X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=index.php;h=58ae2ddb780a9315755df398c77eaa5773b0e712;hb=refs%2Fheads%2Fgitolite_local%2Fldap;hp=4b86a3e2c17ece7338ad04646cedee6150bbbd47;hpb=630ebca2b6359e942e5b6c057cca2b6069c1093a;p=github%2Fshaarli%2FShaarli.git
diff --git a/index.php b/index.php
index 4b86a3e2..58ae2ddb 100644
--- a/index.php
+++ b/index.php
@@ -121,7 +121,32 @@ if (isset($_COOKIE['shaarli']) && !SessionManager::checkId($_COOKIE['shaarli']))
$_COOKIE['shaarli'] = session_id();
}
-$conf = new ConfigManager();
+$folderBase = getenv("BASE");
+
+if (getenv("USERSPACE")) {
+ if (isset($_GET["do"]) && $_GET["do"] == "login") {
+ header("Location: $folderBase/?do=login");
+ exit;
+ }
+ $userspace = preg_replace("/[^-_A-Za-z0-9]/", '', getenv("USERSPACE"));
+} else if (isset($_SESSION["username"]) && $_SESSION["username"]) {
+ header("Location: " . $folderBase . "/" . $_SESSION["username"] . "?");
+ exit;
+} else if (!isset($_GET["do"]) || $_GET["do"] != "login") {
+ header("Location: $folderBase/?do=login");
+ exit;
+}
+
+if (!isset($userspace) && isset($_POST["login"])) {
+ $userspace = preg_replace("/[^-_A-Za-z0-9]/", '', $_POST["login"]);
+ error_log("debugImmae: setting userspace from POST: " . $userspace);
+}
+
+if (isset($userspace)) {
+ $conf = new ConfigManager(null, $userspace);
+} else {
+ $conf = new ConfigManager();
+}
$sessionManager = new SessionManager($_SESSION, $conf);
$loginManager = new LoginManager($GLOBALS, $conf, $sessionManager);
$loginManager->generateStaySignedInToken($_SERVER['REMOTE_ADDR']);
@@ -175,7 +200,7 @@ if (! is_file($conf->getConfigFileExt())) {
}
// Display the installation form if no existing config is found
- install($conf, $sessionManager, $loginManager);
+ install($conf, $sessionManager, $loginManager, $userspace);
}
$loginManager->checkLoginState($_COOKIE, $clientIpId);
@@ -205,6 +230,7 @@ if (isset($_POST['login'])) {
&& $loginManager->checkCredentials($_SERVER['REMOTE_ADDR'], $clientIpId, $_POST['login'], $_POST['password'])
) {
$loginManager->handleSuccessfulLogin($_SERVER);
+ $userspace = $_POST['login'];
$cookiedir = '';
if (dirname($_SERVER['SCRIPT_NAME']) != '/') {
@@ -241,25 +267,25 @@ if (isset($_POST['login'])) {
$uri .= '&'.$param.'='.urlencode($_GET[$param]);
}
}
- header('Location: '. $uri);
+ header('Location: '. $userspace . $uri);
exit;
}
if (isset($_GET['edit_link'])) {
- header('Location: ?edit_link='. escape($_GET['edit_link']));
+ header('Location: ' . $userspace . '?edit_link='. escape($_GET['edit_link']));
exit;
}
if (isset($_POST['returnurl'])) {
// Prevent loops over login screen.
if (strpos($_POST['returnurl'], 'do=login') === false) {
- header('Location: '. generateLocation($_POST['returnurl'], $_SERVER['HTTP_HOST']));
+ header('Location: ' . generateLocation($_POST['returnurl'], $_SERVER['HTTP_HOST']));
exit;
}
}
- header('Location: ?'); exit;
+ header('Location: '. $userspace . '?'); exit;
} else {
- $loginManager->handleFailedLogin($_SERVER);
+ $errorReason = $loginManager->handleFailedLogin($_SERVER);
$redir = '&username='. urlencode($_POST['login']);
if (isset($_GET['post'])) {
$redir .= '&post=' . urlencode($_GET['post']);
@@ -270,7 +296,7 @@ if (isset($_POST['login'])) {
}
}
// Redirect to login screen.
- echo '';
+ echo '';
exit;
}
}
@@ -1719,7 +1745,7 @@ function buildLinkList($PAGE, $LINKSDB, $conf, $pluginManager, $loginManager)
* @param SessionManager $sessionManager SessionManager instance
* @param LoginManager $loginManager LoginManager instance
*/
-function install($conf, $sessionManager, $loginManager) {
+function install($conf, $sessionManager, $loginManager, $userspace) {
// On free.fr host, make sure the /sessions directory exists, otherwise login will not work.
if (endsWith($_SERVER['HTTP_HOST'],'.free.fr') && !is_dir($_SERVER['DOCUMENT_ROOT'].'/sessions')) mkdir($_SERVER['DOCUMENT_ROOT'].'/sessions',0705);
@@ -1755,7 +1781,7 @@ function install($conf, $sessionManager, $loginManager) {
}
- if (!empty($_POST['setlogin']) && !empty($_POST['setpassword']))
+ if (true)
{
$tz = 'UTC';
if (!empty($_POST['continent']) && !empty($_POST['city'])
@@ -1764,15 +1790,15 @@ function install($conf, $sessionManager, $loginManager) {
$tz = $_POST['continent'].'/'.$_POST['city'];
}
$conf->set('general.timezone', $tz);
- $login = $_POST['setlogin'];
- $conf->set('credentials.login', $login);
+ $conf->set('credentials.login', $userspace);
$salt = sha1(uniqid('', true) .'_'. mt_rand());
$conf->set('credentials.salt', $salt);
- $conf->set('credentials.hash', sha1($_POST['setpassword'] . $login . $salt));
+ $hash = sha1(uniqid('', true) .'_'. mt_rand());
+ $conf->set('credentials.hash', $hash);
if (!empty($_POST['title'])) {
$conf->set('general.title', escape($_POST['title']));
} else {
- $conf->set('general.title', 'Shared links on '.escape(index_url($_SERVER)));
+ $conf->set('general.title', ucwords(str_replace("_", " ", $userspace)));
}
$conf->set('translation.language', escape($_POST['language']));
$conf->set('updates.check_updates', !empty($_POST['updateCheck']));
@@ -1841,7 +1867,12 @@ $container['history'] = $history;
$app = new \Slim\App($container);
// REST API routes
-$app->group('/api/v1', function() {
+if (isset($userspace)) {
+ $mountpoint = '/' . $userspace . '/api/v1';
+} else {
+ $mountpoint = '/api/v1';
+}
+$app->group($mountpoint, function() {
$this->get('/info', '\Shaarli\Api\Controllers\Info:getInfo')->setName('getInfo');
$this->get('/links', '\Shaarli\Api\Controllers\Links:getLinks')->setName('getLinks');
$this->get('/links/{id:[\d]+}', '\Shaarli\Api\Controllers\Links:getLink')->setName('getLink');
@@ -1860,7 +1891,7 @@ $app->group('/api/v1', function() {
$response = $app->run(true);
// Hack to make Slim and Shaarli router work together:
// If a Slim route isn't found and NOT API call, we call renderPage().
-if ($response->getStatusCode() == 404 && strpos($_SERVER['REQUEST_URI'], '/api/v1') === false) {
+if ($response->getStatusCode() == 404 && strpos($_SERVER['REQUEST_URI'], $mountpoint) === false) {
// We use UTF-8 for proper international characters handling.
header('Content-Type: text/html; charset=utf-8');
renderPage($conf, $pluginManager, $linkDb, $history, $sessionManager, $loginManager);