Commit graph

31 commits

Author SHA1 Message Date
ArthurHoaro
a0df06517b Minor improvements regarding #705 (coding style, unit tests, etc.) 2017-01-05 16:16:23 +01:00
adc4aee80f Change templates set through administration UI 2017-01-05 12:04:02 +01:00
ArthurHoaro
b3051a6aae Fixes presence of empty tags for private tags and in search results
* Private tags: make sure empty tags are properly filtered
  * Search results:
    * Use preg_split instead of function combination
    * Add normalize_spaces to remove extra whitespaces displaying empty tags search
2017-01-03 09:47:15 +01:00
ArthurHoaro
cbfdcff261 Prepare settings for the API in the admin page and during the install
API settings:
   - api.enabled
   - api.secret

The API settings will be initialized (and the secret generated) with an update method.
2016-12-12 03:54:10 +01:00
ArthurHoaro
d592daea83 Add a persistent 'shorturl' key to all links
All existing link will keep their permalinks.
New links will have smallhash generated with date+id.

The purpose of this is to avoid collision between links due to their creation date.
2016-12-12 03:03:12 +01:00
ArthurHoaro
7af9a41881 Minor code cleanup: PHPDoc, spelling, unused variables, etc. 2016-10-20 11:36:11 +02:00
ArthurHoaro
9ccca40189 Hashtag system
* Hashtag are auto-linked with a filter search
  * Supports unicode
  * Compatible with markdown (excluded in code blocks)
2016-06-06 21:04:43 +02:00
ArthurHoaro
5046bcb6ab Fix startsWith and endsWith case 2016-05-10 23:31:41 +02:00
ArthurHoaro
ee88a4bcc2 Makes escape a recursive function which handle array of strings 2016-03-25 19:17:59 +01:00
ArthurHoaro
69c474b966 Refactor showAtom, and make it use the ATOM template
Minor changes:

  * Fix the date which was in a invalid format.
  * Avoid empty categories (tags).
  * Use the locale to set the language
2016-03-18 19:13:48 +01:00
Arthur
10269bc8c9 Merge pull request #491 from ArthurHoaro/markdown-escape2
Markdown: don't escape content + sanitize sensible tags
2016-02-25 08:52:42 +01:00
ArthurHoaro
7b63e4ca09 Apply the locale to all categories and move autolocale to Utils.php 2016-02-19 20:14:06 +01:00
ArthurHoaro
2925687e1e Markdown: don't escape content + sanitize sensible tags
Instead of trying to fix broken content for Markdown parsing, parse it unescaped, then sanatize sensible tags such as scripts, etc.
2016-02-19 19:37:13 +01:00
Arthur
893338f0d4 Merge pull request #379 from ArthurHoaro/plugin-markdown
PLUGIN Markdown
2016-01-31 18:57:29 +01:00
VirtualTam
aa7f7b3ea6 fix: use PHP_EOL for carriage returns in file logs
Relates to #436

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2016-01-18 00:24:36 +01:00
VirtualTam
478ce8afb4 Logging: improve formatting to enable fail2ban parsing
Fixes #436

Modifications:
- remove calls to strval() on safe data
- update the date format: 'Y/m/d_H:i:s' => 'Y/m/d H:i:s'

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2016-01-16 16:19:44 +01:00
VirtualTam
1abe655597 Logging: move logm() from index.php to application/Utils.php
Relates to #436

Modifications:
- inject dependencies to global variables ($_SERVER, $GLOBALS)
- apply coding conventions
- add test coverage

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2016-01-16 16:07:16 +01:00
ArthurHoaro
822bffced8 Link filter refactoring
* introduce class LinkFilter to handle link filter operation (and lighten LinkDB).
  * handle 'private only' in filtering.
  * update template to prefill search fields with current search terms.
  * coding style.
  * unit test (mostly move from LinkDB to LinkFilter).

PS: preparation for #358 #315 and 'AND' search.
2016-01-06 19:53:04 +01:00
ArthurHoaro
1be4afacf9 PLUGIN Markdown
Parse link description in Markdown (HTML) before rendering.

      * hard remove of Shaarli's HTML before parsing.
      * Using Parsedown <https://github.com/erusev/parsedown> PHP lib.
      * Includes basic markdown CSS.
      * Style: removed 400px height max limit for shaares.
      * Unit tests.
2016-01-03 17:36:10 +01:00
ArthurHoaro
90e5bd65c9 URL encode links when a redirector is set.
Fixes #328 - URL encode links when a redirector is set

  * WARNING - template edit - new variable available : "real_url"
  Contains the final real url (redirected or any other change on original URL)

  * Don't redirect shaares link in RSS/Atom.
  * Affects links shaared in description.
  * Move text2clickable and keepMultipleSpaces to Utils.php + unit test

UPDATE:

* keepMultipleSpaces renamed to space2nbsp
* space2nbsp improved to handle single space at line beginning
* links in text description aren't 'nofollow' anymore
2015-11-26 20:14:38 +01:00
VirtualTam
c9cf2715f0 application: move checkPHPVersion from Utils to ApplicationUtils
Relates to #372

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-11-24 01:40:44 +01:00
VirtualTam
a7921b2445 cleanup: remove the executable bit from source scripts
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-11-11 19:19:24 +01:00
ArthurHoaro
d01c234235 Fixes #356
* adding a link should return added link's hash
* allow redirection relative urls in generateLocation
2015-11-04 19:53:59 +01:00
VirtualTam
68bc21353a Session ID: extend the regex to match possible hash representations
Improves #306
Relates to #335 & #336
Duplicated by #339

Issues:
 - PHP regenerates the session ID if it is not compliant
 - the regex checking the session ID does not cover all cases
   - different algorithms: md5, sha1, sha256, etc.
   - bit representations: 4, 5, 6

Fix:
 - `index.php`:
   - remove `uniqid()` usage
   - call `session_regenerate_id()` if an invalid cookie is detected
 - regex: support all possible characters - '[a-zA-Z,-]{2,128}'
 - tests: add coverage for all algorithms & bit representations

See:
 - http://php.net/manual/en/session.configuration.php#ini.session.hash-function
 - https://secure.php.net/manual/en/session.configuration.php#ini.session.hash-bits-per-character
 - http://php.net/manual/en/function.session-id.php
 - http://php.net/manual/en/function.session-regenerate-id.php
 - http://php.net/manual/en/function.hash-algos.php

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-09-06 16:14:24 +02:00
ArthurHoaro
4d30975a06 Allow uppercase letters in PHP sessionid format
Fixes shaarli/Shaarli#335 - Wrong login/password since v0.5.2

Regression introduced in 06b6660a7e
2015-09-02 17:00:38 +02:00
ArthurHoaro
06b6660a7e Avoid Full Path Disclosure error on session error.
* Add a function to validate session ID.
  * Generate a new session ID if an invalid token is passed.
2015-08-22 10:10:55 +02:00
VirtualTam
d1e2f8e52c PHP: ensure 5.3 compatibility, refactor timezone utilities
Relates to #250

Modifications
 - supported version
   - bump required version from 5.1.0 to 5.3.x
   - update README
   - add PHP 5.3 to Travis environments
 - rewrite array declarations: explicitely use array() instead of []
 - move checkPHPVersion to application/Utils.php
 - move timezone functions to application/TimeZone.php
   - cleanup code
   - improve test coverage

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-07-13 13:06:06 +02:00
ArthurHoaro
775803a05c Prevent redirection loop everytime we rely on HTTP_REFERER:
* search tag
  * delete tag
  * pagination
  * display privates only
  * delete link
  * new/edit/cancel link return page

Move location generation to Utils.php + unit tests.

Fixes #256

ninja
2015-07-12 17:43:13 +02:00
VirtualTam
9186ab9594 LinkDB::filterDay(): check input date format
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-07-09 00:44:19 +02:00
nodiscc
64bc92e3ac move escape() and sanitizeLink() to application/Utils.php
prevents 'PHP Fatal error:  Call to undefined function sanitizeLink() in Shaarli/application/LinkDB.php on line 255' in tests
2015-06-24 01:08:30 +02:00
VirtualTam
ca74886f30 LinkDB: move to a proper file, add test coverage
Relates to #71

LinkDB
 - move to application/LinkDB.php
 - code cleanup
   - indentation
   - whitespaces
   - formatting
 - comment cleanup
   - add missing documentation
   - unify formatting

Test coverage for LinkDB
 - constructor
 - public / private access
 - link-related methods

Shaarli utilities (LinkDB dependencies)
 - move startsWith() and endsWith() functions to application/Utils.php
 - add test coverage

Dev utilities
 - Composer: add PHPUnit to dev dependencies
 - Makefile:
    - update lint targets
    - add test targets
    - generate coverage reports

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-06-11 00:45:45 +02:00