<?php
/**
- * Shaarli v0.8.1 - Shaare your links...
- *
- * The personal, minimalist, super-fast, database free, bookmarking service.
+ * Shaarli - The personal, minimalist, super-fast, database free, bookmarking service.
*
* Friendly fork by the Shaarli community:
* - https://github.com/shaarli/Shaarli
*
* Licence: http://www.opensource.org/licenses/zlib-license.php
*
- * Requires: PHP 5.3.x
+ * Requires: PHP 5.5.x
*/
// Set 'UTC' as the default timezone if it is not defined in php.ini
/*
* PHP configuration
*/
-define('shaarli_version', '0.8.1');
// http://server.com/x/shaarli --> /shaarli/
define('WEB_PATH', substr($_SERVER['REQUEST_URI'], 0, 1+strrpos($_SERVER['REQUEST_URI'], '/', 0)));
require_once 'application/ApplicationUtils.php';
require_once 'application/Cache.php';
require_once 'application/CachedPage.php';
-require_once 'application/config/ConfigManager.php';
require_once 'application/config/ConfigPlugin.php';
require_once 'application/FeedBuilder.php';
require_once 'application/FileUtils.php';
require_once 'application/Router.php';
require_once 'application/Updater.php';
use \Shaarli\ThemeUtils;
+use \Shaarli\Config\ConfigManager;
// Ensure the PHP version is supported
try {
- ApplicationUtils::checkPHPVersion('5.3', PHP_VERSION);
+ ApplicationUtils::checkPHPVersion('5.5', PHP_VERSION);
} catch(Exception $exc) {
header('Content-Type: text/plain; charset=utf-8');
echo $exc->getMessage();
exit;
}
+define('shaarli_version', ApplicationUtils::getVersion(__DIR__ .'/'. ApplicationUtils::$VERSION_FILE));
+
// Force cookie path (but do not change lifetime)
$cookie = session_get_cookie_params();
$cookiedir = '';
}
// If session does not exist on server side, or IP address has changed, or session has expired, logout.
if (empty($_SESSION['uid'])
- || ($conf->get('security.session_protection_disabled') == false && $_SESSION['ip'] != allIPs())
+ || ($conf->get('security.session_protection_disabled') === false && $_SESSION['ip'] != allIPs())
|| time() >= $_SESSION['expires_on'])
{
logout();
// Optional redirect after login:
if (isset($_GET['post'])) {
$uri = '?post='. urlencode($_GET['post']);
- foreach (array('description', 'source', 'title') as $param) {
+ foreach (array('description', 'source', 'title', 'tags') as $param) {
if (!empty($_GET[$param])) {
$uri .= '&'.$param.'='.urlencode($_GET[$param]);
}
$redir = '&username='. $_POST['login'];
if (isset($_GET['post'])) {
$redir .= '&post=' . urlencode($_GET['post']);
- foreach (array('description', 'source', 'title') as $param) {
+ foreach (array('description', 'source', 'title', 'tags') as $param) {
if (!empty($_GET[$param])) {
$redir .= '&' . $param . '=' . urlencode($_GET[$param]);
}
$dayDate = DateTime::createFromFormat(LinkDB::LINK_DATE_FORMAT, $day.'_000000');
$data = array(
+ 'pagetitle' => $conf->get('general.title') .' - '. format_date($dayDate, false),
'linksToDisplay' => $linksToDisplay,
'cols' => $columns,
'day' => $dayDate->getTimestamp(),
+ 'dayDate' => $dayDate,
'previousday' => $previousday,
'nextday' => $nextday,
);
$_SESSION['LINKS_PER_PAGE']=abs(intval($_GET['linksperpage']));
}
- header('Location: '. generateLocation($_SERVER['HTTP_REFERER'], $_SERVER['HTTP_HOST'], array('linksperpage')));
+ if (! empty($_SERVER['HTTP_REFERER'])) {
+ $location = generateLocation($_SERVER['HTTP_REFERER'], $_SERVER['HTTP_HOST'], array('linksperpage'));
+ } else {
+ $location = '?';
+ }
+ header('Location: '. $location);
exit;
}
unset($_SESSION['privateonly']); // See all links
}
- header('Location: '. generateLocation($_SERVER['HTTP_REFERER'], $_SERVER['HTTP_HOST'], array('privateonly')));
+ if (! empty($_SERVER['HTTP_REFERER'])) {
+ $location = generateLocation($_SERVER['HTTP_REFERER'], $_SERVER['HTTP_HOST'], array('privateonly'));
+ } else {
+ $location = '?';
+ }
+ header('Location: '. $location);
exit;
}
// Show login screen, then redirect to ?post=...
if (isset($_GET['post']))
{
- header('Location: ?do=login&post='.urlencode($_GET['post']).(!empty($_GET['title'])?'&title='.urlencode($_GET['title']):'').(!empty($_GET['description'])?'&description='.urlencode($_GET['description']):'').(!empty($_GET['source'])?'&source='.urlencode($_GET['source']):'')); // Redirect to login page, then back to post link.
+ header( // Redirect to login page, then back to post link.
+ 'Location: ?do=login&post='.urlencode($_GET['post']).
+ (!empty($_GET['title'])?'&title='.urlencode($_GET['title']):'').
+ (!empty($_GET['description'])?'&description='.urlencode($_GET['description']):'').
+ (!empty($_GET['tags'])?'&tags='.urlencode($_GET['tags']):'').
+ (!empty($_GET['source'])?'&source='.urlencode($_GET['source']):'')
+ );
exit;
}
$conf->set('feed.rss_permalinks', !empty($_POST['enableRssPermalinks']));
$conf->set('updates.check_updates', !empty($_POST['updateCheck']));
$conf->set('privacy.hide_public_links', !empty($_POST['hidePublicLinks']));
- $conf->set('api.enabled', !empty($_POST['apiEnabled']));
+ $conf->set('api.enabled', !empty($_POST['enableApi']));
$conf->set('api.secret', escape($_POST['apiSecret']));
try {
$conf->write(isLoggedIn());
$LINKSDB[$key]=$value;
}
$LINKSDB->save($conf->get('resource.page_cache'));
- echo '<script>alert("Tag was removed from '.count($linksToAlter).' links.");document.location=\'?\';</script>';
+ echo '<script>alert("Tag was removed from '.count($linksToAlter).' links.");document.location=\'?do=changetag\';</script>';
exit;
}
$needle = trim($_POST['fromtag']);
// True for case-sensitive tag search.
$linksToAlter = $LINKSDB->filterSearch(array('searchtags' => $needle), true);
- foreach($linksToAlter as $key=>$value)
- {
- $tags = explode(' ',trim($value['tags']));
- $tags[array_search($needle,$tags)] = trim($_POST['totag']); // Replace tags value.
- $value['tags']=trim(implode(' ',$tags));
- $LINKSDB[$key]=$value;
+ foreach($linksToAlter as $key=>$value) {
+ $tags = preg_split('/\s+/', trim($value['tags']));
+ // Replace tags value.
+ $tags[array_search($needle, $tags)] = trim($_POST['totag']);
+ $value['tags'] = implode(' ', array_unique($tags));
+ $LINKSDB[$key] = $value;
}
$LINKSDB->save($conf->get('resource.page_cache')); // Save to disk.
- echo '<script>alert("Tag was renamed in '.count($linksToAlter).' links.");document.location=\'?searchtags='.urlencode($_POST['totag']).'\';</script>';
+ echo '<script>alert("Tag was renamed in '.count($linksToAlter).' links.");document.location=\'?searchtags='.urlencode(escape($_POST['totag'])).'\';</script>';
exit;
}
}
}
// lf_id should only be present if the link exists.
- $id = !empty($_POST['lf_id']) ? intval(escape($_POST['lf_id'])) : $LINKSDB->getNextId();
+ $id = isset($_POST['lf_id']) ? intval(escape($_POST['lf_id'])) : $LINKSDB->getNextId();
// Linkdate is kept here to:
// - use the same permalink for notes as they're displayed when creating them
// - let users hack creation date of their posts
// -------- User clicked the "Cancel" button when editing a link.
if (isset($_POST['cancel_edit']))
{
+ $id = isset($_POST['lf_id']) ? (int) escape($_POST['lf_id']) : false;
+ if (! isset($LINKSDB[$id])) {
+ header('Location: ?');
+ }
// If we are called from the bookmarklet, we must close the popup:
if (isset($_GET['source']) && ($_GET['source']=='bookmarklet' || $_GET['source']=='firefoxsocialapi')) { echo '<script>self.close();</script>'; exit; }
- $link = $LINKSDB[(int) escape($_POST['lf_id'])];
+ $link = $LINKSDB[$id];
$returnurl = ( isset($_POST['returnurl']) ? $_POST['returnurl'] : '?' );
// Scroll to the link which has been edited.
$returnurl .= '#'. $link['shorturl'];
// If we are called from the bookmarklet, we must close the popup:
if (isset($_GET['source']) && ($_GET['source']=='bookmarklet' || $_GET['source']=='firefoxsocialapi')) { echo '<script>self.close();</script>'; exit; }
- // Pick where we're going to redirect
- // =============================================================
- // Basically, we can't redirect to where we were previously if it was a permalink
- // or an edit_link, because it would 404.
- // Cases:
- // - / : nothing in $_GET, redirect to self
- // - /?page : redirect to self
- // - /?searchterm : redirect to self (there might be other links)
- // - /?searchtags : redirect to self
- // - /permalink : redirect to / (the link does not exist anymore)
- // - /?edit_link : redirect to / (the link does not exist anymore)
- // PHP treats the permalink as a $_GET variable, so we need to check if every condition for self
- // redirect is not satisfied, and only then redirect to /
- $location = "?";
- // Self redirection
- if (count($_GET) == 0
- || isset($_GET['page'])
- || isset($_GET['searchterm'])
- || isset($_GET['searchtags'])
- ) {
- if (isset($_POST['returnurl'])) {
- $location = $_POST['returnurl']; // Handle redirects given by the form
- } else {
- $location = generateLocation($_SERVER['HTTP_REFERER'], $_SERVER['HTTP_HOST'], array('delete_link'));
- }
+
+ $location = '?';
+ if (isset($_SERVER['HTTP_REFERER'])) {
+ // Don't redirect to where we were previously if it was a permalink or an edit_link, because it would 404.
+ $location = generateLocation(
+ $_SERVER['HTTP_REFERER'],
+ $_SERVER['HTTP_HOST'],
+ ['delete_link', 'edit_link', $link['shorturl']]
+ );
}
header('Location: ' . $location); // After deleting the link, redirect to appropriate location
$_POST,
$_FILES,
$LINKSDB,
- $conf->get('resource.page_cache')
+ $conf
);
echo '<script>alert("'.$status.'");document.location=\'?do='
.Router::$PAGE_IMPORT .'\';</script>';
}
} else {
// Filter links according search parameters.
- $privateonly = !empty($_SESSION['privateonly']);
- $linksToDisplay = $LINKSDB->filterSearch($_GET, false, $privateonly);
+ $visibility = ! empty($_SESSION['privateonly']) ? 'private' : 'all';
+ $linksToDisplay = $LINKSDB->filterSearch($_GET, false, $visibility);
}
// ---- Handle paging.
'result_count' => count($linksToDisplay),
'search_term' => $searchterm,
'search_tags' => $searchtags,
+ 'visibility' => ! empty($_SESSION['privateonly']) ? 'private' : '',
'redirector' => $conf->get('redirector.url'), // Optional redirector URL.
'links' => $linkDisp,
'tags' => $LINKSDB->allTags(),
// REST API routes
$app->group('/api/v1', function() {
- $this->get('/info', '\Shaarli\Api\Controllers\Info:getInfo');
+ $this->get('/info', '\Shaarli\Api\Controllers\Info:getInfo')->setName('getInfo');
+ $this->get('/links', '\Shaarli\Api\Controllers\Links:getLinks')->setName('getLinks');
+ $this->get('/links/{id:[\d]+}', '\Shaarli\Api\Controllers\Links:getLink')->setName('getLink');
+ $this->post('/links', '\Shaarli\Api\Controllers\Links:postLink')->setName('postLink');
+ $this->put('/links/{id:[\d]+}', '\Shaarli\Api\Controllers\Links:putLink')->setName('putLink');
+ $this->delete('/links/{id:[\d]+}', '\Shaarli\Api\Controllers\Links:deleteLink')->setName('deleteLink');
})->add('\Shaarli\Api\ApiMiddleware');
$response = $app->run(true);
// Hack to make Slim and Shaarli router work together:
-// If a Slim route isn't found, we call renderPage().
-if ($response->getStatusCode() == 404) {
+// If a Slim route isn't found and NOT API call, we call renderPage().
+if ($response->getStatusCode() == 404 && strpos($_SERVER['REQUEST_URI'], '/api/v1') === false) {
// We use UTF-8 for proper international characters handling.
header('Content-Type: text/html; charset=utf-8');
renderPage($conf, $pluginManager, $linkDb);
projects / github / shaarli / Shaarli.git / blobdiff