35fc7328de
even more fine tuning of the markdown purifier - especially when used with the wiki
2017-03-20 19:41:03 -07:00
be10bf2ceb
Merge branch 'dev' of https://github.com/redmatrix/hubzilla into dev_merge
2017-03-19 15:44:59 -07:00
d2c971eda9
fix php warning and remove logging
2017-03-19 13:33:02 +01:00
b0b96daec0
Merge branch 'dev' into merge
2017-03-18 17:00:09 -07:00
8764cdf16a
Merge branch 'dev' of https://github.com/redmatrix/hubzilla into dev_merge
2017-03-18 16:56:37 -07:00
4afeefb5ce
various input filter fixes
2017-03-18 16:41:43 -07:00
cbd401c3e8
Missed one old Markdown()
2017-03-18 14:15:02 +01:00
d903758940
remove include/widgets.php
2017-03-16 18:36:58 -07:00
2dce86d38e
Merge branch 'dev' of https://github.com/redmatrix/hubzilla into dev_merge
2017-03-15 15:55:33 -07:00
62c921815f
better handling of mimetype security
2017-03-15 12:39:34 +01:00
6078d02c3a
more work related to attach/photo and os_path, display_path and general code cleanup
2017-03-15 01:20:21 -07:00
2c73b457ef
input filter updates
2017-03-14 17:07:29 -07:00
58aa0f3e1a
code_allowed is a real mess. Start the cleanup by remving the account level code allow and limiting to specific channels only. This reduces the possibility of cross channel security issues coming into play. Then provide a single function for checking the code permission. This is only partially done as we often need to check against the observer or logged in channel as well as the resource owner to ensure that this only returns true for local channels which also own the requested resource.
2017-03-13 16:19:47 -07:00
fc533107ed
better handling of mimetype security
2017-03-12 21:55:24 -07:00
4c526c7d3d
Merge branch 'dev' into red
2017-03-11 18:02:59 -08:00
1a49f0d164
one role.
2017-03-09 18:54:10 -08:00
403f4c1a6b
Monday is a proper name and should be capitalised (except in private conversation amongst unix geeks).
2017-03-08 19:23:11 -08:00
7445f1881e
Merge branch 'dev' of https://github.com/redmatrix/hubzilla into dev_merge
2017-03-02 17:36:14 -08:00
e58dc726c5
activity widget - like the forum widget but represents unseen activity by author. Still experimental until it can be tested with diaspora xchans, which may require additional urlencoding.
2017-03-02 17:32:43 -08:00
dd8a3d845e
reset schema value after we empty and repopulate it. second half of fix for #624
2017-03-02 11:36:35 +01:00
fa02f3a108
Merge pull request #686 from dawnbreak/markdown
...
Upgrade PHP Markdown library.
2017-03-01 09:54:01 +11:00
fa944fc526
provide 'session' option to z_fetch_url to assist with remote fetches requiring magic auth
2017-02-27 23:48:54 -08:00
df6e75e1d6
make magic-auth work with profile vcard fetch
2017-02-27 23:37:42 -08:00
85082ea509
fetch profile vcard for connection
2017-02-27 21:14:09 -08:00
18b22f5f8a
prep work
2017-02-27 14:54:41 -08:00
503c368f9e
⬆️ 🔨 Upgrade PHP Markdown library.
...
The current version throws deprecated warning with PHP7.1 and PHPUnit.
Upgrade the Markdown library to the current PHP Markdown Lib 1.7.0.
Used composer to manage this library.
2017-02-27 23:40:29 +01:00
a6d13f290b
fix js issue in markdown mimetype wikis if content contains quotes
2017-02-27 13:52:08 +01:00
0f208fb36b
set minversion and maxversion for themes in view/theme/themename/php/theme.php instead of separate file.
2017-02-27 10:13:08 +01:00
4f07abe655
add a minversion to the theme and fallback to default if requirement is not met. mark incompatible themes in the theme selector
2017-02-26 21:01:20 +01:00
92615247ac
send sync packet on profile photo permissions change
2017-02-25 15:04:17 -08:00
232862ae08
escape tags on viewsrc output in case it is not text/bbcode.
2017-02-25 13:54:39 -08:00
cf11a89457
use chanlink_url() in directory since the xchan might not yet be available on our server
2017-02-24 10:08:09 +01:00
732dfa63c7
deleting profile vcard entries was pretty well borked
2017-02-23 20:27:12 -08:00
b1ff5367e7
more work on profile vcards - still a lot of work to go
2017-02-23 19:07:01 -08:00
41c67fa345
more places to use chanlink_hash() instead of chanlink_url() for profile_link
2017-02-23 10:36:00 +01:00
55924f5c5b
apps improvements
2017-02-22 11:22:43 +01:00
6644dc4861
use head_add_link() for feed discovery
2017-02-21 18:58:51 -08:00
bbacfbdd6a
display page not updating after comment
2017-02-21 15:24:39 -08:00
cbc0e5b934
do not lock out channels with only read perms from all post actions. we check read/write permissions for each command later in the process
2017-02-21 14:52:42 +01:00
1c1d1f1185
update fr translation
2017-02-20 18:46:51 -08:00
573846707c
fix several places where head_add_(css|js) functions have been used incorrectly. It appears that mistakes were made going back a long time and propagated. Here's the way it should work:
...
- if there is no preceding / character, we look for the file within all the appropriate theme directories.
- otherwise the file should have a preceding /, which means use this path relative to the hubzilla basedir
- files beginning with // are considered to be schemeless URLs.
Therefore 'foo.css' means find the best theme-able representation of foo.css.
'/library/foo.css' means only use the version of foo.css that is in /library.
2017-02-19 16:50:41 -08:00
1f39c16d99
util/pconfig - don't enumerate empty arrays, mod_acl - add more comments
2017-02-13 17:51:39 -08:00
321241da02
add default permcat to channel settings form
2017-02-12 18:40:26 -08:00
2a52592292
testing and bug fixes virtual profile groups
2017-02-12 17:40:18 -08:00
ccdfbc721f
Create virtual privacy groups for private profile member lists
2017-02-12 15:56:33 -08:00
1fb37f93cc
more permissions optimisations
2017-02-09 19:52:13 -08:00
fce33402e7
use profile_store_lowlevel() when creating additional profiles
2017-02-09 17:40:56 -08:00
8dc349caac
minor theming and whitespace
2017-02-08 19:47:34 -08:00
91819bfc2d
bringer - all basic functionality is implemented
2017-02-08 17:21:32 -08:00
30659aef50
initial permcat creation ability, in /settings/permcats; functional permcat creation for testing but still needs a lot of UX work before promoting the ability
2017-02-07 20:29:03 -08:00
zotlabs
Mario Vavti
Klaus