X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=index.php;h=b594287c90220ca87739925af766c0537b87f876;hb=bbc6e66ad47ebc134affd6f6bf1869bb1c73c9ca;hp=9b628c6beac0a9f43bcedc34a42ae8c4e45ad6b3;hpb=cb49ab945f9fe33d2ceb05c97bc2ddbdbcccc7c2;p=github%2Fshaarli%2FShaarli.git diff --git a/index.php b/index.php index 9b628c6b..b594287c 100644 --- a/index.php +++ b/index.php @@ -1,9 +1,9 @@ '); // Suffix to encapsulate data in php code. +define('shaarli_version','0.0.42 beta'); +define('PHPPREFIX',''); // Suffix to encapsulate data in PHP code. +// http://server.com/x/shaarli --> /shaarli/ +define('WEB_PATH', substr($_SERVER["REQUEST_URI"], 0, 1+strrpos($_SERVER["REQUEST_URI"], '/', 0))); // Force cookie path (but do not change lifetime) $cookie=session_get_cookie_params(); $cookiedir = ''; if(dirname($_SERVER['SCRIPT_NAME'])!='/') $cookiedir=dirname($_SERVER["SCRIPT_NAME"]).'/'; -session_set_cookie_params($cookie['lifetime'],$cookiedir,$_SERVER['SERVER_NAME']); // Set default cookie expiration and path. +session_set_cookie_params($cookie['lifetime'],$cookiedir,$_SERVER['HTTP_HOST']); // Set default cookie expiration and path. // Set session parameters on server side. define('INACTIVITY_TIMEOUT',3600); // (in seconds). If the user does not access any page within this time, his/her session is considered expired. ini_set('session.use_cookies', 1); // Use cookies to store session. -ini_set('session.use_only_cookies', 1); // Force cookies for session (phpsessionID forbidden in URL) -ini_set('session.use_trans_sid', false); // Prevent php to use sessionID in URL if cookies are disabled. +ini_set('session.use_only_cookies', 1); // Force cookies for session (phpsessionID forbidden in URL). +ini_set('session.use_trans_sid', false); // Prevent PHP form using sessionID in URL if cookies are disabled. session_name('shaarli'); if (session_id() == '') session_start(); // Start session if needed (Some server auto-start sessions). @@ -61,9 +65,8 @@ error_reporting(E_ALL^E_WARNING); // See all error except warnings. //error_reporting(-1); // See all errors (for debugging only) include "inc/rain.tpl.class.php"; //include Rain TPL -raintpl::$tpl_dir = "tpl/"; // template directory -if (!is_dir('tmp')) { mkdir('tmp',0705); chmod('tmp',0705); } -raintpl::$cache_dir = "tmp/"; // cache directory +raintpl::$tpl_dir = $GLOBALS['config']['RAINTPL_TPL']; // template directory +raintpl::$cache_dir = $GLOBALS['config']['RAINTPL_TMP']; // cache directory ob_start(); // Output buffering for the page cache. @@ -83,18 +86,8 @@ header("Cache-Control: no-store, no-cache, must-revalidate"); header("Cache-Control: post-check=0, pre-check=0", false); header("Pragma: no-cache"); -// Directories creations (Note that your web host may require differents rights than 705.) +// Directories creations (Note that your web host may require different rights than 705.) if (!is_writable(realpath(dirname(__FILE__)))) die('
ERROR: Shaarli does not have the right to write in its own directory ('.realpath(dirname(__FILE__)).').'); -if (!is_dir($GLOBALS['config']['DATADIR'])) { mkdir($GLOBALS['config']['DATADIR'],0705); chmod($GLOBALS['config']['DATADIR'],0705); } -if (!is_dir('tmp')) { mkdir('tmp',0705); chmod('tmp',0705); } // For RainTPL temporary files. -if (!is_file($GLOBALS['config']['DATADIR'].'/.htaccess')) { file_put_contents($GLOBALS['config']['DATADIR'].'/.htaccess',"Allow from none\nDeny from all\n"); } // Protect data files. -// Second check to see if Shaarli can write in its directory, because on some hosts is_writable() is not reliable. -if (!is_file($GLOBALS['config']['DATADIR'].'/.htaccess')) die('
ERROR: Shaarli does not have the right to write in its own directory ('.realpath(dirname(__FILE__)).').'); -if ($GLOBALS['config']['ENABLE_LOCALCACHE']) -{ - if (!is_dir($GLOBALS['config']['CACHEDIR'])) { mkdir($GLOBALS['config']['CACHEDIR'],0705); chmod($GLOBALS['config']['CACHEDIR'],0705); } - if (!is_file($GLOBALS['config']['CACHEDIR'].'/.htaccess')) { file_put_contents($GLOBALS['config']['CACHEDIR'].'/.htaccess',"Allow from none\nDeny from all\n"); } // Protect data files. -} // Handling of old config file which do not have the new parameters. if (empty($GLOBALS['title'])) $GLOBALS['title']='Shared links on '.htmlspecialchars(indexUrl()); @@ -103,6 +96,7 @@ if (empty($GLOBALS['redirector'])) $GLOBALS['redirector']=''; if (empty($GLOBALS['disablesessionprotection'])) $GLOBALS['disablesessionprotection']=false; if (empty($GLOBALS['disablejquery'])) $GLOBALS['disablejquery']=false; if (empty($GLOBALS['privateLinkByDefault'])) $GLOBALS['privateLinkByDefault']=false; +if (empty($GLOBALS['titleLink'])) $GLOBALS['titleLink']='?'; // I really need to rewrite Shaarli with a proper configuation manager. // Run config screen if first run: @@ -110,17 +104,19 @@ if (!is_file($GLOBALS['config']['CONFIG_FILE'])) install(); require $GLOBALS['config']['CONFIG_FILE']; // Read login/password hash into $GLOBALS. +// a token depending of deployment salt, user password, and the current ip +define('STAY_SIGNED_IN_TOKEN', sha1($GLOBALS['hash'].$_SERVER["REMOTE_ADDR"].$GLOBALS['salt'])); autoLocale(); // Sniff browser language and set date format accordingly. header('Content-Type: text/html; charset=utf-8'); // We use UTF-8 for proper international characters handling. -// Check php version +// Check PHP version function checkphpversion() { if (version_compare(PHP_VERSION, '5.1.0') < 0) { header('Content-Type: text/plain; charset=utf-8'); - echo 'Your server supports php '.PHP_VERSION.'. Shaarli requires at least php 5.1.0, and thus cannot run. Sorry.'; + echo 'Your server supports PHP '.PHP_VERSION.'. Shaarli requires at least php 5.1.0, and thus cannot run. Sorry.'; exit; } } @@ -139,7 +135,7 @@ function checkUpdate() $version=shaarli_version; list($httpstatus,$headers,$data) = getHTTP('http://sebsauvage.net/files/shaarli_version.txt',2); if (strpos($httpstatus,'200 OK')!==false) $version=$data; - // If failed, nevermind. We don't want to bother the user with that. + // If failed, never mind. We don't want to bother the user with that. file_put_contents($GLOBALS['config']['UPDATECHECK_FILENAME'],$version); // touch file date } // Compare versions: @@ -155,11 +151,11 @@ function checkUpdate() class pageCache { private $url; // Full URL of the page to cache (typically the value returned by pageUrl()) - private $shouldBeCached; // boolean: Should this url be cached ? - private $filename; // Name of the cache file for this url + private $shouldBeCached; // boolean: Should this url be cached? + private $filename; // Name of the cache file for this url. /* - $url = url (typically the value returned by pageUrl()) + $url = URL (typically the value returned by pageUrl()) $shouldBeCached = boolean. If false, the cache will be disabled. */ public function __construct($url,$shouldBeCached) @@ -182,7 +178,6 @@ class pageCache public function cache($page) { if (!$this->shouldBeCached) return; - if (!is_dir($GLOBALS['config']['PAGECACHE'])) { mkdir($GLOBALS['config']['PAGECACHE'],0705); chmod($GLOBALS['config']['PAGECACHE'],0705); } file_put_contents($this->filename,$page); } @@ -221,8 +216,8 @@ function nl2br_escaped($html) return str_replace('>','>',str_replace('<','<',nl2br($html))); } -/* Returns the small hash of a string - eg. smallHash('20111006_131924') --> yZH23w +/* Returns the small hash of a string, using RFC 4648 base64url format + e.g. smallHash('20111006_131924') --> yZH23w Small hashes: - are unique (well, as unique as crc32, at last) - are always 6 characters long. @@ -233,13 +228,10 @@ function nl2br_escaped($html) function smallHash($text) { $t = rtrim(base64_encode(hash('crc32',$text,true)),'='); - $t = str_replace('+','-',$t); // Get rid of characters which need encoding in URLs. - $t = str_replace('/','_',$t); - $t = str_replace('=','@',$t); - return $t; + return strtr($t, '+/', '-_'); } -// In a string, converts urls to clickable links. +// In a string, converts URLs to clickable links. // Function inspired from http://www.php.net/manual/en/function.preg-replace.php#85722 function text2clickable($url) { @@ -260,8 +252,8 @@ function keepMultipleSpaces($text) function autoLocale() { $loc='en_US'; // Default if browser does not send HTTP_ACCEPT_LANGUAGE - if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) // eg. "fr,fr-fr;q=0.8,en;q=0.5,en-us;q=0.3" - { // (It's a bit crude, but it works very well. Prefered language is always presented first.) + if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) // e.g. "fr,fr-fr;q=0.8,en;q=0.5,en-us;q=0.3" + { // (It's a bit crude, but it works very well. Preferred language is always presented first.) if (preg_match('/([a-z]{2}(-[a-z]{2})?)/i',$_SERVER['HTTP_ACCEPT_LANGUAGE'],$matches)) $loc=$matches[1]; } setlocale(LC_TIME,$loc); // LC_TIME = Set local for date/time format only. @@ -297,16 +289,20 @@ function allIPs() return $ip; } +function fillSessionInfo() { + $_SESSION['uid'] = sha1(uniqid('',true).'_'.mt_rand()); // Generate unique random number (different than phpsessionid) + $_SESSION['ip']=allIPs(); // We store IP address(es) of the client to make sure session is not hijacked. + $_SESSION['username']=$GLOBALS['login']; + $_SESSION['expires_on']=time()+INACTIVITY_TIMEOUT; // Set session expiration. +} + // Check that user/password is correct. function check_auth($login,$password) { $hash = sha1($password.$login.$GLOBALS['salt']); if ($login==$GLOBALS['login'] && $hash==$GLOBALS['hash']) { // Login/password is correct. - $_SESSION['uid'] = sha1(uniqid('',true).'_'.mt_rand()); // generate unique random number (different than phpsessionid) - $_SESSION['ip']=allIPs(); // We store IP address(es) of the client to make sure session is not hijacked. - $_SESSION['username']=$login; - $_SESSION['expires_on']=time()+INACTIVITY_TIMEOUT; // Set session expiration. + fillSessionInfo(); logm('Login successful'); return True; } @@ -321,6 +317,11 @@ function isLoggedIn() if (!isset($GLOBALS['login'])) return false; // Shaarli is not configured yet. + if (@$_COOKIE['shaarli_staySignedIn']===STAY_SIGNED_IN_TOKEN) + { + fillSessionInfo(); + return true; + } // If session does not exist on server side, or IP address has changed, or session has expired, logout. if (empty($_SESSION['uid']) || ($GLOBALS['disablesessionprotection']==false && $_SESSION['ip']!=allIPs()) || time()>=$_SESSION['expires_on']) { @@ -334,7 +335,9 @@ function isLoggedIn() } // Force logout. -function logout() { if (isset($_SESSION)) { unset($_SESSION['uid']); unset($_SESSION['ip']); unset($_SESSION['username']); unset($_SESSION['privateonly']); } } +function logout() { if (isset($_SESSION)) { unset($_SESSION['uid']); unset($_SESSION['ip']); unset($_SESSION['username']); unset($_SESSION['privateonly']); } +setcookie('shaarli_staySignedIn', FALSE, 0, WEB_PATH); +} // ------------------------------------------------------------------------------------------ @@ -391,27 +394,28 @@ if (isset($_POST['login'])) { if (!ban_canLogin()) die('I said: NO. You are banned for the moment. Go away.'); if (isset($_POST['password']) && tokenOk($_POST['token']) && (check_auth($_POST['login'], $_POST['password']))) - { // Login/password is ok. + { // Login/password is OK. ban_loginOk(); // If user wants to keep the session cookie even after the browser closes: if (!empty($_POST['longlastingsession'])) { + setcookie('shaarli_staySignedIn', STAY_SIGNED_IN_TOKEN, time()+31536000, WEB_PATH); $_SESSION['longlastingsession']=31536000; // (31536000 seconds = 1 year) $_SESSION['expires_on']=time()+$_SESSION['longlastingsession']; // Set session expiration on server-side. $cookiedir = ''; if(dirname($_SERVER['SCRIPT_NAME'])!='/') $cookiedir=dirname($_SERVER["SCRIPT_NAME"]).'/'; - session_set_cookie_params($_SESSION['longlastingsession'],$cookiedir,$_SERVER['SERVER_NAME']); // Set session cookie expiration on client side - // Note: Never forget the trailing slash on the cookie path ! + session_set_cookie_params($_SESSION['longlastingsession'],$cookiedir,$_SERVER['HTTP_HOST']); // Set session cookie expiration on client side + // Note: Never forget the trailing slash on the cookie path! session_regenerate_id(true); // Send cookie with new expiration date to browser. } else // Standard session expiration (=when browser closes) { $cookiedir = ''; if(dirname($_SERVER['SCRIPT_NAME'])!='/') $cookiedir=dirname($_SERVER["SCRIPT_NAME"]).'/'; - session_set_cookie_params(0,$cookiedir,$_SERVER['SERVER_NAME']); // 0 means "When browser closes" + session_set_cookie_params(0,$cookiedir,$_SERVER['HTTP_HOST']); // 0 means "When browser closes" session_regenerate_id(true); } // Optional redirect after login: - if (isset($_GET['post'])) { header('Location: ?post='.urlencode($_GET['post']).(!empty($_GET['title'])?'&title='.urlencode($_GET['title']):'').(!empty($_GET['source'])?'&source='.urlencode($_GET['source']):'')); exit; } + if (isset($_GET['post'])) { header('Location: ?post='.urlencode($_GET['post']).(!empty($_GET['title'])?'&title='.urlencode($_GET['title']):'').(!empty($_GET['description'])?'&description='.urlencode($_GET['description']):'').(!empty($_GET['source'])?'&source='.urlencode($_GET['source']):'')); exit; } if (isset($_POST['returnurl'])) { if (endsWith($_POST['returnurl'],'?do=login')) { header('Location: ?'); exit; } // Prevent loops over login screen. @@ -423,7 +427,7 @@ if (isset($_POST['login'])) { ban_loginFailed(); $redir = ''; - if (isset($_GET['post'])) { $redir = '&post='.urlencode($_GET['post']).(!empty($_GET['title'])?'&title='.urlencode($_GET['title']):'').(!empty($_GET['source'])?'&source='.urlencode($_GET['source']):''); } + if (isset($_GET['post'])) { $redir = '&post='.urlencode($_GET['post']).(!empty($_GET['title'])?'&title='.urlencode($_GET['title']):'').(!empty($_GET['description'])?'&description='.urlencode($_GET['description']):'').(!empty($_GET['source'])?'&source='.urlencode($_GET['source']):''); } echo ''; // Redirect to login screen. exit; } @@ -433,34 +437,34 @@ if (isset($_POST['login'])) // Misc utility functions: // Returns the server URL (including port and http/https), without path. -// eg. "http://myserver.com:8080" +// e.g. "http://myserver.com:8080" // You can append $_SERVER['SCRIPT_NAME'] to get the current script URL. function serverUrl() { $https = (!empty($_SERVER['HTTPS']) && (strtolower($_SERVER['HTTPS'])=='on')) || $_SERVER["SERVER_PORT"]=='443'; // HTTPS detection. $serverport = ($_SERVER["SERVER_PORT"]=='80' || ($https && $_SERVER["SERVER_PORT"]=='443') ? '' : ':'.$_SERVER["SERVER_PORT"]); - return 'http'.($https?'s':'').'://'.$_SERVER["SERVER_NAME"].$serverport; + return 'http'.($https?'s':'').'://'.$_SERVER['HTTP_HOST'].$serverport; } // Returns the absolute URL of current script, without the query. -// (eg. http://sebsauvage.net/links/) +// (e.g. http://sebsauvage.net/links/) function indexUrl() { $scriptname = $_SERVER["SCRIPT_NAME"]; // If the script is named 'index.php', we remove it (for better looking URLs, - // eg. http://mysite.com/shaarli/?abcde instead of http://mysite.com/shaarli/index.php?abcde) + // e.g. http://mysite.com/shaarli/?abcde instead of http://mysite.com/shaarli/index.php?abcde) if (endswith($scriptname,'index.php')) $scriptname = substr($scriptname,0,strlen($scriptname)-9); return serverUrl() . $scriptname; } // Returns the absolute URL of current script, WITH the query. -// (eg. http://sebsauvage.net/links/?toto=titi&spamspamspam=humbug) +// (e.g. http://sebsauvage.net/links/?toto=titi&spamspamspam=humbug) function pageUrl() { return indexUrl().(!empty($_SERVER["QUERY_STRING"]) ? '?'.$_SERVER["QUERY_STRING"] : ''); } -// Convert post_max_size/upload_max_filesize (eg.'16M') parameters to bytes. +// Convert post_max_size/upload_max_filesize (e.g. '16M') parameters to bytes. function return_bytes($val) { $val = trim($val); $last=strtolower($val[strlen($val)-1]); @@ -481,7 +485,7 @@ function getMaxFileSize() $size2 = return_bytes(ini_get('upload_max_filesize')); // Return the smaller of two: $maxsize = min($size1,$size2); - // FIXME: Then convert back to readable notations ? (eg. 2M instead of 2000000) + // FIXME: Then convert back to readable notations ? (e.g. 2M instead of 2000000) return $maxsize; } @@ -529,7 +533,7 @@ function linkdate2iso8601($linkdate) function linkdate2locale($linkdate) { return utf8_encode(strftime('%c',linkdate2timestamp($linkdate))); // %c is for automatic date format according to locale. - // Note that if you use a local which is not installed on your webserver, + // Note that if you use a locale which is not installed on your webserver, // the date will not be displayed in the chosen locale, but probably in US notation. } @@ -551,10 +555,10 @@ function http_parse_headers_shaarli( $headers ) } /* GET an URL. - Input: $url : url to get (http://...) + Input: $url : URL to get (http://...) $timeout : Network timeout (will wait this many seconds for an anwser before giving up). - Output: An array. [0] = HTTP status message (eg. "HTTP/1.1 200 OK") or error message - [1] = associative array containing HTTP response headers (eg. echo getHTTP($url)[1]['Content-Type']) + Output: An array. [0] = HTTP status message (e.g. "HTTP/1.1 200 OK") or error message + [1] = associative array containing HTTP response headers (e.g. echo getHTTP($url)[1]['Content-Type']) [2] = data Example: list($httpstatus,$headers,$data) = getHTTP('http://sebauvage.net/'); if (strpos($httpstatus,'200 OK')!==false) @@ -566,15 +570,15 @@ function getHTTP($url,$timeout=30) { try { - $options = array('http'=>array('method'=>'GET','timeout' => $timeout)); // Force network timeout + $options = array('http'=>array('method'=>'GET','timeout' => $timeout, 'user_agent' => 'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:23.0) Gecko/20100101 Firefox/23.0')); // Force network timeout $context = stream_context_create($options); $data=file_get_contents($url,false,$context,-1, 4000000); // We download at most 4 Mb from source. if (!$data) { return array('HTTP Error',array(),''); } - $httpStatus=$http_response_header[0]; // eg. "HTTP/1.1 200 OK" + $httpStatus=$http_response_header[0]; // e.g. "HTTP/1.1 200 OK" $responseHeaders=http_parse_headers_shaarli($http_response_header); return array($httpStatus,$responseHeaders,$data); } - catch (Exception $e) // getHTTP *can* fail silentely (we don't care if the title cannot be fetched) + catch (Exception $e) // getHTTP *can* fail silently (we don't care if the title cannot be fetched) { return array($e->getMessage(),'',''); } @@ -600,14 +604,14 @@ function getToken() return $rnd; } -// Tells if a token is ok. Using this function will destroy the token. -// true=token is ok. +// Tells if a token is OK. Using this function will destroy the token. +// true=token is OK. function tokenOk($token) { if (isset($_SESSION['tokens'][$token])) { unset($_SESSION['tokens'][$token]); // Token is used: destroy it. - return true; // Token is ok. + return true; // Token is OK. } return false; // Wrong token, or already used. } @@ -642,8 +646,9 @@ class pageBuilder $this->tpl->assign('version',shaarli_version); $this->tpl->assign('scripturl',indexUrl()); $this->tpl->assign('pagetitle','Shaarli'); - $this->tpl->assign('privateonly',!empty($_SESSION['privateonly'])); // Show only private links ? + $this->tpl->assign('privateonly',!empty($_SESSION['privateonly'])); // Show only private links? if (!empty($GLOBALS['title'])) $this->tpl->assign('pagetitle',$GLOBALS['title']); + if (!empty($GLOBALS['titleLink'])) $this->tpl->assign('titleLink',$GLOBALS['titleLink']); if (!empty($GLOBALS['pagetitle'])) $this->tpl->assign('pagetitle',$GLOBALS['pagetitle']); $this->tpl->assign('shaarlititle',empty($GLOBALS['title']) ? 'Shaarli': $GLOBALS['title'] ); return; @@ -657,7 +662,7 @@ class pageBuilder } // Render a specific page (using a template). - // eg. pb.renderPage('picwall') + // e.g. pb.renderPage('picwall') public function renderPage($page) { if ($this->tpl===false) $this->initialize(); // Lazy initialization @@ -676,10 +681,10 @@ class pageBuilder Available keys: title : Title of the link - url : URL of the link. Can be absolute or relative. Relative URLs are permalinks (eg.'?m-ukcw') + url : URL of the link. Can be absolute or relative. Relative URLs are permalinks (e.g.'?m-ukcw') description : description of the entry - private : Is this link private ? 0=no, other value=yes - linkdate : date of the creation of this entry, in the form YYYYMMDD_HHMMSS (eg.'20110914_192317') + private : Is this link private? 0=no, other value=yes + linkdate : date of the creation of this entry, in the form YYYYMMDD_HHMMSS (e.g.'20110914_192317') tags : tags attached to this entry (separated by spaces) We implement 3 interfaces: @@ -689,15 +694,15 @@ class pageBuilder */ class linkdb implements Iterator, Countable, ArrayAccess { - private $links; // List of links (associative array. Key=linkdate (eg. "20110823_124546"), value= associative array (keys:title,description...) + private $links; // List of links (associative array. Key=linkdate (e.g. "20110823_124546"), value= associative array (keys:title,description...) private $urls; // List of all recorded URLs (key=url, value=linkdate) for fast reserve search (url-->linkdate) private $keys; // List of linkdate keys (for the Iterator interface implementation) private $position; // Position in the $this->keys array. (for the Iterator interface implementation.) - private $loggedin; // Is the used logged in ? (used to filter private links) + private $loggedin; // Is the user logged in? (used to filter private links) // Constructor: function __construct($isLoggedIn) - // Input : $isLoggedIn : is the used logged in ? + // Input : $isLoggedIn : is the user logged in? { $this->loggedin = $isLoggedIn; $this->checkdb(); // Make sure data file exists. @@ -711,7 +716,7 @@ class linkdb implements Iterator, Countable, ArrayAccess public function offsetSet($offset, $value) { if (!$this->loggedin) die('You are not authorized to add a link.'); - if (empty($value['linkdate']) || empty($value['url'])) die('Internal Error: A link should always have a linkdate and url.'); + if (empty($value['linkdate']) || empty($value['url'])) die('Internal Error: A link should always have a linkdate and URL.'); if (empty($offset)) die('You must specify a key.'); $this->links[$offset] = $value; $this->urls[$value['url']]=$offset; @@ -740,7 +745,7 @@ class linkdb implements Iterator, Countable, ArrayAccess $this->links = array(); $link = array('title'=>'Shaarli - sebsauvage.net','url'=>'http://sebsauvage.net/wiki/doku.php?id=php:shaarli','description'=>'Welcome to Shaarli ! This is a bookmark. To edit or delete me, you must first login.','private'=>0,'linkdate'=>'20110914_190000','tags'=>'opensource software'); $this->links[$link['linkdate']] = $link; - $link = array('title'=>'My secret stuff... - Pastebin.com','url'=>'http://pastebin.com/smCEEeSn','description'=>'SShhhh!! I\'m a private link only YOU can see. You can delete me too.','private'=>1,'linkdate'=>'20110914_074522','tags'=>'secretstuff'); + $link = array('title'=>'My secret stuff... - Pastebin.com','url'=>'http://sebsauvage.net/paste/?8434b27936c09649#bR7XsXhoTiLcqCpQbmOpBi3rq2zzQUC5hBI7ZT1O3x8=','description'=>'SShhhh!! I\'m a private link only YOU can see. You can delete me too.','private'=>1,'linkdate'=>'20110914_074522','tags'=>'secretstuff'); $this->links[$link['linkdate']] = $link; file_put_contents($GLOBALS['config']['DATASTORE'], PHPPREFIX.base64_encode(gzdeflate(serialize($this->links))).PHPSUFFIX); // Write database to disk } @@ -774,19 +779,19 @@ class linkdb implements Iterator, Countable, ArrayAccess invalidateCaches(); } - // Returns the link for a given URL (if it exists). false it does not exist. + // Returns the link for a given URL (if it exists). False if it does not exist. public function getLinkFromUrl($url) { if (isset($this->urls[$url])) return $this->links[$this->urls[$url]]; return false; } - // Case insentitive search among links (in url, title and description). Returns filtered list of links. - // eg. print_r($mydb->filterFulltext('hollandais')); + // Case insensitive search among links (in the URLs, title and description). Returns filtered list of links. + // e.g. print_r($mydb->filterFulltext('hollandais')); public function filterFulltext($searchterms) { // FIXME: explode(' ',$searchterms) and perform a AND search. - // FIXME: accept double-quotes to search for a string "as is" ? + // FIXME: accept double-quotes to search for a string "as is"? $filtered=array(); $s = strtolower($searchterms); foreach($this->links as $l) @@ -803,7 +808,7 @@ class linkdb implements Iterator, Countable, ArrayAccess // Filter by tag. // You can specify one or more tags (tags can be separated by space or comma). - // eg. print_r($mydb->filterTags('linux programming')); + // e.g. print_r($mydb->filterTags('linux programming')); public function filterTags($tags,$casesensitive=false) { $t = str_replace(',',' ',($casesensitive?$tags:strtolower($tags))); @@ -819,9 +824,9 @@ class linkdb implements Iterator, Countable, ArrayAccess return $filtered; } - // Filter by day. Day must be in the form 'YYYYMMDD' (eg. '20120125') + // Filter by day. Day must be in the form 'YYYYMMDD' (e.g. '20120125') // Sort order is: older articles first. - // eg. print_r($mydb->filterDay('20120125')); + // e.g. print_r($mydb->filterDay('20120125')); public function filterDay($day) { $filtered=array(); @@ -876,13 +881,13 @@ class linkdb implements Iterator, Countable, ArrayAccess } // ------------------------------------------------------------------------------------------ -// Ouput the last 50 links in RSS 2.0 format. +// Output the last N links in RSS 2.0 format. function showRSS() { header('Content-Type: application/rss+xml; charset=utf-8'); // $usepermalink : If true, use permalink instead of final link. - // User just has to add 'permalink' in URL parameters. eg. http://mysite.com/shaarli/?do=rss&permalinks + // User just has to add 'permalink' in URL parameters. e.g. http://mysite.com/shaarli/?do=rss&permalinks $usepermalinks = isset($_GET['permalinks']); // Cache system @@ -891,13 +896,18 @@ function showRSS() $cached = $cache->cachedVersion(); if (!empty($cached)) { echo $cached; exit; } // If cached was not found (or not usable), then read the database and build the response: - $LINKSDB=new linkdb(isLoggedIn() || $GLOBALS['config']['OPEN_SHAARLI']); // Read links from database (and filter private links if used it not logged in). + $LINKSDB=new linkdb(isLoggedIn() || $GLOBALS['config']['OPEN_SHAARLI']); // Read links from database (and filter private links if user it not logged in). - // Optionnaly filter the results: + // Optionally filter the results: $linksToDisplay=array(); if (!empty($_GET['searchterm'])) $linksToDisplay = $LINKSDB->filterFulltext($_GET['searchterm']); elseif (!empty($_GET['searchtags'])) $linksToDisplay = $LINKSDB->filterTags(trim($_GET['searchtags'])); else $linksToDisplay = $LINKSDB; + $nblinksToDisplay = 50; // Number of links to display. + if (!empty($_GET['nb'])) // In URL, you can specificy the number of links. Example: nb=200 or nb=all for all links. + { + $nblinksToDisplay = $_GET['nb']=='all' ? count($linksToDisplay) : max($_GET['nb']+0,1) ; + } $pageaddr=htmlspecialchars(indexUrl()); echo '