| Age | Commit message (Collapse) | Author |
|---|
|
* Rework trusted proxies
Fix https://github.com/FreshRSS/FreshRSS/issues/5502
Follow-up of https://github.com/FreshRSS/FreshRSS/pull/3226
New environment variable `TRUSTED_PROXY`: set to 0 to disable, or to a list of trusted IP ranges compatible with https://httpd.apache.org/docs/current/mod/mod_remoteip.html#remoteiptrustedproxy
New internal environment variable `CONN_REMOTE_ADDR` to remember the true IP address of the connection (e.g. last proxy), even when using mod_remoteip.
Current working setups should not observe any significant change.
* Minor whitespace
* Safer trusted sources during install
Rework of https://github.com/FreshRSS/FreshRSS/pull/5358
https://github.com/FreshRSS/FreshRSS/issues/5357
* Minor readme
|
|
* processing of depreciations and updating of code to php7.2 minimum
* Autoformat many strange array indenting
And revert a few unwanted changes
---------
Co-authored-by: Luc <sanchezluc+freshrss@gmail.com>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
* comments added for each step
* infos about FreshRSS added in first step
* Remove reference to Kriss and Leed from install page
I do not find that informative, and quite confusing. Moved to readme instead.
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
A subset of
https://github.com/phpstan/phpstan-strict-rules
|
|
* Automatic trusted_sources during install
Fix https://github.com/FreshRSS/FreshRSS/issues/5357
* Fix install for http_auth
* Update lib/lib_rss.php
Co-authored-by: Luc SANCHEZ <4697568+ColonelMoutarde@users.noreply.github.com>
* Fill null exception e-mail
* Revert some syntax
* Minor parentheses
|
|
* Complete PHPStan Level 6
Fix https://github.com/FreshRSS/FreshRSS/issues/4112
And initiate PHPStan Level 7
* PHPStan Level 6 for tests
* Use phpstan/phpstan-phpunit
* Update to PHPStan version 1.10
* Fix mixed bug
* Fix mixed return bug
* Fix paginator bug
* Fix FreshRSS_UserConfiguration
* A couple more Minz_Configuration bug fixes
* A few trivial PHPStan Level 7 fixes
* A few more simple PHPStan Level 7
* More files passing PHPStan Level 7
Add interface to replace removed class from https://github.com/FreshRSS/FreshRSS/pull/5251
* A few more PHPStan Level 7 preparations
* A few last details
|
|
* Modernize Constants and use new constant 'currentUser'
* Add FreshRSS_Context::currentUser() function and use
* Add FreshRSS_Context::currentUser() function and use
* Add FreshRSS_Context::currentUser() function and use
* Add FreshRSS_Context::currentUser() function and use
* Add FreshRSS_Context::currentUser() function and use
* Update app/Controllers/userController.php
* Update app/Controllers/userController.php
* Update app/Controllers/userController.php
* Update app/Models/Auth.php
* Update p/api/greader.php
* Update p/api/greader.php
* Update p/api/greader.php
* Update app/Models/Context.php
* Update app/Models/LogDAO.php
* Update lib/Minz/Log.php
* Update p/api/greader.php
* Update app/layout/header.phtml
* Update app/views/helpers/export/articles.phtml
* Update cli/do-install.php
* Remarque's from Alkarex
* Remarque's from Alkarex
* Refactor using new Minz_User class
* Consistent naming of public constants
---------
Co-authored-by: Luc <sanchezluc+freshrss@gmail.com>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
* less buttons on step 1
* add form-group
* jump to next step as link not as button
* improve navigation bar HTML structure
* sync password-show button with extra.js
* fix CSS
* i18n: step 4: split text strings for help text (max chars default user)
* show menu button if mobile view
* improve header layout with empty div
* step 5: button in form-actions
* improve buttons in goup-controls
* Favicon added
* Button: Font color hover btn-attention
* install check step: add subtitles
* fix .btn
* improve tabindex
* improve showPW_this()
|
|
(#4998)
* feat: lazy load logo on install, logo on header and theme thumbs in config slide
|
|
Fix regressions from https://github.com/FreshRSS/FreshRSS/pull/4561
Example:
```
PHP Fatal error: Uncaught TypeError: Argument 1 passed to checkToken() must be an instance of FreshRSS_UserConfiguration, instance of Minz_Configuration given, called in /var/www/FreshRSS/p/api/greader.php on line 1091 and defined in /var/www/FreshRSS/p/api/greader.php:223
Stack trace:
#0 /var/www/FreshRSS/p/api/greader.php(1091): checkToken()
#1 {main}
thrown in /var/www/FreshRSS/p/api/greader.php on line 223
```
Improvement of https://github.com/FreshRSS/FreshRSS/pull/4110
|
|
* Fix conflicts
* Update doc
* Misses
* Update prefix in CSS
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
* Custom logo HTML
Add option for custom HTML logo/title in the main Web UI view.
Can potentially be different per user.
#fix https://github.com/FreshRSS/FreshRSS/pull/3830/files#r850472247
* logo_html in main config
With new `./data/config.custom.php` to provide custom values before install
* Docker documentation
* whitespace
* Auto relax CSP to allow images for HTML logo
* Documentation
|
|
* Use typographic quotes
* A few fixes
* Fix
* Fix not saved
* Implement feedback
* Detail
* Revert spoken English fixes
Left for a future dedicated discussion
* More reverts
* Final reverts
* Final minor
|
|
* Fix most PHPDocs errors
Contributes to https://github.com/FreshRSS/FreshRSS/issues/4103
https://phpstan.org/writing-php-code/phpdoc-types
* Avoid func_get_args
Use variadic syntax instead https://php.net/manual/functions.arguments#functions.variable-arg-list
And avoid dynamic functions names when possible to more easily identify calls and unused functions.
Contributes to https://github.com/FreshRSS/FreshRSS/issues/4103
* PHPStan level 3
* PHPStand level 4
* Update default to PHPStan level 4
* Towards level 5
* Fix level 4 regression
* Towards level 5
* Pass PHPStan level 5
* Towards level 6
* Remove erronenous regression from changelog
https://github.com/FreshRSS/FreshRSS/pull/4116
|
|
* delete unused $user_default_config
* move inner named function
* moved $auth_type
* improve readability
* phpcs fixes
|
|
* replace div with main
* include the slider into main
* format source
* add close icon for the extension slider
* replace div with main
* Update shortcut.phtml
* fixed the nits
|
|
(#3962)
* wip
* CSS better btn
* CSS: RTL
* button is better than a
* improved CSS for button
|
|
* template + translations
translation made with Google translate + check with my knowledge + recheck with invers translation
* Update app/install.php
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
#fix https://github.com/FreshRSS/FreshRSS/issues/3735
Before, we were relying on an exception during the first stages of user initalisation. Now the check is explicit and cleaner, producing a more appropriate HTTP response for the API.
|
|
Minor whitespace from https://github.com/FreshRSS/FreshRSS/pull/3721
|
|
* navigation: disable next steps
* change icon to full icon (incl. text)
* navigation is a ordered list
* set mouse title on each navigation item
* navigation: next steps in grey italc
|
|
|
|
* Remove file data/do-install.txt
This file was painful during update because we had to remember to delete
it each time. It added a security issue by allowing an attacker to
reinstall FreshRSS during the update process.
The (more powerful) file data/applied_migrations.txt has been introduced
in 8619cf6fa to replace do-install.txt. We had to wait for at least one
release in order to make sure existing instances of FreshRSS created the
migration file. It should be ok now.
* Replace i18n install.not_deleted key
* Update documentation to update FreshRSS
|
|
#fix https://github.com/FreshRSS/FreshRSS/issues/3528
config was not properly reloaded after being populated
|
|
* If cURL is not installed, the script stops with a fatal error.
The script stops with the following message.
Fatal error: Uncaught Error: Call to undefined function curl_version()
* Update app/install.php
Fix whitespace
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
* Update Travis line length
* Also check whitespace in CSS files
* Fix line length ext.php
* More syntax, string templates
* Fix exclude-pattern
* Test JS files as well
|
|
csrf tokens) (#3432)
|
|
* Check that PHP session is working during install
#fix https://github.com/FreshRSS/FreshRSS/issues/3198
* Minor whitespace
* Missing he
|
|
When refactoring the install in #3368, a variable was unwillingly removed.
It's back in the code now.
|
|
The username is retrieved by 2 different means to support different
configurations and architectures. If there is no way to find the
username, the "unknown" string is displayed instead.
See #2758
|
|
I've extracted the template in the check requirement to
ensure that future modifications will be easier.
|
|
* Add constant for PHP requirements
This new constant is used for PHP version check.
This way, we won't forget to modify some part of the code base.
* Remove PHP version checks
Some checks were obsolete because they were checking unsupported
PHP versions.
|
|
* Avoid manual intialisations of system or user configuration
More consistent use of Context
* Simplify FreshRSS_Context::initUser
* Remove a few manual get_user_configuration
* A bit of debugging
* Fix context user init
* Fix install
* Fix concurrency
Concurrent requests could lead to bad race condition
* Fix actualize cron
Fix case when system i initialised several times
|
|
Before, the temp path was not check during install. With some configuration,
FRSS was not working because of a non-writable temp directory. It happened
with XAMPP on MacOS X but it might be the case for other platforms.
Now, the temp path is checked during install to make sure it is writable.
See #3310
|
|
As FRSS always comes with Minz, there is no need to validate that
it is there during install. If it turns out we need to validate that,
we might need to validate other libraries as well.
|
|
Fix warning about session already started during install.
Refactor more code to use the same approach than in main FreshRSS.
Did not address all read accesses (not important) but did cover all
write accesses (important)
|
|
Co-authored-by: Guillaume Pugnet <guillaume.pugnet@avanade.com>
|
|
* Minz allow parallel sessions
#fix https://github.com/FreshRSS/FreshRSS/issues/3093
* Array optimisation
* Array optimisation missing
* Reduce direct access to $_SESSION except in install process
* Fix session start headers warning
* Use cookie only the first time the session is started:
`PHP Warning: session_start(): Cannot start session when headers
already sent in /var/www/FreshRSS/lib/Minz/Session.php on line 39`
* New concept of volatile session for API calls
Optimisation: do not use cookies or local storage at all for API calls
without a Web session
Fix warning:
```
PHP Warning: session_destroy(): Trying to destroy uninitialized session
in Unknown on line 0
```
* Only call Minz_Session::init once in our index
It was called twice (once indirectly via FreshRSS->init())
* Whitespace
* Mutex for notifications
Implement mutex for notifications
https://github.com/FreshRSS/FreshRSS/pull/3208#discussion_r499509809
* Typo
* Install script is not ready for using Minz_Session
|
|
* Add a Minz_Migrator class
Until now, we updated the database structure somewhere in the code but
it wasn't always consistent and somehow complicated to find. Also, this
code was always checked for nothing.
The Migrator aims to improve and ease the creation of migrations. It
should improve the way we apply the updates, making the update server
almost useless.
References:
- example of migration (before Migrator): https://github.com/FreshRSS/FreshRSS/commit/cc0db9af4f980829faa4bf0960617807b32fb4fa#diff-11a53443fa81512b128c66b065df0679R10
- update server: https://github.com/FreshRSS/update.freshrss.org
- PR moving the code of the update server to the core: https://github.com/FreshRSS/FreshRSS/pull/1760
* Automatically apply migrations
For now, administrators are used to have nothing to do during an update
else than getting the new code. I suggest to keep this behaviour and
automatically apply migrations if we detect new ones.
Another solution would be to create a CLI command and ask admins to call
it after getting the new code. It could hide migrations errors to end
users, but admin can forget to apply migrations since there are not used
to it.
* Add documentation for Minz Migrator
* Execute migrations even if next ones are applied
* Change mechanism to prevent multiple update at once
* Use mkdir to create the lock and to test it exists
Reference: https://stackoverflow.com/a/731634
* Append .lock to applied_migrations_path
There are no needs to define another file to serve as a lock.
* Change migrations naming convention
* Apply suggestions from code review
Co-Authored-By: Alexandre Alapetite <alexandre@alapetite.fr>
* Perform a low-cost migration versions comparaison
* Clarify version numbers concerning the migration system
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
If you want to block users without deleting their account, you can now
disable them from the interface.
|
|
* - Always display help under the targeted element.
- Use same help place for HTTP authentication in 'add' feed view than in 'update' feed view.
- Move help under input field in register view, as all other places (homogeneity).
* - Don't use "!important" as suggested by @Alkarex.
|
|
* Add dir info to gen.php & install.php!
* Add `make rtl` command
Using rtlcss because it has actually has a command-line application!
|
|
Now FRSS supports more than one admin. Admins have the same rights as
the default user. Admins can promote or demote other users. The default
user is considered as an admin even if it does not have the admin flag
enabled.
See #2096
|
|
* Fix wrong getHeader refactoring
Fix regression introduced by
https://github.com/FreshRSS/FreshRSS/pull/2373
The refactoring required a call to init() even for static functions,
which is most of the time not done.
Removed premature abstraction of `$_SERVER`, which was the root cause of
the bug.
https://github.com/FreshRSS/FreshRSS/issues/2748#issuecomment-569898931
* Refactoring: Move serverIsPublic to Minz_Request
* Add mitigations for wrong configurations
Due to the regression, we have some existing configurations with a bad
base_url
* Forgot one instance
|
|
* Extract hashPassword method from userController
* Extract and refactor fever key-related methods
* Move update of API password to dedicated action
* Simplify the controller by refactoring feverUtil
* Add locales
|
|
* Fix database autocreate at install
Several bugs prevented the auto-creation of the database in Web and CLI
installs.
Fix
https://github.com/YunoHost-Apps/freshrss_ynh/issues/84#issuecomment-549818408
* initDb
https://github.com/FreshRSS/FreshRSS/pull/2635#discussion_r343107795
|
|
* Take advantage of PHP 5.4+ short echo
https://php.net/migration54.new-features thanks to
https://github.com/FreshRSS/FreshRSS/pull/2495
Use `<?= ?>` instead of `<?php echo; ?>`
10kB of code saved :-)
Done with regular expression:
```
<\?php echo (.+?);? *\?>
<?= \1 ?>
```
* Try Travis fix
https://github.com/squizlabs/PHP_CodeSniffer/issues/2045#issuecomment-395238272
|
|
* Change archiving config page layout
I've changed some wording and moved actions into a
maintenance section.
* Update purge action
Now we have more control on the purge action. The configuration allows
us to choose what to keep and what to discard in a more precise way.
At the moment, the configuration applies for all feeds.
* Add purge configuration on feed level
Now the extend purge configuration is available on feed level.
It is stored as attributes and will be used in the purge action.
* Update purge action
Now the purge action uses the feed configuration if it exists and
defaults on user configuration if not.
* Add empty option in period list
* Fix configuration warnings
* Add archiving configuration on categories
See #2369
* Add user info back
* Add explanations in UI
* Fixes for SQLite + error + misc.
* Fix invalid feed reference
* Short array syntax
Only for new code, so far
* Fix prefix error
* Query performance, default values
Work in progress
* Fix default values and confirm before leaving
Form cancel and confirm changes before leaving were broken.
And start taking advantage of the short echo syntax `<?= ?>` as we have
moved to PHP 5.4+
* More work
* Tuning SQL
* Fix MariaDB + performance issue
* SQL performance
* Fix SQLite bug
* Fix some attributes JSON encoding bugs
Especially for SQLite export/import
* More uniform, fix bugs
More uniform between global, category, feed settings
* Drop special cases for old articles during refresh
Instead will use lastSeen date with the new archiving logic.
This was generating problems anyway
https://github.com/FreshRSS/FreshRSS/issues/2154
* Draft drop index keep_history
Not needed anymore
* MySQL typo
Now properly tested with MySQL, PostgreSQL, SQLite
* More work for legacy values
Important to avoid overriding user's preference and risking deleting
data erroneously
* Fix PHP 7.3 / 7.4 warnings
@aledeg "Trying to use values of type null, bool, int, float or resource
as an array (such as $null["key"]) will now generate a notice. "
https://php.net/migration74.incompatible
* Reintroduce min articles and take care of legacy parameters
* A few changes forgotten
* Draft of migration + DROP of feed.keep_history
* Fix several errors
And give up using const for SQL to allow multiple database types (and we
cannot redefine a const)
* Add keep_min to categories + factorise archiving logic
* Legacy fix
* Fix bug yield from
* Minor: Use JSON_UNESCAPED_SLASHE for attributes
And make more uniform
* Fix sign and missing variable
* Fine tune the logic
|
|
|
|
* PDO refactor
* Automatic prefix when using the syntax `_tableName`
* Uniformity: MySQL is now PDO::ATTR_EMULATE_PREPARES = false just like SQLite and PostgreSQL, with consequences such as only one statement per query
* Use PDO methods exec(), query(), prepare() + execute() in a more efficient way
* Remove auto-update SQL code for versions older than FreshRSS 1.5 (3 years old)
* The name of the default category is set in PHP instead of in the DB (simplies SQL and allows changing the name according to the FreshRSS language)
* Rename `->bd` to `->pdo` (less of a frenshism, and more informative)
* Fix some requests, which were not compatible with MySQL prepared statements
* Whitespace
* Fix syntax for PostgreSQL sequences
+ MySQL install
* Minor formatting
* Fix lastInsertId for PostgreSQL
* Use PHP 5.6+ const
Take advantage of https://github.com/FreshRSS/FreshRSS/pull/2527
https://www.php.net/manual/en/migration56.new-features.php
* A bit of forgotten PHP 5.6 simplification for cURL
* Forgotten $s
* Mini fix custom user config
https://github.com/FreshRSS/FreshRSS/pull/2490/files#r326290346
* More work on install.php but not finished
* install.php working
* More cleaning of PDO in install
* Even more simplification
Take advantage of PDO->exec() to run multiple statements
* Disallow changing the name of the default category
https://github.com/FreshRSS/FreshRSS/pull/2522#discussion_r326967724
|
Alexandre Alapetite
Luc SANCHEZ
maTh
Sadetdin EYILI
berumuron
ThomasSmallert
hesch
Alexis Degrugillier
GuillaumePugnet
Julien-Pierre Avérous
Frans de Jonge
