diff options
Diffstat (limited to 'include')
-rw-r--r-- | include/functions.php | 140 | ||||
-rw-r--r-- | include/localized_schema.php | 4 |
2 files changed, 100 insertions, 44 deletions
diff --git a/include/functions.php b/include/functions.php index 54b565799..7071765ba 100644 --- a/include/functions.php +++ b/include/functions.php @@ -1,6 +1,6 @@ <?php define('EXPECTED_CONFIG_VERSION', 26); - define('SCHEMA_VERSION', 105); + define('SCHEMA_VERSION', 106); $fetch_last_error = false; $pluginhost = false; @@ -123,14 +123,24 @@ * @return void */ function _debug($msg) { - if (defined('QUIET') && QUIET) { - return; - } $ts = strftime("%H:%M:%S", time()); if (function_exists('posix_getpid')) { $ts = "$ts/" . posix_getpid(); } - print "[$ts] $msg\n"; + + if (!(defined('QUIET') && QUIET)) { + print "[$ts] $msg\n"; + } + + if (defined('LOGFILE')) { + $fp = fopen(LOGFILE, 'a+'); + + if ($fp) { + fputs($fp, "[$ts] $msg\n"); + fclose($fp); + } + } + } // function _debug /** @@ -287,12 +297,16 @@ global $fetch_last_error; if (function_exists('curl_init') && !ini_get("open_basedir")) { - //$ch = curl_init($url); - $ch = curl_init(geturl($url)); + + if (ini_get("safe_mode")) { + $ch = curl_init(geturl($url)); + } else { + $ch = curl_init($url); + } curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $timeout ? $timeout : 15); curl_setopt($ch, CURLOPT_TIMEOUT, $timeout ? $timeout : 45); - //curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); + curl_setopt($ch, CURLOPT_FOLLOWLOCATION, !ini_get("safe_mode")); curl_setopt($ch, CURLOPT_MAXREDIRS, 20); curl_setopt($ch, CURLOPT_BINARYTRANSFER, true); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); @@ -783,11 +797,6 @@ } } - // Deprecated, TODO: remove - function theme_image($link, $filename) { - return $filename; - } - function convert_timestamp($timestamp, $source_tz, $dest_tz) { try { @@ -1822,10 +1831,10 @@ function make_init_params($link) { $params = array(); - $params["sign_progress"] = theme_image($link, "images/indicator_white.gif"); - $params["sign_progress_tiny"] = theme_image($link, "images/indicator_tiny.gif"); - $params["sign_excl"] = theme_image($link, "images/sign_excl.svg"); - $params["sign_info"] = theme_image($link, "images/sign_info.svg"); + $params["sign_progress"] = "images/indicator_white.gif"; + $params["sign_progress_tiny"] = "images/indicator_tiny.gif"; + $params["sign_excl"] = "images/sign_excl.svg"; + $params["sign_info"] = "images/sign_info.svg"; foreach (array("ON_CATCHUP_SHOW_NEXT_FEED", "HIDE_READ_FEEDS", "ENABLE_FEED_CATS", "FEEDS_SORT_BY_UNREAD", "CONFIRM_FEED_CATCHUP", @@ -1886,7 +1895,7 @@ "article_scroll_up" => __("Scroll up"), "select_article_cursor" => __("Select article under cursor"), "email_article" => __("Email article"), - "close_article" => __("Close article"), + "close_article" => __("Close/collapse article"), "toggle_widescreen" => __("Toggle widescreen mode")), __("Article selection") => array( "select_all" => __("Select all articles"), @@ -1947,6 +1956,8 @@ "c n" => "catchup_above", "*n" => "article_scroll_down", "*p" => "article_scroll_up", + "*(38)|Shift+up" => "article_scroll_up", + "*(40)|Shift+down" => "article_scroll_down", "a *w" => "toggle_widescreen", "e" => "email_article", "a q" => "close_article", @@ -2060,7 +2071,7 @@ return $data; } - function search_to_sql($link, $search, $match_on) { + function search_to_sql($link, $search) { $search_query_part = ""; @@ -2107,13 +2118,9 @@ //$k = date("Y-m-d", strtotime(substr($k, 1))); array_push($query_keywords, "(".SUBSTRING_FOR_DATE."(updated,1,LENGTH('$k')) $not = '$k')"); - } else if ($match_on == "both") { + } else { array_push($query_keywords, "(UPPER(ttrss_entries.title) $not LIKE UPPER('%$k%') OR UPPER(ttrss_entries.content) $not LIKE UPPER('%$k%'))"); - } else if ($match_on == "title") { - array_push($query_keywords, "(UPPER(ttrss_entries.title) $not LIKE UPPER('%$k%'))"); - } else if ($match_on == "content") { - array_push($query_keywords, "(UPPER(ttrss_entries.content) $not LIKE UPPER('%$k%'))"); } } @@ -2150,7 +2157,7 @@ return $rv; } - function queryFeedHeadlines($link, $feed, $limit, $view_mode, $cat_view, $search, $search_mode, $match_on, $override_order = false, $offset = 0, $owner_uid = 0, $filter = false, $since_id = 0, $include_children = false, $ignore_vfeed_group = false) { + function queryFeedHeadlines($link, $feed, $limit, $view_mode, $cat_view, $search, $search_mode, $override_order = false, $offset = 0, $owner_uid = 0, $filter = false, $since_id = 0, $include_children = false, $ignore_vfeed_group = false) { if (!$owner_uid) $owner_uid = $_SESSION["uid"]; @@ -2167,7 +2174,7 @@ $search_query_part = "ref_id = -1 AND "; } else { - $search_query_part = search_to_sql($link, $search, $match_on); + $search_query_part = search_to_sql($link, $search); $search_query_part .= " AND "; } @@ -2460,6 +2467,7 @@ num_comments, comments, int_id, + hide_images, unread,feed_id,marked,published,link,last_read,orig_feed_id, last_marked, last_published, ".SUBSTRING_FOR_DATE."(last_read,1,19) as last_read_noms, @@ -2504,6 +2512,7 @@ "label_cache," . "link," . "last_read," . + "(SELECT hide_images FROM ttrss_feeds WHERE id = feed_id) AS hide_images," . "last_marked, last_published, " . SUBSTRING_FOR_DATE . "(last_read,1,19) as last_read_noms," . $since_id_part . @@ -2559,15 +2568,11 @@ } - function sanitize($link, $str, $force_strip_tags = false, $owner = false, $site_url = false) { + function sanitize($link, $str, $force_remove_images = false, $owner = false, $site_url = false) { if (!$owner) $owner = $_SESSION["uid"]; $res = trim($str); if (!$res) return ''; - if (get_pref($link, "STRIP_IMAGES", $owner)) { - $res = preg_replace('/<img[^>]+>/is', '', $res); - } - if (strpos($res, "href=") === false) $res = rewrite_urls($res); @@ -2604,6 +2609,24 @@ $entry->setAttribute('src', $src); } + + if ($entry->nodeName == 'img') { + if (($owner && get_pref($link, "STRIP_IMAGES", $owner)) || + $force_remove_images) { + + $p = $doc->createElement('p'); + + $a = $doc->createElement('a'); + $a->setAttribute('href', $entry->getAttribute('src')); + + $a->appendChild(new DOMText($entry->getAttribute('src'))); + $a->setAttribute('target', '_blank'); + + $p->appendChild($a); + + $entry->parentNode->replaceChild($p, $entry); + } + } } if (strtolower($entry->nodeName) == "a") { @@ -2613,7 +2636,16 @@ $entries = $xpath->query('//iframe'); foreach ($entries as $entry) { - $entry->setAttribute('sandbox', true); + $entry->setAttribute('sandbox', 'allow-scripts'); + + } + + global $pluginhost; + + if (isset($pluginhost)) { + foreach ($pluginhost->get_hooks($pluginhost::HOOK_SANITIZE) as $plugin) { + $doc = $plugin->hook_sanitize($doc, $site_url); + } } $doc->removeChild($doc->firstChild); //remove doctype @@ -2625,9 +2657,9 @@ function strip_harmful_tags($doc) { $entries = $doc->getElementsByTagName("*"); - $allowed_elements = array('a', 'address', 'audio', + $allowed_elements = array('a', 'address', 'audio', 'article', 'b', 'big', 'blockquote', 'body', 'br', 'cite', - 'code', 'dd', 'del', 'details', 'div', 'dl', + 'code', 'dd', 'del', 'details', 'div', 'dl', 'font', 'dt', 'em', 'footer', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6', 'header', 'html', 'i', 'img', 'ins', 'kbd', 'li', 'nav', 'ol', 'p', 'pre', 'q', 's','small', @@ -2809,19 +2841,19 @@ function format_warning($msg, $id = "") { global $link; return "<div class=\"warning\" id=\"$id\"> - <img src=\"".theme_image($link, "images/sign_excl.svg")."\">$msg</div>"; + <img src=\"images/sign_excl.svg\">$msg</div>"; } function format_notice($msg, $id = "") { global $link; return "<div class=\"notice\" id=\"$id\"> - <img src=\"".theme_image($link, "images/sign_info.svg")."\">$msg</div>"; + <img src=\"images/sign_info.svg\">$msg</div>"; } function format_error($msg, $id = "") { global $link; return "<div class=\"error\" id=\"$id\"> - <img src=\"".theme_image($link, "images/sign_excl.svg")."\">$msg</div>"; + <img src=\"images/sign_excl.svg\">$msg</div>"; } function print_notice($msg) { @@ -2846,6 +2878,8 @@ $entry = ""; + $url = htmlspecialchars($url); + if (strpos($ctype, "audio/") === 0) { if ($_SESSION["hasAudio"] && (strpos($ctype, "ogg") !== false || @@ -2872,7 +2906,8 @@ </object>"; } - if ($entry) $entry .= " " . basename($url); + if ($entry) $entry .= " <a target=\"_blank\" + href=\"$url\">" . basename($url) . "</a>"; return $entry; @@ -3007,7 +3042,7 @@ if (!$entry_comments) $entry_comments = " "; # placeholder $rv['content'] .= "<div class='postTags' style='float : right'> - <img src='".theme_image($link, 'images/tag.png')."' + <img src='images/tag.png' class='tagsPic' alt='Tags' title='Tags'> "; if (!$zoom_mode) { @@ -3602,7 +3637,7 @@ array_push($entries, $entry); } - if (!get_pref($link, "STRIP_IMAGES")) { + if ($_SESSION['uid'] && !get_pref($link, "STRIP_IMAGES")) { if ($always_display_enclosures || !preg_match("/<img/i", $article_content)) { @@ -4003,8 +4038,8 @@ $oline=''; foreach($status as $key=>$eline){$oline.='['.$key.']'.$eline.' ';} $line =$oline." \r\n ".$url."\r\n-----------------\r\n"; - $handle = @fopen('./curl.error.log', 'a'); - fwrite($handle, $line); +# $handle = @fopen('./curl.error.log', 'a'); +# fwrite($handle, $line); return FALSE; } return $url; @@ -4038,4 +4073,25 @@ return $rv; } + function stylesheet_tag($filename) { + $timestamp = filemtime($filename); + + echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"$filename?$timestamp\"/>\n"; + } + + function javascript_tag($filename) { + $query = ""; + + if (!(strpos($filename, "?") === FALSE)) { + $query = substr($filename, strpos($filename, "?")+1); + $filename = substr($filename, 0, strpos($filename, "?")); + } + + $timestamp = filemtime($filename); + + if ($query) $timestamp .= "&$query"; + + echo "<script type=\"text/javascript\" charset=\"utf-8\" src=\"$filename?$timestamp\"></script>\n"; + } + ?> diff --git a/include/localized_schema.php b/include/localized_schema.php index f5acae99c..2f5903dc7 100644 --- a/include/localized_schema.php +++ b/include/localized_schema.php @@ -1,4 +1,4 @@ -<?php # This file has been generated at: Tue Mar 19 10:14:58 MSK 2013 +<?php # This file has been generated at: Wed Mar 20 15:53:19 MSK 2013 __("Title"); __("Title or Content"); @@ -54,7 +54,7 @@ __('Automatically expand articles in combined mode'); __('Purge unread articles'); __('Show special feeds when hiding read feeds'); __('Group headlines in virtual feeds'); -__('Hide images in articles'); +__('Do not embed images in articles'); __('Enable external API'); __('User timezone'); __('Customize stylesheet'); |