diff options
Diffstat (limited to 'include')
| -rw-r--r-- | include/crypt.php | 20 | ||||
| -rwxr-xr-x | include/functions.php | 90 | ||||
| -rwxr-xr-x | include/sanity_check.php | 12 | ||||
| -rw-r--r-- | include/sanity_config.php | 4 | ||||
| -rw-r--r-- | include/version.php | 2 |
5 files changed, 72 insertions, 56 deletions
diff --git a/include/crypt.php b/include/crypt.php deleted file mode 100644 index 3e26dfd5a..000000000 --- a/include/crypt.php +++ /dev/null @@ -1,20 +0,0 @@ -<?php - function decrypt_string($str) { - $pair = explode(":", $str); - - if (count($pair) == 2) { - @$iv = base64_decode($pair[0]); - @$encstr = base64_decode($pair[1]); - - if ($iv && $encstr) { - $key = hash('SHA256', FEED_CRYPT_KEY, true); - - $str = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, $encstr, - MCRYPT_MODE_CBC, $iv); - - if ($str) return rtrim($str); - } - } - - return false; - }
\ No newline at end of file diff --git a/include/functions.php b/include/functions.php index 7ebbe38b3..f03ed3a91 100755 --- a/include/functions.php +++ b/include/functions.php @@ -1564,38 +1564,31 @@ return false; } - function sanitize($str, $force_remove_images = false, $owner = false, $site_url = false, $highlight_words = false, $article_id = false) { - if (!$owner) $owner = $_SESSION["uid"]; - - $res = trim($str); if (!$res) return ''; + // check for locally cached (media) URLs and rewrite to local versions + // this is called separately after sanitize() and plugin render article hooks to allow + // plugins work on original source URLs used before caching + function rewrite_cached_urls($str) { $charset_hack = '<head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/> </head>'; - $res = trim($res); if (!$res) return ''; - - libxml_use_internal_errors(true); + $res = trim($str); if (!$res) return ''; $doc = new DOMDocument(); $doc->loadHTML($charset_hack . $res); $xpath = new DOMXPath($doc); - $rewrite_base_url = $site_url ? $site_url : get_self_url_prefix(); + $entries = $xpath->query('(//img[@src]|//video[@poster]|//video/source[@src]|//audio/source[@src])'); - $entries = $xpath->query('(//a[@href]|//img[@src]|//video/source[@src]|//audio/source[@src])'); + $need_saving = false; foreach ($entries as $entry) { - if ($entry->hasAttribute('href')) { - $entry->setAttribute('href', - rewrite_relative_url($rewrite_base_url, $entry->getAttribute('href'))); - - $entry->setAttribute('rel', 'noopener noreferrer'); - } + if ($entry->hasAttribute('src') || $entry->hasAttribute('poster')) { - if ($entry->hasAttribute('src')) { - $src = rewrite_relative_url($rewrite_base_url, $entry->getAttribute('src')); + // should be already absolutized because this is called after sanitize() + $src = $entry->hasAttribute('poster') ? $entry->getAttribute('poster') : $entry->getAttribute('src'); $cached_filename = CACHE_DIR . '/images/' . sha1($src); if (file_exists($cached_filename)) { @@ -1613,14 +1606,58 @@ $src = get_self_url_prefix() . '/public.php?op=cached_url&hash=' . sha1($src) . $suffix; - if ($entry->hasAttribute('srcset')) { - $entry->removeAttribute('srcset'); - } + if ($entry->hasAttribute('poster')) + $entry->setAttribute('poster', $src); + else + $entry->setAttribute('src', $src); - if ($entry->hasAttribute('sizes')) { - $entry->removeAttribute('sizes'); - } + $need_saving = true; } + } + } + + if ($need_saving) { + $doc->removeChild($doc->firstChild); //remove doctype + $res = $doc->saveHTML(); + } + + return $res; + } + + function sanitize($str, $force_remove_images = false, $owner = false, $site_url = false, $highlight_words = false, $article_id = false) { + if (!$owner) $owner = $_SESSION["uid"]; + + $res = trim($str); if (!$res) return ''; + + $charset_hack = '<head> + <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/> + </head>'; + + $res = trim($res); if (!$res) return ''; + + libxml_use_internal_errors(true); + + $doc = new DOMDocument(); + $doc->loadHTML($charset_hack . $res); + $xpath = new DOMXPath($doc); + + $rewrite_base_url = $site_url ? $site_url : get_self_url_prefix(); + + $entries = $xpath->query('(//a[@href]|//img[@src]|//video/source[@src]|//audio/source[@src])'); + + foreach ($entries as $entry) { + + if ($entry->hasAttribute('href')) { + $entry->setAttribute('href', + rewrite_relative_url($rewrite_base_url, $entry->getAttribute('href'))); + + $entry->setAttribute('rel', 'noopener noreferrer'); + } + + if ($entry->hasAttribute('src')) { + $src = rewrite_relative_url($rewrite_base_url, $entry->getAttribute('src')); + + // cache stuff has gone to rewrite_cached_urls() $entry->setAttribute('src', $src); } @@ -2574,6 +2611,13 @@ } $mimetype = mime_content_type($filename); + + // this is hardly ideal but 1) only media is cached in images/ and 2) seemingly only mp4 + // video files are detected as octet-stream by mime_content_type() + + if ($mimetype == "application/octet-stream") + $mimetype = "video/mp4"; + header("Content-type: $mimetype"); $stamp = gmdate("D, d M Y H:i:s", filemtime($filename)) . " GMT"; diff --git a/include/sanity_check.php b/include/sanity_check.php index 94578b404..460bd0ba7 100755 --- a/include/sanity_check.php +++ b/include/sanity_check.php @@ -46,8 +46,8 @@ array_push($errors, "Please don't run this script as root."); } - if (version_compare(PHP_VERSION, '5.4.0', '<')) { - array_push($errors, "PHP version 5.4.0 or newer required."); + if (version_compare(PHP_VERSION, '5.6.0', '<')) { + array_push($errors, "PHP version 5.6.0 or newer required. You're using " . PHP_VERSION . "."); } if (CONFIG_VERSION != EXPECTED_CONFIG_VERSION) { @@ -70,14 +70,6 @@ array_push($errors, "Javascript cache is not writable (chmod -R 777 ".CACHE_DIR."/js)"); } - if (strlen(FEED_CRYPT_KEY) > 0 && strlen(FEED_CRYPT_KEY) != 24) { - array_push($errors, "FEED_CRYPT_KEY should be exactly 24 characters in length."); - } - - if (strlen(FEED_CRYPT_KEY) > 0 && !function_exists("mcrypt_decrypt")) { - array_push($errors, "FEED_CRYPT_KEY requires mcrypt functions which are not found."); - } - if (GENERATED_CONFIG_CHECK != EXPECTED_CONFIG_VERSION) { array_push($errors, "Configuration option checker sanity_config.php is outdated, please recreate it using ./utils/regen_config_checks.sh"); diff --git a/include/sanity_config.php b/include/sanity_config.php index 0e9944361..d9ae18a8b 100644 --- a/include/sanity_config.php +++ b/include/sanity_config.php @@ -1,3 +1,3 @@ -<?php # This file has been generated at: Tue, May 16, 2017 10:37:57 AM +<?php # This file has been generated at: Mon Aug 13 15:48:51 MSK 2018 define('GENERATED_CONFIG_CHECK', 26); -$requred_defines = array( 'DB_TYPE', 'DB_HOST', 'DB_USER', 'DB_NAME', 'DB_PASS', 'MYSQL_CHARSET', 'SELF_URL_PATH', 'FEED_CRYPT_KEY', 'SINGLE_USER_MODE', 'SIMPLE_UPDATE_MODE', 'PHP_EXECUTABLE', 'LOCK_DIRECTORY', 'CACHE_DIR', 'ICONS_DIR', 'ICONS_URL', 'AUTH_AUTO_CREATE', 'AUTH_AUTO_LOGIN', 'FORCE_ARTICLE_PURGE', 'SPHINX_SERVER', 'SPHINX_INDEX', 'ENABLE_REGISTRATION', 'REG_NOTIFY_ADDRESS', 'REG_MAX_USERS', 'SESSION_COOKIE_LIFETIME', 'SMTP_FROM_NAME', 'SMTP_FROM_ADDRESS', 'DIGEST_SUBJECT', 'SMTP_SERVER', 'SMTP_LOGIN', 'SMTP_PASSWORD', 'SMTP_SECURE', 'CHECK_FOR_UPDATES', 'ENABLE_GZIP_OUTPUT', 'PLUGINS', 'LOG_DESTINATION', 'CONFIG_VERSION'); ?> +$requred_defines = array( 'DB_TYPE', 'DB_HOST', 'DB_USER', 'DB_NAME', 'DB_PASS', 'MYSQL_CHARSET', 'SELF_URL_PATH', 'SINGLE_USER_MODE', 'SIMPLE_UPDATE_MODE', 'PHP_EXECUTABLE', 'LOCK_DIRECTORY', 'CACHE_DIR', 'ICONS_DIR', 'ICONS_URL', 'AUTH_AUTO_CREATE', 'AUTH_AUTO_LOGIN', 'FORCE_ARTICLE_PURGE', 'SPHINX_SERVER', 'SPHINX_INDEX', 'ENABLE_REGISTRATION', 'REG_NOTIFY_ADDRESS', 'REG_MAX_USERS', 'SESSION_COOKIE_LIFETIME', 'SMTP_FROM_NAME', 'SMTP_FROM_ADDRESS', 'DIGEST_SUBJECT', 'SMTP_SERVER', 'SMTP_LOGIN', 'SMTP_PASSWORD', 'SMTP_SECURE', 'CHECK_FOR_UPDATES', 'ENABLE_GZIP_OUTPUT', 'PLUGINS', 'LOG_DESTINATION', 'CONFIG_VERSION'); ?> diff --git a/include/version.php b/include/version.php index 2cf7b1ded..751055b76 100644 --- a/include/version.php +++ b/include/version.php @@ -1,5 +1,5 @@ <?php - define('VERSION_STATIC', '17.12'); + define('VERSION_STATIC', '18.8'); function get_version() { date_default_timezone_set('UTC'); |