aboutsummaryrefslogtreecommitdiffhomepage
path: root/application
diff options
context:
space:
mode:
Diffstat (limited to 'application')
-rw-r--r--application/Thumbnailer.php3
-rw-r--r--application/Utils.php14
-rw-r--r--application/api/ApiMiddleware.php9
-rw-r--r--application/api/ApiUtils.php2
-rw-r--r--application/bookmark/Bookmark.php25
-rw-r--r--application/bookmark/BookmarkFileService.php38
-rw-r--r--application/bookmark/BookmarkFilter.php2
-rw-r--r--application/bookmark/BookmarkIO.php10
-rw-r--r--application/bookmark/BookmarkInitializer.php9
-rw-r--r--application/bookmark/BookmarkServiceInterface.php1
-rw-r--r--application/bookmark/LinkUtils.php108
-rw-r--r--application/bookmark/exception/DatastoreNotInitializedException.php10
-rw-r--r--application/config/ConfigManager.php4
-rw-r--r--application/config/ConfigPlugin.php17
-rw-r--r--application/container/ContainerBuilder.php83
-rw-r--r--application/container/ShaarliContainer.php26
-rw-r--r--application/feed/Cache.php38
-rw-r--r--application/feed/FeedBuilder.php141
-rw-r--r--application/formatter/BookmarkDefaultFormatter.php22
-rw-r--r--application/formatter/BookmarkFormatter.php6
-rw-r--r--application/formatter/BookmarkMarkdownFormatter.php4
-rw-r--r--application/formatter/FormatterFactory.php2
-rw-r--r--application/front/ShaarliAdminMiddleware.php27
-rw-r--r--application/front/ShaarliMiddleware.php83
-rw-r--r--application/front/controller/admin/ConfigureController.php126
-rw-r--r--application/front/controller/admin/ExportController.php80
-rw-r--r--application/front/controller/admin/ImportController.php82
-rw-r--r--application/front/controller/admin/LogoutController.php33
-rw-r--r--application/front/controller/admin/ManageShaareController.php371
-rw-r--r--application/front/controller/admin/ManageTagController.php88
-rw-r--r--application/front/controller/admin/PasswordController.php101
-rw-r--r--application/front/controller/admin/PluginsController.php84
-rw-r--r--application/front/controller/admin/SessionFilterController.php50
-rw-r--r--application/front/controller/admin/ShaarliAdminController.php73
-rw-r--r--application/front/controller/admin/ThumbnailsController.php65
-rw-r--r--application/front/controller/admin/TokenController.php26
-rw-r--r--application/front/controller/admin/ToolsController.php35
-rw-r--r--application/front/controller/visitor/BookmarkListController.php240
-rw-r--r--application/front/controller/visitor/DailyController.php192
-rw-r--r--application/front/controller/visitor/ErrorController.php45
-rw-r--r--application/front/controller/visitor/FeedController.php58
-rw-r--r--application/front/controller/visitor/InstallController.php165
-rw-r--r--application/front/controller/visitor/LoginController.php154
-rw-r--r--application/front/controller/visitor/OpenSearchController.php27
-rw-r--r--application/front/controller/visitor/PictureWallController.php54
-rw-r--r--application/front/controller/visitor/PublicSessionFilterController.php46
-rw-r--r--application/front/controller/visitor/ShaarliVisitorController.php170
-rw-r--r--application/front/controller/visitor/TagCloudController.php113
-rw-r--r--application/front/controller/visitor/TagController.php118
-rw-r--r--application/front/controllers/LoginController.php48
-rw-r--r--application/front/controllers/ShaarliController.php69
-rw-r--r--application/front/exceptions/AlreadyInstalledException.php15
-rw-r--r--application/front/exceptions/CantLoginException.php10
-rw-r--r--application/front/exceptions/LoginBannedException.php2
-rw-r--r--application/front/exceptions/OpenShaarliPasswordException.php18
-rw-r--r--application/front/exceptions/ResourcePermissionException.php13
-rw-r--r--application/front/exceptions/ShaarliFrontException.php (renamed from application/front/exceptions/ShaarliException.php)4
-rw-r--r--application/front/exceptions/ThumbnailsDisabledException.php15
-rw-r--r--application/front/exceptions/UnauthorizedException.php15
-rw-r--r--application/front/exceptions/WrongTokenException.php18
-rw-r--r--application/http/HttpAccess.php39
-rw-r--r--application/http/HttpUtils.php121
-rw-r--r--application/legacy/LegacyController.php130
-rw-r--r--application/legacy/LegacyLinkDB.php4
-rw-r--r--application/legacy/LegacyRouter.php (renamed from application/Router.php)7
-rw-r--r--application/legacy/LegacyUpdater.php5
-rw-r--r--application/legacy/UnknowLegacyRouteException.php9
-rw-r--r--application/netscape/NetscapeBookmarkUtils.php133
-rw-r--r--application/plugin/PluginManager.php6
-rw-r--r--application/render/PageBuilder.php79
-rw-r--r--application/render/PageCacheManager.php60
-rw-r--r--application/render/TemplatePage.php33
-rw-r--r--application/security/CookieManager.php33
-rw-r--r--application/security/LoginManager.php16
-rw-r--r--application/security/SessionManager.php107
-rw-r--r--application/updater/Updater.php75
76 files changed, 3823 insertions, 541 deletions
diff --git a/application/Thumbnailer.php b/application/Thumbnailer.php
index 314baf0d..5aec23c8 100644
--- a/application/Thumbnailer.php
+++ b/application/Thumbnailer.php
@@ -4,7 +4,6 @@ namespace Shaarli;
4 4
5use Shaarli\Config\ConfigManager; 5use Shaarli\Config\ConfigManager;
6use WebThumbnailer\Application\ConfigManager as WTConfigManager; 6use WebThumbnailer\Application\ConfigManager as WTConfigManager;
7use WebThumbnailer\Exception\WebThumbnailerException;
8use WebThumbnailer\WebThumbnailer; 7use WebThumbnailer\WebThumbnailer;
9 8
10/** 9/**
@@ -90,7 +89,7 @@ class Thumbnailer
90 89
91 try { 90 try {
92 return $this->wt->thumbnail($url); 91 return $this->wt->thumbnail($url);
93 } catch (WebThumbnailerException $e) { 92 } catch (\Throwable $e) {
94 // Exceptions are only thrown in debug mode. 93 // Exceptions are only thrown in debug mode.
95 error_log(get_class($e) . ': ' . $e->getMessage()); 94 error_log(get_class($e) . ': ' . $e->getMessage());
96 } 95 }
diff --git a/application/Utils.php b/application/Utils.php
index 4b7fc546..9c9eaaa2 100644
--- a/application/Utils.php
+++ b/application/Utils.php
@@ -87,10 +87,14 @@ function endsWith($haystack, $needle, $case = true)
87 * 87 *
88 * @param mixed $input Data to escape: a single string or an array of strings. 88 * @param mixed $input Data to escape: a single string or an array of strings.
89 * 89 *
90 * @return string escaped. 90 * @return string|array escaped.
91 */ 91 */
92function escape($input) 92function escape($input)
93{ 93{
94 if (null === $input) {
95 return null;
96 }
97
94 if (is_bool($input)) { 98 if (is_bool($input)) {
95 return $input; 99 return $input;
96 } 100 }
@@ -294,15 +298,15 @@ function normalize_spaces($string)
294 * Requires php-intl to display international datetimes, 298 * Requires php-intl to display international datetimes,
295 * otherwise default format '%c' will be returned. 299 * otherwise default format '%c' will be returned.
296 * 300 *
297 * @param DateTime $date to format. 301 * @param DateTimeInterface $date to format.
298 * @param bool $time Displays time if true. 302 * @param bool $time Displays time if true.
299 * @param bool $intl Use international format if true. 303 * @param bool $intl Use international format if true.
300 * 304 *
301 * @return bool|string Formatted date, or false if the input is invalid. 305 * @return bool|string Formatted date, or false if the input is invalid.
302 */ 306 */
303function format_date($date, $time = true, $intl = true) 307function format_date($date, $time = true, $intl = true)
304{ 308{
305 if (! $date instanceof DateTime) { 309 if (! $date instanceof DateTimeInterface) {
306 return false; 310 return false;
307 } 311 }
308 312
diff --git a/application/api/ApiMiddleware.php b/application/api/ApiMiddleware.php
index 4745ac94..09ce6445 100644
--- a/application/api/ApiMiddleware.php
+++ b/application/api/ApiMiddleware.php
@@ -71,7 +71,14 @@ class ApiMiddleware
71 $response = $e->getApiResponse(); 71 $response = $e->getApiResponse();
72 } 72 }
73 73
74 return $response; 74 return $response
75 ->withHeader('Access-Control-Allow-Origin', '*')
76 ->withHeader(
77 'Access-Control-Allow-Headers',
78 'X-Requested-With, Content-Type, Accept, Origin, Authorization'
79 )
80 ->withHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS')
81 ;
75 } 82 }
76 83
77 /** 84 /**
diff --git a/application/api/ApiUtils.php b/application/api/ApiUtils.php
index 5156a5f7..faebb8f5 100644
--- a/application/api/ApiUtils.php
+++ b/application/api/ApiUtils.php
@@ -67,7 +67,7 @@ class ApiUtils
67 if (! $bookmark->isNote()) { 67 if (! $bookmark->isNote()) {
68 $out['url'] = $bookmark->getUrl(); 68 $out['url'] = $bookmark->getUrl();
69 } else { 69 } else {
70 $out['url'] = $indexUrl . $bookmark->getUrl(); 70 $out['url'] = rtrim($indexUrl, '/') . '/' . ltrim($bookmark->getUrl(), '/');
71 } 71 }
72 $out['shorturl'] = $bookmark->getShortUrl(); 72 $out['shorturl'] = $bookmark->getShortUrl();
73 $out['title'] = $bookmark->getTitle(); 73 $out['title'] = $bookmark->getTitle();
diff --git a/application/bookmark/Bookmark.php b/application/bookmark/Bookmark.php
index f9b21d3d..1beb8be2 100644
--- a/application/bookmark/Bookmark.php
+++ b/application/bookmark/Bookmark.php
@@ -3,6 +3,7 @@
3namespace Shaarli\Bookmark; 3namespace Shaarli\Bookmark;
4 4
5use DateTime; 5use DateTime;
6use DateTimeInterface;
6use Shaarli\Bookmark\Exception\InvalidBookmarkException; 7use Shaarli\Bookmark\Exception\InvalidBookmarkException;
7 8
8/** 9/**
@@ -36,16 +37,16 @@ class Bookmark
36 /** @var array List of bookmark's tags */ 37 /** @var array List of bookmark's tags */
37 protected $tags; 38 protected $tags;
38 39
39 /** @var string Thumbnail's URL - false if no thumbnail could be found */ 40 /** @var string|bool|null Thumbnail's URL - initialized at null, false if no thumbnail could be found */
40 protected $thumbnail; 41 protected $thumbnail;
41 42
42 /** @var bool Set to true if the bookmark is set as sticky */ 43 /** @var bool Set to true if the bookmark is set as sticky */
43 protected $sticky; 44 protected $sticky;
44 45
45 /** @var DateTime Creation datetime */ 46 /** @var DateTimeInterface Creation datetime */
46 protected $created; 47 protected $created;
47 48
48 /** @var DateTime Update datetime */ 49 /** @var DateTimeInterface datetime */
49 protected $updated; 50 protected $updated;
50 51
51 /** @var bool True if the bookmark can only be seen while logged in */ 52 /** @var bool True if the bookmark can only be seen while logged in */
@@ -100,12 +101,12 @@ class Bookmark
100 || ! is_int($this->id) 101 || ! is_int($this->id)
101 || empty($this->shortUrl) 102 || empty($this->shortUrl)
102 || empty($this->created) 103 || empty($this->created)
103 || ! $this->created instanceof DateTime 104 || ! $this->created instanceof DateTimeInterface
104 ) { 105 ) {
105 throw new InvalidBookmarkException($this); 106 throw new InvalidBookmarkException($this);
106 } 107 }
107 if (empty($this->url)) { 108 if (empty($this->url)) {
108 $this->url = '?'. $this->shortUrl; 109 $this->url = '/shaare/'. $this->shortUrl;
109 } 110 }
110 if (empty($this->title)) { 111 if (empty($this->title)) {
111 $this->title = $this->url; 112 $this->title = $this->url;
@@ -188,7 +189,7 @@ class Bookmark
188 /** 189 /**
189 * Get the Created. 190 * Get the Created.
190 * 191 *
191 * @return DateTime 192 * @return DateTimeInterface
192 */ 193 */
193 public function getCreated() 194 public function getCreated()
194 { 195 {
@@ -198,7 +199,7 @@ class Bookmark
198 /** 199 /**
199 * Get the Updated. 200 * Get the Updated.
200 * 201 *
201 * @return DateTime 202 * @return DateTimeInterface
202 */ 203 */
203 public function getUpdated() 204 public function getUpdated()
204 { 205 {
@@ -270,7 +271,7 @@ class Bookmark
270 * Set the Created. 271 * Set the Created.
271 * Note: you shouldn't set this manually except for special cases (like bookmark import) 272 * Note: you shouldn't set this manually except for special cases (like bookmark import)
272 * 273 *
273 * @param DateTime $created 274 * @param DateTimeInterface $created
274 * 275 *
275 * @return Bookmark 276 * @return Bookmark
276 */ 277 */
@@ -284,7 +285,7 @@ class Bookmark
284 /** 285 /**
285 * Set the Updated. 286 * Set the Updated.
286 * 287 *
287 * @param DateTime $updated 288 * @param DateTimeInterface $updated
288 * 289 *
289 * @return Bookmark 290 * @return Bookmark
290 */ 291 */
@@ -346,7 +347,7 @@ class Bookmark
346 /** 347 /**
347 * Get the Thumbnail. 348 * Get the Thumbnail.
348 * 349 *
349 * @return string|bool 350 * @return string|bool|null Thumbnail's URL - initialized at null, false if no thumbnail could be found
350 */ 351 */
351 public function getThumbnail() 352 public function getThumbnail()
352 { 353 {
@@ -356,7 +357,7 @@ class Bookmark
356 /** 357 /**
357 * Set the Thumbnail. 358 * Set the Thumbnail.
358 * 359 *
359 * @param string|bool $thumbnail 360 * @param string|bool $thumbnail Thumbnail's URL - false if no thumbnail could be found
360 * 361 *
361 * @return Bookmark 362 * @return Bookmark
362 */ 363 */
@@ -405,7 +406,7 @@ class Bookmark
405 public function isNote() 406 public function isNote()
406 { 407 {
407 // We check empty value to get a valid result if the link has not been saved yet 408 // We check empty value to get a valid result if the link has not been saved yet
408 return empty($this->url) || $this->url[0] === '?'; 409 return empty($this->url) || startsWith($this->url, '/shaare/') || $this->url[0] === '?';
409 } 410 }
410 411
411 /** 412 /**
diff --git a/application/bookmark/BookmarkFileService.php b/application/bookmark/BookmarkFileService.php
index 9c59e139..b3a90ed4 100644
--- a/application/bookmark/BookmarkFileService.php
+++ b/application/bookmark/BookmarkFileService.php
@@ -6,12 +6,14 @@ namespace Shaarli\Bookmark;
6 6
7use Exception; 7use Exception;
8use Shaarli\Bookmark\Exception\BookmarkNotFoundException; 8use Shaarli\Bookmark\Exception\BookmarkNotFoundException;
9use Shaarli\Bookmark\Exception\DatastoreNotInitializedException;
9use Shaarli\Bookmark\Exception\EmptyDataStoreException; 10use Shaarli\Bookmark\Exception\EmptyDataStoreException;
10use Shaarli\Config\ConfigManager; 11use Shaarli\Config\ConfigManager;
11use Shaarli\Formatter\BookmarkMarkdownFormatter; 12use Shaarli\Formatter\BookmarkMarkdownFormatter;
12use Shaarli\History; 13use Shaarli\History;
13use Shaarli\Legacy\LegacyLinkDB; 14use Shaarli\Legacy\LegacyLinkDB;
14use Shaarli\Legacy\LegacyUpdater; 15use Shaarli\Legacy\LegacyUpdater;
16use Shaarli\Render\PageCacheManager;
15use Shaarli\Updater\UpdaterUtils; 17use Shaarli\Updater\UpdaterUtils;
16 18
17/** 19/**
@@ -39,6 +41,9 @@ class BookmarkFileService implements BookmarkServiceInterface
39 /** @var History instance */ 41 /** @var History instance */
40 protected $history; 42 protected $history;
41 43
44 /** @var PageCacheManager instance */
45 protected $pageCacheManager;
46
42 /** @var bool true for logged in users. Default value to retrieve private bookmarks. */ 47 /** @var bool true for logged in users. Default value to retrieve private bookmarks. */
43 protected $isLoggedIn; 48 protected $isLoggedIn;
44 49
@@ -49,6 +54,7 @@ class BookmarkFileService implements BookmarkServiceInterface
49 { 54 {
50 $this->conf = $conf; 55 $this->conf = $conf;
51 $this->history = $history; 56 $this->history = $history;
57 $this->pageCacheManager = new PageCacheManager($this->conf->get('resource.page_cache'), $isLoggedIn);
52 $this->bookmarksIO = new BookmarkIO($this->conf); 58 $this->bookmarksIO = new BookmarkIO($this->conf);
53 $this->isLoggedIn = $isLoggedIn; 59 $this->isLoggedIn = $isLoggedIn;
54 60
@@ -57,10 +63,16 @@ class BookmarkFileService implements BookmarkServiceInterface
57 } else { 63 } else {
58 try { 64 try {
59 $this->bookmarks = $this->bookmarksIO->read(); 65 $this->bookmarks = $this->bookmarksIO->read();
60 } catch (EmptyDataStoreException $e) { 66 } catch (EmptyDataStoreException|DatastoreNotInitializedException $e) {
61 $this->bookmarks = new BookmarkArray(); 67 $this->bookmarks = new BookmarkArray();
62 if ($isLoggedIn) { 68
63 $this->save(); 69 if ($this->isLoggedIn) {
70 // Datastore file does not exists, we initialize it with default bookmarks.
71 if ($e instanceof DatastoreNotInitializedException) {
72 $this->initialize();
73 } else {
74 $this->save();
75 }
64 } 76 }
65 } 77 }
66 78
@@ -88,7 +100,7 @@ class BookmarkFileService implements BookmarkServiceInterface
88 throw new Exception('Not authorized'); 100 throw new Exception('Not authorized');
89 } 101 }
90 102
91 return $bookmark; 103 return $first;
92 } 104 }
93 105
94 /** 106 /**
@@ -149,7 +161,7 @@ class BookmarkFileService implements BookmarkServiceInterface
149 */ 161 */
150 public function set($bookmark, $save = true) 162 public function set($bookmark, $save = true)
151 { 163 {
152 if ($this->isLoggedIn !== true) { 164 if (true !== $this->isLoggedIn) {
153 throw new Exception(t('You\'re not authorized to alter the datastore')); 165 throw new Exception(t('You\'re not authorized to alter the datastore'));
154 } 166 }
155 if (! $bookmark instanceof Bookmark) { 167 if (! $bookmark instanceof Bookmark) {
@@ -174,7 +186,7 @@ class BookmarkFileService implements BookmarkServiceInterface
174 */ 186 */
175 public function add($bookmark, $save = true) 187 public function add($bookmark, $save = true)
176 { 188 {
177 if ($this->isLoggedIn !== true) { 189 if (true !== $this->isLoggedIn) {
178 throw new Exception(t('You\'re not authorized to alter the datastore')); 190 throw new Exception(t('You\'re not authorized to alter the datastore'));
179 } 191 }
180 if (! $bookmark instanceof Bookmark) { 192 if (! $bookmark instanceof Bookmark) {
@@ -199,7 +211,7 @@ class BookmarkFileService implements BookmarkServiceInterface
199 */ 211 */
200 public function addOrSet($bookmark, $save = true) 212 public function addOrSet($bookmark, $save = true)
201 { 213 {
202 if ($this->isLoggedIn !== true) { 214 if (true !== $this->isLoggedIn) {
203 throw new Exception(t('You\'re not authorized to alter the datastore')); 215 throw new Exception(t('You\'re not authorized to alter the datastore'));
204 } 216 }
205 if (! $bookmark instanceof Bookmark) { 217 if (! $bookmark instanceof Bookmark) {
@@ -216,7 +228,7 @@ class BookmarkFileService implements BookmarkServiceInterface
216 */ 228 */
217 public function remove($bookmark, $save = true) 229 public function remove($bookmark, $save = true)
218 { 230 {
219 if ($this->isLoggedIn !== true) { 231 if (true !== $this->isLoggedIn) {
220 throw new Exception(t('You\'re not authorized to alter the datastore')); 232 throw new Exception(t('You\'re not authorized to alter the datastore'));
221 } 233 }
222 if (! $bookmark instanceof Bookmark) { 234 if (! $bookmark instanceof Bookmark) {
@@ -269,13 +281,14 @@ class BookmarkFileService implements BookmarkServiceInterface
269 */ 281 */
270 public function save() 282 public function save()
271 { 283 {
272 if (!$this->isLoggedIn) { 284 if (true !== $this->isLoggedIn) {
273 // TODO: raise an Exception instead 285 // TODO: raise an Exception instead
274 die('You are not authorized to change the database.'); 286 die('You are not authorized to change the database.');
275 } 287 }
288
276 $this->bookmarks->reorder(); 289 $this->bookmarks->reorder();
277 $this->bookmarksIO->write($this->bookmarks); 290 $this->bookmarksIO->write($this->bookmarks);
278 invalidateCaches($this->conf->get('resource.page_cache')); 291 $this->pageCacheManager->invalidateCaches();
279 } 292 }
280 293
281 /** 294 /**
@@ -291,6 +304,7 @@ class BookmarkFileService implements BookmarkServiceInterface
291 if (empty($tag) 304 if (empty($tag)
292 || (! $this->isLoggedIn && startsWith($tag, '.')) 305 || (! $this->isLoggedIn && startsWith($tag, '.'))
293 || $tag === BookmarkMarkdownFormatter::NO_MD_TAG 306 || $tag === BookmarkMarkdownFormatter::NO_MD_TAG
307 || in_array($tag, $filteringTags, true)
294 ) { 308 ) {
295 continue; 309 continue;
296 } 310 }
@@ -349,6 +363,10 @@ class BookmarkFileService implements BookmarkServiceInterface
349 { 363 {
350 $initializer = new BookmarkInitializer($this); 364 $initializer = new BookmarkInitializer($this);
351 $initializer->initialize(); 365 $initializer->initialize();
366
367 if (true === $this->isLoggedIn) {
368 $this->save();
369 }
352 } 370 }
353 371
354 /** 372 /**
diff --git a/application/bookmark/BookmarkFilter.php b/application/bookmark/BookmarkFilter.php
index fd556679..797a36b8 100644
--- a/application/bookmark/BookmarkFilter.php
+++ b/application/bookmark/BookmarkFilter.php
@@ -436,7 +436,7 @@ class BookmarkFilter
436 throw new Exception('Invalid date format'); 436 throw new Exception('Invalid date format');
437 } 437 }
438 438
439 $filtered = array(); 439 $filtered = [];
440 foreach ($this->bookmarks as $key => $l) { 440 foreach ($this->bookmarks as $key => $l) {
441 if ($l->getCreated()->format('Ymd') == $day) { 441 if ($l->getCreated()->format('Ymd') == $day) {
442 $filtered[$key] = $l; 442 $filtered[$key] = $l;
diff --git a/application/bookmark/BookmarkIO.php b/application/bookmark/BookmarkIO.php
index ae9ffcb4..6bf7f365 100644
--- a/application/bookmark/BookmarkIO.php
+++ b/application/bookmark/BookmarkIO.php
@@ -2,6 +2,7 @@
2 2
3namespace Shaarli\Bookmark; 3namespace Shaarli\Bookmark;
4 4
5use Shaarli\Bookmark\Exception\DatastoreNotInitializedException;
5use Shaarli\Bookmark\Exception\EmptyDataStoreException; 6use Shaarli\Bookmark\Exception\EmptyDataStoreException;
6use Shaarli\Bookmark\Exception\NotWritableDataStoreException; 7use Shaarli\Bookmark\Exception\NotWritableDataStoreException;
7use Shaarli\Config\ConfigManager; 8use Shaarli\Config\ConfigManager;
@@ -52,13 +53,14 @@ class BookmarkIO
52 * 53 *
53 * @return BookmarkArray instance 54 * @return BookmarkArray instance
54 * 55 *
55 * @throws NotWritableDataStoreException Data couldn't be loaded 56 * @throws NotWritableDataStoreException Data couldn't be loaded
56 * @throws EmptyDataStoreException Datastore doesn't exist 57 * @throws EmptyDataStoreException Datastore file exists but does not contain any bookmark
58 * @throws DatastoreNotInitializedException File does not exists
57 */ 59 */
58 public function read() 60 public function read()
59 { 61 {
60 if (! file_exists($this->datastore)) { 62 if (! file_exists($this->datastore)) {
61 throw new EmptyDataStoreException(); 63 throw new DatastoreNotInitializedException();
62 } 64 }
63 65
64 if (!is_writable($this->datastore)) { 66 if (!is_writable($this->datastore)) {
@@ -102,7 +104,5 @@ class BookmarkIO
102 $this->datastore, 104 $this->datastore,
103 self::$phpPrefix.base64_encode(gzdeflate(serialize($links))).self::$phpSuffix 105 self::$phpPrefix.base64_encode(gzdeflate(serialize($links))).self::$phpSuffix
104 ); 106 );
105
106 invalidateCaches($this->conf->get('resource.page_cache'));
107 } 107 }
108} 108}
diff --git a/application/bookmark/BookmarkInitializer.php b/application/bookmark/BookmarkInitializer.php
index 9eee9a35..cd2d1724 100644
--- a/application/bookmark/BookmarkInitializer.php
+++ b/application/bookmark/BookmarkInitializer.php
@@ -6,8 +6,7 @@ namespace Shaarli\Bookmark;
6 * Class BookmarkInitializer 6 * Class BookmarkInitializer
7 * 7 *
8 * This class is used to initialized default bookmarks after a fresh install of Shaarli. 8 * This class is used to initialized default bookmarks after a fresh install of Shaarli.
9 * It is no longer call when the data store is empty, 9 * It should be only called if the datastore file does not exist(users might want to delete the default bookmarks).
10 * because user might want to delete default bookmarks after the install.
11 * 10 *
12 * To prevent data corruption, it does not overwrite existing bookmarks, 11 * To prevent data corruption, it does not overwrite existing bookmarks,
13 * even though there should not be any. 12 * even though there should not be any.
@@ -36,11 +35,11 @@ class BookmarkInitializer
36 { 35 {
37 $bookmark = new Bookmark(); 36 $bookmark = new Bookmark();
38 $bookmark->setTitle(t('My secret stuff... - Pastebin.com')); 37 $bookmark->setTitle(t('My secret stuff... - Pastebin.com'));
39 $bookmark->setUrl('http://sebsauvage.net/paste/?8434b27936c09649#bR7XsXhoTiLcqCpQbmOpBi3rq2zzQUC5hBI7ZT1O3x8=', []); 38 $bookmark->setUrl('http://sebsauvage.net/paste/?8434b27936c09649#bR7XsXhoTiLcqCpQbmOpBi3rq2zzQUC5hBI7ZT1O3x8=');
40 $bookmark->setDescription(t('Shhhh! I\'m a private link only YOU can see. You can delete me too.')); 39 $bookmark->setDescription(t('Shhhh! I\'m a private link only YOU can see. You can delete me too.'));
41 $bookmark->setTagsString('secretstuff'); 40 $bookmark->setTagsString('secretstuff');
42 $bookmark->setPrivate(true); 41 $bookmark->setPrivate(true);
43 $this->bookmarkService->add($bookmark); 42 $this->bookmarkService->add($bookmark, false);
44 43
45 $bookmark = new Bookmark(); 44 $bookmark = new Bookmark();
46 $bookmark->setTitle(t('The personal, minimalist, super-fast, database free, bookmarking service')); 45 $bookmark->setTitle(t('The personal, minimalist, super-fast, database free, bookmarking service'));
@@ -54,6 +53,6 @@ To learn how to use Shaarli, consult the link "Documentation" at the bottom of t
54You use the community supported version of the original Shaarli project, by Sebastien Sauvage.' 53You use the community supported version of the original Shaarli project, by Sebastien Sauvage.'
55 )); 54 ));
56 $bookmark->setTagsString('opensource software'); 55 $bookmark->setTagsString('opensource software');
57 $this->bookmarkService->add($bookmark); 56 $this->bookmarkService->add($bookmark, false);
58 } 57 }
59} 58}
diff --git a/application/bookmark/BookmarkServiceInterface.php b/application/bookmark/BookmarkServiceInterface.php
index 7b7a4f09..ce8bd912 100644
--- a/application/bookmark/BookmarkServiceInterface.php
+++ b/application/bookmark/BookmarkServiceInterface.php
@@ -6,7 +6,6 @@ namespace Shaarli\Bookmark;
6use Shaarli\Bookmark\Exception\BookmarkNotFoundException; 6use Shaarli\Bookmark\Exception\BookmarkNotFoundException;
7use Shaarli\Bookmark\Exception\NotWritableDataStoreException; 7use Shaarli\Bookmark\Exception\NotWritableDataStoreException;
8use Shaarli\Config\ConfigManager; 8use Shaarli\Config\ConfigManager;
9use Shaarli\Exceptions\IOException;
10use Shaarli\History; 9use Shaarli\History;
11 10
12/** 11/**
diff --git a/application/bookmark/LinkUtils.php b/application/bookmark/LinkUtils.php
index 88379430..68914fca 100644
--- a/application/bookmark/LinkUtils.php
+++ b/application/bookmark/LinkUtils.php
@@ -3,112 +3,6 @@
3use Shaarli\Bookmark\Bookmark; 3use Shaarli\Bookmark\Bookmark;
4 4
5/** 5/**
6 * Get cURL callback function for CURLOPT_WRITEFUNCTION
7 *
8 * @param string $charset to extract from the downloaded page (reference)
9 * @param string $title to extract from the downloaded page (reference)
10 * @param string $description to extract from the downloaded page (reference)
11 * @param string $keywords to extract from the downloaded page (reference)
12 * @param bool $retrieveDescription Automatically tries to retrieve description and keywords from HTML content
13 * @param string $curlGetInfo Optionally overrides curl_getinfo function
14 *
15 * @return Closure
16 */
17function get_curl_download_callback(
18 &$charset,
19 &$title,
20 &$description,
21 &$keywords,
22 $retrieveDescription,
23 $curlGetInfo = 'curl_getinfo'
24) {
25 $isRedirected = false;
26 $currentChunk = 0;
27 $foundChunk = null;
28
29 /**
30 * cURL callback function for CURLOPT_WRITEFUNCTION (called during the download).
31 *
32 * While downloading the remote page, we check that the HTTP code is 200 and content type is 'html/text'
33 * Then we extract the title and the charset and stop the download when it's done.
34 *
35 * @param resource $ch cURL resource
36 * @param string $data chunk of data being downloaded
37 *
38 * @return int|bool length of $data or false if we need to stop the download
39 */
40 return function (&$ch, $data) use (
41 $retrieveDescription,
42 $curlGetInfo,
43 &$charset,
44 &$title,
45 &$description,
46 &$keywords,
47 &$isRedirected,
48 &$currentChunk,
49 &$foundChunk
50 ) {
51 $currentChunk++;
52 $responseCode = $curlGetInfo($ch, CURLINFO_RESPONSE_CODE);
53 if (!empty($responseCode) && in_array($responseCode, [301, 302])) {
54 $isRedirected = true;
55 return strlen($data);
56 }
57 if (!empty($responseCode) && $responseCode !== 200) {
58 return false;
59 }
60 // After a redirection, the content type will keep the previous request value
61 // until it finds the next content-type header.
62 if (! $isRedirected || strpos(strtolower($data), 'content-type') !== false) {
63 $contentType = $curlGetInfo($ch, CURLINFO_CONTENT_TYPE);
64 }
65 if (!empty($contentType) && strpos($contentType, 'text/html') === false) {
66 return false;
67 }
68 if (!empty($contentType) && empty($charset)) {
69 $charset = header_extract_charset($contentType);
70 }
71 if (empty($charset)) {
72 $charset = html_extract_charset($data);
73 }
74 if (empty($title)) {
75 $title = html_extract_title($data);
76 $foundChunk = ! empty($title) ? $currentChunk : $foundChunk;
77 }
78 if ($retrieveDescription && empty($description)) {
79 $description = html_extract_tag('description', $data);
80 $foundChunk = ! empty($description) ? $currentChunk : $foundChunk;
81 }
82 if ($retrieveDescription && empty($keywords)) {
83 $keywords = html_extract_tag('keywords', $data);
84 if (! empty($keywords)) {
85 $foundChunk = $currentChunk;
86 // Keywords use the format tag1, tag2 multiple words, tag
87 // So we format them to match Shaarli's separator and glue multiple words with '-'
88 $keywords = implode(' ', array_map(function($keyword) {
89 return implode('-', preg_split('/\s+/', trim($keyword)));
90 }, explode(',', $keywords)));
91 }
92 }
93
94 // We got everything we want, stop the download.
95 // If we already found either the title, description or keywords,
96 // it's highly unlikely that we'll found the other metas further than
97 // in the same chunk of data or the next one. So we also stop the download after that.
98 if ((!empty($responseCode) && !empty($contentType) && !empty($charset)) && $foundChunk !== null
99 && (! $retrieveDescription
100 || $foundChunk < $currentChunk
101 || (!empty($title) && !empty($description) && !empty($keywords))
102 )
103 ) {
104 return false;
105 }
106
107 return strlen($data);
108 };
109}
110
111/**
112 * Extract title from an HTML document. 6 * Extract title from an HTML document.
113 * 7 *
114 * @param string $html HTML content where to look for a title. 8 * @param string $html HTML content where to look for a title.
@@ -220,7 +114,7 @@ function hashtag_autolink($description, $indexUrl = '')
220 * \p{Mn} - any non marking space (accents, umlauts, etc) 114 * \p{Mn} - any non marking space (accents, umlauts, etc)
221 */ 115 */
222 $regex = '/(^|\s)#([\p{Pc}\p{N}\p{L}\p{Mn}]+)/mui'; 116 $regex = '/(^|\s)#([\p{Pc}\p{N}\p{L}\p{Mn}]+)/mui';
223 $replacement = '$1<a href="'. $indexUrl .'?addtag=$2" title="Hashtag $2">#$2</a>'; 117 $replacement = '$1<a href="'. $indexUrl .'./add-tag/$2" title="Hashtag $2">#$2</a>';
224 return preg_replace($regex, $replacement, $description); 118 return preg_replace($regex, $replacement, $description);
225} 119}
226 120
diff --git a/application/bookmark/exception/DatastoreNotInitializedException.php b/application/bookmark/exception/DatastoreNotInitializedException.php
new file mode 100644
index 00000000..f495049d
--- /dev/null
+++ b/application/bookmark/exception/DatastoreNotInitializedException.php
@@ -0,0 +1,10 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Bookmark\Exception;
6
7class DatastoreNotInitializedException extends \Exception
8{
9
10}
diff --git a/application/config/ConfigManager.php b/application/config/ConfigManager.php
index e45bb4c3..4c98be30 100644
--- a/application/config/ConfigManager.php
+++ b/application/config/ConfigManager.php
@@ -3,6 +3,7 @@ namespace Shaarli\Config;
3 3
4use Shaarli\Config\Exception\MissingFieldConfigException; 4use Shaarli\Config\Exception\MissingFieldConfigException;
5use Shaarli\Config\Exception\UnauthorizedConfigException; 5use Shaarli\Config\Exception\UnauthorizedConfigException;
6use Shaarli\Thumbnailer;
6 7
7/** 8/**
8 * Class ConfigManager 9 * Class ConfigManager
@@ -361,7 +362,7 @@ class ConfigManager
361 $this->setEmpty('security.open_shaarli', false); 362 $this->setEmpty('security.open_shaarli', false);
362 $this->setEmpty('security.allowed_protocols', ['ftp', 'ftps', 'magnet']); 363 $this->setEmpty('security.allowed_protocols', ['ftp', 'ftps', 'magnet']);
363 364
364 $this->setEmpty('general.header_link', '?'); 365 $this->setEmpty('general.header_link', '/');
365 $this->setEmpty('general.links_per_page', 20); 366 $this->setEmpty('general.links_per_page', 20);
366 $this->setEmpty('general.enabled_plugins', self::$DEFAULT_PLUGINS); 367 $this->setEmpty('general.enabled_plugins', self::$DEFAULT_PLUGINS);
367 $this->setEmpty('general.default_note_title', 'Note: '); 368 $this->setEmpty('general.default_note_title', 'Note: ');
@@ -381,6 +382,7 @@ class ConfigManager
381 // default state of the 'remember me' checkbox of the login form 382 // default state of the 'remember me' checkbox of the login form
382 $this->setEmpty('privacy.remember_user_default', true); 383 $this->setEmpty('privacy.remember_user_default', true);
383 384
385 $this->setEmpty('thumbnails.mode', Thumbnailer::MODE_ALL);
384 $this->setEmpty('thumbnails.width', '125'); 386 $this->setEmpty('thumbnails.width', '125');
385 $this->setEmpty('thumbnails.height', '90'); 387 $this->setEmpty('thumbnails.height', '90');
386 388
diff --git a/application/config/ConfigPlugin.php b/application/config/ConfigPlugin.php
index dbb24937..ea8dfbda 100644
--- a/application/config/ConfigPlugin.php
+++ b/application/config/ConfigPlugin.php
@@ -1,6 +1,7 @@
1<?php 1<?php
2 2
3use Shaarli\Config\Exception\PluginConfigOrderException; 3use Shaarli\Config\Exception\PluginConfigOrderException;
4use Shaarli\Plugin\PluginManager;
4 5
5/** 6/**
6 * Plugin configuration helper functions. 7 * Plugin configuration helper functions.
@@ -19,6 +20,20 @@ use Shaarli\Config\Exception\PluginConfigOrderException;
19 */ 20 */
20function save_plugin_config($formData) 21function save_plugin_config($formData)
21{ 22{
23 // We can only save existing plugins
24 $directories = str_replace(
25 PluginManager::$PLUGINS_PATH . '/',
26 '',
27 glob(PluginManager::$PLUGINS_PATH . '/*')
28 );
29 $formData = array_filter(
30 $formData,
31 function ($value, string $key) use ($directories) {
32 return startsWith($key, 'order') || in_array($key, $directories);
33 },
34 ARRAY_FILTER_USE_BOTH
35 );
36
22 // Make sure there are no duplicates in orders. 37 // Make sure there are no duplicates in orders.
23 if (!validate_plugin_order($formData)) { 38 if (!validate_plugin_order($formData)) {
24 throw new PluginConfigOrderException(); 39 throw new PluginConfigOrderException();
@@ -69,7 +84,7 @@ function validate_plugin_order($formData)
69 $orders = array(); 84 $orders = array();
70 foreach ($formData as $key => $value) { 85 foreach ($formData as $key => $value) {
71 // No duplicate order allowed. 86 // No duplicate order allowed.
72 if (in_array($value, $orders)) { 87 if (in_array($value, $orders, true)) {
73 return false; 88 return false;
74 } 89 }
75 90
diff --git a/application/container/ContainerBuilder.php b/application/container/ContainerBuilder.php
index e2c78ccc..4a1a6ea7 100644
--- a/application/container/ContainerBuilder.php
+++ b/application/container/ContainerBuilder.php
@@ -7,11 +7,21 @@ namespace Shaarli\Container;
7use Shaarli\Bookmark\BookmarkFileService; 7use Shaarli\Bookmark\BookmarkFileService;
8use Shaarli\Bookmark\BookmarkServiceInterface; 8use Shaarli\Bookmark\BookmarkServiceInterface;
9use Shaarli\Config\ConfigManager; 9use Shaarli\Config\ConfigManager;
10use Shaarli\Feed\FeedBuilder;
11use Shaarli\Formatter\FormatterFactory;
12use Shaarli\Front\Controller\Visitor\ErrorController;
10use Shaarli\History; 13use Shaarli\History;
14use Shaarli\Http\HttpAccess;
15use Shaarli\Netscape\NetscapeBookmarkUtils;
11use Shaarli\Plugin\PluginManager; 16use Shaarli\Plugin\PluginManager;
12use Shaarli\Render\PageBuilder; 17use Shaarli\Render\PageBuilder;
18use Shaarli\Render\PageCacheManager;
19use Shaarli\Security\CookieManager;
13use Shaarli\Security\LoginManager; 20use Shaarli\Security\LoginManager;
14use Shaarli\Security\SessionManager; 21use Shaarli\Security\SessionManager;
22use Shaarli\Thumbnailer;
23use Shaarli\Updater\Updater;
24use Shaarli\Updater\UpdaterUtils;
15 25
16/** 26/**
17 * Class ContainerBuilder 27 * Class ContainerBuilder
@@ -30,22 +40,37 @@ class ContainerBuilder
30 /** @var SessionManager */ 40 /** @var SessionManager */
31 protected $session; 41 protected $session;
32 42
43 /** @var CookieManager */
44 protected $cookieManager;
45
33 /** @var LoginManager */ 46 /** @var LoginManager */
34 protected $login; 47 protected $login;
35 48
36 public function __construct(ConfigManager $conf, SessionManager $session, LoginManager $login) 49 /** @var string|null */
37 { 50 protected $basePath = null;
51
52 public function __construct(
53 ConfigManager $conf,
54 SessionManager $session,
55 CookieManager $cookieManager,
56 LoginManager $login
57 ) {
38 $this->conf = $conf; 58 $this->conf = $conf;
39 $this->session = $session; 59 $this->session = $session;
40 $this->login = $login; 60 $this->login = $login;
61 $this->cookieManager = $cookieManager;
41 } 62 }
42 63
43 public function build(): ShaarliContainer 64 public function build(): ShaarliContainer
44 { 65 {
45 $container = new ShaarliContainer(); 66 $container = new ShaarliContainer();
67
46 $container['conf'] = $this->conf; 68 $container['conf'] = $this->conf;
47 $container['sessionManager'] = $this->session; 69 $container['sessionManager'] = $this->session;
70 $container['cookieManager'] = $this->cookieManager;
48 $container['loginManager'] = $this->login; 71 $container['loginManager'] = $this->login;
72 $container['basePath'] = $this->basePath;
73
49 $container['plugins'] = function (ShaarliContainer $container): PluginManager { 74 $container['plugins'] = function (ShaarliContainer $container): PluginManager {
50 return new PluginManager($container->conf); 75 return new PluginManager($container->conf);
51 }; 76 };
@@ -73,7 +98,59 @@ class ContainerBuilder
73 }; 98 };
74 99
75 $container['pluginManager'] = function (ShaarliContainer $container): PluginManager { 100 $container['pluginManager'] = function (ShaarliContainer $container): PluginManager {
76 return new PluginManager($container->conf); 101 $pluginManager = new PluginManager($container->conf);
102
103 $pluginManager->load($container->conf->get('general.enabled_plugins'));
104
105 return $pluginManager;
106 };
107
108 $container['formatterFactory'] = function (ShaarliContainer $container): FormatterFactory {
109 return new FormatterFactory(
110 $container->conf,
111 $container->loginManager->isLoggedIn()
112 );
113 };
114
115 $container['pageCacheManager'] = function (ShaarliContainer $container): PageCacheManager {
116 return new PageCacheManager(
117 $container->conf->get('resource.page_cache'),
118 $container->loginManager->isLoggedIn()
119 );
120 };
121
122 $container['feedBuilder'] = function (ShaarliContainer $container): FeedBuilder {
123 return new FeedBuilder(
124 $container->bookmarkService,
125 $container->formatterFactory->getFormatter(),
126 $container->environment,
127 $container->loginManager->isLoggedIn()
128 );
129 };
130
131 $container['thumbnailer'] = function (ShaarliContainer $container): Thumbnailer {
132 return new Thumbnailer($container->conf);
133 };
134
135 $container['httpAccess'] = function (): HttpAccess {
136 return new HttpAccess();
137 };
138
139 $container['netscapeBookmarkUtils'] = function (ShaarliContainer $container): NetscapeBookmarkUtils {
140 return new NetscapeBookmarkUtils($container->bookmarkService, $container->conf, $container->history);
141 };
142
143 $container['updater'] = function (ShaarliContainer $container): Updater {
144 return new Updater(
145 UpdaterUtils::read_updates_file($container->conf->get('resource.updates')),
146 $container->bookmarkService,
147 $container->conf,
148 $container->loginManager->isLoggedIn()
149 );
150 };
151
152 $container['errorHandler'] = function (ShaarliContainer $container): ErrorController {
153 return new ErrorController($container);
77 }; 154 };
78 155
79 return $container; 156 return $container;
diff --git a/application/container/ShaarliContainer.php b/application/container/ShaarliContainer.php
index 3fa9116e..c4fe753e 100644
--- a/application/container/ShaarliContainer.php
+++ b/application/container/ShaarliContainer.php
@@ -4,25 +4,45 @@ declare(strict_types=1);
4 4
5namespace Shaarli\Container; 5namespace Shaarli\Container;
6 6
7use http\Cookie;
7use Shaarli\Bookmark\BookmarkServiceInterface; 8use Shaarli\Bookmark\BookmarkServiceInterface;
8use Shaarli\Config\ConfigManager; 9use Shaarli\Config\ConfigManager;
10use Shaarli\Feed\FeedBuilder;
11use Shaarli\Formatter\FormatterFactory;
9use Shaarli\History; 12use Shaarli\History;
13use Shaarli\Http\HttpAccess;
14use Shaarli\Netscape\NetscapeBookmarkUtils;
10use Shaarli\Plugin\PluginManager; 15use Shaarli\Plugin\PluginManager;
11use Shaarli\Render\PageBuilder; 16use Shaarli\Render\PageBuilder;
17use Shaarli\Render\PageCacheManager;
18use Shaarli\Security\CookieManager;
12use Shaarli\Security\LoginManager; 19use Shaarli\Security\LoginManager;
13use Shaarli\Security\SessionManager; 20use Shaarli\Security\SessionManager;
21use Shaarli\Thumbnailer;
22use Shaarli\Updater\Updater;
14use Slim\Container; 23use Slim\Container;
15 24
16/** 25/**
17 * Extension of Slim container to document the injected objects. 26 * Extension of Slim container to document the injected objects.
18 * 27 *
28 * @property string $basePath Shaarli's instance base path (e.g. `/shaarli/`)
29 * @property BookmarkServiceInterface $bookmarkService
30 * @property CookieManager $cookieManager
19 * @property ConfigManager $conf 31 * @property ConfigManager $conf
20 * @property SessionManager $sessionManager 32 * @property mixed[] $environment $_SERVER automatically injected by Slim
21 * @property LoginManager $loginManager 33 * @property callable $errorHandler Overrides default Slim error display
34 * @property FeedBuilder $feedBuilder
35 * @property FormatterFactory $formatterFactory
22 * @property History $history 36 * @property History $history
23 * @property BookmarkServiceInterface $bookmarkService 37 * @property HttpAccess $httpAccess
38 * @property LoginManager $loginManager
39 * @property NetscapeBookmarkUtils $netscapeBookmarkUtils
24 * @property PageBuilder $pageBuilder 40 * @property PageBuilder $pageBuilder
41 * @property PageCacheManager $pageCacheManager
25 * @property PluginManager $pluginManager 42 * @property PluginManager $pluginManager
43 * @property SessionManager $sessionManager
44 * @property Thumbnailer $thumbnailer
45 * @property Updater $updater
26 */ 46 */
27class ShaarliContainer extends Container 47class ShaarliContainer extends Container
28{ 48{
diff --git a/application/feed/Cache.php b/application/feed/Cache.php
deleted file mode 100644
index e5d43e61..00000000
--- a/application/feed/Cache.php
+++ /dev/null
@@ -1,38 +0,0 @@
1<?php
2/**
3 * Cache utilities
4 */
5
6/**
7 * Purges all cached pages
8 *
9 * @param string $pageCacheDir page cache directory
10 *
11 * @return mixed an error string if the directory is missing
12 */
13function purgeCachedPages($pageCacheDir)
14{
15 if (! is_dir($pageCacheDir)) {
16 $error = sprintf(t('Cannot purge %s: no directory'), $pageCacheDir);
17 error_log($error);
18 return $error;
19 }
20
21 array_map('unlink', glob($pageCacheDir.'/*.cache'));
22}
23
24/**
25 * Invalidates caches when the database is changed or the user logs out.
26 *
27 * @param string $pageCacheDir page cache directory
28 */
29function invalidateCaches($pageCacheDir)
30{
31 // Purge cache attached to session.
32 if (isset($_SESSION['tags'])) {
33 unset($_SESSION['tags']);
34 }
35
36 // Purge page cache shared by sessions.
37 purgeCachedPages($pageCacheDir);
38}
diff --git a/application/feed/FeedBuilder.php b/application/feed/FeedBuilder.php
index 40bd4f15..269ad877 100644
--- a/application/feed/FeedBuilder.php
+++ b/application/feed/FeedBuilder.php
@@ -43,22 +43,10 @@ class FeedBuilder
43 */ 43 */
44 protected $formatter; 44 protected $formatter;
45 45
46 /** 46 /** @var mixed[] $_SERVER */
47 * @var string RSS or ATOM feed.
48 */
49 protected $feedType;
50
51 /**
52 * @var array $_SERVER
53 */
54 protected $serverInfo; 47 protected $serverInfo;
55 48
56 /** 49 /**
57 * @var array $_GET
58 */
59 protected $userInput;
60
61 /**
62 * @var boolean True if the user is currently logged in, false otherwise. 50 * @var boolean True if the user is currently logged in, false otherwise.
63 */ 51 */
64 protected $isLoggedIn; 52 protected $isLoggedIn;
@@ -77,7 +65,6 @@ class FeedBuilder
77 * @var string server locale. 65 * @var string server locale.
78 */ 66 */
79 protected $locale; 67 protected $locale;
80
81 /** 68 /**
82 * @var DateTime Latest item date. 69 * @var DateTime Latest item date.
83 */ 70 */
@@ -88,37 +75,36 @@ class FeedBuilder
88 * 75 *
89 * @param BookmarkServiceInterface $linkDB LinkDB instance. 76 * @param BookmarkServiceInterface $linkDB LinkDB instance.
90 * @param BookmarkFormatter $formatter instance. 77 * @param BookmarkFormatter $formatter instance.
91 * @param string $feedType Type of feed.
92 * @param array $serverInfo $_SERVER. 78 * @param array $serverInfo $_SERVER.
93 * @param array $userInput $_GET.
94 * @param boolean $isLoggedIn True if the user is currently logged in, false otherwise. 79 * @param boolean $isLoggedIn True if the user is currently logged in, false otherwise.
95 */ 80 */
96 public function __construct($linkDB, $formatter, $feedType, $serverInfo, $userInput, $isLoggedIn) 81 public function __construct($linkDB, $formatter, $serverInfo, $isLoggedIn)
97 { 82 {
98 $this->linkDB = $linkDB; 83 $this->linkDB = $linkDB;
99 $this->formatter = $formatter; 84 $this->formatter = $formatter;
100 $this->feedType = $feedType;
101 $this->serverInfo = $serverInfo; 85 $this->serverInfo = $serverInfo;
102 $this->userInput = $userInput;
103 $this->isLoggedIn = $isLoggedIn; 86 $this->isLoggedIn = $isLoggedIn;
104 } 87 }
105 88
106 /** 89 /**
107 * Build data for feed templates. 90 * Build data for feed templates.
108 * 91 *
92 * @param string $feedType Type of feed (RSS/ATOM).
93 * @param array $userInput $_GET.
94 *
109 * @return array Formatted data for feeds templates. 95 * @return array Formatted data for feeds templates.
110 */ 96 */
111 public function buildData() 97 public function buildData(string $feedType, ?array $userInput)
112 { 98 {
113 // Search for untagged bookmarks 99 // Search for untagged bookmarks
114 if (isset($this->userInput['searchtags']) && empty($this->userInput['searchtags'])) { 100 if (isset($this->userInput['searchtags']) && empty($userInput['searchtags'])) {
115 $this->userInput['searchtags'] = false; 101 $userInput['searchtags'] = false;
116 } 102 }
117 103
118 // Optionally filter the results: 104 // Optionally filter the results:
119 $linksToDisplay = $this->linkDB->search($this->userInput); 105 $linksToDisplay = $this->linkDB->search($userInput);
120 106
121 $nblinksToDisplay = $this->getNbLinks(count($linksToDisplay)); 107 $nblinksToDisplay = $this->getNbLinks(count($linksToDisplay), $userInput);
122 108
123 // Can't use array_keys() because $link is a LinkDB instance and not a real array. 109 // Can't use array_keys() because $link is a LinkDB instance and not a real array.
124 $keys = array(); 110 $keys = array();
@@ -130,11 +116,11 @@ class FeedBuilder
130 $this->formatter->addContextData('index_url', $pageaddr); 116 $this->formatter->addContextData('index_url', $pageaddr);
131 $linkDisplayed = array(); 117 $linkDisplayed = array();
132 for ($i = 0; $i < $nblinksToDisplay && $i < count($keys); $i++) { 118 for ($i = 0; $i < $nblinksToDisplay && $i < count($keys); $i++) {
133 $linkDisplayed[$keys[$i]] = $this->buildItem($linksToDisplay[$keys[$i]], $pageaddr); 119 $linkDisplayed[$keys[$i]] = $this->buildItem($feedType, $linksToDisplay[$keys[$i]], $pageaddr);
134 } 120 }
135 121
136 $data['language'] = $this->getTypeLanguage(); 122 $data['language'] = $this->getTypeLanguage($feedType);
137 $data['last_update'] = $this->getLatestDateFormatted(); 123 $data['last_update'] = $this->getLatestDateFormatted($feedType);
138 $data['show_dates'] = !$this->hideDates || $this->isLoggedIn; 124 $data['show_dates'] = !$this->hideDates || $this->isLoggedIn;
139 // Remove leading slash from REQUEST_URI. 125 // Remove leading slash from REQUEST_URI.
140 $data['self_link'] = escape(server_url($this->serverInfo)) 126 $data['self_link'] = escape(server_url($this->serverInfo))
@@ -147,17 +133,48 @@ class FeedBuilder
147 } 133 }
148 134
149 /** 135 /**
136 * Set this to true to use permalinks instead of direct bookmarks.
137 *
138 * @param boolean $usePermalinks true to force permalinks.
139 */
140 public function setUsePermalinks($usePermalinks)
141 {
142 $this->usePermalinks = $usePermalinks;
143 }
144
145 /**
146 * Set this to true to hide timestamps in feeds.
147 *
148 * @param boolean $hideDates true to enable.
149 */
150 public function setHideDates($hideDates)
151 {
152 $this->hideDates = $hideDates;
153 }
154
155 /**
156 * Set the locale. Used to show feed language.
157 *
158 * @param string $locale The locale (eg. 'fr_FR.UTF8').
159 */
160 public function setLocale($locale)
161 {
162 $this->locale = strtolower($locale);
163 }
164
165 /**
150 * Build a feed item (one per shaare). 166 * Build a feed item (one per shaare).
151 * 167 *
168 * @param string $feedType Type of feed (RSS/ATOM).
152 * @param Bookmark $link Single link array extracted from LinkDB. 169 * @param Bookmark $link Single link array extracted from LinkDB.
153 * @param string $pageaddr Index URL. 170 * @param string $pageaddr Index URL.
154 * 171 *
155 * @return array Link array with feed attributes. 172 * @return array Link array with feed attributes.
156 */ 173 */
157 protected function buildItem($link, $pageaddr) 174 protected function buildItem(string $feedType, $link, $pageaddr)
158 { 175 {
159 $data = $this->formatter->format($link); 176 $data = $this->formatter->format($link);
160 $data['guid'] = $pageaddr . '?' . $data['shorturl']; 177 $data['guid'] = rtrim($pageaddr, '/') . '/shaare/' . $data['shorturl'];
161 if ($this->usePermalinks === true) { 178 if ($this->usePermalinks === true) {
162 $permalink = '<a href="'. $data['url'] .'" title="'. t('Direct link') .'">'. t('Direct link') .'</a>'; 179 $permalink = '<a href="'. $data['url'] .'" title="'. t('Direct link') .'">'. t('Direct link') .'</a>';
163 } else { 180 } else {
@@ -165,13 +182,13 @@ class FeedBuilder
165 } 182 }
166 $data['description'] .= PHP_EOL . PHP_EOL . '<br>&#8212; ' . $permalink; 183 $data['description'] .= PHP_EOL . PHP_EOL . '<br>&#8212; ' . $permalink;
167 184
168 $data['pub_iso_date'] = $this->getIsoDate($data['created']); 185 $data['pub_iso_date'] = $this->getIsoDate($feedType, $data['created']);
169 186
170 // atom:entry elements MUST contain exactly one atom:updated element. 187 // atom:entry elements MUST contain exactly one atom:updated element.
171 if (!empty($link->getUpdated())) { 188 if (!empty($link->getUpdated())) {
172 $data['up_iso_date'] = $this->getIsoDate($data['updated'], DateTime::ATOM); 189 $data['up_iso_date'] = $this->getIsoDate($feedType, $data['updated'], DateTime::ATOM);
173 } else { 190 } else {
174 $data['up_iso_date'] = $this->getIsoDate($data['created'], DateTime::ATOM); 191 $data['up_iso_date'] = $this->getIsoDate($feedType, $data['created'], DateTime::ATOM);
175 } 192 }
176 193
177 // Save the more recent item. 194 // Save the more recent item.
@@ -186,51 +203,23 @@ class FeedBuilder
186 } 203 }
187 204
188 /** 205 /**
189 * Set this to true to use permalinks instead of direct bookmarks.
190 *
191 * @param boolean $usePermalinks true to force permalinks.
192 */
193 public function setUsePermalinks($usePermalinks)
194 {
195 $this->usePermalinks = $usePermalinks;
196 }
197
198 /**
199 * Set this to true to hide timestamps in feeds.
200 *
201 * @param boolean $hideDates true to enable.
202 */
203 public function setHideDates($hideDates)
204 {
205 $this->hideDates = $hideDates;
206 }
207
208 /**
209 * Set the locale. Used to show feed language.
210 *
211 * @param string $locale The locale (eg. 'fr_FR.UTF8').
212 */
213 public function setLocale($locale)
214 {
215 $this->locale = strtolower($locale);
216 }
217
218 /**
219 * Get the language according to the feed type, based on the locale: 206 * Get the language according to the feed type, based on the locale:
220 * 207 *
221 * - RSS format: en-us (default: 'en-en'). 208 * - RSS format: en-us (default: 'en-en').
222 * - ATOM format: fr (default: 'en'). 209 * - ATOM format: fr (default: 'en').
223 * 210 *
211 * @param string $feedType Type of feed (RSS/ATOM).
212 *
224 * @return string The language. 213 * @return string The language.
225 */ 214 */
226 public function getTypeLanguage() 215 protected function getTypeLanguage(string $feedType)
227 { 216 {
228 // Use the locale do define the language, if available. 217 // Use the locale do define the language, if available.
229 if (!empty($this->locale) && preg_match('/^\w{2}[_\-]\w{2}/', $this->locale)) { 218 if (!empty($this->locale) && preg_match('/^\w{2}[_\-]\w{2}/', $this->locale)) {
230 $length = ($this->feedType === self::$FEED_RSS) ? 5 : 2; 219 $length = ($feedType === self::$FEED_RSS) ? 5 : 2;
231 return str_replace('_', '-', substr($this->locale, 0, $length)); 220 return str_replace('_', '-', substr($this->locale, 0, $length));
232 } 221 }
233 return ($this->feedType === self::$FEED_RSS) ? 'en-en' : 'en'; 222 return ($feedType === self::$FEED_RSS) ? 'en-en' : 'en';
234 } 223 }
235 224
236 /** 225 /**
@@ -238,32 +227,35 @@ class FeedBuilder
238 * 227 *
239 * Return an empty string if invalid DateTime is passed. 228 * Return an empty string if invalid DateTime is passed.
240 * 229 *
230 * @param string $feedType Type of feed (RSS/ATOM).
231 *
241 * @return string Formatted date. 232 * @return string Formatted date.
242 */ 233 */
243 protected function getLatestDateFormatted() 234 protected function getLatestDateFormatted(string $feedType)
244 { 235 {
245 if (empty($this->latestDate) || !$this->latestDate instanceof DateTime) { 236 if (empty($this->latestDate) || !$this->latestDate instanceof DateTime) {
246 return ''; 237 return '';
247 } 238 }
248 239
249 $type = ($this->feedType == self::$FEED_RSS) ? DateTime::RSS : DateTime::ATOM; 240 $type = ($feedType == self::$FEED_RSS) ? DateTime::RSS : DateTime::ATOM;
250 return $this->latestDate->format($type); 241 return $this->latestDate->format($type);
251 } 242 }
252 243
253 /** 244 /**
254 * Get ISO date from DateTime according to feed type. 245 * Get ISO date from DateTime according to feed type.
255 * 246 *
247 * @param string $feedType Type of feed (RSS/ATOM).
256 * @param DateTime $date Date to format. 248 * @param DateTime $date Date to format.
257 * @param string|bool $format Force format. 249 * @param string|bool $format Force format.
258 * 250 *
259 * @return string Formatted date. 251 * @return string Formatted date.
260 */ 252 */
261 protected function getIsoDate(DateTime $date, $format = false) 253 protected function getIsoDate(string $feedType, DateTime $date, $format = false)
262 { 254 {
263 if ($format !== false) { 255 if ($format !== false) {
264 return $date->format($format); 256 return $date->format($format);
265 } 257 }
266 if ($this->feedType == self::$FEED_RSS) { 258 if ($feedType == self::$FEED_RSS) {
267 return $date->format(DateTime::RSS); 259 return $date->format(DateTime::RSS);
268 } 260 }
269 return $date->format(DateTime::ATOM); 261 return $date->format(DateTime::ATOM);
@@ -275,21 +267,22 @@ class FeedBuilder
275 * If 'nb' not set or invalid, default value: $DEFAULT_NB_LINKS. 267 * If 'nb' not set or invalid, default value: $DEFAULT_NB_LINKS.
276 * If 'nb' is set to 'all', display all filtered bookmarks (max parameter). 268 * If 'nb' is set to 'all', display all filtered bookmarks (max parameter).
277 * 269 *
278 * @param int $max maximum number of bookmarks to display. 270 * @param int $max maximum number of bookmarks to display.
271 * @param array $userInput $_GET.
279 * 272 *
280 * @return int number of bookmarks to display. 273 * @return int number of bookmarks to display.
281 */ 274 */
282 public function getNbLinks($max) 275 protected function getNbLinks($max, ?array $userInput)
283 { 276 {
284 if (empty($this->userInput['nb'])) { 277 if (empty($userInput['nb'])) {
285 return self::$DEFAULT_NB_LINKS; 278 return self::$DEFAULT_NB_LINKS;
286 } 279 }
287 280
288 if ($this->userInput['nb'] == 'all') { 281 if ($userInput['nb'] == 'all') {
289 return $max; 282 return $max;
290 } 283 }
291 284
292 $intNb = intval($this->userInput['nb']); 285 $intNb = intval($userInput['nb']);
293 if (!is_int($intNb) || $intNb == 0) { 286 if (!is_int($intNb) || $intNb == 0) {
294 return self::$DEFAULT_NB_LINKS; 287 return self::$DEFAULT_NB_LINKS;
295 } 288 }
diff --git a/application/formatter/BookmarkDefaultFormatter.php b/application/formatter/BookmarkDefaultFormatter.php
index c6c59064..9d4a0fa0 100644
--- a/application/formatter/BookmarkDefaultFormatter.php
+++ b/application/formatter/BookmarkDefaultFormatter.php
@@ -50,11 +50,10 @@ class BookmarkDefaultFormatter extends BookmarkFormatter
50 */ 50 */
51 public function formatUrl($bookmark) 51 public function formatUrl($bookmark)
52 { 52 {
53 if (! empty($this->contextData['index_url']) && ( 53 if ($bookmark->isNote() && isset($this->contextData['index_url'])) {
54 startsWith($bookmark->getUrl(), '?') || startsWith($bookmark->getUrl(), '/') 54 return rtrim($this->contextData['index_url'], '/') . '/' . escape(ltrim($bookmark->getUrl(), '/'));
55 )) {
56 return $this->contextData['index_url'] . escape($bookmark->getUrl());
57 } 55 }
56
58 return escape($bookmark->getUrl()); 57 return escape($bookmark->getUrl());
59 } 58 }
60 59
@@ -63,11 +62,18 @@ class BookmarkDefaultFormatter extends BookmarkFormatter
63 */ 62 */
64 protected function formatRealUrl($bookmark) 63 protected function formatRealUrl($bookmark)
65 { 64 {
66 if (! empty($this->contextData['index_url']) && ( 65 if ($bookmark->isNote()) {
67 startsWith($bookmark->getUrl(), '?') || startsWith($bookmark->getUrl(), '/') 66 if (isset($this->contextData['index_url'])) {
68 )) { 67 $prefix = rtrim($this->contextData['index_url'], '/') . '/';
69 return $this->contextData['index_url'] . escape($bookmark->getUrl()); 68 }
69
70 if (isset($this->contextData['base_path'])) {
71 $prefix = rtrim($this->contextData['base_path'], '/') . '/';
72 }
73
74 return escape($prefix ?? '') . escape(ltrim($bookmark->getUrl(), '/'));
70 } 75 }
76
71 return escape($bookmark->getUrl()); 77 return escape($bookmark->getUrl());
72 } 78 }
73 79
diff --git a/application/formatter/BookmarkFormatter.php b/application/formatter/BookmarkFormatter.php
index a80d83fc..22ba7aae 100644
--- a/application/formatter/BookmarkFormatter.php
+++ b/application/formatter/BookmarkFormatter.php
@@ -3,8 +3,8 @@
3namespace Shaarli\Formatter; 3namespace Shaarli\Formatter;
4 4
5use DateTime; 5use DateTime;
6use Shaarli\Config\ConfigManager;
7use Shaarli\Bookmark\Bookmark; 6use Shaarli\Bookmark\Bookmark;
7use Shaarli\Config\ConfigManager;
8 8
9/** 9/**
10 * Class BookmarkFormatter 10 * Class BookmarkFormatter
@@ -80,6 +80,8 @@ abstract class BookmarkFormatter
80 public function addContextData($key, $value) 80 public function addContextData($key, $value)
81 { 81 {
82 $this->contextData[$key] = $value; 82 $this->contextData[$key] = $value;
83
84 return $this;
83 } 85 }
84 86
85 /** 87 /**
@@ -128,7 +130,7 @@ abstract class BookmarkFormatter
128 */ 130 */
129 protected function formatRealUrl($bookmark) 131 protected function formatRealUrl($bookmark)
130 { 132 {
131 return $bookmark->getUrl(); 133 return $this->formatUrl($bookmark);
132 } 134 }
133 135
134 /** 136 /**
diff --git a/application/formatter/BookmarkMarkdownFormatter.php b/application/formatter/BookmarkMarkdownFormatter.php
index 077e5312..5d244d4c 100644
--- a/application/formatter/BookmarkMarkdownFormatter.php
+++ b/application/formatter/BookmarkMarkdownFormatter.php
@@ -114,7 +114,7 @@ class BookmarkMarkdownFormatter extends BookmarkDefaultFormatter
114 114
115 /** 115 /**
116 * Replace hashtag in Markdown links format 116 * Replace hashtag in Markdown links format
117 * E.g. `#hashtag` becomes `[#hashtag](?addtag=hashtag)` 117 * E.g. `#hashtag` becomes `[#hashtag](./add-tag/hashtag)`
118 * It includes the index URL if specified. 118 * It includes the index URL if specified.
119 * 119 *
120 * @param string $description 120 * @param string $description
@@ -133,7 +133,7 @@ class BookmarkMarkdownFormatter extends BookmarkDefaultFormatter
133 * \p{Mn} - any non marking space (accents, umlauts, etc) 133 * \p{Mn} - any non marking space (accents, umlauts, etc)
134 */ 134 */
135 $regex = '/(^|\s)#([\p{Pc}\p{N}\p{L}\p{Mn}]+)/mui'; 135 $regex = '/(^|\s)#([\p{Pc}\p{N}\p{L}\p{Mn}]+)/mui';
136 $replacement = '$1[#$2]('. $indexUrl .'?addtag=$2)'; 136 $replacement = '$1[#$2]('. $indexUrl .'./add-tag/$2)';
137 137
138 $descriptionLines = explode(PHP_EOL, $description); 138 $descriptionLines = explode(PHP_EOL, $description);
139 $descriptionOut = ''; 139 $descriptionOut = '';
diff --git a/application/formatter/FormatterFactory.php b/application/formatter/FormatterFactory.php
index 5f282f68..a029579f 100644
--- a/application/formatter/FormatterFactory.php
+++ b/application/formatter/FormatterFactory.php
@@ -38,7 +38,7 @@ class FormatterFactory
38 * 38 *
39 * @return BookmarkFormatter instance. 39 * @return BookmarkFormatter instance.
40 */ 40 */
41 public function getFormatter(string $type = null) 41 public function getFormatter(string $type = null): BookmarkFormatter
42 { 42 {
43 $type = $type ? $type : $this->conf->get('formatter', 'default'); 43 $type = $type ? $type : $this->conf->get('formatter', 'default');
44 $className = '\\Shaarli\\Formatter\\Bookmark'. ucfirst($type) .'Formatter'; 44 $className = '\\Shaarli\\Formatter\\Bookmark'. ucfirst($type) .'Formatter';
diff --git a/application/front/ShaarliAdminMiddleware.php b/application/front/ShaarliAdminMiddleware.php
new file mode 100644
index 00000000..35ce4a3b
--- /dev/null
+++ b/application/front/ShaarliAdminMiddleware.php
@@ -0,0 +1,27 @@
1<?php
2
3namespace Shaarli\Front;
4
5use Slim\Http\Request;
6use Slim\Http\Response;
7
8/**
9 * Middleware used for controller requiring to be authenticated.
10 * It extends ShaarliMiddleware, and just make sure that the user is authenticated.
11 * Otherwise, it redirects to the login page.
12 */
13class ShaarliAdminMiddleware extends ShaarliMiddleware
14{
15 public function __invoke(Request $request, Response $response, callable $next): Response
16 {
17 $this->initBasePath($request);
18
19 if (true !== $this->container->loginManager->isLoggedIn()) {
20 $returnUrl = urlencode($this->container->environment['REQUEST_URI']);
21
22 return $response->withRedirect($this->container->basePath . '/login?returnurl=' . $returnUrl);
23 }
24
25 return parent::__invoke($request, $response, $next);
26 }
27}
diff --git a/application/front/ShaarliMiddleware.php b/application/front/ShaarliMiddleware.php
index fa6c6467..c015c0c6 100644
--- a/application/front/ShaarliMiddleware.php
+++ b/application/front/ShaarliMiddleware.php
@@ -3,7 +3,7 @@
3namespace Shaarli\Front; 3namespace Shaarli\Front;
4 4
5use Shaarli\Container\ShaarliContainer; 5use Shaarli\Container\ShaarliContainer;
6use Shaarli\Front\Exception\ShaarliException; 6use Shaarli\Front\Exception\UnauthorizedException;
7use Slim\Http\Request; 7use Slim\Http\Request;
8use Slim\Http\Response; 8use Slim\Http\Response;
9 9
@@ -24,6 +24,8 @@ class ShaarliMiddleware
24 24
25 /** 25 /**
26 * Middleware execution: 26 * Middleware execution:
27 * - run updates
28 * - if not logged in open shaarli, redirect to login
27 * - execute the controller 29 * - execute the controller
28 * - return the response 30 * - return the response
29 * 31 *
@@ -35,23 +37,78 @@ class ShaarliMiddleware
35 * 37 *
36 * @return Response response. 38 * @return Response response.
37 */ 39 */
38 public function __invoke(Request $request, Response $response, callable $next) 40 public function __invoke(Request $request, Response $response, callable $next): Response
39 { 41 {
42 $this->initBasePath($request);
43
40 try { 44 try {
41 $response = $next($request, $response); 45 if (!is_file($this->container->conf->getConfigFileExt())
42 } catch (ShaarliException $e) { 46 && !in_array($next->getName(), ['displayInstall', 'saveInstall'], true)
43 $this->container->pageBuilder->assign('message', $e->getMessage()); 47 ) {
44 if ($this->container->conf->get('dev.debug', false)) { 48 return $response->withRedirect($this->container->basePath . '/install');
45 $this->container->pageBuilder->assign(
46 'stacktrace',
47 nl2br(get_class($this) .': '. $e->getTraceAsString())
48 );
49 } 49 }
50 50
51 $response = $response->withStatus($e->getCode()); 51 $this->runUpdates();
52 $response = $response->write($this->container->pageBuilder->render('error')); 52 $this->checkOpenShaarli($request, $response, $next);
53
54 return $next($request, $response);
55 } catch (UnauthorizedException $e) {
56 $returnUrl = urlencode($this->container->environment['REQUEST_URI']);
57
58 return $response->withRedirect($this->container->basePath . '/login?returnurl=' . $returnUrl);
59 }
60 // Other exceptions are handled by ErrorController
61 }
62
63 /**
64 * Run the updater for every requests processed while logged in.
65 */
66 protected function runUpdates(): void
67 {
68 if ($this->container->loginManager->isLoggedIn() !== true) {
69 return;
70 }
71
72 $this->container->updater->setBasePath($this->container->basePath);
73 $newUpdates = $this->container->updater->update();
74 if (!empty($newUpdates)) {
75 $this->container->updater->writeUpdates(
76 $this->container->conf->get('resource.updates'),
77 $this->container->updater->getDoneUpdates()
78 );
79
80 $this->container->pageCacheManager->invalidateCaches();
81 }
82 }
83
84 /**
85 * Access is denied to most pages with `hide_public_links` + `force_login` settings.
86 */
87 protected function checkOpenShaarli(Request $request, Response $response, callable $next): bool
88 {
89 if (// if the user isn't logged in
90 !$this->container->loginManager->isLoggedIn()
91 // and Shaarli doesn't have public content...
92 && $this->container->conf->get('privacy.hide_public_links')
93 // and is configured to enforce the login
94 && $this->container->conf->get('privacy.force_login')
95 // and the current page isn't already the login page
96 // and the user is not requesting a feed (which would lead to a different content-type as expected)
97 && !in_array($next->getName(), ['login', 'atom', 'rss'], true)
98 ) {
99 throw new UnauthorizedException();
53 } 100 }
54 101
55 return $response; 102 return true;
103 }
104
105 /**
106 * Initialize the URL base path if it hasn't been defined yet.
107 */
108 protected function initBasePath(Request $request): void
109 {
110 if (null === $this->container->basePath) {
111 $this->container->basePath = rtrim($request->getUri()->getBasePath(), '/');
112 }
56 } 113 }
57} 114}
diff --git a/application/front/controller/admin/ConfigureController.php b/application/front/controller/admin/ConfigureController.php
new file mode 100644
index 00000000..e675fcca
--- /dev/null
+++ b/application/front/controller/admin/ConfigureController.php
@@ -0,0 +1,126 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Front\Controller\Admin;
6
7use Shaarli\Languages;
8use Shaarli\Render\TemplatePage;
9use Shaarli\Render\ThemeUtils;
10use Shaarli\Thumbnailer;
11use Slim\Http\Request;
12use Slim\Http\Response;
13use Throwable;
14
15/**
16 * Class ConfigureController
17 *
18 * Slim controller used to handle Shaarli configuration page (display + save new config).
19 */
20class ConfigureController extends ShaarliAdminController
21{
22 /**
23 * GET /admin/configure - Displays the configuration page
24 */
25 public function index(Request $request, Response $response): Response
26 {
27 $this->assignView('title', $this->container->conf->get('general.title', 'Shaarli'));
28 $this->assignView('theme', $this->container->conf->get('resource.theme'));
29 $this->assignView(
30 'theme_available',
31 ThemeUtils::getThemes($this->container->conf->get('resource.raintpl_tpl'))
32 );
33 $this->assignView('formatter_available', ['default', 'markdown']);
34 list($continents, $cities) = generateTimeZoneData(
35 timezone_identifiers_list(),
36 $this->container->conf->get('general.timezone')
37 );
38 $this->assignView('continents', $continents);
39 $this->assignView('cities', $cities);
40 $this->assignView('retrieve_description', $this->container->conf->get('general.retrieve_description', false));
41 $this->assignView('private_links_default', $this->container->conf->get('privacy.default_private_links', false));
42 $this->assignView(
43 'session_protection_disabled',
44 $this->container->conf->get('security.session_protection_disabled', false)
45 );
46 $this->assignView('enable_rss_permalinks', $this->container->conf->get('feed.rss_permalinks', false));
47 $this->assignView('enable_update_check', $this->container->conf->get('updates.check_updates', true));
48 $this->assignView('hide_public_links', $this->container->conf->get('privacy.hide_public_links', false));
49 $this->assignView('api_enabled', $this->container->conf->get('api.enabled', true));
50 $this->assignView('api_secret', $this->container->conf->get('api.secret'));
51 $this->assignView('languages', Languages::getAvailableLanguages());
52 $this->assignView('gd_enabled', extension_loaded('gd'));
53 $this->assignView('thumbnails_mode', $this->container->conf->get('thumbnails.mode', Thumbnailer::MODE_NONE));
54 $this->assignView('pagetitle', t('Configure') .' - '. $this->container->conf->get('general.title', 'Shaarli'));
55
56 return $response->write($this->render(TemplatePage::CONFIGURE));
57 }
58
59 /**
60 * POST /admin/configure - Update Shaarli's configuration
61 */
62 public function save(Request $request, Response $response): Response
63 {
64 $this->checkToken($request);
65
66 $continent = $request->getParam('continent');
67 $city = $request->getParam('city');
68 $tz = 'UTC';
69 if (null !== $continent && null !== $city && isTimeZoneValid($continent, $city)) {
70 $tz = $continent . '/' . $city;
71 }
72
73 $this->container->conf->set('general.timezone', $tz);
74 $this->container->conf->set('general.title', escape($request->getParam('title')));
75 $this->container->conf->set('general.header_link', escape($request->getParam('titleLink')));
76 $this->container->conf->set('general.retrieve_description', !empty($request->getParam('retrieveDescription')));
77 $this->container->conf->set('resource.theme', escape($request->getParam('theme')));
78 $this->container->conf->set(
79 'security.session_protection_disabled',
80 !empty($request->getParam('disablesessionprotection'))
81 );
82 $this->container->conf->set(
83 'privacy.default_private_links',
84 !empty($request->getParam('privateLinkByDefault'))
85 );
86 $this->container->conf->set('feed.rss_permalinks', !empty($request->getParam('enableRssPermalinks')));
87 $this->container->conf->set('updates.check_updates', !empty($request->getParam('updateCheck')));
88 $this->container->conf->set('privacy.hide_public_links', !empty($request->getParam('hidePublicLinks')));
89 $this->container->conf->set('api.enabled', !empty($request->getParam('enableApi')));
90 $this->container->conf->set('api.secret', escape($request->getParam('apiSecret')));
91 $this->container->conf->set('formatter', escape($request->getParam('formatter')));
92
93 if (!empty($request->getParam('language'))) {
94 $this->container->conf->set('translation.language', escape($request->getParam('language')));
95 }
96
97 $thumbnailsMode = extension_loaded('gd') ? $request->getParam('enableThumbnails') : Thumbnailer::MODE_NONE;
98 if ($thumbnailsMode !== Thumbnailer::MODE_NONE
99 && $thumbnailsMode !== $this->container->conf->get('thumbnails.mode', Thumbnailer::MODE_NONE)
100 ) {
101 $this->saveWarningMessage(
102 t('You have enabled or changed thumbnails mode.') .
103 '<a href="'. $this->container->basePath .'/admin/thumbnails">' . t('Please synchronize them.') .'</a>'
104 );
105 }
106 $this->container->conf->set('thumbnails.mode', $thumbnailsMode);
107
108 try {
109 $this->container->conf->write($this->container->loginManager->isLoggedIn());
110 $this->container->history->updateSettings();
111 $this->container->pageCacheManager->invalidateCaches();
112 } catch (Throwable $e) {
113 $this->assignView('message', t('Error while writing config file after configuration update.'));
114
115 if ($this->container->conf->get('dev.debug', false)) {
116 $this->assignView('stacktrace', $e->getMessage() . PHP_EOL . $e->getTraceAsString());
117 }
118
119 return $response->write($this->render('error'));
120 }
121
122 $this->saveSuccessMessage(t('Configuration was saved.'));
123
124 return $this->redirect($response, '/admin/configure');
125 }
126}
diff --git a/application/front/controller/admin/ExportController.php b/application/front/controller/admin/ExportController.php
new file mode 100644
index 00000000..2be957fa
--- /dev/null
+++ b/application/front/controller/admin/ExportController.php
@@ -0,0 +1,80 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Front\Controller\Admin;
6
7use DateTime;
8use Shaarli\Bookmark\Bookmark;
9use Shaarli\Render\TemplatePage;
10use Slim\Http\Request;
11use Slim\Http\Response;
12
13/**
14 * Class ExportController
15 *
16 * Slim controller used to display Shaarli data export page,
17 * and process the bookmarks export as a Netscape Bookmarks file.
18 */
19class ExportController extends ShaarliAdminController
20{
21 /**
22 * GET /admin/export - Display export page
23 */
24 public function index(Request $request, Response $response): Response
25 {
26 $this->assignView('pagetitle', t('Export') .' - '. $this->container->conf->get('general.title', 'Shaarli'));
27
28 return $response->write($this->render(TemplatePage::EXPORT));
29 }
30
31 /**
32 * POST /admin/export - Process export, and serve download file named
33 * bookmarks_(all|private|public)_datetime.html
34 */
35 public function export(Request $request, Response $response): Response
36 {
37 $this->checkToken($request);
38
39 $selection = $request->getParam('selection');
40
41 if (empty($selection)) {
42 $this->saveErrorMessage(t('Please select an export mode.'));
43
44 return $this->redirect($response, '/admin/export');
45 }
46
47 $prependNoteUrl = filter_var($request->getParam('prepend_note_url') ?? false, FILTER_VALIDATE_BOOLEAN);
48
49 try {
50 $formatter = $this->container->formatterFactory->getFormatter('raw');
51
52 $this->assignView(
53 'links',
54 $this->container->netscapeBookmarkUtils->filterAndFormat(
55 $formatter,
56 $selection,
57 $prependNoteUrl,
58 index_url($this->container->environment)
59 )
60 );
61 } catch (\Exception $exc) {
62 $this->saveErrorMessage($exc->getMessage());
63
64 return $this->redirect($response, '/admin/export');
65 }
66
67 $now = new DateTime();
68 $response = $response->withHeader('Content-Type', 'text/html; charset=utf-8');
69 $response = $response->withHeader(
70 'Content-disposition',
71 'attachment; filename=bookmarks_'.$selection.'_'.$now->format(Bookmark::LINK_DATE_FORMAT).'.html'
72 );
73
74 $this->assignView('date', $now->format(DateTime::RFC822));
75 $this->assignView('eol', PHP_EOL);
76 $this->assignView('selection', $selection);
77
78 return $response->write($this->render(TemplatePage::NETSCAPE_EXPORT_BOOKMARKS));
79 }
80}
diff --git a/application/front/controller/admin/ImportController.php b/application/front/controller/admin/ImportController.php
new file mode 100644
index 00000000..758d5ef9
--- /dev/null
+++ b/application/front/controller/admin/ImportController.php
@@ -0,0 +1,82 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Front\Controller\Admin;
6
7use Psr\Http\Message\UploadedFileInterface;
8use Shaarli\Render\TemplatePage;
9use Slim\Http\Request;
10use Slim\Http\Response;
11
12/**
13 * Class ImportController
14 *
15 * Slim controller used to display Shaarli data import page,
16 * and import bookmarks from Netscape Bookmarks file.
17 */
18class ImportController extends ShaarliAdminController
19{
20 /**
21 * GET /admin/import - Display import page
22 */
23 public function index(Request $request, Response $response): Response
24 {
25 $this->assignView(
26 'maxfilesize',
27 get_max_upload_size(
28 ini_get('post_max_size'),
29 ini_get('upload_max_filesize'),
30 false
31 )
32 );
33 $this->assignView(
34 'maxfilesizeHuman',
35 get_max_upload_size(
36 ini_get('post_max_size'),
37 ini_get('upload_max_filesize'),
38 true
39 )
40 );
41 $this->assignView('pagetitle', t('Import') .' - '. $this->container->conf->get('general.title', 'Shaarli'));
42
43 return $response->write($this->render(TemplatePage::IMPORT));
44 }
45
46 /**
47 * POST /admin/import - Process import file provided and create bookmarks
48 */
49 public function import(Request $request, Response $response): Response
50 {
51 $this->checkToken($request);
52
53 $file = ($request->getUploadedFiles() ?? [])['filetoupload'] ?? null;
54 if (!$file instanceof UploadedFileInterface) {
55 $this->saveErrorMessage(t('No import file provided.'));
56
57 return $this->redirect($response, '/admin/import');
58 }
59
60
61 // Import bookmarks from an uploaded file
62 if (0 === $file->getSize()) {
63 // The file is too big or some form field may be missing.
64 $msg = sprintf(
65 t(
66 'The file you are trying to upload is probably bigger than what this webserver can accept'
67 .' (%s). Please upload in smaller chunks.'
68 ),
69 get_max_upload_size(ini_get('post_max_size'), ini_get('upload_max_filesize'))
70 );
71 $this->saveErrorMessage($msg);
72
73 return $this->redirect($response, '/admin/import');
74 }
75
76 $status = $this->container->netscapeBookmarkUtils->import($request->getParams(), $file);
77
78 $this->saveSuccessMessage($status);
79
80 return $this->redirect($response, '/admin/import');
81 }
82}
diff --git a/application/front/controller/admin/LogoutController.php b/application/front/controller/admin/LogoutController.php
new file mode 100644
index 00000000..28165129
--- /dev/null
+++ b/application/front/controller/admin/LogoutController.php
@@ -0,0 +1,33 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Front\Controller\Admin;
6
7use Shaarli\Security\CookieManager;
8use Shaarli\Security\LoginManager;
9use Slim\Http\Request;
10use Slim\Http\Response;
11
12/**
13 * Class LogoutController
14 *
15 * Slim controller used to logout the user.
16 * It invalidates page cache and terminate the user session. Then it redirects to the homepage.
17 */
18class LogoutController extends ShaarliAdminController
19{
20 public function index(Request $request, Response $response): Response
21 {
22 $this->container->pageCacheManager->invalidateCaches();
23 $this->container->sessionManager->logout();
24 $this->container->cookieManager->setCookieParameter(
25 CookieManager::STAY_SIGNED_IN,
26 'false',
27 0,
28 $this->container->basePath . '/'
29 );
30
31 return $this->redirect($response, '/');
32 }
33}
diff --git a/application/front/controller/admin/ManageShaareController.php b/application/front/controller/admin/ManageShaareController.php
new file mode 100644
index 00000000..33e1188e
--- /dev/null
+++ b/application/front/controller/admin/ManageShaareController.php
@@ -0,0 +1,371 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Front\Controller\Admin;
6
7use Shaarli\Bookmark\Bookmark;
8use Shaarli\Bookmark\Exception\BookmarkNotFoundException;
9use Shaarli\Formatter\BookmarkMarkdownFormatter;
10use Shaarli\Render\TemplatePage;
11use Shaarli\Thumbnailer;
12use Slim\Http\Request;
13use Slim\Http\Response;
14
15/**
16 * Class PostBookmarkController
17 *
18 * Slim controller used to handle Shaarli create or edit bookmarks.
19 */
20class ManageShaareController extends ShaarliAdminController
21{
22 /**
23 * GET /admin/add-shaare - Displays the form used to create a new bookmark from an URL
24 */
25 public function addShaare(Request $request, Response $response): Response
26 {
27 $this->assignView(
28 'pagetitle',
29 t('Shaare a new link') .' - '. $this->container->conf->get('general.title', 'Shaarli')
30 );
31
32 return $response->write($this->render(TemplatePage::ADDLINK));
33 }
34
35 /**
36 * GET /admin/shaare - Displays the bookmark form for creation.
37 * Note that if the URL is found in existing bookmarks, then it will be in edit mode.
38 */
39 public function displayCreateForm(Request $request, Response $response): Response
40 {
41 $url = cleanup_url($request->getParam('post'));
42
43 $linkIsNew = false;
44 // Check if URL is not already in database (in this case, we will edit the existing link)
45 $bookmark = $this->container->bookmarkService->findByUrl($url);
46 if (null === $bookmark) {
47 $linkIsNew = true;
48 // Get shaare data if it was provided in URL (e.g.: by the bookmarklet).
49 $title = $request->getParam('title');
50 $description = $request->getParam('description');
51 $tags = $request->getParam('tags');
52 $private = filter_var($request->getParam('private'), FILTER_VALIDATE_BOOLEAN);
53
54 // If this is an HTTP(S) link, we try go get the page to extract
55 // the title (otherwise we will to straight to the edit form.)
56 if (empty($title) && strpos(get_url_scheme($url) ?: '', 'http') !== false) {
57 $retrieveDescription = $this->container->conf->get('general.retrieve_description');
58 // Short timeout to keep the application responsive
59 // The callback will fill $charset and $title with data from the downloaded page.
60 $this->container->httpAccess->getHttpResponse(
61 $url,
62 $this->container->conf->get('general.download_timeout', 30),
63 $this->container->conf->get('general.download_max_size', 4194304),
64 $this->container->httpAccess->getCurlDownloadCallback(
65 $charset,
66 $title,
67 $description,
68 $tags,
69 $retrieveDescription
70 )
71 );
72 if (! empty($title) && strtolower($charset) !== 'utf-8') {
73 $title = mb_convert_encoding($title, 'utf-8', $charset);
74 }
75 }
76
77 if (empty($url) && empty($title)) {
78 $title = $this->container->conf->get('general.default_note_title', t('Note: '));
79 }
80
81 $link = escape([
82 'title' => $title,
83 'url' => $url ?? '',
84 'description' => $description ?? '',
85 'tags' => $tags ?? '',
86 'private' => $private,
87 ]);
88 } else {
89 $formatter = $this->container->formatterFactory->getFormatter('raw');
90 $link = $formatter->format($bookmark);
91 }
92
93 return $this->displayForm($link, $linkIsNew, $request, $response);
94 }
95
96 /**
97 * GET /admin/shaare/{id} - Displays the bookmark form in edition mode.
98 */
99 public function displayEditForm(Request $request, Response $response, array $args): Response
100 {
101 $id = $args['id'] ?? '';
102 try {
103 if (false === ctype_digit($id)) {
104 throw new BookmarkNotFoundException();
105 }
106 $bookmark = $this->container->bookmarkService->get((int) $id); // Read database
107 } catch (BookmarkNotFoundException $e) {
108 $this->saveErrorMessage(sprintf(
109 t('Bookmark with identifier %s could not be found.'),
110 $id
111 ));
112
113 return $this->redirect($response, '/');
114 }
115
116 $formatter = $this->container->formatterFactory->getFormatter('raw');
117 $link = $formatter->format($bookmark);
118
119 return $this->displayForm($link, false, $request, $response);
120 }
121
122 /**
123 * POST /admin/shaare
124 */
125 public function save(Request $request, Response $response): Response
126 {
127 $this->checkToken($request);
128
129 // lf_id should only be present if the link exists.
130 $id = $request->getParam('lf_id') ? intval(escape($request->getParam('lf_id'))) : null;
131 if (null !== $id && true === $this->container->bookmarkService->exists($id)) {
132 // Edit
133 $bookmark = $this->container->bookmarkService->get($id);
134 } else {
135 // New link
136 $bookmark = new Bookmark();
137 }
138
139 $bookmark->setTitle($request->getParam('lf_title'));
140 $bookmark->setDescription($request->getParam('lf_description'));
141 $bookmark->setUrl($request->getParam('lf_url'), $this->container->conf->get('security.allowed_protocols', []));
142 $bookmark->setPrivate(filter_var($request->getParam('lf_private'), FILTER_VALIDATE_BOOLEAN));
143 $bookmark->setTagsString($request->getParam('lf_tags'));
144
145 if ($this->container->conf->get('thumbnails.mode', Thumbnailer::MODE_NONE) !== Thumbnailer::MODE_NONE
146 && false === $bookmark->isNote()
147 ) {
148 $bookmark->setThumbnail($this->container->thumbnailer->get($bookmark->getUrl()));
149 }
150 $this->container->bookmarkService->addOrSet($bookmark, false);
151
152 // To preserve backward compatibility with 3rd parties, plugins still use arrays
153 $formatter = $this->container->formatterFactory->getFormatter('raw');
154 $data = $formatter->format($bookmark);
155 $this->executePageHooks('save_link', $data);
156
157 $bookmark->fromArray($data);
158 $this->container->bookmarkService->set($bookmark);
159
160 // If we are called from the bookmarklet, we must close the popup:
161 if ($request->getParam('source') === 'bookmarklet') {
162 return $response->write('<script>self.close();</script>');
163 }
164
165 if (!empty($request->getParam('returnurl'))) {
166 $this->container->environment['HTTP_REFERER'] = escape($request->getParam('returnurl'));
167 }
168
169 return $this->redirectFromReferer(
170 $request,
171 $response,
172 ['add-shaare', 'shaare'], ['addlink', 'post', 'edit_link'],
173 $bookmark->getShortUrl()
174 );
175 }
176
177 /**
178 * GET /admin/shaare/delete - Delete one or multiple bookmarks (depending on `id` query parameter).
179 */
180 public function deleteBookmark(Request $request, Response $response): Response
181 {
182 $this->checkToken($request);
183
184 $ids = escape(trim($request->getParam('id') ?? ''));
185 if (empty($ids) || strpos($ids, ' ') !== false) {
186 // multiple, space-separated ids provided
187 $ids = array_values(array_filter(preg_split('/\s+/', $ids), 'ctype_digit'));
188 } else {
189 $ids = [$ids];
190 }
191
192 // assert at least one id is given
193 if (0 === count($ids)) {
194 $this->saveErrorMessage(t('Invalid bookmark ID provided.'));
195
196 return $this->redirectFromReferer($request, $response, [], ['delete-shaare']);
197 }
198
199 $formatter = $this->container->formatterFactory->getFormatter('raw');
200 $count = 0;
201 foreach ($ids as $id) {
202 try {
203 $bookmark = $this->container->bookmarkService->get((int) $id);
204 } catch (BookmarkNotFoundException $e) {
205 $this->saveErrorMessage(sprintf(
206 t('Bookmark with identifier %s could not be found.'),
207 $id
208 ));
209
210 continue;
211 }
212
213 $data = $formatter->format($bookmark);
214 $this->executePageHooks('delete_link', $data);
215 $this->container->bookmarkService->remove($bookmark, false);
216 ++ $count;
217 }
218
219 if ($count > 0) {
220 $this->container->bookmarkService->save();
221 }
222
223 // If we are called from the bookmarklet, we must close the popup:
224 if ($request->getParam('source') === 'bookmarklet') {
225 return $response->write('<script>self.close();</script>');
226 }
227
228 // Don't redirect to where we were previously because the datastore has changed.
229 return $this->redirect($response, '/');
230 }
231
232 /**
233 * GET /admin/shaare/visibility
234 *
235 * Change visibility (public/private) of one or multiple bookmarks (depending on `id` query parameter).
236 */
237 public function changeVisibility(Request $request, Response $response): Response
238 {
239 $this->checkToken($request);
240
241 $ids = trim(escape($request->getParam('id') ?? ''));
242 if (empty($ids) || strpos($ids, ' ') !== false) {
243 // multiple, space-separated ids provided
244 $ids = array_values(array_filter(preg_split('/\s+/', $ids), 'ctype_digit'));
245 } else {
246 // only a single id provided
247 $ids = [$ids];
248 }
249
250 // assert at least one id is given
251 if (0 === count($ids)) {
252 $this->saveErrorMessage(t('Invalid bookmark ID provided.'));
253
254 return $this->redirectFromReferer($request, $response, [], ['change_visibility']);
255 }
256
257 // assert that the visibility is valid
258 $visibility = $request->getParam('newVisibility');
259 if (null === $visibility || false === in_array($visibility, ['public', 'private'], true)) {
260 $this->saveErrorMessage(t('Invalid visibility provided.'));
261
262 return $this->redirectFromReferer($request, $response, [], ['change_visibility']);
263 } else {
264 $isPrivate = $visibility === 'private';
265 }
266
267 $formatter = $this->container->formatterFactory->getFormatter('raw');
268 $count = 0;
269
270 foreach ($ids as $id) {
271 try {
272 $bookmark = $this->container->bookmarkService->get((int) $id);
273 } catch (BookmarkNotFoundException $e) {
274 $this->saveErrorMessage(sprintf(
275 t('Bookmark with identifier %s could not be found.'),
276 $id
277 ));
278
279 continue;
280 }
281
282 $bookmark->setPrivate($isPrivate);
283
284 // To preserve backward compatibility with 3rd parties, plugins still use arrays
285 $data = $formatter->format($bookmark);
286 $this->executePageHooks('save_link', $data);
287 $bookmark->fromArray($data);
288
289 $this->container->bookmarkService->set($bookmark, false);
290 ++$count;
291 }
292
293 if ($count > 0) {
294 $this->container->bookmarkService->save();
295 }
296
297 return $this->redirectFromReferer($request, $response, ['/visibility'], ['change_visibility']);
298 }
299
300 /**
301 * GET /admin/shaare/{id}/pin - Pin or unpin a bookmark.
302 */
303 public function pinBookmark(Request $request, Response $response, array $args): Response
304 {
305 $this->checkToken($request);
306
307 $id = $args['id'] ?? '';
308 try {
309 if (false === ctype_digit($id)) {
310 throw new BookmarkNotFoundException();
311 }
312 $bookmark = $this->container->bookmarkService->get((int) $id); // Read database
313 } catch (BookmarkNotFoundException $e) {
314 $this->saveErrorMessage(sprintf(
315 t('Bookmark with identifier %s could not be found.'),
316 $id
317 ));
318
319 return $this->redirectFromReferer($request, $response, ['/pin'], ['pin']);
320 }
321
322 $formatter = $this->container->formatterFactory->getFormatter('raw');
323
324 $bookmark->setSticky(!$bookmark->isSticky());
325
326 // To preserve backward compatibility with 3rd parties, plugins still use arrays
327 $data = $formatter->format($bookmark);
328 $this->executePageHooks('save_link', $data);
329 $bookmark->fromArray($data);
330
331 $this->container->bookmarkService->set($bookmark);
332
333 return $this->redirectFromReferer($request, $response, ['/pin'], ['pin']);
334 }
335
336 /**
337 * Helper function used to display the shaare form whether it's a new or existing bookmark.
338 *
339 * @param array $link data used in template, either from parameters or from the data store
340 */
341 protected function displayForm(array $link, bool $isNew, Request $request, Response $response): Response
342 {
343 $tags = $this->container->bookmarkService->bookmarksCountPerTag();
344 if ($this->container->conf->get('formatter') === 'markdown') {
345 $tags[BookmarkMarkdownFormatter::NO_MD_TAG] = 1;
346 }
347
348 $data = [
349 'link' => $link,
350 'link_is_new' => $isNew,
351 'http_referer' => escape($this->container->environment['HTTP_REFERER'] ?? ''),
352 'source' => $request->getParam('source') ?? '',
353 'tags' => $tags,
354 'default_private_links' => $this->container->conf->get('privacy.default_private_links', false),
355 ];
356
357 $this->executePageHooks('render_editlink', $data, TemplatePage::EDIT_LINK);
358
359 foreach ($data as $key => $value) {
360 $this->assignView($key, $value);
361 }
362
363 $editLabel = false === $isNew ? t('Edit') .' ' : '';
364 $this->assignView(
365 'pagetitle',
366 $editLabel . t('Shaare') .' - '. $this->container->conf->get('general.title', 'Shaarli')
367 );
368
369 return $response->write($this->render(TemplatePage::EDIT_LINK));
370 }
371}
diff --git a/application/front/controller/admin/ManageTagController.php b/application/front/controller/admin/ManageTagController.php
new file mode 100644
index 00000000..0380ef1f
--- /dev/null
+++ b/application/front/controller/admin/ManageTagController.php
@@ -0,0 +1,88 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Front\Controller\Admin;
6
7use Shaarli\Bookmark\BookmarkFilter;
8use Shaarli\Render\TemplatePage;
9use Slim\Http\Request;
10use Slim\Http\Response;
11
12/**
13 * Class ManageTagController
14 *
15 * Slim controller used to handle Shaarli manage tags page (rename and delete tags).
16 */
17class ManageTagController extends ShaarliAdminController
18{
19 /**
20 * GET /admin/tags - Displays the manage tags page
21 */
22 public function index(Request $request, Response $response): Response
23 {
24 $fromTag = $request->getParam('fromtag') ?? '';
25
26 $this->assignView('fromtag', escape($fromTag));
27 $this->assignView(
28 'pagetitle',
29 t('Manage tags') .' - '. $this->container->conf->get('general.title', 'Shaarli')
30 );
31
32 return $response->write($this->render(TemplatePage::CHANGE_TAG));
33 }
34
35 /**
36 * POST /admin/tags - Update or delete provided tag
37 */
38 public function save(Request $request, Response $response): Response
39 {
40 $this->checkToken($request);
41
42 $isDelete = null !== $request->getParam('deletetag') && null === $request->getParam('renametag');
43
44 $fromTag = escape(trim($request->getParam('fromtag') ?? ''));
45 $toTag = escape(trim($request->getParam('totag') ?? ''));
46
47 if (0 === strlen($fromTag) || false === $isDelete && 0 === strlen($toTag)) {
48 $this->saveWarningMessage(t('Invalid tags provided.'));
49
50 return $this->redirect($response, '/admin/tags');
51 }
52
53 // TODO: move this to bookmark service
54 $count = 0;
55 $bookmarks = $this->container->bookmarkService->search(['searchtags' => $fromTag], BookmarkFilter::$ALL, true);
56 foreach ($bookmarks as $bookmark) {
57 if (false === $isDelete) {
58 $bookmark->renameTag($fromTag, $toTag);
59 } else {
60 $bookmark->deleteTag($fromTag);
61 }
62
63 $this->container->bookmarkService->set($bookmark, false);
64 $this->container->history->updateLink($bookmark);
65 $count++;
66 }
67
68 $this->container->bookmarkService->save();
69
70 if (true === $isDelete) {
71 $alert = sprintf(
72 t('The tag was removed from %d bookmark.', 'The tag was removed from %d bookmarks.', $count),
73 $count
74 );
75 } else {
76 $alert = sprintf(
77 t('The tag was renamed in %d bookmark.', 'The tag was renamed in %d bookmarks.', $count),
78 $count
79 );
80 }
81
82 $this->saveSuccessMessage($alert);
83
84 $redirect = true === $isDelete ? '/admin/tags' : '/?searchtags='. urlencode($toTag);
85
86 return $this->redirect($response, $redirect);
87 }
88}
diff --git a/application/front/controller/admin/PasswordController.php b/application/front/controller/admin/PasswordController.php
new file mode 100644
index 00000000..5ec0d24b
--- /dev/null
+++ b/application/front/controller/admin/PasswordController.php
@@ -0,0 +1,101 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Front\Controller\Admin;
6
7use Shaarli\Container\ShaarliContainer;
8use Shaarli\Front\Exception\OpenShaarliPasswordException;
9use Shaarli\Front\Exception\ShaarliFrontException;
10use Shaarli\Render\TemplatePage;
11use Slim\Http\Request;
12use Slim\Http\Response;
13use Throwable;
14
15/**
16 * Class PasswordController
17 *
18 * Slim controller used to handle passwords update.
19 */
20class PasswordController extends ShaarliAdminController
21{
22 public function __construct(ShaarliContainer $container)
23 {
24 parent::__construct($container);
25
26 $this->assignView(
27 'pagetitle',
28 t('Change password') .' - '. $this->container->conf->get('general.title', 'Shaarli')
29 );
30 }
31
32 /**
33 * GET /admin/password - Displays the change password template
34 */
35 public function index(Request $request, Response $response): Response
36 {
37 return $response->write($this->render(TemplatePage::CHANGE_PASSWORD));
38 }
39
40 /**
41 * POST /admin/password - Change admin password - existing and new passwords need to be provided.
42 */
43 public function change(Request $request, Response $response): Response
44 {
45 $this->checkToken($request);
46
47 if ($this->container->conf->get('security.open_shaarli', false)) {
48 throw new OpenShaarliPasswordException();
49 }
50
51 $oldPassword = $request->getParam('oldpassword');
52 $newPassword = $request->getParam('setpassword');
53
54 if (empty($newPassword) || empty($oldPassword)) {
55 $this->saveErrorMessage(t('You must provide the current and new password to change it.'));
56
57 return $response
58 ->withStatus(400)
59 ->write($this->render(TemplatePage::CHANGE_PASSWORD))
60 ;
61 }
62
63 // Make sure old password is correct.
64 $oldHash = sha1(
65 $oldPassword .
66 $this->container->conf->get('credentials.login') .
67 $this->container->conf->get('credentials.salt')
68 );
69
70 if ($oldHash !== $this->container->conf->get('credentials.hash')) {
71 $this->saveErrorMessage(t('The old password is not correct.'));
72
73 return $response
74 ->withStatus(400)
75 ->write($this->render(TemplatePage::CHANGE_PASSWORD))
76 ;
77 }
78
79 // Save new password
80 // Salt renders rainbow-tables attacks useless.
81 $this->container->conf->set('credentials.salt', sha1(uniqid('', true) .'_'. mt_rand()));
82 $this->container->conf->set(
83 'credentials.hash',
84 sha1(
85 $newPassword
86 . $this->container->conf->get('credentials.login')
87 . $this->container->conf->get('credentials.salt')
88 )
89 );
90
91 try {
92 $this->container->conf->write($this->container->loginManager->isLoggedIn());
93 } catch (Throwable $e) {
94 throw new ShaarliFrontException($e->getMessage(), 500, $e);
95 }
96
97 $this->saveSuccessMessage(t('Your password has been changed'));
98
99 return $response->write($this->render(TemplatePage::CHANGE_PASSWORD));
100 }
101}
diff --git a/application/front/controller/admin/PluginsController.php b/application/front/controller/admin/PluginsController.php
new file mode 100644
index 00000000..0e09116e
--- /dev/null
+++ b/application/front/controller/admin/PluginsController.php
@@ -0,0 +1,84 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Front\Controller\Admin;
6
7use Exception;
8use Shaarli\Render\TemplatePage;
9use Slim\Http\Request;
10use Slim\Http\Response;
11
12/**
13 * Class PluginsController
14 *
15 * Slim controller used to handle Shaarli plugins configuration page (display + save new config).
16 */
17class PluginsController extends ShaarliAdminController
18{
19 /**
20 * GET /admin/plugins - Displays the configuration page
21 */
22 public function index(Request $request, Response $response): Response
23 {
24 $pluginMeta = $this->container->pluginManager->getPluginsMeta();
25
26 // Split plugins into 2 arrays: ordered enabled plugins and disabled.
27 $enabledPlugins = array_filter($pluginMeta, function ($v) {
28 return ($v['order'] ?? false) !== false;
29 });
30 $enabledPlugins = load_plugin_parameter_values($enabledPlugins, $this->container->conf->get('plugins', []));
31 uasort(
32 $enabledPlugins,
33 function ($a, $b) {
34 return $a['order'] - $b['order'];
35 }
36 );
37 $disabledPlugins = array_filter($pluginMeta, function ($v) {
38 return ($v['order'] ?? false) === false;
39 });
40
41 $this->assignView('enabledPlugins', $enabledPlugins);
42 $this->assignView('disabledPlugins', $disabledPlugins);
43 $this->assignView(
44 'pagetitle',
45 t('Plugin Administration') .' - '. $this->container->conf->get('general.title', 'Shaarli')
46 );
47
48 return $response->write($this->render(TemplatePage::PLUGINS_ADMIN));
49 }
50
51 /**
52 * POST /admin/plugins - Update Shaarli's configuration
53 */
54 public function save(Request $request, Response $response): Response
55 {
56 $this->checkToken($request);
57
58 try {
59 $parameters = $request->getParams() ?? [];
60
61 $this->executePageHooks('save_plugin_parameters', $parameters);
62
63 if (isset($parameters['parameters_form'])) {
64 unset($parameters['parameters_form']);
65 foreach ($parameters as $param => $value) {
66 $this->container->conf->set('plugins.'. $param, escape($value));
67 }
68 } else {
69 $this->container->conf->set('general.enabled_plugins', save_plugin_config($parameters));
70 }
71
72 $this->container->conf->write($this->container->loginManager->isLoggedIn());
73 $this->container->history->updateSettings();
74
75 $this->saveSuccessMessage(t('Setting successfully saved.'));
76 } catch (Exception $e) {
77 $this->saveErrorMessage(
78 t('Error while saving plugin configuration: ') . PHP_EOL . $e->getMessage()
79 );
80 }
81
82 return $this->redirect($response, '/admin/plugins');
83 }
84}
diff --git a/application/front/controller/admin/SessionFilterController.php b/application/front/controller/admin/SessionFilterController.php
new file mode 100644
index 00000000..d9a7a2e0
--- /dev/null
+++ b/application/front/controller/admin/SessionFilterController.php
@@ -0,0 +1,50 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Front\Controller\Admin;
6
7use Shaarli\Bookmark\BookmarkFilter;
8use Shaarli\Security\SessionManager;
9use Slim\Http\Request;
10use Slim\Http\Response;
11
12/**
13 * Class SessionFilterController
14 *
15 * Slim controller used to handle filters stored in the user session, such as visibility, etc.
16 */
17class SessionFilterController extends ShaarliAdminController
18{
19 /**
20 * GET /admin/visibility: allows to display only public or only private bookmarks in linklist
21 */
22 public function visibility(Request $request, Response $response, array $args): Response
23 {
24 if (false === $this->container->loginManager->isLoggedIn()) {
25 return $this->redirectFromReferer($request, $response, ['visibility']);
26 }
27
28 $newVisibility = $args['visibility'] ?? null;
29 if (false === in_array($newVisibility, [BookmarkFilter::$PRIVATE, BookmarkFilter::$PUBLIC], true)) {
30 $newVisibility = null;
31 }
32
33 $currentVisibility = $this->container->sessionManager->getSessionParameter(SessionManager::KEY_VISIBILITY);
34
35 // Visibility not set or not already expected value, set expected value, otherwise reset it
36 if ($newVisibility !== null && (null === $currentVisibility || $currentVisibility !== $newVisibility)) {
37 // See only public bookmarks
38 $this->container->sessionManager->setSessionParameter(
39 SessionManager::KEY_VISIBILITY,
40 $newVisibility
41 );
42 } else {
43 $this->container->sessionManager->deleteSessionParameter(SessionManager::KEY_VISIBILITY);
44 }
45
46 return $this->redirectFromReferer($request, $response, ['visibility']);
47 }
48
49
50}
diff --git a/application/front/controller/admin/ShaarliAdminController.php b/application/front/controller/admin/ShaarliAdminController.php
new file mode 100644
index 00000000..3b5939bb
--- /dev/null
+++ b/application/front/controller/admin/ShaarliAdminController.php
@@ -0,0 +1,73 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Front\Controller\Admin;
6
7use Shaarli\Container\ShaarliContainer;
8use Shaarli\Front\Controller\Visitor\ShaarliVisitorController;
9use Shaarli\Front\Exception\UnauthorizedException;
10use Shaarli\Front\Exception\WrongTokenException;
11use Shaarli\Security\SessionManager;
12use Slim\Http\Request;
13
14/**
15 * Class ShaarliAdminController
16 *
17 * All admin controllers (for logged in users) MUST extend this abstract class.
18 * It makes sure that the user is properly logged in, and otherwise throw an exception
19 * which will redirect to the login page.
20 *
21 * @package Shaarli\Front\Controller\Admin
22 */
23abstract class ShaarliAdminController extends ShaarliVisitorController
24{
25 /**
26 * Any persistent action to the config or data store must check the XSRF token validity.
27 */
28 protected function checkToken(Request $request): bool
29 {
30 if (!$this->container->sessionManager->checkToken($request->getParam('token'))) {
31 throw new WrongTokenException();
32 }
33
34 return true;
35 }
36
37 /**
38 * Save a SUCCESS message in user session, which will be displayed on any template page.
39 */
40 protected function saveSuccessMessage(string $message): void
41 {
42 $this->saveMessage(SessionManager::KEY_SUCCESS_MESSAGES, $message);
43 }
44
45 /**
46 * Save a WARNING message in user session, which will be displayed on any template page.
47 */
48 protected function saveWarningMessage(string $message): void
49 {
50 $this->saveMessage(SessionManager::KEY_WARNING_MESSAGES, $message);
51 }
52
53 /**
54 * Save an ERROR message in user session, which will be displayed on any template page.
55 */
56 protected function saveErrorMessage(string $message): void
57 {
58 $this->saveMessage(SessionManager::KEY_ERROR_MESSAGES, $message);
59 }
60
61 /**
62 * Use the sessionManager to save the provided message using the proper type.
63 *
64 * @param string $type successed/warnings/errors
65 */
66 protected function saveMessage(string $type, string $message): void
67 {
68 $messages = $this->container->sessionManager->getSessionParameter($type) ?? [];
69 $messages[] = $message;
70
71 $this->container->sessionManager->setSessionParameter($type, $messages);
72 }
73}
diff --git a/application/front/controller/admin/ThumbnailsController.php b/application/front/controller/admin/ThumbnailsController.php
new file mode 100644
index 00000000..81c87ed0
--- /dev/null
+++ b/application/front/controller/admin/ThumbnailsController.php
@@ -0,0 +1,65 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Front\Controller\Admin;
6
7use Shaarli\Bookmark\Exception\BookmarkNotFoundException;
8use Shaarli\Render\TemplatePage;
9use Slim\Http\Request;
10use Slim\Http\Response;
11
12/**
13 * Class ToolsController
14 *
15 * Slim controller used to handle thumbnails update.
16 */
17class ThumbnailsController extends ShaarliAdminController
18{
19 /**
20 * GET /admin/thumbnails - Display thumbnails update page
21 */
22 public function index(Request $request, Response $response): Response
23 {
24 $ids = [];
25 foreach ($this->container->bookmarkService->search() as $bookmark) {
26 // A note or not HTTP(S)
27 if ($bookmark->isNote() || !startsWith(strtolower($bookmark->getUrl()), 'http')) {
28 continue;
29 }
30
31 $ids[] = $bookmark->getId();
32 }
33
34 $this->assignView('ids', $ids);
35 $this->assignView(
36 'pagetitle',
37 t('Thumbnails update') .' - '. $this->container->conf->get('general.title', 'Shaarli')
38 );
39
40 return $response->write($this->render(TemplatePage::THUMBNAILS));
41 }
42
43 /**
44 * PATCH /admin/shaare/{id}/thumbnail-update - Route for AJAX calls
45 */
46 public function ajaxUpdate(Request $request, Response $response, array $args): Response
47 {
48 $id = $args['id'] ?? null;
49
50 if (false === ctype_digit($id)) {
51 return $response->withStatus(400);
52 }
53
54 try {
55 $bookmark = $this->container->bookmarkService->get($id);
56 } catch (BookmarkNotFoundException $e) {
57 return $response->withStatus(404);
58 }
59
60 $bookmark->setThumbnail($this->container->thumbnailer->get($bookmark->getUrl()));
61 $this->container->bookmarkService->set($bookmark);
62
63 return $response->withJson($this->container->formatterFactory->getFormatter('raw')->format($bookmark));
64 }
65}
diff --git a/application/front/controller/admin/TokenController.php b/application/front/controller/admin/TokenController.php
new file mode 100644
index 00000000..08d68d0a
--- /dev/null
+++ b/application/front/controller/admin/TokenController.php
@@ -0,0 +1,26 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Front\Controller\Admin;
6
7use Slim\Http\Request;
8use Slim\Http\Response;
9
10/**
11 * Class TokenController
12 *
13 * Endpoint used to retrieve a XSRF token. Useful for AJAX requests.
14 */
15class TokenController extends ShaarliAdminController
16{
17 /**
18 * GET /admin/token
19 */
20 public function getToken(Request $request, Response $response): Response
21 {
22 $response = $response->withHeader('Content-Type', 'text/plain');
23
24 return $response->write($this->container->sessionManager->generateToken());
25 }
26}
diff --git a/application/front/controller/admin/ToolsController.php b/application/front/controller/admin/ToolsController.php
new file mode 100644
index 00000000..a87f20d2
--- /dev/null
+++ b/application/front/controller/admin/ToolsController.php
@@ -0,0 +1,35 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Front\Controller\Admin;
6
7use Shaarli\Render\TemplatePage;
8use Slim\Http\Request;
9use Slim\Http\Response;
10
11/**
12 * Class ToolsController
13 *
14 * Slim controller used to display the tools page.
15 */
16class ToolsController extends ShaarliAdminController
17{
18 public function index(Request $request, Response $response): Response
19 {
20 $data = [
21 'pageabsaddr' => index_url($this->container->environment),
22 'sslenabled' => is_https($this->container->environment),
23 ];
24
25 $this->executePageHooks('render_tools', $data, TemplatePage::TOOLS);
26
27 foreach ($data as $key => $value) {
28 $this->assignView($key, $value);
29 }
30
31 $this->assignView('pagetitle', t('Tools') .' - '. $this->container->conf->get('general.title', 'Shaarli'));
32
33 return $response->write($this->render(TemplatePage::TOOLS));
34 }
35}
diff --git a/application/front/controller/visitor/BookmarkListController.php b/application/front/controller/visitor/BookmarkListController.php
new file mode 100644
index 00000000..2988bee6
--- /dev/null
+++ b/application/front/controller/visitor/BookmarkListController.php
@@ -0,0 +1,240 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Front\Controller\Visitor;
6
7use Shaarli\Bookmark\Bookmark;
8use Shaarli\Bookmark\Exception\BookmarkNotFoundException;
9use Shaarli\Legacy\LegacyController;
10use Shaarli\Legacy\UnknowLegacyRouteException;
11use Shaarli\Render\TemplatePage;
12use Shaarli\Thumbnailer;
13use Slim\Http\Request;
14use Slim\Http\Response;
15
16/**
17 * Class BookmarkListController
18 *
19 * Slim controller used to render the bookmark list, the home page of Shaarli.
20 * It also displays permalinks, and process legacy routes based on GET parameters.
21 */
22class BookmarkListController extends ShaarliVisitorController
23{
24 /**
25 * GET / - Displays the bookmark list, with optional filter parameters.
26 */
27 public function index(Request $request, Response $response): Response
28 {
29 $legacyResponse = $this->processLegacyController($request, $response);
30 if (null !== $legacyResponse) {
31 return $legacyResponse;
32 }
33
34 $formatter = $this->container->formatterFactory->getFormatter();
35 $formatter->addContextData('base_path', $this->container->basePath);
36
37 $searchTags = escape(normalize_spaces($request->getParam('searchtags') ?? ''));
38 $searchTerm = escape(normalize_spaces($request->getParam('searchterm') ?? ''));;
39
40 // Filter bookmarks according search parameters.
41 $visibility = $this->container->sessionManager->getSessionParameter('visibility');
42 $search = [
43 'searchtags' => $searchTags,
44 'searchterm' => $searchTerm,
45 ];
46 $linksToDisplay = $this->container->bookmarkService->search(
47 $search,
48 $visibility,
49 false,
50 !!$this->container->sessionManager->getSessionParameter('untaggedonly')
51 ) ?? [];
52
53 // ---- Handle paging.
54 $keys = [];
55 foreach ($linksToDisplay as $key => $value) {
56 $keys[] = $key;
57 }
58
59 $linksPerPage = $this->container->sessionManager->getSessionParameter('LINKS_PER_PAGE', 20) ?: 20;
60
61 // Select articles according to paging.
62 $pageCount = (int) ceil(count($keys) / $linksPerPage) ?: 1;
63 $page = (int) $request->getParam('page') ?? 1;
64 $page = $page < 1 ? 1 : $page;
65 $page = $page > $pageCount ? $pageCount : $page;
66
67 // Start index.
68 $i = ($page - 1) * $linksPerPage;
69 $end = $i + $linksPerPage;
70
71 $linkDisp = [];
72 $save = false;
73 while ($i < $end && $i < count($keys)) {
74 $save = $this->updateThumbnail($linksToDisplay[$keys[$i]], false) || $save;
75 $link = $formatter->format($linksToDisplay[$keys[$i]]);
76
77 $linkDisp[$keys[$i]] = $link;
78 $i++;
79 }
80
81 if ($save) {
82 $this->container->bookmarkService->save();
83 }
84
85 // Compute paging navigation
86 $searchtagsUrl = $searchTags === '' ? '' : '&searchtags=' . urlencode($searchTags);
87 $searchtermUrl = $searchTerm === '' ? '' : '&searchterm=' . urlencode($searchTerm);
88
89 $previous_page_url = '';
90 if ($i !== count($keys)) {
91 $previous_page_url = '?page=' . ($page + 1) . $searchtermUrl . $searchtagsUrl;
92 }
93 $next_page_url = '';
94 if ($page > 1) {
95 $next_page_url = '?page=' . ($page - 1) . $searchtermUrl . $searchtagsUrl;
96 }
97
98 // Fill all template fields.
99 $data = array_merge(
100 $this->initializeTemplateVars(),
101 [
102 'previous_page_url' => $previous_page_url,
103 'next_page_url' => $next_page_url,
104 'page_current' => $page,
105 'page_max' => $pageCount,
106 'result_count' => count($linksToDisplay),
107 'search_term' => $searchTerm,
108 'search_tags' => $searchTags,
109 'visibility' => $visibility,
110 'links' => $linkDisp,
111 ]
112 );
113
114 if (!empty($searchTerm) || !empty($searchTags)) {
115 $data['pagetitle'] = t('Search: ');
116 $data['pagetitle'] .= ! empty($searchTerm) ? $searchTerm . ' ' : '';
117 $bracketWrap = function ($tag) {
118 return '[' . $tag . ']';
119 };
120 $data['pagetitle'] .= ! empty($searchTags)
121 ? implode(' ', array_map($bracketWrap, preg_split('/\s+/', $searchTags))) . ' '
122 : '';
123 $data['pagetitle'] .= '- ';
124 }
125
126 $data['pagetitle'] = ($data['pagetitle'] ?? '') . $this->container->conf->get('general.title', 'Shaarli');
127
128 $this->executePageHooks('render_linklist', $data, TemplatePage::LINKLIST);
129 $this->assignAllView($data);
130
131 return $response->write($this->render(TemplatePage::LINKLIST));
132 }
133
134 /**
135 * GET /shaare/{hash} - Display a single shaare
136 */
137 public function permalink(Request $request, Response $response, array $args): Response
138 {
139 try {
140 $bookmark = $this->container->bookmarkService->findByHash($args['hash']);
141 } catch (BookmarkNotFoundException $e) {
142 $this->assignView('error_message', $e->getMessage());
143
144 return $response->write($this->render(TemplatePage::ERROR_404));
145 }
146
147 $this->updateThumbnail($bookmark);
148
149 $formatter = $this->container->formatterFactory->getFormatter();
150 $formatter->addContextData('base_path', $this->container->basePath);
151
152 $data = array_merge(
153 $this->initializeTemplateVars(),
154 [
155 'pagetitle' => $bookmark->getTitle() .' - '. $this->container->conf->get('general.title', 'Shaarli'),
156 'links' => [$formatter->format($bookmark)],
157 ]
158 );
159
160 $this->executePageHooks('render_linklist', $data, TemplatePage::LINKLIST);
161 $this->assignAllView($data);
162
163 return $response->write($this->render(TemplatePage::LINKLIST));
164 }
165
166 /**
167 * Update the thumbnail of a single bookmark if necessary.
168 */
169 protected function updateThumbnail(Bookmark $bookmark, bool $writeDatastore = true): bool
170 {
171 // Logged in, thumbnails enabled, not a note, is HTTP
172 // and (never retrieved yet or no valid cache file)
173 if ($this->container->loginManager->isLoggedIn()
174 && $this->container->conf->get('thumbnails.mode', Thumbnailer::MODE_NONE) !== Thumbnailer::MODE_NONE
175 && false !== $bookmark->getThumbnail()
176 && !$bookmark->isNote()
177 && (null === $bookmark->getThumbnail() || !is_file($bookmark->getThumbnail()))
178 && startsWith(strtolower($bookmark->getUrl()), 'http')
179 ) {
180 $bookmark->setThumbnail($this->container->thumbnailer->get($bookmark->getUrl()));
181 $this->container->bookmarkService->set($bookmark, $writeDatastore);
182
183 return true;
184 }
185
186 return false;
187 }
188
189 /**
190 * @return string[] Default template variables without values.
191 */
192 protected function initializeTemplateVars(): array
193 {
194 return [
195 'previous_page_url' => '',
196 'next_page_url' => '',
197 'page_max' => '',
198 'search_tags' => '',
199 'result_count' => '',
200 ];
201 }
202
203 /**
204 * Process legacy routes if necessary. They used query parameters.
205 * If no legacy routes is passed, return null.
206 */
207 protected function processLegacyController(Request $request, Response $response): ?Response
208 {
209 // Legacy smallhash filter
210 $queryString = $this->container->environment['QUERY_STRING'] ?? null;
211 if (null !== $queryString && 1 === preg_match('/^([a-zA-Z0-9-_@]{6})($|&|#)/', $queryString, $match)) {
212 return $this->redirect($response, '/shaare/' . $match[1]);
213 }
214
215 // Legacy controllers (mostly used for redirections)
216 if (null !== $request->getQueryParam('do')) {
217 $legacyController = new LegacyController($this->container);
218
219 try {
220 return $legacyController->process($request, $response, $request->getQueryParam('do'));
221 } catch (UnknowLegacyRouteException $e) {
222 // We ignore legacy 404
223 return null;
224 }
225 }
226
227 // Legacy GET admin routes
228 $legacyGetRoutes = array_intersect(
229 LegacyController::LEGACY_GET_ROUTES,
230 array_keys($request->getQueryParams() ?? [])
231 );
232 if (1 === count($legacyGetRoutes)) {
233 $legacyController = new LegacyController($this->container);
234
235 return $legacyController->process($request, $response, $legacyGetRoutes[0]);
236 }
237
238 return null;
239 }
240}
diff --git a/application/front/controller/visitor/DailyController.php b/application/front/controller/visitor/DailyController.php
new file mode 100644
index 00000000..54a4778f
--- /dev/null
+++ b/application/front/controller/visitor/DailyController.php
@@ -0,0 +1,192 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Front\Controller\Visitor;
6
7use DateTime;
8use DateTimeImmutable;
9use Shaarli\Bookmark\Bookmark;
10use Shaarli\Render\TemplatePage;
11use Slim\Http\Request;
12use Slim\Http\Response;
13
14/**
15 * Class DailyController
16 *
17 * Slim controller used to render the daily page.
18 */
19class DailyController extends ShaarliVisitorController
20{
21 public static $DAILY_RSS_NB_DAYS = 8;
22
23 /**
24 * Controller displaying all bookmarks published in a single day.
25 * It take a `day` date query parameter (format YYYYMMDD).
26 */
27 public function index(Request $request, Response $response): Response
28 {
29 $day = $request->getQueryParam('day') ?? date('Ymd');
30
31 $availableDates = $this->container->bookmarkService->days();
32 $nbAvailableDates = count($availableDates);
33 $index = array_search($day, $availableDates);
34
35 if ($index === false) {
36 // no bookmarks for day, but at least one day with bookmarks
37 $day = $availableDates[$nbAvailableDates - 1] ?? $day;
38 $previousDay = $availableDates[$nbAvailableDates - 2] ?? '';
39 } else {
40 $previousDay = $availableDates[$index - 1] ?? '';
41 $nextDay = $availableDates[$index + 1] ?? '';
42 }
43
44 if ($day === date('Ymd')) {
45 $this->assignView('dayDesc', t('Today'));
46 } elseif ($day === date('Ymd', strtotime('-1 days'))) {
47 $this->assignView('dayDesc', t('Yesterday'));
48 }
49
50 try {
51 $linksToDisplay = $this->container->bookmarkService->filterDay($day);
52 } catch (\Exception $exc) {
53 $linksToDisplay = [];
54 }
55
56 $formatter = $this->container->formatterFactory->getFormatter();
57 $formatter->addContextData('base_path', $this->container->basePath);
58 // We pre-format some fields for proper output.
59 foreach ($linksToDisplay as $key => $bookmark) {
60 $linksToDisplay[$key] = $formatter->format($bookmark);
61 // This page is a bit specific, we need raw description to calculate the length
62 $linksToDisplay[$key]['formatedDescription'] = $linksToDisplay[$key]['description'];
63 $linksToDisplay[$key]['description'] = $bookmark->getDescription();
64 }
65
66 $dayDate = DateTime::createFromFormat(Bookmark::LINK_DATE_FORMAT, $day.'_000000');
67 $data = [
68 'linksToDisplay' => $linksToDisplay,
69 'day' => $dayDate->getTimestamp(),
70 'dayDate' => $dayDate,
71 'previousday' => $previousDay ?? '',
72 'nextday' => $nextDay ?? '',
73 ];
74
75 // Hooks are called before column construction so that plugins don't have to deal with columns.
76 $this->executePageHooks('render_daily', $data, TemplatePage::DAILY);
77
78 $data['cols'] = $this->calculateColumns($data['linksToDisplay']);
79
80 $this->assignAllView($data);
81
82 $mainTitle = $this->container->conf->get('general.title', 'Shaarli');
83 $this->assignView(
84 'pagetitle',
85 t('Daily') .' - '. format_date($dayDate, false) . ' - ' . $mainTitle
86 );
87
88 return $response->write($this->render(TemplatePage::DAILY));
89 }
90
91 /**
92 * Daily RSS feed: 1 RSS entry per day giving all the bookmarks on that day.
93 * Gives the last 7 days (which have bookmarks).
94 * This RSS feed cannot be filtered and does not trigger plugins yet.
95 */
96 public function rss(Request $request, Response $response): Response
97 {
98 $response = $response->withHeader('Content-Type', 'application/rss+xml; charset=utf-8');
99
100 $pageUrl = page_url($this->container->environment);
101 $cache = $this->container->pageCacheManager->getCachePage($pageUrl);
102
103 $cached = $cache->cachedVersion();
104 if (!empty($cached)) {
105 return $response->write($cached);
106 }
107
108 $days = [];
109 foreach ($this->container->bookmarkService->search() as $bookmark) {
110 $day = $bookmark->getCreated()->format('Ymd');
111
112 // Stop iterating after DAILY_RSS_NB_DAYS entries
113 if (count($days) === static::$DAILY_RSS_NB_DAYS && !isset($days[$day])) {
114 break;
115 }
116
117 $days[$day][] = $bookmark;
118 }
119
120 // Build the RSS feed.
121 $indexUrl = escape(index_url($this->container->environment));
122
123 $formatter = $this->container->formatterFactory->getFormatter();
124 $formatter->addContextData('index_url', $indexUrl);
125
126 $dataPerDay = [];
127
128 /** @var Bookmark[] $bookmarks */
129 foreach ($days as $day => $bookmarks) {
130 $dayDatetime = DateTimeImmutable::createFromFormat(Bookmark::LINK_DATE_FORMAT, $day.'_000000');
131 $dataPerDay[$day] = [
132 'date' => $dayDatetime,
133 'date_rss' => $dayDatetime->format(DateTime::RSS),
134 'date_human' => format_date($dayDatetime, false, true),
135 'absolute_url' => $indexUrl . '/daily?day=' . $day,
136 'links' => [],
137 ];
138
139 foreach ($bookmarks as $key => $bookmark) {
140 $dataPerDay[$day]['links'][$key] = $formatter->format($bookmark);
141
142 // Make permalink URL absolute
143 if ($bookmark->isNote()) {
144 $dataPerDay[$day]['links'][$key]['url'] = $indexUrl . $bookmark->getUrl();
145 }
146 }
147 }
148
149 $this->assignView('title', $this->container->conf->get('general.title', 'Shaarli'));
150 $this->assignView('index_url', $indexUrl);
151 $this->assignView('page_url', $pageUrl);
152 $this->assignView('hide_timestamps', $this->container->conf->get('privacy.hide_timestamps', false));
153 $this->assignView('days', $dataPerDay);
154
155 $rssContent = $this->render(TemplatePage::DAILY_RSS);
156
157 $cache->cache($rssContent);
158
159 return $response->write($rssContent);
160 }
161
162 /**
163 * We need to spread the articles on 3 columns.
164 * did not want to use a JavaScript lib like http://masonry.desandro.com/
165 * so I manually spread entries with a simple method: I roughly evaluate the
166 * height of a div according to title and description length.
167 */
168 protected function calculateColumns(array $links): array
169 {
170 // Entries to display, for each column.
171 $columns = [[], [], []];
172 // Rough estimate of columns fill.
173 $fill = [0, 0, 0];
174 foreach ($links as $link) {
175 // Roughly estimate length of entry (by counting characters)
176 // Title: 30 chars = 1 line. 1 line is 30 pixels height.
177 // Description: 836 characters gives roughly 342 pixel height.
178 // This is not perfect, but it's usually OK.
179 $length = strlen($link['title'] ?? '') + (342 * strlen($link['description'] ?? '')) / 836;
180 if (! empty($link['thumbnail'])) {
181 $length += 100; // 1 thumbnails roughly takes 100 pixels height.
182 }
183 // Then put in column which is the less filled:
184 $smallest = min($fill); // find smallest value in array.
185 $index = array_search($smallest, $fill); // find index of this smallest value.
186 array_push($columns[$index], $link); // Put entry in this column.
187 $fill[$index] += $length;
188 }
189
190 return $columns;
191 }
192}
diff --git a/application/front/controller/visitor/ErrorController.php b/application/front/controller/visitor/ErrorController.php
new file mode 100644
index 00000000..10aa84c8
--- /dev/null
+++ b/application/front/controller/visitor/ErrorController.php
@@ -0,0 +1,45 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Front\Controller\Visitor;
6
7use Shaarli\Front\Exception\ShaarliFrontException;
8use Slim\Http\Request;
9use Slim\Http\Response;
10
11/**
12 * Controller used to render the error page, with a provided exception.
13 * It is actually used as a Slim error handler.
14 */
15class ErrorController extends ShaarliVisitorController
16{
17 public function __invoke(Request $request, Response $response, \Throwable $throwable): Response
18 {
19 // Unknown error encountered
20 $this->container->pageBuilder->reset();
21
22 if ($throwable instanceof ShaarliFrontException) {
23 // Functional error
24 $this->assignView('message', nl2br($throwable->getMessage()));
25
26 $response = $response->withStatus($throwable->getCode());
27 } else {
28 // Internal error (any other Throwable)
29 if ($this->container->conf->get('dev.debug', false)) {
30 $this->assignView('message', $throwable->getMessage());
31 $this->assignView(
32 'stacktrace',
33 nl2br(get_class($throwable) .': '. PHP_EOL . $throwable->getTraceAsString())
34 );
35 } else {
36 $this->assignView('message', t('An unexpected error occurred.'));
37 }
38
39 $response = $response->withStatus(500);
40 }
41
42
43 return $response->write($this->render('error'));
44 }
45}
diff --git a/application/front/controller/visitor/FeedController.php b/application/front/controller/visitor/FeedController.php
new file mode 100644
index 00000000..da2848c2
--- /dev/null
+++ b/application/front/controller/visitor/FeedController.php
@@ -0,0 +1,58 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Front\Controller\Visitor;
6
7use Shaarli\Feed\FeedBuilder;
8use Slim\Http\Request;
9use Slim\Http\Response;
10
11/**
12 * Class FeedController
13 *
14 * Slim controller handling ATOM and RSS feed.
15 */
16class FeedController extends ShaarliVisitorController
17{
18 public function atom(Request $request, Response $response): Response
19 {
20 return $this->processRequest(FeedBuilder::$FEED_ATOM, $request, $response);
21 }
22
23 public function rss(Request $request, Response $response): Response
24 {
25 return $this->processRequest(FeedBuilder::$FEED_RSS, $request, $response);
26 }
27
28 protected function processRequest(string $feedType, Request $request, Response $response): Response
29 {
30 $response = $response->withHeader('Content-Type', 'application/'. $feedType .'+xml; charset=utf-8');
31
32 $pageUrl = page_url($this->container->environment);
33 $cache = $this->container->pageCacheManager->getCachePage($pageUrl);
34
35 $cached = $cache->cachedVersion();
36 if (!empty($cached)) {
37 return $response->write($cached);
38 }
39
40 // Generate data.
41 $this->container->feedBuilder->setLocale(strtolower(setlocale(LC_COLLATE, 0)));
42 $this->container->feedBuilder->setHideDates($this->container->conf->get('privacy.hide_timestamps', false));
43 $this->container->feedBuilder->setUsePermalinks(
44 null !== $request->getParam('permalinks') || !$this->container->conf->get('feed.rss_permalinks')
45 );
46
47 $data = $this->container->feedBuilder->buildData($feedType, $request->getParams());
48
49 $this->executePageHooks('render_feed', $data, $feedType);
50 $this->assignAllView($data);
51
52 $content = $this->render('feed.'. $feedType);
53
54 $cache->cache($content);
55
56 return $response->write($content);
57 }
58}
diff --git a/application/front/controller/visitor/InstallController.php b/application/front/controller/visitor/InstallController.php
new file mode 100644
index 00000000..7cb32777
--- /dev/null
+++ b/application/front/controller/visitor/InstallController.php
@@ -0,0 +1,165 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Front\Controller\Visitor;
6
7use Shaarli\ApplicationUtils;
8use Shaarli\Container\ShaarliContainer;
9use Shaarli\Front\Exception\AlreadyInstalledException;
10use Shaarli\Front\Exception\ResourcePermissionException;
11use Shaarli\Languages;
12use Shaarli\Security\SessionManager;
13use Slim\Http\Request;
14use Slim\Http\Response;
15
16/**
17 * Slim controller used to render install page, and create initial configuration file.
18 */
19class InstallController extends ShaarliVisitorController
20{
21 public const SESSION_TEST_KEY = 'session_tested';
22 public const SESSION_TEST_VALUE = 'Working';
23
24 public function __construct(ShaarliContainer $container)
25 {
26 parent::__construct($container);
27
28 if (is_file($this->container->conf->getConfigFileExt())) {
29 throw new AlreadyInstalledException();
30 }
31 }
32
33 /**
34 * Display the install template page.
35 * Also test file permissions and sessions beforehand.
36 */
37 public function index(Request $request, Response $response): Response
38 {
39 // Before installation, we'll make sure that permissions are set properly, and sessions are working.
40 $this->checkPermissions();
41
42 if (static::SESSION_TEST_VALUE
43 !== $this->container->sessionManager->getSessionParameter(static::SESSION_TEST_KEY)
44 ) {
45 $this->container->sessionManager->setSessionParameter(static::SESSION_TEST_KEY, static::SESSION_TEST_VALUE);
46
47 return $this->redirect($response, '/install/session-test');
48 }
49
50 [$continents, $cities] = generateTimeZoneData(timezone_identifiers_list(), date_default_timezone_get());
51
52 $this->assignView('continents', $continents);
53 $this->assignView('cities', $cities);
54 $this->assignView('languages', Languages::getAvailableLanguages());
55
56 return $response->write($this->render('install'));
57 }
58
59 /**
60 * Route checking that the session parameter has been properly saved between two distinct requests.
61 * If the session parameter is preserved, redirect to install template page, otherwise displays error.
62 */
63 public function sessionTest(Request $request, Response $response): Response
64 {
65 // This part makes sure sessions works correctly.
66 // (Because on some hosts, session.save_path may not be set correctly,
67 // or we may not have write access to it.)
68 if (static::SESSION_TEST_VALUE
69 !== $this->container->sessionManager->getSessionParameter(static::SESSION_TEST_KEY)
70 ) {
71 // Step 2: Check if data in session is correct.
72 $msg = t(
73 '<pre>Sessions do not seem to work correctly on your server.<br>'.
74 'Make sure the variable "session.save_path" is set correctly in your PHP config, '.
75 'and that you have write access to it.<br>'.
76 'It currently points to %s.<br>'.
77 'On some browsers, accessing your server via a hostname like \'localhost\' '.
78 'or any custom hostname without a dot causes cookie storage to fail. '.
79 'We recommend accessing your server via it\'s IP address or Fully Qualified Domain Name.<br>'
80 );
81 $msg = sprintf($msg, $this->container->sessionManager->getSavePath());
82
83 $this->assignView('message', $msg);
84
85 return $response->write($this->render('error'));
86 }
87
88 return $this->redirect($response, '/install');
89 }
90
91 /**
92 * Save installation form and initialize config file and datastore if necessary.
93 */
94 public function save(Request $request, Response $response): Response
95 {
96 $timezone = 'UTC';
97 if (!empty($request->getParam('continent'))
98 && !empty($request->getParam('city'))
99 && isTimeZoneValid($request->getParam('continent'), $request->getParam('city'))
100 ) {
101 $timezone = $request->getParam('continent') . '/' . $request->getParam('city');
102 }
103 $this->container->conf->set('general.timezone', $timezone);
104
105 $login = $request->getParam('setlogin');
106 $this->container->conf->set('credentials.login', $login);
107 $salt = sha1(uniqid('', true) .'_'. mt_rand());
108 $this->container->conf->set('credentials.salt', $salt);
109 $this->container->conf->set('credentials.hash', sha1($request->getParam('setpassword') . $login . $salt));
110
111 if (!empty($request->getParam('title'))) {
112 $this->container->conf->set('general.title', escape($request->getParam('title')));
113 } else {
114 $this->container->conf->set(
115 'general.title',
116 'Shared bookmarks on '.escape(index_url($this->container->environment))
117 );
118 }
119
120 $this->container->conf->set('translation.language', escape($request->getParam('language')));
121 $this->container->conf->set('updates.check_updates', !empty($request->getParam('updateCheck')));
122 $this->container->conf->set('api.enabled', !empty($request->getParam('enableApi')));
123 $this->container->conf->set(
124 'api.secret',
125 generate_api_secret(
126 $this->container->conf->get('credentials.login'),
127 $this->container->conf->get('credentials.salt')
128 )
129 );
130 $this->container->conf->set('general.header_link', $this->container->basePath . '/');
131
132 try {
133 // Everything is ok, let's create config file.
134 $this->container->conf->write($this->container->loginManager->isLoggedIn());
135 } catch (\Exception $e) {
136 $this->assignView('message', t('Error while writing config file after configuration update.'));
137 $this->assignView('stacktrace', $e->getMessage() . PHP_EOL . $e->getTraceAsString());
138
139 return $response->write($this->render('error'));
140 }
141
142 $this->container->sessionManager->setSessionParameter(
143 SessionManager::KEY_SUCCESS_MESSAGES,
144 [t('Shaarli is now configured. Please login and start shaaring your bookmarks!')]
145 );
146
147 return $this->redirect($response, '/login');
148 }
149
150 protected function checkPermissions(): bool
151 {
152 // Ensure Shaarli has proper access to its resources
153 $errors = ApplicationUtils::checkResourcePermissions($this->container->conf);
154 if (empty($errors)) {
155 return true;
156 }
157
158 $message = t('Insufficient permissions:') . PHP_EOL;
159 foreach ($errors as $error) {
160 $message .= PHP_EOL . $error;
161 }
162
163 throw new ResourcePermissionException($message);
164 }
165}
diff --git a/application/front/controller/visitor/LoginController.php b/application/front/controller/visitor/LoginController.php
new file mode 100644
index 00000000..121ba40b
--- /dev/null
+++ b/application/front/controller/visitor/LoginController.php
@@ -0,0 +1,154 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Front\Controller\Visitor;
6
7use Shaarli\Front\Exception\CantLoginException;
8use Shaarli\Front\Exception\LoginBannedException;
9use Shaarli\Front\Exception\WrongTokenException;
10use Shaarli\Render\TemplatePage;
11use Shaarli\Security\CookieManager;
12use Shaarli\Security\SessionManager;
13use Slim\Http\Request;
14use Slim\Http\Response;
15
16/**
17 * Class LoginController
18 *
19 * Slim controller used to render the login page.
20 *
21 * The login page is not available if the user is banned
22 * or if open shaarli setting is enabled.
23 */
24class LoginController extends ShaarliVisitorController
25{
26 /**
27 * GET /login - Display the login page.
28 */
29 public function index(Request $request, Response $response): Response
30 {
31 try {
32 $this->checkLoginState();
33 } catch (CantLoginException $e) {
34 return $this->redirect($response, '/');
35 }
36
37 if ($request->getParam('login') !== null) {
38 $this->assignView('username', escape($request->getParam('login')));
39 }
40
41 $returnUrl = $request->getParam('returnurl') ?? $this->container->environment['HTTP_REFERER'] ?? null;
42
43 $this
44 ->assignView('returnurl', escape($returnUrl))
45 ->assignView('remember_user_default', $this->container->conf->get('privacy.remember_user_default', true))
46 ->assignView('pagetitle', t('Login') .' - '. $this->container->conf->get('general.title', 'Shaarli'))
47 ;
48
49 return $response->write($this->render(TemplatePage::LOGIN));
50 }
51
52 /**
53 * POST /login - Process login
54 */
55 public function login(Request $request, Response $response): Response
56 {
57 if (!$this->container->sessionManager->checkToken($request->getParam('token'))) {
58 throw new WrongTokenException();
59 }
60
61 try {
62 $this->checkLoginState();
63 } catch (CantLoginException $e) {
64 return $this->redirect($response, '/');
65 }
66
67 if (!$this->container->loginManager->checkCredentials(
68 $this->container->environment['REMOTE_ADDR'],
69 client_ip_id($this->container->environment),
70 $request->getParam('login'),
71 $request->getParam('password')
72 )
73 ) {
74 $this->container->loginManager->handleFailedLogin($this->container->environment);
75
76 $this->container->sessionManager->setSessionParameter(
77 SessionManager::KEY_ERROR_MESSAGES,
78 [t('Wrong login/password.')]
79 );
80
81 // Call controller directly instead of unnecessary redirection
82 return $this->index($request, $response);
83 }
84
85 $this->container->loginManager->handleSuccessfulLogin($this->container->environment);
86
87 $cookiePath = $this->container->basePath . '/';
88 $expirationTime = $this->saveLongLastingSession($request, $cookiePath);
89 $this->renewUserSession($cookiePath, $expirationTime);
90
91 // Force referer from given return URL
92 $this->container->environment['HTTP_REFERER'] = $request->getParam('returnurl');
93
94 return $this->redirectFromReferer($request, $response, ['login', 'install']);
95 }
96
97 /**
98 * Make sure that the user is allowed to login and/or displaying the login page:
99 * - not already logged in
100 * - not open shaarli
101 * - not banned
102 */
103 protected function checkLoginState(): bool
104 {
105 if ($this->container->loginManager->isLoggedIn()
106 || $this->container->conf->get('security.open_shaarli', false)
107 ) {
108 throw new CantLoginException();
109 }
110
111 if (true !== $this->container->loginManager->canLogin($this->container->environment)) {
112 throw new LoginBannedException();
113 }
114
115 return true;
116 }
117
118 /**
119 * @return int Session duration in seconds
120 */
121 protected function saveLongLastingSession(Request $request, string $cookiePath): int
122 {
123 if (empty($request->getParam('longlastingsession'))) {
124 // Standard session expiration (=when browser closes)
125 $expirationTime = 0;
126 } else {
127 // Keep the session cookie even after the browser closes
128 $this->container->sessionManager->setStaySignedIn(true);
129 $expirationTime = $this->container->sessionManager->extendSession();
130 }
131
132 $this->container->cookieManager->setCookieParameter(
133 CookieManager::STAY_SIGNED_IN,
134 $this->container->loginManager->getStaySignedInToken(),
135 $expirationTime,
136 $cookiePath
137 );
138
139 return $expirationTime;
140 }
141
142 protected function renewUserSession(string $cookiePath, int $expirationTime): void
143 {
144 // Send cookie with the new expiration date to the browser
145 $this->container->sessionManager->destroy();
146 $this->container->sessionManager->cookieParameters(
147 $expirationTime,
148 $cookiePath,
149 $this->container->environment['SERVER_NAME']
150 );
151 $this->container->sessionManager->start();
152 $this->container->sessionManager->regenerateId(true);
153 }
154}
diff --git a/application/front/controller/visitor/OpenSearchController.php b/application/front/controller/visitor/OpenSearchController.php
new file mode 100644
index 00000000..36d60acf
--- /dev/null
+++ b/application/front/controller/visitor/OpenSearchController.php
@@ -0,0 +1,27 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Front\Controller\Visitor;
6
7use Shaarli\Render\TemplatePage;
8use Slim\Http\Request;
9use Slim\Http\Response;
10
11/**
12 * Class OpenSearchController
13 *
14 * Slim controller used to render open search template.
15 * This allows to add Shaarli as a search engine within the browser.
16 */
17class OpenSearchController extends ShaarliVisitorController
18{
19 public function index(Request $request, Response $response): Response
20 {
21 $response = $response->withHeader('Content-Type', 'application/opensearchdescription+xml; charset=utf-8');
22
23 $this->assignView('serverurl', index_url($this->container->environment));
24
25 return $response->write($this->render(TemplatePage::OPEN_SEARCH));
26 }
27}
diff --git a/application/front/controller/visitor/PictureWallController.php b/application/front/controller/visitor/PictureWallController.php
new file mode 100644
index 00000000..3c57f8dd
--- /dev/null
+++ b/application/front/controller/visitor/PictureWallController.php
@@ -0,0 +1,54 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Front\Controller\Visitor;
6
7use Shaarli\Front\Exception\ThumbnailsDisabledException;
8use Shaarli\Render\TemplatePage;
9use Shaarli\Thumbnailer;
10use Slim\Http\Request;
11use Slim\Http\Response;
12
13/**
14 * Class PicturesWallController
15 *
16 * Slim controller used to render the pictures wall page.
17 * If thumbnails mode is set to NONE, we just render the template without any image.
18 */
19class PictureWallController extends ShaarliVisitorController
20{
21 public function index(Request $request, Response $response): Response
22 {
23 if ($this->container->conf->get('thumbnails.mode', Thumbnailer::MODE_NONE) === Thumbnailer::MODE_NONE) {
24 throw new ThumbnailsDisabledException();
25 }
26
27 $this->assignView(
28 'pagetitle',
29 t('Picture wall') .' - '. $this->container->conf->get('general.title', 'Shaarli')
30 );
31
32 // Optionally filter the results:
33 $links = $this->container->bookmarkService->search($request->getQueryParams());
34 $linksToDisplay = [];
35
36 // Get only bookmarks which have a thumbnail.
37 // Note: we do not retrieve thumbnails here, the request is too heavy.
38 $formatter = $this->container->formatterFactory->getFormatter('raw');
39 foreach ($links as $key => $link) {
40 if (!empty($link->getThumbnail())) {
41 $linksToDisplay[] = $formatter->format($link);
42 }
43 }
44
45 $data = ['linksToDisplay' => $linksToDisplay];
46 $this->executePageHooks('render_picwall', $data, TemplatePage::PICTURE_WALL);
47
48 foreach ($data as $key => $value) {
49 $this->assignView($key, $value);
50 }
51
52 return $response->write($this->render(TemplatePage::PICTURE_WALL));
53 }
54}
diff --git a/application/front/controller/visitor/PublicSessionFilterController.php b/application/front/controller/visitor/PublicSessionFilterController.php
new file mode 100644
index 00000000..1a66362d
--- /dev/null
+++ b/application/front/controller/visitor/PublicSessionFilterController.php
@@ -0,0 +1,46 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Front\Controller\Visitor;
6
7use Shaarli\Security\SessionManager;
8use Slim\Http\Request;
9use Slim\Http\Response;
10
11/**
12 * Slim controller used to handle filters stored in the visitor session, links per page, etc.
13 */
14class PublicSessionFilterController extends ShaarliVisitorController
15{
16 /**
17 * GET /links-per-page: set the number of bookmarks to display per page in homepage
18 */
19 public function linksPerPage(Request $request, Response $response): Response
20 {
21 $linksPerPage = $request->getParam('nb') ?? null;
22 if (null === $linksPerPage || false === is_numeric($linksPerPage)) {
23 $linksPerPage = $this->container->conf->get('general.links_per_page', 20);
24 }
25
26 $this->container->sessionManager->setSessionParameter(
27 SessionManager::KEY_LINKS_PER_PAGE,
28 abs(intval($linksPerPage))
29 );
30
31 return $this->redirectFromReferer($request, $response, ['linksperpage'], ['nb']);
32 }
33
34 /**
35 * GET /untagged-only: allows to display only bookmarks without any tag
36 */
37 public function untaggedOnly(Request $request, Response $response): Response
38 {
39 $this->container->sessionManager->setSessionParameter(
40 SessionManager::KEY_UNTAGGED_ONLY,
41 empty($this->container->sessionManager->getSessionParameter(SessionManager::KEY_UNTAGGED_ONLY))
42 );
43
44 return $this->redirectFromReferer($request, $response, ['untaggedonly', 'untagged-only']);
45 }
46}
diff --git a/application/front/controller/visitor/ShaarliVisitorController.php b/application/front/controller/visitor/ShaarliVisitorController.php
new file mode 100644
index 00000000..47057d97
--- /dev/null
+++ b/application/front/controller/visitor/ShaarliVisitorController.php
@@ -0,0 +1,170 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Front\Controller\Visitor;
6
7use Shaarli\Bookmark\BookmarkFilter;
8use Shaarli\Container\ShaarliContainer;
9use Slim\Http\Request;
10use Slim\Http\Response;
11
12/**
13 * Class ShaarliVisitorController
14 *
15 * All controllers accessible by visitors (non logged in users) should extend this abstract class.
16 * Contains a few helper function for template rendering, plugins, etc.
17 *
18 * @package Shaarli\Front\Controller\Visitor
19 */
20abstract class ShaarliVisitorController
21{
22 /** @var ShaarliContainer */
23 protected $container;
24
25 /** @param ShaarliContainer $container Slim container (extended for attribute completion). */
26 public function __construct(ShaarliContainer $container)
27 {
28 $this->container = $container;
29 }
30
31 /**
32 * Assign variables to RainTPL template through the PageBuilder.
33 *
34 * @param mixed $value Value to assign to the template
35 */
36 protected function assignView(string $name, $value): self
37 {
38 $this->container->pageBuilder->assign($name, $value);
39
40 return $this;
41 }
42
43 /**
44 * Assign variables to RainTPL template through the PageBuilder.
45 *
46 * @param mixed $data Values to assign to the template and their keys
47 */
48 protected function assignAllView(array $data): self
49 {
50 foreach ($data as $key => $value) {
51 $this->assignView($key, $value);
52 }
53
54 return $this;
55 }
56
57 protected function render(string $template): string
58 {
59 $this->assignView('linkcount', $this->container->bookmarkService->count(BookmarkFilter::$ALL));
60 $this->assignView('privateLinkcount', $this->container->bookmarkService->count(BookmarkFilter::$PRIVATE));
61 $this->assignView('plugin_errors', $this->container->pluginManager->getErrors());
62
63 $this->executeDefaultHooks($template);
64
65 return $this->container->pageBuilder->render($template, $this->container->basePath);
66 }
67
68 /**
69 * Call plugin hooks for header, footer and includes, specifying which page will be rendered.
70 * Then assign generated data to RainTPL.
71 */
72 protected function executeDefaultHooks(string $template): void
73 {
74 $common_hooks = [
75 'includes',
76 'header',
77 'footer',
78 ];
79
80 foreach ($common_hooks as $name) {
81 $pluginData = [];
82 $this->container->pluginManager->executeHooks(
83 'render_' . $name,
84 $pluginData,
85 [
86 'target' => $template,
87 'loggedin' => $this->container->loginManager->isLoggedIn(),
88 'basePath' => $this->container->basePath,
89 ]
90 );
91 $this->assignView('plugins_' . $name, $pluginData);
92 }
93 }
94
95 protected function executePageHooks(string $hook, array &$data, string $template = null): void
96 {
97 $params = [
98 'target' => $template,
99 'loggedin' => $this->container->loginManager->isLoggedIn(),
100 'basePath' => $this->container->basePath,
101 ];
102
103 $this->container->pluginManager->executeHooks(
104 $hook,
105 $data,
106 $params
107 );
108 }
109
110 /**
111 * Simple helper which prepend the base path to redirect path.
112 *
113 * @param Response $response
114 * @param string $path Absolute path, e.g.: `/`, or `/admin/shaare/123` regardless of install directory
115 *
116 * @return Response updated
117 */
118 protected function redirect(Response $response, string $path): Response
119 {
120 return $response->withRedirect($this->container->basePath . $path);
121 }
122
123 /**
124 * Generates a redirection to the previous page, based on the HTTP_REFERER.
125 * It fails back to the home page.
126 *
127 * @param array $loopTerms Terms to remove from path and query string to prevent direction loop.
128 * @param array $clearParams List of parameter to remove from the query string of the referrer.
129 */
130 protected function redirectFromReferer(
131 Request $request,
132 Response $response,
133 array $loopTerms = [],
134 array $clearParams = [],
135 string $anchor = null
136 ): Response {
137 $defaultPath = $this->container->basePath . '/';
138 $referer = $this->container->environment['HTTP_REFERER'] ?? null;
139
140 if (null !== $referer) {
141 $currentUrl = parse_url($referer);
142 parse_str($currentUrl['query'] ?? '', $params);
143 $path = $currentUrl['path'] ?? $defaultPath;
144 } else {
145 $params = [];
146 $path = $defaultPath;
147 }
148
149 // Prevent redirection loop
150 if (isset($currentUrl)) {
151 foreach ($clearParams as $value) {
152 unset($params[$value]);
153 }
154
155 $checkQuery = implode('', array_keys($params));
156 foreach ($loopTerms as $value) {
157 if (strpos($path . $checkQuery, $value) !== false) {
158 $params = [];
159 $path = $defaultPath;
160 break;
161 }
162 }
163 }
164
165 $queryString = count($params) > 0 ? '?'. http_build_query($params) : '';
166 $anchor = $anchor ? '#' . $anchor : '';
167
168 return $response->withRedirect($path . $queryString . $anchor);
169 }
170}
diff --git a/application/front/controller/visitor/TagCloudController.php b/application/front/controller/visitor/TagCloudController.php
new file mode 100644
index 00000000..f9c529bc
--- /dev/null
+++ b/application/front/controller/visitor/TagCloudController.php
@@ -0,0 +1,113 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Front\Controller\Visitor;
6
7use Slim\Http\Request;
8use Slim\Http\Response;
9
10/**
11 * Class TagCloud
12 *
13 * Slim controller used to render the tag cloud and tag list pages.
14 */
15class TagCloudController extends ShaarliVisitorController
16{
17 protected const TYPE_CLOUD = 'cloud';
18 protected const TYPE_LIST = 'list';
19
20 /**
21 * Display the tag cloud through the template engine.
22 * This controller a few filters:
23 * - Visibility stored in the session for logged in users
24 * - `searchtags` query parameter: will return tags associated with filter in at least one bookmark
25 */
26 public function cloud(Request $request, Response $response): Response
27 {
28 return $this->processRequest(static::TYPE_CLOUD, $request, $response);
29 }
30
31 /**
32 * Display the tag list through the template engine.
33 * This controller a few filters:
34 * - Visibility stored in the session for logged in users
35 * - `searchtags` query parameter: will return tags associated with filter in at least one bookmark
36 * - `sort` query parameters:
37 * + `usage` (default): most used tags first
38 * + `alpha`: alphabetical order
39 */
40 public function list(Request $request, Response $response): Response
41 {
42 return $this->processRequest(static::TYPE_LIST, $request, $response);
43 }
44
45 /**
46 * Process the request for both tag cloud and tag list endpoints.
47 */
48 protected function processRequest(string $type, Request $request, Response $response): Response
49 {
50 if ($this->container->loginManager->isLoggedIn() === true) {
51 $visibility = $this->container->sessionManager->getSessionParameter('visibility');
52 }
53
54 $sort = $request->getQueryParam('sort');
55 $searchTags = $request->getQueryParam('searchtags');
56 $filteringTags = $searchTags !== null ? explode(' ', $searchTags) : [];
57
58 $tags = $this->container->bookmarkService->bookmarksCountPerTag($filteringTags, $visibility ?? null);
59
60 if (static::TYPE_CLOUD === $type || 'alpha' === $sort) {
61 // TODO: the sorting should be handled by bookmarkService instead of the controller
62 alphabetical_sort($tags, false, true);
63 }
64
65 if (static::TYPE_CLOUD === $type) {
66 $tags = $this->formatTagsForCloud($tags);
67 }
68
69 $searchTags = implode(' ', escape($filteringTags));
70 $data = [
71 'search_tags' => $searchTags,
72 'tags' => $tags,
73 ];
74 $this->executePageHooks('render_tag' . $type, $data, 'tag.' . $type);
75 $this->assignAllView($data);
76
77 $searchTags = !empty($searchTags) ? $searchTags .' - ' : '';
78 $this->assignView(
79 'pagetitle',
80 $searchTags . t('Tag '. $type) .' - '. $this->container->conf->get('general.title', 'Shaarli')
81 );
82
83 return $response->write($this->render('tag.' . $type));
84 }
85
86 /**
87 * Format the tags array for the tag cloud template.
88 *
89 * @param array<string, int> $tags List of tags as key with count as value
90 *
91 * @return mixed[] List of tags as key, with count and expected font size in a subarray
92 */
93 protected function formatTagsForCloud(array $tags): array
94 {
95 // We sort tags alphabetically, then choose a font size according to count.
96 // First, find max value.
97 $maxCount = count($tags) > 0 ? max($tags) : 0;
98 $logMaxCount = $maxCount > 1 ? log($maxCount, 30) : 1;
99 $tagList = [];
100 foreach ($tags as $key => $value) {
101 // Tag font size scaling:
102 // default 15 and 30 logarithm bases affect scaling,
103 // 2.2 and 0.8 are arbitrary font sizes in em.
104 $size = log($value, 15) / $logMaxCount * 2.2 + 0.8;
105 $tagList[$key] = [
106 'count' => $value,
107 'size' => number_format($size, 2, '.', ''),
108 ];
109 }
110
111 return $tagList;
112 }
113}
diff --git a/application/front/controller/visitor/TagController.php b/application/front/controller/visitor/TagController.php
new file mode 100644
index 00000000..de4e7ea2
--- /dev/null
+++ b/application/front/controller/visitor/TagController.php
@@ -0,0 +1,118 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Front\Controller\Visitor;
6
7use Slim\Http\Request;
8use Slim\Http\Response;
9
10/**
11 * Class TagController
12 *
13 * Slim controller handle tags.
14 */
15class TagController extends ShaarliVisitorController
16{
17 /**
18 * Add another tag in the current search through an HTTP redirection.
19 *
20 * @param array $args Should contain `newTag` key as tag to add to current search
21 */
22 public function addTag(Request $request, Response $response, array $args): Response
23 {
24 $newTag = $args['newTag'] ?? null;
25 $referer = $this->container->environment['HTTP_REFERER'] ?? null;
26
27 // In case browser does not send HTTP_REFERER, we search a single tag
28 if (null === $referer) {
29 if (null !== $newTag) {
30 return $this->redirect($response, '/?searchtags='. urlencode($newTag));
31 }
32
33 return $this->redirect($response, '/');
34 }
35
36 $currentUrl = parse_url($referer);
37 parse_str($currentUrl['query'] ?? '', $params);
38
39 if (null === $newTag) {
40 return $response->withRedirect(($currentUrl['path'] ?? './') .'?'. http_build_query($params));
41 }
42
43 // Prevent redirection loop
44 if (isset($params['addtag'])) {
45 unset($params['addtag']);
46 }
47
48 // Check if this tag is already in the search query and ignore it if it is.
49 // Each tag is always separated by a space
50 $currentTags = isset($params['searchtags']) ? explode(' ', $params['searchtags']) : [];
51
52 $addtag = true;
53 foreach ($currentTags as $value) {
54 if ($value === $newTag) {
55 $addtag = false;
56 break;
57 }
58 }
59
60 // Append the tag if necessary
61 if (true === $addtag) {
62 $currentTags[] = trim($newTag);
63 }
64
65 $params['searchtags'] = trim(implode(' ', $currentTags));
66
67 // We also remove page (keeping the same page has no sense, since the results are different)
68 unset($params['page']);
69
70 return $response->withRedirect(($currentUrl['path'] ?? './') .'?'. http_build_query($params));
71 }
72
73 /**
74 * Remove a tag from the current search through an HTTP redirection.
75 *
76 * @param array $args Should contain `tag` key as tag to remove from current search
77 */
78 public function removeTag(Request $request, Response $response, array $args): Response
79 {
80 $referer = $this->container->environment['HTTP_REFERER'] ?? null;
81
82 // If the referrer is not provided, we can update the search, so we failback on the bookmark list
83 if (empty($referer)) {
84 return $this->redirect($response, '/');
85 }
86
87 $tagToRemove = $args['tag'] ?? null;
88 $currentUrl = parse_url($referer);
89 parse_str($currentUrl['query'] ?? '', $params);
90
91 if (null === $tagToRemove) {
92 return $response->withRedirect(($currentUrl['path'] ?? './') .'?'. http_build_query($params));
93 }
94
95 // Prevent redirection loop
96 if (isset($params['removetag'])) {
97 unset($params['removetag']);
98 }
99
100 if (isset($params['searchtags'])) {
101 $tags = explode(' ', $params['searchtags']);
102 // Remove value from array $tags.
103 $tags = array_diff($tags, [$tagToRemove]);
104 $params['searchtags'] = implode(' ', $tags);
105
106 if (empty($params['searchtags'])) {
107 unset($params['searchtags']);
108 }
109
110 // We also remove page (keeping the same page has no sense, since the results are different)
111 unset($params['page']);
112 }
113
114 $queryParams = count($params) > 0 ? '?' . http_build_query($params) : '';
115
116 return $response->withRedirect(($currentUrl['path'] ?? './') . $queryParams);
117 }
118}
diff --git a/application/front/controllers/LoginController.php b/application/front/controllers/LoginController.php
deleted file mode 100644
index ae3599e0..00000000
--- a/application/front/controllers/LoginController.php
+++ /dev/null
@@ -1,48 +0,0 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Front\Controller;
6
7use Shaarli\Front\Exception\LoginBannedException;
8use Slim\Http\Request;
9use Slim\Http\Response;
10
11/**
12 * Class LoginController
13 *
14 * Slim controller used to render the login page.
15 *
16 * The login page is not available if the user is banned
17 * or if open shaarli setting is enabled.
18 *
19 * @package Front\Controller
20 */
21class LoginController extends ShaarliController
22{
23 public function index(Request $request, Response $response): Response
24 {
25 if ($this->container->loginManager->isLoggedIn()
26 || $this->container->conf->get('security.open_shaarli', false)
27 ) {
28 return $response->withRedirect('./');
29 }
30
31 $userCanLogin = $this->container->loginManager->canLogin($request->getServerParams());
32 if ($userCanLogin !== true) {
33 throw new LoginBannedException();
34 }
35
36 if ($request->getParam('username') !== null) {
37 $this->assignView('username', escape($request->getParam('username')));
38 }
39
40 $this
41 ->assignView('returnurl', escape($request->getServerParam('HTTP_REFERER')))
42 ->assignView('remember_user_default', $this->container->conf->get('privacy.remember_user_default', true))
43 ->assignView('pagetitle', t('Login') .' - '. $this->container->conf->get('general.title', 'Shaarli'))
44 ;
45
46 return $response->write($this->render('loginform'));
47 }
48}
diff --git a/application/front/controllers/ShaarliController.php b/application/front/controllers/ShaarliController.php
deleted file mode 100644
index 2b828588..00000000
--- a/application/front/controllers/ShaarliController.php
+++ /dev/null
@@ -1,69 +0,0 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Front\Controller;
6
7use Shaarli\Bookmark\BookmarkFilter;
8use Shaarli\Container\ShaarliContainer;
9
10abstract class ShaarliController
11{
12 /** @var ShaarliContainer */
13 protected $container;
14
15 /** @param ShaarliContainer $container Slim container (extended for attribute completion). */
16 public function __construct(ShaarliContainer $container)
17 {
18 $this->container = $container;
19 }
20
21 /**
22 * Assign variables to RainTPL template through the PageBuilder.
23 *
24 * @param mixed $value Value to assign to the template
25 */
26 protected function assignView(string $name, $value): self
27 {
28 $this->container->pageBuilder->assign($name, $value);
29
30 return $this;
31 }
32
33 protected function render(string $template): string
34 {
35 $this->assignView('linkcount', $this->container->bookmarkService->count(BookmarkFilter::$ALL));
36 $this->assignView('privateLinkcount', $this->container->bookmarkService->count(BookmarkFilter::$PRIVATE));
37 $this->assignView('plugin_errors', $this->container->pluginManager->getErrors());
38
39 $this->executeDefaultHooks($template);
40
41 return $this->container->pageBuilder->render($template);
42 }
43
44 /**
45 * Call plugin hooks for header, footer and includes, specifying which page will be rendered.
46 * Then assign generated data to RainTPL.
47 */
48 protected function executeDefaultHooks(string $template): void
49 {
50 $common_hooks = [
51 'includes',
52 'header',
53 'footer',
54 ];
55
56 foreach ($common_hooks as $name) {
57 $plugin_data = [];
58 $this->container->pluginManager->executeHooks(
59 'render_' . $name,
60 $plugin_data,
61 [
62 'target' => $template,
63 'loggedin' => $this->container->loginManager->isLoggedIn()
64 ]
65 );
66 $this->assignView('plugins_' . $name, $plugin_data);
67 }
68 }
69}
diff --git a/application/front/exceptions/AlreadyInstalledException.php b/application/front/exceptions/AlreadyInstalledException.php
new file mode 100644
index 00000000..4add86cf
--- /dev/null
+++ b/application/front/exceptions/AlreadyInstalledException.php
@@ -0,0 +1,15 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Front\Exception;
6
7class AlreadyInstalledException extends ShaarliFrontException
8{
9 public function __construct()
10 {
11 $message = t('Shaarli has already been installed. Login to edit the configuration.');
12
13 parent::__construct($message, 401);
14 }
15}
diff --git a/application/front/exceptions/CantLoginException.php b/application/front/exceptions/CantLoginException.php
new file mode 100644
index 00000000..cd16635d
--- /dev/null
+++ b/application/front/exceptions/CantLoginException.php
@@ -0,0 +1,10 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Front\Exception;
6
7class CantLoginException extends \Exception
8{
9
10}
diff --git a/application/front/exceptions/LoginBannedException.php b/application/front/exceptions/LoginBannedException.php
index b31a4a14..79d0ea15 100644
--- a/application/front/exceptions/LoginBannedException.php
+++ b/application/front/exceptions/LoginBannedException.php
@@ -4,7 +4,7 @@ declare(strict_types=1);
4 4
5namespace Shaarli\Front\Exception; 5namespace Shaarli\Front\Exception;
6 6
7class LoginBannedException extends ShaarliException 7class LoginBannedException extends ShaarliFrontException
8{ 8{
9 public function __construct() 9 public function __construct()
10 { 10 {
diff --git a/application/front/exceptions/OpenShaarliPasswordException.php b/application/front/exceptions/OpenShaarliPasswordException.php
new file mode 100644
index 00000000..a6f0b3ae
--- /dev/null
+++ b/application/front/exceptions/OpenShaarliPasswordException.php
@@ -0,0 +1,18 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Front\Exception;
6
7/**
8 * Class OpenShaarliPasswordException
9 *
10 * Raised if the user tries to change the admin password on an open shaarli instance.
11 */
12class OpenShaarliPasswordException extends ShaarliFrontException
13{
14 public function __construct()
15 {
16 parent::__construct(t('You are not supposed to change a password on an Open Shaarli.'), 403);
17 }
18}
diff --git a/application/front/exceptions/ResourcePermissionException.php b/application/front/exceptions/ResourcePermissionException.php
new file mode 100644
index 00000000..8fbf03b9
--- /dev/null
+++ b/application/front/exceptions/ResourcePermissionException.php
@@ -0,0 +1,13 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Front\Exception;
6
7class ResourcePermissionException extends ShaarliFrontException
8{
9 public function __construct(string $message)
10 {
11 parent::__construct($message, 500);
12 }
13}
diff --git a/application/front/exceptions/ShaarliException.php b/application/front/exceptions/ShaarliFrontException.php
index 800bfbec..73847e6d 100644
--- a/application/front/exceptions/ShaarliException.php
+++ b/application/front/exceptions/ShaarliFrontException.php
@@ -9,11 +9,11 @@ use Throwable;
9/** 9/**
10 * Class ShaarliException 10 * Class ShaarliException
11 * 11 *
12 * Abstract exception class used to defined any custom exception thrown during front rendering. 12 * Exception class used to defined any custom exception thrown during front rendering.
13 * 13 *
14 * @package Front\Exception 14 * @package Front\Exception
15 */ 15 */
16abstract class ShaarliException extends \Exception 16class ShaarliFrontException extends \Exception
17{ 17{
18 /** Override parent constructor to force $message and $httpCode parameters to be set. */ 18 /** Override parent constructor to force $message and $httpCode parameters to be set. */
19 public function __construct(string $message, int $httpCode, Throwable $previous = null) 19 public function __construct(string $message, int $httpCode, Throwable $previous = null)
diff --git a/application/front/exceptions/ThumbnailsDisabledException.php b/application/front/exceptions/ThumbnailsDisabledException.php
new file mode 100644
index 00000000..0ed337f5
--- /dev/null
+++ b/application/front/exceptions/ThumbnailsDisabledException.php
@@ -0,0 +1,15 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Front\Exception;
6
7class ThumbnailsDisabledException extends ShaarliFrontException
8{
9 public function __construct()
10 {
11 $message = t('Picture wall unavailable (thumbnails are disabled).');
12
13 parent::__construct($message, 400);
14 }
15}
diff --git a/application/front/exceptions/UnauthorizedException.php b/application/front/exceptions/UnauthorizedException.php
new file mode 100644
index 00000000..4231094a
--- /dev/null
+++ b/application/front/exceptions/UnauthorizedException.php
@@ -0,0 +1,15 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Front\Exception;
6
7/**
8 * Class UnauthorizedException
9 *
10 * Exception raised if the user tries to access a ShaarliAdminController while logged out.
11 */
12class UnauthorizedException extends \Exception
13{
14
15}
diff --git a/application/front/exceptions/WrongTokenException.php b/application/front/exceptions/WrongTokenException.php
new file mode 100644
index 00000000..42002720
--- /dev/null
+++ b/application/front/exceptions/WrongTokenException.php
@@ -0,0 +1,18 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Front\Exception;
6
7/**
8 * Class OpenShaarliPasswordException
9 *
10 * Raised if the user tries to perform an action with an invalid XSRF token.
11 */
12class WrongTokenException extends ShaarliFrontException
13{
14 public function __construct()
15 {
16 parent::__construct(t('Wrong token.'), 403);
17 }
18}
diff --git a/application/http/HttpAccess.php b/application/http/HttpAccess.php
new file mode 100644
index 00000000..81d9e076
--- /dev/null
+++ b/application/http/HttpAccess.php
@@ -0,0 +1,39 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Http;
6
7/**
8 * Class HttpAccess
9 *
10 * This is mostly an OOP wrapper for HTTP functions defined in `HttpUtils`.
11 * It is used as dependency injection in Shaarli's container.
12 *
13 * @package Shaarli\Http
14 */
15class HttpAccess
16{
17 public function getHttpResponse($url, $timeout = 30, $maxBytes = 4194304, $curlWriteFunction = null)
18 {
19 return get_http_response($url, $timeout, $maxBytes, $curlWriteFunction);
20 }
21
22 public function getCurlDownloadCallback(
23 &$charset,
24 &$title,
25 &$description,
26 &$keywords,
27 $retrieveDescription,
28 $curlGetInfo = 'curl_getinfo'
29 ) {
30 return get_curl_download_callback(
31 $charset,
32 $title,
33 $description,
34 $keywords,
35 $retrieveDescription,
36 $curlGetInfo
37 );
38 }
39}
diff --git a/application/http/HttpUtils.php b/application/http/HttpUtils.php
index 2ea9195d..4fc4e3dc 100644
--- a/application/http/HttpUtils.php
+++ b/application/http/HttpUtils.php
@@ -369,7 +369,7 @@ function server_url($server)
369 */ 369 */
370function index_url($server) 370function index_url($server)
371{ 371{
372 $scriptname = $server['SCRIPT_NAME']; 372 $scriptname = $server['SCRIPT_NAME'] ?? '';
373 if (endsWith($scriptname, 'index.php')) { 373 if (endsWith($scriptname, 'index.php')) {
374 $scriptname = substr($scriptname, 0, -9); 374 $scriptname = substr($scriptname, 0, -9);
375 } 375 }
@@ -377,7 +377,7 @@ function index_url($server)
377} 377}
378 378
379/** 379/**
380 * Returns the absolute URL of the current script, with the query 380 * Returns the absolute URL of the current script, with current route and query
381 * 381 *
382 * If the resource is "index.php", then it is removed (for better-looking URLs) 382 * If the resource is "index.php", then it is removed (for better-looking URLs)
383 * 383 *
@@ -387,10 +387,17 @@ function index_url($server)
387 */ 387 */
388function page_url($server) 388function page_url($server)
389{ 389{
390 $scriptname = $server['SCRIPT_NAME'] ?? '';
391 if (endsWith($scriptname, 'index.php')) {
392 $scriptname = substr($scriptname, 0, -9);
393 }
394
395 $route = ltrim($server['REQUEST_URI'] ?? '', $scriptname);
390 if (! empty($server['QUERY_STRING'])) { 396 if (! empty($server['QUERY_STRING'])) {
391 return index_url($server).'?'.$server['QUERY_STRING']; 397 return index_url($server) . $route . '?' . $server['QUERY_STRING'];
392 } 398 }
393 return index_url($server); 399
400 return index_url($server) . $route;
394} 401}
395 402
396/** 403/**
@@ -477,3 +484,109 @@ function is_https($server)
477 484
478 return ! empty($server['HTTPS']); 485 return ! empty($server['HTTPS']);
479} 486}
487
488/**
489 * Get cURL callback function for CURLOPT_WRITEFUNCTION
490 *
491 * @param string $charset to extract from the downloaded page (reference)
492 * @param string $title to extract from the downloaded page (reference)
493 * @param string $description to extract from the downloaded page (reference)
494 * @param string $keywords to extract from the downloaded page (reference)
495 * @param bool $retrieveDescription Automatically tries to retrieve description and keywords from HTML content
496 * @param string $curlGetInfo Optionally overrides curl_getinfo function
497 *
498 * @return Closure
499 */
500function get_curl_download_callback(
501 &$charset,
502 &$title,
503 &$description,
504 &$keywords,
505 $retrieveDescription,
506 $curlGetInfo = 'curl_getinfo'
507) {
508 $isRedirected = false;
509 $currentChunk = 0;
510 $foundChunk = null;
511
512 /**
513 * cURL callback function for CURLOPT_WRITEFUNCTION (called during the download).
514 *
515 * While downloading the remote page, we check that the HTTP code is 200 and content type is 'html/text'
516 * Then we extract the title and the charset and stop the download when it's done.
517 *
518 * @param resource $ch cURL resource
519 * @param string $data chunk of data being downloaded
520 *
521 * @return int|bool length of $data or false if we need to stop the download
522 */
523 return function (&$ch, $data) use (
524 $retrieveDescription,
525 $curlGetInfo,
526 &$charset,
527 &$title,
528 &$description,
529 &$keywords,
530 &$isRedirected,
531 &$currentChunk,
532 &$foundChunk
533 ) {
534 $currentChunk++;
535 $responseCode = $curlGetInfo($ch, CURLINFO_RESPONSE_CODE);
536 if (!empty($responseCode) && in_array($responseCode, [301, 302])) {
537 $isRedirected = true;
538 return strlen($data);
539 }
540 if (!empty($responseCode) && $responseCode !== 200) {
541 return false;
542 }
543 // After a redirection, the content type will keep the previous request value
544 // until it finds the next content-type header.
545 if (! $isRedirected || strpos(strtolower($data), 'content-type') !== false) {
546 $contentType = $curlGetInfo($ch, CURLINFO_CONTENT_TYPE);
547 }
548 if (!empty($contentType) && strpos($contentType, 'text/html') === false) {
549 return false;
550 }
551 if (!empty($contentType) && empty($charset)) {
552 $charset = header_extract_charset($contentType);
553 }
554 if (empty($charset)) {
555 $charset = html_extract_charset($data);
556 }
557 if (empty($title)) {
558 $title = html_extract_title($data);
559 $foundChunk = ! empty($title) ? $currentChunk : $foundChunk;
560 }
561 if ($retrieveDescription && empty($description)) {
562 $description = html_extract_tag('description', $data);
563 $foundChunk = ! empty($description) ? $currentChunk : $foundChunk;
564 }
565 if ($retrieveDescription && empty($keywords)) {
566 $keywords = html_extract_tag('keywords', $data);
567 if (! empty($keywords)) {
568 $foundChunk = $currentChunk;
569 // Keywords use the format tag1, tag2 multiple words, tag
570 // So we format them to match Shaarli's separator and glue multiple words with '-'
571 $keywords = implode(' ', array_map(function($keyword) {
572 return implode('-', preg_split('/\s+/', trim($keyword)));
573 }, explode(',', $keywords)));
574 }
575 }
576
577 // We got everything we want, stop the download.
578 // If we already found either the title, description or keywords,
579 // it's highly unlikely that we'll found the other metas further than
580 // in the same chunk of data or the next one. So we also stop the download after that.
581 if ((!empty($responseCode) && !empty($contentType) && !empty($charset)) && $foundChunk !== null
582 && (! $retrieveDescription
583 || $foundChunk < $currentChunk
584 || (!empty($title) && !empty($description) && !empty($keywords))
585 )
586 ) {
587 return false;
588 }
589
590 return strlen($data);
591 };
592}
diff --git a/application/legacy/LegacyController.php b/application/legacy/LegacyController.php
new file mode 100644
index 00000000..26465d2c
--- /dev/null
+++ b/application/legacy/LegacyController.php
@@ -0,0 +1,130 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Legacy;
6
7use Shaarli\Feed\FeedBuilder;
8use Shaarli\Front\Controller\Visitor\ShaarliVisitorController;
9use Slim\Http\Request;
10use Slim\Http\Response;
11
12/**
13 * We use this to maintain legacy routes, and redirect requests to the corresponding Slim route.
14 * Only public routes, and both `?addlink` and `?post` were kept here.
15 * Other routes will just display the linklist.
16 *
17 * @deprecated
18 */
19class LegacyController extends ShaarliVisitorController
20{
21 /** @var string[] Both `?post` and `?addlink` do not use `?do=` format. */
22 public const LEGACY_GET_ROUTES = [
23 'post',
24 'addlink',
25 ];
26
27 /**
28 * This method will call `$action` method, which will redirect to corresponding Slim route.
29 */
30 public function process(Request $request, Response $response, string $action): Response
31 {
32 if (!method_exists($this, $action)) {
33 throw new UnknowLegacyRouteException();
34 }
35
36 return $this->{$action}($request, $response);
37 }
38
39 /** Legacy route: ?post= */
40 public function post(Request $request, Response $response): Response
41 {
42 $parameters = count($request->getQueryParams()) > 0 ? '?' . http_build_query($request->getQueryParams()) : '';
43
44 if (!$this->container->loginManager->isLoggedIn()) {
45 return $this->redirect($response, '/login' . $parameters);
46 }
47
48 return $this->redirect($response, '/admin/shaare' . $parameters);
49 }
50
51 /** Legacy route: ?addlink= */
52 protected function addlink(Request $request, Response $response): Response
53 {
54 if (!$this->container->loginManager->isLoggedIn()) {
55 return $this->redirect($response, '/login');
56 }
57
58 return $this->redirect($response, '/admin/add-shaare');
59 }
60
61 /** Legacy route: ?do=login */
62 protected function login(Request $request, Response $response): Response
63 {
64 return $this->redirect($response, '/login');
65 }
66
67 /** Legacy route: ?do=logout */
68 protected function logout(Request $request, Response $response): Response
69 {
70 return $this->redirect($response, '/admin/logout');
71 }
72
73 /** Legacy route: ?do=picwall */
74 protected function picwall(Request $request, Response $response): Response
75 {
76 return $this->redirect($response, '/picture-wall');
77 }
78
79 /** Legacy route: ?do=tagcloud */
80 protected function tagcloud(Request $request, Response $response): Response
81 {
82 return $this->redirect($response, '/tags/cloud');
83 }
84
85 /** Legacy route: ?do=taglist */
86 protected function taglist(Request $request, Response $response): Response
87 {
88 return $this->redirect($response, '/tags/list');
89 }
90
91 /** Legacy route: ?do=daily */
92 protected function daily(Request $request, Response $response): Response
93 {
94 $dayParam = !empty($request->getParam('day')) ? '?day=' . escape($request->getParam('day')) : '';
95
96 return $this->redirect($response, '/daily' . $dayParam);
97 }
98
99 /** Legacy route: ?do=rss */
100 protected function rss(Request $request, Response $response): Response
101 {
102 return $this->feed($request, $response, FeedBuilder::$FEED_RSS);
103 }
104
105 /** Legacy route: ?do=atom */
106 protected function atom(Request $request, Response $response): Response
107 {
108 return $this->feed($request, $response, FeedBuilder::$FEED_ATOM);
109 }
110
111 /** Legacy route: ?do=opensearch */
112 protected function opensearch(Request $request, Response $response): Response
113 {
114 return $this->redirect($response, '/open-search');
115 }
116
117 /** Legacy route: ?do=dailyrss */
118 protected function dailyrss(Request $request, Response $response): Response
119 {
120 return $this->redirect($response, '/daily-rss');
121 }
122
123 /** Legacy route: ?do=feed */
124 protected function feed(Request $request, Response $response, string $feedType): Response
125 {
126 $parameters = count($request->getQueryParams()) > 0 ? '?' . http_build_query($request->getQueryParams()) : '';
127
128 return $this->redirect($response, '/feed/' . $feedType . $parameters);
129 }
130}
diff --git a/application/legacy/LegacyLinkDB.php b/application/legacy/LegacyLinkDB.php
index 7ccf5e54..7bf76fd4 100644
--- a/application/legacy/LegacyLinkDB.php
+++ b/application/legacy/LegacyLinkDB.php
@@ -9,6 +9,7 @@ use Iterator;
9use Shaarli\Bookmark\Exception\BookmarkNotFoundException; 9use Shaarli\Bookmark\Exception\BookmarkNotFoundException;
10use Shaarli\Exceptions\IOException; 10use Shaarli\Exceptions\IOException;
11use Shaarli\FileUtils; 11use Shaarli\FileUtils;
12use Shaarli\Render\PageCacheManager;
12 13
13/** 14/**
14 * Data storage for bookmarks. 15 * Data storage for bookmarks.
@@ -352,7 +353,8 @@ You use the community supported version of the original Shaarli project, by Seba
352 353
353 $this->write(); 354 $this->write();
354 355
355 invalidateCaches($pageCacheDir); 356 $pageCacheManager = new PageCacheManager($pageCacheDir, $this->loggedIn);
357 $pageCacheManager->invalidateCaches();
356 } 358 }
357 359
358 /** 360 /**
diff --git a/application/Router.php b/application/legacy/LegacyRouter.php
index d7187487..cea99154 100644
--- a/application/Router.php
+++ b/application/legacy/LegacyRouter.php
@@ -1,12 +1,15 @@
1<?php 1<?php
2namespace Shaarli; 2
3namespace Shaarli\Legacy;
3 4
4/** 5/**
5 * Class Router 6 * Class Router
6 * 7 *
7 * (only displayable pages here) 8 * (only displayable pages here)
9 *
10 * @deprecated
8 */ 11 */
9class Router 12class LegacyRouter
10{ 13{
11 public static $AJAX_THUMB_UPDATE = 'ajax_thumb_update'; 14 public static $AJAX_THUMB_UPDATE = 'ajax_thumb_update';
12 15
diff --git a/application/legacy/LegacyUpdater.php b/application/legacy/LegacyUpdater.php
index 3a5de79f..0ab3a55b 100644
--- a/application/legacy/LegacyUpdater.php
+++ b/application/legacy/LegacyUpdater.php
@@ -10,9 +10,9 @@ use ReflectionMethod;
10use Shaarli\ApplicationUtils; 10use Shaarli\ApplicationUtils;
11use Shaarli\Bookmark\Bookmark; 11use Shaarli\Bookmark\Bookmark;
12use Shaarli\Bookmark\BookmarkArray; 12use Shaarli\Bookmark\BookmarkArray;
13use Shaarli\Bookmark\LinkDB;
14use Shaarli\Bookmark\BookmarkFilter; 13use Shaarli\Bookmark\BookmarkFilter;
15use Shaarli\Bookmark\BookmarkIO; 14use Shaarli\Bookmark\BookmarkIO;
15use Shaarli\Bookmark\LinkDB;
16use Shaarli\Config\ConfigJson; 16use Shaarli\Config\ConfigJson;
17use Shaarli\Config\ConfigManager; 17use Shaarli\Config\ConfigManager;
18use Shaarli\Config\ConfigPhp; 18use Shaarli\Config\ConfigPhp;
@@ -534,7 +534,8 @@ class LegacyUpdater
534 534
535 if ($thumbnailsEnabled) { 535 if ($thumbnailsEnabled) {
536 $this->session['warnings'][] = t( 536 $this->session['warnings'][] = t(
537 'You have enabled or changed thumbnails mode. <a href="?do=thumbs_update">Please synchronize them</a>.' 537 t('You have enabled or changed thumbnails mode.') .
538 '<a href="./admin/thumbnails">' . t('Please synchronize them.') . '</a>'
538 ); 539 );
539 } 540 }
540 541
diff --git a/application/legacy/UnknowLegacyRouteException.php b/application/legacy/UnknowLegacyRouteException.php
new file mode 100644
index 00000000..ae1518ad
--- /dev/null
+++ b/application/legacy/UnknowLegacyRouteException.php
@@ -0,0 +1,9 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Legacy;
6
7class UnknowLegacyRouteException extends \Exception
8{
9}
diff --git a/application/netscape/NetscapeBookmarkUtils.php b/application/netscape/NetscapeBookmarkUtils.php
index d64eef7f..b83f16f8 100644
--- a/application/netscape/NetscapeBookmarkUtils.php
+++ b/application/netscape/NetscapeBookmarkUtils.php
@@ -6,6 +6,7 @@ use DateTime;
6use DateTimeZone; 6use DateTimeZone;
7use Exception; 7use Exception;
8use Katzgrau\KLogger\Logger; 8use Katzgrau\KLogger\Logger;
9use Psr\Http\Message\UploadedFileInterface;
9use Psr\Log\LogLevel; 10use Psr\Log\LogLevel;
10use Shaarli\Bookmark\Bookmark; 11use Shaarli\Bookmark\Bookmark;
11use Shaarli\Bookmark\BookmarkServiceInterface; 12use Shaarli\Bookmark\BookmarkServiceInterface;
@@ -16,10 +17,24 @@ use Shaarli\NetscapeBookmarkParser\NetscapeBookmarkParser;
16 17
17/** 18/**
18 * Utilities to import and export bookmarks using the Netscape format 19 * Utilities to import and export bookmarks using the Netscape format
19 * TODO: Not static, use a container.
20 */ 20 */
21class NetscapeBookmarkUtils 21class NetscapeBookmarkUtils
22{ 22{
23 /** @var BookmarkServiceInterface */
24 protected $bookmarkService;
25
26 /** @var ConfigManager */
27 protected $conf;
28
29 /** @var History */
30 protected $history;
31
32 public function __construct(BookmarkServiceInterface $bookmarkService, ConfigManager $conf, History $history)
33 {
34 $this->bookmarkService = $bookmarkService;
35 $this->conf = $conf;
36 $this->history = $history;
37 }
23 38
24 /** 39 /**
25 * Filters bookmarks and adds Netscape-formatted fields 40 * Filters bookmarks and adds Netscape-formatted fields
@@ -28,18 +43,16 @@ class NetscapeBookmarkUtils
28 * - timestamp link addition date, using the Unix epoch format 43 * - timestamp link addition date, using the Unix epoch format
29 * - taglist comma-separated tag list 44 * - taglist comma-separated tag list
30 * 45 *
31 * @param BookmarkServiceInterface $bookmarkService Link datastore
32 * @param BookmarkFormatter $formatter instance 46 * @param BookmarkFormatter $formatter instance
33 * @param string $selection Which bookmarks to export: (all|private|public) 47 * @param string $selection Which bookmarks to export: (all|private|public)
34 * @param bool $prependNoteUrl Prepend note permalinks with the server's URL 48 * @param bool $prependNoteUrl Prepend note permalinks with the server's URL
35 * @param string $indexUrl Absolute URL of the Shaarli index page 49 * @param string $indexUrl Absolute URL of the Shaarli index page
36 * 50 *
37 * @return array The bookmarks to be exported, with additional fields 51 * @return array The bookmarks to be exported, with additional fields
38 *@throws Exception Invalid export selection
39 * 52 *
53 * @throws Exception Invalid export selection
40 */ 54 */
41 public static function filterAndFormat( 55 public function filterAndFormat(
42 $bookmarkService,
43 $formatter, 56 $formatter,
44 $selection, 57 $selection,
45 $prependNoteUrl, 58 $prependNoteUrl,
@@ -51,11 +64,11 @@ class NetscapeBookmarkUtils
51 } 64 }
52 65
53 $bookmarkLinks = array(); 66 $bookmarkLinks = array();
54 foreach ($bookmarkService->search([], $selection) as $bookmark) { 67 foreach ($this->bookmarkService->search([], $selection) as $bookmark) {
55 $link = $formatter->format($bookmark); 68 $link = $formatter->format($bookmark);
56 $link['taglist'] = implode(',', $bookmark->getTags()); 69 $link['taglist'] = implode(',', $bookmark->getTags());
57 if ($bookmark->isNote() && $prependNoteUrl) { 70 if ($bookmark->isNote() && $prependNoteUrl) {
58 $link['url'] = $indexUrl . $link['url']; 71 $link['url'] = rtrim($indexUrl, '/') . '/' . ltrim($link['url'], '/');
59 } 72 }
60 73
61 $bookmarkLinks[] = $link; 74 $bookmarkLinks[] = $link;
@@ -65,60 +78,22 @@ class NetscapeBookmarkUtils
65 } 78 }
66 79
67 /** 80 /**
68 * Generates an import status summary
69 *
70 * @param string $filename name of the file to import
71 * @param int $filesize size of the file to import
72 * @param int $importCount how many bookmarks were imported
73 * @param int $overwriteCount how many bookmarks were overwritten
74 * @param int $skipCount how many bookmarks were skipped
75 * @param int $duration how many seconds did the import take
76 *
77 * @return string Summary of the bookmark import status
78 */
79 private static function importStatus(
80 $filename,
81 $filesize,
82 $importCount = 0,
83 $overwriteCount = 0,
84 $skipCount = 0,
85 $duration = 0
86 ) {
87 $status = sprintf(t('File %s (%d bytes) '), $filename, $filesize);
88 if ($importCount == 0 && $overwriteCount == 0 && $skipCount == 0) {
89 $status .= t('has an unknown file format. Nothing was imported.');
90 } else {
91 $status .= vsprintf(
92 t(
93 'was successfully processed in %d seconds: '
94 . '%d bookmarks imported, %d bookmarks overwritten, %d bookmarks skipped.'
95 ),
96 [$duration, $importCount, $overwriteCount, $skipCount]
97 );
98 }
99 return $status;
100 }
101
102 /**
103 * Imports Web bookmarks from an uploaded Netscape bookmark dump 81 * Imports Web bookmarks from an uploaded Netscape bookmark dump
104 * 82 *
105 * @param array $post Server $_POST parameters 83 * @param array $post Server $_POST parameters
106 * @param array $files Server $_FILES parameters 84 * @param UploadedFileInterface $file File in PSR-7 object format
107 * @param BookmarkServiceInterface $bookmarkService Loaded LinkDB instance
108 * @param ConfigManager $conf instance
109 * @param History $history History instance
110 * 85 *
111 * @return string Summary of the bookmark import status 86 * @return string Summary of the bookmark import status
112 */ 87 */
113 public static function import($post, $files, $bookmarkService, $conf, $history) 88 public function import($post, UploadedFileInterface $file)
114 { 89 {
115 $start = time(); 90 $start = time();
116 $filename = $files['filetoupload']['name']; 91 $filename = $file->getClientFilename();
117 $filesize = $files['filetoupload']['size']; 92 $filesize = $file->getSize();
118 $data = file_get_contents($files['filetoupload']['tmp_name']); 93 $data = (string) $file->getStream();
119 94
120 if (preg_match('/<!DOCTYPE NETSCAPE-Bookmark-file-1>/i', $data) === 0) { 95 if (preg_match('/<!DOCTYPE NETSCAPE-Bookmark-file-1>/i', $data) === 0) {
121 return self::importStatus($filename, $filesize); 96 return $this->importStatus($filename, $filesize);
122 } 97 }
123 98
124 // Overwrite existing bookmarks? 99 // Overwrite existing bookmarks?
@@ -141,11 +116,11 @@ class NetscapeBookmarkUtils
141 true, // nested tag support 116 true, // nested tag support
142 $defaultTags, // additional user-specified tags 117 $defaultTags, // additional user-specified tags
143 strval(1 - $defaultPrivacy), // defaultPub = 1 - defaultPrivacy 118 strval(1 - $defaultPrivacy), // defaultPub = 1 - defaultPrivacy
144 $conf->get('resource.data_dir') // log path, will be overridden 119 $this->conf->get('resource.data_dir') // log path, will be overridden
145 ); 120 );
146 $logger = new Logger( 121 $logger = new Logger(
147 $conf->get('resource.data_dir'), 122 $this->conf->get('resource.data_dir'),
148 !$conf->get('dev.debug') ? LogLevel::INFO : LogLevel::DEBUG, 123 !$this->conf->get('dev.debug') ? LogLevel::INFO : LogLevel::DEBUG,
149 [ 124 [
150 'prefix' => 'import.', 125 'prefix' => 'import.',
151 'extension' => 'log', 126 'extension' => 'log',
@@ -171,7 +146,7 @@ class NetscapeBookmarkUtils
171 $private = 0; 146 $private = 0;
172 } 147 }
173 148
174 $link = $bookmarkService->findByUrl($bkm['uri']); 149 $link = $this->bookmarkService->findByUrl($bkm['uri']);
175 $existingLink = $link !== null; 150 $existingLink = $link !== null;
176 if (! $existingLink) { 151 if (! $existingLink) {
177 $link = new Bookmark(); 152 $link = new Bookmark();
@@ -193,20 +168,21 @@ class NetscapeBookmarkUtils
193 } 168 }
194 169
195 $link->setTitle($bkm['title']); 170 $link->setTitle($bkm['title']);
196 $link->setUrl($bkm['uri'], $conf->get('security.allowed_protocols')); 171 $link->setUrl($bkm['uri'], $this->conf->get('security.allowed_protocols'));
197 $link->setDescription($bkm['note']); 172 $link->setDescription($bkm['note']);
198 $link->setPrivate($private); 173 $link->setPrivate($private);
199 $link->setTagsString($bkm['tags']); 174 $link->setTagsString($bkm['tags']);
200 175
201 $bookmarkService->addOrSet($link, false); 176 $this->bookmarkService->addOrSet($link, false);
202 $importCount++; 177 $importCount++;
203 } 178 }
204 179
205 $bookmarkService->save(); 180 $this->bookmarkService->save();
206 $history->importLinks(); 181 $this->history->importLinks();
207 182
208 $duration = time() - $start; 183 $duration = time() - $start;
209 return self::importStatus( 184
185 return $this->importStatus(
210 $filename, 186 $filename,
211 $filesize, 187 $filesize,
212 $importCount, 188 $importCount,
@@ -215,4 +191,39 @@ class NetscapeBookmarkUtils
215 $duration 191 $duration
216 ); 192 );
217 } 193 }
194
195 /**
196 * Generates an import status summary
197 *
198 * @param string $filename name of the file to import
199 * @param int $filesize size of the file to import
200 * @param int $importCount how many bookmarks were imported
201 * @param int $overwriteCount how many bookmarks were overwritten
202 * @param int $skipCount how many bookmarks were skipped
203 * @param int $duration how many seconds did the import take
204 *
205 * @return string Summary of the bookmark import status
206 */
207 protected function importStatus(
208 $filename,
209 $filesize,
210 $importCount = 0,
211 $overwriteCount = 0,
212 $skipCount = 0,
213 $duration = 0
214 ) {
215 $status = sprintf(t('File %s (%d bytes) '), $filename, $filesize);
216 if ($importCount == 0 && $overwriteCount == 0 && $skipCount == 0) {
217 $status .= t('has an unknown file format. Nothing was imported.');
218 } else {
219 $status .= vsprintf(
220 t(
221 'was successfully processed in %d seconds: '
222 . '%d bookmarks imported, %d bookmarks overwritten, %d bookmarks skipped.'
223 ),
224 [$duration, $importCount, $overwriteCount, $skipCount]
225 );
226 }
227 return $status;
228 }
218} 229}
diff --git a/application/plugin/PluginManager.php b/application/plugin/PluginManager.php
index f7b24a8e..b3e8b2f8 100644
--- a/application/plugin/PluginManager.php
+++ b/application/plugin/PluginManager.php
@@ -16,7 +16,7 @@ class PluginManager
16 * 16 *
17 * @var array $authorizedPlugins 17 * @var array $authorizedPlugins
18 */ 18 */
19 private $authorizedPlugins; 19 private $authorizedPlugins = [];
20 20
21 /** 21 /**
22 * List of loaded plugins. 22 * List of loaded plugins.
@@ -108,6 +108,10 @@ class PluginManager
108 $data['_LOGGEDIN_'] = $params['loggedin']; 108 $data['_LOGGEDIN_'] = $params['loggedin'];
109 } 109 }
110 110
111 if (isset($params['basePath'])) {
112 $data['_BASE_PATH_'] = $params['basePath'];
113 }
114
111 foreach ($this->loadedPlugins as $plugin) { 115 foreach ($this->loadedPlugins as $plugin) {
112 $hookFunction = $this->buildHookName($hook, $plugin); 116 $hookFunction = $this->buildHookName($hook, $plugin);
113 117
diff --git a/application/render/PageBuilder.php b/application/render/PageBuilder.php
index f4fefda8..7a716673 100644
--- a/application/render/PageBuilder.php
+++ b/application/render/PageBuilder.php
@@ -3,10 +3,12 @@
3namespace Shaarli\Render; 3namespace Shaarli\Render;
4 4
5use Exception; 5use Exception;
6use exceptions\MissingBasePathException;
6use RainTPL; 7use RainTPL;
7use Shaarli\ApplicationUtils; 8use Shaarli\ApplicationUtils;
8use Shaarli\Bookmark\BookmarkServiceInterface; 9use Shaarli\Bookmark\BookmarkServiceInterface;
9use Shaarli\Config\ConfigManager; 10use Shaarli\Config\ConfigManager;
11use Shaarli\Security\SessionManager;
10use Shaarli\Thumbnailer; 12use Shaarli\Thumbnailer;
11 13
12/** 14/**
@@ -69,6 +71,15 @@ class PageBuilder
69 } 71 }
70 72
71 /** 73 /**
74 * Reset current state of template rendering.
75 * Mostly useful for error handling. We remove everything, and display the error template.
76 */
77 public function reset(): void
78 {
79 $this->tpl = false;
80 }
81
82 /**
72 * Initialize all default tpl tags. 83 * Initialize all default tpl tags.
73 */ 84 */
74 private function initialize() 85 private function initialize()
@@ -136,11 +147,6 @@ class PageBuilder
136 $this->tpl->assign('thumbnails_width', $this->conf->get('thumbnails.width')); 147 $this->tpl->assign('thumbnails_width', $this->conf->get('thumbnails.width'));
137 $this->tpl->assign('thumbnails_height', $this->conf->get('thumbnails.height')); 148 $this->tpl->assign('thumbnails_height', $this->conf->get('thumbnails.height'));
138 149
139 if (!empty($_SESSION['warnings'])) {
140 $this->tpl->assign('global_warnings', $_SESSION['warnings']);
141 unset($_SESSION['warnings']);
142 }
143
144 $this->tpl->assign('formatter', $this->conf->get('formatter', 'default')); 150 $this->tpl->assign('formatter', $this->conf->get('formatter', 'default'));
145 151
146 // To be removed with a proper theme configuration. 152 // To be removed with a proper theme configuration.
@@ -148,6 +154,34 @@ class PageBuilder
148 } 154 }
149 155
150 /** 156 /**
157 * Affect variable after controller processing.
158 * Used for alert messages.
159 */
160 protected function finalize(string $basePath): void
161 {
162 // TODO: use the SessionManager
163 $messageKeys = [
164 SessionManager::KEY_SUCCESS_MESSAGES,
165 SessionManager::KEY_WARNING_MESSAGES,
166 SessionManager::KEY_ERROR_MESSAGES
167 ];
168 foreach ($messageKeys as $messageKey) {
169 if (!empty($_SESSION[$messageKey])) {
170 $this->tpl->assign('global_' . $messageKey, $_SESSION[$messageKey]);
171 unset($_SESSION[$messageKey]);
172 }
173 }
174
175 $this->assign('base_path', $basePath);
176 $this->assign(
177 'asset_path',
178 $basePath . '/' .
179 rtrim($this->conf->get('resource.raintpl_tpl', 'tpl'), '/') . '/' .
180 $this->conf->get('resource.theme', 'default')
181 );
182 }
183
184 /**
151 * The following assign() method is basically the same as RainTPL (except lazy loading) 185 * The following assign() method is basically the same as RainTPL (except lazy loading)
152 * 186 *
153 * @param string $placeholder Template placeholder. 187 * @param string $placeholder Template placeholder.
@@ -185,21 +219,6 @@ class PageBuilder
185 } 219 }
186 220
187 /** 221 /**
188 * Render a specific page (using a template file).
189 * e.g. $pb->renderPage('picwall');
190 *
191 * @param string $page Template filename (without extension).
192 */
193 public function renderPage($page)
194 {
195 if ($this->tpl === false) {
196 $this->initialize();
197 }
198
199 $this->tpl->draw($page);
200 }
201
202 /**
203 * Render a specific page as string (using a template file). 222 * Render a specific page as string (using a template file).
204 * e.g. $pb->render('picwall'); 223 * e.g. $pb->render('picwall');
205 * 224 *
@@ -207,28 +226,14 @@ class PageBuilder
207 * 226 *
208 * @return string Processed template content 227 * @return string Processed template content
209 */ 228 */
210 public function render(string $page): string 229 public function render(string $page, string $basePath): string
211 { 230 {
212 if ($this->tpl === false) { 231 if ($this->tpl === false) {
213 $this->initialize(); 232 $this->initialize();
214 } 233 }
215 234
216 return $this->tpl->draw($page, true); 235 $this->finalize($basePath);
217 }
218 236
219 /** 237 return $this->tpl->draw($page, true);
220 * Render a 404 page (uses the template : tpl/404.tpl)
221 * usage: $PAGE->render404('The link was deleted')
222 *
223 * @param string $message A message to display what is not found
224 */
225 public function render404($message = '')
226 {
227 if (empty($message)) {
228 $message = t('The page you are trying to reach does not exist or has been deleted.');
229 }
230 header($_SERVER['SERVER_PROTOCOL'] . ' ' . t('404 Not Found'));
231 $this->tpl->assign('error_message', $message);
232 $this->renderPage('404');
233 } 238 }
234} 239}
diff --git a/application/render/PageCacheManager.php b/application/render/PageCacheManager.php
new file mode 100644
index 00000000..97805c35
--- /dev/null
+++ b/application/render/PageCacheManager.php
@@ -0,0 +1,60 @@
1<?php
2
3namespace Shaarli\Render;
4
5use Shaarli\Feed\CachedPage;
6
7/**
8 * Cache utilities
9 */
10class PageCacheManager
11{
12 /** @var string Cache directory */
13 protected $pageCacheDir;
14
15 /** @var bool */
16 protected $isLoggedIn;
17
18 public function __construct(string $pageCacheDir, bool $isLoggedIn)
19 {
20 $this->pageCacheDir = $pageCacheDir;
21 $this->isLoggedIn = $isLoggedIn;
22 }
23
24 /**
25 * Purges all cached pages
26 *
27 * @return string|null an error string if the directory is missing
28 */
29 public function purgeCachedPages(): ?string
30 {
31 if (!is_dir($this->pageCacheDir)) {
32 $error = sprintf(t('Cannot purge %s: no directory'), $this->pageCacheDir);
33 error_log($error);
34
35 return $error;
36 }
37
38 array_map('unlink', glob($this->pageCacheDir . '/*.cache'));
39
40 return null;
41 }
42
43 /**
44 * Invalidates caches when the database is changed or the user logs out.
45 */
46 public function invalidateCaches(): void
47 {
48 // Purge page cache shared by sessions.
49 $this->purgeCachedPages();
50 }
51
52 public function getCachePage(string $pageUrl): CachedPage
53 {
54 return new CachedPage(
55 $this->pageCacheDir,
56 $pageUrl,
57 false === $this->isLoggedIn
58 );
59 }
60}
diff --git a/application/render/TemplatePage.php b/application/render/TemplatePage.php
new file mode 100644
index 00000000..8af8228a
--- /dev/null
+++ b/application/render/TemplatePage.php
@@ -0,0 +1,33 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Render;
6
7interface TemplatePage
8{
9 public const ERROR_404 = '404';
10 public const ADDLINK = 'addlink';
11 public const CHANGE_PASSWORD = 'changepassword';
12 public const CHANGE_TAG = 'changetag';
13 public const CONFIGURE = 'configure';
14 public const DAILY = 'daily';
15 public const DAILY_RSS = 'dailyrss';
16 public const EDIT_LINK = 'editlink';
17 public const ERROR = 'error';
18 public const EXPORT = 'export';
19 public const NETSCAPE_EXPORT_BOOKMARKS = 'export.bookmarks';
20 public const FEED_ATOM = 'feed.atom';
21 public const FEED_RSS = 'feed.rss';
22 public const IMPORT = 'import';
23 public const INSTALL = 'install';
24 public const LINKLIST = 'linklist';
25 public const LOGIN = 'loginform';
26 public const OPEN_SEARCH = 'opensearch';
27 public const PICTURE_WALL = 'picwall';
28 public const PLUGINS_ADMIN = 'pluginsadmin';
29 public const TAG_CLOUD = 'tag.cloud';
30 public const TAG_LIST = 'tag.list';
31 public const THUMBNAILS = 'thumbnails';
32 public const TOOLS = 'tools';
33}
diff --git a/application/security/CookieManager.php b/application/security/CookieManager.php
new file mode 100644
index 00000000..cde4746e
--- /dev/null
+++ b/application/security/CookieManager.php
@@ -0,0 +1,33 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Security;
6
7class CookieManager
8{
9 /** @var string Name of the cookie set after logging in **/
10 public const STAY_SIGNED_IN = 'shaarli_staySignedIn';
11
12 /** @var mixed $_COOKIE set by reference */
13 protected $cookies;
14
15 public function __construct(array &$cookies)
16 {
17 $this->cookies = $cookies;
18 }
19
20 public function setCookieParameter(string $key, string $value, int $expires, string $path): self
21 {
22 $this->cookies[$key] = $value;
23
24 setcookie($key, $value, $expires, $path);
25
26 return $this;
27 }
28
29 public function getCookieParameter(string $key, string $default = null): ?string
30 {
31 return $this->cookies[$key] ?? $default;
32 }
33}
diff --git a/application/security/LoginManager.php b/application/security/LoginManager.php
index 39ec9b2e..d74c3118 100644
--- a/application/security/LoginManager.php
+++ b/application/security/LoginManager.php
@@ -9,9 +9,6 @@ use Shaarli\Config\ConfigManager;
9 */ 9 */
10class LoginManager 10class LoginManager
11{ 11{
12 /** @var string Name of the cookie set after logging in **/
13 public static $STAY_SIGNED_IN_COOKIE = 'shaarli_staySignedIn';
14
15 /** @var array A reference to the $_GLOBALS array */ 12 /** @var array A reference to the $_GLOBALS array */
16 protected $globals = []; 13 protected $globals = [];
17 14
@@ -32,17 +29,21 @@ class LoginManager
32 29
33 /** @var string User sign-in token depending on remote IP and credentials */ 30 /** @var string User sign-in token depending on remote IP and credentials */
34 protected $staySignedInToken = ''; 31 protected $staySignedInToken = '';
32 /** @var CookieManager */
33 protected $cookieManager;
35 34
36 /** 35 /**
37 * Constructor 36 * Constructor
38 * 37 *
39 * @param ConfigManager $configManager Configuration Manager instance 38 * @param ConfigManager $configManager Configuration Manager instance
40 * @param SessionManager $sessionManager SessionManager instance 39 * @param SessionManager $sessionManager SessionManager instance
40 * @param CookieManager $cookieManager CookieManager instance
41 */ 41 */
42 public function __construct($configManager, $sessionManager) 42 public function __construct($configManager, $sessionManager, $cookieManager)
43 { 43 {
44 $this->configManager = $configManager; 44 $this->configManager = $configManager;
45 $this->sessionManager = $sessionManager; 45 $this->sessionManager = $sessionManager;
46 $this->cookieManager = $cookieManager;
46 $this->banManager = new BanManager( 47 $this->banManager = new BanManager(
47 $this->configManager->get('security.trusted_proxies', []), 48 $this->configManager->get('security.trusted_proxies', []),
48 $this->configManager->get('security.ban_after'), 49 $this->configManager->get('security.ban_after'),
@@ -86,10 +87,9 @@ class LoginManager
86 /** 87 /**
87 * Check user session state and validity (expiration) 88 * Check user session state and validity (expiration)
88 * 89 *
89 * @param array $cookie The $_COOKIE array
90 * @param string $clientIpId Client IP address identifier 90 * @param string $clientIpId Client IP address identifier
91 */ 91 */
92 public function checkLoginState($cookie, $clientIpId) 92 public function checkLoginState($clientIpId)
93 { 93 {
94 if (! $this->configManager->exists('credentials.login')) { 94 if (! $this->configManager->exists('credentials.login')) {
95 // Shaarli is not configured yet 95 // Shaarli is not configured yet
@@ -97,9 +97,7 @@ class LoginManager
97 return; 97 return;
98 } 98 }
99 99
100 if (isset($cookie[self::$STAY_SIGNED_IN_COOKIE]) 100 if ($this->staySignedInToken === $this->cookieManager->getCookieParameter(CookieManager::STAY_SIGNED_IN)) {
101 && $cookie[self::$STAY_SIGNED_IN_COOKIE] === $this->staySignedInToken
102 ) {
103 // The user client has a valid stay-signed-in cookie 101 // The user client has a valid stay-signed-in cookie
104 // Session information is updated with the current client information 102 // Session information is updated with the current client information
105 $this->sessionManager->storeLoginInfo($clientIpId); 103 $this->sessionManager->storeLoginInfo($clientIpId);
diff --git a/application/security/SessionManager.php b/application/security/SessionManager.php
index 994fcbe5..76b0afe8 100644
--- a/application/security/SessionManager.php
+++ b/application/security/SessionManager.php
@@ -8,6 +8,14 @@ use Shaarli\Config\ConfigManager;
8 */ 8 */
9class SessionManager 9class SessionManager
10{ 10{
11 public const KEY_LINKS_PER_PAGE = 'LINKS_PER_PAGE';
12 public const KEY_VISIBILITY = 'visibility';
13 public const KEY_UNTAGGED_ONLY = 'untaggedonly';
14
15 public const KEY_SUCCESS_MESSAGES = 'successes';
16 public const KEY_WARNING_MESSAGES = 'warnings';
17 public const KEY_ERROR_MESSAGES = 'errors';
18
11 /** @var int Session expiration timeout, in seconds */ 19 /** @var int Session expiration timeout, in seconds */
12 public static $SHORT_TIMEOUT = 3600; // 1 hour 20 public static $SHORT_TIMEOUT = 3600; // 1 hour
13 21
@@ -23,16 +31,35 @@ class SessionManager
23 /** @var bool Whether the user should stay signed in (LONG_TIMEOUT) */ 31 /** @var bool Whether the user should stay signed in (LONG_TIMEOUT) */
24 protected $staySignedIn = false; 32 protected $staySignedIn = false;
25 33
34 /** @var string */
35 protected $savePath;
36
26 /** 37 /**
27 * Constructor 38 * Constructor
28 * 39 *
29 * @param array $session The $_SESSION array (reference) 40 * @param array $session The $_SESSION array (reference)
30 * @param ConfigManager $conf ConfigManager instance 41 * @param ConfigManager $conf ConfigManager instance
42 * @param string $savePath Session save path returned by builtin function session_save_path()
31 */ 43 */
32 public function __construct(& $session, $conf) 44 public function __construct(&$session, $conf, string $savePath)
33 { 45 {
34 $this->session = &$session; 46 $this->session = &$session;
35 $this->conf = $conf; 47 $this->conf = $conf;
48 $this->savePath = $savePath;
49 }
50
51 /**
52 * Initialize XSRF token and links per page session variables.
53 */
54 public function initialize(): void
55 {
56 if (!isset($this->session['tokens'])) {
57 $this->session['tokens'] = [];
58 }
59
60 if (!isset($this->session['LINKS_PER_PAGE'])) {
61 $this->session['LINKS_PER_PAGE'] = $this->conf->get('general.links_per_page', 20);
62 }
36 } 63 }
37 64
38 /** 65 /**
@@ -202,4 +229,78 @@ class SessionManager
202 { 229 {
203 return $this->session; 230 return $this->session;
204 } 231 }
232
233 /**
234 * @param mixed $default value which will be returned if the $key is undefined
235 *
236 * @return mixed Content stored in session
237 */
238 public function getSessionParameter(string $key, $default = null)
239 {
240 return $this->session[$key] ?? $default;
241 }
242
243 /**
244 * Store a variable in user session.
245 *
246 * @param string $key Session key
247 * @param mixed $value Session value to store
248 *
249 * @return $this
250 */
251 public function setSessionParameter(string $key, $value): self
252 {
253 $this->session[$key] = $value;
254
255 return $this;
256 }
257
258 /**
259 * Store a variable in user session.
260 *
261 * @param string $key Session key
262 *
263 * @return $this
264 */
265 public function deleteSessionParameter(string $key): self
266 {
267 unset($this->session[$key]);
268
269 return $this;
270 }
271
272 public function getSavePath(): string
273 {
274 return $this->savePath;
275 }
276
277 /*
278 * Next public functions wrapping native PHP session API.
279 */
280
281 public function destroy(): bool
282 {
283 $this->session = [];
284
285 return session_destroy();
286 }
287
288 public function start(): bool
289 {
290 if (session_status() === PHP_SESSION_ACTIVE) {
291 $this->destroy();
292 }
293
294 return session_start();
295 }
296
297 public function cookieParameters(int $lifeTime, string $path, string $domain): bool
298 {
299 return session_set_cookie_params($lifeTime, $path, $domain);
300 }
301
302 public function regenerateId(bool $deleteOldSession = false): bool
303 {
304 return session_regenerate_id($deleteOldSession);
305 }
205} 306}
diff --git a/application/updater/Updater.php b/application/updater/Updater.php
index 95654d81..88a7bc7b 100644
--- a/application/updater/Updater.php
+++ b/application/updater/Updater.php
@@ -2,8 +2,8 @@
2 2
3namespace Shaarli\Updater; 3namespace Shaarli\Updater;
4 4
5use Shaarli\Config\ConfigManager;
6use Shaarli\Bookmark\BookmarkServiceInterface; 5use Shaarli\Bookmark\BookmarkServiceInterface;
6use Shaarli\Config\ConfigManager;
7use Shaarli\Updater\Exception\UpdaterException; 7use Shaarli\Updater\Exception\UpdaterException;
8 8
9/** 9/**
@@ -21,7 +21,7 @@ class Updater
21 /** 21 /**
22 * @var BookmarkServiceInterface instance. 22 * @var BookmarkServiceInterface instance.
23 */ 23 */
24 protected $linkServices; 24 protected $bookmarkService;
25 25
26 /** 26 /**
27 * @var ConfigManager $conf Configuration Manager instance. 27 * @var ConfigManager $conf Configuration Manager instance.
@@ -39,6 +39,11 @@ class Updater
39 protected $methods; 39 protected $methods;
40 40
41 /** 41 /**
42 * @var string $basePath Shaarli root directory (from HTTP Request)
43 */
44 protected $basePath = null;
45
46 /**
42 * Object constructor. 47 * Object constructor.
43 * 48 *
44 * @param array $doneUpdates Updates which are already done. 49 * @param array $doneUpdates Updates which are already done.
@@ -49,7 +54,7 @@ class Updater
49 public function __construct($doneUpdates, $linkDB, $conf, $isLoggedIn) 54 public function __construct($doneUpdates, $linkDB, $conf, $isLoggedIn)
50 { 55 {
51 $this->doneUpdates = $doneUpdates; 56 $this->doneUpdates = $doneUpdates;
52 $this->linkServices = $linkDB; 57 $this->bookmarkService = $linkDB;
53 $this->conf = $conf; 58 $this->conf = $conf;
54 $this->isLoggedIn = $isLoggedIn; 59 $this->isLoggedIn = $isLoggedIn;
55 60
@@ -62,13 +67,15 @@ class Updater
62 * Run all new updates. 67 * Run all new updates.
63 * Update methods have to start with 'updateMethod' and return true (on success). 68 * Update methods have to start with 'updateMethod' and return true (on success).
64 * 69 *
70 * @param string $basePath Shaarli root directory (from HTTP Request)
71 *
65 * @return array An array containing ran updates. 72 * @return array An array containing ran updates.
66 * 73 *
67 * @throws UpdaterException If something went wrong. 74 * @throws UpdaterException If something went wrong.
68 */ 75 */
69 public function update() 76 public function update(string $basePath = null)
70 { 77 {
71 $updatesRan = array(); 78 $updatesRan = [];
72 79
73 // If the user isn't logged in, exit without updating. 80 // If the user isn't logged in, exit without updating.
74 if ($this->isLoggedIn !== true) { 81 if ($this->isLoggedIn !== true) {
@@ -111,4 +118,62 @@ class Updater
111 { 118 {
112 return $this->doneUpdates; 119 return $this->doneUpdates;
113 } 120 }
121
122 public function readUpdates(string $updatesFilepath): array
123 {
124 return UpdaterUtils::read_updates_file($updatesFilepath);
125 }
126
127 public function writeUpdates(string $updatesFilepath, array $updates): void
128 {
129 UpdaterUtils::write_updates_file($updatesFilepath, $updates);
130 }
131
132 /**
133 * With the Slim routing system, default header link should be `/subfolder/` instead of `?`.
134 * Otherwise you can not go back to the home page.
135 * Example: `/subfolder/picture-wall` -> `/subfolder/picture-wall?` instead of `/subfolder/`.
136 */
137 public function updateMethodRelativeHomeLink(): bool
138 {
139 if ('?' === trim($this->conf->get('general.header_link'))) {
140 $this->conf->set('general.header_link', $this->basePath . '/', true, true);
141 }
142
143 return true;
144 }
145
146 /**
147 * With the Slim routing system, note bookmarks URL formatted `?abcdef`
148 * should be replaced with `/shaare/abcdef`
149 */
150 public function updateMethodMigrateExistingNotesUrl(): bool
151 {
152 $updated = false;
153
154 foreach ($this->bookmarkService->search() as $bookmark) {
155 if ($bookmark->isNote()
156 && startsWith($bookmark->getUrl(), '?')
157 && 1 === preg_match('/^\?([a-zA-Z0-9-_@]{6})($|&|#)/', $bookmark->getUrl(), $match)
158 ) {
159 $updated = true;
160 $bookmark = $bookmark->setUrl('/shaare/' . $match[1]);
161
162 $this->bookmarkService->set($bookmark, false);
163 }
164 }
165
166 if ($updated) {
167 $this->bookmarkService->save();
168 }
169
170 return true;
171 }
172
173 public function setBasePath(string $basePath): self
174 {
175 $this->basePath = $basePath;
176
177 return $this;
178 }
114} 179}