Commit Graph

158 Commits

Author SHA1 Message Date
Andrew Dolgov 8d2e3c2528 drop errors.php and simplify error handling 2021-02-23 22:26:07 +03:00
Andrew Dolgov 2ae0b7059f cleanup some defined-stuff 2021-02-23 09:01:27 +03:00
Andrew Dolgov 211f699aa0 migrate the rest into Config:: 2021-02-22 22:35:27 +03:00
Andrew Dolgov e4107ac952 wip: initial for config object 2021-02-22 21:47:48 +03:00
Andrew Dolgov d1328321be move published OPML endpoint to public.php 2021-02-21 15:16:39 +03:00
Andrew Dolgov 94560132dd for the most part, deal with filter rules UI 2021-02-21 09:35:07 +03:00
Andrew Dolgov 5c7416458f rpc: disable completeLabels for now 2021-02-20 13:37:21 +03:00
wn_ ce3e1756b3 Fix an undefined array key warning in 'catchupFeed'. 2021-02-19 21:46:30 +00:00
Andrew Dolgov 660a1bbe01 * switch to xhr.post() almost everywhere
* call App.handlerpcjson() automatically on json request (if possible)
 * show net/log indicators in prefs
2021-02-19 13:44:56 +03:00
Andrew Dolgov 1adb9bb6b6 profiles: use client dialog; move related methods to pref-prefs 2021-02-18 11:54:22 +03:00
Andrew Dolgov e9c3118ddd don't show E_USER_DEPRECATED on the frontpage 2021-02-17 14:14:10 +03:00
Andrew Dolgov 22fc6871e8 remove backend helper and move its only function to rpc for the time being 2021-02-16 14:51:42 +03:00
Andrew Dolgov 8e79f1717d prefs: unify naming 2021-02-15 16:07:22 +03:00
Andrew Dolgov 5704deb460 counters: unify naming 2021-02-15 16:00:54 +03:00
Andrew Dolgov 257efb43c6 article: unify naming 2021-02-15 15:52:28 +03:00
Andrew Dolgov 020f062a76 feeds: unify naming 2021-02-15 15:43:07 +03:00
Andrew Dolgov 6b006a18e7 subscribe to feed: use client dialog 2021-02-15 15:21:41 +03:00
Andrew Dolgov 82adb01307 render enclosures on the client 2021-02-15 14:10:46 +03:00
Andrew Dolgov eec5871f5f fail better if requested article URL is blank 2021-02-13 10:10:44 +03:00
Andrew Dolgov ad7842c98a RIP tag cloud: last of the vanilla popup dialog system 2021-02-12 18:43:30 +03:00
Andrew Dolgov 848bc57f29 disable themes in safe mode; rework safe mode warning/login prompt 2021-02-11 21:19:57 +03:00
Andrew Dolgov 6c8ccd2acc front page log checker: filter out idiotic GD warning 2021-02-08 22:15:35 +03:00
Andrew Dolgov 3b52cea811 move some old-style handlers to new callback ones 2021-02-08 16:14:48 +03:00
Andrew Dolgov b6e1a5c91a fix several warnings reported by phpstan 2021-02-06 17:19:07 +03:00
Andrew Dolgov 6e774a58fe more php8 fixes mostly related to login 2021-02-06 00:12:15 +03:00
Andrew Dolgov 403dca154c initial WIP for php8; bump php version requirement to 7.0 2021-02-05 23:41:32 +03:00
Andrew Dolgov da0ad82c24 Archive cleanup:
- remove code to manually archive/unarchive articles
- remove ttrss_archived_feeds/orig_feed_id handling - the whole thing was implemented for
this data to be kept indefinitely; it doesn't make a lot of sense to deal with this stuff
now that it is expired after one month anyway (same reasons as feed browser being removed - privacy)
- remove "originally from"-related stuff because of the above
- also remove unused remaining frontend/backend code related to feed browser (rip)
2021-01-17 14:55:11 +03:00
Andrew Dolgov 3b17c45887 exclude E_USER_NOTICE from recent events icon 2020-09-29 10:03:11 +03:00
Andrew Dolgov 215f388992 move timestamp-related stuff to a separate class 2020-09-23 13:04:26 +03:00
Andrew Dolgov 05744bb474 fix updater never scheduling feeds for update if they never been updated before while having default update interval set 2020-09-22 20:33:51 +03:00
Andrew Dolgov 6811d0bde2 use self:: in some places to invoke static methods from the same class 2020-09-22 14:54:15 +03:00
Andrew Dolgov 74568df4ff remove a lot of stuff from global context (functions.php), add a few helper classes instead 2020-09-22 09:04:33 +03:00
Andrew Dolgov 05ef9aac2f update URL pointing to version.json 2020-09-19 07:33:59 +03:00
Andrew Dolgov afa0023c51 don't try to update manually disabled feeds even if they haven't been updated before or are marked for a manual update 2020-09-17 15:40:50 +03:00
Andrew Dolgov 7e50c6c4b5 - enable CSRF support earlier
- remove rpc/sanityCheck from CSRF-excluded calls
2020-09-15 15:32:17 +03:00
Andrew Dolgov c3d14e1fa5 - fix multiple vulnerabilities in af_proxy_http
- fix vulnerability in rewrite_relative_url() which prevented some URLs from being properly absolutized
- fetch_file_contents: validate all URLs before requesting them
- validate URLs: explicitly whitelist http and https scheme, forbid everything else
- DiskCache/cached_url: only serve whitelisted content types (images, video)
- simplify filename/URL handling code, remove and consolidate some less-used functions
2020-09-14 19:46:52 +03:00
Andrew Dolgov fdb1fc7608 get_version: fix commit/timestamp lost on subsequent invocations because of misbehaving caching 2019-12-20 18:17:05 +03:00
Andrew Dolgov f30287be65 versioning changes
- remove VERSION_STATIC - https://community.tt-rss.org/t/versioning-changes-for-trunk/2974
- report git commit/timestamp properly by invoking git instead of trying to parse .git/HEAD etc
- remove git-related global constants used when checking for updates
2019-12-05 13:23:54 +03:00
Andrew Dolgov 3e4701116d af_readability: add missing file 2019-08-16 15:29:24 +03:00
Andrew Dolgov 4edfb526e1 change version.json endpoint URL 2019-08-01 11:51:27 +03:00
Andrew Dolgov 3bd3324e5a update: add option to send digests 2019-03-21 07:44:39 +03:00
Andrew Dolgov 0b74db5ad7 remove feedbrowser (other feeds) 2019-03-06 20:02:06 +03:00
Andrew Dolgov 38e01270d8 archived feeds: expire old entries (schema bump) 2019-03-06 19:06:05 +03:00
Andrew Dolgov 0517b88cce rpc, catchupfeed: return counters immediately so that frontend can figure out next unread feed correctly 2019-01-03 10:47:41 +03:00
Andrew Dolgov 5c481fb249 rpc/checkforupdates: restrict to administrative access level 2018-12-16 19:08:41 +03:00
Andrew Dolgov 957c44d177 rework git update checking to be initiated by frontend, outside of runtime info output 2018-12-16 19:05:37 +03:00
Andrew Dolgov b66deb3240 rpc/getAllCounters: return seq 2018-12-15 13:17:51 +03:00
Andrew Dolgov d53cdaf815 requestCounters: remove cooldown 2018-12-12 20:06:44 +03:00
Andrew Dolgov 19e24b4fe2 force cast profile id to integer when assigning to session variable 2018-12-06 07:08:54 +03:00
Colin Vidal c217de557f rpc: addfeed: gets login and pass only if need_auth is checked.
Because of browser form auto-completion, the hidden field login and
password can be automatically filled when adding a feed. It would
enable feed authentication even if the user doesn't click on need_auth
button.
2018-01-14 20:55:39 +01:00