ArthurHoaro
fe83d45c46
Fix #773 : set Piwik URL protocol
2017-03-11 13:27:02 +01:00
ArthurHoaro
87e9631e4a
Fix namespace issue
2017-03-10 18:49:53 +01:00
ArthurHoaro
48417aed1d
Link imports are now logged in data/
folder, and can be debug using dev.debug=true
setting
...
related to #741 and #681
2017-03-10 18:46:53 +01:00
ArthurHoaro
5ba55f0cf2
Move config exception to dedicated classes with proper namespace
2017-03-09 19:16:42 +01:00
ArthurHoaro
e6cd773f5a
Fix blocking namespace issue
2017-03-08 20:00:21 +01:00
ArthurHoaro
03b9cb600a
Fix autoLocale error and cover it with unit tests
2017-03-07 19:27:17 +01:00
ArthurHoaro
52b503105d
Improve datetime display
...
Use php-intl extension to display datetimes a bit more nicely, depending on the locale.
What changes:
* the day is no longer displayed
* day number and month are ordered according to the locale
* the timezone is more readable (UTC+1 instead of CET)
2017-03-06 21:11:12 +01:00
ArthurHoaro
1255a42cfe
Improve autoLocale() detection
...
- Creates arrays_combination function to cover all cases
- add the underscore separator in the regex
- add `utf8` encoding in addition to `UTF-8`
2017-03-06 20:32:17 +01:00
VirtualTam
3c66e56435
application: introduce the Shaarli\Config namespace
...
Namespaces have been introduced with the REST API, and should be generalized
to the whole codebase to manage object scope and benefit from autoloading.
See:
- https://secure.php.net/manual/en/language.namespaces.php
- http://www.php-fig.org/psr/psr-4/
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2017-03-04 17:07:52 +01:00
ArthurHoaro
e037610115
Add markdown_escape setting
...
This setting allows to escape HTML in markdown rendering or not.
The goal behind it is to avoid XSS issue in shared instances.
More info:
* the setting is set to true by default
* it is set to false for anyone who already have the plugin enabled
(avoid breaking existing entries)
* improve the HTML sanitization when the setting is set to false - but don't consider it XSS proof
* mention the setting in the plugin README
2017-02-28 19:16:54 +01:00
ArthurHoaro
7dcbfde5ff
Set the vintage theme by default for the time being
2017-02-27 20:20:53 +01:00
ArthurHoaro
16e3d006e9
REST API: implements getLink by ID service
...
See http://shaarli.github.io/api-documentation/#links-link-get
2017-02-19 16:45:59 +01:00
ArthurHoaro
65e56cbe49
Merge pull request #769 from ArthurHoaro/api/getlinks-visibility
...
REST API - getLinks: support the visibility parameter
2017-02-13 08:41:12 +01:00
ArthurHoaro
c03455af11
Fixes #775 : LinkDB do not access LinkDB before ID system migration
...
To access LinkDB items with its ArrayAccess implementation, the IDs must be consistent, which isn't the case before `updateMethodDatastoreIds()` execution. v0.6.4 method `updateMethodRenameDashTags()` was accessing it, so an upgrade <0.6.4 to >0.8.x was failing.
This just move the minor update `RenameDashTags` after the IDs update.
2017-02-04 12:01:48 +01:00
ArthurHoaro
c37a6f820b
REST API - getLinks: support the visibility parameter
2017-01-17 18:53:18 +01:00
ArthurHoaro
7f96d9ec21
Update LinkFilter to be able to filter only public links
...
No update regarding the UI or the API for now
Fixes #758
2017-01-16 13:57:11 +01:00
ArthurHoaro
9977c418d6
Merge pull request #727 from ArthurHoaro/api/getlinks
...
REST API: implement getLinks service
2017-01-15 16:49:50 +01:00
ArthurHoaro
c3b00963fe
REST API: implement getLinks service
...
See http://shaarli.github.io/api-documentation/#links-links-collection-get
2017-01-15 13:55:22 +01:00
VirtualTam
63ef549749
API: expect JWT in the Authorization header
...
Relates to https://github.com/shaarli/Shaarli/pull/731
Added:
- require the presence of the 'Authorization' header
Changed:
- use the HTTP Bearer Token authorization schema
See:
- https://jwt.io/introduction/#how-do-json-web-tokens-work-
- https://tools.ietf.org/html/rfc6750
- http://security.stackexchange.com/q/108662
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2017-01-15 13:41:04 +01:00
ArthurHoaro
7282418baa
Move user.css to data folder
2017-01-14 16:43:32 +01:00
VirtualTam
ee6f4b64a9
Cleanup: use safe boolean comparisons
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2017-01-07 14:37:40 +01:00
Arthur
7418f7cb60
Merge pull request #732 from ArthurHoaro/feature/theme-manager
...
Theme manager: improvements
2017-01-06 11:40:54 +01:00
VirtualTam
93b1fe54fb
Cleanup: explicit method visibility
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2017-01-05 19:52:04 +01:00
VirtualTam
724f1e3229
Cleanup: remove unused variables
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2017-01-05 19:51:50 +01:00
ArthurHoaro
04a0e8ea34
Updater: keep custom theme preference with the new theme setting
2017-01-05 16:16:27 +01:00
ArthurHoaro
a0df06517b
Minor improvements regarding #705 (coding style, unit tests, etc.)
2017-01-05 16:16:23 +01:00
adc4aee80f
Change templates set through administration UI
2017-01-05 12:04:02 +01:00
VirtualTam
7a9daac56d
API: fix JWT signature verification
...
Fixes https://github.com/shaarli/Shaarli/issues/737
Added:
- Base64Url utilities
Fixed:
- use URL-safe Base64 encoding/decoding functions
- use byte representations for HMAC digests
- all JWT parts are Base64Url-encoded
See:
- https://en.wikipedia.org/wiki/JSON_Web_Token
- https://tools.ietf.org/html/rfc7519
- https://scotch.io/tutorials/the-anatomy-of-a-json-web-token
- https://jwt.io/introduction/
- https://en.wikipedia.org/wiki/Base64#URL_applications
- https://secure.php.net/manual/en/function.base64-encode.php#103849
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2017-01-04 16:59:47 +01:00
Arthur
fc11ab2f29
Merge pull request #682 from ArthurHoaro/delete-button
...
Bugfixes on link deletion, and use a GET form
2017-01-04 16:35:29 +01:00
Arthur
061f04fba0
Merge pull request #733 from ArthurHoaro/hotfix/reverse-proxy-port
...
Hide default ports in local URL behind a reverse proxy
2017-01-04 16:34:06 +01:00
VirtualTam
eaf2524887
URL cleanup: add 'campaign_' to the annoying parameters
...
Closes https://github.com/shaarli/Shaarli/issues/735
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2017-01-04 11:42:05 +01:00
ArthurHoaro
8e4be77368
Hide default port in local URL behind a reverse proxy
2017-01-03 14:17:05 +01:00
ArthurHoaro
b3051a6aae
Fixes presence of empty tags for private tags and in search results
...
* Private tags: make sure empty tags are properly filtered
* Search results:
* Use preg_split instead of function combination
* Add normalize_spaces to remove extra whitespaces displaying empty tags search
2017-01-03 09:47:15 +01:00
ArthurHoaro
db90dfcbbc
Move PubSubHubbub code as a default plugin
2016-12-20 11:41:24 +01:00
ArthurHoaro
f4ebd5fed2
Bugfixes on link deletion, and use a GET form
...
Use a GET form to delete links: harmonize with edit_link and preparation for #585
Bug fixes:
* LinkDB element can't be passed as reference, fix error:
PHP Notice: Indirect modification of overloaded element of LinkDB has no effect
* Resource cache folder setting wasn't set correctly
2016-12-16 12:42:13 +01:00
ArthurHoaro
18e6796726
REST API structure using Slim framework
...
* REST API routes are handle by Slim.
* Every API controller go through ApiMiddleware which handles security.
* First service implemented `/info`, for tests purpose.
2016-12-15 10:36:00 +01:00
ArthurHoaro
cbfdcff261
Prepare settings for the API in the admin page and during the install
...
API settings:
- api.enabled
- api.secret
The API settings will be initialized (and the secret generated) with an update method.
2016-12-12 03:54:10 +01:00
ArthurHoaro
d592daea83
Add a persistent 'shorturl' key to all links
...
All existing link will keep their permalinks.
New links will have smallhash generated with date+id.
The purpose of this is to avoid collision between links due to their creation date.
2016-12-12 03:03:12 +01:00
ArthurHoaro
01878a75b9
Apply the new ID system accros the whole codebase
2016-12-12 03:03:12 +01:00
ArthurHoaro
1dc37f9cf8
Update method to use the new ID system, which replaces linkdate primary keys.
...
creation and update dates are now DateTime objects.
Since this update is very sensitve (changing the whole database), the datastore will be automatically backed up into the file datastore.<datetime>.php.
2016-12-12 03:02:01 +01:00
ArthurHoaro
29d108820f
Link ID refactoring
...
Links now use an incremental unique numeric identifier.
This ID is persistent and must never change.
ArrayAccess is used to match the link ID with the array keys (see the comment in LinkDB for more details)
Key 'created' added, with creation date as a DateTime object. 'updated' is now also a DateTime.
2016-12-12 03:02:01 +01:00
ArthurHoaro
5ebc1d504b
.htaccess files: support Apache 2.4+ syntax
...
If `mod_version` is enabled, the previous syntax will apply for Apache <2.4.
If not, the new syntax is used by default.
Fixes #676
`mod_version` identifier is `version_module` across all Apache versions. See:
* https://httpd.apache.org/docs/current/mod/mod_version.html
* https://httpd.apache.org/docs/2.2/mod/mod_version.html
* https://serverfault.com/questions/733910/how-do-i-load-mod-version-only-if-it-isnt-built-in-to-apache
Note that version_module comes built-in with Debian (and derivatives) Apache2 packages, see https://wiki.debian.org/Apache/PackagingFor24
2016-11-08 11:38:14 +01:00
VirtualTam
3d5e0aede3
Merge pull request #673 from virtualtam/cleanup/linkdb
...
LinkDB: code cleanup
2016-10-21 11:04:52 +02:00
VirtualTam
954dc2446c
Merge pull request #665 from ArthurHoaro/fix/feed-hashtags
...
Fix hashtag links in Feeds
2016-10-20 21:37:28 +02:00
VirtualTam
735ed4a94e
LinkDB: explicit method visibility
...
Relates to https://github.com/shaarli/Shaarli/issues/95
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2016-10-20 21:33:42 +02:00
VirtualTam
f21abf3292
LinkDB: update datastore method names
...
Relates to https://github.com/shaarli/Shaarli/issues/95
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2016-10-20 21:33:40 +02:00
VirtualTam
628b97cbdf
LinkDB: do not prefix privates with an underscore
...
Relates to #95
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2016-10-20 21:10:56 +02:00
ArthurHoaro
fbc28ff1c8
Fix hashtags links in Feeds
...
Make the hashtag link absolute in feeds to work properly in RSS syndication tools.
2016-10-20 11:42:01 +02:00
ArthurHoaro
7af9a41881
Minor code cleanup: PHPDoc, spelling, unused variables, etc.
2016-10-20 11:36:11 +02:00
VirtualTam
8406a4b670
Merge pull request #662 from virtualtam/fix/feed/self-link
...
Fix: return the proper value for the "self" feed attribute
2016-10-17 17:58:39 +02:00
VirtualTam
44a718090d
Fix: return the proper value for the "self" feed attribute
...
Fixes https://github.com/shaarli/Shaarli/issues/629
Closes https://github.com/shaarli/Shaarli/pull/630
Note: you might need to empty the "pagecache" directory for the
fix to be taken into account
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2016-10-16 20:58:15 +02:00
ArthurHoaro
7fde6de121
New init function for plugins, supports errors reporting
...
All plugins can optionally add an init function named `pluginname_init()` which is called when the plugin is loaded.
This function is aware of the config, and can return initialization errors, which are displayed in the header template.
Note that the previous error system hack no longer work.
2016-10-14 13:22:58 +02:00
Arthur
0354257266
Merge pull request #622 from ArthurHoaro/update-date
...
Save link update dates and render it in templates and feeds
2016-10-12 14:51:37 +02:00
Arthur
adcdac1dec
Merge pull request #623 from ArthurHoaro/security/reverse-proxy-ban
...
Add trusted IPs in config and try to ban forwarded IP on failed login
2016-10-12 14:48:57 +02:00
VirtualTam
8758bb0ac8
Merge pull request #619 from ArthurHoaro/plugins/param-desc
...
Add a description to plugin parameters
2016-08-13 14:48:51 +02:00
VirtualTam
db6dec0de1
Fix: add missing final newlines, untabify text
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2016-08-13 14:22:22 +02:00
VirtualTam
f4ad7bde56
Fix: ensure Internet Explorer bookmark dumps can be imported
...
Relates to https://github.com/shaarli/Shaarli/issues/607
Modifications:
- [application][tests] NetscapeBookmarkUtils: more permissive doctype detection
The IE bookmark exports contain extra escape sequences, which can be observed
by binary comparison of the reference input data used in tests:
$ cmp -b -l -n 8 netscape_basic.htm internet_explorer_encoding.htm
1 74 < 357 M-o
2 41 ! 273 M-;
3 104 D 277 M-?
4 117 O 74 <
5 103 C 41 !
6 124 T 104 D
7 131 Y 117 O
8 120 P 103 C
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2016-08-12 23:22:15 +02:00
VirtualTam
a973afeac7
Refactor bookmark import using a generic Netscape parser
...
Relates to #607
Relates to #608
Relates to #493 (abandoned)
Additions:
- use Composer's autoload to load 3rd-party dependencies under vendor/
Modifications:
- [import] replace the current parser with a generic, stable parser
- move code to application/NetscapeBookmarkUtils
- improve status report after parsing
- [router] use the same endpoint for both bookmark upload and import dialog
- [template] update bookmark import options
- allow adding tags to all imported links
- allow selecting the visibility (privacy) of imported links
- [tests] ensure bookmarks are properly parsed and imported in the LinkDB
- reuse reference input from the parser's test data
See:
- https://github.com/shaarli/netscape-bookmark-parser
- https://getcomposer.org/doc/01-basic-usage.md#autoloading
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2016-08-10 01:42:44 +02:00
Arthur
d0d3623172
Merge pull request #624 from julienCXX/pr-curl-http-fetch
...
Added (and set as default) a cURL-based method for fetching HTTP content
2016-08-09 13:15:19 +02:00
julienCXX
634783f916
Set cURL as default in HTTP fetching, a fallback method and consistency fixup between both methods
2016-08-08 20:45:50 +02:00
ArthurHoaro
edf3ff5a53
Initialize a translation function
...
It matches the API of ngettext().
2016-08-07 11:54:39 +02:00
ArthurHoaro
fd5ac47ea2
Generate a token for every pages
2016-08-06 14:09:26 +02:00
ArthurHoaro
50d1791838
Add trusted IPs in config and try to ban forwarded IP on failed login
...
* Add a new settings (which needs to be manually set): `security.trusted_proxies`
* On login failure, if the `REMOTE_ADDR` is in the trusted proxies, try to retrieve the forwarded IP in headers.
* If found, the client address is added in ipbans, else we do nothing.
Fixes #409
2016-08-03 10:36:47 +02:00
ArthurHoaro
c6d876bb2a
Set updated date for items in feeds
...
RSS doesn't support updated date for items, so we use the ATOM extension.
Updated dates also bump the global update
2016-08-03 09:54:57 +02:00
ArthurHoaro
9646b7da22
Save the update date in LinkDB and pass it to linklist templates
...
It can be used as a timestamp by templates under the key 'updated_timestamp'.
2016-08-03 09:44:04 +02:00
VirtualTam
c7a42ab1d9
Merge pull request #621 from ArthurHoaro/hotfix/update-escape-config
...
Fix update method escapeUnescapedConfig
2016-08-02 19:46:47 +02:00
ArthurHoaro
b9f8b83790
Fix update method escapeUnescapedConfig
...
* Actually run it
* unit tests
Fixes #611
2016-08-02 12:54:55 +02:00
ArthurHoaro
15170b5164
Parse plugin parameters description with the PluginManager
...
Plugin parameter can contain a description in their meta file under the key:
parameter.<param_name>="<description>"
2016-08-02 11:12:01 +02:00
ArthurHoaro
9866b40814
Better whitespace handling in tags
...
Correct PR #573 to work properly with hidden tags, and add ReferenceLinkDB UT.
Fixes #571 - Closes #573
2016-08-02 10:34:21 +02:00
Chris Kuethe
4b35853d68
Better whitespace handling in tags. Fixes #571
2016-08-02 10:22:18 +02:00
ArthurHoaro
97ef33bb72
Fixes #600 - Shaarli's title is not set with the new config manager
...
- Fixed title config key
- Page title (in head tag) is no longer set through the config manager
2016-07-19 18:03:09 +02:00
Arthur
0c4c7ae818
Merge pull request #558 from ArthurHoaro/hashtag4
...
Hashtag system
2016-07-09 07:36:23 +02:00
Arthur
649af5b501
Merge pull request #570 from ArthurHoaro/config-manager
...
Introduce a configuration manager
2016-07-09 07:19:48 +02:00
ArthurHoaro
5ff23f02b8
Add closing PHP tags to JSON config files
2016-06-20 18:30:37 +02:00
ArthurHoaro
b302c77c74
Pass the configuration manager to templates
2016-06-15 18:22:19 +02:00
ArthurHoaro
894a3c4bf3
Rename configuration key for better sections
2016-06-11 09:30:56 +02:00
ArthurHoaro
51def0d849
PluginManager no longer uses singleton pattern
2016-06-11 09:30:56 +02:00
ArthurHoaro
278d9ee283
ConfigManager no longer uses singleton pattern
2016-06-11 09:30:56 +02:00
ArthurHoaro
7f179985b4
Remove remaining settings initialization in index.php
...
Except for those which require external data (timezone and $_SERVER).
2016-06-11 09:30:56 +02:00
ArthurHoaro
da10377b3c
Rename configuration keys and fix GLOBALS in templates
2016-06-11 09:30:56 +02:00
ArthurHoaro
d93d51b213
Set the default timezone in index.php
2016-06-11 09:30:56 +02:00
ArthurHoaro
b74b96bfbd
Adds ConfigJson which handle the configuration in JSON format.
...
Also use the Updater to make the transition
2016-06-11 09:30:56 +02:00
ArthurHoaro
684e662a58
Replace $GLOBALS configuration with the configuration manager in the whole code base
2016-06-11 09:30:56 +02:00
ArthurHoaro
59404d7909
Introduce a configuration manager (not plugged yet)
2016-06-11 09:30:56 +02:00
ArthurHoaro
9ccca40189
Hashtag system
...
* Hashtag are auto-linked with a filter search
* Supports unicode
* Compatible with markdown (excluded in code blocks)
2016-06-06 21:04:43 +02:00
Arthur
92a381f517
Merge pull request #583 from ArthurHoaro/enhance/tag-case
...
Fixes #497 : ignore case difference between tags
2016-06-03 18:30:19 +02:00
ArthurHoaro
b1eb5d1d31
Fixes #497 : ignore case difference between tags
...
While retrieving all tags, case differences will be ignored.
This affects:
* tag cloud
* tag autocompletion
2016-05-31 09:09:32 +02:00
nodiscc
725ca094f8
Url.php: remove unwanted ?PHPSESSID= URL parameters,
...
update test case
2016-05-20 12:23:03 +02:00
Arthur
3fdcc7bd47
Merge pull request #560 from ArthurHoaro/nb-private-shaare
...
Private links counter in the header
2016-05-14 11:11:11 +02:00
ArthurHoaro
141a86c503
Add private link counter
2016-05-13 08:48:23 +02:00
ArthurHoaro
03eb19ac60
Extract PageBuilder class from index.php
2016-05-13 08:48:18 +02:00
ArthurHoaro
5046bcb6ab
Fix startsWith and endsWith case
2016-05-10 23:31:41 +02:00
VirtualTam
bb4a23aa86
Export: allow prepending notes with the Shaarli instance's URL
...
Relates to #102
Additions:
- application:
- export: allow prepending note permalinks with the instance's URL
- test coverage
Modifications:
- export template: switch to an HTML form
- link selection (all/private/public)
- prepend note permalinks with the instance's URL
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2016-05-06 16:12:46 +02:00
ArthurHoaro
caa69b5853
typo
2016-05-05 13:28:43 +02:00
Arthur
86deafe0ff
Merge pull request #551 from ArthurHoaro/hotfix/timezone
...
Use correct 'UTC' timezone
2016-05-05 13:21:36 +02:00
ArthurHoaro
12ff86c961
Use correct 'UTC' timezone
2016-05-03 20:09:24 +02:00
Arthur
47be060983
Merge pull request #532 from ArthurHoaro/hotfix/title-retrieve-the-return
...
Fixes #531 - Title retrieving is failing with multiple use case
2016-05-03 19:53:57 +02:00
ArthurHoaro
ce7b0b6480
Fixes #531 - Title retrieving is failing with multiple use case
...
see https://github.com/shaarli/Shaarli/issues/531 for details
2016-05-03 19:51:29 +02:00
D Low
20f89623c0
Fix error when filtering search tags
...
Arrays are key-value maps. We should reindex the array after a filter
since we are using the key and count to do array access in filterTags.
An example would be searching for "foo, bar", after the array filter,
our array is actually (0 -> foo, 2 -> bar) which will cause an error
when trying to access $searchtags[1].
2016-04-14 00:10:39 +01:00
VirtualTam
cd5327bee8
Refactor Netscape bookmark exporting
...
Relates to https://github.com/shaarli/netscape-bookmark-parser/issues/5
Fixes:
- respect the Netscape bookmark format "specification"
Modifications:
- [application] introduce the NetscapeBookmarkUtils class
- [template] export - improve formatting, rename export selection parameter
- [template] export.bookmarks - template for Netscape exports
- [tests] bookmark filtering, additional field generation
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2016-04-10 21:28:04 +02:00