Age | Commit message (Collapse) | Author |
|
|
|
* Fix some PHP8.1 deprecation warnings
* another fix
* couple more fixes
* couple more fixes
* fix another warning
|
|
* add return type declartions #17686
should not break anything and gets rid of a warning
* add return type to method signature #17686
* annotate return types to avoid warnings
* add more return types
* upgrade phpmailer/phpmailer to 6.5.1
* add return types, avoid deprecated null to string conversion
* fix some deprecation warnings for php 8.1 #17686
* fix in DbHelper::getInstallVersion() instead #17686
* ensure empty(DbHelper::getInstallVersion()) succeed #17686
* force return "0" string and adjust test
Co-authored-by: Justin Velluppillai <justin@innocraft.com>
|
|
* don't pass null to PDOStatement::fetch()
* use FETCH_BOTH as default
* do not set default value for $style
it's set in the method if null was given
Co-authored-by: Stefan Giehl <stefan@matomo.org>
|
|
later via mysqli_ssl_set (#17788)
|
|
* Use safe_unserialize in Session
* Allow Notification class in session
* update readme
|
|
Noticed it exceeded 512MB, then 2GB, ...
It was running in an endless loop because
> PHP Fatal error: Uncaught ArgumentCountError: Too few arguments to function Zend_Session_Exception::handleSessionStartError(), 4 passed and exactly 5 expected i
See https://www.php.net/manual/en/function.set-error-handler.php
> Since PHP 8: errcontext was removed, and will no longer be passed to user callbacks.
There might be also other places where we maybe use error handler
|
|
|
|
fix https://wordpress.org/support/topic/an-error-occurred-session-already-started/#topic-12961322-replies
The code should actually not be needed as we added a while ago `session_status()` to correctly check if a session is already active or not. SID constant is not realiable.
In this case problem was this https://3v4l.org/bpUFK
Basically a session was started by some other plugin causing the SID constant to be set. The plugin also directly closed the session again so we still attempted to start the session (which is correct). But then Zend falsely assumes session is started because of the SID constant when there is actually no session.
SID is not reliable for this purpose and be better to rely on `session_status()` which we added a while backa
|
|
* require composer package phpmailer/phpmailer
* change mail class to use phpmailer instead of Zend_Mail
* removes Zend_Mail and Zend_Mime
* submodule
* fix tests
* enable smtp debug for test mail command
* fix embedded images
* set language for phpmailer
* apply some review feedback
* removes Zend_Validate (#15907)
* don't inline file without cid
* submodule update
* fix test
* decouples Mail class from PHPMailer and moves sending mails to new transport layer
* submodule
* cleanup
* unset xmailer header
* simplify mail attachment handling
* adds methods to add bcc recipients
* change implementation of setReplyTo
|
|
(#15919)
* Bind param values manually since PDOStatement::execute() will assume params are all strings. This causes null values to not be bound correctly.
* Add insert null value test.
* move test
* undo submodule changes
|
|
* remove useless return
* remove useless return
|
|
* let's PHP say is leap or not
* try to return a void function
|
|
(#15561)
|
|
|
|
|
|
* Avoid using getmypid
* use cache for pid
* revert previous change and not use cache
* Added method for getmypid
|
|
* Set SameSite=lax for session cookie
* Update warning text when Matomo is installed on HTTP
* urlencode all session cookie values
|
|
We have a `unix_socket` setting to connect using this setting instead of host & port. It is being used in the Mysqli Tracker DB but by the looks not in the MySQLi core db. Haven't tested it but should work and at least won't make it worse :)
|
|
* Better detection of a succesfull start of a session
Differentiate between errors and warnings in session error handler and only assume session was not started if there was an error triggered. It should not throw an exception if there was only a notice or a warning.
* Update Session.php
|
|
(#15095)
* Fix zend session hides actual error when there are two or more errors/notices/warnings
Need to append each warning.
* Adding a space to separate errors.
|
|
* Fix error session already started
Got this error when going on eg `index.php?module=PrivacyManager&action=privacySettings&idSite=1&period=week&date=2019-09-20` and a session was started by another tool. That page uses NONCE which then uses SessionNamespace which then wants to start the session even though it was already started.
I don't think I can write a test for it but need to see.
* add test
|
|
|
|
* use PHP filter to validate E-Mails
* remove failing test
* only test with ASCII TLDs as others seem to fail
* remove Zend_Validate_EmailAddress config and class
|
|
|
|
Only the files declaring a shebang have their execution bit set.
Everything else is not executable to avoid possible security issues
|
|
* Mysql SSL connection support from pull request #8049
* updated minified js
* Add ssl_no_verify config option for skipping certificate verification (works only on some PHP setups).
* Remove TODO comment from DbOverSSLCheck diagnostic, will create issue.
* Skip test if SSL is not enabled
* Undo changes to piwik.js for tests.
* Tweak to DbSSLTest.
|
|
* Update list of valid hostnames
* remove duplicates
|
|
* Fix the build
* UI tests
* Submodules
* UI test
|
|
|
|
* Ignore idvisitor in system tests as it always changes in each test
* Skip email tests in case intl extension is not installed
* Update ui tests
|
|
|
|
|
|
Test for PR #9486, Validate allowed TLDs with current IANA list
|
|
|
|
dependencies
|
|
We should allow for 63 characters TLDs, according to RFC 1035, instead of arbitrary 10.
https://en.wikipedia.org/wiki/Domain_Name_System#cite_ref-rfc1034_1-2
As far as minimum length of 2 is acceptable, becuse IANA says that it isn't likely to introduce 1 character TLD, maximium length is too short.
This partially resolves #9485
|
|
Added where where missing
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
unused now and can be removed
|
|
|
|
|
|
|
|
core/ conversion
|