Commit graph

332 commits

Author SHA1 Message Date
Arthur
adcdac1dec Merge pull request #623 from ArthurHoaro/security/reverse-proxy-ban
Add trusted IPs in config and try to ban forwarded IP on failed login
2016-10-12 14:48:57 +02:00
ArthurHoaro
fdf88d1948 Bump version to v0.8.0
Signed-off-by: ArthurHoaro <arthur@hoa.ro>
2016-10-12 12:36:59 +02:00
VirtualTam
5283175367 composer: display an error message if the autoload script is missing
Closes https://github.com/shaarli/Shaarli/issues/645
Relates to https://github.com/shaarli/Shaarli/issues/607

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2016-09-05 00:04:57 +02:00
VirtualTam
a973afeac7 Refactor bookmark import using a generic Netscape parser
Relates to #607
Relates to #608
Relates to #493 (abandoned)

Additions:
- use Composer's autoload to load 3rd-party dependencies under vendor/

Modifications:
- [import] replace the current parser with a generic, stable parser
  - move code to application/NetscapeBookmarkUtils
  - improve status report after parsing
- [router] use the same endpoint for both bookmark upload and import dialog
- [template] update bookmark import options
  - allow adding tags to all imported links
  - allow selecting the visibility (privacy) of imported links
- [tests] ensure bookmarks are properly parsed and imported in the LinkDB
  - reuse reference input from the parser's test data

See:
- https://github.com/shaarli/netscape-bookmark-parser
- https://getcomposer.org/doc/01-basic-usage.md#autoloading

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2016-08-10 01:42:44 +02:00
ArthurHoaro
cdbc818037 Bugfix: wrong key used to get default private links setting 2016-08-07 12:15:08 +02:00
ArthurHoaro
edf3ff5a53 Initialize a translation function
It matches the API of ngettext().
2016-08-07 11:54:39 +02:00
ArthurHoaro
fd5ac47ea2 Generate a token for every pages 2016-08-06 14:09:26 +02:00
ArthurHoaro
50d1791838 Add trusted IPs in config and try to ban forwarded IP on failed login
* Add a new settings (which needs to be manually set): `security.trusted_proxies`
  * On login failure, if the `REMOTE_ADDR` is in the trusted proxies, try to retrieve the forwarded IP in headers.
  * If found, the client address is added in ipbans, else we do nothing.

Fixes #409
2016-08-03 10:36:47 +02:00
ArthurHoaro
9646b7da22 Save the update date in LinkDB and pass it to linklist templates
It can be used as a timestamp by templates under the key 'updated_timestamp'.
2016-08-03 09:44:04 +02:00
Arthur
a4cd07eee2 Merge pull request #604 from ArthurHoaro/no-delicious
Remove Delicious in project description in comments
2016-07-23 14:16:59 +02:00
ArthurHoaro
2d97aa7781 Remove Delicious in project description in comments 2016-07-23 14:13:56 +02:00
Arthur
8562009682 Merge pull request #601 from ArthurHoaro/hotfix/title-missing
Fixes #600 - Shaarli's title is not set with the new config manager
2016-07-23 10:31:33 +02:00
ArthurHoaro
97ef33bb72 Fixes #600 - Shaarli's title is not set with the new config manager
- Fixed title config key
  - Page title (in head tag) is no longer set through the config manager
2016-07-19 18:03:09 +02:00
ArthurHoaro
2e193ad387 Fix variable in configure.php 2016-07-10 10:42:21 +02:00
ArthurHoaro
894a3c4bf3 Rename configuration key for better sections 2016-06-11 09:30:56 +02:00
ArthurHoaro
278d9ee283 ConfigManager no longer uses singleton pattern 2016-06-11 09:30:56 +02:00
ArthurHoaro
7f179985b4 Remove remaining settings initialization in index.php
Except for those which require external data (timezone and $_SERVER).
2016-06-11 09:30:56 +02:00
ArthurHoaro
da10377b3c Rename configuration keys and fix GLOBALS in templates 2016-06-11 09:30:56 +02:00
ArthurHoaro
d93d51b213 Set the default timezone in index.php 2016-06-11 09:30:56 +02:00
ArthurHoaro
684e662a58 Replace $GLOBALS configuration with the configuration manager in the whole code base 2016-06-11 09:30:56 +02:00
ArthurHoaro
c01bd08eaf Version bump: v0.7.0
Signed-off-by: ArthurHoaro <arthur@hoa.ro>
2016-05-14 11:36:47 +02:00
Arthur
3fdcc7bd47 Merge pull request #560 from ArthurHoaro/nb-private-shaare
Private links counter in the header
2016-05-14 11:11:11 +02:00
Arthur
52ccf0d7ee Merge pull request #556 from ArthurHoaro/login-refill
Prefill the login field when the authentication has failed
2016-05-14 11:09:39 +02:00
Arthur
765391cb37 Merge pull request #559 from ArthurHoaro/startsEndWithCase
Fix startsWith and endsWith case
2016-05-14 11:09:03 +02:00
ArthurHoaro
141a86c503 Add private link counter 2016-05-13 08:48:23 +02:00
ArthurHoaro
03eb19ac60 Extract PageBuilder class from index.php 2016-05-13 08:48:18 +02:00
ArthurHoaro
465266243f Don't redirect to ?post if ?addlink is reached while logged out 2016-05-11 22:10:31 +02:00
ArthurHoaro
5046bcb6ab Fix startsWith and endsWith case 2016-05-10 23:31:41 +02:00
ArthurHoaro
85c4bdc235 Prefill the login field when the authentication has failed 2016-05-06 20:03:10 +02:00
VirtualTam
bb4a23aa86 Export: allow prepending notes with the Shaarli instance's URL
Relates to #102

Additions:
- application:
  - export: allow prepending note permalinks with the instance's URL
  - test coverage

Modifications:
- export template: switch to an HTML form
  - link selection (all/private/public)
  - prepend note permalinks with the instance's URL

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2016-05-06 16:12:46 +02:00
Arthur
86deafe0ff Merge pull request #551 from ArthurHoaro/hotfix/timezone
Use correct 'UTC' timezone
2016-05-05 13:21:36 +02:00
ArthurHoaro
12ff86c961 Use correct 'UTC' timezone 2016-05-03 20:09:24 +02:00
Arthur
47be060983 Merge pull request #532 from ArthurHoaro/hotfix/title-retrieve-the-return
Fixes #531 - Title retrieving is failing with multiple use case
2016-05-03 19:53:57 +02:00
ArthurHoaro
ce7b0b6480 Fixes #531 - Title retrieving is failing with multiple use case
see https://github.com/shaarli/Shaarli/issues/531 for details
2016-05-03 19:51:29 +02:00
VirtualTam
cd5327bee8 Refactor Netscape bookmark exporting
Relates to https://github.com/shaarli/netscape-bookmark-parser/issues/5

Fixes:
- respect the Netscape bookmark format "specification"

Modifications:
- [application] introduce the NetscapeBookmarkUtils class
- [template] export           - improve formatting, rename export selection parameter
- [template] export.bookmarks - template for Netscape exports
- [tests] bookmark filtering, additional field generation

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2016-04-10 21:28:04 +02:00
ArthurHoaro
043eae70c4 Fixes #480: add an option to urlencode redirector URL
* New config: `$GLOBALS['config']['REDIRECTOR_URLENCODE']` (default `true`).
  * Parameter added to LinkDB constructor.
  * Fixes a bug with urlencode and escaped url.
  * In `index.php`, LinkDB is now instanciate once for `importFile()` and `showDaily()`.
  * TU
2016-04-09 16:52:32 +02:00
ArthurHoaro
b0128609f4 Fixes #526: bad font size separator in tagcloud with some locale
* Force the number format with number_format().
      * Reduce the size deciment number to 2.
2016-03-31 18:01:05 +02:00
ArthurHoaro
5f143b72ea Remove dev cache disabling 2016-03-26 16:59:22 +01:00
Arthur
f66a1990e5 Merge pull request #515 from ArthurHoaro/template-feeds
Refactor RSS feeds generation, and do it through templates
2016-03-25 19:20:55 +01:00
ArthurHoaro
528a6f8a23 Refactor filter in LinkDB
* search type now carried by LinkDB in order to factorize code between different search sources.
  * LinkDB->filter split in 3 method: filterSearch, filterHash, filterDay (we know what type of filter is needed).
  * filterHash now throw a LinkNotFoundException if it doesn't exist: internal implementation choice, still displays a 404.
  * Smallhash regex has been rewritten.
  * Unit tests update
2016-03-25 19:17:59 +01:00
ArthurHoaro
82e3680203 Create a FeedBuilder class which build data for both ATOM and RSS feed. 2016-03-25 19:17:55 +01:00
ArthurHoaro
e15f08d72a Use generateLocation to set the redirection in login (and don't escape the url) 2016-03-21 19:06:46 +01:00
ArthurHoaro
bcd078bf0a Plugin: add render_feed hook and call it while generating ATOM and RSS feed.
Create an example of the new hook in the demo plugin.
2016-03-18 19:13:48 +01:00
ArthurHoaro
e67712ba0f Refactor showRSS, and make it use the RSS template 2016-03-18 19:13:48 +01:00
ArthurHoaro
69c474b966 Refactor showAtom, and make it use the ATOM template
Minor changes:

  * Fix the date which was in a invalid format.
  * Avoid empty categories (tags).
  * Use the locale to set the language
2016-03-18 19:13:48 +01:00
ArthurHoaro
1c2fdb98b1 Add method assignAll() to pageBuilder to assign an array of data 2016-03-18 19:13:48 +01:00
ArthurHoaro
797a6f308f Bump version to v0.6.5
Signed-off-by: ArthurHoaro <arthur@hoa.ro>
2016-03-02 19:59:58 +01:00
ArthurHoaro
408def1a07 Fixes #503: check that HTTP_ACCEPT_LANGUAGE is set before calling autoLocale() 2016-02-28 15:53:28 +01:00
ArthurHoaro
09674d9359 Bump version to v0.6.4
Signed-off-by: ArthurHoaro <arthur@hoa.ro>
2016-02-28 14:33:05 +01:00
Arthur
c6744a9e89 Merge pull request #496 from ArthurHoaro/cross-search
Allow crossed search between terms and tags
2016-02-28 14:26:46 +01:00
ArthurHoaro
c51fae92dc Allow crossed search between terms and tags
* Partial fix of #449
  * Current use case: search term + click on tag.
  * LinkFilter now returns all links if no filter is given.
  * Unit tests.
2016-02-28 14:17:40 +01:00
Arthur
fa40b43f60 Merge pull request #492 from ArthurHoaro/locale-sort-fix
Fixes #481: tag cloud fatal error
2016-02-24 19:26:57 +01:00
ArthurHoaro
7eb0a83201 Fixes #481: tag cloud fatal error
Only send LC_COLLATE to Collator and check that no error occured.
2016-02-19 20:20:33 +01:00
ArthurHoaro
7b63e4ca09 Apply the locale to all categories and move autolocale to Utils.php 2016-02-19 20:14:06 +01:00
Arthur
64282b1499 Merge pull request #486 from virtualtam/refactor/datetime
cleanup: use DateTime to format dates
2016-02-18 19:53:39 +01:00
ArthurHoaro
ed853da7fd Fixes #468: don't trim description
Spaces at the start of shaares can be intended. Eg: markdown plugin.

#468
2016-02-18 19:34:33 +01:00
VirtualTam
205a42778d cleanup: use DateTime to format dates
Closes #270

Modifications:
- replace custom date parsing by DateTime calls
- use proper date formatting for RSS feeds

Deletions:
- linkdate2timestamp()
- linkdate2rfc822
- linkdate2iso8601

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2016-02-17 22:46:50 +01:00
Arthur
07c2f73543 Merge pull request #461 from ArthurHoaro/tagcloud-sort
Fixes #456: Tag cloud does not sort tags (fully) alphabetically
2016-02-15 21:26:33 +01:00
ArthurHoaro
ce354bf1a6 Remove first '-' char when saving tags 2016-02-15 21:06:17 +01:00
Arthur
6e607ca613 Merge pull request #479 from ArthurHoaro/pluginsadmin-error-url
Fixes typo in plugin admin redirection URL
2016-02-15 20:38:31 +01:00
Arthur
6cbff7e80f Merge pull request #460 from ArthurHoaro/440-editlink-404
Fixes #440 - 404 error after editing a link
2016-02-15 20:38:10 +01:00
Arthur
854ea37255 Merge pull request #442 from ArthurHoaro/updater
Introduce the Updater class which
2016-02-15 20:36:42 +01:00
ArthurHoaro
59edea42bb Fixes typo in plugin admin redirection URL 2016-02-15 20:34:44 +01:00
ArthurHoaro
510377d2cb Introduce the Updater class which
* contains methods designed to be run once.
  * is able to upgrade the datastore or the configuration.
  * is based on methods names, stored in a text file with ';' separator (updates.txt).
  * begins with existing function 'mergeDeprecatedConfigFile()' (options.php).
2016-02-15 20:30:24 +01:00
ArthurHoaro
fea5db7ab1 Common hooks: process includes before header/footer 2016-02-10 15:40:11 +01:00
ArthurHoaro
f1e96a06d8 Fixes #456: Tag cloud does not sort tags (fully) alphabetically
* Use Collator class to sort tags using the locale (in PECL intl, included in most PHP installation).
  * Use strcasecmp if Collator is not found.

Both sorts are case insensitive.
2016-02-05 16:10:34 +01:00
Arthur
5369f04521 Merge pull request #458 from ArthurHoaro/plugins-init-parameters
Initialize plugin parameters array to avoid unnecessary warning.
2016-02-04 20:29:02 +01:00
ArthurHoaro
fd50e14cba Fixes #440 - 404 error after editing a link
Remove unnecessary escape().
2016-02-04 20:24:17 +01:00
ArthurHoaro
5a23950c95 Code cleanup: index.php - save_edit 2016-02-04 19:58:47 +01:00
ArthurHoaro
091e2d139d Initialize plugin parameters array to avoid unnecessary warning. 2016-02-02 21:07:25 +01:00
ArthurHoaro
7c873f1cd0 Add a default value to ENABLE_UPDATECHECK to avoid unnecessary warning. 2016-02-02 20:10:49 +01:00
ArthurHoaro
729d267172 Bump version to v0.6.3 2016-01-31 19:32:22 +01:00
ArthurHoaro
dea0ba28f9 Fixes #378 - Plugin administration UI. 2016-01-31 18:54:48 +01:00
Dimtion
f4c84ad7fc Create 404 template
Solve #430 for links
2016-01-20 22:52:28 +01:00
VirtualTam
1abe655597 Logging: move logm() from index.php to application/Utils.php
Relates to #436

Modifications:
- inject dependencies to global variables ($_SERVER, $GLOBALS)
- apply coding conventions
- add test coverage

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2016-01-16 16:07:16 +01:00
ArthurHoaro
1557cefbd7 Fixes #410 - Retrieve title fails in multiple cases
* `get_http_url()` renamed to `get_http_response()`.
  * Use the same HTTP context to retrieve response headers and content.
  * Follow HTTP 301 and 302 redirections to retrieve the title (default max 3 redirections).
  * Add `LinkUtils` to extract titles and charset.
  * Try to retrieve charset from HTTP headers first (new), then HTML content.
  * Use mb_string to re-encode title if necessary.
2016-01-11 21:19:31 +01:00
Arthur
88c15abb2a Merge pull request #424 from ArthurHoaro/search
Link filter refactoring
2016-01-06 19:57:42 +01:00
ArthurHoaro
2c75f8e780 Fixes #426 - Do not filter with blank tags. 2016-01-06 19:53:25 +01:00
ArthurHoaro
822bffced8 Link filter refactoring
* introduce class LinkFilter to handle link filter operation (and lighten LinkDB).
  * handle 'private only' in filtering.
  * update template to prefill search fields with current search terms.
  * coding style.
  * unit test (mostly move from LinkDB to LinkFilter).

PS: preparation for #358 #315 and 'AND' search.
2016-01-06 19:53:04 +01:00
ArthurHoaro
6a6aa2b96d Fixes #428: validate buttons presence instead of value
Also adds a validation where renaming with 'fromtag' specified and empty 'totag'.
It was causing a 404, now it just re-render the form.
2016-01-03 14:42:43 +01:00
VirtualTam
ba83317573 Bump version to v0.6.2
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-12-23 19:54:37 +01:00
VirtualTam
6ff636cdd4 Merge pull request #407 from ArthurHoaro/daily-router
Fixes #402: build the daily page through renderPage()
2015-12-08 21:41:31 +01:00
ArthurHoaro
38603b2450 Fixes #403: build the daily page through renderPage()
* new entry in the Router for daily page.
  * add an always displayed button in demo_plugin
2015-12-08 15:51:49 +01:00
ArthurHoaro
aca447a713 Reset permissions on index.php (changed in 18cca483b0 ). 2015-12-08 15:09:17 +01:00
ArthurHoaro
18cca483b0 Temporary fix for head titles
only set the title on permalink.
2015-12-07 10:29:24 +01:00
ArthurHoaro
2f5c136104 Fixes #399 - show single link title as page title 2015-12-05 11:05:08 +01:00
VirtualTam
4a7af9759a fix: assign template variables to empty values so they can be evaluated
Regression introduced in #394

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-12-03 20:30:46 +01:00
VirtualTam
9ecdeb5452 Bump version to v0.6.1
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-12-01 21:25:50 +01:00
VirtualTam
4407b45fd3 application: default to the "stable" branch for update checks
Relates to #372
Relates to #390

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-11-27 00:10:43 +01:00
VirtualTam
4bf35ba56b application: refactor version checks, move to ApplicationUtils
Relates to #372

Modifications:
 - move checkUpdate() to ApplicationUtils
 - reduce file I/O operations during version checks
 - apply coding conventions
 - add test coverage

Tools:
 - create a sandbox directory for tests

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-11-26 23:19:37 +01:00
VirtualTam
61873e3ded Merge pull request #355 from ArthurHoaro/redirector-url
URL encode links when a redirector is set
2015-11-26 23:05:58 +01:00
ArthurHoaro
657f0e25ba Fixes incorrect call to
From 2e28269bae
2015-11-26 20:51:53 +01:00
ArthurHoaro
90e5bd65c9 URL encode links when a redirector is set.
Fixes #328 - URL encode links when a redirector is set

  * WARNING - template edit - new variable available : "real_url"
  Contains the final real url (redirected or any other change on original URL)

  * Don't redirect shaares link in RSS/Atom.
  * Affects links shaared in description.
  * Move text2clickable and keepMultipleSpaces to Utils.php + unit test

UPDATE:

* keepMultipleSpaces renamed to space2nbsp
* space2nbsp improved to handle single space at line beginning
* links in text description aren't 'nofollow' anymore
2015-11-26 20:14:38 +01:00
Nicolas Danelon
1e57f90200 cleanup: remove json_encode() (built-in since PHP 5.2)
See http://php.net/manual/en/function.json-encode.php

Legacy since php 5.2.x . If php5.3 is required for the install script
2015-11-25 09:42:29 -03:00
VirtualTam
c9cf2715f0 application: move checkPHPVersion from Utils to ApplicationUtils
Relates to #372

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-11-24 01:40:44 +01:00
VirtualTam
2e28269bae install: check file/directory permissions for Shaarli resources
Relates to #40
Relates to #372

Additions:
 - FileUtils: IOException
 - ApplicationUtils:
   - check if Shaarli resources are accessible with sufficient permissions
   - basic test coverage
 - index.php:
   - check access permissions and redirect to an error page if needed:
     - before running the first installation

Modifications:
 - LinkDB:
   - factorize datastore write code
   - check if the datastore
     (exists AND is writeable) OR (doesn't exist AND its parent dir is writable)
   - raise an IOException if needed

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-11-24 01:12:35 +01:00
VirtualTam
c580024cfb Merge pull request #384 from roidelapluie/master
fill session info when shaarli is in open mode
2015-11-23 20:24:35 +01:00
Julien Pivotto
02ad8fb6ce Fix authentification when Shaarli is in Open Mode. 2015-11-23 14:53:34 +01:00
VirtualTam
3d79d82326 Merge pull request #387 from ArthurHoaro/bookmarklet-quote
Fixes #382: Bookmarklet can not retrieve title when there is a quotation mark in it
2015-11-22 18:10:50 +01:00
VirtualTam
c07e166aa2 Merge pull request #376 from ArthurHoaro/opensearch
Fixes #176 - Add opensearch functionality
2015-11-22 17:53:24 +01:00