]> git.immae.eu Git - github/wallabag/wallabag.git/blame - inc/poche/Poche.class.php
fix #1209
[github/wallabag/wallabag.git] / inc / poche / Poche.class.php
CommitLineData
eb1af592
NL
1<?php
2/**
c95b78a8 3 * wallabag, self hostable application allowing you to not miss any content anymore
eb1af592 4 *
c95b78a8
NL
5 * @category wallabag
6 * @author Nicolas Lœuillet <nicolas@loeuillet.org>
eb1af592 7 * @copyright 2013
3602405e 8 * @license http://opensource.org/licenses/MIT see COPYING file
eb1af592
NL
9 */
10
11class Poche
12{
3602405e
NL
13 /**
14 * @var User
15 */
7ce7ec4c 16 public $user;
3602405e
NL
17 /**
18 * @var Database
19 */
eb1af592 20 public $store;
3602405e
NL
21 /**
22 * @var Template
23 */
eb1af592 24 public $tpl;
3602405e
NL
25 /**
26 * @var Language
27 */
28 public $language;
29 /**
30 * @var Routing
31 */
32 public $routing;
33 /**
34 * @var Messages
35 */
55821e04 36 public $messages;
3602405e
NL
37 /**
38 * @var Paginator
39 */
6a361945 40 public $pagination;
182faf26 41
00dbaf90 42 public function __construct()
eb1af592 43 {
3602405e 44 $this->init();
eb1af592 45 }
182faf26
MR
46
47 private function init()
00dbaf90
NL
48 {
49 Tools::initPhp();
eb1af592 50
3602405e
NL
51 $pocheUser = Session::getParam('poche_user');
52
53 if ($pocheUser && $pocheUser != array()) {
54 $this->user = $pocheUser;
00dbaf90 55 } else {
3602405e 56 // fake user, just for install & login screens
00dbaf90
NL
57 $this->user = new User();
58 $this->user->setConfig($this->getDefaultConfig());
59 }
60
3602405e
NL
61 $this->pagination = new Paginator($this->user->getConfigValue('pager'), 'p');
62 $this->language = new Language($this);
63 $this->tpl = new Template($this);
64 $this->store = new Database();
65 $this->messages = new Messages();
66 $this->routing = new Routing($this);
00dbaf90 67 }
182faf26 68
3602405e
NL
69 public function run()
70 {
71 $this->routing->run();
00dbaf90 72 }
182faf26 73
4a291288 74 /**
3602405e 75 * Creates a new user
4a291288 76 */
3e1daa4c 77 public function createNewUser($username, $password, $email = "", $internalRegistration = false)
eb1af592 78 {
121691e9 79 Tools::logm('Trying to create a new user...');
2f26729c
NL
80 if (!empty($username) && !empty($password)){
81 $newUsername = filter_var($username, FILTER_SANITIZE_STRING);
046b9316 82 $email = filter_var($email, FILTER_SANITIZE_STRING);
2f26729c 83 if (!$this->store->userExists($newUsername)){
046b9316 84 if ($this->store->install($newUsername, Tools::encodeString($password . $newUsername), $email)) {
6cb5e1c9
TC
85 if ($email != "") { // if email is filled
86 if (SEND_CONFIRMATION_EMAIL && function_exists('mail')) {
87
698eda73 88 // if internal registration from config screen
6cb5e1c9
TC
89 $body_internal = _('Hi,') . "\r\n\r\n" . sprintf(_('Someone just created a wallabag account for you on %1$s.'), Tools::getPocheUrl()) .
90 "\r\n\r\n" . sprintf(_('Your login is %1$s.'), $newUsername) ."\r\n\r\n" .
91 _('Note : The password has been chosen by the person who created your account. Get in touch with that person to know your password and change it as soon as possible') . "\r\n\r\n" .
92 _('Have fun with it !') . "\r\n\r\n" .
93 _('This is an automatically generated message, no one will answer if you respond to it.');
3e1daa4c 94
6cb5e1c9 95 // if external (public) registration
f2321633
TC
96 $body = sprintf(_('Hi, %1$s'), $newUsername) . "\r\n\r\n" .
97 sprintf(_('You\'ve just created a wallabag account on %1$s.'), Tools::getPocheUrl()) .
98 "\r\n\r\n" . _("Have fun with it !");
698eda73 99
6cb5e1c9
TC
100 $body = $internalRegistration ? $body_internal : $body;
101
102 $body = wordwrap($body, 70, "\r\n"); // cut lines with more than 70 caracters (MIME standard)
103 if (mail($email, sprintf(_('Your new wallabag account on %1$s'), Tools::getPocheUrl()), $body,
104 'X-Mailer: PHP/' . phpversion() . "\r\n" .
105 'Content-type: text/plain; charset=UTF-8' . "\r\n" .
106 "From: " . $newUsername . "@" . gethostname() . "\r\n")) {
107 Tools::logm('The user ' . $newUsername . ' has been emailed');
108 $this->messages->add('i', sprintf(_('The new user %1$s has been sent an email at %2$s. You may have to check spam folder.'), $newUsername, $email));
698eda73 109 Tools::redirect('?');
6cb5e1c9
TC
110
111 } else {
112 Tools::logm('A problem has been encountered while sending an email');
113 $this->messages->add('e', _('A problem has been encountered while sending an email'));
114 }
3e1daa4c 115 } else {
6cb5e1c9 116 Tools::logm('The user has been created, but the server did not authorize sending emails');
952faeeb 117 $this->messages->add('i', _('The server did not authorize sending a confirmation email, but the user was created.'));
3e1daa4c 118 }
6cb5e1c9
TC
119 } else {
120 Tools::logm('The user has been created, but no email was saved, so no confimation email was sent');
121 $this->messages->add('i', _('The user was created, but no email was sent because email was not filled in'));
122 }
3e1daa4c 123 Tools::logm('The new user ' . $newUsername . ' has been installed');
f2321633
TC
124 if (\Session::isLogged()) {
125 $this->messages->add('s', sprintf(_('The new user %s has been installed. Do you want to <a href="?logout">logout ?</a>'), $newUsername));
126 }
3e1daa4c 127 Tools::redirect();
4d99bae8 128 }
129 else {
2f26729c 130 Tools::logm('error during adding new user');
4d99bae8 131 Tools::redirect();
132 }
133 }
2f26729c
NL
134 else {
135 $this->messages->add('e', sprintf(_('Error : An user with the name %s already exists !'), $newUsername));
136 Tools::logm('An user with the name ' . $newUsername . ' already exists !');
137 Tools::redirect();
138 }
4d99bae8 139 }
121691e9
TC
140 else {
141 Tools::logm('Password or username were empty');
142 }
4d99bae8 143 }
b6413975 144
3602405e
NL
145 /**
146 * Delete an existing user
147 */
2f26729c 148 public function deleteUser($password)
3602405e 149 {
2f26729c
NL
150 if ($this->store->listUsers() > 1) {
151 if (Tools::encodeString($password . $this->user->getUsername()) == $this->store->getUserPassword($this->user->getId())) {
152 $username = $this->user->getUsername();
153 $this->store->deleteUserConfig($this->user->getId());
154 Tools::logm('The configuration for user '. $username .' has been deleted !');
155 $this->store->deleteTagsEntriesAndEntries($this->user->getId());
156 Tools::logm('The entries for user '. $username .' has been deleted !');
157 $this->store->deleteUser($this->user->getId());
158 Tools::logm('User '. $username .' has been completely deleted !');
159 Session::logout();
160 Tools::logm('logout');
161 Tools::redirect();
162 $this->messages->add('s', sprintf(_('User %s has been successfully deleted !'), $username));
4d99bae8 163 }
164 else {
2f26729c
NL
165 Tools::logm('Bad password !');
166 $this->messages->add('e', _('Error : The password is wrong !'));
4d99bae8 167 }
168 }
2f26729c
NL
169 else {
170 Tools::logm('Only user !');
171 $this->messages->add('e', _('Error : You are the only user, you cannot delete your account !'));
172 }
4d99bae8 173 }
eb1af592 174
8d3275be 175 public function getDefaultConfig()
182faf26 176 {
8d3275be
NL
177 return array(
178 'pager' => PAGINATION,
179 'language' => LANG,
00dbaf90
NL
180 'theme' => DEFAULT_THEME
181 );
8d3275be
NL
182 }
183
eb1af592
NL
184 /**
185 * Call action (mark as fav, archive, delete, etc.)
186 */
926acd7b 187 public function action($action, Url $url, $id = 0, $import = FALSE, $autoclose = FALSE, $tags = null)
eb1af592
NL
188 {
189 switch ($action)
190 {
191 case 'add':
a297fb1e
MR
192 $content = Tools::getPageContent($url);
193 $title = ($content['rss']['channel']['item']['title'] != '') ? $content['rss']['channel']['item']['title'] : _('Untitled');
194 $body = $content['rss']['channel']['item']['description'];
195
196 // clean content from prevent xss attack
2f26729c 197 $purifier = $this->_getPurifier();
a297fb1e
MR
198 $title = $purifier->purify($title);
199 $body = $purifier->purify($body);
1570a653 200
182faf26 201 //search for possible duplicate
8d7cd2cc 202 $duplicate = NULL;
8cebef88 203 $clean_url = $url->getUrl();
488fc63b 204
8cebef88
TC
205 // Clean URL to remove parameters from feedburner and all this stuff. Taken from Shaarli.
206 $i=strpos($clean_url,'&utm_source='); if ($i!==false) $clean_url=substr($clean_url,0,$i);
207 $i=strpos($clean_url,'?utm_source='); if ($i!==false) $clean_url=substr($clean_url,0,$i);
208 $i=strpos($clean_url,'#xtor=RSS-'); if ($i!==false) $clean_url=substr($clean_url,0,$i);
209
210 $duplicate = $this->store->retrieveOneByURL($clean_url, $this->user->getId());
211
212 $last_id = $this->store->add($clean_url, $title, $body, $this->user->getId());
a297fb1e 213 if ( $last_id ) {
8cebef88 214 Tools::logm('add link ' . $clean_url);
ec397236 215 if (DOWNLOAD_PICTURES) {
8cebef88 216 $content = Picture::filterPicture($body, $clean_url, $last_id);
ec397236
NL
217 Tools::logm('updating content article');
218 $this->store->updateContent($last_id, $content, $this->user->getId());
219 }
488fc63b
MR
220
221 if ($duplicate != NULL) {
222 // duplicate exists, so, older entry needs to be deleted (as new entry should go to the top of list), BUT favorite mark and tags should be preserved
8cebef88 223 Tools::logm('link ' . $clean_url . ' is a duplicate');
488fc63b
MR
224 // 1) - preserve tags and favorite, then drop old entry
225 $this->store->reassignTags($duplicate['id'], $last_id);
226 if ($duplicate['is_fav']) {
227 $this->store->favoriteById($last_id, $this->user->getId());
228 }
229 if ($this->store->deleteById($duplicate['id'], $this->user->getId())) {
8cebef88 230 Tools::logm('previous link ' . $clean_url .' entry deleted');
488fc63b
MR
231 }
232 }
233
7f782e44 234 // if there are tags, add them to the new article
235 if (isset($_GET['tags'])) {
236 $_POST['value'] = $_GET['tags'];
237 $_POST['entry_id'] = $last_id;
238 $this->action('add_tag', $url);
239 }
240
182faf26 241 $this->messages->add('s', _('the link has been added successfully'));
eb1af592
NL
242 }
243 else {
a297fb1e 244 $this->messages->add('e', _('error during insertion : the link wasn\'t added'));
8cebef88 245 Tools::logm('error during insertion : the link wasn\'t added ' . $clean_url);
b916bcfc 246 }
ec397236 247
a297fb1e 248 if ($autoclose == TRUE) {
1c911789 249 Tools::redirect('?view=home&closewin=true');
a297fb1e 250 } else {
1c911789 251 Tools::redirect('?view=home');
eb1af592 252 }
3052cfb7 253 return $last_id;
eb1af592
NL
254 break;
255 case 'delete':
512e5e5b 256 if (isset($_GET['search'])) {
257 //when we want to apply a delete to a search
258 $tags = array($_GET['search']);
259 $allentry_ids = $this->store->search($tags[0], $this->user->getId());
260 $entry_ids = array();
261 foreach ($allentry_ids as $eachentry) {
262 $entry_ids[] = $eachentry[0];
eb1af592 263 }
512e5e5b 264 } else { // delete a single article
265 $entry_ids = array($id);
eb1af592 266 }
512e5e5b 267 foreach($entry_ids as $id) {
268 $msg = 'delete link #' . $id;
a7be9470
TC
269
270 // deleting tags and tags_entries
271 $tags = $this->store->retrieveTagsByEntry($id);
272 foreach ($tags as $tag) {
273 $this->store->removeTagForEntry($id, $tag['id']);
274 $this->store->cleanUnusedTag($tag['id']);
275 }
276
277 // deleting pictures
512e5e5b 278 if ($this->store->deleteById($id, $this->user->getId())) {
279 if (DOWNLOAD_PICTURES) {
280 Picture::removeDirectory(ABS_PATH . $id);
281 }
282 $this->messages->add('s', _('the link has been deleted successfully'));
283 }
284 else {
285 $this->messages->add('e', _('the link wasn\'t deleted'));
286 $msg = 'error : can\'t delete link #' . $id;
287 }
288 Tools::logm($msg);
eb1af592 289 }
63fc40ff 290 Tools::redirect();
eb1af592
NL
291 break;
292 case 'toggle_fav' :
8d3275be 293 $this->store->favoriteById($id, $this->user->getId());
eb1af592 294 Tools::logm('mark as favorite link #' . $id);
c2cf7075
MR
295 if ( Tools::isAjaxRequest() ) {
296 echo 1;
297 exit;
298 }
299 else {
300 Tools::redirect();
301 }
eb1af592
NL
302 break;
303 case 'toggle_archive' :
13c7f9a4 304 if (isset($_GET['tag_id'])) {
305 //when we want to archive a whole tag
306 $tag_id = $_GET['tag_id'];
307 $allentry_ids = $this->store->retrieveEntriesByTag($tag_id, $this->user->getId());
308 $entry_ids = array();
309 foreach ($allentry_ids as $eachentry) {
310 $entry_ids[] = $eachentry[0];
311 }
312 } else { //archive a single article
313 $entry_ids = array($id);
314 }
315 foreach($entry_ids as $id) {
316 $this->store->archiveById($id, $this->user->getId());
317 Tools::logm('archive link #' . $id);
318 }
c2cf7075
MR
319 if ( Tools::isAjaxRequest() ) {
320 echo 1;
321 exit;
059a3380 322 } else {
c2cf7075
MR
323 Tools::redirect();
324 }
eb1af592 325 break;
059a3380 326 case 'archive_and_next' :
8a66458b 327 $nextid = $this->store->getPreviousArticle($id, $this->user->getId());
059a3380
TC
328 $this->store->archiveById($id, $this->user->getId());
329 Tools::logm('archive link #' . $id);
330 Tools::redirect('?view=view&id=' . $nextid);
331 break;
f14807de
NL
332 case 'archive_all' :
333 $this->store->archiveAll($this->user->getId());
334 Tools::logm('archive all links');
a297fb1e 335 Tools::redirect();
f14807de 336 break;
c432fa16 337 case 'add_tag' :
decc23aa 338 if (isset($_GET['search'])) {
339 //when we want to apply a tag to a search
decc23aa 340 $tags = array($_GET['search']);
341 $allentry_ids = $this->store->search($tags[0], $this->user->getId());
342 $entry_ids = array();
343 foreach ($allentry_ids as $eachentry) {
344 $entry_ids[] = $eachentry[0];
345 }
346 } else { //add a tag to a single article
347 $tags = explode(',', $_POST['value']);
348 $entry_ids = array($_POST['entry_id']);
fb26cc93 349 }
decc23aa 350 foreach($entry_ids as $entry_id) {
351 $entry = $this->store->retrieveOneById($entry_id, $this->user->getId());
352 if (!$entry) {
353 $this->messages->add('e', _('Article not found!'));
354 Tools::logm('error : article not found');
355 Tools::redirect();
356 }
357 //get all already set tags to preven duplicates
358 $already_set_tags = array();
359 $entry_tags = $this->store->retrieveTagsByEntry($entry_id);
360 foreach ($entry_tags as $tag) {
361 $already_set_tags[] = $tag['value'];
362 }
363 foreach($tags as $key => $tag_value) {
364 $value = trim($tag_value);
365 if ($value && !in_array($value, $already_set_tags)) {
366 $tag = $this->store->retrieveTagByValue($value);
367 if (is_null($tag)) {
368 # we create the tag
369 $tag = $this->store->createTag($value);
370 $sequence = '';
371 if (STORAGE == 'postgres') {
372 $sequence = 'tags_id_seq';
373 }
374 $tag_id = $this->store->getLastId($sequence);
fb26cc93 375 }
decc23aa 376 else {
377 $tag_id = $tag['id'];
378 }
379
380 # we assign the tag to the article
381 $this->store->setTagToEntry($tag_id, $entry_id);
382 }
c432fa16 383 }
c432fa16 384 }
9c743ab9 385 $this->messages->add('s', _('The tag has been applied successfully'));
24696800 386 Tools::logm('The tag has been applied successfully');
a297fb1e 387 Tools::redirect();
c432fa16
NL
388 break;
389 case 'remove_tag' :
390 $tag_id = $_GET['tag_id'];
b89d5a2b
NL
391 $entry = $this->store->retrieveOneById($id, $this->user->getId());
392 if (!$entry) {
393 $this->messages->add('e', _('Article not found!'));
394 Tools::logm('error : article not found');
395 Tools::redirect();
396 }
c432fa16 397 $this->store->removeTagForEntry($id, $tag_id);
9c743ab9 398 Tools::logm('tag entry deleted');
24696800 399 if ($this->store->cleanUnusedTag($tag_id)) {
400 Tools::logm('tag deleted');
401 }
9c743ab9 402 $this->messages->add('s', _('The tag has been successfully deleted'));
c432fa16
NL
403 Tools::redirect();
404 break;
d4b6e20e 405
44b95cb8
TC
406 case 'reload_article' :
407 Tools::logm('reload article');
408 $id = $_GET['id'];
409 $entry = $this->store->retrieveOneById($id, $this->user->getId());
410 Tools::logm('reload url ' . $entry['url']);
411 $url = new Url(base64_encode($entry['url']));
412 $this->action('add', $url);
413 break;
414
e51487f9
TC
415 /* For some unknown reason I can't get displayView() to work here (it redirects to home view afterwards). So here's a dirty fix which redirects directly to URL */
416 case 'random':
e51487f9 417 Tools::logm('get a random article');
f76dab12
TC
418 $view = $_GET['view'];
419 if ($this->store->getRandomId($this->user->getId(),$view)) {
420 $id_array = $this->store->getRandomId($this->user->getId(),$view);
336797f3 421 $id = $id_array[0];
cdee5e65
TC
422 Tools::redirect('?view=view&id=' . $id[0]);
423 Tools::logm('got the article with id ' . $id[0]);
424 }
e51487f9 425 break;
eb1af592
NL
426 default:
427 break;
428 }
429 }
430
431 function displayView($view, $id = 0)
432 {
433 $tpl_vars = array();
434
435 switch ($view)
436 {
3c133bff
NL
437 case 'about':
438 break;
eb1af592 439 case 'config':
2f26729c 440 $dev_infos = $this->_getPocheVersion('dev');
11c680f9
NL
441 $dev = trim($dev_infos[0]);
442 $check_time_dev = date('d-M-Y H:i', $dev_infos[1]);
2f26729c 443 $prod_infos = $this->_getPocheVersion('prod');
11c680f9
NL
444 $prod = trim($prod_infos[0]);
445 $check_time_prod = date('d-M-Y H:i', $prod_infos[1]);
031df528
NL
446 $compare_dev = version_compare(POCHE, $dev);
447 $compare_prod = version_compare(POCHE, $prod);
3602405e
NL
448 $themes = $this->tpl->getInstalledThemes();
449 $languages = $this->language->getInstalledLanguages();
72c20a52 450 $token = $this->user->getConfigValue('token');
1810c13b 451 $http_auth = (isset($_SERVER['PHP_AUTH_USER']) || isset($_SERVER['REMOTE_USER'])) ? true : false;
4d99bae8 452 $only_user = ($this->store->listUsers() > 1) ? false : true;
32520785 453 $tpl_vars = array(
00dbaf90 454 'themes' => $themes,
5011388f 455 'languages' => $languages,
32520785
NL
456 'dev' => $dev,
457 'prod' => $prod,
11c680f9
NL
458 'check_time_dev' => $check_time_dev,
459 'check_time_prod' => $check_time_prod,
32520785
NL
460 'compare_dev' => $compare_dev,
461 'compare_prod' => $compare_prod,
72c20a52
NL
462 'token' => $token,
463 'user_id' => $this->user->getId(),
df6afaf0 464 'http_auth' => $http_auth,
4d99bae8 465 'only_user' => $only_user
32520785 466 );
eb1af592
NL
467 Tools::logm('config view');
468 break;
6cab59c3
NL
469 case 'edit-tags':
470 # tags
b89d5a2b
NL
471 $entry = $this->store->retrieveOneById($id, $this->user->getId());
472 if (!$entry) {
473 $this->messages->add('e', _('Article not found!'));
474 Tools::logm('error : article not found');
475 Tools::redirect();
476 }
6cab59c3 477 $tags = $this->store->retrieveTagsByEntry($id);
512ff180 478 $all_tags = $this->store->retrieveAllTags($this->user->getId());
ab87a7fe
TC
479 $maximus = 0;
480 foreach ($all_tags as $eachtag) { // search for the most times a tag is present
481 if ($eachtag["entriescount"] > $maximus) $maximus = $eachtag["entriescount"];
482 }
483 foreach ($all_tags as $key => $eachtag) { // get the percentage of presence of each tag
484 $percent = floor(($eachtag["entriescount"] / $maximus) * 100);
485
486 if ($percent < 20): // assign a css class, depending on the number of entries count
487 $cssclass = 'smallesttag';
488 elseif ($percent >= 20 and $percent < 40):
489 $cssclass = 'smalltag';
490 elseif ($percent >= 40 and $percent < 60):
491 $cssclass = 'mediumtag';
492 elseif ($percent >= 60 and $percent < 80):
493 $cssclass = 'largetag';
494 else:
495 $cssclass = 'largesttag';
496 endif;
497 $all_tags[$key]['cssclass'] = $cssclass;
498 }
6cab59c3 499 $tpl_vars = array(
c432fa16 500 'entry_id' => $id,
6cab59c3 501 'tags' => $tags,
512ff180 502 'alltags' => $all_tags,
032e0ca1 503 'entry' => $entry,
4886ed6d
NL
504 );
505 break;
2e2ebe5e 506 case 'tags':
f778e472 507 $token = $this->user->getConfigValue('token');
fb26cc93
MR
508 //if term is set - search tags for this term
509 $term = Tools::checkVar('term');
510 $tags = $this->store->retrieveAllTags($this->user->getId(), $term);
511 if (Tools::isAjaxRequest()) {
512 $result = array();
513 foreach ($tags as $tag) {
514 $result[] = $tag['value'];
515 }
516 echo json_encode($result);
517 exit;
518 }
2e2ebe5e 519 $tpl_vars = array(
f778e472
NL
520 'token' => $token,
521 'user_id' => $this->user->getId(),
2e2ebe5e
NL
522 'tags' => $tags,
523 );
524 break;
a4585f7e
MR
525 case 'search':
526 if (isset($_GET['search'])) {
527 $search = filter_var($_GET['search'], FILTER_SANITIZE_STRING);
528 $tpl_vars['entries'] = $this->store->search($search, $this->user->getId());
529 $count = count($tpl_vars['entries']);
530 $this->pagination->set_total($count);
531 $page_links = str_replace(array('previous', 'next'), array(_('previous'), _('next')),
532 $this->pagination->page_links('?view=' . $view . '?search=' . $search . '&sort=' . $_SESSION['sort'] . '&' ));
533 $tpl_vars['page_links'] = $page_links;
534 $tpl_vars['nb_results'] = $count;
ae27d0ff 535 $tpl_vars['searchterm'] = $search;
a4585f7e
MR
536 }
537 break;
eb1af592 538 case 'view':
8d3275be 539 $entry = $this->store->retrieveOneById($id, $this->user->getId());
eb1af592
NL
540 if ($entry != NULL) {
541 Tools::logm('view link #' . $id);
542 $content = $entry['content'];
543 if (function_exists('tidy_parse_string')) {
544 $tidy = tidy_parse_string($content, array('indent'=>true, 'show-body-only' => true), 'UTF8');
545 $tidy->cleanRepair();
546 $content = $tidy->value;
3408ed48 547 }
a3223127 548
3408ed48 549 # flattr checking
37cad522
TC
550 $flattr = NULL;
551 if (FLATTR) {
552 $flattr = new FlattrItem();
553 $flattr->checkItem($entry['url'], $entry['id']);
554 }
555
059a3380
TC
556 # previous and next
557 $previous = FALSE;
558 $previous_id = $this->store->getPreviousArticle($id, $this->user->getId());
559 $next = FALSE;
560 $next_id = $this->store->getNextArticle($id, $this->user->getId());
561
562 if ($this->store->retrieveOneById($previous_id, $this->user->getId())) {
563 $previous = TRUE;
564 }
565 if ($this->store->retrieveOneById($next_id, $this->user->getId())) {
566 $next = TRUE;
567 }
7f8f8271 568 $navigate = array('previous' => $previous, 'previousid' => $previous_id, 'next' => $next, 'nextid' => $next_id);
059a3380 569
7b171c73
NL
570 # tags
571 $tags = $this->store->retrieveTagsByEntry($entry['id']);
a3223127 572
3408ed48 573 $tpl_vars = array(
7b171c73
NL
574 'entry' => $entry,
575 'content' => $content,
576 'flattr' => $flattr,
059a3380
TC
577 'tags' => $tags,
578 'navigate' => $navigate
3408ed48 579 );
eb1af592
NL
580 }
581 else {
d8d1542e 582 Tools::logm('error in view call : entry is null');
eb1af592
NL
583 }
584 break;
032e0ca1 585 default: # home, favorites, archive and tag views
eb1af592 586 $tpl_vars = array(
3eb04903
N
587 'entries' => '',
588 'page_links' => '',
7f9f5281 589 'nb_results' => '',
6065553c 590 'listmode' => (isset($_COOKIE['listmode']) ? true : false),
f76dab12 591 'view' => $view,
eb1af592 592 );
182faf26 593
3602405e 594 //if id is given - we retrieve entries by tag: id is tag id
032e0ca1
MR
595 if ($id) {
596 $tpl_vars['tag'] = $this->store->retrieveTag($id, $this->user->getId());
597 $tpl_vars['id'] = intval($id);
598 }
599
600 $count = $this->store->getEntriesByViewCount($view, $this->user->getId(), $id);
601
602 if ($count > 0) {
603 $this->pagination->set_total($count);
c515ffec 604 $page_links = str_replace(array('previous', 'next'), array(_('previous'), _('next')),
032e0ca1
MR
605 $this->pagination->page_links('?view=' . $view . '&sort=' . $_SESSION['sort'] . (($id)?'&id='.$id:'') . '&' ));
606 $tpl_vars['entries'] = $this->store->getEntriesByView($view, $this->user->getId(), $this->pagination->get_limit(), $id);
3eb04903 607 $tpl_vars['page_links'] = $page_links;
032e0ca1 608 $tpl_vars['nb_results'] = $count;
3eb04903 609 }
6a361945 610 Tools::logm('display ' . $view . ' view');
eb1af592
NL
611 break;
612 }
613
614 return $tpl_vars;
615 }
c765c367 616
07ee09f4 617 /**
182faf26
MR
618 * update the password of the current user.
619 * if MODE_DEMO is TRUE, the password can't be updated.
07ee09f4
NL
620 * @todo add the return value
621 * @todo set the new password in function header like this updatePassword($newPassword)
622 * @return boolean
623 */
2f26729c 624 public function updatePassword($password, $confirmPassword)
c765c367 625 {
55821e04 626 if (MODE_DEMO) {
8d3275be 627 $this->messages->add('i', _('in demo mode, you can\'t update your password'));
55821e04 628 Tools::logm('in demo mode, you can\'t do this');
6a361945 629 Tools::redirect('?view=config');
55821e04
NL
630 }
631 else {
2f26729c
NL
632 if (isset($password) && isset($confirmPassword)) {
633 if ($password == $confirmPassword && !empty($password)) {
8d3275be 634 $this->messages->add('s', _('your password has been updated'));
2f26729c 635 $this->store->updatePassword($this->user->getId(), Tools::encodeString($password . $this->user->getUsername()));
c765c367 636 Session::logout();
8d3275be 637 Tools::logm('password updated');
c765c367
NL
638 Tools::redirect();
639 }
640 else {
8d3275be 641 $this->messages->add('e', _('the two fields have to be filled & the password must be the same in the two fields'));
6a361945 642 Tools::redirect('?view=config');
c765c367
NL
643 }
644 }
645 }
646 }
182faf26 647
df6afaf0 648 /**
2f26729c
NL
649 * Get credentials from differents sources
650 * It redirects the user to the $referer link
651 *
df6afaf0
DS
652 * @return array
653 */
2f26729c
NL
654 private function credentials()
655 {
656 if (isset($_SERVER['PHP_AUTH_USER'])) {
657 return array($_SERVER['PHP_AUTH_USER'], 'php_auth', true);
1810c13b 658 }
2f26729c
NL
659 if (!empty($_POST['login']) && !empty($_POST['password'])) {
660 return array($_POST['login'], $_POST['password'], false);
1810c13b 661 }
2f26729c
NL
662 if (isset($_SERVER['REMOTE_USER'])) {
663 return array($_SERVER['REMOTE_USER'], 'http_auth', true);
1810c13b 664 }
5cfafc61 665
2f26729c 666 return array(false, false, false);
6af66b11 667 }
df6afaf0 668
07ee09f4
NL
669 /**
670 * checks if login & password are correct and save the user in session.
671 * it redirects the user to the $referer link
672 * @param string $referer the url to redirect after login
673 * @todo add the return value
674 * @return boolean
675 */
c765c367
NL
676 public function login($referer)
677 {
6af66b11 678 list($login,$password,$isauthenticated)=$this->credentials();
df6afaf0
DS
679 if($login === false || $password === false) {
680 $this->messages->add('e', _('login failed: you have to fill all fields'));
681 Tools::logm('login failed');
682 Tools::redirect();
683 }
684 if (!empty($login) && !empty($password)) {
6af66b11 685 $user = $this->store->login($login, Tools::encodeString($password . $login), $isauthenticated);
7ce7ec4c
NL
686 if ($user != array()) {
687 # Save login into Session
6af66b11
MR
688 $longlastingsession = isset($_POST['longlastingsession']);
689 $passwordTest = ($isauthenticated) ? $user['password'] : Tools::encodeString($password . $login);
690 Session::login($user['username'], $user['password'], $login, $passwordTest, $longlastingsession, array('poche_user' => new User($user)));
9cf6bac1
NL
691
692 # reload l10n
693 $language = $user['config']['language'];
694 @putenv('LC_ALL=' . $language);
695 setlocale(LC_ALL, $language);
696 bindtextdomain($language, LOCALE);
697 textdomain($language);
98da2bc5 698 bind_textdomain_codeset($language, 'UTF-8');
9cf6bac1 699
26929c08 700 $this->messages->add('s', _('welcome to your wallabag'));
8d3275be 701 Tools::logm('login successful');
c765c367
NL
702 Tools::redirect($referer);
703 }
8d3275be 704 $this->messages->add('e', _('login failed: bad login or password'));
c86b40f0
GV
705 // log login failure in web server log to allow fail2ban usage
706 error_log('user '.$login.' authentication failure');
c765c367
NL
707 Tools::logm('login failed');
708 Tools::redirect();
c765c367
NL
709 }
710 }
711
07ee09f4
NL
712 /**
713 * log out the poche user. It cleans the session.
714 * @todo add the return value
182faf26 715 * @return boolean
07ee09f4 716 */
c765c367
NL
717 public function logout()
718 {
7ce7ec4c 719 $this->user = array();
c765c367 720 Session::logout();
b916bcfc 721 Tools::logm('logout');
c765c367
NL
722 Tools::redirect();
723 }
724
07ee09f4 725 /**
2f26729c 726 * import datas into your wallabag
182faf26 727 * @return boolean
07ee09f4 728 */
2f26729c 729
182faf26
MR
730 public function import() {
731
dc764892 732 if ( isset($_FILES['file']) && $_FILES['file']['tmp_name'] ) {
5ce39784
MR
733 Tools::logm('Import stated: parsing file');
734
182faf26
MR
735 // assume, that file is in json format
736 $str_data = file_get_contents($_FILES['file']['tmp_name']);
737 $data = json_decode($str_data, true);
738
739 if ( $data === null ) {
740 //not json - assume html
741 $html = new simple_html_dom();
742 $html->load_file($_FILES['file']['tmp_name']);
743 $data = array();
744 $read = 0;
d3176630 745
f0a819a9 746 if (Tools::get_doctype($html)->innertext == "<!DOCTYPE NETSCAPE-Bookmark-file-1>") {
d3176630
TC
747 // Firefox-bookmarks HTML
748 foreach (array('DL','ul') as $list) {
749 foreach ($html->find($list) as $ul) {
750 foreach ($ul->find('DT') as $li) {
751 $tmpEntry = array();
752 $a = $li->find('A');
753 $tmpEntry['url'] = $a[0]->href;
754 $tmpEntry['tags'] = $a[0]->tags;
755 $tmpEntry['is_read'] = $read;
756 if ($tmpEntry['url']) {
757 $data[] = $tmpEntry;
758 }
a8ef1f3f 759 }
d3176630
TC
760 # the second <ol/ul> is for read links
761 $read = ((sizeof($data) && $read)?0:1);
762 }
182faf26 763 }
d3176630
TC
764 } else {
765 // regular HTML
766 foreach (array('ol','ul') as $list) {
767 foreach ($html->find($list) as $ul) {
768 foreach ($ul->find('li') as $li) {
769 $tmpEntry = array();
770 $a = $li->find('a');
771 $tmpEntry['url'] = $a[0]->href;
772 $tmpEntry['tags'] = $a[0]->tags;
773 $tmpEntry['is_read'] = $read;
774 if ($tmpEntry['url']) {
775 $data[] = $tmpEntry;
776 }
777 }
778 # the second <ol/ul> is for read links
779 $read = ((sizeof($data) && $read)?0:1);
780 }
781 }
782 }
783 }
182faf26 784
2f26729c
NL
785 // for readability structure
786
787 foreach($data as $record) {
788 if (is_array($record)) {
789 $data[] = $record;
790 foreach($record as $record2) {
791 if (is_array($record2)) {
792 $data[] = $record2;
793 }
794 }
795 }
a297fb1e 796 }
a297fb1e 797
2f26729c
NL
798 $urlsInserted = array(); //urls of articles inserted
799 foreach($data as $record) {
800 $url = trim(isset($record['article__url']) ? $record['article__url'] : (isset($record['url']) ? $record['url'] : ''));
ddbb2308 801 if (filter_var($url, FILTER_VALIDATE_URL) and !in_array($url, $urlsInserted)) {
2f26729c
NL
802 $title = (isset($record['title']) ? $record['title'] : _('Untitled - Import - ') . '</a> <a href="./?import">' . _('click to finish import') . '</a><a>');
803 $body = (isset($record['content']) ? $record['content'] : '');
804 $isRead = (isset($record['is_read']) ? intval($record['is_read']) : (isset($record['archive']) ? intval($record['archive']) : 0));
805 $isFavorite = (isset($record['is_fav']) ? intval($record['is_fav']) : (isset($record['favorite']) ? intval($record['favorite']) : 0));
806
807 // insert new record
808
809 $id = $this->store->add($url, $title, $body, $this->user->getId() , $isFavorite, $isRead);
810 if ($id) {
811 $urlsInserted[] = $url; //add
812 if (isset($record['tags']) && trim($record['tags'])) {
813
9a490ad6 814 $tags = explode(',', $record['tags']);
3052cfb7 815 foreach($tags as $tag) {
816 $entry_id = $id;
817 $tag_id = $this->store->retrieveTagByValue($tag);
818 if ($tag_id) {
819 $this->store->setTagToEntry($tag_id['id'], $entry_id);
820 } else {
821 $this->store->createTag($tag);
822 $tag_id = $this->store->retrieveTagByValue($tag);
823 $this->store->setTagToEntry($tag_id['id'], $entry_id);
824 }
825 }
2f26729c
NL
826
827 }
828 }
829 }
182faf26 830 }
182faf26 831
2f26729c
NL
832 $i = sizeof($urlsInserted);
833 if ($i > 0) {
834 $this->messages->add('s', _('Articles inserted: ') . $i . _('. Please note, that some may be marked as "read".'));
835 }
836
5ce39784 837 Tools::logm('Import of articles finished: '.$i.' articles added (w/o content if not provided).');
182faf26 838 }
dc764892 839 else {
df89c6f7 840 $this->messages->add('e', _('Did you forget to select a file?'));
dc764892 841 }
2f26729c
NL
842 // file parsing finished here
843 // now download article contents if any
844 // check if we need to download any content
182faf26 845
2f26729c
NL
846 $recordsDownloadRequired = $this->store->retrieveUnfetchedEntriesCount($this->user->getId());
847
848 if ($recordsDownloadRequired == 0) {
182faf26 849
2f26729c 850 // nothing to download
182faf26 851
2f26729c
NL
852 $this->messages->add('s', _('Import finished.'));
853 Tools::logm('Import finished completely');
854 Tools::redirect();
855 }
856 else {
182faf26 857
2f26729c 858 // if just inserted - don't download anything, download will start in next reload
182faf26 859
2f26729c 860 if (!isset($_FILES['file'])) {
182faf26 861
2f26729c 862 // download next batch
182faf26 863
2f26729c
NL
864 Tools::logm('Fetching next batch of articles...');
865 $items = $this->store->retrieveUnfetchedEntries($this->user->getId() , IMPORT_LIMIT);
866 $purifier = $this->_getPurifier();
867 foreach($items as $item) {
868 $url = new Url(base64_encode($item['url']));
fde4cf06
EP
869 if( $url->isCorrect() )
870 {
871 Tools::logm('Fetching article ' . $item['id']);
872 $content = Tools::getPageContent($url);
873 $title = (($content['rss']['channel']['item']['title'] != '') ? $content['rss']['channel']['item']['title'] : _('Untitled'));
874 $body = (($content['rss']['channel']['item']['description'] != '') ? $content['rss']['channel']['item']['description'] : _('Undefined'));
875
876 // clean content to prevent xss attack
877
878 $title = $purifier->purify($title);
879 $body = $purifier->purify($body);
880 $this->store->updateContentAndTitle($item['id'], $title, $body, $this->user->getId());
881 Tools::logm('Article ' . $item['id'] . ' updated.');
882 } else
883 {
884 Tools::logm('Unvalid URL (' . $item['url'] .') to fetch for article ' . $item['id']);
885 }
2f26729c
NL
886 }
887 }
63c35580 888 }
182faf26 889
2f26729c
NL
890 return array(
891 'includeImport' => true,
892 'import' => array(
893 'recordsDownloadRequired' => $recordsDownloadRequired,
894 'recordsUnderDownload' => IMPORT_LIMIT,
895 'delay' => IMPORT_DELAY * 1000
896 )
897 );
63c35580 898 }
c765c367 899
07ee09f4
NL
900 /**
901 * export poche entries in json
902 * @return json all poche entries
903 */
2f26729c
NL
904 public function export()
905 {
a8ef1f3f
MR
906 $filename = "wallabag-export-".$this->user->getId()."-".date("Y-m-d").".json";
907 header('Content-Disposition: attachment; filename='.$filename);
908
f9c8087f 909 $entries = $this->store->retrieveAllWithTags($this->user->getId());
a8ef1f3f
MR
910 echo $this->tpl->render('export.twig', array(
911 'export' => Tools::renderJson($entries),
912 ));
913 Tools::logm('export view');
c765c367 914 }
32520785 915
07ee09f4 916 /**
a3436d4c 917 * Checks online the latest version of poche and cache it
07ee09f4
NL
918 * @param string $which 'prod' or 'dev'
919 * @return string latest $which version
920 */
2f26729c 921 private function _getPocheVersion($which = 'prod') {
a8ef1f3f
MR
922 $cache_file = CACHE . '/' . $which;
923 $check_time = time();
924
925 # checks if the cached version file exists
926 if (file_exists($cache_file) && (filemtime($cache_file) > (time() - 86400 ))) {
927 $version = file_get_contents($cache_file);
928 $check_time = filemtime($cache_file);
929 } else {
930 $version = file_get_contents('http://static.wallabag.org/versions/' . $which);
931 file_put_contents($cache_file, $version, LOCK_EX);
932 }
933 return array($version, $check_time);
32520785 934 }
72c20a52 935
2f26729c
NL
936 /**
937 * Update token for current user
938 */
939 public function updateToken()
72c20a52 940 {
2f26729c
NL
941 $token = Tools::generateToken();
942 $this->store->updateUserConfig($this->user->getId(), 'token', $token);
943 $currentConfig = $_SESSION['poche_user']->config;
944 $currentConfig['token'] = $token;
945 $_SESSION['poche_user']->setConfig($currentConfig);
946 Tools::redirect();
72c20a52
NL
947 }
948
2f26729c
NL
949 /**
950 * Generate RSS feeds for current user
951 *
952 * @param $token
953 * @param $user_id
7fe8a9ad
VM
954 * @param $tag_id if $type is 'tag', the id of the tag to generate feed for
955 * @param string $type the type of feed to generate
956 * @param int $limit the maximum number of items (0 means all)
2f26729c 957 */
7fe8a9ad 958 public function generateFeeds($token, $user_id, $tag_id, $type = 'home', $limit = 0)
72c20a52 959 {
f778e472 960 $allowed_types = array('home', 'fav', 'archive', 'tag');
72c20a52
NL
961 $config = $this->store->getConfigUser($user_id);
962
17b2afef 963 if ($config == null) {
30bd2735 964 die(sprintf(_('User with this id (%d) does not exist.'), $user_id));
17b2afef
NL
965 }
966
7dd8b502
MR
967 if (!in_array($type, $allowed_types) || !isset($config['token']) || $token != $config['token']) {
968 die(_('Uh, there is a problem while generating feed. Wrong token used?'));
72c20a52 969 }
72c20a52 970
9e7c840b 971 $feed = new FeedWriter(RSS2);
2e4440c3 972 $feed->setTitle('wallabag — ' . $type . ' feed');
72c20a52 973 $feed->setLink(Tools::getPocheUrl());
223268c2
NL
974 $feed->setChannelElement('pubDate', date(DATE_RSS , time()));
975 $feed->setChannelElement('generator', 'wallabag');
976 $feed->setDescription('wallabag ' . $type . ' elements');
72c20a52 977
f778e472 978 if ($type == 'tag') {
b89d5a2b 979 $entries = $this->store->retrieveEntriesByTag($tag_id, $user_id);
f778e472
NL
980 }
981 else {
982 $entries = $this->store->getEntriesByView($type, $user_id);
983 }
984
7fe8a9ad
VM
985 // if $limit is set to zero, use all entries
986 if (0 == $limit) {
987 $limit = count($entries);
988 }
72c20a52 989 if (count($entries) > 0) {
7fe8a9ad
VM
990 for ($i = 0; $i < min(count($entries), $limit); $i++) {
991 $entry = $entries[$i];
72c20a52 992 $newItem = $feed->createNewItem();
0b57c682 993 $newItem->setTitle($entry['title']);
f86784c2 994 $newItem->setSource(Tools::getPocheUrl() . '?view=view&amp;id=' . $entry['id']);
ed02e38e 995 $newItem->setLink($entry['url']);
72c20a52
NL
996 $newItem->setDate(time());
997 $newItem->setDescription($entry['content']);
998 $feed->addItem($newItem);
999 }
1000 }
1001
1002 $feed->genarateFeed();
1003 exit;
1004 }
6285e57c 1005
6285e57c 1006
0f859c6f
MR
1007
1008 /**
2f26729c 1009 * Returns new purifier object with actual config
0f859c6f 1010 */
2f26729c
NL
1011 private function _getPurifier()
1012 {
1013 $config = HTMLPurifier_Config::createDefault();
1014 $config->set('Cache.SerializerPath', CACHE);
1015 $config->set('HTML.SafeIframe', true);
35d4e275 1016
2f26729c
NL
1017 //allow YouTube, Vimeo and dailymotion videos
1018 $config->set('URI.SafeIframeRegexp', '%^(https?:)?//(www\.youtube(?:-nocookie)?\.com/embed/|player\.vimeo\.com/video/|www\.dailymotion\.com/embed/video/)%');
ec15d0a7 1019
2f26729c 1020 return new HTMLPurifier($config);
0f859c6f 1021 }
cbc75bef 1022
cbc75bef 1023
37cad522 1024}