diff --git a/docs/building-extensions/components/component-examples/ajaxdemo.md b/docs/building-extensions/components/component-examples/ajaxdemo.md index 61a20fb2..1677533c 100644 --- a/docs/building-extensions/components/component-examples/ajaxdemo.md +++ b/docs/building-extensions/components/component-examples/ajaxdemo.md @@ -63,7 +63,7 @@ Path: components/com_ajaxdemo/tmpl/ajaxdemo/default.php This uses the [Web Asset Manager](../../../general-concepts/web-asset-manager.md) to attach the JavaScript divide.js which initiates the Ajax call. -It passes the root URL of your Joomla instance to the JavaScript code using [passing variables to Javascript](../../../general-concepts/javascript/adding-javascript#passing-variables-to-javascript) +It passes the root URL of your Joomla instance to the JavaScript code using [passing variables to Javascript](../../../general-concepts/javascript/adding-javascript.md#passing-variables-to-javascript) as this makes the job of forming the URLs easier. Then it outputs the `
` html, including the button with the onclick listener to run the divide.js code. diff --git a/docs/building-extensions/plugins/basic-content-plugin.md b/docs/building-extensions/plugins/basic-content-plugin.md index 0a4dc6f9..0b6febc6 100644 --- a/docs/building-extensions/plugins/basic-content-plugin.md +++ b/docs/building-extensions/plugins/basic-content-plugin.md @@ -173,7 +173,7 @@ Ensure that this matches your class in your `src/Extension` directory. ## Extension Class This is the main code of the plugin. Hopefully the comments in the code explain what is going on. -As explained in [Joomla 4 and 5 changes](./joomla-4-and-5-changes), code which triggers the Events can use a `GenericEvent` or a concrete Event, eg `ContentPrepareEvent`. In both these cases you can get the arguments using +As explained in [Joomla 4 and 5 changes](./joomla-4-and-5-changes.md), code which triggers the Events can use a `GenericEvent` or a concrete Event, eg `ContentPrepareEvent`. In both these cases you can get the arguments using ```php [$context, $article, $params, $page] = array_values($event->getArguments()); diff --git a/docs/general-concepts/forms-fields/standard-fields/index.md b/docs/general-concepts/forms-fields/standard-fields/index.md index 60a47253..375f2d39 100644 --- a/docs/general-concepts/forms-fields/standard-fields/index.md +++ b/docs/general-concepts/forms-fields/standard-fields/index.md @@ -14,8 +14,8 @@ To try out a standard form field you can download the `com_exampleform` componen ## List of Standard Form Fields The following is a full list of all supplied form fields available in this release. -| Type | Description | -|-------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| Type | Description | +|-------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | [Accessible Media](./accessiblemedia.md) | Provides modal access to the media manager for insertion of images with upload for users with appropriate permissions and a text field for adding a alternative text. | | [Access Level](./accesslevel.md) | Provides a drop down list of viewing access levels. | | [Alias Tag](./aliastag.md) | Provides a list box containing specific language definitions. | @@ -54,14 +54,14 @@ The following is a full list of all supplied form fields available in this relea | [Menu](./menu.md) | Provides a drop down list of the available menus from your Joomla site. | | [Menu Item](./menuitem.md) | Provides a drop down list of the available menu items from your Joomla site. | | [Meter](./meter.md) | Provides a meter to show value in a range. | -| [ModalSelect](./modalselect.md) | Provides a field to allow the user to select an item within a modal. | +| [ModalSelect](./modalselect.md) | Provides a field to allow the user to select an item within a modal. | | [Module Layout](./modulelayout.md) | Provides a list of alternative layout for a module grouped by core and template. | | [Module Order](./moduleorder.md) | Provides a drop down to set the ordering of module in a given position | | [Module Position](./moduleposition.md) | Provides a text input to set the position of a module. | | [Module Tag](./moduletag.md) | Provides a list of html5 elements (used to wrap a module in). | | [Note](./note.md) | Provides a one line text field. | | [Number](./number.md) | Provides a one line text box with up-down handles to set a number in the field. | -| [Order](./ordering) | Provides a dropdown list of entries within a specified table along with `-First-` and `-Last-`. | +| [Order](./ordering.md) | Provides a dropdown list of entries within a specified table along with `-First-` and `-Last-`. | | [Password](./password.md) | Provides a text box for entry of a password. The password characters will be obscured as they are entered. | | [Plugins](./plugins.md) | Provides a list of plugins from a given folder. | | [Plugin Status](./pluginstatus.md) | Provides a list box of statuses. | @@ -83,7 +83,7 @@ The following is a full list of all supplied form fields available in this relea | [Template Style](./templatestyle.md) | Provides a drop down list of template styles. | | [Text Area](./textarea.md) | Provides a text area for entry of multi-line text. | | [Text](./text.md) | Provides a text box for data entry. | -| [Time](./time) | Provides a select list of integers with specified first, last and step values. | +| [Time](./time.md) | Provides a select list of integers with specified first, last and step values. | | [Timezone](./timezone.md) | Provides a drop down list of time zones. | | [Transition](./transition.md) | Provides a grouped list of all work flow transitions from one stage to the next grouped by stage title | | [Url](./url.md) | Provides a URL text input field. | diff --git a/docs/general-concepts/forms/manipulating-forms.md b/docs/general-concepts/forms/manipulating-forms.md index f0dc58d6..0fc2f5fb 100644 --- a/docs/general-concepts/forms/manipulating-forms.md +++ b/docs/general-concepts/forms/manipulating-forms.md @@ -107,6 +107,44 @@ You can thus set the default attribute using `setFieldAttribute()`, but to set t ### Removing Fields You can remove fields from the Form definition by calling `removeField()` to remove a specific field or `removeGroup()` to remove all the fields within a specified field group. +## Control fields +While the form fields used for data handling in the Model, the Controller also requires a few fields, like `task`, `return`, and CSRF token. +Previously these fields were coded directly in to the form layout. + +Form class provides a methods to manage these control fields programmatically: +- `addControlField()` add control field to the form; +- `removeControlField()` remove control field from the form; +- `getControlFields()` get list of control fields in the form; +- `renderControlFields()` render the control fields; + +While rendering the control fields the CSRF token will always be rendered, no need to add it to list of control fields. +The name `joomla.form.token` is reserved in the control fields list for Joomla default CSRF token field. +When in some reason need to remove default CSRF token then use `$form->removeControlField('joomla.form.token');` to remove it. + +### Use of control fields example + +Before: +```html + + + + +``` + +With control fields: +```php +// Code in Controller/View +$this->form + ->addControlField('task', '') + ->addControlField('foo', 'bar') + ->addControlField('return', $input->getBase64('return', '')); + +// Code in the form layout +echo $this->form->renderControlFields(); +``` + + + ## Reflection Methods There are a number of methods which allow you to access various aspects of the Form instance data. Mostly these are fairly straightforward to understand, and only cases where it may not be totally clear are explained below. diff --git a/docs/general-concepts/javascript/ajax.md b/docs/general-concepts/javascript/ajax.md index 6aa527a6..df0df392 100644 --- a/docs/general-concepts/javascript/ajax.md +++ b/docs/general-concepts/javascript/ajax.md @@ -31,7 +31,7 @@ Within your component you should use the [MVC approach](../../building-extension and split your functionality into different Controllers, Models and Views. The default Joomla [Extension/Dispatcher](../extension-and-dispatcher/index.md) code uses the URL -[`task` parameter](../../building-extensions/components/mvc/mvc-overview#the-http-request-task-parameter) +[`task` parameter](../../building-extensions/components/mvc/mvc-overview.md#the-http-request-task-parameter) to determine the Controller class to instantiate and the method within that Controller to call. For example, if you set the `task` parameter to "ajax.divide" then the default Dispatcher code will instantiate your AjaxController and call its `divide` instance method. diff --git a/docs/general-concepts/javascript/js-library/joomla-dialog.md b/docs/general-concepts/javascript/js-library/joomla-dialog.md index 92dc4feb..a042d350 100644 --- a/docs/general-concepts/javascript/js-library/joomla-dialog.md +++ b/docs/general-concepts/javascript/js-library/joomla-dialog.md @@ -3,7 +3,7 @@ Joomla Dialog (popup) script Joomla Dialog module provides a functionality which allows to display various Dialogs (popup) windows. -To add Joomla Dialog module to the page use [WebAssetManager](../../web-asset-manager) `$wa->useScript('joomla.dialog')`, +To add Joomla Dialog module to the page use [WebAssetManager](../../web-asset-manager.md) `$wa->useScript('joomla.dialog')`, and to enable auto binding of the buttons on the page use `$wa->useScript('joomla.dialog-autocreate')`. Joomla Dialog allows to display dialogs with following content: diff --git a/docs/security/common-vulnerabilities.md b/docs/security/common-vulnerabilities.md index 7125718e..0a13b670 100644 --- a/docs/security/common-vulnerabilities.md +++ b/docs/security/common-vulnerabilities.md @@ -25,7 +25,7 @@ With the output template given above, the JS provided by the user will be output ### Prevention #### Filter/validate the user input In the example above, the provided subject should be filtered and/or validated to only allow required characters - and it should disallow characters that are needed to create HTML tags, i.e. the `<` and `>` characters. -If the user input can contain HTML markup, the markup itself has to be filtered to make sure it only contains safe markup. See [the chapter about input handling](input-handling) for more information. +If the user input can contain HTML markup, the markup itself has to be filtered to make sure it only contains safe markup. See [the chapter about input handling](input-handling.md) for more information. #### Escape the output Unless user generated markup is specifically needed (i.e. because the user can use a WYSIWYG editor) it's highly recommended to escape each and every snippet of user provided content. @@ -36,7 +36,7 @@ To escape user content in Joomla, use the ```echo $this->escape($evilString)``` ## SQL injections / SQLi A SQL injection attack is a type of vulnerability where an attacker is able to manipulate a SQL query by injecting user controlled content. -Learn more about this attack scenario and the prevention in [the chapter about secure DB queries](secure-db-queries). +Learn more about this attack scenario and the prevention in [the chapter about secure DB queries](secure-db-queries.md). ## Unrestricted file uploads Uploading user provided files to a webservers is a potentially dangerous task as it exposes multiple attack vectors at once: @@ -50,4 +50,4 @@ Therefore file uploads must be very carefully implemented. Check the ```canUploa CSRF is an attack type where an HTML form on an external, attacker-controlled site is used to perform an attack against a target site. ### Prevention -Learn more about this in the [CSRF chapter](csrf-protection) of this manual. \ No newline at end of file +Learn more about this in the [CSRF chapter](csrf-protection.md) of this manual. \ No newline at end of file diff --git a/docs/security/forms.md b/docs/security/forms.md index f39a6bfa..43c8f4d3 100644 --- a/docs/security/forms.md +++ b/docs/security/forms.md @@ -4,4 +4,4 @@ sidebar_position: 6 Forms & Validations ====================== -See the [form validation chapter for further information](../general-concepts/forms/server-side-validation). +See the [form validation chapter for further information](../general-concepts/forms/server-side-validation.md). diff --git a/docs/security/input-handling.md b/docs/security/input-handling.md index ca27ffba..6835263d 100644 --- a/docs/security/input-handling.md +++ b/docs/security/input-handling.md @@ -5,4 +5,4 @@ sidebar_position: 3 Input Handling ====================== -See the [Input chapter for further information](../general-concepts/input). \ No newline at end of file +See the [Input chapter for further information](../general-concepts/input.md). \ No newline at end of file diff --git a/docusaurus.config.js b/docusaurus.config.js index f1f94cc8..61b7487f 100644 --- a/docusaurus.config.js +++ b/docusaurus.config.js @@ -62,6 +62,7 @@ const config = { organizationName: 'joomla', projectName: 'joomla-cms', url: 'https://manual.joomla.org', + trailingSlash: true, baseUrl: '/', onBrokenLinks: 'throw', onBrokenMarkdownLinks: 'warn', @@ -88,22 +89,27 @@ const config = { versions: { 'current': { label: '5.3 (Upcoming)', - banner: 'unreleased' + banner: 'unreleased', + noIndex: false, }, '5.2': { label: '5.2 (Current)', + noIndex: false, }, '5.1': { label: '5.1 (Archived)', - banner: 'unmaintained' + banner: 'unmaintained', + noIndex: true, }, '5.0': { label: '5.0 (Archived)', - banner: 'unmaintained' + banner: 'unmaintained', + noIndex: true, }, '4.4': { label: '4.4 (Security)', - banner: 'none' + banner: 'none', + noIndex: false, }, }, /* onlyIncludeVersions: ['current', '5.2', '4.4'], */ diff --git a/migrations/52-53/new-features.md b/migrations/52-53/new-features.md index 2c0ca078..994b578f 100644 --- a/migrations/52-53/new-features.md +++ b/migrations/52-53/new-features.md @@ -22,3 +22,32 @@ To add it to existing installation, need to: PR: https://github.com/joomla/joomla-cms/pull/43532 + +#### Form control fields + +New methods to manage form control fields. +More detail at [Form Control fields](../../docs/general-concepts/forms/manipulating-forms#control-fields) + +PR: https://github.com/joomla/joomla-cms/pull/43857 + +**Example** + +Before: +```html + + + + +``` + +After: +```php +// Code in Controller/View +$this->form + ->addControlField('task', '') + ->addControlField('foo', 'bar') + ->addControlField('return', $input->getBase64('return', '')); + +// Code in the form layout +echo $this->form->renderControlFields(); +``` diff --git a/versioned_docs/version-4.4/building-extensions/components/component-examples/ajaxdemo.md b/versioned_docs/version-4.4/building-extensions/components/component-examples/ajaxdemo.md index 61a20fb2..1677533c 100644 --- a/versioned_docs/version-4.4/building-extensions/components/component-examples/ajaxdemo.md +++ b/versioned_docs/version-4.4/building-extensions/components/component-examples/ajaxdemo.md @@ -63,7 +63,7 @@ Path: components/com_ajaxdemo/tmpl/ajaxdemo/default.php This uses the [Web Asset Manager](../../../general-concepts/web-asset-manager.md) to attach the JavaScript divide.js which initiates the Ajax call. -It passes the root URL of your Joomla instance to the JavaScript code using [passing variables to Javascript](../../../general-concepts/javascript/adding-javascript#passing-variables-to-javascript) +It passes the root URL of your Joomla instance to the JavaScript code using [passing variables to Javascript](../../../general-concepts/javascript/adding-javascript.md#passing-variables-to-javascript) as this makes the job of forming the URLs easier. Then it outputs the `` html, including the button with the onclick listener to run the divide.js code. diff --git a/versioned_docs/version-4.4/building-extensions/plugins/basic-content-plugin.md b/versioned_docs/version-4.4/building-extensions/plugins/basic-content-plugin.md index be1f6544..539d890f 100644 --- a/versioned_docs/version-4.4/building-extensions/plugins/basic-content-plugin.md +++ b/versioned_docs/version-4.4/building-extensions/plugins/basic-content-plugin.md @@ -173,7 +173,7 @@ Ensure that this matches your class in your `src/Extension` directory. ## Extension Class This is the main code of the plugin. Hopefully the comments in the code explain what is going on. -As explained in [Joomla 4 and 5 changes](./joomla-4-and-5-changes), code which triggers the Events can use a `GenericEvent` or a concrete Event, eg `ContentPrepareEvent`. In both these cases you can get the arguments using +As explained in [Joomla 4 and 5 changes](./joomla-4-and-5-changes.md), code which triggers the Events can use a `GenericEvent` or a concrete Event, eg `ContentPrepareEvent`. In both these cases you can get the arguments using ```php [$context, $article, $params, $page] = array_values($event->getArguments()); diff --git a/versioned_docs/version-4.4/general-concepts/forms-fields/standard-fields/index.md b/versioned_docs/version-4.4/general-concepts/forms-fields/standard-fields/index.md index 968bb2e2..673c3b0f 100644 --- a/versioned_docs/version-4.4/general-concepts/forms-fields/standard-fields/index.md +++ b/versioned_docs/version-4.4/general-concepts/forms-fields/standard-fields/index.md @@ -60,7 +60,7 @@ The following is a full list of all supplied form fields available in this relea | [Module Tag](./moduletag.md) | Provides a list of html5 elements (used to wrap a module in). | | [Note](./note.md) | Provides a one line text field. | | [Number](./number.md) | Provides a one line text box with up-down handles to set a number in the field. | -| [Order](./ordering) | Provides a dropdown list of entries within a specified table along with `-First-` and `-Last-`. | +| [Order](./ordering.md) | Provides a dropdown list of entries within a specified table along with `-First-` and `-Last-`. | | [Password](./password.md) | Provides a text box for entry of a password. The password characters will be obscured as they are entered. | | [Plugins](./plugins.md) | Provides a list of plugins from a given folder. | | [Plugin Status](./pluginstatus.md) | Provides a list box of statuses. | @@ -81,7 +81,7 @@ The following is a full list of all supplied form fields available in this relea | [Template Style](./templatestyle.md) | Provides a drop down list of template styles. | | [Text Area](./textarea.md) | Provides a text area for entry of multi-line text. | | [Text](./text.md) | Provides a text box for data entry. | -| [Time](./time) | Provides a select list of integers with specified first, last and step values. | +| [Time](./time.md) | Provides a select list of integers with specified first, last and step values. | | [Timezone](./timezone.md) | Provides a drop down list of time zones. | | [Transition](./transition.md) | Provides a grouped list of all work flow transitions from one stage to the next grouped by stage title | | [Url](./url.md) | Provides a URL text input field. | diff --git a/versioned_docs/version-4.4/general-concepts/javascript/ajax.md b/versioned_docs/version-4.4/general-concepts/javascript/ajax.md index 6aa527a6..df0df392 100644 --- a/versioned_docs/version-4.4/general-concepts/javascript/ajax.md +++ b/versioned_docs/version-4.4/general-concepts/javascript/ajax.md @@ -31,7 +31,7 @@ Within your component you should use the [MVC approach](../../building-extension and split your functionality into different Controllers, Models and Views. The default Joomla [Extension/Dispatcher](../extension-and-dispatcher/index.md) code uses the URL -[`task` parameter](../../building-extensions/components/mvc/mvc-overview#the-http-request-task-parameter) +[`task` parameter](../../building-extensions/components/mvc/mvc-overview.md#the-http-request-task-parameter) to determine the Controller class to instantiate and the method within that Controller to call. For example, if you set the `task` parameter to "ajax.divide" then the default Dispatcher code will instantiate your AjaxController and call its `divide` instance method. diff --git a/versioned_docs/version-4.4/general-concepts/javascript/js-library/joomla-dialog.md b/versioned_docs/version-4.4/general-concepts/javascript/js-library/joomla-dialog.md index 92dc4feb..a042d350 100644 --- a/versioned_docs/version-4.4/general-concepts/javascript/js-library/joomla-dialog.md +++ b/versioned_docs/version-4.4/general-concepts/javascript/js-library/joomla-dialog.md @@ -3,7 +3,7 @@ Joomla Dialog (popup) script Joomla Dialog module provides a functionality which allows to display various Dialogs (popup) windows. -To add Joomla Dialog module to the page use [WebAssetManager](../../web-asset-manager) `$wa->useScript('joomla.dialog')`, +To add Joomla Dialog module to the page use [WebAssetManager](../../web-asset-manager.md) `$wa->useScript('joomla.dialog')`, and to enable auto binding of the buttons on the page use `$wa->useScript('joomla.dialog-autocreate')`. Joomla Dialog allows to display dialogs with following content: diff --git a/versioned_docs/version-4.4/security/common-vulnerabilities.md b/versioned_docs/version-4.4/security/common-vulnerabilities.md index 7125718e..0a13b670 100644 --- a/versioned_docs/version-4.4/security/common-vulnerabilities.md +++ b/versioned_docs/version-4.4/security/common-vulnerabilities.md @@ -25,7 +25,7 @@ With the output template given above, the JS provided by the user will be output ### Prevention #### Filter/validate the user input In the example above, the provided subject should be filtered and/or validated to only allow required characters - and it should disallow characters that are needed to create HTML tags, i.e. the `<` and `>` characters. -If the user input can contain HTML markup, the markup itself has to be filtered to make sure it only contains safe markup. See [the chapter about input handling](input-handling) for more information. +If the user input can contain HTML markup, the markup itself has to be filtered to make sure it only contains safe markup. See [the chapter about input handling](input-handling.md) for more information. #### Escape the output Unless user generated markup is specifically needed (i.e. because the user can use a WYSIWYG editor) it's highly recommended to escape each and every snippet of user provided content. @@ -36,7 +36,7 @@ To escape user content in Joomla, use the ```echo $this->escape($evilString)``` ## SQL injections / SQLi A SQL injection attack is a type of vulnerability where an attacker is able to manipulate a SQL query by injecting user controlled content. -Learn more about this attack scenario and the prevention in [the chapter about secure DB queries](secure-db-queries). +Learn more about this attack scenario and the prevention in [the chapter about secure DB queries](secure-db-queries.md). ## Unrestricted file uploads Uploading user provided files to a webservers is a potentially dangerous task as it exposes multiple attack vectors at once: @@ -50,4 +50,4 @@ Therefore file uploads must be very carefully implemented. Check the ```canUploa CSRF is an attack type where an HTML form on an external, attacker-controlled site is used to perform an attack against a target site. ### Prevention -Learn more about this in the [CSRF chapter](csrf-protection) of this manual. \ No newline at end of file +Learn more about this in the [CSRF chapter](csrf-protection.md) of this manual. \ No newline at end of file diff --git a/versioned_docs/version-4.4/security/forms.md b/versioned_docs/version-4.4/security/forms.md index f39a6bfa..43c8f4d3 100644 --- a/versioned_docs/version-4.4/security/forms.md +++ b/versioned_docs/version-4.4/security/forms.md @@ -4,4 +4,4 @@ sidebar_position: 6 Forms & Validations ====================== -See the [form validation chapter for further information](../general-concepts/forms/server-side-validation). +See the [form validation chapter for further information](../general-concepts/forms/server-side-validation.md). diff --git a/versioned_docs/version-4.4/security/input-handling.md b/versioned_docs/version-4.4/security/input-handling.md index ca27ffba..6835263d 100644 --- a/versioned_docs/version-4.4/security/input-handling.md +++ b/versioned_docs/version-4.4/security/input-handling.md @@ -5,4 +5,4 @@ sidebar_position: 3 Input Handling ====================== -See the [Input chapter for further information](../general-concepts/input). \ No newline at end of file +See the [Input chapter for further information](../general-concepts/input.md). \ No newline at end of file diff --git a/versioned_docs/version-5.0/building-extensions/plugins/basic-content-plugin.md b/versioned_docs/version-5.0/building-extensions/plugins/basic-content-plugin.md index 8df6db8f..d1ef4899 100644 --- a/versioned_docs/version-5.0/building-extensions/plugins/basic-content-plugin.md +++ b/versioned_docs/version-5.0/building-extensions/plugins/basic-content-plugin.md @@ -169,7 +169,7 @@ Ensure that this matches your class in your `src/Extension` directory. ## Extension Class This is the main code of the plugin. Hopefully the comments in the code explain what is going on. -As explained in [Joomla 4 and 5 changes](./joomla-4-and-5-changes), code which triggers the Events can use a `GenericEvent` or a concrete Event, eg `ContentPrepareEvent`. In both these cases you can get the arguments using +As explained in [Joomla 4 and 5 changes](./joomla-4-and-5-changes.md), code which triggers the Events can use a `GenericEvent` or a concrete Event, eg `ContentPrepareEvent`. In both these cases you can get the arguments using ```php [$context, $article, $params, $page] = array_values($event->getArguments()); diff --git a/versioned_docs/version-5.0/general-concepts/forms-fields/standard-fields/index.md b/versioned_docs/version-5.0/general-concepts/forms-fields/standard-fields/index.md index 8ef4c973..71f62131 100644 --- a/versioned_docs/version-5.0/general-concepts/forms-fields/standard-fields/index.md +++ b/versioned_docs/version-5.0/general-concepts/forms-fields/standard-fields/index.md @@ -60,7 +60,7 @@ The following is a full list of all supplied form fields available in this relea | [Module Tag](./moduletag.md) | Provides a list of html5 elements (used to wrap a module in). | | [Note](./note.md) | Provides a one line text field. | | [Number](./number.md) | Provides a one line text box with up-down handles to set a number in the field. | -| [Order](./ordering) | Provides a dropdown list of entries within a specified table along with `-First-` and `-Last-`. | +| [Order](./ordering.md) | Provides a dropdown list of entries within a specified table along with `-First-` and `-Last-`. | | [Password](./password.md) | Provides a text box for entry of a password. The password characters will be obscured as they are entered. | | [Plugins](./plugins.md) | Provides a list of plugins from a given folder. | | [Plugin Status](./pluginstatus.md) | Provides a list box of statuses. | @@ -82,7 +82,7 @@ The following is a full list of all supplied form fields available in this relea | [Template Style](./templatestyle.md) | Provides a drop down list of template styles. | | [Text Area](./textarea.md) | Provides a text area for entry of multi-line text. | | [Text](./text.md) | Provides a text box for data entry. | -| [Time](./time) | Provides a select list of integers with specified first, last and step values. | +| [Time](./time.md) | Provides a select list of integers with specified first, last and step values. | | [Timezone](./timezone.md) | Provides a drop down list of time zones. | | [Transition](./transition.md) | Provides a grouped list of all work flow transitions from one stage to the next grouped by stage title | | [Url](./url.md) | Provides a URL text input field. | diff --git a/versioned_docs/version-5.0/general-concepts/javascript/js-library/joomla-dialog.md b/versioned_docs/version-5.0/general-concepts/javascript/js-library/joomla-dialog.md index 92dc4feb..a042d350 100644 --- a/versioned_docs/version-5.0/general-concepts/javascript/js-library/joomla-dialog.md +++ b/versioned_docs/version-5.0/general-concepts/javascript/js-library/joomla-dialog.md @@ -3,7 +3,7 @@ Joomla Dialog (popup) script Joomla Dialog module provides a functionality which allows to display various Dialogs (popup) windows. -To add Joomla Dialog module to the page use [WebAssetManager](../../web-asset-manager) `$wa->useScript('joomla.dialog')`, +To add Joomla Dialog module to the page use [WebAssetManager](../../web-asset-manager.md) `$wa->useScript('joomla.dialog')`, and to enable auto binding of the buttons on the page use `$wa->useScript('joomla.dialog-autocreate')`. Joomla Dialog allows to display dialogs with following content: diff --git a/versioned_docs/version-5.0/security/common-vulnerabilities.md b/versioned_docs/version-5.0/security/common-vulnerabilities.md index 7125718e..0a13b670 100644 --- a/versioned_docs/version-5.0/security/common-vulnerabilities.md +++ b/versioned_docs/version-5.0/security/common-vulnerabilities.md @@ -25,7 +25,7 @@ With the output template given above, the JS provided by the user will be output ### Prevention #### Filter/validate the user input In the example above, the provided subject should be filtered and/or validated to only allow required characters - and it should disallow characters that are needed to create HTML tags, i.e. the `<` and `>` characters. -If the user input can contain HTML markup, the markup itself has to be filtered to make sure it only contains safe markup. See [the chapter about input handling](input-handling) for more information. +If the user input can contain HTML markup, the markup itself has to be filtered to make sure it only contains safe markup. See [the chapter about input handling](input-handling.md) for more information. #### Escape the output Unless user generated markup is specifically needed (i.e. because the user can use a WYSIWYG editor) it's highly recommended to escape each and every snippet of user provided content. @@ -36,7 +36,7 @@ To escape user content in Joomla, use the ```echo $this->escape($evilString)``` ## SQL injections / SQLi A SQL injection attack is a type of vulnerability where an attacker is able to manipulate a SQL query by injecting user controlled content. -Learn more about this attack scenario and the prevention in [the chapter about secure DB queries](secure-db-queries). +Learn more about this attack scenario and the prevention in [the chapter about secure DB queries](secure-db-queries.md). ## Unrestricted file uploads Uploading user provided files to a webservers is a potentially dangerous task as it exposes multiple attack vectors at once: @@ -50,4 +50,4 @@ Therefore file uploads must be very carefully implemented. Check the ```canUploa CSRF is an attack type where an HTML form on an external, attacker-controlled site is used to perform an attack against a target site. ### Prevention -Learn more about this in the [CSRF chapter](csrf-protection) of this manual. \ No newline at end of file +Learn more about this in the [CSRF chapter](csrf-protection.md) of this manual. \ No newline at end of file diff --git a/versioned_docs/version-5.0/security/forms.md b/versioned_docs/version-5.0/security/forms.md index f39a6bfa..43c8f4d3 100644 --- a/versioned_docs/version-5.0/security/forms.md +++ b/versioned_docs/version-5.0/security/forms.md @@ -4,4 +4,4 @@ sidebar_position: 6 Forms & Validations ====================== -See the [form validation chapter for further information](../general-concepts/forms/server-side-validation). +See the [form validation chapter for further information](../general-concepts/forms/server-side-validation.md). diff --git a/versioned_docs/version-5.0/security/input-handling.md b/versioned_docs/version-5.0/security/input-handling.md index ca27ffba..6835263d 100644 --- a/versioned_docs/version-5.0/security/input-handling.md +++ b/versioned_docs/version-5.0/security/input-handling.md @@ -5,4 +5,4 @@ sidebar_position: 3 Input Handling ====================== -See the [Input chapter for further information](../general-concepts/input). \ No newline at end of file +See the [Input chapter for further information](../general-concepts/input.md). \ No newline at end of file diff --git a/versioned_docs/version-5.1/building-extensions/components/component-examples/ajaxdemo.md b/versioned_docs/version-5.1/building-extensions/components/component-examples/ajaxdemo.md index 61a20fb2..1677533c 100644 --- a/versioned_docs/version-5.1/building-extensions/components/component-examples/ajaxdemo.md +++ b/versioned_docs/version-5.1/building-extensions/components/component-examples/ajaxdemo.md @@ -63,7 +63,7 @@ Path: components/com_ajaxdemo/tmpl/ajaxdemo/default.php This uses the [Web Asset Manager](../../../general-concepts/web-asset-manager.md) to attach the JavaScript divide.js which initiates the Ajax call. -It passes the root URL of your Joomla instance to the JavaScript code using [passing variables to Javascript](../../../general-concepts/javascript/adding-javascript#passing-variables-to-javascript) +It passes the root URL of your Joomla instance to the JavaScript code using [passing variables to Javascript](../../../general-concepts/javascript/adding-javascript.md#passing-variables-to-javascript) as this makes the job of forming the URLs easier. Then it outputs the `` html, including the button with the onclick listener to run the divide.js code. diff --git a/versioned_docs/version-5.1/building-extensions/plugins/basic-content-plugin.md b/versioned_docs/version-5.1/building-extensions/plugins/basic-content-plugin.md index 0a4dc6f9..0b6febc6 100644 --- a/versioned_docs/version-5.1/building-extensions/plugins/basic-content-plugin.md +++ b/versioned_docs/version-5.1/building-extensions/plugins/basic-content-plugin.md @@ -173,7 +173,7 @@ Ensure that this matches your class in your `src/Extension` directory. ## Extension Class This is the main code of the plugin. Hopefully the comments in the code explain what is going on. -As explained in [Joomla 4 and 5 changes](./joomla-4-and-5-changes), code which triggers the Events can use a `GenericEvent` or a concrete Event, eg `ContentPrepareEvent`. In both these cases you can get the arguments using +As explained in [Joomla 4 and 5 changes](./joomla-4-and-5-changes.md), code which triggers the Events can use a `GenericEvent` or a concrete Event, eg `ContentPrepareEvent`. In both these cases you can get the arguments using ```php [$context, $article, $params, $page] = array_values($event->getArguments()); diff --git a/versioned_docs/version-5.1/general-concepts/forms-fields/standard-fields/index.md b/versioned_docs/version-5.1/general-concepts/forms-fields/standard-fields/index.md index 8ef4c973..71f62131 100644 --- a/versioned_docs/version-5.1/general-concepts/forms-fields/standard-fields/index.md +++ b/versioned_docs/version-5.1/general-concepts/forms-fields/standard-fields/index.md @@ -60,7 +60,7 @@ The following is a full list of all supplied form fields available in this relea | [Module Tag](./moduletag.md) | Provides a list of html5 elements (used to wrap a module in). | | [Note](./note.md) | Provides a one line text field. | | [Number](./number.md) | Provides a one line text box with up-down handles to set a number in the field. | -| [Order](./ordering) | Provides a dropdown list of entries within a specified table along with `-First-` and `-Last-`. | +| [Order](./ordering.md) | Provides a dropdown list of entries within a specified table along with `-First-` and `-Last-`. | | [Password](./password.md) | Provides a text box for entry of a password. The password characters will be obscured as they are entered. | | [Plugins](./plugins.md) | Provides a list of plugins from a given folder. | | [Plugin Status](./pluginstatus.md) | Provides a list box of statuses. | @@ -82,7 +82,7 @@ The following is a full list of all supplied form fields available in this relea | [Template Style](./templatestyle.md) | Provides a drop down list of template styles. | | [Text Area](./textarea.md) | Provides a text area for entry of multi-line text. | | [Text](./text.md) | Provides a text box for data entry. | -| [Time](./time) | Provides a select list of integers with specified first, last and step values. | +| [Time](./time.md) | Provides a select list of integers with specified first, last and step values. | | [Timezone](./timezone.md) | Provides a drop down list of time zones. | | [Transition](./transition.md) | Provides a grouped list of all work flow transitions from one stage to the next grouped by stage title | | [Url](./url.md) | Provides a URL text input field. | diff --git a/versioned_docs/version-5.1/general-concepts/javascript/ajax.md b/versioned_docs/version-5.1/general-concepts/javascript/ajax.md index 6aa527a6..df0df392 100644 --- a/versioned_docs/version-5.1/general-concepts/javascript/ajax.md +++ b/versioned_docs/version-5.1/general-concepts/javascript/ajax.md @@ -31,7 +31,7 @@ Within your component you should use the [MVC approach](../../building-extension and split your functionality into different Controllers, Models and Views. The default Joomla [Extension/Dispatcher](../extension-and-dispatcher/index.md) code uses the URL -[`task` parameter](../../building-extensions/components/mvc/mvc-overview#the-http-request-task-parameter) +[`task` parameter](../../building-extensions/components/mvc/mvc-overview.md#the-http-request-task-parameter) to determine the Controller class to instantiate and the method within that Controller to call. For example, if you set the `task` parameter to "ajax.divide" then the default Dispatcher code will instantiate your AjaxController and call its `divide` instance method. diff --git a/versioned_docs/version-5.1/general-concepts/javascript/js-library/joomla-dialog.md b/versioned_docs/version-5.1/general-concepts/javascript/js-library/joomla-dialog.md index 92dc4feb..a042d350 100644 --- a/versioned_docs/version-5.1/general-concepts/javascript/js-library/joomla-dialog.md +++ b/versioned_docs/version-5.1/general-concepts/javascript/js-library/joomla-dialog.md @@ -3,7 +3,7 @@ Joomla Dialog (popup) script Joomla Dialog module provides a functionality which allows to display various Dialogs (popup) windows. -To add Joomla Dialog module to the page use [WebAssetManager](../../web-asset-manager) `$wa->useScript('joomla.dialog')`, +To add Joomla Dialog module to the page use [WebAssetManager](../../web-asset-manager.md) `$wa->useScript('joomla.dialog')`, and to enable auto binding of the buttons on the page use `$wa->useScript('joomla.dialog-autocreate')`. Joomla Dialog allows to display dialogs with following content: diff --git a/versioned_docs/version-5.1/security/common-vulnerabilities.md b/versioned_docs/version-5.1/security/common-vulnerabilities.md index 7125718e..0a13b670 100644 --- a/versioned_docs/version-5.1/security/common-vulnerabilities.md +++ b/versioned_docs/version-5.1/security/common-vulnerabilities.md @@ -25,7 +25,7 @@ With the output template given above, the JS provided by the user will be output ### Prevention #### Filter/validate the user input In the example above, the provided subject should be filtered and/or validated to only allow required characters - and it should disallow characters that are needed to create HTML tags, i.e. the `<` and `>` characters. -If the user input can contain HTML markup, the markup itself has to be filtered to make sure it only contains safe markup. See [the chapter about input handling](input-handling) for more information. +If the user input can contain HTML markup, the markup itself has to be filtered to make sure it only contains safe markup. See [the chapter about input handling](input-handling.md) for more information. #### Escape the output Unless user generated markup is specifically needed (i.e. because the user can use a WYSIWYG editor) it's highly recommended to escape each and every snippet of user provided content. @@ -36,7 +36,7 @@ To escape user content in Joomla, use the ```echo $this->escape($evilString)``` ## SQL injections / SQLi A SQL injection attack is a type of vulnerability where an attacker is able to manipulate a SQL query by injecting user controlled content. -Learn more about this attack scenario and the prevention in [the chapter about secure DB queries](secure-db-queries). +Learn more about this attack scenario and the prevention in [the chapter about secure DB queries](secure-db-queries.md). ## Unrestricted file uploads Uploading user provided files to a webservers is a potentially dangerous task as it exposes multiple attack vectors at once: @@ -50,4 +50,4 @@ Therefore file uploads must be very carefully implemented. Check the ```canUploa CSRF is an attack type where an HTML form on an external, attacker-controlled site is used to perform an attack against a target site. ### Prevention -Learn more about this in the [CSRF chapter](csrf-protection) of this manual. \ No newline at end of file +Learn more about this in the [CSRF chapter](csrf-protection.md) of this manual. \ No newline at end of file diff --git a/versioned_docs/version-5.1/security/forms.md b/versioned_docs/version-5.1/security/forms.md index f39a6bfa..43c8f4d3 100644 --- a/versioned_docs/version-5.1/security/forms.md +++ b/versioned_docs/version-5.1/security/forms.md @@ -4,4 +4,4 @@ sidebar_position: 6 Forms & Validations ====================== -See the [form validation chapter for further information](../general-concepts/forms/server-side-validation). +See the [form validation chapter for further information](../general-concepts/forms/server-side-validation.md). diff --git a/versioned_docs/version-5.1/security/input-handling.md b/versioned_docs/version-5.1/security/input-handling.md index ca27ffba..6835263d 100644 --- a/versioned_docs/version-5.1/security/input-handling.md +++ b/versioned_docs/version-5.1/security/input-handling.md @@ -5,4 +5,4 @@ sidebar_position: 3 Input Handling ====================== -See the [Input chapter for further information](../general-concepts/input). \ No newline at end of file +See the [Input chapter for further information](../general-concepts/input.md). \ No newline at end of file diff --git a/versioned_docs/version-5.2/building-extensions/components/component-examples/ajaxdemo.md b/versioned_docs/version-5.2/building-extensions/components/component-examples/ajaxdemo.md index 61a20fb2..1677533c 100644 --- a/versioned_docs/version-5.2/building-extensions/components/component-examples/ajaxdemo.md +++ b/versioned_docs/version-5.2/building-extensions/components/component-examples/ajaxdemo.md @@ -63,7 +63,7 @@ Path: components/com_ajaxdemo/tmpl/ajaxdemo/default.php This uses the [Web Asset Manager](../../../general-concepts/web-asset-manager.md) to attach the JavaScript divide.js which initiates the Ajax call. -It passes the root URL of your Joomla instance to the JavaScript code using [passing variables to Javascript](../../../general-concepts/javascript/adding-javascript#passing-variables-to-javascript) +It passes the root URL of your Joomla instance to the JavaScript code using [passing variables to Javascript](../../../general-concepts/javascript/adding-javascript.md#passing-variables-to-javascript) as this makes the job of forming the URLs easier. Then it outputs the `` html, including the button with the onclick listener to run the divide.js code. diff --git a/versioned_docs/version-5.2/building-extensions/plugins/basic-content-plugin.md b/versioned_docs/version-5.2/building-extensions/plugins/basic-content-plugin.md index 0a4dc6f9..0b6febc6 100644 --- a/versioned_docs/version-5.2/building-extensions/plugins/basic-content-plugin.md +++ b/versioned_docs/version-5.2/building-extensions/plugins/basic-content-plugin.md @@ -173,7 +173,7 @@ Ensure that this matches your class in your `src/Extension` directory. ## Extension Class This is the main code of the plugin. Hopefully the comments in the code explain what is going on. -As explained in [Joomla 4 and 5 changes](./joomla-4-and-5-changes), code which triggers the Events can use a `GenericEvent` or a concrete Event, eg `ContentPrepareEvent`. In both these cases you can get the arguments using +As explained in [Joomla 4 and 5 changes](./joomla-4-and-5-changes.md), code which triggers the Events can use a `GenericEvent` or a concrete Event, eg `ContentPrepareEvent`. In both these cases you can get the arguments using ```php [$context, $article, $params, $page] = array_values($event->getArguments()); diff --git a/versioned_docs/version-5.2/general-concepts/forms-fields/standard-fields/index.md b/versioned_docs/version-5.2/general-concepts/forms-fields/standard-fields/index.md index 60a47253..375f2d39 100644 --- a/versioned_docs/version-5.2/general-concepts/forms-fields/standard-fields/index.md +++ b/versioned_docs/version-5.2/general-concepts/forms-fields/standard-fields/index.md @@ -14,8 +14,8 @@ To try out a standard form field you can download the `com_exampleform` componen ## List of Standard Form Fields The following is a full list of all supplied form fields available in this release. -| Type | Description | -|-------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| Type | Description | +|-------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | [Accessible Media](./accessiblemedia.md) | Provides modal access to the media manager for insertion of images with upload for users with appropriate permissions and a text field for adding a alternative text. | | [Access Level](./accesslevel.md) | Provides a drop down list of viewing access levels. | | [Alias Tag](./aliastag.md) | Provides a list box containing specific language definitions. | @@ -54,14 +54,14 @@ The following is a full list of all supplied form fields available in this relea | [Menu](./menu.md) | Provides a drop down list of the available menus from your Joomla site. | | [Menu Item](./menuitem.md) | Provides a drop down list of the available menu items from your Joomla site. | | [Meter](./meter.md) | Provides a meter to show value in a range. | -| [ModalSelect](./modalselect.md) | Provides a field to allow the user to select an item within a modal. | +| [ModalSelect](./modalselect.md) | Provides a field to allow the user to select an item within a modal. | | [Module Layout](./modulelayout.md) | Provides a list of alternative layout for a module grouped by core and template. | | [Module Order](./moduleorder.md) | Provides a drop down to set the ordering of module in a given position | | [Module Position](./moduleposition.md) | Provides a text input to set the position of a module. | | [Module Tag](./moduletag.md) | Provides a list of html5 elements (used to wrap a module in). | | [Note](./note.md) | Provides a one line text field. | | [Number](./number.md) | Provides a one line text box with up-down handles to set a number in the field. | -| [Order](./ordering) | Provides a dropdown list of entries within a specified table along with `-First-` and `-Last-`. | +| [Order](./ordering.md) | Provides a dropdown list of entries within a specified table along with `-First-` and `-Last-`. | | [Password](./password.md) | Provides a text box for entry of a password. The password characters will be obscured as they are entered. | | [Plugins](./plugins.md) | Provides a list of plugins from a given folder. | | [Plugin Status](./pluginstatus.md) | Provides a list box of statuses. | @@ -83,7 +83,7 @@ The following is a full list of all supplied form fields available in this relea | [Template Style](./templatestyle.md) | Provides a drop down list of template styles. | | [Text Area](./textarea.md) | Provides a text area for entry of multi-line text. | | [Text](./text.md) | Provides a text box for data entry. | -| [Time](./time) | Provides a select list of integers with specified first, last and step values. | +| [Time](./time.md) | Provides a select list of integers with specified first, last and step values. | | [Timezone](./timezone.md) | Provides a drop down list of time zones. | | [Transition](./transition.md) | Provides a grouped list of all work flow transitions from one stage to the next grouped by stage title | | [Url](./url.md) | Provides a URL text input field. | diff --git a/versioned_docs/version-5.2/general-concepts/javascript/ajax.md b/versioned_docs/version-5.2/general-concepts/javascript/ajax.md index 6aa527a6..df0df392 100644 --- a/versioned_docs/version-5.2/general-concepts/javascript/ajax.md +++ b/versioned_docs/version-5.2/general-concepts/javascript/ajax.md @@ -31,7 +31,7 @@ Within your component you should use the [MVC approach](../../building-extension and split your functionality into different Controllers, Models and Views. The default Joomla [Extension/Dispatcher](../extension-and-dispatcher/index.md) code uses the URL -[`task` parameter](../../building-extensions/components/mvc/mvc-overview#the-http-request-task-parameter) +[`task` parameter](../../building-extensions/components/mvc/mvc-overview.md#the-http-request-task-parameter) to determine the Controller class to instantiate and the method within that Controller to call. For example, if you set the `task` parameter to "ajax.divide" then the default Dispatcher code will instantiate your AjaxController and call its `divide` instance method. diff --git a/versioned_docs/version-5.2/general-concepts/javascript/js-library/joomla-dialog.md b/versioned_docs/version-5.2/general-concepts/javascript/js-library/joomla-dialog.md index 92dc4feb..a042d350 100644 --- a/versioned_docs/version-5.2/general-concepts/javascript/js-library/joomla-dialog.md +++ b/versioned_docs/version-5.2/general-concepts/javascript/js-library/joomla-dialog.md @@ -3,7 +3,7 @@ Joomla Dialog (popup) script Joomla Dialog module provides a functionality which allows to display various Dialogs (popup) windows. -To add Joomla Dialog module to the page use [WebAssetManager](../../web-asset-manager) `$wa->useScript('joomla.dialog')`, +To add Joomla Dialog module to the page use [WebAssetManager](../../web-asset-manager.md) `$wa->useScript('joomla.dialog')`, and to enable auto binding of the buttons on the page use `$wa->useScript('joomla.dialog-autocreate')`. Joomla Dialog allows to display dialogs with following content: diff --git a/versioned_docs/version-5.2/security/common-vulnerabilities.md b/versioned_docs/version-5.2/security/common-vulnerabilities.md index 7125718e..0a13b670 100644 --- a/versioned_docs/version-5.2/security/common-vulnerabilities.md +++ b/versioned_docs/version-5.2/security/common-vulnerabilities.md @@ -25,7 +25,7 @@ With the output template given above, the JS provided by the user will be output ### Prevention #### Filter/validate the user input In the example above, the provided subject should be filtered and/or validated to only allow required characters - and it should disallow characters that are needed to create HTML tags, i.e. the `<` and `>` characters. -If the user input can contain HTML markup, the markup itself has to be filtered to make sure it only contains safe markup. See [the chapter about input handling](input-handling) for more information. +If the user input can contain HTML markup, the markup itself has to be filtered to make sure it only contains safe markup. See [the chapter about input handling](input-handling.md) for more information. #### Escape the output Unless user generated markup is specifically needed (i.e. because the user can use a WYSIWYG editor) it's highly recommended to escape each and every snippet of user provided content. @@ -36,7 +36,7 @@ To escape user content in Joomla, use the ```echo $this->escape($evilString)``` ## SQL injections / SQLi A SQL injection attack is a type of vulnerability where an attacker is able to manipulate a SQL query by injecting user controlled content. -Learn more about this attack scenario and the prevention in [the chapter about secure DB queries](secure-db-queries). +Learn more about this attack scenario and the prevention in [the chapter about secure DB queries](secure-db-queries.md). ## Unrestricted file uploads Uploading user provided files to a webservers is a potentially dangerous task as it exposes multiple attack vectors at once: @@ -50,4 +50,4 @@ Therefore file uploads must be very carefully implemented. Check the ```canUploa CSRF is an attack type where an HTML form on an external, attacker-controlled site is used to perform an attack against a target site. ### Prevention -Learn more about this in the [CSRF chapter](csrf-protection) of this manual. \ No newline at end of file +Learn more about this in the [CSRF chapter](csrf-protection.md) of this manual. \ No newline at end of file diff --git a/versioned_docs/version-5.2/security/forms.md b/versioned_docs/version-5.2/security/forms.md index f39a6bfa..43c8f4d3 100644 --- a/versioned_docs/version-5.2/security/forms.md +++ b/versioned_docs/version-5.2/security/forms.md @@ -4,4 +4,4 @@ sidebar_position: 6 Forms & Validations ====================== -See the [form validation chapter for further information](../general-concepts/forms/server-side-validation). +See the [form validation chapter for further information](../general-concepts/forms/server-side-validation.md). diff --git a/versioned_docs/version-5.2/security/input-handling.md b/versioned_docs/version-5.2/security/input-handling.md index ca27ffba..6835263d 100644 --- a/versioned_docs/version-5.2/security/input-handling.md +++ b/versioned_docs/version-5.2/security/input-handling.md @@ -5,4 +5,4 @@ sidebar_position: 3 Input Handling ====================== -See the [Input chapter for further information](../general-concepts/input). \ No newline at end of file +See the [Input chapter for further information](../general-concepts/input.md). \ No newline at end of file