Upgraded to Laravel 5.6

app/Config/app.php

@@ -72,10 +72,6 @@ return [
     // Encryption cipher
     'cipher' => 'AES-256-CBC',
 
-    // Logging configuration
-    // Options: single, daily, syslog, errorlog
-    'log' => env('APP_LOGGING', 'single'),
-
     // Application Services Provides
     'providers' => [
 

app/Config/hashing.php

@@ -0,0 +1,38 @@
+<?php
+
+/**
+ * Hashing configuration options.
+ *
+ * Changes to these config files are not supported by BookStack and may break upon updates.
+ * Configuration should be altered via the `.env` file or environment variables.
+ * Do not edit this file unless you're happy to maintain any changes yourself.
+ */
+
+return [
+
+    // Default Hash Driver
+    // This option controls the default hash driver that will be used to hash
+    // passwords for your application. By default, the bcrypt algorithm is
+    // used; however, you remain free to modify this option if you wish.
+    // Supported: "bcrypt", "argon"
+    'driver' => 'bcrypt',
+
+    // Bcrypt Options
+    // Here you may specify the configuration options that should be used when
+    // passwords are hashed using the Bcrypt algorithm. This will allow you
+    // to control the amount of time it takes to hash the given password.
+    'bcrypt' => [
+        'rounds' => env('BCRYPT_ROUNDS', 10),
+    ],
+
+    // Argon Options
+    // Here you may specify the configuration options that should be used when
+    // passwords are hashed using the Argon algorithm. These will allow you
+    // to control the amount of time it takes to hash the given password.
+    'argon' => [
+        'memory' => 1024,
+        'threads' => 2,
+        'time' => 2,
+    ],
+
+];

app/Config/logging.php

@@ -0,0 +1,74 @@
+<?php
+
+use Monolog\Handler\StreamHandler;
+
+/**
+ * Logging configuration options.
+ *
+ * Changes to these config files are not supported by BookStack and may break upon updates.
+ * Configuration should be altered via the `.env` file or environment variables.
+ * Do not edit this file unless you're happy to maintain any changes yourself.
+ */
+
+return [
+
+    // Default Log Channel
+    // This option defines the default log channel that gets used when writing
+    // messages to the logs. The name specified in this option should match
+    // one of the channels defined in the "channels" configuration array.
+    'default' => env('LOG_CHANNEL', 'single'),
+
+    // Log Channels
+    // Here you may configure the log channels for your application. Out of
+    // the box, Laravel uses the Monolog PHP logging library. This gives
+    // you a variety of powerful log handlers / formatters to utilize.
+    // Available Drivers: "single", "daily", "slack", "syslog",
+    //                    "errorlog", "monolog",
+    //                    "custom", "stack"
+    'channels' => [
+        'stack' => [
+            'driver' => 'stack',
+            'channels' => ['single'],
+        ],
+
+        'single' => [
+            'driver' => 'single',
+            'path' => storage_path('logs/laravel.log'),
+            'level' => 'debug',
+        ],
+
+        'daily' => [
+            'driver' => 'daily',
+            'path' => storage_path('logs/laravel.log'),
+            'level' => 'debug',
+            'days' => 7,
+        ],
+
+        'slack' => [
+            'driver' => 'slack',
+            'url' => env('LOG_SLACK_WEBHOOK_URL'),
+            'username' => 'Laravel Log',
+            'emoji' => ':boom:',
+            'level' => 'critical',
+        ],
+
+        'stderr' => [
+            'driver' => 'monolog',
+            'handler' => StreamHandler::class,
+            'with' => [
+                'stream' => 'php://stderr',
+            ],
+        ],
+
+        'syslog' => [
+            'driver' => 'syslog',
+            'level' => 'debug',
+        ],
+
+        'errorlog' => [
+            'driver' => 'errorlog',
+            'level' => 'debug',
+        ],
+    ],
+
+];

app/Http/Controllers/Auth/RegisterController.php

@@ -18,6 +18,7 @@ use Illuminate\Http\RedirectResponse;
 use Illuminate\Http\Request;
 use Illuminate\Http\Response;
 use Illuminate\Routing\Redirector;
+use Illuminate\Support\Facades\Hash;
 use Laravel\Socialite\Contracts\User as SocialUser;
 use Validator;
 
@@ -129,7 +130,7 @@ class RegisterController extends Controller
         return User::create([
             'name' => $data['name'],
             'email' => $data['email'],
-            'password' => bcrypt($data['password']),
+            'password' => Hash::make($data['password']),
         ]);
     }
 

app/Http/Kernel.php

@@ -12,7 +12,7 @@ class Kernel extends HttpKernel
      * @var array
      */
     protected $middleware = [
-        \Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
+        \BookStack\Http\Middleware\CheckForMaintenanceMode::class,
         \Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
         \BookStack\Http\Middleware\TrimStrings::class,
         \BookStack\Http\Middleware\TrustProxies::class,

app/Http/Middleware/CheckForMaintenanceMode.php

@@ -0,0 +1,17 @@
+<?php
+
+namespace BookStack\Http\Middleware;
+
+use Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode as Middleware;
+
+class CheckForMaintenanceMode extends Middleware
+{
+    /**
+     * The URIs that should be reachable while maintenance mode is enabled.
+     *
+     * @var array
+     */
+    protected $except = [
+        //
+    ];
+}

app/Http/Middleware/TrustProxies.php

@@ -16,17 +16,11 @@ class TrustProxies extends Middleware
     protected $proxies;
 
     /**
-     * The current proxy header mappings.
+     * The headers that should be used to detect proxies.
      *
-     * @var array
+     * @var int
      */
-    protected $headers = [
+    protected $headers = Request::HEADER_X_FORWARDED_ALL;
-        Request::HEADER_FORWARDED => 'FORWARDED',
-        Request::HEADER_X_FORWARDED_FOR => 'X_FORWARDED_FOR',
-        Request::HEADER_X_FORWARDED_HOST => 'X_FORWARDED_HOST',
-        Request::HEADER_X_FORWARDED_PORT => 'X_FORWARDED_PORT',
-        Request::HEADER_X_FORWARDED_PROTO => 'X_FORWARDED_PROTO',
-    ];
 
     /**
      * Handle the request, Set the correct user-configured proxy information.

composer.json

@@ -5,7 +5,7 @@
     "license": "MIT",
     "type": "project",
     "require": {
-        "php": ">=7.0.5",
+        "php": "^7.1.3",
         "ext-json": "*",
         "ext-tidy": "*",
         "ext-dom": "*",
@@ -13,8 +13,8 @@
         "ext-mbstring": "*",
         "ext-gd": "*",
         "ext-curl": "*",
-        "laravel/framework": "~5.5.44",
+        "laravel/framework": "5.6.*",
-        "fideloper/proxy": "~3.3",
+        "fideloper/proxy": "^4.0",
         "intervention/image": "^2.4",
         "laravel/socialite": "3.0.x-dev",
         "league/flysystem-aws-s3-v3": "^1.0",
@@ -31,16 +31,15 @@
         "doctrine/dbal": "^2.5"
     },
     "require-dev": {
-        "filp/whoops": "~2.0",
+        "filp/whoops": "^2.0",
-        "fzaninotto/faker": "~1.4",
+        "fzaninotto/faker": "^1.4",
-        "mockery/mockery": "~1.0",
+        "mockery/mockery": "^1.0",
-        "phpunit/phpunit": "~6.0",
+        "phpunit/phpunit": "^7.0",
-        "symfony/css-selector": "3.1.*",
+        "nunomaduro/collision": "^2.0",
-        "symfony/dom-crawler": "3.1.*",
+        "laravel/browser-kit-testing": "^4.2.1",
-        "laravel/browser-kit-testing": "^2.0",
+        "barryvdh/laravel-ide-helper": "^2.6.4",
-        "barryvdh/laravel-ide-helper": "^2.4.1",
+        "barryvdh/laravel-debugbar": "^3.2.8",
-        "barryvdh/laravel-debugbar": "^3.1.0",
+        "squizlabs/php_codesniffer": "^3.4"
-        "squizlabs/php_codesniffer": "^3.2"
     },
     "autoload": {
         "classmap": [
@@ -87,7 +86,9 @@
         "optimize-autoloader": true,
         "preferred-install": "dist",
         "platform": {
-            "php": "7.0.5"
+            "php": "7.1.3"
         }
-    }
+    },
+    "minimum-stability": "dev",
+    "prefer-stable": true
 }

database/seeds/DatabaseSeeder.php

@@ -6,7 +6,7 @@ use Illuminate\Database\Eloquent\Model;
 class DatabaseSeeder extends Seeder
 {
     /**
-     * Run the database seeds.
+     * Seed the application's database.
      *
      * @return void
      */

phpunit.xml

@@ -7,8 +7,7 @@
          convertNoticesToExceptions="true"
          convertWarningsToExceptions="true"
          processIsolation="false"
-         stopOnFailure="false"
+         stopOnFailure="false">
-         syntaxCheck="false">
     <testsuites>
         <testsuite name="Application Test Suite">
             <directory>./tests/</directory>
@@ -28,6 +27,7 @@
         <env name="SESSION_DRIVER" value="array"/>
         <env name="QUEUE_DRIVER" value="sync"/>
         <env name="DB_CONNECTION" value="mysql_testing"/>
+        <env name="BCRYPT_ROUNDS" value="4"/>
         <env name="MAIL_DRIVER" value="log"/>
         <env name="AUTH_METHOD" value="standard"/>
         <env name="DISABLE_EXTERNAL_SERVICES" value="true"/>

resources/lang/en/validation.php

@@ -12,7 +12,7 @@ return [
     'active_url'           => 'The :attribute is not a valid URL.',
     'after'                => 'The :attribute must be a date after :date.',
     'alpha'                => 'The :attribute may only contain letters.',
-    'alpha_dash'           => 'The :attribute may only contain letters, numbers, and dashes.',
+    'alpha_dash'           => 'The :attribute may only contain letters, numbers, dashes and underscores.',
     'alpha_num'            => 'The :attribute may only contain letters and numbers.',
     'array'                => 'The :attribute must be an array.',
     'before'               => 'The :attribute must be a date before :date.',
@@ -31,12 +31,39 @@ return [
     'digits_between'       => 'The :attribute must be between :min and :max digits.',
     'email'                => 'The :attribute must be a valid email address.',
     'filled'               => 'The :attribute field is required.',
+    'gt'                   => [
+        'numeric' => 'The :attribute must be greater than :value.',
+        'file'    => 'The :attribute must be greater than :value kilobytes.',
+        'string'  => 'The :attribute must be greater than :value characters.',
+        'array'   => 'The :attribute must have more than :value items.',
+    ],
+    'gte'                  => [
+        'numeric' => 'The :attribute must be greater than or equal :value.',
+        'file'    => 'The :attribute must be greater than or equal :value kilobytes.',
+        'string'  => 'The :attribute must be greater than or equal :value characters.',
+        'array'   => 'The :attribute must have :value items or more.',
+    ],
     'exists'               => 'The selected :attribute is invalid.',
     'image'                => 'The :attribute must be an image.',
     'image_extension'      => 'The :attribute must have a valid & supported image extension.',
     'in'                   => 'The selected :attribute is invalid.',
     'integer'              => 'The :attribute must be an integer.',
     'ip'                   => 'The :attribute must be a valid IP address.',
+    'ipv4'                 => 'The :attribute must be a valid IPv4 address.',
+    'ipv6'                 => 'The :attribute must be a valid IPv6 address.',
+    'json'                 => 'The :attribute must be a valid JSON string.',
+    'lt'                   => [
+        'numeric' => 'The :attribute must be less than :value.',
+        'file'    => 'The :attribute must be less than :value kilobytes.',
+        'string'  => 'The :attribute must be less than :value characters.',
+        'array'   => 'The :attribute must have less than :value items.',
+    ],
+    'lte'                  => [
+        'numeric' => 'The :attribute must be less than or equal :value.',
+        'file'    => 'The :attribute must be less than or equal :value kilobytes.',
+        'string'  => 'The :attribute must be less than or equal :value characters.',
+        'array'   => 'The :attribute must not have more than :value items.',
+    ],
     'max'                  => [
         'numeric' => 'The :attribute may not be greater than :max.',
         'file'    => 'The :attribute may not be greater than :max kilobytes.',
@@ -52,6 +79,7 @@ return [
     ],
     'no_double_extension'  => 'The :attribute must only have a single file extension.',
     'not_in'               => 'The selected :attribute is invalid.',
+    'not_regex'            => 'The :attribute format is invalid.',
     'numeric'              => 'The :attribute must be a number.',
     'regex'                => 'The :attribute format is invalid.',
     'required'             => 'The :attribute field is required.',

resources/views/pages/markdown-editor.blade.php

@@ -19,7 +19,7 @@
 
         <div markdown-input class="flex flex-fill">
                         <textarea  id="markdown-editor-input"  name="markdown" rows="5"
-                                   @if($errors->has('markdown')) class="text-neg" @endif>@if(isset($model) || old('markdown')){{htmlspecialchars( old('markdown') ? old('markdown') : ($model->markdown === '' ? $model->html : $model->markdown))}}@endif</textarea>
+                                   @if($errors->has('markdown')) class="text-neg" @endif>@if(isset($model) || old('markdown')){{ old('markdown') ? old('markdown') : ($model->markdown === '' ? $model->html : $model->markdown) }}@endif</textarea>
         </div>
 
     </div>

resources/views/pages/wysiwyg-editor.blade.php

@@ -5,7 +5,7 @@
     ])
 
     <textarea id="html-editor"  name="html" rows="5" v-pre
-          @if($errors->has('html')) class="text-neg" @endif>@if(isset($model) || old('html')){{htmlspecialchars( old('html') ? old('html') : $model->html)}}@endif</textarea>
+          @if($errors->has('html')) class="text-neg" @endif>@if(isset($model) || old('html')){{ old('html') ? old('html') : $model->html }}@endif</textarea>
 </div>
 
 @if($errors->has('html'))