* Little's optimisations and booleans in conditions
* Apply strict type
* Apply strict type
* Apply strict type
* Fix multiple bugs with PHP 8.2 and 8.3
* Many declares missing, more errors fixed
* Apply strict type
* Another approach
* Stronger typing for Minz_Session
* Fix case of SQLite
---------
Co-authored-by: Luc <sanchezluc+freshrss@gmail.com>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
* processing of depreciations and updating of code to php7.2 minimum
* Autoformat many strange array indenting
And revert a few unwanted changes
---------
Co-authored-by: Luc <sanchezluc+freshrss@gmail.com>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
* comments added for each step
* infos about FreshRSS added in first step
* Remove reference to Kriss and Leed from install page
I do not find that informative, and quite confusing. Moved to readme instead.
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
* Complete PHPStan Level 6
Fix https://github.com/FreshRSS/FreshRSS/issues/4112
And initiate PHPStan Level 7
* PHPStan Level 6 for tests
* Use phpstan/phpstan-phpunit
* Update to PHPStan version 1.10
* Fix mixed bug
* Fix mixed return bug
* Fix paginator bug
* Fix FreshRSS_UserConfiguration
* A couple more Minz_Configuration bug fixes
* A few trivial PHPStan Level 7 fixes
* A few more simple PHPStan Level 7
* More files passing PHPStan Level 7
Add interface to replace removed class from https://github.com/FreshRSS/FreshRSS/pull/5251
* A few more PHPStan Level 7 preparations
* A few last details
* Modernize Constants and use new constant 'currentUser'
* Add FreshRSS_Context::currentUser() function and use
* Add FreshRSS_Context::currentUser() function and use
* Add FreshRSS_Context::currentUser() function and use
* Add FreshRSS_Context::currentUser() function and use
* Add FreshRSS_Context::currentUser() function and use
* Update app/Controllers/userController.php
* Update app/Controllers/userController.php
* Update app/Controllers/userController.php
* Update app/Models/Auth.php
* Update p/api/greader.php
* Update p/api/greader.php
* Update p/api/greader.php
* Update app/Models/Context.php
* Update app/Models/LogDAO.php
* Update lib/Minz/Log.php
* Update p/api/greader.php
* Update app/layout/header.phtml
* Update app/views/helpers/export/articles.phtml
* Update cli/do-install.php
* Remarque's from Alkarex
* Remarque's from Alkarex
* Refactor using new Minz_User class
* Consistent naming of public constants
---------
Co-authored-by: Luc <sanchezluc+freshrss@gmail.com>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
* less buttons on step 1
* add form-group
* jump to next step as link not as button
* improve navigation bar HTML structure
* sync password-show button with extra.js
* fix CSS
* i18n: step 4: split text strings for help text (max chars default user)
* show menu button if mobile view
* improve header layout with empty div
* step 5: button in form-actions
* improve buttons in goup-controls
* Favicon added
* Button: Font color hover btn-attention
* install check step: add subtitles
* fix .btn
* improve tabindex
* improve showPW_this()
Fix regressions from https://github.com/FreshRSS/FreshRSS/pull/4561
Example:
```
PHP Fatal error: Uncaught TypeError: Argument 1 passed to checkToken() must be an instance of FreshRSS_UserConfiguration, instance of Minz_Configuration given, called in /var/www/FreshRSS/p/api/greader.php on line 1091 and defined in /var/www/FreshRSS/p/api/greader.php:223
Stack trace:
#0 /var/www/FreshRSS/p/api/greader.php(1091): checkToken()
#1 {main}
thrown in /var/www/FreshRSS/p/api/greader.php on line 223
```
Improvement of https://github.com/FreshRSS/FreshRSS/pull/4110
* Custom logo HTML
Add option for custom HTML logo/title in the main Web UI view.
Can potentially be different per user.
#fix https://github.com/FreshRSS/FreshRSS/pull/3830/files#r850472247
* logo_html in main config
With new `./data/config.custom.php` to provide custom values before install
* Docker documentation
* whitespace
* Auto relax CSP to allow images for HTML logo
* Documentation
* Use typographic quotes
* A few fixes
* Fix
* Fix not saved
* Implement feedback
* Detail
* Revert spoken English fixes
Left for a future dedicated discussion
* More reverts
* Final reverts
* Final minor
* replace div with main
* include the slider into main
* format source
* add close icon for the extension slider
* replace div with main
* Update shortcut.phtml
* fixed the nits
* template + translations
translation made with Google translate + check with my knowledge + recheck with invers translation
* Update app/install.php
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
#fix https://github.com/FreshRSS/FreshRSS/issues/3735
Before, we were relying on an exception during the first stages of user initalisation. Now the check is explicit and cleaner, producing a more appropriate HTTP response for the API.
* navigation: disable next steps
* change icon to full icon (incl. text)
* navigation is a ordered list
* set mouse title on each navigation item
* navigation: next steps in grey italc
* Remove file data/do-install.txt
This file was painful during update because we had to remember to delete
it each time. It added a security issue by allowing an attacker to
reinstall FreshRSS during the update process.
The (more powerful) file data/applied_migrations.txt has been introduced
in 8619cf6fa to replace do-install.txt. We had to wait for at least one
release in order to make sure existing instances of FreshRSS created the
migration file. It should be ok now.
* Replace i18n install.not_deleted key
* Update documentation to update FreshRSS
* If cURL is not installed, the script stops with a fatal error.
The script stops with the following message.
Fatal error: Uncaught Error: Call to undefined function curl_version()
* Update app/install.php
Fix whitespace
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
* Update Travis line length
* Also check whitespace in CSS files
* Fix line length ext.php
* More syntax, string templates
* Fix exclude-pattern
* Test JS files as well
The username is retrieved by 2 different means to support different
configurations and architectures. If there is no way to find the
username, the "unknown" string is displayed instead.
See #2758
* Add constant for PHP requirements
This new constant is used for PHP version check.
This way, we won't forget to modify some part of the code base.
* Remove PHP version checks
Some checks were obsolete because they were checking unsupported
PHP versions.
* Avoid manual intialisations of system or user configuration
More consistent use of Context
* Simplify FreshRSS_Context::initUser
* Remove a few manual get_user_configuration
* A bit of debugging
* Fix context user init
* Fix install
* Fix concurrency
Concurrent requests could lead to bad race condition
* Fix actualize cron
Fix case when system i initialised several times
Before, the temp path was not check during install. With some configuration,
FRSS was not working because of a non-writable temp directory. It happened
with XAMPP on MacOS X but it might be the case for other platforms.
Now, the temp path is checked during install to make sure it is writable.
See #3310
As FRSS always comes with Minz, there is no need to validate that
it is there during install. If it turns out we need to validate that,
we might need to validate other libraries as well.
Fix warning about session already started during install.
Refactor more code to use the same approach than in main FreshRSS.
Did not address all read accesses (not important) but did cover all
write accesses (important)
* Minz allow parallel sessions
#fix https://github.com/FreshRSS/FreshRSS/issues/3093
* Array optimisation
* Array optimisation missing
* Reduce direct access to $_SESSION except in install process
* Fix session start headers warning
* Use cookie only the first time the session is started:
`PHP Warning: session_start(): Cannot start session when headers
already sent in /var/www/FreshRSS/lib/Minz/Session.php on line 39`
* New concept of volatile session for API calls
Optimisation: do not use cookies or local storage at all for API calls
without a Web session
Fix warning:
```
PHP Warning: session_destroy(): Trying to destroy uninitialized session
in Unknown on line 0
```
* Only call Minz_Session::init once in our index
It was called twice (once indirectly via FreshRSS->init())
* Whitespace
* Mutex for notifications
Implement mutex for notifications
https://github.com/FreshRSS/FreshRSS/pull/3208#discussion_r499509809
* Typo
* Install script is not ready for using Minz_Session
* Add a Minz_Migrator class
Until now, we updated the database structure somewhere in the code but
it wasn't always consistent and somehow complicated to find. Also, this
code was always checked for nothing.
The Migrator aims to improve and ease the creation of migrations. It
should improve the way we apply the updates, making the update server
almost useless.
References:
- example of migration (before Migrator): cc0db9af4f (diff-11a53443fa81512b128c66b065df0679R10)
- update server: https://github.com/FreshRSS/update.freshrss.org
- PR moving the code of the update server to the core: https://github.com/FreshRSS/FreshRSS/pull/1760
* Automatically apply migrations
For now, administrators are used to have nothing to do during an update
else than getting the new code. I suggest to keep this behaviour and
automatically apply migrations if we detect new ones.
Another solution would be to create a CLI command and ask admins to call
it after getting the new code. It could hide migrations errors to end
users, but admin can forget to apply migrations since there are not used
to it.
* Add documentation for Minz Migrator
* Execute migrations even if next ones are applied
* Change mechanism to prevent multiple update at once
* Use mkdir to create the lock and to test it exists
Reference: https://stackoverflow.com/a/731634
* Append .lock to applied_migrations_path
There are no needs to define another file to serve as a lock.
* Change migrations naming convention
* Apply suggestions from code review
Co-Authored-By: Alexandre Alapetite <alexandre@alapetite.fr>
* Perform a low-cost migration versions comparaison
* Clarify version numbers concerning the migration system
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
* - Always display help under the targeted element.
- Use same help place for HTTP authentication in 'add' feed view than in 'update' feed view.
- Move help under input field in register view, as all other places (homogeneity).
* - Don't use "!important" as suggested by @Alkarex.
Now FRSS supports more than one admin. Admins have the same rights as
the default user. Admins can promote or demote other users. The default
user is considered as an admin even if it does not have the admin flag
enabled.
See #2096
* Fix wrong getHeader refactoring
Fix regression introduced by
https://github.com/FreshRSS/FreshRSS/pull/2373
The refactoring required a call to init() even for static functions,
which is most of the time not done.
Removed premature abstraction of `$_SERVER`, which was the root cause of
the bug.
https://github.com/FreshRSS/FreshRSS/issues/2748#issuecomment-569898931
* Refactoring: Move serverIsPublic to Minz_Request
* Add mitigations for wrong configurations
Due to the regression, we have some existing configurations with a bad
base_url
* Forgot one instance
* Extract hashPassword method from userController
* Extract and refactor fever key-related methods
* Move update of API password to dedicated action
* Simplify the controller by refactoring feverUtil
* Add locales
