aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2024-02-03Fix broken link to wiki page in first postThomas Lange1-1/+1
OLD: https://github.com/Nerdmind/Blog/wiki/Content-functions NEW: https://github.com/Nerdmind/Blog/wiki/Content_functions
2024-02-03Hotfix: Replace `"` with `'` in link title stringThomas Lange1-3/+12
Because there currently is no sane way to escape double quotes within a string intended to be used as title for a Markdown formatted link, just replace the double with single quotes until a better solution is found. Note: Just replacing with `"` will not work here because Parsedown escapes this further to `"`.
2024-02-02Fix incorrect backslash escaping of `\\`Thomas Lange1-2/+2
The regular expression part `\\` must be written as `\\\\`, not `\\\` in a PHP string variable. Although both variants (`\\\\` and `\\\`) will be passed as `\` to the regex engine in this specific case, it's correct to use 4 backslashes, as the PHP manual tells you: https://www.php.net/manual/en/regexp.reference.escape.php
2024-02-02Rewrite and optimize FunctionParser classThomas Lange1-15/+54
* Rewrite regular expressions and make them easier to read. * Use named capture groups for backreferences and array keys. * Allow backslash-escaping of quotes inside string arguments. * Allow string arguments to be enclosed between single quotes.
2024-01-23Remove trailing slash on void elementsThomas Lange17-82/+82
The trailing slash on void elements (self-closing tags) doesn't have any effect, isn't required by HTML5 and it is recommended to not use it.
2023-09-23Pass NULL instead of array containing NULL elementThomas Lange1-1/+7
2023-09-23Language: Cast parameter for "vsprintf" to arrayThomas Lange1-1/+1
Since PHP8, the second parameter for the "vsprintf" function MUST BE of type "array", so cast the $arguments variable to "array".
2023-09-23Language: Remove deprecated method "template"Thomas Lange1-7/+0
If your custom theme is still using that method, you can simply upgrade your theme by replacing all occurrences of "template" with "text": OLD: $Language->template NEW: $Language->text
2023-02-01Darken the background color of the headerThomas Lange4-4/+6
Use SCSS variables for the background color of the header and darken it a bit more for the dark theme of the "admin" template.
2023-02-01Remove "text-shadow" property from header textThomas Lange3-3/+0
2023-02-01Recompile CSS and add ".sass-cache" to .gitignoreThomas Lange4-1713/+1045
2023-01-03Put "try_files" directive into "location" contextThomas Lange1-1/+3
When used in the "server" context, the "try_files" directive will never get executed if there also is a "location / {}" block specified (which is most likely the case on a production vhost config).
2022-08-05Merge pull request #21 from MarkusHackspacher/patch-1Thomas Lange1-0/+1
SET NAMES 'utf8mb4'
2022-08-03SET NAMES 'utf8mb4'Markus Hackspacher1-0/+1
with SET NAMES can you imort the file with the commandline: mysql -u root blog < core/db/database.sql
2022-03-28Add notice about AllowOverride in .htaccessThomas Lange1-0/+6
2022-03-14Include category data in feed item templateThomas Lange1-0/+17
Include the category data and the category tree data in the feed item template in the same way as on the post's "main" or "item" template. So in the feed item template, the available parameters are now: $POST (already existed before) $USER (already existed before) $CATEGORY (added with this commit) $CATEGORIES (added with this commit) See the template documentation in the wiki for more information.
2021-10-02Don't use suppression operator for "session_start"Thomas Lange1-1/+3
Don't use the suppression operator "@" for the "session_start" call in the migrations.php file, but rather check properly if there already is an active session by checking the "session_status" return value.
2021-10-02Fix wrong color scheme identifier in migration.phpThomas Lange1-1/+1
The light color scheme was renamed from "main" to "bright" since the following commit: 01cbd757d69668b39c1b072b0449b77e6e2bee8d
2021-09-27Fix incorrect parameter list for logout actionThomas Lange1-1/+1
2021-09-19Pre-select the current user in page/post formThomas Lange2-2/+4
Pre-select the user with the user ID of the current session in the forms for creating a page or a post. This fixes the problem that occurs if one have multiple users in the database, but the create forms were not using the *current* logged-in user as the default selected user. The forms for modifying a page or post are not affected because they use the ID from "$FORM['DATA']['USER']" for selecting the correct user. This key is undefined on the create forms, so we use "$_SESSION['USER_ID']" for selecting the default user for creating new pages and posts.
2021-09-19Rename some session array keysThomas Lange2-5/+5
* Rename "auth" to "USER_ID" * Rename "token" to "CSRF_TOKEN"
2021-08-29Check for "is_file" in the SPL class autoloaderThomas Lange1-4/+8
2021-08-26Add underline for blue hyperlinks in admin themeThomas Lange3-3/+16
2021-08-26Don't use wrapper function "escapeHTML" internallyThomas Lange1-2/+2
Don't use the template function "escapeHTML" internally and replace all occurrences outside of the template files with "htmlspecialchars".
2021-08-26Explicitly set placeholder color for admin themeThomas Lange3-0/+24
Explicitly set the placeholder color and opacity for the form fields of the admin theme as the various browsers are using different defaults.
2021-08-26Explicitly set scrollbar colors for admin themeThomas Lange5-0/+108
Explicitly set the scrollbar colors for the admin theme instead of using the default colors of the web browser and integrate the scrollbar colors better into the user-selected color scheme (bright or dark).
2021-08-10Exclude "_modified" property from "getAll" methodThomas Lange1-0/+1
The "getAll" method of the Entity class should return an array with real attributes of the Entity object but not internally used properties.
2021-08-10Add "getModifiedKeys" method to EntityInterfaceThomas Lange1-0/+1
2021-08-10Declare "set" method of Entity class as voidThomas Lange2-4/+3
2021-08-10Add a better mechanism to detect Entity changesThomas Lange7-61/+68
Implement and use a better mechanism to detect changes of attributes of the Entity objects by using a private variable which keeps track of the changed Entity attributes ("properties") via the "set" method. The "insert" and "update" method of the Repository now calls the method "getModifiedKeys" of the Entity class to get a list of properties which have been changed and builds the database query accordingly. This makes the use of "FALSE" as default value for the Entity attributes obsolete, so they have been set to the initial PHP default ("NULL").
2021-08-10Clear floating for #message-list-wrapperThomas Lange3-0/+3
2021-08-09Merge regex pattern for search and feed controllerThomas Lange1-17/+5
2021-08-09Show ID in the heading of the update templateThomas Lange4-4/+16
Show the current entity ID right-floated in the update.php templates.
2021-08-09Show action button list in entity update templateThomas Lange7-4/+23
Add a link to the current entity on the website and a link to the entity delete form in the administration area's update.php templates.
2021-08-09Pass entity template data to the update templateThomas Lange4-0/+4
2021-08-09Fix some inconsistent variable namesThomas Lange4-12/+12
2021-08-05Update link to MySQL documentation in translationsThomas Lange4-6/+6
Since the introduction of the category system, the application requires MySQL >= 8.0, so we should update the links to the documentation of the MySQL search functionality to match the minimum required MySQL version.
2021-08-05Enhance error message for invalid CSRF tokenThomas Lange2-2/+2
2021-08-05Don't check return value of insert/delete methodsThomas Lange8-24/+16
Don't check the return value of the Repository's "insert" and "delete" methods in the administration controllers for creating and modifying entities since a PDOException is thrown if an error occurs.
2021-08-05Show error message if CSRF token does not matchesThomas Lange6-49/+69
Print an error message for various actions in the administration area if the security token is invalid, instead of silently preventing the user's desired action to perform if the token is invalid for some reason. This change applies for the delete actions on all entity types and also for the login action and the database command execution form; the forms for creating/modifying entities had already shown a CSRF error before.
2021-08-05Simplify the insert/update HTTP-POST params checkThomas Lange8-8/+8
Simplify the HTTP-POST parameter presence check in the administration controllers for creating and modifying entities. Since we already use fallback values for each attribute, we don't need a full param check.
2021-08-04Use "strpos" to validate "If-None-Match" headerThomas Lange1-14/+5
Remove those "trim" calls and use "strpos" to check if the ETag value generated by the system is contained somewhere in the "If-None-Match" request header sent by the client (if present). With this commit, the ETag header validation now also works with nginx. The nginx web server prefixes the "ETag" header generated by the system with the string "W/" which caused the previous validation code to fail. Instead of using multiple "trim" calls or "preg_replace", we now use a single, simple and fast "strpos" call to check if the system generated Etag hash value is contained in the "If-None-Match" request header.
2021-08-04Add explicit parameter types for the "exit" methodThomas Lange1-1/+1
2021-08-04Move error page logic into the Application classThomas Lange3-30/+16
Move the logic for generating the error pages into the Application class to remove this ugly "require" call in the error403 and error404 methods.
2021-08-04Add trailing slash to forbidden directory rulesThomas Lange2-2/+2
2021-08-03Update readme.mdThomas Lange1-2/+2
2021-08-03Show current page in categories <title> elementThomas Lange3-1/+12
Posts in a category are paginated, so display the number of the current page in square brackets within the categories <title> element.
2021-07-29Update the Apache and nginx configuration filesThomas Lange2-20/+27
2021-07-28Use foreach loop for registering the item routesThomas Lange1-34/+15
Reduce some boilerplate code in the index.php by using a foreach loop to register the routes for the various item controllers.
2021-07-28Migrator: Don't recreate Language object anymoreThomas Lange2-13/+12
Do not force the recreation of the Language object in the migrations.php file anymore by changing the include position of the migrations.php (and the functions.php) in the application.php file a bit to the top.