// -------- Display the Tools menu if requested (import/export/bookmarklet...)
if ($targetPage == Router::$PAGE_TOOLS) {
- $data = [
- 'pageabsaddr' => index_url($_SERVER),
- 'sslenabled' => is_https($_SERVER),
- ];
- $pluginManager->executeHooks('render_tools', $data);
-
- foreach ($data as $key => $value) {
- $PAGE->assign($key, $value);
- }
-
- $PAGE->assign('pagetitle', t('Tools') .' - '. $conf->get('general.title', 'Shaarli'));
- $PAGE->renderPage('tools');
+ header('Location: ./tools');
exit;
}
// -------- User wants to change his/her password.
if ($targetPage == Router::$PAGE_CHANGEPASSWORD) {
- if ($conf->get('security.open_shaarli')) {
- die(t('You are not supposed to change a password on an Open Shaarli.'));
- }
-
- if (!empty($_POST['setpassword']) && !empty($_POST['oldpassword'])) {
- if (!$sessionManager->checkToken($_POST['token'])) {
- die(t('Wrong token.')); // Go away!
- }
-
- // Make sure old password is correct.
- $oldhash = sha1(
- $_POST['oldpassword'].$conf->get('credentials.login').$conf->get('credentials.salt')
- );
- if ($oldhash != $conf->get('credentials.hash')) {
- echo '<script>alert("'
- . t('The old password is not correct.')
- .'");document.location=\'./?do=changepasswd\';</script>';
- exit;
- }
- // Save new password
- // Salt renders rainbow-tables attacks useless.
- $conf->set('credentials.salt', sha1(uniqid('', true) .'_'. mt_rand()));
- $conf->set(
- 'credentials.hash',
- sha1(
- $_POST['setpassword']
- . $conf->get('credentials.login')
- . $conf->get('credentials.salt')
- )
- );
- try {
- $conf->write($loginManager->isLoggedIn());
- } catch (Exception $e) {
- error_log(
- 'ERROR while writing config file after changing password.' . PHP_EOL .
- $e->getMessage()
- );
-
- // TODO: do not handle exceptions/errors in JS.
- echo '<script>alert("'. $e->getMessage() .'");document.location=\'./?do=tools\';</script>';
- exit;
- }
- echo '<script>alert("'. t('Your password has been changed') .'");document.location=\'./?do=tools\';</script>';
- exit;
- } else {
- // show the change password form.
- $PAGE->assign('pagetitle', t('Change password') .' - '. $conf->get('general.title', 'Shaarli'));
- $PAGE->renderPage('changepassword');
- exit;
- }
+ header('Location: ./password');
+ exit;
}
// -------- User wants to change configuration
})->add('\Shaarli\Api\ApiMiddleware');
$app->group('', function () {
- $this->get('/login', '\Shaarli\Front\Controller\LoginController:index')->setName('login');
- $this->get('/logout', '\Shaarli\Front\Controller\LogoutController:index')->setName('logout');
- $this->get('/picture-wall', '\Shaarli\Front\Controller\PictureWallController:index')->setName('picwall');
- $this->get('/tag-cloud', '\Shaarli\Front\Controller\TagCloudController:cloud')->setName('tagcloud');
- $this->get('/tag-list', '\Shaarli\Front\Controller\TagCloudController:list')->setName('taglist');
- $this->get('/daily', '\Shaarli\Front\Controller\DailyController:index')->setName('daily');
- $this->get('/daily-rss', '\Shaarli\Front\Controller\DailyController:rss')->setName('dailyrss');
- $this->get('/feed-atom', '\Shaarli\Front\Controller\FeedController:atom')->setName('feedatom');
- $this->get('/feed-rss', '\Shaarli\Front\Controller\FeedController:rss')->setName('feedrss');
- $this->get('/open-search', '\Shaarli\Front\Controller\OpenSearchController:index')->setName('opensearch');
-
- $this->get('/add-tag/{newTag}', '\Shaarli\Front\Controller\TagController:addTag')->setName('add-tag');
- $this->get('/remove-tag/{tag}', '\Shaarli\Front\Controller\TagController:removeTag')->setName('remove-tag');
+ /* -- PUBLIC --*/
+ $this->get('/login', '\Shaarli\Front\Controller\Visitor\LoginController:index')->setName('login');
+ $this->get('/picture-wall', '\Shaarli\Front\Controller\Visitor\PictureWallController:index')->setName('picwall');
+ $this->get('/tag-cloud', '\Shaarli\Front\Controller\Visitor\TagCloudController:cloud')->setName('tagcloud');
+ $this->get('/tag-list', '\Shaarli\Front\Controller\Visitor\TagCloudController:list')->setName('taglist');
+ $this->get('/daily', '\Shaarli\Front\Controller\Visitor\DailyController:index')->setName('daily');
+ $this->get('/daily-rss', '\Shaarli\Front\Controller\Visitor\DailyController:rss')->setName('dailyrss');
+ $this->get('/feed-atom', '\Shaarli\Front\Controller\Visitor\FeedController:atom')->setName('feedatom');
+ $this->get('/feed-rss', '\Shaarli\Front\Controller\Visitor\FeedController:rss')->setName('feedrss');
+ $this->get('/open-search', '\Shaarli\Front\Controller\Visitor\OpenSearchController:index')->setName('opensearch');
+
+ $this->get('/add-tag/{newTag}', '\Shaarli\Front\Controller\Visitor\TagController:addTag')->setName('add-tag');
+ $this->get('/remove-tag/{tag}', '\Shaarli\Front\Controller\Visitor\TagController:removeTag')->setName('remove-tag');
+
+ /* -- LOGGED IN -- */
+ $this->get('/logout', '\Shaarli\Front\Controller\Admin\LogoutController:index')->setName('logout');
+ $this->get('/tools', '\Shaarli\Front\Controller\Admin\ToolsController:index')->setName('tools');
+ $this->get('/password', '\Shaarli\Front\Controller\Admin\PasswordController:index')->setName('password');
+ $this->post('/password', '\Shaarli\Front\Controller\Admin\PasswordController:change')->setName('changePassword');
$this
- ->get('/links-per-page', '\Shaarli\Front\Controller\SessionFilterController:linksPerPage')
+ ->get('/links-per-page', '\Shaarli\Front\Controller\Admin\SessionFilterController:linksPerPage')
->setName('filter-links-per-page')
;
$this
- ->get('/visibility/{visibility}', '\Shaarli\Front\Controller\SessionFilterController:visibility')
+ ->get('/visibility/{visibility}', '\Shaarli\Front\Controller\Admin\SessionFilterController:visibility')
->setName('visibility')
;
$this
- ->get('/untagged-only', '\Shaarli\Front\Controller\SessionFilterController:untaggedOnly')
+ ->get('/untagged-only', '\Shaarli\Front\Controller\Admin\SessionFilterController:untaggedOnly')
->setName('untagged-only')
;
})->add('\Shaarli\Front\ShaarliMiddleware');