From 256c8613a4046931dcd28ab22b6aebe8752a98c2 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Fri, 15 May 2015 03:21:36 +0200 Subject: First draft of PubSubHubbub https://github.com/FreshRSS/FreshRSS/issues/312 Requires setting base_url in config.php. Currently using the filesystem (no change to the database) --- lib/lib_rss.php | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'lib/lib_rss.php') diff --git a/lib/lib_rss.php b/lib/lib_rss.php index 6342011c8..191a58f35 100644 --- a/lib/lib_rss.php +++ b/lib/lib_rss.php @@ -446,3 +446,12 @@ function array_push_unique(&$array, $value) { function array_remove(&$array, $value) { $array = array_diff($array, array($value)); } + +//RFC 4648 +function base64url_encode($data) { + return strtr(rtrim(base64_encode($data), '='), '+/', '-_'); +} +//RFC 4648 +function base64url_decode($data) { + return base64_decode(strtr($data, '-_', '+/')); +} -- cgit v1.2.3 From c1398afe8c8d220ace5fc4ccac02953adddf18c5 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Sat, 4 Jul 2015 14:21:24 +0200 Subject: Full content img data-src https://github.com/FreshRSS/FreshRSS/issues/877 Quick fix while waiting for a new library to retrieve articles --- lib/lib_rss.php | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) (limited to 'lib/lib_rss.php') diff --git a/lib/lib_rss.php b/lib/lib_rss.php index 191a58f35..c51b4e6de 100644 --- a/lib/lib_rss.php +++ b/lib/lib_rss.php @@ -195,17 +195,27 @@ function sanitizeHTML($data, $base = '') { /* permet de récupérer le contenu d'un article pour un flux qui n'est pas complet */ function get_content_by_parsing ($url, $path) { - require_once (LIB_PATH . '/lib_phpQuery.php'); + require_once(LIB_PATH . '/lib_phpQuery.php'); Minz_Log::notice('FreshRSS GET ' . SimplePie_Misc::url_remove_credentials($url)); - $html = file_get_contents ($url); + $html = file_get_contents($url); if ($html) { - $doc = phpQuery::newDocument ($html); - $content = $doc->find ($path); + $doc = phpQuery::newDocument($html); + $content = $doc->find($path); + + foreach (pq('img[data-src]') as $img) { + $imgP = pq($img); + $dataSrc = $imgP->attr('data-src'); + if (strlen($dataSrc) > 4) { + $imgP->attr('src', $dataSrc); + $imgP->removeAttr('data-src'); + } + } + return sanitizeHTML($content->__toString(), $url); } else { - throw new Exception (); + throw new Exception(); } } -- cgit v1.2.3 From fa432755cc9d0cc71be54d463bdfb7558d62c5f1 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Sun, 12 Jul 2015 12:16:56 +0200 Subject: Implement cURL options https://github.com/FreshRSS/FreshRSS/issues/897 Requires that https://github.com/FreshRSS/FreshRSS/pull/898 is merged first. --- CHANGELOG.md | 2 ++ data/config.default.php | 19 +++++++++++++++++-- lib/SimplePie/SimplePie/File.php | 1 - lib/lib_rss.php | 1 + 4 files changed, 20 insertions(+), 3 deletions(-) (limited to 'lib/lib_rss.php') diff --git a/CHANGELOG.md b/CHANGELOG.md index 0ebfd50ac..23feda577 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,7 +4,9 @@ * Features * Support for PubSubHubbub for instant notifications from compatible Web sites. [#312](https://github.com/FreshRSS/FreshRSS/issues/312) + * cURL options to use a proxy for retrieving feeds. [#897](https://github.com/FreshRSS/FreshRSS/issues/897) [#675](https://github.com/FreshRSS/FreshRSS/issues/675) * Security + * cURL options to verify or not SSL/TLS certificates (now enabled by default). [#897](https://github.com/FreshRSS/FreshRSS/issues/897) [#502](https://github.com/FreshRSS/FreshRSS/issues/502) * Support for SSL connection to MySQL. [#868](https://github.com/FreshRSS/FreshRSS/issues/868) * Workaround for browsers that have disabled support for `
`. [#880](https://github.com/FreshRSS/FreshRSS/issues/880) * UI diff --git a/data/config.default.php b/data/config.default.php index 97085df29..6a8300872 100644 --- a/data/config.default.php +++ b/data/config.default.php @@ -1,7 +1,7 @@ array( + # Options to disable SSL/TLS certificate check (e.g. for self-signed HTTPS) + //CURLOPT_SSL_VERIFYHOST => 0, + //CURLOPT_SSL_VERIFYPEER => false, + + # Options to use a proxy for retrieving feeds. + //CURLOPT_PROXYTYPE = CURLPROXY_HTTP, + //CURLOPT_PROXYAUTH = CURLAUTH_BASIC, + //CURLOPT_PROXY => '127.0.0.1', + //CURLOPT_PROXYPORT => 8080, + //CURLOPT_PROXYUSERPWD => 'user:password', + ), + 'db' => array( # Type of database: `sqlite` or `mysql`. diff --git a/lib/SimplePie/SimplePie/File.php b/lib/SimplePie/SimplePie/File.php index 1f9e3d502..90dac790a 100644 --- a/lib/SimplePie/SimplePie/File.php +++ b/lib/SimplePie/SimplePie/File.php @@ -113,7 +113,6 @@ class SimplePie_File curl_setopt($fp, CURLOPT_REFERER, $url); curl_setopt($fp, CURLOPT_USERAGENT, $useragent); curl_setopt($fp, CURLOPT_HTTPHEADER, $headers2); - curl_setopt($fp, CURLOPT_SSL_VERIFYPEER, false); //FreshRSS if (!ini_get('open_basedir') && !ini_get('safe_mode') && version_compare(SimplePie_Misc::get_curl_version(), '7.15.2', '>=')) { curl_setopt($fp, CURLOPT_FOLLOWLOCATION, 1); diff --git a/lib/lib_rss.php b/lib/lib_rss.php index c51b4e6de..0118e0f46 100644 --- a/lib/lib_rss.php +++ b/lib/lib_rss.php @@ -143,6 +143,7 @@ function customSimplePie() { $simplePie->set_cache_location(CACHE_PATH); $simplePie->set_cache_duration($limits['cache_duration']); $simplePie->set_timeout($limits['timeout']); + $simplePie->set_curl_options($system_conf->curl_options); $simplePie->strip_htmltags(array( 'base', 'blink', 'body', 'doctype', 'embed', 'font', 'form', 'frame', 'frameset', 'html', -- cgit v1.2.3 From 02c3546440f961018adc1e2c8e97c16f2aca18fc Mon Sep 17 00:00:00 2001 From: Marien Fressinaud Date: Wed, 22 Jul 2015 13:52:03 +0200 Subject: Registration action is handled and create a user See https://github.com/FreshRSS/FreshRSS/issues/679 --- app/Controllers/userController.php | 20 +++++++++++++++++--- app/views/auth/register.phtml | 7 +++++++ lib/lib_rss.php | 16 ++++++++++++++++ 3 files changed, 40 insertions(+), 3 deletions(-) (limited to 'lib/lib_rss.php') diff --git a/app/Controllers/userController.php b/app/Controllers/userController.php index c198d1328..46f4f434d 100644 --- a/app/Controllers/userController.php +++ b/app/Controllers/userController.php @@ -12,9 +12,14 @@ class FreshRSS_user_Controller extends Minz_ActionController { * This action is called before every other action in that class. It is * the common boiler plate for every action. It is triggered by the * underlying framework. + * + * @todo clean up the access condition. */ public function firstAction() { - if (!FreshRSS_Auth::hasAccess()) { + if (!FreshRSS_Auth::hasAccess() && !( + Minz_Request::actionName() === 'create' && + !max_registrations_reached() + )) { Minz_Error::error(403); } } @@ -111,11 +116,16 @@ class FreshRSS_user_Controller extends Minz_ActionController { * - new_user_name * - new_user_passwordPlain * - new_user_email + * - r (i.e. a redirection url, optional) * * @todo clean up this method. Idea: write a method to init a user with basic information. + * @todo handle r redirection in Minz_Request::forward directly? */ public function createAction() { - if (Minz_Request::isPost() && FreshRSS_Auth::hasAccess('admin')) { + if (Minz_Request::isPost() && ( + FreshRSS_Auth::hasAccess('admin') || + !max_registrations_reached() + )) { $db = FreshRSS_Context::$system_conf->db; require_once(APP_PATH . '/SQL/install.sql.' . $db['type'] . '.php'); @@ -186,7 +196,11 @@ class FreshRSS_user_Controller extends Minz_ActionController { Minz_Session::_param('notification', $notif); } - Minz_Request::forward(array('c' => 'user', 'a' => 'manage'), true); + $redirect_url = urldecode(Minz_Request::param('r', false, true)); + if (!$redirect_url) { + $redirect_url = array('c' => 'user', 'a' => 'manage'); + } + Minz_Request::forward($redirect_url, true); } /** diff --git a/app/views/auth/register.phtml b/app/views/auth/register.phtml index 31ab89d26..96c91f411 100644 --- a/app/views/auth/register.phtml +++ b/app/views/auth/register.phtml @@ -29,6 +29,13 @@
+ 'index', 'a' => 'index'), + 'php', true + )); + ?> +
diff --git a/lib/lib_rss.php b/lib/lib_rss.php index 0118e0f46..c99e2c7e8 100644 --- a/lib/lib_rss.php +++ b/lib/lib_rss.php @@ -266,6 +266,22 @@ function listUsers() { } +/** + * Return if the maximum number of registrations has been reached. + * + * Note a max_regstrations of 0 means there is no limit. + * + * @return true if number of users >= max registrations, false else. + */ +function max_registrations_reached() { + $system_conf = Minz_Configuration::get('system'); + $limit_registrations = $system_conf->limits['max_registrations']; + $number_accounts = count(listUsers()); + + return $limit_registrations > 0 && $number_accounts >= $limit_registrations; +} + + /** * Register and return the configuration for a given user. * -- cgit v1.2.3 From 339e32424fa60fc0c99a4c10890abef139444f6d Mon Sep 17 00:00:00 2001 From: Marien Fressinaud Date: Thu, 23 Jul 2015 12:38:22 +0200 Subject: Add a simple test to detect if server is public If the server is not accessible by an external server, pubsubhubbub should be disable. See https://github.com/FreshRSS/FreshRSS/issues/865 --- app/install.php | 1 + lib/lib_rss.php | 27 +++++++++++++++++++++++++++ 2 files changed, 28 insertions(+) (limited to 'lib/lib_rss.php') diff --git a/app/install.php b/app/install.php index 3930a3d41..65138a683 100644 --- a/app/install.php +++ b/app/install.php @@ -229,6 +229,7 @@ function saveStep3() { 'prefix' => $_SESSION['bd_prefix'], 'pdo_options' => array(), ), + 'enable_pubsubhubbub' => server_is_public($base_url), ); @unlink(join_path(DATA_PATH, 'config.php')); //To avoid access-rights problems diff --git a/lib/lib_rss.php b/lib/lib_rss.php index c99e2c7e8..2a23fca45 100644 --- a/lib/lib_rss.php +++ b/lib/lib_rss.php @@ -83,6 +83,33 @@ function checkUrl($url) { } } + +/** + * Test if a given server address is publicly accessible. + * + * Note: for the moment it tests only if address is corresponding to a + * localhost address. + * + * @param $address the address to test, can be an IP or a URL. + * @return true if server is accessible, false else. + * @todo improve test with a more valid technique (e.g. test with an external server?) + */ +function server_is_public($address) { + $host = parse_url($address, PHP_URL_HOST); + + $is_public = !in_array($host, array( + '127.0.0.1', + 'localhost', + 'localhost.localdomain', + '[::1]', + 'localhost6', + 'localhost6.localdomain6', + )); + + return $is_public; +} + + function format_number($n, $precision = 0) { // number_format does not seem to be Unicode-compatible return str_replace(' ', ' ', //Espace fine insécable -- cgit v1.2.3