Merge branch 'master' of github.com:Shaarli/Shaarli

2020-11-17 09:31:12 -05:00 · 2020-11-17 09:31:12 -05:00 · b2eb77e1f7
parent 49da2ffbce 51580efbff
commit b2eb77e1f7
189 changed files with 7325 additions and 1694 deletions
--- a/.docker/nginx.conf
+++ b/.docker/nginx.conf
@ -23,21 +23,7 @@ http {
        access_log  /var/log/nginx/shaarli.access.log;
        error_log   /var/log/nginx/shaarli.error.log;
-        location ~ /\. {
+        location ~* \.(?:ico|css|js|gif|jpe?g|png|ttf|oet|woff2?)$ {
            # deny access to dotfiles
            access_log off;
            log_not_found off;
            deny all;
        }
        location ~ ~$ {
            # deny access to temp editor files, e.g. "script.php~"
            access_log off;
            log_not_found off;
            deny all;
        }
        location ~* \.(?:ico|css|js|gif|jpe?g|png)$ {
            # cache static assets
            expires    max;
            add_header Pragma public;
@ -49,30 +35,25 @@ http {
            alias /var/www/shaarli/images/favicon.ico;
        }
-        location / {
+        location /doc/html/ {
-            # Slim - rewrite URLs
+            default_type "text/html";
-            try_files $uri /index.php$is_args$args;
+            try_files $uri $uri/ $uri.html =404;
        }
-        location ~ (index)\.php$ {
+        location / {
            # Slim - rewrite URLs & do NOT serve static files through this location
            try_files _ /index.php$is_args$args;
        }
        location ~ index\.php$ {
            # Slim - split URL path into (script_filename, path_info)
            try_files $uri =404;
-            fastcgi_split_path_info ^(.+\.php)(/.+)$;
+            fastcgi_split_path_info ^(index.php)(/.+)$;
            # filter and proxy PHP requests to PHP-FPM
            fastcgi_pass   unix:/var/run/php-fpm.sock;
            fastcgi_index  index.php;
            include        fastcgi.conf;
        }
        location ~ /doc/ {
            default_type "text/html";
            try_files $uri $uri/ $uri.html =404;
        }
        location ~ \.php$ {
            # deny access to all other PHP scripts
            deny all;
        }
    }
 }
--- a/.dockerignore
+++ b/.dockerignore
@ -2,8 +2,16 @@
 .dev
 .git
 .github
 .gitattributes
 .gitignore
 .travis.yml
 tests
 # Docker related resources are not needed inside the container
 .dockerignore
 Dockerfile
 Dockerfile.armhf
 # Docker Compose resources
 docker-compose.yml
@ -13,6 +21,9 @@ data/*
 pagecache/*
 tmp/*
 # Shaarli's docs are created during the build
 doc/html/
 # Eclipse project files
 .settings
 .buildpath
--- a/.htaccess
+++ b/.htaccess
@ -13,7 +13,7 @@ RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
 # Alternative (if the 2 lines above don't work)
 # SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
-# REST API
+# Slim URL Redirection
 # Ionos Hosting needs RewriteBase /
 # RewriteBase /
 RewriteCond %{REQUEST_FILENAME} !-f
--- a/.travis.yml
+++ b/.travis.yml
@ -49,6 +49,10 @@ cache:
  directories:
    - $HOME/.composer/cache
 before_install:
  # Disable xdebug: it significantly speed up tests and linter, and we don't use coverage yet
  - phpenv config-rm xdebug.ini || echo 'No xdebug config.'
 install:
  # install/update composer and php dependencies
  - composer config --unset platform && composer config platform.php $TRAVIS_PHP_VERSION
@ -60,4 +64,5 @@ before_script:
 script:
  - make clean
  - make check_permissions
  - make code_sniffer
  - make all_tests
--- a/5
+++ b/5
@ -1,4 +1,4 @@
-   991	ArthurHoaro <arthur@hoa.ro>
+  1097	ArthurHoaro <arthur@hoa.ro>
   402	VirtualTam <virtualtam@flibidi.net>
   294	nodiscc <nodiscc@gmail.com>
    56	Sébastien Sauvage <sebsauvage@sebsauvage.net>
@ -25,6 +25,7 @@
     2	Alexandre G.-Raymond <alex@ndre.gr>
     2	Chris Kuethe <chris.kuethe@gmail.com>
     2	Felix Bartels <felix@host-consultants.de>
     2	Ganesh Kandu <kanduganesh@gmail.com>
     2	Guillaume Virlet <github@virlet.org>
     2	Knah Tsaeb <Knah-Tsaeb@knah-tsaeb.org>
     2	Mathieu Chabanon <git@matchab.fr>
@ -39,6 +40,7 @@
     2	pips <pips@e5150.fr>
     2	trailjeep <trailjeep@gmail.com>
     2	yude <yudesleepy@gmail.com>
     2	yudete <yu@yude.moe>
     1	Adrien Oliva <adrien.oliva@yapbreak.fr>
     1	Adrien le Maire <adrien@alemaire.be>
     1	Alexis J <alexis@effingo.be>
@ -65,6 +67,7 @@
     1	Kevin Masson <kevin.masson@methodinthemadness.eu>
     1	Knah Tsaeb <knah-tsaeb@knah-tsaeb.org>
     1	Lionel Martin <renarddesmers@gmail.com>
     1	Loïc Carr <zizou.xena@gmail.com>
     1	Mark Gerarts <mark.gerarts@gmail.com>
     1	Marsup <marsup@gmail.com>
     1	Paul van den Burg <github@paulvandenburg.nl>
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -4,7 +4,55 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/)
 and this project adheres to [Semantic Versioning](http://semver.org/).
-## [v0.12.1]() - UNRELEASED
+## [v0.12.2]() - UNRELEASED
 ## [v0.12.1](https://github.com/shaarli/Shaarli/releases/tag/v0.12.0) - 2020-11-12
 > nginx ([#1628](https://github.com/shaarli/Shaarli/pull/1628)) and Apache ([#1630](https://github.com/shaarli/Shaarli/pull/1630)) configurations have been reviewed. It is recommended that you
 > update yours using [the documentation](https://shaarli.readthedocs.io/en/master/Server-configuration/).
 > Users using official Docker image will receive updated configuration automatically.
 ### Added
 - Bulk creation of bookmarks
 - Server administration tool page (and install page requirements)
 - Support any tag separator, not just whitespaces
 - Share a private bookmark using a URL with a token
 - Add a setting to retrieve bookmark metadata asynchronously (enabled by default)
 - Highlight fulltext search results
 - Weekly and monthly view/RSS feed for daily page
 - MarkdownExtra formatter
 - Default formatter: add a setting to disable auto-linkification
 - Add mutex on datastore I/O operations to prevent data loss
 - PHP 8.0 support
 - REST API: allow override of creation and update dates
 - Add strict types for bookmarks management
 ### Changed
 - Improve regex and performances to extract HTML metadata (title, description, etc.)
 - Support using Shaarli without URL rewriting (prefix URL with `/index.php/`)
 - Improve the "Manage tags" tools page
 - Use PSR-3 logger for login attempts
 - Move utils classes to Shaarli\Helper namespace and folder
 - Include php-simplexml in Docker image
 - Raise 404 error instead of 500 if permalink access is denied
 - Display error details even with dev.debug set to false
 - Reviewed nginx configuration
 - Reviewed Apache configuration
 - Replace vimeo link in demo bookmarks due to IP ban on the demo instance
 - Apply PSR-12 on code base, and add CI check using PHPCS
 ### Fixed
 - Compatiliby issue on login with PHP 7.1
 - Japanese translations update
 - Redirect to referrer after bookmark deletion
 - Inject ROOT_PATH in plugin instead of regenerating it everywhere
 - Wallabag plugin: minor improvements
 - REST API postLink: change relative path to absolute path
 - Webpack: fix vintage theme images include
 - Docker-compose: fix SSL certificate + add parameter for Docker tag
 ### Removed
 - `config.json.php` new lines in prefix/suffix to prevent issues with Windows PHP
 ## [v0.12.0](https://github.com/shaarli/Shaarli/releases/tag/v0.12.0) - 2020-10-13
--- a/1
+++ b/1
@ -44,6 +44,7 @@ RUN apk --update --no-cache add \
        php7-openssl \
        php7-session \
        php7-xml \
        php7-simplexml \
        php7-zlib \
        s6
--- a/4
+++ b/4
@ -27,10 +27,6 @@ PHPCS := $(BIN)/phpcs
 code_sniffer:
 	@$(PHPCS)
 ### - errors filtered by coding standard: PEAR, PSR1, PSR2, Zend...
 PHPCS_%:
 	@$(PHPCS) --report-full --report-width=200 --standard=$*
 ### - errors by Git author
 code_sniffer_blame:
 	@$(PHPCS) --report-gitblame
--- a/README.md
+++ b/README.md
@ -9,7 +9,7 @@ _It is designed to be personal (single-user), fast and handy._
 [![](https://img.shields.io/badge/stable-v0.11.1-blue.svg)](https://github.com/shaarli/Shaarli/releases/tag/v0.11.1)
 [![](https://img.shields.io/travis/shaarli/Shaarli/stable.svg?label=stable)](https://travis-ci.org/shaarli/Shaarli)
 &bull;
-[![](https://img.shields.io/badge/latest-v0.12.0-blue.svg)](https://github.com/shaarli/Shaarli/releases/tag/v0.12.0)
+[![](https://img.shields.io/badge/latest-v0.12.1-blue.svg)](https://github.com/shaarli/Shaarli/releases/tag/v0.12.1)
 [![](https://img.shields.io/travis/shaarli/Shaarli/latest.svg?label=latest)](https://travis-ci.org/shaarli/Shaarli)
 &bull;
 [![](https://img.shields.io/badge/master-v0.12.x-blue.svg)](https://github.com/shaarli/Shaarli)
--- a/application/History.php
+++ b/application/History.php
@ -1,9 +1,11 @@
 <?php
 namespace Shaarli;
 use DateTime;
 use Exception;
 use Shaarli\Bookmark\Bookmark;
 use Shaarli\Helper\FileUtils;
 /**
 * Class History
@ -30,27 +32,27 @@ class History
    /**
     * @var string Action key: a new link has been created.
     */
-    const CREATED = 'CREATED';
+    public const CREATED = 'CREATED';
    /**
     * @var string Action key: a link has been updated.
     */
-    const UPDATED = 'UPDATED';
+    public const UPDATED = 'UPDATED';
    /**
     * @var string Action key: a link has been deleted.
     */
-    const DELETED = 'DELETED';
+    public const DELETED = 'DELETED';
    /**
     * @var string Action key: settings have been updated.
     */
-    const SETTINGS = 'SETTINGS';
+    public const SETTINGS = 'SETTINGS';
    /**
     * @var string Action key: a bulk import has been processed.
     */
-    const IMPORT = 'IMPORT';
+    public const IMPORT = 'IMPORT';
    /**
     * @var string History file path.
--- a/application/Languages.php
+++ b/application/Languages.php
@ -41,7 +41,7 @@ class Languages
    /**
     * Core translations domain
     */
-    const DEFAULT_DOMAIN = 'shaarli';
+    public const DEFAULT_DOMAIN = 'shaarli';
    /**
     * @var TranslatorInterface
@ -76,7 +76,8 @@ class Languages
            $this->language = $confLanguage;
        }
-        if (! extension_loaded('gettext')
+        if (
            ! extension_loaded('gettext')
            || in_array($this->conf->get('translation.mode', 'auto'), ['auto', 'php'])
        ) {
            $this->initPhpTranslator();
@ -121,7 +122,9 @@ class Languages
        $translations = new Translations();
        // Core translations
        try {
-            $translations = $translations->addFromPoFile('inc/languages/'. $this->language .'/LC_MESSAGES/shaarli.po');
+            $translations = $translations->addFromPoFile(
                'inc/languages/' . $this->language . '/LC_MESSAGES/shaarli.po'
            );
            $translations->setDomain('shaarli');
            $this->translator->loadTranslations($translations);
        } catch (\InvalidArgumentException $e) {
@ -183,6 +186,7 @@ class Languages
            'en' => t('English'),
            'fr' => t('French'),
            'jp' => t('Japanese'),
            'ru' => t('Russian'),
        ];
    }
 }
--- a/application/Thumbnailer.php
+++ b/application/Thumbnailer.php
@ -13,7 +13,7 @@ use WebThumbnailer\WebThumbnailer;
 */
 class Thumbnailer
 {
-    const COMMON_MEDIA_DOMAINS = [
+    protected const COMMON_MEDIA_DOMAINS = [
        'imgur.com',
        'flickr.com',
        'youtube.com',
@ -31,9 +31,9 @@ class Thumbnailer
        'deviantart.com',
    ];
-    const MODE_ALL = 'all';
+    public const MODE_ALL = 'all';
-    const MODE_COMMON = 'common';
+    public const MODE_COMMON = 'common';
-    const MODE_NONE = 'none';
+    public const MODE_NONE = 'none';
    /**
     * @var WebThumbnailer instance.
@ -81,7 +81,8 @@ class Thumbnailer
     */
    public function get($url)
    {
-        if ($this->conf->get('thumbnails.mode') === self::MODE_COMMON
+        if (
            $this->conf->get('thumbnails.mode') === self::MODE_COMMON
            && ! $this->isCommonMediaOrImage($url)
        ) {
            return false;
--- a/application/TimeZone.php
+++ b/application/TimeZone.php
@ -1,4 +1,5 @@
 <?php
 /**
 * Generates a list of available timezone continents and cities.
 *
--- a/application/Utils.php
+++ b/application/Utils.php
@ -1,24 +1,27 @@
 <?php
 /**
 * Shaarli utilities
 */
 /**
- * Logs a message to a text file
+ * Format log using provided data.
 *
 * The log format is compatible with fail2ban.
 *
 * @param string $logFile  where to write the logs
 * @param string $clientIp the client's remote IPv4/IPv6 address
 * @param string      $message  the message to log
 * @param string|null $clientIp the client's remote IPv4/IPv6 address
 *
 * @return string Formatted message to log
 */
-function logm($logFile, $clientIp, $message)
+function format_log(string $message, string $clientIp = null): string
 {
-    file_put_contents(
+    $out = $message;
-        $logFile,
+
-        date('Y/m/d H:i:s').' - '.$clientIp.' - '.strval($message).PHP_EOL,
+    if (!empty($clientIp)) {
-        FILE_APPEND
+        // Note: we keep the first dash to avoid breaking fail2ban configs
-    );
+        $out = '- ' . $clientIp . ' - ' . $out;
    }
    return $out;
 }
 /**
@ -100,7 +103,7 @@ function escape($input)
    }
    if (is_array($input)) {
-        $out = array();
+        $out = [];
        foreach ($input as $key => $value) {
            $out[escape($key)] = escape($value);
        }
@ -161,7 +164,7 @@ function checkDateFormat($format, $string)
 *
 * @return string $referer - final referer.
 */
-function generateLocation($referer, $host, $loopTerms = array())
+function generateLocation($referer, $host, $loopTerms = [])
 {
    $finalReferer = './?';
@ -194,7 +197,7 @@ function generateLocation($referer, $host, $loopTerms = array())
 function autoLocale($headerLocale)
 {
    // Default if browser does not send HTTP_ACCEPT_LANGUAGE
-    $locales = array('en_US', 'en_US.utf8', 'en_US.UTF-8');
+    $locales = ['en_US', 'en_US.utf8', 'en_US.UTF-8'];
    if (! empty($headerLocale)) {
        if (preg_match_all('/([a-z]{2,3})[-_]?([a-z]{2})?,?/i', $headerLocale, $matches, PREG_SET_ORDER)) {
            $attempts = [];
@ -324,6 +327,23 @@ function format_date($date, $time = true, $intl = true)
    return $formatter->format($date);
 }
 /**
 * Format the date month according to the locale.
 *
 * @param DateTimeInterface $date to format.
 *
 * @return bool|string Formatted date, or false if the input is invalid.
 */
 function format_month(DateTimeInterface $date)
 {
    if (! $date instanceof DateTimeInterface) {
        return false;
    }
    return strftime('%B', $date->getTimestamp());
 }
 /**
 * Check if the input is an integer, no matter its real type.
 *
@ -362,8 +382,10 @@ function return_bytes($val)
    switch ($last) {
        case 'g':
            $val *= 1024;
        // do no break in order 1024^2 for each unit
        case 'm':
            $val *= 1024;
        // do no break in order 1024^2 for each unit
        case 'k':
            $val *= 1024;
    }
@ -456,12 +478,18 @@ function alphabetical_sort(&$data, $reverse = false, $byKeys = false)
 * @param string $nText     The plural message ID.
 * @param int    $nb        The number of items for plural forms.
 * @param string $domain    The domain where the translation is stored (default: shaarli).
 * @param array  $variables Associative array of variables to replace in translated text.
 * @param bool   $fixCase   Apply `ucfirst` on the translated string, might be useful for strings with variables.
 *
 * @return string Text translated.
 */
-function t($text, $nText = '', $nb = 1, $domain = 'shaarli')
+function t($text, $nText = '', $nb = 1, $domain = 'shaarli', $variables = [], $fixCase = false)
 {
-    return dn__($domain, $text, $nText, $nb);
+    $postFunction = $fixCase ? 'ucfirst' : function ($input) {
        return $input;
    };
    return $postFunction(dn__($domain, $text, $nText, $nb, $variables));
 }
 /**
@ -471,4 +499,3 @@ function exception2text(Throwable $e): string
 {
    return $e->getMessage() . PHP_EOL . $e->getFile() . $e->getLine() . PHP_EOL . $e->getTraceAsString();
 }
--- a/application/api/ApiMiddleware.php
+++ b/application/api/ApiMiddleware.php
@ -1,4 +1,5 @@
 <?php
 namespace Shaarli\Api;
 use malkusch\lock\mutex\FlockMutex;
@ -108,7 +109,8 @@ class ApiMiddleware
     */
    protected function checkToken($request)
    {
-        if (!$request->hasHeader('Authorization')
+        if (
            !$request->hasHeader('Authorization')
            && !isset($this->container->environment['REDIRECT_HTTP_AUTHORIZATION'])
        ) {
            throw new ApiAuthorizationException('JWT token not provided');
--- a/application/api/ApiUtils.php
+++ b/application/api/ApiUtils.php
@ -1,4 +1,5 @@
 <?php
 namespace Shaarli\Api;
 use Shaarli\Api\Exceptions\ApiAuthorizationException;
@ -42,7 +43,8 @@ class ApiUtils
            throw new ApiAuthorizationException('Invalid JWT payload');
        }
-        if (empty($payload->iat)
+        if (
            empty($payload->iat)
            || $payload->iat > time()
            || time() - $payload->iat > ApiMiddleware::$TOKEN_DURATION
        ) {
--- a/application/api/controllers/HistoryController.php
+++ b/application/api/controllers/HistoryController.php
@ -1,6 +1,5 @@
 <?php
 namespace Shaarli\Api\Controllers;
 use Shaarli\Api\Exceptions\ApiBadParametersException;
--- a/application/api/controllers/Info.php
+++ b/application/api/controllers/Info.php
@ -29,13 +29,13 @@ class Info extends ApiController
        $info = [
            'global_counter' => $this->bookmarkService->count(),
            'private_counter' => $this->bookmarkService->count(BookmarkFilter::$PRIVATE),
-            'settings' => array(
+            'settings' => [
                'title' => $this->conf->get('general.title', 'Shaarli'),
                'header_link' => $this->conf->get('general.header_link', '?'),
                'timezone' => $this->conf->get('general.timezone', 'UTC'),
                'enabled_plugins' => $this->conf->get('general.enabled_plugins', []),
                'default_private_links' => $this->conf->get('privacy.default_private_links', false),
-            ),
+            ],
        ];
        return $response->withJson($info, 200, $this->jsonStyle);
--- a/application/api/controllers/Links.php
+++ b/application/api/controllers/Links.php
@ -119,7 +119,8 @@ class Links extends ApiController
        $data = (array) ($request->getParsedBody() ?? []);
        $bookmark = ApiUtils::buildBookmarkFromRequest($data, $this->conf->get('privacy.default_private_links'));
        // duplicate by URL, return 409 Conflict
-        if (! empty($bookmark->getUrl())
+        if (
            ! empty($bookmark->getUrl())
            && ! empty($dup = $this->bookmarkService->findByUrl($bookmark->getUrl()))
        ) {
            return $response->withJson(
@ -131,7 +132,7 @@ class Links extends ApiController
        $this->bookmarkService->add($bookmark);
        $out = ApiUtils::formatLink($bookmark, index_url($this->ci['environment']));
-        $redirect = $this->ci->router->relativePathFor('getLink', ['id' => $bookmark->getId()]);
+        $redirect = $this->ci->router->pathFor('getLink', ['id' => $bookmark->getId()]);
        return $response->withAddedHeader('Location', $redirect)
                        ->withJson($out, 201, $this->jsonStyle);
    }
@ -159,7 +160,8 @@ class Links extends ApiController
        $requestBookmark = ApiUtils::buildBookmarkFromRequest($data, $this->conf->get('privacy.default_private_links'));
        // duplicate URL on a different link, return 409 Conflict
-        if (! empty($requestBookmark->getUrl())
+        if (
            ! empty($requestBookmark->getUrl())
            && ! empty($dup = $this->bookmarkService->findByUrl($requestBookmark->getUrl()))
            && $dup->getId() != $id
        ) {
--- a/application/bookmark/Bookmark.php
+++ b/application/bookmark/Bookmark.php
@ -19,7 +19,7 @@ use Shaarli\Bookmark\Exception\InvalidBookmarkException;
 class Bookmark
 {
    /** @var string Date format used in string (former ID format) */
-    const LINK_DATE_FORMAT = 'Ymd_His';
+    public const LINK_DATE_FORMAT = 'Ymd_His';
    /** @var int Bookmark ID */
    protected $id;
@ -61,10 +61,12 @@ class Bookmark
     * Initialize a link from array data. Especially useful to create a Bookmark from former link storage format.
     *
     * @param array  $data
     * @param string $tagsSeparator Tags separator loaded from the config file.
     *                              This is a context data, and it should *never* be stored in the Bookmark object.
     *
     * @return $this
     */
-    public function fromArray(array $data): Bookmark
+    public function fromArray(array $data, string $tagsSeparator = ' '): Bookmark
    {
        $this->id = $data['id'] ?? null;
        $this->shortUrl = $data['shorturl'] ?? null;
@ -77,7 +79,7 @@ class Bookmark
        if (is_array($data['tags'])) {
            $this->tags = $data['tags'];
        } else {
-            $this->tags = preg_split('/\s+/', $data['tags'] ?? '', -1, PREG_SPLIT_NO_EMPTY);
+            $this->tags = tags_str2array($data['tags'] ?? '', $tagsSeparator);
        }
        if (! empty($data['updated'])) {
            $this->updated = $data['updated'];
@ -104,7 +106,8 @@ class Bookmark
     */
    public function validate(): void
    {
-        if ($this->id === null
+        if (
            $this->id === null
            || ! is_int($this->id)
            || empty($this->shortUrl)
            || empty($this->created)
@ -348,7 +351,12 @@ class Bookmark
     */
    public function setTags(?array $tags): Bookmark
    {
-        $this->setTagsString(implode(' ', $tags ?? []));
+        $this->tags = array_map(
            function (string $tag): string {
                return $tag[0] === '-' ? substr($tag, 1) : $tag;
            },
            tags_filter($tags, ' ')
        );
        return $this;
    }
@ -420,11 +428,13 @@ class Bookmark
    }
    /**
-     * @return string Bookmark's tags as a string, separated by a space
+     * @param string $separator Tags separator loaded from the config file.
     *
     * @return string Bookmark's tags as a string, separated by a separator
     */
-    public function getTagsString(): string
+    public function getTagsString(string $separator = ' '): string
    {
-        return implode(' ', $this->getTags());
+        return tags_array2str($this->getTags(), $separator);
    }
    /**
@ -444,19 +454,13 @@ class Bookmark
     *   - trailing dash in tags will be removed
     *
     * @param string|null $tags
     * @param string      $separator Tags separator loaded from the config file.
     *
     * @return $this
     */
-    public function setTagsString(?string $tags): Bookmark
+    public function setTagsString(?string $tags, string $separator = ' '): Bookmark
    {
-        // Remove first '-' char in tags.
+        $this->setTags(tags_str2array($tags, $separator));
        $tags = preg_replace('/(^| )\-/', '$1', $tags ?? '');
        // Explode all tags separted by spaces or commas
        $tags = preg_split('/[\s,]+/', $tags);
        // Remove eventual empty values
        $tags = array_values(array_filter($tags));
        $this->tags = $tags;
        return $this;
    }
@ -507,7 +511,7 @@ class Bookmark
     */
    public function renameTag(string $fromTag, string $toTag): void
    {
-        if (($pos = array_search($fromTag, $this->tags)) !== false) {
+        if (($pos = array_search($fromTag, $this->tags ?? [])) !== false) {
            $this->tags[$pos] = trim($toTag);
        }
    }
@ -519,7 +523,7 @@ class Bookmark
     */
    public function deleteTag(string $tag): void
    {
-        if (($pos = array_search($tag, $this->tags)) !== false) {
+        if (($pos = array_search($tag, $this->tags ?? [])) !== false) {
            unset($this->tags[$pos]);
            $this->tags = array_values($this->tags);
        }
--- a/application/bookmark/BookmarkArray.php
+++ b/application/bookmark/BookmarkArray.php
@ -72,7 +72,8 @@ class BookmarkArray implements \Iterator, \Countable, \ArrayAccess
     */
    public function offsetSet($offset, $value)
    {
-        if (! $value instanceof Bookmark
+        if (
            ! $value instanceof Bookmark
            || $value->getId() === null || empty($value->getUrl())
            || ($offset !== null && ! is_int($offset)) || ! is_int($value->getId())
            || $offset !== null && $offset !== $value->getId()
@ -222,7 +223,8 @@ class BookmarkArray implements \Iterator, \Countable, \ArrayAccess
     */
    public function getByUrl(string $url): ?Bookmark
    {
-        if (! empty($url)
+        if (
            ! empty($url)
            && isset($this->urls[$url])
            && isset($this->bookmarks[$this->urls[$url]])
        ) {
--- a/application/bookmark/BookmarkFileService.php
+++ b/application/bookmark/BookmarkFileService.php
@ -91,19 +91,23 @@ class BookmarkFileService implements BookmarkServiceInterface
            }
        }
-        $this->bookmarkFilter = new BookmarkFilter($this->bookmarks);
+        $this->bookmarkFilter = new BookmarkFilter($this->bookmarks, $this->conf);
    }
    /**
     * @inheritDoc
     */
-    public function findByHash(string $hash): Bookmark
+    public function findByHash(string $hash, string $privateKey = null): Bookmark
    {
        $bookmark = $this->bookmarkFilter->filter(BookmarkFilter::$FILTER_HASH, $hash);
        // PHP 7.3 introduced array_key_first() to avoid this hack
        $first = reset($bookmark);
-        if (! $this->isLoggedIn && $first->isPrivate()) {
+        if (
-            throw new Exception('Not authorized');
+            !$this->isLoggedIn
            && $first->isPrivate()
            && (empty($privateKey) || $privateKey !== $first->getAdditionalContentEntry('private_key'))
        ) {
            throw new BookmarkNotFoundException();
        }
        return $first;
@ -162,7 +166,8 @@ class BookmarkFileService implements BookmarkServiceInterface
        }
        $bookmark = $this->bookmarks[$id];
-        if (($bookmark->isPrivate() && $visibility != 'all' && $visibility != 'private')
+        if (
            ($bookmark->isPrivate() && $visibility != 'all' && $visibility != 'private')
            || (! $bookmark->isPrivate() && $visibility != 'all' && $visibility != 'public')
        ) {
            throw new Exception('Unauthorized');
@ -262,7 +267,8 @@ class BookmarkFileService implements BookmarkServiceInterface
        }
        $bookmark = $this->bookmarks[$id];
-        if (($bookmark->isPrivate() && $visibility != 'all' && $visibility != 'private')
+        if (
            ($bookmark->isPrivate() && $visibility != 'all' && $visibility != 'private')
            || (! $bookmark->isPrivate() && $visibility != 'all' && $visibility != 'public')
        ) {
            return false;
@ -304,7 +310,8 @@ class BookmarkFileService implements BookmarkServiceInterface
        $caseMapping = [];
        foreach ($bookmarks as $bookmark) {
            foreach ($bookmark->getTags() as $tag) {
-                if (empty($tag)
+                if (
                    empty($tag)
                    || (! $this->isLoggedIn && startsWith($tag, '.'))
                    || $tag === BookmarkMarkdownFormatter::NO_MD_TAG
                    || in_array($tag, $filteringTags, true)
@ -340,26 +347,42 @@ class BookmarkFileService implements BookmarkServiceInterface
    /**
     * @inheritDoc
     */
-    public function days(): array
+    public function findByDate(
-    {
+        \DateTimeInterface $from,
-        $bookmarkDays = [];
+        \DateTimeInterface $to,
-        foreach ($this->search() as $bookmark) {
+        ?\DateTimeInterface &$previous,
-            $bookmarkDays[$bookmark->getCreated()->format('Ymd')] = 0;
+        ?\DateTimeInterface &$next
-        }
+    ): array {
-        $bookmarkDays = array_keys($bookmarkDays);
+        $out = [];
-        sort($bookmarkDays);
+        $previous = null;
        $next = null;
-        return array_map('strval', $bookmarkDays);
+        foreach ($this->search([], null, false, false, true) as $bookmark) {
            if ($to < $bookmark->getCreated()) {
                $next = $bookmark->getCreated();
            } elseif ($from < $bookmark->getCreated() && $to > $bookmark->getCreated()) {
                $out[] = $bookmark;
            } else {
                if ($previous !== null) {
                    break;
                }
                $previous = $bookmark->getCreated();
            }
        }
        return $out;
    }
    /**
     * @inheritDoc
     */
-    public function filterDay(string $request)
+    public function getLatest(): ?Bookmark
    {
-        $visibility = $this->isLoggedIn ? BookmarkFilter::$ALL : BookmarkFilter::$PUBLIC;
+        foreach ($this->search([], null, false, false, true) as $bookmark) {
            return $bookmark;
        }
-        return $this->bookmarkFilter->filter(BookmarkFilter::$FILTER_DAY, $request, false, $visibility);
+        return null;
    }
    /**
@ -386,14 +409,14 @@ class BookmarkFileService implements BookmarkServiceInterface
            false
        );
        $updater = new LegacyUpdater(
-            UpdaterUtils::read_updates_file($this->conf->get('resource.updates')),
+            UpdaterUtils::readUpdatesFile($this->conf->get('resource.updates')),
            $bookmarkDb,
            $this->conf,
            true
        );
        $newUpdates = $updater->update();
        if (! empty($newUpdates)) {
-            UpdaterUtils::write_updates_file(
+            UpdaterUtils::writeUpdatesFile(
                $this->conf->get('resource.updates'),
                $updater->getDoneUpdates()
            );
--- a/application/bookmark/BookmarkFilter.php
+++ b/application/bookmark/BookmarkFilter.php
@ -6,6 +6,7 @@ namespace Shaarli\Bookmark;
 use Exception;
 use Shaarli\Bookmark\Exception\BookmarkNotFoundException;
 use Shaarli\Config\ConfigManager;
 /**
 * Class LinkFilter.
@ -58,12 +59,16 @@ class BookmarkFilter
     */
    private $bookmarks;
    /** @var ConfigManager */
    protected $conf;
    /**
     * @param Bookmark[] $bookmarks initialization.
     */
-    public function __construct($bookmarks)
+    public function __construct($bookmarks, ConfigManager $conf)
    {
        $this->bookmarks = $bookmarks;
        $this->conf = $conf;
    }
    /**
@ -107,10 +112,14 @@ class BookmarkFilter
                    $filtered = $this->bookmarks;
                }
                if (!empty($request[0])) {
-                    $filtered = (new BookmarkFilter($filtered))->filterTags($request[0], $casesensitive, $visibility);
+                    $filtered = (new BookmarkFilter($filtered, $this->conf))
                        ->filterTags($request[0], $casesensitive, $visibility)
                    ;
                }
                if (!empty($request[1])) {
-                    $filtered = (new BookmarkFilter($filtered))->filterFulltext($request[1], $visibility);
+                    $filtered = (new BookmarkFilter($filtered, $this->conf))
                        ->filterFulltext($request[1], $visibility)
                    ;
                }
                return $filtered;
            case self::$FILTER_TEXT:
@ -141,7 +150,7 @@ class BookmarkFilter
            return $this->bookmarks;
        }
-        $out = array();
+        $out = [];
        foreach ($this->bookmarks as $key => $value) {
            if ($value->isPrivate() && $visibility === 'private') {
                $out[$key] = $value;
@ -280,8 +289,9 @@ class BookmarkFilter
     *
     * @return string generated regex fragment
     */
-    private static function tag2regex(string $tag): string
+    protected function tag2regex(string $tag): string
    {
        $tagsSeparator = $this->conf->get('general.tags_separator', ' ');
        $len = strlen($tag);
        if (!$len || $tag === "-" || $tag === "*") {
            // nothing to search, return empty regex
@ -295,12 +305,13 @@ class BookmarkFilter
            $i = 0; // start at first character
            $regex = '(?='; // use positive lookahead
        }
-        $regex .= '.*(?:^| )'; // before tag may only be a space or the beginning
+        // before tag may only be the separator or the beginning
        $regex .= '.*(?:^|' . $tagsSeparator . ')';
        // iterate over string, separating it into placeholder and content
        for (; $i < $len; $i++) {
            if ($tag[$i] === '*') {
                // placeholder found
-                $regex .= '[^ ]*?';
+                $regex .= '[^' . $tagsSeparator . ']*?';
            } else {
                // regular characters
                $offset = strpos($tag, '*', $i);
@ -316,7 +327,8 @@ class BookmarkFilter
                $i = $offset;
            }
        }
-        $regex .= '(?:$| ))'; // after the tag may only be a space or the end
+        // after the tag may only be the separator or the end
        $regex .= '(?:$|' . $tagsSeparator . '))';
        return $regex;
    }
@ -334,14 +346,15 @@ class BookmarkFilter
     */
    public function filterTags($tags, bool $casesensitive = false, string $visibility = 'all')
    {
        $tagsSeparator = $this->conf->get('general.tags_separator', ' ');
        // get single tags (we may get passed an array, even though the docs say different)
        $inputTags = $tags;
        if (!is_array($tags)) {
            // we got an input string, split tags
-            $inputTags = preg_split('/(?:\s+)|,/', $inputTags, -1, PREG_SPLIT_NO_EMPTY);
+            $inputTags = tags_str2array($inputTags, $tagsSeparator);
        }
-        if (!count($inputTags)) {
+        if (count($inputTags) === 0) {
            // no input tags
            return $this->noFilter($visibility);
        }
@ -358,7 +371,7 @@ class BookmarkFilter
        }
        // build regex from all tags
-        $re = '/^' . implode(array_map("self::tag2regex", $inputTags)) . '.*$/';
+        $re = '/^' . implode(array_map([$this, 'tag2regex'], $inputTags)) . '.*$/';
        if (!$casesensitive) {
            // make regex case insensitive
            $re .= 'i';
@ -378,10 +391,11 @@ class BookmarkFilter
                    continue;
                }
            }
-            $search = $link->getTagsString(); // build search string, start with tags of current link
+            // build search string, start with tags of current link
            $search = $link->getTagsString($tagsSeparator);
            if (strlen(trim($link->getDescription())) && strpos($link->getDescription(), '#') !== false) {
                // description given and at least one possible tag found
-                $descTags = array();
+                $descTags = [];
                // find all tags in the form of #tag in the description
                preg_match_all(
                    '/(?<![' . self::$HASHTAG_CHARS . '])#([' . self::$HASHTAG_CHARS . ']+?)\b/sm',
@ -390,9 +404,9 @@ class BookmarkFilter
                );
                if (count($descTags[1])) {
                    // there were some tags in the description, add them to the search string
-                    $search .= ' ' . implode(' ', $descTags[1]);
+                    $search .= $tagsSeparator . tags_array2str($descTags[1], $tagsSeparator);
                }
            }
            };
            // match regular expression with search string
            if (!preg_match($re, $search)) {
                // this entry does _not_ match our regex
@ -422,7 +436,7 @@ class BookmarkFilter
                }
            }
-            if (empty(trim($link->getTagsString()))) {
+            if (empty($link->getTags())) {
                $filtered[$key] = $link;
            }
        }
@ -537,10 +551,11 @@ class BookmarkFilter
     */
    protected function buildFullTextSearchableLink(Bookmark $link, array &$lengths): string
    {
        $tagString = $link->getTagsString($this->conf->get('general.tags_separator', ' '));
        $content  = mb_convert_case($link->getTitle(), MB_CASE_LOWER, 'UTF-8') . '\\';
        $content .= mb_convert_case($link->getDescription(), MB_CASE_LOWER, 'UTF-8') . '\\';
        $content .= mb_convert_case($link->getUrl(), MB_CASE_LOWER, 'UTF-8') . '\\';
-        $content .= mb_convert_case($link->getTagsString(), MB_CASE_LOWER, 'UTF-8') .'\\';
+        $content .= mb_convert_case($tagString, MB_CASE_LOWER, 'UTF-8') . '\\';
        $lengths['title'] = ['start' => 0, 'end' => mb_strlen($link->getTitle())];
        $nextField = $lengths['title']['end'] + 1;
@ -548,7 +563,7 @@ class BookmarkFilter
        $nextField = $lengths['description']['end'] + 1;
        $lengths['url'] = ['start' => $nextField, 'end' => $nextField + mb_strlen($link->getUrl())];
        $nextField = $lengths['url']['end'] + 1;
-        $lengths['tags'] = ['start' => $nextField, 'end' => $nextField + mb_strlen($link->getTagsString())];
+        $lengths['tags'] = ['start' => $nextField, 'end' => $nextField + mb_strlen($tagString)];
        return $content;
    }
--- a/application/bookmark/BookmarkInitializer.php
+++ b/application/bookmark/BookmarkInitializer.php
@ -13,6 +13,9 @@ namespace Shaarli\Bookmark;
 * To prevent data corruption, it does not overwrite existing bookmarks,
 * even though there should not be any.
 *
 * We disable this because otherwise it creates indentation issues, and heredoc is not supported by PHP gettext.
 * @phpcs:disable Generic.Files.LineLength.TooLong
 *
 * @package Shaarli\Bookmark
 */
 class BookmarkInitializer
@ -36,8 +39,8 @@ class BookmarkInitializer
    public function initialize(): void
    {
        $bookmark = new Bookmark();
-        $bookmark->setTitle('quicksilver (loop) on Vimeo ' . t('(private bookmark with thumbnail demo)'));
+        $bookmark->setTitle('Calm Jazz Music - YouTube ' . t('(private bookmark with thumbnail demo)'));
-        $bookmark->setUrl('https://vimeo.com/153493904');
+        $bookmark->setUrl('https://www.youtube.com/watch?v=DVEUcbPkb-c');
        $bookmark->setDescription(t(
            'Shaarli will automatically pick up the thumbnail for links to a variety of websites.
--- a/application/bookmark/BookmarkServiceInterface.php
+++ b/application/bookmark/BookmarkServiceInterface.php
@ -20,13 +20,14 @@ interface BookmarkServiceInterface
    /**
     * Find a bookmark by hash
     *
-     * @param string $hash
+     * @param string      $hash       Bookmark's hash
     * @param string|null $privateKey Optional key used to access private links while logged out
     *
     * @return Bookmark
     *
     * @throws \Exception
     */
-    public function findByHash(string $hash): Bookmark;
+    public function findByHash(string $hash, string $privateKey = null);
    /**
     * @param $url
@ -155,22 +156,29 @@ interface BookmarkServiceInterface
    public function bookmarksCountPerTag(array $filteringTags = [], ?string $visibility = null): array;
    /**
-     * Returns the list of days containing articles (oldest first)
+     * Return a list of bookmark matching provided period of time.
     * It also update directly previous and next date outside of given period found in the datastore.
     *
-     * @return array containing days (in format YYYYMMDD).
+     * @param \DateTimeInterface      $from     Starting date.
     * @param \DateTimeInterface      $to       Ending date.
     * @param \DateTimeInterface|null $previous (by reference) updated with first created date found before $from.
     * @param \DateTimeInterface|null $next     (by reference) updated with first created date found after $to.
     *
     * @return array List of bookmarks matching provided period of time.
     */
-    public function days(): array;
+    public function findByDate(
        \DateTimeInterface $from,
        \DateTimeInterface $to,
        ?\DateTimeInterface &$previous,
        ?\DateTimeInterface &$next
    ): array;
    /**
-     * Returns the list of articles for a given day.
+     * Returns the latest bookmark by creation date.
     *
-     * @param string $request day to filter. Format: YYYYMMDD.
+     * @return Bookmark|null Found Bookmark or null if the datastore is empty.
     *
     * @return Bookmark[] list of shaare found.
     *
     * @throws BookmarkNotFoundException
     */
-    public function filterDay(string $request);
+    public function getLatest(): ?Bookmark;
    /**
     * Creates the default database after a fresh install.
--- a/application/bookmark/LinkUtils.php
+++ b/application/bookmark/LinkUtils.php
@ -68,16 +68,17 @@ function html_extract_tag($tag, $html)
    $properties = implode('|', $propertiesKey);
    // We need a OR here to accept either 'property=og:noquote' or 'property="og:unrelated og:my-tag"'
    $orCondition  = '["\']?(?:og:)?' . $tag . '["\']?|["\'][^\'"]*?(?:og:)?' . $tag . '[^\'"]*?[\'"]';
-    // Try to retrieve OpenGraph image.
+    // Try to retrieve OpenGraph tag.
-    $ogRegex = '#<meta[^>]+(?:'. $properties .')=(?:'. $orCondition .')[^>]*content=["\'](.*?)["\'].*?>#';
+    $ogRegex = '#<meta[^>]+(?:' . $properties . ')=(?:' . $orCondition . ')[^>]*content=(["\'])([^\1]*?)\1.*?>#';
    // If the attributes are not in the order property => content (e.g. Github)
    // New regex to keep this readable... more or less.
-    $ogRegexReverse = '#<meta[^>]+content=["\'](.*?)["\'][^>]+(?:'. $properties .')=(?:'. $orCondition .').*?>#';
+    $ogRegexReverse = '#<meta[^>]+content=(["\'])([^\1]*?)\1[^>]+(?:' . $properties . ')=(?:' . $orCondition . ').*?>#';
-    if (preg_match($ogRegex, $html, $matches) > 0
+    if (
        preg_match($ogRegex, $html, $matches) > 0
        || preg_match($ogRegexReverse, $html, $matches) > 0
    ) {
-        return $matches[1];
+        return $matches[2];
    }
    return false;
@ -138,12 +139,17 @@ function space2nbsp($text)
 *
 * @param string $description shaare's description.
 * @param string $indexUrl    URL to Shaarli's index.
-
+ * @param bool   $autolink    Turn on/off automatic linkifications of URLs and hashtags
 *
 * @return string formatted description.
 */
-function format_description($description, $indexUrl = '')
+function format_description($description, $indexUrl = '', $autolink = true)
 {
-    return nl2br(space2nbsp(hashtag_autolink(text2clickable($description), $indexUrl)));
+    if ($autolink) {
        $description = hashtag_autolink(text2clickable($description), $indexUrl);
    }
    return nl2br(space2nbsp($description));
 }
 /**
@ -171,3 +177,49 @@ function is_note($linkUrl)
 {
    return isset($linkUrl[0]) && $linkUrl[0] === '?';
 }
 /**
 * Extract an array of tags from a given tag string, with provided separator.
 *
 * @param string|null $tags      String containing a list of tags separated by $separator.
 * @param string      $separator Shaarli's default: ' ' (whitespace)
 *
 * @return array List of tags
 */
 function tags_str2array(?string $tags, string $separator): array
 {
    // For whitespaces, we use the special \s regex character
    $separator = $separator === ' ' ? '\s' : $separator;
    return preg_split('/\s*' . $separator . '+\s*/', trim($tags) ?? '', -1, PREG_SPLIT_NO_EMPTY);
 }
 /**
 * Return a tag string with provided separator from a list of tags.
 * Note that given array is clean up by tags_filter().
 *
 * @param array|null $tags      List of tags
 * @param string     $separator
 *
 * @return string
 */
 function tags_array2str(?array $tags, string $separator): string
 {
    return implode($separator, tags_filter($tags, $separator));
 }
 /**
 * Clean an array of tags: trim + remove empty entries
 *
 * @param array|null $tags List of tags
 * @param string     $separator
 *
 * @return array
 */
 function tags_filter(?array $tags, string $separator): array
 {
    $trimDefault = " \t\n\r\0\x0B";
    return array_values(array_filter(array_map(function (string $entry) use ($separator, $trimDefault): string {
        return trim($entry, $trimDefault . $separator);
    }, $tags ?? [])));
 }
--- a/application/bookmark/exception/BookmarkNotFoundException.php
+++ b/application/bookmark/exception/BookmarkNotFoundException.php
@ -1,4 +1,5 @@
 <?php
 namespace Shaarli\Bookmark\Exception;
 use Exception;
--- a/application/bookmark/exception/EmptyDataStoreException.php
+++ b/application/bookmark/exception/EmptyDataStoreException.php
@ -1,7 +1,7 @@
 <?php
 namespace Shaarli\Bookmark\Exception;
-
+class EmptyDataStoreException extends \Exception
-class EmptyDataStoreException extends \Exception {}
+{
 }
--- a/application/bookmark/exception/NotWritableDataStoreException.php
+++ b/application/bookmark/exception/NotWritableDataStoreException.php
@ -1,9 +1,7 @@
 <?php
 namespace Shaarli\Bookmark\Exception;
 class NotWritableDataStoreException extends \Exception
 {
    /**
--- a/application/config/ConfigIO.php
+++ b/application/config/ConfigIO.php
@ -1,4 +1,5 @@
 <?php
 namespace Shaarli\Config;
 /**
--- a/application/config/ConfigJson.php
+++ b/application/config/ConfigJson.php
@ -19,7 +19,7 @@ class ConfigJson implements ConfigIO
        $data = file_get_contents($filepath);
        $data = str_replace(self::getPhpHeaders(), '', $data);
        $data = str_replace(self::getPhpSuffix(), '', $data);
-        $data = json_decode($data, true);
+        $data = json_decode(trim($data), true);
        if ($data === null) {
            $errorCode = json_last_error();
            $error  = sprintf(
@ -73,7 +73,7 @@ class ConfigJson implements ConfigIO
     */
    public static function getPhpHeaders()
    {
-        return '<?php /*'. PHP_EOL;
+        return '<?php /*';
    }
    /**
@ -85,6 +85,6 @@ class ConfigJson implements ConfigIO
     */
    public static function getPhpSuffix()
    {
-        return PHP_EOL . '*/ ?>';
+        return '*/ ?>';
    }
 }
--- a/application/config/ConfigManager.php
+++ b/application/config/ConfigManager.php
@ -1,4 +1,5 @@
 <?php
 namespace Shaarli\Config;
 use Shaarli\Config\Exception\MissingFieldConfigException;
@ -20,7 +21,7 @@ class ConfigManager
     */
    protected static $NOT_FOUND = 'NOT_FOUND';
-    public static $DEFAULT_PLUGINS = array('qrcode');
+    public static $DEFAULT_PLUGINS = ['qrcode'];
    /**
     * @var string Config folder.
@ -213,7 +214,7 @@ class ConfigManager
    public function write($isLoggedIn)
    {
        // These fields are required in configuration.
-        $mandatoryFields = array(
+        $mandatoryFields = [
            'credentials.login',
            'credentials.hash',
            'credentials.salt',
@ -222,7 +223,7 @@ class ConfigManager
            'general.title',
            'general.header_link',
            'privacy.default_private_links',
-        );
+        ];
        // Only logged in user can alter config.
        if (is_file($this->getConfigFileExt()) && !$isLoggedIn) {
@ -368,9 +369,10 @@ class ConfigManager
        $this->setEmpty('general.default_note_title', 'Note: ');
        $this->setEmpty('general.retrieve_description', true);
        $this->setEmpty('general.enable_async_metadata', true);
        $this->setEmpty('general.tags_separator', ' ');
-        $this->setEmpty('updates.check_updates', false);
+        $this->setEmpty('updates.check_updates', true);
-        $this->setEmpty('updates.check_updates_branch', 'stable');
+        $this->setEmpty('updates.check_updates_branch', 'latest');
        $this->setEmpty('updates.check_updates_interval', 86400);
        $this->setEmpty('feed.rss_permalinks', true);
@ -391,7 +393,7 @@ class ConfigManager
        $this->setEmpty('translation.mode', 'php');
        $this->setEmpty('translation.extensions', []);
-        $this->setEmpty('plugins', array());
+        $this->setEmpty('plugins', []);
        $this->setEmpty('formatter', 'markdown');
    }
--- a/application/config/ConfigPhp.php
+++ b/application/config/ConfigPhp.php
@ -1,4 +1,5 @@
 <?php
 namespace Shaarli\Config;
 /**
@ -12,7 +13,7 @@ class ConfigPhp implements ConfigIO
    /**
     * @var array List of config key without group.
     */
-    public static $ROOT_KEYS = array(
+    public static $ROOT_KEYS = [
        'login',
        'hash',
        'salt',
@ -22,7 +23,7 @@ class ConfigPhp implements ConfigIO
        'redirector',
        'disablesessionprotection',
        'privateLinkByDefault',
-    );
+    ];
    /**
     * Map legacy config keys with the new ones.
@ -31,7 +32,7 @@ class ConfigPhp implements ConfigIO
     *
     * @var array current key => legacy key.
     */
-    public static $LEGACY_KEYS_MAPPING = array(
+    public static $LEGACY_KEYS_MAPPING = [
        'credentials.login' => 'login',
        'credentials.hash' => 'hash',
        'credentials.salt' => 'salt',
@ -68,7 +69,7 @@ class ConfigPhp implements ConfigIO
        'privacy.hide_public_links' => 'config.HIDE_PUBLIC_LINKS',
        'privacy.hide_timestamps' => 'config.HIDE_TIMESTAMPS',
        'security.open_shaarli' => 'config.OPEN_SHAARLI',
-    );
+    ];
    /**
     * @inheritdoc
@ -76,12 +77,12 @@ class ConfigPhp implements ConfigIO
    public function read($filepath)
    {
        if (! file_exists($filepath) || ! is_readable($filepath)) {
-            return array();
+            return [];
        }
        include $filepath;
-        $out = array();
+        $out = [];
        foreach (self::$ROOT_KEYS as $key) {
            $out[$key] = isset($GLOBALS[$key]) ? $GLOBALS[$key] : '';
        }
@ -121,7 +122,8 @@ class ConfigPhp implements ConfigIO
            }
        }
-        if (!file_put_contents($filepath, $configStr)
+        if (
            !file_put_contents($filepath, $configStr)
            || strcmp(file_get_contents($filepath), $configStr) != 0
        ) {
            throw new \Shaarli\Exceptions\IOException(
--- a/application/config/ConfigPlugin.php
+++ b/application/config/ConfigPlugin.php
@ -39,8 +39,8 @@ function save_plugin_config($formData)
        throw new PluginConfigOrderException();
    }
-    $plugins = array();
+    $plugins = [];
-    $newEnabledPlugins = array();
+    $newEnabledPlugins = [];
    foreach ($formData as $key => $data) {
        if (startsWith($key, 'order')) {
            continue;
@ -62,7 +62,7 @@ function save_plugin_config($formData)
        throw new PluginConfigOrderException();
    }
-    $finalPlugins = array();
+    $finalPlugins = [];
    // Make plugins order continuous.
    foreach ($plugins as $plugin) {
        $finalPlugins[] = $plugin;
@ -81,7 +81,7 @@ function save_plugin_config($formData)
 */
 function validate_plugin_order($formData)
 {
-    $orders = array();
+    $orders = [];
    foreach ($formData as $key => $value) {
        // No duplicate order allowed.
        if (in_array($value, $orders, true)) {
--- a/application/config/exception/MissingFieldConfigException.php
+++ b/application/config/exception/MissingFieldConfigException.php
@ -1,6 +1,5 @@
 <?php
 namespace Shaarli\Config\Exception;
 /**
--- a/application/config/exception/UnauthorizedConfigException.php
+++ b/application/config/exception/UnauthorizedConfigException.php
@ -1,6 +1,5 @@
 <?php
 namespace Shaarli\Config\Exception;
 /**
--- a/application/container/ContainerBuilder.php
+++ b/application/container/ContainerBuilder.php
@ -5,6 +5,7 @@ declare(strict_types=1);
 namespace Shaarli\Container;
 use malkusch\lock\mutex\FlockMutex;
 use Psr\Log\LoggerInterface;
 use Shaarli\Bookmark\BookmarkFileService;
 use Shaarli\Bookmark\BookmarkServiceInterface;
 use Shaarli\Config\ConfigManager;
@ -49,6 +50,9 @@ class ContainerBuilder
    /** @var LoginManager */
    protected $login;
    /** @var LoggerInterface */
    protected $logger;
    /** @var string|null */
    protected $basePath = null;
@ -56,12 +60,14 @@ class ContainerBuilder
        ConfigManager $conf,
        SessionManager $session,
        CookieManager $cookieManager,
-        LoginManager $login
+        LoginManager $login,
        LoggerInterface $logger
    ) {
        $this->conf = $conf;
        $this->session = $session;
        $this->login = $login;
        $this->cookieManager = $cookieManager;
        $this->logger = $logger;
    }
    public function build(): ShaarliContainer
@ -72,6 +78,7 @@ class ContainerBuilder
        $container['sessionManager'] = $this->session;
        $container['cookieManager'] = $this->cookieManager;
        $container['loginManager'] = $this->login;
        $container['logger'] = $this->logger;
        $container['basePath'] = $this->basePath;
        $container['plugins'] = function (ShaarliContainer $container): PluginManager {
@ -99,6 +106,7 @@ class ContainerBuilder
            return new PageBuilder(
                $container->conf,
                $container->sessionManager->getSession(),
                $container->logger,
                $container->bookmarkService,
                $container->sessionManager->generateToken(),
                $container->loginManager->isLoggedIn()
@ -150,7 +158,7 @@ class ContainerBuilder
        $container['updater'] = function (ShaarliContainer $container): Updater {
            return new Updater(
-                UpdaterUtils::read_updates_file($container->conf->get('resource.updates')),
+                UpdaterUtils::readUpdatesFile($container->conf->get('resource.updates')),
                $container->bookmarkService,
                $container->conf,
                $container->loginManager->isLoggedIn()
--- a/application/container/ShaarliContainer.php
+++ b/application/container/ShaarliContainer.php
@ -4,6 +4,7 @@ declare(strict_types=1);
 namespace Shaarli\Container;
 use Psr\Log\LoggerInterface;
 use Shaarli\Bookmark\BookmarkServiceInterface;
 use Shaarli\Config\ConfigManager;
 use Shaarli\Feed\FeedBuilder;
@ -36,6 +37,7 @@ use Slim\Container;
 * @property History                  $history
 * @property HttpAccess               $httpAccess
 * @property LoginManager             $loginManager
 * @property LoggerInterface          $logger
 * @property MetadataRetriever        $metadataRetriever
 * @property NetscapeBookmarkUtils    $netscapeBookmarkUtils
 * @property callable                 $notFoundHandler       Overrides default Slim exception display
--- a/application/exceptions/IOException.php
+++ b/application/exceptions/IOException.php
@ -1,4 +1,5 @@
 <?php
 namespace Shaarli\Exceptions;
 use Exception;
--- a/application/feed/FeedBuilder.php
+++ b/application/feed/FeedBuilder.php
@ -1,4 +1,5 @@
 <?php
 namespace Shaarli\Feed;
 use DateTime;
@ -107,14 +108,14 @@ class FeedBuilder
        $nblinksToDisplay = $this->getNbLinks(count($linksToDisplay), $userInput);
        // Can't use array_keys() because $link is a LinkDB instance and not a real array.
-        $keys = array();
+        $keys = [];
        foreach ($linksToDisplay as $key => $value) {
            $keys[] = $key;
        }
        $pageaddr = escape(index_url($this->serverInfo));
        $this->formatter->addContextData('index_url', $pageaddr);
-        $linkDisplayed = array();
+        $linkDisplayed = [];
        for ($i = 0; $i < $nblinksToDisplay && $i < count($keys); $i++) {
            $linkDisplayed[$keys[$i]] = $this->buildItem($feedType, $linksToDisplay[$keys[$i]], $pageaddr);
        }
--- a/application/formatter/BookmarkDefaultFormatter.php
+++ b/application/formatter/BookmarkDefaultFormatter.php
@ -12,8 +12,8 @@ namespace Shaarli\Formatter;
 */
 class BookmarkDefaultFormatter extends BookmarkFormatter
 {
-    const SEARCH_HIGHLIGHT_OPEN = '|@@HIGHLIGHT';
+    protected const SEARCH_HIGHLIGHT_OPEN = '|@@HIGHLIGHT';
-    const SEARCH_HIGHLIGHT_CLOSE = 'HIGHLIGHT@@|';
+    protected const SEARCH_HIGHLIGHT_CLOSE = 'HIGHLIGHT@@|';
    /**
     * @inheritdoc
@ -46,8 +46,13 @@ class BookmarkDefaultFormatter extends BookmarkFormatter
            $bookmark->getDescription() ?? '',
            $bookmark->getAdditionalContentEntry('search_highlight')['description'] ?? []
        );
        $description = format_description(
            escape($description),
            $indexUrl,
            $this->conf->get('formatter_settings.autolink', true)
        );
-        return $this->replaceTokens(format_description(escape($description), $indexUrl));
+        return $this->replaceTokens($description);
    }
    /**
@ -63,15 +68,16 @@ class BookmarkDefaultFormatter extends BookmarkFormatter
     */
    protected function formatTagListHtml($bookmark)
    {
        $tagsSeparator = $this->conf->get('general.tags_separator', ' ');
        if (empty($bookmark->getAdditionalContentEntry('search_highlight')['tags'])) {
            return $this->formatTagList($bookmark);
        }
        $tags = $this->tokenizeSearchHighlightField(
-            $bookmark->getTagsString(),
+            $bookmark->getTagsString($tagsSeparator),
            $bookmark->getAdditionalContentEntry('search_highlight')['tags']
        );
-        $tags = $this->filterTagList(explode(' ', $tags));
+        $tags = $this->filterTagList(tags_str2array($tags, $tagsSeparator));
        $tags = escape($tags);
        $tags = $this->replaceTokensArray($tags);
@ -83,7 +89,7 @@ class BookmarkDefaultFormatter extends BookmarkFormatter
     */
    protected function formatTagString($bookmark)
    {
-        return implode(' ', $this->formatTagList($bookmark));
+        return implode($this->conf->get('general.tags_separator'), $this->formatTagList($bookmark));
    }
    /**
--- a/application/formatter/BookmarkFormatter.php
+++ b/application/formatter/BookmarkFormatter.php
@ -267,7 +267,7 @@ abstract class BookmarkFormatter
     */
    protected function formatTagString($bookmark)
    {
-        return implode(' ', $this->formatTagList($bookmark));
+        return implode($this->conf->get('general.tags_separator', ' '), $this->formatTagList($bookmark));
    }
    /**
@ -351,6 +351,7 @@ abstract class BookmarkFormatter
    /**
     * Format tag list, e.g. remove private tags if the user is not logged in.
     * TODO: this method is called multiple time to format tags, the result should be cached.
     *
     * @param array $tags
     *
--- a/application/formatter/BookmarkMarkdownFormatter.php
+++ b/application/formatter/BookmarkMarkdownFormatter.php
@ -16,7 +16,7 @@ class BookmarkMarkdownFormatter extends BookmarkDefaultFormatter
    /**
     * When this tag is present in a bookmark, its description should not be processed with Markdown
     */
-    const NO_MD_TAG = 'nomarkdown';
+    public const NO_MD_TAG = 'nomarkdown';
    /** @var \Parsedown instance */
    protected $parsedown;
@ -178,14 +178,14 @@ class BookmarkMarkdownFormatter extends BookmarkDefaultFormatter
     */
    protected function sanitizeHtml($description)
    {
-        $escapeTags = array(
+        $escapeTags = [
            'script',
            'style',
            'link',
            'iframe',
            'frameset',
            'frame',
-        );
+        ];
        foreach ($escapeTags as $tag) {
            $description = preg_replace_callback(
                '#<\s*' . $tag . '[^>]*>(.*</\s*' . $tag . '[^>]*>)?#is',
--- a/application/formatter/BookmarkRawFormatter.php
+++ b/application/formatter/BookmarkRawFormatter.php
@ -10,4 +10,6 @@ namespace Shaarli\Formatter;
 *
 * @package Shaarli\Formatter
 */
-class BookmarkRawFormatter extends BookmarkFormatter {}
+class BookmarkRawFormatter extends BookmarkFormatter
 {
 }
--- a/application/front/ShaarliMiddleware.php
+++ b/application/front/ShaarliMiddleware.php
@ -42,7 +42,8 @@ class ShaarliMiddleware
        $this->initBasePath($request);
        try {
-            if (!is_file($this->container->conf->getConfigFileExt())
+            if (
                !is_file($this->container->conf->getConfigFileExt())
                && !in_array($next->getName(), ['displayInstall', 'saveInstall'], true)
            ) {
                return $response->withRedirect($this->container->basePath . '/install');
@ -86,7 +87,8 @@ class ShaarliMiddleware
     */
    protected function checkOpenShaarli(Request $request, Response $response, callable $next): bool
    {
-        if (// if the user isn't logged in
+        if (
 // if the user isn't logged in
            !$this->container->loginManager->isLoggedIn()
            // and Shaarli doesn't have public content...
            && $this->container->conf->get('privacy.hide_public_links')
--- a/application/front/controller/admin/ConfigureController.php
+++ b/application/front/controller/admin/ConfigureController.php
@ -51,7 +51,10 @@ class ConfigureController extends ShaarliAdminController
        $this->assignView('languages', Languages::getAvailableLanguages());
        $this->assignView('gd_enabled', extension_loaded('gd'));
        $this->assignView('thumbnails_mode', $this->container->conf->get('thumbnails.mode', Thumbnailer::MODE_NONE));
-        $this->assignView('pagetitle', t('Configure') .' - '. $this->container->conf->get('general.title', 'Shaarli'));
+        $this->assignView(
            'pagetitle',
            t('Configure') . ' - ' . $this->container->conf->get('general.title', 'Shaarli')
        );
        return $response->write($this->render(TemplatePage::CONFIGURE));
    }
@ -95,12 +98,15 @@ class ConfigureController extends ShaarliAdminController
        }
        $thumbnailsMode = extension_loaded('gd') ? $request->getParam('enableThumbnails') : Thumbnailer::MODE_NONE;
-        if ($thumbnailsMode !== Thumbnailer::MODE_NONE
+        if (
            $thumbnailsMode !== Thumbnailer::MODE_NONE
            && $thumbnailsMode !== $this->container->conf->get('thumbnails.mode', Thumbnailer::MODE_NONE)
        ) {
            $this->saveWarningMessage(
                t('You have enabled or changed thumbnails mode.') .
-                '<a href="'. $this->container->basePath .'/admin/thumbnails">' . t('Please synchronize them.') .'</a>'
+                '<a href="' . $this->container->basePath . '/admin/thumbnails">' .
                    t('Please synchronize them.') .
                '</a>'
            );
        }
        $this->container->conf->set('thumbnails.mode', $thumbnailsMode);
--- a/application/front/controller/admin/ManageShaareController.php
+++ b/application/front/controller/admin/ManageShaareController.php
@ -1,360 +0,0 @@
 <?php
 declare(strict_types=1);
 namespace Shaarli\Front\Controller\Admin;
 use Shaarli\Bookmark\Bookmark;
 use Shaarli\Bookmark\Exception\BookmarkNotFoundException;
 use Shaarli\Formatter\BookmarkMarkdownFormatter;
 use Shaarli\Render\TemplatePage;
 use Shaarli\Thumbnailer;
 use Slim\Http\Request;
 use Slim\Http\Response;
 /**
 * Class PostBookmarkController
 *
 * Slim controller used to handle Shaarli create or edit bookmarks.
 */
 class ManageShaareController extends ShaarliAdminController
 {
    /**
     * GET /admin/add-shaare - Displays the form used to create a new bookmark from an URL
     */
    public function addShaare(Request $request, Response $response): Response
    {
        $this->assignView(
            'pagetitle',
            t('Shaare a new link') .' - '. $this->container->conf->get('general.title', 'Shaarli')
        );
        return $response->write($this->render(TemplatePage::ADDLINK));
    }
    /**
     * GET /admin/shaare - Displays the bookmark form for creation.
     *                     Note that if the URL is found in existing bookmarks, then it will be in edit mode.
     */
    public function displayCreateForm(Request $request, Response $response): Response
    {
        $url = cleanup_url($request->getParam('post'));
        $linkIsNew = false;
        // Check if URL is not already in database (in this case, we will edit the existing link)
        $bookmark = $this->container->bookmarkService->findByUrl($url);
        if (null === $bookmark) {
            $linkIsNew = true;
            // Get shaare data if it was provided in URL (e.g.: by the bookmarklet).
            $title = $request->getParam('title');
            $description = $request->getParam('description');
            $tags = $request->getParam('tags');
            $private = filter_var($request->getParam('private'), FILTER_VALIDATE_BOOLEAN);
            // If this is an HTTP(S) link, we try go get the page to extract
            // the title (otherwise we will to straight to the edit form.)
            if (true !== $this->container->conf->get('general.enable_async_metadata', true)
                && empty($title)
                && strpos(get_url_scheme($url) ?: '', 'http') !== false
            ) {
                $metadata = $this->container->metadataRetriever->retrieve($url);
            }
            if (empty($url)) {
                $metadata['title'] = $this->container->conf->get('general.default_note_title', t('Note: '));
            }
            $link = [
                'title' => $title ?? $metadata['title'] ?? '',
                'url' => $url ?? '',
                'description' => $description ?? $metadata['description'] ?? '',
                'tags' => $tags ?? $metadata['tags'] ?? '',
                'private' => $private,
            ];
        } else {
            $formatter = $this->container->formatterFactory->getFormatter('raw');
            $link = $formatter->format($bookmark);
        }
        return $this->displayForm($link, $linkIsNew, $request, $response);
    }
    /**
     * GET /admin/shaare/{id} - Displays the bookmark form in edition mode.
     */
    public function displayEditForm(Request $request, Response $response, array $args): Response
    {
        $id = $args['id'] ?? '';
        try {
            if (false === ctype_digit($id)) {
                throw new BookmarkNotFoundException();
            }
            $bookmark = $this->container->bookmarkService->get((int) $id);  // Read database
        } catch (BookmarkNotFoundException $e) {
            $this->saveErrorMessage(sprintf(
                t('Bookmark with identifier %s could not be found.'),
                $id
            ));
            return $this->redirect($response, '/');
        }
        $formatter = $this->container->formatterFactory->getFormatter('raw');
        $link = $formatter->format($bookmark);
        return $this->displayForm($link, false, $request, $response);
    }
    /**
     * POST /admin/shaare
     */
    public function save(Request $request, Response $response): Response
    {
        $this->checkToken($request);
        // lf_id should only be present if the link exists.
        $id = $request->getParam('lf_id') !== null ? intval(escape($request->getParam('lf_id'))) : null;
        if (null !== $id && true === $this->container->bookmarkService->exists($id)) {
            // Edit
            $bookmark = $this->container->bookmarkService->get($id);
        } else {
            // New link
            $bookmark = new Bookmark();
        }
        $bookmark->setTitle($request->getParam('lf_title'));
        $bookmark->setDescription($request->getParam('lf_description'));
        $bookmark->setUrl($request->getParam('lf_url'), $this->container->conf->get('security.allowed_protocols', []));
        $bookmark->setPrivate(filter_var($request->getParam('lf_private'), FILTER_VALIDATE_BOOLEAN));
        $bookmark->setTagsString($request->getParam('lf_tags'));
        if ($this->container->conf->get('thumbnails.mode', Thumbnailer::MODE_NONE) !== Thumbnailer::MODE_NONE
            && true !== $this->container->conf->get('general.enable_async_metadata', true)
            && $bookmark->shouldUpdateThumbnail()
        ) {
            $bookmark->setThumbnail($this->container->thumbnailer->get($bookmark->getUrl()));
        }
        $this->container->bookmarkService->addOrSet($bookmark, false);
        // To preserve backward compatibility with 3rd parties, plugins still use arrays
        $formatter = $this->container->formatterFactory->getFormatter('raw');
        $data = $formatter->format($bookmark);
        $this->executePageHooks('save_link', $data);
        $bookmark->fromArray($data);
        $this->container->bookmarkService->set($bookmark);
        // If we are called from the bookmarklet, we must close the popup:
        if ($request->getParam('source') === 'bookmarklet') {
            return $response->write('<script>self.close();</script>');
        }
        if (!empty($request->getParam('returnurl'))) {
            $this->container->environment['HTTP_REFERER'] = escape($request->getParam('returnurl'));
        }
        return $this->redirectFromReferer(
            $request,
            $response,
            ['/admin/add-shaare', '/admin/shaare'], ['addlink', 'post', 'edit_link'],
            $bookmark->getShortUrl()
        );
    }
    /**
     * GET /admin/shaare/delete - Delete one or multiple bookmarks (depending on `id` query parameter).
     */
    public function deleteBookmark(Request $request, Response $response): Response
    {
        $this->checkToken($request);
        $ids = escape(trim($request->getParam('id') ?? ''));
        if (empty($ids) || strpos($ids, ' ') !== false) {
            // multiple, space-separated ids provided
            $ids = array_values(array_filter(preg_split('/\s+/', $ids), 'ctype_digit'));
        } else {
            $ids = [$ids];
        }
        // assert at least one id is given
        if (0 === count($ids)) {
            $this->saveErrorMessage(t('Invalid bookmark ID provided.'));
            return $this->redirectFromReferer($request, $response, [], ['delete-shaare']);
        }
        $formatter = $this->container->formatterFactory->getFormatter('raw');
        $count = 0;
        foreach ($ids as $id) {
            try {
                $bookmark = $this->container->bookmarkService->get((int) $id);
            } catch (BookmarkNotFoundException $e) {
                $this->saveErrorMessage(sprintf(
                    t('Bookmark with identifier %s could not be found.'),
                    $id
                ));
                continue;
            }
            $data = $formatter->format($bookmark);
            $this->executePageHooks('delete_link', $data);
            $this->container->bookmarkService->remove($bookmark, false);
            ++ $count;
        }
        if ($count > 0) {
            $this->container->bookmarkService->save();
        }
        // If we are called from the bookmarklet, we must close the popup:
        if ($request->getParam('source') === 'bookmarklet') {
            return $response->write('<script>self.close();</script>');
        }
        // Don't redirect to where we were previously because the datastore has changed.
        return $this->redirect($response, '/');
    }
    /**
     * GET /admin/shaare/visibility
     *
     * Change visibility (public/private) of one or multiple bookmarks (depending on `id` query parameter).
     */
    public function changeVisibility(Request $request, Response $response): Response
    {
        $this->checkToken($request);
        $ids = trim(escape($request->getParam('id') ?? ''));
        if (empty($ids) || strpos($ids, ' ') !== false) {
            // multiple, space-separated ids provided
            $ids = array_values(array_filter(preg_split('/\s+/', $ids), 'ctype_digit'));
        } else {
            // only a single id provided
            $ids = [$ids];
        }
        // assert at least one id is given
        if (0 === count($ids)) {
            $this->saveErrorMessage(t('Invalid bookmark ID provided.'));
            return $this->redirectFromReferer($request, $response, [], ['change_visibility']);
        }
        // assert that the visibility is valid
        $visibility = $request->getParam('newVisibility');
        if (null === $visibility || false === in_array($visibility, ['public', 'private'], true)) {
            $this->saveErrorMessage(t('Invalid visibility provided.'));
            return $this->redirectFromReferer($request, $response, [], ['change_visibility']);
        } else {
            $isPrivate = $visibility === 'private';
        }
        $formatter = $this->container->formatterFactory->getFormatter('raw');
        $count = 0;
        foreach ($ids as $id) {
            try {
                $bookmark = $this->container->bookmarkService->get((int) $id);
            } catch (BookmarkNotFoundException $e) {
                $this->saveErrorMessage(sprintf(
                    t('Bookmark with identifier %s could not be found.'),
                    $id
                ));
                continue;
            }
            $bookmark->setPrivate($isPrivate);
            // To preserve backward compatibility with 3rd parties, plugins still use arrays
            $data = $formatter->format($bookmark);
            $this->executePageHooks('save_link', $data);
            $bookmark->fromArray($data);
            $this->container->bookmarkService->set($bookmark, false);
            ++$count;
        }
        if ($count > 0) {
            $this->container->bookmarkService->save();
        }
        return $this->redirectFromReferer($request, $response, ['/visibility'], ['change_visibility']);
    }
    /**
     * GET /admin/shaare/{id}/pin - Pin or unpin a bookmark.
     */
    public function pinBookmark(Request $request, Response $response, array $args): Response
    {
        $this->checkToken($request);
        $id = $args['id'] ?? '';
        try {
            if (false === ctype_digit($id)) {
                throw new BookmarkNotFoundException();
            }
            $bookmark = $this->container->bookmarkService->get((int) $id);  // Read database
        } catch (BookmarkNotFoundException $e) {
            $this->saveErrorMessage(sprintf(
                t('Bookmark with identifier %s could not be found.'),
                $id
            ));
            return $this->redirectFromReferer($request, $response, ['/pin'], ['pin']);
        }
        $formatter = $this->container->formatterFactory->getFormatter('raw');
        $bookmark->setSticky(!$bookmark->isSticky());
        // To preserve backward compatibility with 3rd parties, plugins still use arrays
        $data = $formatter->format($bookmark);
        $this->executePageHooks('save_link', $data);
        $bookmark->fromArray($data);
        $this->container->bookmarkService->set($bookmark);
        return $this->redirectFromReferer($request, $response, ['/pin'], ['pin']);
    }
    /**
     * Helper function used to display the shaare form whether it's a new or existing bookmark.
     *
     * @param array $link data used in template, either from parameters or from the data store
     */
    protected function displayForm(array $link, bool $isNew, Request $request, Response $response): Response
    {
        $tags = $this->container->bookmarkService->bookmarksCountPerTag();
        if ($this->container->conf->get('formatter') === 'markdown') {
            $tags[BookmarkMarkdownFormatter::NO_MD_TAG] = 1;
        }
        $data = escape([
            'link' => $link,
            'link_is_new' => $isNew,
            'http_referer' => $this->container->environment['HTTP_REFERER'] ?? '',
            'source' => $request->getParam('source') ?? '',
            'tags' => $tags,
            'default_private_links' => $this->container->conf->get('privacy.default_private_links', false),
            'async_metadata' => $this->container->conf->get('general.enable_async_metadata', true),
            'retrieve_description' => $this->container->conf->get('general.retrieve_description', false),
        ]);
        $this->executePageHooks('render_editlink', $data, TemplatePage::EDIT_LINK);
        foreach ($data as $key => $value) {
            $this->assignView($key, $value);
        }
        $editLabel = false === $isNew ? t('Edit') .' ' : '';
        $this->assignView(
            'pagetitle',
            $editLabel . t('Shaare') .' - '. $this->container->conf->get('general.title', 'Shaarli')
        );
        return $response->write($this->render(TemplatePage::EDIT_LINK));
    }
 }
--- a/application/front/controller/admin/ManageTagController.php
+++ b/application/front/controller/admin/ManageTagController.php
@ -24,6 +24,12 @@ class ManageTagController extends ShaarliAdminController
        $fromTag = $request->getParam('fromtag') ?? '';
        $this->assignView('fromtag', escape($fromTag));
        $separator = escape($this->container->conf->get('general.tags_separator', ' '));
        if ($separator === ' ') {
            $separator = '&nbsp;';
            $this->assignView('tags_separator_desc', t('whitespace'));
        }
        $this->assignView('tags_separator', $separator);
        $this->assignView(
            'pagetitle',
            t('Manage tags') . ' - ' . $this->container->conf->get('general.title', 'Shaarli')
@ -85,4 +91,31 @@ class ManageTagController extends ShaarliAdminController
        return $this->redirect($response, $redirect);
    }
    /**
     * POST /admin/tags/change-separator - Change tag separator
     */
    public function changeSeparator(Request $request, Response $response): Response
    {
        $this->checkToken($request);
        $reservedCharacters = ['-', '.', '*'];
        $newSeparator = $request->getParam('separator');
        if ($newSeparator === null || mb_strlen($newSeparator) !== 1) {
            $this->saveErrorMessage(t('Tags separator must be a single character.'));
        } elseif (in_array($newSeparator, $reservedCharacters, true)) {
            $reservedCharacters = implode(' ', array_map(function (string $character) {
                return '<code>' . $character . '</code>';
            }, $reservedCharacters));
            $this->saveErrorMessage(
                t('These characters are reserved and can\'t be used as tags separator: ') . $reservedCharacters
            );
        } else {
            $this->container->conf->set('general.tags_separator', $newSeparator, true, true);
            $this->saveSuccessMessage('Your tags separator setting has been updated!');
        }
        return $this->redirect($response, '/admin/tags');
    }
 }
--- a/application/front/controller/admin/ServerController.php
+++ b/application/front/controller/admin/ServerController.php
@ -0,0 +1,96 @@
 <?php
 declare(strict_types=1);
 namespace Shaarli\Front\Controller\Admin;
 use Shaarli\Helper\ApplicationUtils;
 use Shaarli\Helper\FileUtils;
 use Slim\Http\Request;
 use Slim\Http\Response;
 /**
 * Slim controller used to handle Server administration page, and actions.
 */
 class ServerController extends ShaarliAdminController
 {
    /** @var string Cache type - main - by default pagecache/ and tmp/ */
    protected const CACHE_MAIN = 'main';
    /** @var string Cache type - thumbnails - by default cache/ */
    protected const CACHE_THUMB = 'thumbnails';
    /**
     * GET /admin/server - Display page Server administration
     */
    public function index(Request $request, Response $response): Response
    {
        $releaseUrl = ApplicationUtils::$GITHUB_URL . '/releases/';
        if ($this->container->conf->get('updates.check_updates', true)) {
            $latestVersion = 'v' . ApplicationUtils::getVersion(
                ApplicationUtils::$GIT_RAW_URL . '/latest/' . ApplicationUtils::$VERSION_FILE
            );
            $releaseUrl .= 'tag/' . $latestVersion;
        } else {
            $latestVersion = t('Check disabled');
        }
        $currentVersion = ApplicationUtils::getVersion('./shaarli_version.php');
        $currentVersion = $currentVersion === 'dev' ? $currentVersion : 'v' . $currentVersion;
        $phpEol = new \DateTimeImmutable(ApplicationUtils::getPhpEol(PHP_VERSION));
        $this->assignView('php_version', PHP_VERSION);
        $this->assignView('php_eol', format_date($phpEol, false));
        $this->assignView('php_has_reached_eol', $phpEol < new \DateTimeImmutable());
        $this->assignView('php_extensions', ApplicationUtils::getPhpExtensionsRequirement());
        $this->assignView('permissions', ApplicationUtils::checkResourcePermissions($this->container->conf));
        $this->assignView('release_url', $releaseUrl);
        $this->assignView('latest_version', $latestVersion);
        $this->assignView('current_version', $currentVersion);
        $this->assignView('thumbnails_mode', $this->container->conf->get('thumbnails.mode'));
        $this->assignView('index_url', index_url($this->container->environment));
        $this->assignView('client_ip', client_ip_id($this->container->environment));
        $this->assignView('trusted_proxies', $this->container->conf->get('security.trusted_proxies', []));
        $this->assignView(
            'pagetitle',
            t('Server administration') . ' - ' . $this->container->conf->get('general.title', 'Shaarli')
        );
        return $response->write($this->render('server'));
    }
    /**
     * GET /admin/clear-cache?type={$type} - Action to trigger cache folder clearing (either main or thumbnails).
     */
    public function clearCache(Request $request, Response $response): Response
    {
        $exclude = ['.htaccess'];
        if ($request->getQueryParam('type') === static::CACHE_THUMB) {
            $folders = [$this->container->conf->get('resource.thumbnails_cache')];
            $this->saveWarningMessage(
                t('Thumbnails cache has been cleared.') . ' ' .
                '<a href="' . $this->container->basePath . '/admin/thumbnails">' .
                    t('Please synchronize them.') .
                '</a>'
            );
        } else {
            $folders = [
                $this->container->conf->get('resource.page_cache'),
                $this->container->conf->get('resource.raintpl_tmp'),
            ];
            $this->saveSuccessMessage(t('Shaarli\'s cache folder has been cleared!'));
        }
        // Make sure that we don't delete root cache folder
        $folders = array_map('realpath', array_values(array_filter(array_map('trim', $folders))));
        foreach ($folders as $folder) {
            FileUtils::clearFolder($folder, false, $exclude);
        }
        return $this->redirect($response, '/admin/server');
    }
 }
--- a/application/front/controller/admin/SessionFilterController.php
+++ b/application/front/controller/admin/SessionFilterController.php
@ -45,6 +45,4 @@ class SessionFilterController extends ShaarliAdminController
        return $this->redirectFromReferer($request, $response, ['visibility']);
    }
 }
--- a/application/front/controller/admin/ShaareAddController.php
+++ b/application/front/controller/admin/ShaareAddController.php
@ -0,0 +1,34 @@
 <?php
 declare(strict_types=1);
 namespace Shaarli\Front\Controller\Admin;
 use Shaarli\Formatter\BookmarkMarkdownFormatter;
 use Shaarli\Render\TemplatePage;
 use Slim\Http\Request;
 use Slim\Http\Response;
 class ShaareAddController extends ShaarliAdminController
 {
    /**
     * GET /admin/add-shaare - Displays the form used to create a new bookmark from an URL
     */
    public function addShaare(Request $request, Response $response): Response
    {
        $tags = $this->container->bookmarkService->bookmarksCountPerTag();
        if ($this->container->conf->get('formatter') === 'markdown') {
            $tags[BookmarkMarkdownFormatter::NO_MD_TAG] = 1;
        }
        $this->assignView(
            'pagetitle',
            t('Shaare a new link') . ' - ' . $this->container->conf->get('general.title', 'Shaarli')
        );
        $this->assignView('tags', $tags);
        $this->assignView('default_private_links', $this->container->conf->get('privacy.default_private_links', false));
        $this->assignView('async_metadata', $this->container->conf->get('general.enable_async_metadata', true));
        return $response->write($this->render(TemplatePage::ADDLINK));
    }
 }
--- a/application/front/controller/admin/ShaareManageController.php
+++ b/application/front/controller/admin/ShaareManageController.php
@ -0,0 +1,202 @@
 <?php
 declare(strict_types=1);
 namespace Shaarli\Front\Controller\Admin;
 use Shaarli\Bookmark\Exception\BookmarkNotFoundException;
 use Slim\Http\Request;
 use Slim\Http\Response;
 /**
 * Class PostBookmarkController
 *
 * Slim controller used to handle Shaarli create or edit bookmarks.
 */
 class ShaareManageController extends ShaarliAdminController
 {
    /**
     * GET /admin/shaare/delete - Delete one or multiple bookmarks (depending on `id` query parameter).
     */
    public function deleteBookmark(Request $request, Response $response): Response
    {
        $this->checkToken($request);
        $ids = escape(trim($request->getParam('id') ?? ''));
        if (empty($ids) || strpos($ids, ' ') !== false) {
            // multiple, space-separated ids provided
            $ids = array_values(array_filter(preg_split('/\s+/', $ids), 'ctype_digit'));
        } else {
            $ids = [$ids];
        }
        // assert at least one id is given
        if (0 === count($ids)) {
            $this->saveErrorMessage(t('Invalid bookmark ID provided.'));
            return $this->redirectFromReferer($request, $response, [], ['delete-shaare']);
        }
        $formatter = $this->container->formatterFactory->getFormatter('raw');
        $count = 0;
        foreach ($ids as $id) {
            try {
                $bookmark = $this->container->bookmarkService->get((int) $id);
            } catch (BookmarkNotFoundException $e) {
                $this->saveErrorMessage(sprintf(
                    t('Bookmark with identifier %s could not be found.'),
                    $id
                ));
                continue;
            }
            $data = $formatter->format($bookmark);
            $this->executePageHooks('delete_link', $data);
            $this->container->bookmarkService->remove($bookmark, false);
            ++$count;
        }
        if ($count > 0) {
            $this->container->bookmarkService->save();
        }
        // If we are called from the bookmarklet, we must close the popup:
        if ($request->getParam('source') === 'bookmarklet') {
            return $response->write('<script>self.close();</script>');
        }
        // Don't redirect to permalink after deletion.
        return $this->redirectFromReferer($request, $response, ['shaare/']);
    }
    /**
     * GET /admin/shaare/visibility
     *
     * Change visibility (public/private) of one or multiple bookmarks (depending on `id` query parameter).
     */
    public function changeVisibility(Request $request, Response $response): Response
    {
        $this->checkToken($request);
        $ids = trim(escape($request->getParam('id') ?? ''));
        if (empty($ids) || strpos($ids, ' ') !== false) {
            // multiple, space-separated ids provided
            $ids = array_values(array_filter(preg_split('/\s+/', $ids), 'ctype_digit'));
        } else {
            // only a single id provided
            $ids = [$ids];
        }
        // assert at least one id is given
        if (0 === count($ids)) {
            $this->saveErrorMessage(t('Invalid bookmark ID provided.'));
            return $this->redirectFromReferer($request, $response, [], ['change_visibility']);
        }
        // assert that the visibility is valid
        $visibility = $request->getParam('newVisibility');
        if (null === $visibility || false === in_array($visibility, ['public', 'private'], true)) {
            $this->saveErrorMessage(t('Invalid visibility provided.'));
            return $this->redirectFromReferer($request, $response, [], ['change_visibility']);
        } else {
            $isPrivate = $visibility === 'private';
        }
        $formatter = $this->container->formatterFactory->getFormatter('raw');
        $count = 0;
        foreach ($ids as $id) {
            try {
                $bookmark = $this->container->bookmarkService->get((int) $id);
            } catch (BookmarkNotFoundException $e) {
                $this->saveErrorMessage(sprintf(
                    t('Bookmark with identifier %s could not be found.'),
                    $id
                ));
                continue;
            }
            $bookmark->setPrivate($isPrivate);
            // To preserve backward compatibility with 3rd parties, plugins still use arrays
            $data = $formatter->format($bookmark);
            $this->executePageHooks('save_link', $data);
            $bookmark->fromArray($data, $this->container->conf->get('general.tags_separator', ' '));
            $this->container->bookmarkService->set($bookmark, false);
            ++$count;
        }
        if ($count > 0) {
            $this->container->bookmarkService->save();
        }
        return $this->redirectFromReferer($request, $response, ['/visibility'], ['change_visibility']);
    }
    /**
     * GET /admin/shaare/{id}/pin - Pin or unpin a bookmark.
     */
    public function pinBookmark(Request $request, Response $response, array $args): Response
    {
        $this->checkToken($request);
        $id = $args['id'] ?? '';
        try {
            if (false === ctype_digit($id)) {
                throw new BookmarkNotFoundException();
            }
            $bookmark = $this->container->bookmarkService->get((int) $id);  // Read database
        } catch (BookmarkNotFoundException $e) {
            $this->saveErrorMessage(sprintf(
                t('Bookmark with identifier %s could not be found.'),
                $id
            ));
            return $this->redirectFromReferer($request, $response, ['/pin'], ['pin']);
        }
        $formatter = $this->container->formatterFactory->getFormatter('raw');
        $bookmark->setSticky(!$bookmark->isSticky());
        // To preserve backward compatibility with 3rd parties, plugins still use arrays
        $data = $formatter->format($bookmark);
        $this->executePageHooks('save_link', $data);
        $bookmark->fromArray($data, $this->container->conf->get('general.tags_separator', ' '));
        $this->container->bookmarkService->set($bookmark);
        return $this->redirectFromReferer($request, $response, ['/pin'], ['pin']);
    }
    /**
     * GET /admin/shaare/private/{hash} - Attach a private key to given bookmark, then redirect to the sharing URL.
     */
    public function sharePrivate(Request $request, Response $response, array $args): Response
    {
        $this->checkToken($request);
        $hash = $args['hash'] ?? '';
        $bookmark = $this->container->bookmarkService->findByHash($hash);
        if ($bookmark->isPrivate() !== true) {
            return $this->redirect($response, '/shaare/' . $hash);
        }
        if (empty($bookmark->getAdditionalContentEntry('private_key'))) {
            $privateKey = bin2hex(random_bytes(16));
            $bookmark->addAdditionalContentEntry('private_key', $privateKey);
            $this->container->bookmarkService->set($bookmark);
        }
        return $this->redirect(
            $response,
            '/shaare/' . $hash . '?key=' . $bookmark->getAdditionalContentEntry('private_key')
        );
    }
 }
--- a/application/front/controller/admin/ShaarePublishController.php
+++ b/application/front/controller/admin/ShaarePublishController.php
@ -0,0 +1,274 @@
 <?php
 declare(strict_types=1);
 namespace Shaarli\Front\Controller\Admin;
 use Shaarli\Bookmark\Bookmark;
 use Shaarli\Bookmark\Exception\BookmarkNotFoundException;
 use Shaarli\Formatter\BookmarkFormatter;
 use Shaarli\Formatter\BookmarkMarkdownFormatter;
 use Shaarli\Render\TemplatePage;
 use Shaarli\Thumbnailer;
 use Slim\Http\Request;
 use Slim\Http\Response;
 class ShaarePublishController extends ShaarliAdminController
 {
    /**
     * @var BookmarkFormatter[] Statically cached instances of formatters
     */
    protected $formatters = [];
    /**
     * @var array Statically cached bookmark's tags counts
     */
    protected $tags;
    /**
     * GET /admin/shaare - Displays the bookmark form for creation.
     *                     Note that if the URL is found in existing bookmarks, then it will be in edit mode.
     */
    public function displayCreateForm(Request $request, Response $response): Response
    {
        $url = cleanup_url($request->getParam('post'));
        $link = $this->buildLinkDataFromUrl($request, $url);
        return $this->displayForm($link, $link['linkIsNew'], $request, $response);
    }
    /**
     * POST /admin/shaare-batch - Displays multiple creation/edit forms from bulk add in add-link page.
     */
    public function displayCreateBatchForms(Request $request, Response $response): Response
    {
        $urls = array_map('cleanup_url', explode(PHP_EOL, $request->getParam('urls')));
        $links = [];
        foreach ($urls as $url) {
            if (empty($url)) {
                continue;
            }
            $link = $this->buildLinkDataFromUrl($request, $url);
            $data = $this->buildFormData($link, $link['linkIsNew'], $request);
            $data['token'] = $this->container->sessionManager->generateToken();
            $data['source'] = 'batch';
            $this->executePageHooks('render_editlink', $data, TemplatePage::EDIT_LINK);
            $links[] = $data;
        }
        $this->assignView('links', $links);
        $this->assignView('batch_mode', true);
        $this->assignView('async_metadata', $this->container->conf->get('general.enable_async_metadata', true));
        return $response->write($this->render(TemplatePage::EDIT_LINK_BATCH));
    }
    /**
     * GET /admin/shaare/{id} - Displays the bookmark form in edition mode.
     */
    public function displayEditForm(Request $request, Response $response, array $args): Response
    {
        $id = $args['id'] ?? '';
        try {
            if (false === ctype_digit($id)) {
                throw new BookmarkNotFoundException();
            }
            $bookmark = $this->container->bookmarkService->get((int) $id);  // Read database
        } catch (BookmarkNotFoundException $e) {
            $this->saveErrorMessage(sprintf(
                t('Bookmark with identifier %s could not be found.'),
                $id
            ));
            return $this->redirect($response, '/');
        }
        $formatter = $this->getFormatter('raw');
        $link = $formatter->format($bookmark);
        return $this->displayForm($link, false, $request, $response);
    }
    /**
     * POST /admin/shaare
     */
    public function save(Request $request, Response $response): Response
    {
        $this->checkToken($request);
        // lf_id should only be present if the link exists.
        $id = $request->getParam('lf_id') !== null ? intval(escape($request->getParam('lf_id'))) : null;
        if (null !== $id && true === $this->container->bookmarkService->exists($id)) {
            // Edit
            $bookmark = $this->container->bookmarkService->get($id);
        } else {
            // New link
            $bookmark = new Bookmark();
        }
        $bookmark->setTitle($request->getParam('lf_title'));
        $bookmark->setDescription($request->getParam('lf_description'));
        $bookmark->setUrl($request->getParam('lf_url'), $this->container->conf->get('security.allowed_protocols', []));
        $bookmark->setPrivate(filter_var($request->getParam('lf_private'), FILTER_VALIDATE_BOOLEAN));
        $bookmark->setTagsString(
            $request->getParam('lf_tags'),
            $this->container->conf->get('general.tags_separator', ' ')
        );
        if (
            $this->container->conf->get('thumbnails.mode', Thumbnailer::MODE_NONE) !== Thumbnailer::MODE_NONE
            && true !== $this->container->conf->get('general.enable_async_metadata', true)
            && $bookmark->shouldUpdateThumbnail()
        ) {
            $bookmark->setThumbnail($this->container->thumbnailer->get($bookmark->getUrl()));
        }
        $this->container->bookmarkService->addOrSet($bookmark, false);
        // To preserve backward compatibility with 3rd parties, plugins still use arrays
        $formatter = $this->getFormatter('raw');
        $data = $formatter->format($bookmark);
        $this->executePageHooks('save_link', $data);
        $bookmark->fromArray($data, $this->container->conf->get('general.tags_separator', ' '));
        $this->container->bookmarkService->set($bookmark);
        // If we are called from the bookmarklet, we must close the popup:
        if ($request->getParam('source') === 'bookmarklet') {
            return $response->write('<script>self.close();</script>');
        } elseif ($request->getParam('source') === 'batch') {
            return $response;
        }
        if (!empty($request->getParam('returnurl'))) {
            $this->container->environment['HTTP_REFERER'] = $request->getParam('returnurl');
        }
        return $this->redirectFromReferer(
            $request,
            $response,
            ['/admin/add-shaare', '/admin/shaare'],
            ['addlink', 'post', 'edit_link'],
            $bookmark->getShortUrl()
        );
    }
    /**
     * Helper function used to display the shaare form whether it's a new or existing bookmark.
     *
     * @param array $link data used in template, either from parameters or from the data store
     */
    protected function displayForm(array $link, bool $isNew, Request $request, Response $response): Response
    {
        $data = $this->buildFormData($link, $isNew, $request);
        $this->executePageHooks('render_editlink', $data, TemplatePage::EDIT_LINK);
        foreach ($data as $key => $value) {
            $this->assignView($key, $value);
        }
        $editLabel = false === $isNew ? t('Edit') . ' ' : '';
        $this->assignView(
            'pagetitle',
            $editLabel . t('Shaare') . ' - ' . $this->container->conf->get('general.title', 'Shaarli')
        );
        return $response->write($this->render(TemplatePage::EDIT_LINK));
    }
    protected function buildLinkDataFromUrl(Request $request, string $url): array
    {
        // Check if URL is not already in database (in this case, we will edit the existing link)
        $bookmark = $this->container->bookmarkService->findByUrl($url);
        if (null === $bookmark) {
            // Get shaare data if it was provided in URL (e.g.: by the bookmarklet).
            $title = $request->getParam('title');
            $description = $request->getParam('description');
            $tags = $request->getParam('tags');
            if ($request->getParam('private') !== null) {
                $private = filter_var($request->getParam('private'), FILTER_VALIDATE_BOOLEAN);
            } else {
                $private = $this->container->conf->get('privacy.default_private_links', false);
            }
            // If this is an HTTP(S) link, we try go get the page to extract
            // the title (otherwise we will to straight to the edit form.)
            if (
                true !== $this->container->conf->get('general.enable_async_metadata', true)
                && empty($title)
                && strpos(get_url_scheme($url) ?: '', 'http') !== false
            ) {
                $metadata = $this->container->metadataRetriever->retrieve($url);
            }
            if (empty($url)) {
                $metadata['title'] = $this->container->conf->get('general.default_note_title', t('Note: '));
            }
            return [
                'title' => $title ?? $metadata['title'] ?? '',
                'url' => $url ?? '',
                'description' => $description ?? $metadata['description'] ?? '',
                'tags' => $tags ?? $metadata['tags'] ?? '',
                'private' => $private,
                'linkIsNew' => true,
            ];
        }
        $formatter = $this->getFormatter('raw');
        $link = $formatter->format($bookmark);
        $link['linkIsNew'] = false;
        return $link;
    }
    protected function buildFormData(array $link, bool $isNew, Request $request): array
    {
        $link['tags'] = strlen($link['tags']) > 0
            ? $link['tags'] . $this->container->conf->get('general.tags_separator', ' ')
            : $link['tags']
        ;
        return escape([
            'link' => $link,
            'link_is_new' => $isNew,
            'http_referer' => $this->container->environment['HTTP_REFERER'] ?? '',
            'source' => $request->getParam('source') ?? '',
            'tags' => $this->getTags(),
            'default_private_links' => $this->container->conf->get('privacy.default_private_links', false),
            'async_metadata' => $this->container->conf->get('general.enable_async_metadata', true),
            'retrieve_description' => $this->container->conf->get('general.retrieve_description', false),
        ]);
    }
    /**
     * Memoize formatterFactory->getFormatter() calls.
     */
    protected function getFormatter(string $type): BookmarkFormatter
    {
        if (!array_key_exists($type, $this->formatters) || $this->formatters[$type] === null) {
            $this->formatters[$type] = $this->container->formatterFactory->getFormatter($type);
        }
        return $this->formatters[$type];
    }
    /**
     * Memoize bookmarkService->bookmarksCountPerTag() calls.
     */
    protected function getTags(): array
    {
        if ($this->tags === null) {
            $this->tags = $this->container->bookmarkService->bookmarksCountPerTag();
            if ($this->container->conf->get('formatter') === 'markdown') {
                $this->tags[BookmarkMarkdownFormatter::NO_MD_TAG] = 1;
            }
        }
        return $this->tags;
    }
 }
--- a/application/front/controller/visitor/BookmarkListController.php
+++ b/application/front/controller/visitor/BookmarkListController.php
@ -35,7 +35,8 @@ class BookmarkListController extends ShaarliVisitorController
        $formatter->addContextData('base_path', $this->container->basePath);
        $searchTags = normalize_spaces($request->getParam('searchtags') ?? '');
-        $searchTerm = escape(normalize_spaces($request->getParam('searchterm') ?? ''));;
+        $searchTerm = escape(normalize_spaces($request->getParam('searchterm') ?? ''));
        ;
        // Filter bookmarks according search parameters.
        $visibility = $this->container->sessionManager->getSessionParameter('visibility');
@ -95,6 +96,10 @@ class BookmarkListController extends ShaarliVisitorController
            $next_page_url = '?page=' . ($page - 1) . $searchtermUrl . $searchtagsUrl;
        }
        $tagsSeparator = $this->container->conf->get('general.tags_separator', ' ');
        $searchTagsUrlEncoded = array_map('urlencode', tags_str2array($searchTags, $tagsSeparator));
        $searchTags = !empty($searchTags) ? trim($searchTags, $tagsSeparator) . $tagsSeparator : '';
        // Fill all template fields.
        $data = array_merge(
            $this->initializeTemplateVars(),
@ -106,7 +111,7 @@ class BookmarkListController extends ShaarliVisitorController
                'result_count' => count($linksToDisplay),
                'search_term' => escape($searchTerm),
                'search_tags' => escape($searchTags),
-                'search_tags_url' => array_map('urlencode', explode(' ', $searchTags)),
+                'search_tags_url' => $searchTagsUrlEncoded,
                'visibility' => $visibility,
                'links' => $linkDisp,
            ]
@ -119,8 +124,9 @@ class BookmarkListController extends ShaarliVisitorController
                return '[' . $tag . ']';
            };
            $data['pagetitle'] .= ! empty($searchTags)
-                ? implode(' ', array_map($bracketWrap, preg_split('/\s+/', $searchTags))) . ' '
+                ? implode(' ', array_map($bracketWrap, tags_str2array($searchTags, $tagsSeparator))) . ' '
-                : '';
+                : ''
            ;
            $data['pagetitle'] .= '- ';
        }
@ -137,8 +143,10 @@ class BookmarkListController extends ShaarliVisitorController
     */
    public function permalink(Request $request, Response $response, array $args): Response
    {
        $privateKey = $request->getParam('key');
        try {
-            $bookmark = $this->container->bookmarkService->findByHash($args['hash']);
+            $bookmark = $this->container->bookmarkService->findByHash($args['hash'], $privateKey);
        } catch (BookmarkNotFoundException $e) {
            $this->assignView('error_message', $e->getMessage());
@ -169,17 +177,26 @@ class BookmarkListController extends ShaarliVisitorController
     */
    protected function updateThumbnail(Bookmark $bookmark, bool $writeDatastore = true): bool
    {
-        // Logged in, not async retrieval, thumbnails enabled, and thumbnail should be updated
+        if (false === $this->container->loginManager->isLoggedIn()) {
-        if ($this->container->loginManager->isLoggedIn()
+            return false;
        }
        // If thumbnail should be updated, we reset it to null
        if ($bookmark->shouldUpdateThumbnail()) {
            $bookmark->setThumbnail(null);
            // Requires an update, not async retrieval, thumbnails enabled
            if (
                $bookmark->shouldUpdateThumbnail()
                && true !== $this->container->conf->get('general.enable_async_metadata', true)
                && $this->container->conf->get('thumbnails.mode', Thumbnailer::MODE_NONE) !== Thumbnailer::MODE_NONE
            && $bookmark->shouldUpdateThumbnail()
            ) {
                $bookmark->setThumbnail($this->container->thumbnailer->get($bookmark->getUrl()));
                $this->container->bookmarkService->set($bookmark, $writeDatastore);
                return true;
            }
        }
        return false;
    }
--- a/application/front/controller/visitor/DailyController.php
+++ b/application/front/controller/visitor/DailyController.php
@ -5,8 +5,8 @@ declare(strict_types=1);
 namespace Shaarli\Front\Controller\Visitor;
 use DateTime;
 use DateTimeImmutable;
 use Shaarli\Bookmark\Bookmark;
 use Shaarli\Helper\DailyPageHelper;
 use Shaarli\Render\TemplatePage;
 use Slim\Http\Request;
 use Slim\Http\Response;
@ -26,32 +26,20 @@ class DailyController extends ShaarliVisitorController
     */
    public function index(Request $request, Response $response): Response
    {
-        $day = $request->getQueryParam('day') ?? date('Ymd');
+        $type = DailyPageHelper::extractRequestedType($request);
        $format = DailyPageHelper::getFormatByType($type);
        $latestBookmark = $this->container->bookmarkService->getLatest();
        $dateTime = DailyPageHelper::extractRequestedDateTime($type, $request->getQueryParam($type), $latestBookmark);
        $start = DailyPageHelper::getStartDateTimeByType($type, $dateTime);
        $end = DailyPageHelper::getEndDateTimeByType($type, $dateTime);
        $dailyDesc = DailyPageHelper::getDescriptionByType($type, $dateTime);
-        $availableDates = $this->container->bookmarkService->days();
+        $linksToDisplay = $this->container->bookmarkService->findByDate(
-        $nbAvailableDates = count($availableDates);
+            $start,
-        $index = array_search($day, $availableDates);
+            $end,
-
+            $previousDay,
-        if ($index === false) {
+            $nextDay
-            // no bookmarks for day, but at least one day with bookmarks
+        );
            $day = $availableDates[$nbAvailableDates - 1] ?? $day;
            $previousDay = $availableDates[$nbAvailableDates - 2] ?? '';
        } else {
            $previousDay = $availableDates[$index - 1] ?? '';
            $nextDay = $availableDates[$index + 1] ?? '';
        }
        if ($day === date('Ymd')) {
            $this->assignView('dayDesc', t('Today'));
        } elseif ($day === date('Ymd', strtotime('-1 days'))) {
            $this->assignView('dayDesc', t('Yesterday'));
        }
        try {
            $linksToDisplay = $this->container->bookmarkService->filterDay($day);
        } catch (\Exception $exc) {
            $linksToDisplay = [];
        }
        $formatter = $this->container->formatterFactory->getFormatter();
        $formatter->addContextData('base_path', $this->container->basePath);
@ -63,13 +51,15 @@ class DailyController extends ShaarliVisitorController
            $linksToDisplay[$key]['description'] = $bookmark->getDescription();
        }
        $dayDate = DateTime::createFromFormat(Bookmark::LINK_DATE_FORMAT, $day.'_000000');
        $data = [
            'linksToDisplay' => $linksToDisplay,
-            'day' => $dayDate->getTimestamp(),
+            'dayDate' => $start,
-            'dayDate' => $dayDate,
+            'day' => $start->getTimestamp(),
-            'previousday' => $previousDay ?? '',
+            'previousday' => $previousDay ? $previousDay->format($format) : '',
-            'nextday' => $nextDay ?? '',
+            'nextday' => $nextDay ? $nextDay->format($format) : '',
            'dayDesc' => $dailyDesc,
            'type' => $type,
            'localizedType' => $this->translateType($type),
        ];
        // Hooks are called before column construction so that plugins don't have to deal with columns.
@ -82,7 +72,7 @@ class DailyController extends ShaarliVisitorController
        $mainTitle = $this->container->conf->get('general.title', 'Shaarli');
        $this->assignView(
            'pagetitle',
-            t('Daily') .' - '. format_date($dayDate, false) . ' - ' . $mainTitle
+            $data['localizedType'] . ' - ' . $data['dayDesc'] . ' - ' . $mainTitle
        );
        return $response->write($this->render(TemplatePage::DAILY));
@ -106,11 +96,14 @@ class DailyController extends ShaarliVisitorController
        }
        $days = [];
        $type = DailyPageHelper::extractRequestedType($request);
        $format = DailyPageHelper::getFormatByType($type);
        $length = DailyPageHelper::getRssLengthByType($type);
        foreach ($this->container->bookmarkService->search() as $bookmark) {
-            $day = $bookmark->getCreated()->format('Ymd');
+            $day = $bookmark->getCreated()->format($format);
            // Stop iterating after DAILY_RSS_NB_DAYS entries
-            if (count($days) === static::$DAILY_RSS_NB_DAYS && !isset($days[$day])) {
+            if (count($days) === $length && !isset($days[$day])) {
                break;
            }
@ -127,12 +120,19 @@ class DailyController extends ShaarliVisitorController
        /** @var Bookmark[] $bookmarks */
        foreach ($days as $day => $bookmarks) {
-            $dayDatetime = DateTimeImmutable::createFromFormat(Bookmark::LINK_DATE_FORMAT, $day.'_000000');
+            $dayDateTime = DailyPageHelper::extractRequestedDateTime($type, (string) $day);
            $endDateTime = DailyPageHelper::getEndDateTimeByType($type, $dayDateTime);
            // We only want the RSS entry to be published when the period is over.
            if (new DateTime() < $endDateTime) {
                continue;
            }
            $dataPerDay[$day] = [
-                'date' => $dayDatetime,
+                'date' => $endDateTime,
-                'date_rss' => $dayDatetime->format(DateTime::RSS),
+                'date_rss' => $endDateTime->format(DateTime::RSS),
-                'date_human' => format_date($dayDatetime, false, true),
+                'date_human' => DailyPageHelper::getDescriptionByType($type, $dayDateTime),
-                'absolute_url' => $indexUrl . 'daily?day=' . $day,
+                'absolute_url' => $indexUrl . 'daily?' . $type . '=' . $day,
                'links' => [],
            ];
@ -141,16 +141,20 @@ class DailyController extends ShaarliVisitorController
                // Make permalink URL absolute
                if ($bookmark->isNote()) {
-                    $dataPerDay[$day]['links'][$key]['url'] = $indexUrl . $bookmark->getUrl();
+                    $dataPerDay[$day]['links'][$key]['url'] = rtrim($indexUrl, '/') . $bookmark->getUrl();
                }
            }
        }
-        $this->assignView('title', $this->container->conf->get('general.title', 'Shaarli'));
+        $this->assignAllView([
-        $this->assignView('index_url', $indexUrl);
+            'title' => $this->container->conf->get('general.title', 'Shaarli'),
-        $this->assignView('page_url', $pageUrl);
+            'index_url' => $indexUrl,
-        $this->assignView('hide_timestamps', $this->container->conf->get('privacy.hide_timestamps', false));
+            'page_url' => $pageUrl,
-        $this->assignView('days', $dataPerDay);
+            'hide_timestamps' => $this->container->conf->get('privacy.hide_timestamps', false),
            'days' => $dataPerDay,
            'type' => $type,
            'localizedType' => $this->translateType($type),
        ]);
        $rssContent = $this->render(TemplatePage::DAILY_RSS);
@ -189,4 +193,13 @@ class DailyController extends ShaarliVisitorController
        return $columns;
    }
    protected function translateType($type): string
    {
        return [
            t('day') => t('Daily'),
            t('week') => t('Weekly'),
            t('month') => t('Monthly'),
        ][t($type)] ?? t('Daily');
    }
 }
--- a/application/front/controller/visitor/ErrorController.php
+++ b/application/front/controller/visitor/ErrorController.php
@ -26,8 +26,14 @@ class ErrorController extends ShaarliVisitorController
            $response = $response->withStatus($throwable->getCode());
        } else {
            // Internal error (any other Throwable)
-            if ($this->container->conf->get('dev.debug', false)) {
+            if ($this->container->conf->get('dev.debug', false) || $this->container->loginManager->isLoggedIn()) {
-                $this->assignView('message', $throwable->getMessage());
+                $this->assignView('message', t('Error: ') . $throwable->getMessage());
                $this->assignView(
                    'text',
                    '<a href="https://github.com/shaarli/Shaarli/issues/new">'
                    . t('Please report it on Github.')
                    . '</a>'
                );
                $this->assignView('stacktrace', exception2text($throwable));
            } else {
                $this->assignView('message', t('An unexpected error occurred.'));
@ -36,7 +42,6 @@ class ErrorController extends ShaarliVisitorController
            $response = $response->withStatus(500);
        }
        return $response->write($this->render('error'));
    }
 }
--- a/application/front/controller/visitor/InstallController.php
+++ b/application/front/controller/visitor/InstallController.php
@ -4,10 +4,10 @@ declare(strict_types=1);
 namespace Shaarli\Front\Controller\Visitor;
 use Shaarli\ApplicationUtils;
 use Shaarli\Container\ShaarliContainer;
 use Shaarli\Front\Exception\AlreadyInstalledException;
 use Shaarli\Front\Exception\ResourcePermissionException;
 use Shaarli\Helper\ApplicationUtils;
 use Shaarli\Languages;
 use Shaarli\Security\SessionManager;
 use Slim\Http\Request;
@ -39,7 +39,8 @@ class InstallController extends ShaarliVisitorController
        // Before installation, we'll make sure that permissions are set properly, and sessions are working.
        $this->checkPermissions();
-        if (static::SESSION_TEST_VALUE
+        if (
            static::SESSION_TEST_VALUE
            !== $this->container->sessionManager->getSessionParameter(static::SESSION_TEST_KEY)
        ) {
            $this->container->sessionManager->setSessionParameter(static::SESSION_TEST_KEY, static::SESSION_TEST_VALUE);
@ -53,6 +54,16 @@ class InstallController extends ShaarliVisitorController
        $this->assignView('cities', $cities);
        $this->assignView('languages', Languages::getAvailableLanguages());
        $phpEol = new \DateTimeImmutable(ApplicationUtils::getPhpEol(PHP_VERSION));
        $this->assignView('php_version', PHP_VERSION);
        $this->assignView('php_eol', format_date($phpEol, false));
        $this->assignView('php_has_reached_eol', $phpEol < new \DateTimeImmutable());
        $this->assignView('php_extensions', ApplicationUtils::getPhpExtensionsRequirement());
        $this->assignView('permissions', ApplicationUtils::checkResourcePermissions($this->container->conf));
        $this->assignView('pagetitle', t('Install Shaarli'));
        return $response->write($this->render('install'));
    }
@ -65,7 +76,8 @@ class InstallController extends ShaarliVisitorController
        // This part makes sure sessions works correctly.
        // (Because on some hosts, session.save_path may not be set correctly,
        // or we may not have write access to it.)
-        if (static::SESSION_TEST_VALUE
+        if (
            static::SESSION_TEST_VALUE
            !== $this->container->sessionManager->getSessionParameter(static::SESSION_TEST_KEY)
        ) {
            // Step 2: Check if data in session is correct.
@ -94,7 +106,8 @@ class InstallController extends ShaarliVisitorController
    public function save(Request $request, Response $response): Response
    {
        $timezone = 'UTC';
-        if (!empty($request->getParam('continent'))
+        if (
            !empty($request->getParam('continent'))
            && !empty($request->getParam('city'))
            && isTimeZoneValid($request->getParam('continent'), $request->getParam('city'))
        ) {
@ -150,7 +163,7 @@ class InstallController extends ShaarliVisitorController
    protected function checkPermissions(): bool
    {
        // Ensure Shaarli has proper access to its resources
-        $errors = ApplicationUtils::checkResourcePermissions($this->container->conf);
+        $errors = ApplicationUtils::checkResourcePermissions($this->container->conf, true);
        if (empty($errors)) {
            return true;
        }
--- a/application/front/controller/visitor/LoginController.php
+++ b/application/front/controller/visitor/LoginController.php
@ -64,8 +64,8 @@ class LoginController extends ShaarliVisitorController
            return $this->redirect($response, '/');
        }
-        if (!$this->container->loginManager->checkCredentials(
+        if (
-                $this->container->environment['REMOTE_ADDR'],
+            !$this->container->loginManager->checkCredentials(
                client_ip_id($this->container->environment),
                $request->getParam('login'),
                $request->getParam('password')
@ -102,7 +102,8 @@ class LoginController extends ShaarliVisitorController
     */
    protected function checkLoginState(): bool
    {
-        if ($this->container->loginManager->isLoggedIn()
+        if (
            $this->container->loginManager->isLoggedIn()
            || $this->container->conf->get('security.open_shaarli', false)
        ) {
            throw new CantLoginException();
--- a/application/front/controller/visitor/ShaarliVisitorController.php
+++ b/application/front/controller/visitor/ShaarliVisitorController.php
@ -144,7 +144,8 @@ abstract class ShaarliVisitorController
        if (null !== $referer) {
            $currentUrl = parse_url($referer);
            // If the referer is not related to Shaarli instance, redirect to default
-            if (isset($currentUrl['host'])
+            if (
                isset($currentUrl['host'])
                && strpos(index_url($this->container->environment), $currentUrl['host']) === false
            ) {
                return $response->withRedirect($defaultPath);
--- a/application/front/controller/visitor/TagCloudController.php
+++ b/application/front/controller/visitor/TagCloudController.php
@ -47,13 +47,14 @@ class TagCloudController extends ShaarliVisitorController
     */
    protected function processRequest(string $type, Request $request, Response $response): Response
    {
        $tagsSeparator = $this->container->conf->get('general.tags_separator', ' ');
        if ($this->container->loginManager->isLoggedIn() === true) {
            $visibility = $this->container->sessionManager->getSessionParameter('visibility');
        }
        $sort = $request->getQueryParam('sort');
        $searchTags = $request->getQueryParam('searchtags');
-        $filteringTags = $searchTags !== null ? explode(' ', $searchTags) : [];
+        $filteringTags = $searchTags !== null ? explode($tagsSeparator, $searchTags) : [];
        $tags = $this->container->bookmarkService->bookmarksCountPerTag($filteringTags, $visibility ?? null);
@ -71,8 +72,9 @@ class TagCloudController extends ShaarliVisitorController
            $tagsUrl[escape($tag)] = urlencode((string) $tag);
        }
-        $searchTags = implode(' ', escape($filteringTags));
+        $searchTags = tags_array2str($filteringTags, $tagsSeparator);
-        $searchTagsUrl = urlencode(implode(' ', $filteringTags));
+        $searchTags = !empty($searchTags) ? trim($searchTags, $tagsSeparator) . $tagsSeparator : '';
        $searchTagsUrl = urlencode($searchTags);
        $data = [
            'search_tags' => escape($searchTags),
            'search_tags_url' => $searchTagsUrl,
@ -82,7 +84,7 @@ class TagCloudController extends ShaarliVisitorController
        $this->executePageHooks('render_tag' . $type, $data, 'tag.' . $type);
        $this->assignAllView($data);
-        $searchTags = !empty($searchTags) ? $searchTags .' - ' : '';
+        $searchTags = !empty($searchTags) ? trim(str_replace($tagsSeparator, ' ', $searchTags)) . ' - ' : '';
        $this->assignView(
            'pagetitle',
            $searchTags . t('Tag ' . $type) . ' - ' . $this->container->conf->get('general.title', 'Shaarli')
--- a/application/front/controller/visitor/TagController.php
+++ b/application/front/controller/visitor/TagController.php
@ -45,9 +45,10 @@ class TagController extends ShaarliVisitorController
            unset($params['addtag']);
        }
        $tagsSeparator = $this->container->conf->get('general.tags_separator', ' ');
        // Check if this tag is already in the search query and ignore it if it is.
        // Each tag is always separated by a space
-        $currentTags = isset($params['searchtags']) ? explode(' ', $params['searchtags']) : [];
+        $currentTags = tags_str2array($params['searchtags'] ?? '', $tagsSeparator);
        $addtag = true;
        foreach ($currentTags as $value) {
@ -62,7 +63,7 @@ class TagController extends ShaarliVisitorController
            $currentTags[] = trim($newTag);
        }
-        $params['searchtags'] = trim(implode(' ', $currentTags));
+        $params['searchtags'] = tags_array2str($currentTags, $tagsSeparator);
        // We also remove page (keeping the same page has no sense, since the results are different)
        unset($params['page']);
@ -98,10 +99,11 @@ class TagController extends ShaarliVisitorController
        }
        if (isset($params['searchtags'])) {
-            $tags = explode(' ', $params['searchtags']);
+            $tagsSeparator = $this->container->conf->get('general.tags_separator', ' ');
            $tags = tags_str2array($params['searchtags'] ?? '', $tagsSeparator);
            // Remove value from array $tags.
            $tags = array_diff($tags, [$tagToRemove]);
-            $params['searchtags'] = implode(' ', $tags);
+            $params['searchtags'] = tags_array2str($tags, $tagsSeparator);
            if (empty($params['searchtags'])) {
                unset($params['searchtags']);
--- a/application/helper/ApplicationUtils.php
+++ b/application/helper/ApplicationUtils.php
@ -1,5 +1,6 @@
 <?php
-namespace Shaarli;
+
 namespace Shaarli\Helper;
 use Exception;
 use Shaarli\Config\ConfigManager;
@ -14,8 +15,9 @@ class ApplicationUtils
     */
    public static $VERSION_FILE = 'shaarli_version.php';
-    private static $GIT_URL = 'https://raw.githubusercontent.com/shaarli/Shaarli';
+    public static $GITHUB_URL = 'https://github.com/shaarli/Shaarli';
-    private static $GIT_BRANCHES = array('latest', 'stable');
+    public static $GIT_RAW_URL = 'https://raw.githubusercontent.com/shaarli/Shaarli';
    public static $GIT_BRANCHES = ['latest', 'stable'];
    private static $VERSION_START_TAG = '<?php /* ';
    private static $VERSION_END_TAG = ' */ ?>';
@ -63,8 +65,8 @@ class ApplicationUtils
        }
        return str_replace(
-            array(self::$VERSION_START_TAG, self::$VERSION_END_TAG, PHP_EOL),
+            [self::$VERSION_START_TAG, self::$VERSION_END_TAG, PHP_EOL],
-            array('', '', ''),
+            ['', '', ''],
            $data
        );
    }
@ -125,7 +127,7 @@ class ApplicationUtils
        // Late Static Binding allows overriding within tests
        // See http://php.net/manual/en/language.oop5.late-static-bindings.php
        $latestVersion = static::getVersion(
-            self::$GIT_URL . '/' . $branch . '/' . self::$VERSION_FILE
+            self::$GIT_RAW_URL . '/' . $branch . '/' . self::$VERSION_FILE
        );
        if (!$latestVersion) {
@ -172,34 +174,46 @@ class ApplicationUtils
     * Checks Shaarli has the proper access permissions to its resources
     *
     * @param ConfigManager $conf        Configuration Manager instance.
     * @param bool          $minimalMode In minimal mode we only check permissions to be able to display a template.
     *                                   Currently we only need to be able to read the theme and write in raintpl cache.
     *
     * @return array A list of the detected configuration issues
     */
-    public static function checkResourcePermissions($conf)
+    public static function checkResourcePermissions(ConfigManager $conf, bool $minimalMode = false): array
    {
-        $errors = array();
+        $errors = [];
        $rainTplDir = rtrim($conf->get('resource.raintpl_tpl'), '/');
        // Check script and template directories are readable
-        foreach (array(
+        foreach (
            [
            'application',
            'inc',
            'plugins',
            $rainTplDir,
            $rainTplDir . '/' . $conf->get('resource.theme'),
-                 ) as $path) {
+            ] as $path
        ) {
            if (!is_readable(realpath($path))) {
                $errors[] = '"' . $path . '" ' . t('directory is not readable');
            }
        }
        // Check cache and data directories are readable and writable
-        foreach (array(
+        if ($minimalMode) {
            $folders = [
                $conf->get('resource.raintpl_tmp'),
            ];
        } else {
            $folders = [
            $conf->get('resource.thumbnails_cache'),
            $conf->get('resource.data_dir'),
            $conf->get('resource.page_cache'),
            $conf->get('resource.raintpl_tmp'),
-                 ) as $path) {
+            ];
        }
        foreach ($folders as $path) {
            if (!is_readable(realpath($path))) {
                $errors[] = '"' . $path . '" ' . t('directory is not readable');
            }
@ -208,14 +222,20 @@ class ApplicationUtils
            }
        }
        if ($minimalMode) {
            return $errors;
        }
        // Check configuration files are readable and writable
-        foreach (array(
+        foreach (
            [
                 $conf->getConfigFileExt(),
                 $conf->get('resource.datastore'),
                 $conf->get('resource.ban_file'),
                 $conf->get('resource.log'),
                 $conf->get('resource.update_check'),
-                 ) as $path) {
+             ] as $path
        ) {
            if (!is_file(realpath($path))) {
                # the file may not exist yet
                continue;
@ -246,4 +266,54 @@ class ApplicationUtils
    {
        return hash_hmac('sha256', $currentVersion, $salt);
    }
    /**
     * Get a list of PHP extensions used by Shaarli.
     *
     * @return array[] List of extension with following keys:
     *                   - name: extension name
     *                   - required: whether the extension is required to use Shaarli
     *                   - desc: short description of extension usage in Shaarli
     *                   - loaded: whether the extension is properly loaded or not
     */
    public static function getPhpExtensionsRequirement(): array
    {
        $extensions = [
            ['name' => 'json', 'required' => true, 'desc' => t('Configuration parsing')],
            ['name' => 'simplexml', 'required' => true, 'desc' => t('Slim Framework (routing, etc.)')],
            ['name' => 'mbstring', 'required' => true, 'desc' => t('Multibyte (Unicode) string support')],
            ['name' => 'gd', 'required' => false, 'desc' => t('Required to use thumbnails')],
            ['name' => 'intl', 'required' => false, 'desc' => t('Localized text sorting (e.g. e->è->f)')],
            ['name' => 'curl', 'required' => false, 'desc' => t('Better retrieval of bookmark metadata and thumbnail')],
            ['name' => 'gettext', 'required' => false, 'desc' => t('Use the translation system in gettext mode')],
            ['name' => 'ldap', 'required' => false, 'desc' => t('Login using LDAP server')],
        ];
        foreach ($extensions as &$extension) {
            $extension['loaded'] = extension_loaded($extension['name']);
        }
        return $extensions;
    }
    /**
     * Return the EOL date of given PHP version. If the version is unknown,
     * we return today + 2 years.
     *
     * @param string $fullVersion PHP version, e.g. 7.4.7
     *
     * @return string Date format: YYYY-MM-DD
     */
    public static function getPhpEol(string $fullVersion): string
    {
        preg_match('/(\d+\.\d+)\.\d+/', $fullVersion, $matches);
        return [
            '7.1' => '2019-12-01',
            '7.2' => '2020-11-30',
            '7.3' => '2021-12-06',
            '7.4' => '2022-11-28',
            '8.0' => '2023-12-01',
        ][$matches[1]] ?? (new \DateTime('+2 year'))->format('Y-m-d');
    }
 }
--- a/application/helper/DailyPageHelper.php
+++ b/application/helper/DailyPageHelper.php
@ -0,0 +1,208 @@
 <?php
 declare(strict_types=1);
 namespace Shaarli\Helper;
 use Shaarli\Bookmark\Bookmark;
 use Slim\Http\Request;
 class DailyPageHelper
 {
    public const MONTH = 'month';
    public const WEEK = 'week';
    public const DAY = 'day';
    /**
     * Extracts the type of the daily to display from the HTTP request parameters
     *
     * @param Request $request HTTP request
     *
     * @return string month/week/day
     */
    public static function extractRequestedType(Request $request): string
    {
        if ($request->getQueryParam(static::MONTH) !== null) {
            return static::MONTH;
        } elseif ($request->getQueryParam(static::WEEK) !== null) {
            return static::WEEK;
        }
        return static::DAY;
    }
    /**
     * Extracts a DateTimeImmutable from provided HTTP request.
     * If no parameter is provided, we rely on the creation date of the latest provided created bookmark.
     * If the datastore is empty or no bookmark is provided, we use the current date.
     *
     * @param string        $type           month/week/day
     * @param string|null   $requestedDate  Input string extracted from the request
     * @param Bookmark|null $latestBookmark Latest bookmark found in the datastore (by date)
     *
     * @return \DateTimeImmutable from input or latest bookmark.
     *
     * @throws \Exception Type not supported.
     */
    public static function extractRequestedDateTime(
        string $type,
        ?string $requestedDate,
        Bookmark $latestBookmark = null
    ): \DateTimeImmutable {
        $format = static::getFormatByType($type);
        if (empty($requestedDate)) {
            return $latestBookmark instanceof Bookmark
                ? new \DateTimeImmutable($latestBookmark->getCreated()->format(\DateTime::ATOM))
                : new \DateTimeImmutable()
            ;
        }
        // W is not supported by createFromFormat...
        if ($type === static::WEEK) {
            return (new \DateTimeImmutable())
                ->setISODate((int) substr($requestedDate, 0, 4), (int) substr($requestedDate, 4, 2))
            ;
        }
        return \DateTimeImmutable::createFromFormat($format, $requestedDate);
    }
    /**
     * Get the DateTime format used by provided type
     * Examples:
     *   - day: 20201016 (<year><month><day>)
     *   - week: 202041 (<year><week number>)
     *   - month: 202010 (<year><month>)
     *
     * @param string $type month/week/day
     *
     * @return string DateTime compatible format
     *
     * @see https://www.php.net/manual/en/datetime.format.php
     *
     * @throws \Exception Type not supported.
     */
    public static function getFormatByType(string $type): string
    {
        switch ($type) {
            case static::MONTH:
                return 'Ym';
            case static::WEEK:
                return 'YW';
            case static::DAY:
                return 'Ymd';
            default:
                throw new \Exception('Unsupported daily format type');
        }
    }
    /**
     * Get the first DateTime of the time period depending on given datetime and type.
     * Note: DateTimeImmutable is required because we rely heavily on DateTime->modify() syntax
     *       and we don't want to alter original datetime.
     *
     * @param string             $type      month/week/day
     * @param \DateTimeImmutable $requested DateTime extracted from request input
     *                                      (should come from extractRequestedDateTime)
     *
     * @return \DateTimeInterface First DateTime of the time period
     *
     * @throws \Exception Type not supported.
     */
    public static function getStartDateTimeByType(string $type, \DateTimeImmutable $requested): \DateTimeInterface
    {
        switch ($type) {
            case static::MONTH:
                return $requested->modify('first day of this month midnight');
            case static::WEEK:
                return $requested->modify('Monday this week midnight');
            case static::DAY:
                return $requested->modify('Today midnight');
            default:
                throw new \Exception('Unsupported daily format type');
        }
    }
    /**
     * Get the last DateTime of the time period depending on given datetime and type.
     * Note: DateTimeImmutable is required because we rely heavily on DateTime->modify() syntax
     *       and we don't want to alter original datetime.
     *
     * @param string             $type      month/week/day
     * @param \DateTimeImmutable $requested DateTime extracted from request input
     *                                      (should come from extractRequestedDateTime)
     *
     * @return \DateTimeInterface Last DateTime of the time period
     *
     * @throws \Exception Type not supported.
     */
    public static function getEndDateTimeByType(string $type, \DateTimeImmutable $requested): \DateTimeInterface
    {
        switch ($type) {
            case static::MONTH:
                return $requested->modify('last day of this month 23:59:59');
            case static::WEEK:
                return $requested->modify('Sunday this week 23:59:59');
            case static::DAY:
                return $requested->modify('Today 23:59:59');
            default:
                throw new \Exception('Unsupported daily format type');
        }
    }
    /**
     * Get localized description of the time period depending on given datetime and type.
     * Example: for a month period, it returns `October, 2020`.
     *
     * @param string             $type      month/week/day
     * @param \DateTimeImmutable $requested DateTime extracted from request input
     *                                      (should come from extractRequestedDateTime)
     *
     * @return string Localized time period description
     *
     * @throws \Exception Type not supported.
     */
    public static function getDescriptionByType(string $type, \DateTimeImmutable $requested): string
    {
        switch ($type) {
            case static::MONTH:
                return $requested->format('F') . ', ' . $requested->format('Y');
            case static::WEEK:
                $requested = $requested->modify('Monday this week');
                return t('Week') . ' ' . $requested->format('W') . ' (' . format_date($requested, false) . ')';
            case static::DAY:
                $out = '';
                if ($requested->format('Ymd') === date('Ymd')) {
                    $out = t('Today') . ' - ';
                } elseif ($requested->format('Ymd') === date('Ymd', strtotime('-1 days'))) {
                    $out = t('Yesterday') . ' - ';
                }
                return $out . format_date($requested, false);
            default:
                throw new \Exception('Unsupported daily format type');
        }
    }
    /**
     * Get the number of items to display in the RSS feed depending on the given type.
     *
     * @param string $type month/week/day
     *
     * @return int number of elements
     *
     * @throws \Exception Type not supported.
     */
    public static function getRssLengthByType(string $type): int
    {
        switch ($type) {
            case static::MONTH:
                return 12; // 1 year
            case static::WEEK:
                return 26; // ~6 months
            case static::DAY:
                return 30; // ~1 month
            default:
                throw new \Exception('Unsupported daily format type');
        }
    }
 }
--- a/application/helper/FileUtils.php
+++ b/application/helper/FileUtils.php
@ -1,6 +1,6 @@
 <?php
-namespace Shaarli;
+namespace Shaarli\Helper;
 use Shaarli\Exceptions\IOException;
@ -81,4 +81,60 @@ class FileUtils
            )
        );
    }
    /**
     * Recursively deletes a folder content, and deletes itself optionally.
     * If an excluded file is found, folders won't be deleted.
     *
     * Additional security: raise an exception if it tries to delete a folder outside of Shaarli directory.
     *
     * @param string $path
     * @param bool $selfDelete Delete the provided folder if true, only its content if false.
     * @param array $exclude
     */
    public static function clearFolder(string $path, bool $selfDelete, array $exclude = []): bool
    {
        $skipped = false;
        if (!is_dir($path)) {
            throw new IOException(t('Provided path is not a directory.'));
        }
        if (!static::isPathInShaarliFolder($path)) {
            throw new IOException(t('Trying to delete a folder outside of Shaarli path.'));
        }
        foreach (new \DirectoryIterator($path) as $file) {
            if ($file->isDot()) {
                continue;
            }
            if (in_array($file->getBasename(), $exclude, true)) {
                $skipped = true;
                continue;
            }
            if ($file->isFile()) {
                unlink($file->getPathname());
            } elseif ($file->isDir()) {
                $skipped = static::clearFolder($file->getRealPath(), true, $exclude) || $skipped;
            }
        }
        if ($selfDelete && !$skipped) {
            rmdir($path);
        }
        return $skipped;
    }
    /**
     * Checks that the given path is inside Shaarli directory.
     */
    public static function isPathInShaarliFolder(string $path): bool
    {
        $rootDirectory = dirname(dirname(dirname(__FILE__)));
        return strpos(realpath($path), $rootDirectory) !== false;
    }
 }
--- a/application/http/HttpAccess.php
+++ b/application/http/HttpAccess.php
@ -29,14 +29,16 @@ class HttpAccess
        &$title,
        &$description,
        &$keywords,
-        $retrieveDescription
+        $retrieveDescription,
        $tagsSeparator
    ) {
        return get_curl_download_callback(
            $charset,
            $title,
            $description,
            $keywords,
-            $retrieveDescription
+            $retrieveDescription,
            $tagsSeparator
        );
    }
--- a/application/http/HttpUtils.php
+++ b/application/http/HttpUtils.php
@ -48,7 +48,7 @@ function get_http_response(
    $cleanUrl = $urlObj->idnToAscii();
    if (!filter_var($cleanUrl, FILTER_VALIDATE_URL) || !$urlObj->isHttp()) {
-        return array(array(0 => 'Invalid HTTP UrlUtils'), false);
+        return [[0 => 'Invalid HTTP UrlUtils'], false];
    }
    $userAgent =
@ -71,7 +71,7 @@ function get_http_response(
    $ch = curl_init($cleanUrl);
    if ($ch === false) {
-        return array(array(0 => 'curl_init() error'), false);
+        return [[0 => 'curl_init() error'], false];
    }
    // General cURL settings
@ -82,7 +82,7 @@ function get_http_response(
    curl_setopt(
        $ch,
        CURLOPT_HTTPHEADER,
-        array('Accept-Language: ' . $acceptLanguage)
+        ['Accept-Language: ' . $acceptLanguage]
    );
    curl_setopt($ch, CURLOPT_MAXREDIRS, $maxRedirs);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
@ -122,9 +122,9 @@ function get_http_response(
             * Removing this would require updating
             * GetHttpUrlTest::testGetInvalidRemoteUrl()
             */
-            return array(false, false);
+            return [false, false];
        }
-        return array(array(0 => 'curl_exec() error: ' . $errorStr), false);
+        return [[0 => 'curl_exec() error: ' . $errorStr], false];
    }
    // Formatting output like the fallback method
@ -135,7 +135,7 @@ function get_http_response(
    $rawHeadersLastRedir = end($rawHeadersArrayRedirs);
    $content = substr($response, $headSize);
-    $headers = array();
+    $headers = [];
    foreach (preg_split('~[\r\n]+~', $rawHeadersLastRedir) as $line) {
        if (empty($line) || ctype_space($line)) {
            continue;
@ -146,7 +146,7 @@ function get_http_response(
            $value = $splitLine[1];
            if (array_key_exists($key, $headers)) {
                if (!is_array($headers[$key])) {
-                    $headers[$key] = array(0 => $headers[$key]);
+                    $headers[$key] = [0 => $headers[$key]];
                }
                $headers[$key][] = $value;
            } else {
@ -157,7 +157,7 @@ function get_http_response(
        }
    }
-    return array($headers, $content);
+    return [$headers, $content];
 }
 /**
@ -188,15 +188,15 @@ function get_http_response_fallback(
    $acceptLanguage,
    $maxRedr
 ) {
-    $options = array(
+    $options = [
-        'http' => array(
+        'http' => [
            'method' => 'GET',
            'timeout' => $timeout,
            'user_agent' => $userAgent,
            'header' => "Accept: */*\r\n"
                . 'Accept-Language: ' . $acceptLanguage
-        )
+        ]
-    );
+    ];
    stream_context_set_default($options);
    list($headers, $finalUrl) = get_redirected_headers($cleanUrl, $maxRedr);
@ -207,7 +207,7 @@ function get_http_response_fallback(
    }
    if (! $headers) {
-        return array($headers, false);
+        return [$headers, false];
    }
    try {
@ -215,10 +215,10 @@ function get_http_response_fallback(
        $context = stream_context_create($options);
        $content = file_get_contents($finalUrl, false, $context, -1, $maxBytes);
    } catch (Exception $exc) {
-        return array(array(0 => 'HTTP Error'), $exc->getMessage());
+        return [[0 => 'HTTP Error'], $exc->getMessage()];
    }
-    return array($headers, $content);
+    return [$headers, $content];
 }
 /**
@ -237,10 +237,12 @@ function get_redirected_headers($url, $redirectionLimit = 3)
    }
    // Headers found, redirection found, and limit not reached.
-    if ($redirectionLimit-- > 0
+    if (
        $redirectionLimit-- > 0
        && !empty($headers)
        && (strpos($headers[0], '301') !== false || strpos($headers[0], '302') !== false)
-        && !empty($headers['Location'])) {
+        && !empty($headers['Location'])
    ) {
        $redirection = is_array($headers['Location']) ? end($headers['Location']) : $headers['Location'];
        if ($redirection != $url) {
            $redirection = getAbsoluteUrl($url, $redirection);
@ -248,7 +250,7 @@ function get_redirected_headers($url, $redirectionLimit = 3)
        }
    }
-    return array($headers, $url);
+    return [$headers, $url];
 }
 /**
@ -323,7 +325,8 @@ function server_url($server)
                $scheme = 'https';
            }
-            if (($scheme == 'http' && $port != '80')
+            if (
                ($scheme == 'http' && $port != '80')
                || ($scheme == 'https' && $port != '443')
            ) {
                $port = ':' . $port;
@ -348,14 +351,18 @@ function server_url($server)
    }
    // SSL detection
-    if ((! empty($server['HTTPS']) && strtolower($server['HTTPS']) == 'on')
+    if (
-        || (isset($server['SERVER_PORT']) && $server['SERVER_PORT'] == '443')) {
+        (! empty($server['HTTPS']) && strtolower($server['HTTPS']) == 'on')
        || (isset($server['SERVER_PORT']) && $server['SERVER_PORT'] == '443')
    ) {
        $scheme = 'https';
    }
    // Do not append standard port values
-    if (($scheme == 'http' && $server['SERVER_PORT'] != '80')
+    if (
-        || ($scheme == 'https' && $server['SERVER_PORT'] != '443')) {
+        ($scheme == 'http' && $server['SERVER_PORT'] != '80')
        || ($scheme == 'https' && $server['SERVER_PORT'] != '443')
    ) {
        $port = ':' . $server['SERVER_PORT'];
    }
@ -550,7 +557,8 @@ function get_curl_download_callback(
    &$title,
    &$description,
    &$keywords,
-    $retrieveDescription
+    $retrieveDescription,
    $tagsSeparator
 ) {
    $currentChunk = 0;
    $foundChunk = null;
@ -566,8 +574,12 @@ function get_curl_download_callback(
     *
     * @return int|bool length of $data or false if we need to stop the download
     */
-    return function ($ch, $data) use (
+    return function (
        $ch,
        $data
    ) use (
        $retrieveDescription,
        $tagsSeparator,
        &$charset,
        &$title,
        &$description,
@ -598,10 +610,10 @@ function get_curl_download_callback(
            if (! empty($keywords)) {
                $foundChunk = $currentChunk;
                // Keywords use the format tag1, tag2 multiple words, tag
-                // So we format them to match Shaarli's separator and glue multiple words with '-'
+                // So we split the result with `,`, then if a tag contains the separator we replace it by `-`.
-                $keywords = implode(' ', array_map(function($keyword) {
+                $keywords = tags_array2str(array_map(function (string $keyword) use ($tagsSeparator): string {
-                    return implode('-', preg_split('/\s+/', trim($keyword)));
+                    return tags_array2str(tags_str2array($keyword, $tagsSeparator), '-');
-                }, explode(',', $keywords)));
+                }, tags_str2array($keywords, ',')), $tagsSeparator);
            }
        }
@ -609,7 +621,8 @@ function get_curl_download_callback(
        // If we already found either the title, description or keywords,
        // it's highly unlikely that we'll found the other metas further than
        // in the same chunk of data or the next one. So we also stop the download after that.
-        if ((!empty($responseCode) && !empty($contentType) && !empty($charset)) && $foundChunk !== null
+        if (
            (!empty($responseCode) && !empty($contentType) && !empty($charset)) && $foundChunk !== null
            && (! $retrieveDescription
                || $foundChunk < $currentChunk
                || (!empty($title) && !empty($description) && !empty($keywords))
--- a/application/http/MetadataRetriever.php
+++ b/application/http/MetadataRetriever.php
@ -38,7 +38,6 @@ class MetadataRetriever
        $title = null;
        $description = null;
        $tags = null;
        $retrieveDescription = $this->conf->get('general.retrieve_description');
        // Short timeout to keep the application responsive
        // The callback will fill $charset and $title with data from the downloaded page.
@ -52,7 +51,8 @@ class MetadataRetriever
                $title,
                $description,
                $tags,
-                $retrieveDescription
+                $this->conf->get('general.retrieve_description'),
                $this->conf->get('general.tags_separator', ' ')
            )
        );
--- a/application/http/Url.php
+++ b/application/http/Url.php
@ -17,7 +17,7 @@ namespace Shaarli\Http;
 */
 class Url
 {
-    private static $annoyingQueryParams = array(
+    private static $annoyingQueryParams = [
        // Facebook
        'action_object_map=',
        'action_ref_map=',
@ -37,15 +37,15 @@ class Url
        // Other
        'campaign_'
-    );
+    ];
-    private static $annoyingFragments = array(
+    private static $annoyingFragments = [
        // ATInternet
        'xtor=RSS-',
        // Misc.
        'tk.rss_all'
-    );
+    ];
    /*
     * URL parts represented as an array
@ -120,7 +120,7 @@ class Url
        foreach (self::$annoyingQueryParams as $annoying) {
            foreach ($queryParams as $param) {
                if (startsWith($param, $annoying)) {
-                    $queryParams = array_diff($queryParams, array($param));
+                    $queryParams = array_diff($queryParams, [$param]);
                    continue;
                }
            }
--- a/application/http/UrlUtils.php
+++ b/application/http/UrlUtils.php
@ -1,4 +1,5 @@
 <?php
 /**
 * Converts an array-represented URL to a string
 *
--- a/application/legacy/LegacyLinkDB.php
+++ b/application/legacy/LegacyLinkDB.php
@ -8,7 +8,7 @@ use DateTime;
 use Iterator;
 use Shaarli\Bookmark\Exception\BookmarkNotFoundException;
 use Shaarli\Exceptions\IOException;
-use Shaarli\FileUtils;
+use Shaarli\Helper\FileUtils;
 use Shaarli\Render\PageCacheManager;
 /**
@ -62,7 +62,7 @@ class LegacyLinkDB implements Iterator, Countable, ArrayAccess
    private $datastore;
    // Link date storage format
-    const LINK_DATE_FORMAT = 'Ymd_His';
+    public const LINK_DATE_FORMAT = 'Ymd_His';
    // List of bookmarks (associative array)
    //  - key:   link date (e.g. "20110823_124546"),
@ -240,8 +240,8 @@ class LegacyLinkDB implements Iterator, Countable, ArrayAccess
        }
        // Create a dummy database for example
-        $this->links = array();
+        $this->links = [];
-        $link = array(
+        $link = [
            'id' => 1,
            'title' => t('The personal, minimalist, super-fast, database free, bookmarking service'),
            'url' => 'https://shaarli.readthedocs.io',
@ -257,11 +257,11 @@ You use the community supported version of the original Shaarli project, by Seba
            'created' => new DateTime(),
            'tags' => 'opensource software',
            'sticky' => false,
-        );
+        ];
        $link['shorturl'] = link_small_hash($link['created'], $link['id']);
        $this->links[1] = $link;
-        $link = array(
+        $link = [
            'id' => 0,
            'title' => t('My secret stuff... - Pastebin.com'),
            'url' => 'http://sebsauvage.net/paste/?8434b27936c09649#bR7XsXhoTiLcqCpQbmOpBi3rq2zzQUC5hBI7ZT1O3x8=',
@ -270,7 +270,7 @@ You use the community supported version of the original Shaarli project, by Seba
            'created' => new DateTime('1 minute ago'),
            'tags' => 'secretstuff',
            'sticky' => false,
-        );
+        ];
        $link['shorturl'] = link_small_hash($link['created'], $link['id']);
        $this->links[0] = $link;
@ -285,7 +285,7 @@ You use the community supported version of the original Shaarli project, by Seba
    {
        // Public bookmarks are hidden and user not logged in => nothing to show
        if ($this->hidePublicLinks && !$this->loggedIn) {
-            $this->links = array();
+            $this->links = [];
            return;
        }
@ -293,7 +293,7 @@ You use the community supported version of the original Shaarli project, by Seba
        $this->ids = [];
        $this->links = FileUtils::readFlatDB($this->datastore, []);
-        $toremove = array();
+        $toremove = [];
        foreach ($this->links as $key => &$link) {
            if (!$this->loggedIn && $link['private'] != 0) {
                // Transition for not upgraded databases.
@ -414,7 +414,7 @@ You use the community supported version of the original Shaarli project, by Seba
     * @return array filtered bookmarks, all bookmarks if no suitable filter was provided.
     */
    public function filterSearch(
-        $filterRequest = array(),
+        $filterRequest = [],
        $casesensitive = false,
        $visibility = 'all',
        $untaggedonly = false
@ -512,7 +512,7 @@ You use the community supported version of the original Shaarli project, by Seba
     */
    public function days()
    {
-        $linkDays = array();
+        $linkDays = [];
        foreach ($this->links as $link) {
            $linkDays[$link['created']->format('Ymd')] = 0;
        }
--- a/application/legacy/LegacyLinkFilter.php
+++ b/application/legacy/LegacyLinkFilter.php
@ -120,7 +120,7 @@ class LegacyLinkFilter
            return $this->links;
        }
-        $out = array();
+        $out = [];
        foreach ($this->links as $key => $value) {
            if ($value['private'] && $visibility === 'private') {
                $out[$key] = $value;
@ -143,7 +143,7 @@ class LegacyLinkFilter
     */
    private function filterSmallHash($smallHash)
    {
-        $filtered = array();
+        $filtered = [];
        foreach ($this->links as $key => $l) {
            if ($smallHash == $l['shorturl']) {
                // Yes, this is ugly and slow
@ -186,7 +186,7 @@ class LegacyLinkFilter
            return $this->noFilter($visibility);
        }
-        $filtered = array();
+        $filtered = [];
        $search = mb_convert_case(html_entity_decode($searchterms), MB_CASE_LOWER, 'UTF-8');
        $exactRegex = '/"([^"]+)"/';
        // Retrieve exact search terms.
@ -198,8 +198,8 @@ class LegacyLinkFilter
        $explodedSearchAnd = array_values(array_filter($explodedSearchAnd));
        // Filter excluding terms and update andSearch.
-        $excludeSearch = array();
+        $excludeSearch = [];
-        $andSearch = array();
+        $andSearch = [];
        foreach ($explodedSearchAnd as $needle) {
            if ($needle[0] == '-' && strlen($needle) > 1) {
                $excludeSearch[] = substr($needle, 1);
@ -208,7 +208,7 @@ class LegacyLinkFilter
            }
        }
-        $keys = array('title', 'description', 'url', 'tags');
+        $keys = ['title', 'description', 'url', 'tags'];
        // Iterate over every stored link.
        foreach ($this->links as $id => $link) {
@ -336,7 +336,7 @@ class LegacyLinkFilter
        }
        // create resulting array
-        $filtered = array();
+        $filtered = [];
        // iterate over each link
        foreach ($this->links as $key => $link) {
@ -352,7 +352,7 @@ class LegacyLinkFilter
            $search = $link['tags']; // build search string, start with tags of current link
            if (strlen(trim($link['description'])) && strpos($link['description'], '#') !== false) {
                // description given and at least one possible tag found
-                $descTags = array();
+                $descTags = [];
                // find all tags in the form of #tag in the description
                preg_match_all(
                    '/(?<![' . self::$HASHTAG_CHARS . '])#([' . self::$HASHTAG_CHARS . ']+?)\b/sm',
@ -419,7 +419,7 @@ class LegacyLinkFilter
            throw new Exception('Invalid date format');
        }
-        $filtered = array();
+        $filtered = [];
        foreach ($this->links as $key => $l) {
            if ($l['created']->format('Ymd') == $day) {
                $filtered[$key] = $l;
--- a/application/legacy/LegacyUpdater.php
+++ b/application/legacy/LegacyUpdater.php
@ -7,7 +7,6 @@ use RainTPL;
 use ReflectionClass;
 use ReflectionException;
 use ReflectionMethod;
 use Shaarli\ApplicationUtils;
 use Shaarli\Bookmark\Bookmark;
 use Shaarli\Bookmark\BookmarkArray;
 use Shaarli\Bookmark\BookmarkFilter;
@ -17,6 +16,7 @@ use Shaarli\Config\ConfigJson;
 use Shaarli\Config\ConfigManager;
 use Shaarli\Config\ConfigPhp;
 use Shaarli\Exceptions\IOException;
 use Shaarli\Helper\ApplicationUtils;
 use Shaarli\Thumbnailer;
 use Shaarli\Updater\Exception\UpdaterException;
@ -93,7 +93,7 @@ class LegacyUpdater
     */
    public function update()
    {
-        $updatesRan = array();
+        $updatesRan = [];
        // If the user isn't logged in, exit without updating.
        if ($this->isLoggedIn !== true) {
@ -106,7 +106,8 @@ class LegacyUpdater
        foreach ($this->methods as $method) {
            // Not an update method or already done, pass.
-            if (!startsWith($method->getName(), 'updateMethod')
+            if (
                !startsWith($method->getName(), 'updateMethod')
                || in_array($method->getName(), $this->doneUpdates)
            ) {
                continue;
@ -189,7 +190,7 @@ class LegacyUpdater
        }
        // Set sub config keys (config and plugins)
-        $subConfig = array('config', 'plugins');
+        $subConfig = ['config', 'plugins'];
        foreach ($subConfig as $sub) {
            foreach ($oldConfig[$sub] as $key => $value) {
                if (isset($legacyMap[$sub . '.' . $key])) {
@ -259,7 +260,7 @@ class LegacyUpdater
        $save = $this->conf->get('resource.data_dir') . '/datastore.' . date('YmdHis') . '.php';
        copy($this->conf->get('resource.datastore'), $save);
-        $links = array();
+        $links = [];
        foreach ($this->linkDB as $offset => $value) {
            $links[] = $value;
            unset($this->linkDB[$offset]);
@ -498,7 +499,8 @@ class LegacyUpdater
     */
    public function updateMethodDownloadSizeAndTimeoutConf()
    {
-        if ($this->conf->exists('general.download_max_size')
+        if (
            $this->conf->exists('general.download_max_size')
            && $this->conf->exists('general.download_timeout')
        ) {
            return true;
@ -585,7 +587,7 @@ class LegacyUpdater
        $linksArray = new BookmarkArray();
        foreach ($this->linkDB as $key => $link) {
-            $linksArray[$key] = (new Bookmark())->fromArray($link);
+            $linksArray[$key] = (new Bookmark())->fromArray($link, $this->conf->get('general.tags_separator', ' '));
        }
        $linksIo = new BookmarkIO($this->conf);
        $linksIo->write($linksArray);
--- a/application/netscape/NetscapeBookmarkUtils.php
+++ b/application/netscape/NetscapeBookmarkUtils.php
@ -59,11 +59,11 @@ class NetscapeBookmarkUtils
        $indexUrl
    ) {
        // see tpl/export.html for possible values
-        if (!in_array($selection, array('all', 'public', 'private'))) {
+        if (!in_array($selection, ['all', 'public', 'private'])) {
            throw new Exception(t('Invalid export selection:') . ' "' . $selection . '"');
        }
-        $bookmarkLinks = array();
+        $bookmarkLinks = [];
        foreach ($this->bookmarkService->search([], $selection) as $bookmark) {
            $link = $formatter->format($bookmark);
            $link['taglist'] = implode(',', $bookmark->getTags());
@ -101,11 +101,11 @@ class NetscapeBookmarkUtils
        // Add tags to all imported bookmarks?
        if (empty($post['default_tags'])) {
-            $defaultTags = array();
+            $defaultTags = [];
        } else {
-            $defaultTags = preg_split(
+            $defaultTags = tags_str2array(
-                '/[\s,]+/',
+                escape($post['default_tags']),
-                escape($post['default_tags'])
+                $this->conf->get('general.tags_separator', ' ')
            );
        }
@ -171,7 +171,7 @@ class NetscapeBookmarkUtils
            $link->setUrl($bkm['uri'], $this->conf->get('security.allowed_protocols'));
            $link->setDescription($bkm['note']);
            $link->setPrivate($private);
-            $link->setTagsString($bkm['tags']);
+            $link->setTags($bkm['tags']);
            $this->bookmarkService->addOrSet($link, false);
            $importCount++;
--- a/application/plugin/PluginManager.php
+++ b/application/plugin/PluginManager.php
@ -1,4 +1,5 @@
 <?php
 namespace Shaarli\Plugin;
 use Shaarli\Config\ConfigManager;
@ -23,7 +24,7 @@ class PluginManager
     *
     * @var array $loadedPlugins
     */
-    private $loadedPlugins = array();
+    private $loadedPlugins = [];
    /**
     * @var ConfigManager Configuration Manager instance.
@ -57,7 +58,7 @@ class PluginManager
    public function __construct(&$conf)
    {
        $this->conf = $conf;
-        $this->errors = array();
+        $this->errors = [];
    }
    /**
@ -98,7 +99,7 @@ class PluginManager
     *
     * @return void
     */
-    public function executeHooks($hook, &$data, $params = array())
+    public function executeHooks($hook, &$data, $params = [])
    {
        $metadataParameters = [
            'target' => '_PAGE_',
@ -196,7 +197,7 @@ class PluginManager
     */
    public function getPluginsMeta()
    {
-        $metaData = array();
+        $metaData = [];
        $dirs = glob(self::$PLUGINS_PATH . '/*', GLOB_ONLYDIR | GLOB_MARK);
        // Browse all plugin directories.
@ -217,9 +218,9 @@ class PluginManager
            if (isset($metaData[$plugin]['parameters'])) {
                $params = explode(';', $metaData[$plugin]['parameters']);
            } else {
-                $params = array();
+                $params = [];
            }
-            $metaData[$plugin]['parameters'] = array();
+            $metaData[$plugin]['parameters'] = [];
            foreach ($params as $param) {
                if (empty($param)) {
                    continue;
--- a/application/plugin/exception/PluginFileNotFoundException.php
+++ b/application/plugin/exception/PluginFileNotFoundException.php
@ -1,4 +1,5 @@
 <?php
 namespace Shaarli\Plugin\Exception;
 use Exception;
--- a/application/render/PageBuilder.php
+++ b/application/render/PageBuilder.php
@ -3,11 +3,11 @@
 namespace Shaarli\Render;
 use Exception;
-use exceptions\MissingBasePathException;
+use Psr\Log\LoggerInterface;
 use RainTPL;
 use Shaarli\ApplicationUtils;
 use Shaarli\Bookmark\BookmarkServiceInterface;
 use Shaarli\Config\ConfigManager;
 use Shaarli\Helper\ApplicationUtils;
 use Shaarli\Security\SessionManager;
 use Shaarli\Thumbnailer;
@ -35,6 +35,9 @@ class PageBuilder
     */
    protected $session;
    /** @var LoggerInterface */
    protected $logger;
    /**
     * @var BookmarkServiceInterface $bookmarkService instance.
     */
@ -56,15 +59,23 @@ class PageBuilder
     *
     * @param ConfigManager $conf Configuration Manager instance (reference).
     * @param array $session $_SESSION array
-     * @param BookmarkServiceInterface $linkDB  instance.
+     * @param LoggerInterface $logger
-     * @param string                   $token   Session token
+     * @param null $linkDB instance.
     * @param null $token Session token
     * @param bool $isLoggedIn
     */
-    public function __construct(&$conf, $session, $linkDB = null, $token = null, $isLoggedIn = false)
+    public function __construct(
-    {
+        ConfigManager &$conf,
        array $session,
        LoggerInterface $logger,
        $linkDB = null,
        $token = null,
        $isLoggedIn = false
    ) {
        $this->tpl = false;
        $this->conf = $conf;
        $this->session = $session;
        $this->logger = $logger;
        $this->bookmarkService = $linkDB;
        $this->token = $token;
        $this->isLoggedIn = $isLoggedIn;
@ -98,7 +109,7 @@ class PageBuilder
            $this->tpl->assign('newVersion', escape($version));
            $this->tpl->assign('versionError', '');
        } catch (Exception $exc) {
-            logm($this->conf->get('resource.log'), $_SERVER['REMOTE_ADDR'], $exc->getMessage());
+            $this->logger->error(format_log('Error: ' . $exc->getMessage(), client_ip_id($_SERVER)));
            $this->tpl->assign('newVersion', '');
            $this->tpl->assign('versionError', escape($exc->getMessage()));
        }
@ -149,7 +160,8 @@ class PageBuilder
        $this->tpl->assign('formatter', $this->conf->get('formatter', 'default'));
-        $this->tpl->assign('links_per_page', $this->session['LINKS_PER_PAGE']);
+        $this->tpl->assign('links_per_page', $this->session['LINKS_PER_PAGE'] ?? 20);
        $this->tpl->assign('tags_separator', $this->conf->get('general.tags_separator', ' '));
        // To be removed with a proper theme configuration.
        $this->tpl->assign('conf', $this->conf);
--- a/application/render/TemplatePage.php
+++ b/application/render/TemplatePage.php
@ -14,6 +14,7 @@ interface TemplatePage
    public const DAILY = 'daily';
    public const DAILY_RSS = 'dailyrss';
    public const EDIT_LINK = 'editlink';
    public const EDIT_LINK_BATCH = 'editlink.batch';
    public const ERROR = 'error';
    public const EXPORT = 'export';
    public const NETSCAPE_EXPORT_BOOKMARKS = 'export.bookmarks';
--- a/application/security/BanManager.php
+++ b/application/security/BanManager.php
@ -1,9 +1,9 @@
 <?php
 namespace Shaarli\Security;
-use Shaarli\FileUtils;
+use Psr\Log\LoggerInterface;
 use Shaarli\Helper\FileUtils;
 /**
 * Class BanManager
@ -28,8 +28,8 @@ class BanManager
    /** @var string Path to the file containing IP bans and failures */
    protected $banFile;
-    /** @var string Path to the log file, used to log bans */
+    /** @var LoggerInterface Path to the log file, used to log bans */
-    protected $logFile;
+    protected $logger;
    /** @var array List of IP with their associated number of failed attempts */
    protected $failures = [];
@ -44,14 +44,16 @@ class BanManager
     * @param int             $nbAttempts     Number of allowed failed attempt before the ban
     * @param int             $banDuration    Ban duration in seconds
     * @param string          $banFile        Path to the file containing IP bans and failures
-     * @param string $logFile        Path to the log file, used to log bans
+     * @param LoggerInterface $logger         PSR-3 logger to save login attempts in log directory
     */
-    public function __construct($trustedProxies, $nbAttempts, $banDuration, $banFile, $logFile) {
+    public function __construct($trustedProxies, $nbAttempts, $banDuration, $banFile, LoggerInterface $logger)
    {
        $this->trustedProxies = $trustedProxies;
        $this->nbAttempts = $nbAttempts;
        $this->banDuration = $banDuration;
        $this->banFile = $banFile;
-        $this->logFile = $logFile;
+        $this->logger = $logger;
        $this->readBanFile();
    }
@ -78,11 +80,7 @@ class BanManager
        if ($this->failures[$ip] >= $this->nbAttempts) {
            $this->bans[$ip] = time() + $this->banDuration;
-            logm(
+            $this->logger->info(format_log('IP address banned from login: ' . $ip, $ip));
                $this->logFile,
                $server['REMOTE_ADDR'],
                'IP address banned from login: '. $ip
            );
        }
        $this->writeBanFile();
    }
@ -138,7 +136,7 @@ class BanManager
            unset($this->failures[$ip]);
        }
        unset($this->bans[$ip]);
-        logm($this->logFile, $server['REMOTE_ADDR'], 'Ban lifted for: '. $ip);
+        $this->logger->info(format_log('Ban lifted for: ' . $ip, $ip));
        $this->writeBanFile();
        return false;
--- a/application/security/LoginManager.php
+++ b/application/security/LoginManager.php
@ -1,7 +1,9 @@
 <?php
 namespace Shaarli\Security;
 use Exception;
 use Psr\Log\LoggerInterface;
 use Shaarli\Config\ConfigManager;
 /**
@ -31,6 +33,8 @@ class LoginManager
    protected $staySignedInToken = '';
    /** @var CookieManager */
    protected $cookieManager;
    /** @var LoggerInterface */
    protected $logger;
    /**
     * Constructor
@ -38,19 +42,21 @@ class LoginManager
     * @param ConfigManager $configManager Configuration Manager instance
     * @param SessionManager $sessionManager SessionManager instance
     * @param CookieManager $cookieManager CookieManager instance
     * @param BanManager $banManager
     * @param LoggerInterface $logger Used to log login attempts
     */
-    public function __construct($configManager, $sessionManager, $cookieManager)
+    public function __construct(
-    {
+        ConfigManager $configManager,
        SessionManager $sessionManager,
        CookieManager $cookieManager,
        BanManager $banManager,
        LoggerInterface $logger
    ) {
        $this->configManager = $configManager;
        $this->sessionManager = $sessionManager;
        $this->cookieManager = $cookieManager;
-        $this->banManager = new BanManager(
+        $this->banManager = $banManager;
-            $this->configManager->get('security.trusted_proxies', []),
+        $this->logger = $logger;
            $this->configManager->get('security.ban_after'),
            $this->configManager->get('security.ban_duration'),
            $this->configManager->get('resource.ban_file', 'data/ipbans.php'),
            $this->configManager->get('resource.log')
        );
        if ($this->configManager->get('security.open_shaarli') === true) {
            $this->openShaarli = true;
@ -101,7 +107,8 @@ class LoginManager
            // The user client has a valid stay-signed-in cookie
            // Session information is updated with the current client information
            $this->sessionManager->storeLoginInfo($clientIpId);
-        } elseif ($this->sessionManager->hasSessionExpired()
+        } elseif (
            $this->sessionManager->hasSessionExpired()
            || $this->sessionManager->hasClientIpChanged($clientIpId)
        ) {
            $this->sessionManager->logout();
@ -129,48 +136,35 @@ class LoginManager
    /**
     * Check user credentials are valid
     *
     * @param string $remoteIp   Remote client IP address
     * @param string $clientIpId Client IP address identifier
     * @param string $login      Username
     * @param string $password   Password
     *
     * @return bool true if the provided credentials are valid, false otherwise
     */
-    public function checkCredentials($remoteIp, $clientIpId, $login, $password)
+    public function checkCredentials($clientIpId, $login, $password)
    {
        // Check login matches config
        if ($login !== $this->configManager->get('credentials.login')) {
            return false;
        }
        // Check credentials
        try {
            $useLdapLogin = !empty($this->configManager->get('ldap.host'));
-            if ((false === $useLdapLogin && $this->checkCredentialsFromLocalConfig($login, $password))
+            if (
                $login === $this->configManager->get('credentials.login')
                && (
                    (false === $useLdapLogin && $this->checkCredentialsFromLocalConfig($login, $password))
                    || (true === $useLdapLogin && $this->checkCredentialsFromLdap($login, $password))
                )
            ) {
                $this->sessionManager->storeLoginInfo($clientIpId);
-                    logm(
+                $this->logger->info(format_log('Login successful', $clientIpId));
-                        $this->configManager->get('resource.log'),
+
                        $remoteIp,
                        'Login successful'
                    );
                return true;
            }
-        }
+        } catch (Exception $exception) {
-        catch(Exception $exception) {
+            $this->logger->info(format_log('Exception while checking credentials: ' . $exception, $clientIpId));
            logm(
                $this->configManager->get('resource.log'),
                $remoteIp,
                'Exception while checking credentials: ' . $exception
            );
        }
-        logm(
+        $this->logger->info(format_log('Login failed for user ' . $login, $clientIpId));
-            $this->configManager->get('resource.log'),
+
            $remoteIp,
            'Login failed for user ' . $login
        );
        return false;
    }
@ -183,7 +177,8 @@ class LoginManager
     *
     * @return bool true if the provided credentials are valid, false otherwise
     */
-    public function checkCredentialsFromLocalConfig($login, $password) {
+    public function checkCredentialsFromLocalConfig($login, $password)
    {
        $hash = sha1($password . $login . $this->configManager->get('credentials.salt'));
        return $login == $this->configManager->get('credentials.login')
--- a/application/security/SessionManager.php
+++ b/application/security/SessionManager.php
@ -1,4 +1,5 @@
 <?php
 namespace Shaarli\Security;
 use Shaarli\Config\ConfigManager;
@ -293,9 +294,12 @@ class SessionManager
        return session_start();
    }
-    public function cookieParameters(int $lifeTime, string $path, string $domain): bool
+    /**
     * Be careful, return type of session_set_cookie_params() changed between PHP 7.1 and 7.2.
     */
    public function cookieParameters(int $lifeTime, string $path, string $domain): void
    {
-        return session_set_cookie_params($lifeTime, $path, $domain);
+        session_set_cookie_params($lifeTime, $path, $domain);
    }
    public function regenerateId(bool $deleteOldSession = false): bool
--- a/application/updater/Updater.php
+++ b/application/updater/Updater.php
@ -88,7 +88,8 @@ class Updater
        foreach ($this->methods as $method) {
            // Not an update method or already done, pass.
-            if (! startsWith($method->getName(), 'updateMethod')
+            if (
                ! startsWith($method->getName(), 'updateMethod')
                || in_array($method->getName(), $this->doneUpdates)
            ) {
                continue;
@ -121,12 +122,12 @@ class Updater
    public function readUpdates(string $updatesFilepath): array
    {
-        return UpdaterUtils::read_updates_file($updatesFilepath);
+        return UpdaterUtils::readUpdatesFile($updatesFilepath);
    }
    public function writeUpdates(string $updatesFilepath, array $updates): void
    {
-        UpdaterUtils::write_updates_file($updatesFilepath, $updates);
+        UpdaterUtils::writeUpdatesFile($updatesFilepath, $updates);
    }
    /**
@ -152,7 +153,8 @@ class Updater
        $updated = false;
        foreach ($this->bookmarkService->search() as $bookmark) {
-            if ($bookmark->isNote()
+            if (
                $bookmark->isNote()
                && startsWith($bookmark->getUrl(), '?')
                && 1 === preg_match('/^\?([a-zA-Z0-9-_@]{6})($|&|#)/', $bookmark->getUrl(), $match)
            ) {
--- a/application/updater/UpdaterUtils.php
+++ b/application/updater/UpdaterUtils.php
@ -11,7 +11,7 @@ class UpdaterUtils
     *
     * @return array Already done update methods.
     */
-    public static function read_updates_file($updatesFilepath)
+    public static function readUpdatesFile($updatesFilepath)
    {
        if (! empty($updatesFilepath) && is_file($updatesFilepath)) {
            $content = file_get_contents($updatesFilepath);
@ -19,7 +19,7 @@ class UpdaterUtils
                return explode(';', $content);
            }
        }
-        return array();
+        return [];
    }
    /**
@ -30,7 +30,7 @@ class UpdaterUtils
     *
     * @throws \Exception Couldn't write version number.
     */
-    public static function write_updates_file($updatesFilepath, $updates)
+    public static function writeUpdatesFile($updatesFilepath, $updates)
    {
        if (empty($updatesFilepath)) {
            throw new \Exception('Updates file path is not set, can\'t write updates.');
--- a/assets/common/js/metadata.js
+++ b/assets/common/js/metadata.js
@ -56,19 +56,22 @@ function updateThumb(basePath, divElement, id) {
 (() => {
  const basePath = document.querySelector('input[name="js_base_path"]').value;
  const loaders = document.querySelectorAll('.loading-input');
  /*
   * METADATA FOR EDIT BOOKMARK PAGE
   */
-  const inputTitle = document.querySelector('input[name="lf_title"]');
+  const inputTitles = document.querySelectorAll('input[name="lf_title"]');
-  if (inputTitle != null) {
+  if (inputTitles != null) {
    [...inputTitles].forEach((inputTitle) => {
      const form = inputTitle.closest('form[name="linkform"]');
      const loaders = form.querySelectorAll('.loading-input');
      if (inputTitle.value.length > 0) {
        clearLoaders(loaders);
        return;
      }
-    const url = document.querySelector('input[name="lf_url"]').value;
+      const url = form.querySelector('input[name="lf_url"]').value;
      const xhr = new XMLHttpRequest();
      xhr.open('GET', `${basePath}/admin/metadata?url=${encodeURI(url)}`, true);
@ -77,7 +80,7 @@ function updateThumb(basePath, divElement, id) {
        const result = JSON.parse(xhr.response);
        Object.keys(result).forEach((key) => {
          if (result[key] !== null && result[key].length) {
-          const element = document.querySelector(`input[name="lf_${key}"], textarea[name="lf_${key}"]`);
+            const element = form.querySelector(`input[name="lf_${key}"], textarea[name="lf_${key}"]`);
            if (element != null && element.value.length === 0) {
              element.value = he.decode(result[key]);
            }
@ -87,6 +90,7 @@ function updateThumb(basePath, divElement, id) {
      };
      xhr.send();
    });
  }
  /*
--- a/assets/common/js/shaare-batch.js
+++ b/assets/common/js/shaare-batch.js
@ -0,0 +1,121 @@
 const sendBookmarkForm = (basePath, formElement) => {
  const inputs = formElement
    .querySelectorAll('input[type="text"], textarea, input[type="checkbox"], input[type="hidden"]');
  const formData = new FormData();
  [...inputs].forEach((input) => {
    formData.append(input.getAttribute('name'), input.value);
  });
  return new Promise((resolve, reject) => {
    const xhr = new XMLHttpRequest();
    xhr.open('POST', `${basePath}/admin/shaare`);
    xhr.onload = () => {
      if (xhr.status !== 200) {
        alert(`An error occurred. Return code: ${xhr.status}`);
        reject();
      } else {
        formElement.closest('.edit-link-container').remove();
        resolve();
      }
    };
    xhr.send(formData);
  });
 };
 const sendBookmarkDelete = (buttonElement, formElement) => (
  new Promise((resolve, reject) => {
    const xhr = new XMLHttpRequest();
    xhr.open('GET', buttonElement.href);
    xhr.onload = () => {
      if (xhr.status !== 200) {
        alert(`An error occurred. Return code: ${xhr.status}`);
        reject();
      } else {
        formElement.closest('.edit-link-container').remove();
        resolve();
      }
    };
    xhr.send();
  })
 );
 const redirectIfEmptyBatch = (basePath, formElements, path) => {
  if (formElements == null || formElements.length === 0) {
    window.location.href = `${basePath}${path}`;
  }
 };
 (() => {
  const basePath = document.querySelector('input[name="js_base_path"]').value;
  const getForms = () => document.querySelectorAll('form[name="linkform"]');
  const cancelButtons = document.querySelectorAll('[name="cancel-batch-link"]');
  if (cancelButtons != null) {
    [...cancelButtons].forEach((cancelButton) => {
      cancelButton.addEventListener('click', (e) => {
        e.preventDefault();
        e.target.closest('form[name="linkform"]').remove();
        redirectIfEmptyBatch(basePath, getForms(), '/admin/add-shaare');
      });
    });
  }
  const saveButtons = document.querySelectorAll('[name="save_edit"]');
  if (saveButtons != null) {
    [...saveButtons].forEach((saveButton) => {
      saveButton.addEventListener('click', (e) => {
        e.preventDefault();
        const formElement = e.target.closest('form[name="linkform"]');
        sendBookmarkForm(basePath, formElement)
          .then(() => redirectIfEmptyBatch(basePath, getForms(), '/'));
      });
    });
  }
  const saveAllButtons = document.querySelectorAll('[name="save_edit_batch"]');
  if (saveAllButtons != null) {
    [...saveAllButtons].forEach((saveAllButton) => {
      saveAllButton.addEventListener('click', (e) => {
        e.preventDefault();
        const forms = [...getForms()];
        const nbForm = forms.length;
        let current = 0;
        const progressBar = document.querySelector('.progressbar > div');
        const progressBarCurrent = document.querySelector('.progressbar-current');
        document.querySelector('.dark-layer').style.display = 'block';
        document.querySelector('.progressbar-max').innerHTML = nbForm;
        progressBarCurrent.innerHTML = current;
        const promises = [];
        forms.forEach((formElement) => {
          promises.push(sendBookmarkForm(basePath, formElement).then(() => {
            current += 1;
            progressBar.style.width = `${(current * 100) / nbForm}%`;
            progressBarCurrent.innerHTML = current;
          }));
        });
        Promise.all(promises).then(() => {
          window.location.href = basePath || '/';
        });
      });
    });
  }
  const deleteButtons = document.querySelectorAll('[name="delete_link"]');
  if (deleteButtons != null) {
    [...deleteButtons].forEach((deleteButton) => {
      deleteButton.addEventListener('click', (e) => {
        e.preventDefault();
        const formElement = e.target.closest('form[name="linkform"]');
        sendBookmarkDelete(e.target, formElement)
          .then(() => redirectIfEmptyBatch(basePath, getForms(), '/'));
      });
    });
  }
 })();
--- a/assets/default/js/base.js
+++ b/assets/default/js/base.js
@ -42,19 +42,21 @@ function refreshToken(basePath, callback) {
  xhr.send();
 }
-function createAwesompleteInstance(element, tags = []) {
+function createAwesompleteInstance(element, separator, tags = []) {
  const awesome = new Awesomplete(Awesomplete.$(element));
-  // Tags are separated by a space
+
-  awesome.filter = (text, input) => Awesomplete.FILTER_CONTAINS(text, input.match(/[^ ]*$/)[0]);
+  // Tags are separated by separator
  awesome.filter = (text, input) => Awesomplete.FILTER_CONTAINS(text, input.match(new RegExp(`[^${separator}]*$`))[0]);
  // Insert new selected tag in the input
  awesome.replace = (text) => {
-    const before = awesome.input.value.match(/^.+ \s*|/)[0];
+    const before = awesome.input.value.match(new RegExp(`^.+${separator}+|`))[0];
-    awesome.input.value = `${before}${text} `;
+    awesome.input.value = `${before}${text}${separator}`;
  };
  // Highlight found items
-  awesome.item = (text, input) => Awesomplete.ITEM(text, input.match(/[^ ]*$/)[0]);
+  awesome.item = (text, input) => Awesomplete.ITEM(text, input.match(new RegExp(`[^${separator}]*$`))[0]);
  // Don't display already selected items
-  const reg = /(\w+) /g;
+  // WARNING: pseudo classes does not seem to work with string litterals...
  const reg = new RegExp(`([^${separator}]+)${separator}`, 'g');
  let match;
  awesome.data = (item, input) => {
    while ((match = reg.exec(input))) {
@ -78,13 +80,14 @@ function createAwesompleteInstance(element, tags = []) {
 * @param selector  CSS selector
 * @param tags      Array of tags
 * @param instances List of existing awesomplete instances
 * @param separator Tags separator character
 */
-function updateAwesompleteList(selector, tags, instances) {
+function updateAwesompleteList(selector, tags, instances, separator) {
  if (instances.length === 0) {
    // First load: create Awesomplete instances
    const elements = document.querySelectorAll(selector);
    [...elements].forEach((element) => {
-      instances.push(createAwesompleteInstance(element, tags));
+      instances.push(createAwesompleteInstance(element, separator, tags));
    });
  } else {
    // Update awesomplete tag list
@ -214,6 +217,8 @@ function init(description) {
 (() => {
  const basePath = document.querySelector('input[name="js_base_path"]').value;
  const tagsSeparatorElement = document.querySelector('input[name="tags_separator"]');
  const tagsSeparator = tagsSeparatorElement ? tagsSeparatorElement.value || ' ' : ' ';
  /**
   * Handle responsive menu.
@ -294,7 +299,8 @@ function init(description) {
  const deleteLinks = document.querySelectorAll('.confirm-delete');
  [...deleteLinks].forEach((deleteLink) => {
    deleteLink.addEventListener('click', (event) => {
-      if (!confirm(document.getElementById('translation-delete-tag').innerHTML)) {
+      const type = event.currentTarget.getAttribute('data-type') || 'link';
      if (!confirm(document.getElementById(`translation-delete-${type}`).innerHTML)) {
        event.preventDefault();
      }
    });
@ -574,7 +580,7 @@ function init(description) {
          // Refresh awesomplete values
          existingTags = existingTags.map((tag) => (tag === fromtag ? totag : tag));
-          awesomepletes = updateAwesompleteList('.rename-tag-input', existingTags, awesomepletes);
+          awesomepletes = updateAwesompleteList('.rename-tag-input', existingTags, awesomepletes, tagsSeparator);
        }
      };
      xhr.send(`renametag=1&fromtag=${fromtagUrl}&totag=${encodeURIComponent(totag)}&token=${refreshedToken}`);
@ -614,14 +620,14 @@ function init(description) {
        refreshToken(basePath);
        existingTags = existingTags.filter((tagItem) => tagItem !== tag);
-        awesomepletes = updateAwesompleteList('.rename-tag-input', existingTags, awesomepletes);
+        awesomepletes = updateAwesompleteList('.rename-tag-input', existingTags, awesomepletes, tagsSeparator);
      }
    });
  });
  const autocompleteFields = document.querySelectorAll('input[data-multiple]');
  [...autocompleteFields].forEach((autocompleteField) => {
-    awesomepletes.push(createAwesompleteInstance(autocompleteField));
+    awesomepletes.push(createAwesompleteInstance(autocompleteField, tagsSeparator));
  });
  const exportForm = document.querySelector('#exportform');
@ -634,4 +640,33 @@ function init(description) {
      });
    });
  }
  const bulkCreationButton = document.querySelector('.addlink-batch-show-more-block');
  if (bulkCreationButton != null) {
    const toggleBulkCreationVisibility = (showMoreBlockElement, formElement) => {
      if (bulkCreationButton.classList.contains('pure-u-0')) {
        showMoreBlockElement.classList.remove('pure-u-0');
        formElement.classList.add('pure-u-0');
      } else {
        showMoreBlockElement.classList.add('pure-u-0');
        formElement.classList.remove('pure-u-0');
      }
    };
    const bulkCreationForm = document.querySelector('.addlink-batch-form-block');
    toggleBulkCreationVisibility(bulkCreationButton, bulkCreationForm);
    bulkCreationButton.querySelector('a').addEventListener('click', (e) => {
      e.preventDefault();
      toggleBulkCreationVisibility(bulkCreationButton, bulkCreationForm);
    });
    // Force to send falsy value if the checkbox is not checked.
    const privateButton = bulkCreationForm.querySelector('input[type="checkbox"][name="private"]');
    const privateHiddenButton = bulkCreationForm.querySelector('input[type="hidden"][name="private"]');
    privateButton.addEventListener('click', () => {
      privateHiddenButton.disabled = !privateHiddenButton.disabled;
    });
    privateHiddenButton.disabled = privateButton.checked;
  }
 })();
--- a/assets/default/scss/shaarli.scss
+++ b/assets/default/scss/shaarli.scss
@ -139,6 +139,16 @@ body,
  }
 }
 .page-form,
 .pure-alert {
  code {
    display: inline-block;
    padding: 0 2px;
    color: $dark-grey;
    background-color: var(--background-color);
  }
 }
 // Make pure-extras alert closable.
 .pure-alert-closable {
  .fa-times {
@ -1023,6 +1033,10 @@ body,
    &.button-red {
      background: $red;
    }
    &.button-grey {
      background: $light-grey;
    }
  }
  .submit-buttons {
@ -1047,7 +1061,7 @@ body,
  }
  table {
-    margin: auto;
+    margin: 10px auto 25px auto;
    width: 90%;
    .order {
@ -1083,6 +1097,11 @@ body,
          position: absolute;
          right: 5%;
        }
        &.button-grey {
          position: absolute;
          left: 5%;
        }
      }
    }
  }
@ -1257,11 +1276,15 @@ form {
    margin: 70px 0 25px;
  }
  a {
    color: var(--main-color);
  }
  pre {
    margin: 0 20%;
    padding: 20px 0;
    text-align: left;
-    line-height: .7em;
+    line-height: 1em;
  }
 }
@ -1696,6 +1719,123 @@ form {
  }
 }
 // SERVER PAGE
 .server-tables-page,
 .server-tables {
  .window-subtitle {
    &::before {
      display: block;
      margin: 8px auto;
      background: linear-gradient(to right, var(--background-color), $dark-grey, var(--background-color));
      width: 50%;
      height: 1px;
      content: '';
    }
  }
  .server-row {
    p {
      height: 25px;
      padding: 0 10px;
    }
  }
  .server-label {
    text-align: right;
    font-weight: bold;
  }
  i {
    &.fa-color-green {
      color: $main-green;
    }
    &.fa-color-orange {
      color: $orange;
    }
    &.fa-color-red {
      color: $red;
    }
  }
  @media screen and (max-width: 64em) {
    .server-label {
      text-align: center;
    }
    .server-row {
      p {
        text-align: center;
      }
    }
  }
 }
 // Batch creation
 input[name='save_edit_batch'] {
  @extend %page-form-button;
 }
 .addlink-batch-show-more {
  display: flex;
  align-items: center;
  margin: 20px 0 8px;
  a {
    color: var(--main-color);
    text-decoration: none;
  }
  &::before,
  &::after {
    content: "";
    flex-grow: 1;
    background: rgba(0, 0, 0, 0.35);
    height: 1px;
    font-size: 0;
    line-height: 0;
  }
  &::before {
    margin: 0 16px 0 0;
  }
  &::after {
    margin: 0 0 0 16px;
  }
 }
 .dark-layer {
  display: none;
  position: fixed;
  height: 100%;
  width: 100%;
  z-index: 998;
  background-color: rgba(0, 0, 0, .75);
  color: #fff;
  .screen-center {
    display: flex;
    flex-direction: column;
    justify-content: center;
    align-items: center;
    text-align: center;
    min-height: 100vh;
  }
  .progressbar {
    width: 33%;
  }
 }
 .addlink-batch-form-block {
  .pure-alert {
    margin: 25px 0 0 0;
  }
 }
 // Print rules
@media print {
  .shaarli-menu {
--- a/assets/vintage/css/shaarli.css
+++ b/assets/vintage/css/shaarli.css
@ -1122,6 +1122,16 @@ ul.errors {
    float: left;
 }
 ul.warnings {
    color: orange;
    float: left;
 }
 ul.successes {
    color: green;
    float: left;
 }
 #pluginsadmin {
    width: 80%;
    padding: 20px 0 0 20px;
@ -1248,3 +1258,54 @@ ul.errors {
    width: 0%;
    height: 10px;
 }
 .loading-input {
    position: relative;
 }
@keyframes around {
    0% {
        transform: rotate(0deg);
    }
    100% {
        transform: rotate(360deg);
    }
 }
 .loading-input .icon-container {
    position: absolute;
    right: 60px;
    top: calc(50% - 10px);
 }
 .loading-input .loader {
    position: relative;
    height: 20px;
    width: 20px;
    display: inline-block;
    animation: around 5.4s infinite;
 }
 .loading-input .loader::after,
 .loading-input .loader::before {
     content: "";
     background: #eee;
     position: absolute;
     display: inline-block;
     width: 100%;
     height: 100%;
     border-width: 2px;
     border-color: #333 #333 transparent transparent;
     border-style: solid;
     border-radius: 20px;
     box-sizing: border-box;
     top: 0;
     left: 0;
     animation: around 0.7s ease-in-out infinite;
 }
 .loading-input .loader::after {
     animation: around 0.7s ease-in-out 0.1s infinite;
     background: transparent;
 }
--- a/assets/vintage/js/base.js
+++ b/assets/vintage/js/base.js
@ -2,29 +2,38 @@ import Awesomplete from 'awesomplete';
 import 'awesomplete/awesomplete.css';
 (() => {
  const awp = Awesomplete.$;
  const autocompleteFields = document.querySelectorAll('input[data-multiple]');
  const tagsSeparatorElement = document.querySelector('input[name="tags_separator"]');
  const tagsSeparator = tagsSeparatorElement ? tagsSeparatorElement.value || ' ' : ' ';
  [...autocompleteFields].forEach((autocompleteField) => {
-    const awesomplete = new Awesomplete(awp(autocompleteField));
+    const awesome = new Awesomplete(Awesomplete.$(autocompleteField));
-    awesomplete.filter = (text, input) => Awesomplete.FILTER_CONTAINS(text, input.match(/[^ ]*$/)[0]);
+
-    awesomplete.replace = (text) => {
+    // Tags are separated by separator
-      const before = awesomplete.input.value.match(/^.+ \s*|/)[0];
+    awesome.filter = (text, input) => Awesomplete.FILTER_CONTAINS(
-      awesomplete.input.value = `${before}${text} `;
+      text,
      input.match(new RegExp(`[^${tagsSeparator}]*$`))[0],
    );
    // Insert new selected tag in the input
    awesome.replace = (text) => {
      const before = awesome.input.value.match(new RegExp(`^.+${tagsSeparator}+|`))[0];
      awesome.input.value = `${before}${text}${tagsSeparator}`;
    };
-    awesomplete.minChars = 1;
+    // Highlight found items
    awesome.item = (text, input) => Awesomplete.ITEM(text, input.match(new RegExp(`[^${tagsSeparator}]*$`))[0]);
-    autocompleteField.addEventListener('input', () => {
+    // Don't display already selected items
-      const proposedTags = autocompleteField.getAttribute('data-list').replace(/,/g, '').split(' ');
+    // WARNING: pseudo classes does not seem to work with string litterals...
-      const reg = /(\w+) /g;
+    const reg = new RegExp(`([^${tagsSeparator}]+)${tagsSeparator}`, 'g');
    let match;
-      while ((match = reg.exec(autocompleteField.value)) !== null) {
+    awesome.data = (item, input) => {
-        const id = proposedTags.indexOf(match[1]);
+      while ((match = reg.exec(input))) {
-        if (id !== -1) {
+        if (item === match[1]) {
-          proposedTags.splice(id, 1);
+          return '';
        }
      }
-
+      return item;
-      awesomplete.list = proposedTags;
+    };
-    });
+    awesome.minChars = 1;
  });
 })();
--- a/composer.json
+++ b/composer.json
@ -23,9 +23,10 @@
        "erusev/parsedown": "^1.6",
        "erusev/parsedown-extra": "^0.8.1",
        "gettext/gettext": "^4.4",
        "katzgrau/klogger": "^1.2",
        "malkusch/lock": "^2.1",
        "pubsubhubbub/publisher": "dev-master",
-        "shaarli/netscape-bookmark-parser": "^2.1",
+        "shaarli/netscape-bookmark-parser": "^3.0",
        "slim/slim": "^3.0"
    },
    "require-dev": {
@ -58,6 +59,7 @@
            "Shaarli\\Front\\Controller\\Admin\\": "application/front/controller/admin",
            "Shaarli\\Front\\Controller\\Visitor\\": "application/front/controller/visitor",
            "Shaarli\\Front\\Exception\\": "application/front/exceptions",
            "Shaarli\\Helper\\": "application/helper",
            "Shaarli\\Http\\": "application/http",
            "Shaarli\\Legacy\\": "application/legacy",
            "Shaarli\\Netscape\\": "application/netscape",
--- a/composer.lock
+++ b/composer.lock
@ -4,7 +4,7 @@
        "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
        "This file is @generated automatically"
    ],
-    "content-hash": "932b191006135ff8be495aa0b4ba7e09",
+    "content-hash": "83852dec81e299a117a81206a5091472",
    "packages": [
        {
            "name": "arthurhoaro/web-thumbnailer",
@ -786,24 +786,25 @@
        },
        {
            "name": "shaarli/netscape-bookmark-parser",
-            "version": "v2.2.0",
+            "version": "v3.0.1",
            "source": {
                "type": "git",
                "url": "https://github.com/shaarli/netscape-bookmark-parser.git",
-                "reference": "432a010af2bb1832d6fbc4763e6b0100b980a1df"
+                "reference": "d2321f30413944b2d0a9844bf8cc588c71ae6305"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/shaarli/netscape-bookmark-parser/zipball/432a010af2bb1832d6fbc4763e6b0100b980a1df",
+                "url": "https://api.github.com/repos/shaarli/netscape-bookmark-parser/zipball/d2321f30413944b2d0a9844bf8cc588c71ae6305",
-                "reference": "432a010af2bb1832d6fbc4763e6b0100b980a1df",
+                "reference": "d2321f30413944b2d0a9844bf8cc588c71ae6305",
                "shasum": ""
            },
            "require": {
                "katzgrau/klogger": "~1.0",
-                "php": ">=5.6"
+                "php": ">=7.1"
            },
            "require-dev": {
-                "phpunit/phpunit": "^5.0"
+                "phpunit/phpunit": "^7.0 || ^8.0 || ^9.0",
                "squizlabs/php_codesniffer": "^3.5"
            },
            "type": "library",
            "autoload": {
@ -839,9 +840,9 @@
            ],
            "support": {
                "issues": "https://github.com/shaarli/netscape-bookmark-parser/issues",
-                "source": "https://github.com/shaarli/netscape-bookmark-parser/tree/v2.2.0"
+                "source": "https://github.com/shaarli/netscape-bookmark-parser/tree/v3.0.1"
            },
-            "time": "2020-06-06T15:53:53+00:00"
+            "time": "2020-11-03T12:27:58+00:00"
        },
        {
            "name": "slim/slim",
@ -1713,12 +1714,12 @@
            "source": {
                "type": "git",
                "url": "https://github.com/Roave/SecurityAdvisories.git",
-                "reference": "ba5d234b3a1559321b816b64aafc2ce6728799ff"
+                "reference": "065a018d3b5c2c84a53db3347cca4e1b7fa362a6"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/Roave/SecurityAdvisories/zipball/ba5d234b3a1559321b816b64aafc2ce6728799ff",
+                "url": "https://api.github.com/repos/Roave/SecurityAdvisories/zipball/065a018d3b5c2c84a53db3347cca4e1b7fa362a6",
-                "reference": "ba5d234b3a1559321b816b64aafc2ce6728799ff",
+                "reference": "065a018d3b5c2c84a53db3347cca4e1b7fa362a6",
                "shasum": ""
            },
            "conflict": {
@ -1734,7 +1735,7 @@
                "bagisto/bagisto": "<0.1.5",
                "barrelstrength/sprout-base-email": "<1.2.7",
                "barrelstrength/sprout-forms": "<3.9",
-                "baserproject/basercms": ">=4,<=4.3.6",
+                "baserproject/basercms": ">=4,<=4.3.6|>=4.4,<4.4.1",
                "bolt/bolt": "<3.7.1",
                "brightlocal/phpwhois": "<=4.2.5",
                "buddypress/buddypress": "<5.1.2",
@ -1818,6 +1819,7 @@
                "magento/magento1ee": ">=1,<1.14.4.3",
                "magento/product-community-edition": ">=2,<2.2.10|>=2.3,<2.3.2-p.2",
                "marcwillmann/turn": "<0.3.3",
                "mediawiki/core": ">=1.31,<1.31.9|>=1.32,<1.32.4|>=1.33,<1.33.3|>=1.34,<1.34.3|>=1.34.99,<1.35",
                "mittwald/typo3_forum": "<1.2.1",
                "monolog/monolog": ">=1.8,<1.12",
                "namshi/jose": "<2.2",
@ -1832,7 +1834,8 @@
                "onelogin/php-saml": "<2.10.4",
                "oneup/uploader-bundle": "<1.9.3|>=2,<2.1.5",
                "openid/php-openid": "<2.3",
-                "openmage/magento-lts": "<19.4.6|>=20,<20.0.2",
+                "openmage/magento-lts": "<19.4.8|>=20,<20.0.4",
                "orchid/platform": ">=9,<9.4.4",
                "oro/crm": ">=1.7,<1.7.4",
                "oro/platform": ">=1.7,<1.7.4",
                "padraic/humbug_get_contents": "<1.1.2",
@ -1867,8 +1870,8 @@
                "scheb/two-factor-bundle": ">=0,<3.26|>=4,<4.11",
                "sensiolabs/connect": "<4.2.3",
                "serluck/phpwhois": "<=4.2.6",
-                "shopware/core": "<=6.3.1",
+                "shopware/core": "<=6.3.2",
-                "shopware/platform": "<=6.3.1",
+                "shopware/platform": "<=6.3.2",
                "shopware/shopware": "<5.3.7",
                "silverstripe/admin": ">=1.0.3,<1.0.4|>=1.1,<1.1.1",
                "silverstripe/assets": ">=1,<1.4.7|>=1.5,<1.5.2",
@ -1901,7 +1904,7 @@
                "sylius/grid": ">=1,<1.1.19|>=1.2,<1.2.18|>=1.3,<1.3.13|>=1.4,<1.4.5|>=1.5,<1.5.1",
                "sylius/grid-bundle": ">=1,<1.1.19|>=1.2,<1.2.18|>=1.3,<1.3.13|>=1.4,<1.4.5|>=1.5,<1.5.1",
                "sylius/resource-bundle": "<1.3.14|>=1.4,<1.4.7|>=1.5,<1.5.2|>=1.6,<1.6.4",
-                "sylius/sylius": "<1.3.16|>=1.4,<1.4.12|>=1.5,<1.5.9|>=1.6,<1.6.5",
+                "sylius/sylius": "<1.6.9|>=1.7,<1.7.9|>=1.8,<1.8.3",
                "symbiote/silverstripe-multivaluefield": ">=3,<3.0.99",
                "symbiote/silverstripe-versionedfiles": "<=2.0.3",
                "symfony/cache": ">=3.1,<3.4.35|>=4,<4.2.12|>=4.3,<4.3.8",
@ -2018,7 +2021,7 @@
                    "type": "tidelift"
                }
            ],
-            "time": "2020-10-08T21:02:27+00:00"
+            "time": "2020-11-01T20:01:47+00:00"
        },
        {
            "name": "sebastian/code-unit-reverse-lookup",
@ -2632,16 +2635,16 @@
        },
        {
            "name": "squizlabs/php_codesniffer",
-            "version": "3.5.6",
+            "version": "3.5.8",
            "source": {
                "type": "git",
                "url": "https://github.com/squizlabs/PHP_CodeSniffer.git",
-                "reference": "e97627871a7eab2f70e59166072a6b767d5834e0"
+                "reference": "9d583721a7157ee997f235f327de038e7ea6dac4"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/squizlabs/PHP_CodeSniffer/zipball/e97627871a7eab2f70e59166072a6b767d5834e0",
+                "url": "https://api.github.com/repos/squizlabs/PHP_CodeSniffer/zipball/9d583721a7157ee997f235f327de038e7ea6dac4",
-                "reference": "e97627871a7eab2f70e59166072a6b767d5834e0",
+                "reference": "9d583721a7157ee997f235f327de038e7ea6dac4",
                "shasum": ""
            },
            "require": {
@ -2684,24 +2687,24 @@
                "source": "https://github.com/squizlabs/PHP_CodeSniffer",
                "wiki": "https://github.com/squizlabs/PHP_CodeSniffer/wiki"
            },
-            "time": "2020-08-10T04:50:15+00:00"
+            "time": "2020-10-23T02:01:07+00:00"
        },
        {
            "name": "symfony/polyfill-ctype",
-            "version": "v1.18.1",
+            "version": "v1.20.0",
            "source": {
                "type": "git",
                "url": "https://github.com/symfony/polyfill-ctype.git",
-                "reference": "1c302646f6efc070cd46856e600e5e0684d6b454"
+                "reference": "f4ba089a5b6366e453971d3aad5fe8e897b37f41"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/symfony/polyfill-ctype/zipball/1c302646f6efc070cd46856e600e5e0684d6b454",
+                "url": "https://api.github.com/repos/symfony/polyfill-ctype/zipball/f4ba089a5b6366e453971d3aad5fe8e897b37f41",
-                "reference": "1c302646f6efc070cd46856e600e5e0684d6b454",
+                "reference": "f4ba089a5b6366e453971d3aad5fe8e897b37f41",
                "shasum": ""
            },
            "require": {
-                "php": ">=5.3.3"
+                "php": ">=7.1"
            },
            "suggest": {
                "ext-ctype": "For best performance"
@ -2709,7 +2712,7 @@
            "type": "library",
            "extra": {
                "branch-alias": {
-                    "dev-master": "1.18-dev"
+                    "dev-main": "1.20-dev"
                },
                "thanks": {
                    "name": "symfony/polyfill",
@ -2747,7 +2750,7 @@
                "portable"
            ],
            "support": {
-                "source": "https://github.com/symfony/polyfill-ctype/tree/v1.18.0"
+                "source": "https://github.com/symfony/polyfill-ctype/tree/v1.20.0"
            },
            "funding": [
                {
@ -2763,7 +2766,7 @@
                    "type": "tidelift"
                }
            ],
-            "time": "2020-07-14T12:35:20+00:00"
+            "time": "2020-10-23T14:02:19+00:00"
        },
        {
            "name": "theseer/tokenizer",
--- a/doc/md/Docker.md
+++ b/doc/md/Docker.md
@ -1,3 +1,4 @@
 # Docker
 [Docker](https://docs.docker.com/get-started/overview/) is an open platform for developing, shipping, and running applications
@ -113,9 +114,11 @@ $ mkdir shaarli && cd shaarli
 # Download the latest version of Shaarli's docker-compose.yml
 $ curl -L https://raw.githubusercontent.com/shaarli/Shaarli/latest/docker-compose.yml -o docker-compose.yml
 # Create the .env file and fill in your VPS and domain information
-# (replace <MY_SHAARLI_DOMAIN> and <MY_CONTACT_EMAIL> with your actual information)
+# (replace <shaarli.mydomain.org>, <admin@mydomain.org> and <latest> with your actual information)
 $ echo 'SHAARLI_VIRTUAL_HOST=shaarli.mydomain.org' > .env
 $ echo 'SHAARLI_LETSENCRYPT_EMAIL=admin@mydomain.org' >> .env
 # Available Docker tags can be found at https://hub.docker.com/r/shaarli/shaarli/tags
 $ echo 'SHAARLI_DOCKER_TAG=latest' >> .env
 # Pull the Docker images
 $ docker-compose pull
 # Run!
--- a/doc/md/Server-configuration.md
+++ b/doc/md/Server-configuration.md
@ -193,19 +193,24 @@ sudo nano /etc/apache2/sites-available/shaarli.mydomain.org.conf
        Require all granted
    </Directory>
-    <LocationMatch "/\.">
+    # BE CAREFUL: directives order matter!
        # Prevent accessing dotfiles
        RedirectMatch 404 ".*"
    </LocationMatch>
-    <LocationMatch "\.(?:ico|css|js|gif|jpe?g|png)$">
+    <FilesMatch ".*\.(?!(ico|css|js|gif|jpe?g|png|ttf|oet|woff2?)$)[^\.]*$">
        Require all denied
    </FilesMatch>
    <Files "index.php">
        Require all granted
    </Files>
    <FilesMatch "\.(?:ico|css|js|gif|jpe?g|png|ttf|oet|woff2)$">
        # allow client-side caching of static files
        Header set Cache-Control "max-age=2628000, public, must-revalidate, proxy-revalidate"
-    </LocationMatch>
+    </FilesMatch>
    # serve the Shaarli favicon from its custom location
    Alias favicon.ico /var/www/shaarli.mydomain.org/images/favicon.ico
 </VirtualHost>
 ```
@ -296,7 +301,7 @@ server {
    location / {
        # default index file when no file URI is requested
        index index.php;
-        try_files $uri /index.php$is_args$args;
+        try_files _ /index.php$is_args$args;
    }
    location ~ (index)\.php$ {
@ -309,23 +314,7 @@ server {
        include        fastcgi.conf;
    }
-    location ~ \.php$ {
+    location ~ /doc/html/ {
        # deny access to all other PHP scripts
        # disable this if you host other PHP applications on the same virtualhost
        deny all;
    }
    location ~ /\. {
        # deny access to dotfiles
        deny all;
    }
    location ~ ~$ {
        # deny access to temp editor files, e.g. "script.php~"
        deny all;
    }
    location ~ /doc/ {
        default_type "text/html";
        try_files $uri $uri/ $uri.html =404;
    }
@ -336,13 +325,12 @@ server {
    }
    # allow client-side caching of static files
-    location ~* \.(?:ico|css|js|gif|jpe?g|png)$ {
+    location ~* \.(?:ico|css|js|gif|jpe?g|png|ttf|oet|woff2?)$ {
        expires    max;
        add_header Cache-Control "public, must-revalidate, proxy-revalidate";
        # HTTP 1.0 compatibility
        add_header Pragma public;
    }
 }
 ```
--- a/doc/md/Shaarli-configuration.md
+++ b/doc/md/Shaarli-configuration.md
@ -74,6 +74,7 @@ Some settings can be configured directly from a web browser by accesing the `Too
        "timezone": "Europe\/Paris",
        "title": "My Shaarli",
        "header_link": "?"
        "tags_separator": " "
    },
    "dev": {
        "debug": false,
@ -153,6 +154,7 @@ _These settings should not be edited_
 - **enable_async_metadata** (boolean): Retrieve external bookmark metadata asynchronously to prevent bookmark creation slowdown.
 - **retrieve_description** (boolean): If set to true, for every new Shaare Shaarli will try to retrieve the description and keywords from the HTML meta tags.
 - **root_url**: Overrides automatic discovery of Shaarli instance's URL (e.g.) `https://sub.domain.tld/shaarli-folder/`.
 - **tags_separator**: Defines your tags separator (default: whitespace).
 ### Security
@ -164,6 +166,22 @@ _These settings should not be edited_
 - **trusted_proxies**: List of trusted IP which won't be banned after failed login attemps. Useful if Shaarli is behind a reverse proxy.
 - **allowed_protocols**: List of allowed protocols in shaare URLs or markdown-rendered descriptions. Useful if you want to store `javascript:` links (bookmarklets) in Shaarli (default: `["ftp", "ftps", "magnet"]`).
 ### Formatter
 Single string value. Default available:
  - `default`: supports line breaks, URL and hashtag auto-links.
  - `markdown`: supports [Markdown](https://daringfireball.net/projects/markdown/syntax).
  - `markdownExtra`: adds [extra](https://michelf.ca/projects/php-markdown/extra/) flavor to Markdown.
 ### Formatter Settings
 Additional settings applied to formatters.
 #### default
  - **autolink**: boolean to enable or disable automatic linkification of URL and hashtags.
 ### Resources
 - **data_dir**: Data directory.
--- a/doc/md/dev/Development.md
+++ b/doc/md/dev/Development.md
@ -163,11 +163,13 @@ See [`.travis.yml`](https://github.com/shaarli/Shaarli/blob/master/.travis.yml).
 ## Static analysis
-Patches should try to stick to the [PHP Standard Recommendations](http://www.php-fig.org/psr/) (PSR), especially:
+Patches should try to stick to the [PHP Standard Recommendations](http://www.php-fig.org/psr/) (PSR), and must follow:
 - [PSR-1](http://www.php-fig.org/psr/psr-1/) - Basic Coding Standard
 - [PSR-2](http://www.php-fig.org/psr/psr-2/) - Coding Style Guide
 - [PSR-12](http://www.php-fig.org/psr/psr-12/) - Extended Coding Style  Guide
 These are enforced on pull requests using our Continuous Integration tools.
 **Work in progress:** Static analysis is currently being discussed here: in [#95 - Fix coding style (static analysis)](https://github.com/shaarli/Shaarli/issues/95), [#130 - Continuous Integration tools & features](https://github.com/shaarli/Shaarli/issues/130)
--- a/doc/md/dev/Release-Shaarli.md
+++ b/doc/md/dev/Release-Shaarli.md
@ -64,6 +64,14 @@ git pull upstream master
 # If releasing a new minor version, create a release branch
 $ git checkout -b v0.x
 # Otherwise just use the existing one
 $ git checkout v0.x
 # Get the latest changes
 $ git merge master
 # Check that everything went fine:
 $ make test
 # Bump shaarli_version.php from dev to 0.x.0, **without the v**
 $ vim shaarli_version.php
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -2,12 +2,13 @@
 # Shaarli - Docker Compose example configuration
 #
 # See:
-# - https://shaarli.readthedocs.io/en/master/docker/shaarli-images/
+# - https://shaarli.readthedocs.io/en/master/Docker/#docker-compose
 # - https://shaarli.readthedocs.io/en/master/guides/install-shaarli-with-debian9-and-docker/
 #
 # Environment variables:
 # - SHAARLI_VIRTUAL_HOST      Fully Qualified Domain Name for the Shaarli instance
 # - SHAARLI_LETSENCRYPT_EMAIL Contact email for certificate renewal
 # - SHAARLI_DOCKER_TAG        Shaarli docker tag to use
 #                             See: https://hub.docker.com/r/shaarli/shaarli/tags
 version: '3'
 networks:
@ -20,7 +21,7 @@ volumes:
 services:
  shaarli:
-    image: shaarli/shaarli:master
+    image: shaarli/shaarli:${SHAARLI_DOCKER_TAG}
    build: ./
    networks:
      - http-proxy
@ -40,7 +41,7 @@ services:
      - "--entrypoints=Name:https Address::443 TLS"
      - "--retry"
      - "--docker"
-      - "--docker.domain=docker.localhost"
+      - "--docker.domain=${SHAARLI_VIRTUAL_HOST}"
      - "--docker.exposedbydefault=true"
      - "--docker.watch=true"
      - "--acme"
--- a/inc/languages/fr/LC_MESSAGES/shaarli.po
+++ b/inc/languages/fr/LC_MESSAGES/shaarli.po
--- a/inc/languages/ru/LC_MESSAGES/shaarli.po
+++ b/inc/languages/ru/LC_MESSAGES/shaarli.po
--- a/index.php
+++ b/index.php
@ -1,4 +1,5 @@
 <?php
 /**
 * Shaarli - The personal, minimalist, super-fast, database free, bookmarking service.
 *
@ -25,9 +26,12 @@ require_once 'application/Utils.php';
 require_once __DIR__ . '/init.php';
 use Katzgrau\KLogger\Logger;
 use Psr\Log\LogLevel;
 use Shaarli\Config\ConfigManager;
 use Shaarli\Container\ContainerBuilder;
 use Shaarli\Languages;
 use Shaarli\Security\BanManager;
 use Shaarli\Security\CookieManager;
 use Shaarli\Security\LoginManager;
 use Shaarli\Security\SessionManager;
@ -48,10 +52,22 @@ if ($conf->get('dev.debug', false)) {
    });
 }
 $logger = new Logger(
    dirname($conf->get('resource.log')),
    !$conf->get('dev.debug') ? LogLevel::INFO : LogLevel::DEBUG,
    ['filename' => basename($conf->get('resource.log'))]
 );
 $sessionManager = new SessionManager($_SESSION, $conf, session_save_path());
 $sessionManager->initialize();
 $cookieManager = new CookieManager($_COOKIE);
-$loginManager = new LoginManager($conf, $sessionManager, $cookieManager);
+$banManager = new BanManager(
    $conf->get('security.trusted_proxies', []),
    $conf->get('security.ban_after'),
    $conf->get('security.ban_duration'),
    $conf->get('resource.ban_file', 'data/ipbans.php'),
    $logger
 );
 $loginManager = new LoginManager($conf, $sessionManager, $cookieManager, $banManager, $logger);
 $loginManager->generateStaySignedInToken($_SERVER['REMOTE_ADDR']);
 // Sniff browser language and set date format accordingly.
@ -71,7 +87,7 @@ date_default_timezone_set($conf->get('general.timezone', 'UTC'));
 $loginManager->checkLoginState(client_ip_id($_SERVER));
-$containerBuilder = new ContainerBuilder($conf, $sessionManager, $cookieManager, $loginManager);
+$containerBuilder = new ContainerBuilder($conf, $sessionManager, $cookieManager, $loginManager, $logger);
 $container = $containerBuilder->build();
 $app = new App($container);
@ -110,13 +126,16 @@ $app->group('/admin', function () {
    $this->post('/configure', '\Shaarli\Front\Controller\Admin\ConfigureController:save');
    $this->get('/tags', '\Shaarli\Front\Controller\Admin\ManageTagController:index');
    $this->post('/tags', '\Shaarli\Front\Controller\Admin\ManageTagController:save');
-    $this->get('/add-shaare', '\Shaarli\Front\Controller\Admin\ManageShaareController:addShaare');
+    $this->post('/tags/change-separator', '\Shaarli\Front\Controller\Admin\ManageTagController:changeSeparator');
-    $this->get('/shaare', '\Shaarli\Front\Controller\Admin\ManageShaareController:displayCreateForm');
+    $this->get('/add-shaare', '\Shaarli\Front\Controller\Admin\ShaareAddController:addShaare');
-    $this->get('/shaare/{id:[0-9]+}', '\Shaarli\Front\Controller\Admin\ManageShaareController:displayEditForm');
+    $this->get('/shaare', '\Shaarli\Front\Controller\Admin\ShaarePublishController:displayCreateForm');
-    $this->post('/shaare', '\Shaarli\Front\Controller\Admin\ManageShaareController:save');
+    $this->get('/shaare/{id:[0-9]+}', '\Shaarli\Front\Controller\Admin\ShaarePublishController:displayEditForm');
-    $this->get('/shaare/delete', '\Shaarli\Front\Controller\Admin\ManageShaareController:deleteBookmark');
+    $this->get('/shaare/private/{hash}', '\Shaarli\Front\Controller\Admin\ShaareManageController:sharePrivate');
-    $this->get('/shaare/visibility', '\Shaarli\Front\Controller\Admin\ManageShaareController:changeVisibility');
+    $this->post('/shaare-batch', '\Shaarli\Front\Controller\Admin\ShaarePublishController:displayCreateBatchForms');
-    $this->get('/shaare/{id:[0-9]+}/pin', '\Shaarli\Front\Controller\Admin\ManageShaareController:pinBookmark');
+    $this->post('/shaare', '\Shaarli\Front\Controller\Admin\ShaarePublishController:save');
    $this->get('/shaare/delete', '\Shaarli\Front\Controller\Admin\ShaareManageController:deleteBookmark');
    $this->get('/shaare/visibility', '\Shaarli\Front\Controller\Admin\ShaareManageController:changeVisibility');
    $this->get('/shaare/{id:[0-9]+}/pin', '\Shaarli\Front\Controller\Admin\ShaareManageController:pinBookmark');
    $this->patch(
        '/shaare/{id:[0-9]+}/update-thumbnail',
        '\Shaarli\Front\Controller\Admin\ThumbnailsController:ajaxUpdate'
@ -128,6 +147,8 @@ $app->group('/admin', function () {
    $this->get('/plugins', '\Shaarli\Front\Controller\Admin\PluginsController:index');
    $this->post('/plugins', '\Shaarli\Front\Controller\Admin\PluginsController:save');
    $this->get('/token', '\Shaarli\Front\Controller\Admin\TokenController:getToken');
    $this->get('/server', '\Shaarli\Front\Controller\Admin\ServerController:index');
    $this->get('/clear-cache', '\Shaarli\Front\Controller\Admin\ServerController:clearCache');
    $this->get('/thumbnails', '\Shaarli\Front\Controller\Admin\ThumbnailsController:index');
    $this->get('/metadata', '\Shaarli\Front\Controller\Admin\MetadataController:ajaxRetrieveTitle');
    $this->get('/visibility/{visibility}', '\Shaarli\Front\Controller\Admin\SessionFilterController:visibility');
--- a/init.php
+++ b/init.php
@ -2,7 +2,7 @@
 require_once __DIR__ . '/vendor/autoload.php';
-use Shaarli\ApplicationUtils;
+use Shaarli\Helper\ApplicationUtils;
 use Shaarli\Security\SessionManager;
 // Set 'UTC' as the default timezone if it is not defined in php.ini
--- a/Show more
+++ b/Show more