As a result of the changes, the editor is started in a larger window. In addition, the authorisation settings for the article are hidden for the time being. These can be shown via a sandwitch menu if required. The reload of the page is prevented so that articles already created in the editor are not lost.
The Composer Editor is another editor in Friendica that is particularly suitable for entering longer texts (e.g. at the local workstation). The special feature is that the editor is loaded in a separate window and therefore does not distract from the timeline. The editor can still be used in mobile applications
As a result of the changes, the editor is started in a larger window. In addition, the authorisation settings for the article are hidden for the time being. These can be shown via a sandwitch menu if required.
The reload of the page is prevented so that articles already created in the editor are not lost.
ar.
The Composer Editor is another editor in Friendica that is particularly suitable for entering longer texts (e.g. at the local workstation). The special feature is that the editor is loaded in a separate window and therefore does not distract from the timeline.
The editor can still be used in mobile applications
The tranding tags don't look very nice. The changes are intended to make them more attractive.
- For this purpose, each tag is preceded by a "fa fa-hashtag".
- The # in front of the word has been removed
- Clicking on a hashtag searches with a hashtag as usual.
- Other tags were previously displayed indented
- Now it is ensured that all hashtags are in one line
This is a suggestion that can be discarded at any time. I would still be happy if the changes could be adopted.
- Create AclReceivers and AddressedReceivers entities to collect contact names
- Create privacy/permission_tooltip.tpl to escape contact names
- Move PermissionTooltip module to Privacy namespace
- Thanks to @apexrabbit for the report!
With this patch the error levels shown in the Admin Panel -> Log view are coloured according to severity. Starting from green for debug, over orange for notices to bold red for errors and criticals.
* Escape HTML in the location field of a calendar event post
- This allowed script tags to be interpreted in the post display of an event.
* Add form security token check to /admin/phpinfo module
- This prevents basic XSS attacks against /admin/phpinfo
* Add form security token check to /babel module
- This prevents basic XSS attacks against /babel
* Prevent pass-through for attachments
- This addresses a straightforward Reflected XSS vulnerability if a malicious HTML/Javascript file is attached to a post through upload
* Prevent overwriting cid on event edit
- This allowed to share an event as any other user after zeroing the cid field of an existing event
This simplifies some logic in if-conditions, because
smarty just returns an empty string for undefined
variables.
Also, this commit removes unnecessary values from
HTML input attributes.
