* poche, a read it later open source system
*
* @category poche
- * @author Nicolas Lœuillet <nicolas@loeuillet.org>
+ * @author Nicolas Lœuillet <support@inthepoche.com>
* @copyright 2013
* @license http://www.wtfpl.net/ see COPYING file
*/
include dirname(__FILE__).'/inc/config.php';
-$db = new db(DB_PATH);
-$action = (isset ($_GET['action'])) ? htmlspecialchars($_GET['action']) : '';
-$view = (isset ($_GET['view'])) ? htmlspecialchars($_GET['view']) : '';
-$id = (isset ($_GET['id'])) ? htmlspecialchars($_GET['id']) : '';
+myTool::initPhp();
-switch ($action)
-{
- case 'add':
- $url = (isset ($_GET['url'])) ? $_GET['url'] : '';
- if ($url == '')
- continue;
-
- $url = html_entity_decode(trim($url));
-
- // We remove the annoying parameters added by FeedBurner and GoogleFeedProxy (?utm_source=...)
- // from shaarli, by sebsauvage
- $i=strpos($url,'&utm_source='); if ($i!==false) $url=substr($url,0,$i);
- $i=strpos($url,'?utm_source='); if ($i!==false) $url=substr($url,0,$i);
- $i=strpos($url,'#xtor=RSS-'); if ($i!==false) $url=substr($url,0,$i);
+# XSRF protection with token
+if (!empty($_POST)) {
+ if (!Session::isToken($_POST['token'])) {
+ die('Wrong token.');
+ }
+ unset($_SESSION['tokens']);
+}
- $title = $url;
- if (!preg_match('!^https?://!i', $url))
- $url = 'http://' . $url;
+$ref = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER'];
- $html = Encoding::toUTF8(get_external_file($url,15));
- if (isset($html) and strlen($html) > 0)
- {
- $r = new Readability($html, $url);
- if($r->init())
- {
- $title = $r->articleTitle->innerHTML;
+if (isset($_GET['login'])) {
+ // Login
+ if (!empty($_POST['login']) && !empty($_POST['password'])) {
+ if (Session::login('poche', 'poche', $_POST['login'], $_POST['password'])) {
+ logm('login successful');
+ $msg->add('s', 'welcome in your pocket!');
+ if (!empty($_POST['longlastingsession'])) {
+ $_SESSION['longlastingsession'] = 31536000;
+ $_SESSION['expires_on'] = time() + $_SESSION['longlastingsession'];
+ session_set_cookie_params($_SESSION['longlastingsession']);
+ } else {
+ session_set_cookie_params(0); // when browser closes
}
- }
-
- $query = $db->getHandle()->prepare('INSERT INTO entries ( url, title ) VALUES (?, ?)');
- $query->execute(array($url, $title));
- break;
- case 'delete':
- $sql_action = "DELETE FROM entries WHERE id=?";
- $params_action = array($id);
- break;
- default:
- break;
-}
+ session_regenerate_id(true);
-try
-{
- # action query
- if (isset($sql_action))
- {
- $query = $db->getHandle()->prepare($sql_action);
- $query->execute($params_action);
+ MyTool::redirect($ref);
+ }
+ logm('login failed');
+ die("Login failed !");
+ } else {
+ logm('login failed');
}
}
-catch (Exception $e)
-{
- die('query error : '.$e->getMessage());
+elseif (isset($_GET['logout'])) {
+ logm('logout');
+ Session::logout();
+ MyTool::redirect();
}
-switch ($view)
-{
- case 'archive':
- $sql = "SELECT * FROM entries WHERE is_read=? ORDER BY id desc";
- $params = array(-1);
- break;
- case 'fav' :
- $sql = "SELECT * FROM entries WHERE is_fav=? ORDER BY id desc";
- $params = array(-1);
- break;
- default:
- $sql = "SELECT * FROM entries WHERE is_read=? ORDER BY id desc";
- $params = array(0);
- $view = 'index';
- break;
-}
+# Traitement des paramètres et déclenchement des actions
+$view = (isset ($_REQUEST['view'])) ? htmlentities($_REQUEST['view']) : 'index';
+$full_head = (isset ($_REQUEST['full_head'])) ? htmlentities($_REQUEST['full_head']) : 'yes';
+$action = (isset ($_REQUEST['action'])) ? htmlentities($_REQUEST['action']) : '';
+$_SESSION['sort'] = (isset ($_REQUEST['sort'])) ? htmlentities($_REQUEST['sort']) : 'id';
+$id = (isset ($_REQUEST['id'])) ? htmlspecialchars($_REQUEST['id']) : '';
+$url = (isset ($_GET['url'])) ? $_GET['url'] : '';
+
+$tpl->assign('isLogged', Session::isLogged());
+$tpl->assign('referer', $ref);
+$tpl->assign('view', $view);
+$tpl->assign('poche_url', myTool::getUrl());
+$tpl->assign('title', 'poche, a read it later open source system');
-# view query
-try
-{
- $query = $db->getHandle()->prepare($sql);
- $query->execute($params);
- $entries = $query->fetchAll();
+if (Session::isLogged()) {
+ action_to_do($action, $url, $id);
+ display_view($view, $id, $full_head);
}
-catch (Exception $e)
-{
- die('query error : '.$e->getMessage());
+else {
+ $tpl->draw('login');
}
-
-?>
-<!DOCTYPE html>
-<!--[if lte IE 6]> <html class="no-js ie6 ie67 ie678" lang="en"> <![endif]-->
-<!--[if lte IE 7]> <html class="no-js ie7 ie67 ie678" lang="en"> <![endif]-->
-<!--[if IE 8]> <html class="no-js ie8 ie678" lang="en"> <![endif]-->
-<!--[if gt IE 8]><!--> <html class="no-js" lang="en"> <!--<![endif]-->
-<html>
- <head>
- <meta name="viewport" content="width=device-width, minimum-scale=1.0, maximum-scale=1.0">
- <meta charset="utf-8">
- <meta http-equiv="X-UA-Compatible" content="IE=10">
- <title>poche, a read it later open source system</title>
- <link rel="shortcut icon" type="image/x-icon" href="img/favicon.ico" />
- <link rel="apple-touch-icon-precomposed" sizes="144x144" href="img/apple-touch-icon-144x144-precomposed.png">
- <link rel="apple-touch-icon-precomposed" sizes="72x72" href="img/apple-touch-icon-72x72-precomposed.png">
- <link rel="apple-touch-icon-precomposed" href="img/apple-touch-icon-precomposed.png">
- <link rel="stylesheet" href="css/knacss.css" media="all">
- <link rel="stylesheet" href="css/style.css" media="all">
- </head>
- <body>
- <header>
- <h1><img src="img/logo.png" alt="logo poche" />poche</h1>
- </header>
- <div id="main">
- <ul id="links">
- <li><a href="index.php" <?php echo (($view == 'index') ? 'class="current"' : ''); ?>>home</a></li>
- <li><a href="?view=fav" <?php echo (($view == 'fav') ? 'class="current"' : ''); ?>>favorites</a></li>
- <li><a href="?view=archive" <?php echo (($view == 'archive') ? 'class="current"' : ''); ?>>archive</a></li>
- <li><a style="cursor: move" title="i am a bookmarklet, use me !" href="javascript:(function(){var%20url%20=%20location.href;var%20title%20=%20document.title%20||%20url;window.open('<?php echo url()?>?action=add&url='%20+%20encodeURIComponent(url),'_self');})();">poche it !</a></li>
- </ul>
- <div id="content">
- <?php
- foreach ($entries as $entry)
- {
- ?>
- <div id="entry-<?php echo $entry['id']; ?>" class="entrie mb2">
- <span class="content">
- <h2 class="h6-like">
- <a href="readityourself.php?url=<?php echo urlencode($entry['url']); ?>"><?php echo $entry['title']; ?>
- </h2>
- <div class="tools">
- <a title="toggle mark as read" class="tool archive <?php echo ( ($entry['is_read'] == '0') ? 'archive-off' : '' ); ?>" onclick="toggle_archive(<?php echo $entry['id']; ?>)"><span></span></a>
- <a title="toggle favorite" class="tool fav <?php echo ( ($entry['is_fav'] == '0') ? 'fav-off' : '' ); ?>" onclick="toggle_favorite(this, <?php echo $entry['id']; ?>)"><span></span></a>
- <a href="?action=delete&id=<?php echo $entry['id']; ?>" title="toggle delete" onclick="return confirm('Are you sure?')" class="tool delete"><span></span></a>
- </div>
- </span>
- </div>
- <?php
- }
- ?>
- </div>
- </div>
- <footer class="mr2 mt3 smaller">
- <p>download poche on <a href="http://github.com/nicosomb/github">github</a><br />follow us on <a href="https://twitter.com/getpoche" title="follow us on twitter">twitter</a></p>
- </footer>
- <script type="text/javascript" src="js/jquery-1.9.1.min.js"></script>
- <script type="text/javascript" src="js/jquery.masonry.min.js"></script>
- <script type="text/javascript" src="js/poche.js"></script>
- <script type="text/javascript">
- $( window ).load( function()
- {
- var columns = 3,
- setColumns = function() { columns = $( window ).width() > 640 ? 3 : $( window ).width() > 320 ? 2 : 1; };
-
- setColumns();
- $( window ).resize( setColumns );
-
- $( '#content' ).masonry(
- {
- itemSelector: '.entrie',
- columnWidth: function( containerWidth ) { return containerWidth / columns; }
- });
- });
- </script>
- </body>
-</html>