* API avoid logging passwords
* Strip passwords and tokens from API logs
* Only log failed requests information when in debug mode
* Remove debug SHA
* Clean also Apache logs
* Better comments
* Redact also token parameters
* shfmt
* Simplify whitespace
* redacted
* Refactor entry to GReader API format
Some code was copied in two locations and not completely uniform.
Cleaning of related variables and functions (e.g. better types for entries and categories as objects vs. as IDs).
Usecase: I need to call the same GReader-compatible serialization from an extension
* Fixed some edge cases
* Keep summary instead of content
`summary` and `content` seems to be used interchangeably in the Google Reader API. We have been using `summary` for our client API and `content` in our export/import, so stick to that.
* New possibility to invoke user queries from a search expression
From the search field: `S:"My query"`.
Can be combined with other filters such as `S:"My query" date:P3d` as long as the user queries do not contain `OR`.
A use-case is to have an RSS filter with a stable address or an external API call with the ability to update the user query.
* Draft of parenthesis logic
* More draft
* Working parenthesis (a OR b) (c OR d)
* Working (A) OR (B)
* Support nested parentheses + unit tests + documentation
* search:MySearch and S:3
* More PHP type hints for Fever
Follow-up of https://github.com/FreshRSS/FreshRSS/pull/4201
Related to https://github.com/FreshRSS/FreshRSS/issues/4200
* Detail
* Draft
* Progress
* More draft
* Fix thumbnail PHP type hint
https://github.com/FreshRSS/FreshRSS/issues/4215
* More types
* A bit more
* Refactor FreshRSS_Entry::fromArray
* Progress
* Starts to work
* Categories
* Fonctional
* Layout update
* Fix relative URLs
* Cache system
* Forgotten files
* Remove a debug line
* Automatic form validation of XPath expressions
* data-leave-validation
* Fix reload action
* Simpler examples
* Fix column type for PostgreSQL
* Enforce HTTP encoding
* Readme
* Fix get full content
* target="_blank"
* gitignore
* htmlspecialchars_utf8
* Implement HTML <base>
And fix/revert `xml:base` support in SimplePie e49c578817
* SimplePie upstream PR merged
https://github.com/simplepie/simplepie/pull/723
* Use typographic quotes
* A few fixes
* Fix
* Fix not saved
* Implement feedback
* Detail
* Revert spoken English fixes
Left for a future dedicated discussion
* More reverts
* Final reverts
* Final minor
* Update Travis line length
* Also check whitespace in CSS files
* Fix line length ext.php
* More syntax, string templates
* Fix exclude-pattern
* Test JS files as well
Implement compatibility fix, to allow the streamID / inclusion criteria
to be given as `&s=` parameter instead of in the URL path.
https://github.com/bazqux/bazqux-api#fetching-streams
This form of request is apparently sometimes used by FeedMe:
```
/api/greader.php/reader/api/0/stream/contents?output=json&n=100&xt=user%2F-%2Fstate%2Fcom.google%2Fread&ot=0&s=user%2F-%2Flabel%2FBlogs
```
* Avoid manual intialisations of system or user configuration
More consistent use of Context
* Simplify FreshRSS_Context::initUser
* Remove a few manual get_user_configuration
* A bit of debugging
* Fix context user init
* Fix install
* Fix concurrency
Concurrent requests could lead to bad race condition
* Fix actualize cron
Fix case when system i initialised several times
* Minz allow parallel sessions
#fix https://github.com/FreshRSS/FreshRSS/issues/3093
* Array optimisation
* Array optimisation missing
* Reduce direct access to $_SESSION except in install process
* Fix session start headers warning
* Use cookie only the first time the session is started:
`PHP Warning: session_start(): Cannot start session when headers
already sent in /var/www/FreshRSS/lib/Minz/Session.php on line 39`
* New concept of volatile session for API calls
Optimisation: do not use cookies or local storage at all for API calls
without a Web session
Fix warning:
```
PHP Warning: session_destroy(): Trying to destroy uninitialized session
in Unknown on line 0
```
* Only call Minz_Session::init once in our index
It was called twice (once indirectly via FreshRSS->init())
* Whitespace
* Mutex for notifications
Implement mutex for notifications
https://github.com/FreshRSS/FreshRSS/pull/3208#discussion_r499509809
* Typo
* Install script is not ready for using Minz_Session
* Fix bad relogging clients
Some clients (like EasyRSS) are still using the old HTTP Authorization
header after having logged to log in with another user.
We should not attempt to process Authorization headers during a login
request
* Typo
* A bit safer
Avoid null exception
#Fix https://github.com/FreshRSS/FreshRSS/issues/2956
Bug/feature introduced by https://github.com/FreshRSS/FreshRSS/pull/2947 (which was following the specification better)
The original code `strpos($e_id, '/') !== null` was wrong (it can never be null, only false or integer), but the idea was to check whether the client was sending a short form (decimal) or long form of the ID (hexadecimal with prefixes including slashes). Since it has not given problem until my recent typo fix, this means that the short form is apparently not used by the clients we tested. But now that we are back to following the specification better, it looks like a client such as Reeder 4 is sending an hexadecimal form without a prefix, which breaks the detection.
This patch changes the detection, which should work in all known cases AND comply with the specification
https://feedhq.readthedocs.io/en/latest/api/terminology.html#items
FeedReader 2.10.0 sends something like
`T=cd3421a73e8a09f955449d02beaf9593b0c0265cZZZZZZZZZZZZZZZZZ&r=user/-/state/com.google/read&i=-/tag%3Agoogle.com&i=-/2005%3Areader/item/0005a4b97779db22`
to `/api/greader.php/reader/api/0/edit-tag`
The first `i=-/tag/google.com` is wrong and cannot be converted to an entry ID.
This resulted in:
> PHP Warning: gmp_init(): Unable to convert variable to GMP - string is not an integer in /var/www/FreshRSS/p/api/greader.php on line 35
* Fever integer type for feed ID
#Fix
https://github.com/FreshRSS/FreshRSS/issues/2940#issuecomment-623022435
* Fix feed_id
* Ensure string for entry ID
To be compatible with 32-bit platforms.
Before, the type was inconsistent depending on architecture + database
* Integer for entry count functions
* Better performance with yield
Largely decrease the time to first byte, and reduced memory consumtion.
Before, we used to make several copies in memory of the whole list of
articles before sending them to the client. Now streamed as they are
processed.
* Travis
* Pass the entries to 'entry_before_display' extension hook. - #2762
* Fix code-style.
* - Fix 'Whitespace found at end of line'.
Co-authored-by: Frans de Jonge <fransdejonge@gmail.com>
I published an article via WebSub, but I never received it. So I checked
my logs to find why and I found the following stacktrace:
```
29/Dec/2019:15:58:32 +0000 "POST /api/pshb.php" 500
NOTICE: PHP message: PHP Fatal error: Uncaught Error: Call to undefined function _t() in /path/app/Models/Category.php:83
Stack trace:
/path/app/Models/CategoryDAO.php(417): FreshRSS_Category->_id(1)
/path/app/Models/CategoryDAO.php(192): FreshRSS_CategoryDAO::daoToCategory(Array)
/path/app/Models/Feed.php(466): FreshRSS_CategoryDAO->searchById('1')
/path/app/Controllers/feedController.php(416): FreshRSS_Feed->cleanOldEntries()
/path/p/api/pshb.php(141): FreshRSS_feed_Controller::actualizeFeed(0, 'https://flus.io...', false, Object(SimplePie))
{main}
thrown in /path/app/Models/Category.php on line 83
```
The `_t` function should be loaded with the Minz_Translate class, but
the latter isn't initialized on WebSub endpoint.
In my opinion, we should not have to care about this kind of detail of
implementation and it reveals a deeper architectural misconception, but
for now the fix should be enough. It’s quite difficult to reproduce
locally though.
