diff options
Diffstat (limited to 'classes/handler/public.php')
| -rwxr-xr-x | classes/handler/public.php | 121 |
1 files changed, 74 insertions, 47 deletions
diff --git a/classes/handler/public.php b/classes/handler/public.php index 37fe8612a..318cecd72 100755 --- a/classes/handler/public.php +++ b/classes/handler/public.php @@ -329,7 +329,7 @@ class Handler_Public extends Handler { if (!$og_image) { $tmpdoc = new DOMDocument(); - if (@$tmpdoc->loadHTML(mb_substr($content, 0, 131070))) { + if (@$tmpdoc->loadHTML('<?xml encoding="UTF-8">' . mb_substr($content, 0, 131070))) { $tmpxpath = new DOMXPath($tmpdoc); $imgs = $tmpxpath->query("//img"); @@ -388,23 +388,29 @@ class Handler_Public extends Handler { $rv .= "<!DOCTYPE html> <html><head> - <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/> + <meta http-equiv='Content-Type' content='text/html; charset=utf-8'/> <title>".$line["title"]."</title>". stylesheet_tag("css/default.css")." - <link rel=\"shortcut icon\" type=\"image/png\" href=\"images/favicon.png\"> - <link rel=\"icon\" type=\"image/png\" sizes=\"72x72\" href=\"images/favicon-72px.png\">"; - - $rv .= "<meta property=\"og:title\" content=\"".htmlspecialchars($line["title"])."\"/>\n"; - $rv .= "<meta property=\"og:site_name\" content=\"".htmlspecialchars($line["feed_title"])."\"/>\n"; - $rv .= "<meta property=\"og:description\" content=\"". - htmlspecialchars(truncate_string(strip_tags($line["content"]), 500, "..."))."\"/>\n"; + <link rel='shortcut icon' type='image/png' href='images/favicon.png'> + <link rel='icon' type='image/png' sizes='72x72' href='images/favicon-72px.png'>"; + + $rv .= "<meta property='og:title' content=\"".htmlspecialchars(html_entity_decode($line["title"], ENT_NOQUOTES | ENT_HTML401))."\"/>\n"; + $rv .= "<meta property='og:description' content=\"". + htmlspecialchars( + truncate_string( + preg_replace("/[\r\n\t]/", "", + preg_replace("/ {1,}/", " ", + strip_tags(html_entity_decode($line["content"], ENT_NOQUOTES | ENT_HTML401)) + ) + ), 500, "...") + )."\"/>\n"; $rv .= "</head>"; $og_image = $this->get_article_image($enclosures, $line['content'], $line["site_url"]); if ($og_image) { - $rv .= "<meta property=\"og:image\" content=\"" . htmlspecialchars($og_image) . "\"/>"; + $rv .= "<meta property='og:image' content=\"" . htmlspecialchars($og_image) . "\"/>"; } $rv .= "<body class='flat ttrss_utility ttrss_zoom'>"; @@ -439,7 +445,7 @@ class Handler_Public extends Handler { /* content */ $lang = $line['lang'] ? $line['lang'] : "en"; - $rv .= "<div class=\"content\" lang=\"$lang\">"; + $rv .= "<div class='content' lang='$lang'>"; /* content body */ @@ -525,6 +531,7 @@ class Handler_Public extends Handler { header('Content-Type: text/html; charset=utf-8'); ?> + <!DOCTYPE html> <html> <head> <title><?php echo __("Share with Tiny Tiny RSS") ?> ?></title> @@ -612,7 +619,7 @@ class Handler_Public extends Handler { <fieldset> <button dojoType='dijit.form.Button' class="alt-primary" type="submit"><?php echo __('Share') ?></button> <button dojoType='dijit.form.Button' onclick="return window.close()"><?php echo __('Cancel') ?></button> - <span class="insensitive small"><?php echo __("Shared article will appear in the Published feed.") ?></span> + <span class="text-muted small"><?php echo __("Shared article will appear in the Published feed.") ?></span> </fieldset> </form> @@ -622,7 +629,7 @@ class Handler_Public extends Handler { } else { - $return = urlencode($_SERVER["REQUEST_URI"]) + $return = urlencode(make_self_url()); ?> @@ -711,7 +718,9 @@ class Handler_Public extends Handler { user_error("Failed login attempt for $login from {$_SERVER['REMOTE_ADDR']}", E_USER_WARNING); } - if (clean($_REQUEST['return'])) { + $return = clean($_REQUEST['return']); + + if ($_REQUEST['return'] && mb_strpos($return, SELF_URL_PATH) === 0) { header("Location: " . clean($_REQUEST['return'])); } else { header("Location: " . get_self_url_prefix()); @@ -742,6 +751,7 @@ class Handler_Public extends Handler { header('Content-Type: text/html; charset=utf-8'); ?> + <!DOCTYPE html> <html> <head> <title>Tiny Tiny RSS</title> @@ -770,7 +780,21 @@ class Handler_Public extends Handler { <?php if (!$feed_url) { - print_error("No feed to subscribe to."); + ?> + <form method="post"> + <input type="hidden" name="op" value="subscribe"> + <fieldset> + <label>Feed or site URL:</label> + <input style="width: 300px" dojoType="dijit.form.ValidationTextBox" required="1" name="feed_url"> + </fieldset> + + <button class="alt-primary" dojoType="dijit.form.Button" type="submit"> + <?php echo __("Subscribe") ?> + </button> + + <a href="index.php"><?php echo __("Return to Tiny Tiny RSS") ?></a> + </form> + <?php } else { $rc = Feeds::subscribe_to_feed($feed_url); @@ -814,9 +838,11 @@ class Handler_Public extends Handler { } print "</select>"; - print "<button class='alt-primary' dojoType='dijit.form.Button' type='submit'>".__("Subscribe to selected feed")."</button>"; print "</fieldset>"; + print "<button class='alt-primary' dojoType='dijit.form.Button' type='submit'>".__("Subscribe to selected feed")."</button>"; + print "<a href='index.php'>".__("Return to Tiny Tiny RSS")."</a>"; + print "</form>"; } @@ -832,20 +858,18 @@ class Handler_Public extends Handler { } else { $feed_id = 0; } - print "<p>"; if ($feed_id) { - print "<form method='GET' style='float : left' action=\"$tp_uri\"> + print "<form method='GET' action=\"$tp_uri\"> <input type='hidden' name='tab' value='feedConfig'> <input type='hidden' name='method' value='editfeed'> <input type='hidden' name='methodparam' value='$feed_id'> <button dojoType='dijit.form.Button' class='alt-info' type='submit'>".__("Edit subscription options")."</button> + <a href='index.php'>".__("Return to Tiny Tiny RSS")."</a> </form>"; } } - print "<a href='index.php'>".__("Return to Tiny Tiny RSS")."</a>"; - print "</div></div></body></html>"; } else { @@ -866,7 +890,7 @@ class Handler_Public extends Handler { header('Content-Type: text/html; charset=utf-8'); ?> - + <!DOCTYPE html> <html> <head> <title>Tiny Tiny RSS</title> @@ -941,12 +965,12 @@ class Handler_Public extends Handler { print "<form method='POST' action='public.php'> <input type='hidden' name='method' value='do'> <input type='hidden' name='op' value='forgotpass'> - + <fieldset> <label>".__("Login:")."</label> <input dojoType='dijit.form.TextBox' type='text' name='login' value='' required> </fieldset> - + <fieldset> <label>".__("Email:")."</label> <input dojoType='dijit.form.TextBox' type='email' name='email' value='' required> @@ -959,13 +983,13 @@ class Handler_Public extends Handler { <label>".T_sprintf("How much is %d + %d:", $_SESSION["pwdreset:testvalue1"], $_SESSION["pwdreset:testvalue2"])."</label> <input dojoType='dijit.form.TextBox' type='text' name='test' value='' required> </fieldset> - + <hr/> <fieldset> <button dojoType='dijit.form.Button' type='submit' class='alt-danger'>".__("Reset password")."</button> <a href='index.php'>".__("Return to Tiny Tiny RSS")."</a> </fieldset> - + </form>"; } else if ($method == 'do') { @@ -1018,7 +1042,7 @@ class Handler_Public extends Handler { $mailer = new Mailer(); - $rc = $mailer->mail(["to_name" => $login, + $rc = $mailer->mail(["to_name" => $login, "to_address" => $email, "subject" => __("[tt-rss] Password reset request"), "message" => $message]); @@ -1033,8 +1057,6 @@ class Handler_Public extends Handler { $sth->execute([$resetpass_token_full, $login, $email]); - //Pref_Users::resetUserPassword($id, false); - } else { print_error("User ID not found."); } @@ -1071,6 +1093,7 @@ class Handler_Public extends Handler { } ?> + <!DOCTYPE html> <html> <head> <title>Database Updater</title> @@ -1116,32 +1139,35 @@ class Handler_Public extends Handler { if ($op == "performupdate") { if ($updater->isUpdateRequired()) { - print "<h2>" . __("Performing updates") . "</h2>"; - - print "<h3>" . T_sprintf("Updating to schema version %d", SCHEMA_VERSION) . "</h3>"; - - print "<ul>"; + print "<h2>" . T_sprintf("Performing updates to version %d", SCHEMA_VERSION) . "</h2>"; for ($i = $updater->getSchemaVersion() + 1; $i <= SCHEMA_VERSION; $i++) { - print "<li>" . T_sprintf("Performing update up to version %d...", $i); + print "<ul>"; + + print "<li class='text-info'>" . T_sprintf("Updating to version %d", $i) . "</li>"; + print "<li>"; $result = $updater->performUpdateTo($i, true); + print "</li>"; if (!$result) { - print "<span class='err'>".__("FAILED!")."</span></li></ul>"; + print "</ul>"; - print_warning("One of the updates failed. Either retry the process or perform updates manually."); + print_error("One of the updates failed. Either retry the process or perform updates manually."); - print "<a href='index.php'>".__("Return to Tiny Tiny RSS")."</a>"; + print "<form method='POST'> + <input type='hidden' name='subop' value='performupdate'> + <button type='submit' dojoType='dijit.form.Button' class='alt-danger' onclick='return confirmOP()'>".__("Try again")."</button> + <a href='index.php'>".__("Return to Tiny Tiny RSS")."</a> + </form>"; return; } else { - print "<span class='ok'>".__("OK!")."</span></li>"; + print "<li class='text-success'>" . __("Completed.") . "</li>"; + print "</ul>"; } } - print "</ul>"; - print_notice("Your Tiny Tiny RSS database is now updated to the latest version."); print "<a href='index.php'>".__("Return to Tiny Tiny RSS")."</a>"; @@ -1154,14 +1180,15 @@ class Handler_Public extends Handler { } else { if ($updater->isUpdateRequired()) { - print "<h2>" . __("Database update required") . "</h2>"; - - print_notice("<h4>". - sprintf("Your Tiny Tiny RSS database needs update to the latest version: %d to %d.", - $updater->getSchemaVersion(), SCHEMA_VERSION). - "</h4>"); + print "<h2>".T_sprintf("Tiny Tiny RSS database needs update to the latest version (%d to %d).", + $updater->getSchemaVersion(), SCHEMA_VERSION)."</h2>"; - print_warning("Please backup your database before proceeding."); + if (DB_TYPE == "mysql") { + print_error("<strong>READ THIS:</strong> Due to MySQL limitations, your database is not completely protected while updating. ". + "Errors may put it in an inconsistent state requiring manual rollback. <strong>BACKUP YOUR DATABASE BEFORE CONTINUING.</strong>"); + } else { + print_warning("Please backup your database before proceeding."); + } print "<form method='POST'> <input type='hidden' name='subop' value='performupdate'> |