aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
-rw-r--r--inc/config.php14
-rwxr-xr-xinc/functions.php49
-rwxr-xr-xindex.php21
-rw-r--r--js/poche.js8
-rw-r--r--process.php40
-rw-r--r--tpl/entries.html16
-rwxr-xr-xtpl/footer.html8
-rw-r--r--tpl/home.html31
8 files changed, 99 insertions, 88 deletions
diff --git a/inc/config.php b/inc/config.php
index 84b86998..4c1978b5 100644
--- a/inc/config.php
+++ b/inc/config.php
@@ -17,6 +17,7 @@ require_once 'rain.tpl.class.php';
17 17
18$db = new db(DB_PATH); 18$db = new db(DB_PATH);
19 19
20# Initialisation de RainTPL
20raintpl::$tpl_dir = './tpl/'; 21raintpl::$tpl_dir = './tpl/';
21raintpl::$cache_dir = './cache/'; 22raintpl::$cache_dir = './cache/';
22raintpl::$base_url = get_poche_url(); 23raintpl::$base_url = get_poche_url();
@@ -24,10 +25,23 @@ raintpl::configure('path_replace', false);
24raintpl::configure('debug', false); 25raintpl::configure('debug', false);
25$tpl = new raintpl(); 26$tpl = new raintpl();
26 27
28# Démarrage session et initialisation du jeton de sécurité
27session_start(); 29session_start();
28 30
29if (!isset($_SESSION['token_poche'])) { 31if (!isset($_SESSION['token_poche'])) {
30 $token = md5(uniqid(rand(), TRUE)); 32 $token = md5(uniqid(rand(), TRUE));
31 $_SESSION['token_poche'] = $token; 33 $_SESSION['token_poche'] = $token;
32 $_SESSION['token_time_poche'] = time(); 34 $_SESSION['token_time_poche'] = time();
35}
36
37# Traitement des paramètres et déclenchement des actions
38$action = (isset ($_REQUEST['action'])) ? htmlentities($_REQUEST['action']) : '';
39$_SESSION['view'] = (isset ($_GET['view'])) ? htmlentities($_GET['view']) : 'index';
40$_SESSION['sort'] = (isset ($_REQUEST['sort'])) ? htmlentities($_REQUEST['sort']) : 'id';
41$id = (isset ($_REQUEST['id'])) ? htmlspecialchars($_REQUEST['id']) : '';
42$url = (isset ($_GET['url'])) ? $_GET['url'] : '';
43$token = (isset ($_REQUEST['token'])) ? $_REQUEST['token'] : '';
44
45if ($action != '') {
46 action_to_do($action, $id, $url, $token);
33} \ No newline at end of file 47} \ No newline at end of file
diff --git a/inc/functions.php b/inc/functions.php
index 3ee238dd..a7430585 100755
--- a/inc/functions.php
+++ b/inc/functions.php
@@ -46,9 +46,9 @@ function get_external_file($url, $timeout)
46 46
47 // create http context and add timeout and user-agent 47 // create http context and add timeout and user-agent
48 $context = stream_context_create(array('http'=>array('timeout' => $timeout, // Timeout : time until we stop waiting for the response. 48 $context = stream_context_create(array('http'=>array('timeout' => $timeout, // Timeout : time until we stop waiting for the response.
49 'header'=> "User-Agent: ".$useragent, // spoot Mozilla Firefox 49 'header'=> "User-Agent: ".$useragent, // spoot Mozilla Firefox
50 'follow_location' => true 50 'follow_location' => true
51 ))); 51 )));
52 52
53 // only download page lesser than 4MB 53 // only download page lesser than 4MB
54 $data = @file_get_contents($url, false, $context, -1, 4000000); // We download at most 4 MB from source. 54 $data = @file_get_contents($url, false, $context, -1, 4000000); // We download at most 4 MB from source.
@@ -146,6 +146,20 @@ function action_to_do($action, $id, $url, $token)
146 } 146 }
147 else die('CSRF problem'); 147 else die('CSRF problem');
148 break; 148 break;
149 case 'toggle_fav' :
150 if (verif_token($token)) {
151 $sql_action = "UPDATE entries SET is_fav=~is_fav WHERE id=?";
152 $params_action = array($id);
153 }
154 else die('CSRF problem');
155 break;
156 case 'toggle_archive' :
157 if (verif_token($token)) {
158 $sql_action = "UPDATE entries SET is_read=~is_read WHERE id=?";
159 $params_action = array($id);
160 }
161 else die('CSRF problem');
162 break;
149 default: 163 default:
150 break; 164 break;
151 } 165 }
@@ -168,22 +182,41 @@ function action_to_do($action, $id, $url, $token)
168/** 182/**
169 * Détermine quels liens afficher : home, fav ou archives 183 * Détermine quels liens afficher : home, fav ou archives
170 */ 184 */
171function display_view($view) 185function display_view()
172{ 186{
173 global $db; 187 global $db;
174 188
175 switch ($view) 189 switch ($_SESSION['sort'])
190 {
191 case 'ia':
192 $order = 'ORDER BY id';
193 break;
194 case 'id':
195 $order = 'ORDER BY id DESC';
196 break;
197 case 'ta':
198 $order = 'ORDER BY lower(title)';
199 break;
200 case 'td':
201 $order = 'ORDER BY lower(title) DESC';
202 break;
203 default:
204 $order = 'ORDER BY id';
205 break;
206 }
207
208 switch ($_SESSION['view'])
176 { 209 {
177 case 'archive': 210 case 'archive':
178 $sql = "SELECT * FROM entries WHERE is_read=? ORDER BY id desc"; 211 $sql = "SELECT * FROM entries WHERE is_read=? " . $order;
179 $params = array(-1); 212 $params = array(-1);
180 break; 213 break;
181 case 'fav' : 214 case 'fav' :
182 $sql = "SELECT * FROM entries WHERE is_fav=? ORDER BY id desc"; 215 $sql = "SELECT * FROM entries WHERE is_fav=? " . $order;
183 $params = array(-1); 216 $params = array(-1);
184 break; 217 break;
185 default: 218 default:
186 $sql = "SELECT * FROM entries WHERE is_read=? ORDER BY id desc"; 219 $sql = "SELECT * FROM entries WHERE is_read=? " . $order;
187 $params = array(0); 220 $params = array(0);
188 break; 221 break;
189 } 222 }
diff --git a/index.php b/index.php
index d477d699..f62cf139 100755
--- a/index.php
+++ b/index.php
@@ -10,22 +10,17 @@
10 10
11include dirname(__FILE__).'/inc/config.php'; 11include dirname(__FILE__).'/inc/config.php';
12 12
13$action = (isset ($_REQUEST['action'])) ? htmlentities($_REQUEST['action']) : ''; 13$entries = display_view();
14$view = (isset ($_GET['view'])) ? htmlentities($_GET['view']) : 'index';
15$id = (isset ($_REQUEST['id'])) ? htmlspecialchars($_REQUEST['id']) : '';
16$url = (isset ($_GET['url'])) ? $_GET['url'] : '';
17$token = (isset ($_POST['token'])) ? $_POST['token'] : '';
18
19if ($action != '') {
20 action_to_do($action, $id, $url, $token);
21}
22
23$entries = display_view($view);
24 14
25$tpl->assign('title', 'poche, a read it later open source system'); 15$tpl->assign('title', 'poche, a read it later open source system');
26$tpl->assign('view', $view); 16$tpl->assign('view', $_SESSION['view']);
27$tpl->assign('poche_url', get_poche_url()); 17$tpl->assign('poche_url', get_poche_url());
28$tpl->assign('entries', $entries); 18$tpl->assign('entries', $entries);
29$tpl->assign('load_all_js', 1); 19$tpl->assign('load_all_js', 1);
30$tpl->assign('token', $_SESSION['token_poche']); 20$tpl->assign('token', $_SESSION['token_poche']);
31$tpl->draw('home'); \ No newline at end of file 21
22$tpl->draw('head');
23$tpl->draw('home');
24$tpl->draw('entries');
25$tpl->draw('js');
26$tpl->draw('footer'); \ No newline at end of file
diff --git a/js/poche.js b/js/poche.js
index 0dcc0a35..f0e39b38 100644
--- a/js/poche.js
+++ b/js/poche.js
@@ -1,7 +1,7 @@
1function toggle_favorite(element, id, token) { 1function toggle_favorite(element, id, token) {
2 $(element).toggleClass('fav-off'); 2 $(element).toggleClass('fav-off');
3 $.ajax ({ 3 $.ajax ({
4 url: "process.php?action=toggle_fav", 4 url: "index.php?action=toggle_fav",
5 data:{id:id, token:token} 5 data:{id:id, token:token}
6 }); 6 });
7} 7}
@@ -9,7 +9,7 @@ function toggle_favorite(element, id, token) {
9function toggle_archive(element, id, token, view_article) { 9function toggle_archive(element, id, token, view_article) {
10 $(element).toggleClass('archive-off'); 10 $(element).toggleClass('archive-off');
11 $.ajax ({ 11 $.ajax ({
12 url: "process.php?action=toggle_archive", 12 url: "index.php?action=toggle_archive",
13 data:{id:id, token:token} 13 data:{id:id, token:token}
14 }); 14 });
15 var obj = $('#entry-'+id); 15 var obj = $('#entry-'+id);
@@ -20,4 +20,8 @@ function toggle_archive(element, id, token, view_article) {
20 $('#content').masonry('reloadItems'); 20 $('#content').masonry('reloadItems');
21 $('#content').masonry('reload'); 21 $('#content').masonry('reload');
22 } 22 }
23}
24
25function sort_links(sort, token) {
26 $('#content').load('process.php', { sort: sort, token: token } );
23} \ No newline at end of file 27} \ No newline at end of file
diff --git a/process.php b/process.php
deleted file mode 100644
index 5a056caa..00000000
--- a/process.php
+++ /dev/null
@@ -1,40 +0,0 @@
1<?php
2/**
3 * poche, a read it later open source system
4 *
5 * @category poche
6 * @author Nicolas Lœuillet <nicolas@loeuillet.org>
7 * @copyright 2013
8 * @license http://www.wtfpl.net/ see COPYING file
9 */
10
11include dirname(__FILE__).'/inc/config.php';
12$db = new db(DB_PATH);
13
14$action = (isset ($_GET['action'])) ? htmlentities($_GET['action']) : '';
15$id = (isset ($_GET['id'])) ? htmlentities($_GET['id']) : '';
16$token = (isset ($_GET['token'])) ? $_GET['token'] : '';
17
18if (verif_token($token)) {
19 switch ($action)
20 {
21 case 'toggle_fav' :
22 $sql_action = "UPDATE entries SET is_fav=~is_fav WHERE id=?";
23 $params_action = array($id);
24 break;
25 case 'toggle_archive' :
26 $sql_action = "UPDATE entries SET is_read=~is_read WHERE id=?";
27 $params_action = array($id);
28 break;
29 default:
30 break;
31 }
32
33 # action query
34 if (isset($sql_action))
35 {
36 $query = $db->getHandle()->prepare($sql_action);
37 $query->execute($params_action);
38 }
39}
40else die('CSRF problem'); \ No newline at end of file
diff --git a/tpl/entries.html b/tpl/entries.html
new file mode 100644
index 00000000..0d3e6bc0
--- /dev/null
+++ b/tpl/entries.html
@@ -0,0 +1,16 @@
1 {loop="entries"}
2 <div id="entry-{$value.id}" class="entrie mb2">
3 <span class="content">
4 <h2 class="h6-like">
5 <a href="view.php?id={$value.id}">{$value.title}</a>
6 </h2>
7 <div class="tools">
8 <ul>
9 <li><a title="toggle mark as read" class="tool archive {if="$value.is_read == '0'"}archive-off{/if}" onclick="toggle_archive(this, {$value.id}, '{$token}')"><span></span></a></li>
10 <li><a title="toggle favorite" class="tool fav {if="$value.is_fav == '0'"}fav-off{/if}" onclick="toggle_favorite(this, {$value.id}, '{$token}')"><span></span></a></li>
11 <li><form method="post" onsubmit="return confirm('Are you sure?')" style="display: inline;"><input type="hidden" name="token" id="token" value="{$token}" /><input type="hidden" id="action" name="action" value="delete" /><input type="hidden" id="id" name="id" value="{$value.id}" /><input type="submit" class="delete" title="toggle delete" /></form></li>
12 </ul>
13 </div>
14 </span>
15 </div>
16 {/loop} \ No newline at end of file
diff --git a/tpl/footer.html b/tpl/footer.html
index d225acbe..04bedabc 100755
--- a/tpl/footer.html
+++ b/tpl/footer.html
@@ -1,3 +1,9 @@
1 </div>
2 </div>
3
1 <footer class="mr2 mt3 smaller"> 4 <footer class="mr2 mt3 smaller">
2 <p>powered by <a href="http://inthepoche.com">poche</a><br />follow us on <a href="https://twitter.com/getpoche" title="follow us on twitter">twitter</a></p> 5 <p>powered by <a href="http://inthepoche.com">poche</a><br />follow us on <a href="https://twitter.com/getpoche" title="follow us on twitter">twitter</a></p>
3 </footer> \ No newline at end of file 6 </footer>
7
8 </body>
9</html> \ No newline at end of file
diff --git a/tpl/home.html b/tpl/home.html
index 0de8007b..d9612532 100644
--- a/tpl/home.html
+++ b/tpl/home.html
@@ -1,4 +1,3 @@
1{include="head"}
2 <body> 1 <body>
3 <header> 2 <header>
4 <h1><img src="./img/logo.png" alt="logo poche" />poche</h1> 3 <h1><img src="./img/logo.png" alt="logo poche" />poche</h1>
@@ -10,26 +9,10 @@
10 <li><a href="?view=archive" {if="$view == 'archive'"}class="current"{/if}>archive</a></li> 9 <li><a href="?view=archive" {if="$view == 'archive'"}class="current"{/if}>archive</a></li>
11 <li><a style="cursor: move" title="i am a bookmarklet, use me !" href="javascript:(function(){var%20url%20=%20location.href%20||%20url;window.open('{$poche_url}?action=add&url='%20+%20encodeURIComponent(url),'_self');})();">poche it !</a></li> 10 <li><a style="cursor: move" title="i am a bookmarklet, use me !" href="javascript:(function(){var%20url%20=%20location.href%20||%20url;window.open('{$poche_url}?action=add&url='%20+%20encodeURIComponent(url),'_self');})();">poche it !</a></li>
12 </ul> 11 </ul>
13 <div id="content"> 12<!-- <ul>
14 {loop="entries"} 13 <li onclick="sort_links('ia', '{$token}');">tri par id asc</li>
15 <div id="entry-{$value.id}" class="entrie mb2"> 14 <li onclick="sort_links('id', '{$token}');">tri par id desc</li>
16 <span class="content"> 15 <li onclick="sort_links('ta', '{$token}');">tri par title asc</li>
17 <h2 class="h6-like"> 16 <li onclick="sort_links('td', '{$token}');">tri par title desc</li>
18 <a href="view.php?id={$value.id}">{$value.title}</a> 17 </ul> -->
19 </h2> 18 <div id="content"> \ No newline at end of file
20 <div class="tools">
21 <ul>
22 <li><a title="toggle mark as read" class="tool archive {if="$value.is_read == '0'"}archive-off{/if}" onclick="toggle_archive(this, {$value.id}, '{$token}')"><span></span></a></li>
23 <li><a title="toggle favorite" class="tool fav {if="$value.is_fav == '0'"}fav-off{/if}" onclick="toggle_favorite(this, {$value.id}, '{$token}')"><span></span></a></li>
24 <li><form method="post" onsubmit="return confirm('Are you sure?')" style="display: inline;"><input type="hidden" name="token" id="token" value="{$token}" /><input type="hidden" id="action" name="action" value="delete" /><input type="hidden" id="id" name="id" value="{$value.id}" /><input type="submit" class="delete" title="toggle delete" /></form></li>
25 </ul>
26 </div>
27 </span>
28 </div>
29 {/loop}
30 </div>
31 </div>
32 {include="footer"}
33 {include="js"}
34 </body>
35</html>