From 58300c36ad77e8d788e99825d509fe8657a36854 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Thu, 26 Dec 2013 01:56:58 +0100 Subject: Cookie : sous-répertoire pour index (changements de répertoires !) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Implémente https://github.com/marienfressinaud/FreshRSS/issues/333 /public/ est renommé /p/ /public/index.php est déplacé dans /p/i/index.php Le cookie de session est limité à /p/i/ --- p/i/install.php | 1020 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 1020 insertions(+) create mode 100644 p/i/install.php (limited to 'p/i/install.php') diff --git a/p/i/install.php b/p/i/install.php new file mode 100644 index 000000000..fa37ae19a --- /dev/null +++ b/p/i/install.php @@ -0,0 +1,1020 @@ + +define('SQL_SHOW_TABLES', 'SHOW tables;'); + +define('SQL_BACKUP006', 'RENAME TABLE `%1$scategory` TO `%1$scategory006`, `%1$sfeed` TO `%1$sfeed006`, `%1$sentry` TO `%1$sentry006`;'); + +define('SQL_SHOW_COLUMNS_UPDATEv006', 'SHOW columns FROM `%1$sentry006` LIKE "id2";'); + +define('SQL_UPDATEv006', ' +ALTER TABLE `%1$scategory006` ADD id2 SMALLINT; + +SET @i = 0; +UPDATE `%1$scategory006` SET id2=(@i:=@i+1) ORDER BY id; + +ALTER TABLE `%1$sfeed006` ADD id2 SMALLINT, ADD category2 SMALLINT; + +SET @i = 0; +UPDATE `%1$sfeed006` SET id2=(@i:=@i+1) ORDER BY name; + +UPDATE `%1$sfeed006` f +INNER JOIN `%1$scategory006` c ON f.category = c.id +SET f.category2 = c.id2; + +INSERT IGNORE INTO `%2$scategory` (name, color) +SELECT name, color +FROM `%1$scategory006` +ORDER BY id2; + +INSERT IGNORE INTO `%2$sfeed` (url, category, name, website, description, priority, pathEntries, httpAuth, keep_history) +SELECT url, category2, name, website, description, priority, pathEntries, httpAuth, IF(keep_history = 1, -1, -2) +FROM `%1$sfeed006` +ORDER BY id2; + +ALTER TABLE `%1$sentry006` ADD id2 bigint; + +UPDATE `%1$sentry006` SET id2 = ((date * 1000000) + (rand() * 100000000)); + +INSERT IGNORE INTO `%2$sentry` (id, guid, title, author, link, date, is_read, is_favorite, id_feed, tags) +SELECT e0.id2, e0.guid, e0.title, e0.author, e0.link, e0.date, e0.is_read, e0.is_favorite, f0.id2, e0.tags +FROM `%1$sentry006` e0 +INNER JOIN `%1$sfeed006` f0 ON e0.id_feed = f0.id; +'); + +define('SQL_CONVERT_SELECTv006', ' +SELECT e0.id2, e0.content +FROM `%1$sentry006` e0 +INNER JOIN `%2$sentry` e1 ON e0.id2 = e1.id +WHERE e1.content_bin IS NULL'); + +define('SQL_CONVERT_UPDATEv006', 'UPDATE `%1$sentry` SET content_bin=COMPRESS(?) WHERE id=?;'); + +define('SQL_UPDATE_CACHED_VALUESv006', ' +UPDATE `%1$sfeed` f +INNER JOIN ( + SELECT e.id_feed, + COUNT(CASE WHEN e.is_read = 0 THEN 1 END) AS nbUnreads, + COUNT(e.id) AS nbEntries + FROM `%1$sentry` e + GROUP BY e.id_feed +) x ON x.id_feed=f.id +SET f.cache_nbEntries=x.nbEntries, f.cache_nbUnreads=x.nbUnreads +'); + +define('SQL_DROP_BACKUPv006', 'DROP TABLE IF EXISTS `%1$sentry006`, `%1$sfeed006`, `%1$scategory006`;'); +// + +function writeLine ($f, $line) { + fwrite ($f, $line . "\n"); +} +function writeArray ($f, $array) { + foreach ($array as $key => $val) { + if (is_array ($val)) { + writeLine ($f, '\'' . $key . '\' => array ('); + writeArray ($f, $val); + writeLine ($f, '),'); + } else { + writeLine ($f, '\'' . $key . '\' => \'' . $val . '\','); + } + } +} + +// gestion internationalisation +$translates = array (); +$actual = 'en'; +function initTranslate () { + global $translates; + global $actual; + + $actual = isset($_SESSION['language']) ? $_SESSION['language'] : getBetterLanguage('en'); + + $file = APP_PATH . '/i18n/' . $actual . '.php'; + if (file_exists($file)) { + $translates = array_merge($translates, include($file)); + } + + $file = APP_PATH . '/i18n/install.' . $actual . '.php'; + if (file_exists($file)) { + $translates = array_merge($translates, include($file)); + } +} + +function getBetterLanguage ($fallback) { + $available = availableLanguages (); + $accept = $_SERVER['HTTP_ACCEPT_LANGUAGE']; + $language = strtolower (substr ($accept, 0, 2)); + + if (isset ($available[$language])) { + return $language; + } else { + return $fallback; + } +} +function availableLanguages () { + return array ( + 'en' => 'English', + 'fr' => 'Français' + ); +} +function _t ($key) { + global $translates; + $translate = $key; + if (isset ($translates[$key])) { + $translate = $translates[$key]; + } + + $args = func_get_args (); + unset($args[0]); + + return vsprintf ($translate, $args); +} + +/*** SAUVEGARDES ***/ +function saveLanguage () { + if (!empty ($_POST)) { + if (!isset ($_POST['language'])) { + return false; + } + + $_SESSION['language'] = $_POST['language']; + + header ('Location: index.php?step=1'); + } +} +function saveStep2 () { + if (!empty ($_POST)) { + if (empty ($_POST['title']) || + empty ($_POST['old_entries']) || + empty ($_POST['default_user'])) { + return false; + } + + $_SESSION['sel_application'] = sha1(uniqid(mt_rand(), true).implode('', stat(__FILE__))); + $_SESSION['title'] = addslashes(substr(trim($_POST['title']), 0, 25)); + $_SESSION['old_entries'] = $_POST['old_entries']; + if ((!ctype_digit($_SESSION['old_entries'])) || ($_SESSION['old_entries'] < 1)) { + $_SESSION['old_entries'] = 3; + } + $_SESSION['mail_login'] = addslashes ($_POST['mail_login']); + $_SESSION['default_user'] = substr(preg_replace ('/[^a-zA-Z0-9]/', '', $_POST['default_user']), 0, 16); + + $token = ''; + if ($_SESSION['mail_login']) { + $token = sha1($_SESSION['sel_application'] . $_SESSION['mail_login']); + } + + $file_data = DATA_PATH . '/' . $_SESSION['default_user'] . '_user.php'; + + $f = fopen ($file_data, 'w'); + writeLine ($f, ' $_SESSION['language'], + 'old_entries' => $_SESSION['old_entries'], + 'mail_login' => $_SESSION['mail_login'], + 'token' => $token + )); + writeLine ($f, ');'); + fclose ($f); + + header ('Location: index.php?step=3'); + } +} + +function saveStep3 () { + if (!empty ($_POST)) { + if (empty ($_POST['type']) || + empty ($_POST['host']) || + empty ($_POST['user']) || + empty ($_POST['base'])) { + $_SESSION['bd_error'] = true; + } + + $_SESSION['bd_type'] = isset ($_POST['type']) ? $_POST['type'] : 'mysql'; + $_SESSION['bd_host'] = addslashes ($_POST['host']); + $_SESSION['bd_user'] = addslashes ($_POST['user']); + $_SESSION['bd_password'] = addslashes ($_POST['pass']); + $_SESSION['bd_base'] = addslashes ($_POST['base']); + $_SESSION['bd_prefix'] = addslashes ($_POST['prefix']); + $_SESSION['bd_prefix_user'] = $_SESSION['bd_prefix'] . (empty($_SESSION['default_user']) ? '' : ($_SESSION['default_user'] . '_')); + + $ini_array = array( + 'general' => array( + 'environment' => empty($_SESSION['environment']) ? 'production' : $_SESSION['environment'], + 'use_url_rewriting' => false, + 'sel_application' => $_SESSION['sel_application'], + 'base_url' => '', + 'title' => $_SESSION['title'], + 'default_user' => $_SESSION['default_user'], + ), + 'db' => array( + 'type' => $_SESSION['bd_type'], + 'host' => $_SESSION['bd_host'], + 'user' => $_SESSION['bd_user'], + 'password' => $_SESSION['bd_password'], + 'base' => $_SESSION['bd_base'], + 'prefix' => $_SESSION['bd_prefix'], + ), + ); + file_put_contents(DATA_PATH . '/config.php', " 'SET NAMES utf8', + ); + break; + case 'sqlite': + $str = 'sqlite:' . DATA_PATH . $_SESSION['bd_base'] . '.sqlite'; + $driver_options = null; + break; + default: + return false; + } + + $c = new PDO($str, $_SESSION['bd_user'], $_SESSION['bd_password'], $driver_options); + + $stm = $c->prepare(SQL_SHOW_TABLES); + $stm->execute(); + $res = $stm->fetchAll(PDO::FETCH_COLUMN, 0); + if (!in_array($_SESSION['bd_prefix'] . 'entry006', $res)) { + return false; + } + + $sql = sprintf(SQL_SHOW_COLUMNS_UPDATEv006, $_SESSION['bd_prefix']); + $stm = $c->prepare($sql); + $stm->execute(); + $res = $stm->fetchAll(PDO::FETCH_COLUMN, 0); + if (!in_array('id2', $res)) { + if (!$perform) { + return true; + } + $sql = sprintf(SQL_UPDATEv006, $_SESSION['bd_prefix'], $_SESSION['bd_prefix_user']); + $stm = $c->prepare($sql, array(PDO::ATTR_EMULATE_PREPARES => true)); + $stm->execute(); + } + + $sql = sprintf(SQL_UPDATE_CACHED_VALUESv006, $_SESSION['bd_prefix_user']); + $stm = $c->prepare($sql); + $stm->execute(); + + $sql = sprintf(SQL_CONVERT_SELECTv006, $_SESSION['bd_prefix'], $_SESSION['bd_prefix_user']); + if (!$perform) { + $sql .= ' LIMIT 1'; + } + $stm = $c->prepare($sql); + $stm->execute(); + if (!$perform) { + $res = $stm->fetchAll(PDO::FETCH_COLUMN, 0); + return count($res) > 0; + } else { + @set_time_limit(300); + } + + $c2 = new PDO($str, $_SESSION['bd_user'], $_SESSION['bd_password'], $driver_options); + $sql = sprintf(SQL_CONVERT_UPDATEv006, $_SESSION['bd_prefix_user']); + $stm2 = $c2->prepare($sql); + while ($row = $stm->fetch(PDO::FETCH_ASSOC)) { + $id = $row['id2']; + $content = unserialize(gzinflate(base64_decode($row['content']))); + $stm2->execute(array($content, $id)); + } + return true; + } catch (PDOException $e) { + return false; + } + return false; +} + +function deleteInstall () { + $res = unlink (INDEX_PATH . '/install.php'); + if ($res) { + header ('Location: index.php'); + } + + $needs = array('bd_type', 'bd_host', 'bd_base', 'bd_user', 'bd_password', 'bd_prefix'); + foreach ($needs as $need) { + if (!isset($_SESSION[$need])) { + return false; + } + } + + try { + switch ($_SESSION['bd_type']) { + case 'mysql': + $str = 'mysql:host=' . $_SESSION['bd_host'] . ';dbname=' . $_SESSION['bd_base']; + $driver_options = array( + PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8', + ); + break; + case 'sqlite': + $str = 'sqlite:' . DATA_PATH . $_SESSION['bd_base'] . '.sqlite'; + $driver_options = null; + break; + default: + return false; + } + + $c = new PDO($str, $_SESSION['bd_user'], $_SESSION['bd_password'], $driver_options); + $sql = sprintf(SQL_DROP_BACKUPv006, $_SESSION['bd_prefix']); + $stm = $c->prepare($sql); + $stm->execute(); + + return true; + } catch (PDOException $e) { + return false; + } + return false; +} + +function moveOldFiles() { + $mvs = array( + '/app/configuration/application.ini' => '/data/application.ini', //v0.6 + '/public/data/Configuration.array.php' => '/data/Configuration.array.php', //v0.6 + ); + $ok = true; + foreach ($mvs as $fFrom => $fTo) { + if (file_exists(FRESHRSS_PATH . $fFrom)) { + if (copy(FRESHRSS_PATH . $fFrom, FRESHRSS_PATH . $fTo)) { + @unlink(FRESHRSS_PATH . $fFrom); + } else { + $ok = false; + } + } + } + return $ok; +} + +function delTree($dir) { //http://php.net/rmdir#110489 + if (!is_dir($dir)) { + return true; + } + $files = array_diff(scandir($dir), array('.', '..')); + foreach ($files as $file) { + $f = $dir . '/' . $file; + if (is_dir($f)) { + @chmod($f, 0777); + delTree($f); + } + else unlink($f); + } + return rmdir($dir); +} + +/*** VÉRIFICATIONS ***/ +function checkStep () { + $s0 = checkStep0 (); + $s1 = checkStep1 (); + $s2 = checkStep2 (); + $s3 = checkStep3 (); + if (STEP > 0 && $s0['all'] != 'ok') { + header ('Location: index.php?step=0'); + } elseif (STEP > 1 && $s1['all'] != 'ok') { + header ('Location: index.php?step=1'); + } elseif (STEP > 2 && $s2['all'] != 'ok') { + header ('Location: index.php?step=2'); + } elseif (STEP > 3 && $s3['all'] != 'ok') { + header ('Location: index.php?step=3'); + } + $_SESSION['actualize_feeds'] = true; +} +function checkStep0 () { + moveOldFiles(); + + if (file_exists(DATA_PATH . '/config.php')) { + $ini_array = include(DATA_PATH . '/config.php'); + } elseif (file_exists(DATA_PATH . '/application.ini')) { + $ini_array = parse_ini_file(DATA_PATH . '/application.ini', true); + } else { + $ini_array = null; + } + + if ($ini_array) { + $ini_general = isset($ini_array['general']) ? $ini_array['general'] : null; + if ($ini_general) { + $keys = array('environment', 'sel_application', 'title', 'default_user'); + foreach ($keys as $key) { + if ((empty($_SESSION[$key])) && isset($ini_general[$key])) { + $_SESSION[$key] = $ini_general[$key]; + } + } + } + $ini_db = isset($ini_array['db']) ? $ini_array['db'] : null; + if ($ini_db) { + $keys = array('type', 'host', 'user', 'password', 'base', 'prefix'); + foreach ($keys as $key) { + if ((!isset($_SESSION['bd_' . $key])) && isset($ini_db[$key])) { + $_SESSION['bd_' . $key] = $ini_db[$key]; + } + } + } + } + + if (isset($_SESSION['default_user']) && file_exists(DATA_PATH . '/' . $_SESSION['default_user'] . '_user.php')) { + $userConfig = include(DATA_PATH . '/' . $_SESSION['default_user'] . '_user.php'); + } elseif (file_exists(DATA_PATH . '/Configuration.array.php')) { + $userConfig = include(DATA_PATH . '/Configuration.array.php'); //v0.6 + } else { + $userConfig = array(); + } + + $keys = array('language', 'old_entries', 'mail_login'); + foreach ($keys as $key) { + if ((!isset($_SESSION[$key])) && isset($userConfig[$key])) { + $_SESSION[$key] = $userConfig[$key]; + } + } + + $languages = availableLanguages (); + $language = isset ($_SESSION['language']) && + isset ($languages[$_SESSION['language']]); + + return array ( + 'language' => $language ? 'ok' : 'ko', + 'all' => $language ? 'ok' : 'ko' + ); +} +function checkStep1 () { + $php = version_compare (PHP_VERSION, '5.2.0') >= 0; + $minz = file_exists (LIB_PATH . '/Minz'); + $curl = extension_loaded ('curl'); + $pdo = extension_loaded ('pdo_mysql'); + $dom = class_exists('DOMDocument'); + $data = DATA_PATH && is_writable (DATA_PATH); + $cache = CACHE_PATH && is_writable (CACHE_PATH); + $log = LOG_PATH && is_writable (LOG_PATH); + $favicons = is_writable (DATA_PATH . '/favicons'); + + return array ( + 'php' => $php ? 'ok' : 'ko', + 'minz' => $minz ? 'ok' : 'ko', + 'curl' => $curl ? 'ok' : 'ko', + 'pdo-mysql' => $pdo ? 'ok' : 'ko', + 'dom' => $dom ? 'ok' : 'ko', + 'data' => $data ? 'ok' : 'ko', + 'cache' => $cache ? 'ok' : 'ko', + 'log' => $log ? 'ok' : 'ko', + 'favicons' => $favicons ? 'ok' : 'ko', + 'all' => $php && $minz && $curl && $pdo && $dom && $data && $cache && $log && $favicons ? 'ok' : 'ko' + ); +} + +function checkStep2 () { + $conf = !empty($_SESSION['sel_application']) && + !empty($_SESSION['title']) && + !empty($_SESSION['old_entries']) && + isset($_SESSION['mail_login']) && + !empty($_SESSION['default_user']); + $defaultUser = empty($_POST['default_user']) ? null : $_POST['default_user']; + if ($defaultUser === null) { + $defaultUser = empty($_SESSION['default_user']) ? '' : $_SESSION['default_user']; + } + $data = file_exists (DATA_PATH . '/' . $defaultUser . '_user.php'); + if ($data) { + @unlink(DATA_PATH . '/Configuration.array.php'); //v0.6 + } + + return array ( + 'conf' => $conf ? 'ok' : 'ko', + 'data' => $data ? 'ok' : 'ko', + 'all' => $conf && $data ? 'ok' : 'ko' + ); +} +function checkStep3 () { + $conf = file_exists (DATA_PATH . '/config.php'); + + $bd = isset ($_SESSION['bd_type']) && + isset ($_SESSION['bd_host']) && + isset ($_SESSION['bd_user']) && + isset ($_SESSION['bd_password']) && + isset ($_SESSION['bd_base']) && + isset ($_SESSION['bd_prefix']) && + isset ($_SESSION['bd_error']); + $conn = !isset ($_SESSION['bd_error']) || !$_SESSION['bd_error']; + + return array ( + 'bd' => $bd ? 'ok' : 'ko', + 'conn' => $conn ? 'ok' : 'ko', + 'conf' => $conf ? 'ok' : 'ko', + 'all' => $bd && $conn && $conf ? 'ok' : 'ko' + ); +} + +function checkBD () { + $error = false; + + try { + $str = ''; + $driver_options = null; + switch ($_SESSION['bd_type']) { + case 'mysql': + $driver_options = array( + PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8' + ); + + // on ouvre une connexion juste pour créer la base si elle n'existe pas + $str = 'mysql:host=' . $_SESSION['bd_host'] . ';'; + $c = new PDO ($str, $_SESSION['bd_user'], $_SESSION['bd_password'], $driver_options); + + $sql = sprintf (SQL_CREATE_DB, $_SESSION['bd_base']); + $res = $c->query ($sql); + + // on écrase la précédente connexion en sélectionnant la nouvelle BDD + $str = 'mysql:host=' . $_SESSION['bd_host'] . ';dbname=' . $_SESSION['bd_base']; + break; + case 'sqlite': + $str = 'sqlite:' . DATA_PATH . $_SESSION['bd_base'] . '.sqlite'; + break; + default: + return false; + } + + $c = new PDO ($str, $_SESSION['bd_user'], $_SESSION['bd_password'], $driver_options); + + $stm = $c->prepare(SQL_SHOW_TABLES); + $stm->execute(); + $res = $stm->fetchAll(PDO::FETCH_COLUMN, 0); + if (in_array($_SESSION['bd_prefix'] . 'entry', $res) && !in_array($_SESSION['bd_prefix'] . 'entry006', $res)) { + $sql = sprintf(SQL_BACKUP006, $_SESSION['bd_prefix']); //v0.6 + $res = $c->query($sql); //Backup tables + } + + $sql = sprintf (SQL_CAT, $_SESSION['bd_prefix_user']); + $res = $c->query ($sql); + + if (!$res) { + $error = true; + } + + $sql = sprintf (SQL_FEED, $_SESSION['bd_prefix_user']); + $res = $c->query ($sql); + + if (!$res) { + $error = true; + } + + $sql = sprintf (SQL_ENTRY, $_SESSION['bd_prefix_user']); + $res = $c->query ($sql); + + if (!$res) { + $error = true; + } + } catch (PDOException $e) { + $error = true; + } + + if ($error && file_exists (DATA_PATH . '/config.php')) { + unlink (DATA_PATH . '/config.php'); + } + + return !$error; +} + +/*** AFFICHAGE ***/ +function printStep0 () { + global $actual; +?> + +

+ + +
+ +
+ +
+ +
+
+ +
+
+ + + + + +
+
+
+ + + + +

+ +

+ + + +

+ +

+ + + + +

+ +

+ + + +

+ +

+ + + +

+ +

+ + + +

+ +

+ + + +

+ +

+ + + +

+ +

+ + + +

+ +

+ + + + + +

+ + + +

+ + +
+ + + +
+ +
+ +
+
+ +
+ +
+ +
+
+ +
+ +
+ +
+
+ +
+ +
+ + +
+
+ +
+
+ + + + + +
+
+
+ + +

+ +

+ + +
+ +
+ +
+ +
+
+ +
+ +
+ +
+
+ +
+ +
+ +
+
+ +
+ +
+ +
+
+ +
+ +
+ +
+
+ +
+ +
+ +
+
+ +
+
+ + + + + +
+
+
+ +
+ +
+
+ + + +

+ + + +
+
+
+ +

+ + +

+ + + + + + + <?php echo _t ('freshrss_installation'); ?> + + + + + +
+
+

+

+
+
+ +
+ + +
+ +
+
+ + -- cgit v1.2.3 From f8b8dc7a23f6c1d5d328c91a25c682c62d6f3649 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Fri, 27 Dec 2013 12:30:57 +0100 Subject: Mise à jour possible depuis v0.7-beta[1-2] + correction message MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit + Correction message lorsqu'on clique sur "enregistrer" un flux où rien n'a changé et qui disait qu'une erreur était survenue alors que simplement rien n'avait changé --- app/i18n/en.php | 2 +- app/i18n/fr.php | 2 +- p/i/install.php | 12 +++++++++--- 3 files changed, 11 insertions(+), 5 deletions(-) (limited to 'p/i/install.php') diff --git a/app/i18n/en.php b/app/i18n/en.php index 40c634f7c..f74a7f198 100644 --- a/app/i18n/en.php +++ b/app/i18n/en.php @@ -60,7 +60,7 @@ return array ( 'access_denied' => 'You don’t have permission to access this page', 'page_not_found' => 'You are looking for a page which doesn’t exist', 'error_occurred' => 'An error occurred', - 'error_occurred_update' => 'An error occurred during update', + 'error_occurred_update' => 'Nothing was changed', 'default_category' => 'Uncategorized', 'categories_updated' => 'Categories have been updated', diff --git a/app/i18n/fr.php b/app/i18n/fr.php index 14160bb7e..f9c4d00cc 100644 --- a/app/i18n/fr.php +++ b/app/i18n/fr.php @@ -60,7 +60,7 @@ return array ( 'access_denied' => 'Vous n’avez pas le droit d’accéder à cette page', 'page_not_found' => 'La page que vous cherchez n’existe pas', 'error_occurred' => 'Une erreur est survenue', - 'error_occurred_update' => 'Une erreur est survenue lors de la mise à jour', + 'error_occurred_update' => 'Rien n’a été modifié', 'default_category' => 'Sans catégorie', 'categories_updated' => 'Les catégories ont été mises à jour', diff --git a/p/i/install.php b/p/i/install.php index fa37ae19a..8db372fef 100644 --- a/p/i/install.php +++ b/p/i/install.php @@ -117,7 +117,9 @@ WHERE e1.content_bin IS NULL'); define('SQL_CONVERT_UPDATEv006', 'UPDATE `%1$sentry` SET content_bin=COMPRESS(?) WHERE id=?;'); -define('SQL_UPDATE_CACHED_VALUESv006', ' +define('SQL_DROP_BACKUPv006', 'DROP TABLE IF EXISTS `%1$sentry006`, `%1$sfeed006`, `%1$scategory006`;'); + +define('SQL_UPDATE_CACHED_VALUES', ' UPDATE `%1$sfeed` f INNER JOIN ( SELECT e.id_feed, @@ -129,7 +131,7 @@ INNER JOIN ( SET f.cache_nbEntries=x.nbEntries, f.cache_nbUnreads=x.nbUnreads '); -define('SQL_DROP_BACKUPv006', 'DROP TABLE IF EXISTS `%1$sentry006`, `%1$sfeed006`, `%1$scategory006`;'); +define('SQL_UPDATE_HISTORYv007b', 'UPDATE `%1$sfeed` SET keep_history = CASE WHEN keep_history = 0 THEN -2 WHEN keep_history = 1 THEN -1 ELSE keep_history END;'); // function writeLine ($f, $line) { @@ -349,7 +351,11 @@ function updateDatabase($perform = false) { $stm->execute(); } - $sql = sprintf(SQL_UPDATE_CACHED_VALUESv006, $_SESSION['bd_prefix_user']); + $sql = sprintf(SQL_UPDATE_HISTORYv007b, $_SESSION['bd_prefix_user']); + $stm = $c->prepare($sql); + $stm->execute(); + + $sql = sprintf(SQL_UPDATE_CACHED_VALUES, $_SESSION['bd_prefix_user']); $stm = $c->prepare($sql); $stm->execute(); -- cgit v1.2.3 From ab3cc9be569471b2bdc45ba2f095f621c5549143 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Fri, 27 Dec 2013 13:02:16 +0100 Subject: Install.php petites corrections MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Évite des problèmes de droits lorsque config.php et *_user.php existent déjà Adresse des styles mise à jour --- p/i/install.php | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'p/i/install.php') diff --git a/p/i/install.php b/p/i/install.php index 8db372fef..0e8a972c6 100644 --- a/p/i/install.php +++ b/p/i/install.php @@ -235,6 +235,7 @@ function saveStep2 () { $file_data = DATA_PATH . '/' . $_SESSION['default_user'] . '_user.php'; + @unlink($file_data); //To avoid access-rights problems $f = fopen ($file_data, 'w'); writeLine ($f, ' $_SESSION['bd_prefix'], ), ); + + @unlink(DATA_PATH . '/config.php'); //To avoid access-rights problems file_put_contents(DATA_PATH . '/config.php', " <?php echo _t ('freshrss_installation'); ?> - - + + -- cgit v1.2.3 From badc60910a21774512034027bbb394ffeb477629 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Fri, 27 Dec 2013 15:16:53 +0100 Subject: Petites corrections et sortie 0.7-beta3 --- app/Controllers/feedController.php | 12 ++++++------ p/i/install.php | 4 ++-- 2 files changed, 8 insertions(+), 8 deletions(-) (limited to 'p/i/install.php') diff --git a/app/Controllers/feedController.php b/app/Controllers/feedController.php index ca230232f..a3371a43e 100755 --- a/app/Controllers/feedController.php +++ b/app/Controllers/feedController.php @@ -198,12 +198,17 @@ class FreshRSS_feed_Controller extends Minz_ActionController { //For this feed, check last n entry GUIDs already in database $existingGuids = array_fill_keys ($entryDAO->listLastGuidsByFeed ($feed->id (), count($entries) + 10), 1); + $feedHistory = $feed->keepHistory(); + if ($feedHistory == -2) { //default + $feedHistory = $this->view->conf->keepHistoryDefault(); + } + // On ne vérifie pas strictement que l'article n'est pas déjà en BDD // La BDD refusera l'ajout car (id_feed, guid) doit être unique $feedDAO->beginTransaction (); foreach ($entries as $entry) { if ((!isset ($existingGuids[$entry->guid ()])) && - ($entry->date (true) >= $date_min)) { + (($feedHistory != 0) || ($entry->date (true) >= $date_min))) { $values = $entry->toArray (); //Use declared date at first import, otherwise use discovery date $values['id'] = empty($existingGuids) ? min(time(), $entry->date (true)) . uSecString() : uTimeString(); @@ -212,11 +217,6 @@ class FreshRSS_feed_Controller extends Minz_ActionController { } } - $feedHistory = $feed->keepHistory(); - if ($feedHistory == -2) { //default - $feedHistory = $this->view->conf->keepHistoryDefault(); - } - if (($feedHistory >= 0) && (rand(0, 30) === 1)) { $nb = $feedDAO->cleanOldEntries ($feed->id (), $date_min, max($feedHistory, count($entries) + 10)); if ($nb > 0) { diff --git a/p/i/install.php b/p/i/install.php index 0e8a972c6..132cd5508 100644 --- a/p/i/install.php +++ b/p/i/install.php @@ -573,7 +573,7 @@ function checkStep2 () { if ($defaultUser === null) { $defaultUser = empty($_SESSION['default_user']) ? '' : $_SESSION['default_user']; } - $data = file_exists (DATA_PATH . '/' . $defaultUser . '_user.php'); + $data = is_writable(DATA_PATH . '/' . $defaultUser . '_user.php'); if ($data) { @unlink(DATA_PATH . '/Configuration.array.php'); //v0.6 } @@ -585,7 +585,7 @@ function checkStep2 () { ); } function checkStep3 () { - $conf = file_exists (DATA_PATH . '/config.php'); + $conf = is_writable(DATA_PATH . '/config.php'); $bd = isset ($_SESSION['bd_type']) && isset ($_SESSION['bd_host']) && -- cgit v1.2.3 From 45b2decce03e218fe7ad66479491123ce398ab1f Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Sat, 28 Dec 2013 01:24:54 +0100 Subject: HTTP Auth user https://github.com/marienfressinaud/FreshRSS/issues/126 --- app/views/configure/users.phtml | 4 ++-- lib/lib_rss.php | 4 ++++ p/i/install.php | 2 +- 3 files changed, 7 insertions(+), 3 deletions(-) (limited to 'p/i/install.php') diff --git a/app/views/configure/users.phtml b/app/views/configure/users.phtml index 3640a2ff4..40cce590e 100644 --- a/app/views/configure/users.phtml +++ b/app/views/configure/users.phtml @@ -10,7 +10,7 @@
- $_SERVER['REMOTE_USER'] = + $_SERVER['REMOTE_USER'] =
+ + Mozilla Persona
@@ -95,4 +90,66 @@ + +
+ + +
+ +
+ +
+
+ +
+
+ +
+
+
+ +
+ + +
+ +
+ +
+
+ +
+ +
+ +
+
+ +
+ + conf->mail_login; ?> +
+ +
+
+ +
+
+ + +
+
+ +
+ +
diff --git a/lib/Minz/Configuration.php b/lib/Minz/Configuration.php index 1513af6d0..873908ce6 100644 --- a/lib/Minz/Configuration.php +++ b/lib/Minz/Configuration.php @@ -28,7 +28,7 @@ class Minz_Configuration { /** * définition des variables de configuration - * $sel_application une chaîne de caractères aléatoires (obligatoire) + * $salt une chaîne de caractères aléatoires (obligatoire) * $environment gère le niveau d'affichage pour log et erreurs * $use_url_rewriting indique si on utilise l'url_rewriting * $base_url le chemin de base pour accéder à l'application @@ -42,7 +42,7 @@ class Minz_Configuration { * - password mot de passe de l'utilisateur * - base le nom de la base de données */ - private static $sel_application = ''; + private static $salt = ''; private static $environment = Minz_Configuration::PRODUCTION; private static $base_url = ''; private static $use_url_rewriting = false; @@ -55,17 +55,19 @@ class Minz_Configuration { private static $auth_type = 'none'; private static $db = array ( - 'host' => false, - 'user' => false, - 'password' => false, - 'base' => false + 'type' => 'mysql', + 'host' => '', + 'user' => '', + 'password' => '', + 'base' => '', + 'prefix' => '', ); /* * Getteurs */ public static function salt () { - return self::$sel_application; + return self::$salt; } public static function environment () { return self::$environment; @@ -145,7 +147,7 @@ class Minz_Configuration { 'general' => array( 'environment' => self::$environment, 'use_url_rewriting' => self::$use_url_rewriting, - 'sel_application' => self::$sel_application, + 'salt' => self::$salt, 'base_url' => self::$base_url, 'title' => self::$title, 'default_user' => self::$default_user, @@ -189,14 +191,18 @@ class Minz_Configuration { } $general = $ini_array['general']; - // sel_application est obligatoire - if (!isset ($general['sel_application'])) { - throw new Minz_BadConfigurationException ( - 'sel_application', - Minz_Exception::ERROR - ); + // salt est obligatoire + if (!isset ($general['salt'])) { + if (isset($general['sel_application'])) { //v0.6 + $general['salt'] = $general['sel_application']; + } else { + throw new Minz_BadConfigurationException ( + 'salt', + Minz_Exception::ERROR + ); + } } - self::$sel_application = $general['sel_application']; + self::$salt = $general['salt']; if (isset ($general['environment'])) { switch ($general['environment']) { @@ -256,18 +262,15 @@ class Minz_Configuration { } // Base de données - $db = false; if (isset ($ini_array['db'])) { $db = $ini_array['db']; - } - if ($db) { - if (!isset ($db['host'])) { + if (empty($db['host'])) { throw new Minz_BadConfigurationException ( 'host', Minz_Exception::ERROR ); } - if (!isset ($db['user'])) { + if (empty($db['user'])) { throw new Minz_BadConfigurationException ( 'user', Minz_Exception::ERROR @@ -279,19 +282,23 @@ class Minz_Configuration { Minz_Exception::ERROR ); } - if (!isset ($db['base'])) { + if (empty($db['base'])) { throw new Minz_BadConfigurationException ( 'base', Minz_Exception::ERROR ); } - self::$db['type'] = isset ($db['type']) ? $db['type'] : 'mysql'; + if (!empty($db['type'])) { + self::$db['type'] = $db['type']; + } self::$db['host'] = $db['host']; self::$db['user'] = $db['user']; self::$db['password'] = $db['password']; self::$db['base'] = $db['base']; - self::$db['prefix'] = isset ($db['prefix']) ? $db['prefix'] : ''; + if (isset($db['prefix'])) { + self::$db['prefix'] = $db['prefix']; + } } } diff --git a/lib/Minz/FileNotExistException.php b/lib/Minz/FileNotExistException.php index df2b8ff6c..f8dfbdf66 100644 --- a/lib/Minz/FileNotExistException.php +++ b/lib/Minz/FileNotExistException.php @@ -1,7 +1,7 @@ */ @@ -23,7 +23,7 @@ class Minz_ModelPdo { protected $bd; protected $prefix; - + /** * Créé la connexion à la base de données à l'aide des variables * HOST, BASE, USER et PASS définies dans le fichier de configuration @@ -80,11 +80,15 @@ class Minz_ModelPdo { $this->bd->rollBack(); } - public function size() { + public function size($all = false) { $db = Minz_Configuration::dataBase (); $sql = 'SELECT SUM(data_length + index_length) FROM information_schema.TABLES WHERE table_schema = ?'; - $stm = $this->bd->prepare ($sql); $values = array ($db['base']); + if (!$all) { + $sql .= ' AND table_name LIKE ?'; + $values[] = $this->prefix . '%'; + } + $stm = $this->bd->prepare ($sql); $stm->execute ($values); $res = $stm->fetchAll(PDO::FETCH_COLUMN, 0); return $res[0]; diff --git a/p/i/install.php b/p/i/install.php index 672f64b94..e953cf699 100644 --- a/p/i/install.php +++ b/p/i/install.php @@ -12,6 +12,8 @@ if (isset ($_GET['step'])) { define ('STEP', 1); } +define('SQL_CREATE_DB', 'CREATE DATABASE %1$s DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;'); + include(APP_PATH . '/sql.php'); // @@ -151,7 +153,7 @@ function saveStep2 () { return false; } - $_SESSION['sel_application'] = sha1(uniqid(mt_rand(), true).implode('', stat(__FILE__))); + $_SESSION['salt'] = sha1(uniqid(mt_rand(), true).implode('', stat(__FILE__))); $_SESSION['title'] = substr(trim($_POST['title']), 0, 25); $_SESSION['old_entries'] = $_POST['old_entries']; if ((!ctype_digit($_SESSION['old_entries'])) || ($_SESSION['old_entries'] < 1)) { @@ -162,7 +164,7 @@ function saveStep2 () { $token = ''; if ($_SESSION['mail_login']) { - $token = sha1($_SESSION['sel_application'] . $_SESSION['mail_login']); + $token = sha1($_SESSION['salt'] . $_SESSION['mail_login']); } $config_array = array ( @@ -173,7 +175,7 @@ function saveStep2 () { ); $configPath = DATA_PATH . '/' . $_SESSION['default_user'] . '_user.php'; - @unlink(configPath); //To avoid access-rights problems + @unlink($configPath); //To avoid access-rights problems file_put_contents($configPath, " array( 'environment' => empty($_SESSION['environment']) ? 'production' : $_SESSION['environment'], 'use_url_rewriting' => false, - 'sel_application' => $_SESSION['sel_application'], + 'salt' => $_SESSION['salt'], 'base_url' => '', 'title' => $_SESSION['title'], 'default_user' => $_SESSION['default_user'], @@ -424,7 +426,7 @@ function checkStep0 () { if ($ini_array) { $ini_general = isset($ini_array['general']) ? $ini_array['general'] : null; if ($ini_general) { - $keys = array('environment', 'sel_application', 'title', 'default_user'); + $keys = array('environment', 'salt', 'title', 'default_user'); foreach ($keys as $key) { if ((empty($_SESSION[$key])) && isset($ini_general[$key])) { $_SESSION[$key] = $ini_general[$key]; @@ -496,7 +498,7 @@ function checkStep1 () { } function checkStep2 () { - $conf = !empty($_SESSION['sel_application']) && + $conf = !empty($_SESSION['salt']) && !empty($_SESSION['title']) && !empty($_SESSION['old_entries']) && isset($_SESSION['mail_login']) && @@ -537,7 +539,7 @@ function checkStep3 () { } function checkBD () { - $error = false; + $ok = false; try { $str = ''; @@ -575,35 +577,18 @@ function checkBD () { $res = $c->query($sql); //Backup tables } - $sql = sprintf (SQL_CAT, $_SESSION['bd_prefix_user']); - $res = $c->query ($sql); - - if (!$res) { - $error = true; - } - - $sql = sprintf (SQL_FEED, $_SESSION['bd_prefix_user']); - $res = $c->query ($sql); - - if (!$res) { - $error = true; - } - - $sql = sprintf (SQL_ENTRY, $_SESSION['bd_prefix_user']); - $res = $c->query ($sql); - - if (!$res) { - $error = true; - } + $sql = sprintf(SQL_CREATE_TABLES, $_SESSION['bd_prefix_user']); + $stm = $c->prepare($sql, array(PDO::ATTR_EMULATE_PREPARES => true)); + $ok = $stm->execute(); } catch (PDOException $e) { $error = true; } - if ($error && file_exists (DATA_PATH . '/config.php')) { - unlink (DATA_PATH . '/config.php'); + if (!$ok) { + @unlink(DATA_PATH . '/config.php'); } - return !$error; + return $ok; } /*** AFFICHAGE ***/ @@ -729,9 +714,6 @@ function printStep2 () {
-
-- cgit v1.2.3 From 5c9a32329ad68dc5ae8bc8a3566a0d603b80a934 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Tue, 31 Dec 2013 14:52:01 +0100 Subject: Multi-utilisateur fonctionnel avec Mozilla Persona MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Il faut ré-enregistrer l'adresse courriel une fois dans l'interface de FreshRSS pour créer le fichier nécessaire. + Comparaison sans tenir compte de la casse pour les noms d'utilisateur. Contribue à https://github.com/marienfressinaud/FreshRSS/issues/126 ll faudra tester la sécurité --- app/Controllers/indexController.php | 32 +++++++++++++++++++++++++++++--- app/Controllers/usersController.php | 37 ++++++++++++++++++++++++++----------- app/FreshRSS.php | 18 ++++++++++++++---- data/cache/index.html | 13 +++++++++++++ data/favicons/index.html | 13 +++++++++++++ data/log/index.html | 13 +++++++++++++ data/persona/.gitignore | 1 + data/persona/index.html | 13 +++++++++++++ p/i/install.php | 6 ++++++ 9 files changed, 128 insertions(+), 18 deletions(-) create mode 100644 data/cache/index.html create mode 100644 data/favicons/index.html create mode 100644 data/log/index.html create mode 100644 data/persona/.gitignore create mode 100644 data/persona/index.html (limited to 'p/i/install.php') diff --git a/app/Controllers/indexController.php b/app/Controllers/indexController.php index 7309169a6..5b51b3e28 100755 --- a/app/Controllers/indexController.php +++ b/app/Controllers/indexController.php @@ -249,14 +249,40 @@ class FreshRSS_index_Controller extends Minz_ActionController { curl_close ($ch); $res = json_decode ($result, true); - if ($res['status'] === 'okay' && $res['email'] === $this->view->conf->mail_login) { - Minz_Session::_param ('mail', $res['email']); + + $loginOk = false; + $reason = ''; + if ($res['status'] === 'okay') { + $email = filter_var($res['email'], FILTER_VALIDATE_EMAIL); + if ($email != '') { + $personaFile = DATA_PATH . '/persona/' . $email . '.txt'; + if (($currentUser = @file_get_contents($personaFile)) !== false) { + $currentUser = trim($currentUser); + if (ctype_alnum($currentUser)) { + try { + $this->conf = new FreshRSS_Configuration($currentUser); + $loginOk = strcasecmp($email, $this->conf->mail_login) === 0; + } catch (Minz_Exception $e) { + $reason = 'Invalid configuration for user [' . $currentUser . ']! ' . $e->getMessage(); //Permission denied or conf file does not exist + } + } else { + $reason = 'Invalid username format [' . $currentUser . ']!'; + } + } + } else { + $reason = 'Invalid email format [' . $res['email'] . ']!'; + } + } + if ($loginOk) { + Minz_Session::_param('currentUser', $currentUser); + Minz_Session::_param ('mail', $email); $this->view->loginOk = true; invalidateHttpCache(); } else { $res = array (); $res['status'] = 'failure'; - $res['reason'] = Minz_Translate::t ('invalid_login'); + $res['reason'] = $reason == '' ? Minz_Translate::t ('invalid_login') : $reason; + Minz_Log::record ('Persona: ' . $res['reason'], Minz_Log::WARNING); } header('Content-Type: application/json; charset=UTF-8'); diff --git a/app/Controllers/usersController.php b/app/Controllers/usersController.php index 7d9568083..5b3ffe81a 100644 --- a/app/Controllers/usersController.php +++ b/app/Controllers/usersController.php @@ -17,7 +17,14 @@ class FreshRSS_users_Controller extends Minz_ActionController { $this->view->conf->_mail_login($mail); $ok &= $this->view->conf->save(); - Minz_Session::_param('mail', $this->view->conf->mail_login); + $email = $this->view->conf->mail_login; + Minz_Session::_param('mail', $email); + + if ($email != '') { + $personaFile = DATA_PATH . '/persona/' . $email . '.txt'; + @unlink($personaFile); + $ok &= (file_put_contents($personaFile, Minz_Session::param('currentUser', '_')) !== false); + } //TODO: use $ok $notif = array( @@ -38,8 +45,6 @@ class FreshRSS_users_Controller extends Minz_ActionController { $this->view->conf->_token($token); $ok &= $this->view->conf->save(); - Minz_Session::_param('mail', $this->view->conf->mail_login); - $anon = Minz_Request::param('anon_access', false); $anon = ((bool)$anon) && ($anon !== 'no'); $auth_type = Minz_Request::param('auth_type', 'none'); @@ -69,18 +74,27 @@ class FreshRSS_users_Controller extends Minz_ActionController { } $new_user_name = Minz_Request::param('new_user_name'); - $ok = ctype_alnum($new_user_name); - - $new_user_email = filter_var($_POST['new_user_email'], FILTER_VALIDATE_EMAIL); - if (empty($new_user_email)) { - $new_user_email = ''; - $ok &= Minz_Configuration::authType() !== 'persona'; - } + $ok = ($new_user_name != '') && ctype_alnum($new_user_name); if ($ok) { + $ok &= (strcasecmp($new_user_name, Minz_Configuration::defaultUser()) !== 0); //It is forbidden to alter the default user + + $ok &= !in_array(strtoupper($new_user_name), array_map('strtoupper', listUsers())); //Not an existing user, case-insensitive + $configPath = DATA_PATH . '/' . $new_user_name . '_user.php'; $ok &= !file_exists($configPath); } + if ($ok) { + $new_user_email = filter_var($_POST['new_user_email'], FILTER_VALIDATE_EMAIL); + if (empty($new_user_email)) { + $new_user_email = ''; + $ok &= Minz_Configuration::authType() !== 'persona'; + } else { + $personaFile = DATA_PATH . '/persona/' . $new_user_email . '.txt'; + @unlink($personaFile); + $ok &= (file_put_contents($personaFile, $new_user_name) !== false); + } + } if ($ok) { $config_array = array( 'language' => $new_user_language, @@ -110,7 +124,7 @@ class FreshRSS_users_Controller extends Minz_ActionController { $ok = ctype_alnum($username); if ($ok) { - $ok &= ($username !== Minz_Configuration::defaultUser()); //It is forbidden to delete the default user + $ok &= (strcasecmp($username, Minz_Configuration::defaultUser()) !== 0); //It is forbidden to delete the default user } if ($ok) { $configPath = DATA_PATH . '/' . $username . '_user.php'; @@ -120,6 +134,7 @@ class FreshRSS_users_Controller extends Minz_ActionController { $userDAO = new FreshRSS_UserDAO(); $ok &= $userDAO->deleteUser($username); $ok &= unlink($configPath); + //TODO: delete Persona file } $notif = array( 'type' => $ok ? 'good' : 'bad', diff --git a/app/FreshRSS.php b/app/FreshRSS.php index 0e166cc3b..0af0c01da 100644 --- a/app/FreshRSS.php +++ b/app/FreshRSS.php @@ -18,8 +18,18 @@ class FreshRSS extends Minz_FrontController { $loginOk = $currentUser != ''; break; case 'persona': - $currentUser = Minz_Configuration::defaultUser(); //TODO: Make Persona compatible with multi-user - $loginOk = Minz_Session::param('mail') != ''; + $loginOk = false; + $email = filter_var(Minz_Session::param('mail'), FILTER_VALIDATE_EMAIL); + if ($email != '') { //TODO: Remove redundancy with indexController + $personaFile = DATA_PATH . '/persona/' . $email . '.txt'; + if (($currentUser = @file_get_contents($personaFile)) !== false) { + $currentUser = trim($currentUser); + $loginOk = true; + } + } + if (!$loginOk) { + $currentUser = Minz_Configuration::defaultUser(); + } break; case 'none': $currentUser = Minz_Configuration::defaultUser(); @@ -51,10 +61,10 @@ class FreshRSS extends Minz_FrontController { if ($loginOk) { switch (Minz_Configuration::authType()) { case 'http_auth': - $loginOk = $currentUser === httpAuthUser(); + $loginOk = strcasecmp($currentUser, httpAuthUser()) === 0; break; case 'persona': - $loginOk = Minz_Session::param('mail') === $this->conf->mail_login; + $loginOk = strcasecmp(Minz_Session::param('mail'), $this->conf->mail_login) === 0; break; case 'none': $loginOk = true; diff --git a/data/cache/index.html b/data/cache/index.html new file mode 100644 index 000000000..85faaa37e --- /dev/null +++ b/data/cache/index.html @@ -0,0 +1,13 @@ + + + + + +Redirection + + + + +

Redirection

+ + diff --git a/data/favicons/index.html b/data/favicons/index.html new file mode 100644 index 000000000..85faaa37e --- /dev/null +++ b/data/favicons/index.html @@ -0,0 +1,13 @@ + + + + + +Redirection + + + + +

Redirection

+ + diff --git a/data/log/index.html b/data/log/index.html new file mode 100644 index 000000000..85faaa37e --- /dev/null +++ b/data/log/index.html @@ -0,0 +1,13 @@ + + + + + +Redirection + + + + +

Redirection

+ + diff --git a/data/persona/.gitignore b/data/persona/.gitignore new file mode 100644 index 000000000..314f02b1b --- /dev/null +++ b/data/persona/.gitignore @@ -0,0 +1 @@ +*.txt \ No newline at end of file diff --git a/data/persona/index.html b/data/persona/index.html new file mode 100644 index 000000000..85faaa37e --- /dev/null +++ b/data/persona/index.html @@ -0,0 +1,13 @@ + + + + + +Redirection + + + + +

Redirection

+ + diff --git a/p/i/install.php b/p/i/install.php index e953cf699..0cd952fef 100644 --- a/p/i/install.php +++ b/p/i/install.php @@ -178,6 +178,12 @@ function saveStep2 () { @unlink($configPath); //To avoid access-rights problems file_put_contents($configPath, " Date: Wed, 1 Jan 2014 15:08:15 +0100 Subject: SQL : Insère la catégorie par défaut dès la création des tables MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/Models/UserDAO.php | 5 ++++- app/sql.php | 2 ++ p/i/install.php | 5 ++++- 3 files changed, 10 insertions(+), 2 deletions(-) (limited to 'p/i/install.php') diff --git a/app/Models/UserDAO.php b/app/Models/UserDAO.php index afa049fb9..a25b57f89 100644 --- a/app/Models/UserDAO.php +++ b/app/Models/UserDAO.php @@ -7,7 +7,10 @@ class FreshRSS_UserDAO extends Minz_ModelPdo { $sql = sprintf(SQL_CREATE_TABLES, $db['prefix'] . $username . '_'); $stm = $this->bd->prepare($sql, array(PDO::ATTR_EMULATE_PREPARES => true)); - if ($stm && $stm->execute()) { + $values = array( + 'catName' => Minz_Translate::t('default_category'), + ); + if ($stm && $stm->execute($values)) { return true; } else { $info = $stm->errorInfo(); diff --git a/app/sql.php b/app/sql.php index 8646b4da5..5a28858a7 100644 --- a/app/sql.php +++ b/app/sql.php @@ -52,6 +52,8 @@ CREATE TABLE IF NOT EXISTS `%1$sentry` ( INDEX (`is_read`) -- v0.7 ) DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci ENGINE = INNODB; + +INSERT INTO `%1$scategory` (name) VALUES(:catName); '); define('SQL_DROP_TABLES', 'DROP TABLES %1$sentry, %1$sfeed, %1$scategory'); diff --git a/p/i/install.php b/p/i/install.php index 0cd952fef..3316d222b 100644 --- a/p/i/install.php +++ b/p/i/install.php @@ -585,7 +585,10 @@ function checkBD () { $sql = sprintf(SQL_CREATE_TABLES, $_SESSION['bd_prefix_user']); $stm = $c->prepare($sql, array(PDO::ATTR_EMULATE_PREPARES => true)); - $ok = $stm->execute(); + $values = array( + 'catName' => _t('default_category'), + ); + $ok = $stm->execute($values); } catch (PDOException $e) { $error = true; } -- cgit v1.2.3 From e38b3a9c1bf6b5dd6b9a39fa8947c4475923caf3 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Sat, 4 Jan 2014 14:34:01 +0100 Subject: Petits changements install --- app/sql.php | 2 +- p/i/install.php | 17 +++++++++-------- 2 files changed, 10 insertions(+), 9 deletions(-) (limited to 'p/i/install.php') diff --git a/app/sql.php b/app/sql.php index 5a28858a7..1b43da30a 100644 --- a/app/sql.php +++ b/app/sql.php @@ -53,7 +53,7 @@ CREATE TABLE IF NOT EXISTS `%1$sentry` ( ) DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci ENGINE = INNODB; -INSERT INTO `%1$scategory` (name) VALUES(:catName); +INSERT IGNORE INTO `%1$scategory` (id, name) VALUES(1, :catName); '); define('SQL_DROP_TABLES', 'DROP TABLES %1$sentry, %1$sfeed, %1$scategory'); diff --git a/p/i/install.php b/p/i/install.php index 3316d222b..6891006fa 100644 --- a/p/i/install.php +++ b/p/i/install.php @@ -12,7 +12,7 @@ if (isset ($_GET['step'])) { define ('STEP', 1); } -define('SQL_CREATE_DB', 'CREATE DATABASE %1$s DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;'); +define('SQL_CREATE_DB', 'CREATE DATABASE IF NOT EXISTS %1$s DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;'); include(APP_PATH . '/sql.php'); @@ -556,12 +556,13 @@ function checkBD () { PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8' ); - // on ouvre une connexion juste pour créer la base si elle n'existe pas - $str = 'mysql:host=' . $_SESSION['bd_host'] . ';'; - $c = new PDO ($str, $_SESSION['bd_user'], $_SESSION['bd_password'], $driver_options); - - $sql = sprintf (SQL_CREATE_DB, $_SESSION['bd_base']); - $res = $c->query ($sql); + try { // on ouvre une connexion juste pour créer la base si elle n'existe pas + $str = 'mysql:host=' . $_SESSION['bd_host'] . ';'; + $c = new PDO ($str, $_SESSION['bd_user'], $_SESSION['bd_password'], $driver_options); + $sql = sprintf (SQL_CREATE_DB, $_SESSION['bd_base']); + $res = $c->query ($sql); + } catch (PDOException $e) { + } // on écrase la précédente connexion en sélectionnant la nouvelle BDD $str = 'mysql:host=' . $_SESSION['bd_host'] . ';dbname=' . $_SESSION['bd_base']; @@ -590,7 +591,7 @@ function checkBD () { ); $ok = $stm->execute($values); } catch (PDOException $e) { - $error = true; + $ok = false; } if (!$ok) { -- cgit v1.2.3 From bad052f590b2b1359d7de869d671baf440b95e36 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Sat, 4 Jan 2014 15:53:06 +0100 Subject: Messages d'erreur dans install --- p/i/install.php | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) (limited to 'p/i/install.php') diff --git a/p/i/install.php b/p/i/install.php index 6891006fa..0210133a5 100644 --- a/p/i/install.php +++ b/p/i/install.php @@ -194,7 +194,7 @@ function saveStep3 () { empty ($_POST['host']) || empty ($_POST['user']) || empty ($_POST['base'])) { - $_SESSION['bd_error'] = true; + $_SESSION['bd_error'] = 'Missing parameters!'; } $_SESSION['bd_type'] = isset ($_POST['type']) ? $_POST['type'] : 'mysql'; @@ -234,10 +234,10 @@ function saveStep3 () { $res = checkBD (); if ($res) { - $_SESSION['bd_error'] = false; + $_SESSION['bd_error'] = ''; header ('Location: index.php?step=4'); - } else { - $_SESSION['bd_error'] = true; + } elseif (empty($_SESSION['bd_error'])) { + $_SESSION['bd_error'] = 'Unknown error!'; } } invalidateHttpCache(); @@ -534,7 +534,7 @@ function checkStep3 () { isset ($_SESSION['bd_base']) && isset ($_SESSION['bd_prefix']) && isset ($_SESSION['bd_error']); - $conn = !isset ($_SESSION['bd_error']) || !$_SESSION['bd_error']; + $conn = empty($_SESSION['bd_error']); return array ( 'bd' => $bd ? 'ok' : 'ko', @@ -592,6 +592,7 @@ function checkBD () { $ok = $stm->execute($values); } catch (PDOException $e) { $ok = false; + $_SESSION['bd_error'] = $e->getMessage(); } if (!$ok) { @@ -772,7 +773,7 @@ function printStep3 () {

-

+

-- cgit v1.2.3 From 79d88a2d5b30aeadc71f7c98a4a860cd97e97562 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Sun, 5 Jan 2014 01:14:01 +0100 Subject: Corrige problème cookie avec IE en utilisant un chemin absolu MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Corrige https://github.com/marienfressinaud/FreshRSS/issues/345 @marienfressinaud Il faudrait peut-être le ré-écrire un peu mieux en utilisant base_url de la configuration de FreshRSS, mais je n'ai pas trop suivi comment était généré et utilisée cette variable. Qu'en dis-tu ? --- lib/Minz/Session.php | 2 +- p/i/install.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'p/i/install.php') diff --git a/lib/Minz/Session.php b/lib/Minz/Session.php index 37faff0fb..7823e69c2 100644 --- a/lib/Minz/Session.php +++ b/lib/Minz/Session.php @@ -18,7 +18,7 @@ class Minz_Session { public static function init ($name) { // démarre la session session_name ($name); - session_set_cookie_params (0, './', null, false, true); + session_set_cookie_params (0, dirname(empty($_SERVER['REQUEST_URI']) ? '/' : dirname($_SERVER['REQUEST_URI']), null, false, true); session_start (); if (isset ($_SESSION)) { diff --git a/p/i/install.php b/p/i/install.php index 0210133a5..85dfa3a66 100644 --- a/p/i/install.php +++ b/p/i/install.php @@ -3,7 +3,7 @@ require('../../constants.php'); include(LIB_PATH . '/lib_rss.php'); session_name('FreshRSS'); -session_set_cookie_params(0, './', null, false, true); +session_set_cookie_params(0, dirname(empty($_SERVER['REQUEST_URI']) ? '/' : dirname($_SERVER['REQUEST_URI'])), null, false, true); session_start(); if (isset ($_GET['step'])) { -- cgit v1.2.3 From eb8c4d21af44430390d02d1557950b38352581d3 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Sun, 5 Jan 2014 20:42:19 +0100 Subject: install.php : stripslashes pour migration depuis v0.6 https://github.com/marienfressinaud/FreshRSS/issues/299 --- p/i/install.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'p/i/install.php') diff --git a/p/i/install.php b/p/i/install.php index 85dfa3a66..4f2d00848 100644 --- a/p/i/install.php +++ b/p/i/install.php @@ -423,8 +423,9 @@ function checkStep0 () { if (file_exists(DATA_PATH . '/config.php')) { $ini_array = include(DATA_PATH . '/config.php'); - } elseif (file_exists(DATA_PATH . '/application.ini')) { + } elseif (file_exists(DATA_PATH . '/application.ini')) { //v0.6 $ini_array = parse_ini_file(DATA_PATH . '/application.ini', true); + $ini_array['general']['title'] = empty($ini_array['general']['title']) ? '' : stripslashes($ini_array['general']['title']); } else { $ini_array = null; } -- cgit v1.2.3 From 70c6ba903d9c69adda173917b07e503df07ae591 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Sun, 5 Jan 2014 21:55:15 +0100 Subject: Meilleure mise-à-jour avec Persona depuis v0.6 vers v0.7 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit https://github.com/marienfressinaud/FreshRSS/issues/347 * Conserve l'information sur l'utilisation de Persona lors d'une mise à jour depuis v0.6 vers v0.7. * Idem pour la lecture anonyme * Les droits sur le répertoire persona sont testés * Les tokens ne sont pas migrés ni testés pour l'instant https://github.com/marienfressinaud/FreshRSS/issues/327 --- app/i18n/install.en.php | 1 + app/i18n/install.fr.php | 1 + p/i/install.php | 20 ++++++++++++++++++-- 3 files changed, 20 insertions(+), 2 deletions(-) (limited to 'p/i/install.php') diff --git a/app/i18n/install.en.php b/app/i18n/install.en.php index 4d8006977..8145abffa 100644 --- a/app/i18n/install.en.php +++ b/app/i18n/install.en.php @@ -40,6 +40,7 @@ return array ( 'log_is_ok' => 'Permissions on logs directory are good', 'favicons_is_ok' => 'Permissions on favicons directory are good', 'data_is_ok' => 'Permissions on data directory are good', + 'persona_is_ok' => 'Permissions on Mozilla Persona directory are good', 'file_is_nok' => 'Check permissions on %s directory. HTTP server must have rights to write into', 'fix_errors_before' => 'Fix errors before skip to the next step.', diff --git a/app/i18n/install.fr.php b/app/i18n/install.fr.php index e9dba7c23..3211ddf19 100644 --- a/app/i18n/install.fr.php +++ b/app/i18n/install.fr.php @@ -40,6 +40,7 @@ return array ( 'log_is_ok' => 'Les droits sur le répertoire des logs sont bons', 'favicons_is_ok' => 'Les droits sur le répertoire des favicons sont bons', 'data_is_ok' => 'Les droits sur le répertoire de data sont bons', + 'persona_is_ok' => 'Les droits sur le répertoire de Mozilla Persona sont bons', 'file_is_nok' => 'Veuillez vérifier les droits sur le répertoire %s. Le serveur HTTP doit être capable d’écrire dedans', 'fix_errors_before' => 'Veuillez corriger les erreurs avant de passer à l’étape suivante.', diff --git a/p/i/install.php b/p/i/install.php index 4f2d00848..cd15c35f4 100644 --- a/p/i/install.php +++ b/p/i/install.php @@ -213,6 +213,8 @@ function saveStep3 () { 'base_url' => '', 'title' => $_SESSION['title'], 'default_user' => $_SESSION['default_user'], + 'auth_type' => $_SESSION['auth_type'], + 'allow_anonymous' => $_SESSION['allow_anonymous'], ), 'db' => array( 'type' => $_SESSION['bd_type'], @@ -433,7 +435,7 @@ function checkStep0 () { if ($ini_array) { $ini_general = isset($ini_array['general']) ? $ini_array['general'] : null; if ($ini_general) { - $keys = array('environment', 'salt', 'title', 'default_user'); + $keys = array('environment', 'salt', 'title', 'default_user', 'allow_anonymous', 'auth_type'); foreach ($keys as $key) { if ((empty($_SESSION[$key])) && isset($ini_general[$key])) { $_SESSION[$key] = $ini_general[$key]; @@ -455,6 +457,12 @@ function checkStep0 () { $userConfig = include(DATA_PATH . '/' . $_SESSION['default_user'] . '_user.php'); } elseif (file_exists(DATA_PATH . '/Configuration.array.php')) { $userConfig = include(DATA_PATH . '/Configuration.array.php'); //v0.6 + if (empty($_SESSION['auth_type'])) { + $_SESSION['auth_type'] = empty($userConfig['mail_login']) ? 'none' : 'persona'; + } + if (!isset($_SESSION['allow_anonymous'])) { + $_SESSION['allow_anonymous'] = empty($userConfig['anon_access']) ? false : ($userConfig['anon_access'] === 'yes'); + } } else { $userConfig = array(); } @@ -487,6 +495,7 @@ function checkStep1 () { $cache = CACHE_PATH && is_writable (CACHE_PATH); $log = LOG_PATH && is_writable (LOG_PATH); $favicons = is_writable (DATA_PATH . '/favicons'); + $persona = is_writable (DATA_PATH . '/persona'); return array ( 'php' => $php ? 'ok' : 'ko', @@ -500,7 +509,8 @@ function checkStep1 () { 'cache' => $cache ? 'ok' : 'ko', 'log' => $log ? 'ok' : 'ko', 'favicons' => $favicons ? 'ok' : 'ko', - 'all' => $php && $minz && $curl && $pdo && $pcre && $ctype && $dom && $data && $cache && $log && $favicons ? 'ok' : 'ko' + 'persona' => $persona ? 'ok' : 'ko', + 'all' => $php && $minz && $curl && $pdo && $pcre && $ctype && $dom && $data && $cache && $log && $favicons && $persona ? 'ok' : 'ko' ); } @@ -710,6 +720,12 @@ function printStep1 () {

+ +

+ +

+ + -- cgit v1.2.3 From 73682777a37ab511291986400d29273866f86fc9 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Mon, 13 Jan 2014 23:38:02 +0100 Subject: Install.php Mise à jour nom du thème "Origine" MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit https://github.com/marienfressinaud/FreshRSS/issues/120 --- p/i/install.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'p/i/install.php') diff --git a/p/i/install.php b/p/i/install.php index cd15c35f4..e81b76c14 100644 --- a/p/i/install.php +++ b/p/i/install.php @@ -927,8 +927,8 @@ case 6: <?php echo _t ('freshrss_installation'); ?> - - + + -- cgit v1.2.3 From 3d9d054f43f649863e575ba31138d372a504bc58 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Fri, 17 Jan 2014 22:12:26 +0100 Subject: Mise à jour des noms des thèmes dans install MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Corrige https://github.com/marienfressinaud/FreshRSS/issues/327#issuecomment-32630046 (Pas encore testé) --- p/i/install.php | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'p/i/install.php') diff --git a/p/i/install.php b/p/i/install.php index e81b76c14..08ed9ccb9 100644 --- a/p/i/install.php +++ b/p/i/install.php @@ -466,6 +466,19 @@ function checkStep0 () { } else { $userConfig = array(); } + if (isset($userConfig['theme'])) { + switch (strtolower($userConfig['theme'])) { + case 'default': //v0.6 + $userConfig['theme'] = 'Origine'; + break; + case 'flat-design': //v0.6 + $userConfig['theme'] = 'Flat'; + break; + case 'default_dark': //v0.6 + $userConfig['theme'] = 'Dark'; + break; + } + } $keys = array('language', 'old_entries', 'mail_login'); foreach ($keys as $key) { -- cgit v1.2.3 From 781d8a717f315525807bfd702cb740248b6087ea Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Sat, 18 Jan 2014 00:17:03 +0100 Subject: Choix du type de connexion dans l'installeur + diverses corrections dans l'installeur Adresse une partie de https://github.com/marienfressinaud/FreshRSS/issues/355 --- app/i18n/en.php | 5 +-- app/i18n/fr.php | 5 +-- app/i18n/install.en.php | 2 -- app/i18n/install.fr.php | 2 -- app/views/configure/users.phtml | 4 +-- p/i/install.php | 75 ++++++++++++++++++++++++++++++++--------- 6 files changed, 68 insertions(+), 25 deletions(-) (limited to 'p/i/install.php') diff --git a/app/i18n/en.php b/app/i18n/en.php index c90563036..6dc7a4acf 100644 --- a/app/i18n/en.php +++ b/app/i18n/en.php @@ -160,8 +160,8 @@ return array ( 'think_to_add' => 'Remember to add some RSS feeds!', 'current_user' => 'Current user', - 'default_user' => 'Username of the default user (maximum 16 alphanumeric characters)', - 'password' =>'Password
(for the Web-form login method)', + 'default_user' => 'Username of the default user (maximum 16 alphanumeric characters)', + 'password_form' =>'Password
(for the Web-form login method)', 'persona_connection_email' => 'Login mail address
(for Mozilla Persona)', 'allow_anonymous' => 'Allow anonymous reading for the default user (%s)', 'auth_token' => 'Authentication token', @@ -176,6 +176,7 @@ return array ( 'users_list' => 'List of users', 'create_user' => 'Create new user', 'username' => 'Username', + 'password' => 'Password', 'create' => 'Create', 'user_created' => 'User %s has been created', 'user_deleted' => 'User %s has been deleted', diff --git a/app/i18n/fr.php b/app/i18n/fr.php index 37f847f4d..16d93a59a 100644 --- a/app/i18n/fr.php +++ b/app/i18n/fr.php @@ -160,8 +160,8 @@ return array ( 'think_to_add' => 'Pensez à en ajouter !', 'current_user' => 'Utilisateur actuel', - 'password' =>'Mot de passe
(pour connexion par formulaire)', - 'default_user' => 'Nom de l’utilisateur par défaut (16 caractères alphanumériques maximum)', + 'password_form' =>'Mot de passe
(pour connexion par formulaire)', + 'default_user' => 'Nom de l’utilisateur par défaut (16 caractères alphanumériques maximum)', 'persona_connection_email' => 'Adresse courriel de connexion
(pour Mozilla Persona)', 'allow_anonymous' => 'Autoriser la lecture anonyme pour l’utilisateur par défaut (%s)', 'auth_token' => 'Jeton d’identification', @@ -176,6 +176,7 @@ return array ( 'users_list' => 'Liste des utilisateurs', 'create_user' => 'Créer un nouvel utilisateur', 'username' => 'Nom d’utilisateur', + 'password' => 'Mot de passe', 'create' => 'Créer', 'user_created' => 'L’utilisateur %s a été créé', 'user_deleted' => 'L’utilisateur %s a été supprimé', diff --git a/app/i18n/install.en.php b/app/i18n/install.en.php index 24335c6c9..1c24c7d7e 100644 --- a/app/i18n/install.en.php +++ b/app/i18n/install.en.php @@ -53,8 +53,6 @@ return array ( 'bdd_conf_is_ok' => 'Database configuration has been saved.', 'bdd_conf_is_ko' => 'Verify your database information.', 'host' => 'Host', - 'username' => 'Username', - 'password' => 'Password', 'bdd' => 'Database', 'prefix' => 'Table prefix', diff --git a/app/i18n/install.fr.php b/app/i18n/install.fr.php index 554d17587..68927df6d 100644 --- a/app/i18n/install.fr.php +++ b/app/i18n/install.fr.php @@ -53,8 +53,6 @@ return array ( 'bdd_conf_is_ok' => 'La configuration de la base de données a été enregistrée.', 'bdd_conf_is_ko' => 'Vérifiez les informations d’accès à la base de données.', 'host' => 'Hôte', - 'username' => 'Nom utilisateur', - 'password' => 'Mot de passe', 'bdd' => 'Base de données', 'prefix' => 'Préfixe des tables', diff --git a/app/views/configure/users.phtml b/app/views/configure/users.phtml index 0419df747..602dfaf62 100644 --- a/app/views/configure/users.phtml +++ b/app/views/configure/users.phtml @@ -18,7 +18,7 @@
- +
@@ -140,7 +140,7 @@
- +
diff --git a/p/i/install.php b/p/i/install.php index 08ed9ccb9..294231fc0 100644 --- a/p/i/install.php +++ b/p/i/install.php @@ -1,5 +1,11 @@ BCRYPT_COST)); + $passwordHash = preg_replace('/^\$2[xy]\$/', '\$2a\$', $passwordHash); //Compatibility with bcrypt.js + $_SESSION['passwordHash'] = $passwordHash; + } $token = ''; if ($_SESSION['mail_login']) { @@ -169,8 +182,10 @@ function saveStep2 () { $config_array = array ( 'language' => $_SESSION['language'], + 'theme' => $_SESSION['theme'], 'old_entries' => $_SESSION['old_entries'], 'mail_login' => $_SESSION['mail_login'], + 'passwordHash' => $_SESSION['passwordHash'], 'token' => $token, ); @@ -214,7 +229,7 @@ function saveStep3 () { 'title' => $_SESSION['title'], 'default_user' => $_SESSION['default_user'], 'auth_type' => $_SESSION['auth_type'], - 'allow_anonymous' => $_SESSION['allow_anonymous'], + 'allow_anonymous' => isset($_SESSION['allow_anonymous']) ? $_SESSION['allow_anonymous'] : false, ), 'db' => array( 'type' => $_SESSION['bd_type'], @@ -466,21 +481,11 @@ function checkStep0 () { } else { $userConfig = array(); } - if (isset($userConfig['theme'])) { - switch (strtolower($userConfig['theme'])) { - case 'default': //v0.6 - $userConfig['theme'] = 'Origine'; - break; - case 'flat-design': //v0.6 - $userConfig['theme'] = 'Flat'; - break; - case 'default_dark': //v0.6 - $userConfig['theme'] = 'Dark'; - break; - } + if (empty($_SESSION['auth_type'])) { //v0.7b + $_SESSION['auth_type'] = ''; } - $keys = array('language', 'old_entries', 'mail_login'); + $keys = array('language', 'theme', 'old_entries', 'mail_login', 'passwordHash'); foreach ($keys as $key) { if ((!isset($_SESSION[$key])) && isset($userConfig[$key])) { $_SESSION[$key] = $userConfig[$key]; @@ -491,6 +496,25 @@ function checkStep0 () { $language = isset ($_SESSION['language']) && isset ($languages[$_SESSION['language']]); + if (empty($_SESSION['passwordHash'])) { //v0.7b + $_SESSION['passwordHash'] = ''; + } + if (empty($_SESSION['theme'])) { + $_SESSION['theme'] = 'Origine'; + } else { + switch (strtolower($_SESSION['theme'])) { + case 'default': //v0.7b + $_SESSION['theme'] = 'Origine'; + break; + case 'flat-design': //v0.7b + $_SESSION['theme'] = 'Flat'; + break; + case 'default_dark': //v0.7b + $_SESSION['theme'] = 'Dark'; + break; + } + } + return array ( 'language' => $language ? 'ok' : 'ko', 'all' => $language ? 'ok' : 'ko' @@ -777,10 +801,31 @@ function printStep2 () {
+
+ +
+ +
+
+ +
+ +
+ + +
+
+
- +
-- cgit v1.2.3 From fb908d45577cd0f156104eb23b4b9859d40b6da2 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Sat, 18 Jan 2014 00:34:46 +0100 Subject: Corrige rafraîchissement automatique après mise-à-jour avec Persona ou formulaire MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Corrige https://github.com/marienfressinaud/FreshRSS/issues/327#issuecomment-31958851 --- app/Controllers/feedController.php | 1 + app/views/helpers/javascript_vars.phtml | 3 --- p/i/install.php | 2 +- 3 files changed, 2 insertions(+), 4 deletions(-) (limited to 'p/i/install.php') diff --git a/app/Controllers/feedController.php b/app/Controllers/feedController.php index d2117f665..c40b3c400 100755 --- a/app/Controllers/feedController.php +++ b/app/Controllers/feedController.php @@ -164,6 +164,7 @@ class FreshRSS_feed_Controller extends Minz_ActionController { $feedDAO = new FreshRSS_FeedDAO (); $entryDAO = new FreshRSS_EntryDAO (); + Minz_Session::_param('actualize_feeds', false); $id = Minz_Request::param ('id'); $force = Minz_Request::param ('force', false); diff --git a/app/views/helpers/javascript_vars.phtml b/app/views/helpers/javascript_vars.phtml index 3fd5580f4..0ecdc1bca 100644 --- a/app/views/helpers/javascript_vars.phtml +++ b/app/views/helpers/javascript_vars.phtml @@ -42,6 +42,3 @@ echo 'str_confirmation="', Minz_Translate::t('confirm_action'), '"', ",\n"; $autoActualise = Minz_Session::param('actualize_feeds', false); echo 'auto_actualize_feeds=', $autoActualise ? 'true' : 'false', ";\n"; -if ($autoActualise) { - Minz_Session::_param('actualize_feeds', false); -} diff --git a/p/i/install.php b/p/i/install.php index 294231fc0..18dfc1449 100644 --- a/p/i/install.php +++ b/p/i/install.php @@ -817,7 +817,7 @@ function printStep2 () {
- +
-- cgit v1.2.3 From 5f0594c630028b8612b57da15bcdf00a932930bc Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Sat, 18 Jan 2014 21:26:33 +0100 Subject: Désactive l'identification par formulaire en dessous de PHP 5.3 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit PHP 5.3 est sorti en juin 2009. https://github.com/ircmaxell/password_compat Pour plus de tranquillité (compatibilité et sécurité), il faudrait même désactiver en dessous de PHP 5.3.7 (août 2011) --- CHANGELOG | 1 + README.md | 2 +- app/views/configure/users.phtml | 2 +- p/i/install.php | 2 +- 4 files changed, 4 insertions(+), 3 deletions(-) (limited to 'p/i/install.php') diff --git a/CHANGELOG b/CHANGELOG index 9a0ae1f61..f72bd8ff5 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -7,6 +7,7 @@ * Nécessite un contrôle d’accès, soit : * par le nouveau mode de connexion par formulaire (nom d’utilisateur + mot de passe) * relativement sûr même sans HTTPS (le mot de passe n’est pas transmis en clair) + * requiert JavaScript et PHP 5.3+ * par HTTP (par exemple sous Apache en créant un fichier ./p/i/.htaccess et .htpasswd) * le nom d’utilisateur HTTP doit correspondre au nom d’utilisateur FreshRSS * par Mozilla Persona, en renseignant l’adresse courriel des utilisateurs diff --git a/README.md b/README.md index 4100a8638..abc40d489 100644 --- a/README.md +++ b/README.md @@ -25,7 +25,7 @@ Privilégiez pour cela des demandes sur GitHub * Serveur modeste, par exemple sous Linux ou Windows * Fonctionne même sur un Raspberry Pi avec des temps de réponse < 1s (testé sur 150 flux, 22k articles, soit 32Mo de données partiellement compressées) * Serveur Web Apache2 ou Nginx (non testé sur les autres) -* PHP 5.2+ (PHP 5.3.4+ recommandé) +* PHP 5.2+ (PHP 5.3.7+ recommandé) * Requis : [PDO_MySQL](http://php.net/pdo-mysql), [cURL](http://php.net/curl), [LibXML](http://php.net/xml), [PCRE](http://php.net/pcre), [ctype](http://php.net/ctype) * Recommandés : [JSON](http://php.net/json), [zlib](http://php.net/zlib), [mbstring](http://php.net/mbstring), [iconv](http://php.net/iconv) * MySQL 5.0.3+ (ou SQLite 3.7.4+ à venir) diff --git a/app/views/configure/users.phtml b/app/views/configure/users.phtml index 3f352f9bf..41129333c 100644 --- a/app/views/configure/users.phtml +++ b/app/views/configure/users.phtml @@ -50,7 +50,7 @@
- + -- cgit v1.2.3 From 4985e457eb004a4455148802a52ad14d81e7276f Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Thu, 23 Jan 2014 18:03:44 +0100 Subject: N'affiche que lorsque nécessaire MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Corrige https://github.com/marienfressinaud/FreshRSS/issues/372 --- app/views/configure/display.phtml | 19 +++++++++++-------- app/views/configure/users.phtml | 4 +++- p/i/install.php | 4 +++- 3 files changed, 17 insertions(+), 10 deletions(-) (limited to 'p/i/install.php') diff --git a/app/views/configure/display.phtml b/app/views/configure/display.phtml index 725356c8d..9104e4ef1 100644 --- a/app/views/configure/display.phtml +++ b/app/views/configure/display.phtml @@ -21,14 +21,17 @@
- +
diff --git a/app/views/configure/users.phtml b/app/views/configure/users.phtml index 990c80acc..f37b2320f 100644 --- a/app/views/configure/users.phtml +++ b/app/views/configure/users.phtml @@ -49,7 +49,9 @@
- + + + -- cgit v1.2.3 From 9de716591917c23fba3ebb9950c1ee9f09f396db Mon Sep 17 00:00:00 2001 From: Marien Fressinaud Date: Sat, 25 Jan 2014 12:47:39 +0100 Subject: Infos mise à jour plus verbeux et déplacés MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Un message explicite indique la fin de la mise à jour. Le message a été déplacé au-dessus de la zone des boutons. Voir #377 --- app/i18n/install.en.php | 2 ++ app/i18n/install.fr.php | 1 + p/i/install.php | 17 +++++++++++++---- 3 files changed, 16 insertions(+), 4 deletions(-) (limited to 'p/i/install.php') diff --git a/app/i18n/install.en.php b/app/i18n/install.en.php index 1c24c7d7e..0311ee9a4 100644 --- a/app/i18n/install.en.php +++ b/app/i18n/install.en.php @@ -58,6 +58,8 @@ return array ( 'update_start' => 'Start update process', 'update_long' => 'This can take a long time, depending on the size of your database. You may have to wait for this page to time out (~5 minutes) and then refresh this page.', + 'update_end' => 'Update process is completed, now you can go to the final step.', + 'installation_is_ok' => 'The installation process was successful.
The final step will now attempt to delete the ./p/i/install.php file and any database backup created during the update process.
You may choose to skip this step and delete ./p/i/install.php manually.', 'finish_installation' => 'Complete installation', diff --git a/app/i18n/install.fr.php b/app/i18n/install.fr.php index 68927df6d..bb183642f 100644 --- a/app/i18n/install.fr.php +++ b/app/i18n/install.fr.php @@ -58,6 +58,7 @@ return array ( 'update_start' => 'Lancer la mise à jour', 'update_long' => 'Ce processus peut prendre longtemps, selon la taille de votre base de données. Vous aurez peut-être à attendre que cette page dépasse son temps maximum d’exécution (~5 minutes) puis à la recharger.', + 'update_end' => 'La mise à jour est terminée, vous pouvez maintenant passer à l’étape finale.', 'installation_is_ok' => 'L’installation s’est bien passée.
La dernière étape va maintenant tenter de supprimer le fichier ./p/i/install.php, ainsi que d’éventuelles copies de base de données créées durant le processus de mise à jour.
Vous pouvez choisir de sauter cette étape et de supprimer ./p/i/install.php manuellement.', 'finish_installation' => 'Terminer l’installation', diff --git a/p/i/install.php b/p/i/install.php index a8ea75c9c..331eda4ff 100644 --- a/p/i/install.php +++ b/p/i/install.php @@ -924,17 +924,26 @@ function printStep4 () { ?> + + +

+
- -

- +
+
+ + +

+ +
+
-
+ Date: Sun, 26 Jan 2014 21:09:47 +0100 Subject: Compatibilité PHP 5.4- MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit https://github.com/marienfressinaud/FreshRSS/issues/327#issuecomment-33328377 --- p/i/install.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'p/i/install.php') diff --git a/p/i/install.php b/p/i/install.php index 331eda4ff..5addfb527 100644 --- a/p/i/install.php +++ b/p/i/install.php @@ -4,7 +4,7 @@ if (function_exists('opcache_reset')) { } require('../../constants.php'); -const BCRYPT_COST = 9; +define('BCRYPT_COST', 9); include(LIB_PATH . '/lib_rss.php'); @@ -170,6 +170,9 @@ function saveStep2 () { $_SESSION['default_user'] = substr(preg_replace('/[^a-zA-Z0-9]/', '', $_POST['default_user']), 0, 16); $_SESSION['auth_type'] = $_POST['auth_type']; if (!empty($_POST['passwordPlain'])) { + if (!function_exists('password_hash')) { + include_once(LIB_PATH . '/password_compat.php'); + } $passwordHash = password_hash($_POST['passwordPlain'], PASSWORD_BCRYPT, array('cost' => BCRYPT_COST)); $passwordHash = preg_replace('/^\$2[xy]\$/', '\$2a\$', $passwordHash); //Compatibility with bcrypt.js $_SESSION['passwordHash'] = $passwordHash; -- cgit v1.2.3 From 311ea6f52f1bdff15b92078d94ddca2921ff808e Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Sun, 26 Jan 2014 22:32:30 +0100 Subject: Meilleure mise à jour avec les favicons MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Implémente https://github.com/marienfressinaud/FreshRSS/issues/327#issuecomment-33329115 --- p/i/install.php | 74 ++++++++++++++++++++++++++++++++++++++------------------- 1 file changed, 50 insertions(+), 24 deletions(-) (limited to 'p/i/install.php') diff --git a/p/i/install.php b/p/i/install.php index 5addfb527..8002a45da 100644 --- a/p/i/install.php +++ b/p/i/install.php @@ -87,6 +87,8 @@ SET f.cache_nbEntries=x.nbEntries, f.cache_nbUnreads=x.nbUnreads '); define('SQL_UPDATE_HISTORYv007b', 'UPDATE `%1$sfeed` SET keep_history = CASE WHEN keep_history = 0 THEN -2 WHEN keep_history = 1 THEN -1 ELSE keep_history END;'); + +define('SQL_GET_FEEDS', 'SELECT id, url, website FROM `%1$sfeed`;'); // // gestion internationalisation @@ -310,14 +312,6 @@ function updateDatabase($perform = false) { $stm->execute(); } - $sql = sprintf(SQL_UPDATE_HISTORYv007b, $_SESSION['bd_prefix_user']); - $stm = $c->prepare($sql); - $stm->execute(); - - $sql = sprintf(SQL_UPDATE_CACHED_VALUES, $_SESSION['bd_prefix_user']); - $stm = $c->prepare($sql); - $stm->execute(); - $sql = sprintf(SQL_CONVERT_SELECTv006, $_SESSION['bd_prefix'], $_SESSION['bd_prefix_user']); if (!$perform) { $sql .= ' LIMIT 1'; @@ -339,6 +333,7 @@ function updateDatabase($perform = false) { $content = unserialize(gzinflate(base64_decode($row['content']))); $stm2->execute(array($content, $id)); } + return true; } catch (PDOException $e) { return false; @@ -346,6 +341,51 @@ function updateDatabase($perform = false) { return false; } +function newPdo() { + switch ($_SESSION['bd_type']) { + case 'mysql': + $str = 'mysql:host=' . $_SESSION['bd_host'] . ';dbname=' . $_SESSION['bd_base']; + $driver_options = array( + PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8', + ); + break; + case 'sqlite': + $str = 'sqlite:' . DATA_PATH . $_SESSION['bd_base'] . '.sqlite'; + $driver_options = null; + break; + default: + return false; + } + return new PDO($str, $_SESSION['bd_user'], $_SESSION['bd_password'], $driver_options); +} + +function postUpdate() { + $c = newPdo(); + + $sql = sprintf(SQL_UPDATE_HISTORYv007b, $_SESSION['bd_prefix_user']); + $stm = $c->prepare($sql); + $stm->execute(); + + $sql = sprintf(SQL_UPDATE_CACHED_VALUES, $_SESSION['bd_prefix_user']); + $stm = $c->prepare($sql); + $stm->execute(); + + // + $sql = sprintf(SQL_GET_FEEDS, $_SESSION['bd_prefix_user']); + $stm = $c->prepare($sql); + $stm->execute(); + $res = $stm->fetchAll(PDO::FETCH_ASSOC); + foreach ($res as $feed) { + if (empty($feed['url'])) { + continue; + } + $hash = hash('crc32b', $_SESSION['salt'] . $feed['url']); + @file_put_contents(DATA_PATH . '/favicons/' . $hash . '.txt', + empty($feed['website']) ? $feed['url'] : $feed['website']); + } + // +} + function deleteInstall () { $res = unlink (INDEX_PATH . '/install.php'); if ($res) { @@ -360,22 +400,7 @@ function deleteInstall () { } try { - switch ($_SESSION['bd_type']) { - case 'mysql': - $str = 'mysql:host=' . $_SESSION['bd_host'] . ';dbname=' . $_SESSION['bd_base']; - $driver_options = array( - PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8', - ); - break; - case 'sqlite': - $str = 'sqlite:' . DATA_PATH . $_SESSION['bd_base'] . '.sqlite'; - $driver_options = null; - break; - default: - return false; - } - - $c = new PDO($str, $_SESSION['bd_user'], $_SESSION['bd_password'], $driver_options); + $c = newPdo(); $sql = sprintf(SQL_DROP_BACKUPv006, $_SESSION['bd_prefix']); $stm = $c->prepare($sql); $stm->execute(); @@ -987,6 +1012,7 @@ case 4: } break; case 5: + postUpdate(); break; case 6: deleteInstall (); -- cgit v1.2.3