X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=index.php;h=e2c68869f5112b55d5b81a4e962ccab148aa7c3f;hb=2e45fdd8ff84678215ac838133f89c57580b59af;hp=b594287c90220ca87739925af766c0537b87f876;hpb=e0cbb078723ad521496c53ff84a9cd29d9dd327a;p=github%2Fshaarli%2FShaarli.git diff --git a/index.php b/index.php index b594287c..e2c68869 100644 --- a/index.php +++ b/index.php @@ -21,16 +21,18 @@ $GLOBALS['config']['BAN_AFTER'] = 4; // Ban IP after this many failures. $GLOBALS['config']['BAN_DURATION'] = 1800; // Ban duration for IP address after login failures (in seconds) (1800 sec. = 30 minutes) $GLOBALS['config']['OPEN_SHAARLI'] = false; // If true, anyone can add/edit/delete links without having to login $GLOBALS['config']['HIDE_TIMESTAMPS'] = false; // If true, the moment when links were saved are not shown to users that are not logged in. +$GLOBALS['config']['SHOW_ATOM'] = false; // If true, an extra "ATOM feed" button will be displayed in the toolbar $GLOBALS['config']['ENABLE_THUMBNAILS'] = true; // Enable thumbnails in links. $GLOBALS['config']['CACHEDIR'] = 'cache'; // Cache directory for thumbnails for SLOW services (like flickr) $GLOBALS['config']['PAGECACHE'] = 'pagecache'; // Page cache directory. $GLOBALS['config']['ENABLE_LOCALCACHE'] = true; // Enable Shaarli to store thumbnail in a local cache. Disable to reduce web space usage. $GLOBALS['config']['PUBSUBHUB_URL'] = ''; // PubSubHubbub support. Put an empty string to disable, or put your hub url here to enable. -$GLOBALS['config']['RAINTPL_TMP'] = 'tmp' ; // Raintpl cache directory -$GLOBALS['config']['RAINTPL_TPL'] = 'tpl/' ; // Raintpl template directory (keep the trailling slash!) +$GLOBALS['config']['RAINTPL_TMP'] = 'tmp/' ; // Raintpl cache directory (keep the trailing slash!) +$GLOBALS['config']['RAINTPL_TPL'] = 'tpl/' ; // Raintpl template directory (keep the trailing slash!) $GLOBALS['config']['UPDATECHECK_FILENAME'] = $GLOBALS['config']['DATADIR'].'/lastupdatecheck.txt'; // For updates check of Shaarli. $GLOBALS['config']['UPDATECHECK_INTERVAL'] = 86400 ; // Updates check frequency for Shaarli. 86400 seconds=24 hours // Note: You must have publisher.php in the same directory as Shaarli index.php +$GLOBALS['config']['ARCHIVE_ORG'] = false; // For each link, add a link to an archived version on archive.org // ----------------------------------------------------------------------------------------------- // You should not touch below (or at your own risks!) // Optional config file. @@ -133,7 +135,7 @@ function checkUpdate() if (!is_file($GLOBALS['config']['UPDATECHECK_FILENAME']) || (filemtime($GLOBALS['config']['UPDATECHECK_FILENAME'])links as $l) { - $found= (strpos(strtolower($l['title']),$s)!==false) - || (strpos(strtolower($l['description']),$s)!==false) - || (strpos(strtolower($l['url']),$s)!==false) - || (strpos(strtolower($l['tags']),$s)!==false); + $found= (strpos(mb_convert_case($l['title'], MB_CASE_LOWER, 'UTF-8'),$s) !== false) + || (strpos(mb_convert_case($l['description'], MB_CASE_LOWER, 'UTF-8'),$s) !== false) + || (strpos(mb_convert_case($l['url'], MB_CASE_LOWER, 'UTF-8'),$s) !== false) + || (strpos(mb_convert_case($l['tags'], MB_CASE_LOWER, 'UTF-8'),$s) !== false); if ($found) $filtered[$l['linkdate']] = $l; } krsort($filtered); @@ -811,12 +815,14 @@ class linkdb implements Iterator, Countable, ArrayAccess // e.g. print_r($mydb->filterTags('linux programming')); public function filterTags($tags,$casesensitive=false) { - $t = str_replace(',',' ',($casesensitive?$tags:strtolower($tags))); + // Same as above, we use UTF-8 conversion to handle various graphemes (i.e. cyrillic, or greek) + // TODO: is $casesensitive ever true ? + $t = str_replace(',',' ',($casesensitive?$tags:mb_convert_case($tags, MB_CASE_LOWER, 'UTF-8'))); $searchtags=explode(' ',$t); $filtered=array(); foreach($this->links as $l) { - $linktags = explode(' ',($casesensitive?$l['tags']:strtolower($l['tags']))); + $linktags = explode(' ',($casesensitive?$l['tags']:mb_convert_case($l['tags'], MB_CASE_LOWER, 'UTF-8'))); if (count(array_intersect($linktags,$searchtags)) == count($searchtags)) $filtered[$l['linkdate']] = $l; } @@ -905,7 +911,7 @@ function showRSS() else $linksToDisplay = $LINKSDB; $nblinksToDisplay = 50; // Number of links to display. if (!empty($_GET['nb'])) // In URL, you can specificy the number of links. Example: nb=200 or nb=all for all links. - { + { $nblinksToDisplay = $_GET['nb']=='all' ? count($linksToDisplay) : max($_GET['nb']+0,1) ; } @@ -980,7 +986,7 @@ function showATOM() else $linksToDisplay = $LINKSDB; $nblinksToDisplay = 50; // Number of links to display. if (!empty($_GET['nb'])) // In URL, you can specificy the number of links. Example: nb=200 or nb=all for all links. - { + { $nblinksToDisplay = $_GET['nb']=='all' ? count($linksToDisplay) : max($_GET['nb']+0,1) ; } @@ -1265,7 +1271,25 @@ function renderPage() // Get previous URL (http_referer) and add the tag to the searchtags parameters in query. if (empty($_SERVER['HTTP_REFERER'])) { header('Location: ?searchtags='.urlencode($_GET['addtag'])); exit; } // In case browser does not send HTTP_REFERER parse_str(parse_url($_SERVER['HTTP_REFERER'],PHP_URL_QUERY), $params); - $params['searchtags'] = (empty($params['searchtags']) ? trim($_GET['addtag']) : trim($params['searchtags']).' '.trim($_GET['addtag'])); + + // Check if this tag is already in the search query and ignore it if it is. + // Each tag is always separated by a space + $current_tags = explode(' ', $params['searchtags']); + $addtag = true; + foreach ($current_tags as $value) { + if ($value === $_GET['addtag']) { + $addtag = false; + break; + } + } + // Append the tag if necessary + if (empty($params['searchtags'])) { + $params['searchtags'] = trim($_GET['addtag']); + } + else if ($addtag) { + $params['searchtags'] = trim($params['searchtags']).' '.trim($_GET['addtag']); + } + unset($params['page']); // We also remove page (keeping the same page has no sense, since the results are different) header('Location: ?'.http_build_query($params)); exit; @@ -1329,6 +1353,14 @@ function renderPage() header('Location: ?do=login&post='.urlencode($_GET['post']).(!empty($_GET['title'])?'&title='.urlencode($_GET['title']):'').(!empty($_GET['description'])?'&description='.urlencode($_GET['description']):'').(!empty($_GET['source'])?'&source='.urlencode($_GET['source']):'')); // Redirect to login page, then back to post link. exit; } + + // Same case as above except that user tried to access ?do=addlink without being logged in + // Note: passing empty parameters makes Shaarli generate default URLs and descriptions. + if (isset($_GET['do']) && $_GET['do'] === 'addlink') { + header('Location: ?do=login&post='); + exit; + } + $PAGE = new pageBuilder; buildLinkList($PAGE,$LINKSDB); // Compute list of links to display $PAGE->renderPage('linklist'); @@ -1556,7 +1588,7 @@ function renderPage() $title = (empty($_GET['title']) ? '' : $_GET['title'] ); // Get title if it was provided in URL (by the bookmarklet). $description = (empty($_GET['description']) ? '' : $_GET['description']); // Get description if it was provided in URL (by the bookmarklet). [Bronco added that] $tags = (empty($_GET['tags']) ? '' : $_GET['tags'] ); // Get tags if it was provided in URL - $private = (!empty($_GET['private']) && $_GET['private'] === "1" ? 1 : 0); // Get private if it was provided in URL + $private = (!empty($_GET['private']) && $_GET['private'] === "1" ? 1 : 0); // Get private if it was provided in URL if (($url!='') && parse_url($url,PHP_URL_SCHEME)=='') $url = 'http://'.$url; // If this is an HTTP link, we try go get the page to extract the title (otherwise we will to straight to the edit form.) if (empty($title) && parse_url($url,PHP_URL_SCHEME)=='http') @@ -1567,7 +1599,7 @@ function renderPage() { // Look for charset in html header. preg_match('##Usi', $data, $meta); - + // If found, extract encoding. if (!empty($meta[0])) { @@ -1577,7 +1609,7 @@ function renderPage() $html_charset = (!empty($enc[1])) ? strtolower($enc[1]) : 'utf-8'; } else { $html_charset = 'utf-8'; } - + // Extract title $title = html_extract_title($data); if (!empty($title)) @@ -1587,7 +1619,11 @@ function renderPage() } } } - if ($url=='') $url='?'.smallHash($linkdate); // In case of empty URL, this is just a text (with a link that point to itself) + if ($url=='') // In case of empty URL, this is just a text (with a link that points to itself) + { + $url='?'.smallHash($linkdate); + $title='Note: '; + } $link = array('linkdate'=>$linkdate,'title'=>$title,'url'=>$url,'description'=>$description,'tags'=>$tags,'private'=>$private); } @@ -1887,13 +1923,13 @@ function computeThumbnail($url,$href=false) if ($domain=='youtube.com' || $domain=='www.youtube.com') { parse_str(parse_url($url,PHP_URL_QUERY), $params); // Extract video ID and get thumbnail - if (!empty($params['v'])) return array('src'=>'http://img.youtube.com/vi/'.$params['v'].'/default.jpg', + if (!empty($params['v'])) return array('src'=>'https://img.youtube.com/vi/'.$params['v'].'/default.jpg', 'href'=>$href,'width'=>'120','height'=>'90','alt'=>'YouTube thumbnail'); } if ($domain=='youtu.be') // Youtube short links { $path = parse_url($url,PHP_URL_PATH); - return array('src'=>'http://img.youtube.com/vi'.$path.'/default.jpg', + return array('src'=>'https://img.youtube.com/vi'.$path.'/default.jpg', 'href'=>$href,'width'=>'120','height'=>'90','alt'=>'YouTube thumbnail'); } if ($domain=='pix.toile-libre.org') // pix.toile-libre.org image hosting @@ -1907,18 +1943,18 @@ function computeThumbnail($url,$href=false) { $path = parse_url($url,PHP_URL_PATH); if (startsWith($path,'/a/')) return array(); // Thumbnails for albums are not available. - if (startsWith($path,'/r/')) return array('src'=>'http://i.imgur.com/'.basename($path).'s.jpg', + if (startsWith($path,'/r/')) return array('src'=>'https://i.imgur.com/'.basename($path).'s.jpg', 'href'=>$href,'width'=>'90','height'=>'90','alt'=>'imgur.com thumbnail'); - if (startsWith($path,'/gallery/')) return array('src'=>'http://i.imgur.com'.substr($path,8).'s.jpg', + if (startsWith($path,'/gallery/')) return array('src'=>'https://i.imgur.com'.substr($path,8).'s.jpg', 'href'=>$href,'width'=>'90','height'=>'90','alt'=>'imgur.com thumbnail'); - if (substr_count($path,'/')==1) return array('src'=>'http://i.imgur.com/'.substr($path,1).'s.jpg', + if (substr_count($path,'/')==1) return array('src'=>'https://i.imgur.com/'.substr($path,1).'s.jpg', 'href'=>$href,'width'=>'90','height'=>'90','alt'=>'imgur.com thumbnail'); } if ($domain=='i.imgur.com') { $pi = pathinfo(parse_url($url,PHP_URL_PATH)); - if (!empty($pi['filename'])) return array('src'=>'http://i.imgur.com/'.$pi['filename'].'s.jpg', + if (!empty($pi['filename'])) return array('src'=>'https://i.imgur.com/'.$pi['filename'].'s.jpg', 'href'=>$href,'width'=>'90','height'=>'90','alt'=>'imgur.com thumbnail'); } if ($domain=='dailymotion.com' || $domain=='www.dailymotion.com') @@ -2062,7 +2098,9 @@ function install() { // Step 2: Check if data in session is correct. echo '
Sessions do not seem to work correctly on your server.
';
         echo 'Make sure the variable session.save_path is set correctly in your php config, and that you have write access to it.
';
-        echo 'It currently points to '.session_save_path().'

Click to try again.
'; + echo 'It currently points to '.session_save_path().'
'; + echo 'Check that the hostname used to access Shaarli contains a dot. On some browsers, accessing your server via a hostname like \'localhost\' or any custom hostname without a dot causes cookie storage to fail. We recommend accessing your server via it\'s IP address or Fully Qualified Domain Name.
'; + echo '
Click to try again.'; die; } if (!isset($_SESSION['session_tested'])) @@ -2349,7 +2387,7 @@ function genThumbnail() // This is more complex: we have to perform a HTTP request, then parse the result. // Maybe we should deport this to JavaScript ? Example: http://stackoverflow.com/questions/1361149/get-img-thumbnails-from-vimeo/4285098#4285098 $vid = substr(parse_url($url,PHP_URL_PATH),1); - list($httpstatus,$headers,$data) = getHTTP('http://vimeo.com/api/v2/video/'.htmlspecialchars($vid).'.php',5); + list($httpstatus,$headers,$data) = getHTTP('https://vimeo.com/api/v2/video/'.htmlspecialchars($vid).'.php',5); if (strpos($httpstatus,'200 OK')!==false) { $t = unserialize($data);