From b3af604cc18f1c2ec7571d62e2b4268848a05050 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pierre=20Mazi=C3=A8re?= Date: Tue, 23 Aug 2016 13:44:23 +0200 Subject: [PATCH 1/8] [core] remove useless static methods MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Pierre Mazière --- lib/Bridge.php | 6 +----- lib/Format.php | 6 +----- 2 files changed, 2 insertions(+), 10 deletions(-) diff --git a/lib/Bridge.php b/lib/Bridge.php index cca4b5a8..688c5029 100644 --- a/lib/Bridge.php +++ b/lib/Bridge.php @@ -262,7 +262,7 @@ class Bridge{ * @return Bridge object dedicated */ static public function create($nameBridge){ - if( !static::isValidNameBridge($nameBridge) ){ + if( !preg_match('@^[A-Z][a-zA-Z0-9-]*$@', $nameBridge)){ throw new \InvalidArgumentException('Name bridge must be at least one uppercase follow or not by alphanumeric or dash characters.'); } @@ -303,10 +303,6 @@ class Bridge{ return $dirBridge; } - static public function isValidNameBridge($nameBridge){ - return preg_match('@^[A-Z][a-zA-Z0-9-]*$@', $nameBridge); - } - /** * Lists the available bridges. * @return array List of the bridges diff --git a/lib/Format.php b/lib/Format.php index a2ede6d0..0391606f 100644 --- a/lib/Format.php +++ b/lib/Format.php @@ -118,7 +118,7 @@ class Format{ } static public function create($nameFormat){ - if( !static::isValidNameFormat($nameFormat) ){ + if( !preg_match('@^[A-Z][a-zA-Z]*$@', $nameFormat)){ throw new \InvalidArgumentException('Name format must be at least one uppercase follow or not by alphabetic characters.'); } @@ -155,10 +155,6 @@ class Format{ return $dirFormat; } - static public function isValidNameFormat($nameFormat){ - return preg_match('@^[A-Z][a-zA-Z]*$@', $nameFormat); - } - /** * Read format dir and catch informations about each format depending annotation * @return array Informations about each format From 13285f080ac800263937a9a4f4f25697bc5ecf60 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pierre=20Mazi=C3=A8re?= Date: Tue, 23 Aug 2016 14:22:02 +0200 Subject: [PATCH 2/8] [core] use filter_input() instead of direct access to $_REQUEST MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Pierre Mazière --- index.php | 30 +++++++++++++----------------- 1 file changed, 13 insertions(+), 17 deletions(-) diff --git a/index.php b/index.php index cfc98ea2..8e06925c 100644 --- a/index.php +++ b/index.php @@ -91,15 +91,13 @@ try{ Format::setDir(__DIR__ . '/formats/'); Cache::setDir(__DIR__ . '/caches/'); - if( isset($_REQUEST) && isset($_REQUEST['action']) ){ - switch($_REQUEST['action']){ - case 'display': - if( isset($_REQUEST['bridge']) ){ - unset($_REQUEST['action']); - $bridge = $_REQUEST['bridge']; - unset($_REQUEST['bridge']); - $format = $_REQUEST['format']; - unset($_REQUEST['format']); + $action=filter_input(INPUT_GET,'action'); + $bridge=filter_input(INPUT_GET,'bridge'); + if($action === 'display' && !empty($bridge)){ + unset($_REQUEST['action']); + unset($_REQUEST['bridge']); + $format = $_REQUEST['format']; + unset($_REQUEST['format']); // whitelist control if(!Bridge::isWhitelisted($whitelist_selection, $bridge)) { @@ -115,9 +113,9 @@ try{ } else { $bridge->setCache($cache); // just add disable cache to your query to disable caching } - if(defined('PROXY_URL') && PROXY_BYBRIDGE && - isset($_REQUEST['_noproxy']) - ){ + + $noproxy=filter_input(INPUT_GET,'_noproxy'); + if(defined('PROXY_URL') && PROXY_BYBRIDGE && !empty($noproxy)){ $bridge->useProxy=false; } $bridge->loadMetadatas(); @@ -138,10 +136,8 @@ try{ } die; - } - break; - } - } + + } } catch(HttpException $e){ header('HTTP/1.1 ' . $e->getCode() . ' ' . Http::getMessageForCode($e->getCode())); @@ -173,7 +169,7 @@ $formats = Format::searchInformation(); Date: Tue, 23 Aug 2016 14:29:53 +0200 Subject: [PATCH 3/8] [core] simplify dynamic formats discovery MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Pierre Mazière --- formats/AtomFormat.php | 2 -- formats/HtmlFormat.php | 6 ------ formats/JsonFormat.php | 2 -- formats/MrssFormat.php | 2 -- formats/PlaintextFormat.php | 2 -- lib/Format.php | 26 +++++--------------------- 6 files changed, 5 insertions(+), 35 deletions(-) diff --git a/formats/AtomFormat.php b/formats/AtomFormat.php index 7ec7d504..56c36963 100644 --- a/formats/AtomFormat.php +++ b/formats/AtomFormat.php @@ -2,8 +2,6 @@ /** * Atom * Documentation Source http://en.wikipedia.org/wiki/Atom_%28standard%29 and http://tools.ietf.org/html/rfc4287 -* -* @name Atom */ class AtomFormat extends FormatAbstract{ diff --git a/formats/HtmlFormat.php b/formats/HtmlFormat.php index 211a1371..c0f88557 100644 --- a/formats/HtmlFormat.php +++ b/formats/HtmlFormat.php @@ -1,10 +1,4 @@ items and return it to browser. -* -* @name Json */ class JsonFormat extends FormatAbstract{ diff --git a/formats/MrssFormat.php b/formats/MrssFormat.php index 7d939f36..d7cb682e 100644 --- a/formats/MrssFormat.php +++ b/formats/MrssFormat.php @@ -2,8 +2,6 @@ /** * Mrss * Documentation Source http://www.rssboard.org/media-rss -* -* @name Media RSS */ class MrssFormat extends FormatAbstract{ diff --git a/formats/PlaintextFormat.php b/formats/PlaintextFormat.php index 32b4e020..7916bc61 100644 --- a/formats/PlaintextFormat.php +++ b/formats/PlaintextFormat.php @@ -2,8 +2,6 @@ /** * Plaintext * Returns $this->items as raw php data. -* -* @name Plaintext */ class PlaintextFormat extends FormatAbstract{ diff --git a/lib/Format.php b/lib/Format.php index 0391606f..f3b053b2 100644 --- a/lib/Format.php +++ b/lib/Format.php @@ -168,29 +168,13 @@ class Format{ $dirFiles = scandir($pathDirFormat); if( $dirFiles !== false ){ - foreach( $dirFiles as $fileName ){ - if( preg_match('@([^.]+)\.php@U', $fileName, $out) ){ // Is PHP file ? - $infos = array(); // Information about the bridge - $resParse = token_get_all(file_get_contents($pathDirFormat . $fileName)); // Parse PHP file - foreach($resParse as $v){ - if( is_array($v) && $v[0] == T_DOC_COMMENT ){ // Lexer node is COMMENT ? - $commentary = $v[1]; - foreach( $searchCommonPattern as $name){ // Catch information with common pattern - preg_match('#@' . preg_quote($name, '#') . '\s+(.+)#', $commentary, $outComment); - if( isset($outComment[1]) ){ - $infos[$name] = $outComment[1]; - } - } - } - } - - if( isset($infos['name']) ){ // If informations containt at least a name - $listFormat[$out[1]] = $infos; - } - } + foreach( $dirFiles as $fileName ){ + if( preg_match('@^([^.]+)\.php$@U', $fileName, $out) ){ // Is PHP file ? + $listFormat[] = $out[1]; } + } } return $listFormat; } -} \ No newline at end of file +} From 581bff166ca50c52ded7bf2b1a21ed109a20edb9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pierre=20Mazi=C3=A8re?= Date: Tue, 23 Aug 2016 14:34:07 +0200 Subject: [PATCH 4/8] [core] makes 'bridge' and 'format' parameters value less verbose MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit remove the requirement for 'Format' and 'Bridge' suffixes: https://example.com/?action=display&bridge=Twitter&format=Atom&u=user Signed-off-by: Pierre Mazière --- lib/Bridge.php | 21 ++++++++++++--------- lib/Format.php | 3 ++- lib/HTMLUtils.php | 6 ++---- 3 files changed, 16 insertions(+), 14 deletions(-) diff --git a/lib/Bridge.php b/lib/Bridge.php index 688c5029..05fe77e3 100644 --- a/lib/Bridge.php +++ b/lib/Bridge.php @@ -266,6 +266,7 @@ class Bridge{ throw new \InvalidArgumentException('Name bridge must be at least one uppercase follow or not by alphanumeric or dash characters.'); } + $nameBridge=$nameBridge.'Bridge'; $pathBridge = self::getDir() . $nameBridge . '.php'; if( !file_exists($pathBridge) ){ @@ -313,19 +314,21 @@ class Bridge{ $listBridge = array(); $dirFiles = scandir($pathDirBridge); - if( $dirFiles !== false ){ - - foreach( $dirFiles as $fileName ) { - if( preg_match('@([^.]+)\.php$@U', $fileName, $out) ){ - $listBridge[] = $out[1]; - } - } - } + if( $dirFiles !== false ){ + foreach( $dirFiles as $fileName ) { + if( preg_match('@^([^.]+)Bridge\.php$@U', $fileName, $out) ){ + $listBridge[] = $out[1]; + } + } + } return $listBridge; } static function isWhitelisted( $whitelist, $name ) { - if(in_array("$name", $whitelist) or in_array("$name.php", $whitelist) or count($whitelist) === 1 and trim($whitelist[0]) === '*') + if(in_array($name, $whitelist) or in_array($name.'.php', $whitelist) or + // DEPRECATED: the nameBridge notation will be removed in future releases + in_array($name.'Bridge', $whitelist) or in_array($name.'Bridge.php', $whitelist) or + count($whitelist) === 1 and trim($whitelist[0]) === '*') return TRUE; else return FALSE; diff --git a/lib/Format.php b/lib/Format.php index f3b053b2..486ae849 100644 --- a/lib/Format.php +++ b/lib/Format.php @@ -122,6 +122,7 @@ class Format{ throw new \InvalidArgumentException('Name format must be at least one uppercase follow or not by alphabetic characters.'); } + $nameFormat=$nameFormat.'Format'; $pathFormat = self::getDir() . $nameFormat . '.php'; if( !file_exists($pathFormat) ){ @@ -169,7 +170,7 @@ class Format{ $dirFiles = scandir($pathDirFormat); if( $dirFiles !== false ){ foreach( $dirFiles as $fileName ){ - if( preg_match('@^([^.]+)\.php$@U', $fileName, $out) ){ // Is PHP file ? + if( preg_match('@^([^.]+)Format\.php$@U', $fileName, $out) ){ // Is PHP file ? $listFormat[] = $out[1]; } } diff --git a/lib/HTMLUtils.php b/lib/HTMLUtils.php index 330ce6fa..9384753d 100644 --- a/lib/HTMLUtils.php +++ b/lib/HTMLUtils.php @@ -139,10 +139,8 @@ CARD; private static function getHelperButtonsFormat($formats){ $buttons = ''; - - foreach( $formats as $name => $infos ){ - if ( isset($infos['name']) ) - $buttons .= '' . PHP_EOL; + foreach( $formats as $name){ + $buttons .= '' . PHP_EOL; } return $buttons; From 0a86d572c237acdede3949b01842ee96227ecea6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pierre=20Mazi=C3=A8re?= Date: Tue, 23 Aug 2016 14:41:41 +0200 Subject: [PATCH 5/8] [core] simplify cache related code and remove misleading comment MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Pierre Mazière --- index.php | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/index.php b/index.php index 8e06925c..99342025 100644 --- a/index.php +++ b/index.php @@ -109,9 +109,8 @@ try{ // Data retrieval $bridge = Bridge::create($bridge); - if(defined("DEBUG")) { - } else { - $bridge->setCache($cache); // just add disable cache to your query to disable caching + if(!defined("DEBUG")) { + $bridge->setCache($cache); } $noproxy=filter_input(INPUT_GET,'_noproxy'); From 7e0ac1a6b63c01c7c5faab6b12c22ea9f63f29c5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pierre=20Mazi=C3=A8re?= Date: Tue, 23 Aug 2016 14:42:53 +0200 Subject: [PATCH 6/8] [core] better use of filter_input MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Pierre Mazière --- index.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/index.php b/index.php index 99342025..7ce9d768 100644 --- a/index.php +++ b/index.php @@ -113,8 +113,8 @@ try{ $bridge->setCache($cache); } - $noproxy=filter_input(INPUT_GET,'_noproxy'); - if(defined('PROXY_URL') && PROXY_BYBRIDGE && !empty($noproxy)){ + $noproxy=filter_input(INPUT_GET,'_noproxy',FILTER_VALIDATE_BOOLEAN); + if(defined('PROXY_URL') && PROXY_BYBRIDGE && $noproxy){ $bridge->useProxy=false; } $bridge->loadMetadatas(); From 3c089c1b117068e8b1da0fff8b4b917d73c4e7cf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pierre=20Mazi=C3=A8re?= Date: Tue, 23 Aug 2016 16:10:26 +0200 Subject: [PATCH 7/8] [core] keep compatibility with nameBridge and nameFormat naming scheme MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Pierre Mazière --- index.php | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/index.php b/index.php index 7ce9d768..157c6410 100644 --- a/index.php +++ b/index.php @@ -96,8 +96,20 @@ try{ if($action === 'display' && !empty($bridge)){ unset($_REQUEST['action']); unset($_REQUEST['bridge']); + // DEPRECATED: 'nameBridge' scheme is replaced by 'name' in bridge parameter values + // this is to keep compatibility until futher complete removal + if(($pos=strpos($bridge,'Bridge'))===(strlen($bridge)-strlen('Bridge'))){ + $bridge=substr($bridge,0,$pos); + } + $format = $_REQUEST['format']; unset($_REQUEST['format']); + // DEPRECATED: 'nameFormat' scheme is replaced by 'name' in format parameter values + // this is to keep compatibility until futher complete removal + if(($pos=strpos($format,'Format'))===(strlen($format)-strlen('Format'))){ + $format=substr($format,0,$pos); + } + // whitelist control if(!Bridge::isWhitelisted($whitelist_selection, $bridge)) { From b31b6667f60ffa9baf69959bdfdb1e2136e67dc8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pierre=20Mazi=C3=A8re?= Date: Tue, 23 Aug 2016 17:22:51 +0200 Subject: [PATCH 8/8] [core] fix missing filter_input MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Pierre Mazière --- index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/index.php b/index.php index 157c6410..25f5b549 100644 --- a/index.php +++ b/index.php @@ -102,7 +102,7 @@ try{ $bridge=substr($bridge,0,$pos); } - $format = $_REQUEST['format']; + $format = filter_input(INPUT_GET,'format'); unset($_REQUEST['format']); // DEPRECATED: 'nameFormat' scheme is replaced by 'name' in format parameter values // this is to keep compatibility until futher complete removal