replace deprecated utf8_encode #4354

fix error on phrase search with no results. fixes #4355

When no pages for a phrase can be found, eg. because the index is still
empty, end($stack) returns false instead of an array, breaking the
fol

fix error on phrase search with no results. fixes #4355

When no pages for a phrase can be found, eg. because the index is still
empty, end($stack) returns false instead of an array, breaking the
following loop.

show more ...

Fix MD5 hash calculation

Fix mismatch between search_allpages (local) and core.listPages (XMLRPC) API call hash calculation.

Time markup for Last Changed field

This adds semantic markup to the "last change" date in the article footer. This change should not have any impact on the rendering of the page.

change use order for codesniffer happyness

�� Rector and PHPCS fixes

ignore codesniffer on override method

Replace strftime with Intl ICU. Fixes #3573

This uses a class that maps strftime placeholders to the appropriate ICU
patterns. I am using the fallback-intl branch here which provides an
English-only

Replace strftime with Intl ICU. Fixes #3573

This uses a class that maps strftime placeholders to the appropriate ICU
patterns. I am using the fallback-intl branch here which provides an
English-only fallback when the intl extension is not available.

Core has only two places where strftime is used: dformat() and the
SimplePie feed parser. Both are adjusted with this patch. For the latter
a custom Item class had to be registered. For better separation all our
FeedParser classes have been moved to the Feed namespace where our
FeedCreator classes already reside.

Note that this will currently be a degration for users without intl as
it will fall back to date and not to the still available strftime.

show more ...

translation update

Revert "use a dispatcher to access static image files"

This reverts commit 944e9ba7254387adb60f253b0d8796f2276096b1.

It was accidentally pused to master before review. A PR with a revert
for the re

Revert "use a dispatcher to access static image files"

This reverts commit 944e9ba7254387adb60f253b0d8796f2276096b1.

It was accidentally pused to master before review. A PR with a revert
for the revert will be pushed shortly.

show more ...

use a dispatcher to access static image files

This makes it possible to replace default images in an update safe way.
It also addresses the issue raised in dokuwiki/docker#16

A .htaccess rewrite ca

use a dispatcher to access static image files

This makes it possible to replace default images in an update safe way.
It also addresses the issue raised in dokuwiki/docker#16

A .htaccess rewrite catches any direct accesses that might come in from
plugins.

show more ...

make sure stderr is defined in logger

STDERR is only defined when PHP is called from the command line.

In the docker health check we set DOKU_UNITTEST to make sure that errors
trigger exceptions in

make sure stderr is defined in logger

STDERR is only defined when PHP is called from the command line.

In the docker health check we set DOKU_UNITTEST to make sure that errors
trigger exceptions instead being logged only. However when the error
then is also written to STDERR it fails.

This patch makes sure the data is written to PHP's STDERR stream handler
instead.

Should fix dokuwiki/docker#15

show more ...

translation update

Use the reflection method

Forgot to lowercase the result

Update AbstractAction.php

PHP 8 makes this method faster that the previous SubstringStrChr method mentioned in https://stackoverflow.com/a/27457689

alternative token header support

The Authorization header is not always passed on to PHP, depending on
the setup (See https://stackoverflow.com/q/34472303 for examples and
workarounds).

This patch

alternative token header support

The Authorization header is not always passed on to PHP, depending on
the setup (See https://stackoverflow.com/q/34472303 for examples and
workarounds).

This patch adds support for an alternative X-DokuWiki-Token header that
can be used when using token authentication and the standard
Authorization header can not be used.

show more ...

Fix stored XSS vulnerability via do=export_metadata #4305

This prevents metadata export in general and also ensures the the
temporary $doc property in the metadata renderer is cleared in
document_end

translation update

Move JWT token into metadir #4239

Moving JWT token store away from cache directory,
to have long-lived authentication files properly stored.

Using sha256 on the files instead of md5, to help mitiga

Move JWT token into metadir #4239

Moving JWT token store away from cache directory,
to have long-lived authentication files properly stored.

Using sha256 on the files instead of md5, to help mitigate
potential hash collision as filenames are based on username.

show more ...

Support Woltlab password hashes

The Woltlab forum software uses bcrypt passwords, but prefixes them with
"Bcrypt:". This adds support for this in our PassHash class.

Log in local time instead of utc

translation update

�� Rector and PHPCS fixes

translation update