1
0
Fork 0
mirror of https://github.com/sbrl/Pepperminty-Wiki.git synced 2024-12-22 13:45:02 +00:00

Merge pull request #182 from SeanFromIT/v0.20-hotfixes

patching a PHP 7.3.11 issue and double dot in file uploads
This commit is contained in:
Starbeamrainbowlabs 2020-04-18 12:37:59 +01:00 committed by GitHub
commit 7216a50659
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 32 additions and 35 deletions

View file

@ -13,8 +13,8 @@ register_module([
* @apiGroup Upload
* @apiPermission User
*
* @apiParam {boolean} avatar Optional. If true then a special page to upload your avatar is displayed instead.
*/
* @apiParam {bool} avatar Optional. If true then a special page to upload your avatar is displayed instead.
*/
/**
* @api {post} ?action=upload Upload a file
@ -25,7 +25,7 @@ register_module([
* @apiParam {string} name The name of the file to upload.
* @apiParam {string} description A description of the file.
* @apiParam {file} file The file to upload.
* @apiParam {boolean} avatar Whether this upload should be uploaded as the current user's avatar. If specified, any filenames provided will be ignored.
* @apiParam {bool} avatar Whether this upload should be uploaded as the current user's avatar. If specified, any filenames provided will be ignored.
*
* @apiUse UserNotLoggedInError
* @apiError UploadsDisabledError Uploads are currently disabled in the wiki's settings.
@ -99,7 +99,7 @@ register_module([
break;
case "POST":
// Recieve file
// Receive file
if(!$settings->editing) {
exit(page_renderer::render_main("Upload failed - $settings->sitename", "<p>Your upload couldn't be processed because editing is currently disabled on $settings->sitename. Please contact $settings->admindetails_name, $settings->sitename's administrator for more information - their contact details can be found at the bottom of this page. <a href='index.php'>Go back to the main page</a>."));
@ -194,7 +194,7 @@ register_module([
// The path to the place (relative to the wiki data root)
// that we're actually going to store the uploaded file itself
$new_filename = "$paths->upload_file_prefix$target_name.$file_extension";
$new_filename = "$paths->upload_file_prefix$target_name$file_extension";
// The path (relative, as before) to the description file
$new_description_filename = "$new_filename.md";
@ -354,11 +354,8 @@ register_module([
$allheaders = getallheaders();
$allheaders = array_change_key_case($allheaders, CASE_LOWER);
if(!isset($allheaders["if-none-match"]))
{
header("etag: $preview_etag");
}
else
{
else {
if($allheaders["if-none-match"] === $preview_etag)
{
http_response_code(304);

View file

@ -193,7 +193,7 @@ function do_password_hash_code_update() {
global $settings, $paths;
// There's no point if we're using Argon2i, as it doesn't take a cost
if(hash_password_properties()["algorithm"] == PASSWORD_ARGON2I)
if(defined("PASSWORD_ARGON2I") && hash_password_properties()["algorithm"] == PASSWORD_ARGON2I)
return;
// Skip rechecking if the automatic check has been disabled