Fixes #480: add an option to urlencode redirector URL

* New config: `$GLOBALS['config']['REDIRECTOR_URLENCODE']` (default `true`).
  * Parameter added to LinkDB constructor.
  * Fixes a bug with urlencode and escaped url.
  * In `index.php`, LinkDB is now instanciate once for `importFile()` and `showDaily()`.
  * TU
This commit is contained in:
ArthurHoaro 2016-03-24 19:40:12 +01:00
parent 9486a2e929
commit 043eae70c4
3 changed files with 47 additions and 25 deletions

View file

@ -65,6 +65,16 @@ class LinkDB implements Iterator, Countable, ArrayAccess
// link redirector set in user settings. // link redirector set in user settings.
private $_redirector; private $_redirector;
/**
* Set this to `true` to urlencode link behind redirector link, `false` to leave it untouched.
*
* Example:
* anonym.to needs clean URL while dereferer.org needs urlencoded URL.
*
* @var boolean $redirectorEncode parameter: true or false
*/
private $redirectorEncode;
/** /**
* Creates a new LinkDB * Creates a new LinkDB
* *
@ -74,13 +84,21 @@ class LinkDB implements Iterator, Countable, ArrayAccess
* @param boolean $isLoggedIn is the user logged in? * @param boolean $isLoggedIn is the user logged in?
* @param boolean $hidePublicLinks if true all links are private. * @param boolean $hidePublicLinks if true all links are private.
* @param string $redirector link redirector set in user settings. * @param string $redirector link redirector set in user settings.
* @param boolean $redirectorEncode Enable urlencode on redirected urls (default: true).
*/ */
function __construct($datastore, $isLoggedIn, $hidePublicLinks, $redirector = '') function __construct(
$datastore,
$isLoggedIn,
$hidePublicLinks,
$redirector = '',
$redirectorEncode = true
)
{ {
$this->_datastore = $datastore; $this->_datastore = $datastore;
$this->_loggedIn = $isLoggedIn; $this->_loggedIn = $isLoggedIn;
$this->_hidePublicLinks = $hidePublicLinks; $this->_hidePublicLinks = $hidePublicLinks;
$this->_redirector = $redirector; $this->_redirector = $redirector;
$this->redirectorEncode = $redirectorEncode === true;
$this->_checkDB(); $this->_checkDB();
$this->_readDB(); $this->_readDB();
} }
@ -278,7 +296,12 @@ private function _readDB()
// Do not use the redirector for internal links (Shaarli note URL starting with a '?'). // Do not use the redirector for internal links (Shaarli note URL starting with a '?').
if (!empty($this->_redirector) && !startsWith($link['url'], '?')) { if (!empty($this->_redirector) && !startsWith($link['url'], '?')) {
$link['real_url'] = $this->_redirector . urlencode($link['url']); $link['real_url'] = $this->_redirector;
if ($this->redirectorEncode) {
$link['real_url'] .= urlencode(unescape($link['url']));
} else {
$link['real_url'] .= $link['url'];
}
} }
else { else {
$link['real_url'] = $link['url']; $link['real_url'] = $link['url'];

View file

@ -100,6 +100,7 @@
$GLOBALS['config']['UPDATECHECK_BRANCH'] = 'stable'; $GLOBALS['config']['UPDATECHECK_BRANCH'] = 'stable';
$GLOBALS['config']['UPDATECHECK_INTERVAL'] = 86400; $GLOBALS['config']['UPDATECHECK_INTERVAL'] = 86400;
$GLOBALS['config']['REDIRECTOR_URLENCODE'] = true;
/* /*
* Plugin configuration * Plugin configuration
@ -706,7 +707,8 @@ function showDailyRSS() {
$GLOBALS['config']['DATASTORE'], $GLOBALS['config']['DATASTORE'],
isLoggedIn(), isLoggedIn(),
$GLOBALS['config']['HIDE_PUBLIC_LINKS'], $GLOBALS['config']['HIDE_PUBLIC_LINKS'],
$GLOBALS['redirector'] $GLOBALS['redirector'],
$GLOBALS['config']['REDIRECTOR_URLENCODE']
); );
/* Some Shaarlies may have very few links, so we need to look /* Some Shaarlies may have very few links, so we need to look
@ -791,16 +793,10 @@ function showDailyRSS() {
* Show the 'Daily' page. * Show the 'Daily' page.
* *
* @param PageBuilder $pageBuilder Template engine wrapper. * @param PageBuilder $pageBuilder Template engine wrapper.
* @param LinkDB $LINKSDB LinkDB instance.
*/ */
function showDaily($pageBuilder) function showDaily($pageBuilder, $LINKSDB)
{ {
$LINKSDB = new LinkDB(
$GLOBALS['config']['DATASTORE'],
isLoggedIn(),
$GLOBALS['config']['HIDE_PUBLIC_LINKS'],
$GLOBALS['redirector']
);
$day=Date('Ymd',strtotime('-1 day')); // Yesterday, in format YYYYMMDD. $day=Date('Ymd',strtotime('-1 day')); // Yesterday, in format YYYYMMDD.
if (isset($_GET['day'])) $day=$_GET['day']; if (isset($_GET['day'])) $day=$_GET['day'];
@ -892,7 +888,8 @@ function renderPage()
$GLOBALS['config']['DATASTORE'], $GLOBALS['config']['DATASTORE'],
isLoggedIn(), isLoggedIn(),
$GLOBALS['config']['HIDE_PUBLIC_LINKS'], $GLOBALS['config']['HIDE_PUBLIC_LINKS'],
$GLOBALS['redirector'] $GLOBALS['redirector'],
$GLOBALS['config']['REDIRECTOR_URLENCODE']
); );
$updater = new Updater( $updater = new Updater(
@ -1043,7 +1040,7 @@ function renderPage()
// Daily page. // Daily page.
if ($targetPage == Router::$PAGE_DAILY) { if ($targetPage == Router::$PAGE_DAILY) {
showDaily($PAGE); showDaily($PAGE, $LINKSDB);
} }
// ATOM and RSS feed. // ATOM and RSS feed.
@ -1638,7 +1635,7 @@ function renderPage()
exit; exit;
} }
if (!tokenOk($_POST['token'])) die('Wrong token.'); if (!tokenOk($_POST['token'])) die('Wrong token.');
importFile(); importFile($LINKSDB);
exit; exit;
} }
@ -1707,15 +1704,10 @@ function($a, $b) { return $a['order'] - $b['order']; }
// ----------------------------------------------------------------------------------------------- // -----------------------------------------------------------------------------------------------
// Process the import file form. // Process the import file form.
function importFile() function importFile($LINKSDB)
{ {
if (!isLoggedIn()) { die('Not allowed.'); } if (!isLoggedIn()) { die('Not allowed.'); }
$LINKSDB = new LinkDB(
$GLOBALS['config']['DATASTORE'],
isLoggedIn(),
$GLOBALS['config']['HIDE_PUBLIC_LINKS'],
$GLOBALS['redirector']
);
$filename=$_FILES['filetoupload']['name']; $filename=$_FILES['filetoupload']['name'];
$filesize=$_FILES['filetoupload']['size']; $filesize=$_FILES['filetoupload']['size'];
$data=file_get_contents($_FILES['filetoupload']['tmp_name']); $data=file_get_contents($_FILES['filetoupload']['tmp_name']);

View file

@ -338,6 +338,13 @@ public function testLinkRealUrlWithRedirector()
$db = new LinkDB(self::$testDatastore, false, false, $redirector); $db = new LinkDB(self::$testDatastore, false, false, $redirector);
foreach($db as $link) { foreach($db as $link) {
$this->assertStringStartsWith($redirector, $link['real_url']); $this->assertStringStartsWith($redirector, $link['real_url']);
$this->assertNotFalse(strpos($link['real_url'], urlencode('://')));
}
$db = new LinkDB(self::$testDatastore, false, false, $redirector, false);
foreach($db as $link) {
$this->assertStringStartsWith($redirector, $link['real_url']);
$this->assertFalse(strpos($link['real_url'], urlencode('://')));
} }
} }