Tim Düsterhus [Tue, 2 Feb 2021 10:31:21 +0000 (11:31 +0100)]
Make 5.4_session_3_migrate_session.php idempotent
Fixes #3923
Tim Düsterhus [Mon, 1 Feb 2021 11:54:02 +0000 (12:54 +0100)]
Merge branch '5.3'
Alexander Ebert [Mon, 1 Feb 2021 11:48:01 +0000 (12:48 +0100)]
Merge branch '5.2' into 5.3
Alexander Ebert [Mon, 1 Feb 2021 11:47:42 +0000 (12:47 +0100)]
Merge branch '3.1' into 5.2
Alexander Ebert [Mon, 1 Feb 2021 11:47:24 +0000 (12:47 +0100)]
Merge branch '3.0' into 3.1
Alexander Ebert [Mon, 1 Feb 2021 11:47:09 +0000 (12:47 +0100)]
Missing check for accessible user groups
Alexander Ebert [Mon, 1 Feb 2021 11:38:59 +0000 (12:38 +0100)]
Merge branch '3.0' into 3.1
Alexander Ebert [Mon, 1 Feb 2021 11:38:49 +0000 (12:38 +0100)]
Notify users of the expiring support
Alexander Ebert [Mon, 1 Feb 2021 11:38:11 +0000 (12:38 +0100)]
Merge branch '3.0' into 3.1
Tim Düsterhus [Fri, 16 Oct 2020 11:57:29 +0000 (13:57 +0200)]
Ignore top-level node_modules/
Tim Düsterhus [Mon, 1 Feb 2021 10:54:13 +0000 (11:54 +0100)]
Merge branch '5.3'
Tim Düsterhus [Mon, 1 Feb 2021 10:50:35 +0000 (11:50 +0100)]
Merge pull request #3920 from WoltLab/http-request-proxy
Fix HTTPRequest with proxies
Tim Düsterhus [Mon, 1 Feb 2021 10:37:09 +0000 (11:37 +0100)]
Stream HTTPRequest responses only of a maximum length is desired
cURL is not supported for streaming responses. As we process the full response
body for requests without a maximum length there is no benefit to streaming the
response, because we lose cURL support.
Tim Düsterhus [Mon, 1 Feb 2021 10:34:50 +0000 (11:34 +0100)]
Update Guzzle
see guzzle/guzzle#2848
see guzzle/guzzle#2850
Alexander Ebert [Fri, 29 Jan 2021 19:03:38 +0000 (20:03 +0100)]
Merge pull request #3917 from WoltLab/cover-photo-webp-thumbnail
WebP support for cover photos
Joshua Rüsweg [Fri, 29 Jan 2021 16:42:09 +0000 (17:42 +0100)]
Merge pull request #3919 from WoltLab/lostpassword_flood
Add LostPassword Flood Control
joshuaruesweg [Fri, 29 Jan 2021 14:49:26 +0000 (15:49 +0100)]
Add LostPassword Flood Control
Tim Düsterhus [Fri, 29 Jan 2021 15:24:32 +0000 (16:24 +0100)]
Merge branch '5.3'
Matthias Schmidt [Fri, 29 Jan 2021 15:23:00 +0000 (16:23 +0100)]
Merge branch '5.2' into 5.3
Matthias Schmidt [Fri, 29 Jan 2021 15:22:50 +0000 (16:22 +0100)]
Fix which index object is used when dropping indices with PHP API
Only `$matchingExistingIndex` is guaranteed to have the correct index name.
Tim Düsterhus [Fri, 29 Jan 2021 15:02:09 +0000 (16:02 +0100)]
Merge branch '5.3'
Matthias Schmidt [Fri, 29 Jan 2021 14:55:51 +0000 (15:55 +0100)]
Merge branch '5.2' into 5.3
Matthias Schmidt [Fri, 29 Jan 2021 14:55:26 +0000 (15:55 +0100)]
Fix checked property when adding indices to `DatabaseTable`
Alexander Ebert [Fri, 29 Jan 2021 14:25:33 +0000 (15:25 +0100)]
Merge branch '5.2' into 5.3
Alexander Ebert [Fri, 29 Jan 2021 14:01:03 +0000 (15:01 +0100)]
Release 5.2.11
Alexander Ebert [Fri, 29 Jan 2021 13:56:16 +0000 (14:56 +0100)]
Merge branch '3.1' into 5.2
Alexander Ebert [Fri, 29 Jan 2021 13:44:59 +0000 (14:44 +0100)]
Release 3.1.19
WoltLab [Fri, 29 Jan 2021 13:38:27 +0000 (13:38 +0000)]
Updating minified JavaScript files
Marcel Werk [Fri, 29 Jan 2021 13:23:24 +0000 (14:23 +0100)]
Merge pull request #3911 from WoltLab/master-password
Deprecate Master Password
Tim Düsterhus [Fri, 29 Jan 2021 12:57:45 +0000 (13:57 +0100)]
Merge branch '5.3'
Alexander Ebert [Fri, 29 Jan 2021 12:38:06 +0000 (13:38 +0100)]
Dynamically create WebP variants for style imports
Alexander Ebert [Thu, 28 Jan 2021 19:24:05 +0000 (20:24 +0100)]
WebP variant for user cover photos
Alexander Ebert [Thu, 28 Jan 2021 18:53:16 +0000 (19:53 +0100)]
Force-enable cover photos
Alexander Ebert [Thu, 28 Jan 2021 18:37:55 +0000 (19:37 +0100)]
Generate the WebP variants for style cover photos during the upgrade
Alexander Ebert [Thu, 28 Jan 2021 17:11:19 +0000 (18:11 +0100)]
WebP support for style cover photos
joshuaruesweg [Fri, 29 Jan 2021 12:35:25 +0000 (13:35 +0100)]
Merge branch '5.2' into 5.3
joshuaruesweg [Fri, 29 Jan 2021 12:32:24 +0000 (13:32 +0100)]
Merge branch '3.1' into 5.2
joshuaruesweg [Fri, 29 Jan 2021 12:30:56 +0000 (13:30 +0100)]
Fix converting float value to integer
Tim Düsterhus [Fri, 29 Jan 2021 10:49:54 +0000 (11:49 +0100)]
Add reformatting of constants.php to .git-blame-ignore-revs
Tim Düsterhus [Fri, 29 Jan 2021 10:43:56 +0000 (11:43 +0100)]
Add backslash before define() in constants.php
Alexander Ebert [Thu, 28 Jan 2021 17:42:18 +0000 (18:42 +0100)]
Incorrect comparison for the height of an image
Alexander Ebert [Thu, 28 Jan 2021 17:14:42 +0000 (18:14 +0100)]
Missing update of the version number in `wcf\system\WCF`
Tim Düsterhus [Thu, 28 Jan 2021 12:37:50 +0000 (13:37 +0100)]
Use stronger wording in master password deprecation notice
Tim Düsterhus [Thu, 28 Jan 2021 11:17:13 +0000 (12:17 +0100)]
Merge pull request #3912 from WoltLab/blocklist-deprecation
Deprecate the client blocklists
Tim Düsterhus [Thu, 28 Jan 2021 10:57:00 +0000 (11:57 +0100)]
Bump version to 5.4.0 Alpha 1
The current development state diverged quite a lot from 5.3. Adjust the version
to prevent accidents with the developer tools.
Tim Düsterhus [Thu, 28 Jan 2021 10:39:39 +0000 (11:39 +0100)]
Fix .gitattributes for Template.grammar.js
The `ts/` folder now resides in the root of the repository.
Tim Düsterhus [Thu, 28 Jan 2021 10:26:38 +0000 (11:26 +0100)]
Add ILoggingAwareException
Tim Düsterhus [Thu, 28 Jan 2021 10:20:17 +0000 (11:20 +0100)]
Add types for functions in core.functions.php
These cannot be inherited from, thus we can add the types without breaking
compatibility.
Tim Düsterhus [Thu, 28 Jan 2021 10:17:29 +0000 (11:17 +0100)]
Merge pull request #3915 from WoltLab/composer
Update composer dependencies
Tim Düsterhus [Thu, 28 Jan 2021 10:00:24 +0000 (11:00 +0100)]
Ignore symfony/polyfill-mbstring/bootstrap80.php during syntax check
Tim Düsterhus [Thu, 28 Jan 2021 09:49:42 +0000 (10:49 +0100)]
Update composer dependencies
Tim Düsterhus [Thu, 28 Jan 2021 09:04:39 +0000 (10:04 +0100)]
Remove bogus extra newline in WCF.class.php
Tim Düsterhus [Thu, 28 Jan 2021 08:58:12 +0000 (09:58 +0100)]
Deprecate blacklist_ip_addresses and blacklist_user_agents
Resolves #3909
Tim Düsterhus [Thu, 28 Jan 2021 08:51:10 +0000 (09:51 +0100)]
Remove the `blacklist_hostnames` option
The hostname blocklist requires a PTR lookup for every single request. This is
slow and unreliable.
see #3909
Tim Düsterhus [Thu, 28 Jan 2021 08:45:27 +0000 (09:45 +0100)]
Show deprecation message on master password authentication
Resolves #3698
Tim Düsterhus [Thu, 28 Jan 2021 08:26:54 +0000 (09:26 +0100)]
Mark the master password as deprecated in the option description
see #3698
Tim Düsterhus [Thu, 28 Jan 2021 08:35:22 +0000 (09:35 +0100)]
Fix formatting in LogoutAction
Apparently the editor on GitHub.com defaults to tabs, even if the whole file consists of spaces only.
Tim Düsterhus [Thu, 28 Jan 2021 08:33:28 +0000 (09:33 +0100)]
Clear the master password on ACP logout
Alexander Ebert [Wed, 27 Jan 2021 17:36:18 +0000 (18:36 +0100)]
Release 5.3.3
Tim Düsterhus [Wed, 27 Jan 2021 16:30:36 +0000 (17:30 +0100)]
Add previous commit to .git-blame-ignore-revs
Tim Düsterhus [Wed, 27 Jan 2021 16:28:25 +0000 (17:28 +0100)]
Marcel Werk [Wed, 27 Jan 2021 16:23:53 +0000 (17:23 +0100)]
Merge branch '5.3'
Marcel Werk [Wed, 27 Jan 2021 16:14:41 +0000 (17:14 +0100)]
Object edit link led to the admin panel
Tim Düsterhus [Wed, 27 Jan 2021 15:32:32 +0000 (16:32 +0100)]
Merge branch '5.3'
Tim Düsterhus [Wed, 27 Jan 2021 15:31:11 +0000 (16:31 +0100)]
Make update_com.woltlab.wcf_5.3_packageServer.php compatible with WCF_N != 1
joshuaruesweg [Wed, 27 Jan 2021 14:59:14 +0000 (15:59 +0100)]
Merge branch '5.3'
joshuaruesweg [Wed, 27 Jan 2021 14:58:09 +0000 (15:58 +0100)]
Merge branch '5.2' into 5.3
Joshua Rüsweg [Wed, 27 Jan 2021 14:57:30 +0000 (15:57 +0100)]
Merge pull request #3908 from WoltLab/pr_build_package
Add wcfsetup workflow
Tim Düsterhus [Wed, 27 Jan 2021 14:51:42 +0000 (15:51 +0100)]
Merge pull request #3901 from WoltLab/require-multifactor
Implement multi-factor requirement
Alexander Ebert [Wed, 27 Jan 2021 14:50:29 +0000 (15:50 +0100)]
Merge pull request #3906 from WoltLab/item-list-input-event
Use the `input` event to detect the comma on Chromium for Android
Tim Düsterhus [Wed, 27 Jan 2021 14:49:02 +0000 (15:49 +0100)]
Fix informal phrase in de.xml
joshuaruesweg [Wed, 27 Jan 2021 14:30:47 +0000 (15:30 +0100)]
Add wcfsetup workflow
This workflow generates the WCFSetup and stores it as an artifact.
Tim Düsterhus [Wed, 27 Jan 2021 14:09:18 +0000 (15:09 +0100)]
Merge pull request #3907 from WoltLab/mfa-update-multiple-requests
Split update_com.woltlab.wcf_5.4_migrate_multifactor across multiple requests
Tim Düsterhus [Wed, 27 Jan 2021 13:04:11 +0000 (14:04 +0100)]
Split update_com.woltlab.wcf_5.4_migrate_multifactor across multiple requests
Resolves #3796
Alexander Ebert [Wed, 27 Jan 2021 12:23:11 +0000 (13:23 +0100)]
Use the `input` event to detect the comma on Chromium for Android
Tim Düsterhus [Wed, 27 Jan 2021 11:48:57 +0000 (12:48 +0100)]
Merge pull request #3905 from WoltLab/benchmark-parameters
Replace placeholders by actual values in Benchmark
Tim Düsterhus [Wed, 27 Jan 2021 11:39:51 +0000 (12:39 +0100)]
Replace placeholders by actual values in Benchmark
In most cases this allows one to simply copy the query to easily edit it within
a MySQL shell. The code (intentionally) does not handle single quotes
correctly. It also truncates the parameter after 100 characters and handles at
most 30 parameters.
Alexander Ebert [Wed, 27 Jan 2021 11:26:46 +0000 (12:26 +0100)]
Merge branch '5.3'
Alexander Ebert [Wed, 27 Jan 2021 11:20:57 +0000 (12:20 +0100)]
Improved message for rejected credentials on paid packages (#3903)
joshuaruesweg [Wed, 27 Jan 2021 11:03:47 +0000 (12:03 +0100)]
Throw NotImplementedException exception for unsupported method call
Tim Düsterhus [Wed, 27 Jan 2021 10:57:40 +0000 (11:57 +0100)]
Add dev tools description for multi-factor object type definition (#3897)
see #3892
Co-authored-by: Matthias Schmidt <gravatronics@live.com>
joshuaruesweg [Wed, 27 Jan 2021 10:54:50 +0000 (11:54 +0100)]
Change default username in dev installation to 'dev'
Closes #3866
joshuaruesweg [Wed, 27 Jan 2021 10:46:35 +0000 (11:46 +0100)]
Use FQN for internal PHP functions
joshuaruesweg [Wed, 27 Jan 2021 10:42:23 +0000 (11:42 +0100)]
Fix codestyle
joshuaruesweg [Wed, 27 Jan 2021 10:38:40 +0000 (11:38 +0100)]
Update phpBB3 password hash
Closes #3885
Matthias Schmidt [Wed, 27 Jan 2021 09:57:41 +0000 (10:57 +0100)]
Reformat SQL queries in install and update scripts
Marcel Werk [Tue, 26 Jan 2021 15:46:33 +0000 (16:46 +0100)]
missing id attribute
Tim Düsterhus [Tue, 26 Jan 2021 14:58:25 +0000 (15:58 +0100)]
Enforce the multi-factor requirement in ACP
Tim Düsterhus [Tue, 26 Jan 2021 14:40:48 +0000 (15:40 +0100)]
Add TMultifactorRequirementEnforcer
Tim Düsterhus [Tue, 26 Jan 2021 14:30:31 +0000 (15:30 +0100)]
Check for multi-factor requirement in MultifactorDisableForm
Tim Düsterhus [Tue, 26 Jan 2021 14:22:28 +0000 (15:22 +0100)]
Add RejectEverythingFormField
Tim Düsterhus [Tue, 26 Jan 2021 14:17:45 +0000 (15:17 +0100)]
Reduce duplication in MultifactorDisableForm
Tim Düsterhus [Tue, 26 Jan 2021 13:58:12 +0000 (14:58 +0100)]
Add User::requiresMultifactor()
Tim Düsterhus [Tue, 26 Jan 2021 13:49:59 +0000 (14:49 +0100)]
Add requireMultifactor property to user groups
Tim Düsterhus [Tue, 26 Jan 2021 14:15:02 +0000 (15:15 +0100)]
Merge remote-tracking branch 'origin/master'
Tim Düsterhus [Tue, 26 Jan 2021 14:14:48 +0000 (15:14 +0100)]
Merge branch '5.3'
Tim Düsterhus [Tue, 26 Jan 2021 14:12:20 +0000 (15:12 +0100)]
Merge branch '5.2' into 5.3
Tim Düsterhus [Tue, 26 Jan 2021 14:11:49 +0000 (15:11 +0100)]
Merge pull request #3900 from WoltLab/hasOwnerAccess
Fix User::hasOwnerAccess()
Tim Düsterhus [Tue, 26 Jan 2021 14:03:22 +0000 (15:03 +0100)]
Check owner access after checking controller blacklist in RequestHandler
This ensures that the check only happens when absolute required.
Tim Düsterhus [Tue, 26 Jan 2021 14:00:28 +0000 (15:00 +0100)]
Remove caching from User::hasOwnerAccess()
The current caching logic is buggy as reported in issue #3899. This patch
removes this caching, as this method already is quite fast and it also is
seldomly called. Within the frontend it is only called when the user is banned.
Fixes #3899
projects / GitHub / WoltLab / WCF.git / log