| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
- Heavy refactoring of DailyController
- Add a banner like in tag cloud to display monthly and weekly links
- Translations: t() now supports variables with optional first letter
uppercase
Fixes #160
|
|\ |
|
| |
| |
| |
| | |
Fixes #1122
|
|/
|
|
| |
Related to #1598
|
|
|
|
|
|
| |
XSS vulnerabilities fixed in editlink, linklist, tag.cloud and tag.list.
Also fixed tag search with special characters: urlencode function needs to be applied on raw data, before espaping, otherwise the rendered URL is wrong.
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
See https://github.com/shaarli/Shaarli/issues/1307
|
|
|
|
| |
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|
|
|
|
|
|
|
|
|
| |
Relates to https://github.com/shaarli/Shaarli/issues/324
Changed:
- `is_session_id_valid()` -> `SessionManager::checkId()`
- update tests
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
| |
|
|
|
|
|
|
|
|
|
| |
* translation system and unit tests
* Translations everywhere
Dont use translation merge
It is not available with PHP builtin gettext, so it would have lead to inconsistency.
|
|\
| |
| | |
Empty tag search will look for not tagged links
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Fixes #784
From now, searching for tags with an empty value will return only not tagged links,
with the search bar showing `x results [not tagged]`.
Note that using the api, the searchtags request parameter must be set to `false` to get the same result.
- [ ] Update API doc
|
| |
| |
| |
| |
| |
| | |
* The tag list can be sort alphabetically or by most used tag
* Edit/Delete are perform using AJAX, or fallback to 'do=changetag' page
* New features aren't backported to vintage theme
|
| | |
|
| |
| |
| |
| |
| |
| | |
It was multiplying a string containing a letter.
Moved function to Utils.php and display a human readable limit size
|
|/ |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Use php-intl extension to display datetimes a bit more nicely, depending on the locale.
What changes:
* the day is no longer displayed
* day number and month are ordered according to the locale
* the timezone is more readable (UTC+1 instead of CET)
|
|
|
|
|
|
| |
- Creates arrays_combination function to cover all cases
- add the underscore separator in the regex
- add `utf8` encoding in addition to `UTF-8`
|
|
|
|
|
|
|
| |
* Private tags: make sure empty tags are properly filtered
* Search results:
* Use preg_split instead of function combination
* Add normalize_spaces to remove extra whitespaces displaying empty tags search
|
|
|
|
|
|
|
|
| |
API settings:
- api.enabled
- api.secret
The API settings will be initialized (and the secret generated) with an update method.
|
|
|
|
|
|
|
| |
All existing link will keep their permalinks.
New links will have smallhash generated with date+id.
The purpose of this is to avoid collision between links due to their creation date.
|
| |
|
|
|
|
|
|
| |
* Hashtag are auto-linked with a filter search
* Supports unicode
* Compatible with markdown (excluded in code blocks)
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
Minor changes:
* Fix the date which was in a invalid format.
* Avoid empty categories (tags).
* Use the locale to set the language
|
|\
| |
| | |
Markdown: don't escape content + sanitize sensible tags
|
| |
| |
| |
| | |
Instead of trying to fix broken content for Markdown parsing, parse it unescaped, then sanatize sensible tags such as scripts, etc.
|
|/ |
|
|\
| |
| | |
PLUGIN Markdown
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Parse link description in Markdown (HTML) before rendering.
* hard remove of Shaarli's HTML before parsing.
* Using Parsedown <https://github.com/erusev/parsedown> PHP lib.
* Includes basic markdown CSS.
* Style: removed 400px height max limit for shaares.
* Unit tests.
|
| |
| |
| |
| |
| |
| | |
Relates to #436
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Fixes #436
Modifications:
- remove calls to strval() on safe data
- update the date format: 'Y/m/d_H:i:s' => 'Y/m/d H:i:s'
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Relates to #436
Modifications:
- inject dependencies to global variables ($_SERVER, $GLOBALS)
- apply coding conventions
- add test coverage
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|/
|
|
|
|
|
|
|
|
| |
* introduce class LinkFilter to handle link filter operation (and lighten LinkDB).
* handle 'private only' in filtering.
* update template to prefill search fields with current search terms.
* coding style.
* unit test (mostly move from LinkDB to LinkFilter).
PS: preparation for #358 #315 and 'AND' search.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes #328 - URL encode links when a redirector is set
* WARNING - template edit - new variable available : "real_url"
Contains the final real url (redirected or any other change on original URL)
* Don't redirect shaares link in RSS/Atom.
* Affects links shaared in description.
* Move text2clickable and keepMultipleSpaces to Utils.php + unit test
UPDATE:
* keepMultipleSpaces renamed to space2nbsp
* space2nbsp improved to handle single space at line beginning
* links in text description aren't 'nofollow' anymore
|
|
|
|
|
|
| |
Relates to #372
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|
|
|
| |
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|
|
|
|
| |
* adding a link should return added link's hash
* allow redirection relative urls in generateLocation
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Improves #306
Relates to #335 & #336
Duplicated by #339
Issues:
- PHP regenerates the session ID if it is not compliant
- the regex checking the session ID does not cover all cases
- different algorithms: md5, sha1, sha256, etc.
- bit representations: 4, 5, 6
Fix:
- `index.php`:
- remove `uniqid()` usage
- call `session_regenerate_id()` if an invalid cookie is detected
- regex: support all possible characters - '[a-zA-Z,-]{2,128}'
- tests: add coverage for all algorithms & bit representations
See:
- http://php.net/manual/en/session.configuration.php#ini.session.hash-function
- https://secure.php.net/manual/en/session.configuration.php#ini.session.hash-bits-per-character
- http://php.net/manual/en/function.session-id.php
- http://php.net/manual/en/function.session-regenerate-id.php
- http://php.net/manual/en/function.hash-algos.php
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|
|
|
|
|
| |
Fixes shaarli/Shaarli#335 - Wrong login/password since v0.5.2
Regression introduced in 06b6660a7e8891c6e1c47815cf50ee5b2ef5f270
|
|
|
|
|
| |
* Add a function to validate session ID.
* Generate a new session ID if an invalid token is passed.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Relates to #250
Modifications
- supported version
- bump required version from 5.1.0 to 5.3.x
- update README
- add PHP 5.3 to Travis environments
- rewrite array declarations: explicitely use array() instead of []
- move checkPHPVersion to application/Utils.php
- move timezone functions to application/TimeZone.php
- cleanup code
- improve test coverage
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|