Dotclear

Changeset 3622:d7c2089bb952


Ignore:
Timestamp:
12/19/17 06:50:17 (8 years ago)
Author:
franck <carnet.franck.paul@…>
Branch:
default
Parents:
3621:e1a3f3cf4930 (diff), 3611:e8ccb1c08e9f (diff)
Note: this is a merge changeset, the changes displayed below correspond to the merge itself.
Use the (diff) links above to see all the changes relative to each parent.
Message:

Merge 2.12 commits since 2.12.1 in default branch

Files:
5 edited

Legend:

Unmodified
Added
Removed

  • inc/admin/lib.dc.page.php

    r3599 r3622  
    9494          # Content-Type 
    9595          $headers['content-type'] = 'Content-Type: text/html; charset=UTF-8'; 
     96 
     97          # Referrer Policy for admin pages 
     98          $headers['referrer'] = 'Referrer-Policy: strict-origin'; 
    9699 
    97100          # Prevents Clickjacking as far as possible 
     
    352355 
    353356          if (!$GLOBALS['__resources']['ctxhelp']) { 
    354                echo 
    355                '<p id="help-button"><a href="'.$core->adminurl->get("admin.help").'" class="outgoing" title="'. 
    356                __('Global help').'">'.__('Global help').'</a></p>'; 
     357               if (!$core->auth->user_prefs->interface->hidehelpbutton) { 
     358                    echo 
     359                    '<p id="help-button"><a href="'.$core->adminurl->get("admin.help").'" class="outgoing" title="'. 
     360                    __('Global help').'">'.__('Global help').'</a></p>'; 
     361               } 
    357362          } 
    358363 
     
    419424          header('Content-Type: text/html; charset=UTF-8'); 
    420425 
    421           // Prevents Clickjacking as far as possible 
     426          # Referrer Policy for admin pages 
     427          header('Referrer-Policy: strict-origin'); 
     428 
     429          # Prevents Clickjacking as far as possible 
    422430          header('X-Frame-Options: SAMEORIGIN'); // FF 3.6.9+ Chrome 4.1+ IE 8+ Safari 4+ Opera 10.5+ 
    423431 
     
    596604     { 
    597605          global $core; 
     606 
     607          if ($core->auth->user_prefs->interface->hidehelpbutton) { 
     608               return; 
     609          } 
     610 
    598611          $args = func_get_args(); 
    599  
    600612          $args = new ArrayObject($args); 
    601613 

  • inc/admin/lib.dc.page.php

    r3619 r3622  
    122122                    $csp_prefix."'self' 'unsafe-inline'".$csp_suffix; 
    123123               $csp['img-src'] = $core->blog->settings->system->csp_admin_img ?: 
    124                     $csp_prefix."'self' data: media.dotaddict.org blob:"; 
     124                    $csp_prefix."'self' data: http://media.dotaddict.org blob:"; 
    125125 
    126126               # Cope with blog post preview (via public URL in iframe) 

  • inc/core/class.dc.blog.php

    r3592 r3622  
    694694          if (!$rs->isEmpty()) 
    695695          { 
    696                if ($this->con->driver() == 'mysql' || $this->con->driver() == 'mysqli') { 
     696               if ($this->con->driver() == 'mysql' || $this->con->driver() == 'mysqli' || $this->con->driver() == 'mysqlimb4') { 
    697697                    $clause = "REGEXP '^".$this->con->escape($url)."[0-9]+$'"; 
    698698               } elseif ($this->con->driver() == 'pgsql') { 
     
    19391939          if (!$rs->isEmpty()) 
    19401940          { 
    1941                if ($this->con->driver() == 'mysql' || $this->con->driver() == 'mysqli') { 
     1941               if ($this->con->driver() == 'mysql' || $this->con->driver() == 'mysqli' || $this->con->driver() == 'mysqlimb4') { 
    19421942                    $clause = "REGEXP '^".$this->con->escape(preg_quote($url))."[0-9]+$'"; 
    19431943               } elseif ($this->con->driver() == 'pgsql') { 

  • inc/core/class.dc.blog.php

    r3565 r3622  
    19401940          { 
    19411941               if ($this->con->driver() == 'mysql' || $this->con->driver() == 'mysqli' || $this->con->driver() == 'mysqlimb4') { 
    1942                     $clause = "REGEXP '^".$this->con->escape($url)."[0-9]+$'"; 
     1942                    $clause = "REGEXP '^".$this->con->escape(preg_quote($url))."[0-9]+$'"; 
    19431943               } elseif ($this->con->driver() == 'pgsql') { 
    1944                     $clause = "~ '^".$this->con->escape($url)."[0-9]+$'"; 
     1944                    $clause = "~ '^".$this->con->escape(preg_quote($url))."[0-9]+$'"; 
    19451945               } else { 
    1946                     $clause = "LIKE '".$this->con->escape($url)."%'"; 
     1946                    $clause = "LIKE '". 
     1947                              $this->con->escape(preg_replace(array('%','_','!'),array('!%','!_','!!'),$url)). 
     1948                              "%' ESCAPE '!'"; 
    19471949               } 
    19481950               $strReq = 'SELECT post_url FROM '.$this->prefix.'post '. 

  • locales/fr/plugins.po

    r3607 r3622  
    20012001msgstr "Liens de navigation" 
    20022002 
     2003msgid "Open URL on a new tab" 
     2004msgstr "S'ouvre dans un nouvel onglet" 
     2005 
     2006msgid "the link will open a new window" 
     2007msgstr "Ce lien s'ouvrira dans une nouvelle fenêtre" 
     2008 
    20032009msgid "Selected entries" 
    20042010msgstr "Billets sélectionnés" 
Note: See TracChangeset for help on using the changeset viewer.

Sites map