1. 05 Apr, 2019 1 commit
    • totten's avatar
      (NFC) Apply upcoming civicrm/coder policies (batch 2) · 5d4fcf54
      totten authored
      Method:
      
      * Checkout latest merged branch of civicrm/coder (`8.x-2.x-civi`)
      * Run this command to autoclean a batch of 100 files
        `PG=2 SIZE=100 ; find Civi/ CRM/ api/ bin/ extern/ tests/ -name '*.php' | grep -v /examples/ | grep -v /DAO/ | sort | head -n $(( $PG  * $SIZE )) | tail -n $SIZE | xargs phpcbf-civi`
      * Go through the diff. For anything that looks wonky, open in an editor and find a better solution.
      
      Note: The automated checker makes good points about awkward indentation, but the automated cleanup often makes it
      worse.  So that's why I have to open it up.
      5d4fcf54
  2. 13 Dec, 2018 1 commit
  3. 04 Dec, 2018 1 commit
  4. 02 Dec, 2018 1 commit
  5. 18 Jul, 2018 1 commit
    • Sean Madsen's avatar
      security/core#14 Validate "context" inputs · edc80cda
      Sean Madsen authored
      When "context" is passed as a GET parameter, ensure that its values is
      a valid "Alphanumeric" type. This helps prevent XSS when the "context"
      value finds its way into templates that lack HTML output encoding.
      
      Replace...
      
          CRM_Utils_Request::retrieve\((['"])context\1,(\s*)(['"])String\3
      
      ...with...
      
          CRM_Utils_Request::retrieve\($1context$1,$3Alphanumeric$3
      
      Also search for the following and manually fix:
      
          \$_GET\[(['"])context\1\]
          \$_POST\[(['"])context\1\]
          \$_REQUEST\[(['"])context\1\]
      edc80cda
  6. 19 Apr, 2018 1 commit
    • totten's avatar
      (NFC) Update version in header · fee14197
      totten authored
      This is a simple administrative update to the headers. It was generated with the command:
      
      ```
      rgrep '| CiviCRM version 4.7' CRM/ Civi ang api bin extern install/ settings/ templates -l \
        | xargs sed -i'' "s/| CiviCRM version 4.7/| CiviCRM version 5  /g"
      ```
      
      Tthe inclusion of `|` aimed to avoid matching any non-header text (e.g. inline docs that
      mentioned the version incidentally). But then I did a looser search and for just
      
      ```
      rgrep 'CiviCRM version 4.7'
      ````
      
      and manually patched the remainder.
      
      Note: I'm not really keen on doing this every month, so I relaxed the header
      statement -- instead of `CiviCRM version 5.0`, it's just `CiviCRM version 5`.
      fee14197
  7. 14 Mar, 2018 1 commit
  8. 05 Mar, 2018 1 commit
  9. 23 Feb, 2018 1 commit
  10. 10 Jan, 2017 1 commit
  11. 02 Jan, 2017 1 commit
  12. 11 Nov, 2016 1 commit
  13. 21 Mar, 2016 1 commit
  14. 04 Feb, 2016 1 commit
  15. 31 Aug, 2015 1 commit
  16. 16 Aug, 2015 1 commit
  17. 03 Aug, 2015 1 commit
  18. 27 Mar, 2015 1 commit
  19. 04 Feb, 2015 1 commit
  20. 20 Jan, 2015 2 commits
  21. 16 Jan, 2015 1 commit
  22. 10 Jan, 2015 1 commit
  23. 09 Jan, 2015 1 commit
  24. 06 Jan, 2015 1 commit
  25. 31 Dec, 2014 3 commits
  26. 23 Dec, 2014 1 commit
  27. 01 Dec, 2014 1 commit
  28. 30 Nov, 2014 1 commit
  29. 03 Jun, 2014 2 commits
  30. 24 May, 2014 1 commit
  31. 28 Mar, 2014 1 commit
  32. 19 Mar, 2014 1 commit
  33. 15 Mar, 2014 1 commit
  34. 25 Feb, 2014 1 commit
  35. 24 Jan, 2014 2 commits