aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
-rw-r--r--inc/Session.class.php2
-rw-r--r--inc/config.php25
-rw-r--r--inc/functions.php7
-rw-r--r--inc/store/sqlite.class.php51
-rw-r--r--inc/store/store.class.php8
-rw-r--r--index.php9
-rw-r--r--tpl/install.html30
-rw-r--r--tpl/login.html2
8 files changed, 124 insertions, 10 deletions
diff --git a/inc/Session.class.php b/inc/Session.class.php
index ee12b3d1..eff924cc 100644
--- a/inc/Session.class.php
+++ b/inc/Session.class.php
@@ -93,7 +93,7 @@ class Session
93 // Force logout 93 // Force logout
94 public static function logout() 94 public static function logout()
95 { 95 {
96 unset($_SESSION['uid'],$_SESSION['info'],$_SESSION['expires_on'],$_SESSION['tokens']); 96 unset($_SESSION['uid'],$_SESSION['info'],$_SESSION['expires_on'],$_SESSION['tokens'], $_SESSION['login'], $_SESSION['pass']);
97 } 97 }
98 98
99 // Make sure user is logged in. 99 // Make sure user is logged in.
diff --git a/inc/config.php b/inc/config.php
index 737f5215..2de725f4 100644
--- a/inc/config.php
+++ b/inc/config.php
@@ -18,6 +18,7 @@ define ('ABS_PATH', 'assets/');
18define ('CONVERT_LINKS_FOOTNOTES', TRUE); 18define ('CONVERT_LINKS_FOOTNOTES', TRUE);
19define ('REVERT_FORCED_PARAGRAPH_ELEMENTS',FALSE); 19define ('REVERT_FORCED_PARAGRAPH_ELEMENTS',FALSE);
20define ('DOWNLOAD_PICTURES', TRUE); 20define ('DOWNLOAD_PICTURES', TRUE);
21define ('SALT', '464v54gLLw928uz4zUBqkRJeiPY68zCX');
21$storage_type = 'sqlite'; # sqlite or file 22$storage_type = 'sqlite'; # sqlite or file
22 23
23include 'functions.php'; 24include 'functions.php';
@@ -33,9 +34,7 @@ require_once 'class.messages.php';
33 34
34Session::init(); 35Session::init();
35 36
36$store = new $storage_type(); 37$store = new $storage_type();
37$msg = new Messages();
38
39# initialisation de RainTPL 38# initialisation de RainTPL
40raintpl::$tpl_dir = './tpl/'; 39raintpl::$tpl_dir = './tpl/';
41raintpl::$cache_dir = './cache/'; 40raintpl::$cache_dir = './cache/';
@@ -43,4 +42,24 @@ raintpl::$base_url = get_poche_url();
43raintpl::configure('path_replace', false); 42raintpl::configure('path_replace', false);
44raintpl::configure('debug', false); 43raintpl::configure('debug', false);
45$tpl = new raintpl(); 44$tpl = new raintpl();
45
46if(!$store->isInstalled())
47{
48 logm('poche still not installed');
49 $tpl->draw('install');
50 if (isset($_GET['install'])) {
51 if (($_POST['password'] == $_POST['password_repeat'])
52 && $_POST['password'] != "" && $_POST['login'] != "") {
53 $store->install($_POST['login'], encode_string($_POST['password'] . $_POST['login']));
54 Session::logout();
55 MyTool::redirect();
56 }
57 }
58 exit();
59}
60
61$_SESSION['login'] = (isset ($_SESSION['login'])) ? $_SESSION['login'] : $store->getLogin();
62$_SESSION['pass'] = (isset ($_SESSION['pass'])) ? $_SESSION['pass'] : $store->getPassword();
63
64$msg = new Messages();
46$tpl->assign('msg', $msg); \ No newline at end of file 65$tpl->assign('msg', $msg); \ No newline at end of file
diff --git a/inc/functions.php b/inc/functions.php
index c2a149c6..73e591c5 100644
--- a/inc/functions.php
+++ b/inc/functions.php
@@ -23,6 +23,11 @@ function get_poche_url()
23 return $protocol . "://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; 23 return $protocol . "://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
24} 24}
25 25
26function encode_string($string)
27{
28 return sha1($string . SALT);
29}
30
26// function define to retrieve url content 31// function define to retrieve url content
27function get_external_file($url) 32function get_external_file($url)
28{ 33{
@@ -375,12 +380,10 @@ function action_to_do($action, $url, $id = 0)
375 break; 380 break;
376 case 'toggle_fav' : 381 case 'toggle_fav' :
377 $store->favoriteById($id); 382 $store->favoriteById($id);
378 $msg->add('s', 'the favorite toggle has been done successfully');
379 logm('mark as favorite link #' . $id); 383 logm('mark as favorite link #' . $id);
380 break; 384 break;
381 case 'toggle_archive' : 385 case 'toggle_archive' :
382 $store->archiveById($id); 386 $store->archiveById($id);
383 $msg->add('s', 'the archive toggle has been done successfully');
384 logm('archive link #' . $id); 387 logm('archive link #' . $id);
385 break; 388 break;
386 default: 389 default:
diff --git a/inc/store/sqlite.class.php b/inc/store/sqlite.class.php
index cda412e6..4bfbb29e 100644
--- a/inc/store/sqlite.class.php
+++ b/inc/store/sqlite.class.php
@@ -17,7 +17,6 @@ class Sqlite extends Store {
17 parent::__construct(); 17 parent::__construct();
18 18
19 $this->handle = new PDO(self::$db_path); 19 $this->handle = new PDO(self::$db_path);
20 $this->handle->exec('CREATE TABLE IF NOT EXISTS "entries" ("id" INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL UNIQUE , "title" VARCHAR, "url" VARCHAR UNIQUE , "is_read" INTEGER DEFAULT 0, "is_fav" INTEGER DEFAULT 0, "content" BLOB)');
21 $this->handle->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); 20 $this->handle->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
22 } 21 }
23 22
@@ -25,6 +24,56 @@ class Sqlite extends Store {
25 return $this->handle; 24 return $this->handle;
26 } 25 }
27 26
27 public function isInstalled() {
28 $sql = "SELECT name FROM sqlite_sequence WHERE name=?";
29 $query = $this->executeQuery($sql, array('config'));
30 $hasConfig = $query->fetchAll();
31
32 if (count($hasConfig) == 0)
33 return FALSE;
34
35 if (!$this->getLogin() || !$this->getPassword())
36 return FALSE;
37
38 return TRUE;
39 }
40
41 public function install($login, $password) {
42 $this->getHandle()->exec('CREATE TABLE IF NOT EXISTS "config" ("id" INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL UNIQUE , "name" VARCHAR UNIQUE, "value" BLOB)');
43
44 $this->handle->exec('CREATE TABLE IF NOT EXISTS "entries" ("id" INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL UNIQUE , "title" VARCHAR, "url" VARCHAR UNIQUE , "is_read" INTEGER DEFAULT 0, "is_fav" INTEGER DEFAULT 0, "content" BLOB)');
45
46 if (!$this->getLogin()) {
47 $sql_login = 'INSERT INTO config ( name, value ) VALUES (?, ?)';
48 $params_login = array('login', $login);
49 $query = $this->executeQuery($sql_login, $params_login);
50 }
51
52 if (!$this->getPassword()) {
53 $sql_pass = 'INSERT INTO config ( name, value ) VALUES (?, ?)';
54 $params_pass = array('password', $password);
55 $query = $this->executeQuery($sql_pass, $params_pass);
56 }
57
58 return TRUE;
59 }
60
61 public function getLogin() {
62 $sql = "SELECT value FROM config WHERE name=?";
63 $query = $this->executeQuery($sql, array('login'));
64 $login = $query->fetchAll();
65
66 return isset($login[0]['value']) ? $login[0]['value'] : FALSE;
67 }
68
69 public function getPassword() {
70 $sql = "SELECT value FROM config WHERE name=?";
71 $query = $this->executeQuery($sql, array('password'));
72 $pass = $query->fetchAll();
73
74 return isset($pass[0]['value']) ? $pass[0]['value'] : FALSE;
75 }
76
28 private function executeQuery($sql, $params) { 77 private function executeQuery($sql, $params) {
29 try 78 try
30 { 79 {
diff --git a/inc/store/store.class.php b/inc/store/store.class.php
index 360ff7c2..dd7d4cfe 100644
--- a/inc/store/store.class.php
+++ b/inc/store/store.class.php
@@ -13,6 +13,14 @@ class Store {
13 13
14 } 14 }
15 15
16 public function getLogin() {
17
18 }
19
20 public function getPassword() {
21
22 }
23
16 public function add() { 24 public function add() {
17 25
18 } 26 }
diff --git a/index.php b/index.php
index 829d5513..1522a2ec 100644
--- a/index.php
+++ b/index.php
@@ -25,9 +25,14 @@ $ref = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER'];
25if (isset($_GET['login'])) { 25if (isset($_GET['login'])) {
26 // Login 26 // Login
27 if (!empty($_POST['login']) && !empty($_POST['password'])) { 27 if (!empty($_POST['login']) && !empty($_POST['password'])) {
28 if (Session::login('poche', 'poche', $_POST['login'], $_POST['password'])) { 28// echo $_SESSION['login']."<br>";
29// echo $_SESSION['pass']."<br>";
30// echo $_POST['login']."<br>";
31// echo encode_string($_POST['password'] . $_POST['login']);
32// die;
33 if (Session::login($_SESSION['login'], $_SESSION['pass'], $_POST['login'], encode_string($_POST['password'] . $_POST['login']))) {
29 logm('login successful'); 34 logm('login successful');
30 $msg->add('s', 'welcome in your pocket!'); 35 $msg->add('s', 'welcome in your poche!');
31 if (!empty($_POST['longlastingsession'])) { 36 if (!empty($_POST['longlastingsession'])) {
32 $_SESSION['longlastingsession'] = 31536000; 37 $_SESSION['longlastingsession'] = 31536000;
33 $_SESSION['expires_on'] = time() + $_SESSION['longlastingsession']; 38 $_SESSION['expires_on'] = time() + $_SESSION['longlastingsession'];
diff --git a/tpl/install.html b/tpl/install.html
new file mode 100644
index 00000000..d11a7810
--- /dev/null
+++ b/tpl/install.html
@@ -0,0 +1,30 @@
1{include="head"}
2 <body class="light-style">
3 <header>
4 <h1><a href="index.php"><img src="./img/logo.png" alt="logo poche" /></a>poche</h1>
5 </header>
6 <div id="main">
7 <form method="post" action="?install" name="loginform">
8 <fieldset class="w500p center">
9 <h2 class="mbs txtcenter">install your poche</h2>
10 <div class="row">
11 <label class="col w150p" for="login">Login</label>
12 <input class="col" type="text" id="login" name="login" placeholder="Login" tabindex="1" autofocus />
13 </div>
14 <div class="row">
15 <label class="col w150p" for="password">Password</label>
16 <input class="col" type="password" id="password" name="password" placeholder="Password" tabindex="2">
17 </div>
18 <div class="row">
19 <label class="col w150p" for="password_repeat">Repeat your password</label>
20 <input class="col" type="password" id="password_repeat" name="password_repeat" placeholder="Password" tabindex="3">
21 </div>
22 <div class="row mts txtcenter">
23 <button class="bouton" type="submit" tabindex="4">Install</button>
24 </div>
25 </fieldset>
26 <input type="hidden" name="returnurl" value="<?php echo htmlspecialchars($referer);?>">
27 <input type="hidden" name="token" value="<?php echo Session::getToken(); ?>">
28 </form>
29
30{include="footer"}
diff --git a/tpl/login.html b/tpl/login.html
index ebe4b5e5..69c17a55 100644
--- a/tpl/login.html
+++ b/tpl/login.html
@@ -12,7 +12,7 @@
12 <input class="col" type="text" id="login" name="login" placeholder="Login" tabindex="1" autofocus /> 12 <input class="col" type="text" id="login" name="login" placeholder="Login" tabindex="1" autofocus />
13 </div> 13 </div>
14 <div class="row"> 14 <div class="row">
15 <label class="col w150p" for="password" >Password</label> 15 <label class="col w150p" for="password">Password</label>
16 <input class="col" type="password" id="password" name="password" placeholder="Password" tabindex="2"> 16 <input class="col" type="password" id="password" name="password" placeholder="Password" tabindex="2">
17 </div> 17 </div>
18 <div class="row"> 18 <div class="row">