Added functionality back with improvements. #3
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Something that might be good to try is to use the build in WonderCMS upload script for uploading the files. This way there is only a single front to attack on. |
|
@StephanStanisic any updates since the last time we worked on the fix together? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
So I always found it interesting that the summernote editor didn't have an file selector build in. I later found the original repo by prakai and learned that it had a serious vulnerability, so the functionality was removed.
I later read WonderCMS/wondercms#125 and ever since it has been tickling my mind.
So here it is: my proposal to integrate this into summernote again. I added an login/token check into
file.php, so that should be safe from outsiders.I didn't dare to touch most of this code, it's a nice big pile (like most WonderCMS plugins) and (for me) unreadable. This pull request is here to get some more review done on this code from prakai.
I also touched some things up left and right, things like moving the old font awesome icons over etc.