diff options
author | VirtualTam <tamisier.aurelien@gmail.com> | 2015-07-09 21:34:46 +0200 |
---|---|---|
committer | VirtualTam <tamisier.aurelien@gmail.com> | 2015-07-09 21:34:46 +0200 |
commit | e92f1ba59edb9fd60b185dc633e64a62dffe3b04 (patch) | |
tree | 7ebcafc4aa15f0bc552507ba1e7c8c4211212290 /index.php | |
parent | 7f1dfd1c12a143b324fbe68213a49de0586febfa (diff) | |
parent | dd484b90b1c15989210d7379e51256d545856d95 (diff) | |
download | Shaarli-e92f1ba59edb9fd60b185dc633e64a62dffe3b04.tar.gz Shaarli-e92f1ba59edb9fd60b185dc633e64a62dffe3b04.tar.zst Shaarli-e92f1ba59edb9fd60b185dc633e64a62dffe3b04.zip |
Merge pull request #255 from ArthurHoaro/config
All settings are now stored in config.php
Diffstat (limited to 'index.php')
-rw-r--r-- | index.php | 86 |
1 files changed, 52 insertions, 34 deletions
@@ -11,7 +11,8 @@ | |||
11 | date_default_timezone_set('UTC'); | 11 | date_default_timezone_set('UTC'); |
12 | 12 | ||
13 | // ----------------------------------------------------------------------------------------------- | 13 | // ----------------------------------------------------------------------------------------------- |
14 | // Hardcoded parameter (These parameters can be overwritten by creating the file /data/options.php) | 14 | // Hardcoded parameter (These parameters can be overwritten by editing the file /data/config.php) |
15 | // You should not touch any code below (or at your own risks!) | ||
15 | $GLOBALS['config']['DATADIR'] = 'data'; // Data subdirectory | 16 | $GLOBALS['config']['DATADIR'] = 'data'; // Data subdirectory |
16 | $GLOBALS['config']['CONFIG_FILE'] = $GLOBALS['config']['DATADIR'].'/config.php'; // Configuration file (user login/password) | 17 | $GLOBALS['config']['CONFIG_FILE'] = $GLOBALS['config']['DATADIR'].'/config.php'; // Configuration file (user login/password) |
17 | $GLOBALS['config']['DATASTORE'] = $GLOBALS['config']['DATADIR'].'/datastore.php'; // Data storage file. | 18 | $GLOBALS['config']['DATASTORE'] = $GLOBALS['config']['DATADIR'].'/datastore.php'; // Data storage file. |
@@ -36,10 +37,6 @@ $GLOBALS['config']['ARCHIVE_ORG'] = false; // For each link, add a link to an ar | |||
36 | $GLOBALS['config']['ENABLE_RSS_PERMALINKS'] = true; // Enable RSS permalinks by default. This corresponds to the default behavior of shaarli before this was added as an option. | 37 | $GLOBALS['config']['ENABLE_RSS_PERMALINKS'] = true; // Enable RSS permalinks by default. This corresponds to the default behavior of shaarli before this was added as an option. |
37 | $GLOBALS['config']['HIDE_PUBLIC_LINKS'] = false; | 38 | $GLOBALS['config']['HIDE_PUBLIC_LINKS'] = false; |
38 | // ----------------------------------------------------------------------------------------------- | 39 | // ----------------------------------------------------------------------------------------------- |
39 | // You should not touch below (or at your own risks!) | ||
40 | // Optional config file. | ||
41 | if (is_file($GLOBALS['config']['DATADIR'].'/options.php')) require($GLOBALS['config']['DATADIR'].'/options.php'); | ||
42 | |||
43 | define('shaarli_version','0.0.45beta'); | 40 | define('shaarli_version','0.0.45beta'); |
44 | // http://server.com/x/shaarli --> /shaarli/ | 41 | // http://server.com/x/shaarli --> /shaarli/ |
45 | define('WEB_PATH', substr($_SERVER["REQUEST_URI"], 0, 1+strrpos($_SERVER["REQUEST_URI"], '/', 0))); | 42 | define('WEB_PATH', substr($_SERVER["REQUEST_URI"], 0, 1+strrpos($_SERVER["REQUEST_URI"], '/', 0))); |
@@ -69,6 +66,7 @@ error_reporting(E_ALL^E_WARNING); // See all error except warnings. | |||
69 | // Shaarli library | 66 | // Shaarli library |
70 | require_once 'application/LinkDB.php'; | 67 | require_once 'application/LinkDB.php'; |
71 | require_once 'application/Utils.php'; | 68 | require_once 'application/Utils.php'; |
69 | require_once 'application/Config.php'; | ||
72 | 70 | ||
73 | include "inc/rain.tpl.class.php"; //include Rain TPL | 71 | include "inc/rain.tpl.class.php"; //include Rain TPL |
74 | raintpl::$tpl_dir = $GLOBALS['config']['RAINTPL_TPL']; // template directory | 72 | raintpl::$tpl_dir = $GLOBALS['config']['RAINTPL_TPL']; // template directory |
@@ -100,7 +98,6 @@ if (empty($GLOBALS['title'])) $GLOBALS['title']='Shared links on '.escape(indexU | |||
100 | if (empty($GLOBALS['timezone'])) $GLOBALS['timezone']=date_default_timezone_get(); | 98 | if (empty($GLOBALS['timezone'])) $GLOBALS['timezone']=date_default_timezone_get(); |
101 | if (empty($GLOBALS['redirector'])) $GLOBALS['redirector']=''; | 99 | if (empty($GLOBALS['redirector'])) $GLOBALS['redirector']=''; |
102 | if (empty($GLOBALS['disablesessionprotection'])) $GLOBALS['disablesessionprotection']=false; | 100 | if (empty($GLOBALS['disablesessionprotection'])) $GLOBALS['disablesessionprotection']=false; |
103 | if (empty($GLOBALS['disablejquery'])) $GLOBALS['disablejquery']=false; | ||
104 | if (empty($GLOBALS['privateLinkByDefault'])) $GLOBALS['privateLinkByDefault']=false; | 101 | if (empty($GLOBALS['privateLinkByDefault'])) $GLOBALS['privateLinkByDefault']=false; |
105 | if (empty($GLOBALS['titleLink'])) $GLOBALS['titleLink']='?'; | 102 | if (empty($GLOBALS['titleLink'])) $GLOBALS['titleLink']='?'; |
106 | // I really need to rewrite Shaarli with a proper configuation manager. | 103 | // I really need to rewrite Shaarli with a proper configuation manager. |
@@ -1220,7 +1217,19 @@ function renderPage() | |||
1220 | // Save new password | 1217 | // Save new password |
1221 | $GLOBALS['salt'] = sha1(uniqid('',true).'_'.mt_rand()); // Salt renders rainbow-tables attacks useless. | 1218 | $GLOBALS['salt'] = sha1(uniqid('',true).'_'.mt_rand()); // Salt renders rainbow-tables attacks useless. |
1222 | $GLOBALS['hash'] = sha1($_POST['setpassword'].$GLOBALS['login'].$GLOBALS['salt']); | 1219 | $GLOBALS['hash'] = sha1($_POST['setpassword'].$GLOBALS['login'].$GLOBALS['salt']); |
1223 | writeConfig(); | 1220 | try { |
1221 | writeConfig($GLOBALS, isLoggedIn()); | ||
1222 | } | ||
1223 | catch(Exception $e) { | ||
1224 | error_log( | ||
1225 | 'ERROR while writing config file after changing password.' . PHP_EOL . | ||
1226 | $e->getMessage() | ||
1227 | ); | ||
1228 | |||
1229 | // TODO: do not handle exceptions/errors in JS. | ||
1230 | echo '<script>alert("'. $e->getMessage() .'");document.location=\'?do=tools\';</script>'; | ||
1231 | exit; | ||
1232 | } | ||
1224 | echo '<script>alert("Your password has been changed.");document.location=\'?do=tools\';</script>'; | 1233 | echo '<script>alert("Your password has been changed.");document.location=\'?do=tools\';</script>'; |
1225 | exit; | 1234 | exit; |
1226 | } | 1235 | } |
@@ -1249,12 +1258,23 @@ function renderPage() | |||
1249 | $GLOBALS['titleLink']=$_POST['titleLink']; | 1258 | $GLOBALS['titleLink']=$_POST['titleLink']; |
1250 | $GLOBALS['redirector']=$_POST['redirector']; | 1259 | $GLOBALS['redirector']=$_POST['redirector']; |
1251 | $GLOBALS['disablesessionprotection']=!empty($_POST['disablesessionprotection']); | 1260 | $GLOBALS['disablesessionprotection']=!empty($_POST['disablesessionprotection']); |
1252 | $GLOBALS['disablejquery']=!empty($_POST['disablejquery']); | ||
1253 | $GLOBALS['privateLinkByDefault']=!empty($_POST['privateLinkByDefault']); | 1261 | $GLOBALS['privateLinkByDefault']=!empty($_POST['privateLinkByDefault']); |
1254 | $GLOBALS['config']['ENABLE_RSS_PERMALINKS']= !empty($_POST['enableRssPermalinks']); | 1262 | $GLOBALS['config']['ENABLE_RSS_PERMALINKS']= !empty($_POST['enableRssPermalinks']); |
1255 | $GLOBALS['config']['ENABLE_UPDATECHECK'] = !empty($_POST['updateCheck']); | 1263 | $GLOBALS['config']['ENABLE_UPDATECHECK'] = !empty($_POST['updateCheck']); |
1256 | $GLOBALS['config']['HIDE_PUBLIC_LINKS'] = !empty($_POST['hidePublicLinks']); | 1264 | $GLOBALS['config']['HIDE_PUBLIC_LINKS'] = !empty($_POST['hidePublicLinks']); |
1257 | writeConfig(); | 1265 | try { |
1266 | writeConfig($GLOBALS, isLoggedIn()); | ||
1267 | } | ||
1268 | catch(Exception $e) { | ||
1269 | error_log( | ||
1270 | 'ERROR while writing config file after configuration update.' . PHP_EOL . | ||
1271 | $e->getMessage() | ||
1272 | ); | ||
1273 | |||
1274 | // TODO: do not handle exceptions/errors in JS. | ||
1275 | echo '<script>alert("'. $e->getMessage() .'");document.location=\'?do=tools\';</script>'; | ||
1276 | exit; | ||
1277 | } | ||
1258 | echo '<script>alert("Configuration was saved.");document.location=\'?do=tools\';</script>'; | 1278 | echo '<script>alert("Configuration was saved.");document.location=\'?do=tools\';</script>'; |
1259 | exit; | 1279 | exit; |
1260 | } | 1280 | } |
@@ -2013,7 +2033,19 @@ function install() | |||
2013 | $GLOBALS['hash'] = sha1($_POST['setpassword'].$GLOBALS['login'].$GLOBALS['salt']); | 2033 | $GLOBALS['hash'] = sha1($_POST['setpassword'].$GLOBALS['login'].$GLOBALS['salt']); |
2014 | $GLOBALS['title'] = (empty($_POST['title']) ? 'Shared links on '.escape(indexUrl()) : $_POST['title'] ); | 2034 | $GLOBALS['title'] = (empty($_POST['title']) ? 'Shared links on '.escape(indexUrl()) : $_POST['title'] ); |
2015 | $GLOBALS['config']['ENABLE_UPDATECHECK'] = !empty($_POST['updateCheck']); | 2035 | $GLOBALS['config']['ENABLE_UPDATECHECK'] = !empty($_POST['updateCheck']); |
2016 | writeConfig(); | 2036 | try { |
2037 | writeConfig($GLOBALS, isLoggedIn()); | ||
2038 | } | ||
2039 | catch(Exception $e) { | ||
2040 | error_log( | ||
2041 | 'ERROR while writing config file after installation.' . PHP_EOL . | ||
2042 | $e->getMessage() | ||
2043 | ); | ||
2044 | |||
2045 | // TODO: do not handle exceptions/errors in JS. | ||
2046 | echo '<script>alert("'. $e->getMessage() .'");document.location=\'?\';</script>'; | ||
2047 | exit; | ||
2048 | } | ||
2017 | echo '<script>alert("Shaarli is now configured. Please enter your login/password and start shaaring your links!");document.location=\'?do=login\';</script>'; | 2049 | echo '<script>alert("Shaarli is now configured. Please enter your login/password and start shaaring your links!");document.location=\'?do=login\';</script>'; |
2018 | exit; | 2050 | exit; |
2019 | } | 2051 | } |
@@ -2127,30 +2159,7 @@ if (!function_exists('json_encode')) { | |||
2127 | } | 2159 | } |
2128 | } | 2160 | } |
2129 | 2161 | ||
2130 | // Re-write configuration file according to globals. | 2162 | |
2131 | // Requires some $GLOBALS to be set (login,hash,salt,title). | ||
2132 | // If the config file cannot be saved, an error message is displayed and the user is redirected to "Tools" menu. | ||
2133 | // (otherwise, the function simply returns.) | ||
2134 | function writeConfig() | ||
2135 | { | ||
2136 | if (is_file($GLOBALS['config']['CONFIG_FILE']) && !isLoggedIn()) die('You are not authorized to alter config.'); // Only logged in user can alter config. | ||
2137 | $config='<?php $GLOBALS[\'login\']='.var_export($GLOBALS['login'],true).'; $GLOBALS[\'hash\']='.var_export($GLOBALS['hash'],true).'; $GLOBALS[\'salt\']='.var_export($GLOBALS['salt'],true).'; '; | ||
2138 | $config .='$GLOBALS[\'timezone\']='.var_export($GLOBALS['timezone'],true).'; date_default_timezone_set('.var_export($GLOBALS['timezone'],true).'); $GLOBALS[\'title\']='.var_export($GLOBALS['title'],true).';'; | ||
2139 | $config .= '$GLOBALS[\'titleLink\']='.var_export($GLOBALS['titleLink'],true).'; '; | ||
2140 | $config .= '$GLOBALS[\'redirector\']='.var_export($GLOBALS['redirector'],true).'; '; | ||
2141 | $config .= '$GLOBALS[\'disablesessionprotection\']='.var_export($GLOBALS['disablesessionprotection'],true).'; '; | ||
2142 | $config .= '$GLOBALS[\'disablejquery\']='.var_export($GLOBALS['disablejquery'],true).'; '; | ||
2143 | $config .= '$GLOBALS[\'privateLinkByDefault\']='.var_export($GLOBALS['privateLinkByDefault'],true).'; '; | ||
2144 | $config .= '$GLOBALS[\'config\'][\'ENABLE_RSS_PERMALINKS\']='.var_export($GLOBALS['config']['ENABLE_RSS_PERMALINKS'], true).'; '; | ||
2145 | $config .= '$GLOBALS[\'config\'][\'ENABLE_UPDATECHECK\']='.var_export($GLOBALS['config']['ENABLE_UPDATECHECK'], true).'; '; | ||
2146 | $config .= '$GLOBALS[\'config\'][\'HIDE_PUBLIC_LINKS\']='.var_export($GLOBALS['config']['HIDE_PUBLIC_LINKS'], true).'; '; | ||
2147 | $config .= ' ?>'; | ||
2148 | if (!file_put_contents($GLOBALS['config']['CONFIG_FILE'],$config) || strcmp(file_get_contents($GLOBALS['config']['CONFIG_FILE']),$config)!=0) | ||
2149 | { | ||
2150 | echo '<script>alert("Shaarli could not create the config file. Please make sure Shaarli has the right to write in the folder is it installed in.");document.location=\'?\';</script>'; | ||
2151 | exit; | ||
2152 | } | ||
2153 | } | ||
2154 | 2163 | ||
2155 | /* Because some f*cking services like flickr require an extra HTTP request to get the thumbnail URL, | 2164 | /* Because some f*cking services like flickr require an extra HTTP request to get the thumbnail URL, |
2156 | I have deported the thumbnail URL code generation here, otherwise this would slow down page generation. | 2165 | I have deported the thumbnail URL code generation here, otherwise this would slow down page generation. |
@@ -2379,6 +2388,15 @@ function invalidateCaches() | |||
2379 | pageCache::purgeCache(); // Purge page cache shared by sessions. | 2388 | pageCache::purgeCache(); // Purge page cache shared by sessions. |
2380 | } | 2389 | } |
2381 | 2390 | ||
2391 | try { | ||
2392 | mergeDeprecatedConfig($GLOBALS, isLoggedIn()); | ||
2393 | } catch(Exception $e) { | ||
2394 | error_log( | ||
2395 | 'ERROR while merging deprecated options.php file.' . PHP_EOL . | ||
2396 | $e->getMessage() | ||
2397 | ); | ||
2398 | } | ||
2399 | |||
2382 | if (isset($_SERVER["QUERY_STRING"]) && startswith($_SERVER["QUERY_STRING"],'do=genthumbnail')) { genThumbnail(); exit; } // Thumbnail generation/cache does not need the link database. | 2400 | if (isset($_SERVER["QUERY_STRING"]) && startswith($_SERVER["QUERY_STRING"],'do=genthumbnail')) { genThumbnail(); exit; } // Thumbnail generation/cache does not need the link database. |
2383 | if (isset($_SERVER["QUERY_STRING"]) && startswith($_SERVER["QUERY_STRING"],'do=rss')) { showRSS(); exit; } | 2401 | if (isset($_SERVER["QUERY_STRING"]) && startswith($_SERVER["QUERY_STRING"],'do=rss')) { showRSS(); exit; } |
2384 | if (isset($_SERVER["QUERY_STRING"]) && startswith($_SERVER["QUERY_STRING"],'do=atom')) { showATOM(); exit; } | 2402 | if (isset($_SERVER["QUERY_STRING"]) && startswith($_SERVER["QUERY_STRING"],'do=atom')) { showATOM(); exit; } |