X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=index.php;h=6a5eb2aeb666bc4df74db78fbda03007860b72ef;hb=091e2d139dfd35e1a0fbfef5c561b26af633dbd9;hp=600b2f5540242d24b81a8fb48e5c5e0574c7830a;hpb=1557cefbd76257ceb830f65806831b490faf0acc;p=github%2Fshaarli%2FShaarli.git

diff --git a/index.php b/index.php
index 600b2f55..6a5eb2ae 100644
--- a/index.php
+++ b/index.php
@@ -1,6 +1,6 @@
 <?php
 /**
- * Shaarli v0.6.2 - Shaare your links...
+ * Shaarli v0.6.3 - Shaare your links...
  *
  * The personal, minimalist, super-fast, no-database Delicious clone.
  *
@@ -111,7 +111,8 @@ $GLOBALS['config']['UPDATECHECK_INTERVAL'] = 86400;
 //);
 $GLOBALS['config']['ENABLED_PLUGINS'] = array('qrcode');
 
-//$GLOBALS['plugins']['WALLABAG_URL'] = 'https://demo.wallabag.org/';
+// Initialize plugin parameters array.
+$GLOBALS['plugins'] = array();
 
 // PubSubHubbub support. Put an empty string to disable, or put your hub url here to enable.
 $GLOBALS['config']['PUBSUBHUB_URL'] = '';
@@ -119,7 +120,7 @@ $GLOBALS['config']['PUBSUBHUB_URL'] = '';
 /*
  * PHP configuration
  */
-define('shaarli_version', '0.6.2');
+define('shaarli_version', '0.6.3');
 
 // http://server.com/x/shaarli --> /shaarli/
 define('WEB_PATH', substr($_SERVER["REQUEST_URI"], 0, 1+strrpos($_SERVER["REQUEST_URI"], '/', 0)));
@@ -309,14 +310,6 @@ function setup_login_state() {
 $userIsLoggedIn = setup_login_state();
 
 
-// -----------------------------------------------------------------------------------------------
-// Log to text file
-function logm($message)
-{
-    $t = strval(date('Y/m/d_H:i:s')).' - '.$_SERVER["REMOTE_ADDR"].' - '.strval($message)."\n";
-    file_put_contents($GLOBALS['config']['LOG_FILE'], $t, FILE_APPEND);
-}
-
 // ------------------------------------------------------------------------------------------
 // Sniff browser language to display dates in the right format automatically.
 // (Note that is may not work on your server if the corresponding local is not installed.)
@@ -380,10 +373,10 @@ function check_auth($login,$password)
     if ($login==$GLOBALS['login'] && $hash==$GLOBALS['hash'])
     {   // Login/password is correct.
 		fillSessionInfo();
-        logm('Login successful');
+        logm($GLOBALS['config']['LOG_FILE'], $_SERVER['REMOTE_ADDR'], 'Login successful');
         return True;
     }
-    logm('Login failed for user '.$login);
+    logm($GLOBALS['config']['LOG_FILE'], $_SERVER['REMOTE_ADDR'], 'Login failed for user '.$login);
     return False;
 }
 
@@ -420,7 +413,7 @@ function ban_loginFailed()
     if ($gb['FAILURES'][$ip]>($GLOBALS['config']['BAN_AFTER']-1))
     {
         $gb['BANS'][$ip]=time()+$GLOBALS['config']['BAN_DURATION'];
-        logm('IP address banned from login');
+        logm($GLOBALS['config']['LOG_FILE'], $_SERVER['REMOTE_ADDR'], 'IP address banned from login');
     }
     $GLOBALS['IPBANS'] = $gb;
     file_put_contents($GLOBALS['config']['IPBANS_FILENAME'], "<?php\n\$GLOBALS['IPBANS']=".var_export($gb,true).";\n?>");
@@ -444,7 +437,7 @@ function ban_canLogin()
         // User is banned. Check if the ban has expired:
         if ($gb['BANS'][$ip]<=time())
         {   // Ban expired, user can try to login again.
-            logm('Ban lifted.');
+            logm($GLOBALS['config']['LOG_FILE'], $_SERVER['REMOTE_ADDR'], 'Ban lifted.');
             unset($gb['FAILURES'][$ip]); unset($gb['BANS'][$ip]);
             file_put_contents($GLOBALS['config']['IPBANS_FILENAME'], "<?php\n\$GLOBALS['IPBANS']=".var_export($gb,true).";\n?>");
             return true; // Ban has expired, user can login.
@@ -480,7 +473,7 @@ if (isset($_POST['login']))
             session_set_cookie_params(0,$cookiedir,$_SERVER['SERVER_NAME']); // 0 means "When browser closes"
             session_regenerate_id(true);
         }
-        
+
         // Optional redirect after login:
         if (isset($_GET['post'])) {
             $uri = '?post='. urlencode($_GET['post']);
@@ -641,7 +634,7 @@ class pageBuilder
             $this->tpl->assign('versionError', '');
 
         } catch (Exception $exc) {
-            logm($exc->getMessage());
+            logm($GLOBALS['config']['LOG_FILE'], $_SERVER['REMOTE_ADDR'], $exc->getMessage());
             $this->tpl->assign('newVersion', '');
             $this->tpl->assign('versionError', escape($exc->getMessage()));
         }
@@ -689,6 +682,18 @@ class pageBuilder
         if ($this->tpl===false) $this->initialize(); // Lazy initialization
         $this->tpl->draw($page);
     }
+
+    /**
+    * Render a 404 page (uses the template : tpl/404.tpl)
+    *
+    * usage : $PAGE->render404('The link was deleted')
+    * @param string $message A messate to display what is not found
+    */
+    public function render404($message='The page you are trying to reach does not exist or has been deleted.') {
+        header($_SERVER['SERVER_PROTOCOL'] . ' 404 Not Found');
+        $this->tpl->assign('error_message', $message);
+        $this->renderPage('404');
+    }
 }
 
 // ------------------------------------------------------------------------------------------
@@ -1766,6 +1771,54 @@ HTML;
         exit;
     }
 
+    // Plugin administration page
+    if ($targetPage == Router::$PAGE_PLUGINSADMIN) {
+        $pluginMeta = $pluginManager->getPluginsMeta();
+
+        // Split plugins into 2 arrays: ordered enabled plugins and disabled.
+        $enabledPlugins = array_filter($pluginMeta, function($v) { return $v['order'] !== false; });
+        // Load parameters.
+        $enabledPlugins = load_plugin_parameter_values($enabledPlugins, $GLOBALS['plugins']);
+        uasort(
+            $enabledPlugins,
+            function($a, $b) { return $a['order'] - $b['order']; }
+        );
+        $disabledPlugins = array_filter($pluginMeta, function($v) { return $v['order'] === false; });
+
+        $PAGE->assign('enabledPlugins', $enabledPlugins);
+        $PAGE->assign('disabledPlugins', $disabledPlugins);
+        $PAGE->renderPage('pluginsadmin');
+        exit;
+    }
+
+    // Plugin administration form action
+    if ($targetPage == Router::$PAGE_SAVE_PLUGINSADMIN) {
+        try {
+            if (isset($_POST['parameters_form'])) {
+                unset($_POST['parameters_form']);
+                foreach ($_POST as $param => $value) {
+                    $GLOBALS['plugins'][$param] = escape($value);
+                }
+            }
+            else {
+                $GLOBALS['config']['ENABLED_PLUGINS'] = save_plugin_config($_POST);
+            }
+            writeConfig($GLOBALS, isLoggedIn());
+        }
+        catch (Exception $e) {
+            error_log(
+                'ERROR while saving plugin configuration:.' . PHP_EOL .
+                $e->getMessage()
+            );
+
+            // TODO: do not handle exceptions/errors in JS.
+            echo '<script>alert("'. $e->getMessage() .'");document.location=\'?do=pluginsadmin\';</script>';
+            exit;
+        }
+        header('Location: ?do='. Router::$PAGE_PLUGINSADMIN);
+        exit;
+    }
+
     // -------- Otherwise, simply display search form and links:
     showLinkList($PAGE, $LINKSDB);
     exit;
@@ -1891,10 +1944,7 @@ function buildLinkList($PAGE,$LINKSDB)
         $linksToDisplay = $LINKSDB->filter($search_type, $search_crits);
 
         if (count($linksToDisplay) == 0) {
-            header($_SERVER['SERVER_PROTOCOL'] . ' 404 Not Found');
-            echo '<h1>404 Not found.</h1>Oh crap.
-                  The link you are trying to reach does not exist or has been deleted.';
-            echo '<br>Would you mind <a href="?">clicking here</a>?';
+            $PAGE->render404('The link you are trying to reach does not exist or has been deleted.');
             exit;
         }
     }