aboutsummaryrefslogtreecommitdiffhomepage
path: root/index.php
diff options
context:
space:
mode:
Diffstat (limited to 'index.php')
-rw-r--r--index.php33
1 files changed, 17 insertions, 16 deletions
diff --git a/index.php b/index.php
index 8b5ba334..d48e388e 100644
--- a/index.php
+++ b/index.php
@@ -430,7 +430,7 @@ if (isset($_POST['login']))
430 ban_loginFailed(); 430 ban_loginFailed();
431 $redir = ''; 431 $redir = '';
432 if (isset($_GET['post'])) { $redir = '&post='.urlencode($_GET['post']).(!empty($_GET['title'])?'&title='.urlencode($_GET['title']):'').(!empty($_GET['description'])?'&description='.urlencode($_GET['description']):'').(!empty($_GET['source'])?'&source='.urlencode($_GET['source']):''); } 432 if (isset($_GET['post'])) { $redir = '&post='.urlencode($_GET['post']).(!empty($_GET['title'])?'&title='.urlencode($_GET['title']):'').(!empty($_GET['description'])?'&description='.urlencode($_GET['description']):'').(!empty($_GET['source'])?'&source='.urlencode($_GET['source']):''); }
433 echo '<script language="JavaScript">alert("Wrong login/password.");document.location=\'?do=login'.$redir.'\';</script>'; // Redirect to login screen. 433 echo '<script>alert("Wrong login/password.");document.location=\'?do=login'.$redir.'\';</script>'; // Redirect to login screen.
434 exit; 434 exit;
435 } 435 }
436} 436}
@@ -1151,6 +1151,7 @@ function showDaily()
1151 $linksToDisplay[$key]['taglist']=$taglist; 1151 $linksToDisplay[$key]['taglist']=$taglist;
1152 $linksToDisplay[$key]['formatedDescription']=nl2br(keepMultipleSpaces(text2clickable(htmlspecialchars($link['description'])))); 1152 $linksToDisplay[$key]['formatedDescription']=nl2br(keepMultipleSpaces(text2clickable(htmlspecialchars($link['description']))));
1153 $linksToDisplay[$key]['thumbnail'] = thumbnail($link['url']); 1153 $linksToDisplay[$key]['thumbnail'] = thumbnail($link['url']);
1154 $linksToDisplay[$key]['localdate'] = linkdate2locale($link['linkdate']);
1154 } 1155 }
1155 1156
1156 /* We need to spread the articles on 3 columns. 1157 /* We need to spread the articles on 3 columns.
@@ -1387,12 +1388,12 @@ function renderPage()
1387 1388
1388 // Make sure old password is correct. 1389 // Make sure old password is correct.
1389 $oldhash = sha1($_POST['oldpassword'].$GLOBALS['login'].$GLOBALS['salt']); 1390 $oldhash = sha1($_POST['oldpassword'].$GLOBALS['login'].$GLOBALS['salt']);
1390 if ($oldhash!=$GLOBALS['hash']) { echo '<script language="JavaScript">alert("The old password is not correct.");document.location=\'?do=changepasswd\';</script>'; exit; } 1391 if ($oldhash!=$GLOBALS['hash']) { echo '<script>alert("The old password is not correct.");document.location=\'?do=changepasswd\';</script>'; exit; }
1391 // Save new password 1392 // Save new password
1392 $GLOBALS['salt'] = sha1(uniqid('',true).'_'.mt_rand()); // Salt renders rainbow-tables attacks useless. 1393 $GLOBALS['salt'] = sha1(uniqid('',true).'_'.mt_rand()); // Salt renders rainbow-tables attacks useless.
1393 $GLOBALS['hash'] = sha1($_POST['setpassword'].$GLOBALS['login'].$GLOBALS['salt']); 1394 $GLOBALS['hash'] = sha1($_POST['setpassword'].$GLOBALS['login'].$GLOBALS['salt']);
1394 writeConfig(); 1395 writeConfig();
1395 echo '<script language="JavaScript">alert("Your password has been changed.");document.location=\'?do=tools\';</script>'; 1396 echo '<script>alert("Your password has been changed.");document.location=\'?do=tools\';</script>';
1396 exit; 1397 exit;
1397 } 1398 }
1398 else // show the change password form. 1399 else // show the change password form.
@@ -1423,7 +1424,7 @@ function renderPage()
1423 $GLOBALS['disablejquery']=!empty($_POST['disablejquery']); 1424 $GLOBALS['disablejquery']=!empty($_POST['disablejquery']);
1424 $GLOBALS['privateLinkByDefault']=!empty($_POST['privateLinkByDefault']); 1425 $GLOBALS['privateLinkByDefault']=!empty($_POST['privateLinkByDefault']);
1425 writeConfig(); 1426 writeConfig();
1426 echo '<script language="JavaScript">alert("Configuration was saved.");document.location=\'?do=tools\';</script>'; 1427 echo '<script>alert("Configuration was saved.");document.location=\'?do=tools\';</script>';
1427 exit; 1428 exit;
1428 } 1429 }
1429 else // Show the configuration form. 1430 else // Show the configuration form.
@@ -1467,7 +1468,7 @@ function renderPage()
1467 $LINKSDB[$key]=$value; 1468 $LINKSDB[$key]=$value;
1468 } 1469 }
1469 $LINKSDB->savedb(); // Save to disk. 1470 $LINKSDB->savedb(); // Save to disk.
1470 echo '<script language="JavaScript">alert("Tag was removed from '.count($linksToAlter).' links.");document.location=\'?\';</script>'; 1471 echo '<script>alert("Tag was removed from '.count($linksToAlter).' links.");document.location=\'?\';</script>';
1471 exit; 1472 exit;
1472 } 1473 }
1473 1474
@@ -1484,7 +1485,7 @@ function renderPage()
1484 $LINKSDB[$key]=$value; 1485 $LINKSDB[$key]=$value;
1485 } 1486 }
1486 $LINKSDB->savedb(); // Save to disk. 1487 $LINKSDB->savedb(); // Save to disk.
1487 echo '<script language="JavaScript">alert("Tag was renamed in '.count($linksToAlter).' links.");document.location=\'?searchtags='.urlencode($_POST['totag']).'\';</script>'; 1488 echo '<script>alert("Tag was renamed in '.count($linksToAlter).' links.");document.location=\'?searchtags='.urlencode($_POST['totag']).'\';</script>';
1488 exit; 1489 exit;
1489 } 1490 }
1490 } 1491 }
@@ -1515,7 +1516,7 @@ function renderPage()
1515 pubsubhub(); 1516 pubsubhub();
1516 1517
1517 // If we are called from the bookmarklet, we must close the popup: 1518 // If we are called from the bookmarklet, we must close the popup:
1518 if (isset($_GET['source']) && $_GET['source']=='bookmarklet') { echo '<script language="JavaScript">self.close();</script>'; exit; } 1519 if (isset($_GET['source']) && $_GET['source']=='bookmarklet') { echo '<script>self.close();</script>'; exit; }
1519 $returnurl = ( isset($_POST['returnurl']) ? $_POST['returnurl'] : '?' ); 1520 $returnurl = ( isset($_POST['returnurl']) ? $_POST['returnurl'] : '?' );
1520 $returnurl .= '#'.smallHash($linkdate); // Scroll to the link which has been edited. 1521 $returnurl .= '#'.smallHash($linkdate); // Scroll to the link which has been edited.
1521 header('Location: '.$returnurl); // After saving the link, redirect to the page the user was on. 1522 header('Location: '.$returnurl); // After saving the link, redirect to the page the user was on.
@@ -1526,7 +1527,7 @@ function renderPage()
1526 if (isset($_POST['cancel_edit'])) 1527 if (isset($_POST['cancel_edit']))
1527 { 1528 {
1528 // If we are called from the bookmarklet, we must close the popup: 1529 // If we are called from the bookmarklet, we must close the popup:
1529 if (isset($_GET['source']) && $_GET['source']=='bookmarklet') { echo '<script language="JavaScript">self.close();</script>'; exit; } 1530 if (isset($_GET['source']) && $_GET['source']=='bookmarklet') { echo '<script>self.close();</script>'; exit; }
1530 $returnurl = ( isset($_POST['returnurl']) ? $_POST['returnurl'] : '?' ); 1531 $returnurl = ( isset($_POST['returnurl']) ? $_POST['returnurl'] : '?' );
1531 $returnurl .= '#'.smallHash($_POST['lf_linkdate']); // Scroll to the link which has been edited. 1532 $returnurl .= '#'.smallHash($_POST['lf_linkdate']); // Scroll to the link which has been edited.
1532 header('Location: '.$returnurl); // After canceling, redirect to the page the user was on. 1533 header('Location: '.$returnurl); // After canceling, redirect to the page the user was on.
@@ -1545,7 +1546,7 @@ function renderPage()
1545 $LINKSDB->savedb(); // save to disk 1546 $LINKSDB->savedb(); // save to disk
1546 1547
1547 // If we are called from the bookmarklet, we must close the popup: 1548 // If we are called from the bookmarklet, we must close the popup:
1548 if (isset($_GET['source']) && $_GET['source']=='bookmarklet') { echo '<script language="JavaScript">self.close();</script>'; exit; } 1549 if (isset($_GET['source']) && $_GET['source']=='bookmarklet') { echo '<script>self.close();</script>'; exit; }
1549 header('Location: ?'); // After deleting the link, redirect to the home page. 1550 header('Location: ?'); // After deleting the link, redirect to the home page.
1550 exit; 1551 exit;
1551 } 1552 }
@@ -1681,7 +1682,7 @@ HTML;
1681 if (!isset($_POST['token']) || (!isset($_FILES)) || (isset($_FILES['filetoupload']['size']) && $_FILES['filetoupload']['size']==0)) 1682 if (!isset($_POST['token']) || (!isset($_FILES)) || (isset($_FILES['filetoupload']['size']) && $_FILES['filetoupload']['size']==0))
1682 { 1683 {
1683 $returnurl = ( empty($_SERVER['HTTP_REFERER']) ? '?' : $_SERVER['HTTP_REFERER'] ); 1684 $returnurl = ( empty($_SERVER['HTTP_REFERER']) ? '?' : $_SERVER['HTTP_REFERER'] );
1684 echo '<script language="JavaScript">alert("The file you are trying to upload is probably bigger than what this webserver can accept ('.getMaxFileSize().' bytes). Please upload in smaller chunks.");document.location=\''.htmlspecialchars($returnurl).'\';</script>'; 1685 echo '<script>alert("The file you are trying to upload is probably bigger than what this webserver can accept ('.getMaxFileSize().' bytes). Please upload in smaller chunks.");document.location=\''.htmlspecialchars($returnurl).'\';</script>';
1685 exit; 1686 exit;
1686 } 1687 }
1687 if (!tokenOk($_POST['token'])) die('Wrong token.'); 1688 if (!tokenOk($_POST['token'])) die('Wrong token.');
@@ -1785,11 +1786,11 @@ function importFile()
1785 } 1786 }
1786 $LINKSDB->savedb(); 1787 $LINKSDB->savedb();
1787 1788
1788 echo '<script language="JavaScript">alert("File '.json_encode($filename).' ('.$filesize.' bytes) was successfully processed: '.$import_count.' links imported.");document.location=\'?\';</script>'; 1789 echo '<script>alert("File '.json_encode($filename).' ('.$filesize.' bytes) was successfully processed: '.$import_count.' links imported.");document.location=\'?\';</script>';
1789 } 1790 }
1790 else 1791 else
1791 { 1792 {
1792 echo '<script language="JavaScript">alert("File '.json_encode($filename).' ('.$filesize.' bytes) has an unknown file format. Nothing was imported.");document.location=\'?\';</script>'; 1793 echo '<script>alert("File '.json_encode($filename).' ('.$filesize.' bytes) has an unknown file format. Nothing was imported.");document.location=\'?\';</script>';
1793 } 1794 }
1794} 1795}
1795 1796
@@ -2123,13 +2124,13 @@ function install()
2123 $GLOBALS['hash'] = sha1($_POST['setpassword'].$GLOBALS['login'].$GLOBALS['salt']); 2124 $GLOBALS['hash'] = sha1($_POST['setpassword'].$GLOBALS['login'].$GLOBALS['salt']);
2124 $GLOBALS['title'] = (empty($_POST['title']) ? 'Shared links on '.htmlspecialchars(indexUrl()) : $_POST['title'] ); 2125 $GLOBALS['title'] = (empty($_POST['title']) ? 'Shared links on '.htmlspecialchars(indexUrl()) : $_POST['title'] );
2125 writeConfig(); 2126 writeConfig();
2126 echo '<script language="JavaScript">alert("Shaarli is now configured. Please enter your login/password and start shaaring your links!");document.location=\'?do=login\';</script>'; 2127 echo '<script>alert("Shaarli is now configured. Please enter your login/password and start shaaring your links!");document.location=\'?do=login\';</script>';
2127 exit; 2128 exit;
2128 } 2129 }
2129 2130
2130 // Display config form: 2131 // Display config form:
2131 list($timezone_form,$timezone_js) = templateTZform(); 2132 list($timezone_form,$timezone_js) = templateTZform();
2132 $timezone_html=''; if ($timezone_form!='') $timezone_html='<tr><td valign="top"><b>Timezone:</b></td><td>'.$timezone_form.'</td></tr>'; 2133 $timezone_html=''; if ($timezone_form!='') $timezone_html='<tr><td><b>Timezone:</b></td><td>'.$timezone_form.'</td></tr>';
2133 2134
2134 $PAGE = new pageBuilder; 2135 $PAGE = new pageBuilder;
2135 $PAGE->assign('timezone_html',$timezone_html); 2136 $PAGE->assign('timezone_html',$timezone_html);
@@ -2177,7 +2178,7 @@ function templateTZform($ptz=false)
2177 $cities_html = $cities[$pcontinent]; 2178 $cities_html = $cities[$pcontinent];
2178 $timezone_form = "Continent: <select name=\"continent\" id=\"continent\" onChange=\"onChangecontinent();\">${continents_html}</select>"; 2179 $timezone_form = "Continent: <select name=\"continent\" id=\"continent\" onChange=\"onChangecontinent();\">${continents_html}</select>";
2179 $timezone_form .= "&nbsp;&nbsp;&nbsp;&nbsp;City: <select name=\"city\" id=\"city\">${cities[$pcontinent]}</select><br />"; 2180 $timezone_form .= "&nbsp;&nbsp;&nbsp;&nbsp;City: <select name=\"city\" id=\"city\">${cities[$pcontinent]}</select><br />";
2180 $timezone_js = "<script language=\"JavaScript\">"; 2181 $timezone_js = "<script>";
2181 $timezone_js .= "function onChangecontinent(){document.getElementById(\"city\").innerHTML = citiescontinent[document.getElementById(\"continent\").value];}"; 2182 $timezone_js .= "function onChangecontinent(){document.getElementById(\"city\").innerHTML = citiescontinent[document.getElementById(\"continent\").value];}";
2182 $timezone_js .= "var citiescontinent = ".json_encode($cities).";" ; 2183 $timezone_js .= "var citiescontinent = ".json_encode($cities).";" ;
2183 $timezone_js .= "</script>" ; 2184 $timezone_js .= "</script>" ;
@@ -2292,7 +2293,7 @@ function writeConfig()
2292 $config .= ' ?>'; 2293 $config .= ' ?>';
2293 if (!file_put_contents($GLOBALS['config']['CONFIG_FILE'],$config) || strcmp(file_get_contents($GLOBALS['config']['CONFIG_FILE']),$config)!=0) 2294 if (!file_put_contents($GLOBALS['config']['CONFIG_FILE'],$config) || strcmp(file_get_contents($GLOBALS['config']['CONFIG_FILE']),$config)!=0)
2294 { 2295 {
2295 echo '<script language="JavaScript">alert("Shaarli could not create the config file. Please make sure Shaarli has the right to write in the folder is it installed in.");document.location=\'?\';</script>'; 2296 echo '<script>alert("Shaarli could not create the config file. Please make sure Shaarli has the right to write in the folder is it installed in.");document.location=\'?\';</script>';
2296 exit; 2297 exit;
2297 } 2298 }
2298} 2299}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-28 03:25:59 +0000