From bbfe37597a6f16b057a17b27057e10dc912f524f Mon Sep 17 00:00:00 2001 From: Ro Date: Sun, 14 Nov 2021 13:54:36 -0800 Subject: [PATCH] fixes for #63, #64, #65, updated composer dependencies --- brain/data/Book.inc.php | 5 +- brain/data/Render.inc.php | 8 +- brain/utility/DocTools.inc.php | 2 + composer.lock | 156 +++++++++++++++++---------------- 4 files changed, 90 insertions(+), 81 deletions(-) diff --git a/brain/data/Book.inc.php b/brain/data/Book.inc.php index 4b09668..03fc412 100644 --- a/brain/data/Book.inc.php +++ b/brain/data/Book.inc.php @@ -178,8 +178,9 @@ class Book ]; //TODO: When form submission is successful, make new form token - $form_token = md5(uniqid(microtime(), true)); - Session::set("form_token", $form_token); + //Session token doesn't reset on the front end, so turning this off for now + //$form_token = md5(uniqid(microtime(), true)); + //Session::set("form_token", $form_token); //once saved, update menu $body["path"] = $path; diff --git a/brain/data/Render.inc.php b/brain/data/Render.inc.php index 4bbf2c0..e6ee42d 100644 --- a/brain/data/Render.inc.php +++ b/brain/data/Render.inc.php @@ -119,11 +119,14 @@ class Render "img" => [ "allowed_attributes" => ["src", "alt", "title", "class"], "allowed_hosts" => null, + "allow_relative_links" => true, ], ], ]); - $preclean = $sanitizer->sanitize($rendered->getContent()); + $scrubbed = $sanitizer->sanitize($rendered->getContent()); + + //var_dump($scrubbed); //just clean renderd string for now, Sanitize doesn't like relative img urls //so another option is needed @@ -138,6 +141,7 @@ class Render "ul", "li", "i", + "em", "h1", "h2", "h3", @@ -161,7 +165,7 @@ class Render $pageOptions = [ "title" => $page["title"], "background" => $page["feature"], - "content" => $cleaned, + "content" => $scrubbed, "meta" => $meta, "recent" => $recent, "featured" => $featured, diff --git a/brain/utility/DocTools.inc.php b/brain/utility/DocTools.inc.php index 9650864..e28197f 100644 --- a/brain/utility/DocTools.inc.php +++ b/brain/utility/DocTools.inc.php @@ -93,7 +93,9 @@ class DocTools $object["uuid"] . "\n" . "title: " . + "'" . $object["title"] . + "'" . "\n" . "feature: " . $object["feature"] . diff --git a/composer.lock b/composer.lock index cfc7db4..9946867 100644 --- a/composer.lock +++ b/composer.lock @@ -453,16 +453,16 @@ }, { "name": "phpmailer/phpmailer", - "version": "v6.5.0", + "version": "v6.5.1", "source": { "type": "git", "url": "https://github.com/PHPMailer/PHPMailer.git", - "reference": "a5b5c43e50b7fba655f793ad27303cd74c57363c" + "reference": "dd803df5ad7492e1b40637f7ebd258fee5ca7355" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/PHPMailer/PHPMailer/zipball/a5b5c43e50b7fba655f793ad27303cd74c57363c", - "reference": "a5b5c43e50b7fba655f793ad27303cd74c57363c", + "url": "https://api.github.com/repos/PHPMailer/PHPMailer/zipball/dd803df5ad7492e1b40637f7ebd258fee5ca7355", + "reference": "dd803df5ad7492e1b40637f7ebd258fee5ca7355", "shasum": "" }, "require": { @@ -474,10 +474,12 @@ "require-dev": { "dealerdirect/phpcodesniffer-composer-installer": "^0.7.0", "doctrine/annotations": "^1.2", + "php-parallel-lint/php-console-highlighter": "^0.5.0", + "php-parallel-lint/php-parallel-lint": "^1.3", "phpcompatibility/php-compatibility": "^9.3.5", "roave/security-advisories": "dev-latest", - "squizlabs/php_codesniffer": "^3.5.6", - "yoast/phpunit-polyfills": "^0.2.0" + "squizlabs/php_codesniffer": "^3.6.0", + "yoast/phpunit-polyfills": "^1.0.0" }, "suggest": { "ext-mbstring": "Needed to send email in multibyte encoding charset or decode encoded addresses", @@ -517,7 +519,7 @@ "description": "PHPMailer is a full-featured email creation and transfer class for PHP", "support": { "issues": "https://github.com/PHPMailer/PHPMailer/issues", - "source": "https://github.com/PHPMailer/PHPMailer/tree/v6.5.0" + "source": "https://github.com/PHPMailer/PHPMailer/tree/v6.5.1" }, "funding": [ { @@ -525,24 +527,24 @@ "type": "github" } ], - "time": "2021-06-16T14:33:43+00:00" + "time": "2021-08-18T09:14:16+00:00" }, { "name": "psr/container", - "version": "2.0.1", + "version": "2.0.2", "source": { "type": "git", "url": "https://github.com/php-fig/container.git", - "reference": "2ae37329ee82f91efadc282cc2d527fd6065a5ef" + "reference": "c71ecc56dfe541dbd90c5360474fbc405f8d5963" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/php-fig/container/zipball/2ae37329ee82f91efadc282cc2d527fd6065a5ef", - "reference": "2ae37329ee82f91efadc282cc2d527fd6065a5ef", + "url": "https://api.github.com/repos/php-fig/container/zipball/c71ecc56dfe541dbd90c5360474fbc405f8d5963", + "reference": "c71ecc56dfe541dbd90c5360474fbc405f8d5963", "shasum": "" }, "require": { - "php": ">=7.2.0" + "php": ">=7.4.0" }, "type": "library", "extra": { @@ -576,9 +578,9 @@ ], "support": { "issues": "https://github.com/php-fig/container/issues", - "source": "https://github.com/php-fig/container/tree/2.0.1" + "source": "https://github.com/php-fig/container/tree/2.0.2" }, - "time": "2021-03-24T13:40:57+00:00" + "time": "2021-11-05T16:47:00+00:00" }, { "name": "psr/http-factory", @@ -1096,16 +1098,16 @@ }, { "name": "sebastian/exporter", - "version": "4.0.3", + "version": "4.0.4", "source": { "type": "git", "url": "https://github.com/sebastianbergmann/exporter.git", - "reference": "d89cc98761b8cb5a1a235a6b703ae50d34080e65" + "reference": "65e8b7db476c5dd267e65eea9cab77584d3cfff9" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/exporter/zipball/d89cc98761b8cb5a1a235a6b703ae50d34080e65", - "reference": "d89cc98761b8cb5a1a235a6b703ae50d34080e65", + "url": "https://api.github.com/repos/sebastianbergmann/exporter/zipball/65e8b7db476c5dd267e65eea9cab77584d3cfff9", + "reference": "65e8b7db476c5dd267e65eea9cab77584d3cfff9", "shasum": "" }, "require": { @@ -1154,14 +1156,14 @@ } ], "description": "Provides the functionality to export PHP variables for visualization", - "homepage": "http://www.github.com/sebastianbergmann/exporter", + "homepage": "https://www.github.com/sebastianbergmann/exporter", "keywords": [ "export", "exporter" ], "support": { "issues": "https://github.com/sebastianbergmann/exporter/issues", - "source": "https://github.com/sebastianbergmann/exporter/tree/4.0.3" + "source": "https://github.com/sebastianbergmann/exporter/tree/4.0.4" }, "funding": [ { @@ -1169,7 +1171,7 @@ "type": "github" } ], - "time": "2020-09-28T05:24:23+00:00" + "time": "2021-11-11T14:18:36+00:00" }, { "name": "sebastian/recursion-context", @@ -1236,25 +1238,25 @@ }, { "name": "slim/psr7", - "version": "1.4", + "version": "1.5", "source": { "type": "git", "url": "https://github.com/slimphp/Slim-Psr7.git", - "reference": "0dca983ca32a26f4a91fb11173b7b9eaee29e9d6" + "reference": "a47b43a8da7c0208b4c228af0cb29ea36080635a" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/slimphp/Slim-Psr7/zipball/0dca983ca32a26f4a91fb11173b7b9eaee29e9d6", - "reference": "0dca983ca32a26f4a91fb11173b7b9eaee29e9d6", + "url": "https://api.github.com/repos/slimphp/Slim-Psr7/zipball/a47b43a8da7c0208b4c228af0cb29ea36080635a", + "reference": "a47b43a8da7c0208b4c228af0cb29ea36080635a", "shasum": "" }, "require": { "fig/http-message-util": "^1.1.5", - "php": "^7.2 || ^8.0", + "php": "^7.3 || ^8.0", "psr/http-factory": "^1.0", "psr/http-message": "^1.0", - "ralouphie/getallheaders": "^3", - "symfony/polyfill-php80": "^1.22" + "ralouphie/getallheaders": "^3.0", + "symfony/polyfill-php80": "^1.23" }, "provide": { "psr/http-factory-implementation": "1.0", @@ -1265,10 +1267,11 @@ "ext-json": "*", "http-interop/http-factory-tests": "^0.9.0", "php-http/psr7-integration-tests": "dev-master", - "phpstan/phpstan": "^0.12", - "phpunit/phpunit": "^8.5 || ^9.5", - "squizlabs/php_codesniffer": "^3.6", - "weirdan/prophecy-shim": "^1.0 || ^2.0.2" + "phpspec/prophecy": "^1.14", + "phpspec/prophecy-phpunit": "^2.0", + "phpstan/phpstan": "^0.12.99", + "phpunit/phpunit": "^9.5", + "squizlabs/php_codesniffer": "^3.6" }, "type": "library", "autoload": { @@ -1311,50 +1314,49 @@ ], "support": { "issues": "https://github.com/slimphp/Slim-Psr7/issues", - "source": "https://github.com/slimphp/Slim-Psr7/tree/1.4" + "source": "https://github.com/slimphp/Slim-Psr7/tree/1.5" }, - "time": "2021-05-08T18:22:56+00:00" + "time": "2021-09-22T04:33:00+00:00" }, { "name": "slim/slim", - "version": "4.8.1", + "version": "4.9.0", "source": { "type": "git", "url": "https://github.com/slimphp/Slim.git", - "reference": "c8934c35d9d98b1a1df9f99ee69b77a59e0aa820" + "reference": "44d3c9c0bfcc47e52e42b097b6062689d21b904b" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/slimphp/Slim/zipball/c8934c35d9d98b1a1df9f99ee69b77a59e0aa820", - "reference": "c8934c35d9d98b1a1df9f99ee69b77a59e0aa820", + "url": "https://api.github.com/repos/slimphp/Slim/zipball/44d3c9c0bfcc47e52e42b097b6062689d21b904b", + "reference": "44d3c9c0bfcc47e52e42b097b6062689d21b904b", "shasum": "" }, "require": { "ext-json": "*", "nikic/fast-route": "^1.3", - "php": "^7.2 || ^8.0", + "php": "^7.3 || ^8.0", "psr/container": "^1.0 || ^2.0", "psr/http-factory": "^1.0", "psr/http-message": "^1.0", "psr/http-server-handler": "^1.0", "psr/http-server-middleware": "^1.0", - "psr/log": "^1.1" + "psr/log": "^1.1 || ^2.0 || ^3.0" }, "require-dev": { "adriansuter/php-autoload-override": "^1.2", "ext-simplexml": "*", - "guzzlehttp/psr7": "^1.8", - "http-interop/http-factory-guzzle": "^1.0", - "laminas/laminas-diactoros": "^2.4", + "guzzlehttp/psr7": "^2.0", + "laminas/laminas-diactoros": "^2.8", "nyholm/psr7": "^1.4", - "nyholm/psr7-server": "^1.0.1", - "phpspec/prophecy": "^1.13", - "phpstan/phpstan": "^0.12.85", - "phpunit/phpunit": "^8.5.13 || ^9.3.8", + "nyholm/psr7-server": "^1.0", + "phpspec/prophecy": "^1.14", + "phpspec/prophecy-phpunit": "^2.0", + "phpstan/phpstan": "^0.12.99", + "phpunit/phpunit": "^9.5", "slim/http": "^1.2", - "slim/psr7": "^1.3", - "squizlabs/php_codesniffer": "^3.6", - "weirdan/prophecy-shim": "^1.0 || ^2.0.2" + "slim/psr7": "^1.5", + "squizlabs/php_codesniffer": "^3.6" }, "suggest": { "ext-simplexml": "Needed to support XML format in BodyParsingMiddleware", @@ -1427,7 +1429,7 @@ "type": "tidelift" } ], - "time": "2021-06-29T19:41:06+00:00" + "time": "2021-10-05T03:00:00+00:00" }, { "name": "slim/twig-view", @@ -1969,16 +1971,16 @@ }, { "name": "symfony/property-access", - "version": "v5.3.4", + "version": "v5.3.8", "source": { "type": "git", "url": "https://github.com/symfony/property-access.git", - "reference": "098681253076af7070df7d9debe5f75733eea189" + "reference": "2fbab5f95ddb6b8e85f38a6a8a04a17c0acc4d66" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/property-access/zipball/098681253076af7070df7d9debe5f75733eea189", - "reference": "098681253076af7070df7d9debe5f75733eea189", + "url": "https://api.github.com/repos/symfony/property-access/zipball/2fbab5f95ddb6b8e85f38a6a8a04a17c0acc4d66", + "reference": "2fbab5f95ddb6b8e85f38a6a8a04a17c0acc4d66", "shasum": "" }, "require": { @@ -2030,7 +2032,7 @@ "reflection" ], "support": { - "source": "https://github.com/symfony/property-access/tree/v5.3.4" + "source": "https://github.com/symfony/property-access/tree/v5.3.8" }, "funding": [ { @@ -2046,20 +2048,20 @@ "type": "tidelift" } ], - "time": "2021-07-21T12:40:44+00:00" + "time": "2021-09-10T11:55:24+00:00" }, { "name": "symfony/property-info", - "version": "v5.3.4", + "version": "v5.3.8", "source": { "type": "git", "url": "https://github.com/symfony/property-info.git", - "reference": "0f42009150679a7a256eb6ee106401af5d974ed2" + "reference": "39de5bed8c036f76ec0457ec52908e45d5497947" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/property-info/zipball/0f42009150679a7a256eb6ee106401af5d974ed2", - "reference": "0f42009150679a7a256eb6ee106401af5d974ed2", + "url": "https://api.github.com/repos/symfony/property-info/zipball/39de5bed8c036f76ec0457ec52908e45d5497947", + "reference": "39de5bed8c036f76ec0457ec52908e45d5497947", "shasum": "" }, "require": { @@ -2120,7 +2122,7 @@ "validator" ], "support": { - "source": "https://github.com/symfony/property-info/tree/v5.3.4" + "source": "https://github.com/symfony/property-info/tree/v5.3.8" }, "funding": [ { @@ -2136,20 +2138,20 @@ "type": "tidelift" } ], - "time": "2021-07-21T12:40:44+00:00" + "time": "2021-09-07T07:41:40+00:00" }, { "name": "symfony/string", - "version": "v5.3.3", + "version": "v5.3.10", "source": { "type": "git", "url": "https://github.com/symfony/string.git", - "reference": "bd53358e3eccec6a670b5f33ab680d8dbe1d4ae1" + "reference": "d70c35bb20bbca71fc4ab7921e3c6bda1a82a60c" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/string/zipball/bd53358e3eccec6a670b5f33ab680d8dbe1d4ae1", - "reference": "bd53358e3eccec6a670b5f33ab680d8dbe1d4ae1", + "url": "https://api.github.com/repos/symfony/string/zipball/d70c35bb20bbca71fc4ab7921e3c6bda1a82a60c", + "reference": "d70c35bb20bbca71fc4ab7921e3c6bda1a82a60c", "shasum": "" }, "require": { @@ -2203,7 +2205,7 @@ "utf8" ], "support": { - "source": "https://github.com/symfony/string/tree/v5.3.3" + "source": "https://github.com/symfony/string/tree/v5.3.10" }, "funding": [ { @@ -2219,7 +2221,7 @@ "type": "tidelift" } ], - "time": "2021-06-27T11:44:38+00:00" + "time": "2021-10-27T18:21:46+00:00" }, { "name": "symfony/yaml", @@ -2346,16 +2348,16 @@ }, { "name": "twig/twig", - "version": "v3.3.2", + "version": "v3.3.3", "source": { "type": "git", "url": "https://github.com/twigphp/Twig.git", - "reference": "21578f00e83d4a82ecfa3d50752b609f13de6790" + "reference": "a27fa056df8a6384316288ca8b0fa3a35fdeb569" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/twigphp/Twig/zipball/21578f00e83d4a82ecfa3d50752b609f13de6790", - "reference": "21578f00e83d4a82ecfa3d50752b609f13de6790", + "url": "https://api.github.com/repos/twigphp/Twig/zipball/a27fa056df8a6384316288ca8b0fa3a35fdeb569", + "reference": "a27fa056df8a6384316288ca8b0fa3a35fdeb569", "shasum": "" }, "require": { @@ -2365,7 +2367,7 @@ }, "require-dev": { "psr/container": "^1.0", - "symfony/phpunit-bridge": "^4.4.9|^5.0.9" + "symfony/phpunit-bridge": "^4.4.9|^5.0.9|^6.0" }, "type": "library", "extra": { @@ -2406,7 +2408,7 @@ ], "support": { "issues": "https://github.com/twigphp/Twig/issues", - "source": "https://github.com/twigphp/Twig/tree/v3.3.2" + "source": "https://github.com/twigphp/Twig/tree/v3.3.3" }, "funding": [ { @@ -2418,7 +2420,7 @@ "type": "tidelift" } ], - "time": "2021-05-16T12:14:13+00:00" + "time": "2021-09-17T08:44:23+00:00" } ], "packages-dev": [],