| Commit message (Collapse) | Author | Age | Files | Lines |
|\
| |
| | |
Use 'dev' version on the master branch
|
| | |
|
| | |
|
| |
| |
| |
| | |
Allowed check branches are now `latest` and `stable`.
|
|\ \
| | |
| | | |
Fixes #304: use atom feed as default
|
| | |
| | |
| | |
| | | |
RSS feed is still available with the setting set to false
|
| |/
|/|
| |
| |
| |
| |
| |
| | |
Error:
An error occurred while parsing configuration JSON file (data/config.json.php): error code #4
➜ Syntax error
Please check your JSON syntax (without PHP comment tags) using a JSON lint tool such as jsonlint.com.
|
|\ \
| |/
|/| |
Link imports are now logged in `data/` folder, and can be debug using…
|
| | |
|
| |
| |
| |
| |
| |
| | |
`dev.debug=true` setting
related to #741 and #681
|
|/ |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Use php-intl extension to display datetimes a bit more nicely, depending on the locale.
What changes:
* the day is no longer displayed
* day number and month are ordered according to the locale
* the timezone is more readable (UTC+1 instead of CET)
|
|
|
|
|
|
| |
- Creates arrays_combination function to cover all cases
- add the underscore separator in the regex
- add `utf8` encoding in addition to `UTF-8`
|
|
|
|
|
|
|
|
|
|
|
| |
Namespaces have been introduced with the REST API, and should be generalized
to the whole codebase to manage object scope and benefit from autoloading.
See:
- https://secure.php.net/manual/en/language.namespaces.php
- http://www.php-fig.org/psr/psr-4/
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This setting allows to escape HTML in markdown rendering or not.
The goal behind it is to avoid XSS issue in shared instances.
More info:
* the setting is set to true by default
* it is set to false for anyone who already have the plugin enabled
(avoid breaking existing entries)
* improve the HTML sanitization when the setting is set to false - but don't consider it XSS proof
* mention the setting in the plugin README
|
| |
|
|
|
|
| |
See http://shaarli.github.io/api-documentation/#links-link-get
|
|\
| |
| | |
REST API - getLinks: support the visibility parameter
|
| | |
|
|/
|
|
|
|
| |
To access LinkDB items with its ArrayAccess implementation, the IDs must be consistent, which isn't the case before `updateMethodDatastoreIds()` execution. v0.6.4 method `updateMethodRenameDashTags()` was accessing it, so an upgrade <0.6.4 to >0.8.x was failing.
This just move the minor update `RenameDashTags` after the IDs update.
|
|
|
|
|
|
| |
No update regarding the UI or the API for now
Fixes #758
|
|\
| |
| | |
REST API: implement getLinks service
|
| |
| |
| |
| | |
See http://shaarli.github.io/api-documentation/#links-links-collection-get
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Relates to https://github.com/shaarli/Shaarli/pull/731
Added:
- require the presence of the 'Authorization' header
Changed:
- use the HTTP Bearer Token authorization schema
See:
- https://jwt.io/introduction/#how-do-json-web-tokens-work-
- https://tools.ietf.org/html/rfc6750
- http://security.stackexchange.com/q/108662
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
| | |
|
| |
| |
| |
| | |
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|\ \
| | |
| | | |
Theme manager: improvements
|
| | | |
|
| | | |
|
| |/ |
|
| |
| |
| |
| | |
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
| |
| |
| |
| | |
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes https://github.com/shaarli/Shaarli/issues/737
Added:
- Base64Url utilities
Fixed:
- use URL-safe Base64 encoding/decoding functions
- use byte representations for HMAC digests
- all JWT parts are Base64Url-encoded
See:
- https://en.wikipedia.org/wiki/JSON_Web_Token
- https://tools.ietf.org/html/rfc7519
- https://scotch.io/tutorials/the-anatomy-of-a-json-web-token
- https://jwt.io/introduction/
- https://en.wikipedia.org/wiki/Base64#URL_applications
- https://secure.php.net/manual/en/function.base64-encode.php#103849
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|\
| |
| | |
Bugfixes on link deletion, and use a GET form
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Use a GET form to delete links: harmonize with edit_link and preparation for #585
Bug fixes:
* LinkDB element can't be passed as reference, fix error:
PHP Notice: Indirect modification of overloaded element of LinkDB has no effect
* Resource cache folder setting wasn't set correctly
|
|\ \
| | |
| | | |
Hide default ports in local URL behind a reverse proxy
|
| | | |
|
|/ /
| |
| |
| |
| |
| | |
Closes https://github.com/shaarli/Shaarli/issues/735
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
| |
| |
| |
| |
| |
| |
| | |
* Private tags: make sure empty tags are properly filtered
* Search results:
* Use preg_split instead of function combination
* Add normalize_spaces to remove extra whitespaces displaying empty tags search
|
| | |
|
| |
| |
| |
| |
| |
| | |
* REST API routes are handle by Slim.
* Every API controller go through ApiMiddleware which handles security.
* First service implemented `/info`, for tests purpose.
|
|/
|
|
|
|
|
|
| |
API settings:
- api.enabled
- api.secret
The API settings will be initialized (and the secret generated) with an update method.
|
|
|
|
|
|
|
| |
All existing link will keep their permalinks.
New links will have smallhash generated with date+id.
The purpose of this is to avoid collision between links due to their creation date.
|
| |
|
|
|
|
|
| |
creation and update dates are now DateTime objects.
Since this update is very sensitve (changing the whole database), the datastore will be automatically backed up into the file datastore.<datetime>.php.
|
|
|
|
|
|
|
|
|
| |
Links now use an incremental unique numeric identifier.
This ID is persistent and must never change.
ArrayAccess is used to match the link ID with the array keys (see the comment in LinkDB for more details)
Key 'created' added, with creation date as a DateTime object. 'updated' is now also a DateTime.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If `mod_version` is enabled, the previous syntax will apply for Apache <2.4.
If not, the new syntax is used by default.
Fixes #676
`mod_version` identifier is `version_module` across all Apache versions. See:
* https://httpd.apache.org/docs/current/mod/mod_version.html
* https://httpd.apache.org/docs/2.2/mod/mod_version.html
* https://serverfault.com/questions/733910/how-do-i-load-mod-version-only-if-it-isnt-built-in-to-apache
Note that version_module comes built-in with Debian (and derivatives) Apache2 packages, see https://wiki.debian.org/Apache/PackagingFor24
|