yohan/SemanticScuttle
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

mostly done with the private key updates

Browse Source
This commit is contained in:
Mark Pemberton 2011-01-31 01:41:57 -05:00
parent 000cfd76cc
commit ce9124bfd5
14 changed files with 134 additions and 101 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
data/templates/editprofile.tpl.php
View File

@ -30,6 +30,10 @@ $this->includeTemplate($GLOBALS['top_include']);
<td><input type="text" name="pMail" size="75" value="<?php echo filter($objectUser->getEmail(), 'xml'); ?>" /></td>
<td>&larr; <?php echo T_('Required'); ?></td>
</tr>
<tr>
<th align="left"><?php echo T_('Private Key (for RSS)'); ?></th>
<td><input type="text" id="pPrivateKey" name="pPrivateKey" size="40" value="<?php echo filter($objectUser->getPrivateKey(), 'xml'); ?>" readonly /><input type="button" value="Generate New Key" onClick="getNewPrivateKey(this,null)" /></td>
</tr>
</table>
<h3><?php echo T_('Personal Details'); ?></h3>

7
scripts/create-testbookmarks.php
View File

@ -5,10 +5,11 @@
require_once dirname(__FILE__) . '/../src/SemanticScuttle/header-standalone.php';
$us = SemanticScuttle_Service_Factory::get('User');
$uid = $us->addUser('dummy', 'dummy', 'dummy@example.org');
//$uid = $us->addUser('dummy', 'dummy', 'dummy@example.org');
$uid = $us->getUserByUserName('mpemberton5');
$bs = SemanticScuttle_Service_Factory::get('Bookmark');
for ($nA = 0; $nA < 10; $nA++) {
for ($nA = 0; $nA < 10000; $nA++) {
$rand = rand();
$bid = $bs->addBookmark(
'http://example.org/' . $rand,
@ -21,4 +22,4 @@ for ($nA = 0; $nA < 10; $nA++) {
$uid
);
}
?>
?>

10
src/SemanticScuttle/Model/User.php
View File

@ -42,13 +42,11 @@ class SemanticScuttle_Model_User
*
* @param integer $id User ID
* @param string $username Username
* @param string $privateKey PrivateKey
*/
public function __construct($id, $username, $privateKey)
public function __construct($id, $username)
{
$this->id = $id;
$this->username = $username;
$this->privateKey = $privateKey;
}
/**
@ -78,6 +76,12 @@ class SemanticScuttle_Model_User
*/
public function getPrivateKey()
{
// Look for value only if not already set
if (!isset($this->privateKey)) {
$us = SemanticScuttle_Service_Factory::get('User');
$user = $us->getUser($this->id);
$this->privateKey = $user['privateKey'];
}
return $this->privateKey;
}

55
src/SemanticScuttle/Service/Bookmark.php
View File

@ -670,26 +670,28 @@ class SemanticScuttle_Service_Bookmark extends SemanticScuttle_DbService
* each bookmark array contains two additional keys:
* 'hasVoted' and 'vote'.
*
* @param integer $start Page number
* @param integer $perpage Number of bookmarks per page
* @param integer $user User ID
* @param mixed $tags Array of tags or tags separated
* by "+" signs
* @param string $terms Search terms separated by spaces
* @param string $sortOrder One of the following values:
* "date_asc", "date_desc",
* "title_desc", "title_asc",
* "url_desc", "url_asc",
* "voting_asc", "voting_desc"
* @param boolean $watched True if only watched bookmarks
* shall be returned (FIXME)
* @param integer $startdate Filter for creation date.
* SQL-DateTime value
* "YYYY-MM-DD hh:ii:ss'
* @param integer $enddate Filter for creation date.
* SQL-DateTime value
* "YYYY-MM-DD hh:ii:ss'
* @param string $hash Filter by URL hash
* @param integer $start Page number
* @param integer $perpage Number of bookmarks per page
* @param integer $user User ID
* @param mixed $tags Array of tags or tags separated
* by "+" signs
* @param string $terms Search terms separated by spaces
* @param string $sortOrder One of the following values:
* "date_asc", "date_desc",
* "title_desc", "title_asc",
* "url_desc", "url_asc",
* "voting_asc", "voting_desc"
* @param boolean $watched True if only watched bookmarks
* shall be returned (FIXME)
* @param integer $startdate Filter for creation date.
* SQL-DateTime value
* "YYYY-MM-DD hh:ii:ss'
* @param integer $enddate Filter for creation date.
* SQL-DateTime value
* "YYYY-MM-DD hh:ii:ss'
* @param string $hash Filter by URL hash
* @param string $privatekey URL provided private key to
* return only private bookmarks
*
* @return array Array with two keys: 'bookmarks' and 'total'.
* First contains an array of bookmarks, 'total'
@ -698,7 +700,8 @@ class SemanticScuttle_Service_Bookmark extends SemanticScuttle_DbService
public function getBookmarks(
$start = 0, $perpage = null, $user = null, $tags = null,
$terms = null, $sortOrder = null, $watched = null,
$startdate = null, $enddate = null, $hash = null
$startdate = null, $enddate = null, $hash = null,
$privatekey = null
) {
$userservice = SemanticScuttle_Service_Factory::get('User');
$b2tservice = SemanticScuttle_Service_Factory::get('Bookmark2Tag');
@ -715,8 +718,14 @@ class SemanticScuttle_Service_Bookmark extends SemanticScuttle_DbService
}
$privacy .= ')';
} else {
// Just public bookmarks
$privacy = ' AND B.bStatus = 0';
$userinfo = $userservice->getObjectUser($user);
if ($privatekey == $userinfo->getPrivateKey() && !is_null($privatekey)) {
// Just private bookmarks
$privacy = ' AND B.bStatus = 2';
} else {
// Just public bookmarks
$privacy = ' AND B.bStatus = 0';
}
}
// Set up the tags, if need be.

2
src/SemanticScuttle/Service/Bookmark2Tag.php
View File

@ -99,7 +99,7 @@ class SemanticScuttle_Service_Bookmark2Tag extends SemanticScuttle_DbService
$tags_count = is_array($tags)?count($tags):0;
for ($i = 0; $i < $tags_count; $i++) {
$tags[$i] = trim(strtolower($tags[$i]));
$tags[$i] = trim(utf8_strtolower($tags[$i]));
if ($fromApi) {
include_once 'SemanticScuttle/functions.php';
$tags[$i] = convertTag($tags[$i], 'in');

4
src/SemanticScuttle/Service/Tag.php
View File

@ -141,10 +141,10 @@ class SemanticScuttle_Service_Tag extends SemanticScuttle_DbService
//normalize
if(!is_array($tags)) {
$tags = strtolower(trim($tags));
$tags = utf8_strtolower(trim($tags));
} else {
for($i=0; $i<count($tags); $i++) {
$tags[$i] = strtolower(trim($tags[$i]));
$tags[$i] = utf8_strtolower(trim($tags[$i]));
}
}
return $tags;

83
src/SemanticScuttle/Service/User.php
View File

@ -42,8 +42,7 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
protected $fields = array(
'primary' => 'uId',
'username' => 'username',
'password' => 'password',
'privatekey'=> 'privateKey'
'password' => 'password'
);
protected $profileurl;
@ -457,45 +456,6 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
}
}
/**
* Try to authenticate and login a user with
* private key.
*
* @param string $privatekey Private Key
*
* @return boolean True if the user could be authenticated,
* false if not.
*/
public function loginPK($privatekey)
{
$query = 'SELECT '. $this->getFieldName('primary') .' FROM '. $this->getTableName() .' WHERE '. $this->getFieldName('privatekey') .' = "'. $this->db->sql_escape($privatekey) .'"';
if (!($dbresult = $this->db->sql_query($query))) {
message_die(
GENERAL_ERROR,
'Could not get user',
'', __LINE__, __FILE__, $query, $this->db
);
return false;
}
$row = $this->db->sql_fetchrow($dbresult);
$this->db->sql_freeresult($dbresult);
if ($row) {
$id = $_SESSION[$this->getSessionKey()]
= $row[$this->getFieldName('primary')];
$cookie = $id .':'. md5($username.$password);
setcookie(
$this->cookiekey, $cookie,
time() + $this->cookietime, '/'
);
return true;
} else {
return false;
}
}
function logout() {
@setcookie($this->getCookiekey(), '', time() - 1, '/');
unset($_COOKIE[$this->getCookiekey()]);
@ -644,16 +604,16 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
return $uId;
}
function updateUser($uId, $password, $name, $email, $homepage, $uContent) {
function updateUser($uId, $password, $name, $privateKey, $email, $homepage, $uContent) {
if (!is_numeric($uId))
return false;
// Set up the SQL UPDATE statement.
$moddatetime = gmdate('Y-m-d H:i:s', time());
if ($password == '')
$updates = array ('uModified' => $moddatetime, 'name' => $name, 'email' => $email, 'homepage' => $homepage, 'uContent' => $uContent);
$updates = array ('uModified' => $moddatetime, 'name' => $name, 'email' => $email, 'homepage' => $homepage, 'uContent' => $uContent, 'privateKey' => $privateKey);
else
$updates = array ('uModified' => $moddatetime, 'password' => $this->sanitisePassword($password), 'name' => $name, 'email' => $email, 'homepage' => $homepage, 'uContent' => $uContent);
$updates = array ('uModified' => $moddatetime, 'password' => $this->sanitisePassword($password), 'name' => $name, 'email' => $email, 'homepage' => $homepage, 'uContent' => $uContent, 'privateKey' => $privateKey);
$sql = 'UPDATE '. $this->getTableName() .' SET '. $this->db->sql_build_array('UPDATE', $updates) .' WHERE '. $this->getFieldName('primary') .'='. intval($uId);
// Execute the statement.
@ -761,6 +721,41 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
}
}
/**
* Checks if a private key already exists
*
* @param string $privateKey key that has been generated
*
* @return boolean True when the private key exists,
* False if not.
*/
public function PrivateKeyExists($privateKey)
{
if (!$privateKey) {
return false;
}
$crit = array('privateKey' => $privateKey);
$sql = 'SELECT COUNT(*) as "0" FROM '
. $GLOBALS['tableprefix'] . 'users'
. ' WHERE '. $this->db->sql_build_array('SELECT', $crit);
if (!($dbresult = $this->db->sql_query($sql))) {
message_die(
GENERAL_ERROR, 'Could not get vars', '',
__LINE__, __FILE__, $sql, $this->db
);
}
if ($this->db->sql_fetchfield(0, 0) > 0) {
$output = true;
} else {
$output = false;
}
$this->db->sql_freeresult($dbresult);
return $output;
}
function isReserved($username) {
if (in_array($username, $GLOBALS['reservedusers'])) {
return true;

4
src/SemanticScuttle/db/mysqli.php
View File

@ -550,7 +550,7 @@ class sql_db
}
$sql_report .= '</p>';
echo $sql_report;
$this->sql_time += $endtime - $curtime;
break;
}
@ -559,4 +559,4 @@ class sql_db
} // if ... define
?>
?>

26
www/.htaccess
View File

@ -3,15 +3,27 @@
# (see $cleanurls in config.inc.php)
#####################################
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{SCRIPT_FILENAME} !-d
RewriteCond %{SCRIPT_FILENAME} !-f
RewriteRule ^bookmarks/(\d+)*$ ./bookmarks.php?id=$1
RewriteRule ^users/(\d+)*$ ./profile.php?id=$1
RewriteRule ^alltags/(\d+)*$ ./alltags.php?id=$1
RewriteRule ^search/(.*)$ ./search.php?query=$1
# Rewrite clean URLs onto real files
<IfModule mod_rewrite.c>
Options +FollowSymlinks
RewriteEngine On
RewriteCond %{REQUEST_FILENAME}.php -f
RewriteRule ^([^/.]+)/?(.*)$ /$1.php/$2 [QSA,L]
RewriteRule ^api/([a-z]+)/([a-z]+) /api/$1_$2.php
</IfModule>
#<IfModule mod_rewrite.c>
#Options +FollowSymlinks
#RewriteEngine On
#RewriteCond %{REQUEST_FILENAME}.php -f
#RewriteRule ^([^/.]+)/?(.*)$ /$1.php/$2 [QSA,L]
#RewriteRule ^api/([a-z]+)/([a-z]+) /api/$1_$2.php
#</IfModule>
#####################################

12
www/api/httpauth.inc.php
View File

@ -35,18 +35,6 @@ function authenticate()
}
if (!$userservice->isLoggedOn()) {
/* First check to see if a private key was sent */
if (isset($_POST['privatekey'])) {
$login = $userservice->loginPK($_POST['privatekey']);
if ($login) {
$currentUser = $userservice->getCurrentObjectUser();
return;
} else {
/* is someone hacking? */
/* TODO: Track attempts */
}
}
/* Maybe we have caught authentication data in $_SERVER['REMOTE_USER']
( Inspired by http://www.yetanothercommunitysystem.com/article-321-regle-comment-utiliser-l-authentification-http-en-php-chez-ovh ) */
if ((!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW']))

10
www/jsScuttle.php
View File

@ -89,6 +89,16 @@ function useAddress(ele) {
}
}
function getNewPrivateKey(input, response){
var pk = document.getElementById('pPrivateKey');
if (response != null) {
pk.value = response.trim();
} else {
loadXMLDocProc('<?php echo ROOT; ?>ajaxGetNewPrivateKey.php');
}
return false;
}
function getTitle(input, response){
var title = document.getElementById('titleField');
if (title.value == '') {

6
www/profile.php
View File

@ -29,6 +29,7 @@ isset($_POST['submitted']) ? define('POST_SUBMITTED', $_POST['submitted']): defi
isset($_POST['pPass']) ? define('POST_PASS', $_POST['pPass']): define('POST_PASS', '');
isset($_POST['pPassConf']) ? define('POST_PASSCONF', $_POST['pPassConf']): define('POST_PASSCONF', '');
isset($_POST['pName']) ? define('POST_NAME', $_POST['pName']): define('POST_NAME', '');
isset($_POST['pPrivateKey']) ? define('POST_PRIVATEKEY', $_POST['pPrivateKey']): define('POST_PRIVATEKEY', '');
isset($_POST['pMail']) ? define('POST_MAIL', $_POST['pMail']): define('POST_MAIL', '');
isset($_POST['pPage']) ? define('POST_PAGE', $_POST['pPage']): define('POST_PAGE', '');
isset($_POST['pDesc']) ? define('POST_DESC', $_POST['pDesc']): define('POST_DESC', '');
@ -76,6 +77,7 @@ if (POST_SUBMITTED!='' && $currentUser->getId() == $userid) {
$detPass = trim(POST_PASS);
$detPassConf = trim(POST_PASSCONF);
$detName = trim(POST_NAME);
$detPrivateKey = trim(POST_PRIVATEKEY);
$detMail = trim(POST_MAIL);
$detPage = trim(POST_PAGE);
$detDesc = filter(POST_DESC);
@ -100,7 +102,7 @@ if (POST_SUBMITTED!='' && $currentUser->getId() == $userid) {
$tplVars['error'] = T_('E-mail address is not valid.');
}
if (!$error) {
if (!$userservice->updateUser($userid, $detPass, $detName, $detMail, $detPage, $detDesc)) {
if (!$userservice->updateUser($userid, $detPass, $detName, $detPrivateKey, $detMail, $detPage, $detDesc)) {
$tplvars['error'] = T_('An error occurred while saving your changes.');
} else {
$tplVars['msg'] = T_('Changes saved.');
@ -122,5 +124,7 @@ if (!$userservice->isLoggedOn() || $currentUser->getId() != $userid) {
}
$tplVars['objectUser'] = $userinfo;
$tplVars['loadjs'] = true;
$templateservice->loadTemplate($templatename, $tplVars);
?>

10
www/rss.php
View File

@ -27,7 +27,7 @@ $bookmarkservice = SemanticScuttle_Service_Factory::get('Bookmark');
$cacheservice = SemanticScuttle_Service_Factory::get('Cache');
if (isset($_SERVER['PATH_INFO']) && strlen($_SERVER['PATH_INFO']) >1) {
list($url, $user, $cat) = explode('/', $_SERVER['PATH_INFO']);
@list($url, $user, $cat) = explode('/', $_SERVER['PATH_INFO']);
} else {
$url = '';
$user = '';
@ -58,6 +58,10 @@ if (!isset($rssEntries) || $rssEntries <= 0) {
$rssEntries = $maxRssEntries;
}
$privatekey = null;
if (isset($_GET['privatekey'])) {
$privatekey = $_GET['privatekey'];
}
$watchlist = null;
$pagetitle = '';
@ -94,7 +98,9 @@ $tplVars['feeddescription'] = sprintf(T_('Recent bookmarks posted to %s'), $GLOB
$bookmarks = $bookmarkservice->getBookmarks(
0, $rssEntries, $userid, $cat,
null, getSortOrder(), $watchlist
null, getSortOrder(), $watchlist,
null, null, null,
$privatekey
);
$bookmarks_tmp = filter($bookmarks['bookmarks']);

2
www/www-header.php
View File

@ -22,4 +22,4 @@ if ('@data_dir@' == '@' . 'data_dir@') {
//pear installation; files are in include path
require_once 'SemanticScuttle/header.php';
}
?>
?>