3 files changed, 96 insertions, 2 deletions
diff --git a/inc/3rdparty/libraries/feedwriter/FeedItem.php b/inc/3rdparty/libraries/feedwriter/FeedItem.php
index 3487423f..54a56f22 100644
--- a/inc/3rdparty/libraries/feedwriter/FeedItem.php
+++ b/inc/3rdparty/libraries/feedwriter/FeedItem.php
@@ -174,7 +174,8 @@
    */
    public function setSource($link) 
    {
-        $this->setElement('source', $link);
+        $attributes = array('url'=>$link);
+        $this->setElement('source', "wallabag",$attributes);
    }
    
    /**
diff --git a/inc/poche/Database.class.php b/inc/poche/Database.class.php
index 036c9d1b..141d7987 100755
--- a/inc/poche/Database.class.php
+++ b/inc/poche/Database.class.php
@@ -33,6 +33,8 @@ class Database {
                $db_path = 'pgsql:host=' . STORAGE_SERVER . ';dbname=' . STORAGE_DB;
                $this->handle = new PDO($db_path, STORAGE_USER, STORAGE_PASSWORD);
                break;
+            default:
+                die(STORAGE . ' is not a recognised database system !');
        }
        $this->handle->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
@@ -229,12 +231,49 @@ class Database {
            return FALSE;
        }
    }
+    
+    public function listUsers($username=null) {
+        $sql = 'SELECT count(*) FROM users'.( $username ? ' WHERE username=?' : '');
+        $query = $this->executeQuery($sql, ( $username ? array($username) : array()));
+        list($count) = $query->fetch();
+        return $count;
+    }
+    
+    public function getUserPassword($userID) {
+        $sql = "SELECT * FROM users WHERE id=?";
+        $query = $this->executeQuery($sql, array($userID));
+        $password = $query->fetchAll();
+        return isset($password[0]['password']) ? $password[0]['password'] : null;
+    }
+    
+    public function deleteUserConfig($userID) {
+        $sql_action = 'DELETE from users_config WHERE user_id=?';
+        $params_action = array($userID);
+        $query = $this->executeQuery($sql_action, $params_action);
+        return $query;
+    }
+    
+    public function deleteTagsEntriesAndEntries($userID) {
+        $entries = $this->retrieveAll($userID);
+        foreach($entries as $entryid) {
+            $tags = $this->retrieveTagsByEntry($entryid);
+            foreach($tags as $tag) {
+                $this->removeTagForEntry($entryid,$tags);
+            }
+            $this->deleteById($entryid,$userID);
+        }
+    }
+    
+    public function deleteUser($userID) {
+        $sql_action = 'DELETE from users WHERE id=?';
+        $params_action = array($userID);
+        $query = $this->executeQuery($sql_action, $params_action);
+    }
    public function updateContentAndTitle($id, $title, $body, $user_id) {
        $sql_action = 'UPDATE entries SET content = ?, title = ? WHERE id=? AND user_id=?';
        $params_action = array($body, $title, $id, $user_id);
        $query = $this->executeQuery($sql_action, $params_action);
        return $query;
    }
diff --git a/inc/poche/Poche.class.php b/inc/poche/Poche.class.php
index 66710ecb..7e3e6afe 100755
--- a/inc/poche/Poche.class.php
+++ b/inc/poche/Poche.class.php
@@ -241,6 +241,58 @@ class Poche
        $filter = new Twig_SimpleFilter('getReadingTime', 'Tools::getReadingTime');
        $this->tpl->addFilter($filter);
    }
+    
+    public function createNewUser() {
+        if (isset($_GET['newuser'])){
+            if ($_POST['newusername'] != "" && $_POST['password4newuser'] != ""){
+                $newusername = filter_var($_POST['newusername'], FILTER_SANITIZE_STRING);
+                if (!$this->store->userExists($newusername)){   
+                    if ($this->store->install($newusername, Tools::encodeString($_POST['password4newuser'] . $newusername))) {
+                        Tools::logm('The new user '.$newusername.' has been installed');
+                        $this->messages->add('s', sprintf(_('The new user %s has been installed. Do you want to <a href="?logout">logout ?</a>'),$newusername));
+                        Tools::redirect();
+                    }
+                    else {
+                        Tools::logm('error during adding new user');
+                        Tools::redirect();
+                    }
+                }
+                else {
+                    $this->messages->add('e', sprintf(_('Error : An user with the name %s already exists !'),$newusername));
+                    Tools::logm('An user with the name '.$newusername.' already exists !');
+                    Tools::redirect();
+                }
+            }
+        }
+    }
+   
+    public function deleteUser(){
+        if (isset($_GET['deluser'])){
+            if ($this->store->listUsers() > 1) {
+                if (Tools::encodeString($_POST['password4deletinguser'].$this->user->getUsername()) == $this->store->getUserPassword($this->user->getId())) {
+                    $username = $this->user->getUsername();
+                    $this->store->deleteUserConfig($this->user->getId());
+                    Tools::logm('The configuration for user '. $username .' has been deleted !');
+                    $this->store->deleteTagsEntriesAndEntries($this->user->getId());
+                    Tools::logm('The entries for user '. $username .' has been deleted !');
+                    $this->store->deleteUser($this->user->getId());
+                    Tools::logm('User '. $username .' has been completely deleted !');
+                    Session::logout();
+                    Tools::logm('logout');
+                    Tools::redirect();
+                    $this->messages->add('s', sprintf(_('User %s has been successfully deleted !'),$newusername));
+                }
+                else {
+                    Tools::logm('Bad password !');
+                    $this->messages->add('e', _('Error : The password is wrong !'));
+                }
+            }
+            else {
+                Tools::logm('Only user !');
+                $this->messages->add('e', _('Error : You are the only user, you cannot delete your account !'));
+            }
+        }
+    }
    private function install()
    {
@@ -532,6 +584,7 @@ class Poche
                $languages = $this->getInstalledLanguages();
                $token = $this->user->getConfigValue('token');
                $http_auth = (isset($_SERVER['PHP_AUTH_USER']) || isset($_SERVER['REMOTE_USER'])) ? true : false;
+                $only_user = ($this->store->listUsers() > 1) ? false : true;
                $tpl_vars = array(
                    'themes' => $themes,
                    'languages' => $languages,
@@ -544,6 +597,7 @@ class Poche
                    'token' => $token,
                    'user_id' => $this->user->getId(),
                    'http_auth' => $http_auth,
+                    'only_user' => $only_user
                );
                Tools::logm('config view');
                break;

diff --git a/inc/3rdparty/libraries/feedwriter/FeedItem.php b/inc/3rdparty/libraries/feedwriter/FeedItem.php index 3487423f..54a56f22 100644 --- a/inc/3rdparty/libraries/feedwriter/FeedItem.php +++ b/inc/3rdparty/libraries/feedwriter/FeedItem.php
@@ -174,7 +174,8 @@
174	*/	174	*/
175	public function setSource($link)	175	public function setSource($link)
176	{	176	{
177	$this->setElement('source', $link);	177	$attributes = array('url'=>$link);
		178	$this->setElement('source', "wallabag",$attributes);
178	}	179	}
179		180
180	/**	181	/**


diff --git a/inc/poche/Database.class.php b/inc/poche/Database.class.php index 036c9d1b..141d7987 100755 --- a/inc/poche/Database.class.php +++ b/inc/poche/Database.class.php
@@ -33,6 +33,8 @@ class Database {
33	$db_path = 'pgsql:host=' . STORAGE_SERVER . ';dbname=' . STORAGE_DB;	33	$db_path = 'pgsql:host=' . STORAGE_SERVER . ';dbname=' . STORAGE_DB;
34	$this->handle = new PDO($db_path, STORAGE_USER, STORAGE_PASSWORD);	34	$this->handle = new PDO($db_path, STORAGE_USER, STORAGE_PASSWORD);
35	break;	35	break;
		36	default:
		37	die(STORAGE . ' is not a recognised database system !');
36	}	38	}
37		39
38	$this->handle->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);	40	$this->handle->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
@@ -229,12 +231,49 @@ class Database {
229	return FALSE;	231	return FALSE;
230	}	232	}
231	}	233	}
		234
		235	public function listUsers($username=null) {
		236	$sql = 'SELECT count(*) FROM users'.( $username ? ' WHERE username=?' : '');
		237	$query = $this->executeQuery($sql, ( $username ? array($username) : array()));
		238	list($count) = $query->fetch();
		239	return $count;
		240	}
		241
		242	public function getUserPassword($userID) {
		243	$sql = "SELECT * FROM users WHERE id=?";
		244	$query = $this->executeQuery($sql, array($userID));
		245	$password = $query->fetchAll();
		246	return isset($password[0]['password']) ? $password[0]['password'] : null;
		247	}
		248
		249	public function deleteUserConfig($userID) {
		250	$sql_action = 'DELETE from users_config WHERE user_id=?';
		251	$params_action = array($userID);
		252	$query = $this->executeQuery($sql_action, $params_action);
		253	return $query;
		254	}
		255
		256	public function deleteTagsEntriesAndEntries($userID) {
		257	$entries = $this->retrieveAll($userID);
		258	foreach($entries as $entryid) {
		259	$tags = $this->retrieveTagsByEntry($entryid);
		260	foreach($tags as $tag) {
		261	$this->removeTagForEntry($entryid,$tags);
		262	}
		263	$this->deleteById($entryid,$userID);
		264	}
		265	}
		266
		267	public function deleteUser($userID) {
		268	$sql_action = 'DELETE from users WHERE id=?';
		269	$params_action = array($userID);
		270	$query = $this->executeQuery($sql_action, $params_action);
		271	}
232		272
233	public function updateContentAndTitle($id, $title, $body, $user_id) {	273	public function updateContentAndTitle($id, $title, $body, $user_id) {
234	$sql_action = 'UPDATE entries SET content = ?, title = ? WHERE id=? AND user_id=?';	274	$sql_action = 'UPDATE entries SET content = ?, title = ? WHERE id=? AND user_id=?';
235	$params_action = array($body, $title, $id, $user_id);	275	$params_action = array($body, $title, $id, $user_id);
236	$query = $this->executeQuery($sql_action, $params_action);	276	$query = $this->executeQuery($sql_action, $params_action);
237
238	return $query;	277	return $query;
239	}	278	}
240		279


diff --git a/inc/poche/Poche.class.php b/inc/poche/Poche.class.php index 66710ecb..7e3e6afe 100755 --- a/inc/poche/Poche.class.php +++ b/inc/poche/Poche.class.php
@@ -241,6 +241,58 @@ class Poche
241	$filter = new Twig_SimpleFilter('getReadingTime', 'Tools::getReadingTime');	241	$filter = new Twig_SimpleFilter('getReadingTime', 'Tools::getReadingTime');
242	$this->tpl->addFilter($filter);	242	$this->tpl->addFilter($filter);
243	}	243	}
		244
		245	public function createNewUser() {
		246	if (isset($_GET['newuser'])){
		247	if ($_POST['newusername'] != "" && $_POST['password4newuser'] != ""){
		248	$newusername = filter_var($_POST['newusername'], FILTER_SANITIZE_STRING);
		249	if (!$this->store->userExists($newusername)){
		250	if ($this->store->install($newusername, Tools::encodeString($_POST['password4newuser'] . $newusername))) {
		251	Tools::logm('The new user '.$newusername.' has been installed');
		252	$this->messages->add('s', sprintf(_('The new user %s has been installed. Do you want to <a href="?logout">logout ?</a>'),$newusername));
		253	Tools::redirect();
		254	}
		255	else {
		256	Tools::logm('error during adding new user');
		257	Tools::redirect();
		258	}
		259	}
		260	else {
		261	$this->messages->add('e', sprintf(_('Error : An user with the name %s already exists !'),$newusername));
		262	Tools::logm('An user with the name '.$newusername.' already exists !');
		263	Tools::redirect();
		264	}
		265	}
		266	}
		267	}
		268
		269	public function deleteUser(){
		270	if (isset($_GET['deluser'])){
		271	if ($this->store->listUsers() > 1) {
		272	if (Tools::encodeString($_POST['password4deletinguser'].$this->user->getUsername()) == $this->store->getUserPassword($this->user->getId())) {
		273	$username = $this->user->getUsername();
		274	$this->store->deleteUserConfig($this->user->getId());
		275	Tools::logm('The configuration for user '. $username .' has been deleted !');
		276	$this->store->deleteTagsEntriesAndEntries($this->user->getId());
		277	Tools::logm('The entries for user '. $username .' has been deleted !');
		278	$this->store->deleteUser($this->user->getId());
		279	Tools::logm('User '. $username .' has been completely deleted !');
		280	Session::logout();
		281	Tools::logm('logout');
		282	Tools::redirect();
		283	$this->messages->add('s', sprintf(_('User %s has been successfully deleted !'),$newusername));
		284	}
		285	else {
		286	Tools::logm('Bad password !');
		287	$this->messages->add('e', _('Error : The password is wrong !'));
		288	}
		289	}
		290	else {
		291	Tools::logm('Only user !');
		292	$this->messages->add('e', _('Error : You are the only user, you cannot delete your account !'));
		293	}
		294	}
		295	}
244		296
245	private function install()	297	private function install()
246	{	298	{
@@ -532,6 +584,7 @@ class Poche
532	$languages = $this->getInstalledLanguages();	584	$languages = $this->getInstalledLanguages();
533	$token = $this->user->getConfigValue('token');	585	$token = $this->user->getConfigValue('token');
534	$http_auth = (isset($_SERVER['PHP_AUTH_USER']) \|\| isset($_SERVER['REMOTE_USER'])) ? true : false;	586	$http_auth = (isset($_SERVER['PHP_AUTH_USER']) \|\| isset($_SERVER['REMOTE_USER'])) ? true : false;
		587	$only_user = ($this->store->listUsers() > 1) ? false : true;
535	$tpl_vars = array(	588	$tpl_vars = array(
536	'themes' => $themes,	589	'themes' => $themes,
537	'languages' => $languages,	590	'languages' => $languages,
@@ -544,6 +597,7 @@ class Poche
544	'token' => $token,	597	'token' => $token,
545	'user_id' => $this->user->getId(),	598	'user_id' => $this->user->getId(),
546	'http_auth' => $http_auth,	599	'http_auth' => $http_auth,
		600	'only_user' => $only_user
547	);	601	);
548	Tools::logm('config view');	602	Tools::logm('config view');
549	break;	603	break;