From 90e5bd65c9d4a5d3d5cedfeaa1314f2a15df5227 Mon Sep 17 00:00:00 2001 From: ArthurHoaro Date: Fri, 18 Sep 2015 13:26:36 +0200 Subject: [PATCH] URL encode links when a redirector is set. Fixes #328 - URL encode links when a redirector is set * WARNING - template edit - new variable available : "real_url" Contains the final real url (redirected or any other change on original URL) * Don't redirect shaares link in RSS/Atom. * Affects links shaared in description. * Move text2clickable and keepMultipleSpaces to Utils.php + unit test UPDATE: * keepMultipleSpaces renamed to space2nbsp * space2nbsp improved to handle single space at line beginning * links in text description aren't 'nofollow' anymore --- application/LinkDB.php | 20 ++++++++++-- application/Utils.php | 53 ++++++++++++++++++++++++++++++++ index.php | 48 +++++++++++++---------------- plugins/qrcode/qrcode.php | 2 +- tests/LinkDBTest.php | 23 ++++++++++++++ tests/UtilsTest.php | 37 ++++++++++++++++++++++ tests/plugins/PlugQrcodeTest.php | 4 +-- tpl/daily.html | 2 +- tpl/linklist.html | 6 ++-- tpl/picwall.html | 2 +- 10 files changed, 160 insertions(+), 37 deletions(-) diff --git a/application/LinkDB.php b/application/LinkDB.php index 15fadbc3..f771ac8b 100644 --- a/application/LinkDB.php +++ b/application/LinkDB.php @@ -57,18 +57,25 @@ class LinkDB implements Iterator, Countable, ArrayAccess // Hide public links private $_hidePublicLinks; + // link redirector set in user settings. + private $_redirector; + /** * Creates a new LinkDB * * Checks if the datastore exists; else, attempts to create a dummy one. * - * @param $isLoggedIn is the user logged in? + * @param string $datastore datastore file path. + * @param boolean $isLoggedIn is the user logged in? + * @param boolean $hidePublicLinks if true all links are private. + * @param string $redirector link redirector set in user settings. */ - function __construct($datastore, $isLoggedIn, $hidePublicLinks) + function __construct($datastore, $isLoggedIn, $hidePublicLinks, $redirector = '') { $this->_datastore = $datastore; $this->_loggedIn = $isLoggedIn; $this->_hidePublicLinks = $hidePublicLinks; + $this->_redirector = $redirector; $this->_checkDB(); $this->_readDB(); } @@ -259,7 +266,14 @@ private function _readDB() // Escape links data foreach($this->_links as &$link) { - sanitizeLink($link); + sanitizeLink($link); + // Do not use the redirector for internal links (Shaarli note URL starting with a '?'). + if (!empty($this->_redirector) && !startsWith($link['url'], '?')) { + $link['real_url'] = $this->_redirector . urlencode($link['url']); + } + else { + $link['real_url'] = $link['url']; + } } } diff --git a/application/Utils.php b/application/Utils.php index b8579b48..f84f70e4 100644 --- a/application/Utils.php +++ b/application/Utils.php @@ -148,3 +148,56 @@ function is_session_id_valid($sessionId) return true; } + +/** + * In a string, converts URLs to clickable links. + * + * @param string $text input string. + * @param string $redirector if a redirector is set, use it to gerenate links. + * + * @return string returns $text with all links converted to HTML links. + * + * @see Function inspired from http://www.php.net/manual/en/function.preg-replace.php#85722 + */ +function text2clickable($text, $redirector) +{ + $regex = '!(((?:https?|ftp|file)://|apt:|magnet:)\S+[[:alnum:]]/?)!si'; + + if (empty($redirector)) { + return preg_replace($regex, '$1', $text); + } + // Redirector is set, urlencode the final URL. + return preg_replace_callback( + $regex, + function ($matches) use ($redirector) { + return ''. $matches[1] .''; + }, + $text + ); +} + +/** + * This function inserts   where relevant so that multiple spaces are properly displayed in HTML + * even in the absence of
  (This is used in description to keep text formatting).
+ *
+ * @param string $text input text.
+ *
+ * @return string formatted text.
+ */
+function space2nbsp($text)
+{
+    return preg_replace('/(^| ) /m', '$1 ', $text);
+}
+
+/**
+ * Format Shaarli's description
+ * TODO: Move me to ApplicationUtils when it's ready.
+ *
+ * @param string $description shaare's description.
+ * @param string $redirector  if a redirector is set, use it to gerenate links.
+ *
+ * @return string formatted description.
+ */
+function format_description($description, $redirector) {
+    return nl2br(space2nbsp(text2clickable($description, $redirector)));
+}
diff --git a/index.php b/index.php
index b4d9395f..62d29f2c 100644
--- a/index.php
+++ b/index.php
@@ -340,21 +340,6 @@ function logm($message)
     file_put_contents($GLOBAL['config']['LOG_FILE'], $t, FILE_APPEND);
 }
 
-// In a string, converts URLs to clickable links.
-// Function inspired from http://www.php.net/manual/en/function.preg-replace.php#85722
-function text2clickable($url)
-{
-    $redir = empty($GLOBALS['redirector']) ? '' : $GLOBALS['redirector'];
-    return preg_replace('!(((?:https?|ftp|file)://|apt:|magnet:)\S+[[:alnum:]]/?)!si','$1',$url);
-}
-
-// This function inserts   where relevant so that multiple spaces are properly displayed in HTML
-// even in the absence of 
  (This is used in description to keep text formatting)
-function keepMultipleSpaces($text)
-{
-    return str_replace('  ','  ',$text);
-
-}
 // ------------------------------------------------------------------------------------------
 // Sniff browser language to display dates in the right format automatically.
 // (Note that is may not work on your server if the corresponding local is not installed.)
@@ -746,7 +731,8 @@ function showRSS()
     $LINKSDB = new LinkDB(
         $GLOBALS['config']['DATASTORE'],
         isLoggedIn(),
-        $GLOBALS['config']['HIDE_PUBLIC_LINKS']
+        $GLOBALS['config']['HIDE_PUBLIC_LINKS'],
+        $GLOBALS['redirector']
     );
     // Read links from database (and filter private links if user it not logged in).
 
@@ -797,7 +783,9 @@ function showRSS()
         // If user wants permalinks first, put the final link in description
         if ($usepermalinks===true) $descriptionlink = '(Link)';
         if (strlen($link['description'])>0) $descriptionlink = '
'.$descriptionlink; - echo ''."\n\n"; + echo '' . "\n\n"; $i++; } echo ''; @@ -835,7 +823,8 @@ function showATOM() $LINKSDB = new LinkDB( $GLOBALS['config']['DATASTORE'], isLoggedIn(), - $GLOBALS['config']['HIDE_PUBLIC_LINKS'] + $GLOBALS['config']['HIDE_PUBLIC_LINKS'], + $GLOBALS['redirector'] ); // Optionally filter the results: @@ -876,7 +865,9 @@ function showATOM() if ($usepermalinks===true) $descriptionlink = '(Link)'; if (strlen($link['description'])>0) $descriptionlink = '
'.$descriptionlink; - $entries.='\n"; + $entries .= '\n"; if ($link['tags']!='') // Adding tags to each ATOM entry (as mentioned in ATOM specification) { foreach(explode(' ',$link['tags']) as $tag) @@ -929,7 +920,8 @@ function showDailyRSS() { $LINKSDB = new LinkDB( $GLOBALS['config']['DATASTORE'], isLoggedIn(), - $GLOBALS['config']['HIDE_PUBLIC_LINKS'] + $GLOBALS['config']['HIDE_PUBLIC_LINKS'], + $GLOBALS['redirector'] ); /* Some Shaarlies may have very few links, so we need to look @@ -983,7 +975,7 @@ function showDailyRSS() { // We pre-format some fields for proper output. foreach ($linkdates as $linkdate) { $l = $LINKSDB[$linkdate]; - $l['formatedDescription'] = nl2br(keepMultipleSpaces(text2clickable($l['description']))); + $l['formatedDescription'] = format_description($l['description'], $GLOBALS['redirector']); $l['thumbnail'] = thumbnail($l['url']); $l['timestamp'] = linkdate2timestamp($l['linkdate']); if (startsWith($l['url'], '?')) { @@ -1016,7 +1008,8 @@ function showDaily() $LINKSDB = new LinkDB( $GLOBALS['config']['DATASTORE'], isLoggedIn(), - $GLOBALS['config']['HIDE_PUBLIC_LINKS'] + $GLOBALS['config']['HIDE_PUBLIC_LINKS'], + $GLOBALS['redirector'] ); $day=Date('Ymd',strtotime('-1 day')); // Yesterday, in format YYYYMMDD. @@ -1047,7 +1040,7 @@ function showDaily() $taglist = explode(' ',$link['tags']); uasort($taglist, 'strcasecmp'); $linksToDisplay[$key]['taglist']=$taglist; - $linksToDisplay[$key]['formatedDescription']=nl2br(keepMultipleSpaces(text2clickable($link['description']))); + $linksToDisplay[$key]['formatedDescription'] = format_description($link['description'], $GLOBALS['redirector']); $linksToDisplay[$key]['thumbnail'] = thumbnail($link['url']); $linksToDisplay[$key]['timestamp'] = linkdate2timestamp($link['linkdate']); } @@ -1107,7 +1100,8 @@ function renderPage() $LINKSDB = new LinkDB( $GLOBALS['config']['DATASTORE'], isLoggedIn(), - $GLOBALS['config']['HIDE_PUBLIC_LINKS'] + $GLOBALS['config']['HIDE_PUBLIC_LINKS'], + $GLOBALS['redirector'] ); $PAGE = new pageBuilder; @@ -1781,7 +1775,8 @@ function importFile() $LINKSDB = new LinkDB( $GLOBALS['config']['DATASTORE'], isLoggedIn(), - $GLOBALS['config']['HIDE_PUBLIC_LINKS'] + $GLOBALS['config']['HIDE_PUBLIC_LINKS'], + $GLOBALS['redirector'] ); $filename=$_FILES['filetoupload']['name']; $filesize=$_FILES['filetoupload']['size']; @@ -1932,8 +1927,7 @@ function buildLinkList($PAGE,$LINKSDB) while ($i<$end && $ifilterFullText('free software')) ); } + + /** + * Test real_url without redirector. + */ + public function testLinkRealUrlWithoutRedirector() + { + $db = new LinkDB(self::$testDatastore, false, false); + foreach($db as $link) { + $this->assertEquals($link['url'], $link['real_url']); + } + } + + /** + * Test real_url with redirector. + */ + public function testLinkRealUrlWithRedirector() + { + $redirector = 'http://redirector.to?'; + $db = new LinkDB(self::$testDatastore, false, false, $redirector); + foreach($db as $link) { + $this->assertStringStartsWith($redirector, $link['real_url']); + } + } } diff --git a/tests/UtilsTest.php b/tests/UtilsTest.php index 4847ea94..02eecda2 100644 --- a/tests/UtilsTest.php +++ b/tests/UtilsTest.php @@ -187,4 +187,41 @@ public function testIsSessionIdInvalid() is_session_id_valid('c0ZqcWF3VFE2NmJBdm1HMVQ0ZHJ3UmZPbTFsNGhkNHI=') ); } + + /** + * Test text2clickable without a redirector being set. + */ + public function testText2clickableWithoutRedirector() + { + $text = 'stuff http://hello.there/is=someone#here otherstuff'; + $expectedText = 'stuff http://hello.there/is=someone#here otherstuff'; + $processedText = text2clickable($text, ''); + $this->assertEquals($expectedText, $processedText); + } + + /** + * Test text2clickable a redirector set. + */ + public function testText2clickableWithRedirector() + { + $text = 'stuff http://hello.there/is=someone#here otherstuff'; + $redirector = 'http://redirector.to'; + $expectedText = 'stuff http://hello.there/is=someone#here otherstuff'; + $processedText = text2clickable($text, $redirector); + $this->assertEquals($expectedText, $processedText); + } + + /** + * Test testSpace2nbsp. + */ + public function testSpace2nbsp() + { + $text = ' Are you thrilled by flags ?'. PHP_EOL .' Really?'; + $expectedText = '  Are you   thrilled  by flags   ?'. PHP_EOL .' Really?'; + $processedText = space2nbsp($text); + $this->assertEquals($expectedText, $processedText); + } } diff --git a/tests/plugins/PlugQrcodeTest.php b/tests/plugins/PlugQrcodeTest.php index 86dc7f29..c749fa86 100644 --- a/tests/plugins/PlugQrcodeTest.php +++ b/tests/plugins/PlugQrcodeTest.php @@ -30,7 +30,7 @@ function testQrcodeLinklist() 'title' => $str, 'links' => array( array( - 'url' => $str, + 'real_url' => $str, ) ) ); @@ -39,7 +39,7 @@ function testQrcodeLinklist() $link = $data['links'][0]; // data shouldn't be altered $this->assertEquals($str, $data['title']); - $this->assertEquals($str, $link['url']); + $this->assertEquals($str, $link['real_url']); // plugin data $this->assertEquals(1, count($link['link_plugin'])); diff --git a/tpl/daily.html b/tpl/daily.html index 93a3ab45..063dc89a 100644 --- a/tpl/daily.html +++ b/tpl/daily.html @@ -66,7 +66,7 @@ {/if} {if="$link.thumbnail"}
{$link.thumbnail}
diff --git a/tpl/linklist.html b/tpl/linklist.html index f6e9e82b..666748a7 100644 --- a/tpl/linklist.html +++ b/tpl/linklist.html @@ -70,7 +70,9 @@ {/if} - {$value.title} + + {$value.title} +
{if="$value.description"}
{$value.description}
{/if} {if="!$GLOBALS['config']['HIDE_TIMESTAMPS'] || isLoggedIn()"} @@ -83,7 +85,7 @@ {$value} - {/loop} - {$value.url}
+ {$value.url}
{if="$value.tags"}
{loop="value.taglist"}{$value} {/loop} diff --git a/tpl/picwall.html b/tpl/picwall.html index 97d5efdf..230c948b 100644 --- a/tpl/picwall.html +++ b/tpl/picwall.html @@ -16,7 +16,7 @@
{loop="linksToDisplay"}
- {$value.thumbnail}{$value.title} + {$value.thumbnail}{$value.title} {loop="$value.picwall_plugin"} {$value} {/loop}