mirror of
https://github.com/sbrl/Pepperminty-Wiki.git
synced 2024-12-22 13:45:02 +00:00
Merge pull request #182 from SeanFromIT/v0.20-hotfixes
patching a PHP 7.3.11 issue and double dot in file uploads
This commit is contained in:
commit
7216a50659
2 changed files with 32 additions and 35 deletions
|
@ -13,8 +13,8 @@ register_module([
|
|||
* @apiGroup Upload
|
||||
* @apiPermission User
|
||||
*
|
||||
* @apiParam {boolean} avatar Optional. If true then a special page to upload your avatar is displayed instead.
|
||||
*/
|
||||
* @apiParam {bool} avatar Optional. If true then a special page to upload your avatar is displayed instead.
|
||||
*/
|
||||
|
||||
/**
|
||||
* @api {post} ?action=upload Upload a file
|
||||
|
@ -25,7 +25,7 @@ register_module([
|
|||
* @apiParam {string} name The name of the file to upload.
|
||||
* @apiParam {string} description A description of the file.
|
||||
* @apiParam {file} file The file to upload.
|
||||
* @apiParam {boolean} avatar Whether this upload should be uploaded as the current user's avatar. If specified, any filenames provided will be ignored.
|
||||
* @apiParam {bool} avatar Whether this upload should be uploaded as the current user's avatar. If specified, any filenames provided will be ignored.
|
||||
*
|
||||
* @apiUse UserNotLoggedInError
|
||||
* @apiError UploadsDisabledError Uploads are currently disabled in the wiki's settings.
|
||||
|
@ -99,7 +99,7 @@ register_module([
|
|||
break;
|
||||
|
||||
case "POST":
|
||||
// Recieve file
|
||||
// Receive file
|
||||
|
||||
if(!$settings->editing) {
|
||||
exit(page_renderer::render_main("Upload failed - $settings->sitename", "<p>Your upload couldn't be processed because editing is currently disabled on $settings->sitename. Please contact $settings->admindetails_name, $settings->sitename's administrator for more information - their contact details can be found at the bottom of this page. <a href='index.php'>Go back to the main page</a>."));
|
||||
|
@ -194,7 +194,7 @@ register_module([
|
|||
|
||||
// The path to the place (relative to the wiki data root)
|
||||
// that we're actually going to store the uploaded file itself
|
||||
$new_filename = "$paths->upload_file_prefix$target_name.$file_extension";
|
||||
$new_filename = "$paths->upload_file_prefix$target_name$file_extension";
|
||||
// The path (relative, as before) to the description file
|
||||
$new_description_filename = "$new_filename.md";
|
||||
|
||||
|
@ -354,11 +354,8 @@ register_module([
|
|||
$allheaders = getallheaders();
|
||||
$allheaders = array_change_key_case($allheaders, CASE_LOWER);
|
||||
if(!isset($allheaders["if-none-match"]))
|
||||
{
|
||||
header("etag: $preview_etag");
|
||||
}
|
||||
else
|
||||
{
|
||||
else {
|
||||
if($allheaders["if-none-match"] === $preview_etag)
|
||||
{
|
||||
http_response_code(304);
|
||||
|
|
|
@ -193,7 +193,7 @@ function do_password_hash_code_update() {
|
|||
global $settings, $paths;
|
||||
|
||||
// There's no point if we're using Argon2i, as it doesn't take a cost
|
||||
if(hash_password_properties()["algorithm"] == PASSWORD_ARGON2I)
|
||||
if(defined("PASSWORD_ARGON2I") && hash_password_properties()["algorithm"] == PASSWORD_ARGON2I)
|
||||
return;
|
||||
|
||||
// Skip rechecking if the automatic check has been disabled
|
||||
|
|
Loading…
Reference in a new issue