Commit Graph

22989 Commits

Author SHA1 Message Date
Guy Sartorelli
4e53c35b53 MNT Deprecate unusable property
This property must always have the value 'AND' or an exception will be
thrown - it should be deprecated. Also, no need to process the query
before throwing.
2022-06-30 15:53:17 +12:00
Guy Sartorelli
76be4578d6
Merge pull request #10378 from creative-commoners/pulls/4.11/pdo
FIX PDO in PHP 8
2022-06-30 13:58:55 +12:00
Steve Boyd
3a0fff25de FIX PDO in PHP 8 2022-06-30 12:34:05 +12:00
Guy Sartorelli
01c27e69de
Merge pull request #10377 from creative-commoners/pulls/4.11/mysql-null
FIX Ensure not passing null to mysql methods for PHP 8.1 compatibility
2022-06-29 10:01:12 +12:00
Steve Boyd
a77ca74a7e FIX Ensure not passing null to mysql methods for PHP 8.1 compatibility 2022-06-29 09:34:30 +12:00
Steve Boyd
98b985fb91 Merge branch '4.10' into 4.11 2022-06-28 17:41:49 +12:00
Guy Sartorelli
794640247b
Merge pull request #10374 from creative-commoners/pulls/4.10/cve-2022-28803
[CVE-2022-28803] Block XSS in links and iframes.
2022-06-28 17:27:37 +12:00
Guy Sartorelli
a78d3458ea
Merge pull request #10375 from creative-commoners/pulls/4.10/cve-2022-25238
[CVE-2022-25238] Sanitise htmlfields serverside by default
2022-06-28 17:27:21 +12:00
Guy Sartorelli
410c2a8966
Merge pull request #10376 from creative-commoners/pulls/4.10/cve-2021-41559
CVE-2021-41559 Disable xml entities
2022-06-28 17:27:08 +12:00
Steve Boyd
b5abc38455 CVE-2021-41559 Disable xml entities 2022-06-28 17:04:34 +12:00
Steve Boyd
991aedf017 [CVE-2022-25238] Sanitise htmlfields serverside by default 2022-06-28 17:03:05 +12:00
Guy Sartorelli
d2c58f3bbc [CVE-2022-28803] Block XSS in links and iframes. 2022-06-28 17:01:53 +12:00
Guy Sartorelli
dec85819bd Merge branch '4.10' into 4.11 2022-05-27 15:19:39 +12:00
Guy Sartorelli
0bc3ed4d2c Merge branch '4.9' into 4.10 2022-05-27 15:19:17 +12:00
Guy Sartorelli
972a77f4d3 Merge branch '4.10' into 4.11 2022-05-27 12:55:35 +12:00
Steve Boyd
825dd4b10d
Merge pull request #10333 from creative-commoners/pulls/4.10/fix-group-code-dedupe
FIX Resolve deduping problem with group codes.
2022-05-27 12:22:36 +12:00
Guy Sartorelli
e0c4f01c11 FIX Resolve deduping problem with group codes.
Also remove dead validation code.
2022-05-27 11:19:32 +12:00
Steve Boyd
dccaa9135e
Merge pull request #10334 from creative-commoners/pulls/4.11/mysql8-pdo-test
MNT Update utf8 aliases for mysql 8 and mariadb 10.6
2022-05-26 12:38:18 +12:00
Steve Boyd
ec5b94facf MNT Update utf8 aliases for mysql 8 and mariadb 10.6 2022-05-26 12:06:51 +12:00
Steve Boyd
d3252b1645 Merge branch '4.10' into 4.11 2022-05-19 17:25:15 +12:00
Guy Sartorelli
feb7ccf92e
Merge pull request #10324 from creative-commoners/pulls/4.11/guzzle
DEP Add guzzle 7 requirement
2022-05-18 13:34:13 +12:00
Steve Boyd
59b2a3ff8b DEP Add guzzle 7 requirement 2022-05-18 11:57:34 +12:00
Maxime Rainville
36df480ee2
Merge pull request #10295 from creative-commoners/pulls/4.9/manymanythrough-remove-all
FIX Correctly remove relations with ManyManyThroughList::removeall
2022-05-17 14:08:10 +12:00
Daniel Hensby
981f63678e
Merge pull request #10319 from kinglozzer/email-hooks
ENH: Add extension hooks to core emails
2022-05-16 11:46:44 +01:00
Loz Calver
903dd860b7 ENH: Add extension hooks to core emails 2022-05-16 10:02:49 +01:00
Guy Sartorelli
67d5c15c5e
Merge pull request #10310 from signify-nz/fix/10308--datacolumns-in-csv-export
FIX Use DataColumns content when available in CSV export
2022-05-13 15:29:01 +12:00
Steve Piner
e91b7be056 FIX Use DataColumns content when available in CSV export
Fix #9248 broke #9173 by accidentally checking for a string key in a
numerically indexed array. Change the check to search the array instead
(fixes #10308)
2022-05-13 13:53:04 +12:00
Guy Sartorelli
6c3edb2b52 Merge branch '4.10' into 4.11 2022-05-13 10:47:04 +12:00
Guy Sartorelli
d9d65c4fb0
Merge pull request #10315 from creative-commoners/pulls/4.10/travis-branch
MNT Use correct branch of installer for travis builds.
2022-05-13 10:44:51 +12:00
Guy Sartorelli
5dce3dec85 MNT Use correct branch of installer for travis builds. 2022-05-13 10:20:34 +12:00
Steve Boyd
89582dd476
Merge pull request #10313 from creative-commoners/pulls/4.11/email-when-password-changes
ENH Ensure users are sent emails when passwords are changed by default
2022-05-13 09:39:14 +12:00
Guy Sartorelli
0866317210
Merge pull request #10312 from creative-commoners/pulls/4.11/injector
ENH Allow multiple backtick variables in a single value
2022-05-12 18:57:21 +12:00
Steve Boyd
6a779d07d0 ENH Allow multiple backtick variables in a single value 2022-05-12 17:12:14 +12:00
Guy Sartorelli
cec2576583 FIX Don't print backslash in "changed password" email. 2022-05-12 11:42:35 +12:00
Guy Sartorelli
63f3637dc2 ENH Ensure users are sent emails when passwords are changed by default. 2022-05-12 11:42:27 +12:00
Guy Sartorelli
62bf312263
Merge pull request #10311 from creative-commoners/pulls/4.11/oembed
ENH Use guzzle for oembed
2022-05-12 09:22:31 +12:00
Steve Boyd
c72efa0d3f ENH Use guzzle for oembed 2022-05-11 16:37:59 +12:00
Guy Sartorelli
baaa323644
Merge pull request #10299 from edwilde/patch-14
Fix error when `posix_getpwuid` returns false
2022-05-05 19:13:27 +12:00
Guy Sartorelli
19bb72e7c7 FIX Correctly remove relations with ManyManyThroughList::removeall
Instead of just setting one side of the relation to null in the through
list, remove the rows entirely.
Remove only the relations which match the filters that have already been
set on the list.
This is consistent with the way ManyManyList works.

Also some small tidy-up (removing an unnecessary line break and an
unused "use" statement)
2022-05-05 11:21:51 +12:00
Steve Boyd
d765cf661e MNT Added 4.11.0-beta1 changelog 2022-05-04 14:08:59 +12:00
Steve Boyd
51c8ff6489 Update translations 2022-05-04 13:29:40 +12:00
Ed Wilde
0b6b2d1524
Fix error when posix_getpwuid returns false
The posix_getpwuid function can return false if it fails (see [docs](https://www.php.net/manual/en/function.posix-getpwuid.php#:~:text=The%20function%20returns%20false%20on%20failure.)).
2022-05-04 09:05:19 +12:00
Guy Sartorelli
6ced576b2f
Merge pull request #10281 from creative-commoners/pulls/4/p81fix
ENH Various fixes for PHP 8.1 compatibility
2022-04-27 10:01:07 +12:00
Steve Boyd
337c6e583c ENH Various fixes for PHP 8.1 compatibility 2022-04-27 09:29:40 +12:00
Guy Sartorelli
2411a83d5d
Merge pull request #10291 from creative-commoners/pulls/4/revert
FIX Revert adding extension hook
2022-04-26 12:00:26 +12:00
Steve Boyd
345173343c FIX Revert adding extension hook 2022-04-26 09:58:45 +12:00
Michal Kleiner
724a9007df
Merge pull request #10290 from freezernick/patch-1
DOC: Fix page not found in Builtin Middlewares
2022-04-22 23:09:39 +12:00
FreezerNick
7d2bfc6fcf
DOC: Fix page not found in Builtin Middlewares
Updates the address to the URL special variables page
2022-04-22 11:24:14 +02:00
Guy Sartorelli
4795992208
Merge pull request #10222 from creative-commoners/pulls/4/php81
ENH PHP 8.1 compatibility
2022-04-22 16:15:10 +12:00
Guy Sartorelli
c0396279d8
Merge pull request #10289 from creative-commoners/pulls/4/allow-plugins-docs
DOC: Changelog for Composer 2.2.0  allow-plugins option
2022-04-22 15:48:27 +12:00