| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|\
| |
| | |
Extract the title/charset during page download, and check content type
|
| |
| |
| |
| |
| |
| |
| | |
Use CURLOPT_WRITEFUNCTION to check the response code and content type (only allow HTML).
Also extract the title and charset during downloading chunk of data, and stop it when everything has been extracted.
Closes #579
|
| |
| |
| |
| | |
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
| |
| |
| |
| | |
set to false
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Relates to https://github.com/shaarli/Shaarli/issues/324
Changed:
- `is_session_id_valid()` -> `SessionManager::checkId()`
- update tests
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Relates to https://github.com/shaarli/Shaarli/issues/324
Added:
- `SessionManager` class to group session-related features
- unit tests
Changed:
- `getToken()` -> `SessionManager->generateToken()`
- `tokenOk()` -> `SessionManager->checkToken()`
- inject a `$token` parameter to `PageBuilder`'s constructor
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* translation system and unit tests
* Translations everywhere
Dont use translation merge
It is not available with PHP builtin gettext, so it would have lead to inconsistency.
|
|\ \
| | |
| | | |
Fix security issue reported by @chb9
|
| |/
| |
| |
| | |
Vulnerability introduced by 6ccd0b218fbd34de750f55b78f3dc43bb3d9fa8e - release with Shaarli v0.9.1.
|
|\ \
| | |
| | | |
Add a version hash for asset loading to prevent browser's cache issue
|
| |/ |
|
|/ |
|
|
|
|
|
|
| |
- new setting *force_login* added and documented
- if both, *force_login* and *hide_public_links* are set to true, all requests
(except for the feeds) are redirected to the login page
|
|\
| |
| | |
Firefox Social title: Use document.title instead of RainTPL variable
|
| |
| |
| |
| | |
Without HTTP_X_FORWARDED_PORT check, might be set to false even though the user is using HTTPS, thus disabling Firefox Social block display
|
|\ \
| | |
| | | |
fixed link deletion
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When deleting links, the js of the default theme separated ids by an escaped space ('+').
There was a trailing '+' after the ids which led to the php code detecting multiple values
even for single values. In combination with the id '0' this could led to no id found at all
and a resulting php error.
this commit fixes the behavior and adds an additional error handling and trimming to the php code.
|
|\ \ \
| | | |
| | | | |
fixed daily links if there are no links
|
| |/ /
| | |
| | |
| | |
| | |
| | | |
- the previous code tried to use links from a previous day if there are no one for the current one
- the new code skips this part if there are no entries (i.e. days) at all
- modified showDaily() to fit PSR-1 and PSR-2
|
|\ \ \
| |/ /
|/| | |
new setting: default value for 'remember me' checkbox
|
| | |
| | |
| | |
| | |
| | |
| | | |
- the default state for the login page's 'remember me' checkbox can now be configured
- adapted the default and vintage theme to consider the new setting
- added documentation for the new setting
|
|\ \ \
| | | |
| | | | |
Generates a permalink URL if the URL is set to blank
|
| | |/
| |/|
| | |
| | | |
Fixes #926
|
|\ \ \
| | | |
| | | | |
migrated Github wiki links to readthedocs
|
| | |/
| |/| |
|
| | |
| | |
| | |
| | |
| | |
| | | |
- unified code style (spaces around operators)
- prevented expiration time to be calculated twice
- replaced tabs with spaces
|
|/ /
| |
| |
| |
| |
| | |
- removed all references to magic quotes
- magic quotes are not supported on PHP >= 5.4 (https://secure.php.net/manual/en/security.magicquotes.php)
- Shaarli does not support PHP < 5.5
|
|/
|
|
| |
Fixes #932
|
| |
|
| |
|
|\
| |
| | |
Make sure that the tag exists before altering/removing it
|
| | |
|
| | |
|
| |
| |
| |
| | |
Fixes #886
|
| | |
|
|/ |
|
|\
| |
| | |
Add creation date when editing a link
|
| |
| |
| |
| |
| |
| | |
Also, alter the title on edition
Fixes #431
|
|\ \
| |/
|/| |
Add a whitelist of protocols for URLs
|
| |
| |
| |
| |
| |
| |
| | |
- for Shaare
- for markdown description links and images
Not whitelisted protocols will be replaced by `http://`
|
|\ \
| | |
| | | |
Empty tag search will look for not tagged links
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Fixes #784
From now, searching for tags with an empty value will return only not tagged links,
with the search bar showing `x results [not tagged]`.
Note that using the api, the searchtags request parameter must be set to `false` to get the same result.
- [ ] Update API doc
|
| | |
| | |
| | |
| | |
| | |
| | | |
* The tag list can be sort alphabetically or by most used tag
* Edit/Delete are perform using AJAX, or fallback to 'do=changetag' page
* New features aren't backported to vintage theme
|
| | | |
|
| | |
| | |
| | |
| | | |
Useful for AJAX requests which burns the token
|
|\ \ \
| | | |
| | | | |
Bulk deletion
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* Add a checkboxes in linklist which display a sub-header containing action buttons
* Strongly rely on JS
* Requires a modern browser (ES6 syntax support)
* Checkboxes are hidden if the browser is old or JS disabled
|
| |_|/
|/| | |
|