]>
Commit | Line | Data |
---|---|---|
1 | <?php | |
2 | /** | |
3 | * wallabag, self hostable application allowing you to not miss any content anymore | |
4 | * | |
5 | * @category wallabag | |
6 | * @author Nicolas Lœuillet <nicolas@loeuillet.org> | |
7 | * @copyright 2013 | |
8 | * @license http://opensource.org/licenses/MIT see COPYING file | |
9 | */ | |
10 | ||
11 | namespace Wallabag\Wallabag; | |
12 | ||
13 | use \Paginator; | |
14 | use \Session; | |
15 | use \Messages; | |
16 | use \FeedWriter; | |
17 | ||
18 | class Wallabag | |
19 | { | |
20 | /** | |
21 | * @var User | |
22 | */ | |
23 | public $user; | |
24 | /** | |
25 | * @var Database | |
26 | */ | |
27 | public $store; | |
28 | /** | |
29 | * @var Template | |
30 | */ | |
31 | public $tpl; | |
32 | /** | |
33 | * @var Language | |
34 | */ | |
35 | public $language; | |
36 | /** | |
37 | * @var Routing | |
38 | */ | |
39 | public $routing; | |
40 | /** | |
41 | * @var Messages | |
42 | */ | |
43 | public $messages; | |
44 | /** | |
45 | * @var Paginator | |
46 | */ | |
47 | public $pagination; | |
48 | ||
49 | public function __construct() | |
50 | { | |
51 | $this->init(); | |
52 | } | |
53 | ||
54 | private function init() | |
55 | { | |
56 | Tools::initPhp(); | |
57 | ||
58 | $pocheUser = \Session::getParam('poche_user'); | |
59 | ||
60 | if ($pocheUser && $pocheUser != array()) { | |
61 | $this->user = $pocheUser; | |
62 | } else { | |
63 | // fake user, just for install & login screens | |
64 | $this->user = new User(); | |
65 | $this->user->setConfig($this->getDefaultConfig()); | |
66 | } | |
67 | ||
68 | $this->pagination = new Paginator($this->user->getConfigValue('pager'), 'p'); | |
69 | $this->language = new Language($this); | |
70 | $this->tpl = new Template($this); | |
71 | $this->store = new Database(); | |
72 | $this->messages = new Messages(); | |
73 | $this->routing = new Routing($this); | |
74 | } | |
75 | ||
76 | public function run() | |
77 | { | |
78 | $this->routing->run(); | |
79 | } | |
80 | ||
81 | /** | |
82 | * Creates a new user | |
83 | */ | |
84 | public function createNewUser($username, $password, $email = "") | |
85 | { | |
86 | if (!empty($username) && !empty($password)){ | |
87 | $newUsername = filter_var($username, FILTER_SANITIZE_STRING); | |
88 | $email = filter_var($email, FILTER_SANITIZE_STRING); | |
89 | if (!$this->store->userExists($newUsername)){ | |
90 | if ($this->store->install($newUsername, Tools::encodeString($password . $newUsername), $email)) { | |
91 | Tools::logm('The new user ' . $newUsername . ' has been installed'); | |
92 | $this->messages->add('s', sprintf(_('The new user %s has been installed. Do you want to <a href="?logout">logout ?</a>'), $newUsername)); | |
93 | Tools::redirect(); | |
94 | } | |
95 | else { | |
96 | Tools::logm('error during adding new user'); | |
97 | Tools::redirect(); | |
98 | } | |
99 | } | |
100 | else { | |
101 | $this->messages->add('e', sprintf(_('Error : An user with the name %s already exists !'), $newUsername)); | |
102 | Tools::logm('An user with the name ' . $newUsername . ' already exists !'); | |
103 | Tools::redirect(); | |
104 | } | |
105 | } | |
106 | } | |
107 | ||
108 | /** | |
109 | * Delete an existing user | |
110 | */ | |
111 | public function deleteUser($password) | |
112 | { | |
113 | if ($this->store->listUsers() > 1) { | |
114 | if (Tools::encodeString($password . $this->user->getUsername()) == $this->store->getUserPassword($this->user->getId())) { | |
115 | $username = $this->user->getUsername(); | |
116 | $this->store->deleteUserConfig($this->user->getId()); | |
117 | Tools::logm('The configuration for user '. $username .' has been deleted !'); | |
118 | $this->store->deleteTagsEntriesAndEntries($this->user->getId()); | |
119 | Tools::logm('The entries for user '. $username .' has been deleted !'); | |
120 | $this->store->deleteUser($this->user->getId()); | |
121 | Tools::logm('User '. $username .' has been completely deleted !'); | |
122 | Session::logout(); | |
123 | Tools::logm('logout'); | |
124 | Tools::redirect(); | |
125 | $this->messages->add('s', sprintf(_('User %s has been successfully deleted !'), $username)); | |
126 | } | |
127 | else { | |
128 | Tools::logm('Bad password !'); | |
129 | $this->messages->add('e', _('Error : The password is wrong !')); | |
130 | } | |
131 | } | |
132 | else { | |
133 | Tools::logm('Only user !'); | |
134 | $this->messages->add('e', _('Error : You are the only user, you cannot delete your account !')); | |
135 | } | |
136 | } | |
137 | ||
138 | public function getDefaultConfig() | |
139 | { | |
140 | return array( | |
141 | 'pager' => PAGINATION, | |
142 | 'language' => LANG, | |
143 | 'theme' => DEFAULT_THEME | |
144 | ); | |
145 | } | |
146 | ||
147 | /** | |
148 | * Call action (mark as fav, archive, delete, etc.) | |
149 | */ | |
150 | public function action($action, Url $url, $id = 0, $import = FALSE, $autoclose = FALSE, $tags = null) | |
151 | { | |
152 | switch ($action) | |
153 | { | |
154 | case 'add': | |
155 | $content = Tools::getPageContent($url); | |
156 | $title = ($content['rss']['channel']['item']['title'] != '') ? $content['rss']['channel']['item']['title'] : _('Untitled'); | |
157 | $body = $content['rss']['channel']['item']['description']; | |
158 | ||
159 | // clean content from prevent xss attack | |
160 | $purifier = $this->_getPurifier(); | |
161 | $title = $purifier->purify($title); | |
162 | $body = $purifier->purify($body); | |
163 | ||
164 | //search for possible duplicate | |
165 | $duplicate = NULL; | |
166 | $duplicate = $this->store->retrieveOneByURL($url->getUrl(), $this->user->getId()); | |
167 | ||
168 | $last_id = $this->store->add($url->getUrl(), $title, $body, $this->user->getId()); | |
169 | if ( $last_id ) { | |
170 | Tools::logm('add link ' . $url->getUrl()); | |
171 | if (DOWNLOAD_PICTURES) { | |
172 | $content = Picture::filterPicture($body, $url->getUrl(), $last_id); | |
173 | Tools::logm('updating content article'); | |
174 | $this->store->updateContent($last_id, $content, $this->user->getId()); | |
175 | } | |
176 | ||
177 | if ($duplicate != NULL) { | |
178 | // duplicate exists, so, older entry needs to be deleted (as new entry should go to the top of list), BUT favorite mark and tags should be preserved | |
179 | Tools::logm('link ' . $url->getUrl() . ' is a duplicate'); | |
180 | // 1) - preserve tags and favorite, then drop old entry | |
181 | $this->store->reassignTags($duplicate['id'], $last_id); | |
182 | if ($duplicate['is_fav']) { | |
183 | $this->store->favoriteById($last_id, $this->user->getId()); | |
184 | } | |
185 | if ($this->store->deleteById($duplicate['id'], $this->user->getId())) { | |
186 | Tools::logm('previous link ' . $url->getUrl() .' entry deleted'); | |
187 | } | |
188 | } | |
189 | ||
190 | // if there are tags, add them to the new article | |
191 | if (isset($_GET['tags'])) { | |
192 | $_POST['value'] = $_GET['tags']; | |
193 | $_POST['entry_id'] = $last_id; | |
194 | $this->action('add_tag', $url); | |
195 | } | |
196 | ||
197 | $this->messages->add('s', _('the link has been added successfully')); | |
198 | } | |
199 | else { | |
200 | $this->messages->add('e', _('error during insertion : the link wasn\'t added')); | |
201 | Tools::logm('error during insertion : the link wasn\'t added ' . $url->getUrl()); | |
202 | } | |
203 | ||
204 | if ($autoclose == TRUE) { | |
205 | Tools::redirect('?view=home'); | |
206 | } else { | |
207 | Tools::redirect('?view=home&closewin=true'); | |
208 | } | |
209 | break; | |
210 | case 'delete': | |
211 | if (isset($_GET['search'])) { | |
212 | //when we want to apply a delete to a search | |
213 | $tags = array($_GET['search']); | |
214 | $allentry_ids = $this->store->search($tags[0], $this->user->getId()); | |
215 | $entry_ids = array(); | |
216 | foreach ($allentry_ids as $eachentry) { | |
217 | $entry_ids[] = $eachentry[0]; | |
218 | } | |
219 | } else { // delete a single article | |
220 | $entry_ids = array($id); | |
221 | } | |
222 | foreach($entry_ids as $id) { | |
223 | $msg = 'delete link #' . $id; | |
224 | if ($this->store->deleteById($id, $this->user->getId())) { | |
225 | if (DOWNLOAD_PICTURES) { | |
226 | Picture::removeDirectory(ABS_PATH . $id); | |
227 | } | |
228 | $this->messages->add('s', _('the link has been deleted successfully')); | |
229 | } | |
230 | else { | |
231 | $this->messages->add('e', _('the link wasn\'t deleted')); | |
232 | $msg = 'error : can\'t delete link #' . $id; | |
233 | } | |
234 | Tools::logm($msg); | |
235 | } | |
236 | Tools::redirect('?'); | |
237 | break; | |
238 | case 'toggle_fav' : | |
239 | $this->store->favoriteById($id, $this->user->getId()); | |
240 | Tools::logm('mark as favorite link #' . $id); | |
241 | if ( Tools::isAjaxRequest() ) { | |
242 | echo 1; | |
243 | exit; | |
244 | } | |
245 | else { | |
246 | Tools::redirect(); | |
247 | } | |
248 | break; | |
249 | case 'toggle_archive' : | |
250 | if (isset($_GET['tag_id'])) { | |
251 | //when we want to archive a whole tag | |
252 | $tag_id = $_GET['tag_id']; | |
253 | $allentry_ids = $this->store->retrieveEntriesByTag($tag_id, $this->user->getId()); | |
254 | $entry_ids = array(); | |
255 | foreach ($allentry_ids as $eachentry) { | |
256 | $entry_ids[] = $eachentry[0]; | |
257 | } | |
258 | } else { //archive a single article | |
259 | $entry_ids = array($id); | |
260 | } | |
261 | foreach($entry_ids as $id) { | |
262 | $this->store->archiveById($id, $this->user->getId()); | |
263 | Tools::logm('archive link #' . $id); | |
264 | } | |
265 | if ( Tools::isAjaxRequest() ) { | |
266 | echo 1; | |
267 | exit; | |
268 | } | |
269 | else { | |
270 | Tools::redirect(); | |
271 | } | |
272 | break; | |
273 | case 'archive_all' : | |
274 | $this->store->archiveAll($this->user->getId()); | |
275 | Tools::logm('archive all links'); | |
276 | Tools::redirect(); | |
277 | break; | |
278 | case 'add_tag' : | |
279 | if (isset($_GET['search'])) { | |
280 | //when we want to apply a tag to a search | |
281 | $tags = array($_GET['search']); | |
282 | $allentry_ids = $this->store->search($tags[0], $this->user->getId()); | |
283 | $entry_ids = array(); | |
284 | foreach ($allentry_ids as $eachentry) { | |
285 | $entry_ids[] = $eachentry[0]; | |
286 | } | |
287 | } else { //add a tag to a single article | |
288 | $tags = explode(',', $_POST['value']); | |
289 | $entry_ids = array($_POST['entry_id']); | |
290 | } | |
291 | foreach($entry_ids as $entry_id) { | |
292 | $entry = $this->store->retrieveOneById($entry_id, $this->user->getId()); | |
293 | if (!$entry) { | |
294 | $this->messages->add('e', _('Article not found!')); | |
295 | Tools::logm('error : article not found'); | |
296 | Tools::redirect(); | |
297 | } | |
298 | //get all already set tags to preven duplicates | |
299 | $already_set_tags = array(); | |
300 | $entry_tags = $this->store->retrieveTagsByEntry($entry_id); | |
301 | foreach ($entry_tags as $tag) { | |
302 | $already_set_tags[] = $tag['value']; | |
303 | } | |
304 | foreach($tags as $key => $tag_value) { | |
305 | $value = trim($tag_value); | |
306 | if ($value && !in_array($value, $already_set_tags)) { | |
307 | $tag = $this->store->retrieveTagByValue($value); | |
308 | if (is_null($tag)) { | |
309 | # we create the tag | |
310 | $tag = $this->store->createTag($value); | |
311 | $sequence = ''; | |
312 | if (STORAGE == 'postgres') { | |
313 | $sequence = 'tags_id_seq'; | |
314 | } | |
315 | $tag_id = $this->store->getLastId($sequence); | |
316 | } | |
317 | else { | |
318 | $tag_id = $tag['id']; | |
319 | } | |
320 | ||
321 | # we assign the tag to the article | |
322 | $this->store->setTagToEntry($tag_id, $entry_id); | |
323 | } | |
324 | } | |
325 | } | |
326 | $this->messages->add('s', _('The tag has been applied successfully')); | |
327 | Tools::logm('The tag has been applied successfully'); | |
328 | Tools::redirect(); | |
329 | break; | |
330 | case 'remove_tag' : | |
331 | $tag_id = $_GET['tag_id']; | |
332 | $entry = $this->store->retrieveOneById($id, $this->user->getId()); | |
333 | if (!$entry) { | |
334 | $this->messages->add('e', _('Article not found!')); | |
335 | Tools::logm('error : article not found'); | |
336 | Tools::redirect(); | |
337 | } | |
338 | $this->store->removeTagForEntry($id, $tag_id); | |
339 | Tools::logm('tag entry deleted'); | |
340 | if ($this->store->cleanUnusedTag($tag_id)) { | |
341 | Tools::logm('tag deleted'); | |
342 | } | |
343 | $this->messages->add('s', _('The tag has been successfully deleted')); | |
344 | Tools::redirect(); | |
345 | break; | |
346 | default: | |
347 | break; | |
348 | } | |
349 | } | |
350 | ||
351 | function displayView($view, $id = 0) | |
352 | { | |
353 | $tpl_vars = array(); | |
354 | ||
355 | switch ($view) | |
356 | { | |
357 | case 'about': | |
358 | break; | |
359 | case 'config': | |
360 | $dev_infos = $this->_getPocheVersion('dev'); | |
361 | $dev = trim($dev_infos[0]); | |
362 | $check_time_dev = date('d-M-Y H:i', $dev_infos[1]); | |
363 | $prod_infos = $this->_getPocheVersion('prod'); | |
364 | $prod = trim($prod_infos[0]); | |
365 | $check_time_prod = date('d-M-Y H:i', $prod_infos[1]); | |
366 | $compare_dev = version_compare(POCHE, $dev); | |
367 | $compare_prod = version_compare(POCHE, $prod); | |
368 | $themes = $this->tpl->getInstalledThemes(); | |
369 | $languages = $this->language->getInstalledLanguages(); | |
370 | $token = $this->user->getConfigValue('token'); | |
371 | $http_auth = (isset($_SERVER['PHP_AUTH_USER']) || isset($_SERVER['REMOTE_USER'])) ? true : false; | |
372 | $only_user = ($this->store->listUsers() > 1) ? false : true; | |
373 | $tpl_vars = array( | |
374 | 'themes' => $themes, | |
375 | 'languages' => $languages, | |
376 | 'dev' => $dev, | |
377 | 'prod' => $prod, | |
378 | 'check_time_dev' => $check_time_dev, | |
379 | 'check_time_prod' => $check_time_prod, | |
380 | 'compare_dev' => $compare_dev, | |
381 | 'compare_prod' => $compare_prod, | |
382 | 'token' => $token, | |
383 | 'user_id' => $this->user->getId(), | |
384 | 'http_auth' => $http_auth, | |
385 | 'only_user' => $only_user | |
386 | ); | |
387 | Tools::logm('config view'); | |
388 | break; | |
389 | case 'edit-tags': | |
390 | # tags | |
391 | $entry = $this->store->retrieveOneById($id, $this->user->getId()); | |
392 | if (!$entry) { | |
393 | $this->messages->add('e', _('Article not found!')); | |
394 | Tools::logm('error : article not found'); | |
395 | Tools::redirect(); | |
396 | } | |
397 | $tags = $this->store->retrieveTagsByEntry($id); | |
398 | $tpl_vars = array( | |
399 | 'entry_id' => $id, | |
400 | 'tags' => $tags, | |
401 | 'entry' => $entry, | |
402 | ); | |
403 | break; | |
404 | case 'tags': | |
405 | $token = $this->user->getConfigValue('token'); | |
406 | //if term is set - search tags for this term | |
407 | $term = Tools::checkVar('term'); | |
408 | $tags = $this->store->retrieveAllTags($this->user->getId(), $term); | |
409 | if (Tools::isAjaxRequest()) { | |
410 | $result = array(); | |
411 | foreach ($tags as $tag) { | |
412 | $result[] = $tag['value']; | |
413 | } | |
414 | echo json_encode($result); | |
415 | exit; | |
416 | } | |
417 | $tpl_vars = array( | |
418 | 'token' => $token, | |
419 | 'user_id' => $this->user->getId(), | |
420 | 'tags' => $tags, | |
421 | ); | |
422 | break; | |
423 | case 'search': | |
424 | if (isset($_GET['search'])) { | |
425 | $search = filter_var($_GET['search'], FILTER_SANITIZE_STRING); | |
426 | $tpl_vars['entries'] = $this->store->search($search, $this->user->getId()); | |
427 | $count = count($tpl_vars['entries']); | |
428 | $this->pagination->set_total($count); | |
429 | $page_links = str_replace(array('previous', 'next'), array(_('previous'), _('next')), | |
430 | $this->pagination->page_links('?view=' . $view . '?search=' . $search . '&sort=' . $_SESSION['sort'] . '&' )); | |
431 | $tpl_vars['page_links'] = $page_links; | |
432 | $tpl_vars['nb_results'] = $count; | |
433 | $tpl_vars['searchterm'] = $search; | |
434 | } | |
435 | break; | |
436 | case 'view': | |
437 | $entry = $this->store->retrieveOneById($id, $this->user->getId()); | |
438 | if ($entry != NULL) { | |
439 | Tools::logm('view link #' . $id); | |
440 | $content = $entry['content']; | |
441 | if (function_exists('tidy_parse_string')) { | |
442 | $tidy = tidy_parse_string($content, array('indent'=>true, 'show-body-only' => true), 'UTF8'); | |
443 | $tidy->cleanRepair(); | |
444 | $content = $tidy->value; | |
445 | } | |
446 | ||
447 | # flattr checking | |
448 | $flattr = NULL; | |
449 | if (FLATTR) { | |
450 | $flattr = new FlattrItem(); | |
451 | $flattr->checkItem($entry['url'], $entry['id']); | |
452 | } | |
453 | ||
454 | # tags | |
455 | $tags = $this->store->retrieveTagsByEntry($entry['id']); | |
456 | ||
457 | $tpl_vars = array( | |
458 | 'entry' => $entry, | |
459 | 'content' => $content, | |
460 | 'flattr' => $flattr, | |
461 | 'tags' => $tags | |
462 | ); | |
463 | } | |
464 | else { | |
465 | Tools::logm('error in view call : entry is null'); | |
466 | } | |
467 | break; | |
468 | default: # home, favorites, archive and tag views | |
469 | $tpl_vars = array( | |
470 | 'entries' => '', | |
471 | 'page_links' => '', | |
472 | 'nb_results' => '', | |
473 | 'listmode' => (isset($_COOKIE['listmode']) ? true : false), | |
474 | ); | |
475 | ||
476 | //if id is given - we retrieve entries by tag: id is tag id | |
477 | if ($id) { | |
478 | $tpl_vars['tag'] = $this->store->retrieveTag($id, $this->user->getId()); | |
479 | $tpl_vars['id'] = intval($id); | |
480 | } | |
481 | ||
482 | $count = $this->store->getEntriesByViewCount($view, $this->user->getId(), $id); | |
483 | ||
484 | if ($count > 0) { | |
485 | $this->pagination->set_total($count); | |
486 | $page_links = str_replace(array('previous', 'next'), array(_('previous'), _('next')), | |
487 | $this->pagination->page_links('?view=' . $view . '&sort=' . $_SESSION['sort'] . (($id)?'&id='.$id:'') . '&' )); | |
488 | $tpl_vars['entries'] = $this->store->getEntriesByView($view, $this->user->getId(), $this->pagination->get_limit(), $id); | |
489 | $tpl_vars['page_links'] = $page_links; | |
490 | $tpl_vars['nb_results'] = $count; | |
491 | } | |
492 | Tools::logm('display ' . $view . ' view'); | |
493 | break; | |
494 | } | |
495 | ||
496 | return $tpl_vars; | |
497 | } | |
498 | ||
499 | /** | |
500 | * update the password of the current user. | |
501 | * if MODE_DEMO is TRUE, the password can't be updated. | |
502 | * @todo add the return value | |
503 | * @todo set the new password in function header like this updatePassword($newPassword) | |
504 | * @return boolean | |
505 | */ | |
506 | public function updatePassword($password, $confirmPassword) | |
507 | { | |
508 | if (MODE_DEMO) { | |
509 | $this->messages->add('i', _('in demo mode, you can\'t update your password')); | |
510 | Tools::logm('in demo mode, you can\'t do this'); | |
511 | Tools::redirect('?view=config'); | |
512 | } | |
513 | else { | |
514 | if (isset($password) && isset($confirmPassword)) { | |
515 | if ($password == $confirmPassword && !empty($password)) { | |
516 | $this->messages->add('s', _('your password has been updated')); | |
517 | $this->store->updatePassword($this->user->getId(), Tools::encodeString($password . $this->user->getUsername())); | |
518 | Session::logout(); | |
519 | Tools::logm('password updated'); | |
520 | Tools::redirect(); | |
521 | } | |
522 | else { | |
523 | $this->messages->add('e', _('the two fields have to be filled & the password must be the same in the two fields')); | |
524 | Tools::redirect('?view=config'); | |
525 | } | |
526 | } | |
527 | } | |
528 | } | |
529 | ||
530 | /** | |
531 | * Get credentials from differents sources | |
532 | * It redirects the user to the $referer link | |
533 | * | |
534 | * @return array | |
535 | */ | |
536 | private function credentials() | |
537 | { | |
538 | if (isset($_SERVER['PHP_AUTH_USER'])) { | |
539 | return array($_SERVER['PHP_AUTH_USER'], 'php_auth', true); | |
540 | } | |
541 | if (!empty($_POST['login']) && !empty($_POST['password'])) { | |
542 | return array($_POST['login'], $_POST['password'], false); | |
543 | } | |
544 | if (isset($_SERVER['REMOTE_USER'])) { | |
545 | return array($_SERVER['REMOTE_USER'], 'http_auth', true); | |
546 | } | |
547 | ||
548 | return array(false, false, false); | |
549 | } | |
550 | ||
551 | /** | |
552 | * checks if login & password are correct and save the user in session. | |
553 | * it redirects the user to the $referer link | |
554 | * @param string $referer the url to redirect after login | |
555 | * @todo add the return value | |
556 | * @return boolean | |
557 | */ | |
558 | public function login($referer) | |
559 | { | |
560 | list($login,$password,$isauthenticated)=$this->credentials(); | |
561 | if($login === false || $password === false) { | |
562 | $this->messages->add('e', _('login failed: you have to fill all fields')); | |
563 | Tools::logm('login failed'); | |
564 | Tools::redirect(); | |
565 | } | |
566 | if (!empty($login) && !empty($password)) { | |
567 | $user = $this->store->login($login, Tools::encodeString($password . $login), $isauthenticated); | |
568 | if ($user != array()) { | |
569 | # Save login into Session | |
570 | $longlastingsession = isset($_POST['longlastingsession']); | |
571 | $passwordTest = ($isauthenticated) ? $user['password'] : Tools::encodeString($password . $login); | |
572 | Session::login($user['username'], $user['password'], $login, $passwordTest, $longlastingsession, array('poche_user' => new User($user))); | |
573 | ||
574 | # reload l10n | |
575 | $language = $user['config']['language']; | |
576 | @putenv('LC_ALL=' . $language); | |
577 | setlocale(LC_ALL, $language); | |
578 | bindtextdomain($language, LOCALE); | |
579 | textdomain($language); | |
580 | ||
581 | $this->messages->add('s', _('welcome to your wallabag')); | |
582 | Tools::logm('login successful'); | |
583 | Tools::redirect($referer); | |
584 | } | |
585 | $this->messages->add('e', _('login failed: bad login or password')); | |
586 | // log login failure in web server log to allow fail2ban usage | |
587 | error_log('user '.$login.' authentication failure'); | |
588 | Tools::logm('login failed'); | |
589 | Tools::redirect(); | |
590 | } | |
591 | } | |
592 | ||
593 | /** | |
594 | * log out the poche user. It cleans the session. | |
595 | * @todo add the return value | |
596 | * @return boolean | |
597 | */ | |
598 | public function logout() | |
599 | { | |
600 | $this->user = array(); | |
601 | Session::logout(); | |
602 | Tools::logm('logout'); | |
603 | Tools::redirect(); | |
604 | } | |
605 | ||
606 | /** | |
607 | * import datas into your wallabag | |
608 | * @return boolean | |
609 | */ | |
610 | ||
611 | public function import() { | |
612 | ||
613 | if ( isset($_FILES['file']) && $_FILES['file']['tmp_name'] ) { | |
614 | Tools::logm('Import stated: parsing file'); | |
615 | ||
616 | // assume, that file is in json format | |
617 | $str_data = file_get_contents($_FILES['file']['tmp_name']); | |
618 | $data = json_decode($str_data, true); | |
619 | ||
620 | if ( $data === null ) { | |
621 | //not json - assume html | |
622 | $html = new simple_html_dom(); | |
623 | $html->load_file($_FILES['file']['tmp_name']); | |
624 | $data = array(); | |
625 | $read = 0; | |
626 | foreach (array('ol','ul') as $list) { | |
627 | foreach ($html->find($list) as $ul) { | |
628 | foreach ($ul->find('li') as $li) { | |
629 | $tmpEntry = array(); | |
630 | $a = $li->find('a'); | |
631 | $tmpEntry['url'] = $a[0]->href; | |
632 | $tmpEntry['tags'] = $a[0]->tags; | |
633 | $tmpEntry['is_read'] = $read; | |
634 | if ($tmpEntry['url']) { | |
635 | $data[] = $tmpEntry; | |
636 | } | |
637 | } | |
638 | # the second <ol/ul> is for read links | |
639 | $read = ((sizeof($data) && $read)?0:1); | |
640 | } | |
641 | } | |
642 | } | |
643 | ||
644 | // for readability structure | |
645 | ||
646 | foreach($data as $record) { | |
647 | if (is_array($record)) { | |
648 | $data[] = $record; | |
649 | foreach($record as $record2) { | |
650 | if (is_array($record2)) { | |
651 | $data[] = $record2; | |
652 | } | |
653 | } | |
654 | } | |
655 | } | |
656 | ||
657 | $urlsInserted = array(); //urls of articles inserted | |
658 | foreach($data as $record) { | |
659 | $url = trim(isset($record['article__url']) ? $record['article__url'] : (isset($record['url']) ? $record['url'] : '')); | |
660 | if ($url and !in_array($url, $urlsInserted)) { | |
661 | $title = (isset($record['title']) ? $record['title'] : _('Untitled - Import - ') . '</a> <a href="./?import">' . _('click to finish import') . '</a><a>'); | |
662 | $body = (isset($record['content']) ? $record['content'] : ''); | |
663 | $isRead = (isset($record['is_read']) ? intval($record['is_read']) : (isset($record['archive']) ? intval($record['archive']) : 0)); | |
664 | $isFavorite = (isset($record['is_fav']) ? intval($record['is_fav']) : (isset($record['favorite']) ? intval($record['favorite']) : 0)); | |
665 | ||
666 | // insert new record | |
667 | ||
668 | $id = $this->store->add($url, $title, $body, $this->user->getId() , $isFavorite, $isRead); | |
669 | if ($id) { | |
670 | $urlsInserted[] = $url; //add | |
671 | if (isset($record['tags']) && trim($record['tags'])) { | |
672 | ||
673 | // @TODO: set tags | |
674 | ||
675 | } | |
676 | } | |
677 | } | |
678 | } | |
679 | ||
680 | $i = sizeof($urlsInserted); | |
681 | if ($i > 0) { | |
682 | $this->messages->add('s', _('Articles inserted: ') . $i . _('. Please note, that some may be marked as "read".')); | |
683 | } | |
684 | ||
685 | Tools::logm('Import of articles finished: '.$i.' articles added (w/o content if not provided).'); | |
686 | } | |
687 | else { | |
688 | $this->messages->add('s', _('Did you forget to select a file?')); | |
689 | } | |
690 | // file parsing finished here | |
691 | // now download article contents if any | |
692 | // check if we need to download any content | |
693 | ||
694 | $recordsDownloadRequired = $this->store->retrieveUnfetchedEntriesCount($this->user->getId()); | |
695 | ||
696 | if ($recordsDownloadRequired == 0) { | |
697 | ||
698 | // nothing to download | |
699 | ||
700 | $this->messages->add('s', _('Import finished.')); | |
701 | Tools::logm('Import finished completely'); | |
702 | Tools::redirect(); | |
703 | } | |
704 | else { | |
705 | ||
706 | // if just inserted - don't download anything, download will start in next reload | |
707 | ||
708 | if (!isset($_FILES['file'])) { | |
709 | ||
710 | // download next batch | |
711 | ||
712 | Tools::logm('Fetching next batch of articles...'); | |
713 | $items = $this->store->retrieveUnfetchedEntries($this->user->getId() , IMPORT_LIMIT); | |
714 | $purifier = $this->_getPurifier(); | |
715 | foreach($items as $item) { | |
716 | $url = new Url(base64_encode($item['url'])); | |
717 | Tools::logm('Fetching article ' . $item['id']); | |
718 | $content = Tools::getPageContent($url); | |
719 | $title = (($content['rss']['channel']['item']['title'] != '') ? $content['rss']['channel']['item']['title'] : _('Untitled')); | |
720 | $body = (($content['rss']['channel']['item']['description'] != '') ? $content['rss']['channel']['item']['description'] : _('Undefined')); | |
721 | ||
722 | // clean content to prevent xss attack | |
723 | ||
724 | $title = $purifier->purify($title); | |
725 | $body = $purifier->purify($body); | |
726 | $this->store->updateContentAndTitle($item['id'], $title, $body, $this->user->getId()); | |
727 | Tools::logm('Article ' . $item['id'] . ' updated.'); | |
728 | } | |
729 | } | |
730 | } | |
731 | ||
732 | return array( | |
733 | 'includeImport' => true, | |
734 | 'import' => array( | |
735 | 'recordsDownloadRequired' => $recordsDownloadRequired, | |
736 | 'recordsUnderDownload' => IMPORT_LIMIT, | |
737 | 'delay' => IMPORT_DELAY * 1000 | |
738 | ) | |
739 | ); | |
740 | } | |
741 | ||
742 | /** | |
743 | * export poche entries in json | |
744 | * @return json all poche entries | |
745 | */ | |
746 | public function export() | |
747 | { | |
748 | $filename = "wallabag-export-".$this->user->getId()."-".date("Y-m-d").".json"; | |
749 | header('Content-Disposition: attachment; filename='.$filename); | |
750 | ||
751 | $entries = $this->store->retrieveAll($this->user->getId()); | |
752 | echo $this->tpl->render('export.twig', array( | |
753 | 'export' => Tools::renderJson($entries), | |
754 | )); | |
755 | Tools::logm('export view'); | |
756 | } | |
757 | ||
758 | /** | |
759 | * Checks online the latest version of poche and cache it | |
760 | * @param string $which 'prod' or 'dev' | |
761 | * @return string latest $which version | |
762 | */ | |
763 | private function _getPocheVersion($which = 'prod') { | |
764 | $cache_file = CACHE . '/' . $which; | |
765 | $check_time = time(); | |
766 | ||
767 | # checks if the cached version file exists | |
768 | if (file_exists($cache_file) && (filemtime($cache_file) > (time() - 86400 ))) { | |
769 | $version = file_get_contents($cache_file); | |
770 | $check_time = filemtime($cache_file); | |
771 | } else { | |
772 | $version = file_get_contents('http://static.wallabag.org/versions/' . $which); | |
773 | file_put_contents($cache_file, $version, LOCK_EX); | |
774 | } | |
775 | return array($version, $check_time); | |
776 | } | |
777 | ||
778 | /** | |
779 | * Update token for current user | |
780 | */ | |
781 | public function updateToken() | |
782 | { | |
783 | $token = Tools::generateToken(); | |
784 | $this->store->updateUserConfig($this->user->getId(), 'token', $token); | |
785 | $currentConfig = $_SESSION['poche_user']->config; | |
786 | $currentConfig['token'] = $token; | |
787 | $_SESSION['poche_user']->setConfig($currentConfig); | |
788 | Tools::redirect(); | |
789 | } | |
790 | ||
791 | /** | |
792 | * Generate RSS feeds for current user | |
793 | * | |
794 | * @param $token | |
795 | * @param $user_id | |
796 | * @param $tag_id if $type is 'tag', the id of the tag to generate feed for | |
797 | * @param string $type the type of feed to generate | |
798 | * @param int $limit the maximum number of items (0 means all) | |
799 | */ | |
800 | public function generateFeeds($token, $user_id, $tag_id, $type = 'home', $limit = 0) | |
801 | { | |
802 | $allowed_types = array('home', 'fav', 'archive', 'tag'); | |
803 | $config = $this->store->getConfigUser($user_id); | |
804 | ||
805 | if ($config == null) { | |
806 | die(sprintf(_('User with this id (%d) does not exist.'), $user_id)); | |
807 | } | |
808 | ||
809 | if (!in_array($type, $allowed_types) || !isset($config['token']) || $token != $config['token']) { | |
810 | die(_('Uh, there is a problem while generating feed. Wrong token used?')); | |
811 | } | |
812 | ||
813 | $feed = new FeedWriter(RSS2); | |
814 | $feed->setTitle('wallabag — ' . $type . ' feed'); | |
815 | $feed->setLink(Tools::getPocheUrl()); | |
816 | $feed->setChannelElement('pubDate', date(DATE_RSS , time())); | |
817 | $feed->setChannelElement('generator', 'wallabag'); | |
818 | $feed->setDescription('wallabag ' . $type . ' elements'); | |
819 | ||
820 | if ($type == 'tag') { | |
821 | $entries = $this->store->retrieveEntriesByTag($tag_id, $user_id); | |
822 | } | |
823 | else { | |
824 | $entries = $this->store->getEntriesByView($type, $user_id); | |
825 | } | |
826 | ||
827 | // if $limit is set to zero, use all entries | |
828 | if (0 == $limit) { | |
829 | $limit = count($entries); | |
830 | } | |
831 | if (count($entries) > 0) { | |
832 | for ($i = 0; $i < min(count($entries), $limit); $i++) { | |
833 | $entry = $entries[$i]; | |
834 | $newItem = $feed->createNewItem(); | |
835 | $newItem->setTitle($entry['title']); | |
836 | $newItem->setSource(Tools::getPocheUrl() . '?view=view&id=' . $entry['id']); | |
837 | $newItem->setLink($entry['url']); | |
838 | $newItem->setDate(time()); | |
839 | $newItem->setDescription($entry['content']); | |
840 | $feed->addItem($newItem); | |
841 | } | |
842 | } | |
843 | ||
844 | $feed->genarateFeed(); | |
845 | exit; | |
846 | } | |
847 | ||
848 | ||
849 | ||
850 | /** | |
851 | * Returns new purifier object with actual config | |
852 | */ | |
853 | private function _getPurifier() | |
854 | { | |
855 | $config = HTMLPurifier_Config::createDefault(); | |
856 | $config->set('Cache.SerializerPath', CACHE); | |
857 | $config->set('HTML.SafeIframe', true); | |
858 | ||
859 | //allow YouTube, Vimeo and dailymotion videos | |
860 | $config->set('URI.SafeIframeRegexp', '%^(https?:)?//(www\.youtube(?:-nocookie)?\.com/embed/|player\.vimeo\.com/video/|www\.dailymotion\.com/embed/video/)%'); | |
861 | ||
862 | return new HTMLPurifier($config); | |
863 | } | |
864 | ||
865 | ||
866 | } |