Merge branch 'FreshRSS/dev' into FreshRSS/dev-1.14.0

5 files changed, 22 insertions, 12 deletions

diff --git a/app/Controllers/authController.php b/app/Controllers/authController.php
index 5ad1a51d9..3b2d78b19 100644
--- a/app/Controllers/authController.php
+++ b/app/Controllers/authController.php
@@ -79,8 +79,12 @@ class FreshRSS_auth_Controller extends Minz_ActionController {
 			Minz_Request::forward(array('c' => 'auth', 'a' => 'formLogin'));
 			break;
 		case 'http_auth':
+			Minz_Error::error(403, array('error' => array(_t('feedback.access.denied'),
+					' [HTTP Remote-User=' . htmlspecialchars(httpAuthUser(), ENT_NOQUOTES, 'UTF-8') . ']'
+				)), false);
+			break;
 		case 'none':
-			// It should not happened!
+			// It should not happen!
 			Minz_Error::error(404);
 		default:
 			// TODO load plugin instead
diff --git a/app/Models/Auth.php b/app/Models/Auth.php
index 9c3e31952..513a9cb2f 100644
--- a/app/Models/Auth.php
+++ b/app/Models/Auth.php
@@ -28,13 +28,13 @@ class FreshRSS_Auth {
 
 		if (self::$login_ok) {
 			self::giveAccess();
-		} elseif (self::accessControl()) {
-			self::giveAccess();
+		} elseif (self::accessControl() && self::giveAccess()) {
 			FreshRSS_UserDAO::touch();
 		} else {
 			// Be sure all accesses are removed!
 			self::removeAccess();
 		}
+		return self::$login_ok;
 	}
 
 	/**
@@ -60,7 +60,7 @@ class FreshRSS_Auth {
 			return $current_user != '';
 		case 'http_auth':
 			$current_user = httpAuthUser();
-			$login_ok = $current_user != '';
+			$login_ok = $current_user != '' && FreshRSS_UserDAO::exists($current_user);
 			if ($login_ok) {
 				Minz_Session::_param('currentUser', $current_user);
 			}
@@ -81,7 +81,7 @@ class FreshRSS_Auth {
 		$user_conf = get_user_configuration($current_user);
 		if ($user_conf == null) {
 			self::$login_ok = false;
-			return;
+			return false;
 		}
 		$system_conf = Minz_Configuration::get('system');
 
@@ -102,6 +102,7 @@ class FreshRSS_Auth {
 
 		Minz_Session::_param('loginOk', self::$login_ok);
 		Minz_Session::_param('REMOTE_USER', httpAuthUser());
+		return self::$login_ok;
 	}
 
 	/**
diff --git a/app/Models/Entry.php b/app/Models/Entry.php
index 985276734..f2f3d08fe 100644
--- a/app/Models/Entry.php
+++ b/app/Models/Entry.php
@@ -209,6 +209,7 @@ class FreshRSS_Entry extends Minz_Model {
 		$feed_timeout = empty($attributes['timeout']) ? 0 : intval($attributes['timeout']);
 
 		if ($system_conf->simplepie_syslog_enabled) {
+			prepareSyslog();
 			syslog(LOG_INFO, 'FreshRSS GET ' . SimplePie_Misc::url_remove_credentials($url));
 		}
 
diff --git a/app/Models/UserDAO.php b/app/Models/UserDAO.php
index 5fb46c947..e9d3a7329 100644
--- a/app/Models/UserDAO.php
+++ b/app/Models/UserDAO.php
@@ -65,7 +65,7 @@ class FreshRSS_UserDAO extends Minz_ModelPdo {
 		require_once(APP_PATH . '/SQL/install.sql.' . $db['type'] . '.php');
 
 		if ($db['type'] === 'sqlite') {
-			return unlink(join_path(DATA_PATH, 'users', $username, 'db.sqlite'));
+			return unlink(USERS_PATH . '/' . $username . '/db.sqlite');
 		} else {
 			$userPDO = new Minz_ModelPdo($username);
 
@@ -81,18 +81,18 @@ class FreshRSS_UserDAO extends Minz_ModelPdo {
 		}
 	}
 
-	public static function exist($username) {
-		return is_dir(join_path(DATA_PATH, 'users', $username));
+	public static function exists($username) {
+		return is_dir(USERS_PATH . '/' . $username);
 	}
 
 	public static function touch($username = '') {
 		if (!FreshRSS_user_Controller::checkUsername($username)) {
 			$username = Minz_Session::param('currentUser', '_');
 		}
-		return touch(join_path(DATA_PATH, 'users', $username, 'config.php'));
+		return touch(USERS_PATH . '/' . $username . '/config.php');
 	}
 
 	public static function mtime($username) {
-		return @filemtime(join_path(DATA_PATH, 'users', $username, 'config.php'));
+		return @filemtime(USERS_PATH . '/' . $username . '/config.php');
 	}
 }
diff --git a/app/actualize_script.php b/app/actualize_script.php
index ba9660a14..f1dec5640 100755
--- a/app/actualize_script.php
+++ b/app/actualize_script.php
@@ -12,6 +12,9 @@ if (defined('STDOUT')) {
 	fwrite(STDOUT, 'Starting feed actualization at ' . $begin_date->format('c') . "\n");	//Unbuffered
 }
 
+prepareSyslog();
+syslog(LOG_INFO, 'FreshRSS Start feeds actualization...');
+
 // Set the header params ($_GET) to call the FRSS application.
 $_GET['c'] = 'feed';
 $_GET['a'] = 'actualize';
@@ -64,7 +67,7 @@ foreach ($users as $user) {
 	if (!invalidateHttpCache()) {
 		Minz_Log::warning('FreshRSS write access problem in ' . join_path(USERS_PATH, $user, 'log.txt'), ADMIN_LOG);
 		if (defined('STDERR')) {
-			fwrite(STDERR, 'Write access problem in ' . join_path(USERS_PATH, $user, 'log.txt') . "\n");
+			fwrite(STDERR, 'FreshRSS write access problem in ' . join_path(USERS_PATH, $user, 'log.txt') . "\n");
 		}
 	}
 }
@@ -75,7 +78,8 @@ if (defined('STDOUT')) {
 	$end_date = date_create('now');
 	$duration = date_diff($end_date, $begin_date);
 	fwrite(STDOUT, 'Ending feed actualization at ' . $end_date->format('c') . "\n");	//Unbuffered
-	fwrite(STDOUT, 'Feed actualizations took ' . $duration->format('%a day(s), %h hour(s),  %i minute(s) and %s seconds') . ' for ' . count($users) . " users\n");	//Unbuffered
+	fwrite(STDOUT, 'Feed actualizations took ' . $duration->format('%a day(s), %h hour(s), %i minute(s) and %s seconds') . ' for ' . count($users) . " users\n");	//Unbuffered
 }
 echo 'End.', "\n";
 ob_end_flush();
+syslog(LOG_INFO, 'FreshRSS feeds actualization done.');