diff options
author | ArthurHoaro <arthur@hoa.ro> | 2015-01-08 15:09:46 +0100 |
---|---|---|
committer | ArthurHoaro <arthur@hoa.ro> | 2015-01-09 09:47:48 +0100 |
commit | fe16b01edb80ac2f2212125fadba8358dff91b95 (patch) | |
tree | c19fbb34904a1c5148202d01fa723d29b0e1557d /index.php | |
parent | a2d5ef2127881561bf359390fac2d8d336a37335 (diff) | |
download | Shaarli-fe16b01edb80ac2f2212125fadba8358dff91b95.tar.gz Shaarli-fe16b01edb80ac2f2212125fadba8358dff91b95.tar.zst Shaarli-fe16b01edb80ac2f2212125fadba8358dff91b95.zip |
* removed the language attribute on the script element since it is obsolete and we can safely omit it.
* make QRCode JS works with IE :
* behave as a normal link if canvas aren't supported (<=IE8)
* default parameter values in JS aren't widely supported (see: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Functions/Default_parameters ), use this method instead: http://stackoverflow.com/a/148918/1484919
* dataset isn't supported in IE9 use getAttribute instead
* addEventListener works with IE9+ and other browsers
Diffstat (limited to 'index.php')
-rw-r--r-- | index.php | 30 |
1 files changed, 15 insertions, 15 deletions
@@ -430,7 +430,7 @@ if (isset($_POST['login'])) | |||
430 | ban_loginFailed(); | 430 | ban_loginFailed(); |
431 | $redir = ''; | 431 | $redir = ''; |
432 | if (isset($_GET['post'])) { $redir = '&post='.urlencode($_GET['post']).(!empty($_GET['title'])?'&title='.urlencode($_GET['title']):'').(!empty($_GET['description'])?'&description='.urlencode($_GET['description']):'').(!empty($_GET['source'])?'&source='.urlencode($_GET['source']):''); } | 432 | if (isset($_GET['post'])) { $redir = '&post='.urlencode($_GET['post']).(!empty($_GET['title'])?'&title='.urlencode($_GET['title']):'').(!empty($_GET['description'])?'&description='.urlencode($_GET['description']):'').(!empty($_GET['source'])?'&source='.urlencode($_GET['source']):''); } |
433 | echo '<script language="JavaScript">alert("Wrong login/password.");document.location=\'?do=login'.$redir.'\';</script>'; // Redirect to login screen. | 433 | echo '<script>alert("Wrong login/password.");document.location=\'?do=login'.$redir.'\';</script>'; // Redirect to login screen. |
434 | exit; | 434 | exit; |
435 | } | 435 | } |
436 | } | 436 | } |
@@ -1387,12 +1387,12 @@ function renderPage() | |||
1387 | 1387 | ||
1388 | // Make sure old password is correct. | 1388 | // Make sure old password is correct. |
1389 | $oldhash = sha1($_POST['oldpassword'].$GLOBALS['login'].$GLOBALS['salt']); | 1389 | $oldhash = sha1($_POST['oldpassword'].$GLOBALS['login'].$GLOBALS['salt']); |
1390 | if ($oldhash!=$GLOBALS['hash']) { echo '<script language="JavaScript">alert("The old password is not correct.");document.location=\'?do=changepasswd\';</script>'; exit; } | 1390 | if ($oldhash!=$GLOBALS['hash']) { echo '<script>alert("The old password is not correct.");document.location=\'?do=changepasswd\';</script>'; exit; } |
1391 | // Save new password | 1391 | // Save new password |
1392 | $GLOBALS['salt'] = sha1(uniqid('',true).'_'.mt_rand()); // Salt renders rainbow-tables attacks useless. | 1392 | $GLOBALS['salt'] = sha1(uniqid('',true).'_'.mt_rand()); // Salt renders rainbow-tables attacks useless. |
1393 | $GLOBALS['hash'] = sha1($_POST['setpassword'].$GLOBALS['login'].$GLOBALS['salt']); | 1393 | $GLOBALS['hash'] = sha1($_POST['setpassword'].$GLOBALS['login'].$GLOBALS['salt']); |
1394 | writeConfig(); | 1394 | writeConfig(); |
1395 | echo '<script language="JavaScript">alert("Your password has been changed.");document.location=\'?do=tools\';</script>'; | 1395 | echo '<script>alert("Your password has been changed.");document.location=\'?do=tools\';</script>'; |
1396 | exit; | 1396 | exit; |
1397 | } | 1397 | } |
1398 | else // show the change password form. | 1398 | else // show the change password form. |
@@ -1423,7 +1423,7 @@ function renderPage() | |||
1423 | $GLOBALS['disablejquery']=!empty($_POST['disablejquery']); | 1423 | $GLOBALS['disablejquery']=!empty($_POST['disablejquery']); |
1424 | $GLOBALS['privateLinkByDefault']=!empty($_POST['privateLinkByDefault']); | 1424 | $GLOBALS['privateLinkByDefault']=!empty($_POST['privateLinkByDefault']); |
1425 | writeConfig(); | 1425 | writeConfig(); |
1426 | echo '<script language="JavaScript">alert("Configuration was saved.");document.location=\'?do=tools\';</script>'; | 1426 | echo '<script>alert("Configuration was saved.");document.location=\'?do=tools\';</script>'; |
1427 | exit; | 1427 | exit; |
1428 | } | 1428 | } |
1429 | else // Show the configuration form. | 1429 | else // Show the configuration form. |
@@ -1467,7 +1467,7 @@ function renderPage() | |||
1467 | $LINKSDB[$key]=$value; | 1467 | $LINKSDB[$key]=$value; |
1468 | } | 1468 | } |
1469 | $LINKSDB->savedb(); // Save to disk. | 1469 | $LINKSDB->savedb(); // Save to disk. |
1470 | echo '<script language="JavaScript">alert("Tag was removed from '.count($linksToAlter).' links.");document.location=\'?\';</script>'; | 1470 | echo '<script>alert("Tag was removed from '.count($linksToAlter).' links.");document.location=\'?\';</script>'; |
1471 | exit; | 1471 | exit; |
1472 | } | 1472 | } |
1473 | 1473 | ||
@@ -1484,7 +1484,7 @@ function renderPage() | |||
1484 | $LINKSDB[$key]=$value; | 1484 | $LINKSDB[$key]=$value; |
1485 | } | 1485 | } |
1486 | $LINKSDB->savedb(); // Save to disk. | 1486 | $LINKSDB->savedb(); // Save to disk. |
1487 | echo '<script language="JavaScript">alert("Tag was renamed in '.count($linksToAlter).' links.");document.location=\'?searchtags='.urlencode($_POST['totag']).'\';</script>'; | 1487 | echo '<script>alert("Tag was renamed in '.count($linksToAlter).' links.");document.location=\'?searchtags='.urlencode($_POST['totag']).'\';</script>'; |
1488 | exit; | 1488 | exit; |
1489 | } | 1489 | } |
1490 | } | 1490 | } |
@@ -1515,7 +1515,7 @@ function renderPage() | |||
1515 | pubsubhub(); | 1515 | pubsubhub(); |
1516 | 1516 | ||
1517 | // If we are called from the bookmarklet, we must close the popup: | 1517 | // If we are called from the bookmarklet, we must close the popup: |
1518 | if (isset($_GET['source']) && $_GET['source']=='bookmarklet') { echo '<script language="JavaScript">self.close();</script>'; exit; } | 1518 | if (isset($_GET['source']) && $_GET['source']=='bookmarklet') { echo '<script>self.close();</script>'; exit; } |
1519 | $returnurl = ( isset($_POST['returnurl']) ? $_POST['returnurl'] : '?' ); | 1519 | $returnurl = ( isset($_POST['returnurl']) ? $_POST['returnurl'] : '?' ); |
1520 | $returnurl .= '#'.smallHash($linkdate); // Scroll to the link which has been edited. | 1520 | $returnurl .= '#'.smallHash($linkdate); // Scroll to the link which has been edited. |
1521 | header('Location: '.$returnurl); // After saving the link, redirect to the page the user was on. | 1521 | header('Location: '.$returnurl); // After saving the link, redirect to the page the user was on. |
@@ -1526,7 +1526,7 @@ function renderPage() | |||
1526 | if (isset($_POST['cancel_edit'])) | 1526 | if (isset($_POST['cancel_edit'])) |
1527 | { | 1527 | { |
1528 | // If we are called from the bookmarklet, we must close the popup: | 1528 | // If we are called from the bookmarklet, we must close the popup: |
1529 | if (isset($_GET['source']) && $_GET['source']=='bookmarklet') { echo '<script language="JavaScript">self.close();</script>'; exit; } | 1529 | if (isset($_GET['source']) && $_GET['source']=='bookmarklet') { echo '<script>self.close();</script>'; exit; } |
1530 | $returnurl = ( isset($_POST['returnurl']) ? $_POST['returnurl'] : '?' ); | 1530 | $returnurl = ( isset($_POST['returnurl']) ? $_POST['returnurl'] : '?' ); |
1531 | $returnurl .= '#'.smallHash($_POST['lf_linkdate']); // Scroll to the link which has been edited. | 1531 | $returnurl .= '#'.smallHash($_POST['lf_linkdate']); // Scroll to the link which has been edited. |
1532 | header('Location: '.$returnurl); // After canceling, redirect to the page the user was on. | 1532 | header('Location: '.$returnurl); // After canceling, redirect to the page the user was on. |
@@ -1545,7 +1545,7 @@ function renderPage() | |||
1545 | $LINKSDB->savedb(); // save to disk | 1545 | $LINKSDB->savedb(); // save to disk |
1546 | 1546 | ||
1547 | // If we are called from the bookmarklet, we must close the popup: | 1547 | // If we are called from the bookmarklet, we must close the popup: |
1548 | if (isset($_GET['source']) && $_GET['source']=='bookmarklet') { echo '<script language="JavaScript">self.close();</script>'; exit; } | 1548 | if (isset($_GET['source']) && $_GET['source']=='bookmarklet') { echo '<script>self.close();</script>'; exit; } |
1549 | header('Location: ?'); // After deleting the link, redirect to the home page. | 1549 | header('Location: ?'); // After deleting the link, redirect to the home page. |
1550 | exit; | 1550 | exit; |
1551 | } | 1551 | } |
@@ -1681,7 +1681,7 @@ HTML; | |||
1681 | if (!isset($_POST['token']) || (!isset($_FILES)) || (isset($_FILES['filetoupload']['size']) && $_FILES['filetoupload']['size']==0)) | 1681 | if (!isset($_POST['token']) || (!isset($_FILES)) || (isset($_FILES['filetoupload']['size']) && $_FILES['filetoupload']['size']==0)) |
1682 | { | 1682 | { |
1683 | $returnurl = ( empty($_SERVER['HTTP_REFERER']) ? '?' : $_SERVER['HTTP_REFERER'] ); | 1683 | $returnurl = ( empty($_SERVER['HTTP_REFERER']) ? '?' : $_SERVER['HTTP_REFERER'] ); |
1684 | echo '<script language="JavaScript">alert("The file you are trying to upload is probably bigger than what this webserver can accept ('.getMaxFileSize().' bytes). Please upload in smaller chunks.");document.location=\''.htmlspecialchars($returnurl).'\';</script>'; | 1684 | echo '<script>alert("The file you are trying to upload is probably bigger than what this webserver can accept ('.getMaxFileSize().' bytes). Please upload in smaller chunks.");document.location=\''.htmlspecialchars($returnurl).'\';</script>'; |
1685 | exit; | 1685 | exit; |
1686 | } | 1686 | } |
1687 | if (!tokenOk($_POST['token'])) die('Wrong token.'); | 1687 | if (!tokenOk($_POST['token'])) die('Wrong token.'); |
@@ -1785,11 +1785,11 @@ function importFile() | |||
1785 | } | 1785 | } |
1786 | $LINKSDB->savedb(); | 1786 | $LINKSDB->savedb(); |
1787 | 1787 | ||
1788 | echo '<script language="JavaScript">alert("File '.json_encode($filename).' ('.$filesize.' bytes) was successfully processed: '.$import_count.' links imported.");document.location=\'?\';</script>'; | 1788 | echo '<script>alert("File '.json_encode($filename).' ('.$filesize.' bytes) was successfully processed: '.$import_count.' links imported.");document.location=\'?\';</script>'; |
1789 | } | 1789 | } |
1790 | else | 1790 | else |
1791 | { | 1791 | { |
1792 | echo '<script language="JavaScript">alert("File '.json_encode($filename).' ('.$filesize.' bytes) has an unknown file format. Nothing was imported.");document.location=\'?\';</script>'; | 1792 | echo '<script>alert("File '.json_encode($filename).' ('.$filesize.' bytes) has an unknown file format. Nothing was imported.");document.location=\'?\';</script>'; |
1793 | } | 1793 | } |
1794 | } | 1794 | } |
1795 | 1795 | ||
@@ -2123,7 +2123,7 @@ function install() | |||
2123 | $GLOBALS['hash'] = sha1($_POST['setpassword'].$GLOBALS['login'].$GLOBALS['salt']); | 2123 | $GLOBALS['hash'] = sha1($_POST['setpassword'].$GLOBALS['login'].$GLOBALS['salt']); |
2124 | $GLOBALS['title'] = (empty($_POST['title']) ? 'Shared links on '.htmlspecialchars(indexUrl()) : $_POST['title'] ); | 2124 | $GLOBALS['title'] = (empty($_POST['title']) ? 'Shared links on '.htmlspecialchars(indexUrl()) : $_POST['title'] ); |
2125 | writeConfig(); | 2125 | writeConfig(); |
2126 | echo '<script language="JavaScript">alert("Shaarli is now configured. Please enter your login/password and start shaaring your links!");document.location=\'?do=login\';</script>'; | 2126 | echo '<script>alert("Shaarli is now configured. Please enter your login/password and start shaaring your links!");document.location=\'?do=login\';</script>'; |
2127 | exit; | 2127 | exit; |
2128 | } | 2128 | } |
2129 | 2129 | ||
@@ -2177,7 +2177,7 @@ function templateTZform($ptz=false) | |||
2177 | $cities_html = $cities[$pcontinent]; | 2177 | $cities_html = $cities[$pcontinent]; |
2178 | $timezone_form = "Continent: <select name=\"continent\" id=\"continent\" onChange=\"onChangecontinent();\">${continents_html}</select>"; | 2178 | $timezone_form = "Continent: <select name=\"continent\" id=\"continent\" onChange=\"onChangecontinent();\">${continents_html}</select>"; |
2179 | $timezone_form .= " City: <select name=\"city\" id=\"city\">${cities[$pcontinent]}</select><br />"; | 2179 | $timezone_form .= " City: <select name=\"city\" id=\"city\">${cities[$pcontinent]}</select><br />"; |
2180 | $timezone_js = "<script language=\"JavaScript\">"; | 2180 | $timezone_js = "<script>"; |
2181 | $timezone_js .= "function onChangecontinent(){document.getElementById(\"city\").innerHTML = citiescontinent[document.getElementById(\"continent\").value];}"; | 2181 | $timezone_js .= "function onChangecontinent(){document.getElementById(\"city\").innerHTML = citiescontinent[document.getElementById(\"continent\").value];}"; |
2182 | $timezone_js .= "var citiescontinent = ".json_encode($cities).";" ; | 2182 | $timezone_js .= "var citiescontinent = ".json_encode($cities).";" ; |
2183 | $timezone_js .= "</script>" ; | 2183 | $timezone_js .= "</script>" ; |
@@ -2292,7 +2292,7 @@ function writeConfig() | |||
2292 | $config .= ' ?>'; | 2292 | $config .= ' ?>'; |
2293 | if (!file_put_contents($GLOBALS['config']['CONFIG_FILE'],$config) || strcmp(file_get_contents($GLOBALS['config']['CONFIG_FILE']),$config)!=0) | 2293 | if (!file_put_contents($GLOBALS['config']['CONFIG_FILE'],$config) || strcmp(file_get_contents($GLOBALS['config']['CONFIG_FILE']),$config)!=0) |
2294 | { | 2294 | { |
2295 | echo '<script language="JavaScript">alert("Shaarli could not create the config file. Please make sure Shaarli has the right to write in the folder is it installed in.");document.location=\'?\';</script>'; | 2295 | echo '<script>alert("Shaarli could not create the config file. Please make sure Shaarli has the right to write in the folder is it installed in.");document.location=\'?\';</script>'; |
2296 | exit; | 2296 | exit; |
2297 | } | 2297 | } |
2298 | } | 2298 | } |