Commit graph

16 commits

Author SHA1 Message Date
ArthurHoaro
9ff17ae20e Add markdown_escape setting
This setting allows to escape HTML in markdown rendering or not.
The goal behind it is to avoid XSS issue in shared instances.

More info:

  * the setting is set to true by default
  * it is set to false for anyone who already have the plugin enabled
  (avoid breaking existing entries)
  * improve the HTML sanitization when the setting is set to false - but don't consider it XSS proof
  * mention the setting in the plugin README
2017-03-04 09:38:12 +01:00
ArthurHoaro
d592daea83 Add a persistent 'shorturl' key to all links
All existing link will keep their permalinks.
New links will have smallhash generated with date+id.

The purpose of this is to avoid collision between links due to their creation date.
2016-12-12 03:03:12 +01:00
ArthurHoaro
01878a75b9 Apply the new ID system accros the whole codebase 2016-12-12 03:03:12 +01:00
ArthurHoaro
1dc37f9cf8 Update method to use the new ID system, which replaces linkdate primary keys.
creation and update dates are now DateTime objects.
Since this update is very sensitve (changing the whole database), the datastore will be automatically backed up into the file datastore.<datetime>.php.
2016-12-12 03:02:01 +01:00
VirtualTam
f21abf3292 LinkDB: update datastore method names
Relates to https://github.com/shaarli/Shaarli/issues/95

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2016-10-20 21:33:40 +02:00
ArthurHoaro
7af9a41881 Minor code cleanup: PHPDoc, spelling, unused variables, etc. 2016-10-20 11:36:11 +02:00
ArthurHoaro
b9f8b83790 Fix update method escapeUnescapedConfig
* Actually run it
  * unit tests

Fixes #611
2016-08-02 12:54:55 +02:00
ArthurHoaro
894a3c4bf3 Rename configuration key for better sections 2016-06-11 09:30:56 +02:00
ArthurHoaro
278d9ee283 ConfigManager no longer uses singleton pattern 2016-06-11 09:30:56 +02:00
ArthurHoaro
7f179985b4 Remove remaining settings initialization in index.php
Except for those which require external data (timezone and $_SERVER).
2016-06-11 09:30:56 +02:00
ArthurHoaro
da10377b3c Rename configuration keys and fix GLOBALS in templates 2016-06-11 09:30:56 +02:00
ArthurHoaro
b74b96bfbd Adds ConfigJson which handle the configuration in JSON format.
Also use the Updater to make the transition
2016-06-11 09:30:56 +02:00
ArthurHoaro
684e662a58 Replace $GLOBALS configuration with the configuration manager in the whole code base 2016-06-11 09:30:56 +02:00
ArthurHoaro
528a6f8a23 Refactor filter in LinkDB
* search type now carried by LinkDB in order to factorize code between different search sources.
  * LinkDB->filter split in 3 method: filterSearch, filterHash, filterDay (we know what type of filter is needed).
  * filterHash now throw a LinkNotFoundException if it doesn't exist: internal implementation choice, still displays a 404.
  * Smallhash regex has been rewritten.
  * Unit tests update
2016-03-25 19:17:59 +01:00
ArthurHoaro
21979ff11c Add exclusion in tag search
* Searching '-mytag' will now exlude all shaares with 'mytag' tag.
  * All tags starting with a '-' are renamed without it (through the Updater).
  * Unit tests.

Minor code changes:

 * LinkDB->filter() can now take no parameters (get all link depending on logged status).
 * tagsStrToArray() is now static and filters blank tags.
2016-02-15 20:40:39 +01:00
ArthurHoaro
510377d2cb Introduce the Updater class which
* contains methods designed to be run once.
  * is able to upgrade the datastore or the configuration.
  * is based on methods names, stored in a text file with ';' separator (updates.txt).
  * begins with existing function 'mergeDeprecatedConfigFile()' (options.php).
2016-02-15 20:30:24 +01:00