X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=index.php;h=c430a2006ee63cac8ed3b8ea751b113bdbb1c9c1;hb=38bedfbbcdd2a40e9f04f5753e0fd6f4fd513c21;hp=1439ec2f708b66d41b9381c895a835faddd0932e;hpb=a421aeea66894febffc8d47fea39b8a41f3786a1;p=github%2Fshaarli%2FShaarli.git diff --git a/index.php b/index.php old mode 100644 new mode 100755 index 1439ec2f..c430a200 --- a/index.php +++ b/index.php @@ -1,14 +1,26 @@ /shaarli/ define('WEB_PATH', substr($_SERVER["REQUEST_URI"], 0, 1+strrpos($_SERVER["REQUEST_URI"], '/', 0))); -// Force cookie path (but do not change lifetime) -$cookie=session_get_cookie_params(); -$cookiedir = ''; if(dirname($_SERVER['SCRIPT_NAME'])!='/') $cookiedir=dirname($_SERVER["SCRIPT_NAME"]).'/'; -session_set_cookie_params($cookie['lifetime'],$cookiedir,$_SERVER['SERVER_NAME']); // Set default cookie expiration and path. - -// Set session parameters on server side. -define('INACTIVITY_TIMEOUT',3600); // (in seconds). If the user does not access any page within this time, his/her session is considered expired. -ini_set('session.use_cookies', 1); // Use cookies to store session. -ini_set('session.use_only_cookies', 1); // Force cookies for session (phpsessionID forbidden in URL). -ini_set('session.use_trans_sid', false); // Prevent PHP form using sessionID in URL if cookies are disabled. -session_name('shaarli'); -if (session_id() == '') session_start(); // Start session if needed (Some server auto-start sessions). - // PHP Settings ini_set('max_input_time','60'); // High execution time in case of problematic imports/exports. ini_set('memory_limit', '128M'); // Try to set max upload file size and read (May not work on some hosts). @@ -68,8 +67,12 @@ if (is_file($GLOBALS['config']['CONFIG_FILE'])) { } // Shaarli library +require_once 'application/Cache.php'; +require_once 'application/CachedPage.php'; +require_once 'application/HttpUtils.php'; require_once 'application/LinkDB.php'; require_once 'application/TimeZone.php'; +require_once 'application/Url.php'; require_once 'application/Utils.php'; require_once 'application/Config.php'; @@ -82,6 +85,36 @@ try { exit; } +// Force cookie path (but do not change lifetime) +$cookie = session_get_cookie_params(); +$cookiedir = ''; +if (dirname($_SERVER['SCRIPT_NAME']) != '/') { + $cookiedir = dirname($_SERVER["SCRIPT_NAME"]).'/'; +} +// Set default cookie expiration and path. +session_set_cookie_params($cookie['lifetime'], $cookiedir, $_SERVER['SERVER_NAME']); +// Set session parameters on server side. +// If the user does not access any page within this time, his/her session is considered expired. +define('INACTIVITY_TIMEOUT', 3600); // in seconds. +// Use cookies to store session. +ini_set('session.use_cookies', 1); +// Force cookies for session (phpsessionID forbidden in URL). +ini_set('session.use_only_cookies', 1); +// Prevent PHP form using sessionID in URL if cookies are disabled. +ini_set('session.use_trans_sid', false); + +session_name('shaarli'); +// Start session if needed (Some server auto-start sessions). +if (session_id() == '') { + session_start(); +} + +// Regenerate session ID if invalid or not defined in cookie. +if (isset($_COOKIE['shaarli']) && !is_session_id_valid($_COOKIE['shaarli'])) { + session_regenerate_id(true); + $_COOKIE['shaarli'] = session_id(); +} + include "inc/rain.tpl.class.php"; //include Rain TPL raintpl::$tpl_dir = $GLOBALS['config']['RAINTPL_TPL']; // template directory raintpl::$cache_dir = $GLOBALS['config']['RAINTPL_TMP']; // cache directory @@ -108,7 +141,7 @@ header("Pragma: no-cache"); if (!is_writable(realpath(dirname(__FILE__)))) die('
ERROR: Shaarli does not have the right to write in its own directory.
'); // Handling of old config file which do not have the new parameters. -if (empty($GLOBALS['title'])) $GLOBALS['title']='Shared links on '.escape(indexUrl()); +if (empty($GLOBALS['title'])) $GLOBALS['title']='Shared links on '.escape(index_url($_SERVER)); if (empty($GLOBALS['timezone'])) $GLOBALS['timezone']=date_default_timezone_get(); if (empty($GLOBALS['redirector'])) $GLOBALS['redirector']=''; if (empty($GLOBALS['disablesessionprotection'])) $GLOBALS['disablesessionprotection']=false; @@ -187,9 +220,11 @@ function checkUpdate() // Get latest version number at most once a day. if (!is_file($GLOBALS['config']['UPDATECHECK_FILENAME']) || (filemtime($GLOBALS['config']['UPDATECHECK_FILENAME'])','',str_replace('', '', str_replace('url = $url; - $this->filename = $GLOBALS['config']['PAGECACHE'].'/'.sha1($url).'.cache'; - $this->shouldBeCached = $shouldBeCached; - } - - // If the page should be cached and a cached version exists, - // returns the cached version (otherwise, return null). - public function cachedVersion() - { - if (!$this->shouldBeCached) return null; - if (is_file($this->filename)) { return file_get_contents($this->filename); exit; } - return null; - } - - // Put a page in the cache. - public function cache($page) - { - if (!$this->shouldBeCached) return; - file_put_contents($this->filename,$page); - } - - // Purge the whole cache. - // (call with pageCache::purgeCache()) - public static function purgeCache() - { - if (is_dir($GLOBALS['config']['PAGECACHE'])) - { - $handler = opendir($GLOBALS['config']['PAGECACHE']); - if ($handler!==false) - { - while (($filename = readdir($handler))!==false) - { - if (endsWith($filename,'.cache')) { unlink($GLOBALS['config']['PAGECACHE'].'/'.$filename); } - } - closedir($handler); - } - } - } - -} - - // ----------------------------------------------------------------------------------------------- // Log to text file function logm($message) @@ -309,8 +287,8 @@ function pubsubhub() { $p = new Publisher($GLOBALS['config']['PUBSUBHUB_URL']); $topic_url = array ( - indexUrl().'?do=atom', - indexUrl().'?do=rss' + index_url($_SERVER).'?do=atom', + index_url($_SERVER).'?do=rss' ); $p->publish_update($topic_url); } @@ -443,12 +421,30 @@ if (isset($_POST['login'])) session_set_cookie_params(0,$cookiedir,$_SERVER['SERVER_NAME']); // 0 means "When browser closes" session_regenerate_id(true); } + // Optional redirect after login: - if (isset($_GET['post'])) { header('Location: ?post='.urlencode($_GET['post']).(!empty($_GET['title'])?'&title='.urlencode($_GET['title']):'').(!empty($_GET['description'])?'&description='.urlencode($_GET['description']):'').(!empty($_GET['source'])?'&source='.urlencode($_GET['source']):'')); exit; } - if (isset($_POST['returnurl'])) - { - if (endsWith($_POST['returnurl'],'?do=login')) { header('Location: ?'); exit; } // Prevent loops over login screen. - header('Location: '.$_POST['returnurl']); exit; + if (isset($_GET['post'])) { + $uri = '?post='. urlencode($_GET['post']); + foreach (array('description', 'source', 'title') as $param) { + if (!empty($_GET[$param])) { + $uri .= '&'.$param.'='.urlencode($_GET[$param]); + } + } + header('Location: '. $uri); + exit; + } + + if (isset($_GET['edit_link'])) { + header('Location: ?edit_link='. escape($_GET['edit_link'])); + exit; + } + + if (isset($_POST['returnurl'])) { + // Prevent loops over login screen. + if (strpos($_POST['returnurl'], 'do=login') === false) { + header('Location: '. escape($_POST['returnurl'])); + exit; + } } header('Location: ?'); exit; } @@ -456,7 +452,14 @@ if (isset($_POST['login'])) { ban_loginFailed(); $redir = ''; - if (isset($_GET['post'])) { $redir = '&post='.urlencode($_GET['post']).(!empty($_GET['title'])?'&title='.urlencode($_GET['title']):'').(!empty($_GET['description'])?'&description='.urlencode($_GET['description']):'').(!empty($_GET['source'])?'&source='.urlencode($_GET['source']):''); } + if (isset($_GET['post'])) { + $redir = '?post=' . urlencode($_GET['post']); + foreach (array('description', 'source', 'title') as $param) { + if (!empty($_GET[$param])) { + $redir .= '&' . $param . '=' . urlencode($_GET[$param]); + } + } + } echo ''; // Redirect to login screen. exit; } @@ -465,34 +468,6 @@ if (isset($_POST['login'])) // ------------------------------------------------------------------------------------------ // Misc utility functions: -// Returns the server URL (including port and http/https), without path. -// e.g. "http://myserver.com:8080" -// You can append $_SERVER['SCRIPT_NAME'] to get the current script URL. -function serverUrl() -{ - $https = (!empty($_SERVER['HTTPS']) && (strtolower($_SERVER['HTTPS'])=='on')) || $_SERVER["SERVER_PORT"]=='443'; // HTTPS detection. - $serverport = ($_SERVER["SERVER_PORT"]=='80' || ($https && $_SERVER["SERVER_PORT"]=='443') ? '' : ':'.$_SERVER["SERVER_PORT"]); - return 'http'.($https?'s':'').'://'.$_SERVER['SERVER_NAME'].$serverport; -} - -// Returns the absolute URL of current script, without the query. -// (e.g. http://sebsauvage.net/links/) -function indexUrl() -{ - $scriptname = $_SERVER["SCRIPT_NAME"]; - // If the script is named 'index.php', we remove it (for better looking URLs, - // e.g. http://mysite.com/shaarli/?abcde instead of http://mysite.com/shaarli/index.php?abcde) - if (endswith($scriptname,'index.php')) $scriptname = substr($scriptname,0,strlen($scriptname)-9); - return serverUrl() . $scriptname; -} - -// Returns the absolute URL of current script, WITH the query. -// (e.g. http://sebsauvage.net/links/?toto=titi&spamspamspam=humbug) -function pageUrl() -{ - return indexUrl().(!empty($_SERVER["QUERY_STRING"]) ? '?'.$_SERVER["QUERY_STRING"] : ''); -} - // Convert post_max_size/upload_max_filesize (e.g. '16M') parameters to bytes. function return_bytes($val) { @@ -545,53 +520,6 @@ function linkdate2iso8601($linkdate) return date('c',linkdate2timestamp($linkdate)); // 'c' is for ISO 8601 date format. } -// Parse HTTP response headers and return an associative array. -function http_parse_headers_shaarli( $headers ) -{ - $res=array(); - foreach($headers as $header) - { - $i = strpos($header,': '); - if ($i!==false) - { - $key=substr($header,0,$i); - $value=substr($header,$i+2,strlen($header)-$i-2); - $res[$key]=$value; - } - } - return $res; -} - -/* GET an URL. - Input: $url : URL to get (http://...) - $timeout : Network timeout (will wait this many seconds for an anwser before giving up). - Output: An array. [0] = HTTP status message (e.g. "HTTP/1.1 200 OK") or error message - [1] = associative array containing HTTP response headers (e.g. echo getHTTP($url)[1]['Content-Type']) - [2] = data - Example: list($httpstatus,$headers,$data) = getHTTP('http://sebauvage.net/'); - if (strpos($httpstatus,'200 OK')!==false) - echo 'Data type: '.htmlspecialchars($headers['Content-Type']); - else - echo 'There was an error: '.htmlspecialchars($httpstatus) -*/ -function getHTTP($url,$timeout=30) -{ - try - { - $options = array('http'=>array('method'=>'GET','timeout' => $timeout, 'user_agent' => 'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:23.0) Gecko/20100101 Firefox/23.0')); // Force network timeout - $context = stream_context_create($options); - $data=file_get_contents($url,false,$context,-1, 4000000); // We download at most 4 Mb from source. - if (!$data) { return array('HTTP Error',array(),''); } - $httpStatus=$http_response_header[0]; // e.g. "HTTP/1.1 200 OK" - $responseHeaders=http_parse_headers_shaarli($http_response_header); - return array($httpStatus,$responseHeaders,$data); - } - catch (Exception $e) // getHTTP *can* fail silently (we don't care if the title cannot be fetched) - { - return array($e->getMessage(),'',''); - } -} - // Extract title from an HTML document. // (Returns an empty string if not found.) function html_extract_title($html) @@ -645,14 +573,14 @@ class pageBuilder { $this->tpl = new RainTPL; $this->tpl->assign('newversion',escape(checkUpdate())); - $this->tpl->assign('feedurl',escape(indexUrl())); + $this->tpl->assign('feedurl',escape(index_url($_SERVER))); $searchcrits=''; // Search criteria if (!empty($_GET['searchtags'])) $searchcrits.='&searchtags='.urlencode($_GET['searchtags']); elseif (!empty($_GET['searchterm'])) $searchcrits.='&searchterm='.urlencode($_GET['searchterm']); $this->tpl->assign('searchcrits',$searchcrits); - $this->tpl->assign('source',indexUrl()); + $this->tpl->assign('source',index_url($_SERVER)); $this->tpl->assign('version',shaarli_version); - $this->tpl->assign('scripturl',indexUrl()); + $this->tpl->assign('scripturl',index_url($_SERVER)); $this->tpl->assign('pagetitle','Shaarli'); $this->tpl->assign('privateonly',!empty($_SESSION['privateonly'])); // Show only private links? if (!empty($GLOBALS['title'])) $this->tpl->assign('pagetitle',$GLOBALS['title']); @@ -691,8 +619,16 @@ function showRSS() // Cache system $query = $_SERVER["QUERY_STRING"]; - $cache = new pageCache(pageUrl(),startsWith($query,'do=rss') && !isLoggedIn()); - $cached = $cache->cachedVersion(); if (!empty($cached)) { echo $cached; exit; } + $cache = new CachedPage( + $GLOBALS['config']['PAGECACHE'], + page_url($_SERVER), + startsWith($query,'do=rss') && !isLoggedIn() + ); + $cached = $cache->cachedVersion(); + if (! empty($cached)) { + echo $cached; + exit; + } // If cached was not found (or not usable), then read the database and build the response: $LINKSDB = new LinkDB( @@ -714,7 +650,7 @@ function showRSS() $nblinksToDisplay = $_GET['nb']=='all' ? count($linksToDisplay) : max($_GET['nb']+0,1) ; } - $pageaddr=escape(indexUrl()); + $pageaddr=escape(index_url($_SERVER)); echo ''; echo ''.$GLOBALS['title'].''.$pageaddr.''; echo 'Shared linksen-en'.$pageaddr.''."\n\n"; @@ -752,7 +688,7 @@ function showRSS() echo ''."\n\n"; $i++; } - echo ''; + echo ''; $cache->cache(ob_get_contents()); ob_end_flush(); @@ -771,11 +707,19 @@ function showATOM() // Cache system $query = $_SERVER["QUERY_STRING"]; - $cache = new pageCache(pageUrl(),startsWith($query,'do=atom') && !isLoggedIn()); - $cached = $cache->cachedVersion(); if (!empty($cached)) { echo $cached; exit; } - // If cached was not found (or not usable), then read the database and build the response: + $cache = new CachedPage( + $GLOBALS['config']['PAGECACHE'], + page_url($_SERVER), + startsWith($query,'do=atom') && !isLoggedIn() + ); + $cached = $cache->cachedVersion(); + if (!empty($cached)) { + echo $cached; + exit; + } -// Read links from database (and filter private links if used it not logged in). + // If cached was not found (or not usable), then read the database and build the response: + // Read links from database (and filter private links if used it not logged in). $LINKSDB = new LinkDB( $GLOBALS['config']['DATASTORE'], isLoggedIn() || $GLOBALS['config']['OPEN_SHAARLI'], @@ -794,7 +738,7 @@ function showATOM() $nblinksToDisplay = $_GET['nb']=='all' ? count($linksToDisplay) : max($_GET['nb']+0,1) ; } - $pageaddr=escape(indexUrl()); + $pageaddr=escape(index_url($_SERVER)); $latestDate = ''; $entries=''; $i=0; @@ -832,7 +776,7 @@ function showATOM() $feed=''; $feed.=''.$GLOBALS['title'].''; if (!$GLOBALS['config']['HIDE_TIMESTAMPS'] || isLoggedIn()) $feed.=''.escape($latestDate).''; - $feed.=''; + $feed.=''; if (!empty($GLOBALS['config']['PUBSUBHUB_URL'])) { $feed.=''; @@ -842,7 +786,7 @@ function showATOM() $feed.=''.$pageaddr.''.$pageaddr.''; $feed.=''.$pageaddr.''."\n\n"; // Yes, I know I should use a real IRI (RFC3987), but the site URL will do. $feed.=$entries; - $feed.=''; + $feed.=''; echo $feed; $cache->cache(ob_get_contents()); @@ -857,7 +801,11 @@ function showATOM() function showDailyRSS() { // Cache system $query = $_SERVER["QUERY_STRING"]; - $cache = new pageCache(pageUrl(), startsWith($query, 'do=dailyrss') && !isLoggedIn()); + $cache = new CachedPage( + $GLOBALS['config']['PAGECACHE'], + page_url($_SERVER), + startsWith($query,'do=dailyrss') && !isLoggedIn() + ); $cached = $cache->cachedVersion(); if (!empty($cached)) { echo $cached; @@ -900,7 +848,7 @@ function showDailyRSS() { // Build the RSS feed. header('Content-Type: application/rss+xml; charset=utf-8'); - $pageaddr = escape(indexUrl()); + $pageaddr = escape(index_url($_SERVER)); echo ''; echo ''; echo 'Daily - '. $GLOBALS['title'] . ''; @@ -913,7 +861,7 @@ function showDailyRSS() { foreach ($days as $day => $linkdates) { $daydate = linkdate2timestamp($day.'_000000'); // Full text date $rfc822date = linkdate2rfc822($day.'_000000'); - $absurl = escape(indexUrl().'?do=daily&day='.$day); // Absolute URL of the corresponding "Daily" page. + $absurl = escape(index_url($_SERVER).'?do=daily&day='.$day); // Absolute URL of the corresponding "Daily" page. // Build the HTML body of this RSS entry. $html = ''; @@ -927,7 +875,7 @@ function showDailyRSS() { $l['thumbnail'] = thumbnail($l['url']); $l['timestamp'] = linkdate2timestamp($l['linkdate']); if (startsWith($l['url'], '?')) { - $l['url'] = indexUrl() . $l['url']; // make permalink URL absolute + $l['url'] = index_url($_SERVER) . $l['url']; // make permalink URL absolute } $links[$linkdate] = $l; } @@ -943,7 +891,7 @@ function showDailyRSS() { echo $html . PHP_EOL; } - echo ''; + echo ''; $cache->cache(ob_get_contents()); ob_end_flush(); @@ -1049,7 +997,7 @@ function renderPage() // -------- User wants to logout. if (isset($_SERVER["QUERY_STRING"]) && startswith($_SERVER["QUERY_STRING"],'do=logout')) { - invalidateCaches(); + invalidateCaches($GLOBALS['config']['PAGECACHE']); logout(); header('Location: ?'); exit; @@ -1217,6 +1165,11 @@ function renderPage() exit; } + if (isset($_GET['edit_link'])) { + header('Location: ?do=login&edit_link='. escape($_GET['edit_link'])); + exit; + } + $PAGE = new pageBuilder; buildLinkList($PAGE,$LINKSDB); // Compute list of links to display $PAGE->renderPage('linklist'); @@ -1230,7 +1183,7 @@ function renderPage() { $PAGE = new pageBuilder; $PAGE->assign('linkcount',count($LINKSDB)); - $PAGE->assign('pageabsaddr',indexUrl()); + $PAGE->assign('pageabsaddr',index_url($_SERVER)); $PAGE->renderPage('tools'); exit; } @@ -1351,7 +1304,7 @@ function renderPage() $value['tags']=trim(implode(' ',$tags)); $LINKSDB[$key]=$value; } - $LINKSDB->savedb(); // Save to disk. + $LINKSDB->savedb($GLOBALS['config']['PAGECACHE']); // Save to disk. echo ''; exit; } @@ -1368,7 +1321,7 @@ function renderPage() $value['tags']=trim(implode(' ',$tags)); $LINKSDB[$key]=$value; } - $LINKSDB->savedb(); // Save to disk. + $LINKSDB->savedb($GLOBALS['config']['PAGECACHE']); // Save to disk. echo ''; exit; } @@ -1397,7 +1350,7 @@ function renderPage() 'linkdate'=>$linkdate,'tags'=>str_replace(',',' ',$tags)); if ($link['title']=='') $link['title']=$link['url']; // If title is empty, use the URL as title. $LINKSDB[$linkdate] = $link; - $LINKSDB->savedb(); // Save to disk. + $LINKSDB->savedb($GLOBALS['config']['PAGECACHE']); // Save to disk. pubsubhub(); // If we are called from the bookmarklet, we must close the popup: @@ -1430,7 +1383,7 @@ function renderPage() // - we are protected from XSRF by the token. $linkdate=$_POST['lf_linkdate']; unset($LINKSDB[$linkdate]); - $LINKSDB->savedb(); // save to disk + $LINKSDB->savedb($GLOBALS['config']['PAGECACHE']); // save to disk // If we are called from the bookmarklet, we must close the popup: if (isset($_GET['source']) && ($_GET['source']=='bookmarklet' || $_GET['source']=='firefoxsocialapi')) { echo ''; exit; } @@ -1482,77 +1435,62 @@ function renderPage() } // -------- User want to post a new link: Display link edit form. - if (isset($_GET['post'])) - { - $url=$_GET['post']; - - - // We remove the annoying parameters added by FeedBurner, GoogleFeedProxy, Facebook... - $annoyingpatterns = array('/[\?&]utm_source=[^&]*/', - '/[\?&]utm_campaign=[^&]*/', - '/[\?&]utm_medium=[^&]*/', - '/#xtor=RSS-[^&]*/', - '/[\?&]fb_[^&]*/', - '/[\?&]__scoop[^&]*/', - '/#tk\.rss_all\?/', - '/[\?&]action_ref_map=[^&]*/', - '/[\?&]action_type_map=[^&]*/', - '/[\?&]action_object_map=[^&]*/', - '/[\?&]utm_content=[^&]*/', - '/[\?&]fb=[^&]*/', - '/[\?&]xtor=[^&]*/' - ); - foreach($annoyingpatterns as $pattern) - { - $url = preg_replace($pattern, "", $url); - } + if (isset($_GET['post'])) { + $url = cleanup_url($_GET['post']); $link_is_new = false; - $link = $LINKSDB->getLinkFromUrl($url); // Check if URL is not already in database (in this case, we will edit the existing link) + // Check if URL is not already in database (in this case, we will edit the existing link) + $link = $LINKSDB->getLinkFromUrl($url); if (!$link) { - $link_is_new = true; // This is a new link + $link_is_new = true; $linkdate = strval(date('Ymd_His')); - $title = (empty($_GET['title']) ? '' : $_GET['title'] ); // Get title if it was provided in URL (by the bookmarklet). - $description = (empty($_GET['description']) ? '' : $_GET['description']); // Get description if it was provided in URL (by the bookmarklet). [Bronco added that] - $tags = (empty($_GET['tags']) ? '' : $_GET['tags'] ); // Get tags if it was provided in URL - $private = (!empty($_GET['private']) && $_GET['private'] === "1" ? 1 : 0); // Get private if it was provided in URL - if (($url!='') && parse_url($url,PHP_URL_SCHEME)=='') $url = 'http://'.$url; - // If this is an HTTP link, we try go get the page to extract the title (otherwise we will to straight to the edit form.) - if (empty($title) && parse_url($url,PHP_URL_SCHEME)=='http') - { - list($status,$headers,$data) = getHTTP($url,4); // Short timeout to keep the application responsive. + // Get title if it was provided in URL (by the bookmarklet). + $title = (empty($_GET['title']) ? '' : $_GET['title'] ); + // Get description if it was provided in URL (by the bookmarklet). [Bronco added that] + $description = (empty($_GET['description']) ? '' : $_GET['description']); + $tags = (empty($_GET['tags']) ? '' : $_GET['tags'] ); + $private = (!empty($_GET['private']) && $_GET['private'] === "1" ? 1 : 0); + // If this is an HTTP(S) link, we try go get the page to extract the title (otherwise we will to straight to the edit form.) + if (empty($title) && strpos(get_url_scheme($url), 'http') !== false) { + // Short timeout to keep the application responsive + list($headers, $data) = get_http_url($url, 4); // FIXME: Decode charset according to specified in either 1) HTTP response headers or 2) in html - if (strpos($status,'200 OK')!==false) - { - // Look for charset in html header. - preg_match('##Usi', $data, $meta); - - // If found, extract encoding. - if (!empty($meta[0])) - { - // Get encoding specified in header. - preg_match('#charset="?(.*)"#si', $meta[0], $enc); - // If charset not found, use utf-8. - $html_charset = (!empty($enc[1])) ? strtolower($enc[1]) : 'utf-8'; - } - else { $html_charset = 'utf-8'; } - - // Extract title - $title = html_extract_title($data); - if (!empty($title)) - { - // Re-encode title in utf-8 if necessary. - $title = ($html_charset == 'iso-8859-1') ? utf8_encode($title) : $title; - } - } + if (strpos($headers[0], '200 OK') !== false) { + // Look for charset in html header. + preg_match('##Usi', $data, $meta); + + // If found, extract encoding. + if (!empty($meta[0])) { + // Get encoding specified in header. + preg_match('#charset="?(.*)"#si', $meta[0], $enc); + // If charset not found, use utf-8. + $html_charset = (!empty($enc[1])) ? strtolower($enc[1]) : 'utf-8'; + } + else { + $html_charset = 'utf-8'; + } + + // Extract title + $title = html_extract_title($data); + if (!empty($title)) { + // Re-encode title in utf-8 if necessary. + $title = ($html_charset == 'iso-8859-1') ? utf8_encode($title) : $title; + } + } } - if ($url=='') // In case of empty URL, this is just a text (with a link that points to itself) - { - $url='?'.smallHash($linkdate); - $title='Note: '; + if ($url == '') { + $url = '?' . smallHash($linkdate); + $title = 'Note: '; } - $link = array('linkdate'=>$linkdate,'title'=>$title,'url'=>$url,'description'=>$description,'tags'=>$tags,'private'=>$private); + $link = array( + 'linkdate' => $linkdate, + 'title' => $title, + 'url' => $url, + 'description' => $description, + 'tags' => $tags, + 'private' => $private + ); } $PAGE = new pageBuilder; @@ -1720,7 +1658,7 @@ function importFile() } } } - $LINKSDB->savedb(); + $LINKSDB->savedb($GLOBALS['config']['PAGECACHE']); echo ''; } @@ -1811,7 +1749,7 @@ function buildLinkList($PAGE,$LINKSDB) if ($link["url"][0] === '?' && // Check for both signs of a note: starting with ? and 7 chars long. I doubt that you'll post any links that look like this. strlen($link["url"]) === 7) { - $link["url"] = indexUrl() . $link["url"]; + $link["url"] = index_url($_SERVER) . $link["url"]; } $linkDisp[$keys[$i]] = $link; @@ -1946,7 +1884,7 @@ function computeThumbnail($url,$href=false) if ("/talks/" !== substr($path,0,7)) return array(); // This is not a single video URL. } $sign = hash_hmac('sha256', $url, $GLOBALS['salt']); // We use the salt to sign data (it's random, secret, and specific to each installation) - return array('src'=>indexUrl().'?do=genthumbnail&hmac='.$sign.'&url='.urlencode($url), + return array('src'=>index_url($_SERVER).'?do=genthumbnail&hmac='.$sign.'&url='.urlencode($url), 'href'=>$href,'width'=>'120','style'=>'height:auto;','alt'=>'thumbnail'); } @@ -1957,7 +1895,7 @@ function computeThumbnail($url,$href=false) if ($ext=='jpg' || $ext=='jpeg' || $ext=='png' || $ext=='gif') { $sign = hash_hmac('sha256', $url, $GLOBALS['salt']); // We use the salt to sign data (it's random, secret, and specific to each installation) - return array('src'=>indexUrl().'?do=genthumbnail&hmac='.$sign.'&url='.urlencode($url), + return array('src'=>index_url($_SERVER).'?do=genthumbnail&hmac='.$sign.'&url='.urlencode($url), 'href'=>$href,'width'=>'120','style'=>'height:auto;','alt'=>'thumbnail'); } return array(); // No thumbnail. @@ -2043,11 +1981,11 @@ function install() if (!isset($_SESSION['session_tested'])) { // Step 1 : Try to store data in session and reload page. $_SESSION['session_tested'] = 'Working'; // Try to set a variable in session. - header('Location: '.indexUrl().'?test_session'); // Redirect to check stored data. + header('Location: '.index_url($_SERVER).'?test_session'); // Redirect to check stored data. } if (isset($_GET['test_session'])) { // Step 3: Sessions are OK. Remove test parameter from URL. - header('Location: '.indexUrl()); + header('Location: '.index_url($_SERVER)); } @@ -2064,7 +2002,7 @@ function install() $GLOBALS['login'] = $_POST['setlogin']; $GLOBALS['salt'] = sha1(uniqid('',true).'_'.mt_rand()); // Salt renders rainbow-tables attacks useless. $GLOBALS['hash'] = sha1($_POST['setpassword'].$GLOBALS['login'].$GLOBALS['salt']); - $GLOBALS['title'] = (empty($_POST['title']) ? 'Shared links on '.escape(indexUrl()) : $_POST['title'] ); + $GLOBALS['title'] = (empty($_POST['title']) ? 'Shared links on '.escape(index_url($_SERVER)) : $_POST['title'] ); $GLOBALS['config']['ENABLE_UPDATECHECK'] = !empty($_POST['updateCheck']); try { writeConfig($GLOBALS, isLoggedIn()); @@ -2186,8 +2124,9 @@ function genThumbnail() } else // This is a flickr page (html) { - list($httpstatus,$headers,$data) = getHTTP($url,20); // Get the flickr html page. - if (strpos($httpstatus,'200 OK')!==false) + // Get the flickr html page. + list($headers, $data) = get_http_url($url, 20); + if (strpos($headers[0], '200 OK') !== false) { // flickr now nicely provides the URL of the thumbnail in each flickr page. preg_match('! tag on that page // http://www.ted.com/talks/mikko_hypponen_fighting_viruses_defending_the_net.html // - list($httpstatus,$headers,$data) = getHTTP($url,5); - if (strpos($httpstatus,'200 OK')!==false) - { + list($headers, $data) = get_http_url($url, 5); + if (strpos($headers[0], '200 OK') !== false) { // Extract the link to the thumbnail preg_match('!link rel="image_src" href="(http://images.ted.com/images/ted/.+_\d+x\d+\.jpg)"!',$data,$matches); if (!empty($matches[1])) { // Let's download the image. $imageurl=$matches[1]; - list($httpstatus,$headers,$data) = getHTTP($imageurl,20); // No control on image size, so wait long enough. - if (strpos($httpstatus,'200 OK')!==false) - { + // No control on image size, so wait long enough + list($headers, $data) = get_http_url($imageurl, 20); + if (strpos($headers[0], '200 OK') !== false) { $filepath=$GLOBALS['config']['CACHEDIR'].'/'.$thumbname; file_put_contents($filepath,$data); // Save image to cache. if (resizeImage($filepath)) @@ -2273,17 +2209,16 @@ function genThumbnail() // There is no thumbnail available for xkcd comics, so download the whole image and resize it. // http://xkcd.com/327/ // <BLABLA> - list($httpstatus,$headers,$data) = getHTTP($url,5); - if (strpos($httpstatus,'200 OK')!==false) - { + list($headers, $data) = get_http_url($url, 5); + if (strpos($headers[0], '200 OK') !== false) { // Extract the link to the thumbnail preg_match('!