From 8864d514c82bc29f0014e45330383ab2ee812910 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Mon, 14 Nov 2022 14:57:45 +0100 Subject: NFS-friendly is_writable() checks (#4780) #fix https://github.com/FreshRSS/FreshRSS/issues/4779 --- lib/lib_rss.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'lib/lib_rss.php') diff --git a/lib/lib_rss.php b/lib/lib_rss.php index 592ad8149..d0e819d98 100644 --- a/lib/lib_rss.php +++ b/lib/lib_rss.php @@ -696,13 +696,13 @@ function check_install_php() { function check_install_files() { return array( // @phpstan-ignore-next-line - 'data' => DATA_PATH && is_writable(DATA_PATH), + 'data' => DATA_PATH && touch(DATA_PATH . '/index.html'), // is_writable() is not reliable for a folder on NFS // @phpstan-ignore-next-line - 'cache' => CACHE_PATH && is_writable(CACHE_PATH), + 'cache' => CACHE_PATH && touch(CACHE_PATH . '/index.html'), // @phpstan-ignore-next-line - 'users' => USERS_PATH && is_writable(USERS_PATH), - 'favicons' => is_writable(DATA_PATH . '/favicons'), - 'tokens' => is_writable(DATA_PATH . '/tokens'), + 'users' => USERS_PATH && touch(USERS_PATH . '/index.html'), + 'favicons' => touch(DATA_PATH . '/favicons/index.html'), + 'tokens' => touch(DATA_PATH . '/tokens/index.html'), ); } -- cgit v1.2.3 From 075cf4c800063e3cc65c3d41a9c23222e8ebb554 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Wed, 11 Jan 2023 23:27:14 +0100 Subject: API avoid logging passwords (#5001) * API avoid logging passwords * Strip passwords and tokens from API logs * Only log failed requests information when in debug mode * Remove debug SHA * Clean also Apache logs * Better comments * Redact also token parameters * shfmt * Simplify whitespace * redacted --- Docker/FreshRSS.Apache.conf | 2 +- cli/sensitive-log.sh | 9 +++++++++ lib/lib_rss.php | 25 +++++++++++++++++++++++++ p/api/fever.php | 11 ++++++----- p/api/greader.php | 26 +++++++++++++++----------- 5 files changed, 56 insertions(+), 17 deletions(-) create mode 100755 cli/sensitive-log.sh (limited to 'lib/lib_rss.php') diff --git a/Docker/FreshRSS.Apache.conf b/Docker/FreshRSS.Apache.conf index 2cfb9cbf9..6281e59e5 100644 --- a/Docker/FreshRSS.Apache.conf +++ b/Docker/FreshRSS.Apache.conf @@ -4,7 +4,7 @@ DocumentRoot /var/www/FreshRSS/p/ RemoteIPHeader X-Forwarded-For RemoteIPTrustedProxy 10.0.0.1/8 172.16.0.1/12 192.168.0.1/16 LogFormat "%a %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined_proxy -CustomLog /dev/stdout combined_proxy +CustomLog "|/var/www/FreshRSS/cli/sensitive-log.sh" combined_proxy ErrorLog /dev/stderr AllowEncodedSlashes On ServerTokens OS diff --git a/cli/sensitive-log.sh b/cli/sensitive-log.sh new file mode 100755 index 000000000..40309b0db --- /dev/null +++ b/cli/sensitive-log.sh @@ -0,0 +1,9 @@ +#!/bin/sh +# Strips sensitive passwords from (Apache) logs + +# For e.g. GNU systems such as Debian +# N.B.: `sed -u` is not available in BusyBox and without it there are buffering delays (even with stdbuf) +sed -Eu 's/([?&])(Passwd|token)=[^& \t]+/\1\2=redacted/ig' 2>/dev/null || + + # For systems with gawk (not available by default in Docker of Debian or Alpine) or with BuzyBox such as Alpine + $(which gawk || which awk) -v IGNORECASE=1 '{ print gensub(/([?&])(Passwd|token)=[^& \t]+/, "\\1\\2=redacted", "g") }' diff --git a/lib/lib_rss.php b/lib/lib_rss.php index d0e819d98..cbdfff773 100644 --- a/lib/lib_rss.php +++ b/lib/lib_rss.php @@ -223,6 +223,31 @@ function html_only_entity_decode($text): string { return $text == '' ? '' : strtr($text, $htmlEntitiesOnly); } +/** + * Remove passwords in FreshRSS logs. + * See also ../cli/sensitive-log.sh for Web server logs. + * @param array|string $log + * @return array|string + */ +function sensitive_log($log) { + if (is_array($log)) { + foreach ($log as $k => $v) { + if (in_array($k, ['api_key', 'Passwd', 'T'])) { + $log[$k] = '██'; + } else { + $log[$k] = sensitive_log($v); + } + } + } elseif (is_string($log)) { + $log = preg_replace([ + '/\b(auth=.*?\/)[^&]+/i', + '/\b(Passwd=)[^&]+/i', + '/\b(Authorization)[^&]+/i', + ], '$1█', $log); + } + return $log; +} + /** * @param array $attributes */ diff --git a/p/api/fever.php b/p/api/fever.php index b7f9b9167..13907f16d 100644 --- a/p/api/fever.php +++ b/p/api/fever.php @@ -18,7 +18,8 @@ FreshRSS_Context::initSystem(); // check if API is enabled globally if (!FreshRSS_Context::$system_conf->api_enabled) { - Minz_Log::warning('Fever API: serviceUnavailable() ' . debugInfo(), API_LOG); + Minz_Log::warning('Fever API: service unavailable!'); + Minz_Log::debug('Fever API: serviceUnavailable() ' . debugInfo(), API_LOG); header('HTTP/1.1 503 Service Unavailable'); header('Content-Type: text/plain; charset=UTF-8'); die('Service Unavailable!'); @@ -45,16 +46,16 @@ function debugInfo() { } } global $ORIGINAL_INPUT; - return print_r( - array( + $log = sensitive_log([ 'date' => date('c'), 'headers' => $ALL_HEADERS, '_SERVER' => $_SERVER, '_GET' => $_GET, '_POST' => $_POST, '_COOKIE' => $_COOKIE, - 'INPUT' => $ORIGINAL_INPUT - ), true); + 'INPUT' => $ORIGINAL_INPUT, + ]); + return print_r($log, true); } //Minz_Log::debug('----------------------------------------------------------------', API_LOG); diff --git a/p/api/greader.php b/p/api/greader.php index afca1afaf..a3dad880e 100644 --- a/p/api/greader.php +++ b/p/api/greader.php @@ -97,27 +97,29 @@ function debugInfo() { } } global $ORIGINAL_INPUT; - return print_r( - array( + $log = sensitive_log([ 'date' => date('c'), 'headers' => $ALL_HEADERS, '_SERVER' => $_SERVER, '_GET' => $_GET, '_POST' => $_POST, '_COOKIE' => $_COOKIE, - 'INPUT' => $ORIGINAL_INPUT - ), true); + 'INPUT' => $ORIGINAL_INPUT, + ]); + return print_r($log, true); } function badRequest() { - Minz_Log::warning('badRequest() ' . debugInfo(), API_LOG); + Minz_Log::warning('GReader API: ' . __METHOD__, API_LOG); + Minz_Log::debug('badRequest() ' . debugInfo(), API_LOG); header('HTTP/1.1 400 Bad Request'); header('Content-Type: text/plain; charset=UTF-8'); die('Bad Request!'); } function unauthorized() { - Minz_Log::warning('unauthorized() ' . debugInfo(), API_LOG); + Minz_Log::warning('GReader API: ' . __METHOD__, API_LOG); + Minz_Log::debug('unauthorized() ' . debugInfo(), API_LOG); header('HTTP/1.1 401 Unauthorized'); header('Content-Type: text/plain; charset=UTF-8'); header('Google-Bad-Token: true'); @@ -125,21 +127,24 @@ function unauthorized() { } function notImplemented() { - Minz_Log::warning('notImplemented() ' . debugInfo(), API_LOG); + Minz_Log::warning('GReader API: ' . __METHOD__, API_LOG); + Minz_Log::debug('notImplemented() ' . debugInfo(), API_LOG); header('HTTP/1.1 501 Not Implemented'); header('Content-Type: text/plain; charset=UTF-8'); die('Not Implemented!'); } function serviceUnavailable() { - Minz_Log::warning('serviceUnavailable() ' . debugInfo(), API_LOG); + Minz_Log::warning('GReader API: ' . __METHOD__, API_LOG); + Minz_Log::debug('serviceUnavailable() ' . debugInfo(), API_LOG); header('HTTP/1.1 503 Service Unavailable'); header('Content-Type: text/plain; charset=UTF-8'); die('Service Unavailable!'); } function checkCompatibility() { - Minz_Log::warning('checkCompatibility() ' . debugInfo(), API_LOG); + Minz_Log::warning('GReader API: ' . __METHOD__, API_LOG); + Minz_Log::debug('checkCompatibility() ' . debugInfo(), API_LOG); header('Content-Type: text/plain; charset=UTF-8'); if (PHP_INT_SIZE < 8 && !function_exists('gmp_init')) { die('FAIL 64-bit or GMP extension! Wrong PHP configuration.'); @@ -172,8 +177,7 @@ function authorizationToUser() { if ($headerAuthX[1] === sha1(FreshRSS_Context::$system_conf->salt . $user . FreshRSS_Context::$user_conf->apiPasswordHash)) { return $user; } else { - Minz_Log::warning('Invalid API authorisation for user ' . $user . ': ' . $headerAuthX[1], API_LOG); - Minz_Log::warning('Invalid API authorisation for user ' . $user . ': ' . $headerAuthX[1]); + Minz_Log::warning('Invalid API authorisation for user ' . $user); unauthorized(); } } else { -- cgit v1.2.3 From daaa391e33c5d92e3dd91bb0b81ac420abed7097 Mon Sep 17 00:00:00 2001 From: berumuron Date: Wed, 18 Jan 2023 10:12:21 +0100 Subject: tec: Update the lib_opml (#4403) * fix: Fix undefined GLOB_BRACE on Alpine The manual states that: > Note: The GLOB_BRACE flag is not available on some non GNU systems, > like Solaris or Alpine Linux. This generated an error on Alpine. Reference: https://www.php.net/manual/function.glob.php * fix: List details of feeds for OPML exportation The details are necessary to export the XPath information, the CSS full content path and read actions filters. * Update LibOpml to 0.4.0 * Refactor OPML importation to be more robust First, it fixes two regressions introduced by the update of lib_opml: - title attribute is used when text attribute is missing; - the OPML category attribute is used as a fallback for feeds categories. In a related way, if also fixes a problem when a feed had both a parent category outline and a category attribute. Before, it only considered the attribute as its category, but now it considers the parent outline. Then, it counts category limit correctly by not increasing `$nb_categories` if the category already exists. * Exclude lib_opml from the CodeSniffer * Fix variable names when logging some errors * Fix catch of LibOpml Exception * Make sure to declare the category * Exclude lib_opml from PHPStan analyze * Disable markdownlint for lib_opml * Fix typos * Use auto-loading and allow updates via Composer * Fix broken links to lib_opml * Bring back the ability to import the OPML frss:opmlUrl attribute * Refactor the logs of OPML errors * Update lib_opml to the version 0.5.0 Co-authored-by: Alexandre Alapetite --- .markdownlintignore | 1 + .typos.toml | 1 + README.fr.md | 2 +- README.md | 2 +- app/Controllers/importExportController.php | 2 - app/Controllers/indexController.php | 2 - app/Models/Category.php | 2 +- app/Services/ExportService.php | 2 - app/Services/ImportService.php | 440 +++++++----- app/views/helpers/export/opml.phtml | 55 +- lib/.gitignore | 8 + lib/composer.json | 1 + lib/lib_opml.php | 353 ---------- lib/lib_rss.php | 5 + lib/marienfressinaud/lib_opml/.gitattributes | 8 + lib/marienfressinaud/lib_opml/.gitignore | 2 + lib/marienfressinaud/lib_opml/CHANGELOG.md | 63 ++ lib/marienfressinaud/lib_opml/LICENSE | 21 + lib/marienfressinaud/lib_opml/README.md | 338 +++++++++ lib/marienfressinaud/lib_opml/composer.json | 35 + .../lib_opml/src/LibOpml/Exception.php | 15 + .../lib_opml/src/LibOpml/LibOpml.php | 770 +++++++++++++++++++++ phpcs.xml | 1 + phpstan.neon | 22 +- 24 files changed, 1596 insertions(+), 555 deletions(-) delete mode 100644 lib/lib_opml.php create mode 100644 lib/marienfressinaud/lib_opml/.gitattributes create mode 100644 lib/marienfressinaud/lib_opml/.gitignore create mode 100644 lib/marienfressinaud/lib_opml/CHANGELOG.md create mode 100644 lib/marienfressinaud/lib_opml/LICENSE create mode 100644 lib/marienfressinaud/lib_opml/README.md create mode 100644 lib/marienfressinaud/lib_opml/composer.json create mode 100644 lib/marienfressinaud/lib_opml/src/LibOpml/Exception.php create mode 100644 lib/marienfressinaud/lib_opml/src/LibOpml/LibOpml.php (limited to 'lib/lib_rss.php') diff --git a/.markdownlintignore b/.markdownlintignore index 6e1cfb9c4..fa771b056 100644 --- a/.markdownlintignore +++ b/.markdownlintignore @@ -1,4 +1,5 @@ .git/ +lib/marienfressinaud/ lib/phpgt/ lib/phpmailer/ node_modules/ diff --git a/.typos.toml b/.typos.toml index 38a2a1cee..2170f5e85 100644 --- a/.typos.toml +++ b/.typos.toml @@ -36,6 +36,7 @@ extend-exclude = [ "composer.lock", "data/", "docs/fr/", + "lib/marienfressinaud/", "lib/phpgt/", "lib/phpmailer/", "lib/SimplePie/", diff --git a/README.fr.md b/README.fr.md index ce36a6b34..99b5a1a2c 100644 --- a/README.fr.md +++ b/README.fr.md @@ -242,7 +242,7 @@ et [l’API Fever](https://freshrss.github.io/FreshRSS/fr/users/06_Fever_API.htm * [SimplePie](https://simplepie.org/) * [MINZ](https://framagit.org/marienfressinaud/MINZ) * [php-http-304](https://alexandre.alapetite.fr/doc-alex/php-http-304/) -* [lib_opml](https://github.com/marienfressinaud/lib_opml) +* [lib_opml](https://framagit.org/marienfressinaud/lib_opml) * [PhpGt/CssXPath](https://github.com/PhpGt/CssXPath) * [PHPMailer](https://github.com/PHPMailer/PHPMailer) * [Chart.js](https://www.chartjs.org) diff --git a/README.md b/README.md index a2ec62248..b0581aae4 100644 --- a/README.md +++ b/README.md @@ -142,7 +142,7 @@ and [Fever API](https://freshrss.github.io/FreshRSS/en/users/06_Fever_API.html) * [SimplePie](https://simplepie.org/) * [MINZ](https://framagit.org/marienfressinaud/MINZ) * [php-http-304](https://alexandre.alapetite.fr/doc-alex/php-http-304/) -* [lib_opml](https://github.com/marienfressinaud/lib_opml) +* [lib_opml](https://framagit.org/marienfressinaud/lib_opml) * [PhpGt/CssXPath](https://github.com/PhpGt/CssXPath) * [PHPMailer](https://github.com/PHPMailer/PHPMailer) * [Chart.js](https://www.chartjs.org) diff --git a/app/Controllers/importExportController.php b/app/Controllers/importExportController.php index a1e1106c1..6c4b684e9 100644 --- a/app/Controllers/importExportController.php +++ b/app/Controllers/importExportController.php @@ -21,8 +21,6 @@ class FreshRSS_importExport_Controller extends FreshRSS_ActionController { Minz_Error::error(403); } - require_once(LIB_PATH . '/lib_opml.php'); - $this->entryDAO = FreshRSS_Factory::createEntryDao(); $this->feedDAO = FreshRSS_Factory::createFeedDao(); } diff --git a/app/Controllers/indexController.php b/app/Controllers/indexController.php index 7fced48af..968518e3f 100755 --- a/app/Controllers/indexController.php +++ b/app/Controllers/indexController.php @@ -237,8 +237,6 @@ class FreshRSS_index_Controller extends FreshRSS_ActionController { return; } - require_once(LIB_PATH . '/lib_opml.php'); - // No layout for OPML output. $this->view->_layout(false); header('Content-Type: application/xml; charset=utf-8'); diff --git a/app/Models/Category.php b/app/Models/Category.php index b33bec26e..b23e8da0a 100644 --- a/app/Models/Category.php +++ b/app/Models/Category.php @@ -195,7 +195,7 @@ class FreshRSS_Category extends Minz_Model { } else { $dryRunCategory = new FreshRSS_Category(); $importService = new FreshRSS_Import_Service(); - $importService->importOpml($opml, $dryRunCategory, true, true); + $importService->importOpml($opml, $dryRunCategory, true); if ($importService->lastStatus()) { $feedDAO = FreshRSS_Factory::createFeedDao(); diff --git a/app/Services/ExportService.php b/app/Services/ExportService.php index ad0f5f5a8..2f35666a8 100644 --- a/app/Services/ExportService.php +++ b/app/Services/ExportService.php @@ -43,8 +43,6 @@ class FreshRSS_Export_Service { * @return array First item is the filename, second item is the content */ public function generateOpml() { - require_once(LIB_PATH . '/lib_opml.php'); - $view = new FreshRSS_View(); $day = date('Y-m-d'); $view->categories = $this->category_dao->listCategories(true, true); diff --git a/app/Services/ImportService.php b/app/Services/ImportService.php index 28286a753..68aa6f741 100644 --- a/app/Services/ImportService.php +++ b/app/Services/ImportService.php @@ -19,8 +19,6 @@ class FreshRSS_Import_Service { * @param string $username */ public function __construct($username = null) { - require_once(LIB_PATH . '/lib_opml.php'); - $this->catDAO = FreshRSS_Factory::createCategoryDao($username); $this->feedDAO = FreshRSS_Factory::createFeedDao($username); } @@ -34,153 +32,191 @@ class FreshRSS_Import_Service { * This method parses and imports an OPML file. * * @param string $opml_file the OPML file content. - * @param FreshRSS_Category|null $parent_cat the name of the parent category. - * @param boolean $flatten true to disable categories, false otherwise. - * @return array|false an array of categories containing some feeds, or false if an error occurred. + * @param FreshRSS_Category|null $forced_category force the feeds to be associated to this category. + * @param boolean $dry_run true to not create categories and feeds in database. */ - public function importOpml(string $opml_file, $parent_cat = null, $flatten = false, $dryRun = false) { + public function importOpml(string $opml_file, $forced_category = null, $dry_run = false) { $this->lastStatus = true; $opml_array = array(); try { - $opml_array = libopml_parse_string($opml_file, false); - } catch (LibOPML_Exception $e) { - if (FreshRSS_Context::$isCli) { - fwrite(STDERR, 'FreshRSS error during OPML parsing: ' . $e->getMessage() . "\n"); - } else { - Minz_Log::warning($e->getMessage()); - } + $libopml = new \marienfressinaud\LibOpml\LibOpml(false); + $opml_array = $libopml->parseString($opml_file); + } catch (\marienfressinaud\LibOpml\Exception $e) { + self::log($e->getMessage()); $this->lastStatus = false; - return false; + return; } - return $this->addOpmlElements($opml_array['body'], $parent_cat, $flatten, $dryRun); - } + $this->catDAO->checkDefault(); + $default_category = $this->catDAO->getDefault(); + if (!$default_category) { + self::log('Cannot get the default category'); + $this->lastStatus = false; + return; + } - /** - * This method imports an OPML file based on its body. - * - * @param array $opml_elements an OPML element (body or outline). - * @param FreshRSS_Category|null $parent_cat the name of the parent category. - * @param boolean $flatten true to disable categories, false otherwise. - * @return array an array of categories containing some feeds - */ - private function addOpmlElements($opml_elements, $parent_cat = null, $flatten = false, $dryRun = false) { + // Get the categories by names so we can use this array to retrieve + // existing categories later. + $categories = $this->catDAO->listCategories(false); + $categories_by_names = []; + foreach ($categories as $category) { + $categories_by_names[$category->name()] = $category; + } + + // Get current numbers of categories and feeds, and the limits to + // verify the user can import its categories/feeds. + $nb_categories = count($categories); $nb_feeds = count($this->feedDAO->listFeeds()); - $nb_cats = count($this->catDAO->listCategories(false)); $limits = FreshRSS_Context::$system_conf->limits; - //Sort with categories first - usort($opml_elements, static function ($a, $b) { - return strcmp( - (isset($a['xmlUrl']) ? 'Z' : 'A') . (isset($a['text']) ? $a['text'] : ''), - (isset($b['xmlUrl']) ? 'Z' : 'A') . (isset($b['text']) ? $b['text'] : '')); - }); - - $categories = []; - - foreach ($opml_elements as $elt) { - if (isset($elt['xmlUrl'])) { - // If xmlUrl exists, it means it is a feed - if (FreshRSS_Context::$isCli && $nb_feeds >= $limits['max_feeds']) { - Minz_Log::warning(_t('feedback.sub.feed.over_max', - $limits['max_feeds'])); - $this->lastStatus = false; - continue; - } + // Process the OPML outlines to get a list of categories and a list of + // feeds elements indexed by their categories names. + list ( + $categories_elements, + $categories_to_feeds, + ) = $this->loadFromOutlines($opml_array['body'], ''); - if ($this->addFeedOpml($elt, $parent_cat, $dryRun)) { - $nb_feeds++; + foreach ($categories_to_feeds as $category_name => $feeds_elements) { + $category_element = $categories_elements[$category_name] ?? null; + + $category = null; + if ($forced_category) { + // If the category is forced, ignore the actual category name + $category = $forced_category; + } elseif (isset($categories_by_names[$category_name])) { + // If the category already exists, get it from $categories_by_names + $category = $categories_by_names[$category_name]; + } elseif ($category_element) { + // Otherwise, create the category (if possible) + $limit_reached = $nb_categories >= $limits['max_categories']; + $can_create_category = FreshRSS_Context::$isCli || !$limit_reached; + + if ($can_create_category) { + $category = $this->createCategory($category_element, $dry_run); + if ($category) { + $categories_by_names[$category->name()] = $category; + $nb_categories++; + } } else { - $this->lastStatus = false; + Minz_Log::warning( + _t('feedback.sub.category.over_max', $limits['max_categories']) + ); } - } elseif (!empty($elt['text'])) { - // No xmlUrl? It should be a category! - $limit_reached = !$flatten && ($nb_cats >= $limits['max_categories']); - if (!FreshRSS_Context::$isCli && $limit_reached) { - Minz_Log::warning(_t('feedback.sub.category.over_max', - $limits['max_categories'])); + } + + if (!$category) { + // Category can be null if the feeds weren't in a category + // outline, or if we weren't able to create the category. + $category = $default_category; + } + + // Then, create the feeds one by one and attach them to the + // category we just got. + foreach ($feeds_elements as $feed_element) { + $limit_reached = $nb_feeds >= $limits['max_feeds']; + $can_create_feed = FreshRSS_Context::$isCli || !$limit_reached; + if (!$can_create_feed) { + Minz_Log::warning( + _t('feedback.sub.feed.over_max', $limits['max_feeds']) + ); $this->lastStatus = false; - $flatten = true; + break; } - $category = $this->addCategoryOpml($elt, $parent_cat, $flatten, $dryRun); - - if ($category) { - $nb_cats++; - $categories[] = $category; + if ($this->createFeed($feed_element, $category, $dry_run)) { + // TODO what if the feed already exists in the database? + $nb_feeds++; + } else { + $this->lastStatus = false; } } } - return $categories; + return; } /** - * This method imports an OPML feed element. + * Create a feed from a feed element (i.e. OPML outline). * - * @param array $feed_elt an OPML element (must be a feed element). - * @param FreshRSS_Category|null $parent_cat the name of the parent category. - * @return FreshRSS_Feed|null a feed. + * @param array $feed_elt An OPML element (must be a feed element). + * @param FreshRSS_Category $category The category to associate to the feed. + * @param boolean $dry_run true to not create the feed in database. + * + * @return FreshRSS_Feed|null The created feed, or null if it failed. */ - private function addFeedOpml($feed_elt, $parent_cat, $dryRun = false) { - if (empty($feed_elt['xmlUrl'])) { - return null; - } - if ($parent_cat == null) { - // This feed has no parent category so we get the default one - $this->catDAO->checkDefault(); - $parent_cat = $this->catDAO->getDefault(); - if ($parent_cat == null) { - $this->lastStatus = false; - return null; - } - } - - // We get different useful information + private function createFeed($feed_elt, $category, $dry_run) { $url = Minz_Helper::htmlspecialchars_utf8($feed_elt['xmlUrl']); - $name = Minz_Helper::htmlspecialchars_utf8($feed_elt['text'] ?? ''); + $name = $feed_elt['text'] ?? $feed_elt['title'] ?? ''; + $name = Minz_Helper::htmlspecialchars_utf8($name); $website = Minz_Helper::htmlspecialchars_utf8($feed_elt['htmlUrl'] ?? ''); $description = Minz_Helper::htmlspecialchars_utf8($feed_elt['description'] ?? ''); try { // Create a Feed object and add it in DB $feed = new FreshRSS_Feed($url); - $feed->_categoryId($parent_cat->id()); - $parent_cat->addFeed($feed); + $feed->_categoryId($category->id()); + $category->addFeed($feed); $feed->_name($name); $feed->_website($website); $feed->_description($description); switch ($feed_elt['type'] ?? '') { - case FreshRSS_Export_Service::TYPE_HTML_XPATH: + case strtolower(FreshRSS_Export_Service::TYPE_HTML_XPATH): $feed->_kind(FreshRSS_Feed::KIND_HTML_XPATH); break; - case FreshRSS_Export_Service::TYPE_RSS_ATOM: + case strtolower(FreshRSS_Export_Service::TYPE_RSS_ATOM): default: $feed->_kind(FreshRSS_Feed::KIND_RSS); break; } + if (isset($feed_elt['frss:cssFullContent'])) { + $feed->_pathEntries(Minz_Helper::htmlspecialchars_utf8($feed_elt['frss:cssFullContent'])); + } + + if (isset($feed_elt['frss:cssFullContentFilter'])) { + $feed->_attributes('path_entries_filter', $feed_elt['frss:cssFullContentFilter']); + } + + if (isset($feed_elt['frss:filtersActionRead'])) { + $feed->_filtersAction( + 'read', + preg_split('/[\n\r]+/', $feed_elt['frss:filtersActionRead']) + ); + } + $xPathSettings = []; - foreach ($feed_elt as $key => $value) { - if (is_array($value) && !empty($value['value']) && ($value['namespace'] ?? '') === FreshRSS_Export_Service::FRSS_NAMESPACE) { - switch ($key) { - case 'cssFullContent': $feed->_pathEntries(Minz_Helper::htmlspecialchars_utf8($value['value'])); break; - case 'cssFullContentFilter': $feed->_attributes('path_entries_filter', $value['value']); break; - case 'filtersActionRead': $feed->_filtersAction('read', preg_split('/[\n\r]+/', $value['value'])); break; - case 'xPathItem': $xPathSettings['item'] = $value['value']; break; - case 'xPathItemTitle': $xPathSettings['itemTitle'] = $value['value']; break; - case 'xPathItemContent': $xPathSettings['itemContent'] = $value['value']; break; - case 'xPathItemUri': $xPathSettings['itemUri'] = $value['value']; break; - case 'xPathItemAuthor': $xPathSettings['itemAuthor'] = $value['value']; break; - case 'xPathItemTimestamp': $xPathSettings['itemTimestamp'] = $value['value']; break; - case 'xPathItemTimeFormat': $xPathSettings['itemTimeFormat'] = $value['value']; break; - case 'xPathItemThumbnail': $xPathSettings['itemThumbnail'] = $value['value']; break; - case 'xPathItemCategories': $xPathSettings['itemCategories'] = $value['value']; break; - case 'xPathItemUid': $xPathSettings['itemUid'] = $value['value']; break; - } - } + if (isset($feed_elt['frss:xPathItem'])) { + $xPathSettings['item'] = $feed_elt['frss:xPathItem']; } + if (isset($feed_elt['frss:xPathItemTitle'])) { + $xPathSettings['itemTitle'] = $feed_elt['frss:xPathItemTitle']; + } + if (isset($feed_elt['frss:xPathItemContent'])) { + $xPathSettings['itemContent'] = $feed_elt['frss:xPathItemContent']; + } + if (isset($feed_elt['frss:xPathItemUri'])) { + $xPathSettings['itemUri'] = $feed_elt['frss:xPathItemUri']; + } + if (isset($feed_elt['frss:xPathItemAuthor'])) { + $xPathSettings['itemAuthor'] = $feed_elt['frss:xPathItemAuthor']; + } + if (isset($feed_elt['frss:xPathItemTimestamp'])) { + $xPathSettings['itemTimestamp'] = $feed_elt['frss:xPathItemTimestamp']; + } + if (isset($feed_elt['frss:xPathItemTimeFormat'])) { + $xPathSettings['itemTimeFormat'] = $feed_elt['frss:xPathItemTimeFormat']; + } + if (isset($feed_elt['frss:xPathItemThumbnail'])) { + $xPathSettings['itemThumbnail'] = $feed_elt['frss:xPathItemThumbnail']; + } + if (isset($feed_elt['frss:xPathItemCategories'])) { + $xPathSettings['itemCategories'] = $feed_elt['frss:xPathItemCategories']; + } + if (isset($feed_elt['frss:xPathItemUid'])) { + $xPathSettings['itemUid'] = $feed_elt['frss:xPathItemUid']; + } + if (!empty($xPathSettings)) { $feed->_attributes('xpath', $xPathSettings); } @@ -188,9 +224,11 @@ class FreshRSS_Import_Service { // Call the extension hook /** @var FreshRSS_Feed|null */ $feed = Minz_ExtensionManager::callHook('feed_before_insert', $feed); - if ($dryRun) { + + if ($dry_run) { return $feed; } + if ($feed != null) { // addFeedObject checks if feed is already in DB $id = $this->feedDAO->addFeedObject($feed); @@ -202,81 +240,163 @@ class FreshRSS_Import_Service { } } } catch (FreshRSS_Feed_Exception $e) { - if (FreshRSS_Context::$isCli) { - fwrite(STDERR, 'FreshRSS error during OPML feed import: ' . $e->getMessage() . "\n"); - } else { - Minz_Log::warning($e->getMessage()); - } + self::log($e->getMessage()); $this->lastStatus = false; } - if (FreshRSS_Context::$isCli) { - fwrite(STDERR, 'FreshRSS error during OPML feed import from URL: ' . - SimplePie_Misc::url_remove_credentials($url) . ' in category ' . $parent_cat->id() . "\n"); - } else { - Minz_Log::warning('Error during OPML feed import from URL: ' . - SimplePie_Misc::url_remove_credentials($url) . ' in category ' . $parent_cat->id()); - } - + $clean_url = SimplePie_Misc::url_remove_credentials($url); + self::log("Cannot create {$clean_url} feed in category {$category->name()}"); return null; } /** - * This method imports an OPML category element. + * Create and return a category. + * + * @param array $category_element An OPML element (must be a category element). + * @param boolean $dry_run true to not create the category in database. * - * @param array $cat_elt an OPML element (must be a category element). - * @param FreshRSS_Category|null $parent_cat the name of the parent category. - * @param boolean $flatten true to disable categories, false otherwise. - * @return FreshRSS_Category|null a new category containing some feeds, or null if no category was created, or false if an error occurred. + * @return FreshRSS_Category|null The created category, or null if it failed. */ - private function addCategoryOpml($cat_elt, $parent_cat, $flatten = false, $dryRun = false) { - $error = false; - $cat = null; - if (!$flatten) { - $catName = Minz_Helper::htmlspecialchars_utf8($cat_elt['text']); - $cat = new FreshRSS_Category($catName); - - foreach ($cat_elt as $key => $value) { - if (is_array($value) && !empty($value['value']) && ($value['namespace'] ?? '') === FreshRSS_Export_Service::FRSS_NAMESPACE) { - switch ($key) { - case 'opmlUrl': - $opml_url = checkUrl($value['value']); - if ($opml_url != '') { - $cat->_kind(FreshRSS_Category::KIND_DYNAMIC_OPML); - $cat->_attributes('opml_url', $opml_url); - } - break; - } - } + private function createCategory($category_element, $dry_run) { + $name = $category_element['text'] ?? $category_element['title'] ?? ''; + $name = Minz_Helper::htmlspecialchars_utf8($name); + $category = new FreshRSS_Category($name); + + if (isset($category_element['frss:opmlUrl'])) { + $opml_url = checkUrl($category_element['frss:opmlUrl']); + if ($opml_url != '') { + $category->_kind(FreshRSS_Category::KIND_DYNAMIC_OPML); + $category->_attributes('opml_url', $opml_url); } + } - if (!$dryRun) { - $id = $this->catDAO->addCategoryObject($cat); - if ($id == false) { - $this->lastStatus = false; - $error = true; - } else { - $cat->_id($id); + if ($dry_run) { + return $category; + } + + $id = $this->catDAO->addCategoryObject($category); + if ($id !== false) { + $category->_id($id); + return $category; + } else { + self::log("Cannot create category {$category->name()}"); + $this->lastStatus = false; + return null; + } + } + + /** + * Return the list of category and feed outlines by categories names. + * + * This method is applied to a list of outlines. It merges the different + * list of feeds from several outlines into one array. + * + * @param array $outlines + * The outlines from which to extract the outlines. + * @param string $parent_category_name + * The name of the parent category of the current outlines. + * + * @return array[] + */ + private function loadFromOutlines($outlines, $parent_category_name) { + $categories_elements = []; + $categories_to_feeds = []; + + foreach ($outlines as $outline) { + // Get the categories and feeds from the child outline (it may + // return several categories and feeds if the outline is a category). + list ( + $outline_categories, + $outline_categories_to_feeds, + ) = $this->loadFromOutline($outline, $parent_category_name); + + // Then, we merge the initial arrays with the arrays returned by + // the outline. + $categories_elements = array_merge($categories_elements, $outline_categories); + + foreach ($outline_categories_to_feeds as $category_name => $feeds) { + if (!isset($categories_to_feeds[$category_name])) { + $categories_to_feeds[$category_name] = []; } + + $categories_to_feeds[$category_name] = array_merge( + $categories_to_feeds[$category_name], + $feeds + ); } - if ($error) { - if (FreshRSS_Context::$isCli) { - fwrite(STDERR, 'FreshRSS error during OPML category import from URL: ' . $catName . "\n"); - } else { - Minz_Log::warning('Error during OPML category import from URL: ' . $catName); - } + } + + return [$categories_elements, $categories_to_feeds]; + } + + /** + * Return the list of category and feed outlines by categories names. + * + * This method is applied to a specific outline. If the outline represents + * a category (i.e. @outlines key exists), it will reapply loadFromOutlines() + * to its children. If the outline represents a feed (i.e. xmlUrl key + * exists), it will add the outline to an array accessible by its category + * name. + * + * @param array $outline + * The outline from which to extract the categories and feeds outlines. + * @param string $parent_category_name + * The name of the parent category of the current outline. + * + * @return array[] + */ + private function loadFromOutline($outline, $parent_category_name) { + $categories_elements = []; + $categories_to_feeds = []; + + if ($parent_category_name === '' && isset($outline['category'])) { + // The outline has no parent category, but its OPML category + // attribute is set, so we use it as the category name. + // lib_opml parses this attribute as an array of strings, so we + // rebuild a string here. + $parent_category_name = implode(', ', $outline['category']); + $categories_elements[$parent_category_name] = [ + 'text' => $parent_category_name, + ]; + } + + if (isset($outline['@outlines'])) { + // The outline has children, it's probably a category + if (!empty($outline['text'])) { + $category_name = $outline['text']; + } elseif (!empty($outline['title'])) { + $category_name = $outline['title']; } else { - $parent_cat = $cat; + $category_name = $parent_category_name; } + + list ( + $categories_elements, + $categories_to_feeds, + ) = $this->loadFromOutlines($outline['@outlines'], $category_name); + + unset($outline['@outlines']); + $categories_elements[$category_name] = $outline; } - if (isset($cat_elt['@outlines'])) { - // Our cat_elt contains more categories or more feeds, so we - // add them recursively. - // Note: FreshRSS does not support yet category arborescence, so always flatten from here - $this->addOpmlElements($cat_elt['@outlines'], $parent_cat, true, $dryRun); + // The xmlUrl means it's a feed URL: add the outline to the array if it + // exists. + if (isset($outline['xmlUrl'])) { + if (!isset($categories_to_feeds[$parent_category_name])) { + $categories_to_feeds[$parent_category_name] = []; + } + + $categories_to_feeds[$parent_category_name][] = $outline; } - return $cat; + return [$categories_elements, $categories_to_feeds]; + } + + private static function log($message) { + if (FreshRSS_Context::$isCli) { + fwrite(STDERR, "FreshRSS error during OPML import: {$message}\n"); + } else { + Minz_Log::warning("Error during OPML import: {$message}"); + } } } diff --git a/app/views/helpers/export/opml.phtml b/app/views/helpers/export/opml.phtml index d97641fd2..eb6f7523b 100644 --- a/app/views/helpers/export/opml.phtml +++ b/app/views/helpers/export/opml.phtml @@ -9,6 +9,7 @@ function feedsToOutlines($feeds, $excludeMutedFeeds = false): array { if ($feed->mute() && $excludeMutedFeeds) { continue; } + $outline = [ 'text' => htmlspecialchars_decode($feed->name(), ENT_QUOTES), 'type' => FreshRSS_Export_Service::TYPE_RSS_ATOM, @@ -16,49 +17,58 @@ function feedsToOutlines($feeds, $excludeMutedFeeds = false): array { 'htmlUrl' => htmlspecialchars_decode($feed->website(), ENT_QUOTES), 'description' => htmlspecialchars_decode($feed->description(), ENT_QUOTES), ]; + if ($feed->kind() === FreshRSS_Feed::KIND_HTML_XPATH) { $outline['type'] = FreshRSS_Export_Service::TYPE_HTML_XPATH; /** @var array */ $xPathSettings = $feed->attributes('xpath'); - $outline['frss:xPathItem'] = ['namespace' => FreshRSS_Export_Service::FRSS_NAMESPACE, 'value' => $xPathSettings['item'] ?? null]; - $outline['frss:xPathItemTitle'] = ['namespace' => FreshRSS_Export_Service::FRSS_NAMESPACE, 'value' => $xPathSettings['itemTitle'] ?? null]; - $outline['frss:xPathItemContent'] = ['namespace' => FreshRSS_Export_Service::FRSS_NAMESPACE, 'value' => $xPathSettings['itemContent'] ?? null]; - $outline['frss:xPathItemUri'] = ['namespace' => FreshRSS_Export_Service::FRSS_NAMESPACE, 'value' => $xPathSettings['itemUri'] ?? null]; - $outline['frss:xPathItemAuthor'] = ['namespace' => FreshRSS_Export_Service::FRSS_NAMESPACE, 'value' => $xPathSettings['itemAuthor'] ?? null]; - $outline['frss:xPathItemTimestamp'] = ['namespace' => FreshRSS_Export_Service::FRSS_NAMESPACE, 'value' => $xPathSettings['itemTimestamp'] ?? null]; - $outline['frss:xPathItemTimeformat'] = ['namespace' => FreshRSS_Export_Service::FRSS_NAMESPACE, 'value' => $xPathSettings['itemTimeformat'] ?? null]; - $outline['frss:xPathItemThumbnail'] = ['namespace' => FreshRSS_Export_Service::FRSS_NAMESPACE, 'value' => $xPathSettings['itemThumbnail'] ?? null]; - $outline['frss:xPathItemCategories'] = ['namespace' => FreshRSS_Export_Service::FRSS_NAMESPACE, 'value' => $xPathSettings['itemCategories'] ?? null]; - $outline['frss:xPathItemUid'] = ['namespace' => FreshRSS_Export_Service::FRSS_NAMESPACE, 'value' => $xPathSettings['itemUid'] ?? null]; + $outline['frss:xPathItem'] = $xPathSettings['item'] ?? null; + $outline['frss:xPathItemTitle'] = $xPathSettings['itemTitle'] ?? null; + $outline['frss:xPathItemContent'] = $xPathSettings['itemContent'] ?? null; + $outline['frss:xPathItemUri'] = $xPathSettings['itemUri'] ?? null; + $outline['frss:xPathItemAuthor'] = $xPathSettings['itemAuthor'] ?? null; + $outline['frss:xPathItemTimestamp'] = $xPathSettings['itemTimestamp'] ?? null; + $outline['frss:xPathItemTimeformat'] = $xPathSettings['itemTimeformat'] ?? null; + $outline['frss:xPathItemThumbnail'] = $xPathSettings['itemThumbnail'] ?? null; + $outline['frss:xPathItemCategories'] = $xPathSettings['itemCategories'] ?? null; + $outline['frss:xPathItemUid'] = $xPathSettings['itemUid'] ?? null; } + if (!empty($feed->filtersAction('read'))) { $filters = ''; foreach ($feed->filtersAction('read') as $filterRead) { $filters .= $filterRead->getRawInput() . "\n"; } $filters = trim($filters); - $outline['frss:filtersActionRead'] = ['namespace' => FreshRSS_Export_Service::FRSS_NAMESPACE, 'value' => $filters]; + $outline['frss:filtersActionRead'] = $filters; } + if ($feed->pathEntries() != '') { - $outline['frss:cssFullContent'] = ['namespace' => FreshRSS_Export_Service::FRSS_NAMESPACE, 'value' => htmlspecialchars_decode($feed->pathEntries(), ENT_QUOTES)]; + $outline['frss:cssFullContent'] = htmlspecialchars_decode($feed->pathEntries(), ENT_QUOTES); } + if ($feed->attributes('path_entries_filter') != '') { - $outline['frss:cssFullContentFilter'] = ['namespace' => FreshRSS_Export_Service::FRSS_NAMESPACE, 'value' => $feed->attributes('path_entries_filter')]; + $outline['frss:cssFullContentFilter'] = $feed->attributes('path_entries_filter'); } + $outlines[] = $outline; } + return $outlines; } /** @var FreshRSS_View $this */ -$opml_array = array( - 'head' => array( +$opml_array = [ + 'namespaces' => [ + 'frss' => FreshRSS_Export_Service::FRSS_NAMESPACE, + ], + 'head' => [ 'title' => FreshRSS_Context::$system_conf->title, - 'dateCreated' => date('D, d M Y H:i:s') - ), - 'body' => array() -); + 'dateCreated' => new DateTime(), + ], + 'body' => [], +]; if (!empty($this->categories)) { foreach ($this->categories as $key => $cat) { @@ -66,9 +76,11 @@ if (!empty($this->categories)) { 'text' => htmlspecialchars_decode($cat->name(), ENT_QUOTES), '@outlines' => feedsToOutlines($cat->feeds(), $this->excludeMutedFeeds), ]; + if ($cat->kind() === FreshRSS_Category::KIND_DYNAMIC_OPML) { - $outline['frss:opmlUrl'] = ['namespace' => FreshRSS_Export_Service::FRSS_NAMESPACE, 'value' => $cat->attributes('opml_url')];; + $outline['frss:opmlUrl'] = $cat->attributes('opml_url'); } + $opml_array['body'][$key] = $outline; } } @@ -77,4 +89,5 @@ if (!empty($this->feeds)) { $opml_array['body'][] = feedsToOutlines($this->feeds, $this->excludeMutedFeeds); } -echo libopml_render($opml_array); +$libopml = new \marienfressinaud\LibOpml\LibOpml(true); +echo $libopml->render($opml_array); diff --git a/lib/.gitignore b/lib/.gitignore index 812bbfe76..a1df80381 100644 --- a/lib/.gitignore +++ b/lib/.gitignore @@ -1,6 +1,14 @@ autoload.php composer.lock composer/ +marienfressinaud/lib_opml/.git/ +marienfressinaud/lib_opml/.gitlab-ci.yml +marienfressinaud/lib_opml/.gitlab/ +marienfressinaud/lib_opml/ci/ +marienfressinaud/lib_opml/examples/ +marienfressinaud/lib_opml/Makefile +marienfressinaud/lib_opml/src/functions.php +marienfressinaud/lib_opml/tests/ phpgt/cssxpath/.* phpgt/cssxpath/composer.json phpgt/cssxpath/CONTRIBUTING.md diff --git a/lib/composer.json b/lib/composer.json index 4e4e1c051..6e9e0ee32 100644 --- a/lib/composer.json +++ b/lib/composer.json @@ -12,6 +12,7 @@ ], "require": { "php": ">=7.2.0", + "marienfressinaud/lib_opml": "0.5.0", "phpgt/cssxpath": "dev-master#4fbe420aba3d9e729940107ded4236a835a1a132", "phpmailer/phpmailer": "6.6.0" }, diff --git a/lib/lib_opml.php b/lib/lib_opml.php deleted file mode 100644 index f86d780b7..000000000 --- a/lib/lib_opml.php +++ /dev/null @@ -1,353 +0,0 @@ - - * @link https://github.com/marienfressinaud/lib_opml - * @version 0.2-FreshRSS~1.20.0 - * @license public domain - * - * Usages: - * > include('lib_opml.php'); - * > $filename = 'my_opml_file.xml'; - * > $opml_array = libopml_parse_file($filename); - * > print_r($opml_array); - * - * > $opml_string = [...]; - * > $opml_array = libopml_parse_string($opml_string); - * > print_r($opml_array); - * - * > $opml_array = [...]; - * > $opml_string = libopml_render($opml_array); - * > $opml_object = libopml_render($opml_array, true); - * > echo $opml_string; - * > print_r($opml_object); - * - * You can set $strict argument to false if you want to bypass "text" attribute - * requirement. - * - * If parsing fails for any reason (e.g. not an XML string, does not match with - * the specifications), a LibOPML_Exception is raised. - * - * lib_opml array format is described here: - * $array = array( - * 'head' => array( // 'head' element is optional (but recommended) - * 'key' => 'value', // key must be a part of available OPML head elements - * ), - * 'body' => array( // body is required - * array( // this array represents an outline (at least one) - * 'text' => 'value', // 'text' element is required if $strict is true - * 'key' => 'value', // key and value are what you want (optional) - * '@outlines' = array( // @outlines is a special value and represents sub-outlines - * array( - * [...] // where [...] is a valid outline definition - * ), - * ), - * ), - * array( // other outline definitions - * [...] - * ), - * [...], - * ) - * ) - * - */ - -/** - * A simple Exception class which represents any kind of OPML problem. - * Message should precise the current problem. - */ -class LibOPML_Exception extends Exception {} - - -// Define the list of available head attributes. All of them are optional. -define('HEAD_ELEMENTS', serialize(array( - 'title', 'dateCreated', 'dateModified', 'ownerName', 'ownerEmail', - 'ownerId', 'docs', 'expansionState', 'vertScrollState', 'windowTop', - 'windowLeft', 'windowBottom', 'windowRight' -))); - - -/** - * Parse an XML object as an outline object and return corresponding array - * - * @param SimpleXMLElement $outline_xml the XML object we want to parse - * @param bool $strict true if "text" attribute is required, false else - * @return array corresponding to an outline and following format described above - * @throws LibOPML_Exception - * @access private - */ -function libopml_parse_outline($outline_xml, $strict = true) { - $outline = array(); - - // An outline may contain any kind of attributes but "text" attribute is - // required ! - $text_is_present = false; - - $elem = dom_import_simplexml($outline_xml); - /** @var DOMAttr $attr */ - foreach ($elem->attributes as $attr) { - $key = $attr->localName; - - if ($attr->namespaceURI == '') { - $outline[$key] = $attr->value; - } else { - $outline[$key] = [ - 'namespace' => $attr->namespaceURI, - 'value' => $attr->value, - ]; - } - - if ($key === 'text') { - $text_is_present = true; - } - } - - if (!$text_is_present && $strict) { - throw new LibOPML_Exception( - 'Outline does not contain any text attribute' - ); - } - - if (empty($outline['text']) && isset($outline['title'])) { - $outline['text'] = $outline['title']; - } - - foreach ($outline_xml->children() as $key => $value) { - // An outline may contain any number of outline children - if ($key === 'outline') { - $outline['@outlines'][] = libopml_parse_outline($value, $strict); - } - } - - return $outline; -} - -/** - * Reformat the XML document as a hierarchy when - * the OPML 2.0 category attribute is used - */ -function preprocessing_categories($doc) { - $outline_categories = array(); - $body = $doc->getElementsByTagName('body')->item(0); - $xpath = new DOMXpath($doc); - $outlines = $xpath->query('/opml/body/outline[@category]'); - foreach ($outlines as $outline) { - $category = trim($outline->getAttribute('category')); - if ($category != '') { - $outline_category = null; - if (!isset($outline_categories[$category])) { - $outline_category = $doc->createElement('outline'); - $outline_category->setAttribute('text', $category); - $body->insertBefore($outline_category, $body->firstChild); - $outline_categories[$category] = $outline_category; - } else { - $outline_category = $outline_categories[$category]; - } - $outline->parentNode->removeChild($outline); - $outline_category->appendChild($outline); - } - } -} - -/** - * Parse a string as a XML one and returns the corresponding array - * - * @param string $xml is the string we want to parse - * @param bool $strict true to perform some validation (e.g. require "text" attribute), false to relax - * @return array corresponding to the XML string and following format described above - * @throws LibOPML_Exception - * @access public - */ -function libopml_parse_string($xml, $strict = true) { - $dom = new DOMDocument(); - $dom->recover = true; - $dom->strictErrorChecking = false; - $dom->loadXML($xml); - $dom->encoding = 'UTF-8'; - - //Partial compatibility with the category attribute of OPML 2.0 - preprocessing_categories($dom); - - $opml = simplexml_import_dom($dom); - - if (!$opml) { - throw new LibOPML_Exception(); - } - - $array = array( - 'version' => (string)$opml['version'], - 'head' => array(), - 'body' => array() - ); - - if (isset($opml->head)) { - // We get all "head" elements. Head is required but its sub-elements are optional. - foreach ($opml->head->children() as $key => $value) { - if (in_array($key, unserialize(HEAD_ELEMENTS), true)) { - $array['head'][$key] = (string)$value; - } elseif ($strict) { - throw new LibOPML_Exception($key . ' is not part of the OPML 2.0 specification'); - } - } - } elseif ($strict) { - throw new LibOPML_Exception('Required OPML head element is missing!'); - } - - // Then, we get body oulines. Body must contain at least one outline - // element. - $at_least_one_outline = false; - foreach ($opml->body->children() as $key => $value) { - if ($key === 'outline') { - $at_least_one_outline = true; - $array['body'][] = libopml_parse_outline($value, $strict); - } - } - - if (!$at_least_one_outline) { - throw new LibOPML_Exception( - 'OPML body must contain at least one outline element' - ); - } - - return $array; -} - - -/** - * Parse a string contained into a file as a XML string and returns the corresponding array - * - * @param string $filename should indicates a valid XML file - * @param bool $strict true if "text" attribute is required, false else - * @return array corresponding to the file content and following format described above - * @throws LibOPML_Exception - * @access public - */ -function libopml_parse_file($filename, $strict = true) { - $file_content = file_get_contents($filename); - - if ($file_content === false) { - throw new LibOPML_Exception( - $filename . ' cannot be found' - ); - } - - return libopml_parse_string($file_content, $strict); -} - - -/** - * Create a XML outline object in a parent object. - * - * @param SimpleXMLElement $parent_elt is the parent object of current outline - * @param array $outline array representing an outline object - * @param bool $strict true if "text" attribute is required, false else - * @throws LibOPML_Exception - * @access private - */ -function libopml_render_outline($parent_elt, $outline, $strict) { - // Outline MUST be an array! - if (!is_array($outline)) { - throw new LibOPML_Exception( - 'Outline element must be defined as array' - ); - } - - $outline_elt = $parent_elt->addChild('outline'); - $text_is_present = false; - /** @var string|array $value */ - foreach ($outline as $key => $value) { - // Only outlines can be an array and so we consider children are also - // outline elements. - if ($key === '@outlines' && is_array($value)) { - foreach ($value as $outline_child) { - libopml_render_outline($outline_elt, $outline_child, $strict); - } - } elseif (is_array($value) && !isset($value['namespace'])) { - throw new LibOPML_Exception( - 'Type of outline elements cannot be array (except for providing a namespace): ' . $key - ); - } else { - // Detect text attribute is present, that's good :) - if ($key === 'text') { - $text_is_present = true; - } - if (is_array($value)) { - if (!empty($value['namespace']) && !empty($value['value'])) { - $outline_elt->addAttribute($key, $value['value'], $value['namespace']); - } - } else { - $outline_elt->addAttribute($key, $value); - } - } - } - - if (!$text_is_present && $strict) { - throw new LibOPML_Exception( - 'You must define at least a text element for all outlines' - ); - } -} - - -/** - * Render an array as an OPML string or a XML object. - * - * @param array $array is the array we want to render and must follow structure defined above - * @param bool $as_xml_object false if function must return a string, true for a XML object - * @param bool $strict true if "text" attribute is required, false else - * @return string|SimpleXMLElement XML string corresponding to $array or XML object - * @throws LibOPML_Exception - * @access public - */ -function libopml_render($array, $as_xml_object = false, $strict = true) { - $opml = new SimpleXMLElement(''); - $opml->addAttribute('version', $strict ? '2.0' : '1.0'); - - // Create head element. $array['head'] is optional but head element will - // exist in the final XML object. - $head = $opml->addChild('head'); - if (isset($array['head'])) { - foreach ($array['head'] as $key => $value) { - if (in_array($key, unserialize(HEAD_ELEMENTS), true)) { - $head->addChild($key, $value); - } - } - } - - // Check body is set and contains at least one element - if (!isset($array['body'])) { - throw new LibOPML_Exception( - '$array must contain a body element' - ); - } - if (count($array['body']) <= 0) { - throw new LibOPML_Exception( - 'Body element must contain at least one element (array)' - ); - } - - // Create outline elements - $body = $opml->addChild('body'); - foreach ($array['body'] as $outline) { - libopml_render_outline($body, $outline, $strict); - } - - // And return the final result - if ($as_xml_object) { - return $opml; - } else { - $dom = dom_import_simplexml($opml)->ownerDocument; - $dom->formatOutput = true; - $dom->encoding = 'UTF-8'; - return $dom->saveXML(); - } -} diff --git a/lib/lib_rss.php b/lib/lib_rss.php index cbdfff773..e5362bc5c 100644 --- a/lib/lib_rss.php +++ b/lib/lib_rss.php @@ -57,6 +57,11 @@ function classAutoloader($class) { $base_dir = LIB_PATH . '/phpgt/cssxpath/src/'; $relative_class_name = substr($class, strlen($prefix)); require $base_dir . str_replace('\\', '/', $relative_class_name) . '.php'; + } elseif (str_starts_with($class, 'marienfressinaud\\LibOpml\\')) { + $prefix = 'marienfressinaud\\LibOpml\\'; + $base_dir = LIB_PATH . '/marienfressinaud/lib_opml/src/LibOpml/'; + $relative_class_name = substr($class, strlen($prefix)); + require $base_dir . str_replace('\\', '/', $relative_class_name) . '.php'; } elseif (str_starts_with($class, 'PHPMailer\\PHPMailer\\')) { $prefix = 'PHPMailer\\PHPMailer\\'; $base_dir = LIB_PATH . '/phpmailer/phpmailer/src/'; diff --git a/lib/marienfressinaud/lib_opml/.gitattributes b/lib/marienfressinaud/lib_opml/.gitattributes new file mode 100644 index 000000000..669ea8c8d --- /dev/null +++ b/lib/marienfressinaud/lib_opml/.gitattributes @@ -0,0 +1,8 @@ +/.* export-ignore + +/ci export-ignore +/examples export-ignore +/tests export-ignore + +/CHANGELOG.md export-ignore +/Makefile export-ignore diff --git a/lib/marienfressinaud/lib_opml/.gitignore b/lib/marienfressinaud/lib_opml/.gitignore new file mode 100644 index 000000000..ca9baaf91 --- /dev/null +++ b/lib/marienfressinaud/lib_opml/.gitignore @@ -0,0 +1,2 @@ +/coverage +/vendor diff --git a/lib/marienfressinaud/lib_opml/CHANGELOG.md b/lib/marienfressinaud/lib_opml/CHANGELOG.md new file mode 100644 index 000000000..ee9245e7e --- /dev/null +++ b/lib/marienfressinaud/lib_opml/CHANGELOG.md @@ -0,0 +1,63 @@ +# Changelog of lib\_opml + +## 2022-07-25 - v0.5.0 + +- BREAKING CHANGE: Reverse parameters in `libopml_render()` +- BREAKING CHANGE: Validate email and URL address elements +- Add support for PHP 7.2+ +- Add a .gitattributes file +- Improve the documentation about usage +- Add a note about stability in README +- Fix a PHPDoc annotation +- Homogeneize tests with "Newspapers" examples + +## 2022-06-04 - v0.4.0 + +- Refactor the LibOpml class to be not static +- Parse or render attributes according to their types +- Add support for namespaces +- Don't require text attribute if OPML version is 1.0 +- Check that outline text attribute is not empty +- Verify that xmlUrl and url attributes are present according to the type + attribute +- Accept a version attribute in render method +- Handle OPML 1.1 as 1.0 +- Fail if version, head or body is missing +- Fail if OPML version is not supported +- Fail if head contains invalid elements +- Fail if sub-outlines are not arrays when rendering +- Make parsing less strict by default +- Don't raise most parsing errors when strict is false +- Force type attribute to lowercase +- Remove SimpleXML as a requirement +- Homogenize exception messages +- Close pre tags in the example file +- Improve documentation in the README +- Improve comments in the source code +- Add a MR checklist item about changes +- Update the description in composer.json +- Update dev dependencies + +## 2022-04-23 - v0.3.0 + +- Reorganize the architecture of code (using namespaces and classes) +- Change PHP minimum version to 7.4 +- Move to Framagit instead of GitHub +- Change the license to MIT +- Configure lib\_opml with Composer +- Add PHPUnit tests for all the methods and functions +- Add a linter to the project +- Provide a Makefile +- Configure Gitlab CI instead of Travis +- Add a merge request template +- Improve the comments, documentation and examples + +## 2014-03-31 - v0.2.0 + +- Allow to make optional the `text` attribute +- Improve and complete documentation +- Fix examples + +## 2014-03-29 - v0.1.0 + +First version diff --git a/lib/marienfressinaud/lib_opml/LICENSE b/lib/marienfressinaud/lib_opml/LICENSE new file mode 100644 index 000000000..2ad7f2db4 --- /dev/null +++ b/lib/marienfressinaud/lib_opml/LICENSE @@ -0,0 +1,21 @@ +MIT License + +Copyright (c) 2022 Marien Fressinaud + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/lib/marienfressinaud/lib_opml/README.md b/lib/marienfressinaud/lib_opml/README.md new file mode 100644 index 000000000..34026bc14 --- /dev/null +++ b/lib/marienfressinaud/lib_opml/README.md @@ -0,0 +1,338 @@ +# lib\_opml + +lib\_opml is a library to read and write OPML in PHP. + +OPML is a standard designed to store and exchange outlines (i.e. a tree +structure arranged to show hierarchical relationships). It is mainly used to +exchange list of feeds between feed aggregators. The specification is +available at [opml.org](http://opml.org). + +lib\_opml has been tested with PHP 7.2+. It requires [DOMDocument](https://www.php.net/manual/book.dom.php) +to work. + +It supports versions 1.0 and 2.0 of OPML since these are the only published +versions. Version 1.1 is treated as version 1.0, as stated by the specification. + +It is licensed under the [MIT license](/LICENSE). + +## Installation + +lib\_opml is available on [Packagist](https://packagist.org/packages/marienfressinaud/lib_opml) +and it is recommended to install it with Composer: + +```console +$ composer require marienfressinaud/lib_opml +``` + +If you don’t use Composer, you can download [the ZIP archive](https://framagit.org/marienfressinaud/lib_opml/-/archive/main/lib_opml-main.zip) +and copy the content of the `src/` folder in your project. Then, load the files +manually: + +```php + + + + My OPML + + + + + + + + + + +``` + +You can load it with: + +```php +$opml_array = libopml_parse_file('my_opml_file.xml'); +``` + +lib\_opml parses the file and returns an array: + +```php +[ + 'version' => '2.0', + 'namespaces' => [], + 'head' => [ + 'title' => 'My OPML' + ], + 'body' => [ // each entry of the body is an outline + [ + 'text' => 'Newspapers', + '@outlines' => [ // sub-outlines are accessible with the @outlines key + ['text' => 'El País'], + ['text' => 'Le Monde'], + ['text' => 'The Guardian'], + ['text' => 'The New York Times'] + ] + ] + ] +] +``` + +Since it's just an array, it's very simple to manipulate: + +```php +foreach ($opml_array['body'] as $outline) { + echo $outline['text']; +} +``` + +You also can load directly an OPML string: + +```php +$opml_string = '...'; +$opml_array = libopml_parse_string($opml_string); +``` + +### Render OPML + +lib\_opml is able to render an OPML string from an array. It checks that the +data is valid and respects the specification. + +```php +$opml_array = [ + 'head' => [ + 'title' => 'My OPML', + ], + 'body' => [ + [ + 'text' => 'Newspapers', + '@outlines' => [ + ['text' => 'El País'], + ['text' => 'Le Monde'], + ['text' => 'The Guardian'], + ['text' => 'The New York Times'] + ] + ] + ] +]; + +$opml_string = libopml_render($opml_array); + +file_put_contents('my_opml_file.xml', $opml_string); +``` + +### Handle errors + +If rendering (or parsing) fails for any reason (e.g. empty `body`, missing +`text` attribute, wrong element type), a `\marienfressinaud\LibOpml\Exception` +is raised: + +```php +try { + $opml_array = libopml_render([ + 'body' => [] + ]); +} catch (\marienfressinaud\LibOpml\Exception $e) { + echo $e->getMessage(); +} +``` + +### Class style + +lib\_opml can also be used with a class style: + +```php +use marienfressinaud\LibOpml; + +$libopml = new LibOpml\LibOpml(); + +$opml_array = $libopml->parseFile($filename); +$opml_array = $libopml->parseString($opml_string); +$opml_string = $libopml->render($opml_array); +``` + +### Special elements and attributes + +Some elements have special meanings according to the specification, which means +they can be parsed to a specific type by lib\_opml. In the other way, when +rendering an OPML string, you must pass these elements with their correct +types. + +Head elements: + +- `dateCreated` is parsed to a `\DateTime`; +- `dateModified` is parsed to a `\DateTime`; +- `expansionState` is parsed to an array of integers; +- `vertScrollState` is parsed to an integer; +- `windowTop` is parsed to an integer; +- `windowLeft` is parsed to an integer; +- `windowBottom` is parsed to an integer; +- `windowRight` is parsed to an integer. + +Outline attributes: + +- `created` is parsed to a `\DateTime`; +- `category` is parsed to an array of strings; +- `isComment` is parsed to a boolean; +- `isBreakpoint` is parsed to a boolean. + +If one of these elements is not of the correct type, an Exception is raised. + +Finally, there are additional checks based on the outline type attribute: + +- if `type="rss"`, then the `xmlUrl` attribute is required; +- if `type="link"`, then the `url` attribute is required; +- if `type="include"`, then the `url` attribute is required. + +Note that the `type` attribute is case-insensitive and will always be lowercased. + +### Namespaces + +OPML can be extended with namespaces: + +> An OPML file may contain elements and attributes not described on this page, +> only if those elements are defined in a namespace, as specified by the W3C. + +When rendering an OPML, you can include a `namespaces` key to specify +namespaces: + +```php +$opml_array = [ + 'namespaces' => [ + 'test' => 'https://example.com/test', + ], + 'body' => [ + ['text' => 'My outline', 'test:path' => '/some/example/path'], + ], +]; + +$opml_string = libopml_render($opml_array); +echo $opml_string; +``` + +This will output: + +```xml + + + + + + + +``` + +### Strictness + +You can tell lib\_opml to be less or more strict when parsing or rendering OPML. +This is done by passing an optional `$strict` attribute to the functions. When +strict is `false`, most of the specification requirements are simply ignored +and lib\_opml will do its best to parse (or generate) an OPML. + +By default, parsing is not strict so you’ll be able to read most of the files +out there. If you want the parsing to be strict (to validate a file for +instance), pass `true` to `libopml_parse_file()` or `libopml_parse_string()`: + +```php +$opml_array = libopml_parse_file($filename, true); +$opml_array = libopml_parse_string($opml_string, true); +``` + +On the other side, reading is strict by default, so you are encouraged to +generate valid OPMLs. If you need to relax the strictness, pass `false` to +`libopml_render()`: + +```php +$opml_string = libopml_render($opml_array, false); +``` + +Please note that when using the class form, strict is passed during the object +instantiation: + +```php +use marienfressinaud\LibOpml; + +// lib_opml will be strict for both parsing and rendering! +$libopml = new LibOpml\LibOpml(true); + +$opml_array = $libopml->parseString($opml_string); +$opml_string = $libopml->render($opml_array); +``` + +## Examples and documented source code + +See the [`examples/`](/examples) folder for concrete examples. + +You are encouraged to read the source code to learn more about lib\_opml. Thus, +the full documentation is available as comments in the code: + +- [`src/LibOpml/LibOpml.php`](src/LibOpml/LibOpml.php) +- [`src/LibOpml/Exception.php`](src/LibOpml/Exception.php) +- [`src/functions.php`](src/functions.php) + +## Changelog + +See [CHANGELOG.md](/CHANGELOG.md). + +## Support and stability + +Today, lib\_opml covers all the aspects of the OPML specification. Since the +spec didn't change for more than 15 years, it is expected for the library to +not change a lot in the future. Thus, I plan to release the v1.0 in a near +future. I'm only waiting for more tests to be done on its latest version (in +particular in FreshRSS, see [FreshRSS/FreshRSS#4403](https://github.com/FreshRSS/FreshRSS/pull/4403)). +I would also wait for clarifications about the specification (see [scripting/opml.org#3](https://github.com/scripting/opml.org/issues/3)), +but it isn't a hard requirement. + +After the release of 1.0, lib\_opml will be considered as “finished”. This +means I will not add new features, nor break the existing code. However, I +commit myself to continue to support the library to fix security issues, bugs, +or to add support to new PHP versions. + +In consequence, you can expect lib\_opml to be stable. + +## Tests and linters + +This section is for developers of lib\_opml. + +To run the tests, you’ll have to install Composer first (see [the official +documentation](https://getcomposer.org/doc/00-intro.md)). Then, install the +dependencies: + +```console +$ make install +``` + +You should now have a `vendor/` folder containing the development dependencies. + +Run the tests with: + +```console +$ make test +``` + +Run the linter with: + +```console +$ make lint +$ make lint-fix +``` + +## Contributing + +Please submit bug reports and merge requests to the [Framagit repository](https://framagit.org/marienfressinaud/lib_opml). + +There’s not a lot to do, but the documentation and examples could probably be +improved. + +Merge requests require that you fill a short checklist to save me time while +reviewing your changes. You also must make sure the test suite succeeds. diff --git a/lib/marienfressinaud/lib_opml/composer.json b/lib/marienfressinaud/lib_opml/composer.json new file mode 100644 index 000000000..ba48d16ed --- /dev/null +++ b/lib/marienfressinaud/lib_opml/composer.json @@ -0,0 +1,35 @@ +{ + "name": "marienfressinaud/lib_opml", + "description": "A library to read and write OPML in PHP.", + "license": "MIT", + "authors": [ + { + "name": "Marien Fressinaud", + "email": "dev@marienfressinaud.fr" + } + ], + "require": { + "php": ">=7.2.0", + "ext-dom": "*" + }, + "config": { + "platform": { + "php": "7.2.0" + } + }, + "support": { + "issues": "https://framagit.org/marienfressinaud/lib_opml/-/issues" + }, + "autoload": { + "files": [ + "src/functions.php" + ], + "psr-4": { + "marienfressinaud\\": "src/" + } + }, + "require-dev": { + "squizlabs/php_codesniffer": "^3.6", + "phpunit/phpunit": "^8" + } +} diff --git a/lib/marienfressinaud/lib_opml/src/LibOpml/Exception.php b/lib/marienfressinaud/lib_opml/src/LibOpml/Exception.php new file mode 100644 index 000000000..27c3287a2 --- /dev/null +++ b/lib/marienfressinaud/lib_opml/src/LibOpml/Exception.php @@ -0,0 +1,15 @@ + + * @link https://framagit.org/marienfressinaud/lib_opml + * @license MIT + */ +class Exception extends \Exception +{ +} diff --git a/lib/marienfressinaud/lib_opml/src/LibOpml/LibOpml.php b/lib/marienfressinaud/lib_opml/src/LibOpml/LibOpml.php new file mode 100644 index 000000000..4ba0df821 --- /dev/null +++ b/lib/marienfressinaud/lib_opml/src/LibOpml/LibOpml.php @@ -0,0 +1,770 @@ + '2.0', + * namespaces => [], + * head => [ + * title => 'An OPML file' + * ], + * body => [ + * [ + * text => 'Newspapers', + * @outlines => [ + * [text => 'El País'], + * [text => 'Le Monde'], + * [text => 'The Guardian'], + * [text => 'The New York Times'], + * ] + * ] + * ] + * ] + * + * @see http://opml.org/spec2.opml + * + * @author Marien Fressinaud + * @link https://framagit.org/marienfressinaud/lib_opml + * @license MIT + */ +class LibOpml +{ + /** + * The list of valid head elements. + */ + public const HEAD_ELEMENTS = [ + 'title', 'dateCreated', 'dateModified', 'ownerName', 'ownerEmail', + 'ownerId', 'docs', 'expansionState', 'vertScrollState', 'windowTop', + 'windowLeft', 'windowBottom', 'windowRight' + ]; + + /** + * The list of numeric head elements. + */ + public const NUMERIC_HEAD_ELEMENTS = [ + 'vertScrollState', + 'windowTop', + 'windowLeft', + 'windowBottom', + 'windowRight', + ]; + + /** @var boolean */ + private $strict = true; + + /** @var string */ + private $version = '2.0'; + + /** @var string[] */ + private $namespaces = []; + + /** + * @param bool $strict + * Set to true (default) to check for violations of the specification, + * false otherwise. + */ + public function __construct($strict = true) + { + $this->strict = $strict; + } + + /** + * Parse a XML file and return the corresponding array. + * + * @param string $filename + * The XML file to parse. + * + * @throws \marienfressinaud\LibOpml\Exception + * Raised if the file cannot be read. See also exceptions raised by the + * parseString method. + * + * @return array + * An array reflecting the OPML (the structure is described above). + */ + public function parseFile($filename) + { + $file_content = @file_get_contents($filename); + + if ($file_content === false) { + throw new Exception("OPML file {$filename} cannot be found or read"); + } + + return $this->parseString($file_content); + } + + /** + * Parse a XML string and return the corresponding array. + * + * @param string $xml + * The XML string to parse. + * + * @throws \marienfressinaud\LibOpml\Exception + * Raised if the XML cannot be parsed, if version is missing or + * invalid, if head is missing or contains invalid (or not parsable) + * elements, or if body is missing, empty or contain non outline + * elements. The exceptions (except XML parsing errors) are not raised + * if strict is false. See also exceptions raised by the parseOutline + * method. + * + * @return array + * An array reflecting the OPML (the structure is described above). + */ + public function parseString($xml) + { + $dom = new \DOMDocument(); + $dom->recover = true; + $dom->encoding = 'UTF-8'; + + try { + $result = @$dom->loadXML($xml); + } catch (\Exception | \Error $e) { + $result = false; + } + + if (!$result) { + throw new Exception('OPML string is not valid XML'); + } + + $opml_element = $dom->documentElement; + + // Load the custom namespaces of the document + $xpath = new \DOMXPath($dom); + $this->namespaces = []; + foreach ($xpath->query('//namespace::*') as $node) { + if ($node->prefix === 'xml') { + // This is the base namespace, we don't need to store it + continue; + } + + $this->namespaces[$node->prefix] = $node->namespaceURI; + } + + // Get the version of the document + $version = $opml_element->getAttribute('version'); + if (!$version) { + $this->throwExceptionIfStrict('OPML version attribute is required'); + } + + $version = trim($version); + if ($version === '1.1') { + $version = '1.0'; + } + + if ($version !== '1.0' && $version !== '2.0') { + $this->throwExceptionIfStrict('OPML supported versions are 1.0 and 2.0'); + } + + $this->version = $version; + + // Get head and body child elements + $head_elements = $opml_element->getElementsByTagName('head'); + $child_head_elements = []; + if (count($head_elements) === 1) { + $child_head_elements = $head_elements[0]->childNodes; + } else { + $this->throwExceptionIfStrict('OPML must contain one and only one head element'); + } + + $body_elements = $opml_element->getElementsByTagName('body'); + $child_body_elements = []; + if (count($body_elements) === 1) { + $child_body_elements = $body_elements[0]->childNodes; + } else { + $this->throwExceptionIfStrict('OPML must contain one and only one body element'); + } + + $array = [ + 'version' => $this->version, + 'namespaces' => $this->namespaces, + 'head' => [], + 'body' => [], + ]; + + // Load the child head elements in the head array + foreach ($child_head_elements as $child_head_element) { + if ($child_head_element->nodeType !== XML_ELEMENT_NODE) { + continue; + } + + $name = $child_head_element->nodeName; + $value = $child_head_element->nodeValue; + $namespaced = $child_head_element->namespaceURI !== null; + + if (!in_array($name, self::HEAD_ELEMENTS) && !$namespaced) { + $this->throwExceptionIfStrict( + "OPML head {$name} element is not part of the specification" + ); + } + + if ($name === 'dateCreated' || $name === 'dateModified') { + try { + $value = $this->parseDate($value); + } catch (\DomainException $e) { + $this->throwExceptionIfStrict( + "OPML head {$name} element must be a valid RFC822 or RFC1123 date" + ); + } + } elseif ($name === 'ownerEmail') { + // Testing email validity is hard. PHP filter_var() function is + // too strict compared to the RFC 822, so we can't use it. + if (strpos($value, '@') === false) { + $this->throwExceptionIfStrict( + 'OPML head ownerEmail element must be an email address' + ); + } + } elseif ($name === 'ownerId' || $name === 'docs') { + if (!$this->checkHttpAddress($value)) { + $this->throwExceptionIfStrict( + "OPML head {$name} element must be a HTTP address" + ); + } + } elseif ($name === 'expansionState') { + $numbers = explode(',', $value); + $value = array_map(function ($str_number) { + if (is_numeric($str_number)) { + return intval($str_number); + } else { + $this->throwExceptionIfStrict( + 'OPML head expansionState element must be a list of numbers' + ); + return $str_number; + } + }, $numbers); + } elseif (in_array($name, self::NUMERIC_HEAD_ELEMENTS)) { + if (is_numeric($value)) { + $value = intval($value); + } else { + $this->throwExceptionIfStrict("OPML head {$name} element must be a number"); + } + } + + $array['head'][$name] = $value; + } + + // Load the child body elements in the body array + foreach ($child_body_elements as $child_body_element) { + if ($child_body_element->nodeType !== XML_ELEMENT_NODE) { + continue; + } + + if ($child_body_element->nodeName === 'outline') { + $array['body'][] = $this->parseOutline($child_body_element); + } else { + $this->throwExceptionIfStrict( + 'OPML body element can only contain outline elements' + ); + } + } + + if (empty($array['body'])) { + $this->throwExceptionIfStrict( + 'OPML body element must contain at least one outline element' + ); + } + + return $array; + } + + /** + * Parse a XML element as an outline element and return the corresponding array. + * + * @param \DOMElement $outline_element + * The element to parse. + * + * @throws \marienfressinaud\LibOpml\Exception + * Raised if the outline contains non-outline elements, if it doesn't + * contain a text attribute (or if empty), if a special attribute is + * not parsable, or if type attribute requirements are not met. The + * exceptions are not raised if strict is false. The exception about + * missing text attribute is not raised if version is 1.0. + * + * @return array + * An array reflecting the OPML outline (the structure is described above). + */ + private function parseOutline($outline_element) + { + $outline = []; + + // Load the element attributes in the outline array + foreach ($outline_element->attributes as $outline_attribute) { + $name = $outline_attribute->nodeName; + $value = $outline_attribute->nodeValue; + + if ($name === 'created') { + try { + $value = $this->parseDate($value); + } catch (\DomainException $e) { + $this->throwExceptionIfStrict( + 'OPML outline created attribute must be a valid RFC822 or RFC1123 date' + ); + } + } elseif ($name === 'category') { + $categories = explode(',', $value); + $categories = array_map(function ($category) { + return trim($category); + }, $categories); + $value = $categories; + } elseif ($name === 'isComment' || $name === 'isBreakpoint') { + if ($value === 'true' || $value === 'false') { + $value = $value === 'true'; + } else { + $this->throwExceptionIfStrict( + "OPML outline {$name} attribute must be a boolean (true or false)" + ); + } + } elseif ($name === 'type') { + // type attribute is case-insensitive + $value = strtolower($value); + } + + $outline[$name] = $value; + } + + if (empty($outline['text']) && $this->version !== '1.0') { + $this->throwExceptionIfStrict( + 'OPML outline text attribute is required' + ); + } + + // Perform additional check based on the type of the outline + $type = $outline['type'] ?? ''; + if ($type === 'rss') { + if (empty($outline['xmlUrl'])) { + $this->throwExceptionIfStrict( + 'OPML outline xmlUrl attribute is required when type is "rss"' + ); + } elseif (!$this->checkHttpAddress($outline['xmlUrl'])) { + $this->throwExceptionIfStrict( + 'OPML outline xmlUrl attribute must be a HTTP address when type is "rss"' + ); + } + } elseif ($type === 'link' || $type === 'include') { + if (empty($outline['url'])) { + $this->throwExceptionIfStrict( + "OPML outline url attribute is required when type is \"{$type}\"" + ); + } elseif (!$this->checkHttpAddress($outline['url'])) { + $this->throwExceptionIfStrict( + "OPML outline url attribute must be a HTTP address when type is \"{$type}\"" + ); + } + } + + // Load the sub-outlines in a @outlines array + foreach ($outline_element->childNodes as $child_outline_element) { + if ($child_outline_element->nodeType !== XML_ELEMENT_NODE) { + continue; + } + + if ($child_outline_element->nodeName === 'outline') { + $outline['@outlines'][] = $this->parseOutline($child_outline_element); + } else { + $this->throwExceptionIfStrict( + 'OPML body element can only contain outline elements' + ); + } + } + + return $outline; + } + + /** + * Parse a value as a date. + * + * @param string $value + * + * @throws \DomainException + * Raised if the value cannot be parsed. + * + * @return \DateTime + */ + private function parseDate($value) + { + $formats = [ + \DateTimeInterface::RFC822, + \DateTimeInterface::RFC1123, + ]; + + foreach ($formats as $format) { + $date = date_create_from_format($format, $value); + if ($date !== false) { + return $date; + } + } + + throw new \DomainException('The argument cannot be parsed as a date'); + } + + /** + * Render an OPML array as a string or a \DOMDocument. + * + * @param array $array + * The array to render, it must follow the structure defined above. + * @param bool $as_dom_document + * Set to false (default) to return the array as a string, true to + * return as a \DOMDocument. + * + * @throws \marienfressinaud\LibOpml\Exception + * Raised if the `head` array contains unknown or invalid elements + * (i.e. not of correct type), or if the `body` array is missing or + * empty. The exceptions are not raised if strict is false. See also + * exceptions raised by the renderOutline method. + * + * @return string|\DOMDocument + * The XML string or DOM document corresponding to the given array. + */ + public function render($array, $as_dom_document = false) + { + $dom = new \DOMDocument('1.0', 'UTF-8'); + $opml_element = new \DOMElement('opml'); + $dom->appendChild($opml_element); + + // Set the version attribute of the OPML document + $version = $array['version'] ?? '2.0'; + + if ($version === '1.1') { + $version = '1.0'; + } + + if ($version !== '1.0' && $version !== '2.0') { + $this->throwExceptionIfStrict('OPML supported versions are 1.0 and 2.0'); + } + + $this->version = $version; + $opml_element->setAttribute('version', $this->version); + + // Declare the namespace on the opml element + $this->namespaces = $array['namespaces'] ?? []; + foreach ($this->namespaces as $prefix => $namespace) { + $opml_element->setAttributeNS( + 'http://www.w3.org/2000/xmlns/', + "xmlns:{$prefix}", + $namespace + ); + } + + // Add the head element to the OPML document. $array['head'] is + // optional but head tag will always exist in the final XML. + $head_element = new \DOMElement('head'); + $opml_element->appendChild($head_element); + if (isset($array['head'])) { + foreach ($array['head'] as $name => $value) { + $namespace = $this->getNamespace($name); + + if (!in_array($name, self::HEAD_ELEMENTS, true) && !$namespace) { + $this->throwExceptionIfStrict( + "OPML head {$name} element is not part of the specification" + ); + } + + if ($name === 'dateCreated' || $name === 'dateModified') { + if ($value instanceof \DateTimeInterface) { + $value = $value->format(\DateTimeInterface::RFC1123); + } else { + $this->throwExceptionIfStrict( + "OPML head {$name} element must be a DateTime" + ); + } + } elseif ($name === 'ownerEmail') { + // Testing email validity is hard. PHP filter_var() function is + // too strict compared to the RFC 822, so we can't use it. + if (strpos($value, '@') === false) { + $this->throwExceptionIfStrict( + 'OPML head ownerEmail element must be an email address' + ); + } + } elseif ($name === 'ownerId' || $name === 'docs') { + if (!$this->checkHttpAddress($value)) { + $this->throwExceptionIfStrict( + "OPML head {$name} element must be a HTTP address" + ); + } + } elseif ($name === 'expansionState') { + if (is_array($value)) { + foreach ($value as $number) { + if (!is_int($number)) { + $this->throwExceptionIfStrict( + 'OPML head expansionState element must be an array of integers' + ); + } + } + + $value = implode(', ', $value); + } else { + $this->throwExceptionIfStrict( + 'OPML head expansionState element must be an array of integers' + ); + } + } elseif (in_array($name, self::NUMERIC_HEAD_ELEMENTS)) { + if (!is_int($value)) { + $this->throwExceptionIfStrict( + "OPML head {$name} element must be an integer" + ); + } + } + + $child_head_element = new \DOMElement($name, $value, $namespace); + $head_element->appendChild($child_head_element); + } + } + + // Check body is set and contains at least one element + if (!isset($array['body'])) { + $this->throwExceptionIfStrict('OPML array must contain a body key'); + } + + $array_body = $array['body'] ?? []; + if (count($array_body) <= 0) { + $this->throwExceptionIfStrict( + 'OPML body element must contain at least one outline array' + ); + } + + // Create outline elements in the body element + $body_element = new \DOMElement('body'); + $opml_element->appendChild($body_element); + foreach ($array_body as $outline) { + $this->renderOutline($body_element, $outline); + } + + // And return the final result + if ($as_dom_document) { + return $dom; + } else { + $dom->formatOutput = true; + return $dom->saveXML(); + } + } + + /** + * Transform an outline array to a \DOMElement and add it to a parent element. + * + * @param \DOMElement $parent_element + * The DOM parent element of the current outline. + * @param array $outline + * The outline array to transform in a \DOMElement, it must follow the + * structure defined above. + * + * @throws \marienfressinaud\LibOpml\Exception + * Raised if the outline is not an array, if it doesn't contain a text + * attribute (or if empty), if the `@outlines` key is not an array, if + * a special attribute does not match its corresponding type, or if + * `type` key requirements are not met. The exceptions (except errors + * about outline or suboutlines not being arrays) are not raised if + * strict is false. The exception about missing text attribute is not + * raised if version is 1.0. + */ + private function renderOutline($parent_element, $outline) + { + // Perform initial checks to verify the outline is correctly declared + if (!is_array($outline)) { + throw new Exception( + 'OPML outline element must be defined as an array' + ); + } + + if (empty($outline['text']) && $this->version !== '1.0') { + $this->throwExceptionIfStrict( + 'OPML outline text attribute is required' + ); + } + + if (isset($outline['type'])) { + $type = strtolower($outline['type']); + + if ($type === 'rss') { + if (empty($outline['xmlUrl'])) { + $this->throwExceptionIfStrict( + 'OPML outline xmlUrl attribute is required when type is "rss"' + ); + } elseif (!$this->checkHttpAddress($outline['xmlUrl'])) { + $this->throwExceptionIfStrict( + 'OPML outline xmlUrl attribute must be a HTTP address when type is "rss"' + ); + } + } elseif ($type === 'link' || $type === 'include') { + if (empty($outline['url'])) { + $this->throwExceptionIfStrict( + "OPML outline url attribute is required when type is \"{$type}\"" + ); + } elseif (!$this->checkHttpAddress($outline['url'])) { + $this->throwExceptionIfStrict( + "OPML outline url attribute must be a HTTP address when type is \"{$type}\"" + ); + } + } + } + + // Create the outline element and add it to the parent + $outline_element = new \DOMElement('outline'); + $parent_element->appendChild($outline_element); + + // Load the sub-outlines as child elements + if (isset($outline['@outlines'])) { + $outline_children = $outline['@outlines']; + + if (!is_array($outline_children)) { + throw new Exception( + 'OPML outline element must be defined as an array' + ); + } + + foreach ($outline_children as $outline_child) { + $this->renderOutline($outline_element, $outline_child); + } + + // We don't want the sub-outlines to be loaded as attributes, so we + // remove the key from the array. + unset($outline['@outlines']); + } + + // Load the other elements of the array as attributes + foreach ($outline as $name => $value) { + $namespace = $this->getNamespace($name); + + if ($name === 'created') { + if ($value instanceof \DateTimeInterface) { + $value = $value->format(\DateTimeInterface::RFC1123); + } else { + $this->throwExceptionIfStrict( + 'OPML outline created attribute must be a DateTime' + ); + } + } elseif ($name === 'isComment' || $name === 'isBreakpoint') { + if (is_bool($value)) { + $value = $value ? 'true' : 'false'; + } else { + $this->throwExceptionIfStrict( + "OPML outline {$name} attribute must be a boolean" + ); + } + } elseif (is_array($value)) { + $value = implode(', ', $value); + } + + $outline_element->setAttributeNS($namespace, $name, $value); + } + } + + /** + * Return wether a value is a valid HTTP address or not. + * + * HTTP address is not strictly defined by the OPML spec, so it is assumed: + * + * - it can be parsed by parse_url + * - it has a host part + * - scheme is http or https + * + * filter_var is not used because it would reject internationalized URLs + * (i.e. with non ASCII chars). An alternative would be to punycode such + * URLs, but it's more work to do it properly, and lib_opml needs to stay + * simple. + * + * @param string $value + * + * @return boolean + * Return true if the value is a valid HTTP address, false otherwise. + */ + public function checkHttpAddress($value) + { + $value = trim($value); + $parsed_url = parse_url($value); + if (!$parsed_url) { + return false; + } + + if ( + !isset($parsed_url['scheme']) || + !isset($parsed_url['host']) + ) { + return false; + } + + if ( + $parsed_url['scheme'] !== 'http' && + $parsed_url['scheme'] !== 'https' + ) { + return false; + } + + return true; + } + + /** + * Return the namespace of a qualified name. An empty string is returned if + * the name is not namespaced. + * + * @param string $qualified_name + * + * @throws \marienfressinaud\LibOpml\Exception + * Raised if the namespace prefix isn't declared. + * + * @return string + */ + private function getNamespace($qualified_name) + { + $split_name = explode(':', $qualified_name, 2); + // count will always be 1 or 2. + if (count($split_name) === 1) { + // If 1, there's no prefix, thus no namespace + return ''; + } else { + // If 2, it means it has a namespace prefix, so we get the + // namespace from the declared ones. + $namespace_prefix = $split_name[0]; + if (!isset($this->namespaces[$namespace_prefix])) { + throw new Exception( + "OPML namespace {$namespace_prefix} is not declared" + ); + } + + return $this->namespaces[$namespace_prefix]; + } + } + + /** + * Raise an exception only if strict is true. + * + * @param string $message + * + * @throws \marienfressinaud\LibOpml\Exception + */ + private function throwExceptionIfStrict($message) + { + if ($this->strict) { + throw new Exception($message); + } + } +} diff --git a/phpcs.xml b/phpcs.xml index e29886ccb..838302e52 100644 --- a/phpcs.xml +++ b/phpcs.xml @@ -5,6 +5,7 @@ ./.git/ ./lib/SimplePie/ + ./lib/marienfressinaud/ ./lib/phpgt/ ./lib/phpmailer/ ./lib/http-conditional.php diff --git a/phpstan.neon b/phpstan.neon index 91509245f..846731c70 100644 --- a/phpstan.neon +++ b/phpstan.neon @@ -7,18 +7,16 @@ parameters: paths: - . excludePaths: - - .git/* - - lib/phpmailer/* - - lib/SimplePie/* - - node_modules/* - # TODO: include tests - - tests/* - - vendor/* - scanDirectories: - - lib/phpmailer/ - - lib/SimplePie/ + analyse: + - lib/marienfressinaud/* + - lib/phpmailer/* + - lib/SimplePie/* + analyseAndScan: + - .git/* + - node_modules/* + # TODO: include tests + - tests/* + - vendor/* bootstrapFiles: - cli/_cli.php - lib/favicons.php - - lib/SimplePie/SimplePie.php - - app/SQL/install.sql.sqlite.php -- cgit v1.2.3 From 07efaf71eac19934d858df678576823da131d1bb Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Thu, 26 Jan 2023 08:59:34 +0100 Subject: Fix error handling when updating URL (#5039) Fix 3 related error handling when updating the feed URL with an invalid URL. Previously leading to unclear 500 page with additional PHP errors. --- app/Controllers/subscriptionController.php | 5 ++++- app/Models/Feed.php | 7 ++++--- lib/lib_rss.php | 2 +- 3 files changed, 9 insertions(+), 5 deletions(-) (limited to 'lib/lib_rss.php') diff --git a/app/Controllers/subscriptionController.php b/app/Controllers/subscriptionController.php index 315187aaa..c1acfd958 100644 --- a/app/Controllers/subscriptionController.php +++ b/app/Controllers/subscriptionController.php @@ -256,7 +256,7 @@ class FreshRSS_subscription_Controller extends FreshRSS_ActionController { $url_redirect = array('c' => 'subscription', 'params' => array('id' => $id)); } - if ($feedDAO->updateFeed($id, $values) !== false) { + if ($values['url'] != '' && $feedDAO->updateFeed($id, $values) !== false) { $feed->_categoryId($values['category']); // update url and website values for faviconPrepare $feed->_url($values['url'], false); @@ -265,6 +265,9 @@ class FreshRSS_subscription_Controller extends FreshRSS_ActionController { Minz_Request::good(_t('feedback.sub.feed.updated'), $url_redirect); } else { + if ($values['url'] == '') { + Minz_Log::warning('Invalid feed URL!'); + } Minz_Request::bad(_t('feedback.sub.feed.error'), $url_redirect); } } diff --git a/app/Models/Feed.php b/app/Models/Feed.php index a63c2b3ea..09cacbd61 100644 --- a/app/Models/Feed.php +++ b/app/Models/Feed.php @@ -259,13 +259,14 @@ class FreshRSS_Feed extends Minz_Model { } public function _url(string $value, bool $validate = true) { $this->hash = ''; + $url = $value; if ($validate) { - $value = checkUrl($value); + $url = checkUrl($url); } - if ($value == '') { + if ($url == '') { throw new FreshRSS_BadUrl_Exception($value); } - $this->url = $value; + $this->url = $url; } public function _kind(int $value) { $this->kind = $value; diff --git a/lib/lib_rss.php b/lib/lib_rss.php index e5362bc5c..d1821b639 100644 --- a/lib/lib_rss.php +++ b/lib/lib_rss.php @@ -845,7 +845,7 @@ function errorMessageInfo($errorTitle, $error = '') { $details = ''; // Prevent empty tags by checking if error isn not empty first if ($error) { - $error = htmlspecialchars($error, ENT_NOQUOTES, 'UTF-8'); + $error = htmlspecialchars($error, ENT_NOQUOTES, 'UTF-8') . "\n"; // First line is the main message, other lines are the details list($message, $details) = explode("\n", $error, 2); -- cgit v1.2.3 From 4f316b2ed397bb331ef89f2cd2d8ce92a725ccba Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Sun, 29 Jan 2023 18:53:51 +0100 Subject: PHPStan level 9 for ./p/ and lib_rss.php (#5049) And app/FreshRSS.php Contributes to https://github.com/FreshRSS/FreshRSS/issues/4112 --- app/FreshRSS.php | 24 +- app/Models/Entry.php | 5 + app/Models/EntryDAO.php | 13 +- lib/Minz/ModelPdo.php | 2 +- lib/Minz/Translate.php | 4 +- lib/lib_rss.php | 158 ++-- p/api/fever.php | 190 ++--- p/api/greader.php | 1861 ++++++++++++++++++++++++----------------------- p/api/pshb.php | 17 +- p/ext.php | 16 +- p/f.php | 2 +- p/i/index.php | 4 +- 12 files changed, 1196 insertions(+), 1100 deletions(-) (limited to 'lib/lib_rss.php') diff --git a/app/FreshRSS.php b/app/FreshRSS.php index e374fa827..76ced841c 100644 --- a/app/FreshRSS.php +++ b/app/FreshRSS.php @@ -18,7 +18,7 @@ class FreshRSS extends Minz_FrontController { * - Init notifications * - Enable user extensions (need all the other initializations) */ - public function init() { + public function init(): void { if (!isset($_SESSION)) { Minz_Session::init('FreshRSS'); } @@ -71,10 +71,10 @@ class FreshRSS extends Minz_FrontController { Minz_ExtensionManager::callHook('freshrss_init'); } - private static function initAuth() { + private static function initAuth(): void { FreshRSS_Auth::init(); if (Minz_Request::isPost()) { - if (!(FreshRSS_Auth::isCsrfOk() || + if (FreshRSS_Context::$system_conf == null || !(FreshRSS_Auth::isCsrfOk() || (Minz_Request::controllerName() === 'auth' && Minz_Request::actionName() === 'login') || (Minz_Request::controllerName() === 'user' && Minz_Request::actionName() === 'create' && !FreshRSS_Auth::hasAccess('admin')) || (Minz_Request::controllerName() === 'feed' && Minz_Request::actionName() === 'actualize' @@ -92,7 +92,7 @@ class FreshRSS extends Minz_FrontController { } } - private static function initI18n() { + private static function initI18n(): void { $userLanguage = isset(FreshRSS_Context::$user_conf) ? FreshRSS_Context::$user_conf->language : null; $systemLanguage = isset(FreshRSS_Context::$system_conf) ? FreshRSS_Context::$system_conf->language : null; $language = Minz_Translate::getLanguage($userLanguage, Minz_Request::getPreferredLanguages(), $systemLanguage); @@ -107,12 +107,15 @@ class FreshRSS extends Minz_FrontController { date_default_timezone_set($timezone); } - private static function getThemeFileUrl($theme_id, $filename) { + private static function getThemeFileUrl(string $theme_id, string $filename): string { $filetime = @filemtime(PUBLIC_PATH . '/themes/' . $theme_id . '/' . $filename); return '/themes/' . $theme_id . '/' . $filename . '?' . $filetime; } - public static function loadStylesAndScripts() { + public static function loadStylesAndScripts(): void { + if (FreshRSS_Context::$user_conf == null) { + return; + } $theme = FreshRSS_Themes::load(FreshRSS_Context::$user_conf->theme); if ($theme) { foreach(array_reverse($theme['files']) as $file) { @@ -146,22 +149,23 @@ class FreshRSS extends Minz_FrontController { FreshRSS_View::prependScript(Minz_Url::display('/scripts/main.js?' . @filemtime(PUBLIC_PATH . '/scripts/main.js'))); } - private static function loadNotifications() { + private static function loadNotifications(): void { $notif = Minz_Request::getNotification(); if ($notif) { FreshRSS_View::_param('notification', $notif); } } - public static function preLayout() { + public static function preLayout(): void { header("X-Content-Type-Options: nosniff"); FreshRSS_Share::load(join_path(APP_PATH, 'shares.php')); self::loadStylesAndScripts(); } - private static function checkEmailValidated() { - $email_not_verified = FreshRSS_Auth::hasAccess() && FreshRSS_Context::$user_conf->email_validation_token !== ''; + private static function checkEmailValidated(): void { + $email_not_verified = FreshRSS_Auth::hasAccess() && + FreshRSS_Context::$user_conf !== null && FreshRSS_Context::$user_conf->email_validation_token !== ''; $action_is_allowed = ( Minz_Request::is('user', 'validateEmail') || Minz_Request::is('user', 'sendValidationEmail') || diff --git a/app/Models/Entry.php b/app/Models/Entry.php index 16de8beb6..81ece1ce4 100644 --- a/app/Models/Entry.php +++ b/app/Models/Entry.php @@ -17,10 +17,14 @@ class FreshRSS_Entry extends Minz_Model { */ private $guid; + /** @var string */ private $title; private $authors; + /** @var string */ private $content; + /** @var string */ private $link; + /** @var int */ private $date; private $date_added = 0; //In microseconds /** @@ -298,6 +302,7 @@ HTML; public function link(): string { return $this->link; } + /** @return string|int */ public function date(bool $raw = false) { if ($raw) { return $this->date; diff --git a/app/Models/EntryDAO.php b/app/Models/EntryDAO.php index cda51e5b4..3b7c1ac3f 100644 --- a/app/Models/EntryDAO.php +++ b/app/Models/EntryDAO.php @@ -1165,10 +1165,12 @@ SQL; } } - public function listByIds($ids, $order = 'DESC') { + /** @param array $ids */ + public function listByIds(array $ids, string $order = 'DESC') { if (count($ids) < 1) { - yield false; - } elseif (count($ids) > FreshRSS_DatabaseDAO::MAX_VARIABLE_NUMBER) { + return; + } + if (count($ids) > FreshRSS_DatabaseDAO::MAX_VARIABLE_NUMBER) { // Split a query with too many variables parameters $idsChunks = array_chunk($ids, FreshRSS_DatabaseDAO::MAX_VARIABLE_NUMBER); foreach ($idsChunks as $idsChunk) { @@ -1195,15 +1197,16 @@ SQL; /** * For API + * @return array */ public function listIdsWhere($type = 'a', $id = '', $state = FreshRSS_Entry::STATE_ALL, - $order = 'DESC', $limit = 1, $firstId = '', $filters = null) { + $order = 'DESC', $limit = 1, $firstId = '', $filters = null): array { list($values, $sql) = $this->sqlListWhere($type, $id, $state, $order, $limit, $firstId, $filters); $stm = $this->pdo->prepare($sql); $stm->execute($values); - return $stm->fetchAll(PDO::FETCH_COLUMN, 0); + return $stm->fetchAll(PDO::FETCH_COLUMN, 0) ?: []; } public function listHashForFeedGuids($id_feed, $guids) { diff --git a/lib/Minz/ModelPdo.php b/lib/Minz/ModelPdo.php index 0f5b9efca..85796b53a 100644 --- a/lib/Minz/ModelPdo.php +++ b/lib/Minz/ModelPdo.php @@ -26,7 +26,7 @@ class Minz_ModelPdo { private static $sharedCurrentUser; /** - * @var Minz_Pdo|null + * @var Minz_Pdo */ protected $pdo; diff --git a/lib/Minz/Translate.php b/lib/Minz/Translate.php index 584f08aa0..07d48ec08 100644 --- a/lib/Minz/Translate.php +++ b/lib/Minz/Translate.php @@ -87,10 +87,10 @@ class Minz_Translate { * preferred languages then returns the default language * @param string|null $user the connected user language (nullable) * @param array $preferred an array of the preferred languages - * @param string $default the preferred language to use + * @param string|null $default the preferred language to use * @return string containing the language to use */ - public static function getLanguage($user, $preferred, $default) { + public static function getLanguage(?string $user, array $preferred, ?string $default): string { if (null !== $user) { return $user; } diff --git a/lib/lib_rss.php b/lib/lib_rss.php index d1821b639..893bed8eb 100644 --- a/lib/lib_rss.php +++ b/lib/lib_rss.php @@ -4,8 +4,8 @@ if (version_compare(PHP_VERSION, FRESHRSS_MIN_PHP_VERSION, '<')) { } if (!function_exists('mb_strcut')) { - function mb_strcut($str, $start, $length = null, $encoding = 'UTF-8') { - return substr($str, $start, $length); + function mb_strcut(string $str, int $start, ?int $length = null, string $encoding = 'UTF-8'): string { + return substr($str, $start, $length) ?: ''; } } @@ -34,7 +34,7 @@ function join_path(...$path_parts): string { } // -function classAutoloader($class) { +function classAutoloader(string $class): void { if (strpos($class, 'FreshRSS') === 0) { $components = explode('_', $class); switch (count($components)) { @@ -73,14 +73,10 @@ function classAutoloader($class) { spl_autoload_register('classAutoloader'); // -/** - * @param string $url - * @return string - */ -function idn_to_puny($url) { +function idn_to_puny(string $url): string { if (function_exists('idn_to_ascii')) { $idn = parse_url($url, PHP_URL_HOST); - if ($idn != '') { + if (is_string($idn) && $idn != '') { // https://wiki.php.net/rfc/deprecate-and-remove-intl_idna_variant_2003 if (defined('INTL_IDNA_VARIANT_UTS46')) { $puny = idn_to_ascii($idn, IDNA_DEFAULT, INTL_IDNA_VARIANT_UTS46); @@ -90,7 +86,7 @@ function idn_to_puny($url) { $puny = idn_to_ascii($idn); } $pos = strpos($url, $idn); - if ($puny != '' && $pos !== false) { + if ($puny != false && $pos !== false) { $url = substr_replace($url, $puny, $pos, strlen($idn)); } } @@ -99,11 +95,9 @@ function idn_to_puny($url) { } /** - * @param string $url - * @param bool $fixScheme * @return string|false */ -function checkUrl($url, $fixScheme = true) { +function checkUrl(string $url, bool $fixScheme = true) { $url = trim($url); if ($url == '') { return ''; @@ -127,31 +121,19 @@ function checkUrl($url, $fixScheme = true) { * @return string */ function safe_ascii($text) { - return filter_var($text, FILTER_DEFAULT, FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH); + return filter_var($text, FILTER_DEFAULT, FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH) ?: ''; } if (function_exists('mb_convert_encoding')) { - /** - * @param string $text - * @return string - */ - function safe_utf8($text) { - return mb_convert_encoding($text, 'UTF-8', 'UTF-8'); + function safe_utf8(string $text): string { + return mb_convert_encoding($text, 'UTF-8', 'UTF-8') ?: ''; } } elseif (function_exists('iconv')) { - /** - * @param string $text - * @return string - */ - function safe_utf8($text) { - return iconv('UTF-8', 'UTF-8//IGNORE', $text); + function safe_utf8(string $text): string { + return iconv('UTF-8', 'UTF-8//IGNORE', $text) ?: ''; } } else { - /** - * @param string $text - * @return string - */ - function safe_utf8($text) { + function safe_utf8(string $text): string { return $text; } } @@ -178,14 +160,14 @@ function escapeToUnicodeAlternative($text, $extended = true) { return trim(str_replace($problem, $replace, $text)); } -function format_number($n, $precision = 0) { +function format_number(float $n, int $precision = 0): string { // number_format does not seem to be Unicode-compatible return str_replace(' ', ' ', // Thin non-breaking space number_format($n, $precision, '.', ' ') ); } -function format_bytes($bytes, $precision = 2, $system = 'IEC') { +function format_bytes(int $bytes, int $precision = 2, string $system = 'IEC'): string { if ($system === 'IEC') { $base = 1024; $units = array('B', 'KiB', 'MiB', 'GiB', 'TiB'); @@ -202,7 +184,7 @@ function format_bytes($bytes, $precision = 2, $system = 'IEC') { return format_number($bytes, $precision) . ' ' . $units[$pow]; } -function timestamptodate ($t, $hour = true) { +function timestamptodate(int $t, bool $hour = true): string { $month = _t('gen.date.' . date('M', $t)); if ($hour) { $date = _t('gen.date.format_date_hour', $month); @@ -210,14 +192,13 @@ function timestamptodate ($t, $hour = true) { $date = _t('gen.date.format_date', $month); } - return @date ($date, $t); + return @date($date, $t) ?: ''; } /** * Decode HTML entities but preserve XML entities. - * @param string|null $text */ -function html_only_entity_decode($text): string { +function html_only_entity_decode(?string $text): string { static $htmlEntitiesOnly = null; if ($htmlEntitiesOnly === null) { $htmlEntitiesOnly = array_flip(array_diff( @@ -225,7 +206,7 @@ function html_only_entity_decode($text): string { get_html_translation_table(HTML_SPECIALCHARS, ENT_NOQUOTES, 'UTF-8') //Preserve XML entities )); } - return $text == '' ? '' : strtr($text, $htmlEntitiesOnly); + return $text == null ? '' : strtr($text, $htmlEntitiesOnly); } /** @@ -239,8 +220,10 @@ function sensitive_log($log) { foreach ($log as $k => $v) { if (in_array($k, ['api_key', 'Passwd', 'T'])) { $log[$k] = '██'; - } else { + } elseif (is_array($v) || is_string($v)) { $log[$k] = sensitive_log($v); + } else { + return ''; } } } elseif (is_string($log)) { @@ -248,7 +231,7 @@ function sensitive_log($log) { '/\b(auth=.*?\/)[^&]+/i', '/\b(Passwd=)[^&]+/i', '/\b(Authorization)[^&]+/i', - ], '$1█', $log); + ], '$1█', $log) ?? ''; } return $log; } @@ -257,6 +240,9 @@ function sensitive_log($log) { * @param array $attributes */ function customSimplePie($attributes = array()): SimplePie { + if (FreshRSS_Context::$system_conf === null) { + throw new FreshRSS_Context_Exception('System configuration not initialised!'); + } $limits = FreshRSS_Context::$system_conf->limits; $simplePie = new SimplePie(); $simplePie->set_useragent(FRESHRSS_USERAGENT); @@ -338,13 +324,13 @@ function customSimplePie($attributes = array()): SimplePie { } /** - * @param int|false $maxLength + * @param string $data */ -function sanitizeHTML($data, string $base = '', $maxLength = false) { - if (!is_string($data) || ($maxLength !== false && $maxLength <= 0)) { +function sanitizeHTML($data, string $base = '', ?int $maxLength = null): string { + if (!is_string($data) || ($maxLength !== null && $maxLength <= 0)) { return ''; } - if ($maxLength !== false) { + if ($maxLength !== null) { $data = mb_strcut($data, 0, $maxLength, 'UTF-8'); } static $simplePie = null; @@ -353,7 +339,7 @@ function sanitizeHTML($data, string $base = '', $maxLength = false) { $simplePie->init(); } $result = html_only_entity_decode($simplePie->sanitize->sanitize($data, SIMPLEPIE_CONSTRUCT_HTML, $base)); - if ($maxLength !== false && strlen($result) > $maxLength) { + if ($maxLength !== null && strlen($result) > $maxLength) { //Sanitizing has made the result too long so try again shorter $data = mb_strcut($result, 0, (2 * $maxLength) - strlen($result) - 2, 'UTF-8'); return sanitizeHTML($data, $base, $maxLength); @@ -361,9 +347,9 @@ function sanitizeHTML($data, string $base = '', $maxLength = false) { return $result; } -function cleanCache(int $hours = 720) { +function cleanCache(int $hours = 720): void { // N.B.: GLOB_BRACE is not available on all platforms - $files = array_merge(glob(CACHE_PATH . '/*.html', GLOB_NOSORT), glob(CACHE_PATH . '/*.spc', GLOB_NOSORT)); + $files = array_merge(glob(CACHE_PATH . '/*.html', GLOB_NOSORT) ?: [], glob(CACHE_PATH . '/*.spc', GLOB_NOSORT) ?: []); foreach ($files as $file) { if (substr($file, -10) === 'index.html') { continue; @@ -412,13 +398,16 @@ function enforceHttpEncoding(string $html, string $contentType = ''): string { * @param array $attributes */ function httpGet(string $url, string $cachePath, string $type = 'html', array $attributes = []): string { + if (FreshRSS_Context::$system_conf === null) { + throw new FreshRSS_Context_Exception('System configuration not initialised!'); + } $limits = FreshRSS_Context::$system_conf->limits; $feed_timeout = empty($attributes['timeout']) ? 0 : intval($attributes['timeout']); $cacheMtime = @filemtime($cachePath); if ($cacheMtime !== false && $cacheMtime > time() - intval($limits['cache_duration'])) { $body = @file_get_contents($cachePath); - if ($body != '') { + if ($body != false) { syslog(LOG_DEBUG, 'FreshRSS uses cache for ' . SimplePie_Misc::url_remove_credentials($url)); return $body; } @@ -472,7 +461,7 @@ function httpGet(string $url, string $cachePath, string $type = 'html', array $a } $body = curl_exec($ch); $c_status = curl_getinfo($ch, CURLINFO_HTTP_CODE); - $c_content_type = curl_getinfo($ch, CURLINFO_CONTENT_TYPE); //TODO: Check if that may be null + $c_content_type = '' . curl_getinfo($ch, CURLINFO_CONTENT_TYPE); $c_error = curl_error($ch); curl_close($ch); @@ -481,7 +470,7 @@ function httpGet(string $url, string $cachePath, string $type = 'html', array $a $body = ''; // TODO: Implement HTTP 410 Gone } - if ($body == false) { + if (!is_string($body)) { $body = ''; } else { $body = enforceHttpEncoding($body, $c_content_type); @@ -498,10 +487,9 @@ function httpGet(string $url, string $cachePath, string $type = 'html', array $a * Validate an email address, supports internationalized addresses. * * @param string $email The address to validate - * * @return bool true if email is valid, else false */ -function validateEmailAddress($email) { +function validateEmailAddress(string $email): bool { $mailer = new PHPMailer\PHPMailer\PHPMailer(); $mailer->CharSet = 'utf-8'; $punyemail = $mailer->punyencodeAddress($email); @@ -512,9 +500,8 @@ function validateEmailAddress($email) { * Add support of image lazy loading * Move content from src attribute to data-original * @param string $content is the text we want to parse - * @return string */ -function lazyimg($content) { +function lazyimg(string $content): string { return preg_replace([ '/<((?:img|iframe)[^>]+?)src="([^"]+)"([^>]*)>/i', "/<((?:img|iframe)[^>]+?)src='([^']+)'([^>]*)>/i", @@ -523,18 +510,15 @@ function lazyimg($content) { "<$1src='" . Minz_Url::display('/themes/icons/grey.gif') . "' data-original='$2'$3>", ], $content - ); + ) ?? ''; } -/** - * @return string - */ -function uTimeString() { +function uTimeString(): string { $t = @gettimeofday(); return $t['sec'] . str_pad('' . $t['usec'], 6, '0', STR_PAD_LEFT); } -function invalidateHttpCache($username = '') { +function invalidateHttpCache(string $username = ''): bool { if (!FreshRSS_user_Controller::checkUsername($username)) { Minz_Session::_param('touch', uTimeString()); $username = Minz_Session::param('currentUser', '_'); @@ -549,12 +533,12 @@ function invalidateHttpCache($username = '') { /** * @return array */ -function listUsers() { +function listUsers(): array { $final_list = array(); $base_path = join_path(DATA_PATH, 'users'); $dir_list = array_values(array_diff( - scandir($base_path), - array('..', '.', '_') + scandir($base_path) ?: [], + ['..', '.', '_'] )); foreach ($dir_list as $file) { if ($file[0] !== '.' && is_dir(join_path($base_path, $file)) && file_exists(join_path($base_path, $file, 'config.php'))) { @@ -567,12 +551,14 @@ function listUsers() { /** * Return if the maximum number of registrations has been reached. - * - * Note a max_regstrations of 0 means there is no limit. + * Note a max_registrations of 0 means there is no limit. * * @return boolean true if number of users >= max registrations, false else. */ -function max_registrations_reached() { +function max_registrations_reached(): bool { + if (FreshRSS_Context::$system_conf === null) { + throw new FreshRSS_Context_Exception('System configuration not initialised!'); + } $limit_registrations = FreshRSS_Context::$system_conf->limits['max_registrations']; $number_accounts = count(listUsers()); @@ -589,7 +575,7 @@ function max_registrations_reached() { * @param string $username the name of the user of which we want the configuration. * @return FreshRSS_UserConfiguration|null object, or null if the configuration cannot be loaded. */ -function get_user_configuration($username) { +function get_user_configuration(string $username) { if (!FreshRSS_user_Controller::checkUsername($username)) { return null; } @@ -621,7 +607,7 @@ function get_user_configuration($username) { */ function ipToBits(string $ip): string { $binaryip = ''; - foreach (str_split(inet_pton($ip)) as $char) { + foreach (str_split(inet_pton($ip) ?: '') as $char) { $binaryip .= str_pad(decbin(ord($char)), 8, '0', STR_PAD_LEFT); } return $binaryip; @@ -654,6 +640,9 @@ function checkCIDR(string $ip, string $range): bool { * @return boolean, true if the sender's IP is in one of the ranges defined in the configuration, else false */ function checkTrustedIP(): bool { + if (FreshRSS_Context::$system_conf === null) { + throw new FreshRSS_Context_Exception('System configuration not initialised!'); + } if (!empty($_SERVER['REMOTE_ADDR'])) { foreach (FreshRSS_Context::$system_conf->trusted_sources as $cidr) { if (checkCIDR($_SERVER['REMOTE_ADDR'], $cidr)) { @@ -664,10 +653,7 @@ function checkTrustedIP(): bool { return false; } -/** - * @return string - */ -function httpAuthUser() { +function httpAuthUser(): string { if (!empty($_SERVER['REMOTE_USER'])) { return $_SERVER['REMOTE_USER']; } elseif (!empty($_SERVER['HTTP_REMOTE_USER']) && checkTrustedIP()) { @@ -680,10 +666,7 @@ function httpAuthUser() { return ''; } -/** - * @return bool - */ -function cryptAvailable() { +function cryptAvailable(): bool { try { $hash = '$2y$04$usesomesillystringfore7hnbRJHxXVLeakoG8K30oukPsA.ztMG'; return $hash === @crypt('password', $hash); @@ -699,7 +682,7 @@ function cryptAvailable() { * * @return array of tested values. */ -function check_install_php() { +function check_install_php(): array { $pdo_mysql = extension_loaded('pdo_mysql'); $pdo_pgsql = extension_loaded('pdo_pgsql'); $pdo_sqlite = extension_loaded('pdo_sqlite'); @@ -723,7 +706,7 @@ function check_install_php() { * * @return array of tested values. */ -function check_install_files() { +function check_install_files(): array { return array( // @phpstan-ignore-next-line 'data' => DATA_PATH && touch(DATA_PATH . '/index.html'), // is_writable() is not reliable for a folder on NFS @@ -742,7 +725,7 @@ function check_install_files() { * * @return array of tested values. */ -function check_install_database() { +function check_install_database(): array { $status = array( 'connection' => true, 'tables' => false, @@ -773,17 +756,14 @@ function check_install_database() { /** * Remove a directory recursively. - * * From http://php.net/rmdir#110489 - * - * @param string $dir the directory to remove */ -function recursive_unlink($dir) { +function recursive_unlink(string $dir): bool { if (!is_dir($dir)) { return true; } - $files = array_diff(scandir($dir), array('.', '..')); + $files = array_diff(scandir($dir) ?: [], ['.', '..']); foreach ($files as $filename) { $filename = $dir . '/' . $filename; if (is_dir($filename)) { @@ -803,7 +783,7 @@ function recursive_unlink($dir) { * @param array> $queries an array of queries. * @return array> without queries where $get is appearing. */ -function remove_query_by_get($get, $queries) { +function remove_query_by_get(string $get, array $queries): array { $final_queries = array(); foreach ($queries as $key => $query) { if (empty($query['get']) || $query['get'] !== $get) { @@ -827,7 +807,11 @@ const SHORTCUT_KEYS = [ 'End', 'Enter', 'Escape', 'Home', 'Insert', 'PageDown', 'PageUp', 'Space', 'Tab', ]; -function getNonStandardShortcuts($shortcuts) { +/** + * @param array $shortcuts + * @return array + */ +function getNonStandardShortcuts(array $shortcuts): array { $standard = strtolower(implode(' ', SHORTCUT_KEYS)); $nonStandard = array_filter($shortcuts, function ($shortcut) use ($standard) { @@ -838,7 +822,7 @@ function getNonStandardShortcuts($shortcuts) { return $nonStandard; } -function errorMessageInfo($errorTitle, $error = '') { +function errorMessageInfo(string $errorTitle, string $error = ''): string { $errorTitle = htmlspecialchars($errorTitle, ENT_NOQUOTES, 'UTF-8'); $message = ''; diff --git a/p/api/fever.php b/p/api/fever.php index 13907f16d..88bd05d81 100644 --- a/p/api/fever.php +++ b/p/api/fever.php @@ -17,7 +17,7 @@ require(LIB_PATH . '/lib_rss.php'); //Includes class autoloader FreshRSS_Context::initSystem(); // check if API is enabled globally -if (!FreshRSS_Context::$system_conf->api_enabled) { +if (FreshRSS_Context::$system_conf == null || !FreshRSS_Context::$system_conf->api_enabled) { Minz_Log::warning('Fever API: service unavailable!'); Minz_Log::debug('Fever API: serviceUnavailable() ' . debugInfo(), API_LOG); header('HTTP/1.1 503 Service Unavailable'); @@ -29,12 +29,9 @@ Minz_Session::init('FreshRSS', true); // ================================================================================================ // -$ORIGINAL_INPUT = file_get_contents('php://input', false, null, 0, 1048576); +$ORIGINAL_INPUT = file_get_contents('php://input', false, null, 0, 1048576) ?: '';; -/** - * @return string - */ -function debugInfo() { +function debugInfo(): string { if (function_exists('getallheaders')) { $ALL_HEADERS = getallheaders(); } else { //nginx http://php.net/getallheaders#84262 @@ -62,8 +59,12 @@ function debugInfo() { //Minz_Log::debug(debugInfo(), API_LOG); // -class FeverDAO extends Minz_ModelPdo +final class FeverDAO extends Minz_ModelPdo { + /** + * @param array $values + * @param array $bindArray + */ protected function bindParamArray(string $prefix, array $values, array &$bindArray): string { $str = ''; for ($i = 0; $i < count($values); $i++) { @@ -74,9 +75,11 @@ class FeverDAO extends Minz_ModelPdo } /** + * @param array $feed_ids + * @param array $entry_ids * @return FreshRSS_Entry[] */ - public function findEntries(array $feed_ids, array $entry_ids, string $max_id, string $since_id) { + public function findEntries(array $feed_ids, array $entry_ids, string $max_id, string $since_id): array { $values = array(); $order = ''; $entryDAO = FreshRSS_Factory::createEntryDao(); @@ -110,36 +113,34 @@ class FeverDAO extends Minz_ModelPdo $sql .= ' LIMIT 50'; $stm = $this->pdo->prepare($sql); - $stm->execute($values); - $result = $stm->fetchAll(PDO::FETCH_ASSOC); + if ($stm && $stm->execute($values)) { + $result = $stm->fetchAll(PDO::FETCH_ASSOC); - $entries = array(); - foreach ($result as $dao) { - $entries[] = FreshRSS_Entry::fromArray($dao); - } + $entries = array(); + foreach ($result as $dao) { + $entries[] = FreshRSS_Entry::fromArray($dao); + } - return $entries; + return $entries; + } + return []; } } /** * Class FeverAPI */ -class FeverAPI +final class FeverAPI { const API_LEVEL = 3; const STATUS_OK = 1; const STATUS_ERR = 0; - /** - * @var FreshRSS_EntryDAO|null - */ - private $entryDAO = null; + /** @var FreshRSS_EntryDAO */ + private $entryDAO; - /** - * @var FreshRSS_FeedDAO|null - */ - private $feedDAO = null; + /** @var FreshRSS_FeedDAO */ + private $feedDAO; /** * Authenticate the user @@ -148,6 +149,9 @@ class FeverAPI * your FreshRSS "username:your-api-password" combination */ private function authenticate(): bool { + if (FreshRSS_Context::$system_conf === null) { + throw new FreshRSS_Context_Exception('System configuration not initialised!'); + } FreshRSS_Context::$user_conf = null; Minz_Session::_param('currentUser'); $feverKey = empty($_POST['api_key']) ? '' : substr(trim($_POST['api_key']), 0, 128); @@ -176,16 +180,12 @@ class FeverAPI public function isAuthenticatedApiUser(): bool { $this->authenticate(); - - if (FreshRSS_Context::$user_conf !== null) { - return true; - } - - return false; + return FreshRSS_Context::$user_conf !== null; } /** * This does all the processing, since the fever api does not have a specific variable that specifies the operation + * @return array * @throws Exception */ public function process(): array { @@ -226,37 +226,54 @@ class FeverAPI $response_arr['saved_item_ids'] = $this->getSavedItemIds(); } - $id = isset($_REQUEST['id']) ? '' . $_REQUEST['id'] : ''; - if (isset($_REQUEST['mark'], $_REQUEST['as'], $_REQUEST['id']) && ctype_digit($id)) { - $method_name = 'set' . ucfirst($_REQUEST['mark']) . 'As' . ucfirst($_REQUEST['as']); - $allowedMethods = array( - 'setFeedAsRead', 'setGroupAsRead', 'setItemAsRead', - 'setItemAsSaved', 'setItemAsUnread', 'setItemAsUnsaved' - ); - if (in_array($method_name, $allowedMethods)) { - switch (strtolower($_REQUEST['mark'])) { - case 'item': - $this->{$method_name}($id); - break; - case 'feed': - case 'group': - $before = $_REQUEST['before'] ?? ''; - $this->{$method_name}($id, $before); - break; - } + if (isset($_REQUEST['mark'], $_REQUEST['as'], $_REQUEST['id']) && ctype_digit($_REQUEST['id'])) { + $id = intval($_REQUEST['id']); + $before = intval($_REQUEST['before'] ?? '0'); + switch (strtolower($_REQUEST['mark'])) { + case 'item': + switch ($_REQUEST['as']) { + case 'read': + $this->setItemAsRead($id); + break; + case 'saved': + $this->setItemAsSaved($id); + break; + case 'unread': + $this->setItemAsUnread($id); + break; + case 'unsaved': + $this->setItemAsUnsaved($id); + break; + } + break; + case 'feed': + switch ($_REQUEST['as']) { + case 'read': + $this->setFeedAsRead($id, $before); + break; + } + break; + case 'group': + switch ($_REQUEST['as']) { + case 'read': + $this->setFeedAsRead($id, $before); + break; + } + break; + } - switch ($_REQUEST['as']) { - case 'read': - case 'unread': - $response_arr['unread_item_ids'] = $this->getUnreadItemIds(); - break; + switch ($_REQUEST['as']) { + case 'read': + case 'unread': + $response_arr['unread_item_ids'] = $this->getUnreadItemIds(); + break; - case 'saved': - case 'unsaved': - $response_arr['saved_item_ids'] = $this->getSavedItemIds(); - break; - } + case 'saved': + case 'unsaved': + $response_arr['saved_item_ids'] = $this->getSavedItemIds(); + break; } + } return $response_arr; @@ -264,6 +281,7 @@ class FeverAPI /** * Returns the complete JSON, with 'api_version' and status as 'auth'. + * @param array $reply */ public function wrap(int $status, array $reply = array()): string { $arr = array('api_version' => self::API_LEVEL, 'auth' => $status); @@ -273,7 +291,7 @@ class FeverAPI $arr = array_merge($arr, $reply); } - return json_encode($arr); + return json_encode($arr) ?: ''; } /** @@ -292,6 +310,7 @@ class FeverAPI return $lastUpdate; } + /** @return array> */ protected function getFeeds(): array { $feeds = array(); $myFeeds = $this->feedDAO->listFeeds(); @@ -312,6 +331,7 @@ class FeverAPI return $feeds; } + /** @return array> */ protected function getGroups(): array { $groups = array(); @@ -329,12 +349,15 @@ class FeverAPI return $groups; } + /** @return array> */ protected function getFavicons(): array { + if (FreshRSS_Context::$system_conf == null) { + return []; + } $favicons = array(); $salt = FreshRSS_Context::$system_conf->salt; $myFeeds = $this->feedDAO->listFeeds(); - /** @var FreshRSS_Feed $feed */ foreach ($myFeeds as $feed) { $id = hash('crc32b', $salt . $feed->url()); @@ -345,7 +368,7 @@ class FeverAPI $favicons[] = array( 'id' => $feed->id(), - 'data' => image_type_to_mime_type(exif_imagetype($filename)) . ';base64,' . base64_encode(file_get_contents($filename)) + 'data' => image_type_to_mime_type(exif_imagetype($filename) ?: 0) . ';base64,' . base64_encode(file_get_contents($filename) ?: '') ); } @@ -359,17 +382,19 @@ class FeverAPI return $this->entryDAO->count(); } + /** + * @return array> + */ protected function getFeedsGroup(): array { $groups = array(); $ids = array(); $myFeeds = $this->feedDAO->listFeeds(); - /** @var FreshRSS_Feed $feed */ foreach ($myFeeds as $feed) { $ids[$feed->categoryId()][] = $feed->id(); } - foreach($ids as $category => $feedIds) { + foreach ($ids as $category => $feedIds) { $groups[] = array( 'group_id' => $category, 'feed_ids' => implode(',', $feedIds) @@ -381,13 +406,14 @@ class FeverAPI /** * AFAIK there is no 'hot links' alternative in FreshRSS + * @return array */ protected function getLinks(): array { return array(); } /** - * @param array $ids + * @param array $ids */ protected function entriesToIdList(array $ids = array()): string { return implode(',', array_values($ids)); @@ -398,10 +424,7 @@ class FeverAPI return $this->entriesToIdList($entries); } - /** - * @return string - */ - protected function getSavedItemIds() { + protected function getSavedItemIds(): string { $entries = $this->entryDAO->listIdsWhere('a', '', FreshRSS_Entry::STATE_FAVORITE, 'ASC', 0); return $this->entriesToIdList($entries); } @@ -409,31 +432,32 @@ class FeverAPI /** * @return integer|false */ - protected function setItemAsRead($id) { + protected function setItemAsRead(int $id) { return $this->entryDAO->markRead($id, true); } /** * @return integer|false */ - protected function setItemAsUnread($id) { + protected function setItemAsUnread(int $id) { return $this->entryDAO->markRead($id, false); } /** * @return integer|false */ - protected function setItemAsSaved($id) { + protected function setItemAsSaved(int $id) { return $this->entryDAO->markFavorite($id, true); } /** * @return integer|false */ - protected function setItemAsUnsaved($id) { + protected function setItemAsUnsaved(int $id) { return $this->entryDAO->markFavorite($id, false); } + /** @return array> */ protected function getItems(): array { $feed_ids = array(); $entry_ids = array(); @@ -448,16 +472,16 @@ class FeverAPI if (isset($_REQUEST['group_ids'])) { $categoryDAO = FreshRSS_Factory::createCategoryDao(); $group_ids = explode(',', $_REQUEST['group_ids']); + $feeds = []; foreach ($group_ids as $id) { - /** @var FreshRSS_Category $category */ $category = $categoryDAO->searchById($id); //TODO: Transform to SQL query without loop! Consider FreshRSS_CategoryDAO::listCategories(true) - /** @var FreshRSS_Feed $feed */ - $feeds = []; + if ($category == null) { + continue; + } foreach ($category->feeds() as $feed) { $feeds[] = $feed->id(); } } - $feed_ids = array_unique($feeds); } } @@ -511,30 +535,30 @@ class FeverAPI /** * TODO replace by a dynamic fetch for id <= $before timestamp */ - protected function convertBeforeToId(string $beforeTimestamp): string { - return $beforeTimestamp == '0' ? '0' : $beforeTimestamp . '000000'; + protected function convertBeforeToId(int $beforeTimestamp): string { + return $beforeTimestamp == 0 ? '0' : $beforeTimestamp . '000000'; } /** * @return integer|false */ - protected function setFeedAsRead(string $id, string $before) { + protected function setFeedAsRead(int $id, int $before) { $before = $this->convertBeforeToId($before); - return $this->entryDAO->markReadFeed(intval($id), $before); + return $this->entryDAO->markReadFeed($id, $before); } /** * @return integer|false */ - protected function setGroupAsRead(string $id, string $before) { + protected function setGroupAsRead(int $id, int $before) { $before = $this->convertBeforeToId($before); // special case to mark all items as read - if ($id == '0') { + if ($id == 0) { return $this->entryDAO->markReadEntries($before); } - return $this->entryDAO->markReadCat(intval($id), $before); + return $this->entryDAO->markReadCat($id, $before); } } diff --git a/p/api/greader.php b/p/api/greader.php index a3dad880e..5412bcf1d 100644 --- a/p/api/greader.php +++ b/p/api/greader.php @@ -26,23 +26,15 @@ Server-side API compatible with Google Reader API layer 2 require(__DIR__ . '/../../constants.php'); require(LIB_PATH . '/lib_rss.php'); //Includes class autoloader -$ORIGINAL_INPUT = file_get_contents('php://input', false, null, 0, 1048576); +$ORIGINAL_INPUT = file_get_contents('php://input', false, null, 0, 1048576) ?: ''; if (PHP_INT_SIZE < 8) { //32-bit - /** - * @param string $hex - * @return string - */ - function hex2dec($hex) { + function hex2dec(string $hex): string { if (!ctype_xdigit($hex)) return '0'; return gmp_strval(gmp_init($hex, 16), 10); } } else { //64-bit - /** - * @param string $hex - * @return string - */ - function hex2dec($hex) { + function hex2dec(string $hex): string { if (!ctype_xdigit($hex)) return '0'; return '' . hexdec($hex); } @@ -50,24 +42,28 @@ if (PHP_INT_SIZE < 8) { //32-bit define('JSON_OPTIONS', JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE); -function headerVariable($headerName, $varName) { +function headerVariable(string $headerName, string $varName): string { $header = ''; $upName = 'HTTP_' . strtoupper($headerName); if (isset($_SERVER[$upName])) { - $header = $_SERVER[$upName]; + $header = '' . $_SERVER[$upName]; } elseif (isset($_SERVER['REDIRECT_' . $upName])) { - $header = $_SERVER['REDIRECT_' . $upName]; + $header = '' . $_SERVER['REDIRECT_' . $upName]; } elseif (function_exists('getallheaders')) { $ALL_HEADERS = getallheaders(); if (isset($ALL_HEADERS[$headerName])) { - $header = $ALL_HEADERS[$headerName]; + $header = '' . $ALL_HEADERS[$headerName]; } } parse_str($header, $pairs); - return isset($pairs[$varName]) ? $pairs[$varName] : null; + if (empty($pairs[$varName])) { + return ''; + } + return is_string($pairs[$varName]) ? $pairs[$varName] : ''; } -function multiplePosts($name) { +/** @return array */ +function multiplePosts(string $name): array { //https://bugs.php.net/bug.php?id=51633 global $ORIGINAL_INPUT; $inputs = explode('&', $ORIGINAL_INPUT); @@ -82,10 +78,7 @@ function multiplePosts($name) { return $result; } -/** - * @return string - */ -function debugInfo() { +function debugInfo(): string { if (function_exists('getallheaders')) { $ALL_HEADERS = getallheaders(); } else { //nginx http://php.net/getallheaders#84262 @@ -109,1027 +102,1107 @@ function debugInfo() { return print_r($log, true); } -function badRequest() { - Minz_Log::warning('GReader API: ' . __METHOD__, API_LOG); - Minz_Log::debug('badRequest() ' . debugInfo(), API_LOG); - header('HTTP/1.1 400 Bad Request'); - header('Content-Type: text/plain; charset=UTF-8'); - die('Bad Request!'); -} +final class GReaderAPI { -function unauthorized() { - Minz_Log::warning('GReader API: ' . __METHOD__, API_LOG); - Minz_Log::debug('unauthorized() ' . debugInfo(), API_LOG); - header('HTTP/1.1 401 Unauthorized'); - header('Content-Type: text/plain; charset=UTF-8'); - header('Google-Bad-Token: true'); - die('Unauthorized!'); -} + /** @return never */ + private static function badRequest() { + Minz_Log::warning(__METHOD__, API_LOG); + Minz_Log::debug(__METHOD__ . ' ' . debugInfo(), API_LOG); + header('HTTP/1.1 400 Bad Request'); + header('Content-Type: text/plain; charset=UTF-8'); + die('Bad Request!'); + } -function notImplemented() { - Minz_Log::warning('GReader API: ' . __METHOD__, API_LOG); - Minz_Log::debug('notImplemented() ' . debugInfo(), API_LOG); - header('HTTP/1.1 501 Not Implemented'); - header('Content-Type: text/plain; charset=UTF-8'); - die('Not Implemented!'); -} + /** @return never */ + private static function unauthorized() { + Minz_Log::warning(__METHOD__, API_LOG); + Minz_Log::debug(__METHOD__ . ' ' . debugInfo(), API_LOG); + header('HTTP/1.1 401 Unauthorized'); + header('Content-Type: text/plain; charset=UTF-8'); + header('Google-Bad-Token: true'); + die('Unauthorized!'); + } -function serviceUnavailable() { - Minz_Log::warning('GReader API: ' . __METHOD__, API_LOG); - Minz_Log::debug('serviceUnavailable() ' . debugInfo(), API_LOG); - header('HTTP/1.1 503 Service Unavailable'); - header('Content-Type: text/plain; charset=UTF-8'); - die('Service Unavailable!'); -} + /** @return never */ + private static function internalServerError() { + Minz_Log::warning(__METHOD__, API_LOG); + Minz_Log::debug(__METHOD__ . ' ' . debugInfo(), API_LOG); + header('HTTP/1.1 500 Internal Server Error'); + header('Content-Type: text/plain; charset=UTF-8'); + die('Internal Server Error!'); + } -function checkCompatibility() { - Minz_Log::warning('GReader API: ' . __METHOD__, API_LOG); - Minz_Log::debug('checkCompatibility() ' . debugInfo(), API_LOG); - header('Content-Type: text/plain; charset=UTF-8'); - if (PHP_INT_SIZE < 8 && !function_exists('gmp_init')) { - die('FAIL 64-bit or GMP extension! Wrong PHP configuration.'); + /** @return never */ + private static function notImplemented() { + Minz_Log::warning(__METHOD__, API_LOG); + Minz_Log::debug(__METHOD__ . ' ' . debugInfo(), API_LOG); + header('HTTP/1.1 501 Not Implemented'); + header('Content-Type: text/plain; charset=UTF-8'); + die('Not Implemented!'); } - $headerAuth = headerVariable('Authorization', 'GoogleLogin_auth'); - if ($headerAuth == '') { - die('FAIL get HTTP Authorization header! Wrong Web server configuration.'); + + /** @return never */ + private static function serviceUnavailable() { + Minz_Log::warning(__METHOD__, API_LOG); + Minz_Log::debug(__METHOD__ . ' ' . debugInfo(), API_LOG); + header('HTTP/1.1 503 Service Unavailable'); + header('Content-Type: text/plain; charset=UTF-8'); + die('Service Unavailable!'); } - echo 'PASS'; - exit(); -} -function authorizationToUser() { - //Input is 'GoogleLogin auth', but PHP replaces spaces by '_' http://php.net/language.variables.external - $headerAuth = headerVariable('Authorization', 'GoogleLogin_auth'); - if ($headerAuth != '') { - $headerAuthX = explode('/', $headerAuth, 2); - if (count($headerAuthX) === 2) { - $user = $headerAuthX[0]; - if (FreshRSS_user_Controller::checkUsername($user)) { - FreshRSS_Context::initUser($user); - if (FreshRSS_Context::$user_conf == null) { - Minz_Log::warning('Invalid API user ' . $user . ': configuration cannot be found.'); - unauthorized(); - } - if (!FreshRSS_Context::$user_conf->enabled) { - Minz_Log::warning('Invalid API user ' . $user . ': configuration cannot be found.'); - unauthorized(); - } - if ($headerAuthX[1] === sha1(FreshRSS_Context::$system_conf->salt . $user . FreshRSS_Context::$user_conf->apiPasswordHash)) { - return $user; + /** @return never */ + private static function checkCompatibility() { + Minz_Log::warning(__METHOD__, API_LOG); + Minz_Log::debug(__METHOD__ . ' ' . debugInfo(), API_LOG); + header('Content-Type: text/plain; charset=UTF-8'); + if (PHP_INT_SIZE < 8 && !function_exists('gmp_init')) { + die('FAIL 64-bit or GMP extension! Wrong PHP configuration.'); + } + $headerAuth = headerVariable('Authorization', 'GoogleLogin_auth'); + if ($headerAuth == '') { + die('FAIL get HTTP Authorization header! Wrong Web server configuration.'); + } + echo 'PASS'; + exit(); + } + + private static function authorizationToUser(): string { + //Input is 'GoogleLogin auth', but PHP replaces spaces by '_' http://php.net/language.variables.external + $headerAuth = headerVariable('Authorization', 'GoogleLogin_auth'); + if ($headerAuth != '') { + $headerAuthX = explode('/', $headerAuth, 2); + if (count($headerAuthX) === 2) { + $user = $headerAuthX[0]; + if (FreshRSS_user_Controller::checkUsername($user)) { + FreshRSS_Context::initUser($user); + if (FreshRSS_Context::$user_conf == null || FreshRSS_Context::$system_conf == null) { + Minz_Log::warning('Invalid API user ' . $user . ': configuration cannot be found.'); + self::unauthorized(); + } + if (!FreshRSS_Context::$user_conf->enabled) { + Minz_Log::warning('Invalid API user ' . $user . ': configuration cannot be found.'); + self::unauthorized(); + } + if ($headerAuthX[1] === sha1(FreshRSS_Context::$system_conf->salt . $user . FreshRSS_Context::$user_conf->apiPasswordHash)) { + return $user; + } else { + Minz_Log::warning('Invalid API authorisation for user ' . $user); + self::unauthorized(); + } } else { - Minz_Log::warning('Invalid API authorisation for user ' . $user); - unauthorized(); + self::badRequest(); } - } else { - badRequest(); } } + return ''; } - return ''; -} -function clientLogin($email, $pass) { - //https://web.archive.org/web/20130604091042/http://undoc.in/clientLogin.html - if (FreshRSS_user_Controller::checkUsername($email)) { - FreshRSS_Context::initUser($email); - if (FreshRSS_Context::$user_conf == null) { - Minz_Log::warning('Invalid API user ' . $email . ': configuration cannot be found.'); - unauthorized(); - } + /** @return never */ + private static function clientLogin(string $email, string $pass) { + //https://web.archive.org/web/20130604091042/http://undoc.in/clientLogin.html + if (FreshRSS_user_Controller::checkUsername($email)) { + FreshRSS_Context::initUser($email); + if (FreshRSS_Context::$user_conf == null || FreshRSS_Context::$system_conf == null) { + Minz_Log::warning('Invalid API user ' . $email . ': configuration cannot be found.'); + self::unauthorized(); + } - if (FreshRSS_Context::$user_conf->apiPasswordHash != '' && password_verify($pass, FreshRSS_Context::$user_conf->apiPasswordHash)) { - header('Content-Type: text/plain; charset=UTF-8'); - $auth = $email . '/' . sha1(FreshRSS_Context::$system_conf->salt . $email . FreshRSS_Context::$user_conf->apiPasswordHash); - echo 'SID=', $auth, "\n", - 'LSID=null', "\n", //Vienna RSS - 'Auth=', $auth, "\n"; - exit(); + if (FreshRSS_Context::$user_conf->apiPasswordHash != '' && password_verify($pass, FreshRSS_Context::$user_conf->apiPasswordHash)) { + header('Content-Type: text/plain; charset=UTF-8'); + $auth = $email . '/' . sha1(FreshRSS_Context::$system_conf->salt . $email . FreshRSS_Context::$user_conf->apiPasswordHash); + echo 'SID=', $auth, "\n", + 'LSID=null', "\n", //Vienna RSS + 'Auth=', $auth, "\n"; + exit(); + } else { + Minz_Log::warning('Password API mismatch for user ' . $email); + self::unauthorized(); + } } else { - Minz_Log::warning('Password API mismatch for user ' . $email); - unauthorized(); + self::badRequest(); } - } else { - badRequest(); } - die(); -} -function token($conf) { -//http://blog.martindoms.com/2009/08/15/using-the-google-reader-api-part-1/ -//https://github.com/ericmann/gReader-Library/blob/master/greader.class.php - $user = Minz_Session::param('currentUser', '_'); - //Minz_Log::debug('token('. $user . ')', API_LOG); //TODO: Implement real token that expires - $token = str_pad(sha1(FreshRSS_Context::$system_conf->salt . $user . $conf->apiPasswordHash), 57, 'Z'); //Must have 57 characters - echo $token, "\n"; - exit(); -} + /** + * @return never + */ + private static function token(?FreshRSS_UserConfiguration $conf) { + //http://blog.martindoms.com/2009/08/15/using-the-google-reader-api-part-1/ + //https://github.com/ericmann/gReader-Library/blob/master/greader.class.php + if ($conf == null || FreshRSS_Context::$system_conf == null) { + self::unauthorized(); + } + $user = Minz_Session::param('currentUser', '_'); + //Minz_Log::debug('token('. $user . ')', API_LOG); //TODO: Implement real token that expires + $token = str_pad(sha1(FreshRSS_Context::$system_conf->salt . $user . $conf->apiPasswordHash), 57, 'Z'); //Must have 57 characters + echo $token, "\n"; + exit(); + } -function checkToken(FreshRSS_UserConfiguration $conf, string $token) { -//http://code.google.com/p/google-reader-api/wiki/ActionToken - $user = Minz_Session::param('currentUser', '_'); - if ($user !== '_' && ( //TODO: Check security consequences - $token == '' || //FeedMe - $token === 'x')) { //Reeder - return true; + private static function checkToken(?FreshRSS_UserConfiguration $conf, string $token): bool { + //http://code.google.com/p/google-reader-api/wiki/ActionToken + if ($conf == null || FreshRSS_Context::$system_conf == null) { + self::unauthorized(); + } + $user = Minz_Session::param('currentUser', '_'); + if ($user !== '_' && ( //TODO: Check security consequences + $token == '' || //FeedMe + $token === 'x')) { //Reeder + return true; + } + if ($token === str_pad(sha1(FreshRSS_Context::$system_conf->salt . $user . $conf->apiPasswordHash), 57, 'Z')) { + return true; + } + Minz_Log::warning('Invalid POST token: ' . $token, API_LOG); + self::unauthorized(); } - if ($token === str_pad(sha1(FreshRSS_Context::$system_conf->salt . $user . $conf->apiPasswordHash), 57, 'Z')) { - return true; + + /** @return never */ + private static function userInfo() { + //https://github.com/theoldreader/api#user-info + if (FreshRSS_Context::$user_conf == null) { + self::unauthorized(); + } + $user = Minz_Session::param('currentUser', '_'); + exit(json_encode(array( + 'userId' => $user, + 'userName' => $user, + 'userProfileId' => $user, + 'userEmail' => FreshRSS_Context::$user_conf->mail_login, + ), JSON_OPTIONS)); } - Minz_Log::warning('Invalid POST token: ' . $token, API_LOG); - unauthorized(); -} -function userInfo() { - //https://github.com/theoldreader/api#user-info - $user = Minz_Session::param('currentUser', '_'); - exit(json_encode(array( - 'userId' => $user, - 'userName' => $user, - 'userProfileId' => $user, - 'userEmail' => FreshRSS_Context::$user_conf->mail_login, - ), JSON_OPTIONS)); -} + /** @return never */ + private static function tagList() { + header('Content-Type: application/json; charset=UTF-8'); -function tagList() { - header('Content-Type: application/json; charset=UTF-8'); - - $tags = array( - array('id' => 'user/-/state/com.google/starred'), - //array('id' => 'user/-/state/com.google/broadcast', 'sortid' => '2'), - ); - - $categoryDAO = FreshRSS_Factory::createCategoryDao(); - $categories = $categoryDAO->listCategories(true, false); - foreach ($categories as $cat) { - $tags[] = array( - 'id' => 'user/-/label/' . htmlspecialchars_decode($cat->name(), ENT_QUOTES), - //'sortid' => $cat->name(), - 'type' => 'folder', //Inoreader + $tags = array( + array('id' => 'user/-/state/com.google/starred'), + //array('id' => 'user/-/state/com.google/broadcast', 'sortid' => '2'), ); - } - $tagDAO = FreshRSS_Factory::createTagDao(); - $labels = $tagDAO->listTags(true); - foreach ($labels as $label) { - $tags[] = array( - 'id' => 'user/-/label/' . htmlspecialchars_decode($label->name(), ENT_QUOTES), - //'sortid' => $label->name(), - 'type' => 'tag', //Inoreader - 'unread_count' => $label->nbUnread(), //Inoreader - ); - } + $categoryDAO = FreshRSS_Factory::createCategoryDao(); + $categories = $categoryDAO->listCategories(true, false); + foreach ($categories as $cat) { + $tags[] = array( + 'id' => 'user/-/label/' . htmlspecialchars_decode($cat->name(), ENT_QUOTES), + //'sortid' => $cat->name(), + 'type' => 'folder', //Inoreader + ); + } - echo json_encode(array('tags' => $tags), JSON_OPTIONS), "\n"; - exit(); -} + $tagDAO = FreshRSS_Factory::createTagDao(); + $labels = $tagDAO->listTags(true); + foreach ($labels as $label) { + $tags[] = array( + 'id' => 'user/-/label/' . htmlspecialchars_decode($label->name(), ENT_QUOTES), + //'sortid' => $label->name(), + 'type' => 'tag', //Inoreader + 'unread_count' => $label->nbUnread(), //Inoreader + ); + } -function subscriptionExport() { - $user = Minz_Session::param('currentUser', '_'); - $export_service = new FreshRSS_Export_Service($user); - list($filename, $content) = $export_service->generateOpml(); - header('Content-Type: application/xml; charset=UTF-8'); - header('Content-disposition: attachment; filename="' . $filename . '"'); - echo $content; - exit(); -} + echo json_encode(array('tags' => $tags), JSON_OPTIONS), "\n"; + exit(); + } -function subscriptionImport($opml) { - $user = Minz_Session::param('currentUser', '_'); - $importService = new FreshRSS_Import_Service($user); - $importService->importOpml($opml); - if ($importService->lastStatus()) { - list($nbUpdatedFeeds, $feed, $nbNewArticles) = FreshRSS_feed_Controller::actualizeFeed(0, '', true); - invalidateHttpCache($user); - exit('OK'); - } else { - badRequest(); + /** @return never */ + private static function subscriptionExport() { + $user = '' . Minz_Session::param('currentUser', '_'); + $export_service = new FreshRSS_Export_Service($user); + list($filename, $content) = $export_service->generateOpml(); + header('Content-Type: application/xml; charset=UTF-8'); + header('Content-disposition: attachment; filename="' . $filename . '"'); + echo $content; + exit(); } -} -function subscriptionList() { - header('Content-Type: application/json; charset=UTF-8'); - - $salt = FreshRSS_Context::$system_conf->salt; - $faviconsUrl = Minz_Url::display('/f.php?', '', true); - $faviconsUrl = str_replace('/api/greader.php/reader/api/0/subscription', '', $faviconsUrl); //Security if base_url is not set properly - $subscriptions = array(); - - $categoryDAO = FreshRSS_Factory::createCategoryDao(); - foreach ($categoryDAO->listCategories(true, true) as $cat) { - foreach ($cat->feeds() as $feed) { - $subscriptions[] = [ - 'id' => 'feed/' . $feed->id(), - 'title' => escapeToUnicodeAlternative($feed->name(), true), - 'categories' => [ - [ - 'id' => 'user/-/label/' . htmlspecialchars_decode($cat->name(), ENT_QUOTES), - 'label' => htmlspecialchars_decode($cat->name(), ENT_QUOTES), - ], - ], - //'sortid' => $feed->name(), - //'firstitemmsec' => 0, - 'url' => htmlspecialchars_decode($feed->url(), ENT_QUOTES), - 'htmlUrl' => htmlspecialchars_decode($feed->website(), ENT_QUOTES), - 'iconUrl' => $faviconsUrl . hash('crc32b', $salt . $feed->url()), - ]; + /** @return never */ + private static function subscriptionImport(string $opml) { + $user = '' . Minz_Session::param('currentUser', '_'); + $importService = new FreshRSS_Import_Service($user); + $importService->importOpml($opml); + if ($importService->lastStatus()) { + FreshRSS_feed_Controller::actualizeFeed(0, '', true); + invalidateHttpCache($user); + exit('OK'); + } else { + self::badRequest(); } } - echo json_encode(array('subscriptions' => $subscriptions), JSON_OPTIONS), "\n"; - exit(); -} + /** @return never */ + private static function subscriptionList() { + if (FreshRSS_Context::$system_conf == null) { + self::internalServerError(); + } + header('Content-Type: application/json; charset=UTF-8'); + $salt = FreshRSS_Context::$system_conf->salt; + $faviconsUrl = Minz_Url::display('/f.php?', '', true); + $faviconsUrl = str_replace('/api/greader.php/reader/api/0/subscription', '', $faviconsUrl); //Security if base_url is not set properly + $subscriptions = array(); -function subscriptionEdit($streamNames, $titles, $action, $add = '', $remove = '') { - //https://github.com/mihaip/google-reader-api/blob/master/wiki/ApiSubscriptionEdit.wiki - switch ($action) { - case 'subscribe': - case 'unsubscribe': - case 'edit': - break; - default: - badRequest(); - } - $addCatId = 0; - $categoryDAO = null; - if ($add != '' || $remove != '') { $categoryDAO = FreshRSS_Factory::createCategoryDao(); - } - $c_name = ''; - if ($add != '' && strpos($add, 'user/') === 0) { //user/-/label/Example ; user/username/label/Example - if (strpos($add, 'user/-/label/') === 0) { - $c_name = substr($add, 13); - } else { - $user = Minz_Session::param('currentUser', '_'); - $prefix = 'user/' . $user . '/label/'; - if (strpos($add, $prefix) === 0) { - $c_name = substr($add, strlen($prefix)); - } else { - $c_name = ''; + foreach ($categoryDAO->listCategories(true, true) as $cat) { + foreach ($cat->feeds() as $feed) { + $subscriptions[] = [ + 'id' => 'feed/' . $feed->id(), + 'title' => escapeToUnicodeAlternative($feed->name(), true), + 'categories' => [ + [ + 'id' => 'user/-/label/' . htmlspecialchars_decode($cat->name(), ENT_QUOTES), + 'label' => htmlspecialchars_decode($cat->name(), ENT_QUOTES), + ], + ], + //'sortid' => $feed->name(), + //'firstitemmsec' => 0, + 'url' => htmlspecialchars_decode($feed->url(), ENT_QUOTES), + 'htmlUrl' => htmlspecialchars_decode($feed->website(), ENT_QUOTES), + 'iconUrl' => $faviconsUrl . hash('crc32b', $salt . $feed->url()), + ]; } } - $c_name = htmlspecialchars($c_name, ENT_COMPAT, 'UTF-8'); - $cat = $categoryDAO->searchByName($c_name); - $addCatId = $cat == null ? 0 : $cat->id(); - } elseif ($remove != '' && strpos($remove, 'user/-/label/') === 0) { - $addCatId = 1; //Default category - } - $feedDAO = FreshRSS_Factory::createFeedDao(); - if (!is_array($streamNames) || count($streamNames) < 1) { - badRequest(); + + echo json_encode(array('subscriptions' => $subscriptions), JSON_OPTIONS), "\n"; + exit(); } - for ($i = count($streamNames) - 1; $i >= 0; $i--) { - $streamUrl = $streamNames[$i]; //feed/http://example.net/sample.xml ; feed/338 - if (strpos($streamUrl, 'feed/') === 0) { - $streamUrl = preg_replace('%^(feed/)+%', '', $streamUrl); - $feedId = 0; - if (ctype_digit($streamUrl)) { - if ($action === 'subscribe') { - continue; - } - $feedId = $streamUrl; + + /** + * @param array $streamNames + * @param array $titles + * @return never + */ + private static function subscriptionEdit(array $streamNames, array $titles, string $action, string $add = '', string $remove = '') { + //https://github.com/mihaip/google-reader-api/blob/master/wiki/ApiSubscriptionEdit.wiki + switch ($action) { + case 'subscribe': + case 'unsubscribe': + case 'edit': + break; + default: + self::badRequest(); + } + $addCatId = 0; + $categoryDAO = null; + if ($add != '' || $remove != '') { + $categoryDAO = FreshRSS_Factory::createCategoryDao(); + } + $c_name = ''; + if ($add != '' && strpos($add, 'user/') === 0) { //user/-/label/Example ; user/username/label/Example + if (strpos($add, 'user/-/label/') === 0) { + $c_name = substr($add, 13); } else { - $streamUrl = htmlspecialchars($streamUrl, ENT_COMPAT, 'UTF-8'); - $feed = $feedDAO->searchByUrl($streamUrl); - $feedId = $feed == null ? -1 : $feed->id(); + $user = Minz_Session::param('currentUser', '_'); + $prefix = 'user/' . $user . '/label/'; + if (strpos($add, $prefix) === 0) { + $c_name = substr($add, strlen($prefix)); + } else { + $c_name = ''; + } } - $title = isset($titles[$i]) ? $titles[$i] : ''; - $title = htmlspecialchars($title, ENT_COMPAT, 'UTF-8'); - switch ($action) { - case 'subscribe': - if ($feedId <= 0) { - $http_auth = ''; - try { - $feed = FreshRSS_feed_Controller::addFeed($streamUrl, $title, $addCatId, $c_name, $http_auth); - continue 2; - } catch (Exception $e) { - Minz_Log::error('subscriptionEdit error subscribe: ' . $e->getMessage(), API_LOG); - } - } - badRequest(); - break; - case 'unsubscribe': - if (!($feedId > 0 && FreshRSS_feed_Controller::deleteFeed($feedId))) { - badRequest(); + $c_name = htmlspecialchars($c_name, ENT_COMPAT, 'UTF-8'); + $cat = $categoryDAO->searchByName($c_name); + $addCatId = $cat == null ? 0 : $cat->id(); + } elseif ($remove != '' && strpos($remove, 'user/-/label/') === 0) { + $addCatId = 1; //Default category + } + $feedDAO = FreshRSS_Factory::createFeedDao(); + if (!is_array($streamNames) || count($streamNames) < 1) { + self::badRequest(); + } + for ($i = count($streamNames) - 1; $i >= 0; $i--) { + $streamUrl = $streamNames[$i]; //feed/http://example.net/sample.xml ; feed/338 + if (strpos($streamUrl, 'feed/') === 0) { + $streamUrl = '' . preg_replace('%^(feed/)+%', '', $streamUrl); + $feedId = 0; + if (ctype_digit($streamUrl)) { + if ($action === 'subscribe') { + continue; } - break; - case 'edit': - if ($feedId > 0) { - if ($addCatId > 0 || $c_name != '') { - FreshRSS_feed_Controller::moveFeed($feedId, $addCatId, $c_name); + $feedId = $streamUrl; + } else { + $streamUrl = htmlspecialchars($streamUrl, ENT_COMPAT, 'UTF-8'); + $feed = $feedDAO->searchByUrl($streamUrl); + $feedId = $feed == null ? -1 : $feed->id(); + } + $title = isset($titles[$i]) ? $titles[$i] : ''; + $title = htmlspecialchars($title, ENT_COMPAT, 'UTF-8'); + switch ($action) { + case 'subscribe': + if ($feedId <= 0) { + $http_auth = ''; + try { + $feed = FreshRSS_feed_Controller::addFeed($streamUrl, $title, $addCatId, $c_name, $http_auth); + continue 2; + } catch (Exception $e) { + Minz_Log::error('subscriptionEdit error subscribe: ' . $e->getMessage(), API_LOG); + } } - if ($title != '') { - FreshRSS_feed_Controller::renameFeed($feedId, $title); + self::badRequest(); + // Always exits + case 'unsubscribe': + if (!($feedId > 0 && FreshRSS_feed_Controller::deleteFeed($feedId))) { + self::badRequest(); } - } else { - badRequest(); - } - break; + break; + case 'edit': + if ($feedId > 0) { + if ($addCatId > 0 || $c_name != '') { + FreshRSS_feed_Controller::moveFeed($feedId, $addCatId, $c_name); + } + if ($title != '') { + FreshRSS_feed_Controller::renameFeed($feedId, $title); + } + } else { + self::badRequest(); + } + break; + } } } + exit('OK'); } - exit('OK'); -} -function quickadd($url) { - try { - $url = htmlspecialchars($url, ENT_COMPAT, 'UTF-8'); - if (substr($url, 0, 5) === 'feed/') { - $url = substr($url, 5); + /** @return never */ + private static function quickadd(string $url) { + try { + $url = htmlspecialchars($url, ENT_COMPAT, 'UTF-8'); + if (substr($url, 0, 5) === 'feed/') { + $url = substr($url, 5); + } + $feed = FreshRSS_feed_Controller::addFeed($url); + exit(json_encode(array( + 'numResults' => 1, + 'query' => $feed->url(), + 'streamId' => 'feed/' . $feed->id(), + 'streamName' => $feed->name(), + ), JSON_OPTIONS)); + } catch (Exception $e) { + Minz_Log::error('quickadd error: ' . $e->getMessage(), API_LOG); + die(json_encode(array( + 'numResults' => 0, + 'error' => $e->getMessage(), + ), JSON_OPTIONS)); } - $feed = FreshRSS_feed_Controller::addFeed($url); - exit(json_encode(array( - 'numResults' => 1, - 'query' => $feed->url(), - 'streamId' => 'feed/' . $feed->id(), - 'streamName' => $feed->name(), - ), JSON_OPTIONS)); - } catch (Exception $e) { - Minz_Log::error('quickadd error: ' . $e->getMessage(), API_LOG); - die(json_encode(array( - 'numResults' => 0, - 'error' => $e->getMessage(), - ), JSON_OPTIONS)); } -} - -function unreadCount() { - //http://blog.martindoms.com/2009/10/16/using-the-google-reader-api-part-2/#unread-count - header('Content-Type: application/json; charset=UTF-8'); - $totalUnreads = 0; - $totalLastUpdate = 0; + /** @return never */ + private static function unreadCount() { + //http://blog.martindoms.com/2009/10/16/using-the-google-reader-api-part-2/#unread-count + header('Content-Type: application/json; charset=UTF-8'); - $categoryDAO = FreshRSS_Factory::createCategoryDao(); - $feedDAO = FreshRSS_Factory::createFeedDao(); - $feedsNewestItemUsec = $feedDAO->listFeedsNewestItemUsec(); + $totalUnreads = 0; + $totalLastUpdate = 0; - foreach ($categoryDAO->listCategories(true, true) as $cat) { - $catLastUpdate = 0; - foreach ($cat->feeds() as $feed) { - $lastUpdate = isset($feedsNewestItemUsec['f_' . $feed->id()]) ? $feedsNewestItemUsec['f_' . $feed->id()] : 0; + $categoryDAO = FreshRSS_Factory::createCategoryDao(); + $feedDAO = FreshRSS_Factory::createFeedDao(); + $feedsNewestItemUsec = $feedDAO->listFeedsNewestItemUsec(); + + foreach ($categoryDAO->listCategories(true, true) as $cat) { + $catLastUpdate = 0; + foreach ($cat->feeds() as $feed) { + $lastUpdate = isset($feedsNewestItemUsec['f_' . $feed->id()]) ? $feedsNewestItemUsec['f_' . $feed->id()] : 0; + $unreadcounts[] = array( + 'id' => 'feed/' . $feed->id(), + 'count' => $feed->nbNotRead(), + 'newestItemTimestampUsec' => '' . $lastUpdate, + ); + if ($catLastUpdate < $lastUpdate) { + $catLastUpdate = $lastUpdate; + } + } $unreadcounts[] = array( - 'id' => 'feed/' . $feed->id(), - 'count' => $feed->nbNotRead(), - 'newestItemTimestampUsec' => '' . $lastUpdate, + 'id' => 'user/-/label/' . htmlspecialchars_decode($cat->name(), ENT_QUOTES), + 'count' => $cat->nbNotRead(), + 'newestItemTimestampUsec' => '' . $catLastUpdate, ); - if ($catLastUpdate < $lastUpdate) { - $catLastUpdate = $lastUpdate; + $totalUnreads += $cat->nbNotRead(); + if ($totalLastUpdate < $catLastUpdate) { + $totalLastUpdate = $catLastUpdate; } } - $unreadcounts[] = array( - 'id' => 'user/-/label/' . htmlspecialchars_decode($cat->name(), ENT_QUOTES), - 'count' => $cat->nbNotRead(), - 'newestItemTimestampUsec' => '' . $catLastUpdate, - ); - $totalUnreads += $cat->nbNotRead(); - if ($totalLastUpdate < $catLastUpdate) { - $totalLastUpdate = $catLastUpdate; + + $tagDAO = FreshRSS_Factory::createTagDao(); + $tagsNewestItemUsec = $tagDAO->listTagsNewestItemUsec(); + foreach ($tagDAO->listTags(true) as $label) { + $lastUpdate = isset($tagsNewestItemUsec['t_' . $label->id()]) ? $tagsNewestItemUsec['t_' . $label->id()] : 0; + $unreadcounts[] = array( + 'id' => 'user/-/label/' . htmlspecialchars_decode($label->name(), ENT_QUOTES), + 'count' => $label->nbUnread(), + 'newestItemTimestampUsec' => '' . $lastUpdate, + ); } - } - $tagDAO = FreshRSS_Factory::createTagDao(); - $tagsNewestItemUsec = $tagDAO->listTagsNewestItemUsec(); - foreach ($tagDAO->listTags(true) as $label) { - $lastUpdate = isset($tagsNewestItemUsec['t_' . $label->id()]) ? $tagsNewestItemUsec['t_' . $label->id()] : 0; $unreadcounts[] = array( - 'id' => 'user/-/label/' . htmlspecialchars_decode($label->name(), ENT_QUOTES), - 'count' => $label->nbUnread(), - 'newestItemTimestampUsec' => '' . $lastUpdate, + 'id' => 'user/-/state/com.google/reading-list', + 'count' => $totalUnreads, + 'newestItemTimestampUsec' => '' . $totalLastUpdate, ); - } - $unreadcounts[] = array( - 'id' => 'user/-/state/com.google/reading-list', - 'count' => $totalUnreads, - 'newestItemTimestampUsec' => '' . $totalLastUpdate, - ); - - echo json_encode(array( - 'max' => $totalUnreads, - 'unreadcounts' => $unreadcounts, - ), JSON_OPTIONS), "\n"; - exit(); -} - -function entriesToArray($entries) { - if (empty($entries)) { - return array(); + echo json_encode(array( + 'max' => $totalUnreads, + 'unreadcounts' => $unreadcounts, + ), JSON_OPTIONS), "\n"; + exit(); } - $catDAO = FreshRSS_Factory::createCategoryDao(); - $categories = $catDAO->listCategories(true); - $tagDAO = FreshRSS_Factory::createTagDao(); - $entryIdsTagNames = $tagDAO->getEntryIdsTagNames($entries); - if ($entryIdsTagNames == false) { - $entryIdsTagNames = array(); - } + /** + * @param array $entries + * @return array> + */ + private static function entriesToArray(array $entries): array { + if (empty($entries)) { + return array(); + } + $catDAO = FreshRSS_Factory::createCategoryDao(); + $categories = $catDAO->listCategories(true); - $items = array(); - foreach ($entries as $item) { - /** @var FreshRSS_Entry $entry */ - $entry = Minz_ExtensionManager::callHook('entry_before_display', $item); - if ($entry == null) { - continue; + $tagDAO = FreshRSS_Factory::createTagDao(); + $entryIdsTagNames = $tagDAO->getEntryIdsTagNames($entries); + if ($entryIdsTagNames == false) { + $entryIdsTagNames = array(); } - $feed = FreshRSS_CategoryDAO::findFeed($categories, $entry->feedId()); - $entry->_feed($feed); + $items = array(); + foreach ($entries as $item) { + /** @var FreshRSS_Entry $entry */ + $entry = Minz_ExtensionManager::callHook('entry_before_display', $item); + if ($entry == null) { + continue; + } - if (isset($entryIdsTagNames['e_' . $entry->id()])) { - $entry->_tags($entryIdsTagNames['e_' . $entry->id()]); - } + $feed = FreshRSS_CategoryDAO::findFeed($categories, $entry->feedId()); + $entry->_feed($feed); - $items[] = $entry->toGReader('compat'); + if (isset($entryIdsTagNames['e_' . $entry->id()])) { + $entry->_tags($entryIdsTagNames['e_' . $entry->id()]); + } + + $items[] = $entry->toGReader('compat'); + } + return $items; } - return $items; -} -function streamContentsFilters($type, $streamId, $filter_target, $exclude_target, $start_time, $stop_time) { - switch ($type) { - case 'f': //feed - if ($streamId != '' && !ctype_digit($streamId)) { - $feedDAO = FreshRSS_Factory::createFeedDao(); + /** + * @return array + */ + private static function streamContentsFilters(string $type, string $streamId, + string $filter_target, string $exclude_target, int $start_time, int $stop_time): array { + switch ($type) { + case 'f': //feed + if ($streamId != '' && !ctype_digit($streamId)) { + $feedDAO = FreshRSS_Factory::createFeedDao(); + $streamId = htmlspecialchars($streamId, ENT_COMPAT, 'UTF-8'); + $feed = $feedDAO->searchByUrl($streamId); + $streamId = $feed == null ? -1 : $feed->id(); + } + break; + case 'c': //category or label + $categoryDAO = FreshRSS_Factory::createCategoryDao(); $streamId = htmlspecialchars($streamId, ENT_COMPAT, 'UTF-8'); - $feed = $feedDAO->searchByUrl($streamId); - $streamId = $feed == null ? -1 : $feed->id(); - } - break; - case 'c': //category or label - $categoryDAO = FreshRSS_Factory::createCategoryDao(); - $streamId = htmlspecialchars($streamId, ENT_COMPAT, 'UTF-8'); - $cat = $categoryDAO->searchByName($streamId); - if ($cat != null) { - $type = 'c'; - $streamId = $cat->id(); - } else { - $tagDAO = FreshRSS_Factory::createTagDao(); - $tag = $tagDAO->searchByName($streamId); - if ($tag != null) { - $type = 't'; - $streamId = $tag->id(); + $cat = $categoryDAO->searchByName($streamId); + if ($cat != null) { + $type = 'c'; + $streamId = $cat->id(); } else { - $type = 'A'; - $streamId = -1; + $tagDAO = FreshRSS_Factory::createTagDao(); + $tag = $tagDAO->searchByName($streamId); + if ($tag != null) { + $type = 't'; + $streamId = $tag->id(); + } else { + $type = 'A'; + $streamId = -1; + } } - } - break; - } + break; + } - switch ($filter_target) { - case 'user/-/state/com.google/read': - $state = FreshRSS_Entry::STATE_READ; - break; - case 'user/-/state/com.google/unread': - $state = FreshRSS_Entry::STATE_NOT_READ; - break; - case 'user/-/state/com.google/starred': - $state = FreshRSS_Entry::STATE_FAVORITE; - break; - default: - $state = FreshRSS_Entry::STATE_ALL; - break; - } + switch ($filter_target) { + case 'user/-/state/com.google/read': + $state = FreshRSS_Entry::STATE_READ; + break; + case 'user/-/state/com.google/unread': + $state = FreshRSS_Entry::STATE_NOT_READ; + break; + case 'user/-/state/com.google/starred': + $state = FreshRSS_Entry::STATE_FAVORITE; + break; + default: + $state = FreshRSS_Entry::STATE_ALL; + break; + } - switch ($exclude_target) { - case 'user/-/state/com.google/read': - $state &= FreshRSS_Entry::STATE_NOT_READ; - break; - case 'user/-/state/com.google/unread': - $state &= FreshRSS_Entry::STATE_READ; - break; - case 'user/-/state/com.google/starred': - $state &= FreshRSS_Entry::STATE_NOT_FAVORITE; - break; - } + switch ($exclude_target) { + case 'user/-/state/com.google/read': + $state &= FreshRSS_Entry::STATE_NOT_READ; + break; + case 'user/-/state/com.google/unread': + $state &= FreshRSS_Entry::STATE_READ; + break; + case 'user/-/state/com.google/starred': + $state &= FreshRSS_Entry::STATE_NOT_FAVORITE; + break; + } - $searches = new FreshRSS_BooleanSearch(''); - if ($start_time != '') { - $search = new FreshRSS_Search(''); - $search->setMinDate($start_time); - $searches->add($search); - } - if ($stop_time != '') { - $search = new FreshRSS_Search(''); - $search->setMaxDate($stop_time); - $searches->add($search); + $searches = new FreshRSS_BooleanSearch(''); + if ($start_time != '') { + $search = new FreshRSS_Search(''); + $search->setMinDate($start_time); + $searches->add($search); + } + if ($stop_time != '') { + $search = new FreshRSS_Search(''); + $search->setMaxDate($stop_time); + $searches->add($search); + } + + return array($type, $streamId, $state, $searches); } - return array($type, $streamId, $state, $searches); -} + /** @return never */ + private static function streamContents(string $path, string $include_target, int $start_time, int $stop_time, int $count, + string $order, string $filter_target, string $exclude_target, string $continuation) { + //http://code.google.com/p/pyrfeed/wiki/GoogleReaderAPI + //http://blog.martindoms.com/2009/10/16/using-the-google-reader-api-part-2/#feed + header('Content-Type: application/json; charset=UTF-8'); + + switch ($path) { + case 'reading-list': + $type = 'A'; + break; + case 'starred': + $type = 's'; + break; + case 'feed': + $type = 'f'; + break; + case 'label': + $type = 'c'; + break; + default: + $type = 'A'; + break; + } -function streamContents($path, $include_target, $start_time, $stop_time, $count, $order, $filter_target, $exclude_target, $continuation) { -//http://code.google.com/p/pyrfeed/wiki/GoogleReaderAPI -//http://blog.martindoms.com/2009/10/16/using-the-google-reader-api-part-2/#feed - header('Content-Type: application/json; charset=UTF-8'); + list($type, $include_target, $state, $searches) = + self::streamContentsFilters($type, $include_target, $filter_target, $exclude_target, $start_time, $stop_time); - switch ($path) { - case 'reading-list': - $type = 'A'; - break; - case 'starred': - $type = 's'; - break; - case 'feed': - $type = 'f'; - break; - case 'label': - $type = 'c'; - break; - default: - $type = 'A'; - break; - } + if ($continuation != '') { + $count++; //Shift by one element + } - list($type, $include_target, $state, $searches) = streamContentsFilters($type, $include_target, $filter_target, $exclude_target, $start_time, $stop_time); + $entryDAO = FreshRSS_Factory::createEntryDao(); + $entries = $entryDAO->listWhere($type, $include_target, $state, $order === 'o' ? 'ASC' : 'DESC', $count, $continuation, $searches); + $entries = iterator_to_array($entries); //TODO: Improve - if ($continuation != '') { - $count++; //Shift by one element - } + $items = self::entriesToArray($entries); - $entryDAO = FreshRSS_Factory::createEntryDao(); - $entries = $entryDAO->listWhere($type, $include_target, $state, $order === 'o' ? 'ASC' : 'DESC', $count, $continuation, $searches); - $entries = iterator_to_array($entries); //TODO: Improve + if ($continuation != '') { + array_shift($items); //Discard first element that was already sent in the previous response + $count--; + } - $items = entriesToArray($entries); + $response = array( + 'id' => 'user/-/state/com.google/reading-list', + 'updated' => time(), + 'items' => $items, + ); + if (count($entries) >= $count) { + $entry = end($entries); + if ($entry != false) { + $response['continuation'] = '' . $entry->id(); + } + } - if ($continuation != '') { - array_shift($items); //Discard first element that was already sent in the previous response - $count--; + echo json_encode($response, JSON_OPTIONS), "\n"; + exit(); } - $response = array( - 'id' => 'user/-/state/com.google/reading-list', - 'updated' => time(), - 'items' => $items, - ); - if (count($entries) >= $count) { - $entry = end($entries); - if ($entry != false) { - $response['continuation'] = '' . $entry->id(); + /** @return never */ + private static function streamContentsItemsIds(string $streamId, int $start_time, int $stop_time, int $count, + string $order, string $filter_target, string $exclude_target, string $continuation) { + //http://code.google.com/p/google-reader-api/wiki/ApiStreamItemsIds + //http://code.google.com/p/pyrfeed/wiki/GoogleReaderAPI + //http://blog.martindoms.com/2009/10/16/using-the-google-reader-api-part-2/#feed + $type = 'A'; + $id = ''; + if ($streamId === 'user/-/state/com.google/reading-list') { + $type = 'A'; + } elseif ($streamId === 'user/-/state/com.google/starred') { + $type = 's'; + } elseif (strpos($streamId, 'feed/') === 0) { + $type = 'f'; + $streamId = substr($streamId, 5); + } elseif (strpos($streamId, 'user/-/label/') === 0) { + $type = 'c'; + $streamId = substr($streamId, 13); } - } - - echo json_encode($response, JSON_OPTIONS), "\n"; - exit(); -} -function streamContentsItemsIds($streamId, $start_time, $stop_time, $count, $order, $filter_target, $exclude_target, $continuation) { -//http://code.google.com/p/google-reader-api/wiki/ApiStreamItemsIds -//http://code.google.com/p/pyrfeed/wiki/GoogleReaderAPI -//http://blog.martindoms.com/2009/10/16/using-the-google-reader-api-part-2/#feed - $type = 'A'; - $id = ''; - if ($streamId === 'user/-/state/com.google/reading-list') { - $type = 'A'; - } elseif ($streamId === 'user/-/state/com.google/starred') { - $type = 's'; - } elseif (strpos($streamId, 'feed/') === 0) { - $type = 'f'; - $streamId = substr($streamId, 5); - } elseif (strpos($streamId, 'user/-/label/') === 0) { - $type = 'c'; - $streamId = substr($streamId, 13); - } + list($type, $id, $state, $searches) = self::streamContentsFilters($type, $streamId, $filter_target, $exclude_target, $start_time, $stop_time); - list($type, $id, $state, $searches) = streamContentsFilters($type, $streamId, $filter_target, $exclude_target, $start_time, $stop_time); + if ($continuation != '') { + $count++; //Shift by one element + } - if ($continuation != '') { - $count++; //Shift by one element - } + $entryDAO = FreshRSS_Factory::createEntryDao(); + $ids = $entryDAO->listIdsWhere($type, $id, $state, $order === 'o' ? 'ASC' : 'DESC', $count, $continuation, $searches); + if ($ids === false) { + self::internalServerError(); + } - $entryDAO = FreshRSS_Factory::createEntryDao(); - $ids = $entryDAO->listIdsWhere($type, $id, $state, $order === 'o' ? 'ASC' : 'DESC', $count, $continuation, $searches); + if ($continuation != '') { + array_shift($ids); //Discard first element that was already sent in the previous response + $count--; + } - if ($continuation != '') { - array_shift($ids); //Discard first element that was already sent in the previous response - $count--; - } + if (empty($ids) && isset($_GET['client']) && $_GET['client'] === 'newsplus') { + $ids = [ 0 ]; //For News+ bug https://github.com/noinnion/newsplus/issues/84#issuecomment-57834632 + } + $itemRefs = array(); + foreach ($ids as $id) { + $itemRefs[] = array( + 'id' => '' . $id, //64-bit decimal + ); + } - if (empty($ids) && isset($_GET['client']) && $_GET['client'] === 'newsplus') { - $ids[] = 0; //For News+ bug https://github.com/noinnion/newsplus/issues/84#issuecomment-57834632 - } - $itemRefs = array(); - foreach ($ids as $id) { - $itemRefs[] = array( - 'id' => '' . $id, //64-bit decimal + $response = array( + 'itemRefs' => $itemRefs, ); - } - - $response = array( - 'itemRefs' => $itemRefs, - ); - if (count($ids) >= $count) { - $id = end($ids); - if ($id != false) { - $response['continuation'] = '' . $id; + if (count($ids) >= $count) { + $id = end($ids); + if ($id != false) { + $response['continuation'] = '' . $id; + } } - } - echo json_encode($response, JSON_OPTIONS), "\n"; - exit(); -} + echo json_encode($response, JSON_OPTIONS), "\n"; + exit(); + } -function streamContentsItems($e_ids, $order) { - header('Content-Type: application/json; charset=UTF-8'); + /** + * @param array $e_ids + * @return never + */ + private static function streamContentsItems(array $e_ids, string $order) { + header('Content-Type: application/json; charset=UTF-8'); - foreach ($e_ids as $i => $e_id) { - // https://feedhq.readthedocs.io/en/latest/api/terminology.html#items - if (!ctype_digit($e_id) || $e_id[0] === '0') { - $e_ids[$i] = hex2dec(basename($e_id)); //Strip prefix 'tag:google.com,2005:reader/item/' + foreach ($e_ids as $i => $e_id) { + // https://feedhq.readthedocs.io/en/latest/api/terminology.html#items + if (!ctype_digit($e_id) || $e_id[0] === '0') { + $e_ids[$i] = hex2dec(basename($e_id)); //Strip prefix 'tag:google.com,2005:reader/item/' + } } - } - $entryDAO = FreshRSS_Factory::createEntryDao(); - $entries = $entryDAO->listByIds($e_ids, $order === 'o' ? 'ASC' : 'DESC'); - $entries = iterator_to_array($entries); //TODO: Improve + $entryDAO = FreshRSS_Factory::createEntryDao(); + $entries = $entryDAO->listByIds($e_ids, $order === 'o' ? 'ASC' : 'DESC'); + $entries = iterator_to_array($entries); //TODO: Improve - $items = entriesToArray($entries); + $items = self::entriesToArray($entries); - $response = array( - 'id' => 'user/-/state/com.google/reading-list', - 'updated' => time(), - 'items' => $items, - ); + $response = array( + 'id' => 'user/-/state/com.google/reading-list', + 'updated' => time(), + 'items' => $items, + ); - echo json_encode($response, JSON_OPTIONS), "\n"; - exit(); -} + echo json_encode($response, JSON_OPTIONS), "\n"; + exit(); + } -function editTag($e_ids, $a, $r) { - foreach ($e_ids as $i => $e_id) { - if (!ctype_digit($e_id) || $e_id[0] === '0') { - $e_ids[$i] = hex2dec(basename($e_id)); //Strip prefix 'tag:google.com,2005:reader/item/' + /** + * @param array $e_ids + * @return never + */ + private static function editTag(array $e_ids, string $a, string $r): void { + foreach ($e_ids as $i => $e_id) { + if (!ctype_digit($e_id) || $e_id[0] === '0') { + $e_ids[$i] = hex2dec(basename($e_id)); //Strip prefix 'tag:google.com,2005:reader/item/' + } } - } - $entryDAO = FreshRSS_Factory::createEntryDao(); - $tagDAO = FreshRSS_Factory::createTagDao(); - - switch ($a) { - case 'user/-/state/com.google/read': - $entryDAO->markRead($e_ids, true); - break; - case 'user/-/state/com.google/starred': - $entryDAO->markFavorite($e_ids, true); - break; - /*case 'user/-/state/com.google/tracking-kept-unread': - break; - case 'user/-/state/com.google/like': - break; - case 'user/-/state/com.google/broadcast': - break;*/ - default: - $tagName = ''; - if (strpos($a, 'user/-/label/') === 0) { - $tagName = substr($a, 13); - } else { - $user = Minz_Session::param('currentUser', '_'); - $prefix = 'user/' . $user . '/label/'; - if (strpos($a, $prefix) === 0) { - $tagName = substr($a, strlen($prefix)); + $entryDAO = FreshRSS_Factory::createEntryDao(); + $tagDAO = FreshRSS_Factory::createTagDao(); + + switch ($a) { + case 'user/-/state/com.google/read': + $entryDAO->markRead($e_ids, true); + break; + case 'user/-/state/com.google/starred': + $entryDAO->markFavorite($e_ids, true); + break; + /*case 'user/-/state/com.google/tracking-kept-unread': + break; + case 'user/-/state/com.google/like': + break; + case 'user/-/state/com.google/broadcast': + break;*/ + default: + $tagName = ''; + if (strpos($a, 'user/-/label/') === 0) { + $tagName = substr($a, 13); + } else { + $user = Minz_Session::param('currentUser', '_'); + $prefix = 'user/' . $user . '/label/'; + if (strpos($a, $prefix) === 0) { + $tagName = substr($a, strlen($prefix)); + } } - } - if ($tagName != '') { - $tagName = htmlspecialchars($tagName, ENT_COMPAT, 'UTF-8'); - $tag = $tagDAO->searchByName($tagName); - if ($tag == null) { - $tagDAO->addTag(array('name' => $tagName)); + if ($tagName != '') { + $tagName = htmlspecialchars($tagName, ENT_COMPAT, 'UTF-8'); $tag = $tagDAO->searchByName($tagName); - } - if ($tag != null) { - foreach ($e_ids as $e_id) { - $tagDAO->tagEntry($tag->id(), $e_id, true); + if ($tag == null) { + $tagDAO->addTag(array('name' => $tagName)); + $tag = $tagDAO->searchByName($tagName); + } + if ($tag != null) { + foreach ($e_ids as $e_id) { + $tagDAO->tagEntry($tag->id(), $e_id, true); + } } } - } - break; - } - switch ($r) { - case 'user/-/state/com.google/read': - $entryDAO->markRead($e_ids, false); - break; - case 'user/-/state/com.google/starred': - $entryDAO->markFavorite($e_ids, false); - break; - default: - if (strpos($r, 'user/-/label/') === 0) { - $tagName = substr($r, 13); - $tagName = htmlspecialchars($tagName, ENT_COMPAT, 'UTF-8'); - $tag = $tagDAO->searchByName($tagName); - if ($tag != null) { - foreach ($e_ids as $e_id) { - $tagDAO->tagEntry($tag->id(), $e_id, false); + break; + } + switch ($r) { + case 'user/-/state/com.google/read': + $entryDAO->markRead($e_ids, false); + break; + case 'user/-/state/com.google/starred': + $entryDAO->markFavorite($e_ids, false); + break; + default: + if (strpos($r, 'user/-/label/') === 0) { + $tagName = substr($r, 13); + $tagName = htmlspecialchars($tagName, ENT_COMPAT, 'UTF-8'); + $tag = $tagDAO->searchByName($tagName); + if ($tag != null) { + foreach ($e_ids as $e_id) { + $tagDAO->tagEntry($tag->id(), $e_id, false); + } } } - } - break; - } + break; + } - exit('OK'); -} + exit('OK'); + } -function renameTag($s, $dest) { - if ($s != '' && strpos($s, 'user/-/label/') === 0 && - $dest != '' && strpos($dest, 'user/-/label/') === 0) { - $s = substr($s, 13); - $s = htmlspecialchars($s, ENT_COMPAT, 'UTF-8'); - $dest = substr($dest, 13); - $dest = htmlspecialchars($dest, ENT_COMPAT, 'UTF-8'); + /** @return never */ + private static function renameTag(string $s, string $dest) { + if ($s != '' && strpos($s, 'user/-/label/') === 0 && + $dest != '' && strpos($dest, 'user/-/label/') === 0) { + $s = substr($s, 13); + $s = htmlspecialchars($s, ENT_COMPAT, 'UTF-8'); + $dest = substr($dest, 13); + $dest = htmlspecialchars($dest, ENT_COMPAT, 'UTF-8'); - $categoryDAO = FreshRSS_Factory::createCategoryDao(); - $cat = $categoryDAO->searchByName($s); - if ($cat != null) { - $categoryDAO->updateCategory($cat->id(), array('name' => $dest)); - exit('OK'); - } else { - $tagDAO = FreshRSS_Factory::createTagDao(); - $tag = $tagDAO->searchByName($s); - if ($tag != null) { - $tagDAO->updateTag($tag->id(), array('name' => $dest)); + $categoryDAO = FreshRSS_Factory::createCategoryDao(); + $cat = $categoryDAO->searchByName($s); + if ($cat != null) { + $categoryDAO->updateCategory($cat->id(), array('name' => $dest)); exit('OK'); + } else { + $tagDAO = FreshRSS_Factory::createTagDao(); + $tag = $tagDAO->searchByName($s); + if ($tag != null) { + $tagDAO->updateTag($tag->id(), array('name' => $dest)); + exit('OK'); + } } } + self::badRequest(); } - badRequest(); -} -function disableTag($s) { - if ($s != '' && strpos($s, 'user/-/label/') === 0) { - $s = substr($s, 13); - $s = htmlspecialchars($s, ENT_COMPAT, 'UTF-8'); - $categoryDAO = FreshRSS_Factory::createCategoryDao(); - $cat = $categoryDAO->searchByName($s); - if ($cat != null) { - $feedDAO = FreshRSS_Factory::createFeedDao(); - $feedDAO->changeCategory($cat->id(), 0); - if ($cat->id() > 1) { - $categoryDAO->deleteCategory($cat->id()); - } - exit('OK'); - } else { - $tagDAO = FreshRSS_Factory::createTagDao(); - $tag = $tagDAO->searchByName($s); - if ($tag != null) { - $tagDAO->deleteTag($tag->id()); + /** @return never */ + private static function disableTag(string $s) { + if ($s != '' && strpos($s, 'user/-/label/') === 0) { + $s = substr($s, 13); + $s = htmlspecialchars($s, ENT_COMPAT, 'UTF-8'); + $categoryDAO = FreshRSS_Factory::createCategoryDao(); + $cat = $categoryDAO->searchByName($s); + if ($cat != null) { + $feedDAO = FreshRSS_Factory::createFeedDao(); + $feedDAO->changeCategory($cat->id(), 0); + if ($cat->id() > 1) { + $categoryDAO->deleteCategory($cat->id()); + } exit('OK'); + } else { + $tagDAO = FreshRSS_Factory::createTagDao(); + $tag = $tagDAO->searchByName($s); + if ($tag != null) { + $tagDAO->deleteTag($tag->id()); + exit('OK'); + } } } + self::badRequest(); } - badRequest(); -} -function markAllAsRead($streamId, $olderThanId) { - $entryDAO = FreshRSS_Factory::createEntryDao(); - if (strpos($streamId, 'feed/') === 0) { - $f_id = basename($streamId); - if (!ctype_digit($f_id)) { - badRequest(); - } - $f_id = intval($f_id); - $entryDAO->markReadFeed($f_id, $olderThanId); - } elseif (strpos($streamId, 'user/-/label/') === 0) { - $c_name = substr($streamId, 13); - $c_name = htmlspecialchars($c_name, ENT_COMPAT, 'UTF-8'); - $categoryDAO = FreshRSS_Factory::createCategoryDao(); - $cat = $categoryDAO->searchByName($c_name); - if ($cat != null) { - $entryDAO->markReadCat($cat->id(), $olderThanId); - } else { - $tagDAO = FreshRSS_Factory::createTagDao(); - $tag = $tagDAO->searchByName($c_name); - if ($tag != null) { - $entryDAO->markReadTag($tag->id(), $olderThanId); + /** @return never */ + private static function markAllAsRead(string $streamId, string $olderThanId) { + $entryDAO = FreshRSS_Factory::createEntryDao(); + if (strpos($streamId, 'feed/') === 0) { + $f_id = basename($streamId); + if (!ctype_digit($f_id)) { + self::badRequest(); + } + $f_id = intval($f_id); + $entryDAO->markReadFeed($f_id, $olderThanId); + } elseif (strpos($streamId, 'user/-/label/') === 0) { + $c_name = substr($streamId, 13); + $c_name = htmlspecialchars($c_name, ENT_COMPAT, 'UTF-8'); + $categoryDAO = FreshRSS_Factory::createCategoryDao(); + $cat = $categoryDAO->searchByName($c_name); + if ($cat != null) { + $entryDAO->markReadCat($cat->id(), $olderThanId); } else { - badRequest(); + $tagDAO = FreshRSS_Factory::createTagDao(); + $tag = $tagDAO->searchByName($c_name); + if ($tag != null) { + $entryDAO->markReadTag($tag->id(), $olderThanId); + } else { + self::badRequest(); + } } + } elseif ($streamId === 'user/-/state/com.google/reading-list') { + $entryDAO->markReadEntries($olderThanId, false, -1); + } else { + self::badRequest(); } - } elseif ($streamId === 'user/-/state/com.google/reading-list') { - $entryDAO->markReadEntries($olderThanId, false, -1); - } else { - badRequest(); + exit('OK'); } - exit('OK'); -} -$pathInfo = ''; -if (empty($_SERVER['PATH_INFO'])) { - if (!empty($_SERVER['ORIG_PATH_INFO'])) { - // Compatibility https://php.net/reserved.variables.server - $pathInfo = $_SERVER['ORIG_PATH_INFO']; - } -} else { - $pathInfo = $_SERVER['PATH_INFO']; -} -$pathInfo = urldecode($pathInfo); -$pathInfo = preg_replace('%^(/api)?(/greader\.php)?%', '', $pathInfo); //Discard common errors -if ($pathInfo == '') { - exit('OK'); -} -$pathInfos = explode('/', $pathInfo); -if (count($pathInfos) < 3) { - badRequest(); -} + /** @return never */ + public static function parse() { + global $ORIGINAL_INPUT; -FreshRSS_Context::initSystem(); + $pathInfo = ''; + if (empty($_SERVER['PATH_INFO'])) { + if (!empty($_SERVER['ORIG_PATH_INFO'])) { + // Compatibility https://php.net/reserved.variables.server + $pathInfo = $_SERVER['ORIG_PATH_INFO']; + } + } else { + $pathInfo = $_SERVER['PATH_INFO']; + } + $pathInfo = urldecode($pathInfo); + $pathInfo = '' . preg_replace('%^(/api)?(/greader\.php)?%', '', $pathInfo); //Discard common errors + if ($pathInfo == '') { + exit('OK'); + } + $pathInfos = explode('/', $pathInfo); + if (count($pathInfos) < 3) { + self::badRequest(); + } -//Minz_Log::debug('----------------------------------------------------------------', API_LOG); -//Minz_Log::debug(debugInfo(), API_LOG); + FreshRSS_Context::initSystem(); -if (!FreshRSS_Context::$system_conf->api_enabled) { - serviceUnavailable(); -} elseif ($pathInfos[1] === 'check' && $pathInfos[2] === 'compatibility') { - checkCompatibility(); -} + //Minz_Log::debug('----------------------------------------------------------------', API_LOG); + //Minz_Log::debug(debugInfo(), API_LOG); -Minz_Session::init('FreshRSS', true); + if (FreshRSS_Context::$system_conf == null || !FreshRSS_Context::$system_conf->api_enabled) { + self::serviceUnavailable(); + } elseif ($pathInfos[1] === 'check' && $pathInfos[2] === 'compatibility') { + self::checkCompatibility(); + } -if ($pathInfos[1] !== 'accounts') { - authorizationToUser(); -} -if (FreshRSS_Context::$user_conf != null) { - Minz_Translate::init(FreshRSS_Context::$user_conf->language); - Minz_ExtensionManager::init(); - Minz_ExtensionManager::enableByList(FreshRSS_Context::$user_conf->extensions_enabled); -} else { - Minz_Translate::init(); -} + Minz_Session::init('FreshRSS', true); -if ($pathInfos[1] === 'accounts') { - if (($pathInfos[2] === 'ClientLogin') && isset($_REQUEST['Email']) && isset($_REQUEST['Passwd'])) { - clientLogin($_REQUEST['Email'], $_REQUEST['Passwd']); - } -} elseif ($pathInfos[1] === 'reader' && $pathInfos[2] === 'api' && isset($pathInfos[3]) && $pathInfos[3] === '0' && isset($pathInfos[4])) { - if (Minz_Session::param('currentUser', '') == '') { - unauthorized(); - } - $timestamp = isset($_GET['ck']) ? intval($_GET['ck']) : 0; //ck=[unix timestamp] : Use the current Unix time here, helps Google with caching. - switch ($pathInfos[4]) { - case 'stream': - /* xt=[exclude target] : Used to exclude certain items from the feed. - * For example, using xt=user/-/state/com.google/read will exclude items - * that the current user has marked as read, or xt=feed/[feedurl] will - * exclude items from a particular feed (obviously not useful in this - * request, but xt appears in other listing requests). */ - $exclude_target = isset($_GET['xt']) ? $_GET['xt'] : ''; - $filter_target = isset($_GET['it']) ? $_GET['it'] : ''; - //n=[integer] : The maximum number of results to return. - $count = isset($_GET['n']) ? intval($_GET['n']) : 20; - //r=[d|n|o] : Sort order of item results. d or n gives items in descending date order, o in ascending order. - $order = isset($_GET['r']) ? $_GET['r'] : 'd'; - /* ot=[unix timestamp] : The time from which you want to retrieve - * items. Only items that have been crawled by Google Reader after - * this time will be returned. */ - $start_time = isset($_GET['ot']) ? intval($_GET['ot']) : 0; - $stop_time = isset($_GET['nt']) ? intval($_GET['nt']) : 0; - /* Continuation token. If a StreamContents response does not represent - * all items in a timestamp range, it will have a continuation attribute. - * The same request can be re-issued with the value of that attribute put - * in this parameter to get more items */ - $continuation = isset($_GET['c']) ? trim($_GET['c']) : ''; - if (!ctype_digit($continuation)) { - $continuation = ''; + if ($pathInfos[1] !== 'accounts') { + self::authorizationToUser(); + } + if (FreshRSS_Context::$user_conf != null) { + Minz_Translate::init(FreshRSS_Context::$user_conf->language); + Minz_ExtensionManager::init(); + Minz_ExtensionManager::enableByList(FreshRSS_Context::$user_conf->extensions_enabled); + } else { + Minz_Translate::init(); + } + + if ($pathInfos[1] === 'accounts') { + if (($pathInfos[2] === 'ClientLogin') && isset($_REQUEST['Email']) && isset($_REQUEST['Passwd'])) { + self::clientLogin($_REQUEST['Email'], $_REQUEST['Passwd']); + } + } elseif ($pathInfos[1] === 'reader' && $pathInfos[2] === 'api' && isset($pathInfos[3]) && $pathInfos[3] === '0' && isset($pathInfos[4])) { + if (Minz_Session::param('currentUser', '') == '') { + self::unauthorized(); } - if (isset($pathInfos[5]) && $pathInfos[5] === 'contents') { - if (!isset($pathInfos[6]) && isset($_GET['s'])) { - // Compatibility BazQux API https://github.com/bazqux/bazqux-api#fetching-streams - $streamIdInfos = explode('/', $_GET['s']); - foreach ($streamIdInfos as $streamIdInfo) { - $pathInfos[] = $streamIdInfo; + $timestamp = isset($_GET['ck']) ? intval($_GET['ck']) : 0; //ck=[unix timestamp] : Use the current Unix time here, helps Google with caching. + switch ($pathInfos[4]) { + case 'stream': + /* xt=[exclude target] : Used to exclude certain items from the feed. + * For example, using xt=user/-/state/com.google/read will exclude items + * that the current user has marked as read, or xt=feed/[feedurl] will + * exclude items from a particular feed (obviously not useful in this + * request, but xt appears in other listing requests). */ + $exclude_target = isset($_GET['xt']) ? $_GET['xt'] : ''; + $filter_target = isset($_GET['it']) ? $_GET['it'] : ''; + //n=[integer] : The maximum number of results to return. + $count = isset($_GET['n']) ? intval($_GET['n']) : 20; + //r=[d|n|o] : Sort order of item results. d or n gives items in descending date order, o in ascending order. + $order = isset($_GET['r']) ? $_GET['r'] : 'd'; + /* ot=[unix timestamp] : The time from which you want to retrieve + * items. Only items that have been crawled by Google Reader after + * this time will be returned. */ + $start_time = isset($_GET['ot']) ? intval($_GET['ot']) : 0; + $stop_time = isset($_GET['nt']) ? intval($_GET['nt']) : 0; + /* Continuation token. If a StreamContents response does not represent + * all items in a timestamp range, it will have a continuation attribute. + * The same request can be re-issued with the value of that attribute put + * in this parameter to get more items */ + $continuation = isset($_GET['c']) ? trim($_GET['c']) : ''; + if (!ctype_digit($continuation)) { + $continuation = ''; } - } - if (isset($pathInfos[6]) && isset($pathInfos[7])) { - if ($pathInfos[6] === 'feed') { - $include_target = $pathInfos[7]; - if ($include_target != '' && !ctype_digit($include_target)) { - $include_target = empty($_SERVER['REQUEST_URI']) ? '' : $_SERVER['REQUEST_URI']; - if (preg_match('#/reader/api/0/stream/contents/feed/([A-Za-z0-9\'!*()%$_.~+-]+)#', $include_target, $matches) && isset($matches[1])) { - $include_target = urldecode($matches[1]); - } else { - $include_target = ''; + if (isset($pathInfos[5]) && $pathInfos[5] === 'contents') { + if (!isset($pathInfos[6]) && isset($_GET['s'])) { + // Compatibility BazQux API https://github.com/bazqux/bazqux-api#fetching-streams + $streamIdInfos = explode('/', $_GET['s']); + foreach ($streamIdInfos as $streamIdInfo) { + $pathInfos[] = $streamIdInfo; } } - streamContents($pathInfos[6], $include_target, $start_time, $stop_time, $count, $order, $filter_target, $exclude_target, $continuation); - } elseif ($pathInfos[6] === 'user' && isset($pathInfos[8]) && isset($pathInfos[9])) { - if ($pathInfos[8] === 'state') { - if ($pathInfos[9] === 'com.google' && isset($pathInfos[10])) { - if ($pathInfos[10] === 'reading-list' || $pathInfos[10] === 'starred') { - $include_target = ''; - streamContents($pathInfos[10], $include_target, $start_time, $stop_time, $count, $order, - $filter_target, $exclude_target, $continuation); + if (isset($pathInfos[6]) && isset($pathInfos[7])) { + if ($pathInfos[6] === 'feed') { + $include_target = $pathInfos[7]; + if ($include_target != '' && !ctype_digit($include_target)) { + $include_target = empty($_SERVER['REQUEST_URI']) ? '' : $_SERVER['REQUEST_URI']; + if (preg_match('#/reader/api/0/stream/contents/feed/([A-Za-z0-9\'!*()%$_.~+-]+)#', $include_target, $matches)) { + $include_target = urldecode($matches[1]); + } else { + $include_target = ''; + } + } + self::streamContents($pathInfos[6], $include_target, $start_time, $stop_time, + $count, $order, $filter_target, $exclude_target, $continuation); + } elseif ($pathInfos[6] === 'user' && isset($pathInfos[8]) && isset($pathInfos[9])) { + if ($pathInfos[8] === 'state') { + if ($pathInfos[9] === 'com.google' && isset($pathInfos[10])) { + if ($pathInfos[10] === 'reading-list' || $pathInfos[10] === 'starred') { + $include_target = ''; + self::streamContents($pathInfos[10], $include_target, $start_time, $stop_time, $count, $order, + $filter_target, $exclude_target, $continuation); + } + } + } elseif ($pathInfos[8] === 'label') { + $include_target = $pathInfos[9]; + self::streamContents($pathInfos[8], $include_target, $start_time, $stop_time, + $count, $order, $filter_target, $exclude_target, $continuation); } } - } elseif ($pathInfos[8] === 'label') { - $include_target = $pathInfos[9]; - streamContents($pathInfos[8], $include_target, $start_time, $stop_time, $count, $order, $filter_target, $exclude_target, $continuation); + } else { //EasyRSS, FeedMe + $include_target = ''; + self::streamContents('reading-list', $include_target, $start_time, $stop_time, + $count, $order, $filter_target, $exclude_target, $continuation); } - } - } else { //EasyRSS, FeedMe - $include_target = ''; - streamContents('reading-list', $include_target, $start_time, $stop_time, $count, $order, $filter_target, $exclude_target, $continuation); - } - } elseif ($pathInfos[5] === 'items') { - if ($pathInfos[6] === 'ids' && isset($_GET['s'])) { - /* StreamId for which to fetch the item IDs. The parameter may - * be repeated to fetch the item IDs from multiple streams at once - * (more efficient from a backend perspective than multiple requests). */ - $streamId = $_GET['s']; - streamContentsItemsIds($streamId, $start_time, $stop_time, $count, $order, $filter_target, $exclude_target, $continuation); - } elseif ($pathInfos[6] === 'contents' && isset($_POST['i'])) { //FeedMe - $e_ids = multiplePosts('i'); //item IDs - streamContentsItems($e_ids, $order); - } - } - break; - case 'tag': - if (isset($pathInfos[5]) && $pathInfos[5] === 'list') { - $output = isset($_GET['output']) ? $_GET['output'] : ''; - if ($output !== 'json') notImplemented(); - tagList(); - } - break; - case 'subscription': - if (isset($pathInfos[5])) { - switch ($pathInfos[5]) { - case 'export': - subscriptionExport(); - break; - case 'import': - if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] === 'POST' && $ORIGINAL_INPUT != '') { - subscriptionImport($ORIGINAL_INPUT); + } elseif ($pathInfos[5] === 'items') { + if ($pathInfos[6] === 'ids' && isset($_GET['s'])) { + /* StreamId for which to fetch the item IDs. The parameter may + * be repeated to fetch the item IDs from multiple streams at once + * (more efficient from a backend perspective than multiple requests). */ + $streamId = $_GET['s']; + self::streamContentsItemsIds($streamId, $start_time, $stop_time, $count, $order, $filter_target, $exclude_target, $continuation); + } elseif ($pathInfos[6] === 'contents' && isset($_POST['i'])) { //FeedMe + $e_ids = multiplePosts('i'); //item IDs + self::streamContentsItems($e_ids, $order); } - break; - case 'list': + } + break; + case 'tag': + if (isset($pathInfos[5]) && $pathInfos[5] === 'list') { $output = isset($_GET['output']) ? $_GET['output'] : ''; - if ($output !== 'json') notImplemented(); - subscriptionList(); - break; - case 'edit': - if (isset($_REQUEST['s']) && isset($_REQUEST['ac'])) { - //StreamId to operate on. The parameter may be repeated to edit multiple subscriptions at once - $streamNames = empty($_POST['s']) && isset($_GET['s']) ? array($_GET['s']) : multiplePosts('s'); - /* Title to use for the subscription. For the `subscribe` action, - * if not specified then the feed’s current title will be used. Can - * be used with the `edit` action to rename a subscription */ - $titles = empty($_POST['t']) && isset($_GET['t']) ? array($_GET['t']) : multiplePosts('t'); - $action = $_REQUEST['ac']; //Action to perform on the given StreamId. Possible values are `subscribe`, `unsubscribe` and `edit` - $add = isset($_REQUEST['a']) ? $_REQUEST['a'] : ''; //StreamId to add the subscription to (generally a user label) - $remove = isset($_REQUEST['r']) ? $_REQUEST['r'] : ''; //StreamId to remove the subscription from (generally a user label) - subscriptionEdit($streamNames, $titles, $action, $add, $remove); - } - break; - case 'quickadd': //https://github.com/theoldreader/api - if (isset($_REQUEST['quickadd'])) { - quickadd($_REQUEST['quickadd']); + if ($output !== 'json') self::notImplemented(); + self::tagList(); + } + break; + case 'subscription': + if (isset($pathInfos[5])) { + switch ($pathInfos[5]) { + case 'export': + self::subscriptionExport(); + // Always exits + case 'import': + if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] === 'POST' && $ORIGINAL_INPUT != '') { + self::subscriptionImport($ORIGINAL_INPUT); + } + break; + case 'list': + $output = isset($_GET['output']) ? $_GET['output'] : ''; + if ($output !== 'json') self::notImplemented(); + self::subscriptionList(); + // Always exits + case 'edit': + if (isset($_REQUEST['s']) && isset($_REQUEST['ac'])) { + //StreamId to operate on. The parameter may be repeated to edit multiple subscriptions at once + $streamNames = empty($_POST['s']) && isset($_GET['s']) ? array($_GET['s']) : multiplePosts('s'); + /* Title to use for the subscription. For the `subscribe` action, + * if not specified then the feed’s current title will be used. Can + * be used with the `edit` action to rename a subscription */ + $titles = empty($_POST['t']) && isset($_GET['t']) ? array($_GET['t']) : multiplePosts('t'); + $action = $_REQUEST['ac']; //Action to perform on the given StreamId. Possible values are `subscribe`, `unsubscribe` and `edit` + $add = isset($_REQUEST['a']) ? $_REQUEST['a'] : ''; //StreamId to add the subscription to (generally a user label) + $remove = isset($_REQUEST['r']) ? $_REQUEST['r'] : ''; //StreamId to remove the subscription from (generally a user label) + self::subscriptionEdit($streamNames, $titles, $action, $add, $remove); + } + break; + case 'quickadd': //https://github.com/theoldreader/api + if (isset($_REQUEST['quickadd'])) { + self::quickadd($_REQUEST['quickadd']); + } + break; } - break; - } - } - break; - case 'unread-count': - $output = isset($_GET['output']) ? $_GET['output'] : ''; - if ($output !== 'json') notImplemented(); - unreadCount(); - break; - case 'edit-tag': //http://blog.martindoms.com/2010/01/20/using-the-google-reader-api-part-3/ - $token = isset($_POST['T']) ? trim($_POST['T']) : ''; - checkToken(FreshRSS_Context::$user_conf, $token); - $a = isset($_POST['a']) ? $_POST['a'] : ''; //Add: user/-/state/com.google/read user/-/state/com.google/starred - $r = isset($_POST['r']) ? $_POST['r'] : ''; //Remove: user/-/state/com.google/read user/-/state/com.google/starred - $e_ids = multiplePosts('i'); //item IDs - editTag($e_ids, $a, $r); - break; - case 'rename-tag': //https://github.com/theoldreader/api - $token = isset($_POST['T']) ? trim($_POST['T']) : ''; - checkToken(FreshRSS_Context::$user_conf, $token); - $s = isset($_POST['s']) ? $_POST['s'] : ''; //user/-/label/Folder - $dest = isset($_POST['dest']) ? $_POST['dest'] : ''; //user/-/label/NewFolder - renameTag($s, $dest); - break; - case 'disable-tag': //https://github.com/theoldreader/api - $token = isset($_POST['T']) ? trim($_POST['T']) : ''; - checkToken(FreshRSS_Context::$user_conf, $token); - $s_s = multiplePosts('s'); - foreach ($s_s as $s) { - disableTag($s); //user/-/label/Folder - } - break; - case 'mark-all-as-read': - $token = isset($_POST['T']) ? trim($_POST['T']) : ''; - checkToken(FreshRSS_Context::$user_conf, $token); - $streamId = $_POST['s'] ?? ''; - $ts = isset($_POST['ts']) ? $_POST['ts'] : '0'; //Older than timestamp in nanoseconds - if (!ctype_digit($ts)) { - badRequest(); + } + break; + case 'unread-count': + $output = isset($_GET['output']) ? $_GET['output'] : ''; + if ($output !== 'json') self::notImplemented(); + self::unreadCount(); + // Always exits + case 'edit-tag': //http://blog.martindoms.com/2010/01/20/using-the-google-reader-api-part-3/ + $token = isset($_POST['T']) ? trim($_POST['T']) : ''; + self::checkToken(FreshRSS_Context::$user_conf, $token); + $a = isset($_POST['a']) ? $_POST['a'] : ''; //Add: user/-/state/com.google/read user/-/state/com.google/starred + $r = isset($_POST['r']) ? $_POST['r'] : ''; //Remove: user/-/state/com.google/read user/-/state/com.google/starred + $e_ids = multiplePosts('i'); //item IDs + self::editTag($e_ids, $a, $r); + // Always exits + case 'rename-tag': //https://github.com/theoldreader/api + $token = isset($_POST['T']) ? trim($_POST['T']) : ''; + self::checkToken(FreshRSS_Context::$user_conf, $token); + $s = isset($_POST['s']) ? $_POST['s'] : ''; //user/-/label/Folder + $dest = isset($_POST['dest']) ? $_POST['dest'] : ''; //user/-/label/NewFolder + self::renameTag($s, $dest); + // Always exits + case 'disable-tag': //https://github.com/theoldreader/api + $token = isset($_POST['T']) ? trim($_POST['T']) : ''; + self::checkToken(FreshRSS_Context::$user_conf, $token); + $s_s = multiplePosts('s'); + foreach ($s_s as $s) { + self::disableTag($s); //user/-/label/Folder + } + // Always exits + case 'mark-all-as-read': + $token = isset($_POST['T']) ? trim($_POST['T']) : ''; + self::checkToken(FreshRSS_Context::$user_conf, $token); + $streamId = trim($_POST['s'] ?? ''); + $ts = trim($_POST['ts'] ?? '0'); //Older than timestamp in nanoseconds + if (!ctype_digit($ts)) { + self::badRequest(); + } + self::markAllAsRead($streamId, $ts); + // Always exits + case 'token': + self::token(FreshRSS_Context::$user_conf); + // Always exits + case 'user-info': + self::userInfo(); + // Always exits } - markAllAsRead($streamId, $ts); - break; - case 'token': - token(FreshRSS_Context::$user_conf); - break; - case 'user-info': - userInfo(); - break; + } + + self::badRequest(); } } -badRequest(); +GReaderAPI::parse(); diff --git a/p/api/pshb.php b/p/api/pshb.php index 26d1e125b..b3e3f400f 100644 --- a/p/api/pshb.php +++ b/p/api/pshb.php @@ -7,9 +7,13 @@ const MAX_PAYLOAD = 3145728; header('Content-Type: text/plain; charset=UTF-8'); header('X-Content-Type-Options: nosniff'); -$ORIGINAL_INPUT = file_get_contents('php://input', false, null, 0, MAX_PAYLOAD); +$ORIGINAL_INPUT = file_get_contents('php://input', false, null, 0, MAX_PAYLOAD) ?: ''; FreshRSS_Context::initSystem(); +if (FreshRSS_Context::$system_conf == null) { + header('HTTP/1.1 500 Internal Server Error'); + die('Invalid system init!'); +} FreshRSS_Context::$system_conf->auth_type = 'none'; // avoid necessity to be logged in (not saved!) //Minz_Log::debug(print_r(array('_SERVER' => $_SERVER, '_GET' => $_GET, '_POST' => $_POST, 'INPUT' => $ORIGINAL_INPUT), true), PSHB_LOG); @@ -41,7 +45,7 @@ if ($hubFile === false) { die('Feed info not found!'); } $hubJson = json_decode($hubFile, true); -if (!$hubJson || empty($hubJson['key']) || $hubJson['key'] !== $key) { +if (!is_array($hubJson) || empty($hubJson['key']) || $hubJson['key'] !== $key) { header('HTTP/1.1 500 Internal Server Error'); Minz_Log::error('Error: Invalid key cross-check!: ' . $key, PSHB_LOG); die('Invalid key cross-check!'); @@ -120,15 +124,12 @@ foreach ($users as $userFilename) { try { FreshRSS_Context::initUser($username); - if (FreshRSS_Context::$user_conf != null) { - Minz_ExtensionManager::enableByList(FreshRSS_Context::$user_conf->extensions_enabled); - Minz_Translate::reset(FreshRSS_Context::$user_conf->language); - } - - if (!FreshRSS_Context::$user_conf->enabled) { + if (FreshRSS_Context::$user_conf == null || !FreshRSS_Context::$user_conf->enabled) { Minz_Log::warning('FreshRSS skip disabled user ' . $username); continue; } + Minz_ExtensionManager::enableByList(FreshRSS_Context::$user_conf->extensions_enabled); + Minz_Translate::reset(FreshRSS_Context::$user_conf->language); list($updated_feeds, $feed, $nb_new_articles) = FreshRSS_feed_Controller::actualizeFeed(0, $self, false, $simplePie); if ($updated_feeds > 0 || $feed != false) { diff --git a/p/ext.php b/p/ext.php index 9427f8c20..abc07ad12 100644 --- a/p/ext.php +++ b/p/ext.php @@ -13,10 +13,7 @@ const SUPPORTED_TYPES = [ 'svg' => 'image/svg+xml', ]; -/** - * @return string - */ -function get_absolute_filename(string $file_name) { +function get_absolute_filename(string $file_name): string { $core_extension = realpath(CORE_EXTENSIONS_PATH . '/' . $file_name); if (false !== $core_extension) { return $core_extension; @@ -40,9 +37,12 @@ function get_absolute_filename(string $file_name) { return ''; } -function is_valid_path_extension($path, $extensionPath, $isStatic = true) { +function is_valid_path_extension(string $path, string $extensionPath, bool $isStatic = true): bool { // It must be under the extension path. $real_ext_path = realpath($extensionPath); + if ($real_ext_path == false) { + return false; + } //Windows compatibility $real_ext_path = str_replace('\\', '/', $real_ext_path); @@ -60,7 +60,7 @@ function is_valid_path_extension($path, $extensionPath, $isStatic = true) { // Static files to serve must be under a `ext_dir/static/` directory. $path_relative_to_ext = substr($path, strlen($real_ext_path) + 1); - list(,$static,$file) = sscanf($path_relative_to_ext, '%[^/]/%[^/]/%s'); + list(, $static, $file) = sscanf($path_relative_to_ext, '%[^/]/%[^/]/%s') ?? [null, null, null]; if (null === $file || 'static' !== $static) { return false; } @@ -78,16 +78,18 @@ function is_valid_path_extension($path, $extensionPath, $isStatic = true) { * @return bool true if it can be served, false otherwise. * */ -function is_valid_path($path) { +function is_valid_path(string $path): bool { return is_valid_path_extension($path, CORE_EXTENSIONS_PATH) || is_valid_path_extension($path, THIRDPARTY_EXTENSIONS_PATH) || is_valid_path_extension($path, USERS_PATH, false); } +/** @return never */ function sendBadRequestResponse(string $message = null) { header('HTTP/1.1 400 Bad Request'); die($message); } +/** @return never */ function sendNotFoundResponse() { header('HTTP/1.1 404 Not Found'); die(); diff --git a/p/f.php b/p/f.php index d856256aa..7837407e2 100644 --- a/p/f.php +++ b/p/f.php @@ -4,7 +4,7 @@ require(LIB_PATH . '/lib_rss.php'); //Includes class autoloader require(LIB_PATH . '/favicons.php'); require(LIB_PATH . '/http-conditional.php'); -function show_default_favicon($cacheSeconds = 3600) { +function show_default_favicon(int $cacheSeconds = 3600): void { $default_mtime = @filemtime(DEFAULT_FAVICON); if (!httpConditional($default_mtime, $cacheSeconds, 2)) { header('Content-Type: image/x-icon'); diff --git a/p/i/index.php b/p/i/index.php index 48cedfc92..360a858ca 100755 --- a/p/i/index.php +++ b/p/i/index.php @@ -35,8 +35,8 @@ if (!file_exists($applied_migrations_path)) { require(LIB_PATH . '/http-conditional.php'); $currentUser = Minz_Session::param('currentUser', ''); $dateLastModification = $currentUser === '' ? time() : max( - @filemtime(join_path(USERS_PATH, $currentUser, LOG_FILENAME)), - @filemtime(join_path(DATA_PATH, 'config.php')) + @filemtime(USERS_PATH . '/' . $currentUser . '/' . LOG_FILENAME), + @filemtime(DATA_PATH . '/config.php') ); if (httpConditional($dateLastModification, 0, 0, false, PHP_COMPRESSION, true)) { Minz_Session::init('FreshRSS'); -- cgit v1.2.3 From 4ad66c24bfd96a5f5a71eec895e9d3085d67f4a0 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Mon, 30 Jan 2023 20:31:46 +0100 Subject: Workaround disabled openlog syslog (#5054) * Workaround disabled openlog syslog #fix https://github.com/FreshRSS/FreshRSS/issues/5053 #fix https://github.com/FreshRSS/FreshRSS/issues/5027 * COPY_SYSLOG_TO_STDERR * Better return * Simplify openlog --- lib/lib_rss.php | 26 +++++++++++++++++++++----- 1 file changed, 21 insertions(+), 5 deletions(-) (limited to 'lib/lib_rss.php') diff --git a/lib/lib_rss.php b/lib/lib_rss.php index 893bed8eb..f648d7cd2 100644 --- a/lib/lib_rss.php +++ b/lib/lib_rss.php @@ -16,11 +16,27 @@ if (!function_exists('str_starts_with')) { } } -// @phpstan-ignore-next-line -if (COPY_SYSLOG_TO_STDERR) { - openlog('FreshRSS', LOG_CONS | LOG_ODELAY | LOG_PID | LOG_PERROR, LOG_USER); -} else { - openlog('FreshRSS', LOG_CONS | LOG_ODELAY | LOG_PID, LOG_USER); +if (!function_exists('syslog')) { + // @phpstan-ignore-next-line + if (COPY_SYSLOG_TO_STDERR && !defined('STDERR')) { + define('STDERR', fopen('php://stderr', 'w')); + } + function syslog(int $priority, string $message): bool { + // @phpstan-ignore-next-line + if (COPY_SYSLOG_TO_STDERR && defined('STDERR') && STDERR) { + return fwrite(STDERR, $message . "\n") != false; + } + return false; + } +} + +if (function_exists('openlog')) { + // @phpstan-ignore-next-line + if (COPY_SYSLOG_TO_STDERR) { + openlog('FreshRSS', LOG_CONS | LOG_ODELAY | LOG_PID | LOG_PERROR, LOG_USER); + } else { + openlog('FreshRSS', LOG_CONS | LOG_ODELAY | LOG_PID, LOG_USER); + } } /** -- cgit v1.2.3 From 05ae1b0d2684cea4eda664c5ea1a995cb9f0c4b9 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Thu, 9 Feb 2023 13:57:20 +0100 Subject: XML+XPath (#5076) * XML+XPath #fix https://github.com/FreshRSS/FreshRSS/issues/5075 Implementation allowing to take an XML document as input using an XML parser (instead of an HTML parser for HTML+XPath) * Remove noise from another PR * Better MIME for XML * And add glob *.xml for cache cleaning * Minor syntax * Add glob json for clean cache --- app/Controllers/feedController.php | 14 ++++++++++---- app/Controllers/subscriptionController.php | 2 +- app/Models/Feed.php | 29 ++++++++++++++++++++++++----- app/Services/ExportService.php | 1 + app/Services/ImportService.php | 5 ++++- app/i18n/cz/sub.php | 1 + app/i18n/de/sub.php | 1 + app/i18n/el/sub.php | 1 + app/i18n/en-us/sub.php | 1 + app/i18n/en/sub.php | 1 + app/i18n/es/sub.php | 1 + app/i18n/fr/sub.php | 1 + app/i18n/he/sub.php | 1 + app/i18n/id/sub.php | 1 + app/i18n/it/sub.php | 1 + app/i18n/ja/sub.php | 1 + app/i18n/ko/sub.php | 1 + app/i18n/nl/sub.php | 1 + app/i18n/oc/sub.php | 1 + app/i18n/pl/sub.php | 1 + app/i18n/pt-br/sub.php | 1 + app/i18n/ru/sub.php | 1 + app/i18n/sk/sub.php | 1 + app/i18n/tr/sub.php | 1 + app/i18n/zh-cn/sub.php | 1 + app/i18n/zh-tw/sub.php | 1 + app/views/helpers/export/opml.phtml | 11 +++++++++-- app/views/helpers/feed/update.phtml | 5 +++-- app/views/subscription/add.phtml | 1 + docs/en/developers/OPML.md | 4 +++- lib/lib_rss.php | 14 ++++++++++++-- p/scripts/feed.js | 11 +++++++++-- 32 files changed, 98 insertions(+), 20 deletions(-) (limited to 'lib/lib_rss.php') diff --git a/app/Controllers/feedController.php b/app/Controllers/feedController.php index 2bef85f0e..84f38fe5e 100644 --- a/app/Controllers/feedController.php +++ b/app/Controllers/feedController.php @@ -81,6 +81,7 @@ class FreshRSS_feed_Controller extends FreshRSS_ActionController { $feed->load(true); //Throws FreshRSS_Feed_Exception, Minz_FileNotExistException break; case FreshRSS_Feed::KIND_HTML_XPATH: + case FreshRSS_Feed::KIND_XML_XPATH: $feed->_website($url); break; } @@ -201,8 +202,8 @@ class FreshRSS_feed_Controller extends FreshRSS_ActionController { $timeout = intval(Minz_Request::param('timeout', 0)); $attributes['timeout'] = $timeout > 0 ? $timeout : null; - $feed_kind = Minz_Request::param('feed_kind', FreshRSS_Feed::KIND_RSS); - if ($feed_kind == FreshRSS_Feed::KIND_HTML_XPATH) { + $feed_kind = (int)Minz_Request::param('feed_kind', FreshRSS_Feed::KIND_RSS); + if ($feed_kind === FreshRSS_Feed::KIND_HTML_XPATH || $feed_kind === FreshRSS_Feed::KIND_XML_XPATH) { $xPathSettings = []; if (Minz_Request::param('xPathFeedTitle', '') != '') $xPathSettings['feedTitle'] = Minz_Request::param('xPathFeedTitle', '', true); if (Minz_Request::param('xPathItem', '') != '') $xPathSettings['item'] = Minz_Request::param('xPathItem', '', true); @@ -385,10 +386,15 @@ class FreshRSS_feed_Controller extends FreshRSS_ActionController { if ($simplePiePush) { $simplePie = $simplePiePush; //Used by WebSub } elseif ($feed->kind() === FreshRSS_Feed::KIND_HTML_XPATH) { - $simplePie = $feed->loadHtmlXpath(false, $isNewFeed); - if ($simplePie == null) { + $simplePie = $feed->loadHtmlXpath(); + if ($simplePie === null) { throw new FreshRSS_Feed_Exception('HTML+XPath Web scraping failed for [' . $feed->url(false) . ']'); } + } elseif ($feed->kind() === FreshRSS_Feed::KIND_XML_XPATH) { + $simplePie = $feed->loadHtmlXpath(); + if ($simplePie === null) { + throw new FreshRSS_Feed_Exception('XML+XPath parsing failed for [' . $feed->url(false) . ']'); + } } else { $simplePie = $feed->load(false, $isNewFeed); } diff --git a/app/Controllers/subscriptionController.php b/app/Controllers/subscriptionController.php index b2ee046d9..f0355a82a 100644 --- a/app/Controllers/subscriptionController.php +++ b/app/Controllers/subscriptionController.php @@ -203,7 +203,7 @@ class FreshRSS_subscription_Controller extends FreshRSS_ActionController { $feed->_filtersAction('read', preg_split('/[\n\r]+/', Minz_Request::param('filteractions_read', ''))); $feed->_kind(intval(Minz_Request::param('feed_kind', FreshRSS_Feed::KIND_RSS))); - if ($feed->kind() == FreshRSS_Feed::KIND_HTML_XPATH) { + if ($feed->kind() === FreshRSS_Feed::KIND_HTML_XPATH || $feed->kind() === FreshRSS_Feed::KIND_XML_XPATH) { $xPathSettings = []; if (Minz_Request::param('xPathItem', '') != '') $xPathSettings['item'] = Minz_Request::param('xPathItem', '', true); if (Minz_Request::param('xPathItemTitle', '') != '') $xPathSettings['itemTitle'] = Minz_Request::param('xPathItemTitle', '', true); diff --git a/app/Models/Feed.php b/app/Models/Feed.php index f7ff76768..7c46199a5 100644 --- a/app/Models/Feed.php +++ b/app/Models/Feed.php @@ -17,6 +17,11 @@ class FreshRSS_Feed extends Minz_Model { * @var int */ const KIND_HTML_XPATH = 10; + /** + * Normal XML with XPath scraping + * @var int + */ + const KIND_XML_XPATH = 15; /** * Normal JSON with XPath scraping * @var int @@ -586,7 +591,7 @@ class FreshRSS_Feed extends Minz_Model { /** * @return SimplePie|null */ - public function loadHtmlXpath(bool $loadDetails = false, bool $noCache = false) { + public function loadHtmlXpath() { if ($this->url == '') { return null; } @@ -614,8 +619,9 @@ class FreshRSS_Feed extends Minz_Model { return null; } - $cachePath = FreshRSS_Feed::cacheFilename($feedSourceUrl, $this->attributes(), FreshRSS_Feed::KIND_HTML_XPATH); - $html = httpGet($feedSourceUrl, $cachePath, 'html', $this->attributes()); + $cachePath = FreshRSS_Feed::cacheFilename($feedSourceUrl, $this->attributes(), $this->kind()); + $html = httpGet($feedSourceUrl, $cachePath, + $this->kind() === FreshRSS_Feed::KIND_XML_XPATH ? 'xml' : 'html', $this->attributes()); if (strlen($html) <= 0) { return null; } @@ -630,7 +636,18 @@ class FreshRSS_Feed extends Minz_Model { $doc = new DOMDocument(); $doc->recover = true; $doc->strictErrorChecking = false; - $doc->loadHTML($html, LIBXML_NONET | LIBXML_NOERROR | LIBXML_NOWARNING); + + switch ($this->kind()) { + case FreshRSS_Feed::KIND_HTML_XPATH: + $doc->loadHTML($html, LIBXML_NONET | LIBXML_NOERROR | LIBXML_NOWARNING); + break; + case FreshRSS_Feed::KIND_XML_XPATH: + $doc->loadXML($html, LIBXML_NONET | LIBXML_NOERROR | LIBXML_NOWARNING); + break; + default: + return null; + } + $xpath = new DOMXPath($doc); $view->rss_title = $xPathFeedTitle == '' ? $this->name() : htmlspecialchars(@$xpath->evaluate('normalize-space(' . $xPathFeedTitle . ')'), ENT_COMPAT, 'UTF-8'); @@ -776,8 +793,10 @@ class FreshRSS_Feed extends Minz_Model { public static function cacheFilename(string $url, array $attributes, int $kind = FreshRSS_Feed::KIND_RSS): string { $simplePie = customSimplePie($attributes); $filename = $simplePie->get_cache_filename($url); - if ($kind == FreshRSS_Feed::KIND_HTML_XPATH) { + if ($kind === FreshRSS_Feed::KIND_HTML_XPATH) { return CACHE_PATH . '/' . $filename . '.html'; + } elseif ($kind === FreshRSS_Feed::KIND_XML_XPATH) { + return CACHE_PATH . '/' . $filename . '.xml'; } else { return CACHE_PATH . '/' . $filename . '.spc'; } diff --git a/app/Services/ExportService.php b/app/Services/ExportService.php index 2f35666a8..6b0a3f178 100644 --- a/app/Services/ExportService.php +++ b/app/Services/ExportService.php @@ -21,6 +21,7 @@ class FreshRSS_Export_Service { const FRSS_NAMESPACE = 'https://freshrss.org/opml'; const TYPE_HTML_XPATH = 'HTML+XPath'; + const TYPE_XML_XPATH = 'XML+XPath'; const TYPE_RSS_ATOM = 'rss'; /** diff --git a/app/Services/ImportService.php b/app/Services/ImportService.php index 68aa6f741..55aa28679 100644 --- a/app/Services/ImportService.php +++ b/app/Services/ImportService.php @@ -160,10 +160,13 @@ class FreshRSS_Import_Service { $feed->_website($website); $feed->_description($description); - switch ($feed_elt['type'] ?? '') { + switch (strtolower($feed_elt['type'] ?? '')) { case strtolower(FreshRSS_Export_Service::TYPE_HTML_XPATH): $feed->_kind(FreshRSS_Feed::KIND_HTML_XPATH); break; + case strtolower(FreshRSS_Export_Service::TYPE_XML_XPATH): + $feed->_kind(FreshRSS_Feed::KIND_XML_XPATH); + break; case strtolower(FreshRSS_Export_Service::TYPE_RSS_ATOM): default: $feed->_kind(FreshRSS_Feed::KIND_RSS); diff --git a/app/i18n/cz/sub.php b/app/i18n/cz/sub.php index a11a9359d..3d08c315b 100644 --- a/app/i18n/cz/sub.php +++ b/app/i18n/cz/sub.php @@ -122,6 +122,7 @@ return array( 'xpath' => 'XPath pro:', ), 'rss' => 'RSS / Atom (výchozí)', + 'xml_xpath' => 'XML + XPath', // TODO ), 'maintenance' => array( 'clear_cache' => 'Vymazat mezipaměť', diff --git a/app/i18n/de/sub.php b/app/i18n/de/sub.php index 580f7d348..b265c1b98 100644 --- a/app/i18n/de/sub.php +++ b/app/i18n/de/sub.php @@ -122,6 +122,7 @@ return array( 'xpath' => 'XPath für:', ), 'rss' => 'RSS / Atom (Standard)', + 'xml_xpath' => 'XML + XPath', // TODO ), 'maintenance' => array( 'clear_cache' => 'Zwischenspeicher leeren', diff --git a/app/i18n/el/sub.php b/app/i18n/el/sub.php index 424fafc7b..aae9ae412 100644 --- a/app/i18n/el/sub.php +++ b/app/i18n/el/sub.php @@ -122,6 +122,7 @@ return array( 'xpath' => 'XPath for:', // TODO ), 'rss' => 'RSS / Atom (default)', // TODO + 'xml_xpath' => 'XML + XPath', // TODO ), 'maintenance' => array( 'clear_cache' => 'Clear cache', // TODO diff --git a/app/i18n/en-us/sub.php b/app/i18n/en-us/sub.php index a6b311084..92d75b81e 100644 --- a/app/i18n/en-us/sub.php +++ b/app/i18n/en-us/sub.php @@ -122,6 +122,7 @@ return array( 'xpath' => 'XPath for:', // IGNORE ), 'rss' => 'RSS / Atom (default)', // IGNORE + 'xml_xpath' => 'XML + XPath', // IGNORE ), 'maintenance' => array( 'clear_cache' => 'Clear cache', // IGNORE diff --git a/app/i18n/en/sub.php b/app/i18n/en/sub.php index c7e100c25..04caaff05 100644 --- a/app/i18n/en/sub.php +++ b/app/i18n/en/sub.php @@ -122,6 +122,7 @@ return array( 'xpath' => 'XPath for:', ), 'rss' => 'RSS / Atom (default)', + 'xml_xpath' => 'XML + XPath', // TODO ), 'maintenance' => array( 'clear_cache' => 'Clear cache', diff --git a/app/i18n/es/sub.php b/app/i18n/es/sub.php index 52d681067..4fd2fa393 100644 --- a/app/i18n/es/sub.php +++ b/app/i18n/es/sub.php @@ -122,6 +122,7 @@ return array( 'xpath' => 'XPath para:', ), 'rss' => 'RSS / Atom (por defecto)', + 'xml_xpath' => 'XML + XPath', // TODO ), 'maintenance' => array( 'clear_cache' => 'Borrar caché', diff --git a/app/i18n/fr/sub.php b/app/i18n/fr/sub.php index f9df0dbcc..be6dc094d 100644 --- a/app/i18n/fr/sub.php +++ b/app/i18n/fr/sub.php @@ -122,6 +122,7 @@ return array( 'xpath' => 'XPath pour :', ), 'rss' => 'RSS / Atom (par défaut)', + 'xml_xpath' => 'XML + XPath', // IGNORE ), 'maintenance' => array( 'clear_cache' => 'Vider le cache', diff --git a/app/i18n/he/sub.php b/app/i18n/he/sub.php index 25552ffa1..bae5f5177 100644 --- a/app/i18n/he/sub.php +++ b/app/i18n/he/sub.php @@ -122,6 +122,7 @@ return array( 'xpath' => 'XPath for:', // TODO ), 'rss' => 'RSS / Atom (default)', // TODO + 'xml_xpath' => 'XML + XPath', // TODO ), 'maintenance' => array( 'clear_cache' => 'Clear cache', // TODO diff --git a/app/i18n/id/sub.php b/app/i18n/id/sub.php index 7fdf5c024..3f9a4916a 100644 --- a/app/i18n/id/sub.php +++ b/app/i18n/id/sub.php @@ -122,6 +122,7 @@ return array( 'xpath' => 'XPath for:', // TODO ), 'rss' => 'RSS / Atom (default)', // TODO + 'xml_xpath' => 'XML + XPath', // TODO ), 'maintenance' => array( 'clear_cache' => 'Clear cache', // TODO diff --git a/app/i18n/it/sub.php b/app/i18n/it/sub.php index 8614caca7..7ab83cf07 100644 --- a/app/i18n/it/sub.php +++ b/app/i18n/it/sub.php @@ -122,6 +122,7 @@ return array( 'xpath' => 'XPath per:', ), 'rss' => 'RSS / Atom (predefinito)', + 'xml_xpath' => 'XML + XPath', // TODO ), 'maintenance' => array( 'clear_cache' => 'Svuota cache', diff --git a/app/i18n/ja/sub.php b/app/i18n/ja/sub.php index 80548c025..2425b21f3 100644 --- a/app/i18n/ja/sub.php +++ b/app/i18n/ja/sub.php @@ -122,6 +122,7 @@ return array( 'xpath' => 'XPathは:', ), 'rss' => 'RSS / Atom (標準)', + 'xml_xpath' => 'XML + XPath', // TODO ), 'maintenance' => array( 'clear_cache' => 'キャッシュのクリア', diff --git a/app/i18n/ko/sub.php b/app/i18n/ko/sub.php index e0ef5990b..f376247d5 100644 --- a/app/i18n/ko/sub.php +++ b/app/i18n/ko/sub.php @@ -122,6 +122,7 @@ return array( 'xpath' => '다음의 XPath:', ), 'rss' => 'RSS / Atom (기본값)', + 'xml_xpath' => 'XML + XPath', // TODO ), 'maintenance' => array( 'clear_cache' => '캐쉬 지우기', diff --git a/app/i18n/nl/sub.php b/app/i18n/nl/sub.php index 0fa767171..631da9477 100644 --- a/app/i18n/nl/sub.php +++ b/app/i18n/nl/sub.php @@ -122,6 +122,7 @@ return array( 'xpath' => 'XPath voor:', ), 'rss' => 'RSS / Atom (standaard)', + 'xml_xpath' => 'XML + XPath', // TODO ), 'maintenance' => array( 'clear_cache' => 'Cache leegmaken', diff --git a/app/i18n/oc/sub.php b/app/i18n/oc/sub.php index 92a73057c..008b4964d 100644 --- a/app/i18n/oc/sub.php +++ b/app/i18n/oc/sub.php @@ -122,6 +122,7 @@ return array( 'xpath' => 'XPath per :', ), 'rss' => 'RSS / Atom (defaut)', + 'xml_xpath' => 'XML + XPath', // TODO ), 'maintenance' => array( 'clear_cache' => 'Escafar lo cache', diff --git a/app/i18n/pl/sub.php b/app/i18n/pl/sub.php index b6121fcb7..565401982 100644 --- a/app/i18n/pl/sub.php +++ b/app/i18n/pl/sub.php @@ -122,6 +122,7 @@ return array( 'xpath' => 'XPath dla:', ), 'rss' => 'RSS / Atom (domyślne)', + 'xml_xpath' => 'XML + XPath', // TODO ), 'maintenance' => array( 'clear_cache' => 'Wyczyść pamięć podręczną', diff --git a/app/i18n/pt-br/sub.php b/app/i18n/pt-br/sub.php index c9755755e..4cdee8681 100644 --- a/app/i18n/pt-br/sub.php +++ b/app/i18n/pt-br/sub.php @@ -122,6 +122,7 @@ return array( 'xpath' => 'XPath para:', ), 'rss' => 'RSS / Atom (padrão)', + 'xml_xpath' => 'XML + XPath', // TODO ), 'maintenance' => array( 'clear_cache' => 'Limpar o cache', diff --git a/app/i18n/ru/sub.php b/app/i18n/ru/sub.php index 5704b53b1..d13c4c4f0 100644 --- a/app/i18n/ru/sub.php +++ b/app/i18n/ru/sub.php @@ -122,6 +122,7 @@ return array( 'xpath' => 'XPath для:', ), 'rss' => 'RSS / Atom (по умолчанию)', + 'xml_xpath' => 'XML + XPath', // TODO ), 'maintenance' => array( 'clear_cache' => 'Очистить кэш', diff --git a/app/i18n/sk/sub.php b/app/i18n/sk/sub.php index f583f6ca0..3c980d202 100644 --- a/app/i18n/sk/sub.php +++ b/app/i18n/sk/sub.php @@ -122,6 +122,7 @@ return array( 'xpath' => 'XPath pre:', ), 'rss' => 'RSS / Atom (prednastavené)', + 'xml_xpath' => 'XML + XPath', // TODO ), 'maintenance' => array( 'clear_cache' => 'Vymazať vyrovnáciu pamäť', diff --git a/app/i18n/tr/sub.php b/app/i18n/tr/sub.php index 056c059ac..3e03f667c 100644 --- a/app/i18n/tr/sub.php +++ b/app/i18n/tr/sub.php @@ -122,6 +122,7 @@ return array( 'xpath' => 'XPath:', ), 'rss' => 'RSS / Atom (varsayılan)', + 'xml_xpath' => 'XML + XPath', // TODO ), 'maintenance' => array( 'clear_cache' => 'Önbelleği temizle', diff --git a/app/i18n/zh-cn/sub.php b/app/i18n/zh-cn/sub.php index 2f9d17ace..5e6e570a9 100644 --- a/app/i18n/zh-cn/sub.php +++ b/app/i18n/zh-cn/sub.php @@ -122,6 +122,7 @@ return array( 'xpath' => 'XPath 定位:', ), 'rss' => 'RSS / Atom (默认)', + 'xml_xpath' => 'XML + XPath', // TODO ), 'maintenance' => array( 'clear_cache' => '清理缓存', diff --git a/app/i18n/zh-tw/sub.php b/app/i18n/zh-tw/sub.php index dddcb2661..8a255645d 100644 --- a/app/i18n/zh-tw/sub.php +++ b/app/i18n/zh-tw/sub.php @@ -122,6 +122,7 @@ return array( 'xpath' => 'XPath 定位:', ), 'rss' => 'RSS / Atom (默認)', + 'xml_xpath' => 'XML + XPath', // TODO ), 'maintenance' => array( 'clear_cache' => '清理暫存', diff --git a/app/views/helpers/export/opml.phtml b/app/views/helpers/export/opml.phtml index eb6f7523b..64c83c960 100644 --- a/app/views/helpers/export/opml.phtml +++ b/app/views/helpers/export/opml.phtml @@ -18,8 +18,15 @@ function feedsToOutlines($feeds, $excludeMutedFeeds = false): array { 'description' => htmlspecialchars_decode($feed->description(), ENT_QUOTES), ]; - if ($feed->kind() === FreshRSS_Feed::KIND_HTML_XPATH) { - $outline['type'] = FreshRSS_Export_Service::TYPE_HTML_XPATH; + if ($feed->kind() === FreshRSS_Feed::KIND_HTML_XPATH || $feed->kind() === FreshRSS_Feed::KIND_XML_XPATH) { + switch ($feed->kind()) { + case FreshRSS_Feed::KIND_HTML_XPATH: + $outline['type'] = FreshRSS_Export_Service::TYPE_HTML_XPATH; + break; + case FreshRSS_Feed::KIND_XML_XPATH: + $outline['type'] = FreshRSS_Export_Service::TYPE_XML_XPATH; + break; + } /** @var array */ $xPathSettings = $feed->attributes('xpath'); $outline['frss:xPathItem'] = $xPathSettings['item'] ?? null; diff --git a/app/views/helpers/feed/update.phtml b/app/views/helpers/feed/update.phtml index 5b958451d..0cd2ec0c3 100644 --- a/app/views/helpers/feed/update.phtml +++ b/app/views/helpers/feed/update.phtml @@ -391,8 +391,9 @@
diff --git a/app/views/subscription/add.phtml b/app/views/subscription/add.phtml index 7fa59e751..4e9da877f 100644 --- a/app/views/subscription/add.phtml +++ b/app/views/subscription/add.phtml @@ -70,6 +70,7 @@ diff --git a/docs/en/developers/OPML.md b/docs/en/developers/OPML.md index 2190a1de3..f65fd2faa 100644 --- a/docs/en/developers/OPML.md +++ b/docs/en/developers/OPML.md @@ -17,12 +17,14 @@ FreshRSS uses the XML namespace to export/import ext The list of the custom FreshRSS attributes can be seen in [the source code](https://github.com/FreshRSS/FreshRSS/blob/edge/app/views/helpers/export/opml.phtml), and here is an overview: -### HTML+XPath +### HTML+XPath or XML+XPath * ` ℹ️ [XPath 1.0](https://en.wikipedia.org/wiki/XPath) is a standard query language, which FreshRSS supports to enable [Web scraping](https://en.wikipedia.org/wiki/Web_scraping). +* ` $attributes */ function httpGet(string $url, string $cachePath, string $type = 'html', array $attributes = []): string { @@ -439,9 +443,15 @@ function httpGet(string $url, string $cachePath, string $type = 'html', array $a $accept = '*/*;q=0.8'; switch ($type) { + case 'json': + $accept = 'application/json,application/javascript;q=0.9,text/javascript;q=0.8,*/*;q=0.7'; + break; case 'opml': $accept = 'text/x-opml,text/xml;q=0.9,application/xml;q=0.9,*/*;q=0.8'; break; + case 'xml': + $accept = 'application/xml,application/xhtml+xml,text/xml;q=0.9,*/*;q=0.8'; + break; case 'html': default: $accept = 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8'; diff --git a/p/scripts/feed.js b/p/scripts/feed.js index 1a6833db6..29af2a3ea 100644 --- a/p/scripts/feed.js +++ b/p/scripts/feed.js @@ -88,10 +88,17 @@ function init_disable_elements_on_update(parent) { function init_select_show(parent) { const listener = (select) => { const options = select.querySelectorAll('option[data-show]'); + const shows = {}; // To allow multiple options to show the same element for (const option of options) { - const elem = document.getElementById(option.dataset.show); + if (!shows[option.dataset.show]) { + shows[option.dataset.show] = option.selected; + } + } + + for (const show in shows) { + const elem = document.getElementById(show); if (elem) { - elem.style.display = option.selected ? 'block' : 'none'; + elem.style.display = shows[show] ? 'block' : 'none'; } } }; -- cgit v1.2.3