diff options
Diffstat (limited to 'www')
| -rw-r--r-- | www/ajaxGetNewPrivateKey.php | 42 | ||||
| -rw-r--r-- | www/bookmarks.php | 17 | ||||
| -rw-r--r-- | www/index.php | 15 | ||||
| -rw-r--r-- | www/jsScuttle.php | 10 | ||||
| -rw-r--r-- | www/profile.php | 33 | ||||
| -rw-r--r-- | www/rss.php | 43 | ||||
| -rw-r--r-- | www/tags.php | 15 |
7 files changed, 167 insertions, 8 deletions
diff --git a/www/ajaxGetNewPrivateKey.php b/www/ajaxGetNewPrivateKey.php new file mode 100644 index 0000000..59545a2 --- /dev/null +++ b/www/ajaxGetNewPrivateKey.php @@ -0,0 +1,42 @@ +<?php +/*************************************************************************** + Copyright (C) 2005 - 2006 Scuttle project + http://sourceforge.net/projects/scuttle/ + http://scuttle.org/ + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + ***************************************************************************/ + +header("Last-Modified: ". gmdate("D, d M Y H:i:s") ." GMT"); +header("Cache-Control: no-cache, must-revalidate"); + +$httpContentType = 'text/xml'; +require_once 'www-header.php'; + +$us = SemanticScuttle_Service_Factory::get('User'); + +/* Managing all possible inputs */ +isset($_GET['url']) ? define('GET_URL', $_GET['url']): define('GET_URL', ''); + +echo '<?xml version="1.0" encoding="utf-8"?>'; +?> +<response> +<method> +getNewPrivateKey +</method> +<result> +<?php echo $us->getNewPrivateKey(); ?> +</result> +</response> diff --git a/www/bookmarks.php b/www/bookmarks.php index efc1680..44119db 100644 --- a/www/bookmarks.php +++ b/www/bookmarks.php @@ -229,12 +229,14 @@ if ($templatename == 'editbookmark.tpl') { $tplVars['sidebar_blocks'] = array('watchstatus'); if (!$cat) { //user page without tags + $rssTitle = ": My Bookmarks"; $cat = NULL; $tplVars['currenttag'] = NULL; //$tplVars['sidebar_blocks'][] = 'menu2'; $tplVars['sidebar_blocks'][] = 'linked'; $tplVars['sidebar_blocks'][] = 'popular'; } else { //pages with tags + $rssTitle = ": Tags" . $catTitle; $rssCat = '/'. filter($cat, 'url'); $tplVars['currenttag'] = $cat; $tplVars['sidebar_blocks'][] = 'tagactions'; @@ -264,9 +266,22 @@ if ($templatename == 'editbookmark.tpl') { // Set template vars $tplVars['rsschannels'] = array( - array(filter($sitename .': '. $pagetitle), createURL('rss', filter($user, 'url') . $rssCat.'?sort='.getSortOrder())) + array(filter($sitename .$rssTitle), createURL('rss', filter($user, 'url') . $rssCat.'?sort='.getSortOrder())) ); + if ($userservice->isLoggedOn()) { + $currentUsername = $currentUser->getUsername(); + if ($userservice->isPrivateKeyValid($currentUser->getPrivateKey())) { + array_push( + $tplVars['rsschannels'], + array( + filter($sitename . $rssTitle. sprintf(T_(': (private) ')) . $currentUsername), + createURL('rss', filter($currentUsername, 'url') . '?sort='.getSortOrder().'&privatekey='.$currentUser->getPrivateKey()) + ) + ); + } + } + $tplVars['page'] = $page; $tplVars['start'] = $start; $tplVars['bookmarkCount'] = $start + 1; diff --git a/www/index.php b/www/index.php index f6704ae..931d64d 100644 --- a/www/index.php +++ b/www/index.php @@ -42,9 +42,22 @@ if (GET_ACTION == "logout") { // Header variables $tplVars['loadjs'] = true; $tplVars['rsschannels'] = array( -array(sprintf(T_('%s: Recent bookmarks'), $sitename), createURL('rss').'?sort='.getSortOrder()) +array(sprintf(T_('%s: Recent bookmarks'), htmlspecialchars($sitename)), createURL('rss').'?sort='.getSortOrder()) ); +if ($userservice->isLoggedOn()) { + $currentUsername = $currentUser->getUsername(); + if ($userservice->isPrivateKeyValid($currentUser->getPrivateKey())) { + array_push( + $tplVars['rsschannels'], + array( + filter($sitename . sprintf(T_(': (private) ')) . $currentUsername), + createURL('rss', filter($currentUsername, 'url') . '?sort='.getSortOrder().'&privatekey='.$currentUser->getPrivateKey()) + ) + ); + } +} + if ($usecache) { // Generate hash for caching on $hashtext = $_SERVER['REQUEST_URI']; diff --git a/www/jsScuttle.php b/www/jsScuttle.php index c166755..76b49dc 100644 --- a/www/jsScuttle.php +++ b/www/jsScuttle.php @@ -89,6 +89,16 @@ function useAddress(ele) { } } +function getNewPrivateKey(input, response){ + var pk = document.getElementById('pPrivateKey'); + if (response != null) { + pk.value = response.trim(); + } else { + loadXMLDocProc('<?php echo ROOT; ?>ajaxGetNewPrivateKey.php'); + } + return false; +} + function getTitle(input, response){ var title = document.getElementById('titleField'); if (title.value == '') { diff --git a/www/profile.php b/www/profile.php index ccdb7a8..63f4da8 100644 --- a/www/profile.php +++ b/www/profile.php @@ -23,12 +23,16 @@ require_once 'www-header.php'; /* Service creation: only useful services are created */ // No specific services +$tplVars['loadjs'] = true; /* Managing all possible inputs */ +isset($_POST['submittedPK']) ? define('POST_SUBMITTEDPK', $_POST['submittedPK']): define('POST_SUBMITTEDPK', ''); isset($_POST['submitted']) ? define('POST_SUBMITTED', $_POST['submitted']): define('POST_SUBMITTED', ''); isset($_POST['pPass']) ? define('POST_PASS', $_POST['pPass']): define('POST_PASS', ''); isset($_POST['pPassConf']) ? define('POST_PASSCONF', $_POST['pPassConf']): define('POST_PASSCONF', ''); isset($_POST['pName']) ? define('POST_NAME', $_POST['pName']): define('POST_NAME', ''); +isset($_POST['pPrivateKey']) ? define('POST_PRIVATEKEY', $_POST['pPrivateKey']): define('POST_PRIVATEKEY', ''); +isset($_POST['pEnablePrivateKey']) ? define('POST_ENABLEPRIVATEKEY', $_POST['pEnablePrivateKey']): define('POST_ENABLEPRIVATEKEY', ''); isset($_POST['pMail']) ? define('POST_MAIL', $_POST['pMail']): define('POST_MAIL', ''); isset($_POST['pPage']) ? define('POST_PAGE', $_POST['pPage']): define('POST_PAGE', ''); isset($_POST['pDesc']) ? define('POST_DESC', $_POST['pDesc']): define('POST_DESC', ''); @@ -61,10 +65,19 @@ if ($user) { exit(); } +$tplVars['privateKeyIsEnabled'] = ''; if ($userservice->isLoggedOn() && $user == $currentUser->getUsername()) { - $title = T_('My Profile'); + $title = T_('My Profile'); + $tplVars['privateKey'] = $currentUser->getPrivateKey(true); + + if ($userservice->isPrivateKeyValid($currentUser->getPrivateKey())) { + $tplVars['privateKeyIsEnabled'] = 'checked="checked"'; + } else { + $tplVars['privateKeyIsEnabled'] = ''; + } } else { - $title = T_('Profile') .': '. $user; + $title = T_('Profile') .': '. $user; + $tplVars['privateKey'] = ''; } $tplVars['pagetitle'] = $title; $tplVars['subtitle'] = $title; @@ -72,11 +85,19 @@ $tplVars['subtitle'] = $title; $tplVars['user'] = $user; $tplVars['userid'] = $userid; +/* Update Private Key */ +if (POST_SUBMITTEDPK!='' && $currentUser->getId() == $userid) { + $userinfo = $userservice->getObjectUserByUsername($user); + $tplVars['privateKey'] = $userservice->getNewPrivateKey(); +} + if (POST_SUBMITTED!='' && $currentUser->getId() == $userid) { $error = false; $detPass = trim(POST_PASS); $detPassConf = trim(POST_PASSCONF); $detName = trim(POST_NAME); + $detPrivateKey = trim(POST_PRIVATEKEY); + $detEnablePrivateKey = trim(POST_ENABLEPRIVATEKEY); $detMail = trim(POST_MAIL); $detPage = trim(POST_PAGE); $detDesc = filter(POST_DESC); @@ -102,13 +123,19 @@ if (POST_SUBMITTED!='' && $currentUser->getId() == $userid) { $tplVars['error'] = T_('E-mail address is not valid.'); } if (!$error) { - if (!$userservice->updateUser($userid, $detPass, $detName, $detMail, $detPage, $detDesc)) { + if (!$userservice->updateUser($userid, $detPass, $detName, $detMail, $detPage, $detDesc, $detPrivateKey, $detEnablePrivateKey)) { $tplVars['error'] = T_('An error occurred while saving your changes.'); } else { $tplVars['msg'] = T_('Changes saved.'); } } $userinfo = $userservice->getObjectUserByUsername($user); + $tplVars['privateKey'] = $userinfo->getPrivateKey(true); + if ($userservice->isPrivateKeyValid($userinfo->getPrivateKey())) { + $tplVars['privateKeyIsEnabled'] = 'checked="checked"'; + } else { + $tplVars['privateKeyIsEnabled'] = ''; + } } if (!$userservice->isLoggedOn() || $currentUser->getId() != $userid) { diff --git a/www/rss.php b/www/rss.php index 50240e5..8c81e0e 100644 --- a/www/rss.php +++ b/www/rss.php @@ -64,9 +64,14 @@ if (!isset($rssEntries) || $rssEntries <= 0) { $rssEntries = $maxRssEntries; } +$privatekey = null; +if (isset($_GET['privatekey'])) { + $privatekey = $_GET['privatekey']; +} $watchlist = null; $pagetitle = ''; +$isTempLogin = false; if ($user && $user != 'all') { if ($user == 'watchlist') { $user = $cat; @@ -78,8 +83,24 @@ if ($user && $user != 'all') { } else { if ($userinfo = $userservice->getUserByUsername($user)) { $userid =& $userinfo[$userservice->getFieldName('primary')]; + /* if user is not logged in and has valid privatekey */ + if (!$userservice->isLoggedOn()) { + if ($privatekey != null) { + if ($userservice->loginPrivateKey($privatekey)) { + $isTempLogin = true; + } else { + $tplVars['error'] = sprintf(T_('Failed to Autenticate User with username %s using private key'), $user); + header('Content-type: text/html; charset=utf-8'); + $templateservice->loadTemplate('error.404.tpl', $tplVars); + //throw a 404 error + exit(); + } + } + } + } else { $tplVars['error'] = sprintf(T_('User with username %s was not found'), $user); + header('Content-type: text/html; charset=utf-8'); $templateservice->loadTemplate('error.404.tpl', $tplVars); //throw a 404 error exit(); @@ -87,7 +108,19 @@ if ($user && $user != 'all') { } $pagetitle .= ": ". $user; } else { - $userid = null; + if ($privatekey != null) { + if ($userservice->loginPrivateKey($privatekey)) { + $isTempLogin = true; + } else { + $tplVars['error'] = sprintf(T_('Failed to Autenticate User with username %s using private key'), $user); + header('Content-type: text/html; charset=utf-8'); + $templateservice->loadTemplate('error.404.tpl', $tplVars); + //throw a 404 error + exit(); + } + } else { + $userid = null; + } } if ($cat) { @@ -100,7 +133,8 @@ $tplVars['feeddescription'] = sprintf(T_('Recent bookmarks posted to %s'), $GLOB $bookmarks = $bookmarkservice->getBookmarks( 0, $rssEntries, $userid, $cat, - null, getSortOrder(), $watchlist + null, getSortOrder(), $watchlist, + null, null, null ); $bookmarks_tmp = filter($bookmarks['bookmarks']); @@ -134,6 +168,11 @@ $tplVars['feedlastupdate'] = date('r', strtotime($latestdate)); $templateservice->loadTemplate('rss.tpl', $tplVars); +/* If temporary login, please log out */ +if ($isTempLogin) { + $userservice->logout(); +} + if ($usecache) { // Cache output if existing copy has expired $cacheservice->End($hash); diff --git a/www/tags.php b/www/tags.php index a4e6555..09725e4 100644 --- a/www/tags.php +++ b/www/tags.php @@ -67,9 +67,22 @@ if ($usecache) { $tplVars['pagetitle'] = T_('Tags') .': '. $cat; $tplVars['loadjs'] = true; $tplVars['rsschannels'] = array( -array(filter($sitename .': '. $pagetitle), createURL('rss', 'all/'. filter($cat, 'url')).'?sort='.getSortOrder()) +array(filter($sitename .': Tags: '. $cat), createURL('rss', 'all/'. filter($cat, 'url')).'?sort='.getSortOrder()) ); +if ($userservice->isLoggedOn()) { + $currentUsername = $currentUser->getUsername(); + if ($userservice->isPrivateKeyValid($currentUser->getPrivateKey())) { + array_push( + $tplVars['rsschannels'], + array( + filter($sitename .': Tags: '. $cat . sprintf(T_(': (private) ')) . $currentUsername), + createURL('rss', filter($currentUsername, 'url') . '?sort='.getSortOrder().'&privatekey='.$currentUser->getPrivateKey()) + ) + ); + } +} + // Pagination $perpage = getPerPageCount($currentUser); if (intval(GET_PAGE) > 1) { |