aboutsummaryrefslogtreecommitdiffhomepage
path: root/application/Utils.php
Commit message (Collapse)AuthorAgeFilesLines
* Markdown: don't escape content + sanitize sensible tagsArthurHoaro2016-02-191-1/+17
| | | | Instead of trying to fix broken content for Markdown parsing, parse it unescaped, then sanatize sensible tags such as scripts, etc.
* Merge pull request #379 from ArthurHoaro/plugin-markdownArthur2016-01-311-8/+0
|\ | | | | PLUGIN Markdown
| * PLUGIN MarkdownArthurHoaro2016-01-031-8/+0
| | | | | | | | | | | | | | | | | | | | Parse link description in Markdown (HTML) before rendering. * hard remove of Shaarli's HTML before parsing. * Using Parsedown <https://github.com/erusev/parsedown> PHP lib. * Includes basic markdown CSS. * Style: removed 400px height max limit for shaares. * Unit tests.
* | fix: use PHP_EOL for carriage returns in file logsVirtualTam2016-01-181-1/+1
| | | | | | | | | | | | Relates to #436 Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* | Logging: improve formatting to enable fail2ban parsingVirtualTam2016-01-161-2/+7
| | | | | | | | | | | | | | | | | | | | Fixes #436 Modifications: - remove calls to strval() on safe data - update the date format: 'Y/m/d_H:i:s' => 'Y/m/d H:i:s' Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* | Logging: move logm() from index.php to application/Utils.phpVirtualTam2016-01-161-0/+13
| | | | | | | | | | | | | | | | | | | | | | Relates to #436 Modifications: - inject dependencies to global variables ($_SERVER, $GLOBALS) - apply coding conventions - add test coverage Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* | Link filter refactoringArthurHoaro2016-01-061-5/+7
|/ | | | | | | | | | * introduce class LinkFilter to handle link filter operation (and lighten LinkDB). * handle 'private only' in filtering. * update template to prefill search fields with current search terms. * coding style. * unit test (mostly move from LinkDB to LinkFilter). PS: preparation for #358 #315 and 'AND' search.
* URL encode links when a redirector is set.ArthurHoaro2015-11-261-0/+53
| | | | | | | | | | | | | | | | | Fixes #328 - URL encode links when a redirector is set * WARNING - template edit - new variable available : "real_url" Contains the final real url (redirected or any other change on original URL) * Don't redirect shaares link in RSS/Atom. * Affects links shaared in description. * Move text2clickable and keepMultipleSpaces to Utils.php + unit test UPDATE: * keepMultipleSpaces renamed to space2nbsp * space2nbsp improved to handle single space at line beginning * links in text description aren't 'nofollow' anymore
* application: move checkPHPVersion from Utils to ApplicationUtilsVirtualTam2015-11-241-20/+0
| | | | | | Relates to #372 Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* cleanup: remove the executable bit from source scriptsVirtualTam2015-11-111-0/+0
| | | | Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* Fixes #356ArthurHoaro2015-11-041-5/+6
| | | | | * adding a link should return added link's hash * allow redirection relative urls in generateLocation
* Session ID: extend the regex to match possible hash representationsVirtualTam2015-09-061-1/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Improves #306 Relates to #335 & #336 Duplicated by #339 Issues: - PHP regenerates the session ID if it is not compliant - the regex checking the session ID does not cover all cases - different algorithms: md5, sha1, sha256, etc. - bit representations: 4, 5, 6 Fix: - `index.php`: - remove `uniqid()` usage - call `session_regenerate_id()` if an invalid cookie is detected - regex: support all possible characters - '[a-zA-Z,-]{2,128}' - tests: add coverage for all algorithms & bit representations See: - http://php.net/manual/en/session.configuration.php#ini.session.hash-function - https://secure.php.net/manual/en/session.configuration.php#ini.session.hash-bits-per-character - http://php.net/manual/en/function.session-id.php - http://php.net/manual/en/function.session-regenerate-id.php - http://php.net/manual/en/function.hash-algos.php Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* Allow uppercase letters in PHP sessionid formatArthurHoaro2015-09-021-1/+1
| | | | | | Fixes shaarli/Shaarli#335 - Wrong login/password since v0.5.2 Regression introduced in 06b6660a7e8891c6e1c47815cf50ee5b2ef5f270
* Avoid Full Path Disclosure error on session error.ArthurHoaro2015-08-221-1/+25
| | | | | * Add a function to validate session ID. * Generate a new session ID if an invalid token is passed.
* PHP: ensure 5.3 compatibility, refactor timezone utilitiesVirtualTam2015-07-131-1/+22
| | | | | | | | | | | | | | | | | Relates to #250 Modifications - supported version - bump required version from 5.1.0 to 5.3.x - update README - add PHP 5.3 to Travis environments - rewrite array declarations: explicitely use array() instead of [] - move checkPHPVersion to application/Utils.php - move timezone functions to application/TimeZone.php - cleanup code - improve test coverage Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* Prevent redirection loop everytime we rely on HTTP_REFERER:ArthurHoaro2015-07-121-1/+33
| | | | | | | | | | | | | | | * search tag * delete tag * pagination * display privates only * delete link * new/edit/cancel link return page Move location generation to Utils.php + unit tests. Fixes #256 ninja
* LinkDB::filterDay(): check input date formatVirtualTam2015-07-091-0/+15
| | | | Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* move escape() and sanitizeLink() to application/Utils.phpnodiscc2015-06-241-0/+27
| | | | prevents 'PHP Fatal error: Call to undefined function sanitizeLink() in Shaarli/application/LinkDB.php on line 255' in tests
* LinkDB: move to a proper file, add test coverageVirtualTam2015-06-111-0/+45
Relates to #71 LinkDB - move to application/LinkDB.php - code cleanup - indentation - whitespaces - formatting - comment cleanup - add missing documentation - unify formatting Test coverage for LinkDB - constructor - public / private access - link-related methods Shaarli utilities (LinkDB dependencies) - move startsWith() and endsWith() functions to application/Utils.php - add test coverage Dev utilities - Composer: add PHPUnit to dev dependencies - Makefile: - update lint targets - add test targets - generate coverage reports Signed-off-by: VirtualTam <virtualtam@flibidi.net>