Commit Graph

190 Commits

Author SHA1 Message Date
Andrew Dolgov eec5871f5f fail better if requested article URL is blank 2021-02-13 10:10:44 +03:00
Andrew Dolgov ad7842c98a RIP tag cloud: last of the vanilla popup dialog system 2021-02-12 18:43:30 +03:00
Andrew Dolgov 848bc57f29 disable themes in safe mode; rework safe mode warning/login prompt 2021-02-11 21:19:57 +03:00
Andrew Dolgov 6c8ccd2acc front page log checker: filter out idiotic GD warning 2021-02-08 22:15:35 +03:00
Andrew Dolgov 3b52cea811 move some old-style handlers to new callback ones 2021-02-08 16:14:48 +03:00
Andrew Dolgov b6e1a5c91a fix several warnings reported by phpstan 2021-02-06 17:19:07 +03:00
Andrew Dolgov 6e774a58fe more php8 fixes mostly related to login 2021-02-06 00:12:15 +03:00
Andrew Dolgov 403dca154c initial WIP for php8; bump php version requirement to 7.0 2021-02-05 23:41:32 +03:00
Andrew Dolgov da0ad82c24 Archive cleanup:
- remove code to manually archive/unarchive articles
- remove ttrss_archived_feeds/orig_feed_id handling - the whole thing was implemented for
this data to be kept indefinitely; it doesn't make a lot of sense to deal with this stuff
now that it is expired after one month anyway (same reasons as feed browser being removed - privacy)
- remove "originally from"-related stuff because of the above
- also remove unused remaining frontend/backend code related to feed browser (rip)
2021-01-17 14:55:11 +03:00
Andrew Dolgov 3b17c45887 exclude E_USER_NOTICE from recent events icon 2020-09-29 10:03:11 +03:00
Andrew Dolgov 215f388992 move timestamp-related stuff to a separate class 2020-09-23 13:04:26 +03:00
Andrew Dolgov 05744bb474 fix updater never scheduling feeds for update if they never been updated before while having default update interval set 2020-09-22 20:33:51 +03:00
Andrew Dolgov 6811d0bde2 use self:: in some places to invoke static methods from the same class 2020-09-22 14:54:15 +03:00
Andrew Dolgov 74568df4ff remove a lot of stuff from global context (functions.php), add a few helper classes instead 2020-09-22 09:04:33 +03:00
Andrew Dolgov 05ef9aac2f update URL pointing to version.json 2020-09-19 07:33:59 +03:00
Andrew Dolgov afa0023c51 don't try to update manually disabled feeds even if they haven't been updated before or are marked for a manual update 2020-09-17 15:40:50 +03:00
Andrew Dolgov 7e50c6c4b5 - enable CSRF support earlier
- remove rpc/sanityCheck from CSRF-excluded calls
2020-09-15 15:32:17 +03:00
Andrew Dolgov c3d14e1fa5 - fix multiple vulnerabilities in af_proxy_http
- fix vulnerability in rewrite_relative_url() which prevented some URLs from being properly absolutized
- fetch_file_contents: validate all URLs before requesting them
- validate URLs: explicitly whitelist http and https scheme, forbid everything else
- DiskCache/cached_url: only serve whitelisted content types (images, video)
- simplify filename/URL handling code, remove and consolidate some less-used functions
2020-09-14 19:46:52 +03:00
Andrew Dolgov fdb1fc7608 get_version: fix commit/timestamp lost on subsequent invocations because of misbehaving caching 2019-12-20 18:17:05 +03:00
Andrew Dolgov f30287be65 versioning changes
- remove VERSION_STATIC - https://community.tt-rss.org/t/versioning-changes-for-trunk/2974
- report git commit/timestamp properly by invoking git instead of trying to parse .git/HEAD etc
- remove git-related global constants used when checking for updates
2019-12-05 13:23:54 +03:00
Andrew Dolgov 3e4701116d af_readability: add missing file 2019-08-16 15:29:24 +03:00
Andrew Dolgov 4edfb526e1 change version.json endpoint URL 2019-08-01 11:51:27 +03:00
Andrew Dolgov 3bd3324e5a update: add option to send digests 2019-03-21 07:44:39 +03:00
Andrew Dolgov 0b74db5ad7 remove feedbrowser (other feeds) 2019-03-06 20:02:06 +03:00
Andrew Dolgov 38e01270d8 archived feeds: expire old entries (schema bump) 2019-03-06 19:06:05 +03:00
Andrew Dolgov 0517b88cce rpc, catchupfeed: return counters immediately so that frontend can figure out next unread feed correctly 2019-01-03 10:47:41 +03:00
Andrew Dolgov 5c481fb249 rpc/checkforupdates: restrict to administrative access level 2018-12-16 19:08:41 +03:00
Andrew Dolgov 957c44d177 rework git update checking to be initiated by frontend, outside of runtime info output 2018-12-16 19:05:37 +03:00
Andrew Dolgov b66deb3240 rpc/getAllCounters: return seq 2018-12-15 13:17:51 +03:00
Andrew Dolgov d53cdaf815 requestCounters: remove cooldown 2018-12-12 20:06:44 +03:00
Andrew Dolgov 19e24b4fe2 force cast profile id to integer when assigning to session variable 2018-12-06 07:08:54 +03:00
Colin Vidal c217de557f rpc: addfeed: gets login and pass only if need_auth is checked.
Because of browser form auto-completion, the hidden field login and
password can be automatically filled when adding a feed. It would
enable feed authentication even if the user doesn't click on need_auth
button.
2018-01-14 20:55:39 +01:00
Andrew Dolgov 92175a8371 setpref: remove nl2br() 2017-12-04 08:27:25 +03:00
Andrew Dolgov e6532439d6 force strip_tags() on all user input unless explicitly allowed 2017-12-03 23:35:38 +03:00
Andrew Dolgov 731ecac530 completeLabels: use prepare() not query() 2017-12-03 09:06:43 +03:00
Andrew Dolgov b5bf9a0ff3 remove long forgotten stuff related to feed debugging actionbar 2017-12-02 15:12:39 +03:00
Andrew Dolgov 7039370368 pref-prefs: PDO 2017-12-02 12:01:56 +03:00
Andrew Dolgov fbe7cb0a48 rpc: switch to PDO 2017-12-01 23:49:14 +03:00
Andrew Dolgov 5b6ea1ef91 remove pubsubhubbub: dead 2017-05-16 10:41:20 +03:00
Andrew Dolgov e6c886bf66 wrap rssfuncs into rssutils class 2017-05-05 18:10:07 +03:00
Andrew Dolgov 65af3b2cbb move counter stuff to a separate class 2017-05-05 11:54:31 +03:00
Andrew Dolgov aeb1abedb2 move a bunch of functions into Feeds/Article namespaces
+       static function catchupArticlesById($ids, $cmode, $owner_uid = false) {
+       static function getLastArticleId() {
+       static function queryFeedHeadlines($params) {
+       static function getParentCategories($cat, $owner_uid) {
+       static function getChildCategories($cat, $owner_uid) {

move the rest of functions2.php back to functions.php as it is of more manageable size, remove the former
2017-05-04 15:13:02 +03:00
Andrew Dolgov a230bf88a9 move to Article:
+       static function purge_orphans($do_output = false) {

move to Feeds

+       static function getGlobalUnread($user_id = false) {
+       static function getCategoryTitle($cat_id) {
+       static function getLabelUnread($label_id, $owner_uid = false) {
2017-05-04 15:00:21 +03:00
Andrew Dolgov 86a8351ca2 move the following to Feeds:
+       static function catchup_feed($feed, $cat_view, $owner_uid = false, $mode = 'all', $search = false) {
+       static function getFeedArticles($feed, $is_cat = false, $unread_only = false,
+       static function subscribe_to_feed($url, $cat_id = 0,
+       static function getFeedIcon($id) {
+       static function getFeedTitle($id, $cat = false) {
+       static function getCategoryUnread($cat, $owner_uid = false) {
+       static function getCategoryChildrenUnread($cat, $owner_uid = false) {
2017-05-04 14:50:56 +03:00
Andrew Dolgov ea79a0e033 remove some redundant php closing tags 2017-04-26 20:24:18 +03:00
Andrew Dolgov 7b55001eee fix various issues reported by static analysis
update gitlab-ci config
2017-04-26 15:29:22 +03:00
Andrew Dolgov 337535416f filter by search results while marking feed as read 2017-03-31 11:21:35 +03:00
Andrew Dolgov 270c0a00e5 improve JS error logging with additional stuff 2017-03-05 10:50:15 +03:00
Andrew Dolgov cb3f877303 reference pubsubhubbub classes using their namespace 2017-01-23 08:20:46 +03:00
Andrew Dolgov cfc2fe50cb fix sql error when subscribing to a feed using feed archive 2016-07-05 11:48:36 +03:00
Andrew Dolgov 79c891a8b7 set smallish timeout on update check, exclude update checking on initial load 2016-03-30 13:32:49 +03:00
Andrew Dolgov 71b75bb7fa fix multiple issues with archived feeds 2016-01-26 19:03:05 +03:00
Andrew Dolgov 9b736a20b3 do not automatically call cleanup_tags() in housekeeping tasks 2016-01-04 10:42:24 +03:00
Andrew Dolgov 86d07d367c rpc, setpref: properly save settings to active profile 2015-09-26 17:31:53 +03:00
Anders Kaseorg 0e653f751e Make _DISABLE_FEED_BROWSER also disable the updateFeedBrowser RPC
The undocumented _DISABLE_FEED_BROWSER option added in commit
c39befacb2 turns off the UI for looking
at which feeds other users are subscribed to, but it did not prevent
you from manually constructing an RPC call to get the same data.  This
was a privacy risk for those who consider _DISABLE_FEED_BROWSER
important.

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2015-05-21 23:53:58 -04:00
Andrew Dolgov 4a80c57c50 remove some unused code reported by phpmd 2014-02-19 15:42:52 +04:00
Andrew Dolgov e1f1857d95 fix globalUpdateFeeds failing when no active session exists 2013-08-25 17:34:27 +04:00
Andrew Dolgov 113c3dec9e make globalUpdateFeeds handler use simple update mechanism to prevent script timeouts 2013-07-24 12:55:10 +04:00
Andrew Dolgov 41a7a066ef share: move unsharing all articles into the plugin 2013-07-11 14:11:41 +04:00
Rasmus Lerdorf 6f7798b643 Fixing bugs found by static analysis 2013-05-07 00:35:10 -07:00
Andrew Dolgov e57a1507ae do not use session cookie lifetime for additional cookies 2013-04-29 13:03:28 +04:00
Andrew Dolgov 6bfc97da86 add automatic timezone (based on client tz offset) 2013-04-26 10:31:57 +04:00
Andrew Dolgov f66492d357 better javascript error reporting, save error reports in tt-rss log 2013-04-20 10:43:21 +04:00
Andrew Dolgov 52d88392da move db-prefs to OO 2013-04-18 12:00:01 +04:00
Andrew Dolgov d9c85e0f11 classes: use OO DB interface 2013-04-17 20:12:14 +04:00
Andrew Dolgov a42c55f02b fix blank character after opening bracket in function calls 2013-04-17 18:34:18 +04:00
Andrew Dolgov 6322ac79a0 remove $link 2013-04-17 16:48:41 +04:00
Andrew Dolgov 40fe2d7382 remove js-based player, better mp3 support detection for html5 audio 2013-04-16 15:44:38 +04:00
Andrew Dolgov 41694a956d fix double-escaping possible with encrypted passwords 2013-04-13 18:58:09 +04:00
Andrew Dolgov ae31704bb3 only unmark articles which had been processed when automarking (for realz) 2013-04-04 09:49:37 +04:00
Andrew Dolgov 4b7726f0b4 rpc: move labelops to article 2013-04-02 14:56:08 +04:00
Andrew Dolgov 9c96a3e28c rpc: remove getArticles 2013-04-02 14:54:34 +04:00
Andrew Dolgov c83554bddd rpc: move completeTags to article 2013-04-02 14:53:36 +04:00
Andrew Dolgov 5df8be5c0a rpc: move setArticleTags to article 2013-04-02 14:52:21 +04:00
Andrew Dolgov 195187c490 rpc: move several feed-related calls to pref-feeds 2013-04-02 14:47:43 +04:00
Andrew Dolgov d719b06240 rpc: move setScore to article 2013-04-02 14:41:41 +04:00
Andrew Dolgov 8956b3a607 remove obsolete checkDate stuff 2013-04-02 14:36:00 +04:00
Andrew Dolgov c88e4a2af3 remove small_article_preview 2013-04-02 14:34:17 +04:00
Andrew Dolgov 96e3ae8cce move batchAddFeeds to pref-feeds 2013-04-02 14:32:10 +04:00
Andrew Dolgov 76f2113b35 instances: fix a few wrong calls, move genHash method from rpc 2013-04-02 14:27:15 +04:00
Andrew Dolgov 1c9bda915b move several methods from dlg; fix displayed tags not updated after editing 2013-04-01 11:14:27 +04:00
Andrew Dolgov c8b693cf7f implement catchup with selectable updated criteria 2013-03-31 12:37:42 +04:00
Andrew Dolgov b029f91621 archive: automatically subscribe user to originating feed while unarchiving 2013-03-30 21:59:52 +04:00
Andrew Dolgov f0d3c94aa7 purge orphans after deleting articles 2013-03-29 15:20:26 +04:00
Andrew Dolgov b9a06a0e39 retire frankly ridiculous sorting by score/title/date/default
keep defaul and oldest first instead of REVERSE_HEADLINES
2013-03-28 20:44:43 +04:00
Andrew Dolgov cda55d67d0 add cleanup_tags/purge orphans to globalUpdateFeeds and simple update
rpc call (closes #636)
2013-03-28 08:19:31 +04:00
Andrew Dolgov d2f3467bb6 add a simple appearing preview for unexpanded cdm and normal mode 2013-03-25 16:09:05 +04:00
Andrew Dolgov efc6553da4 api: implement subscribeToFeed/unsubscribeFeed (closes #623) 2013-03-24 14:28:43 +04:00
Andrew Dolgov 5defc29ff8 remove PTITLE kludge; use ajax 2013-03-22 09:49:45 +04:00
Andrew Dolgov 3972bf5981 db_escape_string: specify link parameter for consistency; sessions: do not force-close db connection in _close() 2013-03-22 09:14:55 +04:00
Andrew Dolgov 7fc2e87e17 add headline menu entry to show article url 2013-03-21 23:29:06 +04:00
Joschasa 2a3b6de0ef remove deprecated theme_image() 2013-03-20 22:59:08 +01:00
Andrew Dolgov 4f7d69e185 detect whether browser supports iframe.sandbox and allow iframes accordingly; allow object and embed elements 2013-03-19 12:49:55 +04:00
Andrew Dolgov 7873d58822 implement proper last_marked/last_published feeds for proper sorting of
published and marked virtual feeds, remove sorting by last_read
workaround
api: add pubsubhubbub ping when article is being set published
bump schema
2013-03-17 15:38:21 +04:00
Andrew Dolgov f03701fe99 store widescreen status in a cookie (refs #539) 2013-02-20 14:40:13 +04:00
Andrew Dolgov 5b55e9e25c js: simplify counter updating, remove some unused stuff 2013-02-01 13:09:43 +04:00
Andrew Dolgov 5083271956 move some more functions out of functions.php; fix opml.php failing due to redeclared autoload 2013-01-22 22:36:16 +04:00
Andrew Dolgov 87d7e8507a split some more functions from functions.php 2013-01-22 22:32:17 +04:00
Andrew Dolgov 6b1a4ecd41 updaterandomfeed: use max_execution_time parameter 2013-01-22 20:07:34 +04:00
Andrew Dolgov 8b83bf5fa1 implement fallback _SIMPLE_UPDATE_MODE 2013-01-22 19:56:46 +04:00