From 2cf7a5f281e3b5008474230c488c1e4653fc2354 Mon Sep 17 00:00:00 2001 From: Matias Griese Date: Mon, 26 Apr 2021 09:53:21 +0300 Subject: [PATCH 1/9] Fixed broken numeric language codes in Flex Pages [#2131] --- CHANGELOG.md | 6 ++++++ system/src/Grav/Common/Flex/Types/Pages/PageIndex.php | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index f81ccffb4..3ee4513e3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,9 @@ +# v1.7.14 +## mm/dd/2021 + +1. [](#bugfix) + * Fixed broken numeric language codes in Flex Pages [#2131](https://github.com/getgrav/grav-plugin-admin/issues/2131) + # v1.7.13 ## 04/23/2021 diff --git a/system/src/Grav/Common/Flex/Types/Pages/PageIndex.php b/system/src/Grav/Common/Flex/Types/Pages/PageIndex.php index e9edbf7d5..b536c4cdf 100644 --- a/system/src/Grav/Common/Flex/Types/Pages/PageIndex.php +++ b/system/src/Grav/Common/Flex/Types/Pages/PageIndex.php @@ -416,7 +416,7 @@ class PageIndex extends FlexPageIndex implements PageCollectionInterface $languages = $this->getFallbackLanguages($lang, $fallback); foreach ($entries as $key => &$entry) { // Find out which version of the page we should load. - $translations = $this->getLanguageTemplates($key); + $translations = $this->getLanguageTemplates((string)$key); if (!$translations) { // No translations found, is this a folder? continue; From 094a1bd5eec3ad8fd1e800684ff09ac78fec9a2e Mon Sep 17 00:00:00 2001 From: Matias Griese Date: Mon, 26 Apr 2021 09:56:39 +0300 Subject: [PATCH 2/9] Changelog update --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 3ee4513e3..70bc62b5a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,7 +2,7 @@ ## mm/dd/2021 1. [](#bugfix) - * Fixed broken numeric language codes in Flex Pages [#2131](https://github.com/getgrav/grav-plugin-admin/issues/2131) + * Fixed broken numeric language codes in Flex Pages [#3332](https://github.com/getgrav/grav/issues/3332) # v1.7.13 ## 04/23/2021 From 1fd2162d4fad3fc1b70a0728c948d19d37139b95 Mon Sep 17 00:00:00 2001 From: Matias Griese Date: Mon, 26 Apr 2021 10:50:02 +0300 Subject: [PATCH 3/9] Fixed broken `exif_imagetype()` twig function, composer update --- CHANGELOG.md | 1 + composer.lock | 53 +++++++++---------- .../Twig/Extension/FilesystemExtension.php | 2 +- 3 files changed, 28 insertions(+), 28 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 70bc62b5a..db2ffaa79 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,7 @@ 1. [](#bugfix) * Fixed broken numeric language codes in Flex Pages [#3332](https://github.com/getgrav/grav/issues/3332) + * Fixed broken `exif_imagetype()` twig function # v1.7.13 ## 04/23/2021 diff --git a/composer.lock b/composer.lock index 7dd4ead44..1d512629a 100644 --- a/composer.lock +++ b/composer.lock @@ -212,40 +212,39 @@ }, { "name": "doctrine/cache", - "version": "1.10.2", + "version": "1.11.0", "source": { "type": "git", "url": "https://github.com/doctrine/cache.git", - "reference": "13e3381b25847283a91948d04640543941309727" + "reference": "a9c1b59eba5a08ca2770a76eddb88922f504e8e0" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/doctrine/cache/zipball/13e3381b25847283a91948d04640543941309727", - "reference": "13e3381b25847283a91948d04640543941309727", + "url": "https://api.github.com/repos/doctrine/cache/zipball/a9c1b59eba5a08ca2770a76eddb88922f504e8e0", + "reference": "a9c1b59eba5a08ca2770a76eddb88922f504e8e0", "shasum": "" }, "require": { "php": "~7.1 || ^8.0" }, "conflict": { - "doctrine/common": ">2.2,<2.4" + "doctrine/common": ">2.2,<2.4", + "psr/cache": ">=3" }, "require-dev": { "alcaeus/mongo-php-adapter": "^1.1", - "doctrine/coding-standard": "^6.0", + "cache/integration-tests": "dev-master", + "doctrine/coding-standard": "^8.0", "mongodb/mongodb": "^1.1", - "phpunit/phpunit": "^7.0", - "predis/predis": "~1.0" + "phpunit/phpunit": "^7.0 || ^8.0 || ^9.0", + "predis/predis": "~1.0", + "psr/cache": "^1.0 || ^2.0", + "symfony/cache": "^4.4 || ^5.2" }, "suggest": { "alcaeus/mongo-php-adapter": "Required to use legacy MongoDB driver" }, "type": "library", - "extra": { - "branch-alias": { - "dev-master": "1.9.x-dev" - } - }, "autoload": { "psr-4": { "Doctrine\\Common\\Cache\\": "lib/Doctrine/Common/Cache" @@ -292,7 +291,7 @@ ], "support": { "issues": "https://github.com/doctrine/cache/issues", - "source": "https://github.com/doctrine/cache/tree/1.10.x" + "source": "https://github.com/doctrine/cache/tree/1.11.0" }, "funding": [ { @@ -308,7 +307,7 @@ "type": "tidelift" } ], - "time": "2020-07-07T18:54:01+00:00" + "time": "2021-04-13T14:46:17+00:00" }, { "name": "doctrine/collections", @@ -642,16 +641,16 @@ }, { "name": "filp/whoops", - "version": "2.12.0", + "version": "2.12.1", "source": { "type": "git", "url": "https://github.com/filp/whoops.git", - "reference": "d501fd2658d55491a2295ff600ae5978eaad7403" + "reference": "c13c0be93cff50f88bbd70827d993026821914dd" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/filp/whoops/zipball/d501fd2658d55491a2295ff600ae5978eaad7403", - "reference": "d501fd2658d55491a2295ff600ae5978eaad7403", + "url": "https://api.github.com/repos/filp/whoops/zipball/c13c0be93cff50f88bbd70827d993026821914dd", + "reference": "c13c0be93cff50f88bbd70827d993026821914dd", "shasum": "" }, "require": { @@ -701,7 +700,7 @@ ], "support": { "issues": "https://github.com/filp/whoops/issues", - "source": "https://github.com/filp/whoops/tree/2.12.0" + "source": "https://github.com/filp/whoops/tree/2.12.1" }, "funding": [ { @@ -709,7 +708,7 @@ "type": "github" } ], - "time": "2021-03-30T12:00:00+00:00" + "time": "2021-04-25T12:00:00+00:00" }, { "name": "getgrav/cache", @@ -3576,16 +3575,16 @@ }, { "name": "codeception/lib-innerbrowser", - "version": "1.4.2", + "version": "1.5.0", "source": { "type": "git", "url": "https://github.com/Codeception/lib-innerbrowser.git", - "reference": "4ffb91c18e4cacd073ff2914c07e5ccaf5efe449" + "reference": "4b0d89b37fe454e060a610a85280a87ab4f534f1" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/Codeception/lib-innerbrowser/zipball/4ffb91c18e4cacd073ff2914c07e5ccaf5efe449", - "reference": "4ffb91c18e4cacd073ff2914c07e5ccaf5efe449", + "url": "https://api.github.com/repos/Codeception/lib-innerbrowser/zipball/4b0d89b37fe454e060a610a85280a87ab4f534f1", + "reference": "4b0d89b37fe454e060a610a85280a87ab4f534f1", "shasum": "" }, "require": { @@ -3630,9 +3629,9 @@ ], "support": { "issues": "https://github.com/Codeception/lib-innerbrowser/issues", - "source": "https://github.com/Codeception/lib-innerbrowser/tree/1.4.2" + "source": "https://github.com/Codeception/lib-innerbrowser/tree/1.5.0" }, - "time": "2021-04-06T05:26:49+00:00" + "time": "2021-04-23T06:18:29+00:00" }, { "name": "codeception/module-asserts", diff --git a/system/src/Grav/Common/Twig/Extension/FilesystemExtension.php b/system/src/Grav/Common/Twig/Extension/FilesystemExtension.php index a44ad3c52..e31b5fb4f 100644 --- a/system/src/Grav/Common/Twig/Extension/FilesystemExtension.php +++ b/system/src/Grav/Common/Twig/Extension/FilesystemExtension.php @@ -265,7 +265,7 @@ class FilesystemExtension extends AbstractExtension return false; } - return @exif_imagetype(); + return @exif_imagetype($filename); } /** From defb793b0bd5d1055cc4bfa29baf3d7d971f76a9 Mon Sep 17 00:00:00 2001 From: Matias Griese Date: Mon, 26 Apr 2021 10:54:39 +0300 Subject: [PATCH 4/9] Hide phpstan deprecation errors on Doctrine Cache --- tests/phpstan/phpstan.neon | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/tests/phpstan/phpstan.neon b/tests/phpstan/phpstan.neon index ff372d778..9125630cc 100644 --- a/tests/phpstan/phpstan.neon +++ b/tests/phpstan/phpstan.neon @@ -124,8 +124,11 @@ parameters: # Support for deprecated features - - message: '#Instantiation of deprecated class Doctrine\\Common\\Cache\\MemcacheCache#' + message: '#Instantiation of deprecated class Doctrine\\Common\\Cache\\(\w+)Cache#' path: '*/system/src/Grav/Common/Cache.php' + - + message: '#Instantiation of deprecated class Doctrine\\Common\\Cache\\(\w+)Cache#' + path: '*/system/src/Grav/Common/GPM/Remote/*.php' - message: '#Call to deprecated method order#' path: '*/system/src/Grav/Common/Page/Pages.php' From 2813934d21b04ef5c9a084dfea3e0873588d69e7 Mon Sep 17 00:00:00 2001 From: Ricardo Date: Mon, 26 Apr 2021 21:20:19 +0100 Subject: [PATCH 5/9] fix for when no valid link attributes are present --- system/src/Grav/Common/Page/Markdown/Excerpts.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/system/src/Grav/Common/Page/Markdown/Excerpts.php b/system/src/Grav/Common/Page/Markdown/Excerpts.php index 0c687e7f1..e8afd3655 100644 --- a/system/src/Grav/Common/Page/Markdown/Excerpts.php +++ b/system/src/Grav/Common/Page/Markdown/Excerpts.php @@ -114,7 +114,7 @@ class Excerpts ); // Valid attributes supported. - $valid_attributes = $grav['config']->get('system.pages.markdown.valid_link_attributes'); + $valid_attributes = $grav['config']->get('system.pages.markdown.valid_link_attributes') ?? []; $skip = []; // Unless told to not process, go through actions. From f8106a48ae442f75573c43c3ee5425f818164b13 Mon Sep 17 00:00:00 2001 From: Matias Griese Date: Wed, 28 Apr 2021 12:44:21 +0300 Subject: [PATCH 6/9] Added `MediaUploadTrait::checkFileMetadata()` method --- CHANGELOG.md | 2 + .../Common/Media/Traits/MediaUploadTrait.php | 50 ++++++++++++++----- 2 files changed, 39 insertions(+), 13 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index db2ffaa79..0d88e74cb 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,8 @@ # v1.7.14 ## mm/dd/2021 +1. [](#new) + * Added `MediaUploadTrait::checkFileMetadata()` method 1. [](#bugfix) * Fixed broken numeric language codes in Flex Pages [#3332](https://github.com/getgrav/grav/issues/3332) * Fixed broken `exif_imagetype()` twig function diff --git a/system/src/Grav/Common/Media/Traits/MediaUploadTrait.php b/system/src/Grav/Common/Media/Traits/MediaUploadTrait.php index 3a0181a32..6da77eee2 100644 --- a/system/src/Grav/Common/Media/Traits/MediaUploadTrait.php +++ b/system/src/Grav/Common/Media/Traits/MediaUploadTrait.php @@ -71,15 +71,6 @@ trait MediaUploadTrait */ public function checkUploadedFile(UploadedFileInterface $uploadedFile, string $filename = null, array $settings = null): string { - // Add the defaults to the settings. - $settings = $this->getUploadSettings($settings); - - // Destination is always needed (but it can be set in defaults). - $self = $settings['self'] ?? false; - if (!isset($settings['destination']) && $self === false) { - throw new RuntimeException($this->translate('PLUGIN_ADMIN.DESTINATION_NOT_SPECIFIED'), 400); - } - // Check if there is an upload error. switch ($uploadedFile->getError()) { case UPLOAD_ERR_OK: @@ -101,10 +92,38 @@ trait MediaUploadTrait throw new RuntimeException($this->translate('PLUGIN_ADMIN.UNKNOWN_ERRORS'), 400); } + $metadata = [ + 'filename' => $uploadedFile->getClientFilename(), + 'mime' => $uploadedFile->getClientMediaType(), + 'size' => $uploadedFile->getSize(), + ]; + + return $this->checkFileMetadata($metadata, $filename, $settings); + } + + /** + * Checks that file metadata meets the requirements. Returns new filename. + * + * @param array $metadata + * @param array|null $settings + * @return string|null + * @throws RuntimeException + */ + public function checkFileMetadata(array $metadata, string $filename = null, array $settings = null): string + { + // Add the defaults to the settings. + $settings = $this->getUploadSettings($settings); + + // Destination is always needed (but it can be set in defaults). + $self = $settings['self'] ?? false; + if (!isset($settings['destination']) && $self === false) { + throw new RuntimeException($this->translate('PLUGIN_ADMIN.DESTINATION_NOT_SPECIFIED'), 400); + } + if (null === $filename) { // If no filename is given, use the filename from the uploaded file (path is not allowed). $folder = ''; - $filename = $uploadedFile->getClientFilename() ?? ''; + $filename = $metadata['filename'] ?? ''; } else { // If caller sets the filename, we will accept any custom path. $folder = dirname($filename); @@ -128,7 +147,7 @@ trait MediaUploadTrait $filename = date('YmdHis') . '-' . $filename; } } - $filepath = $folder !== '' ? $folder . $filename : $filename; + $filepath = $folder . $filename; // Check if the filename is allowed. if (!Utils::checkFilename($filename)) { @@ -148,14 +167,14 @@ trait MediaUploadTrait $filesize = $settings['filesize']; if ($filesize) { $max_filesize = $filesize * 1048576; - if ($uploadedFile->getSize() > $max_filesize) { + if ($metadata['size'] > $max_filesize) { // TODO: use own language string throw new RuntimeException($this->translate('PLUGIN_ADMIN.EXCEEDED_GRAV_FILESIZE_LIMIT'), 400); } } elseif (null === $filesize) { // Check size against the Grav upload limit. $grav_limit = Utils::getUploadLimit(); - if ($grav_limit > 0 && $uploadedFile->getSize() > $grav_limit) { + if ($grav_limit > 0 && $metadata['size'] > $grav_limit) { throw new RuntimeException($this->translate('PLUGIN_ADMIN.EXCEEDED_GRAV_FILESIZE_LIMIT'), 400); } } @@ -165,6 +184,11 @@ trait MediaUploadTrait $errors = []; // Do not trust mime type sent by the browser. $mime = Utils::getMimeByFilename($filename); + $mimeTest = $metadata['mime'] ?? $mime; + if ($mime !== $mimeTest) { + throw new RuntimeException('The mime type does not match to file extension', 400); + } + foreach ((array)$settings['accept'] as $type) { // Force acceptance of any file when star notation if ($type === '*') { From 3aa47043c9236b6a1dde2e3c5bde897dacecfe26 Mon Sep 17 00:00:00 2001 From: Matias Griese Date: Wed, 28 Apr 2021 13:58:08 +0300 Subject: [PATCH 7/9] Added option to set flash folder in FlexForm --- system/src/Grav/Framework/Flex/FlexForm.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/system/src/Grav/Framework/Flex/FlexForm.php b/system/src/Grav/Framework/Flex/FlexForm.php index 83c98d6bc..192f38fec 100644 --- a/system/src/Grav/Framework/Flex/FlexForm.php +++ b/system/src/Grav/Framework/Flex/FlexForm.php @@ -119,7 +119,7 @@ class FlexForm implements FlexObjectFormInterface, JsonSerializable } $this->setUniqueId($uniqueId); $directory = $object->getFlexDirectory(); - $this->setFlashLookupFolder($directory->getBlueprint()->get('form/flash_folder') ?? 'tmp://forms/[SESSIONID]'); + $this->setFlashLookupFolder($options['flash_folder'] ?? $directory->getBlueprint()->get('form/flash_folder') ?? 'tmp://forms/[SESSIONID]'); $this->form = $options['form'] ?? null; if (!empty($options['reset'])) { From 9f5a15f00ad268077bd32e679d060288e67c6ea7 Mon Sep 17 00:00:00 2001 From: Matias Griese Date: Thu, 29 Apr 2021 15:37:44 +0300 Subject: [PATCH 8/9] Updating a theme should always keep the custom files --- CHANGELOG.md | 2 ++ system/src/Grav/Common/GPM/Installer.php | 5 ++++- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0d88e74cb..655a5f951 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,8 @@ 1. [](#new) * Added `MediaUploadTrait::checkFileMetadata()` method +1. [](#improved) + * Updating a theme should always keep the custom files [getgrav/grav-plugin-admin#2135](https://github.com/getgrav/grav-plugin-admin/issues/2135) 1. [](#bugfix) * Fixed broken numeric language codes in Flex Pages [#3332](https://github.com/getgrav/grav/issues/3332) * Fixed broken `exif_imagetype()` twig function diff --git a/system/src/Grav/Common/GPM/Installer.php b/system/src/Grav/Common/GPM/Installer.php index 9cdea52aa..639240be6 100644 --- a/system/src/Grav/Common/GPM/Installer.php +++ b/system/src/Grav/Common/GPM/Installer.php @@ -135,7 +135,10 @@ class Installer } if (!$options['sophisticated']) { - if ($options['theme']) { + $isTheme = $options['theme'] ?? false; + // Make sure that themes are always being copied, even if option was not set! + $isTheme = $isTheme || preg_match('|/themes/[^/]+|ui', $install_path); + if ($isTheme) { self::copyInstall($extracted, $install_path); } else { self::moveInstall($extracted, $install_path); From d1e58eb95eb1e25ffd3b8595d943f365a72c15ef Mon Sep 17 00:00:00 2001 From: Andy Miller Date: Thu, 29 Apr 2021 10:22:16 -0600 Subject: [PATCH 9/9] prepare for release --- CHANGELOG.md | 2 +- system/defines.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 655a5f951..27799cb3f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,5 @@ # v1.7.14 -## mm/dd/2021 +## 04/29/2021 1. [](#new) * Added `MediaUploadTrait::checkFileMetadata()` method diff --git a/system/defines.php b/system/defines.php index 0fdf35973..2b592b5f3 100644 --- a/system/defines.php +++ b/system/defines.php @@ -9,7 +9,7 @@ // Some standard defines define('GRAV', true); -define('GRAV_VERSION', '1.7.13'); +define('GRAV_VERSION', '1.7.14'); define('GRAV_SCHEMA', '1.7.0_2020-11-20_1'); define('GRAV_TESTING', false);