fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-04 09:11:40 +09:00
Code Issues Projects Releases Packages Wiki Activity
18914 commits 3 branches 212 tags 117 MiB
Commit graph

2660 commits

Author SHA1 Message Date
Kijin Sung
60fd7d7cf2 Move cacert.pem loader to autoload.php 2022-12-26 02:36:44 +09:00
Kijin Sung
a07307d343 Change autoloader to support case-sensitive class files + fix lang path for namespaced modules 2022-12-26 02:30:59 +09:00
Kijin Sung
426a971c6c Remove $relax_key_checks because we are no longer using Flash uploader 2022-12-26 01:08:04 +09:00
Kijin Sung
9d3b5924e9 Convert DB class into an alias of Rhymix\Framework\DB, instead of extending it 2022-12-26 01:00:25 +09:00
Kijin Sung
07c809a9ef Use compoer/ca-bundle instead of using our own cacert.pem 2022-12-26 00:57:50 +09:00
Kijin Sung
a667228f29 Change rhymix.less back to rhymix.scss because the LESS converter seems to be abandoned :( 2022-12-26 00:50:02 +09:00
Kijin Sung
1c10981113 Remove Object alias for BaseObject 2022-12-23 02:04:11 +09:00
Kijin Sung
270f84abe9 Separate image rotation check into its own method in FileHandler 2022-12-20 19:17:43 +09:00
Kijin Sung
b1b25cac40 Fix #95 #626 #853 #1278 display login form if board action is not permitted and the user is not logged in 2022-12-19 20:41:36 +09:00
Kijin Sung
762e7bf557 Fix #2046 empty value in edit form when '0' is entered into extravar field 2022-12-17 23:34:28 +09:00
Kijin Sung
117ae626b9 Fix #2041 don't replace lang codes in member menu until module init 2022-12-15 23:45:19 +09:00
Kijin Sung
b83c5c4b2c Remove unnecessary unset() 2022-12-15 23:37:35 +09:00
Kijin Sung
422771883d #2039 보완: 코딩 규칙 관련 수정, 지저분한 주석 정리 2022-12-15 23:00:59 +09:00
Kijin Sung
11df9cf9ad
Merge pull request #2039 from nemo9l/improve/page-handler-compatible-with-iterator 
PageHandler의 Iterator 구현
 2022-12-15 22:56:20 +09:00
Kijin Sung
0fafb1cf6b #2025 좀더 근본적인 해결: 모듈 autoload시 lang파일 자동 로딩하도록 변경 2022-12-15 22:52:00 +09:00
Ji Yong, Kim
65cd1265c9 Make PageHandler to implement Iterator 2022-12-10 04:24:11 +09:00
Kijin Sung
72c2b93790 Fix #2011 #2012 convert lang path before calling pathinfo() 2022-11-07 01:45:32 +09:00
Kijin Sung
606989c451 Also support $foo->$bar syntax in cond="" and loop="" syntax 2022-10-31 01:40:40 +09:00
Kijin Sung
2a026a6c86 Allow true/false/yes/no values for autoescape 
템플릿의 <config autoescape="on" /> 문법이 on, off만 지원하기 때문에
흔히 사용하는 true, false, yes, no, Y, N 등의 불리언 값을 입력하면
안전하지 않은 off로 인식하게 됨. 이 경우에도 적절히 처리하도록 변경.
 2022-10-30 22:28:39 +09:00
Kijin Sung
93a7348606 Support $foo->$bar syntax in templates 
기존: $__Context->$__Context->bar 로 변환되어 오작동
개선: $__Context->{$__Context->bar} 로 변환되어 정상 작동되며
      변싱 순서에 따라 이 중괄호가 다시 해석되지는 않음
 2022-10-30 21:41:40 +09:00
Kijin Sung
dca06a778d Support {$lang_type} and {$device_type} variables in plugin.load 2022-10-30 17:08:01 +09:00
Kijin Sung
d2347d4208 Add template & scss syntax to refer to absolute paths within Rhymix installation directory 
템플릿을 인클루드하거나 CSS, JS 등을 로딩할 때 다른 경로에 있는 파일을 상대경로로 참조하려고 하면
../../../../../layouts/path/to/target/asset.scss 처럼 상당히 많이 거슬러 올라가야 하는 경우가 있습니다.
이 때 맨 앞에 ^를 붙여 ^/layouts/path/to/target/asset.scss 라고 마치 절대경로처럼 쓰면
라이믹스 설치 경로 기준으로 (서브폴더에 설치한 경우 포함) 자동으로 변환하도록 하는 패치입니다.
즉 ^ 문자를 넣은 부분이 라이믹스 설치 경로로 치환된다고 보면 됩니다.

지원되는 곳:
  - <include target="^/path/to/file.html" />
  - <load target="^/path/to/file.css" />
  - <load target="^/path/to/file.js" />
  - SCSS에서 @import "^/path/to/file.scss";
 2022-10-13 14:57:24 +09:00
Kijin Sung
fd421c86fc Add more error codes in critical code paths in Context and ModuleHandler 2022-10-13 00:34:23 +09:00
Kijin Sung
e4e252c1b4 Add more detailed ERR_* error codes to common error messages 
가장 많이 발생하는 '잘못된 요청입니다', '보안정책상 허용되지 않습니다'
오류에 좀더 구체적인 ERR_* 코드를 추가하여 디버깅 편의 개선
 2022-10-13 00:23:20 +09:00
Kijin Sung
af92484221 Revert "Fix PHP 8.x error when getUrl() is called with weird parameters" 
This reverts commit 3adcbb3528.
 2022-09-13 19:49:52 +09:00
Kijin Sung
3adcbb3528 Fix PHP 8.x error when getUrl() is called with weird parameters 2022-09-05 16:28:33 +09:00
Kijin Sung
83e4b763ce Merge branch 'security/document-module-check' into develop 2022-08-16 08:55:44 +09:00
Kijin Sung
e8f5c04df6
Merge pull request #1980 from bjrambo/pr/colorset- 
관리자 페이지에서 사이트의 컬러 설정이 안먹는 문제 고침
 2022-08-11 00:12:35 +09:00
Kijin Sung
e33a071f3e Add authoritative list of default plugins #1967 2022-08-06 13:30:48 +09:00
Kijin Sung
fa64ad3600 Fix RVE-2022-4 missing check for document module 2022-08-02 08:27:32 +09:00
Johnny
6a47800917 관리자 페이지에서 사이트의 컬러 설정이 안먹는 문제 고침 2022-07-26 07:54:49 +09:00
Kijin Sung
1e27bae404 Fix not recognizing CSRF token submitted as part of JSON body 2022-07-25 14:05:01 +09:00
Kijin Sung
099d8397c9 Prevent path conversion of data: URL in <img> tag 2022-07-11 21:55:09 +09:00
Kijin Sung
ba0e0f07d1 Fix #1970 invalid default value for extravar of 'date' type 2022-07-04 22:10:56 +09:00
Kijin Sung
6e3c9a7c0e Merge branch 'security/pollskin' into develop 2022-07-04 00:46:36 +09:00
Kijin Sung
59a1215c87 Fix #1934 add 'default' option to domain timezone 2022-07-03 01:03:00 +09:00
Kijin Sung
a5f056284c Fix #1936 don't convert date-only timestamps in extra vars and member birthday column 2022-07-03 00:45:35 +09:00
Kijin Sung
e258cf7525 Fix #1926 add @charset UTF-8 to beginning of concatenated CSS file 2022-07-02 23:55:45 +09:00
Kijin Sung
1c33529377 RVE-2022-3 filter tpl_path in TemplateHandler class 
- $tpl_path에 템플릿 문법으로 오인할 수 있는 특수문자가 포함된 경우 삭제
- path traversal은 여기에서 방어하지 않음
 2022-06-29 15:36:23 +09:00
Kijin Sung
0f3f3a6bfa Prevent deprecation warning about dynamic properties in PHP 8.2 2022-06-27 16:18:10 +09:00
Kijin Sung
a823d604de Fix #1905 array to string conversion in Extravar.class.php 2022-04-25 02:21:40 +09:00
dewekk
3de0a17170
날짜 확장변수에서 자동 완성 기능과 겹치는 문제 수정 2022-04-18 15:41:41 +09:00
Kijin Sung
5e2d517296 Fix incorrect parsing of JSON request body containing multiple levels of objects 2022-03-28 15:33:21 +09:00
Kijin Sung
65dd68f9f3 Merge branch 'security/opage' into develop 2022-03-16 10:29:43 +09:00
Kijin Sung
9ce7593820 Fix error when loading external page in document root folder 2022-03-16 00:54:10 +09:00
Kijin Sung
b91fb3ee7a Fix error when using a namespaced module with forwarded action from another module 2022-03-15 16:42:06 +09:00
Kijin Sung
f373e38d6d Fix #1893 duplicate function call when loop="" template syntax is used 2022-03-14 01:53:27 +09:00
conory
34c46a08c6 Correct the URL regex 2022-02-21 21:11:42 +09:00
Kijin Sung
0c31234e09 Fix isset(), unset() and empty() not working in template syntax 2022-02-16 13:15:31 +09:00
Kijin Sung
7e82d37cfa Fix PHP warnings due to unitiated variables #1866 thanks to @Erictoby 2022-02-04 01:41:56 +09:00