Commit graph

1679 commits

Author SHA1 Message Date
ArthurHoaro
b11c8f25df unit tests for readityourself plugin + remove hard error 2015-11-08 12:42:29 +01:00
ArthurHoaro
ff5bda8238 unit test for addlink_toolbar + coding style 2015-11-08 12:40:14 +01:00
ArthurHoaro
1b2b44f4bd PLUGIN: addlink_toolbar
Add a field in linklist page to paste a new link.

Displayed in fields toolbar.
2015-11-08 12:20:20 +01:00
ArthurHoaro
75b69987b3 PLUGIN readityourself
Add an icon for each link (linklist) for ReadItYourself
2015-11-08 12:02:41 +01:00
Arthur
245432e796 Merge pull request #284 from ArthurHoaro/plugin-playvideos
PLUGIN playvideos
2015-11-07 16:53:07 +01:00
Arthur
c536c98ae1 Merge pull request #285 from ArthurHoaro/plugin-qrcode
PLUGIN QRCode
2015-11-07 16:52:53 +01:00
Arthur
1b4ea59f93 Merge pull request #283 from ArthurHoaro/plugin-archiveorg
PLUGIN archiveorg
2015-11-07 16:52:41 +01:00
Arthur
70df947af6 Merge pull request #368 from ArthurHoaro/returnurl-again
Fixes #356 -  adding a link should return added link's hash
2015-11-07 16:51:50 +01:00
ArthurHoaro
263d1f6495 PLUGIN wallabag
Add a Wallabag icon in linklist for each link.
2015-11-07 16:45:20 +01:00
ArthurHoaro
9a364c283e Add unit test for archiveorg plugin
+ coding style
2015-11-07 16:40:25 +01:00
ArthurHoaro
b7b9dbb0d5 PLUGIN archiveorg
Display an archive.org icon in linklist, foreach links.
2015-11-07 16:40:25 +01:00
ArthurHoaro
840caea64f Add unit tests for Playvideos plugin
+ coding style
2015-11-07 16:30:56 +01:00
ArthurHoaro
b17c19ff76 PLUGIN playvideos
Display a button in buttons toolbar which allows to play all videos found.
2015-11-07 16:21:21 +01:00
ArthurHoaro
abb3ff38f5 Add unit tests for the QRCode plugin
+ coding style
2015-11-07 16:13:08 +01:00
ArthurHoaro
14c8efbe31 PLUGIN QRCode
Add an icon in linklist to display links QRCode
2015-11-07 15:32:28 +01:00
ArthurHoaro
a52e843593 Add plugins folder to test analysis 2015-11-07 15:27:22 +01:00
ArthurHoaro
d06265fb57 Unit tests for Router and PluginManager. 2015-11-07 15:27:22 +01:00
ArthurHoaro
567967fdf9 Template upgrade to handle plugin zones
Add a bunch of plugin placeholders in templates
2015-11-07 15:27:22 +01:00
ArthurHoaro
0aec972a8b Plugins TODO.md 2015-11-07 15:27:22 +01:00
ArthurHoaro
6fc14d5303 Plugin system - CORE
see shaarli/Shaarli#275
2015-11-07 15:27:17 +01:00
ArthurHoaro
d01c234235 Fixes #356
* adding a link should return added link's hash
* allow redirection relative urls in generateLocation
2015-11-04 19:53:59 +01:00
VirtualTam
38bedfbbcd Bump version to 0.5.4
Fixes:
 - PHP session IDs: handle hash algorithms and bits per char representations

Minor changes:
 - HTTPS: support being served behing an SSL-enabled proxy
 - HTTP/Server utilities: refactor & add test coverage

Project & documentation:
 - improve/rewrite `README.md`
 - update contributor list
 - update `index.php` header

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-09-14 21:02:52 +02:00
VirtualTam
49e2b35b4a Update project information: contributors, index.php header
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-09-14 20:54:13 +02:00
VirtualTam
4df3520d6e Merge pull request #346 from virtualtam/refactor/http-url-utils
HTTP: move server URL functions to `HttpUtils.php`
2015-09-14 20:40:41 +02:00
VirtualTam
482d67bd52 HTTP: move server URL functions to HttpUtils.php
Relates to #333

Modifications:
 - refactor server URL utility functions
 - do not access global `$_SERVER` variables
 - add test coverage
 - improve readability
 - apply coding conventions

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-09-14 20:27:16 +02:00
Fanch
7b114771d3 SSL detection: add support for X-Forwarded-Proto
Duplicates #332

See:
 - RFC 7239 - Forwarded HTTP Extension
   http://www.ietf.org/rfc/rfc7239.txt
 - RFC 6238 - Deprecating the "X-" Prefix and Similar Constructs in Application Protocols
   http://www.ietf.org/rfc/rfc6648.txt
 - StackOverflow - Custom HTTP headers: naming conventions
   http://stackoverflow.com/a/3561399
2015-09-13 21:17:01 +02:00
VirtualTam
ce47a75864 Merge pull request #337 from doc75/doublon_url
#325 small enhancement to fix the GetLinkFromUrl method
2015-09-08 22:03:18 +02:00
Guillaume Virlet
ef591e7ee2 Url: introduce global helper functions for cleanup and scheme detection
Relates to #314 & #326

Additions:
 - add global `cleanup_url()` and `get_url_scheme()` functions

Modifications:
 - replace `Url` usage in `index.php` by calls to global functions
 - fix `Url` tests not being run: PHPUnit expects a single test class per file
   - move classes to separate files
2015-09-08 22:00:37 +02:00
VirtualTam
0a813cfd7c Merge pull request #334 from virtualtam/refactor/http-utils
HTTP: move utils to a proper file, add tests
2015-09-06 20:32:01 +02:00
VirtualTam
451314eb48 HTTP: move utils to a proper file, add tests
Relates to #333

Modifications:
 - move HTTP utils to 'application/HttpUtils.php'
 - simplify logic
   - replace 'http_parse_headers_shaarli' by built-in 'get_headers()'
   - remove superfluous '$status' parameter (provided by the HTTP headers)
 - apply coding conventions
 - add test coverage (unitary only)

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-09-06 19:30:26 +02:00
VirtualTam
f5d6b19b73 Merge pull request #338 from virtualtam/fix/unique-uniqid
Session ID: extend the regex to match possible hash representations
2015-09-06 16:16:53 +02:00
VirtualTam
68bc21353a Session ID: extend the regex to match possible hash representations
Improves #306
Relates to #335 & #336
Duplicated by #339

Issues:
 - PHP regenerates the session ID if it is not compliant
 - the regex checking the session ID does not cover all cases
   - different algorithms: md5, sha1, sha256, etc.
   - bit representations: 4, 5, 6

Fix:
 - `index.php`:
   - remove `uniqid()` usage
   - call `session_regenerate_id()` if an invalid cookie is detected
 - regex: support all possible characters - '[a-zA-Z,-]{2,128}'
 - tests: add coverage for all algorithms & bit representations

See:
 - http://php.net/manual/en/session.configuration.php#ini.session.hash-function
 - https://secure.php.net/manual/en/session.configuration.php#ini.session.hash-bits-per-character
 - http://php.net/manual/en/function.session-id.php
 - http://php.net/manual/en/function.session-regenerate-id.php
 - http://php.net/manual/en/function.hash-algos.php

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-09-06 16:14:24 +02:00
VirtualTam
a02257b8ae Merge pull request #344 from virtualtam/copying
COPYING: update contributor list
2015-09-06 04:07:28 +02:00
VirtualTam
db5453e4b6 COPYING: update contributor list
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-09-06 03:07:25 +02:00
VirtualTam
cd5c102892 Update README.md 2015-09-06 02:22:52 +02:00
VirtualTam
6f2309aa08 Merge pull request #343 from virtualtam/readme
Rewrite README.md
2015-09-06 02:16:39 +02:00
VirtualTam
e9b80e7272 Rewrite README.md
Modifications:
 - group content in sections
 - homogenize formatting
 - replace installation instructions by links to the corresponding wiki pages
 - update badges
   - use http://shields.io/ to generate SVGs with custom labels
   - master branch: update Travis label
   - stable branch: add Travis status
   - GitHub release: display the latest released version

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-09-06 02:04:31 +02:00
VirtualTam
bb91a8c6e8 Merge pull request #340 from virtualtam/doc/update
Doc: sync from Wiki, generate HTML
2015-09-04 21:35:27 +02:00
VirtualTam
f8b936e7e7 Doc: sync from Wiki, generate HTML
Additions:
 - Installation/Download: how to get Shaarli
 - Community software: ShaarliOS app

Modifications:
 - Installation/Server requirements: PHP 5.4 EOL, PHP 7 announcements
 - Installation/Server configuration: improve Nginx security
 - Troubleshooting: PHP sessions on `free.fr`

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-09-04 21:32:25 +02:00
ArthurHoaro
ce8c4a84ba Bump version to v0.5.3
Fixes a bug that could prevent user to login.
2015-09-02 18:06:21 +02:00
Arthur
67ee1435f8 Merge pull request #336 from ArthurHoaro/login-hotfix
Allow uppercase letters in PHP sessionid format
2015-09-02 17:55:11 +02:00
ArthurHoaro
4d30975a06 Allow uppercase letters in PHP sessionid format
Fixes shaarli/Shaarli#335 - Wrong login/password since v0.5.2

Regression introduced in 06b6660a7e
2015-09-02 17:00:38 +02:00
VirtualTam
53cc2b93b8 Bump version to 0.5.2
Minor changes
 - fix Full Path Disclosure upon cookie forgery
 - fix regression preventing to load LinkDB info when adding an existing link
 - also extract HTTPS page metadata (title)
 - add PHP 7 to Travis platforms

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-08-31 20:39:27 +02:00
VirtualTam
6211c498f6 Merge pull request #326 from ArthurHoaro/bug-url
Fixes #325 - Shaarli does not recognize saved links
2015-08-31 20:31:41 +02:00
ArthurHoaro
26c503460c Add HTTPS support for title extracting feature 2015-08-31 12:30:59 +02:00
ArthurHoaro
9e1724f192 Fixes #325 - Shaarli does not recognize saved links
PHP doesn't seem to autoconvert objects to strings when they're use as array indexes.

Fixes regression introduced in d9d776af19
2015-08-31 12:26:38 +02:00
VirtualTam
ce8e248ab0 Merge pull request #306 from ArthurHoaro/fpd
Avoid Full Path Disclosure error on session error.
2015-08-24 21:25:33 +02:00
VirtualTam
b5d96e9b1f Merge pull request #327 from virtualtam/travis/php7
travis: add PHP 7 to the tested environments
2015-08-24 00:30:05 +02:00
ArthurHoaro
06b6660a7e Avoid Full Path Disclosure error on session error.
* Add a function to validate session ID.
  * Generate a new session ID if an invalid token is passed.
2015-08-22 10:10:55 +02:00
VirtualTam
bdf4f78519 travis: add PHP 7 to the tested environments
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-08-22 00:09:46 +02:00