diff options
author | Nicolas Lœuillet <nicolas@loeuillet.org> | 2015-01-20 07:40:39 +0100 |
---|---|---|
committer | Nicolas Lœuillet <nicolas@loeuillet.org> | 2015-01-20 07:40:39 +0100 |
commit | 6ad93dff69d7c2beb2196e73f641e6484fccbeb7 (patch) | |
tree | 12430b858be2a41029fc11d1afa1fa2a120b96f9 /inc/poche/Poche.class.php | |
parent | c78c1a3f08815aab99752026ccdf1dcf63cf43c1 (diff) | |
download | wallabag-6ad93dff69d7c2beb2196e73f641e6484fccbeb7.tar.gz wallabag-6ad93dff69d7c2beb2196e73f641e6484fccbeb7.tar.zst wallabag-6ad93dff69d7c2beb2196e73f641e6484fccbeb7.zip |
new folders
Diffstat (limited to 'inc/poche/Poche.class.php')
-rwxr-xr-x | inc/poche/Poche.class.php | 859 |
1 files changed, 0 insertions, 859 deletions
diff --git a/inc/poche/Poche.class.php b/inc/poche/Poche.class.php deleted file mode 100755 index 8b0d3a19..00000000 --- a/inc/poche/Poche.class.php +++ /dev/null | |||
@@ -1,859 +0,0 @@ | |||
1 | <?php | ||
2 | /** | ||
3 | * wallabag, self hostable application allowing you to not miss any content anymore | ||
4 | * | ||
5 | * @category wallabag | ||
6 | * @author Nicolas Lœuillet <nicolas@loeuillet.org> | ||
7 | * @copyright 2013 | ||
8 | * @license http://opensource.org/licenses/MIT see COPYING file | ||
9 | */ | ||
10 | |||
11 | class Poche | ||
12 | { | ||
13 | /** | ||
14 | * @var User | ||
15 | */ | ||
16 | public $user; | ||
17 | /** | ||
18 | * @var Database | ||
19 | */ | ||
20 | public $store; | ||
21 | /** | ||
22 | * @var Template | ||
23 | */ | ||
24 | public $tpl; | ||
25 | /** | ||
26 | * @var Language | ||
27 | */ | ||
28 | public $language; | ||
29 | /** | ||
30 | * @var Routing | ||
31 | */ | ||
32 | public $routing; | ||
33 | /** | ||
34 | * @var Messages | ||
35 | */ | ||
36 | public $messages; | ||
37 | /** | ||
38 | * @var Paginator | ||
39 | */ | ||
40 | public $pagination; | ||
41 | |||
42 | public function __construct() | ||
43 | { | ||
44 | $this->init(); | ||
45 | } | ||
46 | |||
47 | private function init() | ||
48 | { | ||
49 | Tools::initPhp(); | ||
50 | |||
51 | $pocheUser = Session::getParam('poche_user'); | ||
52 | |||
53 | if ($pocheUser && $pocheUser != array()) { | ||
54 | $this->user = $pocheUser; | ||
55 | } else { | ||
56 | // fake user, just for install & login screens | ||
57 | $this->user = new User(); | ||
58 | $this->user->setConfig($this->getDefaultConfig()); | ||
59 | } | ||
60 | |||
61 | $this->pagination = new Paginator($this->user->getConfigValue('pager'), 'p'); | ||
62 | $this->language = new Language($this); | ||
63 | $this->tpl = new Template($this); | ||
64 | $this->store = new Database(); | ||
65 | $this->messages = new Messages(); | ||
66 | $this->routing = new Routing($this); | ||
67 | } | ||
68 | |||
69 | public function run() | ||
70 | { | ||
71 | $this->routing->run(); | ||
72 | } | ||
73 | |||
74 | /** | ||
75 | * Creates a new user | ||
76 | */ | ||
77 | public function createNewUser($username, $password, $email = "") | ||
78 | { | ||
79 | if (!empty($username) && !empty($password)){ | ||
80 | $newUsername = filter_var($username, FILTER_SANITIZE_STRING); | ||
81 | $email = filter_var($email, FILTER_SANITIZE_STRING); | ||
82 | if (!$this->store->userExists($newUsername)){ | ||
83 | if ($this->store->install($newUsername, Tools::encodeString($password . $newUsername), $email)) { | ||
84 | Tools::logm('The new user ' . $newUsername . ' has been installed'); | ||
85 | $this->messages->add('s', sprintf(_('The new user %s has been installed. Do you want to <a href="?logout">logout ?</a>'), $newUsername)); | ||
86 | Tools::redirect(); | ||
87 | } | ||
88 | else { | ||
89 | Tools::logm('error during adding new user'); | ||
90 | Tools::redirect(); | ||
91 | } | ||
92 | } | ||
93 | else { | ||
94 | $this->messages->add('e', sprintf(_('Error : An user with the name %s already exists !'), $newUsername)); | ||
95 | Tools::logm('An user with the name ' . $newUsername . ' already exists !'); | ||
96 | Tools::redirect(); | ||
97 | } | ||
98 | } | ||
99 | } | ||
100 | |||
101 | /** | ||
102 | * Delete an existing user | ||
103 | */ | ||
104 | public function deleteUser($password) | ||
105 | { | ||
106 | if ($this->store->listUsers() > 1) { | ||
107 | if (Tools::encodeString($password . $this->user->getUsername()) == $this->store->getUserPassword($this->user->getId())) { | ||
108 | $username = $this->user->getUsername(); | ||
109 | $this->store->deleteUserConfig($this->user->getId()); | ||
110 | Tools::logm('The configuration for user '. $username .' has been deleted !'); | ||
111 | $this->store->deleteTagsEntriesAndEntries($this->user->getId()); | ||
112 | Tools::logm('The entries for user '. $username .' has been deleted !'); | ||
113 | $this->store->deleteUser($this->user->getId()); | ||
114 | Tools::logm('User '. $username .' has been completely deleted !'); | ||
115 | Session::logout(); | ||
116 | Tools::logm('logout'); | ||
117 | Tools::redirect(); | ||
118 | $this->messages->add('s', sprintf(_('User %s has been successfully deleted !'), $username)); | ||
119 | } | ||
120 | else { | ||
121 | Tools::logm('Bad password !'); | ||
122 | $this->messages->add('e', _('Error : The password is wrong !')); | ||
123 | } | ||
124 | } | ||
125 | else { | ||
126 | Tools::logm('Only user !'); | ||
127 | $this->messages->add('e', _('Error : You are the only user, you cannot delete your account !')); | ||
128 | } | ||
129 | } | ||
130 | |||
131 | public function getDefaultConfig() | ||
132 | { | ||
133 | return array( | ||
134 | 'pager' => PAGINATION, | ||
135 | 'language' => LANG, | ||
136 | 'theme' => DEFAULT_THEME | ||
137 | ); | ||
138 | } | ||
139 | |||
140 | /** | ||
141 | * Call action (mark as fav, archive, delete, etc.) | ||
142 | */ | ||
143 | public function action($action, Url $url, $id = 0, $import = FALSE, $autoclose = FALSE, $tags = null) | ||
144 | { | ||
145 | switch ($action) | ||
146 | { | ||
147 | case 'add': | ||
148 | $content = Tools::getPageContent($url); | ||
149 | $title = ($content['rss']['channel']['item']['title'] != '') ? $content['rss']['channel']['item']['title'] : _('Untitled'); | ||
150 | $body = $content['rss']['channel']['item']['description']; | ||
151 | |||
152 | // clean content from prevent xss attack | ||
153 | $purifier = $this->_getPurifier(); | ||
154 | $title = $purifier->purify($title); | ||
155 | $body = $purifier->purify($body); | ||
156 | |||
157 | //search for possible duplicate | ||
158 | $duplicate = NULL; | ||
159 | $duplicate = $this->store->retrieveOneByURL($url->getUrl(), $this->user->getId()); | ||
160 | |||
161 | $last_id = $this->store->add($url->getUrl(), $title, $body, $this->user->getId()); | ||
162 | if ( $last_id ) { | ||
163 | Tools::logm('add link ' . $url->getUrl()); | ||
164 | if (DOWNLOAD_PICTURES) { | ||
165 | $content = Picture::filterPicture($body, $url->getUrl(), $last_id); | ||
166 | Tools::logm('updating content article'); | ||
167 | $this->store->updateContent($last_id, $content, $this->user->getId()); | ||
168 | } | ||
169 | |||
170 | if ($duplicate != NULL) { | ||
171 | // duplicate exists, so, older entry needs to be deleted (as new entry should go to the top of list), BUT favorite mark and tags should be preserved | ||
172 | Tools::logm('link ' . $url->getUrl() . ' is a duplicate'); | ||
173 | // 1) - preserve tags and favorite, then drop old entry | ||
174 | $this->store->reassignTags($duplicate['id'], $last_id); | ||
175 | if ($duplicate['is_fav']) { | ||
176 | $this->store->favoriteById($last_id, $this->user->getId()); | ||
177 | } | ||
178 | if ($this->store->deleteById($duplicate['id'], $this->user->getId())) { | ||
179 | Tools::logm('previous link ' . $url->getUrl() .' entry deleted'); | ||
180 | } | ||
181 | } | ||
182 | |||
183 | // if there are tags, add them to the new article | ||
184 | if (isset($_GET['tags'])) { | ||
185 | $_POST['value'] = $_GET['tags']; | ||
186 | $_POST['entry_id'] = $last_id; | ||
187 | $this->action('add_tag', $url); | ||
188 | } | ||
189 | |||
190 | $this->messages->add('s', _('the link has been added successfully')); | ||
191 | } | ||
192 | else { | ||
193 | $this->messages->add('e', _('error during insertion : the link wasn\'t added')); | ||
194 | Tools::logm('error during insertion : the link wasn\'t added ' . $url->getUrl()); | ||
195 | } | ||
196 | |||
197 | if ($autoclose == TRUE) { | ||
198 | Tools::redirect('?view=home'); | ||
199 | } else { | ||
200 | Tools::redirect('?view=home&closewin=true'); | ||
201 | } | ||
202 | break; | ||
203 | case 'delete': | ||
204 | if (isset($_GET['search'])) { | ||
205 | //when we want to apply a delete to a search | ||
206 | $tags = array($_GET['search']); | ||
207 | $allentry_ids = $this->store->search($tags[0], $this->user->getId()); | ||
208 | $entry_ids = array(); | ||
209 | foreach ($allentry_ids as $eachentry) { | ||
210 | $entry_ids[] = $eachentry[0]; | ||
211 | } | ||
212 | } else { // delete a single article | ||
213 | $entry_ids = array($id); | ||
214 | } | ||
215 | foreach($entry_ids as $id) { | ||
216 | $msg = 'delete link #' . $id; | ||
217 | if ($this->store->deleteById($id, $this->user->getId())) { | ||
218 | if (DOWNLOAD_PICTURES) { | ||
219 | Picture::removeDirectory(ABS_PATH . $id); | ||
220 | } | ||
221 | $this->messages->add('s', _('the link has been deleted successfully')); | ||
222 | } | ||
223 | else { | ||
224 | $this->messages->add('e', _('the link wasn\'t deleted')); | ||
225 | $msg = 'error : can\'t delete link #' . $id; | ||
226 | } | ||
227 | Tools::logm($msg); | ||
228 | } | ||
229 | Tools::redirect('?'); | ||
230 | break; | ||
231 | case 'toggle_fav' : | ||
232 | $this->store->favoriteById($id, $this->user->getId()); | ||
233 | Tools::logm('mark as favorite link #' . $id); | ||
234 | if ( Tools::isAjaxRequest() ) { | ||
235 | echo 1; | ||
236 | exit; | ||
237 | } | ||
238 | else { | ||
239 | Tools::redirect(); | ||
240 | } | ||
241 | break; | ||
242 | case 'toggle_archive' : | ||
243 | if (isset($_GET['tag_id'])) { | ||
244 | //when we want to archive a whole tag | ||
245 | $tag_id = $_GET['tag_id']; | ||
246 | $allentry_ids = $this->store->retrieveEntriesByTag($tag_id, $this->user->getId()); | ||
247 | $entry_ids = array(); | ||
248 | foreach ($allentry_ids as $eachentry) { | ||
249 | $entry_ids[] = $eachentry[0]; | ||
250 | } | ||
251 | } else { //archive a single article | ||
252 | $entry_ids = array($id); | ||
253 | } | ||
254 | foreach($entry_ids as $id) { | ||
255 | $this->store->archiveById($id, $this->user->getId()); | ||
256 | Tools::logm('archive link #' . $id); | ||
257 | } | ||
258 | if ( Tools::isAjaxRequest() ) { | ||
259 | echo 1; | ||
260 | exit; | ||
261 | } | ||
262 | else { | ||
263 | Tools::redirect(); | ||
264 | } | ||
265 | break; | ||
266 | case 'archive_all' : | ||
267 | $this->store->archiveAll($this->user->getId()); | ||
268 | Tools::logm('archive all links'); | ||
269 | Tools::redirect(); | ||
270 | break; | ||
271 | case 'add_tag' : | ||
272 | if (isset($_GET['search'])) { | ||
273 | //when we want to apply a tag to a search | ||
274 | $tags = array($_GET['search']); | ||
275 | $allentry_ids = $this->store->search($tags[0], $this->user->getId()); | ||
276 | $entry_ids = array(); | ||
277 | foreach ($allentry_ids as $eachentry) { | ||
278 | $entry_ids[] = $eachentry[0]; | ||
279 | } | ||
280 | } else { //add a tag to a single article | ||
281 | $tags = explode(',', $_POST['value']); | ||
282 | $entry_ids = array($_POST['entry_id']); | ||
283 | } | ||
284 | foreach($entry_ids as $entry_id) { | ||
285 | $entry = $this->store->retrieveOneById($entry_id, $this->user->getId()); | ||
286 | if (!$entry) { | ||
287 | $this->messages->add('e', _('Article not found!')); | ||
288 | Tools::logm('error : article not found'); | ||
289 | Tools::redirect(); | ||
290 | } | ||
291 | //get all already set tags to preven duplicates | ||
292 | $already_set_tags = array(); | ||
293 | $entry_tags = $this->store->retrieveTagsByEntry($entry_id); | ||
294 | foreach ($entry_tags as $tag) { | ||
295 | $already_set_tags[] = $tag['value']; | ||
296 | } | ||
297 | foreach($tags as $key => $tag_value) { | ||
298 | $value = trim($tag_value); | ||
299 | if ($value && !in_array($value, $already_set_tags)) { | ||
300 | $tag = $this->store->retrieveTagByValue($value); | ||
301 | if (is_null($tag)) { | ||
302 | # we create the tag | ||
303 | $tag = $this->store->createTag($value); | ||
304 | $sequence = ''; | ||
305 | if (STORAGE == 'postgres') { | ||
306 | $sequence = 'tags_id_seq'; | ||
307 | } | ||
308 | $tag_id = $this->store->getLastId($sequence); | ||
309 | } | ||
310 | else { | ||
311 | $tag_id = $tag['id']; | ||
312 | } | ||
313 | |||
314 | # we assign the tag to the article | ||
315 | $this->store->setTagToEntry($tag_id, $entry_id); | ||
316 | } | ||
317 | } | ||
318 | } | ||
319 | $this->messages->add('s', _('The tag has been applied successfully')); | ||
320 | Tools::logm('The tag has been applied successfully'); | ||
321 | Tools::redirect(); | ||
322 | break; | ||
323 | case 'remove_tag' : | ||
324 | $tag_id = $_GET['tag_id']; | ||
325 | $entry = $this->store->retrieveOneById($id, $this->user->getId()); | ||
326 | if (!$entry) { | ||
327 | $this->messages->add('e', _('Article not found!')); | ||
328 | Tools::logm('error : article not found'); | ||
329 | Tools::redirect(); | ||
330 | } | ||
331 | $this->store->removeTagForEntry($id, $tag_id); | ||
332 | Tools::logm('tag entry deleted'); | ||
333 | if ($this->store->cleanUnusedTag($tag_id)) { | ||
334 | Tools::logm('tag deleted'); | ||
335 | } | ||
336 | $this->messages->add('s', _('The tag has been successfully deleted')); | ||
337 | Tools::redirect(); | ||
338 | break; | ||
339 | default: | ||
340 | break; | ||
341 | } | ||
342 | } | ||
343 | |||
344 | function displayView($view, $id = 0) | ||
345 | { | ||
346 | $tpl_vars = array(); | ||
347 | |||
348 | switch ($view) | ||
349 | { | ||
350 | case 'about': | ||
351 | break; | ||
352 | case 'config': | ||
353 | $dev_infos = $this->_getPocheVersion('dev'); | ||
354 | $dev = trim($dev_infos[0]); | ||
355 | $check_time_dev = date('d-M-Y H:i', $dev_infos[1]); | ||
356 | $prod_infos = $this->_getPocheVersion('prod'); | ||
357 | $prod = trim($prod_infos[0]); | ||
358 | $check_time_prod = date('d-M-Y H:i', $prod_infos[1]); | ||
359 | $compare_dev = version_compare(POCHE, $dev); | ||
360 | $compare_prod = version_compare(POCHE, $prod); | ||
361 | $themes = $this->tpl->getInstalledThemes(); | ||
362 | $languages = $this->language->getInstalledLanguages(); | ||
363 | $token = $this->user->getConfigValue('token'); | ||
364 | $http_auth = (isset($_SERVER['PHP_AUTH_USER']) || isset($_SERVER['REMOTE_USER'])) ? true : false; | ||
365 | $only_user = ($this->store->listUsers() > 1) ? false : true; | ||
366 | $tpl_vars = array( | ||
367 | 'themes' => $themes, | ||
368 | 'languages' => $languages, | ||
369 | 'dev' => $dev, | ||
370 | 'prod' => $prod, | ||
371 | 'check_time_dev' => $check_time_dev, | ||
372 | 'check_time_prod' => $check_time_prod, | ||
373 | 'compare_dev' => $compare_dev, | ||
374 | 'compare_prod' => $compare_prod, | ||
375 | 'token' => $token, | ||
376 | 'user_id' => $this->user->getId(), | ||
377 | 'http_auth' => $http_auth, | ||
378 | 'only_user' => $only_user | ||
379 | ); | ||
380 | Tools::logm('config view'); | ||
381 | break; | ||
382 | case 'edit-tags': | ||
383 | # tags | ||
384 | $entry = $this->store->retrieveOneById($id, $this->user->getId()); | ||
385 | if (!$entry) { | ||
386 | $this->messages->add('e', _('Article not found!')); | ||
387 | Tools::logm('error : article not found'); | ||
388 | Tools::redirect(); | ||
389 | } | ||
390 | $tags = $this->store->retrieveTagsByEntry($id); | ||
391 | $tpl_vars = array( | ||
392 | 'entry_id' => $id, | ||
393 | 'tags' => $tags, | ||
394 | 'entry' => $entry, | ||
395 | ); | ||
396 | break; | ||
397 | case 'tags': | ||
398 | $token = $this->user->getConfigValue('token'); | ||
399 | //if term is set - search tags for this term | ||
400 | $term = Tools::checkVar('term'); | ||
401 | $tags = $this->store->retrieveAllTags($this->user->getId(), $term); | ||
402 | if (Tools::isAjaxRequest()) { | ||
403 | $result = array(); | ||
404 | foreach ($tags as $tag) { | ||
405 | $result[] = $tag['value']; | ||
406 | } | ||
407 | echo json_encode($result); | ||
408 | exit; | ||
409 | } | ||
410 | $tpl_vars = array( | ||
411 | 'token' => $token, | ||
412 | 'user_id' => $this->user->getId(), | ||
413 | 'tags' => $tags, | ||
414 | ); | ||
415 | break; | ||
416 | case 'search': | ||
417 | if (isset($_GET['search'])) { | ||
418 | $search = filter_var($_GET['search'], FILTER_SANITIZE_STRING); | ||
419 | $tpl_vars['entries'] = $this->store->search($search, $this->user->getId()); | ||
420 | $count = count($tpl_vars['entries']); | ||
421 | $this->pagination->set_total($count); | ||
422 | $page_links = str_replace(array('previous', 'next'), array(_('previous'), _('next')), | ||
423 | $this->pagination->page_links('?view=' . $view . '?search=' . $search . '&sort=' . $_SESSION['sort'] . '&' )); | ||
424 | $tpl_vars['page_links'] = $page_links; | ||
425 | $tpl_vars['nb_results'] = $count; | ||
426 | $tpl_vars['searchterm'] = $search; | ||
427 | } | ||
428 | break; | ||
429 | case 'view': | ||
430 | $entry = $this->store->retrieveOneById($id, $this->user->getId()); | ||
431 | if ($entry != NULL) { | ||
432 | Tools::logm('view link #' . $id); | ||
433 | $content = $entry['content']; | ||
434 | if (function_exists('tidy_parse_string')) { | ||
435 | $tidy = tidy_parse_string($content, array('indent'=>true, 'show-body-only' => true), 'UTF8'); | ||
436 | $tidy->cleanRepair(); | ||
437 | $content = $tidy->value; | ||
438 | } | ||
439 | |||
440 | # flattr checking | ||
441 | $flattr = NULL; | ||
442 | if (FLATTR) { | ||
443 | $flattr = new FlattrItem(); | ||
444 | $flattr->checkItem($entry['url'], $entry['id']); | ||
445 | } | ||
446 | |||
447 | # tags | ||
448 | $tags = $this->store->retrieveTagsByEntry($entry['id']); | ||
449 | |||
450 | $tpl_vars = array( | ||
451 | 'entry' => $entry, | ||
452 | 'content' => $content, | ||
453 | 'flattr' => $flattr, | ||
454 | 'tags' => $tags | ||
455 | ); | ||
456 | } | ||
457 | else { | ||
458 | Tools::logm('error in view call : entry is null'); | ||
459 | } | ||
460 | break; | ||
461 | default: # home, favorites, archive and tag views | ||
462 | $tpl_vars = array( | ||
463 | 'entries' => '', | ||
464 | 'page_links' => '', | ||
465 | 'nb_results' => '', | ||
466 | 'listmode' => (isset($_COOKIE['listmode']) ? true : false), | ||
467 | ); | ||
468 | |||
469 | //if id is given - we retrieve entries by tag: id is tag id | ||
470 | if ($id) { | ||
471 | $tpl_vars['tag'] = $this->store->retrieveTag($id, $this->user->getId()); | ||
472 | $tpl_vars['id'] = intval($id); | ||
473 | } | ||
474 | |||
475 | $count = $this->store->getEntriesByViewCount($view, $this->user->getId(), $id); | ||
476 | |||
477 | if ($count > 0) { | ||
478 | $this->pagination->set_total($count); | ||
479 | $page_links = str_replace(array('previous', 'next'), array(_('previous'), _('next')), | ||
480 | $this->pagination->page_links('?view=' . $view . '&sort=' . $_SESSION['sort'] . (($id)?'&id='.$id:'') . '&' )); | ||
481 | $tpl_vars['entries'] = $this->store->getEntriesByView($view, $this->user->getId(), $this->pagination->get_limit(), $id); | ||
482 | $tpl_vars['page_links'] = $page_links; | ||
483 | $tpl_vars['nb_results'] = $count; | ||
484 | } | ||
485 | Tools::logm('display ' . $view . ' view'); | ||
486 | break; | ||
487 | } | ||
488 | |||
489 | return $tpl_vars; | ||
490 | } | ||
491 | |||
492 | /** | ||
493 | * update the password of the current user. | ||
494 | * if MODE_DEMO is TRUE, the password can't be updated. | ||
495 | * @todo add the return value | ||
496 | * @todo set the new password in function header like this updatePassword($newPassword) | ||
497 | * @return boolean | ||
498 | */ | ||
499 | public function updatePassword($password, $confirmPassword) | ||
500 | { | ||
501 | if (MODE_DEMO) { | ||
502 | $this->messages->add('i', _('in demo mode, you can\'t update your password')); | ||
503 | Tools::logm('in demo mode, you can\'t do this'); | ||
504 | Tools::redirect('?view=config'); | ||
505 | } | ||
506 | else { | ||
507 | if (isset($password) && isset($confirmPassword)) { | ||
508 | if ($password == $confirmPassword && !empty($password)) { | ||
509 | $this->messages->add('s', _('your password has been updated')); | ||
510 | $this->store->updatePassword($this->user->getId(), Tools::encodeString($password . $this->user->getUsername())); | ||
511 | Session::logout(); | ||
512 | Tools::logm('password updated'); | ||
513 | Tools::redirect(); | ||
514 | } | ||
515 | else { | ||
516 | $this->messages->add('e', _('the two fields have to be filled & the password must be the same in the two fields')); | ||
517 | Tools::redirect('?view=config'); | ||
518 | } | ||
519 | } | ||
520 | } | ||
521 | } | ||
522 | |||
523 | /** | ||
524 | * Get credentials from differents sources | ||
525 | * It redirects the user to the $referer link | ||
526 | * | ||
527 | * @return array | ||
528 | */ | ||
529 | private function credentials() | ||
530 | { | ||
531 | if (isset($_SERVER['PHP_AUTH_USER'])) { | ||
532 | return array($_SERVER['PHP_AUTH_USER'], 'php_auth', true); | ||
533 | } | ||
534 | if (!empty($_POST['login']) && !empty($_POST['password'])) { | ||
535 | return array($_POST['login'], $_POST['password'], false); | ||
536 | } | ||
537 | if (isset($_SERVER['REMOTE_USER'])) { | ||
538 | return array($_SERVER['REMOTE_USER'], 'http_auth', true); | ||
539 | } | ||
540 | |||
541 | return array(false, false, false); | ||
542 | } | ||
543 | |||
544 | /** | ||
545 | * checks if login & password are correct and save the user in session. | ||
546 | * it redirects the user to the $referer link | ||
547 | * @param string $referer the url to redirect after login | ||
548 | * @todo add the return value | ||
549 | * @return boolean | ||
550 | */ | ||
551 | public function login($referer) | ||
552 | { | ||
553 | list($login,$password,$isauthenticated)=$this->credentials(); | ||
554 | if($login === false || $password === false) { | ||
555 | $this->messages->add('e', _('login failed: you have to fill all fields')); | ||
556 | Tools::logm('login failed'); | ||
557 | Tools::redirect(); | ||
558 | } | ||
559 | if (!empty($login) && !empty($password)) { | ||
560 | $user = $this->store->login($login, Tools::encodeString($password . $login), $isauthenticated); | ||
561 | if ($user != array()) { | ||
562 | # Save login into Session | ||
563 | $longlastingsession = isset($_POST['longlastingsession']); | ||
564 | $passwordTest = ($isauthenticated) ? $user['password'] : Tools::encodeString($password . $login); | ||
565 | Session::login($user['username'], $user['password'], $login, $passwordTest, $longlastingsession, array('poche_user' => new User($user))); | ||
566 | |||
567 | # reload l10n | ||
568 | $language = $user['config']['language']; | ||
569 | @putenv('LC_ALL=' . $language); | ||
570 | setlocale(LC_ALL, $language); | ||
571 | bindtextdomain($language, LOCALE); | ||
572 | textdomain($language); | ||
573 | |||
574 | $this->messages->add('s', _('welcome to your wallabag')); | ||
575 | Tools::logm('login successful'); | ||
576 | Tools::redirect($referer); | ||
577 | } | ||
578 | $this->messages->add('e', _('login failed: bad login or password')); | ||
579 | // log login failure in web server log to allow fail2ban usage | ||
580 | error_log('user '.$login.' authentication failure'); | ||
581 | Tools::logm('login failed'); | ||
582 | Tools::redirect(); | ||
583 | } | ||
584 | } | ||
585 | |||
586 | /** | ||
587 | * log out the poche user. It cleans the session. | ||
588 | * @todo add the return value | ||
589 | * @return boolean | ||
590 | */ | ||
591 | public function logout() | ||
592 | { | ||
593 | $this->user = array(); | ||
594 | Session::logout(); | ||
595 | Tools::logm('logout'); | ||
596 | Tools::redirect(); | ||
597 | } | ||
598 | |||
599 | /** | ||
600 | * import datas into your wallabag | ||
601 | * @return boolean | ||
602 | */ | ||
603 | |||
604 | public function import() { | ||
605 | |||
606 | if ( isset($_FILES['file']) && $_FILES['file']['tmp_name'] ) { | ||
607 | Tools::logm('Import stated: parsing file'); | ||
608 | |||
609 | // assume, that file is in json format | ||
610 | $str_data = file_get_contents($_FILES['file']['tmp_name']); | ||
611 | $data = json_decode($str_data, true); | ||
612 | |||
613 | if ( $data === null ) { | ||
614 | //not json - assume html | ||
615 | $html = new simple_html_dom(); | ||
616 | $html->load_file($_FILES['file']['tmp_name']); | ||
617 | $data = array(); | ||
618 | $read = 0; | ||
619 | foreach (array('ol','ul') as $list) { | ||
620 | foreach ($html->find($list) as $ul) { | ||
621 | foreach ($ul->find('li') as $li) { | ||
622 | $tmpEntry = array(); | ||
623 | $a = $li->find('a'); | ||
624 | $tmpEntry['url'] = $a[0]->href; | ||
625 | $tmpEntry['tags'] = $a[0]->tags; | ||
626 | $tmpEntry['is_read'] = $read; | ||
627 | if ($tmpEntry['url']) { | ||
628 | $data[] = $tmpEntry; | ||
629 | } | ||
630 | } | ||
631 | # the second <ol/ul> is for read links | ||
632 | $read = ((sizeof($data) && $read)?0:1); | ||
633 | } | ||
634 | } | ||
635 | } | ||
636 | |||
637 | // for readability structure | ||
638 | |||
639 | foreach($data as $record) { | ||
640 | if (is_array($record)) { | ||
641 | $data[] = $record; | ||
642 | foreach($record as $record2) { | ||
643 | if (is_array($record2)) { | ||
644 | $data[] = $record2; | ||
645 | } | ||
646 | } | ||
647 | } | ||
648 | } | ||
649 | |||
650 | $urlsInserted = array(); //urls of articles inserted | ||
651 | foreach($data as $record) { | ||
652 | $url = trim(isset($record['article__url']) ? $record['article__url'] : (isset($record['url']) ? $record['url'] : '')); | ||
653 | if ($url and !in_array($url, $urlsInserted)) { | ||
654 | $title = (isset($record['title']) ? $record['title'] : _('Untitled - Import - ') . '</a> <a href="./?import">' . _('click to finish import') . '</a><a>'); | ||
655 | $body = (isset($record['content']) ? $record['content'] : ''); | ||
656 | $isRead = (isset($record['is_read']) ? intval($record['is_read']) : (isset($record['archive']) ? intval($record['archive']) : 0)); | ||
657 | $isFavorite = (isset($record['is_fav']) ? intval($record['is_fav']) : (isset($record['favorite']) ? intval($record['favorite']) : 0)); | ||
658 | |||
659 | // insert new record | ||
660 | |||
661 | $id = $this->store->add($url, $title, $body, $this->user->getId() , $isFavorite, $isRead); | ||
662 | if ($id) { | ||
663 | $urlsInserted[] = $url; //add | ||
664 | if (isset($record['tags']) && trim($record['tags'])) { | ||
665 | |||
666 | // @TODO: set tags | ||
667 | |||
668 | } | ||
669 | } | ||
670 | } | ||
671 | } | ||
672 | |||
673 | $i = sizeof($urlsInserted); | ||
674 | if ($i > 0) { | ||
675 | $this->messages->add('s', _('Articles inserted: ') . $i . _('. Please note, that some may be marked as "read".')); | ||
676 | } | ||
677 | |||
678 | Tools::logm('Import of articles finished: '.$i.' articles added (w/o content if not provided).'); | ||
679 | } | ||
680 | else { | ||
681 | $this->messages->add('s', _('Did you forget to select a file?')); | ||
682 | } | ||
683 | // file parsing finished here | ||
684 | // now download article contents if any | ||
685 | // check if we need to download any content | ||
686 | |||
687 | $recordsDownloadRequired = $this->store->retrieveUnfetchedEntriesCount($this->user->getId()); | ||
688 | |||
689 | if ($recordsDownloadRequired == 0) { | ||
690 | |||
691 | // nothing to download | ||
692 | |||
693 | $this->messages->add('s', _('Import finished.')); | ||
694 | Tools::logm('Import finished completely'); | ||
695 | Tools::redirect(); | ||
696 | } | ||
697 | else { | ||
698 | |||
699 | // if just inserted - don't download anything, download will start in next reload | ||
700 | |||
701 | if (!isset($_FILES['file'])) { | ||
702 | |||
703 | // download next batch | ||
704 | |||
705 | Tools::logm('Fetching next batch of articles...'); | ||
706 | $items = $this->store->retrieveUnfetchedEntries($this->user->getId() , IMPORT_LIMIT); | ||
707 | $purifier = $this->_getPurifier(); | ||
708 | foreach($items as $item) { | ||
709 | $url = new Url(base64_encode($item['url'])); | ||
710 | Tools::logm('Fetching article ' . $item['id']); | ||
711 | $content = Tools::getPageContent($url); | ||
712 | $title = (($content['rss']['channel']['item']['title'] != '') ? $content['rss']['channel']['item']['title'] : _('Untitled')); | ||
713 | $body = (($content['rss']['channel']['item']['description'] != '') ? $content['rss']['channel']['item']['description'] : _('Undefined')); | ||
714 | |||
715 | // clean content to prevent xss attack | ||
716 | |||
717 | $title = $purifier->purify($title); | ||
718 | $body = $purifier->purify($body); | ||
719 | $this->store->updateContentAndTitle($item['id'], $title, $body, $this->user->getId()); | ||
720 | Tools::logm('Article ' . $item['id'] . ' updated.'); | ||
721 | } | ||
722 | } | ||
723 | } | ||
724 | |||
725 | return array( | ||
726 | 'includeImport' => true, | ||
727 | 'import' => array( | ||
728 | 'recordsDownloadRequired' => $recordsDownloadRequired, | ||
729 | 'recordsUnderDownload' => IMPORT_LIMIT, | ||
730 | 'delay' => IMPORT_DELAY * 1000 | ||
731 | ) | ||
732 | ); | ||
733 | } | ||
734 | |||
735 | /** | ||
736 | * export poche entries in json | ||
737 | * @return json all poche entries | ||
738 | */ | ||
739 | public function export() | ||
740 | { | ||
741 | $filename = "wallabag-export-".$this->user->getId()."-".date("Y-m-d").".json"; | ||
742 | header('Content-Disposition: attachment; filename='.$filename); | ||
743 | |||
744 | $entries = $this->store->retrieveAll($this->user->getId()); | ||
745 | echo $this->tpl->render('export.twig', array( | ||
746 | 'export' => Tools::renderJson($entries), | ||
747 | )); | ||
748 | Tools::logm('export view'); | ||
749 | } | ||
750 | |||
751 | /** | ||
752 | * Checks online the latest version of poche and cache it | ||
753 | * @param string $which 'prod' or 'dev' | ||
754 | * @return string latest $which version | ||
755 | */ | ||
756 | private function _getPocheVersion($which = 'prod') { | ||
757 | $cache_file = CACHE . '/' . $which; | ||
758 | $check_time = time(); | ||
759 | |||
760 | # checks if the cached version file exists | ||
761 | if (file_exists($cache_file) && (filemtime($cache_file) > (time() - 86400 ))) { | ||
762 | $version = file_get_contents($cache_file); | ||
763 | $check_time = filemtime($cache_file); | ||
764 | } else { | ||
765 | $version = file_get_contents('http://static.wallabag.org/versions/' . $which); | ||
766 | file_put_contents($cache_file, $version, LOCK_EX); | ||
767 | } | ||
768 | return array($version, $check_time); | ||
769 | } | ||
770 | |||
771 | /** | ||
772 | * Update token for current user | ||
773 | */ | ||
774 | public function updateToken() | ||
775 | { | ||
776 | $token = Tools::generateToken(); | ||
777 | $this->store->updateUserConfig($this->user->getId(), 'token', $token); | ||
778 | $currentConfig = $_SESSION['poche_user']->config; | ||
779 | $currentConfig['token'] = $token; | ||
780 | $_SESSION['poche_user']->setConfig($currentConfig); | ||
781 | Tools::redirect(); | ||
782 | } | ||
783 | |||
784 | /** | ||
785 | * Generate RSS feeds for current user | ||
786 | * | ||
787 | * @param $token | ||
788 | * @param $user_id | ||
789 | * @param $tag_id if $type is 'tag', the id of the tag to generate feed for | ||
790 | * @param string $type the type of feed to generate | ||
791 | * @param int $limit the maximum number of items (0 means all) | ||
792 | */ | ||
793 | public function generateFeeds($token, $user_id, $tag_id, $type = 'home', $limit = 0) | ||
794 | { | ||
795 | $allowed_types = array('home', 'fav', 'archive', 'tag'); | ||
796 | $config = $this->store->getConfigUser($user_id); | ||
797 | |||
798 | if ($config == null) { | ||
799 | die(sprintf(_('User with this id (%d) does not exist.'), $user_id)); | ||
800 | } | ||
801 | |||
802 | if (!in_array($type, $allowed_types) || !isset($config['token']) || $token != $config['token']) { | ||
803 | die(_('Uh, there is a problem while generating feed. Wrong token used?')); | ||
804 | } | ||
805 | |||
806 | $feed = new FeedWriter(RSS2); | ||
807 | $feed->setTitle('wallabag — ' . $type . ' feed'); | ||
808 | $feed->setLink(Tools::getPocheUrl()); | ||
809 | $feed->setChannelElement('pubDate', date(DATE_RSS , time())); | ||
810 | $feed->setChannelElement('generator', 'wallabag'); | ||
811 | $feed->setDescription('wallabag ' . $type . ' elements'); | ||
812 | |||
813 | if ($type == 'tag') { | ||
814 | $entries = $this->store->retrieveEntriesByTag($tag_id, $user_id); | ||
815 | } | ||
816 | else { | ||
817 | $entries = $this->store->getEntriesByView($type, $user_id); | ||
818 | } | ||
819 | |||
820 | // if $limit is set to zero, use all entries | ||
821 | if (0 == $limit) { | ||
822 | $limit = count($entries); | ||
823 | } | ||
824 | if (count($entries) > 0) { | ||
825 | for ($i = 0; $i < min(count($entries), $limit); $i++) { | ||
826 | $entry = $entries[$i]; | ||
827 | $newItem = $feed->createNewItem(); | ||
828 | $newItem->setTitle($entry['title']); | ||
829 | $newItem->setSource(Tools::getPocheUrl() . '?view=view&id=' . $entry['id']); | ||
830 | $newItem->setLink($entry['url']); | ||
831 | $newItem->setDate(time()); | ||
832 | $newItem->setDescription($entry['content']); | ||
833 | $feed->addItem($newItem); | ||
834 | } | ||
835 | } | ||
836 | |||
837 | $feed->genarateFeed(); | ||
838 | exit; | ||
839 | } | ||
840 | |||
841 | |||
842 | |||
843 | /** | ||
844 | * Returns new purifier object with actual config | ||
845 | */ | ||
846 | private function _getPurifier() | ||
847 | { | ||
848 | $config = HTMLPurifier_Config::createDefault(); | ||
849 | $config->set('Cache.SerializerPath', CACHE); | ||
850 | $config->set('HTML.SafeIframe', true); | ||
851 | |||
852 | //allow YouTube, Vimeo and dailymotion videos | ||
853 | $config->set('URI.SafeIframeRegexp', '%^(https?:)?//(www\.youtube(?:-nocookie)?\.com/embed/|player\.vimeo\.com/video/|www\.dailymotion\.com/embed/video/)%'); | ||
854 | |||
855 | return new HTMLPurifier($config); | ||
856 | } | ||
857 | |||
858 | |||
859 | } | ||