Commit Graph

145 Commits

Author SHA1 Message Date
Andrew Dolgov e6532439d6 force strip_tags() on all user input unless explicitly allowed 2017-12-03 23:35:38 +03:00
Andrew Dolgov 7c6f7bb0aa fix some minor issues found by code analyzer 2017-12-03 23:08:04 +03:00
Andrew Dolgov 7c0eb1b621 add defaultPasswordWarning nag dialog 2017-12-03 20:46:27 +03:00
Andrew Dolgov 187abfe732 main classes: remove sql_bool_to_bool() kludge 2017-12-03 09:35:59 +03:00
Andrew Dolgov e4291ba12f otpenable: use pdo prepare() 2017-12-03 09:10:14 +03:00
Andrew Dolgov 7039370368 pref-prefs: PDO 2017-12-02 12:01:56 +03:00
Andrew Dolgov 667d32fd26 remove obsolete forum plugin links
mention how to enable system plugins in the UI
2017-07-04 16:28:45 +03:00
Andrew Dolgov e130b283a7 db prefs: ignore cache when preference requested for specified UID (in case cached value of a different profile is stored)
prefs: show (and set) enabled plugins for default profile only
2017-06-24 14:29:07 +03:00
Andrew Dolgov ea79a0e033 remove some redundant php closing tags 2017-04-26 20:24:18 +03:00
Andrew Dolgov 1bfe1d7b31 simplify error handling
* less convoluted exception dialogs
* use window.onerror for the majority of exception catching/reporting
* remove most of now useless try/catch blocks
* report stacktrace instead of manually specified error locations
2017-03-04 14:34:44 +03:00
Jérémy DECOOL ba2853caac Prevent target='_blank' vulnerability on dynamic link 2017-02-12 11:01:36 +01:00
Andrew Dolgov 328118d12e use print_hidden() for hidden dojo form fields 2017-02-10 14:36:21 +03:00
Andrew Dolgov 22387de225 preferences: set themes dropdown to default if selected theme is missing 2017-01-26 22:37:22 +03:00
Andrew Dolgov e432b8fbe2 implement cache-busting for default theme.css
night theme: small fixes
2017-01-25 12:17:41 +03:00
Andrew Dolgov 312742db6e updates: auto-disable CURL if open_basedir is enabled, notify possible issues w/ plugins 2016-01-13 18:12:31 +03:00
Andrew Dolgov 5bdcb8fd78 remove option ALLOW_DUPLICATE_POSTS as confusing/useless 2016-01-07 22:01:35 +03:00
Andrew Dolgov 583f163f40 don't init plugins when loading everything to make a list, duh 2015-10-08 17:02:32 +03:00
Andrew Dolgov b87744534a add plugin-based filter actions (see example plugin in attic)
bump schema
2015-08-11 23:28:42 +03:00
Andrew Dolgov fb8a032a6b minor textarea fixes 2015-08-11 18:44:07 +03:00
Andrew Dolgov e79e274fc8 add styles for several other dijit elements 2015-08-11 16:41:05 +03:00
Andrew Dolgov 5956f312b7 add a bit more visible separate infobox for password change results 2015-07-06 12:10:15 +03:00
Andrew Dolgov 415a3b50c9 fix some minor typos and stuff 2015-06-07 18:41:18 +03:00
Andrew Dolgov b9634eb8b8 support loading themes from themes.local 2015-06-05 18:08:19 +03:00
Andrew Dolgov e6c826fa2f remove AUTO_ASSIGN_LABELS (confusing, idiots keep enable it and complain of the results) 2015-02-21 13:08:50 +03:00
Andrew Dolgov f6cbe9a5a0 require version information in all additional themes 2014-12-09 15:16:53 +03:00
Andrew Dolgov 78744d48d7 add FEEDS_SORT_BY_UNREAD to blacklist (removed) 2014-06-10 08:54:18 +04:00
Andrew Dolgov 4a80c57c50 remove some unused code reported by phpmd 2014-02-19 15:42:52 +04:00
Andrew Dolgov ab85ad89b3 otp: use application name in provisioning uri 2014-01-19 00:29:42 +04:00
Andrew Dolgov 06a39024dd plugin list: fix system plugins image position 2013-07-10 13:11:40 +04:00
Andrew Dolgov 2f20dd58d2 integrate silk icons by Mark James 2013-07-10 13:09:12 +04:00
Andrew Dolgov 5bbc4bb4b0 move stylesheets to css/, reference default tt-rss stylesheets from
default.css to make custom themes easier
2013-05-19 21:22:01 +04:00
Andrew Dolgov 8429af52be adjust previous patch phrasing a bit 2013-05-19 11:27:17 +04:00
Mike Frysinger 5bac322258 document the date format string
I assumed the format string was related to strftime except all of the
fields looked really weird.  After digging in the code, this string is
actually used with php's date().  Add a note for this so other people
can jump quickly to the relevant documentation (which is useful for
non-php peeps who have no idea what this is).
2013-05-19 03:19:55 -04:00
Andrew Dolgov 11334fdf6c make appearance of some preference panes more similar 2013-05-12 12:36:25 +04:00
Rasmus Lerdorf 6f7798b643 Fixing bugs found by static analysis 2013-05-07 00:35:10 -07:00
Andrew Dolgov 8d090a910b use css nth-child instead of old even/odd class hacks for normal mode 2013-05-04 12:01:53 +04:00
Andrew Dolgov bd02d29e1b prefs: update some descriptions to be more consistent 2013-04-29 15:58:15 +04:00
Andrew Dolgov 7b149552cb remove language selector from the login form, store language in the database per-user 2013-04-29 15:54:23 +04:00
Andrew Dolgov e57a1507ae do not use session cookie lifetime for additional cookies 2013-04-29 13:03:28 +04:00
Andrew Dolgov a845a3d5e5 otp: display notice if GD is missing 2013-04-29 09:20:30 +04:00
Andrew Dolgov 48ed517e8d pref_prefs: remove second argument from the constructor 2013-04-19 08:40:19 +04:00
Andrew Dolgov 1ffe3391f9 make pluginhost a singleton 2013-04-18 12:27:34 +04:00
Andrew Dolgov 52d88392da move db-prefs to OO 2013-04-18 12:00:01 +04:00
Andrew Dolgov d9c85e0f11 classes: use OO DB interface 2013-04-17 20:12:14 +04:00
Andrew Dolgov a42c55f02b fix blank character after opening bracket in function calls 2013-04-17 18:34:18 +04:00
Andrew Dolgov 72ff013729 fix pluginhost created without dbh 2013-04-17 18:30:22 +04:00
Andrew Dolgov 6322ac79a0 remove $link 2013-04-17 16:48:41 +04:00
Andrew Dolgov 2cbdc95bb0 add a separate tab for the logger 2013-04-17 08:42:39 +04:00
Andrew Dolgov 9deca86d96 require entering current one time code to enable otp 2013-04-16 21:07:26 +04:00
Andrew Dolgov 4e53956add implement error log viewer 2013-04-16 20:16:15 +04:00
Andrew Dolgov 723bcdb213 update description of DEFAULT_UPDATE_INTERVAL (2) 2013-04-09 22:28:06 +04:00
Andrew Dolgov 3ddbefabef update description of DEFAULT_UPDATE_INTERVAL 2013-04-09 22:18:59 +04:00
Andrew Dolgov bf87833884 fix prefs reset not working properly 2013-04-05 07:52:50 +04:00
Andrew Dolgov 29c8fa080e add language dropdown to prefs 2013-04-04 18:15:37 +04:00
Andrew Dolgov 122e9d788e add a dropdown button action to save and exit prefs (closes #660) 2013-04-04 14:53:36 +04:00
Andrew Dolgov 8ef9645da0 pref-prefs: add help for USER_CSS_THEME 2013-04-02 21:41:30 +04:00
Andrew Dolgov 9db8e60784 update pref descriptions 2013-04-02 16:46:08 +04:00
Andrew Dolgov 5f462963a0 remove blank string gettext invocations 2013-04-02 16:38:12 +04:00
Andrew Dolgov dfad9d7a36 pref-prefs: don't use schema-defined help/desc/section names 2013-04-02 16:20:43 +04:00
Andrew Dolgov f17cac6b26 retire DEFAULT_ARTICLE_LIMIT, infinite scrolling is fast enough to make it superfluous 2013-04-02 15:32:47 +04:00
Andrew Dolgov 9d76e75451 move editPrefProfiles to pref-prefs 2013-04-01 12:34:49 +04:00
Andrew Dolgov 00e347410e move customizeCSS to pref-prefs 2013-04-01 12:30:34 +04:00
Andrew Dolgov 5d40efc9b0 add ability to select CSS files in themes/ 2013-03-28 21:04:29 +04:00
Andrew Dolgov 8aa01d7989 disable SORT_HEADLINES_BY_FEED_DATE; replace with a toolbar newest first order 2013-03-28 20:51:06 +04:00
Andrew Dolgov b9a06a0e39 retire frankly ridiculous sorting by score/title/date/default
keep defaul and oldest first instead of REVERSE_HEADLINES
2013-03-28 20:44:43 +04:00
Andrew Dolgov 6deafe90db modify notify/warn/error boxes css 2013-03-27 22:03:55 +04:00
Andrew Dolgov bb5e1a328d enable 4th field in plugin->about() to serve as a more info link 2013-03-27 18:16:30 +04:00
Andrew Dolgov 65f85248ce pref-prefs: mention tt-rss forums as a plugin source 2013-03-27 16:24:43 +04:00
Andrew Dolgov 33b3db3372 for consistency, show hotkey-toggleable options relating to headlines list in preferences 2013-03-27 12:42:01 +04:00
Andrew Dolgov 744a1b0080 disable show additional preferences checkbox as repeatedly confusing 2013-03-27 12:29:51 +04:00
Tomas Chvatal 9a73994c5e Allow translation of notices in prefs. 2013-03-24 21:24:24 +04:00
Andrew Dolgov 3972bf5981 db_escape_string: specify link parameter for consistency; sessions: do not force-close db connection in _close() 2013-03-22 09:14:55 +04:00
Andrew Dolgov 451ff72289 rework pref-prefs to use checkboxes 2013-03-19 23:14:23 +04:00
Andrew Dolgov f4c02a157a fix warning when saving plugins with 0 plugins enabled (closes #542) 2013-02-28 09:13:00 +04:00
Andrew Dolgov 81c54e3d8d only allow clearing data of active plugins 2013-02-23 21:27:50 +04:00
Andrew Dolgov 96f0a3e79d remove themes/ 2013-01-23 15:36:32 +04:00
Andrew Dolgov 5d9abb1e11 add plugin storage table to schema; add ability to clear plugin data 2012-12-27 19:20:36 +04:00
Andrew Dolgov 0f28f81f89 move authentication modules to plugins/ 2012-12-27 15:14:44 +04:00
Andrew Dolgov 699daf5856 add several HOOK_PREFS_TAB_SECTION hook points 2012-12-27 01:13:18 +04:00
Andrew Dolgov 65d1e2501b plugins web list style tweaks 2012-12-25 12:31:07 +04:00
Andrew Dolgov 23be0bd3fb hide example plugins from the admin page 2012-12-25 10:08:49 +04:00
Andrew Dolgov d2a421e3cb more work on user-selectable plugins; properly process system and user plugins 2012-12-25 10:02:08 +04:00
Andrew Dolgov de612e7a38 experimental support for per-user plugins (bump schema) 2012-12-25 00:45:10 +04:00
Andrew Dolgov 5cedb389d2 split self-updater gui to updater/ plugin 2012-12-23 18:07:41 +04:00
Andrew Dolgov 6065f3ad63 add support for plugins in prefs 2012-12-23 16:15:34 +04:00
Andrew Dolgov d1e31c7a74 Revert "only enable OTPHP on php version 5.3+"
This reverts commit 1835f145a8.
2012-09-15 17:17:44 +04:00
Andrew Dolgov 1835f145a8 only enable OTPHP on php version 5.3+ 2012-09-14 02:52:49 +04:00
Andrew Dolgov 3ca8af7fd8 require entering password before enabling/disabling otp 2012-09-04 12:39:33 +04:00
Andrew Dolgov 973392b9f5 pref-prefs/otpqrcode: do not show image if otp is enabled 2012-09-03 18:42:17 +04:00
Andrew Dolgov fb70f26ed9 implement one time passwords using TOTP 2012-09-03 18:33:46 +04:00
Andrew Dolgov f9ebb32ca0 hide more obscure preferences under "show more" checkbox in pref-prefs,
bump schema
2012-08-30 13:10:28 +04:00
Andrew Dolgov 808dd053c6 implement web-based self updater (closes #395) 2012-08-23 22:56:04 +04:00
Andrew Dolgov 1280612515 self-update: update up to date prompt 2012-08-23 22:02:29 +04:00
Andrew Dolgov 27211afe92 implement experimental web-based updater 2012-08-23 20:23:19 +04:00
Andrew Dolgov 369dbc19d6 rework class system to use subdirectories
add placeholder plugin/hook system
2012-08-17 14:22:33 +04:00
Renamed from classes/pref_prefs.php (Browse further)