VirtualTam
44acf70681
Refactor login / ban authentication steps
...
Relates to https://github.com/shaarli/Shaarli/issues/324
Added:
- Add the `LoginManager` class to manage logins and bans
Changed:
- Refactor IP ban management
- Simplify logic
- Avoid using globals, inject dependencies
Fixed:
- Use `ban_duration` instead of `ban_after` when setting a new ban
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-02-05 18:12:09 +01:00
ArthurHoaro
a381c373b3
Merge pull request #1074 from kalvn/feature/dailymarkdown
...
Executes daily hooks before creating columns.
2018-02-02 19:23:26 +01:00
ArthurHoaro
bc3ce7ec2a
Merge pull request #1038 from ArthurHoaro/feature/public-only-filter
...
Add a filter to only display public links
2018-02-02 19:22:37 +01:00
kalvn
50142efd1b
Executes daily hooks before creating columns.
2018-02-01 13:16:58 +01:00
ArthurHoaro
b7c412d4d0
Use LC_COLLATE instead of LC_MESSAGES if php-intl is not installed
...
As stated in the docs:
> LC_MESSAGES for system responses (available if PHP was compiled with libintl)
Fixes #1067
2018-01-31 12:39:17 +01:00
ArthurHoaro
d2f6d909e5
Public/private filter: use two separate buttons
...
#1038
2018-01-24 18:46:31 +01:00
ArthurHoaro
d449f79a0d
Merge pull request #977 from ArthurHoaro/feature/dl-filter
...
Extract the title/charset during page download, and check content type
2018-01-23 18:41:38 +01:00
VirtualTam
65c002ca18
Fix XSS vulnerability
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-01-04 15:53:48 +01:00
ArthurHoaro
9d4736a3e9
Add a filter to only display public links
...
When the key filter is clicked once, it only displays private link. When it is clicked on again, it becomes red and only public links are displayed. Another click and all links are displayed. The current visibility status is shown in the search banner
Fixes #1030
2017-12-16 14:32:56 +01:00
ArthurHoaro
fd08b50a80
Don't URL encode description links if parameter 'redirector.encode_url' is set to false
2017-11-07 20:23:58 +01:00
ArthurHoaro
d65342e304
Extract the title/charset during page download, and check content type
...
Use CURLOPT_WRITEFUNCTION to check the response code and content type (only allow HTML).
Also extract the title and charset during downloading chunk of data, and stop it when everything has been extracted.
Closes #579
2017-10-28 14:35:49 +02:00
VirtualTam
fd7d84616d
Move session ID check to SessionManager
...
Relates to https://github.com/shaarli/Shaarli/issues/324
Changed:
- `is_session_id_valid()` -> `SessionManager::checkId()`
- update tests
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2017-10-22 19:54:44 +02:00
VirtualTam
ebd650c06c
Refactor session token management
...
Relates to https://github.com/shaarli/Shaarli/issues/324
Added:
- `SessionManager` class to group session-related features
- unit tests
Changed:
- `getToken()` -> `SessionManager->generateToken()`
- `tokenOk()` -> `SessionManager->checkToken()`
- inject a `$token` parameter to `PageBuilder`'s constructor
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2017-10-22 19:19:46 +02:00
ArthurHoaro
f39580c6fd
Add language selection in the configure page of the default theme
2017-10-22 13:16:53 +02:00
ArthurHoaro
12266213d0
Shaarli's translation
...
* translation system and unit tests
* Translations everywhere
Dont use translation merge
It is not available with PHP builtin gettext, so it would have lead to inconsistency.
2017-10-22 12:55:03 +02:00
ArthurHoaro
be9ddff2fb
Merge pull request #987 from ArthurHoaro/hotfix/security-issue
...
Fix security issue reported by @chb9
2017-10-07 11:33:20 +02:00
ArthurHoaro
d14555a3df
Fix security issue reported by @chbi
...
Vulnerability introduced by 6ccd0b218f
- release with Shaarli v0.9.1.
2017-10-07 11:27:44 +02:00
VirtualTam
c8d96b4729
Merge pull request #979 from ArthurHoaro/feature/assets-cache-version
...
Add a version hash for asset loading to prevent browser's cache issue
2017-10-06 14:32:07 +02:00
Mark Gerarts
722caa2090
Allow setting of a default note title, see #963
2017-10-01 14:19:57 +02:00
ArthurHoaro
b3e1f92e9c
Rename shaarli_version constant to uppercase
2017-10-01 11:11:16 +02:00
Willi Eggeling
27e21231e1
added option to redirect all anonymous users to login page
...
- new setting *force_login* added and documented
- if both, *force_login* and *hide_public_links* are set to true, all requests
(except for the feeds) are redirected to the login page
2017-09-03 11:46:49 +02:00
ArthurHoaro
96a1c79456
Merge pull request #939 from ArthurHoaro/hotfix/firefox-social-title
...
Firefox Social title: Use document.title instead of RainTPL variable
2017-09-02 13:54:38 +02:00
ArthurHoaro
a3130d2c2f
Make work behind a reverse proxy
...
Without HTTP_X_FORWARDED_PORT check, might be set to false even though the user is using HTTPS, thus disabling Firefox Social block display
2017-09-02 13:50:49 +02:00
ArthurHoaro
87d019986e
Merge pull request #950 from thewilli/delete-fix
...
fixed link deletion
2017-09-01 18:25:44 +02:00
ArthurHoaro
c5f5365ae6
Merge pull request #951 from thewilli/fix-daily
...
fixed daily links if there are no links
2017-09-01 18:25:09 +02:00
Willi Eggeling
a74f52a8d2
fixed link deletion
...
When deleting links, the js of the default theme separated ids by an escaped space ('+').
There was a trailing '+' after the ids which led to the php code detecting multiple values
even for single values. In combination with the id '0' this could led to no id found at all
and a resulting php error.
this commit fixes the behavior and adds an additional error handling and trimming to the php code.
2017-08-30 12:54:58 +02:00
Willi Eggeling
5a0045be79
fixed daily links if there are no links
...
- the previous code tried to use links from a previous day if there are no one for the current one
- the new code skips this part if there are no entries (i.e. days) at all
- modified showDaily() to fit PSR-1 and PSR-2
2017-08-30 12:42:58 +02:00
VirtualTam
e4ed3a46b7
Merge pull request #944 from thewilli/configure-rememberme
...
new setting: default value for 'remember me' checkbox
2017-08-27 16:36:53 +02:00
Willi Eggeling
2e07e77573
new setting: default value for 'remember me' checkbox
...
- the default state for the login page's 'remember me' checkbox can now be configured
- adapted the default and vintage theme to consider the new setting
- added documentation for the new setting
2017-08-27 16:03:37 +02:00
VirtualTam
fc27141cf6
Merge pull request #940 from ArthurHoaro/hotfix/empty-urls
...
Generates a permalink URL if the URL is set to blank
2017-08-27 13:15:43 +02:00
VirtualTam
e8cef3ac43
Merge pull request #942 from thewilli/fix-wiki-links
...
migrated Github wiki links to readthedocs
2017-08-27 13:12:58 +02:00
Willi Eggeling
a544b113f2
code clean: cookie expiration
...
- unified code style (spaces around operators)
- prevented expiration time to be calculated twice
- replaced tabs with spaces
2017-08-26 23:51:38 +02:00
Willi Eggeling
94c035ff71
removed doc and code references to magic quotes
...
- removed all references to magic quotes
- magic quotes are not supported on PHP >= 5.4 (https://secure.php.net/manual/en/security.magicquotes.php )
- Shaarli does not support PHP < 5.5
2017-08-26 11:27:18 +02:00
Willi Eggeling
cc8f572bc0
migrated Github wiki links to readthedocs
2017-08-26 09:40:57 +02:00
ArthurHoaro
c27f2f36f2
Generates a permalinks URL if the URL is set to blank
...
Fixes #926
2017-08-25 20:08:07 +02:00
ArthurHoaro
f32ec5fb3c
Sort tag cloud in alphabetical order
...
Fixes #932
2017-08-25 19:25:09 +02:00
ArthurHoaro
c4925c1f66
Fix untagged only button
2017-08-19 17:41:56 +02:00
Lucas Cimon
d1b69e6af1
Adding missing empty() as spotted in #889 code review
2017-08-06 21:26:37 +02:00
ArthurHoaro
1fdb40fc16
Merge pull request #887 from ArthurHoaro/hotfix/dash-tag-rename
...
Make sure that the tag exists before altering/removing it
2017-08-05 09:59:03 +02:00
ArthurHoaro
3b67b22225
Move tag renaming code to LinkDB and unit test it
2017-08-05 09:55:20 +02:00
Lucas Cimon
f210d94f71
Using only one form in linklist.html + adding untaggedonly filter - fix #885
2017-07-30 16:19:34 +02:00
Lucas Cimon
49cc8e5d74
Tagcloud/list improvments
2017-06-09 10:58:12 +02:00
ArthurHoaro
d99aef535f
Refactoring of CHANGETAG part to avoid duplicated code
2017-05-31 18:36:35 +02:00
ArthurHoaro
4c970f099f
Make sure that the tag exists before altering/removing it
...
Fixes #886
2017-05-31 18:24:21 +02:00
ArthurHoaro
5c6fac0bfc
Merge pull request #882 from ArthurHoaro/feature/edit-timestamp
...
Add creation date when editing a link
2017-05-31 17:54:46 +02:00
ArthurHoaro
ac94db1e36
Merge pull request #880 from ArthurHoaro/hotfix/allowed-protocols
...
Add a whitelist of protocols for URLs
2017-05-31 17:52:19 +02:00
ArthurHoaro
807cade64c
Add creation date when editing a link
...
Also, alter the title on edition
Fixes #431
2017-05-31 17:50:11 +02:00
ArthurHoaro
3e395a6bc6
Merge pull request #841 from ArthurHoaro/feature/search-no-tag
...
Empty tag search will look for not tagged links
2017-05-25 15:54:20 +02:00
ArthurHoaro
7d86f40bdb
Empty tag search will look for not tagged links
...
Fixes #784
From now, searching for tags with an empty value will return only not tagged links,
with the search bar showing `x results [not tagged]`.
Note that using the api, the searchtags request parameter must be set to `false` to get the same result.
- [ ] Update API doc
2017-05-25 15:51:12 +02:00
ArthurHoaro
aa4797ba36
Adds a taglist view with edit/delete buttons
...
* The tag list can be sort alphabetically or by most used tag
* Edit/Delete are perform using AJAX, or fallback to 'do=changetag' page
* New features aren't backported to vintage theme
2017-05-25 15:25:04 +02:00
ArthurHoaro
5893529cf4
Move tagcloud template file to tag.cloud
2017-05-25 15:05:24 +02:00
ArthurHoaro
986a521067
Add an endpoint to refresh the token
...
Useful for AJAX requests which burns the token
2017-05-25 15:05:23 +02:00
ArthurHoaro
8b27824338
Merge pull request #819 from ArthurHoaro/feature/multi-delete
...
Bulk deletion
2017-05-25 15:03:32 +02:00
ArthurHoaro
86ceea054f
Add a whitelist of protocols for URLs
...
- for Shaare
- for markdown description links and images
Not whitelisted protocols will be replaced by `http://`
2017-05-25 14:58:34 +02:00
Lucas Cimon
6ccd0b218f
Adding ability to display subtags in tagcloud
2017-05-24 13:09:35 +02:00
ArthurHoaro
033cf2a1e5
PubSubHub: remove dead code
2017-05-09 18:26:34 +02:00
ArthurHoaro
29a837f347
Bulk deletion
...
* Add a checkboxes in linklist which display a sub-header containing action buttons
* Strongly rely on JS
* Requires a modern browser (ES6 syntax support)
* Checkboxes are hidden if the browser is old or JS disabled
2017-05-08 14:27:20 +02:00
ArthurHoaro
73c8962654
Inject tag list everywhere to make autocomplete work on the fixed search bar
2017-05-07 18:21:38 +02:00
ArthurHoaro
b86aeccf6a
Add settings history only when they're updated
2017-05-07 17:11:25 +02:00
ArthurHoaro
813849e521
Add history entries for API endpoint
...
CHANGED: datetime is now store as an object in history store file
2017-05-07 17:11:22 +02:00
ArthurHoaro
61d406933e
API: Get History endpoint
...
See http://shaarli.github.io/api-documentation/#links-history-get
2017-05-07 16:03:40 +02:00
ArthurHoaro
b8fcb7d440
Merge pull request #856 from ArthurHoaro/api/delete-link
...
API: add DELETE endpoint
2017-05-07 16:02:14 +02:00
ArthurHoaro
0843848c1d
API: add DELETE endpoint
...
Based on #840
See http://shaarli.github.io/api-documentation/\#links-link-delete
2017-05-07 15:58:49 +02:00
ArthurHoaro
77de24876f
Merge pull request #840 from ArthurHoaro/api/putLink
...
REST API: implement PUT method
2017-05-07 15:55:38 +02:00
ArthurHoaro
cf9181dddf
REST API: implement PUT method
...
* Related to #609
* Documentation: http://shaarli.github.io/api-documentation/#links-link-put
2017-05-07 15:49:16 +02:00
ArthurHoaro
f9ff7f1b69
Merge pull request #764 from ArthurHoaro/feature/history
...
History mechanism
2017-05-06 17:12:06 +02:00
ArthurHoaro
4c7045229c
Merge pull request #830 from ArthurHoaro/theme/timezone
...
Change timezone data structure send to the templates
2017-04-25 19:09:13 +02:00
ArthurHoaro
6a19124a09
Use raw bytes for upload size hidden input
2017-04-10 20:01:10 +02:00
ArthurHoaro
ae3aa96898
Change timezone data structure send to the templates
...
The goal of this is to be able to adapt the timezone form
in template without hacking the HTML already rendered.
* there are two arrays available:
* `continents` which contains only a list of available continents
* `cities` which contains a list of available timezone cities, associated with their continent
Note: there are two distinct array because RainTPL doesn't support nested loop very well.
2017-04-03 19:24:55 +02:00
ArthurHoaro
84315a3bad
Fix a warning generated in return_bytes function and refactor it
...
It was multiplying a string containing a letter.
Moved function to Utils.php and display a human readable limit size
2017-04-03 18:53:43 +02:00
ArthurHoaro
4b385d6c34
Merge pull request #742 from ArthurHoaro/api/postLink
...
REST API: implement POST link service
2017-04-01 10:02:03 +02:00
ArthurHoaro
e96be632f5
Merge pull request #839 from ArthurHoaro/theme/daily-page-title
...
Display daily date in the page title (browser title)
2017-03-29 18:38:52 +02:00
ArthurHoaro
935222b8b2
Display daily date in the page title (browser title)
...
Fixes #211
Depends on #838
2017-03-28 20:51:11 +02:00
ArthurHoaro
81bd104daa
Theme: use format_date function for daily date
2017-03-28 20:43:30 +02:00
ArthurHoaro
68016e3798
REST API: implement POST link service
2017-03-27 18:44:50 +02:00
philipp-r
0b04f7970c
Tags parameter for redirects #833
2017-03-25 19:41:01 +01:00
ArthurHoaro
bae74cb292
Merge pull request #831 from ArthurHoaro/theme/install-api-enable
...
Add API setting in the new theme during the installation
2017-03-23 18:32:26 +01:00
ArthurHoaro
76be95e199
Add API setting in the new theme during the installation
...
Also use the same variable name across template files
2017-03-22 19:58:22 +01:00
ArthurHoaro
b712ab0ac4
Fixes a bug preventing to edit link with ID 0
...
Fixes #814
2017-03-22 19:08:17 +01:00
ArthurHoaro
4306b184c4
History mechanism
...
Use case: rest API service
* saved by default in data/history
* same format as datastore.php
* traced events:
* save/edit/delete link
* change settings or plugins settings
* rename tag
2017-03-21 20:29:20 +01:00
ArthurHoaro
b786c8836f
Set Shaarli's version only in shaarli_version.php file
2017-03-21 20:08:40 +01:00
ArthurHoaro
b897c81f8c
Use 'dev' version on the master branch
...
Allowed check branches are now `latest` and `stable`.
2017-03-12 15:05:59 +01:00
ArthurHoaro
48417aed1d
Link imports are now logged in data/
folder, and can be debug using dev.debug=true
setting
...
related to #741 and #681
2017-03-10 18:46:53 +01:00
ArthurHoaro
e6cd773f5a
Fix blocking namespace issue
2017-03-08 20:00:21 +01:00
ArthurHoaro
7c26f6626a
Display private only filter as search parameter
2017-03-08 19:57:15 +01:00
VirtualTam
3c66e56435
application: introduce the Shaarli\Config namespace
...
Namespaces have been introduced with the REST API, and should be generalized
to the whole codebase to manage object scope and benefit from autoloading.
See:
- https://secure.php.net/manual/en/language.namespaces.php
- http://www.php-fig.org/psr/psr-4/
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2017-03-04 17:07:52 +01:00
ArthurHoaro
16e3d006e9
REST API: implements getLink by ID service
...
See http://shaarli.github.io/api-documentation/#links-link-get
2017-02-19 16:45:59 +01:00
ArthurHoaro
03cadbe220
Bump version to v0.8.3
...
Signed-off-by: ArthurHoaro <arthur@hoa.ro>
2017-01-20 16:58:47 +01:00
ArthurHoaro
89dcbe5277
Merge pull request #768 from ArthurHoaro/feature/get-public-links
...
Update LinkFilter to be able to filter only public links
2017-01-17 09:55:25 +01:00
ArthurHoaro
679b6b40db
Merge pull request #767 from ArthurHoaro/feature/delete-tag-redirect
...
Stay on the changetag page after tag deletion
2017-01-17 09:54:25 +01:00
ArthurHoaro
7f96d9ec21
Update LinkFilter to be able to filter only public links
...
No update regarding the UI or the API for now
Fixes #758
2017-01-16 13:57:11 +01:00
ArthurHoaro
b87442f216
Stay on the changetag page after tag deletion
...
+ fix changetag CSS alignement
relates to #756
2017-01-16 13:16:03 +01:00
ArthurHoaro
95e5add4be
Fix redirection after link deletion
...
relates to #756
2017-01-16 13:07:53 +01:00
ArthurHoaro
ae7f6b9d09
Bump version to v0.8.2
2017-01-16 12:53:08 +01:00
ArthurHoaro
4d9fd16ddf
Merge pull request #761 from ArthurHoaro/hotfix/referrer-warning
...
Prevent warning if HTTP_REFERER isn't set
2017-01-16 12:40:00 +01:00
ArthurHoaro
d7d240f136
Merge pull request #759 from ArthurHoaro/hotfix/dup-tags
...
Prevent tag duplicate when renaming
2017-01-16 12:39:01 +01:00
VirtualTam
3947bbb043
Bump expected minimal PHP version to 5.5
...
Relates to https://github.com/shaarli/Shaarli/issues/599
Relates to db6b09b69ee265a7d775924fcff9c61aaaabf1cb
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2017-01-16 11:35:46 +01:00
ArthurHoaro
8bbf02e0db
Prevent warning if HTTP_REFERER isn't set
...
Fixes #723
2017-01-15 17:58:19 +01:00
ArthurHoaro
d6327389fc
Prevent tag duplicate when renaming
...
Fixes #757
2017-01-15 17:46:24 +01:00
ArthurHoaro
9977c418d6
Merge pull request #727 from ArthurHoaro/api/getlinks
...
REST API: implement getLinks service
2017-01-15 16:49:50 +01:00
ArthurHoaro
c3b00963fe
REST API: implement getLinks service
...
See http://shaarli.github.io/api-documentation/#links-links-collection-get
2017-01-15 13:55:22 +01:00
VirtualTam
ee6f4b64a9
Cleanup: use safe boolean comparisons
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2017-01-07 14:37:40 +01:00
Arthur
7418f7cb60
Merge pull request #732 from ArthurHoaro/feature/theme-manager
...
Theme manager: improvements
2017-01-06 11:40:54 +01:00
VirtualTam
724f1e3229
Cleanup: remove unused variables
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2017-01-05 19:51:50 +01:00
ArthurHoaro
a0df06517b
Minor improvements regarding #705 (coding style, unit tests, etc.)
2017-01-05 16:16:23 +01:00
adc4aee80f
Change templates set through administration UI
2017-01-05 12:04:02 +01:00
Arthur
fc11ab2f29
Merge pull request #682 from ArthurHoaro/delete-button
...
Bugfixes on link deletion, and use a GET form
2017-01-04 16:35:29 +01:00
VirtualTam
67a1d5d823
Merge pull request #731 from virtualtam/fix/api/namespaces
...
API: fix Slim namespaces
2017-01-03 16:21:18 +01:00
ArthurHoaro
e3a430babb
Fix fatal error during the install
2017-01-03 14:25:04 +01:00
ArthurHoaro
b3051a6aae
Fixes presence of empty tags for private tags and in search results
...
* Private tags: make sure empty tags are properly filtered
* Search results:
* Use preg_split instead of function combination
* Add normalize_spaces to remove extra whitespaces displaying empty tags search
2017-01-03 09:47:15 +01:00
VirtualTam
465b1c4090
API: fix Slim namespaces
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2017-01-02 18:37:08 +01:00
ArthurHoaro
db90dfcbbc
Move PubSubHubbub code as a default plugin
2016-12-20 11:41:24 +01:00
Arthur
80677a23e2
Merge pull request #666 from ArthurHoaro/slim-api
...
REST API structure using Slim framework
2016-12-20 11:30:05 +01:00
ArthurHoaro
f4ebd5fed2
Bugfixes on link deletion, and use a GET form
...
Use a GET form to delete links: harmonize with edit_link and preparation for #585
Bug fixes:
* LinkDB element can't be passed as reference, fix error:
PHP Notice: Indirect modification of overloaded element of LinkDB has no effect
* Resource cache folder setting wasn't set correctly
2016-12-16 12:42:13 +01:00
ArthurHoaro
826c6af7c0
Fix a regression: permalinks change when old links are edited
...
fixes #713
2016-12-15 11:18:56 +01:00
ArthurHoaro
18e6796726
REST API structure using Slim framework
...
* REST API routes are handle by Slim.
* Every API controller go through ApiMiddleware which handles security.
* First service implemented `/info`, for tests purpose.
2016-12-15 10:36:00 +01:00
ArthurHoaro
cbfdcff261
Prepare settings for the API in the admin page and during the install
...
API settings:
- api.enabled
- api.secret
The API settings will be initialized (and the secret generated) with an update method.
2016-12-12 03:54:10 +01:00
ArthurHoaro
3cc8c89830
Bump version to v0.8.1
...
Signed-off-by: ArthurHoaro <arthur@hoa.ro>
2016-12-12 03:38:12 +01:00
ArthurHoaro
d592daea83
Add a persistent 'shorturl' key to all links
...
All existing link will keep their permalinks.
New links will have smallhash generated with date+id.
The purpose of this is to avoid collision between links due to their creation date.
2016-12-12 03:03:12 +01:00
ArthurHoaro
01878a75b9
Apply the new ID system accros the whole codebase
2016-12-12 03:03:12 +01:00
Teromene
caa382dd55
Disable Firefox Social in the tools section if the page is not loaded using HTTPS, as Firefox will deny the request.
2016-11-29 11:06:31 +00:00
VirtualTam
f21abf3292
LinkDB: update datastore method names
...
Relates to https://github.com/shaarli/Shaarli/issues/95
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2016-10-20 21:33:40 +02:00
ArthurHoaro
7af9a41881
Minor code cleanup: PHPDoc, spelling, unused variables, etc.
2016-10-20 11:36:11 +02:00
ArthurHoaro
7fde6de121
New init function for plugins, supports errors reporting
...
All plugins can optionally add an init function named `pluginname_init()` which is called when the plugin is loaded.
This function is aware of the config, and can return initialization errors, which are displayed in the header template.
Note that the previous error system hack no longer work.
2016-10-14 13:22:58 +02:00
Arthur
0354257266
Merge pull request #622 from ArthurHoaro/update-date
...
Save link update dates and render it in templates and feeds
2016-10-12 14:51:37 +02:00
Arthur
adcdac1dec
Merge pull request #623 from ArthurHoaro/security/reverse-proxy-ban
...
Add trusted IPs in config and try to ban forwarded IP on failed login
2016-10-12 14:48:57 +02:00
ArthurHoaro
fdf88d1948
Bump version to v0.8.0
...
Signed-off-by: ArthurHoaro <arthur@hoa.ro>
2016-10-12 12:36:59 +02:00
VirtualTam
5283175367
composer: display an error message if the autoload script is missing
...
Closes https://github.com/shaarli/Shaarli/issues/645
Relates to https://github.com/shaarli/Shaarli/issues/607
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2016-09-05 00:04:57 +02:00
VirtualTam
a973afeac7
Refactor bookmark import using a generic Netscape parser
...
Relates to #607
Relates to #608
Relates to #493 (abandoned)
Additions:
- use Composer's autoload to load 3rd-party dependencies under vendor/
Modifications:
- [import] replace the current parser with a generic, stable parser
- move code to application/NetscapeBookmarkUtils
- improve status report after parsing
- [router] use the same endpoint for both bookmark upload and import dialog
- [template] update bookmark import options
- allow adding tags to all imported links
- allow selecting the visibility (privacy) of imported links
- [tests] ensure bookmarks are properly parsed and imported in the LinkDB
- reuse reference input from the parser's test data
See:
- https://github.com/shaarli/netscape-bookmark-parser
- https://getcomposer.org/doc/01-basic-usage.md#autoloading
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2016-08-10 01:42:44 +02:00
ArthurHoaro
cdbc818037
Bugfix: wrong key used to get default private links setting
2016-08-07 12:15:08 +02:00
ArthurHoaro
edf3ff5a53
Initialize a translation function
...
It matches the API of ngettext().
2016-08-07 11:54:39 +02:00
ArthurHoaro
fd5ac47ea2
Generate a token for every pages
2016-08-06 14:09:26 +02:00
ArthurHoaro
50d1791838
Add trusted IPs in config and try to ban forwarded IP on failed login
...
* Add a new settings (which needs to be manually set): `security.trusted_proxies`
* On login failure, if the `REMOTE_ADDR` is in the trusted proxies, try to retrieve the forwarded IP in headers.
* If found, the client address is added in ipbans, else we do nothing.
Fixes #409
2016-08-03 10:36:47 +02:00
ArthurHoaro
9646b7da22
Save the update date in LinkDB and pass it to linklist templates
...
It can be used as a timestamp by templates under the key 'updated_timestamp'.
2016-08-03 09:44:04 +02:00
Arthur
a4cd07eee2
Merge pull request #604 from ArthurHoaro/no-delicious
...
Remove Delicious in project description in comments
2016-07-23 14:16:59 +02:00
ArthurHoaro
2d97aa7781
Remove Delicious in project description in comments
2016-07-23 14:13:56 +02:00
Arthur
8562009682
Merge pull request #601 from ArthurHoaro/hotfix/title-missing
...
Fixes #600 - Shaarli's title is not set with the new config manager
2016-07-23 10:31:33 +02:00
ArthurHoaro
97ef33bb72
Fixes #600 - Shaarli's title is not set with the new config manager
...
- Fixed title config key
- Page title (in head tag) is no longer set through the config manager
2016-07-19 18:03:09 +02:00
ArthurHoaro
2e193ad387
Fix variable in configure.php
2016-07-10 10:42:21 +02:00
ArthurHoaro
894a3c4bf3
Rename configuration key for better sections
2016-06-11 09:30:56 +02:00
ArthurHoaro
278d9ee283
ConfigManager no longer uses singleton pattern
2016-06-11 09:30:56 +02:00
ArthurHoaro
7f179985b4
Remove remaining settings initialization in index.php
...
Except for those which require external data (timezone and $_SERVER).
2016-06-11 09:30:56 +02:00
ArthurHoaro
da10377b3c
Rename configuration keys and fix GLOBALS in templates
2016-06-11 09:30:56 +02:00
ArthurHoaro
d93d51b213
Set the default timezone in index.php
2016-06-11 09:30:56 +02:00
ArthurHoaro
684e662a58
Replace $GLOBALS configuration with the configuration manager in the whole code base
2016-06-11 09:30:56 +02:00
ArthurHoaro
c01bd08eaf
Version bump: v0.7.0
...
Signed-off-by: ArthurHoaro <arthur@hoa.ro>
2016-05-14 11:36:47 +02:00
Arthur
3fdcc7bd47
Merge pull request #560 from ArthurHoaro/nb-private-shaare
...
Private links counter in the header
2016-05-14 11:11:11 +02:00
Arthur
52ccf0d7ee
Merge pull request #556 from ArthurHoaro/login-refill
...
Prefill the login field when the authentication has failed
2016-05-14 11:09:39 +02:00
Arthur
765391cb37
Merge pull request #559 from ArthurHoaro/startsEndWithCase
...
Fix startsWith and endsWith case
2016-05-14 11:09:03 +02:00
ArthurHoaro
141a86c503
Add private link counter
2016-05-13 08:48:23 +02:00