X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=index.php;h=c430a2006ee63cac8ed3b8ea751b113bdbb1c9c1;hb=38bedfbbcdd2a40e9f04f5753e0fd6f4fd513c21;hp=e39cff38cbb40321295269820a2cab542e7f17ad;hpb=0a813cfd7cdf3c81faba8568bf6e2e667aae6f13;p=github%2Fshaarli%2FShaarli.git

diff --git a/index.php b/index.php
index e39cff38..c430a200 100755
--- a/index.php
+++ b/index.php
@@ -1,10 +1,20 @@
 <?php
-// Shaarli 0.5.3 - Shaare your links...
-// The personal, minimalist, super-fast, no-database Delicious clone. By sebsauvage.net
-// http://sebsauvage.net/wiki/doku.php?id=php:shaarli
-// Licence: http://www.opensource.org/licenses/zlib-license.php
-// Requires: PHP 5.3.x
-// -----------------------------------------------------------------------------------------------
+/**
+ * Shaarli v0.5.4 - Shaare your links...
+ *
+ * The personal, minimalist, super-fast, no-database Delicious clone.
+ *
+ * Friendly fork by the Shaarli community:
+ *  - https://github.com/shaarli/Shaarli
+ *
+ * Original project by sebsauvage.net:
+ *  - http://sebsauvage.net/wiki/doku.php?id=php:shaarli
+ *  - https://github.com/sebsauvage/Shaarli
+ *
+ * Licence: http://www.opensource.org/licenses/zlib-license.php
+ *
+ * Requires: PHP 5.3.x
+ */
 
 // Set 'UTC' as the default timezone if it is not defined in php.ini
 // See http://php.net/manual/en/datetime.configuration.php#ini.date.timezone
@@ -39,7 +49,7 @@ $GLOBALS['config']['ARCHIVE_ORG'] = false; // For each link, add a link to an ar
 $GLOBALS['config']['ENABLE_RSS_PERMALINKS'] = true;  // Enable RSS permalinks by default. This corresponds to the default behavior of shaarli before this was added as an option.
 $GLOBALS['config']['HIDE_PUBLIC_LINKS'] = false;
 // -----------------------------------------------------------------------------------------------
-define('shaarli_version','0.5.3');
+define('shaarli_version', '0.5.4');
 // http://server.com/x/shaarli --> /shaarli/
 define('WEB_PATH', substr($_SERVER["REQUEST_URI"], 0, 1+strrpos($_SERVER["REQUEST_URI"], '/', 0)));
 
@@ -131,7 +141,7 @@ header("Pragma: no-cache");
 if (!is_writable(realpath(dirname(__FILE__)))) die('<pre>ERROR: Shaarli does not have the right to write in its own directory.</pre>');
 
 // Handling of old config file which do not have the new parameters.
-if (empty($GLOBALS['title'])) $GLOBALS['title']='Shared links on '.escape(indexUrl());
+if (empty($GLOBALS['title'])) $GLOBALS['title']='Shared links on '.escape(index_url($_SERVER));
 if (empty($GLOBALS['timezone'])) $GLOBALS['timezone']=date_default_timezone_get();
 if (empty($GLOBALS['redirector'])) $GLOBALS['redirector']='';
 if (empty($GLOBALS['disablesessionprotection'])) $GLOBALS['disablesessionprotection']=false;
@@ -277,8 +287,8 @@ function pubsubhub()
     {
        $p = new Publisher($GLOBALS['config']['PUBSUBHUB_URL']);
        $topic_url = array (
-                       indexUrl().'?do=atom',
-                       indexUrl().'?do=rss'
+                       index_url($_SERVER).'?do=atom',
+                       index_url($_SERVER).'?do=rss'
                     );
        $p->publish_update($topic_url);
     }
@@ -458,34 +468,6 @@ if (isset($_POST['login']))
 // ------------------------------------------------------------------------------------------
 // Misc utility functions:
 
-// Returns the server URL (including port and http/https), without path.
-// e.g. "http://myserver.com:8080"
-// You can append $_SERVER['SCRIPT_NAME'] to get the current script URL.
-function serverUrl()
-{
-    $https = (!empty($_SERVER['HTTPS']) && (strtolower($_SERVER['HTTPS'])=='on')) || $_SERVER["SERVER_PORT"]=='443'; // HTTPS detection.
-    $serverport = ($_SERVER["SERVER_PORT"]=='80' || ($https && $_SERVER["SERVER_PORT"]=='443') ? '' : ':'.$_SERVER["SERVER_PORT"]);
-    return 'http'.($https?'s':'').'://'.$_SERVER['SERVER_NAME'].$serverport;
-}
-
-// Returns the absolute URL of current script, without the query.
-// (e.g. http://sebsauvage.net/links/)
-function indexUrl()
-{
-    $scriptname = $_SERVER["SCRIPT_NAME"];
-    // If the script is named 'index.php', we remove it (for better looking URLs,
-    // e.g. http://mysite.com/shaarli/?abcde instead of http://mysite.com/shaarli/index.php?abcde)
-    if (endswith($scriptname,'index.php')) $scriptname = substr($scriptname,0,strlen($scriptname)-9);
-    return serverUrl() . $scriptname;
-}
-
-// Returns the absolute URL of current script, WITH the query.
-// (e.g. http://sebsauvage.net/links/?toto=titi&spamspamspam=humbug)
-function pageUrl()
-{
-    return indexUrl().(!empty($_SERVER["QUERY_STRING"]) ? '?'.$_SERVER["QUERY_STRING"] : '');
-}
-
 // Convert post_max_size/upload_max_filesize (e.g. '16M') parameters to bytes.
 function return_bytes($val)
 {
@@ -591,14 +573,14 @@ class pageBuilder
     {
         $this->tpl = new RainTPL;
         $this->tpl->assign('newversion',escape(checkUpdate()));
-        $this->tpl->assign('feedurl',escape(indexUrl()));
+        $this->tpl->assign('feedurl',escape(index_url($_SERVER)));
         $searchcrits=''; // Search criteria
         if (!empty($_GET['searchtags'])) $searchcrits.='&searchtags='.urlencode($_GET['searchtags']);
         elseif (!empty($_GET['searchterm'])) $searchcrits.='&searchterm='.urlencode($_GET['searchterm']);
         $this->tpl->assign('searchcrits',$searchcrits);
-        $this->tpl->assign('source',indexUrl());
+        $this->tpl->assign('source',index_url($_SERVER));
         $this->tpl->assign('version',shaarli_version);
-        $this->tpl->assign('scripturl',indexUrl());
+        $this->tpl->assign('scripturl',index_url($_SERVER));
         $this->tpl->assign('pagetitle','Shaarli');
         $this->tpl->assign('privateonly',!empty($_SESSION['privateonly'])); // Show only private links?
         if (!empty($GLOBALS['title'])) $this->tpl->assign('pagetitle',$GLOBALS['title']);
@@ -639,7 +621,7 @@ function showRSS()
     $query = $_SERVER["QUERY_STRING"];
     $cache = new CachedPage(
         $GLOBALS['config']['PAGECACHE'],
-        pageUrl(),
+        page_url($_SERVER),
         startsWith($query,'do=rss') && !isLoggedIn()
     );
     $cached = $cache->cachedVersion();
@@ -668,7 +650,7 @@ function showRSS()
         $nblinksToDisplay = $_GET['nb']=='all' ? count($linksToDisplay) : max($_GET['nb']+0,1) ;
     }
 
-    $pageaddr=escape(indexUrl());
+    $pageaddr=escape(index_url($_SERVER));
     echo '<?xml version="1.0" encoding="UTF-8"?><rss version="2.0" xmlns:content="http://purl.org/rss/1.0/modules/content/">';
     echo '<channel><title>'.$GLOBALS['title'].'</title><link>'.$pageaddr.'</link>';
     echo '<description>Shared links</description><language>en-en</language><copyright>'.$pageaddr.'</copyright>'."\n\n";
@@ -706,7 +688,7 @@ function showRSS()
         echo '<description><![CDATA['.nl2br(keepMultipleSpaces(text2clickable($link['description']))).$descriptionlink.']]></description>'."\n</item>\n";
         $i++;
     }
-    echo '</channel></rss><!-- Cached version of '.escape(pageUrl()).' -->';
+    echo '</channel></rss><!-- Cached version of '.escape(page_url($_SERVER)).' -->';
 
     $cache->cache(ob_get_contents());
     ob_end_flush();
@@ -727,7 +709,7 @@ function showATOM()
     $query = $_SERVER["QUERY_STRING"];
     $cache = new CachedPage(
         $GLOBALS['config']['PAGECACHE'],
-        pageUrl(),
+        page_url($_SERVER),
         startsWith($query,'do=atom') && !isLoggedIn()
     );
     $cached = $cache->cachedVersion();
@@ -756,7 +738,7 @@ function showATOM()
         $nblinksToDisplay = $_GET['nb']=='all' ? count($linksToDisplay) : max($_GET['nb']+0,1) ;
     }
 
-    $pageaddr=escape(indexUrl());
+    $pageaddr=escape(index_url($_SERVER));
     $latestDate = '';
     $entries='';
     $i=0;
@@ -794,7 +776,7 @@ function showATOM()
     $feed='<?xml version="1.0" encoding="UTF-8"?><feed xmlns="http://www.w3.org/2005/Atom">';
     $feed.='<title>'.$GLOBALS['title'].'</title>';
     if (!$GLOBALS['config']['HIDE_TIMESTAMPS'] || isLoggedIn()) $feed.='<updated>'.escape($latestDate).'</updated>';
-    $feed.='<link rel="self" href="'.escape(serverUrl().$_SERVER["REQUEST_URI"]).'" />';
+    $feed.='<link rel="self" href="'.escape(server_url($_SERVER).$_SERVER["REQUEST_URI"]).'" />';
     if (!empty($GLOBALS['config']['PUBSUBHUB_URL']))
     {
         $feed.='<!-- PubSubHubbub Discovery -->';
@@ -804,7 +786,7 @@ function showATOM()
     $feed.='<author><name>'.$pageaddr.'</name><uri>'.$pageaddr.'</uri></author>';
     $feed.='<id>'.$pageaddr.'</id>'."\n\n"; // Yes, I know I should use a real IRI (RFC3987), but the site URL will do.
     $feed.=$entries;
-    $feed.='</feed><!-- Cached version of '.escape(pageUrl()).' -->';
+    $feed.='</feed><!-- Cached version of '.escape(page_url($_SERVER)).' -->';
     echo $feed;
 
     $cache->cache(ob_get_contents());
@@ -821,7 +803,7 @@ function showDailyRSS() {
     $query = $_SERVER["QUERY_STRING"];
     $cache = new CachedPage(
         $GLOBALS['config']['PAGECACHE'],
-        pageUrl(),
+        page_url($_SERVER),
         startsWith($query,'do=dailyrss') && !isLoggedIn()
     );
     $cached = $cache->cachedVersion();
@@ -866,7 +848,7 @@ function showDailyRSS() {
 
     // Build the RSS feed.
     header('Content-Type: application/rss+xml; charset=utf-8');
-    $pageaddr = escape(indexUrl());
+    $pageaddr = escape(index_url($_SERVER));
     echo '<?xml version="1.0" encoding="UTF-8"?><rss version="2.0">';
     echo '<channel>';
     echo '<title>Daily - '. $GLOBALS['title'] . '</title>';
@@ -879,7 +861,7 @@ function showDailyRSS() {
     foreach ($days as $day => $linkdates) {
         $daydate = linkdate2timestamp($day.'_000000'); // Full text date
         $rfc822date = linkdate2rfc822($day.'_000000');
-        $absurl = escape(indexUrl().'?do=daily&day='.$day);  // Absolute URL of the corresponding "Daily" page.
+        $absurl = escape(index_url($_SERVER).'?do=daily&day='.$day);  // Absolute URL of the corresponding "Daily" page.
 
         // Build the HTML body of this RSS entry.
         $html = '';
@@ -893,7 +875,7 @@ function showDailyRSS() {
             $l['thumbnail'] = thumbnail($l['url']);
             $l['timestamp'] = linkdate2timestamp($l['linkdate']);
             if (startsWith($l['url'], '?')) {
-                $l['url'] = indexUrl() . $l['url'];  // make permalink URL absolute
+                $l['url'] = index_url($_SERVER) . $l['url'];  // make permalink URL absolute
             }
             $links[$linkdate] = $l;
         }
@@ -909,7 +891,7 @@ function showDailyRSS() {
 
         echo $html . PHP_EOL;
     }
-    echo '</channel></rss><!-- Cached version of '. escape(pageUrl()) .' -->';
+    echo '</channel></rss><!-- Cached version of '. escape(page_url($_SERVER)) .' -->';
 
     $cache->cache(ob_get_contents());
     ob_end_flush();
@@ -1201,7 +1183,7 @@ function renderPage()
     {
         $PAGE = new pageBuilder;
         $PAGE->assign('linkcount',count($LINKSDB));
-        $PAGE->assign('pageabsaddr',indexUrl());
+        $PAGE->assign('pageabsaddr',index_url($_SERVER));
         $PAGE->renderPage('tools');
         exit;
     }
@@ -1454,12 +1436,11 @@ function renderPage()
 
     // -------- User want to post a new link: Display link edit form.
     if (isset($_GET['post'])) {
-        $url = new Url($_GET['post']);
-        $url->cleanup();
+        $url = cleanup_url($_GET['post']);
 
         $link_is_new = false;
         // Check if URL is not already in database (in this case, we will edit the existing link)
-        $link = $LINKSDB->getLinkFromUrl((string)$url);
+        $link = $LINKSDB->getLinkFromUrl($url);
         if (!$link)
         {
             $link_is_new = true;
@@ -1471,7 +1452,7 @@ function renderPage()
             $tags = (empty($_GET['tags']) ? '' : $_GET['tags'] );
             $private = (!empty($_GET['private']) && $_GET['private'] === "1" ? 1 : 0);
             // If this is an HTTP(S) link, we try go get the page to extract the title (otherwise we will to straight to the edit form.)
-            if (empty($title) && strpos($url->getScheme(), 'http') !== false) {
+            if (empty($title) && strpos(get_url_scheme($url), 'http') !== false) {
                 // Short timeout to keep the application responsive
                 list($headers, $data) = get_http_url($url, 4);
                 // FIXME: Decode charset according to specified in either 1) HTTP response headers or 2) <head> in html
@@ -1505,7 +1486,7 @@ function renderPage()
             $link = array(
                 'linkdate' => $linkdate,
                 'title' => $title,
-                'url' => (string)$url,
+                'url' => $url,
                 'description' => $description,
                 'tags' => $tags,
                 'private' => $private
@@ -1768,7 +1749,7 @@ function buildLinkList($PAGE,$LINKSDB)
 
         if ($link["url"][0] === '?' && // Check for both signs of a note: starting with ? and 7 chars long. I doubt that you'll post any links that look like this.
             strlen($link["url"]) === 7) {
-            $link["url"] = indexUrl() . $link["url"];
+            $link["url"] = index_url($_SERVER) . $link["url"];
         }
 
         $linkDisp[$keys[$i]] = $link;
@@ -1903,7 +1884,7 @@ function computeThumbnail($url,$href=false)
             if ("/talks/" !== substr($path,0,7)) return array(); // This is not a single video URL.
         }
         $sign = hash_hmac('sha256', $url, $GLOBALS['salt']); // We use the salt to sign data (it's random, secret, and specific to each installation)
-        return array('src'=>indexUrl().'?do=genthumbnail&hmac='.$sign.'&url='.urlencode($url),
+        return array('src'=>index_url($_SERVER).'?do=genthumbnail&hmac='.$sign.'&url='.urlencode($url),
                      'href'=>$href,'width'=>'120','style'=>'height:auto;','alt'=>'thumbnail');
     }
 
@@ -1914,7 +1895,7 @@ function computeThumbnail($url,$href=false)
     if ($ext=='jpg' || $ext=='jpeg' || $ext=='png' || $ext=='gif')
     {
         $sign = hash_hmac('sha256', $url, $GLOBALS['salt']); // We use the salt to sign data (it's random, secret, and specific to each installation)
-        return array('src'=>indexUrl().'?do=genthumbnail&hmac='.$sign.'&url='.urlencode($url),
+        return array('src'=>index_url($_SERVER).'?do=genthumbnail&hmac='.$sign.'&url='.urlencode($url),
                      'href'=>$href,'width'=>'120','style'=>'height:auto;','alt'=>'thumbnail');
     }
     return array(); // No thumbnail.
@@ -2000,11 +1981,11 @@ function install()
     if (!isset($_SESSION['session_tested']))
     {   // Step 1 : Try to store data in session and reload page.
         $_SESSION['session_tested'] = 'Working';  // Try to set a variable in session.
-        header('Location: '.indexUrl().'?test_session');  // Redirect to check stored data.
+        header('Location: '.index_url($_SERVER).'?test_session');  // Redirect to check stored data.
     }
     if (isset($_GET['test_session']))
     {   // Step 3: Sessions are OK. Remove test parameter from URL.
-        header('Location: '.indexUrl());
+        header('Location: '.index_url($_SERVER));
     }
 
 
@@ -2021,7 +2002,7 @@ function install()
         $GLOBALS['login'] = $_POST['setlogin'];
         $GLOBALS['salt'] = sha1(uniqid('',true).'_'.mt_rand()); // Salt renders rainbow-tables attacks useless.
         $GLOBALS['hash'] = sha1($_POST['setpassword'].$GLOBALS['login'].$GLOBALS['salt']);
-        $GLOBALS['title'] = (empty($_POST['title']) ? 'Shared links on '.escape(indexUrl()) : $_POST['title'] );
+        $GLOBALS['title'] = (empty($_POST['title']) ? 'Shared links on '.escape(index_url($_SERVER)) : $_POST['title'] );
         $GLOBALS['config']['ENABLE_UPDATECHECK'] = !empty($_POST['updateCheck']);
         try {
             writeConfig($GLOBALS, isLoggedIn());