mbirth/LuckyCoinkydink
1
0
Fork 0
Code Issues Pull Requests Activity
5,134 Commits 2 Branches 42 Tags
Commit Graph

572 Commits

Author SHA1 Message Date
onli
b968138dc3 React to errors when comment could not be deleted (#527) 
Cherry-picked from master.

Signed-off-by: Thomas Hochstein <thh@inter.net>
 2018-09-30 12:13:46 +02:00
Garvin Hicking
1455842192 Cherrypick: Security fixes 2018-07-19 09:27:58 +02:00
Thomas Hochstein
a6ca674484 Fix display of messages for comment editing. 
All messages and errors were appended to $msg
and $errormsg, respectively, creating one long
unformatted string - mostly unreadable.

So we make $msg and $errormsg arrays instead
and iterate over those arrays in the template,
displaying each message separately.

Fixes #525.

Signed-off-by: Thomas Hochstein <thh@inter.net>
 2017-12-17 19:16:25 +01:00
Garvin Hicking
5871f698eb Exclude documentation from rewrites in .htaccess 
* Change .htaccess default rules.
* Add an upgrader task.

Fixes isse #521.

Cherry-picked and rebased from master.

Signed-off-by: Thomas Hochstein <thh@inter.net>
 2017-07-23 20:36:12 +02:00
Thomas Hochstein
81adf62790 Display ChangeLog in plugin lists (if available). 
Code was using wrong file path variable for checking
the presence of a ChangeLog file.

Cherry-picked from master.

Signed-off-by: Thomas Hochstein <thh@inter.net>
 2017-07-23 20:35:59 +02:00
klemens
5a95db314a spelling fixes 2017-04-06 22:26:07 +02:00
onli
cdf375623d Require token to change theme (fixes #452) 2017-03-02 12:08:05 +01:00
onli
f947c66f66 Add multiple missing CSRF tokens (#439) 
Deleting comments, disabling comment threads, installing plugins, toggling a spartacus update check
 2017-01-16 15:32:16 +01:00
Garvin Hicking
4e8c310156 Issue #435, fix missing escaping of HTTP referer to prevent XSS 2017-01-02 09:37:45 +01:00
Garvin Hicking
e2a665e13b Sync changes 2016-11-28 15:34:10 +01:00
Garvin Hicking
dc3eb1e735 Merge branch 'master' of github.com:s9y/Serendipity 2016-11-02 12:18:58 +01:00
Garvin Hicking
26de428c18 Enhanced media upload check to also check redirects for local files, thanks to Xu Yue (again!) 2016-11-02 12:18:49 +01:00
Matthias Mees
7410465496 Improve accessibility of iconfont icons 
Iconfont icons are of no value to screenreader users; in our case,
they get alternative text. By adding 'aria-hidden="true"' to the
<span> holding the iconfont icon, we avoid the screenreader trying
to announce the iconfont icon.
 2016-10-26 11:29:25 +02:00
onli
d9b1baab76 Further improve theme ordering 
Stabilizes output of the recommended themes
 2016-10-10 18:43:03 +02:00
onli
196c3becb2 Order themes by their shown name 2016-10-10 18:36:44 +02:00
Garvin Hicking
cfd75ec877 Security patch, see docs/NEWS 2016-09-22 12:51:00 +02:00
onli
d973e99933 Workaround PHP < 5.6 bug, not verifying certs, stopping Request2 
See http://board.s9y.org/viewtopic.php?f=10&t=20773 and #399
 2016-06-22 19:42:07 +02:00
onli
02a49c8735 Http/Request2 for ML image download (#399) 2016-05-10 02:52:37 +00:00
onli
d4fe793820 Move importers to Http/Request2 and __construct (#399) 2016-05-10 02:47:22 +00:00
onli
32d0a6bf4f Fix: Don't break backend theme box 
If the current theme was not the same as the backend theme, but the
backend theme was part of a recommended theme, then that backend theme
would get accidentally removed from the list of themes and thus nto set
as the current backend theme, breaking the themes menu
 2016-04-20 20:47:57 +00:00
onli
cc4e9f953e Introduce recommended section in theme backend 
Meant to highlight modern themes for guiding users not to pick the outdated xhtml themes still available via spartacus. See http://board.s9y.org/viewtopic.php?f=5&t=20713
 2016-04-14 16:18:16 +02:00
onli
9d18a74440 Fix: Both plugin types not upgradeable in shared list (#383) 2016-03-29 19:49:26 +02:00
onli
668363eb1b Merge event and sidebar update page into one (#383) 2016-03-20 14:40:08 +00:00
Ian
d93674485d cleaups 2016-03-19 17:18:11 +01:00
xoxys
7e5f63d9d2 remove backend variable 2016-02-09 10:55:12 +01:00
xoxys
93322d2dce Disable email notifications for replies send from backend 
Add variable $comment to control comment replies from backend
 2016-02-08 09:47:58 +01:00
Ian
a47fa22ca4 do not set spamblock button if user not has 'adminComments' privilege 2016-02-04 15:41:58 +01:00
Ian
0af650be44 better comments by author 
Removes some restrictions previously added. Or else we would need a 'userComments' privilege. But that would not make too much sense, since we already work with the lowest group privilege here.
This still is not ready yet, I presume. It needs more finetuning like answer to comments, etc.
Please help testing.

References #385
 2016-02-03 18:12:17 +01:00
Ian
7f7f452388 fix d4ce253 missing authorid fetch 
References #385
 2016-02-03 16:52:46 +01:00
Ian
d4ce2533f6 edit comments by authorid 
References #385

Please test.
 2016-02-03 16:28:58 +01:00
Ian
227d115d71 Fix missing perm checks for a "standard user" in MediaLibrary 
We still have the issue that we have set authorID 0 as the standard authorid in ML. This prevents us being more strict than this.
We will have to re-think this, maybe...

References #385
 2016-02-03 15:47:04 +01:00
Ian
1196bbe826 better use pre defined constant userlevel 2016-01-25 11:34:29 +01:00
Ian
8bf485fd1d extend comments and entries in Dashboard by userLevel 
References #385

This still does not help with non-working button for the 'Standard Editor' (level 0).
 2016-01-23 11:24:12 +01:00
Ian
d8edd18c10 Fix show Dashboard entries by authors entries 
References #385
and http://board.s9y.org/viewtopic.php?f=10&t=20639

We might need to extend this with user group policies (userlevel) - it depends on what we want to have here.
@garvinhicking
 2016-01-22 19:47:09 +01:00
Ian
97c43af83e Fix Dashboard comments by authors entries 
Closes #385
 2016-01-22 18:29:49 +01:00
Ian
797da0eae1 remove $id header 2016-01-22 18:27:11 +01:00
Ian
90eed2d001 typos and minors 2015-12-01 12:12:01 +01:00
Ian
04104a3e4d Fixed media item delete handler 
References #371
Closes #371
 2015-10-31 14:10:52 +01:00
Ian
ee1e567503 remove default case only path restoreVar 
this is now done where it is actually needed
 2015-10-28 11:36:50 +01:00
Ian
d1baaf4983 better listen on toggle_dir and remember 2015-10-26 11:36:57 +01:00
Ian
a7732eeb81 minors 2015-10-20 13:24:50 +02:00
Ian
715d8cafa6 Optimize scaleImage returns 2015-10-19 13:21:19 +02:00
Ian
3030b80c2b fix rename media file reload issue 
References #370

and allow better umlaut conversion

This is a plain javascript event, therefore the message and reload stuff had to move into the JS caller.
 2015-10-17 15:03:15 +02:00
Ian
732d6067c3 restore last set directory path on mediaproperties submit 2015-10-17 13:47:36 +02:00
Ian
0d7f8d474f multi delete/move - submit by name 
fixes notice messages on POST
 2015-10-16 11:22:25 +02:00
Ian
d130dc729e bulkmove - prevent success reload to open itself, 
the multidelete type again and end with MULTICHECK_NO_ITEM message.
 2015-10-15 11:01:06 +02:00
Ian
92299999e7 bulkmove - return to last selected directory 2015-10-15 10:55:35 +02:00
Ian
8fb7d51106 add message to item properties done 2015-10-12 14:15:31 +02:00
Ian
2e43a9944e keep previous ML item name whitespace behaviour 2015-10-08 10:25:23 +02:00
Ian
4539ef8d9d dot is empty - fix 994161a 2015-10-07 11:35:03 +02:00