Beanz/flatpress
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
638 Commits 1 Branch 0 Tags
Commit Graph

190 Commits

Author SHA1 Message Date
azett
e40b4d944b Added branch name to system version 2022-06-28 20:44:38 +02:00
azett
104096f4f4 Call fs_is_directorycomponent() and fs_is_hidden_file() instead of checking manually 2022-06-24 21:50:57 +02:00
azett
ed8f9e1293 fixes #118: Captions file was shown in Media Manager 2022-06-24 21:47:51 +02:00
azett
c662bc3590 Call fs_is_directorycomponent() and fs_is_hidden_file() instead of checking manually. Also: Path traversal in Media Manager fixed. 2022-06-24 21:42:48 +02:00
azett
28b7066d82 added fs_is_directorycomponent() and fs_is_hidden_file() 2022-06-24 21:03:19 +02:00
azett
92475a3dd6 Fixed #95: Error at prev link on first / next link on last entry. 2022-06-18 11:45:01 +02:00
azett
db658fac39 Added gallery_fetch_galleries() function 2022-06-16 12:47:03 +02:00
azett
1eb93121d5 added gallery functions 2022-06-16 12:32:12 +02:00
azett
562844d4b8 Version push 2021-11-01 14:21:25 +01:00
azett
e2a6bf1a8a Fixed security issue reported by huntr.dev: Session cookie missed the "secure" flag. Thanks for reporting! 2021-10-23 20:25:09 +02:00
azett
14d503dfa9 version bump 2021-06-19 13:57:30 +02:00
azett
9ce0674b57 Let's release version 1.2 "Legato"! \o/ 
Bumped system version to 1.2, edited changelog accordingly.
 2021-03-20 12:21:05 +01:00
azett
e98ee2a6b6 Version bump to 1.2.beta2 2021-02-28 12:15:38 +01:00
azett
27c3e825b3 Fixed Heredoc strings. Turns out, Heredoc syntax - https://www.php.net/manual/en/language.types.string.php#language.types.string.syntax.heredoc - only works with closing tags being the first characters of a line. Eclipse's reformatting and indention of the code does not seem to know that^^ 
Fix: Changed Heredoc strings to "normal" strings.
 2021-02-13 13:47:18 +01:00
azett
7e8ddb88b8 Fixed more template errors in order to get everything running with PHP 8.0. 
Also: Fixed some tiny PHP errors.
Thanks for reporting, Matthias!
 2021-02-13 13:03:09 +01:00
azett
89c0d93543 version bump to "1.2.beta1" 2021-02-07 12:21:53 +01:00
azett
c539c2bb7e Fixed more template errors in order to get everything running with PHP 8.0. 
Also: Removed some unneeded code.
 2021-01-01 13:25:03 +01:00
azett
83e1644c0f Restored some changes from the last commit. Turns out, the HASHSALT_FILE is still used elsewhere ó_Ò 2020-12-19 19:25:52 +01:00
azett
f265b22b0b Fix for #59: Updated password hash algorithm from md5 to bcrypt (via password_hash() function). Thanks a lot, @axelhahn! 
In detail: Added function io_delete_file(). Removed system_hashsalt_save(). Added password hash update mechanics to user_login().
 2020-12-19 14:02:27 +01:00
azett
5a0b7541e7 Getting FlatPress ready for PHP 8: Added a lot of missing checks for undefined variables and array keys in template and PHP files. 2020-12-19 12:52:53 +01:00
barryhughes
27214a5997 Migrate from create_func to native anon func | #67 2020-09-11 11:34:39 -07:00
azett
c1e368b222 Uploader checks for forbidden files more carefully. And: #56 fixed. Thanks again, Matthias! 2020-09-06 12:22:55 +02:00
azett
04900d4154 Optional parameter bug fixed. Deprecated curly braces syntax fixed. Thanks for reporting both, Matthias :) 2020-09-06 11:12:22 +02:00
azett
2139287c05 Fix for #62: Comments weren't sanitized properly. Thanks, @Illevyard! 2020-04-17 12:53:32 +02:00
azett
622a0d80b9 Fixed "syntax error, unexpected '['" bug under PHP 5.3, reported here: https://forum.flatpress.org/viewtopic.php?f=2&t=131 2020-04-15 14:46:55 +02:00
azett
50c11928f6 Fixed "syntax error, unexpected '['" bug under PHP 5.3, reported here: https://forum.flatpress.org/viewtopic.php?f=2&t=131 2020-04-15 14:43:54 +02:00
azett
8a72fcc54a Inremented version number 2019-12-26 18:57:51 +01:00
azett
23c4c33ee1 Overhauled v0.812.2 fix for local file inclusion vulnerability. For details, see http://www.guanting.com/security/exploit/information/27269.html . 2019-12-25 19:39:07 +01:00
azett
b6f32d1f4f Curly brace syntax for accessing array elements and string offsets will be deprecated as of PHP 7.4 - changed to square brackets. See also https://wiki.php.net/rfc/deprecate_curly_braces_array_access 2019-11-18 16:56:57 +01:00
azett
06482d9292 fixed some URLs here and there 2019-02-16 17:21:16 +01:00
azett
1ec8be2cfe utils_geturl() follows redirects (fixes issue #36) 2019-02-13 17:06:56 +01:00
azett
fea8b3b810 Lightbox Plugin: Updated Slimbox from 2.04 to 2.05, thus fixing the display of the overlay; 
set FP system version to "1.1"
 2019-02-02 13:35:43 +01:00
azett
9d45056f97 Bugfixes: Correct email validation in comments.php (see #c4ce531); Fixed brackets in core.wp-formatting.php (thanks Lubomir!) 2019-01-11 09:00:11 +01:00
azett
9c0dea07a3 Changed system version to "1.1 RC1" 2019-01-04 17:05:56 +01:00
azett
9f610ddac3 Bugfix: sanitize_title_with_dashes() handles characters > chr(128) correctly 
-> fixes https://github.com/flatpressblog/flatpress/pull/11 by @moortaube in a general way
 2018-12-31 12:04:25 +01:00
azett
1cccf186c9 update release version to "1.1"; renamed changelog and license file, removed unneccessary files 2018-12-30 22:48:19 +01:00
azett
d6843fa2b8 set version number to 1.0.3.php7 2018-10-23 19:07:36 +02:00
azett
eead674de1 Bugfix in utils_array_kshift(): Didn't return NULL properly when array parameter is given empty or not an array 2018-10-23 13:22:43 +02:00
azett
61ec0d9f4d fixed some more each() calls; 
core.utils.php: added new function utils_array_kshift();
code formatting changed slightly
 2018-10-23 12:24:43 +02:00
azett
d8de4bfb02 Replaced some more class-named constructors (and calls to them). 
Removed unused and/or commented code.
Replaced calls to deprecated each() with array_shift() (not completely done yet, still some more to fix!).
Replaced call to deprecated create_function() with real callback function.
 2018-10-03 13:53:40 +02:00
azett
6b8a4776df Included Matthias Mauch's PHP7.1 patch. Besides other changes regarding PHP7 compatibility, it replaces all the class-named constructors with __construct(). Thanks a lot, Matthias! 
Please visit his website http://www.aadmm.org/fp-patch/ and read patch-description.txt to learn more about the details of the patch.

I adapted the patch slighty: It now does not just add a __construct() function to the existing class-named one, instead it replaces it completely. Therefore, some parent::__construct() calls had to be changed, too.
 2018-10-03 11:00:55 +02:00
Edoardo Vacchi
d4ad93a661 Version bump 2015-06-12 09:31:03 +02:00
Edoardo Vacchi
109664842b remove debug statement 2013-12-09 23:43:49 +01:00
Edoardo Vacchi
5e917bf209 should finally fix static validation issues 2013-12-09 16:50:09 +01:00
Edoardo Vacchi
32a3cb1021 fix unfortunate use of '/' as a regex delimiter in preg_match 2013-12-04 20:28:15 +01:00
Edoardo Vacchi
03be9f288c 1.0.2 version bump 2013-11-28 20:45:54 +01:00
Edoardo Vacchi
a3b54b0d3d Merge branch 'master' of github.com:evacchi/flatpress 2013-11-27 18:13:04 +01:00
Edoardo Vacchi
b79b554440 set date timezone to UTC by default 2013-11-27 18:08:43 +01:00
Edoardo Vacchi
b4368f0774 Update core.static.php 2013-11-27 11:55:31 +01:00
Edoardo Vacchi
5b99bfef25 preg_match missing argument 2013-11-26 23:20:26 +01:00