|
|
|
|
@ -96,6 +96,8 @@ require $GLOBALS['config']['CONFIG_FILE']; // Read login/password hash into $GL
|
|
|
|
|
if (empty($GLOBALS['title'])) $GLOBALS['title']='Shared links on '.htmlspecialchars(indexUrl());
|
|
|
|
|
if (empty($GLOBALS['timezone'])) $GLOBALS['timezone']=date_default_timezone_get();
|
|
|
|
|
if (empty($GLOBALS['disablesessionprotection'])) $GLOBALS['disablesessionprotection']=false;
|
|
|
|
|
if (empty($GLOBALS['disablejquery'])) $GLOBALS['disablejquery']=false;
|
|
|
|
|
// I really need to rewrite Shaarli with a proper configuation manager.
|
|
|
|
|
|
|
|
|
|
autoLocale(); // Sniff browser language and set date format accordingly.
|
|
|
|
|
header('Content-Type: text/html; charset=utf-8'); // We use UTF-8 for proper international characters handling.
|
|
|
|
|
@ -320,7 +322,7 @@ function isLoggedIn()
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Force logout.
|
|
|
|
|
function logout() { if (isset($_SESSION)) { unset($_SESSION['uid']); unset($_SESSION['ip']); unset($_SESSION['username']);} }
|
|
|
|
|
function logout() { if (isset($_SESSION)) { unset($_SESSION['uid']); unset($_SESSION['ip']); unset($_SESSION['username']); unset($_SESSION['privateonly']); } }
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// ------------------------------------------------------------------------------------------
|
|
|
|
|
@ -408,7 +410,9 @@ if (isset($_POST['login']))
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
ban_loginFailed();
|
|
|
|
|
echo '<script language="JavaScript">alert("Wrong login/password.");document.location=\'?do=login\';</script>'; // Redirect to login screen.
|
|
|
|
|
$redir = '';
|
|
|
|
|
if (isset($_GET['post'])) { $redir = '&post='.urlencode($_GET['post']).(!empty($_GET['title'])?'&title='.urlencode($_GET['title']):'').(!empty($_GET['source'])?'&source='.urlencode($_GET['source']):''); }
|
|
|
|
|
echo '<script language="JavaScript">alert("Wrong login/password.");document.location=\'?do=login'.$redir.'\';</script>'; // Redirect to login screen.
|
|
|
|
|
exit;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
@ -930,7 +934,7 @@ function showRSS()
|
|
|
|
|
echo '<description><![CDATA['.nl2br(keepMultipleSpaces(text2clickable(htmlspecialchars($link['description'])))).$descriptionlink.']]></description>'."\n</item>\n";
|
|
|
|
|
$i++;
|
|
|
|
|
}
|
|
|
|
|
echo '</channel></rss>';
|
|
|
|
|
echo '</channel></rss><!-- Cached version of '.pageUrl().' -->';
|
|
|
|
|
|
|
|
|
|
$cache->cache(ob_get_contents());
|
|
|
|
|
ob_end_flush();
|
|
|
|
|
@ -1010,7 +1014,7 @@ function showATOM()
|
|
|
|
|
$feed.='<author><name>'.htmlspecialchars($pageaddr).'</name><uri>'.htmlspecialchars($pageaddr).'</uri></author>';
|
|
|
|
|
$feed.='<id>'.htmlspecialchars($pageaddr).'</id>'."\n\n"; // Yes, I know I should use a real IRI (RFC3987), but the site URL will do.
|
|
|
|
|
$feed.=$entries;
|
|
|
|
|
$feed.='</feed>';
|
|
|
|
|
$feed.='</feed><!-- Cached version of '.pageUrl().' -->';
|
|
|
|
|
echo $feed;
|
|
|
|
|
|
|
|
|
|
$cache->cache(ob_get_contents());
|
|
|
|
|
@ -1087,7 +1091,7 @@ function showDailyRSS()
|
|
|
|
|
echo '<description><![CDATA['.$html.']]></description>'."\n</item>\n\n";
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
echo '</channel></rss>';
|
|
|
|
|
echo '</channel></rss><!-- Cached version of '.pageUrl().' -->';
|
|
|
|
|
|
|
|
|
|
$cache->cache(ob_get_contents());
|
|
|
|
|
ob_end_flush();
|
|
|
|
|
@ -1118,7 +1122,9 @@ function showDaily()
|
|
|
|
|
// We pre-format some fields for proper output.
|
|
|
|
|
foreach($linksToDisplay as $key=>$link)
|
|
|
|
|
{
|
|
|
|
|
$linksToDisplay[$key]['taglist']=explode(' ',$link['tags']);
|
|
|
|
|
$taglist = explode(' ',$link['tags']);
|
|
|
|
|
uasort($taglist, 'strcasecmp');
|
|
|
|
|
$linksToDisplay[$key]['taglist']=$taglist;
|
|
|
|
|
$linksToDisplay[$key]['formatedDescription']=nl2br(keepMultipleSpaces(text2clickable(htmlspecialchars($link['description']))));
|
|
|
|
|
$linksToDisplay[$key]['thumbnail'] = thumbnail($link['url']);
|
|
|
|
|
}
|
|
|
|
|
@ -1268,7 +1274,11 @@ function renderPage()
|
|
|
|
|
if (isset($_GET['linksperpage']))
|
|
|
|
|
{
|
|
|
|
|
if (is_numeric($_GET['linksperpage'])) { $_SESSION['LINKS_PER_PAGE']=abs(intval($_GET['linksperpage'])); }
|
|
|
|
|
header('Location: '.(empty($_SERVER['HTTP_REFERER'])?'?':$_SERVER['HTTP_REFERER']));
|
|
|
|
|
// Make sure the referer is from Shaarli itself.
|
|
|
|
|
$referer = '?';
|
|
|
|
|
if (!empty($_SERVER['HTTP_REFERER']) && strcmp(parse_url($_SERVER['HTTP_REFERER'],PHP_URL_HOST),$_SERVER['SERVER_NAME'])==0)
|
|
|
|
|
$referer = $_SERVER['HTTP_REFERER'];
|
|
|
|
|
header('Location: '.$referer);
|
|
|
|
|
exit;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@ -1283,7 +1293,11 @@ function renderPage()
|
|
|
|
|
{
|
|
|
|
|
unset($_SESSION['privateonly']); // See all links
|
|
|
|
|
}
|
|
|
|
|
header('Location: '.(empty($_SERVER['HTTP_REFERER'])?'?':$_SERVER['HTTP_REFERER']));
|
|
|
|
|
// Make sure the referer is from Shaarli itself.
|
|
|
|
|
$referer = '?';
|
|
|
|
|
if (!empty($_SERVER['HTTP_REFERER']) && strcmp(parse_url($_SERVER['HTTP_REFERER'],PHP_URL_HOST),$_SERVER['SERVER_NAME'])==0)
|
|
|
|
|
$referer = $_SERVER['HTTP_REFERER'];
|
|
|
|
|
header('Location: '.$referer);
|
|
|
|
|
exit;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@ -1357,6 +1371,7 @@ function renderPage()
|
|
|
|
|
$GLOBALS['title']=$_POST['title'];
|
|
|
|
|
$GLOBALS['redirector']=$_POST['redirector'];
|
|
|
|
|
$GLOBALS['disablesessionprotection']=!empty($_POST['disablesessionprotection']);
|
|
|
|
|
$GLOBALS['disablejquery']=!empty($_POST['disablejquery']);
|
|
|
|
|
writeConfig();
|
|
|
|
|
echo '<script language="JavaScript">alert("Configuration was saved.");document.location=\'?do=tools\';</script>';
|
|
|
|
|
exit;
|
|
|
|
|
@ -1439,7 +1454,11 @@ function renderPage()
|
|
|
|
|
if (!tokenOk($_POST['token'])) die('Wrong token.'); // Go away !
|
|
|
|
|
$tags = trim(preg_replace('/\s\s+/',' ', $_POST['lf_tags'])); // Remove multiple spaces.
|
|
|
|
|
$linkdate=$_POST['lf_linkdate'];
|
|
|
|
|
$link = array('title'=>trim($_POST['lf_title']),'url'=>trim($_POST['lf_url']),'description'=>trim($_POST['lf_description']),'snippet'=>trim($_POST['lf_snippet']),'private'=>(isset($_POST['lf_private']) ? 1 : 0),'linkdate'=>$linkdate,'tags'=>str_replace(',',' ',$tags), 'via'=>trim($_POST['lf_via']));
|
|
|
|
|
$url = trim($_POST['lf_url']);
|
|
|
|
|
if (!startsWith($url,'http:') && !startsWith($url,'https:') && !startsWith($url,'ftp:') && !startsWith($url,'magnet:') && !startsWith($url,'?'))
|
|
|
|
|
$url = 'http://'.$url;
|
|
|
|
|
$link = array('title'=>trim($_POST['lf_title']),'url'=>$url,'description'=>trim($_POST['lf_description']),'private'=>(isset($_POST['lf_private']) ? 1 : 0),
|
|
|
|
|
'linkdate'=>$linkdate,'tags'=>str_replace(',',' ',$tags),'snippet'=>trim($_POST['lf_snippet']), 'via'=>trim($_POST['lf_via']));
|
|
|
|
|
if ($link['title']=='') $link['title']=$link['url']; // If title is empty, use the URL as title.
|
|
|
|
|
$LINKSDB[$linkdate] = $link;
|
|
|
|
|
$LINKSDB->savedb(); // save to disk
|
|
|
|
|
@ -1771,7 +1790,9 @@ function buildLinkList($PAGE,$LINKSDB)
|
|
|
|
|
$classLi = $i%2!=0 ? '' : 'publicLinkHightLight';
|
|
|
|
|
$link['class'] = ($link['private']==0 ? $classLi : 'private');
|
|
|
|
|
$link['localdate']=linkdate2locale($link['linkdate']);
|
|
|
|
|
$link['taglist']=explode(' ',$link['tags']);
|
|
|
|
|
$taglist = explode(' ',$link['tags']);
|
|
|
|
|
uasort($taglist, 'strcasecmp');
|
|
|
|
|
$link['taglist']=$taglist;
|
|
|
|
|
$linkDisp[$keys[$i]] = $link;
|
|
|
|
|
$i++;
|
|
|
|
|
}
|
|
|
|
|
@ -1957,6 +1978,11 @@ function lazyThumbnail($url,$href=false)
|
|
|
|
|
$html='<a href="'.htmlspecialchars($t['href']).'">';
|
|
|
|
|
|
|
|
|
|
// Lazy image (only loaded by javascript when in the viewport).
|
|
|
|
|
if (!empty($GLOBALS['disablejquery'])) // (except if jQuery is disabled)
|
|
|
|
|
$html.='<img class="lazyimage" src="'.htmlspecialchars($t['src']).'"';
|
|
|
|
|
else
|
|
|
|
|
$html.='<img class="lazyimage" src="#" data-original="'.htmlspecialchars($t['src']).'"';
|
|
|
|
|
|
|
|
|
|
$html.='<img class="lazyimage" src="#" data-original="'.htmlspecialchars($t['src']).'"';
|
|
|
|
|
if (!empty($t['width'])) $html.=' width="'.htmlspecialchars($t['width']).'"';
|
|
|
|
|
if (!empty($t['height'])) $html.=' height="'.htmlspecialchars($t['height']).'"';
|
|
|
|
|
@ -1964,7 +1990,7 @@ function lazyThumbnail($url,$href=false)
|
|
|
|
|
if (!empty($t['alt'])) $html.=' alt="'.htmlspecialchars($t['alt']).'"';
|
|
|
|
|
$html.='>';
|
|
|
|
|
|
|
|
|
|
// No-javascript fallback:
|
|
|
|
|
// No-javascript fallback.
|
|
|
|
|
$html.='<noscript><img src="'.htmlspecialchars($t['src']).'"';
|
|
|
|
|
if (!empty($t['width'])) $html.=' width="'.htmlspecialchars($t['width']).'"';
|
|
|
|
|
if (!empty($t['height'])) $html.=' height="'.htmlspecialchars($t['height']).'"';
|
|
|
|
|
@ -2071,8 +2097,8 @@ function templateTZform($ptz=false)
|
|
|
|
|
foreach($continents as $continent)
|
|
|
|
|
$continents_html.='<option value="'.$continent.'"'.($pcontinent==$continent?'selected':'').'>'.$continent.'</option>';
|
|
|
|
|
$cities_html = $cities[$pcontinent];
|
|
|
|
|
$timezone_form = "Continent: <select name=\"continent\" id=\"continent\" onChange=\"onChangecontinent();\">${continents_html}</select><br /><br />";
|
|
|
|
|
$timezone_form .= "City: <select name=\"city\" id=\"city\">${cities[$pcontinent]}</select><br /><br />";
|
|
|
|
|
$timezone_form = "Continent: <select name=\"continent\" id=\"continent\" onChange=\"onChangecontinent();\">${continents_html}</select>";
|
|
|
|
|
$timezone_form .= " City: <select name=\"city\" id=\"city\">${cities[$pcontinent]}</select><br />";
|
|
|
|
|
$timezone_js = "<script language=\"JavaScript\">";
|
|
|
|
|
$timezone_js .= "function onChangecontinent(){document.getElementById(\"city\").innerHTML = citiescontinent[document.getElementById(\"continent\").value];}";
|
|
|
|
|
$timezone_js .= "var citiescontinent = ".json_encode($cities).";" ;
|
|
|
|
|
@ -2143,12 +2169,11 @@ function processWS()
|
|
|
|
|
function writeConfig()
|
|
|
|
|
{
|
|
|
|
|
if (is_file($GLOBALS['config']['CONFIG_FILE']) && !isLoggedIn()) die('You are not authorized to alter config.'); // Only logged in user can alter config.
|
|
|
|
|
if (empty($GLOBALS['redirector'])) $GLOBALS['redirector']='';
|
|
|
|
|
if (empty($GLOBALS['disablesessionprotection'])) $GLOBALS['disablesessionprotection']=false;
|
|
|
|
|
$config='<?php $GLOBALS[\'login\']='.var_export($GLOBALS['login'],true).'; $GLOBALS[\'hash\']='.var_export($GLOBALS['hash'],true).'; $GLOBALS[\'salt\']='.var_export($GLOBALS['salt'],true).'; ';
|
|
|
|
|
$config .='$GLOBALS[\'timezone\']='.var_export($GLOBALS['timezone'],true).'; date_default_timezone_set('.var_export($GLOBALS['timezone'],true).'); $GLOBALS[\'title\']='.var_export($GLOBALS['title'],true).';';
|
|
|
|
|
$config .= '$GLOBALS[\'redirector\']='.var_export($GLOBALS['redirector'],true).'; ';
|
|
|
|
|
$config .= '$GLOBALS[\'disablesessionprotection\']='.var_export($GLOBALS['disablesessionprotection'],true).'; ';
|
|
|
|
|
$config .= '$GLOBALS[\'disablejquery\']='.var_export($GLOBALS['disablejquery'],true).'; ';
|
|
|
|
|
$config .= ' ?>';
|
|
|
|
|
if (!file_put_contents($GLOBALS['config']['CONFIG_FILE'],$config) || strcmp(file_get_contents($GLOBALS['config']['CONFIG_FILE']),$config)!=0)
|
|
|
|
|
{
|
|
|
|
|
|
