Update Grav to 1.5.10 (and plugins)

CHANGELOG.md

-# M3P2 
+# v1.5.10
+## 03/21/2019
 
-- configure
-- add plugins
-- add theme textbook
-- …
-
----
-Forked from here.
----
+1. [](#new)
+    * Added new `deferred` Twig extension
 
 # v1.5.9
-## mm/dd/2019
+## 03/20/2019
 
+1. [](#new)
+    * Added new `onPageContent()` event for every call to `Page::content()`
 1. [](#improved)
     * Fixed phpdoc generation
+    * Updated vendor libraries
+    * Force Toolbox v1.4.2
+1. [](#bugfix)
+    * EXIF fix for streams
+    * Fix for User avatar not working due to uppercase or spaces in email [#2403](https://github.com/getgrav/grav/pull/2403)
 
 # v1.5.8
 ## 02/07/2019

README.md

-# M3P2
+# ![](https://avatars1.githubusercontent.com/u/8237355?v=2&s=50) Grav
 
-These are the sources of an instance of Grav tailored for the courses of M3P2.
+[![SensioLabsInsight](https://insight.sensiolabs.com/projects/cfd20465-d0f8-4a0a-8444-467f5b5f16ad/mini.png)](https://insight.sensiolabs.com/projects/cfd20465-d0f8-4a0a-8444-467f5b5f16ad) [![Discord](https://img.shields.io/discord/501836936584101899.svg?logo=discord&colorB=728ADA&label=Discord%20Chat)](https://chat.getgrav.org) [![Build Status](https://travis-ci.org/getgrav/grav.svg?branch=develop)](https://travis-ci.org/getgrav/grav) [![OpenCollective](https://opencollective.com/grav/backers/badge.svg)](#backers) [![OpenCollective](https://opencollective.com/grav/sponsors/badge.svg)](#sponsors)
 
-The plugins and themes are included.
-Only the php vendors are not included.
+Grav is a **Fast**, **Simple**, and **Flexible**, file-based Web-platform.  There is **Zero** installation required.  Just extract the ZIP archive, and you are already up and running.  It follows similar principles to other flat-file CMS platforms, but has a different design philosophy than most. Grav comes with a powerful **Package Management System** to allow for simple installation and upgrading of plugins and themes, as well as simple updating of Grav itself.
 
-	composer install
+The underlying architecture of Grav is designed to use well-established and _best-in-class_ technologies to ensure that Grav is simple to use and easy to extend. Some of these key technologies include:
 
-http://getcomposer.org/
+* [Twig Templating](https://twig.sensiolabs.org/): for powerful control of the user interface
+* [Markdown](https://en.wikipedia.org/wiki/Markdown): for easy content creation
+* [YAML](https://yaml.org): for simple configuration
+* [Parsedown](https://parsedown.org/): for fast Markdown and Markdown Extra support
+* [Doctrine Cache](https://www.doctrine-project.org/projects/doctrine-orm/en/latest/reference/caching.html): layer for performance
+* [Pimple Dependency Injection Container](https://pimple.sensiolabs.org/): for extensibility and maintainability
+* [Symfony Event Dispatcher](https://symfony.com/doc/current/components/event_dispatcher/introduction.html): for plugin event handling
+* [Symfony Console](https://symfony.com/doc/current/components/console/introduction.html): for CLI interface
+* [Gregwar Image Library](https://github.com/Gregwar/Image): for dynamic image manipulation
 
-Then try out
+# Requirements
 
-	bin/grav
+- PHP 5.6.4 or higher. Check the [required modules list](https://learn.getgrav.org/basics/requirements#php-requirements)
+- Check the [Apache](https://learn.getgrav.org/basics/requirements#apache-requirements) or [IIS](https://learn.getgrav.org/basics/requirements#iis-requirements) requirements
 
-to troubleshoot.
+# QuickStart
 
-Perhaps
+These are the options to get Grav:
 
-	bin/grav install
+### Downloading a Grav Package
 
+You can download a **ready-built** package from the [Downloads page on https://getgrav.org](https://getgrav.org/downloads)
 
-Add the courses from the other repository
+### With Composer
 
-	bin/clone_courses.sh
+You can create a new project with the latest **stable** Grav release with the following command:
 
+```
+$ composer create-project getgrav/grav ~/webroot/grav
+```
 
-And run locally
+### From GitHub
 
-	php -S localhost:8000 system/router.php
+1. Clone the Grav repository from [https://github.com/getgrav/grav]() to a folder in the webroot of your server, e.g. `~/webroot/grav`. Launch a **terminal** or **console** and navigate to the webroot folder:
+   ```
+   $ cd ~/webroot
+   $ git clone https://github.com/getgrav/grav.git
+   ```
 
+2. Install the **plugin** and **theme dependencies** by using the [Grav CLI application](https://learn.getgrav.org/advanced/grav-cli) `bin/grav`:
+   ```
+   $ cd ~/webroot/grav
+   $ bin/grav install
+   ```
 
-## Upgrading vendors
+Check out the [install procedures](https://learn.getgrav.org/basics/installation) for more information.
 
-Since our plugins and themes are in this repository, they are frozen.
+# Adding Functionality
 
-So far, Grav itself is safe to update, as well as all plugins **but mathjax** (until they merge our MR).
+You can download [plugins](https://getgrav.org/downloads/plugins) or [themes](https://getgrav.org/downloads/themes) manually from the appropriate tab on the [Downloads page on https://getgrav.org](https://getgrav.org/downloads), but the preferred solution is to use the [Grav Package Manager](https://learn.getgrav.org/advanced/grav-gpm) or `GPM`:
 
-Todo: look up .dependencies and perhaps we'll remove the plugins dir altogether from this repository.
+```
+$ bin/gpm index
+```
 
-The theme `textbook` is tailored for M3P2 courses.
-The plugin `gitlab-markdown-adapter` was expressly made for this Grav instance.
+This will display all the available plugins and then you can install one or more with:
+
+```
+$ bin/gpm install <plugin/theme>
+```
+
+# Updating
 
 To update Grav you should use the [Grav Package Manager](https://learn.getgrav.org/advanced/grav-gpm) or `GPM`:
 
@@ -53,40 +81,50 @@ To update plugins and themes:
 $ bin/gpm update
 ```
 
----
 
----
+# Contributing
+We appreciate any contribution to Grav, whether it is related to bugs, grammar, or simply a suggestion or improvement! Please refer to the [Contributing guide](CONTRIBUTING.md) for more guidance on this topic.
 
----
+## Security issues
+If you discover a possible security issue related to Grav or one of its plugins, please email the core team at contact@getgrav.org and we'll address it as soon as possible.
 
-# ![](https://avatars1.githubusercontent.com/u/8237355?v=2&s=50) Grav
+# Getting Started
 
-Grav is a **Fast**, **Simple**, and **Flexible**, file-based Web-platform.
-It follows similar principles to other flat-file CMS platforms, but has a different design philosophy than most.
-Grav comes with a powerful **Package Management System** to allow for simple installation and upgrading of plugins and themes, as well as simple updating of Grav itself.
+* [What is Grav?](https://learn.getgrav.org/basics/what-is-grav)
+* [Install](https://learn.getgrav.org/basics/installation) Grav in few seconds
+* Understand the [Configuration](https://learn.getgrav.org/basics/grav-configuration)
+* Take a peek at our available free [Skeletons](https://getgrav.org/downloads/skeletons)
+* If you have questions, jump on our [Discord Chat Server](https://chat.getgrav.org)!
+* Have fun!
 
-The underlying architecture of Grav is designed to use well-established and _best-in-class_ technologies to ensure that Grav is simple to use and easy to extend. Some of these key technologies include:
+# Exploring More
 
-* [Twig Templating](https://twig.sensiolabs.org/): for powerful control of the user interface
-* [Markdown](https://en.wikipedia.org/wiki/Markdown): for easy content creation
-* [YAML](https://yaml.org): for simple configuration
-* [Parsedown](https://parsedown.org/): for fast Markdown and Markdown Extra support
-* [Doctrine Cache](https://www.doctrine-project.org/projects/doctrine-orm/en/latest/reference/caching.html): layer for performance
-* [Pimple Dependency Injection Container](https://pimple.sensiolabs.org/): for extensibility and maintainability
-* [Symfony Event Dispatcher](https://symfony.com/doc/current/components/event_dispatcher/introduction.html): for plugin event handling
-* [Symfony Console](https://symfony.com/doc/current/components/console/introduction.html): for CLI interface
-* [Gregwar Image Library](https://github.com/Gregwar/Image): for dynamic image manipulation
+* Have a look at our [Basic Tutorial](https://learn.getgrav.org/basics/basic-tutorial)
+* Dive into more [advanced](https://learn.getgrav.org/advanced) functions
+* Learn about the [Grav CLI](https://learn.getgrav.org/cli-console/grav-cli)
+* Review examples in the [Grav Cookbook](https://learn.getgrav.org/cookbook)
 
-# Requirements
+# Backers
+Support Grav with a monthly donation to help us continue development. [[Become a backer](https://opencollective.com/grav#backer)]
 
-- PHP 5.6.4 or higher. Check the [required modules list](https://learn.getgrav.org/basics/requirements#php-requirements)
-- Check the [Apache](https://learn.getgrav.org/basics/requirements#apache-requirements) or [IIS](https://learn.getgrav.org/basics/requirements#iis-requirements) requirements
+<img src="https://opencollective.com/grav/tiers/backers.svg?avatarHeight=36&width=600" />
+
+# Sponsors
+Become a sponsor and get your logo on our README on Github with a link to your site. [[Become a sponsor](https://opencollective.com/grav#sponsor)]
 
+<img src="https://opencollective.com/grav/tiers/sponsors.svg?avatarHeight=36&width=600" />
 
 # License
 
 See [LICENSE](LICENSE.txt)
 
+
 [gitflow-model]: http://nvie.com/posts/a-successful-git-branching-model/
 [gitflow-extensions]: https://github.com/nvie/gitflow
 
+# Running Tests
+
+First install the dev dependencies by running `composer update` from the Grav root.
+Then `composer test` will run the Unit Tests, which should be always executed successfully on any site.
+Windows users should use the `composer test-windows` command.
+You can also run a single unit test file, e.g. `composer test tests/unit/Grav/Common/AssetsTest.php`

composer.json

@@ -26,7 +26,7 @@
         "gregwar/image": "2.*",
         "donatj/phpuseragentparser": "~0.3",
         "pimple/pimple": "~3.2",
-        "rockettheme/toolbox": "~1.4",
+        "rockettheme/toolbox": "1.4.2",
         "maximebf/debugbar": "~1.10",
         "ext-mbstring": "*",
         "ext-openssl": "*",
@@ -36,7 +36,8 @@
         "league/climate": "^3.2",
         "antoligy/dom-string-iterators": "^1.0",
         "miljar/php-exif": "^0.6.3",
-        "composer/ca-bundle": "^1.0"
+        "composer/ca-bundle": "^1.0",
+        "phive/twig-extensions-deferred": "^1.0"
     },
     "require-dev": {
         "codeception/codeception": "^2.1",

system/defines.php

@@ -8,7 +8,7 @@
 
 // Some standard defines
 define('GRAV', true);
-define('GRAV_VERSION', '1.5.8');
+define('GRAV_VERSION', '1.5.10');
 define('GRAV_TESTING', false);
 define('DS', '/');
 

system/src/Grav/Common/Page/Media.php

@@ -73,6 +73,7 @@ class Media extends AbstractMedia
     protected function init()
     {
         $config = Grav::instance()['config'];
+        $locator = Grav::instance()['locator'];
         $exif_reader = isset(Grav::instance()['exif']) ? Grav::instance()['exif']->getReader() : false;
         $media_types = array_keys(Grav::instance()['config']->get('media.types'));
 
@@ -155,7 +156,11 @@ class Media extends AbstractMedia
                     $meta_data = $meta->getData();
                     $meta_trimmed = array_diff_key($meta_data, array_flip($this->standard_exif));
                     if ($meta_trimmed) {
-                        $file = File::instance($meta_path);
+                        if ($locator->isStream($meta_path)) {
+                            $file = File::instance($locator->findResource($meta_path, true, true));
+                        } else {
+                            $file = File::instance($meta_path);
+                        }
                         $file->save(Yaml::dump($meta_trimmed));
                         $types['meta']['file'] = $meta_path;
                     }

system/src/Grav/Common/Page/Page.php

@@ -687,6 +687,8 @@ class Page implements PageInterface
                 $this->content = str_replace("<p>{$delimiter}</p>", '', $this->content);
             }
 
+            // Fire event when Page::content() is called
+            Grav::instance()->fireEvent('onPageContent', new Event(['page' => $this]));
         }
 
         return $this->content;

system/src/Grav/Common/Twig/Twig.php

@@ -16,6 +16,7 @@ use Grav\Common\Page\Page;
 use Grav\Common\Page\Pages;
 use RocketTheme\Toolbox\ResourceLocator\UniformResourceLocator;
 use RocketTheme\Toolbox\Event\Event;
+use Phive\Twig\Extensions\Deferred\DeferredExtension;
 
 class Twig
 {
@@ -181,6 +182,7 @@ class Twig
                 $this->twig->addExtension(new \Twig_Extension_Debug());
             }
             $this->twig->addExtension(new TwigExtension());
+            $this->twig->addExtension(new DeferredExtension());
 
             $this->grav->fireEvent('onTwigExtensions');
 

user/config/plugins/admin.yaml

+enabled: true
+route: /admin
+cache_enabled: false
+theme: grav
+logo_text: M3P2
+content_padding: true
+twofa_enabled: false
+sidebar:
+  activate: tab
+  hover_delay: 100
+  size: auto
+dashboard:
+  days_of_stats: 7
+widgets:
+  dashboard-maintenance: true
+  dashboard-statistics: true
+  dashboard-notifications: true
+  dashboard-feed: true
+  dashboard-pages: true
+pages:
+  show_parents: both
+  show_modular: true
+session:
+  timeout: 1800
+warnings:
+  delete_page: true
+edit_mode: normal
+frontend_preview_target: inline
+show_github_msg: true
+pages_list_display_field: title
+google_fonts: false
+admin_icons: line-awesome
+enable_auto_updates_check: true
+notifications:
+  feed: true
+  dashboard: true
+  plugins: true
+  themes: true
+popularity:
+  enabled: true
+  ignore:
+    - '/test*'
+    - /modular
+  history:
+    daily: '30'
+    monthly: '12'
+    visitors: '20'
+pagemedia:
+  resize_width: 0
+  resize_height: 0
+  res_min_width: 0
+  res_min_height: 0
+  res_max_width: 0
+  res_max_height: 0
+  resize_quality: 0.8

user/plugins/admin/CHANGELOG.md

+# v1.8.20
+## 03/20/2019
+
+1. [](#improved)
+    * Added security field to column [#1622](https://github.com/getgrav/grav-plugin-admin/pull/1622)
+
 # v1.8.19
 ## 02/13/2019
 

user/plugins/admin/blueprints.yaml

 name: Admin Panel
-version: 1.8.19
+version: 1.8.20
 description: Adds an advanced administration panel to manage your site
 icon: empire
 author:

user/plugins/admin/themes/grav/templates/forms/fields/column/column.html.twig

-{% if field.fields %}
-    <div class="form-column block pure-u-1-{{ cols }}">
-    {% for field in field.fields %}
-        {% if field.type %}
-            {% set value = field.name ? data.value(field.name) : data.toArray %}
-            {% include ["forms/fields/#{field.type}/#{field.type}.html.twig", 'forms/fields/text/text.html.twig'] %}
-        {% endif %}
-    {% endfor %}
-    </div>
+{% if field.security is empty or authorize(array(field.security)) %}
+
+    {% if field.fields %}
+        <div class="form-column block pure-u-1-{{ cols }}">
+        {% for field in field.fields %}
+            {% if field.type %}
+                {% set value = field.name ? data.value(field.name) : data.toArray %}
+                {% include ["forms/fields/#{field.type}/#{field.type}.html.twig", 'forms/fields/text/text.html.twig'] %}
+            {% endif %}
+        {% endfor %}
+        </div>
+    {% endif %}
+
 {% endif %}

user/plugins/login/CHANGELOG.md

+# v2.8.4
+## 03/20/2019
+
+1. [](#improved)  
+  * Enable "brute force" protection by default [#195](https://github.com/getgrav/grav-plugin-login/pulls/195)
+  * UPdated various language translations
+1. [](#bugfix)
+  * Set security timeouts in blueprints to use `minutes` rather than `seconds` [#194](https://github.com/getgrav/grav-plugin-login/issues/194)
+  * Send "notification" email to `to` address rather than `from` [#188](https://github.com/getgrav/grav-plugin-login/pulls/188)
+
 # v2.8.3
-## 01/25/2018
+## 01/25/2019
   
 1. [](#new)
   * Wrap data in `onUserLoginRegisterData` event in object to allow reference  

user/plugins/login/README.md

@@ -161,10 +161,10 @@ rememberme:
   timeout: 604800                           # Timeout in seconds. Defaults to 1 week
   name: grav-rememberme                     # Name prefix of the session cookie
 
-max_pw_resets_count: 0                      # Number of password resets in a specific time frame (0 = unlimited)
+max_pw_resets_count: 2                      # Number of password resets in a specific time frame (0 = unlimited)
 max_pw_resets_interval: 60                  # Time in minutes to track password resets
-max_login_count: 0                          # Number of failed login attempts in a specific time frame (0 = unlimited)
-max_login_interval: 2                       # Time in minutes to track login attempts
+max_login_count: 5                          # Number of failed login attempts in a specific time frame (0 = unlimited)
+max_login_interval: 10                      # Time in minutes to track login attempts
 
 user_registration:
   enabled: false                            # Enable User Registration Process

user/plugins/login/blueprints.yaml

 name: Login
-version: 2.8.3
+version: 2.8.4
 description: Enables user authentication and login screen.
 icon: sign-in
 author:
@@ -372,7 +372,7 @@ form:
               size: x-small
               label: PLUGIN_LOGIN.MAX_RESETS_INTERVAL
               help: PLUGIN_LOGIN.MAX_RESETS_INTERVAL_HELP
-              append: PLUGIN_LOGIN.SECONDS
+              append: PLUGIN_LOGIN.MINUTES
               validate:
                 type: number
                 min: 1
@@ -392,7 +392,7 @@ form:
               size: x-small
               label: PLUGIN_LOGIN.MAX_LOGINS_INTERVAL
               help: PLUGIN_LOGIN.MAX_LOGINS_INTERVAL_HELP
-              append: PLUGIN_LOGIN.SECONDS
+              append: PLUGIN_LOGIN.MINUTES
               validate:
                 type: number
                 min: 1

user/plugins/login/classes/Login.php

@@ -338,7 +338,7 @@ class Login
             $user->email,
             $this->grav['base_url_absolute'],
         ]);
-        $to = $this->config->get('plugins.email.from');
+        $to = $this->config->get('plugins.email.to');
 
         if (empty($to)) {
             throw new \RuntimeException($this->language->translate('PLUGIN_LOGIN.EMAIL_NOT_CONFIGURED'));
@@ -508,8 +508,8 @@ class Login
                     $interval = $this->grav['config']->get('plugins.login.max_login_interval', 10);
                     break;
                 case 'pw_resets':
-                    $maxCount = $this->grav['config']->get('plugins.login.max_pw_resets_count', 0);
-                    $interval = $this->grav['config']->get('plugins.login.max_pw_resets_interval', 2);
+                    $maxCount = $this->grav['config']->get('plugins.login.max_pw_resets_count', 2);
+                    $interval = $this->grav['config']->get('plugins.login.max_pw_resets_interval', 60);
                     break;
             }
             $this->rateLimiters[$context] = new RateLimiter($context, $maxCount, $interval);

user/plugins/login/languages/en.yaml

@@ -106,6 +106,7 @@ PLUGIN_LOGIN:
   MAX_LOGINS_INTERVAL_HELP: "The time interval for the login count value"
   TOO_MANY_LOGIN_ATTEMPTS: "Too many failed login attempted in the configured time (%s minutes)"
   SECONDS: "seconds"
+  MINUTES: "minutes"
   RESETS: "resets"
   ATTEMPTS: "attempts"
   ROUTES: "Routes"

user/plugins/login/languages/ru.yaml

@@ -51,6 +51,7 @@ PLUGIN_LOGIN:
   EMAIL_FOOTER: "GetGrav.org"
   ACTIVATION_LINK_EXPIRED: "Время ссылки для активации истекло"
   USER_ACTIVATED_SUCCESSFULLY: "Пользователь успешно активирован"
+  USER_ACTIVATED_SUCCESSFULLY_NOT_ENABLED: "Аккаунт пользователя активирован, но учетная запись просматривается"
   INVALID_REQUEST: "Неверный запрос"
   USER_REGISTRATION: "Регистрация пользователя"
   USER_REGISTRATION_ENABLED_HELP: "Включить регистрацию пользователя"
@@ -127,3 +128,5 @@ PLUGIN_LOGIN:
   2FA_SECRET_HELP: "Сканируйте этот QR-код в свое [Приложение аутентификации](https://learn.getgrav.org/admin-panel/2fa#apps). Также рекомендуется сохранить секрет в безопасном месте, если вам прийдется переустановить приложение. Проверьте [Grav docs](https://learn.getgrav.org/admin-panel/2fa) для дополнительной информации "
   2FA_REGENERATE: "Сгенерировать повторно"
   BTN_CANCEL: "Отмена"
+  MANUALLY_ENABLE: "Вручную включить"
+  MANUALLY_ENABLE_HELP: "При использовании «активации по электронной почте» и «уведомление по электронной почте» вы можете убедиться, что пользователь может самостоятельно активироваться, но пользователь требует ручного включения для входа в систему"

user/plugins/login/login.yaml

@@ -20,10 +20,10 @@ rememberme:
   timeout: 604800                           # Timeout in seconds. Defaults to 1 week
   name: grav-rememberme                     # Name prefix of the session cookie
 
-max_pw_resets_count: 0                      # Number of password resets in a specific time frame (0 = unlimited)
+max_pw_resets_count: 2                      # Number of password resets in a specific time frame (0 = unlimited)
 max_pw_resets_interval: 60                  # Time in minutes to track password resets
-max_login_count: 0                          # Number of failed login attempts in a specific time frame (0 = unlimited)
-max_login_interval: 2                       # Time in minutes to track login attempts
+max_login_count: 5                          # Number of failed login attempts in a specific time frame (0 = unlimited)
+max_login_interval: 10                      # Time in minutes to track login attempts
 
 user_registration:
   enabled: false                            # Enable User Registration Process