array('timeout' => $timeout, // Timeout : time until we stop waiting for the response. 'header'=> "User-Agent: ".$useragent, // spoot Mozilla Firefox 'follow_location' => true ))); // only download page lesser than 4MB $data = @file_get_contents($url, false, $context, -1, 4000000); // We download at most 4 MB from source. if(isset($http_response_header) and isset($http_response_header[0])) { $httpcodeOK = isset($http_response_header) and isset($http_response_header[0]) and ((strpos($http_response_header[0], '200 OK') !== FALSE) or (strpos($http_response_header[0], '301 Moved Permanently') !== FALSE)); } } // if response is not empty and response is OK if (isset($data) and isset($httpcodeOK) and $httpcodeOK ) { // take charset of page and get it preg_match('##Usi', $data, $meta); // if meta tag is found if (!empty($meta[0])) { // retrieve encoding in $enc preg_match('#charset="?(.*)"#si', $meta[0], $enc); // if charset is found set it otherwise, set it to utf-8 $html_charset = (!empty($enc[1])) ? strtolower($enc[1]) : 'utf-8'; } else { $html_charset = 'utf-8'; $enc[1] = ''; } // replace charset of url to charset of page $data = str_replace('charset='.$enc[1], 'charset='.$html_charset, $data); return $data; } else { return FALSE; } } /** * Préparation de l'URL avec récupération du contenu avant insertion en base */ function prepare_url($url) { $parametres = array(); $url = html_entity_decode(trim($url)); // We remove the annoying parameters added by FeedBurner and GoogleFeedProxy (?utm_source=...) // from shaarli, by sebsauvage $i=strpos($url,'&utm_source='); if ($i!==false) $url=substr($url,0,$i); $i=strpos($url,'?utm_source='); if ($i!==false) $url=substr($url,0,$i); $i=strpos($url,'#xtor=RSS-'); if ($i!==false) $url=substr($url,0,$i); $title = $url; if (!preg_match('!^https?://!i', $url)) $url = 'http://' . $url; $html = Encoding::toUTF8(get_external_file($url,15)); if (isset($html) and strlen($html) > 0) { $r = new Readability($html, $url); if($r->init()) { $title = $r->articleTitle->innerHTML; } } $parametres['title'] = $title; $parametres['content'] = $r->articleContent->innerHTML; return $parametres; } /** * Appel d'une action (mark as fav, archive, delete) */ function action_to_do($action, $id, $url, $token) { global $db; switch ($action) { case 'add': if ($url == '') continue; $parametres_url = prepare_url($url); $sql_action = 'INSERT INTO entries ( url, title, content ) VALUES (?, ?, ?)'; $params_action = array($url, $parametres_url['title'], $parametres_url['content']); logm('add link ' . $url); break; case 'delete': if (verif_token($token)) { $sql_action = "DELETE FROM entries WHERE id=?"; $params_action = array($id); logm('delete link #' . $id); } else logm('csrf problem while deleting entry'); break; case 'toggle_fav' : if (verif_token($token)) { $sql_action = "UPDATE entries SET is_fav=~is_fav WHERE id=?"; $params_action = array($id); logm('mark as favorite link #' . $id); } else logm('csrf problem while fav entry'); break; case 'toggle_archive' : if (verif_token($token)) { $sql_action = "UPDATE entries SET is_read=~is_read WHERE id=?"; $params_action = array($id); logm('archive link #' . $id); } else logm('csrf problem while archive entry'); break; default: break; } try { # action query if (isset($sql_action)) { $query = $db->getHandle()->prepare($sql_action); $query->execute($params_action); } } catch (Exception $e) { logm('action query error : '.$e->getMessage()); } } /** * Détermine quels liens afficher : home, fav ou archives */ function display_view($view) { global $db; switch ($_SESSION['sort']) { case 'ia': $order = 'ORDER BY id'; break; case 'id': $order = 'ORDER BY id DESC'; break; case 'ta': $order = 'ORDER BY lower(title)'; break; case 'td': $order = 'ORDER BY lower(title) DESC'; break; default: $order = 'ORDER BY id'; break; } switch ($view) { case 'archive': $sql = "SELECT * FROM entries WHERE is_read=? " . $order; $params = array(-1); break; case 'fav' : $sql = "SELECT * FROM entries WHERE is_fav=? " . $order; $params = array(-1); break; default: $sql = "SELECT * FROM entries WHERE is_read=? " . $order; $params = array(0); break; } # view query try { $query = $db->getHandle()->prepare($sql); $query->execute($params); $entries = $query->fetchAll(); } catch (Exception $e) { logm('view query error : '.$e->getMessage()); } return $entries; } /** * Récupère un article en fonction d'un ID */ function get_article($id) { global $db; $entry = NULL; $sql = "SELECT * FROM entries WHERE id=?"; $params = array(intval($id)); # view article query try { $query = $db->getHandle()->prepare($sql); $query->execute($params); $entry = $query->fetchAll(); } catch (Exception $e) { logm('get article query error : '.$e->getMessage()); } return $entry; } /** * Vérifie si le jeton passé en $_POST correspond à celui en session */ function verif_token($token) { if(isset($_SESSION['token_poche']) && isset($_SESSION['token_time_poche']) && isset($token)) { if($_SESSION['token_poche'] == $token) { $old_timestamp = time() - (15*60); if($_SESSION['token_time_poche'] >= $old_timestamp) { return TRUE; } else { session_destroy(); logm('session expired'); } } else { logm('token error : the token is different'); return FALSE; } } else { logm('token error : the token is not here'); return FALSE; } } function logm($message) { $t = strval(date('Y/m/d_H:i:s')).' - '.$_SERVER["REMOTE_ADDR"].' - '.strval($message)."\n"; file_put_contents('./log.txt',$t,FILE_APPEND); }