aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* more markdown purificationzotlabs2017-03-292-7/+6
|
* perform attach_upgrade()zotlabs2017-03-292-0/+26
|
* after all of this, I would be very hesitant to use any multi-user system ↵zotlabs2017-03-291-1/+1
| | | | which uses markdown and which doesn't have a large security budget.
* even more fine tuning of the markdown purifier - especially when used with ↵zotlabs2017-03-294-3/+4
| | | | the wiki
* add function attach_syspaths to calculate the contents of os_path and ↵zotlabs2017-03-291-2/+42
| | | | display_path; add this to the rename function. We will also need it to populate existing file/photo structures as an upgrade task.
* attach_folder_rpaths() providing incorrect resultszotlabs2017-03-291-3/+3
|
* various input filter fixeszotlabs2017-03-2912-2179/+1860
|
* simplify the message signing spaghettizotlabs2017-03-292-47/+29
|
* namespace errorzotlabs2017-03-291-1/+1
|
* ensure z_input_filter is called exactly once, since we now depend on the ↵zotlabs2017-03-292-22/+55
| | | | | | number of htmlspecialchars operations for markdown content. Also ensure that the content is escaped the correct number of times on imported items.
* more work related to attach/photo and os_path, display_path and general code ↵zotlabs2017-03-292-36/+40
| | | | cleanup
* add os_path and display_path to photos, fix some issues with multiple path ↵zotlabs2017-03-293-96/+12
| | | | separators after cloud/nickname in the content field of attach and photos
* store os_path and display_path with fileszotlabs2017-03-291-2/+3
|
* dim class was un-themedzotlabs2017-03-292-4/+4
|
* input filter updateszotlabs2017-03-296-103/+57
|
* fix group by item queryzotlabs2017-03-291-17/+15
|
* class MarkdownSoap to safely store markdown by purifying and preserving ↵zotlabs2017-03-291-0/+86
| | | | (escaped) what may be unsafe code in codeblocks. The stored item needs to be unescaped just prior to calling the markdown-to-html processor
* get rid of some cruft in boot.phpzotlabs2017-03-291-62/+17
|
* remove the unimplemented upload limit site settingszotlabs2017-03-291-3/+0
|
* code_allowed is a real mess. Start the cleanup by remving the account level ↵zotlabs2017-03-297-78/+28
| | | | code allow and limiting to specific channels only. This reduces the possibility of cross channel security issues coming into play. Then provide a single function for checking the code permission. This is only partially done as we often need to check against the observer or logged in channel as well as the resource owner to ensure that this only returns true for local channels which also own the requested resource.
* fix widgets for bs4 againMario Vavti2017-03-292-4/+4
|
* namespace errorMario Vavti2017-03-291-1/+1
|
* widget file updatezotlabs2017-03-291-2/+2
|
* remove include/widgets.phpzotlabs2017-03-297-27/+2
|
* the rest of the standard widgets convertedzotlabs2017-03-2921-762/+861
|
* namespace errorMario Vavti2017-03-292-3/+2
|
* widgets cont.zotlabs2017-03-2910-207/+274
|
* widgets cont.zotlabs2017-03-2910-345/+411
|
* more widget migrationszotlabs2017-03-295-73/+102
|
* more widgetszotlabs2017-03-294-83/+106
|
* filename issuezotlabs2017-03-291-0/+0
|
* more widgetszotlabs2017-03-295-173/+172
|
* convert more widgets to classeszotlabs2017-03-296-133/+166
|
* use absolute namespacezotlabs2017-03-291-1/+2
|
* Comanche: allow widgets to be class based and stored appropriately in Zotlabszotlabs2017-03-293-16/+37
|
* minor bs4 fixesMario Vavti2017-03-284-12/+12
|
* some fixes for latest bs-devMario Vavti2017-03-284-2/+12
|
* fixes for latest bootstrapMario Vavti2017-03-284-24/+30
|
* update to latest bs-devMario Vavti2017-03-2810-135/+184
|
* links in wall-item-title must have white colour if the background is bg-primaryMario Vavti2017-03-281-0/+4
|
* Merge pull request #701 from dawnbreak/HTMLpurifierKlaus2017-03-27448-407/+9258
|\ | | | | HTMLPurifier library update
| * :arrow_up: Update HTML Purifier library.Klaus Weidenbach2017-03-26448-407/+9258
| | | | | | | | | | Updated HTML Purifier from 4.6.0 to 4.9.2 with better PHP7 compatibility. Used composer to manage this library.
* | adjust comment boxMario Vavti2017-03-271-2/+3
| |
* | fix app renderingMario Vavti2017-03-274-8/+6
| |
* | Merge branch 'dev' of https://github.com/redmatrix/hubzilla into devMario Vavti2017-03-272-117/+115
|\ \
| * \ Merge pull request #704 from zotlabs/doppleclonegit-marijus2017-03-271-6/+0
| |\ \ | | | | | | | | remove redundant and non-functional/broken check for successfully clo…
| | * | remove redundant and non-functional/broken check for successfully cloned ↵zotlabs2017-03-201-6/+0
| | | | | | | | | | | | | | | | channel record which was left over from an earlier method of creating the table; which was deprecated a few months back.
| * | | Merge pull request #707 from dawnbreak/docugit-marijus2017-03-271-111/+115
| |\ \ \ | | | | | | | | | | Import Module documentation and @-sign replacement.
| | * | | Import Module documentation and @-sign replacement.Klaus Weidenbach2017-03-251-111/+115
| | | |/ | | |/| | | | | | | | | | | | | If you copy the identity from your profile page the @-sign is invalid for the import and fails. Replace it for convenience.
* | / | remove apps which we have access to from the leftside menu in navMario Vavti2017-03-279-24/+0
|/ / /