Commit Graph

1722 Commits

Author SHA1 Message Date
Andrew Nicols 493bef4270 MDL-81316 core: Encode anchor fragments properly to RFC 3986 2024-04-04 16:04:37 +08:00
Jake Dallimore 8e9abf5bd6 MDL-81313 core: Revert "Merge branch 'MDL-80338-403'
This reverts commit 3905247a84, reversing
changes made to 4414c4598e.
2024-03-21 11:30:10 +08:00
Paul Holden 120e0af3de MDL-80338 core: encode moodle_url instance anchor properties. 2024-02-07 12:21:33 +00:00
Jun Pataleta 05ab53734b Merge branch 'MDL-80079-403' of https://github.com/andrewnicols/moodle into MOODLE_403_STABLE 2023-12-06 21:59:11 +08:00
Paul Holden fccf80c3a3 MDL-80185 lang: use iso6391 language code for HTML lang attributes.
This resolves accessibility issues where Moodle language pack codes
didn't always map to correspondingly named iso6391 codes.

Where this value is defined in the language configuration, it will
now be used.
2023-11-21 22:55:21 +00:00
Andrew Nicols d5993fffd4 MDL-80079 core: Correct incorrect arg to format_text::$options 2023-11-14 22:28:55 +08:00
Andrew Nicols 136bd2c4c4 MDL-80079 core: Correct incorrect arg to format_string::$options 2023-11-14 22:28:55 +08:00
Jun Pataleta bf68987951 MDL-77651 core: Hide left/right arrow characters for link_arrow_xx()
* The arrow characters in link_arrow_right() and link_arrow_left()
functions get announced by screen readers. This causes confusion
and is unnecessary.
2023-10-17 23:51:52 +08:00
Sara Arjona cc9430929d MDL-77708 docs: Update references from docs.moodle.org/dev 2023-09-26 10:30:19 +02:00
Jun Pataleta 1eb8ee32bb MDL-78806 core: Remove redundant site name
MDL-78806 core: Remove redundant site name on page titles

* With the site name now being appended to the page titles, there
is no need to manually append the page titles.
2023-09-09 08:58:54 +08:00
Paul Holden b30245b3e2 MDL-76974 javascript: convert remaining uses of old preferences API.
Implement component preference definition callbacks, update JS code
to use the `core_user/repository` module instead of the now deprecated
API.
2023-08-22 14:43:34 +01:00
Petr Skoda 989636b0de MDL-78505 core: stop mangling existing Mardown in text editors
The problem is that HTML Purifier is not compatible with Markdown,
that means we cannot sanitise Markdown texts before editing.

Luckily Markdown has to use plain text editor which does not have
XSS problems.

The only tiny downside is that Markdown cannot be allowed
in "trust text" areas any more.
2023-08-15 14:26:59 +02:00
Petr Skoda a50c2d4746 MDL-78505 Revert "MDL-32114 form: markdown must be preserved on saving post"
This partially reverts commit 4a31dd69d6.
2023-08-15 14:26:59 +02:00
Lior Gil e464bf3c7d MDL-76203 weblib: Add BDI support to the HTML purifier 2023-07-02 09:05:27 +03:00
Ilya Tregubov 346548e21a Merge branch 'MDL-78259-htmlpurify-media-tags' of https://github.com/DSI-Universite-Rennes2/moodle 2023-06-20 14:35:21 +08:00
Petr Skoda de9c69cf3c MDL-77525 filter: add filtering stages 2023-06-17 16:43:58 +02:00
Julien Boulen ea1253efa7 MDL-78259 weblib: purify audio/video tags as inline elements 2023-05-15 17:21:19 +02:00
Sara Arjona 440edc5e42 MDL-77735 core: Check $CFG->lang isset
In some cases, $CFG->lang might not be set, and this is causing a
Notice to be displayed when, for instance, database connection fails.
This patch should fix this case.
2023-04-14 13:46:18 +02:00
Sara Arjona 9ce4fb65fd Merge branch 'MDL-77164-master' of https://github.com/marinaglancy/moodle 2023-04-13 14:00:18 +02:00
Marina Glancy 8fc1486d36 MDL-77164 various: fix incorrect phpdocs 2023-04-13 11:35:06 +01:00
Anupama Sarjoshi e6a3295fba MDL-77148 core: Fix to export params for templates in correct format
When questions are filtered by tags in the question bank, the qtagids
params are passed in the array format. Though moodle_url handles this,
single_button::export_for_template cannot. Hence changes done in
weblib.php to provide params for export_for_template in the
suitable format.
Thanks Huong. I have added the Behat test you provided in the patch.
2023-04-06 13:22:01 +01:00
Eloy Lafuente (stronk7) 3faf1c1989 MDL-77714 general: Remove mentions to Travis CI in a few places
Not critical to have, but better don't mention it. Note that all
the cases need to stay because there may be other environments
where the same problems are reproducible.

Only exception is the CURL_SSLVERSION_TLSv1_2 constant, that
can be safely removed because it's available since PHP 5.5.19.
2023-03-22 19:17:14 +01:00
Andrew Nicols 5d3cb79f30 MDL-76362 core: Short circuit s() on empty values 2023-01-23 09:15:55 +08:00
Andrew Nicols 19bedb8eba MDL-76362 core: Short-circuit strip_querystring on empty values 2023-01-23 09:15:55 +08:00
Marina Glancy b0a83aa7bd MDL-76362 various: Avoid passing nulls to functions that don't allow nulls
PHP 8.1 is more strict on the parameter type. Functions such as trim(), strlen(), str_replace(), etc
show notice when null is passed as an argument
2023-01-23 09:15:54 +08:00
Stephan Robotta 4a31dd69d6 MDL-32114 form: markdown must be preserved on saving post
- Markdown is saved to the DB, no conversion to HTML to keep
  ability to reedit the content without beaking it.
- Blockquote element is styled that it's distingishable from
  normal text.
2023-01-05 18:34:44 +01:00
Matteo Scaramuccia 71883c2add MDL-72461 core: Required JS files in $PAGE served by the Moodle handler 2022-12-09 13:47:19 +01:00
Jun Pataleta 5935cd22c1 Merge branch 'MDL-76559-master' of https://github.com/andrewnicols/moodle 2022-12-07 22:41:20 +08:00
Andrew Nicols 7ce68020b8 MDL-76559 core: validate_email does not take false either 2022-12-07 21:40:18 +08:00
Jun Pataleta 5bc72f5176 Merge branch 'MDL-76559-master' of https://github.com/andrewnicols/moodle 2022-12-06 23:19:53 +08:00
Andrew Nicols f375cac31a MDL-76559 core: validate_email should not accept empty values 2022-12-06 20:53:30 +08:00
Andrew Nicols 8ddbc7b055 Merge branch 'MDL-76493-master' of https://github.com/marinaglancy/moodle 2022-12-02 12:15:20 +08:00
Marina Glancy a800e7e62f MDL-74853 various: add second parameter to htmlentities functions
Default value of the $flag argument changed in PHP 8.1 from ENT_COMPAT to ENT_QUOTES | ENT_SUBSTITUTE
To ensure consistent behavior across different PHP version the second parameter is now required for the functions:
htmlspecialchars(), htmlentities(), htmlspecialchars_decode(), html_entity_decode() and get_html_translation_table()
2022-11-28 16:12:20 +01:00
Marina Glancy e5f862d0b1 MDL-76493 core: make sure format_string(null) works on PHP 8.1 2022-11-26 14:02:32 +01:00
Jun Pataleta 03f298a71c MDL-72882 core: Use default site lang when user lang no longer available
* Check that the lang attribute for the output HTML exists. If not,
use the default site language.
* Also fix the current language for the user.
2022-11-03 13:27:11 +08:00
Jun Pataleta d4ba0359cf MDL-72885 core: Use get_html_lang_attribute_value()
Use get_html_lang_attribute_value() for formatting language codes
for the HTML lang attribute.
2022-05-27 19:38:54 +08:00
Jun Pataleta 92e080465e MDL-72885 core: New weblib function get_html_lang_attribute_value()
Converts a language code to hyphen-separated format in accordance to the
BCP47 syntax appropriate for the HTML lang attribute.

See
https://datatracker.ietf.org/doc/html/rfc5646#section-2.1
https://developer.mozilla.org/en-US/docs/Web/HTML/Global_attributes/lang
2022-05-27 19:38:54 +08:00
Andrew Nicols 4b388fc239 MDL-74235 core: Update core uses of activity icons to monologo 2022-04-07 12:56:14 +08:00
Frederic Massart 3aed37ee4d MDL-48269 group: Remove the option to hide the picture of a group
Plus additional amendments to Fred's original commit:
1. Updating the version numbers
2. Merging the original two-step upgrade below into one for simplicity:
   1. Deleting the pictures for groups with hidepicture set to 1; and
   2. Dropping the hidepicture field itself.
3. Converted array() usages to the short syntax [].
2021-02-16 12:46:58 +08:00
sangnguyen2601 39652702f0 MDL-70094 Question: Technical info section expands if click help icon 2020-11-18 18:03:08 +07:00
Brendan Heywood 16c209cbc0 MDL-69779 core: Improved the X-Redirect-By header when debugging is on 2020-10-11 09:48:12 +11:00
Peter Burnett b4623c8975 MDL-68820 web: Added referrer policy header setting 2020-06-03 15:18:19 +10:00
Brendan Heywood b07fdd1d6c MDL-67403 weblib: Add support for X-Redirect-By header 2019-12-18 15:02:32 +10:00
Paul Holden eb9f830604 MDL-66762 user: stricter email validation. 2019-11-07 09:00:19 +08:00
Eloy Lafuente (stronk7) 88d29a1bb8 MDL-66965 core: php74 curly 2 square braces changes
Note this only modified core files, still there are a lot
of curly brace uses but all them are within 3rd part
libraries and will be handled apart.
2019-10-25 17:41:10 +02:00
Jun Pataleta a7faa3f1c5 Merge branch 'MDL-66104' of git://github.com/stronk7/moodle 2019-08-12 14:51:59 +08:00
Brendan Heywood 32f805e079 MDL-66278 core: Add callback to show other password checks on signup 2019-08-07 14:12:04 +08:00
[Peter Burnett] e40ea418f4 MDL-66280 core: Added checks for empty password minimum length 2019-08-02 11:34:23 +10:00
Eloy Lafuente (stronk7) 764167136f MDL-66104 output: HTMLPurifier to allow <nolink> tags everywhere
Before the patch, HTMLPurifier was instructed to handle <nolink>
tags in block mode. That implies that any block tag enclosing it
had to be closed for HTML compliance.

But <noscript> tags are not part of the final output (they are
removed) but just internally used to skip filtering certain areas.

So they can be virtually everywhere, HTMLPurifier just should allow
them without any change, both to parent or children tags.
2019-08-01 17:52:33 +02:00
Juan Leyva 26e778d1b7 MDL-60680 file: Support any user id when creating tokens for files.
$includetoken parameter type has been changed. Now supports:
   boolean: False indicates to not include the token, true indicates to generate a token for the current user ($USER).
   integer: Indicates to generate a token for the user whose id is the integer value.
2019-04-23 13:16:15 +02:00