| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
Since PHP8, the second parameter for the "vsprintf" function MUST BE of
type "array", so cast the $arguments variable to "array".
|
|
If your custom theme is still using that method, you can simply upgrade
your theme by replacing all occurrences of "template" with "text":
OLD: $Language->template
NEW: $Language->text
|
|
Use SCSS variables for the background color of the header and darken it
a bit more for the dark theme of the "admin" template.
|
|
|
|
|
|
When used in the "server" context, the "try_files" directive will never
get executed if there also is a "location / {}" block specified (which
is most likely the case on a production vhost config).
|
|
SET NAMES 'utf8mb4'
|
|
with SET NAMES can you imort the file with the commandline: mysql -u root blog < core/db/database.sql
|
|
|
|
Include the category data and the category tree data in the feed item
template in the same way as on the post's "main" or "item" template.
So in the feed item template, the available parameters are now:
$POST (already existed before)
$USER (already existed before)
$CATEGORY (added with this commit)
$CATEGORIES (added with this commit)
See the template documentation in the wiki for more information.
|
|
Don't use the suppression operator "@" for the "session_start" call in
the migrations.php file, but rather check properly if there already is
an active session by checking the "session_status" return value.
|
|
The light color scheme was renamed from "main" to "bright" since the
following commit: 01cbd757d69668b39c1b072b0449b77e6e2bee8d
|
|
|
|
Pre-select the user with the user ID of the current session in the forms
for creating a page or a post. This fixes the problem that occurs if one
have multiple users in the database, but the create forms were not using
the *current* logged-in user as the default selected user.
The forms for modifying a page or post are not affected because they use
the ID from "$FORM['DATA']['USER']" for selecting the correct user. This
key is undefined on the create forms, so we use "$_SESSION['USER_ID']"
for selecting the default user for creating new pages and posts.
|
|
* Rename "auth" to "USER_ID"
* Rename "token" to "CSRF_TOKEN"
|
|
|
|
|
|
Don't use the template function "escapeHTML" internally and replace all
occurrences outside of the template files with "htmlspecialchars".
|
|
Explicitly set the placeholder color and opacity for the form fields of
the admin theme as the various browsers are using different defaults.
|
|
Explicitly set the scrollbar colors for the admin theme instead of using
the default colors of the web browser and integrate the scrollbar colors
better into the user-selected color scheme (bright or dark).
|
|
The "getAll" method of the Entity class should return an array with real
attributes of the Entity object but not internally used properties.
|
|
|
|
|
|
Implement and use a better mechanism to detect changes of attributes of
the Entity objects by using a private variable which keeps track of the
changed Entity attributes ("properties") via the "set" method.
The "insert" and "update" method of the Repository now calls the method
"getModifiedKeys" of the Entity class to get a list of properties which
have been changed and builds the database query accordingly.
This makes the use of "FALSE" as default value for the Entity attributes
obsolete, so they have been set to the initial PHP default ("NULL").
|
|
|
|
|
|
Show the current entity ID right-floated in the update.php templates.
|
|
Add a link to the current entity on the website and a link to the entity
delete form in the administration area's update.php templates.
|
|
|
|
|
|
Since the introduction of the category system, the application requires
MySQL >= 8.0, so we should update the links to the documentation of the
MySQL search functionality to match the minimum required MySQL version.
|
|
|
|
Don't check the return value of the Repository's "insert" and "delete"
methods in the administration controllers for creating and modifying
entities since a PDOException is thrown if an error occurs.
|
|
Print an error message for various actions in the administration area if
the security token is invalid, instead of silently preventing the user's
desired action to perform if the token is invalid for some reason.
This change applies for the delete actions on all entity types and also
for the login action and the database command execution form; the forms
for creating/modifying entities had already shown a CSRF error before.
|
|
Simplify the HTTP-POST parameter presence check in the administration
controllers for creating and modifying entities. Since we already use
fallback values for each attribute, we don't need a full param check.
|
|
Remove those "trim" calls and use "strpos" to check if the ETag value
generated by the system is contained somewhere in the "If-None-Match"
request header sent by the client (if present).
With this commit, the ETag header validation now also works with nginx.
The nginx web server prefixes the "ETag" header generated by the system
with the string "W/" which caused the previous validation code to fail.
Instead of using multiple "trim" calls or "preg_replace", we now use a
single, simple and fast "strpos" call to check if the system generated
Etag hash value is contained in the "If-None-Match" request header.
|
|
|
|
Move the logic for generating the error pages into the Application class
to remove this ugly "require" call in the error403 and error404 methods.
|
|
|
|
|
|
Posts in a category are paginated, so display the number of the current
page in square brackets within the categories <title> element.
|
|
|
|
Reduce some boilerplate code in the index.php by using a foreach loop to
register the routes for the various item controllers.
|
|
Do not force the recreation of the Language object in the migrations.php
file anymore by changing the include position of the migrations.php (and
the functions.php) in the application.php file a bit to the top.
|
|
|
|
|
|
|
|
Show a message in the administration area's post and page search form if
the search query returned no results.
|
|
Do not rely on the "$POST['GUID']" template parameter anymore and create
the GUID for the feed item manually in the feed item's template file.
The application internal function "generatePseudoGUID" has been removed
and the function "generateItemTemplateData" will not return the "GUID"
part anymore (which was only used by the feed item template anyway).
For backward compatibility, the "$POST['GUID']" template parameter will
still be present in the feed item template, but not in other templates!
|
