From 32d9c3b7905f4e43ffdf4bf2bf37723cfd18390c Mon Sep 17 00:00:00 2001
From: Alexandre Alapetite <alexandre@alapetite.fr>
Date: Sun, 2 Sep 2018 13:19:58 +0200
Subject: Use mb_strcut (#1996)

* Use mb_strcut

Avoid cutting in the middle of a multi-byte UTF-8 character

* Forgotten php5-*

* Typo

* Whitespace

* More mb_strcut
---
 lib/lib_rss.php | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'lib/lib_rss.php')

diff --git a/lib/lib_rss.php b/lib/lib_rss.php
index 5f460862e..60616b3ca 100644
--- a/lib/lib_rss.php
+++ b/lib/lib_rss.php
@@ -21,6 +21,12 @@ if (!function_exists('json_encode')) {
 
 defined('JSON_UNESCAPED_UNICODE') or define('JSON_UNESCAPED_UNICODE', 256);	//PHP 5.3
 
+if (!function_exists('mb_strcut')) {
+	function mb_strcut($str, $start, $length = null, $encoding = 'UTF-8') {
+		return substr($str, $start, $length);
+	}
+}
+
 /**
  * Build a directory path by concatenating a list of directory names.
  *
@@ -405,6 +411,7 @@ function check_install_php() {
 		'fileinfo' => extension_loaded('fileinfo'),
 		'dom' => class_exists('DOMDocument'),
 		'json' => extension_loaded('json'),
+		'mbstring' => extension_loaded('mbstring'),
 		'zip' => extension_loaded('zip'),
 	);
 }
-- 
cgit v1.2.3


From aafb1cd0e484813541b4eb0ba2a93d9083b1d2fc Mon Sep 17 00:00:00 2001
From: Alexandre Alapetite <alexandre@alapetite.fr>
Date: Sun, 9 Sep 2018 00:50:24 +0200
Subject: Better test if server has public address (#2010)

* Better test if server has public address

* Wrong trailing slash in documentation
---
 cli/README.md      |  2 +-
 cli/do-install.php |  2 +-
 lib/lib_rss.php    | 13 +++++++++----
 3 files changed, 11 insertions(+), 6 deletions(-)

(limited to 'lib/lib_rss.php')

diff --git a/cli/README.md b/cli/README.md
index 0d1c0a7d4..c314bd388 100644
--- a/cli/README.md
+++ b/cli/README.md
@@ -35,7 +35,7 @@ cd /usr/share/FreshRSS
 ./cli/prepare.php
 # Ensure the needed directories in ./data/
 
-./cli/do-install.php --default_user admin ( --auth_type form --environment production --base_url https://rss.example.net/ --language en --title FreshRSS --allow_anonymous --api_enabled --db-type mysql --db-host localhost:3306 --db-user freshrss --db-password dbPassword123 --db-base freshrss --db-prefix freshrss )
+./cli/do-install.php --default_user admin ( --auth_type form --environment production --base_url https://rss.example.net --language en --title FreshRSS --allow_anonymous --api_enabled --db-type mysql --db-host localhost:3306 --db-user freshrss --db-password dbPassword123 --db-base freshrss --db-prefix freshrss )
 # --auth_type can be: 'form' (default), 'http_auth' (using the Web server access control), 'none' (dangerous)
 # --db-type can be: 'sqlite' (default), 'mysql' (MySQL or MariaDB), 'pgsql' (PostgreSQL)
 # --base_url should be a public (routable) URL if possible, and is used for push (PubSubHubbub), for some API functions (e.g. favicons), and external URLs in FreshRSS.
diff --git a/cli/do-install.php b/cli/do-install.php
index 4ebba0469..7435ab9f1 100755
--- a/cli/do-install.php
+++ b/cli/do-install.php
@@ -33,7 +33,7 @@ $options = getopt('', array_merge($params, $dBparams));
 
 if (empty($options['default_user'])) {
 	fail('Usage: ' . basename(__FILE__) . " --default_user admin ( --auth_type form" .
-		" --environment production --base_url https://rss.example.net/" .
+		" --environment production --base_url https://rss.example.net" .
 		" --language en --title FreshRSS --allow_anonymous --api_enabled" .
 		" --db-type mysql --db-host localhost:3306 --db-user freshrss --db-password dbPassword123" .
 		" --db-base freshrss --db-prefix freshrss_ --disable_update )");
diff --git a/lib/lib_rss.php b/lib/lib_rss.php
index 60616b3ca..44123b746 100644
--- a/lib/lib_rss.php
+++ b/lib/lib_rss.php
@@ -109,24 +109,29 @@ function safe_ascii($text) {
  * localhost address.
  *
  * @param $address the address to test, can be an IP or a URL.
- * @return true if server is accessible, false else.
+ * @return true if server is accessible, false otherwise.
  * @todo improve test with a more valid technique (e.g. test with an external server?)
  */
 function server_is_public($address) {
 	$host = parse_url($address, PHP_URL_HOST);
 
 	$is_public = !in_array($host, array(
-		'127.0.0.1',
 		'localhost',
 		'localhost.localdomain',
 		'[::1]',
+		'ip6-localhost',
 		'localhost6',
 		'localhost6.localdomain6',
 	));
 
-	return $is_public;
-}
+	if ($is_public) {
+		$ip = gethostbyname($host);
+		$is_public &= !preg_match('/^(10|127|172[.]16|192[.]168)[.]/', $ip);
+		$is_public &= !preg_match('/^(\[)?(::1$|fc00::|fe80::)/i', $ip);
+	}
 
+	return (bool)$is_public;
+}
 
 function format_number($n, $precision = 0) {
 	// number_format does not seem to be Unicode-compatible
-- 
cgit v1.2.3