Commit Graph

126 Commits

Author SHA1 Message Date
David Wheatley
86d23a5de2
chore: use @php in Blade templates (#3172)
* chore: remove comment

* chore: use `@php` in blade templates

* chore: use `@php` in blade templates
2021-11-23 12:55:36 +00:00
Fransiscus Rolanda Malau
0a7e885eab
Add missing autocomplete attributes to input fields (#3088)
* Add missing autocomplete attributes to input fields
* Add autocomplete attributes to password fields
* Attribute should use new-password
2021-10-13 14:53:35 -04:00
David Wheatley
c10a30bae9
[A11Y] Adds missing focus rings back to control elements (#3016)
* Remove the stuff that removes critical accessibility features

* Remove no outline from basic blade layout

* Remove focus outline from FormControls
2021-09-13 23:47:13 +01:00
Sami Mazouz
e8153ccc79
feat: NoJs Admin View (#3059)
Adds a nojs blade template to be able to enable/disable extensions when one of them misbehaves.
2021-08-31 09:08:27 +01:00
Clark Winkelmann
aba6836bdd
Replace username with display name in more places (#3040)
* Replace username with display name in more places

* More readable spread operator and translator user magic
2021-08-21 23:34:34 +01:00
David Sevilla Martín
57eb621885
Move email confirmation to POST request (#3038)
* Add blade view to confirm email flow, move actual confirmation to POST request

* Apply fixes from StyleCI

[ci skip] [skip ci]

Co-authored-by: datitisev <datitisev@users.noreply.github.com>
2021-08-21 16:13:57 +01:00
David Sevilla Martín
765bd59965
Improve discussion page canonical URL (#2853)
* Switch to ?page= discussion page canonical URL & fix no-JS pagination buttons
2021-05-10 19:20:47 -04:00
Alexander Skvortsov
b45519974a
Switch to ICU MessageFormat (#2759) 2021-04-30 12:44:39 -04:00
Matt Kilgore
4679448300
Slug Driver Support (#2456)
- Support slug drivers for core's sluggable models, easily extends to other models
- Add automated testing for affected single-model API routes
- Fix nickname selection UI
- Serialize slugs as `slug` attribute
- Make min search length a constant
2020-12-07 13:33:42 -05:00
Alexander Skvortsov
1d2f0ca407
Header UI fixes (#2371)
* Revert "Fix header contents moving when opening modal (#2131)"
* Fix header contents moving when modal opened/closed.

Conditionally apply the navbar-fixed-top class only when needed, so that we can take advantage of it without always having the navbar in position:fixed, as was done in the previous solution. That resulted in a clash with custom headers.

* Show header on refresh of scrolled page

Due to some magic in Mithril 0.1's context:retain flag, some DOM elements were cached across page reloads. Since that has been eliminated, if we refresh the page and we are scrolled down, the "affix" class which makes the header fixed (and as a result, visible) isn't applied until the first scroll. We fix this by running ScrollListener.update() immediately to set initial navbar state.
2020-10-09 19:05:53 -04:00
Alexander Skvortsov
cc48e9ab22
Replace $app->url() with url-generated link to index (#2302) 2020-09-24 11:30:57 -04:00
Franz Liedke
2b5939d538
Simplify a few unnecessary Arr::get() calls 2020-07-24 22:56:31 +02:00
Franz Liedke
e4077ab4ad
Replace a few forgotten obsolete helpers
- Apparently, I forgot that `array_flatten` comes from Laravel. :)
- When I did this previously, I did not search the views directory.
2020-07-24 17:28:56 +02:00
w-4
4b6864534b
Fix header contents moving when opening modal (#2131)
* add navbar-fixed-top css class

* App-header position:fixed
2020-05-23 14:41:54 -04:00
luceos
ca0c52d60a Apply fixes from StyleCI
[ci skip] [skip ci]
2020-01-05 21:28:46 +00:00
Franz Liedke
bdac88b573
Determine error view and message based on type
...not based on status code.

To simplify this logic, we now use the same error "type" both when
routes are not found and specific models are not found. One exception is
ours, one is from Laravel, but for the purposes of error handling they
should be treated the same.

Fixes flarum/core#1641.
2019-08-14 19:47:56 +02:00
Daniël Klabbers
89f6cfd949 removed link to home, go back, which is always the case with csrf token invalidation 2019-06-24 10:49:31 +02:00
Franz Liedke
8e86d38804 Merge pull request from GHSA-3wjh-93gr-chh6
* Integration tests: Memoize request handler as well

This is useful to send HTTP requests (or their PSR-7 equivalents)
through the entire application's middleware stack (instead of
talking to specific controllers, which should be considered
implementation detail).

* Add tests for CSRF token check

* Integration tests: Configure vendor path

Now that this is possible, make the easy change...

* Implement middleware for CSRF token verification

This fixes a rather large oversight in Flarum's codebase, which was that
we had no explicit CSRF protection using the traditional token approach.

The JS frontend was actually sending these tokens, but the backend did
not require them.

* Accept CSRF token in request body as well

* Refactor tests to shorten HTTP requests

Multiple tests now provide JSON request bodies, and others copy cookies
from previous responses, so let's provide convenient helpers for these.

* Fixed issue with tmp/storage/views not existing, this caused tmpname to notice.
Fixed csrf test that assumed an access token allows application access, which is actually api token.
Improved return type hinting in the StartSession middleware

* Using a different setting key now, so that it won't break tests whenever you re-run them once smtp is set.
Fixed, badly, the test to create users etc caused by the prepareDatabase flushing all settings by default.

* added custom view, now needs translation
2019-06-24 09:14:38 +02:00
Franz Liedke
d292aaabf8
Fix another documentation link
Forgotten in #1699, closes #1736.
2019-03-07 00:33:25 +01:00
Franz Liedke
89e018a4f0
Simplify PrerequisiteInterface
I went with a return type of Collection, because it is easier to call
methods such as isEmpty() directly on those objects.
2019-01-31 21:52:05 +01:00
Kirill
b58380e224 Fix incorrect docs link (#1699) 2018-12-13 20:19:13 +01:00
Toby Zerner
796b57753d Don't output empty html tag attributes
From https://discuss.flarum.org/d/17817-meta-description-is-empty/8
ref #1677
2018-12-04 09:47:49 +10:30
Toby Zerner
0e73785498
Frontend refactor (#1471)
Refactor Frontend + Asset code

- Use Laravel's Filesystem component for asset IO, meaning theoretically
  assets should be storable on S3 etc.

- More reliable checking for asset recompilation when debug mode is on,
  so you don't have to constantly delete the compiled assets to force
  a recompile. Should also fix issues with locale JS files being
  recompiled with the same name and cached.

- Remove JavaScript minification, because it will be done by Webpack
  (exception is for the TextFormatter JS).

- Add support for JS sourcemaps.

- Separate frontend view and assets completely. This is an important
  distinction because frontend assets are compiled independent of a
  request, whereas putting together a view depends on a request.

- Bind frontend view/asset factory instances to the container (in
  service providers) rather than subclassing. Asset and content
  populators can be added to these factories – these are simply objects
  that populate the asset compilers or the view with information.

- Add RouteHandlerFactory functions that make it easy to hook up a
  frontend controller with a frontend instance ± some content.

- Remove the need for "nojs"

- Fix cache:clear command

- Recompile assets when settings/enabled extensions change
2018-06-30 12:31:12 +09:30
Toby Zerner
805768a9e0
[WIP] JS Extender API foundation (#1468)
* Run extenders exported by extensions
* Add some basic extenders
* Patch Mithril as the very first thing so extension code can run safely
* Load the payload into the app before booting extensions
* Setup default routes before booting extensions
2018-06-22 10:49:46 +09:30
Toby Zerner
3f683dd6ee
Webpack (#1367)
* Replace gulp with webpack and npm scripts for JS compilation
* Set up Travis CI to commit compiled JS
* Restructure `js` directory; only one instance of npm, forum/admin are "submodules"
* Refactor JS initializers into Application subclasses
* Maintain partial compatibility API (importing from absolute paths) for extensions
* Remove minification responsibility from PHP asset compiler
* Restructure `less` directory
2018-06-20 13:20:31 +09:30
Johann Rodríguez
7721288ac6 No slug? Then no '-' separator! (#1351)
* Stop using slug separator when there is no slug

* Changing as per upstream requirements
2018-02-09 07:22:50 +10:30
Franz Liedke
3480a65989
Avoid calculations in views
Instead, look up existence of navigation links in the underlying
API document.
2018-01-10 20:39:53 +01:00
Franz Liedke
2979e8bc28
Use Blade's inject helper 2018-01-10 20:36:50 +01:00
Franz Liedke
8c470954eb
Add pagination link for previous page 2018-01-10 20:35:07 +01:00
Franz Liedke
6913e8f0f8
Only display pagination link if necessary
Otherwise, search engines start indexing pages that aren't filled yet.

Refs #189.
2018-01-10 20:34:25 +01:00
Toby Zerner
f2ce4e11e2 Fix class name 2018-01-01 10:34:19 +10:30
Toby Zerner
d807171c44 Fix URL generator usage 2017-12-29 21:29:04 +10:30
Daniël Klabbers
f65e4dcba3
merges 5.5 and master into next-back 2017-12-14 01:00:16 +01:00
Toby Zerner
1a239ee93a Fix crash when post's user has been deleted 2017-12-10 21:02:35 +10:30
Toby Zerner
b806dc3db2 Move view logic into middleware 2017-11-29 22:25:57 +10:30
Toby Zerner
5b46ec801d Generate URL in the controller instead of the view 2017-11-29 22:20:06 +10:30
Toby Zerner
ba769e0c7e Preserve return URL when confirming logout 2017-11-29 13:47:00 +10:30
Toby Zerner
ea2fc1ff8a Add a "return home" link to 404 errors 2017-11-29 13:23:25 +10:30
Toby Zerner
b7c1cc5cef New design for error pages. closes #252 2017-11-29 13:03:55 +10:30
Toby Zerner
e8a4e5e0ef Add log out confirmation if CSRF token is invalid. fixes #1282 2017-11-29 13:03:16 +10:30
Toby Zerner
9392e1bec3 New design for reset password view 2017-11-29 12:53:06 +10:30
Toby Zerner
479e44dd04 Restructure views
- Use Laravel's view namespacing rather than the full file path
- Organise views into directories
2017-11-29 12:51:24 +10:30
Daniel Klabbers
44e9007790 using blade @json directive to parse raw json into frontend` 2017-11-01 13:22:16 +01:00
Toby Zerner
40ebc13292 Only apply custom CSS and header HTML on forum, not admin 2017-10-25 13:40:57 +10:30
Toby Zerner
ea4d889b76 Fix post contentHtml sometimes breaking script parsing
<\/script> tags in post content would sometimes be recognized as
actually ending the script tag, even when escaped (not exactly sure
why). This is fixed by encoding the < > characters in unicode.
2017-10-05 11:48:10 +10:30
Franz Liedke
b72407440d
Combine URL generator classes into one 2017-10-03 18:54:06 +02:00
Toby Zerner
89d4a1e849 Remove MySQL port field from visual installer
Port can still be specified by suffixing the host with a :

closes #825
2017-07-22 11:32:07 +09:30
Sajjad Hashemian
8cc117d89d Prevent crawlers to index nojs pages 2017-02-26 19:48:33 +03:30
David Sevilla Martín
fcfc1b2a37 Add more attributes in app.blade.php and add a setDescription method. (#1105)
* Added `language` and `direction` properties to WebAppView

* Use properties `language` and `direction` in app.blade.php

* Added WebAppView::setDescription to set the meta description

* Whoops! Changed "ltr" to \'ltr\'. Thanks StyleCI :)

* Removed unnecessary `= null` for

* Changed `.. ? .. : ..` to `.. ?: ..`. Useful thing right there ;)
2017-02-03 23:09:22 +01:00
Franz Liedke
2225fdec72 Merge pull request #989 from nielstholenaar/master
Fixes #825
2017-02-03 17:51:07 +01:00