0ct0pu5/mylittleforum
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
819 commits 3 branches 61 tags 11 MiB
Commit graph

819 commits

This branch
This branch
All branches
Author SHA1 Message Date
Micha
9c5b4ef657 context sensitive masking of HTML-output (fix #17) 
* Fix: context sensitive escaping in user edit form (admin)

* Fix: context sensitive escaping in user register form (admin)

* Fix: context sensitive escaping in users list (admin)

* Fix: context sensitive escaping in e-mail addresses list (admin)

* Fix: context sensitive escaping in the contact form

* Fix: context sensitive escaping in entry output

* Fix: context sensitive escaping when saving an edited entry

* Fix: context sensitive escaping for online status in user list (normal)

* Fix: context sensitive escaping in the user list (normal)

* Fix: context sensitive escaping in an users personal data (normal)

* Fix: context sensitive escaping in an users entries list (normal)

* Fix: context sensitive escaping in the profile edit form (normal)

* context sensitive masking of HTML-output

* Fix: context sensitive escaping for numeric values
 2016-10-02 17:13:23 +02:00
Micha
ceb734b9d0 Update Smarty (#12) 
Update Smarty to current version 3.1.30
 2016-09-28 09:57:49 +02:00
Heiko August
981f29b8ce Merge pull request #11 from ilosuna/error-in-error-messages 
Fix: CSRF bug, relative path bug, error in language handling, spelling error

Fixes authored by: @derletztekick
 2016-09-26 14:09:20 +02:00
Micha
216217a7a9 Spelling error 
Correcting eng. lang file, cf.
http://mylittleforum.net/forum/index.php?id=9216
 2016-09-23 21:57:38 +02:00
Micha
c0dd93eda9 error in error messages 
Fixing Issues #8, cf. https://github.com/ilosuna/mylittleforum/issues/8
 2016-09-22 22:32:47 +02:00
Micha
c71bef80e6 CSS Relative Path Overwrite Protection 
The smarty-variable $FORUM_ADDRESS was added to create absolute URIs to
CSS and JS files.
 2016-09-20 22:04:34 +02:00
Micha
03064a5c11 CSRF protection 
A page token was added to the user-register/change form to avoid an
unauthorized access from external page while an admin is logged in.
 2016-09-20 21:59:35 +02:00
Heiko August
17516e3ae9 Merge pull request #7 from auge8472/master 
All necessary changes for update etc., that I forgot when I created the tag v2.3.6
 2016-08-04 22:17:23 +02:00
Heiko August
3724c802f5 Change: actual version string for the index.php 2016-08-04 22:07:14 +02:00
Heiko August
db137c7a2a Change: actualise the changelog with the infos about v2.3.6 2016-08-04 22:05:13 +02:00
Heiko August
637271a15c Fix: only use mysqli-functions, when updating to 2.3.6 
The forum uses since v2.3.5 the mysqli instead the mysql library in PHP.
Thatswhy there can't be an update function from older versions.

There is no update to v2.3.6 without an interim step via version 2.3.5.
 2016-08-04 21:44:51 +02:00
Heiko August
ae29e0fca1 Change: update update script, new version strings 2016-08-04 21:09:59 +02:00
Heiko August
0b47232444 Change: set the URL to the new download location 2016-08-04 21:01:36 +02:00
Heiko August
5c528c183c Merge pull request #6 from auge8472/master 
Fix: correct some misspellings
 2016-07-18 14:52:27 +02:00
Heiko August
1f8cd40a46 Change: use german word "los" instead english "go" 2016-07-18 14:46:10 +02:00
Mark Hoschek
32c76d9483 Merge pull request #5 from auge8472/master 
direct link to list of own postings
 2016-07-15 17:07:57 +02:00
Heiko August
7415bd2c34 Change: correct formatting, removed a bunch of unnecessary blanks 2016-07-13 11:14:41 +02:00
Heiko August
f9334a15bd Change: better understandable phrasing 2016-07-13 11:13:11 +02:00
Heiko August
d97a8f377d Change: make a "1" to "ein(e/er)" 
This is common ine formulations in the German languag.
 2016-07-13 11:07:23 +02:00
Heiko August
8f3b2ffcc4 Fix: several spelling and grammar errors 2016-07-13 11:00:56 +02:00
Heiko August
1f670580c4 Fix: double use of key name causes problems with additional templates 2016-07-04 20:15:52 +02:00
Heiko August
3a1b7c0d62 Change: use user_id instead p_user_id, because it's in use anyway 2016-07-04 11:52:26 +02:00
Heiko August
c6622a6636 Fix: use proper masking of ampersands 2016-07-04 11:48:37 +02:00
Heiko August
442509b80b Feature: include link to a list of the logged in users own entries 2016-07-04 11:41:45 +02:00
Mark Hoschek
614958722d Merge pull request #4 from auge8472/master 
Fix: error in the cornercase of connecting the database server
 2016-06-23 20:36:56 +02:00
Heiko August
aa246404de Fix: error in cornercase of failure while connectiong to database server 
The script can't use the connection identifier to report it's absence. Use the correct function for this case.
 2016-06-23 10:49:40 +02:00
Mark Hoschek
ebb28d8eed Workaround for Firefox-bug #2 2016-06-22 18:57:34 +02:00
Mark Hoschek
65af7cceb6 Merge pull request #3 from auge8472/master 
Fix: field last_login can now store NULL values
 2016-06-22 18:43:31 +02:00
Heiko August
dc60c18780 Fix: field last_login can now store NULL values 
When a user should be registered, she/he was (in that moment) never logged in. Thatswhy the field last_login should stay empty (NULL) what was forbiddeen by the old table definition.
fixes ilosuna/mylittleforum#1
 2016-06-22 13:03:10 +02:00
Alex
2c47d5c73f Update Changelog 2016-06-02 20:47:01 +02:00
Alex
b94e25283c Set empty timestamp values to null for MySQL>=5.6.5 2016-06-02 20:40:09 +02:00
Alex
c9ba3911dc Update changelog 2016-06-02 19:01:01 +02:00
Alex
985cbf893e Add smarty files 2016-06-02 18:52:38 +02:00
Alex
dcf930630a Update changelog and update script 2016-05-31 17:05:05 +02:00
Alex
f3bba070d7 Update reademe file 2016-05-31 16:58:43 +02:00
Alex
d6bfc56e92 Update readme file 2016-05-31 15:10:13 +02:00
Alex
6c845e0a8e Update readme file 2016-05-31 15:09:16 +02:00
Alex
d72686a4f7 Update readme file 2016-05-31 14:51:30 +02:00
Alex
4412573af3 Update readme file 2016-05-31 14:50:08 +02:00
Alex
ff5528c34e Update CHANGELOG 2016-05-31 14:21:19 +02:00
Alex
1fb9f1e08a Update README file 2016-05-31 14:18:35 +02:00
Alex
23e0c4d353 PHP 7 modifications (e.g. replace mysql_* by mysqli_* functions) 2016-05-31 14:08:09 +02:00
Alex
7eb9702031 Sticky thread fix, iOS JS fix, template and translation fixes (http://mylittleforum.net/forum/index.php?id=8512) 2016-03-13 17:49:28 +01:00
Alex
132f119850 Update contains_invalid_string() 2015-02-08 17:53:19 +01:00
Alex
522981ecbc Update changelog and update script 2015-02-08 17:26:18 +01:00
Alex
989c40e27e Fix in contains_invalid_string() function 2015-02-08 17:17:51 +01:00
Alex
80c7f23c90 Update changelog 2015-02-08 11:47:53 +01:00
Alex
000eb668da Update update script 2015-02-08 11:41:25 +01:00
Alex
6fb90b08b0 Update changelog 2015-02-08 11:36:12 +01:00
Alex
b5409de5e7 Smarty update (3.1.21) 2015-02-08 11:28:15 +01:00