Age | Commit message (Collapse) | Author | Files | Lines |
|
The light color scheme was renamed from "main" to "bright" since the
following commit: 01cbd757d69668b39c1b072b0449b77e6e2bee8d
|
|
|
|
Pre-select the user with the user ID of the current session in the forms
for creating a page or a post. This fixes the problem that occurs if one
have multiple users in the database, but the create forms were not using
the *current* logged-in user as the default selected user.
The forms for modifying a page or post are not affected because they use
the ID from "$FORM['DATA']['USER']" for selecting the correct user. This
key is undefined on the create forms, so we use "$_SESSION['USER_ID']"
for selecting the default user for creating new pages and posts.
|
|
* Rename "auth" to "USER_ID"
* Rename "token" to "CSRF_TOKEN"
|
|
|
|
|
|
Don't use the template function "escapeHTML" internally and replace all
occurrences outside of the template files with "htmlspecialchars".
|
|
Explicitly set the placeholder color and opacity for the form fields of
the admin theme as the various browsers are using different defaults.
|
|
Explicitly set the scrollbar colors for the admin theme instead of using
the default colors of the web browser and integrate the scrollbar colors
better into the user-selected color scheme (bright or dark).
|
|
The "getAll" method of the Entity class should return an array with real
attributes of the Entity object but not internally used properties.
|
|
|
|
|
|
Implement and use a better mechanism to detect changes of attributes of
the Entity objects by using a private variable which keeps track of the
changed Entity attributes ("properties") via the "set" method.
The "insert" and "update" method of the Repository now calls the method
"getModifiedKeys" of the Entity class to get a list of properties which
have been changed and builds the database query accordingly.
This makes the use of "FALSE" as default value for the Entity attributes
obsolete, so they have been set to the initial PHP default ("NULL").
|
|
|
|
|
|
Show the current entity ID right-floated in the update.php templates.
|
|
Add a link to the current entity on the website and a link to the entity
delete form in the administration area's update.php templates.
|
|
|
|
|
|
Since the introduction of the category system, the application requires
MySQL >= 8.0, so we should update the links to the documentation of the
MySQL search functionality to match the minimum required MySQL version.
|
|
|
|
Don't check the return value of the Repository's "insert" and "delete"
methods in the administration controllers for creating and modifying
entities since a PDOException is thrown if an error occurs.
|
|
Print an error message for various actions in the administration area if
the security token is invalid, instead of silently preventing the user's
desired action to perform if the token is invalid for some reason.
This change applies for the delete actions on all entity types and also
for the login action and the database command execution form; the forms
for creating/modifying entities had already shown a CSRF error before.
|
|
Simplify the HTTP-POST parameter presence check in the administration
controllers for creating and modifying entities. Since we already use
fallback values for each attribute, we don't need a full param check.
|
|
Remove those "trim" calls and use "strpos" to check if the ETag value
generated by the system is contained somewhere in the "If-None-Match"
request header sent by the client (if present).
With this commit, the ETag header validation now also works with nginx.
The nginx web server prefixes the "ETag" header generated by the system
with the string "W/" which caused the previous validation code to fail.
Instead of using multiple "trim" calls or "preg_replace", we now use a
single, simple and fast "strpos" call to check if the system generated
Etag hash value is contained in the "If-None-Match" request header.
|
|
|
|
Move the logic for generating the error pages into the Application class
to remove this ugly "require" call in the error403 and error404 methods.
|
|
|
|
|
|
Posts in a category are paginated, so display the number of the current
page in square brackets within the categories <title> element.
|
|
|
|
Reduce some boilerplate code in the index.php by using a foreach loop to
register the routes for the various item controllers.
|
|
Do not force the recreation of the Language object in the migrations.php
file anymore by changing the include position of the migrations.php (and
the functions.php) in the application.php file a bit to the top.
|
|
|
|
|
|
|
|
Show a message in the administration area's post and page search form if
the search query returned no results.
|
|
Do not rely on the "$POST['GUID']" template parameter anymore and create
the GUID for the feed item manually in the feed item's template file.
The application internal function "generatePseudoGUID" has been removed
and the function "generateItemTemplateData" will not return the "GUID"
part anymore (which was only used by the feed item template anyway).
For backward compatibility, the "$POST['GUID']" template parameter will
still be present in the feed item template, but not in other templates!
|
|
Remove the configuration option "POST.FEED_GUID" that contained the name
of the columns from the database which were passed to the SHA1 function
for generating the pseudo GUID for the items in the RSS feed.
|
|
In addition to the last commit, use the correct configuration option in
the code to check if single items should be redirected.
|
|
Rename the config options "(CATEGORY|PAGE|POST|USER).SINGLE_REDIRECT" to
to "(CATEGORY|PAGE|POST|USER).REDIRECT_SINGLE".
|
|
|
|
Add a quick link to the post search in the administration area with the
category of the item preselected to search only posts in this category.
|
|
|
|
Add a user and category filter option for the post search in the
administration area. Filter on default theme is followed later.
|
|
Move the methods for the search functionality of the abstract Repository
class into a separate trait and use it in the Page and Post repository.
The reason because of this is that only the Page and Post repositories
having a search functionality, while the other repositories have not.
|
|
Catch possible PDOException on search requests with queries like "*" and
pass the exception message to the template for displaying.
|
|
Add pagination for search results in the admin and default theme.
|
|
Escape possible percent characters ("%") in the URL params for sprintf.
Otherwise the pagination template breaks if URL params which contain a
percent sign are merged into the pagination URL.
|
|
|