Avoid manual initialisations of system or user configuration (#3070)

* Avoid manual intialisations of system or user configuration

More consistent use of Context

* Simplify FreshRSS_Context::initUser

* Remove a few manual get_user_configuration

* A bit of debugging

* Fix context user init

* Fix install

* Fix concurrency

Concurrent requests could lead to bad race condition

* Fix actualize cron

Fix case when system i initialised several times

app/Controllers/authController.php

@@ -112,8 +112,7 @@ class FreshRSS_auth_Controller extends Minz_ActionController {
 		Minz_View::prependTitle(_t('gen.auth.login') . ' · ');
 		Minz_View::appendScript(Minz_Url::display('/scripts/bcrypt.min.js?' . @filemtime(PUBLIC_PATH . '/scripts/bcrypt.min.js')));
 
-		$conf = Minz_Configuration::get('system');
-		$limits = $conf->limits;
+		$limits = FreshRSS_Context::$system_conf->limits;
 		$this->view->cookie_days = round($limits['cookie_duration'] / 86400, 1);
 
 		$isPOST = Minz_Request::isPost() && !Minz_Session::param('POST_to_GET');
@@ -124,38 +123,38 @@ class FreshRSS_auth_Controller extends Minz_ActionController {
 			$username = Minz_Request::param('username', '');
 			$challenge = Minz_Request::param('challenge', '');
 
-			$conf = get_user_configuration($username);
-			if ($conf == null) {
+			FreshRSS_Context::initUser($username);
+			if (FreshRSS_Context::$user_conf == null) {
 				//We do not test here whether the user exists, so most likely an internal error.
 				Minz_Error::error(403, array(_t('feedback.auth.login.invalid')), false);
 				return;
 			}
 
-			if (!$conf->enabled) {
+			if (!FreshRSS_Context::$user_conf->enabled) {
 				Minz_Error::error(403, array(_t('feedback.auth.login.invalid')), false);
 				return;
 			}
 
 			$ok = FreshRSS_FormAuth::checkCredentials(
-				$username, $conf->passwordHash, $nonce, $challenge
+				$username, FreshRSS_Context::$user_conf->passwordHash, $nonce, $challenge
 			);
 			if ($ok) {
 				// Set session parameter to give access to the user.
 				Minz_Session::_params([
 					'currentUser' => $username,
-					'passwordHash' => $conf->passwordHash,
+					'passwordHash' => FreshRSS_Context::$user_conf->passwordHash,
 					'csrf' => false,
 				]);
 				FreshRSS_Auth::giveAccess();
 
 				// Set cookie parameter if nedded.
 				if (Minz_Request::param('keep_logged_in')) {
-					FreshRSS_FormAuth::makeCookie($username, $conf->passwordHash);
+					FreshRSS_FormAuth::makeCookie($username, FreshRSS_Context::$user_conf->passwordHash);
 				} else {
 					FreshRSS_FormAuth::deleteCookie();
 				}
 
-				Minz_Translate::init($conf->language);
+				Minz_Translate::init(FreshRSS_Context::$user_conf->language);
 
 				// All is good, go back to the index.
 				Minz_Request::good(_t('feedback.auth.login.success'),
@@ -183,12 +182,12 @@ class FreshRSS_auth_Controller extends Minz_ActionController {
 
 			FreshRSS_FormAuth::deleteCookie();
 
-			$conf = get_user_configuration($username);
-			if ($conf == null) {
+			FreshRSS_Context::initUser($username);
+			if (FreshRSS_Context::$user_conf == null) {
 				return;
 			}
 
-			$s = $conf->passwordHash;
+			$s = FreshRSS_Context::$user_conf->passwordHash;
 			$ok = password_verify($password, $s);
 			unset($password);
 			if ($ok) {
@@ -199,7 +198,7 @@ class FreshRSS_auth_Controller extends Minz_ActionController {
 				]);
 				FreshRSS_Auth::giveAccess();
 
-				Minz_Translate::init($conf->language);
+				Minz_Translate::init(FreshRSS_Context::$user_conf->language);
 
 				Minz_Request::good(_t('feedback.auth.login.success'),
 				                   array('c' => 'index', 'a' => 'index'));

app/Controllers/errorController.php

@@ -33,10 +33,12 @@ class FreshRSS_error_Controller extends Minz_ActionController {
 		case 500:
 			header('HTTP/1.1 500 Internal Server Error');
 			$this->view->code = 'Error 500 - Internal Server Error';
+			$this->view->errorMessage = 'Error 500 - Internal Server Error';
 			break;
 		case 503:
 			header('HTTP/1.1 503 Service Unavailable');
 			$this->view->code = 'Error 503 - Service Unavailable';
+			$this->view->errorMessage = 'Error 503 - Service Unavailable';
 			break;
 		case 404:
 		default:

app/Controllers/javascriptController.php

@@ -29,11 +29,10 @@ class FreshRSS_javascript_Controller extends Minz_ActionController {
 		header('Pragma: no-cache');
 
 		$user = isset($_GET['user']) ? $_GET['user'] : '';
-		if (FreshRSS_user_Controller::checkUsername($user)) {
+		if (FreshRSS_Context::initUser($user)) {
 			try {
 				$salt = FreshRSS_Context::$system_conf->salt;
-				$conf = get_user_configuration($user);
-				$s = $conf->passwordHash;
+				$s = FreshRSS_Context::$user_conf->passwordHash;
 				if (strlen($s) >= 60) {
 					$this->view->salt1 = substr($s, 0, 29);	//CRYPT_BLOWFISH Salt: "$2a$", a two digit cost parameter, "$", and 22 characters from the alphabet "./0-9A-Za-z".
 					$this->view->nonce = sha1($salt . uniqid(mt_rand(), true));

app/FreshRSS.php

@@ -24,10 +24,12 @@ class FreshRSS extends Minz_FrontController {
 			Minz_Session::init('FreshRSS');
 		}
 
-		// Register the configuration setter for the system configuration
-		$configuration_setter = new FreshRSS_ConfigurationSetter();
-		$system_conf = Minz_Configuration::get('system');
-		$system_conf->_configurationSetter($configuration_setter);
+		FreshRSS_Context::initSystem();
+		if (FreshRSS_Context::$system_conf == null) {
+			$message = 'Error during context system init!';
+			Minz_Error::error(500, [$message], false);
+			die($message);
+		}
 
 		// Load list of extensions and enable the "system" ones.
 		Minz_ExtensionManager::init();
@@ -35,26 +37,25 @@ class FreshRSS extends Minz_FrontController {
 		// Auth has to be initialized before using currentUser session parameter
 		// because it's this part which create this parameter.
 		self::initAuth();
+		if (FreshRSS_Context::$user_conf == null) {
+			FreshRSS_Context::initUser();
+		}
+		if (FreshRSS_Context::$user_conf == null) {
+			$message = 'Error during context user init!';
+			Minz_Error::error(500, [$message], false);
+			die($message);
+		}
 
-		// Then, register the user configuration and use the configuration setter
-		// created above.
-		$current_user = Minz_Session::param('currentUser', '_');
-		Minz_Configuration::register('user',
-		                             join_path(USERS_PATH, $current_user, 'config.php'),
-		                             join_path(FRESHRSS_PATH, 'config-user.default.php'),
-		                             $configuration_setter);
-
-		// Finish to initialize the other FreshRSS / Minz components.
-		FreshRSS_Context::init();
+		// Complete initialization of the other FreshRSS / Minz components.
 		self::initI18n();
 		self::loadNotifications();
 		// Enable extensions for the current (logged) user.
-		if (FreshRSS_Auth::hasAccess() || $system_conf->allow_anonymous) {
+		if (FreshRSS_Auth::hasAccess() || FreshRSS_Context::$system_conf->allow_anonymous) {
 			$ext_list = FreshRSS_Context::$user_conf->extensions_enabled;
 			Minz_ExtensionManager::enableByList($ext_list);
 		}
 
-		if ($system_conf->force_email_validation && !FreshRSS_Auth::hasAccess('admin')) {
+		if (FreshRSS_Context::$system_conf->force_email_validation && !FreshRSS_Auth::hasAccess('admin')) {
 			self::checkEmailValidated();
 		}
 

app/Models/Auth.php

@@ -22,9 +22,8 @@ class FreshRSS_Auth {
 
 		self::$login_ok = Minz_Session::param('loginOk', false);
 		$current_user = Minz_Session::param('currentUser', '');
-		if ($current_user === '') {
-			$conf = Minz_Configuration::get('system');
-			$current_user = $conf->default_user;
+		if ($current_user == '') {
+			$current_user = FreshRSS_Context::$system_conf->default_user;
 			Minz_Session::_params([
 				'currentUser' => $current_user,
 				'csrf' => false,
@@ -51,7 +50,6 @@ class FreshRSS_Auth {
 	 * @return boolean true if user can be connected, false else.
 	 */
 	private static function accessControl() {
-		FreshRSS_Context::$system_conf = Minz_Configuration::get('system');
 		$auth_type = FreshRSS_Context::$system_conf->auth_type;
 		switch ($auth_type) {
 		case 'form':
@@ -103,19 +101,18 @@ class FreshRSS_Auth {
 	 * Gives access to the current user.
 	 */
 	public static function giveAccess() {
-		$current_user = Minz_Session::param('currentUser');
-		$user_conf = get_user_configuration($current_user);
-		if ($user_conf == null) {
+		FreshRSS_Context::initUser();
+		if (FreshRSS_Context::$user_conf == null) {
 			self::$login_ok = false;
 			return false;
 		}
-		$system_conf = Minz_Configuration::get('system');
 
-		switch ($system_conf->auth_type) {
+		switch (FreshRSS_Context::$system_conf->auth_type) {
 		case 'form':
-			self::$login_ok = Minz_Session::param('passwordHash') === $user_conf->passwordHash;
+			self::$login_ok = Minz_Session::param('passwordHash') === FreshRSS_Context::$user_conf->passwordHash;
 			break;
 		case 'http_auth':
+			$current_user = Minz_Session::param('currentUser');
 			self::$login_ok = strcasecmp($current_user, httpAuthUser()) === 0;
 			break;
 		case 'none':
@@ -140,11 +137,12 @@ class FreshRSS_Auth {
 	 * @return boolean true if user has corresponding access, false else.
 	 */
 	public static function hasAccess($scope = 'general') {
-		$systemConfiguration = Minz_Configuration::get('system');
+		if (FreshRSS_Context::$user_conf == null) {
+			return false;
+		}
 		$currentUser = Minz_Session::param('currentUser');
-		$userConfiguration = get_user_configuration($currentUser);
-		$isAdmin = $userConfiguration && $userConfiguration->is_admin;
-		$default_user = $systemConfiguration->default_user;
+		$isAdmin = FreshRSS_Context::$user_conf->is_admin;
+		$default_user = FreshRSS_Context::$system_conf->default_user;
 		$ok = self::$login_ok;
 		switch ($scope) {
 		case 'general':
@@ -168,7 +166,6 @@ class FreshRSS_Auth {
 			'csrf' => false,
 			'REMOTE_USER' => false,
 		]);
-		$system_conf = Minz_Configuration::get('system');
 
 		$username = '';
 		$token_param = Minz_Request::param('token', '');
@@ -182,11 +179,11 @@ class FreshRSS_Auth {
 			}
 		}
 		if ($username == '') {
-			$username = $system_conf->default_user;
+			$username = FreshRSS_Context::$system_conf->default_user;
 		}
 		Minz_Session::_param('currentUser', $username);
 
-		switch ($system_conf->auth_type) {
+		switch (FreshRSS_Context::$system_conf->auth_type) {
 		case 'form':
 			Minz_Session::_param('passwordHash');
 			FreshRSS_FormAuth::deleteCookie();
@@ -204,18 +201,14 @@ class FreshRSS_Auth {
 	 * Return if authentication is enabled on this instance of FRSS.
 	 */
 	public static function accessNeedsLogin() {
-		$conf = Minz_Configuration::get('system');
-		$auth_type = $conf->auth_type;
-		return $auth_type !== 'none';
+		return FreshRSS_Context::$system_conf->auth_type !== 'none';
 	}
 
 	/**
 	 * Return if authentication requires a PHP action.
 	 */
 	public static function accessNeedsAction() {
-		$conf = Minz_Configuration::get('system');
-		$auth_type = $conf->auth_type;
-		return $auth_type === 'form';
+		return FreshRSS_Context::$system_conf->auth_type === 'form';
 	}
 
 	public static function csrfToken() {

app/Models/Context.php

@@ -43,14 +43,58 @@ class FreshRSS_Context {
 	public static $isCli = false;
 
 	/**
-	 * Initialize the context.
-	 *
-	 * Set the correct configurations and $categories variables.
+	 * Initialize the context for the global system.
 	 */
-	public static function init() {
-		// Init configuration.
-		self::$system_conf = Minz_Configuration::get('system');
-		self::$user_conf = Minz_Configuration::get('user');
+	public static function initSystem($reload = false) {
+		if ($reload || FreshRSS_Context::$system_conf == null) {
+			//TODO: Keep in session what we need instead of always reloading from disk
+			Minz_Configuration::register('system', DATA_PATH . '/config.php', FRESHRSS_PATH . '/config.default.php');
+			FreshRSS_Context::$system_conf = Minz_Configuration::get('system');
+			// Register the configuration setter for the system configuration
+			$configurationSetter = new FreshRSS_ConfigurationSetter();
+			FreshRSS_Context::$system_conf->_configurationSetter($configurationSetter);
+		}
+		return FreshRSS_Context::$system_conf;
+	}
+
+	/**
+	 * Initialize the context for the current user.
+	 */
+	public static function initUser($username = '') {
+		FreshRSS_Context::$user_conf = null;
+		if (!isset($_SESSION)) {
+			Minz_Session::init('FreshRSS');
+		}
+
+		Minz_Session::lock();
+		if ($username == '') {
+			$username = Minz_Session::param('currentUser', '');
+		}
+		if ($username === '_' || FreshRSS_user_Controller::checkUsername($username)) {
+			try {
+				//TODO: Keep in session what we need instead of always reloading from disk
+				Minz_Configuration::register('user',
+					USERS_PATH . '/' . $username . '/config.php',
+					FRESHRSS_PATH . '/config-user.default.php',
+					FreshRSS_Context::$system_conf->configurationSetter());
+
+				Minz_Session::_param('currentUser', $username);
+				FreshRSS_Context::$user_conf = Minz_Configuration::get('user');
+			} catch (Exception $ex) {
+				Minz_Log::warning($ex->getMessage(), USERS_PATH . '/_/log.txt');
+			}
+		}
+		if (FreshRSS_Context::$user_conf == null) {
+			Minz_Session::_params([
+				'loginOk' => false,
+				'currentUser' => false,
+			]);
+		}
+		Minz_Session::unlock();
+
+		if (FreshRSS_Context::$user_conf == null) {
+			return false;
+		}
 
 		//Legacy
 		$oldEntries = (int)FreshRSS_Context::$user_conf->param('old_entries', 0);
@@ -74,6 +118,8 @@ class FreshRSS_Context {
 		if (!in_array(FreshRSS_Context::$user_conf->display_categories, [ 'active', 'remember', 'all', 'none' ], true)) {
 			FreshRSS_Context::$user_conf->display_categories = FreshRSS_Context::$user_conf->display_categories === true ? 'all' : 'active';
 		}
+
+		return FreshRSS_Context::$user_conf;
 	}
 
 	/**

app/Models/Entry.php

@@ -355,11 +355,10 @@ class FreshRSS_Entry extends Minz_Model {
 	}
 
 	public static function getContentByParsing($url, $path, $attributes = array(), $maxRedirs = 3) {
-		$system_conf = Minz_Configuration::get('system');
-		$limits = $system_conf->limits;
+		$limits = FreshRSS_Context::$system_conf->limits;
 		$feed_timeout = empty($attributes['timeout']) ? 0 : intval($attributes['timeout']);
 
-		if ($system_conf->simplepie_syslog_enabled) {
+		if (FreshRSS_Context::$system_conf->simplepie_syslog_enabled) {
 			syslog(LOG_INFO, 'FreshRSS GET ' . SimplePie_Misc::url_remove_credentials($url));
 		}
 
@@ -377,7 +376,7 @@ class FreshRSS_Entry extends Minz_Model {
 			CURLOPT_FOLLOWLOCATION => true,
 			CURLOPT_ENCODING => '',	//Enable all encodings
 		]);
-		curl_setopt_array($ch, $system_conf->curl_options);
+		curl_setopt_array($ch, FreshRSS_Context::$system_conf->curl_options);
 		if (isset($attributes['ssl_verify'])) {
 			curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, $attributes['ssl_verify'] ? 2 : 0);
 			curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, $attributes['ssl_verify'] ? true : false);

app/Models/Factory.php

@@ -7,8 +7,7 @@ class FreshRSS_Factory {
 	}
 
 	public static function createCategoryDao($username = null) {
-		$conf = Minz_Configuration::get('system');
-		switch ($conf->db['type']) {
+		switch (FreshRSS_Context::$system_conf->db['type']) {
 			case 'sqlite':
 				return new FreshRSS_CategoryDAOSQLite($username);
 			default:
@@ -17,8 +16,7 @@ class FreshRSS_Factory {
 	}
 
 	public static function createFeedDao($username = null) {
-		$conf = Minz_Configuration::get('system');
-		switch ($conf->db['type']) {
+		switch (FreshRSS_Context::$system_conf->db['type']) {
 			case 'sqlite':
 				return new FreshRSS_FeedDAOSQLite($username);
 			default:
@@ -27,8 +25,7 @@ class FreshRSS_Factory {
 	}
 
 	public static function createEntryDao($username = null) {
-		$conf = Minz_Configuration::get('system');
-		switch ($conf->db['type']) {
+		switch (FreshRSS_Context::$system_conf->db['type']) {
 			case 'sqlite':
 				return new FreshRSS_EntryDAOSQLite($username);
 			case 'pgsql':
@@ -39,8 +36,7 @@ class FreshRSS_Factory {
 	}
 
 	public static function createTagDao($username = null) {
-		$conf = Minz_Configuration::get('system');
-		switch ($conf->db['type']) {
+		switch (FreshRSS_Context::$system_conf->db['type']) {
 			case 'sqlite':
 				return new FreshRSS_TagDAOSQLite($username);
 			case 'pgsql':
@@ -51,8 +47,7 @@ class FreshRSS_Factory {
 	}
 
 	public static function createStatsDAO($username = null) {
-		$conf = Minz_Configuration::get('system');
-		switch ($conf->db['type']) {
+		switch (FreshRSS_Context::$system_conf->db['type']) {
 			case 'sqlite':
 				return new FreshRSS_StatsDAOSQLite($username);
 			case 'pgsql':
@@ -63,8 +58,7 @@ class FreshRSS_Factory {
 	}
 
 	public static function createDatabaseDAO($username = null) {
-		$conf = Minz_Configuration::get('system');
-		switch ($conf->db['type']) {
+		switch (FreshRSS_Context::$system_conf->db['type']) {
 			case 'sqlite':
 				return new FreshRSS_DatabaseDAOSQLite($username);
 			case 'pgsql':

app/Models/FormAuth.php

@@ -24,8 +24,7 @@ class FreshRSS_FormAuth {
 
 		$token_file = DATA_PATH . '/tokens/' . $token . '.txt';
 		$mtime = @filemtime($token_file);
-		$conf = Minz_Configuration::get('system');
-		$limits = $conf->limits;
+		$limits = FreshRSS_Context::$system_conf->limits;
 		$cookie_duration = empty($limits['cookie_duration']) ? FreshRSS_Auth::DEFAULT_COOKIE_DURATION : $limits['cookie_duration'];
 		if ($mtime + $cookie_duration < time()) {
 			// Token has expired (> cookie_duration) or does not exist.
@@ -43,8 +42,7 @@ class FreshRSS_FormAuth {
 	private static function renewCookie($token) {
 		$token_file = DATA_PATH . '/tokens/' . $token . '.txt';
 		if (touch($token_file)) {
-			$conf = Minz_Configuration::get('system');
-			$limits = $conf->limits;
+			$limits = FreshRSS_Context::$system_conf->limits;
 			$cookie_duration = empty($limits['cookie_duration']) ? FreshRSS_Auth::DEFAULT_COOKIE_DURATION : $limits['cookie_duration'];
 			$expire = time() + $cookie_duration;
 			Minz_Session::setLongTermCookie('FreshRSS_login', $token, $expire);
@@ -54,9 +52,8 @@ class FreshRSS_FormAuth {
 	}
 
 	public static function makeCookie($username, $password_hash) {
-		$conf = Minz_Configuration::get('system');
 		do {
-			$token = sha1($conf->salt . $username . uniqid(mt_rand(), true));
+			$token = sha1(FreshRSS_Context::$system_conf->salt . $username . uniqid(mt_rand(), true));
 			$token_file = DATA_PATH . '/tokens/' . $token . '.txt';
 		} while (file_exists($token_file));
 
@@ -80,8 +77,7 @@ class FreshRSS_FormAuth {
 	}
 
 	public static function purgeTokens() {
-		$conf = Minz_Configuration::get('system');
-		$limits = $conf->limits;
+		$limits = FreshRSS_Context::$system_conf->limits;
 		$cookie_duration = empty($limits['cookie_duration']) ? FreshRSS_Auth::DEFAULT_COOKIE_DURATION : $limits['cookie_duration'];
 		$oldest = time() - $cookie_duration;
 		foreach (new DirectoryIterator(DATA_PATH . '/tokens/') as $file_info) {

app/actualize_script.php

@@ -32,39 +32,42 @@ $_SERVER['HTTP_HOST'] = '';
 
 $app = new FreshRSS();
 
-$system_conf = Minz_Configuration::get('system');
-$system_conf->auth_type = 'none';  // avoid necessity to be logged in (not saved!)
-define('SIMPLEPIE_SYSLOG_ENABLED', $system_conf->simplepie_syslog_enabled);
+FreshRSS_Context::initSystem();
+FreshRSS_Context::$system_conf->auth_type = 'none';  // avoid necessity to be logged in (not saved!)
+define('SIMPLEPIE_SYSLOG_ENABLED', FreshRSS_Context::$system_conf->simplepie_syslog_enabled);
 
 notice('FreshRSS starting feeds actualization at ' . $begin_date->format('c'));
 
 // make sure the PHP setup of the CLI environment is compatible with FreshRSS as well
-performRequirementCheck($system_conf->db['type']);
+performRequirementCheck(FreshRSS_Context::$system_conf->db['type']);
 
 // Create the list of users to actualize.
 // Users are processed in a random order but always start with default user
 $users = listUsers();
 shuffle($users);
-if ($system_conf->default_user !== '') {
-	array_unshift($users, $system_conf->default_user);
+if (FreshRSS_Context::$system_conf->default_user !== '') {
+	array_unshift($users, FreshRSS_Context::$system_conf->default_user);
 	$users = array_unique($users);
 }
 
-$limits = $system_conf->limits;
+$limits = FreshRSS_Context::$system_conf->limits;
 $min_last_activity = time() - $limits['max_inactivity'];
 foreach ($users as $user) {
-	if (!get_user_configuration($user)->enabled) {
+	FreshRSS_Context::initUser($user);
+	if (FreshRSS_Context::$user_conf == null) {
+		notice('Invalid user ' . $user);
+		continue;
+	}
+	if (!FreshRSS_Context::$user_conf->enabled) {
 		notice('FreshRSS skip disabled user ' . $user);
 		continue;
 	}
-	if (($user !== $system_conf->default_user) &&
+	if (($user !== FreshRSS_Context::$system_conf->default_user) &&
 			(FreshRSS_UserDAO::mtime($user) < $min_last_activity)) {
 		notice('FreshRSS skip inactive user ' . $user);
 		continue;
 	}
 
-	Minz_Session::_param('currentUser', $user);
-	new Minz_ModelPdo($user);	//TODO: FIXME: Quick-fix while waiting for a better FreshRSS() constructor/init
 	FreshRSS_Auth::giveAccess();
 	$app->init();
 	notice('FreshRSS actualize ' . $user . '...');
@@ -78,10 +81,6 @@ foreach ($users as $user) {
 		}
 	}
 
-	Minz_Session::_params([
-		'currentUser' => '_',
-		'loginOk' => false,
-	]);
 	gc_collect_cycles();
 }
 

app/install.php

@@ -69,29 +69,21 @@ function saveStep1() {
 		// with values from the previous installation
 
 		// First, we try to get previous configurations
-		Minz_Configuration::register('system',
-		                             join_path(DATA_PATH, 'config.php'),
-		                             join_path(FRESHRSS_PATH, 'config.default.php'));
-		$system_conf = Minz_Configuration::get('system');
-
-		$current_user = $system_conf->default_user;
-		Minz_Configuration::register('user',
-		                             join_path(USERS_PATH, $current_user, 'config.php'),
-		                             join_path(FRESHRSS_PATH, 'config-user.default.php'));
-		$user_conf = Minz_Configuration::get('user');
+		FreshRSS_Context::initSystem();
+		FreshRSS_Context::initUser(FreshRSS_Context::$system_conf->default_user);
 
 		// Then, we set $_SESSION vars
 		Minz_Session::_params([
-				'title' => $system_conf->title,
-				'auth_type' => $system_conf->auth_type,
-				'default_user' => $current_user,
-				'passwordHash' => $user_conf->passwordHash,
-				'bd_type' => $system_conf->db['type'],
-				'bd_host' => $system_conf->db['host'],
-				'bd_user' => $system_conf->db['user'],
-				'bd_password' => $system_conf->db['password'],
-				'bd_base' => $system_conf->db['base'],
-				'bd_prefix' => $system_conf->db['prefix'],
+				'title' => FreshRSS_Context::$system_conf->title,
+				'auth_type' => FreshRSS_Context::$system_conf->auth_type,
+				'default_user' => Minz_Session::param('currentUser'),
+				'passwordHash' => FreshRSS_Context::$user_conf->passwordHash,
+				'bd_type' => FreshRSS_Context::$system_conf->db['type'],
+				'bd_host' => FreshRSS_Context::$system_conf->db['host'],
+				'bd_user' => FreshRSS_Context::$system_conf->db['user'],
+				'bd_password' => FreshRSS_Context::$system_conf->db['password'],
+				'bd_base' => FreshRSS_Context::$system_conf->db['base'],
+				'bd_prefix' => FreshRSS_Context::$system_conf->db['prefix'],
 				'bd_error' => false,
 			]);
 
@@ -159,8 +151,7 @@ function saveStep2() {
 			opcache_reset();
 		}
 
-		Minz_Configuration::register('system', DATA_PATH . '/config.php', FRESHRSS_PATH . '/config.default.php');
-		FreshRSS_Context::$system_conf = Minz_Configuration::get('system');
+		FreshRSS_Context::initSystem();
 
 		$ok = false;
 		try {
@@ -211,13 +202,9 @@ function saveStep3() {
 			return false;
 		}
 
-		Minz_Configuration::register('system', DATA_PATH . '/config.php', FRESHRSS_PATH . '/config.default.php');
-		FreshRSS_Context::$system_conf = Minz_Configuration::get('system');
+		FreshRSS_Context::initSystem();
 		Minz_Translate::init(Minz_Session::param('language'));
 
-		FreshRSS_Context::$system_conf->default_user = Minz_Session::param('default_user');
-		FreshRSS_Context::$system_conf->save();
-
 		// Create default user files but first, we delete previous data to
 		// avoid access right problems.
 		recursive_unlink(USERS_PATH . '/' . Minz_Session::param('default_user'));
@@ -242,6 +229,9 @@ function saveStep3() {
 			return false;
 		}
 
+		FreshRSS_Context::$system_conf->default_user = Minz_Session::param('default_user');
+		FreshRSS_Context::$system_conf->save();
+
 		header('Location: index.php?step=4');
 	}
 }

cli/_cli.php

@@ -11,10 +11,7 @@ require(LIB_PATH . '/lib_rss.php');	//Includes class autoloader
 require(LIB_PATH . '/lib_install.php');
 
 Minz_Session::init('FreshRSS', true);
-Minz_Configuration::register('system',
-	DATA_PATH . '/config.php',
-	FRESHRSS_PATH . '/config.default.php');
-FreshRSS_Context::$system_conf = Minz_Configuration::get('system');
+FreshRSS_Context::initSystem();
 Minz_Translate::init('en');
 
 FreshRSS_Context::$isCli = true;
@@ -34,11 +31,9 @@ function cliInitUser($username) {
 		fail('FreshRSS error: user not found: ' . $username . "\n");
 	}
 
-	FreshRSS_Context::$user_conf = get_user_configuration($username);
-	if (FreshRSS_Context::$user_conf == null) {
+	if (!FreshRSS_Context::initUser($username)) {
 		fail('FreshRSS error: invalid configuration for user: ' . $username . "\n");
 	}
-	Minz_Session::_param('currentUser', $username);
 
 	return $username;
 }

cli/do-install.php

@@ -86,8 +86,7 @@ if (function_exists('opcache_reset')) {
 	opcache_reset();
 }
 
-Minz_Configuration::register('system', DATA_PATH . '/config.php', FRESHRSS_PATH . '/config.default.php');
-FreshRSS_Context::$system_conf = Minz_Configuration::get('system');
+FreshRSS_Context::initSystem();
 
 Minz_Session::_param('currentUser', '_');	//Default user
 

cli/reconfigure.php

@@ -37,14 +37,13 @@ if (!validateOptions($argv, array_merge($params, $dBparams))) {
 
 fwrite(STDERR, 'Reconfiguring FreshRSS…' . "\n");
 
-$config = Minz_Configuration::get('system');
 foreach ($params as $param) {
 	$param = rtrim($param, ':');
 	if (isset($options[$param])) {
-		$config->$param = $options[$param] === false ? true : $options[$param];
+		FreshRSS_Context::$system_conf->$param = $options[$param] === false ? true : $options[$param];
 	}
 }
-$db = $config->db;
+$db = FreshRSS_Context::$system_conf->db;
 foreach ($dBparams as $dBparam) {
 	$dBparam = rtrim($dBparam, ':');
 	if (isset($options[$dBparam])) {
@@ -52,17 +51,19 @@ foreach ($dBparams as $dBparam) {
 		$db[$param] = $options[$dBparam];
 	}
 }
-$config->db = $db;
+FreshRSS_Context::$system_conf->db = $db;
 
-if (!FreshRSS_user_Controller::checkUsername($config->default_user)) {
-	fail('FreshRSS invalid default username (must be ASCII alphanumeric): ' . $config->default_user);
+if (!FreshRSS_user_Controller::checkUsername(FreshRSS_Context::$system_conf->default_user)) {
+	fail('FreshRSS invalid default username (must be ASCII alphanumeric): ' .
+		FreshRSS_Context::$system_conf->default_user);
 }
 
-if (isset($config->auth_type) && !in_array($config->auth_type, array('form', 'http_auth', 'none'))) {
+if (isset(FreshRSS_Context::$system_conf->auth_type) &&
+	!in_array(FreshRSS_Context::$system_conf->auth_type, array('form', 'http_auth', 'none'))) {
 	fail('FreshRSS invalid authentication method (auth_type must be one of { form, http_auth, none }: '
-		. $config->auth_type);
+		. FreshRSS_Context::$system_conf->auth_type);
 }
 
-$config->save();
+FreshRSS_Context::$system_conf->save();
 
 done();

cli/user-info.php

@@ -55,7 +55,6 @@ if (array_key_exists('header', $options)) {
 foreach ($users as $username) {
 	$username = cliInitUser($username);
 
-	$userConfiguration = get_user_configuration($username);
 	$catDAO = FreshRSS_Factory::createCategoryDao($username);
 	$feedDAO = FreshRSS_Factory::createFeedDao($username);
 	$entryDAO = FreshRSS_Factory::createEntryDao($username);
@@ -68,8 +67,8 @@ foreach ($users as $username) {
 	$data = array(
 		'default' => $username === FreshRSS_Context::$system_conf->default_user ? '*' : '',
 		'user' => $username,
-		'admin' => $userConfiguration->is_admin ? '*' : '',
-		'enabled' => $userConfiguration->enabled ? '*' : '',
+		'admin' => FreshRSS_Context::$user_conf->is_admin ? '*' : '',
+		'enabled' => FreshRSS_Context::$user_conf->enabled ? '*' : '',
 		'last_user_activity' => FreshRSS_UserDAO::mtime($username),
 		'database_size' => $databaseDAO->size(),
 		'categories' => (int) $catDAO->count(),
@@ -78,8 +77,8 @@ foreach ($users as $username) {
 		'unreads' => (int) $nbEntries['unread'],
 		'favourites' => (int) $nbFavorites['all'],
 		'tags' => (int) $tagDAO->count(),
-		'lang' => $userConfiguration->language,
-		'mail_login' => $userConfiguration->mail_login,
+		'lang' => FreshRSS_Context::$user_conf->language,
+		'mail_login' => FreshRSS_Context::$user_conf->mail_login,
 	);
 	if (isset($options['h'])) {	//Human format
 		$data['last_user_activity'] = date('c', $data['last_user_activity']);

lib/Minz/Configuration.php

@@ -136,6 +136,10 @@ class Minz_Configuration {
 		}
 	}
 
+	public function configurationSetter() {
+		return $this->configuration_setter;
+	}
+
 	/**
 	 * Return the value of the given param.
 	 *

lib/Minz/FrontController.php

@@ -31,9 +31,6 @@ class Minz_FrontController {
 	 */
 	public function __construct () {
 		try {
-			Minz_Configuration::register('system',
-			                             DATA_PATH . '/config.php',
-			                             FRESHRSS_PATH . '/config.default.php');
 			$this->setReporting();
 
 			Minz_Request::init();

lib/Minz/Log.php

@@ -37,8 +37,10 @@ class Minz_Log {
 			if ($username == '') {
 				$username = '_';
 			}
-			if ($file_name === null) {
+			if ($file_name == null) {
 				$file_name = join_path(USERS_PATH, $username, 'log.txt');
+			} else {
+				$username = '_';
 			}
 
 			switch ($level) {

lib/lib_rss.php

@@ -169,18 +169,17 @@ function html_only_entity_decode($text) {
 }
 
 function customSimplePie($attributes = array()) {
-	$system_conf = Minz_Configuration::get('system');
-	$limits = $system_conf->limits;
+	$limits = FreshRSS_Context::$system_conf->limits;
 	$simplePie = new SimplePie();
 	$simplePie->set_useragent(FRESHRSS_USERAGENT);
-	$simplePie->set_syslog($system_conf->simplepie_syslog_enabled);
+	$simplePie->set_syslog(FreshRSS_Context::$system_conf->simplepie_syslog_enabled);
 	$simplePie->set_cache_location(CACHE_PATH);
 	$simplePie->set_cache_duration($limits['cache_duration']);
 
 	$feed_timeout = empty($attributes['timeout']) ? 0 : intval($attributes['timeout']);
 	$simplePie->set_timeout($feed_timeout > 0 ? $feed_timeout : $limits['timeout']);
 
-	$curl_options = $system_conf->curl_options;
+	$curl_options = FreshRSS_Context::$system_conf->curl_options;
 	if (isset($attributes['ssl_verify'])) {
 		$curl_options[CURLOPT_SSL_VERIFYHOST] = $attributes['ssl_verify'] ? 2 : 0;
 		$curl_options[CURLOPT_SSL_VERIFYPEER] = $attributes['ssl_verify'] ? true : false;
@@ -331,8 +330,7 @@ function listUsers() {
  * @return true if number of users >= max registrations, false else.
  */
 function max_registrations_reached() {
-	$system_conf = Minz_Configuration::get('system');
-	$limit_registrations = $system_conf->limits['max_registrations'];
+	$limit_registrations = FreshRSS_Context::$system_conf->limits['max_registrations'];
 	$number_accounts = count(listUsers());
 
 	return $limit_registrations > 0 && $number_accounts >= $limit_registrations;

p/api/fever.php

@@ -14,10 +14,9 @@
 // BOOTSTRAP FreshRSS
 require(__DIR__ . '/../../constants.php');
 require(LIB_PATH . '/lib_rss.php');    //Includes class autoloader
-Minz_Configuration::register('system', DATA_PATH . '/config.php', FRESHRSS_PATH . '/config.default.php');
+FreshRSS_Context::initSystem();
 
 // check if API is enabled globally
-FreshRSS_Context::$system_conf = Minz_Configuration::get('system');
 if (!FreshRSS_Context::$system_conf->api_enabled) {
 	Minz_Log::warning('Fever API: serviceUnavailable() ' . debugInfo(), API_LOG);
 	header('HTTP/1.1 503 Service Unavailable');
@@ -159,10 +158,8 @@ class FeverAPI
 			$username = @file_get_contents(DATA_PATH . '/fever/.key-' . sha1(FreshRSS_Context::$system_conf->salt) . '-' . $feverKey . '.txt', false);
 			if ($username != false) {
 				$username = trim($username);
-				Minz_Session::_param('currentUser', $username);
-				$user_conf = get_user_configuration($username);
-				if ($user_conf != null && $feverKey === $user_conf->feverKey && $user_conf->enabled) {
-					FreshRSS_Context::$user_conf = $user_conf;
+				FreshRSS_Context::initUser($username);
+				if (FreshRSS_Context::$user_conf != null && $feverKey === FreshRSS_Context::$user_conf->feverKey && FreshRSS_Context::$user_conf->enabled) {
 					Minz_Translate::init(FreshRSS_Context::$user_conf->language);
 					$this->entryDAO = FreshRSS_Factory::createEntryDao();
 					$this->feedDAO = FreshRSS_Factory::createFeedDao();

p/api/greader.php

@@ -153,7 +153,7 @@ function authorizationToUser() {
 		if (count($headerAuthX) === 2) {
 			$user = $headerAuthX[0];
 			if (FreshRSS_user_Controller::checkUsername($user)) {
-				FreshRSS_Context::$user_conf = get_user_configuration($user);
+				FreshRSS_Context::initUser($user);
 				if (FreshRSS_Context::$user_conf == null) {
 					Minz_Log::warning('Invalid API user ' . $user . ': configuration cannot be found.');
 					unauthorized();
@@ -179,7 +179,7 @@ function authorizationToUser() {
 
 function clientLogin($email, $pass) {	//http://web.archive.org/web/20130604091042/http://undoc.in/clientLogin.html
 	if (FreshRSS_user_Controller::checkUsername($email)) {
-		FreshRSS_Context::$user_conf = get_user_configuration($email);
+		FreshRSS_Context::initUser($email);
 		if (FreshRSS_Context::$user_conf == null) {
 			Minz_Log::warning('Invalid API user ' . $email . ': configuration cannot be found.');
 			unauthorized();
@@ -922,10 +922,7 @@ if (count($pathInfos) < 3) {
 	badRequest();
 }
 
-Minz_Configuration::register('system',
-	DATA_PATH . '/config.php',
-	FRESHRSS_PATH . '/config.default.php');
-FreshRSS_Context::$system_conf = Minz_Configuration::get('system');
+FreshRSS_Context::initSystem();
 
 //Minz_Log::debug('----------------------------------------------------------------', API_LOG);
 //Minz_Log::debug(debugInfo(), API_LOG);
@@ -938,29 +935,23 @@ if (!FreshRSS_Context::$system_conf->api_enabled) {
 
 Minz_Session::init('FreshRSS', true);
 
-$user = $pathInfos[1] === 'accounts' ? '' : authorizationToUser();
-FreshRSS_Context::$user_conf = null;
-if ($user !== '') {
-	FreshRSS_Context::$user_conf = get_user_configuration($user);
+if ($pathInfos[1] !== 'accounts') {
+	authorizationToUser();
+}
+if (FreshRSS_Context::$user_conf != null) {
+	Minz_Translate::init(FreshRSS_Context::$user_conf->language);
 	Minz_ExtensionManager::init();
-	if (FreshRSS_Context::$user_conf != null) {
-		Minz_Translate::init(FreshRSS_Context::$user_conf->language);
-		Minz_ExtensionManager::enableByList(FreshRSS_Context::$user_conf->extensions_enabled);
-	} else {
-		Minz_Translate::init();
-	}
+	Minz_ExtensionManager::enableByList(FreshRSS_Context::$user_conf->extensions_enabled);
 } else {
 	Minz_Translate::init();
 }
 
-Minz_Session::_param('currentUser', $user);
-
 if ($pathInfos[1] === 'accounts') {
 	if (($pathInfos[2] === 'ClientLogin') && isset($_REQUEST['Email']) && isset($_REQUEST['Passwd'])) {
 		clientLogin($_REQUEST['Email'], $_REQUEST['Passwd']);
 	}
 } elseif ($pathInfos[1] === 'reader' && $pathInfos[2] === 'api' && isset($pathInfos[3]) && $pathInfos[3] === '0' && isset($pathInfos[4])) {
-	if ($user == '') {
+	if (Minz_Session::param('currentUser', '') == '') {
 		unauthorized();
 	}
 	$timestamp = isset($_GET['ck']) ? intval($_GET['ck']) : 0;	//ck=[unix timestamp] : Use the current Unix time here, helps Google with caching.

p/api/index.php

@@ -10,7 +10,7 @@
 <?php
 require(__DIR__ . '/../../constants.php');
 require(LIB_PATH . '/lib_rss.php');	//Includes class autoloader
-Minz_Configuration::register('system', DATA_PATH . '/config.php', FRESHRSS_PATH . '/config.default.php');
+FreshRSS_Context::initSystem();
 echo json_encode(array(
 		'greader' => Minz_Url::display('/api/greader.php', 'php', true),
 		'fever' => Minz_Url::display('/api/fever.php', 'php', true),

p/api/pshb.php

@@ -9,9 +9,8 @@ header('X-Content-Type-Options: nosniff');
 
 $ORIGINAL_INPUT = file_get_contents('php://input', false, null, 0, MAX_PAYLOAD);
 
-Minz_Configuration::register('system', DATA_PATH . '/config.php', FRESHRSS_PATH . '/config.default.php');
-$system_conf = Minz_Configuration::get('system');
-$system_conf->auth_type = 'none';	// avoid necessity to be logged in (not saved!)
+FreshRSS_Context::initSystem();
+FreshRSS_Context::$system_conf->auth_type = 'none';	// avoid necessity to be logged in (not saved!)
 
 //Minz_Log::debug(print_r(array('_SERVER' => $_SERVER, '_GET' => $_GET, '_POST' => $_POST, 'INPUT' => $ORIGINAL_INPUT), true), PSHB_LOG);
 
@@ -58,10 +57,6 @@ if (empty($users)) {
 	$url = base64url_decode($canonical64);
 	Minz_Log::warning('Warning: Nobody subscribes to this feed anymore!: ' . $url, PSHB_LOG);
 	unlink('../../keys/' . $key . '.txt');
-	Minz_Configuration::register('system',
-		DATA_PATH . '/config.php',
-		FRESHRSS_PATH . '/config.default.php');
-	FreshRSS_Context::$system_conf = Minz_Configuration::get('system');
 	$feed = new FreshRSS_Feed($url);
 	$feed->pubSubHubbubSubscribe(false);
 	unlink('!hub.json');
@@ -129,12 +124,7 @@ foreach ($users as $userFilename) {
 	}
 
 	try {
-		Minz_Session::_param('currentUser', $username);
-		Minz_Configuration::register('user',
-		                             join_path(USERS_PATH, $username, 'config.php'),
-		                             join_path(FRESHRSS_PATH, 'config-user.default.php'));
-		new Minz_ModelPdo($username);	//TODO: FIXME: Quick-fix while waiting for a better FreshRSS() constructor/init
-		FreshRSS_Context::init();
+		FreshRSS_Context::initUser($username);
 		if (FreshRSS_Context::$user_conf != null) {
 			Minz_ExtensionManager::enableByList(FreshRSS_Context::$user_conf->extensions_enabled);
 			Minz_Translate::reset(FreshRSS_Context::$user_conf->language);