]>
Commit | Line | Data |
---|---|---|
eb1af592 NL |
1 | <?php |
2 | /** | |
c95b78a8 | 3 | * wallabag, self hostable application allowing you to not miss any content anymore |
eb1af592 | 4 | * |
c95b78a8 NL |
5 | * @category wallabag |
6 | * @author Nicolas Lœuillet <nicolas@loeuillet.org> | |
eb1af592 | 7 | * @copyright 2013 |
3602405e | 8 | * @license http://opensource.org/licenses/MIT see COPYING file |
eb1af592 NL |
9 | */ |
10 | ||
11 | class Poche | |
12 | { | |
3602405e NL |
13 | /** |
14 | * @var User | |
15 | */ | |
7ce7ec4c | 16 | public $user; |
3602405e NL |
17 | /** |
18 | * @var Database | |
19 | */ | |
eb1af592 | 20 | public $store; |
3602405e NL |
21 | /** |
22 | * @var Template | |
23 | */ | |
eb1af592 | 24 | public $tpl; |
3602405e NL |
25 | /** |
26 | * @var Language | |
27 | */ | |
28 | public $language; | |
29 | /** | |
30 | * @var Routing | |
31 | */ | |
32 | public $routing; | |
33 | /** | |
34 | * @var Messages | |
35 | */ | |
55821e04 | 36 | public $messages; |
3602405e NL |
37 | /** |
38 | * @var Paginator | |
39 | */ | |
6a361945 | 40 | public $pagination; |
182faf26 | 41 | |
00dbaf90 | 42 | public function __construct() |
eb1af592 | 43 | { |
3602405e | 44 | $this->init(); |
eb1af592 | 45 | } |
182faf26 MR |
46 | |
47 | private function init() | |
00dbaf90 NL |
48 | { |
49 | Tools::initPhp(); | |
eb1af592 | 50 | |
3602405e NL |
51 | $pocheUser = Session::getParam('poche_user'); |
52 | ||
53 | if ($pocheUser && $pocheUser != array()) { | |
54 | $this->user = $pocheUser; | |
00dbaf90 | 55 | } else { |
3602405e | 56 | // fake user, just for install & login screens |
00dbaf90 NL |
57 | $this->user = new User(); |
58 | $this->user->setConfig($this->getDefaultConfig()); | |
59 | } | |
60 | ||
3602405e NL |
61 | $this->pagination = new Paginator($this->user->getConfigValue('pager'), 'p'); |
62 | $this->language = new Language($this); | |
63 | $this->tpl = new Template($this); | |
64 | $this->store = new Database(); | |
65 | $this->messages = new Messages(); | |
66 | $this->routing = new Routing($this); | |
00dbaf90 | 67 | } |
182faf26 | 68 | |
3602405e NL |
69 | public function run() |
70 | { | |
71 | $this->routing->run(); | |
00dbaf90 | 72 | } |
182faf26 | 73 | |
4a291288 | 74 | /** |
3602405e | 75 | * Creates a new user |
4a291288 | 76 | */ |
3e1daa4c | 77 | public function createNewUser($username, $password, $email = "", $internalRegistration = false) |
eb1af592 | 78 | { |
121691e9 | 79 | Tools::logm('Trying to create a new user...'); |
2f26729c NL |
80 | if (!empty($username) && !empty($password)){ |
81 | $newUsername = filter_var($username, FILTER_SANITIZE_STRING); | |
046b9316 | 82 | $email = filter_var($email, FILTER_SANITIZE_STRING); |
2f26729c | 83 | if (!$this->store->userExists($newUsername)){ |
046b9316 | 84 | if ($this->store->install($newUsername, Tools::encodeString($password . $newUsername), $email)) { |
6cb5e1c9 TC |
85 | if ($email != "") { // if email is filled |
86 | if (SEND_CONFIRMATION_EMAIL && function_exists('mail')) { | |
87 | ||
698eda73 | 88 | // if internal registration from config screen |
6cb5e1c9 TC |
89 | $body_internal = _('Hi,') . "\r\n\r\n" . sprintf(_('Someone just created a wallabag account for you on %1$s.'), Tools::getPocheUrl()) . |
90 | "\r\n\r\n" . sprintf(_('Your login is %1$s.'), $newUsername) ."\r\n\r\n" . | |
91 | _('Note : The password has been chosen by the person who created your account. Get in touch with that person to know your password and change it as soon as possible') . "\r\n\r\n" . | |
92 | _('Have fun with it !') . "\r\n\r\n" . | |
93 | _('This is an automatically generated message, no one will answer if you respond to it.'); | |
3e1daa4c | 94 | |
6cb5e1c9 | 95 | // if external (public) registration |
f2321633 TC |
96 | $body = sprintf(_('Hi, %1$s'), $newUsername) . "\r\n\r\n" . |
97 | sprintf(_('You\'ve just created a wallabag account on %1$s.'), Tools::getPocheUrl()) . | |
98 | "\r\n\r\n" . _("Have fun with it !"); | |
698eda73 | 99 | |
6cb5e1c9 TC |
100 | $body = $internalRegistration ? $body_internal : $body; |
101 | ||
102 | $body = wordwrap($body, 70, "\r\n"); // cut lines with more than 70 caracters (MIME standard) | |
103 | if (mail($email, sprintf(_('Your new wallabag account on %1$s'), Tools::getPocheUrl()), $body, | |
104 | 'X-Mailer: PHP/' . phpversion() . "\r\n" . | |
105 | 'Content-type: text/plain; charset=UTF-8' . "\r\n" . | |
106 | "From: " . $newUsername . "@" . gethostname() . "\r\n")) { | |
107 | Tools::logm('The user ' . $newUsername . ' has been emailed'); | |
108 | $this->messages->add('i', sprintf(_('The new user %1$s has been sent an email at %2$s. You may have to check spam folder.'), $newUsername, $email)); | |
698eda73 | 109 | Tools::redirect('?'); |
6cb5e1c9 TC |
110 | |
111 | } else { | |
112 | Tools::logm('A problem has been encountered while sending an email'); | |
113 | $this->messages->add('e', _('A problem has been encountered while sending an email')); | |
114 | } | |
3e1daa4c | 115 | } else { |
6cb5e1c9 | 116 | Tools::logm('The user has been created, but the server did not authorize sending emails'); |
952faeeb | 117 | $this->messages->add('i', _('The server did not authorize sending a confirmation email, but the user was created.')); |
3e1daa4c | 118 | } |
6cb5e1c9 TC |
119 | } else { |
120 | Tools::logm('The user has been created, but no email was saved, so no confimation email was sent'); | |
121 | $this->messages->add('i', _('The user was created, but no email was sent because email was not filled in')); | |
122 | } | |
3e1daa4c | 123 | Tools::logm('The new user ' . $newUsername . ' has been installed'); |
f2321633 TC |
124 | if (\Session::isLogged()) { |
125 | $this->messages->add('s', sprintf(_('The new user %s has been installed. Do you want to <a href="?logout">logout ?</a>'), $newUsername)); | |
126 | } | |
3e1daa4c | 127 | Tools::redirect(); |
4d99bae8 | 128 | } |
129 | else { | |
2f26729c | 130 | Tools::logm('error during adding new user'); |
4d99bae8 | 131 | Tools::redirect(); |
132 | } | |
133 | } | |
2f26729c NL |
134 | else { |
135 | $this->messages->add('e', sprintf(_('Error : An user with the name %s already exists !'), $newUsername)); | |
136 | Tools::logm('An user with the name ' . $newUsername . ' already exists !'); | |
137 | Tools::redirect(); | |
138 | } | |
4d99bae8 | 139 | } |
121691e9 TC |
140 | else { |
141 | Tools::logm('Password or username were empty'); | |
142 | } | |
4d99bae8 | 143 | } |
b6413975 | 144 | |
3602405e NL |
145 | /** |
146 | * Delete an existing user | |
147 | */ | |
2f26729c | 148 | public function deleteUser($password) |
3602405e | 149 | { |
2f26729c NL |
150 | if ($this->store->listUsers() > 1) { |
151 | if (Tools::encodeString($password . $this->user->getUsername()) == $this->store->getUserPassword($this->user->getId())) { | |
152 | $username = $this->user->getUsername(); | |
153 | $this->store->deleteUserConfig($this->user->getId()); | |
154 | Tools::logm('The configuration for user '. $username .' has been deleted !'); | |
155 | $this->store->deleteTagsEntriesAndEntries($this->user->getId()); | |
156 | Tools::logm('The entries for user '. $username .' has been deleted !'); | |
157 | $this->store->deleteUser($this->user->getId()); | |
158 | Tools::logm('User '. $username .' has been completely deleted !'); | |
159 | Session::logout(); | |
160 | Tools::logm('logout'); | |
161 | Tools::redirect(); | |
162 | $this->messages->add('s', sprintf(_('User %s has been successfully deleted !'), $username)); | |
4d99bae8 | 163 | } |
164 | else { | |
2f26729c NL |
165 | Tools::logm('Bad password !'); |
166 | $this->messages->add('e', _('Error : The password is wrong !')); | |
4d99bae8 | 167 | } |
168 | } | |
2f26729c NL |
169 | else { |
170 | Tools::logm('Only user !'); | |
171 | $this->messages->add('e', _('Error : You are the only user, you cannot delete your account !')); | |
172 | } | |
4d99bae8 | 173 | } |
eb1af592 | 174 | |
8d3275be | 175 | public function getDefaultConfig() |
182faf26 | 176 | { |
8d3275be NL |
177 | return array( |
178 | 'pager' => PAGINATION, | |
179 | 'language' => LANG, | |
00dbaf90 NL |
180 | 'theme' => DEFAULT_THEME |
181 | ); | |
8d3275be NL |
182 | } |
183 | ||
eb1af592 NL |
184 | /** |
185 | * Call action (mark as fav, archive, delete, etc.) | |
186 | */ | |
926acd7b | 187 | public function action($action, Url $url, $id = 0, $import = FALSE, $autoclose = FALSE, $tags = null) |
eb1af592 NL |
188 | { |
189 | switch ($action) | |
190 | { | |
191 | case 'add': | |
a297fb1e MR |
192 | $content = Tools::getPageContent($url); |
193 | $title = ($content['rss']['channel']['item']['title'] != '') ? $content['rss']['channel']['item']['title'] : _('Untitled'); | |
194 | $body = $content['rss']['channel']['item']['description']; | |
195 | ||
196 | // clean content from prevent xss attack | |
2f26729c | 197 | $purifier = $this->_getPurifier(); |
a297fb1e MR |
198 | $title = $purifier->purify($title); |
199 | $body = $purifier->purify($body); | |
1570a653 | 200 | |
182faf26 | 201 | //search for possible duplicate |
8d7cd2cc | 202 | $duplicate = NULL; |
a297fb1e | 203 | $duplicate = $this->store->retrieveOneByURL($url->getUrl(), $this->user->getId()); |
488fc63b | 204 | |
182faf26 | 205 | $last_id = $this->store->add($url->getUrl(), $title, $body, $this->user->getId()); |
a297fb1e | 206 | if ( $last_id ) { |
ec397236 | 207 | Tools::logm('add link ' . $url->getUrl()); |
ec397236 | 208 | if (DOWNLOAD_PICTURES) { |
3602405e | 209 | $content = Picture::filterPicture($body, $url->getUrl(), $last_id); |
ec397236 NL |
210 | Tools::logm('updating content article'); |
211 | $this->store->updateContent($last_id, $content, $this->user->getId()); | |
212 | } | |
488fc63b MR |
213 | |
214 | if ($duplicate != NULL) { | |
215 | // duplicate exists, so, older entry needs to be deleted (as new entry should go to the top of list), BUT favorite mark and tags should be preserved | |
216 | Tools::logm('link ' . $url->getUrl() . ' is a duplicate'); | |
217 | // 1) - preserve tags and favorite, then drop old entry | |
218 | $this->store->reassignTags($duplicate['id'], $last_id); | |
219 | if ($duplicate['is_fav']) { | |
220 | $this->store->favoriteById($last_id, $this->user->getId()); | |
221 | } | |
222 | if ($this->store->deleteById($duplicate['id'], $this->user->getId())) { | |
223 | Tools::logm('previous link ' . $url->getUrl() .' entry deleted'); | |
224 | } | |
225 | } | |
226 | ||
7f782e44 | 227 | // if there are tags, add them to the new article |
228 | if (isset($_GET['tags'])) { | |
229 | $_POST['value'] = $_GET['tags']; | |
230 | $_POST['entry_id'] = $last_id; | |
231 | $this->action('add_tag', $url); | |
232 | } | |
233 | ||
182faf26 | 234 | $this->messages->add('s', _('the link has been added successfully')); |
eb1af592 NL |
235 | } |
236 | else { | |
a297fb1e MR |
237 | $this->messages->add('e', _('error during insertion : the link wasn\'t added')); |
238 | Tools::logm('error during insertion : the link wasn\'t added ' . $url->getUrl()); | |
b916bcfc | 239 | } |
ec397236 | 240 | |
a297fb1e | 241 | if ($autoclose == TRUE) { |
1c911789 | 242 | Tools::redirect('?view=home&closewin=true'); |
a297fb1e | 243 | } else { |
1c911789 | 244 | Tools::redirect('?view=home'); |
eb1af592 | 245 | } |
3052cfb7 | 246 | return $last_id; |
eb1af592 NL |
247 | break; |
248 | case 'delete': | |
512e5e5b | 249 | if (isset($_GET['search'])) { |
250 | //when we want to apply a delete to a search | |
251 | $tags = array($_GET['search']); | |
252 | $allentry_ids = $this->store->search($tags[0], $this->user->getId()); | |
253 | $entry_ids = array(); | |
254 | foreach ($allentry_ids as $eachentry) { | |
255 | $entry_ids[] = $eachentry[0]; | |
eb1af592 | 256 | } |
512e5e5b | 257 | } else { // delete a single article |
258 | $entry_ids = array($id); | |
eb1af592 | 259 | } |
512e5e5b | 260 | foreach($entry_ids as $id) { |
261 | $msg = 'delete link #' . $id; | |
262 | if ($this->store->deleteById($id, $this->user->getId())) { | |
263 | if (DOWNLOAD_PICTURES) { | |
264 | Picture::removeDirectory(ABS_PATH . $id); | |
265 | } | |
266 | $this->messages->add('s', _('the link has been deleted successfully')); | |
267 | } | |
268 | else { | |
269 | $this->messages->add('e', _('the link wasn\'t deleted')); | |
270 | $msg = 'error : can\'t delete link #' . $id; | |
271 | } | |
272 | Tools::logm($msg); | |
eb1af592 | 273 | } |
985ce3ec | 274 | Tools::redirect('?'); |
eb1af592 NL |
275 | break; |
276 | case 'toggle_fav' : | |
8d3275be | 277 | $this->store->favoriteById($id, $this->user->getId()); |
eb1af592 | 278 | Tools::logm('mark as favorite link #' . $id); |
c2cf7075 MR |
279 | if ( Tools::isAjaxRequest() ) { |
280 | echo 1; | |
281 | exit; | |
282 | } | |
283 | else { | |
284 | Tools::redirect(); | |
285 | } | |
eb1af592 NL |
286 | break; |
287 | case 'toggle_archive' : | |
13c7f9a4 | 288 | if (isset($_GET['tag_id'])) { |
289 | //when we want to archive a whole tag | |
290 | $tag_id = $_GET['tag_id']; | |
291 | $allentry_ids = $this->store->retrieveEntriesByTag($tag_id, $this->user->getId()); | |
292 | $entry_ids = array(); | |
293 | foreach ($allentry_ids as $eachentry) { | |
294 | $entry_ids[] = $eachentry[0]; | |
295 | } | |
296 | } else { //archive a single article | |
297 | $entry_ids = array($id); | |
298 | } | |
299 | foreach($entry_ids as $id) { | |
300 | $this->store->archiveById($id, $this->user->getId()); | |
301 | Tools::logm('archive link #' . $id); | |
302 | } | |
c2cf7075 MR |
303 | if ( Tools::isAjaxRequest() ) { |
304 | echo 1; | |
305 | exit; | |
306 | } | |
307 | else { | |
308 | Tools::redirect(); | |
309 | } | |
eb1af592 | 310 | break; |
f14807de NL |
311 | case 'archive_all' : |
312 | $this->store->archiveAll($this->user->getId()); | |
313 | Tools::logm('archive all links'); | |
a297fb1e | 314 | Tools::redirect(); |
f14807de | 315 | break; |
c432fa16 | 316 | case 'add_tag' : |
decc23aa | 317 | if (isset($_GET['search'])) { |
318 | //when we want to apply a tag to a search | |
decc23aa | 319 | $tags = array($_GET['search']); |
320 | $allentry_ids = $this->store->search($tags[0], $this->user->getId()); | |
321 | $entry_ids = array(); | |
322 | foreach ($allentry_ids as $eachentry) { | |
323 | $entry_ids[] = $eachentry[0]; | |
324 | } | |
325 | } else { //add a tag to a single article | |
326 | $tags = explode(',', $_POST['value']); | |
327 | $entry_ids = array($_POST['entry_id']); | |
fb26cc93 | 328 | } |
decc23aa | 329 | foreach($entry_ids as $entry_id) { |
330 | $entry = $this->store->retrieveOneById($entry_id, $this->user->getId()); | |
331 | if (!$entry) { | |
332 | $this->messages->add('e', _('Article not found!')); | |
333 | Tools::logm('error : article not found'); | |
334 | Tools::redirect(); | |
335 | } | |
336 | //get all already set tags to preven duplicates | |
337 | $already_set_tags = array(); | |
338 | $entry_tags = $this->store->retrieveTagsByEntry($entry_id); | |
339 | foreach ($entry_tags as $tag) { | |
340 | $already_set_tags[] = $tag['value']; | |
341 | } | |
342 | foreach($tags as $key => $tag_value) { | |
343 | $value = trim($tag_value); | |
344 | if ($value && !in_array($value, $already_set_tags)) { | |
345 | $tag = $this->store->retrieveTagByValue($value); | |
346 | if (is_null($tag)) { | |
347 | # we create the tag | |
348 | $tag = $this->store->createTag($value); | |
349 | $sequence = ''; | |
350 | if (STORAGE == 'postgres') { | |
351 | $sequence = 'tags_id_seq'; | |
352 | } | |
353 | $tag_id = $this->store->getLastId($sequence); | |
fb26cc93 | 354 | } |
decc23aa | 355 | else { |
356 | $tag_id = $tag['id']; | |
357 | } | |
358 | ||
359 | # we assign the tag to the article | |
360 | $this->store->setTagToEntry($tag_id, $entry_id); | |
361 | } | |
c432fa16 | 362 | } |
c432fa16 | 363 | } |
9c743ab9 | 364 | $this->messages->add('s', _('The tag has been applied successfully')); |
24696800 | 365 | Tools::logm('The tag has been applied successfully'); |
a297fb1e | 366 | Tools::redirect(); |
c432fa16 NL |
367 | break; |
368 | case 'remove_tag' : | |
369 | $tag_id = $_GET['tag_id']; | |
b89d5a2b NL |
370 | $entry = $this->store->retrieveOneById($id, $this->user->getId()); |
371 | if (!$entry) { | |
372 | $this->messages->add('e', _('Article not found!')); | |
373 | Tools::logm('error : article not found'); | |
374 | Tools::redirect(); | |
375 | } | |
c432fa16 | 376 | $this->store->removeTagForEntry($id, $tag_id); |
9c743ab9 | 377 | Tools::logm('tag entry deleted'); |
24696800 | 378 | if ($this->store->cleanUnusedTag($tag_id)) { |
379 | Tools::logm('tag deleted'); | |
380 | } | |
9c743ab9 | 381 | $this->messages->add('s', _('The tag has been successfully deleted')); |
c432fa16 NL |
382 | Tools::redirect(); |
383 | break; | |
d4b6e20e | 384 | |
44b95cb8 TC |
385 | case 'reload_article' : |
386 | Tools::logm('reload article'); | |
387 | $id = $_GET['id']; | |
388 | $entry = $this->store->retrieveOneById($id, $this->user->getId()); | |
389 | Tools::logm('reload url ' . $entry['url']); | |
390 | $url = new Url(base64_encode($entry['url'])); | |
391 | $this->action('add', $url); | |
392 | break; | |
393 | ||
e51487f9 TC |
394 | /* For some unknown reason I can't get displayView() to work here (it redirects to home view afterwards). So here's a dirty fix which redirects directly to URL */ |
395 | case 'random': | |
e51487f9 | 396 | Tools::logm('get a random article'); |
cdee5e65 TC |
397 | if ($this->store->getRandomId($this->user->getId())) { |
398 | $id = $this->store->getRandomId($this->user->getId())[0]; | |
399 | Tools::redirect('?view=view&id=' . $id[0]); | |
400 | Tools::logm('got the article with id ' . $id[0]); | |
401 | } | |
e51487f9 | 402 | break; |
eb1af592 NL |
403 | default: |
404 | break; | |
405 | } | |
406 | } | |
407 | ||
408 | function displayView($view, $id = 0) | |
409 | { | |
410 | $tpl_vars = array(); | |
411 | ||
412 | switch ($view) | |
413 | { | |
3c133bff NL |
414 | case 'about': |
415 | break; | |
eb1af592 | 416 | case 'config': |
2f26729c | 417 | $dev_infos = $this->_getPocheVersion('dev'); |
11c680f9 NL |
418 | $dev = trim($dev_infos[0]); |
419 | $check_time_dev = date('d-M-Y H:i', $dev_infos[1]); | |
2f26729c | 420 | $prod_infos = $this->_getPocheVersion('prod'); |
11c680f9 NL |
421 | $prod = trim($prod_infos[0]); |
422 | $check_time_prod = date('d-M-Y H:i', $prod_infos[1]); | |
031df528 NL |
423 | $compare_dev = version_compare(POCHE, $dev); |
424 | $compare_prod = version_compare(POCHE, $prod); | |
3602405e NL |
425 | $themes = $this->tpl->getInstalledThemes(); |
426 | $languages = $this->language->getInstalledLanguages(); | |
72c20a52 | 427 | $token = $this->user->getConfigValue('token'); |
1810c13b | 428 | $http_auth = (isset($_SERVER['PHP_AUTH_USER']) || isset($_SERVER['REMOTE_USER'])) ? true : false; |
4d99bae8 | 429 | $only_user = ($this->store->listUsers() > 1) ? false : true; |
32520785 | 430 | $tpl_vars = array( |
00dbaf90 | 431 | 'themes' => $themes, |
5011388f | 432 | 'languages' => $languages, |
32520785 NL |
433 | 'dev' => $dev, |
434 | 'prod' => $prod, | |
11c680f9 NL |
435 | 'check_time_dev' => $check_time_dev, |
436 | 'check_time_prod' => $check_time_prod, | |
32520785 NL |
437 | 'compare_dev' => $compare_dev, |
438 | 'compare_prod' => $compare_prod, | |
72c20a52 NL |
439 | 'token' => $token, |
440 | 'user_id' => $this->user->getId(), | |
df6afaf0 | 441 | 'http_auth' => $http_auth, |
4d99bae8 | 442 | 'only_user' => $only_user |
32520785 | 443 | ); |
eb1af592 NL |
444 | Tools::logm('config view'); |
445 | break; | |
6cab59c3 NL |
446 | case 'edit-tags': |
447 | # tags | |
b89d5a2b NL |
448 | $entry = $this->store->retrieveOneById($id, $this->user->getId()); |
449 | if (!$entry) { | |
450 | $this->messages->add('e', _('Article not found!')); | |
451 | Tools::logm('error : article not found'); | |
452 | Tools::redirect(); | |
453 | } | |
6cab59c3 NL |
454 | $tags = $this->store->retrieveTagsByEntry($id); |
455 | $tpl_vars = array( | |
c432fa16 | 456 | 'entry_id' => $id, |
6cab59c3 | 457 | 'tags' => $tags, |
032e0ca1 | 458 | 'entry' => $entry, |
4886ed6d NL |
459 | ); |
460 | break; | |
2e2ebe5e | 461 | case 'tags': |
f778e472 | 462 | $token = $this->user->getConfigValue('token'); |
fb26cc93 MR |
463 | //if term is set - search tags for this term |
464 | $term = Tools::checkVar('term'); | |
465 | $tags = $this->store->retrieveAllTags($this->user->getId(), $term); | |
466 | if (Tools::isAjaxRequest()) { | |
467 | $result = array(); | |
468 | foreach ($tags as $tag) { | |
469 | $result[] = $tag['value']; | |
470 | } | |
471 | echo json_encode($result); | |
472 | exit; | |
473 | } | |
2e2ebe5e | 474 | $tpl_vars = array( |
f778e472 NL |
475 | 'token' => $token, |
476 | 'user_id' => $this->user->getId(), | |
2e2ebe5e NL |
477 | 'tags' => $tags, |
478 | ); | |
479 | break; | |
a4585f7e MR |
480 | case 'search': |
481 | if (isset($_GET['search'])) { | |
482 | $search = filter_var($_GET['search'], FILTER_SANITIZE_STRING); | |
483 | $tpl_vars['entries'] = $this->store->search($search, $this->user->getId()); | |
484 | $count = count($tpl_vars['entries']); | |
485 | $this->pagination->set_total($count); | |
486 | $page_links = str_replace(array('previous', 'next'), array(_('previous'), _('next')), | |
487 | $this->pagination->page_links('?view=' . $view . '?search=' . $search . '&sort=' . $_SESSION['sort'] . '&' )); | |
488 | $tpl_vars['page_links'] = $page_links; | |
489 | $tpl_vars['nb_results'] = $count; | |
1b6e21d7 | 490 | $tpl_vars['searchterm'] = $search; |
a4585f7e MR |
491 | } |
492 | break; | |
eb1af592 | 493 | case 'view': |
8d3275be | 494 | $entry = $this->store->retrieveOneById($id, $this->user->getId()); |
eb1af592 NL |
495 | if ($entry != NULL) { |
496 | Tools::logm('view link #' . $id); | |
497 | $content = $entry['content']; | |
498 | if (function_exists('tidy_parse_string')) { | |
499 | $tidy = tidy_parse_string($content, array('indent'=>true, 'show-body-only' => true), 'UTF8'); | |
500 | $tidy->cleanRepair(); | |
501 | $content = $tidy->value; | |
3408ed48 | 502 | } |
a3223127 | 503 | |
3408ed48 | 504 | # flattr checking |
37cad522 TC |
505 | $flattr = NULL; |
506 | if (FLATTR) { | |
507 | $flattr = new FlattrItem(); | |
508 | $flattr->checkItem($entry['url'], $entry['id']); | |
509 | } | |
510 | ||
7b171c73 NL |
511 | # tags |
512 | $tags = $this->store->retrieveTagsByEntry($entry['id']); | |
a3223127 | 513 | |
3408ed48 | 514 | $tpl_vars = array( |
7b171c73 NL |
515 | 'entry' => $entry, |
516 | 'content' => $content, | |
517 | 'flattr' => $flattr, | |
518 | 'tags' => $tags | |
3408ed48 | 519 | ); |
eb1af592 NL |
520 | } |
521 | else { | |
d8d1542e | 522 | Tools::logm('error in view call : entry is null'); |
eb1af592 NL |
523 | } |
524 | break; | |
032e0ca1 | 525 | default: # home, favorites, archive and tag views |
eb1af592 | 526 | $tpl_vars = array( |
3eb04903 N |
527 | 'entries' => '', |
528 | 'page_links' => '', | |
7f9f5281 | 529 | 'nb_results' => '', |
6065553c | 530 | 'listmode' => (isset($_COOKIE['listmode']) ? true : false), |
eb1af592 | 531 | ); |
182faf26 | 532 | |
3602405e | 533 | //if id is given - we retrieve entries by tag: id is tag id |
032e0ca1 MR |
534 | if ($id) { |
535 | $tpl_vars['tag'] = $this->store->retrieveTag($id, $this->user->getId()); | |
536 | $tpl_vars['id'] = intval($id); | |
537 | } | |
538 | ||
539 | $count = $this->store->getEntriesByViewCount($view, $this->user->getId(), $id); | |
540 | ||
541 | if ($count > 0) { | |
542 | $this->pagination->set_total($count); | |
c515ffec | 543 | $page_links = str_replace(array('previous', 'next'), array(_('previous'), _('next')), |
032e0ca1 MR |
544 | $this->pagination->page_links('?view=' . $view . '&sort=' . $_SESSION['sort'] . (($id)?'&id='.$id:'') . '&' )); |
545 | $tpl_vars['entries'] = $this->store->getEntriesByView($view, $this->user->getId(), $this->pagination->get_limit(), $id); | |
3eb04903 | 546 | $tpl_vars['page_links'] = $page_links; |
032e0ca1 | 547 | $tpl_vars['nb_results'] = $count; |
3eb04903 | 548 | } |
6a361945 | 549 | Tools::logm('display ' . $view . ' view'); |
eb1af592 NL |
550 | break; |
551 | } | |
552 | ||
553 | return $tpl_vars; | |
554 | } | |
c765c367 | 555 | |
07ee09f4 | 556 | /** |
182faf26 MR |
557 | * update the password of the current user. |
558 | * if MODE_DEMO is TRUE, the password can't be updated. | |
07ee09f4 NL |
559 | * @todo add the return value |
560 | * @todo set the new password in function header like this updatePassword($newPassword) | |
561 | * @return boolean | |
562 | */ | |
2f26729c | 563 | public function updatePassword($password, $confirmPassword) |
c765c367 | 564 | { |
55821e04 | 565 | if (MODE_DEMO) { |
8d3275be | 566 | $this->messages->add('i', _('in demo mode, you can\'t update your password')); |
55821e04 | 567 | Tools::logm('in demo mode, you can\'t do this'); |
6a361945 | 568 | Tools::redirect('?view=config'); |
55821e04 NL |
569 | } |
570 | else { | |
2f26729c NL |
571 | if (isset($password) && isset($confirmPassword)) { |
572 | if ($password == $confirmPassword && !empty($password)) { | |
8d3275be | 573 | $this->messages->add('s', _('your password has been updated')); |
2f26729c | 574 | $this->store->updatePassword($this->user->getId(), Tools::encodeString($password . $this->user->getUsername())); |
c765c367 | 575 | Session::logout(); |
8d3275be | 576 | Tools::logm('password updated'); |
c765c367 NL |
577 | Tools::redirect(); |
578 | } | |
579 | else { | |
8d3275be | 580 | $this->messages->add('e', _('the two fields have to be filled & the password must be the same in the two fields')); |
6a361945 | 581 | Tools::redirect('?view=config'); |
c765c367 NL |
582 | } |
583 | } | |
584 | } | |
585 | } | |
182faf26 | 586 | |
df6afaf0 | 587 | /** |
2f26729c NL |
588 | * Get credentials from differents sources |
589 | * It redirects the user to the $referer link | |
590 | * | |
df6afaf0 DS |
591 | * @return array |
592 | */ | |
2f26729c NL |
593 | private function credentials() |
594 | { | |
595 | if (isset($_SERVER['PHP_AUTH_USER'])) { | |
596 | return array($_SERVER['PHP_AUTH_USER'], 'php_auth', true); | |
1810c13b | 597 | } |
2f26729c NL |
598 | if (!empty($_POST['login']) && !empty($_POST['password'])) { |
599 | return array($_POST['login'], $_POST['password'], false); | |
1810c13b | 600 | } |
2f26729c NL |
601 | if (isset($_SERVER['REMOTE_USER'])) { |
602 | return array($_SERVER['REMOTE_USER'], 'http_auth', true); | |
1810c13b | 603 | } |
5cfafc61 | 604 | |
2f26729c | 605 | return array(false, false, false); |
6af66b11 | 606 | } |
df6afaf0 | 607 | |
07ee09f4 NL |
608 | /** |
609 | * checks if login & password are correct and save the user in session. | |
610 | * it redirects the user to the $referer link | |
611 | * @param string $referer the url to redirect after login | |
612 | * @todo add the return value | |
613 | * @return boolean | |
614 | */ | |
c765c367 NL |
615 | public function login($referer) |
616 | { | |
6af66b11 | 617 | list($login,$password,$isauthenticated)=$this->credentials(); |
df6afaf0 DS |
618 | if($login === false || $password === false) { |
619 | $this->messages->add('e', _('login failed: you have to fill all fields')); | |
620 | Tools::logm('login failed'); | |
621 | Tools::redirect(); | |
622 | } | |
623 | if (!empty($login) && !empty($password)) { | |
6af66b11 | 624 | $user = $this->store->login($login, Tools::encodeString($password . $login), $isauthenticated); |
7ce7ec4c NL |
625 | if ($user != array()) { |
626 | # Save login into Session | |
6af66b11 MR |
627 | $longlastingsession = isset($_POST['longlastingsession']); |
628 | $passwordTest = ($isauthenticated) ? $user['password'] : Tools::encodeString($password . $login); | |
629 | Session::login($user['username'], $user['password'], $login, $passwordTest, $longlastingsession, array('poche_user' => new User($user))); | |
9cf6bac1 NL |
630 | |
631 | # reload l10n | |
632 | $language = $user['config']['language']; | |
633 | @putenv('LC_ALL=' . $language); | |
634 | setlocale(LC_ALL, $language); | |
635 | bindtextdomain($language, LOCALE); | |
636 | textdomain($language); | |
637 | ||
26929c08 | 638 | $this->messages->add('s', _('welcome to your wallabag')); |
8d3275be | 639 | Tools::logm('login successful'); |
c765c367 NL |
640 | Tools::redirect($referer); |
641 | } | |
8d3275be | 642 | $this->messages->add('e', _('login failed: bad login or password')); |
c86b40f0 GV |
643 | // log login failure in web server log to allow fail2ban usage |
644 | error_log('user '.$login.' authentication failure'); | |
c765c367 NL |
645 | Tools::logm('login failed'); |
646 | Tools::redirect(); | |
c765c367 NL |
647 | } |
648 | } | |
649 | ||
07ee09f4 NL |
650 | /** |
651 | * log out the poche user. It cleans the session. | |
652 | * @todo add the return value | |
182faf26 | 653 | * @return boolean |
07ee09f4 | 654 | */ |
c765c367 NL |
655 | public function logout() |
656 | { | |
7ce7ec4c | 657 | $this->user = array(); |
c765c367 | 658 | Session::logout(); |
b916bcfc | 659 | Tools::logm('logout'); |
c765c367 NL |
660 | Tools::redirect(); |
661 | } | |
662 | ||
07ee09f4 | 663 | /** |
2f26729c | 664 | * import datas into your wallabag |
182faf26 | 665 | * @return boolean |
07ee09f4 | 666 | */ |
2f26729c | 667 | |
182faf26 MR |
668 | public function import() { |
669 | ||
dc764892 | 670 | if ( isset($_FILES['file']) && $_FILES['file']['tmp_name'] ) { |
5ce39784 MR |
671 | Tools::logm('Import stated: parsing file'); |
672 | ||
182faf26 MR |
673 | // assume, that file is in json format |
674 | $str_data = file_get_contents($_FILES['file']['tmp_name']); | |
675 | $data = json_decode($str_data, true); | |
676 | ||
677 | if ( $data === null ) { | |
678 | //not json - assume html | |
679 | $html = new simple_html_dom(); | |
680 | $html->load_file($_FILES['file']['tmp_name']); | |
681 | $data = array(); | |
682 | $read = 0; | |
683 | foreach (array('ol','ul') as $list) { | |
684 | foreach ($html->find($list) as $ul) { | |
86da3988 MR |
685 | foreach ($ul->find('li') as $li) { |
686 | $tmpEntry = array(); | |
a8ef1f3f MR |
687 | $a = $li->find('a'); |
688 | $tmpEntry['url'] = $a[0]->href; | |
689 | $tmpEntry['tags'] = $a[0]->tags; | |
690 | $tmpEntry['is_read'] = $read; | |
691 | if ($tmpEntry['url']) { | |
692 | $data[] = $tmpEntry; | |
693 | } | |
86da3988 MR |
694 | } |
695 | # the second <ol/ul> is for read links | |
696 | $read = ((sizeof($data) && $read)?0:1); | |
182faf26 MR |
697 | } |
698 | } | |
1daa8e4a | 699 | } |
182faf26 | 700 | |
2f26729c NL |
701 | // for readability structure |
702 | ||
703 | foreach($data as $record) { | |
704 | if (is_array($record)) { | |
705 | $data[] = $record; | |
706 | foreach($record as $record2) { | |
707 | if (is_array($record2)) { | |
708 | $data[] = $record2; | |
709 | } | |
710 | } | |
711 | } | |
a297fb1e | 712 | } |
a297fb1e | 713 | |
2f26729c NL |
714 | $urlsInserted = array(); //urls of articles inserted |
715 | foreach($data as $record) { | |
716 | $url = trim(isset($record['article__url']) ? $record['article__url'] : (isset($record['url']) ? $record['url'] : '')); | |
717 | if ($url and !in_array($url, $urlsInserted)) { | |
718 | $title = (isset($record['title']) ? $record['title'] : _('Untitled - Import - ') . '</a> <a href="./?import">' . _('click to finish import') . '</a><a>'); | |
719 | $body = (isset($record['content']) ? $record['content'] : ''); | |
720 | $isRead = (isset($record['is_read']) ? intval($record['is_read']) : (isset($record['archive']) ? intval($record['archive']) : 0)); | |
721 | $isFavorite = (isset($record['is_fav']) ? intval($record['is_fav']) : (isset($record['favorite']) ? intval($record['favorite']) : 0)); | |
722 | ||
723 | // insert new record | |
724 | ||
725 | $id = $this->store->add($url, $title, $body, $this->user->getId() , $isFavorite, $isRead); | |
726 | if ($id) { | |
727 | $urlsInserted[] = $url; //add | |
728 | if (isset($record['tags']) && trim($record['tags'])) { | |
729 | ||
9a490ad6 | 730 | $tags = explode(',', $record['tags']); |
3052cfb7 | 731 | foreach($tags as $tag) { |
732 | $entry_id = $id; | |
733 | $tag_id = $this->store->retrieveTagByValue($tag); | |
734 | if ($tag_id) { | |
735 | $this->store->setTagToEntry($tag_id['id'], $entry_id); | |
736 | } else { | |
737 | $this->store->createTag($tag); | |
738 | $tag_id = $this->store->retrieveTagByValue($tag); | |
739 | $this->store->setTagToEntry($tag_id['id'], $entry_id); | |
740 | } | |
741 | } | |
2f26729c NL |
742 | |
743 | } | |
744 | } | |
745 | } | |
182faf26 | 746 | } |
182faf26 | 747 | |
2f26729c NL |
748 | $i = sizeof($urlsInserted); |
749 | if ($i > 0) { | |
750 | $this->messages->add('s', _('Articles inserted: ') . $i . _('. Please note, that some may be marked as "read".')); | |
751 | } | |
752 | ||
5ce39784 | 753 | Tools::logm('Import of articles finished: '.$i.' articles added (w/o content if not provided).'); |
182faf26 | 754 | } |
dc764892 MR |
755 | else { |
756 | $this->messages->add('s', _('Did you forget to select a file?')); | |
757 | } | |
2f26729c NL |
758 | // file parsing finished here |
759 | // now download article contents if any | |
760 | // check if we need to download any content | |
182faf26 | 761 | |
2f26729c NL |
762 | $recordsDownloadRequired = $this->store->retrieveUnfetchedEntriesCount($this->user->getId()); |
763 | ||
764 | if ($recordsDownloadRequired == 0) { | |
182faf26 | 765 | |
2f26729c | 766 | // nothing to download |
182faf26 | 767 | |
2f26729c NL |
768 | $this->messages->add('s', _('Import finished.')); |
769 | Tools::logm('Import finished completely'); | |
770 | Tools::redirect(); | |
771 | } | |
772 | else { | |
182faf26 | 773 | |
2f26729c | 774 | // if just inserted - don't download anything, download will start in next reload |
182faf26 | 775 | |
2f26729c | 776 | if (!isset($_FILES['file'])) { |
182faf26 | 777 | |
2f26729c | 778 | // download next batch |
182faf26 | 779 | |
2f26729c NL |
780 | Tools::logm('Fetching next batch of articles...'); |
781 | $items = $this->store->retrieveUnfetchedEntries($this->user->getId() , IMPORT_LIMIT); | |
782 | $purifier = $this->_getPurifier(); | |
783 | foreach($items as $item) { | |
784 | $url = new Url(base64_encode($item['url'])); | |
fde4cf06 EP |
785 | if( $url->isCorrect() ) |
786 | { | |
787 | Tools::logm('Fetching article ' . $item['id']); | |
788 | $content = Tools::getPageContent($url); | |
789 | $title = (($content['rss']['channel']['item']['title'] != '') ? $content['rss']['channel']['item']['title'] : _('Untitled')); | |
790 | $body = (($content['rss']['channel']['item']['description'] != '') ? $content['rss']['channel']['item']['description'] : _('Undefined')); | |
791 | ||
792 | // clean content to prevent xss attack | |
793 | ||
794 | $title = $purifier->purify($title); | |
795 | $body = $purifier->purify($body); | |
796 | $this->store->updateContentAndTitle($item['id'], $title, $body, $this->user->getId()); | |
797 | Tools::logm('Article ' . $item['id'] . ' updated.'); | |
798 | } else | |
799 | { | |
800 | Tools::logm('Unvalid URL (' . $item['url'] .') to fetch for article ' . $item['id']); | |
801 | } | |
2f26729c NL |
802 | } |
803 | } | |
63c35580 | 804 | } |
182faf26 | 805 | |
2f26729c NL |
806 | return array( |
807 | 'includeImport' => true, | |
808 | 'import' => array( | |
809 | 'recordsDownloadRequired' => $recordsDownloadRequired, | |
810 | 'recordsUnderDownload' => IMPORT_LIMIT, | |
811 | 'delay' => IMPORT_DELAY * 1000 | |
812 | ) | |
813 | ); | |
63c35580 | 814 | } |
c765c367 | 815 | |
07ee09f4 NL |
816 | /** |
817 | * export poche entries in json | |
818 | * @return json all poche entries | |
819 | */ | |
2f26729c NL |
820 | public function export() |
821 | { | |
a8ef1f3f MR |
822 | $filename = "wallabag-export-".$this->user->getId()."-".date("Y-m-d").".json"; |
823 | header('Content-Disposition: attachment; filename='.$filename); | |
824 | ||
825 | $entries = $this->store->retrieveAll($this->user->getId()); | |
826 | echo $this->tpl->render('export.twig', array( | |
827 | 'export' => Tools::renderJson($entries), | |
828 | )); | |
829 | Tools::logm('export view'); | |
c765c367 | 830 | } |
32520785 | 831 | |
07ee09f4 | 832 | /** |
a3436d4c | 833 | * Checks online the latest version of poche and cache it |
07ee09f4 NL |
834 | * @param string $which 'prod' or 'dev' |
835 | * @return string latest $which version | |
836 | */ | |
2f26729c | 837 | private function _getPocheVersion($which = 'prod') { |
a8ef1f3f MR |
838 | $cache_file = CACHE . '/' . $which; |
839 | $check_time = time(); | |
840 | ||
841 | # checks if the cached version file exists | |
842 | if (file_exists($cache_file) && (filemtime($cache_file) > (time() - 86400 ))) { | |
843 | $version = file_get_contents($cache_file); | |
844 | $check_time = filemtime($cache_file); | |
845 | } else { | |
846 | $version = file_get_contents('http://static.wallabag.org/versions/' . $which); | |
847 | file_put_contents($cache_file, $version, LOCK_EX); | |
848 | } | |
849 | return array($version, $check_time); | |
32520785 | 850 | } |
72c20a52 | 851 | |
2f26729c NL |
852 | /** |
853 | * Update token for current user | |
854 | */ | |
855 | public function updateToken() | |
72c20a52 | 856 | { |
2f26729c NL |
857 | $token = Tools::generateToken(); |
858 | $this->store->updateUserConfig($this->user->getId(), 'token', $token); | |
859 | $currentConfig = $_SESSION['poche_user']->config; | |
860 | $currentConfig['token'] = $token; | |
861 | $_SESSION['poche_user']->setConfig($currentConfig); | |
862 | Tools::redirect(); | |
72c20a52 NL |
863 | } |
864 | ||
2f26729c NL |
865 | /** |
866 | * Generate RSS feeds for current user | |
867 | * | |
868 | * @param $token | |
869 | * @param $user_id | |
7fe8a9ad VM |
870 | * @param $tag_id if $type is 'tag', the id of the tag to generate feed for |
871 | * @param string $type the type of feed to generate | |
872 | * @param int $limit the maximum number of items (0 means all) | |
2f26729c | 873 | */ |
7fe8a9ad | 874 | public function generateFeeds($token, $user_id, $tag_id, $type = 'home', $limit = 0) |
72c20a52 | 875 | { |
f778e472 | 876 | $allowed_types = array('home', 'fav', 'archive', 'tag'); |
72c20a52 NL |
877 | $config = $this->store->getConfigUser($user_id); |
878 | ||
17b2afef | 879 | if ($config == null) { |
30bd2735 | 880 | die(sprintf(_('User with this id (%d) does not exist.'), $user_id)); |
17b2afef NL |
881 | } |
882 | ||
7dd8b502 MR |
883 | if (!in_array($type, $allowed_types) || !isset($config['token']) || $token != $config['token']) { |
884 | die(_('Uh, there is a problem while generating feed. Wrong token used?')); | |
72c20a52 | 885 | } |
72c20a52 | 886 | |
9e7c840b | 887 | $feed = new FeedWriter(RSS2); |
2e4440c3 | 888 | $feed->setTitle('wallabag — ' . $type . ' feed'); |
72c20a52 | 889 | $feed->setLink(Tools::getPocheUrl()); |
223268c2 NL |
890 | $feed->setChannelElement('pubDate', date(DATE_RSS , time())); |
891 | $feed->setChannelElement('generator', 'wallabag'); | |
892 | $feed->setDescription('wallabag ' . $type . ' elements'); | |
72c20a52 | 893 | |
f778e472 | 894 | if ($type == 'tag') { |
b89d5a2b | 895 | $entries = $this->store->retrieveEntriesByTag($tag_id, $user_id); |
f778e472 NL |
896 | } |
897 | else { | |
898 | $entries = $this->store->getEntriesByView($type, $user_id); | |
899 | } | |
900 | ||
7fe8a9ad VM |
901 | // if $limit is set to zero, use all entries |
902 | if (0 == $limit) { | |
903 | $limit = count($entries); | |
904 | } | |
72c20a52 | 905 | if (count($entries) > 0) { |
7fe8a9ad VM |
906 | for ($i = 0; $i < min(count($entries), $limit); $i++) { |
907 | $entry = $entries[$i]; | |
72c20a52 | 908 | $newItem = $feed->createNewItem(); |
0b57c682 | 909 | $newItem->setTitle($entry['title']); |
f86784c2 | 910 | $newItem->setSource(Tools::getPocheUrl() . '?view=view&id=' . $entry['id']); |
ed02e38e | 911 | $newItem->setLink($entry['url']); |
72c20a52 NL |
912 | $newItem->setDate(time()); |
913 | $newItem->setDescription($entry['content']); | |
914 | $feed->addItem($newItem); | |
915 | } | |
916 | } | |
917 | ||
918 | $feed->genarateFeed(); | |
919 | exit; | |
920 | } | |
6285e57c | 921 | |
6285e57c | 922 | |
0f859c6f MR |
923 | |
924 | /** | |
2f26729c | 925 | * Returns new purifier object with actual config |
0f859c6f | 926 | */ |
2f26729c NL |
927 | private function _getPurifier() |
928 | { | |
929 | $config = HTMLPurifier_Config::createDefault(); | |
930 | $config->set('Cache.SerializerPath', CACHE); | |
931 | $config->set('HTML.SafeIframe', true); | |
35d4e275 | 932 | |
2f26729c NL |
933 | //allow YouTube, Vimeo and dailymotion videos |
934 | $config->set('URI.SafeIframeRegexp', '%^(https?:)?//(www\.youtube(?:-nocookie)?\.com/embed/|player\.vimeo\.com/video/|www\.dailymotion\.com/embed/video/)%'); | |
ec15d0a7 | 935 | |
2f26729c | 936 | return new HTMLPurifier($config); |
0f859c6f | 937 | } |
cbc75bef | 938 | |
cbc75bef | 939 | |
37cad522 | 940 | } |