aboutsummaryrefslogtreecommitdiffhomepage
path: root/application
diff options
context:
space:
mode:
Diffstat (limited to 'application')
-rw-r--r--application/front/controllers/SessionFilterController.php81
-rw-r--r--application/front/controllers/ShaarliController.php43
-rw-r--r--application/security/SessionManager.php33
3 files changed, 157 insertions, 0 deletions
diff --git a/application/front/controllers/SessionFilterController.php b/application/front/controllers/SessionFilterController.php
new file mode 100644
index 00000000..a021dc37
--- /dev/null
+++ b/application/front/controllers/SessionFilterController.php
@@ -0,0 +1,81 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Front\Controller;
6
7use Shaarli\Bookmark\BookmarkFilter;
8use Shaarli\Security\SessionManager;
9use Slim\Http\Request;
10use Slim\Http\Response;
11
12/**
13 * Class SessionFilterController
14 *
15 * Slim controller used to handle filters stored in the user session, such as visibility, links per page, etc.
16 *
17 * @package Shaarli\Front\Controller
18 */
19class SessionFilterController extends ShaarliController
20{
21 /**
22 * GET /links-per-page: set the number of bookmarks to display per page in homepage
23 */
24 public function linksPerPage(Request $request, Response $response): Response
25 {
26 $linksPerPage = $request->getParam('nb') ?? null;
27 if (null === $linksPerPage || false === is_numeric($linksPerPage)) {
28 $linksPerPage = $this->container->conf->get('general.links_per_page', 20);
29 }
30
31 $this->container->sessionManager->setSessionParameter(
32 SessionManager::KEY_LINKS_PER_PAGE,
33 abs(intval($linksPerPage))
34 );
35
36 return $this->redirectFromReferer($response, ['linksperpage'], ['nb']);
37 }
38
39 /**
40 * GET /visibility: allows to display only public or only private bookmarks in linklist
41 */
42 public function visibility(Request $request, Response $response, array $args): Response
43 {
44 if (false === $this->container->loginManager->isLoggedIn()) {
45 return $this->redirectFromReferer($response, ['visibility']);
46 }
47
48 $newVisibility = $args['visibility'] ?? null;
49 if (false === in_array($newVisibility, [BookmarkFilter::$PRIVATE, BookmarkFilter::$PUBLIC], true)) {
50 $newVisibility = null;
51 }
52
53 $currentVisibility = $this->container->sessionManager->getSessionParameter(SessionManager::KEY_VISIBILITY);
54
55 // Visibility not set or not already expected value, set expected value, otherwise reset it
56 if ($newVisibility !== null && (null === $currentVisibility || $currentVisibility !== $newVisibility)) {
57 // See only public bookmarks
58 $this->container->sessionManager->setSessionParameter(
59 SessionManager::KEY_VISIBILITY,
60 $newVisibility
61 );
62 } else {
63 $this->container->sessionManager->deleteSessionParameter(SessionManager::KEY_VISIBILITY);
64 }
65
66 return $this->redirectFromReferer($response, ['visibility']);
67 }
68
69 /**
70 * GET /untagged-only: allows to display only bookmarks without any tag
71 */
72 public function untaggedOnly(Request $request, Response $response): Response
73 {
74 $this->container->sessionManager->setSessionParameter(
75 SessionManager::KEY_UNTAGGED_ONLY,
76 empty($this->container->sessionManager->getSessionParameter(SessionManager::KEY_UNTAGGED_ONLY))
77 );
78
79 return $this->redirectFromReferer($response, ['untaggedonly', 'untagged-only']);
80 }
81}
diff --git a/application/front/controllers/ShaarliController.php b/application/front/controllers/ShaarliController.php
index 0c5d363e..bfff5fcf 100644
--- a/application/front/controllers/ShaarliController.php
+++ b/application/front/controllers/ShaarliController.php
@@ -6,6 +6,7 @@ namespace Shaarli\Front\Controller;
6 6
7use Shaarli\Bookmark\BookmarkFilter; 7use Shaarli\Bookmark\BookmarkFilter;
8use Shaarli\Container\ShaarliContainer; 8use Shaarli\Container\ShaarliContainer;
9use Slim\Http\Response;
9 10
10abstract class ShaarliController 11abstract class ShaarliController
11{ 12{
@@ -80,4 +81,46 @@ abstract class ShaarliController
80 $this->assignView('plugins_' . $name, $plugin_data); 81 $this->assignView('plugins_' . $name, $plugin_data);
81 } 82 }
82 } 83 }
84
85 /**
86 * Generates a redirection to the previous page, based on the HTTP_REFERER.
87 * It fails back to the home page.
88 *
89 * @param array $loopTerms Terms to remove from path and query string to prevent direction loop.
90 * @param array $clearParams List of parameter to remove from the query string of the referrer.
91 */
92 protected function redirectFromReferer(Response $response, array $loopTerms = [], array $clearParams = []): Response
93 {
94 $defaultPath = './';
95 $referer = $this->container->environment['HTTP_REFERER'] ?? null;
96
97 if (null !== $referer) {
98 $currentUrl = parse_url($referer);
99 parse_str($currentUrl['query'] ?? '', $params);
100 $path = $currentUrl['path'] ?? $defaultPath;
101 } else {
102 $params = [];
103 $path = $defaultPath;
104 }
105
106 // Prevent redirection loop
107 if (isset($currentUrl)) {
108 foreach ($clearParams as $value) {
109 unset($params[$value]);
110 }
111
112 $checkQuery = implode('', array_keys($params));
113 foreach ($loopTerms as $value) {
114 if (strpos($path . $checkQuery, $value) !== false) {
115 $params = [];
116 $path = $defaultPath;
117 break;
118 }
119 }
120 }
121
122 $queryString = count($params) > 0 ? '?'. http_build_query($params) : '';
123
124 return $response->withRedirect($path . $queryString);
125 }
83} 126}
diff --git a/application/security/SessionManager.php b/application/security/SessionManager.php
index 4ae99168..8b77d362 100644
--- a/application/security/SessionManager.php
+++ b/application/security/SessionManager.php
@@ -8,6 +8,10 @@ use Shaarli\Config\ConfigManager;
8 */ 8 */
9class SessionManager 9class SessionManager
10{ 10{
11 public const KEY_LINKS_PER_PAGE = 'LINKS_PER_PAGE';
12 public const KEY_VISIBILITY = 'visibility';
13 public const KEY_UNTAGGED_ONLY = 'untaggedonly';
14
11 /** @var int Session expiration timeout, in seconds */ 15 /** @var int Session expiration timeout, in seconds */
12 public static $SHORT_TIMEOUT = 3600; // 1 hour 16 public static $SHORT_TIMEOUT = 3600; // 1 hour
13 17
@@ -212,4 +216,33 @@ class SessionManager
212 { 216 {
213 return $this->session[$key] ?? $default; 217 return $this->session[$key] ?? $default;
214 } 218 }
219
220 /**
221 * Store a variable in user session.
222 *
223 * @param string $key Session key
224 * @param mixed $value Session value to store
225 *
226 * @return $this
227 */
228 public function setSessionParameter(string $key, $value): self
229 {
230 $this->session[$key] = $value;
231
232 return $this;
233 }
234
235 /**
236 * Store a variable in user session.
237 *
238 * @param string $key Session key
239 *
240 * @return $this
241 */
242 public function deleteSessionParameter(string $key): self
243 {
244 unset($this->session[$key]);
245
246 return $this;
247 }
215} 248}