Skip to content
Permalink
Browse files

prepare release 2.0.5

  • Loading branch information...
garvinhicking committed Nov 28, 2016
1 parent 55d0cc2 commit fbdd50a448ed87ba34ea8c56446b8f1873eadd6f
Showing with 17 additions and 5 deletions.
  1. +9 −0 docs/NEWS
  2. +5 −2 include/admin/images.inc.php
  3. +1 −1 serendipity_config.inc.php
  4. +2 −2 templates/2k11/admin/category.inc.tpl
@@ -1,3 +1,12 @@
Version 2.0.5 (November 28th, 2016)
------------------------------------------------------------------------

* [Security] Improve preventing fetching local files, thanks to
Xu Yue.

* [Security] Prevent XSS in adding category and directory names,
thanks to Edric Teo @smarterbitbybit.

Version 2.0.4 (September 26th, 2016)
------------------------------------------------------------------------

@@ -225,8 +225,11 @@
} else {
// Fetch file
$fContent = $req->getResponseBody();
$fUrl = $req->getEffectiveUrl();
if ($serendipity['POST']['imageimporttype'] == 'hotlink') {
if (!serendipity_url_allowed($fUrl)) {
$messages[] = sprintf('<span class="msg_error"><span class="icon-attention-circled"></span> ' . REMOTE_FILE_INVALID . "</span>\n", $fUrl);
} elseif ($serendipity['POST']['imageimporttype'] == 'hotlink') {
$tempfile = $serendipity['serendipityPath'] . $serendipity['uploadPath'] . '/hotlink_' . time();
$fp = fopen($tempfile, 'w');
fwrite($fp, $fContent);
@@ -473,7 +476,7 @@
/* TODO: check if directory already exist */
if (is_dir($nd) || @mkdir($nd)) {
$data['print_DIRECTORY_CREATED'] = sprintf(DIRECTORY_CREATED, $serendipity['POST']['name']);
$data['print_DIRECTORY_CREATED'] = sprintf(DIRECTORY_CREATED, $new_dir);
@umask(0000);
@chmod($serendipity['serendipityPath'] . $serendipity['uploadPath'] . $new_dir, 0777);
@@ -47,7 +47,7 @@
}
// The version string
$serendipity['version'] = '2.0.4';
$serendipity['version'] = '2.0.5';
// Setting this to 'false' will enable debugging output. All alpha/beta/cvs snapshot versions will emit debug information by default. To increase the debug level (to enable Smarty debugging), set this flag to 'debug'.
@@ -54,7 +54,7 @@
<div id="category_basics" class="clearfix">
<div class="form_field">
<label for="category_name">{$CONST.NAME}</label>
<input id="category_name" pattern="{if $new}^(?!({foreach $categories as $cat}{$cat.category_name}|{/foreach})$).*{else}^(?!({foreach $categories as $cat}{if $this_cat.category_name != $cat.category_name}{$cat.category_name}{/if}|{/foreach})$).*{/if}" name="serendipity[cat][name]" type="text" value="{$this_cat.category_name|default:""|escape}" title="Categoryname">
<input id="category_name" pattern="{if $new}^(?!({foreach $categories as $cat}{$cat.category_name|escape}|{/foreach})$).*{else}^(?!({foreach $categories as $cat}{if $this_cat.category_name != $cat.category_name}{$cat.category_name|escape}{/if}|{/foreach})$).*{/if}" name="serendipity[cat][name]" type="text" value="{$this_cat.category_name|default:""|escape}" title="{$CONST.CATEGORY}">
</div>

<div class="form_field">
@@ -74,7 +74,7 @@
<option value="0"{if $cid == 0} selected{/if}>{$CONST.NO_CATEGORY}</option>
{foreach $categories as $cat}
{if $cat.categoryid == $cid}{continue}{/if}
<option value="{$cat.categoryid}"{if $this_cat.parentid == $cat.categoryid} selected{/if}>{for $i=1 to $cat.depth}&nbsp{/for} {$cat.category_name}</option>
<option value="{$cat.categoryid}"{if $this_cat.parentid == $cat.categoryid} selected{/if}>{for $i=1 to $cat.depth}&nbsp{/for} {$cat.category_name|escape}</option>
{/foreach}
</select>
</div>

0 comments on commit fbdd50a

Please sign in to comment.
You can’t perform that action at this time.