Commit graph

548 commits

Author SHA1 Message Date
ArthurHoaro
d3f6d52525 Fix compatiliby issue on login with PHP 7.1
session_set_cookie_params does not return any value in PHP 7.1
2020-10-28 14:02:08 +01:00
ArthurHoaro
156061d445 Raise 404 error instead of 500 if permalink access is denied 2020-10-28 13:16:18 +01:00
ArthurHoaro
34c8f558e5 Bulk creation: ignore blank lines 2020-10-27 20:11:30 +01:00
ArthurHoaro
c609944cb9 Bulk creation: improve performances using memoization
Reduced additional processing time per links from ~40ms to ~5ms
2020-10-27 20:11:30 +01:00
ArthurHoaro
25e90d8d75 Bulk creation: fix private status based on the first form 2020-10-27 20:11:30 +01:00
ArthurHoaro
5d8de7587d Feature: bulk creation of bookmarks
This changes creates a new form in addlink page allowing to create
multiple bookmarks at once more easily. It focuses on re-using as much
existing code and template component as  possible.

These changes includes:
  - a new form in addlink (hidden behind a button by default),
containing a text area for URL, and tags/private status to apply to
created links
  - this form displays a new template called editlink.batch, itself
including editlink template multiple times
  - User interation in this new templates are handle by a new JS script
(shaare-batch.js) making AJAX requests, and therefore does not need page
reloading
  - ManageShaareController has been split into 3 distinct controllers:
    + ShaareAdd: displays addlink template
    + ShaareManage: various operation applied on existing shaares
(change visibility, pin, deletion, etc.)
    + ShaarePublish: handles creation/edit forms and saving Shaare's
form
  - Updated translations

Fixes #137
2020-10-27 20:11:30 +01:00
ArthurHoaro
54afb1d6f6 Fix rebase issue 2020-10-27 19:55:29 +01:00
ArthurHoaro
36e6d88dbf Feature: add weekly and monthly view/RSS feed for daily page
- Heavy refactoring of DailyController
  - Add a banner like in tag cloud to display monthly and weekly links
  - Translations: t() now supports variables with optional first letter
uppercase

Fixes #160
2020-10-27 19:45:02 +01:00
ArthurHoaro
c2cd15dac2 Move utils classes to Shaarli\Helper namespace and folder 2020-10-27 19:41:38 +01:00
ArthurHoaro
9c04921a8c Feature: Share private bookmarks using a URL containing a private key
- Add a share link next to « Permalink » in linklist (using share icon
from fork awesome)
  - This link generates a private key associated to the bookmark
  - Accessing the bookmark while logged out with the proper key will
display it

Fixes #475
2020-10-27 19:32:57 +01:00
ArthurHoaro
e6215a2ad9
Merge pull request #1604 from ArthurHoaro/feature/server-admin-page
Feature: add a Server administration page
2020-10-27 19:29:43 +01:00
Ganesh Kandu
e69e3fef7b
Removed PHP_EOL
just replace "*/ ?>" and "<?php /*" with '' and "Trim" output whatever is EOF will trimmed out.
2020-10-27 18:08:14 +05:30
Ganesh Kandu
42a72c02fa
Replaced PHP_EOL to "\n"
i was getting error 

```
An error occurred while parsing JSON configuration file (data/config.json.php): error code #4
➜ Syntax error
Please check your JSON syntax (without PHP comment tags) using a JSON lint tool such as jsonlint.com.
```
after debug i found 
```php
        $data = str_replace(self::getPhpHeaders(), '', $data);
        $data = str_replace(self::getPhpSuffix(), '', $data);
```
doesn't removing php header and php suffix

cause of this issue was PHP_EOL represents the endline character for the current system. if my  ```config.json.php```  was encoded with unix ( LF ) and php running on windows windows encoding ( CR LF ) is not same as unix encoding ( LF ) so ```str_replace``` doesn't replace strin  then it causes issue.
2020-10-27 17:42:35 +05:30
ArthurHoaro
820cae27cf
Merge pull request #1601 from ArthurHoaro/feature/psr3 2020-10-24 11:37:29 +02:00
ArthurHoaro
0cf76ccb47 Feature: add a Server administration page
It contains mostly read only information about the current Shaarli instance,
PHP version, extensions, file and folder permissions, etc.
Also action buttons to clear the cache or sync thumbnails.

Part of the content of this page is also displayed on the install page,
to check server requirement before installing Shaarli config file.

Fixes #40
Fixes #185
2020-10-21 15:06:47 +02:00
ArthurHoaro
5c06c0870f Dislay an error if an exception occurs in the error handler
Related to #1598
2020-10-20 18:32:46 +02:00
ArthurHoaro
b38a1b0209 Use PSR-3 logger for login attempts
Fixes #1122
2020-10-20 11:47:07 +02:00
ArthurHoaro
21e72da9ee Asynchronous retrieval of bookmark's thumbnails
This feature is based general.enable_async_metadata setting and works with existing metadata.js file.
The script is compatible with any template:
   - the thumbnail div bloc must have  attribute
   - the bookmark bloc must have  attribute with the bookmark ID as value

Fixes #1564
2020-10-20 10:15:18 +02:00
ArthurHoaro
9b3c1270bc
Merge pull request #1567 from ArthurHoaro/feature/async-title-retrieval 2020-10-20 10:14:28 +02:00
ArthurHoaro
4e3875c0ce Feature: highlight fulltext search results
How it works:

  1. when a fulltext search is made, Shaarli looks for the first
occurence position of every term matching the search. No change here,
but we store these positions in an array, in Bookmark's additionalContent.
  2. when formatting bookmarks (through BookmarkFormatter
implementation):
    1. first we insert specific tokens at every search result positions
    2. we format the content (escape HTML, apply markdown, etc.)
    3. as a last step, we replace our token with displayable span
elements

Cons: this tightens coupling between search filters and formatters
Pros: it was absolutely necessary not to perform the
search twice. this solution has close to no impact on performances.

Fixes #205
2020-10-16 20:31:12 +02:00
ArthurHoaro
81c9df1363
Merge pull request #1593 from ArthurHoaro/fix/no-url-rewriting 2020-10-16 19:26:03 +02:00
ArthurHoaro
3adbdc2a83 Inject ROOT_PATH in plugin instead of regenerating it everywhere 2020-10-16 13:06:06 +02:00
ArthurHoaro
7f5250421b Support using Shaarli without URL rewriting
- Shaarli can be fully used by prefixing any URL with /index.php/
   - {$base_path} used in templates already works with this configuration
   - Assets path (outside of theme's assets) must be prefixed with {$root_url}/
   - Documentation section in « Server configuration »

Fixes #1590
2020-10-16 12:47:11 +02:00
ArthurHoaro
4b3aca6623 Strict types: fix an issue in daily where the date could be an int 2020-10-16 12:04:46 +02:00
ArthurHoaro
5334090be0 Improve metadata retrieval (performances and accuracy)
- Use dedicated function to download headers to avoid apply multiple regexps on headers
  - Also try to extract title from meta tags
2020-10-15 11:36:56 +02:00
ArthurHoaro
4cf3564d28 Add a setting to retrieve bookmark metadata asynchrounously
- There is a new standalone script (metadata.js) which requests
    a new controller to get bookmark metadata and fill the form async
  - This feature is enabled with the new setting: general.enable_async_metadata
    (enabled by default)
  - general.retrieve_description is now enabled by default
  - A small rotating loader animation has a been added to bookmark inputs
    when metadata is being retrieved (default template)
  - Custom JS htmlentities has been removed and  mathiasbynens/he
    library is used instead

Fixes #1563
2020-10-15 09:08:46 +02:00
ArthurHoaro
efb7d21b52 Add strict types for bookmarks management
Parameters typing and using strict types overall increase the codebase
quality by enforcing the a given parameter will have the expected type.

It also removes the need to unnecessary unit tests checking methods
behavior with invalid input.
2020-10-13 13:50:11 +02:00
ArthurHoaro
fd1ddad98d Add mutex on datastore I/O operations
To make sure that there is no concurrent operation on the datastore file.

Fixes #1132
2020-10-13 12:38:19 +02:00
ArthurHoaro
458b6b9918
Merge pull request #1540 from ArthurHoaro/fix/metadata-regexes
Improve regex to extract HTML metadata (title, description, etc.)
2020-10-13 12:26:55 +02:00
ArthurHoaro
543b16b4f4
Merge pull request #1525 from ArthurHoaro/feature/rest-api-bookmark-dates
REST API: allow override of creation and update dates
2020-10-13 12:26:01 +02:00
ArthurHoaro
8fabcd0224 Add Markdown Extra formatter
Library: [Parsedown Extra](https://github.com/erusev/parsedown-extra)

Also sort dependencies alphabetically.

Fixes #1169
2020-10-13 12:20:34 +02:00
ArthurHoaro
72fbbcd679 Security: fix multiple XSS vulnerabilities + fix search tags with special chars
XSS vulnerabilities fixed in editlink, linklist, tag.cloud and tag.list.

Also fixed tag search with special characters: urlencode function needs to be applied on raw data, before espaping, otherwise the rendered URL is wrong.
2020-10-06 17:30:18 +02:00
ArthurHoaro
7b18876361
Merge pull request #1575 from ArthurHoaro/feature/php8 2020-10-03 12:59:16 +02:00
ArthurHoaro
ee07b7283f
Merge pull request #1574 from stoeps13/hosting-fix 2020-10-03 12:59:01 +02:00
ArthurHoaro
255b2264a1 Revert unrelated changes and add unit tests 2020-09-30 15:57:57 +02:00
ArthurHoaro
80a3efe116 Fix a bug preventing to edit bookmark with ID #0 2020-09-30 15:31:34 +02:00
Christoph Stoettner
25cb75552b Fix identation 2020-09-30 12:29:54 +02:00
Christoph Stoettner
d8ef4a893f Change to ->container->environment 2020-09-30 12:27:44 +02:00
ArthurHoaro
1ea09a1b8b Fix warning if the encoding retrieved from external headers is invalid
Also fixed the regex to support this failing header: charset="utf-8"\r\n"
2020-09-30 11:11:19 +02:00
ArthurHoaro
ab58f25420 Compatibility with PHP 8 2020-09-29 18:57:22 +02:00
Christoph Stoettner
676571dab9 Workaround for hoster (ionos)
The hoster writes the environment variable with bearer token to
REDIRECT_HTTP_AUTHORIZATION and needs to provide RewriteBase / to
.htaccess
2020-09-29 12:15:04 +02:00
ArthurHoaro
abe033be85 Fix invalid redirection using the path of an external domain
Fixes #1554
2020-09-22 15:37:26 +02:00
ArthurHoaro
5baafe5001
Merge pull request #1559 from ArthurHoaro/fix/edit-redirect
Fix redirection to referer after editing a link
2020-09-22 14:15:13 +02:00
ArthurHoaro
98e7a59ca2
Merge pull request #1539 from ArthurHoaro/feature/manual-root-url 2020-09-22 14:08:54 +02:00
ArthurHoaro
2785d85e0a Fix redirection to referer after editing a link
Fixes #1545
2020-09-22 14:04:10 +02:00
ArthurHoaro
0d930454a2
Merge pull request #1553 from ArthurHoaro/fix/404-page
Properly handle 404 errors
2020-09-12 21:41:58 +02:00
ArthurHoaro
4af591ff3c
Merge pull request #1551 from ArthurHoaro/fix/plugin-save-metadata
Plugins: do not save metadata along plugin parameters
2020-09-12 21:41:24 +02:00
ArthurHoaro
b93cfeba7b Fix subfolder configuration in unit tests 2020-09-12 21:39:01 +02:00
ArthurHoaro
650a5f09cb Add manual configuration for root URL
This new setting under 'general.root_url' allows to override automatic discovery of Shaarli instance's URL.

Fixes #1339
2020-09-12 21:39:01 +02:00
ArthurHoaro
4ff703e369 Plugins: do not save metadata along plugin parameters
Also prevent the token to be saved.

Fixes #1550
2020-09-12 13:29:34 +02:00
ArthurHoaro
d52ab0b1e9 Properly handle 404 errors
Use 404 template instead of default Slim error page if the route is not found.

Fixes #827
2020-09-12 12:42:19 +02:00
ArthurHoaro
6128ab6a55
Merge pull request #1552 from ArthurHoaro/feature/better-initializer 2020-09-12 12:14:18 +02:00
ArthurHoaro
da7acb9830 Improve default bookmarks after install
Used @nodiscc suggestion in #1148 (slightly edited).
It provides a description of what Shaarli does, Markdown rendering demo, and a thumbnail link.

Fixes #1148
2020-09-10 16:29:17 +02:00
ArthurHoaro
e2dff28b44
Merge pull request #1547 from ArthurHoaro/fix/daily-visibility
Fix visibility issue on daily page
2020-09-06 14:16:08 +02:00
ArthurHoaro
949a095310
Merge pull request #1538 from ArthurHoaro/feature/plugins-bookmark-service
Inject BookmarkServiceInterface in plugins data
2020-09-06 14:13:16 +02:00
ArthurHoaro
27ddfec3c3 Fix visibility issue on daily page
This filter (links by day) didn't apply any visibility parameter.

Fixes #1543
2020-09-06 14:11:02 +02:00
ArthurHoaro
2ba51040c7
Merge pull request #1541 from ArthurHoaro/fix/legacy-login-encoding 2020-09-03 18:54:45 +02:00
ArthurHoaro
d33cffdb2e Fix: encoding in legacy route login redirection to post bookmark
When a bookmark is post from a logged out user, he is first redirected to the login page with 'returnurl' containing the link, then redirected again when the login is processed.
We need to reencode the posted URL, otherwise the browser does not handle the fragment as a part of the posted parameter.
2020-09-03 18:46:10 +02:00
ArthurHoaro
2cd0509b50 Improve regex to extract HTML metadata (title, description, etc.)
Also added a bunch of tests to cover more use cases.

Fixes #1375
2020-09-03 17:46:26 +02:00
ArthurHoaro
80b708a878 Inject BookmarkServiceInterface in plugins data
Related discussion: ilesinge/shaarli-related#7
2020-09-03 15:08:08 +02:00
ArthurHoaro
46d3f8162b
Merge pull request #1537 from ArthurHoaro/fix/back-compatible-targets 2020-09-03 14:57:24 +02:00
ArthurHoaro
ce7918386a Improve backward compatibility for LegacyRouter
LegacyRouter is no longer used for routing, only in existing plugins to match the _PAGE_ parameter.
So we change a few of its values there, to match the new ones defined in TemplatePage.

@see discussion in shaarli/Shaarli#1537
2020-09-03 10:09:36 +02:00
ArthurHoaro
9e6371a6fd
Merge pull request #1520 from ArthurHoaro/fix/jp-language 2020-09-03 08:46:47 +02:00
ArthurHoaro
0a286f6946
Merge pull request #1526 from kcaran/links_per_page 2020-09-03 08:45:48 +02:00
ArthurHoaro
2835ac7cbe
Merge pull request #1524 from ArthurHoaro/fix/rss-sticky
Fixed: Pinned bookmarks are displayed first in ATOM/RSS feeds
2020-09-03 08:45:12 +02:00
ArthurHoaro
ca636b898c
Merge pull request #1536 from ArthurHoaro/fix/login-private-shaarli
Fix login loop for private instances
2020-09-03 08:35:18 +02:00
ArthurHoaro
d95624add4
Merge pull request #1534 from ArthurHoaro/fix/legacy-route-post 2020-09-03 08:35:05 +02:00
ArthurHoaro
14fcfb5213 Fix login loop for private instances
GET /login and POST /login have 2 distinct route name.

Fixes #1533
2020-09-01 11:26:24 +02:00
ArthurHoaro
11aa4a7a29 Support redirection of legacy route 'do=configure' 2020-09-01 10:40:35 +02:00
ArthurHoaro
9e2d47e519 Fix legacy redirection when Shaarli instance is under a subfolder 2020-09-01 10:40:18 +02:00
ArthurHoaro
aca995e09c Fix support for legacy route login redirection
Makes sure that the user is properly redirected to the bookmark form after login, even with legacy routes
2020-09-01 10:12:54 +02:00
Keith Carangelo
4479aff18f
Avoid using global variables
Co-authored-by: ArthurHoaro <arthur@hoa.ro>
2020-08-31 09:20:03 -04:00
ArthurHoaro
63b0059ed5 Fix broken route to filter not tagged bookmarks
Also display the filter for visitors.

Fixes #1529
2020-08-31 14:09:27 +02:00
Keith Carangelo
816ffba74b Added $links_per_page variable to template and display on default 2020-08-29 11:02:59 -04:00
ArthurHoaro
b06fc28aa3 REST API: allow override of creation and update dates
Note that if they're not provided, default behaviour will apply:
creation and update dates will be autogenerated, and not empty.

Fixes #1223
2020-08-29 11:45:08 +02:00
ArthurHoaro
a8e210faa6 Fixed: Pinned bookmarks are displayed first in ATOM/RSS feeds
Fixes #1485
2020-08-29 10:06:40 +02:00
ArthurHoaro
ebc027ec0a Japanese translation: add language to admin configuration page
Also use ISO country code (JP) instead of JA.
2020-08-27 15:00:48 +02:00
ArthurHoaro
7e3dc0ba98 Better handling of plugin incompatibility
If a PHP is raised while executing plugin hook, Shaarli will display an error instead of rendering the error page (or just ending in fatal error for default hooks).
Also added phpErrorHandler which is handled differently that regular errorHandler by Slim.:
2020-08-27 12:04:36 +02:00
ArthurHoaro
0c6fdbe12b Move error handling to dedicated controller instead of middleware 2020-08-21 10:50:44 +02:00
ArthurHoaro
bedbb845ee Move all admin controller into a dedicated group
Also handle authentication check in a new middleware for the admin group.
2020-08-13 11:08:13 +02:00
ArthurHoaro
1a68ae5a29 Bookmark's thumbnails PHPDoc improvement 2020-08-01 11:14:03 +02:00
ArthurHoaro
d6e5f04d39 Remove anonymous permission and initialize bookmarks on login 2020-08-01 11:10:57 +02:00
ArthurHoaro
f7f08ceec1 Fix basePath in unit tests reference DB 2020-07-28 22:34:45 +02:00
ArthurHoaro
624123177f Include empty basePath in formatting 2020-07-28 21:09:22 +02:00
ArthurHoaro
301c7ab1a0 Better support for notes permalink 2020-07-28 20:46:11 +02:00
ArthurHoaro
a285668ec4 Fix redirection after post install login 2020-07-27 12:34:17 +02:00
ArthurHoaro
9fbc42294e New basePath: fix officiel plugin paths and vintage template 2020-07-26 14:43:10 +02:00
ArthurHoaro
204035bd3c Fix: visitor are allowed to chose nb of links per page 2020-07-24 12:48:53 +02:00
ArthurHoaro
87ae3c4f08 Fix default link and redirection in install controller 2020-07-24 10:30:47 +02:00
ArthurHoaro
8e9169ceba Update French translation 2020-07-23 21:19:21 +02:00
ArthurHoaro
3ee8351e43 Multiple small fixes 2020-07-23 21:19:21 +02:00
ArthurHoaro
fabff3835d Move PHP and config init to dedicated file
in order to keep index.php as minimal as possible
2020-07-23 21:19:21 +02:00
ArthurHoaro
a8c11451e8 Process login through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro
c4ad3d4f06 Process Shaarli install through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro
1a8ac737e5 Process main page (linklist) through Slim controller
Including a bunch of improvements on the container,
and helper used across new controllers.
2020-07-23 21:19:21 +02:00
ArthurHoaro
6132d64748 Process thumbnail synchronize page through Slim controllers 2020-07-23 21:19:21 +02:00
ArthurHoaro
764d34a7d3 Process token retrieve through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro
1b8620b1ad Process plugins administration page through Slim controllers 2020-07-23 21:19:21 +02:00
ArthurHoaro
78657347c5 Process bookmarks import through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro
c70ff64a61 Process bookmark exports through Slim controllers 2020-07-23 21:19:21 +02:00