VirtualTam
067c2dd8f5
lint: apply phpcbf to tests/
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-12-02 22:39:16 +01:00
ArthurHoaro
e95247d41d
Merge pull request #1205 from ArthurHoaro/feature/opengraph
...
Add OpenGraph meta tags on permalink page
2018-10-06 13:31:07 +02:00
ArthurHoaro
fa8100c088
Merge pull request #1212 from ArthurHoaro/hotfix/hashtag-md-escape
...
Fix hashtags with markdown escape enabled
2018-10-06 13:28:51 +02:00
ArthurHoaro
4154c25b5f
Add a button to set links as sticky
...
Meaning that they always appear on top of all links
Fixes #186
2018-10-06 12:55:05 +02:00
ArthurHoaro
0e54e1059f
Isso plugin: add an icon in linklist if enabled
...
Fixes #1075
2018-08-14 13:39:31 +02:00
ArthurHoaro
cb7940e2de
Fix hashtags with markdown escape enabled
...
They're now transformed to markdown syntax links before processing them through Parsedown.
Fixes #1210
2018-08-14 12:26:51 +02:00
ArthurHoaro
a120fb2977
Add OpenGraph meta tags on permalink page
...
Includes:
- og:title
- og:type -> article
- og:image -> if there is a thumbnail
- og:url -> permalink
- og:description -> first 300 chars of raw description
- article:published_time
- article:modified_time
- article:tag -> one OG meta tag for each shaare tag
Fixes #258
2018-08-13 10:55:48 +02:00
ArthurHoaro
ad5f47adba
Merge pull request #687 from ArthurHoaro/web-thumb
...
Use web-thumbnailer to retrieve thumbnails
2018-07-28 09:41:29 +02:00
ArthurHoaro
7b4fea0e39
Bunch of improvement for thumbnails integration:
...
- add a default thumb size value (125x90px)
- improve private vertical bar visual, especially with thumbnails
- translations
- add a sync thumbs button in tool and empty picwall page
- fixes WT download mode in JSON config
2018-07-17 13:16:50 +02:00
ArthurHoaro
c2c2338f9a
Merge pull request #1141 from ArthurHoaro/api/tags
...
Implements Tags endpoints for Shaarli's REST API
2018-07-10 18:06:26 +02:00
ArthurHoaro
7c57bd9538
GetTagsTest - Update to alpha sort for equal occurences
2018-07-05 20:45:03 +02:00
ArthurHoaro
b302b3c584
Thumbnails: add a common mode to only retrieve thumbs from popular media websites
2018-07-05 20:34:22 +02:00
ArthurHoaro
28f2652460
Add a page to update all thumbnails through AJAX requests in both templates
2018-07-05 20:34:22 +02:00
ArthurHoaro
e85b7a05a1
Update thumbnail integration after rebasing the branch
2018-07-05 20:31:35 +02:00
ArthurHoaro
a3724717ec
ConfigManager: add a method to remove an entry
2018-07-05 20:31:35 +02:00
ArthurHoaro
1b93137e16
Use web-thumbnailer to retrieve thumbnails
...
* requires PHP 5.6
* use blazy on linklist since a lot more thumbs are retrieved
* thumbnails can be disabled
* thumbs size is now 120x120
* thumbs are now cropped to fit the expected size
Fixes #345 #425 #487 #543 #588 #590
2018-07-05 20:31:35 +02:00
VirtualTam
1168abb484
docker: move testing resources to tests/docker
...
Relates to https://github.com/shaarli/Shaarli/issues/1153
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-06-16 23:54:10 +02:00
ArthurHoaro
d3f42ca487
Implements Tags endpoints for Shaarli's REST API
...
Endpoints:
* List All Tags [GET]
* Get a tag [GET]
* Update a tag [PUT]
* Delete a tag [DELETE]
Fixes #904
References shaarli/api-documentation#34
2018-06-04 18:51:22 +02:00
ArthurHoaro
17e45b2e9c
Merge pull request #1143 from ArthurHoaro/sort-equal-tags
...
Fix order of tags with the same number of occurrences
2018-06-04 18:34:50 +02:00
VirtualTam
8edd7f1588
SessionManager+LoginManager: fix checkLoginState logic
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-06-02 16:46:06 +02:00
VirtualTam
704637bfeb
Add test coverage for LoginManager methods
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-06-02 16:46:26 +02:00
VirtualTam
ebf6151738
SessionManager: remove unused UID token
...
There already are dedicated tokens for:
- CSRF protection
- user stay-signed-in feature, via cookie
This token was most likely intended as a randomly generated,
server-side, secret key to be used when generating hashes.
See http://sebsauvage.net/wiki/doku.php?id=php:session [FR]
Relevant section:
Une clé secrète unique aléatoire est générée côté serveur (et jamais
envoyée). Elle peut servir pour signer les formulaires (HMAC) ou
générer des token de formulaires (protection contre XSRF).
Voir $_SESSION['uid'].
Translation:
A unique, server-side secret key is randomly generated (and never
transmitted). It can be used to sign forms (HMAC) or generate form
tokens (protection against XSRF).
See $_SESSION['uid']
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-06-02 16:46:06 +02:00
VirtualTam
c689e10863
Refactor LoginManager stay-signed-in token management
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-06-02 16:46:06 +02:00
VirtualTam
51f0128cdb
Refactor session and cookie timeout control
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-06-02 16:46:06 +02:00
VirtualTam
fab87c2696
Move LoginManager and SessionManager to the Security namespace
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-06-02 16:46:06 +02:00
VirtualTam
63ea23c2a6
Refactor user credential validation at login time
...
Changed:
- move login/password verification to LoginManager
- code cleanup
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-05-29 22:53:54 +02:00
VirtualTam
88110550b8
Refactor client session hijacking protection
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-05-29 22:53:54 +02:00
ArthurHoaro
f8c5660df8
Tag sort - UT + comment + fix filter and visibility
...
Before this, linksCountPerTag call without would have ignored visibility parameter
2018-05-29 20:52:30 +02:00
ArthurHoaro
dd6794cff8
Fix feed permalink rendering with markdown escape set to true
...
Fixes #1134
2018-05-19 12:55:43 +02:00
ArthurHoaro
c5ee13181e
Update parsedown to its latest version instead of fixed 1.6
2018-03-31 13:00:13 +02:00
ArthurHoaro
9b2bd66fb6
Merge pull request #1093 from ArthurHoaro/feature/theme-translation
...
Load theme translations files automatically
2018-03-26 20:26:10 +02:00
ArthurHoaro
68c6afc56f
Load theme translations files automatically
...
Fixes #1077
Take a look at the docs update to see how it works
2018-03-26 19:20:25 +02:00
ArthurHoaro
4294bc7b98
Merge pull request #1096 from ArthurHoaro/feature/download-params
...
Make max download size and timeout configurable
2018-03-13 18:02:49 +01:00
ArthurHoaro
4ff3ed1c47
Make max download size and timeout configurable
...
Fixes #1061
2018-03-07 23:03:21 +01:00
ArthurHoaro
d2d4f993e1
PSR: use elseif instead of else if
...
See https://www.php-fig.org/psr/psr-2/\#51-if-elseif-else
2018-02-28 22:34:40 +01:00
ArthurHoaro
3ff1ce47bc
Ignore the case while checking DOCTYPE during the file import
...
Fixes #1091
2018-02-23 20:34:06 +01:00
VirtualTam
44acf70681
Refactor login / ban authentication steps
...
Relates to https://github.com/shaarli/Shaarli/issues/324
Added:
- Add the `LoginManager` class to manage logins and bans
Changed:
- Refactor IP ban management
- Simplify logic
- Avoid using globals, inject dependencies
Fixed:
- Use `ban_duration` instead of `ban_after` when setting a new ban
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-02-05 18:12:09 +01:00
ArthurHoaro
a381c373b3
Merge pull request #1074 from kalvn/feature/dailymarkdown
...
Executes daily hooks before creating columns.
2018-02-02 19:23:26 +01:00
ArthurHoaro
5617dcf9d2
Drop PHP 5.5 compatibility and upgrade PHPUnit to v5.x
...
PHPUnit 4.x contains deprecated PHP functions in PHP 7.2.
2018-02-02 19:15:47 +01:00
kalvn
50142efd1b
Executes daily hooks before creating columns.
2018-02-01 13:16:58 +01:00
ArthurHoaro
cb4ddbe4e7
Fix warnings when upgrading from legacy SebSauvage version
...
Fixes #1040
2018-01-25 19:55:31 +01:00
ArthurHoaro
d449f79a0d
Merge pull request #977 from ArthurHoaro/feature/dl-filter
...
Extract the title/charset during page download, and check content type
2018-01-23 18:41:38 +01:00
ArthurHoaro
101b935de4
Merge pull request #1025 from ArthurHoaro/hotfix/proxy-443
...
Force HTTPS if the original port is 443 behind a reverse proxy
2017-12-03 12:46:43 +01:00
ArthurHoaro
8e9fc6f6e6
Force HTTPS if the original port is 443 behind a reverse proxy
...
Fixes #1022
2017-12-02 15:24:35 +01:00
VirtualTam
dd883aaf09
Improve SessionManager constructor and tests
...
Relates to https://github.com/shaarli/Shaarli/pull/1005
Changed:
- pass a copy of the ConfigManager instance instead of a reference
- move FakeConfigManager to a dedicated file
- update tests
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2017-11-08 20:26:03 +01:00
ArthurHoaro
fd08b50a80
Don't URL encode description links if parameter 'redirector.encode_url' is set to false
2017-11-07 20:23:58 +01:00
ArthurHoaro
d65342e304
Extract the title/charset during page download, and check content type
...
Use CURLOPT_WRITEFUNCTION to check the response code and content type (only allow HTML).
Also extract the title and charset during downloading chunk of data, and stop it when everything has been extracted.
Closes #579
2017-10-28 14:35:49 +02:00
ArthurHoaro
0926d26390
Merge pull request #962 from ArthurHoaro/feature/perfs2
...
Performances: reorder links when they're written instead of read
2017-10-28 12:44:44 +02:00
VirtualTam
ae7c954b12
Improve SessionManager tests
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2017-10-24 22:01:02 +02:00
VirtualTam
fd7d84616d
Move session ID check to SessionManager
...
Relates to https://github.com/shaarli/Shaarli/issues/324
Changed:
- `is_session_id_valid()` -> `SessionManager::checkId()`
- update tests
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2017-10-22 19:54:44 +02:00