fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-06-10 13:47:14 +09:00
Code Issues Projects Releases Packages Wiki Activity

Commit graph

  • e152f25ec4 refactor some ncenterlite files master Lastorder-DC 2026-05-28 19:41:12 +09:00
  • 1eab5cdfab
         Merge branch 'rhymix:master' into master Lastorder 2026-05-12 14:16:40 +09:00
  • b7b1a6e5fc Version 2.1.33 Kijin Sung 2026-05-12 11:43:00 +09:00
  • eb925d9d28 Merge branch 'security/rve-2026-12' Kijin Sung 2026-05-11 18:17:55 +09:00
  • 8f5c947359 Merge branch 'security/rve-2026-11' Kijin Sung 2026-05-11 18:17:53 +09:00
  • 899a184527 Merge branch 'security/rve-2026-10' Kijin Sung 2026-05-11 18:17:50 +09:00
  • 877c85ff29 Merge branch 'security/rve-2026-9' Kijin Sung 2026-05-11 18:17:46 +09:00
  • a0af01c76a Merge branch 'security/rve-2026-8' Kijin Sung 2026-05-11 18:17:41 +09:00
  • aa0f3f0200 Merge branch 'security/rve-2026-7' Kijin Sung 2026-05-11 18:17:22 +09:00
  • 180aa6f434 Add IP exceptions to login failure counting config Kijin Sung 2026-05-11 16:56:48 +09:00
  • 20c57fc563 Fix missing query conditions #2699 Kijin Sung 2026-05-11 15:46:35 +09:00
  • 3566a01a0e Fix inconsistency between getDocumentList() and getDocumentPage() when searching #2699 Kijin Sung 2026-05-11 15:26:56 +09:00
  • e276eb8377 Hide friend option in signup form and member modify page if friend is disabled in communication module #2702 Kijin Sung 2026-05-08 21:12:23 +09:00
  • f00780ef47 Fix lang code exposure after selecting module in document manage popup Kijin Sung 2026-05-08 21:01:12 +09:00
  • 501aac23f9 Fix undefined variables and other minor errors Kijin Sung 2026-05-07 23:36:47 +09:00
  • 536e9154aa Change option name to reflect that it is not recommended Kijin Sung 2026-05-07 23:26:04 +09:00
  • 38d1a3a585 Always display "allow duplicate nickname" option Kijin Sung 2026-05-07 23:22:50 +09:00
  • 589b9167c9 Remove link to temporary documents in admin list Kijin Sung 2026-05-07 23:21:18 +09:00
  • 71b11c769d Fix incorrect error location when R\F\Exception is thrown from inside an event handler Kijin Sung 2026-05-07 23:07:36 +09:00
  • 67a77ff4c8 Add missing return Kijin Sung 2026-05-07 22:52:25 +09:00
  • ee32464568 Improve defense against non-array cached value #2705 Kijin Sung 2026-05-07 21:38:57 +09:00
  • 83e2c981ce Fix conflicting pre_conversion types setting in file module config #2707 Kijin Sung 2026-05-07 21:31:55 +09:00
  • c2e38044a4 Fix RVE-2026-12 unauthorized file deletion Kijin Sung 2026-05-07 20:29:06 +09:00
  • 93c8fa3d7d Fix RVE-2026-11 XSS in Photoswipe addon Kijin Sung 2026-05-07 20:20:27 +09:00
  • abda55c926 Remove dispLayoutPreview Kijin Sung 2026-05-07 17:17:35 +09:00
  • 1033cc33a7 Fix undefined variable error in PHP 8 Kijin Sung 2026-05-07 17:10:14 +09:00
  • bde08b1480 Only check path recursively if its realpath is different Kijin Sung 2026-05-04 13:03:25 +09:00
  • 019950c8a8 Prevent unnecessary double cookie refresh when logging in as admin Kijin Sung 2026-04-30 23:13:05 +09:00
  • 7f1a61fb83 Clean up session refresh handling (dedicated timer, don't refresh in non-GET request, etc.) Kijin Sung 2026-04-30 23:00:55 +09:00
  • f438a91cd6 Treat samesite attribute as a string, not integer Kijin Sung 2026-04-30 22:44:14 +09:00
  • 0fdbf72e32 Reset default thumbnail target to "attachment", and add warning about using external images Kijin Sung 2026-04-30 17:35:01 +09:00
  • 9f1a3574c5 Remove SSO Kijin Sung 2026-04-29 23:31:29 +09:00
  • 8cfd66713c Refresh session when accessing admin page Kijin Sung 2026-04-29 23:25:17 +09:00
  • 1511693cf6 Regenerate session ID upon login and peridically RVE-2026-8 Kijin Sung 2026-04-29 23:12:02 +09:00
  • 6392fa8f9b Protect more directories in external page path RVE-2026-10 Kijin Sung 2026-04-29 18:06:24 +09:00
  • 109949c8a1 Fix insufficient escape in autolink addon RVE-2026-9 Kijin Sung 2026-04-29 17:51:02 +09:00
  • 453a9bb26a Fix insufficient protection of thumbnail temp file RVE-2026-7 Kijin Sung 2026-04-29 17:42:45 +09:00
  • d609d36ac6 Add Storage::protectDirectory() to place .htaccess and index.html files in a directory Kijin Sung 2026-04-29 17:38:56 +09:00
  • e724236681 Set default thumbnail target to "attachment only" Kijin Sung 2026-04-29 17:19:21 +09:00
  • 045010670b Add triggers before and after category insert/update/delete Kijin Sung 2026-04-26 18:30:51 +09:00
  • c66daf6507 Be more strict about skipping embedded SVG checks #2703 Kijin Sung 2026-04-26 18:18:40 +09:00
  • 715daa9a69 Disallow setting allow_message to "F" if friend feature is disabled #2702 Kijin Sung 2026-04-26 18:13:59 +09:00
  • 4090d6f5d7 Hide friend-related options and error messages if friend feature is disabled #2702 Kijin Sung 2026-04-26 14:55:57 +09:00
  • f9119c8ba3 Fix incorrect detection of ChatGPT-generated PNG as dangerous SVG #2703 Kijin Sung 2026-04-26 14:47:52 +09:00
  • 74f1f8a1ba
         Merge branch 'rhymix:master' into master Lastorder 2026-04-22 16:39:39 +09:00
  • a92016cf4f Distinguish between vote and blame when setting setPoint() note Kijin Sung 2026-04-18 23:30:39 +09:00
  • 02ca0450ad Add note when calling setPoint() so that downstream event handlers can tell what the change was for Kijin Sung 2026-04-18 23:20:38 +09:00
  • 3e4b4a21b3 Fix unnecessary modification of document restored from trash #2697 Kijin Sung 2026-04-14 23:57:25 +09:00
  • 7368773040 Add triggers before/after procMemberCheckValue and procMemberModifyInfo #2698 #2700 Kijin Sung 2026-04-14 23:36:01 +09:00
  • cc8e256cba Add message after deleting scrap #2694 Kijin Sung 2026-04-11 20:50:05 +09:00
  • db52c6df4c Fix double-escape of homepage field #2695 Kijin Sung 2026-04-11 20:46:50 +09:00
  • 25a0ecaeca
         Merge branch 'rhymix:master' into master Lastorder 2026-04-07 06:16:05 +09:00
  • 9eb6931f80 Sort files by regdate in admin list, in case files were imported in arbitrary order Kijin Sung 2026-04-05 16:34:52 +09:00
  • 2b5620328e Disable login failure notification connected to the wrong configuration item #2691 Kijin Sung 2026-04-05 16:31:45 +09:00
  • 76a6bb56b0 Fix invalid query argument that causes error upon login #2691 Kijin Sung 2026-04-05 16:26:53 +09:00
  • e30e789586 Actually use modified values from getThumbnail trigger #2693 Kijin Sung 2026-04-05 16:20:49 +09:00
  • 85f9c4d031 Merge branch 'master' of github.com:Lastorder-DC/rhymix Lastorder-DC 2026-04-01 12:04:44 +09:00
  • add448db7b MemberController::getInstance Lastorder-DC 2026-04-01 12:04:30 +09:00
  • dd8fc890f4
         Merge branch 'rhymix:master' into master Lastorder 2026-04-01 12:04:22 +09:00
  • bdeffb61a5 추천버그 수정 Lastorder-DC 2026-04-01 12:04:06 +09:00
  • 530464289a Version 2.1.32 Kijin Sung 2026-04-01 10:54:41 +09:00
  • 90f1238b23 Use DocumentModel::getBlankDocument() to obtain a dummy document with module_srl in BoardView Kijin Sung 2026-03-31 22:28:39 +09:00
  • cbb363671a Add DocumentModel::getBlankDocument() and fix some incorrect return type comments Kijin Sung 2026-03-31 22:27:20 +09:00
  • 99d6182f89 Update actions/checkout to v5 because github is deprecating node.js 20 Kijin Sung 2026-03-31 21:08:40 +09:00
  • 6be98ff58c Simplify RVE-2026-6 patch using R\F\Security::sanitize() Kijin Sung 2026-03-31 21:04:39 +09:00
  • b1f84365a5 Add 'command' type to R\F\Security::sanitize() Kijin Sung 2026-03-31 21:02:33 +09:00
  • ae44685306 Merge branch 'security/rve-2026-6' Kijin Sung 2026-03-31 20:51:14 +09:00
  • b7489e6e7b Merge branch 'security/rve-2026-5' Kijin Sung 2026-03-31 20:51:11 +09:00
  • f3a08ba8f3 Merge branch 'security/rve-2026-4' Kijin Sung 2026-03-31 20:51:08 +09:00
  • ea4f116b4c Merge branch 'security/rve-2026-3' Kijin Sung 2026-03-31 20:51:05 +09:00
  • 1d8718a256 Remove unused methods in menu module Kijin Sung 2026-03-31 20:50:58 +09:00
  • 01d65dee7f Fix pre-conversion file size limit applying to admins Kijin Sung 2026-03-31 19:54:53 +09:00
  • 81b32378ca Support timeouts for ffmpeg and magick commands Kijin Sung 2026-03-31 19:53:08 +09:00
  • ba49fe7b70 Fix warnings when migrating XE config to Rhymix format Kijin Sung 2026-03-31 19:30:09 +09:00
  • 7c30af23c5 Allow admin to delete comment placeholders from list #967 Kijin Sung 2026-03-29 16:37:23 +09:00
  • 5c858806b2 Treat comma as a regular character when parsing search string #2687 Kijin Sung 2026-03-29 16:26:10 +09:00
  • 057507d3d7 Fix member extra field being reset to public after editing Kijin Sung 2026-03-29 16:23:38 +09:00
  • 7a3d759e62 Fix undefined property when XML query has <navigation> without <page_count> #2688 Kijin Sung 2026-03-22 15:17:50 +09:00
  • 63d2582c8e Fix invalid query when search contains zero conditions #2687 Kijin Sung 2026-03-22 15:09:45 +09:00
  • e61ccf84b8 Always cast module_srl to int when parsing include_modules Kijin Sung 2026-03-22 14:59:01 +09:00
  • 4ee0699dea Fix RVE-2026-6 possible command injection via magick Kijin Sung 2026-03-19 17:50:44 +09:00
  • c906eae5d3 Disallow GET requests to procMemberFindAccount, and add route to procMemberAuthEmailAddress Kijin Sung 2026-03-19 17:35:42 +09:00
  • 00c9a5316c Fix RVE-2026-5 unconfigured domain in auth email Kijin Sung 2026-03-19 17:33:08 +09:00
  • 94008fbe9b Allow larger images/videos to be uploaded if they are going to be converted Kijin Sung 2026-03-10 19:45:38 +09:00
  • 44cf008ac7 Allow setting list_count in various admin list pages #2549 Kijin Sung 2026-03-10 13:32:42 +09:00
  • 8901cb6e36 Fix duplicate message content when document is moved #2686 Kijin Sung 2026-03-09 21:28:51 +09:00
  • 3ca12cca6f Always set correct module_srl, even on empty documents Kijin Sung 2026-03-09 20:34:34 +09:00
  • 8b8dc99431 Replace $oDocument with empty DocumentItem if access is not allowed Kijin Sung 2026-03-09 20:29:59 +09:00
  • 4fe87edd1d Don't call API class if HTTP status code is 4xx or 5xx Kijin Sung 2026-03-09 20:29:18 +09:00
  • a03c33381f Fix error when updating a document with a required file #2685 Kijin Sung 2026-03-04 18:51:15 +09:00
  • bf0899973a Fix missing validation of xe_run_method Kijin Sung 2026-03-03 18:07:56 +09:00
  • cdc713301f Prevent saving layout HTML/CSS if it was not previously edited Kijin Sung 2026-03-03 18:02:42 +09:00
  • 48a5278a8e Fanbinit 0302 Lastorder-DC 2026-03-02 13:23:56 +09:00
  • fc0e8a9843
         Add admin login-as (impersonate) feature to member admin list (#4) Copilot 2026-03-02 13:17:40 +09:00
  • 4b32a2fc37 Allow login-as for admin members, protect only super admin (member_srl=4) copilot/add-force-login-feature copilot-swe-agent[bot] 2026-03-02 04:11:36 +00:00
  • d6486a0415 Add admin login-as feature to member admin list copilot-swe-agent[bot] 2026-03-02 04:10:30 +00:00
  • 0a5bbef276 Initial plan copilot-swe-agent[bot] 2026-03-02 04:06:01 +00:00
  • fdb1f8269b
         Merge branch 'rhymix:master' into master Lastorder 2026-03-02 13:04:15 +09:00
  • cdb520d2b1 Preserve module_srl after managing document #2683 Kijin Sung 2026-03-01 23:32:39 +09:00
  • 2392b923b0 Fix reference to potentially undefined config variable Kijin Sung 2026-02-27 20:51:30 +09:00