Knah-Tsaeb/MyShaarli
Knah-Tsaeb/MyShaarli
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
1454 commits 8 branches 1 tag 12 MiB
Commit graph

311 commits

Author SHA1 Message Date
nodiscc
d72ae3d7e8 Merge remote-tracking branch 'ArthurHoaro/default-links' 2015-06-26 22:03:25 +02:00
nodiscc
2fbadc3c63 Merge remote-tracking branch 'virtualtam/linkdb/remove-globals' 2015-06-26 22:03:10 +02:00
Felix Bartels
ddfc400465 Restore compatability with php 5.3 2015-06-26 16:57:07 +02:00
VirtualTam
9c8752a206 LinkDB: do not access global variables 
Relates to #218

Removes "hidden" access to the following variables:
 - $GLOBALS['config']['datastore']
 - PHPPREFIX
 - PHPSUFFIX

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2015-06-24 23:26:52 +02:00
ArthurHoaro
598376d4cf Change fresh install default link 
Fixes #200

Let me know if you want to change anything in the description.
 2015-06-24 11:58:00 +02:00
nodiscc
64bc92e3ac move escape() and sanitizeLink() to application/Utils.php 
prevents 'PHP Fatal error:  Call to undefined function sanitizeLink() in Shaarli/application/LinkDB.php on line 255' in tests
 2015-06-24 01:08:30 +02:00
nodiscc
eaefcba724 Merge remote-tracking branch 'ArthurHoaro/input-escape' into next 
Conflicts:
	index.php
 2015-06-24 00:51:38 +02:00
VirtualTam
9f15ca9ee7 LinkDB: add 'hidePublicLinks' parameter to the constructor 
Fixes #236
Relates to #237

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2015-06-24 00:26:59 +02:00
ArthurHoaro
5f85fcd863 Working on shaarli/Shaarli#224 
I reviewed character escaping everywhere with the following ideas:

  * use a single common function to escape user data: `escape` using `htmlspecialchars`.
  * sanitize fields in `index.php` after reading them from datastore and before sending them to templates.
  	It means no escaping function in Twig templates.
    2 reasons:
    * it reduces risks of security issue for future user made templates
    * more readable templates
  * sanitize user configuration fields after loading them.
 2015-06-23 16:35:36 +02:00
nodiscc
578a84bda0 re-add readDb() missing from previous merge 2015-06-23 14:57:54 +02:00
VirtualTam
ca74886f30 LinkDB: move to a proper file, add test coverage 
Relates to #71

LinkDB
 - move to application/LinkDB.php
 - code cleanup
   - indentation
   - whitespaces
   - formatting
 - comment cleanup
   - add missing documentation
   - unify formatting

Test coverage for LinkDB
 - constructor
 - public / private access
 - link-related methods

Shaarli utilities (LinkDB dependencies)
 - move startsWith() and endsWith() functions to application/Utils.php
 - add test coverage

Dev utilities
 - Composer: add PHPUnit to dev dependencies
 - Makefile:
    - update lint targets
    - add test targets
    - generate coverage reports

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2015-06-11 00:45:45 +02:00