TPS
/
ORIENT
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
ORIENT/modules/cms/classes
History
Ben Thomson 50e61df10e
Fix path validation for CmsObjects & Assets (#5229) 
Instead of using a temporary file to allow checks with `realpath()` to succeed, use the new `resolve_path()` helper added in a9a629b012 to replace the `realpath()` usage and allow for path resolution of files that don't exist yet.

This will allow new asset files to still be saved correctly, whilst still preventing paths outside of the assets directory to be used.

Replaces b1954e9258.
 		2020-08-05 12:00:22 -06:00
..
asset Use tabs cssClass definition instead of JS 2017-06-05 17:33:37 +10:00
content Use tabs cssClass definition instead of JS 2017-06-05 17:33:37 +10:00
layout Make CMS object code editor read-only in safe mode (#4769) 2019-12-09 21:05:50 +08:00
page Revert "Added additional robots meta fields to CMS pages (#4685)" (#4832) 2019-12-18 13:51:50 -06:00
partial Make CMS object code editor read-only in safe mode (#4769) 2019-12-09 21:05:50 +08:00
theme Revise #2426 - Rename preview to previewImage 2017-01-29 09:13:01 +11:00
Asset.php Fix path validation for CmsObjects & Assets (#5229) 2020-08-05 12:00:22 -06:00
AutoDatasource.php Fix crash when a cached path doesn't actually exist in the specified datasource 2020-05-22 21:01:45 -06:00
CmsCompoundObject.php Merge branch 'develop' into wip/laravel-5.9 2020-01-18 21:00:40 +08:00
CmsController.php >= PHP7.0 refactoring (#3343) 2018-01-12 00:23:20 -06:00
CmsException.php Replace deprecated Twig class references, refs: #4209. 2019-03-27 13:15:17 -06:00
CmsObject.php Fix path validation for CmsObjects & Assets (#5229) 2020-08-05 12:00:22 -06:00
CmsObjectCollection.php Use old signature for `where` method in CmsObjectCollection. 2020-01-20 16:25:50 +08:00
CodeBase.php Update __isset function to comply with the same checks as __get (#4514) 2019-08-04 19:56:15 +08:00
CodeParser.php Merge remote-tracking branch 'origin/develop' into wip/laravel-6 2020-07-10 16:02:01 +08:00
ComponentBase.php Minor Formatting Corrections in Usage Comments (#4541) 2019-08-15 09:14:54 -06:00
ComponentHelpers.php Add support for "soft" components (#4539) 2020-04-05 01:02:43 +08:00
ComponentManager.php Add support for "soft" components (#4539) 2020-04-05 01:02:43 +08:00
ComponentPartial.php Simplify security check 2019-12-14 12:37:44 +11:00
Content.php Code quality clean up (#4449) 2019-07-18 08:50:37 -06:00
Controller.php Remove newline between "throws" and "return" 2020-04-05 01:06:47 +08:00
Layout.php Remove stub method 2018-10-01 10:29:03 +10:00
LayoutCode.php Code dusting (#2826) 2017-04-24 21:38:19 +10:00
MediaLibrary.php Code formatting changes (#3363) 2018-03-22 10:55:13 -06:00
MediaLibraryItem.php >= PHP7.0 refactoring (#3343) 2018-01-12 00:23:20 -06:00
MediaViewHelper.php Code quality clean up (#4449) 2019-07-18 08:50:37 -06:00
Meta.php fix typos in halcyon (#5066) 2020-05-05 11:12:45 -06:00
ObjectMemoryCache.php Updating modules/cms/classes 2014-10-11 01:22:03 +02:00
Page.php Minor performance improvement 2020-03-03 10:38:03 -06:00
PageCode.php Updating modules/cms/classes 2014-10-11 01:22:03 +02:00
Partial.php >= PHP7.0 refactoring (#3343) 2018-01-12 00:23:20 -06:00
PartialCode.php Added support for components in partials 2014-10-29 22:12:42 -07:00
PartialStack.php Remove "null" assignments 2018-08-15 18:33:24 +02:00
Router.php Merge branch 'develop' into wip/laravel-6 2020-03-16 17:13:42 +08:00
Theme.php Merge remote-tracking branch 'origin/develop' into wip/laravel-6 2020-05-18 08:35:03 +08:00
ThemeManager.php Remove theme data on theme deletion (#4529) 2019-08-15 11:41:03 +08:00