diff options
Diffstat (limited to 'index.php')
| -rw-r--r-- | index.php | 27 |
1 files changed, 12 insertions, 15 deletions
| @@ -496,9 +496,9 @@ if (isset($_POST['login'])) | |||
| 496 | else | 496 | else |
| 497 | { | 497 | { |
| 498 | ban_loginFailed(); | 498 | ban_loginFailed(); |
| 499 | $redir = ''; | 499 | $redir = '&username='. $_POST['login']; |
| 500 | if (isset($_GET['post'])) { | 500 | if (isset($_GET['post'])) { |
| 501 | $redir = '?post=' . urlencode($_GET['post']); | 501 | $redir .= '&post=' . urlencode($_GET['post']); |
| 502 | foreach (array('description', 'source', 'title') as $param) { | 502 | foreach (array('description', 'source', 'title') as $param) { |
| 503 | if (!empty($_GET[$param])) { | 503 | if (!empty($_GET[$param])) { |
| 504 | $redir .= '&' . $param . '=' . urlencode($_GET[$param]); | 504 | $redir .= '&' . $param . '=' . urlencode($_GET[$param]); |
| @@ -569,7 +569,7 @@ function tokenOk($token) | |||
| 569 | // This RSS feed cannot be filtered. | 569 | // This RSS feed cannot be filtered. |
| 570 | function showDailyRSS() { | 570 | function showDailyRSS() { |
| 571 | // Cache system | 571 | // Cache system |
| 572 | $query = $_SERVER["QUERY_STRING"]; | 572 | $query = $_SERVER['QUERY_STRING']; |
| 573 | $cache = new CachedPage( | 573 | $cache = new CachedPage( |
| 574 | $GLOBALS['config']['PAGECACHE'], | 574 | $GLOBALS['config']['PAGECACHE'], |
| 575 | page_url($_SERVER), | 575 | page_url($_SERVER), |
| @@ -823,12 +823,15 @@ function renderPage() | |||
| 823 | if ($GLOBALS['config']['OPEN_SHAARLI']) { header('Location: ?'); exit; } // No need to login for open Shaarli | 823 | if ($GLOBALS['config']['OPEN_SHAARLI']) { header('Location: ?'); exit; } // No need to login for open Shaarli |
| 824 | $token=''; if (ban_canLogin()) $token=getToken(); // Do not waste token generation if not useful. | 824 | $token=''; if (ban_canLogin()) $token=getToken(); // Do not waste token generation if not useful. |
| 825 | $PAGE->assign('token',$token); | 825 | $PAGE->assign('token',$token); |
| 826 | if (isset($_GET['username'])) { | ||
| 827 | $PAGE->assign('username', escape($_GET['username'])); | ||
| 828 | } | ||
| 826 | $PAGE->assign('returnurl',(isset($_SERVER['HTTP_REFERER']) ? escape($_SERVER['HTTP_REFERER']):'')); | 829 | $PAGE->assign('returnurl',(isset($_SERVER['HTTP_REFERER']) ? escape($_SERVER['HTTP_REFERER']):'')); |
| 827 | $PAGE->renderPage('loginform'); | 830 | $PAGE->renderPage('loginform'); |
| 828 | exit; | 831 | exit; |
| 829 | } | 832 | } |
| 830 | // -------- User wants to logout. | 833 | // -------- User wants to logout. |
| 831 | if (isset($_SERVER["QUERY_STRING"]) && startswith($_SERVER["QUERY_STRING"],'do=logout')) | 834 | if (isset($_SERVER['QUERY_STRING']) && startsWith($_SERVER['QUERY_STRING'], 'do=logout')) |
| 832 | { | 835 | { |
| 833 | invalidateCaches($GLOBALS['config']['PAGECACHE']); | 836 | invalidateCaches($GLOBALS['config']['PAGECACHE']); |
| 834 | logout(); | 837 | logout(); |
| @@ -1077,12 +1080,6 @@ function renderPage() | |||
| 1077 | exit; | 1080 | exit; |
| 1078 | } | 1081 | } |
| 1079 | 1082 | ||
| 1080 | // Same case as above except that user tried to access ?do=addlink without being logged in | ||
| 1081 | // Note: passing empty parameters makes Shaarli generate default URLs and descriptions. | ||
| 1082 | if (isset($_GET['do']) && $_GET['do'] === 'addlink') { | ||
| 1083 | header('Location: ?do=login&post='); | ||
| 1084 | exit; | ||
| 1085 | } | ||
| 1086 | showLinkList($PAGE, $LINKSDB); | 1083 | showLinkList($PAGE, $LINKSDB); |
| 1087 | if (isset($_GET['edit_link'])) { | 1084 | if (isset($_GET['edit_link'])) { |
| 1088 | header('Location: ?do=login&edit_link='. escape($_GET['edit_link'])); | 1085 | header('Location: ?do=login&edit_link='. escape($_GET['edit_link'])); |
| @@ -1506,7 +1503,7 @@ function renderPage() | |||
| 1506 | } | 1503 | } |
| 1507 | 1504 | ||
| 1508 | // -------- User is uploading a file for import | 1505 | // -------- User is uploading a file for import |
| 1509 | if (isset($_SERVER["QUERY_STRING"]) && startswith($_SERVER["QUERY_STRING"],'do=upload')) | 1506 | if (isset($_SERVER['QUERY_STRING']) && startsWith($_SERVER['QUERY_STRING'], 'do=upload')) |
| 1510 | { | 1507 | { |
| 1511 | // If file is too big, some form field may be missing. | 1508 | // If file is too big, some form field may be missing. |
| 1512 | if (!isset($_POST['token']) || (!isset($_FILES)) || (isset($_FILES['filetoupload']['size']) && $_FILES['filetoupload']['size']==0)) | 1509 | if (!isset($_POST['token']) || (!isset($_FILES)) || (isset($_FILES['filetoupload']['size']) && $_FILES['filetoupload']['size']==0)) |
| @@ -1608,7 +1605,7 @@ function importFile($LINKSDB) | |||
| 1608 | { | 1605 | { |
| 1609 | $link = array('linkdate'=>'','title'=>'','url'=>'','description'=>'','tags'=>'','private'=>0); | 1606 | $link = array('linkdate'=>'','title'=>'','url'=>'','description'=>'','tags'=>'','private'=>0); |
| 1610 | $d = explode('<DD>',$html); | 1607 | $d = explode('<DD>',$html); |
| 1611 | if (startswith($d[0],'<A ')) | 1608 | if (startsWith($d[0], '<A ')) |
| 1612 | { | 1609 | { |
| 1613 | $link['description'] = (isset($d[1]) ? html_entity_decode(trim($d[1]),ENT_QUOTES,'UTF-8') : ''); // Get description (optional) | 1610 | $link['description'] = (isset($d[1]) ? html_entity_decode(trim($d[1]),ENT_QUOTES,'UTF-8') : ''); // Get description (optional) |
| 1614 | preg_match('!<A .*?>(.*?)</A>!i',$d[0],$matches); $link['title'] = (isset($matches[1]) ? trim($matches[1]) : ''); // Get title | 1611 | preg_match('!<A .*?>(.*?)</A>!i',$d[0],$matches); $link['title'] = (isset($matches[1]) ? trim($matches[1]) : ''); // Get title |
| @@ -2078,7 +2075,7 @@ function genThumbnail() | |||
| 2078 | 2075 | ||
| 2079 | // Is this a link to an image, or to a flickr page ? | 2076 | // Is this a link to an image, or to a flickr page ? |
| 2080 | $imageurl=''; | 2077 | $imageurl=''; |
| 2081 | if (endswith(parse_url($url,PHP_URL_PATH),'.jpg')) | 2078 | if (endsWith(parse_url($url, PHP_URL_PATH), '.jpg')) |
| 2082 | { // This is a direct link to an image. e.g. http://farm1.staticflickr.com/5/5921913_ac83ed27bd_o.jpg | 2079 | { // This is a direct link to an image. e.g. http://farm1.staticflickr.com/5/5921913_ac83ed27bd_o.jpg |
| 2083 | preg_match('!(http://farm\d+\.staticflickr\.com/\d+/\d+_\w+_)\w.jpg!',$url,$matches); | 2080 | preg_match('!(http://farm\d+\.staticflickr\.com/\d+/\d+_\w+_)\w.jpg!',$url,$matches); |
| 2084 | if (!empty($matches[1])) $imageurl=$matches[1].'m.jpg'; | 2081 | if (!empty($matches[1])) $imageurl=$matches[1].'m.jpg'; |
| @@ -2255,8 +2252,8 @@ function resizeImage($filepath) | |||
| 2255 | return true; | 2252 | return true; |
| 2256 | } | 2253 | } |
| 2257 | 2254 | ||
| 2258 | if (isset($_SERVER["QUERY_STRING"]) && startswith($_SERVER["QUERY_STRING"],'do=genthumbnail')) { genThumbnail(); exit; } // Thumbnail generation/cache does not need the link database. | 2255 | if (isset($_SERVER['QUERY_STRING']) && startsWith($_SERVER['QUERY_STRING'], 'do=genthumbnail')) { genThumbnail(); exit; } // Thumbnail generation/cache does not need the link database. |
| 2259 | if (isset($_SERVER["QUERY_STRING"]) && startswith($_SERVER["QUERY_STRING"],'do=dailyrss')) { showDailyRSS(); exit; } | 2256 | if (isset($_SERVER['QUERY_STRING']) && startsWith($_SERVER['QUERY_STRING'], 'do=dailyrss')) { showDailyRSS(); exit; } |
| 2260 | if (!isset($_SESSION['LINKS_PER_PAGE'])) $_SESSION['LINKS_PER_PAGE']=$GLOBALS['config']['LINKS_PER_PAGE']; | 2257 | if (!isset($_SESSION['LINKS_PER_PAGE'])) $_SESSION['LINKS_PER_PAGE']=$GLOBALS['config']['LINKS_PER_PAGE']; |
| 2261 | renderPage(); | 2258 | renderPage(); |
| 2262 | ?> | 2259 | ?> |