Customized version of FreshRSS, a self-hosted RSS feed aggregator https://git.rdnlsmith.com/fresh-rss-custom/atom?h=1.18.0 2021-02-28T11:26:24+00:00 2021-02-28T11:26:24+00:00 Alexandre Alapetite alexandre@alapetite.fr 2021-02-28T11:26:24+00:00 urn:sha1:947e918f05d70d5dce4efa4ef403e593581c3fa9 * Update Travis line length * Also check whitespace in CSS files * Fix line length ext.php * More syntax, string templates * Fix exclude-pattern * Test JS files as well 2021-01-17T18:57:39+00:00 Alexandre Alapetite alexandre@alapetite.fr 2021-01-17T18:57:39+00:00 urn:sha1:2981714f1506fab937d037857e698fb61e1e2b49 Small bug from https://github.com/FreshRSS/FreshRSS/pull/3070 , leading to an exception due to not being able to log the error. Minor: Also add some very primitive mitigation of timing attacks (to find out whether a user exists or not, although I have not checked whether this might be guessed through other means) - before, if the user did not exist, the response was always measurably faster; now it is harder to tell due to the noise 2021-01-02T20:20:19+00:00 Alexandre Alapetite alexandre@alapetite.fr 2021-01-02T20:20:19+00:00 urn:sha1:9c6682e7edf8cbad828088cbeeef66c7ecefdd9a * Avoid manual intialisations of system or user configuration More consistent use of Context * Simplify FreshRSS_Context::initUser * Remove a few manual get_user_configuration * A bit of debugging * Fix context user init * Fix install * Fix concurrency Concurrent requests could lead to bad race condition * Fix actualize cron Fix case when system i initialised several times 2020-10-06T21:19:45+00:00 Alexandre Alapetite alexandre@alapetite.fr 2020-10-06T21:19:45+00:00 urn:sha1:0319cc9d234e107109d988f36f2361b25f9f0777 * Minz allow parallel sessions #fix https://github.com/FreshRSS/FreshRSS/issues/3093 * Array optimisation * Array optimisation missing * Reduce direct access to $_SESSION except in install process * Fix session start headers warning * Use cookie only the first time the session is started: `PHP Warning: session_start(): Cannot start session when headers already sent in /var/www/FreshRSS/lib/Minz/Session.php on line 39` * New concept of volatile session for API calls Optimisation: do not use cookies or local storage at all for API calls without a Web session Fix warning: ``` PHP Warning: session_destroy(): Trying to destroy uninitialized session in Unknown on line 0 ``` * Only call Minz_Session::init once in our index It was called twice (once indirectly via FreshRSS->init()) * Whitespace * Mutex for notifications Implement mutex for notifications https://github.com/FreshRSS/FreshRSS/pull/3208#discussion_r499509809 * Typo * Install script is not ready for using Minz_Session 2020-10-05T17:03:33+00:00 Alexandre Alapetite alexandre@alapetite.fr 2020-10-05T17:03:33+00:00 urn:sha1:76523693592a58c7b15c2860ad95133f551d86a5 * Minz: Attach a notification to a request Notifications should be attached to a request, not to a global session. Fix https://github.com/FreshRSS/FreshRSS/pull/3096#issuecomment-654891906 Prepare https://github.com/FreshRSS/FreshRSS/pull/3096 * Rename array * Avoid string constants Implement https://github.com/FreshRSS/FreshRSS/pull/3208#issuecomment-703243863 * Improved logic * Simplify storage https://github.com/FreshRSS/FreshRSS/pull/3208#discussion_r499511213 * Fix notification bug in configuration/system 2020-06-14T17:50:09+00:00 Alexis Degrugillier aledeg@users.noreply.github.com 2020-06-14T17:50:09+00:00 urn:sha1:caeb660f29d13db62d5381c262aa03e12f201ea2 If you want to block users without deleting their account, you can now disable them from the interface. 2020-06-05T08:10:46+00:00 Alexis Degrugillier aledeg@users.noreply.github.com 2020-06-05T08:10:46+00:00 urn:sha1:36bda2e715ed822cc495ff419ad565084e241f43 Before, when the user was not logged in, pages where translated with the '_' user language. Now, they are translated with the user preferred language if there is one supported by FreshRSS or with the system default language. 2020-04-17T08:56:06+00:00 Alexandre Alapetite alexandre@alapetite.fr 2020-04-17T08:56:06+00:00 urn:sha1:a49db010e4a5e48017d8583c374210242a680ddd * A wrong login must produce HTTP 403 #fix https://github.com/FreshRSS/FreshRSS/issues/2901 https://github.com/FreshRSS/FreshRSS/pull/2794/files#r389319248 * Just for consistency 2020-03-07T23:14:29+00:00 Marien Fressinaud dev@marienfressinaud.fr 2020-03-07T23:14:29+00:00 urn:sha1:51edbc1578fe49b281b39d91451d2b9df0092028 * Keep the user on login page on failure * Show an error if username already exists * Check the password format in the backend * Return a better message if username is invalid * Add a title to the login page * wip: Improve look of login and register pages * Set a capital M in username help message On the registration page, username tip started with a minuscule, while the password tip started with a capital. * Change message if username is taken 2019-09-18T15:25:31+00:00 Marien Fressinaud dev@marienfressinaud.fr 2019-09-18T15:25:31+00:00 urn:sha1:410c4af6bb92ebd5d4754017a46b7420941345f2