<?php
/**
- * Shaarli v0.5.4 - Shaare your links...
+ * Shaarli v0.6.0 - Shaare your links...
*
* The personal, minimalist, super-fast, no-database Delicious clone.
*
// Banned IPs
$GLOBALS['config']['IPBANS_FILENAME'] = $GLOBALS['config']['DATADIR'].'/ipbans.php';
+// Access log
+$GLOBALS['config']['LOG_FILE'] = $GLOBALS['config']['DATADIR'].'/log.txt';
+
// For updates check of Shaarli
$GLOBALS['config']['UPDATECHECK_FILENAME'] = $GLOBALS['config']['DATADIR'].'/lastupdatecheck.txt';
// Raintpl template directory (keep the trailing slash!)
$GLOBALS['config']['RAINTPL_TPL'] = 'tpl/';
-// Thuumbnail cache directory
+// Thumbnail cache directory
$GLOBALS['config']['CACHEDIR'] = 'cache';
// Atom & RSS feed cache directory
/*
* PHP configuration
*/
-define('shaarli_version', '0.5.4');
+define('shaarli_version', '0.6.0');
// http://server.com/x/shaarli --> /shaarli/
define('WEB_PATH', substr($_SERVER["REQUEST_URI"], 0, 1+strrpos($_SERVER["REQUEST_URI"], '/', 0)));
}
// Shaarli library
+require_once 'application/ApplicationUtils.php';
require_once 'application/Cache.php';
require_once 'application/CachedPage.php';
+require_once 'application/FileUtils.php';
require_once 'application/HttpUtils.php';
require_once 'application/LinkDB.php';
require_once 'application/TimeZone.php';
// Ensure the PHP version is supported
try {
checkPHPVersion('5.3', PHP_VERSION);
-} catch(Exception $e) {
+} catch(Exception $exc) {
header('Content-Type: text/plain; charset=utf-8');
- echo $e->getMessage();
+ echo $exc->getMessage();
exit;
}
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
-// Directories creations (Note that your web host may require different rights than 705.)
-if (!is_writable(realpath(dirname(__FILE__)))) die('<pre>ERROR: Shaarli does not have the right to write in its own directory.</pre>');
-
// Handling of old config file which do not have the new parameters.
if (empty($GLOBALS['title'])) $GLOBALS['title']='Shared links on '.escape(index_url($_SERVER));
if (empty($GLOBALS['timezone'])) $GLOBALS['timezone']=date_default_timezone_get();
if (empty($GLOBALS['titleLink'])) $GLOBALS['titleLink']='?';
// I really need to rewrite Shaarli with a proper configuation manager.
-// Run config screen if first run:
if (! is_file($GLOBALS['config']['CONFIG_FILE'])) {
+ // Ensure Shaarli has proper access to its resources
+ $errors = ApplicationUtils::checkResourcePermissions($GLOBALS['config']);
+
+ if ($errors != array()) {
+ $message = '<p>Insufficient permissions:</p><ul>';
+
+ foreach ($errors as $error) {
+ $message .= '<li>'.$error.'</li>';
+ }
+ $message .= '</ul>';
+
+ header('Content-Type: text/html; charset=utf-8');
+ echo $message;
+ exit;
+ }
+
+ // Display the installation form if no existing config is found
install();
}
//==================================================================================================
function setup_login_state() {
- $userIsLoggedIn = false; // By default, we do not consider the user as logged in;
- $loginFailure = false; // If set to true, every attempt to authenticate the user will fail. This indicates that an important condition isn't met.
if ($GLOBALS['config']['OPEN_SHAARLI']) {
- $userIsLoggedIn = true;
+ return true;
}
+ $userIsLoggedIn = false; // By default, we do not consider the user as logged in;
+ $loginFailure = false; // If set to true, every attempt to authenticate the user will fail. This indicates that an important condition isn't met.
if (!isset($GLOBALS['login'])) {
$userIsLoggedIn = false; // Shaarli is not configured yet.
$loginFailure = true;
function logm($message)
{
$t = strval(date('Y/m/d_H:i:s')).' - '.$_SERVER["REMOTE_ADDR"].' - '.strval($message)."\n";
- file_put_contents($GLOBALS['config']['DATADIR'].'/log.txt',$t,FILE_APPEND);
+ file_put_contents($GLOBAL['config']['LOG_FILE'], $t, FILE_APPEND);
}
// In a string, converts URLs to clickable links.
$this->tpl->assign('pagetitle', $GLOBALS['pagetitle']);
}
$this->tpl->assign('shaarlititle', empty($GLOBALS['title']) ? 'Shaarli': $GLOBALS['title']);
- if (!empty($GLOBALS['plugins']['errors'])) {
- $this->tpl->assign('plugin_errors', $GLOBALS['plugins']['errors']);
+ if (!empty($GLOBALS['plugin_errors'])) {
+ $this->tpl->assign('plugin_errors', $GLOBALS['plugin_errors']);
}
}
// If cached was not found (or not usable), then read the database and build the response:
$LINKSDB = new LinkDB(
$GLOBALS['config']['DATASTORE'],
- isLoggedIn() || $GLOBALS['config']['OPEN_SHAARLI'],
+ isLoggedIn(),
$GLOBALS['config']['HIDE_PUBLIC_LINKS']
);
// Read links from database (and filter private links if user it not logged in).
// Read links from database (and filter private links if used it not logged in).
$LINKSDB = new LinkDB(
$GLOBALS['config']['DATASTORE'],
- isLoggedIn() || $GLOBALS['config']['OPEN_SHAARLI'],
+ isLoggedIn(),
$GLOBALS['config']['HIDE_PUBLIC_LINKS']
);
// Read links from database (and filter private links if used it not logged in).
$LINKSDB = new LinkDB(
$GLOBALS['config']['DATASTORE'],
- isLoggedIn() || $GLOBALS['config']['OPEN_SHAARLI'],
+ isLoggedIn(),
$GLOBALS['config']['HIDE_PUBLIC_LINKS']
);
{
$LINKSDB = new LinkDB(
$GLOBALS['config']['DATASTORE'],
- isLoggedIn() || $GLOBALS['config']['OPEN_SHAARLI'],
+ isLoggedIn(),
$GLOBALS['config']['HIDE_PUBLIC_LINKS']
);
{
$LINKSDB = new LinkDB(
$GLOBALS['config']['DATASTORE'],
- isLoggedIn() || $GLOBALS['config']['OPEN_SHAARLI'],
+ isLoggedIn(),
$GLOBALS['config']['HIDE_PUBLIC_LINKS']
);
exit;
}
+ // Display openseach plugin (XML)
+ if ($targetPage == Router::$PAGE_OPENSEARCH) {
+ header('Content-Type: application/xml; charset=utf-8');
+ $PAGE->assign('serverurl', index_url($_SERVER));
+ $PAGE->renderPage('opensearch');
+ exit;
+ }
+
// -------- User clicks on a tag in a link: The tag is added to the list of searched tags (searchtags=...)
if (isset($_GET['addtag']))
{
$value['tags']=trim(implode(' ',$tags));
$LINKSDB[$key]=$value;
}
- $LINKSDB->savedb($GLOBALS['config']['PAGECACHE']); // Save to disk.
+ $LINKSDB->savedb($GLOBALS['config']['PAGECACHE']);
echo '<script>alert("Tag was removed from '.count($linksToAlter).' links.");document.location=\'?\';</script>';
exit;
}
$link_is_new = true;
$linkdate = strval(date('Ymd_His'));
// Get title if it was provided in URL (by the bookmarklet).
- $title = (empty($_GET['title']) ? '' : $_GET['title'] );
+ $title = empty($_GET['title']) ? '' : escape($_GET['title']);
// Get description if it was provided in URL (by the bookmarklet). [Bronco added that]
- $description = (empty($_GET['description']) ? '' : $_GET['description']);
- $tags = (empty($_GET['tags']) ? '' : $_GET['tags'] );
- $private = (!empty($_GET['private']) && $_GET['private'] === "1" ? 1 : 0);
+ $description = empty($_GET['description']) ? '' : escape($_GET['description']);
+ $tags = empty($_GET['tags']) ? '' : escape($_GET['tags']);
+ $private = !empty($_GET['private']) && $_GET['private'] === "1" ? 1 : 0;
// If this is an HTTP(S) link, we try go get the page to extract the title (otherwise we will to straight to the edit form.)
if (empty($title) && strpos(get_url_scheme($url), 'http') !== false) {
// Short timeout to keep the application responsive
// Process the import file form.
function importFile()
{
- if (!(isLoggedIn() || $GLOBALS['config']['OPEN_SHAARLI'])) { die('Not allowed.'); }
+ if (!isLoggedIn()) { die('Not allowed.'); }
$LINKSDB = new LinkDB(
$GLOBALS['config']['DATASTORE'],
- isLoggedIn() || $GLOBALS['config']['OPEN_SHAARLI'],
+ isLoggedIn(),
$GLOBALS['config']['HIDE_PUBLIC_LINKS']
);
$filename=$_FILES['filetoupload']['name'];
projects / github / shaarli / Shaarli.git / blobdiff