diff options
Diffstat (limited to 'include')
-rw-r--r-- | include/db.php | 2 | ||||
-rw-r--r-- | include/functions.php | 141 | ||||
-rw-r--r-- | include/labels.php | 2 | ||||
-rw-r--r-- | include/localized_schema.php | 4 | ||||
-rw-r--r-- | include/login_form.php | 10 | ||||
-rw-r--r-- | include/rssfuncs.php | 4 | ||||
-rw-r--r-- | include/sanity_check.php | 33 | ||||
-rw-r--r-- | include/sanity_config.php | 4 | ||||
-rw-r--r-- | include/sessions.php | 17 |
9 files changed, 138 insertions, 79 deletions
diff --git a/include/db.php b/include/db.php index 0479df6a9..a70a1d878 100644 --- a/include/db.php +++ b/include/db.php @@ -15,7 +15,7 @@ function db_connect($host, $user, $pass, $db) { $string .= " host=$host"; } - if (defined('DB_PORT')) { + if (defined('DB_PORT') && DB_PORT) { $string = "$string port=" . DB_PORT; } diff --git a/include/functions.php b/include/functions.php index a9c7d95f5..dcaa67e56 100644 --- a/include/functions.php +++ b/include/functions.php @@ -1,6 +1,9 @@ <?php define('EXPECTED_CONFIG_VERSION', 26); - define('SCHEMA_VERSION', 108); + define('SCHEMA_VERSION', 109); + + define('LABEL_BASE_INDEX', -1024); + define('PLUGIN_FEED_BASE_INDEX', -128); $fetch_last_error = false; $pluginhost = false; @@ -285,8 +288,6 @@ } function fetch_file_contents($url, $type = false, $login = false, $pass = false, $post_query = false, $timeout = false) { - $login = urlencode($login); - $pass = urlencode($pass); global $fetch_last_error; @@ -348,11 +349,13 @@ return $contents; } else { - if ($login && $pass ){ + if ($login && $pass){ $url_parts = array(); preg_match("/(^[^:]*):\/\/(.*)/", $url, $url_parts); + $pass = urlencode($pass); + if ($url_parts[1] && $url_parts[2]) { $url = $url_parts[1] . "://$login:$pass@" . $url_parts[2]; } @@ -751,6 +754,7 @@ $_SESSION["prefs_cache"] = false; if (SINGLE_USER_MODE) { + @session_start(); authenticate_user($link, "admin", null); cache_prefs($link); load_user_plugins($link, $_SESSION["uid"]); @@ -1034,7 +1038,7 @@ AND $ref_check_qpart AND unread = true AND owner_uid = $owner_uid"); - } else if ($feed < 0 && $feed > -10) { // special, like starred + } else if ($feed < 0 && $feed > LABEL_BASE_INDEX) { // special, like starred if ($feed == -1) { db_query($link, "UPDATE ttrss_user_entries @@ -1085,9 +1089,9 @@ owner_uid = $owner_uid"); } - } else if ($feed < -10) { // label + } else if ($feed < LABEL_BASE_INDEX) { // label - $label_id = -$feed - 11; + $label_id = feed_to_label_id($feed); db_query($link, "UPDATE ttrss_user_entries, ttrss_user_labels2 SET unread = false, last_read = NOW() @@ -1334,9 +1338,9 @@ $match_part = "feed_id IS NULL"; } - } else if ($feed < -10) { + } else if ($feed < LABEL_BASE_INDEX) { - $label_id = -$feed - 11; + $label_id = feed_to_label_id($feed); return getLabelUnread($link, $label_id, $owner_uid); @@ -1428,6 +1432,21 @@ array_push($ret_arr, $cv); } + global $pluginhost; + + if ($pluginhost) { + $feeds = $pluginhost->get_feeds(-1); + + if (is_array($feeds)) { + foreach ($feeds as $feed) { + $cv = array("id" => PluginHost::pfeed_to_feed_id($feed['id']), + "counter" => $feed['sender']->get_unread($feed['id'])); + + array_push($ret_arr, $cv); + } + } + } + return $ret_arr; } @@ -1446,7 +1465,7 @@ while ($line = db_fetch_assoc($result)) { - $id = -$line["id"] - 11; + $id = label_to_feed_id($line["id"]); $label_name = $line["caption"]; $count = $line["unread"]; @@ -1753,7 +1772,7 @@ function getFeedCatTitle($link, $id) { if ($id == -1) { return __("Special"); - } else if ($id < -10) { + } else if ($id < LABEL_BASE_INDEX) { return __("Labels"); } else if ($id > 0) { $result = db_query($link, "SELECT ttrss_feed_categories.title @@ -1791,7 +1810,7 @@ return "images/recently_read.png"; break; default: - if ($id < -10) { + if ($id < LABEL_BASE_INDEX) { return "images/label.png"; } else { if (file_exists(ICONS_DIR . "/$id.ico")) @@ -1816,8 +1835,8 @@ return __("Archived articles"); } else if ($id == -6) { return __("Recently read"); - } else if ($id < -10) { - $label_id = -$id - 11; + } else if ($id < LABEL_BASE_INDEX) { + $label_id = feed_to_label_id($id); $result = db_query($link, "SELECT caption FROM ttrss_labels2 WHERE id = '$label_id'"); if (db_num_rows($result) == 1) { return db_fetch_result($result, 0, "caption"); @@ -1854,6 +1873,7 @@ $params["default_view_limit"] = (int) get_pref($link, "_DEFAULT_VIEW_LIMIT"); $params["default_view_order_by"] = get_pref($link, "_DEFAULT_VIEW_ORDER_BY"); $params["bw_limit"] = (int) $_SESSION["bw_limit"]; + $params["label_base_index"] = (int) LABEL_BASE_INDEX; $result = db_query($link, "SELECT MAX(id) AS mid, COUNT(*) AS nf FROM ttrss_feeds WHERE owner_uid = " . $_SESSION["uid"]); @@ -2252,6 +2272,10 @@ $view_query_part = " marked = true AND "; } + if ($view_mode == "has_note") { + $view_query_part = " (note IS NOT NULL AND note != '') AND "; + } + if ($view_mode == "published") { $view_query_part = " published = true AND "; } @@ -2338,9 +2362,9 @@ if (!$override_order) { if (get_pref($link, 'REVERSE_HEADLINES', $owner_uid)) { - $override_order = "date_entered"; + $override_order = "date_entered, updated"; } else { - $override_order = "last_marked DESC, date_entered DESC"; + $override_order = "last_marked DESC, date_entered DESC, updated DESC"; } } @@ -2353,9 +2377,9 @@ if (!$override_order) { if (get_pref($link, 'REVERSE_HEADLINES', $owner_uid)) { - $override_order = "date_entered"; + $override_order = "date_entered, updated"; } else { - $override_order = "last_published DESC, date_entered DESC"; + $override_order = "last_published DESC, date_entered DESC, updated DESC"; } } @@ -2380,17 +2404,17 @@ $intl = get_pref($link, "FRESH_ARTICLE_MAX_AGE", $owner_uid); if (DB_TYPE == "pgsql") { - $query_strategy_part .= " AND updated > NOW() - INTERVAL '$intl hour' "; + $query_strategy_part .= " AND date_entered > NOW() - INTERVAL '$intl hour' "; } else { - $query_strategy_part .= " AND updated > DATE_SUB(NOW(), INTERVAL $intl HOUR) "; + $query_strategy_part .= " AND date_entered > DATE_SUB(NOW(), INTERVAL $intl HOUR) "; } $vfeed_query_part = "ttrss_feeds.title AS feed_title,"; } else if ($feed == -4) { // all articles virtual feed $query_strategy_part = "true"; $vfeed_query_part = "ttrss_feeds.title AS feed_title,"; - } else if ($feed <= -10) { // labels - $label_id = -$feed - 11; + } else if ($feed <= LABEL_BASE_INDEX) { // labels + $label_id = feed_to_label_id($feed); $query_strategy_part = "label_id = '$label_id' AND ttrss_labels2.id = ttrss_user_labels2.label_id AND @@ -2411,9 +2435,9 @@ } if (get_pref($link, 'REVERSE_HEADLINES', $owner_uid)) { - $order_by = "$date_sort_field"; + $order_by = "$date_sort_field, updated"; } else { - $order_by = "$date_sort_field DESC"; + $order_by = "$date_sort_field DESC, updated DESC"; } if ($view_mode != "noscores") { @@ -2497,10 +2521,8 @@ hide_images, unread,feed_id,marked,published,link,last_read,orig_feed_id, last_marked, last_published, - ".SUBSTRING_FOR_DATE."(last_read,1,19) as last_read_noms, $vfeed_query_part $content_query_part - ".SUBSTRING_FOR_DATE."(updated,1,19) as updated_noms, author,score FROM $from_qpart @@ -2541,11 +2563,9 @@ "last_read," . "(SELECT hide_images FROM ttrss_feeds WHERE id = feed_id) AS hide_images," . "last_marked, last_published, " . - SUBSTRING_FOR_DATE . "(last_read,1,19) as last_read_noms," . $since_id_part . $vfeed_query_part . $content_query_part . - SUBSTRING_FOR_DATE . "(updated,1,19) as updated_noms," . "score "; $feed_kind = "Tags"; @@ -2639,7 +2659,7 @@ if ($entry->nodeName == 'img') { if (($owner && get_pref($link, "STRIP_IMAGES", $owner)) || - $force_remove_images) { + $force_remove_images || $_SESSION["bw_limit"]) { $p = $doc->createElement('p'); @@ -2667,37 +2687,44 @@ } + $allowed_elements = array('a', 'address', 'audio', 'article', + 'b', 'big', 'blockquote', 'body', 'br', 'cite', 'center', + 'code', 'dd', 'del', 'details', 'div', 'dl', 'font', + 'dt', 'em', 'footer', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6', + 'header', 'html', 'i', 'img', 'ins', 'kbd', + 'li', 'nav', 'ol', 'p', 'pre', 'q', 's','small', + 'source', 'span', 'strike', 'strong', 'sub', 'summary', + 'sup', 'table', 'tbody', 'td', 'tfoot', 'th', 'thead', + 'tr', 'track', 'tt', 'u', 'ul', 'var', 'wbr', 'video' ); + + if ($_SESSION['hasSandbox']) $allowed_elements[] = 'iframe'; + + $disallowed_attributes = array('id', 'style', 'class'); + global $pluginhost; if (isset($pluginhost)) { foreach ($pluginhost->get_hooks($pluginhost::HOOK_SANITIZE) as $plugin) { - $doc = $plugin->hook_sanitize($doc, $site_url); + $retval = $plugin->hook_sanitize($doc, $site_url, $allowed_elements, $disallowed_attributes); + if (is_array($retval)) { + $doc = $retval[0]; + $allowed_elements = $retval[1]; + $disallowed_attributes = $retval[2]; + } else { + $doc = $retval; + } } } $doc->removeChild($doc->firstChild); //remove doctype - $doc = strip_harmful_tags($doc); + $doc = strip_harmful_tags($doc, $allowed_elements, $disallowed_attributes); $res = $doc->saveHTML(); return $res; } - function strip_harmful_tags($doc) { + function strip_harmful_tags($doc, $allowed_elements, $disallowed_attributes) { $entries = $doc->getElementsByTagName("*"); - $allowed_elements = array('a', 'address', 'audio', 'article', - 'b', 'big', 'blockquote', 'body', 'br', 'cite', 'center', - 'code', 'dd', 'del', 'details', 'div', 'dl', 'font', - 'dt', 'em', 'footer', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6', - 'header', 'html', 'i', 'img', 'ins', 'kbd', - 'li', 'nav', 'ol', 'p', 'pre', 'q', 's','small', - 'source', 'span', 'strike', 'strong', 'sub', 'summary', - 'sup', 'table', 'tbody', 'td', 'tfoot', 'th', 'thead', - 'tr', 'track', 'tt', 'u', 'ul', 'var', 'wbr', 'video' ); - - if ($_SESSION['hasSandbox']) array_push($allowed_elements, 'iframe'); - - $disallowed_attributes = array('id', 'style', 'class'); - foreach ($entries as $entry) { if (!in_array($entry->nodeName, $allowed_elements)) { $entry->parentNode->removeChild($entry); @@ -3636,7 +3663,7 @@ array_push($entries, $entry); } - if ($_SESSION['uid'] && !get_pref($link, "STRIP_IMAGES")) { + if ($_SESSION['uid'] && !get_pref($link, "STRIP_IMAGES") && !$_SESSION["bw_limit"]) { if ($always_display_enclosures || !preg_match("/<img/i", $article_content)) { @@ -3666,13 +3693,15 @@ $rv .= "<hr clear='both'/>"; } - $rv .= "<br/><div dojoType=\"dijit.form.DropDownButton\">". - "<span>" . __('Attachments')."</span>"; - $rv .= "<div dojoType=\"dijit.Menu\" style=\"display: none;\">"; + $rv .= "<select onchange=\"openSelectedAttachment(this)\">". + "<option value=''>" . __('Attachments')."</option>"; - foreach ($entries_html as $entry) { $rv .= $entry; }; + foreach ($entries as $entry) { + $rv .= "<option value=\"".htmlspecialchars($entry["url"])."\">" . htmlspecialchars($entry["filename"]) . "</option>"; - $rv .= "</div></div>"; + }; + + $rv .= "</select>"; } return $rv; @@ -4155,4 +4184,12 @@ } } + function label_to_feed_id($label) { + return LABEL_BASE_INDEX - 1 - abs($label); + } + + function feed_to_label_id($feed) { + return LABEL_BASE_INDEX - 1 + abs($feed); + } + ?> diff --git a/include/labels.php b/include/labels.php index 75936007e..5ac8794d9 100644 --- a/include/labels.php +++ b/include/labels.php @@ -158,7 +158,7 @@ /* Remove access key for the label */ - $ext_id = -11 - $id; + $ext_id = LABEL_BASE_INDEX - 1 - $id; db_query($link, "DELETE FROM ttrss_access_keys WHERE feed_id = '$ext_id' AND owner_uid = $owner_uid"); diff --git a/include/localized_schema.php b/include/localized_schema.php index 650a35806..4feab0a2a 100644 --- a/include/localized_schema.php +++ b/include/localized_schema.php @@ -1,4 +1,4 @@ -<?php # This file has been generated at: Tue Mar 26 15:16:40 MSK 2013 +<?php # This file has been generated at: Wed Mar 27 16:48:20 MSK 2013 __("Title"); __("Title or Content"); @@ -39,7 +39,7 @@ __('Show content preview in headlines list'); __('Short date format'); __('Long date format'); __('Combined feed display'); -__('Hide feeds with no unread messages'); +__('Hide feeds with no unread articles'); __('On catchup show next feed'); __('Sort feeds by unread articles count'); __('Reverse headline order (oldest first)'); diff --git a/include/login_form.php b/include/login_form.php index af451239d..4fc08261a 100644 --- a/include/login_form.php +++ b/include/login_form.php @@ -221,6 +221,16 @@ function bwLimitChange(elem) { <label style='display : inline' for="bw_limit"><?php echo __("Use less traffic") ?></label> </div> + <?php if (SESSION_COOKIE_LIFETIME > 0) { ?> + + <div class="row"> + <label> </label> + <input dojoType="dijit.form.CheckBox" name="remember_me" id="remember_me" type="checkbox"> + <label style='display : inline' for="remember_me"><?php echo __("Remember me") ?></label> + </div> + + <?php } ?> + <div class="row" style='text-align : right'> <button dojoType="dijit.form.Button" type="submit"><?php echo __('Log in') ?></button> <?php if (defined('ENABLE_REGISTRATION') && ENABLE_REGISTRATION) { ?> diff --git a/include/rssfuncs.php b/include/rssfuncs.php index 130f9142c..73fe757c3 100644 --- a/include/rssfuncs.php +++ b/include/rssfuncs.php @@ -224,6 +224,8 @@ $simplepie_cache_dir = CACHE_DIR . "/simplepie"; + $date_feed_processed = date('Y-m-d H:i'); + if (!is_dir($simplepie_cache_dir)) { mkdir($simplepie_cache_dir); } @@ -626,7 +628,7 @@ '', $no_orig_date, NOW(), - NOW(), + '$date_feed_processed', '$entry_comments', '$num_comments', '$entry_plugin_data', diff --git a/include/sanity_check.php b/include/sanity_check.php index 0373196b3..1610cfeb0 100644 --- a/include/sanity_check.php +++ b/include/sanity_check.php @@ -2,6 +2,12 @@ // WARNING: Don't ask for help on tt-rss.org forums or the bugtracker if you have // modified this file. + function make_self_url_path() { + $url_path = ($_SERVER['HTTPS'] != "on" ? 'http://' : 'https://') . $_SERVER["HTTP_HOST"] . parse_url($_SERVER["REQUEST_URI"], PHP_URL_PATH); + + return $url_path; + } + function initial_sanity_check($link) { $errors = array(); @@ -12,6 +18,10 @@ require_once "sanity_config.php"; + if (file_exists("install") && !file_exists("config.php")) { + array_push($errors, "Please copy config.php-dist to config.php or run the installer in install/"); + } + if (strpos(PLUGINS, "auth_") === FALSE) { array_push($errors, "Please enable at least one authentication module via PLUGINS constant in config.php"); } @@ -52,14 +62,6 @@ } } - if (SESSION_EXPIRE_TIME < 60) { - array_push($errors, "SESSION_EXPIRE_TIME set in config.php is too low, please set it to an integer value >= 60"); - } - - if (SESSION_EXPIRE_TIME < SESSION_COOKIE_LIFETIME) { - array_push($errors, "SESSION_EXPIRE_TIME set in config.php should be >= to SESSION_COOKIE_LIFETIME"); - } - if (SINGLE_USER_MODE) { $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME); @@ -73,12 +75,10 @@ } if (SELF_URL_PATH == "http://yourserver/tt-rss/") { - if ($_SERVER['HTTP_REFERER']) { - array_push($errors, - "Please set SELF_URL_PATH to the correct value for your server (possible value: <b>" . $_SERVER['HTTP_REFERER'] . "</b>)"); - } else { - array_push($errors, "Please set SELF_URL_PATH to the correct value for your server."); - } + $urlpath = preg_replace("/\w+\.php$/", "", make_self_url_path()); + + array_push($errors, + "Please set SELF_URL_PATH to the correct value for your server (possible value: <b>$urlpath</b>)"); } if (!is_writable(ICONS_DIR)) { @@ -146,7 +146,8 @@ <link rel="stylesheet" type="text/css" href="utility.css"> </head> <body> - <div class="floatingLogo"><img src="images/logo_wide.png"></div> + <div class="floatingLogo"><img src="images/logo_small.png"></div> + <div class="content"> <h1>Startup failed</h1> @@ -158,6 +159,8 @@ <p>You might want to check tt-rss <a href="http://tt-rss.org/wiki">wiki</a> or the <a href="http://tt-rss.org/forum">forums</a> for more information. Please search the forums before creating new topic for your question.</p> + + </div> </body> </html> diff --git a/include/sanity_config.php b/include/sanity_config.php index 80be1434e..9b28e46af 100644 --- a/include/sanity_config.php +++ b/include/sanity_config.php @@ -1,3 +1,3 @@ -<?php # This file has been generated at: Sat Feb 9 22:34:30 MSK 2013 +<?php # This file has been generated at: Thu Mar 28 10:05:39 MSK 2013 define('GENERATED_CONFIG_CHECK', 26); -$requred_defines = array( 'DB_TYPE', 'DB_HOST', 'DB_USER', 'DB_NAME', 'DB_PASS', 'MYSQL_CHARSET', 'SELF_URL_PATH', 'SINGLE_USER_MODE', 'SIMPLE_UPDATE_MODE', 'PHP_EXECUTABLE', 'LOCK_DIRECTORY', 'CACHE_DIR', 'ICONS_DIR', 'ICONS_URL', 'AUTH_AUTO_CREATE', 'AUTH_AUTO_LOGIN', 'FORCE_ARTICLE_PURGE', 'PUBSUBHUBBUB_HUB', 'PUBSUBHUBBUB_ENABLED', 'SPHINX_ENABLED', 'SPHINX_INDEX', 'ENABLE_REGISTRATION', 'REG_NOTIFY_ADDRESS', 'REG_MAX_USERS', 'SESSION_COOKIE_LIFETIME', 'SESSION_EXPIRE_TIME', 'SESSION_CHECK_ADDRESS', 'SMTP_FROM_NAME', 'SMTP_FROM_ADDRESS', 'DIGEST_SUBJECT', 'SMTP_HOST', 'SMTP_PORT', 'SMTP_LOGIN', 'SMTP_PASSWORD', 'CHECK_FOR_NEW_VERSION', 'ENABLE_GZIP_OUTPUT', 'PLUGINS', 'CONFIG_VERSION'); ?> +$requred_defines = array( 'DB_TYPE', 'DB_HOST', 'DB_USER', 'DB_NAME', 'DB_PASS', 'MYSQL_CHARSET', 'SELF_URL_PATH', 'SINGLE_USER_MODE', 'SIMPLE_UPDATE_MODE', 'PHP_EXECUTABLE', 'LOCK_DIRECTORY', 'CACHE_DIR', 'ICONS_DIR', 'ICONS_URL', 'AUTH_AUTO_CREATE', 'AUTH_AUTO_LOGIN', 'FORCE_ARTICLE_PURGE', 'PUBSUBHUBBUB_HUB', 'PUBSUBHUBBUB_ENABLED', 'SPHINX_ENABLED', 'SPHINX_INDEX', 'ENABLE_REGISTRATION', 'REG_NOTIFY_ADDRESS', 'REG_MAX_USERS', 'SESSION_COOKIE_LIFETIME', 'SESSION_CHECK_ADDRESS', 'SMTP_FROM_NAME', 'SMTP_FROM_ADDRESS', 'DIGEST_SUBJECT', 'SMTP_HOST', 'SMTP_PORT', 'SMTP_LOGIN', 'SMTP_PASSWORD', 'CHECK_FOR_NEW_VERSION', 'ENABLE_GZIP_OUTPUT', 'PLUGINS', 'CONFIG_VERSION'); ?> diff --git a/include/sessions.php b/include/sessions.php index 3355ec49e..23c19441e 100644 --- a/include/sessions.php +++ b/include/sessions.php @@ -4,7 +4,7 @@ require_once "config.php"; require_once "db.php"; - $session_expire = SESSION_EXPIRE_TIME; //seconds + $session_expire = max(SESSION_COOKIE_LIFETIME, 86400); $session_name = (!defined('TTRSS_SESSION_NAME')) ? "ttrss_sid" : TTRSS_SESSION_NAME; if (@$_SERVER['HTTPS'] == "on") { @@ -15,7 +15,7 @@ ini_set("session.gc_probability", 50); ini_set("session.name", $session_name); ini_set("session.use_only_cookies", true); - ini_set("session.gc_maxlifetime", SESSION_EXPIRE_TIME); + ini_set("session.gc_maxlifetime", $session_expire); function ttrss_open ($s, $n) { @@ -102,9 +102,16 @@ "ttrss_destroy", "ttrss_gc"); } - session_set_cookie_params(SESSION_COOKIE_LIFETIME); - if (!defined('TTRSS_SESSION_NAME') || TTRSS_SESSION_NAME != 'ttrss_api_sid') { - @session_start(); + if ($_COOKIE[$session_name]) { + @session_start(); + + if (!$_SESSION["uid"]) { + session_destroy(); + if (isset($_COOKIE[session_name()])) { + setcookie(session_name(), '', time()-42000, '/'); + } + } + } } ?> |