Merge branch 'dev' into 411-update-system

Conflicts: constants.php
author: Marien Fressinaud <dev@marienfressinaud.fr> 2014-09-08 19:26:35 +0200
committer: Marien Fressinaud <dev@marienfressinaud.fr> 2014-09-08 19:26:35 +0200
commit: ef1b35fc4385c99c4d38e3f87e8126d0dbe21519 (patch)
tree: c2127f92281084c3cb28f635dea63a9a179eabbb /lib
parent: 909d8747ba09f9c9a6ac895f1f4f0763bdb27a55 (diff)
parent: c3fd8877c021b86180b3bea4d4260e6478f0558e (diff)
5 files changed, 146 insertions, 83 deletions
diff --git a/lib/Minz/Helper.php b/lib/Minz/Helper.php
index b058211d3..f4a547c4e 100644
--- a/lib/Minz/Helper.php
+++ b/lib/Minz/Helper.php
@@ -12,11 +12,22 @@ class Minz_Helper {
 	 * Annule les effets des magic_quotes pour une variable donnée
 	 * @param $var variable à traiter (tableau ou simple variable)
 	 */
-	public static function stripslashes_r ($var) {
-		if (is_array ($var)){
-			return array_map (array ('Helper', 'stripslashes_r'), $var);
+	public static function stripslashes_r($var) {
+		if (is_array($var)){
+			return array_map(array('Minz_Helper', 'stripslashes_r'), $var);
 		} else {
 			return stripslashes($var);
 		}
 	}
+
+	/**
+	 * Wrapper for htmlspecialchars.
+	 * Force UTf-8 value and can be used on array too.
+	 */
+	public static function htmlspecialchars_utf8($var) {
+		if (is_array($var)) {
+			return array_map(array('Minz_Helper', 'htmlspecialchars_utf8'), $var);
+		}
+		return htmlspecialchars($var, ENT_COMPAT, 'UTF-8');
+	}
 }
diff --git a/lib/Minz/Request.php b/lib/Minz/Request.php
index 755784522..ec4e25a6b 100644
--- a/lib/Minz/Request.php
+++ b/lib/Minz/Request.php
@@ -10,7 +10,7 @@
 class Minz_Request {
 	private static $controller_name = '';
 	private static $action_name = '';
-	private static $params = array ();
+	private static $params = array();
 
 	private static $default_controller_name = 'index';
 	private static $default_action_name = 'index';
@@ -18,59 +18,53 @@ class Minz_Request {
 	/**
 	 * Getteurs
 	 */
-	public static function controllerName () {
+	public static function controllerName() {
 		return self::$controller_name;
 	}
-	public static function actionName () {
+	public static function actionName() {
 		return self::$action_name;
 	}
-	public static function params () {
+	public static function params() {
 		return self::$params;
 	}
-	static function htmlspecialchars_utf8 ($p) {
-		if (is_array($p)) {
-			return array_map('self::htmlspecialchars_utf8', $p);
-		}
-		return htmlspecialchars($p, ENT_COMPAT, 'UTF-8');
-	}
-	public static function param ($key, $default = false, $specialchars = false) {
-		if (isset (self::$params[$key])) {
+	public static function param($key, $default = false, $specialchars = false) {
+		if (isset(self::$params[$key])) {
 			$p = self::$params[$key];
-			if(is_object($p) || $specialchars) {
+			if (is_object($p) || $specialchars) {
 				return $p;
 			} else {
-				return self::htmlspecialchars_utf8($p);
+				return Minz_Helper::htmlspecialchars_utf8($p);
 			}
 		} else {
 			return $default;
 		}
 	}
-	public static function defaultControllerName () {
+	public static function defaultControllerName() {
 		return self::$default_controller_name;
 	}
-	public static function defaultActionName () {
+	public static function defaultActionName() {
 		return self::$default_action_name;
 	}
 
 	/**
 	 * Setteurs
 	 */
-	public static function _controllerName ($controller_name) {
+	public static function _controllerName($controller_name) {
 		self::$controller_name = $controller_name;
 	}
-	public static function _actionName ($action_name) {
+	public static function _actionName($action_name) {
 		self::$action_name = $action_name;
 	}
-	public static function _params ($params) {
+	public static function _params($params) {
 		if (!is_array($params)) {
-			$params = array ($params);
+			$params = array($params);
 		}
 
 		self::$params = $params;
 	}
-	public static function _param ($key, $value = false) {
+	public static function _param($key, $value = false) {
 		if ($value === false) {
-			unset (self::$params[$key]);
+			unset(self::$params[$key]);
 		} else {
 			self::$params[$key] = $value;
 		}
@@ -79,22 +73,36 @@ class Minz_Request {
 	/**
 	 * Initialise la Request
 	 */
-	public static function init () {
-		self::magicQuotesOff ();
+	public static function init() {
+		self::magicQuotesOff();
 	}
 
 	/**
 	 * Retourn le nom de domaine du site
 	 */
-	public static function getDomainName () {
+	public static function getDomainName() {
 		return $_SERVER['HTTP_HOST'];
 	}
 
+	public static function isRefererFromSameDomain() {
+		if (empty($_SERVER['HTTP_REFERER'])) {
+			return false;
+		}
+		$host = parse_url(((isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on') ? 'https://' : 'http://') .
+			(empty($_SERVER['HTTP_HOST']) ? $_SERVER['SERVER_NAME'] : $_SERVER['HTTP_HOST']));
+		$referer = parse_url($_SERVER['HTTP_REFERER']);
+		if (empty($host['scheme']) || empty($referer['scheme']) || $host['scheme'] !== $referer['scheme'] ||
+		    empty($host['host']) || empty($referer['host']) || $host['host'] !== $referer['host']) {
+			return false;
+		}
+		return (isset($host['port']) ? $host['port'] : 0) === (isset($referer['port']) ? $referer['port'] : 0);
+	}
+
 	/**
 	 * Détermine la base de l'url
 	 * @return la base de l'url
 	 */
-	public static function getBaseUrl () {
+	public static function getBaseUrl() {
 		$defaultBaseUrl = Minz_Configuration::baseUrl();
 		if (!empty($defaultBaseUrl)) {
 			return $defaultBaseUrl;
@@ -109,13 +117,13 @@ class Minz_Request {
 	 * Récupère l'URI de la requête
 	 * @return l'URI
 	 */
-	public static function getURI () {
-		if (isset ($_SERVER['REQUEST_URI'])) {
-			$base_url = self::getBaseUrl ();
+	public static function getURI() {
+		if (isset($_SERVER['REQUEST_URI'])) {
+			$base_url = self::getBaseUrl();
 			$uri = $_SERVER['REQUEST_URI'];
 
-			$len_base_url = strlen ($base_url);
-			$real_uri = substr ($uri, $len_base_url);
+			$len_base_url = strlen($base_url);
+			$real_uri = substr($uri, $len_base_url);
 		} else {
 			$real_uri = '';
 		}
@@ -129,16 +137,16 @@ class Minz_Request {
 	 * @param $redirect si vrai, force la redirection http
 	 *                > sinon, le dispatcher recharge en interne
 	 */
-	public static function forward ($url = array (), $redirect = false) {
-		$url = Minz_Url::checkUrl ($url);
+	public static function forward($url = array(), $redirect = false) {
+		$url = Minz_Url::checkUrl($url);
 
 		if ($redirect) {
-			header ('Location: ' . Minz_Url::display ($url, 'php'));
-			exit ();
+			header('Location: ' . Minz_Url::display($url, 'php'));
+			exit();
 		} else {
-			self::_controllerName ($url['c']);
-			self::_actionName ($url['a']);
-			self::_params (array_merge (
+			self::_controllerName($url['c']);
+			self::_actionName($url['a']);
+			self::_params(array_merge(
 				self::$params,
 				$url['params']
 			));
@@ -146,6 +154,31 @@ class Minz_Request {
 		}
 	}
 
+
+	/**
+	 * Wrappers good notifications + redirection
+	 * @param $msg notification content
+	 * @param $url url array to where we should be forwarded
+	 */
+	public static function good($msg, $url = array()) {
+		Minz_Session::_param('notification', array(
+			'type' => 'good',
+			'content' => $msg
+		));
+
+		Minz_Request::forward($url, true);
+	}
+
+	public static function bad($msg, $url = array()) {
+		Minz_Session::_param('notification', array(
+			'type' => 'bad',
+			'content' => $msg
+		));
+
+		Minz_Request::forward($url, true);
+	}
+
+
 	/**
 	 * Permet de récupérer une variable de type $_GET
 	 * @param $param nom de la variable
@@ -154,10 +187,10 @@ class Minz_Request {
 	 *         $_GET si $param = false
 	 *         $default si $_GET[$param] n'existe pas
 	 */
-	public static function fetchGET ($param = false, $default = false) {
+	public static function fetchGET($param = false, $default = false) {
 		if ($param === false) {
 			return $_GET;
-		} elseif (isset ($_GET[$param])) {
+		} elseif (isset($_GET[$param])) {
 			return $_GET[$param];
 		} else {
 			return $default;
@@ -172,10 +205,10 @@ class Minz_Request {
 	 *         $_POST si $param = false
 	 *         $default si $_POST[$param] n'existe pas
 	 */
-	public static function fetchPOST ($param = false, $default = false) {
+	public static function fetchPOST($param = false, $default = false) {
 		if ($param === false) {
 			return $_POST;
-		} elseif (isset ($_POST[$param])) {
+		} elseif (isset($_POST[$param])) {
 			return $_POST[$param];
 		} else {
 			return $default;
@@ -188,15 +221,16 @@ class Minz_Request {
 	 *   $_POST
 	 *   $_COOKIE
 	 */
-	private static function magicQuotesOff () {
-		if (get_magic_quotes_gpc ()) {
-			$_GET = Minz_Helper::stripslashes_r ($_GET);
-			$_POST = Minz_Helper::stripslashes_r ($_POST);
-			$_COOKIE = Minz_Helper::stripslashes_r ($_COOKIE);
+	private static function magicQuotesOff() {
+		if (get_magic_quotes_gpc()) {
+			$_GET = Minz_Helper::stripslashes_r($_GET);
+			$_POST = Minz_Helper::stripslashes_r($_POST);
+			$_COOKIE = Minz_Helper::stripslashes_r($_COOKIE);
 		}
 	}
 
-	public static function isPost () {
-		return $_SERVER['REQUEST_METHOD'] === 'POST';
+	public static function isPost() {
+		return isset($_SERVER['REQUEST_METHOD']) &&
+			$_SERVER['REQUEST_METHOD'] === 'POST';
 	}
 }
diff --git a/lib/Minz/Session.php b/lib/Minz/Session.php
index ddabc4658..af4de75bb 100644
--- a/lib/Minz/Session.php
+++ b/lib/Minz/Session.php
@@ -2,28 +2,20 @@
 
 /**
  * La classe Session gère la session utilisateur
- * C'est un singleton
  */
 class Minz_Session {
 	/**
-	 * $session stocke les variables de session
-	 */
-	private static $session = array ();	//TODO: Try to avoid having another local copy
-
-	/**
 	 * Initialise la session, avec un nom
-	 * Le nom de session est utilisé comme nom pour les cookies et les URLs (i.e. PHPSESSID).
+	 * Le nom de session est utilisé comme nom pour les cookies et les URLs(i.e. PHPSESSID).
 	 * Il ne doit contenir que des caractères alphanumériques ; il doit être court et descriptif
 	 */
-	public static function init ($name) {
-		// démarre la session
-		session_name ($name);
-		session_set_cookie_params (0, dirname(empty($_SERVER['REQUEST_URI']) ? '/' : dirname($_SERVER['REQUEST_URI'])), null, false, true);
-		session_start ();
+	public static function init($name) {
+		$cookie = session_get_cookie_params();
+		self::keepCookie($cookie['lifetime']);
 
-		if (isset ($_SESSION)) {
-			self::$session = $_SESSION;
-		}
+		// démarre la session
+		session_name($name);
+		session_start();
 	}
 
 
@@ -32,8 +24,8 @@ class Minz_Session {
 	 * @param $p le paramètre à récupérer
 	 * @return la valeur de la variable de session, false si n'existe pas
 	 */
-	public static function param ($p, $default = false) {
-		return isset(self::$session[$p]) ? self::$session[$p] : $default;
+	public static function param($p, $default = false) {
+		return isset($_SESSION[$p]) ? $_SESSION[$p] : $default;
 	}
 
 
@@ -42,13 +34,11 @@ class Minz_Session {
 	 * @param $p le paramètre à créer ou modifier
 	 * @param $v la valeur à attribuer, false pour supprimer
 	 */
-	public static function _param ($p, $v = false) {
+	public static function _param($p, $v = false) {
 		if ($v === false) {
-			unset ($_SESSION[$p]);
-			unset (self::$session[$p]);
+			unset($_SESSION[$p]);
 		} else {
 			$_SESSION[$p] = $v;
-			self::$session[$p] = $v;
 		}
 	}
 
@@ -57,15 +47,47 @@ class Minz_Session {
 	 * Permet d'effacer une session
 	 * @param $force si à false, n'efface pas le paramètre de langue
 	 */
-	public static function unset_session ($force = false) {
-		$language = self::param ('language');
+	public static function unset_session($force = false) {
+		$language = self::param('language');
 
 		session_destroy();
-		self::$session = array ();
+		$_SESSION = array();
 
 		if (!$force) {
-			self::_param ('language', $language);
-			Minz_Translate::reset ();
+			self::_param('language', $language);
+			Minz_Translate::reset();
 		}
 	}
+
+
+	/**
+	 * Spécifie la durée de vie des cookies
+	 * @param $l la durée de vie
+	 */
+	public static function keepCookie($l) {
+		$cookie_dir = empty($_SERVER['REQUEST_URI']) ? '' : $_SERVER['REQUEST_URI'];
+		session_set_cookie_params($l, $cookie_dir, '', false, true);
+	}
+
+
+	/**
+	 * Régénère un id de session.
+	 * Utile pour appeler session_set_cookie_params après session_start()
+	 */
+	public static function regenerateID() {
+		session_regenerate_id(true);
+	}
+
+	public static function deleteLongTermCookie($name) {
+		setcookie($name, '', 1, '', '', false, true);
+	}
+
+	public static function setLongTermCookie($name, $value, $expire) {
+		setcookie($name, $value, $expire, '', '', false, true);
+	}
+
+	public static function getLongTermCookie($name) {
+		return isset($_COOKIE[$name]) ? $_COOKIE[$name] : null;
+	}
+
 }
diff --git a/lib/SimplePie/SimplePie/Parser.php b/lib/SimplePie/SimplePie/Parser.php
index 9300b4ba9..7fb7bd9be 100644
--- a/lib/SimplePie/SimplePie/Parser.php
+++ b/lib/SimplePie/SimplePie/Parser.php
@@ -142,7 +142,7 @@ class SimplePie_Parser
 				$dom = new DOMDocument();
 				$dom->recover = true;
 				$dom->strictErrorChecking = false;
-				$dom->loadXML($data);
+				@$dom->loadXML($data);
 				$this->encoding = $encoding = $dom->encoding = 'UTF-8';
 				$data2 = $dom->saveXML();
 				if (function_exists('mb_convert_encoding'))
diff --git a/lib/lib_rss.php b/lib/lib_rss.php
index 86c0a4ae4..823f53716 100644
--- a/lib/lib_rss.php
+++ b/lib/lib_rss.php
@@ -230,7 +230,3 @@ function cryptAvailable() {
 	}
 	return false;
 }
-
-function html_chars_utf8($str) {
-	return htmlspecialchars($str, ENT_COMPAT, 'UTF-8');
-}
author	Marien Fressinaud <dev@marienfressinaud.fr>	2014-09-08 19:26:35 +0200
committer	Marien Fressinaud <dev@marienfressinaud.fr>	2014-09-08 19:26:35 +0200
commit	ef1b35fc4385c99c4d38e3f87e8126d0dbe21519 (patch)
tree	c2127f92281084c3cb28f635dea63a9a179eabbb /lib
parent	909d8747ba09f9c9a6ac895f1f4f0763bdb27a55 (diff)
parent	c3fd8877c021b86180b3bea4d4260e6478f0558e (diff)