|
|
|
<?php
|
|
|
|
/**
|
|
|
|
* MINZ - Copyright 2011 Marien Fressinaud
|
|
|
|
* Sous licence AGPL3 <http://www.gnu.org/licenses/>
|
|
|
|
*/
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Request représente la requête http
|
|
|
|
*/
|
|
|
|
class Minz_Request {
|
|
|
|
private static $controller_name = '';
|
|
|
|
private static $action_name = '';
|
|
|
|
private static $params = array();
|
|
|
|
|
|
|
|
private static $default_controller_name = 'index';
|
|
|
|
private static $default_action_name = 'index';
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Getteurs
|
|
|
|
*/
|
|
|
|
public static function controllerName() {
|
|
|
|
return self::$controller_name;
|
|
|
|
}
|
|
|
|
public static function actionName() {
|
|
|
|
return self::$action_name;
|
|
|
|
}
|
|
|
|
public static function params() {
|
|
|
|
return self::$params;
|
|
|
|
}
|
|
|
|
public static function param($key, $default = false, $specialchars = false) {
|
|
|
|
if (isset(self::$params[$key])) {
|
|
|
|
$p = self::$params[$key];
|
|
|
|
if (is_object($p) || $specialchars) {
|
|
|
|
return $p;
|
|
|
|
} else {
|
|
|
|
return Minz_Helper::htmlspecialchars_utf8($p);
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
return $default;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
public static function paramTernary($key) {
|
|
|
|
if (isset(self::$params[$key])) {
|
|
|
|
$p = self::$params[$key];
|
|
|
|
$tp = trim($p);
|
|
|
|
// @phpstan-ignore-next-line
|
|
|
|
if ($p === null || $tp === '' || $tp === 'null') {
|
|
|
|
return null;
|
|
|
|
} elseif ($p == false || $tp == '0' || $tp === 'false' || $tp === 'no') {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
return null;
|
|
|
|
}
|
Feature/new archiving (#2335)
* Change archiving config page layout
I've changed some wording and moved actions into a
maintenance section.
* Update purge action
Now we have more control on the purge action. The configuration allows
us to choose what to keep and what to discard in a more precise way.
At the moment, the configuration applies for all feeds.
* Add purge configuration on feed level
Now the extend purge configuration is available on feed level.
It is stored as attributes and will be used in the purge action.
* Update purge action
Now the purge action uses the feed configuration if it exists and
defaults on user configuration if not.
* Add empty option in period list
* Fix configuration warnings
* Add archiving configuration on categories
See #2369
* Add user info back
* Add explanations in UI
* Fixes for SQLite + error + misc.
* Fix invalid feed reference
* Short array syntax
Only for new code, so far
* Fix prefix error
* Query performance, default values
Work in progress
* Fix default values and confirm before leaving
Form cancel and confirm changes before leaving were broken.
And start taking advantage of the short echo syntax `<?= ?>` as we have
moved to PHP 5.4+
* More work
* Tuning SQL
* Fix MariaDB + performance issue
* SQL performance
* Fix SQLite bug
* Fix some attributes JSON encoding bugs
Especially for SQLite export/import
* More uniform, fix bugs
More uniform between global, category, feed settings
* Drop special cases for old articles during refresh
Instead will use lastSeen date with the new archiving logic.
This was generating problems anyway
https://github.com/FreshRSS/FreshRSS/issues/2154
* Draft drop index keep_history
Not needed anymore
* MySQL typo
Now properly tested with MySQL, PostgreSQL, SQLite
* More work for legacy values
Important to avoid overriding user's preference and risking deleting
data erroneously
* Fix PHP 7.3 / 7.4 warnings
@aledeg "Trying to use values of type null, bool, int, float or resource
as an array (such as $null["key"]) will now generate a notice. "
https://php.net/migration74.incompatible
* Reintroduce min articles and take care of legacy parameters
* A few changes forgotten
* Draft of migration + DROP of feed.keep_history
* Fix several errors
And give up using const for SQL to allow multiple database types (and we
cannot redefine a const)
* Add keep_min to categories + factorise archiving logic
* Legacy fix
* Fix bug yield from
* Minor: Use JSON_UNESCAPED_SLASHE for attributes
And make more uniform
* Fix sign and missing variable
* Fine tune the logic
5 years ago
|
|
|
public static function paramBoolean($key) {
|
|
|
|
if (null === $value = self::paramTernary($key)) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
return $value;
|
|
|
|
}
|
|
|
|
/**
|
|
|
|
* Extract text lines to array.
|
|
|
|
*
|
|
|
|
* It will return an array where each cell contains one line of a text. The new line
|
|
|
|
* character is used to break the text into lines. This method is well suited to use
|
|
|
|
* to split textarea content.
|
|
|
|
*/
|
|
|
|
public static function paramTextToArray($key, $default = []) {
|
|
|
|
if (isset(self::$params[$key])) {
|
|
|
|
return preg_split('/\R/', self::$params[$key]);
|
|
|
|
}
|
|
|
|
return $default;
|
|
|
|
}
|
|
|
|
public static function defaultControllerName() {
|
|
|
|
return self::$default_controller_name;
|
|
|
|
}
|
|
|
|
public static function defaultActionName() {
|
|
|
|
return self::$default_action_name;
|
|
|
|
}
|
|
|
|
public static function currentRequest() {
|
|
|
|
return array(
|
|
|
|
'c' => self::$controller_name,
|
|
|
|
'a' => self::$action_name,
|
|
|
|
'params' => self::$params,
|
|
|
|
);
|
|
|
|
}
|
|
|
|
public static function modifiedCurrentRequest(array $extraParams = null) {
|
|
|
|
$currentRequest = self::currentRequest();
|
|
|
|
if (null !== $extraParams) {
|
|
|
|
$currentRequest['params'] = array_merge($currentRequest['params'], $extraParams);
|
|
|
|
}
|
|
|
|
return $currentRequest;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Setteurs
|
|
|
|
*/
|
|
|
|
public static function _controllerName($controller_name) {
|
|
|
|
self::$controller_name = $controller_name;
|
|
|
|
}
|
|
|
|
public static function _actionName($action_name) {
|
|
|
|
self::$action_name = $action_name;
|
|
|
|
}
|
|
|
|
public static function _params($params) {
|
|
|
|
if (!is_array($params)) {
|
|
|
|
$params = array($params);
|
|
|
|
}
|
|
|
|
|
|
|
|
self::$params = $params;
|
|
|
|
}
|
|
|
|
public static function _param($key, $value = false) {
|
|
|
|
if ($value === false) {
|
|
|
|
unset(self::$params[$key]);
|
|
|
|
} else {
|
|
|
|
self::$params[$key] = $value;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Initialise la Request
|
|
|
|
*/
|
|
|
|
public static function init() {
|
|
|
|
self::initJSON();
|
|
|
|
}
|
|
|
|
|
|
|
|
public static function is($controller_name, $action_name) {
|
|
|
|
return (
|
|
|
|
self::$controller_name === $controller_name &&
|
|
|
|
self::$action_name === $action_name
|
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Return true if the request is over HTTPS, false otherwise (HTTP)
|
|
|
|
*
|
|
|
|
* @return boolean
|
|
|
|
*/
|
|
|
|
public static function isHttps() {
|
|
|
|
$header = $_SERVER['HTTP_X_FORWARDED_PROTO'] ?? '';
|
|
|
|
if ('' != $header) {
|
|
|
|
return 'https' === strtolower($header);
|
|
|
|
}
|
|
|
|
return 'on' === ($_SERVER['HTTPS'] ?? '');
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Try to guess the base URL from $_SERVER information
|
|
|
|
*
|
|
|
|
* @return string base url (e.g. http://example.com)
|
|
|
|
*/
|
|
|
|
public static function guessBaseUrl(): string {
|
|
|
|
$protocol = self::extractProtocol();
|
|
|
|
$host = self::extractHost();
|
|
|
|
$port = self::extractPortForUrl();
|
|
|
|
$prefix = self::extractPrefix();
|
|
|
|
$path = self::extractPath();
|
|
|
|
|
|
|
|
return filter_var("{$protocol}://{$host}{$port}{$prefix}{$path}", FILTER_SANITIZE_URL);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @return string
|
|
|
|
*/
|
|
|
|
private static function extractProtocol() {
|
|
|
|
if (self::isHttps()) {
|
|
|
|
return 'https';
|
|
|
|
}
|
|
|
|
return 'http';
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @return string
|
|
|
|
*/
|
|
|
|
private static function extractHost() {
|
|
|
|
if ('' != $host = ($_SERVER['HTTP_X_FORWARDED_HOST'] ?? '')) {
|
|
|
|
return parse_url("http://{$host}", PHP_URL_HOST);
|
|
|
|
}
|
|
|
|
if ('' != $host = ($_SERVER['HTTP_HOST'] ?? '')) {
|
|
|
|
// Might contain a port number, and mind IPv6 addresses
|
|
|
|
return parse_url("http://{$host}", PHP_URL_HOST);
|
|
|
|
}
|
|
|
|
if ('' != $host = ($_SERVER['SERVER_NAME'] ?? '')) {
|
|
|
|
return $host;
|
|
|
|
}
|
|
|
|
return 'localhost';
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @return integer
|
|
|
|
*/
|
|
|
|
private static function extractPort() {
|
|
|
|
if ('' != $port = ($_SERVER['HTTP_X_FORWARDED_PORT'] ?? '')) {
|
|
|
|
return intval($port);
|
|
|
|
}
|
|
|
|
if ('' != $proto = ($_SERVER['HTTP_X_FORWARDED_PROTO'] ?? '')) {
|
|
|
|
return 'https' === strtolower($proto) ? 443 : 80;
|
|
|
|
}
|
|
|
|
if ('' != $port = ($_SERVER['SERVER_PORT'] ?? '')) {
|
|
|
|
return intval($port);
|
|
|
|
}
|
|
|
|
return self::isHttps() ? 443 : 80;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @return string
|
|
|
|
*/
|
|
|
|
private static function extractPortForUrl() {
|
|
|
|
if (self::isHttps() && 443 !== $port = self::extractPort()) {
|
|
|
|
return ":{$port}";
|
|
|
|
}
|
|
|
|
if (!self::isHttps() && 80 !== $port = self::extractPort()) {
|
|
|
|
return ":{$port}";
|
|
|
|
}
|
|
|
|
return '';
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @return string
|
|
|
|
*/
|
|
|
|
private static function extractPrefix() {
|
|
|
|
if ('' != $prefix = ($_SERVER['HTTP_X_FORWARDED_PREFIX'] ?? '')) {
|
|
|
|
return rtrim($prefix, '/ ');
|
|
|
|
}
|
|
|
|
return '';
|
|
|
|
}
|
|
|
|
|
|
|
|
private static function extractPath(): string {
|
|
|
|
$path = $_SERVER['REQUEST_URI'] ?? '';
|
|
|
|
if ($path != '') {
|
|
|
|
$path = parse_url($path, PHP_URL_PATH);
|
|
|
|
return substr($path, -1) === '/' ? rtrim($path, '/') : dirname($path);
|
|
|
|
}
|
|
|
|
return '';
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Return the base_url from configuration and add a suffix if given.
|
|
|
|
*
|
|
|
|
* @return string base_url with a suffix.
|
|
|
|
*/
|
|
|
|
public static function getBaseUrl() {
|
|
|
|
$conf = Minz_Configuration::get('system');
|
|
|
|
$url = rtrim($conf->base_url, '/\\');
|
|
|
|
return filter_var($url, FILTER_SANITIZE_URL);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Test if a given server address is publicly accessible.
|
|
|
|
*
|
|
|
|
* Note: for the moment it tests only if address is corresponding to a
|
|
|
|
* localhost address.
|
|
|
|
*
|
|
|
|
* @param string $address the address to test, can be an IP or a URL.
|
|
|
|
* @return boolean true if server is accessible, false otherwise.
|
|
|
|
* @todo improve test with a more valid technique (e.g. test with an external server?)
|
|
|
|
*/
|
|
|
|
public static function serverIsPublic($address) {
|
|
|
|
if (strlen($address) < strlen('http://a.bc')) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
$host = parse_url($address, PHP_URL_HOST);
|
|
|
|
if (!$host) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
$is_public = !in_array($host, array(
|
|
|
|
'localhost',
|
|
|
|
'localhost.localdomain',
|
|
|
|
'[::1]',
|
|
|
|
'ip6-localhost',
|
|
|
|
'localhost6',
|
|
|
|
'localhost6.localdomain6',
|
|
|
|
));
|
|
|
|
|
|
|
|
if ($is_public) {
|
|
|
|
$is_public &= !preg_match('/^(10|127|172[.]16|192[.]168)[.]/', $host);
|
|
|
|
$is_public &= !preg_match('/^(\[)?(::1$|fc00::|fe80::)/i', $host);
|
|
|
|
}
|
|
|
|
|
|
|
|
return (bool)$is_public;
|
|
|
|
}
|
|
|
|
|
|
|
|
private static function requestId() {
|
|
|
|
if (empty($_GET['rid']) || !ctype_xdigit($_GET['rid'])) {
|
|
|
|
$_GET['rid'] = uniqid();
|
|
|
|
}
|
|
|
|
return $_GET['rid'];
|
|
|
|
}
|
|
|
|
|
|
|
|
private static function setNotification($type, $content) {
|
|
|
|
Minz_Session::lock();
|
|
|
|
$requests = Minz_Session::param('requests', []);
|
|
|
|
$requests[self::requestId()] = [
|
|
|
|
'time' => time(),
|
|
|
|
'notification' => [ 'type' => $type, 'content' => $content ],
|
|
|
|
];
|
|
|
|
Minz_Session::_param('requests', $requests);
|
|
|
|
Minz_Session::unlock();
|
|
|
|
}
|
|
|
|
|
|
|
|
public static function setGoodNotification($content) {
|
|
|
|
self::setNotification('good', $content);
|
|
|
|
}
|
|
|
|
|
|
|
|
public static function setBadNotification($content) {
|
|
|
|
self::setNotification('bad', $content);
|
|
|
|
}
|
|
|
|
|
|
|
|
public static function getNotification() {
|
|
|
|
$notif = null;
|
|
|
|
Minz_Session::lock();
|
|
|
|
$requests = Minz_Session::param('requests');
|
|
|
|
if ($requests) {
|
|
|
|
//Delete abandoned notifications
|
|
|
|
$requests = array_filter($requests, function ($r) { return isset($r['time']) && $r['time'] > time() - 3600; });
|
|
|
|
|
|
|
|
$requestId = self::requestId();
|
|
|
|
if (!empty($requests[$requestId]['notification'])) {
|
|
|
|
$notif = $requests[$requestId]['notification'];
|
|
|
|
unset($requests[$requestId]);
|
|
|
|
}
|
|
|
|
Minz_Session::_param('requests', $requests);
|
|
|
|
}
|
|
|
|
Minz_Session::unlock();
|
|
|
|
return $notif;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Relance une requête
|
|
|
|
* @param array<string,string|array<string,string>> $url l'url vers laquelle est relancée la requête
|
|
|
|
* @param bool $redirect si vrai, force la redirection http
|
|
|
|
* > sinon, le dispatcher recharge en interne
|
|
|
|
*/
|
|
|
|
public static function forward($url = array(), $redirect = false) {
|
|
|
|
if (!is_array($url)) {
|
|
|
|
header('Location: ' . $url);
|
|
|
|
exit();
|
|
|
|
}
|
|
|
|
|
|
|
|
$url = Minz_Url::checkUrl($url);
|
|
|
|
$url['params']['rid'] = self::requestId();
|
|
|
|
|
|
|
|
if ($redirect) {
|
|
|
|
header('Location: ' . Minz_Url::display($url, 'php', 'root'));
|
|
|
|
exit();
|
|
|
|
} else {
|
|
|
|
self::_controllerName($url['c']);
|
|
|
|
self::_actionName($url['a']);
|
|
|
|
self::_params(array_merge(
|
|
|
|
self::$params,
|
|
|
|
$url['params']
|
|
|
|
));
|
|
|
|
Minz_Dispatcher::reset();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Wrappers good notifications + redirection
|
|
|
|
* @param string $msg notification content
|
|
|
|
* @param array<string,string|array<string,string>> $url url array to where we should be forwarded
|
|
|
|
*/
|
|
|
|
public static function good($msg, $url = array()) {
|
|
|
|
Minz_Request::setGoodNotification($msg);
|
|
|
|
Minz_Request::forward($url, true);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Wrappers bad notifications + redirection
|
|
|
|
* @param string $msg notification content
|
|
|
|
* @param array<string,string|array<string,mixed>> $url url array to where we should be forwarded
|
|
|
|
*/
|
|
|
|
public static function bad($msg, $url = array()) {
|
|
|
|
Minz_Request::setBadNotification($msg);
|
|
|
|
Minz_Request::forward($url, true);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Allows receiving POST data as application/json
|
|
|
|
*/
|
|
|
|
private static function initJSON() {
|
|
|
|
if ('application/json' !== self::extractContentType()) {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
if ('' === $ORIGINAL_INPUT = file_get_contents('php://input', false, null, 0, 1048576)) {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
if (null === $json = json_decode($ORIGINAL_INPUT, true)) {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
foreach ($json as $k => $v) {
|
|
|
|
if (!isset($_POST[$k])) {
|
|
|
|
$_POST[$k] = $v;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @return string
|
|
|
|
*/
|
|
|
|
private static function extractContentType() {
|
|
|
|
return strtolower(trim($_SERVER['CONTENT_TYPE'] ?? ''));
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @return boolean
|
|
|
|
*/
|
|
|
|
public static function isPost() {
|
|
|
|
return 'POST' === ($_SERVER['REQUEST_METHOD'] ?? '');
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @return array<string>
|
|
|
|
*/
|
|
|
|
public static function getPreferredLanguages() {
|
|
|
|
if (preg_match_all('/(^|,)\s*(?P<lang>[^;,]+)/', $_SERVER['HTTP_ACCEPT_LANGUAGE'] ?? '', $matches)) {
|
|
|
|
return $matches['lang'];
|
|
|
|
}
|
|
|
|
return array('en');
|
|
|
|
}
|
|
|
|
}
|