new privatekey2 branch with privatekey changes

4 files changed, 93 insertions, 5 deletions

diff --git a/www/index.php b/www/index.php
index f6704ae..0977923 100644
--- a/www/index.php
+++ b/www/index.php
@@ -45,6 +45,19 @@ $tplVars['rsschannels'] = array(
 array(sprintf(T_('%s: Recent bookmarks'), $sitename), createURL('rss').'?sort='.getSortOrder())
 );
 
+if ($userservice->isLoggedOn()) {
+    $currentUsername = $currentUser->getUsername();
+    if ($userservice->isPrivateKeyValid($currentUser->getPrivateKey())) {
+        array_push(
+            $tplVars['rsschannels'],
+            array(
+                filter($sitename . sprintf(T_(': (private) ')) . $currentUsername),
+                createURL('rss', filter($currentUsername, 'url') . '?sort='.getSortOrder().'&privatekey='.$currentUser->getPrivateKey())
+            )
+        );
+    }
+}
+
 if ($usecache) {
 	// Generate hash for caching on
 	$hashtext = $_SERVER['REQUEST_URI'];
diff --git a/www/jsScuttle.php b/www/jsScuttle.php
index c166755..76b49dc 100644
--- a/www/jsScuttle.php
+++ b/www/jsScuttle.php
@@ -89,6 +89,16 @@ function useAddress(ele) {
     }
 }
 
+function getNewPrivateKey(input, response){
+    var pk = document.getElementById('pPrivateKey');
+    if (response != null) {
+        pk.value = response.trim();
+    } else {
+        loadXMLDocProc('<?php echo ROOT; ?>ajaxGetNewPrivateKey.php');
+    }
+    return false;
+}
+
 function getTitle(input, response){
     var title = document.getElementById('titleField');
     if (title.value == '') {
diff --git a/www/profile.php b/www/profile.php
index ccdb7a8..e6894d0 100644
--- a/www/profile.php
+++ b/www/profile.php
@@ -25,10 +25,13 @@ require_once 'www-header.php';
 // No specific services
 
 /* Managing all possible inputs */
+isset($_POST['submittedPK']) ? define('POST_SUBMITTEDPK', $_POST['submittedPK']): define('POST_SUBMITTEDPK', '');
 isset($_POST['submitted']) ? define('POST_SUBMITTED', $_POST['submitted']): define('POST_SUBMITTED', '');
 isset($_POST['pPass']) ? define('POST_PASS', $_POST['pPass']): define('POST_PASS', '');
 isset($_POST['pPassConf']) ? define('POST_PASSCONF', $_POST['pPassConf']): define('POST_PASSCONF', '');
 isset($_POST['pName']) ? define('POST_NAME', $_POST['pName']): define('POST_NAME', '');
+isset($_POST['pPrivateKey']) ? define('POST_PRIVATEKEY', $_POST['pPrivateKey']): define('POST_PRIVATEKEY', '');
+isset($_POST['pEnablePrivateKey']) ? define('POST_ENABLEPRIVATEKEY', $_POST['pEnablePrivateKey']): define('POST_ENABLEPRIVATEKEY', '');
 isset($_POST['pMail']) ? define('POST_MAIL', $_POST['pMail']): define('POST_MAIL', '');
 isset($_POST['pPage']) ? define('POST_PAGE', $_POST['pPage']): define('POST_PAGE', '');
 isset($_POST['pDesc']) ? define('POST_DESC', $_POST['pDesc']): define('POST_DESC', '');
@@ -61,10 +64,19 @@ if ($user) {
 	exit();
 }
 
+$tplVars['privateKeyIsEnabled'] = '';
 if ($userservice->isLoggedOn() && $user == $currentUser->getUsername()) {
-	$title = T_('My Profile');
+    $title = T_('My Profile');
+    $tplVars['privateKey'] = $currentUser->getPrivateKey(true);
+
+    if ($userservice->isPrivateKeyValid($currentUser->getPrivateKey())) {
+        $tplVars['privateKeyIsEnabled'] = 'checked="checked"';
+    } else {
+        $tplVars['privateKeyIsEnabled'] = '';
+    }
 } else {
-	$title = T_('Profile') .': '. $user;
+    $title = T_('Profile') .': '. $user;
+    $tplVars['privateKey'] = '';
 }
 $tplVars['pagetitle'] = $title;
 $tplVars['subtitle'] = $title;
@@ -72,11 +84,19 @@ $tplVars['subtitle'] = $title;
 $tplVars['user'] = $user;
 $tplVars['userid'] = $userid;
 
+/* Update Private Key */
+if (POST_SUBMITTEDPK!='' && $currentUser->getId() == $userid) {
+    $userinfo = $userservice->getObjectUserByUsername($user);
+    $tplVars['privateKey'] = $userservice->getNewPrivateKey();
+}
+
 if (POST_SUBMITTED!='' && $currentUser->getId() == $userid) {
 	$error = false;
 	$detPass = trim(POST_PASS);
 	$detPassConf = trim(POST_PASSCONF);
 	$detName = trim(POST_NAME);
+	$detPrivateKey = trim(POST_PRIVATEKEY);
+	$detEnablePrivateKey = trim(POST_ENABLEPRIVATEKEY);
 	$detMail = trim(POST_MAIL);
 	$detPage = trim(POST_PAGE);
 	$detDesc = filter(POST_DESC);
@@ -102,13 +122,19 @@ if (POST_SUBMITTED!='' && $currentUser->getId() == $userid) {
 		$tplVars['error'] = T_('E-mail address is not valid.');
 	}
 	if (!$error) {
-		if (!$userservice->updateUser($userid, $detPass, $detName, $detMail, $detPage, $detDesc)) {
+		if (!$userservice->updateUser($userid, $detPass, $detName, $detMail, $detPage, $detDesc, $detPrivateKey, $detEnablePrivateKey)) {
 			$tplVars['error'] = T_('An error occurred while saving your changes.');
 		} else {
 			$tplVars['msg'] = T_('Changes saved.');
 		}
 	}
 	$userinfo = $userservice->getObjectUserByUsername($user);
+	$tplVars['privateKey'] = $userinfo->getPrivateKey(true);
+	if ($userservice->isPrivateKeyValid($userinfo->getPrivateKey())) {
+		$tplVars['privateKeyIsEnabled'] = 'checked="checked"';
+	} else {
+		$tplVars['privateKeyIsEnabled'] = '';
+	}
 }
 
 if (!$userservice->isLoggedOn() || $currentUser->getId() != $userid) {
diff --git a/www/rss.php b/www/rss.php
index 50240e5..8c81e0e 100644
--- a/www/rss.php
+++ b/www/rss.php
@@ -64,9 +64,14 @@ if (!isset($rssEntries) || $rssEntries <= 0) {
     $rssEntries = $maxRssEntries;
 }
 
+$privatekey = null;
+if (isset($_GET['privatekey'])) {
+    $privatekey = $_GET['privatekey'];
+}
 
 $watchlist = null;
 $pagetitle = '';
+$isTempLogin = false;
 if ($user && $user != 'all') {
     if ($user == 'watchlist') {
         $user = $cat;
@@ -78,8 +83,24 @@ if ($user && $user != 'all') {
     } else {
         if ($userinfo = $userservice->getUserByUsername($user)) {
             $userid =& $userinfo[$userservice->getFieldName('primary')];
+            /* if user is not logged in and has valid privatekey */
+            if (!$userservice->isLoggedOn()) {
+                if ($privatekey != null) {
+                    if ($userservice->loginPrivateKey($privatekey)) {
+                        $isTempLogin = true;
+                    } else {
+                        $tplVars['error'] = sprintf(T_('Failed to Autenticate User with username %s using private key'), $user);
+                        header('Content-type: text/html; charset=utf-8');
+                        $templateservice->loadTemplate('error.404.tpl', $tplVars);
+                        //throw a 404 error
+                        exit();
+                    }
+                }
+            }
+
         } else {
             $tplVars['error'] = sprintf(T_('User with username %s was not found'), $user);
+            header('Content-type: text/html; charset=utf-8');
             $templateservice->loadTemplate('error.404.tpl', $tplVars);
             //throw a 404 error
             exit();
@@ -87,7 +108,19 @@ if ($user && $user != 'all') {
     }
     $pagetitle .= ": ". $user;
 } else {
-    $userid = null;
+    if ($privatekey != null) {
+        if ($userservice->loginPrivateKey($privatekey)) {
+            $isTempLogin = true;
+        } else {
+            $tplVars['error'] = sprintf(T_('Failed to Autenticate User with username %s using private key'), $user);
+            header('Content-type: text/html; charset=utf-8');
+            $templateservice->loadTemplate('error.404.tpl', $tplVars);
+            //throw a 404 error
+            exit();
+        }
+    } else {
+        $userid = null;
+    }
 }
 
 if ($cat) {
@@ -100,7 +133,8 @@ $tplVars['feeddescription'] = sprintf(T_('Recent bookmarks posted to %s'), $GLOB
 
 $bookmarks = $bookmarkservice->getBookmarks(
     0, $rssEntries, $userid, $cat,
-    null, getSortOrder(), $watchlist
+    null, getSortOrder(), $watchlist,
+    null, null, null
 );
 
 $bookmarks_tmp = filter($bookmarks['bookmarks']);
@@ -134,6 +168,11 @@ $tplVars['feedlastupdate'] = date('r', strtotime($latestdate));
 
 $templateservice->loadTemplate('rss.tpl', $tplVars);
 
+/* If temporary login, please log out */
+if ($isTempLogin) {
+    $userservice->logout();
+}
+
 if ($usecache) {
     // Cache output if existing copy has expired
     $cacheservice->End($hash);