aboutsummaryrefslogtreecommitdiffhomepage
Commit message (Collapse)AuthorAgeFilesLines
* Merge remote-tracking branch 'upstream/master'Mark Schmitz2018-06-0759-1610/+4212
|\
| * Merge pull request #1143 from ArthurHoaro/sort-equal-tagsArthurHoaro2018-06-042-8/+121
| |\ | | | | | | Fix order of tags with the same number of occurrences
| | * Tag sort - UT + comment + fix filter and visibilityArthurHoaro2018-05-292-7/+118
| | | | | | | | | | | | Before this, linksCountPerTag call without would have ignored visibility parameter
| | * Fix order of tags with the same number of occurrencesArthurHoaro2018-05-191-2/+4
| | | | | | | | | | | | Fixes #1142
| * | Merge pull request #1086 from virtualtam/refactor/loginVirtualTam2018-06-0323-563/+1116
| |\ \ | | | | | | | | Refactor user login and session management
| | * | SessionManager+LoginManager: fix checkLoginState logicVirtualTam2018-06-023-7/+15
| | | | | | | | | | | | | | | | Signed-off-by: VirtualTam <virtualtam@flibidi.net>
| | * | Add test coverage for LoginManager methodsVirtualTam2018-06-024-11/+161
| | | | | | | | | | | | | | | | Signed-off-by: VirtualTam <virtualtam@flibidi.net>
| | * | SessionManager: remove unused UID tokenVirtualTam2018-06-022-19/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There already are dedicated tokens for: - CSRF protection - user stay-signed-in feature, via cookie This token was most likely intended as a randomly generated, server-side, secret key to be used when generating hashes. See http://sebsauvage.net/wiki/doku.php?id=php:session [FR] Relevant section: Une clé secrète unique aléatoire est générée côté serveur (et jamais envoyée). Elle peut servir pour signer les formulaires (HMAC) ou générer des token de formulaires (protection contre XSRF). Voir $_SESSION['uid']. Translation: A unique, server-side secret key is randomly generated (and never transmitted). It can be used to sign forms (HMAC) or generate form tokens (protection against XSRF). See $_SESSION['uid'] Signed-off-by: VirtualTam <virtualtam@flibidi.net>
| | * | Refactor LoginManager stay-signed-in token managementVirtualTam2018-06-024-14/+69
| | | | | | | | | | | | | | | | Signed-off-by: VirtualTam <virtualtam@flibidi.net>
| | * | Refactor session and cookie timeout controlVirtualTam2018-06-024-57/+224
| | | | | | | | | | | | | | | | Signed-off-by: VirtualTam <virtualtam@flibidi.net>
| | * | Move LoginManager and SessionManager to the Security namespaceVirtualTam2018-06-026-7/+8
| | | | | | | | | | | | | | | | Signed-off-by: VirtualTam <virtualtam@flibidi.net>
| | * | LoginManager: remove unused parameterVirtualTam2018-06-022-3/+2
| | | | | | | | | | | | | | | | Signed-off-by: VirtualTam <virtualtam@flibidi.net>
| | * | Login: update PageBuilder and default/vintage templatesVirtualTam2018-06-0212-30/+38
| | | | | | | | | | | | | | | | Signed-off-by: VirtualTam <virtualtam@flibidi.net>
| | * | Pass the client IP ID to LoginManagerVirtualTam2018-06-022-17/+16
| | | | | | | | | | | | | | | | Signed-off-by: VirtualTam <virtualtam@flibidi.net>
| | * | Delegate session operations to SessionManagerVirtualTam2018-06-022-24/+69
| | | | | | | | | | | | | | | | Signed-off-by: VirtualTam <virtualtam@flibidi.net>
| | * | Document LoginManager propertiesVirtualTam2018-05-291-0/+11
| | | | | | | | | | | | | | | | Signed-off-by: VirtualTam <virtualtam@flibidi.net>
| | * | Refactor user credential validation at login timeVirtualTam2018-05-293-111/+146
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changed: - move login/password verification to LoginManager - code cleanup Signed-off-by: VirtualTam <virtualtam@flibidi.net>
| | * | Refactor PHP session handling during login/logoutVirtualTam2018-05-292-36/+53
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changed: - move $_SESSION handling to SessionManager - code cleanup Signed-off-by: VirtualTam <virtualtam@flibidi.net>
| | * | Refactor SessionManager::$INACTIVITY_TIMEOUTVirtualTam2018-05-292-24/+28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changed: - move INACTIVITY_TIMEOUT to SessionManager - inject a dependency to a SessionManager instance in: - fillSessionInfo() - setup_login_state() - check_auth() - cleanup related code and comments Signed-off-by: VirtualTam <virtualtam@flibidi.net>
| | * | Refactor client session hijacking protectionVirtualTam2018-05-293-13/+86
| |/ / | | | | | | | | | Signed-off-by: VirtualTam <virtualtam@flibidi.net>
| * | Merge pull request #1135 from ArthurHoaro/ci/csslintArthurHoaro2018-05-2920-958/+1444
| |\ \ | | | | | | | | Reformat SCSS to SASS format and run SASSLint in CI
| | * | Add SASSLint makefile target, and run it in CIArthurHoaro2018-05-108-14/+312
| | | | | | | | | | | | | | | | Also move ESLint and SASSLint config files to a dedicated .dev folder
| | * | Add classes to default template to avoid using IDs in SCSSArthurHoaro2018-05-1011-15/+15
| | | |
| | * | Reformat default theme SCSS to match SASS rulesArthurHoaro2018-05-101-929/+1117
| | | |
| * | | Merge pull request #1140 from ArthurHoaro/hotfix/markdown-rss-permalinkArthurHoaro2018-05-292-0/+63
| |\ \ \ | | |_|/ | |/| | Fix feed permalink rendering with markdown escape set to true
| | * | Fix feed permalink rendering with markdown escape set to trueArthurHoaro2018-05-192-0/+63
| |/ / | | | | | | | | | Fixes #1134
| * | Merge pull request #1138 from ArthurHoaro/stakaliArthurHoaro2018-05-172-3/+11
| |\ \ | | |/ | |/| Adds Stakali Android app to 3rd party lists
| | * Adds Stakali Android app to 3rd party listsArthurHoaro2018-05-132-3/+11
| |/
| * Merge pull request #1116 from ArthurHoaro/ci/eslintArthurHoaro2018-05-062-11/+32
| |\ | | | | | | Use Travis stages to run JS tests separately
| | * Use Travis stages to run JS tests separatelyArthurHoaro2018-05-052-11/+32
| |/
| * Merge pull request #1133 from ArthurHoaro/hotfix/title-dlArthurHoaro2018-05-022-5/+14
| |\ | | | | | | Title retrieval fixes
| | * Support redirection in cURL download callbackArthurHoaro2018-05-011-4/+13
| | |
| | * Fix parameter order which was preventing max_dl parameter to work properlyArthurHoaro2018-05-011-1/+1
| |/
| * Merge pull request #1081 from nodiscc/doc-merge-sharingnodiscc2018-04-1812-63/+98
| |\ | | | | | | doc: merge all sharing methods under a single "Sharing content" page
| | * remove duplicate translationnodiscc2018-04-141-6/+0
| | |
| | * doc: sharing: add link to REST API documentationnodiscc2018-04-141-1/+1
| | |
| | * doc: optimize PNGs with pngcrushnodiscc2018-04-146-0/+0
| | | | | | | | | | | | 164k -> 156k
| | * doc: add edit_icon.png to git repositorynodiscc2018-04-142-1/+1
| | | | | | | | | | | | optimize icon with optipng/pngcrush (3.30%)
| | * update PO strings for Edit/New Shaarenodiscc2018-04-141-3/+14
| | | | | | | | | | | | update french translation
| | * default/editlink.tpl: title: Shaare -> New Shaarenodiscc2018-04-141-2/+1
| | |
| | * doc: merge all sharing methods under a single "Sharing content" pagenodiscc2018-04-145-58/+89
| | | | | | | | | | | | | | | | | | | | | | | | | | | * formatting, wording, reordering, general improvements * move blog/pastebin/notepad item from index.md to this page * add TODOs * add the new page to mkdocs TOC Part of https://github.com/shaarli/Shaarli/issues/598
| * | German language created (#1114)Buster One2018-04-152-0/+1314
| |/ | | | | | | | | | | | | | | | | | | | | | | * Added german language selection * German language file created * typo * extra space removed and typo corrected * lines 1314 through 1408 removed as suggested
| * Merge pull request #1126 from kramred/masterArthurHoaro2018-04-142-4/+4
| |\ | | | | | | load user css at last, after plugin css to enable changing plugin styles
* | | also for new default tpl add meta tag to block sending the referrer vintage ↵Mark Schmitz2018-06-072-0/+6
| |/ |/| | | | | -> #692
* | add loading user css at last to vintage tplMark Schmitz2018-04-131-1/+1
| |
* | load user css at last, after plugin css to enable changing plugin stylesMark Schmitz2018-04-131-3/+3
|/
* Merge pull request #1121 from virtualtam/node/packaging-metadataVirtualTam2018-04-0812-22/+28
|\ | | | | Update frontend metadata and COPYING
| * Cleanup unused asset resourcesVirtualTam2018-04-055-0/+0
| | | | | | | | Signed-off-by: VirtualTam <virtualtam@flibidi.net>
| * Update documentation and Doxygen icon locationVirtualTam2018-04-054-3/+3
| | | | | | | | Signed-off-by: VirtualTam <virtualtam@flibidi.net>
| * Update COPYINGVirtualTam2018-04-052-19/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | Relates to https://github.com/shaarli/Shaarli/pull/1072 Changed: - update paths to resource files (assets, images) Removed: - references to resources now resolved through NPM - licenses corresponding to the aforementioned resources Signed-off-by: VirtualTam <virtualtam@flibidi.net>