Merge pull request #384 from roidelapluie/master

fill session info when shaarli is in open mode

diff --combined index.php
index 8eda9880f9c995f86b62b2e786e3d73ba321fb78,3f3823b392603c3c26eb46c08bbb4013f8638855..be181a2c8006208b0b35d9d6a7156da3aa6b4868
--- 1/index.php
--- 2/index.php
+++ b/index.php
@@@ -248,11 -248,11 +248,11 @@@ header('Content-Type: text/html; charse
  //==================================================================================================
  
  function setup_login_state() {
-       $userIsLoggedIn = false; // By default, we do not consider the user as logged in;
-       $loginFailure = false; // If set to true, every attempt to authenticate the user will fail. This indicates that an important condition isn't met.
        if ($GLOBALS['config']['OPEN_SHAARLI']) {
-           $userIsLoggedIn = true;
+           return true;
        }
+       $userIsLoggedIn = false; // By default, we do not consider the user as logged in;
+       $loginFailure = false; // If set to true, every attempt to authenticate the user will fail. This indicates that an important condition isn't met.
        if (!isset($GLOBALS['login'])) {
            $userIsLoggedIn = false;  // Shaarli is not configured yet.
            $loginFailure = true;
@@@ -679,8 -679,8 +679,8 @@@ class pageBuilde
              $this->tpl->assign('pagetitle', $GLOBALS['pagetitle']);
          }
          $this->tpl->assign('shaarlititle', empty($GLOBALS['title']) ? 'Shaarli': $GLOBALS['title']);
 -        if (!empty($GLOBALS['plugins']['errors'])) {
 -            $this->tpl->assign('plugin_errors', $GLOBALS['plugins']['errors']);
 +        if (!empty($GLOBALS['plugin_errors'])) {
 +            $this->tpl->assign('plugin_errors', $GLOBALS['plugin_errors']);
          }
      }
  
@@@ -727,7 -727,7 +727,7 @@@ function showRSS(
      // If cached was not found (or not usable), then read the database and build the response:
      $LINKSDB = new LinkDB(
          $GLOBALS['config']['DATASTORE'],
-         isLoggedIn() || $GLOBALS['config']['OPEN_SHAARLI'],
+         isLoggedIn(),
          $GLOBALS['config']['HIDE_PUBLIC_LINKS']
      );
      // Read links from database (and filter private links if user it not logged in).
@@@ -816,7 -816,7 +816,7 @@@ function showATOM(
      // Read links from database (and filter private links if used it not logged in).
      $LINKSDB = new LinkDB(
          $GLOBALS['config']['DATASTORE'],
-         isLoggedIn() || $GLOBALS['config']['OPEN_SHAARLI'],
+         isLoggedIn(),
          $GLOBALS['config']['HIDE_PUBLIC_LINKS']
      );
  
@@@ -910,7 -910,7 +910,7 @@@ function showDailyRSS() 
      // Read links from database (and filter private links if used it not logged in).
      $LINKSDB = new LinkDB(
          $GLOBALS['config']['DATASTORE'],
-         isLoggedIn() || $GLOBALS['config']['OPEN_SHAARLI'],
+         isLoggedIn(),
          $GLOBALS['config']['HIDE_PUBLIC_LINKS']
      );
  
@@@ -997,7 -997,7 +997,7 @@@ function showDaily(
  {
      $LINKSDB = new LinkDB(
          $GLOBALS['config']['DATASTORE'],
-         isLoggedIn() || $GLOBALS['config']['OPEN_SHAARLI'],
+         isLoggedIn(),
          $GLOBALS['config']['HIDE_PUBLIC_LINKS']
      );
  
@@@ -1088,7 -1088,7 +1088,7 @@@ function renderPage(
  {
      $LINKSDB = new LinkDB(
          $GLOBALS['config']['DATASTORE'],
-         isLoggedIn() || $GLOBALS['config']['OPEN_SHAARLI'],
+         isLoggedIn(),
          $GLOBALS['config']['HIDE_PUBLIC_LINKS']
      );
  
@@@ -1204,14 -1204,6 +1204,14 @@@
          exit;
      }
  
 +    // Display openseach plugin (XML)
 +    if ($targetPage == Router::$PAGE_OPENSEARCH) {
 +        header('Content-Type: application/xml; charset=utf-8');
 +        $PAGE->assign('serverurl', index_url($_SERVER));
 +        $PAGE->renderPage('opensearch');
 +        exit;
 +    }
 +
      // -------- User clicks on a tag in a link: The tag is added to the list of searched tags (searchtags=...)
      if (isset($_GET['addtag']))
      {
@@@ -1619,11 -1611,11 +1619,11 @@@
              $link_is_new = true;
              $linkdate = strval(date('Ymd_His'));
              // Get title if it was provided in URL (by the bookmarklet).
 -            $title = (empty($_GET['title']) ? '' : $_GET['title'] );
 +            $title = empty($_GET['title']) ? '' : escape($_GET['title']);
              // Get description if it was provided in URL (by the bookmarklet). [Bronco added that]
 -            $description = (empty($_GET['description']) ? '' : $_GET['description']);
 -            $tags = (empty($_GET['tags']) ? '' : $_GET['tags'] );
 -            $private = (!empty($_GET['private']) && $_GET['private'] === "1" ? 1 : 0);
 +            $description = empty($_GET['description']) ? '' : escape($_GET['description']);
 +            $tags = empty($_GET['tags']) ? '' : escape($_GET['tags']);
 +            $private = !empty($_GET['private']) && $_GET['private'] === "1" ? 1 : 0;
              // If this is an HTTP(S) link, we try go get the page to extract the title (otherwise we will to straight to the edit form.)
              if (empty($title) && strpos(get_url_scheme($url), 'http') !== false) {
                  // Short timeout to keep the application responsive
@@@ -1759,10 -1751,10 +1759,10 @@@ HTML
  // Process the import file form.
  function importFile()
  {
-     if (!(isLoggedIn() || $GLOBALS['config']['OPEN_SHAARLI'])) { die('Not allowed.'); }
+     if (!isLoggedIn()) { die('Not allowed.'); }
      $LINKSDB = new LinkDB(
          $GLOBALS['config']['DATASTORE'],
-         isLoggedIn() || $GLOBALS['config']['OPEN_SHAARLI'],
+         isLoggedIn(),
          $GLOBALS['config']['HIDE_PUBLIC_LINKS']
      );
      $filename=$_FILES['filetoupload']['name'];