Commit Graph

265 Commits

Author SHA1 Message Date
Andrew Dolgov 89d53a7f49 fix typo in previous 2020-09-17 08:45:17 +03:00
Andrew Dolgov 1f79d614c4 fix OTP QR code not displayed because of CSRF token passed as a query
parameter
use type-strict comparison when validating CSRF token on the backend
2020-09-17 08:43:39 +03:00
Andrew Dolgov 4a074111b5 user preferences: forbid < and > characters when changing passwords (were silently stripped on save because of clean()) 2020-09-14 20:53:00 +03:00
Andrew Dolgov 1f2a721905 allow overriding built-in templates via templates.local 2020-03-13 14:40:35 +03:00
Andrew Dolgov 4ab3854aed don't generate default.css, replace with themes/light.css as a default root CSS file 2020-02-22 16:22:44 +03:00
Andrew Dolgov 5b6d9cee29 prefs layout fixes:
1. prevent layout breakage when using an authenticator which doesn't allow changing passwords
2. show explanatory messages when OTP or password changing is not available
3. allow app (API) passwords when using any auth module
2020-02-18 11:51:04 +03:00
Andrew Dolgov df464e3d0d update app password notice 2019-12-17 14:58:31 +03:00
Andrew Dolgov 76dd74e0d9 add a hidden tweakable which forbids changing passwords 2019-12-06 17:45:22 +03:00
Andrew Dolgov ac95ab4a65 user css dialog: allow saving and applying CSS without closing the dialog 2019-12-06 14:02:30 +03:00
Andrew Dolgov 63ce7ea705 add a plugin page warning for plugins using HOOK_FEED_FETCHED, etc 2019-11-14 07:01:45 +03:00
Andrew Dolgov f75fb6bd75 Merge branch 'master' of git.fakecake.org:tt-rss 2019-11-01 15:40:15 +03:00
Andrew Dolgov 266a805bfe line endings + remove : from headings 2019-11-01 15:40:08 +03:00
Andrew Dolgov 05dffcff6f OTP stuff: update notice wording a bit 2019-11-01 15:27:24 +03:00
Andrew Dolgov 812a6c9f16 auth_internal: fix indents 2019-11-01 15:25:40 +03:00
Andrew Dolgov 249130e58d implement app password checking / management UI 2019-11-01 15:03:57 +03:00
Andrew Dolgov 88cd9e586e add placeholder UI plumbing for app passwords 2019-11-01 12:23:11 +03:00
Andrew Dolgov 904ecc31e2 allow using OTP without GD 2019-11-01 10:32:58 +03:00
Andrew Dolgov 2820f41a4b add notification for OTP being disabled 2019-10-09 09:10:43 +03:00
Andrew Dolgov ef514bc4bd add notifications for mail and password changes
update and shorten some other message templates
2019-10-09 09:04:51 +03:00
Andrew Dolgov 6825aaff55 update SSL certificate wiki link 2019-08-02 08:03:20 +03:00
Michael Kuhn e38fcd6dea Fix button focus issues
This change introduces derived classes for ComboButton, DropDownButton
and Select that make sure that buttons do not remain focused after their
menus are closed. This allows using hotkeys after closing them.
2019-04-14 12:01:52 +02:00
Michael Kuhn 4a2a90c980 Fix focus issues with hotkeys
Since making use of keypress in addition to keydown, hotkeys did not
work in certain scenarios, including clicking on the feed tree expanders
or empty spaces of the toolbar.

This issue is caused by dijit.Tree and dijit.Toolbar implementing the
_KeyNavMixin, which explicitly stops propagation of keypress events.

This change contains two main fixes plus a smaller hotfix:
1. It overrides _onContainerKeydown and _onContainerKeypress for
   fox.FeedTree (which inherits from dijit.Tree).
2. It adds fox.Toolbar, which overrides _onContainerKeydown,
   _onContainerKeypress and focus. This fixes hotkeys being swallowed
   and the first focusable child receiving focus when clicking on an
   empty space of the toolbar.
3. It adds the same handling of keydown and keypress to the prefs hotkey
   handler as is done in the main hotkey handler.
2019-04-13 22:34:57 +02:00
Andrew Dolgov c936cc3a1f use DEFAULT_SEARCH_LANGUAGE to generate tsvector index if per-feed language is not specified, also use it as default value on search form for convenience 2019-04-10 13:03:26 +03:00
Andrew Dolgov 19f162dbe3 css: insensitive -> text-muted 2019-03-08 10:11:57 +03:00
Andrew Dolgov a130da2d1a add layout hack to unify heights of plugin fieldsets 2019-02-26 15:03:33 +03:00
Andrew Dolgov 8819272db1 prefs-set -> prefs 2019-02-25 19:22:20 +03:00
Andrew Dolgov cbd119c7a3 pref-prefs: fix markup 2019-02-25 19:11:17 +03:00
Andrew Dolgov 52d77dee62 plugin list: update layout 2019-02-25 17:15:05 +03:00
Andrew Dolgov 335147e572 dialogs: use semantic markup instead of dlgsec stuff
continue unifying quoting style for html strings
2019-02-22 10:48:56 +03:00
Andrew Dolgov 7dbf63693b prefs small update 2019-02-22 06:58:06 +03:00
Andrew Dolgov c2fa0c4416 try to organize preferences better, shorten some descriptions 2019-02-21 22:08:23 +03:00
Andrew Dolgov 4e253add8c UI: add some more info links to relevant wiki pages; minor layout updates 2019-02-21 16:21:16 +03:00
Andrew Dolgov 4db13b8a17 simplify preference layout, remove some unnecessary css classes 2019-02-21 12:35:40 +03:00
Andrew Dolgov 3880a17e57 pref-prefs: rework personal info tab, remove ugly table markup 2019-02-20 17:21:32 +03:00
Andrew Dolgov 734af3357d fix user plugins not saving properly in non-default profiles 2018-12-26 22:04:35 +03:00
Andrew Dolgov b6a021461d add night_base so that output files would generate properly, etc 2018-12-11 21:06:02 +03:00
Andrew Dolgov be49b77b14 Revert "use codeflask for user css editor"
This reverts commit daa43e0572.
2018-12-11 20:48:17 +03:00
Andrew Dolgov 66d3dcbc7d update user css info line 2018-12-11 14:31:07 +03:00
Andrew Dolgov daa43e0572 use codeflask for user css editor 2018-12-11 14:25:41 +03:00
Andrew Dolgov 703351c79e remove theme supports-version etc checking 2018-12-09 11:37:26 +03:00
Andrew Dolgov a68b150601 remove separate classes for various panels, unify under .panel
remove a few other unnecessary css classes/ids
2018-12-07 14:03:33 +03:00
Andrew Dolgov 4fdcc923f0 prefs: reload on user theme change 2018-12-07 10:35:46 +03:00
Andrew Dolgov 15d05e8a26 night.css: do not import default less theme statically
remove themes/default.php (not needed)
compact.css: fixes
2018-12-06 14:49:33 +03:00
Andrew Dolgov 4aa11fe78d set some alt-info buttons; fix missing default submit for create filter dialog 2018-12-06 13:04:39 +03:00
Andrew Dolgov 814e49f8f7 add icons to accordion panels in preferences
fix typo in pref-prefs closing panel tag
2018-12-06 08:56:28 +03:00
Andrew Dolgov 19e24b4fe2 force cast profile id to integer when assigning to session variable 2018-12-06 07:08:54 +03:00
Andrew Dolgov f3e6e12d46 various minor updates re: icons 2018-12-05 16:48:29 +03:00
Andrew Dolgov b16c57d29c replace plugin.png with scalable icon 2018-12-05 16:37:09 +03:00
Andrew Dolgov 6befff30d7 updates for flat theme (mostly disable old dijit overrides) 2018-12-04 19:03:42 +03:00
Andrew Dolgov f81df37c36 wrap plugin list into border container, like prefs (2) 2018-12-04 15:33:20 +03:00
Andrew Dolgov 0880100f6a wrap plugin list into border container, like prefs 2018-12-04 15:31:21 +03:00
Andrew Dolgov 31e79317b3 normalize various font sizes and families between prefs & main UI
change some dialogs layout a bit to maybe become more readable
2018-12-04 15:22:22 +03:00
Andrew Dolgov 197e80add6 fix several issues related to profile being set to a non-numeric value 2018-12-04 10:47:01 +03:00
Andrew Dolgov 4d4034091a prefs: Prefs global -> Helpers 2018-12-03 12:46:00 +03:00
Andrew Dolgov 526389b2d3 update notify_* calls to use Notify 2018-12-02 20:56:30 +03:00
Andrew Dolgov 58e54282d3 prefs: move more global functions into matching classes 2018-12-02 15:30:07 +03:00
Andrew Dolgov f26d404890 prefs: move other tree-related functions to respective trees 2018-12-02 12:03:28 +03:00
Andrew Dolgov e23b6e397d prefs: store active tab for reload, remove most old table row functions 2018-12-02 11:25:32 +03:00
Andrew Dolgov 874560db54 remove obsolete row selection functions
move getUrlParam() to Utils
2018-12-02 10:33:58 +03:00
Andrew Dolgov 9563e3bcd6 remove expandable CDM headlines 2018-11-30 13:51:54 +03:00
Andrew Dolgov ef129fed2a some more xhrPost refactoring (batchEditSave WIP) 2018-11-30 10:48:50 +03:00
Andrew Dolgov d4fef36237 rewrite per-feed/global strip images to strip media 2018-09-07 10:24:46 +03:00
Andrew Dolgov 310c18e6bb move OTPHP to vendor/; additionally move Base32 class to OTPHP namespace 2018-06-20 18:27:34 +03:00
tsia 551f3c2c85 fixed "reset to defaults" in preferences 2018-03-15 16:26:50 +00:00
Francesco Turco 1a7277570b fix two-factor authenticaton 2017-12-22 12:29:25 +01:00
Andrew Dolgov d0cce0c7a4 isdefaultpassword: use method_exists() to check for check_password 2017-12-15 12:15:15 +03:00
simonp 5f19596651 Fix typo from previous pull request 2017-12-14 18:43:42 +01:00
Benjamin Collet 44c6a04b61 Check if the auth module supports check_password() method before using it 2017-12-14 18:02:37 +01:00
Andrew Dolgov 9390ddeae2 fix single user mode login failing because of isdefaultpassword() 2017-12-14 19:27:55 +03:00
Andrew Dolgov 1bf468ba1a pref-prefs: set button classes 2017-12-11 18:50:00 +03:00
Andrew Dolgov e6532439d6 force strip_tags() on all user input unless explicitly allowed 2017-12-03 23:35:38 +03:00
Andrew Dolgov 7c6f7bb0aa fix some minor issues found by code analyzer 2017-12-03 23:08:04 +03:00
Andrew Dolgov 7c0eb1b621 add defaultPasswordWarning nag dialog 2017-12-03 20:46:27 +03:00
Andrew Dolgov 187abfe732 main classes: remove sql_bool_to_bool() kludge 2017-12-03 09:35:59 +03:00
Andrew Dolgov e4291ba12f otpenable: use pdo prepare() 2017-12-03 09:10:14 +03:00
Andrew Dolgov 7039370368 pref-prefs: PDO 2017-12-02 12:01:56 +03:00
Andrew Dolgov 667d32fd26 remove obsolete forum plugin links
mention how to enable system plugins in the UI
2017-07-04 16:28:45 +03:00
Andrew Dolgov e130b283a7 db prefs: ignore cache when preference requested for specified UID (in case cached value of a different profile is stored)
prefs: show (and set) enabled plugins for default profile only
2017-06-24 14:29:07 +03:00
Andrew Dolgov ea79a0e033 remove some redundant php closing tags 2017-04-26 20:24:18 +03:00
Andrew Dolgov 1bfe1d7b31 simplify error handling
* less convoluted exception dialogs
* use window.onerror for the majority of exception catching/reporting
* remove most of now useless try/catch blocks
* report stacktrace instead of manually specified error locations
2017-03-04 14:34:44 +03:00
Jérémy DECOOL ba2853caac Prevent target='_blank' vulnerability on dynamic link 2017-02-12 11:01:36 +01:00
Andrew Dolgov 328118d12e use print_hidden() for hidden dojo form fields 2017-02-10 14:36:21 +03:00
Andrew Dolgov 22387de225 preferences: set themes dropdown to default if selected theme is missing 2017-01-26 22:37:22 +03:00
Andrew Dolgov e432b8fbe2 implement cache-busting for default theme.css
night theme: small fixes
2017-01-25 12:17:41 +03:00
Andrew Dolgov 312742db6e updates: auto-disable CURL if open_basedir is enabled, notify possible issues w/ plugins 2016-01-13 18:12:31 +03:00
Andrew Dolgov 5bdcb8fd78 remove option ALLOW_DUPLICATE_POSTS as confusing/useless 2016-01-07 22:01:35 +03:00
Andrew Dolgov 583f163f40 don't init plugins when loading everything to make a list, duh 2015-10-08 17:02:32 +03:00
Andrew Dolgov b87744534a add plugin-based filter actions (see example plugin in attic)
bump schema
2015-08-11 23:28:42 +03:00
Andrew Dolgov fb8a032a6b minor textarea fixes 2015-08-11 18:44:07 +03:00
Andrew Dolgov e79e274fc8 add styles for several other dijit elements 2015-08-11 16:41:05 +03:00
Andrew Dolgov 5956f312b7 add a bit more visible separate infobox for password change results 2015-07-06 12:10:15 +03:00
Andrew Dolgov 415a3b50c9 fix some minor typos and stuff 2015-06-07 18:41:18 +03:00
Andrew Dolgov b9634eb8b8 support loading themes from themes.local 2015-06-05 18:08:19 +03:00
Andrew Dolgov e6c826fa2f remove AUTO_ASSIGN_LABELS (confusing, idiots keep enable it and complain of the results) 2015-02-21 13:08:50 +03:00
Andrew Dolgov f6cbe9a5a0 require version information in all additional themes 2014-12-09 15:16:53 +03:00
Andrew Dolgov 78744d48d7 add FEEDS_SORT_BY_UNREAD to blacklist (removed) 2014-06-10 08:54:18 +04:00
Andrew Dolgov 4a80c57c50 remove some unused code reported by phpmd 2014-02-19 15:42:52 +04:00
Andrew Dolgov ab85ad89b3 otp: use application name in provisioning uri 2014-01-19 00:29:42 +04:00
Andrew Dolgov 06a39024dd plugin list: fix system plugins image position 2013-07-10 13:11:40 +04:00
Andrew Dolgov 2f20dd58d2 integrate silk icons by Mark James 2013-07-10 13:09:12 +04:00
Andrew Dolgov 5bbc4bb4b0 move stylesheets to css/, reference default tt-rss stylesheets from
default.css to make custom themes easier
2013-05-19 21:22:01 +04:00
Andrew Dolgov 8429af52be adjust previous patch phrasing a bit 2013-05-19 11:27:17 +04:00
Mike Frysinger 5bac322258 document the date format string
I assumed the format string was related to strftime except all of the
fields looked really weird.  After digging in the code, this string is
actually used with php's date().  Add a note for this so other people
can jump quickly to the relevant documentation (which is useful for
non-php peeps who have no idea what this is).
2013-05-19 03:19:55 -04:00
Andrew Dolgov 11334fdf6c make appearance of some preference panes more similar 2013-05-12 12:36:25 +04:00
Rasmus Lerdorf 6f7798b643 Fixing bugs found by static analysis 2013-05-07 00:35:10 -07:00
Andrew Dolgov 8d090a910b use css nth-child instead of old even/odd class hacks for normal mode 2013-05-04 12:01:53 +04:00
Andrew Dolgov bd02d29e1b prefs: update some descriptions to be more consistent 2013-04-29 15:58:15 +04:00
Andrew Dolgov 7b149552cb remove language selector from the login form, store language in the database per-user 2013-04-29 15:54:23 +04:00
Andrew Dolgov e57a1507ae do not use session cookie lifetime for additional cookies 2013-04-29 13:03:28 +04:00
Andrew Dolgov a845a3d5e5 otp: display notice if GD is missing 2013-04-29 09:20:30 +04:00
Andrew Dolgov 48ed517e8d pref_prefs: remove second argument from the constructor 2013-04-19 08:40:19 +04:00
Andrew Dolgov 1ffe3391f9 make pluginhost a singleton 2013-04-18 12:27:34 +04:00
Andrew Dolgov 52d88392da move db-prefs to OO 2013-04-18 12:00:01 +04:00
Andrew Dolgov d9c85e0f11 classes: use OO DB interface 2013-04-17 20:12:14 +04:00
Andrew Dolgov a42c55f02b fix blank character after opening bracket in function calls 2013-04-17 18:34:18 +04:00
Andrew Dolgov 72ff013729 fix pluginhost created without dbh 2013-04-17 18:30:22 +04:00
Andrew Dolgov 6322ac79a0 remove $link 2013-04-17 16:48:41 +04:00
Andrew Dolgov 2cbdc95bb0 add a separate tab for the logger 2013-04-17 08:42:39 +04:00
Andrew Dolgov 9deca86d96 require entering current one time code to enable otp 2013-04-16 21:07:26 +04:00
Andrew Dolgov 4e53956add implement error log viewer 2013-04-16 20:16:15 +04:00
Andrew Dolgov 723bcdb213 update description of DEFAULT_UPDATE_INTERVAL (2) 2013-04-09 22:28:06 +04:00
Andrew Dolgov 3ddbefabef update description of DEFAULT_UPDATE_INTERVAL 2013-04-09 22:18:59 +04:00
Andrew Dolgov bf87833884 fix prefs reset not working properly 2013-04-05 07:52:50 +04:00
Andrew Dolgov 29c8fa080e add language dropdown to prefs 2013-04-04 18:15:37 +04:00
Andrew Dolgov 122e9d788e add a dropdown button action to save and exit prefs (closes #660) 2013-04-04 14:53:36 +04:00
Andrew Dolgov 8ef9645da0 pref-prefs: add help for USER_CSS_THEME 2013-04-02 21:41:30 +04:00
Andrew Dolgov 9db8e60784 update pref descriptions 2013-04-02 16:46:08 +04:00
Andrew Dolgov 5f462963a0 remove blank string gettext invocations 2013-04-02 16:38:12 +04:00
Andrew Dolgov dfad9d7a36 pref-prefs: don't use schema-defined help/desc/section names 2013-04-02 16:20:43 +04:00
Andrew Dolgov f17cac6b26 retire DEFAULT_ARTICLE_LIMIT, infinite scrolling is fast enough to make it superfluous 2013-04-02 15:32:47 +04:00
Andrew Dolgov 9d76e75451 move editPrefProfiles to pref-prefs 2013-04-01 12:34:49 +04:00
Andrew Dolgov 00e347410e move customizeCSS to pref-prefs 2013-04-01 12:30:34 +04:00
Andrew Dolgov 5d40efc9b0 add ability to select CSS files in themes/ 2013-03-28 21:04:29 +04:00
Andrew Dolgov 8aa01d7989 disable SORT_HEADLINES_BY_FEED_DATE; replace with a toolbar newest first order 2013-03-28 20:51:06 +04:00
Andrew Dolgov b9a06a0e39 retire frankly ridiculous sorting by score/title/date/default
keep defaul and oldest first instead of REVERSE_HEADLINES
2013-03-28 20:44:43 +04:00
Andrew Dolgov 6deafe90db modify notify/warn/error boxes css 2013-03-27 22:03:55 +04:00
Andrew Dolgov bb5e1a328d enable 4th field in plugin->about() to serve as a more info link 2013-03-27 18:16:30 +04:00
Andrew Dolgov 65f85248ce pref-prefs: mention tt-rss forums as a plugin source 2013-03-27 16:24:43 +04:00
Andrew Dolgov 33b3db3372 for consistency, show hotkey-toggleable options relating to headlines list in preferences 2013-03-27 12:42:01 +04:00
Andrew Dolgov 744a1b0080 disable show additional preferences checkbox as repeatedly confusing 2013-03-27 12:29:51 +04:00
Tomas Chvatal 9a73994c5e Allow translation of notices in prefs. 2013-03-24 21:24:24 +04:00
Andrew Dolgov 3972bf5981 db_escape_string: specify link parameter for consistency; sessions: do not force-close db connection in _close() 2013-03-22 09:14:55 +04:00
Andrew Dolgov 451ff72289 rework pref-prefs to use checkboxes 2013-03-19 23:14:23 +04:00
Andrew Dolgov f4c02a157a fix warning when saving plugins with 0 plugins enabled (closes #542) 2013-02-28 09:13:00 +04:00
Andrew Dolgov 81c54e3d8d only allow clearing data of active plugins 2013-02-23 21:27:50 +04:00
Andrew Dolgov 96f0a3e79d remove themes/ 2013-01-23 15:36:32 +04:00
Andrew Dolgov 5d9abb1e11 add plugin storage table to schema; add ability to clear plugin data 2012-12-27 19:20:36 +04:00
Andrew Dolgov 0f28f81f89 move authentication modules to plugins/ 2012-12-27 15:14:44 +04:00
Andrew Dolgov 699daf5856 add several HOOK_PREFS_TAB_SECTION hook points 2012-12-27 01:13:18 +04:00
Andrew Dolgov 65d1e2501b plugins web list style tweaks 2012-12-25 12:31:07 +04:00