From 0877ed33d8f926f86601d6d578a2f362bf3e8ce9 Mon Sep 17 00:00:00 2001 From: dan Date: Tue, 1 Feb 2022 19:52:23 +1300 Subject: [PATCH] (Grav GitSync) Automatic Commit from dan --- plugins/admin/CHANGELOG.md | 15 + plugins/admin/admin.php | 10 +- plugins/admin/blueprints.yaml | 4 +- plugins/admin/classes/plugin/Admin.php | 4 +- .../classes/plugin/AdminBaseController.php | 8 +- .../admin/classes/plugin/AdminController.php | 14 +- .../Controllers/Login/LoginController.php | 3 +- plugins/admin/classes/plugin/Gpm.php | 2 +- .../themes/grav/app/forms/fields/files.js | 8 +- .../admin/themes/grav/app/pages/page/media.js | 8 +- plugins/admin/themes/grav/js/admin.min.js | 15993 ++- plugins/admin/themes/grav/js/vendor.min.js | 96211 +++++++++++++++- plugins/flex-objects/CHANGELOG.md | 8 + plugins/flex-objects/README.md | 2 +- .../types/default/configure.html.twig | 2 +- .../flex-objects/types/default/edit.html.twig | 2 +- .../flex-objects/types/default/list.html.twig | 2 +- .../types/default/titlebar/edit.html.twig | 2 +- .../types/default/titlebar/preview.html.twig | 2 +- .../flex-objects/types/pages/edit.html.twig | 2 +- .../flex-objects/flex-objects.html.twig | 2 +- plugins/flex-objects/blueprints.yaml | 4 +- .../classes/Controllers/MediaController.php | 41 +- plugins/flex-objects/classes/Flex.php | 4 +- .../cli/FlexConvertDataCommand.php | 3 +- plugins/flex-objects/flex-objects.php | 3 +- plugins/flex-objects/languages/de.yaml | 13 +- plugins/flex-objects/languages/en.yaml | 27 +- plugins/flex-objects/languages/es.yaml | 73 + plugins/flex-objects/yarn.lock | 12 +- plugins/form/CHANGELOG.md | 7 + plugins/form/README.md | 4 +- plugins/form/blueprints.yaml | 2 +- plugins/form/composer.json | 2 +- .../forms/fields/captcha/captcha.html.twig | 2 +- .../forms/fields/select/select.html.twig | 6 +- 36 files changed, 105701 insertions(+), 6806 deletions(-) create mode 100644 plugins/flex-objects/languages/es.yaml diff --git a/plugins/admin/CHANGELOG.md b/plugins/admin/CHANGELOG.md index 984e0cc..3d81e79 100644 --- a/plugins/admin/CHANGELOG.md +++ b/plugins/admin/CHANGELOG.md @@ -1,3 +1,18 @@ +# v1.10.29 +## 01/28/2022 + +1. [](#new) + * Require **Grav 1.7.29** +3. [](#improved) + * Made path handling unicode-safe, use new `Utils::basename()` and `Utils::pathinfo()` everywhere + +# v1.10.28 +## 01/24/2022 + +1. [](#bugfix) + * Clean file names before displaying errors/metadata modals + * Recompiled JS for production [#2225](https://github.com/getgrav/grav-plugin-admin/issues/2225) + # v1.10.27 ## 01/12/2022 diff --git a/plugins/admin/admin.php b/plugins/admin/admin.php index ebde1b9..68a8b93 100644 --- a/plugins/admin/admin.php +++ b/plugins/admin/admin.php @@ -480,7 +480,7 @@ class AdminPlugin extends Plugin Admin::DEBUG && Admin::addDebugMessage("Admin page: {$this->template}"); $page->init(new \SplFileInfo(__DIR__ . "/pages/admin/{$this->template}.md")); - $page->slug(basename($this->template)); + $page->slug(Utils::basename($this->template)); return $page; } @@ -501,7 +501,7 @@ class AdminPlugin extends Plugin Admin::DEBUG && Admin::addDebugMessage("Admin page: plugin {$plugin->name}/{$this->template}"); $page->init(new \SplFileInfo($path)); - $page->slug(basename($this->template)); + $page->slug(Utils::basename($this->template)); return $page; } @@ -525,7 +525,7 @@ class AdminPlugin extends Plugin $error_file = $this->grav['locator']->findResource('plugins://admin/pages/admin/error.md'); $page = new Page(); $page->init(new \SplFileInfo($error_file)); - $page->slug(basename($this->route)); + $page->slug(Utils::basename($this->route)); $page->routable(true); } @@ -537,7 +537,7 @@ class AdminPlugin extends Plugin $login_file = $this->grav['locator']->findResource('plugins://admin/pages/admin/login.md'); $page = new Page(); $page->init(new \SplFileInfo($login_file)); - $page->slug(basename($this->route)); + $page->slug(Utils::basename($this->route)); unset($this->grav['page']); $this->grav['page'] = $page; } @@ -1304,7 +1304,7 @@ class AdminPlugin extends Plugin $options = []; $theme_files = glob(__dir__ . '/themes/grav/css/codemirror/themes/*.css'); foreach ($theme_files as $theme_file) { - $theme = basename(basename($theme_file, '.css')); + $theme = Utils::basename(Utils::basename($theme_file, '.css')); $options[$theme] = Inflector::titleize($theme); } } diff --git a/plugins/admin/blueprints.yaml b/plugins/admin/blueprints.yaml index 3bfd51f..c47983a 100644 --- a/plugins/admin/blueprints.yaml +++ b/plugins/admin/blueprints.yaml @@ -1,7 +1,7 @@ name: Admin Panel slug: admin type: plugin -version: 1.10.27 +version: 1.10.29 description: Adds an advanced administration panel to manage your site icon: empire author: @@ -15,7 +15,7 @@ docs: https://github.com/getgrav/grav-plugin-admin/blob/develop/README.md license: MIT dependencies: - - { name: grav, version: '>=1.7.27' } + - { name: grav, version: '>=1.7.29' } - { name: form, version: '>=5.1.0' } - { name: login, version: '>=3.6.2' } - { name: email, version: '>=3.1.0' } diff --git a/plugins/admin/classes/plugin/Admin.php b/plugins/admin/classes/plugin/Admin.php index b2c7aa5..ef41488 100644 --- a/plugins/admin/classes/plugin/Admin.php +++ b/plugins/admin/classes/plugin/Admin.php @@ -980,7 +980,7 @@ class Admin $obj->file = $file; $obj->page = $pages->get(dirname($obj->path)); - $fileInfo = pathinfo($obj->title); + $fileInfo = Utils::pathinfo($obj->title); $filename = str_replace(['@3x', '@2x'], '', $fileInfo['filename']); if (isset($fileInfo['extension'])) { $filename .= '.' . $fileInfo['extension']; @@ -1979,7 +1979,7 @@ class Admin $page = $path ? $pages->find($path, true) : $pages->root(); if (!$page) { - $slug = basename($path); + $slug = Utils::basename($path); if ($slug === '') { return null; diff --git a/plugins/admin/classes/plugin/AdminBaseController.php b/plugins/admin/classes/plugin/AdminBaseController.php index 13e583e..8c546e0 100644 --- a/plugins/admin/classes/plugin/AdminBaseController.php +++ b/plugins/admin/classes/plugin/AdminBaseController.php @@ -374,7 +374,7 @@ class AdminBaseController // since php removes it from the upload location $tmp_dir = Admin::getTempDir(); $tmp_file = $upload->file->tmp_name; - $tmp = $tmp_dir . '/uploaded-files/' . basename($tmp_file); + $tmp = $tmp_dir . '/uploaded-files/' . Utils::basename($tmp_file); Folder::create(dirname($tmp)); if (!move_uploaded_file($tmp_file, $tmp)) { @@ -423,7 +423,7 @@ class AdminBaseController // Generate random name if required if ($settings->random_name) { // TODO: document - $extension = pathinfo($upload->file->name, PATHINFO_EXTENSION); + $extension = Utils::pathinfo($upload->file->name, PATHINFO_EXTENSION); $upload->file->name = Utils::generateRandomString(15) . '.' . $extension; } @@ -929,7 +929,7 @@ class AdminBaseController $type = $uri->param('type'); $field = $uri->param('field'); - $filename = basename($this->post['filename'] ?? ''); + $filename = Utils::basename($this->post['filename'] ?? ''); if ($filename === '') { $this->admin->json_response = [ 'status' => 'error', @@ -1068,7 +1068,7 @@ class AdminBaseController if ($file->exists()) { $resultRemoveMedia = $file->delete(); - $fileParts = pathinfo($filename); + $fileParts = Utils::pathinfo($filename); foreach (scandir($fileParts['dirname']) as $file) { $regex_pattern = '/' . preg_quote($fileParts['filename'], '/') . "@\d+x\." . $fileParts['extension'] . "(?:\.meta\.yaml)?$|" . preg_quote($fileParts['basename'], '/') . "\.meta\.yaml$/"; diff --git a/plugins/admin/classes/plugin/AdminController.php b/plugins/admin/classes/plugin/AdminController.php index fe0b339..61dbceb 100644 --- a/plugins/admin/classes/plugin/AdminController.php +++ b/plugins/admin/classes/plugin/AdminController.php @@ -521,7 +521,7 @@ class AdminController extends AdminBaseController try { if ($download) { - $filename = basename(base64_decode(urldecode($download))); + $filename = Utils::basename(base64_decode(urldecode($download))); $file = $this->grav['locator']->findResource("backup://{$filename}", true); if (!$file || !Utils::endsWith($filename, '.zip', false)) { header('HTTP/1.1 401 Unauthorized'); @@ -584,7 +584,7 @@ class AdminController extends AdminBaseController $backup = $this->grav['uri']->param('backup', null); if (null !== $backup) { - $filename = basename(base64_decode(urldecode($backup))); + $filename = Utils::basename(base64_decode(urldecode($backup))); $file = $this->grav['locator']->findResource("backup://{$filename}", true); if ($file && Utils::endsWith($filename, '.zip', false)) { @@ -2244,7 +2244,7 @@ class AdminController extends AdminBaseController // Check extension - $extension = strtolower(pathinfo($filename, PATHINFO_EXTENSION)); + $extension = strtolower(Utils::pathinfo($filename, PATHINFO_EXTENSION)); // If not a supported type, return if (!$extension || !$config->get("media.types.{$extension}")) { @@ -2293,7 +2293,7 @@ class AdminController extends AdminBaseController // Add metadata if needed $include_metadata = Grav::instance()['config']->get('system.media.auto_metadata_exif', false); - $basename = str_replace(['@3x', '@2x'], '', pathinfo($filename, PATHINFO_BASENAME)); + $basename = str_replace(['@3x', '@2x'], '', Utils::pathinfo($filename, PATHINFO_BASENAME)); $metadata = []; @@ -2423,7 +2423,7 @@ class AdminController extends AdminBaseController return false; } - $filename = !empty($this->post['filename']) ? basename($this->post['filename']) : null; + $filename = !empty($this->post['filename']) ? Utils::basename($this->post['filename']) : null; // Handle bad filenames. if (!$filename || !Utils::checkFilename($filename)) { @@ -2442,7 +2442,7 @@ class AdminController extends AdminBaseController if ($locator->isStream($targetPath)) { $targetPath = $locator->findResource($targetPath, true, true); } - $fileParts = pathinfo($filename); + $fileParts = Utils::pathinfo($filename); $found = false; @@ -2626,7 +2626,7 @@ class AdminController extends AdminBaseController $payload = [ 'name' => $file_page ? $file_page->title() : $fileName, 'value' => $file_page ? $file_page->rawRoute() : $file_path, - 'item-key' => basename($file_page ? $file_page->route() : $file_path), + 'item-key' => Utils::basename($file_page ? $file_page->route() : $file_path), 'filename' => $fileName, 'extension' => $type === 'dir' ? '' : $fileInfo->getExtension(), 'type' => $type, diff --git a/plugins/admin/classes/plugin/Controllers/Login/LoginController.php b/plugins/admin/classes/plugin/Controllers/Login/LoginController.php index ab4562a..44790e3 100644 --- a/plugins/admin/classes/plugin/Controllers/Login/LoginController.php +++ b/plugins/admin/classes/plugin/Controllers/Login/LoginController.php @@ -15,6 +15,7 @@ use Grav\Common\Page\Pages; use Grav\Common\Uri; use Grav\Common\User\Interfaces\UserCollectionInterface; use Grav\Common\User\Interfaces\UserInterface; +use Grav\Common\Utils; use Grav\Framework\RequestHandler\Exception\PageExpiredException; use Grav\Framework\RequestHandler\Exception\RequestException; use Grav\Plugin\Admin\Admin; @@ -111,7 +112,7 @@ class LoginController extends AdminController { $uri = (string)$this->getRequest()->getUri(); - $ext = pathinfo($uri, PATHINFO_EXTENSION); + $ext = Utils::pathinfo($uri, PATHINFO_EXTENSION); $accept = $this->getAccept(['application/json', 'text/html']); if ($ext === 'json' || $accept === 'application/json') { return $this->createErrorResponse(new RequestException($this->getRequest(), $this->translate('PLUGIN_ADMIN.LOGGED_OUT'), 401)); diff --git a/plugins/admin/classes/plugin/Gpm.php b/plugins/admin/classes/plugin/Gpm.php index 0879eaf..8fda8c1 100644 --- a/plugins/admin/classes/plugin/Gpm.php +++ b/plugins/admin/classes/plugin/Gpm.php @@ -316,7 +316,7 @@ class Gpm $bad_chars = array_merge(array_map('chr', range(0, 31)), ['<', '>', ':', '"', '/', '\\', '|', '?', '*']); - $filename = $package->slug . str_replace($bad_chars, '', basename($package->zipball_url)); + $filename = $package->slug . str_replace($bad_chars, '', \Grav\Common\Utils::basename($package->zipball_url)); $filename = preg_replace('/[\\\\\/:"*?&<>|]+/m', '-', $filename); file_put_contents($tmp_dir . DS . $filename . '.zip', $contents); diff --git a/plugins/admin/themes/grav/app/forms/fields/files.js b/plugins/admin/themes/grav/app/forms/fields/files.js index a927968..64a0f84 100644 --- a/plugins/admin/themes/grav/app/forms/fields/files.js +++ b/plugins/admin/themes/grav/app/forms/fields/files.js @@ -224,7 +224,7 @@ export default class FilesField { file, data: response, mode: 'removeFile', - msg: `

${translations.PLUGIN_ADMIN.FILE_ERROR_UPLOAD} ${file.name}

+ msg: `

${translations.PLUGIN_ADMIN.FILE_ERROR_UPLOAD} {{fileName}}

${response.message}
` }); } @@ -240,7 +240,7 @@ export default class FilesField { file, data, mode: 'removeFile', - msg: `

${translations.PLUGIN_ADMIN.FILE_ERROR_ADD} ${file.name}

+ msg: `

${translations.PLUGIN_ADMIN.FILE_ERROR_ADD} {{fileName}}

${data.message}
` }); } @@ -325,7 +325,9 @@ export default class FilesField { } let modal = $('[data-remodal-id="generic"]'); - modal.find('.error-content').html(msg); + const cleanName = file.name.replace('<', '<').replace('>', '>'); + + modal.find('.error-content').html(msg.replace('{{fileName}}', cleanName)); $.remodal.lookup[modal.data('remodal')].open(); } } diff --git a/plugins/admin/themes/grav/app/pages/page/media.js b/plugins/admin/themes/grav/app/pages/page/media.js index 832b7ed..7fe50f5 100644 --- a/plugins/admin/themes/grav/app/pages/page/media.js +++ b/plugins/admin/themes/grav/app/pages/page/media.js @@ -155,6 +155,7 @@ export default class PageMedia extends FilesField { const target = $(e.currentTarget); const file = target.parent('.dz-preview').find('.dz-filename'); const filename = encodeURI(file.text()); + const cleanName = file.text().replace('<', '<').replace('>', '>'); let fileObj = this.dropzone.files.filter((file) => file.name === global.decodeURI(filename)).shift() || {}; @@ -163,7 +164,7 @@ export default class PageMedia extends FilesField { } if (Array.isArray(fileObj.extras.metadata) && !fileObj.extras.metadata.length) { - fileObj.extras.metadata = { '': `${global.decodeURI(filename)}.meta.yaml doesn't exist` }; + fileObj.extras.metadata = { '': `${cleanName}.meta.yaml doesn't exist` }; } fileObj = fileObj.extras; @@ -171,14 +172,15 @@ export default class PageMedia extends FilesField { const modal_element = $('body').find('[data-remodal-id="metadata"]'); const modal = $.remodal.lookup[modal_element.data('remodal')]; - modal_element.find('h1 strong').html(filename); + modal_element.find('h1 strong').html(cleanName); if (fileObj.url) { modal_element.find('.meta-preview').html(``); } const container = modal_element.find('.meta-content').html('