X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=index.php;h=8f26c3903d154e418c2eb57e2db570e3f45c2725;hb=b68134ac1d6a287e3a5003ccde137dd0c7ecdc52;hp=145ea3f63a51edfda5e082cc1793ef44e30ccb2e;hpb=d029cf67f85c5aac1dc96b35d5e8b5e85aa25cbd;p=github%2Fshaarli%2FShaarli.git
diff --git a/index.php b/index.php
index 145ea3f6..8f26c390 100644
--- a/index.php
+++ b/index.php
@@ -1,8 +1,6 @@
/shaarli/
define('WEB_PATH', substr($_SERVER['REQUEST_URI'], 0, 1+strrpos($_SERVER['REQUEST_URI'], '/', 0)));
@@ -62,7 +59,6 @@ require_once __DIR__ . '/vendor/autoload.php';
require_once 'application/ApplicationUtils.php';
require_once 'application/Cache.php';
require_once 'application/CachedPage.php';
-require_once 'application/config/ConfigManager.php';
require_once 'application/config/ConfigPlugin.php';
require_once 'application/FeedBuilder.php';
require_once 'application/FileUtils.php';
@@ -80,6 +76,7 @@ require_once 'application/PluginManager.php';
require_once 'application/Router.php';
require_once 'application/Updater.php';
use \Shaarli\ThemeUtils;
+use \Shaarli\Config\ConfigManager;
// Ensure the PHP version is supported
try {
@@ -90,6 +87,8 @@ try {
exit;
}
+define('shaarli_version', ApplicationUtils::getVersion(__DIR__ .'/'. ApplicationUtils::$VERSION_FILE));
+
// Force cookie path (but do not change lifetime)
$cookie = session_get_cookie_params();
$cookiedir = '';
@@ -433,7 +432,7 @@ if (isset($_POST['login']))
// Optional redirect after login:
if (isset($_GET['post'])) {
$uri = '?post='. urlencode($_GET['post']);
- foreach (array('description', 'source', 'title') as $param) {
+ foreach (array('description', 'source', 'title', 'tags') as $param) {
if (!empty($_GET[$param])) {
$uri .= '&'.$param.'='.urlencode($_GET[$param]);
}
@@ -462,7 +461,7 @@ if (isset($_POST['login']))
$redir = '&username='. $_POST['login'];
if (isset($_GET['post'])) {
$redir .= '&post=' . urlencode($_GET['post']);
- foreach (array('description', 'source', 'title') as $param) {
+ foreach (array('description', 'source', 'title', 'tags') as $param) {
if (!empty($_GET[$param])) {
$redir .= '&' . $param . '=' . urlencode($_GET[$param]);
}
@@ -473,34 +472,6 @@ if (isset($_POST['login']))
}
}
-// ------------------------------------------------------------------------------------------
-// Misc utility functions:
-
-// Convert post_max_size/upload_max_filesize (e.g. '16M') parameters to bytes.
-function return_bytes($val)
-{
- $val = trim($val); $last=strtolower($val[strlen($val)-1]);
- switch($last)
- {
- case 'g': $val *= 1024;
- case 'm': $val *= 1024;
- case 'k': $val *= 1024;
- }
- return $val;
-}
-
-// Try to determine max file size for uploads (POST).
-// Returns an integer (in bytes)
-function getMaxFileSize()
-{
- $size1 = return_bytes(ini_get('post_max_size'));
- $size2 = return_bytes(ini_get('upload_max_filesize'));
- // Return the smaller of two:
- $maxsize = min($size1,$size2);
- // FIXME: Then convert back to readable notations ? (e.g. 2M instead of 2000000)
- return $maxsize;
-}
-
// ------------------------------------------------------------------------------------------
// Token management for XSRF protection
// Token should be used in any form which acts on data (create,update,delete,import...).
@@ -696,9 +667,11 @@ function showDaily($pageBuilder, $LINKSDB, $conf, $pluginManager)
$dayDate = DateTime::createFromFormat(LinkDB::LINK_DATE_FORMAT, $day.'_000000');
$data = array(
+ 'pagetitle' => $conf->get('general.title') .' - '. format_date($dayDate, false),
'linksToDisplay' => $linksToDisplay,
'cols' => $columns,
'day' => $dayDate->getTimestamp(),
+ 'dayDate' => $dayDate,
'previousday' => $previousday,
'nextday' => $nextday,
);
@@ -1045,7 +1018,13 @@ function renderPage($conf, $pluginManager, $LINKSDB)
// Show login screen, then redirect to ?post=...
if (isset($_GET['post']))
{
- header('Location: ?do=login&post='.urlencode($_GET['post']).(!empty($_GET['title'])?'&title='.urlencode($_GET['title']):'').(!empty($_GET['description'])?'&description='.urlencode($_GET['description']):'').(!empty($_GET['source'])?'&source='.urlencode($_GET['source']):'')); // Redirect to login page, then back to post link.
+ header( // Redirect to login page, then back to post link.
+ 'Location: ?do=login&post='.urlencode($_GET['post']).
+ (!empty($_GET['title'])?'&title='.urlencode($_GET['title']):'').
+ (!empty($_GET['description'])?'&description='.urlencode($_GET['description']):'').
+ (!empty($_GET['tags'])?'&tags='.urlencode($_GET['tags']):'').
+ (!empty($_GET['source'])?'&source='.urlencode($_GET['source']):'')
+ );
exit;
}
@@ -1142,7 +1121,7 @@ function renderPage($conf, $pluginManager, $LINKSDB)
$conf->set('feed.rss_permalinks', !empty($_POST['enableRssPermalinks']));
$conf->set('updates.check_updates', !empty($_POST['updateCheck']));
$conf->set('privacy.hide_public_links', !empty($_POST['hidePublicLinks']));
- $conf->set('api.enabled', !empty($_POST['apiEnabled']));
+ $conf->set('api.enabled', !empty($_POST['enableApi']));
$conf->set('api.secret', escape($_POST['apiSecret']));
try {
$conf->write(isLoggedIn());
@@ -1208,7 +1187,7 @@ function renderPage($conf, $pluginManager, $LINKSDB)
$LINKSDB[$key]=$value;
}
$LINKSDB->save($conf->get('resource.page_cache'));
- echo '';
+ echo '';
exit;
}
@@ -1246,7 +1225,7 @@ function renderPage($conf, $pluginManager, $LINKSDB)
}
// lf_id should only be present if the link exists.
- $id = !empty($_POST['lf_id']) ? intval(escape($_POST['lf_id'])) : $LINKSDB->getNextId();
+ $id = isset($_POST['lf_id']) ? intval(escape($_POST['lf_id'])) : $LINKSDB->getNextId();
// Linkdate is kept here to:
// - use the same permalink for notes as they're displayed when creating them
// - let users hack creation date of their posts
@@ -1319,9 +1298,13 @@ function renderPage($conf, $pluginManager, $LINKSDB)
// -------- User clicked the "Cancel" button when editing a link.
if (isset($_POST['cancel_edit']))
{
+ $id = isset($_POST['lf_id']) ? (int) escape($_POST['lf_id']) : false;
+ if (! isset($LINKSDB[$id])) {
+ header('Location: ?');
+ }
// If we are called from the bookmarklet, we must close the popup:
if (isset($_GET['source']) && ($_GET['source']=='bookmarklet' || $_GET['source']=='firefoxsocialapi')) { echo ''; exit; }
- $link = $LINKSDB[(int) escape($_POST['lf_id'])];
+ $link = $LINKSDB[$id];
$returnurl = ( isset($_POST['returnurl']) ? $_POST['returnurl'] : '?' );
// Scroll to the link which has been edited.
$returnurl .= '#'. $link['shorturl'];
@@ -1349,31 +1332,15 @@ function renderPage($conf, $pluginManager, $LINKSDB)
// If we are called from the bookmarklet, we must close the popup:
if (isset($_GET['source']) && ($_GET['source']=='bookmarklet' || $_GET['source']=='firefoxsocialapi')) { echo ''; exit; }
- // Pick where we're going to redirect
- // =============================================================
- // Basically, we can't redirect to where we were previously if it was a permalink
- // or an edit_link, because it would 404.
- // Cases:
- // - / : nothing in $_GET, redirect to self
- // - /?page : redirect to self
- // - /?searchterm : redirect to self (there might be other links)
- // - /?searchtags : redirect to self
- // - /permalink : redirect to / (the link does not exist anymore)
- // - /?edit_link : redirect to / (the link does not exist anymore)
- // PHP treats the permalink as a $_GET variable, so we need to check if every condition for self
- // redirect is not satisfied, and only then redirect to /
- $location = "?";
- // Self redirection
- if (count($_GET) == 0
- || isset($_GET['page'])
- || isset($_GET['searchterm'])
- || isset($_GET['searchtags'])
- ) {
- if (isset($_POST['returnurl'])) {
- $location = $_POST['returnurl']; // Handle redirects given by the form
- } else if (isset($_SERVER['HTTP_REFERER'])) {
- $location = generateLocation($_SERVER['HTTP_REFERER'], $_SERVER['HTTP_HOST'], array('delete_link'));
- }
+
+ $location = '?';
+ if (isset($_SERVER['HTTP_REFERER'])) {
+ // Don't redirect to where we were previously if it was a permalink or an edit_link, because it would 404.
+ $location = generateLocation(
+ $_SERVER['HTTP_REFERER'],
+ $_SERVER['HTTP_HOST'],
+ ['delete_link', 'edit_link', $link['shorturl']]
+ );
}
header('Location: ' . $location); // After deleting the link, redirect to appropriate location
@@ -1522,7 +1489,7 @@ function renderPage($conf, $pluginManager, $LINKSDB)
if (! isset($_POST['token']) || ! isset($_FILES['filetoupload'])) {
// Show import dialog
- $PAGE->assign('maxfilesize', getMaxFileSize());
+ $PAGE->assign('maxfilesize', get_max_upload_size(ini_get('post_max_size'), ini_get('upload_max_filesize')));
$PAGE->renderPage('import');
exit;
}
@@ -1532,7 +1499,7 @@ function renderPage($conf, $pluginManager, $LINKSDB)
// The file is too big or some form field may be missing.
echo '';
exit;
@@ -1544,7 +1511,7 @@ function renderPage($conf, $pluginManager, $LINKSDB)
$_POST,
$_FILES,
$LINKSDB,
- $conf->get('resource.page_cache')
+ $conf
);
echo '';
@@ -1630,8 +1597,8 @@ function buildLinkList($PAGE,$LINKSDB, $conf, $pluginManager)
}
} else {
// Filter links according search parameters.
- $privateonly = !empty($_SESSION['privateonly']);
- $linksToDisplay = $LINKSDB->filterSearch($_GET, false, $privateonly);
+ $visibility = ! empty($_SESSION['privateonly']) ? 'private' : 'all';
+ $linksToDisplay = $LINKSDB->filterSearch($_GET, false, $visibility);
}
// ---- Handle paging.
@@ -1698,6 +1665,7 @@ function buildLinkList($PAGE,$LINKSDB, $conf, $pluginManager)
'result_count' => count($linksToDisplay),
'search_term' => $searchterm,
'search_tags' => $searchtags,
+ 'visibility' => ! empty($_SESSION['privateonly']) ? 'private' : '',
'redirector' => $conf->get('redirector.url'), // Optional redirector URL.
'links' => $linkDisp,
'tags' => $LINKSDB->allTags(),
@@ -2246,14 +2214,16 @@ $app = new \Slim\App($container);
// REST API routes
$app->group('/api/v1', function() {
- $this->get('/info', '\Shaarli\Api\Controllers\Info:getInfo');
- $this->get('/links', '\Shaarli\Api\Controllers\Links:getLinks');
+ $this->get('/info', '\Shaarli\Api\Controllers\Info:getInfo')->setName('getInfo');
+ $this->get('/links', '\Shaarli\Api\Controllers\Links:getLinks')->setName('getLinks');
+ $this->get('/links/{id:[\d]+}', '\Shaarli\Api\Controllers\Links:getLink')->setName('getLink');
+ $this->post('/links', '\Shaarli\Api\Controllers\Links:postLink')->setName('postLink');
})->add('\Shaarli\Api\ApiMiddleware');
$response = $app->run(true);
// Hack to make Slim and Shaarli router work together:
-// If a Slim route isn't found, we call renderPage().
-if ($response->getStatusCode() == 404) {
+// If a Slim route isn't found and NOT API call, we call renderPage().
+if ($response->getStatusCode() == 404 && strpos($_SERVER['REQUEST_URI'], '/api/v1') === false) {
// We use UTF-8 for proper international characters handling.
header('Content-Type: text/html; charset=utf-8');
renderPage($conf, $pluginManager, $linkDb);