Knah-Tsaeb/MyShaarli
Knah-Tsaeb/MyShaarli
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
2280 commits 8 branches 1 tag 12 MiB
Commit graph

477 commits

Author SHA1 Message Date
ArthurHoaro
029ada5a07 PHP 7.1 compatibility 2020-07-23 21:19:21 +02:00
ArthurHoaro
c4d5be53c2 Process Daily RSS feed through Slim controller 
The daily RSS template has been entirely rewritten to handle the whole feed through the template engine.
 2020-07-23 21:19:21 +02:00
ArthurHoaro
e3d28be967 Slim daily: minor bugfix with empty data 2020-07-23 21:19:21 +02:00
ArthurHoaro
69e29ff65e Process daily page through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro
60ae241251 Process tag list page through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro
3772298ee7 Few optimizations and code readability for tag cloud controller 2020-07-23 21:19:21 +02:00
ArthurHoaro
c79473bd84 Handle tag filtering in the Bookmark service 2020-07-23 21:19:21 +02:00
ArthurHoaro
72caf4e84c Working version before optimization 2020-07-23 21:19:21 +02:00
ArthurHoaro
03340c18ea Slim router: handle add tag route 2020-07-23 21:19:21 +02:00
ArthurHoaro
8e47af2b36 Process logout through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro
b0428aa9b0 Migrate cache purge function to a proper class 
And update dependencies and tests.

Note that SESSION['tags'] has been removed a log ago
 2020-07-23 21:19:21 +02:00
ArthurHoaro
485b168a96 Process picwall rendering through Slim controller + UT 2020-07-23 21:19:21 +02:00
Sébastien NOBILI
46846fd4fc fixed typo 2020-03-02 18:23:55 +01:00
Sébastien NOBILI
cc2ded54e1 ldap authentication, fixes shaarli/Shaarli#1343 2020-03-02 17:13:18 +01:00
ArthurHoaro
0498b209b5 Execute common plugin hooks before rendering login page 2020-01-26 11:34:14 +01:00
ArthurHoaro
9e4cc28e29 Fix all existing links and redirection to ?do=login 2020-01-26 11:34:14 +01:00
ArthurHoaro
6c50a6ccce Render login page through Slim controller 2020-01-26 11:34:14 +01:00
ArthurHoaro
a39acb2518 Fix an issue with private tags and fix nomarkdown tag 
The new bookmark service wasn't handling private tags properly.

nomarkdown tag is now shown only for logged in user in bookmarks, and hidden for everyone in tag clouds/lists.

Fixes #726
 2020-01-18 11:39:26 +01:00
ArthurHoaro
e26e2060f5 Add and update unit test for the new system (Bookmark + Service) 
See #1307
 2020-01-18 09:56:32 +01:00
ArthurHoaro
def39d0dd7 Run Unit Tests against PHP 7.4 
Bump PHPUnit version and fix unit test

  - Globals are handled differently and are persistent through tests
  - Tests without assertions are marked as risky: some of them are just
meant to check that no error is raised.
 2020-01-17 18:34:37 +01:00
ArthurHoaro
354fb98cc9 Markdown plugin: fix RSS feed direct link reverse 
The plugin was only reversing permalinks and failed with setting rss_permalinks set to false
 2019-08-15 12:56:32 +02:00
ArthurHoaro
bd1adc8df6 Fix UT: LinkDBTest - make each tests independant 
Otherwise the datastore is empty in the last test, making it
inconsistent due to dates issues.
 2019-08-10 12:42:53 +02:00
ArthurHoaro
9f9627059a Make sure that bookmark sort is consistent, even with equal timestamps 
Fixes #1348
 2019-08-07 13:18:02 +02:00
ArthurHoaro
b550735054 Default colors plugin - Add unit tests 2019-07-20 09:32:52 +02:00
ArthurHoaro
6a4872520c Automatically retrieve description for new bookmarks 
If the option is enabled, it will try to find a meta tag containing
the page description and keywords, just like we do for the page title.
It will either look for regular meta tag or OpenGraph ones.

The option is disabled by default.

Note that keywords meta tags is mostly not used.

In `configure` template, the variable associated with this setting
is `$retrieve_description`.

Fixes #1302
 2019-07-06 12:21:52 +02:00
ArthurHoaro
c3a04e328f
Merge pull request #1273 from ArthurHoaro/feature/ban-manager 
Rewrite IP ban management
 2019-05-25 16:13:56 +02:00
ArthurHoaro
cc69aad4a9
Merge pull request #1271 from ArthurHoaro/hotfix/thumb-note-retrieve 
Do not try to retrieve thumbnails for internal link
 2019-03-02 10:54:06 +01:00
ArthurHoaro
a8e7da0114 Do not try to retrieve thumbnails for internal link 
Also adds a helper function to determine if a link is a note and apply it across multiple files.
 2019-02-24 12:25:50 +01:00
ArthurHoaro
b49a04f796 Rewrite IP ban management 
This adds a dedicated manager class to handle all ban interactions, which is instantiated and handled by LoginManager.
IPs are now stored in the same format as the datastore, through FileUtils.

Fixes #1032 #587
 2019-02-09 16:44:48 +01:00
ArthurHoaro
520d29578c Remove the redirector setting 
Fixes #1239
 2019-02-09 13:55:11 +01:00
ArthurHoaro
905f8675a7
Merge pull request #1182 from ArthurHoaro/feature/session-protection-stay-login 
Do not check the IP address with session protection disabled
 2019-02-09 12:36:31 +01:00
VirtualTam
dea72c711f Optimize and cleanup imports 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-13 00:04:42 +01:00
VirtualTam
a43e7842e4 API: update test regexes to comply with PCRE2 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-13 00:04:42 +01:00
VirtualTam
9585441734 namespacing: add plugin tests to \Shaarli\Plugin\[...] 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-12 23:11:19 +01:00
VirtualTam
e185038834 namespacing: \Shaarli\Plugin\PluginManager 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-12 23:11:19 +01:00
VirtualTam
349b014401 namespacing: \Shaarli\Netscape\NetscapeBookmarkUtils 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-12 23:11:19 +01:00
VirtualTam
a932f486f2 namespacing: \Shaarli\Router 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-12 23:11:19 +01:00
VirtualTam
9778a1551c namespacing: \Shaarli\ApplicationUtils 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-12 23:11:19 +01:00
VirtualTam
bcf056c9d9 namespacing: \Shaarli\Updater 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-12 23:11:19 +01:00
VirtualTam
fe3713d2e5 namespacing: move LinkUtils along \Shaarli\Bookmark classes 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-12 22:47:48 +01:00
VirtualTam
6696729b88 namespacing: \Shaarli\Bookmark\LinkFilter 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-12 22:47:48 +01:00
VirtualTam
f24896b237 namespacing: \Shaarli\Bookmark\LinkDB 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-12 22:47:48 +01:00
VirtualTam
a0c4dbd91c namespacing: \Shaarli\FileUtils 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-12 22:47:48 +01:00
VirtualTam
8c0f19c797 namespacing: \Shaarli\Render\{PageBuilder,ThemeUtils} 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-12 22:47:48 +01:00
VirtualTam
51753e403f namespacing: move HTTP utilities along \Shaarli\Http\ classes 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-12 22:47:48 +01:00
VirtualTam
fb1b182fbf namespacing: \Shaarli\Http\Url 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-12 22:47:48 +01:00
VirtualTam
00af48d9d2 namespacing: \Shaarli\Http\Base64Url 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-12 22:47:48 +01:00
VirtualTam
dfc650aa23 namespacing: \Shaarli\Feed\{Cache,CachedPage,FeedBuilder} 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-12 22:47:48 +01:00
VirtualTam
f3d2f25794 namespacing: \Shaarli\Exceptions\IOException 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-12 22:47:48 +01:00
VirtualTam
bdc5152d48 namespacing: \Shaarli\History 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-12 22:47:48 +01:00
VirtualTam
9d9f6d75b9 lint: fix line-length warnings 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-12-02 22:39:16 +01:00
VirtualTam
067c2dd8f5 lint: apply phpcbf to tests/ 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-12-02 22:39:16 +01:00
ArthurHoaro
e95247d41d
Merge pull request #1205 from ArthurHoaro/feature/opengraph 
Add OpenGraph meta tags on permalink page
 2018-10-06 13:31:07 +02:00
ArthurHoaro
fa8100c088
Merge pull request #1212 from ArthurHoaro/hotfix/hashtag-md-escape 
Fix hashtags with markdown escape enabled
 2018-10-06 13:28:51 +02:00
ArthurHoaro
4154c25b5f Add a button to set links as sticky 
Meaning that they always appear on top of all links

Fixes #186
 2018-10-06 12:55:05 +02:00
ArthurHoaro
0e54e1059f Isso plugin: add an icon in linklist if enabled 
Fixes #1075
 2018-08-14 13:39:31 +02:00
ArthurHoaro
cb7940e2de Fix hashtags with markdown escape enabled 
They're now transformed to markdown syntax links before processing them through Parsedown.

Fixes #1210
 2018-08-14 12:26:51 +02:00
ArthurHoaro
a120fb2977 Add OpenGraph meta tags on permalink page 
Includes:
  - og:title
  - og:type -> article
  - og:image -> if there is a thumbnail
  - og:url -> permalink
  - og:description -> first 300 chars of raw description
  - article:published_time
  - article:modified_time
  - article:tag -> one OG meta tag for each shaare tag

Fixes #258
 2018-08-13 10:55:48 +02:00
ArthurHoaro
ad5f47adba
Merge pull request #687 from ArthurHoaro/web-thumb 
Use web-thumbnailer to retrieve thumbnails
 2018-07-28 09:41:29 +02:00
ArthurHoaro
d9ba1cdd44 Do not check the IP address with session protection disabled 
This allows the user to stay logged in if his IP changes.

Fixes #1106
 2018-07-17 14:13:37 +02:00
ArthurHoaro
7b4fea0e39 Bunch of improvement for thumbnails integration: 
- add a default thumb size value (125x90px)
  - improve private vertical bar visual, especially with thumbnails
  - translations
  - add a sync thumbs button in tool and empty picwall page
  - fixes WT download mode in JSON config
 2018-07-17 13:16:50 +02:00
ArthurHoaro
c2c2338f9a
Merge pull request #1141 from ArthurHoaro/api/tags 
Implements Tags endpoints for Shaarli's REST API
 2018-07-10 18:06:26 +02:00
ArthurHoaro
7c57bd9538 GetTagsTest - Update to alpha sort for equal occurences 2018-07-05 20:45:03 +02:00
ArthurHoaro
b302b3c584 Thumbnails: add a common mode to only retrieve thumbs from popular media websites 2018-07-05 20:34:22 +02:00
ArthurHoaro
28f2652460 Add a page to update all thumbnails through AJAX requests in both templates 2018-07-05 20:34:22 +02:00
ArthurHoaro
e85b7a05a1 Update thumbnail integration after rebasing the branch 2018-07-05 20:31:35 +02:00
ArthurHoaro
a3724717ec ConfigManager: add a method to remove an entry 2018-07-05 20:31:35 +02:00
ArthurHoaro
1b93137e16 Use web-thumbnailer to retrieve thumbnails 
* requires PHP 5.6
  * use blazy on linklist since a lot more thumbs are retrieved
  * thumbnails can be disabled
  * thumbs size is now 120x120
  * thumbs are now cropped to fit the expected size

Fixes #345 #425 #487 #543 #588 #590
 2018-07-05 20:31:35 +02:00
VirtualTam
1168abb484 docker: move testing resources to tests/docker 
Relates to https://github.com/shaarli/Shaarli/issues/1153

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-06-16 23:54:10 +02:00
ArthurHoaro
d3f42ca487 Implements Tags endpoints for Shaarli's REST API 
Endpoints:

 * List All Tags [GET]
 * Get a tag [GET]
 * Update a tag [PUT]
 * Delete a tag [DELETE]

Fixes #904
References shaarli/api-documentation#34
 2018-06-04 18:51:22 +02:00
ArthurHoaro
17e45b2e9c
Merge pull request #1143 from ArthurHoaro/sort-equal-tags 
Fix order of tags with the same number of occurrences
 2018-06-04 18:34:50 +02:00
VirtualTam
8edd7f1588 SessionManager+LoginManager: fix checkLoginState logic 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-06-02 16:46:06 +02:00
VirtualTam
704637bfeb Add test coverage for LoginManager methods 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-06-02 16:46:26 +02:00
VirtualTam
ebf6151738 SessionManager: remove unused UID token 
There already are dedicated tokens for:
- CSRF protection
- user stay-signed-in feature, via cookie

This token was most likely intended as a randomly generated,
server-side, secret key to be used when generating hashes.

See http://sebsauvage.net/wiki/doku.php?id=php:session [FR]

Relevant section:

  Une clé secrète unique aléatoire est générée côté serveur (et jamais
  envoyée). Elle peut servir pour signer les formulaires (HMAC) ou
  générer des token de formulaires (protection contre XSRF).
  Voir $_SESSION['uid'].

Translation:

  A unique, server-side secret key is randomly generated (and never
  transmitted). It can be used to sign forms (HMAC) or generate form
  tokens (protection against XSRF).
  See $_SESSION['uid']

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-06-02 16:46:06 +02:00
VirtualTam
c689e10863 Refactor LoginManager stay-signed-in token management 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-06-02 16:46:06 +02:00
VirtualTam
51f0128cdb Refactor session and cookie timeout control 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-06-02 16:46:06 +02:00
VirtualTam
fab87c2696 Move LoginManager and SessionManager to the Security namespace 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-06-02 16:46:06 +02:00
VirtualTam
63ea23c2a6 Refactor user credential validation at login time 
Changed:
- move login/password verification to LoginManager
- code cleanup

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-05-29 22:53:54 +02:00
VirtualTam
88110550b8 Refactor client session hijacking protection 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-05-29 22:53:54 +02:00
ArthurHoaro
f8c5660df8 Tag sort - UT + comment + fix filter and visibility 
Before this, linksCountPerTag call without would have ignored visibility parameter
 2018-05-29 20:52:30 +02:00
ArthurHoaro
dd6794cff8 Fix feed permalink rendering with markdown escape set to true 
Fixes #1134
 2018-05-19 12:55:43 +02:00
ArthurHoaro
c5ee13181e Update parsedown to its latest version instead of fixed 1.6 2018-03-31 13:00:13 +02:00
ArthurHoaro
9b2bd66fb6
Merge pull request #1093 from ArthurHoaro/feature/theme-translation 
Load theme translations files automatically
 2018-03-26 20:26:10 +02:00
ArthurHoaro
68c6afc56f Load theme translations files automatically 
Fixes #1077

Take a look at the docs update to see how it works
 2018-03-26 19:20:25 +02:00
ArthurHoaro
4294bc7b98
Merge pull request #1096 from ArthurHoaro/feature/download-params 
Make max download size and timeout configurable
 2018-03-13 18:02:49 +01:00
ArthurHoaro
4ff3ed1c47 Make max download size and timeout configurable 
Fixes #1061
 2018-03-07 23:03:21 +01:00
ArthurHoaro
d2d4f993e1 PSR: use elseif instead of else if 
See https://www.php-fig.org/psr/psr-2/\#51-if-elseif-else
 2018-02-28 22:34:40 +01:00
ArthurHoaro
3ff1ce47bc Ignore the case while checking DOCTYPE during the file import 
Fixes #1091
 2018-02-23 20:34:06 +01:00
VirtualTam
44acf70681 Refactor login / ban authentication steps 
Relates to https://github.com/shaarli/Shaarli/issues/324

Added:
- Add the `LoginManager` class to manage logins and bans

Changed:
- Refactor IP ban management
- Simplify logic
- Avoid using globals, inject dependencies

Fixed:
- Use `ban_duration` instead of `ban_after` when setting a new ban

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-02-05 18:12:09 +01:00
ArthurHoaro
a381c373b3
Merge pull request #1074 from kalvn/feature/dailymarkdown 
Executes daily hooks before creating columns.
 2018-02-02 19:23:26 +01:00
ArthurHoaro
5617dcf9d2 Drop PHP 5.5 compatibility and upgrade PHPUnit to v5.x 
PHPUnit 4.x contains deprecated PHP functions in PHP 7.2.
 2018-02-02 19:15:47 +01:00
kalvn
50142efd1b Executes daily hooks before creating columns. 2018-02-01 13:16:58 +01:00
ArthurHoaro
cb4ddbe4e7 Fix warnings when upgrading from legacy SebSauvage version 
Fixes #1040
 2018-01-25 19:55:31 +01:00
ArthurHoaro
d449f79a0d
Merge pull request #977 from ArthurHoaro/feature/dl-filter 
Extract the title/charset during page download, and check content type
 2018-01-23 18:41:38 +01:00
ArthurHoaro
101b935de4
Merge pull request #1025 from ArthurHoaro/hotfix/proxy-443 
Force HTTPS if the original port is 443 behind a reverse proxy
 2017-12-03 12:46:43 +01:00
ArthurHoaro
8e9fc6f6e6 Force HTTPS if the original port is 443 behind a reverse proxy 
Fixes #1022
 2017-12-02 15:24:35 +01:00
VirtualTam
dd883aaf09 Improve SessionManager constructor and tests 
Relates to https://github.com/shaarli/Shaarli/pull/1005

Changed:
- pass a copy of the ConfigManager instance instead of a reference
- move FakeConfigManager to a dedicated file
- update tests

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2017-11-08 20:26:03 +01:00
ArthurHoaro
fd08b50a80 Don't URL encode description links if parameter 'redirector.encode_url' is set to false 2017-11-07 20:23:58 +01:00
ArthurHoaro
d65342e304 Extract the title/charset during page download, and check content type 
Use CURLOPT_WRITEFUNCTION to check the response code and content type (only allow HTML).
Also extract the title and charset during downloading chunk of data, and stop it when everything has been extracted.

Closes #579
 2017-10-28 14:35:49 +02:00
ArthurHoaro
0926d26390
Merge pull request #962 from ArthurHoaro/feature/perfs2 
Performances: reorder links when they're written instead of read
 2017-10-28 12:44:44 +02:00
VirtualTam
ae7c954b12 Improve SessionManager tests 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2017-10-24 22:01:02 +02:00
VirtualTam
fd7d84616d Move session ID check to SessionManager 
Relates to https://github.com/shaarli/Shaarli/issues/324

Changed:
- `is_session_id_valid()` -> `SessionManager::checkId()`
- update tests

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2017-10-22 19:54:44 +02:00
VirtualTam
ebd650c06c Refactor session token management 
Relates to https://github.com/shaarli/Shaarli/issues/324

Added:
- `SessionManager` class to group session-related features
- unit tests

Changed:
- `getToken()` -> `SessionManager->generateToken()`
- `tokenOk()` -> `SessionManager->checkToken()`
- inject a `$token` parameter to `PageBuilder`'s constructor

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2017-10-22 19:19:46 +02:00
ArthurHoaro
f39580c6fd Add language selection in the configure page of the default theme 2017-10-22 13:16:53 +02:00
ArthurHoaro
12266213d0 Shaarli's translation 
* translation system and unit tests
 * Translations everywhere

Dont use translation merge

It is not available with PHP builtin gettext, so it would have lead to inconsistency.
 2017-10-22 12:55:03 +02:00
ArthurHoaro
66e74d50d3 Don't write History for link import 
With large imports it has a large impact on performances and isn't really useful.

Instead, write an IMPORT event, which let client using the history service resync its DB.

-> 15k link import done in 6 seconds.

Fixes #985
 2017-10-07 16:40:16 +02:00
ArthurHoaro
3512f44617 Merge pull request #976 from ArthurHoaro/hotfix/url-parentheses 
Fix parsing for description links with parentheses
 2017-09-30 14:25:53 +02:00
ArthurHoaro
601faf9751 Fix parsing for description links with parentheses 
With markdown plugin disabled

relates to #966
 2017-09-29 18:52:38 +02:00
ArthurHoaro
a59bbf50d7 Merge pull request #947 from thewilli/wildcardsearch 
wildcard tag search support
 2017-09-29 18:38:02 +02:00
VirtualTam
b5c33d702a Tests: update localization tests 
Rely on `mag_IN` (Magahi - INDIA) being unavailable when running localization
test suites, instead of `pt_BR` that is now available from Travis build images.

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2017-09-19 19:17:16 +02:00
ArthurHoaro
9ec0a61156 Performances: reorder links when they're written instead of read 
relates to #891
 2017-09-02 15:10:44 +02:00
ArthurHoaro
a3130d2c2f Make work behind a reverse proxy 
Without HTTP_X_FORWARDED_PORT check,  might be set to false even though the user is using HTTPS, thus disabling Firefox Social block display
 2017-09-02 13:50:49 +02:00
Willi Eggeling
341527bae9 wildcard tag search support 
- when searching for tags you can now include '*' as wildcard placeholder
- new search reduces overall overhead when filtering for tags
- fixed combination with description tag search ('#' prefix)
- tests added
 2017-08-30 13:20:22 +02:00
ArthurHoaro
1fdb40fc16 Merge pull request #887 from ArthurHoaro/hotfix/dash-tag-rename 
Make sure that the tag exists before altering/removing it
 2017-08-05 09:59:03 +02:00
ArthurHoaro
3b67b22225 Move tag renaming code to LinkDB and unit test it 2017-08-05 09:55:20 +02:00
VirtualTam
f09e1e318e Merge pull request #889 from Lucas-C/master 
Using only one form in linklist.html - fix #885
 2017-08-03 16:27:59 +02:00
Lucas Cimon
f210d94f71 Using only one form in linklist.html + adding untaggedonly filter - fix #885 2017-07-30 16:19:34 +02:00
Stephen Muth
0b51ea7251 Add tests to cover new server_url behavior 2017-07-12 17:57:47 +00:00
ArthurHoaro
ac94db1e36 Merge pull request #880 from ArthurHoaro/hotfix/allowed-protocols 
Add a whitelist of protocols for URLs
 2017-05-31 17:52:19 +02:00
ArthurHoaro
3e395a6bc6 Merge pull request #841 from ArthurHoaro/feature/search-no-tag 
Empty tag search will look for not tagged links
 2017-05-25 15:54:20 +02:00
ArthurHoaro
7d86f40bdb Empty tag search will look for not tagged links 
Fixes #784

From now, searching for tags with an empty value will return only not tagged links,
with the search bar showing `x results [not tagged]`.

Note that using the api, the searchtags request parameter must be set to `false` to get the same result.

  - [ ] Update API doc
 2017-05-25 15:51:12 +02:00
ArthurHoaro
aa4797ba36 Adds a taglist view with edit/delete buttons 
* The tag list can be sort alphabetically or by most used tag
  * Edit/Delete are perform using AJAX, or fallback to 'do=changetag' page
  * New features aren't backported to vintage theme
 2017-05-25 15:25:04 +02:00
ArthurHoaro
86ceea054f Add a whitelist of protocols for URLs 
- for Shaare
 - for markdown description links and images

Not whitelisted protocols will be replaced by `http://`
 2017-05-25 14:58:34 +02:00
Lucas Cimon
6ccd0b218f Adding ability to display subtags in tagcloud 2017-05-24 13:09:35 +02:00
ArthurHoaro
845810a8d3 Use the new 'default' theme... as default 
Fixes #866
 2017-05-09 18:22:31 +02:00
ArthurHoaro
6bc90f50af History: fix entries order 2017-05-07 17:11:25 +02:00
ArthurHoaro
813849e521 Add history entries for API endpoint 
CHANGED: datetime is now store as an object in history store file
 2017-05-07 17:11:22 +02:00
ArthurHoaro
61d406933e API: Get History endpoint 
See http://shaarli.github.io/api-documentation/#links-history-get
 2017-05-07 16:03:40 +02:00
ArthurHoaro
b8fcb7d440 Merge pull request #856 from ArthurHoaro/api/delete-link 
API: add DELETE endpoint
 2017-05-07 16:02:14 +02:00
ArthurHoaro
0843848c1d API: add DELETE endpoint 
Based on #840

See http://shaarli.github.io/api-documentation/\#links-link-delete
 2017-05-07 15:58:49 +02:00
ArthurHoaro
77de24876f Merge pull request #840 from ArthurHoaro/api/putLink 
REST API: implement PUT method
 2017-05-07 15:55:38 +02:00
ArthurHoaro
cf9181dddf REST API: implement PUT method 
* Related to #609
  * Documentation: http://shaarli.github.io/api-documentation/#links-link-put
 2017-05-07 15:49:16 +02:00
ArthurHoaro
f9ff7f1b69 Merge pull request #764 from ArthurHoaro/feature/history 
History mechanism
 2017-05-06 17:12:06 +02:00
ArthurHoaro
4c7045229c Merge pull request #830 from ArthurHoaro/theme/timezone 
Change timezone data structure send to the templates
 2017-04-25 19:09:13 +02:00
ArthurHoaro
6a19124a09 Use raw bytes for upload size hidden input 2017-04-10 20:01:10 +02:00
ArthurHoaro
ae3aa96898 Change timezone data structure send to the templates 
The goal of this is to be able to adapt the timezone form
in template without hacking the HTML already rendered.

  * there are two arrays available:
    * `continents` which contains only a list of available continents
    * `cities` which contains a list of available timezone cities, associated with their continent

Note: there are two distinct array because RainTPL doesn't support nested loop very well.
 2017-04-03 19:24:55 +02:00
ArthurHoaro
b68134ac1d UtilsTest: PHP 5.5 compatibility 2017-04-03 18:53:43 +02:00
ArthurHoaro
84315a3bad Fix a warning generated in return_bytes function and refactor it 
It was multiplying a string containing a letter.

Moved function to Utils.php and display a human readable limit size
 2017-04-03 18:53:43 +02:00
ArthurHoaro
8e33d0e767 Remove readityourself plugin 
Fixes #818
 2017-04-01 12:32:43 +02:00
ArthurHoaro
4b385d6c34 Merge pull request #742 from ArthurHoaro/api/postLink 
REST API: implement POST link service
 2017-04-01 10:02:03 +02:00
ArthurHoaro
81bd104daa Theme: use format_date function for daily date 2017-03-28 20:43:30 +02:00
ArthurHoaro
68016e3798 REST API: implement POST link service 2017-03-27 18:44:50 +02:00
ArthurHoaro
c843794786 Merge pull request #828 from ArthurHoaro/project/master-version 
Fix version check branch for UT
 2017-03-22 18:59:40 +01:00
ArthurHoaro
5e4a83bb98 Fix version check branch for UT 2017-03-22 18:55:09 +01:00
ArthurHoaro
64c34078e4 Merge pull request #816 from ArthurHoaro/project/master-version 
Use 'dev' version on the master branch
 2017-03-22 18:50:33 +01:00
ArthurHoaro
d16ca2e22f History: lazy loading for the history file 
Only read it when it's necessary
 2017-03-21 20:29:20 +01:00
ArthurHoaro
4306b184c4 History mechanism 
Use case: rest API service

  * saved by default in data/history
  * same format as datastore.php
  * traced events:
     * save/edit/delete link
     * change settings or plugins settings
     * rename tag
 2017-03-21 20:29:20 +01:00
ArthurHoaro
b2306b0c78 Move database read/write to FileUtils class + additional unit tests 2017-03-21 20:16:26 +01:00
ArthurHoaro
c4c655d9bf Merge pull request #804 from ArthurHoaro/feature/atom-default 
Fixes #304: use atom feed as default
 2017-03-21 20:10:49 +01:00
ArthurHoaro
b786c8836f Set Shaarli's version only in shaarli_version.php file 2017-03-21 20:08:40 +01:00
ArthurHoaro
c6a4c2882d Proper error if the conf file is invalid instead of fatal error 
Error:

An error occurred while parsing configuration JSON file (data/config.json.php): error code #4
➜ Syntax error
Please check your JSON syntax (without PHP comment tags) using a JSON lint tool such as jsonlint.com.
 2017-03-12 16:09:34 +01:00
ArthurHoaro
b897c81f8c Use 'dev' version on the master branch 
Allowed check branches are now `latest` and `stable`.
 2017-03-12 15:05:59 +01:00
ArthurHoaro
196808e14f Merge pull request #779 from ArthurHoaro/feature/import-parser-logs 
Link imports are now logged in `data/` folder, and can be debug using…
 2017-03-11 14:23:05 +01:00
ArthurHoaro
2ea89aba4f Fixes #304: use atom feed as default 
RSS feed is still available with the  setting set to false
 2017-03-11 14:13:58 +01:00
ArthurHoaro
fe83d45c46 Fix #773: set Piwik URL protocol 2017-03-11 13:27:02 +01:00
ArthurHoaro
87e9631e4a Fix namespace issue 2017-03-10 18:49:53 +01:00
ArthurHoaro
48417aed1d Link imports are now logged in data/ folder, and can be debug using dev.debug=true setting 
related to #741 and #681
 2017-03-10 18:46:53 +01:00
ArthurHoaro
5ba55f0cf2 Move config exception to dedicated classes with proper namespace 2017-03-09 19:16:42 +01:00
ArthurHoaro
e6cd773f5a Fix blocking namespace issue 2017-03-08 20:00:21 +01:00
ArthurHoaro
03b9cb600a Fix autoLocale error and cover it with unit tests 2017-03-07 19:27:17 +01:00
ArthurHoaro
52b503105d Improve datetime display 
Use php-intl extension to display datetimes a bit more nicely, depending on the locale.

What changes:

  * the day is no longer displayed
  * day number and month are ordered according to the locale
  * the timezone is more readable (UTC+1 instead of CET)
 2017-03-06 21:11:12 +01:00
ArthurHoaro
1255a42cfe Improve autoLocale() detection 
- Creates arrays_combination function to cover all cases
  - add the underscore separator in the regex
  - add `utf8` encoding in addition to `UTF-8`
 2017-03-06 20:32:17 +01:00
VirtualTam
3c66e56435 application: introduce the Shaarli\Config namespace 
Namespaces have been introduced with the REST API, and should be generalized
to the whole codebase to manage object scope and benefit from autoloading.

See:
- https://secure.php.net/manual/en/language.namespaces.php
- http://www.php-fig.org/psr/psr-4/

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2017-03-04 17:07:52 +01:00
ArthurHoaro
e037610115 Add markdown_escape setting 
This setting allows to escape HTML in markdown rendering or not.
The goal behind it is to avoid XSS issue in shared instances.

More info:

  * the setting is set to true by default
  * it is set to false for anyone who already have the plugin enabled
  (avoid breaking existing entries)
  * improve the HTML sanitization when the setting is set to false - but don't consider it XSS proof
  * mention the setting in the plugin README
 2017-02-28 19:16:54 +01:00
ArthurHoaro
7dcbfde5ff Set the vintage theme by default for the time being 2017-02-27 20:20:53 +01:00
ArthurHoaro
16e3d006e9 REST API: implements getLink by ID service 
See http://shaarli.github.io/api-documentation/#links-link-get
 2017-02-19 16:45:59 +01:00
ArthurHoaro
c37a6f820b REST API - getLinks: support the visibility parameter 2017-01-17 18:53:18 +01:00
ArthurHoaro
7f96d9ec21 Update LinkFilter to be able to filter only public links 
No update regarding the UI or the API for now

Fixes #758
 2017-01-16 13:57:11 +01:00
ArthurHoaro
053673cb71 Remove CSS call for addlink toolbar plugin 
Fixes #724
 2017-01-15 17:50:16 +01:00
ArthurHoaro
9977c418d6 Merge pull request #727 from ArthurHoaro/api/getlinks 
REST API: implement getLinks service
 2017-01-15 16:49:50 +01:00
ArthurHoaro
c3b00963fe REST API: implement getLinks service 
See http://shaarli.github.io/api-documentation/#links-links-collection-get
 2017-01-15 13:55:22 +01:00
VirtualTam
63ef549749 API: expect JWT in the Authorization header 
Relates to https://github.com/shaarli/Shaarli/pull/731

Added:
- require the presence of the 'Authorization' header

Changed:
- use the HTTP Bearer Token authorization schema

See:
- https://jwt.io/introduction/#how-do-json-web-tokens-work-
- https://tools.ietf.org/html/rfc6750
- http://security.stackexchange.com/q/108662

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2017-01-15 13:41:04 +01:00
Arthur
7418f7cb60 Merge pull request #732 from ArthurHoaro/feature/theme-manager 
Theme manager: improvements
 2017-01-06 11:40:54 +01:00
VirtualTam
93b1fe54fb Cleanup: explicit method visibility 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2017-01-05 19:52:04 +01:00
ArthurHoaro
04a0e8ea34 Updater: keep custom theme preference with the new theme setting 2017-01-05 16:16:27 +01:00
ArthurHoaro
a0df06517b Minor improvements regarding #705 (coding style, unit tests, etc.) 2017-01-05 16:16:23 +01:00
Knah Tsaeb
adc4aee80f Change templates set through administration UI 2017-01-05 12:04:02 +01:00
VirtualTam
7a9daac56d API: fix JWT signature verification 
Fixes https://github.com/shaarli/Shaarli/issues/737

Added:
- Base64Url utilities

Fixed:
- use URL-safe Base64 encoding/decoding functions
- use byte representations for HMAC digests
- all JWT parts are Base64Url-encoded

See:
- https://en.wikipedia.org/wiki/JSON_Web_Token
- https://tools.ietf.org/html/rfc7519
- https://scotch.io/tutorials/the-anatomy-of-a-json-web-token
- https://jwt.io/introduction/
- https://en.wikipedia.org/wiki/Base64#URL_applications
- https://secure.php.net/manual/en/function.base64-encode.php#103849

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2017-01-04 16:59:47 +01:00
Arthur
061f04fba0 Merge pull request #733 from ArthurHoaro/hotfix/reverse-proxy-port 
Hide default ports in local URL behind a reverse proxy
 2017-01-04 16:34:06 +01:00
VirtualTam
eaf2524887 URL cleanup: add 'campaign_' to the annoying parameters 
Closes https://github.com/shaarli/Shaarli/issues/735

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2017-01-04 11:42:05 +01:00
ArthurHoaro
8e4be77368 Hide default port in local URL behind a reverse proxy 2017-01-03 14:17:05 +01:00
ArthurHoaro
b3051a6aae Fixes presence of empty tags for private tags and in search results 
* Private tags: make sure empty tags are properly filtered
  * Search results:
    * Use preg_split instead of function combination
    * Add normalize_spaces to remove extra whitespaces displaying empty tags search
 2017-01-03 09:47:15 +01:00
ArthurHoaro
db90dfcbbc Move PubSubHubbub code as a default plugin 2016-12-20 11:41:24 +01:00
ArthurHoaro
18e6796726 REST API structure using Slim framework 
* REST API routes are handle by Slim.
  * Every API controller go through ApiMiddleware which handles security.
  * First service implemented `/info`, for tests purpose.
 2016-12-15 10:36:00 +01:00
ArthurHoaro
cbfdcff261 Prepare settings for the API in the admin page and during the install 
API settings:
   - api.enabled
   - api.secret

The API settings will be initialized (and the secret generated) with an update method.
 2016-12-12 03:54:10 +01:00
ArthurHoaro
d592daea83 Add a persistent 'shorturl' key to all links 
All existing link will keep their permalinks.
New links will have smallhash generated with date+id.

The purpose of this is to avoid collision between links due to their creation date.
 2016-12-12 03:03:12 +01:00
ArthurHoaro
c3dfd89959 Unit Test for the new ID system 2016-12-12 03:03:12 +01:00
Arthur
6781465fda Merge pull request #691 from ArthurHoaro/plugins/no-md-feed 
Markdown: fixes feed rendering with nomarkdown tag
 2016-12-01 11:13:04 +01:00
ArthurHoaro
266e3fe5c8 Markdown: fixes feed rendering with nomarkdown tag 
* make sure we match exactly `nomarkdown` tag
 * pass the whole link data to stripNoMarkdownTag() to:
   * strip the noMD tag in taglist (array)
   * strip the tag in tags (string)

Fixes #689

tmp
 2016-11-22 10:26:03 +01:00
ArthurHoaro
5ebc1d504b .htaccess files: support Apache 2.4+ syntax 
If `mod_version` is enabled, the previous syntax will apply for Apache <2.4.
If not, the new syntax is used by default.

Fixes #676

`mod_version` identifier is `version_module` across all Apache versions. See:

  * https://httpd.apache.org/docs/current/mod/mod_version.html
  * https://httpd.apache.org/docs/2.2/mod/mod_version.html
  * https://serverfault.com/questions/733910/how-do-i-load-mod-version-only-if-it-isnt-built-in-to-apache

Note that version_module comes built-in with Debian (and derivatives) Apache2 packages, see https://wiki.debian.org/Apache/PackagingFor24
 2016-11-08 11:38:14 +01:00
ArthurHoaro
c5941f316a Fix an issue with links not being reversed in code blocks 
Fixes #672

+ Markdown to HTML unit test
 2016-10-22 11:13:48 +02:00
VirtualTam
3d5e0aede3 Merge pull request #673 from virtualtam/cleanup/linkdb 
LinkDB: code cleanup
 2016-10-21 11:04:52 +02:00
VirtualTam
954dc2446c Merge pull request #665 from ArthurHoaro/fix/feed-hashtags 
Fix hashtag links in Feeds
 2016-10-20 21:37:28 +02:00
VirtualTam
735ed4a94e LinkDB: explicit method visibility 
Relates to https://github.com/shaarli/Shaarli/issues/95

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2016-10-20 21:33:42 +02:00
VirtualTam
f21abf3292 LinkDB: update datastore method names 
Relates to https://github.com/shaarli/Shaarli/issues/95

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2016-10-20 21:33:40 +02:00
VirtualTam
628b97cbdf LinkDB: do not prefix privates with an underscore 
Relates to #95

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2016-10-20 21:10:56 +02:00
ArthurHoaro
fbc28ff1c8 Fix hashtags links in Feeds 
Make the hashtag link absolute in feeds to work properly in RSS syndication tools.
 2016-10-20 11:42:01 +02:00
ArthurHoaro
7af9a41881 Minor code cleanup: PHPDoc, spelling, unused variables, etc. 2016-10-20 11:36:11 +02:00
Arthur
c1c2102850 Merge pull request #651 from ArthurHoaro/plugin-isso2 
Isso comments plugin
 2016-10-18 08:14:09 +02:00
VirtualTam
8406a4b670 Merge pull request #662 from virtualtam/fix/feed/self-link 
Fix: return the proper value for the "self" feed attribute
 2016-10-17 17:58:39 +02:00