Andrew Dolgov
70adfd4a74
* sanitize: never rewrite relative links to our own prefix
...
* use Config::get_self_url() instead of get_self_url_prefix() in a bunch
of places
2021-03-02 08:16:41 +03:00
Andrew Dolgov
c01b6e43fd
add pluginhost->get_array() shorthand
2021-02-26 15:33:59 +03:00
Andrew Dolgov
42173386b3
dirname(__FILE__) -> __DIR__
2021-02-22 17:38:46 +03:00
Andrew Dolgov
be4e7b1340
fix several issues reported by phpstan
2021-02-22 14:41:09 +03:00
Andrew Dolgov
33fff26869
reinstate HOOK_RENDER_ENCLOSURE
2021-02-22 10:00:50 +03:00
Andrew Dolgov
fc0ebf0891
move bookmarklet-related methods out of public.php into the plugin
2021-02-19 20:21:36 +03:00
Andrew Dolgov
e4609c18ef
* add (disabled) shortcut syntax for plugin methods
...
* add controls shortcut for pluginhandler tags
* add similar shortcut for frontend
* allow plugins to selectively exclude their methods from CSRF checking
2021-02-17 21:44:21 +03:00
Andrew Dolgov
273ada7353
* implement shortcut syntax for exposed plugin methods
...
* move shared article rendering code to share plugin
2021-02-17 09:59:14 +03:00
Andrew Dolgov
257efb43c6
article: unify naming
2021-02-15 15:52:28 +03:00
Andrew Dolgov
a5819569f2
pluginhost: a few more warnings and type hints
2021-02-09 10:20:58 +03:00
Andrew Dolgov
d91eae9c7e
pluginhost: add some type hints
2021-02-08 21:38:09 +03:00
Andrew Dolgov
6e57fd77af
db: add type hints
2021-02-08 21:11:56 +03:00
Andrew Dolgov
a14873d5b4
more hooks, also add type hint for PluginHost::getInstance()
2021-02-08 21:06:14 +03:00
Andrew Dolgov
ca4c93c6b9
pluginhost: note hook function prototypes
2021-02-08 20:20:24 +03:00
Andrew Dolgov
a341a838b1
pluginhost: deny hook registration to plugins which lack relevant implementation methods
2021-02-08 19:16:53 +03:00
Andrew Dolgov
3b52cea811
move some old-style handlers to new callback ones
2021-02-08 16:14:48 +03:00
Andrew Dolgov
1eb1629d9e
pluginhost: rework run_hooks() to be shorter, add callback variant; implement exception handling for both
2021-02-08 14:24:45 +03:00
Andrew Dolgov
20b56b5b23
pluginhost: catch errors while loading plugin source code
2021-02-08 12:14:12 +03:00
Andrew Dolgov
4165834f80
pluginhost: catch fatal errors in plugin init
2021-02-08 12:10:25 +03:00
Andrew Dolgov
c94f1b6ff8
fix some more warnings reported by phpstan
2021-02-06 17:38:24 +03:00
Andrew Dolgov
403dca154c
initial WIP for php8; bump php version requirement to 7.0
2021-02-05 23:41:32 +03:00
Andrew Dolgov
25520e9784
Select... dropdown: replace dijit Select with DropDownButton, simplify layout
...
PluginHost: add HOOK_HEADLINE_TOOLBAR_SELECT_MENU_ITEM
Headlines.onActionChanged: removed
2021-01-17 11:27:07 +03:00
Andrew Dolgov
ee4b7bebe8
pluginhost: load_data: check schema last
2021-01-15 08:35:05 +03:00
Andrew Dolgov
40f38fc87f
pluginhost: load plugin data automatically (also marks load_data method as private)
2021-01-15 08:32:06 +03:00
Andrew Dolgov
6811d0bde2
use self:: in some places to invoke static methods from the same class
2020-09-22 14:54:15 +03:00
Andrew Dolgov
a4525d31b2
replace FALSE with false so that static analyzer shuts up about it
2020-09-17 19:02:27 +03:00
Andrew Dolgov
c3d14e1fa5
- fix multiple vulnerabilities in af_proxy_http
...
- fix vulnerability in rewrite_relative_url() which prevented some URLs from being properly absolutized
- fetch_file_contents: validate all URLs before requesting them
- validate URLs: explicitly whitelist http and https scheme, forbid everything else
- DiskCache/cached_url: only serve whitelisted content types (images, video)
- simplify filename/URL handling code, remove and consolidate some less-used functions
2020-09-14 19:46:52 +03:00
Andrew Dolgov
ddf9227dc4
pluginhost: allow overriding default sort modes via HOOK_HEADLINES_CUSTOM_SORT_MAP etc
2020-08-13 12:23:27 +03:00
Andrew Dolgov
6573541873
* add HOOK_ENCLOSURE_IMPORTED
...
* pass feed id to HOOK_FEED_PARSED
2020-04-29 11:33:39 +03:00
Andrew Dolgov
208e02c47d
PluginHost/save_data: use separate PDO connection to prevent issues with nested transactions
2020-03-10 08:14:00 +03:00
Andrew Dolgov
d15f0349bf
remove hardcoded iframe domain whitelist, make iframe script whitelisting configurable by plugins (HOOK_IFRAME_WHITELISTED)
2019-11-27 11:52:51 +03:00
jc
8fd11fd53a
Add const HOOK_FEED_TREE
2019-10-07 13:46:31 +00:00
jc
a243979aaf
Add const HOOK_FEED_TREE
2019-10-07 13:44:57 +00:00
Andrew Dolgov
3e4701116d
af_readability: add missing file
2019-08-16 15:29:24 +03:00
Andrew Dolgov
865c54abcb
fix get_method_url() to use correct method parameter
2019-08-15 20:27:21 +03:00
Andrew Dolgov
10c63ed582
pluginhost: add helper methods to get private/public pluginmethod endpoint URLs
2019-08-15 20:23:45 +03:00
Andrew Dolgov
7f8946f14e
pluginhost: implement priority-based system for running hooks
2019-08-15 15:34:09 +03:00
Andrew Dolgov
9d852e052c
add HOOK_ARTICLE_IMAGE for Article::get_article_image()
2019-08-15 09:04:42 +03:00
Andrew Dolgov
fdb6066bf6
* HOOK_ENCLOSURE_ENTRY: pass article_id to handler
...
* DiskCache: multiple fixes; support isWritable() for cache entries, set content-disposition for send()
* public/cached_url: allow selecting files from sub-caches other than images
* plugins/Cache_Starred_Images: rework to use DiskCache, can be enabled per-user, properly handles article enclosures, etc
2019-08-13 16:40:21 +03:00
Andrew Dolgov
6955b2e02d
plugins: add HOOK_GET_FULL_TEXT which may be used to provide full text extraction to core code and other plugins, instead of trying to invoke af_readability specifically
2019-04-17 08:32:35 +03:00
Andrew Dolgov
614a4b3b4a
pluginhost: remove plugin gettext helpers (moved to plugin base class)
2019-03-05 10:26:23 +03:00
Andrew Dolgov
c1175070a2
add P_sprintf
2019-03-05 10:01:08 +03:00
Andrew Dolgov
72fcc81919
support per-plugin locale directories
2019-03-01 14:25:24 +03:00
Andrew Dolgov
95f63e121a
note that HOOK_FORMAT_ARTICLE_CDM is dead for now
2018-12-07 18:35:50 +03:00
Andrew Dolgov
a01c33d654
add HOOK_FILTER_TRIGGERED (for filter debugging)
2018-12-06 19:15:00 +03:00
Andrew Dolgov
c10a43069e
debug logging system rework:
...
* support various logging levels per-message
* remove hacks like debug_suppress, DAEMON_EXTENDED_DEBUG, etc
* _debug() is kept as a compatibility shim for plugins
2018-11-30 08:34:29 +03:00
Andrew Dolgov
57932e1837
remove PHPMailer and related directives from config.php-dist; add pluggable Mailer class
2018-11-22 14:45:14 +03:00
Andrew Dolgov
3a0292303e
php: remove trailing whitespaces
2018-11-03 15:08:43 +03:00
Andrew Dolgov
32c0c07cc1
pluginhost: implement basic autoloader for classes bundled with plugins (uses vendor/ layout)
2018-08-07 14:36:45 +03:00
Andrew Dolgov
6fb5f17be6
pluginhost: always return an array in get_all()
2017-12-17 19:06:18 +03:00