Commit graph

4265 commits

Author SHA1 Message Date
Hypolite Petovan
25475b4838 Escape album name select list in photo upload form
- Thanks to @apexrabbit for the report!
2024-05-10 11:25:59 -04:00
Michael
0e79b5373b The legacy proxy functionality is removed 2024-04-15 18:58:02 +00:00
Michael
69fc2c04e4 Issue 13812: Public groups with manual request approval 2024-04-08 07:58:45 +00:00
Michael
b40687081e The data for the language display is now fetched on demand 2024-04-05 10:29:27 +00:00
Michael
50b1de5959 Menu option to display the search text 2024-04-05 07:35:21 +00:00
Hypolite Petovan
3bb00f36f8 [frio] Restore lateral margins on home/login page for mobile display
- They had been removed site-wide to give more space to posts in the network view
2024-04-01 09:41:08 -04:00
Éibhear Ó hAnluain
394c388a46
Fixing the queue.tpl files 2024-03-29 20:36:40 +00:00
Éibhear Ó hAnluain
1d86146f64
Show next_try only for the deferred worker job. 2024-03-29 20:27:10 +00:00
Éibhear Ó hAnluain
751ffe6bc6
Add the next_try field to the worker job queue list 2024-03-29 20:27:10 +00:00
Michael
f537d7a64f Simplified admin frontend for features 2024-03-25 21:55:42 +00:00
Michael
67e0b6357e The visibility of network widgets can now be locked 2024-03-25 08:00:46 +00:00
Michael
200cf29a8d Configuration for widgets 2024-03-25 07:38:36 +00:00
Hypolite Petovan
e293de04f5 Add '$VERSION' template variable to make Friendica version available in templates
- constant() Smarty function is deprecated
- Remove unused site-wide template variable '$APP'
- Address https://github.com/friendica/friendica/issues/14027#issuecomment-2016469408
2024-03-24 09:20:58 -04:00
Michael
3d267c7b8f Possibility to mark contacts as "channel only" 2024-03-21 13:20:52 +00:00
Hypolite Petovan
4fcc92e532 [frio] Delete legacy scheme files 2024-03-01 08:48:41 -05:00
Hypolite Petovan
2c259c5c6f [frio] Remove legacy schemes
- [frio] Replace default scheme file by default scheme value
- [frio] Simplify frio theme settings
- [frio] Remove query string scheme setting
2024-03-01 08:48:38 -05:00
Hypolite Petovan
5c5d7eb04f
Fix several vulnerabilities (#13927)
* Escape HTML in the location field of a calendar event post

- This allowed script tags to be interpreted in the post display of an event.

* Add form security token check to /admin/phpinfo module

- This prevents basic XSS attacks against /admin/phpinfo

* Add form security token check to /babel module

- This prevents basic XSS attacks against /babel

* Prevent pass-through for attachments

- This addresses a straightforward Reflected XSS vulnerability if a malicious HTML/Javascript file is attached to a post through upload

* Prevent overwriting cid on event edit

- This allowed to share an event as any other user after zeroing the cid field of an existing event
2024-02-22 06:53:52 +01:00
Michael Vogel
d5c0f086bd
Disallow mail addresses for registration (#13920)
* Disallow mail addresses for registration

* Order for allow/disallow has been changed
2024-02-19 09:33:20 +01:00
Michael Vogel
52825cb4c4
User setting to disable blurring of sensitive pictures (#13883) 2024-02-10 09:50:49 +01:00
Michael
3fe4991fcf Filter user defined channels by size 2024-01-30 10:05:05 +00:00
Michael Vogel
09edf251ee
Anti spam measures against hashtag spam (#13855) 2024-01-25 19:41:07 +01:00
Michael
6389133575 Expiry post search index entries 2024-01-21 16:24:59 +00:00
Michael Vogel
75b37fe376
Merge pull request #13834 from MrPetovan/task/remove-delete-rotator
[frio] Move item deletion rotator to button
2024-01-17 18:00:31 +01:00
Hypolite Petovan
0b93270d7b [frio] Move item deletion rotator to button 2024-01-15 10:22:37 -05:00
Michael
7a13d8b8ac Merge remote-tracking branch 'upstream/develop' into channel-relay 2024-01-15 06:14:55 +00:00
Hannes Heute
60e1427ffe remove a superfluous '01' that appeared next to checkboxes from template file 2024-01-10 17:41:53 +01:00
Dr. Tobias Quathamer
6fd057fd00 Use double quotes where possible 2024-01-07 21:48:22 +01:00
Dr. Tobias Quathamer
e6036b8266 Clean up smarty templates.
This simplifies some logic in if-conditions, because
smarty just returns an empty string for undefined
variables.

Also, this commit removes unnecessary values from
HTML input attributes.
2024-01-07 21:40:01 +01:00
Michael
d2a74d1936 New option to disallow 2024-01-07 19:22:56 +00:00
Michael
c4b85ef25a New field "publish" for channels 2024-01-07 18:36:47 +00:00
Dr. Tobias Quathamer
26f4532d47 Enable HTML attributes in all form fields.
Closes #13804
2024-01-06 16:28:48 +01:00
Michael
31b88da9d5 Merge remote-tracking branch 'upstream/develop' into channel-languages 2024-01-03 19:17:58 +00:00
Michael
da3d390187 User defined channels can now have got individual language definitions 2024-01-03 19:17:14 +00:00
Michael
7ecf143e4c The "unkmail" functionality is removed 2024-01-03 10:23:11 +00:00
Hypolite Petovan
21b16ef822
Merge pull request #13795 from annando/copyright
Friendica copyright changed from 2023 to 2034
2024-01-02 21:28:02 -05:00
Michael
89e7420237 Friendica copyright changed from 2023 to 2034 2024-01-02 20:57:26 +00:00
Michael
16d0d17169 There is now a single way to display group postings 2024-01-02 20:45:02 +00:00
Raroun
b26a5ce0fa
Update style.css
Added missing space
2023-12-26 19:41:37 +01:00
Raroun
6c1df6471a
Update style.css
Added missing spaces
2023-12-26 19:40:44 +01:00
Raroun
53c7da87a6
removed unnecessary empty line 2023-12-26 16:53:34 +01:00
Raroun
4e3302ea0d
Update style.css
Addes remote friends in common wrapper
2023-12-26 16:42:07 +01:00
Raroun
4faa43766d
Added collapsable support for remote friends in common in vier theme 2023-12-26 16:39:08 +01:00
Raroun
bfc11495f3
Update style.css
Adjusted the BGcolor as suggested by Annando
2023-12-26 14:13:02 +01:00
Raroun
46d34c53e6
Update style.css - removed unnecessary empty line 2023-12-26 10:04:24 +01:00
Raroun
2bb5785dfa
Update style.css
addes missing empty lines
2023-12-26 09:53:12 +01:00
Raroun
243bcba726
Update style.css to display remote friends in common in a css grid 2023-12-26 09:46:33 +01:00
Hypolite Petovan
04cdd3e8ec
Fix Smarty reference to version constant after it was moved to App class (#13769) 2023-12-25 19:26:19 +01:00
Michael Vogel
f23ecaff6a
Posts per author/server on the community pages (#13764)
* Posts per author/server on the community pages

* Updated database.sql
2023-12-25 12:39:15 +01:00
Hypolite Petovan
1f9536694c
Merge pull request #13754 from xundeenergie/quote-button
Change reshare to quote icon for quote-button
2023-12-23 11:39:05 -05:00
Raroun
9d4a515571
Update style.css
Added 15 pixels of space between picture permissions and send button
2023-12-23 05:39:51 +01:00