function install()
{
// On free.fr host, make sure the /sessions directory exists, otherwise login will not work.
if (endsWith($_SERVER['HTTP_HOST'], '.free.fr') && !is_dir($_SERVER['DOCUMENT_ROOT'] . '/sessions')) {
mkdir($_SERVER['DOCUMENT_ROOT'] . '/sessions', 0705);
}
// This part makes sure sessions works correctly.
// (Because on some hosts, session.save_path may not be set correctly,
// or we may not have write access to it.)
if (isset($_GET['test_session']) && (!isset($_SESSION) || !isset($_SESSION['session_tested']) || $_SESSION['session_tested'] != 'Working')) {
// Step 2: Check if data in session is correct.
echo '<pre>Sessions do not seem to work correctly on your server.<br>';
echo 'Make sure the variable session.save_path is set correctly in your php config, and that you have write access to it.<br>';
echo 'It currently points to ' . session_save_path() . '<br>';
echo 'Check that the hostname used to access Shaarli contains a dot. On some browsers, accessing your server via a hostname like \'localhost\' or any custom hostname without a dot causes cookie storage to fail. We recommend accessing your server via it\'s IP address or Fully Qualified Domain Name.<br>';
echo '<br><a href="?">Click to try again.</a></pre>';
die;
}
if (!isset($_SESSION['session_tested'])) {
// Step 1 : Try to store data in session and reload page.
$_SESSION['session_tested'] = 'Working';
// Try to set a variable in session.
header('Location: ' . index_url($_SERVER) . '?test_session');
// Redirect to check stored data.
}
if (isset($_GET['test_session'])) {
// Step 3: Sessions are OK. Remove test parameter from URL.
header('Location: ' . index_url($_SERVER));
}
if (!empty($_POST['setlogin']) && !empty($_POST['setpassword'])) {
$tz = 'UTC';
if (!empty($_POST['continent']) && !empty($_POST['city'])) {
if (isTimeZoneValid($_POST['continent'], $_POST['city'])) {
$tz = $_POST['continent'] . '/' . $_POST['city'];
}
}
$GLOBALS['timezone'] = $tz;
// Everything is ok, let's create config file.
$GLOBALS['login'] = $_POST['setlogin'];
$GLOBALS['salt'] = sha1(uniqid('', true) . '_' . mt_rand());
// Salt renders rainbow-tables attacks useless.
$GLOBALS['hash'] = sha1($_POST['setpassword'] . $GLOBALS['login'] . $GLOBALS['salt']);
$GLOBALS['title'] = empty($_POST['title']) ? 'Shared links on ' . escape(index_url($_SERVER)) : $_POST['title'];
$GLOBALS['config']['ENABLE_UPDATECHECK'] = !empty($_POST['updateCheck']);
try {
writeConfig($GLOBALS, isLoggedIn());
} catch (Exception $e) {
error_log('ERROR while writing config file after installation.' . PHP_EOL . $e->getMessage());
// TODO: do not handle exceptions/errors in JS.
echo '<script>alert("' . $e->getMessage() . '");document.location=\'?\';</script>';
exit;
}
echo '<script>alert("Shaarli is now configured. Please enter your login/password and start shaaring your links!");document.location=\'?do=login\';</script>';
exit;
}
// Display config form:
list($timezone_form, $timezone_js) = generateTimeZoneForm();
$timezone_html = '';
if ($timezone_form != '') {
$timezone_html = '<tr><td><b>Timezone:</b></td><td>' . $timezone_form . '</td></tr>';
}
$PAGE = new pageBuilder();
$PAGE->assign('timezone_html', $timezone_html);
$PAGE->assign('timezone_js', $timezone_js);
$PAGE->renderPage('install');
exit;
}
function install()
{
global $core;
// On free.fr host, make sure the /sessions directory exists, otherwise login will not work.
if (endsWith($_SERVER['SERVER_NAME'], '.free.fr') && !is_dir($_SERVER['DOCUMENT_ROOT'] . '/sessions')) {
mkdir($_SERVER['DOCUMENT_ROOT'] . '/sessions', 0705);
}
if ($core->auth->sessionExists() && !empty($_POST['setlogin'])) {
$tz = 'UTC';
if (!empty($_POST['continent']) && !empty($_POST['city'])) {
if (isTZvalid($_POST['continent'], $_POST['city'])) {
$tz = $_POST['continent'] . '/' . $_POST['city'];
}
}
$GLOBALS['timezone'] = $tz;
// Everything is ok, let's create config file.
$GLOBALS['login'] = $core->auth->userID();
$GLOBALS['salt'] = sha1(uniqid('', true) . '_' . mt_rand());
// Salt renders rainbow-tables attacks useless.
$GLOBALS['hash'] = sha1($core->auth->userToken() . $GLOBALS['login'] . $GLOBALS['salt']);
$GLOBALS['title'] = empty($_POST['title']) ? 'Shared links on ' . htmlspecialchars(indexUrl()) : $_POST['title'];
writeConfig();
echo '<script language="JavaScript">alert("Shaarli is now configured !");document.location=\'\';</script>';
exit;
}
// Display config form:
list($timezone_form, $timezone_js) = templateTZform();
$timezone_html = '';
if ($timezone_form != '') {
$timezone_html = '<tr><td valign="top"><b>Timezone:</b></td><td>' . $timezone_form . '</td></tr>';
}
$PAGE = new pageBuilder();
$PAGE->assign('login_html', $core->auth->userID());
$PAGE->assign('timezone_html', $timezone_html);
$PAGE->assign('timezone_js', $timezone_js);
$PAGE->renderPage('install');
exit;
}
/**
* Template for the list of links (<div id="linklist">)
* This function fills all the necessary fields in the $PAGE for the template 'linklist.html'
*
* @param pageBuilder $PAGE pageBuilder instance.
* @param LinkDB $LINKSDB LinkDB instance.
*/
function buildLinkList($PAGE, $LINKSDB)
{
// Used in templates
$searchtags = !empty($_GET['searchtags']) ? escape($_GET['searchtags']) : '';
$searchterm = !empty($_GET['searchterm']) ? escape($_GET['searchterm']) : '';
// Smallhash filter
if (!empty($_SERVER['QUERY_STRING']) && preg_match('/^[a-zA-Z0-9-_@]{6}($|&|#)/', $_SERVER['QUERY_STRING'])) {
try {
$linksToDisplay = $LINKSDB->filterHash($_SERVER['QUERY_STRING']);
} catch (LinkNotFoundException $e) {
$PAGE->render404($e->getMessage());
exit;
}
} else {
// Filter links according search parameters.
$privateonly = !empty($_SESSION['privateonly']);
$linksToDisplay = $LINKSDB->filterSearch($_GET, false, $privateonly);
}
// ---- Handle paging.
$keys = array();
foreach ($linksToDisplay as $key => $value) {
$keys[] = $key;
}
// If there is only a single link, we change on-the-fly the title of the page.
if (count($linksToDisplay) == 1) {
$GLOBALS['pagetitle'] = $linksToDisplay[$keys[0]]['title'] . ' - ' . $GLOBALS['title'];
}
// Select articles according to paging.
$pagecount = ceil(count($keys) / $_SESSION['LINKS_PER_PAGE']);
$pagecount = $pagecount == 0 ? 1 : $pagecount;
$page = empty($_GET['page']) ? 1 : intval($_GET['page']);
$page = $page < 1 ? 1 : $page;
$page = $page > $pagecount ? $pagecount : $page;
// Start index.
$i = ($page - 1) * $_SESSION['LINKS_PER_PAGE'];
$end = $i + $_SESSION['LINKS_PER_PAGE'];
$linkDisp = array();
while ($i < $end && $i < count($keys)) {
$link = $linksToDisplay[$keys[$i]];
$link['description'] = format_description($link['description'], $GLOBALS['redirector']);
$classLi = $i % 2 != 0 ? '' : 'publicLinkHightLight';
$link['class'] = $link['private'] == 0 ? $classLi : 'private';
$date = DateTime::createFromFormat(LinkDB::LINK_DATE_FORMAT, $link['linkdate']);
$link['timestamp'] = $date->getTimestamp();
$taglist = explode(' ', $link['tags']);
uasort($taglist, 'strcasecmp');
$link['taglist'] = $taglist;
$link['shorturl'] = smallHash($link['linkdate']);
// Check for both signs of a note: starting with ? and 7 chars long.
if ($link['url'][0] === '?' && strlen($link['url']) === 7) {
$link['url'] = index_url($_SERVER) . $link['url'];
}
$linkDisp[$keys[$i]] = $link;
$i++;
}
// Compute paging navigation
$searchtagsUrl = empty($searchtags) ? '' : '&searchtags=' . urlencode($searchtags);
$searchtermUrl = empty($searchterm) ? '' : '&searchterm=' . urlencode($searchterm);
$previous_page_url = '';
if ($i != count($keys)) {
$previous_page_url = '?page=' . ($page + 1) . $searchtermUrl . $searchtagsUrl;
}
$next_page_url = '';
if ($page > 1) {
$next_page_url = '?page=' . ($page - 1) . $searchtermUrl . $searchtagsUrl;
}
$token = isLoggedIn() ? getToken() : '';
// Fill all template fields.
$data = array('previous_page_url' => $previous_page_url, 'next_page_url' => $next_page_url, 'page_current' => $page, 'page_max' => $pagecount, 'result_count' => count($linksToDisplay), 'search_term' => $searchterm, 'search_tags' => $searchtags, 'redirector' => empty($GLOBALS['redirector']) ? '' : $GLOBALS['redirector'], 'token' => $token, 'links' => $linkDisp, 'tags' => $LINKSDB->allTags());
// FIXME! temporary fix - see #399.
if (!empty($GLOBALS['pagetitle']) && count($linkDisp) == 1) {
$data['pagetitle'] = $GLOBALS['pagetitle'];
}
$pluginManager = PluginManager::getInstance();
$pluginManager->executeHooks('render_linklist', $data, array('loggedin' => isLoggedIn()));
foreach ($data as $key => $value) {
$PAGE->assign($key, $value);
}
return;
}
function install()
{
// On free.fr host, make sure the /sessions directory exists, otherwise login will not work.
if (endsWith($_SERVER['HTTP_HOST'], '.free.fr') && !is_dir($_SERVER['DOCUMENT_ROOT'] . '/sessions')) {
mkdir($_SERVER['DOCUMENT_ROOT'] . '/sessions', 0705);
}
// This part makes sure sessions works correctly.
// (Because on some hosts, session.save_path may not be set correctly,
// or we may not have write access to it.)
if (isset($_GET['test_session']) && (!isset($_SESSION) || !isset($_SESSION['session_tested']) || $_SESSION['session_tested'] != 'Working')) {
// Step 2: Check if data in session is correct.
echo '<pre>Sessions do not seem to work correctly on your server.<br>';
echo 'Make sure the variable session.save_path is set correctly in your php config, and that you have write access to it.<br>';
echo 'It currently points to ' . session_save_path() . '<br><br><a href="?">Click to try again.</a></pre>';
die;
}
if (!isset($_SESSION['session_tested'])) {
// Step 1 : Try to store data in session and reload page.
$_SESSION['session_tested'] = 'Working';
// Try to set a variable in session.
header('Location: ' . indexUrl() . '?test_session');
// Redirect to check stored data.
}
if (isset($_GET['test_session'])) {
// Step 3: Sessions are ok. Remove test parameter from URL.
header('Location: ' . indexUrl());
}
if (!empty($_POST['setlogin']) && !empty($_POST['setpassword'])) {
$tz = 'UTC';
if (!empty($_POST['continent']) && !empty($_POST['city'])) {
if (isTZvalid($_POST['continent'], $_POST['city'])) {
$tz = $_POST['continent'] . '/' . $_POST['city'];
}
}
$GLOBALS['timezone'] = $tz;
// Everything is ok, let's create config file.
$GLOBALS['login'] = $_POST['setlogin'];
$GLOBALS['salt'] = sha1(uniqid('', true) . '_' . mt_rand());
// Salt renders rainbow-tables attacks useless.
$GLOBALS['hash'] = sha1($_POST['setpassword'] . $GLOBALS['login'] . $GLOBALS['salt']);
$GLOBALS['title'] = empty($_POST['title']) ? 'Shared links on ' . htmlspecialchars(indexUrl()) : $_POST['title'];
writeConfig();
echo '<script language="JavaScript">alert("Shaarli is now configured. Please enter your login/password and start shaaring your links !");document.location=\'?do=login\';</script>';
exit;
}
// Display config form:
list($timezone_form, $timezone_js) = templateTZform();
$timezone_html = '';
if ($timezone_form != '') {
$timezone_html = '<tr><td valign="top"><b>Timezone:</b></td><td>' . $timezone_form . '</td></tr>';
}
$PAGE = new pageBuilder();
$PAGE->assign('timezone_html', $timezone_html);
$PAGE->assign('timezone_js', $timezone_js);
$PAGE->renderPage('install');
exit;
}
