| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Relates to #333
Modifications:
- move HTTP utils to 'application/HttpUtils.php'
- simplify logic
- replace 'http_parse_headers_shaarli' by built-in 'get_headers()'
- remove superfluous '$status' parameter (provided by the HTTP headers)
- apply coding conventions
- add test coverage (unitary only)
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|\
| |
| | |
Session ID: extend the regex to match possible hash representations
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Improves #306
Relates to #335 & #336
Duplicated by #339
Issues:
- PHP regenerates the session ID if it is not compliant
- the regex checking the session ID does not cover all cases
- different algorithms: md5, sha1, sha256, etc.
- bit representations: 4, 5, 6
Fix:
- `index.php`:
- remove `uniqid()` usage
- call `session_regenerate_id()` if an invalid cookie is detected
- regex: support all possible characters - '[a-zA-Z,-]{2,128}'
- tests: add coverage for all algorithms & bit representations
See:
- http://php.net/manual/en/session.configuration.php#ini.session.hash-function
- https://secure.php.net/manual/en/session.configuration.php#ini.session.hash-bits-per-character
- http://php.net/manual/en/function.session-id.php
- http://php.net/manual/en/function.session-regenerate-id.php
- http://php.net/manual/en/function.hash-algos.php
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|\
| |
| | |
COPYING: update contributor list
|
|/
|
|
| |
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
| |
|
|\
| |
| | |
Rewrite README.md
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
| |
Modifications:
- group content in sections
- homogenize formatting
- replace installation instructions by links to the corresponding wiki pages
- update badges
- use http://shields.io/ to generate SVGs with custom labels
- master branch: update Travis label
- stable branch: add Travis status
- GitHub release: display the latest released version
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|\
| |
| | |
Doc: sync from Wiki, generate HTML
|
|/
|
|
|
|
|
|
|
|
|
|
|
| |
Additions:
- Installation/Download: how to get Shaarli
- Community software: ShaarliOS app
Modifications:
- Installation/Server requirements: PHP 5.4 EOL, PHP 7 announcements
- Installation/Server configuration: improve Nginx security
- Troubleshooting: PHP sessions on `free.fr`
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|
|
|
| |
Fixes a bug that could prevent user to login.
|
|\
| |
| | |
Allow uppercase letters in PHP sessionid format
|
|/
|
|
|
|
| |
Fixes shaarli/Shaarli#335 - Wrong login/password since v0.5.2
Regression introduced in 06b6660a7e8891c6e1c47815cf50ee5b2ef5f270
|
|
|
|
|
|
|
|
|
|
| |
Minor changes
- fix Full Path Disclosure upon cookie forgery
- fix regression preventing to load LinkDB info when adding an existing link
- also extract HTTPS page metadata (title)
- add PHP 7 to Travis platforms
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|\
| |
| | |
Fixes #325 - Shaarli does not recognize saved links
|
| | |
|
| |
| |
| |
| |
| |
| | |
PHP doesn't seem to autoconvert objects to strings when they're use as array indexes.
Fixes regression introduced in d9d776af19fd0a191f82525991dafbb56e1bcfcb
|
|\ \
| | |
| | | |
Avoid Full Path Disclosure error on session error.
|
| |/
| |
| |
| |
| | |
* Add a function to validate session ID.
* Generate a new session ID if an invalid token is passed.
|
|\ \
| |/
|/| |
travis: add PHP 7 to the tested environments
|
|/
|
|
| |
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Minor changes
- fix 404 after editing a link while being logged out
- update local documentation
- improve timezone detection at installation
- improve feed cache handling
- improve URL cleanup for new links
- add a link to the shaarli/shaarli DockerHub repository
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|
|
|
| |
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|\
| |
| | |
clean utm_term url parameter
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Relates to #141
Relates to #133
Modifications
- move URL cleanup to `application/Url.php`
- rework the cleanup function
- fragments: `#stuff`
- GET parameters: `?var1=val1&var2=val2`
- add documentation (APIs the params belong to)
- add test coverage
Reference
- http://php.net/parse_url
- http://php.net/manual/en/language.oop5.magic.php#language.oop5.magic.tostring
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|/
|
| |
See [docker-shaarli](https://github.com/shaarli/docker-shaarli) for Dockerfiles and documentation
|
|\
| |
| | |
CachedPage: move to a proper file, add tests
|
| |
| |
| |
| | |
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|/
|
|
|
|
|
|
|
|
|
|
| |
Modifications
- rename `pageCache` to `CachedPage`
- move utilities to `Cache`
- do not access globals
- apply coding rules
- update LinkDB and test code
- add test coverage
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|\
| |
| | |
Fixes #299: prevent 404 on '?edit_link' while logged out
|
|/
|
|
|
| |
- add a use case for edit_link in logged out part.
- *really* prevent loops on login screen.
|
|\
| |
| | |
Installation: default to the server's timezone
|
|/
|
|
|
|
|
|
|
|
|
|
|
| |
Modifications
- attempt to use the server's timezone
- if none is set, use UTC
- TimeZone: apply coding conventions
- variable naming
- no closing PHP tag
Relates to #274
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|\
| |
| | |
Doc: sync from Wiki, generate HTML
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Closes #291
Fixes #227
Modifications
- HTML content: match the new Wiki structure
- Makefile
- generate a custom HTML sidebar
- include the sidebar on all pages
- infer and prepend page titles
- handle relative links
- add title metadata, e.g. Shaarli - <Page Name>
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|\
| |
| | |
Add a generic rule to run PHPCS against different coding standards
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Relates to #95
Usage
- list available standards
$ ./vendor/bin/phpcs -i
- run PHPCS against a given standard
$ make PHPCS_<standard>
Examples
$ make PHPCS_PSR1
$ make PHPCS_Zend
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|\ \
| | |
| | | |
Bump version to 0.5.0
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Major changes
- fix locale handling
- fix note URLs
- fix page redirections
- fix daily RSS browsing
- fix title display
- fix links not being hidden when `HIDE_PUBLIC_LINKS` is set
- restore compatibility with PHP 5.3
- remove duplicate tags in links
- remove annoying URL patterns
- add Firefox Social API
- Search/Filter by tag fieds can now be accessed quickly with the `Tab` key
- update documentation
- start code refactoring
- move all settings to `data/config.php`
- refactor Config, LinkDB, TimeZone, Utils
- add unit test coverage
- add Travis integration
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
| |
| |
| |
| | |
Fixes #297
|
|\ \
| | |
| | | |
[fix] #293 - Black thumbnails on picture wall after upgrade
|
| | |
| | |
| | | |
Black thumbnails on picture wall after upgrade #293
|
|\ \ \
| |/ /
|/| | |
Makefile: do not call `clean` before `test`
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Fixes #288
Modifications:
- call `make clean` explicitely to clean the workspace
- add `make clean` to Travis instructions
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|\ \
| | |
| | | |
Travis: use the container-based infrastructure
|
|/ /
| |
| |
| |
| |
| | |
See http://docs.travis-ci.com/user/migrating-from-legacy/
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|\ \
| |/
|/| |
PHP: ensure 5.3 compatibility
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Relates to #250
Modifications
- supported version
- bump required version from 5.1.0 to 5.3.x
- update README
- add PHP 5.3 to Travis environments
- rewrite array declarations: explicitely use array() instead of []
- move checkPHPVersion to application/Utils.php
- move timezone functions to application/TimeZone.php
- cleanup code
- improve test coverage
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|\
| |
| | |
Prevent redirection loop everytime we rely on HTTP_REFERER
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* search tag
* delete tag
* pagination
* display privates only
* delete link
* new/edit/cancel link return page
Move location generation to Utils.php + unit tests.
Fixes #256
ninja
|