diff --git a/.travis.yml b/.travis.yml index 708cc2c33..2e3c44ac6 100644 --- a/.travis.yml +++ b/.travis.yml @@ -9,6 +9,7 @@ php: - '7.0' - '7.2' - '7.3' + - '7.4' jobs: include: diff --git a/VERSION.txt b/VERSION.txt index ff2fd4fbe..9eadd6baa 100644 --- a/VERSION.txt +++ b/VERSION.txt @@ -1 +1 @@ -1.8.5 \ No newline at end of file +1.8.6 \ No newline at end of file diff --git a/qa-config-example.php b/qa-config-example.php index 707963069..7f555c658 100644 --- a/qa-config-example.php +++ b/qa-config-example.php @@ -197,6 +197,6 @@ define('QA_DEBUG_PERFORMANCE', false); /* - And lastly... if you want to, you can predefine any constant from qa-db-maxima.php in this - file to override the default setting. Just make sure you know what you're doing! + And lastly... if you want to, you can predefine any constant from qa-include/db/maxima.php in + this file to override the default setting. Just make sure you know what you're doing! */ diff --git a/qa-external-example/qa-external-users.php b/qa-external-example/qa-external-users.php index 5f12bfabc..d0cf41bc6 100644 --- a/qa-external-example/qa-external-users.php +++ b/qa-external-example/qa-external-users.php @@ -581,7 +581,7 @@ function qa_get_users_html($userids, $should_include_link, $relative_url_prefix) * * If $padding is true, the HTML you return should render to a square of $size x $size pixels, * even if the avatar is not square. This can be achieved using CSS padding - see function - * qa_get_avatar_blob_html(...) in qa-app-format.php for an example. If $padding is false, + * qa_get_avatar_blob_html(...) in app/format.php for an example. If $padding is false, * the HTML can render to anything which would fit inside a square of $size x $size pixels. * * Note that this function may be called many times to render an individual page, so it is not diff --git a/qa-include/app/users.php b/qa-include/app/users.php index 196990935..c36f5de14 100644 --- a/qa-include/app/users.php +++ b/qa-include/app/users.php @@ -125,7 +125,7 @@ function qa_get_logged_in_points() $qa_cached_logged_in_points = qa_db_select_with_pending(qa_db_user_points_selectspec(qa_get_logged_in_userid(), true)); } - return $qa_cached_logged_in_points['points']; + return isset($qa_cached_logged_in_points['points']) ? $qa_cached_logged_in_points['points'] : null; } @@ -1254,7 +1254,7 @@ function qa_user_userfield_label($userfield) 'website' => 'users/website', ); - if (isset($defaultlabels[$userfield['title']])) + if (isset($userfield['title']) && isset($defaultlabels[$userfield['title']])) return qa_lang($defaultlabels[$userfield['title']]); } diff --git a/qa-include/pages/account.php b/qa-include/pages/account.php index e29aedb7a..d0aaed7a0 100644 --- a/qa-include/pages/account.php +++ b/qa-include/pages/account.php @@ -33,8 +33,11 @@ // Check we're not using single-sign on integration, that we're logged in -if (QA_FINAL_EXTERNAL_USERS) - qa_fatal_error('User accounts are handled by external code'); +if (QA_FINAL_EXTERNAL_USERS) { + header('HTTP/1.1 404 Not Found'); + echo qa_lang_html('main/page_not_found'); + qa_exit(); +} $userid = qa_get_logged_in_userid(); diff --git a/qa-include/pages/admin/admin-approve.php b/qa-include/pages/admin/admin-approve.php index fb3dbb4de..355893184 100644 --- a/qa-include/pages/admin/admin-approve.php +++ b/qa-include/pages/admin/admin-approve.php @@ -30,8 +30,11 @@ // Check we're not using single-sign on integration -if (QA_FINAL_EXTERNAL_USERS) - qa_fatal_error('User accounts are handled by external code'); +if (QA_FINAL_EXTERNAL_USERS) { + header('HTTP/1.1 404 Not Found'); + echo qa_lang_html('main/page_not_found'); + qa_exit(); +} // Find most flagged questions, answers, comments diff --git a/qa-include/pages/confirm.php b/qa-include/pages/confirm.php index 7026b178a..82c214153 100644 --- a/qa-include/pages/confirm.php +++ b/qa-include/pages/confirm.php @@ -72,7 +72,7 @@ if (strlen($handle) > 0) { // If there is a handle present in the URL $userInfo = qa_db_select_with_pending(qa_db_user_account_selectspec($handle, false)); - if (strtolower(trim($userInfo['emailcode'])) == strtolower($code)) { + if ($userInfo !== null && strtolower(trim($userInfo['emailcode'])) == strtolower($code)) { qa_complete_confirm($userInfo['userid'], $userInfo['email'], $userInfo['handle']); $userConfirmed = true; } diff --git a/qa-include/pages/hot.php b/qa-include/pages/hot.php index 366be8607..4aa33e846 100644 --- a/qa-include/pages/hot.php +++ b/qa-include/pages/hot.php @@ -31,7 +31,7 @@ // Get list of hottest questions, allow per-category if QA_ALLOW_UNINDEXED_QUERIES set in qa-config.php $categoryslugs = QA_ALLOW_UNINDEXED_QUERIES ? qa_request_parts(1) : null; -$countslugs = @count($categoryslugs); +$countslugs = $categoryslugs === null ? null : count($categoryslugs); $start = qa_get_start(); $userid = qa_get_logged_in_userid(); diff --git a/qa-include/pages/message.php b/qa-include/pages/message.php index ce734becd..2210138db 100644 --- a/qa-include/pages/message.php +++ b/qa-include/pages/message.php @@ -38,8 +38,11 @@ // Check we have a handle, we're not using Q2A's single-sign on integration and that we're logged in -if (QA_FINAL_EXTERNAL_USERS) - qa_fatal_error('User accounts are handled by external code'); +if (QA_FINAL_EXTERNAL_USERS) { + header('HTTP/1.1 404 Not Found'); + echo qa_lang_html('main/page_not_found'); + qa_exit(); +} if (!strlen($handle)) qa_redirect('users'); diff --git a/qa-include/pages/messages.php b/qa-include/pages/messages.php index c08846018..d820c7dca 100644 --- a/qa-include/pages/messages.php +++ b/qa-include/pages/messages.php @@ -43,8 +43,11 @@ else return include QA_INCLUDE_DIR . 'qa-page-not-found.php'; -if (QA_FINAL_EXTERNAL_USERS) - qa_fatal_error('User accounts are handled by external code'); +if (QA_FINAL_EXTERNAL_USERS) { + header('HTTP/1.1 404 Not Found'); + echo qa_lang_html('main/page_not_found'); + qa_exit(); +} if (!isset($loginUserId)) { $qa_content = qa_content_prepare(); diff --git a/qa-include/pages/register.php b/qa-include/pages/register.php index dacde6c39..341339b10 100644 --- a/qa-include/pages/register.php +++ b/qa-include/pages/register.php @@ -76,6 +76,8 @@ // Process submitted form +$errors = array(); + if (qa_clicked('doregister')) { require_once QA_INCLUDE_DIR . 'app/limits.php'; diff --git a/qa-include/pages/unanswered.php b/qa-include/pages/unanswered.php index 5596c6825..820e2ac47 100644 --- a/qa-include/pages/unanswered.php +++ b/qa-include/pages/unanswered.php @@ -36,7 +36,7 @@ else $categoryslugs = null; -$countslugs = @count($categoryslugs); +$countslugs = $categoryslugs === null ? null : count($categoryslugs); $by = qa_get('by'); $start = qa_get_start(); $userid = qa_get_logged_in_userid(); diff --git a/qa-include/pages/user-profile.php b/qa-include/pages/user-profile.php index d51af83e2..8842bf186 100644 --- a/qa-include/pages/user-profile.php +++ b/qa-include/pages/user-profile.php @@ -343,7 +343,7 @@ $qa_content['title'] = qa_lang_html_sub('profile/user_x', $userhtml); $qa_content['error'] = @$errors['page']; -if (isset($loginuserid) && $loginuserid != $useraccount['userid'] && !QA_FINAL_EXTERNAL_USERS) { +if (!QA_FINAL_EXTERNAL_USERS && isset($loginuserid) && $loginuserid != $useraccount['userid']) { $favoritemap = qa_get_favorite_non_qs_map(); $favorite = @$favoritemap['user'][$useraccount['userid']]; @@ -753,7 +753,7 @@ 'bonus' => array( 'label' => qa_lang_html('profile/bonus_points'), 'tags' => 'name="bonus"', - 'value' => qa_html(isset($inbonus) ? $inbonus : $userpoints['bonus']), + 'value' => qa_html(isset($inbonus) ? $inbonus : @$userpoints['bonus']), 'type' => 'number', 'note' => qa_lang_html('users/only_shown_admins'), 'id' => 'bonus', diff --git a/qa-include/pages/user-wall.php b/qa-include/pages/user-wall.php index 7de8ef3db..579a895eb 100644 --- a/qa-include/pages/user-wall.php +++ b/qa-include/pages/user-wall.php @@ -30,8 +30,11 @@ // Check we're not using single-sign on integration, which doesn't allow walls -if (QA_FINAL_EXTERNAL_USERS) - qa_fatal_error('User accounts are handled by external code'); +if (QA_FINAL_EXTERNAL_USERS) { + header('HTTP/1.1 404 Not Found'); + echo qa_lang_html('main/page_not_found'); + qa_exit(); +} // $handle, $userhtml are already set by /qa-include/page/user.php diff --git a/qa-include/pages/users-blocked.php b/qa-include/pages/users-blocked.php index d1a047de2..d0197a7bd 100644 --- a/qa-include/pages/users-blocked.php +++ b/qa-include/pages/users-blocked.php @@ -32,7 +32,9 @@ // Check we're not using single-sign on integration if (QA_FINAL_EXTERNAL_USERS) { - qa_fatal_error('User accounts are handled by external code'); + header('HTTP/1.1 404 Not Found'); + echo qa_lang_html('main/page_not_found'); + qa_exit(); } diff --git a/qa-include/pages/users-newest.php b/qa-include/pages/users-newest.php index 5ea5deb1a..4fd03de80 100644 --- a/qa-include/pages/users-newest.php +++ b/qa-include/pages/users-newest.php @@ -31,7 +31,9 @@ // Check we're not using single-sign on integration if (QA_FINAL_EXTERNAL_USERS) { - qa_fatal_error('User accounts are handled by external code'); + header('HTTP/1.1 404 Not Found'); + echo qa_lang_html('main/page_not_found'); + qa_exit(); } diff --git a/qa-include/pages/users-special.php b/qa-include/pages/users-special.php index 7cdfbb717..4e12bf27d 100644 --- a/qa-include/pages/users-special.php +++ b/qa-include/pages/users-special.php @@ -32,7 +32,9 @@ // Check we're not using single-sign on integration if (QA_FINAL_EXTERNAL_USERS) { - qa_fatal_error('User accounts are handled by external code'); + header('HTTP/1.1 404 Not Found'); + echo qa_lang_html('main/page_not_found'); + qa_exit(); } diff --git a/qa-include/qa-base.php b/qa-include/qa-base.php index 6efadd85f..01ba4040f 100644 --- a/qa-include/qa-base.php +++ b/qa-include/qa-base.php @@ -20,8 +20,8 @@ */ -define('QA_VERSION', '1.8.5'); // also used as suffix for .js and .css requests -define('QA_BUILD_DATE', '2020-07-15'); +define('QA_VERSION', '1.8.6'); // also used as suffix for .js and .css requests +define('QA_BUILD_DATE', '2021-04-20'); /** @@ -1024,7 +1024,7 @@ function qa_sanitize_html($html, $linksnewwindow = false, $storage = false) $safe = htmLawed($html, array( 'safe' => 1, - 'elements' => '*-form-style', + 'elements' => '*-form-input-select-textarea-style', 'schemes' => 'href: aim, feed, file, ftp, gopher, http, https, irc, mailto, news, nntp, sftp, ssh, telnet; *:file, http, https; style: !; classid:clsid', 'keep_bad' => 0, 'anti_link_spam' => array('/.*/', ''), diff --git a/qa-include/qa-feed.php b/qa-include/qa-feed.php index 2703c3ad3..f2b7c7fcd 100644 --- a/qa-include/qa-feed.php +++ b/qa-include/qa-feed.php @@ -74,7 +74,7 @@ function qa_feed_not_found() function qa_feed_load_ifcategory($categoryslugs, $allkey, $catkey, &$title, $questionselectspec1 = null, $questionselectspec2 = null, $questionselectspec3 = null, $questionselectspec4 = null) { - $countslugs = @count($categoryslugs); + $countslugs = $categoryslugs === null ? null : count($categoryslugs); list($questions1, $questions2, $questions3, $questions4, $categories, $categoryid) = qa_db_select_with_pending( $questionselectspec1, @@ -165,7 +165,7 @@ function qa_feed_load_ifcategory($categoryslugs, $allkey, $catkey, &$title, break; } -$countslugs = @count($categoryslugs); +$countslugs = $categoryslugs === null ? null : count($categoryslugs); if (!isset($feedoption)) qa_feed_not_found(); diff --git a/qa-include/qa-theme-base.php b/qa-include/qa-theme-base.php index 9069b7406..8e1723149 100644 --- a/qa-include/qa-theme-base.php +++ b/qa-include/qa-theme-base.php @@ -743,7 +743,7 @@ public function page_title_error() if (isset($favorite)) $this->output('
'); - $this->output('
'); + $this->output('
'); $this->favorite(); $this->output('

'); $this->title(); @@ -1713,7 +1713,7 @@ public function q_item_clear() public function q_item_title($q_item) { $this->output( - '
', + '
', '' . $q_item['title'] . '', // add closed note in title empty($q_item['closed']['state']) ? '' : ' [' . $q_item['closed']['state'] . ']', @@ -2198,7 +2198,7 @@ public function q_view_content($q_view) { $content = isset($q_view['content']) ? $q_view['content'] : ''; - $this->output('
'); + $this->output('
'); $this->output_raw($content); $this->output('
'); } @@ -2361,7 +2361,7 @@ public function a_item_content($a_item) $a_item['content'] = ''; } - $this->output('
'); + $this->output('
'); $this->output_raw($a_item['content']); $this->output('
'); } diff --git a/qa-include/util/external-users-wp.php b/qa-include/util/external-users-wp.php index f97570ba3..2c091f71b 100644 --- a/qa-include/util/external-users-wp.php +++ b/qa-include/util/external-users-wp.php @@ -58,6 +58,9 @@ function qa_get_logged_in_user() else $level = QA_USER_LEVEL_BASIC; + // flush WP email cache (for displaying avatars) + qa_get_public_from_userids([$wordpressuser->ID]); + return array( 'userid' => $wordpressuser->ID, 'publicusername' => $wordpressuser->user_nicename, diff --git a/qa-plugin/wysiwyg-editor/qa-wysiwyg-ajax.php b/qa-plugin/wysiwyg-editor/qa-wysiwyg-ajax.php index da16ffb25..6575e2222 100644 --- a/qa-plugin/wysiwyg-editor/qa-wysiwyg-ajax.php +++ b/qa-plugin/wysiwyg-editor/qa-wysiwyg-ajax.php @@ -31,7 +31,7 @@ public function match_request($request) // Fix path to WYSIWYG editor smileys public function process_request($request) { - require_once QA_INCLUDE_DIR.'qa-app-posts.php'; + require_once QA_INCLUDE_DIR . 'app/posts.php'; // smiley replacement regexes $rxSearch = '<(img|a)([^>]+)(src|href)="([^"]+)/wysiwyg-editor/plugins/smiley/images/([^"]+)"'; diff --git a/qa-theme/SnowFlat/qa-theme.php b/qa-theme/SnowFlat/qa-theme.php index 921768b79..0a13eba96 100644 --- a/qa-theme/SnowFlat/qa-theme.php +++ b/qa-theme/SnowFlat/qa-theme.php @@ -364,7 +364,7 @@ public function q_item_title($q_item) : '' . $closedText . ''; $this->output( - '
', + '
', // add closed note in title $imgHtml, '' . $q_item['title'] . '',