From 27764b36353b3066a9e92da2a96ac17b546295be Mon Sep 17 00:00:00 2001 From: Alexis Degrugillier Date: Sat, 22 Feb 2014 16:53:51 -0500 Subject: Improve sharing Previously, the share page can handle only a limited number of shares and only one of each type. Now the configuration has been change to be more flexible and allows an unlimited number of shares. The share description is located in an array and the share configuration is stored along with the user configuration. Note: I tried to include the specific javascript code in a separate file but I did not succeded to import it. --- data/shares.php | 75 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 75 insertions(+) create mode 100644 data/shares.php (limited to 'data') diff --git a/data/shares.php b/data/shares.php new file mode 100644 index 000000000..44176f1bf --- /dev/null +++ b/data/shares.php @@ -0,0 +1,75 @@ + array( + 'url' => '~URL~?post=~LINK~&title=~TITLE~&source=FreshRSS', + 'transform' => array('urlencode'), + 'help' => 'http://sebsauvage.net/wiki/doku.php?id=php:shaarli', + 'form' => 'advanced', + ), + 'blogotext' => array( + 'url' => '~URL~/admin/links.php?url=~LINK~', + 'transform' => array(), + 'help' => 'http://lehollandaisvolant.net/blogotext/fr/', + 'form' => 'advanced', + ), + 'wallabag' => array( + 'url' => '~URL~?action=add&url=~LINK~', + 'transform' => array( + 'link' => array('base64_encode'), + 'title' => array(), + ), + 'help' => 'http://www.wallabag.org/', + 'form' => 'advanced', + ), + 'diaspora' => array( + 'url' => '~URL~/bookmarklet?url=~LINK~&title=~TITLE~', + 'transform' => array('urlencode'), + 'help' => 'https://diasporafoundation.org/', + 'form' => 'advanced', + ), + 'twitter' => array( + 'url' => 'https://twitter.com/share?url=~LINK~&text=~TITLE~', + 'transform' => array('urlencode'), + 'form' => 'simple', + ), + 'g+' => array( + 'url' => 'https://plus.google.com/share?url=~LINK~', + 'transform' => array('urlencode'), + 'form' => 'simple', + ), + 'facebook' => array( + 'url' => 'https://www.facebook.com/sharer.php?u=~LINK~&t=~TITLE~', + 'transform' => array('urlencode'), + 'form' => 'simple', + ), + 'email' => array( + 'url' => 'mailto:?subject=~TITLE~&body=~LINK~', + 'transform' => array( + 'link' => array('urlencode'), + 'title' => array(), + ), + 'form' => 'simple', + ), + 'print' => array( + 'url' => '#', + 'transform' => array(), + 'form' => 'simple', + ), +); -- cgit v1.2.3 From 8a5050289ef695dc4d388eecee692ad9d83e00ce Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Thu, 3 Jul 2014 21:20:11 +0200 Subject: New install logic Now the install.php is kept in ./app/ and the trigger is ./data/do-install.php There is no need anymore to have write access in ./p/i/ --- app/i18n/install.en.php | 2 +- app/i18n/install.fr.php | 2 +- app/install.php | 1115 +++++++++++++++++++++++++++++++++++++++++++++++ data/do-install.txt | 0 p/i/index.php | 16 +- p/i/install.php | 1084 --------------------------------------------- 6 files changed, 1125 insertions(+), 1094 deletions(-) create mode 100644 app/install.php create mode 100644 data/do-install.txt delete mode 100644 p/i/install.php (limited to 'data') diff --git a/app/i18n/install.en.php b/app/i18n/install.en.php index 0311ee9a4..553a79921 100644 --- a/app/i18n/install.en.php +++ b/app/i18n/install.en.php @@ -61,7 +61,7 @@ return array ( 'update_end' => 'Update process is completed, now you can go to the final step.', - 'installation_is_ok' => 'The installation process was successful.
The final step will now attempt to delete the ./p/i/install.php file and any database backup created during the update process.
You may choose to skip this step and delete ./p/i/install.php manually.', + 'installation_is_ok' => 'The installation process was successful.
The final step will now attempt to delete any file and database backup created during the update process.
You may choose to skip this step by deleting ./data/do-install.txt manually.', 'finish_installation' => 'Complete installation', 'install_not_deleted' => 'Something went wrong; you must delete the file %s manually.', ); diff --git a/app/i18n/install.fr.php b/app/i18n/install.fr.php index bb183642f..470d83e1a 100644 --- a/app/i18n/install.fr.php +++ b/app/i18n/install.fr.php @@ -60,7 +60,7 @@ return array ( 'update_long' => 'Ce processus peut prendre longtemps, selon la taille de votre base de données. Vous aurez peut-être à attendre que cette page dépasse son temps maximum d’exécution (~5 minutes) puis à la recharger.', 'update_end' => 'La mise à jour est terminée, vous pouvez maintenant passer à l’étape finale.', - 'installation_is_ok' => 'L’installation s’est bien passée.
La dernière étape va maintenant tenter de supprimer le fichier ./p/i/install.php, ainsi que d’éventuelles copies de base de données créées durant le processus de mise à jour.
Vous pouvez choisir de sauter cette étape et de supprimer ./p/i/install.php manuellement.', + 'installation_is_ok' => 'L’installation s’est bien passée.
La dernière étape va maintenant tenter de supprimer les fichiers ainsi que d’éventuelles copies de base de données créés durant le processus de mise à jour.
Vous pouvez choisir de sauter cette étape en supprimant ./data/do-install.txt manuellement.', 'finish_installation' => 'Terminer l’installation', 'install_not_deleted' => 'Quelque chose s’est mal passé, vous devez supprimer le fichier %s à la main.', ); diff --git a/app/install.php b/app/install.php new file mode 100644 index 000000000..9863dd556 --- /dev/null +++ b/app/install.php @@ -0,0 +1,1115 @@ + +define('SQL_BACKUP006', 'RENAME TABLE `%1$scategory` TO `%1$scategory006`, `%1$sfeed` TO `%1$sfeed006`, `%1$sentry` TO `%1$sentry006`;'); + +define('SQL_SHOW_COLUMNS_UPDATEv006', 'SHOW columns FROM `%1$sentry006` LIKE "id2";'); + +define('SQL_UPDATEv006', ' +ALTER TABLE `%1$scategory006` ADD id2 SMALLINT; + +SET @i = 0; +UPDATE `%1$scategory006` SET id2=(@i:=@i+1) ORDER BY id; + +ALTER TABLE `%1$sfeed006` ADD id2 SMALLINT, ADD category2 SMALLINT; + +SET @i = 0; +UPDATE `%1$sfeed006` SET id2=(@i:=@i+1) ORDER BY name; + +UPDATE `%1$sfeed006` f +INNER JOIN `%1$scategory006` c ON f.category = c.id +SET f.category2 = c.id2; + +INSERT IGNORE INTO `%2$scategory` (name) +SELECT name +FROM `%1$scategory006` +ORDER BY id2; + +INSERT IGNORE INTO `%2$sfeed` (url, category, name, website, description, priority, pathEntries, httpAuth, keep_history) +SELECT url, category2, name, website, description, priority, pathEntries, httpAuth, IF(keep_history = 1, -1, -2) +FROM `%1$sfeed006` +ORDER BY id2; + +ALTER TABLE `%1$sentry006` ADD id2 bigint; + +UPDATE `%1$sentry006` SET id2 = ((date * 1000000) + (rand() * 100000000)); + +INSERT IGNORE INTO `%2$sentry` (id, guid, title, author, link, date, is_read, is_favorite, id_feed, tags) +SELECT e0.id2, e0.guid, e0.title, e0.author, e0.link, e0.date, e0.is_read, e0.is_favorite, f0.id2, e0.tags +FROM `%1$sentry006` e0 +INNER JOIN `%1$sfeed006` f0 ON e0.id_feed = f0.id; +'); + +define('SQL_CONVERT_SELECTv006', ' +SELECT e0.id2, e0.content +FROM `%1$sentry006` e0 +INNER JOIN `%2$sentry` e1 ON e0.id2 = e1.id +WHERE e1.content_bin IS NULL'); + +define('SQL_CONVERT_UPDATEv006', 'UPDATE `%1$sentry` SET ' + . (isset($_SESSION['bd_type']) && $_SESSION['bd_type'] === 'mysql' ? 'content_bin=COMPRESS(?)' : 'content=?') + . ' WHERE id=?;'); + +define('SQL_DROP_BACKUPv006', 'DROP TABLE IF EXISTS `%1$sentry006`, `%1$sfeed006`, `%1$scategory006`;'); + +define('SQL_UPDATE_CACHED_VALUES', ' +UPDATE `%1$sfeed` f +INNER JOIN ( + SELECT e.id_feed, + COUNT(CASE WHEN e.is_read = 0 THEN 1 END) AS nbUnreads, + COUNT(e.id) AS nbEntries + FROM `%1$sentry` e + GROUP BY e.id_feed +) x ON x.id_feed=f.id +SET f.cache_nbEntries=x.nbEntries, f.cache_nbUnreads=x.nbUnreads +'); + +define('SQL_UPDATE_HISTORYv007b', 'UPDATE `%1$sfeed` SET keep_history = CASE WHEN keep_history = 0 THEN -2 WHEN keep_history = 1 THEN -1 ELSE keep_history END;'); + +define('SQL_GET_FEEDS', 'SELECT id, url, website FROM `%1$sfeed`;'); +// + +// gestion internationalisation +$translates = array (); +$actual = 'en'; +function initTranslate () { + global $translates; + global $actual; + + $actual = isset($_SESSION['language']) ? $_SESSION['language'] : getBetterLanguage('en'); + + $file = APP_PATH . '/i18n/' . $actual . '.php'; + if (file_exists($file)) { + $translates = array_merge($translates, include($file)); + } + + $file = APP_PATH . '/i18n/install.' . $actual . '.php'; + if (file_exists($file)) { + $translates = array_merge($translates, include($file)); + } +} + +function getBetterLanguage ($fallback) { + $available = availableLanguages (); + $accept = $_SERVER['HTTP_ACCEPT_LANGUAGE']; + $language = strtolower (substr ($accept, 0, 2)); + + if (isset ($available[$language])) { + return $language; + } else { + return $fallback; + } +} +function availableLanguages () { + return array ( + 'en' => 'English', + 'fr' => 'Français' + ); +} +function _t ($key) { + global $translates; + $translate = $key; + if (isset ($translates[$key])) { + $translate = $translates[$key]; + } + + $args = func_get_args (); + unset($args[0]); + + return vsprintf ($translate, $args); +} + +/*** SAUVEGARDES ***/ +function saveLanguage () { + if (!empty ($_POST)) { + if (!isset ($_POST['language'])) { + return false; + } + + $_SESSION['language'] = $_POST['language']; + + header ('Location: index.php?step=1'); + } +} +function saveStep2 () { + if (!empty ($_POST)) { + if (empty ($_POST['title']) || + empty ($_POST['old_entries']) || + empty ($_POST['auth_type']) || + empty ($_POST['default_user'])) { + return false; + } + + $_SESSION['salt'] = sha1(uniqid(mt_rand(), true).implode('', stat(__FILE__))); + $_SESSION['title'] = substr(trim($_POST['title']), 0, 25); + $_SESSION['old_entries'] = $_POST['old_entries']; + if ((!ctype_digit($_SESSION['old_entries'])) || ($_SESSION['old_entries'] < 1)) { + $_SESSION['old_entries'] = 3; + } + $_SESSION['mail_login'] = filter_var($_POST['mail_login'], FILTER_VALIDATE_EMAIL); + $_SESSION['default_user'] = substr(preg_replace('/[^a-zA-Z0-9]/', '', $_POST['default_user']), 0, 16); + $_SESSION['auth_type'] = $_POST['auth_type']; + if (!empty($_POST['passwordPlain'])) { + if (!function_exists('password_hash')) { + include_once(LIB_PATH . '/password_compat.php'); + } + $passwordHash = password_hash($_POST['passwordPlain'], PASSWORD_BCRYPT, array('cost' => BCRYPT_COST)); + $passwordHash = preg_replace('/^\$2[xy]\$/', '\$2a\$', $passwordHash); //Compatibility with bcrypt.js + $_SESSION['passwordHash'] = $passwordHash; + } + + $token = ''; + if ($_SESSION['mail_login']) { + $token = sha1($_SESSION['salt'] . $_SESSION['mail_login']); + } + + $config_array = array ( + 'language' => $_SESSION['language'], + 'theme' => $_SESSION['theme'], + 'old_entries' => $_SESSION['old_entries'], + 'mail_login' => $_SESSION['mail_login'], + 'passwordHash' => $_SESSION['passwordHash'], + 'token' => $token, + ); + + $configPath = DATA_PATH . '/' . $_SESSION['default_user'] . '_user.php'; + @unlink($configPath); //To avoid access-rights problems + file_put_contents($configPath, " array( + 'environment' => empty($_SESSION['environment']) ? 'production' : $_SESSION['environment'], + 'salt' => $_SESSION['salt'], + 'base_url' => '', + 'title' => $_SESSION['title'], + 'default_user' => $_SESSION['default_user'], + 'auth_type' => $_SESSION['auth_type'], + 'allow_anonymous' => isset($_SESSION['allow_anonymous']) ? $_SESSION['allow_anonymous'] : false, + 'allow_anonymous_refresh' => false, + 'unsafe_autologin_enabled' => false, + 'api_enabled' => false, + ), + 'db' => array( + 'type' => $_SESSION['bd_type'], + 'host' => $_SESSION['bd_host'], + 'user' => $_SESSION['bd_user'], + 'password' => $_SESSION['bd_password'], + 'base' => $_SESSION['bd_base'], + 'prefix' => $_SESSION['bd_prefix'], + ), + ); + + @unlink(DATA_PATH . '/config.php'); //To avoid access-rights problems + file_put_contents(DATA_PATH . '/config.php', " 'SET NAMES utf8', + ); + break; + case 'sqlite': + return false; //No update for SQLite needed so far + default: + return false; + } + + $c = new PDO($str, $_SESSION['bd_user'], $_SESSION['bd_password'], $driver_options); + + $stm = $c->prepare(SQL_SHOW_TABLES); + $stm->execute(); + $res = $stm->fetchAll(PDO::FETCH_COLUMN, 0); + if (!in_array($_SESSION['bd_prefix'] . 'entry006', $res)) { + return false; + } + + $sql = sprintf(SQL_SHOW_COLUMNS_UPDATEv006, $_SESSION['bd_prefix']); + $stm = $c->prepare($sql); + $stm->execute(); + $res = $stm->fetchAll(PDO::FETCH_COLUMN, 0); + if (!in_array('id2', $res)) { + if (!$perform) { + return true; + } + $sql = sprintf(SQL_UPDATEv006, $_SESSION['bd_prefix'], $_SESSION['bd_prefix_user']); + $stm = $c->prepare($sql, array(PDO::ATTR_EMULATE_PREPARES => true)); + $stm->execute(); + } + + $sql = sprintf(SQL_CONVERT_SELECTv006, $_SESSION['bd_prefix'], $_SESSION['bd_prefix_user']); + if (!$perform) { + $sql .= ' LIMIT 1'; + } + $stm = $c->prepare($sql); + $stm->execute(); + if (!$perform) { + $res = $stm->fetchAll(PDO::FETCH_COLUMN, 0); + return count($res) > 0; + } else { + @set_time_limit(300); + } + + $c2 = new PDO($str, $_SESSION['bd_user'], $_SESSION['bd_password'], $driver_options); + $sql = sprintf(SQL_CONVERT_UPDATEv006, $_SESSION['bd_prefix_user']); + $stm2 = $c2->prepare($sql); + while ($row = $stm->fetch(PDO::FETCH_ASSOC)) { + $id = $row['id2']; + $content = unserialize(gzinflate(base64_decode($row['content']))); + $stm2->execute(array($content, $id)); + } + + return true; + } catch (PDOException $e) { + return false; + } + return false; +} + +function newPdo() { + switch ($_SESSION['bd_type']) { + case 'mysql': + $str = 'mysql:host=' . $_SESSION['bd_host'] . ';dbname=' . $_SESSION['bd_base']; + $driver_options = array( + PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8', + ); + break; + case 'sqlite': + $str = 'sqlite:' . DATA_PATH . '/' . $_SESSION['bd_base'] . '.sqlite'; + $driver_options = array( + PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, + ); + break; + default: + return false; + } + return new PDO($str, $_SESSION['bd_user'], $_SESSION['bd_password'], $driver_options); +} + +function postUpdate() { + $c = newPdo(); + + if ($_SESSION['bd_type'] !== 'sqlite') { //No update for SQLite needed yet + $sql = sprintf(SQL_UPDATE_HISTORYv007b, $_SESSION['bd_prefix_user']); + $stm = $c->prepare($sql); + $stm->execute(); + + $sql = sprintf(SQL_UPDATE_CACHED_VALUES, $_SESSION['bd_prefix_user']); + $stm = $c->prepare($sql); + $stm->execute(); + } + + // + $sql = sprintf(SQL_GET_FEEDS, $_SESSION['bd_prefix_user']); + $stm = $c->prepare($sql); + $stm->execute(); + $res = $stm->fetchAll(PDO::FETCH_ASSOC); + foreach ($res as $feed) { + if (empty($feed['url'])) { + continue; + } + $hash = hash('crc32b', $_SESSION['salt'] . $feed['url']); + @file_put_contents(DATA_PATH . '/favicons/' . $hash . '.txt', + empty($feed['website']) ? $feed['url'] : $feed['website']); + } + // +} + +function deleteInstall () { + $res = unlink (DATA_PATH . 'do-install.txt'); + if ($res) { + header ('Location: index.php'); + } + + $needs = array('bd_type', 'bd_host', 'bd_base', 'bd_user', 'bd_password', 'bd_prefix'); + foreach ($needs as $need) { + if (!isset($_SESSION[$need])) { + return false; + } + } + + try { + $c = newPdo(); + $sql = sprintf(SQL_DROP_BACKUPv006, $_SESSION['bd_prefix']); + $stm = $c->prepare($sql); + $stm->execute(); + + return true; + } catch (PDOException $e) { + return false; + } + return false; +} + +function moveOldFiles() { + $mvs = array( + '/app/configuration/application.ini' => '/data/application.ini', //v0.6 + '/public/data/Configuration.array.php' => '/data/Configuration.array.php', //v0.6 + ); + $ok = true; + foreach ($mvs as $fFrom => $fTo) { + if (file_exists(FRESHRSS_PATH . $fFrom)) { + if (copy(FRESHRSS_PATH . $fFrom, FRESHRSS_PATH . $fTo)) { + @unlink(FRESHRSS_PATH . $fFrom); + } else { + $ok = false; + } + } + } + return $ok; +} + +function delTree($dir) { //http://php.net/rmdir#110489 + if (!is_dir($dir)) { + return true; + } + $files = array_diff(scandir($dir), array('.', '..')); + foreach ($files as $file) { + $f = $dir . '/' . $file; + if (is_dir($f)) { + @chmod($f, 0777); + delTree($f); + } + else unlink($f); + } + return rmdir($dir); +} + +/*** VÉRIFICATIONS ***/ +function checkStep () { + $s0 = checkStep0 (); + $s1 = checkStep1 (); + $s2 = checkStep2 (); + $s3 = checkStep3 (); + if (STEP > 0 && $s0['all'] != 'ok') { + header ('Location: index.php?step=0'); + } elseif (STEP > 1 && $s1['all'] != 'ok') { + header ('Location: index.php?step=1'); + } elseif (STEP > 2 && $s2['all'] != 'ok') { + header ('Location: index.php?step=2'); + } elseif (STEP > 3 && $s3['all'] != 'ok') { + header ('Location: index.php?step=3'); + } + $_SESSION['actualize_feeds'] = true; +} +function checkStep0 () { + moveOldFiles(); + + if (file_exists(DATA_PATH . '/config.php')) { + $ini_array = include(DATA_PATH . '/config.php'); + } elseif (file_exists(DATA_PATH . '/application.ini')) { //v0.6 + $ini_array = parse_ini_file(DATA_PATH . '/application.ini', true); + $ini_array['general']['title'] = empty($ini_array['general']['title']) ? '' : stripslashes($ini_array['general']['title']); + } else { + $ini_array = null; + } + + if ($ini_array) { + $ini_general = isset($ini_array['general']) ? $ini_array['general'] : null; + if ($ini_general) { + $keys = array('environment', 'salt', 'title', 'default_user', 'allow_anonymous', 'auth_type'); + foreach ($keys as $key) { + if ((empty($_SESSION[$key])) && isset($ini_general[$key])) { + $_SESSION[$key] = $ini_general[$key]; + } + } + } + $ini_db = isset($ini_array['db']) ? $ini_array['db'] : null; + if ($ini_db) { + $keys = array('type', 'host', 'user', 'password', 'base', 'prefix'); + foreach ($keys as $key) { + if ((!isset($_SESSION['bd_' . $key])) && isset($ini_db[$key])) { + $_SESSION['bd_' . $key] = $ini_db[$key]; + } + } + } + } + + if (isset($_SESSION['default_user']) && file_exists(DATA_PATH . '/' . $_SESSION['default_user'] . '_user.php')) { + $userConfig = include(DATA_PATH . '/' . $_SESSION['default_user'] . '_user.php'); + } elseif (file_exists(DATA_PATH . '/Configuration.array.php')) { + $userConfig = include(DATA_PATH . '/Configuration.array.php'); //v0.6 + if (empty($_SESSION['auth_type'])) { + $_SESSION['auth_type'] = empty($userConfig['mail_login']) ? 'none' : 'persona'; + } + if (!isset($_SESSION['allow_anonymous'])) { + $_SESSION['allow_anonymous'] = empty($userConfig['anon_access']) ? false : ($userConfig['anon_access'] === 'yes'); + } + } else { + $userConfig = array(); + } + if (empty($_SESSION['auth_type'])) { //v0.7b + $_SESSION['auth_type'] = ''; + } + + $keys = array('language', 'theme', 'old_entries', 'mail_login', 'passwordHash'); + foreach ($keys as $key) { + if ((!isset($_SESSION[$key])) && isset($userConfig[$key])) { + $_SESSION[$key] = $userConfig[$key]; + } + } + + $languages = availableLanguages (); + $language = isset ($_SESSION['language']) && + isset ($languages[$_SESSION['language']]); + + if (empty($_SESSION['passwordHash'])) { //v0.7b + $_SESSION['passwordHash'] = ''; + } + if (empty($_SESSION['theme'])) { + $_SESSION['theme'] = 'Origine'; + } else { + switch (strtolower($_SESSION['theme'])) { + case 'default': //v0.7b + $_SESSION['theme'] = 'Origine'; + break; + case 'flat-design': //v0.7b + $_SESSION['theme'] = 'Flat'; + break; + case 'default_dark': //v0.7b + $_SESSION['theme'] = 'Dark'; + break; + } + } + + return array ( + 'language' => $language ? 'ok' : 'ko', + 'all' => $language ? 'ok' : 'ko' + ); +} + +function checkStep1 () { + $php = version_compare (PHP_VERSION, '5.2.1') >= 0; + $minz = file_exists (LIB_PATH . '/Minz'); + $curl = extension_loaded ('curl'); + $pdo = extension_loaded ('pdo_mysql'); + $pcre = extension_loaded ('pcre'); + $ctype = extension_loaded ('ctype'); + $dom = class_exists('DOMDocument'); + $data = DATA_PATH && is_writable (DATA_PATH); + $cache = CACHE_PATH && is_writable (CACHE_PATH); + $log = LOG_PATH && is_writable (LOG_PATH); + $favicons = is_writable (DATA_PATH . '/favicons'); + $persona = is_writable (DATA_PATH . '/persona'); + + return array ( + 'php' => $php ? 'ok' : 'ko', + 'minz' => $minz ? 'ok' : 'ko', + 'curl' => $curl ? 'ok' : 'ko', + 'pdo-mysql' => $pdo ? 'ok' : 'ko', + 'pcre' => $pcre ? 'ok' : 'ko', + 'ctype' => $ctype ? 'ok' : 'ko', + 'dom' => $dom ? 'ok' : 'ko', + 'data' => $data ? 'ok' : 'ko', + 'cache' => $cache ? 'ok' : 'ko', + 'log' => $log ? 'ok' : 'ko', + 'favicons' => $favicons ? 'ok' : 'ko', + 'persona' => $persona ? 'ok' : 'ko', + 'all' => $php && $minz && $curl && $pdo && $pcre && $ctype && $dom && $data && $cache && $log && $favicons && $persona ? 'ok' : 'ko' + ); +} + +function checkStep2 () { + $conf = !empty($_SESSION['salt']) && + !empty($_SESSION['title']) && + !empty($_SESSION['old_entries']) && + isset($_SESSION['mail_login']) && + !empty($_SESSION['default_user']); + $defaultUser = empty($_POST['default_user']) ? null : $_POST['default_user']; + if ($defaultUser === null) { + $defaultUser = empty($_SESSION['default_user']) ? '' : $_SESSION['default_user']; + } + $data = is_writable(DATA_PATH . '/' . $defaultUser . '_user.php'); + if ($data) { + @unlink(DATA_PATH . '/Configuration.array.php'); //v0.6 + } + + return array ( + 'conf' => $conf ? 'ok' : 'ko', + 'data' => $data ? 'ok' : 'ko', + 'all' => $conf && $data ? 'ok' : 'ko' + ); +} +function checkStep3 () { + $conf = is_writable(DATA_PATH . '/config.php'); + + $bd = isset ($_SESSION['bd_type']) && + isset ($_SESSION['bd_host']) && + isset ($_SESSION['bd_user']) && + isset ($_SESSION['bd_password']) && + isset ($_SESSION['bd_base']) && + isset ($_SESSION['bd_prefix']) && + isset ($_SESSION['bd_error']); + $conn = empty($_SESSION['bd_error']); + + return array ( + 'bd' => $bd ? 'ok' : 'ko', + 'conn' => $conn ? 'ok' : 'ko', + 'conf' => $conf ? 'ok' : 'ko', + 'all' => $bd && $conn && $conf ? 'ok' : 'ko' + ); +} + +function checkBD () { + $ok = false; + + try { + $str = ''; + $driver_options = null; + switch ($_SESSION['bd_type']) { + case 'mysql': + $driver_options = array( + PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8' + ); + + try { // on ouvre une connexion juste pour créer la base si elle n'existe pas + $str = 'mysql:host=' . $_SESSION['bd_host'] . ';'; + $c = new PDO ($str, $_SESSION['bd_user'], $_SESSION['bd_password'], $driver_options); + $sql = sprintf (SQL_CREATE_DB, $_SESSION['bd_base']); + $res = $c->query ($sql); + } catch (PDOException $e) { + } + + // on écrase la précédente connexion en sélectionnant la nouvelle BDD + $str = 'mysql:host=' . $_SESSION['bd_host'] . ';dbname=' . $_SESSION['bd_base']; + break; + case 'sqlite': + $str = 'sqlite:' . DATA_PATH . '/' . $_SESSION['bd_base'] . '.sqlite'; + $driver_options = array( + PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, + ); + break; + default: + return false; + } + + $c = new PDO ($str, $_SESSION['bd_user'], $_SESSION['bd_password'], $driver_options); + + if ($_SESSION['bd_type'] !== 'sqlite') { //No SQL backup for SQLite + $stm = $c->prepare(SQL_SHOW_TABLES); + $stm->execute(); + $res = $stm->fetchAll(PDO::FETCH_COLUMN, 0); + if (in_array($_SESSION['bd_prefix'] . 'entry', $res) && !in_array($_SESSION['bd_prefix'] . 'entry006', $res)) { + $sql = sprintf(SQL_BACKUP006, $_SESSION['bd_prefix']); //v0.6 + $res = $c->query($sql); //Backup tables + } + } + + if (defined('SQL_CREATE_TABLES')) { + $sql = sprintf(SQL_CREATE_TABLES, $_SESSION['bd_prefix_user'], _t('default_category')); + $stm = $c->prepare($sql); + $ok = $stm->execute(); + } else { + global $SQL_CREATE_TABLES; + if (is_array($SQL_CREATE_TABLES)) { + $ok = true; + foreach ($SQL_CREATE_TABLES as $instruction) { + $sql = sprintf($instruction, $_SESSION['bd_prefix_user'], _t('default_category')); + $stm = $c->prepare($sql); + $ok &= $stm->execute(); + } + } + } + } catch (PDOException $e) { + $ok = false; + $_SESSION['bd_error'] = $e->getMessage(); + } + + if (!$ok) { + @unlink(DATA_PATH . '/config.php'); + } + + return $ok; +} + +/*** AFFICHAGE ***/ +function printStep0 () { + global $actual; +?> + +

+ + +
+ +
+ +
+ +
+
+ +
+
+ + + + + +
+
+
+ + + + +

+ +

+ + + +

+ +

+ + + +

+ +

+ + + + +

+ +

+ + + +

+ +

+ + + +

+ +

+ + + +

+ +

+ + + +

+ +

+ + + +

+ +

+ + + +

+ +

+ + + +

+ +

+ + + +

+ +

+ + + + + +

+ + + +

+ + +
+ + +
+ +
+ +
+
+ +
+ +
+ +
+
+ +
+ +
+ +
+
+ +
+ +
+ +
+
+ +
+ +
+ + +
+
+ +
+ +
+ + +
+
+ +
+
+ + + + + +
+
+
+ + +

+ +

+ + +
+ +
+ +
+ +
+
+ +
+ +
+ +
+
+ +
+ +
+ +
+
+ +
+ +
+ +
+
+ +
+ +
+ +
+
+ +
+ +
+ +
+
+ +
+
+ + + + + +
+
+
+ +
+ + + +

+ +
+
+ + +
+
+ + +

+ +
+
+ +
+
+ +
+ +

+ + +

+ + + + + + + <?php echo _t ('freshrss_installation'); ?> + + + + + +
+
+

+

+
+
+ +
+
    +
    • +
    • +
    • +
    • +
    • +
    • +
    • +
+ +
+ +
+
+ + diff --git a/data/do-install.txt b/data/do-install.txt new file mode 100644 index 000000000..e69de29bb diff --git a/p/i/index.php b/p/i/index.php index 4afffb3dd..7b34eefd1 100755 --- a/p/i/index.php +++ b/p/i/index.php @@ -18,12 +18,12 @@ # # ***** END LICENSE BLOCK ***** -if (file_exists ('install.php')) { - require('install.php'); -} else { - require('../../constants.php'); - require(LIB_PATH . '/lib_rss.php'); //Includes class autoloader +require('../../constants.php'); +require(LIB_PATH . '/lib_rss.php'); //Includes class autoloader +if (file_exists(DATA_PATH . '/do-install.txt')) { + require(APP_PATH . '/install.php'); +} else { session_cache_limiter(''); Minz_Session::init('FreshRSS'); Minz_Session::_param('keepAlive', 1); //For Persona @@ -42,11 +42,11 @@ if (file_exists ('install.php')) { try { $front_controller = new FreshRSS(); - $front_controller->init (); - $front_controller->run (); + $front_controller->init(); + $front_controller->run(); } catch (Exception $e) { echo '### Fatal error! ###
', "\n"; - Minz_Log::record ($e->getMessage (), Minz_Log::ERROR); + Minz_Log::record($e->getMessage(), Minz_Log::ERROR); echo 'See logs files.'; } } diff --git a/p/i/install.php b/p/i/install.php deleted file mode 100644 index bc9483f73..000000000 --- a/p/i/install.php +++ /dev/null @@ -1,1084 +0,0 @@ - -define('SQL_SHOW_TABLES', 'SHOW tables;'); - -define('SQL_BACKUP006', 'RENAME TABLE `%1$scategory` TO `%1$scategory006`, `%1$sfeed` TO `%1$sfeed006`, `%1$sentry` TO `%1$sentry006`;'); - -define('SQL_SHOW_COLUMNS_UPDATEv006', 'SHOW columns FROM `%1$sentry006` LIKE "id2";'); - -define('SQL_UPDATEv006', ' -ALTER TABLE `%1$scategory006` ADD id2 SMALLINT; - -SET @i = 0; -UPDATE `%1$scategory006` SET id2=(@i:=@i+1) ORDER BY id; - -ALTER TABLE `%1$sfeed006` ADD id2 SMALLINT, ADD category2 SMALLINT; - -SET @i = 0; -UPDATE `%1$sfeed006` SET id2=(@i:=@i+1) ORDER BY name; - -UPDATE `%1$sfeed006` f -INNER JOIN `%1$scategory006` c ON f.category = c.id -SET f.category2 = c.id2; - -INSERT IGNORE INTO `%2$scategory` (name) -SELECT name -FROM `%1$scategory006` -ORDER BY id2; - -INSERT IGNORE INTO `%2$sfeed` (url, category, name, website, description, priority, pathEntries, httpAuth, keep_history) -SELECT url, category2, name, website, description, priority, pathEntries, httpAuth, IF(keep_history = 1, -1, -2) -FROM `%1$sfeed006` -ORDER BY id2; - -ALTER TABLE `%1$sentry006` ADD id2 bigint; - -UPDATE `%1$sentry006` SET id2 = ((date * 1000000) + (rand() * 100000000)); - -INSERT IGNORE INTO `%2$sentry` (id, guid, title, author, link, date, is_read, is_favorite, id_feed, tags) -SELECT e0.id2, e0.guid, e0.title, e0.author, e0.link, e0.date, e0.is_read, e0.is_favorite, f0.id2, e0.tags -FROM `%1$sentry006` e0 -INNER JOIN `%1$sfeed006` f0 ON e0.id_feed = f0.id; -'); - -define('SQL_CONVERT_SELECTv006', ' -SELECT e0.id2, e0.content -FROM `%1$sentry006` e0 -INNER JOIN `%2$sentry` e1 ON e0.id2 = e1.id -WHERE e1.content_bin IS NULL'); - -define('SQL_CONVERT_UPDATEv006', 'UPDATE `%1$sentry` SET content_bin=COMPRESS(?) WHERE id=?;'); - -define('SQL_DROP_BACKUPv006', 'DROP TABLE IF EXISTS `%1$sentry006`, `%1$sfeed006`, `%1$scategory006`;'); - -define('SQL_UPDATE_CACHED_VALUES', ' -UPDATE `%1$sfeed` f -INNER JOIN ( - SELECT e.id_feed, - COUNT(CASE WHEN e.is_read = 0 THEN 1 END) AS nbUnreads, - COUNT(e.id) AS nbEntries - FROM `%1$sentry` e - GROUP BY e.id_feed -) x ON x.id_feed=f.id -SET f.cache_nbEntries=x.nbEntries, f.cache_nbUnreads=x.nbUnreads -'); - -define('SQL_UPDATE_HISTORYv007b', 'UPDATE `%1$sfeed` SET keep_history = CASE WHEN keep_history = 0 THEN -2 WHEN keep_history = 1 THEN -1 ELSE keep_history END;'); - -define('SQL_GET_FEEDS', 'SELECT id, url, website FROM `%1$sfeed`;'); -// - -// gestion internationalisation -$translates = array (); -$actual = 'en'; -function initTranslate () { - global $translates; - global $actual; - - $actual = isset($_SESSION['language']) ? $_SESSION['language'] : getBetterLanguage('en'); - - $file = APP_PATH . '/i18n/' . $actual . '.php'; - if (file_exists($file)) { - $translates = array_merge($translates, include($file)); - } - - $file = APP_PATH . '/i18n/install.' . $actual . '.php'; - if (file_exists($file)) { - $translates = array_merge($translates, include($file)); - } -} - -function getBetterLanguage ($fallback) { - $available = availableLanguages (); - $accept = $_SERVER['HTTP_ACCEPT_LANGUAGE']; - $language = strtolower (substr ($accept, 0, 2)); - - if (isset ($available[$language])) { - return $language; - } else { - return $fallback; - } -} -function availableLanguages () { - return array ( - 'en' => 'English', - 'fr' => 'Français' - ); -} -function _t ($key) { - global $translates; - $translate = $key; - if (isset ($translates[$key])) { - $translate = $translates[$key]; - } - - $args = func_get_args (); - unset($args[0]); - - return vsprintf ($translate, $args); -} - -/*** SAUVEGARDES ***/ -function saveLanguage () { - if (!empty ($_POST)) { - if (!isset ($_POST['language'])) { - return false; - } - - $_SESSION['language'] = $_POST['language']; - - header ('Location: index.php?step=1'); - } -} -function saveStep2 () { - if (!empty ($_POST)) { - if (empty ($_POST['title']) || - empty ($_POST['old_entries']) || - empty ($_POST['auth_type']) || - empty ($_POST['default_user'])) { - return false; - } - - $_SESSION['salt'] = sha1(uniqid(mt_rand(), true).implode('', stat(__FILE__))); - $_SESSION['title'] = substr(trim($_POST['title']), 0, 25); - $_SESSION['old_entries'] = $_POST['old_entries']; - if ((!ctype_digit($_SESSION['old_entries'])) || ($_SESSION['old_entries'] < 1)) { - $_SESSION['old_entries'] = 3; - } - $_SESSION['mail_login'] = filter_var($_POST['mail_login'], FILTER_VALIDATE_EMAIL); - $_SESSION['default_user'] = substr(preg_replace('/[^a-zA-Z0-9]/', '', $_POST['default_user']), 0, 16); - $_SESSION['auth_type'] = $_POST['auth_type']; - if (!empty($_POST['passwordPlain'])) { - if (!function_exists('password_hash')) { - include_once(LIB_PATH . '/password_compat.php'); - } - $passwordHash = password_hash($_POST['passwordPlain'], PASSWORD_BCRYPT, array('cost' => BCRYPT_COST)); - $passwordHash = preg_replace('/^\$2[xy]\$/', '\$2a\$', $passwordHash); //Compatibility with bcrypt.js - $_SESSION['passwordHash'] = $passwordHash; - } - - $token = ''; - if ($_SESSION['mail_login']) { - $token = sha1($_SESSION['salt'] . $_SESSION['mail_login']); - } - - $config_array = array ( - 'language' => $_SESSION['language'], - 'theme' => $_SESSION['theme'], - 'old_entries' => $_SESSION['old_entries'], - 'mail_login' => $_SESSION['mail_login'], - 'passwordHash' => $_SESSION['passwordHash'], - 'token' => $token, - ); - - $configPath = DATA_PATH . '/' . $_SESSION['default_user'] . '_user.php'; - @unlink($configPath); //To avoid access-rights problems - file_put_contents($configPath, " array( - 'environment' => empty($_SESSION['environment']) ? 'production' : $_SESSION['environment'], - 'salt' => $_SESSION['salt'], - 'base_url' => '', - 'title' => $_SESSION['title'], - 'default_user' => $_SESSION['default_user'], - 'auth_type' => $_SESSION['auth_type'], - 'allow_anonymous' => isset($_SESSION['allow_anonymous']) ? $_SESSION['allow_anonymous'] : false, - 'allow_anonymous_refresh' => false, - 'unsafe_autologin_enabled' => false, - 'api_enabled' => false, - ), - 'db' => array( - 'type' => $_SESSION['bd_type'], - 'host' => $_SESSION['bd_host'], - 'user' => $_SESSION['bd_user'], - 'password' => $_SESSION['bd_password'], - 'base' => $_SESSION['bd_base'], - 'prefix' => $_SESSION['bd_prefix'], - ), - ); - - @unlink(DATA_PATH . '/config.php'); //To avoid access-rights problems - file_put_contents(DATA_PATH . '/config.php', " 'SET NAMES utf8', - ); - break; - case 'sqlite': - $str = 'sqlite:' . DATA_PATH . $_SESSION['bd_base'] . '.sqlite'; - $driver_options = null; - break; - default: - return false; - } - - $c = new PDO($str, $_SESSION['bd_user'], $_SESSION['bd_password'], $driver_options); - - $stm = $c->prepare(SQL_SHOW_TABLES); - $stm->execute(); - $res = $stm->fetchAll(PDO::FETCH_COLUMN, 0); - if (!in_array($_SESSION['bd_prefix'] . 'entry006', $res)) { - return false; - } - - $sql = sprintf(SQL_SHOW_COLUMNS_UPDATEv006, $_SESSION['bd_prefix']); - $stm = $c->prepare($sql); - $stm->execute(); - $res = $stm->fetchAll(PDO::FETCH_COLUMN, 0); - if (!in_array('id2', $res)) { - if (!$perform) { - return true; - } - $sql = sprintf(SQL_UPDATEv006, $_SESSION['bd_prefix'], $_SESSION['bd_prefix_user']); - $stm = $c->prepare($sql, array(PDO::ATTR_EMULATE_PREPARES => true)); - $stm->execute(); - } - - $sql = sprintf(SQL_CONVERT_SELECTv006, $_SESSION['bd_prefix'], $_SESSION['bd_prefix_user']); - if (!$perform) { - $sql .= ' LIMIT 1'; - } - $stm = $c->prepare($sql); - $stm->execute(); - if (!$perform) { - $res = $stm->fetchAll(PDO::FETCH_COLUMN, 0); - return count($res) > 0; - } else { - @set_time_limit(300); - } - - $c2 = new PDO($str, $_SESSION['bd_user'], $_SESSION['bd_password'], $driver_options); - $sql = sprintf(SQL_CONVERT_UPDATEv006, $_SESSION['bd_prefix_user']); - $stm2 = $c2->prepare($sql); - while ($row = $stm->fetch(PDO::FETCH_ASSOC)) { - $id = $row['id2']; - $content = unserialize(gzinflate(base64_decode($row['content']))); - $stm2->execute(array($content, $id)); - } - - return true; - } catch (PDOException $e) { - return false; - } - return false; -} - -function newPdo() { - switch ($_SESSION['bd_type']) { - case 'mysql': - $str = 'mysql:host=' . $_SESSION['bd_host'] . ';dbname=' . $_SESSION['bd_base']; - $driver_options = array( - PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8', - ); - break; - case 'sqlite': - $str = 'sqlite:' . DATA_PATH . $_SESSION['bd_base'] . '.sqlite'; - $driver_options = null; - break; - default: - return false; - } - return new PDO($str, $_SESSION['bd_user'], $_SESSION['bd_password'], $driver_options); -} - -function postUpdate() { - $c = newPdo(); - - $sql = sprintf(SQL_UPDATE_HISTORYv007b, $_SESSION['bd_prefix_user']); - $stm = $c->prepare($sql); - $stm->execute(); - - $sql = sprintf(SQL_UPDATE_CACHED_VALUES, $_SESSION['bd_prefix_user']); - $stm = $c->prepare($sql); - $stm->execute(); - - // - $sql = sprintf(SQL_GET_FEEDS, $_SESSION['bd_prefix_user']); - $stm = $c->prepare($sql); - $stm->execute(); - $res = $stm->fetchAll(PDO::FETCH_ASSOC); - foreach ($res as $feed) { - if (empty($feed['url'])) { - continue; - } - $hash = hash('crc32b', $_SESSION['salt'] . $feed['url']); - @file_put_contents(DATA_PATH . '/favicons/' . $hash . '.txt', - empty($feed['website']) ? $feed['url'] : $feed['website']); - } - // -} - -function deleteInstall () { - $res = unlink (INDEX_PATH . '/install.php'); - if ($res) { - header ('Location: index.php'); - } - - $needs = array('bd_type', 'bd_host', 'bd_base', 'bd_user', 'bd_password', 'bd_prefix'); - foreach ($needs as $need) { - if (!isset($_SESSION[$need])) { - return false; - } - } - - try { - $c = newPdo(); - $sql = sprintf(SQL_DROP_BACKUPv006, $_SESSION['bd_prefix']); - $stm = $c->prepare($sql); - $stm->execute(); - - return true; - } catch (PDOException $e) { - return false; - } - return false; -} - -function moveOldFiles() { - $mvs = array( - '/app/configuration/application.ini' => '/data/application.ini', //v0.6 - '/public/data/Configuration.array.php' => '/data/Configuration.array.php', //v0.6 - ); - $ok = true; - foreach ($mvs as $fFrom => $fTo) { - if (file_exists(FRESHRSS_PATH . $fFrom)) { - if (copy(FRESHRSS_PATH . $fFrom, FRESHRSS_PATH . $fTo)) { - @unlink(FRESHRSS_PATH . $fFrom); - } else { - $ok = false; - } - } - } - return $ok; -} - -function delTree($dir) { //http://php.net/rmdir#110489 - if (!is_dir($dir)) { - return true; - } - $files = array_diff(scandir($dir), array('.', '..')); - foreach ($files as $file) { - $f = $dir . '/' . $file; - if (is_dir($f)) { - @chmod($f, 0777); - delTree($f); - } - else unlink($f); - } - return rmdir($dir); -} - -/*** VÉRIFICATIONS ***/ -function checkStep () { - $s0 = checkStep0 (); - $s1 = checkStep1 (); - $s2 = checkStep2 (); - $s3 = checkStep3 (); - if (STEP > 0 && $s0['all'] != 'ok') { - header ('Location: index.php?step=0'); - } elseif (STEP > 1 && $s1['all'] != 'ok') { - header ('Location: index.php?step=1'); - } elseif (STEP > 2 && $s2['all'] != 'ok') { - header ('Location: index.php?step=2'); - } elseif (STEP > 3 && $s3['all'] != 'ok') { - header ('Location: index.php?step=3'); - } - $_SESSION['actualize_feeds'] = true; -} -function checkStep0 () { - moveOldFiles(); - - if (file_exists(DATA_PATH . '/config.php')) { - $ini_array = include(DATA_PATH . '/config.php'); - } elseif (file_exists(DATA_PATH . '/application.ini')) { //v0.6 - $ini_array = parse_ini_file(DATA_PATH . '/application.ini', true); - $ini_array['general']['title'] = empty($ini_array['general']['title']) ? '' : stripslashes($ini_array['general']['title']); - } else { - $ini_array = null; - } - - if ($ini_array) { - $ini_general = isset($ini_array['general']) ? $ini_array['general'] : null; - if ($ini_general) { - $keys = array('environment', 'salt', 'title', 'default_user', 'allow_anonymous', 'auth_type'); - foreach ($keys as $key) { - if ((empty($_SESSION[$key])) && isset($ini_general[$key])) { - $_SESSION[$key] = $ini_general[$key]; - } - } - } - $ini_db = isset($ini_array['db']) ? $ini_array['db'] : null; - if ($ini_db) { - $keys = array('type', 'host', 'user', 'password', 'base', 'prefix'); - foreach ($keys as $key) { - if ((!isset($_SESSION['bd_' . $key])) && isset($ini_db[$key])) { - $_SESSION['bd_' . $key] = $ini_db[$key]; - } - } - } - } - - if (isset($_SESSION['default_user']) && file_exists(DATA_PATH . '/' . $_SESSION['default_user'] . '_user.php')) { - $userConfig = include(DATA_PATH . '/' . $_SESSION['default_user'] . '_user.php'); - } elseif (file_exists(DATA_PATH . '/Configuration.array.php')) { - $userConfig = include(DATA_PATH . '/Configuration.array.php'); //v0.6 - if (empty($_SESSION['auth_type'])) { - $_SESSION['auth_type'] = empty($userConfig['mail_login']) ? 'none' : 'persona'; - } - if (!isset($_SESSION['allow_anonymous'])) { - $_SESSION['allow_anonymous'] = empty($userConfig['anon_access']) ? false : ($userConfig['anon_access'] === 'yes'); - } - } else { - $userConfig = array(); - } - if (empty($_SESSION['auth_type'])) { //v0.7b - $_SESSION['auth_type'] = ''; - } - - $keys = array('language', 'theme', 'old_entries', 'mail_login', 'passwordHash'); - foreach ($keys as $key) { - if ((!isset($_SESSION[$key])) && isset($userConfig[$key])) { - $_SESSION[$key] = $userConfig[$key]; - } - } - - $languages = availableLanguages (); - $language = isset ($_SESSION['language']) && - isset ($languages[$_SESSION['language']]); - - if (empty($_SESSION['passwordHash'])) { //v0.7b - $_SESSION['passwordHash'] = ''; - } - if (empty($_SESSION['theme'])) { - $_SESSION['theme'] = 'Origine'; - } else { - switch (strtolower($_SESSION['theme'])) { - case 'default': //v0.7b - $_SESSION['theme'] = 'Origine'; - break; - case 'flat-design': //v0.7b - $_SESSION['theme'] = 'Flat'; - break; - case 'default_dark': //v0.7b - $_SESSION['theme'] = 'Dark'; - break; - } - } - - return array ( - 'language' => $language ? 'ok' : 'ko', - 'all' => $language ? 'ok' : 'ko' - ); -} - -function checkStep1 () { - $php = version_compare (PHP_VERSION, '5.2.1') >= 0; - $minz = file_exists (LIB_PATH . '/Minz'); - $curl = extension_loaded ('curl'); - $pdo = extension_loaded ('pdo_mysql'); - $pcre = extension_loaded ('pcre'); - $ctype = extension_loaded ('ctype'); - $dom = class_exists('DOMDocument'); - $data = DATA_PATH && is_writable (DATA_PATH); - $cache = CACHE_PATH && is_writable (CACHE_PATH); - $log = LOG_PATH && is_writable (LOG_PATH); - $favicons = is_writable (DATA_PATH . '/favicons'); - $persona = is_writable (DATA_PATH . '/persona'); - - return array ( - 'php' => $php ? 'ok' : 'ko', - 'minz' => $minz ? 'ok' : 'ko', - 'curl' => $curl ? 'ok' : 'ko', - 'pdo-mysql' => $pdo ? 'ok' : 'ko', - 'pcre' => $pcre ? 'ok' : 'ko', - 'ctype' => $ctype ? 'ok' : 'ko', - 'dom' => $dom ? 'ok' : 'ko', - 'data' => $data ? 'ok' : 'ko', - 'cache' => $cache ? 'ok' : 'ko', - 'log' => $log ? 'ok' : 'ko', - 'favicons' => $favicons ? 'ok' : 'ko', - 'persona' => $persona ? 'ok' : 'ko', - 'all' => $php && $minz && $curl && $pdo && $pcre && $ctype && $dom && $data && $cache && $log && $favicons && $persona ? 'ok' : 'ko' - ); -} - -function checkStep2 () { - $conf = !empty($_SESSION['salt']) && - !empty($_SESSION['title']) && - !empty($_SESSION['old_entries']) && - isset($_SESSION['mail_login']) && - !empty($_SESSION['default_user']); - $defaultUser = empty($_POST['default_user']) ? null : $_POST['default_user']; - if ($defaultUser === null) { - $defaultUser = empty($_SESSION['default_user']) ? '' : $_SESSION['default_user']; - } - $data = is_writable(DATA_PATH . '/' . $defaultUser . '_user.php'); - if ($data) { - @unlink(DATA_PATH . '/Configuration.array.php'); //v0.6 - } - - return array ( - 'conf' => $conf ? 'ok' : 'ko', - 'data' => $data ? 'ok' : 'ko', - 'all' => $conf && $data ? 'ok' : 'ko' - ); -} -function checkStep3 () { - $conf = is_writable(DATA_PATH . '/config.php'); - - $bd = isset ($_SESSION['bd_type']) && - isset ($_SESSION['bd_host']) && - isset ($_SESSION['bd_user']) && - isset ($_SESSION['bd_password']) && - isset ($_SESSION['bd_base']) && - isset ($_SESSION['bd_prefix']) && - isset ($_SESSION['bd_error']); - $conn = empty($_SESSION['bd_error']); - - return array ( - 'bd' => $bd ? 'ok' : 'ko', - 'conn' => $conn ? 'ok' : 'ko', - 'conf' => $conf ? 'ok' : 'ko', - 'all' => $bd && $conn && $conf ? 'ok' : 'ko' - ); -} - -function checkBD () { - $ok = false; - - try { - $str = ''; - $driver_options = null; - switch ($_SESSION['bd_type']) { - case 'mysql': - $driver_options = array( - PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8' - ); - - try { // on ouvre une connexion juste pour créer la base si elle n'existe pas - $str = 'mysql:host=' . $_SESSION['bd_host'] . ';'; - $c = new PDO ($str, $_SESSION['bd_user'], $_SESSION['bd_password'], $driver_options); - $sql = sprintf (SQL_CREATE_DB, $_SESSION['bd_base']); - $res = $c->query ($sql); - } catch (PDOException $e) { - } - - // on écrase la précédente connexion en sélectionnant la nouvelle BDD - $str = 'mysql:host=' . $_SESSION['bd_host'] . ';dbname=' . $_SESSION['bd_base']; - break; - case 'sqlite': - $str = 'sqlite:' . DATA_PATH . $_SESSION['bd_base'] . '.sqlite'; - break; - default: - return false; - } - - $c = new PDO ($str, $_SESSION['bd_user'], $_SESSION['bd_password'], $driver_options); - - $stm = $c->prepare(SQL_SHOW_TABLES); - $stm->execute(); - $res = $stm->fetchAll(PDO::FETCH_COLUMN, 0); - if (in_array($_SESSION['bd_prefix'] . 'entry', $res) && !in_array($_SESSION['bd_prefix'] . 'entry006', $res)) { - $sql = sprintf(SQL_BACKUP006, $_SESSION['bd_prefix']); //v0.6 - $res = $c->query($sql); //Backup tables - } - - $sql = sprintf(SQL_CREATE_TABLES, $_SESSION['bd_prefix_user']); - $stm = $c->prepare($sql, array(PDO::ATTR_EMULATE_PREPARES => true)); - $values = array( - 'catName' => _t('default_category'), - ); - $ok = $stm->execute($values); - } catch (PDOException $e) { - $ok = false; - $_SESSION['bd_error'] = $e->getMessage(); - } - - if (!$ok) { - @unlink(DATA_PATH . '/config.php'); - } - - return $ok; -} - -/*** AFFICHAGE ***/ -function printStep0 () { - global $actual; -?> - -

- - -
- -
- -
- -
-
- -
-
- - - - - -
-
-
- - - - -

- -

- - - -

- -

- - - -

- -

- - - - -

- -

- - - -

- -

- - - -

- -

- - - -

- -

- - - -

- -

- - - -

- -

- - - -

- -

- - - -

- -

- - - -

- -

- - - - - -

- - - -

- - -
- - -
- -
- -
-
- -
- -
- -
-
- -
- -
- -
-
- -
- -
- -
-
- -
- -
- - -
-
- -
- -
- - -
-
- -
-
- - - - - -
-
-
- - -

- -

- - -
- -
- -
- -
-
- -
- -
- -
-
- -
- -
- -
-
- -
- -
- -
-
- -
- -
- -
-
- -
- -
- -
-
- -
-
- - - - - -
-
-
- -
- - - -

- -
-
- - -
-
- - -

- -
-
- -
-
- -
- -

- - -

- - - - - - - <?php echo _t ('freshrss_installation'); ?> - - - - - -
-
-

-

-
-
- -
-
    -
    • -
    • -
    • -
    • -
    • -
    • -
    • -
- -
- -
-
- - -- cgit v1.2.3 From ee1b8f6f72e8c2cbd3e0ad7b4322a4bb6863c028 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Wed, 13 Aug 2014 00:09:48 +0200 Subject: Long term cookie to keep session open Token system https://github.com/marienfressinaud/FreshRSS/issues/465 --- app/Controllers/indexController.php | 41 +++++++++++++++++++++++++++++-------- app/FreshRSS.php | 28 ++++++++++++++++++++++--- data/tokens/.gitignore | 1 + data/tokens/index.html | 13 ++++++++++++ lib/Minz/Session.php | 19 ++++++++++++----- 5 files changed, 86 insertions(+), 16 deletions(-) create mode 100644 data/tokens/.gitignore create mode 100644 data/tokens/index.html (limited to 'data') diff --git a/app/Controllers/indexController.php b/app/Controllers/indexController.php index b907c8eed..dd5b91e47 100755 --- a/app/Controllers/indexController.php +++ b/app/Controllers/indexController.php @@ -295,10 +295,39 @@ class FreshRSS_index_Controller extends Minz_ActionController { Minz_Session::_param('passwordHash'); } + private static function makeLongTermCookie($username, $passwordHash) { + do { + $token = sha1(Minz_Configuration::salt() . $username . uniqid(mt_rand(), true)); + $tokenFile = DATA_PATH . '/tokens/' . $token . '.txt'; + } while (file_exists($tokenFile)); + if (@file_put_contents($tokenFile, $username . "\t" . $passwordHash) === false) { + return false; + } + $expire = time() + 2629744; //1 month //TODO: Use a configuration instead + Minz_Session::setLongTermCookie('FreshRSS_login', $token, $expire); + Minz_Session::_param('token', $token); + return $token; + } + + private static function deleteLongTermCookie() { + Minz_Session::deleteLongTermCookie('FreshRSS_login'); + $token = Minz_Session::param('token', null); + if (ctype_alnum($token)) { + @unlink(DATA_PATH . '/tokens/' . $token . '.txt'); + } + Minz_Session::_param('token'); + if (rand(0, 10) === 1) { + self::purgeTokens(); + } + } + + private static function purgeTokens() { + //TODO: Delete old token files + } + public function formLoginAction () { if (Minz_Request::isPost()) { $ok = false; - $keep_logged_in = Minz_Request::param('keep_logged_in', false); $nonce = Minz_Session::param('nonce'); $username = Minz_Request::param('username', ''); $c = Minz_Request::param('challenge', ''); @@ -313,10 +342,8 @@ class FreshRSS_index_Controller extends Minz_ActionController { if ($ok) { Minz_Session::_param('currentUser', $username); Minz_Session::_param('passwordHash', $s); - if ($keep_logged_in) { - // New cookie with a lifetime of 1 month. - Minz_Session::keepCookie(2592000); - Minz_Session::regenerateID(); + if (Minz_Request::param('keep_logged_in', false)) { + self::makeLongTermCookie($username, $s); } } else { Minz_Log::record('Password mismatch for user ' . $username . ', nonce=' . $nonce . ', c=' . $c, Minz_Log::WARNING); @@ -377,9 +404,7 @@ class FreshRSS_index_Controller extends Minz_ActionController { Minz_Session::_param('currentUser'); Minz_Session::_param('mail'); Minz_Session::_param('passwordHash'); - Minz_Session::keepCookie(0); - Minz_Session::regenerateID(); - + self::deleteLongTermCookie(); Minz_Request::forward(array('c' => 'index', 'a' => 'index'), true); } } diff --git a/app/FreshRSS.php b/app/FreshRSS.php index 7c333b090..30f711e20 100644 --- a/app/FreshRSS.php +++ b/app/FreshRSS.php @@ -20,13 +20,35 @@ class FreshRSS extends Minz_FrontController { $this->loadNotifications(); } + private static function getCredentialsFromLongTermCookie() { + $token = Minz_Session::getLongTermCookie('FreshRSS_login'); + if (!ctype_alnum($token)) { + return array(); + } + $tokenFile = DATA_PATH . '/tokens/' . $token . '.txt'; + $mtime = @filemtime($tokenFile); + if ($mtime + 2629744 < time()) { //1 month //TODO: Use a configuration instead + @unlink($tokenFile); + return array(); //Expired or token does not exist + } + $credentials = @file_get_contents($tokenFile); + return $credentials === false ? array() : explode("\t", $credentials, 2); + } + private function accessControl($currentUser) { if ($currentUser == '') { switch (Minz_Configuration::authType()) { case 'form': - $currentUser = Minz_Configuration::defaultUser(); - Minz_Session::_param('passwordHash'); - $loginOk = false; + $credentials = self::getCredentialsFromLongTermCookie(); + if (isset($credentials[1])) { + $currentUser = trim($credentials[0]); + Minz_Session::_param('passwordHash', trim($credentials[1])); + } + $loginOk = $currentUser != ''; + if (!$loginOk) { + $currentUser = Minz_Configuration::defaultUser(); + Minz_Session::_param('passwordHash'); + } break; case 'http_auth': $currentUser = httpAuthUser(); diff --git a/data/tokens/.gitignore b/data/tokens/.gitignore new file mode 100644 index 000000000..2211df63d --- /dev/null +++ b/data/tokens/.gitignore @@ -0,0 +1 @@ +*.txt diff --git a/data/tokens/index.html b/data/tokens/index.html new file mode 100644 index 000000000..85faaa37e --- /dev/null +++ b/data/tokens/index.html @@ -0,0 +1,13 @@ + + + + + +Redirection + + + + +

Redirection

+ + diff --git a/lib/Minz/Session.php b/lib/Minz/Session.php index 906acc03c..af4de75bb 100644 --- a/lib/Minz/Session.php +++ b/lib/Minz/Session.php @@ -65,11 +65,8 @@ class Minz_Session { * @param $l la durée de vie */ public static function keepCookie($l) { - $cookie_dir = dirname( - empty($_SERVER['REQUEST_URI']) ? '' : $_SERVER['REQUEST_URI'] - ) . '/'; - session_set_cookie_params($l, $cookie_dir, $_SERVER['HTTP_HOST'], - false, true); + $cookie_dir = empty($_SERVER['REQUEST_URI']) ? '' : $_SERVER['REQUEST_URI']; + session_set_cookie_params($l, $cookie_dir, '', false, true); } @@ -81,4 +78,16 @@ class Minz_Session { session_regenerate_id(true); } + public static function deleteLongTermCookie($name) { + setcookie($name, '', 1, '', '', false, true); + } + + public static function setLongTermCookie($name, $value, $expire) { + setcookie($name, $value, $expire, '', '', false, true); + } + + public static function getLongTermCookie($name) { + return isset($_COOKIE[$name]) ? $_COOKIE[$name] : null; + } + } -- cgit v1.2.3 From 4989302447b23d76429ad98d93900e3e1350bb06 Mon Sep 17 00:00:00 2001 From: Marien Fressinaud Date: Mon, 8 Sep 2014 20:19:40 +0200 Subject: Add last_update.txt in .gitignore See https://github.com/marienfressinaud/FreshRSS/issues/411 --- data/.gitignore | 1 + 1 file changed, 1 insertion(+) (limited to 'data') diff --git a/data/.gitignore b/data/.gitignore index afb16d9aa..b1cc0121a 100644 --- a/data/.gitignore +++ b/data/.gitignore @@ -6,3 +6,4 @@ touch.txt no-cache.txt *.bak.php *.lock.txt +last_update.txt -- cgit v1.2.3 From ab986b21b9c5d733321619f247ab172ec5d60f3f Mon Sep 17 00:00:00 2001 From: Marien Fressinaud Date: Thu, 25 Sep 2014 11:57:05 +0200 Subject: CHANGELOG --- CHANGELOG | 16 ++++++++++++++++ data/.gitignore | 1 + 2 files changed, 17 insertions(+) (limited to 'data') diff --git a/CHANGELOG b/CHANGELOG index 5f7d79e7e..d7de86d9b 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -2,8 +2,24 @@ ## 2014-09-xx FreshRSS 0.8.0 +* UI + * New interface for statistics + * Fix filter buttons + * Number of articles divided by 2 in reading view + * Redesign of bigMarkAsRead * Features * New automatic update system + * New reset auth system +* Security + * "Mark as read" requires POST requests for several articles + * Test HTTP REFERER in install.php +* Configuration + * New "Show all articles" / "Show only unread" / "Adjust viewing" option + * New notification timeout option +* Misc. + * Improve coding style + comments + * Fix SQLite bug "ON DELETE CASCADE" + * Improve performance when importing articles ## 2014-08-24 FreshRSS 0.7.4 diff --git a/data/.gitignore b/data/.gitignore index b1cc0121a..325fa75c6 100644 --- a/data/.gitignore +++ b/data/.gitignore @@ -7,3 +7,4 @@ no-cache.txt *.bak.php *.lock.txt last_update.txt +update.php -- cgit v1.2.3 From b5bee8560345e4123432a8bd3bcd63b938549ef9 Mon Sep 17 00:00:00 2001 From: Marien Fressinaud Date: Sun, 21 Dec 2014 13:10:02 +0100 Subject: BREAKING FEATURE: move user data - Create ./data/users/ folder - Move user configuration to ./data/users/username/config.php - Move sqlite db to ./data/users/username/db.sqlite - Move user logs to ./data/users/username/log.txt See https://github.com/FreshRSS/FreshRSS/issues/729 --- app/Controllers/userController.php | 15 ++++++++------- app/Models/Configuration.php | 4 ++-- app/Models/LogDAO.php | 4 ++-- app/Models/UserDAO.php | 8 ++++---- data/.gitignore | 1 - data/log/.gitignore | 1 - data/log/index.html | 13 ------------- data/users/.gitignore | 4 ++++ data/users/index.html | 13 +++++++++++++ lib/Minz/Log.php | 2 +- lib/Minz/ModelPdo.php | 2 +- lib/lib_rss.php | 24 +++++++++++++++--------- 12 files changed, 50 insertions(+), 41 deletions(-) delete mode 100644 data/log/.gitignore delete mode 100644 data/log/index.html create mode 100644 data/users/.gitignore create mode 100644 data/users/index.html (limited to 'data') diff --git a/app/Controllers/userController.php b/app/Controllers/userController.php index 3b40e42dc..1b1ccaac9 100644 --- a/app/Controllers/userController.php +++ b/app/Controllers/userController.php @@ -109,7 +109,8 @@ class FreshRSS_user_Controller extends Minz_ActionController { require_once(APP_PATH . '/SQL/install.sql.' . $db['type'] . '.php'); $new_user_language = Minz_Request::param('new_user_language', FreshRSS_Context::$conf->language); - if (!in_array($new_user_language, FreshRSS_Context::$conf->availableLanguages())) { + $languages = FreshRSS_Context::$conf->availableLanguages(); + if (!isset($languages[$new_user_language])) { $new_user_language = FreshRSS_Context::$conf->language; } @@ -121,11 +122,10 @@ class FreshRSS_user_Controller extends Minz_ActionController { $ok &= !in_array(strtoupper($new_user_name), array_map('strtoupper', listUsers())); //Not an existing user, case-insensitive - $configPath = DATA_PATH . '/' . $new_user_name . '_user.php'; + $configPath = join_path(DATA_PATH, 'users', $new_user_name, 'config.php'); $ok &= !file_exists($configPath); } if ($ok) { - $passwordPlain = Minz_Request::param('new_user_passwordPlain', '', true); $passwordHash = ''; if ($passwordPlain != '') { @@ -147,12 +147,13 @@ class FreshRSS_user_Controller extends Minz_ActionController { if (empty($new_user_email)) { $new_user_email = ''; } else { - $personaFile = DATA_PATH . '/persona/' . $new_user_email . '.txt'; + $personaFile = join_path(DATA_PATH, 'persona', $new_user_email . '.txt'); @unlink($personaFile); $ok &= (file_put_contents($personaFile, $new_user_name) !== false); } } if ($ok) { + mkdir(join_path(DATA_PATH, 'users', $new_user_name)); $config_array = array( 'language' => $new_user_language, 'passwordHash' => $passwordHash, @@ -183,18 +184,18 @@ class FreshRSS_user_Controller extends Minz_ActionController { $username = Minz_Request::param('username'); $ok = ctype_alnum($username); + $user_data = join_path(DATA_PATH, 'users', $username); if ($ok) { $ok &= (strcasecmp($username, Minz_Configuration::defaultUser()) !== 0); //It is forbidden to delete the default user } if ($ok) { - $configPath = DATA_PATH . '/' . $username . '_user.php'; - $ok &= file_exists($configPath); + $ok &= is_dir($user_data); } if ($ok) { $userDAO = new FreshRSS_UserDAO(); $ok &= $userDAO->deleteUser($username); - $ok &= unlink($configPath); + $ok &= recursive_unlink($user_data); //TODO: delete Persona file } invalidateHttpCache(); diff --git a/app/Models/Configuration.php b/app/Models/Configuration.php index 8668470b0..8bba8f777 100644 --- a/app/Models/Configuration.php +++ b/app/Models/Configuration.php @@ -74,7 +74,7 @@ class FreshRSS_Configuration { private $shares; public function __construct($user) { - $this->filename = DATA_PATH . DIRECTORY_SEPARATOR . $user . '_user.php'; + $this->filename = join_path(DATA_PATH, 'users', $user, 'config.php'); $data = @include($this->filename); if (!is_array($data)) { @@ -89,7 +89,7 @@ class FreshRSS_Configuration { } $this->data['user'] = $user; - $this->shares = DATA_PATH . DIRECTORY_SEPARATOR . 'shares.php'; + $this->shares = join_path(DATA_PATH, 'shares.php'); $shares = @include($this->shares); if (!is_array($shares)) { diff --git a/app/Models/LogDAO.php b/app/Models/LogDAO.php index 21593435d..4c56e3150 100644 --- a/app/Models/LogDAO.php +++ b/app/Models/LogDAO.php @@ -3,7 +3,7 @@ class FreshRSS_LogDAO { public static function lines() { $logs = array(); - $handle = @fopen(LOG_PATH . '/' . Minz_Session::param('currentUser', '_') . '.log', 'r'); + $handle = @fopen(join_path(DATA_PATH, 'users', Minz_Session::param('currentUser', '_'), 'log.txt'), 'r'); if ($handle) { while (($line = fgets($handle)) !== false) { if (preg_match('/^\[([^\[]+)\] \[([^\[]+)\] --- (.*)$/', $line, $matches)) { @@ -20,6 +20,6 @@ class FreshRSS_LogDAO { } public static function truncate() { - file_put_contents(LOG_PATH . '/' . Minz_Session::param('currentUser', '_') . '.log', ''); + file_put_contents(join_path(DATA_PATH, 'users', Minz_Session::param('currentUser', '_'), 'log.txt'), ''); } } diff --git a/app/Models/UserDAO.php b/app/Models/UserDAO.php index f04ae26bf..6514080bc 100644 --- a/app/Models/UserDAO.php +++ b/app/Models/UserDAO.php @@ -38,7 +38,7 @@ class FreshRSS_UserDAO extends Minz_ModelPdo { require_once(APP_PATH . '/SQL/install.sql.' . $db['type'] . '.php'); if ($db['type'] === 'sqlite') { - return unlink(DATA_PATH . '/' . $username . '.sqlite'); + return unlink(join_path(DATA_PATH, 'users', $username, 'db.sqlite')); } else { $userPDO = new Minz_ModelPdo($username); @@ -55,14 +55,14 @@ class FreshRSS_UserDAO extends Minz_ModelPdo { } public static function exist($username) { - return file_exists(DATA_PATH . '/' . $username . '_user.php'); + return is_dir(join_path(DATA_PATH , 'users', $username)); } public static function touch($username) { - return touch(DATA_PATH . '/' . $username . '_user.php'); + return touch(join_path(DATA_PATH , 'users', $username, 'config.php')); } public static function mtime($username) { - return @filemtime(DATA_PATH . '/' . $username . '_user.php'); + return @filemtime(join_path(DATA_PATH , 'users', $username, 'config.php')); } } diff --git a/data/.gitignore b/data/.gitignore index 325fa75c6..20364e266 100644 --- a/data/.gitignore +++ b/data/.gitignore @@ -1,6 +1,5 @@ application.ini config.php -*_user.php *.sqlite touch.txt no-cache.txt diff --git a/data/log/.gitignore b/data/log/.gitignore deleted file mode 100644 index bf0824e59..000000000 --- a/data/log/.gitignore +++ /dev/null @@ -1 +0,0 @@ -*.log \ No newline at end of file diff --git a/data/log/index.html b/data/log/index.html deleted file mode 100644 index 85faaa37e..000000000 --- a/data/log/index.html +++ /dev/null @@ -1,13 +0,0 @@ - - - - - -Redirection - - - - -

Redirection

- - diff --git a/data/users/.gitignore b/data/users/.gitignore new file mode 100644 index 000000000..53ed0587b --- /dev/null +++ b/data/users/.gitignore @@ -0,0 +1,4 @@ +db.sqlite +config.php +log.txt + diff --git a/data/users/index.html b/data/users/index.html new file mode 100644 index 000000000..85faaa37e --- /dev/null +++ b/data/users/index.html @@ -0,0 +1,13 @@ + + + + + +Redirection + + + + +

Redirection

+ + diff --git a/lib/Minz/Log.php b/lib/Minz/Log.php index d3eaec2ae..26412c547 100644 --- a/lib/Minz/Log.php +++ b/lib/Minz/Log.php @@ -37,7 +37,7 @@ class Minz_Log { || ($env === Minz_Configuration::PRODUCTION && ($level >= Minz_Log::NOTICE)))) { if ($file_name === null) { - $file_name = LOG_PATH . '/' . Minz_Session::param('currentUser', '_') . '.log'; + $file_name = join_path(DATA_PATH, 'users', Minz_Session::param('currentUser', '_'), 'log.txt'); } switch ($level) { diff --git a/lib/Minz/ModelPdo.php b/lib/Minz/ModelPdo.php index 6198cd85c..118d89ad2 100644 --- a/lib/Minz/ModelPdo.php +++ b/lib/Minz/ModelPdo.php @@ -63,7 +63,7 @@ class Minz_ModelPdo { ); $this->prefix = $db['prefix'] . $currentUser . '_'; } elseif ($type === 'sqlite') { - $string = 'sqlite:' . DATA_PATH . '/' . $currentUser . '.sqlite'; + $string = 'sqlite:' . join_path(DATA_PATH, 'users', $currentUser, 'db.sqlite'); $driver_options = array( //PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, ); diff --git a/lib/lib_rss.php b/lib/lib_rss.php index 264c69d58..cfd31b2c8 100644 --- a/lib/lib_rss.php +++ b/lib/lib_rss.php @@ -15,6 +15,17 @@ if (!function_exists('json_encode')) { } } +/** + * Build a directory path by concatenating a list of directory names. + * + * @param $path_parts a list of directory names + * @return a string corresponding to the final pathname + */ +function join_path() { + $path_parts = func_get_args(); + return join(DIRECTORY_SEPARATOR, $path_parts); +} + // function classAutoloader($class) { if (strpos($class, 'FreshRSS') === 0) { @@ -208,16 +219,11 @@ function invalidateHttpCache() { return touch(LOG_PATH . '/' . Minz_Session::param('currentUser', '_') . '.log'); } -function usernameFromPath($userPath) { - if (preg_match('%/([A-Za-z0-9]{1,16})_user\.php$%', $userPath, $matches)) { - return $matches[1]; - } else { - return ''; - } -} - function listUsers() { - return array_map('usernameFromPath', glob(DATA_PATH . '/*_user.php')); + return array_values(array_diff( + scandir(join_path(DATA_PATH, 'users')), + array('..', '.') + )); } function httpAuthUser() { -- cgit v1.2.3 From 497d295be470454b7bd068a5c5cceda8caa19527 Mon Sep 17 00:00:00 2001 From: Marien Fressinaud Date: Sun, 28 Dec 2014 19:35:20 +0100 Subject: Add a default users/_ dir Useful for default log path See https://github.com/FreshRSS/FreshRSS/issues/729 --- data/users/_/.gitkeep | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 data/users/_/.gitkeep (limited to 'data') diff --git a/data/users/_/.gitkeep b/data/users/_/.gitkeep new file mode 100644 index 000000000..e69de29bb -- cgit v1.2.3 From 51a71ec4b9d62528054be8faee1576a8fd6d37f6 Mon Sep 17 00:00:00 2001 From: Marien Fressinaud Date: Mon, 5 Jan 2015 16:54:16 +0100 Subject: New configuration system (not working yet) - Use only Minz_Configuration - register() method to load a new configuration file - get() to get a configuration - new exceptions related to configuration - fix a list configuration calls to have FRSS working Current problems to resolve: - How to handle configuration param verifications (i.e. check auth_type is a value from none, http_auth, persona or form) - We must use $conf = Minz_Configuration::get('system'); $general_conf = $conf->general; to access global system configuration which is quite annoying. How to change that? See https://github.com/FreshRSS/FreshRSS/issues/730 --- app/Controllers/authController.php | 36 +- app/FreshRSS.php | 8 +- app/Models/Auth.php | 40 ++- app/Models/Context.php | 4 +- app/Models/Factory.php | 16 +- app/Models/Feed.php | 3 +- app/layout/header.phtml | 13 +- app/layout/layout.phtml | 3 +- app/views/helpers/javascript_vars.phtml | 3 +- data/config.default.php | 32 ++ data/users/_/config.default.php | 66 ++++ lib/Minz/BadConfigurationException.php | 9 - lib/Minz/Configuration.php | 517 ++++++++------------------- lib/Minz/ConfigurationException.php | 8 + lib/Minz/ConfigurationNamespaceException.php | 4 + lib/Minz/ConfigurationParamException.php | 4 + lib/Minz/Error.php | 7 +- lib/Minz/FrontController.php | 26 +- lib/Minz/Log.php | 11 +- lib/Minz/ModelPdo.php | 3 +- lib/Minz/Request.php | 3 +- lib/Minz/Translate.php | 3 +- lib/Minz/View.php | 4 +- p/i/index.php | 2 +- 24 files changed, 384 insertions(+), 441 deletions(-) create mode 100644 data/config.default.php create mode 100644 data/users/_/config.default.php delete mode 100644 lib/Minz/BadConfigurationException.php create mode 100644 lib/Minz/ConfigurationException.php create mode 100644 lib/Minz/ConfigurationNamespaceException.php create mode 100644 lib/Minz/ConfigurationParamException.php (limited to 'data') diff --git a/app/Controllers/authController.php b/app/Controllers/authController.php index ccc32ec0d..f68ea8da5 100644 --- a/app/Controllers/authController.php +++ b/app/Controllers/authController.php @@ -27,6 +27,8 @@ class FreshRSS_auth_Controller extends Minz_ActionController { if (Minz_Request::isPost()) { $ok = true; + $system_conf = Minz_Configuration::get('system'); + $general = $system_conf->general; $current_token = FreshRSS_Context::$conf->token; $token = Minz_Request::param('token', $current_token); FreshRSS_Context::$conf->_token($token); @@ -39,18 +41,21 @@ class FreshRSS_auth_Controller extends Minz_ActionController { $auth_type = Minz_Request::param('auth_type', 'none'); $unsafe_autologin = Minz_Request::param('unsafe_autologin', false); $api_enabled = Minz_Request::param('api_enabled', false); - if ($anon != Minz_Configuration::allowAnonymous() || - $auth_type != Minz_Configuration::authType() || - $anon_refresh != Minz_Configuration::allowAnonymousRefresh() || - $unsafe_autologin != Minz_Configuration::unsafeAutologinEnabled() || - $api_enabled != Minz_Configuration::apiEnabled()) { - - Minz_Configuration::_authType($auth_type); - Minz_Configuration::_allowAnonymous($anon); - Minz_Configuration::_allowAnonymousRefresh($anon_refresh); - Minz_Configuration::_enableAutologin($unsafe_autologin); - Minz_Configuration::_enableApi($api_enabled); - $ok &= Minz_Configuration::writeFile(); + if ($anon != $general['allow_anonymous'] || + $auth_type != $general['auth_type'] || + $anon_refresh != $general['allow_anonymous_refresh'] || + $unsafe_autologin != $general['unsafe_autologin_enabled'] || + $api_enabled != $general['api_enabled']) { + + // TODO: test values from form + $general['auth_type'] = $auth_type; + $general['allow_anonymous'] = $anon; + $general['allow_anonymous_refresh'] = $anon_refresh; + $general['unsafe_autologin_enabled'] = $unsafe_autologin; + $general['api_enabled'] = $api_enabled; + + $system_conf->general = $general; + $ok &= $system_conf->save(); } invalidateHttpCache(); @@ -76,7 +81,8 @@ class FreshRSS_auth_Controller extends Minz_ActionController { Minz_Request::forward(array('c' => 'index', 'a' => 'index'), true); } - $auth_type = Minz_Configuration::authType(); + $conf = Minz_Configuration::get('system'); + $auth_type = $conf->general['auth_type']; switch ($auth_type) { case 'form': Minz_Request::forward(array('c' => 'auth', 'a' => 'formLogin')); @@ -114,6 +120,8 @@ class FreshRSS_auth_Controller extends Minz_ActionController { $file_mtime = @filemtime(PUBLIC_PATH . '/scripts/bcrypt.min.js'); Minz_View::appendScript(Minz_Url::display('/scripts/bcrypt.min.js?' . $file_mtime)); + $conf = Minz_Configuration::get('system'); + if (Minz_Request::isPost()) { $nonce = Minz_Session::param('nonce'); $username = Minz_Request::param('username', ''); @@ -154,7 +162,7 @@ class FreshRSS_auth_Controller extends Minz_ActionController { Minz_Request::bad(_t('feedback.auth.login.invalid'), array('c' => 'auth', 'a' => 'login')); } - } elseif (Minz_Configuration::unsafeAutologinEnabled()) { + } elseif ($conf->general['unsafe_autologin_enabled']) { $username = Minz_Request::param('u', ''); $password = Minz_Request::param('p', ''); Minz_Request::_param('p'); diff --git a/app/FreshRSS.php b/app/FreshRSS.php index 6114a5d1a..455f2fefd 100644 --- a/app/FreshRSS.php +++ b/app/FreshRSS.php @@ -6,6 +6,11 @@ class FreshRSS extends Minz_FrontController { Minz_Session::init('FreshRSS'); } + $current_user = Minz_Session::param('currentUser', '_'); + Minz_Configuration::register('user', + join_path(USERS_PATH, $current_user, 'config.php'), + join_path(USERS_PATH, '_', 'config.default.php')); + // Need to be called just after session init because it initializes // current user. FreshRSS_Auth::init(); @@ -57,7 +62,8 @@ class FreshRSS extends Minz_FrontController { Minz_View::appendScript(Minz_Url::display('/scripts/shortcut.js?' . @filemtime(PUBLIC_PATH . '/scripts/shortcut.js'))); Minz_View::appendScript(Minz_Url::display('/scripts/main.js?' . @filemtime(PUBLIC_PATH . '/scripts/main.js'))); - if (Minz_Configuration::authType() === 'persona') { + $conf = Minz_Configuration::get('system'); + if ($conf->general['auth_type'] === 'persona') { // TODO move it in a plugin // Needed for login AND logout with Persona. Minz_View::appendScript('https://login.persona.org/include.js'); diff --git a/app/Models/Auth.php b/app/Models/Auth.php index 2971d65c8..84b4e3721 100644 --- a/app/Models/Auth.php +++ b/app/Models/Auth.php @@ -16,7 +16,8 @@ class FreshRSS_Auth { self::$login_ok = Minz_Session::param('loginOk', false); $current_user = Minz_Session::param('currentUser', ''); if ($current_user === '') { - $current_user = Minz_Configuration::defaultUser(); + $conf = Minz_Configuration::get('system'); + $current_user = $conf->general['default_user']; Minz_Session::_param('currentUser', $current_user); } @@ -40,7 +41,9 @@ class FreshRSS_Auth { * @return boolean true if user can be connected, false else. */ private static function accessControl() { - switch (Minz_Configuration::authType()) { + $conf = Minz_Configuration::get('system'); + $auth_type = $conf->general['auth_type']; + switch ($auth_type) { case 'form': $credentials = FreshRSS_FormAuth::getCredentialsFromCookie(); $current_user = ''; @@ -79,22 +82,19 @@ class FreshRSS_Auth { * Gives access to the current user. */ public static function giveAccess() { - $current_user = Minz_Session::param('currentUser'); - try { - $conf = new FreshRSS_Configuration($current_user); - } catch(Minz_Exception $e) { - die($e->getMessage()); - } + $user_conf = Minz_Configuration::get('user'); + $system_conf = Minz_Configuration::get('system'); + $auth_type = $system_conf->general['auth_type']; - switch (Minz_Configuration::authType()) { + switch ($auth_type) { case 'form': - self::$login_ok = Minz_Session::param('passwordHash') === $conf->passwordHash; + self::$login_ok = Minz_Session::param('passwordHash') === $user_conf->passwordHash; break; case 'http_auth': self::$login_ok = strcasecmp($current_user, httpAuthUser()) === 0; break; case 'persona': - self::$login_ok = strcasecmp(Minz_Session::param('mail'), $conf->mail_login) === 0; + self::$login_ok = strcasecmp(Minz_Session::param('mail'), $user_conf->mail_login) === 0; break; case 'none': self::$login_ok = true; @@ -114,12 +114,14 @@ class FreshRSS_Auth { * @return boolean true if user has corresponding access, false else. */ public static function hasAccess($scope = 'general') { + $conf = Minz_Configuration::get('system'); + $default_user = $conf->general['default_user']; $ok = self::$login_ok; switch ($scope) { case 'general': break; case 'admin': - $ok &= Minz_Session::param('currentUser') === Minz_Configuration::defaultUser(); + $ok &= Minz_Session::param('currentUser') === $default_user; break; default: $ok = false; @@ -133,9 +135,10 @@ class FreshRSS_Auth { public static function removeAccess() { Minz_Session::_param('loginOk'); self::$login_ok = false; - Minz_Session::_param('currentUser', Minz_Configuration::defaultUser()); + $conf = Minz_Configuration::get('system'); + Minz_Session::_param('currentUser', $conf->general['default_user']); - switch (Minz_Configuration::authType()) { + switch ($conf->general['auth_type']) { case 'form': Minz_Session::_param('passwordHash'); FreshRSS_FormAuth::deleteCookie(); @@ -151,6 +154,15 @@ class FreshRSS_Auth { // TODO: extensions } } + + /** + * Return if authentication is enabled on this instance of FRSS. + */ + public static function accessNeedLogin() { + $conf = Minz_Configuration::get('system'); + $auth_type = $conf->general['auth_type']; + return $auth_type === 'form' || $auth_type === 'persona'; + } } diff --git a/app/Models/Context.php b/app/Models/Context.php index c8a65063a..9bbad9857 100644 --- a/app/Models/Context.php +++ b/app/Models/Context.php @@ -41,10 +41,10 @@ class FreshRSS_Context { */ public static function init() { // Init configuration. - $current_user = Minz_Session::param('currentUser'); try { - self::$conf = new FreshRSS_Configuration($current_user); + self::$conf = Minz_Configuration::get('user'); } catch(Minz_Exception $e) { + $current_user = Minz_Session::param('currentUser', '_'); Minz_Log::error('Cannot load configuration file of user `' . $current_user . '`'); die($e->getMessage()); } diff --git a/app/Models/Factory.php b/app/Models/Factory.php index 91cb84998..db09d155d 100644 --- a/app/Models/Factory.php +++ b/app/Models/Factory.php @@ -3,8 +3,8 @@ class FreshRSS_Factory { public static function createFeedDao($username = null) { - $db = Minz_Configuration::dataBase(); - if ($db['type'] === 'sqlite') { + $conf = Minz_Configuration::get('system'); + if ($conf->db['type'] === 'sqlite') { return new FreshRSS_FeedDAOSQLite($username); } else { return new FreshRSS_FeedDAO($username); @@ -12,8 +12,8 @@ class FreshRSS_Factory { } public static function createEntryDao($username = null) { - $db = Minz_Configuration::dataBase(); - if ($db['type'] === 'sqlite') { + $conf = Minz_Configuration::get('system'); + if ($conf->db['type'] === 'sqlite') { return new FreshRSS_EntryDAOSQLite($username); } else { return new FreshRSS_EntryDAO($username); @@ -21,8 +21,8 @@ class FreshRSS_Factory { } public static function createStatsDAO($username = null) { - $db = Minz_Configuration::dataBase(); - if ($db['type'] === 'sqlite') { + $conf = Minz_Configuration::get('system'); + if ($conf->db['type'] === 'sqlite') { return new FreshRSS_StatsDAOSQLite($username); } else { return new FreshRSS_StatsDAO($username); @@ -30,8 +30,8 @@ class FreshRSS_Factory { } public static function createDatabaseDAO($username = null) { - $db = Minz_Configuration::dataBase(); - if ($db['type'] === 'sqlite') { + $conf = Minz_Configuration::get('system'); + if ($conf->db['type'] === 'sqlite') { return new FreshRSS_DatabaseDAOSQLite($username); } else { return new FreshRSS_DatabaseDAO($username); diff --git a/app/Models/Feed.php b/app/Models/Feed.php index 8f4b60097..071eafdf6 100644 --- a/app/Models/Feed.php +++ b/app/Models/Feed.php @@ -39,8 +39,9 @@ class FreshRSS_Feed extends Minz_Model { } public function hash() { + $conf = Minz_Configuration::get('system'); if ($this->hash === null) { - $this->hash = hash('crc32b', Minz_Configuration::salt() . $this->url); + $this->hash = hash('crc32b', $conf->general['salt'] . $this->url); } return $this->hash; } diff --git a/app/layout/header.phtml b/app/layout/header.phtml index ba13c2a45..2f16b5f63 100644 --- a/app/layout/header.phtml +++ b/app/layout/header.phtml @@ -1,5 +1,8 @@ - +
diff --git a/app/layout/layout.phtml b/app/layout/layout.phtml index 1827d6c26..656fbe9bc 100644 --- a/app/layout/layout.phtml +++ b/app/layout/layout.phtml @@ -10,6 +10,7 @@ renderHelper('javascript_vars'); ?> //]]> "> - + diff --git a/app/views/helpers/javascript_vars.phtml b/app/views/helpers/javascript_vars.phtml index 6577e0109..02f2014ee 100644 --- a/app/views/helpers/javascript_vars.phtml +++ b/app/views/helpers/javascript_vars.phtml @@ -1,6 +1,7 @@ "use strict"; mark_when; $mail = Minz_Session::param('mail', false); $auto_actualize = Minz_Session::param('actualize_feeds', false); @@ -29,7 +30,7 @@ echo 'var context={', 'does_lazyload:', FreshRSS_Context::$conf->lazyload ? 'true' : 'false', ',', 'sticky_post:', FreshRSS_Context::isStickyPostEnabled() ? 'true' : 'false', ',', 'html5_notif_timeout:', FreshRSS_Context::$conf->html5_notif_timeout, ',', - 'auth_type:"', Minz_Configuration::authType(), '",', + 'auth_type:"', $conf->general['auth_type'], '",', 'current_user_mail:', $mail ? ('"' . $mail . '"') : 'null', ',', 'current_view:"', Minz_Request::param('output', 'normal'), '"', "},\n"; diff --git a/data/config.default.php b/data/config.default.php new file mode 100644 index 000000000..a69d8050b --- /dev/null +++ b/data/config.default.php @@ -0,0 +1,32 @@ + array( + 'environment' => 'production', + 'salt' => '', + 'base_url' => '', + 'language' => 'en', + 'title' => 'FreshRSS', + 'default_user' => '_', + 'allow_anonymous' => false, + 'allow_anonymous_refresh' => false, + 'auth_type' => 'none', + 'api_enabled' => false, + 'unsafe_autologin_enabled' => false, + ), + 'limits' => array( + 'cache_duration' => 800, + 'timeout' => 10, + 'max_inactivity' => PHP_INT_MAX, + 'max_feeds' => 16384, + 'max_categories' => 16384, + ), + 'db' => array( + 'type' => 'sqlite', + 'host' => '', + 'user' => '', + 'password' => '', + 'base' => '', + 'prefix' => '', + ), +); diff --git a/data/users/_/config.default.php b/data/users/_/config.default.php new file mode 100644 index 000000000..56d54b293 --- /dev/null +++ b/data/users/_/config.default.php @@ -0,0 +1,66 @@ + 'en', + 'old_entries' => 3, + 'keep_history_default' => 0, + 'ttl_default' => 3600, + 'mail_login' => '', + 'token' => '', + 'passwordHash' => '', + 'apiPasswordHash' => '', + 'posts_per_page' => 20, + 'view_mode' => 'normal', + 'default_view' => 'adaptive', + 'default_state' => FreshRSS_Entry::STATE_NOT_READ, + 'auto_load_more' => true, + 'display_posts' => false, + 'display_categories' => false, + 'hide_read_feeds' => true, + 'onread_jump_next' => true, + 'lazyload' => true, + 'sticky_post' => true, + 'reading_confirm' => false, + 'auto_remove_article' => false, + 'sort_order' => 'DESC', + 'anon_access' => false, + 'mark_when' => array ( + 'article' => true, + 'site' => true, + 'scroll' => false, + 'reception' => false, + ), + 'theme' => 'Origine', + 'content_width' => 'thin', + 'shortcuts' => array ( + 'mark_read' => 'r', + 'mark_favorite' => 'f', + 'go_website' => 'space', + 'next_entry' => 'j', + 'prev_entry' => 'k', + 'first_entry' => 'home', + 'last_entry' => 'end', + 'collapse_entry' => 'c', + 'load_more' => 'm', + 'auto_share' => 's', + 'focus_search' => 'a', + 'user_filter' => 'u', + 'help' => 'f1', + 'close_dropdown' => 'escape', + ), + 'topline_read' => true, + 'topline_favorite' => true, + 'topline_date' => true, + 'topline_link' => true, + 'bottomline_read' => true, + 'bottomline_favorite' => true, + 'bottomline_sharing' => true, + 'bottomline_tags' => true, + 'bottomline_date' => true, + 'bottomline_link' => true, + 'sharing' => array ( + ), + 'queries' => array ( + ), + 'html5_notif_timeout' => 0, +); diff --git a/lib/Minz/BadConfigurationException.php b/lib/Minz/BadConfigurationException.php deleted file mode 100644 index a7b77d687..000000000 --- a/lib/Minz/BadConfigurationException.php +++ /dev/null @@ -1,9 +0,0 @@ - -*/ /** - * La classe Configuration permet de gérer la configuration de l'application + * Manage configuration for the application. */ class Minz_Configuration { - const CONF_PATH_NAME = '/config.php'; - /** - * VERSION est la version actuelle de MINZ + * The list of configurations. */ - const VERSION = '1.3.1.freshrss'; // version spéciale FreshRSS + private static $config_list = array(); /** - * valeurs possibles pour l'"environment" - * SILENT rend l'application muette (pas de log) - * PRODUCTION est recommandée pour une appli en production - * (log les erreurs critiques) - * DEVELOPMENT log toutes les erreurs + * Add a new configuration to the list of configuration. + * + * @param $namespace the name of the current configuration + * @param $config_filename the filename of the configuration + * @param $default_filename a filename containing default values for the configuration + * @throws Minz_ConfigurationNamespaceException if the namespace already exists. */ - const SILENT = 0; - const PRODUCTION = 1; - const DEVELOPMENT = 2; + public static function register($namespace, $config_filename, $default_filename = null) { + if (isset(self::$config_list[$namespace])) { + throw new Minz_ConfigurationNamespaceException( + $namespace . ' namespace already exists' + ); + } + + self::$config_list[$namespace] = new Minz_Configuration( + $namespace, $config_filename, $default_filename + ); + } /** - * définition des variables de configuration - * $salt une chaîne de caractères aléatoires (obligatoire) - * $environment gère le niveau d'affichage pour log et erreurs - * $base_url le chemin de base pour accéder à l'application - * $title le nom de l'application - * $language la langue par défaut de l'application - * $db paramètres pour la base de données (tableau) - * - host le serveur de la base - * - user nom d'utilisateur - * - password mot de passe de l'utilisateur - * - base le nom de la base de données + * Parse a file and return its data. + * + * If the file does not contain a valid PHP code returning an array, an + * empty array is returned anyway. + * + * @param $filename the name of the file to parse. + * @return an array of values + * @throws Minz_FileNotExistException if the file does not exist. */ - private static $salt = ''; - private static $environment = Minz_Configuration::PRODUCTION; - private static $base_url = ''; - private static $title = ''; - private static $language = 'en'; - private static $default_user = ''; - private static $allow_anonymous = false; - private static $allow_anonymous_refresh = false; - private static $auth_type = 'none'; - private static $api_enabled = false; - private static $unsafe_autologin_enabled = false; - - private static $db = array ( - 'type' => 'mysql', - 'host' => '', - 'user' => '', - 'password' => '', - 'base' => '', - 'prefix' => '', - ); - - const MAX_SMALL_INT = 16384; - private static $limits = array( - 'cache_duration' => 800, //SimplePie cache duration in seconds - 'timeout' => 10, //SimplePie timeout in seconds - 'max_inactivity' => PHP_INT_MAX, //Time in seconds after which a user who has not used the account is considered inactive (no auto-refresh of feeds). - 'max_feeds' => Minz_Configuration::MAX_SMALL_INT, - 'max_categories' => Minz_Configuration::MAX_SMALL_INT, - ); + public static function parseFile($filename) { + if (!file_exists($filename)) { + throw new Minz_FileNotExistException($filename); + } - /* - * Getteurs - */ - public static function salt () { - return self::$salt; + $data = @include($filename); + if (is_array($data)) { + return $data; + } else { + return array(); + } } - public static function environment ($str = false) { - $env = self::$environment; - if ($str) { - switch (self::$environment) { - case self::SILENT: - $env = 'silent'; - break; - case self::DEVELOPMENT: - $env = 'development'; - break; - case self::PRODUCTION: - default: - $env = 'production'; - } + /** + * Return the configuration related to a given namespace. + * + * @param $namespace the name of the configuration to get. + * @return a Minz_Configuration object + * @throws Minz_ConfigurationNamespaceException if the namespace does not exist. + */ + public static function get($namespace) { + if (!isset(self::$config_list[$namespace])) { + throw new Minz_ConfigurationNamespaceException( + $namespace . ' namespace does not exist' + ); } - return $env; - } - public static function baseUrl () { - return self::$base_url; - } - public static function title () { - return self::$title; - } - public static function language () { - return self::$language; - } - public static function dataBase () { - return self::$db; - } - public static function limits() { - return self::$limits; - } - public static function defaultUser () { - return self::$default_user; - } - public static function allowAnonymous() { - return self::$allow_anonymous; - } - public static function allowAnonymousRefresh() { - return self::$allow_anonymous_refresh; - } - public static function authType() { - return self::$auth_type; - } - public static function needsLogin() { - return self::$auth_type !== 'none'; - } - public static function canLogIn() { - return self::$auth_type === 'form' || self::$auth_type === 'persona'; - } - public static function apiEnabled() { - return self::$api_enabled; - } - public static function unsafeAutologinEnabled() { - return self::$unsafe_autologin_enabled; + return self::$config_list[$namespace]; } - public static function _allowAnonymous($allow = false) { - self::$allow_anonymous = ((bool)$allow) && self::canLogIn(); - } - public static function _allowAnonymousRefresh($allow = false) { - self::$allow_anonymous_refresh = ((bool)$allow) && self::allowAnonymous(); - } - public static function _authType($value) { - $value = strtolower($value); - switch ($value) { - case 'form': - case 'http_auth': - case 'persona': - case 'none': - self::$auth_type = $value; - break; - } - self::_allowAnonymous(self::$allow_anonymous); - } + /** + * The namespace of the current configuration. + */ + private $namespace = ''; - public static function _enableApi($value = false) { - self::$api_enabled = (bool)$value; - } - public static function _enableAutologin($value = false) { - self::$unsafe_autologin_enabled = (bool)$value; - } + /** + * The filename for the current configuration. + */ + private $config_filename = ''; + + /** + * The filename for the current default values, null by default. + */ + private $default_filename = null; + + /** + * The configuration values, an empty array by default. + */ + private $data = array(); + + /** + * The default values, an empty array by default. + */ + private $data_default = array(); /** - * Initialise les variables de configuration - * @exception Minz_FileNotExistException si le CONF_PATH_NAME n'existe pas - * @exception Minz_BadConfigurationException si CONF_PATH_NAME mal formaté + * Create a new Minz_Configuration object. + * + * @param $namespace the name of the current configuration. + * @param $config_filename the file containing configuration values. + * @param $default_filename the file containing default values, null by default. */ - public static function init () { + private function __construct($namespace, $config_filename, $default_filename = null) { + $this->namespace = $namespace; + $this->config_filename = $config_filename; + try { - self::parseFile (); - self::setReporting (); + $this->data = self::parseFile($this->config_filename); } catch (Minz_FileNotExistException $e) { - throw $e; - } catch (Minz_BadConfigurationException $e) { - throw $e; + if (is_null($default_filename)) { + throw $e; + } } - } - public static function writeFile() { - $ini_array = array( - 'general' => array( - 'environment' => self::environment(true), - 'salt' => self::$salt, - 'base_url' => self::$base_url, - 'title' => self::$title, - 'default_user' => self::$default_user, - 'allow_anonymous' => self::$allow_anonymous, - 'allow_anonymous_refresh' => self::$allow_anonymous_refresh, - 'auth_type' => self::$auth_type, - 'api_enabled' => self::$api_enabled, - 'unsafe_autologin_enabled' => self::$unsafe_autologin_enabled, - ), - 'limits' => self::$limits, - 'db' => self::$db, - ); - @rename(DATA_PATH . self::CONF_PATH_NAME, DATA_PATH . self::CONF_PATH_NAME . '.bak.php'); - $result = file_put_contents(DATA_PATH . self::CONF_PATH_NAME, "default_filename = $default_filename; + if (!is_null($this->default_filename)) { + $this->data_default = self::parseFile($this->default_filename); } - return (bool)$result; } /** - * Parse un fichier de configuration - * @exception Minz_PermissionDeniedException si le CONF_PATH_NAME n'est pas accessible - * @exception Minz_BadConfigurationException si CONF_PATH_NAME mal formaté + * Return the value of the given param. + * + * @param $key the name of the param. + * @param $default default value to return if key does not exist. + * @return the value corresponding to the key. + * @throws Minz_ConfigurationParamException if the param does not exist */ - private static function parseFile () { - $ini_array = include(DATA_PATH . self::CONF_PATH_NAME); - - if (!is_array($ini_array)) { - throw new Minz_PermissionDeniedException ( - DATA_PATH . self::CONF_PATH_NAME, - Minz_Exception::ERROR + public function param($key, $default = null) { + if (isset($this->data[$key])) { + return $this->data[$key]; + } elseif (!is_null($default)) { + return $default; + } elseif (isset($this->data_default[$key])) { + return $this->data_default[$key]; + } else { + throw new Minz_ConfigurationParamException( + $key . ' param does not exist' ); } + } - // [general] est obligatoire - if (!isset ($ini_array['general'])) { - throw new Minz_BadConfigurationException ( - '[general]', - Minz_Exception::ERROR - ); - } - $general = $ini_array['general']; + /** + * A wrapper for param(). + */ + public function __get($key) { + return $this->param($key); + } - // salt est obligatoire - if (!isset ($general['salt'])) { - if (isset($general['sel_application'])) { //v0.6 - $general['salt'] = $general['sel_application']; - } else { - throw new Minz_BadConfigurationException ( - 'salt', - Minz_Exception::ERROR - ); - } + /** + * Set or remove a param. + * + * @param $key the param name to set. + * @param $value the value to set. If null, the key is removed from the configuration. + */ + public function _param($key, $value = null) { + if (isset($this->data[$key]) && is_null($value)) { + unset($this->data[$key]); + } else { + $this->data[$key] = $value; } - self::$salt = $general['salt']; - - if (isset ($general['environment'])) { - switch ($general['environment']) { - case 'silent': - self::$environment = Minz_Configuration::SILENT; - break; - case 'development': - self::$environment = Minz_Configuration::DEVELOPMENT; - break; - case 'production': - self::$environment = Minz_Configuration::PRODUCTION; - break; - default: - if ($general['environment'] >= 0 && - $general['environment'] <= 2) { - // fallback 0.7-beta - self::$environment = $general['environment']; - } else { - throw new Minz_BadConfigurationException ( - 'environment', - Minz_Exception::ERROR - ); - } - } + } - } - if (isset ($general['base_url'])) { - self::$base_url = $general['base_url']; - } + /** + * A wrapper for _param(). + */ + public function __set($key, $value) { + $this->_param($key, $value); + } - if (isset ($general['title'])) { - self::$title = $general['title']; - } - if (isset ($general['language'])) { - self::$language = $general['language']; - } - if (isset ($general['default_user'])) { - self::$default_user = $general['default_user']; - } - if (isset ($general['auth_type'])) { - self::_authType($general['auth_type']); - } - if (isset ($general['allow_anonymous'])) { - self::$allow_anonymous = ( - ((bool)($general['allow_anonymous'])) && - ($general['allow_anonymous'] !== 'no') - ); - } - if (isset ($general['allow_anonymous_refresh'])) { - self::$allow_anonymous_refresh = ( - ((bool)($general['allow_anonymous_refresh'])) && - ($general['allow_anonymous_refresh'] !== 'no') - ); - } - if (isset ($general['api_enabled'])) { - self::$api_enabled = ( - ((bool)($general['api_enabled'])) && - ($general['api_enabled'] !== 'no') - ); - } - if (isset ($general['unsafe_autologin_enabled'])) { - self::$unsafe_autologin_enabled = ( - ((bool)($general['unsafe_autologin_enabled'])) && - ($general['unsafe_autologin_enabled'] !== 'no') - ); - } + /** + * Save the current configuration in the configuration file. + */ + public function save() { + $back_filename = $this->config_filename . '.bak.php'; + @rename($this->config_filename, $back_filename); - if (isset($ini_array['limits'])) { - $limits = $ini_array['limits']; - if (isset($limits['cache_duration'])) { - $v = intval($limits['cache_duration']); - if ($v > 0) { - self::$limits['cache_duration'] = $v; - } - } - if (isset($limits['timeout'])) { - $v = intval($limits['timeout']); - if ($v > 0) { - self::$limits['timeout'] = $v; - } - } - if (isset($limits['max_inactivity'])) { - $v = intval($limits['max_inactivity']); - if ($v > 0) { - self::$limits['max_inactivity'] = $v; - } - } - if (isset($limits['max_feeds'])) { - $v = intval($limits['max_feeds']); - if ($v > 0 && $v < Minz_Configuration::MAX_SMALL_INT) { - self::$limits['max_feeds'] = $v; - } - } - if (isset($limits['max_categories'])) { - $v = intval($limits['max_categories']); - if ($v > 0 && $v < Minz_Configuration::MAX_SMALL_INT) { - self::$limits['max_categories'] = $v; - } - } + if (file_put_contents($this->config_filename, + "data, true) . ';', + LOCK_EX) === false) { + return false; } - // Base de données - if (isset ($ini_array['db'])) { - $db = $ini_array['db']; - if (empty($db['type'])) { - throw new Minz_BadConfigurationException ( - 'type', - Minz_Exception::ERROR - ); - } - switch ($db['type']) { - case 'mysql': - if (empty($db['host'])) { - throw new Minz_BadConfigurationException ( - 'host', - Minz_Exception::ERROR - ); - } - if (empty($db['user'])) { - throw new Minz_BadConfigurationException ( - 'user', - Minz_Exception::ERROR - ); - } - if (!isset($db['password'])) { - throw new Minz_BadConfigurationException ( - 'password', - Minz_Exception::ERROR - ); - } - if (empty($db['base'])) { - throw new Minz_BadConfigurationException ( - 'base', - Minz_Exception::ERROR - ); - } - self::$db['host'] = $db['host']; - self::$db['user'] = $db['user']; - self::$db['password'] = $db['password']; - self::$db['base'] = $db['base']; - if (isset($db['prefix'])) { - self::$db['prefix'] = $db['prefix']; - } - break; - case 'sqlite': - self::$db['host'] = ''; - self::$db['user'] = ''; - self::$db['password'] = ''; - self::$db['base'] = ''; - self::$db['prefix'] = ''; - break; - default: - throw new Minz_BadConfigurationException ( - 'type', - Minz_Exception::ERROR - ); - break; - } - self::$db['type'] = $db['type']; + // Clear PHP 5.5+ cache for include + if (function_exists('opcache_invalidate')) { + opcache_invalidate($this->config_filename); } - } - private static function setReporting() { - switch (self::$environment) { - case self::PRODUCTION: - error_reporting(E_ALL); - ini_set('display_errors','Off'); - ini_set('log_errors', 'On'); - break; - case self::DEVELOPMENT: - error_reporting(E_ALL); - ini_set('display_errors','On'); - ini_set('log_errors', 'On'); - break; - case self::SILENT: - error_reporting(0); - break; - } + return true; } } diff --git a/lib/Minz/ConfigurationException.php b/lib/Minz/ConfigurationException.php new file mode 100644 index 000000000..f294c3341 --- /dev/null +++ b/lib/Minz/ConfigurationException.php @@ -0,0 +1,8 @@ + en fonction de l'environment */ private static function processLogs ($logs) { - $env = Minz_Configuration::environment (); + $conf = Minz_Configuration::get('system'); + $env = $conf->general['environment']; $logs_ok = array (); $error = array (); $warning = array (); @@ -98,10 +99,10 @@ class Minz_Error { $notice = $logs['notice']; } - if ($env == Minz_Configuration::PRODUCTION) { + if ($env == 'production') { $logs_ok = $error; } - if ($env == Minz_Configuration::DEVELOPMENT) { + if ($env == 'development') { $logs_ok = array_merge ($error, $warning, $notice); } diff --git a/lib/Minz/FrontController.php b/lib/Minz/FrontController.php index 3dac1e438..974cf4260 100644 --- a/lib/Minz/FrontController.php +++ b/lib/Minz/FrontController.php @@ -31,9 +31,12 @@ class Minz_FrontController { */ public function __construct () { try { - Minz_Configuration::init (); + Minz_Configuration::register('system', + DATA_PATH . '/config.php', + DATA_PATH . '/config.default.php'); + $this->setReporting(); - Minz_Request::init (); + Minz_Request::init(); $url = $this->buildUrl(); $url['params'] = array_merge ( @@ -110,4 +113,23 @@ class Minz_FrontController { } exit ('### Application problem ###
'."\n".$txt); } + + private function setReporting() { + $conf = Minz_Configuration::get('system'); + switch($conf->general['environment']) { + case 'production': + error_reporting(E_ALL); + ini_set('display_errors','Off'); + ini_set('log_errors', 'On'); + break; + case 'development': + error_reporting(E_ALL); + ini_set('display_errors','On'); + ini_set('log_errors', 'On'); + break; + case 'silent': + error_reporting(0); + break; + } + } } diff --git a/lib/Minz/Log.php b/lib/Minz/Log.php index d19edc1dc..2063efe7e 100644 --- a/lib/Minz/Log.php +++ b/lib/Minz/Log.php @@ -31,10 +31,15 @@ class Minz_Log { * @param $file_name fichier de log */ public static function record ($information, $level, $file_name = null) { - $env = Minz_Configuration::environment (); + try { + $conf = Minz_Configuration::get('system'); + $env = $conf->general['environment']; + } catch (Minz_ConfigurationException $e) { + $env = 'production'; + } - if (! ($env === Minz_Configuration::SILENT - || ($env === Minz_Configuration::PRODUCTION + if (! ($env === 'silent' + || ($env === 'production' && ($level >= Minz_Log::NOTICE)))) { if ($file_name === null) { $file_name = join_path(USERS_PATH, Minz_Session::param('currentUser', '_'), 'log.txt'); diff --git a/lib/Minz/ModelPdo.php b/lib/Minz/ModelPdo.php index 118d89ad2..ac7a1bed7 100644 --- a/lib/Minz/ModelPdo.php +++ b/lib/Minz/ModelPdo.php @@ -44,7 +44,8 @@ class Minz_ModelPdo { return; } - $db = Minz_Configuration::dataBase(); + $conf = Minz_Configuration::get('system'); + $db = $conf->db; if ($currentUser === null) { $currentUser = Minz_Session::param('currentUser', '_'); diff --git a/lib/Minz/Request.php b/lib/Minz/Request.php index 4b97a3caf..5f2f6a858 100644 --- a/lib/Minz/Request.php +++ b/lib/Minz/Request.php @@ -96,7 +96,8 @@ class Minz_Request { * @return la base de l'url */ public static function getBaseUrl() { - $defaultBaseUrl = Minz_Configuration::baseUrl(); + $conf = Minz_Configuration::get('system'); + $defaultBaseUrl = $conf->general['base_url']; if (!empty($defaultBaseUrl)) { return $defaultBaseUrl; } elseif (isset($_SERVER['REQUEST_URI'])) { diff --git a/lib/Minz/Translate.php b/lib/Minz/Translate.php index e7efb8665..7525e95cc 100644 --- a/lib/Minz/Translate.php +++ b/lib/Minz/Translate.php @@ -28,7 +28,8 @@ class Minz_Translate { * Load $lang_name and $lang_path based on configuration and selected language. */ public static function init() { - $l = Minz_Configuration::language(); + $conf = Minz_Configuration::get('system'); + $l = $conf->general['language']; self::$lang_name = Minz_Session::param('language', $l); self::$lang_path = APP_PATH . '/i18n/' . self::$lang_name . '/'; } diff --git a/lib/Minz/View.php b/lib/Minz/View.php index b40448491..24ad630d0 100644 --- a/lib/Minz/View.php +++ b/lib/Minz/View.php @@ -28,7 +28,9 @@ class Minz_View { public function __construct () { $this->change_view(Minz_Request::controllerName(), Minz_Request::actionName()); - self::$title = Minz_Configuration::title (); + + $conf = Minz_Configuration::get('system'); + self::$title = $conf->general['title']; } /** diff --git a/p/i/index.php b/p/i/index.php index 009d56bc3..d3fc0b37c 100755 --- a/p/i/index.php +++ b/p/i/index.php @@ -33,7 +33,7 @@ if (file_exists(DATA_PATH . '/do-install.txt')) { $currentUser = Minz_Session::param('currentUser', ''); $dateLastModification = $currentUser === '' ? time() : max( @filemtime(join_path(USERS_PATH, $currentUser, 'log.txt')), - @filemtime(join_path(DATA_PATH . 'config.php')) + @filemtime(join_path(DATA_PATH, 'config.php')) ); if (httpConditional($dateLastModification, 0, 0, false, PHP_COMPRESSION, true)) { exit(); //No need to send anything -- cgit v1.2.3 From d3a93ea2905ae50a2365d293f9f3ef3e51bf5f30 Mon Sep 17 00:00:00 2001 From: Marien Fressinaud Date: Tue, 6 Jan 2015 18:53:36 +0100 Subject: BREAKING FEATURE: Remove general in config General attribute has been removed from system config. Now subattributes (e.g. environment, salt, title, etc.) are directly accessible. YOU HAVE TO FIX YOUR ./data/config.php file! - Remove the general array - Values inside this array must be kept - To see what it must look like, please have a look to ./data/config.default.php (but keep your values!!). See https://github.com/FreshRSS/FreshRSS/issues/730 --- app/Controllers/authController.php | 28 +++++++++++++--------------- app/Controllers/feedController.php | 2 +- app/Controllers/indexController.php | 6 +++--- app/Controllers/javascriptController.php | 2 +- app/Controllers/userController.php | 4 ++-- app/FreshRSS.php | 2 +- app/Models/Auth.php | 14 +++++++------- app/Models/Feed.php | 4 ++-- app/layout/header.phtml | 6 ++---- app/layout/layout.phtml | 2 +- app/views/helpers/javascript_vars.phtml | 3 +-- data/config.default.php | 24 +++++++++++------------- lib/Minz/Error.php | 2 +- lib/Minz/FrontController.php | 2 +- lib/Minz/Log.php | 2 +- lib/Minz/Request.php | 2 +- lib/Minz/Translate.php | 2 +- lib/Minz/View.php | 2 +- 18 files changed, 51 insertions(+), 58 deletions(-) (limited to 'data') diff --git a/app/Controllers/authController.php b/app/Controllers/authController.php index 3a1ad4605..4ae9ff7fb 100644 --- a/app/Controllers/authController.php +++ b/app/Controllers/authController.php @@ -27,7 +27,6 @@ class FreshRSS_auth_Controller extends Minz_ActionController { if (Minz_Request::isPost()) { $ok = true; - $general = FreshRSS_Context::$system_conf->general; $current_token = FreshRSS_Context::$user_conf->token; $token = Minz_Request::param('token', $current_token); FreshRSS_Context::$user_conf->_token($token); @@ -40,20 +39,19 @@ class FreshRSS_auth_Controller extends Minz_ActionController { $auth_type = Minz_Request::param('auth_type', 'none'); $unsafe_autologin = Minz_Request::param('unsafe_autologin', false); $api_enabled = Minz_Request::param('api_enabled', false); - if ($anon != $general['allow_anonymous'] || - $auth_type != $general['auth_type'] || - $anon_refresh != $general['allow_anonymous_refresh'] || - $unsafe_autologin != $general['unsafe_autologin_enabled'] || - $api_enabled != $general['api_enabled']) { + if ($anon != FreshRSS_Context::$system_conf->allow_anonymous || + $auth_type != FreshRSS_Context::$system_conf->auth_type || + $anon_refresh != FreshRSS_Context::$system_conf->allow_anonymous_refresh || + $unsafe_autologin != FreshRSS_Context::$system_conf->unsafe_autologin_enabled || + $api_enabled != FreshRSS_Context::$system_conf->api_enabled) { // TODO: test values from form - $general['auth_type'] = $auth_type; - $general['allow_anonymous'] = $anon; - $general['allow_anonymous_refresh'] = $anon_refresh; - $general['unsafe_autologin_enabled'] = $unsafe_autologin; - $general['api_enabled'] = $api_enabled; + FreshRSS_Context::$system_conf->auth_type = $auth_type; + FreshRSS_Context::$system_conf->allow_anonymous = $anon; + FreshRSS_Context::$system_conf->allow_anonymous_refresh = $anon_refresh; + FreshRSS_Context::$system_conf->unsafe_autologin_enabled = $unsafe_autologin; + FreshRSS_Context::$system_conf->api_enabled = $api_enabled; - $system_conf->general = $general; $ok &= $system_conf->save(); } @@ -80,7 +78,7 @@ class FreshRSS_auth_Controller extends Minz_ActionController { Minz_Request::forward(array('c' => 'index', 'a' => 'index'), true); } - $auth_type = FreshRSS_Context::$system_conf->general['auth_type']; + $auth_type = FreshRSS_Context::$system_conf->auth_type; switch ($auth_type) { case 'form': Minz_Request::forward(array('c' => 'auth', 'a' => 'formLogin')); @@ -160,7 +158,7 @@ class FreshRSS_auth_Controller extends Minz_ActionController { Minz_Request::bad(_t('feedback.auth.login.invalid'), array('c' => 'auth', 'a' => 'login')); } - } elseif (FreshRSS_Context::$system_conf->general['unsafe_autologin_enabled']) { + } elseif (FreshRSS_Context::$system_conf->unsafe_autologin_enabled) { $username = Minz_Request::param('u', ''); $password = Minz_Request::param('p', ''); Minz_Request::_param('p'); @@ -301,7 +299,7 @@ class FreshRSS_auth_Controller extends Minz_ActionController { $this->view->no_form = false; // Enable changement of auth only if Persona! - if (FreshRSS_Context::$system_conf->general['auth_type'] != 'persona') { + if (FreshRSS_Context::$system_conf->auth_type != 'persona') { $this->view->message = array( 'status' => 'bad', 'title' => _t('gen.short.damn'), diff --git a/app/Controllers/feedController.php b/app/Controllers/feedController.php index df1e559bc..c22669361 100755 --- a/app/Controllers/feedController.php +++ b/app/Controllers/feedController.php @@ -18,7 +18,7 @@ class FreshRSS_feed_Controller extends Minz_ActionController { $token_param = Minz_Request::param('token', ''); $token_is_ok = ($token != '' && $token == $token_param); $action = Minz_Request::actionName(); - $allow_anonymous_refresh = FreshRSS_Context::$system_conf->general['allow_anonymous_refresh']; + $allow_anonymous_refresh = FreshRSS_Context::$system_conf->allow_anonymous_refresh; if ($action !== 'actualize' || !($allow_anonymous_refresh || $token_is_ok)) { Minz_Error::error(403); diff --git a/app/Controllers/indexController.php b/app/Controllers/indexController.php index d948504cc..c53d3223e 100755 --- a/app/Controllers/indexController.php +++ b/app/Controllers/indexController.php @@ -20,7 +20,7 @@ class FreshRSS_index_Controller extends Minz_ActionController { * This action displays the normal view of FreshRSS. */ public function normalAction() { - $allow_anonymous = FreshRSS_Context::$system_conf->general['allow_anonymous']; + $allow_anonymous = FreshRSS_Context::$system_conf->allow_anonymous; if (!FreshRSS_Auth::hasAccess() && !$allow_anonymous) { Minz_Request::forward(array('c' => 'auth', 'a' => 'login')); return; @@ -83,7 +83,7 @@ class FreshRSS_index_Controller extends Minz_ActionController { * This action displays the global view of FreshRSS. */ public function globalAction() { - $allow_anonymous = FreshRSS_Context::$system_conf->general['allow_anonymous']; + $allow_anonymous = FreshRSS_Context::$system_conf->allow_anonymous; if (!FreshRSS_Auth::hasAccess() && !$allow_anonymous) { Minz_Request::forward(array('c' => 'auth', 'a' => 'login')); return; @@ -111,7 +111,7 @@ class FreshRSS_index_Controller extends Minz_ActionController { * This action displays the RSS feed of FreshRSS. */ public function rssAction() { - $allow_anonymous = FreshRSS_Context::$system_conf->general['allow_anonymous']; + $allow_anonymous = FreshRSS_Context::$system_conf->allow_anonymous; $token = FreshRSS_Context::$user_conf->token; $token_param = Minz_Request::param('token', ''); $token_is_ok = ($token != '' && $token === $token_param); diff --git a/app/Controllers/javascriptController.php b/app/Controllers/javascriptController.php index dd9aa6189..acd3fef69 100755 --- a/app/Controllers/javascriptController.php +++ b/app/Controllers/javascriptController.php @@ -28,7 +28,7 @@ class FreshRSS_javascript_Controller extends Minz_ActionController { $user = isset($_GET['user']) ? $_GET['user'] : ''; if (ctype_alnum($user)) { try { - $salt = FreshRSS_Context::$system_conf->general['salt']; + $salt = FreshRSS_Context::$system_conf->salt; $conf = new FreshRSS_Configuration($user); $s = $conf->passwordHash; if (strlen($s) >= 60) { diff --git a/app/Controllers/userController.php b/app/Controllers/userController.php index be2ae943e..bfc2dfb3b 100644 --- a/app/Controllers/userController.php +++ b/app/Controllers/userController.php @@ -118,7 +118,7 @@ class FreshRSS_user_Controller extends Minz_ActionController { $ok = ($new_user_name != '') && ctype_alnum($new_user_name); if ($ok) { - $default_user = FreshRSS_Context::$system_conf->general['default_user']; + $default_user = FreshRSS_Context::$system_conf->default_user; $ok &= (strcasecmp($new_user_name, $default_user) !== 0); //It is forbidden to alter the default user $ok &= !in_array(strtoupper($new_user_name), array_map('strtoupper', listUsers())); //Not an existing user, case-insensitive @@ -188,7 +188,7 @@ class FreshRSS_user_Controller extends Minz_ActionController { $user_data = join_path(DATA_PATH, 'users', $username); if ($ok) { - $default_user = FreshRSS_Context::$system_conf->general['default_user']; + $default_user = FreshRSS_Context::$system_conf->default_user; $ok &= (strcasecmp($username, $default_user) !== 0); //It is forbidden to delete the default user } if ($ok) { diff --git a/app/FreshRSS.php b/app/FreshRSS.php index b22bfdb4b..a53174394 100644 --- a/app/FreshRSS.php +++ b/app/FreshRSS.php @@ -62,7 +62,7 @@ class FreshRSS extends Minz_FrontController { Minz_View::appendScript(Minz_Url::display('/scripts/shortcut.js?' . @filemtime(PUBLIC_PATH . '/scripts/shortcut.js'))); Minz_View::appendScript(Minz_Url::display('/scripts/main.js?' . @filemtime(PUBLIC_PATH . '/scripts/main.js'))); - if (FreshRSS_Context::$system_conf->general['auth_type'] === 'persona') { + if (FreshRSS_Context::$system_conf->auth_type === 'persona') { // TODO move it in a plugin // Needed for login AND logout with Persona. Minz_View::appendScript('https://login.persona.org/include.js'); diff --git a/app/Models/Auth.php b/app/Models/Auth.php index 84b4e3721..05ec61d0e 100644 --- a/app/Models/Auth.php +++ b/app/Models/Auth.php @@ -17,7 +17,7 @@ class FreshRSS_Auth { $current_user = Minz_Session::param('currentUser', ''); if ($current_user === '') { $conf = Minz_Configuration::get('system'); - $current_user = $conf->general['default_user']; + $current_user = $conf->default_user; Minz_Session::_param('currentUser', $current_user); } @@ -42,7 +42,7 @@ class FreshRSS_Auth { */ private static function accessControl() { $conf = Minz_Configuration::get('system'); - $auth_type = $conf->general['auth_type']; + $auth_type = $conf->auth_type; switch ($auth_type) { case 'form': $credentials = FreshRSS_FormAuth::getCredentialsFromCookie(); @@ -84,7 +84,7 @@ class FreshRSS_Auth { public static function giveAccess() { $user_conf = Minz_Configuration::get('user'); $system_conf = Minz_Configuration::get('system'); - $auth_type = $system_conf->general['auth_type']; + $auth_type = $system_conf->auth_type; switch ($auth_type) { case 'form': @@ -115,7 +115,7 @@ class FreshRSS_Auth { */ public static function hasAccess($scope = 'general') { $conf = Minz_Configuration::get('system'); - $default_user = $conf->general['default_user']; + $default_user = $conf->default_user; $ok = self::$login_ok; switch ($scope) { case 'general': @@ -136,9 +136,9 @@ class FreshRSS_Auth { Minz_Session::_param('loginOk'); self::$login_ok = false; $conf = Minz_Configuration::get('system'); - Minz_Session::_param('currentUser', $conf->general['default_user']); + Minz_Session::_param('currentUser', $conf->default_user); - switch ($conf->general['auth_type']) { + switch ($conf->auth_type) { case 'form': Minz_Session::_param('passwordHash'); FreshRSS_FormAuth::deleteCookie(); @@ -160,7 +160,7 @@ class FreshRSS_Auth { */ public static function accessNeedLogin() { $conf = Minz_Configuration::get('system'); - $auth_type = $conf->general['auth_type']; + $auth_type = $conf->auth_type; return $auth_type === 'form' || $auth_type === 'persona'; } } diff --git a/app/Models/Feed.php b/app/Models/Feed.php index 071eafdf6..86cbb783e 100644 --- a/app/Models/Feed.php +++ b/app/Models/Feed.php @@ -39,9 +39,9 @@ class FreshRSS_Feed extends Minz_Model { } public function hash() { - $conf = Minz_Configuration::get('system'); if ($this->hash === null) { - $this->hash = hash('crc32b', $conf->general['salt'] . $this->url); + $salt = FreshRSS_Context::$system_conf->salt; + $this->hash = hash('crc32b', $salt . $this->url); } return $this->hash; } diff --git a/app/layout/header.phtml b/app/layout/header.phtml index 2f16b5f63..97e24a1d9 100644 --- a/app/layout/header.phtml +++ b/app/layout/header.phtml @@ -1,7 +1,5 @@