Beanz/flatpress
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
865 Commits 1 Branch 0 Tags
Commit Graph

248 Commits

Author SHA1 Message Date
Arvid Zimmermann
b9c59fa775
Merge pull request #212 from Fraenkiman/upstream/issue211 
Update plugin.commentcenter.php
 2023-03-05 13:16:49 +01:00
Fraenkiman
9837c76692 Hardens FlatPress via HTTP response header 
Fixes #146

Can be optionally activated by the FlatPress admin

 * Content Security Policy is an effective measure to protect your site from XSS attacks. By whitelisting sources for approved content, you can prevent the browser from loading malicious content.
 * Permissions Policy is a new header that allows a site to control which features and APIs can be used in the browser.
 * HTTP Strict Transport Security is an excellent feature to support on your site and strengthens your implementation of TLS by getting the User Agent to enforce the use of HTTPS.
 * The X-Download-Options response header instructs the browser not to open the file directly but to offer it for download first. This mitigates some potential Social Engineering attacks.
 * HTTP Strict Transport Security (HSTS for short) is a security mechanism for HTTPS connections that protects against both connection encryption downgrade attack and session hijacking.
 * The referrer policy directive determines whether, and if so which, referrer information for requests triggered by the current web page is sent by the web browser in HTTP requests.
 2023-03-01 00:59:25 +01:00
Fraenkiman
91cbfeeaeb Update plugin.commentcenter.php 
little correction
 2023-02-27 23:01:17 +01:00
Fraenkiman
e785ea184e Update plugin.commentcenter.php 
Fixes #211
An email notification is now sent when there is a new comment to approve and when the subject in the email header contains umlauts.
 2023-02-26 13:40:42 +01:00
azett
b60a51cf92 Little fixes in Italian language files by eagleman - thx! 2023-02-18 12:13:01 +01:00
Fraenkiman
67c5883d9b Update plugin.bbcode.php 2023-01-30 01:39:55 +01:00
Fraenkiman
91bc3e8f5a File and image selection Named in editor 
Gives a face to the file and image selection in the editor
 2023-01-30 01:39:55 +01:00
Fraenkiman
4890e9f13c Update lang.de-de.php 
Corrected the word "selection" in the german language file
 2023-01-30 01:39:55 +01:00
Fraenkiman
fba5adc876 Multilingual support for "Posted by" 
Closes Issue #143

Preview revised

That's funny. There is a template for the preview of static pages for 13 years, and was not used.
 2023-01-30 01:39:55 +01:00
Fraenkiman
b892a86f18 Update bbcode language files 
Translated note for external link
 2023-01-25 00:45:11 +01:00
azett
024508392b added #192 to changelog 2023-01-22 13:43:14 +01:00
azett
1886dcd258 fixed "duplicate ID attribute" (on multiple videos) and a few other bugs 2023-01-22 13:40:05 +01:00
Fraenkiman
f2fa860dea Update plugin.bbcode.php 
removes superfluous " from the Facebook embedded video
 2023-01-22 01:19:01 +01:00
Fraenkiman
66cfa73604 solves issue #192 
removes invalid HTML in BBCode plugin
 2023-01-22 01:14:40 +01:00
Arvid Zimmermann
36c7d87718
Merge pull request #191 from Fraenkiman/master 
Adopt the following changes for the Admincenter and BBCode
 2023-01-21 13:20:46 +01:00
azett
f735785d3c fixed PHP error in is_contact(); Code formatting 2023-01-21 13:04:52 +01:00
Fraenkiman
9a30cfe4a6 Update plugin.bbcode.php 
uses the extended privacy mode for youtube
 2023-01-14 18:45:11 +01:00
Fraenkiman
bb436ddc3b solves issue #145 
*SEO Metatag Info Plugin in the standard distribution*
- includes all languages FlatPress currently supports as standard (translation via Deepl).
- Content customized texts incl. placeholder as example.
- With own hook in entry- and statictemplate, because otherwise the tag plugin is also shown when creating static pages; which is not supposed to be
 2023-01-11 21:53:23 +01:00
Fraenkiman
8f57ddf03d Update toolbar.tpl 
The name attribute on the img element is obsolete. Use the id attribute instead.
 2022-12-30 04:50:53 +01:00
azett
88494f5526 check for correct admin referer on deletefile (see #64) 2022-12-29 15:01:49 +01:00
Fraenkiman
0928ae8a70 PrettyURLS plugin does not prevent directory browsing 
Preventing directory browsing via PrettyURLS plugin when .htaccess is deleted by the user. ...as an addition to #No. 174
 2022-12-26 02:36:47 +01:00
azett
5d5c7f6d8f fixes #179, preventing path traversal 2022-12-25 15:00:06 +01:00
azett
d3f3294965 fixes #177, possible XSS in Media Manager plugin 2022-12-25 14:32:08 +01:00
azett
e53acdeef3 fixed translation 2022-12-25 14:23:03 +01:00
Arvid Zimmermann
9912982a94
Merge pull request #169 from fabianosantosnet/master 
update some plugins to portuguese
 2022-12-16 19:43:17 +01:00
Fabiano Santos
a3067cf47f update some plugins to portuguese 2022-12-13 22:42:33 -03:00
azett
fd6818c559 AdminArea plugin: Localized phrase "Login" 2022-12-12 21:11:09 +01:00
Arvid Zimmermann
a354636fde
Merge pull request #167 from fabianosantosnet/master 
update some plugins to portuguese
 2022-12-12 19:49:02 +01:00
azett
9218d118c9 Editor toolbar back to working as intended. Fixes #168, thanks for reporting in this detailled manner! 2022-12-11 14:26:58 +01:00
azett
185a27d35d PHP functions used as modifier must be registered as modifier explicitly as of Smarty 4.3 - fixed. 2022-12-11 14:04:12 +01:00
Fabiano Santos
fc76d6639e update some plugins to portuguese 2022-12-04 21:34:41 -03:00
azett
bee5635ec6 Fixed PHP warning - thx laborix! 2022-11-13 13:16:45 +01:00
azett
d4ff88fe58 updated jQuery (3.6 to 3.6.1) and jQueryUI (1.13.1 to 1.13.2) 2022-11-01 13:58:13 +01:00
azett
432b352c26 fixed Italian language pack by Giacomo Margarito - grazie mille! :) 2022-11-01 13:39:20 +01:00
azett
5ad886b894 fixes #83: Class-named constructors in Akisment plugin; also: PHP warnings fixed 2022-10-11 21:11:30 +02:00
azett
ac571a5f69 fixed PHP warning on [url=][/url] 2022-10-11 15:39:05 +02:00
azett
42d72855a6 fixed endless loop in entry overview; fixed some PHP warnings; images dir is created if not existant on gallery creation 2022-10-11 14:16:49 +02:00
azett
c30d52b284 Merge branch 'master' of https://github.com/flatpressblog/flatpress into issue94_smartyupdate 
# resolved conflicts:
#	fp-includes/smarty/plugins/function.html_select_date.php
 2022-10-08 13:43:33 +02:00
azett
4d9b7a9b41 added German translation - thx @Fraenkiman! Closes #148 2022-10-02 15:04:40 +02:00
azett
cf8b518aa3 Calendar plugin has previous/next buttons, see #128 - but still does not highlight proper days in previous months :/ 2022-08-14 14:44:29 +02:00
azett
247d63eaaf Merge branch 'master' into issue94_smartyupdate 
# resolved conflicts:
#	fp-includes/smarty/internals/core.rm_auto.php
#	fp-includes/smarty/internals/core.rmdir.php
 2022-07-02 13:42:13 +02:00
azett
af1aa7759b Revert "Merge branch 'master' of https://github.com/flatpressblog/flatpress" 
This reverts commit e9ad11742876f9f78d743a28afd547ee7480c7f9, reversing
changes made to f30fc6204a6bc7643d7952b1df98a3aa7b462dea.
 2022-07-02 13:30:56 +02:00
azett
fa95af79fc fixes #126 2022-07-02 13:01:21 +02:00
azett
e9ad117428 Merge branch 'master' of https://github.com/flatpressblog/flatpress 2022-07-02 12:50:04 +02:00
azett
f30fc6204a fixes #129: captions not centered 2022-07-01 18:47:05 +02:00
azett
97fdec44ff Fixed gallery output, also fixes #127 2022-06-30 20:26:01 +02:00
azett
63b75fe5fc fixes #122 2022-06-29 20:54:29 +02:00
azett
6eaafee1fa Merge branch 'master' into responsiveadmin 
# resolved conflicts:
#	admin/panels/config/admin.config.tpl
#	admin/panels/entry/admin.entry.commentlist.tpl
#	fp-plugins/commentcenter/tpls/deletecomm.tpl
#	fp-plugins/commentcenter/tpls/editpol.tpl
 2022-06-27 19:24:18 +02:00
azett
1ac326f9cc Media Manager plugin: 50 items per pages, not 10 2022-06-24 21:43:31 +02:00
azett
c662bc3590 Call fs_is_directorycomponent() and fs_is_hidden_file() instead of checking manually. Also: Path traversal in Media Manager fixed. 2022-06-24 21:42:48 +02:00