'.$descriptionlink; - - $entries.='
Bookmarks
-HTML; - foreach($LINKSDB as $link) - { - if ($exportWhat=='all' || - ($exportWhat=='private' && $link['private']!=0) || - ($exportWhat=='public' && $link['private']==0)) - { - echo ')
-// This function fills all the necessary fields in the $PAGE for the template 'linklist.html'
-function buildLinkList($PAGE,$LINKSDB)
+/**
+ * Template for the list of links (
)
+ * This function fills all the necessary fields in the $PAGE for the template 'linklist.html'
+ *
+ * @param pageBuilder $PAGE pageBuilder instance.
+ * @param LinkDB $LINKSDB LinkDB instance.
+ * @param ConfigManager $conf Configuration Manager instance.
+ * @param PluginManager $pluginManager Plugin Manager instance.
+ * @param LoginManager $loginManager LoginManager instance
+ */
+function buildLinkList($PAGE, $LINKSDB, $conf, $pluginManager, $loginManager)
{
- // ---- Filter link database according to parameters
- $linksToDisplay=array();
- $search_type='';
- $search_crits='';
- if (isset($_GET['searchterm'])) // Fulltext search
- {
- $linksToDisplay = $LINKSDB->filterFulltext(trim($_GET['searchterm']));
- $search_crits=escape(trim($_GET['searchterm']));
- $search_type='fulltext';
- }
- elseif (isset($_GET['searchtags'])) // Search by tag
- {
- $linksToDisplay = $LINKSDB->filterTags(trim($_GET['searchtags']));
- $search_crits=explode(' ',escape(trim($_GET['searchtags'])));
- $search_type='tags';
- }
- elseif (isset($_SERVER['QUERY_STRING']) && preg_match('/[a-zA-Z0-9-_@]{6}(&.+?)?/',$_SERVER['QUERY_STRING'])) // Detect smallHashes in URL
- {
- $linksToDisplay = $LINKSDB->filterSmallHash(substr(trim($_SERVER["QUERY_STRING"], '/'),0,6));
- if (count($linksToDisplay)==0)
- {
- header($_SERVER["SERVER_PROTOCOL"]." 404 Not Found");
- echo '
Would you mind clicking here?'; - exit; + // Used in templates + if (isset($_GET['searchtags'])) { + if (! empty($_GET['searchtags'])) { + $searchtags = escape(normalize_spaces($_GET['searchtags'])); + } else { + $searchtags = false; } - $search_type='permalink'; + } else { + $searchtags = ''; } - else - $linksToDisplay = $LINKSDB; // Otherwise, display without filtering. - + $searchterm = !empty($_GET['searchterm']) ? escape(normalize_spaces($_GET['searchterm'])) : ''; - // Option: Show only private links - if (!empty($_SESSION['privateonly'])) - { - $tmp = array(); - foreach($linksToDisplay as $linkdate=>$link) - { - if ($link['private']!=0) $tmp[$linkdate]=$link; + // Smallhash filter + if (! empty($_SERVER['QUERY_STRING']) + && preg_match('/^[a-zA-Z0-9-_@]{6}($|&|#)/', $_SERVER['QUERY_STRING'])) { + try { + $linksToDisplay = $LINKSDB->filterHash($_SERVER['QUERY_STRING']); + } catch (LinkNotFoundException $e) { + $PAGE->render404($e->getMessage()); + exit; } - $linksToDisplay=$tmp; + } else { + // Filter links according search parameters. + $visibility = ! empty($_SESSION['visibility']) ? $_SESSION['visibility'] : ''; + $request = [ + 'searchtags' => $searchtags, + 'searchterm' => $searchterm, + ]; + $linksToDisplay = $LINKSDB->filterSearch($request, false, $visibility, !empty($_SESSION['untaggedonly'])); } // ---- Handle paging. - /* Can someone explain to me why you get the following error when using array_keys() on an object which implements the interface ArrayAccess??? - "Warning: array_keys() expects parameter 1 to be array, object given in ... " - If my class implements ArrayAccess, why won't array_keys() accept it ? ( $keys=array_keys($linksToDisplay); ) - */ - $keys=array(); foreach($linksToDisplay as $key=>$value) { $keys[]=$key; } // Stupid and ugly. Thanks PHP. - - // If there is only a single link, we change on-the-fly the title of the page. - if (count($linksToDisplay)==1) $GLOBALS['pagetitle'] = $linksToDisplay[$keys[0]]['title'].' - '.$GLOBALS['title']; + $keys = array(); + foreach ($linksToDisplay as $key => $value) { + $keys[] = $key; + } // Select articles according to paging. - $pagecount = ceil(count($keys)/$_SESSION['LINKS_PER_PAGE']); - $pagecount = ($pagecount==0 ? 1 : $pagecount); - $page=( empty($_GET['page']) ? 1 : intval($_GET['page'])); - $page = ( $page<1 ? 1 : $page ); - $page = ( $page>$pagecount ? $pagecount : $page ); - $i = ($page-1)*$_SESSION['LINKS_PER_PAGE']; // Start index. - $end = $i+$_SESSION['LINKS_PER_PAGE']; - $linkDisp=array(); // Links to display + $pagecount = ceil(count($keys) / $_SESSION['LINKS_PER_PAGE']); + $pagecount = $pagecount == 0 ? 1 : $pagecount; + $page= empty($_GET['page']) ? 1 : intval($_GET['page']); + $page = $page < 1 ? 1 : $page; + $page = $page > $pagecount ? $pagecount : $page; + // Start index. + $i = ($page-1) * $_SESSION['LINKS_PER_PAGE']; + $end = $i + $_SESSION['LINKS_PER_PAGE']; + $linkDisp = array(); while ($i<$end && $iget('redirector.url'),
+ $conf->get('redirector.encode_url')
+ );
+ $classLi = ($i % 2) != 0 ? '' : 'publicLinkHightLight';
+ $link['class'] = $link['private'] == 0 ? $classLi : 'private';
+ $link['timestamp'] = $link['created']->getTimestamp();
+ if (! empty($link['updated'])) {
+ $link['updated_timestamp'] = $link['updated']->getTimestamp();
+ } else {
+ $link['updated_timestamp'] = '';
+ }
+ $taglist = preg_split('/\s+/', $link['tags'], -1, PREG_SPLIT_NO_EMPTY);
uasort($taglist, 'strcasecmp');
- $link['taglist']=$taglist;
- $link['shorturl'] = smallHash($link['linkdate']);
- if ($link["url"][0] === '?' && // Check for both signs of a note: starting with ? and 7 chars long. I doubt that you'll post any links that look like this.
- strlen($link["url"]) === 7) {
- $link["url"] = index_url($_SERVER) . $link["url"];
+ $link['taglist'] = $taglist;
+ // Check for both signs of a note: starting with ? and 7 chars long.
+ if ($link['url'][0] === '?' &&
+ strlen($link['url']) === 7) {
+ $link['url'] = index_url($_SERVER) . $link['url'];
}
$linkDisp[$keys[$i]] = $link;
@@ -1933,32 +1580,47 @@ function buildLinkList($PAGE,$LINKSDB)
}
// Compute paging navigation
- $searchterm= ( empty($_GET['searchterm']) ? '' : '&searchterm='.$_GET['searchterm'] );
- $searchtags= ( empty($_GET['searchtags']) ? '' : '&searchtags='.$_GET['searchtags'] );
- $paging='';
- $previous_page_url=''; if ($i!=count($keys)) $previous_page_url='?page='.($page+1).$searchterm.$searchtags;
- $next_page_url='';if ($page>1) $next_page_url='?page='.($page-1).$searchterm.$searchtags;
-
- $token = ''; if (isLoggedIn()) $token=getToken();
+ $searchtagsUrl = $searchtags === '' ? '' : '&searchtags=' . urlencode($searchtags);
+ $searchtermUrl = empty($searchterm) ? '' : '&searchterm=' . urlencode($searchterm);
+ $previous_page_url = '';
+ if ($i != count($keys)) {
+ $previous_page_url = '?page=' . ($page+1) . $searchtermUrl . $searchtagsUrl;
+ }
+ $next_page_url='';
+ if ($page>1) {
+ $next_page_url = '?page=' . ($page-1) . $searchtermUrl . $searchtagsUrl;
+ }
// Fill all template fields.
$data = array(
- 'linkcount' => count($LINKSDB),
'previous_page_url' => $previous_page_url,
'next_page_url' => $next_page_url,
'page_current' => $page,
'page_max' => $pagecount,
'result_count' => count($linksToDisplay),
- 'search_type' => $search_type,
- 'search_crits' => $search_crits,
- 'redirector' => empty($GLOBALS['redirector']) ? '' : $GLOBALS['redirector'], // Optional redirector URL.
- 'token' => $token,
+ 'search_term' => $searchterm,
+ 'search_tags' => $searchtags,
+ 'visibility' => ! empty($_SESSION['visibility']) ? $_SESSION['visibility'] : '',
+ 'redirector' => $conf->get('redirector.url'), // Optional redirector URL.
'links' => $linkDisp,
- 'tags' => $LINKSDB->allTags(),
);
- $pluginManager = PluginManager::getInstance();
- $pluginManager->executeHooks('render_linklist', $data, array('loggedin' => isLoggedIn()));
+ // If there is only a single link, we change on-the-fly the title of the page.
+ if (count($linksToDisplay) == 1) {
+ $data['pagetitle'] = $linksToDisplay[$keys[0]]['title'] .' - '. $conf->get('general.title');
+ } elseif (! empty($searchterm) || ! empty($searchtags)) {
+ $data['pagetitle'] = t('Search: ');
+ $data['pagetitle'] .= ! empty($searchterm) ? $searchterm .' ' : '';
+ $bracketWrap = function ($tag) {
+ return '['. $tag .']';
+ };
+ $data['pagetitle'] .= ! empty($searchtags)
+ ? implode(' ', array_map($bracketWrap, preg_split('/\s+/', $searchtags))).' '
+ : '';
+ $data['pagetitle'] .= '- '. $conf->get('general.title');
+ }
+
+ $pluginManager->executeHooks('render_linklist', $data, array('loggedin' => $loginManager->isLoggedIn()));
foreach ($data as $key => $value) {
$PAGE->assign($key, $value);
@@ -1967,18 +1629,26 @@ function buildLinkList($PAGE,$LINKSDB)
return;
}
-// Compute the thumbnail for a link.
-//
-// With a link to the original URL.
-// Understands various services (youtube.com...)
-// Input: $url = URL for which the thumbnail must be found.
-// $href = if provided, this URL will be followed instead of $url
-// Returns an associative array with thumbnail attributes (src,href,width,height,style,alt)
-// Some of them may be missing.
-// Return an empty array if no thumbnail available.
-function computeThumbnail($url,$href=false)
+/**
+ * Compute the thumbnail for a link.
+ *
+ * With a link to the original URL.
+ * Understands various services (youtube.com...)
+ * Input: $url = URL for which the thumbnail must be found.
+ * $href = if provided, this URL will be followed instead of $url
+ * Returns an associative array with thumbnail attributes (src,href,width,height,style,alt)
+ * Some of them may be missing.
+ * Return an empty array if no thumbnail available.
+ *
+ * @param ConfigManager $conf Configuration Manager instance.
+ * @param string $url
+ * @param string|bool $href
+ *
+ * @return array
+ */
+function computeThumbnail($conf, $url, $href = false)
{
- if (!$GLOBALS['config']['ENABLE_THUMBNAILS']) return array();
+ if (!$conf->get('thumbnail.enable_thumbnails')) return array();
if ($href==false) $href=$url;
// For most hosts, the URL of the thumbnail can be easily deduced from the URL of the link.
@@ -2046,7 +1716,7 @@ function computeThumbnail($url,$href=false)
// So we deport the thumbnail generation in order not to slow down page generation
// (and we also cache the thumbnail)
- if (!$GLOBALS['config']['ENABLE_LOCALCACHE']) return array(); // If local cache is disabled, no thumbnails for services which require the use a local cache.
+ if (! $conf->get('thumbnail.enable_localcache')) return array(); // If local cache is disabled, no thumbnails for services which require the use a local cache.
if ($domain=='flickr.com' || endsWith($domain,'.flickr.com')
|| $domain=='vimeo.com'
@@ -2069,7 +1739,7 @@ function computeThumbnail($url,$href=false)
$path = parse_url($url,PHP_URL_PATH);
if ("/talks/" !== substr($path,0,7)) return array(); // This is not a single video URL.
}
- $sign = hash_hmac('sha256', $url, $GLOBALS['salt']); // We use the salt to sign data (it's random, secret, and specific to each installation)
+ $sign = hash_hmac('sha256', $url, $conf->get('credentials.salt')); // We use the salt to sign data (it's random, secret, and specific to each installation)
return array('src'=>index_url($_SERVER).'?do=genthumbnail&hmac='.$sign.'&url='.urlencode($url),
'href'=>$href,'width'=>'120','style'=>'height:auto;','alt'=>'thumbnail');
}
@@ -2080,7 +1750,7 @@ function computeThumbnail($url,$href=false)
$ext=strtolower(pathinfo($url,PATHINFO_EXTENSION));
if ($ext=='jpg' || $ext=='jpeg' || $ext=='png' || $ext=='gif')
{
- $sign = hash_hmac('sha256', $url, $GLOBALS['salt']); // We use the salt to sign data (it's random, secret, and specific to each installation)
+ $sign = hash_hmac('sha256', $url, $conf->get('credentials.salt')); // We use the salt to sign data (it's random, secret, and specific to each installation)
return array('src'=>index_url($_SERVER).'?do=genthumbnail&hmac='.$sign.'&url='.urlencode($url),
'href'=>$href,'width'=>'120','style'=>'height:auto;','alt'=>'thumbnail');
}
@@ -2097,7 +1767,9 @@ function computeThumbnail($url,$href=false)
// Returns '' if no thumbnail available.
function thumbnail($url,$href=false)
{
- $t = computeThumbnail($url,$href);
+ // FIXME!
+ global $conf;
+ $t = computeThumbnail($conf, $url,$href);
if (count($t)==0) return ''; // Empty array = no thumbnail for this URL.
$html='.')
';
@@ -2143,11 +1817,14 @@ function lazyThumbnail($url,$href=false)
}
-// -----------------------------------------------------------------------------------------------
-// Installation
-// This function should NEVER be called if the file data/config.php exists.
-function install()
-{
+/**
+ * Installation
+ * This function should NEVER be called if the file data/config.php exists.
+ *
+ * @param ConfigManager $conf Configuration Manager instance.
+ * @param SessionManager $sessionManager SessionManager instance
+ */
+function install($conf, $sessionManager) {
// On free.fr host, make sure the /sessions directory exists, otherwise login will not work.
if (endsWith($_SERVER['HTTP_HOST'],'.free.fr') && !is_dir($_SERVER['DOCUMENT_ROOT'].'/sessions')) mkdir($_SERVER['DOCUMENT_ROOT'].'/sessions',0705);
@@ -2156,12 +1833,20 @@ function install()
// (Because on some hosts, session.save_path may not be set correctly,
// or we may not have write access to it.)
if (isset($_GET['test_session']) && ( !isset($_SESSION) || !isset($_SESSION['session_tested']) || $_SESSION['session_tested']!='Working'))
- { // Step 2: Check if data in session is correct.
- echo 'Timezone: '.$timezone_form.' 
- list($headers, $data) = get_http_url($url, 5);
+ list($headers, $content) = get_http_response($url, 5);
if (strpos($headers[0], '200 OK') !== false) {
// Extract the link to the thumbnail
- preg_match('! "[^s]!',$data,$matches);
+ preg_match('!<img src=")
+$linkDb = new LinkDB(
+ $conf->get('resource.datastore'),
+ $loginManager->isLoggedIn(),
+ $conf->get('privacy.hide_public_links'),
+ $conf->get('redirector.url'),
+ $conf->get('redirector.encode_url')
+);
+
+$container = new \Slim\Container();
+$container['conf'] = $conf;
+$container['plugins'] = $pluginManager;
+$container['history'] = $history;
+$app = new \Slim\App($container);
+
+// REST API routes
+$app->group('/api/v1', function() {
+ $this->get('/info', '\Shaarli\Api\Controllers\Info:getInfo')->setName('getInfo');
+ $this->get('/links', '\Shaarli\Api\Controllers\Links:getLinks')->setName('getLinks');
+ $this->get('/links/{id:[\d]+}', '\Shaarli\Api\Controllers\Links:getLink')->setName('getLink');
+ $this->post('/links', '\Shaarli\Api\Controllers\Links:postLink')->setName('postLink');
+ $this->put('/links/{id:[\d]+}', '\Shaarli\Api\Controllers\Links:putLink')->setName('putLink');
+ $this->delete('/links/{id:[\d]+}', '\Shaarli\Api\Controllers\Links:deleteLink')->setName('deleteLink');
+ $this->get('/history', '\Shaarli\Api\Controllers\History:getHistory')->setName('getHistory');
+})->add('\Shaarli\Api\ApiMiddleware');
+
+$response = $app->run(true);
+// Hack to make Slim and Shaarli router work together:
+// If a Slim route isn't found and NOT API call, we call renderPage().
+if ($response->getStatusCode() == 404 && strpos($_SERVER['REQUEST_URI'], '/api/v1') === false) {
+ // We use UTF-8 for proper international characters handling.
+ header('Content-Type: text/html; charset=utf-8');
+ renderPage($conf, $pluginManager, $linkDb, $history, $sessionManager, $loginManager);
+} else {
+ $app->respond($response);
+}
404 Not found.
Oh crap. The link you are trying to reach does not exist or has been deleted.'; - echo 'Would you mind clicking here?'; - exit; + // Used in templates + if (isset($_GET['searchtags'])) { + if (! empty($_GET['searchtags'])) { + $searchtags = escape(normalize_spaces($_GET['searchtags'])); + } else { + $searchtags = false; } - $search_type='permalink'; + } else { + $searchtags = ''; } - else - $linksToDisplay = $LINKSDB; // Otherwise, display without filtering. - + $searchterm = !empty($_GET['searchterm']) ? escape(normalize_spaces($_GET['searchterm'])) : ''; - // Option: Show only private links - if (!empty($_SESSION['privateonly'])) - { - $tmp = array(); - foreach($linksToDisplay as $linkdate=>$link) - { - if ($link['private']!=0) $tmp[$linkdate]=$link; + // Smallhash filter + if (! empty($_SERVER['QUERY_STRING']) + && preg_match('/^[a-zA-Z0-9-_@]{6}($|&|#)/', $_SERVER['QUERY_STRING'])) { + try { + $linksToDisplay = $LINKSDB->filterHash($_SERVER['QUERY_STRING']); + } catch (LinkNotFoundException $e) { + $PAGE->render404($e->getMessage()); + exit; } - $linksToDisplay=$tmp; + } else { + // Filter links according search parameters. + $visibility = ! empty($_SESSION['visibility']) ? $_SESSION['visibility'] : ''; + $request = [ + 'searchtags' => $searchtags, + 'searchterm' => $searchterm, + ]; + $linksToDisplay = $LINKSDB->filterSearch($request, false, $visibility, !empty($_SESSION['untaggedonly'])); } // ---- Handle paging. - /* Can someone explain to me why you get the following error when using array_keys() on an object which implements the interface ArrayAccess??? - "Warning: array_keys() expects parameter 1 to be array, object given in ... " - If my class implements ArrayAccess, why won't array_keys() accept it ? ( $keys=array_keys($linksToDisplay); ) - */ - $keys=array(); foreach($linksToDisplay as $key=>$value) { $keys[]=$key; } // Stupid and ugly. Thanks PHP. - - // If there is only a single link, we change on-the-fly the title of the page. - if (count($linksToDisplay)==1) $GLOBALS['pagetitle'] = $linksToDisplay[$keys[0]]['title'].' - '.$GLOBALS['title']; + $keys = array(); + foreach ($linksToDisplay as $key => $value) { + $keys[] = $key; + } // Select articles according to paging. - $pagecount = ceil(count($keys)/$_SESSION['LINKS_PER_PAGE']); - $pagecount = ($pagecount==0 ? 1 : $pagecount); - $page=( empty($_GET['page']) ? 1 : intval($_GET['page'])); - $page = ( $page<1 ? 1 : $page ); - $page = ( $page>$pagecount ? $pagecount : $page ); - $i = ($page-1)*$_SESSION['LINKS_PER_PAGE']; // Start index. - $end = $i+$_SESSION['LINKS_PER_PAGE']; - $linkDisp=array(); // Links to display + $pagecount = ceil(count($keys) / $_SESSION['LINKS_PER_PAGE']); + $pagecount = $pagecount == 0 ? 1 : $pagecount; + $page= empty($_GET['page']) ? 1 : intval($_GET['page']); + $page = $page < 1 ? 1 : $page; + $page = $page > $pagecount ? $pagecount : $page; + // Start index. + $i = ($page-1) * $_SESSION['LINKS_PER_PAGE']; + $end = $i + $_SESSION['LINKS_PER_PAGE']; + $linkDisp = array(); while ($i<$end && $i
Sessions do not seem to work correctly on your server.'; + { + // Step 2: Check if data in session is correct. + $msg = t( + '
'; - echo 'Make sure the variable session.save_path is set correctly in your php config, and that you have write access to it.
'; - echo 'It currently points to '.session_save_path().'
'; - echo 'Check that the hostname used to access Shaarli contains a dot. On some browsers, accessing your server via a hostname like \'localhost\' or any custom hostname without a dot causes cookie storage to fail. We recommend accessing your server via it\'s IP address or Fully Qualified Domain Name.
'; - echo '
Click to try again.
Sessions do not seem to work correctly on your server.'; die; } if (!isset($_SESSION['session_tested'])) @@ -2178,20 +1863,35 @@ function install() if (!empty($_POST['setlogin']) && !empty($_POST['setpassword'])) { $tz = 'UTC'; - if (!empty($_POST['continent']) && !empty($_POST['city'])) { - if (isTimeZoneValid($_POST['continent'], $_POST['city'])) { - $tz = $_POST['continent'].'/'.$_POST['city']; - } - } - $GLOBALS['timezone'] = $tz; - // Everything is ok, let's create config file. - $GLOBALS['login'] = $_POST['setlogin']; - $GLOBALS['salt'] = sha1(uniqid('',true).'_'.mt_rand()); // Salt renders rainbow-tables attacks useless. - $GLOBALS['hash'] = sha1($_POST['setpassword'].$GLOBALS['login'].$GLOBALS['salt']); - $GLOBALS['title'] = (empty($_POST['title']) ? 'Shared links on '.escape(index_url($_SERVER)) : $_POST['title'] ); - $GLOBALS['config']['ENABLE_UPDATECHECK'] = !empty($_POST['updateCheck']); + if (!empty($_POST['continent']) && !empty($_POST['city']) + && isTimeZoneValid($_POST['continent'], $_POST['city']) + ) { + $tz = $_POST['continent'].'/'.$_POST['city']; + } + $conf->set('general.timezone', $tz); + $login = $_POST['setlogin']; + $conf->set('credentials.login', $login); + $salt = sha1(uniqid('', true) .'_'. mt_rand()); + $conf->set('credentials.salt', $salt); + $conf->set('credentials.hash', sha1($_POST['setpassword'] . $login . $salt)); + if (!empty($_POST['title'])) { + $conf->set('general.title', escape($_POST['title'])); + } else { + $conf->set('general.title', 'Shared links on '.escape(index_url($_SERVER))); + } + $conf->set('translation.language', escape($_POST['language'])); + $conf->set('updates.check_updates', !empty($_POST['updateCheck'])); + $conf->set('api.enabled', !empty($_POST['enableApi'])); + $conf->set( + 'api.secret', + generate_api_secret( + $conf->get('credentials.login'), + $conf->get('credentials.salt') + ) + ); try { - writeConfig($GLOBALS, isLoggedIn()); + // Everything is ok, let's create config file. + $conf->write($loginManager->isLoggedIn()); } catch(Exception $e) { error_log( @@ -2207,88 +1907,48 @@ function install() exit; } - // Display config form: - list($timezone_form, $timezone_js) = generateTimeZoneForm(); - $timezone_html = ''; - if ($timezone_form != '') { - $timezone_html = '
'. + 'Make sure the variable "session.save_path" is set correctly in your PHP config, '. + 'and that you have write access to it.
'. + 'It currently points to %s.
'. + 'On some browsers, accessing your server via a hostname like \'localhost\' '. + 'or any custom hostname without a dot causes cookie storage to fail. '. + 'We recommend accessing your server via it\'s IP address or Fully Qualified Domain Name.
' + ); + $msg = sprintf($msg, session_save_path()); + echo $msg; + echo '
'. t('Click to try again.') .'
- list($headers, $data) = get_http_url($url, 5);
+ list($headers, $content) = get_http_response($url, 5);
if (strpos($headers[0], '200 OK') !== false) {
// Extract the link to the thumbnail
- preg_match('!