�� Rector and PHPCS fixes

Merge pull request #4636 from dokuwiki/gfm

Add native Markdown parsing

Merge branch 'master' into gfm

* master:
�� Rector and PHPCS fixes
�� Update deleted files
Make common_pageinfo tests independent of execution order
Translation update (sk)
chore: adjust o

Merge branch 'master' into gfm

* master:
�� Rector and PHPCS fixes
�� Update deleted files
Make common_pageinfo tests independent of execution order
Translation update (sk)
chore: adjust overlong line
fix(auth): scope media ACL checks to the namespace
refactor(search): extract LegacyIndexer wrapper for BC contract
Translation update (ro)
fix(authad): avoid warning when initAdLdap is called before opts is populated
fix(infoutils): fix synology os-release file parsing
remove valid_input_set(), inline the only remaining callers
Update copyright year in README
fix(mail): keep '&' intact in mailto links with multiple query params

# Conflicts:
# inc/Parsing/ParserMode/Internallink.php

show more ...

Read the code block download offset as an integer

The named code/file block download link reads the codeblockOffset
request parameter and adds it to the current block index to build the
export link.

Read the code block download offset as an integer

The named code/file block download link reads the codeblockOffset
request parameter and adds it to the current block index to build the
export link. The value was read as a string and then used in arithmetic.
On PHP 8 a non-numeric value turns that addition into a string + int
operation, which throws a TypeError and produces a fatal error when
rendering any page that contains a named code or file block.

The offset is now read with $INPUT->int(), which yields 0 for absent,
empty or non-numeric input and the integer value otherwise, so the
arithmetic is always int + int. The has() guard and zero initialiser
are no longer needed.

show more ...

fix(mail): keep '&' intact in mailto links with multiple query params

Move the email-handling helpers (obfuscate, mail_isvalid,
mail_quotedprintable_encode, mail_setup) out of the procedural
inc/mai

fix(mail): keep '&' intact in mailto links with multiple query params

Move the email-handling helpers (obfuscate, mail_isvalid,
mail_quotedprintable_encode, mail_setup) out of the procedural
inc/mail.php into a namespaced dokuwiki\MailUtils class plus a new
Mailer::configInit(), and add a separate MailUtils::obfuscateUrl() for
the mailto-href context.

The xhtml renderer and PluginTrait now build the link label and the
href separately: the address half is run through the mailguard
obfuscation, the query string is preserved verbatim with only HTML
escaping applied. This fixes #1690 — in 'visible' mode the previous
code rawurlencoded the entire address+query, turning '?' into '%3F' and
breaking multi-parameter mailto links; in all modes the query string is
no longer mangled by the [at]/[dot] substitution.

Core call sites (Mailer, auth, LegacyApiCore, common, the xhtml
renderer, the parser, the bundled config/styling/usermanager plugins)
are migrated to MailUtils directly. The old top-level functions and
PREG_PATTERN_VALID_EMAIL constant remain as deprecated shims with
rector mappings.

Tests for obfuscate / mail_isvalid / mail_quotedprintable_encode are
consolidated into a single _test/tests/MailUtilsTest.php and extended
with regression coverage for the multi-parameter, double-escape and
URL-shape cases.

Closes #1690
Replaces #1964

show more ...

add listo_open_start sibling method for GFM start numbers

Reverts the listo_open signature widening from 5a2118acc and instead
adds a sibling method `listo_open_start($start = 1)` on the renderer
hi

add listo_open_start sibling method for GFM start numbers

Reverts the listo_open signature widening from 5a2118acc and instead
adds a sibling method `listo_open_start($start = 1)` on the renderer
hierarchy. The base default delegates to listo_open() so renderers
that don't override it still produce a valid (but unnumbered) list;
xhtml's override emits <ol start="N">.

The handler now emits 'listo_open_start' only for ordered lists with
a non-default first number; plain ordered lists keep emitting the
unchanged 'listo_open' instruction. This preserves the historical
listo_open / listu_open signatures (zero-arg base, $classes-only
xhtml form from 2016) so the 17 plugin renderers found via
codesearch keep working without modification, while still
implementing GFM's "5. foo" -> <ol start="5"> rule.

show more ...

add `$start` parameter to listo_open

Doku_Renderer::listo_open() is now listo_open($classes = null, $start = 1),
with the same signature on the metadata and XHTML renderers. The XHTML
renderer emits

add `$start` parameter to listo_open

Doku_Renderer::listo_open() is now listo_open($classes = null, $start = 1),
with the same signature on the metadata and XHTML renderers. The XHTML
renderer emits start="N" only when $start is not 1, so existing
ordered-list output is unchanged.

Used by the upcoming GfmListblock to implement GFM's ordered-list start
rule (`5. foo` → `<ol start="5">`). Plugin renderers that override
listo_open keep working, since PHP lets overrides omit added-with-default
parameters.

show more ...

add GfmHeader for ATX headings (`# text` through `###### text`)

Opener must sit at column 0. GFM tolerates 0-3 spaces before the `#`
but that collides with DokuWiki's 2-space-indent preformatted blo

add GfmHeader for ATX headings (`# text` through `###### text`)

Opener must sit at column 0. GFM tolerates 0-3 spaces before the `#`
but that collides with DokuWiki's 2-space-indent preformatted block,
so the tolerance is dropped rather than plumbed across modes.

Widen the XHTML renderer's section-node tracker from 5 slots to 6 so
h6 doesn't hit "Undefined array key 5". Extend GfmSpecTest's HTML
normalizer to strip DokuWiki's section-div wrappers, section-edit
comments, and header id/class attributes so heading spec examples
can validate semantic correctness.

show more ...

updated rector and applied it

Typo in the word associative

Replace strftime with Intl ICU. Fixes #3573

This uses a class that maps strftime placeholders to the appropriate ICU
patterns. I am using the fallback-intl branch here which provides an
English-only

Replace strftime with Intl ICU. Fixes #3573

This uses a class that maps strftime placeholders to the appropriate ICU
patterns. I am using the fallback-intl branch here which provides an
English-only fallback when the intl extension is not available.

Core has only two places where strftime is used: dformat() and the
SimplePie feed parser. Both are adjusted with this patch. For the latter
a custom Item class had to be registered. For better separation all our
FeedParser classes have been moved to the Feed namespace where our
FeedCreator classes already reside.

Note that this will currently be a degration for users without intl as
it will fall back to date and not to the still available strftime.

show more ...

Revert "use a dispatcher to access static image files"

This reverts commit 944e9ba7254387adb60f253b0d8796f2276096b1.

It was accidentally pused to master before review. A PR with a revert
for the re

Revert "use a dispatcher to access static image files"

This reverts commit 944e9ba7254387adb60f253b0d8796f2276096b1.

It was accidentally pused to master before review. A PR with a revert
for the revert will be pushed shortly.

show more ...

use a dispatcher to access static image files

This makes it possible to replace default images in an update safe way.
It also addresses the issue raised in dokuwiki/docker#16

A .htaccess rewrite ca

use a dispatcher to access static image files

This makes it possible to replace default images in an update safe way.
It also addresses the issue raised in dokuwiki/docker#16

A .htaccess rewrite catches any direct accesses that might come in from
plugins.

show more ...

Use str_starts_with/str_ends_with

minor cleanup in the renderers

apply code sniffer rules to inc/parser as well

recover comments in list

Apply rector fixes to inc/parser

fix XSS in RSS syntax

The title was not correctly escaped when written to the doc in xhtml
renderer.

SimplePie does no content escaping on its own (a comment in the code
seems to suggest that that

fix XSS in RSS syntax

The title was not correctly escaped when written to the doc in xhtml
renderer.

SimplePie does no content escaping on its own (a comment in the code
seems to suggest that that was assumed). Instead the content is passed
on as-is from the feed.

This patch also applies some more escaping on the description output
(though it should have been relatively safe thanks to the use of
striptags).

This was discovered by @ry0tak and reported in
https://huntr.dev/bounties/c6119106-1a5c-464c-94dd-ee7c5d0bece0/

show more ...

Merge branch 'pr/3908'

* pr/3908:
JPEGMeta: clean up exception handling
Fix: Do not garbage collect the JpegMeta object after reading a tag
Replace check for null with cast to string
Fix: Re

Merge branch 'pr/3908'

* pr/3908:
JPEGMeta: clean up exception handling
Fix: Do not garbage collect the JpegMeta object after reading a tag
Replace check for null with cast to string
Fix: Rework error handling in JpegMeta marker reading
Replace is_null() check with count()
Fix: Padding in _getFixedString, log the path of damaged images
Fix: PHP8-related JpegMeta.php fixes
Backwards Compatibility: Don't error if finishSectionEdit is called without first startSectionEdit
Fix: 'E_WARNING: Uninitialized string offset -1' on some templates
Fix: 'E_WARNING: Undefined array key "_data"'

show more ...

clean up parserutils (reformatting mostly)

Replace is_null() check with count()

Backwards Compatibility: Don't error if finishSectionEdit is called without first startSectionEdit

Merge pull request #3798 from splitbrain/nofootshoot

Remove the htmlok and phpok embedding options

Update core code to make use of sexplode()

This makes use of our own explode mechanism everywhere were we expect a
fixed number of results.