Commit Graph

1155 Commits

Author SHA1 Message Date
Andrew Dolgov 92175a8371 setpref: remove nl2br() 2017-12-04 08:27:25 +03:00
Andrew Dolgov e6532439d6 force strip_tags() on all user input unless explicitly allowed 2017-12-03 23:35:38 +03:00
Andrew Dolgov 7c6f7bb0aa fix some minor issues found by code analyzer 2017-12-03 23:08:04 +03:00
Andrew Dolgov fa3bcfa379 queryfeedheadlines: there's no need to quote order_by/override_order
else: feedicon cache busting etc
2017-12-03 22:49:57 +03:00
Andrew Dolgov 5f5b0de423 style feed icon and opml file upload controls 2017-12-03 22:35:12 +03:00
Andrew Dolgov 229c139c6a ccache: properly recalculate counters for uncategorized 2017-12-03 21:34:57 +03:00
Andrew Dolgov 342e8a9eeb move feeds cache directory to cache/feeds 2017-12-03 21:01:35 +03:00
Andrew Dolgov 7c0eb1b621 add defaultPasswordWarning nag dialog 2017-12-03 20:46:27 +03:00
Andrew Dolgov 31e2811a63 ttrss_zoom: fix CSS 2017-12-03 19:55:19 +03:00
Andrew Dolgov 2f0623c9a5 db: return adapter on get(), remove IDB wrapper 2017-12-03 14:54:15 +03:00
Andrew Dolgov df5d2a0665 pluginhost: do not connect via legacy DB api until requested
log all initiated legacy database connections
2017-12-03 14:49:18 +03:00
Andrew Dolgov 2cf93c046c pref-users: fix sorting the table 2017-12-03 13:54:31 +03:00
Andrew Dolgov 28040002f3 pdo connection string: properly check for DB_PORT 2017-12-03 13:37:43 +03:00
Andrew Dolgov 1f16f9b8ae feed debugger: only allow debugging users own feeds 2017-12-03 13:35:18 +03:00
Andrew Dolgov 93e70e36c2 force article content/etc to string when updating to avoid failing null constraint check 2017-12-03 13:32:24 +03:00
Andrew Dolgov b51d44a5e6 further stylesheet simplification related fixes (2) 2017-12-03 13:26:26 +03:00
Andrew Dolgov 09bc54c690 further stylesheet simplification related fixes 2017-12-03 13:25:34 +03:00
Andrew Dolgov 5e68e24679 css/less updates 2017-12-03 12:50:07 +03:00
Andrew Dolgov 4dc3f7e779 api: do not use sql_bool_to_bool() 2017-12-03 11:06:49 +03:00
Andrew Dolgov 69563c96b4 plugin base: add type hint to init(host) 2017-12-03 10:11:32 +03:00
Andrew Dolgov 49a888ecce rssutils: forbid question marks in tsvector data, PDO gets confused sometimes even by quoted ?s 2017-12-03 10:10:01 +03:00
Andrew Dolgov 64312bfd71 feeds: remove sql_bool_to_bool() 2017-12-03 09:44:08 +03:00
Andrew Dolgov b6f3562d1e plugin base class: init pdo object
plugins/share: use PDO
2017-12-03 09:43:18 +03:00
Andrew Dolgov 187abfe732 main classes: remove sql_bool_to_bool() kludge 2017-12-03 09:35:59 +03:00
Andrew Dolgov 8ff3cbb32e filters: remove sql_bool_to_bool()
checkbox_to_sql_bool: return ints (???)
2017-12-03 09:26:11 +03:00
Andrew Dolgov e4291ba12f otpenable: use pdo prepare() 2017-12-03 09:10:14 +03:00
Andrew Dolgov 731ecac530 completeLabels: use prepare() not query() 2017-12-03 09:06:43 +03:00
Andrew Dolgov 7d960ce7e9 auth_internal: use PDO + other fixes 2017-12-03 00:18:08 +03:00
fox ab1960cf13 Merge branch 'upstream/pdo-experimental' of JustAMacUser/tt-rss into pdo-experimental 2017-12-02 19:50:00 +00:00
Andrew Dolgov bfccff11c4 filter rule saving fix 2017-12-02 22:47:47 +03:00
JustAMacUser 1a05210933 Fixed PDO query to prepared statement in API::updateArticles. 2017-12-02 14:08:55 -05:00
Andrew Dolgov bf6db17b8f feeds: use PDO 2017-12-02 16:07:03 +03:00
Andrew Dolgov 2e52e4fd7a feeds: more PDo stuff 2017-12-02 15:53:32 +03:00
Andrew Dolgov e4befe6bf4 fix label cache being double escaped on save
remove some old-style escaping
2017-12-02 15:47:53 +03:00
Andrew Dolgov 7a1872c1e0 feeds: more PDO stuff 2017-12-02 15:36:32 +03:00
Andrew Dolgov b5bf9a0ff3 remove long forgotten stuff related to feed debugging actionbar 2017-12-02 15:12:39 +03:00
Andrew Dolgov 91d679667e feeds: PDO progress 2017-12-02 15:04:11 +03:00
Andrew Dolgov da9ea57d1c checkbox to sql bool related changes, some more boolean fixes 2017-12-02 14:07:48 +03:00
Andrew Dolgov 7ccb4e91ff boolean handling changes which probably won't break everything 2017-12-02 14:02:01 +03:00
Andrew Dolgov 248c62a1cc filters: fix limit/offset for test dialog 2017-12-02 13:54:18 +03:00
Andrew Dolgov bf4a79eaa9 prefs: start PDO switchover 2017-12-02 13:49:35 +03:00
Andrew Dolgov f594717d18 filters: use PDO 2017-12-02 13:28:13 +03:00
Andrew Dolgov 21295a52aa labels: PDO 2017-12-02 12:45:33 +03:00
Andrew Dolgov c2418a559b pref-users: PDO 2017-12-02 12:23:41 +03:00
Andrew Dolgov 93ca6c95b8 pref-system: PDO 2017-12-02 12:03:39 +03:00
Andrew Dolgov 7039370368 pref-prefs: PDO 2017-12-02 12:01:56 +03:00
Andrew Dolgov f8108cc28d pluginhost: save_data() fixes 2017-12-02 11:31:02 +03:00
Andrew Dolgov 8af94f1292 pluginhost: use PDO 2017-12-02 11:25:43 +03:00
Andrew Dolgov 0500e14cc2 update_rss_feed: transaction lock article processing 2017-12-02 11:16:33 +03:00
Andrew Dolgov 0567016b40 rssutils: PDO 2017-12-02 09:56:34 +03:00
Andrew Dolgov afcb105f4e rssutils: start PDO switch 2017-12-02 08:38:57 +03:00
Andrew Dolgov 1d92297a96 dbupdater: use PDO 2017-12-02 01:28:30 +03:00
Andrew Dolgov c949a9282e OPML: use PDO; minor fixes 2017-12-02 01:08:30 +03:00
Andrew Dolgov 4102eb843f sql logger: pdo 2017-12-02 00:13:28 +03:00
Andrew Dolgov c1c08aed39 labels: PDO 2017-12-02 00:06:17 +03:00
Andrew Dolgov fbe7cb0a48 rpc: switch to PDO 2017-12-01 23:49:14 +03:00
Andrew Dolgov 9652fa6b66 API: small fix 2017-12-01 22:49:12 +03:00
Andrew Dolgov 3467e1fd7c api: switch to PDO 2017-12-01 22:46:22 +03:00
Andrew Dolgov dd90eefae1 PDO: set unicode for mysql and other connection params 2017-12-01 22:14:54 +03:00
Andrew Dolgov aee3f0e6d9 fix typo 2017-12-01 22:07:39 +03:00
Andrew Dolgov 7fc303e6ab query feed headlines: fix limit/offset 2017-12-01 21:07:55 +03:00
Andrew Dolgov cb13089af1 public: use PDO headlines result (2) 2017-12-01 20:57:55 +03:00
Andrew Dolgov dc393a580b public: use PDO headlines result 2017-12-01 20:57:05 +03:00
Andrew Dolgov 3623ebb1a1 feeds: handle escaping 2017-12-01 20:52:30 +03:00
Andrew Dolgov c9b6ca8b70 feeds: remove escaping 2017-12-01 20:26:51 +03:00
Andrew Dolgov b5791f11c5 queryfeedheadlines: PDOize (1) 2017-12-01 20:25:13 +03:00
Andrew Dolgov 29f1908e03 feeds: right before queryfeedheadlines() 2017-12-01 20:15:25 +03:00
Andrew Dolgov cc9450c309 ccache, misc: fixes
feeds: start PDO transition
2017-12-01 19:42:02 +03:00
Andrew Dolgov 1271407eea public: partial conversion to PDO, misc fixes 2017-12-01 18:57:34 +03:00
Andrew Dolgov fbde19580c db_prefs: PDO 2017-12-01 18:40:48 +03:00
Andrew Dolgov abf94f00b4 digest: use PDO 2017-12-01 18:31:23 +03:00
Andrew Dolgov 9ead64f6d8 dlg: PDO 2017-12-01 18:16:58 +03:00
Andrew Dolgov 933ff559e6 ccache: PDO 2017-12-01 18:03:33 +03:00
Andrew Dolgov a25ac0d7c8 counters: PDO 2017-12-01 17:47:29 +03:00
Andrew Dolgov c9d5c26041 auth/base: PDO
functions: fix small pdo-related bug
2017-12-01 17:40:53 +03:00
Andrew Dolgov 2c57df75ff article: remove db_escape..() 2017-12-01 17:35:22 +03:00
Andrew Dolgov d0e73ed8ae article: switch to PDO 2017-12-01 17:33:59 +03:00
Andrew Dolgov 2e46b434da pdo: set warnings 2017-12-01 16:56:15 +03:00
Andrew Dolgov c39ee27235 article: start pdo 2017-12-01 15:31:16 +03:00
Andrew Dolgov bfc54b0369 Merge branch 'pdo-experimental' of git.fakecake.org:tt-rss into pdo-experimental 2017-12-01 10:17:36 +03:00
Andrew Dolgov d9e60c0f68 Merge branch 'master' of git.fakecake.org:tt-rss into pdo-experimental 2017-12-01 10:17:18 +03:00
Andrew Dolgov e50c8eaa4e enforce unconditional requests every 6 hours even if server claims data is not modified 2017-11-30 13:12:28 +03:00
Andrew Dolgov 8adb3ec472 add some WIP pdo stuff 2017-11-30 12:28:07 +03:00
Andrew Dolgov ca82bb03c8 rm db_stmt 2017-11-30 11:53:21 +03:00
Andrew Dolgov 99bda9cc12 add some starting pdo glue 2017-11-30 10:47:42 +03:00
Andrew Dolgov 9dd336a2c3 generate base css files using lessc 2017-11-29 18:55:12 +03:00
dim0x69 5395526444 add HOOK_UNSUBSCRIBE_FEED 2017-11-27 11:46:46 +01:00
Andrew Dolgov 2352c320c2 fix possible sql injection in public/forgotpass 2017-11-20 08:48:18 +03:00
Andrew Dolgov 9d930af9e1 fetch_file_contents: improve error handling
1. if request fails get error string from http  response status line
2. do not override http error with possible CURL/php specific last error
3. fix silent php error generated while processing response headers to get last modified value
2017-10-30 13:13:10 +03:00
Andrew Dolgov 91f49ba17d api, setArticleLabel: allow JSON booleans 2017-10-15 16:47:44 +03:00
fox d320b55af9 Merge branch 'sort_title_date' of ggrandou/tt-rss into master 2017-10-13 05:53:03 +00:00
Gilles Grandou f9ad33c2d8 allows favicons to be in Windows PC BMP format 2017-10-09 22:58:00 +02:00
Gilles Grandou 81d96c0dee makes 'order by title' to sort by title and by ascending date
* this allows to chronologically browse all articles with the
  same title.
2017-10-09 22:50:03 +02:00
Andrew Dolgov 8b73bd28d8 remove apache-specific x-sendfile stuff
implement a hook (HOOK_SEND_LOCAL_FILE) which plugins may use to send files
via httpd-specific implementation to increase performance typically on larger files
2017-10-08 17:14:56 +03:00
fox b1d1bc901f Merge branch 'checkbox-feed' of dxbi/tt-rss into master 2017-10-06 06:47:54 +00:00
Felix Eckhofer cc50affb62
Add checkbox for authentication in edit feed dialog
This makes the UI more consistent with the "add feed" dialog and
prevents overzealous password-managers from leaking the login password.
2017-10-06 08:37:37 +02:00
Andrew Dolgov 51b521c326 fix batch feed editor using wrong SQL syntax when saving feed password
remove uses of auth_pass_encrypted in several other places
2017-10-06 09:22:04 +03:00
wn_ 3476690cbf Only require an array of basic info from 'HOOK_FEED_BASIC_INFO'.
Removes the need for the plugin to provide feed content.

Gives plugins a chance to provide 'title' and 'site_url' basic info.
Falls back to attempting retrieval+parsing of the fetch URL if needed.
2017-09-26 20:42:33 -05:00
wn_ bec5ba93e2 Add 'HOOK_FEED_BASIC_INFO' to enable plugins to provide basic feed info.
It's expected the plugin will return content parsable by FeedParser, which
will act as an interface to the basic feed info.  In the case of a plugin
that also uses 'HOOK_FETCH_FEED', both might return the same content.

The hook signature was made somewhat similar to 'HOOK_FETCH_FEED'.
2017-09-24 19:37:49 -05:00
wn_ f3774b9d65 Use 'saveHTML' when generating HTML from a DOMDocument.
This primarily occurs when modifying article content.  If 'saveXML' is
used following 'loadHTML' there is the possibility of strangeness, such
as a self-closing anchor tag.

Note that the DOMDocument used in 'classes/feeditem/atom.php' came from
'loadXML', but we use 'saveHTML' since we're returning HTML content.
2017-09-09 13:51:59 -05:00