80f77a93b5
feature-comments: fix potential XSS
2021-09-02 22:50:00 +01:00
51be347000
action-protect: fix
2021-09-02 22:29:39 +01:00
d5ef65ce01
Update changelog
2021-09-02 21:35:12 +01:00
e0f65c2e65
action-hash: fix potential XSS in string GET param
2021-09-02 21:27:26 +01:00
b6fc5941b7
feature-watchlist: fix format GET parameter
2021-09-02 21:23:31 +01:00
4fdbd9a427
Update changelog
2021-09-02 21:22:03 +01:00
96546184dc
Implement simple slugify function
...
I suspect I may have to fix a number of issues here.....
2021-09-02 21:19:31 +01:00
473e8e1fc9
Update changelog
2021-09-02 21:08:53 +01:00
0a77065c3f
Bugfix: Fix stored XSS attack - ref CVE-2021-38600
...
See https://github.com/hmaverickadams/CVE-2021-38600
For some reason the author did not think ti wise to let me know
privately first - instead publicly announcing it via a GitHub repo.....
sigh.
In addition, is this *really* a vulnerability? Since Pepperminty Wiki
requires the site secret to set it up, I can't see that this has a real
impact.
Still, I'll fix it anyway.....
2021-09-02 20:54:06 +01:00
fab1b52882
Bugfix: fix error handling logic
2021-08-15 21:46:19 +01:00
ba70f74a96
Added automatic system requirements indicator to first run
2021-08-06 01:50:08 +01:00
e7b3f5e0d0
feature-upload: add function / class existence checks where functions from php extensions are required
2021-08-06 01:49:59 +01:00
fb9eec2d33
Fix & improve sidebar
2021-07-21 00:44:31 +01:00
83012a1416
Prefix default value of logo_url with https:
...
...apparently some browsers don't see //example.com as a valid URL
2021-07-21 00:19:26 +01:00
86206195b6
Fix crash when using the search bar in recent versions of php
2021-07-20 23:54:56 +01:00
440b4e9cda
Add sidebar_show to the settings GUI & the configuration guide
2021-07-20 23:22:44 +01:00
2e54a8a4d5
Improve resilience and error output if the PHP Zip extension is not installed on first run
2021-07-20 23:15:48 +01:00
03c7d941e6
fix changelog
2021-04-11 21:49:44 +01:00
26f5838ce0
Add experimental [display text](./Page Name.md) style internal links
...
This is transparently handled by a wrapper around inlineLink, which
conditionally bails by returning the parent if parsing fails. It then
~~ab~~uses inlineInternalLink to provide proper internal link support.
Fixes #190 .
2021-04-11 21:47:41 +01:00
77880d9410
search: properly apply weightings in titlels and tags
2021-02-10 22:17:38 +00:00
b2a783e903
core: Support setting page through either GET or POST
...
Fixes #217 .
2020-11-20 21:25:47 +00:00
d29b87eb6d
Make the statistic update system more resilient
2020-11-20 21:13:31 +00:00
880c9e3796
Send x-robots-tag: noindex,nofollow
with the login page
...
SemrushBot, you better obey this one
2020-10-26 18:59:53 +00:00
e0d5d72f08
Update changelog
2020-10-26 18:28:52 +00:00
7dd9bd74c4
Add support for creating pages whose name is not yet known - fixes #194
2020-10-25 22:50:03 +00:00
73f909141d
configuration guide: update to include count of how many settings we have so far
...
...we've got 114 settings so far - pretty awesome! Also a challenge to
navigate to find the right one that you want, though..... I'm open to
suggestions (and contributions :P).
2020-09-20 01:26:43 +01:00
f02caae2d1
Bump version for next stable release~!
2020-09-11 21:22:57 +01:00
7fe8f1ab02
Bump version ready for next beta release
2020-09-05 00:51:46 +01:00
32c6906a27
Update changelog
2020-08-31 21:05:20 +01:00
0085ddf0c4
Don't emit custom css unless there's something to emit
2020-08-31 21:04:59 +01:00
42971f573d
Bugfix: Fix invalid HTML generated by new hide_email() logic
2020-08-31 20:56:34 +01:00
4012b31194
Changelog: layout
2020-08-19 17:00:09 +01:00
9fad95035b
Fix inbody:searchterm advanced query syntax - fixes #210 (thanks to @SeanFromIT for the report)
2020-08-19 16:59:54 +01:00
97f3e88a94
Update changelog & docs/bugfix system requirements
2020-08-19 15:10:23 +01:00
fe690c3b26
Changelog: add issue reference numbers
2020-08-19 14:50:32 +01:00
d9ddb504bf
Fix typo in the name of the didyoumean index (which is disabled by default).
...
Admins need to manually rename `didyoumeaninddex.sqlite` →
`didyoumeanindex.sqlite`
2020-08-18 15:41:14 +01:00
2ee9f54418
Update changelog
2020-08-18 13:52:18 +01:00
c2e4a04778
Fix #209
2020-08-18 13:49:16 +01:00
490aeb9752
Document structure of pageindex.json
2020-08-16 16:03:50 +01:00
12241c645d
config-info: add dark theme & link clicker thingy
2020-08-15 13:30:27 +01:00
3c5a407356
Really fix #205
2020-08-11 23:01:44 +01:00
5a62a0455b
Bump version for first beta release of v0.22!
2020-08-11 18:08:29 +01:00
b9cbfb7619
Bump title & tag match weightings in search results
2020-08-11 01:06:03 +01:00
89d835afa5
Don't redirect when clicking on a redirect page in the recent changes list
2020-08-11 01:02:17 +01:00
6bd71b89e2
Update changelog
2020-08-09 23:54:58 +01:00
c0fa5b8ae4
Finish improvements to pageindex rebuilder
...
also squash warning from stats engine during the firstrun wizard
2020-08-08 22:01:12 +01:00
3b799cbcba
parser-parsedown: fix templating
2020-08-08 01:54:10 +01:00
ddb7cd9c18
action-raw: add new typeheader GET parameter
2020-08-08 01:18:01 +01:00
75c15d66b2
page-move: Ensure that the new subpage actually exists - fixes #201
2020-08-06 15:47:41 +01:00
e3e2a01435
Improve PDF preview when embedded in pages - fixes #202
2020-08-06 15:28:24 +01:00