header("Pragma: no-cache");
// Directories creations (Note that your web host may require different rights than 705.)
-if (!is_writable(realpath(dirname(__FILE__)))) die('<pre>ERROR: Shaarli does not have the right to write in its own directory ('.realpath(dirname(__FILE__)).').</pre>');
+if (!is_writable(realpath(dirname(__FILE__)))) die('<pre>ERROR: Shaarli does not have the right to write in its own directory.</pre>');
// Handling of old config file which do not have the new parameters.
if (empty($GLOBALS['title'])) $GLOBALS['title']='Shared links on '.htmlspecialchars(indexUrl());
if (version_compare(PHP_VERSION, '5.1.0') < 0)
{
header('Content-Type: text/plain; charset=utf-8');
- echo 'Your server supports PHP '.PHP_VERSION.'. Shaarli requires at least php 5.1.0, and thus cannot run. Sorry.';
+ echo 'Your PHP version is obsolete! Shaarli requires at least php 5.1.0, and thus cannot run. Sorry. Your PHP version has known security vulnerabilities and should be updated as soon as possible.';
exit;
}
}
}
// Force logout.
-function logout() { if (isset($_SESSION)) { unset($_SESSION['uid']); unset($_SESSION['ip']); unset($_SESSION['username']); unset($_SESSION['privateonly']); }
+function logout() { if (isset($_SESSION)) { unset($_SESSION['uid']); unset($_SESSION['ip']); unset($_SESSION['username']); unset($_SESSION['privateonly']); }
setcookie('shaarli_staySignedIn', FALSE, 0, WEB_PATH);
}
else $linksToDisplay = $LINKSDB;
$nblinksToDisplay = 50; // Number of links to display.
if (!empty($_GET['nb'])) // In URL, you can specificy the number of links. Example: nb=200 or nb=all for all links.
- {
+ {
$nblinksToDisplay = $_GET['nb']=='all' ? count($linksToDisplay) : max($_GET['nb']+0,1) ;
}
else $linksToDisplay = $LINKSDB;
$nblinksToDisplay = 50; // Number of links to display.
if (!empty($_GET['nb'])) // In URL, you can specificy the number of links. Example: nb=200 or nb=all for all links.
- {
+ {
$nblinksToDisplay = $_GET['nb']=='all' ? count($linksToDisplay) : max($_GET['nb']+0,1) ;
}
// Get previous URL (http_referer) and add the tag to the searchtags parameters in query.
if (empty($_SERVER['HTTP_REFERER'])) { header('Location: ?searchtags='.urlencode($_GET['addtag'])); exit; } // In case browser does not send HTTP_REFERER
parse_str(parse_url($_SERVER['HTTP_REFERER'],PHP_URL_QUERY), $params);
- $params['searchtags'] = (empty($params['searchtags']) ? trim($_GET['addtag']) : trim($params['searchtags']).' '.trim($_GET['addtag']));
+
+ // Check if this tag is already in the search query and ignore it if it is.
+ // Each tag is always separated by a space
+ $current_tags = explode(' ', $params['searchtags']);
+ $addtag = true;
+ foreach ($current_tags as $value) {
+ if ($value === $_GET['addtag']) {
+ $addtag = false;
+ break;
+ }
+ }
+ // Append the tag if necessary
+ if (empty($params['searchtags'])) {
+ $params['searchtags'] = trim($_GET['addtag']);
+ }
+ else if ($addtag) {
+ $params['searchtags'] = trim($params['searchtags']).' '.trim($_GET['addtag']);
+ }
+
unset($params['page']); // We also remove page (keeping the same page has no sense, since the results are different)
header('Location: ?'.http_build_query($params));
exit;
header('Location: ?do=login&post='.urlencode($_GET['post']).(!empty($_GET['title'])?'&title='.urlencode($_GET['title']):'').(!empty($_GET['description'])?'&description='.urlencode($_GET['description']):'').(!empty($_GET['source'])?'&source='.urlencode($_GET['source']):'')); // Redirect to login page, then back to post link.
exit;
}
+
+ // Same case as above except that user tried to access ?do=addlink without being logged in
+ // Note: passing empty parameters makes Shaarli generate default URLs and descriptions.
+ if (isset($_GET['do']) && $_GET['do'] === 'addlink') {
+ header('Location: ?do=login&post=');
+ exit;
+ }
+
$PAGE = new pageBuilder;
buildLinkList($PAGE,$LINKSDB); // Compute list of links to display
$PAGE->renderPage('linklist');
$title = (empty($_GET['title']) ? '' : $_GET['title'] ); // Get title if it was provided in URL (by the bookmarklet).
$description = (empty($_GET['description']) ? '' : $_GET['description']); // Get description if it was provided in URL (by the bookmarklet). [Bronco added that]
$tags = (empty($_GET['tags']) ? '' : $_GET['tags'] ); // Get tags if it was provided in URL
- $private = (!empty($_GET['private']) && $_GET['private'] === "1" ? 1 : 0); // Get private if it was provided in URL
+ $private = (!empty($_GET['private']) && $_GET['private'] === "1" ? 1 : 0); // Get private if it was provided in URL
if (($url!='') && parse_url($url,PHP_URL_SCHEME)=='') $url = 'http://'.$url;
// If this is an HTTP link, we try go get the page to extract the title (otherwise we will to straight to the edit form.)
if (empty($title) && parse_url($url,PHP_URL_SCHEME)=='http')
{
// Look for charset in html header.
preg_match('#<meta .*charset=.*>#Usi', $data, $meta);
-
+
// If found, extract encoding.
if (!empty($meta[0]))
{
$html_charset = (!empty($enc[1])) ? strtolower($enc[1]) : 'utf-8';
}
else { $html_charset = 'utf-8'; }
-
+
// Extract title
$title = html_extract_title($data);
if (!empty($title))
$continent=substr($tz,0,$spos); $city=substr($tz,$spos+1);
$continents[$continent]=1;
if (!isset($cities[$continent])) $cities[$continent]='';
- $cities[$continent].='<option value="'.$city.'"'.($pcity==$city?'selected':'').'>'.$city.'</option>';
+ $cities[$continent].='<option value="'.$city.'"'.($pcity==$city?' selected':'').'>'.$city.'</option>';
}
}
$continents_html = '';
$continents = array_keys($continents);
foreach($continents as $continent)
- $continents_html.='<option value="'.$continent.'"'.($pcontinent==$continent?'selected':'').'>'.$continent.'</option>';
+ $continents_html.='<option value="'.$continent.'"'.($pcontinent==$continent?' selected':'').'>'.$continent.'</option>';
$cities_html = $cities[$pcontinent];
$timezone_form = "Continent: <select name=\"continent\" id=\"continent\" onChange=\"onChangecontinent();\">${continents_html}</select>";
$timezone_form .= " City: <select name=\"city\" id=\"city\">${cities[$pcontinent]}</select><br />";
projects / github / shaarli / Shaarli.git / blobdiff