Tickets ConLite :: Tickets ConLite :: ConLite: Recently closed tasks https://dev.conlite.org/tickets/ 2017-08-01T12:52:40Z FS#172: AMR-Plugin: update plugin to last 4.8 version 2017-08-01T12:52:40Z 2017-07-15T16:13:45Z

Update AMR-Plugin to version used in Contenido 4.8.20. Also modifiy sql-setup.

Ortwin Pinke https://dev.conlite.org/tickets/:172
FS#174: Localize newsletter plugin 2017-08-01T12:51:14Z 2017-08-01T08:13:18Z

Due too changes for localization not scanning plugin folders we have to do a separate localization for plugins.

Ortwin Pinke https://dev.conlite.org/tickets/:174
FS#173: i18n gettext: i18n cannot handle text (mo/po) with multiple lines 2017-07-16T11:39:46Z 2017-07-16T11:39:28Z

Adapt i18n class from Con 4.9

Ortwin Pinke https://dev.conlite.org/tickets/:173
FS#170: PHPMailer < 5.2.18 Remote Code Execution 2017-07-06T11:15:10Z 2017-01-17T18:38:38Z

see http://legalhackers.com/advisories/PHPMailer-Exploit-Remote-Code-Exec-CVE-2016-10033-Vuln.html

Check if used PHPMailer is affected by this vulnerability and fix it if needed.

Ortwin Pinke https://dev.conlite.org/tickets/:170
FS#166: Backslashes in module code will be removed using sync to db 2017-07-06T10:56:45Z 2016-06-29T12:54:35Z

If you sync modules in filesystem to db, used backslashes in input or output will be removed in db-table.
You may test behavior by just setting an html-output with backslashed quotation marks.

Ortwin Pinke https://dev.conlite.org/tickets/:166
FS#171: System and client allows xss in backend 2017-07-06T09:31:52Z 2017-06-29T10:03:14Z

Go to administration → system → expert settings.
Create new setting and set value to: <script>alert(”XSS Alert”);</script>
Script will be executed. Same with client settings

Ortwin Pinke https://dev.conlite.org/tickets/:171
FS#168: Change folder for cronjob files 2016-10-07T16:25:17Z 2016-10-06T17:18:47Z

Move .job files from conlite/cronjobs to data/cronlog like con 4.9 does. Also remove check for write permissions for the old folder.

Ortwin Pinke https://dev.conlite.org/tickets/:168
FS#169: No log-file for pseudo-corn 2016-10-07T16:24:57Z 2016-10-07T10:46:59Z

Normally pseudo-cron uses a log-file to write down all tasks. But there are no logs written down. Check whole behavior of pseudo-cron

Ortwin Pinke https://dev.conlite.org/tickets/:169
FS#167: TinyMCE: no float after saving image in html-text 2016-06-29T12:58:44Z 2016-06-29T12:57:12Z

If you try to use floating in tinymce for an image style is not added to img-tag after saving content.

Ortwin Pinke https://dev.conlite.org/tickets/:167
FS#149: EditArea: Check compressor usage 2015-11-11T19:34:16Z 2015-07-28T10:26:39Z

There is a problem with cache files and/or cache path for compressor of editarea.
Contenido uses generated files in editarea path, ConLite has a modified compressor class using backend cache path. There is a report that this files where not generated always, so editarea is not working.
Also in editarea class for ConLite method getProperties all properties are loaded if the editor is deactivated. Change this useless behaviour to ommit unneeded db-queries.

Maybe it’s a good idea to deliever compressed editarea.js always if caching not possible.
Check whole procedure and fix it before release of stable 2.0!

Ortwin Pinke https://dev.conlite.org/tickets/:149