Commit Graph

27541 Commits

Author SHA1 Message Date
Tobias Diekershoff fb721f8e30
Merge pull request #9166 from MrPetovan/bug/phpinfo-accessible-hotfix
[Hotfix] Fix security vulnerability in admin modules
2020-09-08 19:56:26 +02:00
Hypolite Petovan 3efa8648c5 Fix security vulnerability in admin modules
- The Module\BaseAdmin::post method checked credentials but didn't abort the process when it failed
- Created Module\BaseAdmin::checkAdminAccess method
2020-09-08 12:27:43 -04:00
Hypolite Petovan 9bc2c5a52e Normalize use of form security tokens in Admin modules
# Conflicts:
#	src/Module/Admin/Logs/Settings.php
2020-09-08 12:27:36 -04:00
Hypolite Petovan 2ce15cae1a Use router parameters in Admin modules
- Remove 10 @TODO tags

# Conflicts:
#	src/Module/Admin/DBSync.php
#	src/Module/Admin/Themes/Details.php
#	src/Module/Admin/Themes/Embed.php
2020-09-08 12:27:15 -04:00
Hypolite Petovan d26d64421d
Merge pull request #9034 from tobiasd/20200819-lng
DE translation update THX Gerhard Hallstein
2020-08-19 11:13:39 -04:00
Tobias Diekershoff 760e3791a0 DE translation update THX Gerhard Hallstein 2020-08-19 16:02:33 +02:00
Tobias Diekershoff 98eb53c20f Version 2020.07 2020-07-12 20:48:26 +02:00
Tobias Diekershoff dc42dbb68a Merge branch '2020.06-rc' into stable 2020-07-12 20:46:59 +02:00
Tobias Diekershoff 390f6be42e
Merge pull request #8819 from tobiasd/2020.06-CHANGELOG
2020.06 CHANGELOG
2020-07-12 20:46:07 +02:00
Tobias Diekershoff 03eae812d2 an issue closed 2020-07-12 17:27:38 +02:00
Hypolite Petovan 5fefe7e96f
Merge pull request #8867 from annando/issue-8866
Issue 8866: Fix fetching feed links with missing base
2020-07-12 09:25:15 -04:00
Michael 81928727f2 Issue 8866: Fix fetching feed links with missing base 2020-07-12 12:45:34 +00:00
Tobias Diekershoff d8c669c5be enhanced blockbot list and a potential release date 2020-07-12 12:28:06 +02:00
Tobias Diekershoff 66da9976dc
Merge pull request #8812 from tobiasd/2020.06-credits
credits for the 2020.06 release
2020-07-12 10:31:56 +02:00
Tobias Diekershoff cd68341de7 updated closed issue numbers 2020-07-12 10:18:41 +02:00
Hypolite Petovan 09bb0dff42
Merge pull request #8865 from annando/valid-feed
Feeds now validate
2020-07-11 17:33:16 -04:00
Michael 0100e0df84 Some more invalid feed elements 2020-07-11 19:11:35 +00:00
Michael e5a336ff77 Merge remote-tracking branch 'upstream/2020.06-rc' into valid-feed 2020-07-11 18:57:17 +00:00
Michael b107a4984e Make feeds validate 2020-07-11 18:54:08 +00:00
Hypolite Petovan 090fa78057
Merge pull request #8862 from annando/issue-8860
Issue 8860: Activities weren't fetchable all the time
2020-07-11 14:14:03 -04:00
Hypolite Petovan db7736c566
Merge pull request #8864 from annando/feed-date
Don't check the date on regular feeds
2020-07-11 14:13:37 -04:00
Michael Vogel 7f515cdaa4
Merge pull request #8863 from MrPetovan/bug/notices
Address various notices still
2020-07-11 18:47:48 +02:00
Michael fb18325b6b Don't check the date on regular feeds 2020-07-11 16:29:18 +00:00
Hypolite Petovan e91daf8f46 Add logging for unexpected Search::searchGlobalContact return in Module\Search\Acl 2020-07-11 09:19:22 -04:00
Hypolite Petovan 2af20ea17a Fix wrong condition in Diaspora\Fetch 2020-07-11 09:18:42 -04:00
Hypolite Petovan 32a8f5003f Add provision for result containing only connector profiles in Contact::getDetailsByURL 2020-07-11 09:18:18 -04:00
Hypolite Petovan b4eea625b6 Add another check for $a->user in Content\Nav
- Fix punctuation typo in logging call
2020-07-11 09:17:23 -04:00
Hypolite Petovan 01911d9fc6 Add default value for potentially missing keyhash property in mod/salmon 2020-07-11 09:16:05 -04:00
Michael 63dc6950d4 Issue 8860: Activities weren't fetchable all the time 2020-07-11 07:15:54 +00:00
Hypolite Petovan 52b2f67644
Merge pull request #8861 from annando/fix-empty-network
Fix message "empty network" in gcontact::getid
2020-07-10 16:08:43 -04:00
Michael 84d8753d5f Remove the locking to improve performance 2020-07-10 19:50:16 +00:00
Michael 87f054a642 Fix message "empty network" in gcontact::getid 2020-07-10 19:49:11 +00:00
Hypolite Petovan 42a3f278f8
Merge pull request #8858 from annando/issue-8857
Issue 8857: Fix follow accept answers
2020-07-10 08:02:20 -04:00
Hypolite Petovan ca6c95f92d
Merge pull request #8859 from annando/fix-callstack
Fix unneeded database functions in the callstack
2020-07-10 08:01:06 -04:00
Michael fcb37449f3 Fix unneeded database functions in the callstack 2020-07-10 07:01:28 +00:00
Michael c656aea152 Issue 8857: Fix follow accept answers 2020-07-10 05:30:12 +00:00
Hypolite Petovan e5269c5696
Merge pull request #8856 from annando/db-speed
Fix speed issues with the network page
2020-07-09 18:48:15 -04:00
Michael Vogel af6f6d4957 Fix speed issues with the network page 2020-07-10 00:22:26 +02:00
Michael Vogel ced0effa2a
Merge pull request #8854 from MrPetovan/bug/notices
Address various notices again
2020-07-09 21:45:27 +02:00
Hypolite Petovan 56b652eaeb
Merge pull request #8855 from annando/diaspora-plink
Fix the plink for reshared Diaspora posts
2020-07-09 15:32:50 -04:00
Michael 1f88bb8beb Fix the plink for reshared Diaspora posts 2020-07-09 19:19:18 +00:00
Hypolite Petovan cb03418937 Add checks for $a->user existence
- Variable can be empty/null in many cases
2020-07-09 15:09:07 -04:00
Hypolite Petovan ad66a92deb Add check for $a->profile structure in Module\HoverCard 2020-07-09 15:09:07 -04:00
Hypolite Petovan 2db04b0c34 Add check for parent item existence in Model\UserItem::setNotificationForUser 2020-07-09 15:09:07 -04:00
Hypolite Petovan d9b8a1fccd Add missing $a->profile initialization in mod/cal 2020-07-09 15:09:07 -04:00
Hypolite Petovan 04c95a5045 Move logged in logging where it makes sense in include/api 2020-07-09 15:09:07 -04:00
Hypolite Petovan 5ce13b210e Add check for exif data existence in mod/photos 2020-07-09 15:03:14 -04:00
Hypolite Petovan e683bd60ae
Merge pull request #8853 from annando/issue-8836
Issue 8836: Point the event to the local post
2020-07-08 18:41:41 -04:00
Michael Vogel 747eac2538
Merge pull request #8852 from MrPetovan/bug/notices
Address various notices
2020-07-08 22:51:13 +02:00
Michael 966738ecc6 Use the "orig_title" 2020-07-08 20:47:05 +00:00