From 55b4eb7b22fb699688e89a99b1370b8ee17af0d3 Mon Sep 17 00:00:00 2001 From: Mario Date: Fri, 26 Feb 2021 10:15:56 +0000 Subject: version 5.4RC1 --- boot.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'boot.php') diff --git a/boot.php b/boot.php index 4c3e4c00b..b8e260341 100644 --- a/boot.php +++ b/boot.php @@ -52,7 +52,7 @@ require_once('include/attach.php'); require_once('include/bbcode.php'); define ( 'PLATFORM_NAME', 'hubzilla' ); -define ( 'STD_VERSION', '5.5.1' ); +define ( 'STD_VERSION', '5.4RC1' ); define ( 'ZOT_REVISION', '6.0' ); define ( 'DB_UPDATE_VERSION', 1243 ); -- cgit v1.2.3 From 48bae9d4219735bc44f4ee72228d19d3e6b9efc9 Mon Sep 17 00:00:00 2001 From: Mario Date: Wed, 3 Mar 2021 13:39:41 +0100 Subject: php8: fix warnings during install procedure --- boot.php | 26 +++++++++++++++----------- 1 file changed, 15 insertions(+), 11 deletions(-) (limited to 'boot.php') diff --git a/boot.php b/boot.php index b8e260341..28ca02f84 100644 --- a/boot.php +++ b/boot.php @@ -1183,14 +1183,18 @@ class App { if($interval < 10000) $interval = 80000; - if(! x(self::$page,'title')) + if(! isset(self::$page['title']) && isset(self::$config['system']['sitename'])) self::$page['title'] = self::$config['system']['sitename']; - $pagemeta = [ 'og:title' => self::$page['title'] ]; + if(isset(self::$page['title'])) + $pagemeta = [ 'og:title' => self::$page['title'] ]; call_hooks('page_meta',$pagemeta); - foreach ($pagemeta as $metaproperty => $metavalue) { - self::$meta->set($metaproperty,$metavalue); + + if($pagemeta) { + foreach ($pagemeta as $metaproperty => $metavalue) { + self::$meta->set($metaproperty,$metavalue); + } } self::$meta->set('generator', Zotlabs\Lib\System::get_platform_name()); @@ -1226,10 +1230,10 @@ class App { '$linkrel' => head_get_links(), '$js_strings' => js_strings(), '$zid' => get_my_address(), - '$channel_id' => self::$profile['uid'], - '$auto_save_draft' => ((feature_enabled(self::$profile['uid'], 'auto_save_draft')) ? "true" : "false") + '$channel_id' => self::$profile['uid'] ?? 0, + '$auto_save_draft' => ((isset(self::$profile['uid']) && feature_enabled(self::$profile['uid'], 'auto_save_draft')) ? "true" : "false") ] - ) . self::$page['htmlhead']; + ) . ((isset(self::$page['htmlhead'])) ? self::$page['htmlhead'] : ''); // always put main.js at the end self::$page['htmlhead'] .= head_get_main_js(); @@ -2351,7 +2355,7 @@ function construct_page() { App::build_pagehead(); - if(App::$page['pdl_content']) { + if(isset(App::$page['pdl_content'])) { App::$page['content'] = App::$comanche->region(App::$page['content']); } @@ -2418,7 +2422,7 @@ function construct_page() { if(App::get_scheme() === 'https' && App::$config['system']['transport_security_header']) header("Strict-Transport-Security: max-age=31536000"); - if(App::$config['system']['content_security_policy']) { + if(isset(App::$config['system']['content_security_policy'])) { $cspsettings = Array ( 'script-src' => Array ("'self'","'unsafe-inline'","'unsafe-eval'"), 'style-src' => Array ("'self'","'unsafe-inline'") @@ -2448,13 +2452,13 @@ function construct_page() { header($cspheader); } - if(App::$config['system']['x_security_headers']) { + if(isset(App::$config['system']['x_security_headers'])) { header("X-Frame-Options: SAMEORIGIN"); header("X-Xss-Protection: 1; mode=block;"); header("X-Content-Type-Options: nosniff"); } - if(App::$config['system']['public_key_pins']) { + if(isset(App::$config['system']['public_key_pins'])) { header("Public-Key-Pins: " . App::$config['system']['public_key_pins']); } -- cgit v1.2.3 From 3d264f5a55f340e3c20c1181c8b4578abecf3f1c Mon Sep 17 00:00:00 2001 From: Mario Date: Wed, 3 Mar 2021 12:39:41 +0000 Subject: php8: fix warnings during install procedure (cherry picked from commit 48bae9d4219735bc44f4ee72228d19d3e6b9efc9) --- boot.php | 26 +++++++++++++++----------- 1 file changed, 15 insertions(+), 11 deletions(-) (limited to 'boot.php') diff --git a/boot.php b/boot.php index 4c3e4c00b..ccf1c9d72 100644 --- a/boot.php +++ b/boot.php @@ -1183,14 +1183,18 @@ class App { if($interval < 10000) $interval = 80000; - if(! x(self::$page,'title')) + if(! isset(self::$page['title']) && isset(self::$config['system']['sitename'])) self::$page['title'] = self::$config['system']['sitename']; - $pagemeta = [ 'og:title' => self::$page['title'] ]; + if(isset(self::$page['title'])) + $pagemeta = [ 'og:title' => self::$page['title'] ]; call_hooks('page_meta',$pagemeta); - foreach ($pagemeta as $metaproperty => $metavalue) { - self::$meta->set($metaproperty,$metavalue); + + if($pagemeta) { + foreach ($pagemeta as $metaproperty => $metavalue) { + self::$meta->set($metaproperty,$metavalue); + } } self::$meta->set('generator', Zotlabs\Lib\System::get_platform_name()); @@ -1226,10 +1230,10 @@ class App { '$linkrel' => head_get_links(), '$js_strings' => js_strings(), '$zid' => get_my_address(), - '$channel_id' => self::$profile['uid'], - '$auto_save_draft' => ((feature_enabled(self::$profile['uid'], 'auto_save_draft')) ? "true" : "false") + '$channel_id' => self::$profile['uid'] ?? 0, + '$auto_save_draft' => ((isset(self::$profile['uid']) && feature_enabled(self::$profile['uid'], 'auto_save_draft')) ? "true" : "false") ] - ) . self::$page['htmlhead']; + ) . ((isset(self::$page['htmlhead'])) ? self::$page['htmlhead'] : ''); // always put main.js at the end self::$page['htmlhead'] .= head_get_main_js(); @@ -2351,7 +2355,7 @@ function construct_page() { App::build_pagehead(); - if(App::$page['pdl_content']) { + if(isset(App::$page['pdl_content'])) { App::$page['content'] = App::$comanche->region(App::$page['content']); } @@ -2418,7 +2422,7 @@ function construct_page() { if(App::get_scheme() === 'https' && App::$config['system']['transport_security_header']) header("Strict-Transport-Security: max-age=31536000"); - if(App::$config['system']['content_security_policy']) { + if(isset(App::$config['system']['content_security_policy'])) { $cspsettings = Array ( 'script-src' => Array ("'self'","'unsafe-inline'","'unsafe-eval'"), 'style-src' => Array ("'self'","'unsafe-inline'") @@ -2448,13 +2452,13 @@ function construct_page() { header($cspheader); } - if(App::$config['system']['x_security_headers']) { + if(isset(App::$config['system']['x_security_headers'])) { header("X-Frame-Options: SAMEORIGIN"); header("X-Xss-Protection: 1; mode=block;"); header("X-Content-Type-Options: nosniff"); } - if(App::$config['system']['public_key_pins']) { + if(isset(App::$config['system']['public_key_pins'])) { header("Public-Key-Pins: " . App::$config['system']['public_key_pins']); } -- cgit v1.2.3 From 7e36727ce62318315698930d5209650d323a78a9 Mon Sep 17 00:00:00 2001 From: Max Kostikov Date: Wed, 3 Mar 2021 20:01:39 +0000 Subject: Fix frame-src CSP error on video embedding --- boot.php | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) (limited to 'boot.php') diff --git a/boot.php b/boot.php index 4c3e4c00b..38269ddb6 100644 --- a/boot.php +++ b/boot.php @@ -2419,10 +2419,11 @@ function construct_page() { header("Strict-Transport-Security: max-age=31536000"); if(App::$config['system']['content_security_policy']) { - $cspsettings = Array ( - 'script-src' => Array ("'self'","'unsafe-inline'","'unsafe-eval'"), - 'style-src' => Array ("'self'","'unsafe-inline'") - ); + $cspsettings = [ + 'script-src' => [ "'self'", "'unsafe-inline'", "'unsafe-eval'" ], + 'style-src' => [ "'self'", "'unsafe-inline'" ], + 'frame-src' => [ "'self'" ] + ]; call_hooks('content_security_policy',$cspsettings); // Legitimate CSP directives (cxref: https://content-security-policy.com/) -- cgit v1.2.3 From 33b738d00bf4f50cc7b4fd94ab102e721e60b0a8 Mon Sep 17 00:00:00 2001 From: Max Kostikov Date: Thu, 4 Mar 2021 08:05:26 +0000 Subject: Fix frame-src CSP error on video embedding --- boot.php | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) (limited to 'boot.php') diff --git a/boot.php b/boot.php index ccf1c9d72..2df98a19d 100644 --- a/boot.php +++ b/boot.php @@ -2422,11 +2422,12 @@ function construct_page() { if(App::get_scheme() === 'https' && App::$config['system']['transport_security_header']) header("Strict-Transport-Security: max-age=31536000"); - if(isset(App::$config['system']['content_security_policy'])) { - $cspsettings = Array ( - 'script-src' => Array ("'self'","'unsafe-inline'","'unsafe-eval'"), - 'style-src' => Array ("'self'","'unsafe-inline'") - ); + if(App::$config['system']['content_security_policy']) { + $cspsettings = [ + 'script-src' => [ "'self'", "'unsafe-inline'", "'unsafe-eval'" ], + 'style-src' => [ "'self'", "'unsafe-inline'" ], + 'frame-src' => [ "'self'" ] + ]; call_hooks('content_security_policy',$cspsettings); // Legitimate CSP directives (cxref: https://content-security-policy.com/) -- cgit v1.2.3 From 9c110e7b9b77a082dc3326e4fc58d5308d03668e Mon Sep 17 00:00:00 2001 From: Mario Date: Thu, 4 Mar 2021 08:20:16 +0000 Subject: revert isset --- boot.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'boot.php') diff --git a/boot.php b/boot.php index 82ebea71a..f66a87242 100644 --- a/boot.php +++ b/boot.php @@ -2422,7 +2422,7 @@ function construct_page() { if(App::get_scheme() === 'https' && App::$config['system']['transport_security_header']) header("Strict-Transport-Security: max-age=31536000"); - if(isset(App::$config['system']['content_security_policy'])) { + if(App::$config['system']['content_security_policy']) { $cspsettings = [ 'script-src' => [ "'self'", "'unsafe-inline'", "'unsafe-eval'" ], 'style-src' => [ "'self'", "'unsafe-inline'" ], -- cgit v1.2.3 From 7beb500fb4c7ebd004a6c24f54be2989964e8e0e Mon Sep 17 00:00:00 2001 From: Max Kostikov Date: Thu, 4 Mar 2021 08:36:20 +0000 Subject: Check if custom CSP is set --- boot.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'boot.php') diff --git a/boot.php b/boot.php index 2df98a19d..70610e1c7 100644 --- a/boot.php +++ b/boot.php @@ -2422,7 +2422,7 @@ function construct_page() { if(App::get_scheme() === 'https' && App::$config['system']['transport_security_header']) header("Strict-Transport-Security: max-age=31536000"); - if(App::$config['system']['content_security_policy']) { + if(isset(App::$config['system']['content_security_policy'])) { $cspsettings = [ 'script-src' => [ "'self'", "'unsafe-inline'", "'unsafe-eval'" ], 'style-src' => [ "'self'", "'unsafe-inline'" ], -- cgit v1.2.3 From 5b7a10401f063241b6f8939fb1378478af515a9d Mon Sep 17 00:00:00 2001 From: Mario Date: Thu, 4 Mar 2021 09:48:19 +0000 Subject: version 5.4RC2 --- boot.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'boot.php') diff --git a/boot.php b/boot.php index f66a87242..664e35732 100644 --- a/boot.php +++ b/boot.php @@ -52,7 +52,7 @@ require_once('include/attach.php'); require_once('include/bbcode.php'); define ( 'PLATFORM_NAME', 'hubzilla' ); -define ( 'STD_VERSION', '5.4RC1' ); +define ( 'STD_VERSION', '5.4RC2' ); define ( 'ZOT_REVISION', '6.0' ); define ( 'DB_UPDATE_VERSION', 1243 ); -- cgit v1.2.3 From 1eae7b92d1bb0806bebfe40da21799c8e5997afb Mon Sep 17 00:00:00 2001 From: Mario Date: Thu, 4 Mar 2021 09:50:03 +0000 Subject: revert isset() --- boot.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'boot.php') diff --git a/boot.php b/boot.php index 70610e1c7..2df98a19d 100644 --- a/boot.php +++ b/boot.php @@ -2422,7 +2422,7 @@ function construct_page() { if(App::get_scheme() === 'https' && App::$config['system']['transport_security_header']) header("Strict-Transport-Security: max-age=31536000"); - if(isset(App::$config['system']['content_security_policy'])) { + if(App::$config['system']['content_security_policy']) { $cspsettings = [ 'script-src' => [ "'self'", "'unsafe-inline'", "'unsafe-eval'" ], 'style-src' => [ "'self'", "'unsafe-inline'" ], -- cgit v1.2.3 From 33e4b6db7265661c59c21d8244e1fae42974c6af Mon Sep 17 00:00:00 2001 From: Mario Date: Thu, 4 Mar 2021 09:52:54 +0000 Subject: revert revert isset() --- boot.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'boot.php') diff --git a/boot.php b/boot.php index 2df98a19d..70610e1c7 100644 --- a/boot.php +++ b/boot.php @@ -2422,7 +2422,7 @@ function construct_page() { if(App::get_scheme() === 'https' && App::$config['system']['transport_security_header']) header("Strict-Transport-Security: max-age=31536000"); - if(App::$config['system']['content_security_policy']) { + if(isset(App::$config['system']['content_security_policy'])) { $cspsettings = [ 'script-src' => [ "'self'", "'unsafe-inline'", "'unsafe-eval'" ], 'style-src' => [ "'self'", "'unsafe-inline'" ], -- cgit v1.2.3 From fe638c88e000c7adf0f4dabc1ad6e586b1f778e9 Mon Sep 17 00:00:00 2001 From: Mario Date: Mon, 8 Mar 2021 10:16:00 +0000 Subject: fix dev version --- boot.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'boot.php') diff --git a/boot.php b/boot.php index e508b0d0f..f77cd2a80 100644 --- a/boot.php +++ b/boot.php @@ -52,7 +52,7 @@ require_once('include/attach.php'); require_once('include/bbcode.php'); define ( 'PLATFORM_NAME', 'hubzilla' ); -define ( 'STD_VERSION', '5.4RC2' ); +define ( 'STD_VERSION', '5.5.3' ); define ( 'ZOT_REVISION', '6.0' ); define ( 'DB_UPDATE_VERSION', 1243 ); -- cgit v1.2.3 From 11d831e4d7bd4163ea518892f541252ce1acea2e Mon Sep 17 00:00:00 2001 From: Max Kostikov Date: Wed, 10 Mar 2021 11:14:02 +0000 Subject: More PHP 8 fixes --- boot.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'boot.php') diff --git a/boot.php b/boot.php index 520cf464a..ec79b3dce 100644 --- a/boot.php +++ b/boot.php @@ -2316,13 +2316,14 @@ function construct_page() { $navbar = get_pconfig($uid,'system','navbar',$navbar); } - if($comanche && App::$layout['navbar']) { + if($comanche && isset(App::$layout['navbar'])) { $navbar = App::$layout['navbar']; } if (App::$module == 'setup') { $installing = true; - } else { + } + else { nav($navbar); } -- cgit v1.2.3