mbirth/LuckyCoinkydink
1
0
Fork 0
Code Issues Pull Requests Activity
5,156 Commits 2 Branches 42 Tags
5ba0c006ab
Commit Graph

5156 Commits

Author SHA1 Message Date
Garvin Hicking
7832c364d7 IteratorIteratorIteratorIterator iterated iteration fix. To understand iteration, you first need to understand recursion and iteration and iteration and iteration and iteration. 2017-04-08 17:38:47 +02:00
Garvin Hicking
b8897b3250 PHP7 check 2017-04-08 17:01:31 +02:00
Garvin Hicking
86a17f9a2b Register fatal error handler 2017-04-08 15:45:21 +02:00
Garvin Hicking
3e442e73ff Merge pull request from ka7/feature/spelling 
spelling fixes
 2017-04-07 10:48:11 +02:00
klemens
5a95db314a spelling fixes 2017-04-06 22:26:07 +02:00
Don Chambers
4d8f04d406 Add plugin_dynamicform.tpl to Timeline theme 2017-03-18 09:36:57 -05:00
Matthias Mees
3702139dcf Merge pull request from webcompas/master 
Fixed uninitialized Smarty value (fixes )
 2017-03-14 14:28:04 +01:00
Pascal Uhlmann
8791e8929e Fixed uninitialized Smarty value (fixes ) 2017-03-14 14:02:33 +01:00
onli
cdf375623d Require token to change theme (fixes ) 2017-03-02 12:08:05 +01:00
Matthias Mees
d98eaed44c Use https protocol for external assets 
Basically 'backporting' e256e658 for preview_iframe.tpl
 2017-02-24 09:07:53 +01:00
Matthias Mees
cea0240240 Merge pull request from capturehorizons/patch-1 
Update index.tpl
 2017-02-24 09:06:03 +01:00
Marcus Seidler
e256e65846 Update index.tpl 
Hello s9y,

I have change three url (lines 23, 32, 33) to "https://..." because browser warning unsaved content on https-domains.

It works on my site "www.seidler.is"

I hope i could help

Greeting marcus
 2017-02-24 08:28:45 +01:00
Thomas Heidrich
3a7e04c69c improved check quality 
!empty verifies that $username has been set with a significant value of any kind; is_string makes sure the type is really what is being expected in the following code.
 2017-02-09 23:39:06 +01:00
Thomas Heidrich
e28bbf04d2 avoid HTTP500 crashing when username is an array 2017-02-08 20:19:43 +01:00
onli
381b066344 Merge pull request from gnuheidix/comment_sanitized 
some PHP functions expect strings and crash otherwise
 2017-02-07 22:16:10 +01:00
onli
9511b9dde5 Merge pull request from gnuheidix/search_term 
makes sure that only strings are being processed in searchTerm
 2017-02-07 21:15:11 +01:00
Thomas Heidrich
7a0a9e2156 some PHP functions expect strings and crash otherwise 2017-02-07 21:13:51 +01:00
Thomas Heidrich
dd06eeea99 makes sure that only strings are being processed in searchTerm; strip_tags crashes in case it's getting an array 2017-02-07 20:24:33 +01:00
Garvin Hicking
55ec5e4ab4 document, bump 2017-01-30 14:58:52 +01:00
Garvin Hicking
c2cebad52b issue 2017-01-30 14:58:37 +01:00
onli
d4d46855c2 Add formtoken to upgrade button 2017-01-26 14:11:54 +01:00
Garvin Hicking
ba6d9ee127 prepare release 2.1-rc1 2017-01-26 11:50:15 +01:00
Garvin Hicking
2b5de12b38 Issue 2017-01-26 08:25:06 +01:00
Garvin Hicking
97277cfd1a issue 2017-01-26 08:23:17 +01:00
Garvin Hicking
5bf0cf9fea Merge branch 'master' of github.com:s9y/Serendipity 2017-01-26 08:16:22 +01:00
Garvin Hicking
69d8a34c90 document 2017-01-26 08:16:14 +01:00
onli
7e70f91686 Add form token to comment delete link 2017-01-17 11:42:37 +01:00
onli
f947c66f66 Add multiple missing CSRF tokens () 
Deleting comments, disabling comment threads, installing plugins, toggling a spartacus update check
 2017-01-16 15:32:16 +01:00
Garvin Hicking
c62d667287 * [Security] Fix missing integer casting for inserting new categories 
(thanks to cdxy)
 2017-01-16 11:29:15 +01:00
Garvin Hicking
6285933470 * [Security] Redirection of comment.php now checks the referrer 
and only allows the blog's host (thanks to Lee Sheldon Victor)
 2017-01-12 12:02:27 +01:00
Garvin Hicking
a48708021c * [Security] Reject %0D/%0A in exit tracking and other places 
(Issue )
 2017-01-03 09:21:25 +01:00
Garvin Hicking
edfc8bcff1 disable selenium test files 2017-01-02 09:42:37 +01:00
Garvin Hicking
4e8c310156 Issue , fix missing escaping of HTTP referer to prevent XSS 2017-01-02 09:37:45 +01:00
Garvin Hicking
0c8416f5df Allow setting a default category. 
Needs some testing, I am not sure how to solve the case now where "no category" shall be used. It will always fall back to the default category.
Probably if someone uses a default category, that's the intended behaviour?
 2016-12-23 10:14:27 +01:00
Garvin Hicking
6b1348a7f1 improve hidding password from recent chrome 2016-12-23 10:13:40 +01:00
Garvin Hicking
fd2f23f3e7 upport security bugfix to escape dbType parameter on first installation (issue ) 2016-12-19 11:18:10 +01:00
onli
ccfc8c31c2 Merge pull request from gnuheidix/PR_rss_version_parameter 
Strict feed template name checking ()
 2016-12-15 05:31:09 +01:00
Thomas Heidrich
99e9b70c9b Strict feed template name checking () 
otherwise requests like /rss.php?version=1 will still crash
 2016-12-14 18:19:44 +01:00
onli
e9f98f80f0 Add additional check for allowed feed tpls () 2016-12-14 12:43:50 +01:00
Garvin Hicking
cb03731e90 release 2.1-beta3 2016-11-28 15:51:51 +01:00
Garvin Hicking
e2a665e13b Sync changes 2016-11-28 15:34:10 +01:00
Garvin Hicking
dc3eb1e735 Merge branch 'master' of github.com:s9y/Serendipity 2016-11-02 12:18:58 +01:00
Garvin Hicking
26de428c18 Enhanced media upload check to also check redirects for local files, thanks to Xu Yue (again!) 2016-11-02 12:18:49 +01:00
Matthias Mees
f06aeb2340 Update docs files 
- Added correct URL to new website to INSTALL
- Adapted body copy in README
- Reformatted both files so they would pass as Markdown if needed
 2016-10-28 11:41:53 +02:00
Matthias Mees
309cf8e9a6 Catch up German core translation 2016-10-27 23:24:42 +02:00
Matthias Mees
5ed6ace0f5 Adapt README text to copy on s9y.org 2016-10-27 14:34:40 +02:00
Matthias Mees
090c212d09 Fix maintenance message spacing 2016-10-26 15:23:03 +02:00
Matthias Mees
7b354c1cf7 Fix layout error w/ maintenance messages 2016-10-26 15:21:22 +02:00
Matthias Mees
69f5515ea3 Remove stray aria-hidden attribute 2016-10-26 15:19:43 +02:00
Matthias Mees
eda47a1ffc Fix misplaced aria attribute 2016-10-26 15:16:09 +02:00