Compare commits
10 Commits
ddc7402f8c
...
40b522352a
| Author | SHA1 | Date |
|---|---|---|
Ben Spiegel
|
40b522352a | |
 Starbeamrainbowlabs
|
8ace93e518
|
|
|
Starbeamrainbowlabs
|
242a9909ec
|
|
|
Starbeamrainbowlabs
|
34f003ace9
|
|
|
Starbeamrainbowlabs
|
f787d39f45
|
|
|
Starbeamrainbowlabs
|
9ec386dc24
|
|
|
Starbeamrainbowlabs
|
11bc915990
|
|
|
Starbeamrainbowlabs
|
f0289692d1
|
|
|
Benjamin Spiegel
|
3abad2e61e | |
|
Benjamin Spiegel
|
484f71fc6c |
|
|
@ -0,0 +1,12 @@
|
|||
{
|
||||
"cSpell.words": [
|
||||
"admindetails",
|
||||
"aeiou",
|
||||
"bcdfghjklmnpqrstvwxyz",
|
||||
"flameborn",
|
||||
"peppermintywiki",
|
||||
"returnto",
|
||||
"sitename",
|
||||
"sqlatenwiki"
|
||||
]
|
||||
}
|
||||
|
|
@ -13,6 +13,7 @@ This is the next release of Pepperminty Wiki, that hasn't been released yet.
|
|||
- **Fixed:** [Rest API] Documented `redirect` and `redirected_from` GET params to the `view` action.
|
||||
- **Fixed:** Fixed bug where templating variables were not populated under some circumstances.
|
||||
- **Fixed:** Typo on credits page
|
||||
- **Fixed:** Typos in user table
|
||||
|
||||
## v0.24-beta1
|
||||
|
||||
|
|
|
|||
|
|
@ -68,7 +68,7 @@ docker run -d sqlatenwiki/peppermintywiki:stable
|
|||
|
||||
|
||||
## Security
|
||||
If you've found a security issue, please don't open an issue. Instead, get in touch privately - e.g. via [Keybase](https://keybase.io/sbrl) or by email (`security [at sign] starbeamrainbowlabs [replace me with a dot] com`), and I'll try to respond ASAP.
|
||||
If you've found a security issue, please don't open an issue. Instead, get in touch privately - e.g. via email (`security [at sign] starbeamrainbowlabs [replace me with a dot] com`), and I'll try to respond ASAP.
|
||||
|
||||
If you would like to encrypt any communications with me, you can find my GPG key [here](https://starbeamrainbowlabs.com/sbrl.asc).
|
||||
|
||||
|
|
|
|||
|
|
@ -9,4 +9,3 @@ Additional methods of contact:
|
|||
|
||||
- The email address attached to my commits
|
||||
- My various profiles listed on my website: <https://starbeamrainbowlabs.com/>
|
||||
- Twitter: <https://twitter.com/SBRLabs>
|
||||
|
|
|
|||
|
|
@ -21,6 +21,9 @@
|
|||
4. See the [Configuring](06-Configuration.html) section for information on how to customise your installation, including the default login credentials.
|
||||
5. Ensure you configure your web server to block access to `peppermint.json`, as this contains all your account details (including your hashed password!)
|
||||
|
||||
### Blocking access to pepppermint.json
|
||||
|
||||
#### Nginx
|
||||
For those running Nginx, this configuration snippet should block access to `peppermint.json`:
|
||||
|
||||
```nginx
|
||||
|
|
@ -29,6 +32,7 @@ location /peppermint.json {
|
|||
}
|
||||
```
|
||||
|
||||
#### Apache
|
||||
If you are running Apache, then the following configuration snippet should block access to `peppermint.json` (credit: [@viradpt](https://github.com/sbrl/Pepperminty-Wiki/issues/224#issuecomment-912683114)):
|
||||
|
||||
```htaccess
|
||||
|
|
@ -38,6 +42,32 @@ If you are running Apache, then the following configuration snippet should block
|
|||
</Files>
|
||||
```
|
||||
|
||||
#### Lighttpd
|
||||
If you're running lighttpd, then you need to load the `mod_access` module:
|
||||
|
||||
```lighttpd
|
||||
server.modules += ( "mod_access" )
|
||||
```
|
||||
|
||||
If you already have a `server.modules` directive, simply add `mod_access` to the list if you haven't already. Then, just block access like so:
|
||||
|
||||
```lighttpd
|
||||
$HTTP["url"] =~ "^/peppermint.json" {
|
||||
url.access-deny = ("")
|
||||
}
|
||||
```
|
||||
|
||||
#### Caddy
|
||||
The Caddy web server makes it easy to block files. Add this to your `server` block if you have one, or if not just to the end of your Caddyfile:
|
||||
|
||||
```caddy
|
||||
@blocked {
|
||||
path *peppermint.json
|
||||
}
|
||||
respond @blocked 403
|
||||
```
|
||||
|
||||
#### Microsoft IIS
|
||||
For those running IIS, the following will grant the appropriate read and write permissions to the IIS_IUSRS group, and prevent the peppermint.json file from being retrieved.
|
||||
|
||||
Open an elevated (administrator) Command Prompt and run the following.
|
||||
|
|
@ -59,6 +89,7 @@ icacls . /grant IIS_IUSRS:(OI)(CI)RXWM
|
|||
ENDLOCAL
|
||||
```
|
||||
|
||||
#### Other web servers
|
||||
If you aren't running any of these web servers and have a configuration snippet to share for your web server, please [open an issue](https://github.com/sbrl/Pepperminty-Wiki/issues/new) to get in touch - and then we can add your configuration snippet to improve this documentation for everyone.
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -5,9 +5,9 @@
|
|||
|
||||
register_module([
|
||||
"name" => "User Organiser",
|
||||
"version" => "0.1.2",
|
||||
"version" => "0.1.3",
|
||||
"author" => "Starbeamrainbowlabs",
|
||||
"description" => "Adds a organiser page that lets moderators (or better) control the reegistered user accounts, and perform adminstrative actions such as password resets, and adding / removing accounts.",
|
||||
"description" => "Adds a organiser page that lets moderators (or better) control the registered user accounts, and perform administrative actions such as password resets, and adding / removing accounts.",
|
||||
"id" => "feature-user-table",
|
||||
"code" => function() {
|
||||
global $settings, $env;
|
||||
|
|
@ -149,7 +149,7 @@ https://github.com/sbrl/Pepperminty-Wiki/
|
|||
");
|
||||
|
||||
$content = "<h2>Add User</h2>
|
||||
<p>The new user was added to $settings->sitename sucessfully! Their details are as follows:</p>
|
||||
<p>The new user was added to $settings->sitename successfully! Their details are as follows:</p>
|
||||
<ul>
|
||||
<li>Username: <code>$new_username</code></li>";
|
||||
if(!empty($new_email))
|
||||
|
|
@ -282,7 +282,7 @@ Powered by Pepperminty Wiki
|
|||
});
|
||||
|
||||
|
||||
if($env->is_admin) add_help_section("949-user-table", "Managing User Accounts", "<p>As a moderator on $settings->sitename, you can use the <a href='?action=user-table'>User Table</a> to adminstrate the user accounts on $settings->sitename. It allows you to perform actions such as adding and removing accounts, and resetting passwords.</p>");
|
||||
if($env->is_admin) add_help_section("949-user-table", "Managing User Accounts", "<p>As a moderator on $settings->sitename, you can use the <a href='?action=user-table'>User Table</a> to administrate the user accounts on $settings->sitename. It allows you to perform actions such as adding and removing accounts, and resetting passwords.</p>");
|
||||
}
|
||||
]);
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -831,8 +831,9 @@ class search
|
|||
continue; // Skip terms we shouldn't search the page body for
|
||||
|
||||
// Loop over the pageindex and search the titles / tags
|
||||
reset($pageindex); // Reset array/object pointer
|
||||
foreach($pageindex as $pagename => $pagedata) {
|
||||
$obj = new ArrayObject($pageindex);
|
||||
$it = $obj->getIterator();
|
||||
foreach($it as $pagename => $pagedata) {
|
||||
// Setup a variable to hold the current page's id
|
||||
$pageid = null; // Cache the page id
|
||||
|
||||
|
|
|
|||
|
|
@ -1101,9 +1101,9 @@ class PeppermintParsedown extends ParsedownExtra
|
|||
// The page name is made safe when Pepperminty Wiki does initial consistency checks (if it's unsafe it results in a 301 redirect)
|
||||
$page_name = parsedown_pagename_resolve($matches_url[1]);
|
||||
|
||||
$internal_link_text = "[[${page_name}]]";
|
||||
$internal_link_text = "[[{$page_name}]]";
|
||||
if(!empty($matches[1])) // If the display text isn't empty, then respect it
|
||||
$internal_link_text = "[[${page_name}¦{$matches[1]}]]";
|
||||
$internal_link_text = "[[{$page_name}¦{$matches[1]}]]";
|
||||
|
||||
$result = $this->inlineInternalLink([
|
||||
"text" => $internal_link_text
|
||||
|
|
|
|||
Loading…
Reference in New Issue