Commit graph

560 commits

Author SHA1 Message Date
ArthurHoaro 87ae3c4f08 Fix default link and redirection in install controller 2020-07-24 10:30:47 +02:00
ArthurHoaro 8e9169ceba Update French translation 2020-07-23 21:19:21 +02:00
ArthurHoaro 3ee8351e43 Multiple small fixes 2020-07-23 21:19:21 +02:00
ArthurHoaro fabff3835d Move PHP and config init to dedicated file
in order to keep index.php as minimal as possible
2020-07-23 21:19:21 +02:00
ArthurHoaro a8c11451e8 Process login through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro c4ad3d4f06 Process Shaarli install through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro 1a8ac737e5 Process main page (linklist) through Slim controller
Including a bunch of improvements on the container,
and helper used across new controllers.
2020-07-23 21:19:21 +02:00
ArthurHoaro 6132d64748 Process thumbnail synchronize page through Slim controllers 2020-07-23 21:19:21 +02:00
ArthurHoaro 764d34a7d3 Process token retrieve through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro 1b8620b1ad Process plugins administration page through Slim controllers 2020-07-23 21:19:21 +02:00
ArthurHoaro 78657347c5 Process bookmarks import through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro c70ff64a61 Process bookmark exports through Slim controllers 2020-07-23 21:19:21 +02:00
ArthurHoaro e8a10f312a Use NetscapeBookmarkUtils object instance instead of static calls 2020-07-23 21:19:21 +02:00
ArthurHoaro 3447d888d7 Pin bookmarks through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro 7b8a6f2858 Process change visibility action through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro baa6979194 Improve ManageTagController coverage and error handling 2020-07-23 21:19:21 +02:00
ArthurHoaro 9c75f87793 Use multi-level routes for existing controllers instead of 1 level everywhere
Also prefix most admin routes with /admin/
2020-07-23 21:19:21 +02:00
ArthurHoaro 818b3193ff Explicitly define base and asset path in templates
With the new routes, all pages are not all at the same folder level anymore
(e.g. /shaare and /shaare/123), so we can't just use './' everywhere.
The most consistent way to handle this is to prefix all path with the proper variable,
and handle the actual path in controllers.
2020-07-23 21:19:21 +02:00
ArthurHoaro c22fa57a55 Handle shaare creation/edition/deletion through Slim controllers 2020-07-23 21:19:21 +02:00
ArthurHoaro 8eac2e5488 Process manage tags page through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro 66063ed1a1 Process configure page through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro fdedbfd4a7 Test ShaarliAdminController 2020-07-23 21:19:21 +02:00
ArthurHoaro ef00f9d203 Process password change controller through Slim 2020-07-23 21:19:21 +02:00
ArthurHoaro ba43064ddb Process tools page through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro 2899ebb5b5 Initialize admin Slim controllers
- Reorganize visitor controllers
  - Fix redirection with Slim's requests base path
  - Fix daily links
2020-07-23 21:19:21 +02:00
ArthurHoaro af290059d1 Process session filters through Slim controllers
Including:
  - visibility
  - links per page
  - untagged only
2020-07-23 21:19:21 +02:00
ArthurHoaro 893f5159c6 Process remove tag endpoint through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro 5ec4708ced Process OpenSearch controller through Slim
Also it was missing on the default template feeds
2020-07-23 21:19:21 +02:00
ArthurHoaro 7b2ba6ef82 RSS/ATOM feeds: process through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro f4929b1188 Make FeedBuilder instance creation independant of the request stack 2020-07-23 21:19:21 +02:00
ArthurHoaro c4d5be53c2 Process Daily RSS feed through Slim controller
The daily RSS template has been entirely rewritten to handle the whole feed through the template engine.
2020-07-23 21:19:21 +02:00
ArthurHoaro e3d28be967 Slim daily: minor bugfix with empty data 2020-07-23 21:19:21 +02:00
ArthurHoaro 69e29ff65e Process daily page through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro 60ae241251 Process tag list page through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro 3772298ee7 Few optimizations and code readability for tag cloud controller 2020-07-23 21:19:21 +02:00
ArthurHoaro c79473bd84 Handle tag filtering in the Bookmark service 2020-07-23 21:19:21 +02:00
ArthurHoaro c266a89d0f Process tag cloud page through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro 03340c18ea Slim router: handle add tag route 2020-07-23 21:19:21 +02:00
ArthurHoaro 8e47af2b36 Process logout through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro b0428aa9b0 Migrate cache purge function to a proper class
And update dependencies and tests.

Note that SESSION['tags'] has been removed a log ago
2020-07-23 21:19:21 +02:00
ArthurHoaro 485b168a96 Process picwall rendering through Slim controller + UT 2020-07-23 21:19:21 +02:00
ArthurHoaro bee33239ed Fix all relative link to work with new URL 2020-07-23 21:19:21 +02:00
ArthurHoaro 78c2f122e0
Merge pull request #1428 from pipoprods/feat/ldap-auth 2020-06-25 16:53:18 +02:00
ArthurHoaro 8694e8411b LDAP - Force protocol LDAPv3
On Linux, php-ldap seems to rely on a library which still uses deprecated LDAPv2 as default version,
causing authentication issues.

See: https://stackoverflow.com/a/48238224/1484919
2020-06-25 16:18:25 +02:00
Sébastien NOBILI a69cfe0dd2
Update application/security/LoginManager.php
Co-authored-by: ArthurHoaro <arthur@hoa.ro>
2020-06-03 10:36:04 +02:00
Sébastien NOBILI 9ba6982ea3
Update application/security/LoginManager.php
Co-authored-by: ArthurHoaro <arthur@hoa.ro>
2020-06-03 10:35:41 +02:00
Sébastien NOBILI 21e5df5ee8
Update application/security/LoginManager.php
Co-authored-by: ArthurHoaro <arthur@hoa.ro>
2020-06-03 10:34:32 +02:00
Sébastien NOBILI cc2ded54e1 ldap authentication, fixes shaarli/Shaarli#1343 2020-03-02 17:13:18 +01:00
aguy 424530d9af
Add an exception to method 'whitelist_protocols' for url which started with '#'
This is to allow local link for markdown, actually a local link write with this syntax : '[anchor](#local_link)' produce this html code: http://#local_link
2020-02-28 15:14:22 +00:00
ArthurHoaro 27ceea2aee Rename ci attribute to container 2020-01-26 11:34:29 +01:00
ArthurHoaro 0498b209b5 Execute common plugin hooks before rendering login page 2020-01-26 11:34:14 +01:00
ArthurHoaro 9e4cc28e29 Fix all existing links and redirection to ?do=login 2020-01-26 11:34:14 +01:00
ArthurHoaro 6c50a6ccce Render login page through Slim controller 2020-01-26 11:34:14 +01:00
ArthurHoaro a39acb2518 Fix an issue with private tags and fix nomarkdown tag
The new bookmark service wasn't handling private tags properly.

nomarkdown tag is now shown only for logged in user in bookmarks, and hidden for everyone in tag clouds/lists.

Fixes #726
2020-01-18 11:39:26 +01:00
ArthurHoaro e26e2060f5 Add and update unit test for the new system (Bookmark + Service)
See #1307
2020-01-18 09:56:32 +01:00
ArthurHoaro cf92b4dd15 Apply the new system (Bookmark + Service) to the whole code base
See https://github.com/shaarli/Shaarli/issues/1307
2020-01-18 09:55:59 +01:00
ArthurHoaro 336a28fa4a Introduce Bookmark object and Service layer to retrieve them
See https://github.com/shaarli/Shaarli/issues/1307 for details
2020-01-17 18:42:11 +01:00
ArthurHoaro def39d0dd7 Run Unit Tests against PHP 7.4
Bump PHPUnit version and fix unit test

  - Globals are handled differently and are persistent through tests
  - Tests without assertions are marked as risky: some of them are just
meant to check that no error is raised.
2020-01-17 18:34:37 +01:00
nodiscc 0b631e69d1
thumbnailer: add soundcloud.com to list of common media domains
OpenGraph thumbnails are well supported on soundcloud.com, displaying an album/track/artist cover image
2019-09-21 16:48:24 +00:00
ArthurHoaro 0baa658130 Fix RSS permalink included in Markdown bloc
Adds another line break before inserting RSS permalink to avoid including it in markdown blocs, such as blockquote.
2019-09-12 19:38:37 +02:00
ArthurHoaro 9f9627059a Make sure that bookmark sort is consistent, even with equal timestamps
Fixes #1348
2019-08-07 13:18:02 +02:00
ArthurHoaro 6a4872520c Automatically retrieve description for new bookmarks
If the option is enabled, it will try to find a meta tag containing
the page description and keywords, just like we do for the page title.
It will either look for regular meta tag or OpenGraph ones.

The option is disabled by default.

Note that keywords meta tags is mostly not used.

In `configure` template, the variable associated with this setting
is `$retrieve_description`.

Fixes #1302
2019-07-06 12:21:52 +02:00
ArthurHoaro c3a04e328f
Merge pull request #1273 from ArthurHoaro/feature/ban-manager
Rewrite IP ban management
2019-05-25 16:13:56 +02:00
ArthurHoaro 786f35f270
Merge pull request #1276 from ArthurHoaro/feature/bulk-visibility
Bulk action: set visibility
2019-04-22 12:31:09 +02:00
ArthurHoaro 90e048594a
Merge pull request #1272 from ArthurHoaro/feature/html-lang
Accessibility: specify the HTML lang attribute
2019-03-02 10:54:30 +01:00
ArthurHoaro cc69aad4a9
Merge pull request #1271 from ArthurHoaro/hotfix/thumb-note-retrieve
Do not try to retrieve thumbnails for internal link
2019-03-02 10:54:06 +01:00
ArthurHoaro a8e7da0114 Do not try to retrieve thumbnails for internal link
Also adds a helper function to determine if a link is a note and apply it across multiple files.
2019-02-24 12:25:50 +01:00
ArthurHoaro c21dcc8199
Merge pull request #1270 from ArthurHoaro/hotfix/sticky-warning
Fix a warning if links sticky status isn't set
2019-02-24 11:30:35 +01:00
ArthurHoaro 015314f3c6
Merge pull request #1269 from ArthurHoaro/feature/remove-redirector
Remove the redirector setting
2019-02-24 11:29:56 +01:00
ArthurHoaro 8d03f705eb Bulk action: set visibility
Added 2 buttons when link checkboxes are checked to set them either public or private.

Related to #572 #1160
2019-02-09 17:59:53 +01:00
ArthurHoaro b49a04f796 Rewrite IP ban management
This adds a dedicated manager class to handle all ban interactions, which is instantiated and handled by LoginManager.
IPs are now stored in the same format as the datastore, through FileUtils.

Fixes #1032 #587
2019-02-09 16:44:48 +01:00
ArthurHoaro cb974e4747 Accessibility: specify the HTML lang attribute
The lang is based on the user defined one. If the language is automatic, no language will be specified.

Fixes #1216
2019-02-09 14:29:35 +01:00
ArthurHoaro b790f900c9 Fix a warning if links sticky status isn't set
- initiate its status to false when the link is created
  - if not defined, initiate its status to false (can happen if the updater hasn't run)
2019-02-09 14:04:16 +01:00
ArthurHoaro 520d29578c Remove the redirector setting
Fixes #1239
2019-02-09 13:55:11 +01:00
ArthurHoaro 5bd62b5d53 Fix thumbnails disabling if PHP GD is not installed 2019-02-09 13:05:37 +01:00
ArthurHoaro 905f8675a7
Merge pull request #1182 from ArthurHoaro/feature/session-protection-stay-login
Do not check the IP address with session protection disabled
2019-02-09 12:36:31 +01:00
VirtualTam dea72c711f Optimize and cleanup imports
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2019-01-13 00:04:42 +01:00
VirtualTam e185038834 namespacing: \Shaarli\Plugin\PluginManager
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2019-01-12 23:11:19 +01:00
VirtualTam 349b014401 namespacing: \Shaarli\Netscape\NetscapeBookmarkUtils
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2019-01-12 23:11:19 +01:00
VirtualTam a932f486f2 namespacing: \Shaarli\Router
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2019-01-12 23:11:19 +01:00
VirtualTam 9778a1551c namespacing: \Shaarli\ApplicationUtils
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2019-01-12 23:11:19 +01:00
VirtualTam bcf056c9d9 namespacing: \Shaarli\Updater
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2019-01-12 23:11:19 +01:00
VirtualTam fe3713d2e5 namespacing: move LinkUtils along \Shaarli\Bookmark classes
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2019-01-12 22:47:48 +01:00
VirtualTam 6696729b88 namespacing: \Shaarli\Bookmark\LinkFilter
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2019-01-12 22:47:48 +01:00
VirtualTam f24896b237 namespacing: \Shaarli\Bookmark\LinkDB
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2019-01-12 22:47:48 +01:00
VirtualTam a0c4dbd91c namespacing: \Shaarli\FileUtils
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2019-01-12 22:47:48 +01:00
VirtualTam 8c0f19c797 namespacing: \Shaarli\Render\{PageBuilder,ThemeUtils}
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2019-01-12 22:47:48 +01:00
VirtualTam 51753e403f namespacing: move HTTP utilities along \Shaarli\Http\ classes
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2019-01-12 22:47:48 +01:00
VirtualTam fb1b182fbf namespacing: \Shaarli\Http\Url
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2019-01-12 22:47:48 +01:00
VirtualTam 00af48d9d2 namespacing: \Shaarli\Http\Base64Url
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2019-01-12 22:47:48 +01:00
VirtualTam dfc650aa23 namespacing: \Shaarli\Feed\{Cache,CachedPage,FeedBuilder}
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2019-01-12 22:47:48 +01:00
VirtualTam f3d2f25794 namespacing: \Shaarli\Exceptions\IOException
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2019-01-12 22:47:48 +01:00
VirtualTam bdc5152d48 namespacing: \Shaarli\History
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2019-01-12 22:47:48 +01:00
VirtualTam 9d9f6d75b9 lint: fix line-length warnings
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-12-02 22:39:16 +01:00
VirtualTam f211e417bf lint: apply phpcbf to application/
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-12-02 22:39:16 +01:00
ArthurHoaro e95247d41d
Merge pull request #1205 from ArthurHoaro/feature/opengraph
Add OpenGraph meta tags on permalink page
2018-10-06 13:31:07 +02:00
ArthurHoaro 4154c25b5f Add a button to set links as sticky
Meaning that they always appear on top of all links

Fixes #186
2018-10-06 12:55:05 +02:00
ArthurHoaro a120fb2977 Add OpenGraph meta tags on permalink page
Includes:
  - og:title
  - og:type -> article
  - og:image -> if there is a thumbnail
  - og:url -> permalink
  - og:description -> first 300 chars of raw description
  - article:published_time
  - article:modified_time
  - article:tag -> one OG meta tag for each shaare tag

Fixes #258
2018-08-13 10:55:48 +02:00
ArthurHoaro b5c368b858 Fix issue 'You are not authorized to add a link' with thumbnails enabled
Do not try to alter the datastore by updating thumbnails if the user isn't logged in.

Also, do not enable thumbnails if PHP GD extension is not installed/loaded
2018-08-10 17:09:51 +02:00
ArthurHoaro ad5f47adba
Merge pull request #687 from ArthurHoaro/web-thumb
Use web-thumbnailer to retrieve thumbnails
2018-07-28 09:41:29 +02:00
ArthurHoaro d9ba1cdd44 Do not check the IP address with session protection disabled
This allows the user to stay logged in if his IP changes.

Fixes #1106
2018-07-17 14:13:37 +02:00
ArthurHoaro 7b4fea0e39 Bunch of improvement for thumbnails integration:
- add a default thumb size value (125x90px)
  - improve private vertical bar visual, especially with thumbnails
  - translations
  - add a sync thumbs button in tool and empty picwall page
  - fixes WT download mode in JSON config
2018-07-17 13:16:50 +02:00
ArthurHoaro b302b3c584 Thumbnails: add a common mode to only retrieve thumbs from popular media websites 2018-07-05 20:34:22 +02:00
ArthurHoaro 28f2652460 Add a page to update all thumbnails through AJAX requests in both templates 2018-07-05 20:34:22 +02:00
ArthurHoaro 787faa42f3 Take code review into account
Upgrade web-thumbnailer and display thumbs right after download
2018-07-05 20:34:22 +02:00
ArthurHoaro e85b7a05a1 Update thumbnail integration after rebasing the branch 2018-07-05 20:31:35 +02:00
ArthurHoaro a3724717ec ConfigManager: add a method to remove an entry 2018-07-05 20:31:35 +02:00
ArthurHoaro 1b93137e16 Use web-thumbnailer to retrieve thumbnails
* requires PHP 5.6
  * use blazy on linklist since a lot more thumbs are retrieved
  * thumbnails can be disabled
  * thumbs size is now 120x120
  * thumbs are now cropped to fit the expected size

Fixes #345 #425 #487 #543 #588 #590
2018-07-05 20:31:35 +02:00
ArthurHoaro d3f42ca487 Implements Tags endpoints for Shaarli's REST API
Endpoints:

 * List All Tags [GET]
 * Get a tag [GET]
 * Update a tag [PUT]
 * Delete a tag [DELETE]

Fixes #904
References shaarli/api-documentation#34
2018-06-04 18:51:22 +02:00
ArthurHoaro 17e45b2e9c
Merge pull request #1143 from ArthurHoaro/sort-equal-tags
Fix order of tags with the same number of occurrences
2018-06-04 18:34:50 +02:00
VirtualTam 8edd7f1588 SessionManager+LoginManager: fix checkLoginState logic
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-06-02 16:46:06 +02:00
VirtualTam 704637bfeb Add test coverage for LoginManager methods
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-06-02 16:46:26 +02:00
VirtualTam ebf6151738 SessionManager: remove unused UID token
There already are dedicated tokens for:
- CSRF protection
- user stay-signed-in feature, via cookie

This token was most likely intended as a randomly generated,
server-side, secret key to be used when generating hashes.

See http://sebsauvage.net/wiki/doku.php?id=php:session [FR]

Relevant section:

  Une clé secrète unique aléatoire est générée côté serveur (et jamais
  envoyée). Elle peut servir pour signer les formulaires (HMAC) ou
  générer des token de formulaires (protection contre XSRF).
  Voir $_SESSION['uid'].

Translation:

  A unique, server-side secret key is randomly generated (and never
  transmitted). It can be used to sign forms (HMAC) or generate form
  tokens (protection against XSRF).
  See $_SESSION['uid']

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-06-02 16:46:06 +02:00
VirtualTam c689e10863 Refactor LoginManager stay-signed-in token management
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-06-02 16:46:06 +02:00
VirtualTam 51f0128cdb Refactor session and cookie timeout control
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-06-02 16:46:06 +02:00
VirtualTam fab87c2696 Move LoginManager and SessionManager to the Security namespace
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-06-02 16:46:06 +02:00
VirtualTam 68dcaccfa4 LoginManager: remove unused parameter
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-06-02 16:46:06 +02:00
VirtualTam 89ccc83ba4 Login: update PageBuilder and default/vintage templates
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-06-02 16:46:06 +02:00
VirtualTam 8474208474 Pass the client IP ID to LoginManager
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-06-02 16:46:06 +02:00
VirtualTam c7721487b2 Delegate session operations to SessionManager
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-06-02 16:45:54 +02:00
VirtualTam 1b28c66cc7 Document LoginManager properties
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-05-29 22:53:54 +02:00
VirtualTam 63ea23c2a6 Refactor user credential validation at login time
Changed:
- move login/password verification to LoginManager
- code cleanup

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-05-29 22:53:54 +02:00
VirtualTam 49f1832316 Refactor PHP session handling during login/logout
Changed:
- move $_SESSION handling to SessionManager
- code cleanup

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-05-29 22:53:54 +02:00
VirtualTam db45a36a53 Refactor SessionManager::$INACTIVITY_TIMEOUT
Changed:
- move INACTIVITY_TIMEOUT to SessionManager
- inject a dependency to a SessionManager instance in:
  - fillSessionInfo()
  - setup_login_state()
  - check_auth()
- cleanup related code and comments

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-05-29 22:53:54 +02:00
VirtualTam 88110550b8 Refactor client session hijacking protection
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-05-29 22:53:54 +02:00
ArthurHoaro f8c5660df8 Tag sort - UT + comment + fix filter and visibility
Before this, linksCountPerTag call without would have ignored visibility parameter
2018-05-29 20:52:30 +02:00
ArthurHoaro f28396a2f8 Fix order of tags with the same number of occurrences
Fixes #1142
2018-05-19 15:47:55 +02:00
ArthurHoaro a1b727efb7 Support redirection in cURL download callback 2018-05-01 16:44:51 +02:00
Buster One 7ca124079e German language created (#1114)
* Added german language selection

* German language file created

* typo

* extra space removed and typo corrected

* lines 1314 through 1408 removed as suggested
2018-04-15 14:53:09 +02:00
ArthurHoaro 9b2bd66fb6
Merge pull request #1093 from ArthurHoaro/feature/theme-translation
Load theme translations files automatically
2018-03-26 20:26:10 +02:00
ArthurHoaro 68c6afc56f Load theme translations files automatically
Fixes #1077

Take a look at the docs update to see how it works
2018-03-26 19:20:25 +02:00
ArthurHoaro 4294bc7b98
Merge pull request #1096 from ArthurHoaro/feature/download-params
Make max download size and timeout configurable
2018-03-13 18:02:49 +01:00
ArthurHoaro 4ff3ed1c47 Make max download size and timeout configurable
Fixes #1061
2018-03-07 23:03:21 +01:00
ArthurHoaro d2d4f993e1 PSR: use elseif instead of else if
See https://www.php-fig.org/psr/psr-2/\#51-if-elseif-else
2018-02-28 22:34:40 +01:00
ArthurHoaro bc4a0a672c
Merge pull request #1092 from ArthurHoaro/fix/scuttle-doctype-case
Ignore the case while checking DOCTYPE during the file import
2018-02-24 13:29:11 +01:00
ArthurHoaro 980efd6cf8 Use a specific page title in all pages
Also fixed a few French translation issues

Fixes #954 #955
2018-02-24 12:48:49 +01:00
ArthurHoaro 3ff1ce47bc Ignore the case while checking DOCTYPE during the file import
Fixes #1091
2018-02-23 20:34:06 +01:00
VirtualTam 44acf70681 Refactor login / ban authentication steps
Relates to https://github.com/shaarli/Shaarli/issues/324

Added:
- Add the `LoginManager` class to manage logins and bans

Changed:
- Refactor IP ban management
- Simplify logic
- Avoid using globals, inject dependencies

Fixed:
- Use `ban_duration` instead of `ban_after` when setting a new ban

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-02-05 18:12:09 +01:00
ArthurHoaro bc3ce7ec2a
Merge pull request #1038 from ArthurHoaro/feature/public-only-filter
Add a filter to only display public links
2018-02-02 19:22:37 +01:00
ArthurHoaro 28df9fa4f7 INTL_IDNA_VARIANT_2003 is deprecated
See https://wiki.php.net/rfc/deprecate-and-remove-intl_idna_variant_2003
2018-02-02 19:15:47 +01:00
ArthurHoaro b7c412d4d0 Use LC_COLLATE instead of LC_MESSAGES if php-intl is not installed
As stated in the docs:

> LC_MESSAGES for system responses (available if PHP was compiled with libintl)

Fixes #1067
2018-01-31 12:39:17 +01:00
ArthurHoaro cb4ddbe4e7 Fix warnings when upgrading from legacy SebSauvage version
Fixes #1040
2018-01-25 19:55:31 +01:00
ArthurHoaro d2f6d909e5 Public/private filter: use two separate buttons
#1038
2018-01-24 18:46:31 +01:00
ArthurHoaro d449f79a0d
Merge pull request #977 from ArthurHoaro/feature/dl-filter
Extract the title/charset during page download, and check content type
2018-01-23 18:41:38 +01:00
ArthurHoaro 9d4736a3e9 Add a filter to only display public links
When the key filter is clicked once, it only displays private link. When it is clicked on again, it becomes red and only public links are displayed. Another click and all links are displayed. The current visibility status is shown in the search banner

Fixes #1030
2017-12-16 14:32:56 +01:00
ArthurHoaro 101b935de4
Merge pull request #1025 from ArthurHoaro/hotfix/proxy-443
Force HTTPS if the original port is 443 behind a reverse proxy
2017-12-03 12:46:43 +01:00
ArthurHoaro 8e9fc6f6e6 Force HTTPS if the original port is 443 behind a reverse proxy
Fixes #1022
2017-12-02 15:24:35 +01:00
ArthurHoaro 877491b4ad
Merge pull request #1020 from ArthurHoaro/feature/curl-chunk
Increase buffer size for cURL download
2017-11-26 11:34:44 +01:00
VirtualTam d9514becc4
Merge pull request #1016 from virtualtam/refactor/session
Improve SessionManager constructor and tests
2017-11-24 23:53:15 +01:00
ArthurHoaro 270da70532 Return true after update ReorderDatastore to complete it 2017-11-11 16:51:10 +01:00
ArthurHoaro 91c807d275 Increase buffer size for cURL download
1kB chunk size has caused me a lot of trouble with Travis which wasn't completing the download
2017-11-11 16:49:57 +01:00
VirtualTam dd883aaf09 Improve SessionManager constructor and tests
Relates to https://github.com/shaarli/Shaarli/pull/1005

Changed:
- pass a copy of the ConfigManager instance instead of a reference
- move FakeConfigManager to a dedicated file
- update tests

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2017-11-08 20:26:03 +01:00
ArthurHoaro fd08b50a80 Don't URL encode description links if parameter 'redirector.encode_url' is set to false 2017-11-07 20:23:58 +01:00
ArthurHoaro d65342e304 Extract the title/charset during page download, and check content type
Use CURLOPT_WRITEFUNCTION to check the response code and content type (only allow HTML).
Also extract the title and charset during downloading chunk of data, and stop it when everything has been extracted.

Closes #579
2017-10-28 14:35:49 +02:00
ArthurHoaro 0926d26390
Merge pull request #962 from ArthurHoaro/feature/perfs2
Performances: reorder links when they're written instead of read
2017-10-28 12:44:44 +02:00
VirtualTam fd7d84616d Move session ID check to SessionManager
Relates to https://github.com/shaarli/Shaarli/issues/324

Changed:
- `is_session_id_valid()` -> `SessionManager::checkId()`
- update tests

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2017-10-22 19:54:44 +02:00
VirtualTam ebd650c06c Refactor session token management
Relates to https://github.com/shaarli/Shaarli/issues/324

Added:
- `SessionManager` class to group session-related features
- unit tests

Changed:
- `getToken()` -> `SessionManager->generateToken()`
- `tokenOk()` -> `SessionManager->checkToken()`
- inject a `$token` parameter to `PageBuilder`'s constructor

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2017-10-22 19:19:46 +02:00
ArthurHoaro 6a65bc5798 Translations : Working demo example of translation extension 2017-10-22 13:16:56 +02:00
ArthurHoaro f39580c6fd Add language selection in the configure page of the default theme 2017-10-22 13:16:53 +02:00
ArthurHoaro 12266213d0 Shaarli's translation
* translation system and unit tests
 * Translations everywhere

Dont use translation merge

It is not available with PHP builtin gettext, so it would have lead to inconsistency.
2017-10-22 12:55:03 +02:00
ArthurHoaro 66e74d50d3 Don't write History for link import
With large imports it has a large impact on performances and isn't really useful.

Instead, write an IMPORT event, which let client using the history service resync its DB.

-> 15k link import done in 6 seconds.

Fixes #985
2017-10-07 16:40:16 +02:00
VirtualTam c8d96b4729 Merge pull request #979 from ArthurHoaro/feature/assets-cache-version
Add a version hash for asset loading to prevent browser's cache issue
2017-10-06 14:32:07 +02:00
Mark Gerarts 722caa2090 Allow setting of a default note title, see #963 2017-10-01 14:19:57 +02:00
ArthurHoaro b3e1f92e9c Rename shaarli_version constant to uppercase 2017-10-01 11:11:16 +02:00
ArthurHoaro bfe4f536bb Add a version hash for asset loading to prevent browser's cache issue
The hash is generated using the same salt as the one used for credentials (1 salt per instance)  in order to avoid exposing the instance version.

Fixes #965
2017-10-01 11:10:37 +02:00
ArthurHoaro 3512f44617 Merge pull request #976 from ArthurHoaro/hotfix/url-parentheses
Fix parsing for description links with parentheses
2017-09-30 14:25:53 +02:00
VirtualTam 7c670b39a2 Merge pull request #975 from virtualtam/robustness
Improve robustness for zlib and file operations
2017-09-30 10:56:56 +02:00
ArthurHoaro 601faf9751 Fix parsing for description links with parentheses
With markdown plugin disabled

relates to #966
2017-09-29 18:52:38 +02:00
ArthurHoaro a59bbf50d7 Merge pull request #947 from thewilli/wildcardsearch
wildcard tag search support
2017-09-29 18:38:02 +02:00
VirtualTam 8c322aaba1 Robustness: safer gzinflate/zlib usage
Relates to https://github.com/shaarli/Shaarli/pull/846

PHP's `gzinflate()` fails with an error when being passed an empty string

See:
- https://bugs.php.net/bug.php?id=71395

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2017-09-28 21:59:36 +02:00
VirtualTam e4325b1517 Robustness: safer RainTPL directory handling
Relates to https://github.com/shaarli/Shaarli/issues/845
Relates to https://github.com/shaarli/Shaarli/issues/846
Relates to https://github.com/shaarli/Shaarli/pull/909

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2017-09-28 21:57:20 +02:00
Willi Eggeling 27e21231e1 added option to redirect all anonymous users to login page
- new setting *force_login* added and documented
- if both, *force_login* and *hide_public_links* are set to true, all requests
  (except for the feeds) are redirected to the login page
2017-09-03 11:46:49 +02:00
ArthurHoaro 9ec0a61156 Performances: reorder links when they're written instead of read
relates to #891
2017-09-02 15:10:44 +02:00
ArthurHoaro 96a1c79456 Merge pull request #939 from ArthurHoaro/hotfix/firefox-social-title
Firefox Social title: Use document.title instead of RainTPL variable
2017-09-02 13:54:38 +02:00
ArthurHoaro a3130d2c2f Make work behind a reverse proxy
Without HTTP_X_FORWARDED_PORT check,  might be set to false even though the user is using HTTPS, thus disabling Firefox Social block display
2017-09-02 13:50:49 +02:00
Willi Eggeling 341527bae9 wildcard tag search support
- when searching for tags you can now include '*' as wildcard placeholder
- new search reduces overall overhead when filtering for tags
- fixed combination with description tag search ('#' prefix)
- tests added
2017-08-30 13:20:22 +02:00
VirtualTam e4ed3a46b7 Merge pull request #944 from thewilli/configure-rememberme
new setting: default value for 'remember me' checkbox
2017-08-27 16:36:53 +02:00
Willi Eggeling 2e07e77573 new setting: default value for 'remember me' checkbox
- the default state for the login page's 'remember me' checkbox can now be configured
- adapted the default and vintage theme to consider the new setting
- added documentation for the new setting
2017-08-27 16:03:37 +02:00
Willi Eggeling cc8f572bc0 migrated Github wiki links to readthedocs 2017-08-26 09:40:57 +02:00
ArthurHoaro 1fdb40fc16 Merge pull request #887 from ArthurHoaro/hotfix/dash-tag-rename
Make sure that the tag exists before altering/removing it
2017-08-05 09:59:03 +02:00
ArthurHoaro 3b67b22225 Move tag renaming code to LinkDB and unit test it 2017-08-05 09:55:20 +02:00
VirtualTam f09e1e318e Merge pull request #889 from Lucas-C/master
Using only one form in linklist.html - fix #885
2017-08-03 16:27:59 +02:00
Lucas Cimon f210d94f71 Using only one form in linklist.html + adding untaggedonly filter - fix #885 2017-07-30 16:19:34 +02:00
Stephen Muth b80315e238 Respect HTTP_X_FORWARDED_HOST
alongside _PORT and _PROTO
Fixes #879
2017-07-08 00:01:03 +00:00
ArthurHoaro ac94db1e36 Merge pull request #880 from ArthurHoaro/hotfix/allowed-protocols
Add a whitelist of protocols for URLs
2017-05-31 17:52:19 +02:00
ArthurHoaro 3e395a6bc6 Merge pull request #841 from ArthurHoaro/feature/search-no-tag
Empty tag search will look for not tagged links
2017-05-25 15:54:20 +02:00
ArthurHoaro 7d86f40bdb Empty tag search will look for not tagged links
Fixes #784

From now, searching for tags with an empty value will return only not tagged links,
with the search bar showing `x results [not tagged]`.

Note that using the api, the searchtags request parameter must be set to `false` to get the same result.

  - [ ] Update API doc
2017-05-25 15:51:12 +02:00
ArthurHoaro aa4797ba36 Adds a taglist view with edit/delete buttons
* The tag list can be sort alphabetically or by most used tag
  * Edit/Delete are perform using AJAX, or fallback to 'do=changetag' page
  * New features aren't backported to vintage theme
2017-05-25 15:25:04 +02:00
ArthurHoaro 986a521067 Add an endpoint to refresh the token
Useful for AJAX requests which burns the token
2017-05-25 15:05:23 +02:00
ArthurHoaro 86ceea054f Add a whitelist of protocols for URLs
- for Shaare
 - for markdown description links and images

Not whitelisted protocols will be replaced by `http://`
2017-05-25 14:58:34 +02:00
Lucas Cimon 6ccd0b218f Adding ability to display subtags in tagcloud 2017-05-24 13:09:35 +02:00
ArthurHoaro 845810a8d3 Use the new 'default' theme... as default
Fixes #866
2017-05-09 18:22:31 +02:00
ArthurHoaro a9fe41a818 Merge pull request #862 from ArthurHoaro/theme/tags-everywhere
Inject tag list everywhere to make autocomplete work on the fixed search bar
2017-05-07 18:39:25 +02:00
ArthurHoaro 3108f2a800 Merge pull request #861 from ArthurHoaro/hotfix/import-shorturl-override
Fix a bug happening when importing links with override option
2017-05-07 18:38:55 +02:00
ArthurHoaro 73c8962654 Inject tag list everywhere to make autocomplete work on the fixed search bar 2017-05-07 18:21:38 +02:00
ArthurHoaro 28794b69cb Fix a bug happening when importing links with override option
The shorturl would be set to null, generating a lot of warnings and breaking permalinks
2017-05-07 18:02:49 +02:00
ArthurHoaro 6bc90f50af History: fix entries order 2017-05-07 17:11:25 +02:00
ArthurHoaro 57ce6dae5d Reset the history file due to datetime format change 2017-05-07 17:11:25 +02:00
ArthurHoaro 813849e521 Add history entries for API endpoint
CHANGED: datetime is now store as an object in history store file
2017-05-07 17:11:22 +02:00
ArthurHoaro 61d406933e API: Get History endpoint
See http://shaarli.github.io/api-documentation/#links-history-get
2017-05-07 16:03:40 +02:00