Beanz/flatpress
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
864 Commits 1 Branch 0 Tags
Commit Graph

864 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
azett
c19e64593e added #209 fix 2023-03-05 13:30:49 +01:00
Arvid Zimmermann
40b8f414b5
Merge pull request #210 from Fraenkiman/upstream/issue209 
for non-ASCII characters in the e-mail header
 2023-03-05 13:27:56 +01:00
azett
a33a4c0dc0 fixed issue number 2023-03-05 13:24:56 +01:00
azett
e1dffe67f0 added PR212 fix 2023-03-05 13:23:46 +01:00
Arvid Zimmermann
b9c59fa775
Merge pull request #212 from Fraenkiman/upstream/issue211 
Update plugin.commentcenter.php
 2023-03-05 13:16:49 +01:00
azett
cf7bba513d added FlatPress Protect plugin 2023-03-05 13:12:45 +01:00
Arvid Zimmermann
b3d87c33da
Merge pull request #215 from Fraenkiman/upstream/issue146 
Hardens FlatPress via HTTP response header
 2023-03-05 13:04:43 +01:00
Fraenkiman
9837c76692 Hardens FlatPress via HTTP response header 
Fixes #146

Can be optionally activated by the FlatPress admin

 * Content Security Policy is an effective measure to protect your site from XSS attacks. By whitelisting sources for approved content, you can prevent the browser from loading malicious content.
 * Permissions Policy is a new header that allows a site to control which features and APIs can be used in the browser.
 * HTTP Strict Transport Security is an excellent feature to support on your site and strengthens your implementation of TLS by getting the User Agent to enforce the use of HTTPS.
 * The X-Download-Options response header instructs the browser not to open the file directly but to offer it for download first. This mitigates some potential Social Engineering attacks.
 * HTTP Strict Transport Security (HSTS for short) is a security mechanism for HTTPS connections that protects against both connection encryption downgrade attack and session hijacking.
 * The referrer policy directive determines whether, and if so which, referrer information for requests triggered by the current web page is sent by the web browser in HTTP requests.
 2023-03-01 00:59:25 +01:00
Fraenkiman
296470bd7b Update comments.php 
little correction
 2023-02-27 23:03:59 +01:00
Fraenkiman
91cbfeeaeb Update plugin.commentcenter.php 
little correction
 2023-02-27 23:01:17 +01:00
Fraenkiman
e785ea184e Update plugin.commentcenter.php 
Fixes #211
An email notification is now sent when there is a new comment to approve and when the subject in the email header contains umlauts.
 2023-02-26 13:40:42 +01:00
Fraenkiman
3ad8a38183 Spaces inserted 
Spaces inserted so that they can be encrypted in the e-mail header
 2023-02-26 05:01:59 +01:00
Fraenkiman
8f28e293e6 Update comments.php 
Splits the encrypted subject. The encrypted subject should not be longer than 76 characters.
 2023-02-26 04:36:34 +01:00
Fraenkiman
c1dae9205f for non-ASCII characters in the e-mail header 
fixes #209
Email notification is now sent when a new comment has been left and when the subject in the email header contains umlauts.
 2023-02-25 19:50:22 +01:00
azett
b60a51cf92 Little fixes in Italian language files by eagleman - thx! 2023-02-18 12:13:01 +01:00
Arvid Zimmermann
9b155efe70
Update CHANGELOG.md 
added i18n changes from PR196
 2023-02-04 13:39:44 +01:00
azett
c18fe258af Typos 2023-02-04 13:38:25 +01:00
Arvid Zimmermann
7e1b8825c2
Merge pull request #196 from Fraenkiman/master 
Please insert the following changes
 2023-02-04 13:33:33 +01:00
Fraenkiman
67c5883d9b Update plugin.bbcode.php 2023-01-30 01:39:55 +01:00
Fraenkiman
91bc3e8f5a File and image selection Named in editor 
Gives a face to the file and image selection in the editor
 2023-01-30 01:39:55 +01:00
Fraenkiman
4890e9f13c Update lang.de-de.php 
Corrected the word "selection" in the german language file
 2023-01-30 01:39:55 +01:00
Fraenkiman
fba5adc876 Multilingual support for "Posted by" 
Closes Issue #143

Preview revised

That's funny. There is a template for the preview of static pages for 13 years, and was not used.
 2023-01-30 01:39:55 +01:00
Fraenkiman
b892a86f18 Update bbcode language files 
Translated note for external link
 2023-01-25 00:45:11 +01:00
azett
024508392b added #192 to changelog 2023-01-22 13:43:14 +01:00
azett
1886dcd258 fixed "duplicate ID attribute" (on multiple videos) and a few other bugs 2023-01-22 13:40:05 +01:00
Arvid Zimmermann
c040148ad2
Merge pull request #193 from Fraenkiman/upstream/issue192 
this change resolves issue #192
 2023-01-22 12:51:27 +01:00
azett
9a3ed8d643 PHP functions used as modifier must be registered as modifier explicitly as of Smarty 4.3 - fixed. 2023-01-22 12:39:17 +01:00
Fraenkiman
f2fa860dea Update plugin.bbcode.php 
removes superfluous " from the Facebook embedded video
 2023-01-22 01:19:01 +01:00
Fraenkiman
66cfa73604 solves issue #192 
removes invalid HTML in BBCode plugin
 2023-01-22 01:14:40 +01:00
azett
c53b92cd1b code formatting 2023-01-21 13:23:22 +01:00
Arvid Zimmermann
36c7d87718
Merge pull request #191 from Fraenkiman/master 
Adopt the following changes for the Admincenter and BBCode
 2023-01-21 13:20:46 +01:00
azett
b910fab69a Added SEO Metatag Info plugin; more props to @Fraenkiman 2023-01-21 13:09:28 +01:00
azett
f735785d3c fixed PHP error in is_contact(); Code formatting 2023-01-21 13:04:52 +01:00
Arvid Zimmermann
d5d14f87a3
Merge pull request #190 from Fraenkiman/upstream/issue145 
Solves issue #145. Nice one, thanks!
 2023-01-21 12:31:51 +01:00
Fraenkiman
9a30cfe4a6 Update plugin.bbcode.php 
uses the extended privacy mode for youtube
 2023-01-14 18:45:11 +01:00
Fraenkiman
47aa4cb37d Insert translation for Home, Logout in Admincenter 
all FP standard languages

Comma missing

comma added
 2023-01-14 02:53:49 +01:00
Fraenkiman
bb436ddc3b solves issue #145 
*SEO Metatag Info Plugin in the standard distribution*
- includes all languages FlatPress currently supports as standard (translation via Deepl).
- Content customized texts incl. placeholder as example.
- With own hook in entry- and statictemplate, because otherwise the tag plugin is also shown when creating static pages; which is not supposed to be
 2023-01-11 21:53:23 +01:00
Fraenkiman
9d5053326a Update admin.css 
Prevents collision of input fields with fieldsets in admincenter (Leggero v2)
 2023-01-11 01:45:25 +01:00
Arvid Zimmermann
24595d595a
Merge pull request #185 from Fraenkiman/master 
Please add the following changes
 2023-01-08 13:40:41 +01:00
azett
7644f78d8b added #188 2023-01-08 13:26:52 +01:00
azett
f6394eac7a fixes #188 2023-01-08 13:24:41 +01:00
azett
77600b6d1c added #186, #187 2023-01-08 13:14:09 +01:00
azett
7967cd9df9 added #186, #187 2023-01-08 13:12:47 +01:00
azett
0ee4f2e8a7 fixes #87, possible XSS in config panel 2023-01-08 13:11:22 +01:00
azett
264217f318 Fixes #186, possible XSS in comments 2023-01-08 13:04:12 +01:00
Fraenkiman
180366f88d
Merge branch 'flatpressblog:master' into master 2023-01-01 02:58:50 +01:00
Arvid Zimmermann
8c79821e9e
Update CHANGELOG.md 2022-12-30 12:56:23 +01:00
azett
37597afee8 check for correct admin referer on enable/disable plugin (see #64) 2022-12-30 12:52:03 +01:00
azett
516bdc173a check for correct admin referer on delete entry (see #64) 2022-12-30 12:46:35 +01:00
Fraenkiman
8f57ddf03d Update toolbar.tpl 
The name attribute on the img element is obsolete. Use the id attribute instead.
 2022-12-30 04:50:53 +01:00