From 59f284d229608f0d80784ecfd19742c06db44a8a Mon Sep 17 00:00:00 2001 From: Alexis Degrugillier Date: Fri, 8 Nov 2019 23:49:43 +0100 Subject: Rename sharing action (#2643) Before, some ad-blocker rules were preventing to display the sharing page because of its name. I've renamed that page to integration but kept every thing else identical. So it's still called sharing through out the application. If needed, this can be addressed as well. See #2509 and #2419 --- app/Controllers/configureController.php | 11 +++-- app/layout/aside_configure.phtml | 4 +- app/layout/header.phtml | 2 +- app/views/configure/integration.phtml | 71 +++++++++++++++++++++++++++++++++ app/views/configure/sharing.phtml | 71 --------------------------------- 5 files changed, 81 insertions(+), 78 deletions(-) create mode 100644 app/views/configure/integration.phtml delete mode 100644 app/views/configure/sharing.phtml (limited to 'app') diff --git a/app/Controllers/configureController.php b/app/Controllers/configureController.php index b38d3289a..dcb438587 100755 --- a/app/Controllers/configureController.php +++ b/app/Controllers/configureController.php @@ -134,13 +134,16 @@ class FreshRSS_configure_Controller extends Minz_ActionController { } /** - * This action handles the sharing configuration page. + * This action handles the integration configuration page. * - * It displays the sharing configuration page. + * It displays the integration configuration page. * If this action is reached through a POST request, it stores all * configuration values then sends a notification to the user. + * + * Before v1.16, we used sharing instead of integration. This has + * some unwanted behavior when the end-user was using an ad-blocker. */ - public function sharingAction() { + public function integrationAction() { if (Minz_Request::isPost()) { $params = Minz_Request::fetchPOST(); FreshRSS_Context::$user_conf->sharing = $params['share']; @@ -148,7 +151,7 @@ class FreshRSS_configure_Controller extends Minz_ActionController { invalidateHttpCache(); Minz_Request::good(_t('feedback.conf.updated'), - array('c' => 'configure', 'a' => 'sharing')); + array('c' => 'configure', 'a' => 'integration')); } Minz_View::prependTitle(_t('conf.sharing.title') . ' ยท '); diff --git a/app/layout/aside_configure.phtml b/app/layout/aside_configure.phtml index 1267f747c..e74630b5a 100644 --- a/app/layout/aside_configure.phtml +++ b/app/layout/aside_configure.phtml @@ -9,8 +9,8 @@
    • -
  • - +
  • +
  • diff --git a/app/layout/header.phtml b/app/layout/header.phtml index 3f7bd80e3..7603cf2e5 100644 --- a/app/layout/header.phtml +++ b/app/layout/header.phtml @@ -61,7 +61,7 @@ if (FreshRSS_Auth::accessNeedsAction()) {
    • -
    • +
    • diff --git a/app/views/configure/integration.phtml b/app/views/configure/integration.phtml new file mode 100644 index 000000000..32ef11716 --- /dev/null +++ b/app/views/configure/integration.phtml @@ -0,0 +1,71 @@ +partial('aside_configure'); ?> + +
    + + +
    " size="64" /> +
    + ' + data-advanced='
    + + + +
    + + +
    + +
    '> + + + sharing as $key => $share_options) { + $share = FreshRSS_Share::get($share_options['type']); + $share->update($share_options); + ?> +
    + +
    + + + +
    + + formType() === 'advanced') { ?> + + + + + +
    + formType() === 'advanced') { ?> + + +
    +
    + + +
    +
    + + +
    +
    + +
    +
    + + +
    +
    + + diff --git a/app/views/configure/sharing.phtml b/app/views/configure/sharing.phtml deleted file mode 100644 index 32ef11716..000000000 --- a/app/views/configure/sharing.phtml +++ /dev/null @@ -1,71 +0,0 @@ -partial('aside_configure'); ?> - -
    - - -
    " size="64" /> -
    - ' - data-advanced='
    - - - -
    - - -
    - -
    '> - - - sharing as $key => $share_options) { - $share = FreshRSS_Share::get($share_options['type']); - $share->update($share_options); - ?> -
    - -
    - - - -
    - - formType() === 'advanced') { ?> - - - - - -
    - formType() === 'advanced') { ?> - - -
    -
    - - -
    -
    - - -
    -
    - -
    -
    - - -
    -
    - - -- cgit v1.2.3 From 6fb60d470aaa3c1e62dc1a61f786abdd6e428106 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Mon, 11 Nov 2019 19:48:23 +0100 Subject: Fix DB optimize for MySQL (#2647) `pdo->exec()` is not appropriate for MySQL `OPTIMIZE` because `OPTIMIZE` returns some data and not only a code and then fails. --- app/Models/DatabaseDAO.php | 7 ++++++- app/Models/DatabaseDAOPGSQL.php | 6 +++++- app/Models/DatabaseDAOSQLite.php | 7 ++++++- 3 files changed, 17 insertions(+), 3 deletions(-) (limited to 'app') diff --git a/app/Models/DatabaseDAO.php b/app/Models/DatabaseDAO.php index 13330db23..cfb150ab1 100644 --- a/app/Models/DatabaseDAO.php +++ b/app/Models/DatabaseDAO.php @@ -156,7 +156,12 @@ class FreshRSS_DatabaseDAO extends Minz_ModelPdo { foreach ($tables as $table) { $sql = 'OPTIMIZE TABLE `_' . $table . '`'; //MySQL - $ok &= ($this->pdo->exec($sql) !== false); + $stm = $this->pdo->query($sql); + if ($stm == false || $stm->fetchAll(PDO::FETCH_ASSOC) === false) { + $ok = false; + $info = $stm == null ? $this->pdo->errorInfo() : $stm->errorInfo(); + Minz_Log::warning(__METHOD__ . ' error: ' . $sql . ' : ' . json_encode($info)); + } } return $ok; } diff --git a/app/Models/DatabaseDAOPGSQL.php b/app/Models/DatabaseDAOPGSQL.php index 7ca7799ae..75ff8be7b 100644 --- a/app/Models/DatabaseDAOPGSQL.php +++ b/app/Models/DatabaseDAOPGSQL.php @@ -79,7 +79,11 @@ class FreshRSS_DatabaseDAOPGSQL extends FreshRSS_DatabaseDAOSQLite { foreach ($tables as $table) { $sql = 'VACUUM `_' . $table . '`'; - $ok &= ($this->pdo->exec($sql) !== false); + if ($this->pdo->exec($sql) === false) { + $ok = false; + $info = $this->pdo->errorInfo(); + Minz_Log::warning(__METHOD__ . ' error: ' . $sql . ' : ' . json_encode($info)); + } } return $ok; } diff --git a/app/Models/DatabaseDAOSQLite.php b/app/Models/DatabaseDAOSQLite.php index 413e7ee09..eaa2d37a7 100644 --- a/app/Models/DatabaseDAOSQLite.php +++ b/app/Models/DatabaseDAOSQLite.php @@ -66,6 +66,11 @@ class FreshRSS_DatabaseDAOSQLite extends FreshRSS_DatabaseDAO { } public function optimize() { - return $this->pdo->exec('VACUUM') !== false; + $ok = $this->pdo->exec('VACUUM') !== false; + if (!$ok) { + $info = $this->pdo->errorInfo(); + Minz_Log::warning(__METHOD__ . ' error: ' . $sql . ' : ' . json_encode($info)); + } + return $ok; } } -- cgit v1.2.3 From bec75664293047267c8ab5dd6967d78bcdbbf8ff Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Mon, 11 Nov 2019 19:48:45 +0100 Subject: Sanitize UTF-8 before commiting entries (#2649) Fix https://github.com/FreshRSS/FreshRSS/issues/2645 --- app/Models/EntryDAO.php | 9 +++++++++ lib/lib_rss.php | 8 ++++++++ 2 files changed, 17 insertions(+) (limited to 'app') diff --git a/app/Models/EntryDAO.php b/app/Models/EntryDAO.php index 99e99f463..d149cfd8b 100644 --- a/app/Models/EntryDAO.php +++ b/app/Models/EntryDAO.php @@ -99,9 +99,12 @@ SQL; $valuesTmp['guid'] = safe_ascii($valuesTmp['guid']); $this->addEntryPrepared->bindParam(':guid', $valuesTmp['guid']); $valuesTmp['title'] = mb_strcut($valuesTmp['title'], 0, 255, 'UTF-8'); + $valuesTmp['title'] = safe_utf8($valuesTmp['title']); $this->addEntryPrepared->bindParam(':title', $valuesTmp['title']); $valuesTmp['author'] = mb_strcut($valuesTmp['author'], 0, 255, 'UTF-8'); + $valuesTmp['author'] = safe_utf8($valuesTmp['author']); $this->addEntryPrepared->bindParam(':author', $valuesTmp['author']); + $valuesTmp['content'] = safe_utf8($valuesTmp['content']); $this->addEntryPrepared->bindParam(':content', $valuesTmp['content']); $valuesTmp['link'] = substr($valuesTmp['link'], 0, 1023); $valuesTmp['link'] = safe_ascii($valuesTmp['link']); @@ -117,6 +120,7 @@ SQL; $this->addEntryPrepared->bindParam(':is_favorite', $valuesTmp['is_favorite'], PDO::PARAM_INT); $this->addEntryPrepared->bindParam(':id_feed', $valuesTmp['id_feed'], PDO::PARAM_INT); $valuesTmp['tags'] = mb_strcut($valuesTmp['tags'], 0, 1023, 'UTF-8'); + $valuesTmp['tags'] = safe_utf8($valuesTmp['tags']); $this->addEntryPrepared->bindParam(':tags', $valuesTmp['tags']); if ($this->hasNativeHex()) { @@ -186,11 +190,15 @@ SQL; } $valuesTmp['guid'] = substr($valuesTmp['guid'], 0, 760); + $valuesTmp['guid'] = safe_ascii($valuesTmp['guid']); $this->updateEntryPrepared->bindParam(':guid', $valuesTmp['guid']); $valuesTmp['title'] = mb_strcut($valuesTmp['title'], 0, 255, 'UTF-8'); + $valuesTmp['title'] = safe_utf8($valuesTmp['title']); $this->updateEntryPrepared->bindParam(':title', $valuesTmp['title']); $valuesTmp['author'] = mb_strcut($valuesTmp['author'], 0, 255, 'UTF-8'); + $valuesTmp['author'] = safe_utf8($valuesTmp['author']); $this->updateEntryPrepared->bindParam(':author', $valuesTmp['author']); + $valuesTmp['content'] = safe_utf8($valuesTmp['content']); $this->updateEntryPrepared->bindParam(':content', $valuesTmp['content']); $valuesTmp['link'] = substr($valuesTmp['link'], 0, 1023); $valuesTmp['link'] = safe_ascii($valuesTmp['link']); @@ -203,6 +211,7 @@ SQL; } $this->updateEntryPrepared->bindParam(':id_feed', $valuesTmp['id_feed'], PDO::PARAM_INT); $valuesTmp['tags'] = mb_strcut($valuesTmp['tags'], 0, 1023, 'UTF-8'); + $valuesTmp['tags'] = safe_utf8($valuesTmp['tags']); $this->updateEntryPrepared->bindParam(':tags', $valuesTmp['tags']); if ($this->hasNativeHex()) { diff --git a/lib/lib_rss.php b/lib/lib_rss.php index f4b5c68e6..137c7f2d5 100644 --- a/lib/lib_rss.php +++ b/lib/lib_rss.php @@ -81,6 +81,14 @@ function safe_ascii($text) { return filter_var($text, FILTER_DEFAULT, FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH); } +if (function_exists('mb_convert_encoding')) { + function safe_utf8($text) { return mb_convert_encoding($text, 'UTF-8', 'UTF-8'); } +} elseif (function_exists('iconv')) { + function safe_utf8($text) { return iconv('UTF-8', 'UTF-8//IGNORE', $text); } +} else { + function safe_utf8($text) { return $text; } +} + function escapeToUnicodeAlternative($text, $extended = true) { $text = htmlspecialchars_decode($text, ENT_QUOTES); -- cgit v1.2.3