public function createUser($username)
{
require_once APP_PATH . '/sql.php';
$db = Minz_Configuration::dataBase();
$sql = sprintf(SQL_CREATE_TABLES, $db['prefix'] . $username . '_');
$stm = $this->bd->prepare($sql, array(PDO::ATTR_EMULATE_PREPARES => true));
$values = array('catName' => Minz_Translate::t('default_category'));
if ($stm && $stm->execute($values)) {
return true;
} else {
$info = $stm->errorInfo();
Minz_Log::record('SQL error : ' . $info[2], Minz_Log::ERROR);
return false;
}
}
public function archivingAction()
{
if (Minz_Request::isPost()) {
$old = Minz_Request::param('old_entries', 3);
$keepHistoryDefault = Minz_Request::param('keep_history_default', 0);
$this->view->conf->_old_entries($old);
$this->view->conf->_keep_history_default($keepHistoryDefault);
$this->view->conf->save();
invalidateHttpCache();
$notif = array('type' => 'good', 'content' => Minz_Translate::t('configuration_updated'));
Minz_Session::_param('notification', $notif);
Minz_Request::forward(array('c' => 'configure', 'a' => 'archiving'), true);
}
Minz_View::prependTitle(Minz_Translate::t('archiving_configuration') . ' · ');
$entryDAO = new FreshRSS_EntryDAO();
$this->view->nb_total = $entryDAO->count();
$this->view->size_user = $entryDAO->size();
if (Minz_Configuration::isAdmin(Minz_Session::param('currentUser', '_'))) {
$this->view->size_total = $entryDAO->size(true);
}
}
public function checkDefault()
{
$def_cat = $this->searchById(1);
if ($def_cat === false) {
$cat = new FreshRSS_Category(Minz_Translate::t('default_category'));
$cat->_id(1);
$values = array('id' => $cat->id(), 'name' => $cat->name());
$this->addCategory($values);
}
}
function customSimplePie()
{
$simplePie = new SimplePie();
$simplePie->set_useragent(Minz_Translate::t('freshrss') . '/' . FRESHRSS_VERSION . ' (' . PHP_OS . '; ' . FRESHRSS_WEBSITE . ') ' . SIMPLEPIE_NAME . '/' . SIMPLEPIE_VERSION);
$simplePie->set_cache_location(CACHE_PATH);
$simplePie->set_cache_duration(1500);
$simplePie->strip_htmltags(array('base', 'blink', 'body', 'doctype', 'embed', 'font', 'form', 'frame', 'frameset', 'html', 'link', 'input', 'marquee', 'meta', 'noscript', 'object', 'param', 'plaintext', 'script', 'style'));
$simplePie->strip_attributes(array_merge($simplePie->strip_attributes, array('autoplay', 'onload', 'onunload', 'onclick', 'ondblclick', 'onmousedown', 'onmouseup', 'onmouseover', 'onmousemove', 'onmouseout', 'onfocus', 'onblur', 'onkeypress', 'onkeydown', 'onkeyup', 'onselect', 'onchange', 'seamless')));
$simplePie->add_attributes(array('img' => array('lazyload' => ''), 'audio' => array('preload' => 'none'), 'iframe' => array('postpone' => '', 'sandbox' => 'allow-scripts allow-same-origin'), 'video' => array('postpone' => '', 'preload' => 'none')));
$simplePie->set_url_replacements(array('a' => 'href', 'area' => 'href', 'audio' => 'src', 'blockquote' => 'cite', 'del' => 'cite', 'form' => 'action', 'iframe' => 'src', 'img' => array('longdesc', 'src'), 'input' => 'src', 'ins' => 'cite', 'q' => 'cite', 'source' => 'src', 'track' => 'src', 'video' => array('poster', 'src')));
return $simplePie;
}
public function deleteAction()
{
if (Minz_Request::isPost() && Minz_Configuration::isAdmin(Minz_Session::param('currentUser', '_'))) {
require_once APP_PATH . '/sql.php';
$username = Minz_Request::param('username');
$ok = ctype_alnum($username);
if ($ok) {
$ok &= strcasecmp($username, Minz_Configuration::defaultUser()) !== 0;
//It is forbidden to delete the default user
}
if ($ok) {
$configPath = DATA_PATH . '/' . $username . '_user.php';
$ok &= file_exists($configPath);
}
if ($ok) {
$userDAO = new FreshRSS_UserDAO();
$ok &= $userDAO->deleteUser($username);
$ok &= unlink($configPath);
//TODO: delete Persona file
}
invalidateHttpCache();
$notif = array('type' => $ok ? 'good' : 'bad', 'content' => Minz_Translate::t($ok ? 'user_deleted' : 'error_occurred', $username));
Minz_Session::_param('notification', $notif);
}
Minz_Request::forward(array('c' => 'configure', 'a' => 'users'), true);
}
public function purgeAction()
{
@set_time_limit(300);
$nb_month_old = max($this->view->conf->old_entries, 1);
$date_min = time() - 3600 * 24 * 30 * $nb_month_old;
$feedDAO = new FreshRSS_FeedDAO();
$feeds = $feedDAO->listFeedsOrderUpdate();
$nbTotal = 0;
invalidateHttpCache();
foreach ($feeds as $feed) {
$feedHistory = $feed->keepHistory();
if ($feedHistory == -2) {
//default
$feedHistory = $this->view->conf->keep_history_default;
}
if ($feedHistory >= 0) {
$nb = $feedDAO->cleanOldEntries($feed->id(), $date_min, $feedHistory);
if ($nb > 0) {
$nbTotal += $nb;
Minz_Log::record($nb . ' old entries cleaned in feed [' . $feed->url() . ']', Minz_Log::DEBUG);
$feedDAO->updateLastUpdate($feed->id());
}
}
}
invalidateHttpCache();
$notif = array('type' => 'good', 'content' => Minz_Translate::t('purge_completed', $nbTotal));
Minz_Session::_param('notification', $notif);
Minz_Request::forward(array('c' => 'configure', 'a' => 'archiving'), true);
}
public function formLoginAction()
{
if (Minz_Request::isPost()) {
$ok = false;
$nonce = Minz_Session::param('nonce');
$username = Minz_Request::param('username', '');
$c = Minz_Request::param('challenge', '');
if (ctype_alnum($username) && ctype_graph($c) && ctype_alnum($nonce)) {
if (!function_exists('password_verify')) {
include_once LIB_PATH . '/password_compat.php';
}
try {
$conf = new FreshRSS_Configuration($username);
$s = $conf->passwordHash;
$ok = password_verify($nonce . $s, $c);
if ($ok) {
Minz_Session::_param('currentUser', $username);
Minz_Session::_param('passwordHash', $s);
} else {
Minz_Log::record('Password mismatch for user ' . $username . ', nonce=' . $nonce . ', c=' . $c, Minz_Log::WARNING);
}
} catch (Minz_Exception $me) {
Minz_Log::record('Login failure: ' . $me->getMessage(), Minz_Log::WARNING);
}
} else {
Minz_Log::record('Invalid credential parameters: user='******' challenge=' . $c . ' nonce=' . $nonce, Minz_Log::DEBUG);
}
if (!$ok) {
$notif = array('type' => 'bad', 'content' => Minz_Translate::t('invalid_login'));
Minz_Session::_param('notification', $notif);
}
$this->view->_useLayout(false);
Minz_Request::forward(array('c' => 'index', 'a' => 'index'), true);
} elseif (!Minz_Configuration::canLogIn()) {
Minz_Error::error(403, array('error' => array(Minz_Translate::t('access_denied'))));
}
invalidateHttpCache();
}
public function deleteAction()
{
if (Minz_Request::isPost()) {
$type = Minz_Request::param('type', 'feed');
$id = Minz_Request::param('id');
$feedDAO = new FreshRSS_FeedDAO();
if ($type == 'category') {
if ($feedDAO->deleteFeedByCategory($id)) {
$notif = array('type' => 'good', 'content' => Minz_Translate::t('category_emptied'));
//TODO: Delete old favicons
} else {
$notif = array('type' => 'bad', 'content' => Minz_Translate::t('error_occured'));
}
} else {
if ($feedDAO->deleteFeed($id)) {
$notif = array('type' => 'good', 'content' => Minz_Translate::t('feed_deleted'));
//TODO: Delete old favicon
} else {
$notif = array('type' => 'bad', 'content' => Minz_Translate::t('error_occured'));
}
}
Minz_Session::_param('notification', $notif);
if ($type == 'category') {
Minz_Request::forward(array('c' => 'configure', 'a' => 'categorize'), true);
} else {
Minz_Request::forward(array('c' => 'configure', 'a' => 'feed'), true);
}
}
}
