71c8d8d365
queryFeedHeadlines:
...
- there should be no need for DISTINCT query when checking for first id
- fix DISTINCT query part being undefined when browsing by tags
- add query debugging for tags
4 years ago
7608f3d7b0
Merge branch 'master' of git.fakecake.org:tt-rss
4 years ago
2edfcbbd85
get_article_image: add support for ARTICLE_KIND_ALBUM
4 years ago
85b788709a
setArticleTags: prevent duplicate tags being assigned if called twice
...
editTagsDlg: prevent dialot from being submitted twice
normalize_categories: filter out empty values that failed validation
4 years ago
d06cc8267b
queryFeedHeadlines: bring back DISTINCT for a limited set of columns
4 years ago
e40b79ab33
get_article_image: return basic kind to which flavor image belongs
4 years ago
db3fcb861b
viewfeed: reintroduce timestamps, fix debugging, fix some indents
4 years ago
20af8d5caf
queryFeedHeadlines: properly define for a few more variables
4 years ago
1580748c17
queryFeedHeadlines: make sure feed_check_qpart is always defined
4 years ago
904d5f7a3b
queryFeedHeadlines: no longer select DISTINCT headlines for performance reasons (this also removes _HEADLINES_QUERY_NO_DISTINCT)
4 years ago
e9673eb13d
experimental: add optional _HEADLINES_QUERY_NO_DISTINCT to disable DISTINCT keyword in queryFeedHeadlines query
4 years ago
8089fcc762
feed editor: also show default value for purge interval
4 years ago
d48460969d
feed editor: show actual value of default update interval
4 years ago
d1ee30d1ba
prevent horizontal scrolling in filter editor dialog if rules are very long
4 years ago
328d7b55c8
URLHelper: fix E_DEPRECATED error related to idn_to_ascii()
4 years ago
01c0d4bbfd
allow audio to be sent to client from the cache
4 years ago
f782ee46ad
Fix incorrect parenthesis placement in `count()`.
4 years ago
f1fd5e8db1
mark feed as having an error if update task fails (and no last error is already stored for this feed)
4 years ago
935f163919
api: catchupfeed: allow passing 'mode' (optional), bump api version
4 years ago
4ea407f613
when auto disabling feeds based on DAEMON_UNSUCCESSFUL_DAYS_LIMIT only consider feeds with recent attempts to update (to prevent clashes with not recently logged users, etc)
4 years ago
38a7a1da88
hide uninteresting errors in several DOMDocument->loadHTML() invocations
4 years ago
8a02a728c8
add DAEMON_UNSUCCESSFUL_DAYS_LIMIT tunable (defaults to 30 days)
4 years ago
e641547d37
set ttrss_feeds.last_successful_update as needed
4 years ago
15e8ee3471
housekeeping: add task to cleanup orphan feed icons
4 years ago
82bc740363
Logger::log - allow specifying errno
...
bump severity of PDO exception log messages to E_USER_WARNING
4 years ago
3b17c45887
exclude E_USER_NOTICE from recent events icon
4 years ago
23d20847a3
update_rss_feed: fallback to previous method if passthru() is not available
4 years ago
c70e26db31
validate url: feed urlencoded() URL to filter_var() only
4 years ago
7c8bed0524
accept -1 as a valid exit code for per-feed update processes
4 years ago
335dcd3bf9
don't mention last_updated in non-zero failure error message because that's not what it means
4 years ago
3534b8dfa7
improve logging for per-feed update task failures
4 years ago
74cd60d7cc
update_rss_feed: don't return as if failed on http 304
4 years ago
d4d0e976dc
update-feed: exit with non-zero exit code if update_rss_feed() failed
...
daemon: log if per-feed update task terminated with non-zero exit code
4 years ago
0761533d0a
lock per-feed update processes based on feed ID to reduce possibilty
...
of concurrent updates
4 years ago
528b387563
update individual feed in a separate process to prevent PHP fatal errors
...
(for example, OOM) from stopping the entire batch
this should also slightly increase memory budget for update processes
4 years ago
e993d4feb2
Merge branch 'master' of git.fakecake.org:tt-rss
4 years ago
71e9f70b8a
search_to_sql: use per-user default language instead of hardcoded english if isn't specified explicitly
4 years ago
d0ed7890df
prev: add missing class
4 years ago
215f388992
move timestamp-related stuff to a separate class
4 years ago
05744bb474
fix updater never scheduling feeds for update if they never been updated before while having default update interval set
4 years ago
8fb2baecdc
another hack for validation of URLs with invalid characters
4 years ago
a897c4165b
validate URLs: convert IDN to punycode before passing URL to filter_var()
4 years ago
6811d0bde2
use self:: in some places to invoke static methods from the same class
4 years ago
b5710baf34
- don't fail on non-ascii characters when validating URLs
...
- fix IDN hostnames not being converted properly
4 years ago
ab6aa0ad3e
fix previous re: resolve_redirects
4 years ago
74568df4ff
remove a lot of stuff from global context (functions.php), add a few helper classes instead
4 years ago
3dd4169b5f
clarify some URL validation-related error messages
4 years ago
4785f21316
update_rss_feed: log effective URL after fetching
...
validate_url: treat scheme as case-insensitive
4 years ago
05ef9aac2f
update URL pointing to version.json
4 years ago
03a337a660
add basic safe mode which doesn't load any user plugins
4 years ago
a4525d31b2
replace FALSE with false so that static analyzer shuts up about it
4 years ago
afa0023c51
don't try to update manually disabled feeds even if they haven't been updated before or are marked for a manual update
4 years ago
37f41a5246
forgotpass: use type strict comparison for reset token
4 years ago
e3adacc588
fix several cases of Db class being invoked as wrong name (as DB)
4 years ago
89d53a7f49
fix typo in previous
4 years ago
1f79d614c4
fix OTP QR code not displayed because of CSRF token passed as a query
...
parameter
use type-strict comparison when validating CSRF token on the backend
4 years ago
9d3c794983
subscribe: allow pre-filling feed URL if passed via query string
4 years ago
33fdde249e
pass CSRF token to opml import and feed icon replace dialogs
4 years ago
42b5564d1e
editarticletags: load dialog via XHR
4 years ago
0706a328a4
handler: default base csrf_ignore() to false
4 years ago
0a142912d3
backend handler: require CSRF, remove obsolete code
4 years ago
154417d80b
public/logout: require valid CSRF token
4 years ago
cbcb10a272
Feeds: load quickaddfeed and search dialogs via XHR w/ CSRF protection
4 years ago
8080c525fd
- backend: require CSRF token to be passed via POST
...
- do not leak CSRF token via GET request in feed debugger
- rework Article/redirect to use POST
4 years ago
e670ac2ee5
require CSRF token for Article/redirect
4 years ago
7e50c6c4b5
- enable CSRF support earlier
...
- remove rpc/sanityCheck from CSRF-excluded calls
4 years ago
79f102c25d
af_proxy_http: never print received data directly, always redirect to cached_url
...
cache/getUrl: basename() passed filename just in case
4 years ago
4a074111b5
user preferences: forbid < and > characters when changing passwords (were silently stripped on save because of clean())
4 years ago
da98ba662e
public/subscribe: require valid CSRF token when validating the form
4 years ago
c3d14e1fa5
- fix multiple vulnerabilities in af_proxy_http
...
- fix vulnerability in rewrite_relative_url() which prevented some URLs from being properly absolutized
- fetch_file_contents: validate all URLs before requesting them
- validate URLs: explicitly whitelist http and https scheme, forbid everything else
- DiskCache/cached_url: only serve whitelisted content types (images, video)
- simplify filename/URL handling code, remove and consolidate some less-used functions
4 years ago
a922b3cc6d
order_to_override_query: allow HOOK_HEADLINES_CUSTOM_SORT_OVERRIDE plugins to override built-in sorting
4 years ago
67f02e2aa7
properly return counters for labels with zero assigned articles
...
refs https://community.tt-rss.org/t/label-counter-doesnt-update-when-count-goes-down-to-zero/3766
4 years ago
88ced02622
Silence php 7.2 error message generated in `session_set_cookie_params`.
4 years ago
ddf9227dc4
pluginhost: allow overriding default sort modes via HOOK_HEADLINES_CUSTOM_SORT_MAP etc
4 years ago
dfa65e9374
move order_by to SQL override logic into a separate function
4 years ago
48be005774
instead of taking batch timestamp and score (?) into account, make oldest first sorting work consistently with newest first - i.e. rely on feed-provided timestamp
4 years ago
05a47e5cf4
OPML: export/import per-feed purge interval
4 years ago
c4ee0e25a1
more int/string type mismatches on getCategories
4 years ago
3da618e0ea
make sure all ints are casted (to int) on getCategories
4 years ago
68b78ecd3d
Merge branch 'bugfix/invalid-opml' of wn/tt-rss into master
4 years ago
b6372a846d
when exporting OPML via web UI, add user login to the filename
4 years ago
fa653f5a43
prefs: show disabled filters properly on mysql
4 years ago
2996a3942f
prefs: show root of filter tree as enabled so it's not grayed out
4 years ago
614d3ac1bf
Properly check if OPML file was loaded during import.
4 years ago
c352e872e9
core: pass found enclosures to HOOK_ARTICLE_FILTER
...
af_redditimgur: remove enclosures if we found something to embed because it's going to be a low-res thumbnail
4 years ago
6eb94f1e13
better support for image srcset attributes as discussed in https://community.tt-rss.org/t/problem-with-img-srcset/3519
5 years ago
d01ad09800
eslint-related fixes; move a few things from global context to App
5 years ago
c8cc845d5b
when removing favicon, reset its auto-refresh timer
5 years ago
06d2c65193
calculate_article_hash: don't die() on previous, woops
5 years ago
3a142cbf58
calculate_article_hash: ignore some useless or read-only fields (i.e. GUID) when calculating hash
5 years ago
cd1f3cb8cc
* store UID in article hashed GUID separately so it could be migrated cleanly to a different instance
...
* store resulting GUID as a JSON object so it could be extended easier if needed
5 years ago
7a2e9bef77
add --opml-export to update.php
5 years ago
c275a0cd33
DiskCache: append fake file extension when sending cached files based on mime type to make saving files easier
5 years ago
3a4b9249a9
DiskCache: properly deal with srcset attributes
5 years ago
4a00f96733
remove unneeded var_dump()
5 years ago
6573541873
* add HOOK_ENCLOSURE_IMPORTED
...
* pass feed id to HOOK_FEED_PARSED
5 years ago
44b1f0fcc0
search: add support for label:XXX search keyword
...
Labels: enforce case-insensitive lookups when creating/looking for labels
5 years ago
1f2a721905
allow overriding built-in templates via templates.local
5 years ago
ec1b0befc7
add support for video[@src] in media cache
...
it's a valid alternative to a source[@src] child element:
https://developer.mozilla.org/en-US/docs/Web/HTML/Element/video
5 years ago
cdde23b4dc
actually download <video> posters to media cache
...
video[@poster] is already supported in the rewriting logic but never
actually downloaded
5 years ago
b4287a2e98
fix url rewriting for videos with poster and src
...
if a poster attribute was present only that would have been rewritten
and the (arguably more important) src attribute would be left as-is
5 years ago
208e02c47d
PluginHost/save_data: use separate PDO connection to prevent issues with nested transactions
5 years ago
bcbc5ccc78
batchSubscribe: use validationtextarea
5 years ago
f24ece85a6
add validationtextarea control, use it for filter match editor
5 years ago
8645f36c5b
filter test dialog: pass contents via xhr POST
5 years ago
bdb1e475e7
external subscribe dialog: support dark theme
5 years ago
b2876f6c72
share anything dialog: support dark theme
5 years ago
4ab3854aed
don't generate default.css, replace with themes/light.css as a default root CSS file
5 years ago
5f30061c92
properly calculate marked counters for feeds in nested categories
5 years ago
60288f02e8
1. feedtree: show counters for marked articles if view-mode == marked
...
2. hide/show relevant counter nodes using css
3. cleanup some counter-related code
4. compile default css into light theme to prevent cache-related issues
5 years ago
5b6d9cee29
prefs layout fixes:
...
1. prevent layout breakage when using an authenticator which doesn't allow changing passwords
2. show explanatory messages when OTP or password changing is not available
3. allow app (API) passwords when using any auth module
5 years ago
47135160d1
getCategoryCounters: properly handle categories which don't have any stored feeds/articles
5 years ago
88d4324e32
mark primary button in the default password dialog
5 years ago
776fe4768b
default password warning: fix close button, don't crash if dialog is recreated (on feed tree reload etc)
5 years ago
0e9e1ad112
getCategoryUnread: return correct unread count for labels category
5 years ago
cdd2b6fd22
getCategoryChildrenUnread: fix typo
5 years ago
a6ced36189
getCategoryCounters: properly calculate counters for child subcategory entries
...
getCategoryUnread: cleanup
5 years ago
a64b8a7fdb
getCategoryUnread: don't return unread counters for Special category because it doesn't make a lot of sense to do so
5 years ago
2f6741e49a
getFeedCounters: pass parameter correctly to PDO
5 years ago
6080cca9ca
scrap counter cache system; rework counters to sum() booleans instead
5 years ago
3b29e865b0
support night mode in feed debugger
5 years ago
aa56bcaf44
support night mode when using share by URL
5 years ago
f47998f569
generate_syndicated_feed: use local media in generated feeds if it is available
5 years ago
b1c5ebdace
API/getVersion: don't try to use removed VERSION constant
5 years ago
fdb1fc7608
get_version: fix commit/timestamp lost on subsequent invocations because of misbehaving caching
5 years ago
72d0fac80c
remove version.php and VERSION global constant, do version-related things in a slightly less ridiculous way
5 years ago
df464e3d0d
update app password notice
5 years ago
9c0235ab66
show current unread counter on headlines toolbar if sidebar is hidden
5 years ago
76dd74e0d9
add a hidden tweakable which forbids changing passwords
5 years ago
ac95ab4a65
user css dialog: allow saving and applying CSS without closing the dialog
5 years ago
565547f5a1
php 7.4 deprecation-related fixes
5 years ago
f30287be65
versioning changes
...
- remove VERSION_STATIC - https://community.tt-rss.org/t/versioning-changes-for-trunk/2974
- report git commit/timestamp properly by invoking git instead of trying to parse .git/HEAD etc
- remove git-related global constants used when checking for updates
5 years ago
d15f0349bf
remove hardcoded iframe domain whitelist, make iframe script whitelisting configurable by plugins (HOOK_IFRAME_WHITELISTED)
5 years ago
e5b7b145e5
cache media: set referrer to source URL when fetching images
5 years ago
304d3a0b88
tag-related fixes
...
1. move tag sanitization to feedparser common item class
2. enforce length limit on tags when parsing
3. support multiple tags passed via one dc:subject and other such elements, parse them as a comma-separated list
4. sort resulting tag list to prevent different order between feed updates
5. remove some duplicate code related to tag validation
6. allow + symbol in tags
5 years ago
8c3efd51ec
reset domain hit quota on feed update start
5 years ago
63ce7ea705
add a plugin page warning for plugins using HOOK_FEED_FETCHED, etc
5 years ago
0d7b10469b
update_rss_feed: add specific logging for HOOK_FETCH_FEED, HOOK_FEED_FETCHED, HOOK_FEED_PARSED handlers
5 years ago
5bb8dad631
is_gzipped: don't try to strpos() over entire buffer
5 years ago
f75fb6bd75
Merge branch 'master' of git.fakecake.org:tt-rss
5 years ago
266a805bfe
line endings + remove : from headings
5 years ago
05dffcff6f
OTP stuff: update notice wording a bit
5 years ago
812a6c9f16
auth_internal: fix indents
5 years ago
249130e58d
implement app password checking / management UI
5 years ago
68b0380118
add placeholder authentication via app passwords if service is passed
...
forbid logins via regular passwords for services
remove AUTH_DISABLE_OTP
5 years ago
88cd9e586e
add placeholder UI plumbing for app passwords
5 years ago
904ecc31e2
allow using OTP without GD
5 years ago
647c7c45eb
allow article filters to modify num_comments
5 years ago
2820f41a4b
add notification for OTP being disabled
5 years ago
ef514bc4bd
add notifications for mail and password changes
...
update and shorten some other message templates
5 years ago
Andrew Dolgov