Merge branch 'FreshRSS/dev' into sql_hash_lastUpdate

5 files changed, 95 insertions, 3 deletions

diff --git a/README.fr.md b/README.fr.md
index 380d7bc1e..6c77ccf51 100644
--- a/README.fr.md
+++ b/README.fr.md
@@ -32,7 +32,7 @@ Privilégiez pour cela des demandes sur GitHub
 	* Fonctionne même sur un Raspberry Pi avec des temps de réponse < 1s (testé sur 150 flux, 22k articles, soit 32Mo de données partiellement compressées)
 * Serveur Web Apache2 (recommandé), ou nginx, lighttpd (non testé sur les autres)
 * PHP 5.2.1+ (PHP 5.3.7+ recommandé)
-	* Requis : [PDO_MySQL](http://php.net/pdo-mysql) ou [PDO_SQLite](http://php.net/pdo-sqlite), [cURL](http://php.net/curl), [GMP](http://php.net/gmp) (seulement pour accès API sur platformes < 64 bits)
+	* Requis : [PDO_MySQL](http://php.net/pdo-mysql) ou [PDO_SQLite](http://php.net/pdo-sqlite), [cURL](http://php.net/curl), [GMP](http://php.net/gmp) (pour accès API sur platformes < 64 bits), [IDN](http://php.net/intl.idn) (pour les noms de domaines internationalisés)
 	* Recommandés : [JSON](http://php.net/json), [mbstring](http://php.net/mbstring), [zlib](http://php.net/zlib), [Zip](http://php.net/zip)
 * MySQL 5.0.3+ (recommandé) ou SQLite 3.7.4+
 * Un navigateur Web récent tel Firefox 4+, Chrome, Opera, Safari, Internet Explorer 9+
@@ -46,6 +46,7 @@ Privilégiez pour cela des demandes sur GitHub
 3. Le serveur Web doit avoir les droits d’écriture dans le répertoire `./data/`
 4. Accédez à FreshRSS à travers votre navigateur Web et suivez les instructions d’installation
 5. Tout devrait fonctionner :) En cas de problème, n’hésitez pas à me contacter.
+6. Des paramètres de configuration avancée peuvent être accédés depuis [config.php](./data/config.default.php).
 
 # Contrôle d’accès
 Il est requis pour le mode multi-utilisateur, et recommandé dans tous les cas, de limiter l’accès à votre FreshRSS. Au choix :
diff --git a/README.md b/README.md
index a09a64639..089bbd780 100644
--- a/README.md
+++ b/README.md
@@ -32,7 +32,7 @@ The best way is to open issues on GitHub
 	* It even works on Raspberry Pi with response time under a second (tested with 150 feeds, 22k articles, or 32Mo of compressed data)
 * A web server: Apache2 (recommanded), nginx, lighttpd (not tested on others)
 * PHP 5.2.1+ (PHP 5.3.7+ recommanded)
-	* Required extensions: [PDO_MySQL](http://php.net/pdo-mysql) or [PDO_SQLite](http://php.net/pdo-sqlite), [cURL](http://php.net/curl), [GMP](http://php.net/gmp) (only for API access on platforms under 64 bits)
+	* Required extensions: [PDO_MySQL](http://php.net/pdo-mysql) or [PDO_SQLite](http://php.net/pdo-sqlite), [cURL](http://php.net/curl), [GMP](http://php.net/gmp) (for API access on platforms < 64 bits), [IDN](http://php.net/intl.idn) (for Internationalized Domain Names)
 	* Recommanded extensions : [JSON](http://php.net/json), [mbstring](http://php.net/mbstring), [zlib](http://php.net/zlib), [Zip](http://php.net/zip)
 * MySQL 5.0.3+ (recommanded) or SQLite 3.7.4+
 * A recent browser like Firefox 4+, Chrome, Opera, Safari, Internet Explorer 9+
@@ -46,6 +46,7 @@ The best way is to open issues on GitHub
 3. Add write access on `./data/` folder to the webserver user
 4. Access FreshRSS with your browser and follow the installation process
 5. Every thing should be working :) If you encounter any problem, feel free to contact me.
+6. Advanced configuration settings can be seen in [config.php](./data/config.default.php).
 
 # Access control
 It is needed for the multi-user mode to limit access to FreshRSS. You can:
diff --git a/app/Models/ConfigurationSetter.php b/app/Models/ConfigurationSetter.php
index d7689752f..7f433239c 100644
--- a/app/Models/ConfigurationSetter.php
+++ b/app/Models/ConfigurationSetter.php
@@ -117,7 +117,9 @@ class FreshRSS_ConfigurationSetter {
 	private function _queries(&$data, $values) {
 		$data['queries'] = array();
 		foreach ($values as $value) {
-			$data['queries'][] = $value->toArray();
+			if ($value instanceof FreshRSS_UserQuery) {
+				$data['queries'][] = $value->toArray();
+			}
 		}
 	}
 
diff --git a/data/config.default.php b/data/config.default.php
index 839bd1687..8be203d36 100644
--- a/data/config.default.php
+++ b/data/config.default.php
@@ -1,32 +1,104 @@
 <?php
 
+# Do not modify this file, which is only a template.
+# See `config.php` after the install process is completed.
 return array(
+
+	# Set to `development` to get additional error messages,
+	#	or to `production` to get only the most important messages.
 	'environment' => 'production',
+
+	# Used to make crypto more unique. Generated during install.
 	'salt' => '',
+
+	# Leave empty for most cases.
+	# Ability to override the address of the FreshRSS instance,
+	# used when building absolute URLs.
 	'base_url' => '',
+
+	# Natural language of the user interface, e.g. `en`, `fr`.
 	'language' => 'en',
+
+	# Title of this FreshRSS instance in the Web user interface.
 	'title' => 'FreshRSS',
+
+	# Name of the user that has administration rights.
 	'default_user' => '_',
+
+	# Allow or not visitors without login to see the articles
+	#	of the default user.
 	'allow_anonymous' => false,
+
+	# Allow or not anonymous users to start the refresh process.
 	'allow_anonymous_refresh' => false,
+
+	# Login method:
+	#	`none` is without password and shows only the default user;
+	#	`form` is a conventional Web login form;
+	#	`persona` is the email-based login by Mozilla;
+	#	`http_auth` is an access controled by the HTTP Web server (e.g. `/FreshRSS/p/i/.htaccess` for Apache)
+	#		if you use `http_auth`, remember to protect only `/FreshRSS/p/i/`,
+	#		and in particular not protect `/FreshRSS/p/api/` if you would like to use the API (different login system).
 	'auth_type' => 'none',
+
+	# Allow or not the use of the API, used for mobile apps.
+	#	End-point is http://example.net/FreshRSS/p/api/greader.php
+	#	You need to set the user's API password.
 	'api_enabled' => false,
+
+	# Allow or not the use of an unsafe login,
+	#	by providing username and password in the login URL:
+	#	http://example.net/FreshRSS/p/i/?c=auth&a=login&u=alice&p=1234
 	'unsafe_autologin_enabled' => false,
+
+	# Enable or not the use of syslog to log the activity of
+	#	SimplePie, which is retrieving RSS feeds via HTTP requests.
 	'simplepie_syslog_enabled' => true,
+
 	'limits' => array(
+
+		# Duration in seconds of the SimplePie cache,
+		#	during which a query to the RSS feed will return the local cached version.
+		# Especially important for multi-user setups.
 		'cache_duration' => 800,
+
+		# SimplePie HTTP request timeout in seconds.
 		'timeout' => 10,
+
+		# If a user has not used FreshRSS for more than x seconds,
+		#	then its feeds are not refreshed anymore.
 		'max_inactivity' => PHP_INT_MAX,
+
+		# Max number of feeds for a user.
 		'max_feeds' => 16384,
+
+		# Max number of categories for a user.
 		'max_categories' => 16384,
+
 	),
+
 	'db' => array(
+
+		# Type of database: `sqlite` or `mysql`.
 		'type' => 'sqlite',
+
+		# MySQL host.
 		'host' => '',
+
+		# MySQL user.
 		'user' => '',
+
+		# MySQL password.
 		'password' => '',
+
+		# MySQL database.
 		'base' => '',
+
+		# MySQL table prefix.
 		'prefix' => '',
+
 	),
+
+	# List of enabled FreshRSS extensions.
 	'extensions_enabled' => array(),
 );
diff --git a/lib/lib_rss.php b/lib/lib_rss.php
index db8fa63d1..6342011c8 100644
--- a/lib/lib_rss.php
+++ b/lib/lib_rss.php
@@ -51,6 +51,21 @@ function classAutoloader($class) {
 spl_autoload_register('classAutoloader');
 //</Auto-loading>
 
+function idn_to_puny($url) {
+	if (function_exists('idn_to_ascii')) {
+		$parts = parse_url($url);
+		if (!empty($parts['host'])) {
+			$idn = $parts['host'];
+			$puny = idn_to_ascii($idn);
+			$pos = strpos($url, $idn);
+			if ($pos !== false) {
+				return substr_replace($url, $puny, $pos, strlen($idn));
+			}
+		}
+	}
+	return $url;
+}
+
 function checkUrl($url) {
 	if (empty ($url)) {
 		return '';
@@ -58,6 +73,7 @@ function checkUrl($url) {
 	if (!preg_match ('#^https?://#i', $url)) {
 		$url = 'http://' . $url;
 	}
+	$url = idn_to_puny($url);	//PHP bug #53474 IDN
 	if (filter_var($url, FILTER_VALIDATE_URL) ||
 		(version_compare(PHP_VERSION, '5.3.3', '<') && (strpos($url, '-') > 0) &&	//PHP bug #51192
 		 ($url === filter_var($url, FILTER_SANITIZE_URL)))) {