From 20485620062c964cc5e6d071f395b464688de87f Mon Sep 17 00:00:00 2001 From: fredtempez Date: Tue, 9 May 2023 09:01:26 +0200 Subject: [PATCH 1/5] =?UTF-8?q?Edition=20user=20s=C3=A9lection=20langue=20?= =?UTF-8?q?par=20d=C3=A9faut?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- CHANGES.md | 2 +- core/module/user/view/edit/edit.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/CHANGES.md b/CHANGES.md index 43a34f1f..d2a5d3eb 100755 --- a/CHANGES.md +++ b/CHANGES.md @@ -1,8 +1,8 @@ # Changelog ## Version 12.3.10 +- Edition d'un utilisateur, sélection de la langue de sont interface. - Mise à jour du fichier dialog.php de Responsive File Manager -- Vulnérabilité dans ajax_call.php CVE-2020-10567 ## Version 12.3.09 ### Corrections diff --git a/core/module/user/view/edit/edit.php b/core/module/user/view/edit/edit.php index 3846d0c6..79023126 100644 --- a/core/module/user/view/edit/edit.php +++ b/core/module/user/view/edit/edit.php @@ -93,7 +93,7 @@
'Langues', - 'selected' => $this->getData(['user', $this->getUser('id'), 'language']) + 'selected' => $this->getData(['user', $this->getUrl(2), 'language']) ]); ?>
From 9baf47f86cc56ca12aefc16e655e6df5bd9a4ec7 Mon Sep 17 00:00:00 2001 From: fredtempez Date: Tue, 9 May 2023 09:04:17 +0200 Subject: [PATCH 2/5] Restore ajax_call --- core/vendor/filemanager/ajax_calls.php | 443 ++++++++++++------------- 1 file changed, 218 insertions(+), 225 deletions(-) diff --git a/core/vendor/filemanager/ajax_calls.php b/core/vendor/filemanager/ajax_calls.php index 6b97f280..e514186d 100644 --- a/core/vendor/filemanager/ajax_calls.php +++ b/core/vendor/filemanager/ajax_calls.php @@ -5,7 +5,7 @@ $config = include 'config/config.php'; require_once 'include/utils.php'; if ($_SESSION['RF']["verify"] != "RESPONSIVEfilemanager") { - response(trans('forbidden') . AddErrorLocation())->send(); + response(trans('forbidden').AddErrorLocation())->send(); exit; } $languages = include 'lang/languages.php'; @@ -14,24 +14,24 @@ if (isset($_SESSION['RF']['language']) && file_exists('lang/' . basename($_SESSI if (array_key_exists($_SESSION['RF']['language'], $languages)) { include 'lang/' . basename($_SESSION['RF']['language']) . '.php'; } else { - response(trans('Lang_Not_Found') . AddErrorLocation())->send(); + response(trans('Lang_Not_Found').AddErrorLocation())->send(); exit; } } else { - response(trans('Lang_Not_Found') . AddErrorLocation())->send(); + response(trans('Lang_Not_Found').AddErrorLocation())->send(); exit; } //check $_GET['file'] if (isset($_GET['file']) && !checkRelativePath($_GET['file'])) { - response(trans('wrong path') . AddErrorLocation())->send(); + response(trans('wrong path').AddErrorLocation())->send(); exit; } //check $_POST['file'] -if (isset($_POST['path']) && !checkRelativePath($_POST['path'])) { - response(trans('wrong path') . AddErrorLocation())->send(); +if(isset($_POST['path']) && !checkRelativePath($_POST['path'])) { + response(trans('wrong path').AddErrorLocation())->send(); exit; } @@ -43,16 +43,16 @@ if (isset($_GET['action'])) { case 'new_file_form': echo trans('Filename') . ':
'; - break; + break; case 'view': if (isset($_GET['type'])) { $_SESSION['RF']["view_type"] = $_GET['type']; } else { - response(trans('view type number missing') . AddErrorLocation())->send(); + response(trans('view type number missing').AddErrorLocation())->send(); exit; } break; @@ -63,7 +63,7 @@ if (isset($_GET['action'])) { $_SESSION['RF']["filter"] = $_GET['type']; } } else { - response(trans('view type number missing') . AddErrorLocation())->send(); + response(trans('view type number missing').AddErrorLocation())->send(); exit; } break; @@ -73,13 +73,15 @@ if (isset($_GET['action'])) { $_SESSION['RF']["sort_by"] = $_GET['sort_by']; } - if (isset($_GET['descending'])) { - $_SESSION['RF']["descending"] = $_GET['descending']; - } - break; - case 'save_img': - $info = pathinfo($_POST['name']); + if (isset($_GET['descending'])) + { + $_SESSION['RF']["descending"] = $_GET['descending']; + } + break; + case 'save_img': + $info = pathinfo($_POST['name']); $image_data = $_POST['url']; + if (preg_match('/^data:image\/(\w+);base64,/', $image_data, $type)) { $image_data = substr($image_data, strpos($image_data, ',') + 1); $type = strtolower($type[1]); // jpg, png, gif @@ -87,43 +89,42 @@ if (isset($_GET['action'])) { $image_data = base64_decode($image_data); if ($image_data === false) { - response(trans('TUI_Decode_Failed') . AddErrorLocation())->send(); - exit; + response(trans('TUI_Decode_Failed').AddErrorLocation())->send(); + exit; } } else { - response(trans('') . AddErrorLocation())->send(); + response(trans('').AddErrorLocation())->send(); exit; } if ($image_data === false) { - response(trans('') . AddErrorLocation())->send(); + response(trans('').AddErrorLocation())->send(); exit; } if (!checkresultingsize(strlen($image_data))) { - response(sprintf(trans('max_size_reached'), $config['MaxSizeTotal']) . AddErrorLocation())->send(); + response(sprintf(trans('max_size_reached'), $config['MaxSizeTotal']).AddErrorLocation())->send(); exit; } - if ($ftp) { - $temp_file = tmpfile(); - $temp_meta = stream_get_meta_data($temp_file); - $temp_path = $temp_meta['uri']; - fwrite($temp_file, $image_data); + $temp = tempnam('/tmp', 'RF'); + unlink($temp); + $temp .=".".substr(strrchr($_POST['url'], '.'), 1); + file_put_contents($temp, $image_data); - $ftp->put($config['ftp_base_folder'] . $config['upload_dir'] . $_POST['path'] . $_POST['name'], $temp_path, FTP_BINARY); + $ftp->put($config['ftp_base_folder'].$config['upload_dir'] . $_POST['path'] . $_POST['name'], $temp, FTP_BINARY); - create_img($temp_path, $temp_path, 122, 91); - $ftp->put($config['ftp_base_folder'] . $config['ftp_thumbs_dir'] . $_POST['path'] . $_POST['name'], $temp_path, FTP_BINARY); + create_img($temp, $temp, 122, 91); + $ftp->put($config['ftp_base_folder'].$config['ftp_thumbs_dir']. $_POST['path'] . $_POST['name'], $temp, FTP_BINARY); - fclose($temp_file); + unlink($temp); } else { file_put_contents($config['current_path'] . $_POST['path'] . $_POST['name'], $image_data); - create_img($config['current_path'] . $_POST['path'] . $_POST['name'], $config['thumbs_base_path'] . $_POST['path'] . $_POST['name'], 122, 91); + create_img($config['current_path'] . $_POST['path'] . $_POST['name'], $config['thumbs_base_path'].$_POST['path'].$_POST['name'], 122, 91); // TODO something with this function cause its blowing my mind new_thumbnails_creation( - $config['current_path'] . $_POST['path'], - $config['current_path'] . $_POST['path'] . $_POST['name'], + $config['current_path'].$_POST['path'], + $config['current_path'].$_POST['path'].$_POST['name'], $_POST['name'], $config['current_path'], $config @@ -133,11 +134,11 @@ if (isset($_GET['action'])) { case 'extract': if (!$config['extract_files']) { - response(trans('wrong action') . AddErrorLocation())->send(); + response(trans('wrong action').AddErrorLocation())->send(); } if ($ftp) { - $path = $config['ftp_base_url'] . $config['upload_dir'] . $_POST['path']; - $base_folder = $config['ftp_base_url'] . $config['upload_dir'] . fix_dirname($_POST['path']) . "/"; + $path = $config['ftp_base_url'].$config['upload_dir'] . $_POST['path']; + $base_folder = $config['ftp_base_url'].$config['upload_dir'] . fix_dirname($_POST['path']) . "/"; } else { $path = $config['current_path'] . $_POST['path']; $base_folder = $config['current_path'] . fix_dirname($_POST['path']) . "/"; @@ -170,7 +171,7 @@ if (isset($_GET['action'])) { $sizeTotalFinal += $aStat['size']; } if (!checkresultingsize($sizeTotalFinal)) { - response(sprintf(trans('max_size_reached'), $config['MaxSizeTotal']) . AddErrorLocation())->send(); + response(sprintf(trans('max_size_reached'), $config['MaxSizeTotal']).AddErrorLocation())->send(); exit; } @@ -183,7 +184,7 @@ if (isset($_GET['action'])) { create_folder($base_folder . $FullFileName['name']); } - if (!(substr($FullFileName['name'], -1, 1) == "/")) { + if (! (substr($FullFileName['name'], -1, 1) == "/")) { $fileinfo = pathinfo($FullFileName['name']); if (in_array(strtolower($fileinfo['extension']), $config['ext'])) { copy('zip://' . $path . '#' . $FullFileName['name'], $base_folder . $FullFileName['name']); @@ -193,7 +194,7 @@ if (isset($_GET['action'])) { } $zip->close(); } else { - response(trans('Zip_No_Extract') . AddErrorLocation())->send(); + response(trans('Zip_No_Extract').AddErrorLocation())->send(); exit; } @@ -216,132 +217,127 @@ if (isset($_GET['action'])) { break; default: - response(trans('Zip_Invalid') . AddErrorLocation())->send(); + response(trans('Zip_Invalid').AddErrorLocation())->send(); exit; } if ($ftp) { unlink($path); - $ftp->putAll($base_folder, "/" . $config['ftp_base_folder'] . $config['upload_dir'] . fix_dirname($_POST['path']), FTP_BINARY); + $ftp->putAll($base_folder, "/".$config['ftp_base_folder'] . $config['upload_dir'] . fix_dirname($_POST['path']), FTP_BINARY); deleteDir($base_folder); } - break; - case 'media_preview': - if (isset($_GET['file'])) { - $_GET['file'] = sanitize($_GET['file']); - } - if (isset($_GET['title'])) { - $_GET['title'] = sanitize($_GET['title']); - } - if ($ftp) { - $preview_file = $config['ftp_base_url'] . $config['upload_dir'] . $_GET['file']; - } else { - $preview_file = $config['current_path'] . $_GET["file"]; - } - $info = pathinfo($preview_file); - ob_start(); - ?> - - + break; + case 'media_preview': + if(isset($_GET['file'])){ + $_GET['file'] = sanitize($_GET['file']); + } + if(isset($_GET['title'])){ + $_GET['title'] = sanitize($_GET['title']); + } + if($ftp){ + $preview_file = $config['ftp_base_url'].$config['upload_dir'] . $_GET['file']; + }else{ + $preview_file = $config['current_path'] . $_GET["file"]; + } + $info = pathinfo($preview_file); + ob_start(); + ?> + + - + }); + - + - + + }); + send(); + response(trans('wrong sub-action').AddErrorLocation())->send(); exit; } if (trim($_POST['path']) == '') { - response(trans('no path') . AddErrorLocation())->send(); + response(trans('no path').AddErrorLocation())->send(); exit; } @@ -368,7 +364,7 @@ if (isset($_GET['action'])) { if (is_dir($path)) { // can't copy/cut dirs if ($config['copy_cut_dirs'] === false) { - response(sprintf(trans('Copy_Cut_Not_Allowed'), $msg_sub_action, trans('Folders')) . AddErrorLocation())->send(); + response(sprintf(trans('Copy_Cut_Not_Allowed'), $msg_sub_action, trans('Folders')).AddErrorLocation())->send(); exit; } @@ -376,7 +372,7 @@ if (isset($_GET['action'])) { // size over limit if ($config['copy_cut_max_size'] !== false && is_int($config['copy_cut_max_size'])) { if (($config['copy_cut_max_size'] * 1024 * 1024) < $sizeFolderToCopy) { - response(sprintf(trans('Copy_Cut_Size_Limit'), $msg_sub_action, $config['copy_cut_max_size']) . AddErrorLocation())->send(); + response(sprintf(trans('Copy_Cut_Size_Limit'), $msg_sub_action, $config['copy_cut_max_size']).AddErrorLocation())->send(); exit; } } @@ -384,19 +380,19 @@ if (isset($_GET['action'])) { // file count over limit if ($config['copy_cut_max_count'] !== false && is_int($config['copy_cut_max_count'])) { if ($config['copy_cut_max_count'] < $fileNum) { - response(sprintf(trans('Copy_Cut_Count_Limit'), $msg_sub_action, $config['copy_cut_max_count']) . AddErrorLocation())->send(); + response(sprintf(trans('Copy_Cut_Count_Limit'), $msg_sub_action, $config['copy_cut_max_count']).AddErrorLocation())->send(); exit; } } if (!checkresultingsize($sizeFolderToCopy)) { - response(sprintf(trans('max_size_reached'), $config['MaxSizeTotal']) . AddErrorLocation())->send(); + response(sprintf(trans('max_size_reached'), $config['MaxSizeTotal']).AddErrorLocation())->send(); exit; } } else { // can't copy/cut files if ($config['copy_cut_files'] === false) { - response(sprintf(trans('Copy_Cut_Not_Allowed'), $msg_sub_action, trans('Files')) . AddErrorLocation())->send(); + response(sprintf(trans('Copy_Cut_Not_Allowed'), $msg_sub_action, trans('Files')).AddErrorLocation())->send(); exit; } } @@ -412,11 +408,10 @@ if (isset($_GET['action'])) { if ($ftp) { $path = $config['ftp_base_url'] . $config['upload_dir'] . $_POST['path']; if ( - ($_POST['folder'] == 1 && $config['chmod_dirs'] === false) - || ($_POST['folder'] == 0 && $config['chmod_files'] === false) - || (is_function_callable("chmod") === false) - ) { - response(sprintf(trans('File_Permission_Not_Allowed'), (is_dir($path) ? trans('Folders') : trans('Files')), 403) . AddErrorLocation())->send(); + ($_POST['folder']==1 && $config['chmod_dirs'] === false) + || ($_POST['folder']==0 && $config['chmod_files'] === false) + || (is_function_callable("chmod") === false)) { + response(sprintf(trans('File_Permission_Not_Allowed'), (is_dir($path) ? trans('Folders') : trans('Files')), 403).AddErrorLocation())->send(); exit; } $info = $_POST['permissions']; @@ -425,9 +420,8 @@ if (isset($_GET['action'])) { if ( (is_dir($path) && $config['chmod_dirs'] === false) || (is_file($path) && $config['chmod_files'] === false) - || (is_function_callable("chmod") === false) - ) { - response(sprintf(trans('File_Permission_Not_Allowed'), (is_dir($path) ? trans('Folders') : trans('Files')), 403) . AddErrorLocation())->send(); + || (is_function_callable("chmod") === false)) { + response(sprintf(trans('File_Permission_Not_Allowed'), (is_dir($path) ? trans('Folders') : trans('Files')), 403).AddErrorLocation())->send(); exit; } @@ -439,22 +433,22 @@ if (isset($_GET['action'])) { $info .= (($perms & 0x0100) ? 'r' : '-'); $info .= (($perms & 0x0080) ? 'w' : '-'); $info .= (($perms & 0x0040) ? - (($perms & 0x0800) ? 's' : 'x') : - (($perms & 0x0800) ? 'S' : '-')); + (($perms & 0x0800) ? 's' : 'x') : + (($perms & 0x0800) ? 'S' : '-')); // Group $info .= (($perms & 0x0020) ? 'r' : '-'); $info .= (($perms & 0x0010) ? 'w' : '-'); $info .= (($perms & 0x0008) ? - (($perms & 0x0400) ? 's' : 'x') : - (($perms & 0x0400) ? 'S' : '-')); + (($perms & 0x0400) ? 's' : 'x') : + (($perms & 0x0400) ? 'S' : '-')); // World $info .= (($perms & 0x0004) ? 'r' : '-'); $info .= (($perms & 0x0002) ? 'w' : '-'); $info .= (($perms & 0x0001) ? - (($perms & 0x0200) ? 't' : 'x') : - (($perms & 0x0200) ? 'T' : '-')); + (($perms & 0x0200) ? 't' : 'x') : + (($perms & 0x0200) ? 'T' : '-')); } @@ -471,22 +465,22 @@ if (isset($_GET['action'])) { - ' . trans('User') . ' - - - + '.trans('User').' + + + - ' . trans('Group') . ' - - - + '.trans('Group').' + + + - ' . trans('All') . ' - - - + '.trans('All').' + + + @@ -496,12 +490,12 @@ if (isset($_GET['action'])) { '; if ((!$ftp && is_dir($path))) { - $ret .= '
' . trans('File_Permission_Recursive') . '

+ $ret .= '
'.trans('File_Permission_Recursive').'

    -
    • -
    • -
    • -
    • +
    • +
    • +
    • +
'; } @@ -513,14 +507,14 @@ if (isset($_GET['action'])) { break; case 'get_lang': - if (!file_exists('lang/languages.php')) { - response(trans('Lang_Not_Found') . AddErrorLocation())->send(); + if (! file_exists('lang/languages.php')) { + response(trans('Lang_Not_Found').AddErrorLocation())->send(); exit; } $languages = include 'lang/languages.php'; - if (!isset($languages) || !is_array($languages)) { - response(trans('Lang_Not_Found') . AddErrorLocation())->send(); + if (! isset($languages) || ! is_array($languages)) { + response(trans('Lang_Not_Found').AddErrorLocation())->send(); exit; } @@ -537,11 +531,11 @@ if (isset($_GET['action'])) { break; case 'change_lang': - $choosen_lang = (!empty($_POST['choosen_lang'])) ? $_POST['choosen_lang'] : "en_EN"; + $choosen_lang = (!empty($_POST['choosen_lang']))? $_POST['choosen_lang']:"en_EN"; if (array_key_exists($choosen_lang, $languages)) { - if (!file_exists('lang/' . $choosen_lang . '.php')) { - response(trans('Lang_Not_Found') . AddErrorLocation())->send(); + if (! file_exists('lang/' . $choosen_lang . '.php')) { + response(trans('Lang_Not_Found').AddErrorLocation())->send(); exit; } else { $_SESSION['RF']['language'] = $choosen_lang; @@ -551,12 +545,12 @@ if (isset($_GET['action'])) { break; case 'cad_preview': if ($ftp) { - $selected_file = $config['ftp_base_url'] . $config['upload_dir'] . $_GET['file']; + $selected_file = $config['ftp_base_url'].$config['upload_dir'] . $_GET['file']; } else { $selected_file = $config['current_path'] . $_GET['file']; - if (!file_exists($selected_file)) { - response(trans('File_Not_Found') . AddErrorLocation())->send(); + if (! file_exists($selected_file)) { + response(trans('File_Not_Found').AddErrorLocation())->send(); exit; } } @@ -576,17 +570,17 @@ if (isset($_GET['action'])) { $preview_mode = $_GET["preview_mode"]; if ($sub_action != 'preview' && $sub_action != 'edit') { - response(trans('wrong action') . AddErrorLocation())->send(); + response(trans('wrong action').AddErrorLocation())->send(); exit; } if ($ftp) { - $selected_file = ($sub_action == 'preview' ? $config['ftp_base_url'] . $config['upload_dir'] . $_GET['file'] : $config['ftp_base_url'] . $config['upload_dir'] . $_POST['path']); + $selected_file = ($sub_action == 'preview' ? $config['ftp_base_url'].$config['upload_dir'] . $_GET['file'] : $config['ftp_base_url'].$config['upload_dir'] . $_POST['path']); } else { $selected_file = ($sub_action == 'preview' ? $config['current_path'] . $_GET['file'] : $config['current_path'] . $_POST['path']); - if (!file_exists($selected_file)) { - response(trans('File_Not_Found') . AddErrorLocation())->send(); + if (! file_exists($selected_file)) { + response(trans('File_Not_Found').AddErrorLocation())->send(); exit; } } @@ -601,20 +595,19 @@ if (isset($_GET['action'])) { $allowed_file_exts = $config['googledoc_file_exts']; } - if (!isset($allowed_file_exts) || !is_array($allowed_file_exts)) { + if (! isset($allowed_file_exts) || ! is_array($allowed_file_exts)) { $allowed_file_exts = array(); } if (!isset($info['extension'])) { - $info['extension'] = ''; + $info['extension']=''; } - if ( - !in_array($info['extension'], $allowed_file_exts) - || !isset($is_allowed) + if (! in_array($info['extension'], $allowed_file_exts) + || ! isset($is_allowed) || $is_allowed === false - || (!$ftp && !is_readable($selected_file)) + || (!$ftp && ! is_readable($selected_file)) ) { - response(sprintf(trans('File_Open_Edit_Not_Allowed'), ($sub_action == 'preview' ? strtolower(trans('Open')) : strtolower(trans('Edit')))) . AddErrorLocation())->send(); + response(sprintf(trans('File_Open_Edit_Not_Allowed'), ($sub_action == 'preview' ? strtolower(trans('Open')) : strtolower(trans('Edit')))).AddErrorLocation())->send(); exit; } if ($sub_action == 'preview') { @@ -625,7 +618,7 @@ if (isset($_GET['action'])) { $ret = ''; $ret .= ''; - $ret .= '
' . $data . '
'; + $ret .= '
'.$data.'
'; } elseif ($preview_mode == 'google') { if ($ftp) { $url_file = $selected_file; @@ -633,28 +626,28 @@ if (isset($_GET['action'])) { $url_file = $config['base_url'] . $config['upload_dir'] . str_replace($config['current_path'], '', $_GET["file"]); } - $googledoc_url = urlencode($url_file); - $ret = ""; - } - } else { - $data = stripslashes(htmlspecialchars(file_get_contents($selected_file))); - if (in_array($info['extension'], array('html', 'html'))) { - $ret = ''; - } else { - $ret = ''; - } + $googledoc_url = urlencode($url_file); + $ret = ""; + } + }else{ + $data = stripslashes(htmlspecialchars(file_get_contents($selected_file))); + if(in_array($info['extension'],array('html','html'))){ + $ret = ''; + }else{ + $ret = ''; + } - } + } - response($ret)->send(); - exit; + response($ret)->send(); + exit; break; default: - response(trans('no action passed') . AddErrorLocation())->send(); + response(trans('no action passed').AddErrorLocation())->send(); exit; } } else { - response(trans('no action passed') . AddErrorLocation())->send(); + response(trans('no action passed').AddErrorLocation())->send(); exit; -} \ No newline at end of file +} From 02fb491f9b154a3304fa606727143e155a493a2f Mon Sep 17 00:00:00 2001 From: fredtempez Date: Tue, 9 May 2023 09:13:00 +0200 Subject: [PATCH 3/5] =?UTF-8?q?D=C3=A9sactive=20TUI=20Image=20=C3=A9diteur?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- CHANGES.md | 1 + core/vendor/filemanager/ajax_calls.php | 1 + core/vendor/filemanager/config/config.php | 2 +- 3 files changed, 3 insertions(+), 1 deletion(-) diff --git a/CHANGES.md b/CHANGES.md index d2a5d3eb..99911b53 100755 --- a/CHANGES.md +++ b/CHANGES.md @@ -3,6 +3,7 @@ ## Version 12.3.10 - Edition d'un utilisateur, sélection de la langue de sont interface. - Mise à jour du fichier dialog.php de Responsive File Manager +- Vulnérabilité dans ajax_call.php CVE-2020-10567, désactivation de TUI Editor et de la fonction save_image. ## Version 12.3.09 ### Corrections diff --git a/core/vendor/filemanager/ajax_calls.php b/core/vendor/filemanager/ajax_calls.php index e514186d..4ab1b48d 100644 --- a/core/vendor/filemanager/ajax_calls.php +++ b/core/vendor/filemanager/ajax_calls.php @@ -79,6 +79,7 @@ if (isset($_GET['action'])) { } break; case 'save_img': + break; $info = pathinfo($_POST['name']); $image_data = $_POST['url']; diff --git a/core/vendor/filemanager/config/config.php b/core/vendor/filemanager/config/config.php index dea2c679..0bf80362 100644 --- a/core/vendor/filemanager/config/config.php +++ b/core/vendor/filemanager/config/config.php @@ -487,7 +487,7 @@ $config = array( * TUI Image Editor config *******************/ // Add or modify the options below as needed - they will be json encoded when added to the configuration so arrays can be utilized as needed - 'tui_active' => true, + 'tui_active' => false, 'tui_position' => 'bottom', // 'common.bi.image' => "../assets/images/logo.png", // 'common.bisize.width' => '70px', From c71d68aae69b881d136051f784889bc8f42b46e7 Mon Sep 17 00:00:00 2001 From: fredtempez Date: Tue, 9 May 2023 14:17:56 +0200 Subject: [PATCH 4/5] changes --- CHANGES.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGES.md b/CHANGES.md index 99911b53..b5d1b308 100755 --- a/CHANGES.md +++ b/CHANGES.md @@ -1,7 +1,7 @@ # Changelog ## Version 12.3.10 -- Edition d'un utilisateur, sélection de la langue de sont interface. +- Edition d'un utilisateur, corrige affichage de la langue de l'interface. - Mise à jour du fichier dialog.php de Responsive File Manager - Vulnérabilité dans ajax_call.php CVE-2020-10567, désactivation de TUI Editor et de la fonction save_image. From 35a74f02b6d74e996652cab0c2fc83a815a880e5 Mon Sep 17 00:00:00 2001 From: fredtempez Date: Tue, 9 May 2023 14:29:42 +0200 Subject: [PATCH 5/5] changes --- CHANGES.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGES.md b/CHANGES.md index b5d1b308..1acb4d78 100755 --- a/CHANGES.md +++ b/CHANGES.md @@ -1,7 +1,7 @@ # Changelog ## Version 12.3.10 -- Edition d'un utilisateur, corrige affichage de la langue de l'interface. +- Edition d'un utilisateur, affiche correctement la langue de l'interface dans l'édition d'un utilisateur. - Mise à jour du fichier dialog.php de Responsive File Manager - Vulnérabilité dans ajax_call.php CVE-2020-10567, désactivation de TUI Editor et de la fonction save_image.