// -------- Display the Tools menu if requested (import/export/bookmarklet...)
if ($targetPage == Router::$PAGE_TOOLS) {
- $data = [
- 'pageabsaddr' => index_url($_SERVER),
- 'sslenabled' => is_https($_SERVER),
- ];
- $pluginManager->executeHooks('render_tools', $data);
-
- foreach ($data as $key => $value) {
- $PAGE->assign($key, $value);
- }
-
- $PAGE->assign('pagetitle', t('Tools') .' - '. $conf->get('general.title', 'Shaarli'));
- $PAGE->renderPage('tools');
+ header('Location: ./tools');
exit;
}
// -------- User wants to change his/her password.
if ($targetPage == Router::$PAGE_CHANGEPASSWORD) {
- if ($conf->get('security.open_shaarli')) {
- die(t('You are not supposed to change a password on an Open Shaarli.'));
- }
-
- if (!empty($_POST['setpassword']) && !empty($_POST['oldpassword'])) {
- if (!$sessionManager->checkToken($_POST['token'])) {
- die(t('Wrong token.')); // Go away!
- }
-
- // Make sure old password is correct.
- $oldhash = sha1(
- $_POST['oldpassword'].$conf->get('credentials.login').$conf->get('credentials.salt')
- );
- if ($oldhash != $conf->get('credentials.hash')) {
- echo '<script>alert("'
- . t('The old password is not correct.')
- .'");document.location=\'./?do=changepasswd\';</script>';
- exit;
- }
- // Save new password
- // Salt renders rainbow-tables attacks useless.
- $conf->set('credentials.salt', sha1(uniqid('', true) .'_'. mt_rand()));
- $conf->set(
- 'credentials.hash',
- sha1(
- $_POST['setpassword']
- . $conf->get('credentials.login')
- . $conf->get('credentials.salt')
- )
- );
- try {
- $conf->write($loginManager->isLoggedIn());
- } catch (Exception $e) {
- error_log(
- 'ERROR while writing config file after changing password.' . PHP_EOL .
- $e->getMessage()
- );
-
- // TODO: do not handle exceptions/errors in JS.
- echo '<script>alert("'. $e->getMessage() .'");document.location=\'./?do=tools\';</script>';
- exit;
- }
- echo '<script>alert("'. t('Your password has been changed') .'");document.location=\'./?do=tools\';</script>';
- exit;
- } else {
- // show the change password form.
- $PAGE->assign('pagetitle', t('Change password') .' - '. $conf->get('general.title', 'Shaarli'));
- $PAGE->renderPage('changepassword');
- exit;
- }
+ header('Location: ./password');
+ exit;
}
// -------- User wants to change configuration
if ($targetPage == Router::$PAGE_CONFIGURE) {
- if (!empty($_POST['title'])) {
- if (!$sessionManager->checkToken($_POST['token'])) {
- die(t('Wrong token.')); // Go away!
- }
- $tz = 'UTC';
- if (!empty($_POST['continent']) && !empty($_POST['city'])
- && isTimeZoneValid($_POST['continent'], $_POST['city'])
- ) {
- $tz = $_POST['continent'] . '/' . $_POST['city'];
- }
- $conf->set('general.timezone', $tz);
- $conf->set('general.title', escape($_POST['title']));
- $conf->set('general.header_link', escape($_POST['titleLink']));
- $conf->set('general.retrieve_description', !empty($_POST['retrieveDescription']));
- $conf->set('resource.theme', escape($_POST['theme']));
- $conf->set('security.session_protection_disabled', !empty($_POST['disablesessionprotection']));
- $conf->set('privacy.default_private_links', !empty($_POST['privateLinkByDefault']));
- $conf->set('feed.rss_permalinks', !empty($_POST['enableRssPermalinks']));
- $conf->set('updates.check_updates', !empty($_POST['updateCheck']));
- $conf->set('privacy.hide_public_links', !empty($_POST['hidePublicLinks']));
- $conf->set('api.enabled', !empty($_POST['enableApi']));
- $conf->set('api.secret', escape($_POST['apiSecret']));
- $conf->set('formatter', escape($_POST['formatter']));
-
- if (! empty($_POST['language'])) {
- $conf->set('translation.language', escape($_POST['language']));
- }
-
- $thumbnailsMode = extension_loaded('gd') ? $_POST['enableThumbnails'] : Thumbnailer::MODE_NONE;
- if ($thumbnailsMode !== Thumbnailer::MODE_NONE
- && $thumbnailsMode !== $conf->get('thumbnails.mode', Thumbnailer::MODE_NONE)
- ) {
- $_SESSION['warnings'][] = t(
- 'You have enabled or changed thumbnails mode. '
- .'<a href="./?do=thumbs_update">Please synchronize them</a>.'
- );
- }
- $conf->set('thumbnails.mode', $thumbnailsMode);
-
- try {
- $conf->write($loginManager->isLoggedIn());
- $history->updateSettings();
- $pageCacheManager->invalidateCaches();
- } catch (Exception $e) {
- error_log(
- 'ERROR while writing config file after configuration update.' . PHP_EOL .
- $e->getMessage()
- );
-
- // TODO: do not handle exceptions/errors in JS.
- echo '<script>alert("'. $e->getMessage() .'");document.location=\'./?do=configure\';</script>';
- exit;
- }
- echo '<script>alert("'. t('Configuration was saved.') .'");document.location=\'./?do=configure\';</script>';
- exit;
- } else {
- // Show the configuration form.
- $PAGE->assign('title', $conf->get('general.title'));
- $PAGE->assign('theme', $conf->get('resource.theme'));
- $PAGE->assign('theme_available', ThemeUtils::getThemes($conf->get('resource.raintpl_tpl')));
- $PAGE->assign('formatter_available', ['default', 'markdown']);
- list($continents, $cities) = generateTimeZoneData(
- timezone_identifiers_list(),
- $conf->get('general.timezone')
- );
- $PAGE->assign('continents', $continents);
- $PAGE->assign('cities', $cities);
- $PAGE->assign('retrieve_description', $conf->get('general.retrieve_description'));
- $PAGE->assign('private_links_default', $conf->get('privacy.default_private_links', false));
- $PAGE->assign('session_protection_disabled', $conf->get('security.session_protection_disabled', false));
- $PAGE->assign('enable_rss_permalinks', $conf->get('feed.rss_permalinks', false));
- $PAGE->assign('enable_update_check', $conf->get('updates.check_updates', true));
- $PAGE->assign('hide_public_links', $conf->get('privacy.hide_public_links', false));
- $PAGE->assign('api_enabled', $conf->get('api.enabled', true));
- $PAGE->assign('api_secret', $conf->get('api.secret'));
- $PAGE->assign('languages', Languages::getAvailableLanguages());
- $PAGE->assign('gd_enabled', extension_loaded('gd'));
- $PAGE->assign('thumbnails_mode', $conf->get('thumbnails.mode', Thumbnailer::MODE_NONE));
- $PAGE->assign('pagetitle', t('Configure') .' - '. $conf->get('general.title', 'Shaarli'));
- $PAGE->renderPage('configure');
- exit;
- }
+ header('Location: ./configure');
+ exit;
}
// -------- User wants to rename a tag or delete it
if ($targetPage == Router::$PAGE_CHANGETAG) {
- if (empty($_POST['fromtag']) || (empty($_POST['totag']) && isset($_POST['renametag']))) {
- $PAGE->assign('fromtag', ! empty($_GET['fromtag']) ? escape($_GET['fromtag']) : '');
- $PAGE->assign('pagetitle', t('Manage tags') .' - '. $conf->get('general.title', 'Shaarli'));
- $PAGE->renderPage('changetag');
- exit;
- }
-
- if (!$sessionManager->checkToken($_POST['token'])) {
- die(t('Wrong token.'));
- }
-
- $toTag = isset($_POST['totag']) ? escape($_POST['totag']) : null;
- $fromTag = escape($_POST['fromtag']);
- $count = 0;
- $bookmarks = $bookmarkService->search(['searchtags' => $fromTag], BookmarkFilter::$ALL, true);
- foreach ($bookmarks as $bookmark) {
- if ($toTag) {
- $bookmark->renameTag($fromTag, $toTag);
- } else {
- $bookmark->deleteTag($fromTag);
- }
- $bookmarkService->set($bookmark, false);
- $history->updateLink($bookmark);
- $count++;
- }
- $bookmarkService->save();
- $delete = empty($_POST['totag']);
- $redirect = $delete ? './do=changetag' : 'searchtags='. urlencode(escape($_POST['totag']));
- $alert = $delete
- ? sprintf(t('The tag was removed from %d link.', 'The tag was removed from %d bookmarks.', $count), $count)
- : sprintf(t('The tag was renamed in %d link.', 'The tag was renamed in %d bookmarks.', $count), $count);
- echo '<script>alert("'. $alert .'");document.location=\'?'. $redirect .'\';</script>';
+ header('./manage-tags');
exit;
}
})->add('\Shaarli\Api\ApiMiddleware');
$app->group('', function () {
- $this->get('/login', '\Shaarli\Front\Controller\LoginController:index')->setName('login');
- $this->get('/logout', '\Shaarli\Front\Controller\LogoutController:index')->setName('logout');
- $this->get('/picture-wall', '\Shaarli\Front\Controller\PictureWallController:index')->setName('picwall');
- $this->get('/tag-cloud', '\Shaarli\Front\Controller\TagCloudController:cloud')->setName('tagcloud');
- $this->get('/tag-list', '\Shaarli\Front\Controller\TagCloudController:list')->setName('taglist');
- $this->get('/daily', '\Shaarli\Front\Controller\DailyController:index')->setName('daily');
- $this->get('/daily-rss', '\Shaarli\Front\Controller\DailyController:rss')->setName('dailyrss');
- $this->get('/feed-atom', '\Shaarli\Front\Controller\FeedController:atom')->setName('feedatom');
- $this->get('/feed-rss', '\Shaarli\Front\Controller\FeedController:rss')->setName('feedrss');
- $this->get('/open-search', '\Shaarli\Front\Controller\OpenSearchController:index')->setName('opensearch');
-
- $this->get('/add-tag/{newTag}', '\Shaarli\Front\Controller\TagController:addTag')->setName('add-tag');
- $this->get('/remove-tag/{tag}', '\Shaarli\Front\Controller\TagController:removeTag')->setName('remove-tag');
+ /* -- PUBLIC --*/
+ $this->get('/login', '\Shaarli\Front\Controller\Visitor\LoginController:index')->setName('login');
+ $this->get('/picture-wall', '\Shaarli\Front\Controller\Visitor\PictureWallController:index')->setName('picwall');
+ $this->get('/tag-cloud', '\Shaarli\Front\Controller\Visitor\TagCloudController:cloud')->setName('tagcloud');
+ $this->get('/tag-list', '\Shaarli\Front\Controller\Visitor\TagCloudController:list')->setName('taglist');
+ $this->get('/daily', '\Shaarli\Front\Controller\Visitor\DailyController:index')->setName('daily');
+ $this->get('/daily-rss', '\Shaarli\Front\Controller\Visitor\DailyController:rss')->setName('dailyrss');
+ $this->get('/feed-atom', '\Shaarli\Front\Controller\Visitor\FeedController:atom')->setName('feedatom');
+ $this->get('/feed-rss', '\Shaarli\Front\Controller\Visitor\FeedController:rss')->setName('feedrss');
+ $this->get('/open-search', '\Shaarli\Front\Controller\Visitor\OpenSearchController:index')->setName('opensearch');
+
+ $this->get('/add-tag/{newTag}', '\Shaarli\Front\Controller\Visitor\TagController:addTag')->setName('add-tag');
+ $this->get('/remove-tag/{tag}', '\Shaarli\Front\Controller\Visitor\TagController:removeTag')->setName('remove-tag');
+
+ /* -- LOGGED IN -- */
+ $this->get('/logout', '\Shaarli\Front\Controller\Admin\LogoutController:index')->setName('logout');
+ $this->get('/tools', '\Shaarli\Front\Controller\Admin\ToolsController:index')->setName('tools');
+ $this->get('/password', '\Shaarli\Front\Controller\Admin\PasswordController:index')->setName('password');
+ $this->post('/password', '\Shaarli\Front\Controller\Admin\PasswordController:change')->setName('changePassword');
+ $this->get('/configure', '\Shaarli\Front\Controller\Admin\ConfigureController:index')->setName('configure');
+ $this->post('/configure', '\Shaarli\Front\Controller\Admin\ConfigureController:save')->setName('saveConfigure');
+ $this->get('/manage-tags', '\Shaarli\Front\Controller\Admin\ManageTagController:index')->setName('manageTag');
+ $this->post('/manage-tags', '\Shaarli\Front\Controller\Admin\ManageTagController:save')->setName('saveManageTag');
$this
- ->get('/links-per-page', '\Shaarli\Front\Controller\SessionFilterController:linksPerPage')
+ ->get('/links-per-page', '\Shaarli\Front\Controller\Admin\SessionFilterController:linksPerPage')
->setName('filter-links-per-page')
;
$this
- ->get('/visibility/{visibility}', '\Shaarli\Front\Controller\SessionFilterController:visibility')
+ ->get('/visibility/{visibility}', '\Shaarli\Front\Controller\Admin\SessionFilterController:visibility')
->setName('visibility')
;
$this
- ->get('/untagged-only', '\Shaarli\Front\Controller\SessionFilterController:untaggedOnly')
+ ->get('/untagged-only', '\Shaarli\Front\Controller\Admin\SessionFilterController:untaggedOnly')
->setName('untagged-only')
;
})->add('\Shaarli\Front\ShaarliMiddleware');