Commit graph

29 commits

Author SHA1 Message Date
ArthurHoaro
5c06c0870f Dislay an error if an exception occurs in the error handler
Related to #1598
2020-10-20 18:32:46 +02:00
ArthurHoaro
21e72da9ee Asynchronous retrieval of bookmark's thumbnails
This feature is based general.enable_async_metadata setting and works with existing metadata.js file.
The script is compatible with any template:
   - the thumbnail div bloc must have  attribute
   - the bookmark bloc must have  attribute with the bookmark ID as value

Fixes #1564
2020-10-20 10:15:18 +02:00
ArthurHoaro
3adbdc2a83 Inject ROOT_PATH in plugin instead of regenerating it everywhere 2020-10-16 13:06:06 +02:00
ArthurHoaro
72fbbcd679 Security: fix multiple XSS vulnerabilities + fix search tags with special chars
XSS vulnerabilities fixed in editlink, linklist, tag.cloud and tag.list.

Also fixed tag search with special characters: urlencode function needs to be applied on raw data, before espaping, otherwise the rendered URL is wrong.
2020-10-06 17:30:18 +02:00
ArthurHoaro
abe033be85 Fix invalid redirection using the path of an external domain
Fixes #1554
2020-09-22 15:37:26 +02:00
ArthurHoaro
98e7a59ca2
Merge pull request #1539 from ArthurHoaro/feature/manual-root-url 2020-09-22 14:08:54 +02:00
ArthurHoaro
b93cfeba7b Fix subfolder configuration in unit tests 2020-09-12 21:39:01 +02:00
ArthurHoaro
d52ab0b1e9 Properly handle 404 errors
Use 404 template instead of default Slim error page if the route is not found.

Fixes #827
2020-09-12 12:42:19 +02:00
ArthurHoaro
949a095310
Merge pull request #1538 from ArthurHoaro/feature/plugins-bookmark-service
Inject BookmarkServiceInterface in plugins data
2020-09-06 14:13:16 +02:00
ArthurHoaro
80b708a878 Inject BookmarkServiceInterface in plugins data
Related discussion: ilesinge/shaarli-related#7
2020-09-03 15:08:08 +02:00
ArthurHoaro
ce7918386a Improve backward compatibility for LegacyRouter
LegacyRouter is no longer used for routing, only in existing plugins to match the _PAGE_ parameter.
So we change a few of its values there, to match the new ones defined in TemplatePage.

@see discussion in shaarli/Shaarli#1537
2020-09-03 10:09:36 +02:00
ArthurHoaro
7e3dc0ba98 Better handling of plugin incompatibility
If a PHP is raised while executing plugin hook, Shaarli will display an error instead of rendering the error page (or just ending in fatal error for default hooks).
Also added phpErrorHandler which is handled differently that regular errorHandler by Slim.:
2020-08-27 12:04:36 +02:00
ArthurHoaro
0c6fdbe12b Move error handling to dedicated controller instead of middleware 2020-08-21 10:50:44 +02:00
ArthurHoaro
bedbb845ee Move all admin controller into a dedicated group
Also handle authentication check in a new middleware for the admin group.
2020-08-13 11:08:13 +02:00
ArthurHoaro
d6e5f04d39 Remove anonymous permission and initialize bookmarks on login 2020-08-01 11:10:57 +02:00
ArthurHoaro
301c7ab1a0 Better support for notes permalink 2020-07-28 20:46:11 +02:00
ArthurHoaro
a285668ec4 Fix redirection after post install login 2020-07-27 12:34:17 +02:00
ArthurHoaro
9fbc42294e New basePath: fix officiel plugin paths and vintage template 2020-07-26 14:43:10 +02:00
ArthurHoaro
204035bd3c Fix: visitor are allowed to chose nb of links per page 2020-07-24 12:48:53 +02:00
ArthurHoaro
87ae3c4f08 Fix default link and redirection in install controller 2020-07-24 10:30:47 +02:00
ArthurHoaro
3ee8351e43 Multiple small fixes 2020-07-23 21:19:21 +02:00
ArthurHoaro
a8c11451e8 Process login through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro
c4ad3d4f06 Process Shaarli install through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro
1a8ac737e5 Process main page (linklist) through Slim controller
Including a bunch of improvements on the container,
and helper used across new controllers.
2020-07-23 21:19:21 +02:00
ArthurHoaro
9c75f87793 Use multi-level routes for existing controllers instead of 1 level everywhere
Also prefix most admin routes with /admin/
2020-07-23 21:19:21 +02:00
ArthurHoaro
818b3193ff Explicitly define base and asset path in templates
With the new routes, all pages are not all at the same folder level anymore
(e.g. /shaare and /shaare/123), so we can't just use './' everywhere.
The most consistent way to handle this is to prefix all path with the proper variable,
and handle the actual path in controllers.
2020-07-23 21:19:21 +02:00
ArthurHoaro
c22fa57a55 Handle shaare creation/edition/deletion through Slim controllers 2020-07-23 21:19:21 +02:00
ArthurHoaro
ef00f9d203 Process password change controller through Slim 2020-07-23 21:19:21 +02:00
ArthurHoaro
2899ebb5b5 Initialize admin Slim controllers
- Reorganize visitor controllers
  - Fix redirection with Slim's requests base path
  - Fix daily links
2020-07-23 21:19:21 +02:00