diff options
-rw-r--r-- | inc/config.php | 14 | ||||
-rwxr-xr-x | inc/functions.php | 49 | ||||
-rwxr-xr-x | index.php | 21 | ||||
-rw-r--r-- | js/poche.js | 8 | ||||
-rw-r--r-- | process.php | 40 | ||||
-rw-r--r-- | tpl/entries.html | 16 | ||||
-rwxr-xr-x | tpl/footer.html | 8 | ||||
-rw-r--r-- | tpl/home.html | 31 |
8 files changed, 99 insertions, 88 deletions
diff --git a/inc/config.php b/inc/config.php index 84b86998..4c1978b5 100644 --- a/inc/config.php +++ b/inc/config.php | |||
@@ -17,6 +17,7 @@ require_once 'rain.tpl.class.php'; | |||
17 | 17 | ||
18 | $db = new db(DB_PATH); | 18 | $db = new db(DB_PATH); |
19 | 19 | ||
20 | # Initialisation de RainTPL | ||
20 | raintpl::$tpl_dir = './tpl/'; | 21 | raintpl::$tpl_dir = './tpl/'; |
21 | raintpl::$cache_dir = './cache/'; | 22 | raintpl::$cache_dir = './cache/'; |
22 | raintpl::$base_url = get_poche_url(); | 23 | raintpl::$base_url = get_poche_url(); |
@@ -24,10 +25,23 @@ raintpl::configure('path_replace', false); | |||
24 | raintpl::configure('debug', false); | 25 | raintpl::configure('debug', false); |
25 | $tpl = new raintpl(); | 26 | $tpl = new raintpl(); |
26 | 27 | ||
28 | # Démarrage session et initialisation du jeton de sécurité | ||
27 | session_start(); | 29 | session_start(); |
28 | 30 | ||
29 | if (!isset($_SESSION['token_poche'])) { | 31 | if (!isset($_SESSION['token_poche'])) { |
30 | $token = md5(uniqid(rand(), TRUE)); | 32 | $token = md5(uniqid(rand(), TRUE)); |
31 | $_SESSION['token_poche'] = $token; | 33 | $_SESSION['token_poche'] = $token; |
32 | $_SESSION['token_time_poche'] = time(); | 34 | $_SESSION['token_time_poche'] = time(); |
35 | } | ||
36 | |||
37 | # Traitement des paramètres et déclenchement des actions | ||
38 | $action = (isset ($_REQUEST['action'])) ? htmlentities($_REQUEST['action']) : ''; | ||
39 | $_SESSION['view'] = (isset ($_GET['view'])) ? htmlentities($_GET['view']) : 'index'; | ||
40 | $_SESSION['sort'] = (isset ($_REQUEST['sort'])) ? htmlentities($_REQUEST['sort']) : 'id'; | ||
41 | $id = (isset ($_REQUEST['id'])) ? htmlspecialchars($_REQUEST['id']) : ''; | ||
42 | $url = (isset ($_GET['url'])) ? $_GET['url'] : ''; | ||
43 | $token = (isset ($_REQUEST['token'])) ? $_REQUEST['token'] : ''; | ||
44 | |||
45 | if ($action != '') { | ||
46 | action_to_do($action, $id, $url, $token); | ||
33 | } \ No newline at end of file | 47 | } \ No newline at end of file |
diff --git a/inc/functions.php b/inc/functions.php index 3ee238dd..a7430585 100755 --- a/inc/functions.php +++ b/inc/functions.php | |||
@@ -46,9 +46,9 @@ function get_external_file($url, $timeout) | |||
46 | 46 | ||
47 | // create http context and add timeout and user-agent | 47 | // create http context and add timeout and user-agent |
48 | $context = stream_context_create(array('http'=>array('timeout' => $timeout, // Timeout : time until we stop waiting for the response. | 48 | $context = stream_context_create(array('http'=>array('timeout' => $timeout, // Timeout : time until we stop waiting for the response. |
49 | 'header'=> "User-Agent: ".$useragent, // spoot Mozilla Firefox | 49 | 'header'=> "User-Agent: ".$useragent, // spoot Mozilla Firefox |
50 | 'follow_location' => true | 50 | 'follow_location' => true |
51 | ))); | 51 | ))); |
52 | 52 | ||
53 | // only download page lesser than 4MB | 53 | // only download page lesser than 4MB |
54 | $data = @file_get_contents($url, false, $context, -1, 4000000); // We download at most 4 MB from source. | 54 | $data = @file_get_contents($url, false, $context, -1, 4000000); // We download at most 4 MB from source. |
@@ -146,6 +146,20 @@ function action_to_do($action, $id, $url, $token) | |||
146 | } | 146 | } |
147 | else die('CSRF problem'); | 147 | else die('CSRF problem'); |
148 | break; | 148 | break; |
149 | case 'toggle_fav' : | ||
150 | if (verif_token($token)) { | ||
151 | $sql_action = "UPDATE entries SET is_fav=~is_fav WHERE id=?"; | ||
152 | $params_action = array($id); | ||
153 | } | ||
154 | else die('CSRF problem'); | ||
155 | break; | ||
156 | case 'toggle_archive' : | ||
157 | if (verif_token($token)) { | ||
158 | $sql_action = "UPDATE entries SET is_read=~is_read WHERE id=?"; | ||
159 | $params_action = array($id); | ||
160 | } | ||
161 | else die('CSRF problem'); | ||
162 | break; | ||
149 | default: | 163 | default: |
150 | break; | 164 | break; |
151 | } | 165 | } |
@@ -168,22 +182,41 @@ function action_to_do($action, $id, $url, $token) | |||
168 | /** | 182 | /** |
169 | * Détermine quels liens afficher : home, fav ou archives | 183 | * Détermine quels liens afficher : home, fav ou archives |
170 | */ | 184 | */ |
171 | function display_view($view) | 185 | function display_view() |
172 | { | 186 | { |
173 | global $db; | 187 | global $db; |
174 | 188 | ||
175 | switch ($view) | 189 | switch ($_SESSION['sort']) |
190 | { | ||
191 | case 'ia': | ||
192 | $order = 'ORDER BY id'; | ||
193 | break; | ||
194 | case 'id': | ||
195 | $order = 'ORDER BY id DESC'; | ||
196 | break; | ||
197 | case 'ta': | ||
198 | $order = 'ORDER BY lower(title)'; | ||
199 | break; | ||
200 | case 'td': | ||
201 | $order = 'ORDER BY lower(title) DESC'; | ||
202 | break; | ||
203 | default: | ||
204 | $order = 'ORDER BY id'; | ||
205 | break; | ||
206 | } | ||
207 | |||
208 | switch ($_SESSION['view']) | ||
176 | { | 209 | { |
177 | case 'archive': | 210 | case 'archive': |
178 | $sql = "SELECT * FROM entries WHERE is_read=? ORDER BY id desc"; | 211 | $sql = "SELECT * FROM entries WHERE is_read=? " . $order; |
179 | $params = array(-1); | 212 | $params = array(-1); |
180 | break; | 213 | break; |
181 | case 'fav' : | 214 | case 'fav' : |
182 | $sql = "SELECT * FROM entries WHERE is_fav=? ORDER BY id desc"; | 215 | $sql = "SELECT * FROM entries WHERE is_fav=? " . $order; |
183 | $params = array(-1); | 216 | $params = array(-1); |
184 | break; | 217 | break; |
185 | default: | 218 | default: |
186 | $sql = "SELECT * FROM entries WHERE is_read=? ORDER BY id desc"; | 219 | $sql = "SELECT * FROM entries WHERE is_read=? " . $order; |
187 | $params = array(0); | 220 | $params = array(0); |
188 | break; | 221 | break; |
189 | } | 222 | } |
@@ -10,22 +10,17 @@ | |||
10 | 10 | ||
11 | include dirname(__FILE__).'/inc/config.php'; | 11 | include dirname(__FILE__).'/inc/config.php'; |
12 | 12 | ||
13 | $action = (isset ($_REQUEST['action'])) ? htmlentities($_REQUEST['action']) : ''; | 13 | $entries = display_view(); |
14 | $view = (isset ($_GET['view'])) ? htmlentities($_GET['view']) : 'index'; | ||
15 | $id = (isset ($_REQUEST['id'])) ? htmlspecialchars($_REQUEST['id']) : ''; | ||
16 | $url = (isset ($_GET['url'])) ? $_GET['url'] : ''; | ||
17 | $token = (isset ($_POST['token'])) ? $_POST['token'] : ''; | ||
18 | |||
19 | if ($action != '') { | ||
20 | action_to_do($action, $id, $url, $token); | ||
21 | } | ||
22 | |||
23 | $entries = display_view($view); | ||
24 | 14 | ||
25 | $tpl->assign('title', 'poche, a read it later open source system'); | 15 | $tpl->assign('title', 'poche, a read it later open source system'); |
26 | $tpl->assign('view', $view); | 16 | $tpl->assign('view', $_SESSION['view']); |
27 | $tpl->assign('poche_url', get_poche_url()); | 17 | $tpl->assign('poche_url', get_poche_url()); |
28 | $tpl->assign('entries', $entries); | 18 | $tpl->assign('entries', $entries); |
29 | $tpl->assign('load_all_js', 1); | 19 | $tpl->assign('load_all_js', 1); |
30 | $tpl->assign('token', $_SESSION['token_poche']); | 20 | $tpl->assign('token', $_SESSION['token_poche']); |
31 | $tpl->draw('home'); \ No newline at end of file | 21 | |
22 | $tpl->draw('head'); | ||
23 | $tpl->draw('home'); | ||
24 | $tpl->draw('entries'); | ||
25 | $tpl->draw('js'); | ||
26 | $tpl->draw('footer'); \ No newline at end of file | ||
diff --git a/js/poche.js b/js/poche.js index 0dcc0a35..f0e39b38 100644 --- a/js/poche.js +++ b/js/poche.js | |||
@@ -1,7 +1,7 @@ | |||
1 | function toggle_favorite(element, id, token) { | 1 | function toggle_favorite(element, id, token) { |
2 | $(element).toggleClass('fav-off'); | 2 | $(element).toggleClass('fav-off'); |
3 | $.ajax ({ | 3 | $.ajax ({ |
4 | url: "process.php?action=toggle_fav", | 4 | url: "index.php?action=toggle_fav", |
5 | data:{id:id, token:token} | 5 | data:{id:id, token:token} |
6 | }); | 6 | }); |
7 | } | 7 | } |
@@ -9,7 +9,7 @@ function toggle_favorite(element, id, token) { | |||
9 | function toggle_archive(element, id, token, view_article) { | 9 | function toggle_archive(element, id, token, view_article) { |
10 | $(element).toggleClass('archive-off'); | 10 | $(element).toggleClass('archive-off'); |
11 | $.ajax ({ | 11 | $.ajax ({ |
12 | url: "process.php?action=toggle_archive", | 12 | url: "index.php?action=toggle_archive", |
13 | data:{id:id, token:token} | 13 | data:{id:id, token:token} |
14 | }); | 14 | }); |
15 | var obj = $('#entry-'+id); | 15 | var obj = $('#entry-'+id); |
@@ -20,4 +20,8 @@ function toggle_archive(element, id, token, view_article) { | |||
20 | $('#content').masonry('reloadItems'); | 20 | $('#content').masonry('reloadItems'); |
21 | $('#content').masonry('reload'); | 21 | $('#content').masonry('reload'); |
22 | } | 22 | } |
23 | } | ||
24 | |||
25 | function sort_links(sort, token) { | ||
26 | $('#content').load('process.php', { sort: sort, token: token } ); | ||
23 | } \ No newline at end of file | 27 | } \ No newline at end of file |
diff --git a/process.php b/process.php deleted file mode 100644 index 5a056caa..00000000 --- a/process.php +++ /dev/null | |||
@@ -1,40 +0,0 @@ | |||
1 | <?php | ||
2 | /** | ||
3 | * poche, a read it later open source system | ||
4 | * | ||
5 | * @category poche | ||
6 | * @author Nicolas Lœuillet <nicolas@loeuillet.org> | ||
7 | * @copyright 2013 | ||
8 | * @license http://www.wtfpl.net/ see COPYING file | ||
9 | */ | ||
10 | |||
11 | include dirname(__FILE__).'/inc/config.php'; | ||
12 | $db = new db(DB_PATH); | ||
13 | |||
14 | $action = (isset ($_GET['action'])) ? htmlentities($_GET['action']) : ''; | ||
15 | $id = (isset ($_GET['id'])) ? htmlentities($_GET['id']) : ''; | ||
16 | $token = (isset ($_GET['token'])) ? $_GET['token'] : ''; | ||
17 | |||
18 | if (verif_token($token)) { | ||
19 | switch ($action) | ||
20 | { | ||
21 | case 'toggle_fav' : | ||
22 | $sql_action = "UPDATE entries SET is_fav=~is_fav WHERE id=?"; | ||
23 | $params_action = array($id); | ||
24 | break; | ||
25 | case 'toggle_archive' : | ||
26 | $sql_action = "UPDATE entries SET is_read=~is_read WHERE id=?"; | ||
27 | $params_action = array($id); | ||
28 | break; | ||
29 | default: | ||
30 | break; | ||
31 | } | ||
32 | |||
33 | # action query | ||
34 | if (isset($sql_action)) | ||
35 | { | ||
36 | $query = $db->getHandle()->prepare($sql_action); | ||
37 | $query->execute($params_action); | ||
38 | } | ||
39 | } | ||
40 | else die('CSRF problem'); \ No newline at end of file | ||
diff --git a/tpl/entries.html b/tpl/entries.html new file mode 100644 index 00000000..0d3e6bc0 --- /dev/null +++ b/tpl/entries.html | |||
@@ -0,0 +1,16 @@ | |||
1 | {loop="entries"} | ||
2 | <div id="entry-{$value.id}" class="entrie mb2"> | ||
3 | <span class="content"> | ||
4 | <h2 class="h6-like"> | ||
5 | <a href="view.php?id={$value.id}">{$value.title}</a> | ||
6 | </h2> | ||
7 | <div class="tools"> | ||
8 | <ul> | ||
9 | <li><a title="toggle mark as read" class="tool archive {if="$value.is_read == '0'"}archive-off{/if}" onclick="toggle_archive(this, {$value.id}, '{$token}')"><span></span></a></li> | ||
10 | <li><a title="toggle favorite" class="tool fav {if="$value.is_fav == '0'"}fav-off{/if}" onclick="toggle_favorite(this, {$value.id}, '{$token}')"><span></span></a></li> | ||
11 | <li><form method="post" onsubmit="return confirm('Are you sure?')" style="display: inline;"><input type="hidden" name="token" id="token" value="{$token}" /><input type="hidden" id="action" name="action" value="delete" /><input type="hidden" id="id" name="id" value="{$value.id}" /><input type="submit" class="delete" title="toggle delete" /></form></li> | ||
12 | </ul> | ||
13 | </div> | ||
14 | </span> | ||
15 | </div> | ||
16 | {/loop} \ No newline at end of file | ||
diff --git a/tpl/footer.html b/tpl/footer.html index d225acbe..04bedabc 100755 --- a/tpl/footer.html +++ b/tpl/footer.html | |||
@@ -1,3 +1,9 @@ | |||
1 | </div> | ||
2 | </div> | ||
3 | |||
1 | <footer class="mr2 mt3 smaller"> | 4 | <footer class="mr2 mt3 smaller"> |
2 | <p>powered by <a href="http://inthepoche.com">poche</a><br />follow us on <a href="https://twitter.com/getpoche" title="follow us on twitter">twitter</a></p> | 5 | <p>powered by <a href="http://inthepoche.com">poche</a><br />follow us on <a href="https://twitter.com/getpoche" title="follow us on twitter">twitter</a></p> |
3 | </footer> \ No newline at end of file | 6 | </footer> |
7 | |||
8 | </body> | ||
9 | </html> \ No newline at end of file | ||
diff --git a/tpl/home.html b/tpl/home.html index 0de8007b..d9612532 100644 --- a/tpl/home.html +++ b/tpl/home.html | |||
@@ -1,4 +1,3 @@ | |||
1 | {include="head"} | ||
2 | <body> | 1 | <body> |
3 | <header> | 2 | <header> |
4 | <h1><img src="./img/logo.png" alt="logo poche" />poche</h1> | 3 | <h1><img src="./img/logo.png" alt="logo poche" />poche</h1> |
@@ -10,26 +9,10 @@ | |||
10 | <li><a href="?view=archive" {if="$view == 'archive'"}class="current"{/if}>archive</a></li> | 9 | <li><a href="?view=archive" {if="$view == 'archive'"}class="current"{/if}>archive</a></li> |
11 | <li><a style="cursor: move" title="i am a bookmarklet, use me !" href="javascript:(function(){var%20url%20=%20location.href%20||%20url;window.open('{$poche_url}?action=add&url='%20+%20encodeURIComponent(url),'_self');})();">poche it !</a></li> | 10 | <li><a style="cursor: move" title="i am a bookmarklet, use me !" href="javascript:(function(){var%20url%20=%20location.href%20||%20url;window.open('{$poche_url}?action=add&url='%20+%20encodeURIComponent(url),'_self');})();">poche it !</a></li> |
12 | </ul> | 11 | </ul> |
13 | <div id="content"> | 12 | <!-- <ul> |
14 | {loop="entries"} | 13 | <li onclick="sort_links('ia', '{$token}');">tri par id asc</li> |
15 | <div id="entry-{$value.id}" class="entrie mb2"> | 14 | <li onclick="sort_links('id', '{$token}');">tri par id desc</li> |
16 | <span class="content"> | 15 | <li onclick="sort_links('ta', '{$token}');">tri par title asc</li> |
17 | <h2 class="h6-like"> | 16 | <li onclick="sort_links('td', '{$token}');">tri par title desc</li> |
18 | <a href="view.php?id={$value.id}">{$value.title}</a> | 17 | </ul> --> |
19 | </h2> | 18 | <div id="content"> \ No newline at end of file |
20 | <div class="tools"> | ||
21 | <ul> | ||
22 | <li><a title="toggle mark as read" class="tool archive {if="$value.is_read == '0'"}archive-off{/if}" onclick="toggle_archive(this, {$value.id}, '{$token}')"><span></span></a></li> | ||
23 | <li><a title="toggle favorite" class="tool fav {if="$value.is_fav == '0'"}fav-off{/if}" onclick="toggle_favorite(this, {$value.id}, '{$token}')"><span></span></a></li> | ||
24 | <li><form method="post" onsubmit="return confirm('Are you sure?')" style="display: inline;"><input type="hidden" name="token" id="token" value="{$token}" /><input type="hidden" id="action" name="action" value="delete" /><input type="hidden" id="id" name="id" value="{$value.id}" /><input type="submit" class="delete" title="toggle delete" /></form></li> | ||
25 | </ul> | ||
26 | </div> | ||
27 | </span> | ||
28 | </div> | ||
29 | {/loop} | ||
30 | </div> | ||
31 | </div> | ||
32 | {include="footer"} | ||
33 | {include="js"} | ||
34 | </body> | ||
35 | </html> | ||