Commit Graph

364 Commits

Author SHA1 Message Date
czaks
232f4ff868 markup modifiers: make it even harder to escape 2013-07-31 21:27:50 -04:00
Michael Foster
ea2b8cce07 Bugfix: HTML injection in post editing (introduces and fixes yet another bug) 2013-07-31 21:24:17 -04:00
Michael Foster
a5312ebe89 Allow public ban messages on raw HTML posts 2013-07-31 21:02:26 -04:00
Michael Foster
328484bee7 SQL cleanup 2013-07-31 20:51:43 -04:00
Michael Foster
6bbe407e18 Markup modifiers: raw HTML 2013-07-31 19:18:55 -04:00
Michael Foster
6d52c8b428 Markup modifiers. Fix issue #66 (public ban message lost when rebuilding post body) 2013-07-31 18:59:54 -04:00
Michael Foster
3a8736cdc0 Fix last commit 2013-07-31 17:04:36 -04:00
Michael Foster
c2a287cd14 Only run SQL query to count threads if we really need to 2013-07-31 17:02:42 -04:00
Michael Foster
42e16e233a Javascript l10n: Work without $config['additional_javascript_compile'] 2013-07-31 06:54:53 -04:00
czaks
67db0a878a js i18n: finish implementation with addition of the compiled locale strings file to additional javascripts 2013-07-31 04:57:50 -04:00
czaks
3f98522ff2 i18n one more string in inc/functions.php 2013-07-31 04:56:42 -04:00
czaks
babeec8bb9 localise time values 2013-07-31 04:55:34 -04:00
Michael Foster
18516ff828 Rename $config['url_ads'] to $config['link_prefix'] 2013-07-31 03:43:01 -04:00
Marcin Łabanowski
3ef2c05bb2 url_ads: fix it not working 2013-07-31 03:39:20 -04:00
szalej
5bf53cb581 Update inc/functions.php
url ads
2013-07-31 03:39:15 -04:00
szalej
220609999a Update inc/functions.php
Hide Referrer (nullrefer.com)
2013-07-31 03:39:10 -04:00
Michael Foster
a2d8e4cf3e Previous commit comment fix 2013-07-31 03:13:51 -04:00
Michael Foster
37d769646b Markup/quote fix for multibyte 2013-07-31 03:12:06 -04:00
Michael Foster
b22bcdecf9 Fix last commit: purge() issue 2013-07-31 02:19:58 -04:00
Michael Foster
42cba53887 Allow Unicode in board URIs. 2013-07-31 02:08:55 -04:00
Michael Foster
8efab06616 Upgrade to utf8mb4 charset for MySQL server versions above 5.5.3. Keep support for older versions. Fix charsets for multiple columns and tables. 2013-07-30 22:08:56 -04:00
Michael Foster
461084d400 MySQL's utf8 charset only supports up to 3-byte symbols. Insterting four byte symbols (U+010000 to U+10FFFF) can be done maliciously to break HTML mark-up.
The ideal solution was to convert to MySQL's utf8mb4 charset, but then we would lose support for MySQL < 5.5.3. In this fix, incompatible characters are encoded as HTML numeric character references (eg. #65536) and just stripped from body_nommarkup.
2013-07-30 16:41:10 -04:00
Michael Foster
bd8bd3c02e Fix for last commit 2013-07-28 20:46:00 -04:00
Michael Foster
57c8e4ee7c Strip combining characters from Unicode strings (eg. Zalgo) 2013-07-28 20:33:26 -04:00
Michael Foster
37d5846e4e Fix markup overlapping. Issue #124 2013-07-26 11:01:13 -04:00
Michael Foster
e4bd9a6886 Themes edit: Split "post" into two seperate actions: "post" (replies) and "post-thread". And add a $board variable. 2013-07-18 12:06:26 -04:00
Michael Foster
aadb57f2a2 More ban stuff: Show whether or not user has "seen" a ban yet in the ban list and on IP address pages. Purge useless expired ban records. 2013-07-16 08:50:39 -04:00
Michael Foster
c8f30550af $config['require_ban_view']: Force users to view the "You are banned" page at least once before letting a ban disappear naturally. 2013-07-16 06:33:37 -04:00
Michael Foster
29b10c88db Outputting thread subject in header/title (issue #122) 2013-07-16 02:48:20 -04:00
Michael Foster
77e4d926d9 Add "write" (files written to) to debug section 2013-07-16 01:21:06 -04:00
Michael
9b0c31daa6 Merge pull request #116 from Macil/hardlimits
Adds image_hard_limit and reply_hard_limit options
2013-06-18 10:46:25 -07:00
Michael
0ac9dd5f25 Merge pull request #115 from Macil/miscfixes
Miscellaneous fixes
2013-06-18 10:45:13 -07:00
Macil Tech
3eda5b0543 Adds image_hard_limit and reply_hard_limit options.
Also reworks the numPosts() function and uses it elsewhere too.
2013-06-18 12:21:41 -05:00
Macil Tech
765e64ee38 m and n dash fix 2013-06-18 12:07:30 -05:00
Macil Tech
b078222ede Fix "Undefined index: sticky" and "locked" errors on new thread creation. 2013-06-18 12:00:26 -05:00
Macil Tech
6fd6b92fe8 Fix openBoard and boardTitle functions using same caching keys.
Added getBoardInfo function that's used by both of the above functions,
and can get a board's info without loading it.
2013-06-18 11:13:43 -05:00
Fredrick
53f710060d Fix truncation issue by no longer using HTML entities for Unicode characters 2013-03-17 07:00:55 -04:00
Michael
f07e1564ae Merge pull request #97 from Macil/indexstuff
index() rework to use only one cache key
2013-01-27 21:32:01 -08:00
Macil Tech
879f20ec72 Reworked index() slightly to make caching simpler and only use one key. 2013-01-27 21:32:22 -06:00
Michael Save
85578b7105 Bugfix: Anti-bot check not allowing posting from second page 2013-01-24 04:56:06 +11:00
Michael Save
b086e47cfc Em dash and en dash mix-up. Issue #88 2013-01-24 03:37:15 +11:00
Michael Save
cd81ae8ea5 No point using JSON as Cache class already supports objects 2013-01-23 13:42:14 +11:00
Michael Save
edb9999a7d I'm dumb 2013-01-23 12:48:23 +11:00
Michael Save
b693779d0d Hopefully a final fix for caching thread previews. This feature was previous disabled because of a bug/confliction. 2013-01-23 12:43:46 +11:00
Michael Save
7a68fc9525 Copyright and license update for 2013. 2013-01-20 21:23:46 +11:00
Michael
accc3992f3 Merge pull request #93 from Macil/image_reject_repost_in_thread
Add image_reject_repost_in_thread option
2013-01-18 23:03:16 -08:00
Macil Tech
3a9ed90c58 Incorrect parameter type.
The parameter was bound with the wrong type. I guess the type isn't
enforced judging by how the code still seemed to work, but it probably
should be fixed.
2013-01-19 00:39:30 -06:00
Macil Tech
90ada24ddc Insert into posts table using named columns.
Makes it easier to update the posts table schema.
2013-01-19 00:39:29 -06:00
Macil Tech
91e8547b04 Add image_reject_repost_in_thread option 2013-01-19 00:25:24 -06:00
Michael Save
30ecfc76e7 Added new events: lock and load-config 2012-11-19 10:28:23 +11:00