';
@@ -167,16 +151,11 @@ if (! is_file($conf->getConfigFile())) {
}
// Display the installation form if no existing config is found
- install();
+ install($conf);
}
-// FIXME! Update these value with Updater and escpae it during the install/config save.
-$conf->set('title', escape($conf->get('title')));
-$conf->set('titleLink', escape($conf->get('titleLink')));
-$conf->set('redirector', escape($conf->get('redirector')));
-
// a token depending of deployment salt, user password, and the current ip
-define('STAY_SIGNED_IN_TOKEN', sha1($conf->get('hash') . $_SERVER['REMOTE_ADDR'] . $conf->get('salt')));
+define('STAY_SIGNED_IN_TOKEN', sha1($conf->get('credentials.hash') . $_SERVER['REMOTE_ADDR'] . $conf->get('credentials.salt')));
// Sniff browser language and set date format accordingly.
if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
@@ -184,19 +163,21 @@ if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
}
header('Content-Type: text/html; charset=utf-8'); // We use UTF-8 for proper international characters handling.
-//==================================================================================================
-// Checking session state (i.e. is the user still logged in)
-//==================================================================================================
-
-function setup_login_state() {
- $conf = ConfigManager::getInstance();
-
- if ($conf->get('config.OPEN_SHAARLI')) {
+/**
+ * Checking session state (i.e. is the user still logged in)
+ *
+ * @param ConfigManager $conf The configuration manager.
+ *
+ * @return bool: true if the user is logged in, false otherwise.
+ */
+function setup_login_state($conf)
+{
+ if ($conf->get('security.open_shaarli')) {
return true;
}
$userIsLoggedIn = false; // By default, we do not consider the user as logged in;
$loginFailure = false; // If set to true, every attempt to authenticate the user will fail. This indicates that an important condition isn't met.
- if (! $conf->exists('login')) {
+ if (! $conf->exists('credentials.login')) {
$userIsLoggedIn = false; // Shaarli is not configured yet.
$loginFailure = true;
}
@@ -204,12 +185,12 @@ function setup_login_state() {
$_COOKIE['shaarli_staySignedIn']===STAY_SIGNED_IN_TOKEN &&
!$loginFailure)
{
- fillSessionInfo();
+ fillSessionInfo($conf);
$userIsLoggedIn = true;
}
// If session does not exist on server side, or IP address has changed, or session has expired, logout.
if (empty($_SESSION['uid'])
- || ($conf->get('disablesessionprotection') == false && $_SESSION['ip'] != allIPs())
+ || ($conf->get('security.session_protection_disabled') == false && $_SESSION['ip'] != allIPs())
|| time() >= $_SESSION['expires_on'])
{
logout();
@@ -228,14 +209,16 @@ function setup_login_state() {
return $userIsLoggedIn;
}
-$userIsLoggedIn = setup_login_state();
+$userIsLoggedIn = setup_login_state($conf);
-// ------------------------------------------------------------------------------------------
-// PubSubHubbub protocol support (if enabled) [UNTESTED]
-// (Source: http://aldarone.fr/les-flux-rss-shaarli-et-pubsubhubbub/ )
-function pubsubhub()
+/**
+ * PubSubHubbub protocol support (if enabled) [UNTESTED]
+ * (Source: http://aldarone.fr/les-flux-rss-shaarli-et-pubsubhubbub/ )
+ *
+ * @param ConfigManager $conf Configuration Manager instance.
+ */
+function pubsubhub($conf)
{
- $conf = ConfigManager::getInstance();
$pshUrl = $conf->get('config.PUBSUBHUB_URL');
if (!empty($pshUrl))
{
@@ -262,27 +245,39 @@ function allIPs()
return $ip;
}
-function fillSessionInfo() {
- $conf = ConfigManager::getInstance();
+/**
+ * Load user session.
+ *
+ * @param ConfigManager $conf Configuration Manager instance.
+ */
+function fillSessionInfo($conf)
+{
$_SESSION['uid'] = sha1(uniqid('',true).'_'.mt_rand()); // Generate unique random number (different than phpsessionid)
$_SESSION['ip']=allIPs(); // We store IP address(es) of the client to make sure session is not hijacked.
- $_SESSION['username']= $conf->get('login');
+ $_SESSION['username']= $conf->get('credentials.login');
$_SESSION['expires_on']=time()+INACTIVITY_TIMEOUT; // Set session expiration.
}
-// Check that user/password is correct.
-function check_auth($login,$password)
+/**
+ * Check that user/password is correct.
+ *
+ * @param string $login Username
+ * @param string $password User password
+ * @param ConfigManager $conf Configuration Manager instance.
+ *
+ * @return bool: authentication successful or not.
+ */
+function check_auth($login, $password, $conf)
{
- $conf = ConfigManager::getInstance();
- $hash = sha1($password . $login . $conf->get('salt'));
- if ($login == $conf->get('login') && $hash == $conf->get('hash'))
+ $hash = sha1($password . $login . $conf->get('credentials.salt'));
+ if ($login == $conf->get('credentials.login') && $hash == $conf->get('credentials.hash'))
{ // Login/password is correct.
- fillSessionInfo();
- logm($conf->get('config.LOG_FILE'), $_SERVER['REMOTE_ADDR'], 'Login successful');
- return True;
+ fillSessionInfo($conf);
+ logm($conf->get('resource.log'), $_SERVER['REMOTE_ADDR'], 'Login successful');
+ return true;
}
- logm($conf->get('config.LOG_FILE'), $_SERVER['REMOTE_ADDR'], 'Login failed for user '.$login);
- return False;
+ logm($conf->get('resource.log'), $_SERVER['REMOTE_ADDR'], 'Login failed for user '.$login);
+ return false;
}
// Returns true if the user is logged in.
@@ -307,62 +302,73 @@ function logout() {
// ------------------------------------------------------------------------------------------
// Brute force protection system
// Several consecutive failed logins will ban the IP address for 30 minutes.
-if (!is_file($conf->get('config.IPBANS_FILENAME', 'data/ipbans.php'))) {
+if (!is_file($conf->get('resource.ban_file', 'data/ipbans.php'))) {
// FIXME! globals
file_put_contents(
- $conf->get('config.IPBANS_FILENAME', 'data/ipbans.php'),
+ $conf->get('resource.ban_file', 'data/ipbans.php'),
"array(),'BANS'=>array()),true).";\n?>"
);
}
-include $conf->get('config.IPBANS_FILENAME', 'data/ipbans.php');
-// Signal a failed login. Will ban the IP if too many failures:
-function ban_loginFailed()
+include $conf->get('resource.ban_file', 'data/ipbans.php');
+/**
+ * Signal a failed login. Will ban the IP if too many failures:
+ *
+ * @param ConfigManager $conf Configuration Manager instance.
+ */
+function ban_loginFailed($conf)
{
- $conf = ConfigManager::getInstance();
$ip = $_SERVER['REMOTE_ADDR'];
$gb = $GLOBALS['IPBANS'];
if (!isset($gb['FAILURES'][$ip])) $gb['FAILURES'][$ip]=0;
$gb['FAILURES'][$ip]++;
- if ($gb['FAILURES'][$ip] > ($conf->get('config.BAN_AFTER') - 1))
+ if ($gb['FAILURES'][$ip] > ($conf->get('security.ban_after') - 1))
{
- $gb['BANS'][$ip] = time() + $conf->get('config.BAN_DURATION', 1800);
- logm($conf->get('config.LOG_FILE'), $_SERVER['REMOTE_ADDR'], 'IP address banned from login');
+ $gb['BANS'][$ip] = time() + $conf->get('security.ban_after', 1800);
+ logm($conf->get('resource.log'), $_SERVER['REMOTE_ADDR'], 'IP address banned from login');
}
$GLOBALS['IPBANS'] = $gb;
file_put_contents(
- $conf->get('config.IPBANS_FILENAME', 'data/ipbans.php'),
+ $conf->get('resource.ban_file', 'data/ipbans.php'),
""
);
}
-// Signals a successful login. Resets failed login counter.
-function ban_loginOk()
+/**
+ * Signals a successful login. Resets failed login counter.
+ *
+ * @param ConfigManager $conf Configuration Manager instance.
+ */
+function ban_loginOk($conf)
{
- $conf = ConfigManager::getInstance();
$ip = $_SERVER['REMOTE_ADDR'];
$gb = $GLOBALS['IPBANS'];
unset($gb['FAILURES'][$ip]); unset($gb['BANS'][$ip]);
$GLOBALS['IPBANS'] = $gb;
file_put_contents(
- $conf->get('config.IPBANS_FILENAME', 'data/ipbans.php'),
+ $conf->get('resource.ban_file', 'data/ipbans.php'),
""
);
}
-// Checks if the user CAN login. If 'true', the user can try to login.
-function ban_canLogin()
+/**
+ * Checks if the user CAN login. If 'true', the user can try to login.
+ *
+ * @param ConfigManager $conf Configuration Manager instance.
+ *
+ * @return bool: true if the user is allowed to login.
+ */
+function ban_canLogin($conf)
{
- $conf = ConfigManager::getInstance();
$ip=$_SERVER["REMOTE_ADDR"]; $gb=$GLOBALS['IPBANS'];
if (isset($gb['BANS'][$ip]))
{
// User is banned. Check if the ban has expired:
if ($gb['BANS'][$ip]<=time())
{ // Ban expired, user can try to login again.
- logm($conf->get('config.LOG_FILE'), $_SERVER['REMOTE_ADDR'], 'Ban lifted.');
+ logm($conf->get('resource.log'), $_SERVER['REMOTE_ADDR'], 'Ban lifted.');
unset($gb['FAILURES'][$ip]); unset($gb['BANS'][$ip]);
file_put_contents(
- $conf->get('config.IPBANS_FILENAME', 'data/ipbans.php'),
+ $conf->get('resource.ban_file', 'data/ipbans.php'),
""
);
return true; // Ban has expired, user can login.
@@ -376,10 +382,12 @@ function ban_canLogin()
// Process login form: Check if login/password is correct.
if (isset($_POST['login']))
{
- if (!ban_canLogin()) die('I said: NO. You are banned for the moment. Go away.');
- if (isset($_POST['password']) && tokenOk($_POST['token']) && (check_auth($_POST['login'], $_POST['password'])))
- { // Login/password is OK.
- ban_loginOk();
+ if (!ban_canLogin($conf)) die('I said: NO. You are banned for the moment. Go away.');
+ if (isset($_POST['password'])
+ && tokenOk($_POST['token'])
+ && (check_auth($_POST['login'], $_POST['password'], $conf))
+ ) { // Login/password is OK.
+ ban_loginOk($conf);
// If user wants to keep the session cookie even after the browser closes:
if (!empty($_POST['longlastingsession']))
{
@@ -427,7 +435,7 @@ if (isset($_POST['login']))
}
else
{
- ban_loginFailed();
+ ban_loginFailed($conf);
$redir = '&username='. $_POST['login'];
if (isset($_GET['post'])) {
$redir .= '&post=' . urlencode($_GET['post']);
@@ -475,11 +483,16 @@ function getMaxFileSize()
// Token should be used in any form which acts on data (create,update,delete,import...).
if (!isset($_SESSION['tokens'])) $_SESSION['tokens']=array(); // Token are attached to the session.
-// Returns a token.
-function getToken()
+/**
+ * Returns a token.
+ *
+ * @param ConfigManager $conf Configuration Manager instance.
+ *
+ * @return string token.
+ */
+function getToken($conf)
{
- $conf = ConfigManager::getInstance();
- $rnd = sha1(uniqid('', true) .'_'. mt_rand() . $conf->get('salt')); // We generate a random string.
+ $rnd = sha1(uniqid('', true) .'_'. mt_rand() . $conf->get('credentials.salt')); // We generate a random string.
$_SESSION['tokens'][$rnd]=1; // Store it on the server side.
return $rnd;
}
@@ -496,12 +509,14 @@ function tokenOk($token)
return false; // Wrong token, or already used.
}
-// ------------------------------------------------------------------------------------------
-// Daily RSS feed: 1 RSS entry per day giving all the links on that day.
-// Gives the last 7 days (which have links).
-// This RSS feed cannot be filtered.
-function showDailyRSS() {
- $conf = ConfigManager::getInstance();
+/**
+ * Daily RSS feed: 1 RSS entry per day giving all the links on that day.
+ * Gives the last 7 days (which have links).
+ * This RSS feed cannot be filtered.
+ *
+ * @param ConfigManager $conf Configuration Manager instance.
+ */
+function showDailyRSS($conf) {
// Cache system
$query = $_SERVER['QUERY_STRING'];
$cache = new CachedPage(
@@ -518,11 +533,11 @@ function showDailyRSS() {
// If cached was not found (or not usable), then read the database and build the response:
// Read links from database (and filter private links if used it not logged in).
$LINKSDB = new LinkDB(
- $conf->get('config.DATASTORE'),
+ $conf->get('resource.datastore'),
isLoggedIn(),
- $conf->get('config.HIDE_PUBLIC_LINKS'),
- $conf->get('redirector'),
- $conf->get('config.REDIRECTOR_URLENCODE')
+ $conf->get('privacy.hide_public_links'),
+ $conf->get('redirector.url'),
+ $conf->get('redirector.encode_url')
);
/* Some Shaarlies may have very few links, so we need to look
@@ -556,7 +571,7 @@ function showDailyRSS() {
$pageaddr = escape(index_url($_SERVER));
echo '';
echo '';
- echo 'Daily - '. $conf->get('title') . '';
+ echo 'Daily - '. $conf->get('general.title') . '';
echo ''. $pageaddr .'';
echo 'Daily shared links';
echo 'en-en';
@@ -575,8 +590,8 @@ function showDailyRSS() {
// We pre-format some fields for proper output.
foreach ($linkdates as $linkdate) {
$l = $LINKSDB[$linkdate];
- $l['formatedDescription'] = format_description($l['description'], $conf->get('redirector'));
- $l['thumbnail'] = thumbnail($l['url']);
+ $l['formatedDescription'] = format_description($l['description'], $conf->get('redirector.url'));
+ $l['thumbnail'] = thumbnail($conf, $l['url']);
$l_date = DateTime::createFromFormat(LinkDB::LINK_DATE_FORMAT, $l['linkdate']);
$l['timestamp'] = $l_date->getTimestamp();
if (startsWith($l['url'], '?')) {
@@ -587,11 +602,12 @@ function showDailyRSS() {
// Then build the HTML for this day:
$tpl = new RainTPL;
- $tpl->assign('title', $conf->get('title'));
+ $tpl->assign('title', $conf->get('general.title'));
$tpl->assign('daydate', $dayDate->getTimestamp());
$tpl->assign('absurl', $absurl);
$tpl->assign('links', $links);
$tpl->assign('rssdate', escape($dayDate->format(DateTime::RSS)));
+ $tpl->assign('hide_timestamps', $conf->get('privacy.hide_timestamps', false));
$html = $tpl->draw('dailyrss', $return_string=true);
echo $html . PHP_EOL;
@@ -606,12 +622,13 @@ function showDailyRSS() {
/**
* Show the 'Daily' page.
*
- * @param PageBuilder $pageBuilder Template engine wrapper.
- * @param LinkDB $LINKSDB LinkDB instance.
+ * @param PageBuilder $pageBuilder Template engine wrapper.
+ * @param LinkDB $LINKSDB LinkDB instance.
+ * @param ConfigManager $conf Configuration Manager instance.
+ * @param PluginManager $pluginManager Plugin Manager instane.
*/
-function showDaily($pageBuilder, $LINKSDB)
+function showDaily($pageBuilder, $LINKSDB, $conf, $pluginManager)
{
- $conf = ConfigManager::getInstance();
$day=date('Ymd',strtotime('-1 day')); // Yesterday, in format YYYYMMDD.
if (isset($_GET['day'])) $day=$_GET['day'];
@@ -640,8 +657,8 @@ function showDaily($pageBuilder, $LINKSDB)
$taglist = explode(' ',$link['tags']);
uasort($taglist, 'strcasecmp');
$linksToDisplay[$key]['taglist']=$taglist;
- $linksToDisplay[$key]['formatedDescription'] = format_description($link['description'], $conf->get('redirector'));
- $linksToDisplay[$key]['thumbnail'] = thumbnail($link['url']);
+ $linksToDisplay[$key]['formatedDescription'] = format_description($link['description'], $conf->get('redirector.url'));
+ $linksToDisplay[$key]['thumbnail'] = thumbnail($conf, $link['url']);
$date = DateTime::createFromFormat(LinkDB::LINK_DATE_FORMAT, $link['linkdate']);
$linksToDisplay[$key]['timestamp'] = $date->getTimestamp();
}
@@ -676,7 +693,7 @@ function showDaily($pageBuilder, $LINKSDB)
'previousday' => $previousday,
'nextday' => $nextday,
);
- $pluginManager = PluginManager::getInstance();
+
$pluginManager->executeHooks('render_daily', $data, array('loggedin' => isLoggedIn()));
foreach ($data as $key => $value) {
@@ -687,36 +704,46 @@ function showDaily($pageBuilder, $LINKSDB)
exit;
}
-// Renders the linklist
-function showLinkList($PAGE, $LINKSDB) {
- buildLinkList($PAGE,$LINKSDB); // Compute list of links to display
+/**
+ * Renders the linklist
+ *
+ * @param pageBuilder $PAGE pageBuilder instance.
+ * @param LinkDB $LINKSDB LinkDB instance.
+ * @param ConfigManager $conf Configuration Manager instance.
+ * @param PluginManager $pluginManager Plugin Manager instance.
+ */
+function showLinkList($PAGE, $LINKSDB, $conf, $pluginManager) {
+ buildLinkList($PAGE,$LINKSDB, $conf, $pluginManager); // Compute list of links to display
$PAGE->renderPage('linklist');
}
-
-// ------------------------------------------------------------------------------------------
-// Render HTML page (according to URL parameters and user rights)
-function renderPage()
+/**
+ * Render HTML page (according to URL parameters and user rights)
+ *
+ * @param ConfigManager $conf Configuration Manager instance.
+ * @param PluginManager $pluginManager Plugin Manager instance,
+ */
+function renderPage($conf, $pluginManager)
{
- $conf = ConfigManager::getInstance();
$LINKSDB = new LinkDB(
- $conf->get('config.DATASTORE'),
+ $conf->get('resource.datastore'),
isLoggedIn(),
- $conf->get('config.HIDE_PUBLIC_LINKS'),
- $conf->get('redirector'),
- $conf->get('config.REDIRECTOR_URLENCODE')
+ $conf->get('privacy.hide_public_links'),
+ $conf->get('redirector.url'),
+ $conf->get('redirector.encode_url')
);
$updater = new Updater(
- read_updates_file($conf->get('config.UPDATES_FILE')),
+ read_updates_file($conf->get('resource.updates')),
$LINKSDB,
+ $conf,
isLoggedIn()
);
try {
$newUpdates = $updater->update();
if (! empty($newUpdates)) {
write_updates_file(
- $conf->get('config.UPDATES_FILE'),
+ $conf->get('resource.updates'),
$updater->getDoneUpdates()
);
}
@@ -725,7 +752,7 @@ function renderPage()
die($e->getMessage());
}
- $PAGE = new PageBuilder();
+ $PAGE = new PageBuilder($conf);
$PAGE->assign('linkcount', count($LINKSDB));
$PAGE->assign('privateLinkcount', count_private($LINKSDB));
@@ -740,7 +767,7 @@ function renderPage()
'header',
'footer',
);
- $pluginManager = PluginManager::getInstance();
+
foreach($common_hooks as $name) {
$plugin_data = array();
$pluginManager->executeHooks('render_' . $name, $plugin_data,
@@ -755,8 +782,8 @@ function renderPage()
// -------- Display login form.
if ($targetPage == Router::$PAGE_LOGIN)
{
- if ($conf->get('config.OPEN_SHAARLI')) { header('Location: ?'); exit; } // No need to login for open Shaarli
- $token=''; if (ban_canLogin()) $token=getToken(); // Do not waste token generation if not useful.
+ if ($conf->get('security.open_shaarli')) { header('Location: ?'); exit; } // No need to login for open Shaarli
+ $token=''; if (ban_canLogin($conf)) $token=getToken($conf); // Do not waste token generation if not useful.
$PAGE->assign('token',$token);
if (isset($_GET['username'])) {
$PAGE->assign('username', escape($_GET['username']));
@@ -768,7 +795,7 @@ function renderPage()
// -------- User wants to logout.
if (isset($_SERVER['QUERY_STRING']) && startsWith($_SERVER['QUERY_STRING'], 'do=logout'))
{
- invalidateCaches($conf->get('config.PAGECACHE'));
+ invalidateCaches($conf->get('resource.page_cache'));
logout();
header('Location: ?');
exit;
@@ -785,7 +812,7 @@ function renderPage()
foreach($links as $link)
{
$permalink='?'.escape(smallhash($link['linkdate']));
- $thumb=lazyThumbnail($link['url'],$permalink);
+ $thumb=lazyThumbnail($conf, $link['url'],$permalink);
if ($thumb!='') // Only output links which have a thumbnail.
{
$link['thumbnail']=$thumb; // Thumbnail HTML code.
@@ -857,7 +884,7 @@ function renderPage()
// Daily page.
if ($targetPage == Router::$PAGE_DAILY) {
- showDaily($PAGE, $LINKSDB);
+ showDaily($PAGE, $LINKSDB, $conf, $pluginManager);
}
// ATOM and RSS feed.
@@ -868,7 +895,7 @@ function renderPage()
// Cache system
$query = $_SERVER['QUERY_STRING'];
$cache = new CachedPage(
- $conf->get('config.PAGECACHE'),
+ $conf->get('resource.page_cache'),
page_url($_SERVER),
startsWith($query,'do='. $targetPage) && !isLoggedIn()
);
@@ -881,8 +908,8 @@ function renderPage()
// Generate data.
$feedGenerator = new FeedBuilder($LINKSDB, $feedType, $_SERVER, $_GET, isLoggedIn());
$feedGenerator->setLocale(strtolower(setlocale(LC_COLLATE, 0)));
- $feedGenerator->setHideDates($conf->get('config.HIDE_TIMESTAMPS') && !isLoggedIn());
- $feedGenerator->setUsePermalinks(isset($_GET['permalinks']) || !$conf->get('config.ENABLE_RSS_PERMALINKS'));
+ $feedGenerator->setHideDates($conf->get('privacy.hide_timestamps') && !isLoggedIn());
+ $feedGenerator->setUsePermalinks(isset($_GET['permalinks']) || !$conf->get('feed.rss_permalinks'));
$pshUrl = $conf->get('config.PUBSUBHUB_URL');
if (!empty($pshUrl)) {
$feedGenerator->setPubsubhubUrl($pshUrl);
@@ -890,7 +917,6 @@ function renderPage()
$data = $feedGenerator->buildData();
// Process plugin hook.
- $pluginManager = PluginManager::getInstance();
$pluginManager->executeHooks('render_feed', $data, array(
'loggedin' => isLoggedIn(),
'target' => $targetPage,
@@ -1016,7 +1042,7 @@ function renderPage()
exit;
}
- showLinkList($PAGE, $LINKSDB);
+ showLinkList($PAGE, $LINKSDB, $conf, $pluginManager);
if (isset($_GET['edit_link'])) {
header('Location: ?do=login&edit_link='. escape($_GET['edit_link']));
exit;
@@ -1046,7 +1072,7 @@ function renderPage()
// -------- User wants to change his/her password.
if ($targetPage == Router::$PAGE_CHANGEPASSWORD)
{
- if ($conf->get('config.OPEN_SHAARLI')) {
+ if ($conf->get('security.open_shaarli')) {
die('You are not supposed to change a password on an Open Shaarli.');
}
@@ -1055,12 +1081,12 @@ function renderPage()
if (!tokenOk($_POST['token'])) die('Wrong token.'); // Go away!
// Make sure old password is correct.
- $oldhash = sha1($_POST['oldpassword'].$conf->get('login').$conf->get('salt'));
- if ($oldhash!= $conf->get('hash')) { echo ''; exit; }
+ $oldhash = sha1($_POST['oldpassword'].$conf->get('credentials.login').$conf->get('credentials.salt'));
+ if ($oldhash!= $conf->get('credentials.hash')) { echo ''; exit; }
// Save new password
// Salt renders rainbow-tables attacks useless.
- $conf->set('salt', sha1(uniqid('', true) .'_'. mt_rand()));
- $conf->set('hash', sha1($_POST['setpassword'] . $conf->get('login') . $conf->get('salt')));
+ $conf->set('credentials.salt', sha1(uniqid('', true) .'_'. mt_rand()));
+ $conf->set('credentials.hash', sha1($_POST['setpassword'] . $conf->get('credentials.login') . $conf->get('credentials.salt')));
try {
$conf->write(isLoggedIn());
}
@@ -1079,7 +1105,7 @@ function renderPage()
}
else // show the change password form.
{
- $PAGE->assign('token',getToken());
+ $PAGE->assign('token',getToken($conf));
$PAGE->renderPage('changepassword');
exit;
}
@@ -1099,15 +1125,15 @@ function renderPage()
) {
$tz = $_POST['continent'] . '/' . $_POST['city'];
}
- $conf->set('timezone', $tz);
- $conf->set('title', $_POST['title']);
- $conf->set('titleLink', $_POST['titleLink']);
- $conf->set('redirector', $_POST['redirector']);
- $conf->set('disablesessionprotection', !empty($_POST['disablesessionprotection']));
- $conf->set('privateLinkByDefault', !empty($_POST['privateLinkByDefault']));
- $conf->set('config.ENABLE_RSS_PERMALINKS', !empty($_POST['enableRssPermalinks']));
- $conf->set('config.ENABLE_UPDATECHECK', !empty($_POST['updateCheck']));
- $conf->set('config.HIDE_PUBLIC_LINKS', !empty($_POST['hidePublicLinks']));
+ $conf->set('general.timezone', $tz);
+ $conf->set('general.title', escape($_POST['title']));
+ $conf->set('general.header_link', escape($_POST['titleLink']));
+ $conf->set('redirector.url', escape($_POST['redirector']));
+ $conf->set('security.session_protection_disabled', !empty($_POST['disablesessionprotection']));
+ $conf->set('privacy.default_private_links', !empty($_POST['privateLinkByDefault']));
+ $conf->set('feed.rss_permalinks', !empty($_POST['enableRssPermalinks']));
+ $conf->set('updates.check_updates', !empty($_POST['updateCheck']));
+ $conf->set('privacy.hide_public_links', !empty($_POST['hidePublicLinks']));
try {
$conf->write(isLoggedIn());
}
@@ -1126,16 +1152,17 @@ function renderPage()
}
else // Show the configuration form.
{
- $PAGE->assign('token',getToken());
- $PAGE->assign('title', $conf->get('title'));
- $PAGE->assign('redirector', $conf->get('redirector'));
- list($timezone_form, $timezone_js) = generateTimeZoneForm($conf->get('timezone'));
+ $PAGE->assign('token',getToken($conf));
+ $PAGE->assign('title', $conf->get('general.title'));
+ $PAGE->assign('redirector', $conf->get('redirector.url'));
+ list($timezone_form, $timezone_js) = generateTimeZoneForm($conf->get('general.timezone'));
$PAGE->assign('timezone_form', $timezone_form);
$PAGE->assign('timezone_js',$timezone_js);
- $PAGE->assign('private_links_default', $conf->get('privateLinkByDefault'));
- $PAGE->assign('enable_rss_permalinks', $conf->get('config.ENABLE_RSS_PERMALINKS'));
- $PAGE->assign('enable_update_check', $conf->get('config.ENABLE_UPDATECHECK'));
- $PAGE->assign('hide_public_links', $conf->get('config.HIDE_PUBLIC_LINKS'));
+ $PAGE->assign('private_links_default', $conf->get('privacy.default_private_links', false));
+ $PAGE->assign('session_protection_disabled', $conf->get('security.session_protection_disabled', false));
+ $PAGE->assign('enable_rss_permalinks', $conf->get('feed.rss_permalinks', false));
+ $PAGE->assign('enable_update_check', $conf->get('updates.check_updates', true));
+ $PAGE->assign('hide_public_links', $conf->get('privacy.hide_public_links', false));
$PAGE->renderPage('configure');
exit;
}
@@ -1145,7 +1172,7 @@ function renderPage()
if ($targetPage == Router::$PAGE_CHANGETAG)
{
if (empty($_POST['fromtag']) || (empty($_POST['totag']) && isset($_POST['renametag']))) {
- $PAGE->assign('token', getToken());
+ $PAGE->assign('token', getToken($conf));
$PAGE->assign('tags', $LINKSDB->allTags());
$PAGE->renderPage('changetag');
exit;
@@ -1167,7 +1194,7 @@ function renderPage()
$value['tags']=trim(implode(' ',$tags));
$LINKSDB[$key]=$value;
}
- $LINKSDB->savedb($conf->get('config.PAGECACHE'));
+ $LINKSDB->savedb($conf->get('resource.page_cache'));
echo '';
exit;
}
@@ -1184,7 +1211,7 @@ function renderPage()
$value['tags']=trim(implode(' ',$tags));
$LINKSDB[$key]=$value;
}
- $LINKSDB->savedb($conf->get('config.PAGECACHE')); // Save to disk.
+ $LINKSDB->savedb($conf->get('resource.page_cache')); // Save to disk.
echo '';
exit;
}
@@ -1235,8 +1262,8 @@ function renderPage()
$pluginManager->executeHooks('save_link', $link);
$LINKSDB[$linkdate] = $link;
- $LINKSDB->savedb($conf->get('config.PAGECACHE'));
- pubsubhub();
+ $LINKSDB->savedb($conf->get('resource.page_cache'));
+ pubsubhub($conf);
// If we are called from the bookmarklet, we must close the popup:
if (isset($_GET['source']) && ($_GET['source']=='bookmarklet' || $_GET['source']=='firefoxsocialapi')) {
@@ -1277,7 +1304,7 @@ function renderPage()
$pluginManager->executeHooks('delete_link', $LINKSDB[$linkdate]);
unset($LINKSDB[$linkdate]);
- $LINKSDB->savedb('config.PAGECACHE'); // save to disk
+ $LINKSDB->savedb('resource.page_cache'); // save to disk
// If we are called from the bookmarklet, we must close the popup:
if (isset($_GET['source']) && ($_GET['source']=='bookmarklet' || $_GET['source']=='firefoxsocialapi')) { echo ''; exit; }
@@ -1320,7 +1347,7 @@ function renderPage()
$data = array(
'link' => $link,
'link_is_new' => false,
- 'token' => getToken(),
+ 'token' => getToken($conf),
'http_referer' => (isset($_SERVER['HTTP_REFERER']) ? escape($_SERVER['HTTP_REFERER']) : ''),
'tags' => $LINKSDB->allTags(),
);
@@ -1387,10 +1414,11 @@ function renderPage()
$data = array(
'link' => $link,
'link_is_new' => $link_is_new,
- 'token' => getToken(), // XSRF protection.
+ 'token' => getToken($conf), // XSRF protection.
'http_referer' => (isset($_SERVER['HTTP_REFERER']) ? escape($_SERVER['HTTP_REFERER']) : ''),
'source' => (isset($_GET['source']) ? $_GET['source'] : ''),
'tags' => $LINKSDB->allTags(),
+ 'default_private_links' => $conf->get('default_private_links', false),
);
$pluginManager->executeHooks('render_editlink', $data);
@@ -1464,7 +1492,7 @@ function renderPage()
// -------- Show upload/import dialog:
if ($targetPage == Router::$PAGE_IMPORT)
{
- $PAGE->assign('token',getToken());
+ $PAGE->assign('token',getToken($conf));
$PAGE->assign('maxfilesize',getMaxFileSize());
$PAGE->renderPage('import');
exit;
@@ -1500,7 +1528,7 @@ function renderPage()
}
}
else {
- $conf->set('config.ENABLED_PLUGINS', save_plugin_config($_POST));
+ $conf->set('general.enabled_plugins', save_plugin_config($_POST));
}
$conf->write(isLoggedIn());
}
@@ -1519,16 +1547,19 @@ function renderPage()
}
// -------- Otherwise, simply display search form and links:
- showLinkList($PAGE, $LINKSDB);
+ showLinkList($PAGE, $LINKSDB, $conf, $pluginManager);
exit;
}
-// -----------------------------------------------------------------------------------------------
-// Process the import file form.
-function importFile($LINKSDB)
+/**
+ * Process the import file form.
+ *
+ * @param LinkDB $LINKSDB Loaded LinkDB instance.
+ * @param ConfigManager $conf Configuration Manager instance.
+ */
+function importFile($LINKSDB, $conf)
{
if (!isLoggedIn()) { die('Not allowed.'); }
- $conf = ConfigManager::getInstance();
$filename=$_FILES['filetoupload']['name'];
$filesize=$_FILES['filetoupload']['size'];
@@ -1599,7 +1630,7 @@ function importFile($LINKSDB)
}
}
}
- $LINKSDB->savedb($conf->get('config.PAGECACHE'));
+ $LINKSDB->savedb($conf->get('resource.page_cache'));
echo '';
}
@@ -1613,12 +1644,13 @@ function importFile($LINKSDB)
* Template for the list of links (
)
* This function fills all the necessary fields in the $PAGE for the template 'linklist.html'
*
- * @param pageBuilder $PAGE pageBuilder instance.
- * @param LinkDB $LINKSDB LinkDB instance.
+ * @param pageBuilder $PAGE pageBuilder instance.
+ * @param LinkDB $LINKSDB LinkDB instance.
+ * @param ConfigManager $conf Configuration Manager instance.
+ * @param PluginManager $pluginManager Plugin Manager instance.
*/
-function buildLinkList($PAGE,$LINKSDB)
+function buildLinkList($PAGE,$LINKSDB, $conf, $pluginManager)
{
- $conf = ConfigManager::getInstance();
// Used in templates
$searchtags = !empty($_GET['searchtags']) ? escape($_GET['searchtags']) : '';
$searchterm = !empty($_GET['searchterm']) ? escape($_GET['searchterm']) : '';
@@ -1646,7 +1678,7 @@ function buildLinkList($PAGE,$LINKSDB)
// If there is only a single link, we change on-the-fly the title of the page.
if (count($linksToDisplay) == 1) {
- $conf->set('pagetitle', $linksToDisplay[$keys[0]]['title'] .' - '. $conf->get('title'));
+ $conf->set('pagetitle', $linksToDisplay[$keys[0]]['title'] .' - '. $conf->get('general.title'));
}
// Select articles according to paging.
@@ -1662,7 +1694,7 @@ function buildLinkList($PAGE,$LINKSDB)
while ($i<$end && $iget('redirector'));
+ $link['description'] = format_description($link['description'], $conf->get('redirector.url'));
$classLi = ($i % 2) != 0 ? '' : 'publicLinkHightLight';
$link['class'] = $link['private'] == 0 ? $classLi : 'private';
$date = DateTime::createFromFormat(LinkDB::LINK_DATE_FORMAT, $link['linkdate']);
@@ -1693,7 +1725,7 @@ function buildLinkList($PAGE,$LINKSDB)
$next_page_url = '?page=' . ($page-1) . $searchtermUrl . $searchtagsUrl;
}
- $token = isLoggedIn() ? getToken() : '';
+ $token = isLoggedIn() ? getToken($conf) : '';
// Fill all template fields.
$data = array(
@@ -1704,7 +1736,7 @@ function buildLinkList($PAGE,$LINKSDB)
'result_count' => count($linksToDisplay),
'search_term' => $searchterm,
'search_tags' => $searchtags,
- 'redirector' => $conf->get('redirector'), // Optional redirector URL.
+ 'redirector' => $conf->get('redirector.url'), // Optional redirector URL.
'token' => $token,
'links' => $linkDisp,
'tags' => $LINKSDB->allTags(),
@@ -1714,7 +1746,6 @@ function buildLinkList($PAGE,$LINKSDB)
$data['pagetitle'] = $conf->get('pagetitle');
}
- $pluginManager = PluginManager::getInstance();
$pluginManager->executeHooks('render_linklist', $data, array('loggedin' => isLoggedIn()));
foreach ($data as $key => $value) {
@@ -1724,19 +1755,26 @@ function buildLinkList($PAGE,$LINKSDB)
return;
}
-// Compute the thumbnail for a link.
-//
-// With a link to the original URL.
-// Understands various services (youtube.com...)
-// Input: $url = URL for which the thumbnail must be found.
-// $href = if provided, this URL will be followed instead of $url
-// Returns an associative array with thumbnail attributes (src,href,width,height,style,alt)
-// Some of them may be missing.
-// Return an empty array if no thumbnail available.
-function computeThumbnail($url,$href=false)
+/**
+ * Compute the thumbnail for a link.
+ *
+ * With a link to the original URL.
+ * Understands various services (youtube.com...)
+ * Input: $url = URL for which the thumbnail must be found.
+ * $href = if provided, this URL will be followed instead of $url
+ * Returns an associative array with thumbnail attributes (src,href,width,height,style,alt)
+ * Some of them may be missing.
+ * Return an empty array if no thumbnail available.
+ *
+ * @param ConfigManager $conf Configuration Manager instance.
+ * @param string $url
+ * @param string|bool $href
+ *
+ * @return array
+ */
+function computeThumbnail($conf, $url, $href = false)
{
- $conf = ConfigManager::getInstance();
- if (!$conf->get('config.ENABLE_THUMBNAILS')) return array();
+ if (!$conf->get('thumbnail.enable_thumbnails')) return array();
if ($href==false) $href=$url;
// For most hosts, the URL of the thumbnail can be easily deduced from the URL of the link.
@@ -1804,7 +1842,7 @@ function computeThumbnail($url,$href=false)
// So we deport the thumbnail generation in order not to slow down page generation
// (and we also cache the thumbnail)
- if (! $conf->get('config.ENABLE_LOCALCACHE')) return array(); // If local cache is disabled, no thumbnails for services which require the use a local cache.
+ if (! $conf->get('thumbnail.enable_localcache')) return array(); // If local cache is disabled, no thumbnails for services which require the use a local cache.
if ($domain=='flickr.com' || endsWith($domain,'.flickr.com')
|| $domain=='vimeo.com'
@@ -1827,7 +1865,7 @@ function computeThumbnail($url,$href=false)
$path = parse_url($url,PHP_URL_PATH);
if ("/talks/" !== substr($path,0,7)) return array(); // This is not a single video URL.
}
- $sign = hash_hmac('sha256', $url, $conf->get('salt')); // We use the salt to sign data (it's random, secret, and specific to each installation)
+ $sign = hash_hmac('sha256', $url, $conf->get('credentials.salt')); // We use the salt to sign data (it's random, secret, and specific to each installation)
return array('src'=>index_url($_SERVER).'?do=genthumbnail&hmac='.$sign.'&url='.urlencode($url),
'href'=>$href,'width'=>'120','style'=>'height:auto;','alt'=>'thumbnail');
}
@@ -1838,7 +1876,7 @@ function computeThumbnail($url,$href=false)
$ext=strtolower(pathinfo($url,PATHINFO_EXTENSION));
if ($ext=='jpg' || $ext=='jpeg' || $ext=='png' || $ext=='gif')
{
- $sign = hash_hmac('sha256', $url, $conf->get('salt')); // We use the salt to sign data (it's random, secret, and specific to each installation)
+ $sign = hash_hmac('sha256', $url, $conf->get('credentials.salt')); // We use the salt to sign data (it's random, secret, and specific to each installation)
return array('src'=>index_url($_SERVER).'?do=genthumbnail&hmac='.$sign.'&url='.urlencode($url),
'href'=>$href,'width'=>'120','style'=>'height:auto;','alt'=>'thumbnail');
}
@@ -1855,7 +1893,9 @@ function computeThumbnail($url,$href=false)
// Returns '' if no thumbnail available.
function thumbnail($url,$href=false)
{
- $t = computeThumbnail($url,$href);
+ // FIXME!
+ global $conf;
+ $t = computeThumbnail($conf, $url,$href);
if (count($t)==0) return ''; // Empty array = no thumbnail for this URL.
$html='';
@@ -1901,10 +1943,13 @@ function lazyThumbnail($url,$href=false)
}
-// -----------------------------------------------------------------------------------------------
-// Installation
-// This function should NEVER be called if the file data/config.php exists.
-function install()
+/**
+ * Installation
+ * This function should NEVER be called if the file data/config.php exists.
+ *
+ * @param ConfigManager $conf Configuration Manager instance.
+ */
+function install($conf)
{
// On free.fr host, make sure the /sessions directory exists, otherwise login will not work.
if (endsWith($_SERVER['HTTP_HOST'],'.free.fr') && !is_dir($_SERVER['DOCUMENT_ROOT'].'/sessions')) mkdir($_SERVER['DOCUMENT_ROOT'].'/sessions',0705);
@@ -1935,25 +1980,24 @@ function install()
if (!empty($_POST['setlogin']) && !empty($_POST['setpassword']))
{
- $conf = ConfigManager::getInstance();
$tz = 'UTC';
if (!empty($_POST['continent']) && !empty($_POST['city'])
&& isTimeZoneValid($_POST['continent'], $_POST['city'])
) {
$tz = $_POST['continent'].'/'.$_POST['city'];
}
- $conf->set('timezone', $tz);
+ $conf->set('general.timezone', $tz);
$login = $_POST['setlogin'];
- $conf->set('login', $login);
+ $conf->set('credentials.login', $login);
$salt = sha1(uniqid('', true) .'_'. mt_rand());
- $conf->set('salt', $salt);
- $conf->set('hash', sha1($_POST['setpassword'] . $login . $salt));
+ $conf->set('credentials.salt', $salt);
+ $conf->set('credentials.hash', sha1($_POST['setpassword'] . $login . $salt));
if (!empty($_POST['title'])) {
- $conf->set('title', $_POST['title']);
+ $conf->set('general.title', escape($_POST['title']));
} else {
- $conf->set('title', 'Shared links on '.escape(index_url($_SERVER)));
+ $conf->set('general.title', 'Shared links on '.escape(index_url($_SERVER)));
}
- $conf->set('config.ENABLE_UPDATECHECK', !empty($_POST['updateCheck']));
+ $conf->set('updates.check_updates', !empty($_POST['updateCheck']));
try {
// Everything is ok, let's create config file.
$conf->write(isLoggedIn());
@@ -1979,30 +2023,32 @@ function install()
$timezone_html = '