Commit graph

117 commits

Author SHA1 Message Date
ArthurHoaro
efb7d21b52 Add strict types for bookmarks management
Parameters typing and using strict types overall increase the codebase
quality by enforcing the a given parameter will have the expected type.

It also removes the need to unnecessary unit tests checking methods
behavior with invalid input.
2020-10-13 13:50:11 +02:00
ArthurHoaro
8fabcd0224 Add Markdown Extra formatter
Library: [Parsedown Extra](https://github.com/erusev/parsedown-extra)

Also sort dependencies alphabetically.

Fixes #1169
2020-10-13 12:20:34 +02:00
ArthurHoaro
72fbbcd679 Security: fix multiple XSS vulnerabilities + fix search tags with special chars
XSS vulnerabilities fixed in editlink, linklist, tag.cloud and tag.list.

Also fixed tag search with special characters: urlencode function needs to be applied on raw data, before espaping, otherwise the rendered URL is wrong.
2020-10-06 17:30:18 +02:00
ArthurHoaro
80a3efe116 Fix a bug preventing to edit bookmark with ID #0 2020-09-30 15:31:34 +02:00
ArthurHoaro
1ea09a1b8b Fix warning if the encoding retrieved from external headers is invalid
Also fixed the regex to support this failing header: charset="utf-8"\r\n"
2020-09-30 11:11:19 +02:00
ArthurHoaro
abe033be85 Fix invalid redirection using the path of an external domain
Fixes #1554
2020-09-22 15:37:26 +02:00
ArthurHoaro
5baafe5001
Merge pull request #1559 from ArthurHoaro/fix/edit-redirect
Fix redirection to referer after editing a link
2020-09-22 14:15:13 +02:00
ArthurHoaro
98e7a59ca2
Merge pull request #1539 from ArthurHoaro/feature/manual-root-url 2020-09-22 14:08:54 +02:00
ArthurHoaro
2785d85e0a Fix redirection to referer after editing a link
Fixes #1545
2020-09-22 14:04:10 +02:00
ArthurHoaro
0d930454a2
Merge pull request #1553 from ArthurHoaro/fix/404-page
Properly handle 404 errors
2020-09-12 21:41:58 +02:00
ArthurHoaro
b93cfeba7b Fix subfolder configuration in unit tests 2020-09-12 21:39:01 +02:00
ArthurHoaro
4ff703e369 Plugins: do not save metadata along plugin parameters
Also prevent the token to be saved.

Fixes #1550
2020-09-12 13:29:34 +02:00
ArthurHoaro
d52ab0b1e9 Properly handle 404 errors
Use 404 template instead of default Slim error page if the route is not found.

Fixes #827
2020-09-12 12:42:19 +02:00
ArthurHoaro
949a095310
Merge pull request #1538 from ArthurHoaro/feature/plugins-bookmark-service
Inject BookmarkServiceInterface in plugins data
2020-09-06 14:13:16 +02:00
ArthurHoaro
80b708a878 Inject BookmarkServiceInterface in plugins data
Related discussion: ilesinge/shaarli-related#7
2020-09-03 15:08:08 +02:00
ArthurHoaro
46d3f8162b
Merge pull request #1537 from ArthurHoaro/fix/back-compatible-targets 2020-09-03 14:57:24 +02:00
ArthurHoaro
ce7918386a Improve backward compatibility for LegacyRouter
LegacyRouter is no longer used for routing, only in existing plugins to match the _PAGE_ parameter.
So we change a few of its values there, to match the new ones defined in TemplatePage.

@see discussion in shaarli/Shaarli#1537
2020-09-03 10:09:36 +02:00
ArthurHoaro
14fcfb5213 Fix login loop for private instances
GET /login and POST /login have 2 distinct route name.

Fixes #1533
2020-09-01 11:26:24 +02:00
ArthurHoaro
7e3dc0ba98 Better handling of plugin incompatibility
If a PHP is raised while executing plugin hook, Shaarli will display an error instead of rendering the error page (or just ending in fatal error for default hooks).
Also added phpErrorHandler which is handled differently that regular errorHandler by Slim.:
2020-08-27 12:04:36 +02:00
ArthurHoaro
0c6fdbe12b Move error handling to dedicated controller instead of middleware 2020-08-21 10:50:44 +02:00
ArthurHoaro
bedbb845ee Move all admin controller into a dedicated group
Also handle authentication check in a new middleware for the admin group.
2020-08-13 11:08:13 +02:00
ArthurHoaro
d6e5f04d39 Remove anonymous permission and initialize bookmarks on login 2020-08-01 11:10:57 +02:00
ArthurHoaro
f7f08ceec1 Fix basePath in unit tests reference DB 2020-07-28 22:34:45 +02:00
ArthurHoaro
301c7ab1a0 Better support for notes permalink 2020-07-28 20:46:11 +02:00
ArthurHoaro
a285668ec4 Fix redirection after post install login 2020-07-27 12:34:17 +02:00
ArthurHoaro
9fbc42294e New basePath: fix officiel plugin paths and vintage template 2020-07-26 14:43:10 +02:00
ArthurHoaro
204035bd3c Fix: visitor are allowed to chose nb of links per page 2020-07-24 12:48:53 +02:00
ArthurHoaro
87ae3c4f08 Fix default link and redirection in install controller 2020-07-24 10:30:47 +02:00
ArthurHoaro
8e9169ceba Update French translation 2020-07-23 21:19:21 +02:00
ArthurHoaro
3ee8351e43 Multiple small fixes 2020-07-23 21:19:21 +02:00
ArthurHoaro
a8c11451e8 Process login through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro
c4ad3d4f06 Process Shaarli install through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro
1a8ac737e5 Process main page (linklist) through Slim controller
Including a bunch of improvements on the container,
and helper used across new controllers.
2020-07-23 21:19:21 +02:00
ArthurHoaro
6132d64748 Process thumbnail synchronize page through Slim controllers 2020-07-23 21:19:21 +02:00
ArthurHoaro
764d34a7d3 Process token retrieve through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro
1b8620b1ad Process plugins administration page through Slim controllers 2020-07-23 21:19:21 +02:00
ArthurHoaro
78657347c5 Process bookmarks import through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro
c70ff64a61 Process bookmark exports through Slim controllers 2020-07-23 21:19:21 +02:00
ArthurHoaro
3447d888d7 Pin bookmarks through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro
7b8a6f2858 Process change visibility action through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro
baa6979194 Improve ManageTagController coverage and error handling 2020-07-23 21:19:21 +02:00
ArthurHoaro
9c75f87793 Use multi-level routes for existing controllers instead of 1 level everywhere
Also prefix most admin routes with /admin/
2020-07-23 21:19:21 +02:00
ArthurHoaro
818b3193ff Explicitly define base and asset path in templates
With the new routes, all pages are not all at the same folder level anymore
(e.g. /shaare and /shaare/123), so we can't just use './' everywhere.
The most consistent way to handle this is to prefix all path with the proper variable,
and handle the actual path in controllers.
2020-07-23 21:19:21 +02:00
ArthurHoaro
c22fa57a55 Handle shaare creation/edition/deletion through Slim controllers 2020-07-23 21:19:21 +02:00
ArthurHoaro
8eac2e5488 Process manage tags page through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro
66063ed1a1 Process configure page through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro
fdedbfd4a7 Test ShaarliAdminController 2020-07-23 21:19:21 +02:00
ArthurHoaro
ef00f9d203 Process password change controller through Slim 2020-07-23 21:19:21 +02:00
ArthurHoaro
ba43064ddb Process tools page through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro
2899ebb5b5 Initialize admin Slim controllers
- Reorganize visitor controllers
  - Fix redirection with Slim's requests base path
  - Fix daily links
2020-07-23 21:19:21 +02:00
ArthurHoaro
af290059d1 Process session filters through Slim controllers
Including:
  - visibility
  - links per page
  - untagged only
2020-07-23 21:19:21 +02:00
ArthurHoaro
893f5159c6 Process remove tag endpoint through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro
5ec4708ced Process OpenSearch controller through Slim
Also it was missing on the default template feeds
2020-07-23 21:19:21 +02:00
ArthurHoaro
7b2ba6ef82 RSS/ATOM feeds: process through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro
c4d5be53c2 Process Daily RSS feed through Slim controller
The daily RSS template has been entirely rewritten to handle the whole feed through the template engine.
2020-07-23 21:19:21 +02:00
ArthurHoaro
e3d28be967 Slim daily: minor bugfix with empty data 2020-07-23 21:19:21 +02:00
ArthurHoaro
69e29ff65e Process daily page through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro
60ae241251 Process tag list page through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro
3772298ee7 Few optimizations and code readability for tag cloud controller 2020-07-23 21:19:21 +02:00
ArthurHoaro
c79473bd84 Handle tag filtering in the Bookmark service 2020-07-23 21:19:21 +02:00
ArthurHoaro
c266a89d0f Process tag cloud page through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro
03340c18ea Slim router: handle add tag route 2020-07-23 21:19:21 +02:00
ArthurHoaro
8e47af2b36 Process logout through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro
485b168a96 Process picwall rendering through Slim controller + UT 2020-07-23 21:19:21 +02:00
ArthurHoaro
27ceea2aee Rename ci attribute to container 2020-01-26 11:34:29 +01:00
ArthurHoaro
0498b209b5 Execute common plugin hooks before rendering login page 2020-01-26 11:34:14 +01:00
ArthurHoaro
6c50a6ccce Render login page through Slim controller 2020-01-26 11:34:14 +01:00