When renaming objects in the Media Library,
s9y didn't check if a file with the same
name already exists, resulting in a file
name collision deleting both files from
the database _and_ from disk.
Add a check to avoid that.
An error message would be nice, too, but
that may be added later on.
Tested on s9y-stable test instance.
Cherry-picked from master branch.
Signed-off-by: Thomas Hochstein <thh@inter.net>
genpage is called but no action given -
the default page was generated at every call.
Cherry-picked from master branch.
Signed-off-by: Thomas Hochstein <thh@inter.net>
The number of entries shown on the title
page and in the feed has to be at least "1",
as s9y can't cope with "0" or negative
values (and it shouldn't).
May be related to #636.
Backported from master.
Signed-off-by: Thomas Hochstein <thh@inter.net>
s9y will encode the body of its auto-generated
mails as quoted-printable when imap_8bit() is
available. imap_8bit() will use "\r\n" as
linebreaks as mandated for SMTP transfer.
The result will be transmitted via PHP's
mail() function, using direct SMTP on
Windows and piping it to a MTA on Unix.
Most MTAs will cope just fine with those
linebreaks, while qmail will not; it will
replace all "\n" linebreaks with "\r\n",
so we get "\r\r\n" in our case. We can't
"fix" qmail (as its maintainer, if there
even is one, does not consider this
behaviour wrong), but we can replace the
line endings we get from imap_8bit().
The fix does work with qmail and Exim and
should work with sendmail and Postfix and
other MTAs, too. It may break sending
mail on Windows (i.e. lose all linebreaks),
but I think that's acceptable, as we'll
have more qmail installation than Windows
servers out there.
A workaround could be to set
serendipity['forceBase64']=true in
serendipity_config_local.inc.php, but I'd
prefer this fix.
Fixes#644.
Backported from master branch.
Signed-off-by: Thomas Hochstein <thh@inter.net>
The autologin ("Save information") functionality in 2.3.1 is broken since
commit 52a41b37d554da11acc932eeec44c5fb1414a492
CommitDate: Fri Mar 23 18:01:32 2018 +0100
Rework autologin to use a token approach
Although a cookie serendipity[author_autologintoken] with correct
expiration (one month) which random data content is present as value
in the serendipity_options table with name autologin_Username and
correct timestamp as okey and that is found with manually executing
the SQL statement
SELECT name, value, okey FROM serendipity_options WHERE name = 'autologin_Username' AND okey > 1565801743 LIMIT 1
like done in include/functions_config.inc.php
serendipity_checkAutologin(), the login is forgotten after 30 minutes
or so. That was not the case with 2.1.5 where the login was valid for
weeks.
Of
if (stristr($serendipity['dbType'], 'sqlite')) {
$cast = "okey";
} else {
// Adds explicits casting for mysql, postgresql and others.
$cast = "cast(okey as integer)";
}
from which $cast then is used in the SQL statement instead of a plain
okey; when doing that manually with
SELECT name, value, okey FROM serendipity_options WHERE name = 'autologin_Username' AND cast(okey as integer) > 1565801743 LIMIT 1
it produces the MySQL error
#1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'integer) > 1565801743 LIMIT 1' at line 1
This also with $serendipity['dbType'] = 'mysqli' for the above code.
Indeed, cast(okey as integer) is invalid in MySQL and should be
cast(okey as unsigned) instead which then also works manually, see
https://stackoverflow.com/a/12127022 and
https://dev.mysql.com/doc/refman/5.7/en/cast-functions.html#function_cast
Same in serendipity_issueAutologin().
Changing those two places accordingly resolves the autologin not
persistent problem.
Additionally, inspecting the serendipity_options table revealed loads
of old serendipity[author_authorinformation] cookie information that
was never deleted in serendipity_issueAutologin() with the
OR (okey LIKE 'l_%' AND $cast < " . (time() - 1814400) . ")")
expression producing a MySQL error. This has to be done manually
once as also 2.3.1 will not delete it anymore.
Backported from master branch.
Signed-off-by: Thomas Hochstein <thh@inter.net>
This reverts commit 4e662bf17c420cc997c39c9501cfe0df509d9a09
in parts.
With this - now reverted - commit, the prev/next
arrows in pagination were swapped because they
were the wrong way around. Unfortunately, later on,
the root cause was fixes by "unswapping" the prev/next
links in core, so now the pagination arrows were
... eh ... wrongly swapped. So this commit has to
be reverted.
Backported from master branch.
Signed-off-by: Thomas Hochstein <thh@inter.net>
* Fix media library (mass) delete.
* I18n for multimove.
+ Add MEDIA_DIRECTORY_MOVE.
+ Change German translation of "Move" to
"Verschieben".
Cherry-picked from master.
Signed-off-by: Thomas Hochstein <thh@inter.net>
Unconditionally setting $serendipity['csuccess']
to 'true' will override a "moderate" flag set by
another (spamblock) plugin.
Cherry-picked from master.
Signed-off-by: Thomas Hochstein <thh@inter.net>
* Fix core pagination for "stable archives".
The current page will always be the current page,
regardless of archive sorting order. Page 76 of
86 pages will remain page 76, even if the archive
sorting is changed; it won't become page 10.
* Fix pagination for "stable archives" in themes.
Timeline and Bulletproof have pagination.
Both need to swap the prev/next links for
stable archives, as the sorting order has
been reversed.
* Fix prev/next page links for stable archives.
We shouldn't swap prev/next links for archive
pages. With stable archives, the title page is
the last page of the archive, not the first, so
all other pages are "previos", and we should
display it like that.
Cherry-picked from master.
Signed-off-by: Thomas Hochstein <thh@inter.net>
* "PLUGIN_ALL_UPDATED" was hardcoded.
* Add some missing German translation
and fix some others.
* Add new constants to other languages
via addlang.sh
* Remove wrongly added constants from
plugin_lang.php
Signed-off-by: Thomas Hochstein <thh@inter.net>
Quite some information is missing from
the list of installed plugins; and the
list of installable plugins has some
more information, but not everything
that is present on Spartacus, i.e.
the last modification date.
So let's add a link to the plugin entry
on Spartacus (in the chosen language
version).
Fixes#471.
Signed-off-by: Thomas Hochstein <thh@inter.net>
"requirement_failures" from PHP is saved in
"requirements_failues" - "requirements" as
in plural, and with a typo. That doesn't make
sense. Let's use "requirement_failures"
everywhere.
Backported from master.
Signed-off-by: Thomas Hochstein <thh@inter.net>
"Version" should be capitalized in German -
and anywhere at the start of a sentence or
line.
Furthermore, "UPGRADE_TO_VERSION" is not
the current version ("aktuelle version"),
but the version one could upgrade to.
Backported from master.
Signed-off-by: Thomas Hochstein <thh@inter.net>
