| Age | Commit message (Collapse) | Author |
|---|
|
* SimplePie: Fix HTTP 301 permanent redirection
When adding feeds it worked fine, but detecting permanent redirects for
existing feeds was sometimes broken (only when PHP open_basedir was not
set).
Indeed, using the built-in CURLOPT_FOLLOWLOCATION instead of the manual
method in SimplePie hides the list of HTTP redirects along the way, and
prevents the distinction of e.g. 301 vs. 302 redirects.
This patch disables CURLOPT_FOLLOWLOCATION in SimplePie, and fixes the
manual method at the same time.
The use of CURLOPT_FOLLOWLOCATION was nevertheless not systematic (only
when open_basedir was not set), so now there is only one logic
independent of open_basedir.
I will send a PR upstream to SimplePie.
How to test: pick a feed with 301 redirection such as HTTP to HTTPS,
e.g. http://ing.dk/rss/term/341
Manually change back to previous address (to simulate a feed that is
changing address)
Refresh feed and observe whether the 301 redirect is obeyed.
* Wrong blank
|
|
When ssl_verify option is set to false for a feed, allow lower security such as SHA-1 signatures.
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900984
https://stackoverflow.com/questions/58342699/php-curl-curl-error-35-error1414d172ssl-routinestls12-check-peer-sigalgwr
Fix error of type `cURL error 35: error:1414D172:SSL routines:tls12_check_peer_sigalg:wrong signature`
Example of feeds:
https://www.version2.dk/it-nyheder/rss
https://ing.dk/rss/nyheder
|
|
* Relaxed to allow underscore _ in URL hostnames
#fix https://github.com/FreshRSS/FreshRSS/issues/3132
https://bugs.php.net/bug.php?id=64948
* Minor fix in favicons redirect
* Minor fix in relative HREF for favicons
|
|
When the user do not want to use a shortcut, he can let the shortcut value
empty. This will save an empty configuration thus disabling the shortcut.
The load default action allows to use default shortcut only for disabled
shortcuts.
See #3110
|
|
`file_put_contents` can return 0 if there’s nothing to write in the
`applied_migrations.txt` file, which is equivalent to `false`. Since
there are no migrations yet, this is what happens. Because this value
(i.e. `0`) is tested next in the `app/install.php` file, the install
script was failing.
|
|
* Add a Minz_Migrator class
Until now, we updated the database structure somewhere in the code but
it wasn't always consistent and somehow complicated to find. Also, this
code was always checked for nothing.
The Migrator aims to improve and ease the creation of migrations. It
should improve the way we apply the updates, making the update server
almost useless.
References:
- example of migration (before Migrator): https://github.com/FreshRSS/FreshRSS/commit/cc0db9af4f980829faa4bf0960617807b32fb4fa#diff-11a53443fa81512b128c66b065df0679R10
- update server: https://github.com/FreshRSS/update.freshrss.org
- PR moving the code of the update server to the core: https://github.com/FreshRSS/FreshRSS/pull/1760
* Automatically apply migrations
For now, administrators are used to have nothing to do during an update
else than getting the new code. I suggest to keep this behaviour and
automatically apply migrations if we detect new ones.
Another solution would be to create a CLI command and ask admins to call
it after getting the new code. It could hide migrations errors to end
users, but admin can forget to apply migrations since there are not used
to it.
* Add documentation for Minz Migrator
* Execute migrations even if next ones are applied
* Change mechanism to prevent multiple update at once
* Use mkdir to create the lock and to test it exists
Reference: https://stackoverflow.com/a/731634
* Append .lock to applied_migrations_path
There are no needs to define another file to serve as a lock.
* Change migrations naming convention
* Apply suggestions from code review
Co-Authored-By: Alexandre Alapetite <alexandre@alapetite.fr>
* Perform a low-cost migration versions comparaison
* Clarify version numbers concerning the migration system
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
Before, when the user was not logged in, pages where translated with the '_' user language.
Now, they are translated with the user preferred language if there is one supported by FreshRSS or with the system default language.
|
|
* Update PHPMailer to 6.1.6
Fixes a security issue in PHPMailer 6.1.5 and earlier
* Remove .DS_Store
|
|
* Fix PostgreSQL database auto-create with limited rights
#fix https://github.com/FreshRSS/FreshRSS/issues/3009
Install would fail if the user is not even allowed to connect to the default `postgres` database.
* Confused by custom Minz_PDOConnectionException
|
|
* Update PHPMailer to 6.1.5
This PR update the bundled version of PHPMAiler
|
|
#fix https://github.com/FreshRSS/FreshRSS/issues/2981
Relax OPML
|
|
For
https://github.com/FreshRSS/FreshRSS/issues/2952#issuecomment-626218921
And fix a little bug writing logs with the wrong user name
|
|
* sort results in find() method
* Update lib/lib_phpQuery.php
Co-Authored-By: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
https://github.com/FreshRSS/FreshRSS/pull/2852 was merged upstream
https://github.com/simplepie/simplepie/pull/643
Follow-up of https://github.com/FreshRSS/FreshRSS/pull/2814
|
|
* Fix contentSelectorPreviewAction
Was not compatible with https://github.com/FreshRSS/FreshRSS/pull/2588
* Fix lib_phpQuery for <head ...>
#fix https://github.com/FreshRSS/FreshRSS/issues/2864
* Replace split() by explode() for PHP7 compatibility
https://php.net/str-split
* Fix for document with a `<head>` tag more complicated, like `<head
profile="http://www.w3.org/1999/xhtml/vocab">`
|
|
#fix https://github.com/FreshRSS/FreshRSS/issues/2524
In general, we should avoid using the same cache for feeds that are fetched with distinct parameters / settings..
PR upstream to SimplePie https://github.com/simplepie/simplepie/pull/643
|
|
* Add core extension for Google Groups
#Fix https://github.com/FreshRSS/FreshRSS/issues/2835
Add ability to discover RSS feeds for Google Groups
Based on https://github.com/FreshRSS/FreshRSS/pull/2837
* Allow HTTP in addition of HTTPS
|
|
* New core-extensions to allow Docker volumes for third-party extensions
#Fix https://github.com/FreshRSS/FreshRSS/issues/2650
Split our extensions directory into two:
1) Core extensions shipped with FreshRSS in ./lib/core-extensions/
2) Third-party extensions modified by end-users in ./extensions/ which
can easily be mounted as a Docker volume
* Example of Docker Compose with extensions
* Back-compatibility + fix array merge bug
|
|
https://github.com/simplepie/simplepie/compare/1.5.3..a72e1dfafe7870affdae3edf0d9a494e4fa31bc6
Follow up of the update to 1.5.3
https://github.com/FreshRSS/FreshRSS/pull/2702
Requires PHP 5.6+
https://github.com/FreshRSS/FreshRSS/pull/2527#issuecomment-592952451
|
|
* Fix wrong getHeader refactoring
Fix regression introduced by
https://github.com/FreshRSS/FreshRSS/pull/2373
The refactoring required a call to init() even for static functions,
which is most of the time not done.
Removed premature abstraction of `$_SERVER`, which was the root cause of
the bug.
https://github.com/FreshRSS/FreshRSS/issues/2748#issuecomment-569898931
* Refactoring: Move serverIsPublic to Minz_Request
* Add mitigations for wrong configurations
Due to the regression, we have some existing configurations with a bad
base_url
* Forgot one instance
|
|
* Fix logging environment constants
* COPY_LOG_TO_SYSLOG was only working when Syslog was used
* FRESHRSS_ENV was not properly used to set logging level
* Simplify code
Always call `openlog()` even when it is not used
* Always specify syslog properties
https://github.com/FreshRSS/FreshRSS/pull/2745#discussion_r362207445
* $username is also needed further down
* No new line in syslog
|
|
* Fix PostgreSQL install
Fix https://github.com/FreshRSS/FreshRSS/issues/2732
When username is different from database name
* Add more comments
https://github.com/FreshRSS/FreshRSS/pull/2735/files/2b7807d1b3fdd0dc34538faad465934fb737fa3a#r361846714
|
|
For a moment, PHP wasn't able to connect to my database. I tried to
understand what happened, unfortunately, the logs were not very helpful
(it basically showed me information that I had in my configuration
file).
I changed the dsn string by the message from the raised exception, I
think it will be more useful.
Other call of Minz_PDOConnectionException are passing error messages
instead of string connection, so I took the opportunity to rename the
constructor argument.
|
|
For an extension, I needed to call a script from an external domain.
Unfortunately, the CSP headers didn't allow this domain and I had to
patch manually the FreshRSS FrontController for my extension. It's
obviously not a long-term solution since it has nothing to do in the
core of FRSS, and I don't want to apply this patch manually at each
update.
With this patch, I allow changing the CSP header from inside the
controller actions. It allows extensions to modify headers. It's also an
opportunity to remove a bit of code from the FrontController. I wasn't
happy with the previous implementation anyhow.
Reference: https://github.com/flusio/xExtension-Flus/commit/ed12d56#diff-ff12e33ed31b23bda327499fa6e84eccR143
|
|
It adds two new hooks to have more options for influencing with extensions.
|
|
|
|
I split the code into more manageable chunks to make it more readable.
It's now easier to get a grasp on it. In the process, I tried to use
the yoda style notation to avoid unintentional variable assignement.
I also tried to exit early to avoid many "if" levels.
I have also added a better way to handle headers and a way to extract
languages from the request. It will be easier to choose which language
to use for i18n.
|
|
* Remove magicQuotesOff (#2697)
Magic quotes have been deprecated since PHP 5.4 and as of PHP 7.4 `get_magic_quotes_gpc()` displays a warning.
* Remove unused Minz_Helper::stripslashes_r
`Minz_Helper::stripslashes_r` is no longer used.
It's last user was `Minz_Request::magicQuotesOff`
|
|
* Old ICU: INTL_IDNA_VARIANT_2003 fallback
Fix https://github.com/FreshRSS/FreshRSS/issues/2676
Fix https://github.com/FreshRSS/FreshRSS/issues/2677
ICU version < 4.6: When INTL_IDNA_VARIANT_UTS46 is not available, use INTL_IDNA_VARIANT_2003
Cf. https://github.com/PrestaShop/PrestaShop/pull/11995
|
|
Fix https://github.com/FreshRSS/FreshRSS/issues/2645
|
|
Fix https://github.com/FreshRSS/FreshRSS/issues/2644
|
|
* Fix database autocreate at install
Several bugs prevented the auto-creation of the database in Web and CLI
installs.
Fix
https://github.com/YunoHost-Apps/freshrss_ynh/issues/84#issuecomment-549818408
* initDb
https://github.com/FreshRSS/FreshRSS/pull/2635#discussion_r343107795
|
|
* New environment variable COPY_LOG_TO_SYSLOG
False by default.
Makes it easy to monitor all logs from Syslog or STDERR (e.g. docker
logs).
* Suggestion of native constants
|
|
* Workaround for MySQL limitation 1093
https://github.com/FreshRSS/FreshRSS/pull/2335#issuecomment-545194606
including minor Travis fixes
|
|
* Change archiving config page layout
I've changed some wording and moved actions into a
maintenance section.
* Update purge action
Now we have more control on the purge action. The configuration allows
us to choose what to keep and what to discard in a more precise way.
At the moment, the configuration applies for all feeds.
* Add purge configuration on feed level
Now the extend purge configuration is available on feed level.
It is stored as attributes and will be used in the purge action.
* Update purge action
Now the purge action uses the feed configuration if it exists and
defaults on user configuration if not.
* Add empty option in period list
* Fix configuration warnings
* Add archiving configuration on categories
See #2369
* Add user info back
* Add explanations in UI
* Fixes for SQLite + error + misc.
* Fix invalid feed reference
* Short array syntax
Only for new code, so far
* Fix prefix error
* Query performance, default values
Work in progress
* Fix default values and confirm before leaving
Form cancel and confirm changes before leaving were broken.
And start taking advantage of the short echo syntax `<?= ?>` as we have
moved to PHP 5.4+
* More work
* Tuning SQL
* Fix MariaDB + performance issue
* SQL performance
* Fix SQLite bug
* Fix some attributes JSON encoding bugs
Especially for SQLite export/import
* More uniform, fix bugs
More uniform between global, category, feed settings
* Drop special cases for old articles during refresh
Instead will use lastSeen date with the new archiving logic.
This was generating problems anyway
https://github.com/FreshRSS/FreshRSS/issues/2154
* Draft drop index keep_history
Not needed anymore
* MySQL typo
Now properly tested with MySQL, PostgreSQL, SQLite
* More work for legacy values
Important to avoid overriding user's preference and risking deleting
data erroneously
* Fix PHP 7.3 / 7.4 warnings
@aledeg "Trying to use values of type null, bool, int, float or resource
as an array (such as $null["key"]) will now generate a notice. "
https://php.net/migration74.incompatible
* Reintroduce min articles and take care of legacy parameters
* A few changes forgotten
* Draft of migration + DROP of feed.keep_history
* Fix several errors
And give up using const for SQL to allow multiple database types (and we
cannot redefine a const)
* Add keep_min to categories + factorise archiving logic
* Legacy fix
* Fix bug yield from
* Minor: Use JSON_UNESCAPED_SLASHE for attributes
And make more uniform
* Fix sign and missing variable
* Fine tune the logic
|
|
|
|
#fix https://github.com/FreshRSS/FreshRSS/issues/2549
|
|
|
|
* PDO refactor
* Automatic prefix when using the syntax `_tableName`
* Uniformity: MySQL is now PDO::ATTR_EMULATE_PREPARES = false just like SQLite and PostgreSQL, with consequences such as only one statement per query
* Use PDO methods exec(), query(), prepare() + execute() in a more efficient way
* Remove auto-update SQL code for versions older than FreshRSS 1.5 (3 years old)
* The name of the default category is set in PHP instead of in the DB (simplies SQL and allows changing the name according to the FreshRSS language)
* Rename `->bd` to `->pdo` (less of a frenshism, and more informative)
* Fix some requests, which were not compatible with MySQL prepared statements
* Whitespace
* Fix syntax for PostgreSQL sequences
+ MySQL install
* Minor formatting
* Fix lastInsertId for PostgreSQL
* Use PHP 5.6+ const
Take advantage of https://github.com/FreshRSS/FreshRSS/pull/2527
https://www.php.net/manual/en/migration56.new-features.php
* A bit of forgotten PHP 5.6 simplification for cURL
* Forgotten $s
* Mini fix custom user config
https://github.com/FreshRSS/FreshRSS/pull/2490/files#r326290346
* More work on install.php but not finished
* install.php working
* More cleaning of PDO in install
* Even more simplification
Take advantage of PDO->exec() to run multiple statements
* Disallow changing the name of the default category
https://github.com/FreshRSS/FreshRSS/pull/2522#discussion_r326967724
|
|
After moving to PHP 5.6+ https://github.com/FreshRSS/FreshRSS/pull/2527
it should not be necessary to have the JSON.php fallback anymore, which
was mainly there due to an obscure licensing issue 6 years ago in Debian
https://wiki.debian.org/qa.debian.org/jsonevil , which broke Ubuntu
13.10 https://github.com/FreshRSS/FreshRSS/issues/306
|
|
Discussion
https://github.com/FreshRSS/FreshRSS/pull/2495#issuecomment-531911473
Needed for constant arrays
https://www.php.net/manual/en/migration56.new-features.php which will be
used in https://github.com/FreshRSS/FreshRSS/pull/2522
|
|
* CLI to export/import any database to/from SQLite
Require PHP 5.5+ https://github.com/FreshRSS/FreshRSS/pull/2495
* Travis
* Execution rights
* Fix wrong static fields
* Fix MySQL bad default buffering
https://stackoverflow.com/questions/6895098/pdo-mysql-memory-consumption-with-large-result-set/6935271#6935271
https://php.net/manual/ref.pdo-mysql
* Fix count on progression
* Avoid static DB information
To ease working with two DBs at the same time
* Less static, simplify
Needs some testing
* Small corrections
* Special case for SQLite to SQLite
* Modify special case for SQLite
* Remove special case for SQLite
More uniform logic for the 3 databases.
Fix wrong DROP TABLE for SQLite.
* Drop indexes
* Revert "Drop indexes"
This reverts commit f28d2bae0935745c1c74ea38f2ee083f3fd4bf9d.
* Fix deletion
* Fix classic export
* Update cli/README.md
Co-Authored-By: Marien Fressinaud <dev@marienfressinaud.fr>
* Addressing part of review
* Remove goto :cry:
* Travis
* Comment for SQLite case
* Fix missing fields when inserting
|
|
* Add an email field to the profile page
I reuse the `mail_login` from the configuration. I'm not sure if it's
useful today (I would say it was used when Persona login was available).
A good improvement would be to rename `mail_login` into `email` so it
would be more intuitive to use.
* Add boolean to the conf to force email validation
This commit only adds a configuration item.
* Add email during registration if email must be validated
* Set email token to validate when email changes
* Block access to FreshRSS if email is not validated
* Send email when address is changed
* Allow to resend the validation email
* Allow the user to change its email while blocked
* Document the email validation feature
* fixup! Allow the user to change its email while blocked
* tec: Autoload PHPMailer lib
* Validate email address format
* Add feedback on validation email resend action
* Allow to logout when user is blocked
* fix: Change default email "from"
* Reorganize i18n keys
* Complete all the locales with default english
* Hide sidebar (profile page) if email is not validated
* Check email requirements on registration
* Allow admin to specify email when creating users
* Don't check email format if value is empty
* Remove trailing comma in userController
Co-Authored-By: Alexandre Alapetite <alexandre@alapetite.fr>
* Set PHPMailer validator to html5 before sending email
* fixup! Remove trailing comma in userController
|
|
* New environment variable to control development mode
Suggestion of new enviromnent variable, as discussed
https://github.com/FreshRSS/FreshRSS/pull/2492#issuecomment-523613920
* Update Docker/README.md
Co-Authored-By: Frans de Jonge <fransdejonge@gmail.com>
* Update Docker/README.md
Co-Authored-By: Frans de Jonge <fransdejonge@gmail.com>
* Update Docker/README.md
Co-Authored-By: Frans de Jonge <fransdejonge@gmail.com>
* Declare ENV in Dockerfile
Tested
|
|
* Require PHP 5.5+
https://github.com/FreshRSS/FreshRSS/issues/2469#issuecomment-522255093
I think it would be reasonable to require PHP 5.5+ for the core of
FreshRSS after all.
As Frenzie said, WordPress currently requires PHP 5.6.20+, and it is the
most popular PHP application.
We would loose about 20% of the PHP servers according to
https://w3techs.com/technologies/details/pl-php/5/all but I expect this
number to drop fast after the release of CentOS 8 (CentOS accounts for
17% of Linux servers
https://w3techs.com/technologies/details/os-linux/all/all ).
Distributions:
* no impact on Ubuntu, Fedora, Alpine, OpenWRT, FreeBSD, OpenSuze,
Mageia, as all active versions have PHP > 7
* no impact on OpenSuze, Synology, as all active versions have PHP > 5.5
* we drop Debian 8 Jessie (-2020) - we keep supporting Debian 9 Stretch
(2017-06) - current is Debian 10 Buster
* we drop Red Hat 7 (-2024) - we keep supporting RHEL 8 (2019-05)
* we drop CentOS 7 (-2024) - we will support CentOS 8 (to be released
soonish)
When dropping older versions, I can better like when it is for a good
reason, and there is actually one with PHP 5.5, namely generators
(yield) https://php.net/language.generators.overview which I consider
using.
* Version note for JSON.php
* hex2bin
* Update .travis.yml
Co-Authored-By: Frans de Jonge <fransdejonge@gmail.com>
|
|
* Add Minz_View::_path method (replace change_view)
The `_path` method is more powerful since it allows to choose the file
extension. It is also Minz_Request-agnostic, which is useful to reuse
the Minz_View class in other places.
`change_view` is now deprecated and a warning is logged if we use it.
* Provide a Minz_Mailer to send emails
It uses PHPMailer under the hood and only supports PHP >= 5.5
|
|
Hooks allow to:
- add items in menus
- perform new actions at the end of FreshRSS initialization
|
|
The `_useLayout` function is marked as deprecated, replaced by a more
powerful `_layout` function.
|
|
* Update .htaccess
* Update htaccess for apache2.4
* Update htaccess for apache2.4
* Update htaccess for apache2.4
|
|
https://github.com/FreshRSS/FreshRSS/issues/2359
|
Alexandre Alapetite
Alexis Degrugillier
Marien Fressinaud
Brooke
Eris
Clemens Neubauer
Craig Andrews
Robert Kaussow
koocotte
