]>
Commit | Line | Data |
---|---|---|
24619534 | 1 | <?php |
2 | ||
c8bbe19b | 3 | /** |
4 | * Permet de générer l'URL de poche pour le bookmarklet | |
5 | */ | |
8046748b | 6 | function get_poche_url() |
c8bbe19b | 7 | { |
8 | $protocol = "http"; | |
9 | if(isset($_SERVER['HTTPS'])) { | |
10 | if($_SERVER['HTTPS'] != "off") { | |
11 | $protocol = "https"; | |
12 | } | |
13 | } | |
24619534 | 14 | |
c8bbe19b | 15 | return $protocol . "://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; |
24619534 | 16 | } |
17 | ||
24619534 | 18 | // function define to retrieve url content |
c8bbe19b | 19 | function get_external_file($url, $timeout) |
20 | { | |
24619534 | 21 | // spoofing FireFox 18.0 |
22 | $useragent="Mozilla/5.0 (Windows NT 5.1; rv:18.0) Gecko/20100101 Firefox/18.0"; | |
23 | ||
24 | if (in_array ('curl', get_loaded_extensions())) { | |
25 | // Fetch feed from URL | |
26 | $curl = curl_init(); | |
27 | curl_setopt($curl, CURLOPT_URL, $url); | |
28 | curl_setopt($curl, CURLOPT_TIMEOUT, $timeout); | |
29 | curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true); | |
30 | curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); | |
31 | curl_setopt($curl, CURLOPT_HEADER, false); | |
32 | ||
33 | // FeedBurner requires a proper USER-AGENT... | |
34 | curl_setopt($curl, CURL_HTTP_VERSION_1_1, true); | |
35 | curl_setopt($curl, CURLOPT_ENCODING, "gzip, deflate"); | |
36 | curl_setopt($curl, CURLOPT_USERAGENT, $useragent); | |
37 | ||
38 | $data = curl_exec($curl); | |
39 | ||
40 | $httpcode = curl_getinfo($curl, CURLINFO_HTTP_CODE); | |
41 | ||
42 | $httpcodeOK = isset($httpcode) and ($httpcode == 200 or $httpcode == 301); | |
43 | ||
44 | curl_close($curl); | |
45 | } else { | |
46 | ||
47 | // create http context and add timeout and user-agent | |
48 | $context = stream_context_create(array('http'=>array('timeout' => $timeout, // Timeout : time until we stop waiting for the response. | |
139769aa | 49 | 'header'=> "User-Agent: ".$useragent, // spoot Mozilla Firefox |
50 | 'follow_location' => true | |
51 | ))); | |
24619534 | 52 | |
53 | // only download page lesser than 4MB | |
54 | $data = @file_get_contents($url, false, $context, -1, 4000000); // We download at most 4 MB from source. | |
24619534 | 55 | |
56 | if(isset($http_response_header) and isset($http_response_header[0])) { | |
57 | $httpcodeOK = isset($http_response_header) and isset($http_response_header[0]) and ((strpos($http_response_header[0], '200 OK') !== FALSE) or (strpos($http_response_header[0], '301 Moved Permanently') !== FALSE)); | |
58 | } | |
59 | } | |
60 | ||
61 | // if response is not empty and response is OK | |
62 | if (isset($data) and isset($httpcodeOK) and $httpcodeOK ) { | |
63 | ||
64 | // take charset of page and get it | |
65 | preg_match('#<meta .*charset=.*>#Usi', $data, $meta); | |
66 | ||
67 | // if meta tag is found | |
68 | if (!empty($meta[0])) { | |
69 | // retrieve encoding in $enc | |
70 | preg_match('#charset="?(.*)"#si', $meta[0], $enc); | |
71 | ||
72 | // if charset is found set it otherwise, set it to utf-8 | |
73 | $html_charset = (!empty($enc[1])) ? strtolower($enc[1]) : 'utf-8'; | |
74 | ||
75 | } else { | |
76 | $html_charset = 'utf-8'; | |
77 | $enc[1] = ''; | |
78 | } | |
79 | ||
80 | // replace charset of url to charset of page | |
81 | $data = str_replace('charset='.$enc[1], 'charset='.$html_charset, $data); | |
82 | ||
83 | return $data; | |
84 | } | |
85 | else { | |
86 | return FALSE; | |
87 | } | |
3c8d80ae | 88 | } |
89 | ||
8046748b | 90 | /** |
91 | * Préparation de l'URL avec récupération du contenu avant insertion en base | |
92 | */ | |
3c8d80ae | 93 | function prepare_url($url) |
94 | { | |
95 | $parametres = array(); | |
96 | $url = html_entity_decode(trim($url)); | |
97 | ||
98 | // We remove the annoying parameters added by FeedBurner and GoogleFeedProxy (?utm_source=...) | |
99 | // from shaarli, by sebsauvage | |
100 | $i=strpos($url,'&utm_source='); if ($i!==false) $url=substr($url,0,$i); | |
101 | $i=strpos($url,'?utm_source='); if ($i!==false) $url=substr($url,0,$i); | |
102 | $i=strpos($url,'#xtor=RSS-'); if ($i!==false) $url=substr($url,0,$i); | |
103 | ||
104 | $title = $url; | |
105 | if (!preg_match('!^https?://!i', $url)) | |
106 | $url = 'http://' . $url; | |
107 | ||
108 | $html = Encoding::toUTF8(get_external_file($url,15)); | |
109 | if (isset($html) and strlen($html) > 0) | |
110 | { | |
111 | $r = new Readability($html, $url); | |
112 | if($r->init()) | |
113 | { | |
114 | $title = $r->articleTitle->innerHTML; | |
115 | } | |
116 | } | |
117 | ||
118 | $parametres['title'] = $title; | |
119 | $parametres['content'] = $r->articleContent->innerHTML; | |
120 | ||
121 | return $parametres; | |
263d6c67 | 122 | } |
123 | ||
124 | /** | |
125 | * Appel d'une action (mark as fav, archive, delete) | |
126 | */ | |
cf3180f6 | 127 | function action_to_do($action, $id, $url, $token) |
263d6c67 | 128 | { |
129 | global $db; | |
130 | ||
131 | switch ($action) | |
132 | { | |
133 | case 'add': | |
134 | if ($url == '') | |
135 | continue; | |
136 | ||
137 | $parametres_url = prepare_url($url); | |
138 | $sql_action = 'INSERT INTO entries ( url, title, content ) VALUES (?, ?, ?)'; | |
139 | $params_action = array($url, $parametres_url['title'], $parametres_url['content']); | |
a81cd067 | 140 | logm('add link ' . $url); |
263d6c67 | 141 | break; |
142 | case 'delete': | |
cf3180f6 | 143 | if (verif_token($token)) { |
144 | $sql_action = "DELETE FROM entries WHERE id=?"; | |
145 | $params_action = array($id); | |
a81cd067 | 146 | logm('delete link #' . $id); |
cf3180f6 | 147 | } |
713b2d69 | 148 | else logm('csrf problem while deleting entry'); |
263d6c67 | 149 | break; |
139769aa | 150 | case 'toggle_fav' : |
151 | if (verif_token($token)) { | |
152 | $sql_action = "UPDATE entries SET is_fav=~is_fav WHERE id=?"; | |
153 | $params_action = array($id); | |
a81cd067 | 154 | logm('mark as favorite link #' . $id); |
139769aa | 155 | } |
713b2d69 | 156 | else logm('csrf problem while fav entry'); |
139769aa | 157 | break; |
158 | case 'toggle_archive' : | |
159 | if (verif_token($token)) { | |
160 | $sql_action = "UPDATE entries SET is_read=~is_read WHERE id=?"; | |
161 | $params_action = array($id); | |
a81cd067 | 162 | logm('archive link #' . $id); |
139769aa | 163 | } |
713b2d69 | 164 | else logm('csrf problem while archive entry'); |
139769aa | 165 | break; |
263d6c67 | 166 | default: |
167 | break; | |
168 | } | |
169 | ||
170 | try | |
171 | { | |
172 | # action query | |
173 | if (isset($sql_action)) | |
174 | { | |
175 | $query = $db->getHandle()->prepare($sql_action); | |
176 | $query->execute($params_action); | |
177 | } | |
178 | } | |
179 | catch (Exception $e) | |
180 | { | |
713b2d69 | 181 | logm('action query error : '.$e->getMessage()); |
263d6c67 | 182 | } |
183 | } | |
184 | ||
185 | /** | |
186 | * Détermine quels liens afficher : home, fav ou archives | |
187 | */ | |
9fee2e72 | 188 | function display_view($view) |
263d6c67 | 189 | { |
190 | global $db; | |
191 | ||
139769aa | 192 | switch ($_SESSION['sort']) |
193 | { | |
194 | case 'ia': | |
195 | $order = 'ORDER BY id'; | |
196 | break; | |
197 | case 'id': | |
198 | $order = 'ORDER BY id DESC'; | |
199 | break; | |
200 | case 'ta': | |
201 | $order = 'ORDER BY lower(title)'; | |
202 | break; | |
203 | case 'td': | |
204 | $order = 'ORDER BY lower(title) DESC'; | |
205 | break; | |
206 | default: | |
207 | $order = 'ORDER BY id'; | |
208 | break; | |
209 | } | |
210 | ||
9fee2e72 | 211 | switch ($view) |
263d6c67 | 212 | { |
213 | case 'archive': | |
139769aa | 214 | $sql = "SELECT * FROM entries WHERE is_read=? " . $order; |
263d6c67 | 215 | $params = array(-1); |
216 | break; | |
217 | case 'fav' : | |
139769aa | 218 | $sql = "SELECT * FROM entries WHERE is_fav=? " . $order; |
263d6c67 | 219 | $params = array(-1); |
220 | break; | |
221 | default: | |
139769aa | 222 | $sql = "SELECT * FROM entries WHERE is_read=? " . $order; |
263d6c67 | 223 | $params = array(0); |
224 | break; | |
225 | } | |
226 | ||
227 | # view query | |
228 | try | |
229 | { | |
230 | $query = $db->getHandle()->prepare($sql); | |
231 | $query->execute($params); | |
232 | $entries = $query->fetchAll(); | |
233 | } | |
234 | catch (Exception $e) | |
235 | { | |
713b2d69 | 236 | logm('view query error : '.$e->getMessage()); |
263d6c67 | 237 | } |
238 | ||
239 | return $entries; | |
240 | } | |
241 | ||
242 | /** | |
243 | * Récupère un article en fonction d'un ID | |
244 | */ | |
245 | function get_article($id) | |
246 | { | |
247 | global $db; | |
248 | ||
249 | $entry = NULL; | |
250 | $sql = "SELECT * FROM entries WHERE id=?"; | |
251 | $params = array(intval($id)); | |
252 | ||
253 | # view article query | |
254 | try | |
255 | { | |
256 | $query = $db->getHandle()->prepare($sql); | |
257 | $query->execute($params); | |
258 | $entry = $query->fetchAll(); | |
259 | } | |
260 | catch (Exception $e) | |
261 | { | |
713b2d69 | 262 | logm('get article query error : '.$e->getMessage()); |
263d6c67 | 263 | } |
264 | ||
265 | return $entry; | |
cf3180f6 | 266 | } |
267 | ||
268 | /** | |
269 | * Vérifie si le jeton passé en $_POST correspond à celui en session | |
270 | */ | |
271 | function verif_token($token) | |
272 | { | |
273 | if(isset($_SESSION['token_poche']) && isset($_SESSION['token_time_poche']) && isset($token)) | |
274 | { | |
275 | if($_SESSION['token_poche'] == $token) | |
276 | { | |
277 | $old_timestamp = time() - (15*60); | |
278 | if($_SESSION['token_time_poche'] >= $old_timestamp) | |
279 | { | |
280 | return TRUE; | |
281 | } | |
643e3037 | 282 | else { |
283 | session_destroy(); | |
713b2d69 | 284 | logm('session expired'); |
643e3037 | 285 | } |
cf3180f6 | 286 | } |
713b2d69 | 287 | else { |
288 | logm('token error : the token is different'); | |
289 | return FALSE; | |
290 | } | |
291 | } | |
292 | else { | |
293 | logm('token error : the token is not here'); | |
294 | return FALSE; | |
cf3180f6 | 295 | } |
713b2d69 | 296 | } |
297 | ||
298 | function logm($message) | |
299 | { | |
300 | $t = strval(date('Y/m/d_H:i:s')).' - '.$_SERVER["REMOTE_ADDR"].' - '.strval($message)."\n"; | |
a81cd067 | 301 | file_put_contents('./log.txt',$t,FILE_APPEND); |
c8bbe19b | 302 | } |