ArthurHoaro
bee33239ed
Fix all relative link to work with new URL
2020-07-23 21:19:21 +02:00
ArthurHoaro
b495d5c92a
Fix division by zero in tagcloud
...
It happens if we have a maximum of 1 occurrence in tags (log(1) = 0)
2020-01-26 14:52:10 +01:00
ArthurHoaro
9e4cc28e29
Fix all existing links and redirection to ?do=login
2020-01-26 11:34:14 +01:00
ArthurHoaro
6c50a6ccce
Render login page through Slim controller
2020-01-26 11:34:14 +01:00
ArthurHoaro
20433ea72b
Rollback breaking change in REST API routes
2020-01-26 11:30:25 +01:00
ArthurHoaro
09390a50cd
Session cookie setting being set while session is active
...
Trying to do will raise a warning since PHP 7.2, and it never worked as intented.
See: https://bugs.php.net/bug.php\?id\=75650
2020-01-23 19:51:14 +01:00
ArthurHoaro
1001cc108f
Fix an issue with private tags and fix nomarkdown tag ( #1399 )
...
Fix an issue with private tags and fix nomarkdown tag
2020-01-18 17:59:37 +01:00
ArthurHoaro
a39acb2518
Fix an issue with private tags and fix nomarkdown tag
...
The new bookmark service wasn't handling private tags properly.
nomarkdown tag is now shown only for logged in user in bookmarks, and hidden for everyone in tag clouds/lists.
Fixes #726
2020-01-18 11:39:26 +01:00
ArthurHoaro
4869d535b5
Fix an issue with bookmark visibility filter
2020-01-18 10:49:30 +01:00
ArthurHoaro
e26e2060f5
Add and update unit test for the new system (Bookmark + Service)
...
See #1307
2020-01-18 09:56:32 +01:00
ArthurHoaro
cf92b4dd15
Apply the new system (Bookmark + Service) to the whole code base
...
See https://github.com/shaarli/Shaarli/issues/1307
2020-01-18 09:55:59 +01:00
ArthurHoaro
b405a44f29
Bump PHP version check in index.php
...
Fixes #1249
2019-08-10 12:47:58 +02:00
kalvn
8ba951640c
Fixes a Undefined index: thumbnail in daily page.
2019-08-04 22:02:18 +02:00
ArthurHoaro
81cae5f5dd
Persist sticky status on bookmark update
...
Fixes #1331
2019-07-27 11:46:05 +02:00
ArthurHoaro
a5a0c0399b
WIP - Plugin to override default template colors
...
* Adds a new core plugin to override default template colors
* Adds a new hook when plugin settings are saved
(`save_plugin_parameters`)
* Use CSS native variables for main colors instead of SASS variables
* Disable SASS sort order rules due to a bug in the plugin
Fixes #1312
2019-07-08 23:20:56 +02:00
ArthurHoaro
6a4872520c
Automatically retrieve description for new bookmarks
...
If the option is enabled, it will try to find a meta tag containing
the page description and keywords, just like we do for the page title.
It will either look for regular meta tag or OpenGraph ones.
The option is disabled by default.
Note that keywords meta tags is mostly not used.
In `configure` template, the variable associated with this setting
is `$retrieve_description`.
Fixes #1302
2019-07-06 12:21:52 +02:00
ArthurHoaro
5321f704b5
Daily - display the current day instead of the previous one
...
Also mention if it's today or yesterday for clarity using `dayDesc`
variable
Fixes #1299
2019-05-25 16:40:45 +02:00
ArthurHoaro
c3a04e328f
Merge pull request #1273 from ArthurHoaro/feature/ban-manager
...
Rewrite IP ban management
2019-05-25 16:13:56 +02:00
ArthurHoaro
786f35f270
Merge pull request #1276 from ArthurHoaro/feature/bulk-visibility
...
Bulk action: set visibility
2019-04-22 12:31:09 +02:00
ArthurHoaro
18d2d3ae15
Hotfix: History controller for the REST API has been renamed in a previous commit
...
but the class name hasn't been updated in index.php
2019-04-15 17:45:58 +02:00
ArthurHoaro
90e048594a
Merge pull request #1272 from ArthurHoaro/feature/html-lang
...
Accessibility: specify the HTML lang attribute
2019-03-02 10:54:30 +01:00
ArthurHoaro
cc69aad4a9
Merge pull request #1271 from ArthurHoaro/hotfix/thumb-note-retrieve
...
Do not try to retrieve thumbnails for internal link
2019-03-02 10:54:06 +01:00
ArthurHoaro
a8e7da0114
Do not try to retrieve thumbnails for internal link
...
Also adds a helper function to determine if a link is a note and apply it across multiple files.
2019-02-24 12:25:50 +01:00
ArthurHoaro
c21dcc8199
Merge pull request #1270 from ArthurHoaro/hotfix/sticky-warning
...
Fix a warning if links sticky status isn't set
2019-02-24 11:30:35 +01:00
ArthurHoaro
8d03f705eb
Bulk action: set visibility
...
Added 2 buttons when link checkboxes are checked to set them either public or private.
Related to #572 #1160
2019-02-09 17:59:53 +01:00
ArthurHoaro
b49a04f796
Rewrite IP ban management
...
This adds a dedicated manager class to handle all ban interactions, which is instantiated and handled by LoginManager.
IPs are now stored in the same format as the datastore, through FileUtils.
Fixes #1032 #587
2019-02-09 16:44:48 +01:00
ArthurHoaro
cb974e4747
Accessibility: specify the HTML lang attribute
...
The lang is based on the user defined one. If the language is automatic, no language will be specified.
Fixes #1216
2019-02-09 14:29:35 +01:00
ArthurHoaro
b790f900c9
Fix a warning if links sticky status isn't set
...
- initiate its status to false when the link is created
- if not defined, initiate its status to false (can happen if the updater hasn't run)
2019-02-09 14:04:16 +01:00
ArthurHoaro
520d29578c
Remove the redirector setting
...
Fixes #1239
2019-02-09 13:55:11 +01:00
VirtualTam
e185038834
namespacing: \Shaarli\Plugin\PluginManager
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2019-01-12 23:11:19 +01:00
VirtualTam
349b014401
namespacing: \Shaarli\Netscape\NetscapeBookmarkUtils
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2019-01-12 23:11:19 +01:00
VirtualTam
a932f486f2
namespacing: \Shaarli\Router
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2019-01-12 23:11:19 +01:00
VirtualTam
9778a1551c
namespacing: \Shaarli\ApplicationUtils
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2019-01-12 23:11:19 +01:00
VirtualTam
bcf056c9d9
namespacing: \Shaarli\Updater
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2019-01-12 23:11:19 +01:00
VirtualTam
fe3713d2e5
namespacing: move LinkUtils along \Shaarli\Bookmark classes
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2019-01-12 22:47:48 +01:00
VirtualTam
6696729b88
namespacing: \Shaarli\Bookmark\LinkFilter
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2019-01-12 22:47:48 +01:00
VirtualTam
f24896b237
namespacing: \Shaarli\Bookmark\LinkDB
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2019-01-12 22:47:48 +01:00
VirtualTam
8c0f19c797
namespacing: \Shaarli\Render\{PageBuilder,ThemeUtils}
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2019-01-12 22:47:48 +01:00
VirtualTam
51753e403f
namespacing: move HTTP utilities along \Shaarli\Http\ classes
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2019-01-12 22:47:48 +01:00
VirtualTam
dfc650aa23
namespacing: \Shaarli\Feed\{Cache,CachedPage,FeedBuilder}
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2019-01-12 22:47:48 +01:00
VirtualTam
bdc5152d48
namespacing: \Shaarli\History
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2019-01-12 22:47:48 +01:00
VirtualTam
9d9f6d75b9
lint: fix line-length warnings
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-12-02 22:39:16 +01:00
VirtualTam
93bf0918fa
lint: apply phpcbf to index.php
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-12-02 22:39:16 +01:00
Bish Erbas
f6380409ac
Update session start condition
...
Recommended method for PHP >= 5.4.0 as seen here https://stackoverflow.com/questions/6249707/check-if-php-session-has-already-started
Per https://shaarli.readthedocs.io/en/master/Server-configuration/ Shaarli supports PHP >= 5.6
2018-10-31 09:09:35 -04:00
ArthurHoaro
4154c25b5f
Add a button to set links as sticky
...
Meaning that they always appear on top of all links
Fixes #186
2018-10-06 12:55:05 +02:00
ArthurHoaro
4adeffd7f4
Merge pull request #1207 from ArthurHoaro/feature/cors
...
Add CORS headers to REST API responses
2018-09-20 23:34:59 +02:00
ArthurHoaro
4fa9a3c5d8
Fix a JS bug preventing AJAX tag deletion to work
...
Fixes #1214
2018-08-16 17:25:47 +02:00
ArthurHoaro
b54faf4fd9
History: fix a bug on bulk deletion where only one deletion were registred
2018-08-13 13:18:31 +02:00
ArthurHoaro
5d9bc40d7e
Add CORS headers to REST API responses
...
Fixes #1174
2018-08-13 12:21:10 +02:00
ArthurHoaro
b5c368b858
Fix issue 'You are not authorized to add a link' with thumbnails enabled
...
Do not try to alter the datastore by updating thumbnails if the user isn't logged in.
Also, do not enable thumbnails if PHP GD extension is not installed/loaded
2018-08-10 17:09:51 +02:00
ArthurHoaro
bf3c9934d2
Fix fatal error on daily page: use new thumbnail system
...
Also fix:
* include the login manager in the daily RSS feed function
* remove redirector setting in the vintage theme
Fixes #1190
2018-07-29 17:49:53 +02:00
ArthurHoaro
ad5f47adba
Merge pull request #687 from ArthurHoaro/web-thumb
...
Use web-thumbnailer to retrieve thumbnails
2018-07-28 09:41:29 +02:00
ArthurHoaro
7b4fea0e39
Bunch of improvement for thumbnails integration:
...
- add a default thumb size value (125x90px)
- improve private vertical bar visual, especially with thumbnails
- translations
- add a sync thumbs button in tool and empty picwall page
- fixes WT download mode in JSON config
2018-07-17 13:16:50 +02:00
VirtualTam
1cafacfedd
Docs: rename 'How-to' section to 'Guides'
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-07-12 21:48:48 +02:00
ArthurHoaro
c2c2338f9a
Merge pull request #1141 from ArthurHoaro/api/tags
...
Implements Tags endpoints for Shaarli's REST API
2018-07-10 18:06:26 +02:00
ArthurHoaro
b302b3c584
Thumbnails: add a common mode to only retrieve thumbs from popular media websites
2018-07-05 20:34:22 +02:00
ArthurHoaro
28f2652460
Add a page to update all thumbnails through AJAX requests in both templates
2018-07-05 20:34:22 +02:00
ArthurHoaro
787faa42f3
Take code review into account
...
Upgrade web-thumbnailer and display thumbs right after download
2018-07-05 20:34:22 +02:00
ArthurHoaro
e85b7a05a1
Update thumbnail integration after rebasing the branch
2018-07-05 20:31:35 +02:00
ArthurHoaro
1b93137e16
Use web-thumbnailer to retrieve thumbnails
...
* requires PHP 5.6
* use blazy on linklist since a lot more thumbs are retrieved
* thumbnails can be disabled
* thumbs size is now 120x120
* thumbs are now cropped to fit the expected size
Fixes #345 #425 #487 #543 #588 #590
2018-07-05 20:31:35 +02:00
VirtualTam
87f1431247
Fix broken documentation links and list formatting
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-06-26 22:22:33 +02:00
ArthurHoaro
cad4251ad7
Fixes an error during the install
...
was out of scope
2018-06-07 19:58:58 +02:00
ArthurHoaro
d3f42ca487
Implements Tags endpoints for Shaarli's REST API
...
Endpoints:
* List All Tags [GET]
* Get a tag [GET]
* Update a tag [PUT]
* Delete a tag [DELETE]
Fixes #904
References shaarli/api-documentation#34
2018-06-04 18:51:22 +02:00
VirtualTam
c689e10863
Refactor LoginManager stay-signed-in token management
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-06-02 16:46:06 +02:00
VirtualTam
51f0128cdb
Refactor session and cookie timeout control
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-06-02 16:46:06 +02:00
VirtualTam
fab87c2696
Move LoginManager and SessionManager to the Security namespace
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-06-02 16:46:06 +02:00
VirtualTam
68dcaccfa4
LoginManager: remove unused parameter
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-06-02 16:46:06 +02:00
VirtualTam
89ccc83ba4
Login: update PageBuilder and default/vintage templates
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-06-02 16:46:06 +02:00
VirtualTam
8474208474
Pass the client IP ID to LoginManager
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-06-02 16:46:06 +02:00
VirtualTam
63ea23c2a6
Refactor user credential validation at login time
...
Changed:
- move login/password verification to LoginManager
- code cleanup
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-05-29 22:53:54 +02:00
VirtualTam
49f1832316
Refactor PHP session handling during login/logout
...
Changed:
- move $_SESSION handling to SessionManager
- code cleanup
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-05-29 22:53:54 +02:00
VirtualTam
db45a36a53
Refactor SessionManager::$INACTIVITY_TIMEOUT
...
Changed:
- move INACTIVITY_TIMEOUT to SessionManager
- inject a dependency to a SessionManager instance in:
- fillSessionInfo()
- setup_login_state()
- check_auth()
- cleanup related code and comments
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-05-29 22:53:54 +02:00
VirtualTam
88110550b8
Refactor client session hijacking protection
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-05-29 22:53:54 +02:00
ArthurHoaro
8d2cac1be6
Fix parameter order which was preventing max_dl parameter to work properly
2018-05-01 16:40:08 +02:00
ArthurHoaro
15410df113
Fix warning when trying to save redictor setting from the configure page
...
It has been removed from the web page.
Fixes #1099
2018-03-13 18:11:58 +01:00
ArthurHoaro
4294bc7b98
Merge pull request #1096 from ArthurHoaro/feature/download-params
...
Make max download size and timeout configurable
2018-03-13 18:02:49 +01:00
ArthurHoaro
4ff3ed1c47
Make max download size and timeout configurable
...
Fixes #1061
2018-03-07 23:03:21 +01:00
ArthurHoaro
d2d4f993e1
PSR: use elseif instead of else if
...
See https://www.php-fig.org/psr/psr-2/\#51-if-elseif-else
2018-02-28 22:34:40 +01:00
ArthurHoaro
980efd6cf8
Use a specific page title in all pages
...
Also fixed a few French translation issues
Fixes #954 #955
2018-02-24 12:48:49 +01:00
VirtualTam
44acf70681
Refactor login / ban authentication steps
...
Relates to https://github.com/shaarli/Shaarli/issues/324
Added:
- Add the `LoginManager` class to manage logins and bans
Changed:
- Refactor IP ban management
- Simplify logic
- Avoid using globals, inject dependencies
Fixed:
- Use `ban_duration` instead of `ban_after` when setting a new ban
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-02-05 18:12:09 +01:00
ArthurHoaro
a381c373b3
Merge pull request #1074 from kalvn/feature/dailymarkdown
...
Executes daily hooks before creating columns.
2018-02-02 19:23:26 +01:00
ArthurHoaro
bc3ce7ec2a
Merge pull request #1038 from ArthurHoaro/feature/public-only-filter
...
Add a filter to only display public links
2018-02-02 19:22:37 +01:00
kalvn
50142efd1b
Executes daily hooks before creating columns.
2018-02-01 13:16:58 +01:00
ArthurHoaro
b7c412d4d0
Use LC_COLLATE instead of LC_MESSAGES if php-intl is not installed
...
As stated in the docs:
> LC_MESSAGES for system responses (available if PHP was compiled with libintl)
Fixes #1067
2018-01-31 12:39:17 +01:00
ArthurHoaro
d2f6d909e5
Public/private filter: use two separate buttons
...
#1038
2018-01-24 18:46:31 +01:00
ArthurHoaro
d449f79a0d
Merge pull request #977 from ArthurHoaro/feature/dl-filter
...
Extract the title/charset during page download, and check content type
2018-01-23 18:41:38 +01:00
VirtualTam
65c002ca18
Fix XSS vulnerability
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-01-04 15:53:48 +01:00
ArthurHoaro
9d4736a3e9
Add a filter to only display public links
...
When the key filter is clicked once, it only displays private link. When it is clicked on again, it becomes red and only public links are displayed. Another click and all links are displayed. The current visibility status is shown in the search banner
Fixes #1030
2017-12-16 14:32:56 +01:00
ArthurHoaro
fd08b50a80
Don't URL encode description links if parameter 'redirector.encode_url' is set to false
2017-11-07 20:23:58 +01:00
ArthurHoaro
d65342e304
Extract the title/charset during page download, and check content type
...
Use CURLOPT_WRITEFUNCTION to check the response code and content type (only allow HTML).
Also extract the title and charset during downloading chunk of data, and stop it when everything has been extracted.
Closes #579
2017-10-28 14:35:49 +02:00
VirtualTam
fd7d84616d
Move session ID check to SessionManager
...
Relates to https://github.com/shaarli/Shaarli/issues/324
Changed:
- `is_session_id_valid()` -> `SessionManager::checkId()`
- update tests
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2017-10-22 19:54:44 +02:00
VirtualTam
ebd650c06c
Refactor session token management
...
Relates to https://github.com/shaarli/Shaarli/issues/324
Added:
- `SessionManager` class to group session-related features
- unit tests
Changed:
- `getToken()` -> `SessionManager->generateToken()`
- `tokenOk()` -> `SessionManager->checkToken()`
- inject a `$token` parameter to `PageBuilder`'s constructor
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2017-10-22 19:19:46 +02:00
ArthurHoaro
f39580c6fd
Add language selection in the configure page of the default theme
2017-10-22 13:16:53 +02:00
ArthurHoaro
12266213d0
Shaarli's translation
...
* translation system and unit tests
* Translations everywhere
Dont use translation merge
It is not available with PHP builtin gettext, so it would have lead to inconsistency.
2017-10-22 12:55:03 +02:00
ArthurHoaro
be9ddff2fb
Merge pull request #987 from ArthurHoaro/hotfix/security-issue
...
Fix security issue reported by @chb9
2017-10-07 11:33:20 +02:00
ArthurHoaro
d14555a3df
Fix security issue reported by @chbi
...
Vulnerability introduced by 6ccd0b218f
- release with Shaarli v0.9.1.
2017-10-07 11:27:44 +02:00
VirtualTam
c8d96b4729
Merge pull request #979 from ArthurHoaro/feature/assets-cache-version
...
Add a version hash for asset loading to prevent browser's cache issue
2017-10-06 14:32:07 +02:00
Mark Gerarts
722caa2090
Allow setting of a default note title, see #963
2017-10-01 14:19:57 +02:00
ArthurHoaro
b3e1f92e9c
Rename shaarli_version constant to uppercase
2017-10-01 11:11:16 +02:00
Willi Eggeling
27e21231e1
added option to redirect all anonymous users to login page
...
- new setting *force_login* added and documented
- if both, *force_login* and *hide_public_links* are set to true, all requests
(except for the feeds) are redirected to the login page
2017-09-03 11:46:49 +02:00