aboutsummaryrefslogtreecommitdiffstats
path: root/vendor
diff options
context:
space:
mode:
Diffstat (limited to 'vendor')
-rw-r--r--vendor/blueimp/jquery-file-upload/README.md2
-rw-r--r--vendor/blueimp/jquery-file-upload/SECURITY.md2
-rw-r--r--vendor/blueimp/jquery-file-upload/angularjs.html8
-rw-r--r--vendor/blueimp/jquery-file-upload/basic-plus.html8
-rw-r--r--vendor/blueimp/jquery-file-upload/basic.html6
-rw-r--r--[-rwxr-xr-x]vendor/blueimp/jquery-file-upload/bower-version-update.js0
-rw-r--r--vendor/blueimp/jquery-file-upload/bower.json2
-rw-r--r--vendor/blueimp/jquery-file-upload/cors/postmessage.html2
-rw-r--r--vendor/blueimp/jquery-file-upload/index.html6
-rw-r--r--vendor/blueimp/jquery-file-upload/jquery-ui.html6
-rw-r--r--vendor/blueimp/jquery-file-upload/package.json2
-rw-r--r--[-rwxr-xr-x]vendor/blueimp/jquery-file-upload/server/php/UploadHandler.php34
-rw-r--r--vendor/blueimp/jquery-file-upload/server/php/index.php2
-rw-r--r--vendor/blueimp/jquery-file-upload/test/index.html6
-rw-r--r--vendor/composer/ClassLoader.php2
-rw-r--r--vendor/composer/LICENSE69
-rw-r--r--vendor/composer/autoload_classmap.php9
-rw-r--r--vendor/composer/autoload_static.php8
-rw-r--r--vendor/composer/installed.json28
-rw-r--r--vendor/psr/log/README.md7
20 files changed, 99 insertions, 110 deletions
diff --git a/vendor/blueimp/jquery-file-upload/README.md b/vendor/blueimp/jquery-file-upload/README.md
index d2f104d5c..d9e16ed18 100644
--- a/vendor/blueimp/jquery-file-upload/README.md
+++ b/vendor/blueimp/jquery-file-upload/README.md
@@ -10,7 +10,7 @@ Supports cross-domain, chunked and resumable file uploads and client-side image
## ⚠️ Security Notice
Security related releases:
-* [v9.25.1](https://github.com/blueimp/jQuery-File-Upload/releases/tag/v9.25.1) Mitigates some [Potential vulnerabilities with PHP+ImageMagick](VULNERABILITIES.md#potential-vulnerabilities-with-php+imagemagick).
+* [v9.25.1](https://github.com/blueimp/jQuery-File-Upload/releases/tag/v9.25.1) Mitigates some [Potential vulnerabilities with PHP+ImageMagick](VULNERABILITIES.md#potential-vulnerabilities-with-php-imagemagick).
* [v9.24.1](https://github.com/blueimp/jQuery-File-Upload/releases/tag/v9.24.1) Fixes a [Remote code execution vulnerability in the PHP component](VULNERABILITIES.md#remote-code-execution-vulnerability-in-the-php-component).
* v[9.10.1](https://github.com/blueimp/jQuery-File-Upload/releases/tag/9.10.1) Fixes an [Open redirect vulnerability in the GAE components](VULNERABILITIES.md#open-redirect-vulnerability-in-the-gae-components).
* Commit [4175032](https://github.com/blueimp/jQuery-File-Upload/commit/41750323a464e848856dc4c5c940663498beb74a) (*fixed in all tagged releases*) Fixes a [Cross-site scripting vulnerability in the Iframe Transport](VULNERABILITIES.md#cross-site-scripting-vulnerability-in-the-iframe-transport).
diff --git a/vendor/blueimp/jquery-file-upload/SECURITY.md b/vendor/blueimp/jquery-file-upload/SECURITY.md
index db58f7dd7..86ffc163b 100644
--- a/vendor/blueimp/jquery-file-upload/SECURITY.md
+++ b/vendor/blueimp/jquery-file-upload/SECURITY.md
@@ -113,7 +113,7 @@ location ^~ /path/to/project/server/php/files {
```
## Secure image processing configurations
-The following configuration mitigates [potential image processing vulnerabilities with ImageMagick](VULNERABILITIES.md#potential-vulnerabilities-with-php+imagemagick) by limiting the attack vectors to a small subset of image types (`GIF/JPEG/PNG`).
+The following configuration mitigates [potential image processing vulnerabilities with ImageMagick](VULNERABILITIES.md#potential-vulnerabilities-with-php-imagemagick) by limiting the attack vectors to a small subset of image types (`GIF/JPEG/PNG`).
Please also consider using alternative, safer image processing libraries like [libvips](https://github.com/libvips/libvips) or [imageflow](https://github.com/imazen/imageflow).
diff --git a/vendor/blueimp/jquery-file-upload/angularjs.html b/vendor/blueimp/jquery-file-upload/angularjs.html
index 2051bbf79..e8b05e77f 100644
--- a/vendor/blueimp/jquery-file-upload/angularjs.html
+++ b/vendor/blueimp/jquery-file-upload/angularjs.html
@@ -22,7 +22,7 @@
<meta name="description" content="File Upload widget with multiple file selection, drag&amp;drop support, progress bars, validation and preview images, audio and video for AngularJS. Supports cross-domain, chunked and resumable file uploads and client-side image resizing. Works with any server-side platform (PHP, Python, Ruby on Rails, Java, Node.js, Go etc.) that supports standard HTML form file uploads.">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<!-- Bootstrap styles -->
-<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
+<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u" crossorigin="anonymous">
<!-- Generic page styles -->
<link rel="stylesheet" href="css/style.css">
<!-- blueimp Gallery styles -->
@@ -177,8 +177,8 @@
<a class="play-pause"></a>
<ol class="indicator"></ol>
</div>
-<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js"></script>
-<script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.3.15/angular.min.js"></script>
+<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js" integrity="sha384-xBuQ/xzmlsLoJpyjoggmTEz8OWUFM0/RC5BsqQBDX2v5cMvDHcMakNTNrHIW2I5f" crossorigin="anonymous"></script>
+<script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.3.15/angular.min.js" integrity="sha384-r6jjWwxAypHaESwS5an5J9dkfzwQuKVNV9FZM9B6fnt8PFuY0cVwLhV7BltCZhLy" crossorigin="anonymous"></script>
<!-- The jQuery UI widget factory, can be omitted if jQuery UI is already included -->
<script src="js/vendor/jquery.ui.widget.js"></script>
<!-- The Load Image plugin is included for the preview images and image resizing functionality -->
@@ -186,7 +186,7 @@
<!-- The Canvas to Blob plugin is included for image resizing functionality -->
<script src="https://blueimp.github.io/JavaScript-Canvas-to-Blob/js/canvas-to-blob.min.js"></script>
<!-- Bootstrap JS is not required, but included for the responsive demo navigation -->
-<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>
+<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js" integrity="sha384-Tc5IQib027qvyjSMfHjOMaLkfuWVxZxUPnCJA7l2mCWNIpG9mGCD8wGNIcPD7Txa" crossorigin="anonymous"></script>
<!-- blueimp Gallery script -->
<script src="https://blueimp.github.io/Gallery/js/jquery.blueimp-gallery.min.js"></script>
<!-- The Iframe Transport is required for browsers without support for XHR file uploads -->
diff --git a/vendor/blueimp/jquery-file-upload/basic-plus.html b/vendor/blueimp/jquery-file-upload/basic-plus.html
index acee24843..6d53acdc1 100644
--- a/vendor/blueimp/jquery-file-upload/basic-plus.html
+++ b/vendor/blueimp/jquery-file-upload/basic-plus.html
@@ -20,7 +20,7 @@
<meta name="description" content="File Upload widget with multiple file selection, drag&amp;drop support, progress bar, validation and preview images, audio and video for jQuery. Supports cross-domain, chunked and resumable file uploads. Works with any server-side platform (Google App Engine, PHP, Python, Ruby on Rails, Java, etc.) that supports standard HTML form file uploads.">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<!-- Bootstrap styles -->
-<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
+<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u" crossorigin="anonymous">
<!-- Generic page styles -->
<link rel="stylesheet" href="css/style.css">
<!-- CSS to style the file input field as button and adjust the Bootstrap progress bars -->
@@ -96,15 +96,15 @@
</div>
</div>
</div>
-<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js"></script>
+<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js" integrity="sha384-xBuQ/xzmlsLoJpyjoggmTEz8OWUFM0/RC5BsqQBDX2v5cMvDHcMakNTNrHIW2I5f" crossorigin="anonymous"></script>
<!-- The jQuery UI widget factory, can be omitted if jQuery UI is already included -->
<script src="js/vendor/jquery.ui.widget.js"></script>
<!-- The Load Image plugin is included for the preview images and image resizing functionality -->
-<script src="https://blueimp.github.io/JavaScript-Load-Image/js/load-image.all.min.js"></script>
+<script src="https://blueimp.github.io/JavaScript-Load-Image/js/load-image.all.min.js"></script>
<!-- The Canvas to Blob plugin is included for image resizing functionality -->
<script src="https://blueimp.github.io/JavaScript-Canvas-to-Blob/js/canvas-to-blob.min.js"></script>
<!-- Bootstrap JS is not required, but included for the responsive demo navigation -->
-<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>
+<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js" integrity="sha384-Tc5IQib027qvyjSMfHjOMaLkfuWVxZxUPnCJA7l2mCWNIpG9mGCD8wGNIcPD7Txa" crossorigin="anonymous"></script>
<!-- The Iframe Transport is required for browsers without support for XHR file uploads -->
<script src="js/jquery.iframe-transport.js"></script>
<!-- The basic File Upload plugin -->
diff --git a/vendor/blueimp/jquery-file-upload/basic.html b/vendor/blueimp/jquery-file-upload/basic.html
index 232a24624..a9ef6273e 100644
--- a/vendor/blueimp/jquery-file-upload/basic.html
+++ b/vendor/blueimp/jquery-file-upload/basic.html
@@ -20,7 +20,7 @@
<meta name="description" content="File Upload widget with multiple file selection, drag&amp;drop support and progress bar for jQuery. Supports cross-domain, chunked and resumable file uploads. Works with any server-side platform (PHP, Python, Ruby on Rails, Java, Node.js, Go etc.) that supports standard HTML form file uploads.">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<!-- Bootstrap styles -->
-<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
+<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u" crossorigin="anonymous">
<!-- Generic page styles -->
<link rel="stylesheet" href="css/style.css">
<!-- CSS to style the file input field as button and adjust the Bootstrap progress bars -->
@@ -96,7 +96,7 @@
</div>
</div>
</div>
-<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js"></script>
+<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js" integrity="sha384-xBuQ/xzmlsLoJpyjoggmTEz8OWUFM0/RC5BsqQBDX2v5cMvDHcMakNTNrHIW2I5f" crossorigin="anonymous"></script>
<!-- The jQuery UI widget factory, can be omitted if jQuery UI is already included -->
<script src="js/vendor/jquery.ui.widget.js"></script>
<!-- The Iframe Transport is required for browsers without support for XHR file uploads -->
@@ -104,7 +104,7 @@
<!-- The basic File Upload plugin -->
<script src="js/jquery.fileupload.js"></script>
<!-- Bootstrap JS is not required, but included for the responsive demo navigation -->
-<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>
+<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js" integrity="sha384-Tc5IQib027qvyjSMfHjOMaLkfuWVxZxUPnCJA7l2mCWNIpG9mGCD8wGNIcPD7Txa" crossorigin="anonymous"></script>
<script>
/*jslint unparam: true */
/*global window, $ */
diff --git a/vendor/blueimp/jquery-file-upload/bower-version-update.js b/vendor/blueimp/jquery-file-upload/bower-version-update.js
index 09ce3927e..09ce3927e 100755..100644
--- a/vendor/blueimp/jquery-file-upload/bower-version-update.js
+++ b/vendor/blueimp/jquery-file-upload/bower-version-update.js
diff --git a/vendor/blueimp/jquery-file-upload/bower.json b/vendor/blueimp/jquery-file-upload/bower.json
index 34594a32f..2a56262a1 100644
--- a/vendor/blueimp/jquery-file-upload/bower.json
+++ b/vendor/blueimp/jquery-file-upload/bower.json
@@ -1,6 +1,6 @@
{
"name": "blueimp-file-upload",
- "version": "9.25.1",
+ "version": "9.28.0",
"title": "jQuery File Upload",
"description": "File Upload widget with multiple file selection, drag&amp;drop support, progress bar, validation and preview images.",
"keywords": [
diff --git a/vendor/blueimp/jquery-file-upload/cors/postmessage.html b/vendor/blueimp/jquery-file-upload/cors/postmessage.html
index 6a56cf0b6..381a8e0cd 100644
--- a/vendor/blueimp/jquery-file-upload/cors/postmessage.html
+++ b/vendor/blueimp/jquery-file-upload/cors/postmessage.html
@@ -15,7 +15,7 @@
<head>
<meta charset="utf-8">
<title>jQuery File Upload Plugin postMessage API</title>
-<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js"></script>
+<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js" integrity="sha384-xBuQ/xzmlsLoJpyjoggmTEz8OWUFM0/RC5BsqQBDX2v5cMvDHcMakNTNrHIW2I5f" crossorigin="anonymous"></script>
</head>
<body>
<script>
diff --git a/vendor/blueimp/jquery-file-upload/index.html b/vendor/blueimp/jquery-file-upload/index.html
index c8c66ad8b..37e08a7cb 100644
--- a/vendor/blueimp/jquery-file-upload/index.html
+++ b/vendor/blueimp/jquery-file-upload/index.html
@@ -22,7 +22,7 @@
<meta name="description" content="File Upload widget with multiple file selection, drag&amp;drop support, progress bars, validation and preview images, audio and video for jQuery. Supports cross-domain, chunked and resumable file uploads and client-side image resizing. Works with any server-side platform (PHP, Python, Ruby on Rails, Java, Node.js, Go etc.) that supports standard HTML form file uploads.">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<!-- Bootstrap styles -->
-<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
+<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u" crossorigin="anonymous">
<!-- Generic page styles -->
<link rel="stylesheet" href="css/style.css">
<!-- blueimp Gallery styles -->
@@ -216,7 +216,7 @@
</tr>
{% } %}
</script>
-<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js"></script>
+<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js" integrity="sha384-xBuQ/xzmlsLoJpyjoggmTEz8OWUFM0/RC5BsqQBDX2v5cMvDHcMakNTNrHIW2I5f" crossorigin="anonymous"></script>
<!-- The jQuery UI widget factory, can be omitted if jQuery UI is already included -->
<script src="js/vendor/jquery.ui.widget.js"></script>
<!-- The Templates plugin is included to render the upload/download listings -->
@@ -226,7 +226,7 @@
<!-- The Canvas to Blob plugin is included for image resizing functionality -->
<script src="https://blueimp.github.io/JavaScript-Canvas-to-Blob/js/canvas-to-blob.min.js"></script>
<!-- Bootstrap JS is not required, but included for the responsive demo navigation -->
-<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>
+<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js" integrity="sha384-Tc5IQib027qvyjSMfHjOMaLkfuWVxZxUPnCJA7l2mCWNIpG9mGCD8wGNIcPD7Txa" crossorigin="anonymous"></script>
<!-- blueimp Gallery script -->
<script src="https://blueimp.github.io/Gallery/js/jquery.blueimp-gallery.min.js"></script>
<!-- The Iframe Transport is required for browsers without support for XHR file uploads -->
diff --git a/vendor/blueimp/jquery-file-upload/jquery-ui.html b/vendor/blueimp/jquery-file-upload/jquery-ui.html
index 842dd4ca7..e44d41e89 100644
--- a/vendor/blueimp/jquery-file-upload/jquery-ui.html
+++ b/vendor/blueimp/jquery-file-upload/jquery-ui.html
@@ -22,7 +22,7 @@
<meta name="description" content="File Upload widget with multiple file selection, drag&amp;drop support, progress bars, validation and preview images, audio and video for jQuery. Supports cross-domain, chunked and resumable file uploads and client-side image resizing. Works with any server-side platform (PHP, Python, Ruby on Rails, Java, Node.js, Go etc.) that supports standard HTML form file uploads.">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<!-- jQuery UI styles -->
-<link rel="stylesheet" href="https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/dark-hive/jquery-ui.css" id="theme">
+<link rel="stylesheet" href="https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/dark-hive/jquery-ui.css" integrity="sha384-ufZtQaOYGuy/CibAC5jmelOpBu3H78Js7HrXSLo4LGccHUrGGHXt+uaTcDbio3kI" crossorigin="anonymous">
<!-- Generic page styles -->
<link rel="stylesheet" href="css/style.css">
<!-- Demo styles -->
@@ -201,8 +201,8 @@
</tr>
{% } %}
</script>
-<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js"></script>
-<script src="https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js"></script>
+<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js" integrity="sha384-xBuQ/xzmlsLoJpyjoggmTEz8OWUFM0/RC5BsqQBDX2v5cMvDHcMakNTNrHIW2I5f" crossorigin="anonymous"></script>
+<script src="https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js" integrity="sha384-Dziy8F2VlJQLMShA6FHWNul/veM9bCkRUaLqr199K94ntO5QUrLJBEbYegdSkkqX" crossorigin="anonymous"></script>
<!-- The Templates plugin is included to render the upload/download listings -->
<script src="https://blueimp.github.io/JavaScript-Templates/js/tmpl.min.js"></script>
<!-- The Load Image plugin is included for the preview images and image resizing functionality -->
diff --git a/vendor/blueimp/jquery-file-upload/package.json b/vendor/blueimp/jquery-file-upload/package.json
index 4b33a0362..0a635397c 100644
--- a/vendor/blueimp/jquery-file-upload/package.json
+++ b/vendor/blueimp/jquery-file-upload/package.json
@@ -1,6 +1,6 @@
{
"name": "blueimp-file-upload",
- "version": "9.25.1",
+ "version": "9.28.0",
"title": "jQuery File Upload",
"description": "File Upload widget with multiple file selection, drag&drop support, progress bar, validation and preview images, audio and video for jQuery. Supports cross-domain, chunked and resumable file uploads. Works with any server-side platform (Google App Engine, PHP, Python, Ruby on Rails, Java, etc.) that supports standard HTML form file uploads.",
"keywords": [
diff --git a/vendor/blueimp/jquery-file-upload/server/php/UploadHandler.php b/vendor/blueimp/jquery-file-upload/server/php/UploadHandler.php
index e44004395..5215e4c0f 100755..100644
--- a/vendor/blueimp/jquery-file-upload/server/php/UploadHandler.php
+++ b/vendor/blueimp/jquery-file-upload/server/php/UploadHandler.php
@@ -38,9 +38,9 @@ class UploadHandler
'image_resize' => 'Failed to resize image'
);
- protected const IMAGETYPE_GIF = 1;
- protected const IMAGETYPE_JPEG = 2;
- protected const IMAGETYPE_PNG = 3;
+ const IMAGETYPE_GIF = 1;
+ const IMAGETYPE_JPEG = 2;
+ const IMAGETYPE_PNG = 3;
protected $image_objects = array();
@@ -1047,13 +1047,18 @@ class UploadHandler
}
protected function create_scaled_image($file_name, $version, $options) {
- if ($this->options['image_library'] === 2) {
- return $this->imagemagick_create_scaled_image($file_name, $version, $options);
- }
- if ($this->options['image_library'] && extension_loaded('imagick')) {
- return $this->imagick_create_scaled_image($file_name, $version, $options);
+ try {
+ if ($this->options['image_library'] === 2) {
+ return $this->imagemagick_create_scaled_image($file_name, $version, $options);
+ }
+ if ($this->options['image_library'] && extension_loaded('imagick')) {
+ return $this->imagick_create_scaled_image($file_name, $version, $options);
+ }
+ return $this->gd_create_scaled_image($file_name, $version, $options);
+ } catch (\Exception $e) {
+ error_log($e->getMessage());
+ return false;
}
- return $this->gd_create_scaled_image($file_name, $version, $options);
}
protected function destroy_image_object($file_path) {
@@ -1066,12 +1071,12 @@ class UploadHandler
$fp = fopen($file_path, 'r');
$data = fread($fp, 4);
fclose($fp);
- // GIF: 47 49 46
- if (substr($data, 0, 3) === 'GIF') {
+ // GIF: 47 49 46 38
+ if ($data === 'GIF8') {
return self::IMAGETYPE_GIF;
}
- // JPG: FF D8
- if (bin2hex(substr($data, 0, 2)) === 'ffd8') {
+ // JPG: FF D8 FF
+ if (bin2hex(substr($data, 0, 3)) === 'ffd8ff') {
return self::IMAGETYPE_JPEG;
}
// PNG: 89 50 4E 47
@@ -1082,6 +1087,9 @@ class UploadHandler
}
protected function is_valid_image_file($file_path) {
+ if (!preg_match('/\.(gif|jpe?g|png)$/i', $file_path)) {
+ return false;
+ }
return !!$this->imagetype($file_path);
}
diff --git a/vendor/blueimp/jquery-file-upload/server/php/index.php b/vendor/blueimp/jquery-file-upload/server/php/index.php
index 9c2cfb8eb..6caabb710 100644
--- a/vendor/blueimp/jquery-file-upload/server/php/index.php
+++ b/vendor/blueimp/jquery-file-upload/server/php/index.php
@@ -9,7 +9,7 @@
* Licensed under the MIT license:
* https://opensource.org/licenses/MIT
*/
-exit;
+
error_reporting(E_ALL | E_STRICT);
require('UploadHandler.php');
$upload_handler = new UploadHandler();
diff --git a/vendor/blueimp/jquery-file-upload/test/index.html b/vendor/blueimp/jquery-file-upload/test/index.html
index 0b5cf57b7..b8c585df5 100644
--- a/vendor/blueimp/jquery-file-upload/test/index.html
+++ b/vendor/blueimp/jquery-file-upload/test/index.html
@@ -20,7 +20,7 @@
<meta charset="utf-8">
<title>jQuery File Upload Plugin Test</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
-<link rel="stylesheet" href="https://code.jquery.com/qunit/qunit-1.23.1.css">
+<link rel="stylesheet" href="https://code.jquery.com/qunit/qunit-1.23.1.css" integrity="sha384-RW07PgMHO3eNYL7ddFK/okEi1rjvSeJ3Ck/TxGUHkmzSlGmw4R9/KGJYUD3OicMd" crossorigin="anonymous">
</head>
<body>
<h1 id="qunit-header">jQuery File Upload Plugin Test</h1>
@@ -145,7 +145,7 @@
</tr>
{% } %}
</script>
-<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js"></script>
+<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js" integrity="sha384-nvAa0+6Qg9clwYCGGPpDQLVpLNn0fRaROjHqs13t4Ggj3Ez50XnGQqc/r8MhnRDZ" crossorigin="anonymous"></script>
<script src="../js/vendor/jquery.ui.widget.js"></script>
<script src="https://blueimp.github.io/JavaScript-Templates/js/tmpl.min.js"></script>
<script src="https://blueimp.github.io/JavaScript-Load-Image/js/load-image.all.min.js"></script>
@@ -166,7 +166,7 @@ window.testBasicWidget = $.blueimp.fileupload;
/* global window, $ */
window.testUIWidget = $.blueimp.fileupload;
</script>
-<script src="https://code.jquery.com/qunit/qunit-1.23.1.js"></script>
+<script src="https://code.jquery.com/qunit/qunit-1.23.1.js" integrity="sha384-FJbPWND3tHbuhP8PhCp3Kn0bEtCxaIq+sfkmiJ+Su0jchKFnVbPQTTyPiuwqbkXa" crossorigin="anonymous"></script>
<script src="test.js"></script>
</body>
</html>
diff --git a/vendor/composer/ClassLoader.php b/vendor/composer/ClassLoader.php
index 95f7e0978..fce8549f0 100644
--- a/vendor/composer/ClassLoader.php
+++ b/vendor/composer/ClassLoader.php
@@ -279,7 +279,7 @@ class ClassLoader
*/
public function setApcuPrefix($apcuPrefix)
{
- $this->apcuPrefix = function_exists('apcu_fetch') && ini_get('apc.enabled') ? $apcuPrefix : null;
+ $this->apcuPrefix = function_exists('apcu_fetch') && filter_var(ini_get('apc.enabled'), FILTER_VALIDATE_BOOLEAN) ? $apcuPrefix : null;
}
/**
diff --git a/vendor/composer/LICENSE b/vendor/composer/LICENSE
index f0157a6ed..f27399a04 100644
--- a/vendor/composer/LICENSE
+++ b/vendor/composer/LICENSE
@@ -1,56 +1,21 @@
-Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
-Upstream-Name: Composer
-Upstream-Contact: Jordi Boggiano <j.boggiano@seld.be>
-Source: https://github.com/composer/composer
-Files: *
-Copyright: 2016, Nils Adermann <naderman@naderman.de>
- 2016, Jordi Boggiano <j.boggiano@seld.be>
-License: Expat
+Copyright (c) Nils Adermann, Jordi Boggiano
-Files: src/Composer/Util/TlsHelper.php
-Copyright: 2016, Nils Adermann <naderman@naderman.de>
- 2016, Jordi Boggiano <j.boggiano@seld.be>
- 2013, Evan Coury <me@evancoury.com>
-License: Expat and BSD-2-Clause
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is furnished
+to do so, subject to the following conditions:
-License: BSD-2-Clause
- Redistribution and use in source and binary forms, with or without modification,
- are permitted provided that the following conditions are met:
- .
- * Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
- .
- * Redistributions in binary form must reproduce the above copyright notice,
- this list of conditions and the following disclaimer in the documentation
- and/or other materials provided with the distribution.
- .
- THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
- ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
- WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
- ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
- ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
- SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
-License: Expat
- Permission is hereby granted, free of charge, to any person obtaining a copy
- of this software and associated documentation files (the "Software"), to deal
- in the Software without restriction, including without limitation the rights
- to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
- copies of the Software, and to permit persons to whom the Software is furnished
- to do so, subject to the following conditions:
- .
- The above copyright notice and this permission notice shall be included in all
- copies or substantial portions of the Software.
- .
- THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
- IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
- FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
- AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
- LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
- THE SOFTWARE.
diff --git a/vendor/composer/autoload_classmap.php b/vendor/composer/autoload_classmap.php
index f3c814e02..86acbb152 100644
--- a/vendor/composer/autoload_classmap.php
+++ b/vendor/composer/autoload_classmap.php
@@ -380,6 +380,9 @@ return array(
'Psr\\Log\\LoggerInterface' => $vendorDir . '/psr/log/Psr/Log/LoggerInterface.php',
'Psr\\Log\\LoggerTrait' => $vendorDir . '/psr/log/Psr/Log/LoggerTrait.php',
'Psr\\Log\\NullLogger' => $vendorDir . '/psr/log/Psr/Log/NullLogger.php',
+ 'Psr\\Log\\Test\\DummyTest' => $vendorDir . '/psr/log/Psr/Log/Test/LoggerInterfaceTest.php',
+ 'Psr\\Log\\Test\\LoggerInterfaceTest' => $vendorDir . '/psr/log/Psr/Log/Test/LoggerInterfaceTest.php',
+ 'Psr\\Log\\Test\\TestLogger' => $vendorDir . '/psr/log/Psr/Log/Test/TestLogger.php',
'Ramsey\\Uuid\\BinaryUtils' => $vendorDir . '/ramsey/uuid/src/BinaryUtils.php',
'Ramsey\\Uuid\\Builder\\DefaultUuidBuilder' => $vendorDir . '/ramsey/uuid/src/Builder/DefaultUuidBuilder.php',
'Ramsey\\Uuid\\Builder\\DegradedUuidBuilder' => $vendorDir . '/ramsey/uuid/src/Builder/DegradedUuidBuilder.php',
@@ -981,7 +984,6 @@ return array(
'Zotlabs\\Module\\Mood' => $baseDir . '/Zotlabs/Module/Mood.php',
'Zotlabs\\Module\\Network' => $baseDir . '/Zotlabs/Module/Network.php',
'Zotlabs\\Module\\New_channel' => $baseDir . '/Zotlabs/Module/New_channel.php',
- 'Zotlabs\\Module\\Nojs' => $baseDir . '/Zotlabs/Module/Nojs.php',
'Zotlabs\\Module\\Notes' => $baseDir . '/Zotlabs/Module/Notes.php',
'Zotlabs\\Module\\Notifications' => $baseDir . '/Zotlabs/Module/Notifications.php',
'Zotlabs\\Module\\Notify' => $baseDir . '/Zotlabs/Module/Notify.php',
@@ -1337,7 +1339,10 @@ return array(
'Zotlabs\\Update\\_1222' => $baseDir . '/Zotlabs/Update/_1222.php',
'Zotlabs\\Update\\_1223' => $baseDir . '/Zotlabs/Update/_1223.php',
'Zotlabs\\Update\\_1224' => $baseDir . '/Zotlabs/Update/_1224.php',
- 'Zotlabs\\Web\\CheckJS' => $baseDir . '/Zotlabs/Web/CheckJS.php',
+ 'Zotlabs\\Update\\_1225' => $baseDir . '/Zotlabs/Update/_1225.php',
+ 'Zotlabs\\Update\\_1226' => $baseDir . '/Zotlabs/Update/_1226.php',
+ 'Zotlabs\\Update\\_1227' => $baseDir . '/Zotlabs/Update/_1227.php',
+ 'Zotlabs\\Update\\_1228' => $baseDir . '/Zotlabs/Update/_1228.php',
'Zotlabs\\Web\\Controller' => $baseDir . '/Zotlabs/Web/Controller.php',
'Zotlabs\\Web\\HTTPHeaders' => $baseDir . '/Zotlabs/Web/HTTPHeaders.php',
'Zotlabs\\Web\\HTTPSig' => $baseDir . '/Zotlabs/Web/HTTPSig.php',
diff --git a/vendor/composer/autoload_static.php b/vendor/composer/autoload_static.php
index ce0232306..ea23de753 100644
--- a/vendor/composer/autoload_static.php
+++ b/vendor/composer/autoload_static.php
@@ -548,6 +548,9 @@ class ComposerStaticInit7b34d7e50a62201ec5d5e526a5b8b35d
'Psr\\Log\\LoggerInterface' => __DIR__ . '/..' . '/psr/log/Psr/Log/LoggerInterface.php',
'Psr\\Log\\LoggerTrait' => __DIR__ . '/..' . '/psr/log/Psr/Log/LoggerTrait.php',
'Psr\\Log\\NullLogger' => __DIR__ . '/..' . '/psr/log/Psr/Log/NullLogger.php',
+ 'Psr\\Log\\Test\\DummyTest' => __DIR__ . '/..' . '/psr/log/Psr/Log/Test/LoggerInterfaceTest.php',
+ 'Psr\\Log\\Test\\LoggerInterfaceTest' => __DIR__ . '/..' . '/psr/log/Psr/Log/Test/LoggerInterfaceTest.php',
+ 'Psr\\Log\\Test\\TestLogger' => __DIR__ . '/..' . '/psr/log/Psr/Log/Test/TestLogger.php',
'Ramsey\\Uuid\\BinaryUtils' => __DIR__ . '/..' . '/ramsey/uuid/src/BinaryUtils.php',
'Ramsey\\Uuid\\Builder\\DefaultUuidBuilder' => __DIR__ . '/..' . '/ramsey/uuid/src/Builder/DefaultUuidBuilder.php',
'Ramsey\\Uuid\\Builder\\DegradedUuidBuilder' => __DIR__ . '/..' . '/ramsey/uuid/src/Builder/DegradedUuidBuilder.php',
@@ -1149,7 +1152,6 @@ class ComposerStaticInit7b34d7e50a62201ec5d5e526a5b8b35d
'Zotlabs\\Module\\Mood' => __DIR__ . '/../..' . '/Zotlabs/Module/Mood.php',
'Zotlabs\\Module\\Network' => __DIR__ . '/../..' . '/Zotlabs/Module/Network.php',
'Zotlabs\\Module\\New_channel' => __DIR__ . '/../..' . '/Zotlabs/Module/New_channel.php',
- 'Zotlabs\\Module\\Nojs' => __DIR__ . '/../..' . '/Zotlabs/Module/Nojs.php',
'Zotlabs\\Module\\Notes' => __DIR__ . '/../..' . '/Zotlabs/Module/Notes.php',
'Zotlabs\\Module\\Notifications' => __DIR__ . '/../..' . '/Zotlabs/Module/Notifications.php',
'Zotlabs\\Module\\Notify' => __DIR__ . '/../..' . '/Zotlabs/Module/Notify.php',
@@ -1506,7 +1508,9 @@ class ComposerStaticInit7b34d7e50a62201ec5d5e526a5b8b35d
'Zotlabs\\Update\\_1223' => __DIR__ . '/../..' . '/Zotlabs/Update/_1223.php',
'Zotlabs\\Update\\_1224' => __DIR__ . '/../..' . '/Zotlabs/Update/_1224.php',
'Zotlabs\\Update\\_1225' => __DIR__ . '/../..' . '/Zotlabs/Update/_1225.php',
- 'Zotlabs\\Web\\CheckJS' => __DIR__ . '/../..' . '/Zotlabs/Web/CheckJS.php',
+ 'Zotlabs\\Update\\_1226' => __DIR__ . '/../..' . '/Zotlabs/Update/_1226.php',
+ 'Zotlabs\\Update\\_1227' => __DIR__ . '/../..' . '/Zotlabs/Update/_1227.php',
+ 'Zotlabs\\Update\\_1228' => __DIR__ . '/../..' . '/Zotlabs/Update/_1228.php',
'Zotlabs\\Web\\Controller' => __DIR__ . '/../..' . '/Zotlabs/Web/Controller.php',
'Zotlabs\\Web\\HTTPHeaders' => __DIR__ . '/../..' . '/Zotlabs/Web/HTTPHeaders.php',
'Zotlabs\\Web\\HTTPSig' => __DIR__ . '/../..' . '/Zotlabs/Web/HTTPSig.php',
diff --git a/vendor/composer/installed.json b/vendor/composer/installed.json
index af845828e..30fe9b020 100644
--- a/vendor/composer/installed.json
+++ b/vendor/composer/installed.json
@@ -1,20 +1,20 @@
[
{
"name": "blueimp/jquery-file-upload",
- "version": "v9.25.1",
- "version_normalized": "9.25.1.0",
+ "version": "v9.28.0",
+ "version_normalized": "9.28.0.0",
"source": {
"type": "git",
"url": "https://github.com/vkhramtsov/jQuery-File-Upload.git",
- "reference": "28891f9b2bc339bcc1ca8d548e5401e8563bf04b"
+ "reference": "ff5accfe2e5c4a522777faa980a90cf86a636d1d"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/vkhramtsov/jQuery-File-Upload/zipball/28891f9b2bc339bcc1ca8d548e5401e8563bf04b",
- "reference": "28891f9b2bc339bcc1ca8d548e5401e8563bf04b",
+ "url": "https://api.github.com/repos/vkhramtsov/jQuery-File-Upload/zipball/ff5accfe2e5c4a522777faa980a90cf86a636d1d",
+ "reference": "ff5accfe2e5c4a522777faa980a90cf86a636d1d",
"shasum": ""
},
- "time": "2018-10-26T07:21:48+00:00",
+ "time": "2018-11-13T05:41:39+00:00",
"type": "library",
"installation-source": "dist",
"autoload": {
@@ -457,23 +457,23 @@
},
{
"name": "psr/log",
- "version": "1.0.2",
- "version_normalized": "1.0.2.0",
+ "version": "1.1.0",
+ "version_normalized": "1.1.0.0",
"source": {
"type": "git",
"url": "https://github.com/php-fig/log.git",
- "reference": "4ebe3a8bf773a19edfe0a84b6585ba3d401b724d"
+ "reference": "6c001f1daafa3a3ac1d8ff69ee4db8e799a654dd"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/php-fig/log/zipball/4ebe3a8bf773a19edfe0a84b6585ba3d401b724d",
- "reference": "4ebe3a8bf773a19edfe0a84b6585ba3d401b724d",
+ "url": "https://api.github.com/repos/php-fig/log/zipball/6c001f1daafa3a3ac1d8ff69ee4db8e799a654dd",
+ "reference": "6c001f1daafa3a3ac1d8ff69ee4db8e799a654dd",
"shasum": ""
},
"require": {
"php": ">=5.3.0"
},
- "time": "2016-10-10T12:19:37+00:00",
+ "time": "2018-11-20T15:27:04+00:00",
"type": "library",
"extra": {
"branch-alias": {
@@ -1141,8 +1141,8 @@
},
{
"name": "symfony/polyfill-ctype",
- "version": "v1.9.0",
- "version_normalized": "1.9.0.0",
+ "version": "v1.10.0",
+ "version_normalized": "1.10.0.0",
"source": {
"type": "git",
"url": "https://github.com/symfony/polyfill-ctype.git",
diff --git a/vendor/psr/log/README.md b/vendor/psr/log/README.md
index 574bc1cb2..5571a25e8 100644
--- a/vendor/psr/log/README.md
+++ b/vendor/psr/log/README.md
@@ -7,6 +7,13 @@ This repository holds all interfaces/classes/traits related to
Note that this is not a logger of its own. It is merely an interface that
describes a logger. See the specification for more details.
+Installation
+------------
+
+```bash
+composer require psr/log
+```
+
Usage
-----