e225d3ebbe
Merge V0.14.0
2024-12-10 16:31:21 +01:00
ArthurHoaro
326870f216
Fix XSS vulnerability in tag search ( #2039 )
...
It affect the title tag of the bookmark list page.
Fixes shaarli/Shaarli#2038
2023-11-22 10:29:30 -05:00
ArthurHoaro
b59cdb3871
ArthurHoaro code review: use Shared Bookmark as default title instead of My links
2022-08-13 10:19:15 +02:00
YFdyh000
d5b218eed4
Simple and uniform localized website title
2022-08-13 10:19:15 +02:00
ArthurHoaro
8997ae6c8e
Merge pull request #1697 from ArthurHoaro/feature/pagination
...
Handle pagination through BookmarkService
2021-02-04 10:57:44 +01:00
ArthurHoaro
9b8c0a4560
Handle pagination through BookmarkService
...
Handle all search results through SearchResult object.
This is a required step toward implementing a BookmarkService based on SQL database.
Related to #953
2021-01-20 15:01:29 +01:00
ArthurHoaro
9ef8555ad2
Support search highlights when matching URL content
...
DefaultFormatter:
- format 'a' tag content and not href attribute
- format hashtags properly
Markdown(Extra)Formatter:
- Extend Parsedown to format highlight properly: https://github.com/erusev/parsedown/wiki/Tutorial:-Create-Extensions
Fixes #1681
2021-01-19 17:49:19 +01:00
ArthurHoaro
ccd1862d5f
Inject current template name in templates
...
Use either legacy key _PAGE_ or new 'template' one.
Related to https://github.com/kalvn/Shaarli-Material/issues/118
2021-01-19 10:34:11 +01:00
ArthurHoaro
f00600a283
Daily RSS Cache: invalidate cache base on the date
...
Currently the cache is only invalidated when the datastore changes, while it should rely on selected period of time.
Fixes #1659
2020-12-17 15:48:03 +01:00
ArthurHoaro
ab4c170672
Merge pull request #1644 from ArthurHoaro/fix/daily-rss
...
Daily RSS - Remove relative description (today, yesterday)
2020-12-16 16:04:53 +01:00
ArthurHoaro
8a6b7e96b7
Fix: soft fail if the mutex is not working
...
And display the error in server admin page
Fixes #1650
2020-11-24 13:39:35 +01:00
ArthurHoaro
2883c6d0a7
Daily RSS - Remove relative description (today, yesterday)
...
It is not useful for the RSS feed, as every new entry will be 'yesterday', and it requires an update the next day.
2020-11-15 12:05:08 +01:00
ArthurHoaro
53054b2bf6
Apply PHP Code Beautifier on source code for linter automatic fixes
2020-11-09 10:56:24 +01:00
ArthurHoaro
d9d71b10c3
Merge pull request #1621 from ArthurHoaro/feature/tag-separators
2020-11-08 14:07:33 +01:00
ArthurHoaro
cfdd209440
Display error details even with dev.debug set to false
...
It makes more sense to display the error even if it's unexpected.
Only for logged in users.
Fixes #1606
2020-11-05 19:55:17 +01:00
ArthurHoaro
b3bd8c3e8d
Feature: support any tag separator
...
So it allows to have multiple words tags.
Breaking change: commas ',' are no longer a default separator.
Fixes #594
2020-11-05 17:54:42 +01:00
ArthurHoaro
36e6d88dbf
Feature: add weekly and monthly view/RSS feed for daily page
...
- Heavy refactoring of DailyController
- Add a banner like in tag cloud to display monthly and weekly links
- Translations: t() now supports variables with optional first letter
uppercase
Fixes #160
2020-10-27 19:45:02 +01:00
ArthurHoaro
c2cd15dac2
Move utils classes to Shaarli\Helper namespace and folder
2020-10-27 19:41:38 +01:00
ArthurHoaro
9c04921a8c
Feature: Share private bookmarks using a URL containing a private key
...
- Add a share link next to « Permalink » in linklist (using share icon
from fork awesome)
- This link generates a private key associated to the bookmark
- Accessing the bookmark while logged out with the proper key will
display it
Fixes #475
2020-10-27 19:32:57 +01:00
ArthurHoaro
e6215a2ad9
Merge pull request #1604 from ArthurHoaro/feature/server-admin-page
...
Feature: add a Server administration page
2020-10-27 19:29:43 +01:00
ArthurHoaro
820cae27cf
Merge pull request #1601 from ArthurHoaro/feature/psr3
2020-10-24 11:37:29 +02:00
ArthurHoaro
0cf76ccb47
Feature: add a Server administration page
...
It contains mostly read only information about the current Shaarli instance,
PHP version, extensions, file and folder permissions, etc.
Also action buttons to clear the cache or sync thumbnails.
Part of the content of this page is also displayed on the install page,
to check server requirement before installing Shaarli config file.
Fixes #40
Fixes #185
2020-10-21 15:06:47 +02:00
ArthurHoaro
5c06c0870f
Dislay an error if an exception occurs in the error handler
...
Related to #1598
2020-10-20 18:32:46 +02:00
ArthurHoaro
b38a1b0209
Use PSR-3 logger for login attempts
...
Fixes #1122
2020-10-20 11:47:07 +02:00
ArthurHoaro
21e72da9ee
Asynchronous retrieval of bookmark's thumbnails
...
This feature is based general.enable_async_metadata setting and works with existing metadata.js file.
The script is compatible with any template:
- the thumbnail div bloc must have attribute
- the bookmark bloc must have attribute with the bookmark ID as value
Fixes #1564
2020-10-20 10:15:18 +02:00
ArthurHoaro
3adbdc2a83
Inject ROOT_PATH in plugin instead of regenerating it everywhere
2020-10-16 13:06:06 +02:00
ArthurHoaro
72fbbcd679
Security: fix multiple XSS vulnerabilities + fix search tags with special chars
...
XSS vulnerabilities fixed in editlink, linklist, tag.cloud and tag.list.
Also fixed tag search with special characters: urlencode function needs to be applied on raw data, before espaping, otherwise the rendered URL is wrong.
2020-10-06 17:30:18 +02:00
ArthurHoaro
abe033be85
Fix invalid redirection using the path of an external domain
...
Fixes #1554
2020-09-22 15:37:26 +02:00
ArthurHoaro
98e7a59ca2
Merge pull request #1539 from ArthurHoaro/feature/manual-root-url
2020-09-22 14:08:54 +02:00
ArthurHoaro
b93cfeba7b
Fix subfolder configuration in unit tests
2020-09-12 21:39:01 +02:00
ArthurHoaro
d52ab0b1e9
Properly handle 404 errors
...
Use 404 template instead of default Slim error page if the route is not found.
Fixes #827
2020-09-12 12:42:19 +02:00
ArthurHoaro
949a095310
Merge pull request #1538 from ArthurHoaro/feature/plugins-bookmark-service
...
Inject BookmarkServiceInterface in plugins data
2020-09-06 14:13:16 +02:00
ArthurHoaro
80b708a878
Inject BookmarkServiceInterface in plugins data
...
Related discussion: ilesinge/shaarli-related#7
2020-09-03 15:08:08 +02:00
ArthurHoaro
ce7918386a
Improve backward compatibility for LegacyRouter
...
LegacyRouter is no longer used for routing, only in existing plugins to match the _PAGE_ parameter.
So we change a few of its values there, to match the new ones defined in TemplatePage.
@see discussion in shaarli/Shaarli#1537
2020-09-03 10:09:36 +02:00
ArthurHoaro
7e3dc0ba98
Better handling of plugin incompatibility
...
If a PHP is raised while executing plugin hook, Shaarli will display an error instead of rendering the error page (or just ending in fatal error for default hooks).
Also added phpErrorHandler which is handled differently that regular errorHandler by Slim.:
2020-08-27 12:04:36 +02:00
ArthurHoaro
0c6fdbe12b
Move error handling to dedicated controller instead of middleware
2020-08-21 10:50:44 +02:00
ArthurHoaro
bedbb845ee
Move all admin controller into a dedicated group
...
Also handle authentication check in a new middleware for the admin group.
2020-08-13 11:08:13 +02:00
ArthurHoaro
d6e5f04d39
Remove anonymous permission and initialize bookmarks on login
2020-08-01 11:10:57 +02:00
ArthurHoaro
301c7ab1a0
Better support for notes permalink
2020-07-28 20:46:11 +02:00
ArthurHoaro
a285668ec4
Fix redirection after post install login
2020-07-27 12:34:17 +02:00
ArthurHoaro
9fbc42294e
New basePath: fix officiel plugin paths and vintage template
2020-07-26 14:43:10 +02:00
ArthurHoaro
204035bd3c
Fix: visitor are allowed to chose nb of links per page
2020-07-24 12:48:53 +02:00
ArthurHoaro
87ae3c4f08
Fix default link and redirection in install controller
2020-07-24 10:30:47 +02:00
ArthurHoaro
3ee8351e43
Multiple small fixes
2020-07-23 21:19:21 +02:00
ArthurHoaro
a8c11451e8
Process login through Slim controller
2020-07-23 21:19:21 +02:00
ArthurHoaro
c4ad3d4f06
Process Shaarli install through Slim controller
2020-07-23 21:19:21 +02:00
ArthurHoaro
1a8ac737e5
Process main page (linklist) through Slim controller
...
Including a bunch of improvements on the container,
and helper used across new controllers.
2020-07-23 21:19:21 +02:00
ArthurHoaro
9c75f87793
Use multi-level routes for existing controllers instead of 1 level everywhere
...
Also prefix most admin routes with /admin/
2020-07-23 21:19:21 +02:00
ArthurHoaro
818b3193ff
Explicitly define base and asset path in templates
...
With the new routes, all pages are not all at the same folder level anymore
(e.g. /shaare and /shaare/123), so we can't just use './' everywhere.
The most consistent way to handle this is to prefix all path with the proper variable,
and handle the actual path in controllers.
2020-07-23 21:19:21 +02:00
ArthurHoaro
c22fa57a55
Handle shaare creation/edition/deletion through Slim controllers
2020-07-23 21:19:21 +02:00