aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
-rw-r--r--inc/3rdparty/libraries/feedwriter/FeedItem.php3
-rwxr-xr-xinc/poche/Database.class.php41
-rwxr-xr-xinc/poche/Poche.class.php54
-rwxr-xr-xindex.php4
-rwxr-xr-xinstall/index.php6
-rwxr-xr-xthemes/baggy/config.twig32
-rwxr-xr-xthemes/courgette/config.twig34
-rwxr-xr-xthemes/default/config.twig33
8 files changed, 202 insertions, 5 deletions
diff --git a/inc/3rdparty/libraries/feedwriter/FeedItem.php b/inc/3rdparty/libraries/feedwriter/FeedItem.php
index 3487423f..54a56f22 100644
--- a/inc/3rdparty/libraries/feedwriter/FeedItem.php
+++ b/inc/3rdparty/libraries/feedwriter/FeedItem.php
@@ -174,7 +174,8 @@
174 */ 174 */
175 public function setSource($link) 175 public function setSource($link)
176 { 176 {
177 $this->setElement('source', $link); 177 $attributes = array('url'=>$link);
178 $this->setElement('source', "wallabag",$attributes);
178 } 179 }
179 180
180 /** 181 /**
diff --git a/inc/poche/Database.class.php b/inc/poche/Database.class.php
index 036c9d1b..141d7987 100755
--- a/inc/poche/Database.class.php
+++ b/inc/poche/Database.class.php
@@ -33,6 +33,8 @@ class Database {
33 $db_path = 'pgsql:host=' . STORAGE_SERVER . ';dbname=' . STORAGE_DB; 33 $db_path = 'pgsql:host=' . STORAGE_SERVER . ';dbname=' . STORAGE_DB;
34 $this->handle = new PDO($db_path, STORAGE_USER, STORAGE_PASSWORD); 34 $this->handle = new PDO($db_path, STORAGE_USER, STORAGE_PASSWORD);
35 break; 35 break;
36 default:
37 die(STORAGE . ' is not a recognised database system !');
36 } 38 }
37 39
38 $this->handle->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); 40 $this->handle->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
@@ -229,12 +231,49 @@ class Database {
229 return FALSE; 231 return FALSE;
230 } 232 }
231 } 233 }
234
235 public function listUsers($username=null) {
236 $sql = 'SELECT count(*) FROM users'.( $username ? ' WHERE username=?' : '');
237 $query = $this->executeQuery($sql, ( $username ? array($username) : array()));
238 list($count) = $query->fetch();
239 return $count;
240 }
241
242 public function getUserPassword($userID) {
243 $sql = "SELECT * FROM users WHERE id=?";
244 $query = $this->executeQuery($sql, array($userID));
245 $password = $query->fetchAll();
246 return isset($password[0]['password']) ? $password[0]['password'] : null;
247 }
248
249 public function deleteUserConfig($userID) {
250 $sql_action = 'DELETE from users_config WHERE user_id=?';
251 $params_action = array($userID);
252 $query = $this->executeQuery($sql_action, $params_action);
253 return $query;
254 }
255
256 public function deleteTagsEntriesAndEntries($userID) {
257 $entries = $this->retrieveAll($userID);
258 foreach($entries as $entryid) {
259 $tags = $this->retrieveTagsByEntry($entryid);
260 foreach($tags as $tag) {
261 $this->removeTagForEntry($entryid,$tags);
262 }
263 $this->deleteById($entryid,$userID);
264 }
265 }
266
267 public function deleteUser($userID) {
268 $sql_action = 'DELETE from users WHERE id=?';
269 $params_action = array($userID);
270 $query = $this->executeQuery($sql_action, $params_action);
271 }
232 272
233 public function updateContentAndTitle($id, $title, $body, $user_id) { 273 public function updateContentAndTitle($id, $title, $body, $user_id) {
234 $sql_action = 'UPDATE entries SET content = ?, title = ? WHERE id=? AND user_id=?'; 274 $sql_action = 'UPDATE entries SET content = ?, title = ? WHERE id=? AND user_id=?';
235 $params_action = array($body, $title, $id, $user_id); 275 $params_action = array($body, $title, $id, $user_id);
236 $query = $this->executeQuery($sql_action, $params_action); 276 $query = $this->executeQuery($sql_action, $params_action);
237
238 return $query; 277 return $query;
239 } 278 }
240 279
diff --git a/inc/poche/Poche.class.php b/inc/poche/Poche.class.php
index 66710ecb..7e3e6afe 100755
--- a/inc/poche/Poche.class.php
+++ b/inc/poche/Poche.class.php
@@ -241,6 +241,58 @@ class Poche
241 $filter = new Twig_SimpleFilter('getReadingTime', 'Tools::getReadingTime'); 241 $filter = new Twig_SimpleFilter('getReadingTime', 'Tools::getReadingTime');
242 $this->tpl->addFilter($filter); 242 $this->tpl->addFilter($filter);
243 } 243 }
244
245 public function createNewUser() {
246 if (isset($_GET['newuser'])){
247 if ($_POST['newusername'] != "" && $_POST['password4newuser'] != ""){
248 $newusername = filter_var($_POST['newusername'], FILTER_SANITIZE_STRING);
249 if (!$this->store->userExists($newusername)){
250 if ($this->store->install($newusername, Tools::encodeString($_POST['password4newuser'] . $newusername))) {
251 Tools::logm('The new user '.$newusername.' has been installed');
252 $this->messages->add('s', sprintf(_('The new user %s has been installed. Do you want to <a href="?logout">logout ?</a>'),$newusername));
253 Tools::redirect();
254 }
255 else {
256 Tools::logm('error during adding new user');
257 Tools::redirect();
258 }
259 }
260 else {
261 $this->messages->add('e', sprintf(_('Error : An user with the name %s already exists !'),$newusername));
262 Tools::logm('An user with the name '.$newusername.' already exists !');
263 Tools::redirect();
264 }
265 }
266 }
267 }
268
269 public function deleteUser(){
270 if (isset($_GET['deluser'])){
271 if ($this->store->listUsers() > 1) {
272 if (Tools::encodeString($_POST['password4deletinguser'].$this->user->getUsername()) == $this->store->getUserPassword($this->user->getId())) {
273 $username = $this->user->getUsername();
274 $this->store->deleteUserConfig($this->user->getId());
275 Tools::logm('The configuration for user '. $username .' has been deleted !');
276 $this->store->deleteTagsEntriesAndEntries($this->user->getId());
277 Tools::logm('The entries for user '. $username .' has been deleted !');
278 $this->store->deleteUser($this->user->getId());
279 Tools::logm('User '. $username .' has been completely deleted !');
280 Session::logout();
281 Tools::logm('logout');
282 Tools::redirect();
283 $this->messages->add('s', sprintf(_('User %s has been successfully deleted !'),$newusername));
284 }
285 else {
286 Tools::logm('Bad password !');
287 $this->messages->add('e', _('Error : The password is wrong !'));
288 }
289 }
290 else {
291 Tools::logm('Only user !');
292 $this->messages->add('e', _('Error : You are the only user, you cannot delete your account !'));
293 }
294 }
295 }
244 296
245 private function install() 297 private function install()
246 { 298 {
@@ -532,6 +584,7 @@ class Poche
532 $languages = $this->getInstalledLanguages(); 584 $languages = $this->getInstalledLanguages();
533 $token = $this->user->getConfigValue('token'); 585 $token = $this->user->getConfigValue('token');
534 $http_auth = (isset($_SERVER['PHP_AUTH_USER']) || isset($_SERVER['REMOTE_USER'])) ? true : false; 586 $http_auth = (isset($_SERVER['PHP_AUTH_USER']) || isset($_SERVER['REMOTE_USER'])) ? true : false;
587 $only_user = ($this->store->listUsers() > 1) ? false : true;
535 $tpl_vars = array( 588 $tpl_vars = array(
536 'themes' => $themes, 589 'themes' => $themes,
537 'languages' => $languages, 590 'languages' => $languages,
@@ -544,6 +597,7 @@ class Poche
544 'token' => $token, 597 'token' => $token,
545 'user_id' => $this->user->getId(), 598 'user_id' => $this->user->getId(),
546 'http_auth' => $http_auth, 599 'http_auth' => $http_auth,
600 'only_user' => $only_user
547 ); 601 );
548 Tools::logm('config view'); 602 Tools::logm('config view');
549 break; 603 break;
diff --git a/index.php b/index.php
index deb13d7a..9c943b1d 100755
--- a/index.php
+++ b/index.php
@@ -66,6 +66,10 @@ if (isset($_GET['login'])) {
66} elseif (isset($_GET['config'])) { 66} elseif (isset($_GET['config'])) {
67 # Update password 67 # Update password
68 $poche->updatePassword(); 68 $poche->updatePassword();
69} elseif (isset($_GET['newuser'])) {
70 $poche->createNewUser();
71} elseif (isset($_GET['deluser'])) {
72 $poche->deleteUser();
69} elseif (isset($_GET['import'])) { 73} elseif (isset($_GET['import'])) {
70 $import = $poche->import(); 74 $import = $poche->import();
71 $tpl_vars = array_merge($tpl_vars, $import); 75 $tpl_vars = array_merge($tpl_vars, $import);
diff --git a/install/index.php b/install/index.php
index b6c6abec..e702891b 100755
--- a/install/index.php
+++ b/install/index.php
@@ -101,7 +101,7 @@ else if (isset($_POST['install'])) {
101 101
102 $sql_structure = file_get_contents('install/mysql.sql'); 102 $sql_structure = file_get_contents('install/mysql.sql');
103 } 103 }
104 else if ($_POST['db_engine'] == 'postgresql') { 104 else if ($_POST['db_engine'] == 'postgres') {
105 $db_path = 'pgsql:host=' . $_POST['pg_server'] . ';dbname=' . $_POST['pg_database']; 105 $db_path = 'pgsql:host=' . $_POST['pg_server'] . ';dbname=' . $_POST['pg_database'];
106 $content = str_replace("define ('STORAGE_SERVER', 'localhost');", "define ('STORAGE_SERVER', '".$_POST['pg_server']."');", $content); 106 $content = str_replace("define ('STORAGE_SERVER', 'localhost');", "define ('STORAGE_SERVER', '".$_POST['pg_server']."');", $content);
107 $content = str_replace("define ('STORAGE_DB', 'poche');", "define ('STORAGE_DB', '".$_POST['pg_database']."');", $content); 107 $content = str_replace("define ('STORAGE_DB', 'poche');", "define ('STORAGE_DB', '".$_POST['pg_database']."');", $content);
@@ -262,7 +262,7 @@ php composer.phar install</code></pre></li>
262 </ul> 262 </ul>
263 </li> 263 </li>
264 <li> 264 <li>
265 <label for="postgresql">PostgreSQL</label> <input name="db_engine" type="radio" id="postgresql" value="postgresql" /> 265 <label for="postgres">PostgreSQL</label> <input name="db_engine" type="radio" id="postgres" value="postgres" />
266 <ul id="pg_infos"> 266 <ul id="pg_infos">
267 <li><label for="pg_server">Server</label> <input type="text" placeholder="localhost" id="pg_server" name="pg_server" /></li> 267 <li><label for="pg_server">Server</label> <input type="text" placeholder="localhost" id="pg_server" name="pg_server" /></li>
268 <li><label for="pg_database">Database</label> <input type="text" placeholder="wallabag" id="pg_database" name="pg_database" /></li> 268 <li><label for="pg_database">Database</label> <input type="text" placeholder="wallabag" id="pg_database" name="pg_database" /></li>
@@ -316,7 +316,7 @@ php composer.phar install</code></pre></li>
316 $("#install_button").show(); 316 $("#install_button").show();
317 } 317 }
318 else { 318 else {
319 if ( $("#postgresql").prop('checked')) { 319 if ( $("#postgres").prop('checked')) {
320 $("#mysql_infos").hide(); 320 $("#mysql_infos").hide();
321 $("#pg_infos").show(); 321 $("#pg_infos").show();
322 $("#pdo_sqlite").hide(); 322 $("#pdo_sqlite").hide();
diff --git a/themes/baggy/config.twig b/themes/baggy/config.twig
index d441de7c..29d9e048 100755
--- a/themes/baggy/config.twig
+++ b/themes/baggy/config.twig
@@ -128,4 +128,36 @@
128 <h2>{% trans "Cache" %}</h2> 128 <h2>{% trans "Cache" %}</h2>
129 <p><a href="?empty-cache">{% trans "Click here" %}</a> {% trans "to delete cache." %}</p> 129 <p><a href="?empty-cache">{% trans "Click here" %}</a> {% trans "to delete cache." %}</p>
130 130
131 <h2>{% trans 'Add user' %}</h2>
132 <p>{% trans 'Add a new user :' %}</p>
133 <form method="post" action="?newuser">
134 <fieldset class="w500p">
135 <div class="row">
136 <label class="col w150p" for="newusername">{% trans 'Login for new user' %}</label>
137 <input class="col" type="text" id="newusername" name="newusername" placeholder="{% trans 'Login' %}">
138 </div>
139 <div class="row">
140 <label class="col w150p" for="password4newuser">{% trans "Password for new user" %}</label>
141 <input class="col" type="password" id="password4newuser" name="password4newuser" placeholder="{% trans "Password" %}">
142 </div>
143 <div class="row mts txtcenter">
144 <button type="submit">{% trans "Send" %}</button>
145 </div>
146 </fieldset>
147 </form>
148
149 <h2>{% trans "Delete account" %}</h2>
150 {% if not only_user %}<form method="post" action="?deluser">
151 <p>{% trans "You can delete your account by entering your password and validating." %}<br /><b>{% trans "Be careful, data will be erased forever (that is a very long time)." %}</b></p>
152 <fieldset class="w500p">
153 <div class="row">
154 <label class="col w150p" for="password4deletinguser">{% trans "Type here your password" %}</label>
155 <input class="col" type="password" id="password4deletinguser" name="password4deletinguser" placeholder="{% trans "Password" %}">
156 </div>
157 <div class="row mts txtcenter">
158 <button type="submit">{% trans "Send" %}</button>
159 </div>
160 </form>
161 {% else %}<p>{% trans "You are the only user, you cannot delete your own account." %}<br />
162 {% trans "To completely remove wallabag, delete the wallabag folder on your web server." %}</p>{% endif %}
131{% endblock %} 163{% endblock %}
diff --git a/themes/courgette/config.twig b/themes/courgette/config.twig
index 6e1a9043..a022d733 100755
--- a/themes/courgette/config.twig
+++ b/themes/courgette/config.twig
@@ -80,5 +80,39 @@
80 80
81 <h2>{% trans "Export your wallabag data" %}</h2> 81 <h2>{% trans "Export your wallabag data" %}</h2>
82 <p><a href="./?export" target="_blank">{% trans "Click here" %}</a> {% trans "to export your wallabag data." %}</p> 82 <p><a href="./?export" target="_blank">{% trans "Click here" %}</a> {% trans "to export your wallabag data." %}</p>
83
84
85 <h2>{% trans 'Add user' %}</h2>
86 <p>{% trans 'Add a new user :' %}</p>
87 <form method="post" action="?newuser">
88 <fieldset class="w500p">
89 <div class="row">
90 <label class="col w150p" for="newusername">{% trans 'Login for new user' %}</label>
91 <input class="col" type="text" id="newusername" name="newusername" placeholder="{% trans 'Login' %}">
92 </div>
93 <div class="row">
94 <label class="col w150p" for="password4newuser">{% trans "Password for new user" %}</label>
95 <input class="col" type="password" id="password4newuser" name="password4newuser" placeholder="{% trans "Password" %}">
96 </div>
97 <div class="row mts txtcenter">
98 <button type="submit">{% trans "Send" %}</button>
99 </div>
100 </fieldset>
101 </form>
102
103 <h2>{% trans "Delete account" %}</h2>
104 {% if not only_user %}<form method="post" action="?deluser">
105 <p>{% trans "You can delete your account by entering your password and validating." %}<br /><b>{% trans "Be careful, data will be erased forever (that is a very long time)." %}</b></p>
106 <fieldset class="w500p">
107 <div class="row">
108 <label class="col w150p" for="password4deletinguser">{% trans "Type here your password" %}</label>
109 <input class="col" type="password" id="password4deletinguser" name="password4deletinguser" placeholder="{% trans "Password" %}">
110 </div>
111 <div class="row mts txtcenter">
112 <button type="submit">{% trans "Send" %}</button>
113 </div>
114 </form>
115 {% else %}<p>{% trans "You are the only user, you cannot delete your own account." %}<br />
116 {% trans "To completely remove wallabag, delete the wallabag folder on your web server." %}</p>{% endif %}
83 </div> 117 </div>
84{% endblock %} 118{% endblock %}
diff --git a/themes/default/config.twig b/themes/default/config.twig
index bb39dea2..5ed9d80f 100755
--- a/themes/default/config.twig
+++ b/themes/default/config.twig
@@ -126,4 +126,37 @@
126 126
127 <h2>{% trans "Cache" %}</h2> 127 <h2>{% trans "Cache" %}</h2>
128 <p><a href="?empty-cache">{% trans "Click here" %}</a> {% trans "to delete cache." %}</p> 128 <p><a href="?empty-cache">{% trans "Click here" %}</a> {% trans "to delete cache." %}</p>
129
130 <h2>{% trans 'Add user' %}</h2>
131 <p>{% trans 'Add a new user :' %}</p>
132 <form method="post" action="?newuser">
133 <fieldset class="w500p">
134 <div class="row">
135 <label class="col w150p" for="newusername">{% trans 'Login for new user' %}</label>
136 <input class="col" type="text" id="newusername" name="newusername" placeholder="{% trans 'Login' %}">
137 </div>
138 <div class="row">
139 <label class="col w150p" for="password4newuser">{% trans "Password for new user" %}</label>
140 <input class="col" type="password" id="password4newuser" name="password4newuser" placeholder="{% trans "Password" %}">
141 </div>
142 <div class="row mts txtcenter">
143 <button type="submit">{% trans "Send" %}</button>
144 </div>
145 </fieldset>
146 </form>
147
148 <h2>{% trans "Delete account" %}</h2>
149 {% if not only_user %}<form method="post" action="?deluser">
150 <p>{% trans "You can delete your account by entering your password and validating." %}<br /><b>{% trans "Be careful, data will be erased forever (that is a very long time)." %}</b></p>
151 <fieldset class="w500p">
152 <div class="row">
153 <label class="col w150p" for="password4deletinguser">{% trans "Type here your password" %}</label>
154 <input class="col" type="password" id="password4deletinguser" name="password4deletinguser" placeholder="{% trans "Password" %}">
155 </div>
156 <div class="row mts txtcenter">
157 <button type="submit">{% trans "Send" %}</button>
158 </div>
159 </form>
160 {% else %}<p>{% trans "You are the only user, you cannot delete your own account." %}<br />
161 {% trans "To completely remove wallabag, delete the wallabag folder on your web server." %}</p>{% endif %}
129{% endblock %} 162{% endblock %}