move HTMLPurifier cache inside CACHE_DIR/htmlpurifier

[tt-rss.git] / functions.php
diff --git a/functions.php b/functions.php

index 67edc5789b785666824c6b9a6052a21b1f2abd5c..4abca26c069345f24164fdd390137aead2f06004 100644 (file)
--- a/functions.php
+++ b/functions.php
@@ -114,9 +114,14 @@
  
         $config = HTMLPurifier_Config::createDefault();
  
-       $allowed = "p,a[href],i,em,b,strong,code,pre,blockquote,br,img[src|alt|title],ul,ol,li,h1,h2,h3,h4,s";
+       $allowed = "p,a[href],i,em,b,strong,code,pre,blockquote,br,img[src|alt|title],ul,ol,li,h1,h2,h3,h4,s,object[classid|type|id|name|width|height|codebase],param[name|value]";
+
+       $config->set('HTML.SafeObject', true);
+       @$config->set('HTML', 'Allowed', $allowed);
+       $config->set('Output.FlashCompat', true);
+       $config->set('Attr.EnableID', true);
+       $config->set('Cache', 'SerializerPath', CACHE_DIR . "/htmlpurifier");
  
-       $config->set('HTML', 'Allowed', $allowed);
         $purifier = new HTMLPurifier($config);
  
         /**
@@ -178,11 +183,6 @@
                 if (!$purge_unread) $query_limit = " unread = false AND ";
  
                 if (DB_TYPE == "pgsql") {
-/*                     $result = db_query($link, "DELETE FROM ttrss_user_entries WHERE
-                               marked = false AND feed_id = '$feed_id' AND
-                               (SELECT date_updated FROM ttrss_entries WHERE
-                                       id = ref_id) < NOW() - INTERVAL '$purge_interval days'"); */
-
                         $pg_version = get_pgsql_version($link);
  
                         if (preg_match("/^7\./", $pg_version) || preg_match("/^8\.0/", $pg_version)) {
@@ -494,11 +494,13 @@
  
                 global $memcache;
  
+               $debug_enabled = defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug'];
+
                 if (!$_REQUEST["daemon"] && !$ignore_daemon) {
                         return false;
                 }
  
-               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
+               if ($debug_enabled) {
                         _debug("update_rss_feed: start");
                 }
  
@@ -525,7 +527,7 @@
                 }
  
                 if (db_num_rows($result) == 0) {
-                       if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
+                       if ($debug_enabled) {
                                 _debug("update_rss_feed: feed $feed NOT FOUND/SKIPPED");
                         }
                         return false;
@@ -558,7 +560,7 @@
                 else
                         $use_simplepie = false;
  
-               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
+               if ($debug_enabled) {
                         _debug("update method: $update_method (feed setting: $update_method) (use simplepie: $use_simplepie)\n");
                 }
  
@@ -585,7 +587,7 @@
  
                 }
  
-               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
+               if ($debug_enabled) {
                         _debug("update_rss_feed: fetching [$fetch_url]...");
                 }
  
@@ -593,7 +595,7 @@
  
                 if ($memcache && $obj = $memcache->get($obj_id)) {
  
-                       if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
+                       if ($debug_enabled) {
                                 _debug("update_rss_feed: data found in memcache.");
                         }
  
@@ -607,11 +609,15 @@
  
                                 define('MAGPIE_CACHE_AGE', get_feed_update_interval($link, $feed) * 60);
                                 define('MAGPIE_CACHE_ON', !$no_cache);
+                               define('MAGPIE_FETCH_TIME_OUT', 60);
+                               define('MAGPIE_CACHE_DIR', CACHE_DIR . "/magpie");
  
                                 $rss = @fetch_rss($fetch_url);
                         } else {
-                               if (!is_dir(SIMPLEPIE_CACHE_DIR)) {
-                                       mkdir(SIMPLEPIE_CACHE_DIR);
+                               $simplepie_cache_dir = CACHE_DIR . "/simplepie";
+
+                               if (!is_dir($simplepie_cache_dir)) {
+                                       mkdir($simplepie_cache_dir);
                                 }
  
                                 $rss = new SimplePie();
@@ -622,14 +628,14 @@
  
                                 if (SIMPLEPIE_CACHE_IMAGES && $cache_images) {
  
-                                       if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
+                                       if ($debug_enabled) {
                                                 _debug("enabling image cache");
                                         }
  
                                         $rss->set_image_handler("image.php", 'i');
                                 }
  
-                               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
+                               if ($debug_enabled) {
                                         _debug("feed update interval (sec): " .
                                                 get_feed_update_interval($link, $feed)*60);
                                 }
@@ -637,7 +643,7 @@
                                 $rss->enable_cache(!$no_cache);
  
                                 if (!$no_cache) {
-                                       $rss->set_cache_location(SIMPLEPIE_CACHE_DIR);
+                                       $rss->set_cache_location($simplepie_cache_dir);
                                         $rss->set_cache_duration(get_feed_update_interval($link, $feed) * 60);
                                 }
  
@@ -649,7 +655,7 @@
  
  //             print_r($rss);
  
-               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
+               if ($debug_enabled) {
                         _debug("update_rss_feed: fetch done, parsing...");
                 }
  
@@ -663,7 +669,7 @@
  
                 if ($fetch_ok) {
  
-                       if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
+                       if ($debug_enabled) {
                                 _debug("update_rss_feed: processing feed data...");
                         }
  
@@ -684,7 +690,7 @@
                                 $site_url = $rss->channel["link"];
                         }
  
-                       if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
+                       if ($debug_enabled) {
                                 _debug("update_rss_feed: checking favicon...");
                         }
  
@@ -698,7 +704,7 @@
                                         $feed_title = db_escape_string($rss->channel["title"]);
                                 }
  
-                               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
+                               if ($debug_enabled) {
                                         _debug("update_rss_feed: registering title: $feed_title");
                                 }
  
@@ -730,15 +736,15 @@
                                 db_query($link, "UPDATE ttrss_feeds SET icon_url = '$icon_url' WHERE id = '$feed'");
                         }
  
-                       if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
+                       if ($debug_enabled) {
                                 _debug("update_rss_feed: loading filters...");
                         }
  
                         $filters = load_filters($link, $feed, $owner_uid);
  
-                       if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug'] == 2) {
-                               print_r($filters);
-                       }
+//                     if ($debug_enabled) {
+//                             print_r($filters);
+//                     }
  
                         if ($use_simplepie) {
                                 $iterator = $rss->get_items();
@@ -756,7 +762,7 @@
                                 // clear any errors and mark feed as updated if fetched okay
                                 // even if it's blank
  
-                               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
+                               if ($debug_enabled) {
                                         _debug("update_rss_feed: entry iterator is not an array, no articles?");
                                 }
  
@@ -813,7 +819,7 @@
                                 }
                         }
  
-                       if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
+                       if ($debug_enabled) {
                                 _debug("update_rss_feed: processing articles...");
                         }
  
@@ -838,7 +844,7 @@
                                         if (!$entry_guid) $entry_guid = make_guid_from_title($item["title"]);
                                 }
  
-                               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
+                               if ($debug_enabled) {
                                         _debug("update_rss_feed: guid $entry_guid");
                                 }
  
@@ -869,7 +875,7 @@
  
                                 $entry_timestamp_fmt = strftime("%Y/%m/%d %H:%M:%S", $entry_timestamp);
  
-                               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
+                               if ($debug_enabled) {
                                         _debug("update_rss_feed: date $entry_timestamp [$entry_timestamp_fmt]");
                                 }
  
@@ -887,7 +893,7 @@
                                         if (!$entry_link) $entry_link = $item["link"];
                                 }
  
-                               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
+                               if ($debug_enabled) {
                                         _debug("update_rss_feed: title $entry_title");
                                 }
  
@@ -988,7 +994,7 @@
  
                                 if (!$num_comments) $num_comments = 0;
  
-                               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
+                               if ($debug_enabled) {
                                         _debug("update_rss_feed: looking for tags [1]...");
                                 }
  
@@ -1006,7 +1012,7 @@
                                                 }
                                         }
  
-                                       if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
+                                       if ($debug_enabled) {
                                                 _debug("update_rss_feed: category tags:");
                                                 print_r($additional_tags);
                                         }
@@ -1050,7 +1056,7 @@
                                         }
                                 }
  
-                               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
+                               if ($debug_enabled) {
                                         _debug("update_rss_feed: looking for tags [2]...");
                                 }
  
@@ -1070,7 +1076,7 @@
                                 for ($i = 0; $i < count($entry_tags); $i++)
                                         $entry_tags[$i] = mb_strtolower($entry_tags[$i], 'utf-8');
  
-                               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
+                               if ($debug_enabled) {
                                         _debug("update_rss_feed: unfiltered tags found:");
                                         print_r($entry_tags);
                                 }
@@ -1080,7 +1086,7 @@
                                 $entry_content = sanitize_article_content($entry_content);
                                 $entry_title = sanitize_article_content($entry_title);
  
-                               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
+                               if ($debug_enabled) {
                                         _debug("update_rss_feed: done collecting data [TITLE:$entry_title]");
                                 }
  
@@ -1088,7 +1094,7 @@
  
                                 if (db_num_rows($result) == 0) {
  
-                                       if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
+                                       if ($debug_enabled) {
                                                 _debug("update_rss_feed: base guid not found");
                                         }
  
@@ -1149,7 +1155,7 @@
  
                                 if (db_num_rows($result) == 1) {
  
-                                       if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
+                                       if ($debug_enabled) {
                                                 _debug("update_rss_feed: base guid found, checking for user record");
                                         }
  
@@ -1178,7 +1184,7 @@
                                                 $entry_content, $entry_link, $entry_timestamp, $entry_author,
                                                 $entry_tags);
  
-                                       if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
+                                       if ($debug_enabled) {
                                                 _debug("update_rss_feed: article filters: ");
                                                 if (count($article_filters) != 0) {
                                                         print_r($article_filters);
@@ -1192,7 +1198,7 @@
  
                                         $score = calculate_article_score($article_filters);
  
-                                       if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
+                                       if ($debug_enabled) {
                                                 _debug("update_rss_feed: initial score: $score");
                                         }
  
@@ -1207,7 +1213,7 @@
                                         // okay it doesn't exist - create user entry
                                         if (db_num_rows($result) == 0) {
  
-                                               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
+                                               if ($debug_enabled) {
                                                         _debug("update_rss_feed: user record not found, creating...");
                                                 }
  
@@ -1257,7 +1263,7 @@
                                                         $entry_int_id = db_fetch_result($result, 0, "int_id");
                                                 }
                                         } else {
-                                               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
+                                               if ($debug_enabled) {
                                                         _debug("update_rss_feed: user record FOUND");
                                                 }
  
@@ -1265,13 +1271,13 @@
                                                 $entry_int_id = db_fetch_result($result, 0, "int_id");
                                         }
  
-                                       if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
+                                       if ($debug_enabled) {
                                                 _debug("update_rss_feed: RID: $entry_ref_id, IID: $entry_int_id");
                                         }
  
                                         $post_needs_update = false;
  
-                                       if ($update_on_checksum_change && $content_hash != $orig_content_hash) {
+                                       if ($content_hash != $orig_content_hash) {
  //                                             print "<!-- [$entry_title] $content_hash vs $orig_content_hash -->";
                                                 $post_needs_update = true;
                                         }
@@ -1303,13 +1309,14 @@
                                                 db_query($link, "UPDATE ttrss_entries
                                                         SET title = '$entry_title', content = '$entry_content',
                                                                 content_hash = '$content_hash',
+                                                               updated = '$entry_timestamp_fmt',
                                                                 num_comments = '$num_comments'
                                                         WHERE id = '$ref_id'");
  
                                                 if ($mark_unread_on_update) {
                                                         db_query($link, "UPDATE ttrss_user_entries
                                                                 SET last_read = null, unread = true WHERE ref_id = '$ref_id'");
-                                               } else {
+                                               } else if ($update_on_checksum_change) {
                                                         db_query($link, "UPDATE ttrss_user_entries
                                                                 SET last_read = null WHERE ref_id = '$ref_id' AND unread = false");
                                                 }
@@ -1319,14 +1326,14 @@
  
                                 db_query($link, "COMMIT");
  
-                               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
+                               if ($debug_enabled) {
                                         _debug("update_rss_feed: assigning labels...");
                                 }
  
                                 assign_article_to_labels($link, $entry_ref_id, $article_filters,
                                         $owner_uid);
  
-                               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
+                               if ($debug_enabled) {
                                         _debug("update_rss_feed: looking for enclosures...");
                                 }
  
@@ -1395,7 +1402,7 @@
                                 }
  
  
-                               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
+                               if ($debug_enabled) {
                                         _debug("update_rss_feed: article enclosures:");
                                         print_r($enclosures);
                                 }
@@ -1452,7 +1459,7 @@
  
                                 $filtered_tags = array_unique($filtered_tags);
  
-                               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
+                               if ($debug_enabled) {
                                         _debug("update_rss_feed: filtered article tags:");
                                         print_r($filtered_tags);
                                 }
@@ -1497,19 +1504,23 @@
                                         db_query($link, "COMMIT");
                                 }
  
-                               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
+                               if ($debug_enabled) {
                                         _debug("update_rss_feed: article processed");
                                 }
                         }
  
                         if (!$last_updated) {
-                               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
+                               if ($debug_enabled) {
                                         _debug("update_rss_feed: new feed, catching it up...");
                                 }
                                 catchup_feed($link, $feed, false, $owner_uid);
                         }
  
-                       purge_feed($link, $feed, 0);
+                       if ($debug_enabled) {
+                               _debug("purging feed...");
+                       }
+
+                       purge_feed($link, $feed, 0, $debug_enabled);
  
                         db_query($link, "UPDATE ttrss_feeds
                                 SET last_updated = NOW(), last_error = '' WHERE id = '$feed'");
@@ -1524,7 +1535,7 @@
                                 $error_msg = mb_substr(magpie_error(), 0, 250);
                         }
  
-                       if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
+                       if ($debug_enabled) {
                                 _debug("update_rss_feed: error fetching feed: $error_msg");
                         }
  
@@ -1539,7 +1550,7 @@
                         unset($rss);
                 }
  
-               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
+               if ($debug_enabled) {
                         _debug("update_rss_feed: done");
                 }
  
@@ -1887,6 +1898,19 @@
                     FROM ttrss_users WHERE
                                         login = '$login'";
  
+                               if (defined('AUTO_CREATE_USER') && AUTO_CREATE_USER
+                                               && $_SERVER["REMOTE_USER"]) {
+                                       $result = db_query($link, $query);
+
+                                       // First login ?
+                                       if (db_num_rows($result) == 0) {
+                                               $query = "INSERT INTO ttrss_users
+                                                               (login,access_level,last_login,created)
+                                                               VALUES ('$login', 0, null, NOW())";
+                                               db_query($link, $query);
+                                       }
+                               }
+
                         } else {
                                 $query = "SELECT id,login,access_level,pwd_hash
                     FROM ttrss_users WHERE
@@ -1904,6 +1928,23 @@
                                 db_query($link, "UPDATE ttrss_users SET last_login = NOW() WHERE id = " .
                                         $_SESSION["uid"]);
  
+
+                               // LemonLDAP can send user informations via HTTP HEADER
+                               if (defined('AUTO_CREATE_USER') && AUTO_CREATE_USER){
+                                       // update user name
+                                       if ($_SERVER['HTTP_USER_NAME']){
+                                               $fullname = db_escape_string($_SERVER['HTTP_USER_NAME']);
+                                               db_query($link, "UPDATE ttrss_users SET full_name = '$fullname' WHERE id = " .
+                                                       $_SESSION["uid"]);
+                                       }
+                                       // update user mail
+                                       if ($_SERVER['HTTP_USER_MAIL']){
+                                               $email = db_escape_string($_SERVER['HTTP_USER_MAIL']);
+                                               db_query($link, "UPDATE ttrss_users SET email = '$email' WHERE id = " .
+                                                       $_SESSION["uid"]);
+                                       }
+                               }
+
                                 $_SESSION["ip_address"] = $_SERVER["REMOTE_ADDR"];
                                 $_SESSION["pwd_hash"] = db_fetch_result($result, 0, "pwd_hash");
  
@@ -3196,7 +3237,6 @@
  
                 $params["theme"] = get_user_theme($link);
                 $params["theme_options"] = get_user_theme_options($link);
-               $params["daemon_enabled"] = ENABLE_UPDATE_DAEMON;
  
                 $params["sign_progress"] = theme_image($link, "images/indicator_white.gif");
                 $params["sign_progress_tiny"] = theme_image($link, "images/indicator_tiny.gif");
@@ -3253,7 +3293,7 @@
                 $data['last_article_id'] = getLastArticleId($link);
                 $data['cdm_expanded'] = get_pref($link, 'CDM_EXPANDED');
  
-               if (ENABLE_UPDATE_DAEMON) {
+               if (file_exists(LOCK_DIRECTORY . "/update_daemon.lock")) {
  
                         $data['daemon_is_running'] = (int) file_is_locked("update_daemon.lock");
  
@@ -3665,7 +3705,7 @@
                 $tpl->setVariable('VERSION', VERSION);
                 $tpl->setVariable('FEED_URL', htmlspecialchars($feed_self_url));
  
-               if (PUBSUBHUBBUB_HUB) {
+               if (PUBSUBHUBBUB_HUB && $feed == -2) {
                         $tpl->setVariable('HUB_URL', htmlspecialchars(PUBSUBHUBBUB_HUB));
                         $tpl->addBlock('feed_hub');
                 }
@@ -3749,9 +3789,9 @@
  
                 $res = trim($str); if (!$res) return '';
  
-               if (get_pref($link, "STRIP_UNSAFE_TAGS", $owner) || $force_strip_tags) {
-                       $res = $purifier->purify($res);
-               }
+//             if (get_pref($link, "STRIP_UNSAFE_TAGS", $owner) || $force_strip_tags) {
+               $res = $purifier->purify($res);
+//             }
  
                 if (get_pref($link, "STRIP_IMAGES", $owner)) {
                         $res = preg_replace('/<img[^>]+>/is', '', $res);
@@ -5498,7 +5538,7 @@
  
                 $tag = mb_strtolower($tag, 'utf-8');
  
-               $tag = preg_replace('/[\"\+\>\<]/', "", $tag);
+               $tag = preg_replace('/[\'\"\+\>\<]/', "", $tag);
  
  //             $tag = str_replace('"', "", $tag);
  //             $tag = str_replace("+", " ", $tag);
@@ -6655,7 +6695,8 @@
         }
  
         function api_get_headlines($link, $feed_id, $limit, $offset,
-                                       $filter, $is_cat, $show_excerpt, $show_content, $view_mode, $order) {
+                               $filter, $is_cat, $show_excerpt, $show_content, $view_mode, $order,
+                               $include_attachments) {
  
                         /* do not rely on params below */
  
@@ -6689,6 +6730,10 @@
                                                 "tags" => get_article_tags($link, $line["id"]),
                                         );
  
+                                       if ($include_attachments)
+                                               $headline_row['attachments'] = get_article_enclosures($link,
+                                                       $line['id']);
+
                                 if ($show_excerpt) {
                                         $excerpt = truncate_string(strip_tags($line["content_preview"]), 100);
                                         $headline_row["excerpt"] = $excerpt;