// Force logout
public static function logout()
{
- unset($_SESSION['uid'],$_SESSION['info'],$_SESSION['expires_on'],$_SESSION['tokens']);
+ unset($_SESSION['uid'],$_SESSION['info'],$_SESSION['expires_on'],$_SESSION['tokens'], $_SESSION['login'], $_SESSION['pass']);
}
// Make sure user is logged in.
define ('CONVERT_LINKS_FOOTNOTES', TRUE);
define ('REVERT_FORCED_PARAGRAPH_ELEMENTS',FALSE);
define ('DOWNLOAD_PICTURES', TRUE);
+define ('SALT', '464v54gLLw928uz4zUBqkRJeiPY68zCX');
$storage_type = 'sqlite'; # sqlite or file
include 'functions.php';
Session::init();
-$store = new $storage_type();
-$msg = new Messages();
-
+$store = new $storage_type();
# initialisation de RainTPL
raintpl::$tpl_dir = './tpl/';
raintpl::$cache_dir = './cache/';
raintpl::configure('path_replace', false);
raintpl::configure('debug', false);
$tpl = new raintpl();
+
+if(!$store->isInstalled())
+{
+ logm('poche still not installed');
+ $tpl->draw('install');
+ if (isset($_GET['install'])) {
+ if (($_POST['password'] == $_POST['password_repeat'])
+ && $_POST['password'] != "" && $_POST['login'] != "") {
+ $store->install($_POST['login'], encode_string($_POST['password'] . $_POST['login']));
+ Session::logout();
+ MyTool::redirect();
+ }
+ }
+ exit();
+}
+
+$_SESSION['login'] = (isset ($_SESSION['login'])) ? $_SESSION['login'] : $store->getLogin();
+$_SESSION['pass'] = (isset ($_SESSION['pass'])) ? $_SESSION['pass'] : $store->getPassword();
+
+$msg = new Messages();
$tpl->assign('msg', $msg);
\ No newline at end of file
return $protocol . "://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
}
+function encode_string($string)
+{
+ return sha1($string . SALT);
+}
+
// function define to retrieve url content
function get_external_file($url)
{
break;
case 'toggle_fav' :
$store->favoriteById($id);
- $msg->add('s', 'the favorite toggle has been done successfully');
logm('mark as favorite link #' . $id);
break;
case 'toggle_archive' :
$store->archiveById($id);
- $msg->add('s', 'the archive toggle has been done successfully');
logm('archive link #' . $id);
break;
default:
parent::__construct();
$this->handle = new PDO(self::$db_path);
- $this->handle->exec('CREATE TABLE IF NOT EXISTS "entries" ("id" INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL UNIQUE , "title" VARCHAR, "url" VARCHAR UNIQUE , "is_read" INTEGER DEFAULT 0, "is_fav" INTEGER DEFAULT 0, "content" BLOB)');
$this->handle->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
}
return $this->handle;
}
+ public function isInstalled() {
+ $sql = "SELECT name FROM sqlite_sequence WHERE name=?";
+ $query = $this->executeQuery($sql, array('config'));
+ $hasConfig = $query->fetchAll();
+
+ if (count($hasConfig) == 0)
+ return FALSE;
+
+ if (!$this->getLogin() || !$this->getPassword())
+ return FALSE;
+
+ return TRUE;
+ }
+
+ public function install($login, $password) {
+ $this->getHandle()->exec('CREATE TABLE IF NOT EXISTS "config" ("id" INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL UNIQUE , "name" VARCHAR UNIQUE, "value" BLOB)');
+
+ $this->handle->exec('CREATE TABLE IF NOT EXISTS "entries" ("id" INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL UNIQUE , "title" VARCHAR, "url" VARCHAR UNIQUE , "is_read" INTEGER DEFAULT 0, "is_fav" INTEGER DEFAULT 0, "content" BLOB)');
+
+ if (!$this->getLogin()) {
+ $sql_login = 'INSERT INTO config ( name, value ) VALUES (?, ?)';
+ $params_login = array('login', $login);
+ $query = $this->executeQuery($sql_login, $params_login);
+ }
+
+ if (!$this->getPassword()) {
+ $sql_pass = 'INSERT INTO config ( name, value ) VALUES (?, ?)';
+ $params_pass = array('password', $password);
+ $query = $this->executeQuery($sql_pass, $params_pass);
+ }
+
+ return TRUE;
+ }
+
+ public function getLogin() {
+ $sql = "SELECT value FROM config WHERE name=?";
+ $query = $this->executeQuery($sql, array('login'));
+ $login = $query->fetchAll();
+
+ return isset($login[0]['value']) ? $login[0]['value'] : FALSE;
+ }
+
+ public function getPassword() {
+ $sql = "SELECT value FROM config WHERE name=?";
+ $query = $this->executeQuery($sql, array('password'));
+ $pass = $query->fetchAll();
+
+ return isset($pass[0]['value']) ? $pass[0]['value'] : FALSE;
+ }
+
private function executeQuery($sql, $params) {
try
{
}
+ public function getLogin() {
+
+ }
+
+ public function getPassword() {
+
+ }
+
public function add() {
}
if (isset($_GET['login'])) {
// Login
if (!empty($_POST['login']) && !empty($_POST['password'])) {
- if (Session::login('poche', 'poche', $_POST['login'], $_POST['password'])) {
+// echo $_SESSION['login']."<br>";
+// echo $_SESSION['pass']."<br>";
+// echo $_POST['login']."<br>";
+// echo encode_string($_POST['password'] . $_POST['login']);
+// die;
+ if (Session::login($_SESSION['login'], $_SESSION['pass'], $_POST['login'], encode_string($_POST['password'] . $_POST['login']))) {
logm('login successful');
- $msg->add('s', 'welcome in your pocket!');
+ $msg->add('s', 'welcome in your poche!');
if (!empty($_POST['longlastingsession'])) {
$_SESSION['longlastingsession'] = 31536000;
$_SESSION['expires_on'] = time() + $_SESSION['longlastingsession'];
--- /dev/null
+{include="head"}
+ <body class="light-style">
+ <header>
+ <h1><a href="index.php"><img src="./img/logo.png" alt="logo poche" /></a>poche</h1>
+ </header>
+ <div id="main">
+ <form method="post" action="?install" name="loginform">
+ <fieldset class="w500p center">
+ <h2 class="mbs txtcenter">install your poche</h2>
+ <div class="row">
+ <label class="col w150p" for="login">Login</label>
+ <input class="col" type="text" id="login" name="login" placeholder="Login" tabindex="1" autofocus />
+ </div>
+ <div class="row">
+ <label class="col w150p" for="password">Password</label>
+ <input class="col" type="password" id="password" name="password" placeholder="Password" tabindex="2">
+ </div>
+ <div class="row">
+ <label class="col w150p" for="password_repeat">Repeat your password</label>
+ <input class="col" type="password" id="password_repeat" name="password_repeat" placeholder="Password" tabindex="3">
+ </div>
+ <div class="row mts txtcenter">
+ <button class="bouton" type="submit" tabindex="4">Install</button>
+ </div>
+ </fieldset>
+ <input type="hidden" name="returnurl" value="<?php echo htmlspecialchars($referer);?>">
+ <input type="hidden" name="token" value="<?php echo Session::getToken(); ?>">
+ </form>
+
+{include="footer"}
<input class="col" type="text" id="login" name="login" placeholder="Login" tabindex="1" autofocus />
</div>
<div class="row">
- <label class="col w150p" for="password" >Password</label>
+ <label class="col w150p" for="password">Password</label>
<input class="col" type="password" id="password" name="password" placeholder="Password" tabindex="2">
</div>
<div class="row">
projects / github / wallabag / wallabag.git / commitdiff
