81adf62790
Display ChangeLog in plugin lists (if available).
...
Code was using wrong file path variable for checking
the presence of a ChangeLog file.
Cherry-picked from master.
Signed-off-by: Thomas Hochstein <thh@inter.net >
2017-07-23 20:35:59 +02:00
4eefa752e2
Fix broken display of details in FF
...
References #515
2017-05-25 11:03:40 +02:00
6ac1ae70c8
Merge pull request #513 from th-h/thh-2.1
...
Cherry-pick bug fixes from master for 2.1.x branch.
2017-05-22 10:26:20 +02:00
ee42a4ab64
Fix broken Akismet API calls.
...
Fixes issue 506.
Cherry-picked from master.
Signed-off-by: Thomas Hochstein <thh@inter.net >
2017-05-20 23:04:29 +02:00
5b3116a201
Fix comment preview for logged-in user.
...
Comment form data was unconditionally overwritten
by user data. Make that conditional ...
Fixes issue 487.
Cherry-picked from master.
Signed-off-by: Thomas Hochstein <thh@inter.net >
2017-05-20 23:04:28 +02:00
f5636b9b1e
Add Net/DNS2.php 1.4.3 to core.
...
Fixes issue 459.
See https://pear.php.net/package/Net_DNS2/
Cherry-picked from master.
Signed-off-by: Thomas Hochstein <thh@inter.net >
2017-05-20 23:04:28 +02:00
fef48fd28d
Suppress empty groups in plugin list.
...
(as suggested by @garvinhicking in issue 484)
Cherry-picked from master.
Signed-off-by: Thomas Hochstein <thh@inter.net >
2017-05-20 23:00:27 +02:00
757e538fe4
next release
2017-04-09 09:39:44 +02:00
701ebe442d
Rever this for the release, re-introduce later
2017-04-09 09:35:14 +02:00
8fee805ca1
Prepare release 2.1.1
2017-04-09 09:15:55 +02:00
9365836307
Merge pull request #481 from th-h/thh-476
...
Fix broken compat layer.
2017-04-09 00:55:21 +02:00
c3dfe61b57
Fix broken compat layer.
...
Partially revert 7a0a9e2156Closes #476 .
Signed-off-by: Thomas Hochstein <thh@inter.net >
2017-04-09 00:49:10 +02:00
2bedc9243e
next version
2017-04-08 18:47:50 +02:00
a794481941
bump release
2017-04-08 18:30:49 +02:00
a385c10890
bump version
2017-04-08 18:23:46 +02:00
7832c364d7
IteratorIteratorIteratorIterator iterated iteration fix. To understand iteration, you first need to understand recursion and iteration and iteration and iteration and iteration.
2017-04-08 17:38:47 +02:00
b8897b3250
PHP7 check
2017-04-08 17:01:31 +02:00
86a17f9a2b
Register fatal error handler
2017-04-08 15:45:21 +02:00
3e442e73ff
Merge pull request #466 from ka7/feature/spelling
...
spelling fixes
2017-04-07 10:48:11 +02:00
5a95db314a
spelling fixes
2017-04-06 22:26:07 +02:00
4d8f04d406
Add plugin_dynamicform.tpl to Timeline theme
2017-03-18 09:36:57 -05:00
3702139dcf
Merge pull request #461 from webcompas/master
...
Fixed uninitialized Smarty value (fixes #460 )
2017-03-14 14:28:04 +01:00
8791e8929e
Fixed uninitialized Smarty value ( fixes s9y/Serendipity#460 )
2017-03-14 14:02:33 +01:00
cdf375623d
Require token to change theme ( fixes #452 )
2017-03-02 12:08:05 +01:00
d98eaed44c
Use https protocol for external assets
...
Basically 'backporting' e256e658
2017-02-24 09:07:53 +01:00
cea0240240
Merge pull request #451 from capturehorizons/patch-1
...
Update index.tpl
2017-02-24 09:06:03 +01:00
e256e65846
Update index.tpl
...
Hello s9y,
I have change three url (lines 23, 32, 33) to "https://..." because browser warning unsaved content on https-domains.
It works on my site "www.seidler.is"
I hope i could help
Greeting marcus
2017-02-24 08:28:45 +01:00
381b066344
Merge pull request #447 from gnuheidix/comment_sanitized
...
some PHP functions expect strings and crash otherwise
2017-02-07 22:16:10 +01:00
9511b9dde5
Merge pull request #446 from gnuheidix/search_term
...
makes sure that only strings are being processed in searchTerm
2017-02-07 21:15:11 +01:00
7a0a9e2156
some PHP functions expect strings and crash otherwise
2017-02-07 21:13:51 +01:00
dd06eeea99
makes sure that only strings are being processed in searchTerm; strip_tags crashes in case it's getting an array
2017-02-07 20:24:33 +01:00
55ec5e4ab4
document, bump
2017-01-30 14:58:52 +01:00
c2cebad52b
issue #442
2017-01-30 14:58:37 +01:00
d4d46855c2
Add formtoken to upgrade button
2017-01-26 14:11:54 +01:00
ba6d9ee127
prepare release
2017-01-26 11:50:15 +01:00
2b5de12b38
Issue #437
2017-01-26 08:25:06 +01:00
97277cfd1a
issue #430
2017-01-26 08:23:17 +01:00
5bf0cf9fea
Merge branch 'master' of github.com:s9y/Serendipity
2017-01-26 08:16:22 +01:00
69d8a34c90
document
2017-01-26 08:16:14 +01:00
7e70f91686
Add form token to comment delete link
2017-01-17 11:42:37 +01:00
f947c66f66
Add multiple missing CSRF tokens ( #439 )
...
Deleting comments, disabling comment threads, installing plugins, toggling a spartacus update check
2017-01-16 15:32:16 +01:00
c62d667287
* [Security] Fix missing integer casting for inserting new categories
...
(thanks to cdxy)
2017-01-16 11:29:15 +01:00
6285933470
* [Security] Redirection of comment.php now checks the referrer
...
and only allows the blog's host (thanks to Lee Sheldon Victor)
2017-01-12 12:02:27 +01:00
a48708021c
* [Security] Reject %0D/%0A in exit tracking and other places
...
(Issue #434 )
2017-01-03 09:21:25 +01:00
edfc8bcff1
disable selenium test files
2017-01-02 09:42:37 +01:00
4e8c310156
Issue #435 , fix missing escaping of HTTP referer to prevent XSS
2017-01-02 09:37:45 +01:00
0c8416f5df
Allow setting a default category.
...
Needs some testing, I am not sure how to solve the case now where "no category" shall be used. It will always fall back to the default category.
Probably if someone uses a default category, that's the intended behaviour?
2016-12-23 10:14:27 +01:00
6b1348a7f1
improve hidding password from recent chrome
2016-12-23 10:13:40 +01:00
fd2f23f3e7
upport security bugfix to escape dbType parameter on first installation (issue #433 )
2016-12-19 11:18:10 +01:00
ccfc8c31c2
Merge pull request #432 from gnuheidix/PR_rss_version_parameter
...
Strict feed template name checking (#431 )
2016-12-15 05:31:09 +01:00
