fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-05-17 16:02:17 +09:00
Code Issues Projects Releases Packages Wiki Activity
20959 commits 7 branches 212 tags 119 MiB
Commit graph

11529 commits

Author SHA1 Message Date
Kijin Sung
877c85ff29 Merge branch 'security/rve-2026-9' 2026-05-11 18:17:46 +09:00
Kijin Sung
a0af01c76a Merge branch 'security/rve-2026-8' 2026-05-11 18:17:41 +09:00
Kijin Sung
aa0f3f0200 Merge branch 'security/rve-2026-7' 2026-05-11 18:17:22 +09:00
Kijin Sung
180aa6f434 Add IP exceptions to login failure counting config 2026-05-11 16:56:48 +09:00
Kijin Sung
20c57fc563 Fix missing query conditions #2699 2026-05-11 15:46:35 +09:00
Kijin Sung
3566a01a0e Fix inconsistency between getDocumentList() and getDocumentPage() when searching #2699 2026-05-11 15:26:56 +09:00
Kijin Sung
e276eb8377 Hide friend option in signup form and member modify page if friend is disabled in communication module #2702 2026-05-08 21:12:23 +09:00
Kijin Sung
f00780ef47 Fix lang code exposure after selecting module in document manage popup 2026-05-08 21:01:12 +09:00
Kijin Sung
501aac23f9 Fix undefined variables and other minor errors 2026-05-07 23:36:47 +09:00
Kijin Sung
536e9154aa Change option name to reflect that it is not recommended 2026-05-07 23:26:04 +09:00
Kijin Sung
38d1a3a585 Always display "allow duplicate nickname" option 2026-05-07 23:22:50 +09:00
Kijin Sung
589b9167c9 Remove link to temporary documents in admin list 2026-05-07 23:21:18 +09:00
Kijin Sung
67a77ff4c8 Add missing return 2026-05-07 22:52:25 +09:00
Kijin Sung
ee32464568 Improve defense against non-array cached value #2705 2026-05-07 21:38:57 +09:00
Kijin Sung
83e2c981ce Fix conflicting pre_conversion types setting in file module config #2707 2026-05-07 21:31:55 +09:00
Kijin Sung
abda55c926 Remove dispLayoutPreview 2026-05-07 17:17:35 +09:00
Kijin Sung
1033cc33a7 Fix undefined variable error in PHP 8 2026-05-07 17:10:14 +09:00
Kijin Sung
0fdbf72e32 Reset default thumbnail target to "attachment", and add warning about using external images 2026-04-30 17:35:01 +09:00
Kijin Sung
9f1a3574c5 Remove SSO 2026-04-29 23:31:29 +09:00
Kijin Sung
453a9bb26a Fix insufficient protection of thumbnail temp file RVE-2026-7 2026-04-29 17:42:45 +09:00
Kijin Sung
e724236681 Set default thumbnail target to "attachment only" 2026-04-29 17:19:21 +09:00
Kijin Sung
045010670b Add triggers before and after category insert/update/delete 2026-04-26 18:30:51 +09:00
Kijin Sung
715daa9a69 Disallow setting allow_message to "F" if friend feature is disabled #2702 2026-04-26 18:13:59 +09:00
Kijin Sung
4090d6f5d7 Hide friend-related options and error messages if friend feature is disabled #2702 2026-04-26 14:55:57 +09:00
Kijin Sung
a92016cf4f Distinguish between vote and blame when setting setPoint() note 2026-04-18 23:30:39 +09:00
Kijin Sung
02ca0450ad Add note when calling setPoint() so that downstream event handlers can tell what the change was for 2026-04-18 23:20:38 +09:00
Kijin Sung
3e4b4a21b3 Fix unnecessary modification of document restored from trash #2697 2026-04-14 23:57:25 +09:00
Kijin Sung
7368773040 Add triggers before/after procMemberCheckValue and procMemberModifyInfo #2698 #2700 2026-04-14 23:36:01 +09:00
Kijin Sung
cc8e256cba Add message after deleting scrap #2694 2026-04-11 20:50:05 +09:00
Kijin Sung
db52c6df4c Fix double-escape of homepage field #2695 2026-04-11 20:46:50 +09:00
Kijin Sung
9eb6931f80 Sort files by regdate in admin list, in case files were imported in arbitrary order 2026-04-05 16:34:52 +09:00
Kijin Sung
2b5620328e Disable login failure notification connected to the wrong configuration item #2691 2026-04-05 16:31:52 +09:00
Kijin Sung
76a6bb56b0 Fix invalid query argument that causes error upon login #2691 2026-04-05 16:26:53 +09:00
Kijin Sung
e30e789586 Actually use modified values from getThumbnail trigger #2693 2026-04-05 16:20:49 +09:00
Kijin Sung
90f1238b23 Use DocumentModel::getBlankDocument() to obtain a dummy document with module_srl in BoardView 2026-03-31 22:28:39 +09:00
Kijin Sung
cbb363671a Add DocumentModel::getBlankDocument() and fix some incorrect return type comments 2026-03-31 22:27:20 +09:00
Kijin Sung
6be98ff58c Simplify RVE-2026-6 patch using R\F\Security::sanitize() 2026-03-31 21:04:39 +09:00
Kijin Sung
ae44685306 Merge branch 'security/rve-2026-6' 2026-03-31 20:51:14 +09:00
Kijin Sung
b7489e6e7b Merge branch 'security/rve-2026-5' 2026-03-31 20:51:11 +09:00
Kijin Sung
f3a08ba8f3 Merge branch 'security/rve-2026-4' 2026-03-31 20:51:08 +09:00
Kijin Sung
ea4f116b4c Merge branch 'security/rve-2026-3' 2026-03-31 20:51:05 +09:00
Kijin Sung
1d8718a256 Remove unused methods in menu module 2026-03-31 20:50:58 +09:00
Kijin Sung
01d65dee7f Fix pre-conversion file size limit applying to admins 2026-03-31 19:54:53 +09:00
Kijin Sung
81b32378ca Support timeouts for ffmpeg and magick commands 
https://rhymix.org/qna/1935749
 2026-03-31 19:53:08 +09:00
Kijin Sung
7c30af23c5 Allow admin to delete comment placeholders from list #967 2026-03-29 16:37:23 +09:00
Kijin Sung
057507d3d7 Fix member extra field being reset to public after editing 2026-03-29 16:23:38 +09:00
Kijin Sung
e61ccf84b8 Always cast module_srl to int when parsing include_modules 2026-03-22 14:59:01 +09:00
Kijin Sung
4ee0699dea Fix RVE-2026-6 possible command injection via magick 2026-03-19 17:50:44 +09:00
Kijin Sung
c906eae5d3 Disallow GET requests to procMemberFindAccount, and add route to procMemberAuthEmailAddress 2026-03-19 17:35:42 +09:00
Kijin Sung
00c9a5316c Fix RVE-2026-5 unconfigured domain in auth email 2026-03-19 17:33:08 +09:00