From 1eef7893068655f8d145a3e06061a9e6296ac1f3 Mon Sep 17 00:00:00 2001 From: Marien Fressinaud Date: Wed, 1 Oct 2014 11:27:41 +0200 Subject: Reorganize subscription management code There is still a lot of work to do. Some links are broken. See https://github.com/marienfressinaud/FreshRSS/issues/646 --- app/layout/aside_flux.phtml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'app/layout/aside_flux.phtml') diff --git a/app/layout/aside_flux.phtml b/app/layout/aside_flux.phtml index aac3c0896..341697103 100644 --- a/app/layout/aside_flux.phtml +++ b/app/layout/aside_flux.phtml @@ -7,8 +7,8 @@
  • - - + +
    • -- cgit v1.2.3 From a7bf7ced369a046b487ab1cd8b3819acc5ebdafe Mon Sep 17 00:00:00 2001 From: Marien Fressinaud Date: Wed, 1 Oct 2014 12:18:32 +0200 Subject: Fix links for feed management See https://github.com/marienfressinaud/FreshRSS/issues/646 --- app/Controllers/categoryController.php | 8 ++++---- app/Controllers/feedController.php | 16 +++++++++------- app/layout/aside_flux.phtml | 2 +- app/views/helpers/view/global_view.phtml | 2 +- app/views/helpers/view/normal_view.phtml | 2 +- app/views/helpers/view/reader_view.phtml | 2 +- app/views/stats/idle.phtml | 2 +- app/views/stats/repartition.phtml | 2 +- 8 files changed, 19 insertions(+), 17 deletions(-) (limited to 'app/layout/aside_flux.phtml') diff --git a/app/Controllers/categoryController.php b/app/Controllers/categoryController.php index 65fe631cc..2c99751a4 100644 --- a/app/Controllers/categoryController.php +++ b/app/Controllers/categoryController.php @@ -31,7 +31,7 @@ class FreshRSS_category_Controller extends Minz_ActionController { */ public function createAction() { $catDAO = new FreshRSS_CategoryDAO(); - $url_redirect = array('c' => 'configure', 'a' => 'categorize'); + $url_redirect = array('c' => 'subscription', 'a' => 'index'); if (Minz_Request::isPost()) { invalidateHttpCache(); @@ -71,7 +71,7 @@ class FreshRSS_category_Controller extends Minz_ActionController { */ public function updateAction() { $catDAO = new FreshRSS_CategoryDAO(); - $url_redirect = array('c' => 'configure', 'a' => 'categorize'); + $url_redirect = array('c' => 'subscription', 'a' => 'index'); if (Minz_Request::isPost()) { invalidateHttpCache(); @@ -113,7 +113,7 @@ class FreshRSS_category_Controller extends Minz_ActionController { $feedDAO = FreshRSS_Factory::createFeedDao(); $catDAO = new FreshRSS_CategoryDAO(); $default_category = $catDAO->getDefault(); - $url_redirect = array('c' => 'configure', 'a' => 'categorize'); + $url_redirect = array('c' => 'subscription', 'a' => 'index'); if (Minz_Request::isPost()) { invalidateHttpCache(); @@ -150,7 +150,7 @@ class FreshRSS_category_Controller extends Minz_ActionController { */ public function emptyAction() { $feedDAO = FreshRSS_Factory::createFeedDao(); - $url_redirect = array('c' => 'configure', 'a' => 'categorize'); + $url_redirect = array('c' => 'subscription', 'a' => 'index'); if (Minz_Request::isPost()) { invalidateHttpCache(); diff --git a/app/Controllers/feedController.php b/app/Controllers/feedController.php index 7ef427ac2..e4859b110 100755 --- a/app/Controllers/feedController.php +++ b/app/Controllers/feedController.php @@ -26,8 +26,8 @@ class FreshRSS_feed_Controller extends Minz_ActionController { if ($url === false) { Minz_Request::forward(array( - 'c' => 'configure', - 'a' => 'feed' + 'c' => 'subscription', + 'a' => 'index' ), true); } @@ -166,7 +166,7 @@ class FreshRSS_feed_Controller extends Minz_ActionController { $feedDAO->rollBack (); } - Minz_Request::forward (array ('c' => 'configure', 'a' => 'feed', 'params' => $params), true); + Minz_Request::forward (array ('c' => 'subscription', 'a' => 'index', 'params' => $params), true); } else { // GET request so we must ask confirmation to user @@ -193,8 +193,8 @@ class FreshRSS_feed_Controller extends Minz_ActionController { Minz_Session::_param('notification', $notif); Minz_Request::forward(array( - 'c' => 'configure', - 'a' => 'feed', + 'c' => 'subscription', + 'a' => 'index', 'params' => array( 'id' => $feed->id() ) @@ -214,7 +214,9 @@ class FreshRSS_feed_Controller extends Minz_ActionController { ); Minz_Session::_param ('notification', $notif); invalidateHttpCache(); - Minz_Request::forward (array ('c' => 'configure', 'a' => 'feed', 'params' => array('id' => $id)), true); + Minz_Request::forward (array ('c' => 'subscription', + 'a' => 'index', + 'params' => array('id' => $id)), true); } } @@ -405,7 +407,7 @@ class FreshRSS_feed_Controller extends Minz_ActionController { if ($redirect_url) { Minz_Request::forward($redirect_url); } else { - Minz_Request::forward(array('c' => 'configure', 'a' => 'feed'), true); + Minz_Request::forward(array('c' => 'subscription', 'a' => 'index'), true); } } } diff --git a/app/layout/aside_flux.phtml b/app/layout/aside_flux.phtml index 341697103..a8ae2f424 100644 --- a/app/layout/aside_flux.phtml +++ b/app/layout/aside_flux.phtml @@ -89,7 +89,7 @@
    • loginOk) { ?>
  • -
    • +
  • conf->reading_confirm ? 'confirm' : ''; ?> diff --git a/app/views/helpers/view/global_view.phtml b/app/views/helpers/view/global_view.phtml index 72bcf4c73..5e4cad01a 100644 --- a/app/views/helpers/view/global_view.phtml +++ b/app/views/helpers/view/global_view.phtml @@ -48,6 +48,6 @@

    -

    +

    diff --git a/app/views/helpers/view/normal_view.phtml b/app/views/helpers/view/normal_view.phtml index 6d9789f8d..e469edf58 100644 --- a/app/views/helpers/view/normal_view.phtml +++ b/app/views/helpers/view/normal_view.phtml @@ -186,6 +186,6 @@ if (!empty($this->entries)) {

    -

    +

    diff --git a/app/views/helpers/view/reader_view.phtml b/app/views/helpers/view/reader_view.phtml index c80dca519..413094239 100644 --- a/app/views/helpers/view/reader_view.phtml +++ b/app/views/helpers/view/reader_view.phtml @@ -39,6 +39,6 @@ if (!empty($this->entries)) {

    -

    +

    diff --git a/app/views/stats/idle.phtml b/app/views/stats/idle.phtml index 6f3d4a117..75cba1081 100644 --- a/app/views/stats/idle.phtml +++ b/app/views/stats/idle.phtml @@ -25,7 +25,7 @@
  • - +
    • diff --git a/app/views/stats/repartition.phtml b/app/views/stats/repartition.phtml index b425c1458..dac47e189 100644 --- a/app/views/stats/repartition.phtml +++ b/app/views/stats/repartition.phtml @@ -24,7 +24,7 @@ feed) {?> - + -- cgit v1.2.3 From 79aa5beaf44af13a1828bfa5fc824a08c62054dc Mon Sep 17 00:00:00 2001 From: Marien Fressinaud Date: Mon, 6 Oct 2014 23:29:20 +0200 Subject: Refactor authentication system. Big work, not finished. A lot of features have been removed. See https://github.com/marienfressinaud/FreshRSS/issues/655 --- app/Controllers/categoryController.php | 2 +- app/Controllers/configureController.php | 2 +- app/Controllers/entryController.php | 2 +- app/Controllers/feedController.php | 2 +- app/Controllers/importExportController.php | 2 +- app/Controllers/indexController.php | 296 ++++++----------------------- app/Controllers/statsController.php | 2 +- app/Controllers/subscriptionController.php | 2 +- app/Controllers/updateController.php | 2 +- app/Controllers/usersController.php | 2 +- app/FreshRSS.php | 135 ++----------- app/Models/Auth.php | 209 ++++++++++++++++++++ app/layout/aside_flux.phtml | 6 +- app/layout/header.phtml | 32 +--- app/layout/nav_menu.phtml | 4 +- app/views/helpers/view/normal_view.phtml | 6 +- app/views/index/index.phtml | 2 +- app/views/index/login.phtml | 1 - app/views/index/logout.phtml | 1 - app/views/index/resetAuth.phtml | 33 ---- 20 files changed, 309 insertions(+), 434 deletions(-) create mode 100644 app/Models/Auth.php delete mode 100644 app/views/index/login.phtml delete mode 100644 app/views/index/logout.phtml delete mode 100644 app/views/index/resetAuth.phtml (limited to 'app/layout/aside_flux.phtml') diff --git a/app/Controllers/categoryController.php b/app/Controllers/categoryController.php index c79f37fa4..537a2b210 100644 --- a/app/Controllers/categoryController.php +++ b/app/Controllers/categoryController.php @@ -12,7 +12,7 @@ class FreshRSS_category_Controller extends Minz_ActionController { * */ public function firstAction() { - if (!$this->view->loginOk) { + if (!FreshRSS_Auth::hasAccess()) { Minz_Error::error( 403, array('error' => array(_t('access_denied'))) diff --git a/app/Controllers/configureController.php b/app/Controllers/configureController.php index 789e9dfb0..7e77a757a 100755 --- a/app/Controllers/configureController.php +++ b/app/Controllers/configureController.php @@ -10,7 +10,7 @@ class FreshRSS_configure_Controller extends Minz_ActionController { * underlying framework. */ public function firstAction() { - if (!$this->view->loginOk) { + if (!FreshRSS_Auth::hasAccess()) { Minz_Error::error( 403, array('error' => array(_t('access_denied'))) diff --git a/app/Controllers/entryController.php b/app/Controllers/entryController.php index c46fbf346..a1dfacb4d 100755 --- a/app/Controllers/entryController.php +++ b/app/Controllers/entryController.php @@ -10,7 +10,7 @@ class FreshRSS_entry_Controller extends Minz_ActionController { * underlying framework. */ public function firstAction() { - if (!$this->view->loginOk) { + if (!FreshRSS_Auth::hasAccess()) { Minz_Error::error( 403, array('error' => array(_t('access_denied'))) diff --git a/app/Controllers/feedController.php b/app/Controllers/feedController.php index 18829d252..2a7238eaf 100755 --- a/app/Controllers/feedController.php +++ b/app/Controllers/feedController.php @@ -10,7 +10,7 @@ class FreshRSS_feed_Controller extends Minz_ActionController { * underlying framework. */ public function firstAction() { - if (!$this->view->loginOk) { + if (!FreshRSS_Auth::hasAccess()) { // Token is useful in the case that anonymous refresh is forbidden // and CRON task cannot be used with php command so the user can // set a CRON task to refresh his feeds by using token inside url diff --git a/app/Controllers/importExportController.php b/app/Controllers/importExportController.php index 57759f277..aaac1b68b 100644 --- a/app/Controllers/importExportController.php +++ b/app/Controllers/importExportController.php @@ -10,7 +10,7 @@ class FreshRSS_importExport_Controller extends Minz_ActionController { * underlying framework. */ public function firstAction() { - if (!$this->view->loginOk) { + if (!FreshRSS_Auth::hasAccess()) { Minz_Error::error( 403, array('error' => array(_t('access_denied'))) diff --git a/app/Controllers/indexController.php b/app/Controllers/indexController.php index 0d2eff700..3006480f9 100755 --- a/app/Controllers/indexController.php +++ b/app/Controllers/indexController.php @@ -8,7 +8,7 @@ class FreshRSS_index_Controller extends Minz_ActionController { $token = $this->view->conf->token; // check if user is logged in - if (!$this->view->loginOk && !Minz_Configuration::allowAnonymous()) { + if (!FreshRSS_Auth::hasAccess() && !Minz_Configuration::allowAnonymous()) { $token_param = Minz_Request::param('token', ''); $token_is_ok = ($token != '' && $token === $token_param); if ($output === 'rss' && !$token_is_ok) { @@ -20,7 +20,7 @@ class FreshRSS_index_Controller extends Minz_ActionController { } elseif ($output !== 'rss') { // "hard" redirection is not required, just ask dispatcher to // forward to the login form without 302 redirection - Minz_Request::forward(array('c' => 'index', 'a' => 'formLogin')); + Minz_Request::forward(array('c' => 'index', 'a' => 'login')); return; } } @@ -207,7 +207,7 @@ class FreshRSS_index_Controller extends Minz_ActionController { } public function logsAction() { - if (!$this->view->loginOk) { + if (!FreshRSS_Auth::hasAccess()) { Minz_Error::error( 403, array('error' => array(_t('access_denied'))) @@ -229,265 +229,91 @@ class FreshRSS_index_Controller extends Minz_ActionController { $this->view->logsPaginator->_currentPage($page); } + /** + * This action handles the login page. + */ public function loginAction() { - $this->view->_useLayout(false); - - $url = 'https://verifier.login.persona.org/verify'; - $assert = Minz_Request::param('assertion'); - $params = 'assertion=' . $assert . '&audience=' . - urlencode(Minz_Url::display(null, 'php', true)); - $ch = curl_init(); - $options = array( - CURLOPT_URL => $url, - CURLOPT_RETURNTRANSFER => TRUE, - CURLOPT_POST => 2, - CURLOPT_POSTFIELDS => $params - ); - curl_setopt_array($ch, $options); - $result = curl_exec($ch); - curl_close($ch); - - $res = json_decode($result, true); - - $loginOk = false; - $reason = ''; - if ($res['status'] === 'okay') { - $email = filter_var($res['email'], FILTER_VALIDATE_EMAIL); - if ($email != '') { - $personaFile = DATA_PATH . '/persona/' . $email . '.txt'; - if (($currentUser = @file_get_contents($personaFile)) !== false) { - $currentUser = trim($currentUser); - if (ctype_alnum($currentUser)) { - try { - $this->conf = new FreshRSS_Configuration($currentUser); - $loginOk = strcasecmp($email, $this->conf->mail_login) === 0; - } catch (Minz_Exception $e) { - $reason = 'Invalid configuration for user [' . $currentUser . ']! ' . $e->getMessage(); //Permission denied or conf file does not exist - } - } else { - $reason = 'Invalid username format [' . $currentUser . ']!'; - } - } - } else { - $reason = 'Invalid email format [' . $res['email'] . ']!'; - } - } - if ($loginOk) { - Minz_Session::_param('currentUser', $currentUser); - Minz_Session::_param('mail', $email); - $this->view->loginOk = true; - invalidateHttpCache(); - } else { - $res = array(); - $res['status'] = 'failure'; - $res['reason'] = $reason == '' ? _t('invalid_login') : $reason; - Minz_Log::warning('Persona: ' . $res['reason']); + if (FreshRSS_Auth::hasAccess()) { + Minz_Request::forward(array('c' => 'index', 'a' => 'index'), true); } - header('Content-Type: application/json; charset=UTF-8'); - $this->view->res = json_encode($res); - } - - public function logoutAction() { - $this->view->_useLayout(false); invalidateHttpCache(); - Minz_Session::_param('currentUser'); - Minz_Session::_param('mail'); - Minz_Session::_param('passwordHash'); - } - - private static function makeLongTermCookie($username, $passwordHash) { - do { - $token = sha1(Minz_Configuration::salt() . $username . uniqid(mt_rand(), true)); - $tokenFile = DATA_PATH . '/tokens/' . $token . '.txt'; - } while (file_exists($tokenFile)); - if (@file_put_contents($tokenFile, $username . "\t" . $passwordHash) === false) { - return false; - } - $expire = time() + 2629744; //1 month //TODO: Use a configuration instead - Minz_Session::setLongTermCookie('FreshRSS_login', $token, $expire); - Minz_Session::_param('token', $token); - return $token; - } - - private static function deleteLongTermCookie() { - Minz_Session::deleteLongTermCookie('FreshRSS_login'); - $token = Minz_Session::param('token', null); - if (ctype_alnum($token)) { - @unlink(DATA_PATH . '/tokens/' . $token . '.txt'); - } - Minz_Session::_param('token'); - if (rand(0, 10) === 1) { - self::purgeTokens(); - } - } - private static function purgeTokens() { - $oldest = time() - 2629744; //1 month //TODO: Use a configuration instead - foreach (new DirectoryIterator(DATA_PATH . '/tokens/') as $fileInfo) { - if ($fileInfo->getExtension() === 'txt' && $fileInfo->getMTime() < $oldest) { - @unlink($fileInfo->getPathname()); - } + $auth_type = Minz_Configuration::authType(); + switch ($auth_type) { + case 'form': + Minz_Request::forward(array('c' => 'index', 'a' => 'formLogin')); + break; + case 'http_auth': + case 'none': + // It should not happened! + Minz_Error::error(404); + default: + // TODO load plugin instead + Minz_Error::error(404); } } + /** + * + */ public function formLoginAction() { - if ($this->view->loginOk) { + if (FreshRSS_Auth::hasAccess()) { Minz_Request::forward(array('c' => 'index', 'a' => 'index'), true); } - if (Minz_Request::isPost()) { - $ok = false; - $nonce = Minz_Session::param('nonce'); - $username = Minz_Request::param('username', ''); - $c = Minz_Request::param('challenge', ''); - if (ctype_alnum($username) && ctype_graph($c) && ctype_alnum($nonce)) { - if (!function_exists('password_verify')) { - include_once(LIB_PATH . '/password_compat.php'); - } - try { - $conf = new FreshRSS_Configuration($username); - $s = $conf->passwordHash; - $ok = password_verify($nonce . $s, $c); - if ($ok) { - Minz_Session::_param('currentUser', $username); - Minz_Session::_param('passwordHash', $s); - if (Minz_Request::param('keep_logged_in', false)) { - self::makeLongTermCookie($username, $s); - } else { - self::deleteLongTermCookie(); - } - } else { - Minz_Log::warning('Password mismatch for user ' . $username . ', nonce=' . $nonce . ', c=' . $c); - } - } catch (Minz_Exception $me) { - Minz_Log::warning('Login failure: ' . $me->getMessage()); - } - } else { - Minz_Log::debug('Invalid credential parameters: user=' . $username . ' challenge=' . $c . ' nonce=' . $nonce); - } - if (!$ok) { - $notif = array( - 'type' => 'bad', - 'content' => _t('invalid_login') - ); - Minz_Session::_param('notification', $notif); - } - $this->view->_useLayout(false); - Minz_Request::forward(array('c' => 'index', 'a' => 'index'), true); - } elseif (Minz_Configuration::unsafeAutologinEnabled() && isset($_GET['u']) && isset($_GET['p'])) { - Minz_Session::_param('currentUser'); - Minz_Session::_param('mail'); - Minz_Session::_param('passwordHash'); - $username = ctype_alnum($_GET['u']) ? $_GET['u'] : ''; - $passwordPlain = $_GET['p']; - Minz_Request::_param('p'); //Discard plain-text password ASAP - $_GET['p'] = ''; - if (!function_exists('password_verify')) { - include_once(LIB_PATH . '/password_compat.php'); - } - try { - $conf = new FreshRSS_Configuration($username); - $s = $conf->passwordHash; - $ok = password_verify($passwordPlain, $s); - unset($passwordPlain); - if ($ok) { - Minz_Session::_param('currentUser', $username); - Minz_Session::_param('passwordHash', $s); - } else { - Minz_Log::warning('Unsafe password mismatch for user ' . $username); - } - } catch (Minz_Exception $me) { - Minz_Log::warning('Unsafe login failure: ' . $me->getMessage()); - } - Minz_Request::forward(array('c' => 'index', 'a' => 'index'), true); - } elseif (!Minz_Configuration::canLogIn()) { - Minz_Error::error( - 403, - array('error' => array(_t('access_denied'))) - ); - } invalidateHttpCache(); - } - public function formLogoutAction() { - $this->view->_useLayout(false); - invalidateHttpCache(); - Minz_Session::_param('currentUser'); - Minz_Session::_param('mail'); - Minz_Session::_param('passwordHash'); - self::deleteLongTermCookie(); - Minz_Request::forward(array('c' => 'index', 'a' => 'index'), true); - } - - public function resetAuthAction() { - Minz_View::prependTitle(_t('auth_reset') . ' · '); - Minz_View::appendScript(Minz_Url::display( - '/scripts/bcrypt.min.js?' . @filemtime(PUBLIC_PATH . '/scripts/bcrypt.min.js') - )); - - $this->view->no_form = false; - // Enable changement of auth only if Persona! - if (Minz_Configuration::authType() != 'persona') { - $this->view->message = array( - 'status' => 'bad', - 'title' => _t('damn'), - 'body' => _t('auth_not_persona') - ); - $this->view->no_form = true; - return; - } - - $conf = new FreshRSS_Configuration(Minz_Configuration::defaultUser()); - // Admin user must have set its master password. - if (!$conf->passwordHash) { - $this->view->message = array( - 'status' => 'bad', - 'title' => _t('damn'), - 'body' => _t('auth_no_password_set') - ); - $this->view->no_form = true; - return; - } - - invalidateHttpCache(); + $file_mtime = @filemtime(PUBLIC_PATH . '/scripts/bcrypt.min.js'); + Minz_View::appendScript(Minz_Url::display('/scripts/bcrypt.min.js?' . $file_mtime)); if (Minz_Request::isPost()) { $nonce = Minz_Session::param('nonce'); $username = Minz_Request::param('username', ''); - $c = Minz_Request::param('challenge', ''); - if (!(ctype_alnum($username) && ctype_graph($c) && ctype_alnum($nonce))) { - Minz_Log::debug('Invalid credential parameters:' . - ' user=' . $username . - ' challenge=' . $c . - ' nonce=' . $nonce); + $challenge = Minz_Request::param('challenge', ''); + try { + $conf = new FreshRSS_Configuration($username); + } catch(Minz_Exception $e) { + // $username is not a valid user, nor the configuration file! + Minz_Log::warning('Login failure: ' . $e->getMessage()); Minz_Request::bad(_t('invalid_login'), - array('c' => 'index', 'a' => 'resetAuth')); - } - - if (!function_exists('password_verify')) { - include_once(LIB_PATH . '/password_compat.php'); + array('c' => 'index', 'a' => 'login')); } - $s = $conf->passwordHash; - $ok = password_verify($nonce . $s, $c); + $ok = FreshRSS_FormAuth::checkCredentials( + $username, $conf->passwordHash, $nonce, $challenge + ); if ($ok) { - Minz_Configuration::_authType('form'); - $ok = Minz_Configuration::writeFile(); - - if ($ok) { - Minz_Request::good(_t('auth_form_set')); + // Set session parameter to give access to the user. + Minz_Session::_param('currentUser', $username); + Minz_Session::_param('passwordHash', $conf->passwordHash); + FreshRSS_Auth::giveAccess(); + + // Set cookie parameter if nedded. + if (Minz_Request::param('keep_logged_in', false)) { + FreshRSS_FormAuth::makeCookie($username, $conf->passwordHash); } else { - Minz_Request::bad(_t('auth_form_not_set'), - array('c' => 'index', 'a' => 'resetAuth')); + FreshRSS_FormAuth::deleteCookie(); } - } else { - Minz_Log::debug('Password mismatch for user ' . $username . - ', nonce=' . $nonce . ', c=' . $c); + // All is good, go back to the index. + Minz_Request::good(_t('login'), + array('c' => 'index', 'a' => 'index')); + } else { + Minz_Log::warning('Password mismatch for' . + ' user=' . $username . + ', nonce=' . $nonce . + ', c=' . $challenge); Minz_Request::bad(_t('invalid_login'), - array('c' => 'index', 'a' => 'resetAuth')); + array('c' => 'index', 'a' => 'login')); } } } + + public function logoutAction() { + invalidateHttpCache(); + FreshRSS_Auth::removeAccess(); + Minz_Request::good(_t('disconnected'), + array('c' => 'index', 'a' => 'index')); + } } diff --git a/app/Controllers/statsController.php b/app/Controllers/statsController.php index 99c57c809..0e3430fcc 100644 --- a/app/Controllers/statsController.php +++ b/app/Controllers/statsController.php @@ -118,7 +118,7 @@ class FreshRSS_stats_Controller extends Minz_ActionController { * underlying framework. */ public function firstAction() { - if (!$this->view->loginOk) { + if (!FreshRSS_Auth::hasAccess()) { Minz_Error::error( 403, array('error' => array(_t('access_denied'))) ); diff --git a/app/Controllers/subscriptionController.php b/app/Controllers/subscriptionController.php index 7cc8179a0..a89168eb3 100644 --- a/app/Controllers/subscriptionController.php +++ b/app/Controllers/subscriptionController.php @@ -10,7 +10,7 @@ class FreshRSS_subscription_Controller extends Minz_ActionController { * underlying framework. */ public function firstAction() { - if (!$this->view->loginOk) { + if (!FreshRSS_Auth::hasAccess()) { Minz_Error::error( 403, array('error' => array(_t('access_denied'))) diff --git a/app/Controllers/updateController.php b/app/Controllers/updateController.php index da5bddc65..9da1e8657 100644 --- a/app/Controllers/updateController.php +++ b/app/Controllers/updateController.php @@ -3,7 +3,7 @@ class FreshRSS_update_Controller extends Minz_ActionController { public function firstAction() { $current_user = Minz_Session::param('currentUser', ''); - if (!$this->view->loginOk && Minz_Configuration::isAdmin($current_user)) { + if (!FreshRSS_Auth::hasAccess() && Minz_Configuration::isAdmin($current_user)) { Minz_Error::error( 403, array('error' => array(_t('access_denied'))) diff --git a/app/Controllers/usersController.php b/app/Controllers/usersController.php index 7d0171bc7..c2b1d163f 100644 --- a/app/Controllers/usersController.php +++ b/app/Controllers/usersController.php @@ -5,7 +5,7 @@ class FreshRSS_users_Controller extends Minz_ActionController { const BCRYPT_COST = 9; //Will also have to be computed client side on mobile devices, so do not use a too high cost public function firstAction() { - if (!$this->view->loginOk) { + if (!FreshRSS_Auth::hasAccess()) { Minz_Error::error( 403, array('error' => array(_t('access_denied'))) diff --git a/app/FreshRSS.php b/app/FreshRSS.php index efd302ecc..35a37b887 100644 --- a/app/FreshRSS.php +++ b/app/FreshRSS.php @@ -4,130 +4,33 @@ class FreshRSS extends Minz_FrontController { if (!isset($_SESSION)) { Minz_Session::init('FreshRSS'); } - $loginOk = $this->accessControl(Minz_Session::param('currentUser', '')); + + FreshRSS_Auth::init(); + $this->loadConfiguration(); $this->loadParamsView(); if (Minz_Request::isPost() && !is_referer_from_same_domain()) { - $loginOk = false; //Basic protection against XSRF attacks + //Basic protection against XSRF attacks + FreshRSS_Auth::removeAccess(); Minz_Error::error( 403, array('error' => array(_t('access_denied') . ' [HTTP_REFERER=' . - htmlspecialchars(empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER']) . ']')) + htmlspecialchars(empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER']) . ']')) ); } - Minz_View::_param('loginOk', $loginOk); - $this->loadStylesAndScripts($loginOk); //TODO: Do not load that when not needed, e.g. some Ajax requests + $this->loadStylesAndScripts(); $this->loadNotifications(); $this->loadExtensions(); } - private static function getCredentialsFromLongTermCookie() { - $token = Minz_Session::getLongTermCookie('FreshRSS_login'); - if (!ctype_alnum($token)) { - return array(); - } - $tokenFile = DATA_PATH . '/tokens/' . $token . '.txt'; - $mtime = @filemtime($tokenFile); - if ($mtime + 2629744 < time()) { //1 month //TODO: Use a configuration instead - @unlink($tokenFile); - return array(); //Expired or token does not exist - } - $credentials = @file_get_contents($tokenFile); - return $credentials === false ? array() : explode("\t", $credentials, 2); - } - - private function accessControl($currentUser) { - if ($currentUser == '') { - switch (Minz_Configuration::authType()) { - case 'form': - $credentials = self::getCredentialsFromLongTermCookie(); - if (isset($credentials[1])) { - $currentUser = trim($credentials[0]); - Minz_Session::_param('passwordHash', trim($credentials[1])); - } - $loginOk = $currentUser != ''; - if (!$loginOk) { - $currentUser = Minz_Configuration::defaultUser(); - Minz_Session::_param('passwordHash'); - } - break; - case 'http_auth': - $currentUser = httpAuthUser(); - $loginOk = $currentUser != ''; - break; - case 'persona': - $loginOk = false; - $email = filter_var(Minz_Session::param('mail'), FILTER_VALIDATE_EMAIL); - if ($email != '') { //TODO: Remove redundancy with indexController - $personaFile = DATA_PATH . '/persona/' . $email . '.txt'; - if (($currentUser = @file_get_contents($personaFile)) !== false) { - $currentUser = trim($currentUser); - $loginOk = true; - } - } - if (!$loginOk) { - $currentUser = Minz_Configuration::defaultUser(); - } - break; - case 'none': - $currentUser = Minz_Configuration::defaultUser(); - $loginOk = true; - break; - default: - $currentUser = Minz_Configuration::defaultUser(); - $loginOk = false; - break; - } - } else { - $loginOk = true; - } - - if (!ctype_alnum($currentUser)) { - Minz_Session::_param('currentUser', ''); - die('Invalid username [' . $currentUser . ']!'); - } - + private function loadConfiguration() { + $current_user = Minz_Session::param('currentUser'); try { - $this->conf = new FreshRSS_Configuration($currentUser); + $this->conf = new FreshRSS_Configuration($current_user); Minz_View::_param('conf', $this->conf); - Minz_Session::_param('currentUser', $currentUser); - } catch (Minz_Exception $me) { - $loginOk = false; - try { - $this->conf = new FreshRSS_Configuration(Minz_Configuration::defaultUser()); - Minz_Session::_param('currentUser', Minz_Configuration::defaultUser()); - Minz_View::_param('conf', $this->conf); - $notif = array( - 'type' => 'bad', - 'content' => 'Invalid configuration for user [' . $currentUser . ']!', - ); - Minz_Session::_param('notification', $notif); - Minz_Log::warning($notif['content'] . ' ' . $me->getMessage()); - Minz_Session::_param('currentUser', ''); - } catch (Exception $e) { - die($e->getMessage()); - } - } - - if ($loginOk) { - switch (Minz_Configuration::authType()) { - case 'form': - $loginOk = Minz_Session::param('passwordHash') === $this->conf->passwordHash; - break; - case 'http_auth': - $loginOk = strcasecmp($currentUser, httpAuthUser()) === 0; - break; - case 'persona': - $loginOk = strcasecmp(Minz_Session::param('mail'), $this->conf->mail_login) === 0; - break; - case 'none': - $loginOk = true; - break; - default: - $loginOk = false; - break; - } + } catch(Minz_Exception $e) { + Minz_Log::error('Cannot load configuration file of user `' . $current_user . '`'); + die($e->getMessage()); } - return $loginOk; } private function loadParamsView() { @@ -140,7 +43,7 @@ class FreshRSS extends Minz_FrontController { } } - private function loadStylesAndScripts($loginOk) { + private function loadStylesAndScripts() { $theme = FreshRSS_Themes::load($this->conf->theme); if ($theme) { foreach($theme['files'] as $file) { @@ -158,16 +61,6 @@ class FreshRSS extends Minz_FrontController { } } - switch (Minz_Configuration::authType()) { - case 'form': - if (!$loginOk) { - Minz_View::appendScript(Minz_Url::display('/scripts/bcrypt.min.js?' . @filemtime(PUBLIC_PATH . '/scripts/bcrypt.min.js'))); - } - break; - case 'persona': - Minz_View::appendScript('https://login.persona.org/include.js'); - break; - } Minz_View::appendScript(Minz_Url::display('/scripts/jquery.min.js?' . @filemtime(PUBLIC_PATH . '/scripts/jquery.min.js'))); Minz_View::appendScript(Minz_Url::display('/scripts/shortcut.js?' . @filemtime(PUBLIC_PATH . '/scripts/shortcut.js'))); Minz_View::appendScript(Minz_Url::display('/scripts/main.js?' . @filemtime(PUBLIC_PATH . '/scripts/main.js'))); diff --git a/app/Models/Auth.php b/app/Models/Auth.php new file mode 100644 index 000000000..c4a3abd98 --- /dev/null +++ b/app/Models/Auth.php @@ -0,0 +1,209 @@ +getMessage()); + } + + switch (Minz_Configuration::authType()) { + case 'form': + self::$login_ok = Minz_Session::param('passwordHash') === $conf->passwordHash; + break; + case 'http_auth': + self::$login_ok = strcasecmp($current_user, httpAuthUser()) === 0; + break; + case 'none': + self::$login_ok = true; + break; + default: + // TODO: extensions + self::$login_ok = false; + } + + Minz_Session::_param('loginOk', self::$login_ok); + } + + /** + * Returns if current user is connected. + * + * @return boolean true if user is connected, false else. + */ + public static function hasAccess() { + return self::$login_ok; + } + + /** + * Removes all accesses for the current user. + */ + public static function removeAccess() { + Minz_Session::_param('loginOk'); + self::$login_ok = false; + Minz_Session::_param('currentUser', Minz_Configuration::defaultUser()); + + switch (Minz_Configuration::authType()) { + case 'form': + Minz_Session::_param('passwordHash'); + FreshRSS_FormAuth::deleteCookie(); + break; + case 'http_auth': + case 'none': + // Nothing to do... + break; + default: + // TODO: extensions + } + } +} + + +class FreshRSS_FormAuth { + public static function checkCredentials($username, $hash, $nonce, $challenge) { + if (!ctype_alnum($username) || + !ctype_graph($challenge) || + !ctype_alnum($nonce)) { + Minz_Log::debug('Invalid credential parameters:' . + ' user=' . $username . + ' challenge=' . $challenge . + ' nonce=' . $nonce); + return false; + } + + if (!function_exists('password_verify')) { + include_once(LIB_PATH . '/password_compat.php'); + } + + return password_verify($nonce . $hash, $challenge); + } + + public static function getCredentialsFromCookie() { + $token = Minz_Session::getLongTermCookie('FreshRSS_login'); + if (!ctype_alnum($token)) { + return array(); + } + + $token_file = DATA_PATH . '/tokens/' . $token . '.txt'; + $mtime = @filemtime($token_file); + if ($mtime + 2629744 < time()) { + // Token has expired (> 1 month) or does not exist. + // TODO: 1 month -> use a configuration instead + @unlink($token_file); + return array(); + } + + $credentials = @file_get_contents($token_file); + return $credentials === false ? array() : explode("\t", $credentials, 2); + } + + public static function makeCookie($username, $password_hash) { + do { + $token = sha1(Minz_Configuration::salt() . $username . uniqid(mt_rand(), true)); + $token_file = DATA_PATH . '/tokens/' . $token . '.txt'; + } while (file_exists($token_file)); + + if (@file_put_contents($token_file, $username . "\t" . $password_hash) === false) { + return false; + } + + $expire = time() + 2629744; //1 month //TODO: Use a configuration instead + Minz_Session::setLongTermCookie('FreshRSS_login', $token, $expire); + return $token; + } + + public static function deleteCookie() { + $token = Minz_Session::getLongTermCookie('FreshRSS_login'); + Minz_Session::deleteLongTermCookie('FreshRSS_login'); + if (ctype_alnum($token)) { + @unlink(DATA_PATH . '/tokens/' . $token . '.txt'); + } + + if (rand(0, 10) === 1) { + self::purgeTokens(); + } + } + + public static function purgeTokens() { + $oldest = time() - 2629744; // 1 month // TODO: Use a configuration instead + foreach (new DirectoryIterator(DATA_PATH . '/tokens/') as $file_info) { + // $extension = $file_info->getExtension(); doesn't work in PHP < 5.3.7 + $extension = pathinfo($file_info->getFilename(), PATHINFO_EXTENSION); + if ($extension === 'txt' && $file_info->getMTime() < $oldest) { + @unlink($file_info->getPathname()); + } + } + } +} diff --git a/app/layout/aside_flux.phtml b/app/layout/aside_flux.phtml index a8ae2f424..a66be2ed9 100644 --- a/app/layout/aside_flux.phtml +++ b/app/layout/aside_flux.phtml @@ -2,7 +2,7 @@
      - loginOk) { ?> +
    • @@ -83,11 +83,11 @@
        • - loginOk) { ?> +
        • - loginOk) { ?> +
        • diff --git a/app/layout/header.phtml b/app/layout/header.phtml index 4b571ef06..fadfd13d7 100644 --- a/app/layout/header.phtml +++ b/app/layout/header.phtml @@ -1,22 +1,11 @@ @@ -32,7 +21,7 @@ if (Minz_Configuration::canLogIn()) {
        - loginOk || Minz_Configuration::allowAnonymous()) { ?> +
        @@ -59,7 +48,7 @@ if (Minz_Configuration::canLogIn()) {
        - loginOk) { ?> +
        @@ -87,15 +76,8 @@ if (Minz_Configuration::canLogIn()) {
      • +
      diff --git a/app/layout/nav_menu.phtml b/app/layout/nav_menu.phtml index a9e6614e7..090b55785 100644 --- a/app/layout/nav_menu.phtml +++ b/app/layout/nav_menu.phtml @@ -6,7 +6,7 @@ - loginOk) { ?> + diff --git a/app/views/helpers/view/normal_view.phtml b/app/views/helpers/view/normal_view.phtml index 109fad0eb..db25714bb 100644 --- a/app/views/helpers/view/normal_view.phtml +++ b/app/views/helpers/view/normal_view.phtml @@ -7,7 +7,7 @@ if (!empty($this->entries)) { $display_today = true; $display_yesterday = true; $display_others = true; - if ($this->loginOk) { + if (FreshRSS_Auth::hasAccess()) { $sharing = $this->conf->sharing; } else { $sharing = array(); @@ -58,7 +58,7 @@ if (!empty($this->entries)) { } ?>
        loginOk) { + if (FreshRSS_Auth::hasAccess()) { if ($topline_read) { ?>
      • 'entry', 'a' => 'read', 'params' => array('id' => $item->id())); @@ -103,7 +103,7 @@ if (!empty($this->entries)) { ?>
        loginOk) { + if (FreshRSS_Auth::hasAccess()) { if ($bottomline_read) { ?>
      • 'entry', 'a' => 'read', 'params' => array('id' => $item->id())); diff --git a/app/views/index/index.phtml b/app/views/index/index.phtml index 584792e29..a59063557 100644 --- a/app/views/index/index.phtml +++ b/app/views/index/index.phtml @@ -2,7 +2,7 @@ $output = Minz_Request::param('output', 'normal'); -if ($this->loginOk || Minz_Configuration::allowAnonymous()) { +if (FreshRSS_Auth::hasAccess() || Minz_Configuration::allowAnonymous()) { if ($output === 'normal') { $this->renderHelper('view/normal_view'); } elseif ($output === 'reader') { diff --git a/app/views/index/login.phtml b/app/views/index/login.phtml deleted file mode 100644 index 79fbe9d21..000000000 --- a/app/views/index/login.phtml +++ /dev/null @@ -1 +0,0 @@ -res); ?> diff --git a/app/views/index/logout.phtml b/app/views/index/logout.phtml deleted file mode 100644 index a0aba9318..000000000 --- a/app/views/index/logout.phtml +++ /dev/null @@ -1 +0,0 @@ -OK \ No newline at end of file diff --git a/app/views/index/resetAuth.phtml b/app/views/index/resetAuth.phtml deleted file mode 100644 index 6d4282c14..000000000 --- a/app/views/index/resetAuth.phtml +++ /dev/null @@ -1,33 +0,0 @@ -
        -

        - - message)) { ?> -

        - message['title']; ?>
        - message['body']; ?> -

        - - - no_form) { ?> - -

        -
        - -

        - -
        - - -
        -
        - - -
        - -
        -
        - -
        - - -
        -- cgit v1.2.3 From 1a22a87fb1b1fcb61d201de399c33c2185dc1f6e Mon Sep 17 00:00:00 2001 From: Marien Fressinaud Date: Mon, 20 Oct 2014 18:45:22 +0200 Subject: Use FreshRSS_Context::$conf only - Replace $this->view->conf in controllers - Replace $this->conf in views --- app/Controllers/authController.php | 6 +- app/Controllers/categoryController.php | 8 +-- app/Controllers/configureController.php | 92 +++++++++++++++--------------- app/Controllers/entryController.php | 6 +- app/Controllers/feedController.php | 18 +++--- app/Controllers/importExportController.php | 4 +- app/Controllers/indexController.php | 8 +-- app/Controllers/javascriptController.php | 2 +- app/Controllers/userController.php | 18 +++--- app/FreshRSS.php | 2 - app/layout/aside_flux.phtml | 8 +-- app/layout/layout.phtml | 2 +- app/layout/nav_menu.phtml | 14 ++--- app/views/auth/index.phtml | 4 +- app/views/configure/archiving.phtml | 10 ++-- app/views/configure/display.phtml | 30 +++++----- app/views/configure/queries.phtml | 4 +- app/views/configure/reading.phtml | 42 +++++++------- app/views/configure/sharing.phtml | 6 +- app/views/configure/shortcut.phtml | 2 +- app/views/helpers/javascript_vars.phtml | 16 +++--- app/views/helpers/pagination.phtml | 2 +- app/views/helpers/view/global_view.phtml | 6 +- app/views/helpers/view/normal_view.phtml | 30 +++++----- app/views/helpers/view/reader_view.phtml | 4 +- app/views/user/manage.phtml | 6 +- app/views/user/profil.phtml | 2 +- 27 files changed, 175 insertions(+), 177 deletions(-) (limited to 'app/layout/aside_flux.phtml') diff --git a/app/Controllers/authController.php b/app/Controllers/authController.php index d4b65d849..4af39cb71 100644 --- a/app/Controllers/authController.php +++ b/app/Controllers/authController.php @@ -26,10 +26,10 @@ class FreshRSS_auth_Controller extends Minz_ActionController { if (Minz_Request::isPost()) { $ok = true; - $current_token = $this->view->conf->token; + $current_token = FreshRSS_Context::$conf->token; $token = Minz_Request::param('token', $current_token); - $this->view->conf->_token($token); - $ok &= $this->view->conf->save(); + FreshRSS_Context::$conf->_token($token); + $ok &= FreshRSS_Context::$conf->save(); $anon = Minz_Request::param('anon_access', false); $anon = ((bool)$anon) && ($anon !== 'no'); diff --git a/app/Controllers/categoryController.php b/app/Controllers/categoryController.php index 537a2b210..977ce51be 100644 --- a/app/Controllers/categoryController.php +++ b/app/Controllers/categoryController.php @@ -136,8 +136,8 @@ class FreshRSS_category_Controller extends Minz_ActionController { } // Remove related queries. - $this->view->conf->remove_query_by_get('c_' . $id); - $this->view->conf->save(); + FreshRSS_Context::$conf->remove_query_by_get('c_' . $id); + FreshRSS_Context::$conf->save(); Minz_Request::good(_t('category_deleted'), $url_redirect); } @@ -172,9 +172,9 @@ class FreshRSS_category_Controller extends Minz_ActionController { // Remove related queries foreach ($feeds as $feed) { - $this->view->conf->remove_query_by_get('f_' . $feed->id()); + FreshRSS_Context::$conf->remove_query_by_get('f_' . $feed->id()); } - $this->view->conf->save(); + FreshRSS_Context::$conf->save(); Minz_Request::good(_t('category_emptied'), $url_redirect); } else { diff --git a/app/Controllers/configureController.php b/app/Controllers/configureController.php index fb8c1466e..8a9dcdc62 100755 --- a/app/Controllers/configureController.php +++ b/app/Controllers/configureController.php @@ -44,23 +44,23 @@ class FreshRSS_configure_Controller extends Minz_ActionController { */ public function displayAction() { if (Minz_Request::isPost()) { - $this->view->conf->_language(Minz_Request::param('language', 'en')); - $this->view->conf->_theme(Minz_Request::param('theme', FreshRSS_Themes::$defaultTheme)); - $this->view->conf->_content_width(Minz_Request::param('content_width', 'thin')); - $this->view->conf->_topline_read(Minz_Request::param('topline_read', false)); - $this->view->conf->_topline_favorite(Minz_Request::param('topline_favorite', false)); - $this->view->conf->_topline_date(Minz_Request::param('topline_date', false)); - $this->view->conf->_topline_link(Minz_Request::param('topline_link', false)); - $this->view->conf->_bottomline_read(Minz_Request::param('bottomline_read', false)); - $this->view->conf->_bottomline_favorite(Minz_Request::param('bottomline_favorite', false)); - $this->view->conf->_bottomline_sharing(Minz_Request::param('bottomline_sharing', false)); - $this->view->conf->_bottomline_tags(Minz_Request::param('bottomline_tags', false)); - $this->view->conf->_bottomline_date(Minz_Request::param('bottomline_date', false)); - $this->view->conf->_bottomline_link(Minz_Request::param('bottomline_link', false)); - $this->view->conf->_html5_notif_timeout(Minz_Request::param('html5_notif_timeout', 0)); - $this->view->conf->save(); - - Minz_Session::_param('language', $this->view->conf->language); + FreshRSS_Context::$conf->_language(Minz_Request::param('language', 'en')); + FreshRSS_Context::$conf->_theme(Minz_Request::param('theme', FreshRSS_Themes::$defaultTheme)); + FreshRSS_Context::$conf->_content_width(Minz_Request::param('content_width', 'thin')); + FreshRSS_Context::$conf->_topline_read(Minz_Request::param('topline_read', false)); + FreshRSS_Context::$conf->_topline_favorite(Minz_Request::param('topline_favorite', false)); + FreshRSS_Context::$conf->_topline_date(Minz_Request::param('topline_date', false)); + FreshRSS_Context::$conf->_topline_link(Minz_Request::param('topline_link', false)); + FreshRSS_Context::$conf->_bottomline_read(Minz_Request::param('bottomline_read', false)); + FreshRSS_Context::$conf->_bottomline_favorite(Minz_Request::param('bottomline_favorite', false)); + FreshRSS_Context::$conf->_bottomline_sharing(Minz_Request::param('bottomline_sharing', false)); + FreshRSS_Context::$conf->_bottomline_tags(Minz_Request::param('bottomline_tags', false)); + FreshRSS_Context::$conf->_bottomline_date(Minz_Request::param('bottomline_date', false)); + FreshRSS_Context::$conf->_bottomline_link(Minz_Request::param('bottomline_link', false)); + FreshRSS_Context::$conf->_html5_notif_timeout(Minz_Request::param('html5_notif_timeout', 0)); + FreshRSS_Context::$conf->save(); + + Minz_Session::_param('language', FreshRSS_Context::$conf->language); Minz_Translate::reset(); invalidateHttpCache(); @@ -102,27 +102,27 @@ class FreshRSS_configure_Controller extends Minz_ActionController { */ public function readingAction() { if (Minz_Request::isPost()) { - $this->view->conf->_posts_per_page(Minz_Request::param('posts_per_page', 10)); - $this->view->conf->_view_mode(Minz_Request::param('view_mode', 'normal')); - $this->view->conf->_default_view((int)Minz_Request::param('default_view', FreshRSS_Entry::STATE_ALL)); - $this->view->conf->_auto_load_more(Minz_Request::param('auto_load_more', false)); - $this->view->conf->_display_posts(Minz_Request::param('display_posts', false)); - $this->view->conf->_display_categories(Minz_Request::param('display_categories', false)); - $this->view->conf->_hide_read_feeds(Minz_Request::param('hide_read_feeds', false)); - $this->view->conf->_onread_jump_next(Minz_Request::param('onread_jump_next', false)); - $this->view->conf->_lazyload(Minz_Request::param('lazyload', false)); - $this->view->conf->_sticky_post(Minz_Request::param('sticky_post', false)); - $this->view->conf->_reading_confirm(Minz_Request::param('reading_confirm', false)); - $this->view->conf->_sort_order(Minz_Request::param('sort_order', 'DESC')); - $this->view->conf->_mark_when(array( + FreshRSS_Context::$conf->_posts_per_page(Minz_Request::param('posts_per_page', 10)); + FreshRSS_Context::$conf->_view_mode(Minz_Request::param('view_mode', 'normal')); + FreshRSS_Context::$conf->_default_view((int)Minz_Request::param('default_view', FreshRSS_Entry::STATE_ALL)); + FreshRSS_Context::$conf->_auto_load_more(Minz_Request::param('auto_load_more', false)); + FreshRSS_Context::$conf->_display_posts(Minz_Request::param('display_posts', false)); + FreshRSS_Context::$conf->_display_categories(Minz_Request::param('display_categories', false)); + FreshRSS_Context::$conf->_hide_read_feeds(Minz_Request::param('hide_read_feeds', false)); + FreshRSS_Context::$conf->_onread_jump_next(Minz_Request::param('onread_jump_next', false)); + FreshRSS_Context::$conf->_lazyload(Minz_Request::param('lazyload', false)); + FreshRSS_Context::$conf->_sticky_post(Minz_Request::param('sticky_post', false)); + FreshRSS_Context::$conf->_reading_confirm(Minz_Request::param('reading_confirm', false)); + FreshRSS_Context::$conf->_sort_order(Minz_Request::param('sort_order', 'DESC')); + FreshRSS_Context::$conf->_mark_when(array( 'article' => Minz_Request::param('mark_open_article', false), 'site' => Minz_Request::param('mark_open_site', false), 'scroll' => Minz_Request::param('mark_scroll', false), 'reception' => Minz_Request::param('mark_upon_reception', false), )); - $this->view->conf->save(); + FreshRSS_Context::$conf->save(); - Minz_Session::_param('language', $this->view->conf->language); + Minz_Session::_param('language', FreshRSS_Context::$conf->language); Minz_Translate::reset(); invalidateHttpCache(); @@ -143,8 +143,8 @@ class FreshRSS_configure_Controller extends Minz_ActionController { public function sharingAction() { if (Minz_Request::isPost()) { $params = Minz_Request::params(); - $this->view->conf->_sharing($params['share']); - $this->view->conf->save(); + FreshRSS_Context::$conf->_sharing($params['share']); + FreshRSS_Context::$conf->save(); invalidateHttpCache(); Minz_Request::good(_t('configuration_updated'), @@ -185,8 +185,8 @@ class FreshRSS_configure_Controller extends Minz_ActionController { } } - $this->view->conf->_shortcuts($shortcuts_ok); - $this->view->conf->save(); + FreshRSS_Context::$conf->_shortcuts($shortcuts_ok); + FreshRSS_Context::$conf->save(); invalidateHttpCache(); Minz_Request::good(_t('shortcuts_updated'), @@ -213,10 +213,10 @@ class FreshRSS_configure_Controller extends Minz_ActionController { */ public function archivingAction() { if (Minz_Request::isPost()) { - $this->view->conf->_old_entries(Minz_Request::param('old_entries', 3)); - $this->view->conf->_keep_history_default(Minz_Request::param('keep_history_default', 0)); - $this->view->conf->_ttl_default(Minz_Request::param('ttl_default', -2)); - $this->view->conf->save(); + FreshRSS_Context::$conf->_old_entries(Minz_Request::param('old_entries', 3)); + FreshRSS_Context::$conf->_keep_history_default(Minz_Request::param('keep_history_default', 0)); + FreshRSS_Context::$conf->_ttl_default(Minz_Request::param('ttl_default', -2)); + FreshRSS_Context::$conf->save(); invalidateHttpCache(); Minz_Request::good(_t('configuration_updated'), @@ -253,8 +253,8 @@ class FreshRSS_configure_Controller extends Minz_ActionController { $query['name'] = _t('query_number', $key + 1); } } - $this->view->conf->_queries($queries); - $this->view->conf->save(); + FreshRSS_Context::$conf->_queries($queries); + FreshRSS_Context::$conf->save(); Minz_Request::good(_t('configuration_updated'), array('c' => 'configure', 'a' => 'queries')); @@ -262,7 +262,7 @@ class FreshRSS_configure_Controller extends Minz_ActionController { $this->view->query_get = array(); $cat_dao = new FreshRSS_CategoryDAO(); $feed_dao = FreshRSS_Factory::createFeedDao(); - foreach ($this->view->conf->queries as $key => $query) { + foreach (FreshRSS_Context::$conf->queries as $key => $query) { if (!isset($query['get'])) { continue; } @@ -330,7 +330,7 @@ class FreshRSS_configure_Controller extends Minz_ActionController { */ public function addQueryAction() { $whitelist = array('get', 'order', 'name', 'search', 'state'); - $queries = $this->view->conf->queries; + $queries = FreshRSS_Context::$conf->queries; $query = Minz_Request::params(); $query['name'] = _t('query_number', count($queries) + 1); foreach ($query as $key => $value) { @@ -342,8 +342,8 @@ class FreshRSS_configure_Controller extends Minz_ActionController { $query['state'] -= FreshRSS_Entry::STATE_STRICT; } $queries[] = $query; - $this->view->conf->_queries($queries); - $this->view->conf->save(); + FreshRSS_Context::$conf->_queries($queries); + FreshRSS_Context::$conf->save(); Minz_Request::good(_t('query_created', $query['name']), array('c' => 'configure', 'a' => 'queries')); diff --git a/app/Controllers/entryController.php b/app/Controllers/entryController.php index a1dfacb4d..449029648 100755 --- a/app/Controllers/entryController.php +++ b/app/Controllers/entryController.php @@ -21,7 +21,7 @@ class FreshRSS_entry_Controller extends Minz_ActionController { // the end. $this->params = array(); $output = Minz_Request::param('output', ''); - if ($output != '' && $this->view->conf->view_mode !== $output) { + if ($output != '' && FreshRSS_Context::$conf->view_mode !== $output) { $this->params['output'] = $output; } @@ -167,7 +167,7 @@ class FreshRSS_entry_Controller extends Minz_ActionController { public function purgeAction() { @set_time_limit(300); - $nb_month_old = max($this->view->conf->old_entries, 1); + $nb_month_old = max(FreshRSS_Context::$conf->old_entries, 1); $date_min = time() - (3600 * 24 * 30 * $nb_month_old); $feedDAO = FreshRSS_Factory::createFeedDao(); @@ -181,7 +181,7 @@ class FreshRSS_entry_Controller extends Minz_ActionController { if ($feed_history == -2) { // TODO: -2 must be a constant! // -2 means we take the default value from configuration - $feed_history = $this->view->conf->keep_history_default; + $feed_history = FreshRSS_Context::$conf->keep_history_default; } if ($feed_history >= 0) { diff --git a/app/Controllers/feedController.php b/app/Controllers/feedController.php index 2a7238eaf..c2859edf4 100755 --- a/app/Controllers/feedController.php +++ b/app/Controllers/feedController.php @@ -14,7 +14,7 @@ class FreshRSS_feed_Controller extends Minz_ActionController { // Token is useful in the case that anonymous refresh is forbidden // and CRON task cannot be used with php command so the user can // set a CRON task to refresh his feeds by using token inside url - $token = $this->view->conf->token; + $token = FreshRSS_Context::$conf->token; $token_param = Minz_Request::param('token', ''); $token_is_ok = ($token != '' && $token == $token_param); $action = Minz_Request::actionName(); @@ -154,14 +154,14 @@ class FreshRSS_feed_Controller extends Minz_ActionController { $feed->_id($id); $feed->faviconPrepare(); - $is_read = $this->view->conf->mark_when['reception'] ? 1 : 0; + $is_read = FreshRSS_Context::$conf->mark_when['reception'] ? 1 : 0; $entryDAO = FreshRSS_Factory::createEntryDao(); // We want chronological order and SimplePie uses reverse order. $entries = array_reverse($feed->entries()); // Calculate date of oldest entries we accept in DB. - $nb_month_old = $this->view->conf->old_entries; + $nb_month_old = FreshRSS_Context::$conf->old_entries; $date_min = time() - (3600 * 24 * 30 * $nb_month_old); // Use a shared statement and a transaction to improve a LOT the @@ -265,15 +265,15 @@ class FreshRSS_feed_Controller extends Minz_ActionController { $feeds[] = $feed; } } else { - $feeds = $feedDAO->listFeedsOrderUpdate($this->view->conf->ttl_default); + $feeds = $feedDAO->listFeedsOrderUpdate(FreshRSS_Context::$conf->ttl_default); } // Calculate date of oldest entries we accept in DB. - $nb_month_old = max($this->view->conf->old_entries, 1); + $nb_month_old = max(FreshRSS_Context::$conf->old_entries, 1); $date_min = time() - (3600 * 24 * 30 * $nb_month_old); $updated_feeds = 0; - $is_read = $this->view->conf->mark_when['reception'] ? 1 : 0; + $is_read = FreshRSS_Context::$conf->mark_when['reception'] ? 1 : 0; foreach ($feeds as $feed) { if (!$feed->lock()) { Minz_Log::notice('Feed already being actualized: ' . $feed->url()); @@ -294,7 +294,7 @@ class FreshRSS_feed_Controller extends Minz_ActionController { if ($feed_history == -2) { // TODO: -2 must be a constant! // -2 means we take the default value from configuration - $feed_history = $this->view->conf->keep_history_default; + $feed_history = FreshRSS_Context::$conf->keep_history_default; } // We want chronological order and SimplePie uses reverse order. @@ -470,8 +470,8 @@ class FreshRSS_feed_Controller extends Minz_ActionController { // TODO: Delete old favicon // Remove related queries - $this->view->conf->remove_query_by_get('f_' . $id); - $this->view->conf->save(); + FreshRSS_Context::$conf->remove_query_by_get('f_' . $id); + FreshRSS_Context::$conf->save(); Minz_Request::good(_t('feed_deleted'), $redirect_url); } else { diff --git a/app/Controllers/importExportController.php b/app/Controllers/importExportController.php index aaac1b68b..ab277e688 100644 --- a/app/Controllers/importExportController.php +++ b/app/Controllers/importExportController.php @@ -289,7 +289,7 @@ class FreshRSS_importExport_Controller extends Minz_ActionController { return true; } - $is_read = $this->view->conf->mark_when['reception'] ? 1 : 0; + $is_read = FreshRSS_Context::$conf->mark_when['reception'] ? 1 : 0; $google_compliant = strpos($article_object['id'], 'com.google') !== false; @@ -484,7 +484,7 @@ class FreshRSS_importExport_Controller extends Minz_ActionController { $this->view->type = 'feed/' . $feed->id(); $this->view->entries = $this->entryDAO->listWhere( 'f', $feed->id(), FreshRSS_Entry::STATE_ALL, 'ASC', - $this->view->conf->posts_per_page + FreshRSS_Context::$conf->posts_per_page ); $this->view->feed = $feed; } diff --git a/app/Controllers/indexController.php b/app/Controllers/indexController.php index 5b490e672..f994e257c 100755 --- a/app/Controllers/indexController.php +++ b/app/Controllers/indexController.php @@ -5,7 +5,7 @@ class FreshRSS_index_Controller extends Minz_ActionController { public function indexAction() { $output = Minz_Request::param('output'); - $token = $this->view->conf->token; + $token = FreshRSS_Context::$conf->token; // check if user is logged in if (!FreshRSS_Auth::hasAccess() && !Minz_Configuration::allowAnonymous()) { @@ -76,11 +76,11 @@ class FreshRSS_index_Controller extends Minz_ActionController { ); // On récupère les différents éléments de filtrage - $this->view->state = Minz_Request::param('state', $this->view->conf->default_view); + $this->view->state = Minz_Request::param('state', FreshRSS_Context::$conf->default_view); $state_param = Minz_Request::param('state', null); $filter = Minz_Request::param('search', ''); - $this->view->order = $order = Minz_Request::param('order', $this->view->conf->sort_order); - $nb = Minz_Request::param('nb', $this->view->conf->posts_per_page); + $this->view->order = $order = Minz_Request::param('order', FreshRSS_Context::$conf->sort_order); + $nb = Minz_Request::param('nb', FreshRSS_Context::$conf->posts_per_page); $first = Minz_Request::param('next', ''); $ajax_request = Minz_Request::param('ajax', false); diff --git a/app/Controllers/javascriptController.php b/app/Controllers/javascriptController.php index 14e6f36de..62f413989 100755 --- a/app/Controllers/javascriptController.php +++ b/app/Controllers/javascriptController.php @@ -8,7 +8,7 @@ class FreshRSS_javascript_Controller extends Minz_ActionController { public function actualizeAction() { header('Content-Type: text/javascript; charset=UTF-8'); $feedDAO = FreshRSS_Factory::createFeedDao(); - $this->view->feeds = $feedDAO->listFeedsOrderUpdate($this->view->conf->ttl_default); + $this->view->feeds = $feedDAO->listFeedsOrderUpdate(FreshRSS_Context::$conf->ttl_default); } public function nbUnreadsPerFeedAction() { diff --git a/app/Controllers/userController.php b/app/Controllers/userController.php index d5c90a382..61d33437d 100644 --- a/app/Controllers/userController.php +++ b/app/Controllers/userController.php @@ -42,9 +42,9 @@ class FreshRSS_user_Controller extends Minz_ActionController { $passwordPlain = ''; $passwordHash = preg_replace('/^\$2[xy]\$/', '\$2a\$', $passwordHash); //Compatibility with bcrypt.js $ok &= ($passwordHash != ''); - $this->view->conf->_passwordHash($passwordHash); + FreshRSS_Context::$conf->_passwordHash($passwordHash); } - Minz_Session::_param('passwordHash', $this->view->conf->passwordHash); + Minz_Session::_param('passwordHash', FreshRSS_Context::$conf->passwordHash); $passwordPlain = Minz_Request::param('apiPasswordPlain', '', true); if ($passwordPlain != '') { @@ -55,17 +55,17 @@ class FreshRSS_user_Controller extends Minz_ActionController { $passwordPlain = ''; $passwordHash = preg_replace('/^\$2[xy]\$/', '\$2a\$', $passwordHash); //Compatibility with bcrypt.js $ok &= ($passwordHash != ''); - $this->view->conf->_apiPasswordHash($passwordHash); + FreshRSS_Context::$conf->_apiPasswordHash($passwordHash); } // TODO: why do we need of hasAccess here? if (FreshRSS_Auth::hasAccess('admin')) { - $this->view->conf->_mail_login(Minz_Request::param('mail_login', '', true)); + FreshRSS_Context::$conf->_mail_login(Minz_Request::param('mail_login', '', true)); } - $email = $this->view->conf->mail_login; + $email = FreshRSS_Context::$conf->mail_login; Minz_Session::_param('mail', $email); - $ok &= $this->view->conf->save(); + $ok &= FreshRSS_Context::$conf->save(); if ($email != '') { $personaFile = DATA_PATH . '/persona/' . $email . '.txt'; @@ -113,9 +113,9 @@ class FreshRSS_user_Controller extends Minz_ActionController { $db = Minz_Configuration::dataBase(); require_once(APP_PATH . '/SQL/install.sql.' . $db['type'] . '.php'); - $new_user_language = Minz_Request::param('new_user_language', $this->view->conf->language); - if (!in_array($new_user_language, $this->view->conf->availableLanguages())) { - $new_user_language = $this->view->conf->language; + $new_user_language = Minz_Request::param('new_user_language', FreshRSS_Context::$conf->language); + if (!in_array($new_user_language, FreshRSS_Context::$conf->availableLanguages())) { + $new_user_language = FreshRSS_Context::$conf->language; } $new_user_name = Minz_Request::param('new_user_name'); diff --git a/app/FreshRSS.php b/app/FreshRSS.php index e1399ad78..752b14e31 100644 --- a/app/FreshRSS.php +++ b/app/FreshRSS.php @@ -24,9 +24,7 @@ class FreshRSS extends Minz_FrontController { } // Load context and configuration. - // TODO: remove $this->view->conf variable which is contained in context FreshRSS_Context::init(); - Minz_View::_param('conf', FreshRSS_Context::$conf); $this->loadParamsView(); $this->loadStylesAndScripts(); diff --git a/app/layout/aside_flux.phtml b/app/layout/aside_flux.phtml index a66be2ed9..114ccbf56 100644 --- a/app/layout/aside_flux.phtml +++ b/app/layout/aside_flux.phtml @@ -1,4 +1,4 @@ -
        +
          @@ -17,7 +17,7 @@ 'index', 'a' => 'index', 'params' => array()); - if ($this->conf->view_mode !== Minz_Request::param('output', 'normal')) { + if (FreshRSS_Context::$conf->view_mode !== Minz_Request::param('output', 'normal')) { $arUrl['params']['output'] = 'normal'; } ?> @@ -47,7 +47,7 @@ $c_show = false; if ($this->get_c == $cat->id()) { $c_active = true; - if (!$this->conf->display_categories || $this->get_f) { + if (!FreshRSS_Context::$conf->display_categories || $this->get_f) { $c_show = true; } } @@ -92,7 +92,7 @@
        • - conf->reading_confirm ? 'confirm' : ''; ?> + reading_confirm ? 'confirm' : ''; ?>
          • - conf->queries as $query) { ?> + queries as $query) { ?>
          • - conf->queries) > 0) { ?> + queries) > 0) { ?>
        • @@ -132,7 +132,7 @@ $string_mark = _t('mark_cat_read'); } $nextGet = $get; - if ($this->conf->onread_jump_next && strlen($get) > 2) { + if (FreshRSS_Context::$conf->onread_jump_next && strlen($get) > 2) { $anotherUnreadId = ''; $foundCurrent = false; switch ($get[0]) { @@ -180,7 +180,7 @@ $arUrl = array('c' => 'entry', 'a' => 'read', 'params' => array('get' => $get, 'nextGet' => $nextGet, 'idMax' => $idMax)); $output = Minz_Request::param('output', ''); - if ($output != '' && $this->conf->view_mode !== $output) { + if ($output != '' && FreshRSS_Context::$conf->view_mode !== $output) { $arUrl['params']['output'] = $output; } $markReadUrl = Minz_Url::display($arUrl); @@ -190,7 +190,7 @@ @@ -28,9 +28,9 @@
        @@ -39,9 +39,9 @@
        @@ -49,7 +49,7 @@
        @@ -58,7 +58,7 @@
        @@ -68,7 +68,7 @@
        @@ -78,7 +78,7 @@
        @@ -88,7 +88,7 @@
        @@ -98,7 +98,7 @@
        @@ -108,7 +108,7 @@
        @@ -119,19 +119,19 @@
        @@ -141,7 +141,7 @@
        diff --git a/app/views/configure/sharing.phtml b/app/views/configure/sharing.phtml index 09c1e6f40..ef5e85a0c 100644 --- a/app/views/configure/sharing.phtml +++ b/app/views/configure/sharing.phtml @@ -15,8 +15,8 @@
        '> - conf->sharing as $key => $sharing): ?> - conf->shares[$sharing['type']]; ?> + sharing as $key => $sharing): ?> + shares[$sharing['type']]; ?>