X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=inc%2Fpoche%2FPoche.class.php;h=c80e5d2a972e13bb6e7856fd4367395138d0a01b;hb=aa1083bdac8c20285f9ee6822768cc75145c06d4;hp=c7aa71e8f77af35737822a573432dd290a7280d9;hpb=d619120fc45693b73d14e4f2c8b98fc5b5489b7c;p=github%2Fwallabag%2Fwallabag.git diff --git a/inc/poche/Poche.class.php b/inc/poche/Poche.class.php index c7aa71e8..c80e5d2a 100755 --- a/inc/poche/Poche.class.php +++ b/inc/poche/Poche.class.php @@ -5,354 +5,130 @@ * @category wallabag * @author Nicolas Lœuillet * @copyright 2013 - * @license http://www.wtfpl.net/ see COPYING file + * @license http://opensource.org/licenses/MIT see COPYING file */ class Poche { - public static $canRenderTemplates = true; - public static $configFileAvailable = true; - + /** + * @var User + */ public $user; + /** + * @var Database + */ public $store; + /** + * @var Template + */ public $tpl; + /** + * @var Language + */ + public $language; + /** + * @var Routing + */ + public $routing; + /** + * @var Messages + */ public $messages; + /** + * @var Paginator + */ public $pagination; - - private $currentTheme = ''; - private $currentLanguage = ''; - private $notInstalledMessage = array(); - - private $language_names = array( - 'cs_CZ.utf8' => 'čeština', - 'de_DE.utf8' => 'German', - 'en_EN.utf8' => 'English', - 'es_ES.utf8' => 'Español', - 'fa_IR.utf8' => 'فارسی', - 'fr_FR.utf8' => 'Français', - 'it_IT.utf8' => 'Italiano', - 'pl_PL.utf8' => 'Polski', - 'pt_BR.utf8' => 'Português (Brasil)', - 'ru_RU.utf8' => 'Pусский', - 'sl_SI.utf8' => 'Slovenščina', - 'uk_UA.utf8' => 'Українська', - ); + public function __construct() { - if ($this->configFileIsAvailable()) { - $this->init(); - } - - if ($this->themeIsInstalled()) { - $this->initTpl(); - } - - if ($this->systemIsInstalled()) { - $this->store = new Database(); - $this->messages = new Messages(); - # installation - if (! $this->store->isInstalled()) { - $this->install(); - } - $this->store->checkTags(); - } + $this->init(); } - - private function init() + + private function init() { Tools::initPhp(); - if (isset($_SESSION['poche_user']) && $_SESSION['poche_user'] != array()) { - $this->user = $_SESSION['poche_user']; + $pocheUser = Session::getParam('poche_user'); + + if ($pocheUser && $pocheUser != array()) { + $this->user = $pocheUser; } else { - # fake user, just for install & login screens + // fake user, just for install & login screens $this->user = new User(); $this->user->setConfig($this->getDefaultConfig()); } - # l10n - $language = $this->user->getConfigValue('language'); - putenv('LC_ALL=' . $language); - setlocale(LC_ALL, $language); - bindtextdomain($language, LOCALE); - textdomain($language); - - # Pagination - $this->pagination = new Paginator($this->user->getConfigValue('pager'), 'p'); - - # Set up theme - $themeDirectory = $this->user->getConfigValue('theme'); - - if ($themeDirectory === false) { - $themeDirectory = DEFAULT_THEME; - } - - $this->currentTheme = $themeDirectory; - - # Set up language - $languageDirectory = $this->user->getConfigValue('language'); - - if ($languageDirectory === false) { - $languageDirectory = DEFAULT_THEME; - } - - $this->currentLanguage = $languageDirectory; + $this->pagination = new Paginator($this->user->getConfigValue('pager'), 'p'); + $this->language = new Language($this); + $this->tpl = new Template($this); + $this->store = new Database(); + $this->messages = new Messages(); + $this->routing = new Routing($this); } - public function configFileIsAvailable() { - if (! self::$configFileAvailable) { - $this->notInstalledMessage[] = 'You have to rename inc/poche/config.inc.php.new to inc/poche/config.inc.php.'; - - return false; - } - - return true; + public function run() + { + $this->routing->run(); } - - public function themeIsInstalled() { - $passTheme = TRUE; - # Twig is an absolute requirement for Poche to function. Abort immediately if the Composer installer hasn't been run yet - if (! self::$canRenderTemplates) { - $this->notInstalledMessage[] = 'Twig does not seem to be installed. Please initialize the Composer installation to automatically fetch dependencies. You can also download vendor.zip and extract it in your wallabag folder.'; - $passTheme = FALSE; - } - - if (! is_writable(CACHE)) { - $this->notInstalledMessage[] = 'You don\'t have write access on cache directory.'; - - self::$canRenderTemplates = false; - - $passTheme = FALSE; - } - - # Check if the selected theme and its requirements are present - $theme = $this->getTheme(); - if ($theme != '' && ! is_dir(THEME . '/' . $theme)) { - $this->notInstalledMessage[] = 'The currently selected theme (' . $theme . ') does not seem to be properly installed (Missing directory: ' . THEME . '/' . $theme . ')'; - - self::$canRenderTemplates = false; - - $passTheme = FALSE; - } - - $themeInfo = $this->getThemeInfo($theme); - if (isset($themeInfo['requirements']) && is_array($themeInfo['requirements'])) { - foreach ($themeInfo['requirements'] as $requiredTheme) { - if (! is_dir(THEME . '/' . $requiredTheme)) { - $this->notInstalledMessage[] = 'The required "' . $requiredTheme . '" theme is missing for the current theme (' . $theme . ')'; - - self::$canRenderTemplates = false; - - $passTheme = FALSE; - } - } - } - - if (!$passTheme) { - return FALSE; - } - - - return true; - } - /** - * all checks before installation. - * @todo move HTML to template - * @return boolean + * Creates a new user */ - public function systemIsInstalled() - { - $msg = TRUE; - - $configSalt = defined('SALT') ? constant('SALT') : ''; - - if (empty($configSalt)) { - $this->notInstalledMessage[] = 'You have not yet filled in the SALT value in the config.inc.php file.'; - $msg = FALSE; - } - if (STORAGE == 'sqlite' && ! file_exists(STORAGE_SQLITE)) { - Tools::logm('sqlite file doesn\'t exist'); - $this->notInstalledMessage[] = 'sqlite file doesn\'t exist, you can find it in install folder. Copy it in /db folder.'; - $msg = FALSE; - } - if (is_dir(ROOT . '/install') && ! DEBUG_POCHE) { - $this->notInstalledMessage[] = 'you have to delete the /install folder before using poche.'; - $msg = FALSE; - } - if (STORAGE == 'sqlite' && ! is_writable(STORAGE_SQLITE)) { - Tools::logm('you don\'t have write access on sqlite file'); - $this->notInstalledMessage[] = 'You don\'t have write access on sqlite file.'; - $msg = FALSE; - } - - if (! $msg) { - return false; - } - - return true; - } - - public function getNotInstalledMessage() { - return $this->notInstalledMessage; - } - - private function initTpl() + public function createNewUser($username, $password) { - $loaderChain = new Twig_Loader_Chain(); - $theme = $this->getTheme(); - - # add the current theme as first to the loader chain so Twig will look there first for overridden template files - try { - $loaderChain->addLoader(new Twig_Loader_Filesystem(THEME . '/' . $theme)); - } catch (Twig_Error_Loader $e) { - # @todo isInstalled() should catch this, inject Twig later - die('The currently selected theme (' . $theme . ') does not seem to be properly installed (' . THEME . '/' . $theme .' is missing)'); - } - - # add all required themes to the loader chain - $themeInfo = $this->getThemeInfo($theme); - if (isset($themeInfo['requirements']) && is_array($themeInfo['requirements'])) { - foreach ($themeInfo['requirements'] as $requiredTheme) { - try { - $loaderChain->addLoader(new Twig_Loader_Filesystem(THEME . '/' . $requiredTheme)); - } catch (Twig_Error_Loader $e) { - # @todo isInstalled() should catch this, inject Twig later - die('The required "' . $requiredTheme . '" theme is missing for the current theme (' . $theme . ')'); + if (!empty($username) && !empty($password)){ + $newUsername = filter_var($username, FILTER_SANITIZE_STRING); + if (!$this->store->userExists($newUsername)){ + if ($this->store->install($newUsername, Tools::encodeString($password . $newUsername))) { + Tools::logm('The new user ' . $newUsername . ' has been installed'); + $this->messages->add('s', sprintf(_('The new user %s has been installed. Do you want to logout ?'), $newUsername)); + Tools::redirect(); } - } - } - - if (DEBUG_POCHE) { - $twigParams = array(); - } else { - $twigParams = array('cache' => CACHE); - } - - $this->tpl = new Twig_Environment($loaderChain, $twigParams); - $this->tpl->addExtension(new Twig_Extensions_Extension_I18n()); - - # filter to display domain name of an url - $filter = new Twig_SimpleFilter('getDomain', 'Tools::getDomain'); - $this->tpl->addFilter($filter); - - # filter for reading time - $filter = new Twig_SimpleFilter('getReadingTime', 'Tools::getReadingTime'); - $this->tpl->addFilter($filter); - } - - private function install() - { - Tools::logm('poche still not installed'); - echo $this->tpl->render('install.twig', array( - 'token' => Session::getToken(), - 'theme' => $this->getTheme(), - 'poche_url' => Tools::getPocheUrl() - )); - if (isset($_GET['install'])) { - if (($_POST['password'] == $_POST['password_repeat']) - && $_POST['password'] != "" && $_POST['login'] != "") { - # let's rock, install poche baby ! - if ($this->store->install($_POST['login'], Tools::encodeString($_POST['password'] . $_POST['login']))) - { - Session::logout(); - Tools::logm('poche is now installed'); + else { + Tools::logm('error during adding new user'); Tools::redirect(); } } else { - Tools::logm('error during installation'); + $this->messages->add('e', sprintf(_('Error : An user with the name %s already exists !'), $newUsername)); + Tools::logm('An user with the name ' . $newUsername . ' already exists !'); Tools::redirect(); } } - exit(); - } - - public function getTheme() { - return $this->currentTheme; } /** - * Provides theme information by parsing theme.ini file if present in the theme's root directory. - * In all cases, the following data will be returned: - * - name: theme's name, or key if the theme is unnamed, - * - current: boolean informing if the theme is the current user theme. - * - * @param string $theme Theme key (directory name) - * @return array|boolean Theme information, or false if the theme doesn't exist. + * Delete an existing user */ - public function getThemeInfo($theme) { - if (!is_dir(THEME . '/' . $theme)) { - return false; - } - - $themeIniFile = THEME . '/' . $theme . '/theme.ini'; - $themeInfo = array(); - - if (is_file($themeIniFile) && is_readable($themeIniFile)) { - $themeInfo = parse_ini_file($themeIniFile); - } - - if ($themeInfo === false) { - $themeInfo = array(); - } - if (!isset($themeInfo['name'])) { - $themeInfo['name'] = $theme; - } - $themeInfo['current'] = ($theme === $this->getTheme()); - - return $themeInfo; - } - - public function getInstalledThemes() { - $handle = opendir(THEME); - $themes = array(); - - while (($theme = readdir($handle)) !== false) { - # Themes are stored in a directory, so all directory names are themes - # @todo move theme installation data to database - if (!is_dir(THEME . '/' . $theme) || in_array($theme, array('.', '..'))) { - continue; - } - - $themes[$theme] = $this->getThemeInfo($theme); - } - - ksort($themes); - - return $themes; - } - - public function getLanguage() { - return $this->currentLanguage; - } - - public function getInstalledLanguages() { - $handle = opendir(LOCALE); - $languages = array(); - - while (($language = readdir($handle)) !== false) { - # Languages are stored in a directory, so all directory names are languages - # @todo move language installation data to database - if (! is_dir(LOCALE . '/' . $language) || in_array($language, array('..', '.', 'tools'))) { - continue; + public function deleteUser($password) + { + if ($this->store->listUsers() > 1) { + if (Tools::encodeString($password . $this->user->getUsername()) == $this->store->getUserPassword($this->user->getId())) { + $username = $this->user->getUsername(); + $this->store->deleteUserConfig($this->user->getId()); + Tools::logm('The configuration for user '. $username .' has been deleted !'); + $this->store->deleteTagsEntriesAndEntries($this->user->getId()); + Tools::logm('The entries for user '. $username .' has been deleted !'); + $this->store->deleteUser($this->user->getId()); + Tools::logm('User '. $username .' has been completely deleted !'); + Session::logout(); + Tools::logm('logout'); + Tools::redirect(); + $this->messages->add('s', sprintf(_('User %s has been successfully deleted !'), $username)); } - - $current = false; - - if ($language === $this->getLanguage()) { - $current = true; + else { + Tools::logm('Bad password !'); + $this->messages->add('e', _('Error : The password is wrong !')); } - - $languages[] = array('name' => (isset($this->language_names[$language]) ? $this->language_names[$language] : $language), 'value' => $language, 'current' => $current); } - - return $languages; + else { + Tools::logm('Only user !'); + $this->messages->add('e', _('Error : You are the only user, you cannot delete your account !')); + } } public function getDefaultConfig() - { + { return array( 'pager' => PAGINATION, 'language' => LANG, @@ -368,38 +144,24 @@ class Poche switch ($action) { case 'add': - if (!$import) { - $content = Tools::getPageContent($url); - $title = ($content['rss']['channel']['item']['title'] != '') ? $content['rss']['channel']['item']['title'] : _('Untitled'); - $body = $content['rss']['channel']['item']['description']; + $content = Tools::getPageContent($url); + $title = ($content['rss']['channel']['item']['title'] != '') ? $content['rss']['channel']['item']['title'] : _('Untitled'); + $body = $content['rss']['channel']['item']['description']; - // clean content from prevent xss attack - $config = HTMLPurifier_Config::createDefault(); - $config->set('Cache.SerializerPath', CACHE); - $purifier = new HTMLPurifier($config); - $title = $purifier->purify($title); - $body = $purifier->purify($body); - } - else { - $title = ''; - $body = ''; - } + // clean content from prevent xss attack + $purifier = $this->_getPurifier(); + $title = $purifier->purify($title); + $body = $purifier->purify($body); - //search for possible duplicate if not in import mode + //search for possible duplicate $duplicate = NULL; - if (!$import) { - $duplicate = $this->store->retrieveOneByURL($url->getUrl(), $this->user->getId()); - } + $duplicate = $this->store->retrieveOneByURL($url->getUrl(), $this->user->getId()); - if ($this->store->add($url->getUrl(), $title, $body, $this->user->getId())) { + $last_id = $this->store->add($url->getUrl(), $title, $body, $this->user->getId()); + if ( $last_id ) { Tools::logm('add link ' . $url->getUrl()); - $sequence = ''; - if (STORAGE == 'postgres') { - $sequence = 'entries_id_seq'; - } - $last_id = $this->store->getLastId($sequence); if (DOWNLOAD_PICTURES) { - $content = filtre_picture($body, $url->getUrl(), $last_id); + $content = Picture::filterPicture($body, $url->getUrl(), $last_id); Tools::logm('updating content article'); $this->store->updateContent($last_id, $content, $this->user->getId()); } @@ -417,30 +179,24 @@ class Poche } } - if (!$import) { - $this->messages->add('s', _('the link has been added successfully')); - } + $this->messages->add('s', _('the link has been added successfully')); } else { - if (!$import) { - $this->messages->add('e', _('error during insertion : the link wasn\'t added')); - Tools::logm('error during insertion : the link wasn\'t added ' . $url->getUrl()); - } + $this->messages->add('e', _('error during insertion : the link wasn\'t added')); + Tools::logm('error during insertion : the link wasn\'t added ' . $url->getUrl()); } - if (!$import) { - if ($autoclose == TRUE) { - Tools::redirect('?view=home'); - } else { - Tools::redirect('?view=home&closewin=true'); - } + if ($autoclose == TRUE) { + Tools::redirect('?view=home'); + } else { + Tools::redirect('?view=home&closewin=true'); } break; case 'delete': $msg = 'delete link #' . $id; if ($this->store->deleteById($id, $this->user->getId())) { if (DOWNLOAD_PICTURES) { - remove_directory(ABS_PATH . $id); + Picture::removeDirectory(ABS_PATH . $id); } $this->messages->add('s', _('the link has been deleted successfully')); } @@ -454,70 +210,81 @@ class Poche case 'toggle_fav' : $this->store->favoriteById($id, $this->user->getId()); Tools::logm('mark as favorite link #' . $id); - if (!$import) { - Tools::redirect(); + if ( Tools::isAjaxRequest() ) { + echo 1; + exit; + } + else { + Tools::redirect(); } break; case 'toggle_archive' : $this->store->archiveById($id, $this->user->getId()); Tools::logm('archive link #' . $id); - if (!$import) { - Tools::redirect(); + if ( Tools::isAjaxRequest() ) { + echo 1; + exit; + } + else { + Tools::redirect(); } break; case 'archive_all' : $this->store->archiveAll($this->user->getId()); Tools::logm('archive all links'); - if (!$import) { - Tools::redirect(); - } + Tools::redirect(); break; case 'add_tag' : - if($import){ - $entry_id = $id; - $tags = explode(',', $tags); - } - else{ + if (isset($_GET['search'])) { + //when we want to apply a tag to a search + $tags = array($_GET['search']); + $allentry_ids = $this->store->search($tags[0], $this->user->getId()); + $entry_ids = array(); + foreach ($allentry_ids as $eachentry) { + $entry_ids[] = $eachentry[0]; + } + } else { //add a tag to a single article $tags = explode(',', $_POST['value']); - $entry_id = $_POST['entry_id']; - } - $entry = $this->store->retrieveOneById($entry_id, $this->user->getId()); - if (!$entry) { - $this->messages->add('e', _('Article not found!')); - Tools::logm('error : article not found'); - Tools::redirect(); - } - //get all already set tags to preven duplicates - $already_set_tags = array(); - $entry_tags = $this->store->retrieveTagsByEntry($entry_id); - foreach ($entry_tags as $tag) { - $already_set_tags[] = $tag['value']; - } - foreach($tags as $key => $tag_value) { - $value = trim($tag_value); - if ($value && !in_array($value, $already_set_tags)) { - $tag = $this->store->retrieveTagByValue($value); - - if (is_null($tag)) { - # we create the tag - $tag = $this->store->createTag($value); - $sequence = ''; - if (STORAGE == 'postgres') { - $sequence = 'tags_id_seq'; + $entry_ids = array($_POST['entry_id']); + } + foreach($entry_ids as $entry_id) { + $entry = $this->store->retrieveOneById($entry_id, $this->user->getId()); + if (!$entry) { + $this->messages->add('e', _('Article not found!')); + Tools::logm('error : article not found'); + Tools::redirect(); + } + //get all already set tags to preven duplicates + $already_set_tags = array(); + $entry_tags = $this->store->retrieveTagsByEntry($entry_id); + foreach ($entry_tags as $tag) { + $already_set_tags[] = $tag['value']; + } + foreach($tags as $key => $tag_value) { + $value = trim($tag_value); + if ($value && !in_array($value, $already_set_tags)) { + $tag = $this->store->retrieveTagByValue($value); + if (is_null($tag)) { + # we create the tag + $tag = $this->store->createTag($value); + $sequence = ''; + if (STORAGE == 'postgres') { + $sequence = 'tags_id_seq'; + } + $tag_id = $this->store->getLastId($sequence); } - $tag_id = $this->store->getLastId($sequence); - } - else { - $tag_id = $tag['id']; - } - - # we assign the tag to the article - $this->store->setTagToEntry($tag_id, $entry_id); + else { + $tag_id = $tag['id']; + } + + # we assign the tag to the article + $this->store->setTagToEntry($tag_id, $entry_id); + } } } - if(!$import) { - Tools::redirect(); - } + $this->messages->add('s', _('The tag has been applied successfully')); + Tools::logm('The tag has been applied successfully'); + Tools::redirect(); break; case 'remove_tag' : $tag_id = $_GET['tag_id']; @@ -528,6 +295,11 @@ class Poche Tools::redirect(); } $this->store->removeTagForEntry($id, $tag_id); + Tools::logm('tag entry deleted'); + if ($this->store->cleanUnusedTag($tag_id)) { + Tools::logm('tag deleted'); + } + $this->messages->add('s', _('The tag has been successfully deleted')); Tools::redirect(); break; default: @@ -542,18 +314,19 @@ class Poche switch ($view) { case 'config': - $dev_infos = $this->getPocheVersion('dev'); + $dev_infos = $this->_getPocheVersion('dev'); $dev = trim($dev_infos[0]); $check_time_dev = date('d-M-Y H:i', $dev_infos[1]); - $prod_infos = $this->getPocheVersion('prod'); + $prod_infos = $this->_getPocheVersion('prod'); $prod = trim($prod_infos[0]); $check_time_prod = date('d-M-Y H:i', $prod_infos[1]); $compare_dev = version_compare(POCHE, $dev); $compare_prod = version_compare(POCHE, $prod); - $themes = $this->getInstalledThemes(); - $languages = $this->getInstalledLanguages(); + $themes = $this->tpl->getInstalledThemes(); + $languages = $this->language->getInstalledLanguages(); $token = $this->user->getConfigValue('token'); $http_auth = (isset($_SERVER['PHP_AUTH_USER']) || isset($_SERVER['REMOTE_USER'])) ? true : false; + $only_user = ($this->store->listUsers() > 1) ? false : true; $tpl_vars = array( 'themes' => $themes, 'languages' => $languages, @@ -566,6 +339,7 @@ class Poche 'token' => $token, 'user_id' => $this->user->getId(), 'http_auth' => $http_auth, + 'only_user' => $only_user ); Tools::logm('config view'); break; @@ -603,14 +377,19 @@ class Poche 'tags' => $tags, ); break; - - case 'search': - if (isset($_GET['search'])){ - $search = $_GET['search']; - $tpl_vars['entries'] = $this->store->search($search); - $tpl_vars['nb_results'] = count($tpl_vars['entries']); - } - break; + case 'search': + if (isset($_GET['search'])) { + $search = filter_var($_GET['search'], FILTER_SANITIZE_STRING); + $tpl_vars['entries'] = $this->store->search($search, $this->user->getId()); + $count = count($tpl_vars['entries']); + $this->pagination->set_total($count); + $page_links = str_replace(array('previous', 'next'), array(_('previous'), _('next')), + $this->pagination->page_links('?view=' . $view . '?search=' . $search . '&sort=' . $_SESSION['sort'] . '&' )); + $tpl_vars['page_links'] = $page_links; + $tpl_vars['nb_results'] = $count; + $tpl_vars['search_term'] = $search; + } + break; case 'view': $entry = $this->store->retrieveOneById($id, $this->user->getId()); if ($entry != NULL) { @@ -647,8 +426,8 @@ class Poche 'nb_results' => '', 'listmode' => (isset($_COOKIE['listmode']) ? true : false), ); - - //if id is given - we retrive entries by tag: id is tag id + + //if id is given - we retrieve entries by tag: id is tag id if ($id) { $tpl_vars['tag'] = $this->store->retrieveTag($id, $this->user->getId()); $tpl_vars['id'] = intval($id); @@ -672,13 +451,13 @@ class Poche } /** - * update the password of the current user. - * if MODE_DEMO is TRUE, the password can't be updated. + * update the password of the current user. + * if MODE_DEMO is TRUE, the password can't be updated. * @todo add the return value * @todo set the new password in function header like this updatePassword($newPassword) * @return boolean */ - public function updatePassword() + public function updatePassword($password, $confirmPassword) { if (MODE_DEMO) { $this->messages->add('i', _('in demo mode, you can\'t update your password')); @@ -686,10 +465,10 @@ class Poche Tools::redirect('?view=config'); } else { - if (isset($_POST['password']) && isset($_POST['password_repeat'])) { - if ($_POST['password'] == $_POST['password_repeat'] && $_POST['password'] != "") { + if (isset($password) && isset($confirmPassword)) { + if ($password == $confirmPassword && !empty($password)) { $this->messages->add('s', _('your password has been updated')); - $this->store->updatePassword($this->user->getId(), Tools::encodeString($_POST['password'] . $this->user->getUsername())); + $this->store->updatePassword($this->user->getId(), Tools::encodeString($password . $this->user->getUsername())); Session::logout(); Tools::logm('password updated'); Tools::redirect(); @@ -701,103 +480,26 @@ class Poche } } } - - public function updateTheme() - { - # no data - if (empty($_POST['theme'])) { - } - - # we are not going to change it to the current theme... - if ($_POST['theme'] == $this->getTheme()) { - $this->messages->add('w', _('still using the "' . $this->getTheme() . '" theme!')); - Tools::redirect('?view=config'); - } - - $themes = $this->getInstalledThemes(); - $actualTheme = false; - - foreach (array_keys($themes) as $theme) { - if ($theme == $_POST['theme']) { - $actualTheme = true; - break; - } - } - - if (! $actualTheme) { - $this->messages->add('e', _('that theme does not seem to be installed')); - Tools::redirect('?view=config'); - } - - $this->store->updateUserConfig($this->user->getId(), 'theme', $_POST['theme']); - $this->messages->add('s', _('you have changed your theme preferences')); - - $currentConfig = $_SESSION['poche_user']->config; - $currentConfig['theme'] = $_POST['theme']; - - $_SESSION['poche_user']->setConfig($currentConfig); - - $this->emptyCache(); - - Tools::redirect('?view=config'); - } - - public function updateLanguage() - { - # no data - if (empty($_POST['language'])) { - } - - # we are not going to change it to the current language... - if ($_POST['language'] == $this->getLanguage()) { - $this->messages->add('w', _('still using the "' . $this->getLanguage() . '" language!')); - Tools::redirect('?view=config'); - } - - $languages = $this->getInstalledLanguages(); - $actualLanguage = false; - - foreach ($languages as $language) { - if ($language['value'] == $_POST['language']) { - $actualLanguage = true; - break; - } - } - - if (! $actualLanguage) { - $this->messages->add('e', _('that language does not seem to be installed')); - Tools::redirect('?view=config'); - } - - $this->store->updateUserConfig($this->user->getId(), 'language', $_POST['language']); - $this->messages->add('s', _('you have changed your language preferences')); - - $currentConfig = $_SESSION['poche_user']->config; - $currentConfig['language'] = $_POST['language']; - - $_SESSION['poche_user']->setConfig($currentConfig); - $this->emptyCache(); - - Tools::redirect('?view=config'); - } /** - * get credentials from differents sources - * it redirects the user to the $referer link + * Get credentials from differents sources + * It redirects the user to the $referer link + * * @return array */ - private function credentials() { - if(isset($_SERVER['PHP_AUTH_USER'])) { - return array($_SERVER['PHP_AUTH_USER'],'php_auth',true); + private function credentials() + { + if (isset($_SERVER['PHP_AUTH_USER'])) { + return array($_SERVER['PHP_AUTH_USER'], 'php_auth', true); } - if(!empty($_POST['login']) && !empty($_POST['password'])) { - return array($_POST['login'],$_POST['password'],false); + if (!empty($_POST['login']) && !empty($_POST['password'])) { + return array($_POST['login'], $_POST['password'], false); } - if(isset($_SERVER['REMOTE_USER'])) { - return array($_SERVER['REMOTE_USER'],'http_auth',true); + if (isset($_SERVER['REMOTE_USER'])) { + return array($_SERVER['REMOTE_USER'], 'http_auth', true); } - return array(false,false,false); + return array(false, false, false); } /** @@ -822,6 +524,14 @@ class Poche $longlastingsession = isset($_POST['longlastingsession']); $passwordTest = ($isauthenticated) ? $user['password'] : Tools::encodeString($password . $login); Session::login($user['username'], $user['password'], $login, $passwordTest, $longlastingsession, array('poche_user' => new User($user))); + + # reload l10n + $language = $user['config']['language']; + @putenv('LC_ALL=' . $language); + setlocale(LC_ALL, $language); + bindtextdomain($language, LOCALE); + textdomain($language); + $this->messages->add('s', _('welcome to your wallabag')); Tools::logm('login successful'); Tools::redirect($referer); @@ -835,7 +545,7 @@ class Poche /** * log out the poche user. It cleans the session. * @todo add the return value - * @return boolean + * @return boolean */ public function logout() { @@ -846,243 +556,139 @@ class Poche } /** - * import from Instapaper. poche needs a ./instapaper-export.html file - * @todo add the return value - * @param string $targetFile the file used for importing + * import datas into your wallabag * @return boolean */ - private function importFromInstapaper($targetFile) - { - # TODO gestion des articles favs - $html = new simple_html_dom(); - $html->load_file($targetFile); - Tools::logm('starting import from instapaper'); - - $read = 0; - $errors = array(); - foreach($html->find('ol') as $ul) - { - foreach($ul->find('li') as $li) - { - $a = $li->find('a'); - $url = new Url(base64_encode($a[0]->href)); - $this->action('add', $url, 0, TRUE); - if ($read == '1') { - $sequence = ''; - if (STORAGE == 'postgres') { - $sequence = 'entries_id_seq'; + + public function import() { + + if ( isset($_FILES['file']) && $_FILES['file']['tmp_name'] ) { + Tools::logm('Import stated: parsing file'); + + // assume, that file is in json format + $str_data = file_get_contents($_FILES['file']['tmp_name']); + $data = json_decode($str_data, true); + + if ( $data === null ) { + //not json - assume html + $html = new simple_html_dom(); + $html->load_file($_FILES['file']['tmp_name']); + $data = array(); + $read = 0; + foreach (array('ol','ul') as $list) { + foreach ($html->find($list) as $ul) { + foreach ($ul->find('li') as $li) { + $tmpEntry = array(); + $a = $li->find('a'); + $tmpEntry['url'] = $a[0]->href; + $tmpEntry['tags'] = $a[0]->tags; + $tmpEntry['is_read'] = $read; + if ($tmpEntry['url']) { + $data[] = $tmpEntry; + } + } + # the second
    is for read links + $read = ((sizeof($data) && $read)?0:1); + } + } + } + + // for readability structure + + foreach($data as $record) { + if (is_array($record)) { + $data[] = $record; + foreach($record as $record2) { + if (is_array($record2)) { + $data[] = $record2; + } } - $last_id = $this->store->getLastId($sequence); - $this->action('toggle_archive', $url, $last_id, TRUE); } } - # the second
      is for read links - $read = 1; - } + $urlsInserted = array(); //urls of articles inserted + foreach($data as $record) { + $url = trim(isset($record['article__url']) ? $record['article__url'] : (isset($record['url']) ? $record['url'] : '')); + if ($url and !in_array($url, $urlsInserted)) { + $title = (isset($record['title']) ? $record['title'] : _('Untitled - Import - ') . ' ' . _('click to finish import') . ''); + $body = (isset($record['content']) ? $record['content'] : ''); + $isRead = (isset($record['is_read']) ? intval($record['is_read']) : (isset($record['archive']) ? intval($record['archive']) : 0)); + $isFavorite = (isset($record['is_fav']) ? intval($record['is_fav']) : (isset($record['favorite']) ? intval($record['favorite']) : 0)); - $unlink = unlink($targetFile); - $this->messages->add('s', _('import from instapaper completed. You have to execute the cron to fetch content.')); - Tools::logm('import from instapaper completed'); - Tools::redirect(); - } + // insert new record - /** - * import from Pocket. poche needs a ./ril_export.html file - * @todo add the return value - * @param string $targetFile the file used for importing - * @return boolean - */ - private function importFromPocket($targetFile) - { - # TODO gestion des articles favs - $html = new simple_html_dom(); - $html->load_file($targetFile); - Tools::logm('starting import from pocket'); - - $read = 0; - $errors = array(); - foreach($html->find('ul') as $ul) - { - foreach($ul->find('li') as $li) - { - $a = $li->find('a'); - $url = new Url(base64_encode($a[0]->href)); - $this->action('add', $url, 0, TRUE); - $sequence = ''; - if (STORAGE == 'postgres') { - $sequence = 'entries_id_seq'; - } - $last_id = $this->store->getLastId($sequence); - if ($read == '1') { - $this->action('toggle_archive', $url, $last_id, TRUE); - } - $tags = $a[0]->tags; - if(!empty($tags)) { - $this->action('add_tag',$url,$last_id,true,false,$tags); - } - } - - # the second
        is for read links - $read = 1; - } + $id = $this->store->add($url, $title, $body, $this->user->getId() , $isFavorite, $isRead); + if ($id) { + $urlsInserted[] = $url; //add + if (isset($record['tags']) && trim($record['tags'])) { - $unlink = unlink($targetFile); - $this->messages->add('s', _('import from pocket completed. You have to execute the cron to fetch content.')); - Tools::logm('import from pocket completed'); - Tools::redirect(); - } + // @TODO: set tags - /** - * import from Readability. poche needs a ./readability file - * @todo add the return value - * @param string $targetFile the file used for importing - * @return boolean - */ - private function importFromReadability($targetFile) - { - # TODO gestion des articles lus / favs - $str_data = file_get_contents($targetFile); - $data = json_decode($str_data,true); - Tools::logm('starting import from Readability'); - $count = 0; - foreach ($data as $key => $value) { - $url = NULL; - $favorite = FALSE; - $archive = FALSE; - foreach ($value as $item) { - foreach ($item as $attr => $value) { - if ($attr == 'article__url') { - $url = new Url(base64_encode($value)); - } - $sequence = ''; - if (STORAGE == 'postgres') { - $sequence = 'entries_id_seq'; - } - if ($value == 'true') { - if ($attr == 'favorite') { - $favorite = TRUE; - } - if ($attr == 'archive') { - $archive = TRUE; } } } + } - # we can add the url - if (!is_null($url) && $url->isCorrect()) { - $this->action('add', $url, 0, TRUE); - $count++; - if ($favorite) { - $last_id = $this->store->getLastId($sequence); - $this->action('toggle_fav', $url, $last_id, TRUE); - } - if ($archive) { - $last_id = $this->store->getLastId($sequence); - $this->action('toggle_archive', $url, $last_id, TRUE); - } - } + $i = sizeof($urlsInserted); + if ($i > 0) { + $this->messages->add('s', _('Articles inserted: ') . $i . _('. Please note, that some may be marked as "read".')); } - } - unlink($targetFile); - $this->messages->add('s', _('import from Readability completed. You have to execute the cron to fetch content.')); - Tools::logm('import from Readability completed'); - Tools::redirect(); - } + Tools::logm('Import of articles finished: '.$i.' articles added (w/o content if not provided).'); + } + else { + $this->messages->add('s', _('Did you forget to select a file?')); + } + // file parsing finished here + // now download article contents if any + // check if we need to download any content - /** - * import from Poche exported file - * @param string $targetFile the file used for importing - * @return boolean - */ - private function importFromPoche($targetFile) - { - $str_data = file_get_contents($targetFile); - $data = json_decode($str_data,true); - Tools::logm('starting import from Poche'); + $recordsDownloadRequired = $this->store->retrieveUnfetchedEntriesCount($this->user->getId()); + if ($recordsDownloadRequired == 0) { - $sequence = ''; - if (STORAGE == 'postgres') { - $sequence = 'entries_id_seq'; - } + // nothing to download - $count = 0; - foreach ($data as $value) { - - $url = new Url(base64_encode($value['url'])); - $favorite = ($value['is_fav'] == -1); - $archive = ($value['is_read'] == -1); - - # we can add the url - if (!is_null($url) && $url->isCorrect()) { - - $this->action('add', $url, 0, TRUE); - - $count++; - if ($favorite) { - $last_id = $this->store->getLastId($sequence); - $this->action('toggle_fav', $url, $last_id, TRUE); - } - if ($archive) { - $last_id = $this->store->getLastId($sequence); - $this->action('toggle_archive', $url, $last_id, TRUE); - } - } - + $this->messages->add('s', _('Import finished.')); + Tools::logm('Import finished completely'); + Tools::redirect(); } + else { - unlink($targetFile); - $this->messages->add('s', _('import from Poche completed. You have to execute the cron to fetch content.')); - Tools::logm('import from Poche completed'); - Tools::redirect(); - } + // if just inserted - don't download anything, download will start in next reload - /** - * import datas into your poche - * @param string $from name of the service to import : pocket, instapaper or readability - * @todo add the return value - * @return boolean - */ - public function import($from) - { - $providers = array( - 'pocket' => 'importFromPocket', - 'readability' => 'importFromReadability', - 'instapaper' => 'importFromInstapaper', - 'poche' => 'importFromPoche', - ); - - if (! isset($providers[$from])) { - $this->messages->add('e', _('Unknown import provider.')); - Tools::redirect(); - } - - $targetFile = CACHE . '/' . constant(strtoupper($from) . '_FILE'); - - if (! file_exists($targetFile)) { - $this->messages->add('e', _('Could not find required "' . $targetFile . '" import file.')); - Tools::redirect(); - } - - $this->$providers[$from]($targetFile); - } + if (!isset($_FILES['file'])) { - public function uploadFile() { - if(isset($_FILES['file'])) - { - $dir = CACHE . '/'; - $file = basename($_FILES['file']['name']); - if(move_uploaded_file($_FILES['file']['tmp_name'], $dir . $file)) { - $this->messages->add('s', _('File uploaded. You can now execute import.')); - } - else { - $this->messages->add('e', _('Error while importing file. Do you have access to upload it?')); + // download next batch + + Tools::logm('Fetching next batch of articles...'); + $items = $this->store->retrieveUnfetchedEntries($this->user->getId() , IMPORT_LIMIT); + $purifier = $this->_getPurifier(); + foreach($items as $item) { + $url = new Url(base64_encode($item['url'])); + Tools::logm('Fetching article ' . $item['id']); + $content = Tools::getPageContent($url); + $title = (($content['rss']['channel']['item']['title'] != '') ? $content['rss']['channel']['item']['title'] : _('Untitled')); + $body = (($content['rss']['channel']['item']['description'] != '') ? $content['rss']['channel']['item']['description'] : _('Undefined')); + + // clean content to prevent xss attack + + $title = $purifier->purify($title); + $body = $purifier->purify($body); + $this->store->updateContentAndTitle($item['id'], $title, $body, $this->user->getId()); + Tools::logm('Article ' . $item['id'] . ' updated.'); + } } } - - Tools::redirect('?view=config'); + + return array( + 'includeImport' => true, + 'import' => array( + 'recordsDownloadRequired' => $recordsDownloadRequired, + 'recordsUnderDownload' => IMPORT_LIMIT, + 'delay' => IMPORT_DELAY * 1000 + ) + ); } /** @@ -1091,11 +697,14 @@ class Poche */ public function export() { - $entries = $this->store->retrieveAll($this->user->getId()); - echo $this->tpl->render('export.twig', array( - 'export' => Tools::renderJson($entries), - )); - Tools::logm('export view'); + $filename = "wallabag-export-".$this->user->getId()."-".date("Y-m-d").".json"; + header('Content-Disposition: attachment; filename='.$filename); + + $entries = $this->store->retrieveAll($this->user->getId()); + echo $this->tpl->render('export.twig', array( + 'export' => Tools::renderJson($entries), + )); + Tools::logm('export view'); } /** @@ -1103,32 +712,27 @@ class Poche * @param string $which 'prod' or 'dev' * @return string latest $which version */ - private function getPocheVersion($which = 'prod') - { - $cache_file = CACHE . '/' . $which; - $check_time = time(); + private function _getPocheVersion($which = 'prod') { + $cache_file = CACHE . '/' . $which; + $check_time = time(); - # checks if the cached version file exists - if (file_exists($cache_file) && (filemtime($cache_file) > (time() - 86400 ))) { - $version = file_get_contents($cache_file); - $check_time = filemtime($cache_file); - } else { - $version = file_get_contents('http://static.wallabag.org/versions/' . $which); - file_put_contents($cache_file, $version, LOCK_EX); - } - return array($version, $check_time); + # checks if the cached version file exists + if (file_exists($cache_file) && (filemtime($cache_file) > (time() - 86400 ))) { + $version = file_get_contents($cache_file); + $check_time = filemtime($cache_file); + } else { + $version = file_get_contents('http://static.wallabag.org/versions/' . $which); + file_put_contents($cache_file, $version, LOCK_EX); + } + return array($version, $check_time); } - public function generateToken() + /** + * Update token for current user + */ + public function updateToken() { - if (ini_get('open_basedir') === '') { - $token = substr(base64_encode(file_get_contents('/dev/urandom', false, null, 0, 20)), 0, 15); - } - else { - $token = substr(base64_encode(uniqid(mt_rand(), true)), 0, 20); - } - - $token = str_replace('+', '', $token); + $token = Tools::generateToken(); $this->store->updateUserConfig($this->user->getId(), 'token', $token); $currentConfig = $_SESSION['poche_user']->config; $currentConfig['token'] = $token; @@ -1136,20 +740,26 @@ class Poche Tools::redirect(); } + /** + * Generate RSS feeds for current user + * + * @param $token + * @param $user_id + * @param $tag_id + * @param string $type + */ public function generateFeeds($token, $user_id, $tag_id, $type = 'home') { $allowed_types = array('home', 'fav', 'archive', 'tag'); $config = $this->store->getConfigUser($user_id); if ($config == null) { - die(_('User with this id (' . $user_id . ') does not exist.')); + die(sprintf(_('User with this id (%d) does not exist.'), $user_id)); } - if (!in_array($type, $allowed_types) || - $token != $config['token']) { - die(_('Uh, there is a problem while generating feeds.')); + if (!in_array($type, $allowed_types) || !isset($config['token']) || $token != $config['token']) { + die(_('Uh, there is a problem while generating feed. Wrong token used?')); } - // Check the token $feed = new FeedWriter(RSS2); $feed->setTitle('wallabag — ' . $type . ' feed'); @@ -1169,6 +779,7 @@ class Poche foreach ($entries as $entry) { $newItem = $feed->createNewItem(); $newItem->setTitle($entry['title']); + $newItem->setSource(Tools::getPocheUrl() . '?view=view&id=' . $entry['id']); $newItem->setLink($entry['url']); $newItem->setDate(time()); $newItem->setDescription($entry['content']); @@ -1180,19 +791,22 @@ class Poche exit; } - public function emptyCache() { - $files = new RecursiveIteratorIterator( - new RecursiveDirectoryIterator(CACHE, RecursiveDirectoryIterator::SKIP_DOTS), - RecursiveIteratorIterator::CHILD_FIRST - ); - foreach ($files as $fileinfo) { - $todo = ($fileinfo->isDir() ? 'rmdir' : 'unlink'); - $todo($fileinfo->getRealPath()); - } - Tools::logm('empty cache'); - $this->messages->add('s', _('Cache deleted.')); - Tools::redirect(); + /** + * Returns new purifier object with actual config + */ + private function _getPurifier() + { + $config = HTMLPurifier_Config::createDefault(); + $config->set('Cache.SerializerPath', CACHE); + $config->set('HTML.SafeIframe', true); + + //allow YouTube, Vimeo and dailymotion videos + $config->set('URI.SafeIframeRegexp', '%^(https?:)?//(www\.youtube(?:-nocookie)?\.com/embed/|player\.vimeo\.com/video/|www\.dailymotion\.com/embed/video/)%'); + + return new HTMLPurifier($config); } + + }