Beanz/flatpress
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,250 Commits 1 Branch 0 Tags
Commit Graph

6 Commits

Author SHA1 Message Date
azett
88494f5526 check for correct admin referer on deletefile (see #64) 2022-12-29 15:01:49 +01:00
azett
5d5c7f6d8f fixes #179, preventing path traversal 2022-12-25 15:00:06 +01:00
azett
d3f3294965 fixes #177, possible XSS in Media Manager plugin 2022-12-25 14:32:08 +01:00
azett
42d72855a6 fixed endless loop in entry overview; fixed some PHP warnings; images dir is created if not existant on gallery creation 2022-10-11 14:16:49 +02:00
azett
c662bc3590 Call fs_is_directorycomponent() and fs_is_hidden_file() instead of checking manually. Also: Path traversal in Media Manager fixed. 2022-06-24 21:42:48 +02:00
azett
6b8a4776df Included Matthias Mauch's PHP7.1 patch. Besides other changes regarding PHP7 compatibility, it replaces all the class-named constructors with __construct(). Thanks a lot, Matthias! 
Please visit his website http://www.aadmm.org/fp-patch/ and read patch-description.txt to learn more about the details of the patch.

I adapted the patch slighty: It now does not just add a __construct() function to the existing class-named one, instead it replaces it completely. Therefore, some parent::__construct() calls had to be changed, too.
 2018-10-03 11:00:55 +02:00