summaryrefslogtreecommitdiffstats
path: root/NEWS
AgeCommit message (Collapse)AuthorFilesLines
2024-04-14fix(duser_db): Guard against NULL valuesFlorian Pritz1-0/+1
When a user is deleted, their details are set to NULL. When no username is specific for a password reset, this can trigger an email being sent to an empty recipient which will not be deliverable. Just to be safe, guard against NULL values for all the user related functions. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2024-01-14Release 4.0.14.0.1Florian Pritz1-0/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2024-01-14feat(PHP8.3): Fix assert_options deprecation warningsFlorian Pritz1-0/+1
All current asserations are only for development/debug related checks and safe to disable on production so we do not need to force any settings via the deprecate `assert_options` function here and we can just remove this code. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2023-01-29Update NEWSFlorian Pritz1-0/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2023-01-29feat(PHP8.2): Fix dynamic properties deprecation warningsFlorian Pritz1-0/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2022-06-26docs: Fix typoFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2022-04-10Release 4.0.04.0.0Florian Pritz1-0/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2022-04-10fix(multipaste): Handle missing items in multipaste queueFlorian Pritz1-0/+1
This fixes an exception if the multipaste queue contains an item that does not exist any more, e.g. because it has been deleted after it was added to the queue. `Exception 1/1 'ErrorException' with message 'Trying to access array offset on value of type bool' in /srv/http/filebin/application/controllers/file/Multipaste.php:103` Signed-off-by: Florian Pritz <bluewind@xinu.at>
2022-04-10feat(PHP8.1)!: Fix deprecated null argumentsFlorian Pritz1-0/+2
BREAKING CHANGE: Syntax raises minimal PHP version to 7.0 Signed-off-by: Florian Pritz <bluewind@xinu.at>
2022-04-10NEWS: Fix missing release versionFlorian Pritz1-0/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2022-01-09Update NEWS3.6.2Florian Pritz1-0/+4
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2021-04-11Update NEWS3.6.1Florian Pritz1-0/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2021-04-11Copy filename when repasting fileFlorian Pritz1-0/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2021-04-11Add links to new android clientFlorian Pritz1-0/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2021-02-21Update NEWS3.6.0Florian Pritz1-0/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2021-02-21Pygments: Add json and crystal filename extensionsFlorian Pritz1-0/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2021-02-21NEWS: Mention PHP 8 fixesFlorian Pritz1-0/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2020-10-07Update NEWS3.5.0Florian Pritz1-0/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2020-10-07API: Update API version to 2.2.0Florian Pritz1-2/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2020-10-07API: Add `minimum-id-length` post parameterSimon Schuster1-0/+2
This parameter controls the generated id for files (file/upload) and multipastes (file/create_multipaste). The post parameter has to be a positive integer value >= 2. Changes by Florian Pritz: - minor style and typo fixes - NEWS entry - check expected error reply content in tests Signed-off-by: Florian Pritz <bluewind@xinu.at>
2020-06-12Update NEWS3.4.5Florian Pritz1-0/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2020-06-12thumbnail-view.js: Detect automatic image rotation in recent browsersFlorian Pritz1-0/+2
The default value has been changed to `from-image` and at least with Firefox 76 and Chromium 83 this leads to double rotated images. Disabling the automatic rotation with `image-orientation: none` in CSS leads to incorrectly scaled images, (likely, but unverified) because the width/height are returned incorrectly/rotated in jquery/javascript. Whatever it may be, the easier fix is to just check for the new default value and if the browser handles orientation automatically, we disable our own code. https://github.com/w3c/csswg-drafts/issues/3799 Signed-off-by: Florian Pritz <bluewind@xinu.at>
2020-04-19Update NEWS3.4.4Florian Pritz1-0/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2020-04-19Reclassify various exceptions as InsufficientPermissionsExceptionFlorian Pritz1-1/+1
That way they get the correct HTTP status code and they also get ignored by the logging code. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2020-04-19Reclassify various exceptions as UserInputExceptionFlorian Pritz1-0/+1
These are errors that a user can correct themselves so we should classify them accordingly. That way they get the correct HTTP status code and they also get ignored by the logging code. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2020-04-19Log HTTP 500 PublicApiException to error logFlorian Pritz1-0/+1
These return a 500 HTTP error code and when using a CLI download tool, you might not see the returned HTML error message. To make debugging easier we also log them to the error log. Some extending exceptions also return different error codes (e.g. UserInputException) so we filter these by only logging if the return code is 500. If a user/admin sees that code they likely expect a log entry. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2019-12-07Update NEWS3.4.3Florian Pritz1-0/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2019-12-07ExceptionHandler: Fix null object array access errorFlorian Pritz1-0/+1
Not sure why, but this only started to happen with php 7.4. Should be fixed anyways so I didn't investigate further. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2019-12-06Update NEWS3.4.2Florian Pritz1-0/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2019-12-06Fix deprecated array access syntax with {}Florian Pritz1-0/+1
This leads to a deprecation warning as of php 7.4. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2019-09-27Update NEWS3.4.1Florian Pritz1-0/+6
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2019-05-21Release 3.4.03.4.0Florian Pritz1-0/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2019-05-21Allow data URLs in CSP headerFlorian Pritz1-0/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2019-05-15Update NEWS for 3.3.23.3.2Florian Pritz1-0/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2019-05-15Pygments: Skip lexers that do not have namesFlorian Pritz1-0/+1
With pygments 2.4.0 at least VBScript doesn't have a name and thus causes an exception when the first name should be used. We use the name to tell pygmentize which lexer to use so listing a lexer that doesn't have a name doesn't work and thus there is no point in showing it in the list. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2019-01-28Release 3.3.13.3.1Florian Pritz1-0/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2019-01-28Disable CSRF token regeneration for multipaste AJAXFlorian Pritz1-0/+1
If regeneration is on, the token is recreated after the first AJAX submit and subsequent ajax submits or normal form submits break. By disabling it here, we limit potential security issues to only this page, but it also only works if the user does not submit any other forms while they are on the AJAX page. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2019-01-28NEWS: Mention CI 3.1.10 updateFlorian Pritz1-0/+1
2018-12-31Stop making PDF thumbnails with imagemagickFlorian Pritz1-0/+2
Arch Linux disables PDF support in imagemagick due to security concerns. This results in broken thumbnails for PDF files. By disabling it we just get the normal file list which should be fine too. If necessary this could be extended to be configurable, but I don't think doing that is necessary. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2018-09-19Update NEWS for 3.3.0Florian Pritz1-0/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2018-08-20Update NEWSFlorian Pritz1-0/+6
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2018-07-04Update NEWS3.2.0Florian Pritz1-0/+6
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2018-06-01Update NEWS3.1.1Florian Pritz1-0/+3
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2018-06-01Update NEWS3.1.0Florian Pritz1-0/+5
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2018-03-23Update NEWS3.0.3Florian Pritz1-0/+3
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2018-02-06Update NEWS3.0.2Florian Pritz1-0/+13
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2017-12-02Fix DB settings for postgres which doesn't use utf8mb43.0.1Florian Pritz1-2/+3
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2017-12-02NEWS: Release v3.0.03.0.0Florian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2017-12-02NEWS: Clarify wording regarding base_urlFlorian Pritz1-2/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2017-12-02NEWS: Fix typoFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>