yohan/SemanticScuttle
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

merge into: yohan:master
Branches Tags
yohan:master
yohan:openid
yohan:phar
yohan:0.98
yohan:privatekey2
yohan:gadget
yohan:themes
yohan:privatekey
yohan:configurable-privacy2
yohan:quickform
yohan:search-fix
yohan:0.97
yohan:sqlopt
yohan:php-gettext-1.0.9
yohan:v0.98.5
yohan:v0.98.4
yohan:v0.98.3
yohan:v0.98.2
yohan:v0.98.1
yohan:v0.98.0
yohan:v0.97.2
yohan:v0.97.1
yohan:v0.95.2
yohan:v0.96
yohan:v0.96.1
yohan:v0.97
yohan:v0.94
yohan:v0.91
yohan:v0.90
yohan:v0.88
...
pull from: yohan:privatekey
Branches Tags
yohan:master
yohan:openid
yohan:phar
yohan:0.98
yohan:privatekey2
yohan:gadget
yohan:themes
yohan:privatekey
yohan:configurable-privacy2
yohan:quickform
yohan:search-fix
yohan:0.97
yohan:sqlopt
yohan:php-gettext-1.0.9
yohan:v0.98.5
yohan:v0.98.4
yohan:v0.98.3
yohan:v0.98.2
yohan:v0.98.1
yohan:v0.98.0
yohan:v0.97.2
yohan:v0.97.1
yohan:v0.95.2
yohan:v0.96
yohan:v0.96.1
yohan:v0.97
yohan:v0.94
yohan:v0.91
yohan:v0.90
yohan:v0.88

35 Commits
master ... privatekey

Author SHA1 Message Date
Mark Pemberton
f18b8c0444 Final updates to rss.php with correct authentication and bookmark results 2011-05-12 23:12:11 -04:00
Mark Pemberton
23cdbb53d0 merged master into privatekey 2011-05-12 19:25:51 -04:00
Mark Pemberton
0d5dc418bc modified loginPrivateKey to only authenticate with privatekey 2011-05-12 17:58:05 -04:00
Mark Pemberton
6fbc47774f Fixed testPrivateBookmarks error on accessing invalid array element 2011-05-07 01:30:10 -04:00
Christian Weiske
eb47149a40 split up privateKeyExists tests into several methods and test empty string values 2011-04-12 08:39:58 +02:00
Christian Weiske
20f4404e4c add @covers 2011-04-11 17:05:52 +02:00
Christian Weiske
f63adfba34 rewrite getNewPrivateKey to use less code 2011-04-11 17:04:10 +02:00
Christian Weiske
ae828e9d78 another updateuser privatekey test 2011-04-11 17:00:44 +02:00
Christian Weiske
d06924c662 first tests for privatekey support in updateUser 2011-04-11 16:55:25 +02:00
Christian Weiske
0ddf87c14d clarify error return value 2011-04-11 16:47:59 +02:00
Christian Weiske
8982afef1e CS fixes for privatekey 2011-04-11 16:43:08 +02:00
Christian Weiske
92f64f95cb add test for addUser method 2011-04-11 16:36:26 +02:00
Christian Weiske
7796e739ef split up loginPrivateKey method into several ones to find errors easier 2011-04-11 07:59:50 +02:00
Christian Weiske
294930e697 move test comments into error message, they are of more help there when something breaks 2011-04-08 19:20:07 +02:00
Christian Weiske
3ef5813f97 test Service_User::getUserByPrivateKey and explicitely make it publci 2011-04-08 19:16:19 +02:00
Christian Weiske
b4f6b0449b use correct coverage whitelist 2011-04-08 18:10:14 +02:00
Christian Weiske
4da00aa439 merge master 2011-04-08 08:42:52 +02:00
Mark Pemberton
828b8fdf32 Final changes to privateweb 2011-04-06 14:33:15 -04:00
Mark Pemberton
331f7e9687 Backed out bookmark query updates and additional column to User table. Added additional tests 2011-03-19 01:40:56 -04:00
Mark Pemberton
c18207edb9 Added enablePrivateKey column to user table and added additional index in bookmarks table 2011-02-28 02:06:14 -05:00
Mark Pemberton
71a717b1b3 Merge branch 'master' into privatekey 
Conflicts:

	www/gsearch/index.php
 2011-02-28 01:44:02 -05:00
Mark Pemberton
2a4e91f8f3 Added enable feature and removed ajax call in profile.php 2011-02-27 00:37:14 -05:00
Mark Pemberton
7109719b5c Proposed attempt at enhancing database queries 2011-02-27 00:08:25 -05:00
Mark Pemberton
38fde526eb Included private rss in index.php and fixed bug in profile.php on call to updateUser() 2011-02-12 17:03:36 -05:00
Mark Pemberton
8f64c0acb4 Altered method of rss authentication to be temporarily logged in 2011-02-07 00:11:33 -05:00
Mark Pemberton
2242a0da33 Final changes to Private Key branch 2011-02-05 00:09:48 -05:00
Mark Pemberton
f6873268e5 Updated tests to reflect private key changes 2011-02-04 23:38:21 -05:00
Mark Pemberton
181f33b258 Merge commit 'origin/master' into privatekey 2011-02-02 23:16:59 -05:00
Mark Pemberton
43ad8e7725 Cleaned up User.php and moved Private Key function to it 2011-02-02 23:16:23 -05:00
Mark Pemberton
a32c9a1578 added secondary rss feed to bookmark page to test 2011-01-31 02:01:41 -05:00
Mark Pemberton
97717684c4 added new file 2011-01-31 01:47:16 -05:00
Mark Pemberton
ce9124bfd5 mostly done with the private key updates 2011-01-31 01:41:57 -05:00
Mark Pemberton
000cfd76cc More code cleanup 2011-01-24 21:49:33 -05:00
Mark Pemberton
456af09a04 Cleaning up some code in www folder 2011-01-24 02:04:08 -05:00
root
8d91bf83bc Partial update to Private Key update 2011-01-22 20:38:31 -05:00
79 changed files with 2426 additions and 1337 deletions
Show Stats Expand all files Collapse all files

4
.gitignore vendored
View File

@ -1,4 +1,8 @@
dist/
.project
.buildpath
.settings
build.properties
html.properties
package.xml
semanticscuttle-dump.sql

3
data/schema/6.sql
View File

@ -2,3 +2,6 @@ CREATE TABLE `sc_version` (
`schema_version` int(11) NOT NULL
) DEFAULT CHARSET=utf8;
INSERT INTO `sc_version` (`schema_version`) VALUES ('6');
ALTER TABLE `sc_users` ADD `privateKey` VARCHAR(33) NULL;
CREATE INDEX `privateKey` ON `sc_users` (`privateKey`);

7
data/tables.sql
View File

@ -23,7 +23,8 @@ CREATE TABLE `sc_bookmarks` (
PRIMARY KEY (`bId`),
KEY `sc_bookmarks_usd` (`uId`,`bStatus`,`bDatetime`),
KEY `sc_bookmarks_hui` (`bHash`,`uId`,`bId`),
KEY `sc_bookmarks_du` (`bDatetime`,`uId`)
KEY `sc_bookmarks_du` (`bDatetime`,`uId`).
KEY `sc_bookmarks_mod` (`bModified`)
) CHARACTER SET utf8 COLLATE utf8_general_ci ;
-- --------------------------------------------------------
@ -72,7 +73,9 @@ CREATE TABLE `sc_users` (
`email` varchar(50) NOT NULL default '',
`homepage` varchar(255) default NULL,
`uContent` text,
PRIMARY KEY (`uId`)
`privateKey` varchar(33) default NULL,
PRIMARY KEY (`uId`),
UNIQUE KEY `privateKey` (`privateKey`)
) CHARACTER SET utf8 COLLATE utf8_general_ci ;
-- --------------------------------------------------------

8
data/templates/about.tpl.php
View File

@ -16,9 +16,11 @@ $this->includeTemplate($GLOBALS['top_include']);
<?php if(!is_null($currentUser) && $currentUser->isAdmin()): ?>
<li>SemanticScuttle v0.97.0</li>
<?php endif ?>
<?php
if (!is_null($currentUser) && $currentUser->isAdmin()) {
echo "<li>SemanticScuttle v0.97.0</li>";
}
?>
</ul>
<h3><?php echo T_('Tips'); ?></h3>

12
data/templates/bookmarks.tpl.php
View File

@ -215,17 +215,7 @@ if ($currenttag!= '') {
$blast = '<a href="'. sprintf($nav_url, $user, $currenttag, '?page=') . $totalpages . $sortAmp .'">'. T_('Last') ."</a>\n";
}
// RSS
$brss = '';
$size = count($rsschannels);
for ($i = 0; $i < $size; $i++) {
$brss = '<a style="background:#FFFFFF" href="'. htmlspecialchars($rsschannels[$i][1]) . '"'
. ' title="' . htmlspecialchars($rsschannels[$i][0]) . '">'
. '<img src="' . ROOT . 'images/rss.gif" width="16" height="16" alt="' . htmlspecialchars($rsschannels[$i][0]) .'"/>'
. '</a>';
}
$pagesBanner = '<p class="paging">'. $bfirst .'<span> / </span>'. $bprev .'<span> / </span>'. $bnext .'<span> / </span>'. $blast .'<span> / </span>'. sprintf(T_('Page %d of %d'), $page, $totalpages) ." ". $brss ." </p>\n";
$pagesBanner = '<p class="paging">'. $bfirst .'<span> / </span>'. $bprev .'<span> / </span>'. $bnext .'<span> / </span>'. $blast .'<span> / </span>'. sprintf(T_('Page %d of %d'), $page, $totalpages) ." </p>\n";
if (getPerPageCount($currentUser) > 10) {
echo $pagesBanner; // display a page banner if too many bookmarks to manage

8
data/templates/editprofile.tpl.php
View File

@ -28,6 +28,14 @@ $this->includeTemplate($GLOBALS['top_include']);
<td><input type="text" name="pMail" size="75" value="<?php echo filter($objectUser->getEmail(), 'xml'); ?>" /></td>
<td> <?php echo T_('Required'); ?></td>
</tr>
<tr>
<th align="left"><?php echo T_('Private RSS Feed'); ?></th>
<td><input type="checkbox" id="pEnablePrivateKey" name="pEnablePrivateKey" value="true" <?php echo $privateKeyIsEnabled;?> />
<label for="pEnablePrivateKey"><?php echo T_('Enable'); ?></label>&nbsp;&nbsp;&nbsp;
<input type="text" id="pPrivateKey" name="pPrivateKey" size="40" value="<?php echo $privateKey;?>" readonly="readonly" />
<input type="submit" name="submittedPK" value="<?php echo T_('Generate New Key'); ?>" />
</td>
</tr>
</table>
<h3><?php echo T_('Personal Details'); ?></h3>

2
data/templates/rss.tpl.php
View File

@ -3,7 +3,7 @@ echo '<' . '?xml version="1.0" encoding="utf-8" ?' . ">\n";
?>
<rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/">
<channel>
<title><?php echo htmlspecialchars($feedtitle); ?></title>
<title><?php echo $feedtitle; ?></title>
<link><?php echo htmlspecialchars($feedlink); ?></link>
<description><?php echo htmlspecialchars($feeddescription); ?></description>
<pubDate><?php echo date('r'); ?></pubDate>

5
data/templates/top.inc.php
View File

@ -11,9 +11,8 @@
if (isset($rsschannels)) {
$size = count($rsschannels);
for ($i = 0; $i < $size; $i++) {
echo ' <link rel="alternate" type="application/rss+xml" title="'
. htmlspecialchars($rsschannels[$i][0]) . '"'
. ' href="'. $rsschannels[$i][1] .'" />';
echo ' <link rel="alternate" type="application/rss+xml" title="' . $rsschannels[$i][0] . '"'
. ' href="'. $rsschannels[$i][1] .'" />'."\n";
}
}
?>

3
doc/UPGRADE.txt
View File

@ -12,6 +12,9 @@ Database updates: Apply data/schema/6.sql or do the following:
INSERT INTO `sc_version` (`schema_version`) VALUES ('6');
ALTER TABLE `sc_users` ADD `privateKey` VARCHAR(33) NULL;
CREATE INDEX `privateKey` ON `sc_users` (`privateKey`);
From version 0.96 to 0.97
-------------------------

5
scripts/create-testbookmarks.php
View File

@ -5,10 +5,11 @@
require_once dirname(__FILE__) . '/../src/SemanticScuttle/header-standalone.php';
$us = SemanticScuttle_Service_Factory::get('User');
$uid = $us->addUser('dummy', 'dummy', 'dummy@example.org');
//$uid = $us->addUser('dummy', 'dummy', 'dummy@example.org');
$uid = $us->getUserByUserName('user123');
$bs = SemanticScuttle_Service_Factory::get('Bookmark');
for ($nA = 0; $nA < 10; $nA++) {
for ($nA = 0; $nA < 10000; $nA++) {
$rand = rand();
$bid = $bs->addBookmark(
'http://example.org/' . $rand,

24
src/SemanticScuttle/Model/User.php
View File

@ -35,6 +35,7 @@ class SemanticScuttle_Model_User
var $content;
var $datetime;
var $isAdmin;
var $privateKey;
/**
* Create a new user object
@ -68,6 +69,29 @@ class SemanticScuttle_Model_User
return $this->username;
}
/**
* Returns private key
*
* @param boolean return sanitized value which basically drops
* leading dash if exists
*
* @return string private key
*/
public function getPrivateKey($sanitized = false)
{
// Look for value only if not already set
if (!isset($this->privateKey)) {
$us = SemanticScuttle_Service_Factory::get('User');
$user = $us->getUser($this->id);
$this->privateKey = $user['privateKey'];
}
if ($sanitized == true) {
return substr($this->privateKey, -32);
} else {
return $this->privateKey;
}
}
/**
* Returns full user name as specified in the profile.
*

2
src/SemanticScuttle/Service.php
View File

@ -33,8 +33,6 @@ class SemanticScuttle_Service
*/
protected $db;
/**
* Returns the single service instance
*

2
src/SemanticScuttle/Service/AuthUser.php
View File

@ -86,7 +86,7 @@ class SemanticScuttle_Service_AuthUser extends SemanticScuttle_Service_User
/**
* Create new instance
*
* @var sql_db $db Database object
* @param sql_db $db Database object
*/
protected function __construct($db)
{

11
src/SemanticScuttle/Service/Bookmark.php
View File

@ -305,8 +305,7 @@ class SemanticScuttle_Service_Bookmark extends SemanticScuttle_DbService
if (!is_numeric($bookmark)
&& (!is_array($bookmark)
|| !isset($bookmark['bId'])
|| !is_numeric($bookmark['bId'])
)
|| !is_numeric($bookmark['bId']))
) {
return false;
}
@ -717,9 +716,10 @@ class SemanticScuttle_Service_Bookmark extends SemanticScuttle_DbService
// All public bookmarks, user's own bookmarks
// and any shared with user
$privacy = ' AND ((B.bStatus = 0) OR (B.uId = '. $sId .')';
$watchnames = $userservice->getWatchNames($sId, true);
$watchnames = $userservice->getWatchNames($sId);
foreach ($watchnames as $watchuser) {
$privacy .= ' OR (U.username = "'. $watchuser .'" AND B.bStatus = 1)';
$privacy .= ' OR (U.username = "'. $watchuser;
$privacy .= '" AND B.bStatus = 1)';
}
$privacy .= ')';
} else {
@ -748,7 +748,8 @@ class SemanticScuttle_Service_Bookmark extends SemanticScuttle_DbService
$query_2 = ' FROM '. $userservice->getTableName() .' AS U'
. ', '. $this->getTableName() .' AS B';
$query_3 = ' WHERE B.uId = U.'. $userservice->getFieldName('primary') . $privacy;
$query_3 = ' WHERE B.uId = U.'. $userservice->getFieldName('primary');
$query_3 .= $privacy;
if ($GLOBALS['enableVoting'] && $GLOBALS['hideBelowVoting'] !== null
&& !$userservice->isAdmin($userservice->getCurrentUserId())

2
src/SemanticScuttle/Service/Bookmark2Tag.php
View File

@ -99,7 +99,7 @@ class SemanticScuttle_Service_Bookmark2Tag extends SemanticScuttle_DbService
$tags_count = is_array($tags)?count($tags):0;
for ($i = 0; $i < $tags_count; $i++) {
$tags[$i] = trim(strtolower($tags[$i]));
$tags[$i] = trim(utf8_strtolower($tags[$i]));
if ($fromApi) {
include_once 'SemanticScuttle/functions.php';
$tags[$i] = convertTag($tags[$i], 'in');

4
src/SemanticScuttle/Service/Tag.php
View File

@ -141,10 +141,10 @@ class SemanticScuttle_Service_Tag extends SemanticScuttle_DbService
//normalize
if(!is_array($tags)) {
$tags = strtolower(trim($tags));
$tags = utf8_strtolower(trim($tags));
} else {
for($i=0; $i<count($tags); $i++) {
$tags[$i] = strtolower(trim($tags[$i]));
$tags[$i] = utf8_strtolower(trim($tags[$i]));
}
}
return $tags;

523
src/SemanticScuttle/Service/User.php
View File

@ -50,7 +50,8 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
protected $fields = array(
'primary' => 'uId',
'username' => 'username',
'password' => 'password'
'password' => 'password',
'privatekey' => 'privatekey'
);
protected $profileurl;
@ -74,6 +75,11 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
return $instance;
}
/**
* Create a new instance
*
* @param sql_db $db Database object
*/
protected function __construct($db)
{
$this->db = $db;
@ -95,7 +101,8 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
protected function _getuser($fieldname, $value)
{
$query = 'SELECT * FROM '. $this->getTableName()
. ' WHERE ' . $fieldname . ' = "' . $this->db->sql_escape($value) . '"';
. ' WHERE ' . $fieldname . ' = "'
. $this->db->sql_escape($value) . '"';
if (!($dbresult = $this->db->sql_query($query)) ) {
message_die(
@ -114,13 +121,25 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
}
}
function & getUsers($nb=0) {
/**
* Fetches the list of users from the database
* optionally limiting the results set
*
* @param integer $nb Max number of users to return
*
* @return array Data array from database
*/
public function & getUsers($nb = 0)
{
$query = 'SELECT * FROM '. $this->getTableName() .' ORDER BY `uId` DESC';
if ($nb>0) {
$query .= ' LIMIT 0, '.$nb;
}
if (!($dbresult =& $this->db->sql_query($query))) {
message_die(GENERAL_ERROR, 'Could not get user', '', __LINE__, __FILE__, $query, $this->db);
message_die(
GENERAL_ERROR, 'Could not get user', '',
__LINE__, __FILE__, $query, $this->db
);
return false;
}
@ -167,7 +186,13 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
return $users;
}
function _randompassword() {
/**
* Generate a Random Password
*
* @return string random password
*/
function _randompassword()
{
$seed = (integer) md5(microtime());
mt_srand($seed);
$password = mt_rand(1, 99999999);
@ -175,15 +200,30 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
return $password;
}
function _updateuser($uId, $fieldname, $value) {
/**
* Update Specific field on User Record
*
* @param integer $uId User ID
* @param string $fieldname Field Name
* @param string $value Value
*
* @return boolean true if a user is logged in
*/
function _updateuser($uId, $fieldname, $value)
{
$updates = array ($fieldname => $value);
$sql = 'UPDATE '. $this->getTableName() .' SET '. $this->db->sql_build_array('UPDATE', $updates) .' WHERE '. $this->getFieldName('primary') .'='. intval($uId);
$sql = 'UPDATE '. $this->getTableName() .' SET '
. $this->db->sql_build_array('UPDATE', $updates) .' WHERE '
. $this->getFieldName('primary') .'='. intval($uId);
// Execute the statement.
$this->db->sql_transaction('begin');
if (!($dbresult = & $this->db->sql_query($sql))) {
$this->db->sql_transaction('rollback');
message_die(GENERAL_ERROR, 'Could not update user', '', __LINE__, __FILE__, $sql, $this->db);
message_die(
GENERAL_ERROR, 'Could not update user', '',
__LINE__, __FILE__, $sql, $this->db
);
return false;
}
$this->db->sql_transaction('commit');
@ -192,22 +232,59 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
return true;
}
function getProfileUrl($id, $username) {
/**
* Generate Profile URL
*
* @param integer $id User ID
* @param string $username User Name
*
* @return string Profile URL
*/
function getProfileUrl($id, $username)
{
return sprintf($this->profileurl, urlencode($id), urlencode($username));
}
function getUserByUsername($username) {
/**
* Returns user row from database.
*
* @param string $username User Name
*
* @return array User array from database, false if no user was found
*/
public function getUserByUsername($username)
{
return $this->_getuser($this->getFieldName('username'), $username);
}
function getObjectUserByUsername($username) {
/**
* Returns user row from database.
*
* @param string $privatekey Private Key
*
* @return array User array from database, false if no user was found
*/
public function getUserByPrivateKey($privatekey)
{
return $this->_getuser($this->getFieldName('privatekey'), $privatekey);
}
/**
* Returns user row from database.
*
* @param string $username User Name
*
* @return array User array from database, else null
*/
function getObjectUserByUsername($username)
{
$user = $this->_getuser($this->getFieldName('username'), $username);
if ($user != false) {
return new SemanticScuttle_Model_User(
$user[$this->getFieldName('primary')], $username
);
} else {
return NULL;
return null;
}
}
@ -238,7 +315,7 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
*
* @param integer $id User ID
*
* @return array User array from database
* @return array User array from database, false if not found
*/
public function getUser($id)
{
@ -260,10 +337,32 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
);
}
function isLoggedOn() {
/**
* Checks if there is a user logged in
*
* @return boolean true if a user is logged in
*/
function isLoggedOn()
{
return ($this->getCurrentUserId() !== false);
}
/**
* Tells you if the private key is enabled and valid
*
* @param string $privateKey Private Key
*
* @return boolean True if enabled and valid
*/
public function isPrivateKeyValid($privateKey)
{
// check length of private key
if (strlen($privateKey) == 32) {
return true;
}
return false;
}
/**
* Returns the current user object
*
@ -278,7 +377,7 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
{
if (!is_null($newval)) {
//internal use only: reset currentuser
$currentuser = $newval;
$this->currentuser = $newval;
} else if ($refresh || !isset($this->currentuser)) {
if ($id = $this->getCurrentUserId()) {
$this->currentuser = $this->getUser($id);
@ -315,7 +414,15 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
return $currentObjectUser;
}
function existsUserWithUsername($username) {
/**
* Checks if the given user exists
*
* @param string $username User Name
*
* @return boolean true if the user exists
*/
function existsUserWithUsername($username)
{
if ($this->getUserByUsername($username) != '') {
return true;
} else {
@ -323,7 +430,15 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
}
}
function existsUser($id) {
/**
* Checks if the given user exists
*
* @param integer $id User ID
*
* @return boolean true if the user exists
*/
function existsUser($id)
{
if ($this->getUser($id) != '') {
return true;
} else {
@ -343,7 +458,7 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
* @param integer|array|string $user User ID or user row from DB
* or user name
*
* @return boolean True if the user is admin
* @return boolean true if the user is admin
*/
function isAdmin($user)
{
@ -414,13 +529,13 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
/**
* Set the current user ID (i.e. when logging on)
*
* @internal
* No ID verification is being done.
*
* @param integer $user User ID or null to unset the user
* @param boolean $storeInSession Store the user ID in the session
*
* @return void
*
* @internal
* No ID verification is being done.
*/
public function setCurrentUserId($user, $storeInSession = false)
{
@ -456,7 +571,12 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
public function login($username, $password, $remember = false)
{
$password = $this->sanitisePassword($password);
$query = 'SELECT '. $this->getFieldName('primary') .' FROM '. $this->getTableName() .' WHERE '. $this->getFieldName('username') .' = "'. $this->db->sql_escape($username) .'" AND '. $this->getFieldName('password') .' = "'. $this->db->sql_escape($password) .'"';
$query = 'SELECT '. $this->getFieldName('primary') .' FROM '
. $this->getTableName() .' WHERE '
. $this->getFieldName('username') .' = "'
. $this->db->sql_escape($username) .'" AND '
. $this->getFieldName('password') .' = "'
. $this->db->sql_escape($password) .'"';
if (!($dbresult = $this->db->sql_query($query))) {
message_die(
@ -485,6 +605,47 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
}
}
/**
* Try to authenticate via the privatekey
*
* @param string $privatekey Private Key
*
* @return boolean true if the user could be authenticated,
* false if not.
*/
public function loginPrivateKey($privatekey)
{
/* Check if private key valid and enabled */
if (!$this->isPrivateKeyValid($privatekey)) {
return false;
}
$query = 'SELECT '. $this->getFieldName('primary') .' FROM '
. $this->getTableName() .' WHERE '
. $this->getFieldName('privatekey') .' = "'
. $this->db->sql_escape($privatekey) .'"';
if (!($dbresult = $this->db->sql_query($query))) {
message_die(
GENERAL_ERROR,
'Could not get user',
'', __LINE__, __FILE__, $query, $this->db
);
return false;
}
$row = $this->db->sql_fetchrow($dbresult);
$this->db->sql_freeresult($dbresult);
if ($row) {
$id = $_SESSION[$this->getSessionKey()]
= $row[$this->getFieldName('primary')];
return true;
} else {
return false;
}
}
/**
* Logs the user off
*
@ -495,15 +656,28 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
@setcookie($this->getCookiekey(), '', time() - 1, '/');
unset($_COOKIE[$this->getCookiekey()]);
session_unset();
$this->getCurrentUser(TRUE, false);
$this->currentuserId = null;
$this->currentuser = null;
}
function getWatchlist($uId) {
// Gets the list of user IDs being watched by the given user.
$query = 'SELECT watched FROM '. $GLOBALS['tableprefix'] .'watched WHERE uId = '. intval($uId);
/**
* Gets the list of user IDs being watched by the given user.
*
* @param string $uId Current User ID
*
* @return mixed array if valid query and generates data
* boolean false if an error occured
*/
function getWatchlist($uId)
{
$query = 'SELECT watched FROM '. $GLOBALS['tableprefix']
.'watched WHERE uId = '. intval($uId);
if (! ($dbresult =& $this->db->sql_query($query)) ) {
message_die(GENERAL_ERROR, 'Could not get watchlist', '', __LINE__, __FILE__, $query, $this->db);
message_die(
GENERAL_ERROR, 'Could not get watchlist', '',
__LINE__, __FILE__, $query, $this->db
);
return false;
}
@ -570,34 +744,58 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
}
function getWatchStatus($watcheduser, $currentuser) {
// Returns true if the current user is watching the given user, and false otherwise.
$query = 'SELECT watched FROM '. $GLOBALS['tableprefix'] .'watched AS W INNER JOIN '. $this->getTableName() .' AS U ON U.'. $this->getFieldName('primary') .' = W.watched WHERE U.'. $this->getFieldName('primary') .' = '. intval($watcheduser) .' AND W.uId = '. intval($currentuser);
function getWatchStatus($watcheduser, $currentuser)
{
// Returns true if the current user is watching
// the given user, and false otherwise.
$query = 'SELECT watched FROM '. $GLOBALS['tableprefix'] .'watched AS W'
. ' INNER JOIN '. $this->getTableName() .' AS U'
. ' ON U.'. $this->getFieldName('primary') .' = W.watched'
. ' WHERE U.'. $this->getFieldName('primary') .' = '
. intval($watcheduser) .' AND W.uId = '. intval($currentuser);
if (! ($dbresult =& $this->db->sql_query($query)) ) {
message_die(GENERAL_ERROR, 'Could not get watchstatus', '', __LINE__, __FILE__, $query, $this->db);
message_die(
GENERAL_ERROR, 'Could not get watchstatus', '',
__LINE__, __FILE__, $query, $this->db
);
return false;
}
$arrWatch = array();
if ($this->db->sql_numrows($dbresult) == 0)
if ($this->db->sql_numrows($dbresult) == 0) {
return false;
else
} else {
return true;
}
}
function setWatchStatus($subjectUserID) {
if (!is_numeric($subjectUserID))
/**
* Set Watch Status
*
* @param string $subjectUserID User ID to Watch
*
* @return boolean true if it successful, false if not
*/
function setWatchStatus($subjectUserID)
{
if (!is_numeric($subjectUserID)) {
return false;
}
$currentUserID = $this->getCurrentUserId();
$watched = $this->getWatchStatus($subjectUserID, $currentUserID);
if ($watched) {
$sql = 'DELETE FROM '. $GLOBALS['tableprefix'] .'watched WHERE uId = '. intval($currentUserID) .' AND watched = '. intval($subjectUserID);
$sql = 'DELETE FROM '. $GLOBALS['tableprefix']
.'watched WHERE uId = '. intval($currentUserID)
.' AND watched = '. intval($subjectUserID);
if (!($dbresult =& $this->db->sql_query($sql))) {
$this->db->sql_transaction('rollback');
message_die(GENERAL_ERROR, 'Could not add user to watch list', '', __LINE__, __FILE__, $sql, $this->db);
message_die(
GENERAL_ERROR, 'Could not add user to watch list',
'', __LINE__, __FILE__, $sql, $this->db
);
return false;
}
} else {
@ -605,10 +803,14 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
'uId' => intval($currentUserID),
'watched' => intval($subjectUserID)
);
$sql = 'INSERT INTO '. $GLOBALS['tableprefix'] .'watched '. $this->db->sql_build_array('INSERT', $values);
$sql = 'INSERT INTO '. $GLOBALS['tableprefix'] .'watched '
. $this->db->sql_build_array('INSERT', $values);
if (!($dbresult =& $this->db->sql_query($sql))) {
$this->db->sql_transaction('rollback');
message_die(GENERAL_ERROR, 'Could not add user to watch list', '', __LINE__, __FILE__, $sql, $this->db);
message_die(
GENERAL_ERROR, 'Could not add user to watch list',
'', __LINE__, __FILE__, $sql, $this->db
);
return false;
}
}
@ -625,11 +827,12 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
* @param string $username Username to use
* @param string $password Password to use
* @param string $email Email to use
* @param string $privateKey Key for RSS auth
*
* @return mixed Integer user ID if all is well,
* boolean false if an error occured
*/
public function addUser($username, $password, $email)
public function addUser($username, $password, $email, $privateKey = null)
{
// Set up the SQL UPDATE statement.
$datetime = gmdate('Y-m-d H:i:s', time());
@ -639,7 +842,8 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
'password' => $password,
'email' => $email,
'uDatetime' => $datetime,
'uModified' => $datetime
'uModified' => $datetime,
'privateKey' => $privateKey
);
$sql = 'INSERT INTO '. $this->getTableName()
. ' '. $this->db->sql_build_array('INSERT', $values);
@ -660,23 +864,76 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
return $uId;
}
function updateUser($uId, $password, $name, $email, $homepage, $uContent) {
if (!is_numeric($uId))
/**
* Update user record.
* Updates all values even if they are empty, except passwords.
* An empty password is not set.
*
* No validation is made here.
*
* @param integer $uId User ID
* @param string $password User Password
* @param string $name User Name
* @param string $email Email Address
* @param string $homepage Homepage URL
* @param string $uContent Content
* @param string $privateKey RSS Private Key
* @param boolean $enablePrivateKey RSS Private Key Flag
*
* @return boolean true if it successful, false if not
*/
public function updateUser(
$uId, $password, $name, $email, $homepage, $uContent,
$privateKey = null, $enablePrivateKey = false
) {
if (!is_numeric($uId)) {
return false;
}
// prepend '-' to privateKey if disabled
if ($privateKey != null && strlen($privateKey) == 32
&& $enablePrivateKey == false
) {
$privateKey = '-' . $privateKey;
}
// remove '-' from privateKey if enabling
if ($privateKey != null && strlen($privateKey) == 33
&& $enablePrivateKey == true
) {
$privateKey = substr($privateKey, 1, 32);
}
// if new user is enabling Private Key, create new key
if ($privateKey == null && $enablePrivateKey == true) {
$privateKey = $this->getNewPrivateKey();
}
// Set up the SQL UPDATE statement.
$moddatetime = gmdate('Y-m-d H:i:s', time());
if ($password == '')
$updates = array ('uModified' => $moddatetime, 'name' => $name, 'email' => $email, 'homepage' => $homepage, 'uContent' => $uContent);
else
$updates = array ('uModified' => $moddatetime, 'password' => $this->sanitisePassword($password), 'name' => $name, 'email' => $email, 'homepage' => $homepage, 'uContent' => $uContent);
$sql = 'UPDATE '. $this->getTableName() .' SET '. $this->db->sql_build_array('UPDATE', $updates) .' WHERE '. $this->getFieldName('primary') .'='. intval($uId);
if ($password == '') {
$updates = array (
'uModified' => $moddatetime, 'name' => $name,
'email' => $email, 'homepage' => $homepage,
'uContent' => $uContent, 'privateKey' => $privateKey);
} else {
$updates = array ('uModified' => $moddatetime,
'password' => $this->sanitisePassword($password),
'name' => $name, 'email' => $email, 'homepage' => $homepage,
'uContent' => $uContent, 'privateKey' => $privateKey);
}
$sql = 'UPDATE '. $this->getTableName() .' SET '
. $this->db->sql_build_array('UPDATE', $updates) .' WHERE '
. $this->getFieldName('primary') .'='. intval($uId);
// Execute the statement.
$this->db->sql_transaction('begin');
if (!($dbresult = & $this->db->sql_query($sql))) {
$this->db->sql_transaction('rollback');
message_die(GENERAL_ERROR, 'Could not update user', '', __LINE__, __FILE__, $sql, $this->db);
message_die(
GENERAL_ERROR, 'Could not update user', '',
__LINE__, __FILE__, $sql, $this->db
);
return false;
}
$this->db->sql_transaction('commit');
@ -685,11 +942,20 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
return true;
}
function getAllUsers ( ) {
/**
* Get list of All Users
*
* @return array List of Users
*/
function getAllUsers()
{
$query = 'SELECT * FROM '. $this->getTableName();
if (! ($dbresult =& $this->db->sql_query($query)) ) {
message_die(GENERAL_ERROR, 'Could not get users', '', __LINE__, __FILE__, $query, $this->db);
message_die(
GENERAL_ERROR, 'Could not get users', '',
__LINE__, __FILE__, $query, $this->db
);
return false;
}
@ -703,20 +969,39 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
}
// Returns an array with admin uIds
function getAdminIds() {
/**
* Get list of Admin IDs
*
* @return array Admins Admin IDs
*/
function getAdminIds()
{
$admins = array();
foreach ($GLOBALS['admin_users'] as $adminName) {
if($this->getIdFromUser($adminName) != NULL)
if ($this->getIdFromUser($adminName) != null) {
$admins[] = $this->getIdFromUser($adminName);
}
}
return $admins;
}
function deleteUser($uId) {
$query = 'DELETE FROM '. $this->getTableName() .' WHERE uId = '. intval($uId);
/**
* Delete a user based on user ID
*
* @param string $uId User ID
*
* @return boolean true if it successful, false if not
*/
function deleteUser($uId)
{
$query = 'DELETE FROM '. $this->getTableName() .
' WHERE uId = '. intval($uId);
if (!($dbresult = & $this->db->sql_query($query))) {
message_die(GENERAL_ERROR, 'Could not delete user', '', __LINE__, __FILE__, $query, $this->db);
message_die(
GENERAL_ERROR, 'Could not delete user',
'', __LINE__, __FILE__, $query, $this->db
);
return false;
}
@ -777,7 +1062,66 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
}
}
function isReserved($username) {
/**
* Generates a new private key and confirms it isn't being used.
* Private key is 32 characters long, consisting of lowercase and
* numeric characters.
*
* @return string the new key value
*/
public function getNewPrivateKey()
{
do {
$newKey = md5(uniqid('SemanticScuttle', true));
} while ($this->privateKeyExists($newKey));
return $newKey;
}
/**
* Checks if a private key already exists
*
* @param string $privateKey key that has been generated
*
* @return boolean true when the private key exists,
* False if not.
*/
public function privateKeyExists($privateKey)
{
if (!$privateKey) {
return false;
}
$crit = array('privateKey' => $privateKey);
$sql = 'SELECT COUNT(*) as "0" FROM '
. $GLOBALS['tableprefix'] . 'users'
. ' WHERE '. $this->db->sql_build_array('SELECT', $crit);
if (!($dbresult = $this->db->sql_query($sql))) {
message_die(
GENERAL_ERROR, 'Could not get vars', '',
__LINE__, __FILE__, $sql, $this->db
);
}
if ($this->db->sql_fetchfield(0, 0) > 0) {
$exists = true;
} else {
$exists = false;
}
$this->db->sql_freeresult($dbresult);
return $exists;
}
/**
* Checks if the given username is a reserved username
*
* @param string $username User Name
*
* @return boolean true if it is valid, false if not
*/
function isReserved($username)
{
if (in_array($username, $GLOBALS['reservedusers'])) {
return true;
} else {
@ -785,11 +1129,20 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
}
}
function isValidUsername($username) {
/**
* Checks if the given username is valid
*
* @param string $username User Name
*
* @return boolean true if it is valid, false if not
*/
function isValidUsername($username)
{
if (strlen($username) < 4) {
return false;
} elseif (strlen($username) > 24) {
// too long usernames are cut by database and may cause bugs when compared
// too long usernames are cut by database
//and may cause bugs when compared
return false;
} elseif (preg_match('/(\W)/', $username) > 0) {
// forbidden non-alphanumeric characters
@ -798,14 +1151,12 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
return true;
}
/**
* Checks if the given email address is valid
*
* @param string $email Email address
*
* @return boolean True if it is valid, false if not
* @return boolean true if it is valid, false if not
*/
public function isValidEmail($email)
{
@ -837,7 +1188,7 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
* call with that session id. If the session is old,
* we know that cookies (or session persistance) works
*
* @return boolean True if the
* @return boolean true if the
*
* @see updateSessionStability()
*/
@ -873,11 +1224,49 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
$this->fields[$field] = $value;
}
function getSessionKey() { return $this->sessionkey; }
function setSessionKey($value) { $this->sessionkey = $value; }
/**
* Get session key
*
* @return string Value
*/
function getSessionKey()
{
return $this->sessionkey;
}
function getCookieKey() { return $this->cookiekey; }
function setCookieKey($value) { $this->cookiekey = $value; }
/**
* Set session key
*
* @param string $value Session Key
*
* @return void
*/
function setSessionKey($value)
{
$this->sessionkey = $value;
}
/**
* Get cookie key
*
* @return string Value
*/
function getCookieKey()
{
return $this->cookiekey;
}
/**
* Set cookie key
*
* @param string $value Cookie Key
*
* @return void
*/
function setCookieKey($value)
{
$this->cookiekey = $value;
}
}
?>

2
src/SemanticScuttle/db/mysqli.php
View File

@ -550,7 +550,7 @@ class sql_db
}
$sql_report .= '</p>';
echo $sql_report;
$this->sql_time += $endtime - $curtime;
break;
}

65
src/SemanticScuttle/functions.php
View File

@ -18,7 +18,8 @@
// Converts tags:
// - direction = out: convert spaces to underscores;
// - direction = in: convert underscores to spaces.
function convertTag($tag, $direction = 'out') {
function convertTag($tag, $direction = 'out')
{
if ($direction == 'out') {
$tag = str_replace(' ', '_', $tag);
} else {
@ -27,7 +28,8 @@ function convertTag($tag, $direction = 'out') {
return $tag;
}
function filter($data, $type = NULL) {
function filter($data, $type = null)
{
if (is_string($data)) {
$data = trim($data);
$data = stripslashes($data);
@ -63,7 +65,8 @@ function getPerPageCount($userObject = null)
global $defaultPerPage, $defaultPerPageForAdmins;
if (isset($defaultPerPageForAdmins)
&& $userObject != null && $userObject->isAdmin()
&& $userObject != null
&& $userObject->isAdmin()
) {
return $defaultPerPageForAdmins;
} else {
@ -71,7 +74,8 @@ function getPerPageCount($userObject = null)
}
}
function getSortOrder($override = NULL) {
function getSortOrder($override = null)
{
global $defaultOrderBy;
if (isset($_GET['sort'])) {
@ -83,7 +87,8 @@ function getSortOrder($override = NULL) {
}
}
function multi_array_search($needle, $haystack) {
function multi_array_search($needle, $haystack)
{
if (is_array($haystack)) {
foreach (array_keys($haystack) as $key) {
$value =& $haystack[$key];
@ -107,7 +112,8 @@ function multi_array_search($needle, $haystack) {
}
}
function createURL($page = '', $ending = '') {
function createURL($page = '', $ending = '')
{
global $cleanurls;
if (!$cleanurls && $page != '') {
$page .= '.php';
@ -139,7 +145,8 @@ function createVoteURL($for, $bId)
}
/* Shorten a string like a URL for example by cutting the middle of it */
function shortenString($string, $maxSize=75) {
function shortenString($string, $maxSize=75)
{
$output = '';
if (strlen($string) > $maxSize) {
$output = substr($string, 0, $maxSize/2).'...'.substr($string, -$maxSize/2);
@ -150,7 +157,8 @@ function shortenString($string, $maxSize=75) {
}
/* Check url format and check online if the url is a valid page (Not a 404 error for example) */
function checkUrl($url, $checkOnline = true) {
function checkUrl($url, $checkOnline = true)
{
//check format
if (!preg_match("#(ht|f)tp(s?)\://\S+\.\S+#i", $url)) {
return false;
@ -173,7 +181,8 @@ function checkUrl($url, $checkOnline = true) {
* including all the tags from the array $arrayTags (excepted of the $exceptedTag)
* separated by the $separator.
* */
function aggregateTags($arrayTags, $separator = ' + ', $exceptedTag = '') {
function aggregateTags($arrayTags, $separator = ' + ', $exceptedTag = '')
{
$output = '';
for ($i = 0; $i<count($arrayTags); $i++) {
@ -184,9 +193,11 @@ function aggregateTags($arrayTags, $separator = ' + ', $exceptedTag = '') {
return substr($output, 0, strlen($output) - strlen($separator));
}
function message_die($msg_code, $msg_text = '', $msg_title = '', $err_line = '', $err_file = '', $sql = '', $db = NULL) {
if(defined('HAS_DIED'))
function message_die($msg_code, $msg_text = '', $msg_title = '', $err_line = '', $err_file = '', $sql = '', $db = null)
{
if (defined('HAS_DIED')) {
die(T_('message_die() was called multiple times.'));
}
define('HAS_DIED', 1);
$sql_store = $sql;
@ -197,46 +208,53 @@ function message_die($msg_code, $msg_text = '', $msg_title = '', $err_line = '',
$sql_error = is_null($db) ? '' : $db->sql_error();
$debug_text = '';
if ($sql_error['message'] != '')
if ($sql_error['message'] != '') {
$debug_text .= '<br /><br />'. T_('SQL Error') .' : '. $sql_error['code'] .' '. $sql_error['message'];
}
if ($sql_store != '')
if ($sql_store != '') {
$debug_text .= '<br /><br />'. $sql_store;
}
if ($err_line != '' && $err_file != '')
if ($err_line != '' && $err_file != '') {
$debug_text .= '</br /><br />'. T_('Line') .' : '. $err_line .'<br />'. T_('File') .' :'. $err_file;
}
debug_print_backtrace();
}
switch($msg_code) {
case GENERAL_MESSAGE:
if ($msg_title == '')
if ($msg_title == '') {
$msg_title = T_('Information');
}
break;
case CRITICAL_MESSAGE:
if ($msg_title == '')
if ($msg_title == '') {
$msg_title = T_('Critical Information');
}
break;
case GENERAL_ERROR:
if ($msg_text == '')
if ($msg_text == '') {
$msg_text = T_('An error occured');
if ($msg_title == '')
}
if ($msg_title == '') {
$msg_title = T_('General Error');
}
break;
case CRITICAL_ERROR:
// Critical errors mean we cannot rely on _ANY_ DB information being
// available so we're going to dump out a simple echo'd statement
if ($msg_text == '')
if ($msg_text == '') {
$msg_text = T_('An critical error occured');
if ($msg_title == '')
}
if ($msg_title == '') {
$msg_title = T_('Critical Error');
}
break;
}
@ -244,9 +262,10 @@ function message_die($msg_code, $msg_text = '', $msg_title = '', $err_line = '',
// prevents debug info being output for general messages should DEBUG_MODE be
// set TRUE by accident (preventing confusion for the end user!)
if (DEBUG_MODE && ($msg_code == GENERAL_ERROR || $msg_code == CRITICAL_ERROR)) {
if ($debug_text != '')
if ($debug_text != '') {
$msg_text = $msg_text . '<br /><br /><strong>'. T_('DEBUG MODE') .'</strong>'. $debug_text;
}
}
echo "<html>\n<body>\n". $msg_title ."\n<br /><br />\n". $msg_text ."</body>\n</html>";
exit;

45
tests/BookmarkTest.php
View File

@ -1328,6 +1328,51 @@ class BookmarkTest extends TestBase
);
}
/**
* Test private bookmarks
*
* @return void
*/
public function testPrivateBookmarks()
{
$uid = $this->addUser();
/* create private bookmark */
$this->bs->addBookmark(
'http://test', 'test', 'desc', 'note',
2,//private
array(), null, null, false, false, $uid
);
/* create public bookmark */
$this->bs->addBookmark(
'http://example.org', 'title', 'desc', 'priv',
0,//public
array(), null, null, false, false, $uid
);
$this->assertEquals(1, $this->bs->countBookmarks($uid, 'public'));
$this->assertEquals(1, $this->bs->countBookmarks($uid, 'private'));
$this->assertEquals(0, $this->bs->countBookmarks($uid, 'shared'));
$this->assertEquals(2, $this->bs->countBookmarks($uid, 'all'));
$this->us->setCurrentUserId($uid);
$bookmarks = $this->bs->getBookmarks();
// first record should be private bookmark
$b0 = $bookmarks['bookmarks'][0];
$this->assertEquals('test', $b0['bTitle']);
// second record should be public bookmark
$b0 = $bookmarks['bookmarks'][1];
$this->assertEquals('title', $b0['bTitle']);
// test non authenticated query
$this->us->setCurrentUserId(null);
$bookmarks = $this->bs->getBookmarks();
// should only result in one link - public
$b2 = $bookmarks['bookmarks'][0];
$this->assertEquals('title', $b2['bTitle']);
// there should be no second record
$this->assertEquals(1,count($bookmarks['bookmarks']));
}
}

11
tests/TestBase.php
View File

@ -78,14 +78,15 @@ class TestBase extends PHPUnit_Framework_TestCase
*
* @param string $username Username
* @param string $password Password
* @param string $pkey Private Key
*
* @return integer ID of user
*
* @uses addUserData()
*/
protected function addUser($username = null, $password = null)
protected function addUser($username = null, $password = null, $pkey = null)
{
return reset($this->addUserData($username, $password));
return reset($this->addUserData($username, $password, $pkey));
}
@ -95,10 +96,11 @@ class TestBase extends PHPUnit_Framework_TestCase
*
* @param string $username Username
* @param string $password Password
* @param string $pkey Private Key
*
* @return array ID of user, Name of user, password of user
*/
protected function addUserData($username = null, $password = null)
protected function addUserData($username = null, $password = null, $pkey = null)
{
$us = SemanticScuttle_Service_Factory::get('User');
$rand = rand();
@ -113,7 +115,8 @@ class TestBase extends PHPUnit_Framework_TestCase
$uid = $us->addUser(
$username,
$password,
'unittest-' . $rand . '@example.org'
'unittest-' . $rand . '@example.org',
$pkey
);
return array($uid, $username, $password);
}

331
tests/UserTest.php
View File

@ -34,6 +34,157 @@ class UserTest extends TestBase
/**
* @covers SemanticScuttle_Service_User::addUser
*/
public function testAddUserPrivateKey()
{
$name = substr(md5(uniqid()), 0, 6);
$pkey = 'my-privatekey';
$id = $this->us->addUser(
$name, uniqid(), 'foo@example.org', $pkey
);
$this->assertNotEquals(false, $id);
$this->assertInternalType('integer', $id);
$arUser = $this->us->getUserByPrivateKey($pkey);
$this->assertNotEquals(false, $arUser, 'user not found by private key');
$this->assertEquals($id, $arUser['uId'], 'wrong user loaded');
}
/**
* @covers SemanticScuttle_Service_User::updateUser
*/
public function testUpdateUserFalseWhenIdNotNumeric()
{
$this->assertFalse(
$this->us->updateUser('foo', null, null, null, null, null)
);
}
/**
* @covers SemanticScuttle_Service_User::updateUser
*/
public function testUpdateUserPrivateKeyNewKeyEnabled()
{
$pkey = 'testUpdateUserPrivateKeyNewKey12';
$uid = $this->addUser();
$this->assertTrue(
$this->us->updateUser(
$uid, 'password', 'name', 'test@example.org', '', '',
$pkey, true
)
);
$arUser = $this->us->getUser($uid);
$this->assertInternalType('array', $arUser);
$this->assertEquals($pkey, $arUser['privateKey']);
}
/**
* @covers SemanticScuttle_Service_User::updateUser
*/
public function testUpdateUserPrivateKeyNewKeyDisabled()
{
$pkey = 'testUpdateUserPrivateKeyNewKeyDi';
$uid = $this->addUser();
$this->assertTrue(
$this->us->updateUser(
$uid, 'password', 'name', 'test@example.org', '', '',
$pkey, false
)
);
$arUser = $this->us->getUser($uid);
$this->assertInternalType('array', $arUser);
$this->assertEquals(
'-' . $pkey, $arUser['privateKey'],
'private key did not get disabled'
);
}
/**
* Passing an empty string / NULL as key but enabling it
* should automatically create a new key.
*
* @covers SemanticScuttle_Service_User::updateUser
*/
public function testUpdateUserPrivateKeyNoKeyEnabled()
{
$pkey = 'testUpdateUserPrivateKeyNoKeyEna';
$uid = $this->addUser();
$this->assertTrue(
$this->us->updateUser(
$uid, 'password', 'name', 'test@example.org', '', '',
null, true
)
);
$arUser = $this->us->getUser($uid);
$this->assertInternalType('array', $arUser);
$this->assertNotEquals(
'', $arUser['privateKey'], 'private key was not created'
);
}
/**
* Passing an empty string / NULL as key and disabling it
* should keep no key
*
* @covers SemanticScuttle_Service_User::updateUser
*/
public function testUpdateUserPrivateKeyNoKeyDisabled()
{
$pkey = 'testUpdateUserPrivateKeyNoKeyDis';
$uid = $this->addUser();
$this->assertTrue(
$this->us->updateUser(
$uid, 'password', 'name', 'test@example.org', '', '',
null, false
)
);
$arUser = $this->us->getUser($uid);
$this->assertInternalType('array', $arUser);
$this->assertEquals(
'', $arUser['privateKey'], 'private key was set'
);
}
/**
* Passing an empty string / NULL as key and disabling it
* should keep no key
*
* @covers SemanticScuttle_Service_User::updateUser
*/
public function testUpdateUserPrivateKeyExistingKeyEnabled()
{
$pkey = '12345678901234567890123456789012';
$uid = $this->addUser();
$this->assertTrue(
$this->us->updateUser(
$uid, 'password', 'name', 'test@example.org', '', '',
'-' . $pkey, true
)
);
$arUser = $this->us->getUser($uid);
$this->assertInternalType('array', $arUser);
$this->assertEquals(
$pkey, $arUser['privateKey'], 'private key was not enabled'
);
}
//FIXME: verify I cannot re-use private key of different user
/**
* Test that setting the current user ID is permanent.
* and that the current user array is the same ID
@ -176,5 +327,185 @@ class UserTest extends TestBase
);
}
public function testGetUserByPrivateKeyEmptyKey()
{
$arUser = $this->us->getUserByPrivateKey(null);
$this->assertFalse($arUser);
}
public function testGetUserByPrivateKeyInvalid()
{
$arUser = $this->us->getUserByPrivateKey('foobar');
$this->assertFalse($arUser);
$arUser = $this->us->getUserByPrivateKey('%');
$this->assertFalse($arUser);
}
public function testGetUserByPrivateKeyValidKey()
{
$pkey = $this->us->getNewPrivateKey();
$uId = $this->addUser(null, null, $pkey);
$arUser = $this->us->getUserByPrivateKey($pkey);
$this->assertInternalType('array', $arUser);
$this->assertArrayHasKey('uId', $arUser);
$this->assertArrayHasKey('username', $arUser);
$this->assertEquals($uId, $arUser['uId']);
}
/**
* @covers SemanticScuttle_Service_User::privateKeyExists
*/
public function testPrivateKeyExistsEmpty()
{
$this->assertFalse($this->us->privateKeyExists(null));
$this->assertFalse($this->us->privateKeyExists(''));
}
/**
* @covers SemanticScuttle_Service_User::privateKeyExists
*/
public function testPrivateKeyExistsInvalid()
{
$this->assertFalse($this->us->privateKeyExists('-1'));
}
/**
* @covers SemanticScuttle_Service_User::privateKeyExists
*/
public function testPrivateKeyExists()
{
$randKey = $this->us->getNewPrivateKey();
$this->assertFalse($this->us->privateKeyExists($randKey));
$uid = $this->addUser(null, null, $randKey);
$this->us->setCurrentUserId($uid);
$this->assertEquals($uid, $this->us->getCurrentUserId());
$this->assertTrue($this->us->privateKeyExists($randKey));
}
/**
* @covers SemanticScuttle_Service_User::isPrivateKeyValid
*/
public function testIsPrivateKeyValid()
{
$this->assertFalse(
$this->us->isPrivateKeyValid(null),
'NULL is an invalid private key'
);
$randKey = $this->us->getNewPrivateKey();
$this->assertTrue(
$this->us->isPrivateKeyValid($randKey),
'generated key should be valid'
);
$randKey2 = '-'.$this->us->getNewPrivateKey();
$this->assertFalse(
$this->us->isPrivateKeyValid($randKey2),
'disabled privatekey should return false'
);
}
public function testLoginPrivateKeyInvalid()
{
/* normal user with enabled privatekey */
$randKey = $this->us->getNewPrivateKey();
$uid1 = $this->addUser('testusername', 'passw0rd', $randKey);
/* user that has disabled privatekey */
$randKey2 = '-'.$this->us->getNewPrivateKey();
$uid2 = $this->addUser('seconduser', 'passw0RD', $randKey2);
/* test invalid private key */
$this->assertFalse(
$this->us->loginPrivateKey('02848248084082408240824802408248')
);
}
public function testLoginPrivateKeyValidEnabledKey()
{
/* normal user with enabled privatekey */
$randKey = $this->us->getNewPrivateKey();
$uid1 = $this->addUser('testusername', 'passw0rd', $randKey);
/* user that has disabled privatekey */
$randKey2 = '-'.$this->us->getNewPrivateKey();
$uid2 = $this->addUser('seconduser', 'passw0RD', $randKey2);
/* test valid credentials with private key enabled */
$this->assertTrue(
$this->us->loginPrivateKey($randKey)
);
}
public function testLoginPrivateKeyInvalidEnabledKey()
{
/* normal user with enabled privatekey */
$randKey = $this->us->getNewPrivateKey();
$uid1 = $this->addUser('testusername', 'passw0rd', $randKey);
/* user that has disabled privatekey */
$randKey2 = '-'.$this->us->getNewPrivateKey();
$uid2 = $this->addUser('seconduser', 'passw0RD', $randKey2);
/* test valid credentials with private key enabled but invalid key */
$this->assertFalse(
$this->us->loginPrivateKey('123')
);
}
public function testLoginPrivateKeyValidDisabledKey()
{
/* normal user with enabled privatekey */
$randKey = $this->us->getNewPrivateKey();
$uid1 = $this->addUser('testusername', 'passw0rd', $randKey);
/* user that has disabled privatekey */
$randKey2 = '-'.$this->us->getNewPrivateKey();
$uid2 = $this->addUser('seconduser', 'passw0RD', $randKey2);
/* confirm user exists so future fails should be due to randkey */
$this->assertTrue(
$this->us->login('seconduser', 'passw0RD', false)
);
/* test valid credentials with private key disabled */
$this->assertFalse(
$this->us->loginPrivateKey($randKey2)
);
}
public function testLoginPrivateKeyInvalidDisabled()
{
/* normal user with enabled privatekey */
$randKey = $this->us->getNewPrivateKey();
$uid1 = $this->addUser('testusername', 'passw0rd', $randKey);
/* user that has disabled privatekey */
$randKey2 = '-'.$this->us->getNewPrivateKey();
$uid2 = $this->addUser('seconduser', 'passw0RD', $randKey2);
/* test valid credentials with private key disabled and invalid key */
$this->assertFalse(
$this->us->loginPrivateKey('-1')
);
$this->assertFalse(
$this->us->loginPrivateKey(null)
);
}
}
?>

1
www/.htaccess
View File

@ -3,7 +3,6 @@
# (see $cleanurls in config.inc.php)
#####################################
# Rewrite clean URLs onto real files
<IfModule mod_rewrite.c>
Options +FollowSymlinks

9
www/admin.php
View File

@ -45,11 +45,10 @@ if ( !$currentUser->isAdmin() ) {
exit();
}
@list($url, $action, $user) = isset($_SERVER['PATH_INFO']) ? explode('/', $_SERVER['PATH_INFO']) : NULL;
@list($url, $action, $user) = isset($_SERVER['PATH_INFO']) ? explode('/', $_SERVER['PATH_INFO']) : null;
if ( $action
&& (strpos($_SERVER['HTTP_REFERER'], ROOT.'admin') === 0) // Prevent CSRF attacks
) {
// Prevent CSRF attacks
if ($action && (strpos($_SERVER['HTTP_REFERER'], ROOT.'admin') === 0)) {
switch ($action) {
case 'delete':
if ($user && ($userinfo = $userservice->getUserByUsername($user))) {
@ -69,7 +68,7 @@ if ( $action
}
break;
case 'checkUrl' :
$bookmarks =& $bookmarkservice->getBookmarks(0, NULL, NULL, NULL, NULL, getSortOrder());
$bookmarks =& $bookmarkservice->getBookmarks(0, null, null, null, null, getSortOrder());
foreach ($bookmarks['bookmarks'] as $bookmark) {
if (!checkUrl($bookmark['bAddress'])) {
$tplVars['error'].= T_('Problem with ').$bookmark['bAddress'].' ('. $bookmark['username'] .')<br/>';

11
www/ajax/gettags.php
View File

@ -19,7 +19,8 @@ along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
***************************************************************************/
/* Return a json file with list of tags according to current user and sort by popularity*/
/* Return a json file with list of tags according */
/* to current user and sort by popularity */
$httpContentType = 'application/json';
require_once '../www-header.php';
@ -32,13 +33,11 @@ $bookmarkservice =SemanticScuttle_Service_Factory::get('Tag');
{identifier:"tag",
items: [
<?php
$listTags = $b2tservice->getPopularTags($userservice->getCurrentUserId(), 1000, $userservice->getCurrentUserId());
$listTags = $b2tservice->getPopularTags(
$userservice->getCurrentUserId(), 1000, $userservice->getCurrentUserId()
);
foreach ($listTags as $t) {
echo "{tag: \"".$t['tag']."\"},";
}
?>
]}

42
www/ajaxGetNewPrivateKey.php Normal file
View File

@ -0,0 +1,42 @@
<?php
/***************************************************************************
Copyright (C) 2005 - 2006 Scuttle project
http://sourceforge.net/projects/scuttle/
http://scuttle.org/
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
***************************************************************************/
header("Last-Modified: ". gmdate("D, d M Y H:i:s") ." GMT");
header("Cache-Control: no-cache, must-revalidate");
$httpContentType = 'text/xml';
require_once 'www-header.php';
$us = SemanticScuttle_Service_Factory::get('User');
/* Managing all possible inputs */
isset($_GET['url']) ? define('GET_URL', $_GET['url']): define('GET_URL', '');
echo '<?xml version="1.0" encoding="utf-8"?>';
?>
<response>
<method>
getNewPrivateKey
</method>
<result>
<?php echo $us->getNewPrivateKey(); ?>
</result>
</response>

3
www/ajaxGetTitle.php
View File

@ -28,7 +28,8 @@ require_once 'www-header.php';
/* Managing all possible inputs */
isset($_GET['url']) ? define('GET_URL', $_GET['url']): define('GET_URL', '');
function getTitle($url) {
function getTitle($url)
{
$fd = @fopen($url, 'r');
if ($fd) {
$html = fread($fd, 1750);

6
www/alltags.php
View File

@ -50,17 +50,15 @@ if ($usecache) {
$pagetitle = T_('All Tags');
if (isset($user) && $user != '') {
$userid = $userservice->getIdFromUser($user);
if($userid == NULL) {
if ($userid == null) {
$tplVars['error'] = sprintf(T_('User with username %s was not found'), $user);
$templateservice->loadTemplate('error.404.tpl', $tplVars);
exit();
}
$pagetitle .= ': '. ucfirst($user);
} else {
$userid = NULL;
$userid = null;
}
$tags =& $b2tservice->getTags($userid);

15
www/api/export_csv.php
View File

@ -41,21 +41,26 @@ echo 'url;title;tags;description';
echo "\n";
foreach ($bookmarks['bookmarks'] as $row) {
if (is_null($row['bDescription']) || (trim($row['bDescription']) == ''))
if (is_null($row['bDescription']) || (trim($row['bDescription']) == '')) {
$description = '';
else
$description = filter(str_replace(array("\r\n", "\n", "\r"),"", $row['bDescription']), 'xml');
} else {
$description = filter(
str_replace(array("\r\n", "\n", "\r"), "", $row['bDescription']), 'xml'
);
}
$taglist = '';
if (count($row['tags']) > 0) {
foreach($row['tags'] as $tag)
foreach ($row['tags'] as $tag) {
$taglist .= convertTag($tag) .',';
}
$taglist = substr($taglist, 0, -1);
} else {
$taglist = 'system:unfiled';
}
echo '"'.filter($row['bAddress'], 'xml') .'";"'. filter($row['bTitle'], 'xml') .'";"'. filter($taglist, 'xml') .'";"'. $description .'"';
echo '"'.filter($row['bAddress'], 'xml') .'";"'. filter($row['bTitle'], 'xml') .
'";"'. filter($taglist, 'xml') .'";"'. $description .'"';
echo "\n";
}

36
www/api/export_gcs.php
View File

@ -1,22 +1,34 @@
<?php
/*
Export for Google Custom Search
/**
* Export for Google Custom Search
*
* PHP version 5.
*
* @category Bookmarking
* @package SemanticScuttle
* @author Benjamin Huynh-Kim-Bang <mensonge@users.sourceforge.net>
* @author Christian Weiske <cweiske@cweiske.de>
* @author Eric Dane <ericdane@users.sourceforge.net>
* @license GPL http://www.gnu.org/licenses/gpl.html
* @link http://sourceforge.net/projects/semanticscuttle
*/
// Force HTTP authentication first!
//require_once('httpauth.inc.php');
$httpContentType = false;
require_once '../www-header.php';
if ($GLOBALS['enableGoogleCustomSearch'] == false) {
echo "Google Custom Search disabled. You can enable it into the config.php file.";
echo "Google Custom Search disabled. " .
"You can enable it into the config.php file.";
die;
}
/* Service creation: only useful services are created */
$bookmarkservice = SemanticScuttle_Service_Factory::get('Bookmark');
/*
// Restrict to admins?
if(!$userservice->isAdmin($userservice->getCurrentUserId())) {
@ -24,19 +36,23 @@ $bookmarkservice =SemanticScuttle_Service_Factory::get('Bookmark');
}*/
// Check if queried format is xml
if (isset($_REQUEST['xml']) && (trim($_REQUEST['xml']) == 1))
if (isset($_REQUEST['xml']) && (trim($_REQUEST['xml']) == 1)) {
$xml = true;
else
} else {
$xml = false;
}
// Check to see if a tag was specified.
if (isset($_REQUEST['tag']) && (trim($_REQUEST['tag']) != ''))
if (isset($_REQUEST['tag']) && (trim($_REQUEST['tag']) != '')) {
$tag = trim($_REQUEST['tag']);
else
$tag = NULL;
} else {
$tag = null;
}
// Get the posts relevant to the passed-in variables.
$bookmarks =& $bookmarkservice->getBookmarks(0, NULL, NULL, $tag, NULL, getSortOrder());
$bookmarks =& $bookmarkservice->getBookmarks(
0, null, null, $tag, null, getSortOrder()
);
// Set up the plain file and output all the posts.

12
www/api/export_html.php
View File

@ -50,11 +50,13 @@ echo '<!DOCTYPE NETSCAPE-Bookmark-file-1>'."\r\n";
echo '<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=UTF-8" />';
echo '<!-- This is an automatically generated file. -->'."\r\n";
echo '<TITLE>Bookmarks</TITLE>'."\r\n";
echo '<H1 LAST_MODIFIED="'. date('U') .'">Bookmarks for '. htmlspecialchars($currentUser->getUsername()) .''. (is_null($tag) ? '' : ' tag="'. htmlspecialchars($tag) .'"') ." from " . $sitename ."</H1>\r\n";
echo '<H1 LAST_MODIFIED="'. date('U');
echo '">Bookmarks for '. htmlspecialchars($currentUser->getUsername());
echo (is_null($tag) ? '' : ' tag="'. htmlspecialchars($tag) .'"');
echo ' from ' . $sitename .'</H1>\r\n';
echo '<DL>'."\r\n";
foreach ($bookmarks['bookmarks'] as $row) {
if (is_null($row['bDescription']) || (trim($row['bDescription']) == '')) {
$description = '';
@ -73,7 +75,11 @@ foreach ($bookmarks['bookmarks'] as $row) {
$taglist = 'system:unfiled';
}
echo "\t<DT><A HREF=\"". filter($row['bAddress'], 'xml') .'" '. $description .' hash="'. md5($row['bAddress']) .'" tags="'. filter($taglist, 'xml') .'" ADD_DATE="'. date('U', strtotime($row['bDatetime'])) ."\" >" . filter($row['bTitle'], 'xml') ."</a>\r\n";
echo "\t<DT><A HREF=\"". filter($row['bAddress'], 'xml') .'" ';
echo $description .' hash="'. md5($row['bAddress']) .'" tags="';
echo filter($taglist, 'xml') .'" ADD_DATE="';
echo date('U', strtotime($row['bDatetime']));
echo "\" >" . filter($row['bTitle'], 'xml') ."</a>\r\n";
}

53
www/api/export_sioc.php
View File

@ -1,5 +1,22 @@
<?php
/* Export data with semantic format (SIOC: http://sioc-project.org/, FOAF, SKOS, Annotea Ontology) */
/**
* Export data with semantic format
*
* (SIOC: http://sioc-project.org/, FOAF, SKOS, Annotea Ontology)
*
* SemanticScuttle - your social bookmark manager.
*
* PHP version 5.
*
* @category Bookmarking
* @package SemanticScuttle
* @author Benjamin Huynh-Kim-Bang <mensonge@users.sourceforge.net>
* @author Christian Weiske <cweiske@cweiske.de>
* @author Eric Dane <ericdane@users.sourceforge.net>
* @license GPL http://www.gnu.org/licenses/gpl.html
* @link http://sourceforge.net/projects/semanticscuttle
*/
$httpContentType = 'text/xml';
require_once '../www-header.php';
@ -40,16 +57,14 @@ $usersArray = array(); // useful for bookmarks display
foreach ($users as $user) {
$usersArray[$user->getId()] = $user->getUserName();
}
?>
<?php foreach($users as $user) :?>
foreach ($users as $user) { ?>
<sioc:User rdf:about="<?php echo createUrl('profile', $user->getUserName())?>">
<sioc:name><?php echo $user->getUserName() ?></sioc:name>
<sioc:member_of rdf:resource="<?php echo ROOT?>" />
</sioc:User>
<?php endforeach; ?>
<?php
}
/*
No page for usergroup (users/admin) for the moment
<sioc:Usergroup rdf:ID="authors">
@ -57,31 +72,33 @@ No page for usergroup (users/admin) for the moment
<sioc:has_member rdf:nodeID="sioc-id2245901" />
</sioc:Usergroup>
*/
?>
<?php
//bookmarks are described using Annotea ontology
$bookmarks =& $bookmarkservice->getBookmarks(0, NULL, NULL, NULL);
?>
$bookmarks =& $bookmarkservice->getBookmarks(0, null, null, null);
<?php foreach($bookmarks['bookmarks'] as $bookmark): ?>
foreach ($bookmarks['bookmarks'] as $bookmark) { ?>
<bm:Bookmark rdf:about="<?php echo createUrl('history', $bookmark['bHash']) ?>">
<dc:title><?php echo filter($bookmark['bTitle']) ?></dc:title>
<dc:created><?php echo filter($bookmark['bCreated']) ?></dc:created>
<dc:description><?php echo filter(strip_tags($bookmark['bDescription'])) ?></dc:description>
<dc:description><?php echo filter(strip_tags($bookmark['bDescription'])) ?>
</dc:description>
<dc:date><?php echo $bookmark['bDateTime'] ?></dc:date>
<bm:recalls rdf:resource="<?php echo filter($bookmark['bAddress']) ?>"/>
<sioc:owner_of rdf:resource="<?php echo createUrl('profile', $usersArray[$bookmark['uId']]) ?>"/>
<?php foreach($bookmark['tags'] as $tag): ?>
<sioc:owner_of rdf:resource="<?php
echo createUrl('profile', $usersArray[$bookmark['uId']])
?>"/>
<?php foreach ($bookmark['tags'] as $tag) { ?>
<sioc:topic>
<skos:concept rdf:about="<?php echo createUrl('bookmarks', $usersArray[$bookmark['uId']].'/'.$tag) ?>" />
<skos:concept rdf:about="<?php
echo createUrl('bookmarks', $usersArray[$bookmark['uId']].'/'.$tag)
?>" />
</sioc:topic>
<?php endforeach; ?>
<?php } ?>
</bm:Bookmark>
<?php endforeach; ?>
<?php
}
// tags and concepts are described using SKOS ontology
//concept for user/admins, preflabel, definition, top concept
?>

8
www/api/httpauth.inc.php
View File

@ -1,4 +1,5 @@
<?php
/**
* Checks if the user is logged on and sends a HTTP basic auth
* request to the browser if not. In that case the script ends.
@ -17,10 +18,13 @@
* @license GPL http://www.gnu.org/licenses/gpl.html
* @link http://sourceforge.net/projects/semanticscuttle
*/
require_once '../www-header.php';
/**
* Sends HTTP auth headers to the browser
*
* @return nothing
*/
function authenticate()
{
@ -46,7 +50,8 @@ if (!$userservice->isLoggedOn()) {
authenticate();
} else {
$login = $userservice->login(
$_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']
$_SERVER['PHP_AUTH_USER'],
$_SERVER['PHP_AUTH_PW']
);
if ($login) {
$currentUser = $userservice->getCurrentObjectUser();
@ -55,4 +60,5 @@ if (!$userservice->isLoggedOn()) {
}
}
}
?>

15
www/api/opensearch.php
View File

@ -1,7 +1,22 @@
<?php
/**
* Perform OpenSearch
*
* PHP version 5.
*
* @category Bookmarking
* @package SemanticScuttle
* @author Benjamin Huynh-Kim-Bang <mensonge@users.sourceforge.net>
* @author Christian Weiske <cweiske@cweiske.de>
* @author Eric Dane <ericdane@users.sourceforge.net>
* @license GPL http://www.gnu.org/licenses/gpl.html
* @link http://sourceforge.net/projects/semanticscuttle
*/
$httpContentType = 'text/xml';
require_once '../www-header.php';
?>
<?xml version="1.0" encoding="utf-8" ?>
<OpenSearchDescription xmlns="http://a9.com/-/spec/opensearch/1.1/">
<ShortName><?php echo $GLOBALS['sitename']?></ShortName>

5
www/api/posts_add.php
View File

@ -2,7 +2,10 @@
/**
* API for adding a new bookmark.
*
* PHP version 5.
*
* The following POST and GET parameters are accepted:
*
* @param string $url URL of the bookmark (required)
* @param string $description Bookmark title (required)
* @param string $extended Extended bookmark description (optional)
@ -28,8 +31,6 @@
*
* SemanticScuttle - your social bookmark manager.
*
* PHP version 5.
*
* @category Bookmarking
* @package SemanticScuttle
* @author Benjamin Huynh-Kim-Bang <mensonge@users.sourceforge.net>

51
www/api/posts_all.php
View File

@ -1,8 +1,21 @@
<?php
// Implements the del.icio.us API request for all a user's posts, optionally filtered by tag.
// del.icio.us behavior:
// - doesn't include the filtered tag as an attribute on the root element (we do)
/**
* Implements the del.icio.us API request for all a user's posts
* optionally filtered by tag.
*
* del.icio.us behavior:
* - doesn't include the filtered tag as an attribute on the root element (we do)
*
* PHP version 5.
*
* @category Bookmarking
* @package SemanticScuttle
* @author Benjamin Huynh-Kim-Bang <mensonge@users.sourceforge.net>
* @author Christian Weiske <cweiske@cweiske.de>
* @author Eric Dane <ericdane@users.sourceforge.net>
* @license GPL http://www.gnu.org/licenses/gpl.html
* @link http://sourceforge.net/projects/semanticscuttle
*/
//Force HTTP authentication first!
$httpContentType = 'text/xml';
@ -13,34 +26,44 @@ $bookmarkservice =SemanticScuttle_Service_Factory::get('Bookmark');
// Check to see if a tag was specified.
if (isset($_REQUEST['tag']) && (trim($_REQUEST['tag']) != ''))
if (isset($_REQUEST['tag']) && (trim($_REQUEST['tag']) != '')) {
$tag = trim($_REQUEST['tag']);
else
$tag = NULL;
} else {
$tag = null;
}
// Get the posts relevant to the passed-in variables.
$bookmarks =& $bookmarkservice->getBookmarks(0, NULL, $userservice->getCurrentUserId(), $tag);
$bookmarks =& $bookmarkservice->getBookmarks(
0, null, $userservice->getCurrentUserId(), $tag
);
// Set up the XML file and output all the posts.
echo '<?xml version="1.0" standalone="yes" ?'.">\r\n";
echo '<posts update="'. gmdate('Y-m-d\TH:i:s\Z') .'" user="'. htmlspecialchars($currentUser->getUsername()) .'"'. (is_null($tag) ? '' : ' tag="'. htmlspecialchars($tag) .'"') .">\r\n";
echo '<posts update="'. gmdate('Y-m-d\TH:i:s\Z');
echo '" user="'. htmlspecialchars($currentUser->getUsername());
echo '"'. (is_null($tag) ? '' : ' tag="'. htmlspecialchars($tag) .'"') .">\r\n";
foreach ($bookmarks['bookmarks'] as $row) {
if (is_null($row['bDescription']) || (trim($row['bDescription']) == ''))
if (is_null($row['bDescription']) || (trim($row['bDescription']) == '')) {
$description = '';
else
} else {
$description = 'extended="'. filter($row['bDescription'], 'xml') .'" ';
}
$taglist = '';
if (count($row['tags']) > 0) {
foreach($row['tags'] as $tag)
foreach ($row['tags'] as $tag) {
$taglist .= convertTag($tag) .' ';
}
$taglist = substr($taglist, 0, -1);
} else {
$taglist = 'system:unfiled';
}
echo "\t<post href=\"". filter($row['bAddress'], 'xml') .'" description="'. filter($row['bTitle'], 'xml') .'" '. $description .'hash="'. md5($row['bAddress']) .'" tag="'. filter($taglist, 'xml') .'" time="'. gmdate('Y-m-d\TH:i:s\Z', strtotime($row['bDatetime'])) ."\" />\r\n";
echo "\t<post href=\"". filter($row['bAddress'], 'xml');
echo '" description="'. filter($row['bTitle'], 'xml');
echo '" '. $description .'hash="'. md5($row['bAddress']);
echo '" tag="'. filter($taglist, 'xml') .'" time="';
echo gmdate('Y-m-d\TH:i:s\Z', strtotime($row['bDatetime'])) ."\" />\r\n";
}
echo '</posts>';

3
www/api/posts_dates.php
View File

@ -38,7 +38,8 @@ $bookmarks = $bookmarkservice->getBookmarks(
// Set up the XML file and output all the tags.
echo '<?xml version="1.0" standalone="yes" ?'.">\r\n";
echo '<dates tag="'. (is_null($tag) ? '' : filter($tag, 'xml')) .'" user="'. filter($currentUser->getUsername(), 'xml') ."\">\r\n";
echo '<dates tag="'. (is_null($tag) ? '' : filter($tag, 'xml'));
echo '" user="'. filter($currentUser->getUsername(), 'xml') ."\">\r\n";
$lastdate = null;
$count = 0;

15
www/api/posts_get.php
View File

@ -6,7 +6,8 @@
* uses GMT dates -- so we do too.
*
* del.icio.us behavior:
* - includes an empty tag attribute on the root element when it hasn't been specified
* - includes an empty tag attribute on the root element
* when it hasn't been specified
*
* Scuttle behavior:
* - Uses today, instead of the last bookmarked date, if no date is specified
@ -56,7 +57,9 @@ $bookmarks = $bookmarkservice->getBookmarks(
// Set up the XML file and output all the tags.
echo '<?xml version="1.0" standalone="yes" ?'.">\r\n";
echo '<posts'. (is_null($dtstart) ? '' : ' dt="'. $dtstart .'"') .' tag="'. (is_null($tag) ? '' : filter($tag, 'xml')) .'" user="'. filter($currentUser->getUsername(), 'xml') ."\">\r\n";
echo '<posts'. (is_null($dtstart) ? '' : ' dt="'. $dtstart .'"') .' tag="';
echo (is_null($tag) ? '' : filter($tag, 'xml')) .'" user="';
echo filter($currentUser->getUsername(), 'xml') ."\">\r\n";
foreach ($bookmarks['bookmarks'] as $row) {
if (is_null($row['bDescription']) || (trim($row['bDescription']) == '')) {
@ -75,7 +78,13 @@ foreach ($bookmarks['bookmarks'] as $row) {
$taglist = 'system:unfiled';
}
echo "\t<post href=\"". filter($row['bAddress'], 'xml') .'" description="'. filter($row['bTitle'], 'xml') .'" '. $description .'hash="'. $row['bHash'] .'" others="'. $bookmarkservice->countOthers($row['bAddress']) .'" tag="'. filter($taglist, 'xml') .'" time="'. gmdate('Y-m-d\TH:i:s\Z', strtotime($row['bDatetime'])) ."\" />\r\n";
echo "\t<post href=\"". filter($row['bAddress'], 'xml');
echo '" description="'. filter($row['bTitle'], 'xml');
echo '" '. $description .'hash="'. $row['bHash'];
echo '" others="'. $bookmarkservice->countOthers($row['bAddress']);
echo '" tag="'. filter($taglist, 'xml');
echo '" time="'. gmdate('Y-m-d\TH:i:s\Z', strtotime($row['bDatetime'])) ."\" />";
echo "\r\n";
}
echo '</posts>';

49
www/api/posts_public.php
View File

@ -1,8 +1,21 @@
<?php
// Implements the del.icio.us API request for all a user's posts, optionally filtered by tag.
// del.icio.us behavior:
// - doesn't include the filtered tag as an attribute on the root element (we do)
/**
* Implements the del.icio.us API request for all a user's posts
* optionally filtered by tag.
*
* del.icio.us behavior:
* - doesn't include the filtered tag as an attribute on the root element (we do)
*
* PHP version 5.
*
* @category Bookmarking
* @package SemanticScuttle
* @author Benjamin Huynh-Kim-Bang <mensonge@users.sourceforge.net>
* @author Christian Weiske <cweiske@cweiske.de>
* @author Eric Dane <ericdane@users.sourceforge.net>
* @license GPL http://www.gnu.org/licenses/gpl.html
* @link http://sourceforge.net/projects/semanticscuttle
*/
// Force HTTP authentication first!
//require_once('httpauth.inc.php');
@ -14,34 +27,42 @@ $bookmarkservice =SemanticScuttle_Service_Factory::get('Bookmark');
// Check to see if a tag was specified.
if (isset($_REQUEST['tag']) && (trim($_REQUEST['tag']) != ''))
if (isset($_REQUEST['tag']) && (trim($_REQUEST['tag']) != '')) {
$tag = trim($_REQUEST['tag']);
else
$tag = NULL;
} else {
$tag = null;
}
// Get the posts relevant to the passed-in variables.
$bookmarks =& $bookmarkservice->getBookmarks(0, NULL, NULL, $tag);
$bookmarks =& $bookmarkservice->getBookmarks(0, null, null, $tag);
// Set up the XML file and output all the posts.
echo '<?xml version="1.0" standalone="yes" ?'.">\r\n";
echo '<posts update="'. gmdate('Y-m-d\TH:i:s\Z') .'" '. (is_null($tag) ? '' : ' tag="'. htmlspecialchars($tag) .'"') .">\r\n";
echo '<posts update="'. gmdate('Y-m-d\TH:i:s\Z') .'" ';
echo (is_null($tag) ? '' : ' tag="'. htmlspecialchars($tag) .'"') .">\r\n";
foreach ($bookmarks['bookmarks'] as $row) {
if (is_null($row['bDescription']) || (trim($row['bDescription']) == ''))
if (is_null($row['bDescription']) || (trim($row['bDescription']) == '')) {
$description = '';
else
} else {
$description = 'extended="'. filter($row['bDescription'], 'xml') .'" ';
}
$taglist = '';
if (count($row['tags']) > 0) {
foreach($row['tags'] as $tag)
foreach ($row['tags'] as $tag) {
$taglist .= convertTag($tag) .' ';
}
$taglist = substr($taglist, 0, -1);
} else {
$taglist = 'system:unfiled';
}
echo "\t<post href=\"". filter($row['bAddress'], 'xml') .'" description="'. filter($row['bTitle'], 'xml') .'" '. $description .'hash="'. md5($row['bAddress']) .'" tag="'. filter($taglist, 'xml') .'" time="'. gmdate('Y-m-d\TH:i:s\Z', strtotime($row['bDatetime'])) ."\" />\r\n";
echo "\t<post href=\"". filter($row['bAddress'], 'xml');
echo '" description="'. filter($row['bTitle'], 'xml');
echo '" '. $description .'hash="'. md5($row['bAddress']);
echo '" tag="'. filter($taglist, 'xml');
echo '" time="'. gmdate('Y-m-d\TH:i:s\Z', strtotime($row['bDatetime'])) ."\" />";
echo "\r\n";
}
echo '</posts>';

10
www/api/posts_recent.php
View File

@ -56,7 +56,8 @@ $bookmarks = $bookmarkservice->getBookmarks(
// Set up the XML file and output all the tags.
echo '<?xml version="1.0" standalone="yes" ?'.">\r\n";
echo '<posts tag="'. (is_null($tag) ? '' : filter($tag, 'xml')) .'" user="'. filter($currentUser->getUsername(), 'xml') ."\">\r\n";
echo '<posts tag="'. (is_null($tag) ? '' : filter($tag, 'xml'));
echo '" user="'. filter($currentUser->getUsername(), 'xml') ."\">\r\n";
foreach ($bookmarks['bookmarks'] as $row) {
if (is_null($row['bDescription']) || (trim($row['bDescription']) == '')) {
@ -75,7 +76,12 @@ foreach ($bookmarks['bookmarks'] as $row) {
$taglist = 'system:unfiled';
}
echo "\t<post href=\"". filter($row['bAddress'], 'xml') .'" description="'. filter($row['bTitle'], 'xml') .'" '. $description .'hash="'. $row['bHash'] .'" tag="'. filter($taglist, 'xml') .'" time="'. gmdate('Y-m-d\TH:i:s\Z', strtotime($row['bDatetime'])) ."\" />\r\n";
echo "\t<post href=\"". filter($row['bAddress'], 'xml');
echo '" description="'. filter($row['bTitle'], 'xml');
echo '" '. $description .'hash="'. $row['bHash'];
echo '" tag="'. filter($taglist, 'xml');
echo '" time="'. gmdate('Y-m-d\TH:i:s\Z', strtotime($row['bDatetime'])) ."\" />";
echo "\r\n";
}
echo '</posts>';

23
www/api/tags_get.php
View File

@ -1,8 +1,22 @@
<?php
// Implements the del.icio.us API request for all a user's tags.
// del.icio.us behavior:
// - tags can't have spaces
/**
* Implements the del.icio.us API request for all a user's tags.
*
* del.icio.us behavior:
* - tags can't have spaces
*
* PHP version 5.
*
* @category Bookmarking
* @package SemanticScuttle
* @author Benjamin Huynh-Kim-Bang <mensonge@users.sourceforge.net>
* @author Christian Weiske <cweiske@cweiske.de>
* @author Eric Dane <ericdane@users.sourceforge.net>
* @license GPL http://www.gnu.org/licenses/gpl.html
* @link http://sourceforge.net/projects/semanticscuttle
*/
// Force HTTP authentication first!
$httpContentType = 'text/xml';
@ -19,7 +33,8 @@ $tags =& $b2tservice->getTags($userservice->getCurrentUserId());
echo '<?xml version="1.0" standalone="yes" ?'.">\r\n";
echo "<tags>\r\n";
foreach ($tags as $row) {
echo "\t<tag count=\"". $row['bCount'] .'" tag="'. filter(convertTag($row['tag'], 'out'), 'xml') ."\" />\r\n";
echo "\t<tag count=\"". $row['bCount'] .'" tag="';
echo filter(convertTag($row['tag'], 'out'), 'xml') ."\" />\r\n";
}
echo "</tags>";
?>

39
www/api/tags_rename.php
View File

@ -1,8 +1,21 @@
<?php
// Implements the del.icio.us API request to rename a user's tag.
// del.icio.us behavior:
// - oddly, returns an entirely different result (<result></result>) than the other API calls.
/**
* Implements the del.icio.us API request to rename a user's tag.
*
* del.icio.us behavior:
* - oddly, returns an entirely different result (<result></result>) than
* the other API calls.
*
* PHP version 5.
*
* @category Bookmarking
* @package SemanticScuttle
* @author Benjamin Huynh-Kim-Bang <mensonge@users.sourceforge.net>
* @author Christian Weiske <cweiske@cweiske.de>
* @author Eric Dane <ericdane@users.sourceforge.net>
* @license GPL http://www.gnu.org/licenses/gpl.html
* @link http://sourceforge.net/projects/semanticscuttle
*/
// Force HTTP authentication first!
$httpContentType = 'text/xml';
@ -12,21 +25,25 @@ require_once 'httpauth.inc.php';
$b2tservice = SemanticScuttle_Service_Factory::get('Bookmark2Tag');
// Get the tag info.
if (isset($_REQUEST['old']) && (trim($_REQUEST['old']) != ''))
if (isset($_REQUEST['old']) && (trim($_REQUEST['old']) != '')) {
$old = trim($_REQUEST['old']);
else
$old = NULL;
} else {
$old = null;
}
if (isset($_REQUEST['new']) && (trim($_REQUEST['new']) != ''))
if (isset($_REQUEST['new']) && (trim($_REQUEST['new']) != '')) {
$new = trim($_REQUEST['new']);
else
$new = NULL;
} else {
$new = null;
}
if (is_null($old) || is_null($new)) {
$renamed = false;
} else {
// Rename the tag.
$result = $b2tservice->renameTag($userservice->getCurrentUserId(), $old, $new, true);
$result = $b2tservice->renameTag(
$userservice->getCurrentUserId(), $old, $new, true
);
$renamed = $result;
}

6
www/bookmarkcommondescriptionedit.php
View File

@ -41,11 +41,9 @@ if(!isset($_POST['referrer'])) {
define('POST_REFERRER', $_POST['referrer']);
}
list ($url, $hash) = explode('/', $_SERVER['PATH_INFO']);
$template = 'bookmarkcommondescriptionedit.tpl';
//permissions
if (is_null($currentUser)) {
$tplVars['error'] = T_('Permission denied.');
@ -54,9 +52,7 @@ if(is_null($currentUser)) {
}
if (POST_CONFIRM) {
if (strlen($hash)>0 &&
$cdservice->addBookmarkDescription(POST_HASH, stripslashes(POST_TITLE), stripslashes(POST_DESCRIPTION), $currentUser->getId(), time())
) {
if (strlen($hash)>0 && $cdservice->addBookmarkDescription(POST_HASH, stripslashes(POST_TITLE), stripslashes(POST_DESCRIPTION), $currentUser->getId(), time())) {
$tplVars['msg'] = T_('Bookmark common description updated');
header('Location: '. POST_REFERRER);
} else {

11
www/bookmarks.php
View File

@ -67,9 +67,7 @@ if ($userservice->isLoggedOn()) {
$currentUsername = $currentUser->getUsername();
}
@list($url, $user, $cat) = isset($_SERVER['PATH_INFO']) ? explode('/', $_SERVER['PATH_INFO']) : NULL;
@list($url, $user, $cat) = isset($_SERVER['PATH_INFO']) ? explode('/', $_SERVER['PATH_INFO']) : null;
$endcache = false;
if ($usecache) {
@ -116,9 +114,7 @@ if ($cat) {
$catTitleWithUrls = substr($catTitleWithUrls, 0, strlen($catTitleWithUrls) - strlen(' + '));
$pagetitle .= $catTitleWithUrls;
}
else
{
} else {
$catTitleWithUrls = '';
}
$pagetitle = substr($pagetitle, 2);
@ -173,7 +169,7 @@ if ($userservice->isLoggedOn() && POST_SUBMITTED != '') {
if (GET_ACTION == "add") {
// If the bookmark exists already, edit the original
if ($bookmarkservice->bookmarkExists(stripslashes(GET_ADDRESS), $currentUserID)) {
$bookmark =& $bookmarkservice->getBookmarks(0, NULL, $currentUserID, NULL, NULL, NULL, NULL, NULL, NULL, $bookmarkservice->getHash(stripslashes(GET_ADDRESS)));
$bookmark =& $bookmarkservice->getBookmarks(0, null, $currentUserID, null, null, null, null, null, null, $bookmarkservice->getHash(stripslashes(GET_ADDRESS)));
$popup = (GET_POPUP!='') ? '?popup=1' : '';
header('Location: '. createURL('edit', $bookmark['bookmarks'][0]['bId'] . $popup));
exit();
@ -288,7 +284,6 @@ if ($templatename == 'editbookmark.tpl') {
$tplVars['summarizeLinkedTags'] = true;
$tplVars['pageName'] = PAGE_BOOKMARKS;
$templateservice->loadTemplate($templatename, $tplVars);
if ($usecache && $endcache) {

3
www/edit.php
View File

@ -52,15 +52,12 @@ if (!($row = $bookmarkservice->getBookmark(intval($bookmark), true))) {
$templateservice->loadTemplate('error.404.tpl', $tplVars);
exit();
} else {
if (!$bookmarkservice->editAllowed($row)) {
$tplVars['error'] = T_('You are not allowed to edit this bookmark');
$templateservice->loadTemplate('error.500.tpl', $tplVars);
exit();
} else if (POST_SUBMITTED != '') {
if (!POST_TITLE || !POST_ADDRESS) {
$tplVars['error'] = T_('Your bookmark must have a title and an address');
} else {

14
www/gsearch/context.php
View File

@ -1,4 +1,18 @@
<?php
/**
* Google custom search
*
* PHP version 5.
*
* @category Bookmarking
* @package SemanticScuttle
* @author Benjamin Huynh-Kim-Bang <mensonge@users.sourceforge.net>
* @author Christian Weiske <cweiske@cweiske.de>
* @author Eric Dane <ericdane@users.sourceforge.net>
* @license GPL http://www.gnu.org/licenses/gpl.html
* @link http://sourceforge.net/projects/semanticscuttle
*/
require_once '../www-header.php';
if ($GLOBALS['enableGoogleCustomSearch'] == false) {

2
www/gsearch/index.php
View File

@ -43,5 +43,3 @@ if($GLOBALS['enableGoogleCustomSearch']==false) {
</center>
</body>
</html>

6
www/history.php
View File

@ -29,9 +29,7 @@ $cacheservice =SemanticScuttle_Service_Factory::get('Cache');
isset($_GET['page']) ? define('GET_PAGE', $_GET['page']): define('GET_PAGE', 0);
isset($_GET['sort']) ? define('GET_SORT', $_GET['sort']): define('GET_SORT', '');
@list($url, $hash) = isset($_SERVER['PATH_INFO']) ? explode('/', $_SERVER['PATH_INFO']) : NULL;
@list($url, $hash) = isset($_SERVER['PATH_INFO']) ? explode('/', $_SERVER['PATH_INFO']) : null;
if ($usecache) {
// Generate hash for caching on
@ -57,7 +55,7 @@ if (intval(GET_PAGE) > 1) {
if ($bookmark =& $bookmarkservice->getBookmarkByHash($hash)) {
// Template variables
$bookmarks =& $bookmarkservice->getBookmarks($start, $perpage, NULL, NULL, NULL, getSortOrder(), NULL, NULL, NULL, $hash);
$bookmarks =& $bookmarkservice->getBookmarks($start, $perpage, null, null, null, getSortOrder(), null, null, null, $hash);
$tplVars['pagetitle'] = T_('History') .': '. $bookmark['bAddress'];
$tplVars['subtitle'] = sprintf(T_('History for %s'), $bookmark['bAddress']);
$tplVars['loadjs'] = true;

22
www/import.php
View File

@ -43,14 +43,17 @@ if ($userservice->isLoggedOn() && sizeof($_FILES) > 0 && $_FILES['userfile']['si
$xml_parser = xml_parser_create();
xml_set_element_handler($xml_parser, "startElement", "endElement");
if (!($fp = fopen($_FILES['userfile']['tmp_name'], "r")))
if (!($fp = fopen($_FILES['userfile']['tmp_name'], "r"))) {
die(T_("Could not open XML input"));
}
while ($data = fread($fp, 4096)) {
if (!xml_parse($xml_parser, $data, feof($fp))) {
die(sprintf(T_("XML error: %s at line %d"),
die(sprintf(
T_("XML error: %s at line %d"),
xml_error_string(xml_get_error_code($xml_parser)),
xml_get_current_line_number($xml_parser)));
xml_get_current_line_number($xml_parser)
));
}
}
xml_parser_free($xml_parser);
@ -62,9 +65,8 @@ if ($userservice->isLoggedOn() && sizeof($_FILES) > 0 && $_FILES['userfile']['si
$templateservice->loadTemplate($templatename, $tplVars);
}
function startElement($parser, $name, $attrs) {
function startElement($parser, $name, $attrs)
{
global $depth, $status, $tplVars, $userservice;
$bookmarkservice = SemanticScuttle_Service_Factory::get('Bookmark');
@ -100,16 +102,18 @@ function startElement($parser, $name, $attrs) {
$bDatetime = gmdate('Y-m-d H:i:s');
}
if ($bookmarkservice->addBookmark($bAddress, $bTitle, $bDescription, '', $status, $tags, null, $bDatetime, true, true))
if ($bookmarkservice->addBookmark($bAddress, $bTitle, $bDescription, '', $status, $tags, null, $bDatetime, true, true)) {
$tplVars['msg'] = T_('Bookmark imported.');
else
} else {
$tplVars['error'] = T_('There was an error saving your bookmark. Please try again or contact the administrator.');
}
}
}
$depth[$parser]++;
}
function endElement($parser, $name) {
function endElement($parser, $name)
{
global $depth;
$depth[$parser]--;
}

19
www/index.php
View File

@ -30,7 +30,6 @@ isset($_GET['action']) ? define('GET_ACTION', $_GET['action']): define('GET_ACTI
isset($_GET['page']) ? define('GET_PAGE', $_GET['page']): define('GET_PAGE', 0);
isset($_GET['sort']) ? define('GET_SORT', $_GET['sort']): define('GET_SORT', '');
// Logout action
if (GET_ACTION == "logout") {
$userservice->logout();
@ -38,13 +37,23 @@ if (GET_ACTION == "logout") {
$tplvars['msg'] = T_('You have now logged out');
}
// Header variables
$tplVars['loadjs'] = true;
$tplVars['rsschannels'] = array(
array(sprintf(T_('%s: Recent bookmarks'), $sitename), createURL('rss').'?sort='.getSortOrder())
array(filter(sprintf(T_('%s: Recent bookmarks'), $sitename)), createURL('rss').'?sort='.getSortOrder())
);
if ($userservice->isLoggedOn()) {
$currentUsername = $currentUser->getUsername();
if ($userservice->isPrivateKeyValid($currentUser->getPrivateKey())) {
array_push(
$tplVars['rsschannels'],
array(
filter($sitename . sprintf(T_(': (private) ')) . $currentUsername),
createURL('rss', filter($currentUsername, 'url') . '?sort='.getSortOrder().'&amp;privatekey='.$currentUser->getPrivateKey())
)
);
}
}
if ($usecache) {
// Generate hash for caching on
$hashtext = $_SERVER['REQUEST_URI'];
@ -76,7 +85,7 @@ $tplVars['pagetitle'] = T_('Store, share and tag your favourite links');
$tplVars['subtitle'] = T_('All Bookmarks');
$tplVars['bookmarkCount'] = $start + 1;
$bookmarks = $bookmarkservice->getBookmarks($start, $perpage, NULL, NULL, NULL, getSortOrder(), NULL, 0, NULL);
$bookmarks = $bookmarkservice->getBookmarks($start, $perpage, null, null, null, getSortOrder(), null, 0, null);
$tplVars['total'] = $bookmarks['total'];
$tplVars['bookmarks'] =& $bookmarks['bookmarks'];

10
www/jsScuttle.php
View File

@ -89,6 +89,16 @@ function useAddress(ele) {
}
}
function getNewPrivateKey(input, response){
var pk = document.getElementById('pPrivateKey');
if (response != null) {
pk.value = response.trim();
} else {
loadXMLDocProc('<?php echo ROOT; ?>ajaxGetNewPrivateKey.php');
}
return false;
}
function getTitle(input, response){
var title = document.getElementById('titleField');
if (title.value == '') {

5
www/login.php
View File

@ -40,10 +40,11 @@ if (POST_SUBMITTED!='' && POST_USERNAME!='' && POST_PASSWORD!='') {
$posteduser = trim(utf8_strtolower(POST_USERNAME));
$login = $userservice->login($posteduser, POST_PASSWORD, $keeppass);
if ($login) {
if (POST_QUERY)
if (POST_QUERY) {
header('Location: '. createURL('bookmarks', $posteduser .'?'. POST_QUERY));
else
} else {
header('Location: '. createURL('bookmarks', $posteduser));
}
} else {
$tplVars['error'] = T_('The details you have entered are incorrect. Please try again.');
}

2
www/password.php
View File

@ -44,7 +44,7 @@ if (POST_SUBMITTED != '') {
// NO MATCH
$userinfo = $userservice->getObjectUserByUsername(POST_USERNAME);
if ($userinfo == NULL) {
if ($userinfo == null) {
$tplVars['error'] = T_('No matches found for that username.');
} elseif (POST_EMAIL != $userinfo->getEmail()) {

6
www/populartags.php
View File

@ -25,7 +25,7 @@ require_once 'www-header.php';
$b2tservice = SemanticScuttle_Service_Factory::get('Bookmark2Tag');
$cacheservice = SemanticScuttle_Service_Factory::get('Cache');
@list($url, $user) = isset($_SERVER['PATH_INFO']) ? explode('/', $_SERVER['PATH_INFO']) : NULL;
@list($url, $user) = isset($_SERVER['PATH_INFO']) ? explode('/', $_SERVER['PATH_INFO']) : null;
if ($usecache) {
// Generate hash for caching on
@ -48,7 +48,7 @@ $pagetitle = T_('Popular Tags');
if (isset($user) && $user != '') {
$userid = $userservice->getIdFromUser($user);
if($userid == NULL) {
if ($userid == null) {
$tplVars['error'] = sprintf(T_('User with username %s was not found'), $user);
$templateservice->loadTemplate('error.404.tpl', $tplVars);
//throw a 404 error
@ -57,7 +57,7 @@ if (isset($user) && $user != '') {
$pagetitle .= ': '. ucfirst($user);
} else {
$userid = NULL;
$userid = null;
}
$tags = $b2tservice->getPopularTags($userid, 150);

41
www/profile.php
View File

@ -25,10 +25,13 @@ require_once 'www-header.php';
// No specific services
/* Managing all possible inputs */
isset($_POST['submittedPK']) ? define('POST_SUBMITTEDPK', $_POST['submittedPK']): define('POST_SUBMITTEDPK', '');
isset($_POST['submitted']) ? define('POST_SUBMITTED', $_POST['submitted']): define('POST_SUBMITTED', '');
isset($_POST['pPass']) ? define('POST_PASS', $_POST['pPass']): define('POST_PASS', '');
isset($_POST['pPassConf']) ? define('POST_PASSCONF', $_POST['pPassConf']): define('POST_PASSCONF', '');
isset($_POST['pName']) ? define('POST_NAME', $_POST['pName']): define('POST_NAME', '');
isset($_POST['pPrivateKey']) ? define('POST_PRIVATEKEY', $_POST['pPrivateKey']): define('POST_PRIVATEKEY', '');
isset($_POST['pEnablePrivateKey']) ? define('POST_ENABLEPRIVATEKEY', $_POST['pEnablePrivateKey']): define('POST_ENABLEPRIVATEKEY', '');
isset($_POST['pMail']) ? define('POST_MAIL', $_POST['pMail']): define('POST_MAIL', '');
isset($_POST['pPage']) ? define('POST_PAGE', $_POST['pPage']): define('POST_PAGE', '');
isset($_POST['pDesc']) ? define('POST_DESC', $_POST['pDesc']): define('POST_DESC', '');
@ -38,16 +41,15 @@ isset($_SESSION['token']) ? define('SESSION_TOKEN', $_SESSION['token']): define(
isset($_SESSION['token_stamp']) ? define('SESSION_TOKENSTAMP', $_SESSION['token_stamp']): define('SESSION_TOKENSTAMP', '');
@list($url, $user) = isset($_SERVER['PATH_INFO']) ? explode('/', $_SERVER['PATH_INFO']) : NULL;
@list($url, $user) = isset($_SERVER['PATH_INFO']) ? explode('/', $_SERVER['PATH_INFO']) : null;
if ($user) {
if (is_int($user)) {
$userid = intval($user);
} else {
$user = urldecode($user);
$userinfo = $userservice->getObjectUserByUsername($user);
if ($userinfo == NULL) {
if ($userinfo == null) {
$tplVars['error'] = sprintf(T_('User with username %s was not found'), $user);
$templateservice->loadTemplate('error.404.tpl', $tplVars);
exit();
@ -61,10 +63,19 @@ if ($user) {
exit();
}
$tplVars['privateKeyIsEnabled'] = '';
if ($userservice->isLoggedOn() && $user == $currentUser->getUsername()) {
$title = T_('My Profile');
$tplVars['privateKey'] = $currentUser->getPrivateKey(true);
if ($userservice->isPrivateKeyValid($currentUser->getPrivateKey())) {
$tplVars['privateKeyIsEnabled'] = 'checked="checked"';
} else {
$tplVars['privateKeyIsEnabled'] = '';
}
} else {
$title = T_('Profile') .': '. $user;
$tplVars['privateKey'] = '';
}
$tplVars['pagetitle'] = $title;
$tplVars['subtitle'] = $title;
@ -72,19 +83,26 @@ $tplVars['subtitle'] = $title;
$tplVars['user'] = $user;
$tplVars['userid'] = $userid;
/* Update Private Key */
if (POST_SUBMITTEDPK!='' && $currentUser->getId() == $userid) {
$userinfo = $userservice->getObjectUserByUsername($user);
$tplVars['privateKey'] = $userservice->getNewPrivateKey();
}
if (POST_SUBMITTED!='' && $currentUser->getId() == $userid) {
$error = false;
$detPass = trim(POST_PASS);
$detPassConf = trim(POST_PASSCONF);
$detName = trim(POST_NAME);
$detPrivateKey = trim(POST_PRIVATEKEY);
$detEnablePrivateKey = trim(POST_ENABLEPRIVATEKEY);
$detMail = trim(POST_MAIL);
$detPage = trim(POST_PAGE);
$detDesc = filter(POST_DESC);
// manage token preventing from CSRF vulnaribilities
if ( SESSION_TOKEN == ''
|| time() - SESSION_TOKENSTAMP > 600 //limit token lifetime, optionnal
|| SESSION_TOKEN != POST_TOKEN) {
//limit token lifetime, optionnal
if ( SESSION_TOKEN == '' || time() - SESSION_TOKENSTAMP > 600 || SESSION_TOKEN != POST_TOKEN) {
$error = true;
$tplVars['error'] = T_('Invalid Token');
}
@ -102,13 +120,19 @@ if (POST_SUBMITTED!='' && $currentUser->getId() == $userid) {
$tplVars['error'] = T_('E-mail address is not valid.');
}
if (!$error) {
if (!$userservice->updateUser($userid, $detPass, $detName, $detMail, $detPage, $detDesc)) {
if (!$userservice->updateUser($userid, $detPass, $detName, $detMail, $detPage, $detDesc, $detPrivateKey, $detEnablePrivateKey)) {
$tplvars['error'] = T_('An error occurred while saving your changes.');
} else {
$tplVars['msg'] = T_('Changes saved.');
}
}
$userinfo = $userservice->getObjectUserByUsername($user);
$tplVars['privateKey'] = $userinfo->getPrivateKey(true);
if ($userservice->isPrivateKeyValid($userinfo->getPrivateKey())) {
$tplVars['privateKeyIsEnabled'] = 'checked="checked"';
} else {
$tplVars['privateKeyIsEnabled'] = '';
}
}
if (!$userservice->isLoggedOn() || $currentUser->getId() != $userid) {
@ -121,9 +145,10 @@ if (!$userservice->isLoggedOn() || $currentUser->getId() != $userid) {
$templatename = 'editprofile.tpl.php';
$tplVars['formaction'] = createURL('profile', $user);
$tplVars['token'] = $_SESSION['token'];
}
$tplVars['objectUser'] = $userinfo;
$tplVars['loadjs'] = true;
$templateservice->loadTemplate($templatename, $tplVars);
?>

40
www/rss.php
View File

@ -64,9 +64,14 @@ if (!isset($rssEntries) || $rssEntries <= 0) {
$rssEntries = $maxRssEntries;
}
$privatekey = null;
if (isset($_GET['privatekey'])) {
$privatekey = $_GET['privatekey'];
}
$watchlist = null;
$pagetitle = '';
$isTempLogin = false;
if ($user && $user != 'all') {
if ($user == 'watchlist') {
$user = $cat;
@ -78,17 +83,44 @@ if ($user && $user != 'all') {
} else {
if ($userinfo = $userservice->getUserByUsername($user)) {
$userid =& $userinfo[$userservice->getFieldName('primary')];
/* if user is not logged in and has valid privatekey */
if (!$userservice->isLoggedOn()) {
if ($privatekey != null) {
if ($userservice->loginPrivateKey($privatekey)) {
$isTempLogin = true;
} else {
$tplVars['error'] = sprintf(T_('Failed to Autenticate User with username %s using private key'), $user);
header('Content-type: text/html; charset=utf-8');
$templateservice->loadTemplate('error.404.tpl', $tplVars);
//throw a 404 error
exit();
}
}
}
} else {
$tplVars['error'] = sprintf(T_('User with username %s was not found'), $user);
header('Content-type: text/html; charset=utf-8');
$templateservice->loadTemplate('error.404.tpl', $tplVars);
//throw a 404 error
exit();
}
}
$pagetitle .= ": ". $user;
} else {
if ($privatekey != null) {
if ($userservice->loginPrivateKey($privatekey)) {
$isTempLogin = true;
} else {
$tplVars['error'] = sprintf(T_('Failed to Autenticate User with username %s using private key'), $user);
header('Content-type: text/html; charset=utf-8');
$templateservice->loadTemplate('error.404.tpl', $tplVars);
//throw a 404 error
exit();
}
} else {
$userid = null;
}
}
if ($cat) {
$pagetitle .= ": ". str_replace('+', ' + ', $cat);
@ -100,7 +132,8 @@ $tplVars['feeddescription'] = sprintf(T_('Recent bookmarks posted to %s'), $GLOB
$bookmarks = $bookmarkservice->getBookmarks(
0, $rssEntries, $userid, $cat,
null, getSortOrder(), $watchlist
null, getSortOrder(), $watchlist,
null, null, null
);
$bookmarks_tmp = filter($bookmarks['bookmarks']);
@ -134,6 +167,11 @@ $tplVars['feedlastupdate'] = date('r', strtotime($latestdate));
$templateservice->loadTemplate('rss.tpl', $tplVars);
/* If temporary login, please log out */
if ($isTempLogin) {
$userservice->logout();
}
if ($usecache) {
// Cache output if existing copy has expired
$cacheservice->End($hash);

26
www/search.php
View File

@ -46,17 +46,15 @@ $searchhistoryservice = SemanticScuttle_Service_Factory::get('SearchHistory');
/* Managing current logged user */
$currentUserId = $userservice->getCurrentUserId();
$exploded = isset($_SERVER['PATH_INFO'])
? explode('/', $_SERVER['PATH_INFO']) : null;
$exploded = isset($_SERVER['PATH_INFO']) ? explode('/', $_SERVER['PATH_INFO']) : null;
if (count($exploded) == 4) {
list($url, $range, $terms, $page) = $exploded;
} elseif (count($exploded) == 2) {
list($url, $range) = $exploded;
$terms = $page = NULL;
$terms = $page = null;
} else {
list($url, $range, $terms) = $exploded;
$page = NULL;
$page = null;
}
//some OpenSearch clients need that
$terms = urldecode($terms);
@ -73,10 +71,10 @@ if (intval(GET_PAGE) > 1) {
$start = 0;
}
$s_user = NULL;
$s_start = NULL;
$s_end = NULL;
$s_watchlist = NULL;
$s_user = null;
$s_start = null;
$s_end = null;
$s_watchlist = null;
// No search terms
if (is_null($terms)) {
@ -92,7 +90,7 @@ if (is_null($terms)) {
switch ($range) {
case 'all':
$tplVars['select_all'] = $selected;
$s_user = NULL;
$s_user = null;
break;
case 'watchlist':
$tplVars['select_watchlist'] = $selected;
@ -107,7 +105,7 @@ if (is_null($terms)) {
if (isset($s_user)) {
$tplVars['user'] = $range;
$s_user = $userservice->getIdFromUser($s_user);
if($s_user == NULL) {
if ($s_user == null) {
$tplVars['error'] = sprintf(T_('User with username %s was not found'), $s_user);
$templateservice->loadTemplate('error.404.tpl', $tplVars);
exit();
@ -116,7 +114,7 @@ if (is_null($terms)) {
}
}
$bookmarks =& $bookmarkservice->getBookmarks(
$start, $perpage, $s_user, NULL, $terms, getSortOrder(),
$start, $perpage, $s_user, null, $terms, getSortOrder(),
$s_watchlist, $s_start, $s_end
);
@ -125,9 +123,7 @@ $searchhistoryservice->addSearch(
$terms, $range, $bookmarks['total'], $currentUserId
);
if (isset($_GET['lucky']) && $_GET['lucky']
&& isset($bookmarks['bookmarks'][0])
) {
if (isset($_GET['lucky']) && $_GET['lucky'] && isset($bookmarks['bookmarks'][0])) {
$url = $bookmarks['bookmarks'][0]['bAddress'];
header('Location: ' . $url);
exit();

1
www/tag2tagadd.php
View File

@ -63,7 +63,6 @@ if (POST_CONFIRM != '') {
}
$tplVars['links'] = $tag2tagservice->getLinks($currentUser->getId());
$tplVars['tag1'] = $tag1;
$tplVars['tag2'] = '';
$tplVars['subtitle'] = T_('Add Tag Link') .': '. $tag1;

3
www/tag2tagdelete.php
View File

@ -56,8 +56,6 @@ if(isset($_SERVER['PATH_INFO'])) {
$url = $tag1 = $tag2 = '';
}
if (POST_CONFIRM) {
$tag = POST_TAG1;
$linkType = POST_LINKTYPE;
@ -75,7 +73,6 @@ if (POST_CONFIRM) {
}
$tplVars['links'] = $tag2tagservice->getLinks($currentUser->getId());
$tplVars['tag1'] = $tag1;
$tplVars['tag2'] = $tag2;
$tplVars['subtitle'] = T_('Delete Link Between Tags') .': '. $tag1.' > '.$tag2;

1
www/tag2tagedit.php
View File

@ -49,7 +49,6 @@ if(isset($_SERVER['PATH_INFO'])) {
}
$tplVars['links'] = $tag2tagservice->getLinks($userservice->getCurrentUserId());
$tplVars['tag1'] = $tag1;
$tplVars['tag2'] = $tag2;
$tplVars['subtitle'] = T_('Edit Link Between Tags') .': '. $tag1.' > '.$tag2;

6
www/tagcommondescriptionedit.php
View File

@ -43,11 +43,7 @@ $currentUser = $userservice->getCurrentObjectUser();
list ($url, $tag) = explode('/', $_SERVER['PATH_INFO']);
//permissions
if (!$userservice->isLoggedOn()
|| (!$GLOBALS['enableCommonTagDescriptionEditedByAll']
&& !$currentUser->isAdmin()
)
) {
if (!$userservice->isLoggedOn() || (!$GLOBALS['enableCommonTagDescriptionEditedByAll'] && !$currentUser->isAdmin())) {
$tplVars['error'] = T_('Permission denied.');
$templateservice->loadTemplate('error.500.tpl', $tplVars);
exit();

4
www/tagedit.php
View File

@ -46,9 +46,7 @@ if(!$userservice->isLoggedOn()) {
}
if (POST_CONFIRM) {
if ( strlen($tag)>0 &&
$tagservice->updateDescription($tag, $currentUser->getId(), stripslashes(POST_DESCRIPTION))
) {
if (strlen($tag)>0 && $tagservice->updateDescription($tag, $currentUser->getId(), stripslashes(POST_DESCRIPTION))) {
$tplVars['msg'] = T_('Tag description updated');
header('Location: '. POST_REFERRER);
} else {

17
www/tagrename.php
View File

@ -37,28 +37,27 @@ $currentUser = $userservice->getCurrentObjectUser();
/* Managing path info */
list ($url, $tag) = explode('/', $_SERVER['PATH_INFO']);
//$tag = isset($_GET['query']) ? $_GET['query'] : NULL;
//$tag = isset($_GET['query']) ? $_GET['query'] : null;
$template = 'tagrename.tpl';
if (POST_CONFIRM) {
if (trim(POST_OLD) != '') {
$old = trim(POST_OLD);
} else {
$old = NULL;
$old = null;
}
if (trim(POST_NEW) != '') {
$new = trim(POST_NEW);
} else {
$new = NULL;
$new = null;
}
if (
!is_null($old) &&
!is_null($new) &&
$tagservice->renameTag($currentUser->getId(), $old, $new) &&
$b2tservice->renameTag($currentUser->getId(), $old, $new) &&
$tag2tagservice->renameTag($currentUser->getId(), $old, $new)
if (!is_null($old)
&& !is_null($new)
&& $tagservice->renameTag($currentUser->getId(), $old, $new)
&& $b2tservice->renameTag($currentUser->getId(), $old, $new)
&& $tag2tagservice->renameTag($currentUser->getId(), $old, $new)
) {
$tplVars['msg'] = T_('Tag renamed');
header('Location: '. createURL('bookmarks', $currentUser->getUsername()));

9
www/tags.php
View File

@ -35,7 +35,6 @@ $currentUser = $userservice->getCurrentObjectUser();
/* Managing path info */
list($url, $cat) = explode('/', $_SERVER['PATH_INFO']);
if (!$cat) {
header('Location: '. createURL('populartags'));
exit;
@ -48,7 +47,6 @@ for($i = 0; $i<count($titleTags);$i++) {
}
$pagetitle = substr($pagetitle, 0, strlen($pagetitle) - strlen(' + '));
//$cattitle = str_replace('+', ' + ', $cat);
if ($usecache) {
@ -67,7 +65,10 @@ if ($usecache) {
$tplVars['pagetitle'] = T_('Tags') .': '. $cat;
$tplVars['loadjs'] = true;
$tplVars['rsschannels'] = array(
array(filter($sitename .': '. $pagetitle), createURL('rss', 'all/'. filter($cat, 'url')).'?sort='.getSortOrder())
array(
filter($sitename .': '. $pagetitle),
createURL('rss', 'all/'. filter($cat, 'url')).'?sort='.getSortOrder()
)
);
// Pagination
@ -87,7 +88,7 @@ $tplVars['currenttag'] = $cat;
$tplVars['sidebar_blocks'] = array('linked', 'related', 'menu2');//array('linked', 'related', 'popular');
$tplVars['subtitle'] = $pagetitle;
$tplVars['bookmarkCount'] = $start + 1;
$bookmarks =& $bookmarkservice->getBookmarks($start, $perpage, NULL, $cat, NULL, getSortOrder());
$bookmarks =& $bookmarkservice->getBookmarks($start, $perpage, null, $cat, null, getSortOrder());
$tplVars['total'] = $bookmarks['total'];
$tplVars['bookmarks'] =& $bookmarks['bookmarks'];
$tplVars['cat_url'] = createURL('bookmarks', '%1$s/%2$s');

4
www/watch.php
View File

@ -28,7 +28,7 @@ isset($_POST['contact']) ? define('POST_CONTACT', $_POST['contact']): define('PO
isset($_GET['contact']) ? define('GET_CONTACT', $_GET['contact']): define('GET_CONTACT', '');
/* Managing path info */
@list($url, $user) = isset($_SERVER['PATH_INFO']) ? explode('/', $_SERVER['PATH_INFO']) : NULL;
@list($url, $user) = isset($_SERVER['PATH_INFO']) ? explode('/', $_SERVER['PATH_INFO']) : null;
if ($user=='' && POST_CONTACT != '') {
$user = POST_CONTACT;
@ -41,7 +41,7 @@ if ($userservice->isLoggedOn() && $user) {
$userid = $userservice->getIdFromUser($user);
if($userid == NULL) {
if ($userid == null) {
$tplVars['error'] = sprintf(T_('User with username %s was not found'), $user);
$templateservice->loadTemplate('error.404.tpl', $tplVars);
exit();

6
www/watchlist.php
View File

@ -32,7 +32,7 @@ isset($_GET['sort']) ? define('GET_SORT', $_GET['sort']): define('GET_SORT', '')
$currentUser = $userservice->getCurrentObjectUser();
/* Managing path info */
@list($url, $user, $page) = isset($_SERVER['PATH_INFO']) ? explode('/', $_SERVER['PATH_INFO']) : NULL;
@list($url, $user, $page) = isset($_SERVER['PATH_INFO']) ? explode('/', $_SERVER['PATH_INFO']) : null;
if ($usecache) {
@ -56,7 +56,7 @@ if ($user) {
$userid = intval($user);
} else {
$userinfo = $userservice->getObjectUserByUsername($user);
if ($userinfo == NULL ) {
if ($userinfo == null ) {
// Throw a 404 error
$tplVars['error'] = sprintf(T_('User with username %s was not found'), $user);
$templateservice->loadTemplate('error.404.tpl', $tplVars);
@ -91,7 +91,7 @@ if ($user) {
$tplVars['start'] = $start;
$tplVars['bookmarkCount'] = $start + 1;
$bookmarks =& $bookmarkservice->getBookmarks($start, $perpage, $userid, NULL, NULL, getSortOrder(), true);
$bookmarks =& $bookmarkservice->getBookmarks($start, $perpage, $userid, null, null, getSortOrder(), true);
$tplVars['sidebar_blocks'] = array('watchlist');
$tplVars['watched'] = true;