[github/wallabag/wallabag.git] / inc / functions.php

<?php

/**
 * Permet de générer l'URL de poche pour le bookmarklet
 */
function get_poche_url()
{
    $protocol = "http";
    if(isset($_SERVER['HTTPS'])) {
        if($_SERVER['HTTPS'] != "off") {
            $protocol = "https";
        }
    }

    return $protocol . "://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
}

// function define to retrieve url content
function get_external_file($url, $timeout)
{
    // spoofing FireFox 18.0
    $useragent="Mozilla/5.0 (Windows NT 5.1; rv:18.0) Gecko/20100101 Firefox/18.0";

    if  (in_array  ('curl', get_loaded_extensions())) {
        // Fetch feed from URL
        $curl = curl_init();
        curl_setopt($curl, CURLOPT_URL, $url);
        curl_setopt($curl, CURLOPT_TIMEOUT, $timeout);
        curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
        curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
        curl_setopt($curl, CURLOPT_HEADER, false);

        // FeedBurner requires a proper USER-AGENT...
        curl_setopt($curl, CURL_HTTP_VERSION_1_1, true);
        curl_setopt($curl, CURLOPT_ENCODING, "gzip, deflate");
        curl_setopt($curl, CURLOPT_USERAGENT, $useragent);

        $data = curl_exec($curl);

        $httpcode = curl_getinfo($curl, CURLINFO_HTTP_CODE);

        $httpcodeOK = isset($httpcode) and ($httpcode == 200 or $httpcode == 301);

        curl_close($curl);
    } else {

        // create http context and add timeout and user-agent
        $context = stream_context_create(array('http'=>array('timeout' => $timeout, // Timeout : time until we stop waiting for the response.
        'header'=> "User-Agent: ".$useragent, // spoot Mozilla Firefox
        'follow_location' => true
        )));

        // only download page lesser than 4MB
        $data = @file_get_contents($url, false, $context, -1, 4000000); // We download at most 4 MB from source.

        if(isset($http_response_header) and isset($http_response_header[0])) {
            $httpcodeOK = isset($http_response_header) and isset($http_response_header[0]) and ((strpos($http_response_header[0], '200 OK') !== FALSE) or (strpos($http_response_header[0], '301 Moved Permanently') !== FALSE));
        }
    }

    // if response is not empty and response is OK
    if (isset($data) and isset($httpcodeOK) and $httpcodeOK ) {

        // take charset of page and get it
        preg_match('#<meta .*charset=.*>#Usi', $data, $meta);

        // if meta tag is found
        if (!empty($meta[0])) {
            // retrieve encoding in $enc
            preg_match('#charset="?(.*)"#si', $meta[0], $enc);

            // if charset is found set it otherwise, set it to utf-8
            $html_charset = (!empty($enc[1])) ? strtolower($enc[1]) : 'utf-8';

        } else {
            $html_charset = 'utf-8';
            $enc[1] = '';
        }

        // replace charset of url to charset of page
        $data = str_replace('charset='.$enc[1], 'charset='.$html_charset, $data);

        return $data;
    }
    else {
        return FALSE;
    }
}

/**
 * Préparation de l'URL avec récupération du contenu avant insertion en base
 */
function prepare_url($url)
{
    $parametres = array();
    $url    = html_entity_decode(trim($url));

    // We remove the annoying parameters added by FeedBurner and GoogleFeedProxy (?utm_source=...)
    // from shaarli, by sebsauvage
    $i=strpos($url,'&utm_source='); if ($i!==false) $url=substr($url,0,$i);
    $i=strpos($url,'?utm_source='); if ($i!==false) $url=substr($url,0,$i);
    $i=strpos($url,'#xtor=RSS-'); if ($i!==false) $url=substr($url,0,$i);

    $title  = $url;
    if (!preg_match('!^https?://!i', $url))
        $url = 'http://' . $url;

    $html = Encoding::toUTF8(get_external_file($url,15));
    if (isset($html) and strlen($html) > 0)
    {
        $r = new Readability($html, $url);
        $r->convertLinksToFootnotes = TRUE;
        if($r->init())
        {
            $title = $r->articleTitle->innerHTML;
        }
    }

    $parametres['title']    = $title;
    $parametres['content']  = $r->articleContent->innerHTML;

    return $parametres;
}

/**
 * Appel d'une action (mark as fav, archive, delete)
 */
function action_to_do($action, $id, $url, $token)
{
    global $db;

    switch ($action)
    {
        case 'add':
            if ($url == '')
                continue;

            $parametres_url = prepare_url($url);
            $sql_action     = 'INSERT INTO entries ( url, title, content ) VALUES (?, ?, ?)';
            $params_action  = array($url, $parametres_url['title'], $parametres_url['content']);
            logm('add link ' . $url);
            break;
        case 'delete':
            if (verif_token($token)) {
                $sql_action     = "DELETE FROM entries WHERE id=?";
                $params_action  = array($id);
                logm('delete link #' . $id);
            }
            else logm('csrf problem while deleting entry');
            break;
        case 'toggle_fav' :
            if (verif_token($token)) {
                $sql_action     = "UPDATE entries SET is_fav=~is_fav WHERE id=?";
                $params_action  = array($id);
                logm('mark as favorite link #' . $id);
            }
            else logm('csrf problem while fav entry');
            break;
        case 'toggle_archive' :
            if (verif_token($token)) {
                $sql_action     = "UPDATE entries SET is_read=~is_read WHERE id=?";
                $params_action  = array($id);
                logm('archive link #' . $id);
            }
            else logm('csrf problem while archive entry');
            break;
        default:
            break;
    }

    try
    {
        # action query
        if (isset($sql_action))
        {
            $query = $db->getHandle()->prepare($sql_action);
            $query->execute($params_action);
        }
    }
    catch (Exception $e)
    {
        logm('action query error : '.$e->getMessage());
    }
}

/**
 * Détermine quels liens afficher : home, fav ou archives
 */
function display_view($view)
{
    global $db;

    switch ($_SESSION['sort'])
    {
        case 'ia':
            $order = 'ORDER BY id';
            break;
        case 'id':
            $order = 'ORDER BY id DESC';
            break;
        case 'ta':
            $order = 'ORDER BY lower(title)';
            break;
        case 'td':
            $order = 'ORDER BY lower(title) DESC';
            break;
        default:
            $order = 'ORDER BY id';
            break;
    }

    switch ($view)
    {
        case 'archive':
            $sql    = "SELECT * FROM entries WHERE is_read=? " . $order;
            $params = array(-1);
            break;
        case 'fav' :
            $sql    = "SELECT * FROM entries WHERE is_fav=? " . $order;
            $params = array(-1);
            break;
        default:
            $sql    = "SELECT * FROM entries WHERE is_read=? " . $order;
            $params = array(0);
            break;
    }

    # view query
    try
    {
        $query  = $db->getHandle()->prepare($sql);
        $query->execute($params);
        $entries = $query->fetchAll();
    }
    catch (Exception $e)
    {
        logm('view query error : '.$e->getMessage());
    }

    return $entries;
}

/**
 * Récupère un article en fonction d'un ID
 */
function get_article($id)
{
    global $db;

    $entry  = NULL;
    $sql    = "SELECT * FROM entries WHERE id=?";
    $params = array(intval($id));

    # view article query
    try
    {
        $query  = $db->getHandle()->prepare($sql);
        $query->execute($params);
        $entry = $query->fetchAll();
    }
    catch (Exception $e)
    {
        logm('get article query error : '.$e->getMessage());
    }

    return $entry;
}

/**
 * Vérifie si le jeton passé en $_POST correspond à celui en session
 */
function verif_token($token)
{
    if(isset($_SESSION['token_poche']) && isset($_SESSION['token_time_poche']) && isset($token))
    {
        if($_SESSION['token_poche'] == $token)
        {
            $old_timestamp = time() - (15*60);
            if($_SESSION['token_time_poche'] >= $old_timestamp)
            {
                return TRUE;
            }
            else {
                session_destroy();
                logm('session expired');
            }
        }
        else {
            logm('token error : the token is different');
            return FALSE;
        }
    }
    else {
        logm('token error : the token is not here');
        return FALSE;
    }
}

function logm($message)
{
    $t = strval(date('Y/m/d_H:i:s')).' - '.$_SERVER["REMOTE_ADDR"].' - '.strval($message)."\n";
    file_put_contents('./log.txt',$t,FILE_APPEND);
}
Commit	Line	Data
24619534	1	<?php
24619534	2
c8bbe19b	3	/**
	4	* Permet de générer l'URL de poche pour le bookmarklet
	5	*/
8046748b	6	function get_poche_url()
c8bbe19b	7	{
	8	$protocol = "http";
	9	if(isset($_SERVER['HTTPS'])) {
	10	if($_SERVER['HTTPS'] != "off") {
	11	$protocol = "https";
	12	}
	13	}
24619534	14
c8bbe19b	15	return $protocol . "://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
24619534	16	}
24619534	17
24619534	18	// function define to retrieve url content
c8bbe19b	19	function get_external_file($url, $timeout)
c8bbe19b	20	{
24619534	21	// spoofing FireFox 18.0
	22	$useragent="Mozilla/5.0 (Windows NT 5.1; rv:18.0) Gecko/20100101 Firefox/18.0";
	23
	24	if (in_array ('curl', get_loaded_extensions())) {
	25	// Fetch feed from URL
	26	$curl = curl_init();
	27	curl_setopt($curl, CURLOPT_URL, $url);
	28	curl_setopt($curl, CURLOPT_TIMEOUT, $timeout);
	29	curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
	30	curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
	31	curl_setopt($curl, CURLOPT_HEADER, false);
	32
	33	// FeedBurner requires a proper USER-AGENT...
	34	curl_setopt($curl, CURL_HTTP_VERSION_1_1, true);
	35	curl_setopt($curl, CURLOPT_ENCODING, "gzip, deflate");
	36	curl_setopt($curl, CURLOPT_USERAGENT, $useragent);
	37
	38	$data = curl_exec($curl);
	39
	40	$httpcode = curl_getinfo($curl, CURLINFO_HTTP_CODE);
	41
	42	$httpcodeOK = isset($httpcode) and ($httpcode == 200 or $httpcode == 301);
	43
	44	curl_close($curl);
	45	} else {
	46
	47	// create http context and add timeout and user-agent
	48	$context = stream_context_create(array('http'=>array('timeout' => $timeout, // Timeout : time until we stop waiting for the response.
139769aa	49	'header'=> "User-Agent: ".$useragent, // spoot Mozilla Firefox
	50	'follow_location' => true
	51	)));
24619534	52
	53	// only download page lesser than 4MB
	54	$data = @file_get_contents($url, false, $context, -1, 4000000); // We download at most 4 MB from source.
24619534	55
	56	if(isset($http_response_header) and isset($http_response_header[0])) {
	57	$httpcodeOK = isset($http_response_header) and isset($http_response_header[0]) and ((strpos($http_response_header[0], '200 OK') !== FALSE) or (strpos($http_response_header[0], '301 Moved Permanently') !== FALSE));
	58	}
	59	}
	60
	61	// if response is not empty and response is OK
	62	if (isset($data) and isset($httpcodeOK) and $httpcodeOK ) {
	63
	64	// take charset of page and get it
	65	preg_match('#<meta .charset=.>#Usi', $data, $meta);
	66
	67	// if meta tag is found
	68	if (!empty($meta[0])) {
	69	// retrieve encoding in $enc
	70	preg_match('#charset="?(.*)"#si', $meta[0], $enc);
	71
	72	// if charset is found set it otherwise, set it to utf-8
	73	$html_charset = (!empty($enc[1])) ? strtolower($enc[1]) : 'utf-8';
	74
	75	} else {
	76	$html_charset = 'utf-8';
	77	$enc[1] = '';
	78	}
	79
	80	// replace charset of url to charset of page
	81	$data = str_replace('charset='.$enc[1], 'charset='.$html_charset, $data);
	82
	83	return $data;
	84	}
	85	else {
	86	return FALSE;
	87	}
3c8d80ae	88	}
3c8d80ae	89
8046748b	90	/**
	91	* Préparation de l'URL avec récupération du contenu avant insertion en base
	92	*/
3c8d80ae	93	function prepare_url($url)
	94	{
	95	$parametres = array();
	96	$url = html_entity_decode(trim($url));
	97
	98	// We remove the annoying parameters added by FeedBurner and GoogleFeedProxy (?utm_source=...)
	99	// from shaarli, by sebsauvage
	100	$i=strpos($url,'&utm_source='); if ($i!==false) $url=substr($url,0,$i);
	101	$i=strpos($url,'?utm_source='); if ($i!==false) $url=substr($url,0,$i);
	102	$i=strpos($url,'#xtor=RSS-'); if ($i!==false) $url=substr($url,0,$i);
	103
	104	$title = $url;
	105	if (!preg_match('!^https?://!i', $url))
	106	$url = 'http://' . $url;
	107
	108	$html = Encoding::toUTF8(get_external_file($url,15));
	109	if (isset($html) and strlen($html) > 0)
	110	{
	111	$r = new Readability($html, $url);
4456315b	112	$r->convertLinksToFootnotes = TRUE;
3c8d80ae	113	if($r->init())
	114	{
	115	$title = $r->articleTitle->innerHTML;
	116	}
	117	}
	118
	119	$parametres['title'] = $title;
	120	$parametres['content'] = $r->articleContent->innerHTML;
	121
	122	return $parametres;
263d6c67	123	}
	124
	125	/**
	126	* Appel d'une action (mark as fav, archive, delete)
	127	*/
cf3180f6	128	function action_to_do($action, $id, $url, $token)
263d6c67	129	{
	130	global $db;
	131
	132	switch ($action)
	133	{
	134	case 'add':
	135	if ($url == '')
	136	continue;
	137
	138	$parametres_url = prepare_url($url);
	139	$sql_action = 'INSERT INTO entries ( url, title, content ) VALUES (?, ?, ?)';
	140	$params_action = array($url, $parametres_url['title'], $parametres_url['content']);
a81cd067	141	logm('add link ' . $url);
263d6c67	142	break;
263d6c67	143	case 'delete':
cf3180f6	144	if (verif_token($token)) {
	145	$sql_action = "DELETE FROM entries WHERE id=?";
	146	$params_action = array($id);
a81cd067	147	logm('delete link #' . $id);
cf3180f6	148	}
713b2d69	149	else logm('csrf problem while deleting entry');
263d6c67	150	break;
139769aa	151	case 'toggle_fav' :
	152	if (verif_token($token)) {
	153	$sql_action = "UPDATE entries SET is_fav=~is_fav WHERE id=?";
	154	$params_action = array($id);
a81cd067	155	logm('mark as favorite link #' . $id);
139769aa	156	}
713b2d69	157	else logm('csrf problem while fav entry');
139769aa	158	break;
	159	case 'toggle_archive' :
	160	if (verif_token($token)) {
	161	$sql_action = "UPDATE entries SET is_read=~is_read WHERE id=?";
	162	$params_action = array($id);
a81cd067	163	logm('archive link #' . $id);
139769aa	164	}
713b2d69	165	else logm('csrf problem while archive entry');
139769aa	166	break;
263d6c67	167	default:
	168	break;
	169	}
	170
	171	try
	172	{
	173	# action query
	174	if (isset($sql_action))
	175	{
	176	$query = $db->getHandle()->prepare($sql_action);
	177	$query->execute($params_action);
	178	}
	179	}
	180	catch (Exception $e)
	181	{
713b2d69	182	logm('action query error : '.$e->getMessage());
263d6c67	183	}
	184	}
	185
	186	/**
	187	* Détermine quels liens afficher : home, fav ou archives
	188	*/
9fee2e72	189	function display_view($view)
263d6c67	190	{
	191	global $db;
	192
139769aa	193	switch ($_SESSION['sort'])
	194	{
	195	case 'ia':
	196	$order = 'ORDER BY id';
	197	break;
	198	case 'id':
	199	$order = 'ORDER BY id DESC';
	200	break;
	201	case 'ta':
	202	$order = 'ORDER BY lower(title)';
	203	break;
	204	case 'td':
	205	$order = 'ORDER BY lower(title) DESC';
	206	break;
	207	default:
	208	$order = 'ORDER BY id';
	209	break;
	210	}
	211
9fee2e72	212	switch ($view)
263d6c67	213	{
263d6c67	214	case 'archive':
139769aa	215	$sql = "SELECT * FROM entries WHERE is_read=? " . $order;
263d6c67	216	$params = array(-1);
	217	break;
	218	case 'fav' :
139769aa	219	$sql = "SELECT * FROM entries WHERE is_fav=? " . $order;
263d6c67	220	$params = array(-1);
	221	break;
	222	default:
139769aa	223	$sql = "SELECT * FROM entries WHERE is_read=? " . $order;
263d6c67	224	$params = array(0);
	225	break;
	226	}
	227
	228	# view query
	229	try
	230	{
	231	$query = $db->getHandle()->prepare($sql);
	232	$query->execute($params);
	233	$entries = $query->fetchAll();
	234	}
	235	catch (Exception $e)
	236	{
713b2d69	237	logm('view query error : '.$e->getMessage());
263d6c67	238	}
	239
	240	return $entries;
	241	}
	242
	243	/**
	244	* Récupère un article en fonction d'un ID
	245	*/
	246	function get_article($id)
	247	{
	248	global $db;
	249
	250	$entry = NULL;
	251	$sql = "SELECT * FROM entries WHERE id=?";
	252	$params = array(intval($id));
	253
	254	# view article query
	255	try
	256	{
	257	$query = $db->getHandle()->prepare($sql);
	258	$query->execute($params);
	259	$entry = $query->fetchAll();
	260	}
	261	catch (Exception $e)
	262	{
713b2d69	263	logm('get article query error : '.$e->getMessage());
263d6c67	264	}
	265
	266	return $entry;
cf3180f6	267	}
	268
	269	/**
	270	* Vérifie si le jeton passé en $_POST correspond à celui en session
	271	*/
	272	function verif_token($token)
	273	{
	274	if(isset($_SESSION['token_poche']) && isset($_SESSION['token_time_poche']) && isset($token))
	275	{
	276	if($_SESSION['token_poche'] == $token)
	277	{
	278	$old_timestamp = time() - (15*60);
	279	if($_SESSION['token_time_poche'] >= $old_timestamp)
	280	{
	281	return TRUE;
	282	}
643e3037	283	else {
643e3037	284	session_destroy();
713b2d69	285	logm('session expired');
643e3037	286	}
cf3180f6	287	}
713b2d69	288	else {
	289	logm('token error : the token is different');
	290	return FALSE;
	291	}
	292	}
	293	else {
	294	logm('token error : the token is not here');
	295	return FALSE;
cf3180f6	296	}
713b2d69	297	}
	298
	299	function logm($message)
	300	{
	301	$t = strval(date('Y/m/d_H:i:s')).' - '.$_SERVER["REMOTE_ADDR"].' - '.strval($message)."\n";
a81cd067	302	file_put_contents('./log.txt',$t,FILE_APPEND);
c8bbe19b	303	}