1 files changed, 16 insertions, 11 deletions
diff --git a/index.php b/index.php
index c87b9449..066058e6 100644
--- a/index.php
+++ b/index.php
@@ -178,13 +178,14 @@ function checkphpversion()
 function checkUpdate()
 {
    if (!isLoggedIn()) return ''; // Do not check versions for visitors.
+    if (empty($GLOBALS['config']['ENABLE_UPDATECHECK'])) return ''; // Do not check if the user doesn't want to.
    // Get latest version number at most once a day.
    if (!is_file($GLOBALS['config']['UPDATECHECK_FILENAME']) || (filemtime($GLOBALS['config']['UPDATECHECK_FILENAME'])<time()-($GLOBALS['config']['UPDATECHECK_INTERVAL'])))
    {
        $version=shaarli_version;
-        list($httpstatus,$headers,$data) = getHTTP('https://raw.githubusercontent.com/shaarli/Shaarli/master/shaarli_version.txt',2);
+        list($httpstatus,$headers,$data) = getHTTP('https://raw.githubusercontent.com/shaarli/Shaarli/master/shaarli_version.php',2);
-        if (strpos($httpstatus,'200 OK')!==false) $version=$data;
+        if (strpos($httpstatus,'200 OK')!==false) $version=str_replace(' */ ?>','',str_replace('<?php /* ','',$data));
        // If failed, never mind. We don't want to bother the user with that.
        file_put_contents($GLOBALS['config']['UPDATECHECK_FILENAME'],$version); // touch file date
    }
@@ -1462,6 +1463,7 @@ function renderPage()
            $GLOBALS['disablejquery']=!empty($_POST['disablejquery']);
            $GLOBALS['privateLinkByDefault']=!empty($_POST['privateLinkByDefault']);
            $GLOBALS['config']['ENABLE_RSS_PERMALINKS']= !empty($_POST['enableRssPermalinks']);
+            $GLOBALS['config']['ENABLE_UPDATECHECK'] = !empty($_POST['updateCheck']);
            writeConfig();
            echo '<script>alert("Configuration was saved.");document.location=\'?do=tools\';</script>';
            exit;
@@ -1558,6 +1560,7 @@ function renderPage()
        if (isset($_GET['source']) && $_GET['source']=='bookmarklet') { echo '<script>self.close();</script>'; exit; }
        $returnurl = ( isset($_POST['returnurl']) ? $_POST['returnurl'] : '?' );
        $returnurl .= '#'.smallHash($linkdate);  // Scroll to the link which has been edited.
+        if (strstr($returnurl, "do=addlink")) { $returnurl = '?'; } //if we come from ?do=addlink, set returnurl to homepage instead
        header('Location: '.$returnurl); // After saving the link, redirect to the page the user was on.
        exit;
    }
@@ -1640,10 +1643,13 @@ function renderPage()
    {
        $url=$_GET['post'];
-        // We remove the annoying parameters added by FeedBurner and GoogleFeedProxy (?utm_source=...)
-        $i=strpos($url,'&utm_source='); if ($i!==false) $url=substr($url,0,$i);
+        // We remove the annoying parameters added by FeedBurner, GoogleFeedProxy, Facebook...
-        $i=strpos($url,'?utm_source='); if ($i!==false) $url=substr($url,0,$i);
+        $annoyingpatterns = array('/[\?&]utm_source=[^&]*/', '/[\?&]utm_campaign=[^&]*/', '/[\?&]utm_medium=[^&]*/', '/#xtor=RSS-[^&]*/', '/[\?&]fb_[^&]*/', '/[\?&]__scoop[^&]*/', '/#tk\.rss_all\?/', '/[\?&]action_ref_map=[^&]*/', '/[\?&]action_type_map=[^&]*/', '/[\?&]action_object_map=[^&]*/');
-        $i=strpos($url,'#xtor=RSS-'); if ($i!==false) $url=substr($url,0,$i);
+        foreach($annoyingpatterns as $pattern)
+        {
+            $url = preg_replace($pattern, "", $url);
+        }
        $link_is_new = false;
        $link = $LINKSDB->getLinkFromUrl($url); // Check if URL is not already in database (in this case, we will edit the existing link)
@@ -2123,11 +2129,8 @@ function lazyThumbnail($url,$href=false)
    $html='<a href="'.htmlspecialchars($t['href']).'">';
-    // Lazy image (only loaded by JavaScript when in the viewport).
+    // Lazy image
-    if (!empty($GLOBALS['disablejquery'])) // (except if jQuery is disabled)
+    $html.='<img class="b-lazy" src="#" data-src="'.htmlspecialchars($t['src']).'"';
-        $html.='<img class="lazyimage" src="'.htmlspecialchars($t['src']).'"';
-    else
-        $html.='<img class="lazyimage" src="#" data-original="'.htmlspecialchars($t['src']).'"';
    if (!empty($t['width']))  $html.=' width="'.htmlspecialchars($t['width']).'"';
    if (!empty($t['height'])) $html.=' height="'.htmlspecialchars($t['height']).'"';
@@ -2191,6 +2194,7 @@ function install()
        $GLOBALS['salt'] = sha1(uniqid('',true).'_'.mt_rand()); // Salt renders rainbow-tables attacks useless.
        $GLOBALS['hash'] = sha1($_POST['setpassword'].$GLOBALS['login'].$GLOBALS['salt']);
        $GLOBALS['title'] = (empty($_POST['title']) ? 'Shared links on '.htmlspecialchars(indexUrl()) : $_POST['title'] );
+        $GLOBALS['config']['ENABLE_UPDATECHECK'] = !empty($_POST['updateCheck']);
        writeConfig();
        echo '<script>alert("Shaarli is now configured. Please enter your login/password and start shaaring your links!");document.location=\'?do=login\';</script>';
        exit;
@@ -2359,6 +2363,7 @@ function writeConfig()
    $config .= '$GLOBALS[\'disablejquery\']='.var_export($GLOBALS['disablejquery'],true).'; ';
    $config .= '$GLOBALS[\'privateLinkByDefault\']='.var_export($GLOBALS['privateLinkByDefault'],true).'; ';
    $config .= '$GLOBALS[\'config\'][\'ENABLE_RSS_PERMALINKS\']='.var_export($GLOBALS['config']['ENABLE_RSS_PERMALINKS'], true).'; ';
+    $config .= '$GLOBALS[\'config\'][\'ENABLE_UPDATECHECK\']='.var_export($GLOBALS['config']['ENABLE_UPDATECHECK'], true).'; ';
    $config .= ' ?>';
    if (!file_put_contents($GLOBALS['config']['CONFIG_FILE'],$config) || strcmp(file_get_contents($GLOBALS['config']['CONFIG_FILE']),$config)!=0)
    {

diff --git a/index.php b/index.php index c87b9449..066058e6 100644 --- a/index.php +++ b/index.php
@@ -178,13 +178,14 @@ function checkphpversion()
178	function checkUpdate()	178	function checkUpdate()
179	{	179	{
180	if (!isLoggedIn()) return ''; // Do not check versions for visitors.	180	if (!isLoggedIn()) return ''; // Do not check versions for visitors.
		181	if (empty($GLOBALS['config']['ENABLE_UPDATECHECK'])) return ''; // Do not check if the user doesn't want to.
181		182
182	// Get latest version number at most once a day.	183	// Get latest version number at most once a day.
183	if (!is_file($GLOBALS['config']['UPDATECHECK_FILENAME']) \|\| (filemtime($GLOBALS['config']['UPDATECHECK_FILENAME'])<time()-($GLOBALS['config']['UPDATECHECK_INTERVAL'])))	184	if (!is_file($GLOBALS['config']['UPDATECHECK_FILENAME']) \|\| (filemtime($GLOBALS['config']['UPDATECHECK_FILENAME'])<time()-($GLOBALS['config']['UPDATECHECK_INTERVAL'])))
184	{	185	{
185	$version=shaarli_version;	186	$version=shaarli_version;
186	list($httpstatus,$headers,$data) = getHTTP('https://raw.githubusercontent.com/shaarli/Shaarli/master/shaarli_version.txt',2);	187	list($httpstatus,$headers,$data) = getHTTP('https://raw.githubusercontent.com/shaarli/Shaarli/master/shaarli_version.php',2);
187	if (strpos($httpstatus,'200 OK')!==false) $version=$data;	188	if (strpos($httpstatus,'200 OK')!==false) $version=str_replace(' / ?>','',str_replace('<?php / ','',$data));
188	// If failed, never mind. We don't want to bother the user with that.	189	// If failed, never mind. We don't want to bother the user with that.
189	file_put_contents($GLOBALS['config']['UPDATECHECK_FILENAME'],$version); // touch file date	190	file_put_contents($GLOBALS['config']['UPDATECHECK_FILENAME'],$version); // touch file date
190	}	191	}
@@ -1462,6 +1463,7 @@ function renderPage()
1462	$GLOBALS['disablejquery']=!empty($_POST['disablejquery']);	1463	$GLOBALS['disablejquery']=!empty($_POST['disablejquery']);
1463	$GLOBALS['privateLinkByDefault']=!empty($_POST['privateLinkByDefault']);	1464	$GLOBALS['privateLinkByDefault']=!empty($_POST['privateLinkByDefault']);
1464	$GLOBALS['config']['ENABLE_RSS_PERMALINKS']= !empty($_POST['enableRssPermalinks']);	1465	$GLOBALS['config']['ENABLE_RSS_PERMALINKS']= !empty($_POST['enableRssPermalinks']);
		1466	$GLOBALS['config']['ENABLE_UPDATECHECK'] = !empty($_POST['updateCheck']);
1465	writeConfig();	1467	writeConfig();
1466	echo '<script>alert("Configuration was saved.");document.location=\'?do=tools\';</script>';	1468	echo '<script>alert("Configuration was saved.");document.location=\'?do=tools\';</script>';
1467	exit;	1469	exit;
@@ -1558,6 +1560,7 @@ function renderPage()
1558	if (isset($_GET['source']) && $_GET['source']=='bookmarklet') { echo '<script>self.close();</script>'; exit; }	1560	if (isset($_GET['source']) && $_GET['source']=='bookmarklet') { echo '<script>self.close();</script>'; exit; }
1559	$returnurl = ( isset($_POST['returnurl']) ? $_POST['returnurl'] : '?' );	1561	$returnurl = ( isset($_POST['returnurl']) ? $_POST['returnurl'] : '?' );
1560	$returnurl .= '#'.smallHash($linkdate); // Scroll to the link which has been edited.	1562	$returnurl .= '#'.smallHash($linkdate); // Scroll to the link which has been edited.
		1563	if (strstr($returnurl, "do=addlink")) { $returnurl = '?'; } //if we come from ?do=addlink, set returnurl to homepage instead
1561	header('Location: '.$returnurl); // After saving the link, redirect to the page the user was on.	1564	header('Location: '.$returnurl); // After saving the link, redirect to the page the user was on.
1562	exit;	1565	exit;
1563	}	1566	}
@@ -1640,10 +1643,13 @@ function renderPage()
1640	{	1643	{
1641	$url=$_GET['post'];	1644	$url=$_GET['post'];
1642		1645
1643	// We remove the annoying parameters added by FeedBurner and GoogleFeedProxy (?utm_source=...)	1646
1644	$i=strpos($url,'&utm_source='); if ($i!==false) $url=substr($url,0,$i);	1647	// We remove the annoying parameters added by FeedBurner, GoogleFeedProxy, Facebook...
1645	$i=strpos($url,'?utm_source='); if ($i!==false) $url=substr($url,0,$i);	1648	$annoyingpatterns = array('/[\?&]utm_source=[^&]/', '/[\?&]utm_campaign=[^&]/', '/[\?&]utm_medium=[^&]/', '/#xtor=RSS-[^&]/', '/[\?&]fb_[^&]/', '/[\?&]__scoop[^&]/', '/#tk\.rss_all\?/', '/[\?&]action_ref_map=[^&]/', '/[\?&]action_type_map=[^&]/', '/[\?&]action_object_map=[^&]*/');
1646	$i=strpos($url,'#xtor=RSS-'); if ($i!==false) $url=substr($url,0,$i);	1649	foreach($annoyingpatterns as $pattern)
		1650	{
		1651	$url = preg_replace($pattern, "", $url);
		1652	}
1647		1653
1648	$link_is_new = false;	1654	$link_is_new = false;
1649	$link = $LINKSDB->getLinkFromUrl($url); // Check if URL is not already in database (in this case, we will edit the existing link)	1655	$link = $LINKSDB->getLinkFromUrl($url); // Check if URL is not already in database (in this case, we will edit the existing link)
@@ -2123,11 +2129,8 @@ function lazyThumbnail($url,$href=false)
2123		2129
2124	$html='<a href="'.htmlspecialchars($t['href']).'">';	2130	$html='<a href="'.htmlspecialchars($t['href']).'">';
2125		2131
2126	// Lazy image (only loaded by JavaScript when in the viewport).	2132	// Lazy image
2127	if (!empty($GLOBALS['disablejquery'])) // (except if jQuery is disabled)	2133	$html.='<img class="b-lazy" src="#" data-src="'.htmlspecialchars($t['src']).'"';
2128	$html.='<img class="lazyimage" src="'.htmlspecialchars($t['src']).'"';
2129	else
2130	$html.='<img class="lazyimage" src="#" data-original="'.htmlspecialchars($t['src']).'"';
2131		2134
2132	if (!empty($t['width'])) $html.=' width="'.htmlspecialchars($t['width']).'"';	2135	if (!empty($t['width'])) $html.=' width="'.htmlspecialchars($t['width']).'"';
2133	if (!empty($t['height'])) $html.=' height="'.htmlspecialchars($t['height']).'"';	2136	if (!empty($t['height'])) $html.=' height="'.htmlspecialchars($t['height']).'"';
@@ -2191,6 +2194,7 @@ function install()
2191	$GLOBALS['salt'] = sha1(uniqid('',true).'_'.mt_rand()); // Salt renders rainbow-tables attacks useless.	2194	$GLOBALS['salt'] = sha1(uniqid('',true).'_'.mt_rand()); // Salt renders rainbow-tables attacks useless.
2192	$GLOBALS['hash'] = sha1($_POST['setpassword'].$GLOBALS['login'].$GLOBALS['salt']);	2195	$GLOBALS['hash'] = sha1($_POST['setpassword'].$GLOBALS['login'].$GLOBALS['salt']);
2193	$GLOBALS['title'] = (empty($_POST['title']) ? 'Shared links on '.htmlspecialchars(indexUrl()) : $_POST['title'] );	2196	$GLOBALS['title'] = (empty($_POST['title']) ? 'Shared links on '.htmlspecialchars(indexUrl()) : $_POST['title'] );
		2197	$GLOBALS['config']['ENABLE_UPDATECHECK'] = !empty($_POST['updateCheck']);
2194	writeConfig();	2198	writeConfig();
2195	echo '<script>alert("Shaarli is now configured. Please enter your login/password and start shaaring your links!");document.location=\'?do=login\';</script>';	2199	echo '<script>alert("Shaarli is now configured. Please enter your login/password and start shaaring your links!");document.location=\'?do=login\';</script>';
2196	exit;	2200	exit;
@@ -2359,6 +2363,7 @@ function writeConfig()
2359	$config .= '$GLOBALS[\'disablejquery\']='.var_export($GLOBALS['disablejquery'],true).'; ';	2363	$config .= '$GLOBALS[\'disablejquery\']='.var_export($GLOBALS['disablejquery'],true).'; ';
2360	$config .= '$GLOBALS[\'privateLinkByDefault\']='.var_export($GLOBALS['privateLinkByDefault'],true).'; ';	2364	$config .= '$GLOBALS[\'privateLinkByDefault\']='.var_export($GLOBALS['privateLinkByDefault'],true).'; ';
2361	$config .= '$GLOBALS[\'config\'][\'ENABLE_RSS_PERMALINKS\']='.var_export($GLOBALS['config']['ENABLE_RSS_PERMALINKS'], true).'; ';	2365	$config .= '$GLOBALS[\'config\'][\'ENABLE_RSS_PERMALINKS\']='.var_export($GLOBALS['config']['ENABLE_RSS_PERMALINKS'], true).'; ';
		2366	$config .= '$GLOBALS[\'config\'][\'ENABLE_UPDATECHECK\']='.var_export($GLOBALS['config']['ENABLE_UPDATECHECK'], true).'; ';
2362	$config .= ' ?>';	2367	$config .= ' ?>';
2363	if (!file_put_contents($GLOBALS['config']['CONFIG_FILE'],$config) \|\| strcmp(file_get_contents($GLOBALS['config']['CONFIG_FILE']),$config)!=0)	2368	if (!file_put_contents($GLOBALS['config']['CONFIG_FILE'],$config) \|\| strcmp(file_get_contents($GLOBALS['config']['CONFIG_FILE']),$config)!=0)
2364	{	2369	{