michael-e
michael-e
In https://github.com/symphonycms/symphony-2/blob/4410adc7154918b94224a91882d9c45274e3b1a8/symphony/lib/toolkit/class.frontendpage.php#L275 the `list()` construct is used. According to [the PHP docs](http://php.net/manual/en/function.list.php), this will behave differently depending on the PHP version. So do we have an issue here? (And should...
I really love Symphony's new "Attach to pages" feature for datasources and events. I wondered why this feature is not available for custom DSs and events. Does this have technical...
In #2491, there was a long discussion about certain data being "dates" or not. I myself came to this conclusion: > Thinking about it a bit more, even the possibility...
Current versions of Symphony create a lot of useless session rows in the database when XSRF protection is active and entries are posted in the backend. Session data look like:...
The function returns false anyway; failing more silently is preferrable. Fixes #310
The section ID is casted to integer in the IF-block and in the line before, so missing it here is error-prone.
Since the member section ID is typically set in the frontend form (using a hidden field), a (malicious) user can easily manipulate it. Of course, "evil" section IDs like `%3Benv`...
Backend authors are able to edit Member Role permissions. This feels like a bug to me. Or is this intended?
We should fix the extension's coding style (and make it PSR-2 comaptible). However, I suggest to wait until most of the other issues (and pull requests!) are closed.
I reverse-engineered a bit to understand the Members message IDs. Defined in Members `lib/class.membersevent.php`: ``` const MEMBER_ERRORS = 104; const MEMBER_INVALID = 105; const SECTION_INVALID = 201; const ACTIVATION_PRE_COMPLETED =...