7 files changed, 46 insertions, 17 deletions
diff --git a/application/ApplicationUtils.php b/application/ApplicationUtils.php
index 85dcbeeb..5643f4a0 100644
--- a/application/ApplicationUtils.php
+++ b/application/ApplicationUtils.php
@@ -168,14 +168,15 @@ class ApplicationUtils
    public static function checkResourcePermissions($conf)
    {
        $errors = array();
+        $rainTplDir = rtrim($conf->get('resource.raintpl_tpl'), '/');
        // Check script and template directories are readable
        foreach (array(
            'application',
            'inc',
            'plugins',
-            $conf->get('resource.raintpl_tpl'),
+            $rainTplDir,
-            $conf->get('resource.raintpl_tpl').'/'.$conf->get('resource.theme'),
+            $rainTplDir.'/'.$conf->get('resource.theme'),
        ) as $path) {
            if (! is_readable(realpath($path))) {
                $errors[] = '"'.$path.'" directory is not readable';
@@ -220,4 +221,19 @@ class ApplicationUtils
        return $errors;
    }
+    /**
+     * Returns a salted hash representing the current Shaarli version.
+     *
+     * Useful for assets browser cache.
+     *
+     * @param string $currentVersion of Shaarli
+     * @param string $salt           User personal salt, also used for the authentication
+     *
+     * @return string version hash
+     */
+    public static function getVersionHash($currentVersion, $salt)
+    {
+        return hash_hmac('sha256', $currentVersion, $salt);
+    }
 }
diff --git a/application/FileUtils.php b/application/FileUtils.php
index a167f642..918cb83b 100644
--- a/application/FileUtils.php
+++ b/application/FileUtils.php
@@ -50,7 +50,8 @@ class FileUtils
    /**
     * Read data from a file containing Shaarli database format content.
-     * If the file isn't readable or doesn't exists, default data will be returned.
+     *
+     * If the file isn't readable or doesn't exist, default data will be returned.
     *
     * @param string $file    File path.
     * @param mixed  $default The default value to return if the file isn't readable.
@@ -61,16 +62,21 @@ class FileUtils
    {
        // Note that gzinflate is faster than gzuncompress.
        // See: http://www.php.net/manual/en/function.gzdeflate.php#96439
-        if (is_readable($file)) {
+        if (! is_readable($file)) {
-            return unserialize(
+            return $default;
-                gzinflate(
+        }
-                    base64_decode(
-                        substr(file_get_contents($file), strlen(self::$phpPrefix), -strlen(self::$phpSuffix))
+        $data = file_get_contents($file);
-                    )
+        if ($data == '') {
-                )
+            return $default;
-            );
        }
-        return $default;
+        return unserialize(
+            gzinflate(
+                base64_decode(
+                    substr($data, strlen(self::$phpPrefix), -strlen(self::$phpSuffix))
+                )
+            )
+        );
    }
 }
diff --git a/application/LinkUtils.php b/application/LinkUtils.php
index 976474de..267e62cd 100644
--- a/application/LinkUtils.php
+++ b/application/LinkUtils.php
@@ -109,7 +109,7 @@ function count_private($links)
 */
 function text2clickable($text, $redirector = '')
 {
-    $regex = '!(((?:https?|ftp|file)://|apt:|magnet:)\S+[[:alnum:]]/?)!si';
+    $regex = '!(((?:https?|ftp|file)://|apt:|magnet:)\S+[a-z0-9\(\)]/?)!si';
    if (empty($redirector)) {
        return preg_replace($regex, '<a href="$1">$1</a>', $text);
diff --git a/application/PageBuilder.php b/application/PageBuilder.php
index 7a42400d..291860ad 100644
--- a/application/PageBuilder.php
+++ b/application/PageBuilder.php
@@ -49,7 +49,7 @@ class PageBuilder
        try {
            $version = ApplicationUtils::checkUpdate(
-                shaarli_version,
+                SHAARLI_VERSION,
                $this->conf->get('resource.update_check'),
                $this->conf->get('updates.check_updates_interval'),
                $this->conf->get('updates.check_updates'),
@@ -75,7 +75,11 @@ class PageBuilder
        }
        $this->tpl->assign('searchcrits', $searchcrits);
        $this->tpl->assign('source', index_url($_SERVER));
-        $this->tpl->assign('version', shaarli_version);
+        $this->tpl->assign('version', SHAARLI_VERSION);
+        $this->tpl->assign(
+            'version_hash',
+            ApplicationUtils::getVersionHash(SHAARLI_VERSION, $this->conf->get('credentials.salt'))
+        );
        $this->tpl->assign('scripturl', index_url($_SERVER));
        $this->tpl->assign('privateonly', !empty($_SESSION['privateonly'])); // Show only private links?
        $this->tpl->assign('untaggedonly', !empty($_SESSION['untaggedonly']));
@@ -89,6 +93,7 @@ class PageBuilder
        $this->tpl->assign('feed_type', $this->conf->get('feed.show_atom', true) !== false ? 'atom' : 'rss');
        $this->tpl->assign('hide_timestamps', $this->conf->get('privacy.hide_timestamps', false));
        $this->tpl->assign('token', getToken($this->conf));
        if ($this->linkDB !== null) {
            $this->tpl->assign('tags', $this->linkDB->linksCountPerTag());
        }
diff --git a/application/ThemeUtils.php b/application/ThemeUtils.php
index 2718ed13..16f2f6a2 100644
--- a/application/ThemeUtils.php
+++ b/application/ThemeUtils.php
@@ -22,6 +22,7 @@ class ThemeUtils
     */
    public static function getThemes($tplDir)
    {
+        $tplDir = rtrim($tplDir, '/');
        $allTheme = glob($tplDir.'/*', GLOB_ONLYDIR);
        $themes = [];
        foreach ($allTheme as $value) {
diff --git a/application/Updater.php b/application/Updater.php
index 40a15906..72b2def0 100644
--- a/application/Updater.php
+++ b/application/Updater.php
@@ -398,7 +398,7 @@ class Updater
     */
    public function updateMethodCheckUpdateRemoteBranch()
    {
-        if (shaarli_version === 'dev' || $this->conf->get('updates.check_updates_branch') === 'latest') {
+        if (SHAARLI_VERSION === 'dev' || $this->conf->get('updates.check_updates_branch') === 'latest') {
            return true;
        }
@@ -413,7 +413,7 @@ class Updater
        $latestMajor = $matches[1];
        // Get current major version digit
-        preg_match('/(\d+)\.\d+$/', shaarli_version, $matches);
+        preg_match('/(\d+)\.\d+$/', SHAARLI_VERSION, $matches);
        $currentMajor = $matches[1];
        if ($currentMajor === $latestMajor) {
diff --git a/application/config/ConfigManager.php b/application/config/ConfigManager.php
index 32f6ef6d..7ff2fe67 100644
--- a/application/config/ConfigManager.php
+++ b/application/config/ConfigManager.php
@@ -317,6 +317,7 @@ class ConfigManager
        $this->setEmpty('general.header_link', '?');
        $this->setEmpty('general.links_per_page', 20);
        $this->setEmpty('general.enabled_plugins', self::$DEFAULT_PLUGINS);
+        $this->setEmpty('general.default_note_title', 'Note: ');
        $this->setEmpty('updates.check_updates', false);
        $this->setEmpty('updates.check_updates_branch', 'stable');

diff --git a/application/ApplicationUtils.php b/application/ApplicationUtils.php index 85dcbeeb..5643f4a0 100644 --- a/application/ApplicationUtils.php +++ b/application/ApplicationUtils.php
@@ -168,14 +168,15 @@ class ApplicationUtils
168	public static function checkResourcePermissions($conf)	168	public static function checkResourcePermissions($conf)
169	{	169	{
170	$errors = array();	170	$errors = array();
		171	$rainTplDir = rtrim($conf->get('resource.raintpl_tpl'), '/');
171		172
172	// Check script and template directories are readable	173	// Check script and template directories are readable
173	foreach (array(	174	foreach (array(
174	'application',	175	'application',
175	'inc',	176	'inc',
176	'plugins',	177	'plugins',
177	$conf->get('resource.raintpl_tpl'),	178	$rainTplDir,
178	$conf->get('resource.raintpl_tpl').'/'.$conf->get('resource.theme'),	179	$rainTplDir.'/'.$conf->get('resource.theme'),
179	) as $path) {	180	) as $path) {
180	if (! is_readable(realpath($path))) {	181	if (! is_readable(realpath($path))) {
181	$errors[] = '"'.$path.'" directory is not readable';	182	$errors[] = '"'.$path.'" directory is not readable';
@@ -220,4 +221,19 @@ class ApplicationUtils
220		221
221	return $errors;	222	return $errors;
222	}	223	}
		224
		225	/**
		226	* Returns a salted hash representing the current Shaarli version.
		227	*
		228	* Useful for assets browser cache.
		229	*
		230	* @param string $currentVersion of Shaarli
		231	* @param string $salt User personal salt, also used for the authentication
		232	*
		233	* @return string version hash
		234	*/
		235	public static function getVersionHash($currentVersion, $salt)
		236	{
		237	return hash_hmac('sha256', $currentVersion, $salt);
		238	}
223	}	239	}


diff --git a/application/FileUtils.php b/application/FileUtils.php index a167f642..918cb83b 100644 --- a/application/FileUtils.php +++ b/application/FileUtils.php
@@ -50,7 +50,8 @@ class FileUtils
50		50
51	/**	51	/**
52	* Read data from a file containing Shaarli database format content.	52	* Read data from a file containing Shaarli database format content.
53	* If the file isn't readable or doesn't exists, default data will be returned.	53	*
		54	* If the file isn't readable or doesn't exist, default data will be returned.
54	*	55	*
55	* @param string $file File path.	56	* @param string $file File path.
56	* @param mixed $default The default value to return if the file isn't readable.	57	* @param mixed $default The default value to return if the file isn't readable.
@@ -61,16 +62,21 @@ class FileUtils
61	{	62	{
62	// Note that gzinflate is faster than gzuncompress.	63	// Note that gzinflate is faster than gzuncompress.
63	// See: http://www.php.net/manual/en/function.gzdeflate.php#96439	64	// See: http://www.php.net/manual/en/function.gzdeflate.php#96439
64	if (is_readable($file)) {	65	if (! is_readable($file)) {
65	return unserialize(	66	return $default;
66	gzinflate(	67	}
67	base64_decode(	68
68	substr(file_get_contents($file), strlen(self::$phpPrefix), -strlen(self::$phpSuffix))	69	$data = file_get_contents($file);
69	)	70	if ($data == '') {
70	)	71	return $default;
71	);
72	}	72	}
73		73
74	return $default;	74	return unserialize(
		75	gzinflate(
		76	base64_decode(
		77	substr($data, strlen(self::$phpPrefix), -strlen(self::$phpSuffix))
		78	)
		79	)
		80	);
75	}	81	}
76	}	82	}


diff --git a/application/LinkUtils.php b/application/LinkUtils.php index 976474de..267e62cd 100644 --- a/application/LinkUtils.php +++ b/application/LinkUtils.php
@@ -109,7 +109,7 @@ function count_private($links)
109	*/	109	*/
110	function text2clickable($text, $redirector = '')	110	function text2clickable($text, $redirector = '')
111	{	111	{
112	$regex = '!(((?:https?\|ftp\|file)://\|apt:\|magnet:)\S+[[:alnum:]]/?)!si';	112	$regex = '!(((?:https?\|ftp\|file)://\|apt:\|magnet:)\S+[a-z0-9\(\)]/?)!si';
113		113
114	if (empty($redirector)) {	114	if (empty($redirector)) {
115	return preg_replace($regex, '<a href="$1">$1</a>', $text);	115	return preg_replace($regex, '<a href="$1">$1</a>', $text);


diff --git a/application/PageBuilder.php b/application/PageBuilder.php index 7a42400d..291860ad 100644 --- a/application/PageBuilder.php +++ b/application/PageBuilder.php
@@ -49,7 +49,7 @@ class PageBuilder
49		49
50	try {	50	try {
51	$version = ApplicationUtils::checkUpdate(	51	$version = ApplicationUtils::checkUpdate(
52	shaarli_version,	52	SHAARLI_VERSION,
53	$this->conf->get('resource.update_check'),	53	$this->conf->get('resource.update_check'),
54	$this->conf->get('updates.check_updates_interval'),	54	$this->conf->get('updates.check_updates_interval'),
55	$this->conf->get('updates.check_updates'),	55	$this->conf->get('updates.check_updates'),
@@ -75,7 +75,11 @@ class PageBuilder
75	}	75	}
76	$this->tpl->assign('searchcrits', $searchcrits);	76	$this->tpl->assign('searchcrits', $searchcrits);
77	$this->tpl->assign('source', index_url($_SERVER));	77	$this->tpl->assign('source', index_url($_SERVER));
78	$this->tpl->assign('version', shaarli_version);	78	$this->tpl->assign('version', SHAARLI_VERSION);
		79	$this->tpl->assign(
		80	'version_hash',
		81	ApplicationUtils::getVersionHash(SHAARLI_VERSION, $this->conf->get('credentials.salt'))
		82	);
79	$this->tpl->assign('scripturl', index_url($_SERVER));	83	$this->tpl->assign('scripturl', index_url($_SERVER));
80	$this->tpl->assign('privateonly', !empty($_SESSION['privateonly'])); // Show only private links?	84	$this->tpl->assign('privateonly', !empty($_SESSION['privateonly'])); // Show only private links?
81	$this->tpl->assign('untaggedonly', !empty($_SESSION['untaggedonly']));	85	$this->tpl->assign('untaggedonly', !empty($_SESSION['untaggedonly']));
@@ -89,6 +93,7 @@ class PageBuilder
89	$this->tpl->assign('feed_type', $this->conf->get('feed.show_atom', true) !== false ? 'atom' : 'rss');	93	$this->tpl->assign('feed_type', $this->conf->get('feed.show_atom', true) !== false ? 'atom' : 'rss');
90	$this->tpl->assign('hide_timestamps', $this->conf->get('privacy.hide_timestamps', false));	94	$this->tpl->assign('hide_timestamps', $this->conf->get('privacy.hide_timestamps', false));
91	$this->tpl->assign('token', getToken($this->conf));	95	$this->tpl->assign('token', getToken($this->conf));
		96
92	if ($this->linkDB !== null) {	97	if ($this->linkDB !== null) {
93	$this->tpl->assign('tags', $this->linkDB->linksCountPerTag());	98	$this->tpl->assign('tags', $this->linkDB->linksCountPerTag());
94	}	99	}


diff --git a/application/ThemeUtils.php b/application/ThemeUtils.php index 2718ed13..16f2f6a2 100644 --- a/application/ThemeUtils.php +++ b/application/ThemeUtils.php
@@ -22,6 +22,7 @@ class ThemeUtils
22	*/	22	*/
23	public static function getThemes($tplDir)	23	public static function getThemes($tplDir)
24	{	24	{
		25	$tplDir = rtrim($tplDir, '/');
25	$allTheme = glob($tplDir.'/*', GLOB_ONLYDIR);	26	$allTheme = glob($tplDir.'/*', GLOB_ONLYDIR);
26	$themes = [];	27	$themes = [];
27	foreach ($allTheme as $value) {	28	foreach ($allTheme as $value) {


diff --git a/application/Updater.php b/application/Updater.php index 40a15906..72b2def0 100644 --- a/application/Updater.php +++ b/application/Updater.php
@@ -398,7 +398,7 @@ class Updater
398	*/	398	*/
399	public function updateMethodCheckUpdateRemoteBranch()	399	public function updateMethodCheckUpdateRemoteBranch()
400	{	400	{
401	if (shaarli_version === 'dev' \|\| $this->conf->get('updates.check_updates_branch') === 'latest') {	401	if (SHAARLI_VERSION === 'dev' \|\| $this->conf->get('updates.check_updates_branch') === 'latest') {
402	return true;	402	return true;
403	}	403	}
404		404
@@ -413,7 +413,7 @@ class Updater
413	$latestMajor = $matches[1];	413	$latestMajor = $matches[1];
414		414
415	// Get current major version digit	415	// Get current major version digit
416	preg_match('/(\d+)\.\d+$/', shaarli_version, $matches);	416	preg_match('/(\d+)\.\d+$/', SHAARLI_VERSION, $matches);
417	$currentMajor = $matches[1];	417	$currentMajor = $matches[1];
418		418
419	if ($currentMajor === $latestMajor) {	419	if ($currentMajor === $latestMajor) {


diff --git a/application/config/ConfigManager.php b/application/config/ConfigManager.php index 32f6ef6d..7ff2fe67 100644 --- a/application/config/ConfigManager.php +++ b/application/config/ConfigManager.php
@@ -317,6 +317,7 @@ class ConfigManager
317	$this->setEmpty('general.header_link', '?');	317	$this->setEmpty('general.header_link', '?');
318	$this->setEmpty('general.links_per_page', 20);	318	$this->setEmpty('general.links_per_page', 20);
319	$this->setEmpty('general.enabled_plugins', self::$DEFAULT_PLUGINS);	319	$this->setEmpty('general.enabled_plugins', self::$DEFAULT_PLUGINS);
		320	$this->setEmpty('general.default_note_title', 'Note: ');
320		321
321	$this->setEmpty('updates.check_updates', false);	322	$this->setEmpty('updates.check_updates', false);
322	$this->setEmpty('updates.check_updates_branch', 'stable');	323	$this->setEmpty('updates.check_updates_branch', 'stable');