Nemcio/Chevereto
1
0
Fork 0
mirror of https://github.com/chevereto/chevereto.git synced 2025-10-26 00:36:15 +02:00
Code Issues Packages Projects Releases Activity

Automatic push 4.0.12

Browse Source
This commit is contained in:
chevereto
2024-03-12 12:58:03 +00:00
parent 9c8fb65c71
commit b457d80888
24 changed files with 296 additions and 165 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
.github/workflows/docker.yml vendored
View File

@@ -14,11 +14,11 @@ jobs:
strategy:
matrix:
os: [ubuntu-latest]
php: ["8.1"]
php: ["8.2"]
name: Build on PHP ${{ matrix.php }} ${{ matrix.os }}
steps:
- name: Checkout
uses: actions/checkout@v3
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Get current branch
@@ -29,25 +29,32 @@ jobs:
- run: echo ${{ steps.get-branch.outputs.branch }}
- name: Docker meta
id: meta
uses: docker/metadata-action@v4
uses: docker/metadata-action@v5
with:
images: |
chevereto/chevereto
${{ env.GHCR_SLUG }}
tags: |
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
labels: |
org.opencontainers.image.title=Chevereto V4
org.opencontainers.image.description=Ultimate image sharing software 🦄
org.opencontainers.image.description=Ultimate image sharing software
org.opencontainers.image.vendor=Chevereto
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
uses: docker/setup-buildx-action@v3
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Login to GHCR
uses: docker/login-action@v2
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
@@ -83,19 +90,17 @@ jobs:
run: |
cp -a ./. ../docker/chevereto/
ls -la ../docker/chevereto
- name: Build
uses: docker/bake-action@v2
- name: Build and push
uses: docker/build-push-action@v5
with:
workdir: ../docker
set: build.args.PHP=${{ matrix.php }}
files: |
./docker-bake.hcl
${{ steps.meta.outputs.bake-file }}
targets: build
context: ../docker
platforms: linux/amd64,linux/arm64
push: true
provenance: false
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
- name: Check manifest
run: |
docker buildx imagetools inspect ${{ env.GHCR_SLUG }}:${{ steps.meta.outputs.version }}
run: docker buildx imagetools inspect ${{ env.GHCR_SLUG }}:${{ steps.meta.outputs.version }}
- name: Inspect image
run: |
docker pull ${{ env.GHCR_SLUG }}:${{ steps.meta.outputs.version }}

8
.package/4.0.11.txt
View File

@@ -1,8 +0,0 @@
Chevereto 4.0.11 (2024-02-21)
- ✅ Added one-click upgrade system
- ✅ Added license key configuration
- ✅ Added /dashboard/?license
- ✅ Added /dashboard/?installed
- ✅ Added /dashboard/?upgrade
- 💅 Improved software version at dashboard

14
.package/4.0.12.txt Normal file
View File

@@ -0,0 +1,14 @@
Chevereto 4.0.12 (2024-03-12)
- ✅ Added cipher (encryption) to album password
- ✅ Added hidden (click to show) album password
- 🐞 Fixed bug in `entrypoints/index.php`
- 🐞 Fixed bug in API route
- 🐞 Fixed bug in Dashboard route
- 🐞 Fixed bug in Settings route
- 🐞 Fixed bug in Signup route
- 🐞 Fixed bug in G\Handler
- 🐞 Fixed bug in `app/upgrading.php`
- 🐞 Fixed bug in empty search string
- 💅 Improved license key handling (mobile) at Dashboard
- 🆙 Updated dependencies

40
README.md
View File

@@ -8,21 +8,51 @@
[![CHUISS](.github/banner/chevereto-ultimate-remix.png)](https://chevereto.com)
[![Community](https://img.shields.io/badge/chv.to-community-blue?style=flat-square)](https://chv.to/community)
[![Community](https://img.shields.io/badge/chv.to-community-blue?style=flat-square)](https://chevereto.com/community)
[![AGPL-3.0-only](https://img.shields.io/github/license/chevereto/chevereto?style=flat-square)](LICENSE)
[![Awesome F/OSS](https://img.shields.io/badge/Awesome_F%2FOSS-Certified-black?colorA=&colorB=874efe&style=flat-square)](https://awsmfoss.com/chevereto/)
Chevereto enables to create an image sharing website on your own server. It's your hosting and your rules, say goodbye to closures and restrictions.
Chevereto enables to create an image sharing website on your own server. It's your hosting and your rules, say goodbye to closures and restrictions. ⭐️ [Live demo](https://demo.chevereto.com)
![screen](.github/screen/user-profile.jpeg)
**Note:** This is the repository for Chevereto free edition. This software is intended for **personal usage** as it doesn't contain all the [features](https://chevereto.com/features) of the commercial edition.
This edition doesn't include the following features:
- Multiple users
- Advanced search
- Manage banners
- Consent screen (age gate)
- Bulk content importer
- Custom homepage
- Custom logo
- Custom pages
- Custom routing
- Cookie consent
- User followers
- Like system
- Guest API
- IP banning
- ModerateContent integration
- Notifications
- Queue handling
- StopForumSpam integration
- Upload moderation
- Upload plugin
- Watermarks
- External Storage (AWS S3, Google Cloud Storage, SFTP, etc.)
- External services (reCAPTCHA, Akismet, etc.)
- Project Arachnid integration (CSAM)
- Social login (OAuth2)
## Documentation
We provide several layers of documentation covering all aspects of our software. Chevereto documentation is Open Source and your contribution is highly appreciated.
* Software [v4-docs.chevereto.com](https://v4-docs.chevereto.com)
* Admin [v4-admin.chevereto.com](https://v4-admin.chevereto.com)
* User [v4-user.chevereto.com](https://v4-user.chevereto.com)
- Software [v4-docs.chevereto.com](https://v4-docs.chevereto.com)
- Admin [v4-admin.chevereto.com](https://v4-admin.chevereto.com)
- User [v4-user.chevereto.com](https://v4-user.chevereto.com)
## License

171
app/composer.lock generated
View File

@@ -310,16 +310,16 @@
},
{
"name": "amphp/process",
"version": "v1.1.4",
"version": "v1.1.5",
"source": {
"type": "git",
"url": "https://github.com/amphp/process.git",
"reference": "76e9495fd6818b43a20167cb11d8a67f7744ee0f"
"reference": "04b4517bbfe436ab822b853d511165dafbfe115a"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/amphp/process/zipball/76e9495fd6818b43a20167cb11d8a67f7744ee0f",
"reference": "76e9495fd6818b43a20167cb11d8a67f7744ee0f",
"url": "https://api.github.com/repos/amphp/process/zipball/04b4517bbfe436ab822b853d511165dafbfe115a",
"reference": "04b4517bbfe436ab822b853d511165dafbfe115a",
"shasum": ""
},
"require": {
@@ -363,7 +363,7 @@
"homepage": "https://github.com/amphp/process",
"support": {
"issues": "https://github.com/amphp/process/issues",
"source": "https://github.com/amphp/process/tree/v1.1.4"
"source": "https://github.com/amphp/process/tree/v1.1.5"
},
"funding": [
{
@@ -371,7 +371,7 @@
"type": "github"
}
],
"time": "2022-07-06T23:50:12+00:00"
"time": "2024-02-24T21:06:11+00:00"
},
{
"name": "amphp/serialization",
@@ -1155,16 +1155,16 @@
},
{
"name": "composer/ca-bundle",
"version": "1.4.0",
"version": "1.4.1",
"source": {
"type": "git",
"url": "https://github.com/composer/ca-bundle.git",
"reference": "b66d11b7479109ab547f9405b97205640b17d385"
"reference": "3ce240142f6d59b808dd65c1f52f7a1c252e6cfd"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/composer/ca-bundle/zipball/b66d11b7479109ab547f9405b97205640b17d385",
"reference": "b66d11b7479109ab547f9405b97205640b17d385",
"url": "https://api.github.com/repos/composer/ca-bundle/zipball/3ce240142f6d59b808dd65c1f52f7a1c252e6cfd",
"reference": "3ce240142f6d59b808dd65c1f52f7a1c252e6cfd",
"shasum": ""
},
"require": {
@@ -1211,7 +1211,7 @@
"support": {
"irc": "irc://irc.freenode.org/composer",
"issues": "https://github.com/composer/ca-bundle/issues",
"source": "https://github.com/composer/ca-bundle/tree/1.4.0"
"source": "https://github.com/composer/ca-bundle/tree/1.4.1"
},
"funding": [
{
@@ -1227,7 +1227,7 @@
"type": "tidelift"
}
],
"time": "2023-12-18T12:05:55+00:00"
"time": "2024-02-23T10:16:52+00:00"
},
{
"name": "evenement/evenement",
@@ -2485,16 +2485,16 @@
},
{
"name": "phpseclib/bcmath_compat",
"version": "2.0.1",
"version": "2.0.2",
"source": {
"type": "git",
"url": "https://github.com/phpseclib/bcmath_compat.git",
"reference": "2ffea8bfe1702b4535a7b3c2649c4301968e9a3c"
"reference": "29bbf07a7039ff65ce7daa44502ba34baf1512ec"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/phpseclib/bcmath_compat/zipball/2ffea8bfe1702b4535a7b3c2649c4301968e9a3c",
"reference": "2ffea8bfe1702b4535a7b3c2649c4301968e9a3c",
"url": "https://api.github.com/repos/phpseclib/bcmath_compat/zipball/29bbf07a7039ff65ce7daa44502ba34baf1512ec",
"reference": "29bbf07a7039ff65ce7daa44502ba34baf1512ec",
"shasum": ""
},
"require": {
@@ -2543,20 +2543,20 @@
"issues": "https://github.com/phpseclib/bcmath_compat/issues",
"source": "https://github.com/phpseclib/bcmath_compat"
},
"time": "2021-12-16T02:35:52+00:00"
"time": "2024-02-21T10:30:36+00:00"
},
{
"name": "phpseclib/phpseclib",
"version": "3.0.35",
"version": "3.0.37",
"source": {
"type": "git",
"url": "https://github.com/phpseclib/phpseclib.git",
"reference": "4b1827beabce71953ca479485c0ae9c51287f2fe"
"reference": "cfa2013d0f68c062055180dd4328cc8b9d1f30b8"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/4b1827beabce71953ca479485c0ae9c51287f2fe",
"reference": "4b1827beabce71953ca479485c0ae9c51287f2fe",
"url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/cfa2013d0f68c062055180dd4328cc8b9d1f30b8",
"reference": "cfa2013d0f68c062055180dd4328cc8b9d1f30b8",
"shasum": ""
},
"require": {
@@ -2637,7 +2637,7 @@
],
"support": {
"issues": "https://github.com/phpseclib/phpseclib/issues",
"source": "https://github.com/phpseclib/phpseclib/tree/3.0.35"
"source": "https://github.com/phpseclib/phpseclib/tree/3.0.37"
},
"funding": [
{
@@ -2653,7 +2653,7 @@
"type": "tidelift"
}
],
"time": "2023-12-29T01:59:53+00:00"
"time": "2024-03-03T02:14:58+00:00"
},
{
"name": "pragmarx/google2fa",
@@ -4151,16 +4151,16 @@
},
{
"name": "symfony/cache",
"version": "v5.4.35",
"version": "v5.4.36",
"source": {
"type": "git",
"url": "https://github.com/symfony/cache.git",
"reference": "db1adb004e2da984085d0178964eb6f319d3cba1"
"reference": "a30f316214d908cf5874f700f3f3fb29ceee91ba"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/cache/zipball/db1adb004e2da984085d0178964eb6f319d3cba1",
"reference": "db1adb004e2da984085d0178964eb6f319d3cba1",
"url": "https://api.github.com/repos/symfony/cache/zipball/a30f316214d908cf5874f700f3f3fb29ceee91ba",
"reference": "a30f316214d908cf5874f700f3f3fb29ceee91ba",
"shasum": ""
},
"require": {
@@ -4228,7 +4228,7 @@
"psr6"
],
"support": {
"source": "https://github.com/symfony/cache/tree/v5.4.35"
"source": "https://github.com/symfony/cache/tree/v5.4.36"
},
"funding": [
{
@@ -4244,7 +4244,7 @@
"type": "tidelift"
}
],
"time": "2024-01-23T13:51:25+00:00"
"time": "2024-02-19T13:08:14+00:00"
},
{
"name": "symfony/cache-contracts",
@@ -5267,20 +5267,21 @@
},
{
"name": "phar-io/manifest",
"version": "2.0.3",
"version": "2.0.4",
"source": {
"type": "git",
"url": "https://github.com/phar-io/manifest.git",
"reference": "97803eca37d319dfa7826cc2437fc020857acb53"
"reference": "54750ef60c58e43759730615a392c31c80e23176"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/phar-io/manifest/zipball/97803eca37d319dfa7826cc2437fc020857acb53",
"reference": "97803eca37d319dfa7826cc2437fc020857acb53",
"url": "https://api.github.com/repos/phar-io/manifest/zipball/54750ef60c58e43759730615a392c31c80e23176",
"reference": "54750ef60c58e43759730615a392c31c80e23176",
"shasum": ""
},
"require": {
"ext-dom": "*",
"ext-libxml": "*",
"ext-phar": "*",
"ext-xmlwriter": "*",
"phar-io/version": "^3.0.1",
@@ -5321,9 +5322,15 @@
"description": "Component for reading phar.io manifest information from a PHP Archive (PHAR)",
"support": {
"issues": "https://github.com/phar-io/manifest/issues",
"source": "https://github.com/phar-io/manifest/tree/2.0.3"
"source": "https://github.com/phar-io/manifest/tree/2.0.4"
},
"time": "2021-07-20T11:28:43+00:00"
"funding": [
{
"url": "https://github.com/theseer",
"type": "github"
}
],
"time": "2024-03-03T12:33:53+00:00"
},
{
"name": "phar-io/version",
@@ -5378,16 +5385,16 @@
},
{
"name": "phpstan/phpstan",
"version": "1.10.59",
"version": "1.10.60",
"source": {
"type": "git",
"url": "https://github.com/phpstan/phpstan.git",
"reference": "e607609388d3a6d418a50a49f7940e8086798281"
"reference": "95dcea7d6c628a3f2f56d091d8a0219485a86bbe"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/phpstan/phpstan/zipball/e607609388d3a6d418a50a49f7940e8086798281",
"reference": "e607609388d3a6d418a50a49f7940e8086798281",
"url": "https://api.github.com/repos/phpstan/phpstan/zipball/95dcea7d6c628a3f2f56d091d8a0219485a86bbe",
"reference": "95dcea7d6c628a3f2f56d091d8a0219485a86bbe",
"shasum": ""
},
"require": {
@@ -5436,20 +5443,20 @@
"type": "tidelift"
}
],
"time": "2024-02-20T13:59:13+00:00"
"time": "2024-03-07T13:30:19+00:00"
},
{
"name": "phpunit/php-code-coverage",
"version": "9.2.30",
"version": "9.2.31",
"source": {
"type": "git",
"url": "https://github.com/sebastianbergmann/php-code-coverage.git",
"reference": "ca2bd87d2f9215904682a9cb9bb37dda98e76089"
"reference": "48c34b5d8d983006bd2adc2d0de92963b9155965"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/sebastianbergmann/php-code-coverage/zipball/ca2bd87d2f9215904682a9cb9bb37dda98e76089",
"reference": "ca2bd87d2f9215904682a9cb9bb37dda98e76089",
"url": "https://api.github.com/repos/sebastianbergmann/php-code-coverage/zipball/48c34b5d8d983006bd2adc2d0de92963b9155965",
"reference": "48c34b5d8d983006bd2adc2d0de92963b9155965",
"shasum": ""
},
"require": {
@@ -5506,7 +5513,7 @@
"support": {
"issues": "https://github.com/sebastianbergmann/php-code-coverage/issues",
"security": "https://github.com/sebastianbergmann/php-code-coverage/security/policy",
"source": "https://github.com/sebastianbergmann/php-code-coverage/tree/9.2.30"
"source": "https://github.com/sebastianbergmann/php-code-coverage/tree/9.2.31"
},
"funding": [
{
@@ -5514,7 +5521,7 @@
"type": "github"
}
],
"time": "2023-12-22T06:47:57+00:00"
"time": "2024-03-02T06:37:42+00:00"
},
{
"name": "phpunit/php-file-iterator",
@@ -5759,16 +5766,16 @@
},
{
"name": "phpunit/phpunit",
"version": "9.6.16",
"version": "9.6.17",
"source": {
"type": "git",
"url": "https://github.com/sebastianbergmann/phpunit.git",
"reference": "3767b2c56ce02d01e3491046f33466a1ae60a37f"
"reference": "1a156980d78a6666721b7e8e8502fe210b587fcd"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/sebastianbergmann/phpunit/zipball/3767b2c56ce02d01e3491046f33466a1ae60a37f",
"reference": "3767b2c56ce02d01e3491046f33466a1ae60a37f",
"url": "https://api.github.com/repos/sebastianbergmann/phpunit/zipball/1a156980d78a6666721b7e8e8502fe210b587fcd",
"reference": "1a156980d78a6666721b7e8e8502fe210b587fcd",
"shasum": ""
},
"require": {
@@ -5842,7 +5849,7 @@
"support": {
"issues": "https://github.com/sebastianbergmann/phpunit/issues",
"security": "https://github.com/sebastianbergmann/phpunit/security/policy",
"source": "https://github.com/sebastianbergmann/phpunit/tree/9.6.16"
"source": "https://github.com/sebastianbergmann/phpunit/tree/9.6.17"
},
"funding": [
{
@@ -5858,7 +5865,7 @@
"type": "tidelift"
}
],
"time": "2024-01-19T07:03:14+00:00"
"time": "2024-02-23T13:14:51+00:00"
},
{
"name": "psy/psysh",
@@ -6002,16 +6009,16 @@
},
{
"name": "sebastian/cli-parser",
"version": "1.0.1",
"version": "1.0.2",
"source": {
"type": "git",
"url": "https://github.com/sebastianbergmann/cli-parser.git",
"reference": "442e7c7e687e42adc03470c7b668bc4b2402c0b2"
"reference": "2b56bea83a09de3ac06bb18b92f068e60cc6f50b"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/sebastianbergmann/cli-parser/zipball/442e7c7e687e42adc03470c7b668bc4b2402c0b2",
"reference": "442e7c7e687e42adc03470c7b668bc4b2402c0b2",
"url": "https://api.github.com/repos/sebastianbergmann/cli-parser/zipball/2b56bea83a09de3ac06bb18b92f068e60cc6f50b",
"reference": "2b56bea83a09de3ac06bb18b92f068e60cc6f50b",
"shasum": ""
},
"require": {
@@ -6046,7 +6053,7 @@
"homepage": "https://github.com/sebastianbergmann/cli-parser",
"support": {
"issues": "https://github.com/sebastianbergmann/cli-parser/issues",
"source": "https://github.com/sebastianbergmann/cli-parser/tree/1.0.1"
"source": "https://github.com/sebastianbergmann/cli-parser/tree/1.0.2"
},
"funding": [
{
@@ -6054,7 +6061,7 @@
"type": "github"
}
],
"time": "2020-09-28T06:08:49+00:00"
"time": "2024-03-02T06:27:43+00:00"
},
{
"name": "sebastian/code-unit",
@@ -6300,16 +6307,16 @@
},
{
"name": "sebastian/diff",
"version": "4.0.5",
"version": "4.0.6",
"source": {
"type": "git",
"url": "https://github.com/sebastianbergmann/diff.git",
"reference": "74be17022044ebaaecfdf0c5cd504fc9cd5a7131"
"reference": "ba01945089c3a293b01ba9badc29ad55b106b0bc"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/sebastianbergmann/diff/zipball/74be17022044ebaaecfdf0c5cd504fc9cd5a7131",
"reference": "74be17022044ebaaecfdf0c5cd504fc9cd5a7131",
"url": "https://api.github.com/repos/sebastianbergmann/diff/zipball/ba01945089c3a293b01ba9badc29ad55b106b0bc",
"reference": "ba01945089c3a293b01ba9badc29ad55b106b0bc",
"shasum": ""
},
"require": {
@@ -6354,7 +6361,7 @@
],
"support": {
"issues": "https://github.com/sebastianbergmann/diff/issues",
"source": "https://github.com/sebastianbergmann/diff/tree/4.0.5"
"source": "https://github.com/sebastianbergmann/diff/tree/4.0.6"
},
"funding": [
{
@@ -6362,7 +6369,7 @@
"type": "github"
}
],
"time": "2023-05-07T05:35:17+00:00"
"time": "2024-03-02T06:30:58+00:00"
},
{
"name": "sebastian/environment",
@@ -6429,16 +6436,16 @@
},
{
"name": "sebastian/exporter",
"version": "4.0.5",
"version": "4.0.6",
"source": {
"type": "git",
"url": "https://github.com/sebastianbergmann/exporter.git",
"reference": "ac230ed27f0f98f597c8a2b6eb7ac563af5e5b9d"
"reference": "78c00df8f170e02473b682df15bfcdacc3d32d72"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/sebastianbergmann/exporter/zipball/ac230ed27f0f98f597c8a2b6eb7ac563af5e5b9d",
"reference": "ac230ed27f0f98f597c8a2b6eb7ac563af5e5b9d",
"url": "https://api.github.com/repos/sebastianbergmann/exporter/zipball/78c00df8f170e02473b682df15bfcdacc3d32d72",
"reference": "78c00df8f170e02473b682df15bfcdacc3d32d72",
"shasum": ""
},
"require": {
@@ -6494,7 +6501,7 @@
],
"support": {
"issues": "https://github.com/sebastianbergmann/exporter/issues",
"source": "https://github.com/sebastianbergmann/exporter/tree/4.0.5"
"source": "https://github.com/sebastianbergmann/exporter/tree/4.0.6"
},
"funding": [
{
@@ -6502,20 +6509,20 @@
"type": "github"
}
],
"time": "2022-09-14T06:03:37+00:00"
"time": "2024-03-02T06:33:00+00:00"
},
{
"name": "sebastian/global-state",
"version": "5.0.6",
"version": "5.0.7",
"source": {
"type": "git",
"url": "https://github.com/sebastianbergmann/global-state.git",
"reference": "bde739e7565280bda77be70044ac1047bc007e34"
"reference": "bca7df1f32ee6fe93b4d4a9abbf69e13a4ada2c9"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/sebastianbergmann/global-state/zipball/bde739e7565280bda77be70044ac1047bc007e34",
"reference": "bde739e7565280bda77be70044ac1047bc007e34",
"url": "https://api.github.com/repos/sebastianbergmann/global-state/zipball/bca7df1f32ee6fe93b4d4a9abbf69e13a4ada2c9",
"reference": "bca7df1f32ee6fe93b4d4a9abbf69e13a4ada2c9",
"shasum": ""
},
"require": {
@@ -6558,7 +6565,7 @@
],
"support": {
"issues": "https://github.com/sebastianbergmann/global-state/issues",
"source": "https://github.com/sebastianbergmann/global-state/tree/5.0.6"
"source": "https://github.com/sebastianbergmann/global-state/tree/5.0.7"
},
"funding": [
{
@@ -6566,7 +6573,7 @@
"type": "github"
}
],
"time": "2023-08-02T09:26:13+00:00"
"time": "2024-03-02T06:35:11+00:00"
},
{
"name": "sebastian/lines-of-code",
@@ -7448,16 +7455,16 @@
},
{
"name": "theseer/tokenizer",
"version": "1.2.2",
"version": "1.2.3",
"source": {
"type": "git",
"url": "https://github.com/theseer/tokenizer.git",
"reference": "b2ad5003ca10d4ee50a12da31de12a5774ba6b96"
"reference": "737eda637ed5e28c3413cb1ebe8bb52cbf1ca7a2"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/theseer/tokenizer/zipball/b2ad5003ca10d4ee50a12da31de12a5774ba6b96",
"reference": "b2ad5003ca10d4ee50a12da31de12a5774ba6b96",
"url": "https://api.github.com/repos/theseer/tokenizer/zipball/737eda637ed5e28c3413cb1ebe8bb52cbf1ca7a2",
"reference": "737eda637ed5e28c3413cb1ebe8bb52cbf1ca7a2",
"shasum": ""
},
"require": {
@@ -7486,7 +7493,7 @@
"description": "A small library for converting tokenized PHP source code into XML and potentially other formats",
"support": {
"issues": "https://github.com/theseer/tokenizer/issues",
"source": "https://github.com/theseer/tokenizer/tree/1.2.2"
"source": "https://github.com/theseer/tokenizer/tree/1.2.3"
},
"funding": [
{
@@ -7494,7 +7501,7 @@
"type": "github"
}
],
"time": "2023-11-20T00:12:19+00:00"
"time": "2024-03-03T12:36:25+00:00"
}
],
"aliases": [],

18
app/legacy/commands/cipher.php
View File

@@ -11,6 +11,7 @@
use Chevereto\Encryption\EncryptionInstance;
use Chevereto\Encryption\Interfaces\EncryptionInterface;
use Chevereto\Legacy\Classes\Album;
use Chevereto\Legacy\Classes\DB;
use Chevereto\Legacy\Classes\Login;
use Chevereto\Legacy\Classes\Settings;
@@ -111,3 +112,20 @@ foreach ($connections as $connection) {
$tokenString = serialize($token);
feedback("- token: $tokenString");
}
feedbackSeparator();
feedbackStep($doing, 'albums password');
$albumsPassword = DB::queryFetchAll('SELECT album_id id, album_password password FROM ' . DB::getTable('albums') . ' WHERE album_password IS NOT NULL;');
foreach ($albumsPassword as $album) {
new EncryptionInstance($fromEncryption);
feedback("> Album id #" . $album['id']);
new EncryptionInstance($toEncryption);
$password = $album['password'];
$values = [
'password' => $password,
];
Album::update(
id: (int) $album['id'],
values: $values,
);
feedback("- password: $password");
}

2
app/legacy/entrypoints/index.php
View File

@@ -18,7 +18,7 @@ $loadDir = __DIR__ . '/../load';
require_once $loadDir . '/php-boot.php';
$uri = $_SERVER['REQUEST_URI'] ?? '';
$parseUri = parse_url($uri);
if (in_array($parseUri['path'], ['/upgrading', '/upgrading/'])
if (in_array($parseUri['path'] ?? null, ['/upgrading', '/upgrading/'])
&& file_exists($appDir . '/.upgrading/upgrading.lock')) {
require $appDir . '/upgrading.php';
exit;

1
app/legacy/install/installer.php
View File

@@ -595,6 +595,7 @@ $settings_updates = [
'listing_viewer' => 0,
],
'4.0.11' => null,
'4.0.12' => null,
];
$cheveretoFreeMap = [
'1.0.0' => '3.8.3',

2
app/legacy/load/app.php
View File

@@ -9,5 +9,5 @@
* file that was distributed with this source code.
*/
const APP_VERSION = '4.0.11';
const APP_VERSION = '4.0.12';
const APP_VERSION_AKA = 'macanudo';

4
app/legacy/routes/album.php
View File

@@ -132,8 +132,8 @@ return function (Handler $handler) {
}
}
if (!$is_error) {
if (isset(post()['content-password']) && Album::checkPassword($album['password'], post()['content-password'])) {
Album::storeUserPasswordHash($album['id'], post()['content-password']);
if (isset(post()['content-password']) && hash_equals($album['password'], post()['content-password'])) {
Album::storeUserPassword($album['id'], post()['content-password']);
} elseif (!Album::checkSessionPassword($album)) {
$is_error = true;
if (isset(post()['content-password'])) {

9
app/legacy/routes/api.php
View File

@@ -62,10 +62,12 @@ return function (Handler $handler) {
if (!(bool) env()['CHEVERETO_ENABLE_API_GUEST']) {
throw new Exception("Guest API is disabled.", 400);
}
if ((getSetting('api_v1_key') ?? '') == '') {
$apiV1Key = (string) (getSetting('api_v1_key') ?? '');
if ($apiV1Key == '') {
throw new Exception("API V1 public key can't be null. Go to your dashboard and set the Guest API key.", 0);
}
if (!hash_equals(getSetting('api_v1_key'), $key)) {
// @var string $key
if (!hash_equals($apiV1Key, $key)) {
throw new Exception("Invalid guest API key.", 100);
}
} else {
@@ -123,7 +125,8 @@ return function (Handler $handler) {
throw new Exception('Upload using base64 source must be done using POST method.', 130);
}
$source = trim(preg_replace('/\s+/', '', $source));
if (!hash_equals(base64_encode(base64_decode($source)), $source)) {
$base64source = base64_encode(base64_decode($source));
if (!hash_equals($base64source, $source)) {
throw new Exception('Invalid base64 string.', 120);
}
$api_temp_file = tempnam(sys_get_temp_dir(), 'chvtemp');

24
app/legacy/routes/dashboard.php
View File

@@ -11,6 +11,7 @@
use function Chevere\String\randomString;
use Chevereto\Config\Config;
use function Chevereto\Encryption\hasEncryption;
use function Chevereto\Legacy\badgePaid;
use Chevereto\Legacy\Classes\Akismet;
use Chevereto\Legacy\Classes\Arachnid;
@@ -370,7 +371,7 @@ return function (Handler $handler) {
if (version_compare($chv_version['files'], $chv_version['db'], '>')) {
$install_update_button = $chv_version['db'] . ' DB <span class="fas fa-database"></span> <a href="' . get_base_url('update') . '">' . _s('install update') . '</a>';
}
$version_check .= '<a data-action="check-for-updates" class="btn btn-small accent margin-right-5 margin-top-5"><span class="fas fa-circle-up"></span> ' . _s("Check upgrades") . '</a>';
$version_check .= '<a data-action="check-for-updates" class="btn btn-small accent margin-right-5 margin-bottom-5"><span class="fas fa-circle-up"></span> ' . _s("Check upgrades") . '</a>';
if (datetime_diff($cron_last_ran, null, 'm') > 5) {
$cronRemark .= ' — <span class="color-fail"><span class="fas fa-exclamation-triangle"></span> ' . _s('not running') . '</span>';
}
@@ -408,6 +409,10 @@ return function (Handler $handler) {
'label' => _s('Connecting IP'),
'content' => '<i class="fas fa-network-wired"></i> ' . get_client_ip() . ' <a data-modal="simple" data-target="modal-connecting-ip"><i class="fas fa-question-circle margin-right-5"></i>' . _s('Not your IP?') . '</a>'
],
'is_encrypted' => [
'label' => _s('Encryption'),
'content' => '<i class="fas fa-shield-halved"></i> ' . (hasEncryption() ? _s('Enabled') : _s('Disabled'))
],
];
$cheveretoLinks = [
@@ -435,7 +440,7 @@ return function (Handler $handler) {
$cheveretoLinksButtons = '';
foreach ($cheveretoLinks as $link) {
$attr = $link['attr'] ?? 'href="%href%" target="_blank"';
$cheveretoLinksButtons .= strtr('<a ' . $attr . ' class="btn default btn-small margin-right-5"><span class="btn-icon fa-btn-icon %icon%"></span><span class="btn-text">%label%</span></a>', [
$cheveretoLinksButtons .= strtr('<a ' . $attr . ' class="btn default btn-small margin-right-5 margin-bottom-5"><span class="btn-icon fa-btn-icon %icon%"></span><span class="btn-text">%label%</span></a>', [
'%href%' => $link['href'] ?? '',
'%icon%' => $link['icon'],
'%label%' => $link['label'],
@@ -1468,7 +1473,10 @@ return function (Handler $handler) {
if (isset($page['id']) && $page['id'] == $v['page_id']) {
continue; // Skip on same thing
}
if (hash_equals($v[$kk], $POST[$kk])) {
if (hash_equals(
(string) $v[$kk],
(string) $POST[$kk]
)) {
$input_errors[$kk] = sprintf($vv, $v['page_id']);
}
}
@@ -1483,7 +1491,10 @@ return function (Handler $handler) {
try {
Page::writePage(['file_path' => $POST['page_file_path'], 'code' => $page_write_code]);
if ($handler->request()[2] == 'edit' && isset($page['file_path']) && !hash_equals($page['file_path'], $POST['page_file_path'])) {
if ($handler->request()[2] == 'edit'
&& isset($page['file_path'])
&& !hash_equals((string) $page['file_path'], (string) $POST['page_file_path'])
) {
unlinkIfExists(Page::getPath($page['file_path']));
}
if (isset($page['id'])) {
@@ -1501,7 +1512,10 @@ return function (Handler $handler) {
foreach ($page_fields as $v) {
$postPage = $POST['page_' . $v];
if ($handler->request()[2] == 'edit') {
if (hash_equals($page[$v] ?? '', $postPage ?? '')) {
if (hash_equals(
(string) ($page[$v] ?? ''),
(string) ($postPage ?? '')
)) {
continue;
} // Skip not updated values
}

19
app/legacy/routes/settings.php
View File

@@ -250,12 +250,14 @@ return function (Handler $handler) {
continue;
}
}
if (hash_equals($row['user_username'], $POST['username']) and $user['username'] !== $row['user_username']) {
if (hash_equals((string) $row['user_username'], (string) $POST['username'])
&& $user['username'] !== $row['user_username']
) {
$input_errors['username'] = 'Username already being used';
}
if (
!empty($POST['email']) && hash_equals($row['user_email'], $POST['email']) &&
$user['email'] !== $row['user_email']
if (!empty($POST['email'])
&& hash_equals((string) $row['user_email'], (string) $POST['email'])
&& $user['email'] !== $row['user_email']
) {
$input_errors['email'] = _s('Email already being used');
}
@@ -265,7 +267,14 @@ return function (Handler $handler) {
}
}
}
if (!$is_error && $is_email_required && !empty($POST['email']) && !hash_equals($user['email'] ?? '', $POST['email'])) {
if (!$is_error
&& $is_email_required
&& !empty($POST['email'])
&& !hash_equals(
(string) ($user['email'] ?? ''),
(string) $POST['email']
)
) {
Confirmation::delete(['type' => 'account-change-email', 'user_id' => $user['id']]);
$hashed_token = generate_hashed_token((int) $user['id']);
Confirmation::insert([

4
app/legacy/routes/signup.php
View File

@@ -135,10 +135,10 @@ return function (Handler $handler) {
continue;
}
}
if (hash_equals($row['user_username'], $POST['username'])) {
if (hash_equals((string) $row['user_username'], (string) $POST['username'])) {
$input_errors['username'] = 'Username already being used';
}
if (hash_equals($row['user_email'], $POST['email'])) {
if (hash_equals((string) $row['user_email'], (string) $POST['email'])) {
$input_errors['email'] = _s('Email already being used');
}
if (!$show_resend_activation) {

46
app/src/Legacy/Classes/Album.php
View File

@@ -11,6 +11,10 @@
namespace Chevereto\Legacy\Classes;
use function Chevereto\Encryption\decrypt;
use function Chevereto\Encryption\encrypt;
use function Chevereto\Encryption\encryptValues;
use function Chevereto\Encryption\hasEncryption;
use function Chevereto\Legacy\assertNotStopWords;
use function Chevereto\Legacy\encodeID;
use function Chevereto\Legacy\G\check_value;
@@ -35,8 +39,8 @@ use Throwable;
class Album
{
public const HASHED_NAMES = [
'password',
public const ENCRYPTED_NAMES = [
'password'
];
public static function getSingle(
@@ -83,6 +87,9 @@ class Album
$album_db['album_liked'] = (bool) $album_db['like_user_id'];
}
$return = $album_db;
if (isset($return['album_password']) && hasEncryption()) {
$return['album_password'] = decrypt($return['album_password']);
}
return $pretty
? self::formatArray($return)
@@ -104,6 +111,13 @@ class Album
$db = DB::getInstance();
$db->query($query);
$db_rows = $db->fetchAll();
if (hasEncryption()) {
foreach ($db_rows as &$row) {
if (isset($row['album_password'])) {
$row['album_password'] = decrypt($row['album_password']);
}
}
}
if ($pretty) {
$return = [];
foreach ($db_rows as $k => $v) {
@@ -165,7 +179,9 @@ class Album
if (!check_value($values['password'])) {
throw new Exception('Missing album password', 100);
}
$values['password'] = password_hash($values['password'], PASSWORD_BCRYPT);
if (hasEncryption()) {
$values = encryptValues(self::ENCRYPTED_NAMES, $values);
}
}
$flood = self::handleFlood();
if ($flood !== []) {
@@ -292,11 +308,8 @@ class Album
nullify_string($values['description']);
}
assertNotStopWords($values['name'] ?? '', $values['description'] ?? '');
if (($values['privacy'] ?? null) !== 'password') {
$values['password'] = null;
}
if (isset($values['password'])) {
$values['password'] = password_hash($values['password'], PASSWORD_BCRYPT);
if (isset($values['password']) && hasEncryption()) {
$values = encryptValues(self::ENCRYPTED_NAMES, $values);
}
return DB::update('albums', $values, ['id' => $id]);
@@ -518,22 +531,23 @@ class Album
return $output;
}
public static function checkPassword(string $hash, string $user_password): bool
{
return password_verify($user_password, $hash);
}
public static function storeUserPasswordHash($album_id, $user_password): void
public static function storeUserPassword($album_id, $user_password): void
{
$addValue = session()['password'];
if (hasEncryption()) {
$user_password = encrypt($user_password);
}
$addValue['album'][$album_id] = $user_password;
sessionVar()->put('password', $addValue);
}
public static function checkSessionPassword($album = []): bool
{
$user_password_hash = session()['password']['album'][$album['id']] ?? null;
if (!isset($user_password_hash) || !password_verify($user_password_hash, $album['password'])) {
$session_password = session()['password']['album'][$album['id']] ?? null;
if (isset($session_password) && hasEncryption()) {
$session_password = decrypt($session_password);
}
if (!isset($session_password) || !hash_equals($session_password, $album['password'])) {
$removeValue = session()['password'] ?? null;
unset($removeValue['album'][$album['id']]);
sessionVar()->put('password', $removeValue);

18
app/src/Legacy/Classes/Search.php
View File

@@ -24,7 +24,7 @@ class Search
public string $wheres;
public string $q;
public string $q = '';
public string $type;
@@ -64,13 +64,25 @@ class Search
$this->q .= implode(' ', $operator) . ' ';
}
if (isset($this->q)) {
$this->q = preg_replace('/\s+/', ' ', trim($this->q));
$this->q = trim($this->q);
$this->q = preg_replace(
'/\s+/',
' ',
trim($this->q)
) ?? '';
}
$this->q ??= '';
$q_match = $this->q;
$search_binds = [];
$search_op_wheres = [];
foreach ($search_op['named'] as $v) {
$q_match = trim(preg_replace('/\s+/', ' ', str_replace($v, '', $q_match)));
$q_match = trim(
preg_replace(
'/\s+/',
' ',
str_replace($v, '', $q_match)
)
);
if ($q_match === '') {
$q_match = null;
}

2
app/src/Legacy/G/Handler.php
View File

@@ -424,7 +424,7 @@ class Handler
return false;
}
return hash_equals(session()['G_auth_token'], $token);
return hash_equals((string) session()['G_auth_token'], $token);
}
public static function setVar(string $var, mixed $value): void

6
app/src/Legacy/functions.php
View File

@@ -164,9 +164,13 @@ function send_mail($to, $subject, $body): bool
} else {
$from = [getSettings()['email_from_email'], getSettings()['email_from_name']];
$reply_to = null;
$fromEmail = $from[0];
if (str_ends_with($fromEmail, '@chevereto.com')) {
throw new Exception('Forbidden to send email from ' . $fromEmail, 600);
}
}
if (!filter_var($to, FILTER_VALIDATE_EMAIL)) {
throw new Exception('Invalid email', 100);
throw new Exception('Invalid to email', 100);
}
foreach (['email_from_email', 'email_from_name'] as $v) {
if (!getSettings()[$v]) {

7
app/upgrading.php
View File

@@ -123,12 +123,15 @@ if (PHP_SAPI === 'cli') {
}
} else {
$singleStep = false;
$action = $_GET['action'] ?? '';
$token = $_GET['token'] ?? '';
$action = (string) ($_GET['action'] ?? '');
$token = (string) ($_GET['token'] ?? '');
if (!file_exists($lockUpgrading)) {
abort('[!] Upgrade is not expected', 403);
}
$upgradeToken = file_get_contents($lockUpgrading);
if ($upgradeToken === false) {
abort('[!] Invalid token file', 403);
}
if (!hash_equals($upgradeToken, $token)) {
abort('[!] Invalid token', 403);
}

8
content/legacy/themes/Peafowl/lib/chevereto.js
View File

@@ -2886,7 +2886,13 @@ $(function () {
'</a> ' +
'</div>',
});
})
});
$(document).on("focus", "input[name='form-album-password']", function() {
$(this).get(0).type = "text";
});
$(document).on("blur", "input[name='form-album-password']", function() {
$(this).get(0).type = "password";
});
});
if (typeof CHV == "undefined") {

6
content/legacy/themes/Peafowl/lib/chevereto.min.js vendored
View File

File diff suppressed because one or more lines are too long

3
content/legacy/themes/Peafowl/snippets/form_album.php
View File

@@ -88,8 +88,7 @@ if (!defined('ACCESS') || !ACCESS) {
<div class="input-label overflow-auto">
<div class="c8 grid-columns">
<label for="form-album-password"><?php _se('Password'); ?></label>
<p></p>
<input type="text" name="form-album-password" class="text-input" placeholder="<?php isset($album['password']) ? _se('Change password') : _se('Set password'); ?>" data-required<?php echo($album['privacy'] ?? null) == 'password' ? ' required' : null; ?>>
<input type="password" name="form-album-password" class="text-input" value="<?php echo $album['password'] ?? null; ?>" placeholder="<?php isset($album['password']) ? _se('Change password') : _se('Set password'); ?>" data-required<?php echo($album['privacy'] ?? null) == 'password' ? ' required' : null; ?>>
</div>
</div>
</div>

2
content/legacy/themes/Peafowl/snippets/form_sub_album.php
View File

@@ -46,7 +46,7 @@ if (!defined('ACCESS') || !ACCESS) {
<div class="input-label overflow-auto">
<div class="c8 grid-columns">
<label for="form-album-password"><?php _se('Password'); ?></label>
<input type="text" name="form-album-password" class="text-input" value="" placeholder="<?php _se('Set password'); ?>">
<input type="password" name="form-album-password" class="text-input" value="" placeholder="<?php _se('Set password'); ?>">
</div>
</div>
</div>

8
content/legacy/themes/Peafowl/views/dashboard/stats.php
View File

@@ -16,17 +16,17 @@ if (!defined('ACCESS') || !ACCESS) {
<div data-modal="modal-license-key" class="hidden" data-submit-fn="CHV.fn.license.set.submit" data-ajax-deferred="CHV.fn.license.set.complete" data-ajax-url="<?php echo get_base_url('json'); ?>">
<span class="modal-box-title"><i class="fas fa-key"></i> <?php _se('License key'); ?></span>
<p><?php _se(
"Provide Chevereto license key by assigning the environment variable %env% or by creating the %file% containing the license key.",
"Provide Chevereto license key by assigning the environment variable %env% or by creating the %file% file containing the license key.",
[
'%env%' => '<code class="code font-weight-bold">CHEVERETO_LICENSE_KEY</code>',
'%file%' => '<code class="code font-weight-bold">' . PATH_APP . 'CHEVERETO_LICENSE_KEY</code>',
'%env%' => '<code class="code font-weight-bold word-break-break-all">CHEVERETO_LICENSE_KEY</code>',
'%file%' => '<code class="code font-weight-bold word-break-break-all">' . PATH_APP . 'CHEVERETO_LICENSE_KEY</code>',
]
); ?></p>
<p><?php _se('You can also set the license in the textarea below.'); ?></p>
<div class="modal-form margin-top-20">
<div class="input-label overflow-auto">
<label for="chevereto-license-key"><?php _se('Chevereto license key'); ?></label>
<textarea placeholder="<?php _se('PASTE LICENSE KEY HERE'); ?>" id="chevereto-license-key" class="r3 resize-vertical" name="chevereto-license-key" data-focus="select-all"><?php echo Handler::var('licenseKey'); ?></textarea>
<textarea placeholder="<?php _se('PASTE LICENSE KEY HERE'); ?>" id="chevereto-license-key" class="r3 resize-vertical" name="chevereto-license-key"><?php echo Handler::var('licenseKey'); ?></textarea>
<div class="input-below font-size-small"><?php _se('Get a license from %s to unlock all features and support.', '<a href="https://chevereto.com/pricing" target="_blank">chevereto.com</a>'); ?></div>
</div>
</div>