t_a/cavepaintingsFork
1
Fork 0
forked from Cavemanon/cavepaintings
Code Issues Pull Requests Packages Projects Releases Wiki Activity
4,129 Commits 1 Branch 0 Tags
c75e7060e697a97d0d815a10c1e6aee09adcbc24
Commit Graph

1021 Commits

Author SHA1 Message Date
jgen
17307820e8 Add some PHPdoc comments as suggested by Scrutinizier 2017-03-08 23:02:26 -08:00
im-mi
c1083bbea1 Fixed comment-delete code-injection vulnerability 2016-09-14 17:42:32 -04:00
Shish
bcef3fbc8f have tag sanitisation process ignore tags which are too long, fixes #565 2016-08-29 09:21:23 +01:00
im-mi
36b66f4c23 html_escape data-tags for tags that contain single quotes 2016-08-29 00:26:55 -04:00
Shish
7be951b271 Convert tags from user-supplied string to array once, on input 
This results in a fuckton of refactoring and code cancelling out
other code -- we no longer have a whole bunch of places trying
to support string params and array params, and doing their own
esaping and unescaping, never being quite sure if the data they've
been passed is escaped or not.

Also adds a bunch of type hinting, since we can now know what
data we're dealing with better.
 2016-07-30 22:11:49 +01:00
Shish
b533a43428 Merge branch 'develop' of https://github.com/shish/shimmie2 into develop 2016-07-11 13:01:05 +01:00
Shish
c14a36079c add option to force a specific base url 2016-07-11 13:00:54 +01:00
Shish
b6ad316d20 linting 2016-07-03 12:07:54 +01:00
Shish
cb73a0caa0 let's stop being php5.2 compatible 2016-06-19 23:23:34 +01:00
Shish
6febdec7b5 more explicit variable types 2016-06-19 23:05:57 +01:00
Shish
dc10a18086 lots of minor doc tweaks, type hints, etc 2016-06-19 17:41:40 +01:00
Shish
d185fd354b fix wildcard search for mysql 2016-06-19 12:14:44 +01:00
Shish
e0d3d53479 stub mb_ functions 2016-06-19 12:12:48 +01:00
Shish
4577ff70ef more linty bits 2016-06-18 19:26:56 +01:00
Shish
cfd3a9d248 lint fixes 2016-06-18 19:00:56 +01:00
Shish
0ff6da6d3c Merge #555 2016-06-18 15:16:47 +01:00
Shish
b76ee95c76 fix and use get_all_html_headers() 2016-06-18 12:25:54 +01:00
Daku
861862a3e1 password compat lib is now autoloaded with composer 2016-06-18 06:28:48 +01:00
Daku
543600dc0e make sure main css/js files are always loaded after libs 2016-06-18 06:28:31 +01:00
Daku
dd105e174e images aren't always jpg, so don't force jpg 
all the handle_* exts use this as well, which can cause issues
 2016-06-18 06:20:46 +01:00
Daku
2070034d0d move securimage to composer + update lib 2016-06-18 06:20:43 +01:00
Daku
d5a58916f7 get recaptcha lib with composer + fixes #498 2016-06-18 06:17:07 +01:00
Daku
895df8c22b load flexihash via composer 2016-06-18 06:16:28 +01:00
Daku
36264d3f6e stop caching css/js from disabled exts 2016-06-18 06:16:10 +01:00
Daku
e740d03101 generate seperate css/js cache files for libs & core files 2016-06-18 06:16:08 +01:00
Shish
bfa1dc20c0 fix mysql 2016-06-07 01:50:56 +01:00
Shish
8e8a3da790 support single wildcard 2016-06-07 01:39:23 +01:00
Shish
dc83d4ace7 lots of deduping for searching 2016-06-07 01:34:38 +01:00
Shish
7f2609f727 dedupe searching a bit 2016-06-07 00:19:41 +01:00
Shish
525fd20540 Merge pull request #548 from DakuTree/fix-wildcards 
Fix wildcard tag bugs
 2016-06-06 23:18:51 +01:00
Shish
43eed32958 Merge pull request #551 from shish/contact-link 
Have contact_link support http: and mailto:
 2016-06-06 12:37:27 +01:00
Shish
aeeaabb22e allow both http: and mailto: contact links 2016-06-06 12:12:25 +01:00
Daku
61acb24875 fixes #547 -> multi-tag searches not working with wildcard when wildcard matches more than 1 tag 
is there a better way to do this?
 2016-05-22 18:35:37 +01:00
Daku
3b171ffc5a fix single tag wildcard searches returning duplicate results if image has more than one match 2016-05-22 17:58:09 +01:00
Daku
44876a58d9 we should be using bool_escape instead... 2016-05-22 16:17:31 +01:00
Daku
32dbdccd00 has_children uses Y/N, not TRUE/FALSE 2016-05-10 21:15:50 +01:00
Daku
6d1c7c414b mysql < 5.6 has terrible subquery optimization, using EXISTS / JOIN fixes this 2015-12-04 11:38:44 +00:00
Shish
ac9dc1b8d8 Merge pull request #523 from DakuTree/patch-tagevent 
Move tag sanitization, alias resolving & tag parsing from set_tags > TagSetEvent
 2015-10-26 19:22:08 +00:00
Shish
28e1cb30ea Merge pull request #528 from CrandellWS/develop 
merge start of material theme
 2015-10-26 13:49:56 +00:00
William Crandell
b7114a142e Hotfix for better block id character filtering 2015-10-26 09:20:09 -04:00
Shish
b9f6b44301 bump 2015-10-26 12:14:36 +00:00
Shish
7b0933ea54 merge develop, fix conflicts, bump 2015-10-26 12:13:17 +00:00
Shish
f8cb2e96e4 only check min < val < max if min and max are defined 2015-10-19 07:19:53 +01:00
Shish
4971fa9337 empty bool = false 2015-10-19 07:11:41 +01:00
Shish
e9a1bebe76 how did this ever not break everything? x_x 2015-10-19 06:58:47 +01:00
Daku
600011219f update docs 2015-10-08 19:25:38 +01:00
Daku
43d0a297b8 move metatag parsing to after set_tags is sent, rather than before 2015-10-08 18:58:52 +01:00
Daku
b11041898b Tag::explode instead of explode 
this fixes the off chance that an empty tag could be passed
 2015-10-08 18:28:00 +01:00
Daku
744989a983 Tag::explode should now remove duplicate tags 2015-10-08 18:25:03 +01:00
Daku
6ff80ab2c8 move tag sanitization, alias checking & tag parsing to TagSetEvent 2015-10-08 18:22:20 +01:00