Searched hist:"8 f34cf3d32c9c091caa658472bd4e3a8270969a8" (Results 1 – 4 of 4) sorted by relevance
| /dokuwiki/inc/ |
| H A D | search.php | 77244e70121648abe518b25ad9d4b7b65f03f7d7 Thu Nov 29 21:14:56 UTC 2018 Michael Hamann <michael@content-space.de> Security: Fix ACL check in search_allpages
Due to the changes in 8f34cf3d32c9c091caa658472bd4e3a8270969a8, the ACL
check in search_allpages was only executed when 'skipacl' has been
explicitly set to false. Otherwise, only ACLs for namespaces were
checked (unless the sneakyacl option was passed). The documentation
states that the default for 'skipacl' is false, so setting it to false
shouldn't be necessary.
From all I can see, this does not concern DokuWiki itself as
search_allpages is never used without the 'skipacl' option explicitly
set to true or false. However, this causes serious security issues in
plugins that rely on this ACL check in search_allpages like the include
plugin.
8f34cf3d32c9c091caa658472bd4e3a8270969a8 Wed Jul 26 14:35:49 UTC 2017 Michael Große <grosse@cosmocode.de> Fix PHP Notices: Reduce error log noise
While DokuWiki suppresses PHP Notices they are still a code smell and
should be fixed. This fixes some PHP Notices that occurred.
Some of these fixes could be refactored into nicer code once we move to
PHP 7 and get access to the `??` operator.
|
| /dokuwiki/inc/parser/ |
| H A D | renderer.php | 8f34cf3d32c9c091caa658472bd4e3a8270969a8 Wed Jul 26 14:35:49 UTC 2017 Michael Große <grosse@cosmocode.de> Fix PHP Notices: Reduce error log noise
While DokuWiki suppresses PHP Notices they are still a code smell and
should be fixed. This fixes some PHP Notices that occurred.
Some of these fixes could be refactored into nicer code once we move to
PHP 7 and get access to the `??` operator.
|
| H A D | xhtml.php | 8f34cf3d32c9c091caa658472bd4e3a8270969a8 Wed Jul 26 14:35:49 UTC 2017 Michael Große <grosse@cosmocode.de> Fix PHP Notices: Reduce error log noise
While DokuWiki suppresses PHP Notices they are still a code smell and
should be fixed. This fixes some PHP Notices that occurred.
Some of these fixes could be refactored into nicer code once we move to
PHP 7 and get access to the `??` operator.
|
| /dokuwiki/lib/exe/ |
| H A D | css.php | 8f34cf3d32c9c091caa658472bd4e3a8270969a8 Wed Jul 26 14:35:49 UTC 2017 Michael Große <grosse@cosmocode.de> Fix PHP Notices: Reduce error log noise
While DokuWiki suppresses PHP Notices they are still a code smell and
should be fixed. This fixes some PHP Notices that occurred.
Some of these fixes could be refactored into nicer code once we move to
PHP 7 and get access to the `??` operator.
|