// Display opensearch plugin (XML)
if ($targetPage == Router::$PAGE_OPENSEARCH) {
- header('Content-Type: application/xml; charset=utf-8');
- $PAGE->assign('serverurl', index_url($_SERVER));
- $PAGE->renderPage('opensearch');
+ header('Location: ./open-search');
exit;
}
// -------- User clicks on a tag in result count: Remove the tag from the list of searched tags (searchtags=...)
if (isset($_GET['removetag'])) {
- // Get previous URL (http_referer) and remove the tag from the searchtags parameters in query.
- if (empty($_SERVER['HTTP_REFERER'])) {
- header('Location: ?');
- exit;
- }
-
- // In case browser does not send HTTP_REFERER
- parse_str(parse_url($_SERVER['HTTP_REFERER'], PHP_URL_QUERY), $params);
-
- // Prevent redirection loop
- if (isset($params['removetag'])) {
- unset($params['removetag']);
- }
-
- if (isset($params['searchtags'])) {
- $tags = explode(' ', $params['searchtags']);
- // Remove value from array $tags.
- $tags = array_diff($tags, array($_GET['removetag']));
- $params['searchtags'] = implode(' ', $tags);
-
- if (empty($params['searchtags'])) {
- unset($params['searchtags']);
- }
-
- // We also remove page (keeping the same page has no sense, since
- // the results are different)
- unset($params['page']);
- }
- header('Location: ?'.http_build_query($params));
+ header('Location: ./remove-tag/'. $_GET['removetag']);
exit;
}
// -------- User wants to change the number of bookmarks per page (linksperpage=...)
if (isset($_GET['linksperpage'])) {
- if (is_numeric($_GET['linksperpage'])) {
- $_SESSION['LINKS_PER_PAGE']=abs(intval($_GET['linksperpage']));
- }
-
- if (! empty($_SERVER['HTTP_REFERER'])) {
- $location = generateLocation($_SERVER['HTTP_REFERER'], $_SERVER['HTTP_HOST'], array('linksperpage'));
- } else {
- $location = '?';
- }
- header('Location: '. $location);
+ header('Location: ./links-per-page?nb='. $_GET['linksperpage']);
exit;
}
// -------- User wants to see only private bookmarks (toggle)
if (isset($_GET['visibility'])) {
- if ($_GET['visibility'] === 'private') {
- // Visibility not set or not already private, set private, otherwise reset it
- if (empty($_SESSION['visibility']) || $_SESSION['visibility'] !== 'private') {
- // See only private bookmarks
- $_SESSION['visibility'] = 'private';
- } else {
- unset($_SESSION['visibility']);
- }
- } elseif ($_GET['visibility'] === 'public') {
- if (empty($_SESSION['visibility']) || $_SESSION['visibility'] !== 'public') {
- // See only public bookmarks
- $_SESSION['visibility'] = 'public';
- } else {
- unset($_SESSION['visibility']);
- }
- }
-
- if (! empty($_SERVER['HTTP_REFERER'])) {
- $location = generateLocation($_SERVER['HTTP_REFERER'], $_SERVER['HTTP_HOST'], array('visibility'));
- } else {
- $location = '?';
- }
- header('Location: '. $location);
+ header('Location: ./visibility/'. $_GET['visibility']);
exit;
}
// -------- User wants to see only untagged bookmarks (toggle)
if (isset($_GET['untaggedonly'])) {
- $_SESSION['untaggedonly'] = empty($_SESSION['untaggedonly']);
-
- if (! empty($_SERVER['HTTP_REFERER'])) {
- $location = generateLocation($_SERVER['HTTP_REFERER'], $_SERVER['HTTP_HOST'], array('untaggedonly'));
- } else {
- $location = '?';
- }
- header('Location: '. $location);
+ header('Location: ./untagged-only');
exit;
}
// -------- Display the Tools menu if requested (import/export/bookmarklet...)
if ($targetPage == Router::$PAGE_TOOLS) {
- $data = [
- 'pageabsaddr' => index_url($_SERVER),
- 'sslenabled' => is_https($_SERVER),
- ];
- $pluginManager->executeHooks('render_tools', $data);
-
- foreach ($data as $key => $value) {
- $PAGE->assign($key, $value);
- }
-
- $PAGE->assign('pagetitle', t('Tools') .' - '. $conf->get('general.title', 'Shaarli'));
- $PAGE->renderPage('tools');
+ header('Location: ./tools');
exit;
}
// -------- User wants to change his/her password.
if ($targetPage == Router::$PAGE_CHANGEPASSWORD) {
- if ($conf->get('security.open_shaarli')) {
- die(t('You are not supposed to change a password on an Open Shaarli.'));
- }
-
- if (!empty($_POST['setpassword']) && !empty($_POST['oldpassword'])) {
- if (!$sessionManager->checkToken($_POST['token'])) {
- die(t('Wrong token.')); // Go away!
- }
-
- // Make sure old password is correct.
- $oldhash = sha1(
- $_POST['oldpassword'].$conf->get('credentials.login').$conf->get('credentials.salt')
- );
- if ($oldhash != $conf->get('credentials.hash')) {
- echo '<script>alert("'
- . t('The old password is not correct.')
- .'");document.location=\'./?do=changepasswd\';</script>';
- exit;
- }
- // Save new password
- // Salt renders rainbow-tables attacks useless.
- $conf->set('credentials.salt', sha1(uniqid('', true) .'_'. mt_rand()));
- $conf->set(
- 'credentials.hash',
- sha1(
- $_POST['setpassword']
- . $conf->get('credentials.login')
- . $conf->get('credentials.salt')
- )
- );
- try {
- $conf->write($loginManager->isLoggedIn());
- } catch (Exception $e) {
- error_log(
- 'ERROR while writing config file after changing password.' . PHP_EOL .
- $e->getMessage()
- );
-
- // TODO: do not handle exceptions/errors in JS.
- echo '<script>alert("'. $e->getMessage() .'");document.location=\'./?do=tools\';</script>';
- exit;
- }
- echo '<script>alert("'. t('Your password has been changed') .'");document.location=\'./?do=tools\';</script>';
- exit;
- } else {
- // show the change password form.
- $PAGE->assign('pagetitle', t('Change password') .' - '. $conf->get('general.title', 'Shaarli'));
- $PAGE->renderPage('changepassword');
- exit;
- }
+ header('Location: ./password');
+ exit;
}
// -------- User wants to change configuration
})->add('\Shaarli\Api\ApiMiddleware');
$app->group('', function () {
- $this->get('/login', '\Shaarli\Front\Controller\LoginController:index')->setName('login');
- $this->get('/logout', '\Shaarli\Front\Controller\LogoutController:index')->setName('logout');
- $this->get('/picture-wall', '\Shaarli\Front\Controller\PictureWallController:index')->setName('picwall');
- $this->get('/tag-cloud', '\Shaarli\Front\Controller\TagCloudController:cloud')->setName('tagcloud');
- $this->get('/tag-list', '\Shaarli\Front\Controller\TagCloudController:list')->setName('taglist');
- $this->get('/daily', '\Shaarli\Front\Controller\DailyController:index')->setName('daily');
- $this->get('/daily-rss', '\Shaarli\Front\Controller\DailyController:rss')->setName('dailyrss');
- $this->get('/feed-atom', '\Shaarli\Front\Controller\FeedController:atom')->setName('feedatom');
- $this->get('/feed-rss', '\Shaarli\Front\Controller\FeedController:rss')->setName('feedrss');
-
- $this->get('/add-tag/{newTag}', '\Shaarli\Front\Controller\TagController:addTag')->setName('add-tag');
+ /* -- PUBLIC --*/
+ $this->get('/login', '\Shaarli\Front\Controller\Visitor\LoginController:index')->setName('login');
+ $this->get('/picture-wall', '\Shaarli\Front\Controller\Visitor\PictureWallController:index')->setName('picwall');
+ $this->get('/tag-cloud', '\Shaarli\Front\Controller\Visitor\TagCloudController:cloud')->setName('tagcloud');
+ $this->get('/tag-list', '\Shaarli\Front\Controller\Visitor\TagCloudController:list')->setName('taglist');
+ $this->get('/daily', '\Shaarli\Front\Controller\Visitor\DailyController:index')->setName('daily');
+ $this->get('/daily-rss', '\Shaarli\Front\Controller\Visitor\DailyController:rss')->setName('dailyrss');
+ $this->get('/feed-atom', '\Shaarli\Front\Controller\Visitor\FeedController:atom')->setName('feedatom');
+ $this->get('/feed-rss', '\Shaarli\Front\Controller\Visitor\FeedController:rss')->setName('feedrss');
+ $this->get('/open-search', '\Shaarli\Front\Controller\Visitor\OpenSearchController:index')->setName('opensearch');
+
+ $this->get('/add-tag/{newTag}', '\Shaarli\Front\Controller\Visitor\TagController:addTag')->setName('add-tag');
+ $this->get('/remove-tag/{tag}', '\Shaarli\Front\Controller\Visitor\TagController:removeTag')->setName('remove-tag');
+
+ /* -- LOGGED IN -- */
+ $this->get('/logout', '\Shaarli\Front\Controller\Admin\LogoutController:index')->setName('logout');
+ $this->get('/tools', '\Shaarli\Front\Controller\Admin\ToolsController:index')->setName('tools');
+ $this->get('/password', '\Shaarli\Front\Controller\Admin\PasswordController:index')->setName('password');
+ $this->post('/password', '\Shaarli\Front\Controller\Admin\PasswordController:change')->setName('changePassword');
+
+ $this
+ ->get('/links-per-page', '\Shaarli\Front\Controller\Admin\SessionFilterController:linksPerPage')
+ ->setName('filter-links-per-page')
+ ;
+ $this
+ ->get('/visibility/{visibility}', '\Shaarli\Front\Controller\Admin\SessionFilterController:visibility')
+ ->setName('visibility')
+ ;
+ $this
+ ->get('/untagged-only', '\Shaarli\Front\Controller\Admin\SessionFilterController:untaggedOnly')
+ ->setName('untagged-only')
+ ;
})->add('\Shaarli\Front\ShaarliMiddleware');
$response = $app->run(true);