| Age | Commit message (Collapse) | Author |
|---|
|
* SimplePie prevent cache polution
#fix https://github.com/FreshRSS/FreshRSS/pull/3367#issuecomment-766250249
#fix https://github.com/FreshRSS/FreshRSS/pull/3494#issuecomment-790113663
* Fix bug
* Minor improvement
* Update cache filename in FreshRSS (1/2)
* cacheFilename temp
* New SimplePie get_cache_filename()
* Fix typos
* Update lib/SimplePie/SimplePie.php
Typo
* Include user-agent and timeout
* fix array_merge
* Declaration
* force_feed was lost in a commit
|
|
* Update Travis line length
* Also check whitespace in CSS files
* Fix line length ext.php
* More syntax, string templates
* Fix exclude-pattern
* Test JS files as well
|
|
Extension user files can be stored easily in the user folder instead of the static folder.
|
|
* Upgrade PHPMailer to 6.2.0
* Bump PHPMailer to 6.3.0
Co-authored-by: berumuron <dev@marienfressinaud.fr>
|
|
* Manual update to SimplePie 1.5.6
Follow-up of https://github.com/FreshRSS/FreshRSS/pull/3206 (1.5.5)
Differences
https://github.com/simplepie/simplepie/compare/692e8bc19bc4aca20b57474cca2a1d234ce89d63...155cfcfacdbf7ee4e9cbb837e70564cdd6a40ac0
Related to https://github.com/FreshRSS/FreshRSS/pull/3416 ,
https://github.com/FreshRSS/FreshRSS/pull/3404
* Typo
|
|
* fix: handle big xml files which cause out of memory exceptions by working with chunks in cleanMd5 function (because of preg_replace) and parse (because of xml_parse)
* Review
* Fixes in error handling (case of the last call to xml_parse, case of
error during fopen, break in case of XML error...)
* Takes advantage of the chunking for computing the cache hash
* Larger chunks of 1MB
Co-authored-by: e <bokes74743@tjuln.com>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
The new hook allows to add maintenance extensions at the user level.
See #3398
|
|
It should have been done during #3302.
|
|
csrf tokens) (#3432)
|
|
Before, setting values did not refresh the configuration cache. Thus
generating some weird behavior when configuring extensions.
Now, the cache is updated with the most recent values when the
configuration is modified.
|
|
#fix https://github.com/FreshRSS/FreshRSS/issues/3421
|
|
Fix regression from https://github.com/FreshRSS/FreshRSS/pull/3407
Identifier must not be indented
PHP 5.6.36 (cli) (built: Apr 28 2018 21:14:51)
Copyright (c) 1997-2016 The PHP Group
Zend Engine v2.6.0, Copyright (c) 1998-2016 Zend Technologies
with Zend OPcache v7.0.6-dev, Copyright (c) 1999-2016, by Zend
Technologies
PHP Parse error: syntax error, unexpected end of file in
lib/lib_rss.php on line 608
Errors parsing lib/lib_rss.php
|
|
Fix a rare error when an invalid feed is forced to be added again.
FreshRSS code (not upstream)
|
|
* Add requirements check in CLI
#fix https://github.com/FreshRSS/FreshRSS/issues/1853
* More checks
#fix https://github.com/FreshRSS/FreshRSS/issues/1853
|
|
* bump default logout from 30 to 365 days
* * Change cookie duration to constant
* Change cookie duration to three months
* use class
* use 90 days (otherwise login form says 91.3 days)
* change class
* also this works now
* Better error message
* inconsistent dot with the other message
* Better error message
* add errorMessage()
* fix style
* html escape the error title
* also html escape error message
* remove spaces before parentheses
* rework the error message
* Minz-friendly
* Update message
Do not advise running this script as wrong user
* Update lib/lib_rss.php
Co-authored-by: Martin <spleefer90@gmail.com>
Co-authored-by: Martin Rys <martin@rys.pw>
Co-authored-by: Frans de Jonge <fransdejonge@gmail.com>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
This will simplify extension code by removing a lot of logic from
the extension itself when it's not needed. I've tested it on one
of my extension with all the other recent extension modifications
and I could remove half of the code needed before.
|
|
Before, only one extension could be configured at a time. Thus we
were loosing the configuration for other extensions when saving.
Now, each extension can be saved without overriding data.
See #3397
|
|
Before, the extension configuration was handled by its author. There
was discrepancies between extensions on how the configuration was
stored.
Now, we could rely on a single way of storing configuration. This won't
invalidate how the extensions are storing their configuration but will
allow authors to focus on what is important.
|
|
#fix https://github.com/FreshRSS/FreshRSS/issues/3401 (crash with PHP 8+)
`ceil()` crashes in PHP8+ in case of invalid input such as empty string.
`intval()` fixes the problem with almost identical behaviour than `ceil()` in PHP7- (except for floating point values)
#fix FreshRSS/FreshRSS#3401 (crash with PHP 8+)
Example with feed http://podcast.hr2.de/derTag/podcast.xml
```xml
<enclosure url="https://mp3podcasthr-a.akamaihd.net:443/mp3/podcast/derTag/derTag_20210129_87093232.mp3"
length="" type="audio/mpeg"/>
```
`isset("")` passes and then `ceil("")` crashes due to wrong type in PHP8+:
```
Uncaught TypeError: ceil(): Argument #1 ($num) must be of type
int|float, string given in ./SimplePie/SimplePie/Item.php:2871
```
Upstream patch https://github.com/simplepie/simplepie/pull/670
|
|
`PDO::ERRMODE_SILENT` is the default value
https://php.net/pdo.error-handling
We just make it explicit
#fix https://github.com/FreshRSS/FreshRSS/issues/3402
But in the issue above, it looks like it is in `PDO::ERRMODE_EXCEPTION`
mode
|
|
* sort results in find() method
* Update lib/lib_phpQuery.php
Co-Authored-By: Alexandre Alapetite <alexandre@alapetite.fr>
* Update lib/lib_phpQuery.php
Co-Authored-By: Alexandre Alapetite <alexandre@alapetite.fr>
* Fix fetching articles
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
* Working curlopt_params
* Examples
* curl_params for fetching the article
* cleanup
* clarification
* Remove debugging
* Options corrected
* Removed Debugging
* i18n not needed (right now)
* Translations and UI rework
* Checks in update.phtml
* Unset Proxy&Cookies
* remove clutter
* minor fuckup
* i18n added properly
* resolve Errors
* linting errors
* linting errors, again
* Review
* Minor revert
* Minor i18n: de
Co-authored-by: maru <maru@nyx.im>
Co-authored-by: Aeris <a3x@eris.cc>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
* Add constant for PHP requirements
This new constant is used for PHP version check.
This way, we won't forget to modify some part of the code base.
* Remove PHP version checks
Some checks were obsolete because they were checking unsupported
PHP versions.
|
|
* Possiblity to autoinstall in Docker Compose
#fix https://github.com/FreshRSS/FreshRSS/issues/3349
It is simply calling our existing CLI: do-install.php and
create-user.php
https://github.com/FreshRSS/FreshRSS/tree/master/cli
FreshRSS will typically be ready a few seconds before the database, so
introduce a tolerance when the database is not available / up (yet) by
trying a few times to connect. Also useful to avoid service interruption
when DB service is restarted.
Example:
```yml
freshrss-app:
image: freshrss/freshrss
container_name:
freshrss-app
hostname: freshrss-app
restart: unless-stopped
ports:
- "8080:80"
depends_on:
- freshrss-db
volumes:
- data:/var/www/FreshRSS/data
-
extensions:/var/www/FreshRSS/extensions
environment:
CRON_MIN:
'*/20'
FRESHRSS_ENV: development
FRESHRSS_INSTALL: |-
--api_enabled
--base_url https://rss.example.net
--db-base freshrss
--db-host freshrss-db
--db-password
freshrss
--db-type pgsql
--db-user freshrss
--default_user admin
--language en
FRESHRSS_USER: |-
--api_password freshrss
--email user@example.net
--language en
--password freshrss
--user admin
TZ:
Europe/Paris
```
* Minor type f in find
* shellcheck
|
|
When an extension defines an `autoload` method, it will be registered
automatically before enabling the extension.
For the extension creator, it's easier because there is no need to
register it manually.
|
|
* add two new hooks
I develop a new extension and i need 2 new hooks for it
* update EN documentation
* Correct typing errors
* Update app/views/helpers/javascript_vars.phtml
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
Before, there were some guidelines on how to use the extension class and how to extend it. Those guidelines were defined as comments.
Now, those guidelines are enforced by the code itself. There is no need for those comments anymore.
|
|
Extensions must override some parent methods. The rule is just a
guideline because only described in comments. The idea is to
deprecate that flexibility and add it to the code. To warn users
beforehand, we log error message regarding incomplete extensions.
See #3333
|
|
Before, when clicking on the author link, the search was done on the
main stream in the normal view. It's fine until the feed is not visible
in the main stream.
Now, the current context is used along with the search.
See #3314
|
|
* Avoid manual intialisations of system or user configuration
More consistent use of Context
* Simplify FreshRSS_Context::initUser
* Remove a few manual get_user_configuration
* A bit of debugging
* Fix context user init
* Fix install
* Fix concurrency
Concurrent requests could lead to bad race condition
* Fix actualize cron
Fix case when system i initialised several times
|
|
Before, the temp path was not check during install. With some configuration,
FRSS was not working because of a non-writable temp directory. It happened
with XAMPP on MacOS X but it might be the case for other platforms.
Now, the temp path is checked during install to make sure it is writable.
See #3310
|
|
As FRSS always comes with Minz, there is no need to validate that
it is there during install. If it turns out we need to validate that,
we might need to validate other libraries as well.
|
|
Before, we had 5 classes in the ModelPdo file. It was bad for 2 reasons.
The first reason is that it is considered bad practice to have multiple
class in one file. This is especially true when using autoloading. On top
of that it is less readable considering the size of the file. The second
reason is that so far we were lucky. Everytime we needed to access the
database, it was through the ModelPdo class which loads all the other
classes. If we want to access directly the connection, it wont be loaded.
On top of that, the system is configured to work on a single database,
but as we have every connection definition in a single file, all classes
were loaded at the same time. Thus using memory and processing time for
nothing.
Now, we have a file for each class. To work with autoloading, classes
were slightly renamed to match autoloading rules.
|
|
This reverts commit e1ee58816ba76734e4115fc12898b13de665b220.
|
|
This reverts commit 46cb89adf842e2fbac254fc99355d6577e4e86eb.
|
|
Before, we had 5 classes in the ModelPdo file. It was bad for 2 reasons.
The first reason is that it is considered bad practice to have multiple
class in one file. This is especially true when using autoloading. On top
of that it is less readable considering the size of the file. The second
reason is that so far we were lucky. Everytime we needed to access the
database, it was through the ModelPdo class which loads all the other
classes. If we want to access directly the connection, it wont be loaded.
On top of that, the system is configured to work on a single database,
but as we have every connection definition in a single file, all classes
were loaded at the same time. Thus using memory and processing time for
nothing.
Now, we have a file for each class. To work with autoloading, classes
were slightly renamed to match autoloading rules.
|
|
#fix https://github.com/FreshRSS/FreshRSS/issues/3282 (workaround an nginx configuration bug)
We do not need to keep HTML comments in RSS content.
|
|
* Extract autoloading process
The process sits in its own file now to ease future improvements.
* Change the autoload process
Before, the autoload process was too restricted. It was really dependant on our
code tree. It was hard to add more classes to be loaded automatically. On top
of that, it did not support autoloading classes following the PSR-4 recommendation.
Now, the autoload process is more open. It supports partially the PSR-4 recommendation,
there is no specific code to load Minz classes or PHPMailer classes. This is the
starting point to reorganize the codebase to introduce long waiting changes as seen
in #789. It would be a nice to later rework the tree, rename classes, and add namespace
in a fashion that follows the PSR-4. Then specific FRSS workarounds in the autoload
could be dropped.
|
|
#fix https://github.com/FreshRSS/FreshRSS/issues/3239
Reason: https://php.net/session-write-close used to return void and not
boolean before PHP 7.2
|
|
* Fix initI18n
#fix
https://github.com/FreshRSS/FreshRSS/issues/3246#issuecomment-725463337
#fix https://github.com/FreshRSS/FreshRSS/issues/3136
It was due to calling `initI18n()` before `FreshRSS_Context` is
intialised in some situations
Introduced by https://github.com/FreshRSS/FreshRSS/pull/3022
Will be better fixed when https://github.com/FreshRSS/FreshRSS/pull/3070
lands
* Fallback condition
|
|
* Fix sanitize feed description
#fix https://github.com/FreshRSS/FreshRSS/issues/3221
* Simplification
|
|
* Minz allow parallel sessions
#fix https://github.com/FreshRSS/FreshRSS/issues/3093
* Array optimisation
* Array optimisation missing
* Reduce direct access to $_SESSION except in install process
* Fix session start headers warning
* Use cookie only the first time the session is started:
`PHP Warning: session_start(): Cannot start session when headers
already sent in /var/www/FreshRSS/lib/Minz/Session.php on line 39`
* New concept of volatile session for API calls
Optimisation: do not use cookies or local storage at all for API calls
without a Web session
Fix warning:
```
PHP Warning: session_destroy(): Trying to destroy uninitialized session
in Unknown on line 0
```
* Only call Minz_Session::init once in our index
It was called twice (once indirectly via FreshRSS->init())
* Whitespace
* Mutex for notifications
Implement mutex for notifications
https://github.com/FreshRSS/FreshRSS/pull/3208#discussion_r499509809
* Typo
* Install script is not ready for using Minz_Session
|
|
* Minz: Attach a notification to a request
Notifications should be attached to a request, not to a global session.
Fix
https://github.com/FreshRSS/FreshRSS/pull/3096#issuecomment-654891906
Prepare https://github.com/FreshRSS/FreshRSS/pull/3096
* Rename array
* Avoid string constants
Implement
https://github.com/FreshRSS/FreshRSS/pull/3208#issuecomment-703243863
* Improved logic
* Simplify storage
https://github.com/FreshRSS/FreshRSS/pull/3208#discussion_r499511213
* Fix notification bug in configuration/system
|
|
* Minz: support PHP8 lint
Fix PHP8 Fatal error: Declaration of MinzPDO::query($statement) must be
compatible with PDO::query(string $query, ?int $fetch_mode = null, mixed
...$fetch_mode_args) in /FreshRSS/lib/Minz/ModelPdo.php on line 159
Errors parsing /FreshRSS/lib/Minz/ModelPdo.php
* Fix argument name
* Please phpcs in Travis
|
|
Contributes to https://github.com/FreshRSS/FreshRSS/issues/3082
Includes https://github.com/FreshRSS/FreshRSS/pull/3180
Differences:
https://github.com/simplepie/simplepie/compare/aaad78e6da098e14bec4fec552b3a2dbca7a2d45...692e8bc19bc4aca20b57474cca2a1d234ce89d63
|
|
* Update to support PHP 8
Replaced create_function calls with anonymous functions in lib/lib_phpQuery.php
Ref Issue: #3082
* Remove commented code blocks
* White space
* More PHP8 fixes
Fix: Fatal error: Array and string offset access syntax with curly
braces is no longer supported in /FreshRSS/lib/lib_phpQuery.php on line
2174, etc.
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
* SimplePie: Fix HTTP 301 permanent redirection
When adding feeds it worked fine, but detecting permanent redirects for
existing feeds was sometimes broken (only when PHP open_basedir was not
set).
Indeed, using the built-in CURLOPT_FOLLOWLOCATION instead of the manual
method in SimplePie hides the list of HTTP redirects along the way, and
prevents the distinction of e.g. 301 vs. 302 redirects.
This patch disables CURLOPT_FOLLOWLOCATION in SimplePie, and fixes the
manual method at the same time.
The use of CURLOPT_FOLLOWLOCATION was nevertheless not systematic (only
when open_basedir was not set), so now there is only one logic
independent of open_basedir.
I will send a PR upstream to SimplePie.
How to test: pick a feed with 301 redirection such as HTTP to HTTPS,
e.g. http://ing.dk/rss/term/341
Manually change back to previous address (to simulate a feed that is
changing address)
Refresh feed and observe whether the 301 redirect is obeyed.
* Wrong blank
|
|
When ssl_verify option is set to false for a feed, allow lower security such as SHA-1 signatures.
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900984
https://stackoverflow.com/questions/58342699/php-curl-curl-error-35-error1414d172ssl-routinestls12-check-peer-sigalgwr
Fix error of type `cURL error 35: error:1414D172:SSL routines:tls12_check_peer_sigalg:wrong signature`
Example of feeds:
https://www.version2.dk/it-nyheder/rss
https://ing.dk/rss/nyheder
|
|
* Relaxed to allow underscore _ in URL hostnames
#fix https://github.com/FreshRSS/FreshRSS/issues/3132
https://bugs.php.net/bug.php?id=64948
* Minor fix in favicons redirect
* Minor fix in relative HREF for favicons
|
|
When the user do not want to use a shortcut, he can let the shortcut value
empty. This will save an empty configuration thus disabling the shortcut.
The load default action allows to use default shortcut only for disabled
shortcuts.
See #3110
|
Alexandre Alapetite
Alexis Degrugillier
Brooke
Kiblyn11
hesch
Martin
Eris
Clemens Neubauer
Prashant Tholia
