81d01366cb
hotfix 2020.07-1 release and other work on the RC branch
2020-09-09 07:49:45 +02:00
Michael Vogel
b922d7ae28
Merge pull request #9169 from MrPetovan/bug/9163-double-location
...
Prevent double location display in vcard
2020-09-09 07:48:33 +02:00
89f75406fa
added Roger Meyer to the credits
2020-09-09 07:43:41 +02:00
b248470376
Show "retweet" icon
2020-09-09 05:35:04 +00:00
6ad75f5b41
Remove over-specific location fields from vcard in favor of "location"
2020-09-09 01:21:56 -04:00
206caaf51a
Reshared data now is a link
2020-09-09 04:49:42 +00:00
42dcd6646e
Issue 9135: Display only reshared posts at the top
2020-09-08 22:06:10 +00:00
fb7f7435c0
Merge branch 'bug/phpinfo-accessible-hotfix' into 2020.09-rc
...
# Conflicts:
# src/Module/Admin/DBSync.php
# src/Module/Admin/Logs/Settings.php
# src/Module/Admin/Themes/Details.php
# src/Module/Admin/Themes/Embed.php
2020-09-08 14:07:46 -04:00
ee8689cc89
Merge branch 'bug/phpinfo-accessible-hotfix' into develop
...
# Conflicts:
# src/Module/Admin/DBSync.php
# src/Module/Admin/Logs/Settings.php
# src/Module/Admin/Themes/Details.php
# src/Module/Admin/Themes/Embed.php
2020-09-08 14:06:14 -04:00
7679ff15d5
Version 2020.07-1
2020-09-08 20:01:12 +02:00
717121c1a6
update CREDITS and CHANGELOG for the 2020.07-1 hotfix release
2020-09-08 20:00:56 +02:00
fb721f8e30
Merge pull request #9166 from MrPetovan/bug/phpinfo-accessible-hotfix
...
[Hotfix] Fix security vulnerability in admin modules
2020-09-08 19:56:26 +02:00
3efa8648c5
Fix security vulnerability in admin modules
...
- The Module\BaseAdmin::post method checked credentials but didn't abort the process when it failed
- Created Module\BaseAdmin::checkAdminAccess method
2020-09-08 12:27:43 -04:00
9bc2c5a52e
Normalize use of form security tokens in Admin modules
...
# Conflicts:
# src/Module/Admin/Logs/Settings.php
2020-09-08 12:27:36 -04:00
2ce15cae1a
Use router parameters in Admin modules
...
- Remove 10 @TODO tags
# Conflicts:
# src/Module/Admin/DBSync.php
# src/Module/Admin/Themes/Details.php
# src/Module/Admin/Themes/Embed.php
2020-09-08 12:27:15 -04:00
d15f522752
Merge pull request #9143 from annando/api-count
...
API: Counts added, local query improved
2020-09-08 11:14:00 -04:00
Michael Vogel
8126947b90
Merge pull request #9160 from MrPetovan/bug/9138-escape-field-input
...
Add HTML escaping to field_input value
2020-09-08 04:00:36 +02:00
Michael Vogel
065ab017c7
Merge pull request #9161 from MrPetovan/bug/9140-private-note-self-only
...
Add a self-only ACL block to personal notes jot
2020-09-08 03:57:11 +02:00
Michael Vogel
9c5be32046
Merge pull request #9162 from MrPetovan/bug/8885-permissions-capitalization
...
[frio] Update capitalization of "Permissions" translation string
2020-09-08 03:50:58 +02:00
e45ccea0f2
Tabs instead of spaces
2020-09-08 01:45:59 +00:00
24f1bb4ea1
Class file renamed
2020-09-08 01:44:49 +00:00
Michael Vogel
2bb725fa30
Apply suggestions from code review
...
Co-authored-by: Hypolite Petovan <hypolite@mrpetovan.com>
2020-09-08 03:39:51 +02:00
6251feface
Regenerate base messages.po after translation string change
2020-09-07 21:25:26 -04:00
f1e36eac7d
Update capitalization of "Permissions" translation string
2020-09-07 21:25:04 -04:00
ef01fb7b21
Merge pull request #9159 from mpanhans/patch-1
...
Update Forums.md
2020-09-07 19:35:56 -04:00
mpanhans
f8e8c23c0c
Update Forums.md
2020-09-07 19:32:15 -04:00
5730da264b
Add a self-only ACL block to personal notes jot
2020-09-07 19:27:51 -04:00
5f5b97dad6
Create self-only ACL template and helper method
2020-09-07 19:27:32 -04:00
c4267bbca0
Remove unused jot.tpl template variables
2020-09-07 19:27:23 -04:00
aa7eb75e62
Add HTML escaping to field_input value
...
- Quotes weren't rendering in pre-populated fields
2020-09-07 18:53:04 -04:00
mpanhans
5eb2e3edfb
Update Forums.md
...
Update Forums help documentation to include the implemented front-end for page delegation.
2020-09-07 16:56:58 -04:00
59374eb6c6
Use "StatusCounts" class
2020-09-07 18:24:11 +00:00
0f2bd07b28
ypot
2020-09-07 19:18:31 +02:00
046ae6e978
some small additions and clarifications
2020-09-07 18:25:56 +02:00
dcac7f0a78
Merge pull request #9157 from tobiasd/20200907-9155lighttpd
...
lighttpd follow up of #9155
2020-09-07 11:55:19 -04:00
Michael Vogel
169a83b30e
Merge pull request #9158 from tobiasd/20200907-IT
...
IT translations THX Sylke Vicious
2020-09-07 16:57:21 +02:00
1bca280eae
StdClass instead of arrays
2020-09-07 14:34:05 +00:00
07ccfb212b
Merge remote-tracking branch 'upstream/2020.09-rc' into api-count
2020-09-07 14:29:02 +00:00
1c5a0fc308
IT translations THX Sylke Vicious
2020-09-07 16:26:03 +02:00
3df8439b98
lighttpd follow up of #9155
2020-09-07 14:37:24 +02:00
2f168d17f4
Merge pull request #9155 from MrPetovan/bug/9154-forbid-bin
...
Forbid non-CLI access to command-line scripts
2020-09-07 13:01:10 +02:00
6728b518ab
Merge pull request #9156 from annando/issue-9153
...
Issue 9153 Use "info" instead of "notice" on successful operations
2020-09-07 12:57:10 +02:00
f56e765158
Issue 9153 Use "info" instead of "notice" on successful operations
2020-09-07 10:17:42 +00:00
ae045eff41
Update nginx sample config with location deny for bin/ folder
2020-09-07 05:51:58 -04:00
06632536f3
Forbid non-CLI access to command-line scripts
2020-09-07 05:51:26 -04:00
3bd8b81154
Prevents Apache from serving CLI scripts
2020-09-07 05:43:20 -04:00
b530ef709d
Merge pull request #9147 from annando/Issue-8882
...
Issue 8882: Fixes permissions of pinned posts
2020-09-07 03:14:25 -04:00
f997b36085
Merge pull request #9152 from annando/fix-notifications
...
Fix notifications for wrong users
2020-09-07 07:19:10 +02:00
90315e3434
Don't perform actions on empty conditions
2020-09-07 05:00:17 +00:00
2a0635185a
Fix notifications for wrong users
2020-09-07 04:36:28 +00:00