Commit Graph

23 Commits

Author SHA1 Message Date
Dan Brown
4f55fe2f8e
Made further changes to page image extraction validation
Fixes #3019
Increased testing to cover the failing case amoung others.
2021-10-28 15:54:00 +01:00
Haxatron
64937ab826
Update ImageRepo.php
fix image validation vulnerability
2021-10-26 09:39:16 +08:00
Dan Brown
cb45c53029
Added base64 image extraction to markdown page content
- Included tests to cover.
- Manually tested via API update and interface page update.

Closes #2898
2021-10-18 11:42:50 +01:00
Dan Brown
934a833818 Apply fixes from StyleCI 2021-06-26 15:23:15 +00:00
Dan Brown
39928e1c63
Reviewed base64 image upload support
- Added test cases to cover.
- Altered parsing logic to be a little less reliant on regex.
- Added new iamge repo method for creating from data.
- Added extension validation and additional type support.
- Done some cleanup of common operations within PageContent.
- Added message to API docs/method to mention image usage.

For #2700 and #2631.
2021-06-02 21:34:34 +01:00
Dan Brown
1e5951a75f Done a refactor pass on PermissionService
Could do with splitting out into seperate query/build classess really.
Closes #2633.
2021-03-14 19:52:07 +00:00
Dan Brown
98a1e57ba9 Ran phpcbf and updated phpcs.xml 2021-03-07 22:24:05 +00:00
Dan Brown
cf04a0d818
Merge branch 'v0.30.x' 2020-12-18 14:16:13 +00:00
Dan Brown
2acef3c2ec
Fixed issue where restricted page content in plaintext export
The content of pages made non-viewable to a user via permissions, within a visible parent, could be seen via the plaintext export option. Before v0.30.6 this would have applied only to scenarios where all pages within the chapter were made non-visible. In v0.30.6 this would make all pages within the chapter visible.

As per #2414
2020-12-18 13:56:00 +00:00
Dan Brown
ef1b98019a
Fixed some mis-refactoring and split search service
Search service broken into index and runner tools.
2020-11-22 00:17:45 +00:00
Dan Brown
02dc3154e3
Converted image-manager to be component/HTML based
Instead of vue based.
2020-07-25 00:20:58 +01:00
Dan Brown
3500182c5f
Updated drawing uploads to use user id in image name
- Instead of user name.
- Due to issues with advanced charts like emoji zero-width-joiners.
- Could also have security concerns on untrusted instances with certain
webserver config due to double extension possibilities.

Closes #1993
2020-04-04 00:48:32 +01:00
TBK
d3737d5a87
Remove redundant getImageValidationRules method 2020-03-04 00:17:49 +01:00
Dan Brown
32e7f0a2e6
Made display thumbnail generation use original data if smaller
Thumbnail generation would sometimes create a file larger than the
original, if the original was already well optimized, therefore making
the thumbnail counter-productive. This change compares the sizes of the
original and the generated thumbnail, and uses the smaller of the two if
the thumbnail does not change the aspect ratio of the image.

Fixes #1751
2019-12-22 12:44:49 +00:00
Dan Brown
0a0ceb382e
Doubled image upload display thumb size
Related to #1108
2019-05-19 14:52:17 +01:00
Dan Brown
3f83c548f8
Ran phpcbf 2019-05-05 14:54:37 +01:00
Dan Brown
8c190324ac
Updated existing image tests to reflect changes
- Also added some new tests
2019-05-04 18:11:19 +01:00
Dan Brown
79f6dc00a3
Change image-selector to not use manager
- Now changes the images directly for user, system & cover.
- Extra permission checks added to edit & delete actions.
2019-05-04 15:50:29 +01:00
Dan Brown
a87ae16010
Started extraction of image controller to separate controllers 2019-04-27 14:18:00 +01:00
Dan Brown
aeb1fc4d49
Started rewriting back-end image managment 2019-04-21 15:52:29 +01:00
Dan Brown
495d18814a
Updated various classes to take EntityProvider instead of separate entities 2018-09-25 18:00:40 +01:00
Dan Brown
257a5a23ec
Fleshed out entity provided and optimized imports 2018-09-25 16:58:03 +01:00
Dan Brown
919660678b
Re-structured the app code to be feature based rather than code type based 2018-09-25 12:30:50 +01:00