| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes:
- PHP session IDs: handle hash algorithms and bits per char representations
Minor changes:
- HTTPS: support being served behing an SSL-enabled proxy
- HTTP/Server utilities: refactor & add test coverage
Project & documentation:
- improve/rewrite `README.md`
- update contributor list
- update `index.php` header
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
| |
|
|
| |
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
| |\
| |
| | |
HTTP: move server URL functions to `HttpUtils.php`
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Relates to #333
Modifications:
- refactor server URL utility functions
- do not access global `$_SERVER` variables
- add test coverage
- improve readability
- apply coding conventions
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
| |/
|
|
|
|
|
|
|
|
|
|
| |
Duplicates #332
See:
- RFC 7239 - Forwarded HTTP Extension
http://www.ietf.org/rfc/rfc7239.txt
- RFC 6238 - Deprecating the "X-" Prefix and Similar Constructs in Application Protocols
http://www.ietf.org/rfc/rfc6648.txt
- StackOverflow - Custom HTTP headers: naming conventions
http://stackoverflow.com/a/3561399
|
| |\
| |
| | |
#325 small enhancement to fix the GetLinkFromUrl method
|
| |/
|
|
|
|
|
|
|
|
|
|
| |
Relates to #314 & #326
Additions:
- add global `cleanup_url()` and `get_url_scheme()` functions
Modifications:
- replace `Url` usage in `index.php` by calls to global functions
- fix `Url` tests not being run: PHPUnit expects a single test class per file
- move classes to separate files
|
| |\
| |
| | |
HTTP: move utils to a proper file, add tests
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
| |
Relates to #333
Modifications:
- move HTTP utils to 'application/HttpUtils.php'
- simplify logic
- replace 'http_parse_headers_shaarli' by built-in 'get_headers()'
- remove superfluous '$status' parameter (provided by the HTTP headers)
- apply coding conventions
- add test coverage (unitary only)
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
| |\
| |
| | |
Session ID: extend the regex to match possible hash representations
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Improves #306
Relates to #335 & #336
Duplicated by #339
Issues:
- PHP regenerates the session ID if it is not compliant
- the regex checking the session ID does not cover all cases
- different algorithms: md5, sha1, sha256, etc.
- bit representations: 4, 5, 6
Fix:
- `index.php`:
- remove `uniqid()` usage
- call `session_regenerate_id()` if an invalid cookie is detected
- regex: support all possible characters - '[a-zA-Z,-]{2,128}'
- tests: add coverage for all algorithms & bit representations
See:
- http://php.net/manual/en/session.configuration.php#ini.session.hash-function
- https://secure.php.net/manual/en/session.configuration.php#ini.session.hash-bits-per-character
- http://php.net/manual/en/function.session-id.php
- http://php.net/manual/en/function.session-regenerate-id.php
- http://php.net/manual/en/function.hash-algos.php
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
| |\
| |
| | |
COPYING: update contributor list
|
| |/
|
|
| |
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
| | |
|
| |\
| |
| | |
Rewrite README.md
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
| |
Modifications:
- group content in sections
- homogenize formatting
- replace installation instructions by links to the corresponding wiki pages
- update badges
- use http://shields.io/ to generate SVGs with custom labels
- master branch: update Travis label
- stable branch: add Travis status
- GitHub release: display the latest released version
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
| |\
| |
| | |
Doc: sync from Wiki, generate HTML
|
| |/
|
|
|
|
|
|
|
|
|
|
|
| |
Additions:
- Installation/Download: how to get Shaarli
- Community software: ShaarliOS app
Modifications:
- Installation/Server requirements: PHP 5.4 EOL, PHP 7 announcements
- Installation/Server configuration: improve Nginx security
- Troubleshooting: PHP sessions on `free.fr`
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
| |
|
|
| |
Fixes a bug that could prevent user to login.
|
| |\
| |
| | |
Allow uppercase letters in PHP sessionid format
|
| |/
|
|
|
|
| |
Fixes shaarli/Shaarli#335 - Wrong login/password since v0.5.2
Regression introduced in 06b6660a7e8891c6e1c47815cf50ee5b2ef5f270
|
| |
|
|
|
|
|
|
|
|
| |
Minor changes
- fix Full Path Disclosure upon cookie forgery
- fix regression preventing to load LinkDB info when adding an existing link
- also extract HTTPS page metadata (title)
- add PHP 7 to Travis platforms
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
| |\
| |
| | |
Fixes #325 - Shaarli does not recognize saved links
|
| | | |
|
| | |
| |
| |
| |
| |
| | |
PHP doesn't seem to autoconvert objects to strings when they're use as array indexes.
Fixes regression introduced in d9d776af19fd0a191f82525991dafbb56e1bcfcb
|
| |\ \
| | |
| | | |
Avoid Full Path Disclosure error on session error.
|
| | |/
| |
| |
| |
| | |
* Add a function to validate session ID.
* Generate a new session ID if an invalid token is passed.
|
| |\ \
| |/
|/| |
travis: add PHP 7 to the tested environments
|
| |/
|
|
| |
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Minor changes
- fix 404 after editing a link while being logged out
- update local documentation
- improve timezone detection at installation
- improve feed cache handling
- improve URL cleanup for new links
- add a link to the shaarli/shaarli DockerHub repository
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
| |
|
|
| |
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
| |\
| |
| | |
clean utm_term url parameter
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Relates to #141
Relates to #133
Modifications
- move URL cleanup to `application/Url.php`
- rework the cleanup function
- fragments: `#stuff`
- GET parameters: `?var1=val1&var2=val2`
- add documentation (APIs the params belong to)
- add test coverage
Reference
- http://php.net/parse_url
- http://php.net/manual/en/language.oop5.magic.php#language.oop5.magic.tostring
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
| |/
|
| |
See [docker-shaarli](https://github.com/shaarli/docker-shaarli) for Dockerfiles and documentation
|
| |\
| |
| | |
CachedPage: move to a proper file, add tests
|
| | |
| |
| |
| | |
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
| |/
|
|
|
|
|
|
|
|
|
|
| |
Modifications
- rename `pageCache` to `CachedPage`
- move utilities to `Cache`
- do not access globals
- apply coding rules
- update LinkDB and test code
- add test coverage
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
| |\
| |
| | |
Fixes #299: prevent 404 on '?edit_link' while logged out
|
| |/
|
|
|
| |
- add a use case for edit_link in logged out part.
- *really* prevent loops on login screen.
|
| |\
| |
| | |
Installation: default to the server's timezone
|
| |/
|
|
|
|
|
|
|
|
|
|
|
| |
Modifications
- attempt to use the server's timezone
- if none is set, use UTC
- TimeZone: apply coding conventions
- variable naming
- no closing PHP tag
Relates to #274
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
| |\
| |
| | |
Doc: sync from Wiki, generate HTML
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Closes #291
Fixes #227
Modifications
- HTML content: match the new Wiki structure
- Makefile
- generate a custom HTML sidebar
- include the sidebar on all pages
- infer and prepend page titles
- handle relative links
- add title metadata, e.g. Shaarli - <Page Name>
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
| |\
| |
| | |
Add a generic rule to run PHPCS against different coding standards
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Relates to #95
Usage
- list available standards
$ ./vendor/bin/phpcs -i
- run PHPCS against a given standard
$ make PHPCS_<standard>
Examples
$ make PHPCS_PSR1
$ make PHPCS_Zend
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
| |\ \
| | |
| | | |
Bump version to 0.5.0
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Major changes
- fix locale handling
- fix note URLs
- fix page redirections
- fix daily RSS browsing
- fix title display
- fix links not being hidden when `HIDE_PUBLIC_LINKS` is set
- restore compatibility with PHP 5.3
- remove duplicate tags in links
- remove annoying URL patterns
- add Firefox Social API
- Search/Filter by tag fieds can now be accessed quickly with the `Tab` key
- update documentation
- start code refactoring
- move all settings to `data/config.php`
- refactor Config, LinkDB, TimeZone, Utils
- add unit test coverage
- add Travis integration
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
| | |
| |
| |
| | |
Fixes #297
|
| |\ \
| | |
| | | |
[fix] #293 - Black thumbnails on picture wall after upgrade
|
| | | |
| | |
| | | |
Black thumbnails on picture wall after upgrade #293
|
