github-mirror/framework
2
0
Fork 0
mirror of https://github.com/flarum/framework.git synced 2024-11-24 00:30:47 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity
660 Commits 87 Branches 49 Tags 176 MiB
6cf1dbe648
Commit Graph

660 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Toby Zerner
6cf1dbe648 Add HTMLPurifier after formatters are run. 
After a morning of searching, it seems there is no PHP Markdown library
that has built-in XSS/sanitization support. The recommended solution is
to use HTMLPurifier.

This actually works out OK, though, as it’s probably a good idea to
enforce sanitization regardless of which formatters are enabled, and to
not leave them with the responsibility of sanitization (it’s a big
responsibility). Since we cache rendered posts, the slow speed of
HTMLPurifier isn’t a concern.

Note that HTMLPurifier requires a file to be loaded by Composer, but
Studio does not yet support this, so for now I have included it
manually.
 2015-06-02 11:36:25 +09:30
Toby Zerner
fb3038d128 Password cannot be null 2015-06-01 17:55:52 +09:30
Toby Zerner
82377f2302 Fix error on account registration 2015-06-01 17:55:41 +09:30
Toby Zerner
c7a6f8650e Make user activity posts more compact 2015-06-01 17:55:13 +09:30
Toby Zerner
5d29265a73 Use icon instead in composer title when replying to another thread 2015-06-01 17:55:05 +09:30
Toby Zerner
8638e9c9ca Tweak reply placeholder appearance 2015-06-01 17:54:37 +09:30
Toby Zerner
5d28fc2713 Only validate dirty attributes 
To prevent unique-checking queries on every update
 2015-06-01 12:26:44 +09:30
Toby Zerner
3334063740 Use pre-loaded state if applicable. closes flarum/core#89 2015-06-01 12:26:11 +09:30
Toby Zerner
bb1491e19e Extract current user attributes into a separate serializer 
This prevents the unread notifications count query being run for every
post by the currently authenticated user
 2015-06-01 12:25:40 +09:30
Toby Zerner
0f9549f4b9 Remove default relationships from serializers 2015-06-01 12:24:06 +09:30
Toby Zerner
7a35f5faf6 Fix/simplify timestamp live updating. closes flarum/core#101 2015-06-01 11:10:15 +09:30
Toby Zerner
be249cbcb5 Scroll to the bottom of the last post when jumping to last 2015-06-01 11:09:39 +09:30
Toby Zerner
47560dbc86 Force redraw to ensure focusing works 2015-06-01 10:43:16 +09:30
Toby Zerner
bfc4201338 Add icon to post edit composer 2015-06-01 10:29:11 +09:30
Toby Zerner
7362aff345 Make replyAction into a promise. closes #100 2015-06-01 10:29:01 +09:30
Toby Zerner
56981c1297 Add reply placeholder to bottom of post stream 2015-06-01 10:28:24 +09:30
Toby Zerner
3f6a3de863 Add 'state helpers', shortcuts to make querying app state easier 2015-06-01 10:26:23 +09:30
Toby Zerner
351775ef02 Add NotificationWillBeSent event 2015-06-01 08:52:04 +09:30
Toby Zerner
1153e41b7a Add text-editor API to get selection range 2015-06-01 08:49:46 +09:30
Toby Zerner
f8d681d9ab Fix bug where switching composer component would lead to incorrect rendering 2015-06-01 08:49:23 +09:30
Toby Zerner
d33bac533d Tweak composer full screen styles. closes flarum/core#102 2015-06-01 08:48:50 +09:30
Toby Zerner
acb6a8d8c5 Add some missing post content styles 2015-06-01 08:48:10 +09:30
Toby Zerner
44a4e31fe1 Simplify active discussion detection 2015-05-31 13:53:02 +09:30
Toby Zerner
a1da95962d Move theme config to database 2015-05-31 11:18:19 +09:30
Toby Zerner
8e7634e36d Fix post scrubber closing on mobile 2015-05-31 11:17:41 +09:30
Toby Zerner
1603c10ae9 Padding tweak 2015-05-30 14:58:47 +09:30
Toby Zerner
e1f8fbdc32 Prevent error when trying to get relationship and no links have been loaded 2015-05-30 13:58:21 +09:30
Toby Zerner
78e10ec541 Eager load notification relationships 2015-05-30 13:57:39 +09:30
Toby Zerner
8e4f4a549c Re-add event after a discussion has loaded 
replyAction uses it
 2015-05-30 12:06:48 +09:30
Toby Zerner
5db1751660 Add helper to format number with commas 2015-05-30 08:40:29 +09:30
Toby Zerner
ba1ddc0a14 Implement abbreviate-number helper. closes flarum/core#96 2015-05-30 08:08:57 +09:30
Toby Zerner
4edb95e9e2 Sync the discussion model/post stream when posts are added/removed 2015-05-29 18:56:29 +09:30
Toby Zerner
0d1b67274d Fix edge cases where posts would not be added/removed 2015-05-29 18:55:53 +09:30
Toby Zerner
102a9e498e Fix incorrect class name 2015-05-29 18:55:29 +09:30
Toby Zerner
456af4273b Sort included posts 
They can be out of order in the payload due to relationship loading,
e.g. post #1 includes post #14 that has mentioned it, therefore #14
will be the first post in the payload. The new post stream doesn’t take
kindly to out of order posts.
 2015-05-29 18:55:19 +09:30
Toby Zerner
2e82fb4015 Refactor discussion list styles, fix loading indicator height in pane 2015-05-29 18:31:17 +09:30
Toby Zerner
cafa6c7b5d New and improved post stream. 2015-05-29 18:17:50 +09:30
Toby Zerner
2741923714 Improvements to change/forgot password 2015-05-27 16:25:44 +09:30
Toby Zerner
696bfe5a07 Improve email changing/confirmation stuff 2015-05-27 16:24:54 +09:30
Toby Zerner
8f0989fb80 Various appearance tweaks 2015-05-27 16:22:02 +09:30
Toby Zerner
6fed357605 Allow ActionButtons to be disabled 2015-05-27 16:21:15 +09:30
Toby Zerner
c5d820a92d Hide "mark all as read" button from guests 2015-05-27 16:19:40 +09:30
Toby Zerner
796c2590a2 Add unread indicator to scrubber. closes #94 2015-05-27 16:18:21 +09:30
Toby Zerner
1ec2a4c742 Update email address confirmation subject 2015-05-26 18:07:27 +09:30
Toby Zerner
dee9bb1c6d Tweak post-signup welcome appearance 2015-05-26 18:05:20 +09:30
Toby Zerner
20dfc6c341 Retain relevant data when switching between login/signup modals 2015-05-26 18:05:07 +09:30
Toby Zerner
e5532d9618 Roughly implement change password/email, delete account modals 2015-05-26 18:03:02 +09:30
Toby Zerner
a4a0092513 Fix error when rendering deleted user 2015-05-26 18:02:04 +09:30
Toby Zerner
4849e423eb Redraw discussion list items if user marks all as read 2015-05-26 18:01:05 +09:30
Toby Zerner
61e110b245 Don't show load more button unnecessarily 2015-05-26 18:00:41 +09:30