Knah-Tsaeb/MyShaarli
Knah-Tsaeb/MyShaarli
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
1934 commits 8 branches 1 tag 12 MiB
Commit graph

529 commits

Author SHA1 Message Date
ArthurHoaro a39acb2518 Fix an issue with private tags and fix nomarkdown tag 
The new bookmark service wasn't handling private tags properly.

nomarkdown tag is now shown only for logged in user in bookmarks, and hidden for everyone in tag clouds/lists.

Fixes #726
 2020-01-18 11:39:26 +01:00
ArthurHoaro 4869d535b5 Fix an issue with bookmark visibility filter 2020-01-18 10:49:30 +01:00
ArthurHoaro e26e2060f5 Add and update unit test for the new system (Bookmark + Service) 
See #1307
 2020-01-18 09:56:32 +01:00
ArthurHoaro cf92b4dd15 Apply the new system (Bookmark + Service) to the whole code base 
See https://github.com/shaarli/Shaarli/issues/1307
 2020-01-18 09:55:59 +01:00
ArthurHoaro b405a44f29 Bump PHP version check in index.php 
Fixes #1249
 2019-08-10 12:47:58 +02:00
kalvn 8ba951640c Fixes a Undefined index: thumbnail in daily page. 2019-08-04 22:02:18 +02:00
ArthurHoaro 81cae5f5dd Persist sticky status on bookmark update 
Fixes #1331
 2019-07-27 11:46:05 +02:00
ArthurHoaro a5a0c0399b WIP - Plugin to override default template colors 
* Adds a new core plugin to override default template colors
  * Adds a new hook when plugin settings are saved
(`save_plugin_parameters`)
  * Use CSS native variables for main colors instead of SASS variables
  * Disable SASS sort order rules due to a bug in the plugin

Fixes #1312
 2019-07-08 23:20:56 +02:00
ArthurHoaro 6a4872520c Automatically retrieve description for new bookmarks 
If the option is enabled, it will try to find a meta tag containing
the page description and keywords, just like we do for the page title.
It will either look for regular meta tag or OpenGraph ones.

The option is disabled by default.

Note that keywords meta tags is mostly not used.

In `configure` template, the variable associated with this setting
is `$retrieve_description`.

Fixes #1302
 2019-07-06 12:21:52 +02:00
ArthurHoaro 5321f704b5 Daily - display the current day instead of the previous one 
Also mention if it's today or yesterday for clarity using `dayDesc`
variable

Fixes #1299
 2019-05-25 16:40:45 +02:00
ArthurHoaro c3a04e328f
Merge pull request #1273 from ArthurHoaro/feature/ban-manager 
Rewrite IP ban management
 2019-05-25 16:13:56 +02:00
ArthurHoaro 786f35f270
Merge pull request #1276 from ArthurHoaro/feature/bulk-visibility 
Bulk action: set visibility
 2019-04-22 12:31:09 +02:00
ArthurHoaro 18d2d3ae15 Hotfix: History controller for the REST API has been renamed in a previous commit 
but the class name hasn't been updated in index.php
 2019-04-15 17:45:58 +02:00
ArthurHoaro 90e048594a
Merge pull request #1272 from ArthurHoaro/feature/html-lang 
Accessibility: specify the HTML lang attribute
 2019-03-02 10:54:30 +01:00
ArthurHoaro cc69aad4a9
Merge pull request #1271 from ArthurHoaro/hotfix/thumb-note-retrieve 
Do not try to retrieve thumbnails for internal link
 2019-03-02 10:54:06 +01:00
ArthurHoaro a8e7da0114 Do not try to retrieve thumbnails for internal link 
Also adds a helper function to determine if a link is a note and apply it across multiple files.
 2019-02-24 12:25:50 +01:00
ArthurHoaro c21dcc8199
Merge pull request #1270 from ArthurHoaro/hotfix/sticky-warning 
Fix a warning if links sticky status isn't set
 2019-02-24 11:30:35 +01:00
ArthurHoaro 8d03f705eb Bulk action: set visibility 
Added 2 buttons when link checkboxes are checked to set them either public or private.

Related to #572 #1160
 2019-02-09 17:59:53 +01:00
ArthurHoaro b49a04f796 Rewrite IP ban management 
This adds a dedicated manager class to handle all ban interactions, which is instantiated and handled by LoginManager.
IPs are now stored in the same format as the datastore, through FileUtils.

Fixes #1032 #587
 2019-02-09 16:44:48 +01:00
ArthurHoaro cb974e4747 Accessibility: specify the HTML lang attribute 
The lang is based on the user defined one. If the language is automatic, no language will be specified.

Fixes #1216
 2019-02-09 14:29:35 +01:00
ArthurHoaro b790f900c9 Fix a warning if links sticky status isn't set 
- initiate its status to false when the link is created
  - if not defined, initiate its status to false (can happen if the updater hasn't run)
 2019-02-09 14:04:16 +01:00
ArthurHoaro 520d29578c Remove the redirector setting 
Fixes #1239
 2019-02-09 13:55:11 +01:00
VirtualTam e185038834 namespacing: \Shaarli\Plugin\PluginManager 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-12 23:11:19 +01:00
VirtualTam 349b014401 namespacing: \Shaarli\Netscape\NetscapeBookmarkUtils 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-12 23:11:19 +01:00
VirtualTam a932f486f2 namespacing: \Shaarli\Router 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-12 23:11:19 +01:00
VirtualTam 9778a1551c namespacing: \Shaarli\ApplicationUtils 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-12 23:11:19 +01:00
VirtualTam bcf056c9d9 namespacing: \Shaarli\Updater 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-12 23:11:19 +01:00
VirtualTam fe3713d2e5 namespacing: move LinkUtils along \Shaarli\Bookmark classes 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-12 22:47:48 +01:00
VirtualTam 6696729b88 namespacing: \Shaarli\Bookmark\LinkFilter 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-12 22:47:48 +01:00
VirtualTam f24896b237 namespacing: \Shaarli\Bookmark\LinkDB 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-12 22:47:48 +01:00
VirtualTam 8c0f19c797 namespacing: \Shaarli\Render\{PageBuilder,ThemeUtils} 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-12 22:47:48 +01:00
VirtualTam 51753e403f namespacing: move HTTP utilities along \Shaarli\Http\ classes 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-12 22:47:48 +01:00
VirtualTam dfc650aa23 namespacing: \Shaarli\Feed\{Cache,CachedPage,FeedBuilder} 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-12 22:47:48 +01:00
VirtualTam bdc5152d48 namespacing: \Shaarli\History 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-12 22:47:48 +01:00
VirtualTam 9d9f6d75b9 lint: fix line-length warnings 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-12-02 22:39:16 +01:00
VirtualTam 93bf0918fa lint: apply phpcbf to index.php 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-12-02 22:39:16 +01:00
Bish Erbas f6380409ac
Update session start condition 
Recommended method for PHP >= 5.4.0 as seen here https://stackoverflow.com/questions/6249707/check-if-php-session-has-already-started

Per https://shaarli.readthedocs.io/en/master/Server-configuration/ Shaarli supports PHP >= 5.6
 2018-10-31 09:09:35 -04:00
ArthurHoaro 4154c25b5f Add a button to set links as sticky 
Meaning that they always appear on top of all links

Fixes #186
 2018-10-06 12:55:05 +02:00
ArthurHoaro 4adeffd7f4
Merge pull request #1207 from ArthurHoaro/feature/cors 
Add CORS headers to REST API responses
 2018-09-20 23:34:59 +02:00
ArthurHoaro 4fa9a3c5d8 Fix a JS bug preventing AJAX tag deletion to work 
Fixes #1214
 2018-08-16 17:25:47 +02:00
ArthurHoaro b54faf4fd9 History: fix a bug on bulk deletion where only one deletion were registred 2018-08-13 13:18:31 +02:00
ArthurHoaro 5d9bc40d7e Add CORS headers to REST API responses 
Fixes #1174
 2018-08-13 12:21:10 +02:00
ArthurHoaro b5c368b858 Fix issue 'You are not authorized to add a link' with thumbnails enabled 
Do not try to alter the datastore by updating thumbnails if the user isn't logged in.

Also, do not enable thumbnails if PHP GD extension is not installed/loaded
 2018-08-10 17:09:51 +02:00
ArthurHoaro bf3c9934d2 Fix fatal error on daily page: use new thumbnail system 
Also fix:

  * include the login manager in the daily RSS feed function
  * remove redirector setting in the vintage theme

Fixes #1190
 2018-07-29 17:49:53 +02:00
ArthurHoaro ad5f47adba
Merge pull request #687 from ArthurHoaro/web-thumb 
Use web-thumbnailer to retrieve thumbnails
 2018-07-28 09:41:29 +02:00
ArthurHoaro 7b4fea0e39 Bunch of improvement for thumbnails integration: 
- add a default thumb size value (125x90px)
  - improve private vertical bar visual, especially with thumbnails
  - translations
  - add a sync thumbs button in tool and empty picwall page
  - fixes WT download mode in JSON config
 2018-07-17 13:16:50 +02:00
VirtualTam 1cafacfedd Docs: rename 'How-to' section to 'Guides' 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-07-12 21:48:48 +02:00
ArthurHoaro c2c2338f9a
Merge pull request #1141 from ArthurHoaro/api/tags 
Implements Tags endpoints for Shaarli's REST API
 2018-07-10 18:06:26 +02:00
ArthurHoaro b302b3c584 Thumbnails: add a common mode to only retrieve thumbs from popular media websites 2018-07-05 20:34:22 +02:00
ArthurHoaro 28f2652460 Add a page to update all thumbnails through AJAX requests in both templates 2018-07-05 20:34:22 +02:00
ArthurHoaro 787faa42f3 Take code review into account 
Upgrade web-thumbnailer and display thumbs right after download
 2018-07-05 20:34:22 +02:00
ArthurHoaro e85b7a05a1 Update thumbnail integration after rebasing the branch 2018-07-05 20:31:35 +02:00
ArthurHoaro 1b93137e16 Use web-thumbnailer to retrieve thumbnails 
* requires PHP 5.6
  * use blazy on linklist since a lot more thumbs are retrieved
  * thumbnails can be disabled
  * thumbs size is now 120x120
  * thumbs are now cropped to fit the expected size

Fixes #345 #425 #487 #543 #588 #590
 2018-07-05 20:31:35 +02:00
VirtualTam 87f1431247 Fix broken documentation links and list formatting 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-06-26 22:22:33 +02:00
ArthurHoaro cad4251ad7 Fixes an error during the install 
was out of scope
 2018-06-07 19:58:58 +02:00
ArthurHoaro d3f42ca487 Implements Tags endpoints for Shaarli's REST API 
Endpoints:

 * List All Tags [GET]
 * Get a tag [GET]
 * Update a tag [PUT]
 * Delete a tag [DELETE]

Fixes #904
References shaarli/api-documentation#34
 2018-06-04 18:51:22 +02:00
VirtualTam c689e10863 Refactor LoginManager stay-signed-in token management 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-06-02 16:46:06 +02:00
VirtualTam 51f0128cdb Refactor session and cookie timeout control 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-06-02 16:46:06 +02:00
VirtualTam fab87c2696 Move LoginManager and SessionManager to the Security namespace 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-06-02 16:46:06 +02:00
VirtualTam 68dcaccfa4 LoginManager: remove unused parameter 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-06-02 16:46:06 +02:00
VirtualTam 89ccc83ba4 Login: update PageBuilder and default/vintage templates 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-06-02 16:46:06 +02:00
VirtualTam 8474208474 Pass the client IP ID to LoginManager 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-06-02 16:46:06 +02:00
VirtualTam 63ea23c2a6 Refactor user credential validation at login time 
Changed:
- move login/password verification to LoginManager
- code cleanup

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-05-29 22:53:54 +02:00
VirtualTam 49f1832316 Refactor PHP session handling during login/logout 
Changed:
- move $_SESSION handling to SessionManager
- code cleanup

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-05-29 22:53:54 +02:00
VirtualTam db45a36a53 Refactor SessionManager::$INACTIVITY_TIMEOUT 
Changed:
- move INACTIVITY_TIMEOUT to SessionManager
- inject a dependency to a SessionManager instance in:
  - fillSessionInfo()
  - setup_login_state()
  - check_auth()
- cleanup related code and comments

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-05-29 22:53:54 +02:00
VirtualTam 88110550b8 Refactor client session hijacking protection 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-05-29 22:53:54 +02:00
ArthurHoaro 8d2cac1be6 Fix parameter order which was preventing max_dl parameter to work properly 2018-05-01 16:40:08 +02:00
ArthurHoaro 15410df113 Fix warning when trying to save redictor setting from the configure page 
It has been removed from the web page.

Fixes #1099
 2018-03-13 18:11:58 +01:00
ArthurHoaro 4294bc7b98
Merge pull request #1096 from ArthurHoaro/feature/download-params 
Make max download size and timeout configurable
 2018-03-13 18:02:49 +01:00
ArthurHoaro 4ff3ed1c47 Make max download size and timeout configurable 
Fixes #1061
 2018-03-07 23:03:21 +01:00
ArthurHoaro d2d4f993e1 PSR: use elseif instead of else if 
See https://www.php-fig.org/psr/psr-2/\#51-if-elseif-else
 2018-02-28 22:34:40 +01:00
ArthurHoaro 980efd6cf8 Use a specific page title in all pages 
Also fixed a few French translation issues

Fixes #954 #955
 2018-02-24 12:48:49 +01:00
VirtualTam 44acf70681 Refactor login / ban authentication steps 
Relates to https://github.com/shaarli/Shaarli/issues/324

Added:
- Add the `LoginManager` class to manage logins and bans

Changed:
- Refactor IP ban management
- Simplify logic
- Avoid using globals, inject dependencies

Fixed:
- Use `ban_duration` instead of `ban_after` when setting a new ban

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-02-05 18:12:09 +01:00
ArthurHoaro a381c373b3
Merge pull request #1074 from kalvn/feature/dailymarkdown 
Executes daily hooks before creating columns.
 2018-02-02 19:23:26 +01:00
ArthurHoaro bc3ce7ec2a
Merge pull request #1038 from ArthurHoaro/feature/public-only-filter 
Add a filter to only display public links
 2018-02-02 19:22:37 +01:00
kalvn 50142efd1b Executes daily hooks before creating columns. 2018-02-01 13:16:58 +01:00
ArthurHoaro b7c412d4d0 Use LC_COLLATE instead of LC_MESSAGES if php-intl is not installed 
As stated in the docs:

> LC_MESSAGES for system responses (available if PHP was compiled with libintl)

Fixes #1067
 2018-01-31 12:39:17 +01:00
ArthurHoaro d2f6d909e5 Public/private filter: use two separate buttons 
#1038
 2018-01-24 18:46:31 +01:00
ArthurHoaro d449f79a0d
Merge pull request #977 from ArthurHoaro/feature/dl-filter 
Extract the title/charset during page download, and check content type
 2018-01-23 18:41:38 +01:00
VirtualTam 65c002ca18 Fix XSS vulnerability 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-01-04 15:53:48 +01:00
ArthurHoaro 9d4736a3e9 Add a filter to only display public links 
When the key filter is clicked once, it only displays private link. When it is clicked on again, it becomes red and only public links are displayed. Another click and all links are displayed. The current visibility status is shown in the search banner

Fixes #1030
 2017-12-16 14:32:56 +01:00
ArthurHoaro fd08b50a80 Don't URL encode description links if parameter 'redirector.encode_url' is set to false 2017-11-07 20:23:58 +01:00
ArthurHoaro d65342e304 Extract the title/charset during page download, and check content type 
Use CURLOPT_WRITEFUNCTION to check the response code and content type (only allow HTML).
Also extract the title and charset during downloading chunk of data, and stop it when everything has been extracted.

Closes #579
 2017-10-28 14:35:49 +02:00
VirtualTam fd7d84616d Move session ID check to SessionManager 
Relates to https://github.com/shaarli/Shaarli/issues/324

Changed:
- `is_session_id_valid()` -> `SessionManager::checkId()`
- update tests

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2017-10-22 19:54:44 +02:00
VirtualTam ebd650c06c Refactor session token management 
Relates to https://github.com/shaarli/Shaarli/issues/324

Added:
- `SessionManager` class to group session-related features
- unit tests

Changed:
- `getToken()` -> `SessionManager->generateToken()`
- `tokenOk()` -> `SessionManager->checkToken()`
- inject a `$token` parameter to `PageBuilder`'s constructor

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2017-10-22 19:19:46 +02:00
ArthurHoaro f39580c6fd Add language selection in the configure page of the default theme 2017-10-22 13:16:53 +02:00
ArthurHoaro 12266213d0 Shaarli's translation 
* translation system and unit tests
 * Translations everywhere

Dont use translation merge

It is not available with PHP builtin gettext, so it would have lead to inconsistency.
 2017-10-22 12:55:03 +02:00
ArthurHoaro be9ddff2fb Merge pull request #987 from ArthurHoaro/hotfix/security-issue 
Fix security issue reported by @chb9
 2017-10-07 11:33:20 +02:00
ArthurHoaro d14555a3df Fix security issue reported by @chbi 
Vulnerability introduced by 6ccd0b218f - release with Shaarli v0.9.1.
 2017-10-07 11:27:44 +02:00
VirtualTam c8d96b4729 Merge pull request #979 from ArthurHoaro/feature/assets-cache-version 
Add a version hash for asset loading to prevent browser's cache issue
 2017-10-06 14:32:07 +02:00
Mark Gerarts 722caa2090 Allow setting of a default note title, see #963 2017-10-01 14:19:57 +02:00
ArthurHoaro b3e1f92e9c Rename shaarli_version constant to uppercase 2017-10-01 11:11:16 +02:00
Willi Eggeling 27e21231e1 added option to redirect all anonymous users to login page 
- new setting *force_login* added and documented
- if both, *force_login* and *hide_public_links* are set to true, all requests
  (except for the feeds) are redirected to the login page
 2017-09-03 11:46:49 +02:00
ArthurHoaro 96a1c79456 Merge pull request #939 from ArthurHoaro/hotfix/firefox-social-title 
Firefox Social title: Use document.title instead of RainTPL variable
 2017-09-02 13:54:38 +02:00
ArthurHoaro a3130d2c2f Make work behind a reverse proxy 
Without HTTP_X_FORWARDED_PORT check,  might be set to false even though the user is using HTTPS, thus disabling Firefox Social block display
 2017-09-02 13:50:49 +02:00
ArthurHoaro 87d019986e Merge pull request #950 from thewilli/delete-fix 
fixed link deletion
 2017-09-01 18:25:44 +02:00
ArthurHoaro c5f5365ae6 Merge pull request #951 from thewilli/fix-daily 
fixed daily links if there are no links
 2017-09-01 18:25:09 +02:00
Willi Eggeling a74f52a8d2 fixed link deletion 
When deleting links, the js of the default theme separated ids by an escaped space ('+').
There was a trailing '+' after the ids which led to the php code detecting multiple values
even for single values. In combination with the id '0' this could led to no id found at all
and a resulting php error.

this commit fixes the behavior and adds an additional error handling and trimming to the php code.
 2017-08-30 12:54:58 +02:00
Willi Eggeling 5a0045be79 fixed daily links if there are no links 
- the previous code tried to use links from a previous day if there are no one for the current one
- the new code skips this part if there are no entries (i.e. days) at all
- modified showDaily() to fit PSR-1 and PSR-2
 2017-08-30 12:42:58 +02:00
VirtualTam e4ed3a46b7 Merge pull request #944 from thewilli/configure-rememberme 
new setting: default value for 'remember me' checkbox
 2017-08-27 16:36:53 +02:00