X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=index.php;h=acc3fe495f12e7cad8dda82619cea9446f5bb1d9;hb=067e66acfee19019ea3c1efa7f4ea305259bbd74;hp=1babe952ea74b4c8af52f56f4999ad8c598dd996;hpb=979d6334e75568fd92222ccfd6c9a3f943916d71;p=github%2Fshaarli%2FShaarli.git diff --git a/index.php b/index.php index 1babe952..acc3fe49 100644 --- a/index.php +++ b/index.php @@ -1,9 +1,15 @@ '); // Suffix to encapsulate data in php code. // Force cookie path (but do not change lifetime) $cookie=session_get_cookie_params(); $cookiedir = ''; if(dirname($_SERVER['SCRIPT_NAME'])!='/') $cookiedir=dirname($_SERVER["SCRIPT_NAME"]).'/'; -session_set_cookie_params($cookie['lifetime'],$cookiedir); // Set default cookie expiration and path. +session_set_cookie_params($cookie['lifetime'],$cookiedir,$_SERVER['HTTP_HOST']); // Set default cookie expiration and path. // Set session parameters on server side. define('INACTIVITY_TIMEOUT',3600); // (in seconds). If the user does not access any page within this time, his/her session is considered expired. @@ -83,7 +89,7 @@ if (!is_dir($GLOBALS['config']['DATADIR'])) { mkdir($GLOBALS['config']['DATADIR' if (!is_dir('tmp')) { mkdir('tmp',0705); chmod('tmp',0705); } // For RainTPL temporary files. if (!is_file($GLOBALS['config']['DATADIR'].'/.htaccess')) { file_put_contents($GLOBALS['config']['DATADIR'].'/.htaccess',"Allow from none\nDeny from all\n"); } // Protect data files. // Second check to see if Shaarli can write in its directory, because on some hosts is_writable() is not reliable. -if (!is_file($GLOBALS['config']['DATADIR'].'/.htaccess')) die('
ERROR: Shaarli does not have the right to write in its own directory ('.realpath(dirname(__FILE__)).').'); +if (!is_file($GLOBALS['config']['DATADIR'].'/.htaccess')) die('
ERROR: Shaarli does not have the right to write in its data directory ('.realpath($GLOBALS['config']['DATADIR']).').'); if ($GLOBALS['config']['ENABLE_LOCALCACHE']) { if (!is_dir($GLOBALS['config']['CACHEDIR'])) { mkdir($GLOBALS['config']['CACHEDIR'],0705); chmod($GLOBALS['config']['CACHEDIR'],0705); } @@ -215,7 +221,7 @@ function nl2br_escaped($html) return str_replace('>','>',str_replace('<','<',nl2br($html))); } -/* Returns the small hash of a string +/* Returns the small hash of a string, using RFC 4648 base64url format eg. smallHash('20111006_131924') --> yZH23w Small hashes: - are unique (well, as unique as crc32, at last) @@ -227,10 +233,7 @@ function nl2br_escaped($html) function smallHash($text) { $t = rtrim(base64_encode(hash('crc32',$text,true)),'='); - $t = str_replace('+','-',$t); // Get rid of characters which need encoding in URLs. - $t = str_replace('/','_',$t); - $t = str_replace('=','@',$t); - return $t; + return strtr($t, '+/', '-_'); } // In a string, converts urls to clickable links. @@ -394,14 +397,14 @@ if (isset($_POST['login'])) $_SESSION['expires_on']=time()+$_SESSION['longlastingsession']; // Set session expiration on server-side. $cookiedir = ''; if(dirname($_SERVER['SCRIPT_NAME'])!='/') $cookiedir=dirname($_SERVER["SCRIPT_NAME"]).'/'; - session_set_cookie_params($_SESSION['longlastingsession'],$cookiedir); // Set session cookie expiration on client side + session_set_cookie_params($_SESSION['longlastingsession'],$cookiedir,$_SERVER['HTTP_HOST']); // Set session cookie expiration on client side // Note: Never forget the trailing slash on the cookie path ! session_regenerate_id(true); // Send cookie with new expiration date to browser. } else // Standard session expiration (=when browser closes) { $cookiedir = ''; if(dirname($_SERVER['SCRIPT_NAME'])!='/') $cookiedir=dirname($_SERVER["SCRIPT_NAME"]).'/'; - session_set_cookie_params(0,$cookiedir); // 0 means "When browser closes" + session_set_cookie_params(0,$cookiedir,$_SERVER['HTTP_HOST']); // 0 means "When browser closes" session_regenerate_id(true); } // Optional redirect after login: @@ -433,7 +436,7 @@ function serverUrl() { $https = (!empty($_SERVER['HTTPS']) && (strtolower($_SERVER['HTTPS'])=='on')) || $_SERVER["SERVER_PORT"]=='443'; // HTTPS detection. $serverport = ($_SERVER["SERVER_PORT"]=='80' || ($https && $_SERVER["SERVER_PORT"]=='443') ? '' : ':'.$_SERVER["SERVER_PORT"]); - return 'http'.($https?'s':'').'://'.$_SERVER["SERVER_NAME"].$serverport; + return 'http'.($https?'s':'').'://'.$_SERVER['HTTP_HOST'].$serverport; } // Returns the absolute URL of current script, without the query. @@ -560,7 +563,7 @@ function getHTTP($url,$timeout=30) { try { - $options = array('http'=>array('method'=>'GET','timeout' => $timeout)); // Force network timeout + $options = array('http'=>array('method'=>'GET','timeout' => $timeout, 'user_agent' => 'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:23.0) Gecko/20100101 Firefox/23.0')); // Force network timeout $context = stream_context_create($options); $data=file_get_contents($url,false,$context,-1, 4000000); // We download at most 4 Mb from source. if (!$data) { return array('HTTP Error',array(),''); } @@ -734,7 +737,7 @@ class linkdb implements Iterator, Countable, ArrayAccess $this->links = array(); $link = array('title'=>'Shaarli - sebsauvage.net','url'=>'http://sebsauvage.net/wiki/doku.php?id=php:shaarli','description'=>'Welcome to Shaarli ! This is a bookmark. To edit or delete me, you must first login.','private'=>0,'linkdate'=>'20110914_190000','tags'=>'opensource software'); $this->links[$link['linkdate']] = $link; - $link = array('title'=>'My secret stuff... - Pastebin.com','url'=>'http://pastebin.com/smCEEeSn','description'=>'SShhhh!! I\'m a private link only YOU can see. You can delete me too.','private'=>1,'linkdate'=>'20110914_074522','tags'=>'secretstuff'); + $link = array('title'=>'My secret stuff... - Pastebin.com','url'=>'http://sebsauvage.net/paste/?8434b27936c09649#bR7XsXhoTiLcqCpQbmOpBi3rq2zzQUC5hBI7ZT1O3x8=','description'=>'SShhhh!! I\'m a private link only YOU can see. You can delete me too.','private'=>1,'linkdate'=>'20110914_074522','tags'=>'secretstuff'); $this->links[$link['linkdate']] = $link; file_put_contents($GLOBALS['config']['DATASTORE'], PHPPREFIX.base64_encode(gzdeflate(serialize($this->links))).PHPSUFFIX); // Write database to disk } @@ -870,7 +873,7 @@ class linkdb implements Iterator, Countable, ArrayAccess } // ------------------------------------------------------------------------------------------ -// Ouput the last 50 links in RSS 2.0 format. +// Ouput the last N links in RSS 2.0 format. function showRSS() { header('Content-Type: application/rss+xml; charset=utf-8'); @@ -892,6 +895,11 @@ function showRSS() if (!empty($_GET['searchterm'])) $linksToDisplay = $LINKSDB->filterFulltext($_GET['searchterm']); elseif (!empty($_GET['searchtags'])) $linksToDisplay = $LINKSDB->filterTags(trim($_GET['searchtags'])); else $linksToDisplay = $LINKSDB; + $nblinksToDisplay = 50; // Number of links to display. + if (!empty($_GET['nb'])) // In URL, you can specificy the number of links. Example: nb=200 or nb=all for all links. + { + $nblinksToDisplay = $_GET['nb']=='all' ? count($linksToDisplay) : max($_GET['nb']+0,1) ; + } $pageaddr=htmlspecialchars(indexUrl()); echo '