| Age | Commit message (Collapse) | Author |
|---|
|
1. `include`, `include_once`, `require` and `require_once` are expressions not functions, parentheses are not necessary.
2. to move up the directory tree, it's better to use the `dirname` function instead of relying on `/..`.
|
|
* Closes and fixes error from #7885
* `no-cache.txt` is now respected in `f.php`, `ext.php` and `serve` action in `extensionController`
* And in all other places that weren't checking for `no-cache.txt` (some extensions maybe)
|
|
Revert bug introduce by https://github.com/FreshRSS/FreshRSS/pull/3096 in which username was always null, preventing HTTP cache from working and always returning 200 instead of 304.
Discovered when checking https://github.com/FreshRSS/FreshRSS/pull/6718
|
|
fix https://github.com/FreshRSS/FreshRSS/issues/6717
|
|
* Little's optimisations and booleans in conditions
* Apply strict type
* Apply strict type
* Apply strict type
* Fix multiple bugs with PHP 8.2 and 8.3
* Many declares missing, more errors fixed
* Apply strict type
* Another approach
* Stronger typing for Minz_Session
* Fix case of SQLite
---------
Co-authored-by: Luc <sanchezluc+freshrss@gmail.com>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
* fix many "Only booleans are allowed in an if condition"
* Update cli/create-user.php
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
* Update cli/i18n/I18nUsageValidator.php
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
* Fix several regressions and other minor things
* Fix another regression
* Update lib/http-conditional.php
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
---------
Co-authored-by: Luc <sanchezluc+freshrss@gmail.com>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
* Complete PHPStan Level 6
Fix https://github.com/FreshRSS/FreshRSS/issues/4112
And initiate PHPStan Level 7
* PHPStan Level 6 for tests
* Use phpstan/phpstan-phpunit
* Update to PHPStan version 1.10
* Fix mixed bug
* Fix mixed return bug
* Fix paginator bug
* Fix FreshRSS_UserConfiguration
* A couple more Minz_Configuration bug fixes
* A few trivial PHPStan Level 7 fixes
* A few more simple PHPStan Level 7
* More files passing PHPStan Level 7
Add interface to replace removed class from https://github.com/FreshRSS/FreshRSS/pull/5251
* A few more PHPStan Level 7 preparations
* A few last details
|
|
* Modernize Constants and use new constant 'currentUser'
* Add FreshRSS_Context::currentUser() function and use
* Add FreshRSS_Context::currentUser() function and use
* Add FreshRSS_Context::currentUser() function and use
* Add FreshRSS_Context::currentUser() function and use
* Add FreshRSS_Context::currentUser() function and use
* Update app/Controllers/userController.php
* Update app/Controllers/userController.php
* Update app/Controllers/userController.php
* Update app/Models/Auth.php
* Update p/api/greader.php
* Update p/api/greader.php
* Update p/api/greader.php
* Update app/Models/Context.php
* Update app/Models/LogDAO.php
* Update lib/Minz/Log.php
* Update p/api/greader.php
* Update app/layout/header.phtml
* Update app/views/helpers/export/articles.phtml
* Update cli/do-install.php
* Remarque's from Alkarex
* Remarque's from Alkarex
* Refactor using new Minz_User class
* Consistent naming of public constants
---------
Co-authored-by: Luc <sanchezluc+freshrss@gmail.com>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
|
|
And app/FreshRSS.php
Contributes to https://github.com/FreshRSS/FreshRSS/issues/4112
|
|
* error page: true HTML page
* error page: http500 erorr
* error page: add CSP header
* 'log.txt' replaced by LOG_FILENAME
* use ADMIN_LOG
* log.txt => LOG_FILENAME
* error message: add <title>
* Docs created
* delete: documentation on error message page
* line break added
* added: new line at the end
* typo fixed
* Update lib/lib_rss.php
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
* Update lib/lib_rss.php
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
* Minz HTTP 500
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
#fix https://github.com/FreshRSS/FreshRSS/issues/4284
|
|
* git update auto change to edge branch
For existing installations using automatic git update, checkout *edge* branch if it was still using *master* or *dev*.
* One more prune
* Fix several small issues
* theirs does not work here
* Use migration mechanism
* Better handling of Migration errors
* Test details
* Fix tests
* Do not use new migration system for now
|
|
* Remove file data/do-install.txt
This file was painful during update because we had to remember to delete
it each time. It added a security issue by allowing an attacker to
reinstall FreshRSS during the update process.
The (more powerful) file data/applied_migrations.txt has been introduced
in 8619cf6fa to replace do-install.txt. We had to wait for at least one
release in order to make sure existing instances of FreshRSS created the
migration file. It should be ok now.
* Replace i18n install.not_deleted key
* Update documentation to update FreshRSS
|
|
* bump default logout from 30 to 365 days
* * Change cookie duration to constant
* Change cookie duration to three months
* use class
* use 90 days (otherwise login form says 91.3 days)
* change class
* also this works now
* Better error message
* inconsistent dot with the other message
* Better error message
* add errorMessage()
* fix style
* html escape the error title
* also html escape error message
* remove spaces before parentheses
* rework the error message
* Minz-friendly
* Update message
Do not advise running this script as wrong user
* Update lib/lib_rss.php
Co-authored-by: Martin <spleefer90@gmail.com>
Co-authored-by: Martin Rys <martin@rys.pw>
Co-authored-by: Frans de Jonge <fransdejonge@gmail.com>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
#fix https://github.com/FreshRSS/FreshRSS/issues/3323
System would crash when no `FRESHRSS_ENV` environment was set, due to
https://github.com/FreshRSS/FreshRSS/blob/31cb07ac1acf7bad8c1bf6bbef45a17f4e0edbf3/lib/Minz/FrontController.php#L116-L119
|
|
* Minz allow parallel sessions
#fix https://github.com/FreshRSS/FreshRSS/issues/3093
* Array optimisation
* Array optimisation missing
* Reduce direct access to $_SESSION except in install process
* Fix session start headers warning
* Use cookie only the first time the session is started:
`PHP Warning: session_start(): Cannot start session when headers
already sent in /var/www/FreshRSS/lib/Minz/Session.php on line 39`
* New concept of volatile session for API calls
Optimisation: do not use cookies or local storage at all for API calls
without a Web session
Fix warning:
```
PHP Warning: session_destroy(): Trying to destroy uninitialized session
in Unknown on line 0
```
* Only call Minz_Session::init once in our index
It was called twice (once indirectly via FreshRSS->init())
* Whitespace
* Mutex for notifications
Implement mutex for notifications
https://github.com/FreshRSS/FreshRSS/pull/3208#discussion_r499509809
* Typo
* Install script is not ready for using Minz_Session
|
|
* Add a Minz_Migrator class
Until now, we updated the database structure somewhere in the code but
it wasn't always consistent and somehow complicated to find. Also, this
code was always checked for nothing.
The Migrator aims to improve and ease the creation of migrations. It
should improve the way we apply the updates, making the update server
almost useless.
References:
- example of migration (before Migrator): https://github.com/FreshRSS/FreshRSS/commit/cc0db9af4f980829faa4bf0960617807b32fb4fa#diff-11a53443fa81512b128c66b065df0679R10
- update server: https://github.com/FreshRSS/update.freshrss.org
- PR moving the code of the update server to the core: https://github.com/FreshRSS/FreshRSS/pull/1760
* Automatically apply migrations
For now, administrators are used to have nothing to do during an update
else than getting the new code. I suggest to keep this behaviour and
automatically apply migrations if we detect new ones.
Another solution would be to create a CLI command and ask admins to call
it after getting the new code. It could hide migrations errors to end
users, but admin can forget to apply migrations since there are not used
to it.
* Add documentation for Minz Migrator
* Execute migrations even if next ones are applied
* Change mechanism to prevent multiple update at once
* Use mkdir to create the lock and to test it exists
Reference: https://stackoverflow.com/a/731634
* Append .lock to applied_migrations_path
There are no needs to define another file to serve as a lock.
* Change migrations naming convention
* Apply suggestions from code review
Co-Authored-By: Alexandre Alapetite <alexandre@alapetite.fr>
* Perform a low-cost migration versions comparaison
* Clarify version numbers concerning the migration system
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
* Fix logging environment constants
* COPY_LOG_TO_SYSLOG was only working when Syslog was used
* FRESHRSS_ENV was not properly used to set logging level
* Simplify code
Always call `openlog()` even when it is not used
* Always specify syslog properties
https://github.com/FreshRSS/FreshRSS/pull/2745#discussion_r362207445
* $username is also needed further down
* No new line in syslog
|
|
* Use openlog before syslog
In order to have a copy on stderr when syslog is not available.
* Take advantage of syslog for actualization
Pipe cron job STDERR and syslog to Docker log
Cf. https://github.com/FreshRSS/FreshRSS/pull/2202/commits/00bd467655b7c060cdae388519b2413d12d8cb0f
|
|
* Apache performance
API: Use SetEnvIf if available and fallback to RewriteRule
Docker: Disable unused modules.
Docker: Hard-include .htaccess to avoid having to scan for changes in
that file.
Docker: Disable security check of symlinks, which we do not use ayway.
* Apache readme
* Docker/Apache tuning
Run cron job with correct www-data user instead of root
Remove PHP GMP module uneeded for 64-bit Docker image
Add option to mount custom .htaccess for HTTP authentication
Re-add Apache module for HTTP authentication
Move Alpine-specific instructions to Docker file (instead of Apache
conf) to make it easier to have other base images than Alpine
|
|
* Message when PHP is not installed
* or configured correctly
|
|
* Also removed references to Persona authentication.
* Changed code comment about Persona because it's for HTTP auth
in general. See https://github.com/FreshRSS/FreshRSS/commit/3d876091e1268e3ccd5036449a4deb5134936206
and https://github.com/FreshRSS/FreshRSS/issues/358#issuecomment-31931484
|
|
For uniformity, and to avoid having PHP searching in include_path.
http://php.net/manual/function.include.php
https://github.com/FreshRSS/FreshRSS/pull/1715
https://github.com/FreshRSS/FreshRSS/pull/1711#issuecomment-350581350
|
|
- Use only Minz_Configuration
- register() method to load a new configuration file
- get() to get a configuration
- new exceptions related to configuration
- fix a list configuration calls to have FRSS working
Current problems to resolve:
- How to handle configuration param verifications (i.e. check auth_type
is a value from none, http_auth, persona or form)
- We must use $conf = Minz_Configuration::get('system'); $general_conf = $conf->general;
to access global system configuration which is quite annoying. How to change that?
See https://github.com/FreshRSS/FreshRSS/issues/730
|
|
See https://github.com/FreshRSS/FreshRSS/issues/729
|
|
Please not use Minz_Log::record anymore!
See https://github.com/marienfressinaud/FreshRSS/issues/655
|
|
This can be the place of a user's .htaccess, for instance for HTTP
password control.
|
|
Now the install.php is kept in ./app/ and the trigger is
./data/do-install.php
There is no need anymore to have write access in ./p/i/
|
|
|
|
Username can contains more characters that the regexp allows. For example, on a raspberry pi, the default user for web server is 'www-data'.
|
|
As suggested
https://github.com/marienfressinaud/FreshRSS/issues/163#issuecomment-38478669
At the same time, removes a bunch of (almost) dead code such as
Minz_Router (the few remaining lines being moved to Minz_FrontController
to avoid a class)
Contributes to https://github.com/marienfressinaud/FreshRSS/issues/303
|
|
https://github.com/marienfressinaud/FreshRSS/issues/303#issuecomment-38477994
|
|
https://github.com/marienfressinaud/FreshRSS/issues/440
|
|
https://github.com/marienfressinaud/FreshRSS/issues/432
|
|
https://github.com/marienfressinaud/FreshRSS/issues/432
En attendant de voir si on peut trouver une meilleure solution, si
nécessaire, ou une meilleure documentation
|
|
|
|
Contribue à https://github.com/marienfressinaud/FreshRSS/issues/351
Nouvelle constante TMP_PATH comme répertoire pour stocker des fichiers
temporaires (si possible en mémoire et non sur disque, tel tmpfs pour
/tmp sur certaines distributions Linux)
Requiert PHP 5.2.1+ (contre 5.2.0 auparavant) pour le
`sys_get_temp_dir()`
|
|
Implémente décision
https://github.com/marienfressinaud/FreshRSS/issues/295
Install.php pourrait peut-être être mis à jour pour supprimer
automatiquement la colonne, mais ce n'est pas fait dans ce patch.
|
|
Implémente
https://github.com/marienfressinaud/FreshRSS/issues/327#issuecomment-33329115
|
|
https://github.com/marienfressinaud/FreshRSS/issues/327#issuecomment-33328377
|
|
Un message explicite indique la fin de la mise à jour. Le message a été
déplacé au-dessus de la zone des boutons.
Voir #377
|
|
Corrige https://github.com/marienfressinaud/FreshRSS/issues/372
|
|
PHP 5.3 est sorti en juin 2009.
https://github.com/ircmaxell/password_compat
Pour plus de tranquillité (compatibilité et sécurité), il faudrait même
désactiver en dessous de PHP 5.3.7 (août 2011)
|
|
formulaire
Corrige
https://github.com/marienfressinaud/FreshRSS/issues/327#issuecomment-31958851
|
|
+ diverses corrections dans l'installeur
Adresse une partie de
https://github.com/marienfressinaud/FreshRSS/issues/355
|
|
Corrige
https://github.com/marienfressinaud/FreshRSS/issues/327#issuecomment-32630046
(Pas encore testé)
|
|
https://github.com/marienfressinaud/FreshRSS/issues/120
|
|
Persona
Devrait aussi résoudre
https://github.com/marienfressinaud/FreshRSS/issues/358
À tester
|
|
https://github.com/marienfressinaud/FreshRSS/issues/347
* Conserve l'information sur l'utilisation de Persona lors d'une mise à
jour depuis v0.6 vers v0.7.
* Idem pour la lecture anonyme
* Les droits sur le répertoire persona sont testés
* Les tokens ne sont pas migrés ni testés pour l'instant
https://github.com/marienfressinaud/FreshRSS/issues/327
|
Alexis Degrugillier
Inverle
Alexandre Alapetite
Luc SANCHEZ
maTh
berumuron
Martin
Frans de Jonge
Nicolas ELIE
