Commit Graph

145 Commits

Author SHA1 Message Date
wn_ 93fd85df6f Switch to direct type declarations of class properties. 2022-08-12 14:13:26 +00:00
Andrew Dolgov 7c45b3f789
* add HOOK_LOGINFORM_ADDITIONAL_BUTTONS
* allow plugins to inject JS code into login form
2022-07-24 16:33:28 +03:00
Andrew Dolgov 720b318796 * fox.form.Select: add several properties allowing it to better
imitate other controls like DropDownButton, etc.
 * rework several main toolbar items to use fox.form.Select instead of
other controls
 * replace HOOK_HEADLINE_TOOLBAR_SELECT_MENU_ITEM with
HOOK_HEADLINE_TOOLBAR_SELECT_MENU_ITEM2 because of markup change (option
instead of menuitem)
 * PluginHost: add some explicit typecasts to make intellephense shut up
2021-12-14 21:53:45 +03:00
Andrew Dolgov 53061d1508 * add HOOK_POST_LOGOUT
* auth_remote: add config option AUTH_REMOTE_POST_LOGOUT_URL
2021-12-06 13:20:18 +03:00
Andrew Dolgov 5980b3d2cb pluginhost: set stricter @params 2021-11-16 18:35:13 +03:00
Andrew Dolgov 10d1a8c05a adjust phpdoc tags for hook definitions/constants (make them reference each other) 2021-11-16 16:31:40 +03:00
Andrew Dolgov af2f4460ce * deal with some phpstan warnings in base plugin class
* arguably better hack for incompatible plugins causing E_COMPILE_ERROR
2021-11-14 16:49:10 +03:00
Andrew Dolgov 15af164f69 pluginhost: add a hack to not crash on an incompatible plugin more than once (per login) - UGLY 2021-11-14 11:50:55 +03:00
wn_ d3a81f598b Switch class properties from PHP typing to PHPDoc for compatibility with PHP < 7.4.0 2021-11-12 21:17:31 +00:00
wn_ a0f37c3206 Address PHPStan warnings in 'classes/pluginhost.php'. 2021-11-12 00:06:00 +00:00
wn_ 8a920a16e7 Address PHPStan warnings in 'classes/pluginhost.php'.
------ --------------------------------------------------------------------
Line   classes/pluginhost.php
------ --------------------------------------------------------------------
16     Property PluginHost::$last_registered is never read, only written.
386    If condition is always true.
------ --------------------------------------------------------------------
2021-11-01 21:10:27 +00:00
Andrew Dolgov 41245da8a6 pluginhost: update comments for HOOK_ constants to use phpdoc syntax; add HOOK_PRE_SUBSCRIBE 2021-10-22 13:24:10 +03:00
Andrew Dolgov a61348e2b7 pluginhost: add profile_get/profile_set helpers 2021-04-09 14:01:30 +03:00
JustAMacUser 39bbbef030 Fix E_NOTICE in `add_handler()`. 2021-03-15 16:20:38 -04:00
Andrew Dolgov f4d0e7bb6d * af_redditimgur: optionally import score
* add pluginhost->set_array() to set many plugin settings at once
2021-03-07 15:21:31 +03:00
Andrew Dolgov 8256ab5dd9 wip: initial for db_migrations 2021-03-03 23:38:52 +03:00
Andrew Dolgov 0cb719a404 add basic local plugin uninstaller 2021-03-03 19:35:11 +03:00
Andrew Dolgov 0730128a97 add a send test email button to prefs/system 2021-03-03 14:00:18 +03:00
Andrew Dolgov 86b12fc06c pluginhost: remove namespace classloader, plugins should use composer instead 2021-03-02 13:38:03 +03:00
Andrew Dolgov 70adfd4a74 * sanitize: never rewrite relative links to our own prefix
* use Config::get_self_url() instead of get_self_url_prefix() in a bunch
of places
2021-03-02 08:16:41 +03:00
Andrew Dolgov c01b6e43fd add pluginhost->get_array() shorthand 2021-02-26 15:33:59 +03:00
Andrew Dolgov 42173386b3 dirname(__FILE__) -> __DIR__ 2021-02-22 17:38:46 +03:00
Andrew Dolgov be4e7b1340 fix several issues reported by phpstan 2021-02-22 14:41:09 +03:00
Andrew Dolgov 33fff26869 reinstate HOOK_RENDER_ENCLOSURE 2021-02-22 10:00:50 +03:00
Andrew Dolgov fc0ebf0891 move bookmarklet-related methods out of public.php into the plugin 2021-02-19 20:21:36 +03:00
Andrew Dolgov e4609c18ef * add (disabled) shortcut syntax for plugin methods
* add controls shortcut for pluginhandler tags
 * add similar shortcut for frontend
 * allow plugins to selectively exclude their methods from CSRF checking
2021-02-17 21:44:21 +03:00
Andrew Dolgov 273ada7353 * implement shortcut syntax for exposed plugin methods
* move shared article rendering code to share plugin
2021-02-17 09:59:14 +03:00
Andrew Dolgov 257efb43c6 article: unify naming 2021-02-15 15:52:28 +03:00
Andrew Dolgov a5819569f2 pluginhost: a few more warnings and type hints 2021-02-09 10:20:58 +03:00
Andrew Dolgov d91eae9c7e pluginhost: add some type hints 2021-02-08 21:38:09 +03:00
Andrew Dolgov 6e57fd77af db: add type hints 2021-02-08 21:11:56 +03:00
Andrew Dolgov a14873d5b4 more hooks, also add type hint for PluginHost::getInstance() 2021-02-08 21:06:14 +03:00
Andrew Dolgov ca4c93c6b9 pluginhost: note hook function prototypes 2021-02-08 20:20:24 +03:00
Andrew Dolgov a341a838b1 pluginhost: deny hook registration to plugins which lack relevant implementation methods 2021-02-08 19:16:53 +03:00
Andrew Dolgov 3b52cea811 move some old-style handlers to new callback ones 2021-02-08 16:14:48 +03:00
Andrew Dolgov 1eb1629d9e pluginhost: rework run_hooks() to be shorter, add callback variant; implement exception handling for both 2021-02-08 14:24:45 +03:00
Andrew Dolgov 20b56b5b23 pluginhost: catch errors while loading plugin source code 2021-02-08 12:14:12 +03:00
Andrew Dolgov 4165834f80 pluginhost: catch fatal errors in plugin init 2021-02-08 12:10:25 +03:00
Andrew Dolgov c94f1b6ff8 fix some more warnings reported by phpstan 2021-02-06 17:38:24 +03:00
Andrew Dolgov 403dca154c initial WIP for php8; bump php version requirement to 7.0 2021-02-05 23:41:32 +03:00
Andrew Dolgov 25520e9784 Select... dropdown: replace dijit Select with DropDownButton, simplify layout
PluginHost: add HOOK_HEADLINE_TOOLBAR_SELECT_MENU_ITEM
Headlines.onActionChanged: removed
2021-01-17 11:27:07 +03:00
Andrew Dolgov ee4b7bebe8 pluginhost: load_data: check schema last 2021-01-15 08:35:05 +03:00
Andrew Dolgov 40f38fc87f pluginhost: load plugin data automatically (also marks load_data method as private) 2021-01-15 08:32:06 +03:00
Andrew Dolgov 6811d0bde2 use self:: in some places to invoke static methods from the same class 2020-09-22 14:54:15 +03:00
Andrew Dolgov a4525d31b2 replace FALSE with false so that static analyzer shuts up about it 2020-09-17 19:02:27 +03:00
Andrew Dolgov c3d14e1fa5 - fix multiple vulnerabilities in af_proxy_http
- fix vulnerability in rewrite_relative_url() which prevented some URLs from being properly absolutized
- fetch_file_contents: validate all URLs before requesting them
- validate URLs: explicitly whitelist http and https scheme, forbid everything else
- DiskCache/cached_url: only serve whitelisted content types (images, video)
- simplify filename/URL handling code, remove and consolidate some less-used functions
2020-09-14 19:46:52 +03:00
Andrew Dolgov ddf9227dc4 pluginhost: allow overriding default sort modes via HOOK_HEADLINES_CUSTOM_SORT_MAP etc 2020-08-13 12:23:27 +03:00
Andrew Dolgov 6573541873 * add HOOK_ENCLOSURE_IMPORTED
* pass feed id to HOOK_FEED_PARSED
2020-04-29 11:33:39 +03:00
Andrew Dolgov 208e02c47d PluginHost/save_data: use separate PDO connection to prevent issues with nested transactions 2020-03-10 08:14:00 +03:00
Andrew Dolgov d15f0349bf remove hardcoded iframe domain whitelist, make iframe script whitelisting configurable by plugins (HOOK_IFRAME_WHITELISTED) 2019-11-27 11:52:51 +03:00