6 files changed, 47 insertions, 552 deletions
diff --git a/composer.json b/composer.json
index 56dea960..32ca9c28 100644
--- a/composer.json
+++ b/composer.json
@@ -30,6 +30,10 @@
        {
            "type": "vcs",
            "url": "https://github.com/wallabag/kriss_php5"
+        },
+        {
+            "type": "vcs",
+            "url": "https://github.com/wallabag/pagination"
        }
    ],
    "require": {
@@ -40,6 +44,7 @@
        "ezyang/htmlpurifier": "dev-master",
        "mgargano/simplehtmldom": "dev-master",
        "wallabag/PHP-Flash-Messages": "dev-master",
-        "wallabag/kriss_php5": "dev-master"
+        "wallabag/kriss_php5": "dev-master",
+        "wallabag/pagination": "dev-master"
    }
 }
 \ No newline at end of file
diff --git a/composer.lock b/composer.lock
index 48df2b16..00d31c5b 100644
--- a/composer.lock
+++ b/composer.lock
@@ -4,7 +4,7 @@
        "Read more about it at http://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
        "This file is @generated automatically"
    ],
-    "hash": "aaf0d0bb3208c2dfc0b6cc95cbfab5f6",
+    "hash": "01683220c560fe335307baeb1018293c",
    "packages": [
        {
            "name": "ezyang/htmlpurifier",
@@ -1374,6 +1374,43 @@
            "time": "2015-01-18 21:21:43"
        },
        {
+            "name": "wallabag/pagination",
+            "version": "dev-master",
+            "source": {
+                "type": "git",
+                "url": "https://github.com/wallabag/pagination.git",
+                "reference": "54e442b31c90e50e331cb8ac400537e0eda30deb"
+            },
+            "dist": {
+                "type": "zip",
+                "url": "https://api.github.com/repos/wallabag/pagination/zipball/54e442b31c90e50e331cb8ac400537e0eda30deb",
+                "reference": "54e442b31c90e50e331cb8ac400537e0eda30deb",
+                "shasum": ""
+            },
+            "require": {
+                "php": ">=5.3.0"
+            },
+            "type": "library",
+            "autoload": {
+                "files": [
+                    "paginator.php"
+                ]
+            },
+            "authors": [
+                {
+                    "name": "Nicolas Lœuillet",
+                    "email": "nicolas@loeuillet.org",
+                    "homepage": "http://www.cdetc.fr"
+                }
+            ],
+            "description": "Paginate record sets, not tied in directly to a database.",
+            "homepage": "https://github.com/wallabag/pagination",
+            "support": {
+                "source": "https://github.com/wallabag/pagination/tree/master"
+            },
+            "time": "2015-01-19 09:24:39"
+        },
+        {
            "name": "wallabag/php-flash-messages",
            "version": "dev-master",
            "source": {
@@ -1428,7 +1465,8 @@
        "ezyang/htmlpurifier": 20,
        "mgargano/simplehtmldom": 20,
        "wallabag/php-flash-messages": 20,
-        "wallabag/kriss_php5": 20
+        "wallabag/kriss_php5": 20,
+        "wallabag/pagination": 20
    },
    "prefer-stable": false,
    "prefer-lowest": false,
diff --git a/inc/3rdparty/Session.class.php b/inc/3rdparty/Session.class.php
deleted file mode 100644
index b56e4c54..00000000
--- a/inc/3rdparty/Session.class.php
+++ /dev/null
@@ -1,346 +0,0 @@
-<?php
-/**
- * Session management class
- *
- * http://www.developpez.net/forums/d51943/php/langage/sessions/
- * http://sebsauvage.net/wiki/doku.php?id=php:session
- * http://sebsauvage.net/wiki/doku.php?id=php:shaarli
- * 
- * Features:
- * - Everything is stored on server-side (we do not trust client-side data,
- *   such as cookie expiration)
- * - IP addresses are checked on each access to prevent session cookie hijacking
- *   (such as Firesheep)
- * - Session expires on user inactivity (Session expiration date is
- *   automatically updated everytime the user accesses a page.)
- * - A unique secret key is generated on server-side for this session
- *   (and never sent over the wire) which can be used to sign forms (HMAC)
- *   (See $_SESSION['uid'])
- * - Token management to prevent XSRF attacks
- * - Brute force protection with ban management
- *
- * TODOs
- * - Replace globals with variables in Session class
- *
- * How to use:
- * - http://tontof.net/kriss/php5/session
- */
-class Session
-{
-    // Personnalize PHP session name
-    public static $sessionName = '';
-    // If the user does not access any page within this time,
-    // his/her session is considered expired (3600 sec. = 1 hour)
-    public static $inactivityTimeout = 3600;
-    // Extra timeout for long sessions (if enabled) (82800 sec. = 23 hours)
-    public static $longSessionTimeout = 7776000; // 7776000 = 90 days
-    // If you get disconnected often or if your IP address changes often.
-    // Let you disable session cookie hijacking protection
-    public static $disableSessionProtection = false;
-    // Ban IP after this many failures.
-    public static $banAfter = 4;
-    // Ban duration for IP address after login failures (in seconds).
-    // (1800 sec. = 30 minutes)
-    public static $banDuration = 1800;
-    // File storage for failures and bans. If empty, no ban management.
-    public static $banFile = '';
-    /**
-     * Initialize session
-     */
-    public static function init($longlastingsession = false)
-    {
-        //check if session name is correct
-        if ( (session_id() && !empty(self::$sessionName) && session_name()!=self::$sessionName) || $longlastingsession ) {
-            session_destroy();
-        }
-        // Force cookie path (but do not change lifetime)
-        $cookie = session_get_cookie_params();
-        // Default cookie expiration and path.
-        $cookiedir = '';
-        if (dirname($_SERVER['SCRIPT_NAME'])!='/') {
-            $cookiedir = dirname($_SERVER["SCRIPT_NAME"]).'/';
-        }
-        $ssl = false;
-        if (isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] == "on") {
-            $ssl = true;
-        }
-        if ( $longlastingsession ) {
-            session_set_cookie_params(self::$longSessionTimeout, $cookiedir, null, $ssl, true);
-        }
-        else {
-            session_set_cookie_params(0, $cookiedir, null, $ssl, true);
-        }
-        //set server side valid session timeout
-        //WARNING! this may not work in shared session environment. See http://www.php.net/manual/en/session.configuration.php#ini.session.gc-maxlifetime about min value: it can be set in any application
-        ini_set('session.gc_maxlifetime', self::$longSessionTimeout);
-        // Use cookies to store session.
-        ini_set('session.use_cookies', 1);
-        // Force cookies for session  (phpsessionID forbidden in URL)
-        ini_set('session.use_only_cookies', 1);
-        if ( !session_id() ) {
-            // Prevent php to use sessionID in URL if cookies are disabled.
-            ini_set('session.use_trans_sid', false);
-            if (!empty(self::$sessionName)) {
-                session_name(self::$sessionName);
-            }
-            session_start();
-        }
-    }
-    /**
-     * Returns the IP address
-     * (Used to prevent session cookie hijacking.)
-     *
-     * @return string IP addresses
-     */
-    private static function _allIPs()
-    {
-        $ip = $_SERVER["REMOTE_ADDR"];
-        $ip.= isset($_SERVER['HTTP_X_FORWARDED_FOR']) ? '_'.$_SERVER['HTTP_X_FORWARDED_FOR'] : '';
-        $ip.= isset($_SERVER['HTTP_CLIENT_IP']) ? '_'.$_SERVER['HTTP_CLIENT_IP'] : '';
-        return $ip;
-    }
-    /**
-     * Check that user/password is correct and then init some SESSION variables.
-     *
-     * @param string $login        Login reference
-     * @param string $password     Password reference
-     * @param string $loginTest    Login to compare with login reference
-     * @param string $passwordTest Password to compare with password reference
-     * @param array  $pValues      Array of variables to store in SESSION
-     *
-     * @return true|false          True if login and password are correct, false
-     *                             otherwise
-     */
-    public static function login (
-        $login,
-        $password,
-        $loginTest,
-        $passwordTest,
-        $longlastingsession,
-        $pValues = array())
-    {
-        self::banInit();
-        if (self::banCanLogin()) {
-            if ($login === $loginTest && $password === $passwordTest) {
-                self::banLoginOk();
-                self::init($longlastingsession);
-                // Generate unique random number to sign forms (HMAC)
-                $_SESSION['uid'] = sha1(uniqid('', true).'_'.mt_rand());
-                $_SESSION['ip'] = self::_allIPs();
-                $_SESSION['username'] = $login;
-                // Set session expiration.
-                $_SESSION['expires_on'] = time() + self::$inactivityTimeout;
-                if ($longlastingsession) {
-                        $_SESSION['longlastingsession'] = self::$longSessionTimeout;
-                        $_SESSION['expires_on'] += $_SESSION['longlastingsession'];
-                }
-                
-                foreach ($pValues as $key => $value) {
-                    $_SESSION[$key] = $value;
-                }
-                return true;
-            }
-            self::banLoginFailed();
-        }
-        self::init();
-        return false;
-    }
-    /**
-     * Unset SESSION variable to force logout
-     */
-    public static function logout()
-    {
-        // unset($_SESSION['uid'],$_SESSION['ip'],$_SESSION['expires_on'],$_SESSION['tokens'], $_SESSION['login'], $_SESSION['pass'], $_SESSION['longlastingsession'], $_SESSION['poche_user']);
-        
-        // Destruction du cookie (le code peut paraître complexe mais c'est pour être certain de reprendre les mêmes paramètres)
-        $args = array_merge(array(session_name(), ''), array_values(session_get_cookie_params()));
-        $args[2] = time() - 3600;
-        call_user_func_array('setcookie', $args);
-        // Suppression physique de la session
-        session_destroy();
-    }
-    /**
-     * Make sure user is logged in.
-     *
-     * @return true|false True if user is logged in, false otherwise
-     */
-    public static function isLogged()
-    {
-        if (!isset ($_SESSION['uid'])
-            || (self::$disableSessionProtection === false
-                && $_SESSION['ip'] !== self::_allIPs())
-            || time() >= $_SESSION['expires_on']) {
-            //self::logout();
-            return false;
-        }
-        // User accessed a page : Update his/her session expiration date.
-        $_SESSION['expires_on'] = time() + self::$inactivityTimeout;
-        if (!empty($_SESSION['longlastingsession'])) {
-                $_SESSION['expires_on'] += $_SESSION['longlastingsession'];
-        }
-        return true;
-    }
-    /**
-     * Create a token, store it in SESSION and return it
-     *
-     * @param string $salt to prevent birthday attack
-     *
-     * @return string Token created
-     */
-    public static function getToken($salt = '')
-    {
-        if (!isset($_SESSION['tokens'])) {
-            $_SESSION['tokens']=array();
-        }
-        // We generate a random string and store it on the server side.
-        $rnd = sha1(uniqid('', true).'_'.mt_rand().$salt);
-        $_SESSION['tokens'][$rnd]=1;
-        return $rnd;
-    }
-    /**
-     * Tells if a token is ok. Using this function will destroy the token.
-     *
-     * @param string $token Token to test
-     *
-     * @return true|false   True if token is correct, false otherwise
-     */
-    public static function isToken($token)
-    {
-        if (isset($_SESSION['tokens'][$token])) {
-            unset($_SESSION['tokens'][$token]); // Token is used: destroy it.
-            return true; // Token is ok.
-        }
-        return false; // Wrong token, or already used.
-    }
-    /**
-     * Signal a failed login. Will ban the IP if too many failures:
-     */
-    public static function banLoginFailed()
-    {
-        if (self::$banFile !== '') {
-            $ip = $_SERVER["REMOTE_ADDR"];
-            $gb = $GLOBALS['IPBANS'];
-            if (!isset($gb['FAILURES'][$ip])) {
-                $gb['FAILURES'][$ip] = 0;
-            }
-            $gb['FAILURES'][$ip]++;
-            if ($gb['FAILURES'][$ip] > (self::$banAfter - 1)) {
-                $gb['BANS'][$ip]= time() + self::$banDuration;
-            }
-            $GLOBALS['IPBANS'] = $gb;
-            file_put_contents(self::$banFile, "<?php\n\$GLOBALS['IPBANS']=".var_export($gb, true).";\n?>");
-        }
-    }
-    /**
-     * Signals a successful login. Resets failed login counter.
-     */
-    public static function banLoginOk()
-    {
-        if (self::$banFile !== '') {
-            $ip = $_SERVER["REMOTE_ADDR"];
-            $gb = $GLOBALS['IPBANS'];
-            unset($gb['FAILURES'][$ip]); unset($gb['BANS'][$ip]);
-            $GLOBALS['IPBANS'] = $gb;
-            file_put_contents(self::$banFile, "<?php\n\$GLOBALS['IPBANS']=".var_export($gb, true).";\n?>");
-        }
-    }
-    /**
-     * Ban init
-     */
-    public static function banInit()
-    {
-        if (self::$banFile !== '') {
-            if (!is_file(self::$banFile)) {
-                file_put_contents(self::$banFile, "<?php\n\$GLOBALS['IPBANS']=".var_export(array('FAILURES'=>array(), 'BANS'=>array()), true).";\n?>");
-            }
-            include self::$banFile;
-        }
-    }
-    /**
-     * Checks if the user CAN login. If 'true', the user can try to login.
-     *
-     * @return boolean true if user is banned, false otherwise
-     */
-    public static function banCanLogin()
-    {
-        if (self::$banFile !== '') {
-            $ip = $_SERVER["REMOTE_ADDR"];
-            $gb = $GLOBALS['IPBANS'];
-            if (isset($gb['BANS'][$ip])) {
-                // User is banned. Check if the ban has expired:
-                if ($gb['BANS'][$ip] <= time()) {
-                    // Ban expired, user can try to login again.
-                    unset($gb['FAILURES'][$ip]);
-                    unset($gb['BANS'][$ip]);
-                    file_put_contents(self::$banFile, "<?php\n\$GLOBALS['IPBANS']=".var_export($gb, true).";\n?>");
-                    return true; // Ban has expired, user can login.
-                }
-                return false; // User is banned.
-            }
-        }
-        return true; // User is not banned.
-    }
-    /**
-     * Tells if a param exists in session
-     *
-     * @param $name name of the param to test
-     * @return bool
-     */
-    public static function isInSession($name)
-    {
-        return (isset($_SESSION[$name]) ? : FALSE);
-    }
-    /**
-     * Returns param in session
-     *
-     * @param $name name of the param to return
-     * @return mixed param or null
-     */
-    public static function getParam($name)
-    {
-        return (self::isInSession($name) ? $_SESSION[$name] : NULL);
-    }
-    /**
-     * Store value in session
-     *
-     * @param $name     name of the variable to store
-     * @param $value    value to store
-     */
-    public static function setParam($name, $value)
-    {
-        $_SESSION[$name] = $value;
-    }
-}
diff --git a/inc/3rdparty/paginator.php b/inc/3rdparty/paginator.php
deleted file mode 100644
index 306756c0..00000000
--- a/inc/3rdparty/paginator.php
+++ /dev/null
@@ -1,202 +0,0 @@
-<?php
-/*
- * PHP Pagination Class
- *
- * @author David Carr - dave@daveismyname.com - http://www.daveismyname.com
- * @version 1.0
- * @date October 20, 2013
- */
-class Paginator{
-        /**
-     * set the number of items per page.
-     *
-     * @var numeric
-    */
-    private $_perPage;
-    /**
-     * set get parameter for fetching the page number
-     *
-     * @var string
-    */
-    private $_instance;
-    /**
-     * sets the page number.
-     *
-     * @var numeric
-    */
-    private $_page;
-    /**
-     * set the limit for the data source
-     *
-     * @var string
-    */
-    private $_limit;
-    /**
-     * set the total number of records/items.
-     *
-     * @var numeric
-    */
-    private $_totalRows = 0;
-    /**
-     *  __construct
-     *  
-     *  pass values when class is istantiated 
-     *  
-     * @param numeric  $_perPage  sets the number of iteems per page
-     * @param numeric  $_instance sets the instance for the GET parameter
-     */
-    public function __construct($perPage,$instance){
-        $this->_instance = $instance;        
-        $this->_perPage = $perPage;
-        $this->set_instance();        
-    }
-    /**
-     * get_start
-     *
-     * creates the starting point for limiting the dataset
-     * @return numeric
-    */
-    private function get_start(){
-        return ($this->_page * $this->_perPage) - $this->_perPage;
-    }
-    /**
-     * set_instance
-     * 
-     * sets the instance parameter, if numeric value is 0 then set to 1
-     *
-     * @var numeric
-    */
-    private function set_instance(){
-        $this->_page = (int) (!isset($_GET[$this->_instance]) ? 1 : $_GET[$this->_instance]); 
-        $this->_page = ($this->_page == 0 ? 1 : $this->_page);
-    }
-    /**
-     * set_total
-     *
-     * collect a numberic value and assigns it to the totalRows
-     *
-     * @var numeric
-    */
-    public function set_total($_totalRows){
-        $this->_totalRows = $_totalRows;
-    }
-    /**
-     * get_limit
-     *
-     * returns the limit for the data source, calling the get_start method and passing in the number of items perp page
-     * 
-     * @return string
-    */
-    public function get_limit(){
-        if (STORAGE == 'postgres') {
-            return "LIMIT ".$this->_perPage." OFFSET ".$this->get_start();
-        } else {
-            return "LIMIT ".$this->get_start().",".$this->_perPage;
-        }
-    }
-        /**
-         * page_links
-         *
-         * create the html links for navigating through the dataset
-         * 
-         * @var sting $path optionally set the path for the link
-         * @var sting $ext optionally pass in extra parameters to the GET
-         * @return string returns the html menu
-        */
-    public function page_links($path='?',$ext=null)
-    {
-        $adjacents = "2";
-        $prev = $this->_page - 1;
-        $next = $this->_page + 1;
-        $lastpage = ceil($this->_totalRows/$this->_perPage);
-        $lpm1 = $lastpage - 1;
-        $pagination = "";
-        if($lastpage > 1)
-        {   
-            $pagination .= "<div class='pagination'>";
-        if ($this->_page > 1)
-            $pagination.= "<a href='".$path."$this->_instance=$prev"."$ext'>« previous</a>";
-        else
-            $pagination.= "<span class='disabled'>« previous</span>";   
-        if ($lastpage < 7 + ($adjacents * 2))
-        {   
-        for ($counter = 1; $counter <= $lastpage; $counter++)
-        {
-        if ($counter == $this->_page)
-            $pagination.= "<span class='current'>$counter</span>";
-        else
-            $pagination.= "<a href='".$path."$this->_instance=$counter"."$ext'>$counter</a>";                   
-        }
-        }
-        elseif($lastpage > 5 + ($adjacents * 2))
-        {
-        if($this->_page < 1 + ($adjacents * 2))       
-        {
-        for ($counter = 1; $counter < 4 + ($adjacents * 2); $counter++)
-        {
-        if ($counter == $this->_page)
-            $pagination.= "<span class='current'>$counter</span>";
-        else
-            $pagination.= "<a href='".$path."$this->_instance=$counter"."$ext'>$counter</a>";                   
-        }
-            $pagination.= "...";
-            $pagination.= "<a href='".$path."$this->_instance=$lpm1"."$ext'>$lpm1</a>";
-            $pagination.= "<a href='".$path."$this->_instance=$lastpage"."$ext'>$lastpage</a>";       
-        }
-        elseif($lastpage - ($adjacents * 2) > $this->_page && $this->_page > ($adjacents * 2))
-        {
-            $pagination.= "<a href='".$path."$this->_instance=1"."$ext'>1</a>";
-            $pagination.= "<a href='".$path."$this->_instance=2"."$ext'>2</a>";
-            $pagination.= "...";
-        for ($counter = $this->_page - $adjacents; $counter <= $this->_page + $adjacents; $counter++)
-        {
-        if ($counter == $this->_page)
-            $pagination.= "<span class='current'>$counter</span>";
-        else
-            $pagination.= "<a href='".$path."$this->_instance=$counter"."$ext'>$counter</a>";                   
-        }
-            $pagination.= "..";
-            $pagination.= "<a href='".$path."$this->_instance=$lpm1"."$ext'>$lpm1</a>";
-            $pagination.= "<a href='".$path."$this->_instance=$lastpage"."$ext'>$lastpage</a>";       
-        }
-        else
-        {
-            $pagination.= "<a href='".$path."$this->_instance=1"."$ext'>1</a>";
-            $pagination.= "<a href='".$path."$this->_instance=2"."$ext'>2</a>";
-            $pagination.= "..";
-        for ($counter = $lastpage - (2 + ($adjacents * 2)); $counter <= $lastpage; $counter++)
-        {
-        if ($counter == $this->_page)
-            $pagination.= "<span class='current'>$counter</span>";
-        else
-            $pagination.= "<a href='".$path."$this->_instance=$counter"."$ext'>$counter</a>";                   
-        }
-        }
-        }
-        if ($this->_page < $counter - 1)
-            $pagination.= "<a href='".$path."$this->_instance=$next"."$ext'>next »</a>";
-        else
-            $pagination.= "<span class='disabled'>next »</span>";
-            $pagination.= "</div>\n";       
-        }
-    return $pagination;
-    }
-}
diff --git a/inc/3rdparty/FlattrItem.class.php b/inc/poche/FlattrItem.class.php
index ef8c62f7..ef8c62f7 100644
--- a/inc/3rdparty/FlattrItem.class.php
+++ b/inc/poche/FlattrItem.class.php
diff --git a/inc/poche/global.inc.php b/inc/poche/global.inc.php
index 4d119456..c17d54e6 100755
--- a/inc/poche/global.inc.php
+++ b/inc/poche/global.inc.php
@@ -29,7 +29,7 @@ require_once INCLUDES . '/3rdparty/paginator.php';
 require_once INCLUDES . '/3rdparty/libraries/feedwriter/FeedItem.php';
 require_once INCLUDES . '/3rdparty/libraries/feedwriter/FeedWriter.php';
-require_once INCLUDES . '/3rdparty/FlattrItem.class.php';
+require_once INCLUDES . '/poche/FlattrItem.class.php';
 # epub library
 require_once INCLUDES . '/3rdparty/libraries/PHPePub/Logger.php';

diff --git a/composer.json b/composer.json index 56dea960..32ca9c28 100644 --- a/composer.json +++ b/composer.json
@@ -30,6 +30,10 @@
30	{	30	{
31	"type": "vcs",	31	"type": "vcs",
32	"url": "https://github.com/wallabag/kriss_php5"	32	"url": "https://github.com/wallabag/kriss_php5"
		33	},
		34	{
		35	"type": "vcs",
		36	"url": "https://github.com/wallabag/pagination"
33	}	37	}
34	],	38	],
35	"require": {	39	"require": {
@@ -40,6 +44,7 @@
40	"ezyang/htmlpurifier": "dev-master",	44	"ezyang/htmlpurifier": "dev-master",
41	"mgargano/simplehtmldom": "dev-master",	45	"mgargano/simplehtmldom": "dev-master",
42	"wallabag/PHP-Flash-Messages": "dev-master",	46	"wallabag/PHP-Flash-Messages": "dev-master",
43	"wallabag/kriss_php5": "dev-master"	47	"wallabag/kriss_php5": "dev-master",
		48	"wallabag/pagination": "dev-master"
44	}	49	}
45	} \ No newline at end of file	50	} \ No newline at end of file


diff --git a/composer.lock b/composer.lock index 48df2b16..00d31c5b 100644 --- a/composer.lock +++ b/composer.lock
@@ -4,7 +4,7 @@
4	"Read more about it at http://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",	4	"Read more about it at http://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
5	"This file is @generated automatically"	5	"This file is @generated automatically"
6	],	6	],
7	"hash": "aaf0d0bb3208c2dfc0b6cc95cbfab5f6",	7	"hash": "01683220c560fe335307baeb1018293c",
8	"packages": [	8	"packages": [
9	{	9	{
10	"name": "ezyang/htmlpurifier",	10	"name": "ezyang/htmlpurifier",
@@ -1374,6 +1374,43 @@
1374	"time": "2015-01-18 21:21:43"	1374	"time": "2015-01-18 21:21:43"
1375	},	1375	},
1376	{	1376	{
		1377	"name": "wallabag/pagination",
		1378	"version": "dev-master",
		1379	"source": {
		1380	"type": "git",
		1381	"url": "https://github.com/wallabag/pagination.git",
		1382	"reference": "54e442b31c90e50e331cb8ac400537e0eda30deb"
		1383	},
		1384	"dist": {
		1385	"type": "zip",
		1386	"url": "https://api.github.com/repos/wallabag/pagination/zipball/54e442b31c90e50e331cb8ac400537e0eda30deb",
		1387	"reference": "54e442b31c90e50e331cb8ac400537e0eda30deb",
		1388	"shasum": ""
		1389	},
		1390	"require": {
		1391	"php": ">=5.3.0"
		1392	},
		1393	"type": "library",
		1394	"autoload": {
		1395	"files": [
		1396	"paginator.php"
		1397	]
		1398	},
		1399	"authors": [
		1400	{
		1401	"name": "Nicolas Lœuillet",
		1402	"email": "nicolas@loeuillet.org",
		1403	"homepage": "http://www.cdetc.fr"
		1404	}
		1405	],
		1406	"description": "Paginate record sets, not tied in directly to a database.",
		1407	"homepage": "https://github.com/wallabag/pagination",
		1408	"support": {
		1409	"source": "https://github.com/wallabag/pagination/tree/master"
		1410	},
		1411	"time": "2015-01-19 09:24:39"
		1412	},
		1413	{
1377	"name": "wallabag/php-flash-messages",	1414	"name": "wallabag/php-flash-messages",
1378	"version": "dev-master",	1415	"version": "dev-master",
1379	"source": {	1416	"source": {
@@ -1428,7 +1465,8 @@
1428	"ezyang/htmlpurifier": 20,	1465	"ezyang/htmlpurifier": 20,
1429	"mgargano/simplehtmldom": 20,	1466	"mgargano/simplehtmldom": 20,
1430	"wallabag/php-flash-messages": 20,	1467	"wallabag/php-flash-messages": 20,
1431	"wallabag/kriss_php5": 20	1468	"wallabag/kriss_php5": 20,
		1469	"wallabag/pagination": 20
1432	},	1470	},
1433	"prefer-stable": false,	1471	"prefer-stable": false,
1434	"prefer-lowest": false,	1472	"prefer-lowest": false,


diff --git a/inc/3rdparty/Session.class.php b/inc/3rdparty/Session.class.php deleted file mode 100644 index b56e4c54..00000000 --- a/inc/3rdparty/Session.class.php +++ /dev/null
@@ -1,346 +0,0 @@
1	<?php
2	/**
3	* Session management class
4	*
5	* http://www.developpez.net/forums/d51943/php/langage/sessions/
6	* http://sebsauvage.net/wiki/doku.php?id=php:session
7	* http://sebsauvage.net/wiki/doku.php?id=php:shaarli
8	*
9	* Features:
10	* - Everything is stored on server-side (we do not trust client-side data,
11	* such as cookie expiration)
12	* - IP addresses are checked on each access to prevent session cookie hijacking
13	* (such as Firesheep)
14	* - Session expires on user inactivity (Session expiration date is
15	* automatically updated everytime the user accesses a page.)
16	* - A unique secret key is generated on server-side for this session
17	* (and never sent over the wire) which can be used to sign forms (HMAC)
18	* (See $_SESSION['uid'])
19	* - Token management to prevent XSRF attacks
20	* - Brute force protection with ban management
21	*
22	* TODOs
23	* - Replace globals with variables in Session class
24	*
25	* How to use:
26	* - http://tontof.net/kriss/php5/session
27	*/
28	class Session
29	{
30	// Personnalize PHP session name
31	public static $sessionName = '';
32	// If the user does not access any page within this time,
33	// his/her session is considered expired (3600 sec. = 1 hour)
34	public static $inactivityTimeout = 3600;
35	// Extra timeout for long sessions (if enabled) (82800 sec. = 23 hours)
36	public static $longSessionTimeout = 7776000; // 7776000 = 90 days
37	// If you get disconnected often or if your IP address changes often.
38	// Let you disable session cookie hijacking protection
39	public static $disableSessionProtection = false;
40	// Ban IP after this many failures.
41	public static $banAfter = 4;
42	// Ban duration for IP address after login failures (in seconds).
43	// (1800 sec. = 30 minutes)
44	public static $banDuration = 1800;
45	// File storage for failures and bans. If empty, no ban management.
46	public static $banFile = '';
47
48	/**
49	* Initialize session
50	*/
51	public static function init($longlastingsession = false)
52	{
53	//check if session name is correct
54	if ( (session_id() && !empty(self::$sessionName) && session_name()!=self::$sessionName) \|\| $longlastingsession ) {
55	session_destroy();
56	}
57
58	// Force cookie path (but do not change lifetime)
59	$cookie = session_get_cookie_params();
60	// Default cookie expiration and path.
61	$cookiedir = '';
62	if (dirname($_SERVER['SCRIPT_NAME'])!='/') {
63	$cookiedir = dirname($_SERVER["SCRIPT_NAME"]).'/';
64	}
65	$ssl = false;
66	if (isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] == "on") {
67	$ssl = true;
68	}
69
70	if ( $longlastingsession ) {
71	session_set_cookie_params(self::$longSessionTimeout, $cookiedir, null, $ssl, true);
72	}
73	else {
74	session_set_cookie_params(0, $cookiedir, null, $ssl, true);
75	}
76	//set server side valid session timeout
77	//WARNING! this may not work in shared session environment. See http://www.php.net/manual/en/session.configuration.php#ini.session.gc-maxlifetime about min value: it can be set in any application
78	ini_set('session.gc_maxlifetime', self::$longSessionTimeout);
79
80	// Use cookies to store session.
81	ini_set('session.use_cookies', 1);
82	// Force cookies for session (phpsessionID forbidden in URL)
83	ini_set('session.use_only_cookies', 1);
84	if ( !session_id() ) {
85	// Prevent php to use sessionID in URL if cookies are disabled.
86	ini_set('session.use_trans_sid', false);
87	if (!empty(self::$sessionName)) {
88	session_name(self::$sessionName);
89	}
90	session_start();
91	}
92	}
93
94	/**
95	* Returns the IP address
96	* (Used to prevent session cookie hijacking.)
97	*
98	* @return string IP addresses
99	*/
100	private static function _allIPs()
101	{
102	$ip = $_SERVER["REMOTE_ADDR"];
103	$ip.= isset($_SERVER['HTTP_X_FORWARDED_FOR']) ? '_'.$_SERVER['HTTP_X_FORWARDED_FOR'] : '';
104	$ip.= isset($_SERVER['HTTP_CLIENT_IP']) ? '_'.$_SERVER['HTTP_CLIENT_IP'] : '';
105
106	return $ip;
107	}
108
109	/**
110	* Check that user/password is correct and then init some SESSION variables.
111	*
112	* @param string $login Login reference
113	* @param string $password Password reference
114	* @param string $loginTest Login to compare with login reference
115	* @param string $passwordTest Password to compare with password reference
116	* @param array $pValues Array of variables to store in SESSION
117	*
118	* @return true\|false True if login and password are correct, false
119	* otherwise
120	*/
121	public static function login (
122	$login,
123	$password,
124	$loginTest,
125	$passwordTest,
126	$longlastingsession,
127	$pValues = array())
128	{
129	self::banInit();
130	if (self::banCanLogin()) {
131	if ($login === $loginTest && $password === $passwordTest) {
132	self::banLoginOk();
133
134	self::init($longlastingsession);
135
136	// Generate unique random number to sign forms (HMAC)
137	$_SESSION['uid'] = sha1(uniqid('', true).'_'.mt_rand());
138	$_SESSION['ip'] = self::_allIPs();
139	$_SESSION['username'] = $login;
140	// Set session expiration.
141	$_SESSION['expires_on'] = time() + self::$inactivityTimeout;
142	if ($longlastingsession) {
143	$_SESSION['longlastingsession'] = self::$longSessionTimeout;
144	$_SESSION['expires_on'] += $_SESSION['longlastingsession'];
145	}
146
147	foreach ($pValues as $key => $value) {
148	$_SESSION[$key] = $value;
149	}
150
151	return true;
152	}
153	self::banLoginFailed();
154	}
155
156	self::init();
157	return false;
158	}
159
160	/**
161	* Unset SESSION variable to force logout
162	*/
163	public static function logout()
164	{
165	// unset($_SESSION['uid'],$_SESSION['ip'],$_SESSION['expires_on'],$_SESSION['tokens'], $_SESSION['login'], $_SESSION['pass'], $_SESSION['longlastingsession'], $_SESSION['poche_user']);
166
167	// Destruction du cookie (le code peut paraître complexe mais c'est pour être certain de reprendre les mêmes paramètres)
168	$args = array_merge(array(session_name(), ''), array_values(session_get_cookie_params()));
169	$args[2] = time() - 3600;
170	call_user_func_array('setcookie', $args);
171	// Suppression physique de la session
172	session_destroy();
173	}
174
175	/**
176	* Make sure user is logged in.
177	*
178	* @return true\|false True if user is logged in, false otherwise
179	*/
180	public static function isLogged()
181	{
182	if (!isset ($_SESSION['uid'])
183	\|\| (self::$disableSessionProtection === false
184	&& $_SESSION['ip'] !== self::_allIPs())
185	\|\| time() >= $_SESSION['expires_on']) {
186	//self::logout();
187
188	return false;
189	}
190	// User accessed a page : Update his/her session expiration date.
191	$_SESSION['expires_on'] = time() + self::$inactivityTimeout;
192	if (!empty($_SESSION['longlastingsession'])) {
193	$_SESSION['expires_on'] += $_SESSION['longlastingsession'];
194	}
195
196	return true;
197	}
198
199	/**
200	* Create a token, store it in SESSION and return it
201	*
202	* @param string $salt to prevent birthday attack
203	*
204	* @return string Token created
205	*/
206	public static function getToken($salt = '')
207	{
208	if (!isset($_SESSION['tokens'])) {
209	$_SESSION['tokens']=array();
210	}
211	// We generate a random string and store it on the server side.
212	$rnd = sha1(uniqid('', true).'_'.mt_rand().$salt);
213	$_SESSION['tokens'][$rnd]=1;
214
215	return $rnd;
216	}
217
218	/**
219	* Tells if a token is ok. Using this function will destroy the token.
220	*
221	* @param string $token Token to test
222	*
223	* @return true\|false True if token is correct, false otherwise
224	*/
225	public static function isToken($token)
226	{
227	if (isset($_SESSION['tokens'][$token])) {
228	unset($_SESSION['tokens'][$token]); // Token is used: destroy it.
229
230	return true; // Token is ok.
231	}
232
233	return false; // Wrong token, or already used.
234	}
235
236	/**
237	* Signal a failed login. Will ban the IP if too many failures:
238	*/
239	public static function banLoginFailed()
240	{
241	if (self::$banFile !== '') {
242	$ip = $_SERVER["REMOTE_ADDR"];
243	$gb = $GLOBALS['IPBANS'];
244
245	if (!isset($gb['FAILURES'][$ip])) {
246	$gb['FAILURES'][$ip] = 0;
247	}
248	$gb['FAILURES'][$ip]++;
249	if ($gb['FAILURES'][$ip] > (self::$banAfter - 1)) {
250	$gb['BANS'][$ip]= time() + self::$banDuration;
251	}
252
253	$GLOBALS['IPBANS'] = $gb;
254	file_put_contents(self::$banFile, "<?php\n\$GLOBALS['IPBANS']=".var_export($gb, true).";\n?>");
255	}
256	}
257
258	/**
259	* Signals a successful login. Resets failed login counter.
260	*/
261	public static function banLoginOk()
262	{
263	if (self::$banFile !== '') {
264	$ip = $_SERVER["REMOTE_ADDR"];
265	$gb = $GLOBALS['IPBANS'];
266	unset($gb['FAILURES'][$ip]); unset($gb['BANS'][$ip]);
267	$GLOBALS['IPBANS'] = $gb;
268	file_put_contents(self::$banFile, "<?php\n\$GLOBALS['IPBANS']=".var_export($gb, true).";\n?>");
269	}
270	}
271
272	/**
273	* Ban init
274	*/
275	public static function banInit()
276	{
277	if (self::$banFile !== '') {
278	if (!is_file(self::$banFile)) {
279	file_put_contents(self::$banFile, "<?php\n\$GLOBALS['IPBANS']=".var_export(array('FAILURES'=>array(), 'BANS'=>array()), true).";\n?>");
280	}
281	include self::$banFile;
282	}
283	}
284
285	/**
286	* Checks if the user CAN login. If 'true', the user can try to login.
287	*
288	* @return boolean true if user is banned, false otherwise
289	*/
290	public static function banCanLogin()
291	{
292	if (self::$banFile !== '') {
293	$ip = $_SERVER["REMOTE_ADDR"];
294	$gb = $GLOBALS['IPBANS'];
295	if (isset($gb['BANS'][$ip])) {
296	// User is banned. Check if the ban has expired:
297	if ($gb['BANS'][$ip] <= time()) {
298	// Ban expired, user can try to login again.
299	unset($gb['FAILURES'][$ip]);
300	unset($gb['BANS'][$ip]);
301	file_put_contents(self::$banFile, "<?php\n\$GLOBALS['IPBANS']=".var_export($gb, true).";\n?>");
302
303	return true; // Ban has expired, user can login.
304	}
305
306	return false; // User is banned.
307	}
308	}
309
310	return true; // User is not banned.
311	}
312
313
314	/**
315	* Tells if a param exists in session
316	*
317	* @param $name name of the param to test
318	* @return bool
319	*/
320	public static function isInSession($name)
321	{
322	return (isset($_SESSION[$name]) ? : FALSE);
323	}
324
325	/**
326	* Returns param in session
327	*
328	* @param $name name of the param to return
329	* @return mixed param or null
330	*/
331	public static function getParam($name)
332	{
333	return (self::isInSession($name) ? $_SESSION[$name] : NULL);
334	}
335
336	/**
337	* Store value in session
338	*
339	* @param $name name of the variable to store
340	* @param $value value to store
341	*/
342	public static function setParam($name, $value)
343	{
344	$_SESSION[$name] = $value;
345	}
346	}


diff --git a/inc/3rdparty/paginator.php b/inc/3rdparty/paginator.php deleted file mode 100644 index 306756c0..00000000 --- a/inc/3rdparty/paginator.php +++ /dev/null
@@ -1,202 +0,0 @@
1	<?php
2	/*
3	* PHP Pagination Class
4	*
5	* @author David Carr - dave@daveismyname.com - http://www.daveismyname.com
6	* @version 1.0
7	* @date October 20, 2013
8	*/
9	class Paginator{
10
11	/**
12	* set the number of items per page.
13	*
14	* @var numeric
15	*/
16	private $_perPage;
17
18	/**
19	* set get parameter for fetching the page number
20	*
21	* @var string
22	*/
23	private $_instance;
24
25	/**
26	* sets the page number.
27	*
28	* @var numeric
29	*/
30	private $_page;
31
32	/**
33	* set the limit for the data source
34	*
35	* @var string
36	*/
37	private $_limit;
38
39	/**
40	* set the total number of records/items.
41	*
42	* @var numeric
43	*/
44	private $_totalRows = 0;
45
46
47
48	/**
49	* __construct
50	*
51	* pass values when class is istantiated
52	*
53	* @param numeric $_perPage sets the number of iteems per page
54	* @param numeric $_instance sets the instance for the GET parameter
55	*/
56	public function __construct($perPage,$instance){
57	$this->_instance = $instance;
58	$this->_perPage = $perPage;
59	$this->set_instance();
60	}
61
62	/**
63	* get_start
64	*
65	* creates the starting point for limiting the dataset
66	* @return numeric
67	*/
68	private function get_start(){
69	return ($this->_page * $this->_perPage) - $this->_perPage;
70	}
71
72	/**
73	* set_instance
74	*
75	* sets the instance parameter, if numeric value is 0 then set to 1
76	*
77	* @var numeric
78	*/
79	private function set_instance(){
80	$this->_page = (int) (!isset($_GET[$this->_instance]) ? 1 : $_GET[$this->_instance]);
81	$this->_page = ($this->_page == 0 ? 1 : $this->_page);
82	}
83
84	/**
85	* set_total
86	*
87	* collect a numberic value and assigns it to the totalRows
88	*
89	* @var numeric
90	*/
91	public function set_total($_totalRows){
92	$this->_totalRows = $_totalRows;
93	}
94
95	/**
96	* get_limit
97	*
98	* returns the limit for the data source, calling the get_start method and passing in the number of items perp page
99	*
100	* @return string
101	*/
102	public function get_limit(){
103	if (STORAGE == 'postgres') {
104	return "LIMIT ".$this->_perPage." OFFSET ".$this->get_start();
105	} else {
106	return "LIMIT ".$this->get_start().",".$this->_perPage;
107	}
108	}
109
110	/**
111	* page_links
112	*
113	* create the html links for navigating through the dataset
114	*
115	* @var sting $path optionally set the path for the link
116	* @var sting $ext optionally pass in extra parameters to the GET
117	* @return string returns the html menu
118	*/
119	public function page_links($path='?',$ext=null)
120	{
121	$adjacents = "2";
122	$prev = $this->_page - 1;
123	$next = $this->_page + 1;
124	$lastpage = ceil($this->_totalRows/$this->_perPage);
125	$lpm1 = $lastpage - 1;
126
127	$pagination = "";
128	if($lastpage > 1)
129	{
130	$pagination .= "<div class='pagination'>";
131	if ($this->_page > 1)
132	$pagination.= "<a href='".$path."$this->_instance=$prev"."$ext'>« previous</a>";
133	else
134	$pagination.= "<span class='disabled'>« previous</span>";
135
136	if ($lastpage < 7 + ($adjacents * 2))
137	{
138	for ($counter = 1; $counter <= $lastpage; $counter++)
139	{
140	if ($counter == $this->_page)
141	$pagination.= "<span class='current'>$counter</span>";
142	else
143	$pagination.= "<a href='".$path."$this->_instance=$counter"."$ext'>$counter</a>";
144	}
145	}
146	elseif($lastpage > 5 + ($adjacents * 2))
147	{
148	if($this->_page < 1 + ($adjacents * 2))
149	{
150	for ($counter = 1; $counter < 4 + ($adjacents * 2); $counter++)
151	{
152	if ($counter == $this->_page)
153	$pagination.= "<span class='current'>$counter</span>";
154	else
155	$pagination.= "<a href='".$path."$this->_instance=$counter"."$ext'>$counter</a>";
156	}
157	$pagination.= "...";
158	$pagination.= "<a href='".$path."$this->_instance=$lpm1"."$ext'>$lpm1</a>";
159	$pagination.= "<a href='".$path."$this->_instance=$lastpage"."$ext'>$lastpage</a>";
160	}
161	elseif($lastpage - ($adjacents * 2) > $this->_page && $this->_page > ($adjacents * 2))
162	{
163	$pagination.= "<a href='".$path."$this->_instance=1"."$ext'>1</a>";
164	$pagination.= "<a href='".$path."$this->_instance=2"."$ext'>2</a>";
165	$pagination.= "...";
166	for ($counter = $this->_page - $adjacents; $counter <= $this->_page + $adjacents; $counter++)
167	{
168	if ($counter == $this->_page)
169	$pagination.= "<span class='current'>$counter</span>";
170	else
171	$pagination.= "<a href='".$path."$this->_instance=$counter"."$ext'>$counter</a>";
172	}
173	$pagination.= "..";
174	$pagination.= "<a href='".$path."$this->_instance=$lpm1"."$ext'>$lpm1</a>";
175	$pagination.= "<a href='".$path."$this->_instance=$lastpage"."$ext'>$lastpage</a>";
176	}
177	else
178	{
179	$pagination.= "<a href='".$path."$this->_instance=1"."$ext'>1</a>";
180	$pagination.= "<a href='".$path."$this->_instance=2"."$ext'>2</a>";
181	$pagination.= "..";
182	for ($counter = $lastpage - (2 + ($adjacents * 2)); $counter <= $lastpage; $counter++)
183	{
184	if ($counter == $this->_page)
185	$pagination.= "<span class='current'>$counter</span>";
186	else
187	$pagination.= "<a href='".$path."$this->_instance=$counter"."$ext'>$counter</a>";
188	}
189	}
190	}
191
192	if ($this->_page < $counter - 1)
193	$pagination.= "<a href='".$path."$this->_instance=$next"."$ext'>next »</a>";
194	else
195	$pagination.= "<span class='disabled'>next »</span>";
196	$pagination.= "</div>\n";
197	}
198
199
200	return $pagination;
201	}
202	}


diff --git a/inc/3rdparty/FlattrItem.class.php b/inc/poche/FlattrItem.class.php index ef8c62f7..ef8c62f7 100644 --- a/inc/3rdparty/FlattrItem.class.php +++ b/inc/poche/FlattrItem.class.php


diff --git a/inc/poche/global.inc.php b/inc/poche/global.inc.php index 4d119456..c17d54e6 100755 --- a/inc/poche/global.inc.php +++ b/inc/poche/global.inc.php
@@ -29,7 +29,7 @@ require_once INCLUDES . '/3rdparty/paginator.php';
29		29
30	require_once INCLUDES . '/3rdparty/libraries/feedwriter/FeedItem.php';	30	require_once INCLUDES . '/3rdparty/libraries/feedwriter/FeedItem.php';
31	require_once INCLUDES . '/3rdparty/libraries/feedwriter/FeedWriter.php';	31	require_once INCLUDES . '/3rdparty/libraries/feedwriter/FeedWriter.php';
32	require_once INCLUDES . '/3rdparty/FlattrItem.class.php';	32	require_once INCLUDES . '/poche/FlattrItem.class.php';
33		33
34	# epub library	34	# epub library
35	require_once INCLUDES . '/3rdparty/libraries/PHPePub/Logger.php';	35	require_once INCLUDES . '/3rdparty/libraries/PHPePub/Logger.php';