Commit Graph

162 Commits

Author SHA1 Message Date
Andrew Dolgov 5b3a73e574 login: switch to absolute redirect urls 2019-03-04 20:38:39 +03:00
Andrew Dolgov 925065b1fe Revert "login: only allow relative URLs in return="
This reverts commit c68ac04020.
2019-03-04 07:02:58 +03:00
Andrew Dolgov c68ac04020 login: only allow relative URLs in return= 2019-03-03 07:53:42 +03:00
Andrew Dolgov cc57ed3775 public/subscribe: add basic dialog to enter feed urls 2019-03-03 06:18:19 +03:00
Andrew Dolgov 54c1b5c611 fill in some missing doctypes; use short doctype where it wasn't 2019-02-23 13:49:40 +03:00
Andrew Dolgov d60038d48b simplify some public.php prompts; prevent from submitting forgotpass form repeatedly if check succeeds 2019-02-21 12:50:15 +03:00
Andrew Dolgov 6701497879 public.php: markup cleanup 2019-02-20 13:12:55 +03:00
Andrew Dolgov be322d6fc8 cleanup sharepopup dialog 2019-02-20 13:05:12 +03:00
Andrew Dolgov d9e20f8b16 update external subscribe dialog 2019-02-20 12:32:52 +03:00
Andrew Dolgov 5ce55faa3b installer: reduce margins; misc fixes 2019-02-19 21:23:03 +03:00
Andrew Dolgov 420e71280a dbupdater: dojoify, add some missing translations 2019-02-19 20:55:02 +03:00
Andrew Dolgov f7a4a45bde pwd reset: use dijit controls 2019-02-19 20:43:45 +03:00
Andrew Dolgov 59df261fb8 forgotpass: slightly better anti-bot protection 2019-02-19 20:25:48 +03:00
Andrew Dolgov 8cd7f31bde utility css updates 2019-02-19 19:46:09 +03:00
Andrew Dolgov c11f32ac38 center and rework some utility screens 2019-02-19 14:59:29 +03:00
Andrew Dolgov b1f9ebe46e get_article_image: ignore data: schema images, other minor fixes 2019-01-10 08:42:31 +03:00
Andrew Dolgov e70d42237a edit options after subscribe: use correct method name 2018-12-25 16:22:12 +03:00
Andrew Dolgov d0d05e4079 zoom mode: hide .attachments 2018-12-10 07:20:13 +03:00
Andrew Dolgov 6a6af964df feed template, ARTICLE_OG_IMAGE: set as optional 2018-12-09 17:18:29 +03:00
Andrew Dolgov 851f62dc4a syndicated feeds:
1. properly reset enclosure template variables if there's no enclosures
2. add ARTICLE_OG_IMAGE which sets flavor image for article using common code with article render etc
2018-12-09 17:07:17 +03:00
Andrew Dolgov b2c079893b move Article::format_article() to Handler_Public 2018-12-09 11:13:02 +03:00
Andrew Dolgov 966fe6d612 #sharepopup: update css 2018-12-09 10:56:39 +03:00
Andrew Dolgov 19e24b4fe2 force cast profile id to integer when assigning to session variable 2018-12-06 07:08:54 +03:00
Andrew Dolgov 29c890b495 login form: use dojo, remove profile hacks 2018-12-04 23:17:35 +03:00
Andrew Dolgov 79c5035920 reset password: use updated mailer parameters properly 2018-11-26 12:44:36 +03:00
Andrew Dolgov 57932e1837 remove PHPMailer and related directives from config.php-dist; add pluggable Mailer class 2018-11-22 14:45:14 +03:00
Andrew Dolgov 253dbd4856 generate_syndicated_feed: add support for virtual feeds provided by plugins 2018-11-07 14:21:39 +03:00
Andrew Dolgov 5f66f872b6 fix session write handler always assuming that database entry exists and failing silently if it doesn't; remove session cookie-related hacks 2018-10-16 14:07:42 +03:00
Andrew Dolgov f8fc1ac543 login: check for stale session in login handler, instead of authenticate_user() 2018-10-16 11:39:12 +03:00
Andrew Dolgov f730d7bb0a another attempt to enforce session ID regeneration on login 2018-10-16 09:11:32 +03:00
Andrew Dolgov 65e98f4086 force regenerate session id on successful login, remove previous blank SID check 2018-10-15 15:47:50 +03:00
Andrew Dolgov 88adf3da1b send_local_file: add application/octet-stream hack
cached_url: return original requested filename to save as
2018-08-16 12:16:51 +03:00
Andrew Dolgov e6532439d6 force strip_tags() on all user input unless explicitly allowed 2017-12-03 23:35:38 +03:00
Andrew Dolgov df5d2a0665 pluginhost: do not connect via legacy DB api until requested
log all initiated legacy database connections
2017-12-03 14:49:18 +03:00
Andrew Dolgov b51d44a5e6 further stylesheet simplification related fixes (2) 2017-12-03 13:26:26 +03:00
Andrew Dolgov 09bc54c690 further stylesheet simplification related fixes 2017-12-03 13:25:34 +03:00
Andrew Dolgov 5e68e24679 css/less updates 2017-12-03 12:50:07 +03:00
Andrew Dolgov 187abfe732 main classes: remove sql_bool_to_bool() kludge 2017-12-03 09:35:59 +03:00
Andrew Dolgov 1d92297a96 dbupdater: use PDO 2017-12-02 01:28:30 +03:00
Andrew Dolgov cb13089af1 public: use PDO headlines result (2) 2017-12-01 20:57:55 +03:00
Andrew Dolgov dc393a580b public: use PDO headlines result 2017-12-01 20:57:05 +03:00
Andrew Dolgov 1271407eea public: partial conversion to PDO, misc fixes 2017-12-01 18:57:34 +03:00
Andrew Dolgov 9dd336a2c3 generate base css files using lessc 2017-11-29 18:55:12 +03:00
Andrew Dolgov 2352c320c2 fix possible sql injection in public/forgotpass 2017-11-20 08:48:18 +03:00
Gilles Grandou 81d96c0dee makes 'order by title' to sort by title and by ascending date
* this allows to chronologically browse all articles with the
  same title.
2017-10-09 22:50:03 +02:00
Andrew Dolgov 8b73bd28d8 remove apache-specific x-sendfile stuff
implement a hook (HOOK_SEND_LOCAL_FILE) which plugins may use to send files
via httpd-specific implementation to increase performance typically on larger files
2017-10-08 17:14:56 +03:00
Andrew Dolgov b2d42e960b replace some usages of SELF_URL_PATH with get_self_url_prefix() 2017-07-06 23:01:44 +03:00
Andrew Dolgov 5b6ea1ef91 remove pubsubhubbub: dead 2017-05-16 10:41:20 +03:00
Andrew Dolgov 2ed0d6c433 move counter cache to a separate class
fix references to get_article_tags
2017-05-04 15:22:57 +03:00
Andrew Dolgov aeb1abedb2 move a bunch of functions into Feeds/Article namespaces
+       static function catchupArticlesById($ids, $cmode, $owner_uid = false) {
+       static function getLastArticleId() {
+       static function queryFeedHeadlines($params) {
+       static function getParentCategories($cat, $owner_uid) {
+       static function getChildCategories($cat, $owner_uid) {

move the rest of functions2.php back to functions.php as it is of more manageable size, remove the former
2017-05-04 15:13:02 +03:00