VirtualTam
c9cf2715f0
application: move checkPHPVersion from Utils to ApplicationUtils
...
Relates to #372
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-11-24 01:40:44 +01:00
VirtualTam
2e28269bae
install: check file/directory permissions for Shaarli resources
...
Relates to #40
Relates to #372
Additions:
- FileUtils: IOException
- ApplicationUtils:
- check if Shaarli resources are accessible with sufficient permissions
- basic test coverage
- index.php:
- check access permissions and redirect to an error page if needed:
- before running the first installation
Modifications:
- LinkDB:
- factorize datastore write code
- check if the datastore
(exists AND is writeable) OR (doesn't exist AND its parent dir is writable)
- raise an IOException if needed
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-11-24 01:12:35 +01:00
VirtualTam
c580024cfb
Merge pull request #384 from roidelapluie/master
...
fill session info when shaarli is in open mode
2015-11-23 20:24:35 +01:00
Julien Pivotto
02ad8fb6ce
Fix authentification when Shaarli is in Open Mode.
2015-11-23 14:53:34 +01:00
VirtualTam
3d79d82326
Merge pull request #387 from ArthurHoaro/bookmarklet-quote
...
Fixes #382 : Bookmarklet can not retrieve title when there is a quotation mark in it
2015-11-22 18:10:50 +01:00
VirtualTam
c07e166aa2
Merge pull request #376 from ArthurHoaro/opensearch
...
Fixes #176 - Add opensearch functionality
2015-11-22 17:53:24 +01:00
ArthurHoaro
739dc24344
Fixes #382 : Bookmarklet can not retrieve title when there is a quotation mark in it
...
bookmarklet fields weren't correctly escaped
2015-11-22 15:47:41 +01:00
ArthurHoaro
e4b9a7633d
Bugfix: do not store plugin errors in data.php
...
Before this, calling writeConfig() would have write error messages in data.php, because it uses 'plugins' array which is used for plugin configuration.
Causing the message error appear everytime.
2015-11-22 14:45:09 +01:00
ArthurHoaro
98f54239aa
Bump version to v0.6.0
...
Signed-off-by: ArthurHoaro <arthur@hoa.ro>
2015-11-18 13:38:30 +01:00
ArthurHoaro
8f8113b94b
Fixes #176 - Add opensearch functionality
...
* add a new page in Router: do=opensearch which displays the opensearch plugin
* using base64 compressed image to avoid issue encountered with HTTPS
2015-11-17 20:19:44 +01:00
VirtualTam
a7921b2445
cleanup: remove the executable bit from source scripts
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-11-11 19:19:24 +01:00
VirtualTam
28bb2b74e3
index.php: group globals by theme, format comments
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-11-11 18:45:46 +01:00
Arthur
fd006c630b
Merge pull request #275 from shaarli/plugin-proposition
...
Plugin proposition
2015-11-08 13:29:32 +01:00
ArthurHoaro
056107ab4e
Handle errors raised by plugins in template. fixes #370
2015-11-08 13:22:44 +01:00
ArthurHoaro
6fc14d5303
Plugin system - CORE
...
see shaarli/Shaarli#275
2015-11-07 15:27:17 +01:00
ArthurHoaro
d01c234235
Fixes #356
...
* adding a link should return added link's hash
* allow redirection relative urls in generateLocation
2015-11-04 19:53:59 +01:00
VirtualTam
38bedfbbcd
Bump version to 0.5.4
...
Fixes:
- PHP session IDs: handle hash algorithms and bits per char representations
Minor changes:
- HTTPS: support being served behing an SSL-enabled proxy
- HTTP/Server utilities: refactor & add test coverage
Project & documentation:
- improve/rewrite `README.md`
- update contributor list
- update `index.php` header
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-09-14 21:02:52 +02:00
VirtualTam
49e2b35b4a
Update project information: contributors, index.php
header
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-09-14 20:54:13 +02:00
VirtualTam
482d67bd52
HTTP: move server URL functions to HttpUtils.php
...
Relates to #333
Modifications:
- refactor server URL utility functions
- do not access global `$_SERVER` variables
- add test coverage
- improve readability
- apply coding conventions
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-09-14 20:27:16 +02:00
Fanch
7b114771d3
SSL detection: add support for X-Forwarded-Proto
...
Duplicates #332
See:
- RFC 7239 - Forwarded HTTP Extension
http://www.ietf.org/rfc/rfc7239.txt
- RFC 6238 - Deprecating the "X-" Prefix and Similar Constructs in Application Protocols
http://www.ietf.org/rfc/rfc6648.txt
- StackOverflow - Custom HTTP headers: naming conventions
http://stackoverflow.com/a/3561399
2015-09-13 21:17:01 +02:00
Guillaume Virlet
ef591e7ee2
Url: introduce global helper functions for cleanup and scheme detection
...
Relates to #314 & #326
Additions:
- add global `cleanup_url()` and `get_url_scheme()` functions
Modifications:
- replace `Url` usage in `index.php` by calls to global functions
- fix `Url` tests not being run: PHPUnit expects a single test class per file
- move classes to separate files
2015-09-08 22:00:37 +02:00
VirtualTam
451314eb48
HTTP: move utils to a proper file, add tests
...
Relates to #333
Modifications:
- move HTTP utils to 'application/HttpUtils.php'
- simplify logic
- replace 'http_parse_headers_shaarli' by built-in 'get_headers()'
- remove superfluous '$status' parameter (provided by the HTTP headers)
- apply coding conventions
- add test coverage (unitary only)
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-09-06 19:30:26 +02:00
VirtualTam
68bc21353a
Session ID: extend the regex to match possible hash representations
...
Improves #306
Relates to #335 & #336
Duplicated by #339
Issues:
- PHP regenerates the session ID if it is not compliant
- the regex checking the session ID does not cover all cases
- different algorithms: md5, sha1, sha256, etc.
- bit representations: 4, 5, 6
Fix:
- `index.php`:
- remove `uniqid()` usage
- call `session_regenerate_id()` if an invalid cookie is detected
- regex: support all possible characters - '[a-zA-Z,-]{2,128}'
- tests: add coverage for all algorithms & bit representations
See:
- http://php.net/manual/en/session.configuration.php#ini.session.hash-function
- https://secure.php.net/manual/en/session.configuration.php#ini.session.hash-bits-per-character
- http://php.net/manual/en/function.session-id.php
- http://php.net/manual/en/function.session-regenerate-id.php
- http://php.net/manual/en/function.hash-algos.php
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-09-06 16:14:24 +02:00
ArthurHoaro
ce8c4a84ba
Bump version to v0.5.3
...
Fixes a bug that could prevent user to login.
2015-09-02 18:06:21 +02:00
VirtualTam
53cc2b93b8
Bump version to 0.5.2
...
Minor changes
- fix Full Path Disclosure upon cookie forgery
- fix regression preventing to load LinkDB info when adding an existing link
- also extract HTTPS page metadata (title)
- add PHP 7 to Travis platforms
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-08-31 20:39:27 +02:00
VirtualTam
6211c498f6
Merge pull request #326 from ArthurHoaro/bug-url
...
Fixes #325 - Shaarli does not recognize saved links
2015-08-31 20:31:41 +02:00
ArthurHoaro
26c503460c
Add HTTPS support for title extracting feature
2015-08-31 12:30:59 +02:00
ArthurHoaro
9e1724f192
Fixes #325 - Shaarli does not recognize saved links
...
PHP doesn't seem to autoconvert objects to strings when they're use as array indexes.
Fixes regression introduced in d9d776af19
2015-08-31 12:26:38 +02:00
ArthurHoaro
06b6660a7e
Avoid Full Path Disclosure error on session error.
...
* Add a function to validate session ID.
* Generate a new session ID if an invalid token is passed.
2015-08-22 10:10:55 +02:00
VirtualTam
d7efade5d6
Bump version to 0.5.1
...
Minor changes
- fix 404 after editing a link while being logged out
- update local documentation
- improve timezone detection at installation
- improve feed cache handling
- improve URL cleanup for new links
- add a link to the shaarli/shaarli DockerHub repository
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-08-18 00:36:55 +02:00
VirtualTam
d9d776af19
Links: refactor & improve URL cleanup
...
Relates to #141
Relates to #133
Modifications
- move URL cleanup to `application/Url.php`
- rework the cleanup function
- fragments: `#stuff`
- GET parameters: `?var1=val1&var2=val2`
- add documentation (APIs the params belong to)
- add test coverage
Reference
- http://php.net/parse_url
- http://php.net/manual/en/language.oop5.magic.php#language.oop5.magic.tostring
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-08-15 15:58:38 +02:00
VirtualTam
01e48f269d
CachedPage: move to a proper file, add tests
...
Modifications
- rename `pageCache` to `CachedPage`
- move utilities to `Cache`
- do not access globals
- apply coding rules
- update LinkDB and test code
- add test coverage
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-08-13 23:48:06 +02:00
ArthurHoaro
5fbabbb9be
Fixes #299 : prevent 404 on '?edit_link' while logged out
...
- add a use case for edit_link in logged out part.
- *really* prevent loops on login screen.
2015-08-07 16:26:38 +02:00
VirtualTam
afd7b77b4c
Installation: default to the server's timezone
...
Modifications
- attempt to use the server's timezone
- if none is set, use UTC
- TimeZone: apply coding conventions
- variable naming
- no closing PHP tag
Relates to #274
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-08-04 23:54:03 +02:00
VirtualTam
7d4263e11a
Bump version to 0.5.0
...
Major changes
- fix locale handling
- fix note URLs
- fix page redirections
- fix daily RSS browsing
- fix title display
- fix links not being hidden when `HIDE_PUBLIC_LINKS` is set
- restore compatibility with PHP 5.3
- remove duplicate tags in links
- remove annoying URL patterns
- add Firefox Social API
- Search/Filter by tag fieds can now be accessed quickly with the `Tab` key
- update documentation
- start code refactoring
- move all settings to `data/config.php`
- refactor Config, LinkDB, TimeZone, Utils
- add unit test coverage
- add Travis integration
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-07-30 11:20:51 +02:00
VirtualTam
d1e2f8e52c
PHP: ensure 5.3 compatibility, refactor timezone utilities
...
Relates to #250
Modifications
- supported version
- bump required version from 5.1.0 to 5.3.x
- update README
- add PHP 5.3 to Travis environments
- rewrite array declarations: explicitely use array() instead of []
- move checkPHPVersion to application/Utils.php
- move timezone functions to application/TimeZone.php
- cleanup code
- improve test coverage
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-07-13 13:06:06 +02:00
VirtualTam
5b0ebbc5de
Merge pull request #257 from ArthurHoaro/tag-http-referer
...
Prevent redirection loop everytime we rely on HTTP_REFERER
2015-07-12 19:56:13 +02:00
ArthurHoaro
775803a05c
Prevent redirection loop everytime we rely on HTTP_REFERER:
...
* search tag
* delete tag
* pagination
* display privates only
* delete link
* new/edit/cancel link return page
Move location generation to Utils.php + unit tests.
Fixes #256
ninja
2015-07-12 17:43:13 +02:00
Arthur
1dcbe29611
English mistake cf sebsauvage/Shaarli#221
2015-07-12 15:16:37 +02:00
ArthurHoaro
6ac95d9cf1
Fixes warning 'Undefined index: searchtags' while filtering by tags.
...
Happened if there were not any searchtags already present in the query.
2015-07-12 11:36:42 +02:00
Arthur
7bd3542b1b
Merge pull request #262 from ArthurHoaro/dup-tags
...
Avoid tag duplicates
2015-07-12 11:01:24 +02:00
ArthurHoaro
781e8aadea
Avoid tag duplicates
...
* Prevent duplicate client side with awesomplete
* Prevent duplicate server side (save_edit processing)
Fixes #261
2015-07-12 10:34:29 +02:00
VirtualTam
bba021defc
Merge pull request #268 from ArthurHoaro/dailrss-template
...
Include the whole <item> in Daily RSS template
2015-07-11 19:09:52 +02:00
ArthurHoaro
f3b8f9f0f8
Include the whole <item> in dailyRSS
...
Allow custom date format and title in templates.
Also a bit of code style review.
Fixes #182
2015-07-11 10:25:25 +02:00
VirtualTam
50c9a12ee6
Fix: data/config.php was not imported
...
Relates to #255
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-07-11 00:12:13 +02:00
VirtualTam
e92f1ba59e
Merge pull request #255 from ArthurHoaro/config
...
All settings are now stored in config.php
2015-07-09 21:34:46 +02:00
ArthurHoaro
dd484b90b1
All settings are now stored in config.php
...
Isolate functions related to config in Config.php + add unit tests + code_sniffer.
options.php is not supported anymore, but its content will be automatically saved into config.php
Fixes #shaarli/Shaarli#41
*TODO*: update [documentation](https://github.com/shaarli/Shaarli/wiki#configuration ).
2015-07-09 20:46:03 +02:00
VirtualTam
9186ab9594
LinkDB::filterDay(): check input date format
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-07-09 00:44:19 +02:00
ArthurHoaro
f3db3774f9
Fixes #260 : previous/next day links in daily
...
The bug was occuring only if we tried to access to the first day.
2015-07-08 17:12:06 +02:00
VirtualTam
9c8752a206
LinkDB: do not access global variables
...
Relates to #218
Removes "hidden" access to the following variables:
- $GLOBALS['config']['datastore']
- PHPPREFIX
- PHPSUFFIX
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-06-24 23:26:52 +02:00
nodiscc
64bc92e3ac
move escape() and sanitizeLink() to application/Utils.php
...
prevents 'PHP Fatal error: Call to undefined function sanitizeLink() in Shaarli/application/LinkDB.php on line 255' in tests
2015-06-24 01:08:30 +02:00
nodiscc
eaefcba724
Merge remote-tracking branch 'ArthurHoaro/input-escape' into next
...
Conflicts:
index.php
2015-06-24 00:51:38 +02:00
VirtualTam
9f15ca9ee7
LinkDB: add 'hidePublicLinks' parameter to the constructor
...
Fixes #236
Relates to #237
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-06-24 00:26:59 +02:00
ArthurHoaro
c68da3ffbf
Page title if there is a single link
...
Fixes #232
2015-06-23 20:22:02 +02:00
ArthurHoaro
5f85fcd863
Working on shaarli/Shaarli#224
...
I reviewed character escaping everywhere with the following ideas:
* use a single common function to escape user data: `escape` using `htmlspecialchars`.
* sanitize fields in `index.php` after reading them from datastore and before sending them to templates.
It means no escaping function in Twig templates.
2 reasons:
* it reduces risks of security issue for future user made templates
* more readable templates
* sanitize user configuration fields after loading them.
2015-06-23 16:35:36 +02:00
nodiscc
4a5827ff5a
Merge remote-tracking branch 'ArthurHoaro/daily-date' into next
2015-06-23 15:07:03 +02:00
nodiscc
38a0c256d2
Merge remote-tracking branch 'virtualtam/test/link-db' into next
...
Conflicts:
index.php
2015-06-23 14:38:43 +02:00
nodiscc
0fe36414c8
Merge remote-tracking branch 'ArthurHoaro/search-tag-awesomplete' into next
2015-06-23 14:18:31 +02:00
ArthurHoaro
4de71445d3
Daily page: date format in template
...
It only concerns the date of the day in the main title.
Fixes #182
Note that daily RSS feed is not generated through templates. Date are still hard formatted in that case.
2015-06-19 20:23:58 +02:00
VirtualTam
ca74886f30
LinkDB: move to a proper file, add test coverage
...
Relates to #71
LinkDB
- move to application/LinkDB.php
- code cleanup
- indentation
- whitespaces
- formatting
- comment cleanup
- add missing documentation
- unify formatting
Test coverage for LinkDB
- constructor
- public / private access
- link-related methods
Shaarli utilities (LinkDB dependencies)
- move startsWith() and endsWith() functions to application/Utils.php
- add test coverage
Dev utilities
- Composer: add PHPUnit to dev dependencies
- Makefile:
- update lint targets
- add test targets
- generate coverage reports
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-06-11 00:45:45 +02:00
ArthurHoaro
a037ac6963
Do not load links if they're hidden (also fix shaarli/Shaarli#202 )
2015-06-09 14:58:54 +02:00
ArthurHoaro
65d6251744
Add awesomplete to tag search shaarli/Shaarli#49
2015-06-09 14:23:28 +02:00
nodiscc
cbecab7735
split annoyingpatterns list on multpile lines, add new patterns for removal:
...
* utm_content=
* fb=
* xtor=
closes https://github.com/shaarli/Shaarli/issues/136
2015-06-03 15:58:58 +02:00
nodiscc
f95d0428f6
Merge branch 'really-hide' of https://github.com/pikzen/Shaarli into next
2015-05-22 21:07:00 +02:00
nodiscc
8b3c67fccb
Merge remote-tracking branch 'Marsup/firefox-social' into next
2015-05-22 21:04:36 +02:00
Marsup
d33c5d4c3b
Add Firefox Social API to the tools. Fixes #101 .
2015-05-15 16:18:54 +00:00
feula
59c90f5808
Properly hide all links
...
>searchtags
2015-05-11 20:08:38 +02:00
Jonathan Druart
f5b059254f
Display date as today if no articles published
...
On "The Daily Shaarli" page (index.php?do=daily), the date is "Tuesday
30, November 1999" if no articles have been published/shared.
This patch checks the parameter ($linkdate) before the mktime call to
prevent and generate the "day 0" string.
mktime(0,0,0,0,0,0) returns 943916400 (hum?)
2015-05-11 11:16:19 +01:00
nodiscc
caee7ff9cc
change wording and variable names for "Hide public links" feature
2015-04-10 20:52:12 +02:00
nodiscc
0c45b01cc2
Merge remote-tracking branch 'pikzen/disable-public' into next
2015-04-10 20:30:33 +02:00
nodiscc
507849290c
Merge remote-tracking branch 'ArthurHoaro/localecharset' into next
2015-04-10 20:30:15 +02:00
nodiscc
1caf200551
Merge commit '326ae54' into next
2015-04-10 20:28:24 +02:00
feula
8fa1ebd605
Allow disabling all public links, fixes #188
2015-04-09 18:13:11 +02:00
ArthurHoaro
da49603b86
#193 add UTF8 by default to autoLocale
2015-04-08 06:53:34 +02:00
ArthurHoaro
8438a2e5d0
Fixes autoLocale function by trying several way to find a correct one.
...
Fix https://github.com/shaarli/Shaarli/issues/184
2015-04-05 22:01:43 +02:00
dimtion
326ae54d08
Fix missing permalink title when logged in
2015-04-05 18:18:15 +02:00
Florian Eula
b47f515ad3
Display notes as absolute URLs
2015-04-01 11:47:04 +02:00
ArthurHoaro
a5752e776c
Fix bad merge commit
...
Define date format in templates instead of index.php.
Conflicts:
index.php
tpl/dailyrss.html
2015-04-01 00:32:47 +02:00
pikzen
d3b2b456e1
Display notes as absolute urls
...
Fixes https://github.com/shaarli/Shaarli/issues/177
Merge commit '3ea318dad05954e2043d5bb2f8572b103d7c3930' into notes-absolute-url
Conflicts:
index.php
2015-03-31 20:16:06 +02:00
ArthurHoaro
880cbf92ca
Fixes autoLocale function by trying several way to find a correct one.
2015-03-31 13:22:20 +02:00
ArthurHoaro
bec1870180
Define date format in templates instead of index.php.
2015-03-31 13:19:07 +02:00
feula
3ea318dad0
Display notes as absolute urls.
...
The deletion is related to Windows not handling quotes in filenames, see
#179 . It shouldn't delete the real file. Probably. Check it out.
2015-03-29 17:31:38 +02:00
nodiscc
129ff3c2e5
bump version to 0.0.45beta
2015-03-16 16:17:31 +01:00
nodiscc
b4b7d3343a
Merge branch 'picwall-direct-link' into next
2015-03-15 14:24:51 +01:00
nodiscc
aa22244027
bump version to 0.0.44beta
2015-03-15 14:23:55 +01:00
nodiscc
9a631bab7f
Merge remote-tracking branch 'ArthurHoaro/autocomplete' into next
2015-03-15 14:21:59 +01:00
ArthurHoaro
bdd1715b24
Use awesomplete as autocomplete lib and remove jQuery - shaarli/Shaarli#148
...
* Add awesomplete dependancy (source + min + CSS)
* Remove jQuery and jQuery-UI dependancy
* Few CSS ajustements
* Use tags complete list as RainTPL var (and display it as HTML)
* Remove "disable jQuery" feature
* Remove tag list web service
2015-03-12 20:27:16 +01:00
nodiscc
4a1a1190a6
picwall: link directly to the target URL (not the permalink)
2015-03-11 19:19:18 +01:00
nodiscc
3ef1da28e8
Merge pull request #119 from ArthurHoaro/js-link
...
allow 'javascript:' links sharing (bookmarklets)
2015-03-11 19:17:13 +01:00
nodiscc
35c2c4db5b
Redirect to homepage after adding a link via "Add Link" dialog
...
* Fixes https://github.com/shaarli/Shaarli/issues/115
2015-03-05 13:43:53 +01:00
nodiscc
01b8f52718
Merge pull request #141 from nodiscc/cleanurl-filters
...
Add URL cleaning filters + refactoring
2015-03-05 13:42:38 +01:00
nodiscc
baf5cbf27d
Improve URL cleaning:
...
* also remove action_type_map, action_ref_map and action_object maps params used by facebook
2015-03-05 13:40:43 +01:00
nodiscc
403a199409
Improve annoying URL parameters cleaning:
...
* Use regular expressions to avoid suplicating params depending on their position in the URL (¶m=,?param=)
* Only remove the relevant URL pattern and don't remove following params, fixes https://github.com/shaarli/Shaarli/issues/136
* Credits to Marcus Rohrmoser (https://github.com/mro )
2015-03-05 13:33:30 +01:00
nodiscc
ad2a397c66
cleanup: refactor annoying URL patterns in a single loop
...
* fixes https://github.com/shaarli/Shaarli/issues/133
2015-03-04 20:11:39 +01:00
Alexis J
bc1ef5b94a
Add some filters to clean URLs
2015-03-04 20:02:04 +01:00
ArthurHoaro
34047d23fb
Lazy load images with the light lib bLazy.js instead of jQuery:
...
* Remove jquery.lazyload lib
* Add blazy lib
* Add a bit of CSS animation
* Delete unused picwall2 template
2015-03-01 11:23:03 +01:00
nodiscc
dbcad7406e
Prevent visitors from reading shaarli version
...
* fixes https://github.com/shaarli/Shaarli/issues/122
* the shaarli version is now in a php comment block, which prevents
visitors from reading it when it is place on a PHP-enabled server, but
still allows the update mechanism to read it from the source on github.
2015-02-25 13:25:45 +01:00
ArthurHoaro
329e076879
shaarli/Shaarli#34 : Make update check optional
...
* Add a check box at installation (checked by default)
* Add a check box in configuration page
2015-02-20 22:49:41 +01:00
ArthurHoaro
f81139c9b2
Fixes shaarli/Shaarli#46 : allow 'javascript:' links sharing
2015-02-20 21:46:21 +01:00
nodiscc
be3f0b4ec3
bump version to 0.0.43beta
2015-02-20 19:41:53 +01:00