Andrew Dolgov
33fdde249e
pass CSRF token to opml import and feed icon replace dialogs
2020-09-16 06:43:55 +03:00
Andrew Dolgov
c3d14e1fa5
- fix multiple vulnerabilities in af_proxy_http
...
- fix vulnerability in rewrite_relative_url() which prevented some URLs from being properly absolutized
- fetch_file_contents: validate all URLs before requesting them
- validate URLs: explicitly whitelist http and https scheme, forbid everything else
- DiskCache/cached_url: only serve whitelisted content types (images, video)
- simplify filename/URL handling code, remove and consolidate some less-used functions
2020-09-14 19:46:52 +03:00
Andrew Dolgov
d01ad09800
eslint-related fixes; move a few things from global context to App
2020-06-05 07:44:57 +03:00
Andrew Dolgov
c8cc845d5b
when removing favicon, reset its auto-refresh timer
2020-05-22 15:06:52 +03:00
Andrew Dolgov
bcbc5ccc78
batchSubscribe: use validationtextarea
2020-02-28 14:03:29 +03:00
Andrew Dolgov
60288f02e8
1. feedtree: show counters for marked articles if view-mode == marked
...
2. hide/show relevant counter nodes using css
3. cleanup some counter-related code
4. compile default css into light theme to prevent cache-related issues
2020-02-20 14:14:45 +03:00
Andrew Dolgov
6080cca9ca
scrap counter cache system; rework counters to sum() booleans instead
2020-01-24 14:25:31 +03:00
Andrew Dolgov
12a542977e
makefeedtree: properly calculate feed total amount in no-categories mode
2019-08-21 19:32:27 +03:00
Andrew Dolgov
4fa9aee4e7
move several more global functions to more appropriate classes
2019-06-20 08:14:06 +03:00
Andrew Dolgov
6d746453c7
get_feeds_from_html: remove XML preamble hack
...
move several related helper functions to Feeds class
2019-06-20 07:51:48 +03:00
Andrew Dolgov
4b74491b8b
feed tree: set placeholder feed unread value to -1
2019-05-06 09:32:08 +03:00
Michael Kuhn
e38fcd6dea
Fix button focus issues
...
This change introduces derived classes for ComboButton, DropDownButton
and Select that make sure that buttons do not remain focused after their
menus are closed. This allows using hotkeys after closing them.
2019-04-14 12:01:52 +02:00
Michael Kuhn
4a2a90c980
Fix focus issues with hotkeys
...
Since making use of keypress in addition to keydown, hotkeys did not
work in certain scenarios, including clicking on the feed tree expanders
or empty spaces of the toolbar.
This issue is caused by dijit.Tree and dijit.Toolbar implementing the
_KeyNavMixin, which explicitly stops propagation of keypress events.
This change contains two main fixes plus a smaller hotfix:
1. It overrides _onContainerKeydown and _onContainerKeypress for
fox.FeedTree (which inherits from dijit.Tree).
2. It adds fox.Toolbar, which overrides _onContainerKeydown,
_onContainerKeypress and focus. This fixes hotkeys being swallowed
and the first focusable child receiving focus when clicking on an
empty space of the toolbar.
3. It adds the same handling of keydown and keypress to the prefs hotkey
handler as is done in the main hotkey handler.
2019-04-13 22:34:57 +02:00
Andrew Dolgov
ed22473272
feed editor: use DEFAULT_SEARCH_LANGUAGE as a default per-feed dropdown value
2019-04-10 13:08:32 +03:00
Andrew Dolgov
019f4578bc
fix feed icon upload not working, rework form to use FormData/ajax
2019-03-14 09:08:44 +03:00
Andrew Dolgov
241d646fba
batch subscribe: stop dialog from being submitted twice
2019-03-10 09:20:46 +03:00
Andrew Dolgov
19f162dbe3
css: insensitive -> text-muted
2019-03-08 10:11:57 +03:00
Andrew Dolgov
371325a899
remove feed editor private checkbox
2019-03-06 20:07:23 +03:00
Andrew Dolgov
38e01270d8
archived feeds: expire old entries (schema bump)
2019-03-06 19:06:05 +03:00
Andrew Dolgov
1f2c769c5a
editfeed: mark save button
2019-03-05 19:41:44 +03:00
fox
e72243edfd
Merge branch 'master' of DLange/tt-rss into master
2019-02-23 04:54:57 +00:00
Andrew Dolgov
dab81ff7d0
feed editor: fix missing <section> breaking checkbox fieldsets
2019-02-22 12:19:37 +03:00
DLange
a539baece2
Fix warning after icon has successfully been moved.
2019-02-22 08:53:18 +01:00
Andrew Dolgov
a0636ccc90
Revert "Fix warning after icon has successfully been moved."
...
This reverts commit 8b73b9812d
.
2019-02-22 10:50:28 +03:00
Andrew Dolgov
e535a063ca
Merge branch 'master' of git.tt-rss.org:fox/tt-rss
2019-02-22 10:49:06 +03:00
Andrew Dolgov
335147e572
dialogs: use semantic markup instead of dlgsec stuff
...
continue unifying quoting style for html strings
2019-02-22 10:48:56 +03:00
DLange
8b73b9812d
Fix warning after icon has successfully been moved.
2019-02-22 07:25:09 +01:00
Andrew Dolgov
4e253add8c
UI: add some more info links to relevant wiki pages; minor layout updates
2019-02-21 16:21:16 +03:00
Andrew Dolgov
c78425b386
feed edit dialog: add interval label
2019-02-21 14:05:40 +03:00
Andrew Dolgov
1dbfbcfae1
batchSubscribe: use common markup
2019-02-21 13:57:18 +03:00
Andrew Dolgov
580f8c0883
enlarge feed title
2019-02-20 15:13:47 +03:00
Andrew Dolgov
f8836ec080
search dialog fixes
...
pgsql: get FTS languages list from the database
2019-02-20 15:12:37 +03:00
Andrew Dolgov
4d9141d762
simplify dlgSec-related markup
2019-02-20 14:37:59 +03:00
Andrew Dolgov
a68b150601
remove separate classes for various panels, unify under .panel
...
remove a few other unnecessary css classes/ids
2018-12-07 14:03:33 +03:00
Andrew Dolgov
0b8cbc9156
remove some bitmaps and rework stuff using it to use iconfont instead
2018-12-06 15:22:52 +03:00
Andrew Dolgov
814e49f8f7
add icons to accordion panels in preferences
...
fix typo in pref-prefs closing panel tag
2018-12-06 08:56:28 +03:00
Andrew Dolgov
6befff30d7
updates for flat theme (mostly disable old dijit overrides)
2018-12-04 19:03:42 +03:00
Andrew Dolgov
31e79317b3
normalize various font sizes and families between prefs & main UI
...
change some dialogs layout a bit to maybe become more readable
2018-12-04 15:22:22 +03:00
Andrew Dolgov
4d4034091a
prefs: Prefs global -> Helpers
2018-12-03 12:46:00 +03:00
Andrew Dolgov
b3bc638a9f
refactor OPML export/import code to be less horrible
2018-12-03 12:26:49 +03:00
Andrew Dolgov
5ead558e43
move Utils to AppBase where it belongs
2018-12-02 22:08:18 +03:00
Andrew Dolgov
eeb49d375c
uploadIconHandler -> CommonDialogs
2018-12-02 20:57:51 +03:00
Andrew Dolgov
d9c5c93cef
move some more stuff out of common.js
...
rework client-side cookie functions a bit
limit dojo cachebust based on server scripts modification time
remove param_escape()
2018-12-02 20:07:57 +03:00
Andrew Dolgov
b9869dbc01
prefs: remove some more stuff from global context (user management, etc)
2018-12-02 16:17:36 +03:00
Andrew Dolgov
58e54282d3
prefs: move more global functions into matching classes
2018-12-02 15:30:07 +03:00
Andrew Dolgov
f26d404890
prefs: move other tree-related functions to respective trees
2018-12-02 12:03:28 +03:00
Andrew Dolgov
60cd467694
embed some pref-feed helper functions into the tree
2018-12-02 11:50:53 +03:00
Andrew Dolgov
e23b6e397d
prefs: store active tab for reload, remove most old table row functions
2018-12-02 11:25:32 +03:00
Andrew Dolgov
874560db54
remove obsolete row selection functions
...
move getUrlParam() to Utils
2018-12-02 10:33:58 +03:00
Andrew Dolgov
0a18d0b1ed
Feeds: shorten some method names
...
finally rename "view as rss"
2018-12-02 08:57:22 +03:00
Andrew Dolgov
1e2d4410d3
move some more shared stuff to CommonDialogs, Filters, and Utils
2018-12-01 22:39:29 +03:00
Andrew Dolgov
4bed9be57d
js-ification: start on some common dialogs
2018-12-01 18:25:32 +03:00
Andrew Dolgov
049a37aa0e
WIP reshuffling of JS global context into separate logical objects
2018-12-01 17:05:35 +03:00
Andrew Dolgov
195180b64d
minor refactoring: normalize some function names; cleanup; etc
2018-12-01 11:18:35 +03:00
Andrew Dolgov
fc0a3050eb
use xhrPost is even more places!
2018-11-30 09:23:51 +03:00
Andrew Dolgov
c10a43069e
debug logging system rework:
...
* support various logging levels per-message
* remove hacks like debug_suppress, DAEMON_EXTENDED_DEBUG, etc
* _debug() is kept as a compatibility shim for plugins
2018-11-30 08:34:29 +03:00
Andrew Dolgov
3a0292303e
php: remove trailing whitespaces
2018-11-03 15:08:43 +03:00
Andrew Dolgov
d4fef36237
rewrite per-feed/global strip images to strip media
2018-09-07 10:24:46 +03:00
Andrew Dolgov
069aea5989
remove FEED_CRYPT_KEY and everything related to it
...
always assume auth_pass_encrypted is false
2018-08-13 15:59:24 +03:00
Andrew Dolgov
0a8cdd4b9c
remove firefox feed subscribe integration code (obsolete)
2018-03-14 18:15:21 +03:00
Andrew Dolgov
c9a5e5aa28
feed editor: expose site_url for editing
2018-03-01 15:43:40 +03:00
Andrew Dolgov
f1415df47c
prefs: expand feed tree if displaying search results
2018-02-26 11:58:53 +03:00
Andrew Dolgov
f6269d1bc4
add special class for feeds with disabled updates
2018-02-08 13:54:06 +03:00
Andrew Dolgov
a340b29ba9
pref-feeds: disable tree autoexpand
2018-02-04 09:36:56 +03:00
Andrew Dolgov
67bf38afda
savefeedorder, savefilterorder: do not use clean() on json payload
2018-02-04 09:33:28 +03:00
Andrew Dolgov
6fb5ce5e35
add some primary dialog actions; update css
2017-12-11 18:36:36 +03:00
Andrew Dolgov
f70d456a5b
Merge branch 'master' of git.tt-rss.org:git/tt-rss into pdo-experimental
2017-12-11 12:54:30 +03:00
dim0x69
e58a14de72
Check return value from Plugins
2017-12-11 09:41:45 +00:00
Andrew Dolgov
e6532439d6
force strip_tags() on all user input unless explicitly allowed
2017-12-03 23:35:38 +03:00
Andrew Dolgov
7c6f7bb0aa
fix some minor issues found by code analyzer
2017-12-03 23:08:04 +03:00
Andrew Dolgov
5f5b0de423
style feed icon and opml file upload controls
2017-12-03 22:35:12 +03:00
Andrew Dolgov
187abfe732
main classes: remove sql_bool_to_bool() kludge
2017-12-03 09:35:59 +03:00
Andrew Dolgov
bf6db17b8f
feeds: use PDO
2017-12-02 16:07:03 +03:00
Andrew Dolgov
2e52e4fd7a
feeds: more PDo stuff
2017-12-02 15:53:32 +03:00
Andrew Dolgov
7a1872c1e0
feeds: more PDO stuff
2017-12-02 15:36:32 +03:00
Andrew Dolgov
b5bf9a0ff3
remove long forgotten stuff related to feed debugging actionbar
2017-12-02 15:12:39 +03:00
Andrew Dolgov
91d679667e
feeds: PDO progress
2017-12-02 15:04:11 +03:00
Andrew Dolgov
bf4a79eaa9
prefs: start PDO switchover
2017-12-02 13:49:35 +03:00
dim0x69
5395526444
add HOOK_UNSUBSCRIBE_FEED
2017-11-27 11:46:46 +01:00
fox
b1d1bc901f
Merge branch 'checkbox-feed' of dxbi/tt-rss into master
2017-10-06 06:47:54 +00:00
Felix Eckhofer
cc50affb62
Add checkbox for authentication in edit feed dialog
...
This makes the UI more consistent with the "add feed" dialog and
prevents overzealous password-managers from leaking the login password.
2017-10-06 08:37:37 +02:00
Andrew Dolgov
51b521c326
fix batch feed editor using wrong SQL syntax when saving feed password
...
remove uses of auth_pass_encrypted in several other places
2017-10-06 09:22:04 +03:00
Andrew Dolgov
c053b97697
pref/feeds: start user category ordering from 1
...
api, getFeeds: send subcategory order_id
2017-06-26 16:29:57 +03:00
Andrew Dolgov
5b6ea1ef91
remove pubsubhubbub: dead
2017-05-16 10:41:20 +03:00
Andrew Dolgov
c114a2596f
move add_feed_url() to pref_feeds
2017-05-11 09:07:49 +03:00
Andrew Dolgov
e6c886bf66
wrap rssfuncs into rssutils class
2017-05-05 18:10:07 +03:00
Andrew Dolgov
7c9b5a3fe4
move label stuff to Labels class
...
fix some unresolved functions
2017-05-04 15:57:40 +03:00
Andrew Dolgov
2ed0d6c433
move counter cache to a separate class
...
fix references to get_article_tags
2017-05-04 15:22:57 +03:00
Andrew Dolgov
a230bf88a9
move to Article:
...
+ static function purge_orphans($do_output = false) {
move to Feeds
+ static function getGlobalUnread($user_id = false) {
+ static function getCategoryTitle($cat_id) {
+ static function getLabelUnread($label_id, $owner_uid = false) {
2017-05-04 15:00:21 +03:00
Andrew Dolgov
86a8351ca2
move the following to Feeds:
...
+ static function catchup_feed($feed, $cat_view, $owner_uid = false, $mode = 'all', $search = false) {
+ static function getFeedArticles($feed, $is_cat = false, $unread_only = false,
+ static function subscribe_to_feed($url, $cat_id = 0,
+ static function getFeedIcon($id) {
+ static function getFeedTitle($id, $cat = false) {
+ static function getCategoryUnread($cat, $owner_uid = false) {
+ static function getCategoryChildrenUnread($cat, $owner_uid = false) {
2017-05-04 14:50:56 +03:00
Andrew Dolgov
ea79a0e033
remove some redundant php closing tags
2017-04-26 20:24:18 +03:00
Andrew Dolgov
9c3c0ace6b
rename cache images option label (rip translations)
2017-03-23 15:16:31 +03:00
Andrew Dolgov
328118d12e
use print_hidden() for hidden dojo form fields
2017-02-10 14:36:21 +03:00
Andrew Dolgov
967f0619c7
force ngettext() count argument type to string
2017-01-22 10:18:43 +03:00
Andrew Dolgov
84012df5cd
prefs: auto expand feed tree
2017-01-21 22:33:23 +03:00
Andrew Dolgov
17a8e61d2a
deprecate encrypted feed passwords because mcrypt is getting removed from php 7.1
...
1. transparent decryption for existing installs stays for the time being
2. new passwords are not going to be encrypted even if FEED_CRYPT_KEY is defined
3. added update.php --decrypt-feeds to bulk decrypt existing encrypted passwords
4. updated install to not auto-generate crypt key
5. added warning to config.php-dist
2017-01-07 14:25:46 +03:00
Andrew Dolgov
ec21abb85d
update autocomplete to "new-password"
2016-05-18 12:43:56 +03:00
Andrew Dolgov
fa0e0ef315
set feed editor password fields to autocomplete=off
2016-05-18 12:31:25 +03:00
Andrew Dolgov
9def554082
pref-feeds: allow searching by feed_url
2016-01-30 13:02:15 +03:00
Andrew Dolgov
a5556c2471
fix item_id not being properly escaped in pref_feeds::process_category_order() (possible sql injection)
2016-01-29 17:24:59 +03:00