aboutsummaryrefslogtreecommitdiffhomepage
path: root/application/Utils.php
Commit message (Collapse)AuthorAgeFilesLines
* Manually fix remaining PHPCS errorsArthurHoaro2020-11-091-0/+2
|
* Apply PHP Code Beautifier on source code for linter automatic fixesArthurHoaro2020-11-091-6/+8
|
* Feature: add weekly and monthly view/RSS feed for daily pageArthurHoaro2020-10-271-6/+27
| | | | | | | | | - Heavy refactoring of DailyController - Add a banner like in tag cloud to display monthly and weekly links - Translations: t() now supports variables with optional first letter uppercase Fixes #160
* Merge pull request #1601 from ArthurHoaro/feature/psr3ArthurHoaro2020-10-241-11/+13
|\
| * Use PSR-3 logger for login attemptsArthurHoaro2020-10-201-11/+13
| | | | | | | | Fixes #1122
* | Dislay an error if an exception occurs in the error handlerArthurHoaro2020-10-201-0/+9
|/ | | | Related to #1598
* Security: fix multiple XSS vulnerabilities + fix search tags with special charsArthurHoaro2020-10-061-2/+2
| | | | | | XSS vulnerabilities fixed in editlink, linklist, tag.cloud and tag.list. Also fixed tag search with special characters: urlencode function needs to be applied on raw data, before espaping, otherwise the rendered URL is wrong.
* Handle shaare creation/edition/deletion through Slim controllersArthurHoaro2020-07-231-0/+4
|
* Process daily page through Slim controllerArthurHoaro2020-07-231-4/+4
|
* Process tag cloud page through Slim controllerArthurHoaro2020-07-231-1/+1
|
* Fix all existing links and redirection to ?do=loginArthurHoaro2020-01-261-1/+1
|
* Apply the new system (Bookmark + Service) to the whole code baseArthurHoaro2020-01-181-1/+1
| | | | See https://github.com/shaarli/Shaarli/issues/1307
* lint: apply phpcbf to application/VirtualTam2018-12-021-6/+10
| | | | Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* Move session ID check to SessionManagerVirtualTam2017-10-221-30/+0
| | | | | | | | | | Relates to https://github.com/shaarli/Shaarli/issues/324 Changed: - `is_session_id_valid()` -> `SessionManager::checkId()` - update tests Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* Translations : Working demo example of translation extensionArthurHoaro2017-10-221-1/+1
|
* Shaarli's translationArthurHoaro2017-10-221-1/+16
| | | | | | | | | * translation system and unit tests * Translations everywhere Dont use translation merge It is not available with PHP builtin gettext, so it would have lead to inconsistency.
* Merge pull request #841 from ArthurHoaro/feature/search-no-tagArthurHoaro2017-05-251-0/+4
|\ | | | | Empty tag search will look for not tagged links
| * Empty tag search will look for not tagged linksArthurHoaro2017-05-251-0/+4
| | | | | | | | | | | | | | | | | | | | | | Fixes #784 From now, searching for tags with an empty value will return only not tagged links, with the search bar showing `x results [not tagged]`. Note that using the api, the searchtags request parameter must be set to `false` to get the same result. - [ ] Update API doc
* | Adds a taglist view with edit/delete buttonsArthurHoaro2017-05-251-0/+31
| | | | | | | | | | | | * The tag list can be sort alphabetically or by most used tag * Edit/Delete are perform using AJAX, or fallback to 'do=changetag' page * New features aren't backported to vintage theme
* | Use raw bytes for upload size hidden inputArthurHoaro2017-04-101-5/+6
| |
* | Fix a warning generated in return_bytes function and refactor itArthurHoaro2017-04-031-0/+89
| | | | | | | | | | | | It was multiplying a string containing a letter. Moved function to Utils.php and display a human readable limit size
* | Theme: use format_date function for daily dateArthurHoaro2017-03-281-3/+5
|/
* Fix autoLocale error and cover it with unit testsArthurHoaro2017-03-071-13/+21
|
* Improve datetime displayArthurHoaro2017-03-061-20/+52
| | | | | | | | | | Use php-intl extension to display datetimes a bit more nicely, depending on the locale. What changes: * the day is no longer displayed * day number and month are ordered according to the locale * the timezone is more readable (UTC+1 instead of CET)
* Improve autoLocale() detectionArthurHoaro2017-03-061-9/+42
| | | | | | - Creates arrays_combination function to cover all cases - add the underscore separator in the regex - add `utf8` encoding in addition to `UTF-8`
* Fixes presence of empty tags for private tags and in search resultsArthurHoaro2017-01-031-0/+13
| | | | | | | * Private tags: make sure empty tags are properly filtered * Search results: * Use preg_split instead of function combination * Add normalize_spaces to remove extra whitespaces displaying empty tags search
* Prepare settings for the API in the admin page and during the installArthurHoaro2016-12-121-0/+26
| | | | | | | | API settings: - api.enabled - api.secret The API settings will be initialized (and the secret generated) with an update method.
* Add a persistent 'shorturl' key to all linksArthurHoaro2016-12-121-1/+5
| | | | | | | All existing link will keep their permalinks. New links will have smallhash generated with date+id. The purpose of this is to avoid collision between links due to their creation date.
* Minor code cleanup: PHPDoc, spelling, unused variables, etc.ArthurHoaro2016-10-201-1/+7
|
* Hashtag systemArthurHoaro2016-06-061-54/+1
| | | | | | * Hashtag are auto-linked with a filter search * Supports unicode * Compatible with markdown (excluded in code blocks)
* Fix startsWith and endsWith caseArthurHoaro2016-05-101-2/+14
|
* Makes escape a recursive function which handle array of stringsArthurHoaro2016-03-251-3/+11
|
* Refactor showAtom, and make it use the ATOM templateArthurHoaro2016-03-181-1/+1
| | | | | | | | Minor changes: * Fix the date which was in a invalid format. * Avoid empty categories (tags). * Use the locale to set the language
* Merge pull request #491 from ArthurHoaro/markdown-escape2Arthur2016-02-251-1/+17
|\ | | | | Markdown: don't escape content + sanitize sensible tags
| * Markdown: don't escape content + sanitize sensible tagsArthurHoaro2016-02-191-1/+17
| | | | | | | | Instead of trying to fix broken content for Markdown parsing, parse it unescaped, then sanatize sensible tags such as scripts, etc.
* | Apply the locale to all categories and move autolocale to Utils.phpArthurHoaro2016-02-191-0/+25
|/
* Merge pull request #379 from ArthurHoaro/plugin-markdownArthur2016-01-311-8/+0
|\ | | | | PLUGIN Markdown
| * PLUGIN MarkdownArthurHoaro2016-01-031-8/+0
| | | | | | | | | | | | | | | | | | | | Parse link description in Markdown (HTML) before rendering. * hard remove of Shaarli's HTML before parsing. * Using Parsedown <https://github.com/erusev/parsedown> PHP lib. * Includes basic markdown CSS. * Style: removed 400px height max limit for shaares. * Unit tests.
* | fix: use PHP_EOL for carriage returns in file logsVirtualTam2016-01-181-1/+1
| | | | | | | | | | | | Relates to #436 Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* | Logging: improve formatting to enable fail2ban parsingVirtualTam2016-01-161-2/+7
| | | | | | | | | | | | | | | | | | | | Fixes #436 Modifications: - remove calls to strval() on safe data - update the date format: 'Y/m/d_H:i:s' => 'Y/m/d H:i:s' Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* | Logging: move logm() from index.php to application/Utils.phpVirtualTam2016-01-161-0/+13
| | | | | | | | | | | | | | | | | | | | | | Relates to #436 Modifications: - inject dependencies to global variables ($_SERVER, $GLOBALS) - apply coding conventions - add test coverage Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* | Link filter refactoringArthurHoaro2016-01-061-5/+7
|/ | | | | | | | | | * introduce class LinkFilter to handle link filter operation (and lighten LinkDB). * handle 'private only' in filtering. * update template to prefill search fields with current search terms. * coding style. * unit test (mostly move from LinkDB to LinkFilter). PS: preparation for #358 #315 and 'AND' search.
* URL encode links when a redirector is set.ArthurHoaro2015-11-261-0/+53
| | | | | | | | | | | | | | | | | Fixes #328 - URL encode links when a redirector is set * WARNING - template edit - new variable available : "real_url" Contains the final real url (redirected or any other change on original URL) * Don't redirect shaares link in RSS/Atom. * Affects links shaared in description. * Move text2clickable and keepMultipleSpaces to Utils.php + unit test UPDATE: * keepMultipleSpaces renamed to space2nbsp * space2nbsp improved to handle single space at line beginning * links in text description aren't 'nofollow' anymore
* application: move checkPHPVersion from Utils to ApplicationUtilsVirtualTam2015-11-241-20/+0
| | | | | | Relates to #372 Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* cleanup: remove the executable bit from source scriptsVirtualTam2015-11-111-0/+0
| | | | Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* Fixes #356ArthurHoaro2015-11-041-5/+6
| | | | | * adding a link should return added link's hash * allow redirection relative urls in generateLocation
* Session ID: extend the regex to match possible hash representationsVirtualTam2015-09-061-1/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Improves #306 Relates to #335 & #336 Duplicated by #339 Issues: - PHP regenerates the session ID if it is not compliant - the regex checking the session ID does not cover all cases - different algorithms: md5, sha1, sha256, etc. - bit representations: 4, 5, 6 Fix: - `index.php`: - remove `uniqid()` usage - call `session_regenerate_id()` if an invalid cookie is detected - regex: support all possible characters - '[a-zA-Z,-]{2,128}' - tests: add coverage for all algorithms & bit representations See: - http://php.net/manual/en/session.configuration.php#ini.session.hash-function - https://secure.php.net/manual/en/session.configuration.php#ini.session.hash-bits-per-character - http://php.net/manual/en/function.session-id.php - http://php.net/manual/en/function.session-regenerate-id.php - http://php.net/manual/en/function.hash-algos.php Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* Allow uppercase letters in PHP sessionid formatArthurHoaro2015-09-021-1/+1
| | | | | | Fixes shaarli/Shaarli#335 - Wrong login/password since v0.5.2 Regression introduced in 06b6660a7e8891c6e1c47815cf50ee5b2ef5f270
* Avoid Full Path Disclosure error on session error.ArthurHoaro2015-08-221-1/+25
| | | | | * Add a function to validate session ID. * Generate a new session ID if an invalid token is passed.
* PHP: ensure 5.3 compatibility, refactor timezone utilitiesVirtualTam2015-07-131-1/+22
| | | | | | | | | | | | | | | | | Relates to #250 Modifications - supported version - bump required version from 5.1.0 to 5.3.x - update README - add PHP 5.3 to Travis environments - rewrite array declarations: explicitely use array() instead of [] - move checkPHPVersion to application/Utils.php - move timezone functions to application/TimeZone.php - cleanup code - improve test coverage Signed-off-by: VirtualTam <virtualtam@flibidi.net>