Commit Graph

2403 Commits

Author SHA1 Message Date
Andrew Dolgov f96abd2b52 generate_syndicated_feed: timestamp is a strtotime() expression, not an integer 2021-03-01 16:16:50 +03:00
Andrew Dolgov 6359259dbb simplify internal authentication code and bump default algo to SSHA-512 2021-03-01 15:24:18 +03:00
Andrew Dolgov 320503dd39 move version-related stuff to Config; fix conditional feed requests 2021-03-01 13:43:37 +03:00
Andrew Dolgov 20a844085f hide version for bundled plugins because it's meaningless; for everything else support showing version using git (if about[0] is null) 2021-03-01 12:11:42 +03:00
Andrew Dolgov 7ef72fe0dc move startup checks to Config, set a bunch of @deprecated annotations 2021-03-01 10:20:21 +03:00
Andrew Dolgov b05d4e3d9f speed up plugin updating a bit, fix some phpstan warnings 2021-02-28 21:50:05 +03:00
Andrew Dolgov afc7142250 move all $fetch globals to UrlHelper 2021-02-28 10:12:57 +03:00
Andrew Dolgov e2cbb54b2c plugin updater: show changes before updating 2021-02-28 09:46:06 +03:00
Andrew Dolgov 7f2fe465b0 add plugin updates checker into normal updates checker 2021-02-27 19:14:13 +03:00
Andrew Dolgov d821e4b090 disable plugin update checking if CHECK_FOR_UPDATES is disabled 2021-02-27 17:40:17 +03:00
Andrew Dolgov 85f411d688 don't try to update all plugins 2021-02-27 17:35:00 +03:00
Andrew Dolgov de63e3799a only show plugin update buttons when needed 2021-02-27 17:29:41 +03:00
Andrew Dolgov cf5c7c4f29 feeds/add: hide php8 warning 2021-02-27 14:16:49 +03:00
Andrew Dolgov dfff2cef7b add basic updater for stuff in plugins.local 2021-02-27 13:05:02 +03:00
Andrew Dolgov 5edcbf2e9b add an option to disable conditional counters 2021-02-27 11:25:07 +03:00
Andrew Dolgov 6d06450649 don't rely only on label_cache contents when displaying headline labels 2021-02-27 10:58:11 +03:00
Andrew Dolgov 126b1fd2de don't try to compare null value against anything 2021-02-26 21:48:20 +03:00
Andrew Dolgov ebf16a36a1 remove a bunch of return type hints that didn't quite fit 2021-02-26 19:27:40 +03:00
Andrew Dolgov ef8c3abd7e Merge branch 'master' of git.tt-rss.org:fox/tt-rss 2021-02-26 19:17:27 +03:00
Andrew Dolgov 3fd7856543 * switch to composer for qrcode and otp dependencies
* move most OTP-related stuff into userhelper
* remove old phpqrcode and otphp libraries
2021-02-26 19:16:17 +03:00
fox c6fb62f384 Merge pull request 'fix-mysql-support' (#10) from klatch/tt-rss:fix-mysql-support into master
Reviewed-on: https://git.tt-rss.org/fox/tt-rss/pulls/10
2021-02-26 19:03:15 +03:00
fox 1baf8c5217 Merge pull request 'Fix the type hint for '_DEFAULT_VIEW_MODE'.' (#9) from wn/tt-rss:bugfix/default-view-mode-type into master
Reviewed-on: https://git.tt-rss.org/fox/tt-rss/pulls/9
2021-02-26 15:46:48 +03:00
Andrew Dolgov d577eb898c when browsing by tags, return same set of columns as normally 2021-02-26 15:45:30 +03:00
Andrew Dolgov c01b6e43fd add pluginhost->get_array() shorthand 2021-02-26 15:33:59 +03:00
wn_ 86513d70dd Fix the type hint for '_DEFAULT_VIEW_MODE'. 2021-02-26 12:21:58 +00:00
Andrew Dolgov e6a875b7e4 check if client-presented URL scheme is different from one configured in SELF_URL_PATH 2021-02-26 14:14:44 +03:00
Andrew Dolgov 4896874bda _get_headlines: don't try to use _SESSION uid 2021-02-26 13:52:16 +03:00
Andrew Dolgov 26a6177bc9 upd previous 2021-02-26 12:36:15 +03:00
Andrew Dolgov 9689f884ab add Prefs::DEBUG_HEADLINE_IDS 2021-02-26 12:34:50 +03:00
Andrew Dolgov 05f690c86b add a separator before HEADLINES_NO_DISTINCT 2021-02-26 10:22:04 +03:00
Andrew Dolgov 3ab664f846 feeds/view: silence view_mode warning 2021-02-26 10:02:25 +03:00
Andrew Dolgov f3d4bae32e add an option to disable DISTINCT on headlines query (unless it's Labels category) 2021-02-26 09:57:34 +03:00
Andrew Dolgov 51142e1bf8 silence phpstan warning 2021-02-26 09:24:43 +03:00
Andrew Dolgov 7815a881e8 cleanup previous 2021-02-26 09:22:16 +03:00
Andrew Dolgov 56b10fea18 pass translations to frontend as a json object 2021-02-26 09:21:17 +03:00
Andrew Dolgov fd9cd52929 prefs: migrate after cache has been filled to skip 1 pref request 2021-02-25 21:45:16 +03:00
Andrew Dolgov a1ca62af50 cache schema version better 2021-02-25 21:42:05 +03:00
Andrew Dolgov 22ae284db4 reduce overall amount of unnecessary database queries 2021-02-25 21:27:16 +03:00
Andrew Dolgov 281f2efeb8 wrap prefs->migrate() into a transaction block 2021-02-25 19:21:29 +03:00
Andrew Dolgov 89ad25405e userhelper: only notify failed login for actual logins 2021-02-25 18:26:37 +03:00
Andrew Dolgov 8915bd1b21 fix crash caused by non-numeric non-null _SESSION[uid] passed to sql logger 2021-02-25 18:21:48 +03:00
Andrew Dolgov 34c74400a4 enforce some stricter type checking for loggers 2021-02-25 17:10:03 +03:00
Andrew Dolgov dcf0135285 logger: shorter syntax 2021-02-25 15:49:30 +03:00
Andrew Dolgov 59c14e9c00 api: remove base64 encoded passwords (wtf), log all authentication failures in userhelper 2021-02-25 15:39:46 +03:00
Andrew Dolgov efd196839a stop caching schema version entirely, fix some session_start() related warnings 2021-02-25 15:28:27 +03:00
Andrew Dolgov 1464abbbfc prefs cleanup 2021-02-25 14:59:02 +03:00
Andrew Dolgov c96172fa04 use constants in get_pref()/set_pref() 2021-02-25 14:49:58 +03:00
Andrew Dolgov 5aa05c90e1 pref-prefs: use constants instead of hardcoded strings 2021-02-25 14:45:11 +03:00
Andrew Dolgov 011e318947 prefs: don't try to do anything on schema < 141 2021-02-25 14:38:29 +03:00
Andrew Dolgov 6f02b1afd0 cleanup a bunch of old prefs code 2021-02-25 14:25:37 +03:00
Andrew Dolgov 7f18e8c33b updater: show owner login instead of just uid 2021-02-25 14:23:56 +03:00
Andrew Dolgov 7869378436 deal with feed update scheduling w/ new prefs 2021-02-25 14:20:54 +03:00
Frenck Lutke 2f2642bbd4 add fallback for feed_language on edit-feed-saving
Feed_language is only included in the form if running on pgsql, failing
the not null constraint on mysql setups.
2021-02-25 12:06:25 +01:00
Andrew Dolgov 00d0cb8c81 remove unused data from schema files 2021-02-25 12:58:00 +03:00
Andrew Dolgov 2621fe7955 fix get_pref always using default profile; remove unneeded code from db_prefs 2021-02-25 12:53:20 +03:00
Andrew Dolgov bd2314170d implement prefs UI based on new prefs class and a few more things 2021-02-25 12:46:13 +03:00
Andrew Dolgov 49a9afadce add prefs caching 2021-02-25 10:34:59 +03:00
Andrew Dolgov 8026f3c3bd initial (wip) for new prefs: add missing 2021-02-25 09:34:03 +03:00
Andrew Dolgov 988eb3ac91 initial (wip) for new prefs 2021-02-25 09:33:36 +03:00
Andrew Dolgov 2f14fa1bc3 add a hack to position labels on a dijit toolbar better 2021-02-24 15:53:47 +03:00
Andrew Dolgov 7f41228a71 decouple runtime-info object from counters 2021-02-24 15:40:19 +03:00
Andrew Dolgov 553548b689 request label counters conditionally 2021-02-24 15:07:31 +03:00
Andrew Dolgov 9313ebf2e7 fix warning in counters::get_feeds() 2021-02-24 13:25:26 +03:00
Andrew Dolgov 8b09e653e0 pass array to setScore 2021-02-24 12:10:09 +03:00
Andrew Dolgov 155e4f6125 pass a bunch of related arrays properly to backend 2021-02-24 12:07:25 +03:00
Andrew Dolgov e468e5a589 cats_of: enforce owner_uid 2021-02-24 10:09:08 +03:00
Andrew Dolgov 6ea1430a04 no special counter handling for catchupAll 2021-02-24 10:01:39 +03:00
Andrew Dolgov e6505b7d83 _cats_of: only request parents if needed 2021-02-24 09:56:59 +03:00
Andrew Dolgov d6203bf350 try to calculate counters conditionally based on feed ids 2021-02-24 09:47:26 +03:00
Andrew Dolgov a42e8aad97 add Errors.php 2021-02-23 22:31:43 +03:00
Andrew Dolgov 8d2e3c2528 drop errors.php and simplify error handling 2021-02-23 22:26:07 +03:00
Andrew Dolgov 85095f8a53 rename TTRSS_SESSION_NAME to SESSION_NAME 2021-02-23 17:01:25 +03:00
Andrew Dolgov ab4dafa4be config: add a type hint system 2021-02-23 16:58:48 +03:00
Andrew Dolgov 2ae0b7059f cleanup some defined-stuff 2021-02-23 09:01:27 +03:00
Andrew Dolgov 77e6d589ff allow adding custom config options 2021-02-22 23:20:52 +03:00
Andrew Dolgov 445ac1213c finalize config:: migration; make config.php optional 2021-02-22 22:51:12 +03:00
Andrew Dolgov 211f699aa0 migrate the rest into Config:: 2021-02-22 22:35:27 +03:00
Andrew Dolgov 383f4ca04a add config.php 2021-02-22 21:49:09 +03:00
Andrew Dolgov e4107ac952 wip: initial for config object 2021-02-22 21:47:48 +03:00
Andrew Dolgov 42173386b3 dirname(__FILE__) -> __DIR__ 2021-02-22 17:38:46 +03:00
fox 3f00502305 Merge pull request 'Let 'RSSUtils::check_feed_favicon' update existing favicons.' (#6) from wn/tt-rss:check-feed-favicon into master
Reviewed-on: https://git.tt-rss.org/fox/tt-rss/pulls/6
2021-02-22 17:25:02 +03:00
wn_ 6fbf7ef368 Remove check against the old file in 'RSSUtils::check_feed_favicon'. 2021-02-22 12:06:27 +00:00
Andrew Dolgov be4e7b1340 fix several issues reported by phpstan 2021-02-22 14:41:09 +03:00
Andrew Dolgov 33fff26869 reinstate HOOK_RENDER_ENCLOSURE 2021-02-22 10:00:50 +03:00
wn_ 02a9485966 Try to limit max favicon size, don't store current/old in a var. 2021-02-21 23:30:31 +00:00
Andrew Dolgov f6bfb89b29 pref-prefs: switch to new control shorthand in a few places 2021-02-21 23:18:32 +03:00
wn_ cb401af6f6 Let 'RSSUtils::check_feed_favicon' update existing favicons. 2021-02-21 19:01:40 +00:00
Andrew Dolgov 861a632ac7 move published opml JS code to pref helpers 2021-02-21 18:04:44 +03:00
Andrew Dolgov 521d0b65c7 batch feed editor: use tab layout, cleanup 2021-02-21 16:02:57 +03:00
Andrew Dolgov d1328321be move published OPML endpoint to public.php 2021-02-21 15:16:39 +03:00
Andrew Dolgov 2843b99171 minor filter UI layout fix 2021-02-21 13:08:34 +03:00
Andrew Dolgov 810afdaf5a prevent creation of filter rules matching no feeds 2021-02-21 12:28:25 +03:00
Andrew Dolgov 3b8d69206c deal with filter actions UI 2021-02-21 10:28:59 +03:00
Andrew Dolgov 94560132dd for the most part, deal with filter rules UI 2021-02-21 09:35:07 +03:00
Andrew Dolgov b4e96374bc more filter stuff 2021-02-20 21:48:05 +03:00
Andrew Dolgov 590b1fc39e a few more methods shuffled around 2021-02-20 18:21:36 +03:00
Andrew Dolgov be91355c20 first for filter frontend overhaul 2021-02-20 18:15:08 +03:00
Andrew Dolgov 39be169f0b also disable Article.completeTags 2021-02-20 13:39:17 +03:00
Andrew Dolgov 5c7416458f rpc: disable completeLabels for now 2021-02-20 13:37:21 +03:00
Andrew Dolgov 22fe9b54d2 feed editor: use client dialog 2021-02-20 13:32:09 +03:00
Andrew Dolgov 9586c72a17 wip: feed editor client-side 2021-02-20 10:26:09 +03:00
Andrew Dolgov 545bcc3e4b bookmarklets: cleanup some more markup 2021-02-20 08:49:40 +03:00
wn_ ce3e1756b3 Fix an undefined array key warning in 'catchupFeed'. 2021-02-19 21:46:30 +00:00
Andrew Dolgov 053b262aa7 rename public.php/cached_url to cached 2021-02-19 20:28:15 +03:00
Andrew Dolgov fc0ebf0891 move bookmarklet-related methods out of public.php into the plugin 2021-02-19 20:21:36 +03:00
Andrew Dolgov cf249d7e8c modify classname helpers to use element.classList; fix feed debugger & share--get 2021-02-19 19:29:43 +03:00
Andrew Dolgov 737cffc241 render feed icon markup on the client 2021-02-19 17:40:11 +03:00
Andrew Dolgov d445530fa0 format note on the client 2021-02-19 17:15:22 +03:00
Andrew Dolgov 4fa8450d38 setArticleTags: always return tags from the db 2021-02-19 15:50:42 +03:00
Andrew Dolgov e73779fec1 render tags on the client 2021-02-19 15:31:50 +03:00
Andrew Dolgov 131f34648d render headline labels on the client 2021-02-19 15:03:48 +03:00
Andrew Dolgov 660a1bbe01 * switch to xhr.post() almost everywhere
* call App.handlerpcjson() automatically on json request (if possible)
 * show net/log indicators in prefs
2021-02-19 13:44:56 +03:00
Andrew Dolgov bb4e4282f4 migrate a bunch of xhrPost invocations 2021-02-19 11:28:14 +03:00
Andrew Dolgov 00310d2d23 cleanup some unused code, fix App.byId() invoked by wrong name 2021-02-19 06:58:50 +03:00
Andrew Dolgov dcfea9baac properly validate feed editor dialog 2021-02-19 06:51:15 +03:00
Andrew Dolgov c088e9d9d8 get rid of a few more prototype-isms 2021-02-18 22:23:06 +03:00
Andrew Dolgov 70fa423026 initial for RIP prototype/scriptaculous 2021-02-18 21:51:18 +03:00
Andrew Dolgov 75435aa960 user details: cleanup 2021-02-18 13:00:20 +03:00
Andrew Dolgov 39c0fe3697 shorten many invocations of Ajax.Request in inline form methods 2021-02-18 12:27:26 +03:00
Andrew Dolgov 466cba39d8 Merge branch 'master' of git.fakecake.org:fox/tt-rss 2021-02-18 11:54:29 +03:00
Andrew Dolgov 1adb9bb6b6 profiles: use client dialog; move related methods to pref-prefs 2021-02-18 11:54:22 +03:00
Andrew Dolgov e4609c18ef * add (disabled) shortcut syntax for plugin methods
* add controls shortcut for pluginhandler tags
 * add similar shortcut for frontend
 * allow plugins to selectively exclude their methods from CSRF checking
2021-02-17 21:44:21 +03:00
Andrew Dolgov b16abc157e * App: rename hidden to hidden_tag
* search: use client dialog
 * add some form field helpers
2021-02-17 19:34:54 +03:00
Andrew Dolgov 92cb91e2e2 search dialog: bring back id of language dropdown 2021-02-17 16:33:28 +03:00
Andrew Dolgov 7be1e3ed38 pluginhandler: reject method requests without CSRF 2021-02-17 15:04:39 +03:00
Andrew Dolgov e9c3118ddd don't show E_USER_DEPRECATED on the frontpage 2021-02-17 14:14:10 +03:00
Andrew Dolgov d439685895 pluginhandlers: post notice if pluginmethod is requested without CSRF token 2021-02-17 14:05:12 +03:00
Andrew Dolgov 273ada7353 * implement shortcut syntax for exposed plugin methods
* move shared article rendering code to share plugin
2021-02-17 09:59:14 +03:00
Andrew Dolgov 91e7969383 replace a few more controls to new style 2021-02-16 18:57:06 +03:00
Andrew Dolgov 24c79d91c2 controls_compat: comment out most of them 2021-02-16 18:53:56 +03:00
Andrew Dolgov f58c49beaa replace a few more controls to new style 2021-02-16 18:50:18 +03:00
Andrew Dolgov 9d7ba773ec move session-related functions to their own namespace 2021-02-16 17:13:16 +03:00
Andrew Dolgov 7fad6ce651 move rgb/hsl functions to their own namespace 2021-02-16 17:07:23 +03:00
Andrew Dolgov bdbbdbb0ed rework controls to accept parameters as array 2021-02-16 16:59:21 +03:00
Andrew Dolgov 627af2c236 amend previous to fix actual underlying problem (double escaping) 2021-02-16 15:36:40 +03:00
Andrew Dolgov 1f5d81b77c use a few more control helpers for checkboxes 2021-02-16 15:19:42 +03:00
Andrew Dolgov 22fc6871e8 remove backend helper and move its only function to rpc for the time being 2021-02-16 14:51:42 +03:00
Andrew Dolgov d7127cead3 feed debugger: use hidden helpers; add button helpers 2021-02-16 14:42:27 +03:00
Andrew Dolgov 1f43d7916c replace print_hidden with hidden_tag 2021-02-16 14:32:06 +03:00
Andrew Dolgov 26d6b84a57 add namespaced controls with unified naming; deprecated old-style control shortcuts 2021-02-16 14:23:00 +03:00
Andrew Dolgov cb6b3584ce pref-labels: remove unused code 2021-02-16 14:19:06 +03:00
Andrew Dolgov cca84aedfd _format_enclosures: always return entries array 2021-02-16 10:18:50 +03:00
Andrew Dolgov 88f7c4f1a5 feeds/view: fix php8 warning 2021-02-16 10:11:58 +03:00
Andrew Dolgov 5c4223992f db-prefs: minor cleanup, add warnings if unknown prefs are requested 2021-02-15 22:01:11 +03:00
Andrew Dolgov 70e293bccb pref-filters: fix some warnings 2021-02-15 17:07:50 +03:00
Andrew Dolgov d4157b9e4e counters: just merge everything at once 2021-02-15 17:01:05 +03:00
Andrew Dolgov 39604bedef move reset_password to UserHelper 2021-02-15 16:59:54 +03:00
Andrew Dolgov 5d42ce553f drop legacy DB interface and related sanity checks 2021-02-15 16:55:55 +03:00
Andrew Dolgov 9f55454f63 remove the rest of db.php; rename some leftover methods in feeds 2021-02-15 16:51:35 +03:00
Andrew Dolgov bd3c38de84 move bookmarklet-related subscribe_to_feed_url to bookmarklet plugin 2021-02-15 16:41:52 +03:00
Andrew Dolgov 91285e3868 router: add additional logging for refused requests; reject requests for methods starting with _ 2021-02-15 16:34:44 +03:00
Andrew Dolgov d1c83fad14 api: unify naming 2021-02-15 16:18:17 +03:00
Andrew Dolgov 71f2f4288f counters: one more 2021-02-15 16:14:48 +03:00
Andrew Dolgov 6426ae559a dbupdater: unify naming 2021-02-15 16:14:00 +03:00
Andrew Dolgov 166f2d4666 diskcache: unify naming 2021-02-15 16:11:30 +03:00
Andrew Dolgov 8e79f1717d prefs: unify naming 2021-02-15 16:07:22 +03:00
Andrew Dolgov 5704deb460 counters: unify naming 2021-02-15 16:00:54 +03:00
Andrew Dolgov 257efb43c6 article: unify naming 2021-02-15 15:52:28 +03:00
Andrew Dolgov 020f062a76 feeds: unify naming 2021-02-15 15:43:07 +03:00
Andrew Dolgov 6b006a18e7 subscribe to feed: use client dialog 2021-02-15 15:21:41 +03:00
Andrew Dolgov ecb36b6354 edit tags: use client dialog 2021-02-15 14:50:40 +03:00
Andrew Dolgov 82adb01307 render enclosures on the client 2021-02-15 14:10:46 +03:00
fox 916c21fe60 Merge pull request 'Lazy load image attachments' (#2) from verifiedjoseph/tt-rss:lazy-load-image-attachments into master
Reviewed-on: https://git.tt-rss.org/fox/tt-rss/pulls/2
2021-02-15 11:55:12 +03:00
Andrew Dolgov 868b9b476e api: rewrite article urls at the very end to prevent plugins which expect source URLs from breaking 2021-02-15 09:40:43 +03:00
Andrew Dolgov 52a86c5e38 Revert "api: get flavor image from plugin-processed content"
This reverts commit a4604e892c.
2021-02-15 08:49:12 +03:00
Andrew Dolgov a4604e892c api: get flavor image from plugin-processed content 2021-02-15 08:28:46 +03:00
Andrew Dolgov 9f31381bb6 renderToolbar: support empty data i.e. dashboard feed 2021-02-15 07:46:24 +03:00
Andrew Dolgov a2e688fcb2 render headline-specific toolbar on the client 2021-02-14 22:17:13 +03:00
Joseph 68e2ccb354 Lazy load image attachments 2021-02-14 17:31:01 +00:00
Andrew Dolgov 4996d8ccfe pref-users edit: use client dialog 2021-02-14 16:44:41 +03:00
Andrew Dolgov 0b7377238a add Handler_Administrative 2021-02-14 15:50:46 +03:00
Andrew Dolgov 33ea46c2bc pref-users/add: remove unused variable 2021-02-14 15:42:12 +03:00
Andrew Dolgov 0fbf109912 * remove users/filters toolbar edit button (just click on it)
* fix title of edit filter dialog always showing create filter
2021-02-14 15:38:45 +03:00
Andrew Dolgov a8cc43a0ff move logout_user() to UserHelper 2021-02-14 15:31:03 +03:00
Andrew Dolgov 2547ece0ca pref-users: cleanup index 2021-02-14 14:59:22 +03:00
Andrew Dolgov 1c7e4782aa prefs system: load phpinfo using inline method 2021-02-14 12:29:08 +03:00
Andrew Dolgov 6b5c9c781b pref prefs: load secondary tabs when needed 2021-02-14 12:25:41 +03:00
Andrew Dolgov e5cedc7d5f appPasswordList: markup cleanup 2021-02-14 11:39:26 +03:00
Andrew Dolgov 8e75551f95 pref prefs: split index into manageable chunks 2021-02-14 11:29:38 +03:00
Andrew Dolgov 15fd23c374 use shortcut echo syntax for php templates 2021-02-14 09:15:51 +03:00
Andrew Dolgov d4c925819b pref-feeds: load error button via xhr 2021-02-13 23:12:49 +03:00
Andrew Dolgov 43d8a1f2ff remove getinactivefeeds (duplicate functionality) 2021-02-13 23:08:20 +03:00
Andrew Dolgov 103d30ad3f batch subscribe: use client dialog 2021-02-13 22:16:17 +03:00
Andrew Dolgov c36b2adf84 feeds with errors: use client dialog 2021-02-13 21:57:02 +03:00
Andrew Dolgov 8464c619e4 inactive feeds: use client dialog 2021-02-13 21:41:38 +03:00
Andrew Dolgov 17413078a7 pref feeds: index cleanup, split into several methods, use tabs to maximize space for feed tree, persist feed tree state 2021-02-13 18:32:02 +03:00
Andrew Dolgov 9684ce5c4b minor fixes re: previous 2021-02-13 16:07:52 +03:00
Andrew Dolgov b112198991 pref filters index: markup cleanup 2021-02-13 14:05:25 +03:00
Andrew Dolgov 5127c29297 prefs system: markup cleanup 2021-02-13 13:50:53 +03:00
Andrew Dolgov aa63014073 pref-labels index: use cleaner markup 2021-02-13 13:37:57 +03:00
Andrew Dolgov 46f6d7c11a pref-labels/index: cleanup 2021-02-13 13:26:17 +03:00
Andrew Dolgov e7924c6dac label editor: use client dialog 2021-02-13 13:17:34 +03:00
Andrew Dolgov eec5871f5f fail better if requested article URL is blank 2021-02-13 10:10:44 +03:00
Andrew Dolgov d3940b6259 fix a bunch of warnings related to generated feeds 2021-02-12 22:00:33 +03:00
Andrew Dolgov 481bd76100 pref helpers: move some methods to their own sections 2021-02-12 21:51:32 +03:00
Andrew Dolgov 6af83e3881 drop ENABLE_GZIP_OUTPUT; system prefs: load php info only if needed 2021-02-12 21:43:38 +03:00
Andrew Dolgov e6624cf631 fix a few more session-related warnings 2021-02-12 21:24:49 +03:00
Andrew Dolgov 157675d9fd prefs: fix published shared URL dialog 2021-02-12 19:17:50 +03:00
Andrew Dolgov ad7842c98a RIP tag cloud: last of the vanilla popup dialog system 2021-02-12 18:43:30 +03:00
Andrew Dolgov 03b85248e6 move some dialogs to xhr loading 2021-02-12 18:38:26 +03:00
Andrew Dolgov 71dfc83466 force _ENABLED_PLUGINS to string when passed to pluginhost 2021-02-12 17:20:37 +03:00
Andrew Dolgov 3268364693 more dialog-related cleanup 2021-02-12 15:50:06 +03:00
Andrew Dolgov 3d11c61f32 * OPML import: don't reload everything, just feed tree
* dialogs: use auto-destroying dialog for almost all dialogs instead of destroying them manually
* some general dialog-related cleanup
2021-02-12 15:22:10 +03:00
Andrew Dolgov 8f8675a26a * filters: remove duplicate code, overall cleanup
* check if some tres exist before trying to reload them
2021-02-12 14:31:36 +03:00
Andrew Dolgov 699186f430 Merge branch 'master' of git.tt-rss.org:fox/tt-rss 2021-02-12 14:08:34 +03:00
fox a718b692a0 Merge pull request 'Add defaults to api.php variables' (#1) from klempin/tt-rss:fix/undefined-content into master
Reviewed-on: https://git.tt-rss.org/fox/tt-rss/pulls/1
2021-02-12 13:25:24 +03:00
Philip Klempin ace19c0790 Add defaults to api.php variables 2021-02-12 10:59:30 +01:00
Andrew Dolgov 0f7af07c6e edit filter dialog: cleanup 2021-02-12 12:12:47 +03:00
Andrew Dolgov 20fb056323 remove customizecss from csrf-ignored methods 2021-02-12 10:37:14 +03:00
Andrew Dolgov bf6d0f2817 various dialog-related fixes; stop referring to many dialogs by name; move filter test initial dialog to client side 2021-02-12 10:35:13 +03:00
Andrew Dolgov 72e38bfe1f rework a few more dialogs to use App.dialogOf() 2021-02-12 09:56:27 +03:00
Andrew Dolgov d466284fab * customizeCSS: client dialog
* remove hardcoded width from most dialogs (move to css)
* add helper to easily get dialog from its widget
* rework some dialog buttons to use current object instead of calling dialog by name
2021-02-12 09:02:44 +03:00
Andrew Dolgov 83b0738b04 opml import: no more iframe, use client dialog 2021-02-12 08:22:00 +03:00
Andrew Dolgov 3134d71b8f fix typo introduced by 4182018cb7 2021-02-12 08:15:30 +03:00
Andrew Dolgov eac7ad5d34 remove explainError server-side dlg 2021-02-12 08:00:25 +03:00
Andrew Dolgov 4182018cb7 generated feed: use client dialog 2021-02-11 22:04:39 +03:00
Andrew Dolgov 1a680d4eae publishedOPML: use client dialog 2021-02-11 21:42:38 +03:00
Andrew Dolgov 848bc57f29 disable themes in safe mode; rework safe mode warning/login prompt 2021-02-11 21:19:57 +03:00
Andrew Dolgov 74986d1ac6 shorten pref tab names; make log-alert clickable 2021-02-11 15:49:32 +03:00
Andrew Dolgov 09e9f34bb4 add UserHelper::find_user_by_login() and rewrite some user checks to invoke it instead of going through PDO 2021-02-11 10:22:27 +03:00
Andrew Dolgov 7af8744c85 authentication: make logins case-insensitive (force lowercase) 2021-02-11 09:57:57 +03:00
Andrew Dolgov e7e73193fe fix warning in profile edit dialog (2) 2021-02-10 22:06:01 +03:00
Andrew Dolgov 2505ae43a9 fix warning in profile edit dialog 2021-02-10 22:03:08 +03:00
Andrew Dolgov 9e1459d5db pref/prefs: fix warning when in non-default profile 2021-02-10 21:40:43 +03:00
Andrew Dolgov d630a92c40 fix 2 warnings in feed editor 2021-02-09 15:04:01 +03:00
Andrew Dolgov 2f8efab275 api: one more php8 warning 2021-02-09 12:04:59 +03:00
Andrew Dolgov a5819569f2 pluginhost: a few more warnings and type hints 2021-02-09 10:20:58 +03:00
Andrew Dolgov 6a25bc53ef api: pass hook object payload by reference 2021-02-09 08:57:23 +03:00
Andrew Dolgov 3655e7aaf1 api: fix some php8 warnings (4) 2021-02-09 08:50:51 +03:00
Andrew Dolgov aba028a375 api: fix some php8 warnings (3) 2021-02-09 08:47:41 +03:00
Andrew Dolgov f6f0f21664 make ARTICLE_KIND_ constants class members 2021-02-09 08:24:46 +03:00
Andrew Dolgov 0871a51cb4 api: fix some php8 warnings (2) 2021-02-09 08:16:04 +03:00
Andrew Dolgov 63a90d26f3 api: fix some php8 warnings 2021-02-09 08:15:07 +03:00
Andrew Dolgov 7ae0e8d9c5 rewrite some more hooks in classes/feeds 2021-02-08 23:10:22 +03:00
Andrew Dolgov 345dbb3521 rewrite some more hooks 2021-02-08 22:46:01 +03:00
Andrew Dolgov 6c8ccd2acc front page log checker: filter out idiotic GD warning 2021-02-08 22:15:35 +03:00
Andrew Dolgov 9f3de2d24c login: fix profile warning 2021-02-08 22:03:27 +03:00
Andrew Dolgov 07408ac222 opml: normalize class name 2021-02-08 21:38:26 +03:00
Andrew Dolgov d91eae9c7e pluginhost: add some type hints 2021-02-08 21:38:09 +03:00
Andrew Dolgov 7eb860af61 even more hooks 2021-02-08 21:28:09 +03:00
Andrew Dolgov 6e57fd77af db: add type hints 2021-02-08 21:11:56 +03:00
Andrew Dolgov a14873d5b4 more hooks, also add type hint for PluginHost::getInstance() 2021-02-08 21:06:14 +03:00
Andrew Dolgov 54bbd08f38 some more hooks 2021-02-08 20:45:11 +03:00
Andrew Dolgov ca4c93c6b9 pluginhost: note hook function prototypes 2021-02-08 20:20:24 +03:00
Andrew Dolgov 7874f6ac58 remove PHPMD.UnusedFormalParameter 2021-02-08 19:42:10 +03:00
Andrew Dolgov a341a838b1 pluginhost: deny hook registration to plugins which lack relevant implementation methods 2021-02-08 19:16:53 +03:00
Andrew Dolgov 51d2deeea9 fix hierarchy of authentication modules, make everything extend Auth_Base and implement hook_auth_user() for pluginhost 2021-02-08 19:11:31 +03:00
Andrew Dolgov fc2e0bf67b log viewer: disable previous page on page 1 2021-02-08 17:05:50 +03:00
Andrew Dolgov fa2ebcd0a2 api: rewrite a few more hooks 2021-02-08 17:03:34 +03:00
Andrew Dolgov 363b3629a4 rewrite a few more hooks 2021-02-08 16:52:47 +03:00
Andrew Dolgov 3b52cea811 move some old-style handlers to new callback ones 2021-02-08 16:14:48 +03:00
Andrew Dolgov 1d5c8ee500 prefs: fix user plugins shown by incorrect criteria 2021-02-08 15:41:15 +03:00
Andrew Dolgov 1eb1629d9e pluginhost: rework run_hooks() to be shorter, add callback variant; implement exception handling for both 2021-02-08 14:24:45 +03:00
Andrew Dolgov 20b56b5b23 pluginhost: catch errors while loading plugin source code 2021-02-08 12:14:12 +03:00
Andrew Dolgov 4165834f80 pluginhost: catch fatal errors in plugin init 2021-02-08 12:10:25 +03:00
Andrew Dolgov d293cbd5a9 fix several warnings related to feed editor 2021-02-08 11:46:43 +03:00
Andrew Dolgov 0a788da2d2 dlg: fix unset param warning 2021-02-08 09:00:29 +03:00
Andrew Dolgov 3ad820e083 oops, remove unneeded warnings 2021-02-08 08:31:06 +03:00
Andrew Dolgov 479da5aa86 jimIcon: hide GD warning 2021-02-08 08:30:04 +03:00
Andrew Dolgov 3f972f8fed public/subscribe: fix warnings 2021-02-08 08:20:30 +03:00
Andrew Dolgov 41fc03287e fix even more warnings reported by phpstan 2021-02-06 17:56:47 +03:00
Andrew Dolgov c94f1b6ff8 fix some more warnings reported by phpstan 2021-02-06 17:38:24 +03:00
Andrew Dolgov b6e1a5c91a fix several warnings reported by phpstan 2021-02-06 17:19:07 +03:00
Andrew Dolgov ce2335deaf pref-users: css fixes 2021-02-06 16:24:40 +03:00
Andrew Dolgov d8de10d78a error log: fix severity dropdown 2021-02-06 16:16:43 +03:00
Andrew Dolgov 73e697a0df fix some warnings in prefs (filters, users) 2021-02-06 16:13:11 +03:00
Andrew Dolgov 73070544ca error log: make it more readable 2021-02-06 16:11:29 +03:00
Andrew Dolgov 5cfc5914f2 log viewer: show total pages 2021-02-06 15:33:19 +03:00
Andrew Dolgov 5849a39820 af_redditimgur: don't try to load empty html; fix a warning in update debugger 2021-02-06 10:31:06 +03:00
Andrew Dolgov ce489a724b fix a few more warnings 2021-02-06 10:23:45 +03:00
Andrew Dolgov 10392ecc28 event log: add pagination 2021-02-06 10:10:54 +03:00
Andrew Dolgov 9fdeb58fd3 check a few more php8 warnings 2021-02-06 09:51:28 +03:00
Andrew Dolgov a544123b59 fix clean() for arrays and user plugin list 2021-02-06 00:17:41 +03:00
Andrew Dolgov 6e774a58fe more php8 fixes mostly related to login 2021-02-06 00:12:15 +03:00
Andrew Dolgov 403dca154c initial WIP for php8; bump php version requirement to 7.0 2021-02-05 23:41:32 +03:00
Andrew Dolgov da0ad82c24 Archive cleanup:
- remove code to manually archive/unarchive articles
- remove ttrss_archived_feeds/orig_feed_id handling - the whole thing was implemented for
this data to be kept indefinitely; it doesn't make a lot of sense to deal with this stuff
now that it is expired after one month anyway (same reasons as feed browser being removed - privacy)
- remove "originally from"-related stuff because of the above
- also remove unused remaining frontend/backend code related to feed browser (rip)
2021-01-17 14:55:11 +03:00
Andrew Dolgov 25520e9784 Select... dropdown: replace dijit Select with DropDownButton, simplify layout
PluginHost: add HOOK_HEADLINE_TOOLBAR_SELECT_MENU_ITEM
Headlines.onActionChanged: removed
2021-01-17 11:27:07 +03:00
Andrew Dolgov bc0d50e892 remove show as feed from Select dropdown in main toolbar 2021-01-17 10:43:29 +03:00
Andrew Dolgov b2993bcd30 remove menu options to manually un/archive articles 2021-01-17 10:37:40 +03:00
Andrew Dolgov ee4b7bebe8 pluginhost: load_data: check schema last 2021-01-15 08:35:05 +03:00
Andrew Dolgov 40f38fc87f pluginhost: load plugin data automatically (also marks load_data method as private) 2021-01-15 08:32:06 +03:00
Andrew Dolgov f67f0f864b HOOK_ARTICLE_EXPORT_FEED: also pass owner_uid 2021-01-11 22:52:31 +03:00
JustAMacUser fadf4dec96 Include tags for HOOK_ARTICLE_EXPORT_FEED. 2021-01-10 03:23:16 -05:00
Andrew Dolgov 33a5ecd2ce feed editor: show purge interval correctly if FORCE_ARTICLE_PURGE is set 2021-01-07 18:16:42 +03:00
Andrew Dolgov 4e3ef7a4dd get_user_ip: remove REMOTEADDR for the time being 2021-01-05 10:25:43 +03:00
Andrew Dolgov a8302fb253 use X-Real-IP headers if possible while authenticating 2021-01-05 10:17:24 +03:00
Andrew Dolgov 8cc07bc8bd event log: add severity filtering 2020-12-24 15:02:47 +03:00
Andrew Dolgov 6da576dbe4 BLACKLISTED_TAGS: use textarea for editing; normalize value when saving 2020-12-21 08:50:34 +03:00
Andrew Dolgov f59c567831 update_rss_feed: fix BLACKLISTED_TAGS not working properly, simplify tag-related code 2020-12-20 23:12:45 +03:00
Andrew Dolgov 5f733604f0 purge_feed: limit debugging to LOG_VERBOSE 2020-12-20 23:11:26 +03:00
wn_ d2db58de4f Switch from 'vsprintf' to 'sprintf' in another place. 2020-12-16 07:55:32 -06:00
fox ef7e679363 Merge branch 'feature/php8' of wn/tt-rss into master 2020-12-16 11:06:48 +00:00
Andrew Dolgov b4b2ba99ef purge_feed: shorten one log message 2020-12-15 09:43:59 +03:00
Andrew Dolgov f05f9b4252 purge_feed: add more debugging output 2020-12-15 08:50:01 +03:00
Andrew Dolgov 9b7338e807 feed editor: properly show global purging interval as disabled 2020-12-15 08:49:43 +03:00
Andrew Dolgov 83962a8561 feed debugger: allow setting log level to LOG_EXTENDED 2020-12-12 22:17:23 +03:00
wn 62da307ef1 Use correct 'sprintf' function and other minor fixes in Pref_Feeds. 2020-12-12 10:28:55 -06:00
wn a1f8d6941b Remove duplicate block in 'classes/pref/filters.php'.
Also a minor tweak to getting the search filter.
2020-12-12 10:28:54 -06:00
wn 8c4ca7c8ef Fix some 'isset' checks in 'classes/pref/prefs.php'. 2020-12-12 10:28:53 -06:00
wn 95d0cb4953 Handle potential absence of a URL path in UrlHelper. 2020-12-12 10:28:53 -06:00
Andrew Dolgov 71c8d8d365 queryFeedHeadlines:
- there should be no need for DISTINCT query when checking for first id
 - fix DISTINCT query part being undefined when browsing by tags
 - add query debugging for tags
2020-12-08 17:01:19 +03:00
Andrew Dolgov 7608f3d7b0 Merge branch 'master' of git.fakecake.org:tt-rss 2020-12-08 13:55:11 +03:00
Andrew Dolgov 2edfcbbd85 get_article_image: add support for ARTICLE_KIND_ALBUM 2020-12-08 13:54:52 +03:00
Andrew Dolgov 85b788709a setArticleTags: prevent duplicate tags being assigned if called twice
editTagsDlg: prevent dialot from being submitted twice
normalize_categories: filter out empty values that failed validation
2020-12-07 23:35:37 +03:00
Andrew Dolgov d06cc8267b queryFeedHeadlines: bring back DISTINCT for a limited set of columns 2020-12-07 16:59:48 +03:00
Andrew Dolgov e40b79ab33 get_article_image: return basic kind to which flavor image belongs 2020-12-07 12:09:06 +03:00
Andrew Dolgov db3fcb861b viewfeed: reintroduce timestamps, fix debugging, fix some indents 2020-12-04 18:55:53 +03:00
Andrew Dolgov 20af8d5caf queryFeedHeadlines: properly define for a few more variables 2020-12-04 08:59:37 +03:00
Andrew Dolgov 1580748c17 queryFeedHeadlines: make sure feed_check_qpart is always defined 2020-12-04 08:55:26 +03:00
Andrew Dolgov 904d5f7a3b queryFeedHeadlines: no longer select DISTINCT headlines for performance reasons (this also removes _HEADLINES_QUERY_NO_DISTINCT) 2020-12-04 08:44:43 +03:00
Andrew Dolgov e9673eb13d experimental: add optional _HEADLINES_QUERY_NO_DISTINCT to disable DISTINCT keyword in queryFeedHeadlines query 2020-12-03 14:42:01 +03:00
Andrew Dolgov 8089fcc762 feed editor: also show default value for purge interval 2020-11-30 15:34:15 +03:00
Andrew Dolgov d48460969d feed editor: show actual value of default update interval 2020-11-30 15:29:22 +03:00
Andrew Dolgov d1ee30d1ba prevent horizontal scrolling in filter editor dialog if rules are very long 2020-11-27 12:27:12 +03:00
Andrew Dolgov 328d7b55c8 URLHelper: fix E_DEPRECATED error related to idn_to_ascii() 2020-11-14 15:13:35 +03:00
John Aylward 01c0d4bbfd allow audio to be sent to client from the cache 2020-11-04 14:34:37 -05:00
JustAMacUser f782ee46ad Fix incorrect parenthesis placement in `count()`. 2020-10-29 00:52:07 -04:00
Andrew Dolgov f1fd5e8db1 mark feed as having an error if update task fails (and no last error is already stored for this feed) 2020-10-18 16:12:58 +03:00
Andrew Dolgov 935f163919 api: catchupfeed: allow passing 'mode' (optional), bump api version 2020-10-03 10:23:21 +03:00
Andrew Dolgov 4ea407f613 when auto disabling feeds based on DAEMON_UNSUCCESSFUL_DAYS_LIMIT only consider feeds with recent attempts to update (to prevent clashes with not recently logged users, etc) 2020-10-01 15:59:40 +03:00
Andrew Dolgov 38a7a1da88 hide uninteresting errors in several DOMDocument->loadHTML() invocations 2020-10-01 13:20:07 +03:00
Andrew Dolgov 8a02a728c8 add DAEMON_UNSUCCESSFUL_DAYS_LIMIT tunable (defaults to 30 days) 2020-09-30 17:03:16 +03:00
Andrew Dolgov e641547d37 set ttrss_feeds.last_successful_update as needed 2020-09-30 16:35:50 +03:00
Andrew Dolgov 15e8ee3471 housekeeping: add task to cleanup orphan feed icons 2020-09-29 12:46:55 +03:00
Andrew Dolgov 82bc740363 Logger::log - allow specifying errno
bump severity of PDO exception log messages to E_USER_WARNING
2020-09-29 10:08:54 +03:00
Andrew Dolgov 3b17c45887 exclude E_USER_NOTICE from recent events icon 2020-09-29 10:03:11 +03:00
Andrew Dolgov 23d20847a3 update_rss_feed: fallback to previous method if passthru() is not available 2020-09-28 21:19:53 +03:00
Andrew Dolgov c70e26db31 validate url: feed urlencoded() URL to filter_var() only 2020-09-28 19:46:31 +03:00
Andrew Dolgov 7c8bed0524 accept -1 as a valid exit code for per-feed update processes 2020-09-28 16:02:59 +03:00
Andrew Dolgov 335dcd3bf9 don't mention last_updated in non-zero failure error message because that's not what it means 2020-09-28 08:32:14 +03:00
Andrew Dolgov 3534b8dfa7 improve logging for per-feed update task failures 2020-09-28 08:02:38 +03:00
Andrew Dolgov 74cd60d7cc update_rss_feed: don't return as if failed on http 304 2020-09-27 17:13:36 +03:00
Andrew Dolgov d4d0e976dc update-feed: exit with non-zero exit code if update_rss_feed() failed
daemon: log if per-feed update task terminated with non-zero exit code
2020-09-27 16:42:45 +03:00
Andrew Dolgov 0761533d0a lock per-feed update processes based on feed ID to reduce possibilty
of concurrent updates
2020-09-27 16:01:39 +03:00
Andrew Dolgov 528b387563 update individual feed in a separate process to prevent PHP fatal errors
(for example, OOM) from stopping the entire batch
this should also slightly increase memory budget for update processes
2020-09-27 15:58:13 +03:00
Andrew Dolgov e993d4feb2 Merge branch 'master' of git.fakecake.org:tt-rss 2020-09-25 10:04:09 +03:00
Andrew Dolgov 71e9f70b8a search_to_sql: use per-user default language instead of hardcoded english if isn't specified explicitly 2020-09-25 10:03:42 +03:00
Andrew Dolgov d0ed7890df prev: add missing class 2020-09-23 13:05:00 +03:00
Andrew Dolgov 215f388992 move timestamp-related stuff to a separate class 2020-09-23 13:04:26 +03:00
Andrew Dolgov 05744bb474 fix updater never scheduling feeds for update if they never been updated before while having default update interval set 2020-09-22 20:33:51 +03:00
Andrew Dolgov 8fb2baecdc another hack for validation of URLs with invalid characters 2020-09-22 19:56:26 +03:00
Andrew Dolgov a897c4165b validate URLs: convert IDN to punycode before passing URL to filter_var() 2020-09-22 15:32:22 +03:00
Andrew Dolgov 6811d0bde2 use self:: in some places to invoke static methods from the same class 2020-09-22 14:54:15 +03:00
Andrew Dolgov b5710baf34 - don't fail on non-ascii characters when validating URLs
- fix IDN hostnames not being converted properly
2020-09-22 14:37:45 +03:00
Andrew Dolgov ab6aa0ad3e fix previous re: resolve_redirects 2020-09-22 09:18:24 +03:00
Andrew Dolgov 74568df4ff remove a lot of stuff from global context (functions.php), add a few helper classes instead 2020-09-22 09:04:33 +03:00
Andrew Dolgov 3dd4169b5f clarify some URL validation-related error messages 2020-09-21 20:35:24 +03:00
Andrew Dolgov 4785f21316 update_rss_feed: log effective URL after fetching
validate_url: treat scheme as case-insensitive
2020-09-21 20:26:57 +03:00
Andrew Dolgov 05ef9aac2f update URL pointing to version.json 2020-09-19 07:33:59 +03:00
Andrew Dolgov 03a337a660 add basic safe mode which doesn't load any user plugins 2020-09-18 15:48:22 +03:00
Andrew Dolgov a4525d31b2 replace FALSE with false so that static analyzer shuts up about it 2020-09-17 19:02:27 +03:00
Andrew Dolgov afa0023c51 don't try to update manually disabled feeds even if they haven't been updated before or are marked for a manual update 2020-09-17 15:40:50 +03:00
Andrew Dolgov 37f41a5246 forgotpass: use type strict comparison for reset token 2020-09-17 11:49:27 +03:00
Andrew Dolgov e3adacc588 fix several cases of Db class being invoked as wrong name (as DB) 2020-09-17 09:18:03 +03:00
Andrew Dolgov 89d53a7f49 fix typo in previous 2020-09-17 08:45:17 +03:00
Andrew Dolgov 1f79d614c4 fix OTP QR code not displayed because of CSRF token passed as a query
parameter
use type-strict comparison when validating CSRF token on the backend
2020-09-17 08:43:39 +03:00
Andrew Dolgov 9d3c794983 subscribe: allow pre-filling feed URL if passed via query string 2020-09-16 17:20:31 +03:00
Andrew Dolgov 33fdde249e pass CSRF token to opml import and feed icon replace dialogs 2020-09-16 06:43:55 +03:00
Andrew Dolgov 42b5564d1e editarticletags: load dialog via XHR 2020-09-15 18:47:19 +03:00
Andrew Dolgov 0706a328a4 handler: default base csrf_ignore() to false 2020-09-15 18:16:33 +03:00
Andrew Dolgov 0a142912d3 backend handler: require CSRF, remove obsolete code 2020-09-15 18:08:08 +03:00
Andrew Dolgov 154417d80b public/logout: require valid CSRF token 2020-09-15 16:59:11 +03:00
Andrew Dolgov cbcb10a272 Feeds: load quickaddfeed and search dialogs via XHR w/ CSRF protection 2020-09-15 16:28:09 +03:00
Andrew Dolgov 8080c525fd - backend: require CSRF token to be passed via POST
- do not leak CSRF token via GET request in feed debugger
- rework Article/redirect to use POST
2020-09-15 16:12:53 +03:00
Andrew Dolgov e670ac2ee5 require CSRF token for Article/redirect 2020-09-15 15:35:50 +03:00
Andrew Dolgov 7e50c6c4b5 - enable CSRF support earlier
- remove rpc/sanityCheck from CSRF-excluded calls
2020-09-15 15:32:17 +03:00
Andrew Dolgov 79f102c25d af_proxy_http: never print received data directly, always redirect to cached_url
cache/getUrl: basename() passed filename just in case
2020-09-15 08:02:28 +03:00
Andrew Dolgov 4a074111b5 user preferences: forbid < and > characters when changing passwords (were silently stripped on save because of clean()) 2020-09-14 20:53:00 +03:00
Andrew Dolgov da98ba662e public/subscribe: require valid CSRF token when validating the form 2020-09-14 20:21:22 +03:00
Andrew Dolgov c3d14e1fa5 - fix multiple vulnerabilities in af_proxy_http
- fix vulnerability in rewrite_relative_url() which prevented some URLs from being properly absolutized
- fetch_file_contents: validate all URLs before requesting them
- validate URLs: explicitly whitelist http and https scheme, forbid everything else
- DiskCache/cached_url: only serve whitelisted content types (images, video)
- simplify filename/URL handling code, remove and consolidate some less-used functions
2020-09-14 19:46:52 +03:00
Andrew Dolgov a922b3cc6d order_to_override_query: allow HOOK_HEADLINES_CUSTOM_SORT_OVERRIDE plugins to override built-in sorting 2020-09-11 07:48:22 +03:00
Andrew Dolgov 67f02e2aa7 properly return counters for labels with zero assigned articles
refs https://community.tt-rss.org/t/label-counter-doesnt-update-when-count-goes-down-to-zero/3766
2020-08-29 08:41:52 +03:00
Rodney Stromlund 88ced02622 Silence php 7.2 error message generated in `session_set_cookie_params`. 2020-08-14 10:47:46 -05:00
Andrew Dolgov ddf9227dc4 pluginhost: allow overriding default sort modes via HOOK_HEADLINES_CUSTOM_SORT_MAP etc 2020-08-13 12:23:27 +03:00
Andrew Dolgov dfa65e9374 move order_by to SQL override logic into a separate function 2020-08-13 11:52:32 +03:00
Andrew Dolgov 48be005774 instead of taking batch timestamp and score (?) into account, make oldest first sorting work consistently with newest first - i.e. rely on feed-provided timestamp 2020-08-11 13:29:09 +03:00
Andrew Dolgov 05a47e5cf4 OPML: export/import per-feed purge interval 2020-08-10 11:57:39 +03:00
Paco Esteban c4ee0e25a1 more int/string type mismatches on getCategories 2020-08-01 16:30:10 +02:00
Paco Esteban 3da618e0ea make sure all ints are casted (to int) on getCategories 2020-07-31 16:15:16 +02:00
fox 68b78ecd3d Merge branch 'bugfix/invalid-opml' of wn/tt-rss into master 2020-07-01 14:48:02 +00:00
Andrew Dolgov b6372a846d when exporting OPML via web UI, add user login to the filename 2020-07-01 10:02:24 +03:00
Andrew Dolgov fa653f5a43 prefs: show disabled filters properly on mysql 2020-07-01 09:49:53 +03:00
Andrew Dolgov 2996a3942f prefs: show root of filter tree as enabled so it's not grayed out 2020-07-01 09:48:27 +03:00
wn_ 614d3ac1bf Properly check if OPML file was loaded during import. 2020-06-27 15:06:08 -05:00
Andrew Dolgov c352e872e9 core: pass found enclosures to HOOK_ARTICLE_FILTER
af_redditimgur: remove enclosures if we found something to embed because it's going to be a low-res thumbnail
2020-06-24 22:54:14 +03:00
Andrew Dolgov 6eb94f1e13 better support for image srcset attributes as discussed in https://community.tt-rss.org/t/problem-with-img-srcset/3519 2020-06-15 11:58:59 +03:00
Andrew Dolgov d01ad09800 eslint-related fixes; move a few things from global context to App 2020-06-05 07:44:57 +03:00
Andrew Dolgov c8cc845d5b when removing favicon, reset its auto-refresh timer 2020-05-22 15:06:52 +03:00
Andrew Dolgov 06d2c65193 calculate_article_hash: don't die() on previous, woops 2020-05-17 17:44:32 +03:00
Andrew Dolgov 3a142cbf58 calculate_article_hash: ignore some useless or read-only fields (i.e. GUID) when calculating hash 2020-05-17 17:42:37 +03:00
Andrew Dolgov cd1f3cb8cc * store UID in article hashed GUID separately so it could be migrated cleanly to a different instance
* store resulting GUID as a JSON object so it could be extended easier if needed
2020-05-17 14:01:16 +03:00
Andrew Dolgov 7a2e9bef77 add --opml-export to update.php 2020-05-13 12:07:31 +03:00
Andrew Dolgov c275a0cd33 DiskCache: append fake file extension when sending cached files based on mime type to make saving files easier 2020-05-12 13:28:54 +03:00
Andrew Dolgov 3a4b9249a9 DiskCache: properly deal with srcset attributes 2020-04-29 19:29:36 +03:00
Andrew Dolgov 4a00f96733 remove unneeded var_dump() 2020-04-29 11:35:02 +03:00
Andrew Dolgov 6573541873 * add HOOK_ENCLOSURE_IMPORTED
* pass feed id to HOOK_FEED_PARSED
2020-04-29 11:33:39 +03:00
Andrew Dolgov 44b1f0fcc0 search: add support for label:XXX search keyword
Labels: enforce case-insensitive lookups when creating/looking for labels
2020-04-04 14:34:08 +03:00
Andrew Dolgov 1f2a721905 allow overriding built-in templates via templates.local 2020-03-13 14:40:35 +03:00
lllusion3418 ec1b0befc7 add support for video[@src] in media cache
it's a valid alternative to a source[@src] child element:
https://developer.mozilla.org/en-US/docs/Web/HTML/Element/video
2020-03-12 11:08:39 +01:00
lllusion3418 cdde23b4dc actually download <video> posters to media cache
video[@poster] is already supported in the rewriting logic but never
actually downloaded
2020-03-12 11:08:33 +01:00
lllusion3418 b4287a2e98 fix url rewriting for videos with poster and src
if a poster attribute was present only that would have been rewritten
and the (arguably more important) src attribute would be left as-is
2020-03-12 11:08:24 +01:00
Andrew Dolgov 208e02c47d PluginHost/save_data: use separate PDO connection to prevent issues with nested transactions 2020-03-10 08:14:00 +03:00
Andrew Dolgov bcbc5ccc78 batchSubscribe: use validationtextarea 2020-02-28 14:03:29 +03:00
Andrew Dolgov f24ece85a6 add validationtextarea control, use it for filter match editor 2020-02-28 13:53:45 +03:00
Andrew Dolgov 8645f36c5b filter test dialog: pass contents via xhr POST 2020-02-28 12:16:54 +03:00
Andrew Dolgov bdb1e475e7 external subscribe dialog: support dark theme 2020-02-27 13:40:32 +03:00
Andrew Dolgov b2876f6c72 share anything dialog: support dark theme 2020-02-27 13:38:24 +03:00
Andrew Dolgov 4ab3854aed don't generate default.css, replace with themes/light.css as a default root CSS file 2020-02-22 16:22:44 +03:00
Andrew Dolgov 5f30061c92 properly calculate marked counters for feeds in nested categories 2020-02-20 15:54:40 +03:00
Andrew Dolgov 60288f02e8 1. feedtree: show counters for marked articles if view-mode == marked
2. hide/show relevant counter nodes using css
3. cleanup some counter-related code
4. compile default css into light theme to prevent cache-related issues
2020-02-20 14:14:45 +03:00
Andrew Dolgov 5b6d9cee29 prefs layout fixes:
1. prevent layout breakage when using an authenticator which doesn't allow changing passwords
2. show explanatory messages when OTP or password changing is not available
3. allow app (API) passwords when using any auth module
2020-02-18 11:51:04 +03:00
Andrew Dolgov 47135160d1 getCategoryCounters: properly handle categories which don't have any stored feeds/articles 2020-01-27 15:45:04 +03:00
Andrew Dolgov 88d4324e32 mark primary button in the default password dialog 2020-01-25 13:08:29 +03:00
Andrew Dolgov 776fe4768b default password warning: fix close button, don't crash if dialog is recreated (on feed tree reload etc) 2020-01-25 13:02:11 +03:00
Andrew Dolgov 0e9e1ad112 getCategoryUnread: return correct unread count for labels category 2020-01-25 12:53:10 +03:00
Andrew Dolgov cdd2b6fd22 getCategoryChildrenUnread: fix typo 2020-01-25 10:00:22 +03:00
Andrew Dolgov a6ced36189 getCategoryCounters: properly calculate counters for child subcategory entries
getCategoryUnread: cleanup
2020-01-25 09:57:28 +03:00
Andrew Dolgov a64b8a7fdb getCategoryUnread: don't return unread counters for Special category because it doesn't make a lot of sense to do so 2020-01-24 15:54:01 +03:00
Andrew Dolgov 2f6741e49a getFeedCounters: pass parameter correctly to PDO 2020-01-24 14:27:24 +03:00
Andrew Dolgov 6080cca9ca scrap counter cache system; rework counters to sum() booleans instead 2020-01-24 14:25:31 +03:00
Andrew Dolgov 3b29e865b0 support night mode in feed debugger 2020-01-19 10:56:49 +03:00
Andrew Dolgov aa56bcaf44 support night mode when using share by URL 2020-01-19 10:51:08 +03:00
Andrew Dolgov f47998f569 generate_syndicated_feed: use local media in generated feeds if it is available 2020-01-13 17:02:14 +03:00
Andrew Dolgov b1c5ebdace API/getVersion: don't try to use removed VERSION constant 2020-01-05 09:42:57 +03:00
Andrew Dolgov fdb1fc7608 get_version: fix commit/timestamp lost on subsequent invocations because of misbehaving caching 2019-12-20 18:17:05 +03:00
Andrew Dolgov 72d0fac80c remove version.php and VERSION global constant, do version-related things in a slightly less ridiculous way 2019-12-18 14:27:40 +03:00
Andrew Dolgov df464e3d0d update app password notice 2019-12-17 14:58:31 +03:00
Andrew Dolgov 9c0235ab66 show current unread counter on headlines toolbar if sidebar is hidden 2019-12-12 07:37:28 +03:00
Andrew Dolgov 76dd74e0d9 add a hidden tweakable which forbids changing passwords 2019-12-06 17:45:22 +03:00
Andrew Dolgov ac95ab4a65 user css dialog: allow saving and applying CSS without closing the dialog 2019-12-06 14:02:30 +03:00
Andrew Dolgov 565547f5a1 php 7.4 deprecation-related fixes 2019-12-06 07:27:22 +03:00
Andrew Dolgov f30287be65 versioning changes
- remove VERSION_STATIC - https://community.tt-rss.org/t/versioning-changes-for-trunk/2974
- report git commit/timestamp properly by invoking git instead of trying to parse .git/HEAD etc
- remove git-related global constants used when checking for updates
2019-12-05 13:23:54 +03:00
Andrew Dolgov d15f0349bf remove hardcoded iframe domain whitelist, make iframe script whitelisting configurable by plugins (HOOK_IFRAME_WHITELISTED) 2019-11-27 11:52:51 +03:00
Andrew Dolgov e5b7b145e5 cache media: set referrer to source URL when fetching images 2019-11-25 09:48:24 +03:00
Andrew Dolgov 304d3a0b88 tag-related fixes
1. move tag sanitization to feedparser common item class
2. enforce length limit on tags when parsing
3. support multiple tags passed via one dc:subject and other such elements, parse them as a comma-separated list
4. sort resulting tag list to prevent different order between feed updates
5. remove some duplicate code related to tag validation
6. allow + symbol in tags
2019-11-20 18:56:34 +03:00
Andrew Dolgov 8c3efd51ec reset domain hit quota on feed update start 2019-11-17 13:17:21 +03:00
Andrew Dolgov 63ce7ea705 add a plugin page warning for plugins using HOOK_FEED_FETCHED, etc 2019-11-14 07:01:45 +03:00
Andrew Dolgov 0d7b10469b update_rss_feed: add specific logging for HOOK_FETCH_FEED, HOOK_FEED_FETCHED, HOOK_FEED_PARSED handlers 2019-11-14 06:39:45 +03:00
Andrew Dolgov 5bb8dad631 is_gzipped: don't try to strpos() over entire buffer 2019-11-12 07:11:10 +03:00
Andrew Dolgov f75fb6bd75 Merge branch 'master' of git.fakecake.org:tt-rss 2019-11-01 15:40:15 +03:00
Andrew Dolgov 266a805bfe line endings + remove : from headings 2019-11-01 15:40:08 +03:00
Andrew Dolgov 05dffcff6f OTP stuff: update notice wording a bit 2019-11-01 15:27:24 +03:00
Andrew Dolgov 812a6c9f16 auth_internal: fix indents 2019-11-01 15:25:40 +03:00
Andrew Dolgov 249130e58d implement app password checking / management UI 2019-11-01 15:03:57 +03:00
Andrew Dolgov 68b0380118 add placeholder authentication via app passwords if service is passed
forbid logins via regular passwords for services
remove AUTH_DISABLE_OTP
2019-11-01 13:03:06 +03:00
Andrew Dolgov 88cd9e586e add placeholder UI plumbing for app passwords 2019-11-01 12:23:11 +03:00
Andrew Dolgov 904ecc31e2 allow using OTP without GD 2019-11-01 10:32:58 +03:00
Andrew Dolgov 647c7c45eb allow article filters to modify num_comments 2019-10-25 14:37:00 +03:00
Andrew Dolgov 2820f41a4b add notification for OTP being disabled 2019-10-09 09:10:43 +03:00
Andrew Dolgov ef514bc4bd add notifications for mail and password changes
update and shorten some other message templates
2019-10-09 09:04:51 +03:00
jc 8fd11fd53a Add const HOOK_FEED_TREE 2019-10-07 13:46:31 +00:00
jc a243979aaf Add const HOOK_FEED_TREE 2019-10-07 13:44:57 +00:00
Andrew Dolgov 4e05008aac update_rss_feed: force cast initial timestamp value to integer 2019-09-30 11:41:07 +03:00
Rodney Stromlund 958c4dc124 Removed extra php end tag that was showing in the page title 2019-09-17 09:11:30 -05:00
Andrew Dolgov b0d67cd3d0 rework previous to pass unformatted timestamp to plugin, and deal with formatting later
also, move timestamp-related debugging output after plugin handler
2019-09-11 14:04:59 +03:00
Andrew Dolgov 94a12b9674 pass formatted entry timestamp to article filters and allow them to modify it 2019-09-11 11:43:40 +03:00
Andrew Dolgov 06393750c7 headline grouping:
1. block grouping for specific feeds where it doesn't make a lot of sense to do so or flat list fits better (archived, recently read)
2. block per-week grouping for feeds where feed-first grouping makes more sense (fresh, starred, published)
2019-08-30 10:16:38 +03:00
Andrew Dolgov 12a542977e makefeedtree: properly calculate feed total amount in no-categories mode 2019-08-21 19:32:27 +03:00
Andrew Dolgov 667836ec7c SQL logger: log some parameters 2019-08-20 08:09:05 +03:00
Andrew Dolgov 3e4701116d af_readability: add missing file 2019-08-16 15:29:24 +03:00
Andrew Dolgov 865c54abcb fix get_method_url() to use correct method parameter 2019-08-15 20:27:21 +03:00
Andrew Dolgov 10c63ed582 pluginhost: add helper methods to get private/public pluginmethod endpoint URLs 2019-08-15 20:23:45 +03:00
Andrew Dolgov e46ed1ff97 API/getHeadlines: fix order of returned feeds to be consistent with main UI 2019-08-15 19:06:38 +03:00
Andrew Dolgov 0e3b71c535 public/pluginhandler: log invalid requests 2019-08-15 17:17:25 +03:00
Andrew Dolgov 7f8946f14e pluginhost: implement priority-based system for running hooks 2019-08-15 15:34:09 +03:00
Andrew Dolgov 5648b836aa HOOK_ARTICLE_IMAGE: allow hooks to modify article content 2019-08-15 10:22:33 +03:00
Andrew Dolgov 75ab1f05f9 DiskCache::rewriteUrls() - remove img[@srcset] 2019-08-15 09:30:28 +03:00
Andrew Dolgov 9d852e052c add HOOK_ARTICLE_IMAGE for Article::get_article_image() 2019-08-15 09:04:42 +03:00
Andrew Dolgov ffb842f752 Article::get_article_image() - provide cached URLs if possible 2019-08-14 17:21:07 +03:00
Andrew Dolgov 150b040dad Article::get_article_image() - set default to "" instead of "false" 2019-08-14 17:07:01 +03:00
Andrew Dolgov d4df57e1a4 Article::get_article_image() - also return stream URI if possible 2019-08-14 17:04:14 +03:00
Andrew Dolgov 68e2b05f65 * move get_article_image to Article; implement better og:image detection (similar to android app)
* pass article image to API clients in headlines row object
2019-08-14 16:55:38 +03:00
Andrew Dolgov c34726b2b2 consistency: use DiskCache->exists() to check for present files 2019-08-14 12:52:41 +03:00
Andrew Dolgov 6914ad1f74 retire MIN_CACHE_FILE_SIZE 2019-08-14 12:44:50 +03:00
Andrew Dolgov 84974c60a7 RSSUtils::cache_media, cache_enclosures: use DiskCache 2019-08-14 12:15:56 +03:00
Andrew Dolgov 39f459eb04 public/cached_url: forbid sending files with extensions 2019-08-14 10:45:46 +03:00
Andrew Dolgov 3c075bfd21 DiskCache: more strict checking for input filenames, getUrl() is no longer static 2019-08-14 09:49:18 +03:00
Andrew Dolgov fdb6066bf6 * HOOK_ENCLOSURE_ENTRY: pass article_id to handler
* DiskCache: multiple fixes; support isWritable() for cache entries, set content-disposition for send()
* public/cached_url: allow selecting files from sub-caches other than images
* plugins/Cache_Starred_Images: rework to use DiskCache, can be enabled per-user, properly handles article enclosures, etc
2019-08-13 16:40:21 +03:00
Andrew Dolgov bed695b127 DiskCache::expire: support .no-auto-expiry to prevent automatic cache maintenance 2019-08-13 14:18:14 +03:00
Andrew Dolgov 19b9b27662 expire_cached_files to DiskCache::expire() 2019-08-13 14:13:42 +03:00
Andrew Dolgov 133c2b482b move rewrite_cached_urls to DiskCache::rewriteUrls() 2019-08-13 12:46:57 +03:00
Andrew Dolgov b1dd38f880 add DiskCache.getUrl() and use it in a bunch of places 2019-08-13 12:39:21 +03:00
Andrew Dolgov 7602819b98 add DiskCache.send; switch af_zz_imgproxy to use DiskCache 2019-08-13 12:20:53 +03:00
Andrew Dolgov 82694bd6ce add DiskCache.isWritable 2019-08-13 12:15:43 +03:00
Andrew Dolgov 86308b30ea add classes/diskcache 2019-08-13 12:04:36 +03:00
Andrew Dolgov 6825aaff55 update SSL certificate wiki link 2019-08-02 08:03:20 +03:00
Andrew Dolgov aa40a268f0 parser: support multiple dc:creator elements (returns as comma-separated list) 2019-08-02 06:22:42 +03:00
Andrew Dolgov 4edfb526e1 change version.json endpoint URL 2019-08-01 11:51:27 +03:00
Andrew Dolgov e8523733b0 filter dialog: add inline regexp checker 2019-07-12 12:40:42 +03:00
Andrew Dolgov 86a014f23b add placeholder Filters.filterDlgCheckRegExp 2019-07-12 10:47:18 +03:00
Andrew Dolgov ea30061cce public: fix share() returning random unshared articles if uuid is not given 2019-07-05 16:02:51 +03:00
Andrew Dolgov 088fcf8131 move more globals to more appropriate places
set libxml to always use internal errors
2019-06-20 08:40:02 +03:00
Andrew Dolgov 4fa9aee4e7 move several more global functions to more appropriate classes 2019-06-20 08:14:06 +03:00
Andrew Dolgov 6d746453c7 get_feeds_from_html: remove XML preamble hack
move several related helper functions to Feeds class
2019-06-20 07:51:48 +03:00
Andrew Dolgov 270b39a337 queryFeedHeadlines: support start_ts when browsing by tag 2019-06-18 13:10:32 +03:00
Andrew Dolgov d36b64d8a7 event log: simplify styles, prevent horizontal scrolling
sql logger: clip context length to 8kb
2019-05-31 10:31:43 +03:00
Andrew Dolgov 905f038610 search dialog: display active query if searching already 2019-05-20 07:59:53 +03:00
Andrew Dolgov 09f520eda2 fix search query test statement stopping valid modifiers like unread: from working 2019-05-20 07:12:43 +03:00
Andrew Dolgov de713035fd when subscribing, check for valid html content type before checking if requested document has HTML doctype/start element 2019-05-16 10:07:22 +03:00
Andrew Dolgov 9423d72f6c parser: force libxml error messages to valid utf8 2019-05-12 10:13:22 +03:00