diff options
| -rw-r--r-- | app/Controllers/userController.php | 15 | ||||
| -rw-r--r-- | app/Models/Configuration.php | 4 | ||||
| -rw-r--r-- | app/Models/LogDAO.php | 4 | ||||
| -rw-r--r-- | app/Models/UserDAO.php | 8 | ||||
| -rw-r--r-- | data/.gitignore | 1 | ||||
| -rw-r--r-- | data/log/.gitignore | 1 | ||||
| -rw-r--r-- | data/users/.gitignore | 4 | ||||
| -rw-r--r-- | data/users/index.html (renamed from data/log/index.html) | 0 | ||||
| -rw-r--r-- | lib/Minz/Log.php | 2 | ||||
| -rw-r--r-- | lib/Minz/ModelPdo.php | 2 | ||||
| -rw-r--r-- | lib/lib_rss.php | 24 |
11 files changed, 37 insertions, 28 deletions
diff --git a/app/Controllers/userController.php b/app/Controllers/userController.php index 3b40e42dc..1b1ccaac9 100644 --- a/app/Controllers/userController.php +++ b/app/Controllers/userController.php @@ -109,7 +109,8 @@ class FreshRSS_user_Controller extends Minz_ActionController { require_once(APP_PATH . '/SQL/install.sql.' . $db['type'] . '.php'); $new_user_language = Minz_Request::param('new_user_language', FreshRSS_Context::$conf->language); - if (!in_array($new_user_language, FreshRSS_Context::$conf->availableLanguages())) { + $languages = FreshRSS_Context::$conf->availableLanguages(); + if (!isset($languages[$new_user_language])) { $new_user_language = FreshRSS_Context::$conf->language; } @@ -121,11 +122,10 @@ class FreshRSS_user_Controller extends Minz_ActionController { $ok &= !in_array(strtoupper($new_user_name), array_map('strtoupper', listUsers())); //Not an existing user, case-insensitive - $configPath = DATA_PATH . '/' . $new_user_name . '_user.php'; + $configPath = join_path(DATA_PATH, 'users', $new_user_name, 'config.php'); $ok &= !file_exists($configPath); } if ($ok) { - $passwordPlain = Minz_Request::param('new_user_passwordPlain', '', true); $passwordHash = ''; if ($passwordPlain != '') { @@ -147,12 +147,13 @@ class FreshRSS_user_Controller extends Minz_ActionController { if (empty($new_user_email)) { $new_user_email = ''; } else { - $personaFile = DATA_PATH . '/persona/' . $new_user_email . '.txt'; + $personaFile = join_path(DATA_PATH, 'persona', $new_user_email . '.txt'); @unlink($personaFile); $ok &= (file_put_contents($personaFile, $new_user_name) !== false); } } if ($ok) { + mkdir(join_path(DATA_PATH, 'users', $new_user_name)); $config_array = array( 'language' => $new_user_language, 'passwordHash' => $passwordHash, @@ -183,18 +184,18 @@ class FreshRSS_user_Controller extends Minz_ActionController { $username = Minz_Request::param('username'); $ok = ctype_alnum($username); + $user_data = join_path(DATA_PATH, 'users', $username); if ($ok) { $ok &= (strcasecmp($username, Minz_Configuration::defaultUser()) !== 0); //It is forbidden to delete the default user } if ($ok) { - $configPath = DATA_PATH . '/' . $username . '_user.php'; - $ok &= file_exists($configPath); + $ok &= is_dir($user_data); } if ($ok) { $userDAO = new FreshRSS_UserDAO(); $ok &= $userDAO->deleteUser($username); - $ok &= unlink($configPath); + $ok &= recursive_unlink($user_data); //TODO: delete Persona file } invalidateHttpCache(); diff --git a/app/Models/Configuration.php b/app/Models/Configuration.php index 8668470b0..8bba8f777 100644 --- a/app/Models/Configuration.php +++ b/app/Models/Configuration.php @@ -74,7 +74,7 @@ class FreshRSS_Configuration { private $shares; public function __construct($user) { - $this->filename = DATA_PATH . DIRECTORY_SEPARATOR . $user . '_user.php'; + $this->filename = join_path(DATA_PATH, 'users', $user, 'config.php'); $data = @include($this->filename); if (!is_array($data)) { @@ -89,7 +89,7 @@ class FreshRSS_Configuration { } $this->data['user'] = $user; - $this->shares = DATA_PATH . DIRECTORY_SEPARATOR . 'shares.php'; + $this->shares = join_path(DATA_PATH, 'shares.php'); $shares = @include($this->shares); if (!is_array($shares)) { diff --git a/app/Models/LogDAO.php b/app/Models/LogDAO.php index 21593435d..4c56e3150 100644 --- a/app/Models/LogDAO.php +++ b/app/Models/LogDAO.php @@ -3,7 +3,7 @@ class FreshRSS_LogDAO { public static function lines() { $logs = array(); - $handle = @fopen(LOG_PATH . '/' . Minz_Session::param('currentUser', '_') . '.log', 'r'); + $handle = @fopen(join_path(DATA_PATH, 'users', Minz_Session::param('currentUser', '_'), 'log.txt'), 'r'); if ($handle) { while (($line = fgets($handle)) !== false) { if (preg_match('/^\[([^\[]+)\] \[([^\[]+)\] --- (.*)$/', $line, $matches)) { @@ -20,6 +20,6 @@ class FreshRSS_LogDAO { } public static function truncate() { - file_put_contents(LOG_PATH . '/' . Minz_Session::param('currentUser', '_') . '.log', ''); + file_put_contents(join_path(DATA_PATH, 'users', Minz_Session::param('currentUser', '_'), 'log.txt'), ''); } } diff --git a/app/Models/UserDAO.php b/app/Models/UserDAO.php index f04ae26bf..6514080bc 100644 --- a/app/Models/UserDAO.php +++ b/app/Models/UserDAO.php @@ -38,7 +38,7 @@ class FreshRSS_UserDAO extends Minz_ModelPdo { require_once(APP_PATH . '/SQL/install.sql.' . $db['type'] . '.php'); if ($db['type'] === 'sqlite') { - return unlink(DATA_PATH . '/' . $username . '.sqlite'); + return unlink(join_path(DATA_PATH, 'users', $username, 'db.sqlite')); } else { $userPDO = new Minz_ModelPdo($username); @@ -55,14 +55,14 @@ class FreshRSS_UserDAO extends Minz_ModelPdo { } public static function exist($username) { - return file_exists(DATA_PATH . '/' . $username . '_user.php'); + return is_dir(join_path(DATA_PATH , 'users', $username)); } public static function touch($username) { - return touch(DATA_PATH . '/' . $username . '_user.php'); + return touch(join_path(DATA_PATH , 'users', $username, 'config.php')); } public static function mtime($username) { - return @filemtime(DATA_PATH . '/' . $username . '_user.php'); + return @filemtime(join_path(DATA_PATH , 'users', $username, 'config.php')); } } diff --git a/data/.gitignore b/data/.gitignore index 325fa75c6..20364e266 100644 --- a/data/.gitignore +++ b/data/.gitignore @@ -1,6 +1,5 @@ application.ini config.php -*_user.php *.sqlite touch.txt no-cache.txt diff --git a/data/log/.gitignore b/data/log/.gitignore deleted file mode 100644 index bf0824e59..000000000 --- a/data/log/.gitignore +++ /dev/null @@ -1 +0,0 @@ -*.log
\ No newline at end of file diff --git a/data/users/.gitignore b/data/users/.gitignore new file mode 100644 index 000000000..53ed0587b --- /dev/null +++ b/data/users/.gitignore @@ -0,0 +1,4 @@ +db.sqlite +config.php +log.txt + diff --git a/data/log/index.html b/data/users/index.html index 85faaa37e..85faaa37e 100644 --- a/data/log/index.html +++ b/data/users/index.html diff --git a/lib/Minz/Log.php b/lib/Minz/Log.php index d3eaec2ae..26412c547 100644 --- a/lib/Minz/Log.php +++ b/lib/Minz/Log.php @@ -37,7 +37,7 @@ class Minz_Log { || ($env === Minz_Configuration::PRODUCTION && ($level >= Minz_Log::NOTICE)))) { if ($file_name === null) { - $file_name = LOG_PATH . '/' . Minz_Session::param('currentUser', '_') . '.log'; + $file_name = join_path(DATA_PATH, 'users', Minz_Session::param('currentUser', '_'), 'log.txt'); } switch ($level) { diff --git a/lib/Minz/ModelPdo.php b/lib/Minz/ModelPdo.php index 6198cd85c..118d89ad2 100644 --- a/lib/Minz/ModelPdo.php +++ b/lib/Minz/ModelPdo.php @@ -63,7 +63,7 @@ class Minz_ModelPdo { ); $this->prefix = $db['prefix'] . $currentUser . '_'; } elseif ($type === 'sqlite') { - $string = 'sqlite:' . DATA_PATH . '/' . $currentUser . '.sqlite'; + $string = 'sqlite:' . join_path(DATA_PATH, 'users', $currentUser, 'db.sqlite'); $driver_options = array( //PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, ); diff --git a/lib/lib_rss.php b/lib/lib_rss.php index 264c69d58..cfd31b2c8 100644 --- a/lib/lib_rss.php +++ b/lib/lib_rss.php @@ -15,6 +15,17 @@ if (!function_exists('json_encode')) { } } +/** + * Build a directory path by concatenating a list of directory names. + * + * @param $path_parts a list of directory names + * @return a string corresponding to the final pathname + */ +function join_path() { + $path_parts = func_get_args(); + return join(DIRECTORY_SEPARATOR, $path_parts); +} + //<Auto-loading> function classAutoloader($class) { if (strpos($class, 'FreshRSS') === 0) { @@ -208,16 +219,11 @@ function invalidateHttpCache() { return touch(LOG_PATH . '/' . Minz_Session::param('currentUser', '_') . '.log'); } -function usernameFromPath($userPath) { - if (preg_match('%/([A-Za-z0-9]{1,16})_user\.php$%', $userPath, $matches)) { - return $matches[1]; - } else { - return ''; - } -} - function listUsers() { - return array_map('usernameFromPath', glob(DATA_PATH . '/*_user.php')); + return array_values(array_diff( + scandir(join_path(DATA_PATH, 'users')), + array('..', '.') + )); } function httpAuthUser() { |