1
0
mirror of https://github.com/vichan-devel/vichan.git synced 2024-11-24 07:30:10 +01:00
Commit Graph

595 Commits

Author SHA1 Message Date
czaks
d726eaf195 we don't have a htmlpurifier yet ;_; 2016-05-06 16:07:21 +02:00
Fredrick Brennan
95b1e103cb Edit static pages commit 2016-05-06 16:03:55 +02:00
8chan
7911c374e8 Public action logs commit (log.php)
Note: In a previous commit, I began making inc/mod/auth.php more modular with the check_login() function. Including it does NOT check mod login by default anymore like it does on vichan. You have to call check_login(). I've finally included it in inc/functions.php. If you have any custom pages that use inc/mod/auth.php, just including functions.php is enough now.

===================================
Also: backports 351375185e (early 404)
2016-05-06 15:44:26 +02:00
8chan
6dd1420f91 Add event to quote backlinks 2016-05-06 15:15:17 +02:00
8chan
ce3ce4f1b6 Fix *0 secure tripcodes caused by accidentally feeding + signs to crypt() 2016-05-06 15:14:55 +02:00
8chan
7831da83fc New event: rebuildpost, allows you to bind events to ?/edit 2016-05-06 15:13:27 +02:00
Fredrick Brennan
b476b66007 [BUG] Image reject repost board option now also affects YT embeds 2016-05-06 15:12:08 +02:00
czaks
126ee42b9d better rules for stripping combined chars, based on 45c0d32761 by @ctrlcctrlv 2016-05-06 14:34:42 +02:00
8chan
7a7574bdca SECURITY / XSS : ?/edit allowed arbitrary HTML to be added by any user thru addition of <tinyboard raw html>1</tinyboard>
This allowed ANY user with ?/edit privilege to also have raw_html regardless of whether they had $config['mod']['rawhtml']

Now, any changes to <tinyboard> markup modifiers via ?/edit are not allowed. They are removed at read time, and before write they are removed again and the ones in the database (which should be clean...) are inserted instead.

Please immediately apply this patch to your instance if you are running any version of 8chan/infinity.
2016-05-06 12:43:25 +02:00
8chan
6b04b3c671 Fix post deletion 2016-05-05 13:21:09 +02:00
czaks
77176faece enable javascript in mod panel 2016-05-05 09:56:54 +02:00
czaks
a42256b296 locale cache: fix a bug when perms are done wrong 2016-05-05 08:43:34 +02:00
czaks
36b78e5f98 fix for editor highlighting 2016-05-05 08:40:13 +02:00
czaks
7c3126866c ease the migration process for the previous security patch (by introducing another migration); restore php 5.4 compatibility (introducing a polyfill system) 2016-05-05 06:43:22 +02:00
czaks
706feeddff fix cache_config: webms were thumbnailed twice and with the latest addition, they couldn`t resize at all 2015-08-11 04:51:27 +02:00
Marcin Łabanowski
4014682882 fileboard support 2015-04-22 06:06:34 +02:00
czaks
197d5f236f [code] tag support 2015-04-12 01:14:35 +02:00
czaks
094f60d34d try_smarter: fix two bugs. 1. uncovered by the second, during a bump only the page the thread was on and first page were rebuild, despite threads rearranging their positions on the remaining pages. happening always. 2. during smart build, the page wasn`t ordered to be rebuilt 2015-04-06 18:59:33 +02:00
Marcin Łabanowski
8fcb9195c8 Merge pull request #137 from lewdchan/master
made the define_groups function play nice on hhvm
2015-04-05 20:51:51 +02:00
czaks
9831b582fa groups were not defined 2015-04-05 20:25:57 +02:00
czaks
6fd4eb2add fix a locale issue 2015-04-05 20:23:57 +02:00
czaks
f053450edf cache_config: fix debug notice 2015-04-05 20:04:27 +02:00
czaks
45f11d1d78 indent the file (inc/functions.php) after the latest changes 2015-04-05 19:12:41 +02:00
czaks
dc2928a14d cache_config preliminary release 2015-04-05 18:48:53 +02:00
czaks
758cb94e01 optimization: locale caching, so we don`t have to reparse instance-config every single time 2015-04-05 16:52:35 +02:00
czaks
71ef3430fc optimization: get rid of one more sql query related to installed themes 2015-04-05 16:38:16 +02:00
czaks
34eeaccea9 optimization: we don`t need bans.php most of the time and bans.php has big dependencies 2015-04-05 16:31:20 +02:00
czaks
cbbebcd20c optimization: if gettext.so is loaded, we don`t need the fallback implementation 2015-04-05 16:26:32 +02:00
Jayme Brereton
fa2e6cfa80 made the define_groups function play nice on hhvm 2015-04-05 20:14:58 +09:30
czaks
67db118f1e Revert "Revert "smart_build: buildThread" (for a moment, something b0rks)"
This reverts commit b246daa191.
2015-04-02 20:30:57 +02:00
czaks
99706835c2 Revert "Revert "smart_build for buildIndex""
This reverts commit cfb2f55b7a.
2015-04-02 20:29:43 +02:00
czaks
cfb2f55b7a Revert "smart_build for buildIndex"
This reverts commit 55277ce383.
2015-04-02 19:36:55 +02:00
czaks
b246daa191 Revert "smart_build: buildThread" (for a moment, something b0rks)
This reverts commit f2a74812f0.
2015-04-01 18:44:01 +02:00
czaks
f2a74812f0 smart_build: buildThread 2015-04-01 18:43:48 +02:00
czaks
14671e0535 functions.php fix: after_open_board support; so that we may disable smart_build immediately after open_board 2015-04-01 18:13:32 +02:00
czaks
55277ce383 smart_build for buildIndex 2015-04-01 18:11:08 +02:00
czaks
d4892aca12 fix one of the previous commits: fix api_global 2015-04-01 17:30:06 +02:00
czaks
4030c42bb4 add a global_api variable for buildIndex 2015-04-01 17:07:24 +02:00
czaks
deefe8299b unlink a .gz version of a file if it exists 2015-04-01 16:56:17 +02:00
czaks
7fd8c75450 dont rebuild a page, when not needed, even if it doesnt exist 2015-04-01 16:53:28 +02:00
czaks
5d8e023fc4 remove tinyboard special markup from slugs; thanks stigma for reporting 2015-03-30 06:26:53 +02:00
czaks
10f93d0d43 implement a protection against transparent proxies 2015-03-24 05:19:25 +01:00
czaks
3851087dce slug size should be configurable 2015-03-12 00:03:22 +01:00
czaks
4bf525599e ... 2015-03-10 14:19:36 +01:00
czaks
a2544bc596 ... (cites) 2015-03-10 14:16:27 +01:00
czaks
9f34d334d3 .. 2015-03-10 13:52:31 +01:00
czaks
7623de9e2f ... (cache) 2015-03-10 13:42:10 +01:00
czaks
d690567b44 ... (minor fix for locales) 2015-03-10 13:16:16 +01:00
czaks
0062125f5c ... 2015-03-10 13:09:53 +01:00
czaks
fe7e9c5103 ... 2015-03-10 13:03:47 +01:00