Marcel Werk [Wed, 27 Oct 2021 16:15:43 +0000 (18:15 +0200)]
Merge pull request #4569 from WoltLab/cleanup-paypal-callback
Clean up PaypalCallbackAction
Marcel Werk [Wed, 27 Oct 2021 16:10:12 +0000 (18:10 +0200)]
Improved code style
Tim Düsterhus [Wed, 27 Oct 2021 09:16:11 +0000 (11:16 +0200)]
Stop using SystemException in PaypalCallbackAction
Marcel Werk [Wed, 27 Oct 2021 08:38:34 +0000 (10:38 +0200)]
Fixed request
Marcel Werk [Wed, 27 Oct 2021 08:27:16 +0000 (10:27 +0200)]
Fixed code style
Marcel Werk [Wed, 27 Oct 2021 08:25:48 +0000 (10:25 +0200)]
Apply suggestions from code review
Co-authored-by: Tim Düsterhus <duesterhus@woltlab.com>
Marcel Werk [Tue, 26 Oct 2021 16:52:04 +0000 (18:52 +0200)]
Clean up PaypalCallbackAction
Closes #4351
Marcel Werk [Tue, 26 Oct 2021 14:44:39 +0000 (16:44 +0200)]
Show online status indicator in user management
Closes #4568
Marcel Werk [Tue, 26 Oct 2021 14:09:20 +0000 (16:09 +0200)]
Do not increase article view counter for unpublished articles
Closes #4374
Tim Düsterhus [Tue, 26 Oct 2021 12:57:31 +0000 (14:57 +0200)]
Merge branch '5.4'
Tim Düsterhus [Tue, 26 Oct 2021 12:57:19 +0000 (14:57 +0200)]
Merge branch '5.3' into 5.4
Tim Düsterhus [Tue, 26 Oct 2021 12:56:26 +0000 (14:56 +0200)]
Regenerate composer autoloader
Tim Düsterhus [Mon, 25 Oct 2021 11:45:41 +0000 (13:45 +0200)]
Update composer dependencies
Tim Düsterhus [Mon, 25 Oct 2021 09:19:11 +0000 (11:19 +0200)]
Merge branch '5.4'
joshuaruesweg [Mon, 25 Oct 2021 09:08:44 +0000 (11:08 +0200)]
Sync `aclSimple.tpl`
joshuaruesweg [Mon, 25 Oct 2021 09:02:52 +0000 (11:02 +0200)]
Alexander Ebert [Sun, 24 Oct 2021 12:57:39 +0000 (14:57 +0200)]
Workaround for multiple quote handlers on one page
joshuaruesweg [Mon, 25 Oct 2021 09:08:44 +0000 (11:08 +0200)]
Sync `aclSimple.tpl`
Tim Düsterhus [Mon, 25 Oct 2021 09:03:27 +0000 (11:03 +0200)]
Merge pull request #4567 from WoltLab/censorship
Clean up Censorship
joshuaruesweg [Mon, 25 Oct 2021 09:02:52 +0000 (11:02 +0200)]
Alexander Ebert [Sun, 24 Oct 2021 12:57:39 +0000 (14:57 +0200)]
Workaround for multiple quote handlers on one page
Tim Düsterhus [Fri, 22 Oct 2021 09:28:16 +0000 (11:28 +0200)]
Stop checking the `enable_censorship` option
Tim Düsterhus [Fri, 22 Oct 2021 09:25:30 +0000 (11:25 +0200)]
Remove the `enable_censorship` option
Resolves #4566
Tim Düsterhus [Fri, 22 Oct 2021 09:17:48 +0000 (11:17 +0200)]
Make Censorship::$matches a local variable
There is no good reason why this should be a class property.
Tim Düsterhus [Fri, 22 Oct 2021 09:14:07 +0000 (11:14 +0200)]
Clean up initialization in `Censorship`
- Use a regular foreach loop.
- Use `ArrayUtil::trim()` which also removes empty elements by itself.
Tim Düsterhus [Fri, 22 Oct 2021 09:15:54 +0000 (11:15 +0200)]
Add early check if censored words are configured in `Censorship::test()`
Tim Düsterhus [Fri, 22 Oct 2021 09:20:14 +0000 (11:20 +0200)]
Fix the use of `preg_quote()` in `Censorship`
Specify the correct `$delimiter`.
Tim Düsterhus [Fri, 22 Oct 2021 08:50:21 +0000 (10:50 +0200)]
Merge branch '5.4'
Tim Düsterhus [Fri, 22 Oct 2021 08:48:20 +0000 (10:48 +0200)]
Specify a default value for `register_disabled`
see
83a6038eea6da6608c5363be7b9f88080f3dadb1
see #4565
Tim Düsterhus [Fri, 22 Oct 2021 08:49:36 +0000 (10:49 +0200)]
Specify a default value for `force_login`
see
83a6038eea6da6608c5363be7b9f88080f3dadb1
see #4565
Tim Düsterhus [Fri, 22 Oct 2021 08:47:17 +0000 (10:47 +0200)]
Specify a default value for `module_paid_subscription` / `paid_subscription_enable_tos_confirmation`
see
83a6038eea6da6608c5363be7b9f88080f3dadb1
see #4565
Tim Düsterhus [Fri, 22 Oct 2021 08:45:01 +0000 (10:45 +0200)]
Specify a default value for `offline` / `offline_message_allow_html`
see
83a6038eea6da6608c5363be7b9f88080f3dadb1
see #4565
Tim Düsterhus [Fri, 22 Oct 2021 08:43:23 +0000 (10:43 +0200)]
Merge branch '5.4'
Tim Düsterhus [Fri, 22 Oct 2021 08:41:52 +0000 (10:41 +0200)]
Specify a default value for `enable_censorship`
This did not cause issues in practice, as `options.inc.php` reliably contained
a `0` as the option’s value.
Fixes #4565
Tim Düsterhus [Thu, 21 Oct 2021 13:37:51 +0000 (15:37 +0200)]
Merge pull request #4564 from WoltLab/table-column-factory-inheritance
Prevent object creation for the DatabaseTableColumn factory classes
Tim Düsterhus [Thu, 21 Oct 2021 13:32:01 +0000 (15:32 +0200)]
Merge branch '5.4'
Tim Düsterhus [Thu, 21 Oct 2021 13:18:44 +0000 (15:18 +0200)]
Fix doc comment for ACPSessionAccessLog::hasProtectedURI()
This should read `deprecated`, not `since`.
see
c1586ab667e1b6e075538516b21fe8a31855c19e
Tim Düsterhus [Thu, 21 Oct 2021 13:17:06 +0000 (15:17 +0200)]
Merge pull request #4557 from WoltLab/acp-session-log-link
Remove link from requestURI in acpSessionLog
Tim Düsterhus [Thu, 21 Oct 2021 13:05:46 +0000 (15:05 +0200)]
Merge pull request #4556 from WoltLab/password-toggle-submit
Hide all passwords upon form submission in Core/Ui/Password.ts
Tim Düsterhus [Thu, 21 Oct 2021 12:19:52 +0000 (14:19 +0200)]
Merge pull request #4555 from WoltLab/style-delete
Move all of the style deletion logic into StyleEditor
Tim Düsterhus [Thu, 21 Oct 2021 12:00:23 +0000 (14:00 +0200)]
Merge branch '5.4'
Tim Düsterhus [Thu, 21 Oct 2021 11:59:28 +0000 (13:59 +0200)]
Fix PHPDoc return type for IDatabaseTableColumn::getDefaultValue()
Tim Düsterhus [Thu, 21 Oct 2021 11:54:38 +0000 (13:54 +0200)]
Prevent object creation for the DatabaseTableColumn factory classes
Resolves #4563
Tim Düsterhus [Thu, 21 Oct 2021 08:49:43 +0000 (10:49 +0200)]
Remove explicit include of class-php-ico.php in StyleAction
This class can be loaded using composer's autoloader.
Tim Düsterhus [Thu, 21 Oct 2021 08:46:55 +0000 (10:46 +0200)]
Merge branch '5.4'
Tim Düsterhus [Thu, 21 Oct 2021 08:46:36 +0000 (10:46 +0200)]
Remove include of deprecated scss.inc.php in StyleCompiler
Tim Düsterhus [Thu, 21 Oct 2021 08:39:15 +0000 (10:39 +0200)]
Use `->prepare()` instead of `->prepareStatement() in LastActivityCronjob
Tim Düsterhus [Thu, 21 Oct 2021 08:38:30 +0000 (10:38 +0200)]
Fix `userID` condition in LastActivityCronjob
Tim Düsterhus [Thu, 21 Oct 2021 07:30:10 +0000 (09:30 +0200)]
Merge branch '5.4'
Sascha Greuel [Wed, 20 Oct 2021 22:25:11 +0000 (00:25 +0200)]
Add `UnfurlUrl::$status` to `@property-read`
Closes #4561
[Tim: Rephrased the commit message]
Tim Düsterhus [Wed, 20 Oct 2021 10:31:30 +0000 (12:31 +0200)]
Remove link from requestURI in acpSessionLog
The link has been non-functional since ages, because `hasProtectedURI()`
effectively always returned `true`, as the `page` and `form` query parameters
are no longer in use.
With WoltLab Suite 5.4 the `requestURI` might also contain a request ID and the
link length is also limited to 255 characters.
All in all it appears that supporting a link within the log is non-trivial,
with the benefit being rather small.
Resolves #4524
Tim Düsterhus [Wed, 20 Oct 2021 09:58:35 +0000 (11:58 +0200)]
Hide all passwords upon form submission in Core/Ui/Password.ts
Resolves #4554
Tim Düsterhus [Wed, 20 Oct 2021 08:50:31 +0000 (10:50 +0200)]
Move all of the style deletion logic into StyleEditor
This ensures that all the files on the filesystem are deleted no matter how the
style is deleted. Previously the style's image folder remained when
StyleEditor::delete() was used, for example within the style PIP.
Tim Düsterhus [Tue, 19 Oct 2021 11:30:16 +0000 (13:30 +0200)]
Merge branch '5.4'
Tim Düsterhus [Tue, 19 Oct 2021 10:37:26 +0000 (12:37 +0200)]
Merge pull request #4552 from WoltLab/email-header-case
Use canonical header casing in PhpEmailTransport
Tim Düsterhus [Tue, 19 Oct 2021 10:01:53 +0000 (12:01 +0200)]
Use canonical header name in PhpEmailTransport
Tim Düsterhus [Tue, 19 Oct 2021 10:00:55 +0000 (12:00 +0200)]
Add Email::getCanonicalHeaderName()
Tim Düsterhus [Mon, 18 Oct 2021 10:19:56 +0000 (12:19 +0200)]
Update composer dependencies
Alexander Ebert [Fri, 15 Oct 2021 15:23:06 +0000 (17:23 +0200)]
Incorrect data type used in AJAX requests for search requests
The `Set` type is not understood by the browser's AJAX API and thus silently discarded.
Tim Düsterhus [Thu, 14 Oct 2021 13:18:15 +0000 (15:18 +0200)]
Merge branch '5.4'
Tim Düsterhus [Thu, 14 Oct 2021 13:17:37 +0000 (15:17 +0200)]
Merge branch '5.3' into 5.4
Tim Düsterhus [Thu, 14 Oct 2021 13:14:54 +0000 (15:14 +0200)]
Merge branch '5.2' into 5.3
Tim Düsterhus [Thu, 14 Oct 2021 13:11:44 +0000 (15:11 +0200)]
Merge branch '3.1' into 5.2
Tim Düsterhus [Thu, 14 Oct 2021 13:10:10 +0000 (15:10 +0200)]
Fix EmailNewActivationCodeForm
This got broken, because it inherits from RegisterNewActivationForm and the “is
already enabled” validation was moved into a dedicated method within there. This
is a perfect example of why one should never inherit from controllers …
see
f394421c0cc7e8879007092e40e540b2fd1118c1
Tim Düsterhus [Thu, 14 Oct 2021 13:03:35 +0000 (15:03 +0200)]
Fix bad merge from 5.3 to 5.4
Commit
f394421c0cc7e8879007092e40e540b2fd1118c1 was incorrectly applied.
Tim Düsterhus [Thu, 14 Oct 2021 10:32:36 +0000 (12:32 +0200)]
Merge pull request #4549 from WoltLab/mysql-column-explicit-nullable
Include an explicit `NULL` within a column definition unless the column is NOT NULL
Tim Düsterhus [Thu, 14 Oct 2021 08:32:35 +0000 (10:32 +0200)]
Include an explicit `NULL` within a column definition unless the column is NOT NULL
This improves error detection, because MySQL will not silently make the column
`NOT NULL` if it is part of a `PRIMARY KEY`. Instead it will error out:
> SQLSTATE[42000]: Syntax error or access violation: 1171 All parts of a
> PRIMARY KEY must be NOT NULL; if you need NULL in a key, use UNIQUE instead
Tim Düsterhus [Wed, 13 Oct 2021 14:21:45 +0000 (16:21 +0200)]
Merge branch '5.4'
Tim Düsterhus [Wed, 13 Oct 2021 14:21:09 +0000 (16:21 +0200)]
Allow unblocking non-blockable users from within the profile
Fixes #4548
WoltLab [Wed, 13 Oct 2021 10:37:41 +0000 (10:37 +0000)]
Updating minified JavaScript files
Tim Düsterhus [Wed, 13 Oct 2021 10:36:21 +0000 (12:36 +0200)]
Update npm dependencies in extra/
WoltLab [Wed, 13 Oct 2021 10:31:37 +0000 (10:31 +0000)]
Updating minified JavaScript files
Tim Düsterhus [Tue, 12 Oct 2021 15:23:04 +0000 (17:23 +0200)]
Merge pull request #4547 from WoltLab/deprecated-iloggingawareexception
Deprecate ILoggingAwareException
Tim Düsterhus [Tue, 12 Oct 2021 13:47:56 +0000 (15:47 +0200)]
Deprecate ILoggingAwareException
The `finalizeLog()` method was initially added to support
com.woltlab.wcf.elasticSearch, as it logged the full - possibly huge -
Elasticsearch response, allowing it to log the response into a separate log
file.
This came with severe usability issues, as this log file is not readily
available from the ACP.
The Elasticsearch package was completely cleaned up, relying on the regular
Guzzle exceptions, and errors during JSON decoding no longer include the full
JSON.
Letting the Exception know that they've been logged is a layering violation
that will not play along nicely with #4342. The current method signature also
is pretty much limited to logging into files only.
Deprecate the interface, now that the only known user is gone.
Tim Düsterhus [Tue, 12 Oct 2021 08:48:15 +0000 (10:48 +0200)]
Fix typo in reCAPTCHA API URL
Introduced in #4293.
Tim Düsterhus [Fri, 8 Oct 2021 14:59:19 +0000 (16:59 +0200)]
Remove trailing whitespace and unused imports
Tim Düsterhus [Fri, 8 Oct 2021 14:45:42 +0000 (16:45 +0200)]
Handle all types of exception when validating database access during import
see #4281
see WoltLab/com.woltlab.wcf.exporter#55
Marcel Werk [Fri, 8 Oct 2021 14:01:18 +0000 (16:01 +0200)]
Support for the embedding of private vimeo videos
Tim Düsterhus [Fri, 8 Oct 2021 09:10:47 +0000 (11:10 +0200)]
Merge pull request #4546 from WoltLab/sfs-lastseen-index
Add INDEX on wcf1_blacklist_entry.lastSeen
Tim Düsterhus [Fri, 8 Oct 2021 09:10:36 +0000 (11:10 +0200)]
Merge pull request #4545 from WoltLab/url-legacy-mode
Remove the `url_legacy_mode` option
Tim Düsterhus [Fri, 8 Oct 2021 08:40:29 +0000 (10:40 +0200)]
Update composer dependencies
Tim Düsterhus [Fri, 8 Oct 2021 08:28:16 +0000 (10:28 +0200)]
Add INDEX on wcf1_blacklist_entry.lastSeen
Resolves #4210
Tim Düsterhus [Fri, 8 Oct 2021 08:24:55 +0000 (10:24 +0200)]
Fix typo in filename of update script
Tim Düsterhus [Fri, 8 Oct 2021 08:10:23 +0000 (10:10 +0200)]
Remove the `url_legacy_mode` option
Resolves #4544
Marcel Werk [Thu, 7 Oct 2021 09:45:46 +0000 (11:45 +0200)]
Added CSS to highlight unread content in sidebar
Tim Düsterhus [Thu, 7 Oct 2021 08:52:53 +0000 (10:52 +0200)]
Update composer dependencies
Joshua Rüsweg [Wed, 6 Oct 2021 10:12:25 +0000 (12:12 +0200)]
Merge pull request #4541 from WoltLab/5.5-notification-confirm-link
Replace empty redirect responses in notifications with link to notifi…
joshuaruesweg [Wed, 6 Oct 2021 09:57:36 +0000 (11:57 +0200)]
Replace empty redirect responses in notifications with link to notification list
The notification link can be `null` (e.g. for some moderation notifications). This would trigger an exception further in the code, because the PSR7 redirect response expect a real URL. For this reason, we rewrite `null` with a link to the NotificationListPage.
Tim Düsterhus [Tue, 5 Oct 2021 09:49:56 +0000 (11:49 +0200)]
Update for PHP CS Fixer 3.2.1
Tim Düsterhus [Tue, 5 Oct 2021 07:27:07 +0000 (09:27 +0200)]
Merge branch '5.4'
Tim Düsterhus [Tue, 5 Oct 2021 07:00:18 +0000 (09:00 +0200)]
Merge pull request #4539 from WoltLab/php-ddl-reject-duplicate-index-column
Reject indices with duplicate columns in DatabaseTableChangeProcessor
Tim Düsterhus [Mon, 4 Oct 2021 14:32:53 +0000 (16:32 +0200)]
Merge pull request #4540 from WoltLab/5.4-image-proxy-exception
Correctly wrap \RuntimeException from body reading in \DomainExceptio…
joshuaruesweg [Mon, 4 Oct 2021 14:28:44 +0000 (16:28 +0200)]
Correctly wrap \RuntimeException from body reading in \DomainException in ImageProxyAction
Tim Düsterhus [Mon, 4 Oct 2021 14:04:11 +0000 (16:04 +0200)]
Reject indices with duplicate columns in DatabaseTableChangeProcessor
Resolves #4536
Joshua Rüsweg [Mon, 4 Oct 2021 13:31:19 +0000 (15:31 +0200)]
Merge pull request #4538 from WoltLab/5.4-disable-unfurling-in-signatures
Disable unfurled urls in signatures
joshuaruesweg [Mon, 4 Oct 2021 12:53:14 +0000 (14:53 +0200)]
Disable unfurled urls in signatures
Tim Düsterhus [Fri, 1 Oct 2021 10:19:57 +0000 (12:19 +0200)]
Merge branch '5.4'
Tim Düsterhus [Thu, 30 Sep 2021 13:33:44 +0000 (15:33 +0200)]
Merge pull request #4535 from WoltLab/import-current-path
Reject `fileSystemPath`s matching an active app during import
Tim Düsterhus [Thu, 30 Sep 2021 11:46:48 +0000 (13:46 +0200)]
Reject `fileSystemPath`s matching an active app during import
Resolves #4517
Tim Düsterhus [Wed, 29 Sep 2021 13:38:50 +0000 (15:38 +0200)]
Fix check whether a non-owned FOREIGN KEY is being dropped in DatabaseTableChangeProcessor
The reproducer and fix is effectively identical to the one in
167291206e57ffb9bc043308682061e5e499ff45.
Package A: Installs FOREIGN KEY (someOtherUserID) REFERENCES wcf1_user (userID)
Package B: Installs FOREIGN KEY (userID) REFERENCES wcf1_user (userID)
Package B: Drops FOREIGN KEY (userID) REFERENCES wcf1_user (userID)
It was erroneously detected that Package B would drop the foreign key owned by
Package A, but possibly only after the foreign key has already been (correctly)
dropped. This delay in check is caused by the `continue 2;` skipping any other
foreign keys after matching up one foreign key.
The actual dropping logic was already correct, just the safety check was
incorrect.
see #4434