aboutsummaryrefslogtreecommitdiffstats
path: root/include
Commit message (Collapse)AuthorAgeFilesLines
* streamline comment policy with downstreamMario2022-03-231-19/+1
|
* Add function is_local_url() to check if url is local.Harald Eilertsen2022-03-201-0/+8
|
* Add helper to escape URLs.Harald Eilertsen2022-03-201-0/+12
| | | | | | | | | The escaping makes the URL safe for display and for use in HTML element attributes (such as href="..." etc), but does not guarantee that the URL itself is valid after conversion. This should be good enough for mitigating XSS issues caused by injecting html or javascript into a URL. Also probably good enough for _most_ normal URLs, but there may be devils hidden in the details somewhere.
* Merge branch 'volse-fix-stylesheet-root-path' into 'dev'Mario2022-03-171-42/+2
|\ | | | | | | | | Use correct base url for stylesheets and js. See merge request hubzilla/core!2015
| * Remove now unused function script_path.Harald Eilertsen2022-03-031-38/+0
| |
| * Use correct base url for stylesheets and js.Harald Eilertsen2022-03-031-4/+2
| | | | | | | | | | | | Use z_root instead of script_path when formatting stylesheet and javascript links for the head section. script_path does not preserve information about the port if the site uses a nonstandard port.
* | remove loggingMario2022-03-041-1/+1
| |
* | event fixesMario2022-03-042-6/+10
| |
* | streamline event activity handlingMario2022-03-041-50/+128
|/
* fix duplicate ids in login form and move login/register buttons into the ↵Mario2022-03-032-19/+24
| | | | hamburger menu on small screens
* fix feedutils regressionMario2022-03-011-4/+4
|
* enhanced content filtersMario2022-03-012-15/+51
|
* merge branch pdledit_gui into dev - many widgets still miss their ↵Mario2022-02-201-0/+73
| | | | description and requirements (this is work in progress)
* php8 warningsMario2022-02-134-13/+18
|
* address deprecation warningsMario2022-02-133-4/+12
|
* fix another deprecation warningMario2022-02-111-2/+7
|
* 3rd arg in str_replace() can not be nullMario2022-02-111-0/+4
|
* allow to override the DB charset via the $db_charset variable in .htconfig.phpMario2022-02-102-9/+9
|
* pdo: add the charset to the connection stringMario2022-02-091-0/+7
|
* since we do not use feedutils for ostatus anymore, we can now safely use ↵Mario2022-02-091-2/+2
| | | | import_author_rss() instead of import_author_unknown()
* more PHP 8.1 deprecated warningsMario2022-02-025-6/+10
|
* more PHP 8.1 deprecated warningsMario2022-02-021-0/+6
|
* more PHP 8.1 deprecated warningsMario2022-02-021-3/+3
|
* allow zotfinger to recurse through all known hublocs if the one we got does ↵Mario2022-02-012-1/+49
| | | | not exist (404) or got removed (410). add functions for updating tables from array and deleting hublocs.
* PHP 8.1 band-aidMario Vavti2022-01-311-0/+4
|
* fix for #1659Mario2022-01-271-0/+1
|
* use item_hidden instead of item_notshown for forum comment announcesMario2022-01-261-1/+1
|
* port z_curl_error() from zapMario2022-01-231-0/+12
|
* wrong function nameMario2022-01-211-1/+1
|
* drop_item() requires the item id not the item arrayMario2022-01-191-2/+3
|
* provide a spinner for edit connection action in threadsMario2022-01-191-1/+8
|
* make sure to use the correct default roleMario2022-01-181-1/+1
|
* pwa improvements according to lighthouseMario2022-01-131-1/+3
|
* ux improvementsMario2022-01-121-2/+6
|
* toc: add headingsMario2022-01-111-1/+1
|
* make toc bbcode find its own container by defaultMario2022-01-091-1/+1
|
* fix get_tags() parsing toc bbcodesMario2022-01-091-0/+1
|
* more work on access tokensMario2022-01-061-0/+4
|
* only display connections widget if there are any connections to showMario2022-01-041-39/+41
|
* do not show blocked or ignored contacts in connectionsMario2022-01-041-1/+1
|
* fix Access^CccessList include and plink in post_activity_item()Mario2022-01-031-2/+3
|
* port new_token from zap, fixes and more cleanupMario2022-01-021-1/+21
|
* update_poll() can be called many times in a row for the same item if a ↵Mario2021-12-221-2/+22
| | | | multiple poll is being updated. This could result in the queueworker not processing duplicates. We are now adding the source item mid to the notifier call as the third argument (fragment) so that the queueworker will not think they are duplicates. The fragment is also passed to the deliver_hooks call in the notifier
* guest token xchan_network = "token" and remove permission checks since the ↵Mario2021-12-184-46/+3
| | | | guest tokens are now added to the abook automatically
* implement background deleting of items in contact_remove()Mario2021-12-171-45/+58
|
* access token refactorMario2021-12-175-7/+118
|
* merge branch perms_ng into devMario2021-12-1510-115/+299
|
* fix blured profile images and pdl filesMario Vavti2021-12-031-1/+1
|
* profile cleanup and fixesMario2021-11-251-3/+4
|
* more work on responsive asideMario2021-11-232-2/+2
|