aboutsummaryrefslogtreecommitdiffhomepage
path: root/index.php
Commit message (Collapse)AuthorAgeFilesLines
* Fix fatal error on daily page: use new thumbnail systemArthurHoaro2018-07-291-3/+6
| | | | | | | | | Also fix: * include the login manager in the daily RSS feed function * remove redirector setting in the vintage theme Fixes #1190
* Merge pull request #687 from ArthurHoaro/web-thumbArthurHoaro2018-07-281-429/+98
|\ | | | | Use web-thumbnailer to retrieve thumbnails
| * Bunch of improvement for thumbnails integration:ArthurHoaro2018-07-171-3/+6
| | | | | | | | | | | | | | | | - add a default thumb size value (125x90px) - improve private vertical bar visual, especially with thumbnails - translations - add a sync thumbs button in tool and empty picwall page - fixes WT download mode in JSON config
| * Thumbnails: add a common mode to only retrieve thumbs from popular media ↵ArthurHoaro2018-07-051-10/+12
| | | | | | | | websites
| * Add a page to update all thumbnails through AJAX requests in both templatesArthurHoaro2018-07-051-30/+51
| |
| * Take code review into accountArthurHoaro2018-07-051-1/+3
| | | | | | | | Upgrade web-thumbnailer and display thumbs right after download
| * Update thumbnail integration after rebasing the branchArthurHoaro2018-07-051-23/+16
| |
| * Use web-thumbnailer to retrieve thumbnailsArthurHoaro2018-07-051-421/+69
| | | | | | | | | | | | | | | | | | | | * requires PHP 5.6 * use blazy on linklist since a lot more thumbs are retrieved * thumbnails can be disabled * thumbs size is now 120x120 * thumbs are now cropped to fit the expected size Fixes #345 #425 #487 #543 #588 #590
* | Docs: rename 'How-to' section to 'Guides'VirtualTam2018-07-121-1/+1
| | | | | | | | Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* | Merge pull request #1141 from ArthurHoaro/api/tagsArthurHoaro2018-07-101-0/+6
|\ \ | |/ |/| Implements Tags endpoints for Shaarli's REST API
| * Implements Tags endpoints for Shaarli's REST APIArthurHoaro2018-06-041-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | Endpoints: * List All Tags [GET] * Get a tag [GET] * Update a tag [PUT] * Delete a tag [DELETE] Fixes #904 References shaarli/api-documentation#34
* | Fix broken documentation links and list formattingVirtualTam2018-06-261-1/+1
| | | | | | | | Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* | Fixes an error during the installArthurHoaro2018-06-071-2/+3
|/ | | | was out of scope
* Refactor LoginManager stay-signed-in token managementVirtualTam2018-06-021-7/+5
| | | | Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* Refactor session and cookie timeout controlVirtualTam2018-06-021-21/+26
| | | | Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* Move LoginManager and SessionManager to the Security namespaceVirtualTam2018-06-021-2/+2
| | | | Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* LoginManager: remove unused parameterVirtualTam2018-06-021-1/+1
| | | | Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* Login: update PageBuilder and default/vintage templatesVirtualTam2018-06-021-6/+9
| | | | Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* Pass the client IP ID to LoginManagerVirtualTam2018-06-021-2/+3
| | | | Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* Refactor user credential validation at login timeVirtualTam2018-05-291-106/+38
| | | | | | | | Changed: - move login/password verification to LoginManager - code cleanup Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* Refactor PHP session handling during login/logoutVirtualTam2018-05-291-36/+13
| | | | | | | | Changed: - move $_SESSION handling to SessionManager - code cleanup Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* Refactor SessionManager::$INACTIVITY_TIMEOUTVirtualTam2018-05-291-24/+24
| | | | | | | | | | | | Changed: - move INACTIVITY_TIMEOUT to SessionManager - inject a dependency to a SessionManager instance in: - fillSessionInfo() - setup_login_state() - check_auth() - cleanup related code and comments Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* Refactor client session hijacking protectionVirtualTam2018-05-291-12/+2
| | | | Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* Fix parameter order which was preventing max_dl parameter to work properlyArthurHoaro2018-05-011-1/+1
|
* Fix warning when trying to save redictor setting from the configure pageArthurHoaro2018-03-131-2/+0
| | | | | | It has been removed from the web page. Fixes #1099
* Merge pull request #1096 from ArthurHoaro/feature/download-paramsArthurHoaro2018-03-131-1/+6
|\ | | | | Make max download size and timeout configurable
| * Make max download size and timeout configurableArthurHoaro2018-03-071-1/+6
| | | | | | | | Fixes #1061
* | PSR: use elseif instead of else ifArthurHoaro2018-02-281-2/+2
|/ | | | See https://www.php-fig.org/psr/psr-2/\#51-if-elseif-else
* Use a specific page title in all pagesArthurHoaro2018-02-241-2/+31
| | | | | | Also fixed a few French translation issues Fixes #954 #955
* Refactor login / ban authentication stepsVirtualTam2018-02-051-100/+16
| | | | | | | | | | | | | | | | | Relates to https://github.com/shaarli/Shaarli/issues/324 Added: - Add the `LoginManager` class to manage logins and bans Changed: - Refactor IP ban management - Simplify logic - Avoid using globals, inject dependencies Fixed: - Use `ban_duration` instead of `ban_after` when setting a new ban Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* Merge pull request #1074 from kalvn/feature/dailymarkdownArthurHoaro2018-02-021-13/+16
|\ | | | | Executes daily hooks before creating columns.
| * Executes daily hooks before creating columns.kalvn2018-02-011-13/+16
| |
* | Merge pull request #1038 from ArthurHoaro/feature/public-only-filterArthurHoaro2018-02-021-11/+22
|\ \ | | | | | | Add a filter to only display public links
| * | Public/private filter: use two separate buttonsArthurHoaro2018-01-241-3/+13
| | | | | | | | | | | | #1038
| * | Add a filter to only display public linksArthurHoaro2017-12-161-11/+12
| | | | | | | | | | | | | | | | | | When the key filter is clicked once, it only displays private link. When it is clicked on again, it becomes red and only public links are displayed. Another click and all links are displayed. The current visibility status is shown in the search banner Fixes #1030
* | | Use LC_COLLATE instead of LC_MESSAGES if php-intl is not installedArthurHoaro2018-01-311-0/+5
| |/ |/| | | | | | | | | | | | | As stated in the docs: > LC_MESSAGES for system responses (available if PHP was compiled with libintl) Fixes #1067
* | Merge pull request #977 from ArthurHoaro/feature/dl-filterArthurHoaro2018-01-231-10/+4
|\ \ | | | | | | Extract the title/charset during page download, and check content type
| * | Extract the title/charset during page download, and check content typeArthurHoaro2017-10-281-10/+4
| | | | | | | | | | | | | | | | | | | | | Use CURLOPT_WRITEFUNCTION to check the response code and content type (only allow HTML). Also extract the title and charset during downloading chunk of data, and stop it when everything has been extracted. Closes #579
* | | Fix XSS vulnerabilityVirtualTam2018-01-041-1/+1
| |/ |/| | | | | Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* | Don't URL encode description links if parameter 'redirector.encode_url' is ↵ArthurHoaro2017-11-071-3/+15
| | | | | | | | set to false
* | Move session ID check to SessionManagerVirtualTam2017-10-221-1/+1
| | | | | | | | | | | | | | | | | | | | Relates to https://github.com/shaarli/Shaarli/issues/324 Changed: - `is_session_id_valid()` -> `SessionManager::checkId()` - update tests Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* | Refactor session token managementVirtualTam2017-10-221-47/+24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Relates to https://github.com/shaarli/Shaarli/issues/324 Added: - `SessionManager` class to group session-related features - unit tests Changed: - `getToken()` -> `SessionManager->generateToken()` - `tokenOk()` -> `SessionManager->checkToken()` - inject a `$token` parameter to `PageBuilder`'s constructor Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* | Add language selection in the configure page of the default themeArthurHoaro2017-10-221-3/+10
| |
* | Shaarli's translationArthurHoaro2017-10-221-30/+48
| | | | | | | | | | | | | | | | | | * translation system and unit tests * Translations everywhere Dont use translation merge It is not available with PHP builtin gettext, so it would have lead to inconsistency.
* | Merge pull request #987 from ArthurHoaro/hotfix/security-issueArthurHoaro2017-10-071-2/+2
|\ \ | | | | | | Fix security issue reported by @chb9
| * | Fix security issue reported by @chbiArthurHoaro2017-10-071-2/+2
| |/ | | | | | | Vulnerability introduced by 6ccd0b218fbd34de750f55b78f3dc43bb3d9fa8e - release with Shaarli v0.9.1.
* | Merge pull request #979 from ArthurHoaro/feature/assets-cache-versionVirtualTam2017-10-061-1/+1
|\ \ | | | | | | Add a version hash for asset loading to prevent browser's cache issue
| * | Rename shaarli_version constant to uppercaseArthurHoaro2017-10-011-1/+1
| |/
* / Allow setting of a default note title, see #963Mark Gerarts2017-10-011-1/+1
|/
* added option to redirect all anonymous users to login pageWilli Eggeling2017-09-031-0/+17
| | | | | | - new setting *force_login* added and documented - if both, *force_login* and *hide_public_links* are set to true, all requests (except for the feeds) are redirected to the login page