Username characters set #57
Comments
|
I changed that because of some characters causing trouble in the INI file and it’s escaping rules not recognised by parse_ini_file. I don’t wish to use any custom parser, so I need to refuse at least some characters. The chars I need to refuse that I know of are |
|
|
|
I will change all this for a blacklist. |
|
OK great! |
|
Crap, still forgot the |
remrem
added a commit
that referenced
this issue
Apr 15, 2017
Push 3.7.0-dev from the dev branch to the master branch * [PHP] - Security issue on admin panel (could connect with any username if the password was good) * [CSS] - minnor fix * [PHP] - fix for issue 52 * [CSS] - Small change in preferences page (+ light html reformating) * [PHP][CSS] - Wiki/BBCode parsing made more powerfull Added some stuff for comments and links inherited from articles Implemented @BoboTiG 's idea in issue #50 for [code=language] parsing. * [CSS] - Small change in graphs pages. * [PHP] - removed personnal email. * [PHP] - unified the wiki_*() functions for comms and links into new function markup(). Also minor changes + translated some comments to english (the rest remains to do progressively) * Fix BBCode color * Simplify RegExp * [PHP] - Fix for issue #57 * [PHP] - Fix for issue #59 Plus another issue in parse_text_paragraphs() regarding the tbody element. * Ignore non official themes and addons * Addons: select the good files * [SQL] - Added a “bookmark item” function in RSS reader, as per issue #48 WARNING: Do not update from previous version without reading changelog. Databse structure has changed and versions are not compatible. Use attached file for converting database. (see github.com/timovn/blogotext/) * [WIP] Remove use of DATE_PREMIER_MESSAGE_BLOG * [WIP] Calendar uses dynamic dates to determine previous/next months * Use the proper column * Add full support for addons * [addons] PSR-2 compliant + explanations * Add optional and required keywords * Restore {style} * [addon] Check existence of the callback * [PHP][JS][CSS] - reformated Add-ons code Created CSS file for addons page; uniformized data-handling (not finished); added Ajax button to one-clic-toggle an addon on or off; added some “fixme“ tags in code. * [PHP][JS] Few fixes and adjustements on addons * [PHP] - Ajax: removed some token issues. Tokens are reloaded at page and session, not at each request The unique-token is secure, but caused some issues if network is slow or requests are fast: tokens could not be reloaded fast enough. * [PHP] - Partial fix for issue #69 concerning modules * [PHP][CSS] Print all addon informations * [PHP] Add addon translation mecanism * addon tag relatif à #70 (comment) à chaque tag d'un addon trouvé, la fonction en callback est lancée * [PHP] - Fix for crashing on previsualising a comment also forgot to remove some JS in admin Added JS in public theme to scroll to form if some form errors occured (like captcha errors). * related to commit #72 related to commit #72, but this commit is for /testing. * [PHP] - On image integration codes, removed “style” attribute (not Blogotexts job to add that) * Fix Erreur 5867 : SQLSTATE[HY000]: General error: 1 9 values for 8 columns * [JS] - Small fix for comments activation. * related to #79 Problème avec la pagination * Update html.php * Update html.php * Update util.php * Update util.php * Update html.php * Update html.php * Update html.php * Update html.php * [SQL] - Pagination bug fix (see pull #80 and issue #79) * Revert "[SQL] - Pagination bug fix (see pull #80 and issue #79)" This reverts commit 8899e43. * [SQL] - Reverting. * [SQL] - On RSS reader: when deleting old entries, do not delete favs. * [HTML] - Added HTML integration codes for video and audio files. * Add Travis CI configuration file * [PHP] PSR-2 compliant * Remove hhvm from Travis tests * Add a failing test for Travis * Add a failing test for Travis, the return * Fix Travis script * Fix Travis test error * [PHP] Send mail to author at new comment * [PHP] revert 'more smileys' included from last patch * Add contributors file * [PHP] add space before ':' * [PHP] Remove use of tabulations mixed with spaces * Fix 'Send mail to author at new comment' was not working beacause not saved * [PHP] fix several PSR-2 errors on generated PHP files * [PHP] Proper use of error reporting * [PHP] Prefer the use of is_file to file_exists * [PHP] Prefs: display an error when prefs files are not writable (WIP #85) * [PHP] rename creer_dossier() to create_folder() * [PHP] Fix #85: new password not taken into account * [PHP] Code cleanup into fich.php * Add contributors explanations * Use the good remote name when updating contributor's repo * Remove addons folder for future submodule * Use sumodule for addons * [PHP] Fix #84 * fix #97 for file upload generated URI (#101) * Libravatar2 (#102) * [PHP] Libravatar support. back to gravatar if fail. Fix #98 * [PHP] Forgot new avatar dir * [PHP] Avastars: use is_file rather than file_exists * [PHP] Use single quote when double are not needed * Remove trailing lines (fixes #52) * Ignore PHAR and avatars files * Tests: check CSS and JS files too * [PHP] Remove multiple spaces from langs files * [PHP] Fix #103: possibility to share a private post * [PHP] langs: rename lien_article to post_link * [PHP] langs: rename lien_blog to blog_link (#103) * Update addons * [PHP] Homogenize use of header() * [PHP] Remove debug() * [PHP] Remove the use of '@', bad practice * [PHP] Remove useless type="text/javascript" * [PHP] Replace multiple spaces by only one * [PHP] Cleanup inc/conv.php * [PHP] Few optimizations into inc/conv.php * [PHP] Change few advanced options * [PHP] Cleanup inc/fich.php * [PHP] Use integers when needed for GLOBALS options (instead of strings) * [PHP] Cleanup inc/form.php * [PHP] Cleanup again * [PHP] Fix prefenrecnes handling * [PHP] Huge cleanup * [CSS] Fix bad comment style * [PHP] Update version check process * [PHP] Fix for #79? * Use official name: BlogoText * Several fixes - [PHP] Fix #104 et #105 - [PHP] Fix auth, and improvement - [PHP] Fix #79: pagination * [PHP] Fix comment activation * [PHP] bug fix for #123 * [PHP] Add addons parameters [PHP] bug fixes: #107, #112, #111 * [PHP] Fix #116: display post list when there is only one too * [PHP] Fix #118 * [PHP] Fix #121: refactor install process * [PHP] Fix addon settings * [PHP] Fix xauthlog generation * [PHP] Update example comment/link/post (#113) * [PHP] Update BT version * [PHP] Addons: add hooks system (for #120) * Next version * Readd addons * [PHP] Fix #131: addons are disabled by default * [PHP] Addons params: use integers when we can * [PHP] Addons params: fix value when integers used * Update addons * Update addons * Update addons * Add tests and PSR-2 helper in the doc * Remove CONTRIBUTING.md (moved to the Wiki) * [PHP] Addon improvements + some refactor (#133, #134) * [PHP] Fix addon var cache * [PHP] [WIP] Use BT_ROOT for absoluthe paths * New contributor: Remrem, thanks! * BT_ROOT, debug and refactor - [PHP] RSS feed insanely slow (#145) * Fix #146: one place for avatars and favicons * [PHP] Replace includes for requires * Update license * [PHP] Better security for all folders * [PHP] Install: cleanup check processes and allow installation into subfolder * [PHP] Fix #143: more secure settings files * [PHP] Unify use of database like files (+ PSR-2 compliant) * [PHP] [WIP] Smarter addons * Update addons * Big changes * Update addons * [PHP] Fixes + updates (for #160) * [PHP] admin: add feeds navigation (fix #145) * [PHP] Use LOCK_EX for all file_put_contents * [PHP] Tweak error logging * [PHP] Enhanced error logging system (fix #164) * [PHP] Imrpovement + debug * [PHP] Fix admin graphics when there is no data available * [PHP] Admin files: fix one integration code and remove duplicate stroke in URL * [PHP] Admin files: better URL handling (relative and absolute) * [JS|CSS] Admin graphics: fix hover line (fix #167) * [PHP] logrotate errors logs (fix #164) * [HTML] Admin: use versionning when delivering CSS files (partly fix #168) * #170 #149 #169 #130 ... * Update addons * [PHP] Bug fix and improvement * Fix #165 and #174 * [PHP] Fix wrong EXPIRE_PNG Nobody is perfect ;) * [PHP] Fix #172 * Add more filetypes and fix 'logical folders' behavior * [Freeze #178] admin: index.php * [Freeze #178] admin: articles.php * [Freeze #178] admin: ecrire.php * [CSS] Fix picture scale into post preview * [Freeze #178] admin: commentaires.php * [JS] Fix Travis errors * [Freeze #178] admin: fix Travis error on index.php * [JS] admin: fix file deletion when there is no pictures * [Freeze #178] admin: fichiers.php, _dragndrop.ajax.php, _rmfichier.ajax.php * [Freeze #178] admin: remove template.php * [Freeze #178] admin: fix post creation * [Freeze #178] admin: links * [Freeze #178] admin: authentication process - password hashing changes (robustness and limitless char count) - needed to partially check install.php - fix #132 * Admin: autofocus on inputs (auth, install) * Admin: remove use of $GLOBALS['files_ext'] * [Freeze #178] admin: install.php * [Freeze #178] admin: feeds * [Freeze #178] public: some cleaning and improvements * Admin: fix month shift when updating one post * [Freeze #178] admin: preferences * [Freeze #178] admin: maintenance * Admin: feeds: fix refresh all process * [Freeze #178] admin: addons * [Freeze #178] admin: comments * Bug fiix for feeds "mark all as read" * [Freeze #178] admin: bug fixes * Fix "mark as read" for "all feeds" * Fix for addons action buttons * Fix args function in auth * [Freeze #178] delete unused functions * [PHP] Fix /var/log creation Erreur lors de la création de /var/log * Install: better place to recreate the advanced settings files petite modification pour recréer le fichier settings-advanced à un moment plus opportun... * Update addons * [PHP] One fix into admin/fichiers.php and secure existant folders * [PHP] Fix installation process * [PHP] admin, files: fix unsetted picture attrs * Admin: auth_write_access() creates PSR-2 compliant file * Addons: create PSR-2 compliant DTB like files * Addons: invalid behavior with text option (fix #185) * Admin: change lines writen to the auth log file * Test for Travis CI * Revert "Test for Travis CI" This reverts commit 5c76a8f. Explanation: - errors returned by phpcs are not errors; - the latest phpcs version is broken (2.7.1 for now); - with the version 2.6.2, it is all right; - an issue has been opened: squizlabs/PHP_CodeSniffer#1251 * [Freeze #178] add installer * Admin: display less months on graphics (fix #189) * Fix Travis checks by using old PHPCS version (2.6.2) * admin nav: fix shadow (#196) * Fix issue #193 * Fix bug on type casting (int) with 32b system (fix #202) * Add changelog (#178) * Set and use real admin path (#210) * Fix chapo escape (#178) * Remove useless semilicon * Remove gravatar duplicate class * Fix graphics display on small devices (#189) * Light update for README * Typo in translation * Fix default theme comment form * Remove "À propos" link from default them * Rewords - catégorie > tag - précision des mots clés (META) * Fix #227 Patch cron & boot (#228) * [WIP] Feed reader arrows are invisble on small screen * Prevent client stop proccess (fix #227) * Add test on addon load * [PHP] Add requirements: intl * Use CSS for navigation arrows (fix #224) * CSS improvement for addon page (fix #232) * fix #232 proposal * css improvement for addon page * Fix for CSS arrow * preparation de la release 3.7 * Links fix (#240) * Fix #239 Fix #239 * Revert "Fix #239" This reverts commit 4002c8c. * Fix for delete links Fix for delete links * version number (#241) préparation du numéro de la version en vue du merge pour master * remove submodule addons * add simple addons folder
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
On the dev branch, I can no longer use my username when validating the preferences form.
Is it possible to allow
-and other signs like.? These are quite common.The text was updated successfully, but these errors were encountered: