diff options
author | ArthurHoaro <arthur@hoa.ro> | 2016-05-29 16:10:32 +0200 |
---|---|---|
committer | ArthurHoaro <arthur@hoa.ro> | 2016-06-11 09:30:56 +0200 |
commit | da10377b3c263d96a46cf9101c202554343d2cd0 (patch) | |
tree | d91d1fcdbd79367418007add4d135d3f84e57a04 /index.php | |
parent | eeea1c3daa87f133c57c96fa17ed26b02c392636 (diff) | |
download | Shaarli-da10377b3c263d96a46cf9101c202554343d2cd0.tar.gz Shaarli-da10377b3c263d96a46cf9101c202554343d2cd0.tar.zst Shaarli-da10377b3c263d96a46cf9101c202554343d2cd0.zip |
Rename configuration keys and fix GLOBALS in templates
Diffstat (limited to 'index.php')
-rw-r--r-- | index.php | 202 |
1 files changed, 102 insertions, 100 deletions
@@ -107,13 +107,13 @@ if (isset($_COOKIE['shaarli']) && !is_session_id_valid($_COOKIE['shaarli'])) { | |||
107 | 107 | ||
108 | $conf = ConfigManager::getInstance(); | 108 | $conf = ConfigManager::getInstance(); |
109 | 109 | ||
110 | RainTPL::$tpl_dir = $conf->get('config.RAINTPL_TPL'); // template directory | 110 | RainTPL::$tpl_dir = $conf->get('path.raintpl_tpl'); // template directory |
111 | RainTPL::$cache_dir = $conf->get('config.RAINTPL_TMP'); // cache directory | 111 | RainTPL::$cache_dir = $conf->get('path.raintpl_tmp'); // cache directory |
112 | 112 | ||
113 | $pluginManager = PluginManager::getInstance(); | 113 | $pluginManager = PluginManager::getInstance(); |
114 | $pluginManager->load($conf->get('config.ENABLED_PLUGINS')); | 114 | $pluginManager->load($conf->get('general.enabled_plugins')); |
115 | 115 | ||
116 | date_default_timezone_set($conf->get('timezone', 'UTC')); | 116 | date_default_timezone_set($conf->get('general.timezone', 'UTC')); |
117 | 117 | ||
118 | ob_start(); // Output buffering for the page cache. | 118 | ob_start(); // Output buffering for the page cache. |
119 | 119 | ||
@@ -133,20 +133,20 @@ header("Cache-Control: post-check=0, pre-check=0", false); | |||
133 | header("Pragma: no-cache"); | 133 | header("Pragma: no-cache"); |
134 | 134 | ||
135 | // Handling of old config file which do not have the new parameters. | 135 | // Handling of old config file which do not have the new parameters. |
136 | if (! $conf->exists('title')) { | 136 | if (! $conf->exists('general.title')) { |
137 | $conf->set('title', 'Shared links on '. escape(index_url($_SERVER))); | 137 | $conf->set('general.title', 'Shared links on '. escape(index_url($_SERVER))); |
138 | } | 138 | } |
139 | if (! $conf->exists('timezone')) { | 139 | if (! $conf->exists('general.timezone')) { |
140 | $conf->set('timezone', date_default_timezone_get()); | 140 | $conf->set('general.timezone', date_default_timezone_get()); |
141 | } | 141 | } |
142 | if (! $conf->exists('disablesessionprotection')) { | 142 | if (! $conf->exists('security.session_protection_disabled')) { |
143 | $conf->set('disablesessionprotection', false); | 143 | $conf->set('security.session_protection_disabled', false); |
144 | } | 144 | } |
145 | if (! $conf->exists('privateLinkByDefault')) { | 145 | if (! $conf->exists('general.default_private_links')) { |
146 | $conf->set('privateLinkByDefault', false); | 146 | $conf->set('general.default_private_links', false); |
147 | } | 147 | } |
148 | if (! $conf->exists('titleLink')) { | 148 | if (! $conf->exists('general.header_link')) { |
149 | $conf->set('titleLink', '?'); | 149 | $conf->set('general.header_link', '?'); |
150 | } | 150 | } |
151 | 151 | ||
152 | if (! is_file($conf->getConfigFile())) { | 152 | if (! is_file($conf->getConfigFile())) { |
@@ -171,12 +171,12 @@ if (! is_file($conf->getConfigFile())) { | |||
171 | } | 171 | } |
172 | 172 | ||
173 | // FIXME! Update these value with Updater and escpae it during the install/config save. | 173 | // FIXME! Update these value with Updater and escpae it during the install/config save. |
174 | $conf->set('title', escape($conf->get('title'))); | 174 | $conf->set('general.title', escape($conf->get('general.title'))); |
175 | $conf->set('titleLink', escape($conf->get('titleLink'))); | 175 | $conf->set('general.header_link', escape($conf->get('general.header_link'))); |
176 | $conf->set('redirector', escape($conf->get('redirector'))); | 176 | $conf->set('extras.redirector', escape($conf->get('extras.redirector'))); |
177 | 177 | ||
178 | // a token depending of deployment salt, user password, and the current ip | 178 | // a token depending of deployment salt, user password, and the current ip |
179 | define('STAY_SIGNED_IN_TOKEN', sha1($conf->get('hash') . $_SERVER['REMOTE_ADDR'] . $conf->get('salt'))); | 179 | define('STAY_SIGNED_IN_TOKEN', sha1($conf->get('credentials.hash') . $_SERVER['REMOTE_ADDR'] . $conf->get('credentials.salt'))); |
180 | 180 | ||
181 | // Sniff browser language and set date format accordingly. | 181 | // Sniff browser language and set date format accordingly. |
182 | if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) { | 182 | if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) { |
@@ -191,12 +191,12 @@ header('Content-Type: text/html; charset=utf-8'); // We use UTF-8 for proper int | |||
191 | function setup_login_state() { | 191 | function setup_login_state() { |
192 | $conf = ConfigManager::getInstance(); | 192 | $conf = ConfigManager::getInstance(); |
193 | 193 | ||
194 | if ($conf->get('config.OPEN_SHAARLI')) { | 194 | if ($conf->get('extras.open_shaarli')) { |
195 | return true; | 195 | return true; |
196 | } | 196 | } |
197 | $userIsLoggedIn = false; // By default, we do not consider the user as logged in; | 197 | $userIsLoggedIn = false; // By default, we do not consider the user as logged in; |
198 | $loginFailure = false; // If set to true, every attempt to authenticate the user will fail. This indicates that an important condition isn't met. | 198 | $loginFailure = false; // If set to true, every attempt to authenticate the user will fail. This indicates that an important condition isn't met. |
199 | if (! $conf->exists('login')) { | 199 | if (! $conf->exists('credentials.login')) { |
200 | $userIsLoggedIn = false; // Shaarli is not configured yet. | 200 | $userIsLoggedIn = false; // Shaarli is not configured yet. |
201 | $loginFailure = true; | 201 | $loginFailure = true; |
202 | } | 202 | } |
@@ -209,7 +209,7 @@ function setup_login_state() { | |||
209 | } | 209 | } |
210 | // If session does not exist on server side, or IP address has changed, or session has expired, logout. | 210 | // If session does not exist on server side, or IP address has changed, or session has expired, logout. |
211 | if (empty($_SESSION['uid']) | 211 | if (empty($_SESSION['uid']) |
212 | || ($conf->get('disablesessionprotection') == false && $_SESSION['ip'] != allIPs()) | 212 | || ($conf->get('security.session_protection_disabled') == false && $_SESSION['ip'] != allIPs()) |
213 | || time() >= $_SESSION['expires_on']) | 213 | || time() >= $_SESSION['expires_on']) |
214 | { | 214 | { |
215 | logout(); | 215 | logout(); |
@@ -266,7 +266,7 @@ function fillSessionInfo() { | |||
266 | $conf = ConfigManager::getInstance(); | 266 | $conf = ConfigManager::getInstance(); |
267 | $_SESSION['uid'] = sha1(uniqid('',true).'_'.mt_rand()); // Generate unique random number (different than phpsessionid) | 267 | $_SESSION['uid'] = sha1(uniqid('',true).'_'.mt_rand()); // Generate unique random number (different than phpsessionid) |
268 | $_SESSION['ip']=allIPs(); // We store IP address(es) of the client to make sure session is not hijacked. | 268 | $_SESSION['ip']=allIPs(); // We store IP address(es) of the client to make sure session is not hijacked. |
269 | $_SESSION['username']= $conf->get('login'); | 269 | $_SESSION['username']= $conf->get('credentials.login'); |
270 | $_SESSION['expires_on']=time()+INACTIVITY_TIMEOUT; // Set session expiration. | 270 | $_SESSION['expires_on']=time()+INACTIVITY_TIMEOUT; // Set session expiration. |
271 | } | 271 | } |
272 | 272 | ||
@@ -274,14 +274,14 @@ function fillSessionInfo() { | |||
274 | function check_auth($login,$password) | 274 | function check_auth($login,$password) |
275 | { | 275 | { |
276 | $conf = ConfigManager::getInstance(); | 276 | $conf = ConfigManager::getInstance(); |
277 | $hash = sha1($password . $login . $conf->get('salt')); | 277 | $hash = sha1($password . $login . $conf->get('credentials.salt')); |
278 | if ($login == $conf->get('login') && $hash == $conf->get('hash')) | 278 | if ($login == $conf->get('credentials.login') && $hash == $conf->get('credentials.hash')) |
279 | { // Login/password is correct. | 279 | { // Login/password is correct. |
280 | fillSessionInfo(); | 280 | fillSessionInfo(); |
281 | logm($conf->get('config.LOG_FILE'), $_SERVER['REMOTE_ADDR'], 'Login successful'); | 281 | logm($conf->get('path.log'), $_SERVER['REMOTE_ADDR'], 'Login successful'); |
282 | return True; | 282 | return True; |
283 | } | 283 | } |
284 | logm($conf->get('config.LOG_FILE'), $_SERVER['REMOTE_ADDR'], 'Login failed for user '.$login); | 284 | logm($conf->get('path.log'), $_SERVER['REMOTE_ADDR'], 'Login failed for user '.$login); |
285 | return False; | 285 | return False; |
286 | } | 286 | } |
287 | 287 | ||
@@ -307,14 +307,14 @@ function logout() { | |||
307 | // ------------------------------------------------------------------------------------------ | 307 | // ------------------------------------------------------------------------------------------ |
308 | // Brute force protection system | 308 | // Brute force protection system |
309 | // Several consecutive failed logins will ban the IP address for 30 minutes. | 309 | // Several consecutive failed logins will ban the IP address for 30 minutes. |
310 | if (!is_file($conf->get('config.IPBANS_FILENAME', 'data/ipbans.php'))) { | 310 | if (!is_file($conf->get('path.ban_file', 'data/ipbans.php'))) { |
311 | // FIXME! globals | 311 | // FIXME! globals |
312 | file_put_contents( | 312 | file_put_contents( |
313 | $conf->get('config.IPBANS_FILENAME', 'data/ipbans.php'), | 313 | $conf->get('path.ban_file', 'data/ipbans.php'), |
314 | "<?php\n\$GLOBALS['IPBANS']=".var_export(array('FAILURES'=>array(),'BANS'=>array()),true).";\n?>" | 314 | "<?php\n\$GLOBALS['IPBANS']=".var_export(array('FAILURES'=>array(),'BANS'=>array()),true).";\n?>" |
315 | ); | 315 | ); |
316 | } | 316 | } |
317 | include $conf->get('config.IPBANS_FILENAME', 'data/ipbans.php'); | 317 | include $conf->get('path.ban_file', 'data/ipbans.php'); |
318 | // Signal a failed login. Will ban the IP if too many failures: | 318 | // Signal a failed login. Will ban the IP if too many failures: |
319 | function ban_loginFailed() | 319 | function ban_loginFailed() |
320 | { | 320 | { |
@@ -323,14 +323,14 @@ function ban_loginFailed() | |||
323 | $gb = $GLOBALS['IPBANS']; | 323 | $gb = $GLOBALS['IPBANS']; |
324 | if (!isset($gb['FAILURES'][$ip])) $gb['FAILURES'][$ip]=0; | 324 | if (!isset($gb['FAILURES'][$ip])) $gb['FAILURES'][$ip]=0; |
325 | $gb['FAILURES'][$ip]++; | 325 | $gb['FAILURES'][$ip]++; |
326 | if ($gb['FAILURES'][$ip] > ($conf->get('config.BAN_AFTER') - 1)) | 326 | if ($gb['FAILURES'][$ip] > ($conf->get('security.ban_after') - 1)) |
327 | { | 327 | { |
328 | $gb['BANS'][$ip] = time() + $conf->get('config.BAN_DURATION', 1800); | 328 | $gb['BANS'][$ip] = time() + $conf->get('security.ban_after', 1800); |
329 | logm($conf->get('config.LOG_FILE'), $_SERVER['REMOTE_ADDR'], 'IP address banned from login'); | 329 | logm($conf->get('path.log'), $_SERVER['REMOTE_ADDR'], 'IP address banned from login'); |
330 | } | 330 | } |
331 | $GLOBALS['IPBANS'] = $gb; | 331 | $GLOBALS['IPBANS'] = $gb; |
332 | file_put_contents( | 332 | file_put_contents( |
333 | $conf->get('config.IPBANS_FILENAME', 'data/ipbans.php'), | 333 | $conf->get('path.ban_file', 'data/ipbans.php'), |
334 | "<?php\n\$GLOBALS['IPBANS']=".var_export($gb,true).";\n?>" | 334 | "<?php\n\$GLOBALS['IPBANS']=".var_export($gb,true).";\n?>" |
335 | ); | 335 | ); |
336 | } | 336 | } |
@@ -344,7 +344,7 @@ function ban_loginOk() | |||
344 | unset($gb['FAILURES'][$ip]); unset($gb['BANS'][$ip]); | 344 | unset($gb['FAILURES'][$ip]); unset($gb['BANS'][$ip]); |
345 | $GLOBALS['IPBANS'] = $gb; | 345 | $GLOBALS['IPBANS'] = $gb; |
346 | file_put_contents( | 346 | file_put_contents( |
347 | $conf->get('config.IPBANS_FILENAME', 'data/ipbans.php'), | 347 | $conf->get('path.ban_file', 'data/ipbans.php'), |
348 | "<?php\n\$GLOBALS['IPBANS']=".var_export($gb,true).";\n?>" | 348 | "<?php\n\$GLOBALS['IPBANS']=".var_export($gb,true).";\n?>" |
349 | ); | 349 | ); |
350 | } | 350 | } |
@@ -359,10 +359,10 @@ function ban_canLogin() | |||
359 | // User is banned. Check if the ban has expired: | 359 | // User is banned. Check if the ban has expired: |
360 | if ($gb['BANS'][$ip]<=time()) | 360 | if ($gb['BANS'][$ip]<=time()) |
361 | { // Ban expired, user can try to login again. | 361 | { // Ban expired, user can try to login again. |
362 | logm($conf->get('config.LOG_FILE'), $_SERVER['REMOTE_ADDR'], 'Ban lifted.'); | 362 | logm($conf->get('path.log'), $_SERVER['REMOTE_ADDR'], 'Ban lifted.'); |
363 | unset($gb['FAILURES'][$ip]); unset($gb['BANS'][$ip]); | 363 | unset($gb['FAILURES'][$ip]); unset($gb['BANS'][$ip]); |
364 | file_put_contents( | 364 | file_put_contents( |
365 | $conf->get('config.IPBANS_FILENAME', 'data/ipbans.php'), | 365 | $conf->get('path.ban_file', 'data/ipbans.php'), |
366 | "<?php\n\$GLOBALS['IPBANS']=".var_export($gb,true).";\n?>" | 366 | "<?php\n\$GLOBALS['IPBANS']=".var_export($gb,true).";\n?>" |
367 | ); | 367 | ); |
368 | return true; // Ban has expired, user can login. | 368 | return true; // Ban has expired, user can login. |
@@ -479,7 +479,7 @@ if (!isset($_SESSION['tokens'])) $_SESSION['tokens']=array(); // Token are atta | |||
479 | function getToken() | 479 | function getToken() |
480 | { | 480 | { |
481 | $conf = ConfigManager::getInstance(); | 481 | $conf = ConfigManager::getInstance(); |
482 | $rnd = sha1(uniqid('', true) .'_'. mt_rand() . $conf->get('salt')); // We generate a random string. | 482 | $rnd = sha1(uniqid('', true) .'_'. mt_rand() . $conf->get('credentials.salt')); // We generate a random string. |
483 | $_SESSION['tokens'][$rnd]=1; // Store it on the server side. | 483 | $_SESSION['tokens'][$rnd]=1; // Store it on the server side. |
484 | return $rnd; | 484 | return $rnd; |
485 | } | 485 | } |
@@ -518,11 +518,11 @@ function showDailyRSS() { | |||
518 | // If cached was not found (or not usable), then read the database and build the response: | 518 | // If cached was not found (or not usable), then read the database and build the response: |
519 | // Read links from database (and filter private links if used it not logged in). | 519 | // Read links from database (and filter private links if used it not logged in). |
520 | $LINKSDB = new LinkDB( | 520 | $LINKSDB = new LinkDB( |
521 | $conf->get('config.DATASTORE'), | 521 | $conf->get('path.datastore'), |
522 | isLoggedIn(), | 522 | isLoggedIn(), |
523 | $conf->get('config.HIDE_PUBLIC_LINKS'), | 523 | $conf->get('extras.hide_public_links'), |
524 | $conf->get('redirector'), | 524 | $conf->get('extras.redirector'), |
525 | $conf->get('config.REDIRECTOR_URLENCODE') | 525 | $conf->get('extras.redirector_encode_url') |
526 | ); | 526 | ); |
527 | 527 | ||
528 | /* Some Shaarlies may have very few links, so we need to look | 528 | /* Some Shaarlies may have very few links, so we need to look |
@@ -556,7 +556,7 @@ function showDailyRSS() { | |||
556 | $pageaddr = escape(index_url($_SERVER)); | 556 | $pageaddr = escape(index_url($_SERVER)); |
557 | echo '<?xml version="1.0" encoding="UTF-8"?><rss version="2.0">'; | 557 | echo '<?xml version="1.0" encoding="UTF-8"?><rss version="2.0">'; |
558 | echo '<channel>'; | 558 | echo '<channel>'; |
559 | echo '<title>Daily - '. $conf->get('title') . '</title>'; | 559 | echo '<title>Daily - '. $conf->get('general.title') . '</title>'; |
560 | echo '<link>'. $pageaddr .'</link>'; | 560 | echo '<link>'. $pageaddr .'</link>'; |
561 | echo '<description>Daily shared links</description>'; | 561 | echo '<description>Daily shared links</description>'; |
562 | echo '<language>en-en</language>'; | 562 | echo '<language>en-en</language>'; |
@@ -575,7 +575,7 @@ function showDailyRSS() { | |||
575 | // We pre-format some fields for proper output. | 575 | // We pre-format some fields for proper output. |
576 | foreach ($linkdates as $linkdate) { | 576 | foreach ($linkdates as $linkdate) { |
577 | $l = $LINKSDB[$linkdate]; | 577 | $l = $LINKSDB[$linkdate]; |
578 | $l['formatedDescription'] = format_description($l['description'], $conf->get('redirector')); | 578 | $l['formatedDescription'] = format_description($l['description'], $conf->get('extras.redirector')); |
579 | $l['thumbnail'] = thumbnail($l['url']); | 579 | $l['thumbnail'] = thumbnail($l['url']); |
580 | $l_date = DateTime::createFromFormat(LinkDB::LINK_DATE_FORMAT, $l['linkdate']); | 580 | $l_date = DateTime::createFromFormat(LinkDB::LINK_DATE_FORMAT, $l['linkdate']); |
581 | $l['timestamp'] = $l_date->getTimestamp(); | 581 | $l['timestamp'] = $l_date->getTimestamp(); |
@@ -587,11 +587,12 @@ function showDailyRSS() { | |||
587 | 587 | ||
588 | // Then build the HTML for this day: | 588 | // Then build the HTML for this day: |
589 | $tpl = new RainTPL; | 589 | $tpl = new RainTPL; |
590 | $tpl->assign('title', $conf->get('title')); | 590 | $tpl->assign('title', $conf->get('general.title')); |
591 | $tpl->assign('daydate', $dayDate->getTimestamp()); | 591 | $tpl->assign('daydate', $dayDate->getTimestamp()); |
592 | $tpl->assign('absurl', $absurl); | 592 | $tpl->assign('absurl', $absurl); |
593 | $tpl->assign('links', $links); | 593 | $tpl->assign('links', $links); |
594 | $tpl->assign('rssdate', escape($dayDate->format(DateTime::RSS))); | 594 | $tpl->assign('rssdate', escape($dayDate->format(DateTime::RSS))); |
595 | $tpl->assign('hide_timestamps', $conf->get('extras.hide_timestamps', false)); | ||
595 | $html = $tpl->draw('dailyrss', $return_string=true); | 596 | $html = $tpl->draw('dailyrss', $return_string=true); |
596 | 597 | ||
597 | echo $html . PHP_EOL; | 598 | echo $html . PHP_EOL; |
@@ -640,7 +641,7 @@ function showDaily($pageBuilder, $LINKSDB) | |||
640 | $taglist = explode(' ',$link['tags']); | 641 | $taglist = explode(' ',$link['tags']); |
641 | uasort($taglist, 'strcasecmp'); | 642 | uasort($taglist, 'strcasecmp'); |
642 | $linksToDisplay[$key]['taglist']=$taglist; | 643 | $linksToDisplay[$key]['taglist']=$taglist; |
643 | $linksToDisplay[$key]['formatedDescription'] = format_description($link['description'], $conf->get('redirector')); | 644 | $linksToDisplay[$key]['formatedDescription'] = format_description($link['description'], $conf->get('extras.redirector')); |
644 | $linksToDisplay[$key]['thumbnail'] = thumbnail($link['url']); | 645 | $linksToDisplay[$key]['thumbnail'] = thumbnail($link['url']); |
645 | $date = DateTime::createFromFormat(LinkDB::LINK_DATE_FORMAT, $link['linkdate']); | 646 | $date = DateTime::createFromFormat(LinkDB::LINK_DATE_FORMAT, $link['linkdate']); |
646 | $linksToDisplay[$key]['timestamp'] = $date->getTimestamp(); | 647 | $linksToDisplay[$key]['timestamp'] = $date->getTimestamp(); |
@@ -700,15 +701,15 @@ function renderPage() | |||
700 | { | 701 | { |
701 | $conf = ConfigManager::getInstance(); | 702 | $conf = ConfigManager::getInstance(); |
702 | $LINKSDB = new LinkDB( | 703 | $LINKSDB = new LinkDB( |
703 | $conf->get('config.DATASTORE'), | 704 | $conf->get('path.datastore'), |
704 | isLoggedIn(), | 705 | isLoggedIn(), |
705 | $conf->get('config.HIDE_PUBLIC_LINKS'), | 706 | $conf->get('extras.hide_public_links'), |
706 | $conf->get('redirector'), | 707 | $conf->get('extras.redirector'), |
707 | $conf->get('config.REDIRECTOR_URLENCODE') | 708 | $conf->get('extras.redirector_encode_url') |
708 | ); | 709 | ); |
709 | 710 | ||
710 | $updater = new Updater( | 711 | $updater = new Updater( |
711 | read_updates_file($conf->get('config.UPDATES_FILE')), | 712 | read_updates_file($conf->get('path.updates')), |
712 | $LINKSDB, | 713 | $LINKSDB, |
713 | isLoggedIn() | 714 | isLoggedIn() |
714 | ); | 715 | ); |
@@ -716,7 +717,7 @@ function renderPage() | |||
716 | $newUpdates = $updater->update(); | 717 | $newUpdates = $updater->update(); |
717 | if (! empty($newUpdates)) { | 718 | if (! empty($newUpdates)) { |
718 | write_updates_file( | 719 | write_updates_file( |
719 | $conf->get('config.UPDATES_FILE'), | 720 | $conf->get('path.updates'), |
720 | $updater->getDoneUpdates() | 721 | $updater->getDoneUpdates() |
721 | ); | 722 | ); |
722 | } | 723 | } |
@@ -755,7 +756,7 @@ function renderPage() | |||
755 | // -------- Display login form. | 756 | // -------- Display login form. |
756 | if ($targetPage == Router::$PAGE_LOGIN) | 757 | if ($targetPage == Router::$PAGE_LOGIN) |
757 | { | 758 | { |
758 | if ($conf->get('config.OPEN_SHAARLI')) { header('Location: ?'); exit; } // No need to login for open Shaarli | 759 | if ($conf->get('extras.open_shaarli')) { header('Location: ?'); exit; } // No need to login for open Shaarli |
759 | $token=''; if (ban_canLogin()) $token=getToken(); // Do not waste token generation if not useful. | 760 | $token=''; if (ban_canLogin()) $token=getToken(); // Do not waste token generation if not useful. |
760 | $PAGE->assign('token',$token); | 761 | $PAGE->assign('token',$token); |
761 | if (isset($_GET['username'])) { | 762 | if (isset($_GET['username'])) { |
@@ -768,7 +769,7 @@ function renderPage() | |||
768 | // -------- User wants to logout. | 769 | // -------- User wants to logout. |
769 | if (isset($_SERVER['QUERY_STRING']) && startsWith($_SERVER['QUERY_STRING'], 'do=logout')) | 770 | if (isset($_SERVER['QUERY_STRING']) && startsWith($_SERVER['QUERY_STRING'], 'do=logout')) |
770 | { | 771 | { |
771 | invalidateCaches($conf->get('config.PAGECACHE')); | 772 | invalidateCaches($conf->get('path.page_cache')); |
772 | logout(); | 773 | logout(); |
773 | header('Location: ?'); | 774 | header('Location: ?'); |
774 | exit; | 775 | exit; |
@@ -868,7 +869,7 @@ function renderPage() | |||
868 | // Cache system | 869 | // Cache system |
869 | $query = $_SERVER['QUERY_STRING']; | 870 | $query = $_SERVER['QUERY_STRING']; |
870 | $cache = new CachedPage( | 871 | $cache = new CachedPage( |
871 | $conf->get('config.PAGECACHE'), | 872 | $conf->get('path.page_cache'), |
872 | page_url($_SERVER), | 873 | page_url($_SERVER), |
873 | startsWith($query,'do='. $targetPage) && !isLoggedIn() | 874 | startsWith($query,'do='. $targetPage) && !isLoggedIn() |
874 | ); | 875 | ); |
@@ -881,8 +882,8 @@ function renderPage() | |||
881 | // Generate data. | 882 | // Generate data. |
882 | $feedGenerator = new FeedBuilder($LINKSDB, $feedType, $_SERVER, $_GET, isLoggedIn()); | 883 | $feedGenerator = new FeedBuilder($LINKSDB, $feedType, $_SERVER, $_GET, isLoggedIn()); |
883 | $feedGenerator->setLocale(strtolower(setlocale(LC_COLLATE, 0))); | 884 | $feedGenerator->setLocale(strtolower(setlocale(LC_COLLATE, 0))); |
884 | $feedGenerator->setHideDates($conf->get('config.HIDE_TIMESTAMPS') && !isLoggedIn()); | 885 | $feedGenerator->setHideDates($conf->get('extras.hide_timestamps') && !isLoggedIn()); |
885 | $feedGenerator->setUsePermalinks(isset($_GET['permalinks']) || !$conf->get('config.ENABLE_RSS_PERMALINKS')); | 886 | $feedGenerator->setUsePermalinks(isset($_GET['permalinks']) || !$conf->get('general.rss_permalinks')); |
886 | $pshUrl = $conf->get('config.PUBSUBHUB_URL'); | 887 | $pshUrl = $conf->get('config.PUBSUBHUB_URL'); |
887 | if (!empty($pshUrl)) { | 888 | if (!empty($pshUrl)) { |
888 | $feedGenerator->setPubsubhubUrl($pshUrl); | 889 | $feedGenerator->setPubsubhubUrl($pshUrl); |
@@ -1046,7 +1047,7 @@ function renderPage() | |||
1046 | // -------- User wants to change his/her password. | 1047 | // -------- User wants to change his/her password. |
1047 | if ($targetPage == Router::$PAGE_CHANGEPASSWORD) | 1048 | if ($targetPage == Router::$PAGE_CHANGEPASSWORD) |
1048 | { | 1049 | { |
1049 | if ($conf->get('config.OPEN_SHAARLI')) { | 1050 | if ($conf->get('extras.open_shaarli')) { |
1050 | die('You are not supposed to change a password on an Open Shaarli.'); | 1051 | die('You are not supposed to change a password on an Open Shaarli.'); |
1051 | } | 1052 | } |
1052 | 1053 | ||
@@ -1055,12 +1056,12 @@ function renderPage() | |||
1055 | if (!tokenOk($_POST['token'])) die('Wrong token.'); // Go away! | 1056 | if (!tokenOk($_POST['token'])) die('Wrong token.'); // Go away! |
1056 | 1057 | ||
1057 | // Make sure old password is correct. | 1058 | // Make sure old password is correct. |
1058 | $oldhash = sha1($_POST['oldpassword'].$conf->get('login').$conf->get('salt')); | 1059 | $oldhash = sha1($_POST['oldpassword'].$conf->get('credentials.login').$conf->get('credentials.salt')); |
1059 | if ($oldhash!= $conf->get('hash')) { echo '<script>alert("The old password is not correct.");document.location=\'?do=changepasswd\';</script>'; exit; } | 1060 | if ($oldhash!= $conf->get('credentials.hash')) { echo '<script>alert("The old password is not correct.");document.location=\'?do=changepasswd\';</script>'; exit; } |
1060 | // Save new password | 1061 | // Save new password |
1061 | // Salt renders rainbow-tables attacks useless. | 1062 | // Salt renders rainbow-tables attacks useless. |
1062 | $conf->set('salt', sha1(uniqid('', true) .'_'. mt_rand())); | 1063 | $conf->set('credentials.salt', sha1(uniqid('', true) .'_'. mt_rand())); |
1063 | $conf->set('hash', sha1($_POST['setpassword'] . $conf->get('login') . $conf->get('salt'))); | 1064 | $conf->set('credentials.hash', sha1($_POST['setpassword'] . $conf->get('credentials.login') . $conf->get('credentials.salt'))); |
1064 | try { | 1065 | try { |
1065 | $conf->write(isLoggedIn()); | 1066 | $conf->write(isLoggedIn()); |
1066 | } | 1067 | } |
@@ -1099,15 +1100,15 @@ function renderPage() | |||
1099 | ) { | 1100 | ) { |
1100 | $tz = $_POST['continent'] . '/' . $_POST['city']; | 1101 | $tz = $_POST['continent'] . '/' . $_POST['city']; |
1101 | } | 1102 | } |
1102 | $conf->set('timezone', $tz); | 1103 | $conf->set('general.timezone', $tz); |
1103 | $conf->set('title', $_POST['title']); | 1104 | $conf->set('general.title', $_POST['title']); |
1104 | $conf->set('titleLink', $_POST['titleLink']); | 1105 | $conf->set('general.header_link', $_POST['titleLink']); |
1105 | $conf->set('redirector', $_POST['redirector']); | 1106 | $conf->set('extras.redirector', $_POST['redirector']); |
1106 | $conf->set('disablesessionprotection', !empty($_POST['disablesessionprotection'])); | 1107 | $conf->set('security.session_protection_disabled', !empty($_POST['disablesessionprotection'])); |
1107 | $conf->set('privateLinkByDefault', !empty($_POST['privateLinkByDefault'])); | 1108 | $conf->set('general.default_private_links', !empty($_POST['privateLinkByDefault'])); |
1108 | $conf->set('config.ENABLE_RSS_PERMALINKS', !empty($_POST['enableRssPermalinks'])); | 1109 | $conf->set('general.rss_permalinks', !empty($_POST['enableRssPermalinks'])); |
1109 | $conf->set('config.ENABLE_UPDATECHECK', !empty($_POST['updateCheck'])); | 1110 | $conf->set('general.check_updates', !empty($_POST['updateCheck'])); |
1110 | $conf->set('config.HIDE_PUBLIC_LINKS', !empty($_POST['hidePublicLinks'])); | 1111 | $conf->set('extras.hide_public_links', !empty($_POST['hidePublicLinks'])); |
1111 | try { | 1112 | try { |
1112 | $conf->write(isLoggedIn()); | 1113 | $conf->write(isLoggedIn()); |
1113 | } | 1114 | } |
@@ -1127,15 +1128,15 @@ function renderPage() | |||
1127 | else // Show the configuration form. | 1128 | else // Show the configuration form. |
1128 | { | 1129 | { |
1129 | $PAGE->assign('token',getToken()); | 1130 | $PAGE->assign('token',getToken()); |
1130 | $PAGE->assign('title', $conf->get('title')); | 1131 | $PAGE->assign('title', $conf->get('general.title')); |
1131 | $PAGE->assign('redirector', $conf->get('redirector')); | 1132 | $PAGE->assign('redirector', $conf->get('extras.redirector')); |
1132 | list($timezone_form, $timezone_js) = generateTimeZoneForm($conf->get('timezone')); | 1133 | list($timezone_form, $timezone_js) = generateTimeZoneForm($conf->get('general.timezone')); |
1133 | $PAGE->assign('timezone_form', $timezone_form); | 1134 | $PAGE->assign('timezone_form', $timezone_form); |
1134 | $PAGE->assign('timezone_js',$timezone_js); | 1135 | $PAGE->assign('timezone_js',$timezone_js); |
1135 | $PAGE->assign('private_links_default', $conf->get('privateLinkByDefault')); | 1136 | $PAGE->assign('private_links_default', $conf->get('general.default_private_links', false)); |
1136 | $PAGE->assign('enable_rss_permalinks', $conf->get('config.ENABLE_RSS_PERMALINKS')); | 1137 | $PAGE->assign('enable_rss_permalinks', $conf->get('general.rss_permalinks', false)); |
1137 | $PAGE->assign('enable_update_check', $conf->get('config.ENABLE_UPDATECHECK')); | 1138 | $PAGE->assign('enable_update_check', $conf->get('general.check_updates', true)); |
1138 | $PAGE->assign('hide_public_links', $conf->get('config.HIDE_PUBLIC_LINKS')); | 1139 | $PAGE->assign('hide_public_links', $conf->get('extras.hide_public_links', false)); |
1139 | $PAGE->renderPage('configure'); | 1140 | $PAGE->renderPage('configure'); |
1140 | exit; | 1141 | exit; |
1141 | } | 1142 | } |
@@ -1167,7 +1168,7 @@ function renderPage() | |||
1167 | $value['tags']=trim(implode(' ',$tags)); | 1168 | $value['tags']=trim(implode(' ',$tags)); |
1168 | $LINKSDB[$key]=$value; | 1169 | $LINKSDB[$key]=$value; |
1169 | } | 1170 | } |
1170 | $LINKSDB->savedb($conf->get('config.PAGECACHE')); | 1171 | $LINKSDB->savedb($conf->get('path.page_cache')); |
1171 | echo '<script>alert("Tag was removed from '.count($linksToAlter).' links.");document.location=\'?\';</script>'; | 1172 | echo '<script>alert("Tag was removed from '.count($linksToAlter).' links.");document.location=\'?\';</script>'; |
1172 | exit; | 1173 | exit; |
1173 | } | 1174 | } |
@@ -1184,7 +1185,7 @@ function renderPage() | |||
1184 | $value['tags']=trim(implode(' ',$tags)); | 1185 | $value['tags']=trim(implode(' ',$tags)); |
1185 | $LINKSDB[$key]=$value; | 1186 | $LINKSDB[$key]=$value; |
1186 | } | 1187 | } |
1187 | $LINKSDB->savedb($conf->get('config.PAGECACHE')); // Save to disk. | 1188 | $LINKSDB->savedb($conf->get('path.page_cache')); // Save to disk. |
1188 | echo '<script>alert("Tag was renamed in '.count($linksToAlter).' links.");document.location=\'?searchtags='.urlencode($_POST['totag']).'\';</script>'; | 1189 | echo '<script>alert("Tag was renamed in '.count($linksToAlter).' links.");document.location=\'?searchtags='.urlencode($_POST['totag']).'\';</script>'; |
1189 | exit; | 1190 | exit; |
1190 | } | 1191 | } |
@@ -1235,7 +1236,7 @@ function renderPage() | |||
1235 | $pluginManager->executeHooks('save_link', $link); | 1236 | $pluginManager->executeHooks('save_link', $link); |
1236 | 1237 | ||
1237 | $LINKSDB[$linkdate] = $link; | 1238 | $LINKSDB[$linkdate] = $link; |
1238 | $LINKSDB->savedb($conf->get('config.PAGECACHE')); | 1239 | $LINKSDB->savedb($conf->get('path.page_cache')); |
1239 | pubsubhub(); | 1240 | pubsubhub(); |
1240 | 1241 | ||
1241 | // If we are called from the bookmarklet, we must close the popup: | 1242 | // If we are called from the bookmarklet, we must close the popup: |
@@ -1277,7 +1278,7 @@ function renderPage() | |||
1277 | $pluginManager->executeHooks('delete_link', $LINKSDB[$linkdate]); | 1278 | $pluginManager->executeHooks('delete_link', $LINKSDB[$linkdate]); |
1278 | 1279 | ||
1279 | unset($LINKSDB[$linkdate]); | 1280 | unset($LINKSDB[$linkdate]); |
1280 | $LINKSDB->savedb('config.PAGECACHE'); // save to disk | 1281 | $LINKSDB->savedb('path.page_cache'); // save to disk |
1281 | 1282 | ||
1282 | // If we are called from the bookmarklet, we must close the popup: | 1283 | // If we are called from the bookmarklet, we must close the popup: |
1283 | if (isset($_GET['source']) && ($_GET['source']=='bookmarklet' || $_GET['source']=='firefoxsocialapi')) { echo '<script>self.close();</script>'; exit; } | 1284 | if (isset($_GET['source']) && ($_GET['source']=='bookmarklet' || $_GET['source']=='firefoxsocialapi')) { echo '<script>self.close();</script>'; exit; } |
@@ -1391,6 +1392,7 @@ function renderPage() | |||
1391 | 'http_referer' => (isset($_SERVER['HTTP_REFERER']) ? escape($_SERVER['HTTP_REFERER']) : ''), | 1392 | 'http_referer' => (isset($_SERVER['HTTP_REFERER']) ? escape($_SERVER['HTTP_REFERER']) : ''), |
1392 | 'source' => (isset($_GET['source']) ? $_GET['source'] : ''), | 1393 | 'source' => (isset($_GET['source']) ? $_GET['source'] : ''), |
1393 | 'tags' => $LINKSDB->allTags(), | 1394 | 'tags' => $LINKSDB->allTags(), |
1395 | 'default_private_links' => $conf->get('default_private_links', false), | ||
1394 | ); | 1396 | ); |
1395 | $pluginManager->executeHooks('render_editlink', $data); | 1397 | $pluginManager->executeHooks('render_editlink', $data); |
1396 | 1398 | ||
@@ -1500,7 +1502,7 @@ function renderPage() | |||
1500 | } | 1502 | } |
1501 | } | 1503 | } |
1502 | else { | 1504 | else { |
1503 | $conf->set('config.ENABLED_PLUGINS', save_plugin_config($_POST)); | 1505 | $conf->set('general.enabled_plugins', save_plugin_config($_POST)); |
1504 | } | 1506 | } |
1505 | $conf->write(isLoggedIn()); | 1507 | $conf->write(isLoggedIn()); |
1506 | } | 1508 | } |
@@ -1599,7 +1601,7 @@ function importFile($LINKSDB) | |||
1599 | } | 1601 | } |
1600 | } | 1602 | } |
1601 | } | 1603 | } |
1602 | $LINKSDB->savedb($conf->get('config.PAGECACHE')); | 1604 | $LINKSDB->savedb($conf->get('path.page_cache')); |
1603 | 1605 | ||
1604 | echo '<script>alert("File '.json_encode($filename).' ('.$filesize.' bytes) was successfully processed: '.$import_count.' links imported.");document.location=\'?\';</script>'; | 1606 | echo '<script>alert("File '.json_encode($filename).' ('.$filesize.' bytes) was successfully processed: '.$import_count.' links imported.");document.location=\'?\';</script>'; |
1605 | } | 1607 | } |
@@ -1646,7 +1648,7 @@ function buildLinkList($PAGE,$LINKSDB) | |||
1646 | 1648 | ||
1647 | // If there is only a single link, we change on-the-fly the title of the page. | 1649 | // If there is only a single link, we change on-the-fly the title of the page. |
1648 | if (count($linksToDisplay) == 1) { | 1650 | if (count($linksToDisplay) == 1) { |
1649 | $conf->set('pagetitle', $linksToDisplay[$keys[0]]['title'] .' - '. $conf->get('title')); | 1651 | $conf->set('pagetitle', $linksToDisplay[$keys[0]]['title'] .' - '. $conf->get('general.title')); |
1650 | } | 1652 | } |
1651 | 1653 | ||
1652 | // Select articles according to paging. | 1654 | // Select articles according to paging. |
@@ -1662,7 +1664,7 @@ function buildLinkList($PAGE,$LINKSDB) | |||
1662 | while ($i<$end && $i<count($keys)) | 1664 | while ($i<$end && $i<count($keys)) |
1663 | { | 1665 | { |
1664 | $link = $linksToDisplay[$keys[$i]]; | 1666 | $link = $linksToDisplay[$keys[$i]]; |
1665 | $link['description'] = format_description($link['description'], $conf->get('redirector')); | 1667 | $link['description'] = format_description($link['description'], $conf->get('extras.redirector')); |
1666 | $classLi = ($i % 2) != 0 ? '' : 'publicLinkHightLight'; | 1668 | $classLi = ($i % 2) != 0 ? '' : 'publicLinkHightLight'; |
1667 | $link['class'] = $link['private'] == 0 ? $classLi : 'private'; | 1669 | $link['class'] = $link['private'] == 0 ? $classLi : 'private'; |
1668 | $date = DateTime::createFromFormat(LinkDB::LINK_DATE_FORMAT, $link['linkdate']); | 1670 | $date = DateTime::createFromFormat(LinkDB::LINK_DATE_FORMAT, $link['linkdate']); |
@@ -1704,7 +1706,7 @@ function buildLinkList($PAGE,$LINKSDB) | |||
1704 | 'result_count' => count($linksToDisplay), | 1706 | 'result_count' => count($linksToDisplay), |
1705 | 'search_term' => $searchterm, | 1707 | 'search_term' => $searchterm, |
1706 | 'search_tags' => $searchtags, | 1708 | 'search_tags' => $searchtags, |
1707 | 'redirector' => $conf->get('redirector'), // Optional redirector URL. | 1709 | 'redirector' => $conf->get('extras.redirector'), // Optional redirector URL. |
1708 | 'token' => $token, | 1710 | 'token' => $token, |
1709 | 'links' => $linkDisp, | 1711 | 'links' => $linkDisp, |
1710 | 'tags' => $LINKSDB->allTags(), | 1712 | 'tags' => $LINKSDB->allTags(), |
@@ -1736,7 +1738,7 @@ function buildLinkList($PAGE,$LINKSDB) | |||
1736 | function computeThumbnail($url,$href=false) | 1738 | function computeThumbnail($url,$href=false) |
1737 | { | 1739 | { |
1738 | $conf = ConfigManager::getInstance(); | 1740 | $conf = ConfigManager::getInstance(); |
1739 | if (!$conf->get('config.ENABLE_THUMBNAILS')) return array(); | 1741 | if (!$conf->get('general.enable_thumbnails')) return array(); |
1740 | if ($href==false) $href=$url; | 1742 | if ($href==false) $href=$url; |
1741 | 1743 | ||
1742 | // For most hosts, the URL of the thumbnail can be easily deduced from the URL of the link. | 1744 | // For most hosts, the URL of the thumbnail can be easily deduced from the URL of the link. |
@@ -1804,7 +1806,7 @@ function computeThumbnail($url,$href=false) | |||
1804 | // So we deport the thumbnail generation in order not to slow down page generation | 1806 | // So we deport the thumbnail generation in order not to slow down page generation |
1805 | // (and we also cache the thumbnail) | 1807 | // (and we also cache the thumbnail) |
1806 | 1808 | ||
1807 | if (! $conf->get('config.ENABLE_LOCALCACHE')) return array(); // If local cache is disabled, no thumbnails for services which require the use a local cache. | 1809 | if (! $conf->get('general.enable_localcache')) return array(); // If local cache is disabled, no thumbnails for services which require the use a local cache. |
1808 | 1810 | ||
1809 | if ($domain=='flickr.com' || endsWith($domain,'.flickr.com') | 1811 | if ($domain=='flickr.com' || endsWith($domain,'.flickr.com') |
1810 | || $domain=='vimeo.com' | 1812 | || $domain=='vimeo.com' |
@@ -1827,7 +1829,7 @@ function computeThumbnail($url,$href=false) | |||
1827 | $path = parse_url($url,PHP_URL_PATH); | 1829 | $path = parse_url($url,PHP_URL_PATH); |
1828 | if ("/talks/" !== substr($path,0,7)) return array(); // This is not a single video URL. | 1830 | if ("/talks/" !== substr($path,0,7)) return array(); // This is not a single video URL. |
1829 | } | 1831 | } |
1830 | $sign = hash_hmac('sha256', $url, $conf->get('salt')); // We use the salt to sign data (it's random, secret, and specific to each installation) | 1832 | $sign = hash_hmac('sha256', $url, $conf->get('credentials.salt')); // We use the salt to sign data (it's random, secret, and specific to each installation) |
1831 | return array('src'=>index_url($_SERVER).'?do=genthumbnail&hmac='.$sign.'&url='.urlencode($url), | 1833 | return array('src'=>index_url($_SERVER).'?do=genthumbnail&hmac='.$sign.'&url='.urlencode($url), |
1832 | 'href'=>$href,'width'=>'120','style'=>'height:auto;','alt'=>'thumbnail'); | 1834 | 'href'=>$href,'width'=>'120','style'=>'height:auto;','alt'=>'thumbnail'); |
1833 | } | 1835 | } |
@@ -1838,7 +1840,7 @@ function computeThumbnail($url,$href=false) | |||
1838 | $ext=strtolower(pathinfo($url,PATHINFO_EXTENSION)); | 1840 | $ext=strtolower(pathinfo($url,PATHINFO_EXTENSION)); |
1839 | if ($ext=='jpg' || $ext=='jpeg' || $ext=='png' || $ext=='gif') | 1841 | if ($ext=='jpg' || $ext=='jpeg' || $ext=='png' || $ext=='gif') |
1840 | { | 1842 | { |
1841 | $sign = hash_hmac('sha256', $url, $conf->get('salt')); // We use the salt to sign data (it's random, secret, and specific to each installation) | 1843 | $sign = hash_hmac('sha256', $url, $conf->get('credentials.salt')); // We use the salt to sign data (it's random, secret, and specific to each installation) |
1842 | return array('src'=>index_url($_SERVER).'?do=genthumbnail&hmac='.$sign.'&url='.urlencode($url), | 1844 | return array('src'=>index_url($_SERVER).'?do=genthumbnail&hmac='.$sign.'&url='.urlencode($url), |
1843 | 'href'=>$href,'width'=>'120','style'=>'height:auto;','alt'=>'thumbnail'); | 1845 | 'href'=>$href,'width'=>'120','style'=>'height:auto;','alt'=>'thumbnail'); |
1844 | } | 1846 | } |
@@ -1942,18 +1944,18 @@ function install() | |||
1942 | ) { | 1944 | ) { |
1943 | $tz = $_POST['continent'].'/'.$_POST['city']; | 1945 | $tz = $_POST['continent'].'/'.$_POST['city']; |
1944 | } | 1946 | } |
1945 | $conf->set('timezone', $tz); | 1947 | $conf->set('general.timezone', $tz); |
1946 | $login = $_POST['setlogin']; | 1948 | $login = $_POST['setlogin']; |
1947 | $conf->set('login', $login); | 1949 | $conf->set('credentials.login', $login); |
1948 | $salt = sha1(uniqid('', true) .'_'. mt_rand()); | 1950 | $salt = sha1(uniqid('', true) .'_'. mt_rand()); |
1949 | $conf->set('salt', $salt); | 1951 | $conf->set('credentials.salt', $salt); |
1950 | $conf->set('hash', sha1($_POST['setpassword'] . $login . $salt)); | 1952 | $conf->set('credentials.hash', sha1($_POST['setpassword'] . $login . $salt)); |
1951 | if (!empty($_POST['title'])) { | 1953 | if (!empty($_POST['title'])) { |
1952 | $conf->set('title', $_POST['title']); | 1954 | $conf->set('general.title', $_POST['title']); |
1953 | } else { | 1955 | } else { |
1954 | $conf->set('title', 'Shared links on '.escape(index_url($_SERVER))); | 1956 | $conf->set('general.title', 'Shared links on '.escape(index_url($_SERVER))); |
1955 | } | 1957 | } |
1956 | $conf->set('config.ENABLE_UPDATECHECK', !empty($_POST['updateCheck'])); | 1958 | $conf->set('general.check_updates', !empty($_POST['updateCheck'])); |
1957 | try { | 1959 | try { |
1958 | // Everything is ok, let's create config file. | 1960 | // Everything is ok, let's create config file. |
1959 | $conf->write(isLoggedIn()); | 1961 | $conf->write(isLoggedIn()); |
@@ -1999,10 +2001,10 @@ function genThumbnail() | |||
1999 | { | 2001 | { |
2000 | $conf = ConfigManager::getInstance(); | 2002 | $conf = ConfigManager::getInstance(); |
2001 | // Make sure the parameters in the URL were generated by us. | 2003 | // Make sure the parameters in the URL were generated by us. |
2002 | $sign = hash_hmac('sha256', $_GET['url'], $conf->get('salt')); | 2004 | $sign = hash_hmac('sha256', $_GET['url'], $conf->get('credentials.salt')); |
2003 | if ($sign!=$_GET['hmac']) die('Naughty boy!'); | 2005 | if ($sign!=$_GET['hmac']) die('Naughty boy!'); |
2004 | 2006 | ||
2005 | $cacheDir = $conf->get('config.CACHEDIR', 'cache'); | 2007 | $cacheDir = $conf->get('path.thumbnails_cache', 'cache'); |
2006 | // Let's see if we don't already have the image for this URL in the cache. | 2008 | // Let's see if we don't already have the image for this URL in the cache. |
2007 | $thumbname=hash('sha1',$_GET['url']).'.jpg'; | 2009 | $thumbname=hash('sha1',$_GET['url']).'.jpg'; |
2008 | if (is_file($cacheDir .'/'. $thumbname)) | 2010 | if (is_file($cacheDir .'/'. $thumbname)) |
@@ -2212,7 +2214,7 @@ function resizeImage($filepath) | |||
2212 | if (isset($_SERVER['QUERY_STRING']) && startsWith($_SERVER['QUERY_STRING'], 'do=genthumbnail')) { genThumbnail(); exit; } // Thumbnail generation/cache does not need the link database. | 2214 | if (isset($_SERVER['QUERY_STRING']) && startsWith($_SERVER['QUERY_STRING'], 'do=genthumbnail')) { genThumbnail(); exit; } // Thumbnail generation/cache does not need the link database. |
2213 | if (isset($_SERVER['QUERY_STRING']) && startsWith($_SERVER['QUERY_STRING'], 'do=dailyrss')) { showDailyRSS(); exit; } | 2215 | if (isset($_SERVER['QUERY_STRING']) && startsWith($_SERVER['QUERY_STRING'], 'do=dailyrss')) { showDailyRSS(); exit; } |
2214 | if (!isset($_SESSION['LINKS_PER_PAGE'])) { | 2216 | if (!isset($_SESSION['LINKS_PER_PAGE'])) { |
2215 | $_SESSION['LINKS_PER_PAGE'] = $conf->get('config.LINKS_PER_PAGE', 20); | 2217 | $_SESSION['LINKS_PER_PAGE'] = $conf->get('general.links_per_page', 20); |
2216 | } | 2218 | } |
2217 | renderPage(); | 2219 | renderPage(); |
2218 | ?> | 2220 | ?> |