]>
Commit | Line | Data |
---|---|---|
24619534 | 1 | <?php |
2 | ||
c8bbe19b | 3 | /** |
4 | * Permet de générer l'URL de poche pour le bookmarklet | |
5 | */ | |
8046748b | 6 | function get_poche_url() |
c8bbe19b | 7 | { |
8 | $protocol = "http"; | |
9 | if(isset($_SERVER['HTTPS'])) { | |
10 | if($_SERVER['HTTPS'] != "off") { | |
11 | $protocol = "https"; | |
12 | } | |
13 | } | |
24619534 | 14 | |
c8bbe19b | 15 | return $protocol . "://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; |
24619534 | 16 | } |
17 | ||
24619534 | 18 | // function define to retrieve url content |
c8bbe19b | 19 | function get_external_file($url, $timeout) |
20 | { | |
24619534 | 21 | // spoofing FireFox 18.0 |
22 | $useragent="Mozilla/5.0 (Windows NT 5.1; rv:18.0) Gecko/20100101 Firefox/18.0"; | |
23 | ||
24 | if (in_array ('curl', get_loaded_extensions())) { | |
25 | // Fetch feed from URL | |
26 | $curl = curl_init(); | |
27 | curl_setopt($curl, CURLOPT_URL, $url); | |
28 | curl_setopt($curl, CURLOPT_TIMEOUT, $timeout); | |
29 | curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true); | |
30 | curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); | |
31 | curl_setopt($curl, CURLOPT_HEADER, false); | |
32 | ||
33 | // FeedBurner requires a proper USER-AGENT... | |
34 | curl_setopt($curl, CURL_HTTP_VERSION_1_1, true); | |
35 | curl_setopt($curl, CURLOPT_ENCODING, "gzip, deflate"); | |
36 | curl_setopt($curl, CURLOPT_USERAGENT, $useragent); | |
37 | ||
38 | $data = curl_exec($curl); | |
39 | ||
40 | $httpcode = curl_getinfo($curl, CURLINFO_HTTP_CODE); | |
41 | ||
42 | $httpcodeOK = isset($httpcode) and ($httpcode == 200 or $httpcode == 301); | |
43 | ||
44 | curl_close($curl); | |
45 | } else { | |
46 | ||
47 | // create http context and add timeout and user-agent | |
48 | $context = stream_context_create(array('http'=>array('timeout' => $timeout, // Timeout : time until we stop waiting for the response. | |
139769aa | 49 | 'header'=> "User-Agent: ".$useragent, // spoot Mozilla Firefox |
50 | 'follow_location' => true | |
51 | ))); | |
24619534 | 52 | |
53 | // only download page lesser than 4MB | |
54 | $data = @file_get_contents($url, false, $context, -1, 4000000); // We download at most 4 MB from source. | |
24619534 | 55 | |
56 | if(isset($http_response_header) and isset($http_response_header[0])) { | |
57 | $httpcodeOK = isset($http_response_header) and isset($http_response_header[0]) and ((strpos($http_response_header[0], '200 OK') !== FALSE) or (strpos($http_response_header[0], '301 Moved Permanently') !== FALSE)); | |
58 | } | |
59 | } | |
60 | ||
61 | // if response is not empty and response is OK | |
62 | if (isset($data) and isset($httpcodeOK) and $httpcodeOK ) { | |
63 | ||
64 | // take charset of page and get it | |
65 | preg_match('#<meta .*charset=.*>#Usi', $data, $meta); | |
66 | ||
67 | // if meta tag is found | |
68 | if (!empty($meta[0])) { | |
69 | // retrieve encoding in $enc | |
70 | preg_match('#charset="?(.*)"#si', $meta[0], $enc); | |
71 | ||
72 | // if charset is found set it otherwise, set it to utf-8 | |
73 | $html_charset = (!empty($enc[1])) ? strtolower($enc[1]) : 'utf-8'; | |
74 | ||
75 | } else { | |
76 | $html_charset = 'utf-8'; | |
77 | $enc[1] = ''; | |
78 | } | |
79 | ||
80 | // replace charset of url to charset of page | |
81 | $data = str_replace('charset='.$enc[1], 'charset='.$html_charset, $data); | |
82 | ||
83 | return $data; | |
84 | } | |
85 | else { | |
86 | return FALSE; | |
87 | } | |
3c8d80ae | 88 | } |
89 | ||
8046748b | 90 | /** |
91 | * Préparation de l'URL avec récupération du contenu avant insertion en base | |
92 | */ | |
3c8d80ae | 93 | function prepare_url($url) |
94 | { | |
95 | $parametres = array(); | |
96 | $url = html_entity_decode(trim($url)); | |
97 | ||
98 | // We remove the annoying parameters added by FeedBurner and GoogleFeedProxy (?utm_source=...) | |
99 | // from shaarli, by sebsauvage | |
100 | $i=strpos($url,'&utm_source='); if ($i!==false) $url=substr($url,0,$i); | |
101 | $i=strpos($url,'?utm_source='); if ($i!==false) $url=substr($url,0,$i); | |
102 | $i=strpos($url,'#xtor=RSS-'); if ($i!==false) $url=substr($url,0,$i); | |
103 | ||
104 | $title = $url; | |
105 | if (!preg_match('!^https?://!i', $url)) | |
106 | $url = 'http://' . $url; | |
107 | ||
108 | $html = Encoding::toUTF8(get_external_file($url,15)); | |
109 | if (isset($html) and strlen($html) > 0) | |
110 | { | |
111 | $r = new Readability($html, $url); | |
112 | if($r->init()) | |
113 | { | |
114 | $title = $r->articleTitle->innerHTML; | |
115 | } | |
116 | } | |
117 | ||
118 | $parametres['title'] = $title; | |
119 | $parametres['content'] = $r->articleContent->innerHTML; | |
120 | ||
121 | return $parametres; | |
263d6c67 | 122 | } |
123 | ||
124 | /** | |
125 | * Appel d'une action (mark as fav, archive, delete) | |
126 | */ | |
cf3180f6 | 127 | function action_to_do($action, $id, $url, $token) |
263d6c67 | 128 | { |
129 | global $db; | |
130 | ||
131 | switch ($action) | |
132 | { | |
133 | case 'add': | |
134 | if ($url == '') | |
135 | continue; | |
136 | ||
137 | $parametres_url = prepare_url($url); | |
138 | $sql_action = 'INSERT INTO entries ( url, title, content ) VALUES (?, ?, ?)'; | |
139 | $params_action = array($url, $parametres_url['title'], $parametres_url['content']); | |
140 | break; | |
141 | case 'delete': | |
cf3180f6 | 142 | if (verif_token($token)) { |
143 | $sql_action = "DELETE FROM entries WHERE id=?"; | |
144 | $params_action = array($id); | |
145 | } | |
713b2d69 | 146 | else logm('csrf problem while deleting entry'); |
263d6c67 | 147 | break; |
139769aa | 148 | case 'toggle_fav' : |
149 | if (verif_token($token)) { | |
150 | $sql_action = "UPDATE entries SET is_fav=~is_fav WHERE id=?"; | |
151 | $params_action = array($id); | |
152 | } | |
713b2d69 | 153 | else logm('csrf problem while fav entry'); |
139769aa | 154 | break; |
155 | case 'toggle_archive' : | |
156 | if (verif_token($token)) { | |
157 | $sql_action = "UPDATE entries SET is_read=~is_read WHERE id=?"; | |
158 | $params_action = array($id); | |
159 | } | |
713b2d69 | 160 | else logm('csrf problem while archive entry'); |
139769aa | 161 | break; |
263d6c67 | 162 | default: |
163 | break; | |
164 | } | |
165 | ||
166 | try | |
167 | { | |
168 | # action query | |
169 | if (isset($sql_action)) | |
170 | { | |
171 | $query = $db->getHandle()->prepare($sql_action); | |
172 | $query->execute($params_action); | |
173 | } | |
174 | } | |
175 | catch (Exception $e) | |
176 | { | |
713b2d69 | 177 | logm('action query error : '.$e->getMessage()); |
263d6c67 | 178 | } |
179 | } | |
180 | ||
181 | /** | |
182 | * Détermine quels liens afficher : home, fav ou archives | |
183 | */ | |
9fee2e72 | 184 | function display_view($view) |
263d6c67 | 185 | { |
186 | global $db; | |
187 | ||
139769aa | 188 | switch ($_SESSION['sort']) |
189 | { | |
190 | case 'ia': | |
191 | $order = 'ORDER BY id'; | |
192 | break; | |
193 | case 'id': | |
194 | $order = 'ORDER BY id DESC'; | |
195 | break; | |
196 | case 'ta': | |
197 | $order = 'ORDER BY lower(title)'; | |
198 | break; | |
199 | case 'td': | |
200 | $order = 'ORDER BY lower(title) DESC'; | |
201 | break; | |
202 | default: | |
203 | $order = 'ORDER BY id'; | |
204 | break; | |
205 | } | |
206 | ||
9fee2e72 | 207 | switch ($view) |
263d6c67 | 208 | { |
209 | case 'archive': | |
139769aa | 210 | $sql = "SELECT * FROM entries WHERE is_read=? " . $order; |
263d6c67 | 211 | $params = array(-1); |
212 | break; | |
213 | case 'fav' : | |
139769aa | 214 | $sql = "SELECT * FROM entries WHERE is_fav=? " . $order; |
263d6c67 | 215 | $params = array(-1); |
216 | break; | |
217 | default: | |
139769aa | 218 | $sql = "SELECT * FROM entries WHERE is_read=? " . $order; |
263d6c67 | 219 | $params = array(0); |
220 | break; | |
221 | } | |
222 | ||
223 | # view query | |
224 | try | |
225 | { | |
226 | $query = $db->getHandle()->prepare($sql); | |
227 | $query->execute($params); | |
228 | $entries = $query->fetchAll(); | |
229 | } | |
230 | catch (Exception $e) | |
231 | { | |
713b2d69 | 232 | logm('view query error : '.$e->getMessage()); |
263d6c67 | 233 | } |
234 | ||
235 | return $entries; | |
236 | } | |
237 | ||
238 | /** | |
239 | * Récupère un article en fonction d'un ID | |
240 | */ | |
241 | function get_article($id) | |
242 | { | |
243 | global $db; | |
244 | ||
245 | $entry = NULL; | |
246 | $sql = "SELECT * FROM entries WHERE id=?"; | |
247 | $params = array(intval($id)); | |
248 | ||
249 | # view article query | |
250 | try | |
251 | { | |
252 | $query = $db->getHandle()->prepare($sql); | |
253 | $query->execute($params); | |
254 | $entry = $query->fetchAll(); | |
255 | } | |
256 | catch (Exception $e) | |
257 | { | |
713b2d69 | 258 | logm('get article query error : '.$e->getMessage()); |
263d6c67 | 259 | } |
260 | ||
261 | return $entry; | |
cf3180f6 | 262 | } |
263 | ||
264 | /** | |
265 | * Vérifie si le jeton passé en $_POST correspond à celui en session | |
266 | */ | |
267 | function verif_token($token) | |
268 | { | |
269 | if(isset($_SESSION['token_poche']) && isset($_SESSION['token_time_poche']) && isset($token)) | |
270 | { | |
271 | if($_SESSION['token_poche'] == $token) | |
272 | { | |
273 | $old_timestamp = time() - (15*60); | |
274 | if($_SESSION['token_time_poche'] >= $old_timestamp) | |
275 | { | |
276 | return TRUE; | |
277 | } | |
643e3037 | 278 | else { |
279 | session_destroy(); | |
713b2d69 | 280 | logm('session expired'); |
643e3037 | 281 | } |
cf3180f6 | 282 | } |
713b2d69 | 283 | else { |
284 | logm('token error : the token is different'); | |
285 | return FALSE; | |
286 | } | |
287 | } | |
288 | else { | |
289 | logm('token error : the token is not here'); | |
290 | return FALSE; | |
cf3180f6 | 291 | } |
713b2d69 | 292 | } |
293 | ||
294 | function logm($message) | |
295 | { | |
296 | $t = strval(date('Y/m/d_H:i:s')).' - '.$_SERVER["REMOTE_ADDR"].' - '.strval($message)."\n"; | |
297 | file_put_contents($GLOBALS['config']['DATADIR'].'/log.txt',$t,FILE_APPEND); | |
c8bbe19b | 298 | } |