Age | Commit message (Collapse) | Author | Files | Lines |
|
Regression test: URL with disallowed chars: '$url/1234/.exec("asdf")'
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
We don't really have to hit the db here every time.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Sending it without being asked for a range breaks tnftp.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
If $size is 0 log() will return -INF leading to an "undefined offset"
error when trying to get the suffix.
We fix this by copying the code from fb-client which handles this issue
correctly and will also work for sizes above the biggest suffix (won't
happen here, but who cares).
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Retagging 2.1.1 for final release
Conflicts:
user_guide/changelog.html
user_guide/database/active_record.html
user_guide/database/caching.html
user_guide/database/call_function.html
user_guide/database/configuration.html
user_guide/database/connecting.html
user_guide/database/examples.html
user_guide/database/fields.html
user_guide/database/forge.html
user_guide/database/helpers.html
user_guide/database/index.html
user_guide/database/queries.html
user_guide/database/results.html
user_guide/database/table_data.html
user_guide/database/transactions.html
user_guide/database/utilities.html
user_guide/doc_style/index.html
user_guide/general/alternative_php.html
user_guide/general/ancillary_classes.html
user_guide/general/autoloader.html
user_guide/general/caching.html
user_guide/general/cli.html
user_guide/general/common_functions.html
user_guide/general/controllers.html
user_guide/general/core_classes.html
user_guide/general/creating_drivers.html
user_guide/general/creating_libraries.html
user_guide/general/credits.html
user_guide/general/drivers.html
user_guide/general/environments.html
user_guide/general/errors.html
user_guide/general/helpers.html
user_guide/general/hooks.html
user_guide/general/libraries.html
user_guide/general/managing_apps.html
user_guide/general/models.html
user_guide/general/profiling.html
user_guide/general/quick_reference.html
user_guide/general/requirements.html
user_guide/general/reserved_names.html
user_guide/general/routing.html
user_guide/general/security.html
user_guide/general/styleguide.html
user_guide/general/urls.html
user_guide/general/views.html
user_guide/helpers/array_helper.html
user_guide/helpers/captcha_helper.html
user_guide/helpers/cookie_helper.html
user_guide/helpers/date_helper.html
user_guide/helpers/directory_helper.html
user_guide/helpers/download_helper.html
user_guide/helpers/email_helper.html
user_guide/helpers/file_helper.html
user_guide/helpers/form_helper.html
user_guide/helpers/html_helper.html
user_guide/helpers/inflector_helper.html
user_guide/helpers/language_helper.html
user_guide/helpers/number_helper.html
user_guide/helpers/path_helper.html
user_guide/helpers/security_helper.html
user_guide/helpers/smiley_helper.html
user_guide/helpers/string_helper.html
user_guide/helpers/text_helper.html
user_guide/helpers/typography_helper.html
user_guide/helpers/url_helper.html
user_guide/helpers/xml_helper.html
user_guide/index.html
user_guide/installation/downloads.html
user_guide/installation/index.html
user_guide/installation/troubleshooting.html
user_guide/installation/upgrade_120.html
user_guide/installation/upgrade_130.html
user_guide/installation/upgrade_131.html
user_guide/installation/upgrade_132.html
user_guide/installation/upgrade_133.html
user_guide/installation/upgrade_140.html
user_guide/installation/upgrade_141.html
user_guide/installation/upgrade_150.html
user_guide/installation/upgrade_152.html
user_guide/installation/upgrade_153.html
user_guide/installation/upgrade_154.html
user_guide/installation/upgrade_160.html
user_guide/installation/upgrade_161.html
user_guide/installation/upgrade_162.html
user_guide/installation/upgrade_163.html
user_guide/installation/upgrade_170.html
user_guide/installation/upgrade_171.html
user_guide/installation/upgrade_172.html
user_guide/installation/upgrade_200.html
user_guide/installation/upgrade_201.html
user_guide/installation/upgrade_202.html
user_guide/installation/upgrade_203.html
user_guide/installation/upgrade_210.html
user_guide/installation/upgrade_b11.html
user_guide/installation/upgrading.html
user_guide/libraries/benchmark.html
user_guide/libraries/caching.html
user_guide/libraries/calendar.html
user_guide/libraries/cart.html
user_guide/libraries/config.html
user_guide/libraries/email.html
user_guide/libraries/encryption.html
user_guide/libraries/file_uploading.html
user_guide/libraries/form_validation.html
user_guide/libraries/ftp.html
user_guide/libraries/image_lib.html
user_guide/libraries/input.html
user_guide/libraries/javascript.html
user_guide/libraries/language.html
user_guide/libraries/loader.html
user_guide/libraries/migration.html
user_guide/libraries/output.html
user_guide/libraries/pagination.html
user_guide/libraries/parser.html
user_guide/libraries/security.html
user_guide/libraries/sessions.html
user_guide/libraries/table.html
user_guide/libraries/trackback.html
user_guide/libraries/typography.html
user_guide/libraries/unit_testing.html
user_guide/libraries/uri.html
user_guide/libraries/user_agent.html
user_guide/libraries/xmlrpc.html
user_guide/libraries/zip.html
user_guide/license.html
user_guide/overview/appflow.html
user_guide/overview/at_a_glance.html
user_guide/overview/cheatsheets.html
user_guide/overview/features.html
user_guide/overview/getting_started.html
user_guide/overview/goals.html
user_guide/overview/index.html
user_guide/overview/mvc.html
user_guide/toc.html
user_guide/tutorial/conclusion.html
user_guide/tutorial/create_news_items.html
user_guide/tutorial/hard_coded_pages.html
user_guide/tutorial/index.html
user_guide/tutorial/news_section.html
user_guide/tutorial/static_pages.html
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
curl 7.26.0 changed the user agent format to "curl/$version" and no
longer sends the library version.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Models shouldn't really call views
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
This allows the html page to change (user logged in/not logged in), but
still keeps etag support for content that's really going to stay the
same (images, plain file content, qr codes for urls)
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
This looks horrible, but gets the job done...
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
var is deprecated since ages and in strict mode we have to initialize
$this->var as a generic object before using it.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
CLI clients are expected to only request deletion when the users wants
it.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
The delete link won't ask for confirmation anymore, so don't use it.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
This removes the old form which was used to delete a single upload and
replaces it with checkboxes on the history page. All checked IDs will be
removed at once, instead of requiring the user to click through multiple
pages.
The old file/delete page is kept for compatibility with CLI clients.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
The table is shared with the old delete_form, but it doesn't display the
delete button in info mode.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
If you only uploaded short filenames "Filename" could e longer than any
filename, resulting in a broken table.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Unowned files expire whenever a session expires because the user won't
be able to reclaim them anymore.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
If a user keeps the browser open until his session expires and then
tries to upload something we now add it to the database, add the ID to
the new session and when someone logs in with that session the ID is
assigned. Until then even if you guess it correctly, you won't be able
to download it.
If the user still manages to let the 2nd session expire because he can't
find his password, the upload will be lost. Shit happens.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
It won't work anyway.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
This can be used to remove an ID and all other IDs referencing the same
hash.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
If the session has timed out, javascript will get the login page and try
to redirect to "base_url/$htmlcode" which will obviously fail. Instead
of fixing the js code, reintroduce do_paste and use it.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
chromium rejects inline css with this.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
The current implementation sometimes failed to generate valid hashes
(had something to do with the random salt).
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Some users might expect confirmation emails, but we don't send those
(yet?).
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|