diff options
| -rw-r--r-- | .gitignore | 4 | ||||
| -rw-r--r-- | data/.gitignore | 1 | ||||
| -rw-r--r-- | doc/ChangeLog | 1 | ||||
| -rw-r--r-- | doc/ssl-client-certificates.rst | 9 | ||||
| -rw-r--r-- | src/SemanticScuttle/Service/AuthUser.php | 2 | ||||
| -rw-r--r-- | src/SemanticScuttle/Service/User.php | 4 | ||||
| -rw-r--r-- | src/SemanticScuttle/header-standalone.php | 1 | ||||
| -rw-r--r-- | src/SemanticScuttle/header.php | 17 | ||||
| -rw-r--r-- | tests/TestBaseApi.php | 38 | ||||
| -rw-r--r-- | tests/prepare.php | 4 | ||||
| -rw-r--r-- | tests/www/searchTest.php | 2 | ||||
| -rw-r--r-- | www/gsearch/context.php | 56 | ||||
| -rw-r--r-- | www/gsearch/index.php | 66 |
13 files changed, 139 insertions, 66 deletions
@@ -3,4 +3,6 @@ dist/ build.properties package.xml semanticscuttle-dump.sql -data/config.unittest.php +data/config.php +data/config.testing.php +data/config.testing-tmp.php diff --git a/data/.gitignore b/data/.gitignore deleted file mode 100644 index 4f4773f..0000000 --- a/data/.gitignore +++ /dev/null @@ -1 +0,0 @@ -config.php diff --git a/doc/ChangeLog b/doc/ChangeLog index a54e71e..3c4e939 100644 --- a/doc/ChangeLog +++ b/doc/ChangeLog @@ -14,6 +14,7 @@ ChangeLog for SemantiScuttle - Update php-gettext library to 1.0.10 - api/posts/add respects the "replace" parameter now - Fix privacy issue when fetching tags of several users +- Fix Google custom search XML - Only URLs with an allowed protocol may be added to the database - Support HTTPS connections when $root is not configured - SQL schema version table to ease future database upgrades diff --git a/doc/ssl-client-certificates.rst b/doc/ssl-client-certificates.rst index e12b507..7abf17a 100644 --- a/doc/ssl-client-certificates.rst +++ b/doc/ssl-client-certificates.rst @@ -94,7 +94,14 @@ you use. Apache configuration -------------------- To make use of SSL client certificates, you need to deliver SemanticScuttle -via HTTPS. +via HTTPS. + +Note that you can equip several virtual hosts with SSL certificates +and keep them on the same, standard SSL port by using SNI - +`Server Name Indication`__. + +.. _SNI: http://wiki.apache.org/httpd/NameBasedSSLVHostsWithSNI +__ SNI_ A basic virtual host configuration with SSL looks like this: diff --git a/src/SemanticScuttle/Service/AuthUser.php b/src/SemanticScuttle/Service/AuthUser.php index 479b68a..9447ee4 100644 --- a/src/SemanticScuttle/Service/AuthUser.php +++ b/src/SemanticScuttle/Service/AuthUser.php @@ -130,7 +130,7 @@ class SemanticScuttle_Service_AuthUser extends SemanticScuttle_Service_User //FIXME: caching? $name = $this->auth->getUsername(); if (!$name) { - return false; + return parent::getCurrentUserId(); } return $this->getIdFromUser($name); } diff --git a/src/SemanticScuttle/Service/User.php b/src/SemanticScuttle/Service/User.php index 01945ca..18d5a29 100644 --- a/src/SemanticScuttle/Service/User.php +++ b/src/SemanticScuttle/Service/User.php @@ -455,8 +455,8 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService if ($ssls->hasValidCert()) { $id = $ssls->getUserIdFromCert(); if ($id !== false) { - $this->setCurrentUserId($id); - return (int)$_SESSION[$this->getSessionKey()]; + $this->setCurrentUserId($id, true); + return $this->currentuserId; } } return false; diff --git a/src/SemanticScuttle/header-standalone.php b/src/SemanticScuttle/header-standalone.php index cc1b0bd..3755ea1 100644 --- a/src/SemanticScuttle/header-standalone.php +++ b/src/SemanticScuttle/header-standalone.php @@ -14,7 +14,6 @@ * @link http://sourceforge.net/projects/semanticscuttle */ $_SERVER['HTTP_HOST'] = 'http://localhost/'; -define('UNIT_TEST_MODE', true); require_once dirname(__FILE__) . '/header.php'; ?>
\ No newline at end of file diff --git a/src/SemanticScuttle/header.php b/src/SemanticScuttle/header.php index b0705b0..098e5c3 100644 --- a/src/SemanticScuttle/header.php +++ b/src/SemanticScuttle/header.php @@ -46,14 +46,21 @@ if (isset($_GET['unittestMode']) && $_GET['unittestMode'] == 1 die("Unittestmode is not allowed\n"); } - $unittestConfigFile = $datadir . '/config.unittest.php'; - if (file_exists($unittestConfigFile)) { - require_once $unittestConfigFile; - } define('HTTP_UNIT_TEST_MODE', true); define('UNIT_TEST_MODE', true); } if (defined('UNIT_TEST_MODE')) { + //load configuration for unit tests + $testingConfigFile = $datadir . '/config.testing.php'; + if (file_exists($testingConfigFile)) { + require_once $testingConfigFile; + } + //test-specific configuration file + $unittestConfigFile = $datadir . '/config.testing-tmp.php'; + if (file_exists($unittestConfigFile)) { + require_once $unittestConfigFile; + } + //make local config vars global - needed for unit tests //run with phpunit foreach (get_defined_vars() as $var => $value) { @@ -107,7 +114,7 @@ T_bind_textdomain_codeset($domain, 'UTF-8'); T_textdomain($domain); // 4 // Session -if (!defined('UNIT_TEST_MODE') || defined('HTTP_UNIT_TEST_MODE')) { +if (isset($_SERVER['REMOTE_ADDR'])) { session_start(); if ($GLOBALS['enableVoting']) { if (isset($_SESSION['lastUrl'])) { diff --git a/tests/TestBaseApi.php b/tests/TestBaseApi.php index 2caa701..20574f3 100644 --- a/tests/TestBaseApi.php +++ b/tests/TestBaseApi.php @@ -50,8 +50,9 @@ class TestBaseApi extends TestBase $this->url = $GLOBALS['unittestUrl'] . $this->urlPart; //clean up before test - if (file_exists($GLOBALS['datadir'] . '/config.unittest.php')) { - unlink($GLOBALS['datadir'] . '/config.unittest.php'); + $configFile = $GLOBALS['datadir'] . '/config.testing-tmp.php'; + if (file_exists($configFile)) { + unlink($configFile); } $this->us = SemanticScuttle_Service_Factory::get('User'); @@ -71,19 +72,36 @@ class TestBaseApi extends TestBase * @param string $urlSuffix Suffix for the URL * * @return HTTP_Request2 HTTP request object - * - * @uses $url */ protected function getRequest($urlSuffix = null) { - $req = new HTTP_Request2( - $this->url . $urlSuffix, - HTTP_Request2::METHOD_GET - ); + $url = $this->getTestUrl($urlSuffix); + $req = new HTTP_Request2($url, HTTP_Request2::METHOD_GET); return $req; } + /** + * Creates an URL from $this->url plus $urlSuffix and an appended + * unittestMode=1 parameter. + * + * @param string $urlSuffix Suffix for the URL + * + * @return string URL + * + * @uses $url + */ + protected function getTestUrl($urlSuffix = null) + { + $url = $this->url . $urlSuffix; + if (strpos($urlSuffix, '?') !== false) { + $url .= '&unittestMode=1'; + } else { + $url .= '?unittestMode=1'; + } + return $url; + } + /** * Completes an URL that's missing the protocol. @@ -165,7 +183,7 @@ class TestBaseApi extends TestBase $uid = $this->addUser($username, $password); $req = new HTTP_Request2( - $GLOBALS['unittestUrl'] . '/login.php', + $GLOBALS['unittestUrl'] . '/login.php?unittestMode=1', HTTP_Request2::METHOD_POST ); $cookies = $req->setCookieJar()->getCookieJar(); @@ -230,7 +248,7 @@ class TestBaseApi extends TestBase $this->assertInternalType( 'integer', - file_put_contents($GLOBALS['datadir'] . '/config.unittest.php', $str), + file_put_contents($GLOBALS['datadir'] . '/config.testing-tmp.php', $str), 'Writing config.unittest.php failed' ); } diff --git a/tests/prepare.php b/tests/prepare.php index c80306e..ea4d77d 100644 --- a/tests/prepare.php +++ b/tests/prepare.php @@ -22,7 +22,7 @@ $_SERVER['HTTP_HOST'] = 'http://localhost/'; define('UNIT_TEST_MODE', true); if ('@data_dir@' == '@' . 'data_dir@') { - //non pear-install + //non pear-installation (i.e. git checkout) require_once dirname(__FILE__) . '/../src/SemanticScuttle/header.php'; } else { //pear installation; files are in include path @@ -35,7 +35,7 @@ if ($GLOBALS['debugMode'] == true && $GLOBALS['dbtype'] == 'mysql4' ) { echo "\n" - . '!!! The combination of debugMode and dbtype==mysql4' + . '!! The combination of debugMode and dbtype==mysql4' . ' will wreck some tests' . "\n\n"; } ?>
\ No newline at end of file diff --git a/tests/www/searchTest.php b/tests/www/searchTest.php index 1220667..5dce69d 100644 --- a/tests/www/searchTest.php +++ b/tests/www/searchTest.php @@ -41,7 +41,7 @@ class www_SearchTest extends TestBaseApi 'No bookmark found', false ); - $res = $this->getRequest('/all/baz bat')->send(); + $res = $this->getRequest('/all/baz%20bat')->send(); $this->assertSelectCount( '.xfolkentry', false, $res->getBody(), 'Bookmarks found', false diff --git a/www/gsearch/context.php b/www/gsearch/context.php index d714ec1..fd10c4e 100644 --- a/www/gsearch/context.php +++ b/www/gsearch/context.php @@ -1,27 +1,43 @@ <?php +/** + * Google custom search context information for SemanticScuttle. + * Tells Google meta data about the search. + * + * SemanticScuttle - your social bookmark manager. + * + * PHP version 5. + * + * @category Bookmarking + * @package SemanticScuttle + * @author Benjamin Huynh-Kim-Bang <mensonge@users.sourceforge.net> + * @author Christian Weiske <cweiske@cweiske.de> + * @author Eric Dane <ericdane@users.sourceforge.net> + * @license GPL http://www.gnu.org/licenses/gpl.html + * @link http://sourceforge.net/projects/semanticscuttle + * @link http://www.google.com/cse/docs/cref.html + */ require_once '../www-header.php'; -if($GLOBALS['enableGoogleCustomSearch'] == false) { - echo "Google Custom Search disabled. You can enable it into the config.php file."; - die; +if ($GLOBALS['enableGoogleCustomSearch'] == false) { + header('HTTP/1.0 403 Forbidden'); + header('Content-Type: text/plain; charset=utf-8'); + echo "Google Custom Search disabled." + . " You can enable it into the config.php file.\n"; + die(); } ?> - -<!--?xml version="1.0" encoding="UTF-8" ?--> +<?xml version="1.0" encoding="UTF-8" ?> <GoogleCustomizations> - <CustomSearchEngine> - <Title><?php echo $GLOBALS['sitename'] ?></Title> - <Description><?php echo filter($GLOBALS['welcomeMessage']) ?></Description> - <Context> - <BackgroundLabels> - <Label name="include" mode="FILTER" /> - </BackgroundLabels> - </Context> - <LookAndFeel nonprofit="false"> - </LookAndFeel> - </CustomSearchEngine> - - <Include type="Annotations" href="<?php echo ROOT;?>api/export_gcs.php?xml=1" /> - - + <CustomSearchEngine> + <Title><?php echo htmlspecialchars($GLOBALS['sitename']) ?></Title> + <Description><?php echo filter($GLOBALS['welcomeMessage']) ?></Description> + <Context> + <BackgroundLabels> + <Label name="include" mode="FILTER" /> + </BackgroundLabels> + </Context> + <LookAndFeel nonprofit="false"> + </LookAndFeel> + </CustomSearchEngine> + <Include type="Annotations" href="<?php echo ROOT;?>api/export_gcs.php?xml=1" /> </GoogleCustomizations> diff --git a/www/gsearch/index.php b/www/gsearch/index.php index 70be05e..477aacb 100644 --- a/www/gsearch/index.php +++ b/www/gsearch/index.php @@ -1,17 +1,41 @@ -<?php require_once '../www-header.php'; +<?php +/** + * Google custom search for SemanticScuttle. + * This is a "linked CSE", a linked custom search engine. + * See the linked docs for more info. + * + * SemanticScuttle - your social bookmark manager. + * + * PHP version 5. + * + * @category Bookmarking + * @package SemanticScuttle + * @author Benjamin Huynh-Kim-Bang <mensonge@users.sourceforge.net> + * @author Christian Weiske <cweiske@cweiske.de> + * @author Eric Dane <ericdane@users.sourceforge.net> + * @license GPL http://www.gnu.org/licenses/gpl.html + * @link http://sourceforge.net/projects/semanticscuttle + * @link http://www.google.com/cse/docs/cref.html + */ +require_once '../www-header.php'; -if($GLOBALS['enableGoogleCustomSearch']==false) { - echo "Google Custom Search disabled. You can enable it into the config.php file."; - die; +if ($GLOBALS['enableGoogleCustomSearch'] == false) { + header('HTTP/1.0 403 Forbidden'); + header('Content-Type: text/plain; charset=utf-8'); + echo "Google Custom Search disabled." + . " You can enable it into the config.php file.\n"; + die(); } ?> - -<html> -<title><?php echo $GLOBALS['sitename'] ?></title> -<body> -<center> -<br /> +<?xml version="1.0" encoding="utf-8"?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> + <head> + <title><?php echo htmlspecialchars($GLOBALS['sitename']); ?></title> + </head> + <body> + <div style="text-align: center; padding-top: 2em"> <!-- Google CSE Search Box Begins --> <form id="cref" action="http://www.google.com/cse"> @@ -27,21 +51,21 @@ if($GLOBALS['enableGoogleCustomSearch']==false) { <small><a href="<?php echo ROOT?>"><?php echo T_('Come back to ').$GLOBALS['sitename'] ?>...</a></small> -<?php if($userservice->isLoggedOn() && $currentUser->isAdmin()){ - echo '<p><small>'; - echo T_('Admin tips: '); - echo T_('To refresh manually Google Custom Search Engine, goes to: '); - echo '<a href="http://www.google.com/coop/cse/cref?cref=' +<?php if ($userservice->isLoggedOn() && $currentUser->isAdmin()) { + echo '<p><small>'; + echo T_('Admin tips: '); + echo T_('To refresh manually Google Custom Search Engine, goes to: '); + echo '<a href="http://www.google.com/coop/cse/cref?cref=' . ROOT . 'gsearch/context.php">http://www.google.com/coop/cse/cref</a>' . '<br/>'; - echo T_('If no result appears, check that all the urls are valid in the admin section.'); - echo '</small></p>'; - -} + echo T_('If no result appears, check that all the urls are valid in the admin section.'); + echo '</small></p>'; + +} ?> -</center> -</body> + </div> + </body> </html> |