diff options
-rw-r--r-- | inc/3rdparty/libraries/feedwriter/FeedItem.php | 3 | ||||
-rwxr-xr-x | inc/poche/Database.class.php | 41 | ||||
-rwxr-xr-x | inc/poche/Poche.class.php | 54 | ||||
-rwxr-xr-x | index.php | 4 | ||||
-rwxr-xr-x | install/index.php | 6 | ||||
-rwxr-xr-x | themes/baggy/config.twig | 32 | ||||
-rwxr-xr-x | themes/courgette/config.twig | 34 | ||||
-rwxr-xr-x | themes/default/config.twig | 33 |
8 files changed, 202 insertions, 5 deletions
diff --git a/inc/3rdparty/libraries/feedwriter/FeedItem.php b/inc/3rdparty/libraries/feedwriter/FeedItem.php index 3487423f..54a56f22 100644 --- a/inc/3rdparty/libraries/feedwriter/FeedItem.php +++ b/inc/3rdparty/libraries/feedwriter/FeedItem.php | |||
@@ -174,7 +174,8 @@ | |||
174 | */ | 174 | */ |
175 | public function setSource($link) | 175 | public function setSource($link) |
176 | { | 176 | { |
177 | $this->setElement('source', $link); | 177 | $attributes = array('url'=>$link); |
178 | $this->setElement('source', "wallabag",$attributes); | ||
178 | } | 179 | } |
179 | 180 | ||
180 | /** | 181 | /** |
diff --git a/inc/poche/Database.class.php b/inc/poche/Database.class.php index 036c9d1b..141d7987 100755 --- a/inc/poche/Database.class.php +++ b/inc/poche/Database.class.php | |||
@@ -33,6 +33,8 @@ class Database { | |||
33 | $db_path = 'pgsql:host=' . STORAGE_SERVER . ';dbname=' . STORAGE_DB; | 33 | $db_path = 'pgsql:host=' . STORAGE_SERVER . ';dbname=' . STORAGE_DB; |
34 | $this->handle = new PDO($db_path, STORAGE_USER, STORAGE_PASSWORD); | 34 | $this->handle = new PDO($db_path, STORAGE_USER, STORAGE_PASSWORD); |
35 | break; | 35 | break; |
36 | default: | ||
37 | die(STORAGE . ' is not a recognised database system !'); | ||
36 | } | 38 | } |
37 | 39 | ||
38 | $this->handle->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); | 40 | $this->handle->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); |
@@ -229,12 +231,49 @@ class Database { | |||
229 | return FALSE; | 231 | return FALSE; |
230 | } | 232 | } |
231 | } | 233 | } |
234 | |||
235 | public function listUsers($username=null) { | ||
236 | $sql = 'SELECT count(*) FROM users'.( $username ? ' WHERE username=?' : ''); | ||
237 | $query = $this->executeQuery($sql, ( $username ? array($username) : array())); | ||
238 | list($count) = $query->fetch(); | ||
239 | return $count; | ||
240 | } | ||
241 | |||
242 | public function getUserPassword($userID) { | ||
243 | $sql = "SELECT * FROM users WHERE id=?"; | ||
244 | $query = $this->executeQuery($sql, array($userID)); | ||
245 | $password = $query->fetchAll(); | ||
246 | return isset($password[0]['password']) ? $password[0]['password'] : null; | ||
247 | } | ||
248 | |||
249 | public function deleteUserConfig($userID) { | ||
250 | $sql_action = 'DELETE from users_config WHERE user_id=?'; | ||
251 | $params_action = array($userID); | ||
252 | $query = $this->executeQuery($sql_action, $params_action); | ||
253 | return $query; | ||
254 | } | ||
255 | |||
256 | public function deleteTagsEntriesAndEntries($userID) { | ||
257 | $entries = $this->retrieveAll($userID); | ||
258 | foreach($entries as $entryid) { | ||
259 | $tags = $this->retrieveTagsByEntry($entryid); | ||
260 | foreach($tags as $tag) { | ||
261 | $this->removeTagForEntry($entryid,$tags); | ||
262 | } | ||
263 | $this->deleteById($entryid,$userID); | ||
264 | } | ||
265 | } | ||
266 | |||
267 | public function deleteUser($userID) { | ||
268 | $sql_action = 'DELETE from users WHERE id=?'; | ||
269 | $params_action = array($userID); | ||
270 | $query = $this->executeQuery($sql_action, $params_action); | ||
271 | } | ||
232 | 272 | ||
233 | public function updateContentAndTitle($id, $title, $body, $user_id) { | 273 | public function updateContentAndTitle($id, $title, $body, $user_id) { |
234 | $sql_action = 'UPDATE entries SET content = ?, title = ? WHERE id=? AND user_id=?'; | 274 | $sql_action = 'UPDATE entries SET content = ?, title = ? WHERE id=? AND user_id=?'; |
235 | $params_action = array($body, $title, $id, $user_id); | 275 | $params_action = array($body, $title, $id, $user_id); |
236 | $query = $this->executeQuery($sql_action, $params_action); | 276 | $query = $this->executeQuery($sql_action, $params_action); |
237 | |||
238 | return $query; | 277 | return $query; |
239 | } | 278 | } |
240 | 279 | ||
diff --git a/inc/poche/Poche.class.php b/inc/poche/Poche.class.php index 66710ecb..7e3e6afe 100755 --- a/inc/poche/Poche.class.php +++ b/inc/poche/Poche.class.php | |||
@@ -241,6 +241,58 @@ class Poche | |||
241 | $filter = new Twig_SimpleFilter('getReadingTime', 'Tools::getReadingTime'); | 241 | $filter = new Twig_SimpleFilter('getReadingTime', 'Tools::getReadingTime'); |
242 | $this->tpl->addFilter($filter); | 242 | $this->tpl->addFilter($filter); |
243 | } | 243 | } |
244 | |||
245 | public function createNewUser() { | ||
246 | if (isset($_GET['newuser'])){ | ||
247 | if ($_POST['newusername'] != "" && $_POST['password4newuser'] != ""){ | ||
248 | $newusername = filter_var($_POST['newusername'], FILTER_SANITIZE_STRING); | ||
249 | if (!$this->store->userExists($newusername)){ | ||
250 | if ($this->store->install($newusername, Tools::encodeString($_POST['password4newuser'] . $newusername))) { | ||
251 | Tools::logm('The new user '.$newusername.' has been installed'); | ||
252 | $this->messages->add('s', sprintf(_('The new user %s has been installed. Do you want to <a href="?logout">logout ?</a>'),$newusername)); | ||
253 | Tools::redirect(); | ||
254 | } | ||
255 | else { | ||
256 | Tools::logm('error during adding new user'); | ||
257 | Tools::redirect(); | ||
258 | } | ||
259 | } | ||
260 | else { | ||
261 | $this->messages->add('e', sprintf(_('Error : An user with the name %s already exists !'),$newusername)); | ||
262 | Tools::logm('An user with the name '.$newusername.' already exists !'); | ||
263 | Tools::redirect(); | ||
264 | } | ||
265 | } | ||
266 | } | ||
267 | } | ||
268 | |||
269 | public function deleteUser(){ | ||
270 | if (isset($_GET['deluser'])){ | ||
271 | if ($this->store->listUsers() > 1) { | ||
272 | if (Tools::encodeString($_POST['password4deletinguser'].$this->user->getUsername()) == $this->store->getUserPassword($this->user->getId())) { | ||
273 | $username = $this->user->getUsername(); | ||
274 | $this->store->deleteUserConfig($this->user->getId()); | ||
275 | Tools::logm('The configuration for user '. $username .' has been deleted !'); | ||
276 | $this->store->deleteTagsEntriesAndEntries($this->user->getId()); | ||
277 | Tools::logm('The entries for user '. $username .' has been deleted !'); | ||
278 | $this->store->deleteUser($this->user->getId()); | ||
279 | Tools::logm('User '. $username .' has been completely deleted !'); | ||
280 | Session::logout(); | ||
281 | Tools::logm('logout'); | ||
282 | Tools::redirect(); | ||
283 | $this->messages->add('s', sprintf(_('User %s has been successfully deleted !'),$newusername)); | ||
284 | } | ||
285 | else { | ||
286 | Tools::logm('Bad password !'); | ||
287 | $this->messages->add('e', _('Error : The password is wrong !')); | ||
288 | } | ||
289 | } | ||
290 | else { | ||
291 | Tools::logm('Only user !'); | ||
292 | $this->messages->add('e', _('Error : You are the only user, you cannot delete your account !')); | ||
293 | } | ||
294 | } | ||
295 | } | ||
244 | 296 | ||
245 | private function install() | 297 | private function install() |
246 | { | 298 | { |
@@ -532,6 +584,7 @@ class Poche | |||
532 | $languages = $this->getInstalledLanguages(); | 584 | $languages = $this->getInstalledLanguages(); |
533 | $token = $this->user->getConfigValue('token'); | 585 | $token = $this->user->getConfigValue('token'); |
534 | $http_auth = (isset($_SERVER['PHP_AUTH_USER']) || isset($_SERVER['REMOTE_USER'])) ? true : false; | 586 | $http_auth = (isset($_SERVER['PHP_AUTH_USER']) || isset($_SERVER['REMOTE_USER'])) ? true : false; |
587 | $only_user = ($this->store->listUsers() > 1) ? false : true; | ||
535 | $tpl_vars = array( | 588 | $tpl_vars = array( |
536 | 'themes' => $themes, | 589 | 'themes' => $themes, |
537 | 'languages' => $languages, | 590 | 'languages' => $languages, |
@@ -544,6 +597,7 @@ class Poche | |||
544 | 'token' => $token, | 597 | 'token' => $token, |
545 | 'user_id' => $this->user->getId(), | 598 | 'user_id' => $this->user->getId(), |
546 | 'http_auth' => $http_auth, | 599 | 'http_auth' => $http_auth, |
600 | 'only_user' => $only_user | ||
547 | ); | 601 | ); |
548 | Tools::logm('config view'); | 602 | Tools::logm('config view'); |
549 | break; | 603 | break; |
@@ -66,6 +66,10 @@ if (isset($_GET['login'])) { | |||
66 | } elseif (isset($_GET['config'])) { | 66 | } elseif (isset($_GET['config'])) { |
67 | # Update password | 67 | # Update password |
68 | $poche->updatePassword(); | 68 | $poche->updatePassword(); |
69 | } elseif (isset($_GET['newuser'])) { | ||
70 | $poche->createNewUser(); | ||
71 | } elseif (isset($_GET['deluser'])) { | ||
72 | $poche->deleteUser(); | ||
69 | } elseif (isset($_GET['import'])) { | 73 | } elseif (isset($_GET['import'])) { |
70 | $import = $poche->import(); | 74 | $import = $poche->import(); |
71 | $tpl_vars = array_merge($tpl_vars, $import); | 75 | $tpl_vars = array_merge($tpl_vars, $import); |
diff --git a/install/index.php b/install/index.php index b6c6abec..e702891b 100755 --- a/install/index.php +++ b/install/index.php | |||
@@ -101,7 +101,7 @@ else if (isset($_POST['install'])) { | |||
101 | 101 | ||
102 | $sql_structure = file_get_contents('install/mysql.sql'); | 102 | $sql_structure = file_get_contents('install/mysql.sql'); |
103 | } | 103 | } |
104 | else if ($_POST['db_engine'] == 'postgresql') { | 104 | else if ($_POST['db_engine'] == 'postgres') { |
105 | $db_path = 'pgsql:host=' . $_POST['pg_server'] . ';dbname=' . $_POST['pg_database']; | 105 | $db_path = 'pgsql:host=' . $_POST['pg_server'] . ';dbname=' . $_POST['pg_database']; |
106 | $content = str_replace("define ('STORAGE_SERVER', 'localhost');", "define ('STORAGE_SERVER', '".$_POST['pg_server']."');", $content); | 106 | $content = str_replace("define ('STORAGE_SERVER', 'localhost');", "define ('STORAGE_SERVER', '".$_POST['pg_server']."');", $content); |
107 | $content = str_replace("define ('STORAGE_DB', 'poche');", "define ('STORAGE_DB', '".$_POST['pg_database']."');", $content); | 107 | $content = str_replace("define ('STORAGE_DB', 'poche');", "define ('STORAGE_DB', '".$_POST['pg_database']."');", $content); |
@@ -262,7 +262,7 @@ php composer.phar install</code></pre></li> | |||
262 | </ul> | 262 | </ul> |
263 | </li> | 263 | </li> |
264 | <li> | 264 | <li> |
265 | <label for="postgresql">PostgreSQL</label> <input name="db_engine" type="radio" id="postgresql" value="postgresql" /> | 265 | <label for="postgres">PostgreSQL</label> <input name="db_engine" type="radio" id="postgres" value="postgres" /> |
266 | <ul id="pg_infos"> | 266 | <ul id="pg_infos"> |
267 | <li><label for="pg_server">Server</label> <input type="text" placeholder="localhost" id="pg_server" name="pg_server" /></li> | 267 | <li><label for="pg_server">Server</label> <input type="text" placeholder="localhost" id="pg_server" name="pg_server" /></li> |
268 | <li><label for="pg_database">Database</label> <input type="text" placeholder="wallabag" id="pg_database" name="pg_database" /></li> | 268 | <li><label for="pg_database">Database</label> <input type="text" placeholder="wallabag" id="pg_database" name="pg_database" /></li> |
@@ -316,7 +316,7 @@ php composer.phar install</code></pre></li> | |||
316 | $("#install_button").show(); | 316 | $("#install_button").show(); |
317 | } | 317 | } |
318 | else { | 318 | else { |
319 | if ( $("#postgresql").prop('checked')) { | 319 | if ( $("#postgres").prop('checked')) { |
320 | $("#mysql_infos").hide(); | 320 | $("#mysql_infos").hide(); |
321 | $("#pg_infos").show(); | 321 | $("#pg_infos").show(); |
322 | $("#pdo_sqlite").hide(); | 322 | $("#pdo_sqlite").hide(); |
diff --git a/themes/baggy/config.twig b/themes/baggy/config.twig index d441de7c..29d9e048 100755 --- a/themes/baggy/config.twig +++ b/themes/baggy/config.twig | |||
@@ -128,4 +128,36 @@ | |||
128 | <h2>{% trans "Cache" %}</h2> | 128 | <h2>{% trans "Cache" %}</h2> |
129 | <p><a href="?empty-cache">{% trans "Click here" %}</a> {% trans "to delete cache." %}</p> | 129 | <p><a href="?empty-cache">{% trans "Click here" %}</a> {% trans "to delete cache." %}</p> |
130 | 130 | ||
131 | <h2>{% trans 'Add user' %}</h2> | ||
132 | <p>{% trans 'Add a new user :' %}</p> | ||
133 | <form method="post" action="?newuser"> | ||
134 | <fieldset class="w500p"> | ||
135 | <div class="row"> | ||
136 | <label class="col w150p" for="newusername">{% trans 'Login for new user' %}</label> | ||
137 | <input class="col" type="text" id="newusername" name="newusername" placeholder="{% trans 'Login' %}"> | ||
138 | </div> | ||
139 | <div class="row"> | ||
140 | <label class="col w150p" for="password4newuser">{% trans "Password for new user" %}</label> | ||
141 | <input class="col" type="password" id="password4newuser" name="password4newuser" placeholder="{% trans "Password" %}"> | ||
142 | </div> | ||
143 | <div class="row mts txtcenter"> | ||
144 | <button type="submit">{% trans "Send" %}</button> | ||
145 | </div> | ||
146 | </fieldset> | ||
147 | </form> | ||
148 | |||
149 | <h2>{% trans "Delete account" %}</h2> | ||
150 | {% if not only_user %}<form method="post" action="?deluser"> | ||
151 | <p>{% trans "You can delete your account by entering your password and validating." %}<br /><b>{% trans "Be careful, data will be erased forever (that is a very long time)." %}</b></p> | ||
152 | <fieldset class="w500p"> | ||
153 | <div class="row"> | ||
154 | <label class="col w150p" for="password4deletinguser">{% trans "Type here your password" %}</label> | ||
155 | <input class="col" type="password" id="password4deletinguser" name="password4deletinguser" placeholder="{% trans "Password" %}"> | ||
156 | </div> | ||
157 | <div class="row mts txtcenter"> | ||
158 | <button type="submit">{% trans "Send" %}</button> | ||
159 | </div> | ||
160 | </form> | ||
161 | {% else %}<p>{% trans "You are the only user, you cannot delete your own account." %}<br /> | ||
162 | {% trans "To completely remove wallabag, delete the wallabag folder on your web server." %}</p>{% endif %} | ||
131 | {% endblock %} | 163 | {% endblock %} |
diff --git a/themes/courgette/config.twig b/themes/courgette/config.twig index 6e1a9043..a022d733 100755 --- a/themes/courgette/config.twig +++ b/themes/courgette/config.twig | |||
@@ -80,5 +80,39 @@ | |||
80 | 80 | ||
81 | <h2>{% trans "Export your wallabag data" %}</h2> | 81 | <h2>{% trans "Export your wallabag data" %}</h2> |
82 | <p><a href="./?export" target="_blank">{% trans "Click here" %}</a> {% trans "to export your wallabag data." %}</p> | 82 | <p><a href="./?export" target="_blank">{% trans "Click here" %}</a> {% trans "to export your wallabag data." %}</p> |
83 | |||
84 | |||
85 | <h2>{% trans 'Add user' %}</h2> | ||
86 | <p>{% trans 'Add a new user :' %}</p> | ||
87 | <form method="post" action="?newuser"> | ||
88 | <fieldset class="w500p"> | ||
89 | <div class="row"> | ||
90 | <label class="col w150p" for="newusername">{% trans 'Login for new user' %}</label> | ||
91 | <input class="col" type="text" id="newusername" name="newusername" placeholder="{% trans 'Login' %}"> | ||
92 | </div> | ||
93 | <div class="row"> | ||
94 | <label class="col w150p" for="password4newuser">{% trans "Password for new user" %}</label> | ||
95 | <input class="col" type="password" id="password4newuser" name="password4newuser" placeholder="{% trans "Password" %}"> | ||
96 | </div> | ||
97 | <div class="row mts txtcenter"> | ||
98 | <button type="submit">{% trans "Send" %}</button> | ||
99 | </div> | ||
100 | </fieldset> | ||
101 | </form> | ||
102 | |||
103 | <h2>{% trans "Delete account" %}</h2> | ||
104 | {% if not only_user %}<form method="post" action="?deluser"> | ||
105 | <p>{% trans "You can delete your account by entering your password and validating." %}<br /><b>{% trans "Be careful, data will be erased forever (that is a very long time)." %}</b></p> | ||
106 | <fieldset class="w500p"> | ||
107 | <div class="row"> | ||
108 | <label class="col w150p" for="password4deletinguser">{% trans "Type here your password" %}</label> | ||
109 | <input class="col" type="password" id="password4deletinguser" name="password4deletinguser" placeholder="{% trans "Password" %}"> | ||
110 | </div> | ||
111 | <div class="row mts txtcenter"> | ||
112 | <button type="submit">{% trans "Send" %}</button> | ||
113 | </div> | ||
114 | </form> | ||
115 | {% else %}<p>{% trans "You are the only user, you cannot delete your own account." %}<br /> | ||
116 | {% trans "To completely remove wallabag, delete the wallabag folder on your web server." %}</p>{% endif %} | ||
83 | </div> | 117 | </div> |
84 | {% endblock %} | 118 | {% endblock %} |
diff --git a/themes/default/config.twig b/themes/default/config.twig index bb39dea2..5ed9d80f 100755 --- a/themes/default/config.twig +++ b/themes/default/config.twig | |||
@@ -126,4 +126,37 @@ | |||
126 | 126 | ||
127 | <h2>{% trans "Cache" %}</h2> | 127 | <h2>{% trans "Cache" %}</h2> |
128 | <p><a href="?empty-cache">{% trans "Click here" %}</a> {% trans "to delete cache." %}</p> | 128 | <p><a href="?empty-cache">{% trans "Click here" %}</a> {% trans "to delete cache." %}</p> |
129 | |||
130 | <h2>{% trans 'Add user' %}</h2> | ||
131 | <p>{% trans 'Add a new user :' %}</p> | ||
132 | <form method="post" action="?newuser"> | ||
133 | <fieldset class="w500p"> | ||
134 | <div class="row"> | ||
135 | <label class="col w150p" for="newusername">{% trans 'Login for new user' %}</label> | ||
136 | <input class="col" type="text" id="newusername" name="newusername" placeholder="{% trans 'Login' %}"> | ||
137 | </div> | ||
138 | <div class="row"> | ||
139 | <label class="col w150p" for="password4newuser">{% trans "Password for new user" %}</label> | ||
140 | <input class="col" type="password" id="password4newuser" name="password4newuser" placeholder="{% trans "Password" %}"> | ||
141 | </div> | ||
142 | <div class="row mts txtcenter"> | ||
143 | <button type="submit">{% trans "Send" %}</button> | ||
144 | </div> | ||
145 | </fieldset> | ||
146 | </form> | ||
147 | |||
148 | <h2>{% trans "Delete account" %}</h2> | ||
149 | {% if not only_user %}<form method="post" action="?deluser"> | ||
150 | <p>{% trans "You can delete your account by entering your password and validating." %}<br /><b>{% trans "Be careful, data will be erased forever (that is a very long time)." %}</b></p> | ||
151 | <fieldset class="w500p"> | ||
152 | <div class="row"> | ||
153 | <label class="col w150p" for="password4deletinguser">{% trans "Type here your password" %}</label> | ||
154 | <input class="col" type="password" id="password4deletinguser" name="password4deletinguser" placeholder="{% trans "Password" %}"> | ||
155 | </div> | ||
156 | <div class="row mts txtcenter"> | ||
157 | <button type="submit">{% trans "Send" %}</button> | ||
158 | </div> | ||
159 | </form> | ||
160 | {% else %}<p>{% trans "You are the only user, you cannot delete your own account." %}<br /> | ||
161 | {% trans "To completely remove wallabag, delete the wallabag folder on your web server." %}</p>{% endif %} | ||
129 | {% endblock %} | 162 | {% endblock %} |