Test
diff --git a/plugins/auth_internal/init.php b/plugins/auth_internal/init.php
index a69ea444c..6a68534ea 100644
--- a/plugins/auth_internal/init.php
+++ b/plugins/auth_internal/init.php
@@ -63,21 +63,21 @@ class Auth_Internal extends Auth_Base {
Tiny Tiny RSS
-
+ = stylesheet_tag("themes/light.css") ?>
-
+ = __("Authentication") ?>
-
";
+ ?>
+
+
+
+ = \Controls\hidden_tag("op", "pluginhandler") ?>
+ = \Controls\hidden_tag("plugin", "mail") ?>
+ = \Controls\hidden_tag("method", "sendEmail") ?>
+
+ = \Controls\hidden_tag("from_email", "$user_email") ?>
+ = \Controls\hidden_tag("from_name", "$user_name") ?>
+
+
+
+
+
+ = __('To:') ?>
+ = \Controls\select_tag("destination", "", $addresslist,
+ ["style" => "width: 380px", "required" => 1, "dojoType" => "dijit.form.ComboBox"]) ?>
+
+
+
+
+
+ = $content ?>
+
+
+ = \Controls\submit_tag(__('Send email')) ?>
+ = \Controls\cancel_dialog_tag(__('Cancel')) ?>
+
+
+
+ ".__('Forward by email')."
";
+ return "".__('Forward by email (mailto:)')."
";
}
function get_js() {
@@ -26,7 +26,7 @@ class MailTo extends Plugin {
function hook_article_button($line) {
return "mail_outline ";
+ title='".__('Forward by email (mailto:)')."'>mail_outline";
}
function emailArticle() {
@@ -42,7 +42,6 @@ class MailTo extends Plugin {
//$tpl->setVariable('USER_EMAIL', $user_email, true);
$tpl->setVariable('TTRSS_HOST', $_SERVER["HTTP_HOST"], true);
-
$sth = $this->pdo->prepare("SELECT DISTINCT link, content, title
FROM ttrss_user_entries, ttrss_entries WHERE id = ref_id AND
id IN ($ids_qmarks) AND owner_uid = ?");
@@ -70,25 +69,23 @@ class MailTo extends Plugin {
$content = "";
$tpl->generateOutputToString($content);
- $mailto_link = htmlspecialchars("mailto:?subject=".rawurlencode($subject).
- "&body=".rawurlencode($content));
-
- print __("Clicking the following link to invoke your mail client:");
-
- print "";
+ $mailto_link = "mailto:?subject=".rawurlencode($subject)."&body=".rawurlencode($content);
- print __("You should be able to edit the message before sending in your mail client.");
+ ?>
- print "";
+
- print "";
- print \Controls\submit_tag(__('Close this dialog'));
- print " ";
+
+ = \Controls\submit_tag(__('Close this dialog')) ?>
+
- //return;
+
Date: Wed, 17 Feb 2021 15:53:58 +0300
Subject: delete unused mail .pngs
---
plugins/mail/mail.png | Bin 641 -> 0 bytes
plugins/mailto/mail.png | Bin 821 -> 0 bytes
2 files changed, 0 insertions(+), 0 deletions(-)
delete mode 100644 plugins/mail/mail.png
delete mode 100644 plugins/mailto/mail.png
(limited to 'plugins')
diff --git a/plugins/mail/mail.png b/plugins/mail/mail.png
deleted file mode 100644
index 7348aed77..000000000
Binary files a/plugins/mail/mail.png and /dev/null differ
diff --git a/plugins/mailto/mail.png b/plugins/mailto/mail.png
deleted file mode 100644
index 2c49f78a6..000000000
Binary files a/plugins/mailto/mail.png and /dev/null differ
--
cgit v1.2.3
From 6ecee2abbd96eac2b0efab259c184644b71d1449 Mon Sep 17 00:00:00 2001
From: Andrew Dolgov
Date: Wed, 17 Feb 2021 16:17:05 +0300
Subject: cache_starred_images: minor fixes
---
plugins/cache_starred_images/init.php | 53 ++++++++++++++++++-----------------
1 file changed, 28 insertions(+), 25 deletions(-)
(limited to 'plugins')
diff --git a/plugins/cache_starred_images/init.php b/plugins/cache_starred_images/init.php
index 9c2d4cb7e..bd44a2b28 100755
--- a/plugins/cache_starred_images/init.php
+++ b/plugins/cache_starred_images/init.php
@@ -5,7 +5,7 @@ class Cache_Starred_Images extends Plugin {
private $host;
/* @var DiskCache $cache */
private $cache;
- private $max_cache_attempts = 5; // per-article
+ private $max_cache_attempts = 5; // per-article
function about() {
return array(1.0,
@@ -38,13 +38,13 @@ class Cache_Starred_Images extends Plugin {
Debug::log("caching media of starred articles for user " . $this->host->get_owner_uid() . "...");
$sth = $this->pdo->prepare("SELECT content, ttrss_entries.title,
- ttrss_user_entries.owner_uid, link, site_url, ttrss_entries.id, plugin_data
+ ttrss_user_entries.owner_uid, link, site_url, ttrss_entries.id, plugin_data
FROM ttrss_entries, ttrss_user_entries LEFT JOIN ttrss_feeds ON
(ttrss_user_entries.feed_id = ttrss_feeds.id)
WHERE ref_id = ttrss_entries.id AND
marked = true AND
site_url != '' AND
- ttrss_user_entries.owner_uid = ? AND
+ ttrss_user_entries.owner_uid = ? AND
plugin_data NOT LIKE '%starred_cache_images%'
ORDER BY ".Db::sql_random_function()." LIMIT 100");
@@ -59,7 +59,7 @@ class Cache_Starred_Images extends Plugin {
$success = $this->cache_article_images($line["content"], $line["site_url"], $line["owner_uid"], $line["id"]);
if ($success) {
- $plugin_data = "starred_cache_images,${line['owner_uid']}:" . $line["plugin_data"];
+ $plugin_data = "starred_cache_images," . $line["owner_uid"] . ":" . $line["plugin_data"];
$usth->execute([$plugin_data, $line['id']]);
}
@@ -71,7 +71,10 @@ class Cache_Starred_Images extends Plugin {
Debug::log("expiring " . $this->cache->get_dir() . "...");
- $files = glob($this->cache->get_dir() . "/*.{png,mp4,status}", GLOB_BRACE);
+ $files = array_merge(
+ glob($this->cache->get_dir() . "/*.png"),
+ glob($this->cache->get_dir() . "/*.mp4"),
+ glob($this->cache->get_dir() . "/*.status"));
$last_article_id = 0;
$article_exists = 1;
@@ -105,7 +108,7 @@ class Cache_Starred_Images extends Plugin {
}
function hook_sanitize($doc, $site_url, $allowed_elements, $disallowed_attributes, $article_id) {
- $xpath = new DOMXpath($doc);
+ $xpath = new DOMXPath($doc);
if ($article_id) {
$entries = $xpath->query('(//img[@src])|(//video/source[@src])');
@@ -158,30 +161,30 @@ class Cache_Starred_Images extends Plugin {
Debug::log("status: $status_filename", Debug::$LOG_VERBOSE);
- if ($this->cache->exists($status_filename))
- $status = json_decode($this->cache->get($status_filename), true);
- else
- $status = [];
+ if ($this->cache->exists($status_filename))
+ $status = json_decode($this->cache->get($status_filename), true);
+ else
+ $status = [];
- $status["attempt"] += 1;
+ $status["attempt"] += 1;
- // only allow several download attempts for article
- if ($status["attempt"] > $this->max_cache_attempts) {
- Debug::log("too many attempts for $site_url", Debug::$LOG_VERBOSE);
- return false;
- }
+ // only allow several download attempts for article
+ if ($status["attempt"] > $this->max_cache_attempts) {
+ Debug::log("too many attempts for $site_url", Debug::$LOG_VERBOSE);
+ return false;
+ }
- if (!$this->cache->put($status_filename, json_encode($status))) {
- user_error("unable to write status file: $status_filename", E_USER_WARNING);
- return false;
- }
+ if (!$this->cache->put($status_filename, json_encode($status))) {
+ user_error("unable to write status file: $status_filename", E_USER_WARNING);
+ return false;
+ }
$doc = new DOMDocument();
$has_images = false;
$success = false;
- if (@$doc->loadHTML('' . $content)) {
+ if (@$doc->loadHTML('' . $content)) {
$xpath = new DOMXPath($doc);
$entries = $xpath->query('(//img[@src])|(//video/source[@src])');
@@ -203,11 +206,11 @@ class Cache_Starred_Images extends Plugin {
$esth = $this->pdo->prepare("SELECT content_url FROM ttrss_enclosures WHERE post_id = ? AND
(content_type LIKE '%image%' OR content_type LIKE '%video%')");
- if ($esth->execute([$article_id])) {
- while ($enc = $esth->fetch()) {
+ if ($esth->execute([$article_id])) {
+ while ($enc = $esth->fetch()) {
- $has_images = true;
- $url = rewrite_relative_url($site_url, $enc["content_url"]);
+ $has_images = true;
+ $url = rewrite_relative_url($site_url, $enc["content_url"]);
if ($this->cache_url($article_id, $url)) {
$success = true;
--
cgit v1.2.3
From 35b6d63289dcce3be27127aec607c970b050a986 Mon Sep 17 00:00:00 2001
From: Andrew Dolgov
Date: Wed, 17 Feb 2021 16:27:52 +0300
Subject: af_proxy_http: don't try to proxy back to ourselves
---
plugins/af_proxy_http/init.php | 15 +++++++++++++--
1 file changed, 13 insertions(+), 2 deletions(-)
(limited to 'plugins')
diff --git a/plugins/af_proxy_http/init.php b/plugins/af_proxy_http/init.php
index 79d2f5294..5804e450f 100644
--- a/plugins/af_proxy_http/init.php
+++ b/plugins/af_proxy_http/init.php
@@ -50,8 +50,14 @@ class Af_Proxy_Http extends Plugin {
public function imgproxy() {
$url = UrlHelper::validate(clean($_REQUEST["url"]));
- // called without user context, let's just redirect to original URL
- if (!$_SESSION["uid"] || $_REQUEST['af_proxy_http_token'] != $_SESSION['af_proxy_http_token']) {
+ // immediately redirect to original URL if:
+ // - url points back to ourselves
+ // - called without user context
+ // - session-spefific token is invalid
+ if (
+ strpos($url, get_self_url_prefix()) === 0 ||
+ empty($_SESSION["uid"]) ||
+ $_REQUEST['af_proxy_http_token'] != $_SESSION['af_proxy_http_token']) {
header("Location: $url");
return;
}
@@ -104,6 +110,11 @@ class Af_Proxy_Http extends Plugin {
}
private function rewrite_url_if_needed($url, $all_remote = false) {
+ /* don't rewrite urls pointing to ourselves */
+
+ if (strpos($url, get_self_url_prefix()) === 0)
+ return $url;
+
/* we don't need to handle URLs where local cache already exists, tt-rss rewrites those automatically */
if (!$this->cache->exists(sha1($url))) {
--
cgit v1.2.3
From e4609c18efceebb1e021d814f53061ada7f6489a Mon Sep 17 00:00:00 2001
From: Andrew Dolgov
Date: Wed, 17 Feb 2021 21:44:21 +0300
Subject: * add (disabled) shortcut syntax for plugin methods * add controls
shortcut for pluginhandler tags * add similar shortcut for frontend * allow
plugins to selectively exclude their methods from CSRF checking
---
plugins/af_proxy_http/init.php | 4 +---
plugins/af_psql_trgm/init.php | 4 +---
plugins/af_readability/init.js | 2 +-
plugins/af_readability/init.php | 6 ++----
plugins/af_redditimgur/init.php | 9 +++++----
plugins/mail/init.php | 12 ++++--------
plugins/mail/mail.js | 2 +-
plugins/mailto/init.js | 2 +-
plugins/note/init.php | 4 +---
plugins/note/note.js | 2 +-
plugins/nsfw/init.php | 4 +---
plugins/share/share.js | 8 +++-----
plugins/share/share_prefs.js | 2 +-
13 files changed, 23 insertions(+), 38 deletions(-)
(limited to 'plugins')
diff --git a/plugins/af_proxy_http/init.php b/plugins/af_proxy_http/init.php
index 5804e450f..d6cee5fcd 100644
--- a/plugins/af_proxy_http/init.php
+++ b/plugins/af_proxy_http/init.php
@@ -229,9 +229,7 @@ class Af_Proxy_Http extends Plugin {
}
";
- print \Controls\hidden_tag("op", "pluginhandler");
- print \Controls\hidden_tag("method", "save");
- print \Controls\hidden_tag("plugin", "af_proxy_http");
+ print \Controls\pluginhandler_tags($this, "save");
$proxy_all = sql_bool_to_bool($this->host->get($this, "proxy_all"));
print \Controls\checkbox_tag("proxy_all", $proxy_all);
diff --git a/plugins/af_psql_trgm/init.php b/plugins/af_psql_trgm/init.php
index 1d83ce5e0..bfbbdf49c 100644
--- a/plugins/af_psql_trgm/init.php
+++ b/plugins/af_psql_trgm/init.php
@@ -157,9 +157,7 @@ class Af_Psql_Trgm extends Plugin {
}
";
- print \Controls\hidden_tag("op", "pluginhandler");
- print \Controls\hidden_tag("method", "save");
- print \Controls\hidden_tag("plugin", "af_psql_trgm");
+ print \Controls\pluginhandler_tags($this, "save");
print "" . __("Global settings") . " ";
diff --git a/plugins/af_readability/init.js b/plugins/af_readability/init.js
index 3155475cc..ff2d94e8b 100644
--- a/plugins/af_readability/init.js
+++ b/plugins/af_readability/init.js
@@ -16,7 +16,7 @@ Plugins.Af_Readability = {
Notify.progress("Loading, please wait...");
- xhrJson("backend.php",{ op: "pluginhandler", plugin: "af_readability", method: "embed", param: id }, (reply) => {
+ xhrJson("backend.php", App.getPhArgs("af_readability", "embed", {id: id}), (reply) => {
if (content && reply.content) {
content.setAttribute(self.orig_attr_name, content.innerHTML);
diff --git a/plugins/af_readability/init.php b/plugins/af_readability/init.php
index aeef8cddc..43d064fc7 100755
--- a/plugins/af_readability/init.php
+++ b/plugins/af_readability/init.php
@@ -67,9 +67,7 @@ class Af_Readability extends Plugin {
- = \Controls\hidden_tag("op", "pluginhandler") ?>
- = \Controls\hidden_tag("method", "save") ?>
- = \Controls\hidden_tag("plugin", "af_readability") ?>
+ = \Controls\pluginhandler_tags($this, "save") ?>
";
-
- print \Controls\pluginhandler_tags($this, "save");
+ = \Controls\pluginhandler_tags($this, "save") ?>
- $proxy_all = sql_bool_to_bool($this->host->get($this, "proxy_all"));
- print \Controls\checkbox_tag("proxy_all", $proxy_all);
- print " " . __("Enable proxy for all remote images.") . " ";
-
- print " ";
+
- print \Controls\submit_tag(__("Save"));
+
+
+ = \Controls\checkbox_tag("proxy_all", $this->host->get($this, "proxy_all")) ?>
+ = __("Enable proxy for all remote images.") ?>
+
+
- print " ";
+
- print "";
+ = \Controls\submit_tag(__("Save")) ?>
+