aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs/Module
Commit message (Collapse)AuthorAgeFilesLines
* whitespaceMario Vavti2022-04-251-1/+1
|
* if we have not been provided a profile id set the profile id to the default ↵Mario Vavti2022-04-251-0/+4
| | | | profile - fixes #1671
* fixes in regard to hub re-installs: dismiss deleted hublocs, make sure we ↵Mario2022-04-011-8/+8
| | | | use the latest hubloc entry for addressing, in Queue::deliver() prefer primaries since their info is probably more accurate
* make sure to set comments_closed to the created date if nocomment is setMario Vavti2022-03-231-1/+1
|
* CVE-2022-27256: Open redirect via rpath query param.Harald Eilertsen2022-03-2010-27/+27
| | | | | | | | Don't follow urls to external sites when submitting forms from the settings modules. This mitigates an Open Redirect vulnerability where an attacker could trick a user to go to an attacker controlled destination. Fixes part of https://framagit.org/hubzilla/core/-/issues/1666
* CVE-2022-27258: XSS via rpath query param.Harald Eilertsen2022-03-2010-20/+20
| | | | | | | | | | Escape URLs provided by the rpath query param in settings modules. This prevents a possible Cross-Site scripting vulnerability, where an attacker could inject web scripts and html into the settings form via the rpath query parameter, and have a user execute the script by tricking them to clicking a link. Fixes part of https://framagit.org/hubzilla/core/-/issues/1666
* Merge branch 't0rum-master-patch-68993' into 'master'Mario2022-03-011-2/+2
| | | | | | | | | Typo in Setup.php prevents users from using Postgres See merge request hubzilla/core!2014 (cherry picked from commit 0e2e9321025f87fe9587f3d183adaea6185e4e20) d384f55d Typo in Setup.php prevents users from using Postgres
* enhanced content filtersMario2022-03-012-1/+7
|
* this was required for old style forum posts only and should not be needed ↵Mario2022-02-211-9/+11
| | | | anymore
* merge branch pdledit_gui into dev - many widgets still miss their ↵Mario2022-02-201-0/+553
| | | | description and requirements (this is work in progress)
* thr_parent lost across editsMario2022-02-181-0/+1
|
* php8 warningsMario2022-02-131-1/+4
|
* address deprecation warningsMario2022-02-131-6/+6
|
* allow to override the DB charset via the $db_charset variable in .htconfig.phpMario2022-02-101-2/+12
|
* whitespaceMario2022-02-041-2/+2
|
* clean the url from parametersMario2022-02-041-0/+5
|
* unpack encoded mid and make sure to goaway to the right messageMario2022-02-031-1/+13
|
* a like could be stored as item or activity so check bothMario2022-02-021-2/+3
|
* more work on relaying zap and diaspora, fix mod hcardMario2022-01-311-19/+19
|
* PHP 8.1 band-aidMario Vavti2022-01-311-9/+9
|
* attach iconfig to the activity and adjust ap raw message retrieval to handle ↵Mario2022-01-301-1/+13
| | | | both cases. also add a possibility to manually redeliver single hubs for debuging
* missing define of variable, remove deprecated zot-info and ofeed from webfingerMario2022-01-261-12/+1
|
* fix docMario2022-01-231-2/+2
|
* make sure that if an existing contact role changes we will re-assign the ↵Mario2022-01-231-69/+98
| | | | permissions to all role members and cleanup
* make sure we have an existing default role in any caseMario2022-01-231-2/+5
|
* stringMario2022-01-211-2/+2
|
* string updateMario2022-01-201-1/+1
|
* fix potential issue with ap addressing in mod hqMario2022-01-201-6/+6
|
* fix pgsql profile photo issueMario2022-01-201-1/+1
|
* fix channel app naming and translation and cleanup apps with an db updateMario2022-01-191-1/+1
|
* Fix strings translationMax Kostikov2022-01-182-1/+8
|
* change name on all associated xchans by matching the urlMario2022-01-181-2/+3
|
* check for existence of vcardMario2022-01-181-18/+18
|
* vcards are not actually implemented anymoreMario2022-01-181-4/+4
|
* make sure to use the correct default roleMario2022-01-181-1/+1
|
* pwa improvements according to lighthouseMario2022-01-131-2/+7
|
* ux improvementsMario2022-01-124-55/+29
|
* mod profile_photo cleanupMario2022-01-121-175/+157
|
* refactor mod profile_photoMario2022-01-121-114/+180
|
* missing nav_set_selected()Mario2022-01-082-16/+4
|
* streamline privacy groupsMario2022-01-071-27/+1
|
* more work on access tokensMario2022-01-061-41/+47
|
* do not show blocked or ignored contacts in connectionsMario2022-01-041-22/+22
|
* minor wording change and fix connections linkMario2022-01-041-3/+3
|
* more lockview ui improvementsMario2022-01-031-15/+22
|
* minor usability improvementMario2022-01-031-1/+1
|
* remove loggingMario2022-01-021-3/+0
|
* port new_token from zap, fixes and more cleanupMario2022-01-021-8/+2
|
* lockview: fix guest links for profile groups and photos, cleanupMario2022-01-021-77/+102
|
* lockview: provide guest links for private resourcesMario2022-01-021-33/+53
|