fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-04 09:11:40 +09:00
Code Issues Projects Releases Packages Wiki Activity
18914 commits 3 branches 212 tags 117 MiB
Commit graph

472 commits

Author SHA1 Message Date
Kijin Sung
a667228f29 Change rhymix.less back to rhymix.scss because the LESS converter seems to be abandoned :( 2022-12-26 00:50:02 +09:00
Kijin Sung
fbda332c0a Update test for contenteditable="false" 2022-12-26 00:20:48 +09:00
Kijin Sung
35a93f3928 Remove code that uses defuse/php-encryption (from next branch) 2022-12-25 19:45:12 +09:00
Kijin Sung
0ed1cfdef7 Support YYYY-MM-DD HH:MM:SS format and ISO 8601 format in zdate(), ztime(), and related functions 2022-12-24 22:57:18 +09:00
Kijin Sung
23a827923e Support timestamp() with customizable format in XML query 2022-12-24 22:38:18 +09:00
Kijin Sung
4cc730e489 Support order_default attribute to <index> tag in XML query 2022-12-18 01:18:55 +09:00
Kijin Sung
928a24fac0 Add polyfills for str_contains(), str_starts_with(), str_ends_with() for PHP < 8.0 2022-12-02 15:45:58 +09:00
Kijin Sung
606989c451 Also support $foo->$bar syntax in cond="" and loop="" syntax 2022-10-31 01:40:40 +09:00
Kijin Sung
2a026a6c86 Allow true/false/yes/no values for autoescape 
템플릿의 <config autoescape="on" /> 문법이 on, off만 지원하기 때문에
흔히 사용하는 true, false, yes, no, Y, N 등의 불리언 값을 입력하면
안전하지 않은 off로 인식하게 됨. 이 경우에도 적절히 처리하도록 변경.
 2022-10-30 22:28:39 +09:00
Kijin Sung
a398c7548d Test more complex syntaxes using some of the filter tests 2022-10-30 21:43:29 +09:00
Kijin Sung
93a7348606 Support $foo->$bar syntax in templates 
기존: $__Context->$__Context->bar 로 변환되어 오작동
개선: $__Context->{$__Context->bar} 로 변환되어 정상 작동되며
      변싱 순서에 따라 이 중괄호가 다시 해석되지는 않음
 2022-10-30 21:41:40 +09:00
Kijin Sung
326f84584a Change MySQL default user from root to rhymix 2022-10-30 18:24:24 +09:00
Kijin Sung
7c918c52ca Add iwinv SMS driver to unit test 2022-10-30 17:37:55 +09:00
Kijin Sung
7f260be361 Remove cafe24 SMS driver from unit test 2022-10-30 17:37:06 +09:00
Kijin Sung
ad86a34833 #2006 add more unit tests for aspect-ratio and object-fit 2022-10-30 13:22:21 +09:00
Kijin Sung
ad23796906 Fix #2003 remove default act from short URL if there are no arguments 2022-10-29 22:06:36 +09:00
Kijin Sung
a44959382e Fux #2006 allow some aspect-ratio values and all valid object-fit values in HTML filter 2022-10-29 21:23:39 +09:00
Kijin Sung
8abe1b1d7d Add option to escape() to keep user lang codes intact #1976 2022-08-15 18:06:26 +09:00
Kijin Sung
58d369cc31 Improve unit tests for default and blacklisted plugins 2022-08-06 13:31:02 +09:00
Kijin Sung
099d8397c9 Prevent path conversion of data: URL in <img> tag 2022-07-11 21:55:09 +09:00
Kijin Sung
8b611e9d08 Add more tests for table alias handling (#1956 보완) 2022-07-03 17:49:19 +09:00
dewekk
293f6eb326 Fix unit test 2022-06-02 17:40:09 +09:00
dewekk
e0514110af Revert "Fix unit test" 
This reverts commit 8d7a467efa.
 2022-06-02 17:12:52 +09:00
dewekk
8d7a467efa
Fix unit test 2022-05-31 11:14:04 +09:00
Kijin Sung
3260d90d18 Fix relative path used in unit tests 2022-03-15 02:56:04 +09:00
Kijin Sung
f373e38d6d Fix #1893 duplicate function call when loop="" template syntax is used 2022-03-14 01:53:27 +09:00
Kijin Sung
70cfe24cdd Use $this->user instead of $logged_info more consistently #1866 2022-02-04 01:19:30 +09:00
Kijin Sung
cb9f3dd1db Fix #1868 incorrect parsing of CSS/SCSS import containing special characters 2022-02-03 14:28:25 +09:00
Kijin Sung
0a14aaa3ba Fix codeception throwing wrong class of exception in PHP 8.0 2022-01-25 15:18:09 +09:00
Kijin Sung
7f6e020d97 PROPERLY fix null value handling in both read and write queries 2022-01-25 14:54:17 +09:00
Kijin Sung
7f5f67992d Revert "Fix incorrect querystring when comparing column against null value" 
This reverts commit a6f771c155.
 2022-01-25 14:15:08 +09:00
Kijin Sung
a6f771c155 Fix incorrect querystring when comparing column against null value 2022-01-20 16:37:12 +09:00
YJSoft
34f76a79d7 Fix #1811 Add chromium edge detection to getBrowserInfo 2021-10-15 14:03:39 +09:00
Kijin Sung
1c28254902 Move image URL cleaning function to HTMLFilter #1787 2021-09-11 19:47:04 +09:00
Kijin Sung
602d7aec79 Fix #1787 convert image URLs to absolute path when sending mail 2021-09-11 00:13:20 +09:00
Kijin Sung
f7146a4791 Fix #1778 support multi-column unique indexes using legacy syntax 2021-08-26 00:44:13 +09:00
Kijin Sung
7b568d342b Adjust test cases for pre-1961 Korean dates 2021-08-03 21:10:07 +09:00
Kijin Sung
9088326d66 Add unit tests for ce76501f2 2021-08-03 20:56:26 +09:00
Kijin Sung
d78ba8c77c Fix #1734 out-of-order loading of external CSS resource 2021-07-01 14:36:35 +09:00
Kijin Sung
c35d17c47e Fix #1712 merge iframe whitelist and object/embed whitelist 2021-06-19 20:59:36 +09:00
Kijin Sung
6a4d3d912c Fix #1706 support default="null" in XML query parser 2021-06-19 20:26:09 +09:00
Kijin Sung
b01a148675 Fix #1729 @import of external URL in concatenated CSS 2021-06-19 19:39:57 +09:00
Kijin Sung
1c47785276 Support contenteditable="false" (fix #1710) 2021-05-14 23:14:28 +09:00
Kijin Sung
bd075ee409 Add getBodyClassList() and removeBodyClass() methods to Context 
https://xetown.com/questions/1569477
 2021-05-14 22:40:38 +09:00
Kijin Sung
741a714abd Set standalone attribute to 'auto' if new class syntax is used in module.xml 
- 새로 추가된 클래스 문법 사용시 standalone 속성 기본값은 true가 아닌 auto로 지정

- standalone 속성의 의미는 아래와 같음
  - true: 항상 접근 허용 (기존 방식으로 선언한 액션의 기본값)
  - false: mid가 소속 모듈과 일치하거나, admin 모듈인 경우에만 접근 허용
  - auto: module 또는 mid가 소속 모듈과 일치하거나, admin 모듈인 경우에만 접근 허용
    (즉, false와 비슷하지만 exec_json 함수 등에서 module+act로 호출하는 경우에는
    mid가 없더라도 module만 일치하면 호출할 수 있도록 허용하여 개발 편의를 높임)

- 단, global_route 속성이 있는 경우 standalone 속성 기본값은 true임
  (전역 짧은주소는 mid 없이 호출될 수밖에 없으므로)
 2021-04-20 21:45:21 +09:00
Kijin Sung
06f23f3b3b Update unit tests for 73695ccd 2021-04-12 22:23:34 +09:00
Kijin Sung
72e7532764 Fix compatibility with PBKDF2 hashes with iteration counts that are not zero-padded 2021-03-14 00:26:15 +09:00
Kijin Sung
715e8d781c Clean up references to travis in all tests 2021-03-12 20:53:40 +09:00
Kijin Sung
c5aaf45c24 Add unit test for list_count = 0 2021-02-26 21:58:38 +09:00
Kijin Sung
e423cba24d Use Origin header before Referer to check CSRF 
OWASP에서는 Referer 헤더보다 Origin 헤더를 먼저 체크하는 것을 권장합니다.
Referer가 비어 있는 경우에도 Origin 헤더에는 유용한 정보가 들어 있을 수 있기 때문입니다.

https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html
 2021-02-23 16:51:46 +09:00