Commit Graph

29206 Commits

Author SHA1 Message Date
Sam
ad5f502332 FIX: add a basic validator for topic params
This cuts down on log noise when people try out sql injection
2018-08-14 17:01:04 +10:00
Guo Xiang Tan
402e570c77 Logster::Logger#chained is now readable in new version of logster. 2018-08-14 09:57:09 +08:00
Sam
b504398a91 DEV: keep bin/unicorn clean from log noise 2018-08-14 08:49:57 +10:00
Kyle Zhao
983dba37ce FIX: use BasicUserSerializer for user_badge.granted_by (#6266)
BasicUserSerializer contains enough information for the badges page,
while UserSerializer issues ~100 SQL queries on the fly when serializing
the field without preloading.
2018-08-14 08:11:14 +10:00
Neil Lalonde
71b65be6f6 SECURITY: prevent use of X-Forwarded-Host to perform XSS 2018-08-13 16:45:22 -04:00
Gerhard Schlager
7f4ef3db9e Improve Telligent importer
* Try multiple filenames and do lots of guessing when searching for attachments
* Unescape HTML in filenames and replace invalid characters in filenames
* Existing permalinks prevented resuming of import
* Prevent duplicate attachments in same post
2018-08-13 15:28:11 +02:00
Guo Xiang Tan
dadbf2edb4 DEV: Log to STDOUT in development like how rails s used to. 2018-08-13 17:05:42 +08:00
Guo Xiang Tan
664186a2a4 DEV: Remove stub to make test more reliable. 2018-08-13 14:48:46 +08:00
Sam
6cae47aa53 collect extra environment correctly 2018-08-13 16:33:28 +10:00
Joe
075d80862f
UX: topic-timer modal style fixes 2018-08-13 14:04:20 +08:00
tshenry
03010571f5 Remove unnecessary code (#6262)
"border-bottom: none;" gets overridden a few lines below by "border-bottom: 1px solid $primary-low;" making it unnecessary.
2018-08-13 15:43:03 +10:00
Misaka 0x4e21
e26437f334 FEATURE: Do encodeURI on share links
Some Discourse-supported sharing platforms such as Twitter are unable to determine the end of a unicode URL. If you post a URL "https://example.org/t/测试/1" on Twitter, it will be a link of href="https://example.org/t/"

If the URL contains any unicode character (usually in the slug part) , it must be urlencoded with encodeURI(url) before being passed to source.generateUrl(link, title), or it will be a malformed URL in the sharing tweet.
2018-08-13 15:35:56 +10:00
Joe
7e68062a46
Topic meta-data flexbox fixes (#6263)
Topic meta-data flexbox fixes
2018-08-13 13:29:46 +08:00
Sam
83fd308963 FEATURE: group error message regarding image optimization failures 2018-08-13 14:48:25 +10:00
Sam
168ffd8384 FEATURE: group warnings about IP level rate limiting 2018-08-13 14:38:20 +10:00
Guo Xiang Tan
d10c9d7d75 FIX: Missing extensions for non-image uploads due to 2b57239389. 2018-08-13 10:58:55 +08:00
Guo Xiang Tan
ba022234c6 Add onceoff job to fix incorrect upload extensions. 2018-08-13 10:44:08 +08:00
Peter Borsa
a6820d8767 Add Hungarian locale (#6260) 2018-08-13 01:02:35 +02:00
Gerhard Schlager
8513605421 Fix the import of avatars and attachments
This time for real ;-)
2018-08-12 22:26:07 +02:00
Gerhard Schlager
6d813c2b52 FIX: Importers failed to import avatars 2018-08-12 22:02:17 +02:00
Gerhard Schlager
1794aea939 FEATURE: Add import script for Telligent 2018-08-12 22:01:23 +02:00
Gerhard Schlager
448e95b97d UX: Show anchor icon instead of text when topic bump is disabled 2018-08-11 21:51:13 +02:00
Kris
a960a57c72 Improving category reorder modal layout 2018-08-10 22:09:46 -04:00
Kris
e53983b53b Alignment fix 2018-08-10 14:00:06 -04:00
Gerhard Schlager
b73950692b FIX: Parsing non-existent feed should not fail 2018-08-10 18:37:14 +02:00
Osama Sayegh
865cb3feb9
FIX: allow selecting site's default theme from preference 2018-08-10 14:12:02 +03:00
Sam
2b2612d0f5 correct flaky spec
after(:all) and before(:all) are to be avoided, state can leak
2018-08-10 16:08:07 +10:00
Sam
6f6b4ff988 regression: don't return from a block
also clean up some warnings (shadowed var, unused var)
2018-08-10 14:53:55 +10:00
Sam
ea8394b080 typo in error message 2018-08-10 11:34:01 +10:00
Sam
1fc2597626 better error handling for upload extension fixer 2018-08-10 11:28:22 +10:00
Kris
0451dba27a Table margin adjustment 2018-08-09 21:24:26 -04:00
Simon Cossar
093c3510e6 Rework moderators activity query (#6230)
* Order rows in query

* Don't increment revisions when moderator revises their own post
2018-08-10 10:51:31 +10:00
Gerhard Schlager
b9072e8292 FEATURE: Add "Reset Bump Date" action to topic admin wrench (#6246) 2018-08-10 10:51:03 +10:00
Misaka 0x4e21
6db623ef6b UX: Improve category filtering and include subcategories
* category_filtering
  1. report_top_referred_topics
  2. report_top_traffic_sources
  3. report_post_edit
* category_filtering with subcategory topics
  1. report_top_referred_topics
  2. report_top_traffic_sources
  3. report_post_edit
  4. report_posts
  5. report_topics
  6. report_topics_with_no_response
* category_filtering tests (without subcategory topics)
  1. report_posts
  2. report_topics_with_no_response
* subcategory topics tests `in_category_and_subcategories` in `topic_spec.rb`
  1. `in_category_and_subcategories` in `topic_spec.rb`
  2. topics, posts, flags and topics_with_no_response in `report_spec.rb`
2018-08-10 10:50:05 +10:00
Gerhard Schlager
ef4b9f98c1 FEATURE: Allow admins to reply without topic bump 2018-08-10 10:48:30 +10:00
Kris
6ec92d5845 prettier 2018-08-09 20:45:47 -04:00
Kris
2e1049a75a Minor dashboard style adjustments 2018-08-09 20:43:18 -04:00
Simon Cossar
3cd4dc0f5f Allow users with group_locked_trust_level to be promoted to tl3 (#6249) 2018-08-10 10:42:23 +10:00
Osama Sayegh
0d5ebcb21d fix flaky specs (#6255) 2018-08-10 10:38:36 +10:00
Joffrey JAFFEUX
6a2ca60b48
FIX: ember click event not reliably working on fx (#6256) 2018-08-09 22:41:35 +02:00
Neil Lalonde
d77dccc636 FIX: user-deleted posts with deferred flags can be destroyed 2018-08-09 14:54:31 -04:00
Kris
04658bb2f1 UX: prevent text from wrapping below notification icons 2018-08-09 12:04:34 -04:00
Gerhard Schlager
6ddf7fcd1f Fix warnings about already initialized constants 2018-08-09 17:29:02 +02:00
Neil Lalonde
2c4d7225d8 FIX: permalink redirects with subfolder 2018-08-09 11:05:27 -04:00
Neil Lalonde
701c5ae781 UX: admin permalink form can fit on one line 2018-08-09 11:05:27 -04:00
Robin Ward
5895507153 FEATURE: Ability for plugins to whitelist custom fields for flags
You can now call `whitelist_flag_post_custom_field` from your plugins
and those custom fields will be available on the flagged posts
area of the admin section.
2018-08-09 10:49:14 -04:00
Robin Ward
cc90ed3870 Don't look for the only argument, but the first one 2018-08-09 10:14:45 -04:00
Joffrey JAFFEUX
da1d520d4c
FIX: simplifies mini tag chooser events handling (#6252) 2018-08-09 14:23:28 +02:00
Joffrey JAFFEUX
bfcf8ed61b
FIX: prevents focus of input on mobile (#6251) 2018-08-09 14:23:09 +02:00
Joffrey JAFFEUX
523acfcea4
FIX: checks on parent visibility instead of filter itself (#6250) 2018-08-09 10:45:53 +02:00