19 files changed, 722 insertions, 278 deletions

diff --git a/inc/3rdparty/FlattrItem.class.php b/inc/3rdparty/FlattrItem.class.php
new file mode 100644
index 00000000..c940fcd6
--- /dev/null
+++ b/inc/3rdparty/FlattrItem.class.php
@@ -0,0 +1,49 @@
+<?php
+/* 
+* Class for Flattr querying
+*/
+class FlattrItem {
+
+    public $status;
+    public $urltoflattr;
+    public $flattrItemURL;
+    public $numflattrs;
+
+    public function checkItem($urltoflattr) {
+        $this->cacheflattrfile($urltoflattr);
+        $flattrResponse = file_get_contents(CACHE . "/flattr/".base64_encode($urltoflattr).".cache");
+        if($flattrResponse != FALSE) {
+            $result = json_decode($flattrResponse);
+            if (isset($result->message)){
+                if ($result->message == "flattrable") {
+                    $this->status = FLATTRABLE;
+                }
+            } 
+            elseif ($result->link) {
+                $this->status = FLATTRED;
+                $this->flattrItemURL = $result->link;
+                $this->numflattrs = $result->flattrs;
+            }
+            else {
+                $this->status = NOT_FLATTRABLE;
+            }
+        }
+        else {
+            $this->status = "FLATTR_ERR_CONNECTION";
+        }
+    }
+
+    private function cacheflattrfile($urltoflattr) {
+        if (!is_dir(CACHE . '/flattr')) {
+            mkdir(CACHE . '/flattr', 0777);
+        }
+
+        // if a cache flattr file for this url already exists and it's been less than one day than it have been updated, see in /cache
+        if ((!file_exists(CACHE . "/flattr/".base64_encode($urltoflattr).".cache")) || (time() - filemtime(CACHE . "/flattr/".base64_encode($urltoflattr).".cache") > 86400)) {
+            $askForFlattr = Tools::getFile(FLATTR_API . $urltoflattr);
+            $flattrCacheFile = fopen(CACHE . "/flattr/".base64_encode($urltoflattr).".cache", 'w+');
+            fwrite($flattrCacheFile, $askForFlattr);
+            fclose($flattrCacheFile);
+        }
+    }
+}
\ No newline at end of file
diff --git a/inc/3rdparty/Session.class.php b/inc/3rdparty/Session.class.php
index 3162f507..df913a06 100644
--- a/inc/3rdparty/Session.class.php
+++ b/inc/3rdparty/Session.class.php
@@ -1,136 +1,279 @@
 <?php
 /**
  * Session management class
+ *
  * http://www.developpez.net/forums/d51943/php/langage/sessions/
  * http://sebsauvage.net/wiki/doku.php?id=php:session
  * http://sebsauvage.net/wiki/doku.php?id=php:shaarli
- *
+ * 
  * Features:
  * - Everything is stored on server-side (we do not trust client-side data,
  *   such as cookie expiration)
- * - IP addresses + user agent are checked on each access to prevent session
- *   cookie hijacking (such as Firesheep)
+ * - IP addresses are checked on each access to prevent session cookie hijacking
+ *   (such as Firesheep)
  * - Session expires on user inactivity (Session expiration date is
  *   automatically updated everytime the user accesses a page.)
  * - A unique secret key is generated on server-side for this session
- *   (and never sent over the wire) which can be used
- *   to sign forms (HMAC) (See $_SESSION['uid'] )
- * - Token management to prevent XSRF attacks.
+ *   (and never sent over the wire) which can be used to sign forms (HMAC)
+ *   (See $_SESSION['uid'])
+ * - Token management to prevent XSRF attacks
+ * - Brute force protection with ban management
  *
- * TODO:
- * - log login fail
- * - prevent brute force (ban IP)
+ * TODOs
+ * - Replace globals with variables in Session class
  *
- * HOWTOUSE:
- * - Just call Session::init(); to initialize session and
- *   check if connected with Session::isLogged()
+ * How to use:
+ * - http://tontof.net/kriss/php5/session
  */
-
 class Session
 {
+    // Personnalize PHP session name
+    public static $sessionName = '';
     // If the user does not access any page within this time,
-    // his/her session is considered expired (in seconds).
-    public static $inactivity_timeout = 3600;
-    private static $_instance;
+    // his/her session is considered expired (3600 sec. = 1 hour)
+    public static $inactivityTimeout = 3600;
+    // If you get disconnected often or if your IP address changes often.
+    // Let you disable session cookie hijacking protection
+    public static $disableSessionProtection = false;
+    // Ban IP after this many failures.
+    public static $banAfter = 4;
+    // Ban duration for IP address after login failures (in seconds).
+    // (1800 sec. = 30 minutes)
+    public static $banDuration = 1800;
+    // File storage for failures and bans. If empty, no ban management.
+    public static $banFile = '';
 
-    // constructor
-    private function __construct()
+    /**
+     * Initialize session
+     */
+    public static function init()
     {
+        // Force cookie path (but do not change lifetime)
+        $cookie = session_get_cookie_params();
+        // Default cookie expiration and path.
+        $cookiedir = '';
+        if (dirname($_SERVER['SCRIPT_NAME'])!='/') {
+            $cookiedir = dirname($_SERVER["SCRIPT_NAME"]).'/';
+        }
+        $ssl = false;
+        if (isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] == "on") {
+            $ssl = true;
+        }
+        session_set_cookie_params($cookie['lifetime'], $cookiedir, $_SERVER['HTTP_HOST'], $ssl);
         // Use cookies to store session.
         ini_set('session.use_cookies', 1);
         // Force cookies for session  (phpsessionID forbidden in URL)
         ini_set('session.use_only_cookies', 1);
-        if (!session_id()){
+        if (!session_id()) {
             // Prevent php to use sessionID in URL if cookies are disabled.
             ini_set('session.use_trans_sid', false);
-            session_start('poche');
+            if (!empty(self::$sessionName)) {
+                session_name(self::$sessionName);
+            }
+            session_start();
         }
     }
 
-    // initialize session
-    public static function init()
+    /**
+     * Returns the IP address
+     * (Used to prevent session cookie hijacking.)
+     *
+     * @return string IP addresses
+     */
+    private static function _allIPs()
     {
-        if (!isset(self::$_instance)) {
-            self::$_instance = new Session();
-        }
-    }
+        $ip = $_SERVER["REMOTE_ADDR"];
+        $ip.= isset($_SERVER['HTTP_X_FORWARDED_FOR']) ? '_'.$_SERVER['HTTP_X_FORWARDED_FOR'] : '';
+        $ip.= isset($_SERVER['HTTP_CLIENT_IP']) ? '_'.$_SERVER['HTTP_CLIENT_IP'] : '';
 
-    // Returns the IP address, user agent and language of the client
-    // (Used to prevent session cookie hijacking.)
-    private static function _allInfos()
-    {
-        $infos = $_SERVER["REMOTE_ADDR"];
-        if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
-            $infos.=$_SERVER['HTTP_X_FORWARDED_FOR'];
-        }
-        if (isset($_SERVER['HTTP_CLIENT_IP'])) {
-            $infos.='_'.$_SERVER['HTTP_CLIENT_IP'];
-        }
-        $infos.='_'.$_SERVER['HTTP_USER_AGENT'];
-        $infos.='_'.$_SERVER['HTTP_ACCEPT_LANGUAGE'];
-        return sha1($infos);
+        return $ip;
     }
 
-    // Check that user/password is correct and init some SESSION variables.
-    public static function login($login,$password,$login_test,$password_test,
-                                 $pValues = array())
+    /**
+     * Check that user/password is correct and then init some SESSION variables.
+     *
+     * @param string $login        Login reference
+     * @param string $password     Password reference
+     * @param string $loginTest    Login to compare with login reference
+     * @param string $passwordTest Password to compare with password reference
+     * @param array  $pValues      Array of variables to store in SESSION
+     *
+     * @return true|false          True if login and password are correct, false
+     *                             otherwise
+     */
+    public static function login (
+        $login,
+        $password,
+        $loginTest,
+        $passwordTest,
+        $pValues = array())
     {
-        foreach ($pValues as $key => $value) {
-            $_SESSION[$key] = $value;
-        }
-        if ($login==$login_test && $password==$password_test){
-            // generate unique random number to sign forms (HMAC)
-            $_SESSION['uid'] = sha1(uniqid('',true).'_'.mt_rand());
-            $_SESSION['info']=Session::_allInfos();
-            $_SESSION['username']=$login;
-            // Set session expiration.
-            $_SESSION['expires_on']=time()+Session::$inactivity_timeout;
-            return true;
+        self::banInit();
+        if (self::banCanLogin()) {
+            if ($login === $loginTest && $password === $passwordTest) {
+                self::banLoginOk();
+                // Generate unique random number to sign forms (HMAC)
+                $_SESSION['uid'] = sha1(uniqid('', true).'_'.mt_rand());
+                $_SESSION['ip'] = self::_allIPs();
+                $_SESSION['username'] = $login;
+                // Set session expiration.
+                $_SESSION['expires_on'] = time() + self::$inactivityTimeout;
+
+                foreach ($pValues as $key => $value) {
+                    $_SESSION[$key] = $value;
+                }
+
+                return true;
+            }
+            self::banLoginFailed();
         }
+
         return false;
     }
 
-    // Force logout
+    /**
+     * Unset SESSION variable to force logout
+     */
     public static function logout()
     {
-        unset($_SESSION['uid'],$_SESSION['info'],$_SESSION['expires_on'],$_SESSION['tokens'], $_SESSION['login'], $_SESSION['pass'], $_SESSION['poche_user']);
+        unset($_SESSION['uid'],$_SESSION['ip'],$_SESSION['expires_on'],$_SESSION['tokens'], $_SESSION['login'], $_SESSION['pass'], $_SESSION['poche_user']);
     }
 
-    // Make sure user is logged in.
+    /**
+     * Make sure user is logged in.
+     *
+     * @return true|false True if user is logged in, false otherwise
+     */
     public static function isLogged()
     {
         if (!isset ($_SESSION['uid'])
-            || $_SESSION['info']!=Session::_allInfos()
-            || time()>=$_SESSION['expires_on']){
-            Session::logout();
+            || (self::$disableSessionProtection === false
+                && $_SESSION['ip'] !== self::_allIPs())
+            || time() >= $_SESSION['expires_on']) {
+            self::logout();
+
             return false;
         }
         // User accessed a page : Update his/her session expiration date.
-        $_SESSION['expires_on']=time()+Session::$inactivity_timeout;
+        $_SESSION['expires_on'] = time() + self::$inactivityTimeout;
+        if (!empty($_SESSION['longlastingsession'])) {
+                $_SESSION['expires_on'] += $_SESSION['longlastingsession'];
+        }
+
         return true;
     }
 
-    // Returns a token.
-    public static function getToken()
+    /**
+     * Create a token, store it in SESSION and return it
+     *
+     * @param string $salt to prevent birthday attack
+     *
+     * @return string Token created
+     */
+    public static function getToken($salt = '')
     {
-        if (!isset($_SESSION['tokens'])){
+        if (!isset($_SESSION['tokens'])) {
             $_SESSION['tokens']=array();
         }
         // We generate a random string and store it on the server side.
-        $rnd = sha1(uniqid('',true).'_'.mt_rand());
+        $rnd = sha1(uniqid('', true).'_'.mt_rand().$salt);
         $_SESSION['tokens'][$rnd]=1;
+
         return $rnd;
     }
 
-    // Tells if a token is ok. Using this function will destroy the token.
-    // return true if token is ok.
+    /**
+     * Tells if a token is ok. Using this function will destroy the token.
+     *
+     * @param string $token Token to test
+     *
+     * @return true|false   True if token is correct, false otherwise
+     */
     public static function isToken($token)
     {
-        if (isset($_SESSION['tokens'][$token]))
-        {
+        if (isset($_SESSION['tokens'][$token])) {
             unset($_SESSION['tokens'][$token]); // Token is used: destroy it.
+
             return true; // Token is ok.
         }
+
         return false; // Wrong token, or already used.
     }
-}
\ No newline at end of file
+
+    /**
+     * Signal a failed login. Will ban the IP if too many failures:
+     */
+    public static function banLoginFailed()
+    {
+        if (self::$banFile !== '') {
+            $ip = $_SERVER["REMOTE_ADDR"];
+            $gb = $GLOBALS['IPBANS'];
+
+            if (!isset($gb['FAILURES'][$ip])) {
+                $gb['FAILURES'][$ip] = 0;
+            }
+            $gb['FAILURES'][$ip]++;
+            if ($gb['FAILURES'][$ip] > (self::$banAfter - 1)) {
+                $gb['BANS'][$ip]= time() + self::$banDuration;
+            }
+
+            $GLOBALS['IPBANS'] = $gb;
+            file_put_contents(self::$banFile, "<?php\n\$GLOBALS['IPBANS']=".var_export($gb, true).";\n?>");
+        }
+    }
+
+    /**
+     * Signals a successful login. Resets failed login counter.
+     */
+    public static function banLoginOk()
+    {
+        if (self::$banFile !== '') {
+            $ip = $_SERVER["REMOTE_ADDR"];
+            $gb = $GLOBALS['IPBANS'];
+            unset($gb['FAILURES'][$ip]); unset($gb['BANS'][$ip]);
+            $GLOBALS['IPBANS'] = $gb;
+            file_put_contents(self::$banFile, "<?php\n\$GLOBALS['IPBANS']=".var_export($gb, true).";\n?>");
+        }
+    }
+
+    /**
+     * Ban init
+     */
+    public static function banInit()
+    {
+        if (self::$banFile !== '') {
+            if (!is_file(self::$banFile)) {
+                file_put_contents(self::$banFile, "<?php\n\$GLOBALS['IPBANS']=".var_export(array('FAILURES'=>array(), 'BANS'=>array()), true).";\n?>");
+            }
+            include self::$banFile;
+        }
+    }
+
+    /**
+     * Checks if the user CAN login. If 'true', the user can try to login.
+     *
+     * @return boolean true if user is banned, false otherwise
+     */
+    public static function banCanLogin()
+    {
+        if (self::$banFile !== '') {
+            $ip = $_SERVER["REMOTE_ADDR"];
+            $gb = $GLOBALS['IPBANS'];
+            if (isset($gb['BANS'][$ip])) {
+                // User is banned. Check if the ban has expired:
+                if ($gb['BANS'][$ip] <= time()) {
+                    // Ban expired, user can try to login again.
+                    unset($gb['FAILURES'][$ip]);
+                    unset($gb['BANS'][$ip]);
+                    file_put_contents(self::$banFile, "<?php\n\$GLOBALS['IPBANS']=".var_export($gb, true).";\n?>");
+
+                    return true; // Ban has expired, user can login.
+                }
+
+                return false; // User is banned.
+            }
+        }
+
+        return true; // User is not banned.
+    }
+}
diff --git a/inc/3rdparty/class.messages.php b/inc/3rdparty/class.messages.php
index e60bd3a1..e60bd3a1 100755..100644
--- a/inc/3rdparty/class.messages.php
+++ b/inc/3rdparty/class.messages.php
diff --git a/inc/3rdparty/content-extractor/ContentExtractor.php b/inc/3rdparty/content-extractor/ContentExtractor.php
index db371c6a..26878392 100644
--- a/inc/3rdparty/content-extractor/ContentExtractor.php
+++ b/inc/3rdparty/content-extractor/ContentExtractor.php
@@ -138,7 +138,7 @@ class ContentExtractor
                 }
                 
                 // load and parse html
-                $this->readability = new Readability($html, $url);              
+                $this->readability = new PocheReadability($html, $url);         
                 
                 // we use xpath to find elements in the given HTML document
                 // see http://en.wikipedia.org/wiki/XPath_1.0
diff --git a/inc/3rdparty/site_config/README.txt b/inc/3rdparty/site_config/README.txt
deleted file mode 100644
index 0aff456b..00000000
--- a/inc/3rdparty/site_config/README.txt
+++ /dev/null
@@ -1,6 +0,0 @@
-Full-Text RSS Site Patterns
----------------------------
-
-Site patterns allow you to specify what should be extracted from specific sites.
-
-Please see http://help.fivefilters.org/customer/portal/articles/223153-site-patterns for more information.
\ No newline at end of file
diff --git a/inc/3rdparty/site_config/custom/inthepoche.com.txt b/inc/3rdparty/site_config/custom/inthepoche.com.txt
deleted file mode 100644
index ede74b97..00000000
--- a/inc/3rdparty/site_config/custom/inthepoche.com.txt
+++ /dev/null
@@ -1,7 +0,0 @@
-title: //title
-body: //div[@class='post-content']
-
-prune: no
-tidy: no
-
-test_url: http://www.inthepoche.com/?post/poche-hosting
\ No newline at end of file
diff --git a/inc/3rdparty/site_config/index.php b/inc/3rdparty/site_config/index.php
deleted file mode 100644
index a3d5f739..00000000
--- a/inc/3rdparty/site_config/index.php
+++ /dev/null
@@ -1,3 +0,0 @@
-<?php
-// this is here to prevent directory listing over the web
-?>
\ No newline at end of file
diff --git a/inc/3rdparty/site_config/standard/.wikipedia.org.txt b/inc/3rdparty/site_config/standard/.wikipedia.org.txt
deleted file mode 100644
index 8b98ae4b..00000000
--- a/inc/3rdparty/site_config/standard/.wikipedia.org.txt
+++ /dev/null
@@ -1,19 +0,0 @@
-title: //h1[@id='firstHeading']
-body: //div[@id = 'bodyContent']
-strip_id_or_class: editsection
-#strip_id_or_class: toc
-strip_id_or_class: vertical-navbox
-strip: //table[@id='toc']
-strip: //div[@id='catlinks']
-strip: //div[@id='jump-to-nav']
-strip: //div[@class='thumbcaption']//div[@class='magnify']
-strip: //table[@class='navbox']
-strip: //table[contains(@class, 'infobox')]
-strip: //div[@class='dablink']
-strip: //div[@id='contentSub']
-strip: //table[contains(@class, 'metadata')]
-strip: //*[contains(@class, 'noprint')]
-strip: //span[@title='pronunciation:']
-prune: no
-tidy: no
-test_url: http://en.wikipedia.org/wiki/Christopher_Lloyd
\ No newline at end of file
diff --git a/inc/3rdparty/site_config/standard/index.php b/inc/3rdparty/site_config/standard/index.php
deleted file mode 100644
index a3d5f739..00000000
--- a/inc/3rdparty/site_config/standard/index.php
+++ /dev/null
@@ -1,3 +0,0 @@
-<?php
-// this is here to prevent directory listing over the web
-?>
\ No newline at end of file
diff --git a/inc/3rdparty/site_config/standard/version.php b/inc/3rdparty/site_config/standard/version.php
deleted file mode 100644
index e61807ed..00000000
--- a/inc/3rdparty/site_config/standard/version.php
+++ /dev/null
@@ -1,2 +0,0 @@
-<?php 
-return 1;
\ No newline at end of file
diff --git a/inc/poche/Database.class.php b/inc/poche/Database.class.php
index 84916b83..4d664992 100644
--- a/inc/poche/Database.class.php
+++ b/inc/poche/Database.class.php
@@ -60,11 +60,15 @@ class Database {
         $id_user = intval($this->getLastId($sequence));
 
         $sql = 'INSERT INTO users_config ( user_id, name, value ) VALUES (?, ?, ?)';
-        $params = array($id_user, 'pager', '10');
+        $params = array($id_user, 'pager', PAGINATION);
         $query = $this->executeQuery($sql, $params);
 
         $sql = 'INSERT INTO users_config ( user_id, name, value ) VALUES (?, ?, ?)';
-        $params = array($id_user, 'language', 'en_EN.UTF8');
+        $params = array($id_user, 'language', LANG);
+        $query = $this->executeQuery($sql, $params);
+        
+        $sql = 'INSERT INTO users_config ( user_id, name, value ) VALUES (?, ?, ?)';
+        $params = array($id_user, 'theme', DEFAULT_THEME);
         $query = $this->executeQuery($sql, $params);
 
         return TRUE;
@@ -101,10 +105,16 @@ class Database {
         return $user;
     }
 
-    public function updatePassword($id, $password)
+    public function updatePassword($userId, $password)
     {
         $sql_update = "UPDATE users SET password=? WHERE id=?";
         $params_update = array($password, $id);
+        $this->updateUserConfig($userId, 'password', $password);
+    }
+    
+    public function updateUserConfig($userId, $key, $value) {
+        $sql_update = "UPDATE users_config SET `value`=? WHERE `user_id`=? AND `name`=?";
+        $params_update = array($value, $userId, $key);
         $query = $this->executeQuery($sql_update, $params_update);
     }
 
diff --git a/inc/poche/Poche.class.php b/inc/poche/Poche.class.php
index 646193f7..18860ddc 100644
--- a/inc/poche/Poche.class.php
+++ b/inc/poche/Poche.class.php
@@ -10,77 +10,200 @@
 
 class Poche
 {
+    public static $canRenderTemplates = true;
+    public static $configFileAvailable = true;
+
     public $user;
     public $store;
     public $tpl;
     public $messages;
     public $pagination;
-
-    function __construct()
+    
+    private $currentTheme = '';
+    private $notInstalledMessage = '';
+    
+    # @todo make this dynamic (actually install themes and save them in the database including author information et cetera)
+    private $installedThemes = array(
+        'default' => array('requires' => array()),
+        'dark' => array('requires' => array('default')),
+        'dmagenta' => array('requires' => array('default')),
+        'solarized' => array('requires' => array('default')),
+        'solarized-dark' => array('requires' => array('default'))
+    );
+
+    public function __construct()
     {
+        if (! $this->configFileIsAvailable()) {
+            return;
+        }
+        
+        $this->init();
+        
+        if (! $this->themeIsInstalled()) {
+            return;
+        }
+        
         $this->initTpl();
-        if (!$this->checkBeforeInstall()) {
-            exit;
+        
+        if (! $this->systemIsInstalled()) {
+            return;
         }
+           
         $this->store = new Database();
-        $this->init();
         $this->messages = new Messages();
 
         # installation
-        if(!$this->store->isInstalled())
-        {
+        if (! $this->store->isInstalled()) {
             $this->install();
         }
     }
+    
+    private function init() 
+    {
+        Tools::initPhp();
+        Session::$sessionName = 'poche'; 
+        Session::init();
 
+        if (isset($_SESSION['poche_user']) && $_SESSION['poche_user'] != array()) {
+            $this->user = $_SESSION['poche_user'];
+        } else {
+            # fake user, just for install & login screens
+            $this->user = new User();
+            $this->user->setConfig($this->getDefaultConfig());
+        }
+
+        # l10n
+        $language = $this->user->getConfigValue('language');
+        putenv('LC_ALL=' . $language);
+        setlocale(LC_ALL, $language);
+        bindtextdomain($language, LOCALE); 
+        textdomain($language); 
+
+        # Pagination
+        $this->pagination = new Paginator($this->user->getConfigValue('pager'), 'p');
+        
+        # Set up theme
+        $themeDirectory = $this->user->getConfigValue('theme');
+        
+        if ($themeDirectory === false) {
+            $themeDirectory = DEFAULT_THEME;
+        }
+        
+        $this->currentTheme = $themeDirectory;
+    }
+
+    public function configFileIsAvailable() {
+        if (! self::$configFileAvailable) {
+            $this->notInstalledMessage = 'You have to rename <strong>inc/poche/config.inc.php.new</strong> to <strong>inc/poche/config.inc.php</strong>.';
+
+            return false;
+        }
+
+        return true;
+    }
+    
+    public function themeIsInstalled() {
+        # Twig is an absolute requirement for Poche to function. Abort immediately if the Composer installer hasn't been run yet
+        if (! self::$canRenderTemplates) {
+            $this->notInstalledMessage = 'Twig does not seem to be installed. Please initialize the Composer installation to automatically fetch dependencies. Have a look at <a href="http://inthepoche.com/?pages/Documentation">the documentation.</a>';
+            
+            return false;
+        }
+        
+        # Check if the selected theme and its requirements are present
+        if (! is_dir(THEME . '/' . $this->getTheme())) {
+            $this->notInstalledMessage = 'The currently selected theme (' . $this->getTheme() . ') does not seem to be properly installed (Missing directory: ' . THEME . '/' . $this->getTheme() . ')';
+            
+            self::$canRenderTemplates = false;
+            
+            return false;
+        }
+        
+        foreach ($this->installedThemes[$this->getTheme()]['requires'] as $requiredTheme) {
+            if (! is_dir(THEME . '/' . $requiredTheme)) {
+                $this->notInstalledMessage = 'The required "' . $requiredTheme . '" theme is missing for the current theme (' . $this->getTheme() . ')';
+                
+                self::$canRenderTemplates = false;
+                
+                return false;
+            }
+        }
+        
+        return true;
+    }
+    
     /**
      * all checks before installation.
+     * @todo move HTML to template
      * @return boolean 
      */
-    private function checkBeforeInstall()
+    public function systemIsInstalled()
     {
         $msg = '';
-        $allIsGood = TRUE;
-
-        if (!is_writable(CACHE)) {
+        
+        $configSalt = defined('SALT') ? constant('SALT') : '';
+        
+        if (empty($configSalt)) {
+            $msg = '<h1>error</h1><p>You have not yet filled in the SALT value in the config.inc.php file.</p>';
+        } else if (! is_writable(CACHE)) {
             Tools::logm('you don\'t have write access on cache directory');
-            die('You don\'t have write access on cache directory.');
-        }
-        else if (file_exists('./install/update.php') && !DEBUG_POCHE) {
+            $msg = '<h1>error</h1><p>You don\'t have write access on cache directory.</p>';
+        } else if (STORAGE == 'sqlite' && ! file_exists(STORAGE_SQLITE)) {
+            Tools::logm('sqlite file doesn\'t exist');
+            $msg = '<h1>error</h1><p>sqlite file doesn\'t exist, you can find it in install folder. Copy it in /db folder.</p>';
+        } else if (file_exists(ROOT . '/install/update.php') && ! DEBUG_POCHE) {
             $msg = '<h1>setup</h1><p><strong>It\'s your first time here?</strong> Please copy /install/poche.sqlite in db folder. Then, delete install folder.<br /><strong>If you have already installed poche</strong>, an update is needed <a href="install/update.php">by clicking here</a>.</p>';
-            $allIsGood = FALSE;
-        }
-        else if (file_exists('./install') && !DEBUG_POCHE) {
+        } else if (is_dir(ROOT . '/install') && ! DEBUG_POCHE) {
             $msg = '<h1>setup</h1><p><strong>If you want to update your poche</strong>, you just have to delete /install folder. <br /><strong>To install your poche with sqlite</strong>, copy /install/poche.sqlite in /db and delete the folder /install. you have to delete the /install folder before using poche.</p>';
-            $allIsGood = FALSE;
-        }
-        else if (STORAGE == 'sqlite' && !is_writable(STORAGE_SQLITE)) {
+        } else if (STORAGE == 'sqlite' && ! is_writable(STORAGE_SQLITE)) {
             Tools::logm('you don\'t have write access on sqlite file');
             $msg = '<h1>error</h1><p>You don\'t have write access on sqlite file.</p>';
-            $allIsGood = FALSE;
         }
-        
-        if (!$allIsGood) {
-            echo $this->tpl->render('error.twig', array(
-                'msg' => $msg
-            ));
+
+        if (! empty($msg)) {
+            $this->notInstalledMessage = $msg;
+
+            return false;
         }
 
-        return $allIsGood;
+        return true;
+    }
+    
+    public function getNotInstalledMessage() {
+        return $this->notInstalledMessage;
     }
 
     private function initTpl()
     {
-        # template engine
-        $loader = new Twig_Loader_Filesystem(TPL);
+        $loaderChain = new Twig_Loader_Chain();
+       
+        # add the current theme as first to the loader chain so Twig will look there first for overridden template files
+        try {
+            $loaderChain->addLoader(new Twig_Loader_Filesystem(THEME . '/' . $this->getTheme()));
+        } catch (Twig_Error_Loader $e) {
+            # @todo isInstalled() should catch this, inject Twig later
+            die('The currently selected theme (' . $this->getTheme() . ') does not seem to be properly installed (' . THEME . '/' . $this->getTheme() .' is missing)');
+        }
+        
+        # add all required themes to the loader chain
+        foreach ($this->installedThemes[$this->getTheme()]['requires'] as $requiredTheme) {
+            try {
+                $loaderChain->addLoader(new Twig_Loader_Filesystem(THEME . '/' . DEFAULT_THEME));
+            } catch (Twig_Error_Loader $e) {
+                # @todo isInstalled() should catch this, inject Twig later
+                die('The required "' . $requiredTheme . '" theme is missing for the current theme (' . $this->getTheme() . ')');
+            }
+        }
+        
         if (DEBUG_POCHE) {
             $twig_params = array();
-        }
-        else {
+        } else {
             $twig_params = array('cache' => CACHE);
         }
-        $this->tpl = new Twig_Environment($loader, $twig_params);
+        
+        $this->tpl = new Twig_Environment($loaderChain, $twig_params);
         $this->tpl->addExtension(new Twig_Extensions_Extension_I18n());
+        
         # filter to display domain name of an url
         $filter = new Twig_SimpleFilter('getDomain', 'Tools::getDomain');
         $this->tpl->addFilter($filter);
@@ -88,38 +211,19 @@ class Poche
         # filter for reading time
         $filter = new Twig_SimpleFilter('getReadingTime', 'Tools::getReadingTime');
         $this->tpl->addFilter($filter);
-    }
-
-    private function init() 
-    {
-        Tools::initPhp();
-        Session::init();
-
-        if (isset($_SESSION['poche_user']) && $_SESSION['poche_user'] != array()) {
-            $this->user = $_SESSION['poche_user'];
-        }
-        else {
-            # fake user, just for install & login screens
-            $this->user = new User();
-            $this->user->setConfig($this->getDefaultConfig());
-        }
-
-        # l10n
-        $language = $this->user->getConfigValue('language');
-        putenv('LC_ALL=' . $language);
-        setlocale(LC_ALL, $language);
-        bindtextdomain($language, LOCALE); 
-        textdomain($language); 
-
-        # Pagination
-        $this->pagination = new Paginator($this->user->getConfigValue('pager'), 'p');
+        
+        # filter for simple filenames in config view
+        $filter = new Twig_SimpleFilter('getPrettyFilename', function($string) { return str_replace(ROOT, '', $string); });
+        $this->tpl->addFilter($filter);
     }
 
     private function install() 
     {
         Tools::logm('poche still not installed');
         echo $this->tpl->render('install.twig', array(
-            'token' => Session::getToken()
+            'token' => Session::getToken(),
+            'theme' => $this->getTheme(),
+            'poche_url' => Tools::getPocheUrl()
         ));
         if (isset($_GET['install'])) {
             if (($_POST['password'] == $_POST['password_repeat']) 
@@ -139,13 +243,41 @@ class Poche
         }
         exit();
     }
+    
+    public function getTheme() {
+        return $this->currentTheme;
+    }
+    
+    public function getInstalledThemes() {
+        $handle = opendir(THEME);
+        $themes = array();
+        
+        while (($theme = readdir($handle)) !== false) {
+            # Themes are stored in a directory, so all directory names are themes
+            # @todo move theme installation data to database
+            if (! is_dir(THEME . '/' . $theme) || in_array($theme, array('..', '.'))) {
+                continue;
+            }
+            
+            $current = false;
+            
+            if ($theme === $this->getTheme()) {
+                $current = true;
+            }
+            
+            $themes[] = array('name' => $theme, 'current' => $current);
+        }
+        
+        return $themes;
+    }
 
     public function getDefaultConfig()
-    {
+    {   
         return array(
             'pager' => PAGINATION,
             'language' => LANG,
-            );
+            'theme' => DEFAULT_THEME
+        );
     }
 
     /**
@@ -166,7 +298,7 @@ class Poche
                     }
                     $last_id = $this->store->getLastId($sequence);
                     if (DOWNLOAD_PICTURES) {
-                        $content = filtre_picture($parametres_url['body'], $url->getUrl(), $last_id);
+                        $content = filtre_picture($content['body'], $url->getUrl(), $last_id);
                         Tools::logm('updating content article');
                         $this->store->updateContent($last_id, $content, $this->user->getId());
                     }
@@ -182,7 +314,7 @@ class Poche
                 }
 
                 if (!$import) {
-                    Tools::redirect();
+                    Tools::redirect('?view=home');
                 }
                 break;
             case 'delete':
@@ -230,7 +362,9 @@ class Poche
                 $prod = $this->getPocheVersion('prod');
                 $compare_dev = version_compare(POCHE_VERSION, $dev);
                 $compare_prod = version_compare(POCHE_VERSION, $prod);
+                $themes = $this->getInstalledThemes();
                 $tpl_vars = array(
+                    'themes' => $themes,
                     'dev' => $dev,
                     'prod' => $prod,
                     'compare_dev' => $compare_dev,
@@ -247,25 +381,37 @@ class Poche
                         $tidy = tidy_parse_string($content, array('indent'=>true, 'show-body-only' => true), 'UTF8');
                         $tidy->cleanRepair();
                         $content = $tidy->value;
-                    }
-                    $tpl_vars = array(
+
+                        # flattr checking
+                        $flattr = new FlattrItem();
+                        $flattr->checkItem($entry['url']);
+
+                        $tpl_vars = array(
                         'entry' => $entry,
                         'content' => $content,
-                    );
+                        'flattr' => $flattr
+                        );
+                    }
                 }
                 else {
                     Tools::logm('error in view call : entry is null');
                 }
                 break;
-            default: # home view
+            default: # home, favorites and archive views 
                 $entries = $this->store->getEntriesByView($view, $this->user->getId());
-                $this->pagination->set_total(count($entries));
-                $page_links = $this->pagination->page_links('?view=' . $view . '&sort=' . $_SESSION['sort'] . '&');
-                $datas = $this->store->getEntriesByView($view, $this->user->getId(), $this->pagination->get_limit());
                 $tpl_vars = array(
-                    'entries' => $datas,
-                    'page_links' => $page_links,
+                    'entries' => '',
+                    'page_links' => '',
+                    'nb_results' => '',
                 );
+                if (count($entries) > 0) {
+                    $this->pagination->set_total(count($entries));
+                    $page_links = $this->pagination->page_links('?view=' . $view . '&sort=' . $_SESSION['sort'] . '&');
+                    $datas = $this->store->getEntriesByView($view, $this->user->getId(), $this->pagination->get_limit());
+                    $tpl_vars['entries'] = $datas;
+                    $tpl_vars['page_links'] = $page_links;
+                    $tpl_vars['nb_results'] = count($entries);
+                }
                 Tools::logm('display ' . $view . ' view');
                 break;
         }
@@ -303,6 +449,44 @@ class Poche
             }
         }
     }
+    
+    public function updateTheme()
+    {
+        # no data
+        if (empty($_POST['theme'])) {
+        }
+        
+        # we are not going to change it to the current theme...
+        if ($_POST['theme'] == $this->getTheme()) {
+            $this->messages->add('w', _('still using the "' . $this->getTheme() . '" theme!'));
+            Tools::redirect('?view=config');
+        }
+        
+        $themes = $this->getInstalledThemes();
+        $actualTheme = false;
+        
+        foreach ($themes as $theme) {
+            if ($theme['name'] == $_POST['theme']) {
+                $actualTheme = true;
+                break;
+            }
+        }
+        
+        if (! $actualTheme) {
+            $this->messages->add('e', _('that theme does not seem to be installed'));
+            Tools::redirect('?view=config');
+        }
+        
+        $this->store->updateUserConfig($this->user->getId(), 'theme', $_POST['theme']);
+        $this->messages->add('s', _('you have changed your theme preferences'));
+        
+        $currentConfig = $_SESSION['poche_user']->config;
+        $currentConfig['theme'] = $_POST['theme'];
+        
+        $_SESSION['poche_user']->setConfig($currentConfig);
+        
+        Tools::redirect('?view=config');
+    }
 
     /**
      * checks if login & password are correct and save the user in session.
@@ -318,16 +502,7 @@ class Poche
             if ($user != array()) {
                 # Save login into Session
                 Session::login($user['username'], $user['password'], $_POST['login'], Tools::encodeString($_POST['password'] . $_POST['login']), array('poche_user' => new User($user)));
-
                 $this->messages->add('s', _('welcome to your poche'));
-                if (!empty($_POST['longlastingsession'])) {
-                    $_SESSION['longlastingsession'] = 31536000;
-                    $_SESSION['expires_on'] = time() + $_SESSION['longlastingsession'];
-                    session_set_cookie_params($_SESSION['longlastingsession']);
-                } else {
-                    session_set_cookie_params(0);
-                }
-                session_regenerate_id(true);
                 Tools::logm('login successful');
                 Tools::redirect($referer);
             }
diff --git a/inc/poche/PocheReadability.php b/inc/poche/PocheReadability.php
new file mode 100644
index 00000000..48ae90d0
--- /dev/null
+++ b/inc/poche/PocheReadability.php
@@ -0,0 +1,46 @@
+<?php
+
+class PocheReadability extends Readability
+{
+    /**
+    * Get the article title as an H1.
+    *
+    * @return DOMElement
+    */
+    protected function getArticleTitle() {
+        $curTitle = '';
+        $origTitle = '';
+
+        try {
+            $curTitle = $origTitle = $this->getInnerText($this->dom->getElementsByTagName('title')->item(0));
+        } catch(Exception $e) {}
+        
+        if (preg_match('/ [\|\-] /', $curTitle))
+        {
+            $curTitle = preg_replace('/(.*)[\|\-] .*/i', '$1', $origTitle);
+            
+            if (count(explode(' ', $curTitle)) < 3) {
+                $curTitle = preg_replace('/[^\|\-]*[\|\-](.*)/i', '$1', $origTitle);
+            }
+        }
+        else if(strlen($curTitle) > 150 || strlen($curTitle) < 15)
+        {
+            $hOnes = $this->dom->getElementsByTagName('h1');
+            if($hOnes->length == 1)
+            {
+                $curTitle = $this->getInnerText($hOnes->item(0));
+            }
+        }
+
+        $curTitle = trim($curTitle);
+
+        if (count(explode(' ', $curTitle)) <= 4) {
+            $curTitle = $origTitle;
+        }
+        
+        $articleTitle = $this->dom->createElement('h1');
+        $articleTitle->innerHTML = $curTitle;
+        
+        return $articleTitle;
+    }
+}
\ No newline at end of file
diff --git a/inc/poche/Tools.class.php b/inc/poche/Tools.class.php
index 3a792d43..8eb988f4 100644
--- a/inc/poche/Tools.class.php
+++ b/inc/poche/Tools.class.php
@@ -84,9 +84,9 @@ class Tools
 
     public static function getTplFile($view)
     {
-        $tpl_file = 'home.twig';
-        switch ($view)
-        {
+        $default_tpl = 'home.twig';
+        
+        switch ($view) {
             case 'install':
                 $tpl_file = 'install.twig';
                 break;
@@ -102,9 +102,20 @@ class Tools
             case 'view':
                 $tpl_file = 'view.twig';
                 break;
+            
+            case 'login':
+                $tpl_file = 'login.twig';
+                break;
+                
+            case 'error':
+                $tpl_file = 'error.twig';
+                break;
+                
             default:
-            break;
+                $tpl_file = $default_tpl;
+                break;
         }
+        
         return $tpl_file;
     }
 
@@ -228,24 +239,8 @@ class Tools
         return $minutes;
     }
 
-
-    public static function createMyConfig()
-    {
-        $myconfig_file = './inc/poche/myconfig.inc.php';
-
-        if (!is_writable('./inc/poche/')) {
-            self::logm('you don\'t have write access to create ./inc/poche/myconfig.inc.php');
-            die('You don\'t have write access to create ./inc/poche/myconfig.inc.php.');
-        }
-
-        if (!file_exists($myconfig_file))
-        {
-            $fp = fopen($myconfig_file, 'w');
-            fwrite($fp, '<?php'."\r\n");
-            fwrite($fp, "define ('POCHE_VERSION', '1.0-beta4');" . "\r\n");
-            fwrite($fp, "define ('SALT', '" . md5(time() . $_SERVER['SCRIPT_FILENAME'] . rand()) . "');" . "\r\n");
-            fwrite($fp, "define ('LANG', 'en_EN.utf8');" . "\r\n");
-            fclose($fp);
-        }
+    public static function getDocLanguage($userlanguage) {
+        $lang = explode('.', $userlanguage);
+        return str_replace('_', '-', $lang[0]);
     }
 }
\ No newline at end of file
diff --git a/inc/poche/Url.class.php b/inc/poche/Url.class.php
index 5a893014..600a2166 100644
--- a/inc/poche/Url.class.php
+++ b/inc/poche/Url.class.php
@@ -354,7 +354,7 @@ class Url
         }
         if (isset($splink)) {
             // Build DOM tree from HTML
-            $readability = new Readability($html, $url);
+            $readability = new PocheReadability($html, $url);
             $xpath = new DOMXPath($readability->dom);
             // Loop through single_page_link xpath expressions
             $single_page_url = null;
diff --git a/inc/poche/config.inc.php b/inc/poche/config.inc.php
deleted file mode 100755
index a1917295..00000000
--- a/inc/poche/config.inc.php
+++ /dev/null
@@ -1,59 +0,0 @@
-<?php
-/**
- * poche, a read it later open source system
- *
- * @category   poche
- * @author     Nicolas Lœuillet <nicolas@loeuillet.org>
- * @copyright  2013
- * @license    http://www.wtfpl.net/ see COPYING file
- */
-
-require_once __DIR__ . '/../../inc/poche/define.inc.php';
-
-# /!\ Be careful if you change the lines below /!\
-if (!file_exists(__DIR__ . '/../../vendor/autoload.php')) {
-    die('Twig does not seem installed. Have a look at <a href="http://inthepoche.com/?pages/Documentation">the documentation.</a>');
-}
-
-// if (file_exists(__DIR__ . '/../../inc/poche/myconfig.inc.php')) {
-    // require_once __DIR__ . '/../../inc/poche/myconfig.inc.php';
-// }
-require_once __DIR__ . '/../../inc/poche/User.class.php';
-require_once __DIR__ . '/../../inc/poche/Url.class.php';
-require_once __DIR__ . '/../../inc/3rdparty/class.messages.php';
-require_once __DIR__ . '/../../inc/poche/Poche.class.php';
-require_once __DIR__ . '/../../inc/3rdparty/Readability.php';
-require_once __DIR__ . '/../../inc/3rdparty/Encoding.php';
-require_once __DIR__ . '/../../inc/poche/Database.class.php';
-require_once __DIR__ . '/../../vendor/autoload.php';
-require_once __DIR__ . '/../../inc/3rdparty/simple_html_dom.php';
-require_once __DIR__ . '/../../inc/3rdparty/paginator.php';
-require_once __DIR__ . '/../../inc/3rdparty/Session.class.php';
-
-require_once __DIR__ . '/../../inc/3rdparty/simplepie/SimplePieAutoloader.php';
-require_once __DIR__ . '/../../inc/3rdparty/simplepie/SimplePie/Core.php';
-require_once __DIR__ . '/../../inc/3rdparty/content-extractor/ContentExtractor.php';
-require_once __DIR__ . '/../../inc/3rdparty/content-extractor/SiteConfig.php';
-require_once __DIR__ . '/../../inc/3rdparty/humble-http-agent/HumbleHttpAgent.php';
-require_once __DIR__ . '/../../inc/3rdparty/humble-http-agent/SimplePie_HumbleHttpAgent.php';
-require_once __DIR__ . '/../../inc/3rdparty/humble-http-agent/CookieJar.php';
-require_once __DIR__ . '/../../inc/3rdparty/feedwriter/FeedItem.php';
-require_once __DIR__ . '/../../inc/3rdparty/feedwriter/FeedWriter.php';
-require_once __DIR__ . '/../../inc/3rdparty/feedwriter/DummySingleItemFeed.php';
-
-if (DOWNLOAD_PICTURES) {
-    require_once __DIR__ . '/../../inc/poche/pochePictures.php';
-}
-
-if (!ini_get('date.timezone') || !@date_default_timezone_set(ini_get('date.timezone'))) {
-    date_default_timezone_set('UTC');
-}
-
-$poche = new Poche();
-#XSRF protection with token
-// if (!empty($_POST)) {
-//     if (!Session::isToken($_POST['token'])) {
-//         die(_('Wrong token'));
-//     }
-//     unset($_SESSION['tokens']);
-// }
\ No newline at end of file
diff --git a/inc/poche/config.inc.php.new b/inc/poche/config.inc.php.new
new file mode 100755
index 00000000..48cc5783
--- /dev/null
+++ b/inc/poche/config.inc.php.new
@@ -0,0 +1,56 @@
+<?php
+/**
+ * poche, a read it later open source system
+ *
+ * @category   poche
+ * @author     Nicolas Lœuillet <support@inthepoche.com>
+ * @copyright  2013
+ * @license    http://www.wtfpl.net/ see COPYING file
+ */
+
+define ('SALT', ''); # put a strong string here
+define ('LANG', 'en_EN.utf8');
+
+define ('STORAGE', 'sqlite'); # postgres, mysql or sqlite
+
+define ('STORAGE_SQLITE', ROOT . '/db/poche.sqlite'); # if you are using sqlite, where the database file is located
+
+# only for postgres & mysql
+define ('STORAGE_SERVER', 'localhost');
+define ('STORAGE_DB', 'poche');
+define ('STORAGE_USER', 'poche');
+define ('STORAGE_PASSWORD', 'poche');
+
+#################################################################################
+# Do not trespass unless you know what you are doing
+#################################################################################
+
+define ('MODE_DEMO', FALSE);
+define ('DEBUG_POCHE', true);
+define ('DOWNLOAD_PICTURES', FALSE);
+define ('CONVERT_LINKS_FOOTNOTES', FALSE);
+define ('REVERT_FORCED_PARAGRAPH_ELEMENTS', FALSE);
+define ('SHARE_TWITTER', TRUE);
+define ('SHARE_MAIL', TRUE);
+define ('SHARE_SHAARLI', FALSE);
+define ('SHAARLI_URL', 'http://myshaarliurl.com');
+define ('FLATTR', TRUE);
+define ('FLATTR_API', 'https://api.flattr.com/rest/v2/things/lookup/?url=');
+define ('NOT_FLATTRABLE', '0');
+define ('FLATTRABLE', '1');
+define ('FLATTRED', '2');
+define ('ABS_PATH', 'assets/');
+
+define ('DEFAULT_THEME', 'default');
+
+define ('THEME', ROOT . '/themes');
+define ('LOCALE', ROOT . '/locale');
+define ('CACHE', ROOT . '/cache');
+
+define ('PAGINATION', '10');
+
+define ('POCHE_VERSION', '1.0-beta5');
+
+define ('IMPORT_POCKET_FILE', ROOT . '/ril_export.html');
+define ('IMPORT_READABILITY_FILE', ROOT . '/readability');
+define ('IMPORT_INSTAPAPER_FILE', ROOT . '/instapaper-export.html');
\ No newline at end of file
diff --git a/inc/poche/define.inc.php b/inc/poche/define.inc.php
index 3f667430..40f77b5c 100644
--- a/inc/poche/define.inc.php
+++ b/inc/poche/define.inc.php
@@ -3,7 +3,7 @@
  * poche, a read it later open source system
  *
  * @category   poche
- * @author     Nicolas Lœuillet <nicolas@loeuillet.org>
+ * @author     Nicolas Lœuillet <support@inthepoche.com>
  * @copyright  2013
  * @license    http://www.wtfpl.net/ see COPYING file
  */
@@ -22,6 +22,11 @@ define ('SHARE_TWITTER', TRUE);
 define ('SHARE_MAIL', TRUE);
 define ('SHARE_SHAARLI', FALSE);
 define ('SHAARLI_URL', 'http://myshaarliurl.com');
+define ('FLATTR', TRUE);
+define ('FLATTR_API', 'https://api.flattr.com/rest/v2/things/lookup/?url=');
+define ('NOT_FLATTRABLE', '0');
+define ('FLATTRABLE', '1');
+define ('FLATTRED', '2');
 define ('ABS_PATH', 'assets/');
 define ('TPL', __DIR__ . '/../../tpl');
 define ('LOCALE', __DIR__  . '/../../locale');
diff --git a/inc/poche/global.inc.php b/inc/poche/global.inc.php
new file mode 100644
index 00000000..65a026a7
--- /dev/null
+++ b/inc/poche/global.inc.php
@@ -0,0 +1,64 @@
+<?php
+/**
+ * poche, a read it later open source system
+ *
+ * @category   poche
+ * @author     Nicolas Lœuillet <support@inthepoche.com>
+ * @copyright  2013
+ * @license    http://www.wtfpl.net/ see COPYING file
+ */
+
+# the poche system root directory (/inc)
+define('INCLUDES', dirname(__FILE__) . '/..');
+
+# the poche root directory
+define('ROOT', INCLUDES . '/..');
+
+require_once INCLUDES . '/poche/Tools.class.php';
+require_once INCLUDES . '/poche/User.class.php';
+require_once INCLUDES . '/poche/Url.class.php';
+require_once INCLUDES . '/3rdparty/class.messages.php';
+require_once INCLUDES . '/poche/Poche.class.php';
+
+require_once INCLUDES . '/3rdparty/Readability.php';
+require_once INCLUDES . '/poche/PocheReadability.php';
+
+require_once INCLUDES . '/3rdparty/Encoding.php';
+require_once INCLUDES . '/poche/Database.class.php';
+require_once INCLUDES . '/3rdparty/simple_html_dom.php';
+require_once INCLUDES . '/3rdparty/paginator.php';
+require_once INCLUDES . '/3rdparty/Session.class.php';
+
+require_once INCLUDES . '/3rdparty/simplepie/SimplePieAutoloader.php';
+require_once INCLUDES . '/3rdparty/simplepie/SimplePie/Core.php';
+require_once INCLUDES . '/3rdparty/content-extractor/ContentExtractor.php';
+require_once INCLUDES . '/3rdparty/content-extractor/SiteConfig.php';
+require_once INCLUDES . '/3rdparty/humble-http-agent/HumbleHttpAgent.php';
+require_once INCLUDES . '/3rdparty/humble-http-agent/SimplePie_HumbleHttpAgent.php';
+require_once INCLUDES . '/3rdparty/humble-http-agent/CookieJar.php';
+require_once INCLUDES . '/3rdparty/feedwriter/FeedItem.php';
+require_once INCLUDES . '/3rdparty/feedwriter/FeedWriter.php';
+require_once INCLUDES . '/3rdparty/feedwriter/DummySingleItemFeed.php';
+require_once INCLUDES . '/3rdparty/FlattrItem.class.php';
+
+# Composer its autoloader for automatically loading Twig
+if (! file_exists(ROOT . '/vendor/autoload.php')) {
+    Poche::$canRenderTemplates = false;
+} else {
+    require_once ROOT . '/vendor/autoload.php';
+}
+
+# system configuration; database credentials et cetera
+if (! file_exists(INCLUDES . '/poche/config.inc.php')) {
+    Poche::$configFileAvailable = false;
+} else {
+    require_once INCLUDES . '/poche/config.inc.php';
+}
+
+if (Poche::$configFileAvailable && DOWNLOAD_PICTURES) {
+    require_once  INCLUDES . '/poche/pochePictures.php';
+}
+
+if (!ini_get('date.timezone') || !@date_default_timezone_set(ini_get('date.timezone'))) {
+    date_default_timezone_set('UTC');
+}
\ No newline at end of file