From 64d1026dd979740010088d1f4237f6dc2a4f4cfd Mon Sep 17 00:00:00 2001
From: Marien Fressinaud <dev@marienfressinaud.fr>
Date: Sun, 5 Oct 2014 17:55:35 +0200
Subject: Move usersAction into usersController

---
 app/layout/header.phtml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'app/layout/header.phtml')

diff --git a/app/layout/header.phtml b/app/layout/header.phtml
index 028e63d8a..4b571ef06 100644
--- a/app/layout/header.phtml
+++ b/app/layout/header.phtml
@@ -74,7 +74,7 @@ if (Minz_Configuration::canLogIn()) {
 				<li class="item"><a href="<?php echo _url('configure', 'shortcut'); ?>"><?php echo _t('shortcuts'); ?></a></li>
 				<li class="item"><a href="<?php echo _url('configure', 'queries'); ?>"><?php echo _t('queries'); ?></a></li>
 				<li class="separator"></li>
-				<li class="item"><a href="<?php echo _url('configure', 'users'); ?>"><?php echo _t('users'); ?></a></li>
+				<li class="item"><a href="<?php echo _url('users', 'index'); ?>"><?php echo _t('users'); ?></a></li>
 				<?php
 					$current_user = Minz_Session::param('currentUser', '');
 					if (Minz_Configuration::isAdmin($current_user)) {
-- 
cgit v1.2.3


From 79aa5beaf44af13a1828bfa5fc824a08c62054dc Mon Sep 17 00:00:00 2001
From: Marien Fressinaud <dev@marienfressinaud.fr>
Date: Mon, 6 Oct 2014 23:29:20 +0200
Subject: Refactor authentication system.

Big work, not finished. A lot of features have been removed.

See https://github.com/marienfressinaud/FreshRSS/issues/655
---
 app/Controllers/categoryController.php     |   2 +-
 app/Controllers/configureController.php    |   2 +-
 app/Controllers/entryController.php        |   2 +-
 app/Controllers/feedController.php         |   2 +-
 app/Controllers/importExportController.php |   2 +-
 app/Controllers/indexController.php        | 296 ++++++-----------------------
 app/Controllers/statsController.php        |   2 +-
 app/Controllers/subscriptionController.php |   2 +-
 app/Controllers/updateController.php       |   2 +-
 app/Controllers/usersController.php        |   2 +-
 app/FreshRSS.php                           | 135 ++-----------
 app/Models/Auth.php                        | 209 ++++++++++++++++++++
 app/layout/aside_flux.phtml                |   6 +-
 app/layout/header.phtml                    |  32 +---
 app/layout/nav_menu.phtml                  |   4 +-
 app/views/helpers/view/normal_view.phtml   |   6 +-
 app/views/index/index.phtml                |   2 +-
 app/views/index/login.phtml                |   1 -
 app/views/index/logout.phtml               |   1 -
 app/views/index/resetAuth.phtml            |  33 ----
 20 files changed, 309 insertions(+), 434 deletions(-)
 create mode 100644 app/Models/Auth.php
 delete mode 100644 app/views/index/login.phtml
 delete mode 100644 app/views/index/logout.phtml
 delete mode 100644 app/views/index/resetAuth.phtml

(limited to 'app/layout/header.phtml')

diff --git a/app/Controllers/categoryController.php b/app/Controllers/categoryController.php
index c79f37fa4..537a2b210 100644
--- a/app/Controllers/categoryController.php
+++ b/app/Controllers/categoryController.php
@@ -12,7 +12,7 @@ class FreshRSS_category_Controller extends Minz_ActionController {
 	 *
 	 */
 	public function firstAction() {
-		if (!$this->view->loginOk) {
+		if (!FreshRSS_Auth::hasAccess()) {
 			Minz_Error::error(
 				403,
 				array('error' => array(_t('access_denied')))
diff --git a/app/Controllers/configureController.php b/app/Controllers/configureController.php
index 789e9dfb0..7e77a757a 100755
--- a/app/Controllers/configureController.php
+++ b/app/Controllers/configureController.php
@@ -10,7 +10,7 @@ class FreshRSS_configure_Controller extends Minz_ActionController {
 	 * underlying framework.
 	 */
 	public function firstAction() {
-		if (!$this->view->loginOk) {
+		if (!FreshRSS_Auth::hasAccess()) {
 			Minz_Error::error(
 				403,
 				array('error' => array(_t('access_denied')))
diff --git a/app/Controllers/entryController.php b/app/Controllers/entryController.php
index c46fbf346..a1dfacb4d 100755
--- a/app/Controllers/entryController.php
+++ b/app/Controllers/entryController.php
@@ -10,7 +10,7 @@ class FreshRSS_entry_Controller extends Minz_ActionController {
 	 * underlying framework.
 	 */
 	public function firstAction() {
-		if (!$this->view->loginOk) {
+		if (!FreshRSS_Auth::hasAccess()) {
 			Minz_Error::error(
 				403,
 				array('error' => array(_t('access_denied')))
diff --git a/app/Controllers/feedController.php b/app/Controllers/feedController.php
index 18829d252..2a7238eaf 100755
--- a/app/Controllers/feedController.php
+++ b/app/Controllers/feedController.php
@@ -10,7 +10,7 @@ class FreshRSS_feed_Controller extends Minz_ActionController {
 	 * underlying framework.
 	 */
 	public function firstAction() {
-		if (!$this->view->loginOk) {
+		if (!FreshRSS_Auth::hasAccess()) {
 			// Token is useful in the case that anonymous refresh is forbidden
 			// and CRON task cannot be used with php command so the user can
 			// set a CRON task to refresh his feeds by using token inside url
diff --git a/app/Controllers/importExportController.php b/app/Controllers/importExportController.php
index 57759f277..aaac1b68b 100644
--- a/app/Controllers/importExportController.php
+++ b/app/Controllers/importExportController.php
@@ -10,7 +10,7 @@ class FreshRSS_importExport_Controller extends Minz_ActionController {
 	 * underlying framework.
 	 */
 	public function firstAction() {
-		if (!$this->view->loginOk) {
+		if (!FreshRSS_Auth::hasAccess()) {
 			Minz_Error::error(
 				403,
 				array('error' => array(_t('access_denied')))
diff --git a/app/Controllers/indexController.php b/app/Controllers/indexController.php
index 0d2eff700..3006480f9 100755
--- a/app/Controllers/indexController.php
+++ b/app/Controllers/indexController.php
@@ -8,7 +8,7 @@ class FreshRSS_index_Controller extends Minz_ActionController {
 		$token = $this->view->conf->token;
 
 		// check if user is logged in
-		if (!$this->view->loginOk && !Minz_Configuration::allowAnonymous()) {
+		if (!FreshRSS_Auth::hasAccess() && !Minz_Configuration::allowAnonymous()) {
 			$token_param = Minz_Request::param('token', '');
 			$token_is_ok = ($token != '' && $token === $token_param);
 			if ($output === 'rss' && !$token_is_ok) {
@@ -20,7 +20,7 @@ class FreshRSS_index_Controller extends Minz_ActionController {
 			} elseif ($output !== 'rss') {
 				// "hard" redirection is not required, just ask dispatcher to
 				// forward to the login form without 302 redirection
-				Minz_Request::forward(array('c' => 'index', 'a' => 'formLogin'));
+				Minz_Request::forward(array('c' => 'index', 'a' => 'login'));
 				return;
 			}
 		}
@@ -207,7 +207,7 @@ class FreshRSS_index_Controller extends Minz_ActionController {
 	}
 
 	public function logsAction() {
-		if (!$this->view->loginOk) {
+		if (!FreshRSS_Auth::hasAccess()) {
 			Minz_Error::error(
 				403,
 				array('error' => array(_t('access_denied')))
@@ -229,265 +229,91 @@ class FreshRSS_index_Controller extends Minz_ActionController {
 		$this->view->logsPaginator->_currentPage($page);
 	}
 
+	/**
+	 * This action handles the login page.
+	 */
 	public function loginAction() {
-		$this->view->_useLayout(false);
-
-		$url = 'https://verifier.login.persona.org/verify';
-		$assert = Minz_Request::param('assertion');
-		$params = 'assertion=' . $assert . '&audience=' .
-		          urlencode(Minz_Url::display(null, 'php', true));
-		$ch = curl_init();
-		$options = array(
-			CURLOPT_URL => $url,
-			CURLOPT_RETURNTRANSFER => TRUE,
-			CURLOPT_POST => 2,
-			CURLOPT_POSTFIELDS => $params
-		);
-		curl_setopt_array($ch, $options);
-		$result = curl_exec($ch);
-		curl_close($ch);
-
-		$res = json_decode($result, true);
-
-		$loginOk = false;
-		$reason = '';
-		if ($res['status'] === 'okay') {
-			$email = filter_var($res['email'], FILTER_VALIDATE_EMAIL);
-			if ($email != '') {
-				$personaFile = DATA_PATH . '/persona/' . $email . '.txt';
-				if (($currentUser = @file_get_contents($personaFile)) !== false) {
-					$currentUser = trim($currentUser);
-					if (ctype_alnum($currentUser)) {
-						try {
-							$this->conf = new FreshRSS_Configuration($currentUser);
-							$loginOk = strcasecmp($email, $this->conf->mail_login) === 0;
-						} catch (Minz_Exception $e) {
-							$reason = 'Invalid configuration for user [' . $currentUser . ']! ' . $e->getMessage();	//Permission denied or conf file does not exist
-						}
-					} else {
-						$reason = 'Invalid username format [' . $currentUser . ']!';
-					}
-				}
-			} else {
-				$reason = 'Invalid email format [' . $res['email'] . ']!';
-			}
-		}
-		if ($loginOk) {
-			Minz_Session::_param('currentUser', $currentUser);
-			Minz_Session::_param('mail', $email);
-			$this->view->loginOk = true;
-			invalidateHttpCache();
-		} else {
-			$res = array();
-			$res['status'] = 'failure';
-			$res['reason'] = $reason == '' ? _t('invalid_login') : $reason;
-			Minz_Log::warning('Persona: ' . $res['reason']);
+		if (FreshRSS_Auth::hasAccess()) {
+			Minz_Request::forward(array('c' => 'index', 'a' => 'index'), true);
 		}
 
-		header('Content-Type: application/json; charset=UTF-8');
-		$this->view->res = json_encode($res);
-	}
-
-	public function logoutAction() {
-		$this->view->_useLayout(false);
 		invalidateHttpCache();
-		Minz_Session::_param('currentUser');
-		Minz_Session::_param('mail');
-		Minz_Session::_param('passwordHash');
-	}
-
-	private static function makeLongTermCookie($username, $passwordHash) {
-		do {
-			$token = sha1(Minz_Configuration::salt() . $username . uniqid(mt_rand(), true));
-			$tokenFile = DATA_PATH . '/tokens/' . $token . '.txt';
-		} while (file_exists($tokenFile));
-		if (@file_put_contents($tokenFile, $username . "\t" . $passwordHash) === false) {
-			return false;
-		}
-		$expire = time() + 2629744;	//1 month	//TODO: Use a configuration instead
-		Minz_Session::setLongTermCookie('FreshRSS_login', $token, $expire);
-		Minz_Session::_param('token', $token);
-		return $token;
-	}
-
-	private static function deleteLongTermCookie() {
-		Minz_Session::deleteLongTermCookie('FreshRSS_login');
-		$token = Minz_Session::param('token', null);
-		if (ctype_alnum($token)) {
-			@unlink(DATA_PATH . '/tokens/' . $token . '.txt');
-		}
-		Minz_Session::_param('token');
-		if (rand(0, 10) === 1) {
-			self::purgeTokens();
-		}
-	}
 
-	private static function purgeTokens() {
-		$oldest = time() - 2629744;	//1 month	//TODO: Use a configuration instead
-		foreach (new DirectoryIterator(DATA_PATH . '/tokens/') as $fileInfo) {
-			if ($fileInfo->getExtension() === 'txt' && $fileInfo->getMTime() < $oldest) {
-				@unlink($fileInfo->getPathname());
-			}
+		$auth_type = Minz_Configuration::authType();
+		switch ($auth_type) {
+		case 'form':
+			Minz_Request::forward(array('c' => 'index', 'a' => 'formLogin'));
+			break;
+		case 'http_auth':
+		case 'none':
+			// It should not happened!
+			Minz_Error::error(404);
+		default:
+			// TODO load plugin instead
+			Minz_Error::error(404);
 		}
 	}
 
+	/**
+	 *
+	 */
 	public function formLoginAction() {
-		if ($this->view->loginOk) {
+		if (FreshRSS_Auth::hasAccess()) {
 			Minz_Request::forward(array('c' => 'index', 'a' => 'index'), true);
 		}
 
-		if (Minz_Request::isPost()) {
-			$ok = false;
-			$nonce = Minz_Session::param('nonce');
-			$username = Minz_Request::param('username', '');
-			$c = Minz_Request::param('challenge', '');
-			if (ctype_alnum($username) && ctype_graph($c) && ctype_alnum($nonce)) {
-				if (!function_exists('password_verify')) {
-					include_once(LIB_PATH . '/password_compat.php');
-				}
-				try {
-					$conf = new FreshRSS_Configuration($username);
-					$s = $conf->passwordHash;
-					$ok = password_verify($nonce . $s, $c);
-					if ($ok) {
-						Minz_Session::_param('currentUser', $username);
-						Minz_Session::_param('passwordHash', $s);
-						if (Minz_Request::param('keep_logged_in', false)) {
-							self::makeLongTermCookie($username, $s);
-						} else {
-							self::deleteLongTermCookie();
-						}
-					} else {
-						Minz_Log::warning('Password mismatch for user ' . $username . ', nonce=' . $nonce . ', c=' . $c);
-					}
-				} catch (Minz_Exception $me) {
-					Minz_Log::warning('Login failure: ' . $me->getMessage());
-				}
-			} else {
-				Minz_Log::debug('Invalid credential parameters: user=' . $username . ' challenge=' . $c . ' nonce=' . $nonce);
-			}
-			if (!$ok) {
-				$notif = array(
-					'type' => 'bad',
-					'content' => _t('invalid_login')
-				);
-				Minz_Session::_param('notification', $notif);
-			}
-			$this->view->_useLayout(false);
-			Minz_Request::forward(array('c' => 'index', 'a' => 'index'), true);
-		} elseif (Minz_Configuration::unsafeAutologinEnabled() && isset($_GET['u']) && isset($_GET['p'])) {
-			Minz_Session::_param('currentUser');
-			Minz_Session::_param('mail');
-			Minz_Session::_param('passwordHash');
-			$username = ctype_alnum($_GET['u']) ? $_GET['u'] : '';
-			$passwordPlain = $_GET['p'];
-			Minz_Request::_param('p');	//Discard plain-text password ASAP
-			$_GET['p'] = '';
-			if (!function_exists('password_verify')) {
-				include_once(LIB_PATH . '/password_compat.php');
-			}
-			try {
-				$conf = new FreshRSS_Configuration($username);
-				$s = $conf->passwordHash;
-				$ok = password_verify($passwordPlain, $s);
-				unset($passwordPlain);
-				if ($ok) {
-					Minz_Session::_param('currentUser', $username);
-					Minz_Session::_param('passwordHash', $s);
-				} else {
-					Minz_Log::warning('Unsafe password mismatch for user ' . $username);
-				}
-			} catch (Minz_Exception $me) {
-				Minz_Log::warning('Unsafe login failure: ' . $me->getMessage());
-			}
-			Minz_Request::forward(array('c' => 'index', 'a' => 'index'), true);
-		} elseif (!Minz_Configuration::canLogIn()) {
-			Minz_Error::error(
-				403,
-				array('error' => array(_t('access_denied')))
-			);
-		}
 		invalidateHttpCache();
-	}
 
-	public function formLogoutAction() {
-		$this->view->_useLayout(false);
-		invalidateHttpCache();
-		Minz_Session::_param('currentUser');
-		Minz_Session::_param('mail');
-		Minz_Session::_param('passwordHash');
-		self::deleteLongTermCookie();
-		Minz_Request::forward(array('c' => 'index', 'a' => 'index'), true);
-	}
-
-	public function resetAuthAction() {
-		Minz_View::prependTitle(_t('auth_reset') . ' · ');
-		Minz_View::appendScript(Minz_Url::display(
-			'/scripts/bcrypt.min.js?' . @filemtime(PUBLIC_PATH . '/scripts/bcrypt.min.js')
-		));
-
-		$this->view->no_form = false;
-		// Enable changement of auth only if Persona!
-		if (Minz_Configuration::authType() != 'persona') {
-			$this->view->message = array(
-				'status' => 'bad',
-				'title' => _t('damn'),
-				'body' => _t('auth_not_persona')
-			);
-			$this->view->no_form = true;
-			return;
-		}
-
-		$conf = new FreshRSS_Configuration(Minz_Configuration::defaultUser());
-		// Admin user must have set its master password.
-		if (!$conf->passwordHash) {
-			$this->view->message = array(
-				'status' => 'bad',
-				'title' => _t('damn'),
-				'body' => _t('auth_no_password_set')
-			);
-			$this->view->no_form = true;
-			return;
-		}
-
-		invalidateHttpCache();
+		$file_mtime = @filemtime(PUBLIC_PATH . '/scripts/bcrypt.min.js');
+		Minz_View::appendScript(Minz_Url::display('/scripts/bcrypt.min.js?' . $file_mtime));
 
 		if (Minz_Request::isPost()) {
 			$nonce = Minz_Session::param('nonce');
 			$username = Minz_Request::param('username', '');
-			$c = Minz_Request::param('challenge', '');
-			if (!(ctype_alnum($username) && ctype_graph($c) && ctype_alnum($nonce))) {
-				Minz_Log::debug('Invalid credential parameters:' .
-				                ' user=' . $username .
-				                ' challenge=' . $c .
-				                ' nonce=' . $nonce);
+			$challenge = Minz_Request::param('challenge', '');
+			try {
+				$conf = new FreshRSS_Configuration($username);
+			} catch(Minz_Exception $e) {
+				// $username is not a valid user, nor the configuration file!
+				Minz_Log::warning('Login failure: ' . $e->getMessage());
 				Minz_Request::bad(_t('invalid_login'),
-				                  array('c' => 'index', 'a' => 'resetAuth'));
-			}
-
-			if (!function_exists('password_verify')) {
-				include_once(LIB_PATH . '/password_compat.php');
+				                  array('c' => 'index', 'a' => 'login'));
 			}
 
-			$s = $conf->passwordHash;
-			$ok = password_verify($nonce . $s, $c);
+			$ok = FreshRSS_FormAuth::checkCredentials(
+				$username, $conf->passwordHash, $nonce, $challenge
+			);
 			if ($ok) {
-				Minz_Configuration::_authType('form');
-				$ok = Minz_Configuration::writeFile();
-
-				if ($ok) {
-					Minz_Request::good(_t('auth_form_set'));
+				// Set session parameter to give access to the user.
+				Minz_Session::_param('currentUser', $username);
+				Minz_Session::_param('passwordHash', $conf->passwordHash);
+				FreshRSS_Auth::giveAccess();
+
+				// Set cookie parameter if nedded.
+				if (Minz_Request::param('keep_logged_in', false)) {
+					FreshRSS_FormAuth::makeCookie($username, $conf->passwordHash);
 				} else {
-					Minz_Request::bad(_t('auth_form_not_set'),
-				                      array('c' => 'index', 'a' => 'resetAuth'));
+					FreshRSS_FormAuth::deleteCookie();
 				}
-			} else {
-				Minz_Log::debug('Password mismatch for user ' . $username .
-				                ', nonce=' . $nonce . ', c=' . $c);
 
+				// All is good, go back to the index.
+				Minz_Request::good(_t('login'),
+				                   array('c' => 'index', 'a' => 'index'));
+			} else {
+				Minz_Log::warning('Password mismatch for' .
+				                  ' user=' . $username .
+				                  ', nonce=' . $nonce .
+				                  ', c=' . $challenge);
 				Minz_Request::bad(_t('invalid_login'),
-				                  array('c' => 'index', 'a' => 'resetAuth'));
+				                  array('c' => 'index', 'a' => 'login'));
 			}
 		}
 	}
+
+	public function logoutAction() {
+		invalidateHttpCache();
+		FreshRSS_Auth::removeAccess();
+		Minz_Request::good(_t('disconnected'),
+		                   array('c' => 'index', 'a' => 'index'));
+	}
 }
diff --git a/app/Controllers/statsController.php b/app/Controllers/statsController.php
index 99c57c809..0e3430fcc 100644
--- a/app/Controllers/statsController.php
+++ b/app/Controllers/statsController.php
@@ -118,7 +118,7 @@ class FreshRSS_stats_Controller extends Minz_ActionController {
 	 * underlying framework.
 	 */
 	public function firstAction() {
-		if (!$this->view->loginOk) {
+		if (!FreshRSS_Auth::hasAccess()) {
 			Minz_Error::error(
 			    403, array('error' => array(_t('access_denied')))
 			);
diff --git a/app/Controllers/subscriptionController.php b/app/Controllers/subscriptionController.php
index 7cc8179a0..a89168eb3 100644
--- a/app/Controllers/subscriptionController.php
+++ b/app/Controllers/subscriptionController.php
@@ -10,7 +10,7 @@ class FreshRSS_subscription_Controller extends Minz_ActionController {
 	 * underlying framework.
 	 */
 	public function firstAction() {
-		if (!$this->view->loginOk) {
+		if (!FreshRSS_Auth::hasAccess()) {
 			Minz_Error::error(
 				403,
 				array('error' => array(_t('access_denied')))
diff --git a/app/Controllers/updateController.php b/app/Controllers/updateController.php
index da5bddc65..9da1e8657 100644
--- a/app/Controllers/updateController.php
+++ b/app/Controllers/updateController.php
@@ -3,7 +3,7 @@
 class FreshRSS_update_Controller extends Minz_ActionController {
 	public function firstAction() {
 		$current_user = Minz_Session::param('currentUser', '');
-		if (!$this->view->loginOk && Minz_Configuration::isAdmin($current_user)) {
+		if (!FreshRSS_Auth::hasAccess() && Minz_Configuration::isAdmin($current_user)) {
 			Minz_Error::error(
 				403,
 				array('error' => array(_t('access_denied')))
diff --git a/app/Controllers/usersController.php b/app/Controllers/usersController.php
index 7d0171bc7..c2b1d163f 100644
--- a/app/Controllers/usersController.php
+++ b/app/Controllers/usersController.php
@@ -5,7 +5,7 @@ class FreshRSS_users_Controller extends Minz_ActionController {
 	const BCRYPT_COST = 9;	//Will also have to be computed client side on mobile devices, so do not use a too high cost
 
 	public function firstAction() {
-		if (!$this->view->loginOk) {
+		if (!FreshRSS_Auth::hasAccess()) {
 			Minz_Error::error(
 				403,
 				array('error' => array(_t('access_denied')))
diff --git a/app/FreshRSS.php b/app/FreshRSS.php
index efd302ecc..35a37b887 100644
--- a/app/FreshRSS.php
+++ b/app/FreshRSS.php
@@ -4,130 +4,33 @@ class FreshRSS extends Minz_FrontController {
 		if (!isset($_SESSION)) {
 			Minz_Session::init('FreshRSS');
 		}
-		$loginOk = $this->accessControl(Minz_Session::param('currentUser', ''));
+
+		FreshRSS_Auth::init();
+		$this->loadConfiguration();
 		$this->loadParamsView();
 		if (Minz_Request::isPost() && !is_referer_from_same_domain()) {
-			$loginOk = false;	//Basic protection against XSRF attacks
+			//Basic protection against XSRF attacks
+			FreshRSS_Auth::removeAccess();
 			Minz_Error::error(
 				403,
 				array('error' => array(_t('access_denied') . ' [HTTP_REFERER=' .
-					htmlspecialchars(empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER']) . ']'))
+				      htmlspecialchars(empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER']) . ']'))
 			);
 		}
-		Minz_View::_param('loginOk', $loginOk);
-		$this->loadStylesAndScripts($loginOk);	//TODO: Do not load that when not needed, e.g. some Ajax requests
+		$this->loadStylesAndScripts();
 		$this->loadNotifications();
 		$this->loadExtensions();
 	}
 
-	private static function getCredentialsFromLongTermCookie() {
-		$token = Minz_Session::getLongTermCookie('FreshRSS_login');
-		if (!ctype_alnum($token)) {
-			return array();
-		}
-		$tokenFile = DATA_PATH . '/tokens/' . $token . '.txt';
-		$mtime = @filemtime($tokenFile);
-		if ($mtime + 2629744 < time()) {	//1 month	//TODO: Use a configuration instead
-			@unlink($tokenFile);
-			return array(); 	//Expired or token does not exist
-		}
-		$credentials = @file_get_contents($tokenFile);
-		return $credentials === false ? array() : explode("\t", $credentials, 2);
-	}
-
-	private function accessControl($currentUser) {
-		if ($currentUser == '') {
-			switch (Minz_Configuration::authType()) {
-				case 'form':
-					$credentials = self::getCredentialsFromLongTermCookie();
-					if (isset($credentials[1])) {
-						$currentUser = trim($credentials[0]);
-						Minz_Session::_param('passwordHash', trim($credentials[1]));
-					}
-					$loginOk = $currentUser != '';
-					if (!$loginOk) {
-						$currentUser = Minz_Configuration::defaultUser();
-						Minz_Session::_param('passwordHash');
-					}
-					break;
-				case 'http_auth':
-					$currentUser = httpAuthUser();
-					$loginOk = $currentUser != '';
-					break;
-				case 'persona':
-					$loginOk = false;
-					$email = filter_var(Minz_Session::param('mail'), FILTER_VALIDATE_EMAIL);
-					if ($email != '') {	//TODO: Remove redundancy with indexController
-						$personaFile = DATA_PATH . '/persona/' . $email . '.txt';
-						if (($currentUser = @file_get_contents($personaFile)) !== false) {
-							$currentUser = trim($currentUser);
-							$loginOk = true;
-						}
-					}
-					if (!$loginOk) {
-						$currentUser = Minz_Configuration::defaultUser();
-					}
-					break;
-				case 'none':
-					$currentUser = Minz_Configuration::defaultUser();
-					$loginOk = true;
-					break;
-				default:
-					$currentUser = Minz_Configuration::defaultUser();
-					$loginOk = false;
-					break;
-			}
-		} else {
-			$loginOk = true;
-		}
-
-		if (!ctype_alnum($currentUser)) {
-			Minz_Session::_param('currentUser', '');
-			die('Invalid username [' . $currentUser . ']!');
-		}
-
+	private function loadConfiguration() {
+		$current_user = Minz_Session::param('currentUser');
 		try {
-			$this->conf = new FreshRSS_Configuration($currentUser);
+			$this->conf = new FreshRSS_Configuration($current_user);
 			Minz_View::_param('conf', $this->conf);
-			Minz_Session::_param('currentUser', $currentUser);
-		} catch (Minz_Exception $me) {
-			$loginOk = false;
-			try {
-				$this->conf = new FreshRSS_Configuration(Minz_Configuration::defaultUser());
-				Minz_Session::_param('currentUser', Minz_Configuration::defaultUser());
-				Minz_View::_param('conf', $this->conf);
-				$notif = array(
-					'type' => 'bad',
-					'content' => 'Invalid configuration for user [' . $currentUser . ']!',
-				);
-				Minz_Session::_param('notification', $notif);
-				Minz_Log::warning($notif['content'] . ' ' . $me->getMessage());
-				Minz_Session::_param('currentUser', '');
-			} catch (Exception $e) {
-				die($e->getMessage());
-			}
-		}
-
-		if ($loginOk) {
-			switch (Minz_Configuration::authType()) {
-				case 'form':
-					$loginOk = Minz_Session::param('passwordHash') === $this->conf->passwordHash;
-					break;
-				case 'http_auth':
-					$loginOk = strcasecmp($currentUser, httpAuthUser()) === 0;
-					break;
-				case 'persona':
-					$loginOk = strcasecmp(Minz_Session::param('mail'), $this->conf->mail_login) === 0;
-					break;
-				case 'none':
-					$loginOk = true;
-					break;
-				default:
-					$loginOk = false;
-					break;
-			}
+		} catch(Minz_Exception $e) {
+			Minz_Log::error('Cannot load configuration file of user `' . $current_user . '`');
+			die($e->getMessage());
 		}
-		return $loginOk;
 	}
 
 	private function loadParamsView() {
@@ -140,7 +43,7 @@ class FreshRSS extends Minz_FrontController {
 		}
 	}
 
-	private function loadStylesAndScripts($loginOk) {
+	private function loadStylesAndScripts() {
 		$theme = FreshRSS_Themes::load($this->conf->theme);
 		if ($theme) {
 			foreach($theme['files'] as $file) {
@@ -158,16 +61,6 @@ class FreshRSS extends Minz_FrontController {
 			}
 		}
 
-		switch (Minz_Configuration::authType()) {
-			case 'form':
-				if (!$loginOk) {
-					Minz_View::appendScript(Minz_Url::display('/scripts/bcrypt.min.js?' . @filemtime(PUBLIC_PATH . '/scripts/bcrypt.min.js')));
-				}
-				break;
-			case 'persona':
-				Minz_View::appendScript('https://login.persona.org/include.js');
-				break;
-		}
 		Minz_View::appendScript(Minz_Url::display('/scripts/jquery.min.js?' . @filemtime(PUBLIC_PATH . '/scripts/jquery.min.js')));
 		Minz_View::appendScript(Minz_Url::display('/scripts/shortcut.js?' . @filemtime(PUBLIC_PATH . '/scripts/shortcut.js')));
 		Minz_View::appendScript(Minz_Url::display('/scripts/main.js?' . @filemtime(PUBLIC_PATH . '/scripts/main.js')));
diff --git a/app/Models/Auth.php b/app/Models/Auth.php
new file mode 100644
index 000000000..c4a3abd98
--- /dev/null
+++ b/app/Models/Auth.php
@@ -0,0 +1,209 @@
+<?php
+
+/**
+ * This class handles all authentication process.
+ */
+class FreshRSS_Auth {
+	/**
+	 * Determines if user is connected.
+	 */
+	private static $login_ok = false;
+
+	/**
+	 * This method initializes authentication system.
+	 */
+	public static function init() {
+		self::$login_ok = Minz_Session::param('loginOk', false);
+		$current_user = Minz_Session::param('currentUser', '');
+		if ($current_user === '') {
+			$current_user = Minz_Configuration::defaultUser();
+			Minz_Session::_param('currentUser', $current_user);
+		}
+
+		$access_ok = self::accessControl($current_user);
+
+		if ($access_ok) {
+			self::giveAccess();
+		} else {
+			// Be sure all accesses are removed!
+			self::removeAccess();
+		}
+	}
+
+	/**
+	 * This method checks if user is allowed to connect.
+	 *
+	 * Required session parameters are also set in this method (such as
+	 * currentUser).
+	 *
+	 * @param string $username username of the user to check access.
+	 * @return boolean true if user can be connected, false else.
+	 */
+	public static function accessControl($username) {
+		if (self::$login_ok) {
+			return true;
+		}
+
+		switch (Minz_Configuration::authType()) {
+		case 'form':
+			$credentials = FreshRSS_FormAuth::getCredentialsFromCookie();
+			$current_user = '';
+			if (isset($credentials[1])) {
+				$current_user = trim($credentials[0]);
+				Minz_Session::_param('currentUser', $current_user);
+				Minz_Session::_param('passwordHash', trim($credentials[1]));
+			}
+			return $current_user != '';
+		case 'http_auth':
+			$current_user = httpAuthUser();
+			$login_ok = $current_user != '';
+			if ($login_ok) {
+				Minz_Session::_param('currentUser', $current_user);
+			}
+			return $login_ok;
+		case 'none':
+			return true;
+		default:
+			// TODO load extension
+			return false;
+		}
+	}
+
+	/**
+	 * Gives access to the current user.
+	 */
+	public static function giveAccess() {
+		$current_user = Minz_Session::param('currentUser');
+		try {
+			$conf = new FreshRSS_Configuration($current_user);
+		} catch(Minz_Exception $e) {
+			die($e->getMessage());
+		}
+
+		switch (Minz_Configuration::authType()) {
+		case 'form':
+			self::$login_ok = Minz_Session::param('passwordHash') === $conf->passwordHash;
+			break;
+		case 'http_auth':
+			self::$login_ok = strcasecmp($current_user, httpAuthUser()) === 0;
+			break;
+		case 'none':
+			self::$login_ok = true;
+			break;
+		default:
+			// TODO: extensions
+			self::$login_ok = false;
+		}
+
+		Minz_Session::_param('loginOk', self::$login_ok);
+	}
+
+	/**
+	 * Returns if current user is connected.
+	 *
+	 * @return boolean true if user is connected, false else.
+	 */
+	public static function hasAccess() {
+		return self::$login_ok;
+	}
+
+	/**
+	 * Removes all accesses for the current user.
+	 */
+	public static function removeAccess() {
+		Minz_Session::_param('loginOk');
+		self::$login_ok = false;
+		Minz_Session::_param('currentUser', Minz_Configuration::defaultUser());
+
+		switch (Minz_Configuration::authType()) {
+		case 'form':
+			Minz_Session::_param('passwordHash');
+			FreshRSS_FormAuth::deleteCookie();
+			break;
+		case 'http_auth':
+		case 'none':
+			// Nothing to do...
+			break;
+		default:
+			// TODO: extensions
+		}
+	}
+}
+
+
+class FreshRSS_FormAuth {
+	public static function checkCredentials($username, $hash, $nonce, $challenge) {
+		if (!ctype_alnum($username) ||
+				!ctype_graph($challenge) ||
+				!ctype_alnum($nonce)) {
+			Minz_Log::debug('Invalid credential parameters:' .
+			                ' user=' . $username .
+			                ' challenge=' . $challenge .
+			                ' nonce=' . $nonce);
+			return false;
+		}
+
+		if (!function_exists('password_verify')) {
+			include_once(LIB_PATH . '/password_compat.php');
+		}
+
+		return password_verify($nonce . $hash, $challenge);
+	}
+
+	public static function getCredentialsFromCookie() {
+		$token = Minz_Session::getLongTermCookie('FreshRSS_login');
+		if (!ctype_alnum($token)) {
+			return array();
+		}
+
+		$token_file = DATA_PATH . '/tokens/' . $token . '.txt';
+		$mtime = @filemtime($token_file);
+		if ($mtime + 2629744 < time()) {
+			// Token has expired (> 1 month) or does not exist.
+			// TODO: 1 month -> use a configuration instead
+			@unlink($token_file);
+			return array(); 	
+		}
+
+		$credentials = @file_get_contents($token_file);
+		return $credentials === false ? array() : explode("\t", $credentials, 2);
+	}
+
+	public static function makeCookie($username, $password_hash) {
+		do {
+			$token = sha1(Minz_Configuration::salt() . $username . uniqid(mt_rand(), true));
+			$token_file = DATA_PATH . '/tokens/' . $token . '.txt';
+		} while (file_exists($token_file));
+
+		if (@file_put_contents($token_file, $username . "\t" . $password_hash) === false) {
+			return false;
+		}
+
+		$expire = time() + 2629744;	//1 month	//TODO: Use a configuration instead
+		Minz_Session::setLongTermCookie('FreshRSS_login', $token, $expire);
+		return $token;
+	}
+
+	public static function deleteCookie() {
+		$token = Minz_Session::getLongTermCookie('FreshRSS_login');
+		Minz_Session::deleteLongTermCookie('FreshRSS_login');
+		if (ctype_alnum($token)) {
+			@unlink(DATA_PATH . '/tokens/' . $token . '.txt');
+		}
+
+		if (rand(0, 10) === 1) {
+			self::purgeTokens();
+		}
+	}
+
+	public static function purgeTokens() {
+		$oldest = time() - 2629744;	// 1 month	// TODO: Use a configuration instead
+		foreach (new DirectoryIterator(DATA_PATH . '/tokens/') as $file_info) {
+			// $extension = $file_info->getExtension(); doesn't work in PHP < 5.3.7
+			$extension = pathinfo($file_info->getFilename(), PATHINFO_EXTENSION);
+			if ($extension === 'txt' && $file_info->getMTime() < $oldest) {
+				@unlink($file_info->getPathname());
+			}
+		}
+	}
+}
diff --git a/app/layout/aside_flux.phtml b/app/layout/aside_flux.phtml
index a8ae2f424..a66be2ed9 100644
--- a/app/layout/aside_flux.phtml
+++ b/app/layout/aside_flux.phtml
@@ -2,7 +2,7 @@
 	<a class="toggle_aside" href="#close"><?php echo _i('close'); ?></a>
 
 	<ul class="categories">
-		<?php if ($this->loginOk) { ?>
+		<?php if (FreshRSS_Auth::hasAccess()) { ?>
 		<form id="mark-read-aside" method="post" style="display: none"></form>
 
 		<li>
@@ -83,11 +83,11 @@
 	<ul class="dropdown-menu">
 		<li class="dropdown-close"><a href="#close">❌</a></li>
 		<li class="item"><a href="<?php echo _url('index', 'index', 'get', 'f_!!!!!!'); ?>"><?php echo _t('filter'); ?></a></li>
-		<?php if ($this->loginOk) { ?>
+		<?php if (FreshRSS_Auth::hasAccess()) { ?>
 		<li class="item"><a href="<?php echo _url('stats', 'repartition', 'id', '!!!!!!'); ?>"><?php echo _t('stats'); ?></a></li>
 		<?php } ?>
 		<li class="item"><a target="_blank" href="http://example.net/"><?php echo _t('see_website'); ?></a></li>
-		<?php if ($this->loginOk) { ?>
+		<?php if (FreshRSS_Auth::hasAccess()) { ?>
 		<li class="separator"></li>
 		<li class="item"><a href="<?php echo _url('subscription', 'index', 'id', '!!!!!!'); ?>"><?php echo _t('administration'); ?></a></li>
 		<li class="item"><a href="<?php echo _url('feed', 'actualize', 'id', '!!!!!!'); ?>"><?php echo _t('actualize'); ?></a></li>
diff --git a/app/layout/header.phtml b/app/layout/header.phtml
index 4b571ef06..fadfd13d7 100644
--- a/app/layout/header.phtml
+++ b/app/layout/header.phtml
@@ -1,22 +1,11 @@
 <?php
 if (Minz_Configuration::canLogIn()) {
 	?><ul class="nav nav-head nav-login"><?php
-	switch (Minz_Configuration::authType()) {
-	case 'form':
-		if ($this->loginOk) {
-			?><li class="item"><?php echo _i('logout'); ?> <a class="signout" href="<?php echo _url('index', 'formLogout'); ?>"><?php echo _t('logout'); ?></a></li><?php
+		if (FreshRSS_Auth::hasAccess()) {
+			?><li class="item"><?php echo _i('logout'); ?> <a class="signout" href="<?php echo _url('index', 'logout'); ?>"><?php echo _t('logout'); ?></a></li><?php
 		} else {
-			?><li class="item"><?php echo _i('login'); ?> <a class="signin" href="<?php echo _url('index', 'formLogin'); ?>"><?php echo _t('login'); ?></a></li><?php
+			?><li class="item"><?php echo _i('login'); ?> <a class="signin" href="<?php echo _url('index', 'login'); ?>"><?php echo _t('login'); ?></a></li><?php
 		}
-		break;
-	case 'persona':
-		if ($this->loginOk) {
-			?><li class="item"><?php echo _i('logout'); ?> <a class="signout" href="#"><?php echo _t('logout'); ?></a></li><?php
-		} else {
-			?><li class="item"><?php echo _i('login'); ?> <a class="signin" href="#"><?php echo _t('login'); ?></a></li><?php
-		}
-		break;
-	}
 	?></ul><?php
 }
 ?>
@@ -32,7 +21,7 @@ if (Minz_Configuration::canLogIn()) {
 	</div>
 
 	<div class="item search">
-		<?php if ($this->loginOk || Minz_Configuration::allowAnonymous()) { ?>
+		<?php if (FreshRSS_Auth::hasAccess() || Minz_Configuration::allowAnonymous()) { ?>
 		<form action="<?php echo _url('index', 'index'); ?>" method="get">
 			<div class="stick">
 				<?php $search = Minz_Request::param('search', ''); ?>
@@ -59,7 +48,7 @@ if (Minz_Configuration::canLogIn()) {
 		<?php } ?>
 	</div>
 
-	<?php if ($this->loginOk) { ?>
+	<?php if (FreshRSS_Auth::hasAccess()) { ?>
 	<div class="item configure">
 		<div class="dropdown">
 			<div id="dropdown-configure" class="dropdown-target"></div>
@@ -87,15 +76,8 @@ if (Minz_Configuration::canLogIn()) {
 				<li class="item"><a href="<?php echo _url('index', 'about'); ?>"><?php echo _t('about'); ?></a></li>
 				<?php
 				if (Minz_Configuration::canLogIn()) {
-					?><li class="separator"></li><?php
-					switch (Minz_Configuration::authType()) {
-					case 'form':
-						?><li class="item"><a class="signout" href="<?php echo _url('index', 'formLogout'); ?>"><?php echo _i('logout'), ' ', _t('logout'); ?></a></li><?php
-						break;
-					case 'persona':
-						?><li class="item"><a class="signout" href="#"><?php echo _i('logout'), ' ', _t('logout'); ?></a></li><?php
-						break;
-					}
+					?><li class="separator"></li>
+				<li class="item"><a class="signout" href="<?php echo _url('index', 'logout'); ?>"><?php echo _i('logout'), ' ', _t('logout'); ?></a></li><?php
 				} ?>
 			</ul>
 		</div>
diff --git a/app/layout/nav_menu.phtml b/app/layout/nav_menu.phtml
index a9e6614e7..090b55785 100644
--- a/app/layout/nav_menu.phtml
+++ b/app/layout/nav_menu.phtml
@@ -6,7 +6,7 @@
 	<a class="btn toggle_aside" href="#aside_flux"><?php echo _i('category'); ?></a>
 	<?php } ?>
 
-	<?php if ($this->loginOk) { ?>
+	<?php if (FreshRSS_Auth::hasAccess()) { ?>
 	<div id="nav_menu_actions" class="stick">
 		<?php
 			$url_state = $this->url;
@@ -300,7 +300,7 @@
 		<?php echo _i($icon); ?>
 	</a>
 	
-	<?php if ($this->loginOk || Minz_Configuration::allowAnonymousRefresh()) { ?>
+	<?php if (FreshRSS_Auth::hasAccess() || Minz_Configuration::allowAnonymousRefresh()) { ?>
 	<a id="actualize" class="btn" href="<?php echo _url('feed', 'actualize'); ?>"><?php echo _i('refresh'); ?></a>
 	<?php } ?>
 </div>
diff --git a/app/views/helpers/view/normal_view.phtml b/app/views/helpers/view/normal_view.phtml
index 109fad0eb..db25714bb 100644
--- a/app/views/helpers/view/normal_view.phtml
+++ b/app/views/helpers/view/normal_view.phtml
@@ -7,7 +7,7 @@ if (!empty($this->entries)) {
 	$display_today = true;
 	$display_yesterday = true;
 	$display_others = true;
-	if ($this->loginOk) {
+	if (FreshRSS_Auth::hasAccess()) {
 		$sharing = $this->conf->sharing;
 	} else {
 		$sharing = array();
@@ -58,7 +58,7 @@ if (!empty($this->entries)) {
 		}
 	?><div class="flux<?php echo !$item->isRead() ? ' not_read' : ''; ?><?php echo $item->isFavorite() ? ' favorite' : ''; ?>" id="flux_<?php echo $item->id(); ?>">
 		<ul class="horizontal-list flux_header"><?php
-			if ($this->loginOk) {
+			if (FreshRSS_Auth::hasAccess()) {
 				if ($topline_read) {
 					?><li class="item manage"><?php
 						$arUrl = array('c' => 'entry', 'a' => 'read', 'params' => array('id' => $item->id()));
@@ -103,7 +103,7 @@ if (!empty($this->entries)) {
 				?>
 			</div>
 			<ul class="horizontal-list bottom"><?php
-				if ($this->loginOk) {
+				if (FreshRSS_Auth::hasAccess()) {
 					if ($bottomline_read) {
 						?><li class="item manage"><?php
 							$arUrl = array('c' => 'entry', 'a' => 'read', 'params' => array('id' => $item->id()));
diff --git a/app/views/index/index.phtml b/app/views/index/index.phtml
index 584792e29..a59063557 100644
--- a/app/views/index/index.phtml
+++ b/app/views/index/index.phtml
@@ -2,7 +2,7 @@
 
 $output = Minz_Request::param('output', 'normal');
 
-if ($this->loginOk || Minz_Configuration::allowAnonymous()) {
+if (FreshRSS_Auth::hasAccess() || Minz_Configuration::allowAnonymous()) {
 	if ($output === 'normal') {
 		$this->renderHelper('view/normal_view');
 	} elseif ($output === 'reader') {
diff --git a/app/views/index/login.phtml b/app/views/index/login.phtml
deleted file mode 100644
index 79fbe9d21..000000000
--- a/app/views/index/login.phtml
+++ /dev/null
@@ -1 +0,0 @@
-<?php print_r($this->res); ?>
diff --git a/app/views/index/logout.phtml b/app/views/index/logout.phtml
deleted file mode 100644
index a0aba9318..000000000
--- a/app/views/index/logout.phtml
+++ /dev/null
@@ -1 +0,0 @@
-OK
\ No newline at end of file
diff --git a/app/views/index/resetAuth.phtml b/app/views/index/resetAuth.phtml
deleted file mode 100644
index 6d4282c14..000000000
--- a/app/views/index/resetAuth.phtml
+++ /dev/null
@@ -1,33 +0,0 @@
-<div class="prompt">
-	<h1><?php echo _t('auth_reset'); ?></h1>
-
-	<?php if (!empty($this->message)) { ?>
-	<p class="alert <?php echo $this->message['status'] === 'bad' ? 'alert-error' : 'alert-warn'; ?>">
-		<span class="alert-head"><?php echo $this->message['title']; ?></span><br />
-		<?php echo $this->message['body']; ?>
-	</p>
-	<?php } ?>
-
-	<?php if (!$this->no_form) { ?>
-	<form id="crypto-form" method="post" action="<?php echo _url('index', 'resetAuth'); ?>">
-		<p class="alert alert-warn">
-			<span class="alert-head"><?php echo _t('attention'); ?></span><br />
-			<?php echo _t('auth_will_reset'); ?>
-		</p>
-
-		<div>
-			<label for="username"><?php echo _t('username_admin'); ?></label>
-			<input type="text" id="username" name="username" size="16" required="required" maxlength="16" pattern="[0-9a-zA-Z]{1,16}" autofocus="autofocus" />
-		</div>
-		<div>
-			<label for="passwordPlain"><?php echo _t('password'); ?></label>
-				<input type="password" id="passwordPlain" required="required" />
-				<input type="hidden" id="challenge" name="challenge" /><br />
-				<noscript><strong><?php echo _t('javascript_should_be_activated'); ?></strong></noscript>
-		</div>
-		<div>
-			<button id="loginButton" type="submit" class="btn btn-important"><?php echo _t('submit'); ?></button>
-		</div>
-	</form>
-	<?php } ?>
-</div>
-- 
cgit v1.2.3


From 6009990935a2d06c252073f6b51ea5378536ef52 Mon Sep 17 00:00:00 2001
From: Marien Fressinaud <dev@marienfressinaud.fr>
Date: Tue, 7 Oct 2014 10:16:38 +0200
Subject: Introduce FreshRSS_Auth::hasAccess('admin')

Replace Minz_Configuration::isAdmin($user). FreshRSS_Auth::hasAccess() could
be extended to others scopes later.

See https://github.com/marienfressinaud/FreshRSS/issues/655
---
 app/Controllers/configureController.php |  2 +-
 app/Controllers/updateController.php    |  2 +-
 app/Controllers/usersController.php     |  8 ++++----
 app/Models/Auth.php                     | 19 +++++++++++++++----
 app/layout/aside_configure.phtml        |  5 +----
 app/layout/header.phtml                 |  5 +----
 app/views/configure/archiving.phtml     |  2 +-
 app/views/users/index.phtml             |  6 +++---
 lib/Minz/Configuration.php              |  3 ---
 9 files changed, 27 insertions(+), 25 deletions(-)

(limited to 'app/layout/header.phtml')

diff --git a/app/Controllers/configureController.php b/app/Controllers/configureController.php
index 7e77a757a..fb8c1466e 100755
--- a/app/Controllers/configureController.php
+++ b/app/Controllers/configureController.php
@@ -229,7 +229,7 @@ class FreshRSS_configure_Controller extends Minz_ActionController {
 		$this->view->nb_total = $entryDAO->count();
 		$this->view->size_user = $entryDAO->size();
 
-		if (Minz_Configuration::isAdmin(Minz_Session::param('currentUser', '_'))) {
+		if (FreshRSS_Auth::hasAccess('admin')) {
 			$this->view->size_total = $entryDAO->size(true);
 		}
 	}
diff --git a/app/Controllers/updateController.php b/app/Controllers/updateController.php
index 9da1e8657..9d1e1ddf5 100644
--- a/app/Controllers/updateController.php
+++ b/app/Controllers/updateController.php
@@ -3,7 +3,7 @@
 class FreshRSS_update_Controller extends Minz_ActionController {
 	public function firstAction() {
 		$current_user = Minz_Session::param('currentUser', '');
-		if (!FreshRSS_Auth::hasAccess() && Minz_Configuration::isAdmin($current_user)) {
+		if (!FreshRSS_Auth::hasAccess('admin')) {
 			Minz_Error::error(
 				403,
 				array('error' => array(_t('access_denied')))
diff --git a/app/Controllers/usersController.php b/app/Controllers/usersController.php
index c2b1d163f..11862ce27 100644
--- a/app/Controllers/usersController.php
+++ b/app/Controllers/usersController.php
@@ -51,7 +51,7 @@ class FreshRSS_users_Controller extends Minz_ActionController {
 				$this->view->conf->_apiPasswordHash($passwordHash);
 			}
 
-			if (Minz_Configuration::isAdmin(Minz_Session::param('currentUser', '_'))) {
+			if (FreshRSS_Auth::hasAccess('admin')) {
 				$this->view->conf->_mail_login(Minz_Request::param('mail_login', '', true));
 			}
 			$email = $this->view->conf->mail_login;
@@ -65,7 +65,7 @@ class FreshRSS_users_Controller extends Minz_ActionController {
 				$ok &= (file_put_contents($personaFile, Minz_Session::param('currentUser', '_')) !== false);
 			}
 
-			if (Minz_Configuration::isAdmin(Minz_Session::param('currentUser', '_'))) {
+			if (FreshRSS_Auth::hasAccess('admin')) {
 				$current_token = $this->view->conf->token;
 				$token = Minz_Request::param('token', $current_token);
 				$this->view->conf->_token($token);
@@ -105,7 +105,7 @@ class FreshRSS_users_Controller extends Minz_ActionController {
 	}
 
 	public function createAction() {
-		if (Minz_Request::isPost() && Minz_Configuration::isAdmin(Minz_Session::param('currentUser', '_'))) {
+		if (Minz_Request::isPost() && FreshRSS_Auth::hasAccess('admin')) {
 			$db = Minz_Configuration::dataBase();
 			require_once(APP_PATH . '/SQL/install.sql.' . $db['type'] . '.php');
 
@@ -177,7 +177,7 @@ class FreshRSS_users_Controller extends Minz_ActionController {
 	}
 
 	public function deleteAction() {
-		if (Minz_Request::isPost() && Minz_Configuration::isAdmin(Minz_Session::param('currentUser', '_'))) {
+		if (Minz_Request::isPost() && FreshRSS_Auth::hasAccess('admin')) {
 			$db = Minz_Configuration::dataBase();
 			require_once(APP_PATH . '/SQL/install.sql.' . $db['type'] . '.php');
 
diff --git a/app/Models/Auth.php b/app/Models/Auth.php
index c4a3abd98..992b444a5 100644
--- a/app/Models/Auth.php
+++ b/app/Models/Auth.php
@@ -99,12 +99,23 @@ class FreshRSS_Auth {
 	}
 
 	/**
-	 * Returns if current user is connected.
+	 * Returns if current user has access to the given scope.
 	 *
-	 * @return boolean true if user is connected, false else.
+	 * @param string $scope general (default) or admin
+	 * @return boolean true if user has corresponding access, false else.
 	 */
-	public static function hasAccess() {
-		return self::$login_ok;
+	public static function hasAccess($scope = 'general') {
+		$ok = self::$login_ok;
+		switch ($scope) {
+		case 'general':
+			break;
+		case 'admin':
+			$ok &= Minz_Session::param('currentUser') === Minz_Configuration::defaultUser();
+			break;
+		default:
+			$ok = false;
+		}
+		return $ok;
 	}
 
 	/**
diff --git a/app/layout/aside_configure.phtml b/app/layout/aside_configure.phtml
index e17bcb254..59846a7c8 100644
--- a/app/layout/aside_configure.phtml
+++ b/app/layout/aside_configure.phtml
@@ -22,10 +22,7 @@
 	<li class="item<?php echo Minz_Request::controllerName() === 'users' ? ' active' : ''; ?>">
 		<a href="<?php echo _url('users', 'index'); ?>"><?php echo _t('users'); ?></a>
 	</li>
-	<?php
-		$current_user = Minz_Session::param('currentUser', '');
-		if (Minz_Configuration::isAdmin($current_user)) {
-	?>
+	<?php if (FreshRSS_Auth::hasAccess('admin')) { ?>
 	<li class="item<?php echo Minz_Request::controllerName() === 'update' ? ' active' : ''; ?>">
 		<a href="<?php echo _url('update', 'index'); ?>"><?php echo _t('update'); ?></a>
 	</li>
diff --git a/app/layout/header.phtml b/app/layout/header.phtml
index fadfd13d7..12c86d61d 100644
--- a/app/layout/header.phtml
+++ b/app/layout/header.phtml
@@ -64,10 +64,7 @@ if (Minz_Configuration::canLogIn()) {
 				<li class="item"><a href="<?php echo _url('configure', 'queries'); ?>"><?php echo _t('queries'); ?></a></li>
 				<li class="separator"></li>
 				<li class="item"><a href="<?php echo _url('users', 'index'); ?>"><?php echo _t('users'); ?></a></li>
-				<?php
-					$current_user = Minz_Session::param('currentUser', '');
-					if (Minz_Configuration::isAdmin($current_user)) {
-				?>
+				<?php if (FreshRSS_Auth::hasAccess('admin')) { ?>
 				<li class="item"><a href="<?php echo _url('update', 'index'); ?>"><?php echo _t('update'); ?></a></li>
 				<?php } ?>
 				<li class="separator"></li>
diff --git a/app/views/configure/archiving.phtml b/app/views/configure/archiving.phtml
index a883571aa..adbfdb77e 100644
--- a/app/views/configure/archiving.phtml
+++ b/app/views/configure/archiving.phtml
@@ -67,7 +67,7 @@
 			</div>
 		</div>
 
-		<?php if (Minz_Configuration::isAdmin(Minz_Session::param('currentUser', '_'))) { ?>
+		<?php if (FreshRSS_Auth::hasAccess('admin')) { ?>
 		<div class="form-group">
 			<p class="group-name"><?php echo _t('users'); ?></p>
 			<div class="group-controls">
diff --git a/app/views/users/index.phtml b/app/views/users/index.phtml
index 95659f727..f1cdf01a3 100644
--- a/app/views/users/index.phtml
+++ b/app/views/users/index.phtml
@@ -11,7 +11,7 @@
 			<div class="group-controls">
 				<input id="current_user" type="text" disabled="disabled" value="<?php echo Minz_Session::param('currentUser', '_'); ?>" />
 				<label class="checkbox" for="is_admin">
-					<input type="checkbox" id="is_admin" disabled="disabled" <?php echo Minz_Configuration::isAdmin(Minz_Session::param('currentUser', '_')) ? 'checked="checked" ' : ''; ?>/>
+					<input type="checkbox" id="is_admin" disabled="disabled" <?php echo FreshRSS_Auth::hasAccess('admin') ? 'checked="checked" ' : ''; ?>/>
 					<?php echo _t('is_admin'); ?>
 				</label>
 			</div>
@@ -44,7 +44,7 @@
 			<label class="group-name" for="mail_login"><?php echo _t('persona_connection_email'); ?></label>
 			<?php $mail = $this->conf->mail_login; ?>
 			<div class="group-controls">
-				<input type="email" id="mail_login" name="mail_login" class="extend" autocomplete="off" value="<?php echo $mail; ?>" <?php echo Minz_Configuration::isAdmin(Minz_Session::param('currentUser', '_')) ? '' : 'disabled="disabled"'; ?> placeholder="alice@example.net" />
+				<input type="email" id="mail_login" name="mail_login" class="extend" autocomplete="off" value="<?php echo $mail; ?>" <?php echo FreshRSS_Auth::hasAccess('admin') ? '' : 'disabled="disabled"'; ?> placeholder="alice@example.net" />
 				<noscript><b><?php echo _t('javascript_should_be_activated'); ?></b></noscript>
 			</div>
 		</div>
@@ -56,7 +56,7 @@
 			</div>
 		</div>
 
-	<?php if (Minz_Configuration::isAdmin(Minz_Session::param('currentUser', '_'))) { ?>
+	<?php if (FreshRSS_Auth::hasAccess('admin')) { ?>
 
 		<legend><?php echo _t('auth_type'); ?></legend>
 
diff --git a/lib/Minz/Configuration.php b/lib/Minz/Configuration.php
index 4e9da58b4..554bc8c96 100644
--- a/lib/Minz/Configuration.php
+++ b/lib/Minz/Configuration.php
@@ -100,9 +100,6 @@ class Minz_Configuration {
 	public static function defaultUser () {
 		return self::$default_user;
 	}
-	public static function isAdmin($currentUser) {
-		return $currentUser === self::$default_user;
-	}
 	public static function allowAnonymous() {
 		return self::$allow_anonymous;
 	}
-- 
cgit v1.2.3


From 1252b3dd867e59917cf303f0c39c7da938b8ce32 Mon Sep 17 00:00:00 2001
From: Marien Fressinaud <dev@marienfressinaud.fr>
Date: Tue, 7 Oct 2014 16:37:10 +0200
Subject: Authentication system moved + Persona comes back!

AuthController is dedicated to auhentication.
Persona is back, greater than ever!

See https://github.com/marienfressinaud/FreshRSS/issues/655
---
 app/Controllers/authController.php      | 182 ++++++++++++++++++++++++++++++++
 app/Controllers/indexController.php     |  90 +---------------
 app/FreshRSS.php                        |   8 ++
 app/Models/Auth.php                     |  21 +++-
 app/layout/header.phtml                 |  23 ++--
 app/views/auth/formLogin.phtml          |  28 +++++
 app/views/auth/logout.phtml             |   0
 app/views/auth/personaLogin.phtml       |  24 +++++
 app/views/helpers/javascript_vars.phtml |  13 ++-
 app/views/index/formLogin.phtml         |  46 --------
 p/scripts/main.js                       |  65 ------------
 p/scripts/persona.js                    |  76 +++++++++++++
 12 files changed, 356 insertions(+), 220 deletions(-)
 create mode 100644 app/Controllers/authController.php
 create mode 100644 app/views/auth/formLogin.phtml
 create mode 100644 app/views/auth/logout.phtml
 create mode 100644 app/views/auth/personaLogin.phtml
 delete mode 100644 app/views/index/formLogin.phtml
 create mode 100644 p/scripts/persona.js

(limited to 'app/layout/header.phtml')

diff --git a/app/Controllers/authController.php b/app/Controllers/authController.php
new file mode 100644
index 000000000..2b67e34b8
--- /dev/null
+++ b/app/Controllers/authController.php
@@ -0,0 +1,182 @@
+<?php
+
+/**
+ * This controller handles action about authentication.
+ */
+class FreshRSS_auth_Controller extends Minz_ActionController {
+	/**
+	 * This action handles the login page.
+	 *
+	 * It forwards to the correct login page (form or Persona) or main page if
+	 * the user is already connected.
+	 */
+	public function loginAction() {
+		if (FreshRSS_Auth::hasAccess()) {
+			Minz_Request::forward(array('c' => 'index', 'a' => 'index'), true);
+		}
+
+		$auth_type = Minz_Configuration::authType();
+		switch ($auth_type) {
+		case 'form':
+			Minz_Request::forward(array('c' => 'auth', 'a' => 'formLogin'));
+			break;
+		case 'persona':
+			Minz_Request::forward(array('c' => 'auth', 'a' => 'personaLogin'));
+			break;
+		case 'http_auth':
+		case 'none':
+			// It should not happened!
+			Minz_Error::error(404);
+		default:
+			// TODO load plugin instead
+			Minz_Error::error(404);
+		}
+	}
+
+	/**
+	 * This action handles form login page.
+	 *
+	 * If this action is reached through a POST request, username and password
+	 * are compared to login the current user.
+	 *
+	 * Parameters are:
+	 *   - nonce (default: false)
+	 *   - username (default: '')
+	 *   - challenge (default: '')
+	 *   - keep_logged_in (default: false)
+	 */
+	public function formLoginAction() {
+		invalidateHttpCache();
+
+		$file_mtime = @filemtime(PUBLIC_PATH . '/scripts/bcrypt.min.js');
+		Minz_View::appendScript(Minz_Url::display('/scripts/bcrypt.min.js?' . $file_mtime));
+
+		if (Minz_Request::isPost()) {
+			$nonce = Minz_Session::param('nonce');
+			$username = Minz_Request::param('username', '');
+			$challenge = Minz_Request::param('challenge', '');
+			try {
+				$conf = new FreshRSS_Configuration($username);
+			} catch(Minz_Exception $e) {
+				// $username is not a valid user, nor the configuration file!
+				Minz_Log::warning('Login failure: ' . $e->getMessage());
+				Minz_Request::bad(_t('invalid_login'),
+				                  array('c' => 'auth', 'a' => 'login'));
+			}
+
+			$ok = FreshRSS_FormAuth::checkCredentials(
+				$username, $conf->passwordHash, $nonce, $challenge
+			);
+			if ($ok) {
+				// Set session parameter to give access to the user.
+				Minz_Session::_param('currentUser', $username);
+				Minz_Session::_param('passwordHash', $conf->passwordHash);
+				FreshRSS_Auth::giveAccess();
+
+				// Set cookie parameter if nedded.
+				if (Minz_Request::param('keep_logged_in')) {
+					FreshRSS_FormAuth::makeCookie($username, $conf->passwordHash);
+				} else {
+					FreshRSS_FormAuth::deleteCookie();
+				}
+
+				// All is good, go back to the index.
+				Minz_Request::good(_t('login'),
+				                   array('c' => 'index', 'a' => 'index'));
+			} else {
+				Minz_Log::warning('Password mismatch for' .
+				                  ' user=' . $username .
+				                  ', nonce=' . $nonce .
+				                  ', c=' . $challenge);
+				Minz_Request::bad(_t('invalid_login'),
+				                  array('c' => 'auth', 'a' => 'login'));
+			}
+		}
+	}
+
+	/**
+	 * This action handles Persona login page.
+	 *
+	 * If this action is reached through a POST request, assertion from Persona
+	 * is verificated and user connected if all is ok.
+	 *
+	 * Parameter is:
+	 *   - assertion (default: false)
+	 *
+	 * @todo: Persona system should be moved to a plugin
+	 */
+	public function personaLoginAction() {
+		$this->view->res = false;
+
+		if (Minz_Request::isPost()) {
+			$this->view->_useLayout(false);
+
+			$assert = Minz_Request::param('assertion');
+			$url = 'https://verifier.login.persona.org/verify';
+			$params = 'assertion=' . $assert . '&audience=' .
+			          urlencode(Minz_Url::display(null, 'php', true));
+			$ch = curl_init();
+			$options = array(
+				CURLOPT_URL => $url,
+				CURLOPT_RETURNTRANSFER => TRUE,
+				CURLOPT_POST => 2,
+				CURLOPT_POSTFIELDS => $params
+			);
+			curl_setopt_array($ch, $options);
+			$result = curl_exec($ch);
+			curl_close($ch);
+
+			$res = json_decode($result, true);
+
+			$login_ok = false;
+			$reason = '';
+			if ($res['status'] === 'okay') {
+				$email = filter_var($res['email'], FILTER_VALIDATE_EMAIL);
+				if ($email != '') {
+					$persona_file = DATA_PATH . '/persona/' . $email . '.txt';
+					if (($current_user = @file_get_contents($persona_file)) !== false) {
+						$current_user = trim($current_user);
+						try {
+							$conf = new FreshRSS_Configuration($current_user);
+							$login_ok = strcasecmp($email, $conf->mail_login) === 0;
+						} catch (Minz_Exception $e) {
+							//Permission denied or conf file does not exist
+							$reason = 'Invalid configuration for user ' .
+							          '[' . $current_user . '] ' . $e->getMessage();
+						}
+					}
+				} else {
+					$reason = 'Invalid email format [' . $res['email'] . ']';
+				}
+			} else {
+				$reason = $res['reason'];
+			}
+
+			if ($login_ok) {
+				Minz_Session::_param('currentUser', $current_user);
+				Minz_Session::_param('mail', $email);
+				FreshRSS_Auth::giveAccess();
+				invalidateHttpCache();
+			} else {
+				Minz_Log::error($reason);
+
+				$res = array();
+				$res['status'] = 'failure';
+				$res['reason'] = _t('invalid_login');
+			}
+
+			header('Content-Type: application/json; charset=UTF-8');
+			$this->view->res = $res;
+		}
+	}
+
+	/**
+	 * This action removes all accesses of the current user.
+	 */
+	public function logoutAction() {
+		invalidateHttpCache();
+		FreshRSS_Auth::removeAccess();
+		Minz_Request::good(_t('disconnected'),
+		                   array('c' => 'index', 'a' => 'index'));
+	}
+}
diff --git a/app/Controllers/indexController.php b/app/Controllers/indexController.php
index 3006480f9..5b490e672 100755
--- a/app/Controllers/indexController.php
+++ b/app/Controllers/indexController.php
@@ -20,7 +20,7 @@ class FreshRSS_index_Controller extends Minz_ActionController {
 			} elseif ($output !== 'rss') {
 				// "hard" redirection is not required, just ask dispatcher to
 				// forward to the login form without 302 redirection
-				Minz_Request::forward(array('c' => 'index', 'a' => 'login'));
+				Minz_Request::forward(array('c' => 'auth', 'a' => 'login'));
 				return;
 			}
 		}
@@ -228,92 +228,4 @@ class FreshRSS_index_Controller extends Minz_ActionController {
 		$this->view->logsPaginator->_nbItemsPerPage(50);
 		$this->view->logsPaginator->_currentPage($page);
 	}
-
-	/**
-	 * This action handles the login page.
-	 */
-	public function loginAction() {
-		if (FreshRSS_Auth::hasAccess()) {
-			Minz_Request::forward(array('c' => 'index', 'a' => 'index'), true);
-		}
-
-		invalidateHttpCache();
-
-		$auth_type = Minz_Configuration::authType();
-		switch ($auth_type) {
-		case 'form':
-			Minz_Request::forward(array('c' => 'index', 'a' => 'formLogin'));
-			break;
-		case 'http_auth':
-		case 'none':
-			// It should not happened!
-			Minz_Error::error(404);
-		default:
-			// TODO load plugin instead
-			Minz_Error::error(404);
-		}
-	}
-
-	/**
-	 *
-	 */
-	public function formLoginAction() {
-		if (FreshRSS_Auth::hasAccess()) {
-			Minz_Request::forward(array('c' => 'index', 'a' => 'index'), true);
-		}
-
-		invalidateHttpCache();
-
-		$file_mtime = @filemtime(PUBLIC_PATH . '/scripts/bcrypt.min.js');
-		Minz_View::appendScript(Minz_Url::display('/scripts/bcrypt.min.js?' . $file_mtime));
-
-		if (Minz_Request::isPost()) {
-			$nonce = Minz_Session::param('nonce');
-			$username = Minz_Request::param('username', '');
-			$challenge = Minz_Request::param('challenge', '');
-			try {
-				$conf = new FreshRSS_Configuration($username);
-			} catch(Minz_Exception $e) {
-				// $username is not a valid user, nor the configuration file!
-				Minz_Log::warning('Login failure: ' . $e->getMessage());
-				Minz_Request::bad(_t('invalid_login'),
-				                  array('c' => 'index', 'a' => 'login'));
-			}
-
-			$ok = FreshRSS_FormAuth::checkCredentials(
-				$username, $conf->passwordHash, $nonce, $challenge
-			);
-			if ($ok) {
-				// Set session parameter to give access to the user.
-				Minz_Session::_param('currentUser', $username);
-				Minz_Session::_param('passwordHash', $conf->passwordHash);
-				FreshRSS_Auth::giveAccess();
-
-				// Set cookie parameter if nedded.
-				if (Minz_Request::param('keep_logged_in', false)) {
-					FreshRSS_FormAuth::makeCookie($username, $conf->passwordHash);
-				} else {
-					FreshRSS_FormAuth::deleteCookie();
-				}
-
-				// All is good, go back to the index.
-				Minz_Request::good(_t('login'),
-				                   array('c' => 'index', 'a' => 'index'));
-			} else {
-				Minz_Log::warning('Password mismatch for' .
-				                  ' user=' . $username .
-				                  ', nonce=' . $nonce .
-				                  ', c=' . $challenge);
-				Minz_Request::bad(_t('invalid_login'),
-				                  array('c' => 'index', 'a' => 'login'));
-			}
-		}
-	}
-
-	public function logoutAction() {
-		invalidateHttpCache();
-		FreshRSS_Auth::removeAccess();
-		Minz_Request::good(_t('disconnected'),
-		                   array('c' => 'index', 'a' => 'index'));
-	}
 }
diff --git a/app/FreshRSS.php b/app/FreshRSS.php
index 35a37b887..6b7a813bf 100644
--- a/app/FreshRSS.php
+++ b/app/FreshRSS.php
@@ -64,6 +64,14 @@ class FreshRSS extends Minz_FrontController {
 		Minz_View::appendScript(Minz_Url::display('/scripts/jquery.min.js?' . @filemtime(PUBLIC_PATH . '/scripts/jquery.min.js')));
 		Minz_View::appendScript(Minz_Url::display('/scripts/shortcut.js?' . @filemtime(PUBLIC_PATH . '/scripts/shortcut.js')));
 		Minz_View::appendScript(Minz_Url::display('/scripts/main.js?' . @filemtime(PUBLIC_PATH . '/scripts/main.js')));
+
+		if (Minz_Configuration::authType() === 'persona') {
+			// TODO move it in a plugin
+			// Needed for login AND logout with Persona.
+			Minz_View::appendScript('https://login.persona.org/include.js');
+			$file_mtime = @filemtime(PUBLIC_PATH . '/scripts/persona.js');
+			Minz_View::appendScript(Minz_Url::display('/scripts/persona.js?' . $file_mtime));
+		}
 	}
 
 	private function loadNotifications() {
diff --git a/app/Models/Auth.php b/app/Models/Auth.php
index 992b444a5..cc23d7974 100644
--- a/app/Models/Auth.php
+++ b/app/Models/Auth.php
@@ -20,7 +20,7 @@ class FreshRSS_Auth {
 			Minz_Session::_param('currentUser', $current_user);
 		}
 
-		$access_ok = self::accessControl($current_user);
+		$access_ok = self::accessControl();
 
 		if ($access_ok) {
 			self::giveAccess();
@@ -36,10 +36,9 @@ class FreshRSS_Auth {
 	 * Required session parameters are also set in this method (such as
 	 * currentUser).
 	 *
-	 * @param string $username username of the user to check access.
 	 * @return boolean true if user can be connected, false else.
 	 */
-	public static function accessControl($username) {
+	public static function accessControl() {
 		if (self::$login_ok) {
 			return true;
 		}
@@ -61,6 +60,16 @@ class FreshRSS_Auth {
 				Minz_Session::_param('currentUser', $current_user);
 			}
 			return $login_ok;
+		case 'persona':
+			$email = filter_var(Minz_Session::param('mail'), FILTER_VALIDATE_EMAIL);
+			$persona_file = DATA_PATH . '/persona/' . $email . '.txt';
+			if (($current_user = @file_get_contents($persona_file)) !== false) {
+				$current_user = trim($current_user);
+				Minz_Session::_param('currentUser', $current_user);
+				Minz_Session::_param('mail', $email);
+				return true;
+			}
+			return false;
 		case 'none':
 			return true;
 		default:
@@ -87,6 +96,9 @@ class FreshRSS_Auth {
 		case 'http_auth':
 			self::$login_ok = strcasecmp($current_user, httpAuthUser()) === 0;
 			break;
+		case 'persona':
+			self::$login_ok = strcasecmp(Minz_Session::param('mail'), $conf->mail_login) === 0;
+			break;
 		case 'none':
 			self::$login_ok = true;
 			break;
@@ -131,6 +143,9 @@ class FreshRSS_Auth {
 			Minz_Session::_param('passwordHash');
 			FreshRSS_FormAuth::deleteCookie();
 			break;
+		case 'persona':
+			Minz_Session::_param('mail');
+			break;
 		case 'http_auth':
 		case 'none':
 			// Nothing to do...
diff --git a/app/layout/header.phtml b/app/layout/header.phtml
index 12c86d61d..deb21edc9 100644
--- a/app/layout/header.phtml
+++ b/app/layout/header.phtml
@@ -2,9 +2,9 @@
 if (Minz_Configuration::canLogIn()) {
 	?><ul class="nav nav-head nav-login"><?php
 		if (FreshRSS_Auth::hasAccess()) {
-			?><li class="item"><?php echo _i('logout'); ?> <a class="signout" href="<?php echo _url('index', 'logout'); ?>"><?php echo _t('logout'); ?></a></li><?php
+			?><li class="item"><?php echo _i('logout'); ?> <a class="signout" href="<?php echo _url('auth', 'logout'); ?>"><?php echo _t('logout'); ?></a></li><?php
 		} else {
-			?><li class="item"><?php echo _i('login'); ?> <a class="signin" href="<?php echo _url('index', 'login'); ?>"><?php echo _t('login'); ?></a></li><?php
+			?><li class="item"><?php echo _i('login'); ?> <a class="signin" href="<?php echo _url('auth', 'login'); ?>"><?php echo _t('login'); ?></a></li><?php
 		}
 	?></ul><?php
 }
@@ -74,21 +74,14 @@ if (Minz_Configuration::canLogIn()) {
 				<?php
 				if (Minz_Configuration::canLogIn()) {
 					?><li class="separator"></li>
-				<li class="item"><a class="signout" href="<?php echo _url('index', 'logout'); ?>"><?php echo _i('logout'), ' ', _t('logout'); ?></a></li><?php
+				<li class="item"><a class="signout" href="<?php echo _url('auth', 'logout'); ?>"><?php echo _i('logout'), ' ', _t('logout'); ?></a></li><?php
 				} ?>
 			</ul>
 		</div>
 	</div>
-	<?php } elseif (Minz_Configuration::canLogIn()) {
-		?><div class="item configure"><?php
-		switch (Minz_Configuration::authType()) {
-		case 'form':
-			echo _i('login'); ?><a class="signin" href="<?php echo _url('index', 'formLogin'); ?>"><?php echo _t('login'); ?></a></li><?php
-			break;
-		case 'persona':
-			echo _i('login'); ?><a class="signin" href="#"><?php echo _t('login'); ?></a></li><?php
-			break;
-		}
-		?></div><?php
-	} ?>
+	<?php } elseif (Minz_Configuration::canLogIn()) { ?>
+	<div class="item configure">
+		<?php echo _i('login'); ?><a class="signin" href="<?php echo _url('auth', 'login'); ?>"><?php echo _t('login'); ?></a>
+	</div>
+	<?php } ?>
 </div>
diff --git a/app/views/auth/formLogin.phtml b/app/views/auth/formLogin.phtml
new file mode 100644
index 000000000..0194a11a5
--- /dev/null
+++ b/app/views/auth/formLogin.phtml
@@ -0,0 +1,28 @@
+<div class="prompt">
+	<h1><?php echo _t('login'); ?></h1>
+
+	<form id="crypto-form" method="post" action="<?php echo _url('auth', 'login'); ?>">
+		<div>
+			<label for="username"><?php echo _t('username'); ?></label>
+			<input type="text" id="username" name="username" size="16" required="required" maxlength="16" pattern="[0-9a-zA-Z]{1,16}" autofocus="autofocus" />
+		</div>
+		<div>
+			<label for="passwordPlain"><?php echo _t('password'); ?></label>
+				<input type="password" id="passwordPlain" required="required" />
+				<input type="hidden" id="challenge" name="challenge" /><br />
+				<noscript><strong><?php echo _t('javascript_should_be_activated'); ?></strong></noscript>
+		</div>
+		<div>
+			<label class="checkbox" for="keep_logged_in">
+				<input type="checkbox" name="keep_logged_in" id="keep_logged_in" value="1" />
+				<?php echo _t('keep_logged_in'); ?>
+			</label>
+			<br />
+		</div>
+		<div>
+			<button id="loginButton" type="submit" class="btn btn-important"><?php echo _t('login'); ?></button>
+		</div>
+	</form>
+
+	<p><a href="<?php echo _url('index', 'about'); ?>"><?php echo _t('about_freshrss'); ?></a></p>
+</div>
diff --git a/app/views/auth/logout.phtml b/app/views/auth/logout.phtml
new file mode 100644
index 000000000..e69de29bb
diff --git a/app/views/auth/personaLogin.phtml b/app/views/auth/personaLogin.phtml
new file mode 100644
index 000000000..d62fe5818
--- /dev/null
+++ b/app/views/auth/personaLogin.phtml
@@ -0,0 +1,24 @@
+<?php if ($this->res === false) { ?>
+<div class="prompt">
+	<h1><?php echo _t('login'); ?></h1>
+
+	<p>
+		<a class="signin btn btn-important" href="<?php echo _url('auth', 'login'); ?>">
+			<?php echo _i('login'); ?> <?php echo _t('login_with_persona'); ?>
+		</a>
+
+		<br /><br />
+
+		<?php echo _i('help'); ?>
+		<small>
+			<a href="<?php echo _url('auth', 'resetAuth'); ?>"><?php echo _t('login_persona_problem'); ?></a>
+		</small>
+	</p>
+
+	<p><a href="<?php echo _url('index', 'about'); ?>"><?php echo _t('about_freshrss'); ?></a></p>
+</div>
+<?php
+} else {
+	echo json_encode($this->res);
+}
+?>
diff --git a/app/views/helpers/javascript_vars.phtml b/app/views/helpers/javascript_vars.phtml
index 8f615ed87..3bbcc3848 100644
--- a/app/views/helpers/javascript_vars.phtml
+++ b/app/views/helpers/javascript_vars.phtml
@@ -8,6 +8,15 @@ $hide_posts = ($this->conf->display_posts ||
                Minz_Request::param('output') === 'reader');
 $s = $this->conf->shortcuts;
 
+$url_login = Minz_Url::display(array(
+	'c' => 'auth',
+	'a' => 'login'
+), 'php');
+$url_logout = Minz_Url::display(array(
+	'c' => 'auth',
+	'a' => 'logout'
+), 'php');
+
 echo 'var context={',
 	'hide_posts:', $hide_posts ? 'false' : 'true', ',',
 	'display_order:"', Minz_Request::param('order', $this->conf->sort_order), '",',
@@ -43,8 +52,8 @@ echo 'shortcuts={',
 
 echo 'url={',
 	'index:"', _url('index', 'index'), '",',
-	'login:"', _url('index', 'login'), '",',
-	'logout:"', _url('index', 'logout'), '",',
+	'login:"', $url_login, '",',
+	'logout:"', $url_logout, '",',
 	'help:"', FRESHRSS_WIKI, '"',
 "},\n";
 
diff --git a/app/views/index/formLogin.phtml b/app/views/index/formLogin.phtml
deleted file mode 100644
index b05cdced4..000000000
--- a/app/views/index/formLogin.phtml
+++ /dev/null
@@ -1,46 +0,0 @@
-<div class="prompt">
-	<h1><?php echo _t('login'); ?></h1><?php
-
-	switch (Minz_Configuration::authType()) {
-	case 'form':
-	?><form id="crypto-form" method="post" action="<?php echo _url('index', 'formLogin'); ?>">
-		<div>
-			<label for="username"><?php echo _t('username'); ?></label>
-			<input type="text" id="username" name="username" size="16" required="required" maxlength="16" pattern="[0-9a-zA-Z]{1,16}" autofocus="autofocus" />
-		</div>
-		<div>
-			<label for="passwordPlain"><?php echo _t('password'); ?></label>
-				<input type="password" id="passwordPlain" required="required" />
-				<input type="hidden" id="challenge" name="challenge" /><br />
-				<noscript><strong><?php echo _t('javascript_should_be_activated'); ?></strong></noscript>
-		</div>
-		<div>
-			<label class="checkbox" for="keep_logged_in">
-				<input type="checkbox" name="keep_logged_in" id="keep_logged_in" value="1" />
-				<?php echo _t('keep_logged_in'); ?>
-			</label>
-			<br />
-		</div>
-		<div>
-			<button id="loginButton" type="submit" class="btn btn-important"><?php echo _t('login'); ?></button>
-		</div>
-	</form><?php
-		break;
-
-	case 'persona':
-		?><p>
-			<a class="signin btn btn-important" href="#">
-				<?php echo _i('login'); ?>
-				<?php echo _t('login_with_persona'); ?>
-			</a><br /><br />
-
-			<?php echo _i('help'); ?>
-			<small>
-				<a href="<?php echo _url('index', 'resetAuth'); ?>"><?php echo _t('login_persona_problem'); ?></a>
-			</small>
-		</p><?php
-		break;
-	} ?>
-
-	<p><a href="<?php echo _url('index', 'about'); ?>"><?php echo _t('about_freshrss'); ?></a></p>
-</div>
diff --git a/p/scripts/main.js b/p/scripts/main.js
index b01a3a34d..77e1e3f77 100644
--- a/p/scripts/main.js
+++ b/p/scripts/main.js
@@ -1034,67 +1034,7 @@ function init_crypto_form() {
 }
 //</crypto form (Web login)>
 
-//<persona>
-function init_persona() {
-	if (!(navigator.id)) {
-		if (window.console) {
-			console.log('FreshRSS waiting for Persona…');
-		}
-		window.setTimeout(init_persona, 100);
-		return;
-	}
-	$('a.signin').click(function() {
-		navigator.id.request();
-		return false;
-	});
-
-	$('a.signout').click(function() {
-		navigator.id.logout();
-		return false;
-	});
 
-	navigator.id.watch({
-		loggedInUser: context['current_user_mail'],
-
-		onlogin: function(assertion) {
-			// A user has logged in! Here you need to:
-			// 1. Send the assertion to your backend for verification and to create a session.
-			// 2. Update your UI.
-			$.ajax ({
-				type: 'POST',
-				url: url['login'],
-				data: {assertion: assertion},
-				success: function(res, status, xhr) {
-					/*if (res.status === 'failure') {
-						alert (res_obj.reason);
-					} else*/ if (res.status === 'okay') {
-						location.href = url['index'];
-					}
-				},
-				error: function(res, status, xhr) {
-					alert("Login failure: " + res);
-				}
-			});
-		},
-		onlogout: function() {
-			// A user has logged out! Here you need to:
-			// Tear down the user's session by redirecting the user or making a call to your backend.
-			// Also, make sure loggedInUser will get set to null on the next page load.
-			// (That's a literal JavaScript null. Not false, 0, or undefined. null.)
-			$.ajax ({
-				type: 'POST',
-				url: url['logout'],
-				success: function(res, status, xhr) {
-					location.href = url['index'];
-				},
-				error: function(res, status, xhr) {
-					//alert("logout failure" + res);
-				}
-			});
-		}
-	});
-}
-//</persona>
 
 function init_confirm_action() {
 	$('body').on('click', '.confirm', function () {
@@ -1274,11 +1214,6 @@ function init_all() {
 		return;
 	}
 	init_notifications();
-	switch (context['auth_type']) {
-		case 'persona':
-			init_persona();
-			break;
-	}
 	init_confirm_action();
 	$stream = $('#stream');
 	if ($stream.length > 0) {
diff --git a/p/scripts/persona.js b/p/scripts/persona.js
new file mode 100644
index 000000000..36aeeaf56
--- /dev/null
+++ b/p/scripts/persona.js
@@ -0,0 +1,76 @@
+"use strict";
+
+function init_persona() {
+	if (!(navigator.id && window.$)) {
+		if (window.console) {
+			console.log('FreshRSS (Persona) waiting for JS…');
+		}
+		window.setTimeout(init_persona, 100);
+		return;
+	}
+
+	$('a.signin').click(function() {
+		navigator.id.request();
+		return false;
+	});
+
+	$('a.signout').click(function() {
+		navigator.id.logout();
+		return false;
+	});
+
+	navigator.id.watch({
+		loggedInUser: context['current_user_mail'],
+
+		onlogin: function(assertion) {
+			// A user has logged in! Here you need to:
+			// 1. Send the assertion to your backend for verification and to create a session.
+			// 2. Update your UI.
+			$.ajax ({
+				type: 'POST',
+				url: url['login'],
+				data: {assertion: assertion},
+				success: function(res, status, xhr) {
+					if (res.status === 'failure') {
+						openNotification(res.reason, 'bad');
+					} else if (res.status === 'okay') {
+						location.href = url['index'];
+					}
+				},
+				error: function(res, status, xhr) {
+					// alert(res);
+				}
+			});
+		},
+		onlogout: function() {
+			// A user has logged out! Here you need to:
+			// Tear down the user's session by redirecting the user or making a call to your backend.
+			// Also, make sure loggedInUser will get set to null on the next page load.
+			// (That's a literal JavaScript null. Not false, 0, or undefined. null.)
+			$.ajax ({
+				type: 'POST',
+				url: url['logout'],
+				success: function(res, status, xhr) {
+					location.href = url['index'];
+				},
+				error: function(res, status, xhr) {
+					// alert(res);
+				}
+			});
+		}
+	});
+}
+
+if (document.readyState && document.readyState !== 'loading') {
+	if (window.console) {
+		console.log('FreshRSS (Persona) immediate init…');
+	}
+	init_persona();
+} else if (document.addEventListener) {
+	document.addEventListener('DOMContentLoaded', function () {
+		if (window.console) {
+			console.log('FreshRSS (Persona) waiting for DOMContentLoaded…');
+		}
+		init_persona();
+	}, false);
+}
-- 
cgit v1.2.3


From c5fe3bd6593d0a07c087d1e60ae2e4b8ab5f9fa9 Mon Sep 17 00:00:00 2001
From: Marien Fressinaud <dev@marienfressinaud.fr>
Date: Thu, 16 Oct 2014 15:25:46 +0200
Subject: Reorganize user pages

Three pages:

- User profil
- User management
- Authentication
---
 app/Controllers/authController.php  |  60 ++++++++++
 app/Controllers/userController.php  | 198 +++++++++++++++++++++++++++++++++
 app/Controllers/usersController.php | 210 -----------------------------------
 app/layout/aside_configure.phtml    |  12 +-
 app/layout/header.phtml             |   4 +-
 app/views/auth/index.phtml          |  84 ++++++++++++++
 app/views/user/manage.phtml         |  76 +++++++++++++
 app/views/user/profil.phtml         |  59 ++++++++++
 app/views/users/index.phtml         | 211 ------------------------------------
 9 files changed, 490 insertions(+), 424 deletions(-)
 create mode 100644 app/Controllers/userController.php
 delete mode 100644 app/Controllers/usersController.php
 create mode 100644 app/views/auth/index.phtml
 create mode 100644 app/views/user/manage.phtml
 create mode 100644 app/views/user/profil.phtml
 delete mode 100644 app/views/users/index.phtml

(limited to 'app/layout/header.phtml')

diff --git a/app/Controllers/authController.php b/app/Controllers/authController.php
index e30fa4b72..751ce1f3f 100644
--- a/app/Controllers/authController.php
+++ b/app/Controllers/authController.php
@@ -4,6 +4,66 @@
  * This controller handles action about authentication.
  */
 class FreshRSS_auth_Controller extends Minz_ActionController {
+	/**
+	 * This action handles authentication management page.
+	 *
+	 * Parameters are:
+	 *   - token (default: current token)
+	 *   - anon_access (default: false)
+	 *   - anon_refresh (default: false)
+	 *   - auth_type (default: none)
+	 *   - unsafe_autologin (default: false)
+	 *   - api_enabled (default: false)
+	 *
+	 * @todo move unsafe_autologin in an extension.
+	 */
+	public function indexAction() {
+		if (!FreshRSS_Auth::hasAccess('admin')) {
+			Minz_Error::error(403,
+			                  array('error' => array(_t('access_denied'))));
+		}
+
+		if (Minz_Request::isPost()) {
+			$ok = true;
+
+			$current_token = $this->view->conf->token;
+			$token = Minz_Request::param('token', $current_token);
+			$this->view->conf->_token($token);
+			$ok &= $this->view->conf->save();
+
+			$anon = Minz_Request::param('anon_access', false);
+			$anon = ((bool)$anon) && ($anon !== 'no');
+			$anon_refresh = Minz_Request::param('anon_refresh', false);
+			$anon_refresh = ((bool)$anon_refresh) && ($anon_refresh !== 'no');
+			$auth_type = Minz_Request::param('auth_type', 'none');
+			$unsafe_autologin = Minz_Request::param('unsafe_autologin', false);
+			$api_enabled = Minz_Request::param('api_enabled', false);
+			if ($anon != Minz_Configuration::allowAnonymous() ||
+				$auth_type != Minz_Configuration::authType() ||
+				$anon_refresh != Minz_Configuration::allowAnonymousRefresh() ||
+				$unsafe_autologin != Minz_Configuration::unsafeAutologinEnabled() ||
+				$api_enabled != Minz_Configuration::apiEnabled()) {
+
+				Minz_Configuration::_authType($auth_type);
+				Minz_Configuration::_allowAnonymous($anon);
+				Minz_Configuration::_allowAnonymousRefresh($anon_refresh);
+				Minz_Configuration::_enableAutologin($unsafe_autologin);
+				Minz_Configuration::_enableApi($api_enabled);
+				$ok &= Minz_Configuration::writeFile();
+			}
+
+			invalidateHttpCache();
+
+			if ($ok) {
+				Minz_Request::good('configuration_updated',
+				                   array('c' => 'auth', 'a' => 'index'));
+			} else {
+				Minz_Request::bad('error_occurred',
+				                  array('c' => 'auth', 'a' => 'index'));
+			}
+		}
+	}
+
 	/**
 	 * This action handles the login page.
 	 *
diff --git a/app/Controllers/userController.php b/app/Controllers/userController.php
new file mode 100644
index 000000000..c516246c9
--- /dev/null
+++ b/app/Controllers/userController.php
@@ -0,0 +1,198 @@
+<?php
+
+/**
+ * Controller to handle user actions.
+ */
+class FreshRSS_user_Controller extends Minz_ActionController {
+	// Will also have to be computed client side on mobile devices,
+	// so do not use a too high cost
+	const BCRYPT_COST = 9;
+
+	/**
+	 * This action is called before every other action in that class. It is
+	 * the common boiler plate for every action. It is triggered by the
+	 * underlying framework.
+	 */
+	public function firstAction() {
+		if (!FreshRSS_Auth::hasAccess()) {
+			Minz_Error::error(
+				403,
+				array('error' => array(_t('access_denied')))
+			);
+		}
+	}
+
+	/**
+	 * This action displays the user profil page.
+	 */
+	public function profilAction() {
+		Minz_View::prependTitle(_t('users.profil') . ' · ');
+
+		if (Minz_Request::isPost()) {
+			$ok = true;
+
+			$passwordPlain = Minz_Request::param('passwordPlain', '', true);
+			if ($passwordPlain != '') {
+				Minz_Request::_param('passwordPlain');	//Discard plain-text password ASAP
+				$_POST['passwordPlain'] = '';
+				if (!function_exists('password_hash')) {
+					include_once(LIB_PATH . '/password_compat.php');
+				}
+				$passwordHash = password_hash($passwordPlain, PASSWORD_BCRYPT, array('cost' => self::BCRYPT_COST));
+				$passwordPlain = '';
+				$passwordHash = preg_replace('/^\$2[xy]\$/', '\$2a\$', $passwordHash);	//Compatibility with bcrypt.js
+				$ok &= ($passwordHash != '');
+				$this->view->conf->_passwordHash($passwordHash);
+			}
+			Minz_Session::_param('passwordHash', $this->view->conf->passwordHash);
+
+			$passwordPlain = Minz_Request::param('apiPasswordPlain', '', true);
+			if ($passwordPlain != '') {
+				if (!function_exists('password_hash')) {
+					include_once(LIB_PATH . '/password_compat.php');
+				}
+				$passwordHash = password_hash($passwordPlain, PASSWORD_BCRYPT, array('cost' => self::BCRYPT_COST));
+				$passwordPlain = '';
+				$passwordHash = preg_replace('/^\$2[xy]\$/', '\$2a\$', $passwordHash);	//Compatibility with bcrypt.js
+				$ok &= ($passwordHash != '');
+				$this->view->conf->_apiPasswordHash($passwordHash);
+			}
+
+			// TODO: why do we need of hasAccess here?
+			if (FreshRSS_Auth::hasAccess('admin')) {
+				$this->view->conf->_mail_login(Minz_Request::param('mail_login', '', true));
+			}
+			$email = $this->view->conf->mail_login;
+			Minz_Session::_param('mail', $email);
+
+			$ok &= $this->view->conf->save();
+
+			if ($email != '') {
+				$personaFile = DATA_PATH . '/persona/' . $email . '.txt';
+				@unlink($personaFile);
+				$ok &= (file_put_contents($personaFile, Minz_Session::param('currentUser', '_')) !== false);
+			}
+
+			if ($ok) {
+				Minz_Request::good('users.profil.updated',
+				                   array('c' => 'user', 'a' => 'profil'));
+			} else {
+				Minz_Request::bad('error_occurred',
+				                  array('c' => 'user', 'a' => 'profil'));
+			}
+		}
+	}
+
+	/**
+	 * This action displays the user management page.
+	 */
+	public function manageAction() {
+		Minz_View::prependTitle(_t('users.manage') . ' · ');
+	}
+
+	public function createAction() {
+		if (Minz_Request::isPost() && FreshRSS_Auth::hasAccess('admin')) {
+			$db = Minz_Configuration::dataBase();
+			require_once(APP_PATH . '/SQL/install.sql.' . $db['type'] . '.php');
+
+			$new_user_language = Minz_Request::param('new_user_language', $this->view->conf->language);
+			if (!in_array($new_user_language, $this->view->conf->availableLanguages())) {
+				$new_user_language = $this->view->conf->language;
+			}
+
+			$new_user_name = Minz_Request::param('new_user_name');
+			$ok = ($new_user_name != '') && ctype_alnum($new_user_name);
+
+			if ($ok) {
+				$ok &= (strcasecmp($new_user_name, Minz_Configuration::defaultUser()) !== 0);	//It is forbidden to alter the default user
+
+				$ok &= !in_array(strtoupper($new_user_name), array_map('strtoupper', listUsers()));	//Not an existing user, case-insensitive
+
+				$configPath = DATA_PATH . '/' . $new_user_name . '_user.php';
+				$ok &= !file_exists($configPath);
+			}
+			if ($ok) {
+			
+				$passwordPlain = Minz_Request::param('new_user_passwordPlain', '', true);
+				$passwordHash = '';
+				if ($passwordPlain != '') {
+					Minz_Request::_param('new_user_passwordPlain');	//Discard plain-text password ASAP
+					$_POST['new_user_passwordPlain'] = '';
+					if (!function_exists('password_hash')) {
+						include_once(LIB_PATH . '/password_compat.php');
+					}
+					$passwordHash = password_hash($passwordPlain, PASSWORD_BCRYPT, array('cost' => self::BCRYPT_COST));
+					$passwordPlain = '';
+					$passwordHash = preg_replace('/^\$2[xy]\$/', '\$2a\$', $passwordHash);	//Compatibility with bcrypt.js
+					$ok &= ($passwordHash != '');
+				}
+				if (empty($passwordHash)) {
+					$passwordHash = '';
+				}
+
+				$new_user_email = filter_var($_POST['new_user_email'], FILTER_VALIDATE_EMAIL);
+				if (empty($new_user_email)) {
+					$new_user_email = '';
+				} else {
+					$personaFile = DATA_PATH . '/persona/' . $new_user_email . '.txt';
+					@unlink($personaFile);
+					$ok &= (file_put_contents($personaFile, $new_user_name) !== false);
+				}
+			}
+			if ($ok) {
+				$config_array = array(
+					'language' => $new_user_language,
+					'passwordHash' => $passwordHash,
+					'mail_login' => $new_user_email,
+				);
+				$ok &= (file_put_contents($configPath, "<?php\n return " . var_export($config_array, true) . ';') !== false);
+			}
+			if ($ok) {
+				$userDAO = new FreshRSS_UserDAO();
+				$ok &= $userDAO->createUser($new_user_name);
+			}
+			invalidateHttpCache();
+
+			$notif = array(
+				'type' => $ok ? 'good' : 'bad',
+				'content' => _t($ok ? 'user_created' : 'error_occurred', $new_user_name)
+			);
+			Minz_Session::_param('notification', $notif);
+		}
+
+		Minz_Request::forward(array('c' => 'user', 'a' => 'manage'), true);
+	}
+
+	public function deleteAction() {
+		if (Minz_Request::isPost() && FreshRSS_Auth::hasAccess('admin')) {
+			$db = Minz_Configuration::dataBase();
+			require_once(APP_PATH . '/SQL/install.sql.' . $db['type'] . '.php');
+
+			$username = Minz_Request::param('username');
+			$ok = ctype_alnum($username);
+
+			if ($ok) {
+				$ok &= (strcasecmp($username, Minz_Configuration::defaultUser()) !== 0);	//It is forbidden to delete the default user
+			}
+			if ($ok) {
+				$configPath = DATA_PATH . '/' . $username . '_user.php';
+				$ok &= file_exists($configPath);
+			}
+			if ($ok) {
+				$userDAO = new FreshRSS_UserDAO();
+				$ok &= $userDAO->deleteUser($username);
+				$ok &= unlink($configPath);
+				//TODO: delete Persona file
+			}
+			invalidateHttpCache();
+
+			$notif = array(
+				'type' => $ok ? 'good' : 'bad',
+				'content' => _t($ok ? 'user_deleted' : 'error_occurred', $username)
+			);
+			Minz_Session::_param('notification', $notif);
+		}
+
+		Minz_Request::forward(array('c' => 'user', 'a' => 'manage'), true);
+	}
+}
diff --git a/app/Controllers/usersController.php b/app/Controllers/usersController.php
deleted file mode 100644
index 11862ce27..000000000
--- a/app/Controllers/usersController.php
+++ /dev/null
@@ -1,210 +0,0 @@
-<?php
-
-class FreshRSS_users_Controller extends Minz_ActionController {
-
-	const BCRYPT_COST = 9;	//Will also have to be computed client side on mobile devices, so do not use a too high cost
-
-	public function firstAction() {
-		if (!FreshRSS_Auth::hasAccess()) {
-			Minz_Error::error(
-				403,
-				array('error' => array(_t('access_denied')))
-			);
-		}
-	}
-
-	/**
-	 * This action display the user configuration page
-	 */
-	public function indexAction() {
-		Minz_View::prependTitle(_t('users') . ' · ');
-	}
-
-	public function authAction() {
-		if (Minz_Request::isPost()) {
-			$ok = true;
-
-			$passwordPlain = Minz_Request::param('passwordPlain', '', true);
-			if ($passwordPlain != '') {
-				Minz_Request::_param('passwordPlain');	//Discard plain-text password ASAP
-				$_POST['passwordPlain'] = '';
-				if (!function_exists('password_hash')) {
-					include_once(LIB_PATH . '/password_compat.php');
-				}
-				$passwordHash = password_hash($passwordPlain, PASSWORD_BCRYPT, array('cost' => self::BCRYPT_COST));
-				$passwordPlain = '';
-				$passwordHash = preg_replace('/^\$2[xy]\$/', '\$2a\$', $passwordHash);	//Compatibility with bcrypt.js
-				$ok &= ($passwordHash != '');
-				$this->view->conf->_passwordHash($passwordHash);
-			}
-			Minz_Session::_param('passwordHash', $this->view->conf->passwordHash);
-
-			$passwordPlain = Minz_Request::param('apiPasswordPlain', '', true);
-			if ($passwordPlain != '') {
-				if (!function_exists('password_hash')) {
-					include_once(LIB_PATH . '/password_compat.php');
-				}
-				$passwordHash = password_hash($passwordPlain, PASSWORD_BCRYPT, array('cost' => self::BCRYPT_COST));
-				$passwordPlain = '';
-				$passwordHash = preg_replace('/^\$2[xy]\$/', '\$2a\$', $passwordHash);	//Compatibility with bcrypt.js
-				$ok &= ($passwordHash != '');
-				$this->view->conf->_apiPasswordHash($passwordHash);
-			}
-
-			if (FreshRSS_Auth::hasAccess('admin')) {
-				$this->view->conf->_mail_login(Minz_Request::param('mail_login', '', true));
-			}
-			$email = $this->view->conf->mail_login;
-			Minz_Session::_param('mail', $email);
-
-			$ok &= $this->view->conf->save();
-
-			if ($email != '') {
-				$personaFile = DATA_PATH . '/persona/' . $email . '.txt';
-				@unlink($personaFile);
-				$ok &= (file_put_contents($personaFile, Minz_Session::param('currentUser', '_')) !== false);
-			}
-
-			if (FreshRSS_Auth::hasAccess('admin')) {
-				$current_token = $this->view->conf->token;
-				$token = Minz_Request::param('token', $current_token);
-				$this->view->conf->_token($token);
-				$ok &= $this->view->conf->save();
-
-				$anon = Minz_Request::param('anon_access', false);
-				$anon = ((bool)$anon) && ($anon !== 'no');
-				$anon_refresh = Minz_Request::param('anon_refresh', false);
-				$anon_refresh = ((bool)$anon_refresh) && ($anon_refresh !== 'no');
-				$auth_type = Minz_Request::param('auth_type', 'none');
-				$unsafe_autologin = Minz_Request::param('unsafe_autologin', false);
-				$api_enabled = Minz_Request::param('api_enabled', false);
-				if ($anon != Minz_Configuration::allowAnonymous() ||
-					$auth_type != Minz_Configuration::authType() ||
-					$anon_refresh != Minz_Configuration::allowAnonymousRefresh() ||
-					$unsafe_autologin != Minz_Configuration::unsafeAutologinEnabled() ||
-					$api_enabled != Minz_Configuration::apiEnabled()) {
-
-					Minz_Configuration::_authType($auth_type);
-					Minz_Configuration::_allowAnonymous($anon);
-					Minz_Configuration::_allowAnonymousRefresh($anon_refresh);
-					Minz_Configuration::_enableAutologin($unsafe_autologin);
-					Minz_Configuration::_enableApi($api_enabled);
-					$ok &= Minz_Configuration::writeFile();
-				}
-			}
-
-			invalidateHttpCache();
-
-			$notif = array(
-				'type' => $ok ? 'good' : 'bad',
-				'content' => _t($ok ? 'configuration_updated' : 'error_occurred')
-			);
-			Minz_Session::_param('notification', $notif);
-		}
-		Minz_Request::forward(array('c' => 'users', 'a' => 'index'), true);
-	}
-
-	public function createAction() {
-		if (Minz_Request::isPost() && FreshRSS_Auth::hasAccess('admin')) {
-			$db = Minz_Configuration::dataBase();
-			require_once(APP_PATH . '/SQL/install.sql.' . $db['type'] . '.php');
-
-			$new_user_language = Minz_Request::param('new_user_language', $this->view->conf->language);
-			if (!in_array($new_user_language, $this->view->conf->availableLanguages())) {
-				$new_user_language = $this->view->conf->language;
-			}
-
-			$new_user_name = Minz_Request::param('new_user_name');
-			$ok = ($new_user_name != '') && ctype_alnum($new_user_name);
-
-			if ($ok) {
-				$ok &= (strcasecmp($new_user_name, Minz_Configuration::defaultUser()) !== 0);	//It is forbidden to alter the default user
-
-				$ok &= !in_array(strtoupper($new_user_name), array_map('strtoupper', listUsers()));	//Not an existing user, case-insensitive
-
-				$configPath = DATA_PATH . '/' . $new_user_name . '_user.php';
-				$ok &= !file_exists($configPath);
-			}
-			if ($ok) {
-			
-				$passwordPlain = Minz_Request::param('new_user_passwordPlain', '', true);
-				$passwordHash = '';
-				if ($passwordPlain != '') {
-					Minz_Request::_param('new_user_passwordPlain');	//Discard plain-text password ASAP
-					$_POST['new_user_passwordPlain'] = '';
-					if (!function_exists('password_hash')) {
-						include_once(LIB_PATH . '/password_compat.php');
-					}
-					$passwordHash = password_hash($passwordPlain, PASSWORD_BCRYPT, array('cost' => self::BCRYPT_COST));
-					$passwordPlain = '';
-					$passwordHash = preg_replace('/^\$2[xy]\$/', '\$2a\$', $passwordHash);	//Compatibility with bcrypt.js
-					$ok &= ($passwordHash != '');
-				}
-				if (empty($passwordHash)) {
-					$passwordHash = '';
-				}
-
-				$new_user_email = filter_var($_POST['new_user_email'], FILTER_VALIDATE_EMAIL);
-				if (empty($new_user_email)) {
-					$new_user_email = '';
-				} else {
-					$personaFile = DATA_PATH . '/persona/' . $new_user_email . '.txt';
-					@unlink($personaFile);
-					$ok &= (file_put_contents($personaFile, $new_user_name) !== false);
-				}
-			}
-			if ($ok) {
-				$config_array = array(
-					'language' => $new_user_language,
-					'passwordHash' => $passwordHash,
-					'mail_login' => $new_user_email,
-				);
-				$ok &= (file_put_contents($configPath, "<?php\n return " . var_export($config_array, true) . ';') !== false);
-			}
-			if ($ok) {
-				$userDAO = new FreshRSS_UserDAO();
-				$ok &= $userDAO->createUser($new_user_name);
-			}
-			invalidateHttpCache();
-
-			$notif = array(
-				'type' => $ok ? 'good' : 'bad',
-				'content' => _t($ok ? 'user_created' : 'error_occurred', $new_user_name)
-			);
-			Minz_Session::_param('notification', $notif);
-		}
-		Minz_Request::forward(array('c' => 'users', 'a' => 'index'), true);
-	}
-
-	public function deleteAction() {
-		if (Minz_Request::isPost() && FreshRSS_Auth::hasAccess('admin')) {
-			$db = Minz_Configuration::dataBase();
-			require_once(APP_PATH . '/SQL/install.sql.' . $db['type'] . '.php');
-
-			$username = Minz_Request::param('username');
-			$ok = ctype_alnum($username);
-
-			if ($ok) {
-				$ok &= (strcasecmp($username, Minz_Configuration::defaultUser()) !== 0);	//It is forbidden to delete the default user
-			}
-			if ($ok) {
-				$configPath = DATA_PATH . '/' . $username . '_user.php';
-				$ok &= file_exists($configPath);
-			}
-			if ($ok) {
-				$userDAO = new FreshRSS_UserDAO();
-				$ok &= $userDAO->deleteUser($username);
-				$ok &= unlink($configPath);
-				//TODO: delete Persona file
-			}
-			invalidateHttpCache();
-
-			$notif = array(
-				'type' => $ok ? 'good' : 'bad',
-				'content' => _t($ok ? 'user_deleted' : 'error_occurred', $username)
-			);
-			Minz_Session::_param('notification', $notif);
-		}
-		Minz_Request::forward(array('c' => 'users', 'a' => 'index'), true);
-	}
-}
diff --git a/app/layout/aside_configure.phtml b/app/layout/aside_configure.phtml
index 59846a7c8..7a9d0d839 100644
--- a/app/layout/aside_configure.phtml
+++ b/app/layout/aside_configure.phtml
@@ -19,10 +19,18 @@
 		<a href="<?php echo _url('configure', 'queries'); ?>"><?php echo _t('queries'); ?></a>
 	</li>
 	<li class="separator"></li>
-	<li class="item<?php echo Minz_Request::controllerName() === 'users' ? ' active' : ''; ?>">
-		<a href="<?php echo _url('users', 'index'); ?>"><?php echo _t('users'); ?></a>
+	<li class="item<?php echo Minz_Request::controllerName() === 'user' &&
+	                          Minz_Request::actionName() === 'profil'? ' active' : ''; ?>">
+		<a href="<?php echo _url('user', 'profil'); ?>"><?php echo _t('users.profil'); ?></a>
 	</li>
 	<?php if (FreshRSS_Auth::hasAccess('admin')) { ?>
+	<li class="item<?php echo Minz_Request::controllerName() === 'user' &&
+	                          Minz_Request::actionName() === 'manage' ? ' active' : ''; ?>">
+		<a href="<?php echo _url('user', 'manage'); ?>"><?php echo _t('users.manage'); ?></a>
+	</li>
+	<li class="item<?php echo Minz_Request::controllerName() === 'auth' ? ' active' : ''; ?>">
+		<a href="<?php echo _url('auth', 'index'); ?>"><?php echo _t('authentication'); ?></a>
+	</li>
 	<li class="item<?php echo Minz_Request::controllerName() === 'update' ? ' active' : ''; ?>">
 		<a href="<?php echo _url('update', 'index'); ?>"><?php echo _t('update'); ?></a>
 	</li>
diff --git a/app/layout/header.phtml b/app/layout/header.phtml
index deb21edc9..7e7c1b477 100644
--- a/app/layout/header.phtml
+++ b/app/layout/header.phtml
@@ -63,8 +63,10 @@ if (Minz_Configuration::canLogIn()) {
 				<li class="item"><a href="<?php echo _url('configure', 'shortcut'); ?>"><?php echo _t('shortcuts'); ?></a></li>
 				<li class="item"><a href="<?php echo _url('configure', 'queries'); ?>"><?php echo _t('queries'); ?></a></li>
 				<li class="separator"></li>
-				<li class="item"><a href="<?php echo _url('users', 'index'); ?>"><?php echo _t('users'); ?></a></li>
+				<li class="item"><a href="<?php echo _url('user', 'profil'); ?>"><?php echo _t('users.profil'); ?></a></li>
 				<?php if (FreshRSS_Auth::hasAccess('admin')) { ?>
+				<li class="item"><a href="<?php echo _url('user', 'manage'); ?>"><?php echo _t('users.manage'); ?></a></li>
+				<li class="item"><a href="<?php echo _url('auth', 'index'); ?>"><?php echo _t('authentication'); ?></a></li>
 				<li class="item"><a href="<?php echo _url('update', 'index'); ?>"><?php echo _t('update'); ?></a></li>
 				<?php } ?>
 				<li class="separator"></li>
diff --git a/app/views/auth/index.phtml b/app/views/auth/index.phtml
new file mode 100644
index 000000000..c37a7aef6
--- /dev/null
+++ b/app/views/auth/index.phtml
@@ -0,0 +1,84 @@
+<?php $this->partial('aside_configure'); ?>
+
+<div class="post">
+	<a href="<?php echo _url('index', 'index'); ?>"><?php echo _t('back_to_rss_feeds'); ?></a>
+
+	<form method="post" action="<?php echo _url('auth', 'index'); ?>">
+		<legend><?php echo _t('auth_type'); ?></legend>
+
+		<div class="form-group">
+			<label class="group-name" for="auth_type"><?php echo _t('auth_type'); ?></label>
+			<div class="group-controls">
+				<select id="auth_type" name="auth_type" required="required">
+					<?php if (!in_array(Minz_Configuration::authType(), array('form', 'persona', 'http_auth', 'none'))) { ?>
+						<option selected="selected"></option>
+					<?php } ?>
+					<option value="form"<?php echo Minz_Configuration::authType() === 'form' ? ' selected="selected"' : '', cryptAvailable() ? '' : ' disabled="disabled"'; ?>><?php echo _t('auth_form'); ?></option>
+					<option value="persona"<?php echo Minz_Configuration::authType() === 'persona' ? ' selected="selected"' : '', $this->conf->mail_login == '' ? ' disabled="disabled"' : ''; ?>><?php echo _t('auth_persona'); ?></option>
+					<option value="http_auth"<?php echo Minz_Configuration::authType() === 'http_auth' ? ' selected="selected"' : '', httpAuthUser() == '' ? ' disabled="disabled"' : ''; ?>><?php echo _t('http_auth'); ?> (REMOTE_USER = '<?php echo httpAuthUser(); ?>')</option>
+					<option value="none"<?php echo Minz_Configuration::authType() === 'none' ? ' selected="selected"' : ''; ?>><?php echo _t('auth_none'); ?></option>
+				</select>
+			</div>
+		</div>
+
+		<div class="form-group">
+			<div class="group-controls">
+				<label class="checkbox" for="anon_access">
+					<input type="checkbox" name="anon_access" id="anon_access" value="1"<?php echo Minz_Configuration::allowAnonymous() ? ' checked="checked"' : '',
+						Minz_Configuration::canLogIn() ? '' : ' disabled="disabled"'; ?> />
+					<?php echo _t('allow_anonymous', Minz_Configuration::defaultUser()); ?>
+				</label>
+			</div>
+		</div>
+
+		<div class="form-group">
+			<div class="group-controls">
+				<label class="checkbox" for="anon_refresh">
+					<input type="checkbox" name="anon_refresh" id="anon_refresh" value="1"<?php echo Minz_Configuration::allowAnonymousRefresh() ? ' checked="checked"' : '',
+						Minz_Configuration::canLogIn() ? '' : ' disabled="disabled"'; ?> />
+					<?php echo _t('allow_anonymous_refresh'); ?>
+				</label>
+			</div>
+		</div>
+
+		<div class="form-group">
+			<div class="group-controls">
+				<label class="checkbox" for="unsafe_autologin">
+					<input type="checkbox" name="unsafe_autologin" id="unsafe_autologin" value="1"<?php echo Minz_Configuration::unsafeAutologinEnabled() ? ' checked="checked"' : '',
+						Minz_Configuration::canLogIn() ? '' : ' disabled="disabled"'; ?> />
+					<?php echo _t('unsafe_autologin'); ?>
+					<kbd>p/i/?a=formLogin&amp;u=Alice&amp;p=1234</kbd>
+				</label>
+			</div>
+		</div>
+
+		<?php if (Minz_Configuration::canLogIn()) { ?>
+		<div class="form-group">
+			<label class="group-name" for="token"><?php echo _t('auth_token'); ?></label>
+			<?php $token = $this->conf->token; ?>
+			<div class="group-controls">
+				<input type="text" id="token" name="token" value="<?php echo $token; ?>" placeholder="<?php echo _t('blank_to_disable'); ?>"<?php
+					echo Minz_Configuration::canLogIn() ? '' : ' disabled="disabled"'; ?> />
+				<?php echo _i('help'); ?> <?php echo _t('explain_token', Minz_Url::display(null, 'html', true), $token); ?>
+			</div>
+		</div>
+		<?php } ?>
+
+		<div class="form-group">
+			<div class="group-controls">
+				<label class="checkbox" for="api_enabled">
+					<input type="checkbox" name="api_enabled" id="api_enabled" value="1"<?php echo Minz_Configuration::apiEnabled() ? ' checked="checked"' : '',
+						Minz_Configuration::needsLogin() ? '' : ' disabled="disabled"'; ?> />
+					<?php echo _t('api_enabled'); ?>
+				</label>
+			</div>
+		</div>
+
+		<div class="form-group form-actions">
+			<div class="group-controls">
+				<button type="submit" class="btn btn-important"><?php echo _t('save'); ?></button>
+				<button type="reset" class="btn"><?php echo _t('cancel'); ?></button>
+			</div>
+		</div>
+	</form>
+</div>
diff --git a/app/views/user/manage.phtml b/app/views/user/manage.phtml
new file mode 100644
index 000000000..03746cabb
--- /dev/null
+++ b/app/views/user/manage.phtml
@@ -0,0 +1,76 @@
+<?php $this->partial('aside_configure'); ?>
+
+<div class="post">
+	<a href="<?php echo _url('index', 'index'); ?>"><?php echo _t('back_to_rss_feeds'); ?></a>
+
+	<form method="post" action="<?php echo _url('user', 'delete'); ?>">
+		<legend><?php echo _t('users'); ?></legend>
+
+		<div class="form-group">
+			<label class="group-name" for="users_list"><?php echo _t('users_list'); ?></label>
+			<div class="group-controls">
+				<select id="users_list" name="username"><?php
+					foreach (listUsers() as $user) {
+						echo '<option>', $user, '</option>';
+					}
+				?></select>
+			</div>
+		</div>
+
+		<div class="form-group form-actions">
+			<div class="group-controls">
+				<button type="submit" class="btn btn-attention confirm"><?php echo _t('delete'); ?></button>
+			</div>
+		</div>
+	</form>
+
+	<form method="post" action="<?php echo _url('user', 'create'); ?>">
+		<legend><?php echo _t('create_user'); ?></legend>
+
+		<div class="form-group">
+			<label class="group-name" for="new_user_language"><?php echo _t('language'); ?></label>
+			<div class="group-controls">
+				<select name="new_user_language" id="new_user_language">
+				<?php $languages = $this->conf->availableLanguages(); ?>
+				<?php foreach ($languages as $short => $lib) { ?>
+				<option value="<?php echo $short; ?>"<?php echo $this->conf->language === $short ? ' selected="selected"' : ''; ?>><?php echo $lib; ?></option>
+				<?php } ?>
+				</select>
+			</div>
+		</div>
+
+		<div class="form-group">
+			<label class="group-name" for="new_user_name"><?php echo _t('username'); ?></label>
+			<div class="group-controls">
+				<input id="new_user_name" name="new_user_name" type="text" size="16" required="required" maxlength="16" autocomplete="off" pattern="[0-9a-zA-Z]{1,16}" placeholder="demo" />
+			</div>
+		</div>
+
+		<div class="form-group">
+			<label class="group-name" for="new_user_passwordPlain"><?php echo _t('password_form'); ?></label>
+			<div class="group-controls">
+				<div class="stick">
+					<input type="password" id="new_user_passwordPlain" name="new_user_passwordPlain" autocomplete="off" pattern=".{7,}" />
+					<a class="btn toggle-password"><?php echo _i('key'); ?></a>
+				</div>
+				<noscript><b><?php echo _t('javascript_should_be_activated'); ?></b></noscript>
+			</div>
+		</div>
+
+		<div class="form-group">
+			<label class="group-name" for="new_user_email"><?php echo _t('persona_connection_email'); ?></label>
+			<?php $mail = $this->conf->mail_login; ?>
+			<div class="group-controls">
+				<input type="email" id="new_user_email" name="new_user_email" class="extend" autocomplete="off" placeholder="alice@example.net" />
+			</div>
+		</div>
+
+		<div class="form-group form-actions">
+			<div class="group-controls">
+				<button type="submit" class="btn btn-important"><?php echo _t('create'); ?></button>
+				<button type="reset" class="btn"><?php echo _t('cancel'); ?></button>
+			</div>
+		</div>
+
+	</form>
+</div>
diff --git a/app/views/user/profil.phtml b/app/views/user/profil.phtml
new file mode 100644
index 000000000..a74c7b6f8
--- /dev/null
+++ b/app/views/user/profil.phtml
@@ -0,0 +1,59 @@
+<?php $this->partial('aside_configure'); ?>
+
+<div class="post">
+	<a href="<?php echo _url('index', 'index'); ?>"><?php echo _t('back_to_rss_feeds'); ?></a>
+
+	<form method="post" action="<?php echo _url('user', 'profil'); ?>">
+		<legend><?php echo _t('login_configuration'); ?></legend>
+
+		<div class="form-group">
+			<label class="group-name" for="current_user"><?php echo _t('current_user'); ?></label>
+			<div class="group-controls">
+				<input id="current_user" type="text" disabled="disabled" value="<?php echo Minz_Session::param('currentUser', '_'); ?>" />
+				<label class="checkbox" for="is_admin">
+					<input type="checkbox" id="is_admin" disabled="disabled" <?php echo FreshRSS_Auth::hasAccess('admin') ? 'checked="checked" ' : ''; ?>/>
+					<?php echo _t('is_admin'); ?>
+				</label>
+			</div>
+		</div>
+
+		<div class="form-group">
+			<label class="group-name" for="passwordPlain"><?php echo _t('password_form'); ?></label>
+			<div class="group-controls">
+				<div class="stick">
+					<input type="password" id="passwordPlain" name="passwordPlain" autocomplete="off" pattern=".{7,}" <?php echo cryptAvailable() ? '' : 'disabled="disabled" '; ?>/>
+					<a class="btn toggle-password"><?php echo _i('key'); ?></a>
+				</div>
+				<noscript><b><?php echo _t('javascript_should_be_activated'); ?></b></noscript>
+			</div>
+		</div>
+
+		<?php if (Minz_Configuration::apiEnabled()) { ?>
+		<div class="form-group">
+			<label class="group-name" for="apiPasswordPlain"><?php echo _t('password_api'); ?></label>
+			<div class="group-controls">
+				<div class="stick">
+					<input type="password" id="apiPasswordPlain" name="apiPasswordPlain" autocomplete="off" pattern=".{7,}" <?php echo cryptAvailable() ? '' : 'disabled="disabled" '; ?>/>
+					<a class="btn toggle-password"><?php echo _i('key'); ?></a>
+				</div>
+			</div>
+		</div>
+		<?php } ?>
+
+		<div class="form-group">
+			<label class="group-name" for="mail_login"><?php echo _t('persona_connection_email'); ?></label>
+			<?php $mail = $this->conf->mail_login; ?>
+			<div class="group-controls">
+				<input type="email" id="mail_login" name="mail_login" class="extend" autocomplete="off" value="<?php echo $mail; ?>" <?php echo FreshRSS_Auth::hasAccess('admin') ? '' : 'disabled="disabled"'; ?> placeholder="alice@example.net" />
+				<noscript><b><?php echo _t('javascript_should_be_activated'); ?></b></noscript>
+			</div>
+		</div>
+
+		<div class="form-group form-actions">
+			<div class="group-controls">
+				<button type="submit" class="btn btn-important"><?php echo _t('save'); ?></button>
+				<button type="reset" class="btn"><?php echo _t('cancel'); ?></button>
+			</div>
+		</div>
+	</form>
+</div>
diff --git a/app/views/users/index.phtml b/app/views/users/index.phtml
deleted file mode 100644
index f1cdf01a3..000000000
--- a/app/views/users/index.phtml
+++ /dev/null
@@ -1,211 +0,0 @@
-<?php $this->partial('aside_configure'); ?>
-
-<div class="post">
-	<a href="<?php echo _url('index', 'index'); ?>"><?php echo _t('back_to_rss_feeds'); ?></a>
-
-	<form method="post" action="<?php echo _url('users', 'auth'); ?>">
-		<legend><?php echo _t('login_configuration'); ?></legend>
-
-		<div class="form-group">
-			<label class="group-name" for="current_user"><?php echo _t('current_user'); ?></label>
-			<div class="group-controls">
-				<input id="current_user" type="text" disabled="disabled" value="<?php echo Minz_Session::param('currentUser', '_'); ?>" />
-				<label class="checkbox" for="is_admin">
-					<input type="checkbox" id="is_admin" disabled="disabled" <?php echo FreshRSS_Auth::hasAccess('admin') ? 'checked="checked" ' : ''; ?>/>
-					<?php echo _t('is_admin'); ?>
-				</label>
-			</div>
-		</div>
-
-		<div class="form-group">
-			<label class="group-name" for="passwordPlain"><?php echo _t('password_form'); ?></label>
-			<div class="group-controls">
-				<div class="stick">
-					<input type="password" id="passwordPlain" name="passwordPlain" autocomplete="off" pattern=".{7,}" <?php echo cryptAvailable() ? '' : 'disabled="disabled" '; ?>/>
-					<a class="btn toggle-password"><?php echo _i('key'); ?></a>
-				</div>
-				<noscript><b><?php echo _t('javascript_should_be_activated'); ?></b></noscript>
-			</div>
-		</div>
-
-		<?php if (Minz_Configuration::apiEnabled()) { ?>
-		<div class="form-group">
-			<label class="group-name" for="apiPasswordPlain"><?php echo _t('password_api'); ?></label>
-			<div class="group-controls">
-				<div class="stick">
-					<input type="password" id="apiPasswordPlain" name="apiPasswordPlain" autocomplete="off" pattern=".{7,}" <?php echo cryptAvailable() ? '' : 'disabled="disabled" '; ?>/>
-					<a class="btn toggle-password"><?php echo _i('key'); ?></a>
-				</div>
-			</div>
-		</div>
-		<?php } ?>
-
-		<div class="form-group">
-			<label class="group-name" for="mail_login"><?php echo _t('persona_connection_email'); ?></label>
-			<?php $mail = $this->conf->mail_login; ?>
-			<div class="group-controls">
-				<input type="email" id="mail_login" name="mail_login" class="extend" autocomplete="off" value="<?php echo $mail; ?>" <?php echo FreshRSS_Auth::hasAccess('admin') ? '' : 'disabled="disabled"'; ?> placeholder="alice@example.net" />
-				<noscript><b><?php echo _t('javascript_should_be_activated'); ?></b></noscript>
-			</div>
-		</div>
-
-		<div class="form-group form-actions">
-			<div class="group-controls">
-				<button type="submit" class="btn btn-important"><?php echo _t('save'); ?></button>
-				<button type="reset" class="btn"><?php echo _t('cancel'); ?></button>
-			</div>
-		</div>
-
-	<?php if (FreshRSS_Auth::hasAccess('admin')) { ?>
-
-		<legend><?php echo _t('auth_type'); ?></legend>
-
-		<div class="form-group">
-			<label class="group-name" for="auth_type"><?php echo _t('auth_type'); ?></label>
-			<div class="group-controls">
-				<select id="auth_type" name="auth_type" required="required">
-					<?php if (!in_array(Minz_Configuration::authType(), array('form', 'persona', 'http_auth', 'none'))) { ?>
-						<option selected="selected"></option>
-					<?php } ?>
-					<option value="form"<?php echo Minz_Configuration::authType() === 'form' ? ' selected="selected"' : '', cryptAvailable() ? '' : ' disabled="disabled"'; ?>><?php echo _t('auth_form'); ?></option>
-					<option value="persona"<?php echo Minz_Configuration::authType() === 'persona' ? ' selected="selected"' : '', $this->conf->mail_login == '' ? ' disabled="disabled"' : ''; ?>><?php echo _t('auth_persona'); ?></option>
-					<option value="http_auth"<?php echo Minz_Configuration::authType() === 'http_auth' ? ' selected="selected"' : '', httpAuthUser() == '' ? ' disabled="disabled"' : ''; ?>><?php echo _t('http_auth'); ?> (REMOTE_USER = '<?php echo httpAuthUser(); ?>')</option>
-					<option value="none"<?php echo Minz_Configuration::authType() === 'none' ? ' selected="selected"' : ''; ?>><?php echo _t('auth_none'); ?></option>
-				</select>
-			</div>
-		</div>
-
-		<div class="form-group">
-			<div class="group-controls">
-				<label class="checkbox" for="anon_access">
-					<input type="checkbox" name="anon_access" id="anon_access" value="1"<?php echo Minz_Configuration::allowAnonymous() ? ' checked="checked"' : '',
-						Minz_Configuration::canLogIn() ? '' : ' disabled="disabled"'; ?> />
-					<?php echo _t('allow_anonymous', Minz_Configuration::defaultUser()); ?>
-				</label>
-			</div>
-		</div>
-
-		<div class="form-group">
-			<div class="group-controls">
-				<label class="checkbox" for="anon_refresh">
-					<input type="checkbox" name="anon_refresh" id="anon_refresh" value="1"<?php echo Minz_Configuration::allowAnonymousRefresh() ? ' checked="checked"' : '',
-						Minz_Configuration::canLogIn() ? '' : ' disabled="disabled"'; ?> />
-					<?php echo _t('allow_anonymous_refresh'); ?>
-				</label>
-			</div>
-		</div>
-
-		<div class="form-group">
-			<div class="group-controls">
-				<label class="checkbox" for="unsafe_autologin">
-					<input type="checkbox" name="unsafe_autologin" id="unsafe_autologin" value="1"<?php echo Minz_Configuration::unsafeAutologinEnabled() ? ' checked="checked"' : '',
-						Minz_Configuration::canLogIn() ? '' : ' disabled="disabled"'; ?> />
-					<?php echo _t('unsafe_autologin'); ?>
-					<kbd>p/i/?a=formLogin&amp;u=Alice&amp;p=1234</kbd>
-				</label>
-			</div>
-		</div>
-
-		<?php if (Minz_Configuration::canLogIn()) { ?>
-		<div class="form-group">
-			<label class="group-name" for="token"><?php echo _t('auth_token'); ?></label>
-			<?php $token = $this->conf->token; ?>
-			<div class="group-controls">
-				<input type="text" id="token" name="token" value="<?php echo $token; ?>" placeholder="<?php echo _t('blank_to_disable'); ?>"<?php
-					echo Minz_Configuration::canLogIn() ? '' : ' disabled="disabled"'; ?> />
-				<?php echo _i('help'); ?> <?php echo _t('explain_token', Minz_Url::display(null, 'html', true), $token); ?>
-			</div>
-		</div>
-		<?php } ?>
-
-		<div class="form-group">
-			<div class="group-controls">
-				<label class="checkbox" for="api_enabled">
-					<input type="checkbox" name="api_enabled" id="api_enabled" value="1"<?php echo Minz_Configuration::apiEnabled() ? ' checked="checked"' : '',
-						Minz_Configuration::needsLogin() ? '' : ' disabled="disabled"'; ?> />
-					<?php echo _t('api_enabled'); ?>
-				</label>
-			</div>
-		</div>
-
-		<div class="form-group form-actions">
-			<div class="group-controls">
-				<button type="submit" class="btn btn-important"><?php echo _t('save'); ?></button>
-				<button type="reset" class="btn"><?php echo _t('cancel'); ?></button>
-			</div>
-		</div>
-	</form>
-
-	<form method="post" action="<?php echo _url('users', 'delete'); ?>">
-		<legend><?php echo _t('users'); ?></legend>
-
-		<div class="form-group">
-			<label class="group-name" for="users_list"><?php echo _t('users_list'); ?></label>
-			<div class="group-controls">
-				<select id="users_list" name="username"><?php
-					foreach (listUsers() as $user) {
-						echo '<option>', $user, '</option>';
-					}
-				?></select>
-			</div>
-		</div>
-	
-		<div class="form-group form-actions">
-			<div class="group-controls">
-				<button type="submit" class="btn btn-attention confirm"><?php echo _t('delete'); ?></button>
-			</div>
-		</div>
-	</form>
-
-	<form method="post" action="<?php echo _url('users', 'create'); ?>">
-		<legend><?php echo _t('create_user'); ?></legend>
-
-		<div class="form-group">
-			<label class="group-name" for="new_user_language"><?php echo _t('language'); ?></label>
-			<div class="group-controls">
-				<select name="new_user_language" id="new_user_language">
-				<?php $languages = $this->conf->availableLanguages(); ?>
-				<?php foreach ($languages as $short => $lib) { ?>
-				<option value="<?php echo $short; ?>"<?php echo $this->conf->language === $short ? ' selected="selected"' : ''; ?>><?php echo $lib; ?></option>
-				<?php } ?>
-				</select>
-			</div>
-		</div>
-
-		<div class="form-group">
-			<label class="group-name" for="new_user_name"><?php echo _t('username'); ?></label>
-			<div class="group-controls">
-				<input id="new_user_name" name="new_user_name" type="text" size="16" required="required" maxlength="16" autocomplete="off" pattern="[0-9a-zA-Z]{1,16}" placeholder="demo" />
-			</div>
-		</div>
-
-		<div class="form-group">
-			<label class="group-name" for="new_user_passwordPlain"><?php echo _t('password_form'); ?></label>
-			<div class="group-controls">
-				<div class="stick">
-					<input type="password" id="new_user_passwordPlain" name="new_user_passwordPlain" autocomplete="off" pattern=".{7,}" />
-					<a class="btn toggle-password"><?php echo _i('key'); ?></a>
-				</div>
-				<noscript><b><?php echo _t('javascript_should_be_activated'); ?></b></noscript>
-			</div>
-		</div>
-
-		<div class="form-group">
-			<label class="group-name" for="new_user_email"><?php echo _t('persona_connection_email'); ?></label>
-			<?php $mail = $this->conf->mail_login; ?>
-			<div class="group-controls">
-				<input type="email" id="new_user_email" name="new_user_email" class="extend" autocomplete="off" placeholder="alice@example.net" />
-			</div>
-		</div>
-
-		<div class="form-group form-actions">
-			<div class="group-controls">
-				<button type="submit" class="btn btn-important"><?php echo _t('create'); ?></button>
-				<button type="reset" class="btn"><?php echo _t('cancel'); ?></button>
-			</div>
-		</div>
-
-	</form>
-
-	<?php } ?>
-</div>
-- 
cgit v1.2.3


From 74be86d7e817bcccdc0052c54fefdc8379d9fe7f Mon Sep 17 00:00:00 2001
From: Marien Fressinaud <dev@marienfressinaud.fr>
Date: Fri, 17 Oct 2014 09:33:35 +0200
Subject: Reorganise menus (aside and header)

---
 app/layout/aside_configure.phtml | 2 +-
 app/layout/header.phtml          | 3 ++-
 lib/lib_opml.php                 | 2 ++
 3 files changed, 5 insertions(+), 2 deletions(-)

(limited to 'app/layout/header.phtml')

diff --git a/app/layout/aside_configure.phtml b/app/layout/aside_configure.phtml
index 7a9d0d839..2e2b87203 100644
--- a/app/layout/aside_configure.phtml
+++ b/app/layout/aside_configure.phtml
@@ -18,12 +18,12 @@
 	<li class="item<?php echo Minz_Request::actionName() === 'queries' ? ' active' : ''; ?>">
 		<a href="<?php echo _url('configure', 'queries'); ?>"><?php echo _t('queries'); ?></a>
 	</li>
-	<li class="separator"></li>
 	<li class="item<?php echo Minz_Request::controllerName() === 'user' &&
 	                          Minz_Request::actionName() === 'profil'? ' active' : ''; ?>">
 		<a href="<?php echo _url('user', 'profil'); ?>"><?php echo _t('users.profil'); ?></a>
 	</li>
 	<?php if (FreshRSS_Auth::hasAccess('admin')) { ?>
+	<li class="nav-header"><?php echo _t('administration'); ?></li>
 	<li class="item<?php echo Minz_Request::controllerName() === 'user' &&
 	                          Minz_Request::actionName() === 'manage' ? ' active' : ''; ?>">
 		<a href="<?php echo _url('user', 'manage'); ?>"><?php echo _t('users.manage'); ?></a>
diff --git a/app/layout/header.phtml b/app/layout/header.phtml
index 7e7c1b477..c680cbcdc 100644
--- a/app/layout/header.phtml
+++ b/app/layout/header.phtml
@@ -62,9 +62,10 @@ if (Minz_Configuration::canLogIn()) {
 				<li class="item"><a href="<?php echo _url('configure', 'sharing'); ?>"><?php echo _t('sharing'); ?></a></li>
 				<li class="item"><a href="<?php echo _url('configure', 'shortcut'); ?>"><?php echo _t('shortcuts'); ?></a></li>
 				<li class="item"><a href="<?php echo _url('configure', 'queries'); ?>"><?php echo _t('queries'); ?></a></li>
-				<li class="separator"></li>
 				<li class="item"><a href="<?php echo _url('user', 'profil'); ?>"><?php echo _t('users.profil'); ?></a></li>
+				<li class="separator"></li>
 				<?php if (FreshRSS_Auth::hasAccess('admin')) { ?>
+				<li class="dropdown-header"><?php echo _t('administration'); ?></li>
 				<li class="item"><a href="<?php echo _url('user', 'manage'); ?>"><?php echo _t('users.manage'); ?></a></li>
 				<li class="item"><a href="<?php echo _url('auth', 'index'); ?>"><?php echo _t('authentication'); ?></a></li>
 				<li class="item"><a href="<?php echo _url('update', 'index'); ?>"><?php echo _t('update'); ?></a></li>
diff --git a/lib/lib_opml.php b/lib/lib_opml.php
index 16a9921ea..f320335bb 100644
--- a/lib/lib_opml.php
+++ b/lib/lib_opml.php
@@ -101,6 +101,7 @@ function libopml_parse_string($xml) {
 
 	// First, we get all "head" elements. Head is required but its sub-elements
 	// are optional.
+	// TODO: test head exists!
 	foreach ($opml->head->children() as $key => $value) {
 		if (in_array($key, unserialize(HEAD_ELEMENTS), true)) {
 			$array['head'][$key] = (string)$value;
@@ -114,6 +115,7 @@ function libopml_parse_string($xml) {
 	// Then, we get body oulines. Body must contain at least one outline
 	// element.
 	$at_least_one_outline = false;
+	// TODO: test body exists!
 	foreach ($opml->body->children() as $key => $value) {
 		if ($key === 'outline') {
 			$at_least_one_outline = true;
-- 
cgit v1.2.3


From ce0984e102f5ce7d07277425595dad74193d4528 Mon Sep 17 00:00:00 2001
From: Marien Fressinaud <dev@marienfressinaud.fr>
Date: Fri, 17 Oct 2014 16:23:07 +0200
Subject: Fix i18n

---
 app/i18n/en.php                     | 28 +++++++++++++++++-----------
 app/i18n/fr.php                     | 32 +++++++++++++++++++-------------
 app/layout/aside_configure.phtml    |  8 ++++----
 app/layout/header.phtml             | 10 +++++-----
 app/views/configure/archiving.phtml | 19 ++++++++++++-------
 app/views/user/manage.phtml         |  4 +++-
 6 files changed, 60 insertions(+), 41 deletions(-)

(limited to 'app/layout/header.phtml')

diff --git a/app/i18n/en.php b/app/i18n/en.php
index ebc25ba0c..f65576ea3 100644
--- a/app/i18n/en.php
+++ b/app/i18n/en.php
@@ -9,6 +9,7 @@
   'add_category' => 'Add a category',
   'add_query' => 'Add a query',
   'add_rss_feed' => 'Add a RSS feed',
+  'admin.users.articles_and_size' => '%d articles (%s)',
   'administration' => 'Manage',
   'advanced' => 'Advanced',
   'after_onread' => 'After “mark all as read”,',
@@ -18,8 +19,8 @@
   'all_feeds' => 'All feeds',
   'already_subscribed' => 'You have already subscribed to <em>%s</em>',
   'api_enabled' => 'Allow <abbr>API</abbr> access <small>(required for mobile apps)</small>',
-  'apr' => 'apr',
   'Apr' => '\\A\\p\\r\\i\\l',
+  'apr' => 'apr',
   'april' => 'Apr',
   'archiving_configuration' => 'Archiving',
   'archiving_configuration_help' => 'More options are available in the individual stream settings',
@@ -34,8 +35,8 @@
   'article_viewed' => 'when article is viewed',
   'ask_empty' => 'Clear?',
   'attention' => 'Attention!',
-  'aug' => 'aug',
   'Aug' => '\\A\\u\\g\\u\\s\\t',
+  'aug' => 'aug',
   'august' => 'Aug',
   'author' => 'Author',
   'auth_form' => 'Web form (traditional, requires JavaScript)',
@@ -98,10 +99,11 @@
   'choose_language' => 'Choose a language for FreshRSS',
   'clear_logs' => 'Clear the logs',
   'collapse_article' => 'Collapse',
+  'conf.users.articles_and_size' => '%d articles (%s)',
   'configuration' => 'Configuration',
   'configuration_updated' => 'Configuration has been updated',
   'confirm_action' => 'Are you sure you want to perform this action? It cannot be cancelled!',
-  'confirm_action_feed_cat' => 'Are you sure you want to perform this action? You may lost related favorites and user queries. It cannot be cancelled!',
+  'confirm_action_feed_cat' => 'Are you sure you want to perform this action? You will lose related favorites and user queries. It cannot be cancelled!',
   'congratulations' => 'Congratulations!',
   'content_width' => 'Content width',
   'create' => 'Create',
@@ -116,8 +118,8 @@
   'current_user' => 'Current user',
   'damn' => 'Damn!',
   'data_is_ok' => 'Permissions on data directory are good',
-  'Dec' => '\\D\\e\\c\\e\\m\\b\\e\\r',
   'dec' => 'dec',
+  'Dec' => '\\D\\e\\c\\e\\m\\b\\e\\r',
   'december' => 'Dec',
   'default_category' => 'Uncategorized',
   'default_user' => 'Username of the default user <small>(maximum 16 alphanumeric characters)</small>',
@@ -182,6 +184,10 @@
   'freshrss_installation' => 'Installation · FreshRSS',
   'fri' => 'Fri',
   'g+' => 'Google+',
+  'gen.menu.admin' => 'Administration',
+  'gen.menu.authentication' => 'Authentication',
+  'gen.menu.manage_users' => 'Manage users',
+  'gen.menu.profil' => 'Profil',
   'general_configuration' => 'General configuration',
   'general_conf_is_ok' => 'General configuration has been saved.',
   'github_or_email' => '<a href="https://github.com/marienfressinaud/FreshRSS/issues">on Github</a> or <a href="mailto:dev@marienfressinaud.fr">by mail</a>',
@@ -207,18 +213,18 @@
   'invalid_login' => 'Login is invalid',
   'invalid_url' => 'URL <em>%s</em> is invalid',
   'is_admin' => 'is administrator',
-  'jan' => 'jan',
   'Jan' => '\\J\\a\\n\\u\\a\\r\\y',
+  'jan' => 'jan',
   'january' => 'Jan',
   'javascript_for_shortcuts' => 'JavaScript must be enabled in order to use shortcuts',
   'javascript_is_better' => 'FreshRSS is more pleasant with JavaScript enabled',
   'javascript_should_be_activated' => 'JavaScript must be enabled',
-  'Jul' => '\\J\\u\\l\\y',
   'jul' => 'jul',
+  'Jul' => '\\J\\u\\l\\y',
   'july' => 'Jul',
   'jump_next' => 'jump to next unread sibling (feed or category)',
-  'Jun' => '\\J\\u\\n\\e',
   'jun' => 'jun',
+  'Jun' => '\\J\\u\\n\\e',
   'june' => 'Jun',
   'keep_history' => 'Minimum number of articles to keep',
   'keep_logged_in' => 'Keep me logged in <small>(1 month)</small>',
@@ -244,16 +250,16 @@
   'logs_empty' => 'Log file is empty',
   'log_is_ok' => 'Permissions on logs directory are good',
   'main_stream' => 'Main stream',
-  'Mar' => '\\M\\a\\r\\c\\h',
   'mar' => 'mar',
+  'Mar' => '\\M\\a\\r\\c\\h',
   'march' => 'Mar',
   'mark_all_read' => 'Mark all as read',
   'mark_cat_read' => 'Mark category as read',
   'mark_favorite' => 'Mark as favourite',
   'mark_feed_read' => 'Mark feed as read',
   'mark_read' => 'Mark as read',
-  'May' => '\\M\\a\\y',
   'may' => 'May',
+  'May' => '\\M\\a\\y',
   'minz_is_nok' => 'You lack the Minz framework. You should execute <em>build.sh</em> script or <a href="https://github.com/marienfressinaud/MINZ">download it on Github</a> and install in <em>%s</em> directory the content of its <em>/lib</em> directory.',
   'minz_is_ok' => 'You have the Minz framework',
   'mon' => 'Mon',
@@ -274,8 +280,8 @@
   'not_read' => '%d unread',
   'not_reads' => '%d unread',
   'not_yet_implemented' => 'Not yet implemented',
-  'nov' => 'nov',
   'Nov' => '\\N\\o\\v\\e\\m\\b\\e\\r',
+  'nov' => 'nov',
   'november' => 'Nov',
   'no_feed_actualized' => 'No RSS feed has been updated',
   'no_feed_to_display' => 'There is no article to show.',
@@ -291,8 +297,8 @@
   'number_feeds' => '%d feeds',
   'n_entries_deleted' => '%d articles have been deleted',
   'n_feeds_actualized' => '%d feeds have been updated',
-  'oct' => 'oct',
   'Oct' => '\\O\\c\\t\\o\\b\\e\\r',
+  'oct' => 'oct',
   'october' => 'Oct',
   'ok' => 'Ok!',
   'older_first' => 'Oldest first',
diff --git a/app/i18n/fr.php b/app/i18n/fr.php
index 220f8b12d..ab34eed3e 100644
--- a/app/i18n/fr.php
+++ b/app/i18n/fr.php
@@ -9,6 +9,7 @@
   'add_category' => 'Ajouter une catégorie',
   'add_query' => 'Créer un filtre',
   'add_rss_feed' => 'Ajouter un flux RSS',
+  'admin.users.articles_and_size' => '%d articles (%s)',
   'administration' => 'Gérer',
   'advanced' => 'Avancé',
   'after_onread' => 'Après “marquer tout comme lu”,',
@@ -18,8 +19,8 @@
   'all_feeds' => 'Tous les flux',
   'already_subscribed' => 'Vous êtes déjà abonné à <em>%s</em>',
   'api_enabled' => 'Autoriser l’accès par <abbr>API</abbr> <small>(nécessaire pour les applis mobiles)</small>',
-  'apr' => 'avr.',
   'Apr' => '\\a\\v\\r\\i\\l',
+  'apr' => 'avr.',
   'april' => 'avril',
   'archiving_configuration' => 'Archivage',
   'archiving_configuration_help' => 'D’autres options sont disponibles dans la configuration individuelle des flux.',
@@ -34,8 +35,8 @@
   'article_viewed' => 'lorsque l’article est affiché',
   'ask_empty' => 'Vider ?',
   'attention' => 'Attention !',
-  'aug' => 'août',
   'Aug' => '\\a\\o\\û\\t',
+  'aug' => 'août',
   'august' => 'août',
   'author' => 'Auteur',
   'auth_form' => 'Formulaire (traditionnel, requiert JavaScript)',
@@ -88,8 +89,8 @@
   'category_empty' => 'Catégorie vide',
   'category_name_exists' => 'Une catégorie possède déjà ce nom.',
   'category_not_delete_default' => 'Vous ne pouvez pas supprimer la catégorie par défaut !',
-  'category_not_exist' => 'Cette catégorie n\'existe pas !',
-  'category_no_id' => 'Vous devez préciser l\'id de la catégorie.',
+  'category_not_exist' => 'Cette catégorie n’existe pas !',
+  'category_no_id' => 'Vous devez préciser l’id de la catégorie.',
   'category_no_name' => 'Vous devez préciser un nom pour la catégorie.',
   'category_number' => 'Catégorie n°%d',
   'category_updated' => 'La catégorie a été mise à jour.',
@@ -98,10 +99,11 @@
   'choose_language' => 'Choisissez la langue pour FreshRSS',
   'clear_logs' => 'Effacer les logs',
   'collapse_article' => 'Refermer',
+  'conf.users.articles_and_size' => '%d articles (%s)',
   'configuration' => 'Configuration',
   'configuration_updated' => 'La configuration a été mise à jour.',
   'confirm_action' => 'Êtes-vous sûr(e) de vouloir continuer ? Cette action ne peut être annulée !',
-  'confirm_action_feed_cat' => 'Êtes-vous sûr(e) de vouloir continuer ? Vous pourriez perdre les favoris et les filtres associés. Cette action ne peut être annulée !',
+  'confirm_action_feed_cat' => 'Êtes-vous sûr(e) de vouloir continuer ? Vous perdrez les favoris et les filtres associés. Cette action ne peut être annulée !',
   'congratulations' => 'Félicitations !',
   'content_width' => 'Largeur du contenu',
   'create' => 'Créer',
@@ -116,8 +118,8 @@
   'current_user' => 'Utilisateur actuel',
   'damn' => 'Arf !',
   'data_is_ok' => 'Les droits sur le répertoire de data sont bons',
-  'Dec' => '\\d\\é\\c\\e\\m\\b\\r\\e',
   'dec' => 'déc.',
+  'Dec' => '\\d\\é\\c\\e\\m\\b\\r\\e',
   'december' => 'décembre',
   'default_category' => 'Sans catégorie',
   'default_user' => 'Nom de l’utilisateur par défaut <small>(16 caractères alphanumériques maximum)</small>',
@@ -182,6 +184,10 @@
   'freshrss_installation' => 'Installation · FreshRSS',
   'fri' => 'ven.',
   'g+' => 'Google+',
+  'gen.menu.admin' => 'Administration',
+  'gen.menu.authentication' => 'Authentification',
+  'gen.menu.manage_users' => 'Gestion des utilisateurs',
+  'gen.menu.profil' => 'Profil',
   'general_configuration' => 'Configuration générale',
   'general_conf_is_ok' => 'La configuration générale a été enregistrée.',
   'github_or_email' => '<a href="https://github.com/marienfressinaud/FreshRSS/issues">sur Github</a> ou <a href="mailto:dev@marienfressinaud.fr">par courriel</a>',
@@ -207,18 +213,18 @@
   'invalid_login' => 'L’identifiant est invalide !',
   'invalid_url' => 'L’url <em>%s</em> est invalide.',
   'is_admin' => 'est administrateur',
-  'jan' => 'jan.',
   'Jan' => '\\j\\a\\n\\v\\i\\e\\r',
+  'jan' => 'jan.',
   'january' => 'janvier',
   'javascript_for_shortcuts' => 'Le JavaScript doit être activé pour pouvoir profiter des raccourcis.',
   'javascript_is_better' => 'FreshRSS est plus agréable à utiliser avec JavaScript activé',
   'javascript_should_be_activated' => 'Le JavaScript doit être activé.',
-  'Jul' => '\\j\\u\\i\\l\\l\\e\\t',
   'jul' => 'jui.',
+  'Jul' => '\\j\\u\\i\\l\\l\\e\\t',
   'july' => 'juillet',
   'jump_next' => 'sauter au prochain voisin non lu (flux ou catégorie)',
-  'Jun' => '\\j\\u\\i\\n',
   'jun' => 'juin',
+  'Jun' => '\\j\\u\\i\\n',
   'june' => 'juin',
   'keep_history' => 'Nombre minimum d’articles à conserver',
   'keep_logged_in' => 'Rester connecté <small>(1 mois)</small>',
@@ -244,16 +250,16 @@
   'logs_empty' => 'Les logs sont vides.',
   'log_is_ok' => 'Les droits sur le répertoire des logs sont bons',
   'main_stream' => 'Flux principal',
-  'Mar' => '\\m\\a\\r\\s',
   'mar' => 'mar.',
+  'Mar' => '\\m\\a\\r\\s',
   'march' => 'mars',
   'mark_all_read' => 'Tout marquer comme lu',
   'mark_cat_read' => 'Marquer la catégorie comme lue',
   'mark_favorite' => 'Mettre en favori',
   'mark_feed_read' => 'Marquer le flux comme lu',
   'mark_read' => 'Marquer comme lu',
-  'May' => '\\m\\a\\i',
   'may' => 'mai.',
+  'May' => '\\m\\a\\i',
   'minz_is_nok' => 'Vous ne disposez pas de la librairie Minz. Vous devriez exécuter le script <em>build.sh</em> ou bien <a href="https://github.com/marienfressinaud/MINZ">la télécharger sur Github</a> et installer dans le répertoire <em>%s</em> le contenu de son répertoire <em>/lib</em>.',
   'minz_is_ok' => 'Vous disposez du framework Minz',
   'mon' => 'lun.',
@@ -274,8 +280,8 @@
   'not_read' => '%d non lu',
   'not_reads' => '%d non lus',
   'not_yet_implemented' => 'Pas encore implémenté',
-  'nov' => 'nov.',
   'Nov' => '\\n\\o\\v\\e\\m\\b\\r\\e',
+  'nov' => 'nov.',
   'november' => 'novembre',
   'no_feed_actualized' => 'Aucun flux n’a pu être mis à jour.',
   'no_feed_to_display' => 'Il n’y a aucun article à afficher.',
@@ -291,8 +297,8 @@
   'number_feeds' => '%d flux',
   'n_entries_deleted' => '%d articles ont été supprimés.',
   'n_feeds_actualized' => '%d flux ont été mis à jour.',
-  'oct' => 'oct.',
   'Oct' => '\\o\\c\\t\\o\\b\\r\\e',
+  'oct' => 'oct.',
   'october' => 'octobre',
   'ok' => 'Ok !',
   'older_first' => 'Plus anciens en premier',
diff --git a/app/layout/aside_configure.phtml b/app/layout/aside_configure.phtml
index 2e2b87203..20446c877 100644
--- a/app/layout/aside_configure.phtml
+++ b/app/layout/aside_configure.phtml
@@ -20,16 +20,16 @@
 	</li>
 	<li class="item<?php echo Minz_Request::controllerName() === 'user' &&
 	                          Minz_Request::actionName() === 'profil'? ' active' : ''; ?>">
-		<a href="<?php echo _url('user', 'profil'); ?>"><?php echo _t('users.profil'); ?></a>
+		<a href="<?php echo _url('user', 'profil'); ?>"><?php echo _t('gen.menu.profil'); ?></a>
 	</li>
 	<?php if (FreshRSS_Auth::hasAccess('admin')) { ?>
-	<li class="nav-header"><?php echo _t('administration'); ?></li>
+	<li class="nav-header"><?php echo _t('gen.menu.admin'); ?></li>
 	<li class="item<?php echo Minz_Request::controllerName() === 'user' &&
 	                          Minz_Request::actionName() === 'manage' ? ' active' : ''; ?>">
-		<a href="<?php echo _url('user', 'manage'); ?>"><?php echo _t('users.manage'); ?></a>
+		<a href="<?php echo _url('user', 'manage'); ?>"><?php echo _t('gen.menu.manage_users'); ?></a>
 	</li>
 	<li class="item<?php echo Minz_Request::controllerName() === 'auth' ? ' active' : ''; ?>">
-		<a href="<?php echo _url('auth', 'index'); ?>"><?php echo _t('authentication'); ?></a>
+		<a href="<?php echo _url('auth', 'index'); ?>"><?php echo _t('gen.menu.authentication'); ?></a>
 	</li>
 	<li class="item<?php echo Minz_Request::controllerName() === 'update' ? ' active' : ''; ?>">
 		<a href="<?php echo _url('update', 'index'); ?>"><?php echo _t('update'); ?></a>
diff --git a/app/layout/header.phtml b/app/layout/header.phtml
index c680cbcdc..e848ac4eb 100644
--- a/app/layout/header.phtml
+++ b/app/layout/header.phtml
@@ -62,12 +62,12 @@ if (Minz_Configuration::canLogIn()) {
 				<li class="item"><a href="<?php echo _url('configure', 'sharing'); ?>"><?php echo _t('sharing'); ?></a></li>
 				<li class="item"><a href="<?php echo _url('configure', 'shortcut'); ?>"><?php echo _t('shortcuts'); ?></a></li>
 				<li class="item"><a href="<?php echo _url('configure', 'queries'); ?>"><?php echo _t('queries'); ?></a></li>
-				<li class="item"><a href="<?php echo _url('user', 'profil'); ?>"><?php echo _t('users.profil'); ?></a></li>
-				<li class="separator"></li>
+				<li class="item"><a href="<?php echo _url('user', 'profil'); ?>"><?php echo _t('gen.menu.profil'); ?></a></li>
 				<?php if (FreshRSS_Auth::hasAccess('admin')) { ?>
-				<li class="dropdown-header"><?php echo _t('administration'); ?></li>
-				<li class="item"><a href="<?php echo _url('user', 'manage'); ?>"><?php echo _t('users.manage'); ?></a></li>
-				<li class="item"><a href="<?php echo _url('auth', 'index'); ?>"><?php echo _t('authentication'); ?></a></li>
+				<li class="separator"></li>
+				<li class="dropdown-header"><?php echo _t('gen.menu.admin'); ?></li>
+				<li class="item"><a href="<?php echo _url('user', 'manage'); ?>"><?php echo _t('gen.menu.manage_users'); ?></a></li>
+				<li class="item"><a href="<?php echo _url('auth', 'index'); ?>"><?php echo _t('gen.menu.authentication'); ?></a></li>
 				<li class="item"><a href="<?php echo _url('update', 'index'); ?>"><?php echo _t('update'); ?></a></li>
 				<?php } ?>
 				<li class="separator"></li>
diff --git a/app/views/configure/archiving.phtml b/app/views/configure/archiving.phtml
index 8f424c126..f469d343c 100644
--- a/app/views/configure/archiving.phtml
+++ b/app/views/configure/archiving.phtml
@@ -58,20 +58,25 @@
 		<legend><?php echo _t('advanced'); ?></legend>
 
 		<div class="form-group">
-		<p class="group-name"><?php echo _t('current_user'); ?></p>
+			<label class="group-name"><?php echo _t('current_user'); ?></label>
 			<div class="group-controls">
-				<p><?php echo _t('articles', formatNumber($this->nb_total)), ' — ', formatBytes($this->size_user); ?></p>
-				<input type="hidden" name="optimiseDatabase" value="1" />
-				<button type="submit" class="btn btn-important"><?php echo _t('optimize_bdd'); ?></button>
-				<?php echo _i('help'); ?> <?php echo _t('optimize_todo_sometimes'); ?>
+				<?php echo _t('conf.users.articles_and_size', formatNumber($this->nb_total), formatBytes($this->size_user)); ?>
 			</div>
 		</div>
 
 		<?php if (FreshRSS_Auth::hasAccess('admin')) { ?>
 		<div class="form-group">
-			<p class="group-name"><?php echo _t('users'); ?></p>
+			<label class="group-name"><?php echo _t('users'); ?></label>
 			<div class="group-controls">
-				<p><?php echo formatBytes($this->size_total); ?></p>
+				<?php echo formatBytes($this->size_total); ?>
+			</div>
+		</div>
+
+		<div class="form-group form-actions">
+			<div class="group-controls">
+				<input type="hidden" name="optimiseDatabase" value="1" />
+				<button type="submit" class="btn btn-important"><?php echo _t('optimize_bdd'); ?></button>
+				<?php echo _i('help'); ?> <?php echo _t('optimize_todo_sometimes'); ?>
 			</div>
 		</div>
 		<?php } ?>
diff --git a/app/views/user/manage.phtml b/app/views/user/manage.phtml
index 65e60add5..89c91e06c 100644
--- a/app/views/user/manage.phtml
+++ b/app/views/user/manage.phtml
@@ -64,7 +64,9 @@
 					<?php } ?>
 				</select>
 
-				<p><?php echo _t('articles', formatNumber($this->nb_articles)), ', ', formatBytes($this->size_user); ?></p>
+				<p><?php echo _t('admin.users.articles_and_size',
+				                 formatNumber($this->nb_articles),
+				                 formatBytes($this->size_user)); ?></p>
 			</div>
 		</div>
 
-- 
cgit v1.2.3


From 7080a32650ab8b19e917d8add944a75cc98381bc Mon Sep 17 00:00:00 2001
From: Marien Fressinaud <dev@marienfressinaud.fr>
Date: Mon, 20 Oct 2014 11:54:31 +0200
Subject: Add checking installation feature

---
 app/Controllers/updateController.php | 14 +++++-
 app/Models/DatabaseDAO.php           | 83 ++++++++++++++++++++++++++++++++++++
 app/Models/DatabaseDAOSQLite.php     | 48 +++++++++++++++++++++
 app/Models/Factory.php               |  9 ++++
 app/SQL/install.sql.mysql.php        |  2 -
 app/SQL/install.sql.sqlite.php       |  2 -
 app/layout/aside_configure.phtml     |  7 ++-
 app/layout/header.phtml              |  1 +
 app/views/update/checkInstall.phtml  | 30 +++++++++++++
 lib/lib_rss.php                      | 62 +++++++++++++++++++++++++++
 10 files changed, 252 insertions(+), 6 deletions(-)
 create mode 100644 app/Models/DatabaseDAO.php
 create mode 100644 app/Models/DatabaseDAOSQLite.php
 create mode 100644 app/views/update/checkInstall.phtml

(limited to 'app/layout/header.phtml')

diff --git a/app/Controllers/updateController.php b/app/Controllers/updateController.php
index 9d1e1ddf5..4ebb11f51 100644
--- a/app/Controllers/updateController.php
+++ b/app/Controllers/updateController.php
@@ -12,7 +12,6 @@ class FreshRSS_update_Controller extends Minz_ActionController {
 
 		invalidateHttpCache();
 
-		Minz_View::prependTitle(_t('update_system') . ' · ');
 		$this->view->update_to_apply = false;
 		$this->view->last_update_time = 'unknown';
 		$this->view->check_last_hour = false;
@@ -24,6 +23,8 @@ class FreshRSS_update_Controller extends Minz_ActionController {
 	}
 
 	public function indexAction() {
+		Minz_View::prependTitle(_t('update_system') . ' · ');
+
 		if (file_exists(UPDATE_FILENAME) && !is_writable(FRESHRSS_PATH)) {
 			$this->view->message = array(
 				'status' => 'bad',
@@ -126,4 +127,15 @@ class FreshRSS_update_Controller extends Minz_ActionController {
 			}
 		}
 	}
+
+	/**
+	 * This action displays information about installation.
+	 */
+	public function checkInstallAction() {
+		Minz_View::prependTitle(_t('gen.title.check_install') . ' · ');
+
+		$this->view->status_php = check_install_php();
+		$this->view->status_files = check_install_files();
+		$this->view->status_database = check_install_database();
+	}
 }
diff --git a/app/Models/DatabaseDAO.php b/app/Models/DatabaseDAO.php
new file mode 100644
index 000000000..0d85718e3
--- /dev/null
+++ b/app/Models/DatabaseDAO.php
@@ -0,0 +1,83 @@
+<?php
+
+/**
+ * This class is used to test database is well-constructed.
+ */
+class FreshRSS_DatabaseDAO extends Minz_ModelPdo {
+	public function tablesAreCorrect() {
+		$sql = 'SHOW TABLES';
+		$stm = $this->bd->prepare($sql);
+		$stm->execute();
+		$res = $stm->fetchAll(PDO::FETCH_ASSOC);
+		
+		$tables = array(
+			$this->prefix . 'category' => false,
+			$this->prefix . 'feed' => false,
+			$this->prefix . 'entry' => false,
+		);
+		foreach ($res as $value) {
+			$tables[array_pop($value)] = true;
+		}
+
+		return count(array_keys($tables, true, true)) == count($tables);
+	}
+
+	public function getSchema($table) {
+		$sql = 'DESC ' . $this->prefix . $table;
+		$stm = $this->bd->prepare($sql);
+		$stm->execute();
+
+		return $this->listDaoToSchema($stm->fetchAll(PDO::FETCH_ASSOC));
+	}
+
+	public function checkTable($table, $schema) {
+		$columns = $this->getSchema($table);
+
+		$ok = (count($columns) == count($schema));
+		foreach ($columns as $c) {
+			$ok &= in_array($c['name'], $schema);
+		}
+
+		return $ok;
+	}
+
+	public function categoryIsCorrect() {
+		return $this->checkTable('category', array(
+			'id', 'name'
+		));
+	}
+
+	public function feedIsCorrect() {
+		return $this->checkTable('feed', array(
+			'id', 'url', 'category', 'name', 'website', 'description', 'lastUpdate',
+			'priority', 'pathEntries', 'httpAuth', 'error', 'keep_history', 'ttl',
+			'cache_nbEntries', 'cache_nbUnreads'
+		));
+	}
+
+	public function entryIsCorrect() {
+		return $this->checkTable('entry', array(
+			'id', 'guid', 'title', 'author', 'content_bin', 'link', 'date', 'is_read',
+			'is_favorite', 'id_feed', 'tags'
+		));
+	}
+
+	public function daoToSchema($dao) {
+		return array(
+			'name' => $dao['Field'],
+			'type' => strtolower($dao['Type']),
+			'notnull' => (bool)$dao['Null'],
+			'default' => $dao['Default'],
+		);
+	}
+
+	public function listDaoToSchema($listDAO) {
+		$list = array();
+
+		foreach ($listDAO as $dao) {
+			$list[] = $this->daoToSchema($dao);
+		}
+
+		return $list;
+	}
+}
diff --git a/app/Models/DatabaseDAOSQLite.php b/app/Models/DatabaseDAOSQLite.php
new file mode 100644
index 000000000..7f53f967d
--- /dev/null
+++ b/app/Models/DatabaseDAOSQLite.php
@@ -0,0 +1,48 @@
+<?php
+
+/**
+ * This class is used to test database is well-constructed (SQLite).
+ */
+class FreshRSS_DatabaseDAOSQLite extends FreshRSS_DatabaseDAO {
+	public function tablesAreCorrect() {
+		$sql = 'SELECT name FROM sqlite_master WHERE type="table"';
+		$stm = $this->bd->prepare($sql);
+		$stm->execute();
+		$res = $stm->fetchAll(PDO::FETCH_ASSOC);
+		
+		$tables = array(
+			'category' => false,
+			'feed' => false,
+			'entry' => false,
+		);
+		foreach ($res as $value) {
+			$tables[$value['name']] = true;
+		}
+
+		return count(array_keys($tables, true, true)) == count($tables);
+	}
+
+	public function getSchema($table) {
+		$sql = 'PRAGMA table_info(' . $table . ')';
+		$stm = $this->bd->prepare($sql);
+		$stm->execute();
+
+		return $this->listDaoToSchema($stm->fetchAll(PDO::FETCH_ASSOC));
+	}
+
+	public function entryIsCorrect() {
+		return $this->checkTable('entry', array(
+			'id', 'guid', 'title', 'author', 'content', 'link', 'date', 'is_read',
+			'is_favorite', 'id_feed', 'tags'
+		));
+	}
+
+	public function daoToSchema($dao) {
+		return array(
+			'name' => $dao['name'],
+			'type' => strtolower($dao['type']),
+			'notnull' => $dao['notnull'] === '1' ? true : false,
+			'default' => $dao['dflt_value'],
+		);
+	}
+}
diff --git a/app/Models/Factory.php b/app/Models/Factory.php
index 93f4552f7..91cb84998 100644
--- a/app/Models/Factory.php
+++ b/app/Models/Factory.php
@@ -29,4 +29,13 @@ class FreshRSS_Factory {
 		}
 	}
 
+	public static function createDatabaseDAO($username = null) {
+		$db = Minz_Configuration::dataBase();
+		if ($db['type'] === 'sqlite') {
+			return new FreshRSS_DatabaseDAOSQLite($username);
+		} else {
+			return new FreshRSS_DatabaseDAO($username);
+		}
+	}
+
 }
diff --git a/app/SQL/install.sql.mysql.php b/app/SQL/install.sql.mysql.php
index 16cb3a3b8..cf0159199 100644
--- a/app/SQL/install.sql.mysql.php
+++ b/app/SQL/install.sql.mysql.php
@@ -57,5 +57,3 @@ INSERT IGNORE INTO `%1$scategory` (id, name) VALUES(1, "%2$s");
 ');
 
 define('SQL_DROP_TABLES', 'DROP TABLES %1$sentry, %1$sfeed, %1$scategory');
-
-define('SQL_SHOW_TABLES', 'SHOW tables;');
diff --git a/app/SQL/install.sql.sqlite.php b/app/SQL/install.sql.sqlite.php
index 7988ada04..30bca2810 100644
--- a/app/SQL/install.sql.sqlite.php
+++ b/app/SQL/install.sql.sqlite.php
@@ -55,5 +55,3 @@ $SQL_CREATE_TABLES = array(
 );
 
 define('SQL_DROP_TABLES', 'DROP TABLES %1$sentry, %1$sfeed, %1$scategory');
-
-define('SQL_SHOW_TABLES', 'SELECT name FROM sqlite_master WHERE type="table"');
diff --git a/app/layout/aside_configure.phtml b/app/layout/aside_configure.phtml
index 20446c877..32dc19a4e 100644
--- a/app/layout/aside_configure.phtml
+++ b/app/layout/aside_configure.phtml
@@ -31,7 +31,12 @@
 	<li class="item<?php echo Minz_Request::controllerName() === 'auth' ? ' active' : ''; ?>">
 		<a href="<?php echo _url('auth', 'index'); ?>"><?php echo _t('gen.menu.authentication'); ?></a>
 	</li>
-	<li class="item<?php echo Minz_Request::controllerName() === 'update' ? ' active' : ''; ?>">
+	<li class="item<?php echo Minz_Request::controllerName() === 'update' &&
+	                          Minz_Request::actionName() === 'checkInstall' ? ' active' : ''; ?>">
+		<a href="<?php echo _url('update', 'checkInstall'); ?>"><?php echo _t('gen.menu.check_install'); ?></a>
+	</li>
+	<li class="item<?php echo Minz_Request::controllerName() === 'update' &&
+	                          Minz_Request::actionName() === 'index' ? ' active' : ''; ?>">
 		<a href="<?php echo _url('update', 'index'); ?>"><?php echo _t('update'); ?></a>
 	</li>
 	<?php } ?>
diff --git a/app/layout/header.phtml b/app/layout/header.phtml
index e848ac4eb..506cec175 100644
--- a/app/layout/header.phtml
+++ b/app/layout/header.phtml
@@ -68,6 +68,7 @@ if (Minz_Configuration::canLogIn()) {
 				<li class="dropdown-header"><?php echo _t('gen.menu.admin'); ?></li>
 				<li class="item"><a href="<?php echo _url('user', 'manage'); ?>"><?php echo _t('gen.menu.manage_users'); ?></a></li>
 				<li class="item"><a href="<?php echo _url('auth', 'index'); ?>"><?php echo _t('gen.menu.authentication'); ?></a></li>
+				<li class="item"><a href="<?php echo _url('update', 'checkInstall'); ?>"><?php echo _t('gen.menu.check_install'); ?></a></li>
 				<li class="item"><a href="<?php echo _url('update', 'index'); ?>"><?php echo _t('update'); ?></a></li>
 				<?php } ?>
 				<li class="separator"></li>
diff --git a/app/views/update/checkInstall.phtml b/app/views/update/checkInstall.phtml
new file mode 100644
index 000000000..32058714e
--- /dev/null
+++ b/app/views/update/checkInstall.phtml
@@ -0,0 +1,30 @@
+<?php $this->partial('aside_configure'); ?>
+
+<div class="post">
+	<a href="<?php echo _url('index', 'index'); ?>"><?php echo _t('back_to_rss_feeds'); ?></a>
+
+	<h2><?php echo _t('admin.check_install.php'); ?></h2>
+
+	<?php foreach ($this->status_php as $key => $status) { ?>
+	<p class="alert <?php echo $status ? 'alert-success' : 'alert-error'; ?>">
+		<?php echo _t('admin.check_install.' . $key . '.' . ($status ? 'ok' : 'nok')); ?>
+	</p>
+	<?php } ?>
+
+	<h2><?php echo _t('admin.check_install.files'); ?></h2>
+
+	<?php foreach ($this->status_files as $key => $status) { ?>
+	<p class="alert <?php echo $status ? 'alert-success' : 'alert-error'; ?>">
+		<?php echo _t('admin.check_install.' . $key . '.' . ($status ? 'ok' : 'nok')); ?>
+	</p>
+	<?php } ?>
+
+	<h2><?php echo _t('admin.check_install.database'); ?></h2>
+
+	<?php foreach ($this->status_database as $key => $status) { ?>
+	<p class="alert <?php echo $status ? 'alert-success' : 'alert-error'; ?>">
+		<?php echo _t('admin.check_install.' . $key . '.' . ($status ? 'ok' : 'nok')); ?>
+	</p>
+	<?php } ?>
+
+</div>
diff --git a/lib/lib_rss.php b/lib/lib_rss.php
index 2f9a2ea45..dbed207d0 100644
--- a/lib/lib_rss.php
+++ b/lib/lib_rss.php
@@ -245,3 +245,65 @@ function is_referer_from_same_domain() {
 	}
 	return (isset($host['port']) ? $host['port'] : 0) === (isset($referer['port']) ? $referer['port'] : 0);
 }
+
+
+/**
+ *
+ */
+function check_install_php() {
+	return array(
+		'php' => version_compare(PHP_VERSION, '5.2.1') >= 0,
+		'minz' => file_exists(LIB_PATH . '/Minz'),
+		'curl' => extension_loaded('curl'),
+		'pdo_mysql' => extension_loaded('pdo_mysql'),
+		'pdo_sqlite' => extension_loaded('pdo_sqlite'),
+		'pdo' => extension_loaded('pdo_mysql') || extension_loaded('pdo_sqlite'),
+		'pcre' => extension_loaded('pcre'),
+		'ctype' => extension_loaded('ctype'),
+		'dom' => class_exists('DOMDocument'),
+		'json' => extension_loaded('json'),
+		'zip' => extension_loaded('zip'),
+	);
+}
+
+
+/**
+ *
+ */
+function check_install_files() {
+	return array(
+		'data' => DATA_PATH && is_writable(DATA_PATH),
+		'cache' => CACHE_PATH && is_writable(CACHE_PATH),
+		'logs' => LOG_PATH && is_writable(LOG_PATH),
+		'favicons' => is_writable(DATA_PATH . '/favicons'),
+		'persona' => is_writable(DATA_PATH . '/persona'),
+		'tokens' => is_writable(DATA_PATH . '/tokens'),
+	);
+}
+
+
+/**
+ *
+ */
+function check_install_database() {
+	$status = array(
+		'connection' => true,
+		'tables' => false,
+		'categories' => false,
+		'feeds' => false,
+		'entries' => false,
+	);
+
+	try {
+		$dbDAO = FreshRSS_Factory::createDatabaseDAO();
+
+		$status['tables'] = $dbDAO->tablesAreCorrect();
+		$status['categories'] = $dbDAO->categoryIsCorrect();
+		$status['feeds'] = $dbDAO->feedIsCorrect();
+		$status['entries'] = $dbDAO->entryIsCorrect();
+	} catch(Minz_PDOConnectionException $e) {
+		$status['connection'] = false;
+	}
+
+	return $status;
+}
-- 
cgit v1.2.3


From 5d6407a0bf0ecee7017f9d6c6c110b7afa98fff0 Mon Sep 17 00:00:00 2001
From: Marien Fressinaud <dev@marienfressinaud.fr>
Date: Sun, 26 Oct 2014 12:22:13 +0100
Subject: Update i18n

- Fix i18n strings
- Fix typo profil -> profile

See https://github.com/marienfressinaud/FreshRSS/issues/678
---
 app/Controllers/authController.php |  6 ++--
 app/Controllers/userController.php | 16 +++++------
 app/i18n/en.php                    | 16 +++++++----
 app/i18n/fr.php                    | 16 +++++++----
 app/layout/aside_configure.phtml   |  6 ++--
 app/layout/header.phtml            |  4 +--
 app/views/user/profil.phtml        | 59 --------------------------------------
 app/views/user/profile.phtml       | 59 ++++++++++++++++++++++++++++++++++++++
 8 files changed, 97 insertions(+), 85 deletions(-)
 delete mode 100644 app/views/user/profil.phtml
 create mode 100644 app/views/user/profile.phtml

(limited to 'app/layout/header.phtml')

diff --git a/app/Controllers/authController.php b/app/Controllers/authController.php
index 4af39cb71..a08f906e3 100644
--- a/app/Controllers/authController.php
+++ b/app/Controllers/authController.php
@@ -143,7 +143,7 @@ class FreshRSS_auth_Controller extends Minz_ActionController {
 				}
 
 				// All is good, go back to the index.
-				Minz_Request::good(_t('login'),
+				Minz_Request::good(_t('feedback.login.success'),
 				                   array('c' => 'index', 'a' => 'index'));
 			} else {
 				Minz_Log::warning('Password mismatch for' .
@@ -182,7 +182,7 @@ class FreshRSS_auth_Controller extends Minz_ActionController {
 				Minz_Session::_param('passwordHash', $s);
 				FreshRSS_Auth::giveAccess();
 
-				Minz_Request::good(_t('login'),
+				Minz_Request::good(_t('feedback.login.success'),
 				                   array('c' => 'index', 'a' => 'index'));
 			} else {
 				Minz_Log::warning('Unsafe password mismatch for user ' . $username);
@@ -274,7 +274,7 @@ class FreshRSS_auth_Controller extends Minz_ActionController {
 	public function logoutAction() {
 		invalidateHttpCache();
 		FreshRSS_Auth::removeAccess();
-		Minz_Request::good(_t('disconnected'),
+		Minz_Request::good(_t('feedback.logout.success'),
 		                   array('c' => 'index', 'a' => 'index'));
 	}
 
diff --git a/app/Controllers/userController.php b/app/Controllers/userController.php
index 61d33437d..2343520ca 100644
--- a/app/Controllers/userController.php
+++ b/app/Controllers/userController.php
@@ -23,10 +23,10 @@ class FreshRSS_user_Controller extends Minz_ActionController {
 	}
 
 	/**
-	 * This action displays the user profil page.
+	 * This action displays the user profile page.
 	 */
-	public function profilAction() {
-		Minz_View::prependTitle(_t('users.profil') . ' · ');
+	public function profileAction() {
+		Minz_View::prependTitle(_t('gen.title.user_profile') . ' · ');
 
 		if (Minz_Request::isPost()) {
 			$ok = true;
@@ -74,11 +74,11 @@ class FreshRSS_user_Controller extends Minz_ActionController {
 			}
 
 			if ($ok) {
-				Minz_Request::good('users.profil.updated',
-				                   array('c' => 'user', 'a' => 'profil'));
+				Minz_Request::good(_t('feedback.user_profile.updated'),
+				                   array('c' => 'user', 'a' => 'profile'));
 			} else {
-				Minz_Request::bad('error_occurred',
-				                  array('c' => 'user', 'a' => 'profil'));
+				Minz_Request::bad(_t('error_occurred'),
+				                  array('c' => 'user', 'a' => 'profile'));
 			}
 		}
 	}
@@ -92,7 +92,7 @@ class FreshRSS_user_Controller extends Minz_ActionController {
 			                  array('error' => array(_t('access_denied'))));
 		}
 
-		Minz_View::prependTitle(_t('users.manage') . ' · ');
+		Minz_View::prependTitle(_t('gen.title.user_management') . ' · ');
 
 		// Get the correct current user.
 		$userDAO = new FreshRSS_UserDAO();
diff --git a/app/i18n/en.php b/app/i18n/en.php
index a3593b28c..275471e19 100644
--- a/app/i18n/en.php
+++ b/app/i18n/en.php
@@ -196,6 +196,10 @@
   'Feb' => '\\F\\e\\b\\r\\u\\a\\r\\y',
   'february' => 'Feb',
   'feed' => 'Feed',
+  'feedback.login.error' => 'Login is invalid',
+  'feedback.login.success' => 'You are connected',
+  'feedback.logout.success' => 'You are disconnected',
+  'feedback.user_profile.updated' => 'Your profile has been modified',
   'feeds' => 'Feeds',
   'feeds_actualized' => 'RSS feeds have been updated',
   'feeds_imported' => 'Your feeds have been imported and will now be updated',
@@ -233,10 +237,12 @@
   'gen.menu.admin' => 'Administration',
   'gen.menu.authentication' => 'Authentication',
   'gen.menu.check_install' => 'Installation checking',
-  'gen.menu.manage_users' => 'Manage users',
-  'gen.menu.profil' => 'Profil',
+  'gen.menu.user_management' => 'Manage users',
+  'gen.menu.user_profile' => 'Profile',
   'gen.title.check_install' => 'Installation checking',
   'gen.title.global_view' => 'Global view',
+  'gen.title.user_management' => 'Manage users',
+  'gen.title.user_profile' => 'Profile',
   'general_configuration' => 'General configuration',
   'general_conf_is_ok' => 'General configuration has been saved.',
   'github_or_email' => '<a href="https://github.com/marienfressinaud/FreshRSS/issues">on Github</a> or <a href="mailto:dev@marienfressinaud.fr">by mail</a>',
@@ -262,8 +268,8 @@
   'invalid_login' => 'Login is invalid',
   'invalid_url' => 'URL <em>%s</em> is invalid',
   'is_admin' => 'is administrator',
-  'jan' => 'jan',
   'Jan' => '\\J\\a\\n\\u\\a\\r\\y',
+  'jan' => 'jan',
   'january' => 'Jan',
   'javascript_for_shortcuts' => 'JavaScript must be enabled in order to use shortcuts',
   'javascript_is_better' => 'FreshRSS is more pleasant with JavaScript enabled',
@@ -272,8 +278,8 @@
   'Jul' => '\\J\\u\\l\\y',
   'july' => 'Jul',
   'jump_next' => 'jump to next unread sibling (feed or category)',
-  'jun' => 'jun',
   'Jun' => '\\J\\u\\n\\e',
+  'jun' => 'jun',
   'june' => 'Jun',
   'keep_history' => 'Minimum number of articles to keep',
   'keep_logged_in' => 'Keep me logged in <small>(1 month)</small>',
@@ -329,8 +335,8 @@
   'not_read' => '%d unread',
   'not_reads' => '%d unread',
   'not_yet_implemented' => 'Not yet implemented',
-  'nov' => 'nov',
   'Nov' => '\\N\\o\\v\\e\\m\\b\\e\\r',
+  'nov' => 'nov',
   'november' => 'Nov',
   'no_feed_actualized' => 'No RSS feed has been updated',
   'no_feed_to_display' => 'There is no article to show.',
diff --git a/app/i18n/fr.php b/app/i18n/fr.php
index 60b7a4682..e3a49d54c 100644
--- a/app/i18n/fr.php
+++ b/app/i18n/fr.php
@@ -196,6 +196,10 @@
   'Feb' => '\\f\\é\\v\\r\\i\\e\\r',
   'february' => 'février',
   'feed' => 'Flux',
+  'feedback.login.error' => 'L’identifiant est invalide !',
+  'feedback.login.success' => 'Vous êtes désormais connecté',
+  'feedback.logout.success' => 'Vous avez été déconnecté',
+  'feedback.user_profile.updated' => 'Votre profil a été mis à jour',
   'feeds' => 'Flux',
   'feeds_actualized' => 'Les flux ont été mis à jour.',
   'feeds_imported' => 'Vos flux ont été importés et vont maintenant être actualisés.',
@@ -233,10 +237,12 @@
   'gen.menu.admin' => 'Administration',
   'gen.menu.authentication' => 'Authentification',
   'gen.menu.check_install' => 'Vérification de l\'installation',
-  'gen.menu.manage_users' => 'Gestion des utilisateurs',
-  'gen.menu.profil' => 'Profil',
+  'gen.menu.user_management' => 'Gestion des utilisateurs',
+  'gen.menu.user_profile' => 'Profil',
   'gen.title.check_install' => 'Vérification de l\'installation',
   'gen.title.global_view' => 'Vue globale',
+  'gen.title.user_management' => 'Gestion des utilisateurs',
+  'gen.title.user_profile' => 'Profil',
   'general_configuration' => 'Configuration générale',
   'general_conf_is_ok' => 'La configuration générale a été enregistrée.',
   'github_or_email' => '<a href="https://github.com/marienfressinaud/FreshRSS/issues">sur Github</a> ou <a href="mailto:dev@marienfressinaud.fr">par courriel</a>',
@@ -262,8 +268,8 @@
   'invalid_login' => 'L’identifiant est invalide !',
   'invalid_url' => 'L’url <em>%s</em> est invalide.',
   'is_admin' => 'est administrateur',
-  'jan' => 'jan.',
   'Jan' => '\\j\\a\\n\\v\\i\\e\\r',
+  'jan' => 'jan.',
   'january' => 'janvier',
   'javascript_for_shortcuts' => 'Le JavaScript doit être activé pour pouvoir profiter des raccourcis.',
   'javascript_is_better' => 'FreshRSS est plus agréable à utiliser avec JavaScript activé',
@@ -272,8 +278,8 @@
   'Jul' => '\\j\\u\\i\\l\\l\\e\\t',
   'july' => 'juillet',
   'jump_next' => 'sauter au prochain voisin non lu (flux ou catégorie)',
-  'jun' => 'juin',
   'Jun' => '\\j\\u\\i\\n',
+  'jun' => 'juin',
   'june' => 'juin',
   'keep_history' => 'Nombre minimum d’articles à conserver',
   'keep_logged_in' => 'Rester connecté <small>(1 mois)</small>',
@@ -329,8 +335,8 @@
   'not_read' => '%d non lu',
   'not_reads' => '%d non lus',
   'not_yet_implemented' => 'Pas encore implémenté',
-  'nov' => 'nov.',
   'Nov' => '\\n\\o\\v\\e\\m\\b\\r\\e',
+  'nov' => 'nov.',
   'november' => 'novembre',
   'no_feed_actualized' => 'Aucun flux n’a pu être mis à jour.',
   'no_feed_to_display' => 'Il n’y a aucun article à afficher.',
diff --git a/app/layout/aside_configure.phtml b/app/layout/aside_configure.phtml
index 32dc19a4e..53c52d3e3 100644
--- a/app/layout/aside_configure.phtml
+++ b/app/layout/aside_configure.phtml
@@ -19,14 +19,14 @@
 		<a href="<?php echo _url('configure', 'queries'); ?>"><?php echo _t('queries'); ?></a>
 	</li>
 	<li class="item<?php echo Minz_Request::controllerName() === 'user' &&
-	                          Minz_Request::actionName() === 'profil'? ' active' : ''; ?>">
-		<a href="<?php echo _url('user', 'profil'); ?>"><?php echo _t('gen.menu.profil'); ?></a>
+	                          Minz_Request::actionName() === 'profile'? ' active' : ''; ?>">
+		<a href="<?php echo _url('user', 'profile'); ?>"><?php echo _t('gen.menu.user_profile'); ?></a>
 	</li>
 	<?php if (FreshRSS_Auth::hasAccess('admin')) { ?>
 	<li class="nav-header"><?php echo _t('gen.menu.admin'); ?></li>
 	<li class="item<?php echo Minz_Request::controllerName() === 'user' &&
 	                          Minz_Request::actionName() === 'manage' ? ' active' : ''; ?>">
-		<a href="<?php echo _url('user', 'manage'); ?>"><?php echo _t('gen.menu.manage_users'); ?></a>
+		<a href="<?php echo _url('user', 'manage'); ?>"><?php echo _t('gen.menu.user_management'); ?></a>
 	</li>
 	<li class="item<?php echo Minz_Request::controllerName() === 'auth' ? ' active' : ''; ?>">
 		<a href="<?php echo _url('auth', 'index'); ?>"><?php echo _t('gen.menu.authentication'); ?></a>
diff --git a/app/layout/header.phtml b/app/layout/header.phtml
index 506cec175..c73d9cdbb 100644
--- a/app/layout/header.phtml
+++ b/app/layout/header.phtml
@@ -62,11 +62,11 @@ if (Minz_Configuration::canLogIn()) {
 				<li class="item"><a href="<?php echo _url('configure', 'sharing'); ?>"><?php echo _t('sharing'); ?></a></li>
 				<li class="item"><a href="<?php echo _url('configure', 'shortcut'); ?>"><?php echo _t('shortcuts'); ?></a></li>
 				<li class="item"><a href="<?php echo _url('configure', 'queries'); ?>"><?php echo _t('queries'); ?></a></li>
-				<li class="item"><a href="<?php echo _url('user', 'profil'); ?>"><?php echo _t('gen.menu.profil'); ?></a></li>
+				<li class="item"><a href="<?php echo _url('user', 'profile'); ?>"><?php echo _t('gen.menu.user_profile'); ?></a></li>
 				<?php if (FreshRSS_Auth::hasAccess('admin')) { ?>
 				<li class="separator"></li>
 				<li class="dropdown-header"><?php echo _t('gen.menu.admin'); ?></li>
-				<li class="item"><a href="<?php echo _url('user', 'manage'); ?>"><?php echo _t('gen.menu.manage_users'); ?></a></li>
+				<li class="item"><a href="<?php echo _url('user', 'manage'); ?>"><?php echo _t('gen.menu.user_management'); ?></a></li>
 				<li class="item"><a href="<?php echo _url('auth', 'index'); ?>"><?php echo _t('gen.menu.authentication'); ?></a></li>
 				<li class="item"><a href="<?php echo _url('update', 'checkInstall'); ?>"><?php echo _t('gen.menu.check_install'); ?></a></li>
 				<li class="item"><a href="<?php echo _url('update', 'index'); ?>"><?php echo _t('update'); ?></a></li>
diff --git a/app/views/user/profil.phtml b/app/views/user/profil.phtml
deleted file mode 100644
index a2af53c96..000000000
--- a/app/views/user/profil.phtml
+++ /dev/null
@@ -1,59 +0,0 @@
-<?php $this->partial('aside_configure'); ?>
-
-<div class="post">
-	<a href="<?php echo _url('index', 'index'); ?>"><?php echo _t('back_to_rss_feeds'); ?></a>
-
-	<form method="post" action="<?php echo _url('user', 'profil'); ?>">
-		<legend><?php echo _t('login_configuration'); ?></legend>
-
-		<div class="form-group">
-			<label class="group-name" for="current_user"><?php echo _t('current_user'); ?></label>
-			<div class="group-controls">
-				<input id="current_user" type="text" disabled="disabled" value="<?php echo Minz_Session::param('currentUser', '_'); ?>" />
-				<label class="checkbox" for="is_admin">
-					<input type="checkbox" id="is_admin" disabled="disabled" <?php echo FreshRSS_Auth::hasAccess('admin') ? 'checked="checked" ' : ''; ?>/>
-					<?php echo _t('is_admin'); ?>
-				</label>
-			</div>
-		</div>
-
-		<div class="form-group">
-			<label class="group-name" for="passwordPlain"><?php echo _t('password_form'); ?></label>
-			<div class="group-controls">
-				<div class="stick">
-					<input type="password" id="passwordPlain" name="passwordPlain" autocomplete="off" pattern=".{7,}" <?php echo cryptAvailable() ? '' : 'disabled="disabled" '; ?>/>
-					<a class="btn toggle-password"><?php echo _i('key'); ?></a>
-				</div>
-				<noscript><b><?php echo _t('javascript_should_be_activated'); ?></b></noscript>
-			</div>
-		</div>
-
-		<?php if (Minz_Configuration::apiEnabled()) { ?>
-		<div class="form-group">
-			<label class="group-name" for="apiPasswordPlain"><?php echo _t('password_api'); ?></label>
-			<div class="group-controls">
-				<div class="stick">
-					<input type="password" id="apiPasswordPlain" name="apiPasswordPlain" autocomplete="off" pattern=".{7,}" <?php echo cryptAvailable() ? '' : 'disabled="disabled" '; ?>/>
-					<a class="btn toggle-password"><?php echo _i('key'); ?></a>
-				</div>
-			</div>
-		</div>
-		<?php } ?>
-
-		<div class="form-group">
-			<label class="group-name" for="mail_login"><?php echo _t('persona_connection_email'); ?></label>
-			<?php $mail = FreshRSS_Context::$conf->mail_login; ?>
-			<div class="group-controls">
-				<input type="email" id="mail_login" name="mail_login" class="extend" autocomplete="off" value="<?php echo $mail; ?>" <?php echo FreshRSS_Auth::hasAccess('admin') ? '' : 'disabled="disabled"'; ?> placeholder="alice@example.net" />
-				<noscript><b><?php echo _t('javascript_should_be_activated'); ?></b></noscript>
-			</div>
-		</div>
-
-		<div class="form-group form-actions">
-			<div class="group-controls">
-				<button type="submit" class="btn btn-important"><?php echo _t('save'); ?></button>
-				<button type="reset" class="btn"><?php echo _t('cancel'); ?></button>
-			</div>
-		</div>
-	</form>
-</div>
diff --git a/app/views/user/profile.phtml b/app/views/user/profile.phtml
new file mode 100644
index 000000000..60257012c
--- /dev/null
+++ b/app/views/user/profile.phtml
@@ -0,0 +1,59 @@
+<?php $this->partial('aside_configure'); ?>
+
+<div class="post">
+	<a href="<?php echo _url('index', 'index'); ?>"><?php echo _t('back_to_rss_feeds'); ?></a>
+
+	<form method="post" action="<?php echo _url('user', 'profile'); ?>">
+		<legend><?php echo _t('login_configuration'); ?></legend>
+
+		<div class="form-group">
+			<label class="group-name" for="current_user"><?php echo _t('current_user'); ?></label>
+			<div class="group-controls">
+				<input id="current_user" type="text" disabled="disabled" value="<?php echo Minz_Session::param('currentUser', '_'); ?>" />
+				<label class="checkbox" for="is_admin">
+					<input type="checkbox" id="is_admin" disabled="disabled" <?php echo FreshRSS_Auth::hasAccess('admin') ? 'checked="checked" ' : ''; ?>/>
+					<?php echo _t('is_admin'); ?>
+				</label>
+			</div>
+		</div>
+
+		<div class="form-group">
+			<label class="group-name" for="passwordPlain"><?php echo _t('password_form'); ?></label>
+			<div class="group-controls">
+				<div class="stick">
+					<input type="password" id="passwordPlain" name="passwordPlain" autocomplete="off" pattern=".{7,}" <?php echo cryptAvailable() ? '' : 'disabled="disabled" '; ?>/>
+					<a class="btn toggle-password"><?php echo _i('key'); ?></a>
+				</div>
+				<noscript><b><?php echo _t('javascript_should_be_activated'); ?></b></noscript>
+			</div>
+		</div>
+
+		<?php if (Minz_Configuration::apiEnabled()) { ?>
+		<div class="form-group">
+			<label class="group-name" for="apiPasswordPlain"><?php echo _t('password_api'); ?></label>
+			<div class="group-controls">
+				<div class="stick">
+					<input type="password" id="apiPasswordPlain" name="apiPasswordPlain" autocomplete="off" pattern=".{7,}" <?php echo cryptAvailable() ? '' : 'disabled="disabled" '; ?>/>
+					<a class="btn toggle-password"><?php echo _i('key'); ?></a>
+				</div>
+			</div>
+		</div>
+		<?php } ?>
+
+		<div class="form-group">
+			<label class="group-name" for="mail_login"><?php echo _t('persona_connection_email'); ?></label>
+			<?php $mail = FreshRSS_Context::$conf->mail_login; ?>
+			<div class="group-controls">
+				<input type="email" id="mail_login" name="mail_login" class="extend" autocomplete="off" value="<?php echo $mail; ?>" <?php echo FreshRSS_Auth::hasAccess('admin') ? '' : 'disabled="disabled"'; ?> placeholder="alice@example.net" />
+				<noscript><b><?php echo _t('javascript_should_be_activated'); ?></b></noscript>
+			</div>
+		</div>
+
+		<div class="form-group form-actions">
+			<div class="group-controls">
+				<button type="submit" class="btn btn-important"><?php echo _t('save'); ?></button>
+				<button type="reset" class="btn"><?php echo _t('cancel'); ?></button>
+			</div>
+		</div>
+	</form>
+</div>
-- 
cgit v1.2.3


From 9fc60317eecba785b66011f04b9a5150296f2df6 Mon Sep 17 00:00:00 2001
From: Marien Fressinaud <dev@marienfressinaud.fr>
Date: Fri, 5 Dec 2014 14:17:02 +0100
Subject: First draft for listing and manipulate extensions

See https://github.com/FreshRSS/FreshRSS/issues/252
---
 app/Controllers/extensionController.php | 43 +++++++++++++++++++++++++++++++++
 app/layout/aside_configure.phtml        |  4 +++
 app/layout/header.phtml                 |  1 +
 app/views/extension/index.phtml         | 35 +++++++++++++++++++++++++++
 lib/Minz/Extension.php                  | 20 +++++++++++++++
 lib/Minz/ExtensionManager.php           | 17 +++++++++++++
 6 files changed, 120 insertions(+)
 create mode 100644 app/Controllers/extensionController.php
 create mode 100644 app/views/extension/index.phtml

(limited to 'app/layout/header.phtml')

diff --git a/app/Controllers/extensionController.php b/app/Controllers/extensionController.php
new file mode 100644
index 000000000..504be56d3
--- /dev/null
+++ b/app/Controllers/extensionController.php
@@ -0,0 +1,43 @@
+<?php
+
+/**
+ * The controller to manage extensions.
+ */
+class FreshRSS_extension_Controller extends Minz_ActionController {
+	/**
+	 * This action is called before every other action in that class. It is
+	 * the common boiler plate for every action. It is triggered by the
+	 * underlying framework.
+	 */
+	public function firstAction() {
+		if (!FreshRSS_Auth::hasAccess()) {
+			Minz_Error::error(403);
+		}
+	}
+
+	/**
+	 * This action lists all the extensions available to the current user.
+	 */
+	public function indexAction() {
+		Minz_View::prependTitle(_t('admin.extensions.title') . ' · ');
+		$this->view->extension_list = Minz_ExtensionManager::list_extensions();
+	}
+
+	public function configureAction() {
+		if (Minz_Request::param('ajax')) {
+			$this->view->_useLayout(false);
+		}
+	}
+
+	public function enableAction() {
+		
+	}
+
+	public function disableAction() {
+		
+	}
+
+	public function removeAction() {
+		
+	}
+}
diff --git a/app/layout/aside_configure.phtml b/app/layout/aside_configure.phtml
index 53c52d3e3..f7f3617c4 100644
--- a/app/layout/aside_configure.phtml
+++ b/app/layout/aside_configure.phtml
@@ -22,6 +22,10 @@
 	                          Minz_Request::actionName() === 'profile'? ' active' : ''; ?>">
 		<a href="<?php echo _url('user', 'profile'); ?>"><?php echo _t('gen.menu.user_profile'); ?></a>
 	</li>
+	<li class="item<?php echo Minz_Request::controllerName() === 'extension' &&
+	                          Minz_Request::actionName() === 'index'? ' active' : ''; ?>">
+		<a href="<?php echo _url('extension', 'index'); ?>"><?php echo _t('gen.menu.extensions'); ?></a>
+	</li>
 	<?php if (FreshRSS_Auth::hasAccess('admin')) { ?>
 	<li class="nav-header"><?php echo _t('gen.menu.admin'); ?></li>
 	<li class="item<?php echo Minz_Request::controllerName() === 'user' &&
diff --git a/app/layout/header.phtml b/app/layout/header.phtml
index c73d9cdbb..0ff367d0b 100644
--- a/app/layout/header.phtml
+++ b/app/layout/header.phtml
@@ -63,6 +63,7 @@ if (Minz_Configuration::canLogIn()) {
 				<li class="item"><a href="<?php echo _url('configure', 'shortcut'); ?>"><?php echo _t('shortcuts'); ?></a></li>
 				<li class="item"><a href="<?php echo _url('configure', 'queries'); ?>"><?php echo _t('queries'); ?></a></li>
 				<li class="item"><a href="<?php echo _url('user', 'profile'); ?>"><?php echo _t('gen.menu.user_profile'); ?></a></li>
+				<li class="item"><a href="<?php echo _url('extension', 'index'); ?>"><?php echo _t('gen.menu.extensions'); ?></a></li>
 				<?php if (FreshRSS_Auth::hasAccess('admin')) { ?>
 				<li class="separator"></li>
 				<li class="dropdown-header"><?php echo _t('gen.menu.admin'); ?></li>
diff --git a/app/views/extension/index.phtml b/app/views/extension/index.phtml
new file mode 100644
index 000000000..c6b7c84a1
--- /dev/null
+++ b/app/views/extension/index.phtml
@@ -0,0 +1,35 @@
+<?php $this->partial('aside_configure'); ?>
+
+<div class="post">
+	<a href="<?php echo _url('index', 'index'); ?>"><?php echo _t('gen.back_to_rss_feeds'); ?></a>
+
+	<h1><?php echo _t('admin.extensions.title'); ?></h1>
+
+	<?php if (!empty($this->extension_list)) { ?>
+	<form id="form-extension" method="post" style="display: none"></form>
+	<?php foreach ($this->extension_list as $ext) { ?>
+	<ul class="horizontal-list">
+		<li class="item">
+			<?php $name_encoded = urlencode($ext->getName()); ?>
+			<div class="stick">
+				<a class="btn open-slider" href="<?php echo _url('extension', 'configure', 'e', $name_encoded); ?>"><?php echo _i('configure'); ?> <?php echo _t('admin.extensions.manage'); ?></a>
+				<?php if ($ext->is_enabled()) { ?>
+				<button class="btn" form="form-extension" formaction="<?php echo _url('extension', 'disable', 'e', $name_encoded); ?>"><?php echo _t('admin.extensions.disable'); ?></button>
+				<?php } else { ?>
+				<button class="btn" form="form-extension" formaction="<?php echo _url('extension', 'enable', 'e', $name_encoded); ?>"><?php echo _t('admin.extensions.enable'); ?></button>
+				<?php } ?>
+				<?php if (FreshRSS_Auth::hasAccess('admin')) { ?>
+				<button class="btn btn-attention confirm" form="form-extension" formaction="<?php echo _url('extension', 'remove', 'e', $name_encoded); ?>"><?php echo _t('admin.extensions.remove'); ?></button>
+				<?php } ?>
+			</div>
+		</li>
+		<li class="item"><?php echo $ext->getName(); ?></li>
+	</ul>
+	<?php } ?>
+	<?php } else { ?>
+	<p class="alert alert-warn"><?php echo _t('admin.extensions.empty_list'); ?></p>
+	<?php } ?>
+</div>
+
+<a href="#" id="close-slider"></a>
+<div id="slider"></div>
diff --git a/lib/Minz/Extension.php b/lib/Minz/Extension.php
index ecf510ea2..a1fdd659b 100644
--- a/lib/Minz/Extension.php
+++ b/lib/Minz/Extension.php
@@ -17,6 +17,8 @@ class Minz_Extension {
 		'user',
 	);
 
+	private $is_enabled;
+
 	/**
 	 * The constructor to assign specific information to the extension.
 	 *
@@ -41,6 +43,8 @@ class Minz_Extension {
 		$this->description = isset($meta_info['description']) ? $meta_info['description'] : '';
 		$this->version = isset($meta_info['version']) ? $meta_info['version'] : '0.1';
 		$this->setType(isset($meta_info['type']) ? $meta_info['type'] : 'user');
+
+		$this->is_enabled = false;
 	}
 
 	/**
@@ -66,6 +70,22 @@ class Minz_Extension {
 	 */
 	public function init() {}
 
+	/**
+	 * Set the current extension to enable.
+	 */
+	public function enable() {
+		$this->is_enabled = true;
+	}
+
+	/**
+	 * Return if the extension is currently enabled.
+	 *
+	 * @return true if extension is enabled, false else.
+	 */
+	public function is_enabled() {
+		return $this->is_enabled;
+	}
+
 	/**
 	 * Getters and setters.
 	 */
diff --git a/lib/Minz/ExtensionManager.php b/lib/Minz/ExtensionManager.php
index 789557b9e..6c32ccf19 100644
--- a/lib/Minz/ExtensionManager.php
+++ b/lib/Minz/ExtensionManager.php
@@ -144,6 +144,7 @@ class Minz_ExtensionManager {
 		if (isset(self::$ext_list[$ext_name])) {
 			$ext = self::$ext_list[$ext_name];
 			self::$ext_list_enabled[$ext_name] = $ext;
+			$ext->enable();
 			$ext->init();
 		}
 	}
@@ -158,4 +159,20 @@ class Minz_ExtensionManager {
 			self::enable($ext_name);
 		}
 	}
+
+
+
+	/**
+	 * Returns a list of extensions.
+	 *
+	 * @param $only_enabled if true returns only the enabled extensions (false by default).
+	 * @return an array of extensions.
+	 */
+	public static function list_extensions($only_enabled = false) {
+		if ($only_enabled) {
+			return self::$ext_list_enabled;
+		} else {
+			return self::$ext_list;
+		}
+	}
 }
-- 
cgit v1.2.3


From f807a6f5c1e9aa5aadf338c5242e54e1930b4088 Mon Sep 17 00:00:00 2001
From: Marien Fressinaud <dev@marienfressinaud.fr>
Date: Wed, 10 Dec 2014 22:10:01 +0100
Subject: Fix i18n for header and aside_configure

---
 app/i18n/en/gen.php              | 58 +++++++++++++++++++++-------------------
 app/i18n/fr/gen.php              | 58 +++++++++++++++++++++-------------------
 app/layout/aside_configure.phtml | 16 +++++------
 app/layout/header.phtml          | 32 +++++++++++-----------
 4 files changed, 84 insertions(+), 80 deletions(-)

(limited to 'app/layout/header.phtml')

diff --git a/app/i18n/en/gen.php b/app/i18n/en/gen.php
index a7f51e8f9..bd386f6a0 100644
--- a/app/i18n/en/gen.php
+++ b/app/i18n/en/gen.php
@@ -1,6 +1,36 @@
 <?php
 
 return array(
+	'auth' => array(
+		'login' => 'Login',
+		'logout' => 'Logout',
+	),
+	'menu' => array(
+		'about' => 'About',
+		'admin' => 'Administration',
+		'archiving' => 'Archiving',
+		'authentication' => 'Authentication',
+		'check_install' => 'Installation checking',
+		'configuration' => 'Configuration',
+		'display' => 'Display',
+		'logs' => 'Logs',
+		'queries' => 'User queries',
+		'reading' => 'Reading',
+		'sharing' => 'Sharing',
+		'shortcuts' => 'Shortcuts',
+		'stats' => 'Statistics',
+		'update' => 'Update',
+		'user_management' => 'Manage users',
+		'user_profile' => 'Profile',
+	),
+	'title' => array(
+		'_' => 'Title',
+		'authentication' => 'Authentication',
+		'check_install' => 'Installation checking',
+		'global_view' => 'Global view',
+		'user_management' => 'Manage users',
+		'user_profile' => 'Profile',
+	),
 	'Apr' => '\\A\\p\\r\\i\\l',
 	'Aug' => '\\A\\u\\g\\u\\s\\t',
 	'Dec' => '\\D\\e\\c\\e\\m\\b\\e\\r',
@@ -13,7 +43,6 @@ return array(
 	'Nov' => '\\N\\o\\v\\e\\m\\b\\e\\r',
 	'Oct' => '\\O\\c\\t\\o\\b\\e\\r',
 	'Sep' => '\\S\\e\\p\\t\\e\\m\\b\\e\\r',
-	'about' => 'About',
 	'about_freshrss' => 'About FreshRSS',
 	'access_denied' => 'You don’t have permission to access this page',
 	'access_protected_feeds' => 'Connection allows to access HTTP protected RSS feeds',
@@ -33,7 +62,6 @@ return array(
 	'api_enabled' => 'Allow <abbr>API</abbr> access <small>(required for mobile apps)</small>',
 	'apr' => 'apr',
 	'april' => 'Apr',
-	'archiving_configuration' => 'Archiving',
 	'archiving_configuration_help' => 'More options are available in the individual stream settings',
 	'article' => 'Article',
 	'article_icons' => 'Article icons',
@@ -110,7 +138,6 @@ return array(
 	'choose_language' => 'Choose a language for FreshRSS',
 	'clear_logs' => 'Clear the logs',
 	'collapse_article' => 'Collapse',
-	'configuration' => 'Configuration',
 	'configuration_updated' => 'Configuration has been updated',
 	'confirm_action' => 'Are you sure you want to perform this action? It cannot be cancelled!',
 	'confirm_action_feed_cat' => 'Are you sure you want to perform this action? You will lose related favorites and user queries. It cannot be cancelled!',
@@ -136,7 +163,6 @@ return array(
 	'delete' => 'Delete',
 	'delete_articles_every' => 'Remove articles after',
 	'diaspora' => 'Diaspora*',
-	'display' => 'Display',
 	'display_articles_unfolded' => 'Show articles unfolded by default',
 	'display_categories_unfolded' => 'Show categories folded by default',
 	'display_configuration' => 'Display',
@@ -191,21 +217,6 @@ return array(
 	'freshrss_installation' => 'Installation · FreshRSS',
 	'fri' => 'Fri',
 	'g+' => 'Google+',
-	'menu' => array(
-		'admin' => 'Administration',
-		'authentication' => 'Authentication',
-		'check_install' => 'Installation checking',
-		'user_management' => 'Manage users',
-		'user_profile' => 'Profile',
-	),
-	'title' => array(
-		'_' => 'Title',
-		'authentication' => 'Authentication',
-		'check_install' => 'Installation checking',
-		'global_view' => 'Global view',
-		'user_management' => 'Manage users',
-		'user_profile' => 'Profile',
-	),
 	'general_conf_is_ok' => 'General configuration has been saved.',
 	'general_configuration' => 'General configuration',
 	'github_or_email' => '<a href="https://github.com/marienfressinaud/FreshRSS/issues">on Github</a> or <a href="mailto:dev@marienfressinaud.fr">by mail</a>',
@@ -256,13 +267,10 @@ return array(
 	'license' => 'License',
 	'load_more' => 'Load more articles',
 	'log_is_ok' => 'Permissions on logs directory are good',
-	'login' => 'Login',
 	'login_configuration' => 'Login',
 	'login_persona_problem' => 'Connection problem with Persona?',
 	'login_required' => 'Login required:',
 	'login_with_persona' => 'Login with Persona',
-	'logout' => 'Logout',
-	'logs' => 'Logs',
 	'logs_empty' => 'Log file is empty',
 	'main_stream' => 'Main stream',
 	'mar' => 'mar',
@@ -340,7 +348,6 @@ return array(
 	'publication_date' => 'Date of publication',
 	'purge_completed' => 'Purge completed (%d articles deleted)',
 	'purge_now' => 'Purge now',
-	'queries' => 'User queries',
 	'query_created' => 'Query "%s" has been created.',
 	'query_deprecated' => 'This query is no longer valid. The referenced category or feed has been deleted.',
 	'query_filter' => 'Filter applied:',
@@ -370,7 +377,6 @@ return array(
 	'query_state_15' => 'Display all articles',
 	'random_string' => 'Random string',
 	'reader_view' => 'Reading view',
-	'reading_configuration' => 'Reading',
 	'reading_confirm' => 'Display a confirmation dialog on “mark all as read” actions',
 	'refresh' => 'Refresh',
 	'related_tags' => 'Related tags',
@@ -392,10 +398,8 @@ return array(
 	'share' => 'Share',
 	'share_name' => 'Share name to display',
 	'share_url' => 'Share URL to use',
-	'sharing' => 'Sharing',
 	'sharing_management' => 'Sharing options management',
 	'shift_for_all_read' => '+ <code>shift</code> to mark all articles as read',
-	'shortcuts' => 'Shortcuts',
 	'shortcuts_article_action' => 'Article actions',
 	'shortcuts_navigation' => 'Navigation',
 	'shortcuts_navigation_help' => 'With the "Shift" modifier, navigation shortcuts apply on feeds.<br/>With the "Alt" modifier, navigation shortcuts apply on categories.',
@@ -410,7 +414,6 @@ return array(
 	'show_read' => 'Show only read',
 	'sort_order' => 'Sort order',
 	'starred_list' => 'List of favourite articles',
-	'stats' => 'Statistics',
 	'stats_entry_count' => 'Entry count',
 	'stats_entry_per_category' => 'Entries per category',
 	'stats_entry_per_day' => 'Entries per day (last 30 days)',
@@ -445,7 +448,6 @@ return array(
 	'tue' => 'Tue',
 	'twitter' => 'Twitter',
 	'unsafe_autologin' => 'Allow unsafe automatic login using the format: ',
-	'update' => 'Update',
 	'update_apply' => 'Apply',
 	'update_can_apply' => 'An update is available.',
 	'update_check' => 'Check for new updates',
diff --git a/app/i18n/fr/gen.php b/app/i18n/fr/gen.php
index 0b2395bd0..b33dc49bc 100644
--- a/app/i18n/fr/gen.php
+++ b/app/i18n/fr/gen.php
@@ -1,6 +1,36 @@
 <?php
 
 return array(
+	'auth' => array(
+		'login' => 'Connexion',
+		'logout' => 'Déconnexion',
+	),
+	'menu' => array(
+		'about' => 'À propos',
+		'admin' => 'Administration',
+		'archiving' => 'Archivage',
+		'authentication' => 'Authentification',
+		'check_install' => 'Vérification de l’installation',
+		'configuration' => 'Configuration',
+		'display' => 'Affichage',
+		'logs' => 'Logs',
+		'queries' => 'Filtres utilisateurs',
+		'reading' => 'Lecture',
+		'sharing' => 'Partage',
+		'shortcuts' => 'Raccourcis',
+		'stats' => 'Statistiques',
+		'update' => 'Mise à jour',
+		'user_management' => 'Gestion des utilisateurs',
+		'user_profile' => 'Profil',
+	),
+	'title' => array(
+		'_' => 'Titre',
+		'authentication' => 'Authentification',
+		'check_install' => 'Vérification de l’installation',
+		'global_view' => 'Vue globale',
+		'user_management' => 'Gestion des utilisateurs',
+		'user_profile' => 'Profil',
+	),
 	'Apr' => '\\a\\v\\r\\i\\l',
 	'Aug' => '\\a\\o\\û\\t',
 	'Dec' => '\\d\\é\\c\\e\\m\\b\\r\\e',
@@ -13,7 +43,6 @@ return array(
 	'Nov' => '\\n\\o\\v\\e\\m\\b\\r\\e',
 	'Oct' => '\\o\\c\\t\\o\\b\\r\\e',
 	'Sep' => '\\s\\e\\p\\t\\e\\m\\b\\r\\e',
-	'about' => 'À propos',
 	'about_freshrss' => 'À propos de FreshRSS',
 	'access_denied' => 'Vous n’avez pas le droit d’accéder à cette page !',
 	'access_protected_feeds' => 'La connexion permet d’accéder aux flux protégés par une authentification HTTP.',
@@ -33,7 +62,6 @@ return array(
 	'api_enabled' => 'Autoriser l’accès par <abbr>API</abbr> <small>(nécessaire pour les applis mobiles)</small>',
 	'apr' => 'avr.',
 	'april' => 'avril',
-	'archiving_configuration' => 'Archivage',
 	'archiving_configuration_help' => 'D’autres options sont disponibles dans la configuration individuelle des flux.',
 	'article' => 'Article',
 	'article_icons' => 'Icônes d’article',
@@ -110,7 +138,6 @@ return array(
 	'choose_language' => 'Choisissez la langue pour FreshRSS',
 	'clear_logs' => 'Effacer les logs',
 	'collapse_article' => 'Refermer',
-	'configuration' => 'Configuration',
 	'configuration_updated' => 'La configuration a été mise à jour.',
 	'confirm_action' => 'Êtes-vous sûr(e) de vouloir continuer ? Cette action ne peut être annulée !',
 	'confirm_action_feed_cat' => 'Êtes-vous sûr(e) de vouloir continuer ? Vous perdrez les favoris et les filtres associés. Cette action ne peut être annulée !',
@@ -139,7 +166,6 @@ return array(
 	'display' => 'Affichage',
 	'display_articles_unfolded' => 'Afficher les articles dépliés par défaut',
 	'display_categories_unfolded' => 'Afficher les catégories pliées par défaut',
-	'display_configuration' => 'Affichage',
 	'do_not_change_if_doubt' => 'Laissez tel quel dans le doute',
 	'dom_is_nok' => 'Il manque une librairie pour parcourir le DOM (paquet php-xml)',
 	'dom_is_ok' => 'Vous disposez du nécessaire pour parcourir le DOM',
@@ -191,21 +217,6 @@ return array(
 	'freshrss_installation' => 'Installation · FreshRSS',
 	'fri' => 'ven.',
 	'g+' => 'Google+',
-	'menu' => array(
-		'admin' => 'Administration',
-		'authentication' => 'Authentification',
-		'check_install' => 'Vérification de l’installation',
-		'user_management' => 'Gestion des utilisateurs',
-		'user_profile' => 'Profil',
-	),
-	'title' => array(
-		'_' => 'Titre',
-		'authentication' => 'Authentification',
-		'check_install' => 'Vérification de l’installation',
-		'global_view' => 'Vue globale',
-		'user_management' => 'Gestion des utilisateurs',
-		'user_profile' => 'Profil',
-	),
 	'general_conf_is_ok' => 'La configuration générale a été enregistrée.',
 	'general_configuration' => 'Configuration générale',
 	'github_or_email' => '<a href="https://github.com/marienfressinaud/FreshRSS/issues">sur Github</a> ou <a href="mailto:dev@marienfressinaud.fr">par courriel</a>',
@@ -256,13 +267,10 @@ return array(
 	'license' => 'Licence',
 	'load_more' => 'Charger plus d’articles',
 	'log_is_ok' => 'Les droits sur le répertoire des logs sont bons',
-	'login' => 'Connexion',
 	'login_configuration' => 'Identification',
 	'login_persona_problem' => 'Problème de connexion à Persona ?',
 	'login_required' => 'Accès protégé par mot de passe :',
 	'login_with_persona' => 'Connexion avec Persona',
-	'logout' => 'Déconnexion',
-	'logs' => 'Logs',
 	'logs_empty' => 'Les logs sont vides.',
 	'main_stream' => 'Flux principal',
 	'mar' => 'mar.',
@@ -340,7 +348,6 @@ return array(
 	'publication_date' => 'Date de publication',
 	'purge_completed' => 'Purge effectuée (%d articles supprimés).',
 	'purge_now' => 'Purger maintenant',
-	'queries' => 'Filtres utilisateurs',
 	'query_created' => 'Le filtre "%s" a bien été créé.',
 	'query_deprecated' => 'Ce filtre n’est plus valide. La catégorie ou le flux concerné a été supprimé.',
 	'query_filter' => 'Filtres appliqués :',
@@ -370,7 +377,6 @@ return array(
 	'query_state_15' => 'Afficher tous les articles',
 	'random_string' => 'Chaîne aléatoire',
 	'reader_view' => 'Vue lecture',
-	'reading_configuration' => 'Lecture',
 	'reading_confirm' => 'Afficher une confirmation lors des actions “marquer tout comme lu”',
 	'refresh' => 'Actualisation',
 	'related_tags' => 'Tags associés',
@@ -392,10 +398,8 @@ return array(
 	'share' => 'Partager',
 	'share_name' => 'Nom du partage à afficher',
 	'share_url' => 'URL du partage à utiliser',
-	'sharing' => 'Partage',
 	'sharing_management' => 'Gestion des options de partage',
 	'shift_for_all_read' => '+ <code>shift</code> pour marquer tous les articles comme lus',
-	'shortcuts' => 'Raccourcis',
 	'shortcuts_article_action' => 'Actions associées à l’article courant',
 	'shortcuts_navigation' => 'Navigation',
 	'shortcuts_navigation_help' => 'Avec le modificateur "Shift", les raccourcis de navigation s’appliquent aux flux.<br/>Avec le modificateur "Alt", les raccourcis de navigation s’appliquent aux catégories.',
@@ -410,7 +414,6 @@ return array(
 	'show_read' => 'Afficher les lus',
 	'sort_order' => 'Ordre de tri',
 	'starred_list' => 'Liste des articles favoris',
-	'stats' => 'Statistiques',
 	'stats_entry_count' => 'Nombre d’articles',
 	'stats_entry_per_category' => 'Articles par catégorie',
 	'stats_entry_per_day' => 'Nombre d’articles par jour (30 derniers jours)',
@@ -445,7 +448,6 @@ return array(
 	'tue' => 'mar.',
 	'twitter' => 'Twitter',
 	'unsafe_autologin' => 'Autoriser les connexions automatiques non-sûres au format : ',
-	'update' => 'Mise à jour',
 	'update_apply' => 'Appliquer la mise à jour',
 	'update_can_apply' => 'Une mise à jour est disponible.',
 	'update_check' => 'Vérifier les mises à jour',
diff --git a/app/layout/aside_configure.phtml b/app/layout/aside_configure.phtml
index 53c52d3e3..25b8037e6 100644
--- a/app/layout/aside_configure.phtml
+++ b/app/layout/aside_configure.phtml
@@ -1,22 +1,22 @@
 <ul class="nav nav-list aside">
-	<li class="nav-header"><?php echo _t('configuration'); ?></li>
+	<li class="nav-header"><?php echo _t('gen.menu.configuration'); ?></li>
 	<li class="item<?php echo Minz_Request::actionName() === 'display' ? ' active' : ''; ?>">
-		<a href="<?php echo _url('configure', 'display'); ?>"><?php echo _t('display_configuration'); ?></a>
+		<a href="<?php echo _url('configure', 'display'); ?>"><?php echo _t('gen.menu.display'); ?></a>
 	</li>
 	<li class="item<?php echo Minz_Request::actionName() === 'reading' ? ' active' : ''; ?>">
-		<a href="<?php echo _url('configure', 'reading'); ?>"><?php echo _t('reading_configuration'); ?></a>
+		<a href="<?php echo _url('configure', 'reading'); ?>"><?php echo _t('gen.menu.reading'); ?></a>
 	</li>
 	<li class="item<?php echo Minz_Request::actionName() === 'archiving' ? ' active' : ''; ?>">
-		<a href="<?php echo _url('configure', 'archiving'); ?>"><?php echo _t('archiving_configuration'); ?></a>
+		<a href="<?php echo _url('configure', 'archiving'); ?>"><?php echo _t('gen.menu.archiving'); ?></a>
 	</li>
 	<li class="item<?php echo Minz_Request::actionName() === 'sharing' ? ' active' : ''; ?>">
-		<a href="<?php echo _url('configure', 'sharing'); ?>"><?php echo _t('sharing'); ?></a>
+		<a href="<?php echo _url('configure', 'sharing'); ?>"><?php echo _t('gen.menu.sharing'); ?></a>
 	</li>
 	<li class="item<?php echo Minz_Request::actionName() === 'shortcut' ? ' active' : ''; ?>">
-		<a href="<?php echo _url('configure', 'shortcut'); ?>"><?php echo _t('shortcuts'); ?></a>
+		<a href="<?php echo _url('configure', 'shortcut'); ?>"><?php echo _t('gen.menu.shortcuts'); ?></a>
 	</li>
 	<li class="item<?php echo Minz_Request::actionName() === 'queries' ? ' active' : ''; ?>">
-		<a href="<?php echo _url('configure', 'queries'); ?>"><?php echo _t('queries'); ?></a>
+		<a href="<?php echo _url('configure', 'queries'); ?>"><?php echo _t('gen.menu.queries'); ?></a>
 	</li>
 	<li class="item<?php echo Minz_Request::controllerName() === 'user' &&
 	                          Minz_Request::actionName() === 'profile'? ' active' : ''; ?>">
@@ -37,7 +37,7 @@
 	</li>
 	<li class="item<?php echo Minz_Request::controllerName() === 'update' &&
 	                          Minz_Request::actionName() === 'index' ? ' active' : ''; ?>">
-		<a href="<?php echo _url('update', 'index'); ?>"><?php echo _t('update'); ?></a>
+		<a href="<?php echo _url('update', 'index'); ?>"><?php echo _t('gen.menu.update'); ?></a>
 	</li>
 	<?php } ?>
 </ul>
diff --git a/app/layout/header.phtml b/app/layout/header.phtml
index c73d9cdbb..429cfc1d2 100644
--- a/app/layout/header.phtml
+++ b/app/layout/header.phtml
@@ -2,9 +2,9 @@
 if (Minz_Configuration::canLogIn()) {
 	?><ul class="nav nav-head nav-login"><?php
 		if (FreshRSS_Auth::hasAccess()) {
-			?><li class="item"><?php echo _i('logout'); ?> <a class="signout" href="<?php echo _url('auth', 'logout'); ?>"><?php echo _t('logout'); ?></a></li><?php
+			?><li class="item"><?php echo _i('logout'); ?> <a class="signout" href="<?php echo _url('auth', 'logout'); ?>"><?php echo _t('gen.auth.logout'); ?></a></li><?php
 		} else {
-			?><li class="item"><?php echo _i('login'); ?> <a class="signin" href="<?php echo _url('auth', 'login'); ?>"><?php echo _t('login'); ?></a></li><?php
+			?><li class="item"><?php echo _i('login'); ?> <a class="signin" href="<?php echo _url('auth', 'login'); ?>"><?php echo _t('gen.auth.login'); ?></a></li><?php
 		}
 	?></ul><?php
 }
@@ -25,7 +25,7 @@ if (Minz_Configuration::canLogIn()) {
 		<form action="<?php echo _url('index', 'index'); ?>" method="get">
 			<div class="stick">
 				<?php $search = Minz_Request::param('search', ''); ?>
-				<input type="search" name="search" id="search" class="extend" value="<?php echo $search; ?>" placeholder="<?php echo _t('search'); ?>" />
+				<input type="search" name="search" id="search" class="extend" value="<?php echo $search; ?>" placeholder="<?php echo _t('gen.search'); ?>" />
 
 				<?php $get = Minz_Request::param('get', ''); ?>
 				<?php if ($get != '') { ?>
@@ -55,13 +55,13 @@ if (Minz_Configuration::canLogIn()) {
 			<a class="btn dropdown-toggle" href="#dropdown-configure"><?php echo _i('configure'); ?></a>
 			<ul class="dropdown-menu">
 				<li class="dropdown-close"><a href="#close">❌</a></li>
-				<li class="dropdown-header"><?php echo _t('configuration'); ?></li>
-				<li class="item"><a href="<?php echo _url('configure', 'display'); ?>"><?php echo _t('display_configuration'); ?></a></li>
-				<li class="item"><a href="<?php echo _url('configure', 'reading'); ?>"><?php echo _t('reading_configuration'); ?></a></li>
-				<li class="item"><a href="<?php echo _url('configure', 'archiving'); ?>"><?php echo _t('archiving_configuration'); ?></a></li>
-				<li class="item"><a href="<?php echo _url('configure', 'sharing'); ?>"><?php echo _t('sharing'); ?></a></li>
-				<li class="item"><a href="<?php echo _url('configure', 'shortcut'); ?>"><?php echo _t('shortcuts'); ?></a></li>
-				<li class="item"><a href="<?php echo _url('configure', 'queries'); ?>"><?php echo _t('queries'); ?></a></li>
+				<li class="dropdown-header"><?php echo _t('gen.menu.configuration'); ?></li>
+				<li class="item"><a href="<?php echo _url('configure', 'display'); ?>"><?php echo _t('gen.menu.display'); ?></a></li>
+				<li class="item"><a href="<?php echo _url('configure', 'reading'); ?>"><?php echo _t('gen.menu.reading'); ?></a></li>
+				<li class="item"><a href="<?php echo _url('configure', 'archiving'); ?>"><?php echo _t('gen.menu.archiving'); ?></a></li>
+				<li class="item"><a href="<?php echo _url('configure', 'sharing'); ?>"><?php echo _t('gen.menu.sharing'); ?></a></li>
+				<li class="item"><a href="<?php echo _url('configure', 'shortcut'); ?>"><?php echo _t('gen.menu.shortcuts'); ?></a></li>
+				<li class="item"><a href="<?php echo _url('configure', 'queries'); ?>"><?php echo _t('gen.menu.queries'); ?></a></li>
 				<li class="item"><a href="<?php echo _url('user', 'profile'); ?>"><?php echo _t('gen.menu.user_profile'); ?></a></li>
 				<?php if (FreshRSS_Auth::hasAccess('admin')) { ?>
 				<li class="separator"></li>
@@ -69,23 +69,23 @@ if (Minz_Configuration::canLogIn()) {
 				<li class="item"><a href="<?php echo _url('user', 'manage'); ?>"><?php echo _t('gen.menu.user_management'); ?></a></li>
 				<li class="item"><a href="<?php echo _url('auth', 'index'); ?>"><?php echo _t('gen.menu.authentication'); ?></a></li>
 				<li class="item"><a href="<?php echo _url('update', 'checkInstall'); ?>"><?php echo _t('gen.menu.check_install'); ?></a></li>
-				<li class="item"><a href="<?php echo _url('update', 'index'); ?>"><?php echo _t('update'); ?></a></li>
+				<li class="item"><a href="<?php echo _url('update', 'index'); ?>"><?php echo _t('gen.menu.update'); ?></a></li>
 				<?php } ?>
 				<li class="separator"></li>
-				<li class="item"><a href="<?php echo _url('stats', 'index'); ?>"><?php echo _t('stats'); ?></a></li>
-				<li class="item"><a href="<?php echo _url('index', 'logs'); ?>"><?php echo _t('logs'); ?></a></li>
-				<li class="item"><a href="<?php echo _url('index', 'about'); ?>"><?php echo _t('about'); ?></a></li>
+				<li class="item"><a href="<?php echo _url('stats', 'index'); ?>"><?php echo _t('gen.menu.stats'); ?></a></li>
+				<li class="item"><a href="<?php echo _url('index', 'logs'); ?>"><?php echo _t('gen.menu.logs'); ?></a></li>
+				<li class="item"><a href="<?php echo _url('index', 'about'); ?>"><?php echo _t('gen.menu.about'); ?></a></li>
 				<?php
 				if (Minz_Configuration::canLogIn()) {
 					?><li class="separator"></li>
-				<li class="item"><a class="signout" href="<?php echo _url('auth', 'logout'); ?>"><?php echo _i('logout'), ' ', _t('logout'); ?></a></li><?php
+				<li class="item"><a class="signout" href="<?php echo _url('auth', 'logout'); ?>"><?php echo _i('logout'), ' ', _t('gen.auth.logout'); ?></a></li><?php
 				} ?>
 			</ul>
 		</div>
 	</div>
 	<?php } elseif (Minz_Configuration::canLogIn()) { ?>
 	<div class="item configure">
-		<?php echo _i('login'); ?><a class="signin" href="<?php echo _url('auth', 'login'); ?>"><?php echo _t('login'); ?></a>
+		<?php echo _i('login'); ?><a class="signin" href="<?php echo _url('auth', 'login'); ?>"><?php echo _t('gen.auth.login'); ?></a>
 	</div>
 	<?php } ?>
 </div>
-- 
cgit v1.2.3


From d455837c6d6e3ad3d64d06f40c947c93fc4e2086 Mon Sep 17 00:00:00 2001
From: Marien Fressinaud <dev@marienfressinaud.fr>
Date: Thu, 11 Dec 2014 00:00:15 +0100
Subject: Fix i18n for normal view

---
 app/Controllers/indexController.php |  2 +-
 app/Models/Context.php              |  4 +--
 app/i18n/en/gen.php                 | 62 +++++++++++++++----------------------
 app/i18n/en/index.php               | 25 ++++++++++++++-
 app/i18n/fr/gen.php                 | 62 +++++++++++++++----------------------
 app/i18n/fr/index.php               | 25 ++++++++++++++-
 app/layout/header.phtml             |  2 +-
 app/views/helpers/pagination.phtml  |  8 ++---
 app/views/index/logs.phtml          |  6 ++--
 app/views/index/normal.phtml        | 16 +++++-----
 lib/lib_rss.php                     |  8 ++---
 11 files changed, 121 insertions(+), 99 deletions(-)

(limited to 'app/layout/header.phtml')

diff --git a/app/Controllers/indexController.php b/app/Controllers/indexController.php
index eff47ed58..2759ab289 100755
--- a/app/Controllers/indexController.php
+++ b/app/Controllers/indexController.php
@@ -217,7 +217,7 @@ class FreshRSS_index_Controller extends Minz_ActionController {
 			Minz_Error::error(403);
 		}
 
-		Minz_View::prependTitle(_t('index.logs.title') . ' · ');
+		Minz_View::prependTitle(_t('index.log.title') . ' · ');
 
 		if (Minz_Request::isPost()) {
 			FreshRSS_LogDAO::truncate();
diff --git a/app/Models/Context.php b/app/Models/Context.php
index 3dc5349ad..c8a65063a 100644
--- a/app/Models/Context.php
+++ b/app/Models/Context.php
@@ -138,12 +138,12 @@ class FreshRSS_Context {
 		switch($type) {
 		case 'a':
 			self::$current_get['all'] = true;
-			self::$name = _t('your_rss_feeds');
+			self::$name = _t('index.feed.title');
 			self::$get_unread = self::$total_unread;
 			break;
 		case 's':
 			self::$current_get['starred'] = true;
-			self::$name = _t('your_favorites');
+			self::$name = _t('index.feed.title_fav');
 			self::$get_unread = self::$total_starred['unread'];
 
 			// Update state if favorite is not yet enabled.
diff --git a/app/i18n/en/gen.php b/app/i18n/en/gen.php
index 28659cccb..a9045c299 100644
--- a/app/i18n/en/gen.php
+++ b/app/i18n/en/gen.php
@@ -12,10 +12,30 @@ return array(
 		'login' => 'Login',
 		'logout' => 'Logout',
 	),
+	'date' => array(
+		'Apr' => '\\A\\p\\r\\i\\l',
+		'Aug' => '\\A\\u\\g\\u\\s\\t',
+		'Dec' => '\\D\\e\\c\\e\\m\\b\\e\\r',
+		'Feb' => '\\F\\e\\b\\r\\u\\a\\r\\y',
+		'Jan' => '\\J\\a\\n\\u\\a\\r\\y',
+		'Jul' => '\\J\\u\\l\\y',
+		'Jun' => '\\J\\u\\n\\e',
+		'Mar' => '\\M\\a\\r\\c\\h',
+		'May' => '\\M\\a\\y',
+		'Nov' => '\\N\\o\\v\\e\\m\\b\\e\\r',
+		'Oct' => '\\O\\c\\t\\o\\b\\e\\r',
+		'Sep' => '\\S\\e\\p\\t\\e\\m\\b\\e\\r',
+		'before_yesterday' => 'Before yesterday',
+		'format_date' => '%s j\\<\\s\\u\\p\\>S\\<\\/\\s\\u\\p\\> Y',
+		'format_date_hour' => '%s j\\<\\s\\u\\p\\>S\\<\\/\\s\\u\\p\\> Y \\a\\t H\\:i',
+		'today' => 'Today',
+		'yesterday' => 'Yesterday',
+	),
 	'js' => array(
 		'category_empty' => 'Empty category',
 		'confirm_action' => 'Are you sure you want to perform this action? It cannot be cancelled!',
 		'confirm_action_feed_cat' => 'Are you sure you want to perform this action? You will lose related favorites and user queries. It cannot be cancelled!',
+		'new_article' => 'There are new available articles, click to refresh the page.',
 		'notif_body_new_articles' => 'There are \\d new articles to read on FreshRSS.',
 		'notif_title_new_articles' => 'FreshRSS: new articles!',
 	),
@@ -30,6 +50,7 @@ return array(
 		'logs' => 'Logs',
 		'queries' => 'User queries',
 		'reading' => 'Reading',
+		'search' => 'Search words or #tags',
 		'sharing' => 'Sharing',
 		'shortcuts' => 'Shortcuts',
 		'stats' => 'Statistics',
@@ -40,7 +61,10 @@ return array(
 	'pagination' => array(
 		'first' => 'First',
 		'last' => 'Last',
+		'load_more' => 'Load more articles',
+		'mark_all_read' => 'Mark all as read',
 		'next' => 'Next',
+		'nothing_to_load' => 'There are no more articles',
 		'previous' => 'Previous',
 	),
 	'title' => array(
@@ -51,18 +75,7 @@ return array(
 		'user_management' => 'Manage users',
 		'user_profile' => 'Profile',
 	),
-	'Apr' => '\\A\\p\\r\\i\\l',
-	'Aug' => '\\A\\u\\g\\u\\s\\t',
-	'Dec' => '\\D\\e\\c\\e\\m\\b\\e\\r',
-	'Feb' => '\\F\\e\\b\\r\\u\\a\\r\\y',
-	'Jan' => '\\J\\a\\n\\u\\a\\r\\y',
-	'Jul' => '\\J\\u\\l\\y',
-	'Jun' => '\\J\\u\\n\\e',
-	'Mar' => '\\M\\a\\r\\c\\h',
-	'May' => '\\M\\a\\y',
-	'Nov' => '\\N\\o\\v\\e\\m\\b\\e\\r',
-	'Oct' => '\\O\\c\\t\\o\\b\\e\\r',
-	'Sep' => '\\S\\e\\p\\t\\e\\m\\b\\e\\r',
+	'freshrss' => 'FreshRSS',
 	'access_denied' => 'You don’t have permission to access this page',
 	'access_protected_feeds' => 'Connection allows to access HTTP protected RSS feeds',
 	'activate_sharing' => 'Activate sharing',
@@ -117,13 +130,10 @@ return array(
 	'bdd_conf_is_ok' => 'Database configuration has been saved.',
 	'bdd_configuration' => 'Database configuration',
 	'bdd_type' => 'Type of database',
-	'before_yesterday' => 'Before yesterday',
 	'blank_to_disable' => 'Leave blank to disable',
-	'blogotext' => 'Blogotext',
 	'bottom_line' => 'Bottom line',
 	'bugs_reports' => 'Bugs reports',
 	'by' => 'by',
-	'by_author' => 'By <em>%s</em>',
 	'by_default' => 'By default',
 	'by_email' => 'By email',
 	'by_feed' => 'by feed',
@@ -171,14 +181,12 @@ return array(
 	'default_view' => 'Default view',
 	'delete' => 'Delete',
 	'delete_articles_every' => 'Remove articles after',
-	'diaspora' => 'Diaspora*',
 	'display_articles_unfolded' => 'Show articles unfolded by default',
 	'display_categories_unfolded' => 'Show categories folded by default',
 	'display_configuration' => 'Display',
 	'do_not_change_if_doubt' => 'Don’t change if you doubt about it',
 	'dom_is_nok' => 'You lack a required library to browse the DOM (php-xml package)',
 	'dom_is_ok' => 'You have the required library to browse the DOM',
-	'email' => 'Email',
 	'error_occurred' => 'An error occurred',
 	'error_occurred_update' => 'Nothing was changed',
 	'explain_token' => 'Allows to access RSS output of the default user without authentication.<br /><kbd>%s?output=rss&token=%s</kbd>',
@@ -186,7 +194,6 @@ return array(
 	'export_no_zip_extension' => 'Zip extension is not present on your server. Please try to export files one by one.',
 	'export_opml' => 'Export list of feeds (OPML)',
 	'export_starred' => 'Export your favourites',
-	'facebook' => 'Facebook',
 	'favicons_is_ok' => 'Permissions on favicons directory are good',
 	'feb' => 'feb',
 	'february' => 'Feb',
@@ -216,13 +223,9 @@ return array(
 	'first_article' => 'Skip to the first article',
 	'fix_errors_before' => 'Fix errors before skip to the next step.',
 	'focus_search' => 'Access search box',
-	'format_date' => '%s j\\<\\s\\u\\p\\>S\\<\\/\\s\\u\\p\\> Y',
-	'format_date_hour' => '%s j\\<\\s\\u\\p\\>S\\<\\/\\s\\u\\p\\> Y \\a\\t H\\:i',
-	'freshrss' => 'FreshRSS',
 	'freshrss_description' => 'FreshRSS is a RSS feeds aggregator to self-host like <a href="http://tontof.net/kriss/feed/">Kriss Feed</a> or <a href="http://projet.idleman.fr/leed/">Leed</a>. It is light and easy to take in hand while being powerful and configurable tool.',
 	'freshrss_installation' => 'Installation · FreshRSS',
 	'fri' => 'Fri',
-	'g+' => 'Google+',
 	'general_conf_is_ok' => 'General configuration has been saved.',
 	'general_configuration' => 'General configuration',
 	'github_or_email' => '<a href="https://github.com/marienfressinaud/FreshRSS/issues">on Github</a> or <a href="mailto:dev@marienfressinaud.fr">by mail</a>',
@@ -268,7 +271,6 @@ return array(
 	'last_year' => 'Last year',
 	'lead_developer' => 'Lead developer',
 	'license' => 'License',
-	'load_more' => 'Load more articles',
 	'log_is_ok' => 'Permissions on logs directory are good',
 	'login_configuration' => 'Login',
 	'login_persona_problem' => 'Connection problem with Persona?',
@@ -287,7 +289,6 @@ return array(
 	'more_information' => 'More information',
 	'n_entries_deleted' => '%d articles have been deleted',
 	'n_feeds_actualized' => '%d feeds have been updated',
-	'new_article' => 'There are new available articles, click to refresh the page.',
 	'new_category' => 'New category',
 	'next_article' => 'Skip to the next article',
 	'next_page' => 'Skip to the next page',
@@ -305,7 +306,6 @@ return array(
 	'not_read' => '%d unread',
 	'not_reads' => '%d unread',
 	'not_yet_implemented' => 'Not yet implemented',
-	'nothing_to_load' => 'There are no more articles',
 	'nov' => 'nov',
 	'november' => 'Nov',
 	'number_articles' => '%d articles',
@@ -334,7 +334,6 @@ return array(
 	'prefix' => 'Table prefix',
 	'previous_article' => 'Skip to the previous article',
 	'previous_page' => 'Skip to the previous page',
-	'print' => 'Print',
 	'project_website' => 'Project website',
 	'public' => 'Public',
 	'publication_date' => 'Date of publication',
@@ -370,21 +369,16 @@ return array(
 	'random_string' => 'Random string',
 	'reading_confirm' => 'Display a confirmation dialog on “mark all as read” actions',
 	'refresh' => 'Refresh',
-	'related_tags' => 'Related tags',
 	'retrieve_truncated_feeds' => 'Retrieves truncated RSS feeds (attention, requires more time!)',
 	'rss_feed_management' => 'RSS feeds management',
 	'rss_feeds_of' => 'RSS feed of %s',
 	'sat' => 'Sat',
 	'save' => 'Save',
 	'scroll' => 'while scrolling',
-	'search' => 'Search words or #tags',
-	'search_short' => 'Search',
 	'seconds_(0_means_no_timeout)' => 'seconds (0 means no timeout)',
 	'see_on_website' => 'See on original website',
 	'sep' => 'sep',
 	'september' => 'Sep',
-	'shaarli' => 'Shaarli',
-	'share' => 'Share',
 	'share_name' => 'Share name to display',
 	'share_url' => 'Share URL to use',
 	'sharing_management' => 'Sharing options management',
@@ -422,12 +416,10 @@ return array(
 	'think_to_add' => 'You may add some feeds.',
 	'this_is_the_end' => 'This is the end',
 	'thu' => 'Thu',
-	'today' => 'Today',
 	'top_line' => 'Top line',
 	'truncate' => 'Delete all articles',
 	'ttl' => 'Do not automatically refresh more often than',
 	'tue' => 'Tue',
-	'twitter' => 'Twitter',
 	'unsafe_autologin' => 'Allow unsafe automatic login using the format: ',
 	'update_apply' => 'Apply',
 	'update_can_apply' => 'An update is available.',
@@ -452,7 +444,6 @@ return array(
 	'users_list' => 'List of users',
 	'version' => 'Version',
 	'version_update' => 'Update',
-	'wallabag' => 'wallabag',
 	'website' => 'Website',
 	'website_url' => 'Website URL',
 	'wed' => 'Wed',
@@ -461,10 +452,7 @@ return array(
 	'width_no_limit' => 'No limit',
 	'width_thin' => 'Thin',
 	'yes' => 'Yes',
-	'yesterday' => 'Yesterday',
 	'your_diaspora_pod' => 'Your Diaspora* pod',
-	'your_favorites' => 'Your favourites',
-	'your_rss_feeds' => 'Your RSS feeds',
 	'your_shaarli' => 'Your Shaarli',
 	'your_wallabag' => 'Your wallabag',
 	'zip_error' => 'An error occured during Zip import.',
diff --git a/app/i18n/en/index.php b/app/i18n/en/index.php
index 97df646c4..723feefd7 100644
--- a/app/i18n/en/index.php
+++ b/app/i18n/en/index.php
@@ -1,7 +1,14 @@
 <?php
 
 return array(
-	'logs' => array(
+	'entry' => array(
+		'by_author' => 'By <em>%s</em>',
+	),
+	'feed' => array(
+		'title' => 'Your RSS feeds',
+		'title_fav' => 'Your favourites',
+	),
+	'log' => array(
 		'_' => 'Logs',
 		'clear' => 'Clear the logs',
 		'empty' => 'Log file is empty',
@@ -28,10 +35,26 @@ return array(
 		'read' => 'Show only unread',
 		'reader_view' => 'Reading view',
 		'rss_view' => 'RSS feed',
+		'search_short' => 'Search',
 		'see_website' => 'See website',
 		'starred' => 'Show only favorites',
 		'stats' => 'Statistics',
 		'subscription' => 'Subscriptions management',
 		'unread' => 'Show only read',
 	),
+	'share' => array(
+		'_' => 'Share',
+		'blogotext' => 'Blogotext',
+		'diaspora' => 'Diaspora*',
+		'email' => 'Email',
+		'facebook' => 'Facebook',
+		'g+' => 'Google+',
+		'print' => 'Print',
+		'shaarli' => 'Shaarli',
+		'twitter' => 'Twitter',
+		'wallabag' => 'wallabag',
+	),
+	'tag' => array(
+		'related' => 'Related tags',
+	),
 );
diff --git a/app/i18n/fr/gen.php b/app/i18n/fr/gen.php
index 3d3878eb1..b999b130c 100644
--- a/app/i18n/fr/gen.php
+++ b/app/i18n/fr/gen.php
@@ -12,10 +12,30 @@ return array(
 		'login' => 'Connexion',
 		'logout' => 'Déconnexion',
 	),
+	'date' => array(
+		'Apr' => '\\a\\v\\r\\i\\l',
+		'Aug' => '\\a\\o\\û\\t',
+		'Dec' => '\\d\\é\\c\\e\\m\\b\\r\\e',
+		'Feb' => '\\f\\é\\v\\r\\i\\e\\r',
+		'Jan' => '\\j\\a\\n\\v\\i\\e\\r',
+		'Jul' => '\\j\\u\\i\\l\\l\\e\\t',
+		'Jun' => '\\j\\u\\i\\n',
+		'Mar' => '\\m\\a\\r\\s',
+		'May' => '\\m\\a\\i',
+		'Nov' => '\\n\\o\\v\\e\\m\\b\\r\\e',
+		'Oct' => '\\o\\c\\t\\o\\b\\r\\e',
+		'Sep' => '\\s\\e\\p\\t\\e\\m\\b\\r\\e',
+		'before_yesterday' => 'À partir d’avant-hier',
+		'format_date' => 'j %s Y',
+		'format_date_hour' => 'j %s Y \\à H\\:i',
+		'today' => 'Aujourd’hui',
+		'yesterday' => 'Hier',
+	),
 	'js' => array(
 		'category_empty' => 'Catégorie vide',
 		'confirm_action' => 'Êtes-vous sûr(e) de vouloir continuer ? Cette action ne peut être annulée !',
 		'confirm_action_feed_cat' => 'Êtes-vous sûr(e) de vouloir continuer ? Vous perdrez les favoris et les filtres associés. Cette action ne peut être annulée !',
+		'new_article' => 'Il y a de nouveaux articles disponibles, cliquez pour rafraîchir la page.',
 		'notif_body_new_articles' => 'Il y a \\d nouveaux articles à lire sur FreshRSS.',
 		'notif_title_new_articles' => 'FreshRSS : nouveaux articles !',
 	),
@@ -30,6 +50,7 @@ return array(
 		'logs' => 'Logs',
 		'queries' => 'Filtres utilisateurs',
 		'reading' => 'Lecture',
+		'search' => 'Rechercher des mots ou des #tags',
 		'sharing' => 'Partage',
 		'shortcuts' => 'Raccourcis',
 		'stats' => 'Statistiques',
@@ -40,7 +61,10 @@ return array(
 	'pagination' => array(
 		'first' => 'Début',
 		'last' => 'Fin',
+		'load_more' => 'Charger plus d’articles',
+		'mark_all_read' => 'Tout marquer comme lu',
 		'next' => 'Suivant',
+		'nothing_to_load' => 'Fin des articles',
 		'previous' => 'Précédent',
 	),
 	'title' => array(
@@ -51,18 +75,7 @@ return array(
 		'user_management' => 'Gestion des utilisateurs',
 		'user_profile' => 'Profil',
 	),
-	'Apr' => '\\a\\v\\r\\i\\l',
-	'Aug' => '\\a\\o\\û\\t',
-	'Dec' => '\\d\\é\\c\\e\\m\\b\\r\\e',
-	'Feb' => '\\f\\é\\v\\r\\i\\e\\r',
-	'Jan' => '\\j\\a\\n\\v\\i\\e\\r',
-	'Jul' => '\\j\\u\\i\\l\\l\\e\\t',
-	'Jun' => '\\j\\u\\i\\n',
-	'Mar' => '\\m\\a\\r\\s',
-	'May' => '\\m\\a\\i',
-	'Nov' => '\\n\\o\\v\\e\\m\\b\\r\\e',
-	'Oct' => '\\o\\c\\t\\o\\b\\r\\e',
-	'Sep' => '\\s\\e\\p\\t\\e\\m\\b\\r\\e',
+	'freshrss' => 'FreshRSS',
 	'access_denied' => 'Vous n’avez pas le droit d’accéder à cette page !',
 	'access_protected_feeds' => 'La connexion permet d’accéder aux flux protégés par une authentification HTTP.',
 	'activate_sharing' => 'Activer le partage',
@@ -117,13 +130,10 @@ return array(
 	'bdd_conf_is_ok' => 'La configuration de la base de données a été enregistrée.',
 	'bdd_configuration' => 'Base de données',
 	'bdd_type' => 'Type de base de données',
-	'before_yesterday' => 'À partir d’avant-hier',
 	'blank_to_disable' => 'Laissez vide pour désactiver',
-	'blogotext' => 'Blogotext',
 	'bottom_line' => 'Ligne du bas',
 	'bugs_reports' => 'Rapports de bugs',
 	'by' => 'par',
-	'by_author' => 'Par <em>%s</em>',
 	'by_default' => 'Par défaut',
 	'by_email' => 'Par courriel',
 	'by_feed' => 'par flux',
@@ -171,14 +181,12 @@ return array(
 	'default_view' => 'Vue par défaut',
 	'delete' => 'Supprimer',
 	'delete_articles_every' => 'Supprimer les articles après',
-	'diaspora' => 'Diaspora*',
 	'display' => 'Affichage',
 	'display_articles_unfolded' => 'Afficher les articles dépliés par défaut',
 	'display_categories_unfolded' => 'Afficher les catégories pliées par défaut',
 	'do_not_change_if_doubt' => 'Laissez tel quel dans le doute',
 	'dom_is_nok' => 'Il manque une librairie pour parcourir le DOM (paquet php-xml)',
 	'dom_is_ok' => 'Vous disposez du nécessaire pour parcourir le DOM',
-	'email' => 'Courriel',
 	'error_occurred' => 'Une erreur est survenue !',
 	'error_occurred_update' => 'Rien n’a été modifié !',
 	'explain_token' => 'Permet d’accéder à la sortie RSS de l’utilisateur par défaut sans besoin de s’authentifier.<br /><kbd>%s?output=rss&token=%s</kbd>',
@@ -186,7 +194,6 @@ return array(
 	'export_no_zip_extension' => 'L’extension Zip n’est pas présente sur votre serveur. Veuillez essayer d’exporter les fichiers un par un.',
 	'export_opml' => 'Exporter la liste des flux (OPML)',
 	'export_starred' => 'Exporter les favoris',
-	'facebook' => 'Facebook',
 	'favicons_is_ok' => 'Les droits sur le répertoire des favicons sont bons',
 	'feb' => 'fév.',
 	'february' => 'février',
@@ -216,13 +223,9 @@ return array(
 	'first_article' => 'Passer au premier article',
 	'fix_errors_before' => 'Veuillez corriger les erreurs avant de passer à l’étape suivante.',
 	'focus_search' => 'Accéder à la recherche',
-	'format_date' => 'j %s Y',
-	'format_date_hour' => 'j %s Y \\à H\\:i',
-	'freshrss' => 'FreshRSS',
 	'freshrss_description' => 'FreshRSS est un agrégateur de flux RSS à auto-héberger à l’image de <a href="http://tontof.net/kriss/feed/">Kriss Feed</a> ou <a href="http://projet.idleman.fr/leed/">Leed</a>. Il se veut léger et facile à prendre en main tout en étant un outil puissant et paramétrable.',
 	'freshrss_installation' => 'Installation · FreshRSS',
 	'fri' => 'ven.',
-	'g+' => 'Google+',
 	'general_conf_is_ok' => 'La configuration générale a été enregistrée.',
 	'general_configuration' => 'Configuration générale',
 	'github_or_email' => '<a href="https://github.com/marienfressinaud/FreshRSS/issues">sur Github</a> ou <a href="mailto:dev@marienfressinaud.fr">par courriel</a>',
@@ -268,7 +271,6 @@ return array(
 	'last_year' => 'Depuis l’année dernière',
 	'lead_developer' => 'Développeur principal',
 	'license' => 'Licence',
-	'load_more' => 'Charger plus d’articles',
 	'log_is_ok' => 'Les droits sur le répertoire des logs sont bons',
 	'login_configuration' => 'Identification',
 	'login_persona_problem' => 'Problème de connexion à Persona ?',
@@ -287,7 +289,6 @@ return array(
 	'more_information' => 'Plus d’informations',
 	'n_entries_deleted' => '%d articles ont été supprimés.',
 	'n_feeds_actualized' => '%d flux ont été mis à jour.',
-	'new_article' => 'Il y a de nouveaux articles disponibles, cliquez pour rafraîchir la page.',
 	'new_category' => 'Nouvelle catégorie',
 	'next_article' => 'Passer à l’article suivant',
 	'next_page' => 'Passer à la page suivante',
@@ -305,7 +306,6 @@ return array(
 	'not_read' => '%d non lu',
 	'not_reads' => '%d non lus',
 	'not_yet_implemented' => 'Pas encore implémenté',
-	'nothing_to_load' => 'Fin des articles',
 	'nov' => 'nov.',
 	'november' => 'novembre',
 	'number_articles' => '%d articles',
@@ -334,7 +334,6 @@ return array(
 	'prefix' => 'Préfixe des tables',
 	'previous_article' => 'Passer à l’article précédent',
 	'previous_page' => 'Passer à la page précédente',
-	'print' => 'Imprimer',
 	'project_website' => 'Site du projet',
 	'public' => 'Public',
 	'publication_date' => 'Date de publication',
@@ -370,21 +369,16 @@ return array(
 	'random_string' => 'Chaîne aléatoire',
 	'reading_confirm' => 'Afficher une confirmation lors des actions “marquer tout comme lu”',
 	'refresh' => 'Actualisation',
-	'related_tags' => 'Tags associés',
 	'retrieve_truncated_feeds' => 'Permet de récupérer les flux tronqués (attention, demande plus de temps !)',
 	'rss_feed_management' => 'Gestion des flux RSS',
 	'rss_feeds_of' => 'Flux RSS de %s',
 	'sat' => 'sam.',
 	'save' => 'Enregistrer',
 	'scroll' => 'au défilement de la page',
-	'search' => 'Rechercher des mots ou des #tags',
-	'search_short' => 'Rechercher',
 	'seconds_(0_means_no_timeout)' => 'secondes (0 signifie aucun timeout ) ',
 	'see_on_website' => 'Voir sur le site d’origine',
 	'sep' => 'sep.',
 	'september' => 'septembre',
-	'shaarli' => 'Shaarli',
-	'share' => 'Partager',
 	'share_name' => 'Nom du partage à afficher',
 	'share_url' => 'URL du partage à utiliser',
 	'sharing_management' => 'Gestion des options de partage',
@@ -422,12 +416,10 @@ return array(
 	'think_to_add' => 'Vous pouvez ajouter des flux.',
 	'this_is_the_end' => 'This is the end',
 	'thu' => 'jeu.',
-	'today' => 'Aujourd’hui',
 	'top_line' => 'Ligne du haut',
 	'truncate' => 'Supprimer tous les articles',
 	'ttl' => 'Ne pas automatiquement rafraîchir plus souvent que',
 	'tue' => 'mar.',
-	'twitter' => 'Twitter',
 	'unsafe_autologin' => 'Autoriser les connexions automatiques non-sûres au format : ',
 	'update_apply' => 'Appliquer la mise à jour',
 	'update_can_apply' => 'Une mise à jour est disponible.',
@@ -452,7 +444,6 @@ return array(
 	'users_list' => 'Liste des utilisateurs',
 	'version' => 'Version',
 	'version_update' => 'Mise à jour',
-	'wallabag' => 'wallabag',
 	'website' => 'Site Internet',
 	'website_url' => 'URL du site',
 	'wed' => 'mer.',
@@ -461,10 +452,7 @@ return array(
 	'width_no_limit' => 'Pas de limite',
 	'width_thin' => 'Fine',
 	'yes' => 'Oui',
-	'yesterday' => 'Hier',
 	'your_diaspora_pod' => 'Votre pod Diaspora*',
-	'your_favorites' => 'Vos favoris',
-	'your_rss_feeds' => 'Vos flux RSS',
 	'your_shaarli' => 'Votre Shaarli',
 	'your_wallabag' => 'Votre wallabag',
 	'zip_error' => 'Une erreur est survenue durant l’import du fichier Zip.',
diff --git a/app/i18n/fr/index.php b/app/i18n/fr/index.php
index 4b8c85033..e21cc4410 100644
--- a/app/i18n/fr/index.php
+++ b/app/i18n/fr/index.php
@@ -1,7 +1,14 @@
 <?php
 
 return array(
-	'logs' => array(
+	'entry' => array(
+		'by_author' => 'Par <em>%s</em>',
+	),
+	'feed' => array(
+		'title' => 'Vos flux RSS',
+		'title_fav' => 'Vos favoris',
+	),
+	'log' => array(
 		'_' => 'Logs',
 		'clear' => 'Effacer les logs',
 		'empty' => 'Les logs sont vides.',
@@ -28,10 +35,26 @@ return array(
 		'read' => 'Afficher les non lus',
 		'reader_view' => 'Vue lecture',
 		'rss_view' => 'Flux RSS',
+		'search_short' => 'Rechercher',
 		'see_website' => 'Voir le site',
 		'starred' => 'Afficher les favoris',
 		'stats' => 'Statistiques',
 		'subscription' => 'Gestion des abonnements',
 		'unread' => 'Afficher les lus',
 	),
+	'share' => array(
+		'_' => 'Partager',
+		'blogotext' => 'Blogotext',
+		'diaspora' => 'Diaspora*',
+		'email' => 'Courriel',
+		'facebook' => 'Facebook',
+		'g+' => 'Google+',
+		'print' => 'Imprimer',
+		'shaarli' => 'Shaarli',
+		'twitter' => 'Twitter',
+		'wallabag' => 'wallabag',
+	),
+	'tag' => array(
+		'related' => 'Tags associés',
+	),
 );
diff --git a/app/layout/header.phtml b/app/layout/header.phtml
index 429cfc1d2..ba13c2a45 100644
--- a/app/layout/header.phtml
+++ b/app/layout/header.phtml
@@ -25,7 +25,7 @@ if (Minz_Configuration::canLogIn()) {
 		<form action="<?php echo _url('index', 'index'); ?>" method="get">
 			<div class="stick">
 				<?php $search = Minz_Request::param('search', ''); ?>
-				<input type="search" name="search" id="search" class="extend" value="<?php echo $search; ?>" placeholder="<?php echo _t('gen.search'); ?>" />
+				<input type="search" name="search" id="search" class="extend" value="<?php echo $search; ?>" placeholder="<?php echo _t('gen.menu.search'); ?>" />
 
 				<?php $get = Minz_Request::param('get', ''); ?>
 				<?php if ($get != '') { ?>
diff --git a/app/views/helpers/pagination.phtml b/app/views/helpers/pagination.phtml
index 3ea6c3582..8b40e4336 100755
--- a/app/views/helpers/pagination.phtml
+++ b/app/views/helpers/pagination.phtml
@@ -20,7 +20,7 @@
 	<li class="item pager-next">
 	<?php if (FreshRSS_Context::$next_id) { ?>
 		<a id="load_more" href="<?php echo Minz_Url::display($url_next); ?>">
-			<?php echo _t('load_more'); ?>
+			<?php echo _t('gen.pagination.load_more'); ?>
 		</a>
 	<?php } elseif ($url_mark_read) { ?>
 		<button id="bigMarkAsRead"
@@ -28,13 +28,13 @@
 		        form="mark-read-pagination"
 		        formaction="<?php echo Minz_Url::display($url_mark_read); ?>"
 		        type="submit">
-			<?php echo _t('nothing_to_load'); ?><br />
+			<?php echo _t('gen.pagination.nothing_to_load'); ?><br />
 			<span class="bigTick">✓</span><br />
-			<?php echo _t('mark_all_read'); ?>
+			<?php echo _t('gen.pagination.mark_all_read'); ?>
 		</button>
 	<?php } else { ?>
 		<a id="bigMarkAsRead" href=".">
-			<?php echo _t('nothing_to_load'); ?><br />
+			<?php echo _t('gen.pagination.nothing_to_load'); ?><br />
 		</a>
 	<?php } ?>
 	</li>
diff --git a/app/views/index/logs.phtml b/app/views/index/logs.phtml
index 0262325f5..02256bd98 100644
--- a/app/views/index/logs.phtml
+++ b/app/views/index/logs.phtml
@@ -1,10 +1,10 @@
 <div class="post content">
 	<a href="<?php echo _url('index', 'index'); ?>"><?php echo _t('gen.action.back_to_rss_feeds'); ?></a>
 
-	<h1><?php echo _t('index.logs'); ?></h1>
+	<h1><?php echo _t('index.log'); ?></h1>
 	<form method="post" action="<?php echo _url('index', 'logs'); ?>"><p>
 		<input type="hidden" name="clearLogs" />
-		<button type="submit" class="btn"><?php echo _t('index.logs.clear'); ?></button>
+		<button type="submit" class="btn"><?php echo _t('index.log.clear'); ?></button>
 	</p></form>
 
 	<?php $items = $this->logsPaginator->items(); ?>
@@ -20,6 +20,6 @@
 		<?php $this->logsPaginator->render('logs_pagination.phtml','page'); ?>
 	</div>
 	<?php } else { ?>
-	<p class="alert alert-warn"><?php echo _t('index.logs.empty'); ?></p>
+	<p class="alert alert-warn"><?php echo _t('index.log.empty'); ?></p>
 	<?php } ?>
 </div>
diff --git a/app/views/index/normal.phtml b/app/views/index/normal.phtml
index 02d621bd0..62fb68931 100644
--- a/app/views/index/normal.phtml
+++ b/app/views/index/normal.phtml
@@ -32,12 +32,12 @@ if (!empty($this->entries)) {
 
 <div id="stream" class="normal<?php echo $hidePosts ? ' hide_posts' : ''; ?>"><?php
 	?><div id="new-article">
-		<a href="<?php echo Minz_Url::display(Minz_Request::currentRequest()); ?>"><?php echo _t('new_article'); ?></a>
+		<a href="<?php echo Minz_Url::display(Minz_Request::currentRequest()); ?>"><?php echo _t('gen.js.new_article'); /* TODO: move string in JS*/ ?></a>
 	</div><?php
 	foreach ($this->entries as $item) {
 		if ($display_today && $item->isDay(FreshRSS_Days::TODAY, $today)) {
 			?><div class="day" id="day_today"><?php
-				echo _t('today');
+				echo _t('gen.date.today');
 				?><span class="date"> — <?php echo timestamptodate(time(), false); ?></span><?php
 				?><span class="name"><?php echo FreshRSS_Context::$name; ?></span><?php
 			?></div><?php
@@ -45,7 +45,7 @@ if (!empty($this->entries)) {
 		}
 		if ($display_yesterday && $item->isDay(FreshRSS_Days::YESTERDAY, $today)) {
 			?><div class="day" id="day_yesterday"><?php
-				echo _t('yesterday');
+				echo _t('gen.date.yesterday');
 				?><span class="date"> — <?php echo timestamptodate(time() - 86400, false); ?></span><?php
 				?><span class="name"><?php echo FreshRSS_Context::$name; ?></span><?php
 			?></div><?php
@@ -53,7 +53,7 @@ if (!empty($this->entries)) {
 		}
 		if ($display_others && $item->isDay(FreshRSS_Days::BEFORE_YESTERDAY, $today)) {
 			?><div class="day" id="day_before_yesterday"><?php
-				echo _t('before_yesterday');
+				echo _t('gen.date.before_yesterday');
 				?><span class="name"><?php echo FreshRSS_Context::$name; ?></span><?php
 			?></div><?php
 			$display_others = false;
@@ -100,7 +100,7 @@ if (!empty($this->entries)) {
 				<h1 class="title"><a target="_blank" href="<?php echo $item->link(); ?>"><?php echo $item->title(); ?></a></h1>
 				<?php
 					$author = $item->author();
-					echo $author != '' ? '<div class="author">' . _t('by_author', $author) . '</div>' : '',
+					echo $author != '' ? '<div class="author">' . _t('index.entry.by_author', $author) . '</div>' : '',
 						$lazyload && $hidePosts ? lazyimg($item->content()) : $item->content();
 				?>
 			</div>
@@ -135,7 +135,7 @@ if (!empty($this->entries)) {
 						<div id="dropdown-share-<?php echo $item->id();?>" class="dropdown-target"></div>
 						<a class="dropdown-toggle" href="#dropdown-share-<?php echo $item->id();?>">
 							<?php echo _i('share'); ?>
-							<?php echo _t('share'); ?>
+							<?php echo _t('index.share'); ?>
 						</a>
 
 						<ul class="dropdown-menu">
@@ -143,7 +143,7 @@ if (!empty($this->entries)) {
 							<?php foreach ($sharing as $share) :?>
 								<li class="item share">
 									<a target="_blank" href="<?php echo FreshRSS_Share::generateUrl(FreshRSS_Context::$conf->shares, $share, $item->link(), $item->title() . ' . ' . $feed->name())?>">
-										<?php echo _t($share['name']);?>
+										<?php echo _t('index.share.' . $share['name']);?>
 									</a>
 								</li>
 							<?php endforeach;?>
@@ -158,7 +158,7 @@ if (!empty($this->entries)) {
 						<div id="dropdown-tags-<?php echo $item->id();?>" class="dropdown-target"></div>
 						<?php echo _i('tag'); ?>
 						<a class="dropdown-toggle" href="#dropdown-tags-<?php echo $item->id();?>"><?php
-							echo _t('related_tags');
+							echo _t('index.tag.related');
 						?></a>
 						<ul class="dropdown-menu">
 							<li class="dropdown-close"><a href="#close">❌</a></li><?php
diff --git a/lib/lib_rss.php b/lib/lib_rss.php
index 8170c7fd9..264c69d58 100644
--- a/lib/lib_rss.php
+++ b/lib/lib_rss.php
@@ -79,11 +79,11 @@ function format_bytes($bytes, $precision = 2, $system = 'IEC') {
 }
 
 function timestamptodate ($t, $hour = true) {
-	$month = _t(date('M', $t));
+	$month = _t('gen.date.' . date('M', $t));
 	if ($hour) {
-		$date = _t('format_date_hour', $month);
+		$date = _t('gen.date.format_date_hour', $month);
 	} else {
-		$date = _t('format_date', $month);
+		$date = _t('gen.date.format_date', $month);
 	}
 
 	return @date ($date, $t);
@@ -110,7 +110,7 @@ function html_only_entity_decode($text) {
 function customSimplePie() {
 	$limits = Minz_Configuration::limits();
 	$simplePie = new SimplePie();
-	$simplePie->set_useragent(_t('freshrss') . '/' . FRESHRSS_VERSION . ' (' . PHP_OS . '; ' . FRESHRSS_WEBSITE . ') ' . SIMPLEPIE_NAME . '/' . SIMPLEPIE_VERSION);
+	$simplePie->set_useragent(_t('gen.freshrss') . '/' . FRESHRSS_VERSION . ' (' . PHP_OS . '; ' . FRESHRSS_WEBSITE . ') ' . SIMPLEPIE_NAME . '/' . SIMPLEPIE_VERSION);
 	$simplePie->set_cache_location(CACHE_PATH);
 	$simplePie->set_cache_duration($limits['cache_duration']);
 	$simplePie->set_timeout($limits['timeout']);
-- 
cgit v1.2.3


From 51a71ec4b9d62528054be8faee1576a8fd6d37f6 Mon Sep 17 00:00:00 2001
From: Marien Fressinaud <dev@marienfressinaud.fr>
Date: Mon, 5 Jan 2015 16:54:16 +0100
Subject: New configuration system (not working yet)

- Use only Minz_Configuration
- register() method to load a new configuration file
- get() to get a configuration
- new exceptions related to configuration
- fix a list configuration calls to have FRSS working

Current problems to resolve:

- How to handle configuration param verifications (i.e. check auth_type
  is a value from none, http_auth, persona or form)
- We must use $conf = Minz_Configuration::get('system'); $general_conf = $conf->general;
  to access global system configuration which is quite annoying. How to change that?

See https://github.com/FreshRSS/FreshRSS/issues/730
---
 app/Controllers/authController.php           |  36 +-
 app/FreshRSS.php                             |   8 +-
 app/Models/Auth.php                          |  40 ++-
 app/Models/Context.php                       |   4 +-
 app/Models/Factory.php                       |  16 +-
 app/Models/Feed.php                          |   3 +-
 app/layout/header.phtml                      |  13 +-
 app/layout/layout.phtml                      |   3 +-
 app/views/helpers/javascript_vars.phtml      |   3 +-
 data/config.default.php                      |  32 ++
 data/users/_/config.default.php              |  66 ++++
 lib/Minz/BadConfigurationException.php       |   9 -
 lib/Minz/Configuration.php                   | 517 ++++++++-------------------
 lib/Minz/ConfigurationException.php          |   8 +
 lib/Minz/ConfigurationNamespaceException.php |   4 +
 lib/Minz/ConfigurationParamException.php     |   4 +
 lib/Minz/Error.php                           |   7 +-
 lib/Minz/FrontController.php                 |  26 +-
 lib/Minz/Log.php                             |  11 +-
 lib/Minz/ModelPdo.php                        |   3 +-
 lib/Minz/Request.php                         |   3 +-
 lib/Minz/Translate.php                       |   3 +-
 lib/Minz/View.php                            |   4 +-
 p/i/index.php                                |   2 +-
 24 files changed, 384 insertions(+), 441 deletions(-)
 create mode 100644 data/config.default.php
 create mode 100644 data/users/_/config.default.php
 delete mode 100644 lib/Minz/BadConfigurationException.php
 create mode 100644 lib/Minz/ConfigurationException.php
 create mode 100644 lib/Minz/ConfigurationNamespaceException.php
 create mode 100644 lib/Minz/ConfigurationParamException.php

(limited to 'app/layout/header.phtml')

diff --git a/app/Controllers/authController.php b/app/Controllers/authController.php
index ccc32ec0d..f68ea8da5 100644
--- a/app/Controllers/authController.php
+++ b/app/Controllers/authController.php
@@ -27,6 +27,8 @@ class FreshRSS_auth_Controller extends Minz_ActionController {
 		if (Minz_Request::isPost()) {
 			$ok = true;
 
+			$system_conf = Minz_Configuration::get('system');
+			$general = $system_conf->general;
 			$current_token = FreshRSS_Context::$conf->token;
 			$token = Minz_Request::param('token', $current_token);
 			FreshRSS_Context::$conf->_token($token);
@@ -39,18 +41,21 @@ class FreshRSS_auth_Controller extends Minz_ActionController {
 			$auth_type = Minz_Request::param('auth_type', 'none');
 			$unsafe_autologin = Minz_Request::param('unsafe_autologin', false);
 			$api_enabled = Minz_Request::param('api_enabled', false);
-			if ($anon != Minz_Configuration::allowAnonymous() ||
-				$auth_type != Minz_Configuration::authType() ||
-				$anon_refresh != Minz_Configuration::allowAnonymousRefresh() ||
-				$unsafe_autologin != Minz_Configuration::unsafeAutologinEnabled() ||
-				$api_enabled != Minz_Configuration::apiEnabled()) {
-
-				Minz_Configuration::_authType($auth_type);
-				Minz_Configuration::_allowAnonymous($anon);
-				Minz_Configuration::_allowAnonymousRefresh($anon_refresh);
-				Minz_Configuration::_enableAutologin($unsafe_autologin);
-				Minz_Configuration::_enableApi($api_enabled);
-				$ok &= Minz_Configuration::writeFile();
+			if ($anon != $general['allow_anonymous'] ||
+				$auth_type != $general['auth_type'] ||
+				$anon_refresh != $general['allow_anonymous_refresh'] ||
+				$unsafe_autologin != $general['unsafe_autologin_enabled'] ||
+				$api_enabled != $general['api_enabled']) {
+
+				// TODO: test values from form
+				$general['auth_type'] = $auth_type;
+				$general['allow_anonymous'] = $anon;
+				$general['allow_anonymous_refresh'] = $anon_refresh;
+				$general['unsafe_autologin_enabled'] = $unsafe_autologin;
+				$general['api_enabled'] = $api_enabled;
+
+				$system_conf->general = $general;
+				$ok &= $system_conf->save();
 			}
 
 			invalidateHttpCache();
@@ -76,7 +81,8 @@ class FreshRSS_auth_Controller extends Minz_ActionController {
 			Minz_Request::forward(array('c' => 'index', 'a' => 'index'), true);
 		}
 
-		$auth_type = Minz_Configuration::authType();
+		$conf = Minz_Configuration::get('system');
+		$auth_type = $conf->general['auth_type'];
 		switch ($auth_type) {
 		case 'form':
 			Minz_Request::forward(array('c' => 'auth', 'a' => 'formLogin'));
@@ -114,6 +120,8 @@ class FreshRSS_auth_Controller extends Minz_ActionController {
 		$file_mtime = @filemtime(PUBLIC_PATH . '/scripts/bcrypt.min.js');
 		Minz_View::appendScript(Minz_Url::display('/scripts/bcrypt.min.js?' . $file_mtime));
 
+		$conf = Minz_Configuration::get('system');
+
 		if (Minz_Request::isPost()) {
 			$nonce = Minz_Session::param('nonce');
 			$username = Minz_Request::param('username', '');
@@ -154,7 +162,7 @@ class FreshRSS_auth_Controller extends Minz_ActionController {
 				Minz_Request::bad(_t('feedback.auth.login.invalid'),
 				                  array('c' => 'auth', 'a' => 'login'));
 			}
-		} elseif (Minz_Configuration::unsafeAutologinEnabled()) {
+		} elseif ($conf->general['unsafe_autologin_enabled']) {
 			$username = Minz_Request::param('u', '');
 			$password = Minz_Request::param('p', '');
 			Minz_Request::_param('p');
diff --git a/app/FreshRSS.php b/app/FreshRSS.php
index 6114a5d1a..455f2fefd 100644
--- a/app/FreshRSS.php
+++ b/app/FreshRSS.php
@@ -6,6 +6,11 @@ class FreshRSS extends Minz_FrontController {
 			Minz_Session::init('FreshRSS');
 		}
 
+		$current_user = Minz_Session::param('currentUser', '_');
+		Minz_Configuration::register('user',
+		                             join_path(USERS_PATH, $current_user, 'config.php'),
+		                             join_path(USERS_PATH, '_', 'config.default.php'));
+
 		// Need to be called just after session init because it initializes
 		// current user.
 		FreshRSS_Auth::init();
@@ -57,7 +62,8 @@ class FreshRSS extends Minz_FrontController {
 		Minz_View::appendScript(Minz_Url::display('/scripts/shortcut.js?' . @filemtime(PUBLIC_PATH . '/scripts/shortcut.js')));
 		Minz_View::appendScript(Minz_Url::display('/scripts/main.js?' . @filemtime(PUBLIC_PATH . '/scripts/main.js')));
 
-		if (Minz_Configuration::authType() === 'persona') {
+		$conf = Minz_Configuration::get('system');
+		if ($conf->general['auth_type'] === 'persona') {
 			// TODO move it in a plugin
 			// Needed for login AND logout with Persona.
 			Minz_View::appendScript('https://login.persona.org/include.js');
diff --git a/app/Models/Auth.php b/app/Models/Auth.php
index 2971d65c8..84b4e3721 100644
--- a/app/Models/Auth.php
+++ b/app/Models/Auth.php
@@ -16,7 +16,8 @@ class FreshRSS_Auth {
 		self::$login_ok = Minz_Session::param('loginOk', false);
 		$current_user = Minz_Session::param('currentUser', '');
 		if ($current_user === '') {
-			$current_user = Minz_Configuration::defaultUser();
+			$conf = Minz_Configuration::get('system');
+			$current_user = $conf->general['default_user'];
 			Minz_Session::_param('currentUser', $current_user);
 		}
 
@@ -40,7 +41,9 @@ class FreshRSS_Auth {
 	 * @return boolean true if user can be connected, false else.
 	 */
 	private static function accessControl() {
-		switch (Minz_Configuration::authType()) {
+		$conf = Minz_Configuration::get('system');
+		$auth_type = $conf->general['auth_type'];
+		switch ($auth_type) {
 		case 'form':
 			$credentials = FreshRSS_FormAuth::getCredentialsFromCookie();
 			$current_user = '';
@@ -79,22 +82,19 @@ class FreshRSS_Auth {
 	 * Gives access to the current user.
 	 */
 	public static function giveAccess() {
-		$current_user = Minz_Session::param('currentUser');
-		try {
-			$conf = new FreshRSS_Configuration($current_user);
-		} catch(Minz_Exception $e) {
-			die($e->getMessage());
-		}
+		$user_conf = Minz_Configuration::get('user');
+		$system_conf = Minz_Configuration::get('system');
+		$auth_type = $system_conf->general['auth_type'];
 
-		switch (Minz_Configuration::authType()) {
+		switch ($auth_type) {
 		case 'form':
-			self::$login_ok = Minz_Session::param('passwordHash') === $conf->passwordHash;
+			self::$login_ok = Minz_Session::param('passwordHash') === $user_conf->passwordHash;
 			break;
 		case 'http_auth':
 			self::$login_ok = strcasecmp($current_user, httpAuthUser()) === 0;
 			break;
 		case 'persona':
-			self::$login_ok = strcasecmp(Minz_Session::param('mail'), $conf->mail_login) === 0;
+			self::$login_ok = strcasecmp(Minz_Session::param('mail'), $user_conf->mail_login) === 0;
 			break;
 		case 'none':
 			self::$login_ok = true;
@@ -114,12 +114,14 @@ class FreshRSS_Auth {
 	 * @return boolean true if user has corresponding access, false else.
 	 */
 	public static function hasAccess($scope = 'general') {
+		$conf = Minz_Configuration::get('system');
+		$default_user = $conf->general['default_user'];
 		$ok = self::$login_ok;
 		switch ($scope) {
 		case 'general':
 			break;
 		case 'admin':
-			$ok &= Minz_Session::param('currentUser') === Minz_Configuration::defaultUser();
+			$ok &= Minz_Session::param('currentUser') === $default_user;
 			break;
 		default:
 			$ok = false;
@@ -133,9 +135,10 @@ class FreshRSS_Auth {
 	public static function removeAccess() {
 		Minz_Session::_param('loginOk');
 		self::$login_ok = false;
-		Minz_Session::_param('currentUser', Minz_Configuration::defaultUser());
+		$conf = Minz_Configuration::get('system');
+		Minz_Session::_param('currentUser', $conf->general['default_user']);
 
-		switch (Minz_Configuration::authType()) {
+		switch ($conf->general['auth_type']) {
 		case 'form':
 			Minz_Session::_param('passwordHash');
 			FreshRSS_FormAuth::deleteCookie();
@@ -151,6 +154,15 @@ class FreshRSS_Auth {
 			// TODO: extensions
 		}
 	}
+
+	/**
+	 * Return if authentication is enabled on this instance of FRSS.
+	 */
+	public static function accessNeedLogin() {
+		$conf = Minz_Configuration::get('system');
+		$auth_type = $conf->general['auth_type'];
+		return $auth_type === 'form' || $auth_type === 'persona';
+	}
 }
 
 
diff --git a/app/Models/Context.php b/app/Models/Context.php
index c8a65063a..9bbad9857 100644
--- a/app/Models/Context.php
+++ b/app/Models/Context.php
@@ -41,10 +41,10 @@ class FreshRSS_Context {
 	 */
 	public static function init() {
 		// Init configuration.
-		$current_user = Minz_Session::param('currentUser');
 		try {
-			self::$conf = new FreshRSS_Configuration($current_user);
+			self::$conf = Minz_Configuration::get('user');
 		} catch(Minz_Exception $e) {
+			$current_user = Minz_Session::param('currentUser', '_');
 			Minz_Log::error('Cannot load configuration file of user `' . $current_user . '`');
 			die($e->getMessage());
 		}
diff --git a/app/Models/Factory.php b/app/Models/Factory.php
index 91cb84998..db09d155d 100644
--- a/app/Models/Factory.php
+++ b/app/Models/Factory.php
@@ -3,8 +3,8 @@
 class FreshRSS_Factory {
 
 	public static function createFeedDao($username = null) {
-		$db = Minz_Configuration::dataBase();
-		if ($db['type'] === 'sqlite') {
+		$conf = Minz_Configuration::get('system');
+		if ($conf->db['type'] === 'sqlite') {
 			return new FreshRSS_FeedDAOSQLite($username);
 		} else {
 			return new FreshRSS_FeedDAO($username);
@@ -12,8 +12,8 @@ class FreshRSS_Factory {
 	}
 
 	public static function createEntryDao($username = null) {
-		$db = Minz_Configuration::dataBase();
-		if ($db['type'] === 'sqlite') {
+		$conf = Minz_Configuration::get('system');
+		if ($conf->db['type'] === 'sqlite') {
 			return new FreshRSS_EntryDAOSQLite($username);
 		} else {
 			return new FreshRSS_EntryDAO($username);
@@ -21,8 +21,8 @@ class FreshRSS_Factory {
 	}
 
 	public static function createStatsDAO($username = null) {
-		$db = Minz_Configuration::dataBase();
-		if ($db['type'] === 'sqlite') {
+		$conf = Minz_Configuration::get('system');
+		if ($conf->db['type'] === 'sqlite') {
 			return new FreshRSS_StatsDAOSQLite($username);
 		} else {
 			return new FreshRSS_StatsDAO($username);
@@ -30,8 +30,8 @@ class FreshRSS_Factory {
 	}
 
 	public static function createDatabaseDAO($username = null) {
-		$db = Minz_Configuration::dataBase();
-		if ($db['type'] === 'sqlite') {
+		$conf = Minz_Configuration::get('system');
+		if ($conf->db['type'] === 'sqlite') {
 			return new FreshRSS_DatabaseDAOSQLite($username);
 		} else {
 			return new FreshRSS_DatabaseDAO($username);
diff --git a/app/Models/Feed.php b/app/Models/Feed.php
index 8f4b60097..071eafdf6 100644
--- a/app/Models/Feed.php
+++ b/app/Models/Feed.php
@@ -39,8 +39,9 @@ class FreshRSS_Feed extends Minz_Model {
 	}
 
 	public function hash() {
+		$conf = Minz_Configuration::get('system');
 		if ($this->hash === null) {
-			$this->hash = hash('crc32b', Minz_Configuration::salt() . $this->url);
+			$this->hash = hash('crc32b', $conf->general['salt'] . $this->url);
 		}
 		return $this->hash;
 	}
diff --git a/app/layout/header.phtml b/app/layout/header.phtml
index ba13c2a45..2f16b5f63 100644
--- a/app/layout/header.phtml
+++ b/app/layout/header.phtml
@@ -1,5 +1,8 @@
 <?php
-if (Minz_Configuration::canLogIn()) {
+
+$conf = Minz_Configuration::get('system');
+
+if (FreshRSS_Auth::accessNeedLogin()) {
 	?><ul class="nav nav-head nav-login"><?php
 		if (FreshRSS_Auth::hasAccess()) {
 			?><li class="item"><?php echo _i('logout'); ?> <a class="signout" href="<?php echo _url('auth', 'logout'); ?>"><?php echo _t('gen.auth.logout'); ?></a></li><?php
@@ -15,13 +18,13 @@ if (Minz_Configuration::canLogIn()) {
 		<h1>
 			<a href="<?php echo _url('index', 'index'); ?>">
 				<img class="logo" src="<?php echo _i('icon', true); ?>" alt="⊚" />
-				<?php echo Minz_Configuration::title(); ?>
+				<?php echo $conf->general['title']; ?>
 			</a>
 		</h1>
 	</div>
 
 	<div class="item search">
-		<?php if (FreshRSS_Auth::hasAccess() || Minz_Configuration::allowAnonymous()) { ?>
+		<?php if (FreshRSS_Auth::hasAccess() || $conf->general['allow_anonymous']) { ?>
 		<form action="<?php echo _url('index', 'index'); ?>" method="get">
 			<div class="stick">
 				<?php $search = Minz_Request::param('search', ''); ?>
@@ -76,14 +79,14 @@ if (Minz_Configuration::canLogIn()) {
 				<li class="item"><a href="<?php echo _url('index', 'logs'); ?>"><?php echo _t('gen.menu.logs'); ?></a></li>
 				<li class="item"><a href="<?php echo _url('index', 'about'); ?>"><?php echo _t('gen.menu.about'); ?></a></li>
 				<?php
-				if (Minz_Configuration::canLogIn()) {
+				if (FreshRSS_Auth::accessNeedLogin()) {
 					?><li class="separator"></li>
 				<li class="item"><a class="signout" href="<?php echo _url('auth', 'logout'); ?>"><?php echo _i('logout'), ' ', _t('gen.auth.logout'); ?></a></li><?php
 				} ?>
 			</ul>
 		</div>
 	</div>
-	<?php } elseif (Minz_Configuration::canLogIn()) { ?>
+	<?php } elseif (FreshRSS_Auth::accessNeedLogin()) { ?>
 	<div class="item configure">
 		<?php echo _i('login'); ?><a class="signin" href="<?php echo _url('auth', 'login'); ?>"><?php echo _t('gen.auth.login'); ?></a>
 	</div>
diff --git a/app/layout/layout.phtml b/app/layout/layout.phtml
index 1827d6c26..656fbe9bc 100644
--- a/app/layout/layout.phtml
+++ b/app/layout/layout.phtml
@@ -10,6 +10,7 @@
 <?php $this->renderHelper('javascript_vars'); ?>
 		//]]></script>
 <?php
+	$conf = Minz_Configuration::get('system');
 	$url_base = Minz_Request::currentRequest();
 	if (FreshRSS_Context::$next_id !== '') {
 		$url_next = $url_base;
@@ -34,7 +35,7 @@
 		<link rel="apple-touch-icon" href="<?php echo Minz_Url::display('/themes/icons/apple-touch-icon.png'); ?>">
 		<meta name="apple-mobile-web-app-capable" content="yes" />
 		<meta name="apple-mobile-web-app-status-bar-style" content="black" />
-		<meta name="apple-mobile-web-app-title" content="<?php echo Minz_Configuration::title(); ?>">
+		<meta name="apple-mobile-web-app-title" content="<?php echo $conf->general['title'] ?>">
 		<meta name="msapplication-TileColor" content="#FFF" />
 		<meta name="robots" content="noindex,nofollow" />
 	</head>
diff --git a/app/views/helpers/javascript_vars.phtml b/app/views/helpers/javascript_vars.phtml
index 6577e0109..02f2014ee 100644
--- a/app/views/helpers/javascript_vars.phtml
+++ b/app/views/helpers/javascript_vars.phtml
@@ -1,6 +1,7 @@
 "use strict";
 <?php
 
+$conf = Minz_Configuration::get('system');
 $mark = FreshRSS_Context::$conf->mark_when;
 $mail = Minz_Session::param('mail', false);
 $auto_actualize = Minz_Session::param('actualize_feeds', false);
@@ -29,7 +30,7 @@ echo 'var context={',
 	'does_lazyload:', FreshRSS_Context::$conf->lazyload ? 'true' : 'false', ',',
 	'sticky_post:', FreshRSS_Context::isStickyPostEnabled() ? 'true' : 'false', ',',
 	'html5_notif_timeout:', FreshRSS_Context::$conf->html5_notif_timeout, ',',
-	'auth_type:"', Minz_Configuration::authType(), '",',
+	'auth_type:"', $conf->general['auth_type'], '",',
 	'current_user_mail:', $mail ? ('"' . $mail . '"') : 'null', ',',
 	'current_view:"', Minz_Request::param('output', 'normal'), '"',
 "},\n";
diff --git a/data/config.default.php b/data/config.default.php
new file mode 100644
index 000000000..a69d8050b
--- /dev/null
+++ b/data/config.default.php
@@ -0,0 +1,32 @@
+<?php
+
+return array(
+	'general' => array(
+		'environment' => 'production',
+		'salt' => '',
+		'base_url' => '',
+		'language' => 'en',
+		'title' => 'FreshRSS',
+		'default_user' => '_',
+		'allow_anonymous' => false,
+		'allow_anonymous_refresh' => false,
+		'auth_type' => 'none',
+		'api_enabled' => false,
+		'unsafe_autologin_enabled' => false,
+	),
+	'limits' => array(
+		'cache_duration' => 800,
+		'timeout' => 10,
+		'max_inactivity' => PHP_INT_MAX,
+		'max_feeds' => 16384,
+		'max_categories' => 16384,
+	),
+	'db' => array(
+		'type' => 'sqlite',
+		'host' => '',
+		'user' => '',
+		'password' => '',
+		'base' => '',
+		'prefix' => '',
+	),
+);
diff --git a/data/users/_/config.default.php b/data/users/_/config.default.php
new file mode 100644
index 000000000..56d54b293
--- /dev/null
+++ b/data/users/_/config.default.php
@@ -0,0 +1,66 @@
+<?php
+
+return array (
+	'language' => 'en',
+	'old_entries' => 3,
+	'keep_history_default' => 0,
+	'ttl_default' => 3600,
+	'mail_login' => '',
+	'token' => '',
+	'passwordHash' => '',
+	'apiPasswordHash' => '',
+	'posts_per_page' => 20,
+	'view_mode' => 'normal',
+	'default_view' => 'adaptive',
+	'default_state' => FreshRSS_Entry::STATE_NOT_READ,
+	'auto_load_more' => true,
+	'display_posts' => false,
+	'display_categories' => false,
+	'hide_read_feeds' => true,
+	'onread_jump_next' => true,
+	'lazyload' => true,
+	'sticky_post' => true,
+	'reading_confirm' => false,
+	'auto_remove_article' => false,
+	'sort_order' => 'DESC',
+	'anon_access' => false,
+	'mark_when' => array (
+		'article' => true,
+		'site' => true,
+		'scroll' => false,
+		'reception' => false,
+	),
+	'theme' => 'Origine',
+	'content_width' => 'thin',
+	'shortcuts' => array (
+		'mark_read' => 'r',
+		'mark_favorite' => 'f',
+		'go_website' => 'space',
+		'next_entry' => 'j',
+		'prev_entry' => 'k',
+		'first_entry' => 'home',
+		'last_entry' => 'end',
+		'collapse_entry' => 'c',
+		'load_more' => 'm',
+		'auto_share' => 's',
+		'focus_search' => 'a',
+		'user_filter' => 'u',
+		'help' => 'f1',
+		'close_dropdown' => 'escape',
+	),
+	'topline_read' => true,
+	'topline_favorite' => true,
+	'topline_date' => true,
+	'topline_link' => true,
+	'bottomline_read' => true,
+	'bottomline_favorite' => true,
+	'bottomline_sharing' => true,
+	'bottomline_tags' => true,
+	'bottomline_date' => true,
+	'bottomline_link' => true,
+	'sharing' => array (
+	),
+	'queries' => array (
+	),
+	'html5_notif_timeout' => 0,
+);
diff --git a/lib/Minz/BadConfigurationException.php b/lib/Minz/BadConfigurationException.php
deleted file mode 100644
index a7b77d687..000000000
--- a/lib/Minz/BadConfigurationException.php
+++ /dev/null
@@ -1,9 +0,0 @@
-<?php
-class Minz_BadConfigurationException extends Minz_Exception {
-	public function __construct ($part_missing, $code = self::ERROR) {
-		$message = '`' . $part_missing
-		         . '` in the configuration file is missing or is misconfigured';
-		
-		parent::__construct ($message, $code);
-	}
-}
diff --git a/lib/Minz/Configuration.php b/lib/Minz/Configuration.php
index 6cbc9fc0b..66df21a31 100644
--- a/lib/Minz/Configuration.php
+++ b/lib/Minz/Configuration.php
@@ -1,419 +1,192 @@
 <?php
-/**
- * MINZ - Copyright 2011 Marien Fressinaud
- * Sous licence AGPL3 <http://www.gnu.org/licenses/>
-*/
 
 /**
- * La classe Configuration permet de gérer la configuration de l'application
+ * Manage configuration for the application.
  */
 class Minz_Configuration {
-	const CONF_PATH_NAME = '/config.php';
-
 	/**
-	 * VERSION est la version actuelle de MINZ
+	 * The list of configurations.
 	 */
-	const VERSION = '1.3.1.freshrss';  // version spéciale FreshRSS
+	private static $config_list = array();
 
 	/**
-	 * valeurs possibles pour l'"environment"
-	 * SILENT rend l'application muette (pas de log)
-	 * PRODUCTION est recommandée pour une appli en production
-	 *			(log les erreurs critiques)
-	 * DEVELOPMENT log toutes les erreurs
+	 * Add a new configuration to the list of configuration.
+	 *
+	 * @param $namespace the name of the current configuration
+	 * @param $config_filename the filename of the configuration
+	 * @param $default_filename a filename containing default values for the configuration
+	 * @throws Minz_ConfigurationNamespaceException if the namespace already exists.
 	 */
-	const SILENT = 0;
-	const PRODUCTION = 1;
-	const DEVELOPMENT = 2;
+	public static function register($namespace, $config_filename, $default_filename = null) {
+		if (isset(self::$config_list[$namespace])) {
+			throw new Minz_ConfigurationNamespaceException(
+				$namespace . ' namespace already exists'
+			);
+		}
+
+		self::$config_list[$namespace] = new Minz_Configuration(
+			$namespace, $config_filename, $default_filename
+		);
+	}
 
 	/**
-	 * définition des variables de configuration
-	 * $salt une chaîne de caractères aléatoires (obligatoire)
-	 * $environment gère le niveau d'affichage pour log et erreurs
-	 * $base_url le chemin de base pour accéder à l'application
-	 * $title le nom de l'application
-	 * $language la langue par défaut de l'application
-	 * $db paramètres pour la base de données (tableau)
-	 *     - host le serveur de la base
-	 *     - user nom d'utilisateur
-	 *     - password mot de passe de l'utilisateur
-	 *     - base le nom de la base de données
+	 * Parse a file and return its data.
+	 *
+	 * If the file does not contain a valid PHP code returning an array, an
+	 * empty array is returned anyway.
+	 *
+	 * @param $filename the name of the file to parse.
+	 * @return an array of values
+	 * @throws Minz_FileNotExistException if the file does not exist.
 	 */
-	private static $salt = '';
-	private static $environment = Minz_Configuration::PRODUCTION;
-	private static $base_url = '';
-	private static $title = '';
-	private static $language = 'en';
-	private static $default_user = '';
-	private static $allow_anonymous = false;
-	private static $allow_anonymous_refresh = false;
-	private static $auth_type = 'none';
-	private static $api_enabled = false;
-	private static $unsafe_autologin_enabled = false;
-
-	private static $db = array (
-		'type' => 'mysql',
-		'host' => '',
-		'user' => '',
-		'password' => '',
-		'base' => '',
-		'prefix' => '',
-	);
-
-	const MAX_SMALL_INT = 16384;
-	private static $limits = array(
-		'cache_duration' => 800,	//SimplePie cache duration in seconds
-		'timeout' => 10,	//SimplePie timeout in seconds
-		'max_inactivity' => PHP_INT_MAX,	//Time in seconds after which a user who has not used the account is considered inactive (no auto-refresh of feeds).
-		'max_feeds' => Minz_Configuration::MAX_SMALL_INT,
-		'max_categories' => Minz_Configuration::MAX_SMALL_INT,
-	);
+	public static function parseFile($filename) {
+		if (!file_exists($filename)) {
+			throw new Minz_FileNotExistException($filename);
+		}
 
-	/*
-	 * Getteurs
-	 */
-	public static function salt () {
-		return self::$salt;
+		$data = @include($filename);
+		if (is_array($data)) {
+			return $data;
+		} else {
+			return array();
+		}
 	}
-	public static function environment ($str = false) {
-		$env = self::$environment;
 
-		if ($str) {
-			switch (self::$environment) {
-			case self::SILENT:
-				$env = 'silent';
-				break;
-			case self::DEVELOPMENT:
-				$env = 'development';
-				break;
-			case self::PRODUCTION:
-			default:
-				$env = 'production';
-			}
+	/**
+	 * Return the configuration related to a given namespace.
+	 *
+	 * @param $namespace the name of the configuration to get.
+	 * @return a Minz_Configuration object
+	 * @throws Minz_ConfigurationNamespaceException if the namespace does not exist.
+	 */
+	public static function get($namespace) {
+		if (!isset(self::$config_list[$namespace])) {
+			throw new Minz_ConfigurationNamespaceException(
+				$namespace . ' namespace does not exist'
+			);
 		}
 
-		return $env;
-	}
-	public static function baseUrl () {
-		return self::$base_url;
-	}
-	public static function title () {
-		return self::$title;
-	}
-	public static function language () {
-		return self::$language;
-	}
-	public static function dataBase () {
-		return self::$db;
-	}
-	public static function limits() {
-		return self::$limits;
-	}
-	public static function defaultUser () {
-		return self::$default_user;
-	}
-	public static function allowAnonymous() {
-		return self::$allow_anonymous;
-	}
-	public static function allowAnonymousRefresh() {
-		return self::$allow_anonymous_refresh;
-	}
-	public static function authType() {
-		return self::$auth_type;
-	}
-	public static function needsLogin() {
-		return self::$auth_type !== 'none';
-	}
-	public static function canLogIn() {
-		return self::$auth_type === 'form' || self::$auth_type === 'persona';
-	}
-	public static function apiEnabled() {
-		return self::$api_enabled;
-	}
-	public static function unsafeAutologinEnabled() {
-		return self::$unsafe_autologin_enabled;
+		return self::$config_list[$namespace];
 	}
 
-	public static function _allowAnonymous($allow = false) {
-		self::$allow_anonymous = ((bool)$allow) && self::canLogIn();
-	}
-	public static function _allowAnonymousRefresh($allow = false) {
-		self::$allow_anonymous_refresh = ((bool)$allow) && self::allowAnonymous();
-	}
-	public static function _authType($value) {
-		$value = strtolower($value);
-		switch ($value) {
-			case 'form':
-			case 'http_auth':
-			case 'persona':
-			case 'none':
-				self::$auth_type = $value;
-				break;
-		}
-		self::_allowAnonymous(self::$allow_anonymous);
-	}
+	/**
+	 * The namespace of the current configuration.
+	 */
+	private $namespace = '';
 
-	public static function _enableApi($value = false) {
-		self::$api_enabled = (bool)$value;
-	}
-	public static function _enableAutologin($value = false) {
-		self::$unsafe_autologin_enabled = (bool)$value;
-	}
+	/**
+	 * The filename for the current configuration.
+	 */
+	private $config_filename = '';
+
+	/**
+	 * The filename for the current default values, null by default.
+	 */
+	private $default_filename = null;
+
+	/**
+	 * The configuration values, an empty array by default.
+	 */
+	private $data = array();
+
+	/**
+	 * The default values, an empty array by default.
+	 */
+	private $data_default = array();
 
 	/**
-	 * Initialise les variables de configuration
-	 * @exception Minz_FileNotExistException si le CONF_PATH_NAME n'existe pas
-	 * @exception Minz_BadConfigurationException si CONF_PATH_NAME mal formaté
+	 * Create a new Minz_Configuration object.
+	 * 
+	 * @param $namespace the name of the current configuration.
+	 * @param $config_filename the file containing configuration values.
+	 * @param $default_filename the file containing default values, null by default.
 	 */
-	public static function init () {
+	private function __construct($namespace, $config_filename, $default_filename = null) {
+		$this->namespace = $namespace;
+		$this->config_filename = $config_filename;
+
 		try {
-			self::parseFile ();
-			self::setReporting ();
+			$this->data = self::parseFile($this->config_filename);
 		} catch (Minz_FileNotExistException $e) {
-			throw $e;
-		} catch (Minz_BadConfigurationException $e) {
-			throw $e;
+			if (is_null($default_filename)) {
+				throw $e;
+			}
 		}
-	}
 
-	public static function writeFile() {
-		$ini_array = array(
-			'general' => array(
-				'environment' => self::environment(true),
-				'salt' => self::$salt,
-				'base_url' => self::$base_url,
-				'title' => self::$title,
-				'default_user' => self::$default_user,
-				'allow_anonymous' => self::$allow_anonymous,
-				'allow_anonymous_refresh' => self::$allow_anonymous_refresh,
-				'auth_type' => self::$auth_type,
-				'api_enabled' => self::$api_enabled,
-				'unsafe_autologin_enabled' => self::$unsafe_autologin_enabled,
-			),
-			'limits' => self::$limits,
-			'db' => self::$db,
-		);
-		@rename(DATA_PATH . self::CONF_PATH_NAME, DATA_PATH . self::CONF_PATH_NAME . '.bak.php');
-		$result = file_put_contents(DATA_PATH . self::CONF_PATH_NAME, "<?php\n return " . var_export($ini_array, true) . ';');
-		if (function_exists('opcache_invalidate')) {
-			opcache_invalidate(DATA_PATH . self::CONF_PATH_NAME);	//Clear PHP 5.5+ cache for include
+		$this->default_filename = $default_filename;
+		if (!is_null($this->default_filename)) {
+			$this->data_default = self::parseFile($this->default_filename);
 		}
-		return (bool)$result;
 	}
 
 	/**
-	 * Parse un fichier de configuration
-	 * @exception Minz_PermissionDeniedException si le CONF_PATH_NAME n'est pas accessible
-	 * @exception Minz_BadConfigurationException si CONF_PATH_NAME mal formaté
+	 * Return the value of the given param.
+	 * 
+	 * @param $key the name of the param.
+	 * @param $default default value to return if key does not exist.
+	 * @return the value corresponding to the key.
+	 * @throws Minz_ConfigurationParamException if the param does not exist
 	 */
-	private static function parseFile () {
-		$ini_array = include(DATA_PATH . self::CONF_PATH_NAME);
-
-		if (!is_array($ini_array)) {
-			throw new Minz_PermissionDeniedException (
-				DATA_PATH . self::CONF_PATH_NAME,
-				Minz_Exception::ERROR
+	public function param($key, $default = null) {
+		if (isset($this->data[$key])) {
+			return $this->data[$key];
+		} elseif (!is_null($default)) {
+			return $default;
+		} elseif (isset($this->data_default[$key])) {
+			return $this->data_default[$key];
+		} else {
+			throw new Minz_ConfigurationParamException(
+				$key . ' param does not exist'
 			);
 		}
+	}
 
-		// [general] est obligatoire
-		if (!isset ($ini_array['general'])) {
-			throw new Minz_BadConfigurationException (
-				'[general]',
-				Minz_Exception::ERROR
-			);
-		}
-		$general = $ini_array['general'];
+	/**
+	 * A wrapper for param().
+	 */
+	public function __get($key) {
+		return $this->param($key);
+	}
 
-		// salt est obligatoire
-		if (!isset ($general['salt'])) {
-			if (isset($general['sel_application'])) {	//v0.6
-				$general['salt'] = $general['sel_application'];
-			} else {
-				throw new Minz_BadConfigurationException (
-					'salt',
-					Minz_Exception::ERROR
-				);
-			}
+	/**
+	 * Set or remove a param.
+	 *
+	 * @param $key the param name to set.
+	 * @param $value the value to set. If null, the key is removed from the configuration.
+	 */
+	public function _param($key, $value = null) {
+		if (isset($this->data[$key]) && is_null($value)) {
+			unset($this->data[$key]);
+		} else {
+			$this->data[$key] = $value;
 		}
-		self::$salt = $general['salt'];
-
-		if (isset ($general['environment'])) {
-			switch ($general['environment']) {
-			case 'silent':
-				self::$environment = Minz_Configuration::SILENT;
-				break;
-			case 'development':
-				self::$environment = Minz_Configuration::DEVELOPMENT;
-				break;
-			case 'production':
-				self::$environment = Minz_Configuration::PRODUCTION;
-				break;
-			default:
-				if ($general['environment'] >= 0 &&
-					$general['environment'] <= 2) {
-					// fallback 0.7-beta
-					self::$environment = $general['environment'];
-				} else {
-					throw new Minz_BadConfigurationException (
-						'environment',
-						Minz_Exception::ERROR
-					);
-				}
-			}
+	}
 
-		}
-		if (isset ($general['base_url'])) {
-			self::$base_url = $general['base_url'];
-		}
+	/**
+	 * A wrapper for _param().
+	 */
+	public function __set($key, $value) {
+		$this->_param($key, $value);
+	}
 
-		if (isset ($general['title'])) {
-			self::$title = $general['title'];
-		}
-		if (isset ($general['language'])) {
-			self::$language = $general['language'];
-		}
-		if (isset ($general['default_user'])) {
-			self::$default_user = $general['default_user'];
-		}
-		if (isset ($general['auth_type'])) {
-			self::_authType($general['auth_type']);
-		}
-		if (isset ($general['allow_anonymous'])) {
-			self::$allow_anonymous = (
-				((bool)($general['allow_anonymous'])) &&
-				($general['allow_anonymous'] !== 'no')
-			);
-		}
-		if (isset ($general['allow_anonymous_refresh'])) {
-			self::$allow_anonymous_refresh = (
-				((bool)($general['allow_anonymous_refresh'])) &&
-				($general['allow_anonymous_refresh'] !== 'no')
-			);
-		}
-		if (isset ($general['api_enabled'])) {
-			self::$api_enabled = (
-				((bool)($general['api_enabled'])) &&
-				($general['api_enabled'] !== 'no')
-			);
-		}
-		if (isset ($general['unsafe_autologin_enabled'])) {
-			self::$unsafe_autologin_enabled = (
-				((bool)($general['unsafe_autologin_enabled'])) &&
-				($general['unsafe_autologin_enabled'] !== 'no')
-			);
-		}
+	/**
+	 * Save the current configuration in the configuration file.
+	 */
+	public function save() {
+		$back_filename = $this->config_filename . '.bak.php';
+		@rename($this->config_filename, $back_filename);
 
-		if (isset($ini_array['limits'])) {
-			$limits = $ini_array['limits'];
-			if (isset($limits['cache_duration'])) {
-				$v = intval($limits['cache_duration']);
-				if ($v > 0) {
-					self::$limits['cache_duration'] = $v;
-				}
-			}
-			if (isset($limits['timeout'])) {
-				$v = intval($limits['timeout']);
-				if ($v > 0) {
-					self::$limits['timeout'] = $v;
-				}
-			}
-			if (isset($limits['max_inactivity'])) {
-				$v = intval($limits['max_inactivity']);
-				if ($v > 0) {
-					self::$limits['max_inactivity'] = $v;
-				}
-			}
-			if (isset($limits['max_feeds'])) {
-				$v = intval($limits['max_feeds']);
-				if ($v > 0 && $v < Minz_Configuration::MAX_SMALL_INT) {
-					self::$limits['max_feeds'] = $v;
-				}
-			}
-			if (isset($limits['max_categories'])) {
-				$v = intval($limits['max_categories']);
-				if ($v > 0 && $v < Minz_Configuration::MAX_SMALL_INT) {
-					self::$limits['max_categories'] = $v;
-				}
-			}
+		if (file_put_contents($this->config_filename,
+		                      "<?php\nreturn " . var_export($this->data, true) . ';',
+		                      LOCK_EX) === false) {
+			return false;
 		}
 
-		// Base de données
-		if (isset ($ini_array['db'])) {
-			$db = $ini_array['db'];
-			if (empty($db['type'])) {
-				throw new Minz_BadConfigurationException (
-					'type',
-					Minz_Exception::ERROR
-				);
-			}
-			switch ($db['type']) {
-				case 'mysql':
-					if (empty($db['host'])) {
-						throw new Minz_BadConfigurationException (
-							'host',
-							Minz_Exception::ERROR
-						);
-					}
-					if (empty($db['user'])) {
-						throw new Minz_BadConfigurationException (
-							'user',
-							Minz_Exception::ERROR
-						);
-					}
-					if (!isset($db['password'])) {
-						throw new Minz_BadConfigurationException (
-							'password',
-							Minz_Exception::ERROR
-						);
-					}
-					if (empty($db['base'])) {
-						throw new Minz_BadConfigurationException (
-							'base',
-							Minz_Exception::ERROR
-						);
-					}
-					self::$db['host'] = $db['host'];
-					self::$db['user'] = $db['user'];
-					self::$db['password'] = $db['password'];
-					self::$db['base'] = $db['base'];
-					if (isset($db['prefix'])) {
-						self::$db['prefix'] = $db['prefix'];
-					}
-					break;
-				case 'sqlite':
-					self::$db['host'] = '';
-					self::$db['user'] = '';
-					self::$db['password'] = '';
-					self::$db['base'] = '';
-					self::$db['prefix'] = '';
-					break;
-				default:
-					throw new Minz_BadConfigurationException (
-						'type',
-						Minz_Exception::ERROR
-					);
-					break;
-			}
-			self::$db['type'] = $db['type'];
+		// Clear PHP 5.5+ cache for include
+		if (function_exists('opcache_invalidate')) {
+			opcache_invalidate($this->config_filename);
 		}
-	}
 
-	private static function setReporting() {
-		switch (self::$environment) {
-			case self::PRODUCTION:
-				error_reporting(E_ALL);
-				ini_set('display_errors','Off');
-				ini_set('log_errors', 'On');
-				break;
-			case self::DEVELOPMENT:
-				error_reporting(E_ALL);
-				ini_set('display_errors','On');
-				ini_set('log_errors', 'On');
-				break;
-			case self::SILENT:
-				error_reporting(0);
-				break;
-		}
+		return true;
 	}
 }
diff --git a/lib/Minz/ConfigurationException.php b/lib/Minz/ConfigurationException.php
new file mode 100644
index 000000000..f294c3341
--- /dev/null
+++ b/lib/Minz/ConfigurationException.php
@@ -0,0 +1,8 @@
+<?php
+
+class Minz_ConfigurationException extends Minz_Exception {
+	public function __construct($error, $code = self::ERROR) {
+		$message = 'Configuration error: ' . $error;
+		parent::__construct($message, $code);
+	}
+}
diff --git a/lib/Minz/ConfigurationNamespaceException.php b/lib/Minz/ConfigurationNamespaceException.php
new file mode 100644
index 000000000..f4278c5d6
--- /dev/null
+++ b/lib/Minz/ConfigurationNamespaceException.php
@@ -0,0 +1,4 @@
+<?php
+
+class Minz_ConfigurationNamespaceException extends Minz_ConfigurationException {
+}
diff --git a/lib/Minz/ConfigurationParamException.php b/lib/Minz/ConfigurationParamException.php
new file mode 100644
index 000000000..eac977935
--- /dev/null
+++ b/lib/Minz/ConfigurationParamException.php
@@ -0,0 +1,4 @@
+<?php
+
+class Minz_ConfigurationParamException extends Minz_ConfigurationException {
+}
diff --git a/lib/Minz/Error.php b/lib/Minz/Error.php
index e5f3dff07..6af23a566 100644
--- a/lib/Minz/Error.php
+++ b/lib/Minz/Error.php
@@ -82,7 +82,8 @@ class Minz_Error {
 	 *       > en fonction de l'environment
 	 */
 	private static function processLogs ($logs) {
-		$env = Minz_Configuration::environment ();
+		$conf = Minz_Configuration::get('system');
+		$env = $conf->general['environment'];
 		$logs_ok = array ();
 		$error = array ();
 		$warning = array ();
@@ -98,10 +99,10 @@ class Minz_Error {
 			$notice = $logs['notice'];
 		}
 
-		if ($env == Minz_Configuration::PRODUCTION) {
+		if ($env == 'production') {
 			$logs_ok = $error;
 		}
-		if ($env == Minz_Configuration::DEVELOPMENT) {
+		if ($env == 'development') {
 			$logs_ok = array_merge ($error, $warning, $notice);
 		}
 
diff --git a/lib/Minz/FrontController.php b/lib/Minz/FrontController.php
index 3dac1e438..974cf4260 100644
--- a/lib/Minz/FrontController.php
+++ b/lib/Minz/FrontController.php
@@ -31,9 +31,12 @@ class Minz_FrontController {
 	 */
 	public function __construct () {
 		try {
-			Minz_Configuration::init ();
+			Minz_Configuration::register('system',
+			                             DATA_PATH . '/config.php',
+			                             DATA_PATH . '/config.default.php');
+			$this->setReporting();
 
-			Minz_Request::init ();
+			Minz_Request::init();
 
 			$url = $this->buildUrl();
 			$url['params'] = array_merge (
@@ -110,4 +113,23 @@ class Minz_FrontController {
 		}
 		exit ('### Application problem ###<br />'."\n".$txt);
 	}
+
+	private function setReporting() {
+		$conf = Minz_Configuration::get('system');
+		switch($conf->general['environment']) {
+		case 'production':
+			error_reporting(E_ALL);
+			ini_set('display_errors','Off');
+			ini_set('log_errors', 'On');
+			break;
+		case 'development':
+			error_reporting(E_ALL);
+			ini_set('display_errors','On');
+			ini_set('log_errors', 'On');
+			break;
+		case 'silent':
+			error_reporting(0);
+			break;
+		}
+	}
 }
diff --git a/lib/Minz/Log.php b/lib/Minz/Log.php
index d19edc1dc..2063efe7e 100644
--- a/lib/Minz/Log.php
+++ b/lib/Minz/Log.php
@@ -31,10 +31,15 @@ class Minz_Log {
 	 * @param $file_name fichier de log
 	 */
 	public static function record ($information, $level, $file_name = null) {
-		$env = Minz_Configuration::environment ();
+		try {
+			$conf = Minz_Configuration::get('system');
+			$env = $conf->general['environment'];
+		} catch (Minz_ConfigurationException $e) {
+			$env = 'production';
+		}
 
-		if (! ($env === Minz_Configuration::SILENT
-		       || ($env === Minz_Configuration::PRODUCTION
+		if (! ($env === 'silent'
+		       || ($env === 'production'
 		       && ($level >= Minz_Log::NOTICE)))) {
 			if ($file_name === null) {
 				$file_name = join_path(USERS_PATH, Minz_Session::param('currentUser', '_'), 'log.txt');
diff --git a/lib/Minz/ModelPdo.php b/lib/Minz/ModelPdo.php
index 118d89ad2..ac7a1bed7 100644
--- a/lib/Minz/ModelPdo.php
+++ b/lib/Minz/ModelPdo.php
@@ -44,7 +44,8 @@ class Minz_ModelPdo {
 			return;
 		}
 
-		$db = Minz_Configuration::dataBase();
+		$conf = Minz_Configuration::get('system');
+		$db = $conf->db;
 
 		if ($currentUser === null) {
 			$currentUser = Minz_Session::param('currentUser', '_');
diff --git a/lib/Minz/Request.php b/lib/Minz/Request.php
index 4b97a3caf..5f2f6a858 100644
--- a/lib/Minz/Request.php
+++ b/lib/Minz/Request.php
@@ -96,7 +96,8 @@ class Minz_Request {
 	 * @return la base de l'url
 	 */
 	public static function getBaseUrl() {
-		$defaultBaseUrl = Minz_Configuration::baseUrl();
+		$conf = Minz_Configuration::get('system');
+		$defaultBaseUrl = $conf->general['base_url'];
 		if (!empty($defaultBaseUrl)) {
 			return $defaultBaseUrl;
 		} elseif (isset($_SERVER['REQUEST_URI'])) {
diff --git a/lib/Minz/Translate.php b/lib/Minz/Translate.php
index e7efb8665..7525e95cc 100644
--- a/lib/Minz/Translate.php
+++ b/lib/Minz/Translate.php
@@ -28,7 +28,8 @@ class Minz_Translate {
 	 * Load $lang_name and $lang_path based on configuration and selected language.
 	 */
 	public static function init() {
-		$l = Minz_Configuration::language();
+		$conf = Minz_Configuration::get('system');
+		$l = $conf->general['language'];
 		self::$lang_name = Minz_Session::param('language', $l);
 		self::$lang_path = APP_PATH . '/i18n/' . self::$lang_name . '/';
 	}
diff --git a/lib/Minz/View.php b/lib/Minz/View.php
index b40448491..24ad630d0 100644
--- a/lib/Minz/View.php
+++ b/lib/Minz/View.php
@@ -28,7 +28,9 @@ class Minz_View {
 	public function __construct () {
 		$this->change_view(Minz_Request::controllerName(),
 		                   Minz_Request::actionName());
-		self::$title = Minz_Configuration::title ();
+
+		$conf = Minz_Configuration::get('system');
+		self::$title = $conf->general['title'];
 	}
 
 	/**
diff --git a/p/i/index.php b/p/i/index.php
index 009d56bc3..d3fc0b37c 100755
--- a/p/i/index.php
+++ b/p/i/index.php
@@ -33,7 +33,7 @@ if (file_exists(DATA_PATH . '/do-install.txt')) {
 		$currentUser = Minz_Session::param('currentUser', '');
 		$dateLastModification = $currentUser === '' ? time() : max(
 			@filemtime(join_path(USERS_PATH, $currentUser, 'log.txt')),
-			@filemtime(join_path(DATA_PATH . 'config.php'))
+			@filemtime(join_path(DATA_PATH, 'config.php'))
 		);
 		if (httpConditional($dateLastModification, 0, 0, false, PHP_COMPRESSION, true)) {
 			exit();	//No need to send anything
-- 
cgit v1.2.3


From d3a93ea2905ae50a2365d293f9f3ef3e51bf5f30 Mon Sep 17 00:00:00 2001
From: Marien Fressinaud <dev@marienfressinaud.fr>
Date: Tue, 6 Jan 2015 18:53:36 +0100
Subject: BREAKING FEATURE: Remove general in config

General attribute has been removed from system config.
Now subattributes (e.g. environment, salt, title, etc.) are directly accessible.

YOU HAVE TO FIX YOUR ./data/config.php file!

- Remove the general array
- Values inside this array must be kept
- To see what it must look like, please have a look to ./data/config.default.php
  (but keep your values!!).

See https://github.com/FreshRSS/FreshRSS/issues/730
---
 app/Controllers/authController.php       | 28 +++++++++++++---------------
 app/Controllers/feedController.php       |  2 +-
 app/Controllers/indexController.php      |  6 +++---
 app/Controllers/javascriptController.php |  2 +-
 app/Controllers/userController.php       |  4 ++--
 app/FreshRSS.php                         |  2 +-
 app/Models/Auth.php                      | 14 +++++++-------
 app/Models/Feed.php                      |  4 ++--
 app/layout/header.phtml                  |  6 ++----
 app/layout/layout.phtml                  |  2 +-
 app/views/helpers/javascript_vars.phtml  |  3 +--
 data/config.default.php                  | 24 +++++++++++-------------
 lib/Minz/Error.php                       |  2 +-
 lib/Minz/FrontController.php             |  2 +-
 lib/Minz/Log.php                         |  2 +-
 lib/Minz/Request.php                     |  2 +-
 lib/Minz/Translate.php                   |  2 +-
 lib/Minz/View.php                        |  2 +-
 18 files changed, 51 insertions(+), 58 deletions(-)

(limited to 'app/layout/header.phtml')

diff --git a/app/Controllers/authController.php b/app/Controllers/authController.php
index 3a1ad4605..4ae9ff7fb 100644
--- a/app/Controllers/authController.php
+++ b/app/Controllers/authController.php
@@ -27,7 +27,6 @@ class FreshRSS_auth_Controller extends Minz_ActionController {
 		if (Minz_Request::isPost()) {
 			$ok = true;
 
-			$general = FreshRSS_Context::$system_conf->general;
 			$current_token = FreshRSS_Context::$user_conf->token;
 			$token = Minz_Request::param('token', $current_token);
 			FreshRSS_Context::$user_conf->_token($token);
@@ -40,20 +39,19 @@ class FreshRSS_auth_Controller extends Minz_ActionController {
 			$auth_type = Minz_Request::param('auth_type', 'none');
 			$unsafe_autologin = Minz_Request::param('unsafe_autologin', false);
 			$api_enabled = Minz_Request::param('api_enabled', false);
-			if ($anon != $general['allow_anonymous'] ||
-				$auth_type != $general['auth_type'] ||
-				$anon_refresh != $general['allow_anonymous_refresh'] ||
-				$unsafe_autologin != $general['unsafe_autologin_enabled'] ||
-				$api_enabled != $general['api_enabled']) {
+			if ($anon != FreshRSS_Context::$system_conf->allow_anonymous ||
+				$auth_type != FreshRSS_Context::$system_conf->auth_type ||
+				$anon_refresh != FreshRSS_Context::$system_conf->allow_anonymous_refresh ||
+				$unsafe_autologin != FreshRSS_Context::$system_conf->unsafe_autologin_enabled ||
+				$api_enabled != FreshRSS_Context::$system_conf->api_enabled) {
 
 				// TODO: test values from form
-				$general['auth_type'] = $auth_type;
-				$general['allow_anonymous'] = $anon;
-				$general['allow_anonymous_refresh'] = $anon_refresh;
-				$general['unsafe_autologin_enabled'] = $unsafe_autologin;
-				$general['api_enabled'] = $api_enabled;
+				FreshRSS_Context::$system_conf->auth_type = $auth_type;
+				FreshRSS_Context::$system_conf->allow_anonymous = $anon;
+				FreshRSS_Context::$system_conf->allow_anonymous_refresh = $anon_refresh;
+				FreshRSS_Context::$system_conf->unsafe_autologin_enabled = $unsafe_autologin;
+				FreshRSS_Context::$system_conf->api_enabled = $api_enabled;
 
-				$system_conf->general = $general;
 				$ok &= $system_conf->save();
 			}
 
@@ -80,7 +78,7 @@ class FreshRSS_auth_Controller extends Minz_ActionController {
 			Minz_Request::forward(array('c' => 'index', 'a' => 'index'), true);
 		}
 
-		$auth_type = FreshRSS_Context::$system_conf->general['auth_type'];
+		$auth_type = FreshRSS_Context::$system_conf->auth_type;
 		switch ($auth_type) {
 		case 'form':
 			Minz_Request::forward(array('c' => 'auth', 'a' => 'formLogin'));
@@ -160,7 +158,7 @@ class FreshRSS_auth_Controller extends Minz_ActionController {
 				Minz_Request::bad(_t('feedback.auth.login.invalid'),
 				                  array('c' => 'auth', 'a' => 'login'));
 			}
-		} elseif (FreshRSS_Context::$system_conf->general['unsafe_autologin_enabled']) {
+		} elseif (FreshRSS_Context::$system_conf->unsafe_autologin_enabled) {
 			$username = Minz_Request::param('u', '');
 			$password = Minz_Request::param('p', '');
 			Minz_Request::_param('p');
@@ -301,7 +299,7 @@ class FreshRSS_auth_Controller extends Minz_ActionController {
 
 		$this->view->no_form = false;
 		// Enable changement of auth only if Persona!
-		if (FreshRSS_Context::$system_conf->general['auth_type'] != 'persona') {
+		if (FreshRSS_Context::$system_conf->auth_type != 'persona') {
 			$this->view->message = array(
 				'status' => 'bad',
 				'title' => _t('gen.short.damn'),
diff --git a/app/Controllers/feedController.php b/app/Controllers/feedController.php
index df1e559bc..c22669361 100755
--- a/app/Controllers/feedController.php
+++ b/app/Controllers/feedController.php
@@ -18,7 +18,7 @@ class FreshRSS_feed_Controller extends Minz_ActionController {
 			$token_param = Minz_Request::param('token', '');
 			$token_is_ok = ($token != '' && $token == $token_param);
 			$action = Minz_Request::actionName();
-			$allow_anonymous_refresh = FreshRSS_Context::$system_conf->general['allow_anonymous_refresh'];
+			$allow_anonymous_refresh = FreshRSS_Context::$system_conf->allow_anonymous_refresh;
 			if ($action !== 'actualize' ||
 					!($allow_anonymous_refresh || $token_is_ok)) {
 				Minz_Error::error(403);
diff --git a/app/Controllers/indexController.php b/app/Controllers/indexController.php
index d948504cc..c53d3223e 100755
--- a/app/Controllers/indexController.php
+++ b/app/Controllers/indexController.php
@@ -20,7 +20,7 @@ class FreshRSS_index_Controller extends Minz_ActionController {
 	 * This action displays the normal view of FreshRSS.
 	 */
 	public function normalAction() {
-		$allow_anonymous = FreshRSS_Context::$system_conf->general['allow_anonymous'];
+		$allow_anonymous = FreshRSS_Context::$system_conf->allow_anonymous;
 		if (!FreshRSS_Auth::hasAccess() && !$allow_anonymous) {
 			Minz_Request::forward(array('c' => 'auth', 'a' => 'login'));
 			return;
@@ -83,7 +83,7 @@ class FreshRSS_index_Controller extends Minz_ActionController {
 	 * This action displays the global view of FreshRSS.
 	 */
 	public function globalAction() {
-		$allow_anonymous = FreshRSS_Context::$system_conf->general['allow_anonymous'];
+		$allow_anonymous = FreshRSS_Context::$system_conf->allow_anonymous;
 		if (!FreshRSS_Auth::hasAccess() && !$allow_anonymous) {
 			Minz_Request::forward(array('c' => 'auth', 'a' => 'login'));
 			return;
@@ -111,7 +111,7 @@ class FreshRSS_index_Controller extends Minz_ActionController {
 	 * This action displays the RSS feed of FreshRSS.
 	 */
 	public function rssAction() {
-		$allow_anonymous = FreshRSS_Context::$system_conf->general['allow_anonymous'];
+		$allow_anonymous = FreshRSS_Context::$system_conf->allow_anonymous;
 		$token = FreshRSS_Context::$user_conf->token;
 		$token_param = Minz_Request::param('token', '');
 		$token_is_ok = ($token != '' && $token === $token_param);
diff --git a/app/Controllers/javascriptController.php b/app/Controllers/javascriptController.php
index dd9aa6189..acd3fef69 100755
--- a/app/Controllers/javascriptController.php
+++ b/app/Controllers/javascriptController.php
@@ -28,7 +28,7 @@ class FreshRSS_javascript_Controller extends Minz_ActionController {
 		$user = isset($_GET['user']) ? $_GET['user'] : '';
 		if (ctype_alnum($user)) {
 			try {
-				$salt = FreshRSS_Context::$system_conf->general['salt'];
+				$salt = FreshRSS_Context::$system_conf->salt;
 				$conf = new FreshRSS_Configuration($user);
 				$s = $conf->passwordHash;
 				if (strlen($s) >= 60) {
diff --git a/app/Controllers/userController.php b/app/Controllers/userController.php
index be2ae943e..bfc2dfb3b 100644
--- a/app/Controllers/userController.php
+++ b/app/Controllers/userController.php
@@ -118,7 +118,7 @@ class FreshRSS_user_Controller extends Minz_ActionController {
 			$ok = ($new_user_name != '') && ctype_alnum($new_user_name);
 
 			if ($ok) {
-				$default_user = FreshRSS_Context::$system_conf->general['default_user'];
+				$default_user = FreshRSS_Context::$system_conf->default_user;
 				$ok &= (strcasecmp($new_user_name, $default_user) !== 0);	//It is forbidden to alter the default user
 
 				$ok &= !in_array(strtoupper($new_user_name), array_map('strtoupper', listUsers()));	//Not an existing user, case-insensitive
@@ -188,7 +188,7 @@ class FreshRSS_user_Controller extends Minz_ActionController {
 			$user_data = join_path(DATA_PATH, 'users', $username);
 
 			if ($ok) {
-				$default_user = FreshRSS_Context::$system_conf->general['default_user'];
+				$default_user = FreshRSS_Context::$system_conf->default_user;
 				$ok &= (strcasecmp($username, $default_user) !== 0);	//It is forbidden to delete the default user
 			}
 			if ($ok) {
diff --git a/app/FreshRSS.php b/app/FreshRSS.php
index b22bfdb4b..a53174394 100644
--- a/app/FreshRSS.php
+++ b/app/FreshRSS.php
@@ -62,7 +62,7 @@ class FreshRSS extends Minz_FrontController {
 		Minz_View::appendScript(Minz_Url::display('/scripts/shortcut.js?' . @filemtime(PUBLIC_PATH . '/scripts/shortcut.js')));
 		Minz_View::appendScript(Minz_Url::display('/scripts/main.js?' . @filemtime(PUBLIC_PATH . '/scripts/main.js')));
 
-		if (FreshRSS_Context::$system_conf->general['auth_type'] === 'persona') {
+		if (FreshRSS_Context::$system_conf->auth_type === 'persona') {
 			// TODO move it in a plugin
 			// Needed for login AND logout with Persona.
 			Minz_View::appendScript('https://login.persona.org/include.js');
diff --git a/app/Models/Auth.php b/app/Models/Auth.php
index 84b4e3721..05ec61d0e 100644
--- a/app/Models/Auth.php
+++ b/app/Models/Auth.php
@@ -17,7 +17,7 @@ class FreshRSS_Auth {
 		$current_user = Minz_Session::param('currentUser', '');
 		if ($current_user === '') {
 			$conf = Minz_Configuration::get('system');
-			$current_user = $conf->general['default_user'];
+			$current_user = $conf->default_user;
 			Minz_Session::_param('currentUser', $current_user);
 		}
 
@@ -42,7 +42,7 @@ class FreshRSS_Auth {
 	 */
 	private static function accessControl() {
 		$conf = Minz_Configuration::get('system');
-		$auth_type = $conf->general['auth_type'];
+		$auth_type = $conf->auth_type;
 		switch ($auth_type) {
 		case 'form':
 			$credentials = FreshRSS_FormAuth::getCredentialsFromCookie();
@@ -84,7 +84,7 @@ class FreshRSS_Auth {
 	public static function giveAccess() {
 		$user_conf = Minz_Configuration::get('user');
 		$system_conf = Minz_Configuration::get('system');
-		$auth_type = $system_conf->general['auth_type'];
+		$auth_type = $system_conf->auth_type;
 
 		switch ($auth_type) {
 		case 'form':
@@ -115,7 +115,7 @@ class FreshRSS_Auth {
 	 */
 	public static function hasAccess($scope = 'general') {
 		$conf = Minz_Configuration::get('system');
-		$default_user = $conf->general['default_user'];
+		$default_user = $conf->default_user;
 		$ok = self::$login_ok;
 		switch ($scope) {
 		case 'general':
@@ -136,9 +136,9 @@ class FreshRSS_Auth {
 		Minz_Session::_param('loginOk');
 		self::$login_ok = false;
 		$conf = Minz_Configuration::get('system');
-		Minz_Session::_param('currentUser', $conf->general['default_user']);
+		Minz_Session::_param('currentUser', $conf->default_user);
 
-		switch ($conf->general['auth_type']) {
+		switch ($conf->auth_type) {
 		case 'form':
 			Minz_Session::_param('passwordHash');
 			FreshRSS_FormAuth::deleteCookie();
@@ -160,7 +160,7 @@ class FreshRSS_Auth {
 	 */
 	public static function accessNeedLogin() {
 		$conf = Minz_Configuration::get('system');
-		$auth_type = $conf->general['auth_type'];
+		$auth_type = $conf->auth_type;
 		return $auth_type === 'form' || $auth_type === 'persona';
 	}
 }
diff --git a/app/Models/Feed.php b/app/Models/Feed.php
index 071eafdf6..86cbb783e 100644
--- a/app/Models/Feed.php
+++ b/app/Models/Feed.php
@@ -39,9 +39,9 @@ class FreshRSS_Feed extends Minz_Model {
 	}
 
 	public function hash() {
-		$conf = Minz_Configuration::get('system');
 		if ($this->hash === null) {
-			$this->hash = hash('crc32b', $conf->general['salt'] . $this->url);
+			$salt = FreshRSS_Context::$system_conf->salt;
+			$this->hash = hash('crc32b', $salt . $this->url);
 		}
 		return $this->hash;
 	}
diff --git a/app/layout/header.phtml b/app/layout/header.phtml
index 2f16b5f63..97e24a1d9 100644
--- a/app/layout/header.phtml
+++ b/app/layout/header.phtml
@@ -1,7 +1,5 @@
 <?php
 
-$conf = Minz_Configuration::get('system');
-
 if (FreshRSS_Auth::accessNeedLogin()) {
 	?><ul class="nav nav-head nav-login"><?php
 		if (FreshRSS_Auth::hasAccess()) {
@@ -18,13 +16,13 @@ if (FreshRSS_Auth::accessNeedLogin()) {
 		<h1>
 			<a href="<?php echo _url('index', 'index'); ?>">
 				<img class="logo" src="<?php echo _i('icon', true); ?>" alt="⊚" />
-				<?php echo $conf->general['title']; ?>
+				<?php echo FreshRSS_Context::$system_conf->title; ?>
 			</a>
 		</h1>
 	</div>
 
 	<div class="item search">
-		<?php if (FreshRSS_Auth::hasAccess() || $conf->general['allow_anonymous']) { ?>
+		<?php if (FreshRSS_Auth::hasAccess() || FreshRSS_Context::$system_conf->allow_anonymous) { ?>
 		<form action="<?php echo _url('index', 'index'); ?>" method="get">
 			<div class="stick">
 				<?php $search = Minz_Request::param('search', ''); ?>
diff --git a/app/layout/layout.phtml b/app/layout/layout.phtml
index b3734aa56..ed8029fe0 100644
--- a/app/layout/layout.phtml
+++ b/app/layout/layout.phtml
@@ -35,7 +35,7 @@
 		<link rel="apple-touch-icon" href="<?php echo Minz_Url::display('/themes/icons/apple-touch-icon.png'); ?>">
 		<meta name="apple-mobile-web-app-capable" content="yes" />
 		<meta name="apple-mobile-web-app-status-bar-style" content="black" />
-		<meta name="apple-mobile-web-app-title" content="<?php echo $conf->general['title'] ?>">
+		<meta name="apple-mobile-web-app-title" content="<?php echo FreshRSS_Context::$system_conf->title; ?>">
 		<meta name="msapplication-TileColor" content="#FFF" />
 		<meta name="robots" content="noindex,nofollow" />
 	</head>
diff --git a/app/views/helpers/javascript_vars.phtml b/app/views/helpers/javascript_vars.phtml
index aa73e297e..fec3a6f7c 100644
--- a/app/views/helpers/javascript_vars.phtml
+++ b/app/views/helpers/javascript_vars.phtml
@@ -1,7 +1,6 @@
 "use strict";
 <?php
 
-$conf = Minz_Configuration::get('system');
 $mark = FreshRSS_Context::$user_conf->mark_when;
 $mail = Minz_Session::param('mail', false);
 $auto_actualize = Minz_Session::param('actualize_feeds', false);
@@ -30,7 +29,7 @@ echo 'var context={',
 	'does_lazyload:', FreshRSS_Context::$user_conf->lazyload ? 'true' : 'false', ',',
 	'sticky_post:', FreshRSS_Context::isStickyPostEnabled() ? 'true' : 'false', ',',
 	'html5_notif_timeout:', FreshRSS_Context::$user_conf->html5_notif_timeout, ',',
-	'auth_type:"', $conf->general['auth_type'], '",',
+	'auth_type:"', FreshRSS_Context::$system_conf->auth_type, '",',
 	'current_user_mail:', $mail ? ('"' . $mail . '"') : 'null', ',',
 	'current_view:"', Minz_Request::param('output', 'normal'), '"',
 "},\n";
diff --git a/data/config.default.php b/data/config.default.php
index a69d8050b..193ac5726 100644
--- a/data/config.default.php
+++ b/data/config.default.php
@@ -1,19 +1,17 @@
 <?php
 
 return array(
-	'general' => array(
-		'environment' => 'production',
-		'salt' => '',
-		'base_url' => '',
-		'language' => 'en',
-		'title' => 'FreshRSS',
-		'default_user' => '_',
-		'allow_anonymous' => false,
-		'allow_anonymous_refresh' => false,
-		'auth_type' => 'none',
-		'api_enabled' => false,
-		'unsafe_autologin_enabled' => false,
-	),
+	'environment' => 'production',
+	'salt' => '',
+	'base_url' => '',
+	'language' => 'en',
+	'title' => 'FreshRSS',
+	'default_user' => '_',
+	'allow_anonymous' => false,
+	'allow_anonymous_refresh' => false,
+	'auth_type' => 'none',
+	'api_enabled' => false,
+	'unsafe_autologin_enabled' => false,
 	'limits' => array(
 		'cache_duration' => 800,
 		'timeout' => 10,
diff --git a/lib/Minz/Error.php b/lib/Minz/Error.php
index 6af23a566..3eadc6d98 100644
--- a/lib/Minz/Error.php
+++ b/lib/Minz/Error.php
@@ -83,7 +83,7 @@ class Minz_Error {
 	 */
 	private static function processLogs ($logs) {
 		$conf = Minz_Configuration::get('system');
-		$env = $conf->general['environment'];
+		$env = $conf->environment;
 		$logs_ok = array ();
 		$error = array ();
 		$warning = array ();
diff --git a/lib/Minz/FrontController.php b/lib/Minz/FrontController.php
index 974cf4260..f9eff3db6 100644
--- a/lib/Minz/FrontController.php
+++ b/lib/Minz/FrontController.php
@@ -116,7 +116,7 @@ class Minz_FrontController {
 
 	private function setReporting() {
 		$conf = Minz_Configuration::get('system');
-		switch($conf->general['environment']) {
+		switch($conf->environment) {
 		case 'production':
 			error_reporting(E_ALL);
 			ini_set('display_errors','Off');
diff --git a/lib/Minz/Log.php b/lib/Minz/Log.php
index 2063efe7e..2a9e10993 100644
--- a/lib/Minz/Log.php
+++ b/lib/Minz/Log.php
@@ -33,7 +33,7 @@ class Minz_Log {
 	public static function record ($information, $level, $file_name = null) {
 		try {
 			$conf = Minz_Configuration::get('system');
-			$env = $conf->general['environment'];
+			$env = $conf->environment;
 		} catch (Minz_ConfigurationException $e) {
 			$env = 'production';
 		}
diff --git a/lib/Minz/Request.php b/lib/Minz/Request.php
index 5f2f6a858..6db2e9c7a 100644
--- a/lib/Minz/Request.php
+++ b/lib/Minz/Request.php
@@ -97,7 +97,7 @@ class Minz_Request {
 	 */
 	public static function getBaseUrl() {
 		$conf = Minz_Configuration::get('system');
-		$defaultBaseUrl = $conf->general['base_url'];
+		$defaultBaseUrl = $conf->base_url;
 		if (!empty($defaultBaseUrl)) {
 			return $defaultBaseUrl;
 		} elseif (isset($_SERVER['REQUEST_URI'])) {
diff --git a/lib/Minz/Translate.php b/lib/Minz/Translate.php
index 7525e95cc..39200e81f 100644
--- a/lib/Minz/Translate.php
+++ b/lib/Minz/Translate.php
@@ -29,7 +29,7 @@ class Minz_Translate {
 	 */
 	public static function init() {
 		$conf = Minz_Configuration::get('system');
-		$l = $conf->general['language'];
+		$l = $conf->language;
 		self::$lang_name = Minz_Session::param('language', $l);
 		self::$lang_path = APP_PATH . '/i18n/' . self::$lang_name . '/';
 	}
diff --git a/lib/Minz/View.php b/lib/Minz/View.php
index 24ad630d0..481b0376d 100644
--- a/lib/Minz/View.php
+++ b/lib/Minz/View.php
@@ -30,7 +30,7 @@ class Minz_View {
 		                   Minz_Request::actionName());
 
 		$conf = Minz_Configuration::get('system');
-		self::$title = $conf->general['title'];
+		self::$title = $conf->title;
 	}
 
 	/**
-- 
cgit v1.2.3


From 5f9672111f86c693d843138c00934a6c3eeede45 Mon Sep 17 00:00:00 2001
From: Marien Fressinaud <dev@marienfressinaud.fr>
Date: Tue, 6 Jan 2015 20:50:58 +0100
Subject: Fix last calls to Minz_Configuration methods

- We have still to fix actualize_script and greader api (refactoring?)
- We have to fix the FreshRSS_Configuration calls
- We have to fix availableLanguages calls

See https://github.com/FreshRSS/FreshRSS/issues/730
---
 app/Controllers/authController.php  |  7 +++----
 app/Models/Auth.php                 | 14 ++++++++++++--
 app/Models/EntryDAO.php             |  2 +-
 app/Models/UserDAO.php              |  4 ++--
 app/layout/aside_feed.phtml         |  2 +-
 app/layout/header.phtml             |  6 +++---
 app/layout/layout.phtml             |  1 -
 app/layout/nav_menu.phtml           |  2 +-
 app/views/auth/index.phtml          | 32 ++++++++++++++++----------------
 app/views/helpers/export/opml.phtml |  2 +-
 app/views/index/index.phtml         |  2 +-
 app/views/user/profile.phtml        |  2 +-
 12 files changed, 42 insertions(+), 34 deletions(-)

(limited to 'app/layout/header.phtml')

diff --git a/app/Controllers/authController.php b/app/Controllers/authController.php
index 4ae9ff7fb..02b8119e9 100644
--- a/app/Controllers/authController.php
+++ b/app/Controllers/authController.php
@@ -310,7 +310,7 @@ class FreshRSS_auth_Controller extends Minz_ActionController {
 		}
 
 		// TODO #730
-		$conf = new FreshRSS_Configuration(Minz_Configuration::defaultUser());
+		$conf = new FreshRSS_Configuration(FreshRSS_Context::$system_conf->default_user);
 		// Admin user must have set its master password.
 		if (!$conf->passwordHash) {
 			$this->view->message = array(
@@ -334,9 +334,8 @@ class FreshRSS_auth_Controller extends Minz_ActionController {
 			);
 
 			if ($ok) {
-				// TODO #730
-				Minz_Configuration::_authType('form');
-				$ok = Minz_Configuration::writeFile();
+				FreshRSS_Context::$system_conf->auth_type = 'form';
+				$ok = FreshRSS_Context::$system_conf->save();
 
 				if ($ok) {
 					Minz_Request::good(_t('feedback.auth.form.set'));
diff --git a/app/Models/Auth.php b/app/Models/Auth.php
index 05ec61d0e..917e151ca 100644
--- a/app/Models/Auth.php
+++ b/app/Models/Auth.php
@@ -158,7 +158,16 @@ class FreshRSS_Auth {
 	/**
 	 * Return if authentication is enabled on this instance of FRSS.
 	 */
-	public static function accessNeedLogin() {
+	public static function accessNeedsLogin() {
+		$conf = Minz_Configuration::get('system');
+		$auth_type = $conf->auth_type;
+		return $auth_type !== 'none';
+	}
+
+	/**
+	 * Return if authentication requires a PHP action.
+	 */
+	public static function accessNeedsAction() {
 		$conf = Minz_Configuration::get('system');
 		$auth_type = $conf->auth_type;
 		return $auth_type === 'form' || $auth_type === 'persona';
@@ -206,7 +215,8 @@ class FreshRSS_FormAuth {
 
 	public static function makeCookie($username, $password_hash) {
 		do {
-			$token = sha1(Minz_Configuration::salt() . $username . uniqid(mt_rand(), true));
+			$conf = Minz_Configuration::get('system');
+			$token = sha1($conf->salt . $username . uniqid(mt_rand(), true));
 			$token_file = DATA_PATH . '/tokens/' . $token . '.txt';
 		} while (file_exists($token_file));
 
diff --git a/app/Models/EntryDAO.php b/app/Models/EntryDAO.php
index 4d06ac028..61beeea13 100644
--- a/app/Models/EntryDAO.php
+++ b/app/Models/EntryDAO.php
@@ -586,7 +586,7 @@ class FreshRSS_EntryDAO extends Minz_ModelPdo {
 	}
 
 	public function size($all = false) {
-		$db = Minz_Configuration::dataBase();
+		$db = FreshRSS_Context::$system_conf->db;
 		$sql = 'SELECT SUM(data_length + index_length) FROM information_schema.TABLES WHERE table_schema=?';	//MySQL
 		$values = array($db['base']);
 		if (!$all) {
diff --git a/app/Models/UserDAO.php b/app/Models/UserDAO.php
index 6514080bc..b55766ab4 100644
--- a/app/Models/UserDAO.php
+++ b/app/Models/UserDAO.php
@@ -2,7 +2,7 @@
 
 class FreshRSS_UserDAO extends Minz_ModelPdo {
 	public function createUser($username) {
-		$db = Minz_Configuration::dataBase();
+		$db = FreshRSS_Context::$system_conf->db;
 		require_once(APP_PATH . '/SQL/install.sql.' . $db['type'] . '.php');
 
 		$userPDO = new Minz_ModelPdo($username);
@@ -34,7 +34,7 @@ class FreshRSS_UserDAO extends Minz_ModelPdo {
 	}
 
 	public function deleteUser($username) {
-		$db = Minz_Configuration::dataBase();
+		$db = FreshRSS_Context::$system_conf->db;
 		require_once(APP_PATH . '/SQL/install.sql.' . $db['type'] . '.php');
 
 		if ($db['type'] === 'sqlite') {
diff --git a/app/layout/aside_feed.phtml b/app/layout/aside_feed.phtml
index a384455b4..d2612e751 100644
--- a/app/layout/aside_feed.phtml
+++ b/app/layout/aside_feed.phtml
@@ -15,7 +15,7 @@
 		<a class="btn btn-important" href="<?php echo _url('subscription', 'index'); ?>"><?php echo _t('index.menu.subscription'); ?></a>
 		<a class="btn btn-important" href="<?php echo _url('importExport', 'index'); ?>"><?php echo _i('import'); ?></a>
 	</div>
-	<?php } elseif (Minz_Configuration::needsLogin()) { ?>
+	<?php } elseif (FreshRSS_Auth::accessNeedsLogin()) { ?>
 	<a href="<?php echo _url('index', 'about'); ?>"><?php echo _t('index.menu.about'); ?></a>
 	<?php } ?>
 
diff --git a/app/layout/header.phtml b/app/layout/header.phtml
index 97e24a1d9..0c2e171dd 100644
--- a/app/layout/header.phtml
+++ b/app/layout/header.phtml
@@ -1,6 +1,6 @@
 <?php
 
-if (FreshRSS_Auth::accessNeedLogin()) {
+if (FreshRSS_Auth::accessNeedsAction()) {
 	?><ul class="nav nav-head nav-login"><?php
 		if (FreshRSS_Auth::hasAccess()) {
 			?><li class="item"><?php echo _i('logout'); ?> <a class="signout" href="<?php echo _url('auth', 'logout'); ?>"><?php echo _t('gen.auth.logout'); ?></a></li><?php
@@ -77,14 +77,14 @@ if (FreshRSS_Auth::accessNeedLogin()) {
 				<li class="item"><a href="<?php echo _url('index', 'logs'); ?>"><?php echo _t('gen.menu.logs'); ?></a></li>
 				<li class="item"><a href="<?php echo _url('index', 'about'); ?>"><?php echo _t('gen.menu.about'); ?></a></li>
 				<?php
-				if (FreshRSS_Auth::accessNeedLogin()) {
+				if (FreshRSS_Auth::accessNeedsAction()) {
 					?><li class="separator"></li>
 				<li class="item"><a class="signout" href="<?php echo _url('auth', 'logout'); ?>"><?php echo _i('logout'), ' ', _t('gen.auth.logout'); ?></a></li><?php
 				} ?>
 			</ul>
 		</div>
 	</div>
-	<?php } elseif (FreshRSS_Auth::accessNeedLogin()) { ?>
+	<?php } elseif (FreshRSS_Auth::accessNeedsAction()) { ?>
 	<div class="item configure">
 		<?php echo _i('login'); ?><a class="signin" href="<?php echo _url('auth', 'login'); ?>"><?php echo _t('gen.auth.login'); ?></a>
 	</div>
diff --git a/app/layout/layout.phtml b/app/layout/layout.phtml
index ed8029fe0..083ffd4b3 100644
--- a/app/layout/layout.phtml
+++ b/app/layout/layout.phtml
@@ -10,7 +10,6 @@
 <?php $this->renderHelper('javascript_vars'); ?>
 		//]]></script>
 <?php
-	$conf = Minz_Configuration::get('system');
 	$url_base = Minz_Request::currentRequest();
 	if (FreshRSS_Context::$next_id !== '') {
 		$url_next = $url_base;
diff --git a/app/layout/nav_menu.phtml b/app/layout/nav_menu.phtml
index eeadb622b..d35a0b5fb 100644
--- a/app/layout/nav_menu.phtml
+++ b/app/layout/nav_menu.phtml
@@ -193,7 +193,7 @@
 		<?php echo _i($icon); ?>
 	</a>
 	
-	<?php if (FreshRSS_Auth::hasAccess() || Minz_Configuration::allowAnonymousRefresh()) { ?>
+	<?php if (FreshRSS_Auth::hasAccess() || FreshRSS_Context::$system_conf->allow_anonymous_refresh) { ?>
 	<a id="actualize" class="btn" href="<?php echo _url('feed', 'actualize'); ?>" title="<?php echo _t('gen.action.actualize'); ?>"><?php echo _i('refresh'); ?></a>
 	<?php } ?>
 </div>
diff --git a/app/views/auth/index.phtml b/app/views/auth/index.phtml
index bb07cc2af..f7a862ac9 100644
--- a/app/views/auth/index.phtml
+++ b/app/views/auth/index.phtml
@@ -10,13 +10,13 @@
 			<label class="group-name" for="auth_type"><?php echo _t('admin.auth.type'); ?></label>
 			<div class="group-controls">
 				<select id="auth_type" name="auth_type" required="required">
-					<?php if (!in_array(Minz_Configuration::authType(), array('form', 'persona', 'http_auth', 'none'))) { ?>
+					<?php if (!in_array(FreshRSS_Context::$system_conf->auth_type, array('form', 'persona', 'http_auth', 'none'))) { ?>
 						<option selected="selected"></option>
 					<?php } ?>
-					<option value="form"<?php echo Minz_Configuration::authType() === 'form' ? ' selected="selected"' : '', cryptAvailable() ? '' : ' disabled="disabled"'; ?>><?php echo _t('admin.auth.form'); ?></option>
-					<option value="persona"<?php echo Minz_Configuration::authType() === 'persona' ? ' selected="selected"' : '', FreshRSS_Context::$user_conf->mail_login == '' ? ' disabled="disabled"' : ''; ?>><?php echo _t('admin.auth.persona'); ?></option>
-					<option value="http_auth"<?php echo Minz_Configuration::authType() === 'http_auth' ? ' selected="selected"' : '', httpAuthUser() == '' ? ' disabled="disabled"' : ''; ?>><?php echo _t('admin.auth.http'); ?> (REMOTE_USER = '<?php echo httpAuthUser(); ?>')</option>
-					<option value="none"<?php echo Minz_Configuration::authType() === 'none' ? ' selected="selected"' : ''; ?>><?php echo _t('admin.auth.none'); ?></option>
+					<option value="form"<?php echo FreshRSS_Context::$system_conf->auth_type === 'form' ? ' selected="selected"' : '', cryptAvailable() ? '' : ' disabled="disabled"'; ?>><?php echo _t('admin.auth.form'); ?></option>
+					<option value="persona"<?php echo FreshRSS_Context::$system_conf->auth_type === 'persona' ? ' selected="selected"' : '', FreshRSS_Context::$user_conf->mail_login == '' ? ' disabled="disabled"' : ''; ?>><?php echo _t('admin.auth.persona'); ?></option>
+					<option value="http_auth"<?php echo FreshRSS_Context::$system_conf->auth_type === 'http_auth' ? ' selected="selected"' : '', httpAuthUser() == '' ? ' disabled="disabled"' : ''; ?>><?php echo _t('admin.auth.http'); ?> (REMOTE_USER = '<?php echo httpAuthUser(); ?>')</option>
+					<option value="none"<?php echo FreshRSS_Context::$system_conf->auth_type === 'none' ? ' selected="selected"' : ''; ?>><?php echo _t('admin.auth.none'); ?></option>
 				</select>
 			</div>
 		</div>
@@ -24,9 +24,9 @@
 		<div class="form-group">
 			<div class="group-controls">
 				<label class="checkbox" for="anon_access">
-					<input type="checkbox" name="anon_access" id="anon_access" value="1"<?php echo Minz_Configuration::allowAnonymous() ? ' checked="checked"' : '',
-						Minz_Configuration::canLogIn() ? '' : ' disabled="disabled"'; ?> />
-					<?php echo _t('admin.auth.allow_anonymous', Minz_Configuration::defaultUser()); ?>
+					<input type="checkbox" name="anon_access" id="anon_access" value="1"<?php echo FreshRSS_Context::$system_conf->allow_anonymous ? ' checked="checked"' : '',
+						FreshRSS_Auth::accessNeedsAction() ? '' : ' disabled="disabled"'; ?> />
+					<?php echo _t('admin.auth.allow_anonymous', FreshRSS_Context::$system_conf->default_user); ?>
 				</label>
 			</div>
 		</div>
@@ -34,8 +34,8 @@
 		<div class="form-group">
 			<div class="group-controls">
 				<label class="checkbox" for="anon_refresh">
-					<input type="checkbox" name="anon_refresh" id="anon_refresh" value="1"<?php echo Minz_Configuration::allowAnonymousRefresh() ? ' checked="checked"' : '',
-						Minz_Configuration::canLogIn() ? '' : ' disabled="disabled"'; ?> />
+					<input type="checkbox" name="anon_refresh" id="anon_refresh" value="1"<?php echo FreshRSS_Context::$system_conf->allow_anonymous_refresh ? ' checked="checked"' : '',
+						FreshRSS_Auth::accessNeedsAction() ? '' : ' disabled="disabled"'; ?> />
 					<?php echo _t('admin.auth.allow_anonymous_refresh'); ?>
 				</label>
 			</div>
@@ -44,21 +44,21 @@
 		<div class="form-group">
 			<div class="group-controls">
 				<label class="checkbox" for="unsafe_autologin">
-					<input type="checkbox" name="unsafe_autologin" id="unsafe_autologin" value="1"<?php echo Minz_Configuration::unsafeAutologinEnabled() ? ' checked="checked"' : '',
-						Minz_Configuration::canLogIn() ? '' : ' disabled="disabled"'; ?> />
+					<input type="checkbox" name="unsafe_autologin" id="unsafe_autologin" value="1"<?php echo FreshRSS_Context::$system_conf->unsafe_autologin_enabled ? ' checked="checked"' : '',
+						FreshRSS_Auth::accessNeedsAction() ? '' : ' disabled="disabled"'; ?> />
 					<?php echo _t('admin.auth.unsafe_autologin'); ?>
 					<kbd><?php echo Minz_Url::display(array('c' => 'auth', 'a' => 'login', 'params' => array('u' => 'alice', 'p' => '1234')), 'html', true); ?></kbd>
 				</label>
 			</div>
 		</div>
 
-		<?php if (Minz_Configuration::canLogIn()) { ?>
+		<?php if (FreshRSS_Auth::accessNeedsAction()) { ?>
 		<div class="form-group">
 			<label class="group-name" for="token"><?php echo _t('admin.auth.token'); ?></label>
 			<?php $token = FreshRSS_Context::$user_conf->token; ?>
 			<div class="group-controls">
 				<input type="text" id="token" name="token" value="<?php echo $token; ?>" placeholder="<?php echo _t('gen.short.blank_to_disable'); ?>"<?php
-					echo Minz_Configuration::canLogIn() ? '' : ' disabled="disabled"'; ?> />
+					echo FreshRSS_Auth::accessNeedsAction() ? '' : ' disabled="disabled"'; ?> />
 				<?php echo _i('help'); ?> <?php echo _t('admin.auth.token_help'); ?>
 				<kbd><?php echo Minz_Url::display(array('params' => array('output' => 'rss', 'token' => $token)), 'html', true); ?></kbd>
 			</div>
@@ -68,8 +68,8 @@
 		<div class="form-group">
 			<div class="group-controls">
 				<label class="checkbox" for="api_enabled">
-					<input type="checkbox" name="api_enabled" id="api_enabled" value="1"<?php echo Minz_Configuration::apiEnabled() ? ' checked="checked"' : '',
-						Minz_Configuration::needsLogin() ? '' : ' disabled="disabled"'; ?> />
+					<input type="checkbox" name="api_enabled" id="api_enabled" value="1"<?php echo FreshRSS_Context::$system_conf->api_enabled ? ' checked="checked"' : '',
+						FreshRSS_Auth::accessNeedsLogin() ? '' : ' disabled="disabled"'; ?> />
 					<?php echo _t('admin.auth.api_enabled'); ?>
 				</label>
 			</div>
diff --git a/app/views/helpers/export/opml.phtml b/app/views/helpers/export/opml.phtml
index 8622d9144..236cca303 100644
--- a/app/views/helpers/export/opml.phtml
+++ b/app/views/helpers/export/opml.phtml
@@ -2,7 +2,7 @@
 
 $opml_array = array(
 	'head' => array(
-		'title' => Minz_Configuration::title(),
+		'title' => FreshRSS_Context::$system_conf->title,
 		'dateCreated' => date('D, d M Y H:i:s')
 	),
 	'body' => array()
diff --git a/app/views/index/index.phtml b/app/views/index/index.phtml
index 8b93461dd..8b94c7f7d 100644
--- a/app/views/index/index.phtml
+++ b/app/views/index/index.phtml
@@ -2,7 +2,7 @@
 
 $output = Minz_Request::param('output', 'normal');
 
-if (FreshRSS_Auth::hasAccess() || Minz_Configuration::allowAnonymous()) {
+if (FreshRSS_Auth::hasAccess() || FreshRSS_Context::$system_conf->allow_anonymous) {
 	if ($output === 'normal') {
 		$this->renderHelper('view/normal_view');
 	} elseif ($output === 'reader') {
diff --git a/app/views/user/profile.phtml b/app/views/user/profile.phtml
index a3f7bf15d..d85499ad8 100644
--- a/app/views/user/profile.phtml
+++ b/app/views/user/profile.phtml
@@ -28,7 +28,7 @@
 			</div>
 		</div>
 
-		<?php if (Minz_Configuration::apiEnabled()) { ?>
+		<?php if (FreshRSS_Context::$system_conf->api_enabled) { ?>
 		<div class="form-group">
 			<label class="group-name" for="apiPasswordPlain"><?php echo _t('conf.profile.password_api'); ?></label>
 			<div class="group-controls">
-- 
cgit v1.2.3


From 211569ef85f50891035e3e2645ec0c87badec1e1 Mon Sep 17 00:00:00 2001
From: Alexandre Alapetite <alexandre@alapetite.fr>
Date: Wed, 21 Jan 2015 00:44:26 +0100
Subject: Minz: missing URL key/param encoding

Caused searches such as "intitle:&amp;" to fail after paging, and
possible XSS vulnerabilities.
Discovered during https://github.com/FreshRSS/FreshRSS/issues/754
---
 app/layout/header.phtml   |  3 +--
 app/layout/nav_menu.phtml |  3 +--
 lib/Minz/Url.php          | 34 +++++++++++++++++-----------------
 3 files changed, 19 insertions(+), 21 deletions(-)

(limited to 'app/layout/header.phtml')

diff --git a/app/layout/header.phtml b/app/layout/header.phtml
index 2b968252b..41a63a565 100644
--- a/app/layout/header.phtml
+++ b/app/layout/header.phtml
@@ -25,8 +25,7 @@ if (FreshRSS_Auth::accessNeedsAction()) {
 		<?php if (FreshRSS_Auth::hasAccess() || FreshRSS_Context::$system_conf->allow_anonymous) { ?>
 		<form action="<?php echo _url('index', 'index'); ?>" method="get">
 			<div class="stick">
-				<?php $search = Minz_Request::param('search', ''); ?>
-				<input type="search" name="search" id="search" class="extend" value="<?php echo $search; ?>" placeholder="<?php echo _t('gen.menu.search'); ?>" />
+				<input type="search" name="search" id="search" class="extend" value="<?php echo FreshRSS_Context::$search; ?>" placeholder="<?php echo _t('gen.menu.search'); ?>" />
 
 				<?php $get = Minz_Request::param('get', ''); ?>
 				<?php if ($get != '') { ?>
diff --git a/app/layout/nav_menu.phtml b/app/layout/nav_menu.phtml
index d35a0b5fb..3a755b560 100644
--- a/app/layout/nav_menu.phtml
+++ b/app/layout/nav_menu.phtml
@@ -156,8 +156,7 @@
 
 	<div class="item search">
 		<form action="<?php echo _url('index', 'index'); ?>" method="get">
-			<?php $search = Minz_Request::param('search', ''); ?>
-			<input type="search" name="search" class="extend" value="<?php echo $search; ?>" placeholder="<?php echo _t('index.menu.search_short'); ?>" />
+			<input type="search" name="search" class="extend" value="<?php echo FreshRSS_Context::$search; ?>" placeholder="<?php echo _t('index.menu.search_short'); ?>" />
 
 			<?php $get = Minz_Request::param('get', ''); ?>
 			<?php if($get != '') { ?>
diff --git a/lib/Minz/Url.php b/lib/Minz/Url.php
index e9f9a69ba..af555a277 100644
--- a/lib/Minz/Url.php
+++ b/lib/Minz/Url.php
@@ -45,45 +45,45 @@ class Minz_Url {
 
 		return $url_string;
 	}
-	
+
 	/**
 	 * Construit l'URI d'une URL
 	 * @param l'url sous forme de tableau
 	 * @param $encodage pour indiquer comment encoder les & (& ou &amp; pour html)
 	 * @return l'uri sous la forme ?key=value&key2=value2
 	 */
-	private static function printUri ($url, $encodage) {
+	private static function printUri($url, $encodage) {
 		$uri = '';
 		$separator = '?';
-		
-		if($encodage == 'html') {
+
+		if ($encodage === 'html') {
 			$and = '&amp;';
 		} else {
 			$and = '&';
 		}
-		
-		if (isset ($url['c'])
-		 && $url['c'] != Minz_Request::defaultControllerName ()) {
+
+		if (isset($url['c'])
+		 && $url['c'] != Minz_Request::defaultControllerName()) {
 			$uri .= $separator . 'c=' . $url['c'];
 			$separator = $and;
 		}
-		
-		if (isset ($url['a'])
-		 && $url['a'] != Minz_Request::defaultActionName ()) {
+
+		if (isset($url['a'])
+		 && $url['a'] != Minz_Request::defaultActionName()) {
 			$uri .= $separator . 'a=' . $url['a'];
 			$separator = $and;
 		}
-		
-		if (isset ($url['params'])) {
+
+		if (isset($url['params'])) {
 			foreach ($url['params'] as $key => $param) {
-				$uri .= $separator . $key . '=' . $param;
+				$uri .= $separator . urlencode($key) . '=' . urlencode($param);
 				$separator = $and;
 			}
 		}
-		
+
 		return $uri;
 	}
-	
+
 	/**
 	 * Vérifie que les éléments du tableau représentant une url soit ok
 	 * @param l'url sous forme de tableau (sinon renverra directement $url)
@@ -91,7 +91,7 @@ class Minz_Url {
 	 */
 	public static function checkUrl ($url) {
 		$url_checked = $url;
-		
+
 		if (is_array ($url)) {
 			if (!isset ($url['c'])) {
 				$url_checked['c'] = Minz_Request::defaultControllerName ();
@@ -103,7 +103,7 @@ class Minz_Url {
 				$url_checked['params'] = array ();
 			}
 		}
-		
+
 		return $url_checked;
 	}
 }
-- 
cgit v1.2.3