css-classname
Cyperghost [Thu, 20 Jun 2024 10:48:50 +0000 (12:48 +0200)]
Add `item__` prefix to the css-classname

4 months agoAdd lazy loading for the hidden image
Cyperghost [Thu, 20 Jun 2024 10:30:04 +0000 (12:30 +0200)]
Add lazy loading for the hidden image

4 months agoAdd filename and filesize information
Cyperghost [Thu, 20 Jun 2024 10:25:22 +0000 (12:25 +0200)]
Add filename and filesize information
Add image viewer support

4 months agoRemove the other EventListener if one has been executed
Cyperghost [Thu, 20 Jun 2024 09:39:16 +0000 (11:39 +0200)]
Remove the other EventListener if one has been executed

4 months agoDisplay of the replace button only if one file can be uploaded
Cyperghost [Thu, 20 Jun 2024 09:16:19 +0000 (11:16 +0200)]
Display of the replace button only if one file can be uploaded

4 months agoRemove the TODO, this cannot be implemented because the browser only allows the call...
Cyperghost [Thu, 20 Jun 2024 09:14:00 +0000 (11:14 +0200)]
Remove the TODO, this cannot be implemented because the browser only allows the call `....click()` in the case of a `click` event.

4 months agoMerge branch '6.0'
Alexander Ebert [Wed, 19 Jun 2024 12:51:28 +0000 (14:51 +0200)]
Merge branch '6.0'

4 months agoUse this.classPrefix for class name on error message element
Cyperghost [Wed, 19 Jun 2024 10:44:48 +0000 (12:44 +0200)]
Use this.classPrefix for class name on error message element
register the language phrase `wcf.global.button.replace`

4 months agoAdd language item `wcf.global.button.replace`
Cyperghost [Wed, 19 Jun 2024 10:43:31 +0000 (12:43 +0200)]
Add language item `wcf.global.button.replace`

4 months agoRelease 6.0.16 6.0.16
Alexander Ebert [Wed, 19 Jun 2024 10:38:49 +0000 (12:38 +0200)]
Release 6.0.16

4 months agoAdd validation of submitted files
Cyperghost [Wed, 19 Jun 2024 10:38:47 +0000 (12:38 +0200)]
Add validation of submitted files

4 months agoMerge branch '5.5' into 6.0
Alexander Ebert [Wed, 19 Jun 2024 10:37:24 +0000 (12:37 +0200)]
Merge branch '5.5' into 6.0

4 months agoRelease 5.5.22 5.5.22
Alexander Ebert [Wed, 19 Jun 2024 10:31:51 +0000 (12:31 +0200)]
Release 5.5.22

4 months agoMerge branch '5.4' into 5.5
Alexander Ebert [Wed, 19 Jun 2024 10:30:58 +0000 (12:30 +0200)]
Merge branch '5.4' into 5.5

4 months agoRelease 5.4.34 5.4 5.4.34
Alexander Ebert [Wed, 19 Jun 2024 10:23:32 +0000 (12:23 +0200)]
Release 5.4.34

4 months agoFix the missing error message
Alexander Ebert [Wed, 19 Jun 2024 10:23:03 +0000 (12:23 +0200)]
Fix the missing error message

4 months agoCheck for disallowed BB codes in the content
Cyperghost [Mon, 17 Jun 2024 10:27:59 +0000 (12:27 +0200)]
Check for disallowed BB codes in the content

4 months agoSet `addDeleteButton`, `addReplaceButton` and `addButtons` to protected
Cyperghost [Wed, 19 Jun 2024 09:45:25 +0000 (11:45 +0200)]
Set `addDeleteButton`, `addReplaceButton` and `addButtons` to protected

4 months agoFix the check if this is a single file upload
Cyperghost [Wed, 19 Jun 2024 09:42:16 +0000 (11:42 +0200)]
Fix the check if this is a single file upload

4 months agoRename the setter function
Cyperghost [Wed, 19 Jun 2024 09:41:48 +0000 (11:41 +0200)]
Rename the setter function

4 months agoAllow the `FileProcessorFormField` to handle only one file.
Cyperghost [Wed, 19 Jun 2024 09:37:59 +0000 (11:37 +0200)]
Allow the `FileProcessorFormField` to handle only one file.

4 months agoLoad the file(s) when `$this->value` is set
Cyperghost [Wed, 19 Jun 2024 09:09:45 +0000 (11:09 +0200)]
Load the file(s) when `$this->value` is set

4 months agoSet the parameter `$metaData` as optional
Cyperghost [Wed, 19 Jun 2024 09:09:02 +0000 (11:09 +0200)]
Set the parameter `$metaData` as optional

4 months agoMerge pull request #5946 from WoltLab/bugfix/article-bb-code-permission
Olaf Braun [Tue, 18 Jun 2024 17:01:07 +0000 (19:01 +0200)]
Merge pull request #5946 from WoltLab/bugfix/article-bb-code-permission

Check for disallowed BB codes in the content

4 months agoRelease 6.0.15 6.0.15
Alexander Ebert [Tue, 18 Jun 2024 15:38:15 +0000 (17:38 +0200)]
Release 6.0.15

4 months agoShow an error message on upload failed
Cyperghost [Tue, 18 Jun 2024 10:12:00 +0000 (12:12 +0200)]
Show an error message on upload failed

4 months agoHandle replace button clicked
Cyperghost [Tue, 18 Jun 2024 09:55:24 +0000 (11:55 +0200)]
Handle replace button clicked

4 months agoRemove SVG from the list of safe file extensions
Alexander Ebert [Tue, 18 Jun 2024 09:20:32 +0000 (11:20 +0200)]
Remove SVG from the list of safe file extensions

Serving SVG from untrusted sources directly can be a security issue. SVG can contain JavaScript code that is executed when the file is opened in a standalone tab.

4 months agoMerge pull request #5944 from WoltLab/comment-backend-overhaul
Marcel Werk [Mon, 17 Jun 2024 12:52:19 +0000 (14:52 +0200)]
Merge pull request #5944 from WoltLab/comment-backend-overhaul

Comment backend overhaul

4 months agoMerge pull request #5945 from WoltLab/bugfix/signature-attachment
Olaf Braun [Mon, 17 Jun 2024 12:51:04 +0000 (14:51 +0200)]
Merge pull request #5945 from WoltLab/bugfix/signature-attachment

Extra check that the user also has the right to upload attachment when editing a user

4 months agoAdd link to migration guide
Marcel Werk [Mon, 17 Jun 2024 12:50:33 +0000 (14:50 +0200)]
Add link to migration guide

4 months agoMerge pull request #5947 from WoltLab/delete-files-after-attachment-deleted
Olaf Braun [Mon, 17 Jun 2024 12:25:34 +0000 (14:25 +0200)]
Merge pull request #5947 from WoltLab/delete-files-after-attachment-deleted

Also delete the associated file when an attachment is deleted

4 months agoAlso delete the associated file when an attachment is deleted
Cyperghost [Mon, 17 Jun 2024 11:29:42 +0000 (13:29 +0200)]
Also delete the associated file when an attachment is deleted

4 months agoAdd a replace button
Cyperghost [Mon, 17 Jun 2024 11:24:03 +0000 (13:24 +0200)]
Add a replace button

4 months agoCheck for disallowed BB codes in the content
Cyperghost [Mon, 17 Jun 2024 10:27:59 +0000 (12:27 +0200)]
Check for disallowed BB codes in the content

4 months agoAlso check that the current user has the right to upload file attachments
Cyperghost [Mon, 17 Jun 2024 10:08:36 +0000 (12:08 +0200)]
Also check that the current user has the right to upload file attachments

4 months agoSimplify the generation of HTML node identifiers
Alexander Ebert [Sun, 16 Jun 2024 11:31:00 +0000 (13:31 +0200)]
Simplify the generation of HTML node identifiers

We do not to generate completely random identifiers, the original intention was to prevent collisions with existing tag names.

Using a per-request random prefix together with a counter is sufficient to generate unique tag names without paying the CSPRNG tax for ever node.

4 months agoRemove obsolete code
Marcel Werk [Sun, 16 Jun 2024 11:30:09 +0000 (13:30 +0200)]
Remove obsolete code

4 months agoFix indentation
Marcel Werk [Sun, 16 Jun 2024 11:29:57 +0000 (13:29 +0200)]
Fix indentation

4 months agoIncrease the grace period for temporary attachments for logged-in users
Alexander Ebert [Sat, 15 Jun 2024 10:25:02 +0000 (12:25 +0200)]
Increase the grace period for temporary attachments for logged-in users

4 months agoRemove the additional secret for files
Alexander Ebert [Sat, 15 Jun 2024 10:13:47 +0000 (12:13 +0200)]
Remove the additional secret for files

It serves no real purpose. Guessing the SHA-256 hash is impossible due to entropy and if you *know* the hash then you pretty much know the file contents too.

There is no imaginable scenario where leaking the hash would not also leak the secret.

4 months agoMerge branch '6.0'
Alexander Ebert [Sat, 15 Jun 2024 09:42:10 +0000 (11:42 +0200)]
Merge branch '6.0'

4 months agoApply suggestions from code review
Marcel Werk [Fri, 14 Jun 2024 16:38:10 +0000 (18:38 +0200)]
Apply suggestions from code review

4 months agoRelease 6.0.15 dev 1 6.0.15_dev_1
Alexander Ebert [Fri, 14 Jun 2024 16:31:02 +0000 (18:31 +0200)]
Release 6.0.15 dev 1

4 months agoUpdating minified JavaScript files
WoltLab [Fri, 14 Jun 2024 16:18:07 +0000 (16:18 +0000)]
Updating minified JavaScript files

4 months agoAdd a proper error message for incompatible Plugin-Store packages
Alexander Ebert [Fri, 14 Jun 2024 11:26:59 +0000 (13:26 +0200)]
Add a proper error message for incompatible Plugin-Store packages

Fixes #5800
See https://www.woltlab.com/community/thread/306394-error-message-when-trying-to-install-a-package-by-storecode/

4 months agoFix phpdoc
Marcel Werk [Fri, 14 Jun 2024 11:02:06 +0000 (13:02 +0200)]
Fix phpdoc

4 months agoRemove obsolete guest dialog code
Marcel Werk [Fri, 14 Jun 2024 11:01:46 +0000 (13:01 +0200)]
Remove obsolete guest dialog code

4 months agoMade use of the new backend methods
Marcel Werk [Fri, 14 Jun 2024 11:01:30 +0000 (13:01 +0200)]
Made use of the new backend methods

4 months agoAdd typescript methods for requesting the new backend
Marcel Werk [Fri, 14 Jun 2024 11:00:51 +0000 (13:00 +0200)]
Add typescript methods for requesting the new backend

4 months agoAdd helper method to get a comment manager by id
Marcel Werk [Fri, 14 Jun 2024 10:56:19 +0000 (12:56 +0200)]
Add helper method to get a comment manager by id

4 months agoRemove/deprecate obsolete code
Marcel Werk [Fri, 14 Jun 2024 10:54:30 +0000 (12:54 +0200)]
Remove/deprecate obsolete code

4 months agoAdd RPC controller
Marcel Werk [Fri, 14 Jun 2024 10:54:06 +0000 (12:54 +0200)]
Add RPC controller

4 months agoAdd commands
Marcel Werk [Fri, 14 Jun 2024 10:53:14 +0000 (12:53 +0200)]
Add commands

4 months agoAdd PSR-14 events
Marcel Werk [Fri, 14 Jun 2024 10:50:28 +0000 (12:50 +0200)]
Add PSR-14 events

4 months agoFilter out restricted permissions in enterprise mode
Alexander Ebert [Fri, 14 Jun 2024 10:21:24 +0000 (12:21 +0200)]
Filter out restricted permissions in enterprise mode

4 months agoMerge branch 'refs/heads/master' into upload-form-field-v2
Cyperghost [Fri, 14 Jun 2024 07:30:40 +0000 (09:30 +0200)]
Merge branch 'refs/heads/master' into upload-form-field-v2

4 months agoAdd a check that no attachment files have been deleted
Cyperghost [Fri, 14 Jun 2024 07:30:29 +0000 (09:30 +0200)]
Add a check that no attachment files have been deleted

4 months agoAdd button groups to file element
Cyperghost [Fri, 14 Jun 2024 07:28:29 +0000 (09:28 +0200)]
Add button groups to file element

4 months agoMake the URL filter a bit more lenient
Alexander Ebert [Thu, 13 Jun 2024 12:25:25 +0000 (14:25 +0200)]
Make the URL filter a bit more lenient

See https://www.woltlab.com/community/thread/305951-link-umwandlung-funktioniert-nicht-wenn-protokoll-im-text-steht/

4 months agoFix the overflow handling of the code box header
Alexander Ebert [Thu, 13 Jun 2024 12:02:31 +0000 (14:02 +0200)]
Fix the overflow handling of the code box header

See https://www.woltlab.com/community/thread/306288-erroneous-placement-of-icons-in-code-box-title-on-mobile/

4 months agoProperly handle possible NULL values for option values
Alexander Ebert [Thu, 13 Jun 2024 11:09:26 +0000 (13:09 +0200)]
Properly handle possible NULL values for option values

See https://www.woltlab.com/community/thread/306690-explode-passing-null-to-parameter-2-string-of-type-string-is-deprecated/

4 months agoPrevent scrolling when defocusing a reaction overlay
Alexander Ebert [Thu, 13 Jun 2024 11:02:19 +0000 (13:02 +0200)]
Prevent scrolling when defocusing a reaction overlay

See https://www.woltlab.com/community/thread/306559-scrolling-the-page-up-while-holding-the-reaction-button/

4 months agoMerge branch 'refs/heads/master' into upload-form-field-v2
Cyperghost [Thu, 13 Jun 2024 10:04:06 +0000 (12:04 +0200)]
Merge branch 'refs/heads/master' into upload-form-field-v2

4 months agoNo longer add the description with the limits for uploading via the description....
Cyperghost [Thu, 13 Jun 2024 10:03:43 +0000 (12:03 +0200)]
No longer add the description with the limits for uploading via the description. This information is already available in the template

4 months agoFix value call
Cyperghost [Thu, 13 Jun 2024 10:02:13 +0000 (12:02 +0200)]
Fix value call

4 months agoMerge branch 'refs/heads/master' into upload-form-field-v2
Cyperghost [Thu, 13 Jun 2024 09:27:32 +0000 (11:27 +0200)]
Merge branch 'refs/heads/master' into upload-form-field-v2

4 months agoIt Was only necessary for testing
Cyperghost [Thu, 13 Jun 2024 09:26:59 +0000 (11:26 +0200)]
It Was only necessary for testing

4 months agoRemove an unnecessary map from files
Cyperghost [Thu, 13 Jun 2024 09:24:46 +0000 (11:24 +0200)]
Remove an unnecessary map from files
Check whether only images can be uploaded

4 months agoChange `ImageUtil::$imageExtensions` to the constant `ImageUtil::IMAGE_EXTENSIONS`
Cyperghost [Thu, 13 Jun 2024 09:23:48 +0000 (11:23 +0200)]
Change `ImageUtil::$imageExtensions` to the constant `ImageUtil::IMAGE_EXTENSIONS`

4 months agoMerge branch '6.0'
Alexander Ebert [Wed, 12 Jun 2024 12:40:14 +0000 (14:40 +0200)]
Merge branch '6.0'

4 months agoDo not focus the editor when resetting it
Alexander Ebert [Wed, 12 Jun 2024 12:39:48 +0000 (14:39 +0200)]
Do not focus the editor when resetting it

See https://www.woltlab.com/community/thread/306677-js-fehler-beim-antworten-auf-kommentare/

4 months agoMerge branch 'refs/heads/master' into upload-form-field-v2
Cyperghost [Wed, 12 Jun 2024 10:13:07 +0000 (12:13 +0200)]
Merge branch 'refs/heads/master' into upload-form-field-v2

4 months agoFixes the problem if `maxHeight` and or `maxWidth` have the value `-1`. In this case...
Cyperghost [Wed, 12 Jun 2024 10:12:21 +0000 (12:12 +0200)]
Fixes the problem if `maxHeight` and or `maxWidth` have the value `-1`. In this case, the images were scaled anyway.

4 months agoAdd file processor form field
Cyperghost [Wed, 12 Jun 2024 10:09:54 +0000 (12:09 +0200)]
Add file processor form field

4 months agoFix wrong object type when deleting comment responses
Marcel Werk [Tue, 11 Jun 2024 13:10:02 +0000 (15:10 +0200)]
Fix wrong object type when deleting comment responses

4 months agoMerge pull request #5943 from WoltLab/bugfix/wysiwyg-form-field-attachment
Olaf Braun [Mon, 10 Jun 2024 10:08:13 +0000 (12:08 +0200)]
Merge pull request #5943 from WoltLab/bugfix/wysiwyg-form-field-attachment

Bugfix with WysiwygAttachmentFormField and FileProcessor

4 months agoMerge pull request #5942 from WoltLab/upload-pipeline-update-database
Olaf Braun [Mon, 10 Jun 2024 10:07:52 +0000 (12:07 +0200)]
Merge pull request #5942 from WoltLab/upload-pipeline-update-database

Add missing database columns for `wcf1_attachment`

4 months agoSimplify the usage of the helper function
Alexander Ebert [Mon, 10 Jun 2024 10:03:21 +0000 (12:03 +0200)]
Simplify the usage of the helper function

4 months agoFixes the problem that when using the WysiwygFormField with attachments, the `objectI...
Cyperghost [Mon, 10 Jun 2024 09:38:32 +0000 (11:38 +0200)]
Fixes the problem that when using the WysiwygFormField with attachments, the `objectID` can be `null` if it is not an EditForm.

4 months agoAdd missing database columns for `wcf1_attachment`, that are installed by the databas...
Cyperghost [Mon, 10 Jun 2024 08:51:30 +0000 (10:51 +0200)]
Add missing database columns for `wcf1_attachment`, that are installed by the database pip

4 months agoUse a helper function instead of a property
Alexander Ebert [Sun, 9 Jun 2024 19:53:59 +0000 (21:53 +0200)]
Use a helper function instead of a property

Using a property was a dumb idea because it breaks the promise of having the entire request data be made available through the parameters passed to `__invoke()`.

4 months agoFix the deletion of attachments through the file API
Alexander Ebert [Sun, 9 Jun 2024 19:28:59 +0000 (21:28 +0200)]
Fix the deletion of attachments through the file API