Commit Graph

824 Commits

Author SHA1 Message Date
Toby Zerner
6cf1dbe648 Add HTMLPurifier after formatters are run.
After a morning of searching, it seems there is no PHP Markdown library
that has built-in XSS/sanitization support. The recommended solution is
to use HTMLPurifier.

This actually works out OK, though, as it’s probably a good idea to
enforce sanitization regardless of which formatters are enabled, and to
not leave them with the responsibility of sanitization (it’s a big
responsibility). Since we cache rendered posts, the slow speed of
HTMLPurifier isn’t a concern.

Note that HTMLPurifier requires a file to be loaded by Composer, but
Studio does not yet support this, so for now I have included it
manually.
2015-06-02 11:36:25 +09:30
Toby Zerner
fb3038d128 Password cannot be null 2015-06-01 17:55:52 +09:30
Toby Zerner
82377f2302 Fix error on account registration 2015-06-01 17:55:41 +09:30
Toby Zerner
c7a6f8650e Make user activity posts more compact 2015-06-01 17:55:13 +09:30
Toby Zerner
5d29265a73 Use icon instead in composer title when replying to another thread 2015-06-01 17:55:05 +09:30
Toby Zerner
8638e9c9ca Tweak reply placeholder appearance 2015-06-01 17:54:37 +09:30
Toby Zerner
5d28fc2713 Only validate dirty attributes
To prevent unique-checking queries on every update
2015-06-01 12:26:44 +09:30
Toby Zerner
3334063740 Use pre-loaded state if applicable. closes flarum/core#89 2015-06-01 12:26:11 +09:30
Toby Zerner
bb1491e19e Extract current user attributes into a separate serializer
This prevents the unread notifications count query being run for every
post by the currently authenticated user
2015-06-01 12:25:40 +09:30
Toby Zerner
0f9549f4b9 Remove default relationships from serializers 2015-06-01 12:24:06 +09:30
Toby Zerner
7a35f5faf6 Fix/simplify timestamp live updating. closes flarum/core#101 2015-06-01 11:10:15 +09:30
Toby Zerner
be249cbcb5 Scroll to the bottom of the last post when jumping to last 2015-06-01 11:09:39 +09:30
Toby Zerner
47560dbc86 Force redraw to ensure focusing works 2015-06-01 10:43:16 +09:30
Toby Zerner
bfc4201338 Add icon to post edit composer 2015-06-01 10:29:11 +09:30
Toby Zerner
7362aff345 Make replyAction into a promise. closes #100 2015-06-01 10:29:01 +09:30
Toby Zerner
56981c1297 Add reply placeholder to bottom of post stream 2015-06-01 10:28:24 +09:30
Toby Zerner
3f6a3de863 Add 'state helpers', shortcuts to make querying app state easier 2015-06-01 10:26:23 +09:30
Toby Zerner
351775ef02 Add NotificationWillBeSent event 2015-06-01 08:52:04 +09:30
Toby Zerner
1153e41b7a Add text-editor API to get selection range 2015-06-01 08:49:46 +09:30
Toby Zerner
f8d681d9ab Fix bug where switching composer component would lead to incorrect rendering 2015-06-01 08:49:23 +09:30
Toby Zerner
d33bac533d Tweak composer full screen styles. closes flarum/core#102 2015-06-01 08:48:50 +09:30
Toby Zerner
acb6a8d8c5 Add some missing post content styles 2015-06-01 08:48:10 +09:30
Toby Zerner
44a4e31fe1 Simplify active discussion detection 2015-05-31 13:53:02 +09:30
Toby Zerner
a1da95962d Move theme config to database 2015-05-31 11:18:19 +09:30
Toby Zerner
8e7634e36d Fix post scrubber closing on mobile 2015-05-31 11:17:41 +09:30
Toby Zerner
1603c10ae9 Padding tweak 2015-05-30 14:58:47 +09:30
Toby Zerner
e1f8fbdc32 Prevent error when trying to get relationship and no links have been loaded 2015-05-30 13:58:21 +09:30
Toby Zerner
78e10ec541 Eager load notification relationships 2015-05-30 13:57:39 +09:30
Toby Zerner
8e4f4a549c Re-add event after a discussion has loaded
replyAction uses it
2015-05-30 12:06:48 +09:30
Toby Zerner
5db1751660 Add helper to format number with commas 2015-05-30 08:40:29 +09:30
Toby Zerner
ba1ddc0a14 Implement abbreviate-number helper. closes flarum/core#96 2015-05-30 08:08:57 +09:30
Toby Zerner
4edb95e9e2 Sync the discussion model/post stream when posts are added/removed 2015-05-29 18:56:29 +09:30
Toby Zerner
0d1b67274d Fix edge cases where posts would not be added/removed 2015-05-29 18:55:53 +09:30
Toby Zerner
102a9e498e Fix incorrect class name 2015-05-29 18:55:29 +09:30
Toby Zerner
456af4273b Sort included posts
They can be out of order in the payload due to relationship loading,
e.g. post #1 includes post #14 that has mentioned it, therefore #14
will be the first post in the payload. The new post stream doesn’t take
kindly to out of order posts.
2015-05-29 18:55:19 +09:30
Toby Zerner
2e82fb4015 Refactor discussion list styles, fix loading indicator height in pane 2015-05-29 18:31:17 +09:30
Toby Zerner
cafa6c7b5d New and improved post stream. 2015-05-29 18:17:50 +09:30
Franz Liedke
a1f5060c05 Remove obsolete imports 2015-05-28 23:52:40 +02:00
Franz Liedke
8a57922833 For now, inject URL generator instead of providing helper method. 2015-05-28 23:46:56 +02:00
Franz Liedke
76114f2979 Implement helper for generating routes in API actions. 2015-05-27 23:59:41 +02:00
Franz Liedke
9526dbf210 Create URL generator interface.
Also bind a default implementation to the container.
2015-05-27 23:58:43 +02:00
Toby Zerner
2741923714 Improvements to change/forgot password 2015-05-27 16:25:44 +09:30
Toby Zerner
696bfe5a07 Improve email changing/confirmation stuff 2015-05-27 16:24:54 +09:30
Toby Zerner
8f0989fb80 Various appearance tweaks 2015-05-27 16:22:02 +09:30
Toby Zerner
6fed357605 Allow ActionButtons to be disabled 2015-05-27 16:21:15 +09:30
Toby Zerner
c5d820a92d Hide "mark all as read" button from guests 2015-05-27 16:19:40 +09:30
Toby Zerner
796c2590a2 Add unread indicator to scrubber. closes #94 2015-05-27 16:18:21 +09:30
Franz Liedke
7ab3437136 Switch admin app to new PSR-7 driven architecture 2015-05-27 03:02:10 +02:00
Franz Liedke
95677e05e3 Add another abstract action base class for dealing with returned views 2015-05-27 03:01:09 +02:00
Franz Liedke
cff0e96eaa Implement helper method for redirecting 2015-05-27 02:48:08 +02:00