X-Git-Url: https://git.wh0rd.org/?a=blobdiff_plain;f=functions.php;h=141d7bc8c71e266768e987c18bb20401d3d38e5d;hb=dbaa4e4aac5e68c6d4714941ae99d3e4028410e5;hp=01500f3cfa8932a3e68a251a4cce40bbdd87e58d;hpb=5f6804bc72e1ffb336772807566b2a966eeca074;p=tt-rss.git diff --git a/functions.php b/functions.php index 01500f3c..141d7bc8 100644 --- a/functions.php +++ b/functions.php @@ -99,7 +99,6 @@ //define('MAGPIE_USER_AGENT_EXT', ' (Tiny Tiny RSS/' . VERSION . ')'); define('MAGPIE_OUTPUT_ENCODING', 'UTF-8'); - define('MAGPIE_CACHE_AGE', 60*15); // 15 minutes define('SELF_USER_AGENT', 'Tiny Tiny RSS/' . VERSION . ' (http://tt-rss.org/)'); define('MAGPIE_USER_AGENT', SELF_USER_AGENT); @@ -110,12 +109,18 @@ require_once "lib/magpierss/rss_fetch.inc"; require_once 'lib/magpierss/rss_utils.inc'; require_once 'lib/htmlpurifier/library/HTMLPurifier.auto.php'; + require_once 'lib/pubsubhubbub/publisher.php'; + require_once 'lib/pubsubhubbub/subscriber.php'; $config = HTMLPurifier_Config::createDefault(); - $allowed = "p,a[href],i,em,b,strong,code,pre,blockquote,br,img[src|alt|title],ul,ol,li,h1,h2,h3,h4,s"; + $allowed = "p,a[href],i,em,b,strong,code,pre,blockquote,br,img[src|alt|title],ul,ol,li,h1,h2,h3,h4,s,object[classid|type|id|name|width|height|codebase],param[name|value]"; + $config->set('HTML.SafeObject', true); $config->set('HTML', 'Allowed', $allowed); + $config->set('Output.FlashCompat', true); + $config->set('Attr.EnableID', true); + $purifier = new HTMLPurifier($config); /** @@ -427,8 +432,14 @@ $doc = new DOMDocument(); $doc->loadHTML($html); $xpath = new DOMXPath($doc); - $entries = $xpath->query('/html/head/link[@rel="shortcut icon"]'); + $base = $xpath->query('/html/head/base'); + foreach ($base as $b) { + $url = $b->getAttribute("href"); + break; + } + + $entries = $xpath->query('/html/head/link[@rel="shortcut icon" or @rel="icon"]'); if (count($entries) > 0) { foreach ($entries as $entry) { $favicon_url = rewrite_relative_url($url, $entry->getAttribute("href")); @@ -452,7 +463,6 @@ if ($favicon_url && !file_exists($icon_file)) { $contents = fetch_file_contents($favicon_url, "image"); - if ($contents) { $fp = fopen($icon_file, "w"); @@ -465,7 +475,7 @@ } } - function update_rss_feed($link, $feed, $ignore_daemon = false) { + function update_rss_feed($link, $feed, $ignore_daemon = false, $no_cache = false) { global $memcache; @@ -477,14 +487,14 @@ WHERE f2.feed_url = f1.feed_url AND f2.id = '$feed'"); while ($line = db_fetch_assoc($result)) { - update_rss_feed_real($link, $line["id"], $ignore_daemon); + update_rss_feed_real($link, $line["id"], $ignore_daemon, $no_cache); } } else { - update_rss_feed_real($link, $feed, $ignore_daemon); + update_rss_feed_real($link, $feed, $ignore_daemon, $no_cache); } } - function update_rss_feed_real($link, $feed, $ignore_daemon = false) { + function update_rss_feed_real($link, $feed, $ignore_daemon = false, $no_cache = false) { global $memcache; @@ -512,7 +522,8 @@ $result = db_query($link, "SELECT id,update_interval,auth_login, feed_url,auth_pass,cache_images,update_method,last_updated, - owner_uid + mark_unread_on_update, owner_uid, update_on_checksum_change, + pubsub_state FROM ttrss_feeds WHERE id = '$feed'"); } @@ -527,6 +538,11 @@ $update_method = db_fetch_result($result, 0, "update_method"); $last_updated = db_fetch_result($result, 0, "last_updated"); $owner_uid = db_fetch_result($result, 0, "owner_uid"); + $mark_unread_on_update = sql_bool_to_bool(db_fetch_result($result, + 0, "mark_unread_on_update")); + $update_on_checksum_change = sql_bool_to_bool(db_fetch_result($result, + 0, "update_on_checksum_change")); + $pubsub_state = db_fetch_result($result, 0, "pubsub_state"); db_query($link, "UPDATE ttrss_feeds SET last_update_started = NOW() WHERE id = '$feed'"); @@ -591,7 +607,11 @@ if ($update_method == 3) { $rss = fetch_twitter_rss($link, $fetch_url, $owner_uid); - } else if ($update_method == 1) { + } else if ($update_method == 1) { + + define('MAGPIE_CACHE_AGE', get_feed_update_interval($link, $feed) * 60); + define('MAGPIE_CACHE_ON', !$no_cache); + $rss = @fetch_rss($fetch_url); } else { if (!is_dir(SIMPLEPIE_CACHE_DIR)) { @@ -618,7 +638,9 @@ get_feed_update_interval($link, $feed)*60); } - if (is_dir(SIMPLEPIE_CACHE_DIR)) { + $rss->enable_cache(!$no_cache); + + if (!$no_cache) { $rss->set_cache_location(SIMPLEPIE_CACHE_DIR); $rss->set_cache_duration(get_feed_update_interval($link, $feed) * 60); } @@ -718,7 +740,7 @@ $filters = load_filters($link, $feed, $owner_uid); - if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) { + if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug'] == 2) { print_r($filters); } @@ -748,6 +770,53 @@ return; // no articles } + if ($pubsub_state != 2) { + + $feed_hub_url = false; + if ($use_simplepie) { + $links = $rss->get_links('hub'); + + if ($links && is_array($links)) { + foreach ($links as $l) { + $feed_hub_url = $l; + break; + } + } + + } else { + $atom = $rss->channel['atom']; + + if ($atom) { + if ($atom['link@rel'] == 'hub') { + $feed_hub_url = $atom['link@href']; + } + + if (!$feed_hub_url && $atom['link#'] > 1) { + for ($i = 2; $i <= $atom['link#']; $i++) { + if ($atom["link#$i@rel"] == 'hub') { + $feed_hub_url = $atom["link#$i@href"]; + break; + } + } + } + } else { + $feed_hub_url = $rss->channel['link_hub']; + } + } + + if ($feed_hub_url && function_exists('curl_init')) { + $callback_url = get_self_url_prefix() . + "/backend.php?op=pubsub&id=$feed"; + + $s = new Subscriber($feed_hub_url, $callback_url); + + $s->subscribe($fetch_url); + + db_query($link, "UPDATE ttrss_feeds SET pubsub_state = 1 + WHERE id = '$feed'"); + } + } + if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) { _debug("update_rss_feed: processing articles..."); } @@ -1173,6 +1242,16 @@ VALUES ('$ref_id', '$owner_uid', '$feed', $unread, $last_read_qpart, $marked, $published, '$score', '', '')"); + if (PUBSUBHUBBUB_HUB && $published == 'true') { + $rss_link = get_self_url_prefix() . + "/backend.php?op=rss&id=-2&key=" . + get_feed_access_key($link, -2, false, $owner_uid); + + $p = new Publisher(PUBSUBHUBBUB_HUB); + + $pubsub_result = $p->publish_update($rss_link); + } + $result = db_query($link, "SELECT int_id FROM ttrss_user_entries WHERE ref_id = '$ref_id' AND owner_uid = '$owner_uid' AND @@ -1196,8 +1275,7 @@ $post_needs_update = false; - if (get_pref($link, "UPDATE_POST_ON_CHECKSUM_CHANGE", $owner_uid, false) && - ($content_hash != $orig_content_hash)) { + if ($content_hash != $orig_content_hash) { // print ""; $post_needs_update = true; } @@ -1229,13 +1307,14 @@ db_query($link, "UPDATE ttrss_entries SET title = '$entry_title', content = '$entry_content', content_hash = '$content_hash', + updated = '$entry_timestamp_fmt', num_comments = '$num_comments' WHERE id = '$ref_id'"); - if (get_pref($link, "MARK_UNREAD_ON_UPDATE", $owner_uid, false)) { + if ($mark_unread_on_update) { db_query($link, "UPDATE ttrss_user_entries SET last_read = null, unread = true WHERE ref_id = '$ref_id'"); - } else { + } else if ($update_on_checksum_change) { db_query($link, "UPDATE ttrss_user_entries SET last_read = null WHERE ref_id = '$ref_id' AND unread = false"); } @@ -1752,6 +1831,49 @@ return true; } + function get_ssl_certificate_id() { + if ($_SERVER["REDIRECT_SSL_CLIENT_M_SERIAL"]) { + return sha1($_SERVER["REDIRECT_SSL_CLIENT_M_SERIAL"] . + $_SERVER["REDIRECT_SSL_CLIENT_V_START"] . + $_SERVER["REDIRECT_SSL_CLIENT_V_END"] . + $_SERVER["REDIRECT_SSL_CLIENT_S_DN"]); + } + return ""; + } + + function get_login_by_ssl_certificate($link) { + + $cert_serial = db_escape_string(get_ssl_certificate_id()); + + if ($cert_serial) { + $result = db_query($link, "SELECT login FROM ttrss_user_prefs, ttrss_users + WHERE pref_name = 'SSL_CERT_SERIAL' AND value = '$cert_serial' AND + owner_uid = ttrss_users.id"); + + if (db_num_rows($result) != 0) { + return db_escape_string(db_fetch_result($result, 0, "login")); + } + } + + return ""; + } + + function get_remote_user($link) { + + if (defined('ALLOW_REMOTE_USER_AUTH') && ALLOW_REMOTE_USER_AUTH) { + return db_escape_string($_SERVER["REMOTE_USER"]); + } + + return db_escape_string(get_login_by_ssl_certificate($link)); + } + + function get_remote_fakepass($link) { + if (get_remote_user($link)) + return "******"; + else + return ""; + } + function authenticate_user($link, $login, $password, $force_auth = false) { if (!SINGLE_USER_MODE) { @@ -1760,15 +1882,29 @@ $pwd_hash2 = encrypt_password($password, $login); $login = db_escape_string($login); - if (defined('ALLOW_REMOTE_USER_AUTH') && ALLOW_REMOTE_USER_AUTH - && $_SERVER["REMOTE_USER"] && $login != "admin") { + $remote_user = get_remote_user($link); + + if ($remote_user && $remote_user == $login && $login != "admin") { - $login = db_escape_string($_SERVER["REMOTE_USER"]); + $login = $remote_user; $query = "SELECT id,login,access_level,pwd_hash FROM ttrss_users WHERE login = '$login'"; + if (defined('AUTO_CREATE_USER') && AUTO_CREATE_USER + && $_SERVER["REMOTE_USER"]) { + $result = db_query($link, $query); + + // First login ? + if (db_num_rows($result) == 0) { + $query = "INSERT INTO ttrss_users + (login,access_level,last_login,created) + VALUES ('$login', 0, null, NOW())"; + db_query($link, $query); + } + } + } else { $query = "SELECT id,login,access_level,pwd_hash FROM ttrss_users WHERE @@ -1786,6 +1922,23 @@ db_query($link, "UPDATE ttrss_users SET last_login = NOW() WHERE id = " . $_SESSION["uid"]); + + // LemonLDAP can send user informations via HTTP HEADER + if (defined('AUTO_CREATE_USER') && AUTO_CREATE_USER){ + // update user name + if ($_SERVER['HTTP_USER_NAME']){ + $fullname = db_escape_string($_SERVER['HTTP_USER_NAME']); + db_query($link, "UPDATE ttrss_users SET full_name = '$fullname' WHERE id = " . + $_SESSION["uid"]); + } + // update user mail + if ($_SERVER['HTTP_USER_MAIL']){ + $email = db_escape_string($_SERVER['HTTP_USER_MAIL']); + db_query($link, "UPDATE ttrss_users SET email = '$email' WHERE id = " . + $_SESSION["uid"]); + } + } + $_SESSION["ip_address"] = $_SERVER["REMOTE_ADDR"]; $_SESSION["pwd_hash"] = db_fetch_result($result, 0, "pwd_hash"); @@ -1953,9 +2106,9 @@ } if (!$_SESSION["uid"] || !validate_session($link)) { - if (defined('ALLOW_REMOTE_USER_AUTH') && ALLOW_REMOTE_USER_AUTH - && $_SERVER["REMOTE_USER"] && defined('AUTO_LOGIN') && AUTO_LOGIN) { - authenticate_user($link,$_SERVER['REMOTE_USER'],null); + + if (get_remote_user($link) && AUTO_LOGIN) { + authenticate_user($link, get_remote_user($link), null); $_SESSION["ref_schema_version"] = get_schema_version($link, true); } else { render_login_form($link, $mobile); @@ -2133,7 +2286,7 @@ $dt = new DateTime($timestamp, new DateTimeZone('UTC')); $user_timestamp = $dt->format('U') + $user_tz->getOffset($dt); - if (!$no_smart_dt && get_pref($link, 'HEADLINES_SMART_DATE', $owner_uid)) { + if (!$no_smart_dt) { return smart_date_time($link, $user_timestamp, $user_tz->getOffset($dt), $owner_uid); } else { @@ -3078,7 +3231,6 @@ $params["theme"] = get_user_theme($link); $params["theme_options"] = get_user_theme_options($link); - $params["daemon_enabled"] = ENABLE_UPDATE_DAEMON; $params["sign_progress"] = theme_image($link, "images/indicator_white.gif"); $params["sign_progress_tiny"] = theme_image($link, "images/indicator_tiny.gif"); @@ -3135,7 +3287,7 @@ $data['last_article_id'] = getLastArticleId($link); $data['cdm_expanded'] = get_pref($link, 'CDM_EXPANDED'); - if (ENABLE_UPDATE_DAEMON) { + if (file_exists(LOCK_DIRECTORY . "/update_daemon.lock")) { $data['daemon_is_running'] = (int) file_is_locked("update_daemon.lock"); @@ -3510,6 +3662,8 @@ function generate_syndicated_feed($link, $owner_uid, $feed, $is_cat, $limit, $search, $search_mode, $match_on, $view_mode = false) { + require_once "lib/MiniTemplator.class.php"; + $note_style = "float : right; background-color : #fff7d5; border-width : 1px; ". "padding : 5px; border-style : dashed; border-color : #e7d796;". "margin-bottom : 1em; color : #9a8c59;"; @@ -3531,48 +3685,52 @@ $feed_site_url = $qfh_ret[2]; $last_error = $qfh_ret[3]; -// if (!$feed_site_url) $feed_site_url = "http://localhost/"; + $feed_self_url = get_self_url_prefix() . + "/backend.php?op=rss&id=-2&key=" . + get_feed_access_key($link, -2, false); - print " - - - - $feed_title - $feed_site_url - Feed generated by Tiny Tiny RSS"; + if (!$feed_site_url) $feed_site_url = get_self_url_prefix(); - while ($line = db_fetch_assoc($result)) { - print ""; - print "" . htmlspecialchars($line["guid"]) . ""; - print "" . htmlspecialchars($line["link"]) . ""; + $tpl = new MiniTemplator; - $tags = get_article_tags($link, $line["id"], $owner_uid); + $tpl->readTemplateFromFile("templates/generated_feed.txt"); - foreach ($tags as $tag) { - print "" . htmlspecialchars($tag) . ""; - } + $tpl->setVariable('FEED_TITLE', $feed_title); + $tpl->setVariable('VERSION', VERSION); + $tpl->setVariable('FEED_URL', htmlspecialchars($feed_self_url)); - $rfc822_date = date('r', strtotime($line["updated"])); + if (PUBSUBHUBBUB_HUB && $feed == -2) { + $tpl->setVariable('HUB_URL', htmlspecialchars(PUBSUBHUBBUB_HUB)); + $tpl->addBlock('feed_hub'); + } - print "$rfc822_date"; + $tpl->setVariable('SELF_URL', htmlspecialchars(get_self_url_prefix())); - if ($line["author"]) { - print "" . htmlspecialchars($line["author"]) . ""; + while ($line = db_fetch_assoc($result)) { + $tpl->setVariable('ARTICLE_ID', htmlspecialchars($line['link'])); + $tpl->setVariable('ARTICLE_LINK', htmlspecialchars($line['link'])); + $tpl->setVariable('ARTICLE_TITLE', htmlspecialchars($line['title'])); + $tpl->setVariable('ARTICLE_EXCERPT', + truncate_string(strip_tags($line["content_preview"]), 100, '...')); + + $content = sanitize_rss($link, $line["content_preview"], false, $owner_uid); + + if ($line['note']) { + $content = "
" . $line['note'] . "
" . + $content; } - print "<![CDATA[" . - htmlspecialchars($line["title"]) . "]]>"; + $tpl->setVariable('ARTICLE_CONTENT', $content); - print "setVariable('ARTICLE_UPDATED', date('c', strtotime($line["updated"]))); + $tpl->setVariable('ARTICLE_AUTHOR', htmlspecialchars($line['author'])); - if ($line["note"]) { - print "
"; - print $line["note"]; - print "
"; - } + $tags = get_article_tags($link, $line["id"], $owner_uid); - print sanitize_rss($link, $line["content_preview"], false, $owner_uid); - print "]]>"; + foreach ($tags as $tag) { + $tpl->setVariable('ARTICLE_CATEGORY', htmlspecialchars($tag)); + $tpl->addBlock('category'); + } $enclosures = get_article_enclosures($link, $line["id"]); @@ -3580,14 +3738,23 @@ $type = htmlspecialchars($e['content_type']); $url = htmlspecialchars($e['content_url']); $length = $e['duration']; - print ""; + + $tpl->setVariable('ARTICLE_ENCLOSURE_URL', $url); + $tpl->setVariable('ARTICLE_ENCLOSURE_TYPE', $type); + $tpl->setVariable('ARTICLE_ENCLOSURE_LENGTH', $length); + + $tpl->addBlock('enclosure'); } - print ""; - } + $tpl->addBlock('entry'); + } + + $tmp = ""; - print ""; + $tpl->addBlock('feed'); + $tpl->generateOutputToString($tmp); + print $tmp; } function getCategoryTitle($link, $cat_id) { @@ -3616,9 +3783,9 @@ $res = trim($str); if (!$res) return ''; - if (get_pref($link, "STRIP_UNSAFE_TAGS", $owner) || $force_strip_tags) { - $res = $purifier->purify($res); - } +// if (get_pref($link, "STRIP_UNSAFE_TAGS", $owner) || $force_strip_tags) { + $res = $purifier->purify($res); +// } if (get_pref($link, "STRIP_IMAGES", $owner)) { $res = preg_replace('/]+>/is', '', $res); @@ -3925,6 +4092,16 @@ published = NOT published,last_read = NOW() WHERE ($ids_qpart) AND owner_uid = " . $_SESSION["uid"]); } + + if (PUBSUBHUBBUB_HUB) { + $rss_link = get_self_url_prefix() . + "/backend.php?op=rss&id=-2&key=" . + get_feed_access_key($link, -2, false); + + $p = new Publisher(PUBSUBHUBBUB_HUB); + + $pubsub_result = $p->publish_update($rss_link); + } } function catchupArticlesById($link, $ids, $cmode, $owner_uid = false) { @@ -4048,8 +4225,10 @@ $reply .= ""; + if ($is_cat) $cat_q = "&is_cat=$is_cat"; + $rss_link = htmlspecialchars(get_self_url_prefix() . - "/backend.php?op=rss&id=$feed_id&is_cat=$is_cat&view_mode=$view_mode$search_q"); + "/backend.php?op=rss&id=$feed_id$cat_q$search_q"); $reply .= ""; @@ -4102,13 +4281,6 @@ $search_q = ""; } - // Adaptive doesn't really make any sense for generated feeds - // All Articles is the default, so no need to insert it either - if ($view_mode == "adaptive" || $view_mode == "all_articles") - $view_mode = ""; - else - $view_mode = "&view-mode=$view_mode"; - $reply .= " "; $reply['content'] .= "" . + onclick=\"\">" . $line["title"]; if (get_pref($link, 'SHOW_CONTENT_PREVIEW')) { @@ -5360,7 +5532,7 @@ $tag = mb_strtolower($tag, 'utf-8'); - $tag = preg_replace('/[\"\+\>\<]/', "", $tag); + $tag = preg_replace('/[\'\"\+\>\<]/', "", $tag); // $tag = str_replace('"', "", $tag); // $tag = str_replace("+", " ", $tag); @@ -5371,7 +5543,7 @@ function get_self_url_prefix() { - $url_path = ""; + /* $url_path = ""; if ($_SERVER['HTTPS'] != "on") { $url_path = "http://"; @@ -5381,7 +5553,9 @@ $url_path .= $_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF']); - return $url_path; + return $url_path; */ + + return SELF_URL_PATH; } function opml_publish_url($link){ @@ -5422,8 +5596,10 @@ * @return string The Mozilla Firefox feed adding URL. */ function add_feed_url() { - $url_path = ($_SERVER['HTTPS'] != "on" ? 'http://' : 'https://') . $_SERVER["HTTP_HOST"] . parse_url($_SERVER["REQUEST_URI"], PHP_URL_PATH); - $url_path .= "?op=pref-feeds&quiet=1&subop=add&feed_url=%s"; + //$url_path = ($_SERVER['HTTPS'] != "on" ? 'http://' : 'https://') . $_SERVER["HTTP_HOST"] . parse_url($_SERVER["REQUEST_URI"], PHP_URL_PATH); + + $url_path = get_self_url_prefix() . + "/backend.php?op=pref-feeds&quiet=1&subop=add&feed_url=%s"; return $url_path; } // function add_feed_url @@ -7012,6 +7188,8 @@ $content = $tmhOAuth->response['response']; + define('MAGPIE_CACHE_ON', false); + $rss = new MagpieRSS($content, MAGPIE_OUTPUT_ENCODING, MAGPIE_INPUT_ENCODING, MAGPIE_DETECT_ENCODING );