Mirrors/grav
1
0
Fork 0
mirror of https://github.com/getgrav/grav.git synced 2025-02-20 19:56:53 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'release/1.7.41'

Browse Source
This commit is contained in:
Andy Miller 2023-05-09 12:44:53 -06:00
commit e4a30f5966
No known key found for this signature in database
GPG Key ID: 9F2CF38AEBDB0AE0
27 changed files with 345 additions and 261 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.gitignore vendored
View File

@ -25,8 +25,7 @@ user/plugins/*
!user/plugins/.*
user/themes/*
!user/themes/.*
user/localhost/config/security.yaml
user/config/security.yaml
user/**/config/security.yaml
# Environments
.env
@ -49,4 +48,3 @@ tests/cache/*
tests/error.log
system/templates/testing/*
/user/config/versions.yaml
/user/cli/config/security.yaml

17
CHANGELOG.md
View File

@ -1,3 +1,20 @@
# v1.7.41
## 05/09/2023
1. [](#improved)
* Removed `FILTER_SANITIZE_STRING` input filter in favor of `htmlspecialchars(strip_tags())` for PHP 8.2+
* Added `GRAV_SANITIZE_STRING` constant to replace `FILTER_SANITIZE_STRING` for PHP 8.2+
* Support non-deprecated style dynamic properties in `Parsedown` class via `ParseDownGravTrait` for PHP 8.2+
* Modified `Truncator` to not use deprecated `mb_convert_encoding()` for PHP 8.2+
* Fixed passing null into `mb_strpos()` deprecated for PHP 8.2+
* Updated internal `TwigDeferredExtension` to be PHP 8.2+ compatible
* Upgraded `getgrav/image` fork to take advantage of various PHP 8.2+ fixes
* Use `UserGroupObject::groupNames` method in blueprints for PHP 8.2+
* Comment out `files-upload` deprecated message as this is not going to be removed
* Added various public `Twig` class variables used by admin to address deprecated messages for PHP 8.2+
* Added `parse_url` to list of PHP functions supported in Twig Extension
* Added support for dynamic functions in `Parsedown` to stop deprecation messages in PHP 8.2+
# v1.7.40
## 03/22/2023

373
composer.lock generated
View File

@ -593,16 +593,16 @@
},
{
"name": "filp/whoops",
"version": "2.14.6",
"version": "2.15.2",
"source": {
"type": "git",
"url": "https://github.com/filp/whoops.git",
"reference": "f7948baaa0330277c729714910336383286305da"
"reference": "aac9304c5ed61bf7b1b7a6064bf9806ab842ce73"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/filp/whoops/zipball/f7948baaa0330277c729714910336383286305da",
"reference": "f7948baaa0330277c729714910336383286305da",
"url": "https://api.github.com/repos/filp/whoops/zipball/aac9304c5ed61bf7b1b7a6064bf9806ab842ce73",
"reference": "aac9304c5ed61bf7b1b7a6064bf9806ab842ce73",
"shasum": ""
},
"require": {
@ -652,7 +652,7 @@
],
"support": {
"issues": "https://github.com/filp/whoops/issues",
"source": "https://github.com/filp/whoops/tree/2.14.6"
"source": "https://github.com/filp/whoops/tree/2.15.2"
},
"funding": [
{
@ -660,7 +660,7 @@
"type": "github"
}
],
"time": "2022-11-02T16:23:29+00:00"
"time": "2023-04-12T12:00:00+00:00"
},
{
"name": "getgrav/cache",
@ -715,17 +715,17 @@
},
{
"name": "getgrav/image",
"version": "v3.0.0",
"version": "v3.0.1",
"target-dir": "Gregwar/Image",
"source": {
"type": "git",
"url": "https://github.com/getgrav/Image.git",
"reference": "02c1bb2c179dd894c4f6610c9c49da364ee7d264"
"reference": "a6a36c24db4b0fd7a7bfd50b86412eaecd5c6370"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/getgrav/Image/zipball/02c1bb2c179dd894c4f6610c9c49da364ee7d264",
"reference": "02c1bb2c179dd894c4f6610c9c49da364ee7d264",
"url": "https://api.github.com/repos/getgrav/Image/zipball/a6a36c24db4b0fd7a7bfd50b86412eaecd5c6370",
"reference": "a6a36c24db4b0fd7a7bfd50b86412eaecd5c6370",
"shasum": ""
},
"require": {
@ -769,22 +769,22 @@
"image"
],
"support": {
"source": "https://github.com/getgrav/Image/tree/v3.0.0"
"source": "https://github.com/getgrav/Image/tree/v3.0.1"
},
"time": "2021-04-20T05:50:18+00:00"
"time": "2023-05-08T21:44:38+00:00"
},
{
"name": "guzzlehttp/psr7",
"version": "1.9.0",
"version": "1.9.1",
"source": {
"type": "git",
"url": "https://github.com/guzzle/psr7.git",
"reference": "e98e3e6d4f86621a9b75f623996e6bbdeb4b9318"
"reference": "e4490cabc77465aaee90b20cfc9a770f8c04be6b"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/guzzle/psr7/zipball/e98e3e6d4f86621a9b75f623996e6bbdeb4b9318",
"reference": "e98e3e6d4f86621a9b75f623996e6bbdeb4b9318",
"url": "https://api.github.com/repos/guzzle/psr7/zipball/e4490cabc77465aaee90b20cfc9a770f8c04be6b",
"reference": "e4490cabc77465aaee90b20cfc9a770f8c04be6b",
"shasum": ""
},
"require": {
@ -803,11 +803,6 @@
"laminas/laminas-httphandlerrunner": "Emit PSR-7 responses"
},
"type": "library",
"extra": {
"branch-alias": {
"dev-master": "1.9-dev"
}
},
"autoload": {
"files": [
"src/functions_include.php"
@ -865,7 +860,7 @@
],
"support": {
"issues": "https://github.com/guzzle/psr7/issues",
"source": "https://github.com/guzzle/psr7/tree/1.9.0"
"source": "https://github.com/guzzle/psr7/tree/1.9.1"
},
"funding": [
{
@ -881,7 +876,7 @@
"type": "tidelift"
}
],
"time": "2022-06-20T21:43:03+00:00"
"time": "2023-04-17T16:00:37+00:00"
},
{
"name": "itsgoingd/clockwork",
@ -1401,38 +1396,39 @@
},
{
"name": "nyholm/psr7",
"version": "1.5.1",
"version": "1.8.0",
"source": {
"type": "git",
"url": "https://github.com/Nyholm/psr7.git",
"reference": "f734364e38a876a23be4d906a2a089e1315be18a"
"reference": "3cb4d163b58589e47b35103e8e5e6a6a475b47be"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/Nyholm/psr7/zipball/f734364e38a876a23be4d906a2a089e1315be18a",
"reference": "f734364e38a876a23be4d906a2a089e1315be18a",
"url": "https://api.github.com/repos/Nyholm/psr7/zipball/3cb4d163b58589e47b35103e8e5e6a6a475b47be",
"reference": "3cb4d163b58589e47b35103e8e5e6a6a475b47be",
"shasum": ""
},
"require": {
"php": ">=7.1",
"php-http/message-factory": "^1.0",
"php": ">=7.2",
"psr/http-factory": "^1.0",
"psr/http-message": "^1.0"
"psr/http-message": "^1.1 || ^2.0"
},
"provide": {
"php-http/message-factory-implementation": "1.0",
"psr/http-factory-implementation": "1.0",
"psr/http-message-implementation": "1.0"
},
"require-dev": {
"http-interop/http-factory-tests": "^0.9",
"php-http/message-factory": "^1.0",
"php-http/psr7-integration-tests": "^1.0",
"phpunit/phpunit": "^7.5 || 8.5 || 9.4",
"phpunit/phpunit": "^7.5 || ^8.5 || ^9.4",
"symfony/error-handler": "^4.4"
},
"type": "library",
"extra": {
"branch-alias": {
"dev-master": "1.4-dev"
"dev-master": "1.8-dev"
}
},
"autoload": {
@ -1462,7 +1458,7 @@
],
"support": {
"issues": "https://github.com/Nyholm/psr7/issues",
"source": "https://github.com/Nyholm/psr7/tree/1.5.1"
"source": "https://github.com/Nyholm/psr7/tree/1.8.0"
},
"funding": [
{
@ -1474,7 +1470,7 @@
"type": "github"
}
],
"time": "2022-06-22T07:13:36+00:00"
"time": "2023-05-02T11:26:24+00:00"
},
{
"name": "nyholm/psr7-server",
@ -1542,60 +1538,6 @@
],
"time": "2021-05-12T11:11:27+00:00"
},
{
"name": "php-http/message-factory",
"version": "v1.0.2",
"source": {
"type": "git",
"url": "https://github.com/php-http/message-factory.git",
"reference": "a478cb11f66a6ac48d8954216cfed9aa06a501a1"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/php-http/message-factory/zipball/a478cb11f66a6ac48d8954216cfed9aa06a501a1",
"reference": "a478cb11f66a6ac48d8954216cfed9aa06a501a1",
"shasum": ""
},
"require": {
"php": ">=5.4",
"psr/http-message": "^1.0"
},
"type": "library",
"extra": {
"branch-alias": {
"dev-master": "1.0-dev"
}
},
"autoload": {
"psr-4": {
"Http\\Message\\": "src/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Márk Sági-Kazár",
"email": "mark.sagikazar@gmail.com"
}
],
"description": "Factory interfaces for PSR-7 HTTP Message",
"homepage": "http://php-http.org",
"keywords": [
"factory",
"http",
"message",
"stream",
"uri"
],
"support": {
"issues": "https://github.com/php-http/message-factory/issues",
"source": "https://github.com/php-http/message-factory/tree/master"
},
"time": "2015-12-19T14:08:53+00:00"
},
{
"name": "pimple/pimple",
"version": "v3.5.0",
@ -1748,21 +1690,21 @@
},
{
"name": "psr/http-factory",
"version": "1.0.1",
"version": "1.0.2",
"source": {
"type": "git",
"url": "https://github.com/php-fig/http-factory.git",
"reference": "12ac7fcd07e5b077433f5f2bee95b3a771bf61be"
"reference": "e616d01114759c4c489f93b099585439f795fe35"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/php-fig/http-factory/zipball/12ac7fcd07e5b077433f5f2bee95b3a771bf61be",
"reference": "12ac7fcd07e5b077433f5f2bee95b3a771bf61be",
"url": "https://api.github.com/repos/php-fig/http-factory/zipball/e616d01114759c4c489f93b099585439f795fe35",
"reference": "e616d01114759c4c489f93b099585439f795fe35",
"shasum": ""
},
"require": {
"php": ">=7.0.0",
"psr/http-message": "^1.0"
"psr/http-message": "^1.0 || ^2.0"
},
"type": "library",
"extra": {
@ -1782,7 +1724,7 @@
"authors": [
{
"name": "PHP-FIG",
"homepage": "http://www.php-fig.org/"
"homepage": "https://www.php-fig.org/"
}
],
"description": "Common interfaces for PSR-7 HTTP message factories",
@ -1797,31 +1739,31 @@
"response"
],
"support": {
"source": "https://github.com/php-fig/http-factory/tree/master"
"source": "https://github.com/php-fig/http-factory/tree/1.0.2"
},
"time": "2019-04-30T12:38:16+00:00"
"time": "2023-04-10T20:10:41+00:00"
},
{
"name": "psr/http-message",
"version": "1.0.1",
"version": "1.1",
"source": {
"type": "git",
"url": "https://github.com/php-fig/http-message.git",
"reference": "f6561bf28d520154e4b0ec72be95418abe6d9363"
"reference": "cb6ce4845ce34a8ad9e68117c10ee90a29919eba"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/php-fig/http-message/zipball/f6561bf28d520154e4b0ec72be95418abe6d9363",
"reference": "f6561bf28d520154e4b0ec72be95418abe6d9363",
"url": "https://api.github.com/repos/php-fig/http-message/zipball/cb6ce4845ce34a8ad9e68117c10ee90a29919eba",
"reference": "cb6ce4845ce34a8ad9e68117c10ee90a29919eba",
"shasum": ""
},
"require": {
"php": ">=5.3.0"
"php": "^7.2 || ^8.0"
},
"type": "library",
"extra": {
"branch-alias": {
"dev-master": "1.0.x-dev"
"dev-master": "1.1.x-dev"
}
},
"autoload": {
@ -1850,27 +1792,27 @@
"response"
],
"support": {
"source": "https://github.com/php-fig/http-message/tree/master"
"source": "https://github.com/php-fig/http-message/tree/1.1"
},
"time": "2016-08-06T14:39:51+00:00"
"time": "2023-04-04T09:50:52+00:00"
},
{
"name": "psr/http-server-handler",
"version": "1.0.1",
"version": "1.0.2",
"source": {
"type": "git",
"url": "https://github.com/php-fig/http-server-handler.git",
"reference": "aff2f80e33b7f026ec96bb42f63242dc50ffcae7"
"reference": "84c4fb66179be4caaf8e97bd239203245302e7d4"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/php-fig/http-server-handler/zipball/aff2f80e33b7f026ec96bb42f63242dc50ffcae7",
"reference": "aff2f80e33b7f026ec96bb42f63242dc50ffcae7",
"url": "https://api.github.com/repos/php-fig/http-server-handler/zipball/84c4fb66179be4caaf8e97bd239203245302e7d4",
"reference": "84c4fb66179be4caaf8e97bd239203245302e7d4",
"shasum": ""
},
"require": {
"php": ">=7.0",
"psr/http-message": "^1.0"
"psr/http-message": "^1.0 || ^2.0"
},
"type": "library",
"extra": {
@ -1890,7 +1832,7 @@
"authors": [
{
"name": "PHP-FIG",
"homepage": "http://www.php-fig.org/"
"homepage": "https://www.php-fig.org/"
}
],
"description": "Common interface for HTTP server-side request handler",
@ -1906,28 +1848,27 @@
"server"
],
"support": {
"issues": "https://github.com/php-fig/http-server-handler/issues",
"source": "https://github.com/php-fig/http-server-handler/tree/master"
"source": "https://github.com/php-fig/http-server-handler/tree/1.0.2"
},
"time": "2018-10-30T16:46:14+00:00"
"time": "2023-04-10T20:06:20+00:00"
},
{
"name": "psr/http-server-middleware",
"version": "1.0.1",
"version": "1.0.2",
"source": {
"type": "git",
"url": "https://github.com/php-fig/http-server-middleware.git",
"reference": "2296f45510945530b9dceb8bcedb5cb84d40c5f5"
"reference": "c1481f747daaa6a0782775cd6a8c26a1bf4a3829"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/php-fig/http-server-middleware/zipball/2296f45510945530b9dceb8bcedb5cb84d40c5f5",
"reference": "2296f45510945530b9dceb8bcedb5cb84d40c5f5",
"url": "https://api.github.com/repos/php-fig/http-server-middleware/zipball/c1481f747daaa6a0782775cd6a8c26a1bf4a3829",
"reference": "c1481f747daaa6a0782775cd6a8c26a1bf4a3829",
"shasum": ""
},
"require": {
"php": ">=7.0",
"psr/http-message": "^1.0",
"psr/http-message": "^1.0 || ^2.0",
"psr/http-server-handler": "^1.0"
},
"type": "library",
@ -1948,7 +1889,7 @@
"authors": [
{
"name": "PHP-FIG",
"homepage": "http://www.php-fig.org/"
"homepage": "https://www.php-fig.org/"
}
],
"description": "Common interface for HTTP server-side middleware",
@ -1964,9 +1905,9 @@
],
"support": {
"issues": "https://github.com/php-fig/http-server-middleware/issues",
"source": "https://github.com/php-fig/http-server-middleware/tree/master"
"source": "https://github.com/php-fig/http-server-middleware/tree/1.0.2"
},
"time": "2018-10-30T17:12:04+00:00"
"time": "2023-04-11T06:14:47+00:00"
},
{
"name": "psr/log",
@ -2160,16 +2101,16 @@
},
{
"name": "rockettheme/toolbox",
"version": "1.6.3",
"version": "1.6.5",
"source": {
"type": "git",
"url": "https://github.com/rockettheme/toolbox.git",
"reference": "8c751e96269aee4b42bf10c8d39f2121b7b7859c"
"reference": "c5e84deac813da7fcb78cd8a663c8966da9b27bd"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/rockettheme/toolbox/zipball/8c751e96269aee4b42bf10c8d39f2121b7b7859c",
"reference": "8c751e96269aee4b42bf10c8d39f2121b7b7859c",
"url": "https://api.github.com/repos/rockettheme/toolbox/zipball/c5e84deac813da7fcb78cd8a663c8966da9b27bd",
"reference": "c5e84deac813da7fcb78cd8a663c8966da9b27bd",
"shasum": ""
},
"require": {
@ -2208,9 +2149,9 @@
],
"support": {
"issues": "https://github.com/rockettheme/toolbox/issues",
"source": "https://github.com/rockettheme/toolbox/tree/1.6.3"
"source": "https://github.com/rockettheme/toolbox/tree/1.6.5"
},
"time": "2023-02-19T19:28:53+00:00"
"time": "2023-05-09T18:11:17+00:00"
},
{
"name": "seld/cli-prompt",
@ -4063,22 +4004,22 @@
},
{
"name": "guzzlehttp/guzzle",
"version": "7.5.0",
"version": "7.5.1",
"source": {
"type": "git",
"url": "https://github.com/guzzle/guzzle.git",
"reference": "b50a2a1251152e43f6a37f0fa053e730a67d25ba"
"reference": "b964ca597e86b752cd994f27293e9fa6b6a95ed9"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/guzzle/guzzle/zipball/b50a2a1251152e43f6a37f0fa053e730a67d25ba",
"reference": "b50a2a1251152e43f6a37f0fa053e730a67d25ba",
"url": "https://api.github.com/repos/guzzle/guzzle/zipball/b964ca597e86b752cd994f27293e9fa6b6a95ed9",
"reference": "b964ca597e86b752cd994f27293e9fa6b6a95ed9",
"shasum": ""
},
"require": {
"ext-json": "*",
"guzzlehttp/promises": "^1.5",
"guzzlehttp/psr7": "^1.9 || ^2.4",
"guzzlehttp/psr7": "^1.9.1 || ^2.4.5",
"php": "^7.2.5 || ^8.0",
"psr/http-client": "^1.0",
"symfony/deprecation-contracts": "^2.2 || ^3.0"
@ -4171,7 +4112,7 @@
],
"support": {
"issues": "https://github.com/guzzle/guzzle/issues",
"source": "https://github.com/guzzle/guzzle/tree/7.5.0"
"source": "https://github.com/guzzle/guzzle/tree/7.5.1"
},
"funding": [
{
@ -4187,7 +4128,7 @@
"type": "tidelift"
}
],
"time": "2022-08-28T15:39:27+00:00"
"time": "2023-04-17T16:30:08+00:00"
},
{
"name": "guzzlehttp/promises",
@ -4275,16 +4216,16 @@
},
{
"name": "myclabs/deep-copy",
"version": "1.11.0",
"version": "1.11.1",
"source": {
"type": "git",
"url": "https://github.com/myclabs/DeepCopy.git",
"reference": "14daed4296fae74d9e3201d2c4925d1acb7aa614"
"reference": "7284c22080590fb39f2ffa3e9057f10a4ddd0e0c"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/myclabs/DeepCopy/zipball/14daed4296fae74d9e3201d2c4925d1acb7aa614",
"reference": "14daed4296fae74d9e3201d2c4925d1acb7aa614",
"url": "https://api.github.com/repos/myclabs/DeepCopy/zipball/7284c22080590fb39f2ffa3e9057f10a4ddd0e0c",
"reference": "7284c22080590fb39f2ffa3e9057f10a4ddd0e0c",
"shasum": ""
},
"require": {
@ -4322,7 +4263,7 @@
],
"support": {
"issues": "https://github.com/myclabs/DeepCopy/issues",
"source": "https://github.com/myclabs/DeepCopy/tree/1.11.0"
"source": "https://github.com/myclabs/DeepCopy/tree/1.11.1"
},
"funding": [
{
@ -4330,20 +4271,20 @@
"type": "tidelift"
}
],
"time": "2022-03-03T13:19:32+00:00"
"time": "2023-03-08T13:26:56+00:00"
},
{
"name": "nikic/php-parser",
"version": "v4.15.3",
"version": "v4.15.4",
"source": {
"type": "git",
"url": "https://github.com/nikic/PHP-Parser.git",
"reference": "570e980a201d8ed0236b0a62ddf2c9cbb2034039"
"reference": "6bb5176bc4af8bcb7d926f88718db9b96a2d4290"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/nikic/PHP-Parser/zipball/570e980a201d8ed0236b0a62ddf2c9cbb2034039",
"reference": "570e980a201d8ed0236b0a62ddf2c9cbb2034039",
"url": "https://api.github.com/repos/nikic/PHP-Parser/zipball/6bb5176bc4af8bcb7d926f88718db9b96a2d4290",
"reference": "6bb5176bc4af8bcb7d926f88718db9b96a2d4290",
"shasum": ""
},
"require": {
@ -4384,9 +4325,9 @@
],
"support": {
"issues": "https://github.com/nikic/PHP-Parser/issues",
"source": "https://github.com/nikic/PHP-Parser/tree/v4.15.3"
"source": "https://github.com/nikic/PHP-Parser/tree/v4.15.4"
},
"time": "2023-01-16T22:05:37+00:00"
"time": "2023-03-05T19:49:14+00:00"
},
{
"name": "phar-io/manifest",
@ -4501,16 +4442,16 @@
},
{
"name": "phpstan/phpstan",
"version": "1.9.18",
"version": "1.10.15",
"source": {
"type": "git",
"url": "https://github.com/phpstan/phpstan.git",
"reference": "f2d5cf71be91172a57c649770b73c20ebcffb0bf"
"reference": "762c4dac4da6f8756eebb80e528c3a47855da9bd"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/phpstan/phpstan/zipball/f2d5cf71be91172a57c649770b73c20ebcffb0bf",
"reference": "f2d5cf71be91172a57c649770b73c20ebcffb0bf",
"url": "https://api.github.com/repos/phpstan/phpstan/zipball/762c4dac4da6f8756eebb80e528c3a47855da9bd",
"reference": "762c4dac4da6f8756eebb80e528c3a47855da9bd",
"shasum": ""
},
"require": {
@ -4539,8 +4480,11 @@
"static analysis"
],
"support": {
"docs": "https://phpstan.org/user-guide/getting-started",
"forum": "https://github.com/phpstan/phpstan/discussions",
"issues": "https://github.com/phpstan/phpstan/issues",
"source": "https://github.com/phpstan/phpstan/tree/1.9.18"
"security": "https://github.com/phpstan/phpstan/security/policy",
"source": "https://github.com/phpstan/phpstan-src"
},
"funding": [
{
@ -4556,25 +4500,25 @@
"type": "tidelift"
}
],
"time": "2023-02-17T15:01:27+00:00"
"time": "2023-05-09T15:28:01+00:00"
},
{
"name": "phpstan/phpstan-deprecation-rules",
"version": "1.1.1",
"version": "1.1.3",
"source": {
"type": "git",
"url": "https://github.com/phpstan/phpstan-deprecation-rules.git",
"reference": "2c6792eda026d9c474c14aa018aed312686714db"
"reference": "a22b36b955a2e9a3d39fe533b6c1bb5359f9c319"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/phpstan/phpstan-deprecation-rules/zipball/2c6792eda026d9c474c14aa018aed312686714db",
"reference": "2c6792eda026d9c474c14aa018aed312686714db",
"url": "https://api.github.com/repos/phpstan/phpstan-deprecation-rules/zipball/a22b36b955a2e9a3d39fe533b6c1bb5359f9c319",
"reference": "a22b36b955a2e9a3d39fe533b6c1bb5359f9c319",
"shasum": ""
},
"require": {
"php": "^7.2 || ^8.0",
"phpstan/phpstan": "^1.9.3"
"phpstan/phpstan": "^1.10"
},
"require-dev": {
"php-parallel-lint/php-parallel-lint": "^1.2",
@ -4602,29 +4546,29 @@
"description": "PHPStan rules for detecting usage of deprecated classes, methods, properties, constants and traits.",
"support": {
"issues": "https://github.com/phpstan/phpstan-deprecation-rules/issues",
"source": "https://github.com/phpstan/phpstan-deprecation-rules/tree/1.1.1"
"source": "https://github.com/phpstan/phpstan-deprecation-rules/tree/1.1.3"
},
"time": "2022-12-13T14:26:20+00:00"
"time": "2023-03-17T07:50:08+00:00"
},
{
"name": "phpunit/php-code-coverage",
"version": "9.2.24",
"version": "9.2.26",
"source": {
"type": "git",
"url": "https://github.com/sebastianbergmann/php-code-coverage.git",
"reference": "2cf940ebc6355a9d430462811b5aaa308b174bed"
"reference": "443bc6912c9bd5b409254a40f4b0f4ced7c80ea1"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/sebastianbergmann/php-code-coverage/zipball/2cf940ebc6355a9d430462811b5aaa308b174bed",
"reference": "2cf940ebc6355a9d430462811b5aaa308b174bed",
"url": "https://api.github.com/repos/sebastianbergmann/php-code-coverage/zipball/443bc6912c9bd5b409254a40f4b0f4ced7c80ea1",
"reference": "443bc6912c9bd5b409254a40f4b0f4ced7c80ea1",
"shasum": ""
},
"require": {
"ext-dom": "*",
"ext-libxml": "*",
"ext-xmlwriter": "*",
"nikic/php-parser": "^4.14",
"nikic/php-parser": "^4.15",
"php": ">=7.3",
"phpunit/php-file-iterator": "^3.0.3",
"phpunit/php-text-template": "^2.0.2",
@ -4639,8 +4583,8 @@
"phpunit/phpunit": "^9.3"
},
"suggest": {
"ext-pcov": "*",
"ext-xdebug": "*"
"ext-pcov": "PHP extension that provides line coverage",
"ext-xdebug": "PHP extension that provides line coverage as well as branch and path coverage"
},
"type": "library",
"extra": {
@ -4673,7 +4617,7 @@
],
"support": {
"issues": "https://github.com/sebastianbergmann/php-code-coverage/issues",
"source": "https://github.com/sebastianbergmann/php-code-coverage/tree/9.2.24"
"source": "https://github.com/sebastianbergmann/php-code-coverage/tree/9.2.26"
},
"funding": [
{
@ -4681,7 +4625,7 @@
"type": "github"
}
],
"time": "2023-01-26T08:26:55+00:00"
"time": "2023-03-06T12:58:08+00:00"
},
{
"name": "phpunit/php-file-iterator",
@ -4926,16 +4870,16 @@
},
{
"name": "phpunit/phpunit",
"version": "9.6.3",
"version": "9.6.7",
"source": {
"type": "git",
"url": "https://github.com/sebastianbergmann/phpunit.git",
"reference": "e7b1615e3e887d6c719121c6d4a44b0ab9645555"
"reference": "c993f0d3b0489ffc42ee2fe0bd645af1538a63b2"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/sebastianbergmann/phpunit/zipball/e7b1615e3e887d6c719121c6d4a44b0ab9645555",
"reference": "e7b1615e3e887d6c719121c6d4a44b0ab9645555",
"url": "https://api.github.com/repos/sebastianbergmann/phpunit/zipball/c993f0d3b0489ffc42ee2fe0bd645af1538a63b2",
"reference": "c993f0d3b0489ffc42ee2fe0bd645af1538a63b2",
"shasum": ""
},
"require": {
@ -4968,8 +4912,8 @@
"sebastian/version": "^3.0.2"
},
"suggest": {
"ext-soap": "*",
"ext-xdebug": "*"
"ext-soap": "To be able to generate mocks based on WSDL files",
"ext-xdebug": "PHP extension that provides line coverage as well as branch and path coverage"
},
"bin": [
"phpunit"
@ -5008,7 +4952,8 @@
],
"support": {
"issues": "https://github.com/sebastianbergmann/phpunit/issues",
"source": "https://github.com/sebastianbergmann/phpunit/tree/9.6.3"
"security": "https://github.com/sebastianbergmann/phpunit/security/policy",
"source": "https://github.com/sebastianbergmann/phpunit/tree/9.6.7"
},
"funding": [
{
@ -5024,25 +4969,25 @@
"type": "tidelift"
}
],
"time": "2023-02-04T13:37:15+00:00"
"time": "2023-04-14T08:58:40+00:00"
},
{
"name": "psr/http-client",
"version": "1.0.1",
"version": "1.0.2",
"source": {
"type": "git",
"url": "https://github.com/php-fig/http-client.git",
"reference": "2dfb5f6c5eff0e91e20e913f8c5452ed95b86621"
"reference": "0955afe48220520692d2d09f7ab7e0f93ffd6a31"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/php-fig/http-client/zipball/2dfb5f6c5eff0e91e20e913f8c5452ed95b86621",
"reference": "2dfb5f6c5eff0e91e20e913f8c5452ed95b86621",
"url": "https://api.github.com/repos/php-fig/http-client/zipball/0955afe48220520692d2d09f7ab7e0f93ffd6a31",
"reference": "0955afe48220520692d2d09f7ab7e0f93ffd6a31",
"shasum": ""
},
"require": {
"php": "^7.0 || ^8.0",
"psr/http-message": "^1.0"
"psr/http-message": "^1.0 || ^2.0"
},
"type": "library",
"extra": {
@ -5062,7 +5007,7 @@
"authors": [
{
"name": "PHP-FIG",
"homepage": "http://www.php-fig.org/"
"homepage": "https://www.php-fig.org/"
}
],
"description": "Common interface for HTTP clients",
@ -5074,9 +5019,9 @@
"psr-18"
],
"support": {
"source": "https://github.com/php-fig/http-client/tree/master"
"source": "https://github.com/php-fig/http-client/tree/1.0.2"
},
"time": "2020-06-29T06:28:15+00:00"
"time": "2023-04-10T20:12:12+00:00"
},
{
"name": "sebastian/cli-parser",
@ -5378,16 +5323,16 @@
},
{
"name": "sebastian/diff",
"version": "4.0.4",
"version": "4.0.5",
"source": {
"type": "git",
"url": "https://github.com/sebastianbergmann/diff.git",
"reference": "3461e3fccc7cfdfc2720be910d3bd73c69be590d"
"reference": "74be17022044ebaaecfdf0c5cd504fc9cd5a7131"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/sebastianbergmann/diff/zipball/3461e3fccc7cfdfc2720be910d3bd73c69be590d",
"reference": "3461e3fccc7cfdfc2720be910d3bd73c69be590d",
"url": "https://api.github.com/repos/sebastianbergmann/diff/zipball/74be17022044ebaaecfdf0c5cd504fc9cd5a7131",
"reference": "74be17022044ebaaecfdf0c5cd504fc9cd5a7131",
"shasum": ""
},
"require": {
@ -5432,7 +5377,7 @@
],
"support": {
"issues": "https://github.com/sebastianbergmann/diff/issues",
"source": "https://github.com/sebastianbergmann/diff/tree/4.0.4"
"source": "https://github.com/sebastianbergmann/diff/tree/4.0.5"
},
"funding": [
{
@ -5440,7 +5385,7 @@
"type": "github"
}
],
"time": "2020-10-26T13:10:38+00:00"
"time": "2023-05-07T05:35:17+00:00"
},
{
"name": "sebastian/environment",
@ -6044,16 +5989,16 @@
},
{
"name": "symfony/browser-kit",
"version": "v5.4.19",
"version": "v5.4.21",
"source": {
"type": "git",
"url": "https://github.com/symfony/browser-kit.git",
"reference": "572b9e03741051b97c316f65f8c361eed08fdb14"
"reference": "a866ca7e396f15d7efb6d74a8a7d364d4e05b704"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/browser-kit/zipball/572b9e03741051b97c316f65f8c361eed08fdb14",
"reference": "572b9e03741051b97c316f65f8c361eed08fdb14",
"url": "https://api.github.com/repos/symfony/browser-kit/zipball/a866ca7e396f15d7efb6d74a8a7d364d4e05b704",
"reference": "a866ca7e396f15d7efb6d74a8a7d364d4e05b704",
"shasum": ""
},
"require": {
@ -6096,7 +6041,7 @@
"description": "Simulates the behavior of a web browser, allowing you to make requests, click on links and submit forms programmatically",
"homepage": "https://symfony.com",
"support": {
"source": "https://github.com/symfony/browser-kit/tree/v5.4.19"
"source": "https://github.com/symfony/browser-kit/tree/v5.4.21"
},
"funding": [
{
@ -6112,20 +6057,20 @@
"type": "tidelift"
}
],
"time": "2023-01-01T08:32:19+00:00"
"time": "2023-02-14T08:03:56+00:00"
},
{
"name": "symfony/css-selector",
"version": "v5.4.19",
"version": "v5.4.21",
"source": {
"type": "git",
"url": "https://github.com/symfony/css-selector.git",
"reference": "f4a7d150f5b9e8f974f6f127d8167e420d11fc62"
"reference": "95f3c7468db1da8cc360b24fa2a26e7cefcb355d"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/css-selector/zipball/f4a7d150f5b9e8f974f6f127d8167e420d11fc62",
"reference": "f4a7d150f5b9e8f974f6f127d8167e420d11fc62",
"url": "https://api.github.com/repos/symfony/css-selector/zipball/95f3c7468db1da8cc360b24fa2a26e7cefcb355d",
"reference": "95f3c7468db1da8cc360b24fa2a26e7cefcb355d",
"shasum": ""
},
"require": {
@ -6162,7 +6107,7 @@
"description": "Converts CSS selectors to XPath expressions",
"homepage": "https://symfony.com",
"support": {
"source": "https://github.com/symfony/css-selector/tree/v5.4.19"
"source": "https://github.com/symfony/css-selector/tree/v5.4.21"
},
"funding": [
{
@ -6178,7 +6123,7 @@
"type": "tidelift"
}
],
"time": "2023-01-01T08:32:19+00:00"
"time": "2023-02-14T08:03:56+00:00"
},
{
"name": "symfony/deprecation-contracts",
@ -6249,16 +6194,16 @@
},
{
"name": "symfony/dom-crawler",
"version": "v5.4.19",
"version": "v5.4.23",
"source": {
"type": "git",
"url": "https://github.com/symfony/dom-crawler.git",
"reference": "224a1820e7669babdd85970230ed72bd6e342ad4"
"reference": "4a286c916b74ecfb6e2caf1aa31d3fe2a34b7e08"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/dom-crawler/zipball/224a1820e7669babdd85970230ed72bd6e342ad4",
"reference": "224a1820e7669babdd85970230ed72bd6e342ad4",
"url": "https://api.github.com/repos/symfony/dom-crawler/zipball/4a286c916b74ecfb6e2caf1aa31d3fe2a34b7e08",
"reference": "4a286c916b74ecfb6e2caf1aa31d3fe2a34b7e08",
"shasum": ""
},
"require": {
@ -6304,7 +6249,7 @@
"description": "Eases DOM navigation for HTML and XML documents",
"homepage": "https://symfony.com",
"support": {
"source": "https://github.com/symfony/dom-crawler/tree/v5.4.19"
"source": "https://github.com/symfony/dom-crawler/tree/v5.4.23"
},
"funding": [
{
@ -6320,20 +6265,20 @@
"type": "tidelift"
}
],
"time": "2023-01-14T19:14:44+00:00"
"time": "2023-04-08T21:20:19+00:00"
},
{
"name": "symfony/finder",
"version": "v5.4.19",
"version": "v5.4.21",
"source": {
"type": "git",
"url": "https://github.com/symfony/finder.git",
"reference": "6071aebf810ad13fe8200c224f36103abb37cf1f"
"reference": "078e9a5e1871fcfe6a5ce421b539344c21afef19"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/finder/zipball/6071aebf810ad13fe8200c224f36103abb37cf1f",
"reference": "6071aebf810ad13fe8200c224f36103abb37cf1f",
"url": "https://api.github.com/repos/symfony/finder/zipball/078e9a5e1871fcfe6a5ce421b539344c21afef19",
"reference": "078e9a5e1871fcfe6a5ce421b539344c21afef19",
"shasum": ""
},
"require": {
@ -6367,7 +6312,7 @@
"description": "Finds files and directories via an intuitive fluent interface",
"homepage": "https://symfony.com",
"support": {
"source": "https://github.com/symfony/finder/tree/v5.4.19"
"source": "https://github.com/symfony/finder/tree/v5.4.21"
},
"funding": [
{
@ -6383,7 +6328,7 @@
"type": "tidelift"
}
],
"time": "2023-01-14T19:14:44+00:00"
"time": "2023-02-16T09:33:00+00:00"
},
{
"name": "theseer/tokenizer",

2
system/blueprints/user/account.yaml
View File

@ -140,7 +140,7 @@ form:
multiple: true
size: large
label: PLUGIN_ADMIN.GROUPS
data-options@: '\Grav\Common\User\Group::groupNames'
data-options@: 'Grav\Common\Flex\Types\UserGroups\UserGroupObject::groupNames'
classes: fancy
help: PLUGIN_ADMIN.GROUPS_HELP
validate:

5
system/defines.php
View File

@ -9,7 +9,7 @@
// Some standard defines
define('GRAV', true);
define('GRAV_VERSION', '1.7.40');
define('GRAV_VERSION', '1.7.41');
define('GRAV_SCHEMA', '1.7.0_2020-11-20_1');
define('GRAV_TESTING', false);
@ -99,3 +99,6 @@ define('RAW_CONTENT', 1);
define('TWIG_CONTENT', 2);
define('TWIG_CONTENT_LIST', 3);
define('TWIG_TEMPLATES', 4);
// Filters
define('GRAV_SANITIZE_STRING', 5001);

2
system/src/Grav/Common/Errors/SimplePageHandler.php
View File

@ -57,7 +57,7 @@ class SimplePageHandler extends Handler
$vars = array(
'stylesheet' => file_get_contents($cssFile),
'code' => $code,
'message' => filter_var(rawurldecode($message), FILTER_SANITIZE_STRING),
'message' => htmlspecialchars(strip_tags(rawurldecode($message)), ENT_QUOTES, 'UTF-8'),
);
$helper->setVariables($vars);

13
system/src/Grav/Common/Flex/Types/UserGroups/UserGroupObject.php
View File

@ -12,6 +12,7 @@ declare(strict_types=1);
namespace Grav\Common\Flex\Types\UserGroups;
use Grav\Common\Flex\FlexObject;
use Grav\Common\Grav;
use Grav\Common\User\Access;
use Grav\Common\User\Interfaces\UserGroupInterface;
use function is_bool;
@ -74,6 +75,18 @@ class UserGroupObject extends FlexObject implements UserGroupInterface
return $access->authorize('admin.super') ? true : null;
}
public static function groupNames(): array
{
$groups = [];
$user_groups = Grav::instance()['user_groups'];
foreach ($user_groups as $key => $group) {
$groups[$key] = $group->readableName;
}
return $groups;
}
/**
* @return Access
*/

2
system/src/Grav/Common/Helpers/Truncator.php
View File

@ -144,7 +144,7 @@ class Truncator
}
// Transform multibyte entities which otherwise display incorrectly.
$html = mb_convert_encoding($html, 'HTML-ENTITIES', 'UTF-8');
$html = htmlspecialchars_decode(iconv('UTF-8', 'ISO-8859-1', htmlentities($html, ENT_COMPAT, 'UTF-8')), ENT_QUOTES);
// Internal errors enabled as HTML5 not fully supported.
libxml_use_internal_errors(true);

1
system/src/Grav/Common/Markdown/Parsedown.php
View File

@ -18,6 +18,7 @@ use Grav\Common\Page\Markdown\Excerpts;
*/
class Parsedown extends \Parsedown
{
use ParsedownGravTrait;
/**

18
system/src/Grav/Common/Markdown/ParsedownGravTrait.php
View File

@ -25,6 +25,7 @@ trait ParsedownGravTrait
public $completable_blocks = [];
/** @var array */
public $continuable_blocks = [];
public $plugins = [];
/** @var Excerpts */
protected $excerpts;
@ -292,7 +293,12 @@ trait ParsedownGravTrait
#[\ReturnTypeWillChange]
public function __call($method, $args)
{
if (isset($this->{$method}) === true) {
if (isset($this->plugins[$method]) === true) {
$func = $this->plugins[$method];
return call_user_func_array($func, $args);
} elseif (isset($this->{$method}) === true) {
$func = $this->{$method};
return call_user_func_array($func, $args);
@ -300,4 +306,14 @@ trait ParsedownGravTrait
return null;
}
public function __set($name, $value)
{
if (is_callable($value)) {
$this->plugins[$name] = $value;
}
}
}

18
system/src/Grav/Common/Page/Medium/ImageMedium.php
View File

@ -62,8 +62,8 @@ class ImageMedium extends Medium implements ImageMediaInterface, ImageManipulate
if (!($this->offsetExists('width') && $this->offsetExists('height') && $this->offsetExists('mime'))) {
$image_info = getimagesize($path);
if ($image_info) {
$this->def('width', $image_info[0]);
$this->def('height', $image_info[1]);
$this->def('width', (int) $image_info[0]);
$this->def('height', (int) $image_info[1]);
$this->def('mime', $image_info['mime']);
}
}
@ -299,7 +299,7 @@ class ImageMedium extends Medium implements ImageMediaInterface, ImageManipulate
}
if ($width && $height) {
$this->__call('cropResize', [$width, $height]);
$this->__call('cropResize', [(int) $width, (int) $height]);
}
return parent::lightbox($width, $height, $reset);
@ -361,8 +361,8 @@ class ImageMedium extends Medium implements ImageMediaInterface, ImageManipulate
// Scaling operations
$scale = ($scale ?? $config->get('system.images.watermark.scale', 100)) / 100;
$wwidth = (int)$this->get('width') * $scale;
$wheight = (int)$this->get('height') * $scale;
$wwidth = (int) ($this->get('width') * $scale);
$wheight = (int) ($this->get('height') * $scale);
$watermark->resize($wwidth, $wheight);
// Position operations
@ -392,11 +392,11 @@ class ImageMedium extends Medium implements ImageMediaInterface, ImageManipulate
break;
case 'right':
$positionX = (int)$this->get('width')-$wwidth;
$positionX = (int) ($this->get('width')-$wwidth);
break;
case 'center':
$positionX = ((int)$this->get('width')/2) - ($wwidth/2);
$positionX = (int) (($this->get('width')/2) - ($wwidth/2));
break;
}
@ -431,8 +431,8 @@ class ImageMedium extends Medium implements ImageMediaInterface, ImageManipulate
return $this;
}
$dst_width = $image->width()+2*$border;
$dst_height = $image->height()+2*$border;
$dst_width = (int) ($image->width()+2*$border);
$dst_height = (int) ($image->height()+2*$border);
$frame = ImageFile::create($dst_width, $dst_height);

11
system/src/Grav/Common/Page/Page.php
View File

@ -1270,9 +1270,14 @@ class Page implements PageInterface
*/
public function blueprintName()
{
$blueprint_name = filter_input(INPUT_POST, 'blueprint', FILTER_SANITIZE_STRING) ?: $this->template();
if (!isset($_POST['blueprint'])) {
return $this->template();
}
return $blueprint_name;
$post_value = $_POST['blueprint'];
$sanitized_value = htmlspecialchars(strip_tags($post_value), ENT_QUOTES, 'UTF-8');
return $sanitized_value ?: $this->template();
}
/**
@ -1802,7 +1807,7 @@ class Page implements PageInterface
}
if (empty($this->slug)) {
$this->slug = $this->adjustRouteCase(preg_replace(PAGE_ORDER_PREFIX_REGEX, '', $this->folder)) ?: null;
$this->slug = $this->adjustRouteCase(preg_replace(PAGE_ORDER_PREFIX_REGEX, '', (string) $this->folder)) ?: null;
}
return $this->slug;

4
system/src/Grav/Common/Service/TaskServiceProvider.php
View File

@ -33,7 +33,7 @@ class TaskServiceProvider implements ServiceProviderInterface
$task = $body['task'] ?? $c['uri']->param('task');
if (null !== $task) {
$task = filter_var($task, FILTER_SANITIZE_STRING);
$task = htmlspecialchars(strip_tags($task), ENT_QUOTES, 'UTF-8');
}
return $task ?: null;
@ -46,7 +46,7 @@ class TaskServiceProvider implements ServiceProviderInterface
$action = $body['action'] ?? $c['uri']->param('action');
if (null !== $action) {
$action = filter_var($action, FILTER_SANITIZE_STRING);
$action = htmlspecialchars(strip_tags($action), ENT_QUOTES, 'UTF-8');
}
return $action ?: null;

8
system/src/Grav/Common/Session.php
View File

@ -122,10 +122,10 @@ class Session extends \Grav\Framework\Session\Session
// Make sure that Forms 3.0+ has been installed.
if (null === $object && isset($grav['forms'])) {
user_error(
__CLASS__ . '::' . __FUNCTION__ . '(\'files-upload\') is deprecated since Grav 1.6, use $form->getFlash()->getLegacyFiles() instead',
E_USER_DEPRECATED
);
// user_error(
// __CLASS__ . '::' . __FUNCTION__ . '(\'files-upload\') is deprecated since Grav 1.6, use $form->getFlash()->getLegacyFiles() instead',
// E_USER_DEPRECATED
// );
/** @var Uri $uri */
$uri = $grav['uri'];

16
system/src/Grav/Common/Twig/Extension/GravExtension.php
View File

@ -247,6 +247,7 @@ class GravExtension extends AbstractExtension implements GlobalsInterface
new TwigFunction('is_object', 'is_object'),
new TwigFunction('count', 'count'),
new TwigFunction('array_diff', 'array_diff'),
new TwigFunction('parse_url', 'parse_url'),
];
}
@ -468,7 +469,7 @@ class GravExtension extends AbstractExtension implements GlobalsInterface
*/
public function base64EncodeFilter($str)
{
return base64_encode($str);
return base64_encode((string) $str);
}
/**
@ -949,7 +950,7 @@ class GravExtension extends AbstractExtension implements GlobalsInterface
*/
public function repeatFunc($input, $multiplier)
{
return str_repeat($input, $multiplier);
return str_repeat($input, (int) $multiplier);
}
/**
@ -1203,6 +1204,9 @@ class GravExtension extends AbstractExtension implements GlobalsInterface
*/
public function jsonDecodeFilter($str, $assoc = false, $depth = 512, $options = 0)
{
if ($str === null) {
$str = '';
}
return json_decode(html_entity_decode($str, ENT_COMPAT | ENT_HTML401, 'UTF-8'), $assoc, $depth, $options);
}
@ -1214,7 +1218,13 @@ class GravExtension extends AbstractExtension implements GlobalsInterface
*/
public function getCookie($key)
{
return filter_input(INPUT_COOKIE, $key, FILTER_SANITIZE_STRING);
$cookie_value = filter_input(INPUT_COOKIE, $key);
if ($cookie_value === null) {
return null;
}
return htmlspecialchars(strip_tags($cookie_value), ENT_QUOTES, 'UTF-8');
}
/**

9
system/src/Grav/Common/Twig/Twig.php
View File

@ -57,6 +57,15 @@ class Twig
/** @var string */
public $template;
/** @var array */
public $plugins_hooked_nav = [];
/** @var array */
public $plugins_quick_tray = [];
/** @var array */
public $plugins_hooked_dashboard_widgets_top = [];
/** @var array */
public $plugins_hooked_dashboard_widgets_main = [];
/** @var Grav */
protected $grav;
/** @var FilesystemLoader */

10
system/src/Grav/Common/Uri.php
View File

@ -1005,7 +1005,7 @@ class Uri
foreach ($matches as $match) {
$param = explode($delimiter, $match[1]);
if (count($param) === 2) {
$plain_var = filter_var(rawurldecode($param[1]), FILTER_SANITIZE_STRING);
$plain_var = htmlspecialchars(strip_tags(rawurldecode($param[1])), ENT_QUOTES, 'UTF-8');
$params[$param[0]] = $plain_var;
$uri = str_replace($match[0], '', $uri);
}
@ -1388,7 +1388,11 @@ class Uri
if ($this->post && null !== $element) {
$item = Utils::getDotNotation($this->post, $element);
if ($filter_type) {
$item = filter_var($item, $filter_type);
if ($filter_type === FILTER_SANITIZE_STRING || $filter_type === GRAV_SANITIZE_STRING) {
$item = htmlspecialchars(strip_tags($item), ENT_QUOTES, 'UTF-8');
} else {
$item = filter_var($item, $filter_type);
}
}
return $item;
}
@ -1514,7 +1518,7 @@ class Uri
foreach ($matches as $match) {
$param = explode($delimiter, $match[1]);
if (count($param) === 2) {
$plain_var = filter_var($param[1], FILTER_SANITIZE_STRING);
$plain_var = htmlspecialchars(strip_tags($param[1]), ENT_QUOTES, 'UTF-8');
$this->params[$param[0]] = $plain_var;
$uri = str_replace($match[0], '', $uri);
}

12
system/src/Grav/Common/Utils.php
View File

@ -201,7 +201,7 @@ abstract class Utils
$compare_func = $case_sensitive ? 'mb_strpos' : 'mb_stripos';
foreach ((array)$needle as $each_needle) {
$status = $each_needle === '' || $compare_func($haystack, $each_needle) === 0;
$status = $each_needle === '' || $compare_func((string) $haystack, $each_needle) === 0;
if ($status) {
break;
}
@ -225,8 +225,8 @@ abstract class Utils
$compare_func = $case_sensitive ? 'mb_strrpos' : 'mb_strripos';
foreach ((array)$needle as $each_needle) {
$expectedPosition = mb_strlen($haystack) - mb_strlen($each_needle);
$status = $each_needle === '' || $compare_func($haystack, $each_needle, 0) === $expectedPosition;
$expectedPosition = mb_strlen((string) $haystack) - mb_strlen($each_needle);
$status = $each_needle === '' || $compare_func((string) $haystack, $each_needle, 0) === $expectedPosition;
if ($status) {
break;
}
@ -250,7 +250,7 @@ abstract class Utils
$compare_func = $case_sensitive ? 'mb_strpos' : 'mb_stripos';
foreach ((array)$needle as $each_needle) {
$status = $each_needle === '' || $compare_func($haystack, $each_needle) !== false;
$status = $each_needle === '' || $compare_func((string) $haystack, $each_needle) !== false;
if ($status) {
break;
}
@ -1874,9 +1874,9 @@ abstract class Utils
}
if ($block) {
$string = $parsedown->text($string);
$string = $parsedown->text((string) $string);
} else {
$string = $parsedown->line($string);
$string = $parsedown->line((string) $string);
}
return $string;

2
system/src/Grav/Framework/Acl/RecursiveActionIterator.php
View File

@ -23,6 +23,8 @@ class RecursiveActionIterator implements RecursiveIterator, \Countable
{
use Constructor, Iterator, Countable;
public $items;
/**
* @see \Iterator::key()
* @return string

9
system/src/Grav/Framework/Flex/Pages/Traits/PageLegacyTrait.php
View File

@ -366,9 +366,14 @@ trait PageLegacyTrait
*/
public function blueprintName(): string
{
$blueprint_name = filter_input(INPUT_POST, 'blueprint', FILTER_SANITIZE_STRING) ?: $this->template();
if (!isset($_POST['blueprint'])) {
return $this->template();
}
return $blueprint_name;
$post_value = $_POST['blueprint'];
$sanitized_value = htmlspecialchars(strip_tags($post_value), ENT_QUOTES, 'UTF-8');
return $sanitized_value ?: $this->template();
}
/**

2
system/src/Grav/Framework/Object/Access/NestedPropertyTrait.php
View File

@ -42,7 +42,7 @@ trait NestedPropertyTrait
public function getNestedProperty($property, $default = null, $separator = null)
{
$separator = $separator ?: '.';
$path = explode($separator, $property);
$path = explode($separator, (string) $property);
$offset = array_shift($path);
if (!$this->hasProperty($offset)) {

2
system/src/Grav/Framework/Uri/UriFactory.php
View File

@ -93,7 +93,7 @@ class UriFactory
}
// Support ngnix routes.
if (strpos($query, '_url=') === 0) {
if (strpos((string) $query, '_url=') === 0) {
parse_str($query, $q);
unset($q['_url']);
$query = http_build_query($q);

27
system/src/Twig/DeferredExtension/DeferredDeclareNode.php Normal file
View File

@ -0,0 +1,27 @@
<?php
/**
* This file is part of the rybakit/twig-deferred-extension package.
*
* (c) Eugene Leonovich <gen.work@gmail.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
declare(strict_types=1);
namespace Twig\DeferredExtension;
use Twig\Compiler;
use Twig\Node\Node;
final class DeferredDeclareNode extends Node
{
public function compile(Compiler $compiler) : void
{
$compiler
->write("private \$deferred;\n")
;
}
}

2
system/src/Twig/DeferredExtension/DeferredExtensionNode.php → system/src/Twig/DeferredExtension/DeferredInitializeNode.php
View File

@ -16,7 +16,7 @@ namespace Twig\DeferredExtension;
use Twig\Compiler;
use Twig\Node\Node;
final class DeferredExtensionNode extends Node
final class DeferredInitializeNode extends Node
{
public function compile(Compiler $compiler) : void
{

5
system/src/Twig/DeferredExtension/DeferredNodeVisitor.php
View File

@ -34,8 +34,9 @@ final class DeferredNodeVisitor implements NodeVisitorInterface
public function leaveNode(Node $node, Environment $env) : ?Node
{
if ($this->hasDeferred && $node instanceof ModuleNode) {
$node->setNode('constructor_end', new Node([new DeferredExtensionNode(), $node->getNode('constructor_end')]));
$node->setNode('display_end', new Node([new DeferredNode(), $node->getNode('display_end')]));
$node->getNode('constructor_end')->setNode('deferred_initialize', new DeferredInitializeNode());
$node->getNode('display_end')->setNode('deferred_resolve', new DeferredResolveNode());
$node->getNode('class_end')->setNode('deferred_declare', new DeferredDeclareNode());
$this->hasDeferred = false;
}

5
system/src/Twig/DeferredExtension/DeferredNodeVisitorCompat.php
View File

@ -46,8 +46,9 @@ final class DeferredNodeVisitorCompat implements NodeVisitorInterface
public function leaveNode(\Twig_NodeInterface $node, Environment $env): ?Node
{
if ($this->hasDeferred && $node instanceof ModuleNode) {
$node->setNode('constructor_end', new Node([new DeferredExtensionNode(), $node->getNode('constructor_end')]));
$node->setNode('display_end', new Node([new DeferredNode(), $node->getNode('display_end')]));
$node->getNode('constructor_end')->setNode('deferred_initialize', new DeferredInitializeNode());
$node->getNode('display_end')->setNode('deferred_resolve', new DeferredResolveNode());
$node->getNode('class_end')->setNode('deferred_declare', new DeferredDeclareNode());
$this->hasDeferred = false;
}

27
system/src/Twig/DeferredExtension/DeferredResolveNode.php Normal file
View File

@ -0,0 +1,27 @@
<?php
/**
* This file is part of the rybakit/twig-deferred-extension package.
*
* (c) Eugene Leonovich <gen.work@gmail.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
declare(strict_types=1);
namespace Twig\DeferredExtension;
use Twig\Compiler;
use Twig\Node\Node;
final class DeferredResolveNode extends Node
{
public function compile(Compiler $compiler) : void
{
$compiler
->write("\$this->deferred->resolve(\$this, \$context, \$blocks);\n")
;
}
}