From d91a92434f516a9e25bf0dca608a0221094d0489 Mon Sep 17 00:00:00 2001 From: Marien Fressinaud Date: Sun, 18 Jan 2015 11:47:16 +0100 Subject: Fix Minz_Error and error_Controller - Error code and logs was not propagated from Minz_Error to the controller - header was bad (200 instead of 404 or 403) Related to https://github.com/FreshRSS/FreshRSS/issues/751 --- lib/Minz/Error.php | 39 +++++---------------------------------- 1 file changed, 5 insertions(+), 34 deletions(-) (limited to 'lib') diff --git a/lib/Minz/Error.php b/lib/Minz/Error.php index 3eadc6d98..3e4a3e8f3 100644 --- a/lib/Minz/Error.php +++ b/lib/Minz/Error.php @@ -23,42 +23,13 @@ class Minz_Error { $logs = self::processLogs ($logs); $error_filename = APP_PATH . '/Controllers/errorController.php'; - switch ($code) { - case 200 : - header('HTTP/1.1 200 OK'); - break; - case 403 : - header('HTTP/1.1 403 Forbidden'); - break; - case 404 : - header('HTTP/1.1 404 Not Found'); - break; - case 500 : - header('HTTP/1.1 500 Internal Server Error'); - break; - case 503 : - header('HTTP/1.1 503 Service Unavailable'); - break; - default : - header('HTTP/1.1 500 Internal Server Error'); - } - if (file_exists ($error_filename)) { - $params = array ( - 'code' => $code, - 'logs' => $logs - ); + Minz_Session::_param('error_code', $code); + Minz_Session::_param('error_logs', $logs); - if ($redirect) { - Minz_Request::forward (array ( - 'c' => 'error' - ), true); - } else { - Minz_Request::forward (array ( - 'c' => 'error', - 'params' => $params - ), false); - } + Minz_Request::forward (array ( + 'c' => 'error' + ), $redirect); } else { echo '

An error occured

' . "\n"; -- cgit v1.2.3 From d30b3becfa50b96982a3b4880c07cc2b770d7eed Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Mon, 19 Jan 2015 13:54:57 +0100 Subject: Addressed warnings when reading from new files There were warnings when reading extensions (trying to use e.g. README and .gitignore as directories), and when reading update file. https://github.com/FreshRSS/FreshRSS/issues/733 --- app/Controllers/updateController.php | 5 ++++- lib/Minz/ExtensionManager.php | 3 +++ 2 files changed, 7 insertions(+), 1 deletion(-) (limited to 'lib') diff --git a/app/Controllers/updateController.php b/app/Controllers/updateController.php index 61b62773b..4797a3486 100644 --- a/app/Controllers/updateController.php +++ b/app/Controllers/updateController.php @@ -28,7 +28,10 @@ class FreshRSS_update_Controller extends Minz_ActionController { ); } elseif (file_exists(UPDATE_FILENAME)) { // There is an update file to apply! - $version = file_get_contents(join_path(DATA_PATH, 'last_update.txt')); + $version = @file_get_contents(join_path(DATA_PATH, 'last_update.txt')); + if (empty($version)) { + $version = 'unknown'; + } $this->view->update_to_apply = true; $this->view->message = array( 'status' => 'good', diff --git a/lib/Minz/ExtensionManager.php b/lib/Minz/ExtensionManager.php index 7edc7afaa..f00453f6c 100644 --- a/lib/Minz/ExtensionManager.php +++ b/lib/Minz/ExtensionManager.php @@ -56,6 +56,9 @@ class Minz_ExtensionManager { foreach ($list_potential_extensions as $ext_dir) { $ext_pathname = EXTENSIONS_PATH . '/' . $ext_dir; + if (!is_dir($ext_pathname)) { + continue; + } $metadata_filename = $ext_pathname . '/' . self::$ext_metaname; // Try to load metadata file. -- cgit v1.2.3 From 12081f7ba2089c8046dacac23ebe44ea843d7ef1 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Tue, 20 Jan 2015 23:29:04 +0100 Subject: Quick fix cron actualization due to problematic FreshRSS constructor/init https://github.com/FreshRSS/FreshRSS/issues/759 Suggestion: the static objects should be user-independent (or at least with the possibility to be re-set), while the FreshRSS object and its attributes should be user-dependent. --- app/actualize_script.php | 3 ++- lib/Minz/Configuration.php | 7 ------- 2 files changed, 2 insertions(+), 8 deletions(-) (limited to 'lib') diff --git a/app/actualize_script.php b/app/actualize_script.php index c7959be82..bae40aa56 100755 --- a/app/actualize_script.php +++ b/app/actualize_script.php @@ -22,7 +22,6 @@ $_SERVER['HTTP_HOST'] = ''; $app = new FreshRSS(); -$app->init(); $system_conf = Minz_Configuration::get('system'); $system_conf->auth_type = 'none'; // avoid necessity to be logged in (not saved!) @@ -56,7 +55,9 @@ foreach ($users as $user) { Minz_Session::_param('currentUser', $user); + new Minz_ModelPdo($user); //TODO: FIXME: Quick-fix while waiting for a better FreshRSS() constructor/init FreshRSS_Auth::giveAccess(); + $app->init(); $app->run(); diff --git a/lib/Minz/Configuration.php b/lib/Minz/Configuration.php index fe415e22b..ab5bb4fc2 100644 --- a/lib/Minz/Configuration.php +++ b/lib/Minz/Configuration.php @@ -16,16 +16,9 @@ class Minz_Configuration { * @param $config_filename the filename of the configuration * @param $default_filename a filename containing default values for the configuration * @param $configuration_setter an optional helper to set values in configuration - * @throws Minz_ConfigurationNamespaceException if the namespace already exists. */ public static function register($namespace, $config_filename, $default_filename = null, $configuration_setter = null) { - if (isset(self::$config_list[$namespace])) { - throw new Minz_ConfigurationNamespaceException( - $namespace . ' namespace already exists' - ); - } - self::$config_list[$namespace] = new Minz_Configuration( $namespace, $config_filename, $default_filename, $configuration_setter ); -- cgit v1.2.3 From 211569ef85f50891035e3e2645ec0c87badec1e1 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Wed, 21 Jan 2015 00:44:26 +0100 Subject: Minz: missing URL key/param encoding Caused searches such as "intitle:&" to fail after paging, and possible XSS vulnerabilities. Discovered during https://github.com/FreshRSS/FreshRSS/issues/754 --- app/layout/header.phtml | 3 +-- app/layout/nav_menu.phtml | 3 +-- lib/Minz/Url.php | 34 +++++++++++++++++----------------- 3 files changed, 19 insertions(+), 21 deletions(-) (limited to 'lib') diff --git a/app/layout/header.phtml b/app/layout/header.phtml index 2b968252b..41a63a565 100644 --- a/app/layout/header.phtml +++ b/app/layout/header.phtml @@ -25,8 +25,7 @@ if (FreshRSS_Auth::accessNeedsAction()) { allow_anonymous) { ?>
- - + diff --git a/app/layout/nav_menu.phtml b/app/layout/nav_menu.phtml index d35a0b5fb..3a755b560 100644 --- a/app/layout/nav_menu.phtml +++ b/app/layout/nav_menu.phtml @@ -156,8 +156,7 @@
- - + diff --git a/lib/Minz/Url.php b/lib/Minz/Url.php index e9f9a69ba..af555a277 100644 --- a/lib/Minz/Url.php +++ b/lib/Minz/Url.php @@ -45,45 +45,45 @@ class Minz_Url { return $url_string; } - + /** * Construit l'URI d'une URL * @param l'url sous forme de tableau * @param $encodage pour indiquer comment encoder les & (& ou & pour html) * @return l'uri sous la forme ?key=value&key2=value2 */ - private static function printUri ($url, $encodage) { + private static function printUri($url, $encodage) { $uri = ''; $separator = '?'; - - if($encodage == 'html') { + + if ($encodage === 'html') { $and = '&'; } else { $and = '&'; } - - if (isset ($url['c']) - && $url['c'] != Minz_Request::defaultControllerName ()) { + + if (isset($url['c']) + && $url['c'] != Minz_Request::defaultControllerName()) { $uri .= $separator . 'c=' . $url['c']; $separator = $and; } - - if (isset ($url['a']) - && $url['a'] != Minz_Request::defaultActionName ()) { + + if (isset($url['a']) + && $url['a'] != Minz_Request::defaultActionName()) { $uri .= $separator . 'a=' . $url['a']; $separator = $and; } - - if (isset ($url['params'])) { + + if (isset($url['params'])) { foreach ($url['params'] as $key => $param) { - $uri .= $separator . $key . '=' . $param; + $uri .= $separator . urlencode($key) . '=' . urlencode($param); $separator = $and; } } - + return $uri; } - + /** * Vérifie que les éléments du tableau représentant une url soit ok * @param l'url sous forme de tableau (sinon renverra directement $url) @@ -91,7 +91,7 @@ class Minz_Url { */ public static function checkUrl ($url) { $url_checked = $url; - + if (is_array ($url)) { if (!isset ($url['c'])) { $url_checked['c'] = Minz_Request::defaultControllerName (); @@ -103,7 +103,7 @@ class Minz_Url { $url_checked['params'] = array (); } } - + return $url_checked; } } -- cgit v1.2.3 From c741fba06c6d866c86306445d625a791249ad3fc Mon Sep 17 00:00:00 2001 From: Marien Fressinaud Date: Wed, 21 Jan 2015 10:50:53 +0100 Subject: Update lib_opml.php - lib_opml was not in its newest version - FRSS supports OPML file without text attributes Fix https://github.com/FreshRSS/FreshRSS/issues/758 --- app/Controllers/importExportController.php | 2 +- lib/lib_opml.php | 128 +++++++++++++++++++++++------ 2 files changed, 103 insertions(+), 27 deletions(-) (limited to 'lib') diff --git a/app/Controllers/importExportController.php b/app/Controllers/importExportController.php index db9db66a7..589777b2a 100644 --- a/app/Controllers/importExportController.php +++ b/app/Controllers/importExportController.php @@ -151,7 +151,7 @@ class FreshRSS_importExport_Controller extends Minz_ActionController { private function importOpml($opml_file) { $opml_array = array(); try { - $opml_array = libopml_parse_string($opml_file); + $opml_array = libopml_parse_string($opml_file, false); } catch (LibOPML_Exception $e) { Minz_Log::warning($e->getMessage()); return true; diff --git a/lib/lib_opml.php b/lib/lib_opml.php index f320335bb..02ae5f55c 100644 --- a/lib/lib_opml.php +++ b/lib/lib_opml.php @@ -1,11 +1,19 @@ + * @link https://github.com/marienfressinaud/lib_opml + * @version 0.2 + * @license public domain * * Usages: * > include('lib_opml.php'); @@ -23,21 +31,44 @@ * > echo $opml_string; * > print_r($opml_object); * + * You can set $strict argument to false if you want to bypass "text" attribute + * requirement. + * * If parsing fails for any reason (e.g. not an XML string, does not match with * the specifications), a LibOPML_Exception is raised. * - * Author: Marien Fressinaud - * Url: https://github.com/marienfressinaud/lib_opml - * Version: 0.1 - * Date: 2014-03-29 - * License: public domain + * lib_opml array format is described here: + * $array = array( + * 'head' => array( // 'head' element is optional (but recommended) + * 'key' => 'value', // key must be a part of available OPML head elements + * ), + * 'body' => array( // body is required + * array( // this array represents an outline (at least one) + * 'text' => 'value', // 'text' element is required if $strict is true + * 'key' => 'value', // key and value are what you want (optional) + * '@outlines' = array( // @outlines is a special value and represents sub-outlines + * array( + * [...] // where [...] is a valid outline definition + * ), + * ), + * ), + * array( // other outline definitions + * [...] + * ), + * [...], + * ) + * ) * - * */ + */ +/** + * A simple Exception class which represents any kind of OPML problem. + * Message should precise the current problem. + */ class LibOPML_Exception extends Exception {} -// These elements are optional +// Define the list of available head attributes. All of them are optional. define('HEAD_ELEMENTS', serialize(array( 'title', 'dateCreated', 'dateModified', 'ownerName', 'ownerEmail', 'ownerId', 'docs', 'expansionState', 'vertScrollState', 'windowTop', @@ -45,7 +76,16 @@ define('HEAD_ELEMENTS', serialize(array( ))); -function libopml_parse_outline($outline_xml) { +/** + * Parse an XML object as an outline object and return corresponding array + * + * @param SimpleXMLElement $outline_xml the XML object we want to parse + * @param bool $strict true if "text" attribute is required, false else + * @return array corresponding to an outline and following format described above + * @throws LibOPML_Exception + * @access private + */ +function libopml_parse_outline($outline_xml, $strict = true) { $outline = array(); // An outline may contain any kind of attributes but "text" attribute is @@ -59,7 +99,7 @@ function libopml_parse_outline($outline_xml) { } } - if (!$text_is_present) { + if (!$text_is_present && $strict) { throw new LibOPML_Exception( 'Outline does not contain any text attribute' ); @@ -68,7 +108,7 @@ function libopml_parse_outline($outline_xml) { foreach ($outline_xml->children() as $key => $value) { // An outline may contain any number of outline children if ($key === 'outline') { - $outline['@outlines'][] = libopml_parse_outline($value); + $outline['@outlines'][] = libopml_parse_outline($value, $strict); } else { throw new LibOPML_Exception( 'Body can contain only outline elements' @@ -80,7 +120,16 @@ function libopml_parse_outline($outline_xml) { } -function libopml_parse_string($xml) { +/** + * Parse a string as a XML one and returns the corresponding array + * + * @param string $xml is the string we want to parse + * @param bool $strict true if "text" attribute is required, false else + * @return array corresponding to the XML string and following format described above + * @throws LibOPML_Exception + * @access public + */ +function libopml_parse_string($xml, $strict = true) { $dom = new DOMDocument(); $dom->recover = true; $dom->strictErrorChecking = false; @@ -101,7 +150,6 @@ function libopml_parse_string($xml) { // First, we get all "head" elements. Head is required but its sub-elements // are optional. - // TODO: test head exists! foreach ($opml->head->children() as $key => $value) { if (in_array($key, unserialize(HEAD_ELEMENTS), true)) { $array['head'][$key] = (string)$value; @@ -115,11 +163,10 @@ function libopml_parse_string($xml) { // Then, we get body oulines. Body must contain at least one outline // element. $at_least_one_outline = false; - // TODO: test body exists! foreach ($opml->body->children() as $key => $value) { if ($key === 'outline') { $at_least_one_outline = true; - $array['body'][] = libopml_parse_outline($value); + $array['body'][] = libopml_parse_outline($value, $strict); } else { throw new LibOPML_Exception( 'Body can contain only outline elements' @@ -137,7 +184,16 @@ function libopml_parse_string($xml) { } -function libopml_parse_file($filename) { +/** + * Parse a string contained into a file as a XML string and returns the corresponding array + * + * @param string $filename should indicates a valid XML file + * @param bool $strict true if "text" attribute is required, false else + * @return array corresponding to the file content and following format described above + * @throws LibOPML_Exception + * @access public + */ +function libopml_parse_file($filename, $strict = true) { $file_content = file_get_contents($filename); if ($file_content === false) { @@ -146,11 +202,20 @@ function libopml_parse_file($filename) { ); } - return libopml_parse_string($file_content); + return libopml_parse_string($file_content, $strict); } -function libopml_render_outline($parent_elt, $outline) { +/** + * Create a XML outline object in a parent object. + * + * @param SimpleXMLElement $parent_elt is the parent object of current outline + * @param array $outline array representing an outline object + * @param bool $strict true if "text" attribute is required, false else + * @throws LibOPML_Exception + * @access private + */ +function libopml_render_outline($parent_elt, $outline, $strict) { // Outline MUST be an array! if (!is_array($outline)) { throw new LibOPML_Exception( @@ -165,7 +230,7 @@ function libopml_render_outline($parent_elt, $outline) { // outline elements. if ($key === '@outlines' && is_array($value)) { foreach ($value as $outline_child) { - libopml_render_outline($outline_elt, $outline_child); + libopml_render_outline($outline_elt, $outline_child, $strict); } } elseif (is_array($value)) { throw new LibOPML_Exception( @@ -181,7 +246,7 @@ function libopml_render_outline($parent_elt, $outline) { } } - if (!$text_is_present) { + if (!$text_is_present && $strict) { throw new LibOPML_Exception( 'You must define at least a text element for all outlines' ); @@ -189,8 +254,19 @@ function libopml_render_outline($parent_elt, $outline) { } -function libopml_render($array, $as_xml_object = false) { - $opml = new SimpleXMLElement(''); +/** + * Render an array as an OPML string or a XML object. + * + * @param array $array is the array we want to render and must follow structure defined above + * @param bool $as_xml_object false if function must return a string, true for a XML object + * @param bool $strict true if "text" attribute is required, false else + * @return string|SimpleXMLElement XML string corresponding to $array or XML object + * @throws LibOPML_Exception + * @access public + */ +function libopml_render($array, $as_xml_object = false, $strict = true) { + $opml = new SimpleXMLElement(''); + $opml->addAttribute('version', $strict ? '2.0' : '1.0'); // Create head element. $array['head'] is optional but head element will // exist in the final XML object. @@ -218,7 +294,7 @@ function libopml_render($array, $as_xml_object = false) { // Create outline elements $body = $opml->addChild('body'); foreach ($array['body'] as $outline) { - libopml_render_outline($body, $outline); + libopml_render_outline($body, $outline, $strict); } // And return the final result -- cgit v1.2.3 From eec95ffb6a414f00f0ddd6cb1f81ac7ee55d4f6b Mon Sep 17 00:00:00 2001 From: Marien Fressinaud Date: Wed, 21 Jan 2015 15:43:25 +0100 Subject: Fix bug related to cookie path Fix https://github.com/FreshRSS/FreshRSS/issues/700 --- lib/Minz/Session.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/Minz/Session.php b/lib/Minz/Session.php index cfe8debe9..4c0c37e54 100644 --- a/lib/Minz/Session.php +++ b/lib/Minz/Session.php @@ -65,7 +65,9 @@ class Minz_Session { * @param $l la durée de vie */ public static function keepCookie($l) { - $cookie_dir = empty($_SERVER['REQUEST_URI']) ? '' : $_SERVER['REQUEST_URI']; + // Get the script_name (e.g. /p/i/index.php) and remove index.php + $cookie_dir = empty($_SERVER['SCRIPT_NAME']) ? '' : $_SERVER['SCRIPT_NAME']; + $cookie_dir = substr($cookie_dir, 0, -strlen(basename($cookie_dir))); session_set_cookie_params($l, $cookie_dir, '', false, true); } -- cgit v1.2.3 From 22d7e0d638b91063741fe82fe77822b1d7d5be1d Mon Sep 17 00:00:00 2001 From: Marien Fressinaud Date: Wed, 21 Jan 2015 16:28:29 +0100 Subject: Simplify code for cookie dir See https://github.com/FreshRSS/FreshRSS/issues/700 See https://github.com/FreshRSS/FreshRSS/commit/eec95ffb6a414f00f0ddd6cb1f81ac7ee55d4f6b --- lib/Minz/Session.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'lib') diff --git a/lib/Minz/Session.php b/lib/Minz/Session.php index 4c0c37e54..058685ada 100644 --- a/lib/Minz/Session.php +++ b/lib/Minz/Session.php @@ -65,9 +65,9 @@ class Minz_Session { * @param $l la durée de vie */ public static function keepCookie($l) { - // Get the script_name (e.g. /p/i/index.php) and remove index.php + // Get the script_name (e.g. /p/i/index.php) and keep only the path. $cookie_dir = empty($_SERVER['SCRIPT_NAME']) ? '' : $_SERVER['SCRIPT_NAME']; - $cookie_dir = substr($cookie_dir, 0, -strlen(basename($cookie_dir))); + $cookie_dir = dirname($cookie_dir); session_set_cookie_params($l, $cookie_dir, '', false, true); } -- cgit v1.2.3 From 59ea9f2a3b131432236745483e20cb50338110df Mon Sep 17 00:00:00 2001 From: Marien Fressinaud Date: Thu, 29 Jan 2015 10:14:45 +0100 Subject: Remove calls to syslog() Temporary fix: - Change syslog by Minz_Log::notice in most of the files - Logs are stored in USERS_PATH/_/log.txt for actualize_script.php - Simply comment syslog in SimplePie See https://github.com/FreshRSS/FreshRSS/issues/711 --- app/Models/Feed.php | 4 ++-- app/actualize_script.php | 12 ++++++++---- lib/SimplePie/SimplePie.php | 4 ++-- lib/SimplePie/SimplePie/File.php | 2 +- lib/lib_rss.php | 2 +- 5 files changed, 14 insertions(+), 10 deletions(-) (limited to 'lib') diff --git a/app/Models/Feed.php b/app/Models/Feed.php index 86cbb783e..74869bf11 100644 --- a/app/Models/Feed.php +++ b/app/Models/Feed.php @@ -249,10 +249,10 @@ class FreshRSS_Feed extends Minz_Model { } if (($mtime === true) ||($mtime > $this->lastUpdate)) { - syslog(LOG_DEBUG, 'FreshRSS no cache ' . $mtime . ' > ' . $this->lastUpdate . ' for ' . $subscribe_url); + Minz_Log::notice('FreshRSS no cache ' . $mtime . ' > ' . $this->lastUpdate . ' for ' . $subscribe_url); $this->loadEntries($feed); // et on charge les articles du flux } else { - syslog(LOG_DEBUG, 'FreshRSS use cache for ' . $subscribe_url); + Minz_Log::notice('FreshRSS use cache for ' . $subscribe_url); $this->entries = array(); } diff --git a/app/actualize_script.php b/app/actualize_script.php index bae40aa56..fc4f9bfbb 100755 --- a/app/actualize_script.php +++ b/app/actualize_script.php @@ -21,6 +21,9 @@ $_GET['force'] = true; $_SERVER['HTTP_HOST'] = ''; +$log_file = join_path(USERS_PATH, '_', 'log.txt'); + + $app = new FreshRSS(); $system_conf = Minz_Configuration::get('system'); @@ -41,13 +44,13 @@ $min_last_activity = time() - $limits['max_inactivity']; foreach ($users as $user) { if (($user !== $system_conf->default_user) && (FreshRSS_UserDAO::mtime($user) < $min_last_activity)) { - syslog(LOG_INFO, 'FreshRSS skip inactive user ' . $user); + Minz_Log::notice('FreshRSS skip inactive user ' . $user, $log_file); if (defined('STDOUT')) { fwrite(STDOUT, 'FreshRSS skip inactive user ' . $user . "\n"); //Unbuffered } continue; } - syslog(LOG_INFO, 'FreshRSS actualize ' . $user); + Minz_Log::notice('FreshRSS actualize ' . $user, $log_file); if (defined('STDOUT')) { fwrite(STDOUT, 'Actualize ' . $user . "...\n"); //Unbuffered } @@ -62,7 +65,8 @@ foreach ($users as $user) { if (!invalidateHttpCache()) { - syslog(LOG_NOTICE, 'FreshRSS write access problem in ' . join_path(USERS_PATH, $user, 'log.txt')); + Minz_Log::notice('FreshRSS write access problem in ' . join_path(USERS_PATH, $user, 'log.txt'), + $log_file); if (defined('STDERR')) { fwrite(STDERR, 'Write access problem in ' . join_path(USERS_PATH, $user, 'log.txt') . "\n"); } @@ -70,7 +74,7 @@ foreach ($users as $user) { } -syslog(LOG_INFO, 'FreshRSS actualize done.'); +Minz_Log::notice('FreshRSS actualize done.', $log_file); if (defined('STDOUT')) { fwrite(STDOUT, 'Done.' . "\n"); $end_date = date_create('now'); diff --git a/lib/SimplePie/SimplePie.php b/lib/SimplePie/SimplePie.php index dc4bbb6cb..c4872b5be 100644 --- a/lib/SimplePie/SimplePie.php +++ b/lib/SimplePie/SimplePie.php @@ -1529,11 +1529,11 @@ class SimplePie { //FreshRSS $md5 = $this->cleanMd5($file->body); if ($this->data['md5'] === $md5) { - syslog(LOG_DEBUG, 'SimplePie MD5 cache match for ' . $this->feed_url); + // syslog(LOG_DEBUG, 'SimplePie MD5 cache match for ' . $this->feed_url); $cache->touch(); return true; //Content unchanged even though server did not send a 304 } else { - syslog(LOG_DEBUG, 'SimplePie MD5 cache no match for ' . $this->feed_url); + // syslog(LOG_DEBUG, 'SimplePie MD5 cache no match for ' . $this->feed_url); $this->data['md5'] = $md5; } } diff --git a/lib/SimplePie/SimplePie/File.php b/lib/SimplePie/SimplePie/File.php index b1bbe4420..9625af2a9 100644 --- a/lib/SimplePie/SimplePie/File.php +++ b/lib/SimplePie/SimplePie/File.php @@ -79,7 +79,7 @@ class SimplePie_File $this->useragent = $useragent; if (preg_match('/^http(s)?:\/\//i', $url)) { - syslog(LOG_INFO, 'SimplePie GET ' . $url); //FreshRSS + // syslog(LOG_INFO, 'SimplePie GET ' . $url); //FreshRSS if ($useragent === null) { $useragent = ini_get('user_agent'); diff --git a/lib/lib_rss.php b/lib/lib_rss.php index 083e87745..3b3f6d279 100644 --- a/lib/lib_rss.php +++ b/lib/lib_rss.php @@ -180,7 +180,7 @@ function sanitizeHTML($data, $base = '') { function get_content_by_parsing ($url, $path) { require_once (LIB_PATH . '/lib_phpQuery.php'); - syslog(LOG_INFO, 'FreshRSS GET ' . $url); + Minz_Log::notice('FreshRSS GET ' . $url); $html = file_get_contents ($url); if ($html) { -- cgit v1.2.3 From a47ce4f6af9e55267c4ce50af1bcc052229535ad Mon Sep 17 00:00:00 2001 From: Marien Fressinaud Date: Thu, 29 Jan 2015 10:17:29 +0100 Subject: Fix including extensions for actualize_script Extensions could be included multiple times. It resulted in an error. --- lib/Minz/ExtensionManager.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/Minz/ExtensionManager.php b/lib/Minz/ExtensionManager.php index f00453f6c..c5c68a8d4 100644 --- a/lib/Minz/ExtensionManager.php +++ b/lib/Minz/ExtensionManager.php @@ -114,7 +114,7 @@ class Minz_ExtensionManager { $entry_point_filename = $info['path'] . '/' . self::$ext_entry_point; $ext_class_name = $info['entrypoint'] . 'Extension'; - include($entry_point_filename); + include_once($entry_point_filename); // Test if the given extension class exists. if (!class_exists($ext_class_name)) { -- cgit v1.2.3 From 40f45c92ed96c34e1342cb50b3582b587e36a9bb Mon Sep 17 00:00:00 2001 From: Marien Fressinaud Date: Thu, 29 Jan 2015 10:26:16 +0100 Subject: Fix get_user_configuration() There is no need to prefix namespace by the time: if conf has already been registered, it will be returned anyway! --- lib/lib_rss.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/lib_rss.php b/lib/lib_rss.php index 3b3f6d279..68abe602c 100644 --- a/lib/lib_rss.php +++ b/lib/lib_rss.php @@ -248,7 +248,7 @@ function listUsers() { * @return a Minz_Configuration object, null if the configuration cannot be loaded. */ function get_user_configuration($username) { - $namespace = time() . '_user_' . $username; + $namespace = 'user_' . $username; try { Minz_Configuration::register($namespace, join_path(USERS_PATH, $username, 'config.php'), -- cgit v1.2.3 From e078f9fdac8f666e2d2aad1b1cc8ba3aadb68ab2 Mon Sep 17 00:00:00 2001 From: Marien Fressinaud Date: Thu, 29 Jan 2015 10:47:33 +0100 Subject: Introduce url_remove_credentials() function See https://github.com/FreshRSS/FreshRSS/issues/711 --- lib/lib_rss.php | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'lib') diff --git a/lib/lib_rss.php b/lib/lib_rss.php index 68abe602c..d4f41cf5c 100644 --- a/lib/lib_rss.php +++ b/lib/lib_rss.php @@ -429,3 +429,13 @@ function array_push_unique(&$array, $value) { function array_remove(&$array, $value) { $array = array_diff($array, array($value)); } + + +/** + * Sanitize a URL by removing HTTP credentials. + * @param $url the URL to sanitize. + * @return the same URL without HTTP credentials. + */ +function url_remove_credentials($url) { + return preg_replace('#((.+)://)((.+)@)?(.+)#', '${1}${5}', $url); +} -- cgit v1.2.3 From 8ff3e5363d28dff2eed6d7f152921ed093196a04 Mon Sep 17 00:00:00 2001 From: Marien Fressinaud Date: Thu, 29 Jan 2015 10:57:11 +0100 Subject: Use url_remove_credentials to log URL See https://github.com/FreshRSS/FreshRSS/issues/711 --- app/Models/Feed.php | 11 ++++------- lib/lib_rss.php | 2 +- 2 files changed, 5 insertions(+), 8 deletions(-) (limited to 'lib') diff --git a/app/Models/Feed.php b/app/Models/Feed.php index 74869bf11..5ce03be5d 100644 --- a/app/Models/Feed.php +++ b/app/Models/Feed.php @@ -240,19 +240,16 @@ class FreshRSS_Feed extends Minz_Model { $subscribe_url = $feed->subscribe_url(true); } + $clean_url = url_remove_credentials($subscribe_url); if ($subscribe_url !== null && $subscribe_url !== $url) { - if ($this->httpAuth != '') { - // on enlève les id si authentification HTTP - $subscribe_url = preg_replace('#((.+)://)((.+)@)(.+)#', '${1}${5}', $subscribe_url); - } - $this->_url($subscribe_url); + $this->_url($clean_url); } if (($mtime === true) ||($mtime > $this->lastUpdate)) { - Minz_Log::notice('FreshRSS no cache ' . $mtime . ' > ' . $this->lastUpdate . ' for ' . $subscribe_url); + Minz_Log::notice('FreshRSS no cache ' . $mtime . ' > ' . $this->lastUpdate . ' for ' . $clean_url); $this->loadEntries($feed); // et on charge les articles du flux } else { - Minz_Log::notice('FreshRSS use cache for ' . $subscribe_url); + Minz_Log::notice('FreshRSS use cache for ' . $clean_url); $this->entries = array(); } diff --git a/lib/lib_rss.php b/lib/lib_rss.php index d4f41cf5c..e2fcb1fee 100644 --- a/lib/lib_rss.php +++ b/lib/lib_rss.php @@ -180,7 +180,7 @@ function sanitizeHTML($data, $base = '') { function get_content_by_parsing ($url, $path) { require_once (LIB_PATH . '/lib_phpQuery.php'); - Minz_Log::notice('FreshRSS GET ' . $url); + Minz_Log::notice('FreshRSS GET ' . url_remove_credentials($url)); $html = file_get_contents ($url); if ($html) { -- cgit v1.2.3 From 01a1179b1ae0ee92234a0ef0a67c3e5d6d0b3c7e Mon Sep 17 00:00:00 2001 From: Marien Fressinaud Date: Thu, 29 Jan 2015 11:05:20 +0100 Subject: Improve url_remove_credentials Use @aledeg old function instead See https://github.com/FreshRSS/FreshRSS/pull/715 See https://github.com/FreshRSS/FreshRSS/issues/711 --- lib/lib_rss.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/lib_rss.php b/lib/lib_rss.php index e2fcb1fee..e5fe73041 100644 --- a/lib/lib_rss.php +++ b/lib/lib_rss.php @@ -437,5 +437,5 @@ function array_remove(&$array, $value) { * @return the same URL without HTTP credentials. */ function url_remove_credentials($url) { - return preg_replace('#((.+)://)((.+)@)?(.+)#', '${1}${5}', $url); + return preg_replace('/[^\/]*:[^:]*@/', '', $url); } -- cgit v1.2.3