Commit Graph

478 Commits

Author SHA1 Message Date
Andrew Dolgov 73070544ca error log: make it more readable 2021-02-06 16:11:29 +03:00
Andrew Dolgov 5cfc5914f2 log viewer: show total pages 2021-02-06 15:33:19 +03:00
Andrew Dolgov 10392ecc28 event log: add pagination 2021-02-06 10:10:54 +03:00
Andrew Dolgov a544123b59 fix clean() for arrays and user plugin list 2021-02-06 00:17:41 +03:00
Andrew Dolgov 6e774a58fe more php8 fixes mostly related to login 2021-02-06 00:12:15 +03:00
Andrew Dolgov 403dca154c initial WIP for php8; bump php version requirement to 7.0 2021-02-05 23:41:32 +03:00
Andrew Dolgov da0ad82c24 Archive cleanup:
- remove code to manually archive/unarchive articles
- remove ttrss_archived_feeds/orig_feed_id handling - the whole thing was implemented for
this data to be kept indefinitely; it doesn't make a lot of sense to deal with this stuff
now that it is expired after one month anyway (same reasons as feed browser being removed - privacy)
- remove "originally from"-related stuff because of the above
- also remove unused remaining frontend/backend code related to feed browser (rip)
2021-01-17 14:55:11 +03:00
Andrew Dolgov 40f38fc87f pluginhost: load plugin data automatically (also marks load_data method as private) 2021-01-15 08:32:06 +03:00
Andrew Dolgov 33a5ecd2ce feed editor: show purge interval correctly if FORCE_ARTICLE_PURGE is set 2021-01-07 18:16:42 +03:00
Andrew Dolgov 8cc07bc8bd event log: add severity filtering 2020-12-24 15:02:47 +03:00
Andrew Dolgov 6da576dbe4 BLACKLISTED_TAGS: use textarea for editing; normalize value when saving 2020-12-21 08:50:34 +03:00
wn_ d2db58de4f Switch from 'vsprintf' to 'sprintf' in another place. 2020-12-16 07:55:32 -06:00
fox ef7e679363 Merge branch 'feature/php8' of wn/tt-rss into master 2020-12-16 11:06:48 +00:00
Andrew Dolgov 9b7338e807 feed editor: properly show global purging interval as disabled 2020-12-15 08:49:43 +03:00
wn 62da307ef1 Use correct 'sprintf' function and other minor fixes in Pref_Feeds. 2020-12-12 10:28:55 -06:00
wn a1f8d6941b Remove duplicate block in 'classes/pref/filters.php'.
Also a minor tweak to getting the search filter.
2020-12-12 10:28:54 -06:00
wn 8c4ca7c8ef Fix some 'isset' checks in 'classes/pref/prefs.php'. 2020-12-12 10:28:53 -06:00
Andrew Dolgov 8089fcc762 feed editor: also show default value for purge interval 2020-11-30 15:34:15 +03:00
Andrew Dolgov d48460969d feed editor: show actual value of default update interval 2020-11-30 15:29:22 +03:00
Andrew Dolgov d1ee30d1ba prevent horizontal scrolling in filter editor dialog if rules are very long 2020-11-27 12:27:12 +03:00
Andrew Dolgov 215f388992 move timestamp-related stuff to a separate class 2020-09-23 13:04:26 +03:00
Andrew Dolgov 6811d0bde2 use self:: in some places to invoke static methods from the same class 2020-09-22 14:54:15 +03:00
Andrew Dolgov 74568df4ff remove a lot of stuff from global context (functions.php), add a few helper classes instead 2020-09-22 09:04:33 +03:00
Andrew Dolgov 03a337a660 add basic safe mode which doesn't load any user plugins 2020-09-18 15:48:22 +03:00
Andrew Dolgov a4525d31b2 replace FALSE with false so that static analyzer shuts up about it 2020-09-17 19:02:27 +03:00
Andrew Dolgov 89d53a7f49 fix typo in previous 2020-09-17 08:45:17 +03:00
Andrew Dolgov 1f79d614c4 fix OTP QR code not displayed because of CSRF token passed as a query
parameter
use type-strict comparison when validating CSRF token on the backend
2020-09-17 08:43:39 +03:00
Andrew Dolgov 33fdde249e pass CSRF token to opml import and feed icon replace dialogs 2020-09-16 06:43:55 +03:00
Andrew Dolgov 4a074111b5 user preferences: forbid < and > characters when changing passwords (were silently stripped on save because of clean()) 2020-09-14 20:53:00 +03:00
Andrew Dolgov c3d14e1fa5 - fix multiple vulnerabilities in af_proxy_http
- fix vulnerability in rewrite_relative_url() which prevented some URLs from being properly absolutized
- fetch_file_contents: validate all URLs before requesting them
- validate URLs: explicitly whitelist http and https scheme, forbid everything else
- DiskCache/cached_url: only serve whitelisted content types (images, video)
- simplify filename/URL handling code, remove and consolidate some less-used functions
2020-09-14 19:46:52 +03:00
Andrew Dolgov fa653f5a43 prefs: show disabled filters properly on mysql 2020-07-01 09:49:53 +03:00
Andrew Dolgov 2996a3942f prefs: show root of filter tree as enabled so it's not grayed out 2020-07-01 09:48:27 +03:00
Andrew Dolgov d01ad09800 eslint-related fixes; move a few things from global context to App 2020-06-05 07:44:57 +03:00
Andrew Dolgov c8cc845d5b when removing favicon, reset its auto-refresh timer 2020-05-22 15:06:52 +03:00
Andrew Dolgov 1f2a721905 allow overriding built-in templates via templates.local 2020-03-13 14:40:35 +03:00
Andrew Dolgov bcbc5ccc78 batchSubscribe: use validationtextarea 2020-02-28 14:03:29 +03:00
Andrew Dolgov f24ece85a6 add validationtextarea control, use it for filter match editor 2020-02-28 13:53:45 +03:00
Andrew Dolgov 8645f36c5b filter test dialog: pass contents via xhr POST 2020-02-28 12:16:54 +03:00
Andrew Dolgov 4ab3854aed don't generate default.css, replace with themes/light.css as a default root CSS file 2020-02-22 16:22:44 +03:00
Andrew Dolgov 60288f02e8 1. feedtree: show counters for marked articles if view-mode == marked
2. hide/show relevant counter nodes using css
3. cleanup some counter-related code
4. compile default css into light theme to prevent cache-related issues
2020-02-20 14:14:45 +03:00
Andrew Dolgov 5b6d9cee29 prefs layout fixes:
1. prevent layout breakage when using an authenticator which doesn't allow changing passwords
2. show explanatory messages when OTP or password changing is not available
3. allow app (API) passwords when using any auth module
2020-02-18 11:51:04 +03:00
Andrew Dolgov 6080cca9ca scrap counter cache system; rework counters to sum() booleans instead 2020-01-24 14:25:31 +03:00
Andrew Dolgov df464e3d0d update app password notice 2019-12-17 14:58:31 +03:00
Andrew Dolgov 76dd74e0d9 add a hidden tweakable which forbids changing passwords 2019-12-06 17:45:22 +03:00
Andrew Dolgov ac95ab4a65 user css dialog: allow saving and applying CSS without closing the dialog 2019-12-06 14:02:30 +03:00
Andrew Dolgov 63ce7ea705 add a plugin page warning for plugins using HOOK_FEED_FETCHED, etc 2019-11-14 07:01:45 +03:00
Andrew Dolgov f75fb6bd75 Merge branch 'master' of git.fakecake.org:tt-rss 2019-11-01 15:40:15 +03:00
Andrew Dolgov 266a805bfe line endings + remove : from headings 2019-11-01 15:40:08 +03:00
Andrew Dolgov 05dffcff6f OTP stuff: update notice wording a bit 2019-11-01 15:27:24 +03:00
Andrew Dolgov 812a6c9f16 auth_internal: fix indents 2019-11-01 15:25:40 +03:00