require_once 'application/FileUtils.php';
require_once 'application/History.php';
require_once 'application/HttpUtils.php';
-require_once 'application/Languages.php';
require_once 'application/LinkDB.php';
require_once 'application/LinkFilter.php';
require_once 'application/LinkUtils.php';
require_once 'application/PluginManager.php';
require_once 'application/Router.php';
require_once 'application/Updater.php';
+use \Shaarli\Languages;
use \Shaarli\ThemeUtils;
use \Shaarli\Config\ConfigManager;
exit;
}
-define('shaarli_version', ApplicationUtils::getVersion(__DIR__ .'/'. ApplicationUtils::$VERSION_FILE));
+define('SHAARLI_VERSION', ApplicationUtils::getVersion(__DIR__ .'/'. ApplicationUtils::$VERSION_FILE));
// Force cookie path (but do not change lifetime)
$cookie = session_get_cookie_params();
}
$conf = new ConfigManager();
+
+// Sniff browser language and set date format accordingly.
+if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
+ autoLocale($_SERVER['HTTP_ACCEPT_LANGUAGE']);
+}
+
+new Languages(setlocale(LC_MESSAGES, 0), $conf);
+
$conf->setEmpty('general.timezone', date_default_timezone_get());
-$conf->setEmpty('general.title', 'Shared links on '. escape(index_url($_SERVER)));
+$conf->setEmpty('general.title', t('Shared links on '). escape(index_url($_SERVER)));
RainTPL::$tpl_dir = $conf->get('resource.raintpl_tpl').'/'.$conf->get('resource.theme').'/'; // template directory
RainTPL::$cache_dir = $conf->get('resource.raintpl_tmp'); // cache directory
$errors = ApplicationUtils::checkResourcePermissions($conf);
if ($errors != array()) {
- $message = '<p>Insufficient permissions:</p><ul>';
+ $message = '<p>'. t('Insufficient permissions:') .'</p><ul>';
foreach ($errors as $error) {
$message .= '<li>'.$error.'</li>';
// a token depending of deployment salt, user password, and the current ip
define('STAY_SIGNED_IN_TOKEN', sha1($conf->get('credentials.hash') . $_SERVER['REMOTE_ADDR'] . $conf->get('credentials.salt')));
-// Sniff browser language and set date format accordingly.
-if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
- autoLocale($_SERVER['HTTP_ACCEPT_LANGUAGE']);
-}
-
/**
* Checking session state (i.e. is the user still logged in)
*
// Process login form: Check if login/password is correct.
if (isset($_POST['login']))
{
- if (!ban_canLogin($conf)) die('I said: NO. You are banned for the moment. Go away.');
+ if (!ban_canLogin($conf)) die(t('I said: NO. You are banned for the moment. Go away.'));
if (isset($_POST['password'])
&& tokenOk($_POST['token'])
&& (check_auth($_POST['login'], $_POST['password'], $conf))
}
}
}
- echo '<script>alert("Wrong login/password.");document.location=\'?do=login'.$redir.'\';</script>'; // Redirect to login screen.
+ // Redirect to login screen.
+ echo '<script>alert("'. t("Wrong login/password.") .'");document.location=\'?do=login'.$redir.'\';</script>';
exit;
}
}
$query = (isset($_SERVER['QUERY_STRING'])) ? $_SERVER['QUERY_STRING'] : '';
$targetPage = Router::findPage($query, $_GET, isLoggedIn());
+ if (
+ // if the user isn't logged in
+ !isLoggedIn() &&
+ // and Shaarli doesn't have public content...
+ $conf->get('privacy.hide_public_links') &&
+ // and is configured to enforce the login
+ $conf->get('privacy.force_login') &&
+ // and the current page isn't already the login page
+ $targetPage !== Router::$PAGE_LOGIN &&
+ // and the user is not requesting a feed (which would lead to a different content-type as expected)
+ $targetPage !== Router::$PAGE_FEED_ATOM &&
+ $targetPage !== Router::$PAGE_FEED_RSS
+ ) {
+ // force current page to be the login page
+ $targetPage = Router::$PAGE_LOGIN;
+ }
+
// Call plugin hooks for header, footer and includes, specifying which page will be rendered.
// Then assign generated data to RainTPL.
$common_hooks = array(
$PAGE->assign('username', escape($_GET['username']));
}
$PAGE->assign('returnurl',(isset($_SERVER['HTTP_REFERER']) ? escape($_SERVER['HTTP_REFERER']):''));
+ // add default state of the 'remember me' checkbox
+ $PAGE->assign('remember_user_default', $conf->get('privacy.remember_user_default'));
$PAGE->renderPage('loginform');
exit;
}
}
$data = array(
- 'search_tags' => implode(' ', $filteringTags),
+ 'search_tags' => implode(' ', escape($filteringTags)),
'tags' => $tagList,
);
$pluginManager->executeHooks('render_tagcloud', $data, array('loggedin' => isLoggedIn()));
}
$data = [
- 'search_tags' => implode(' ', $filteringTags),
+ 'search_tags' => implode(' ', escape($filteringTags)),
'tags' => $tags,
];
$pluginManager->executeHooks('render_taglist', $data, ['loggedin' => isLoggedIn()]);
// -------- Display the Tools menu if requested (import/export/bookmarklet...)
if ($targetPage == Router::$PAGE_TOOLS)
{
- $data = array(
+ $data = [
'pageabsaddr' => index_url($_SERVER),
- 'sslenabled' => !empty($_SERVER['HTTPS'])
- );
+ 'sslenabled' => is_https($_SERVER),
+ ];
$pluginManager->executeHooks('render_tools', $data);
foreach ($data as $key => $value) {
if ($targetPage == Router::$PAGE_CHANGEPASSWORD)
{
if ($conf->get('security.open_shaarli')) {
- die('You are not supposed to change a password on an Open Shaarli.');
+ die(t('You are not supposed to change a password on an Open Shaarli.'));
}
if (!empty($_POST['setpassword']) && !empty($_POST['oldpassword']))
{
- if (!tokenOk($_POST['token'])) die('Wrong token.'); // Go away!
+ if (!tokenOk($_POST['token'])) die(t('Wrong token.')); // Go away!
// Make sure old password is correct.
$oldhash = sha1($_POST['oldpassword'].$conf->get('credentials.login').$conf->get('credentials.salt'));
- if ($oldhash!= $conf->get('credentials.hash')) { echo '<script>alert("The old password is not correct.");document.location=\'?do=changepasswd\';</script>'; exit; }
+ if ($oldhash!= $conf->get('credentials.hash')) {
+ echo '<script>alert("'. t('The old password is not correct.') .'");document.location=\'?do=changepasswd\';</script>';
+ exit;
+ }
// Save new password
// Salt renders rainbow-tables attacks useless.
$conf->set('credentials.salt', sha1(uniqid('', true) .'_'. mt_rand()));
echo '<script>alert("'. $e->getMessage() .'");document.location=\'?do=tools\';</script>';
exit;
}
- echo '<script>alert("Your password has been changed.");document.location=\'?do=tools\';</script>';
+ echo '<script>alert("'. t('Your password has been changed') .'");document.location=\'?do=tools\';</script>';
exit;
}
else // show the change password form.
if (!empty($_POST['title']) )
{
if (!tokenOk($_POST['token'])) {
- die('Wrong token.'); // Go away!
+ die(t('Wrong token.')); // Go away!
}
$tz = 'UTC';
if (!empty($_POST['continent']) && !empty($_POST['city'])
$conf->set('privacy.hide_public_links', !empty($_POST['hidePublicLinks']));
$conf->set('api.enabled', !empty($_POST['enableApi']));
$conf->set('api.secret', escape($_POST['apiSecret']));
+ $conf->set('translation.language', escape($_POST['language']));
+
try {
$conf->write(isLoggedIn());
$history->updateSettings();
echo '<script>alert("'. $e->getMessage() .'");document.location=\'?do=configure\';</script>';
exit;
}
- echo '<script>alert("Configuration was saved.");document.location=\'?do=configure\';</script>';
+ echo '<script>alert("'. t('Configuration was saved.') .'");document.location=\'?do=configure\';</script>';
exit;
}
else // Show the configuration form.
$PAGE->assign('hide_public_links', $conf->get('privacy.hide_public_links', false));
$PAGE->assign('api_enabled', $conf->get('api.enabled', true));
$PAGE->assign('api_secret', $conf->get('api.secret'));
+ $PAGE->assign('languages', Languages::getAvailableLanguages());
+ $PAGE->assign('language', $conf->get('translation.language'));
$PAGE->renderPage('configure');
exit;
}
}
if (!tokenOk($_POST['token'])) {
- die('Wrong token.');
+ die(t('Wrong token.'));
}
$alteredLinks = $LINKSDB->renameTag(escape($_POST['fromtag']), escape($_POST['totag']));
}
$delete = empty($_POST['totag']);
$redirect = $delete ? 'do=changetag' : 'searchtags='. urlencode(escape($_POST['totag']));
+ $count = count($alteredLinks);
$alert = $delete
- ? sprintf(t('The tag was removed from %d links.'), count($alteredLinks))
- : sprintf(t('The tag was renamed in %d links.'), count($alteredLinks));
+ ? sprintf(t('The tag was removed from %d link.', 'The tag was removed from %d links.', $count), $count)
+ : sprintf(t('The tag was renamed in %d link.', 'The tag was renamed in %d links.', $count), $count);
echo '<script>alert("'. $alert .'");document.location=\'?'. $redirect .'\';</script>';
exit;
}
{
// Go away!
if (! tokenOk($_POST['token'])) {
- die('Wrong token.');
+ die(t('Wrong token.'));
}
// lf_id should only be present if the link exists.
if ($targetPage == Router::$PAGE_DELETELINK)
{
if (! tokenOk($_GET['token'])) {
- die('Wrong token.');
+ die(t('Wrong token.'));
}
- if (strpos($_GET['lf_linkdate'], ' ') !== false) {
- $ids = array_values(array_filter(preg_split('/\s+/', escape($_GET['lf_linkdate']))));
+ $ids = trim($_GET['lf_linkdate']);
+ if (strpos($ids, ' ') !== false) {
+ // multiple, space-separated ids provided
+ $ids = array_values(array_filter(preg_split('/\s+/', escape($ids))));
} else {
- $ids = [$_GET['lf_linkdate']];
+ // only a single id provided
+ $ids = [$ids];
+ }
+ // assert at least one id is given
+ if(!count($ids)){
+ die('no id provided');
}
foreach ($ids as $id) {
$id = (int) escape($id);
if ($url == '') {
$url = '?' . smallHash($linkdate . $LINKSDB->getNextId());
- $title = 'Note: ';
+ $title = $conf->get('general.default_note_title', t('Note: '));
}
$url = escape($url);
$title = escape($title);
// Import bookmarks from an uploaded file
if (isset($_FILES['filetoupload']['size']) && $_FILES['filetoupload']['size'] == 0) {
// The file is too big or some form field may be missing.
- echo '<script>alert("The file you are trying to upload is probably'
- .' bigger than what this webserver can accept ('
- .get_max_upload_size(ini_get('post_max_size'), ini_get('upload_max_filesize')).').'
- .' Please upload in smaller chunks.");document.location=\'?do='
- .Router::$PAGE_IMPORT .'\';</script>';
+ $msg = sprintf(
+ t(
+ 'The file you are trying to upload is probably bigger than what this webserver can accept'
+ .' (%s). Please upload in smaller chunks.'
+ ),
+ get_max_upload_size(ini_get('post_max_size'), ini_get('upload_max_filesize'))
+ );
+ echo '<script>alert("'. $msg .'");document.location=\'?do='.Router::$PAGE_IMPORT .'\';</script>';
exit;
}
if (! tokenOk($_POST['token'])) {
// (Because on some hosts, session.save_path may not be set correctly,
// or we may not have write access to it.)
if (isset($_GET['test_session']) && ( !isset($_SESSION) || !isset($_SESSION['session_tested']) || $_SESSION['session_tested']!='Working'))
- { // Step 2: Check if data in session is correct.
- echo '<pre>Sessions do not seem to work correctly on your server.<br>';
- echo 'Make sure the variable session.save_path is set correctly in your php config, and that you have write access to it.<br>';
- echo 'It currently points to '.session_save_path().'<br>';
- echo 'Check that the hostname used to access Shaarli contains a dot. On some browsers, accessing your server via a hostname like \'localhost\' or any custom hostname without a dot causes cookie storage to fail. We recommend accessing your server via it\'s IP address or Fully Qualified Domain Name.<br>';
- echo '<br><a href="?">Click to try again.</a></pre>';
+ {
+ // Step 2: Check if data in session is correct.
+ $msg = t(
+ '<pre>Sessions do not seem to work correctly on your server.<br>'.
+ 'Make sure the variable "session.save_path" is set correctly in your PHP config, '.
+ 'and that you have write access to it.<br>'.
+ 'It currently points to %s.<br>'.
+ 'On some browsers, accessing your server via a hostname like \'localhost\' '.
+ 'or any custom hostname without a dot causes cookie storage to fail. '.
+ 'We recommend accessing your server via it\'s IP address or Fully Qualified Domain Name.<br>'
+ );
+ $msg = sprintf($msg, session_save_path());
+ echo $msg;
+ echo '<br><a href="?">'. t('Click to try again.') .'</a></pre>';
die;
}
if (!isset($_SESSION['session_tested']))
} else {
$conf->set('general.title', 'Shared links on '.escape(index_url($_SERVER)));
}
+ $conf->set('translation.language', escape($_POST['language']));
$conf->set('updates.check_updates', !empty($_POST['updateCheck']));
$conf->set('api.enabled', !empty($_POST['enableApi']));
$conf->set(
list($continents, $cities) = generateTimeZoneData(timezone_identifiers_list(), date_default_timezone_get());
$PAGE->assign('continents', $continents);
$PAGE->assign('cities', $cities);
+ $PAGE->assign('languages', Languages::getAvailableLanguages());
$PAGE->renderPage('install');
exit;
}