Commit Graph

224 Commits

Author SHA1 Message Date
Andrew Dolgov a544123b59 fix clean() for arrays and user plugin list 2021-02-06 00:17:41 +03:00
Andrew Dolgov 403dca154c initial WIP for php8; bump php version requirement to 7.0 2021-02-05 23:41:32 +03:00
Andrew Dolgov 40f38fc87f pluginhost: load plugin data automatically (also marks load_data method as private) 2021-01-15 08:32:06 +03:00
Andrew Dolgov 6da576dbe4 BLACKLISTED_TAGS: use textarea for editing; normalize value when saving 2020-12-21 08:50:34 +03:00
wn 8c4ca7c8ef Fix some 'isset' checks in 'classes/pref/prefs.php'. 2020-12-12 10:28:53 -06:00
Andrew Dolgov 215f388992 move timestamp-related stuff to a separate class 2020-09-23 13:04:26 +03:00
Andrew Dolgov 74568df4ff remove a lot of stuff from global context (functions.php), add a few helper classes instead 2020-09-22 09:04:33 +03:00
Andrew Dolgov 03a337a660 add basic safe mode which doesn't load any user plugins 2020-09-18 15:48:22 +03:00
Andrew Dolgov a4525d31b2 replace FALSE with false so that static analyzer shuts up about it 2020-09-17 19:02:27 +03:00
Andrew Dolgov 89d53a7f49 fix typo in previous 2020-09-17 08:45:17 +03:00
Andrew Dolgov 1f79d614c4 fix OTP QR code not displayed because of CSRF token passed as a query
parameter
use type-strict comparison when validating CSRF token on the backend
2020-09-17 08:43:39 +03:00
Andrew Dolgov 4a074111b5 user preferences: forbid < and > characters when changing passwords (were silently stripped on save because of clean()) 2020-09-14 20:53:00 +03:00
Andrew Dolgov 1f2a721905 allow overriding built-in templates via templates.local 2020-03-13 14:40:35 +03:00
Andrew Dolgov 4ab3854aed don't generate default.css, replace with themes/light.css as a default root CSS file 2020-02-22 16:22:44 +03:00
Andrew Dolgov 5b6d9cee29 prefs layout fixes:
1. prevent layout breakage when using an authenticator which doesn't allow changing passwords
2. show explanatory messages when OTP or password changing is not available
3. allow app (API) passwords when using any auth module
2020-02-18 11:51:04 +03:00
Andrew Dolgov df464e3d0d update app password notice 2019-12-17 14:58:31 +03:00
Andrew Dolgov 76dd74e0d9 add a hidden tweakable which forbids changing passwords 2019-12-06 17:45:22 +03:00
Andrew Dolgov ac95ab4a65 user css dialog: allow saving and applying CSS without closing the dialog 2019-12-06 14:02:30 +03:00
Andrew Dolgov 63ce7ea705 add a plugin page warning for plugins using HOOK_FEED_FETCHED, etc 2019-11-14 07:01:45 +03:00
Andrew Dolgov f75fb6bd75 Merge branch 'master' of git.fakecake.org:tt-rss 2019-11-01 15:40:15 +03:00
Andrew Dolgov 266a805bfe line endings + remove : from headings 2019-11-01 15:40:08 +03:00
Andrew Dolgov 05dffcff6f OTP stuff: update notice wording a bit 2019-11-01 15:27:24 +03:00
Andrew Dolgov 812a6c9f16 auth_internal: fix indents 2019-11-01 15:25:40 +03:00
Andrew Dolgov 249130e58d implement app password checking / management UI 2019-11-01 15:03:57 +03:00
Andrew Dolgov 88cd9e586e add placeholder UI plumbing for app passwords 2019-11-01 12:23:11 +03:00
Andrew Dolgov 904ecc31e2 allow using OTP without GD 2019-11-01 10:32:58 +03:00
Andrew Dolgov 2820f41a4b add notification for OTP being disabled 2019-10-09 09:10:43 +03:00
Andrew Dolgov ef514bc4bd add notifications for mail and password changes
update and shorten some other message templates
2019-10-09 09:04:51 +03:00
Andrew Dolgov 6825aaff55 update SSL certificate wiki link 2019-08-02 08:03:20 +03:00
Michael Kuhn e38fcd6dea Fix button focus issues
This change introduces derived classes for ComboButton, DropDownButton
and Select that make sure that buttons do not remain focused after their
menus are closed. This allows using hotkeys after closing them.
2019-04-14 12:01:52 +02:00
Michael Kuhn 4a2a90c980 Fix focus issues with hotkeys
Since making use of keypress in addition to keydown, hotkeys did not
work in certain scenarios, including clicking on the feed tree expanders
or empty spaces of the toolbar.

This issue is caused by dijit.Tree and dijit.Toolbar implementing the
_KeyNavMixin, which explicitly stops propagation of keypress events.

This change contains two main fixes plus a smaller hotfix:
1. It overrides _onContainerKeydown and _onContainerKeypress for
   fox.FeedTree (which inherits from dijit.Tree).
2. It adds fox.Toolbar, which overrides _onContainerKeydown,
   _onContainerKeypress and focus. This fixes hotkeys being swallowed
   and the first focusable child receiving focus when clicking on an
   empty space of the toolbar.
3. It adds the same handling of keydown and keypress to the prefs hotkey
   handler as is done in the main hotkey handler.
2019-04-13 22:34:57 +02:00
Andrew Dolgov c936cc3a1f use DEFAULT_SEARCH_LANGUAGE to generate tsvector index if per-feed language is not specified, also use it as default value on search form for convenience 2019-04-10 13:03:26 +03:00
Andrew Dolgov 19f162dbe3 css: insensitive -> text-muted 2019-03-08 10:11:57 +03:00
Andrew Dolgov a130da2d1a add layout hack to unify heights of plugin fieldsets 2019-02-26 15:03:33 +03:00
Andrew Dolgov 8819272db1 prefs-set -> prefs 2019-02-25 19:22:20 +03:00
Andrew Dolgov cbd119c7a3 pref-prefs: fix markup 2019-02-25 19:11:17 +03:00
Andrew Dolgov 52d77dee62 plugin list: update layout 2019-02-25 17:15:05 +03:00
Andrew Dolgov 335147e572 dialogs: use semantic markup instead of dlgsec stuff
continue unifying quoting style for html strings
2019-02-22 10:48:56 +03:00
Andrew Dolgov 7dbf63693b prefs small update 2019-02-22 06:58:06 +03:00
Andrew Dolgov c2fa0c4416 try to organize preferences better, shorten some descriptions 2019-02-21 22:08:23 +03:00
Andrew Dolgov 4e253add8c UI: add some more info links to relevant wiki pages; minor layout updates 2019-02-21 16:21:16 +03:00
Andrew Dolgov 4db13b8a17 simplify preference layout, remove some unnecessary css classes 2019-02-21 12:35:40 +03:00
Andrew Dolgov 3880a17e57 pref-prefs: rework personal info tab, remove ugly table markup 2019-02-20 17:21:32 +03:00
Andrew Dolgov 734af3357d fix user plugins not saving properly in non-default profiles 2018-12-26 22:04:35 +03:00
Andrew Dolgov b6a021461d add night_base so that output files would generate properly, etc 2018-12-11 21:06:02 +03:00
Andrew Dolgov be49b77b14 Revert "use codeflask for user css editor"
This reverts commit daa43e0572.
2018-12-11 20:48:17 +03:00
Andrew Dolgov 66d3dcbc7d update user css info line 2018-12-11 14:31:07 +03:00
Andrew Dolgov daa43e0572 use codeflask for user css editor 2018-12-11 14:25:41 +03:00
Andrew Dolgov 703351c79e remove theme supports-version etc checking 2018-12-09 11:37:26 +03:00
Andrew Dolgov a68b150601 remove separate classes for various panels, unify under .panel
remove a few other unnecessary css classes/ids
2018-12-07 14:03:33 +03:00
Andrew Dolgov 4fdcc923f0 prefs: reload on user theme change 2018-12-07 10:35:46 +03:00
Andrew Dolgov 15d05e8a26 night.css: do not import default less theme statically
remove themes/default.php (not needed)
compact.css: fixes
2018-12-06 14:49:33 +03:00
Andrew Dolgov 4aa11fe78d set some alt-info buttons; fix missing default submit for create filter dialog 2018-12-06 13:04:39 +03:00
Andrew Dolgov 814e49f8f7 add icons to accordion panels in preferences
fix typo in pref-prefs closing panel tag
2018-12-06 08:56:28 +03:00
Andrew Dolgov 19e24b4fe2 force cast profile id to integer when assigning to session variable 2018-12-06 07:08:54 +03:00
Andrew Dolgov f3e6e12d46 various minor updates re: icons 2018-12-05 16:48:29 +03:00
Andrew Dolgov b16c57d29c replace plugin.png with scalable icon 2018-12-05 16:37:09 +03:00
Andrew Dolgov 6befff30d7 updates for flat theme (mostly disable old dijit overrides) 2018-12-04 19:03:42 +03:00
Andrew Dolgov f81df37c36 wrap plugin list into border container, like prefs (2) 2018-12-04 15:33:20 +03:00
Andrew Dolgov 0880100f6a wrap plugin list into border container, like prefs 2018-12-04 15:31:21 +03:00
Andrew Dolgov 31e79317b3 normalize various font sizes and families between prefs & main UI
change some dialogs layout a bit to maybe become more readable
2018-12-04 15:22:22 +03:00
Andrew Dolgov 197e80add6 fix several issues related to profile being set to a non-numeric value 2018-12-04 10:47:01 +03:00
Andrew Dolgov 4d4034091a prefs: Prefs global -> Helpers 2018-12-03 12:46:00 +03:00
Andrew Dolgov 526389b2d3 update notify_* calls to use Notify 2018-12-02 20:56:30 +03:00
Andrew Dolgov 58e54282d3 prefs: move more global functions into matching classes 2018-12-02 15:30:07 +03:00
Andrew Dolgov f26d404890 prefs: move other tree-related functions to respective trees 2018-12-02 12:03:28 +03:00
Andrew Dolgov e23b6e397d prefs: store active tab for reload, remove most old table row functions 2018-12-02 11:25:32 +03:00
Andrew Dolgov 874560db54 remove obsolete row selection functions
move getUrlParam() to Utils
2018-12-02 10:33:58 +03:00
Andrew Dolgov 9563e3bcd6 remove expandable CDM headlines 2018-11-30 13:51:54 +03:00
Andrew Dolgov ef129fed2a some more xhrPost refactoring (batchEditSave WIP) 2018-11-30 10:48:50 +03:00
Andrew Dolgov d4fef36237 rewrite per-feed/global strip images to strip media 2018-09-07 10:24:46 +03:00
Andrew Dolgov 310c18e6bb move OTPHP to vendor/; additionally move Base32 class to OTPHP namespace 2018-06-20 18:27:34 +03:00
tsia 551f3c2c85 fixed "reset to defaults" in preferences 2018-03-15 16:26:50 +00:00
Francesco Turco 1a7277570b fix two-factor authenticaton 2017-12-22 12:29:25 +01:00
Andrew Dolgov d0cce0c7a4 isdefaultpassword: use method_exists() to check for check_password 2017-12-15 12:15:15 +03:00
simonp 5f19596651 Fix typo from previous pull request 2017-12-14 18:43:42 +01:00
Benjamin Collet 44c6a04b61 Check if the auth module supports check_password() method before using it 2017-12-14 18:02:37 +01:00
Andrew Dolgov 9390ddeae2 fix single user mode login failing because of isdefaultpassword() 2017-12-14 19:27:55 +03:00
Andrew Dolgov 1bf468ba1a pref-prefs: set button classes 2017-12-11 18:50:00 +03:00
Andrew Dolgov e6532439d6 force strip_tags() on all user input unless explicitly allowed 2017-12-03 23:35:38 +03:00
Andrew Dolgov 7c6f7bb0aa fix some minor issues found by code analyzer 2017-12-03 23:08:04 +03:00
Andrew Dolgov 7c0eb1b621 add defaultPasswordWarning nag dialog 2017-12-03 20:46:27 +03:00
Andrew Dolgov 187abfe732 main classes: remove sql_bool_to_bool() kludge 2017-12-03 09:35:59 +03:00
Andrew Dolgov e4291ba12f otpenable: use pdo prepare() 2017-12-03 09:10:14 +03:00
Andrew Dolgov 7039370368 pref-prefs: PDO 2017-12-02 12:01:56 +03:00
Andrew Dolgov 667d32fd26 remove obsolete forum plugin links
mention how to enable system plugins in the UI
2017-07-04 16:28:45 +03:00
Andrew Dolgov e130b283a7 db prefs: ignore cache when preference requested for specified UID (in case cached value of a different profile is stored)
prefs: show (and set) enabled plugins for default profile only
2017-06-24 14:29:07 +03:00
Andrew Dolgov ea79a0e033 remove some redundant php closing tags 2017-04-26 20:24:18 +03:00
Andrew Dolgov 1bfe1d7b31 simplify error handling
* less convoluted exception dialogs
* use window.onerror for the majority of exception catching/reporting
* remove most of now useless try/catch blocks
* report stacktrace instead of manually specified error locations
2017-03-04 14:34:44 +03:00
Jérémy DECOOL ba2853caac Prevent target='_blank' vulnerability on dynamic link 2017-02-12 11:01:36 +01:00
Andrew Dolgov 328118d12e use print_hidden() for hidden dojo form fields 2017-02-10 14:36:21 +03:00
Andrew Dolgov 22387de225 preferences: set themes dropdown to default if selected theme is missing 2017-01-26 22:37:22 +03:00
Andrew Dolgov e432b8fbe2 implement cache-busting for default theme.css
night theme: small fixes
2017-01-25 12:17:41 +03:00
Andrew Dolgov 312742db6e updates: auto-disable CURL if open_basedir is enabled, notify possible issues w/ plugins 2016-01-13 18:12:31 +03:00
Andrew Dolgov 5bdcb8fd78 remove option ALLOW_DUPLICATE_POSTS as confusing/useless 2016-01-07 22:01:35 +03:00
Andrew Dolgov 583f163f40 don't init plugins when loading everything to make a list, duh 2015-10-08 17:02:32 +03:00
Andrew Dolgov b87744534a add plugin-based filter actions (see example plugin in attic)
bump schema
2015-08-11 23:28:42 +03:00
Andrew Dolgov fb8a032a6b minor textarea fixes 2015-08-11 18:44:07 +03:00
Andrew Dolgov e79e274fc8 add styles for several other dijit elements 2015-08-11 16:41:05 +03:00
Andrew Dolgov 5956f312b7 add a bit more visible separate infobox for password change results 2015-07-06 12:10:15 +03:00