Knah-Tsaeb/MyShaarli
Knah-Tsaeb/MyShaarli
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
2661 commits 8 branches 1 tag 12 MiB
Commit graph

578 commits

Author SHA1 Message Date
Lucas Cimon
f210d94f71 Using only one form in linklist.html + adding untaggedonly filter - fix #885 2017-07-30 16:19:34 +02:00
Stephen Muth
b80315e238 Respect HTTP_X_FORWARDED_HOST 
alongside _PORT and _PROTO
Fixes #879
 2017-07-08 00:01:03 +00:00
ArthurHoaro
ac94db1e36 Merge pull request #880 from ArthurHoaro/hotfix/allowed-protocols 
Add a whitelist of protocols for URLs
 2017-05-31 17:52:19 +02:00
ArthurHoaro
3e395a6bc6 Merge pull request #841 from ArthurHoaro/feature/search-no-tag 
Empty tag search will look for not tagged links
 2017-05-25 15:54:20 +02:00
ArthurHoaro
7d86f40bdb Empty tag search will look for not tagged links 
Fixes #784

From now, searching for tags with an empty value will return only not tagged links,
with the search bar showing `x results [not tagged]`.

Note that using the api, the searchtags request parameter must be set to `false` to get the same result.

  - [ ] Update API doc
 2017-05-25 15:51:12 +02:00
ArthurHoaro
aa4797ba36 Adds a taglist view with edit/delete buttons 
* The tag list can be sort alphabetically or by most used tag
  * Edit/Delete are perform using AJAX, or fallback to 'do=changetag' page
  * New features aren't backported to vintage theme
 2017-05-25 15:25:04 +02:00
ArthurHoaro
986a521067 Add an endpoint to refresh the token 
Useful for AJAX requests which burns the token
 2017-05-25 15:05:23 +02:00
ArthurHoaro
86ceea054f Add a whitelist of protocols for URLs 
- for Shaare
 - for markdown description links and images

Not whitelisted protocols will be replaced by `http://`
 2017-05-25 14:58:34 +02:00
Lucas Cimon
6ccd0b218f Adding ability to display subtags in tagcloud 2017-05-24 13:09:35 +02:00
ArthurHoaro
845810a8d3 Use the new 'default' theme... as default 
Fixes #866
 2017-05-09 18:22:31 +02:00
ArthurHoaro
a9fe41a818 Merge pull request #862 from ArthurHoaro/theme/tags-everywhere 
Inject tag list everywhere to make autocomplete work on the fixed search bar
 2017-05-07 18:39:25 +02:00
ArthurHoaro
3108f2a800 Merge pull request #861 from ArthurHoaro/hotfix/import-shorturl-override 
Fix a bug happening when importing links with override option
 2017-05-07 18:38:55 +02:00
ArthurHoaro
73c8962654 Inject tag list everywhere to make autocomplete work on the fixed search bar 2017-05-07 18:21:38 +02:00
ArthurHoaro
28794b69cb Fix a bug happening when importing links with override option 
The shorturl would be set to null, generating a lot of warnings and breaking permalinks
 2017-05-07 18:02:49 +02:00
ArthurHoaro
6bc90f50af History: fix entries order 2017-05-07 17:11:25 +02:00
ArthurHoaro
57ce6dae5d Reset the history file due to datetime format change 2017-05-07 17:11:25 +02:00
ArthurHoaro
813849e521 Add history entries for API endpoint 
CHANGED: datetime is now store as an object in history store file
 2017-05-07 17:11:22 +02:00
ArthurHoaro
61d406933e API: Get History endpoint 
See http://shaarli.github.io/api-documentation/#links-history-get
 2017-05-07 16:03:40 +02:00
ArthurHoaro
b8fcb7d440 Merge pull request #856 from ArthurHoaro/api/delete-link 
API: add DELETE endpoint
 2017-05-07 16:02:14 +02:00
ArthurHoaro
0843848c1d API: add DELETE endpoint 
Based on #840

See http://shaarli.github.io/api-documentation/\#links-link-delete
 2017-05-07 15:58:49 +02:00
ArthurHoaro
77de24876f Merge pull request #840 from ArthurHoaro/api/putLink 
REST API: implement PUT method
 2017-05-07 15:55:38 +02:00
ArthurHoaro
cf9181dddf REST API: implement PUT method 
* Related to #609
  * Documentation: http://shaarli.github.io/api-documentation/#links-link-put
 2017-05-07 15:49:16 +02:00
ArthurHoaro
f9ff7f1b69 Merge pull request #764 from ArthurHoaro/feature/history 
History mechanism
 2017-05-06 17:12:06 +02:00
ArthurHoaro
4c7045229c Merge pull request #830 from ArthurHoaro/theme/timezone 
Change timezone data structure send to the templates
 2017-04-25 19:09:13 +02:00
ArthurHoaro
6a19124a09 Use raw bytes for upload size hidden input 2017-04-10 20:01:10 +02:00
ArthurHoaro
bc5f1597eb Fix offset check with link ID = 0 2017-04-05 19:09:25 +02:00
ArthurHoaro
ae3aa96898 Change timezone data structure send to the templates 
The goal of this is to be able to adapt the timezone form
in template without hacking the HTML already rendered.

  * there are two arrays available:
    * `continents` which contains only a list of available continents
    * `cities` which contains a list of available timezone cities, associated with their continent

Note: there are two distinct array because RainTPL doesn't support nested loop very well.
 2017-04-03 19:24:55 +02:00
ArthurHoaro
84315a3bad Fix a warning generated in return_bytes function and refactor it 
It was multiplying a string containing a letter.

Moved function to Utils.php and display a human readable limit size
 2017-04-03 18:53:43 +02:00
ArthurHoaro
4b385d6c34 Merge pull request #742 from ArthurHoaro/api/postLink 
REST API: implement POST link service
 2017-04-01 10:02:03 +02:00
ArthurHoaro
81bd104daa Theme: use format_date function for daily date 2017-03-28 20:43:30 +02:00
ArthurHoaro
68016e3798 REST API: implement POST link service 2017-03-27 18:44:50 +02:00
ArthurHoaro
64c34078e4 Merge pull request #816 from ArthurHoaro/project/master-version 
Use 'dev' version on the master branch
 2017-03-22 18:50:33 +01:00
ArthurHoaro
d16ca2e22f History: lazy loading for the history file 
Only read it when it's necessary
 2017-03-21 20:29:20 +01:00
ArthurHoaro
4306b184c4 History mechanism 
Use case: rest API service

  * saved by default in data/history
  * same format as datastore.php
  * traced events:
     * save/edit/delete link
     * change settings or plugins settings
     * rename tag
 2017-03-21 20:29:20 +01:00
ArthurHoaro
b2306b0c78 Move database read/write to FileUtils class + additional unit tests 2017-03-21 20:16:26 +01:00
ArthurHoaro
c4c655d9bf Merge pull request #804 from ArthurHoaro/feature/atom-default 
Fixes #304: use atom feed as default
 2017-03-21 20:10:49 +01:00
ArthurHoaro
b786c8836f Set Shaarli's version only in shaarli_version.php file 2017-03-21 20:08:40 +01:00
ArthurHoaro
c6a4c2882d Proper error if the conf file is invalid instead of fatal error 
Error:

An error occurred while parsing configuration JSON file (data/config.json.php): error code #4
➜ Syntax error
Please check your JSON syntax (without PHP comment tags) using a JSON lint tool such as jsonlint.com.
 2017-03-12 16:09:34 +01:00
ArthurHoaro
bbc6b844c1 Add an updateMethod to match the current remote branch for updates 2017-03-12 15:28:23 +01:00
ArthurHoaro
b897c81f8c Use 'dev' version on the master branch 
Allowed check branches are now `latest` and `stable`.
 2017-03-12 15:05:59 +01:00
ArthurHoaro
196808e14f Merge pull request #779 from ArthurHoaro/feature/import-parser-logs 
Link imports are now logged in `data/` folder, and can be debug using…
 2017-03-11 14:23:05 +01:00
ArthurHoaro
2ea89aba4f Fixes #304: use atom feed as default 
RSS feed is still available with the  setting set to false
 2017-03-11 14:13:58 +01:00
ArthurHoaro
fe83d45c46 Fix #773: set Piwik URL protocol 2017-03-11 13:27:02 +01:00
ArthurHoaro
87e9631e4a Fix namespace issue 2017-03-10 18:49:53 +01:00
ArthurHoaro
48417aed1d Link imports are now logged in data/ folder, and can be debug using dev.debug=true setting 
related to #741 and #681
 2017-03-10 18:46:53 +01:00
ArthurHoaro
5ba55f0cf2 Move config exception to dedicated classes with proper namespace 2017-03-09 19:16:42 +01:00
ArthurHoaro
e6cd773f5a Fix blocking namespace issue 2017-03-08 20:00:21 +01:00
ArthurHoaro
03b9cb600a Fix autoLocale error and cover it with unit tests 2017-03-07 19:27:17 +01:00
ArthurHoaro
52b503105d Improve datetime display 
Use php-intl extension to display datetimes a bit more nicely, depending on the locale.

What changes:

  * the day is no longer displayed
  * day number and month are ordered according to the locale
  * the timezone is more readable (UTC+1 instead of CET)
 2017-03-06 21:11:12 +01:00
ArthurHoaro
1255a42cfe Improve autoLocale() detection 
- Creates arrays_combination function to cover all cases
  - add the underscore separator in the regex
  - add `utf8` encoding in addition to `UTF-8`
 2017-03-06 20:32:17 +01:00
VirtualTam
3c66e56435 application: introduce the Shaarli\Config namespace 
Namespaces have been introduced with the REST API, and should be generalized
to the whole codebase to manage object scope and benefit from autoloading.

See:
- https://secure.php.net/manual/en/language.namespaces.php
- http://www.php-fig.org/psr/psr-4/

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2017-03-04 17:07:52 +01:00
ArthurHoaro
e037610115 Add markdown_escape setting 
This setting allows to escape HTML in markdown rendering or not.
The goal behind it is to avoid XSS issue in shared instances.

More info:

  * the setting is set to true by default
  * it is set to false for anyone who already have the plugin enabled
  (avoid breaking existing entries)
  * improve the HTML sanitization when the setting is set to false - but don't consider it XSS proof
  * mention the setting in the plugin README
 2017-02-28 19:16:54 +01:00
ArthurHoaro
7dcbfde5ff Set the vintage theme by default for the time being 2017-02-27 20:20:53 +01:00
ArthurHoaro
16e3d006e9 REST API: implements getLink by ID service 
See http://shaarli.github.io/api-documentation/#links-link-get
 2017-02-19 16:45:59 +01:00
ArthurHoaro
65e56cbe49 Merge pull request #769 from ArthurHoaro/api/getlinks-visibility 
REST API - getLinks: support the visibility parameter
 2017-02-13 08:41:12 +01:00
ArthurHoaro
c03455af11 Fixes #775: LinkDB do not access LinkDB before ID system migration 
To access LinkDB items with its ArrayAccess implementation, the IDs must be consistent, which isn't the case before `updateMethodDatastoreIds()` execution. v0.6.4 method `updateMethodRenameDashTags()` was accessing it, so an upgrade <0.6.4 to >0.8.x was failing.

This just move the minor update `RenameDashTags` after the IDs update.
 2017-02-04 12:01:48 +01:00
ArthurHoaro
c37a6f820b REST API - getLinks: support the visibility parameter 2017-01-17 18:53:18 +01:00
ArthurHoaro
7f96d9ec21 Update LinkFilter to be able to filter only public links 
No update regarding the UI or the API for now

Fixes #758
 2017-01-16 13:57:11 +01:00
ArthurHoaro
9977c418d6 Merge pull request #727 from ArthurHoaro/api/getlinks 
REST API: implement getLinks service
 2017-01-15 16:49:50 +01:00
ArthurHoaro
c3b00963fe REST API: implement getLinks service 
See http://shaarli.github.io/api-documentation/#links-links-collection-get
 2017-01-15 13:55:22 +01:00
VirtualTam
63ef549749 API: expect JWT in the Authorization header 
Relates to https://github.com/shaarli/Shaarli/pull/731

Added:
- require the presence of the 'Authorization' header

Changed:
- use the HTTP Bearer Token authorization schema

See:
- https://jwt.io/introduction/#how-do-json-web-tokens-work-
- https://tools.ietf.org/html/rfc6750
- http://security.stackexchange.com/q/108662

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2017-01-15 13:41:04 +01:00
ArthurHoaro
7282418baa Move user.css to data folder 2017-01-14 16:43:32 +01:00
VirtualTam
ee6f4b64a9 Cleanup: use safe boolean comparisons 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2017-01-07 14:37:40 +01:00
Arthur
7418f7cb60 Merge pull request #732 from ArthurHoaro/feature/theme-manager 
Theme manager: improvements
 2017-01-06 11:40:54 +01:00
VirtualTam
93b1fe54fb Cleanup: explicit method visibility 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2017-01-05 19:52:04 +01:00
VirtualTam
724f1e3229 Cleanup: remove unused variables 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2017-01-05 19:51:50 +01:00
ArthurHoaro
04a0e8ea34 Updater: keep custom theme preference with the new theme setting 2017-01-05 16:16:27 +01:00
ArthurHoaro
a0df06517b Minor improvements regarding #705 (coding style, unit tests, etc.) 2017-01-05 16:16:23 +01:00
Knah Tsaeb
adc4aee80f Change templates set through administration UI 2017-01-05 12:04:02 +01:00
VirtualTam
7a9daac56d API: fix JWT signature verification 
Fixes https://github.com/shaarli/Shaarli/issues/737

Added:
- Base64Url utilities

Fixed:
- use URL-safe Base64 encoding/decoding functions
- use byte representations for HMAC digests
- all JWT parts are Base64Url-encoded

See:
- https://en.wikipedia.org/wiki/JSON_Web_Token
- https://tools.ietf.org/html/rfc7519
- https://scotch.io/tutorials/the-anatomy-of-a-json-web-token
- https://jwt.io/introduction/
- https://en.wikipedia.org/wiki/Base64#URL_applications
- https://secure.php.net/manual/en/function.base64-encode.php#103849

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2017-01-04 16:59:47 +01:00
Arthur
fc11ab2f29 Merge pull request #682 from ArthurHoaro/delete-button 
Bugfixes on link deletion, and use a GET form
 2017-01-04 16:35:29 +01:00
Arthur
061f04fba0 Merge pull request #733 from ArthurHoaro/hotfix/reverse-proxy-port 
Hide default ports in local URL behind a reverse proxy
 2017-01-04 16:34:06 +01:00
VirtualTam
eaf2524887 URL cleanup: add 'campaign_' to the annoying parameters 
Closes https://github.com/shaarli/Shaarli/issues/735

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2017-01-04 11:42:05 +01:00
ArthurHoaro
8e4be77368 Hide default port in local URL behind a reverse proxy 2017-01-03 14:17:05 +01:00
ArthurHoaro
b3051a6aae Fixes presence of empty tags for private tags and in search results 
* Private tags: make sure empty tags are properly filtered
  * Search results:
    * Use preg_split instead of function combination
    * Add normalize_spaces to remove extra whitespaces displaying empty tags search
 2017-01-03 09:47:15 +01:00
ArthurHoaro
db90dfcbbc Move PubSubHubbub code as a default plugin 2016-12-20 11:41:24 +01:00
ArthurHoaro
f4ebd5fed2 Bugfixes on link deletion, and use a GET form 
Use a GET form to delete links: harmonize with edit_link and preparation for #585

Bug fixes:

  * LinkDB element can't be passed as reference, fix error:

    PHP Notice:  Indirect modification of overloaded element of LinkDB has no effect

  * Resource cache folder setting wasn't set correctly
 2016-12-16 12:42:13 +01:00
ArthurHoaro
18e6796726 REST API structure using Slim framework 
* REST API routes are handle by Slim.
  * Every API controller go through ApiMiddleware which handles security.
  * First service implemented `/info`, for tests purpose.
 2016-12-15 10:36:00 +01:00
ArthurHoaro
cbfdcff261 Prepare settings for the API in the admin page and during the install 
API settings:
   - api.enabled
   - api.secret

The API settings will be initialized (and the secret generated) with an update method.
 2016-12-12 03:54:10 +01:00
ArthurHoaro
d592daea83 Add a persistent 'shorturl' key to all links 
All existing link will keep their permalinks.
New links will have smallhash generated with date+id.

The purpose of this is to avoid collision between links due to their creation date.
 2016-12-12 03:03:12 +01:00
ArthurHoaro
01878a75b9 Apply the new ID system accros the whole codebase 2016-12-12 03:03:12 +01:00
ArthurHoaro
1dc37f9cf8 Update method to use the new ID system, which replaces linkdate primary keys. 
creation and update dates are now DateTime objects.
Since this update is very sensitve (changing the whole database), the datastore will be automatically backed up into the file datastore.<datetime>.php.
 2016-12-12 03:02:01 +01:00
ArthurHoaro
29d108820f Link ID refactoring 
Links now use an incremental unique numeric identifier.
    This ID is persistent and must never change.

    ArrayAccess is used to match the link ID with the array keys (see the comment in LinkDB for more details)

    Key 'created' added, with creation date as a DateTime object. 'updated' is now also a DateTime.
 2016-12-12 03:02:01 +01:00
ArthurHoaro
5ebc1d504b .htaccess files: support Apache 2.4+ syntax 
If `mod_version` is enabled, the previous syntax will apply for Apache <2.4.
If not, the new syntax is used by default.

Fixes #676

`mod_version` identifier is `version_module` across all Apache versions. See:

  * https://httpd.apache.org/docs/current/mod/mod_version.html
  * https://httpd.apache.org/docs/2.2/mod/mod_version.html
  * https://serverfault.com/questions/733910/how-do-i-load-mod-version-only-if-it-isnt-built-in-to-apache

Note that version_module comes built-in with Debian (and derivatives) Apache2 packages, see https://wiki.debian.org/Apache/PackagingFor24
 2016-11-08 11:38:14 +01:00
VirtualTam
3d5e0aede3 Merge pull request #673 from virtualtam/cleanup/linkdb 
LinkDB: code cleanup
 2016-10-21 11:04:52 +02:00
VirtualTam
954dc2446c Merge pull request #665 from ArthurHoaro/fix/feed-hashtags 
Fix hashtag links in Feeds
 2016-10-20 21:37:28 +02:00
VirtualTam
735ed4a94e LinkDB: explicit method visibility 
Relates to https://github.com/shaarli/Shaarli/issues/95

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2016-10-20 21:33:42 +02:00
VirtualTam
f21abf3292 LinkDB: update datastore method names 
Relates to https://github.com/shaarli/Shaarli/issues/95

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2016-10-20 21:33:40 +02:00
VirtualTam
628b97cbdf LinkDB: do not prefix privates with an underscore 
Relates to #95

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2016-10-20 21:10:56 +02:00
ArthurHoaro
fbc28ff1c8 Fix hashtags links in Feeds 
Make the hashtag link absolute in feeds to work properly in RSS syndication tools.
 2016-10-20 11:42:01 +02:00
ArthurHoaro
7af9a41881 Minor code cleanup: PHPDoc, spelling, unused variables, etc. 2016-10-20 11:36:11 +02:00
VirtualTam
8406a4b670 Merge pull request #662 from virtualtam/fix/feed/self-link 
Fix: return the proper value for the "self" feed attribute
 2016-10-17 17:58:39 +02:00
VirtualTam
44a718090d Fix: return the proper value for the "self" feed attribute 
Fixes https://github.com/shaarli/Shaarli/issues/629
Closes https://github.com/shaarli/Shaarli/pull/630

Note: you might need to empty the "pagecache" directory for the
fix to be taken into account

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2016-10-16 20:58:15 +02:00
ArthurHoaro
7fde6de121 New init function for plugins, supports errors reporting 
All plugins can optionally add an init function named `pluginname_init()` which is called when the plugin is loaded.

This function is aware of the config, and can return initialization errors, which are displayed in the header template.

Note that the previous error system hack no longer work.
 2016-10-14 13:22:58 +02:00
Arthur
0354257266 Merge pull request #622 from ArthurHoaro/update-date 
Save link update dates and render it in templates and feeds
 2016-10-12 14:51:37 +02:00
Arthur
adcdac1dec Merge pull request #623 from ArthurHoaro/security/reverse-proxy-ban 
Add trusted IPs in config and try to ban forwarded IP on failed login
 2016-10-12 14:48:57 +02:00
VirtualTam
8758bb0ac8 Merge pull request #619 from ArthurHoaro/plugins/param-desc 
Add a description to plugin parameters
 2016-08-13 14:48:51 +02:00
VirtualTam
db6dec0de1 Fix: add missing final newlines, untabify text 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2016-08-13 14:22:22 +02:00
VirtualTam
f4ad7bde56 Fix: ensure Internet Explorer bookmark dumps can be imported 
Relates to https://github.com/shaarli/Shaarli/issues/607

Modifications:
- [application][tests] NetscapeBookmarkUtils: more permissive doctype detection

The IE bookmark exports contain extra escape sequences, which can be observed
by binary comparison of the reference input data used in tests:

   $ cmp -b -l -n 8 netscape_basic.htm internet_explorer_encoding.htm

   1  74 <    357 M-o
   2  41 !    273 M-;
   3 104 D    277 M-?
   4 117 O     74 <
   5 103 C     41 !
   6 124 T    104 D
   7 131 Y    117 O
   8 120 P    103 C

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2016-08-12 23:22:15 +02:00
VirtualTam
a973afeac7 Refactor bookmark import using a generic Netscape parser 
Relates to #607
Relates to #608
Relates to #493 (abandoned)

Additions:
- use Composer's autoload to load 3rd-party dependencies under vendor/

Modifications:
- [import] replace the current parser with a generic, stable parser
  - move code to application/NetscapeBookmarkUtils
  - improve status report after parsing
- [router] use the same endpoint for both bookmark upload and import dialog
- [template] update bookmark import options
  - allow adding tags to all imported links
  - allow selecting the visibility (privacy) of imported links
- [tests] ensure bookmarks are properly parsed and imported in the LinkDB
  - reuse reference input from the parser's test data

See:
- https://github.com/shaarli/netscape-bookmark-parser
- https://getcomposer.org/doc/01-basic-usage.md#autoloading

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2016-08-10 01:42:44 +02:00
Arthur
d0d3623172 Merge pull request #624 from julienCXX/pr-curl-http-fetch 
Added (and set as default) a cURL-based method for fetching HTTP content
 2016-08-09 13:15:19 +02:00
julienCXX
634783f916 Set cURL as default in HTTP fetching, a fallback method and consistency fixup between both methods 2016-08-08 20:45:50 +02:00
ArthurHoaro
edf3ff5a53 Initialize a translation function 
It matches the API of ngettext().
 2016-08-07 11:54:39 +02:00
ArthurHoaro
fd5ac47ea2 Generate a token for every pages 2016-08-06 14:09:26 +02:00
ArthurHoaro
50d1791838 Add trusted IPs in config and try to ban forwarded IP on failed login 
* Add a new settings (which needs to be manually set): `security.trusted_proxies`
  * On login failure, if the `REMOTE_ADDR` is in the trusted proxies, try to retrieve the forwarded IP in headers.
  * If found, the client address is added in ipbans, else we do nothing.

Fixes #409
 2016-08-03 10:36:47 +02:00
ArthurHoaro
c6d876bb2a Set updated date for items in feeds 
RSS doesn't support updated date for items, so we use the ATOM extension.
Updated dates also bump the global update
 2016-08-03 09:54:57 +02:00
ArthurHoaro
9646b7da22 Save the update date in LinkDB and pass it to linklist templates 
It can be used as a timestamp by templates under the key 'updated_timestamp'.
 2016-08-03 09:44:04 +02:00
VirtualTam
c7a42ab1d9 Merge pull request #621 from ArthurHoaro/hotfix/update-escape-config 
Fix update method escapeUnescapedConfig
 2016-08-02 19:46:47 +02:00
ArthurHoaro
b9f8b83790 Fix update method escapeUnescapedConfig 
* Actually run it
  * unit tests

Fixes #611
 2016-08-02 12:54:55 +02:00
ArthurHoaro
15170b5164 Parse plugin parameters description with the PluginManager 
Plugin parameter can contain a description in their meta file under the key:

    parameter.<param_name>="<description>"
 2016-08-02 11:12:01 +02:00
ArthurHoaro
9866b40814 Better whitespace handling in tags 
Correct PR #573 to work properly with hidden tags, and add ReferenceLinkDB UT.

Fixes #571 - Closes #573
 2016-08-02 10:34:21 +02:00
Chris Kuethe
4b35853d68 Better whitespace handling in tags. Fixes #571 2016-08-02 10:22:18 +02:00
ArthurHoaro
97ef33bb72 Fixes #600 - Shaarli's title is not set with the new config manager 
- Fixed title config key
  - Page title (in head tag) is no longer set through the config manager
 2016-07-19 18:03:09 +02:00
Arthur
0c4c7ae818 Merge pull request #558 from ArthurHoaro/hashtag4 
Hashtag system
 2016-07-09 07:36:23 +02:00
Arthur
649af5b501 Merge pull request #570 from ArthurHoaro/config-manager 
Introduce a configuration manager
 2016-07-09 07:19:48 +02:00
ArthurHoaro
5ff23f02b8 Add closing PHP tags to JSON config files 2016-06-20 18:30:37 +02:00
ArthurHoaro
b302c77c74 Pass the configuration manager to templates 2016-06-15 18:22:19 +02:00
ArthurHoaro
894a3c4bf3 Rename configuration key for better sections 2016-06-11 09:30:56 +02:00
ArthurHoaro
51def0d849 PluginManager no longer uses singleton pattern 2016-06-11 09:30:56 +02:00
ArthurHoaro
278d9ee283 ConfigManager no longer uses singleton pattern 2016-06-11 09:30:56 +02:00
ArthurHoaro
7f179985b4 Remove remaining settings initialization in index.php 
Except for those which require external data (timezone and $_SERVER).
 2016-06-11 09:30:56 +02:00
ArthurHoaro
da10377b3c Rename configuration keys and fix GLOBALS in templates 2016-06-11 09:30:56 +02:00
ArthurHoaro
d93d51b213 Set the default timezone in index.php 2016-06-11 09:30:56 +02:00
ArthurHoaro
b74b96bfbd Adds ConfigJson which handle the configuration in JSON format. 
Also use the Updater to make the transition
 2016-06-11 09:30:56 +02:00
ArthurHoaro
684e662a58 Replace $GLOBALS configuration with the configuration manager in the whole code base 2016-06-11 09:30:56 +02:00
ArthurHoaro
59404d7909 Introduce a configuration manager (not plugged yet) 2016-06-11 09:30:56 +02:00
ArthurHoaro
9ccca40189 Hashtag system 
* Hashtag are auto-linked with a filter search
  * Supports unicode
  * Compatible with markdown (excluded in code blocks)
 2016-06-06 21:04:43 +02:00
Arthur
92a381f517 Merge pull request #583 from ArthurHoaro/enhance/tag-case 
Fixes #497: ignore case difference between tags
 2016-06-03 18:30:19 +02:00
ArthurHoaro
b1eb5d1d31 Fixes #497: ignore case difference between tags 
While retrieving all tags, case differences will be ignored.
This affects:

  * tag cloud
  * tag autocompletion
 2016-05-31 09:09:32 +02:00
nodiscc
725ca094f8 Url.php: remove unwanted ?PHPSESSID= URL parameters, 
update test case
 2016-05-20 12:23:03 +02:00
Arthur
3fdcc7bd47 Merge pull request #560 from ArthurHoaro/nb-private-shaare 
Private links counter in the header
 2016-05-14 11:11:11 +02:00
ArthurHoaro
141a86c503 Add private link counter 2016-05-13 08:48:23 +02:00
ArthurHoaro
03eb19ac60 Extract PageBuilder class from index.php 2016-05-13 08:48:18 +02:00
ArthurHoaro
5046bcb6ab Fix startsWith and endsWith case 2016-05-10 23:31:41 +02:00
VirtualTam
bb4a23aa86 Export: allow prepending notes with the Shaarli instance's URL 
Relates to #102

Additions:
- application:
  - export: allow prepending note permalinks with the instance's URL
  - test coverage

Modifications:
- export template: switch to an HTML form
  - link selection (all/private/public)
  - prepend note permalinks with the instance's URL

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2016-05-06 16:12:46 +02:00
ArthurHoaro
caa69b5853 typo 2016-05-05 13:28:43 +02:00
Arthur
86deafe0ff Merge pull request #551 from ArthurHoaro/hotfix/timezone 
Use correct 'UTC' timezone
 2016-05-05 13:21:36 +02:00
ArthurHoaro
12ff86c961 Use correct 'UTC' timezone 2016-05-03 20:09:24 +02:00
Arthur
47be060983 Merge pull request #532 from ArthurHoaro/hotfix/title-retrieve-the-return 
Fixes #531 - Title retrieving is failing with multiple use case
 2016-05-03 19:53:57 +02:00
ArthurHoaro
ce7b0b6480 Fixes #531 - Title retrieving is failing with multiple use case 
see https://github.com/shaarli/Shaarli/issues/531 for details
 2016-05-03 19:51:29 +02:00
D Low
20f89623c0 Fix error when filtering search tags 
Arrays are key-value maps. We should reindex the array after a filter
since we are using the key and count to do array access in filterTags.
An example would be searching for "foo, bar", after the array filter,
our array is actually (0 -> foo, 2 -> bar) which will cause an error
when trying to access $searchtags[1].
 2016-04-14 00:10:39 +01:00
VirtualTam
cd5327bee8 Refactor Netscape bookmark exporting 
Relates to https://github.com/shaarli/netscape-bookmark-parser/issues/5

Fixes:
- respect the Netscape bookmark format "specification"

Modifications:
- [application] introduce the NetscapeBookmarkUtils class
- [template] export           - improve formatting, rename export selection parameter
- [template] export.bookmarks - template for Netscape exports
- [tests] bookmark filtering, additional field generation

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2016-04-10 21:28:04 +02:00
ArthurHoaro
043eae70c4 Fixes #480: add an option to urlencode redirector URL 
* New config: `$GLOBALS['config']['REDIRECTOR_URLENCODE']` (default `true`).
  * Parameter added to LinkDB constructor.
  * Fixes a bug with urlencode and escaped url.
  * In `index.php`, LinkDB is now instanciate once for `importFile()` and `showDaily()`.
  * TU
 2016-04-09 16:52:32 +02:00
VirtualTam
11609d9fd8 Merge pull request #522 from ArthurHoaro/hotfix/readershaare 
Refactor and rebase #380: Firefox reader view links
 2016-03-30 19:31:19 +02:00
ArthurHoaro
c9da01e749 Refactor and rebase #380: Firefox reader view links 
Fixes #366
Closes #380
 2016-03-26 16:26:23 +01:00
Arthur
f66a1990e5 Merge pull request #515 from ArthurHoaro/template-feeds 
Refactor RSS feeds generation, and do it through templates
 2016-03-25 19:20:55 +01:00
ArthurHoaro
528a6f8a23 Refactor filter in LinkDB 
* search type now carried by LinkDB in order to factorize code between different search sources.
  * LinkDB->filter split in 3 method: filterSearch, filterHash, filterDay (we know what type of filter is needed).
  * filterHash now throw a LinkNotFoundException if it doesn't exist: internal implementation choice, still displays a 404.
  * Smallhash regex has been rewritten.
  * Unit tests update
 2016-03-25 19:17:59 +01:00
ArthurHoaro
ee88a4bcc2 Makes escape a recursive function which handle array of strings 2016-03-25 19:17:59 +01:00
ArthurHoaro
82e3680203 Create a FeedBuilder class which build data for both ATOM and RSS feed. 2016-03-25 19:17:55 +01:00
Kevin Canévet
ecd051905f Fix issue 366, Problem when shaaring a link in Reader View of Firefox. 2016-03-24 08:34:47 +01:00
ArthurHoaro
69c474b966 Refactor showAtom, and make it use the ATOM template 
Minor changes:

  * Fix the date which was in a invalid format.
  * Avoid empty categories (tags).
  * Use the locale to set the language
 2016-03-18 19:13:48 +01:00
ArthurHoaro
8395d0b761 Adds a route for ATOM and RSS feeds page 2016-03-18 19:13:48 +01:00
ArthurHoaro
68ea1d2b30 Fixes #512: retrieving title didn't match the first closing tag 2016-03-08 10:00:53 +01:00
ArthurHoaro
85244fa0d0 Fixes #477: support multi reverse proxy with comma syntax 
Going through multiple reverse proxy will store multiple scheme and port in HTTP header separated by a comma. Shaarli will use the first one to generate server_url.
 2016-02-28 16:24:18 +01:00
Arthur
c6744a9e89 Merge pull request #496 from ArthurHoaro/cross-search 
Allow crossed search between terms and tags
 2016-02-28 14:26:46 +01:00
ArthurHoaro
c51fae92dc Allow crossed search between terms and tags 
* Partial fix of #449
  * Current use case: search term + click on tag.
  * LinkFilter now returns all links if no filter is given.
  * Unit tests.
 2016-02-28 14:17:40 +01:00
Arthur
10269bc8c9 Merge pull request #491 from ArthurHoaro/markdown-escape2 
Markdown: don't escape content + sanitize sensible tags
 2016-02-25 08:52:42 +01:00
Arthur
fa40b43f60 Merge pull request #492 from ArthurHoaro/locale-sort-fix 
Fixes #481: tag cloud fatal error
 2016-02-24 19:26:57 +01:00
ArthurHoaro
7b63e4ca09 Apply the locale to all categories and move autolocale to Utils.php 2016-02-19 20:14:06 +01:00
ArthurHoaro
2925687e1e Markdown: don't escape content + sanitize sensible tags 
Instead of trying to fix broken content for Markdown parsing, parse it unescaped, then sanatize sensible tags such as scripts, etc.
 2016-02-19 19:37:13 +01:00
VirtualTam
205a42778d cleanup: use DateTime to format dates 
Closes #270

Modifications:
- replace custom date parsing by DateTime calls
- use proper date formatting for RSS feeds

Deletions:
- linkdate2timestamp()
- linkdate2rfc822
- linkdate2iso8601

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2016-02-17 22:46:50 +01:00
ArthurHoaro
522b278b03 Support text search across link fields. 2016-02-15 21:38:45 +01:00
ArthurHoaro
bedd176a54 Improved search: combine AND, exact terms and exclude search. 2016-02-15 21:38:40 +01:00
ArthurHoaro
195acf9f09 Private/Hidden tags 
Tags starting with a dot '.' are now private.
They can only be seen and searched when logged in.

Fixes #315
 2016-02-15 21:18:43 +01:00
ArthurHoaro
21979ff11c Add exclusion in tag search 
* Searching '-mytag' will now exlude all shaares with 'mytag' tag.
  * All tags starting with a '-' are renamed without it (through the Updater).
  * Unit tests.

Minor code changes:

 * LinkDB->filter() can now take no parameters (get all link depending on logged status).
 * tagsStrToArray() is now static and filters blank tags.
 2016-02-15 20:40:39 +01:00
ArthurHoaro
510377d2cb Introduce the Updater class which 
* contains methods designed to be run once.
  * is able to upgrade the datastore or the configuration.
  * is based on methods names, stored in a text file with ';' separator (updates.txt).
  * begins with existing function 'mergeDeprecatedConfigFile()' (options.php).
 2016-02-15 20:30:24 +01:00
Arthur
268a2e5265 Merge pull request #453 from ArthurHoaro/pr450 
Implemented a little more sophisticated searching (squashed)
 2016-02-01 19:21:47 +01:00
Florian Voigt
ebd8075a89 Implemented searching for a phrase in double-quotes or all words in no particular order. 
+ unit tests
 2016-02-01 19:18:27 +01:00
Arthur
53603f5823 Merge pull request #388 from ArthurHoaro/pluginadmin 
Fixes #378 - Plugin administration UI.
 2016-01-31 19:00:13 +01:00
Arthur
893338f0d4 Merge pull request #379 from ArthurHoaro/plugin-markdown 
PLUGIN Markdown
 2016-01-31 18:57:29 +01:00
ArthurHoaro
dea0ba28f9 Fixes #378 - Plugin administration UI. 2016-01-31 18:54:48 +01:00
ArthurHoaro
55d0a5c445 Bugfix: prevent LinkFilter to work on outdated data. 2016-01-20 22:51:56 +01:00
VirtualTam
25d88c90aa Merge pull request #441 from virtualtam/tests/check-file-permissions 
tests: add a make target to check file permissions
 2016-01-18 00:29:14 +01:00
VirtualTam
aa7f7b3ea6 fix: use PHP_EOL for carriage returns in file logs 
Relates to #436

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2016-01-18 00:24:36 +01:00
VirtualTam
fc17813bd1 tests: add a make target to check file permissions 
Additions:
- [makefile] check versioned files are not executable
- [travis]   call the new make target

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2016-01-17 21:02:24 +01:00
VirtualTam
478ce8afb4 Logging: improve formatting to enable fail2ban parsing 
Fixes #436

Modifications:
- remove calls to strval() on safe data
- update the date format: 'Y/m/d_H:i:s' => 'Y/m/d H:i:s'

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2016-01-16 16:19:44 +01:00
VirtualTam
1abe655597 Logging: move logm() from index.php to application/Utils.php 
Relates to #436

Modifications:
- inject dependencies to global variables ($_SERVER, $GLOBALS)
- apply coding conventions
- add test coverage

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2016-01-16 16:07:16 +01:00
ArthurHoaro
1557cefbd7 Fixes #410 - Retrieve title fails in multiple cases 
* `get_http_url()` renamed to `get_http_response()`.
  * Use the same HTTP context to retrieve response headers and content.
  * Follow HTTP 301 and 302 redirections to retrieve the title (default max 3 redirections).
  * Add `LinkUtils` to extract titles and charset.
  * Try to retrieve charset from HTTP headers first (new), then HTML content.
  * Use mb_string to re-encode title if necessary.
 2016-01-11 21:19:31 +01:00
Arthur
88c15abb2a Merge pull request #424 from ArthurHoaro/search 
Link filter refactoring
 2016-01-06 19:57:42 +01:00
ArthurHoaro
2c75f8e780 Fixes #426 - Do not filter with blank tags. 2016-01-06 19:53:25 +01:00
ArthurHoaro
822bffced8 Link filter refactoring 
* introduce class LinkFilter to handle link filter operation (and lighten LinkDB).
  * handle 'private only' in filtering.
  * update template to prefill search fields with current search terms.
  * coding style.
  * unit test (mostly move from LinkDB to LinkFilter).

PS: preparation for #358 #315 and 'AND' search.
 2016-01-06 19:53:04 +01:00
ArthurHoaro
1be4afacf9 PLUGIN Markdown 
Parse link description in Markdown (HTML) before rendering.

      * hard remove of Shaarli's HTML before parsing.
      * Using Parsedown <https://github.com/erusev/parsedown> PHP lib.
      * Includes basic markdown CSS.
      * Style: removed 400px height max limit for shaares.
      * Unit tests.
 2016-01-03 17:36:10 +01:00
VirtualTam
defc8a3f03 Merge pull request #417 from ArthurHoaro/wallabag-improve 
Wallabag plugin improvement
 2016-01-02 20:09:29 +01:00
ArthurHoaro
938d9cce77 Wallabag plugin improvement 
* Fixes a bug where URL weren't properly encoded.
  * Adds Wallabag V2 support.
  * Adds a URL function to handle trailing slash.
  * UT.
  * README updated.
 2015-12-27 15:30:34 +01:00
ArthurHoaro
49e62f22ad QRCode plugin: use url instead of real_url 
Fixes #414 and avoid usage of redirector in QRCode.

Also fixed a bug with URL encoding.
 2015-12-22 10:59:41 +01:00
ArthurHoaro
38603b2450 Fixes #403: build the daily page through renderPage() 
* new entry in the Router for daily page.
  * add an always displayed button in demo_plugin
 2015-12-08 15:51:49 +01:00
VirtualTam
4a7af9759a fix: assign template variables to empty values so they can be evaluated 
Regression introduced in #394

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2015-12-03 20:30:46 +01:00
VirtualTam
4407b45fd3 application: default to the "stable" branch for update checks 
Relates to #372
Relates to #390

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2015-11-27 00:10:43 +01:00
VirtualTam
4bf35ba56b application: refactor version checks, move to ApplicationUtils 
Relates to #372

Modifications:
 - move checkUpdate() to ApplicationUtils
 - reduce file I/O operations during version checks
 - apply coding conventions
 - add test coverage

Tools:
 - create a sandbox directory for tests

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2015-11-26 23:19:37 +01:00
ArthurHoaro
90e5bd65c9 URL encode links when a redirector is set. 
Fixes #328 - URL encode links when a redirector is set

  * WARNING - template edit - new variable available : "real_url"
  Contains the final real url (redirected or any other change on original URL)

  * Don't redirect shaares link in RSS/Atom.
  * Affects links shaared in description.
  * Move text2clickable and keepMultipleSpaces to Utils.php + unit test

UPDATE:

* keepMultipleSpaces renamed to space2nbsp
* space2nbsp improved to handle single space at line beginning
* links in text description aren't 'nofollow' anymore
 2015-11-26 20:14:38 +01:00
VirtualTam
c9cf2715f0 application: move checkPHPVersion from Utils to ApplicationUtils 
Relates to #372

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2015-11-24 01:40:44 +01:00
VirtualTam
2e28269bae install: check file/directory permissions for Shaarli resources 
Relates to #40
Relates to #372

Additions:
 - FileUtils: IOException
 - ApplicationUtils:
   - check if Shaarli resources are accessible with sufficient permissions
   - basic test coverage
 - index.php:
   - check access permissions and redirect to an error page if needed:
     - before running the first installation

Modifications:
 - LinkDB:
   - factorize datastore write code
   - check if the datastore
     (exists AND is writeable) OR (doesn't exist AND its parent dir is writable)
   - raise an IOException if needed

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2015-11-24 01:12:35 +01:00
ArthurHoaro
8f8113b94b Fixes #176 - Add opensearch functionality 
* add a new page in Router: do=opensearch which displays the opensearch plugin
 * using base64 compressed image to avoid issue encountered with HTTPS
 2015-11-17 20:19:44 +01:00
VirtualTam
a7921b2445 cleanup: remove the executable bit from source scripts 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2015-11-11 19:19:24 +01:00
Arthur
fd006c630b Merge pull request #275 from shaarli/plugin-proposition 
Plugin proposition
 2015-11-08 13:29:32 +01:00
ArthurHoaro
567967fdf9 Template upgrade to handle plugin zones 
Add a bunch of plugin placeholders in templates
 2015-11-07 15:27:22 +01:00
ArthurHoaro
6fc14d5303 Plugin system - CORE 
see shaarli/Shaarli#275
 2015-11-07 15:27:17 +01:00
ArthurHoaro
d01c234235 Fixes #356 
* adding a link should return added link's hash
* allow redirection relative urls in generateLocation
 2015-11-04 19:53:59 +01:00
VirtualTam
482d67bd52 HTTP: move server URL functions to HttpUtils.php 
Relates to #333

Modifications:
 - refactor server URL utility functions
 - do not access global `$_SERVER` variables
 - add test coverage
 - improve readability
 - apply coding conventions

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2015-09-14 20:27:16 +02:00
Guillaume Virlet
ef591e7ee2 Url: introduce global helper functions for cleanup and scheme detection 
Relates to #314 & #326

Additions:
 - add global `cleanup_url()` and `get_url_scheme()` functions

Modifications:
 - replace `Url` usage in `index.php` by calls to global functions
 - fix `Url` tests not being run: PHPUnit expects a single test class per file
   - move classes to separate files
 2015-09-08 22:00:37 +02:00
VirtualTam
451314eb48 HTTP: move utils to a proper file, add tests 
Relates to #333

Modifications:
 - move HTTP utils to 'application/HttpUtils.php'
 - simplify logic
   - replace 'http_parse_headers_shaarli' by built-in 'get_headers()'
   - remove superfluous '$status' parameter (provided by the HTTP headers)
 - apply coding conventions
 - add test coverage (unitary only)

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2015-09-06 19:30:26 +02:00
VirtualTam
68bc21353a Session ID: extend the regex to match possible hash representations 
Improves #306
Relates to #335 & #336
Duplicated by #339

Issues:
 - PHP regenerates the session ID if it is not compliant
 - the regex checking the session ID does not cover all cases
   - different algorithms: md5, sha1, sha256, etc.
   - bit representations: 4, 5, 6

Fix:
 - `index.php`:
   - remove `uniqid()` usage
   - call `session_regenerate_id()` if an invalid cookie is detected
 - regex: support all possible characters - '[a-zA-Z,-]{2,128}'
 - tests: add coverage for all algorithms & bit representations

See:
 - http://php.net/manual/en/session.configuration.php#ini.session.hash-function
 - https://secure.php.net/manual/en/session.configuration.php#ini.session.hash-bits-per-character
 - http://php.net/manual/en/function.session-id.php
 - http://php.net/manual/en/function.session-regenerate-id.php
 - http://php.net/manual/en/function.hash-algos.php

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2015-09-06 16:14:24 +02:00
ArthurHoaro
4d30975a06 Allow uppercase letters in PHP sessionid format 
Fixes shaarli/Shaarli#335 - Wrong login/password since v0.5.2

Regression introduced in 06b6660a7e
 2015-09-02 17:00:38 +02:00
VirtualTam
6211c498f6 Merge pull request #326 from ArthurHoaro/bug-url 
Fixes #325 - Shaarli does not recognize saved links
 2015-08-31 20:31:41 +02:00
ArthurHoaro
9e1724f192 Fixes #325 - Shaarli does not recognize saved links 
PHP doesn't seem to autoconvert objects to strings when they're use as array indexes.

Fixes regression introduced in d9d776af19
 2015-08-31 12:26:38 +02:00
ArthurHoaro
06b6660a7e Avoid Full Path Disclosure error on session error. 
* Add a function to validate session ID.
  * Generate a new session ID if an invalid token is passed.
 2015-08-22 10:10:55 +02:00
VirtualTam
d9d776af19 Links: refactor & improve URL cleanup 
Relates to #141
Relates to #133

Modifications
 - move URL cleanup to `application/Url.php`
 - rework the cleanup function
   - fragments: `#stuff`
   - GET parameters: `?var1=val1&var2=val2`
 - add documentation (APIs the params belong to)
 - add test coverage

Reference
 - http://php.net/parse_url
 - http://php.net/manual/en/language.oop5.magic.php#language.oop5.magic.tostring

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2015-08-15 15:58:38 +02:00
VirtualTam
aedd62e2b8 Cache: simplify cached content cleanup, improve tests 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2015-08-13 23:51:31 +02:00
VirtualTam
01e48f269d CachedPage: move to a proper file, add tests 
Modifications
 - rename `pageCache` to `CachedPage`
 - move utilities to `Cache`
 - do not access globals
 - apply coding rules
 - update LinkDB and test code
 - add test coverage

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2015-08-13 23:48:06 +02:00
VirtualTam
afd7b77b4c Installation: default to the server's timezone 
Modifications
 - attempt to use the server's timezone
 - if none is set, use UTC
 - TimeZone: apply coding conventions
   - variable naming
   - no closing PHP tag

Relates to #274

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2015-08-04 23:54:03 +02:00
VirtualTam
d1e2f8e52c PHP: ensure 5.3 compatibility, refactor timezone utilities 
Relates to #250

Modifications
 - supported version
   - bump required version from 5.1.0 to 5.3.x
   - update README
   - add PHP 5.3 to Travis environments
 - rewrite array declarations: explicitely use array() instead of []
 - move checkPHPVersion to application/Utils.php
 - move timezone functions to application/TimeZone.php
   - cleanup code
   - improve test coverage

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2015-07-13 13:06:06 +02:00
VirtualTam
5b0ebbc5de Merge pull request #257 from ArthurHoaro/tag-http-referer 
Prevent redirection loop everytime we rely on HTTP_REFERER
 2015-07-12 19:56:13 +02:00
ArthurHoaro
775803a05c Prevent redirection loop everytime we rely on HTTP_REFERER: 
* search tag
  * delete tag
  * pagination
  * display privates only
  * delete link
  * new/edit/cancel link return page

Move location generation to Utils.php + unit tests.

Fixes #256

ninja
 2015-07-12 17:43:13 +02:00
VirtualTam
07b6fa750b LinkDB: prefix private members with an underscore 
Relates to #95, #218

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2015-07-09 21:46:01 +02:00
VirtualTam
e92f1ba59e Merge pull request #255 from ArthurHoaro/config 
All settings are now stored in config.php
 2015-07-09 21:34:46 +02:00
ArthurHoaro
dd484b90b1 All settings are now stored in config.php 
Isolate functions related to config in Config.php + add unit tests + code_sniffer.

options.php is not supported anymore, but its content will be automatically saved into config.php

Fixes #shaarli/Shaarli#41

*TODO*: update [documentation](https://github.com/shaarli/Shaarli/wiki#configuration).
 2015-07-09 20:46:03 +02:00
VirtualTam
9186ab9594 LinkDB::filterDay(): check input date format 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2015-07-09 00:44:19 +02:00
nodiscc
d72ae3d7e8 Merge remote-tracking branch 'ArthurHoaro/default-links' 2015-06-26 22:03:25 +02:00
nodiscc
2fbadc3c63 Merge remote-tracking branch 'virtualtam/linkdb/remove-globals' 2015-06-26 22:03:10 +02:00
Felix Bartels
ddfc400465 Restore compatability with php 5.3 2015-06-26 16:57:07 +02:00
VirtualTam
9c8752a206 LinkDB: do not access global variables 
Relates to #218

Removes "hidden" access to the following variables:
 - $GLOBALS['config']['datastore']
 - PHPPREFIX
 - PHPSUFFIX

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2015-06-24 23:26:52 +02:00
ArthurHoaro
598376d4cf Change fresh install default link 
Fixes #200

Let me know if you want to change anything in the description.
 2015-06-24 11:58:00 +02:00
nodiscc
64bc92e3ac move escape() and sanitizeLink() to application/Utils.php 
prevents 'PHP Fatal error:  Call to undefined function sanitizeLink() in Shaarli/application/LinkDB.php on line 255' in tests
 2015-06-24 01:08:30 +02:00
nodiscc
eaefcba724 Merge remote-tracking branch 'ArthurHoaro/input-escape' into next 
Conflicts:
	index.php
 2015-06-24 00:51:38 +02:00
VirtualTam
9f15ca9ee7 LinkDB: add 'hidePublicLinks' parameter to the constructor 
Fixes #236
Relates to #237

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2015-06-24 00:26:59 +02:00
ArthurHoaro
5f85fcd863 Working on shaarli/Shaarli#224 
I reviewed character escaping everywhere with the following ideas:

  * use a single common function to escape user data: `escape` using `htmlspecialchars`.
  * sanitize fields in `index.php` after reading them from datastore and before sending them to templates.
  	It means no escaping function in Twig templates.
    2 reasons:
    * it reduces risks of security issue for future user made templates
    * more readable templates
  * sanitize user configuration fields after loading them.
 2015-06-23 16:35:36 +02:00
nodiscc
578a84bda0 re-add readDb() missing from previous merge 2015-06-23 14:57:54 +02:00
VirtualTam
ca74886f30 LinkDB: move to a proper file, add test coverage 
Relates to #71

LinkDB
 - move to application/LinkDB.php
 - code cleanup
   - indentation
   - whitespaces
   - formatting
 - comment cleanup
   - add missing documentation
   - unify formatting

Test coverage for LinkDB
 - constructor
 - public / private access
 - link-related methods

Shaarli utilities (LinkDB dependencies)
 - move startsWith() and endsWith() functions to application/Utils.php
 - add test coverage

Dev utilities
 - Composer: add PHPUnit to dev dependencies
 - Makefile:
    - update lint targets
    - add test targets
    - generate coverage reports

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2015-06-11 00:45:45 +02:00