mirror of
https://codeberg.org/PostERG/xamxam.git
synced 2026-06-25 16:19:19 +02:00
df70fba5d4
- Add csv_import queue type (storeAsFile, no async upload) for CSV import dialog - Convert file-field.php partial to FilePond with field-name→queue-type mapping - Conditionally skip server config for storeAsFile queues in buildFilePondOptions - Skip FilePond init for inputs inside closed <dialog> elements - Trigger FilePond init when import dialog opens - Load FilePond CSS/JS assets on admin index page
892 B
892 B
TODO
- Convert all file inputs to FilePond (CSV import, file-field.php; fix dialog init + missing CSS/JS on index page)
- Fix
account.php: replace!==CSRF token check withhash_equals(constant-time comparison) - Fix
ShareLink::setPassword(): also encrypt and store plain-text password, matchingcreate()behavior - Audit: confirm all remaining credential comparison sites use constant-time
hash_equalsorpassword_verify - Fix
.gitignore: anchorvendor/to root (/vendor/) soapp/public/assets/js/vendor/(htmx, OverType, FilePond) is tracked - Fix migration
025_lowercase_languages.sql: deduplicate languages before LOWER() to avoid UNIQUE constraint violation (Néerlandais/néerlandais) - Fix home page: load ALL published theses grouped by year (desc), shuffled randomly within each year (instead of only ~20 from latest year)