Merge 2.3 into master #10837
Merged
Merge 2.3 into master #10837
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
fix(views): corrected syntax error in input/date
fix(core): Check existence of cache symlink without usage of readlink()
For string params, `serialize_parameters` outputs a string literal of PHP code, and `addcslashes` was not appropriate for this task, particularly around escapes in strings. While you can tell it to also escape escape chars, a second pass would be needed. The tests now `eval` the output just as the production code does, and this also makes the tests easier to read.
chore: canComment inline with parent class
fix(web_services): handle string params with proper escaping
chore(admin): fix plugin dependencies styling issue
When a plugin is (de)activated, the updated plugin list now correctly shows/hides links to settings pages, and the admin menu is updated according to the active plugins. Fixes Elgg#10656
…dler Without this patch, fetches that occur in a done() handler would not show the spinner because jQuery's "complete" handler (which fires after) always stopped the spinner.
The `elgg/Ajax` module was auto-converting any request with `options.data` to use the `POST` method. This makes sense for things like actions, which may send a large amount of form data, but it caused `$vars` to not be populated as expected because only `GET` params are injected. If you specified `options.data` with these methods before, note the server will no longer receive this data as `$_POST` on the server. Fixes Elgg#10667
Relative paths to files that contain special characters in the name will now be encoded with base64 to avoid malformatted URLs and HMAC mismatches resulting from unescaped characters. URLs generated prior to this change will continue working. Refs Elgg#10608
fix(files): mitigate issues with special chars in file names
fix(ajax): elgg/Ajax view() and form() set $vars as expected
Merge 2.2 into 2.3
…into release-2.3.0
chore(release): v2.3.0
…users River items about new discussions are once again visible to logged out users. Discussion replies (but not the form) will be visible as well. Replaces Elgg#10685
Removes cruft for older PHP versions. Fixes Elgg#10689
fix(html): elgg_normalize_url() handles tel: links
fix(discussions): river entries are once again visible to logged out …
fix(views): elgg_view_field no longer leaves #type in attributes
fix(views): in table lists, rows now have IDs
fix(access): use ignore access only when querying the database
chore(composer): update dependencies and regenerate lock
chore(release): v2.3.1
…paces Our use of `filter_var()`/`FILTER_VALIDATE_URL` can now handle multibyte chars. Previous Elgg versions passed through invalid URLs that contained spaces. Since even core code created these URLs, we compromise by auto-encoding spaces rather than rejecting those URLs. Fixes Elgg#10771
If the destination URL has a hash, and the whole URL is identical to the current page, we must force `reload()`.
Documents current practice and legacy issue for older systems. Fixes Elgg#10778
docs(security): explains current password hashing
…casting Metadata/annotation casting is now explained in the docs. Deprecates `detect_extender_valuetype()` and moves its logic to a static `ElggExtender` method. Fixes Elgg#10749
fix(install): explicitly allow .well-known in rewrite rules
Devs who refactor `elgg_delete_river()` code to use `elgg_get_river()` may be surprised that it doesn't support this option. Fixes Elgg#10791
chore(river): warn devs that elgg_get_river() has no "views" option
Now uses a temporary files to store raw icon bytes Fixes 10686
fix(js): make sure elgg.forward() always reloads the page
fix(output): elgg_normalize_url() again handles multibyte chars and spaces
perf(db): improved performance of disable/delete of an entity
deprecate(logging): removes warnings about metadata/annotation value casting
fix(twitter_api): do not feed remote URLs to icon resize API
chore(release): v2.3.2
Closed
|
Lgtm |
|
Thanks! I had just sat down to do this. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.