diff --git a/build/build.xml b/build/build.xml index b6391b011d..40709ccfde 100644 --- a/build/build.xml +++ b/build/build.xml @@ -3,8 +3,8 @@ - - + + diff --git a/phpBB/adm/style/admin.js b/phpBB/adm/style/admin.js index 3d37b0c331..ff89458ca8 100644 --- a/phpBB/adm/style/admin.js +++ b/phpBB/adm/style/admin.js @@ -123,8 +123,8 @@ function parse_document(container) } if ((text.length && text !== '-') || cell.children().length) { - if (headers[column] != '') { - cell.prepend('' + headers[column] + ''); + if (headers[column].length) { + cell.prepend($("").css('display', 'none').text(headers[column])); } } else { @@ -145,7 +145,7 @@ function parse_document(container) */ container.find('table.responsive > tbody').each(function() { var items = $(this).children('tr'); - if (items.length == 0) + if (!items.length) { $(this).parent('table:first').addClass('responsive-hide'); } @@ -159,7 +159,6 @@ function parse_document(container) if ($this.html() == ' ') { $this.addClass('responsive-hide'); } - }); /** @@ -175,7 +174,6 @@ function parse_document(container) $this.value = inputChars.slice(0, maxLength).join(''); } }); - }); /** @@ -202,7 +200,7 @@ function parse_document(container) var width = $body.width(), height = $this.height(); - if (arguments.length == 0 && (!responsive || width <= lastWidth) && height <= maxHeight) { + if (!arguments.length && (!responsive || width <= lastWidth) && height <= maxHeight) { return; } diff --git a/phpBB/adm/style/ajax.js b/phpBB/adm/style/ajax.js index 67956e946a..2c364bcd86 100644 --- a/phpBB/adm/style/ajax.js +++ b/phpBB/adm/style/ajax.js @@ -284,14 +284,20 @@ function submitPermissions() { if ($alertBoxLink) { // Remove forum_id[] from URL $alertBoxLink.attr('href', $alertBoxLink.attr('href').replace(/(&forum_id\[\]=[0-9]+)/g, '')); - var previousPageForm = '
'; - $.each(forumIds, function (key, value) { - previousPageForm += ''; + const $previousPageForm = $('').attr({ + action: $alertBoxLink.attr('href'), + method: 'post' + }); + + $.each(forumIds, function (key, value) { + $previousPageForm.append($('').attr({ + type: 'text', + name: 'forum_id[]', + value: value + })); }); - previousPageForm += '
'; $alertBoxLink.on('click', function (e) { - var $previousPageForm = $(previousPageForm); $('body').append($previousPageForm); e.preventDefault(); $previousPageForm.submit(); @@ -306,12 +312,19 @@ function submitPermissions() { setTimeout(function () { // Create forum to submit using POST. This will prevent // exceeding the maximum length of URLs - var form = '
'; - $.each(forumIds, function (key, value) { - form += ''; + const $form = $('').attr({ + action: res.REFRESH_DATA.url.replace(/(&forum_id\[\]=[0-9]+)/g, ''), + method: 'post' }); - form += '
'; - $form = $(form); + + $.each(forumIds, function (key, value) { + $form.append($('').attr({ + type: 'text', + name: 'forum_id[]', + value: value + })); + }); + $('body').append($form); // Hide the alert even if we refresh the page, in case the user diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html index 06cd3c9316..3b4a42bed3 100644 --- a/phpBB/docs/CHANGELOG.html +++ b/phpBB/docs/CHANGELOG.html @@ -50,6 +50,7 @@
  1. Changelog
      +
    • Changes since 3.3.15-RC1
    • Changes since 3.3.14
    • Changes since 3.3.14-RC1
    • Changes since 3.3.13
      • @@ -174,6 +175,16 @@
      +

      Changes since 3.3.15-RC1

      +

      Bug

      +
        +
      • [PHPBB-17480] - PHP fatal error in version check failure
        • +
      +

      Security Issue

      +
        +
      • [SECURITY-283] - Use jQuery to generate HTML from page data
        • +
      +

      Changes since 3.3.14

      Bug

        diff --git a/phpBB/phpbb/db/migration/data/v33x/v3315.php b/phpBB/phpbb/db/migration/data/v33x/v3315.php new file mode 100644 index 0000000000..23028602f6 --- /dev/null +++ b/phpBB/phpbb/db/migration/data/v33x/v3315.php @@ -0,0 +1,36 @@ + + * @license GNU General Public License, version 2 (GPL-2.0) + * + * For full copyright and license information, please see + * the docs/CREDITS.txt file. + * + */ + +namespace phpbb\db\migration\data\v33x; + +class v3315 extends \phpbb\db\migration\migration +{ + public function effectively_installed() + { + return version_compare($this->config['version'], '3.3.15', '>='); + } + + public static function depends_on() + { + return [ + '\phpbb\db\migration\data\v33x\v3315rc1', + ]; + } + + public function update_data() + { + return [ + ['config.update', ['version', '3.3.15']], + ]; + } +} diff --git a/phpBB/styles/prosilver/template/forum_fn.js b/phpBB/styles/prosilver/template/forum_fn.js index 5a9eabc239..7ac04a5f39 100644 --- a/phpBB/styles/prosilver/template/forum_fn.js +++ b/phpBB/styles/prosilver/template/forum_fn.js @@ -476,7 +476,7 @@ function parseDocument($container) { html = $children.html(); } - $block.append((first ? '' : '
        ') + html); + $block.append((first ? '' : '
        ') + html); first = false; }); @@ -496,7 +496,7 @@ function parseDocument($container) { // Find all headers, get contents $list.prev('.topiclist').find('li.header dd').not('.mark').each(function() { - headers.push($(this).text()); + headers.push($("
        ").text($(this).text()).html()); headersLength++; }); @@ -533,7 +533,7 @@ function parseDocument($container) { html = headers[i] + ': ' + html + ''; } - $block.append((first ? '' : '
        ') + html); + $block.append((first ? '' : '
        ') + html); first = false; }); @@ -599,7 +599,9 @@ function parseDocument($container) { } if ((text.length && text !== '-') || cell.children().length) { - cell.prepend('' + headers[column] + ''); + if (headers[column].length) { + cell.prepend($("").css('display', 'none').text(headers[column])); + } } else { cell.addClass('empty'); }