aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs
Commit message (Collapse)AuthorAgeFilesLines
* more markdown purificationzotlabs2017-03-291-5/+5
|
* perform attach_upgrade()zotlabs2017-03-291-0/+3
|
* after all of this, I would be very hesitant to use any multi-user system ↵zotlabs2017-03-291-1/+1
| | | | which uses markdown and which doesn't have a large security budget.
* even more fine tuning of the markdown purifier - especially when used with ↵zotlabs2017-03-293-2/+3
| | | | the wiki
* various input filter fixeszotlabs2017-03-299-23/+76
|
* more work related to attach/photo and os_path, display_path and general code ↵zotlabs2017-03-292-36/+40
| | | | cleanup
* input filter updateszotlabs2017-03-294-46/+9
|
* class MarkdownSoap to safely store markdown by purifying and preserving ↵zotlabs2017-03-291-0/+86
| | | | (escaped) what may be unsafe code in codeblocks. The stored item needs to be unescaped just prior to calling the markdown-to-html processor
* code_allowed is a real mess. Start the cleanup by remving the account level ↵zotlabs2017-03-292-23/+4
| | | | code allow and limiting to specific channels only. This reduces the possibility of cross channel security issues coming into play. Then provide a single function for checking the code permission. This is only partially done as we often need to check against the observer or logged in channel as well as the resource owner to ensure that this only returns true for local channels which also own the requested resource.
* fix widgets for bs4 againMario Vavti2017-03-292-4/+4
|
* namespace errorMario Vavti2017-03-291-1/+1
|
* widget file updatezotlabs2017-03-291-2/+2
|
* remove include/widgets.phpzotlabs2017-03-295-13/+1
|
* the rest of the standard widgets convertedzotlabs2017-03-2920-0/+860
|
* namespace errorMario Vavti2017-03-291-2/+2
|
* widgets cont.zotlabs2017-03-299-0/+274
|
* widgets cont.zotlabs2017-03-299-0/+411
|
* more widget migrationszotlabs2017-03-294-0/+102
|
* more widgetszotlabs2017-03-293-0/+106
|
* filename issuezotlabs2017-03-291-0/+0
|
* more widgetszotlabs2017-03-293-0/+166
|
* convert more widgets to classeszotlabs2017-03-295-0/+166
|
* use absolute namespacezotlabs2017-03-291-1/+2
|
* Comanche: allow widgets to be class based and stored appropriately in Zotlabszotlabs2017-03-292-0/+37
|
* Import Module documentation and @-sign replacement.Klaus Weidenbach2017-03-251-111/+115
| | | | | If you copy the identity from your profile page the @-sign is invalid for the import and fails. Replace it for convenience.
* move profile tabs to app-trayMario Vavti2017-03-2010-10/+17
|
* Merge branch 'dev' into bs4Mario Vavti2017-03-192-4/+2
|\
| * fix php warning and remove loggingMario Vavti2017-03-191-4/+2
| |
| * Merge branch 'dev' of https://github.com/redmatrix/hubzilla into dev_mergezotlabs2017-03-181-2/+1
| |\
| * \ Merge branch 'dev' of https://github.com/redmatrix/hubzilla into dev_mergezotlabs2017-03-152-18/+6
| |\ \
| * | | Monday is a proper name and should be capitalised (except in private ↵zotlabs2017-03-081-1/+1
| | | | | | | | | | | | | | | | conversation amongst unix geeks).
* | | | fix abook_edit and private mailMario Vavti2017-03-181-1/+1
| | | |
* | | | Merge branch 'dev' into bs4Mario Vavti2017-03-181-2/+1
|\ \ \ \ | | |_|/ | |/| |
| * | | Missed one old Markdown()Klaus2017-03-181-2/+1
| | |/ | |/|
* | | fix item_list and item_search templates. make item filer use a bootdtrap ↵Mario Vavti2017-03-171-1/+3
| | | | | | | | | | | | modal and some css and class fixes
* | | Merge branch 'dev' into bs4Mario Vavti2017-03-152-18/+6
|\| |
| * | better handling of mimetype securityMario Vavti2017-03-152-18/+6
| |/
* | many class fixes and revive shiny class for item titles in a new wayMario Vavti2017-03-131-5/+7
| |
* | many dropdown and class fixes. still a long way to go...Mario Vavti2017-03-122-13/+13
|/
* add public_policy to the nwiki container also. This should not affect the ↵zotlabs2017-03-061-0/+2
| | | | recent bug as presented, but is being added for consistency.
* correct fix for wiki anonymous read issue (items_permissions_sql checks ↵zotlabs2017-03-061-8/+4
| | | | item.public_policy which was set for posts, not wikis)
* allow unauthenticated access to public wiki pagesMario Vavti2017-03-061-2/+10
|
* we need item edited for wiki page history, not item createdMario Vavti2017-03-041-1/+1
|
* Merge branch 'dev' of https://github.com/redmatrix/hubzilla into dev_mergezotlabs2017-03-021-1/+1
|\
| * reset schema value after we empty and repopulate it. second half of fix for #624Mario Vavti2017-03-021-1/+1
| |
* | activity widget - like the forum widget but represents unseen activity by ↵zotlabs2017-03-026-4/+29
| | | | | | | | author. Still experimental until it can be tested with diaspora xchans, which may require additional urlencoding.
* | make system.expire_delivery_reports default setting consistent (10 days)zotlabs2017-03-011-1/+1
|/
* expire unread system notifications after a year. It would provide a better ↵zotlabs2017-02-281-0/+7
| | | | experience for infrequent visitors if we didn't expire them at all, but at some point we need to draw a line so as not to degrade system performance searching through old notifications that it's highly unlikely will ever be viewed again.
* Merge pull request #686 from dawnbreak/markdownzotlabs2017-03-013-87/+86
|\ | | | | Upgrade PHP Markdown library.
| * :arrow_up: :hammer: Upgrade PHP Markdown library.Klaus Weidenbach2017-02-273-87/+86
| | | | | | | | | | | | The current version throws deprecated warning with PHP7.1 and PHPUnit. Upgrade the Markdown library to the current PHP Markdown Lib 1.7.0. Used composer to manage this library.