Knah-Tsaeb/MyShaarli
Knah-Tsaeb/MyShaarli
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
1819 commits 8 branches 1 tag 12 MiB
Commit graph

422 commits

Author SHA1 Message Date
ArthurHoaro
8e47af2b36 Process logout through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro
b0428aa9b0 Migrate cache purge function to a proper class 
And update dependencies and tests.

Note that SESSION['tags'] has been removed a log ago
 2020-07-23 21:19:21 +02:00
ArthurHoaro
485b168a96 Process picwall rendering through Slim controller + UT 2020-07-23 21:19:21 +02:00
ArthurHoaro
bee33239ed Fix all relative link to work with new URL 2020-07-23 21:19:21 +02:00
ArthurHoaro
78c2f122e0
Merge pull request #1428 from pipoprods/feat/ldap-auth 2020-06-25 16:53:18 +02:00
ArthurHoaro
8694e8411b LDAP - Force protocol LDAPv3 
On Linux, php-ldap seems to rely on a library which still uses deprecated LDAPv2 as default version,
causing authentication issues.

See: https://stackoverflow.com/a/48238224/1484919
 2020-06-25 16:18:25 +02:00
Sébastien NOBILI
a69cfe0dd2
Update application/security/LoginManager.php 
Co-authored-by: ArthurHoaro <arthur@hoa.ro>
 2020-06-03 10:36:04 +02:00
Sébastien NOBILI
9ba6982ea3
Update application/security/LoginManager.php 
Co-authored-by: ArthurHoaro <arthur@hoa.ro>
 2020-06-03 10:35:41 +02:00
Sébastien NOBILI
21e5df5ee8
Update application/security/LoginManager.php 
Co-authored-by: ArthurHoaro <arthur@hoa.ro>
 2020-06-03 10:34:32 +02:00
Sébastien NOBILI
cc2ded54e1 ldap authentication, fixes shaarli/Shaarli#1343 2020-03-02 17:13:18 +01:00
aguy
424530d9af
Add an exception to method 'whitelist_protocols' for url which started with '#' 
This is to allow local link for markdown, actually a local link write with this syntax : '[anchor](#local_link)' produce this html code: http://#local_link
 2020-02-28 15:14:22 +00:00
ArthurHoaro
27ceea2aee Rename ci attribute to container 2020-01-26 11:34:29 +01:00
ArthurHoaro
0498b209b5 Execute common plugin hooks before rendering login page 2020-01-26 11:34:14 +01:00
ArthurHoaro
9e4cc28e29 Fix all existing links and redirection to ?do=login 2020-01-26 11:34:14 +01:00
ArthurHoaro
6c50a6ccce Render login page through Slim controller 2020-01-26 11:34:14 +01:00
ArthurHoaro
a39acb2518 Fix an issue with private tags and fix nomarkdown tag 
The new bookmark service wasn't handling private tags properly.

nomarkdown tag is now shown only for logged in user in bookmarks, and hidden for everyone in tag clouds/lists.

Fixes #726
 2020-01-18 11:39:26 +01:00
ArthurHoaro
e26e2060f5 Add and update unit test for the new system (Bookmark + Service) 
See #1307
 2020-01-18 09:56:32 +01:00
ArthurHoaro
cf92b4dd15 Apply the new system (Bookmark + Service) to the whole code base 
See https://github.com/shaarli/Shaarli/issues/1307
 2020-01-18 09:55:59 +01:00
ArthurHoaro
336a28fa4a Introduce Bookmark object and Service layer to retrieve them 
See https://github.com/shaarli/Shaarli/issues/1307 for details
 2020-01-17 18:42:11 +01:00
ArthurHoaro
def39d0dd7 Run Unit Tests against PHP 7.4 
Bump PHPUnit version and fix unit test

  - Globals are handled differently and are persistent through tests
  - Tests without assertions are marked as risky: some of them are just
meant to check that no error is raised.
 2020-01-17 18:34:37 +01:00
nodiscc
0b631e69d1
thumbnailer: add soundcloud.com to list of common media domains 
OpenGraph thumbnails are well supported on soundcloud.com, displaying an album/track/artist cover image
 2019-09-21 16:48:24 +00:00
ArthurHoaro
0baa658130 Fix RSS permalink included in Markdown bloc 
Adds another line break before inserting RSS permalink to avoid including it in markdown blocs, such as blockquote.
 2019-09-12 19:38:37 +02:00
ArthurHoaro
9f9627059a Make sure that bookmark sort is consistent, even with equal timestamps 
Fixes #1348
 2019-08-07 13:18:02 +02:00
ArthurHoaro
6a4872520c Automatically retrieve description for new bookmarks 
If the option is enabled, it will try to find a meta tag containing
the page description and keywords, just like we do for the page title.
It will either look for regular meta tag or OpenGraph ones.

The option is disabled by default.

Note that keywords meta tags is mostly not used.

In `configure` template, the variable associated with this setting
is `$retrieve_description`.

Fixes #1302
 2019-07-06 12:21:52 +02:00
ArthurHoaro
c3a04e328f
Merge pull request #1273 from ArthurHoaro/feature/ban-manager 
Rewrite IP ban management
 2019-05-25 16:13:56 +02:00
ArthurHoaro
786f35f270
Merge pull request #1276 from ArthurHoaro/feature/bulk-visibility 
Bulk action: set visibility
 2019-04-22 12:31:09 +02:00
ArthurHoaro
90e048594a
Merge pull request #1272 from ArthurHoaro/feature/html-lang 
Accessibility: specify the HTML lang attribute
 2019-03-02 10:54:30 +01:00
ArthurHoaro
cc69aad4a9
Merge pull request #1271 from ArthurHoaro/hotfix/thumb-note-retrieve 
Do not try to retrieve thumbnails for internal link
 2019-03-02 10:54:06 +01:00
ArthurHoaro
a8e7da0114 Do not try to retrieve thumbnails for internal link 
Also adds a helper function to determine if a link is a note and apply it across multiple files.
 2019-02-24 12:25:50 +01:00
ArthurHoaro
c21dcc8199
Merge pull request #1270 from ArthurHoaro/hotfix/sticky-warning 
Fix a warning if links sticky status isn't set
 2019-02-24 11:30:35 +01:00
ArthurHoaro
015314f3c6
Merge pull request #1269 from ArthurHoaro/feature/remove-redirector 
Remove the redirector setting
 2019-02-24 11:29:56 +01:00
ArthurHoaro
8d03f705eb Bulk action: set visibility 
Added 2 buttons when link checkboxes are checked to set them either public or private.

Related to #572 #1160
 2019-02-09 17:59:53 +01:00
ArthurHoaro
b49a04f796 Rewrite IP ban management 
This adds a dedicated manager class to handle all ban interactions, which is instantiated and handled by LoginManager.
IPs are now stored in the same format as the datastore, through FileUtils.

Fixes #1032 #587
 2019-02-09 16:44:48 +01:00
ArthurHoaro
cb974e4747 Accessibility: specify the HTML lang attribute 
The lang is based on the user defined one. If the language is automatic, no language will be specified.

Fixes #1216
 2019-02-09 14:29:35 +01:00
ArthurHoaro
b790f900c9 Fix a warning if links sticky status isn't set 
- initiate its status to false when the link is created
  - if not defined, initiate its status to false (can happen if the updater hasn't run)
 2019-02-09 14:04:16 +01:00
ArthurHoaro
520d29578c Remove the redirector setting 
Fixes #1239
 2019-02-09 13:55:11 +01:00
ArthurHoaro
5bd62b5d53 Fix thumbnails disabling if PHP GD is not installed 2019-02-09 13:05:37 +01:00
ArthurHoaro
905f8675a7
Merge pull request #1182 from ArthurHoaro/feature/session-protection-stay-login 
Do not check the IP address with session protection disabled
 2019-02-09 12:36:31 +01:00
VirtualTam
dea72c711f Optimize and cleanup imports 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-13 00:04:42 +01:00
VirtualTam
e185038834 namespacing: \Shaarli\Plugin\PluginManager 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-12 23:11:19 +01:00
VirtualTam
349b014401 namespacing: \Shaarli\Netscape\NetscapeBookmarkUtils 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-12 23:11:19 +01:00
VirtualTam
a932f486f2 namespacing: \Shaarli\Router 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-12 23:11:19 +01:00
VirtualTam
9778a1551c namespacing: \Shaarli\ApplicationUtils 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-12 23:11:19 +01:00
VirtualTam
bcf056c9d9 namespacing: \Shaarli\Updater 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-12 23:11:19 +01:00
VirtualTam
fe3713d2e5 namespacing: move LinkUtils along \Shaarli\Bookmark classes 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-12 22:47:48 +01:00
VirtualTam
6696729b88 namespacing: \Shaarli\Bookmark\LinkFilter 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-12 22:47:48 +01:00
VirtualTam
f24896b237 namespacing: \Shaarli\Bookmark\LinkDB 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-12 22:47:48 +01:00
VirtualTam
a0c4dbd91c namespacing: \Shaarli\FileUtils 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-12 22:47:48 +01:00
VirtualTam
8c0f19c797 namespacing: \Shaarli\Render\{PageBuilder,ThemeUtils} 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-12 22:47:48 +01:00
VirtualTam
51753e403f namespacing: move HTTP utilities along \Shaarli\Http\ classes 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-12 22:47:48 +01:00
VirtualTam
fb1b182fbf namespacing: \Shaarli\Http\Url 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-12 22:47:48 +01:00
VirtualTam
00af48d9d2 namespacing: \Shaarli\Http\Base64Url 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-12 22:47:48 +01:00
VirtualTam
dfc650aa23 namespacing: \Shaarli\Feed\{Cache,CachedPage,FeedBuilder} 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-12 22:47:48 +01:00
VirtualTam
f3d2f25794 namespacing: \Shaarli\Exceptions\IOException 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-12 22:47:48 +01:00
VirtualTam
bdc5152d48 namespacing: \Shaarli\History 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2019-01-12 22:47:48 +01:00
VirtualTam
9d9f6d75b9 lint: fix line-length warnings 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-12-02 22:39:16 +01:00
VirtualTam
f211e417bf lint: apply phpcbf to application/ 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-12-02 22:39:16 +01:00
ArthurHoaro
e95247d41d
Merge pull request #1205 from ArthurHoaro/feature/opengraph 
Add OpenGraph meta tags on permalink page
 2018-10-06 13:31:07 +02:00
ArthurHoaro
4154c25b5f Add a button to set links as sticky 
Meaning that they always appear on top of all links

Fixes #186
 2018-10-06 12:55:05 +02:00
ArthurHoaro
a120fb2977 Add OpenGraph meta tags on permalink page 
Includes:
  - og:title
  - og:type -> article
  - og:image -> if there is a thumbnail
  - og:url -> permalink
  - og:description -> first 300 chars of raw description
  - article:published_time
  - article:modified_time
  - article:tag -> one OG meta tag for each shaare tag

Fixes #258
 2018-08-13 10:55:48 +02:00
ArthurHoaro
b5c368b858 Fix issue 'You are not authorized to add a link' with thumbnails enabled 
Do not try to alter the datastore by updating thumbnails if the user isn't logged in.

Also, do not enable thumbnails if PHP GD extension is not installed/loaded
 2018-08-10 17:09:51 +02:00
ArthurHoaro
ad5f47adba
Merge pull request #687 from ArthurHoaro/web-thumb 
Use web-thumbnailer to retrieve thumbnails
 2018-07-28 09:41:29 +02:00
ArthurHoaro
d9ba1cdd44 Do not check the IP address with session protection disabled 
This allows the user to stay logged in if his IP changes.

Fixes #1106
 2018-07-17 14:13:37 +02:00
ArthurHoaro
7b4fea0e39 Bunch of improvement for thumbnails integration: 
- add a default thumb size value (125x90px)
  - improve private vertical bar visual, especially with thumbnails
  - translations
  - add a sync thumbs button in tool and empty picwall page
  - fixes WT download mode in JSON config
 2018-07-17 13:16:50 +02:00
ArthurHoaro
b302b3c584 Thumbnails: add a common mode to only retrieve thumbs from popular media websites 2018-07-05 20:34:22 +02:00
ArthurHoaro
28f2652460 Add a page to update all thumbnails through AJAX requests in both templates 2018-07-05 20:34:22 +02:00
ArthurHoaro
787faa42f3 Take code review into account 
Upgrade web-thumbnailer and display thumbs right after download
 2018-07-05 20:34:22 +02:00
ArthurHoaro
e85b7a05a1 Update thumbnail integration after rebasing the branch 2018-07-05 20:31:35 +02:00
ArthurHoaro
a3724717ec ConfigManager: add a method to remove an entry 2018-07-05 20:31:35 +02:00
ArthurHoaro
1b93137e16 Use web-thumbnailer to retrieve thumbnails 
* requires PHP 5.6
  * use blazy on linklist since a lot more thumbs are retrieved
  * thumbnails can be disabled
  * thumbs size is now 120x120
  * thumbs are now cropped to fit the expected size

Fixes #345 #425 #487 #543 #588 #590
 2018-07-05 20:31:35 +02:00
ArthurHoaro
d3f42ca487 Implements Tags endpoints for Shaarli's REST API 
Endpoints:

 * List All Tags [GET]
 * Get a tag [GET]
 * Update a tag [PUT]
 * Delete a tag [DELETE]

Fixes #904
References shaarli/api-documentation#34
 2018-06-04 18:51:22 +02:00
ArthurHoaro
17e45b2e9c
Merge pull request #1143 from ArthurHoaro/sort-equal-tags 
Fix order of tags with the same number of occurrences
 2018-06-04 18:34:50 +02:00
VirtualTam
8edd7f1588 SessionManager+LoginManager: fix checkLoginState logic 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-06-02 16:46:06 +02:00
VirtualTam
704637bfeb Add test coverage for LoginManager methods 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-06-02 16:46:26 +02:00
VirtualTam
ebf6151738 SessionManager: remove unused UID token 
There already are dedicated tokens for:
- CSRF protection
- user stay-signed-in feature, via cookie

This token was most likely intended as a randomly generated,
server-side, secret key to be used when generating hashes.

See http://sebsauvage.net/wiki/doku.php?id=php:session [FR]

Relevant section:

  Une clé secrète unique aléatoire est générée côté serveur (et jamais
  envoyée). Elle peut servir pour signer les formulaires (HMAC) ou
  générer des token de formulaires (protection contre XSRF).
  Voir $_SESSION['uid'].

Translation:

  A unique, server-side secret key is randomly generated (and never
  transmitted). It can be used to sign forms (HMAC) or generate form
  tokens (protection against XSRF).
  See $_SESSION['uid']

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-06-02 16:46:06 +02:00
VirtualTam
c689e10863 Refactor LoginManager stay-signed-in token management 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-06-02 16:46:06 +02:00
VirtualTam
51f0128cdb Refactor session and cookie timeout control 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-06-02 16:46:06 +02:00
VirtualTam
fab87c2696 Move LoginManager and SessionManager to the Security namespace 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-06-02 16:46:06 +02:00
VirtualTam
68dcaccfa4 LoginManager: remove unused parameter 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-06-02 16:46:06 +02:00
VirtualTam
89ccc83ba4 Login: update PageBuilder and default/vintage templates 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-06-02 16:46:06 +02:00
VirtualTam
8474208474 Pass the client IP ID to LoginManager 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-06-02 16:46:06 +02:00
VirtualTam
c7721487b2 Delegate session operations to SessionManager 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-06-02 16:45:54 +02:00
VirtualTam
1b28c66cc7 Document LoginManager properties 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-05-29 22:53:54 +02:00
VirtualTam
63ea23c2a6 Refactor user credential validation at login time 
Changed:
- move login/password verification to LoginManager
- code cleanup

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-05-29 22:53:54 +02:00
VirtualTam
49f1832316 Refactor PHP session handling during login/logout 
Changed:
- move $_SESSION handling to SessionManager
- code cleanup

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-05-29 22:53:54 +02:00
VirtualTam
db45a36a53 Refactor SessionManager::$INACTIVITY_TIMEOUT 
Changed:
- move INACTIVITY_TIMEOUT to SessionManager
- inject a dependency to a SessionManager instance in:
  - fillSessionInfo()
  - setup_login_state()
  - check_auth()
- cleanup related code and comments

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-05-29 22:53:54 +02:00
VirtualTam
88110550b8 Refactor client session hijacking protection 
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-05-29 22:53:54 +02:00
ArthurHoaro
f8c5660df8 Tag sort - UT + comment + fix filter and visibility 
Before this, linksCountPerTag call without would have ignored visibility parameter
 2018-05-29 20:52:30 +02:00
ArthurHoaro
f28396a2f8 Fix order of tags with the same number of occurrences 
Fixes #1142
 2018-05-19 15:47:55 +02:00
ArthurHoaro
a1b727efb7 Support redirection in cURL download callback 2018-05-01 16:44:51 +02:00
Buster One
7ca124079e German language created (#1114) 
* Added german language selection

* German language file created

* typo

* extra space removed and typo corrected

* lines 1314 through 1408 removed as suggested
 2018-04-15 14:53:09 +02:00
ArthurHoaro
9b2bd66fb6
Merge pull request #1093 from ArthurHoaro/feature/theme-translation 
Load theme translations files automatically
 2018-03-26 20:26:10 +02:00
ArthurHoaro
68c6afc56f Load theme translations files automatically 
Fixes #1077

Take a look at the docs update to see how it works
 2018-03-26 19:20:25 +02:00
ArthurHoaro
4294bc7b98
Merge pull request #1096 from ArthurHoaro/feature/download-params 
Make max download size and timeout configurable
 2018-03-13 18:02:49 +01:00
ArthurHoaro
4ff3ed1c47 Make max download size and timeout configurable 
Fixes #1061
 2018-03-07 23:03:21 +01:00
ArthurHoaro
d2d4f993e1 PSR: use elseif instead of else if 
See https://www.php-fig.org/psr/psr-2/\#51-if-elseif-else
 2018-02-28 22:34:40 +01:00
ArthurHoaro
bc4a0a672c
Merge pull request #1092 from ArthurHoaro/fix/scuttle-doctype-case 
Ignore the case while checking DOCTYPE during the file import
 2018-02-24 13:29:11 +01:00
ArthurHoaro
980efd6cf8 Use a specific page title in all pages 
Also fixed a few French translation issues

Fixes #954 #955
 2018-02-24 12:48:49 +01:00
ArthurHoaro
3ff1ce47bc Ignore the case while checking DOCTYPE during the file import 
Fixes #1091
 2018-02-23 20:34:06 +01:00
VirtualTam
44acf70681 Refactor login / ban authentication steps 
Relates to https://github.com/shaarli/Shaarli/issues/324

Added:
- Add the `LoginManager` class to manage logins and bans

Changed:
- Refactor IP ban management
- Simplify logic
- Avoid using globals, inject dependencies

Fixed:
- Use `ban_duration` instead of `ban_after` when setting a new ban

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
 2018-02-05 18:12:09 +01:00