diff options
author | ArthurHoaro <arthur@hoa.ro> | 2015-06-29 12:23:00 +0200 |
---|---|---|
committer | ArthurHoaro <arthur@hoa.ro> | 2015-07-09 20:46:03 +0200 |
commit | dd484b90b1c15989210d7379e51256d545856d95 (patch) | |
tree | c7300dc1c54388699ca45055cae58b2740525c80 /index.php | |
parent | eee711c0a8583e1c2ea2186544795d59fa41d9f6 (diff) | |
download | Shaarli-dd484b90b1c15989210d7379e51256d545856d95.tar.gz Shaarli-dd484b90b1c15989210d7379e51256d545856d95.tar.zst Shaarli-dd484b90b1c15989210d7379e51256d545856d95.zip |
All settings are now stored in config.php
Isolate functions related to config in Config.php + add unit tests + code_sniffer.
options.php is not supported anymore, but its content will be automatically saved into config.php
Fixes #shaarli/Shaarli#41
*TODO*: update [documentation](https://github.com/shaarli/Shaarli/wiki#configuration).
Diffstat (limited to 'index.php')
-rw-r--r-- | index.php | 94 |
1 files changed, 56 insertions, 38 deletions
@@ -11,7 +11,8 @@ | |||
11 | date_default_timezone_set('UTC'); | 11 | date_default_timezone_set('UTC'); |
12 | 12 | ||
13 | // ----------------------------------------------------------------------------------------------- | 13 | // ----------------------------------------------------------------------------------------------- |
14 | // Hardcoded parameter (These parameters can be overwritten by creating the file /data/options.php) | 14 | // Hardcoded parameter (These parameters can be overwritten by editing the file /data/config.php) |
15 | // You should not touch any code below (or at your own risks!) | ||
15 | $GLOBALS['config']['DATADIR'] = 'data'; // Data subdirectory | 16 | $GLOBALS['config']['DATADIR'] = 'data'; // Data subdirectory |
16 | $GLOBALS['config']['CONFIG_FILE'] = $GLOBALS['config']['DATADIR'].'/config.php'; // Configuration file (user login/password) | 17 | $GLOBALS['config']['CONFIG_FILE'] = $GLOBALS['config']['DATADIR'].'/config.php'; // Configuration file (user login/password) |
17 | $GLOBALS['config']['DATASTORE'] = $GLOBALS['config']['DATADIR'].'/datastore.php'; // Data storage file. | 18 | $GLOBALS['config']['DATASTORE'] = $GLOBALS['config']['DATADIR'].'/datastore.php'; // Data storage file. |
@@ -36,10 +37,6 @@ $GLOBALS['config']['ARCHIVE_ORG'] = false; // For each link, add a link to an ar | |||
36 | $GLOBALS['config']['ENABLE_RSS_PERMALINKS'] = true; // Enable RSS permalinks by default. This corresponds to the default behavior of shaarli before this was added as an option. | 37 | $GLOBALS['config']['ENABLE_RSS_PERMALINKS'] = true; // Enable RSS permalinks by default. This corresponds to the default behavior of shaarli before this was added as an option. |
37 | $GLOBALS['config']['HIDE_PUBLIC_LINKS'] = false; | 38 | $GLOBALS['config']['HIDE_PUBLIC_LINKS'] = false; |
38 | // ----------------------------------------------------------------------------------------------- | 39 | // ----------------------------------------------------------------------------------------------- |
39 | // You should not touch below (or at your own risks!) | ||
40 | // Optional config file. | ||
41 | if (is_file($GLOBALS['config']['DATADIR'].'/options.php')) require($GLOBALS['config']['DATADIR'].'/options.php'); | ||
42 | |||
43 | define('shaarli_version','0.0.45beta'); | 40 | define('shaarli_version','0.0.45beta'); |
44 | // http://server.com/x/shaarli --> /shaarli/ | 41 | // http://server.com/x/shaarli --> /shaarli/ |
45 | define('WEB_PATH', substr($_SERVER["REQUEST_URI"], 0, 1+strrpos($_SERVER["REQUEST_URI"], '/', 0))); | 42 | define('WEB_PATH', substr($_SERVER["REQUEST_URI"], 0, 1+strrpos($_SERVER["REQUEST_URI"], '/', 0))); |
@@ -69,6 +66,7 @@ error_reporting(E_ALL^E_WARNING); // See all error except warnings. | |||
69 | // Shaarli library | 66 | // Shaarli library |
70 | require_once 'application/LinkDB.php'; | 67 | require_once 'application/LinkDB.php'; |
71 | require_once 'application/Utils.php'; | 68 | require_once 'application/Utils.php'; |
69 | require_once 'application/Config.php'; | ||
72 | 70 | ||
73 | include "inc/rain.tpl.class.php"; //include Rain TPL | 71 | include "inc/rain.tpl.class.php"; //include Rain TPL |
74 | raintpl::$tpl_dir = $GLOBALS['config']['RAINTPL_TPL']; // template directory | 72 | raintpl::$tpl_dir = $GLOBALS['config']['RAINTPL_TPL']; // template directory |
@@ -100,7 +98,6 @@ if (empty($GLOBALS['title'])) $GLOBALS['title']='Shared links on '.escape(indexU | |||
100 | if (empty($GLOBALS['timezone'])) $GLOBALS['timezone']=date_default_timezone_get(); | 98 | if (empty($GLOBALS['timezone'])) $GLOBALS['timezone']=date_default_timezone_get(); |
101 | if (empty($GLOBALS['redirector'])) $GLOBALS['redirector']=''; | 99 | if (empty($GLOBALS['redirector'])) $GLOBALS['redirector']=''; |
102 | if (empty($GLOBALS['disablesessionprotection'])) $GLOBALS['disablesessionprotection']=false; | 100 | if (empty($GLOBALS['disablesessionprotection'])) $GLOBALS['disablesessionprotection']=false; |
103 | if (empty($GLOBALS['disablejquery'])) $GLOBALS['disablejquery']=false; | ||
104 | if (empty($GLOBALS['privateLinkByDefault'])) $GLOBALS['privateLinkByDefault']=false; | 101 | if (empty($GLOBALS['privateLinkByDefault'])) $GLOBALS['privateLinkByDefault']=false; |
105 | if (empty($GLOBALS['titleLink'])) $GLOBALS['titleLink']='?'; | 102 | if (empty($GLOBALS['titleLink'])) $GLOBALS['titleLink']='?'; |
106 | // I really need to rewrite Shaarli with a proper configuation manager. | 103 | // I really need to rewrite Shaarli with a proper configuation manager. |
@@ -709,7 +706,7 @@ function showRSS() | |||
709 | if (!empty($_GET['searchterm'])) $linksToDisplay = $LINKSDB->filterFulltext($_GET['searchterm']); | 706 | if (!empty($_GET['searchterm'])) $linksToDisplay = $LINKSDB->filterFulltext($_GET['searchterm']); |
710 | else if (!empty($_GET['searchtags'])) $linksToDisplay = $LINKSDB->filterTags(trim($_GET['searchtags'])); | 707 | else if (!empty($_GET['searchtags'])) $linksToDisplay = $LINKSDB->filterTags(trim($_GET['searchtags'])); |
711 | else $linksToDisplay = $LINKSDB; | 708 | else $linksToDisplay = $LINKSDB; |
712 | 709 | ||
713 | $nblinksToDisplay = 50; // Number of links to display. | 710 | $nblinksToDisplay = 50; // Number of links to display. |
714 | if (!empty($_GET['nb'])) // In URL, you can specificy the number of links. Example: nb=200 or nb=all for all links. | 711 | if (!empty($_GET['nb'])) // In URL, you can specificy the number of links. Example: nb=200 or nb=all for all links. |
715 | { | 712 | { |
@@ -789,7 +786,7 @@ function showATOM() | |||
789 | if (!empty($_GET['searchterm'])) $linksToDisplay = $LINKSDB->filterFulltext($_GET['searchterm']); | 786 | if (!empty($_GET['searchterm'])) $linksToDisplay = $LINKSDB->filterFulltext($_GET['searchterm']); |
790 | else if (!empty($_GET['searchtags'])) $linksToDisplay = $LINKSDB->filterTags(trim($_GET['searchtags'])); | 787 | else if (!empty($_GET['searchtags'])) $linksToDisplay = $LINKSDB->filterTags(trim($_GET['searchtags'])); |
791 | else $linksToDisplay = $LINKSDB; | 788 | else $linksToDisplay = $LINKSDB; |
792 | 789 | ||
793 | $nblinksToDisplay = 50; // Number of links to display. | 790 | $nblinksToDisplay = 50; // Number of links to display. |
794 | if (!empty($_GET['nb'])) // In URL, you can specificy the number of links. Example: nb=200 or nb=all for all links. | 791 | if (!empty($_GET['nb'])) // In URL, you can specificy the number of links. Example: nb=200 or nb=all for all links. |
795 | { | 792 | { |
@@ -1041,7 +1038,7 @@ function renderPage() | |||
1041 | if (!empty($_GET['searchterm'])) $links = $LINKSDB->filterFulltext($_GET['searchterm']); | 1038 | if (!empty($_GET['searchterm'])) $links = $LINKSDB->filterFulltext($_GET['searchterm']); |
1042 | elseif (!empty($_GET['searchtags'])) $links = $LINKSDB->filterTags(trim($_GET['searchtags'])); | 1039 | elseif (!empty($_GET['searchtags'])) $links = $LINKSDB->filterTags(trim($_GET['searchtags'])); |
1043 | else $links = $LINKSDB; | 1040 | else $links = $LINKSDB; |
1044 | 1041 | ||
1045 | $body=''; | 1042 | $body=''; |
1046 | $linksToDisplay=array(); | 1043 | $linksToDisplay=array(); |
1047 | 1044 | ||
@@ -1056,7 +1053,7 @@ function renderPage() | |||
1056 | $linksToDisplay[]=$link; // Add to array. | 1053 | $linksToDisplay[]=$link; // Add to array. |
1057 | } | 1054 | } |
1058 | } | 1055 | } |
1059 | 1056 | ||
1060 | $PAGE = new pageBuilder; | 1057 | $PAGE = new pageBuilder; |
1061 | $PAGE->assign('linkcount',count($LINKSDB)); | 1058 | $PAGE->assign('linkcount',count($LINKSDB)); |
1062 | $PAGE->assign('linksToDisplay',$linksToDisplay); | 1059 | $PAGE->assign('linksToDisplay',$linksToDisplay); |
@@ -1214,7 +1211,19 @@ function renderPage() | |||
1214 | // Save new password | 1211 | // Save new password |
1215 | $GLOBALS['salt'] = sha1(uniqid('',true).'_'.mt_rand()); // Salt renders rainbow-tables attacks useless. | 1212 | $GLOBALS['salt'] = sha1(uniqid('',true).'_'.mt_rand()); // Salt renders rainbow-tables attacks useless. |
1216 | $GLOBALS['hash'] = sha1($_POST['setpassword'].$GLOBALS['login'].$GLOBALS['salt']); | 1213 | $GLOBALS['hash'] = sha1($_POST['setpassword'].$GLOBALS['login'].$GLOBALS['salt']); |
1217 | writeConfig(); | 1214 | try { |
1215 | writeConfig($GLOBALS, isLoggedIn()); | ||
1216 | } | ||
1217 | catch(Exception $e) { | ||
1218 | error_log( | ||
1219 | 'ERROR while writing config file after changing password.' . PHP_EOL . | ||
1220 | $e->getMessage() | ||
1221 | ); | ||
1222 | |||
1223 | // TODO: do not handle exceptions/errors in JS. | ||
1224 | echo '<script>alert("'. $e->getMessage() .'");document.location=\'?do=tools\';</script>'; | ||
1225 | exit; | ||
1226 | } | ||
1218 | echo '<script>alert("Your password has been changed.");document.location=\'?do=tools\';</script>'; | 1227 | echo '<script>alert("Your password has been changed.");document.location=\'?do=tools\';</script>'; |
1219 | exit; | 1228 | exit; |
1220 | } | 1229 | } |
@@ -1243,12 +1252,23 @@ function renderPage() | |||
1243 | $GLOBALS['titleLink']=$_POST['titleLink']; | 1252 | $GLOBALS['titleLink']=$_POST['titleLink']; |
1244 | $GLOBALS['redirector']=$_POST['redirector']; | 1253 | $GLOBALS['redirector']=$_POST['redirector']; |
1245 | $GLOBALS['disablesessionprotection']=!empty($_POST['disablesessionprotection']); | 1254 | $GLOBALS['disablesessionprotection']=!empty($_POST['disablesessionprotection']); |
1246 | $GLOBALS['disablejquery']=!empty($_POST['disablejquery']); | ||
1247 | $GLOBALS['privateLinkByDefault']=!empty($_POST['privateLinkByDefault']); | 1255 | $GLOBALS['privateLinkByDefault']=!empty($_POST['privateLinkByDefault']); |
1248 | $GLOBALS['config']['ENABLE_RSS_PERMALINKS']= !empty($_POST['enableRssPermalinks']); | 1256 | $GLOBALS['config']['ENABLE_RSS_PERMALINKS']= !empty($_POST['enableRssPermalinks']); |
1249 | $GLOBALS['config']['ENABLE_UPDATECHECK'] = !empty($_POST['updateCheck']); | 1257 | $GLOBALS['config']['ENABLE_UPDATECHECK'] = !empty($_POST['updateCheck']); |
1250 | $GLOBALS['config']['HIDE_PUBLIC_LINKS'] = !empty($_POST['hidePublicLinks']); | 1258 | $GLOBALS['config']['HIDE_PUBLIC_LINKS'] = !empty($_POST['hidePublicLinks']); |
1251 | writeConfig(); | 1259 | try { |
1260 | writeConfig($GLOBALS, isLoggedIn()); | ||
1261 | } | ||
1262 | catch(Exception $e) { | ||
1263 | error_log( | ||
1264 | 'ERROR while writing config file after configuration update.' . PHP_EOL . | ||
1265 | $e->getMessage() | ||
1266 | ); | ||
1267 | |||
1268 | // TODO: do not handle exceptions/errors in JS. | ||
1269 | echo '<script>alert("'. $e->getMessage() .'");document.location=\'?do=tools\';</script>'; | ||
1270 | exit; | ||
1271 | } | ||
1252 | echo '<script>alert("Configuration was saved.");document.location=\'?do=tools\';</script>'; | 1272 | echo '<script>alert("Configuration was saved.");document.location=\'?do=tools\';</script>'; |
1253 | exit; | 1273 | exit; |
1254 | } | 1274 | } |
@@ -2007,7 +2027,19 @@ function install() | |||
2007 | $GLOBALS['hash'] = sha1($_POST['setpassword'].$GLOBALS['login'].$GLOBALS['salt']); | 2027 | $GLOBALS['hash'] = sha1($_POST['setpassword'].$GLOBALS['login'].$GLOBALS['salt']); |
2008 | $GLOBALS['title'] = (empty($_POST['title']) ? 'Shared links on '.escape(indexUrl()) : $_POST['title'] ); | 2028 | $GLOBALS['title'] = (empty($_POST['title']) ? 'Shared links on '.escape(indexUrl()) : $_POST['title'] ); |
2009 | $GLOBALS['config']['ENABLE_UPDATECHECK'] = !empty($_POST['updateCheck']); | 2029 | $GLOBALS['config']['ENABLE_UPDATECHECK'] = !empty($_POST['updateCheck']); |
2010 | writeConfig(); | 2030 | try { |
2031 | writeConfig($GLOBALS, isLoggedIn()); | ||
2032 | } | ||
2033 | catch(Exception $e) { | ||
2034 | error_log( | ||
2035 | 'ERROR while writing config file after installation.' . PHP_EOL . | ||
2036 | $e->getMessage() | ||
2037 | ); | ||
2038 | |||
2039 | // TODO: do not handle exceptions/errors in JS. | ||
2040 | echo '<script>alert("'. $e->getMessage() .'");document.location=\'?\';</script>'; | ||
2041 | exit; | ||
2042 | } | ||
2011 | echo '<script>alert("Shaarli is now configured. Please enter your login/password and start shaaring your links!");document.location=\'?do=login\';</script>'; | 2043 | echo '<script>alert("Shaarli is now configured. Please enter your login/password and start shaaring your links!");document.location=\'?do=login\';</script>'; |
2012 | exit; | 2044 | exit; |
2013 | } | 2045 | } |
@@ -2121,30 +2153,7 @@ if (!function_exists('json_encode')) { | |||
2121 | } | 2153 | } |
2122 | } | 2154 | } |
2123 | 2155 | ||
2124 | // Re-write configuration file according to globals. | 2156 | |
2125 | // Requires some $GLOBALS to be set (login,hash,salt,title). | ||
2126 | // If the config file cannot be saved, an error message is displayed and the user is redirected to "Tools" menu. | ||
2127 | // (otherwise, the function simply returns.) | ||
2128 | function writeConfig() | ||
2129 | { | ||
2130 | if (is_file($GLOBALS['config']['CONFIG_FILE']) && !isLoggedIn()) die('You are not authorized to alter config.'); // Only logged in user can alter config. | ||
2131 | $config='<?php $GLOBALS[\'login\']='.var_export($GLOBALS['login'],true).'; $GLOBALS[\'hash\']='.var_export($GLOBALS['hash'],true).'; $GLOBALS[\'salt\']='.var_export($GLOBALS['salt'],true).'; '; | ||
2132 | $config .='$GLOBALS[\'timezone\']='.var_export($GLOBALS['timezone'],true).'; date_default_timezone_set('.var_export($GLOBALS['timezone'],true).'); $GLOBALS[\'title\']='.var_export($GLOBALS['title'],true).';'; | ||
2133 | $config .= '$GLOBALS[\'titleLink\']='.var_export($GLOBALS['titleLink'],true).'; '; | ||
2134 | $config .= '$GLOBALS[\'redirector\']='.var_export($GLOBALS['redirector'],true).'; '; | ||
2135 | $config .= '$GLOBALS[\'disablesessionprotection\']='.var_export($GLOBALS['disablesessionprotection'],true).'; '; | ||
2136 | $config .= '$GLOBALS[\'disablejquery\']='.var_export($GLOBALS['disablejquery'],true).'; '; | ||
2137 | $config .= '$GLOBALS[\'privateLinkByDefault\']='.var_export($GLOBALS['privateLinkByDefault'],true).'; '; | ||
2138 | $config .= '$GLOBALS[\'config\'][\'ENABLE_RSS_PERMALINKS\']='.var_export($GLOBALS['config']['ENABLE_RSS_PERMALINKS'], true).'; '; | ||
2139 | $config .= '$GLOBALS[\'config\'][\'ENABLE_UPDATECHECK\']='.var_export($GLOBALS['config']['ENABLE_UPDATECHECK'], true).'; '; | ||
2140 | $config .= '$GLOBALS[\'config\'][\'HIDE_PUBLIC_LINKS\']='.var_export($GLOBALS['config']['HIDE_PUBLIC_LINKS'], true).'; '; | ||
2141 | $config .= ' ?>'; | ||
2142 | if (!file_put_contents($GLOBALS['config']['CONFIG_FILE'],$config) || strcmp(file_get_contents($GLOBALS['config']['CONFIG_FILE']),$config)!=0) | ||
2143 | { | ||
2144 | echo '<script>alert("Shaarli could not create the config file. Please make sure Shaarli has the right to write in the folder is it installed in.");document.location=\'?\';</script>'; | ||
2145 | exit; | ||
2146 | } | ||
2147 | } | ||
2148 | 2157 | ||
2149 | /* Because some f*cking services like flickr require an extra HTTP request to get the thumbnail URL, | 2158 | /* Because some f*cking services like flickr require an extra HTTP request to get the thumbnail URL, |
2150 | I have deported the thumbnail URL code generation here, otherwise this would slow down page generation. | 2159 | I have deported the thumbnail URL code generation here, otherwise this would slow down page generation. |
@@ -2373,6 +2382,15 @@ function invalidateCaches() | |||
2373 | pageCache::purgeCache(); // Purge page cache shared by sessions. | 2382 | pageCache::purgeCache(); // Purge page cache shared by sessions. |
2374 | } | 2383 | } |
2375 | 2384 | ||
2385 | try { | ||
2386 | mergeDeprecatedConfig($GLOBALS, isLoggedIn()); | ||
2387 | } catch(Exception $e) { | ||
2388 | error_log( | ||
2389 | 'ERROR while merging deprecated options.php file.' . PHP_EOL . | ||
2390 | $e->getMessage() | ||
2391 | ); | ||
2392 | } | ||
2393 | |||
2376 | if (isset($_SERVER["QUERY_STRING"]) && startswith($_SERVER["QUERY_STRING"],'do=genthumbnail')) { genThumbnail(); exit; } // Thumbnail generation/cache does not need the link database. | 2394 | if (isset($_SERVER["QUERY_STRING"]) && startswith($_SERVER["QUERY_STRING"],'do=genthumbnail')) { genThumbnail(); exit; } // Thumbnail generation/cache does not need the link database. |
2377 | if (isset($_SERVER["QUERY_STRING"]) && startswith($_SERVER["QUERY_STRING"],'do=rss')) { showRSS(); exit; } | 2395 | if (isset($_SERVER["QUERY_STRING"]) && startswith($_SERVER["QUERY_STRING"],'do=rss')) { showRSS(); exit; } |
2378 | if (isset($_SERVER["QUERY_STRING"]) && startswith($_SERVER["QUERY_STRING"],'do=atom')) { showATOM(); exit; } | 2396 | if (isset($_SERVER["QUERY_STRING"]) && startswith($_SERVER["QUERY_STRING"],'do=atom')) { showATOM(); exit; } |