Merge branch 'master' of git://github.com/sebsauvage/Shaarli

Conflicts:
	index.php
	tpl/includes.html
	tpl/linklist.html
	tpl/page.footer.html
This commit is contained in:
Knah Tsaeb 2013-03-04 14:03:46 +01:00
commit 9de40d272f
7 changed files with 121 additions and 84 deletions

View file

@ -96,6 +96,8 @@ require $GLOBALS['config']['CONFIG_FILE']; // Read login/password hash into $GL
if (empty($GLOBALS['title'])) $GLOBALS['title']='Shared links on '.htmlspecialchars(indexUrl()); if (empty($GLOBALS['title'])) $GLOBALS['title']='Shared links on '.htmlspecialchars(indexUrl());
if (empty($GLOBALS['timezone'])) $GLOBALS['timezone']=date_default_timezone_get(); if (empty($GLOBALS['timezone'])) $GLOBALS['timezone']=date_default_timezone_get();
if (empty($GLOBALS['disablesessionprotection'])) $GLOBALS['disablesessionprotection']=false; if (empty($GLOBALS['disablesessionprotection'])) $GLOBALS['disablesessionprotection']=false;
if (empty($GLOBALS['disablejquery'])) $GLOBALS['disablejquery']=false;
// I really need to rewrite Shaarli with a proper configuation manager.
autoLocale(); // Sniff browser language and set date format accordingly. autoLocale(); // Sniff browser language and set date format accordingly.
header('Content-Type: text/html; charset=utf-8'); // We use UTF-8 for proper international characters handling. header('Content-Type: text/html; charset=utf-8'); // We use UTF-8 for proper international characters handling.
@ -320,7 +322,7 @@ function isLoggedIn()
} }
// Force logout. // Force logout.
function logout() { if (isset($_SESSION)) { unset($_SESSION['uid']); unset($_SESSION['ip']); unset($_SESSION['username']);} } function logout() { if (isset($_SESSION)) { unset($_SESSION['uid']); unset($_SESSION['ip']); unset($_SESSION['username']); unset($_SESSION['privateonly']); } }
// ------------------------------------------------------------------------------------------ // ------------------------------------------------------------------------------------------
@ -408,7 +410,9 @@ if (isset($_POST['login']))
else else
{ {
ban_loginFailed(); ban_loginFailed();
echo '<script language="JavaScript">alert("Wrong login/password.");document.location=\'?do=login\';</script>'; // Redirect to login screen. $redir = '';
if (isset($_GET['post'])) { $redir = '&post='.urlencode($_GET['post']).(!empty($_GET['title'])?'&title='.urlencode($_GET['title']):'').(!empty($_GET['source'])?'&source='.urlencode($_GET['source']):''); }
echo '<script language="JavaScript">alert("Wrong login/password.");document.location=\'?do=login'.$redir.'\';</script>'; // Redirect to login screen.
exit; exit;
} }
} }
@ -930,7 +934,7 @@ function showRSS()
echo '<description><![CDATA['.nl2br(keepMultipleSpaces(text2clickable(htmlspecialchars($link['description'])))).$descriptionlink.']]></description>'."\n</item>\n"; echo '<description><![CDATA['.nl2br(keepMultipleSpaces(text2clickable(htmlspecialchars($link['description'])))).$descriptionlink.']]></description>'."\n</item>\n";
$i++; $i++;
} }
echo '</channel></rss>'; echo '</channel></rss><!-- Cached version of '.pageUrl().' -->';
$cache->cache(ob_get_contents()); $cache->cache(ob_get_contents());
ob_end_flush(); ob_end_flush();
@ -1010,7 +1014,7 @@ function showATOM()
$feed.='<author><name>'.htmlspecialchars($pageaddr).'</name><uri>'.htmlspecialchars($pageaddr).'</uri></author>'; $feed.='<author><name>'.htmlspecialchars($pageaddr).'</name><uri>'.htmlspecialchars($pageaddr).'</uri></author>';
$feed.='<id>'.htmlspecialchars($pageaddr).'</id>'."\n\n"; // Yes, I know I should use a real IRI (RFC3987), but the site URL will do. $feed.='<id>'.htmlspecialchars($pageaddr).'</id>'."\n\n"; // Yes, I know I should use a real IRI (RFC3987), but the site URL will do.
$feed.=$entries; $feed.=$entries;
$feed.='</feed>'; $feed.='</feed><!-- Cached version of '.pageUrl().' -->';
echo $feed; echo $feed;
$cache->cache(ob_get_contents()); $cache->cache(ob_get_contents());
@ -1087,7 +1091,7 @@ function showDailyRSS()
echo '<description><![CDATA['.$html.']]></description>'."\n</item>\n\n"; echo '<description><![CDATA['.$html.']]></description>'."\n</item>\n\n";
} }
echo '</channel></rss>'; echo '</channel></rss><!-- Cached version of '.pageUrl().' -->';
$cache->cache(ob_get_contents()); $cache->cache(ob_get_contents());
ob_end_flush(); ob_end_flush();
@ -1118,7 +1122,9 @@ function showDaily()
// We pre-format some fields for proper output. // We pre-format some fields for proper output.
foreach($linksToDisplay as $key=>$link) foreach($linksToDisplay as $key=>$link)
{ {
$linksToDisplay[$key]['taglist']=explode(' ',$link['tags']); $taglist = explode(' ',$link['tags']);
uasort($taglist, 'strcasecmp');
$linksToDisplay[$key]['taglist']=$taglist;
$linksToDisplay[$key]['formatedDescription']=nl2br(keepMultipleSpaces(text2clickable(htmlspecialchars($link['description'])))); $linksToDisplay[$key]['formatedDescription']=nl2br(keepMultipleSpaces(text2clickable(htmlspecialchars($link['description']))));
$linksToDisplay[$key]['thumbnail'] = thumbnail($link['url']); $linksToDisplay[$key]['thumbnail'] = thumbnail($link['url']);
} }
@ -1268,7 +1274,11 @@ function renderPage()
if (isset($_GET['linksperpage'])) if (isset($_GET['linksperpage']))
{ {
if (is_numeric($_GET['linksperpage'])) { $_SESSION['LINKS_PER_PAGE']=abs(intval($_GET['linksperpage'])); } if (is_numeric($_GET['linksperpage'])) { $_SESSION['LINKS_PER_PAGE']=abs(intval($_GET['linksperpage'])); }
header('Location: '.(empty($_SERVER['HTTP_REFERER'])?'?':$_SERVER['HTTP_REFERER'])); // Make sure the referer is from Shaarli itself.
$referer = '?';
if (!empty($_SERVER['HTTP_REFERER']) && strcmp(parse_url($_SERVER['HTTP_REFERER'],PHP_URL_HOST),$_SERVER['SERVER_NAME'])==0)
$referer = $_SERVER['HTTP_REFERER'];
header('Location: '.$referer);
exit; exit;
} }
@ -1283,7 +1293,11 @@ function renderPage()
{ {
unset($_SESSION['privateonly']); // See all links unset($_SESSION['privateonly']); // See all links
} }
header('Location: '.(empty($_SERVER['HTTP_REFERER'])?'?':$_SERVER['HTTP_REFERER'])); // Make sure the referer is from Shaarli itself.
$referer = '?';
if (!empty($_SERVER['HTTP_REFERER']) && strcmp(parse_url($_SERVER['HTTP_REFERER'],PHP_URL_HOST),$_SERVER['SERVER_NAME'])==0)
$referer = $_SERVER['HTTP_REFERER'];
header('Location: '.$referer);
exit; exit;
} }
@ -1357,6 +1371,7 @@ function renderPage()
$GLOBALS['title']=$_POST['title']; $GLOBALS['title']=$_POST['title'];
$GLOBALS['redirector']=$_POST['redirector']; $GLOBALS['redirector']=$_POST['redirector'];
$GLOBALS['disablesessionprotection']=!empty($_POST['disablesessionprotection']); $GLOBALS['disablesessionprotection']=!empty($_POST['disablesessionprotection']);
$GLOBALS['disablejquery']=!empty($_POST['disablejquery']);
writeConfig(); writeConfig();
echo '<script language="JavaScript">alert("Configuration was saved.");document.location=\'?do=tools\';</script>'; echo '<script language="JavaScript">alert("Configuration was saved.");document.location=\'?do=tools\';</script>';
exit; exit;
@ -1439,7 +1454,11 @@ function renderPage()
if (!tokenOk($_POST['token'])) die('Wrong token.'); // Go away ! if (!tokenOk($_POST['token'])) die('Wrong token.'); // Go away !
$tags = trim(preg_replace('/\s\s+/',' ', $_POST['lf_tags'])); // Remove multiple spaces. $tags = trim(preg_replace('/\s\s+/',' ', $_POST['lf_tags'])); // Remove multiple spaces.
$linkdate=$_POST['lf_linkdate']; $linkdate=$_POST['lf_linkdate'];
$link = array('title'=>trim($_POST['lf_title']),'url'=>trim($_POST['lf_url']),'description'=>trim($_POST['lf_description']),'snippet'=>trim($_POST['lf_snippet']),'private'=>(isset($_POST['lf_private']) ? 1 : 0),'linkdate'=>$linkdate,'tags'=>str_replace(',',' ',$tags), 'via'=>trim($_POST['lf_via'])); $url = trim($_POST['lf_url']);
if (!startsWith($url,'http:') && !startsWith($url,'https:') && !startsWith($url,'ftp:') && !startsWith($url,'magnet:') && !startsWith($url,'?'))
$url = 'http://'.$url;
$link = array('title'=>trim($_POST['lf_title']),'url'=>$url,'description'=>trim($_POST['lf_description']),'private'=>(isset($_POST['lf_private']) ? 1 : 0),
'linkdate'=>$linkdate,'tags'=>str_replace(',',' ',$tags),'snippet'=>trim($_POST['lf_snippet']), 'via'=>trim($_POST['lf_via']));
if ($link['title']=='') $link['title']=$link['url']; // If title is empty, use the URL as title. if ($link['title']=='') $link['title']=$link['url']; // If title is empty, use the URL as title.
$LINKSDB[$linkdate] = $link; $LINKSDB[$linkdate] = $link;
$LINKSDB->savedb(); // save to disk $LINKSDB->savedb(); // save to disk
@ -1771,7 +1790,9 @@ function buildLinkList($PAGE,$LINKSDB)
$classLi = $i%2!=0 ? '' : 'publicLinkHightLight'; $classLi = $i%2!=0 ? '' : 'publicLinkHightLight';
$link['class'] = ($link['private']==0 ? $classLi : 'private'); $link['class'] = ($link['private']==0 ? $classLi : 'private');
$link['localdate']=linkdate2locale($link['linkdate']); $link['localdate']=linkdate2locale($link['linkdate']);
$link['taglist']=explode(' ',$link['tags']); $taglist = explode(' ',$link['tags']);
uasort($taglist, 'strcasecmp');
$link['taglist']=$taglist;
$linkDisp[$keys[$i]] = $link; $linkDisp[$keys[$i]] = $link;
$i++; $i++;
} }
@ -1957,6 +1978,11 @@ function lazyThumbnail($url,$href=false)
$html='<a href="'.htmlspecialchars($t['href']).'">'; $html='<a href="'.htmlspecialchars($t['href']).'">';
// Lazy image (only loaded by javascript when in the viewport). // Lazy image (only loaded by javascript when in the viewport).
if (!empty($GLOBALS['disablejquery'])) // (except if jQuery is disabled)
$html.='<img class="lazyimage" src="'.htmlspecialchars($t['src']).'"';
else
$html.='<img class="lazyimage" src="#" data-original="'.htmlspecialchars($t['src']).'"';
$html.='<img class="lazyimage" src="#" data-original="'.htmlspecialchars($t['src']).'"'; $html.='<img class="lazyimage" src="#" data-original="'.htmlspecialchars($t['src']).'"';
if (!empty($t['width'])) $html.=' width="'.htmlspecialchars($t['width']).'"'; if (!empty($t['width'])) $html.=' width="'.htmlspecialchars($t['width']).'"';
if (!empty($t['height'])) $html.=' height="'.htmlspecialchars($t['height']).'"'; if (!empty($t['height'])) $html.=' height="'.htmlspecialchars($t['height']).'"';
@ -1964,7 +1990,7 @@ function lazyThumbnail($url,$href=false)
if (!empty($t['alt'])) $html.=' alt="'.htmlspecialchars($t['alt']).'"'; if (!empty($t['alt'])) $html.=' alt="'.htmlspecialchars($t['alt']).'"';
$html.='>'; $html.='>';
// No-javascript fallback: // No-javascript fallback.
$html.='<noscript><img src="'.htmlspecialchars($t['src']).'"'; $html.='<noscript><img src="'.htmlspecialchars($t['src']).'"';
if (!empty($t['width'])) $html.=' width="'.htmlspecialchars($t['width']).'"'; if (!empty($t['width'])) $html.=' width="'.htmlspecialchars($t['width']).'"';
if (!empty($t['height'])) $html.=' height="'.htmlspecialchars($t['height']).'"'; if (!empty($t['height'])) $html.=' height="'.htmlspecialchars($t['height']).'"';
@ -2071,8 +2097,8 @@ function templateTZform($ptz=false)
foreach($continents as $continent) foreach($continents as $continent)
$continents_html.='<option value="'.$continent.'"'.($pcontinent==$continent?'selected':'').'>'.$continent.'</option>'; $continents_html.='<option value="'.$continent.'"'.($pcontinent==$continent?'selected':'').'>'.$continent.'</option>';
$cities_html = $cities[$pcontinent]; $cities_html = $cities[$pcontinent];
$timezone_form = "Continent: <select name=\"continent\" id=\"continent\" onChange=\"onChangecontinent();\">${continents_html}</select><br /><br />"; $timezone_form = "Continent: <select name=\"continent\" id=\"continent\" onChange=\"onChangecontinent();\">${continents_html}</select>";
$timezone_form .= "City: <select name=\"city\" id=\"city\">${cities[$pcontinent]}</select><br /><br />"; $timezone_form .= "&nbsp;&nbsp;&nbsp;&nbsp;City: <select name=\"city\" id=\"city\">${cities[$pcontinent]}</select><br />";
$timezone_js = "<script language=\"JavaScript\">"; $timezone_js = "<script language=\"JavaScript\">";
$timezone_js .= "function onChangecontinent(){document.getElementById(\"city\").innerHTML = citiescontinent[document.getElementById(\"continent\").value];}"; $timezone_js .= "function onChangecontinent(){document.getElementById(\"city\").innerHTML = citiescontinent[document.getElementById(\"continent\").value];}";
$timezone_js .= "var citiescontinent = ".json_encode($cities).";" ; $timezone_js .= "var citiescontinent = ".json_encode($cities).";" ;
@ -2143,12 +2169,11 @@ function processWS()
function writeConfig() function writeConfig()
{ {
if (is_file($GLOBALS['config']['CONFIG_FILE']) && !isLoggedIn()) die('You are not authorized to alter config.'); // Only logged in user can alter config. if (is_file($GLOBALS['config']['CONFIG_FILE']) && !isLoggedIn()) die('You are not authorized to alter config.'); // Only logged in user can alter config.
if (empty($GLOBALS['redirector'])) $GLOBALS['redirector']='';
if (empty($GLOBALS['disablesessionprotection'])) $GLOBALS['disablesessionprotection']=false;
$config='<?php $GLOBALS[\'login\']='.var_export($GLOBALS['login'],true).'; $GLOBALS[\'hash\']='.var_export($GLOBALS['hash'],true).'; $GLOBALS[\'salt\']='.var_export($GLOBALS['salt'],true).'; '; $config='<?php $GLOBALS[\'login\']='.var_export($GLOBALS['login'],true).'; $GLOBALS[\'hash\']='.var_export($GLOBALS['hash'],true).'; $GLOBALS[\'salt\']='.var_export($GLOBALS['salt'],true).'; ';
$config .='$GLOBALS[\'timezone\']='.var_export($GLOBALS['timezone'],true).'; date_default_timezone_set('.var_export($GLOBALS['timezone'],true).'); $GLOBALS[\'title\']='.var_export($GLOBALS['title'],true).';'; $config .='$GLOBALS[\'timezone\']='.var_export($GLOBALS['timezone'],true).'; date_default_timezone_set('.var_export($GLOBALS['timezone'],true).'); $GLOBALS[\'title\']='.var_export($GLOBALS['title'],true).';';
$config .= '$GLOBALS[\'redirector\']='.var_export($GLOBALS['redirector'],true).'; '; $config .= '$GLOBALS[\'redirector\']='.var_export($GLOBALS['redirector'],true).'; ';
$config .= '$GLOBALS[\'disablesessionprotection\']='.var_export($GLOBALS['disablesessionprotection'],true).'; '; $config .= '$GLOBALS[\'disablesessionprotection\']='.var_export($GLOBALS['disablesessionprotection'],true).'; ';
$config .= '$GLOBALS[\'disablejquery\']='.var_export($GLOBALS['disablejquery'],true).'; ';
$config .= ' ?>'; $config .= ' ?>';
if (!file_put_contents($GLOBALS['config']['CONFIG_FILE'],$config) || strcmp(file_get_contents($GLOBALS['config']['CONFIG_FILE']),$config)!=0) if (!file_put_contents($GLOBALS['config']['CONFIG_FILE'],$config) || strcmp(file_get_contents($GLOBALS['config']['CONFIG_FILE']),$config)!=0)
{ {

View file

@ -8,10 +8,19 @@
<form method="POST" action="" name="configform" id="configform"> <form method="POST" action="" name="configform" id="configform">
<input type="hidden" name="token" value="{$token}"> <input type="hidden" name="token" value="{$token}">
<table border="0" cellpadding="20"> <table border="0" cellpadding="20">
<tr><td><b>Page title:</b></td><td><input type="text" name="title" id="title" size="50" value="{$title}"></td></tr> <tr><td><b>Page title:</b></td><td><input type="text" name="title" id="title" size="50" value="{$title}"></td></tr>
<tr><td valign="top"><b>Timezone:</b></td><td>{$timezone_form}</td></tr>
<tr><td valign="top"><b>Timezone:</b></td><td valign="top">{$timezone_form}</td></tr>
<tr><td valign="top"><b>Redirector</b></td><td><input type="text" name="redirector" id="redirector" size="50" value="{$redirector}"><br>(e.g. <i>http://anonym.to/?</i> will mask the HTTP_REFERER)</td></tr> <tr><td valign="top"><b>Redirector</b></td><td><input type="text" name="redirector" id="redirector" size="50" value="{$redirector}"><br>(e.g. <i>http://anonym.to/?</i> will mask the HTTP_REFERER)</td></tr>
<tr> <td valign="top">Security:</td> <td><input type="checkbox" name="disablesessionprotection" id="disablesessionprotection" {if="!empty($GLOBALS['disablesessionprotection'])"}checked{/if}><label for="disablesessionprotection">&nbsp;Disable session cookie hijacking protection (Check this if you get disconnected often or if your IP address changes often.)</label></td></tr>
<tr><td valign="top"><b>Security:</b></td><td><input type="checkbox" name="disablesessionprotection" id="disablesessionprotection" {if="!empty($GLOBALS['disablesessionprotection'])"}checked{/if}><label for="disablesessionprotection">&nbsp;Disable session cookie hijacking protection (Check this if you get disconnected often or if your IP address changes often.)</label></td></tr>
<tr><td valign="top"><b>Features:</b></td><td>
<input type="checkbox" name="disablejquery" id="disablejquery" {if="!empty($GLOBALS['disablejquery'])"}checked{/if}><label for="disablejquery">&nbsp;Disable jQuery and all heavy javascript (for example: Autocomplete in tags. Useful for slow computers.)</label>
</tr>
<tr><td></td><td align="right"><input type="submit" name="Save" value="Save config" class="bigbutton"></td></tr> <tr><td></td><td align="right"><input type="submit" name="Save" value="Save config" class="bigbutton"></td></tr>
</table> </table>
</form> </form>

View file

@ -8,5 +8,4 @@
<link type="text/css" rel="stylesheet" href="inc/shaarli.css?version={$version|urlencode}#" /> <link type="text/css" rel="stylesheet" href="inc/shaarli.css?version={$version|urlencode}#" />
<link type="text/css" rel="stylesheet" href="../inc/highlight.js/styles/default.css" /> <link type="text/css" rel="stylesheet" href="../inc/highlight.js/styles/default.css" />
{if condition="is_file('inc/user.css')"}<link type="text/css" rel="stylesheet" href="inc/user.css?version={$version}#" />{/if} {if condition="is_file('inc/user.css')"}<link type="text/css" rel="stylesheet" href="inc/user.css?version={$version}#" />{/if}
<script src="inc/jquery.min.js#"></script><script src="inc/jquery-ui.min.js#"></script> {if="empty($GLOBALS['disablejquery'])"}<script src="inc/jquery.min.js#"></script><script src="inc/jquery-ui.min.js#"><script src="../inc/highlight.js/highlight.pack.js"></script></script>{/if}
<script src="../inc/highlight.js/highlight.pack.js"></script>

View file

@ -60,7 +60,7 @@
{/if} {/if}
</div> </div>
<div class="linkcontainer"> <div class="linkcontainer">
<span class="linktitle"><a href="{$redirector}{$value.url}" name="{$value.linkdate|smallHash}" id="{$value.linkdate|smallHash}">{$value.title|htmlspecialchars}</a></span> <span class="linktitle"><a href="{$redirector}{$value.url|htmlspecialchars}" name="{$value.linkdate|smallHash}" id="{$value.linkdate|smallHash}">{$value.title|htmlspecialchars}</a></span>
{if="isLoggedIn()"} {if="isLoggedIn()"}
<form method="GET" class="buttoneditform"> <form method="GET" class="buttoneditform">
<input type="hidden" name="edit_link" value="{$value.linkdate}"> <input type="hidden" name="edit_link" value="{$value.linkdate}">

View file

@ -9,8 +9,8 @@ Other change as made by <a href="http://forge.leslibres.org/projects/myonsni">Kn
<script>function confirmDeleteLink() { var agree=confirm("Are you sure you want to delete this link ?"); if (agree) return true ; else return false ; }</script> <script>function confirmDeleteLink() { var agree=confirm("Are you sure you want to delete this link ?"); if (agree) return true ; else return false ; }</script>
{/if} {/if}
{if="$GLOBALS['config']['OPEN_SHAARLI'] || isLoggedIn()"} {if="($GLOBALS['config']['OPEN_SHAARLI'] || isLoggedIn()) && empty($GLOBALS['disablejquery'])"}
<script> <script language="JavaScript">
$(document).ready(function() $(document).ready(function()
{ {
$('#lf_tags').autocomplete({source:'{$source}?ws=tags',minLength:1}); $('#lf_tags').autocomplete({source:'{$source}?ws=tags',minLength:1});

View file

@ -2,7 +2,7 @@
<div id="logo" title="Share your links !" onclick="document.location='?';"></div> <div id="logo" title="Share your links !" onclick="document.location='?';"></div>
<div style="float:right; font-style:italic; color:#bbb; text-align:right; padding:0 5 0 0;" class="nomobile">Shaare your links...<br> <div style="float:right; font-style:italic; color:#bbb; text-align:right; padding:0 5 0 0;" class="nomobile">Shaare your links...<br>
{if="!empty($linkcount)"}{$linkcount} links{/if}</div> {if="!empty($linkcount)"}{$linkcount} links{/if}</div>
<span id="shaarli_title"><a href="?">{$shaarlititle}</a></span> <span id="shaarli_title"><a href="?">{$shaarlititle|htmlspecialchars}</a></span>
{if="!empty($_GET['source']) && $_GET['source']=='bookmarklet'"} {if="!empty($_GET['source']) && $_GET['source']=='bookmarklet'"}
{ignore} When called as a popup from bookmarklet, do not display menu. {/ignore} {ignore} When called as a popup from bookmarklet, do not display menu. {/ignore}

View file

@ -1,7 +1,9 @@
<!DOCTYPE html> <!DOCTYPE html>
<html> <html>
<head>{include="includes"} <head>{include="includes"}
{if="empty($GLOBALS['disablejquery'])"}
<script src="inc/jquery.lazyload.min.js#"></script> <script src="inc/jquery.lazyload.min.js#"></script>
{/if}
</head> </head>
<body> <body>
<div id="pageheader">{include="page.header"}</div> <div id="pageheader">{include="page.header"}</div>
@ -16,9 +18,11 @@
</center> </center>
{include="page.footer"} {include="page.footer"}
</body> </body>
{if="empty($GLOBALS['disablejquery'])"}
<script> <script>
$(document).ready(function() { $(document).ready(function() {
$("img.lazyimage").show().lazyload(); $("img.lazyimage").show().lazyload();
}); });
</script> </script>
{/if}
</html> </html>