'> log_viewer($page, $severity); + $this->_log_viewer($page, $severity); } else { print_notice("Please set LOG_DESTINATION to 'sql' in config.php to enable database logging."); } diff --git a/classes/pref/users.php b/classes/pref/users.php index bc125d0ce..d2dd06fd8 100644 --- a/classes/pref/users.php +++ b/classes/pref/users.php @@ -166,7 +166,7 @@ class Pref_Users extends Handler_Administrative { } } - static function resetUserPassword($uid, $format_output = false) { + static function _reset_password($uid, $format_output = false) { $pdo = Db::pdo(); @@ -199,7 +199,7 @@ class Pref_Users extends Handler_Administrative { function resetPass() { $uid = clean($_REQUEST["id"]); - self::resetUserPassword($uid); + self::_reset_password($uid); } function index() { @@ -220,7 +220,7 @@ class Pref_Users extends Handler_Administrative { $sort = "login"; } - $sort = $this->validate_field($sort, + $sort = $this->_validate_field($sort, ["login", "access_level", "created", "num_feeds", "created", "last_login"], "login"); if ($sort != "login") $sort = "$sort DESC"; @@ -314,7 +314,7 @@ class Pref_Users extends Handler_Administrative { Date: Mon, 15 Feb 2021 16:59:54 +0300 Subject: move reset_password to UserHelper --- classes/handler/public.php | 2 +- classes/pref/users.php | 34 +--------------------------------- classes/userhelper.php | 30 ++++++++++++++++++++++++++++++ 3 files changed, 32 insertions(+), 34 deletions(-) (limited to 'classes/pref/users.php') diff --git a/classes/handler/public.php b/classes/handler/public.php index ca963d111..da1e53853 100755 --- a/classes/handler/public.php +++ b/classes/handler/public.php @@ -950,7 +950,7 @@ class Handler_Public extends Handler { WHERE id = ?"); $sth->execute([$id]); - Pref_Users::_reset_password($id, true); + UserHelper::reset_password($id, true); print "

"."Completed."."

"; diff --git a/classes/pref/users.php b/classes/pref/users.php index d2dd06fd8..ab1694564 100644 --- a/classes/pref/users.php +++ b/classes/pref/users.php @@ -166,40 +166,8 @@ class Pref_Users extends Handler_Administrative { } } - static function _reset_password($uid, $format_output = false) { - - $pdo = Db::pdo(); - - $sth = $pdo->prepare("SELECT login FROM ttrss_users WHERE id = ?"); - $sth->execute([$uid]); - - if ($row = $sth->fetch()) { - - $login = $row["login"]; - - $new_salt = substr(bin2hex(get_random_bytes(125)), 0, 250); - $tmp_user_pwd = make_password(); - - $pwd_hash = encrypt_password($tmp_user_pwd, $new_salt, true); - - $sth = $pdo->prepare("UPDATE ttrss_users - SET pwd_hash = ?, salt = ?, otp_enabled = false - WHERE id = ?"); - $sth->execute([$pwd_hash, $new_salt, $uid]); - - $message = T_sprintf("Changed password of user %s to %s", "$login", "$tmp_user_pwd"); - - if ($format_output) - print_notice($message); - else - print $message; - - } - } - function resetPass() { - $uid = clean($_REQUEST["id"]); - self::_reset_password($uid); + UserHelper::reset_password(clean($_REQUEST["id"])); } function index() { diff --git a/classes/userhelper.php b/classes/userhelper.php index 744f77a23..8e9b9a01b 100644 --- a/classes/userhelper.php +++ b/classes/userhelper.php @@ -169,4 +169,34 @@ class UserHelper { session_commit(); } + static function reset_password($uid, $format_output = false) { + + $pdo = Db::pdo(); + + $sth = $pdo->prepare("SELECT login FROM ttrss_users WHERE id = ?"); + $sth->execute([$uid]); + + if ($row = $sth->fetch()) { + + $login = $row["login"]; + + $new_salt = substr(bin2hex(get_random_bytes(125)), 0, 250); + $tmp_user_pwd = make_password(); + + $pwd_hash = encrypt_password($tmp_user_pwd, $new_salt, true); + + $sth = $pdo->prepare("UPDATE ttrss_users + SET pwd_hash = ?, salt = ?, otp_enabled = false + WHERE id = ?"); + $sth->execute([$pwd_hash, $new_salt, $uid]); + + $message = T_sprintf("Changed password of user %s to %s", "$login", "$tmp_user_pwd"); + + if ($format_output) + print_notice($message); + else + print $message; + + } + } } -- cgit v1.2.3-54-g00ecf From 75435aa960997fb4aa7a13c1a084ab3c53111e73 Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Thu, 18 Feb 2021 13:00:20 +0300 Subject: user details: cleanup --- classes/pref/users.php | 64 ++++++++++++++++++++++++++++++-------------------- 1 file changed, 39 insertions(+), 25 deletions(-) (limited to 'classes/pref/users.php') diff --git a/classes/pref/users.php b/classes/pref/users.php index ab1694564..5ac6a7990 100644 --- a/classes/pref/users.php +++ b/classes/pref/users.php @@ -38,7 +38,6 @@ class Pref_Users extends Handler_Administrative { $sth->execute([$id]); if ($row = $sth->fetch()) { - print ""; $last_login = TimeHelper::make_local_datetime( $row["last_login"], true); @@ -48,47 +47,62 @@ class Pref_Users extends Handler_Administrative { $stored_articles = $row["stored_articles"]; - print ""; - print ""; - $sth = $this->pdo->prepare("SELECT COUNT(id) as num_feeds FROM ttrss_feeds WHERE owner_uid = ?"); $sth->execute([$id]); $row = $sth->fetch(); - $num_feeds = $row["num_feeds"]; - print ""; - print ""; + $num_feeds = $row["num_feeds"]; - print "

".__('Registered')."	$created
".__('Last logged in')."	$last_login
".__('Subscribed feeds count')."	$num_feeds
".__('Stored articles')."	$stored_articles

"; + ?> - print "

".__('Subscribed feeds')."

"; +

+ : + +

- $sth = $this->pdo->prepare("SELECT id,title,site_url FROM ttrss_feeds - WHERE owner_uid = ? ORDER BY title"); - $sth->execute([$id]); +

+ : + +

- print "

+ : + +

$feed_icon ".$line["title"]."

+ - } + - print "

"> + +

+ ".__('User not found').""; + print_error(__('User not found')); } } -- cgit v1.2.3-54-g00ecf From 211f699aa0c4211e4ee8a02446d51b9811d0c28c Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Mon, 22 Feb 2021 22:35:27 +0300 Subject: migrate the rest into Config:: --- classes/config.php | 192 ++++++++++++++++++++-------------- classes/db.php | 4 +- classes/digest.php | 8 +- classes/diskcache.php | 2 +- classes/feeds.php | 6 +- classes/logger.php | 2 +- classes/mailer.php | 6 +- classes/pref/feeds.php | 8 +- classes/pref/system.php | 4 +- classes/pref/users.php | 2 +- classes/rpc.php | 18 ++-- classes/rssutils.php | 36 ++++--- classes/urlhelper.php | 10 +- config.php-dist | 2 +- include/functions.php | 50 +-------- include/login_form.php | 4 +- include/sanity_check.php | 4 +- index.php | 5 +- phpstan.neon | 1 + plugins/af_proxy_http/init.php | 2 +- plugins/cache_starred_images/init.php | 2 +- prefs.php | 4 +- update.php | 6 +- update_daemon2.php | 17 +-- 24 files changed, 187 insertions(+), 208 deletions(-) (limited to 'classes/pref/users.php') diff --git a/classes/config.php b/classes/config.php index 8a7470135..349706390 100644 --- a/classes/config.php +++ b/classes/config.php @@ -1,98 +1,134 @@ "pgsql", - Config::DB_HOST => "db", - Config::DB_USER => "", - Config::DB_NAME => "", - Config::DB_PASS => "", - Config::DB_PORT => "5432", - Config::MYSQL_CHARSET => "UTF8", - Config::SELF_URL_PATH => "", - Config::SINGLE_USER_MODE => "", - Config::SIMPLE_UPDATE_MODE => "", - Config::PHP_EXECUTABLE => "/usr/bin/php", - Config::LOCK_DIRECTORY => "lock", - Config::CACHE_DIR => "cache", - Config::ICONS_DIR => "feed-icons", - Config::ICONS_URL => "feed-icons", - Config::AUTH_AUTO_CREATE => "true", - Config::AUTH_AUTO_LOGIN => "true", - Config::FORCE_ARTICLE_PURGE => 0, - Config::ENABLE_REGISTRATION => "", - Config::SESSION_COOKIE_LIFETIME => 86400, - Config::SMTP_FROM_NAME => "Tiny Tiny RSS", - Config::SMTP_FROM_ADDRESS => "noreply@localhost", - Config::DIGEST_SUBJECT => "[tt-rss] New headlines for last 24 hours", - Config::CHECK_FOR_UPDATES => "true", - Config::PLUGINS => "auth_internal", - Config::LOG_DESTINATION => "sql", - ]; + const DB_TYPE = "DB_TYPE"; + const DB_HOST = "DB_HOST"; + const DB_USER = "DB_USER"; + const DB_NAME = "DB_NAME"; + const DB_PASS = "DB_PASS"; + const DB_PORT = "DB_PORT"; + const MYSQL_CHARSET = "MYSQL_CHARSET"; + const SELF_URL_PATH = "SELF_URL_PATH"; + const SINGLE_USER_MODE = "SINGLE_USER_MODE"; + const SIMPLE_UPDATE_MODE = "SIMPLE_UPDATE_MODE"; + const PHP_EXECUTABLE = "PHP_EXECUTABLE"; + const LOCK_DIRECTORY = "LOCK_DIRECTORY"; + const CACHE_DIR = "CACHE_DIR"; + const ICONS_DIR = "ICONS_DIR"; + const ICONS_URL = "ICONS_URL"; + const AUTH_AUTO_CREATE = "AUTH_AUTO_CREATE"; + const AUTH_AUTO_LOGIN = "AUTH_AUTO_LOGIN"; + const FORCE_ARTICLE_PURGE = "FORCE_ARTICLE_PURGE"; + const ENABLE_REGISTRATION = "ENABLE_REGISTRATION"; + const SESSION_COOKIE_LIFETIME = "SESSION_COOKIE_LIFETIME"; + const SMTP_FROM_NAME = "SMTP_FROM_NAME"; + const SMTP_FROM_ADDRESS = "SMTP_FROM_ADDRESS"; + const DIGEST_SUBJECT = "DIGEST_SUBJECT"; + const CHECK_FOR_UPDATES = "CHECK_FOR_UPDATES"; + const PLUGINS = "PLUGINS"; + const LOG_DESTINATION = "LOG_DESTINATION"; + const LOCAL_OVERRIDE_STYLESHEET = "LOCAL_OVERRIDE_STYLESHEET"; + const DAEMON_MAX_CHILD_RUNTIME = "DAEMON_MAX_CHILD_RUNTIME"; + const DAEMON_MAX_JOBS = "DAEMON_MAX_JOBS"; + const FEED_FETCH_TIMEOUT = "FEED_FETCH_TIMEOUT"; + const FEED_FETCH_NO_CACHE_TIMEOUT = "FEED_FETCH_NO_CACHE_TIMEOUT"; + const FILE_FETCH_TIMEOUT = "FILE_FETCH_TIMEOUT"; + const FILE_FETCH_CONNECT_TIMEOUT = "FILE_FETCH_CONNECT_TIMEOUT"; + const DAEMON_UPDATE_LOGIN_LIMIT = "DAEMON_UPDATE_LOGIN_LIMIT"; + const DAEMON_FEED_LIMIT = "DAEMON_FEED_LIMIT"; + const DAEMON_SLEEP_INTERVAL = "DAEMON_SLEEP_INTERVAL"; + const MAX_CACHE_FILE_SIZE = "MAX_CACHE_FILE_SIZE"; + const MAX_DOWNLOAD_FILE_SIZE = "MAX_DOWNLOAD_FILE_SIZE"; + const MAX_FAVICON_FILE_SIZE = "MAX_FAVICON_FILE_SIZE"; + const CACHE_MAX_DAYS = "CACHE_MAX_DAYS"; + const MAX_CONDITIONAL_INTERVAL = "MAX_CONDITIONAL_INTERVAL"; + const DAEMON_UNSUCCESSFUL_DAYS_LIMIT = "DAEMON_UNSUCCESSFUL_DAYS_LIMIT"; + const LOG_SENT_MAIL = "LOG_SENT_MAIL"; - private const _ENVVAR_PREFIX = "TTRSS_"; - private static $instance; + private const _DEFAULTS = [ + Config::DB_TYPE => "pgsql", + Config::DB_HOST => "db", + Config::DB_USER => "", + Config::DB_NAME => "", + Config::DB_PASS => "", + Config::DB_PORT => "5432", + Config::MYSQL_CHARSET => "UTF8", + Config::SELF_URL_PATH => "", + Config::SINGLE_USER_MODE => "", + Config::SIMPLE_UPDATE_MODE => "", + Config::PHP_EXECUTABLE => "/usr/bin/php", + Config::LOCK_DIRECTORY => "lock", + Config::CACHE_DIR => "cache", + Config::ICONS_DIR => "feed-icons", + Config::ICONS_URL => "feed-icons", + Config::AUTH_AUTO_CREATE => "true", + Config::AUTH_AUTO_LOGIN => "true", + Config::FORCE_ARTICLE_PURGE => 0, + Config::ENABLE_REGISTRATION => "", + Config::SESSION_COOKIE_LIFETIME => 86400, + Config::SMTP_FROM_NAME => "Tiny Tiny RSS", + Config::SMTP_FROM_ADDRESS => "noreply@localhost", + Config::DIGEST_SUBJECT => "[tt-rss] New headlines for last 24 hours", + Config::CHECK_FOR_UPDATES => "true", + Config::PLUGINS => "auth_internal", + Config::LOG_DESTINATION => "sql", + Config::LOCAL_OVERRIDE_STYLESHEET => "local-overrides.css", + Config::DAEMON_MAX_CHILD_RUNTIME => 1800, + Config::DAEMON_MAX_JOBS => 2, + Config::FEED_FETCH_TIMEOUT => 45, + Config::FEED_FETCH_NO_CACHE_TIMEOUT => 15, + Config::FILE_FETCH_TIMEOUT => 45, + Config::FILE_FETCH_CONNECT_TIMEOUT => 15, + Config::DAEMON_UPDATE_LOGIN_LIMIT => 30, + Config::DAEMON_FEED_LIMIT => 500, + Config::DAEMON_SLEEP_INTERVAL => 120, + Config::MAX_CACHE_FILE_SIZE => 64*1024*1024, + Config::MAX_DOWNLOAD_FILE_SIZE => 16*1024*1024, + Config::MAX_FAVICON_FILE_SIZE => 1*1024*1024, + Config::CACHE_MAX_DAYS => 7, + Config::MAX_CONDITIONAL_INTERVAL => 3600*12, + Config::DAEMON_UNSUCCESSFUL_DAYS_LIMIT => 30, + Config::LOG_SENT_MAIL => "", + ]; - private $params = []; + private static $instance; - public static function get_instance() { + private $params = []; + + public static function get_instance() { if (self::$instance == null) self::$instance = new self(); return self::$instance; } - function __construct() { - $ref = new ReflectionClass(get_class($this)); + function __construct() { + $ref = new ReflectionClass(get_class($this)); - foreach ($ref->getConstants() as $const => $cvalue) { - if (strpos($const, "_") !== 0) { - $override = getenv($this::_ENVVAR_PREFIX . $const); + foreach ($ref->getConstants() as $const => $cvalue) { + if (strpos($const, "_") !== 0) { + $override = getenv($this::_ENVVAR_PREFIX . $const); - if (!empty($override)) { - $this->params[$cvalue] = $override; - } else { - $this->params[$cvalue] = $this::_DEFAULTS[$const]; - } - } - } - } + if (!empty($override)) { + $this->params[$cvalue] = $override; + } else { + $this->params[$cvalue] = $this::_DEFAULTS[$const]; + } + } + } + } - private function _get($param) { - return $this->params[$param]; - } + private function _get($param) { + return $this->params[$param]; + } - static function get($param) { - $instance = self::get_instance(); + static function get($param) { + $instance = self::get_instance(); - return $instance->_get($param); - } + return $instance->_get($param); + } } \ No newline at end of file diff --git a/classes/db.php b/classes/db.php index 1ccaa3533..5196e7c7d 100755 --- a/classes/db.php +++ b/classes/db.php @@ -41,8 +41,8 @@ class Db } else if (Config::get(Config::DB_TYPE) == "mysql") { $pdo->query("SET time_zone = '+0:0'"); - if (defined('MYSQL_CHARSET') && MYSQL_CHARSET) { - $pdo->query("SET NAMES " . MYSQL_CHARSET); + if (defined('Config::get(Config::MYSQL_CHARSET)') && Config::get(Config::MYSQL_CHARSET)) { + $pdo->query("SET NAMES " . Config::get(Config::MYSQL_CHARSET)); } } diff --git a/classes/digest.php b/classes/digest.php index 9ac3f6a17..a6a0c47de 100644 --- a/classes/digest.php +++ b/classes/digest.php @@ -48,11 +48,11 @@ class Digest $mailer = new Mailer(); - //$rc = $mail->quickMail($line["email"], $line["login"], DIGEST_SUBJECT, $digest, $digest_text); + //$rc = $mail->quickMail($line["email"], $line["login"], Config::get(Config::DIGEST_SUBJECT), $digest, $digest_text); $rc = $mailer->mail(["to_name" => $line["login"], "to_address" => $line["email"], - "subject" => DIGEST_SUBJECT, + "subject" => Config::get(Config::DIGEST_SUBJECT), "message" => $digest_text, "message_html" => $digest]); @@ -91,11 +91,11 @@ class Digest $tpl->setVariable('CUR_DATE', date('Y/m/d', $local_ts)); $tpl->setVariable('CUR_TIME', date('G:i', $local_ts)); - $tpl->setVariable('TTRSS_HOST', Config::get(Config.Config::get(Config::SELF_URL_PATH))); + $tpl->setVariable('TTRSS_HOST', Config::get(Config::get(Config::SELF_URL_PATH))); $tpl_t->setVariable('CUR_DATE', date('Y/m/d', $local_ts)); $tpl_t->setVariable('CUR_TIME', date('G:i', $local_ts)); - $tpl_t->setVariable('TTRSS_HOST', Config::get(Config.Config::get(Config::SELF_URL_PATH))); + $tpl_t->setVariable('TTRSS_HOST', Config::get(Config::get(Config::SELF_URL_PATH))); $affected_ids = array(); diff --git a/classes/diskcache.php b/classes/diskcache.php index 063a3847c..9c594acc5 100644 --- a/classes/diskcache.php +++ b/classes/diskcache.php @@ -349,7 +349,7 @@ class DiskCache { if ($files) { foreach ($files as $file) { - if (time() - filemtime($file) > 86400*CACHE_MAX_DAYS) { + if (time() - filemtime($file) > 86400*Config::get(Config::CACHE_MAX_DAYS)) { unlink($file); ++$num_deleted; diff --git a/classes/feeds.php b/classes/feeds.php index 274cb22d0..eaedc1aee 100755 --- a/classes/feeds.php +++ b/classes/feeds.php @@ -1056,11 +1056,11 @@ class Feeds extends Handler_Protected { } static function _get_icon_file($feed_id) { - return ICONS_DIR . "/$feed_id.ico"; + return Config::get(Config::ICONS_DIR) . "/$feed_id.ico"; } static function _has_icon($id) { - return is_file(ICONS_DIR . "/$id.ico") && filesize(ICONS_DIR . "/$id.ico") > 0; + return is_file(Config::get(Config::ICONS_DIR) . "/$id.ico") && filesize(Config::get(Config::ICONS_DIR) . "/$id.ico") > 0; } static function _get_icon($id) { @@ -1084,7 +1084,7 @@ class Feeds extends Handler_Protected { $icon = self::_get_icon_file($id); if ($icon && file_exists($icon)) { - return ICONS_URL . "/" . basename($icon) . "?" . filemtime($icon); + return Config::get(Config::ICONS_URL) . "/" . basename($icon) . "?" . filemtime($icon); } } break; diff --git a/classes/logger.php b/classes/logger.php index cdc6b240a..6cc33314d 100755 --- a/classes/logger.php +++ b/classes/logger.php @@ -42,7 +42,7 @@ class Logger { } function __construct() { - switch (LOG_DESTINATION) { + switch (Config::get(Config::LOG_DESTINATION)) { case "sql": $this->adapter = new Logger_SQL(); break; diff --git a/classes/mailer.php b/classes/mailer.php index 16be16523..93f778210 100644 --- a/classes/mailer.php +++ b/classes/mailer.php @@ -11,15 +11,15 @@ class Mailer { $subject = $params["subject"]; $message = $params["message"]; $message_html = $params["message_html"]; - $from_name = $params["from_name"] ? $params["from_name"] : SMTP_FROM_NAME; - $from_address = $params["from_address"] ? $params["from_address"] : SMTP_FROM_ADDRESS; + $from_name = $params["from_name"] ? $params["from_name"] : Config::get(Config::SMTP_FROM_NAME); + $from_address = $params["from_address"] ? $params["from_address"] : Config::get(Config::SMTP_FROM_ADDRESS); $additional_headers = $params["headers"] ? $params["headers"] : []; $from_combined = $from_name ? "$from_name <$from_address>" : $from_address; $to_combined = $to_name ? "$to_name <$to_address>" : $to_address; - if (defined('_LOG_SENT_MAIL') && _LOG_SENT_MAIL) + if (Config::get(Config::LOG_SENT_MAIL)) Logger::get()->log(E_USER_NOTICE, "Sending mail from $from_combined to $to_combined [$subject]: $message"); // HOOK_SEND_MAIL plugin instructions: diff --git a/classes/pref/feeds.php b/classes/pref/feeds.php index 229effeb3..7c3a40647 100755 --- a/classes/pref/feeds.php +++ b/classes/pref/feeds.php @@ -441,7 +441,7 @@ class Pref_Feeds extends Handler_Protected { $sth->execute([$feed_id, $_SESSION['uid']]); if ($row = $sth->fetch()) { - @unlink(ICONS_DIR . "/$feed_id.ico"); + @unlink(Config::get(Config::ICONS_DIR) . "/$feed_id.ico"); $sth = $this->pdo->prepare("UPDATE ttrss_feeds SET favicon_avg_color = NULL, favicon_last_checked = '1970-01-01' where id = ?"); @@ -479,7 +479,7 @@ class Pref_Feeds extends Handler_Protected { $sth->execute([$feed_id, $_SESSION['uid']]); if ($row = $sth->fetch()) { - $new_filename = ICONS_DIR . "/$feed_id.ico"; + $new_filename = Config::get(Config::ICONS_DIR) . "/$feed_id.ico"; if (file_exists($new_filename)) unlink($new_filename); @@ -1228,8 +1228,8 @@ class Pref_Feeds extends Handler_Protected { $pdo->commit(); - if (file_exists(ICONS_DIR . "/$id.ico")) { - unlink(ICONS_DIR . "/$id.ico"); + if (file_exists(Config::get(Config::ICONS_DIR) . "/$id.ico")) { + unlink(Config::get(Config::ICONS_DIR) . "/$id.ico"); } } else { diff --git a/classes/pref/system.php b/classes/pref/system.php index bc519a321..35c776463 100644 --- a/classes/pref/system.php +++ b/classes/pref/system.php @@ -153,10 +153,10 @@ class Pref_System extends Handler_Administrative {

'> _log_viewer($page, $severity); } else { - print_notice("Please set LOG_DESTINATION to 'sql' in config.php to enable database logging."); + print_notice("Please set Config::get(Config::LOG_DESTINATION) to 'sql' in config.php to enable database logging."); } ?>

diff --git a/classes/pref/users.php b/classes/pref/users.php index 5ac6a7990..f30abe001 100644 --- a/classes/pref/users.php +++ b/classes/pref/users.php @@ -86,7 +86,7 @@ class Pref_Users extends Handler_Administrative { fetch()) { ?>

diff --git a/classes/rpc.php b/classes/rpc.php index bf24132b0..4aa3f69d5 100755 --- a/classes/rpc.php +++ b/classes/rpc.php @@ -165,8 +165,9 @@ class RPC extends Handler_Protected { function setpanelmode() { $wide = (int) clean($_REQUEST["wide"]); + // FIXME should this use SESSION_COOKIE_LIFETIME and be renewed periodically? setcookie("ttrss_widescreen", (string)$wide, - time() + COOKIE_LIFETIME_LONG); + time() + 86400*365); print json_encode(array("wide" => $wide)); } @@ -328,7 +329,7 @@ class RPC extends Handler_Protected { get_version($git_commit, $git_timestamp); - if (defined('CHECK_FOR_UPDATES') && CHECK_FOR_UPDATES && $_SESSION["access_level"] >= 10 && $git_timestamp) { + if (defined('Config::get(Config::CHECK_FOR_UPDATES)') && Config::get(Config::CHECK_FOR_UPDATES) && $_SESSION["access_level"] >= 10 && $git_timestamp) { $content = @UrlHelper::fetch(["url" => "https://tt-rss.org/version.json"]); if ($content) { @@ -359,8 +360,8 @@ class RPC extends Handler_Protected { } $params["safe_mode"] = !empty($_SESSION["safe_mode"]); - $params["check_for_updates"] = CHECK_FOR_UPDATES; - $params["icons_url"] = ICONS_URL; + $params["check_for_updates"] = Config::get(Config::CHECK_FOR_UPDATES); + $params["icons_url"] = Config::get(Config::ICONS_URL); $params["cookie_lifetime"] = Config::get(Config::SESSION_COOKIE_LIFETIME); $params["default_view_mode"] = get_pref("_DEFAULT_VIEW_MODE"); $params["default_view_limit"] = (int) get_pref("_DEFAULT_VIEW_LIMIT"); @@ -390,15 +391,10 @@ class RPC extends Handler_Protected { $params["self_url_prefix"] = get_self_url_prefix(); $params["max_feed_id"] = (int) $max_feed_id; $params["num_feeds"] = (int) $num_feeds; - $params["hotkeys"] = $this->get_hotkeys_map(); - $params["widescreen"] = (int) ($_COOKIE["ttrss_widescreen"] ?? 0); - - $params['simple_update'] = SIMPLE_UPDATE_MODE; - + $params['simple_update'] = Config::get(Config::SIMPLE_UPDATE_MODE); $params["icon_indicator_white"] = $this->image_to_base64("images/indicator_white.gif"); - $params["labels"] = Labels::get_all($_SESSION["uid"]); return $params; @@ -432,7 +428,7 @@ class RPC extends Handler_Protected { $data['cdm_expanded'] = get_pref('CDM_EXPANDED'); $data["labels"] = Labels::get_all($_SESSION["uid"]); - if (LOG_DESTINATION == 'sql' && $_SESSION['access_level'] >= 10) { + if (Config::get(Config::LOG_DESTINATION) == 'sql' && $_SESSION['access_level'] >= 10) { if (Config::get(Config::DB_TYPE) == 'pgsql') { $log_interval = "created_at > NOW() - interval '1 hour'"; } else { diff --git a/classes/rssutils.php b/classes/rssutils.php index c951003f0..5dcbb48d6 100755 --- a/classes/rssutils.php +++ b/classes/rssutils.php @@ -34,9 +34,9 @@ class RSSUtils { $pdo = Db::pdo(); $sth = $pdo->prepare("SELECT id FROM ttrss_feeds WHERE id = ?"); - // check icon files once every CACHE_MAX_DAYS days - $icon_files = array_filter(glob(ICONS_DIR . "/*.ico"), - function($f) { return filemtime($f) < time() - 86400*CACHE_MAX_DAYS; }); + // check icon files once every Config::get(Config::CACHE_MAX_DAYS) days + $icon_files = array_filter(glob(Config::get(Config::ICONS_DIR) . "/*.ico"), + function($f) { return filemtime($f) < time() - 86400 * Config::get(Config::CACHE_MAX_DAYS); }); foreach ($icon_files as $icon) { $feed_id = basename($icon, ".ico"); @@ -52,20 +52,22 @@ class RSSUtils { } } - static function update_daemon_common($limit = DAEMON_FEED_LIMIT, $options = []) { + static function update_daemon_common($limit = null, $options = []) { $schema_version = get_schema_version(); + if (!$limit) $limit = Config::get(Config::DAEMON_FEED_LIMIT); + if ($schema_version != SCHEMA_VERSION) { die("Schema version is wrong, please upgrade the database.\n"); } $pdo = Db::pdo(); - if (!Config::get(Config::SINGLE_USER_MODE) && DAEMON_UPDATE_LOGIN_LIMIT > 0) { + if (!Config::get(Config::SINGLE_USER_MODE) && Config::get(Config::DAEMON_UPDATE_LOGIN_LIMIT) > 0) { if (Config::get(Config::DB_TYPE) == "pgsql") { - $login_thresh_qpart = "AND ttrss_users.last_login >= NOW() - INTERVAL '".DAEMON_UPDATE_LOGIN_LIMIT." days'"; + $login_thresh_qpart = "AND ttrss_users.last_login >= NOW() - INTERVAL '".Config::get(Config::DAEMON_UPDATE_LOGIN_LIMIT)." days'"; } else { - $login_thresh_qpart = "AND ttrss_users.last_login >= DATE_SUB(NOW(), INTERVAL ".DAEMON_UPDATE_LOGIN_LIMIT." DAY)"; + $login_thresh_qpart = "AND ttrss_users.last_login >= DATE_SUB(NOW(), INTERVAL ".Config::get(Config::DAEMON_UPDATE_LOGIN_LIMIT)." DAY)"; } } else { $login_thresh_qpart = ""; @@ -288,7 +290,7 @@ class RSSUtils { if (!$basic_info) { $feed_data = UrlHelper::fetch($fetch_url, false, $auth_login, $auth_pass, false, - FEED_FETCH_TIMEOUT, + Config::get(Config::FEED_FETCH_TIMEOUT), 0); $feed_data = trim($feed_data); @@ -455,7 +457,7 @@ class RSSUtils { Debug::log("not using CURL due to open_basedir restrictions", Debug::$LOG_VERBOSE); } - if (time() - strtotime($last_unconditional) > MAX_CONDITIONAL_INTERVAL) { + if (time() - strtotime($last_unconditional) > Config::get(Config::MAX_CONDITIONAL_INTERVAL)) { Debug::log("maximum allowed interval for conditional requests exceeded, forcing refetch", Debug::$LOG_VERBOSE); $force_refetch = true; @@ -469,7 +471,7 @@ class RSSUtils { "url" => $fetch_url, "login" => $auth_login, "pass" => $auth_pass, - "timeout" => $no_cache ? FEED_FETCH_NO_CACHE_TIMEOUT : FEED_FETCH_TIMEOUT, + "timeout" => $no_cache ? Config::get(Config::FEED_FETCH_NO_CACHE_TIMEOUT) : Config::get(Config::FEED_FETCH_TIMEOUT), "last_modified" => $force_refetch ? "" : $stored_last_modified ]); @@ -591,7 +593,7 @@ class RSSUtils { /* terrible hack: if we crash on floicon shit here, we won't check * the icon avgcolor again (unless the icon got updated) */ - $favicon_file = ICONS_DIR . "/$feed.ico"; + $favicon_file = Config::get(Config::ICONS_DIR) . "/$feed.ico"; $favicon_modified = file_exists($favicon_file) ? filemtime($favicon_file) : -1; Debug::log("checking favicon for feed $feed...", Debug::$LOG_VERBOSE); @@ -755,7 +757,7 @@ class RSSUtils { $e->type, $e->length, $e->title, $e->width, $e->height); // Yet another episode of "mysql utf8_general_ci is gimped" - if (Config::get(Config::DB_TYPE) == "mysql" && MYSQL_CHARSET != "UTF8MB4") { + if (Config::get(Config::DB_TYPE) == "mysql" && Config::get(Config::MYSQL_CHARSET) != "UTF8MB4") { for ($i = 0; $i < count($e_item); $i++) { if (is_string($e_item[$i])) { $e_item[$i] = self::strip_utf8mb4($e_item[$i]); @@ -833,7 +835,7 @@ class RSSUtils { Debug::log("plugin data: $entry_plugin_data", Debug::$LOG_VERBOSE); // Workaround: 4-byte unicode requires utf8mb4 in MySQL. See https://tt-rss.org/forum/viewtopic.php?f=1&t=3377&p=20077#p20077 - if (Config::get(Config::DB_TYPE) == "mysql" && MYSQL_CHARSET != "UTF8MB4") { + if (Config::get(Config::DB_TYPE) == "mysql" && Config::get(Config::MYSQL_CHARSET) != "UTF8MB4") { foreach ($article as $k => $v) { // i guess we'll have to take the risk of 4byte unicode labels & tags here if (is_string($article[$k])) { @@ -1298,7 +1300,7 @@ class RSSUtils { $file_content = UrlHelper::fetch(array("url" => $src, "http_referrer" => $src, - "max_size" => MAX_CACHE_FILE_SIZE)); + "max_size" => Config::get(Config::MAX_CACHE_FILE_SIZE))); if ($file_content) { $cache->put($local_filename, $file_content); @@ -1328,7 +1330,7 @@ class RSSUtils { $file_content = UrlHelper::fetch(array("url" => $url, "http_referrer" => $url, - "max_size" => MAX_CACHE_FILE_SIZE)); + "max_size" => Config::get(Config::MAX_CACHE_FILE_SIZE))); if ($file_content) { $cache->put($local_filename, $file_content); @@ -1643,7 +1645,7 @@ class RSSUtils { } static function check_feed_favicon($site_url, $feed) { - $icon_file = ICONS_DIR . "/$feed.ico"; + $icon_file = Config::get(Config::ICONS_DIR) . "/$feed.ico"; $favicon_url = self::get_favicon_url($site_url); if (!$favicon_url) { @@ -1654,7 +1656,7 @@ class RSSUtils { // Limiting to "image" type misses those served with text/plain $contents = UrlHelper::fetch([ 'url' => $favicon_url, - 'max_size' => MAX_FAVICON_FILE_SIZE, + 'max_size' => Config::get(Config::MAX_FAVICON_FILE_SIZE), //'type' => 'image', ]); if (!$contents) { diff --git a/classes/urlhelper.php b/classes/urlhelper.php index 8717d02c3..42aa069e6 100644 --- a/classes/urlhelper.php +++ b/classes/urlhelper.php @@ -209,7 +209,7 @@ class UrlHelper { $last_modified = isset($options["last_modified"]) ? $options["last_modified"] : ""; $useragent = isset($options["useragent"]) ? $options["useragent"] : false; $followlocation = isset($options["followlocation"]) ? $options["followlocation"] : true; - $max_size = isset($options["max_size"]) ? $options["max_size"] : MAX_DOWNLOAD_FILE_SIZE; // in bytes + $max_size = isset($options["max_size"]) ? $options["max_size"] : Config::get(Config::MAX_DOWNLOAD_FILE_SIZE); // in bytes $http_accept = isset($options["http_accept"]) ? $options["http_accept"] : false; $http_referrer = isset($options["http_referrer"]) ? $options["http_referrer"] : false; @@ -250,8 +250,8 @@ class UrlHelper { if (count($curl_http_headers) > 0) curl_setopt($ch, CURLOPT_HTTPHEADER, $curl_http_headers); - curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $timeout ? $timeout : FILE_FETCH_CONNECT_TIMEOUT); - curl_setopt($ch, CURLOPT_TIMEOUT, $timeout ? $timeout : FILE_FETCH_TIMEOUT); + curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $timeout ? $timeout : Config::get(Config::FILE_FETCH_CONNECT_TIMEOUT)); + curl_setopt($ch, CURLOPT_TIMEOUT, $timeout ? $timeout : Config::get(Config::FILE_FETCH_TIMEOUT)); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, !ini_get("open_basedir") && $followlocation); curl_setopt($ch, CURLOPT_MAXREDIRS, 20); curl_setopt($ch, CURLOPT_BINARYTRANSFER, true); @@ -395,7 +395,7 @@ class UrlHelper { ), 'method' => 'GET', 'ignore_errors' => true, - 'timeout' => $timeout ? $timeout : FILE_FETCH_TIMEOUT, + 'timeout' => $timeout ? $timeout : Config::get(Config::FILE_FETCH_TIMEOUT), 'protocol_version'=> 1.1) ); @@ -417,7 +417,7 @@ class UrlHelper { $old_error = error_get_last(); - $fetch_effective_url = self::resolve_redirects($url, $timeout ? $timeout : FILE_FETCH_CONNECT_TIMEOUT); + $fetch_effective_url = self::resolve_redirects($url, $timeout ? $timeout : Config::get(Config::FILE_FETCH_CONNECT_TIMEOUT)); if (!self::validate($fetch_effective_url, true)) { $fetch_last_error = "URL received after redirection failed extended validation."; diff --git a/config.php-dist b/config.php-dist index 2ee1c719d..840880ad9 100644 --- a/config.php-dist +++ b/config.php-dist @@ -131,7 +131,7 @@ // Disabling auth_internal in this list would automatically disable // reset password link on the login form. - define('LOG_DESTINATION', 'sql'); + define('Config::get(Config::LOG_DESTINATION)', 'sql'); // Error log destination to use. Possible values: sql (uses internal logging // you can read in Preferences -> System), syslog - logs to system log. // Setting this to blank uses PHP logging (usually to http server diff --git a/include/functions.php b/include/functions.php index 526c6058a..59c824e43 100644 --- a/include/functions.php +++ b/include/functions.php @@ -5,12 +5,6 @@ define('LABEL_BASE_INDEX', -1024); define('PLUGIN_FEED_BASE_INDEX', -128); - define('COOKIE_LIFETIME_LONG', 86400*365); - - // this CSS file is included for everyone (if it exists in themes.local) - // on login, registration, and main (index and prefs) pages - define('LOCAL_OVERRIDE_STYLESHEET', '.local-overrides.css'); - $fetch_last_error = false; $fetch_last_error_code = false; $fetch_last_content_type = false; @@ -37,49 +31,7 @@ ini_set('display_errors', "false"); ini_set('display_startup_errors', "false"); - require_once 'config.php'; - - /* Some tunables you can override in config.php using define(): */ - - if (!defined('FEED_FETCH_TIMEOUT')) define('FEED_FETCH_TIMEOUT', 45); - // How may seconds to wait for response when requesting feed from a site - if (!defined('FEED_FETCH_NO_CACHE_TIMEOUT')) define('FEED_FETCH_NO_CACHE_TIMEOUT', 15); - // How may seconds to wait for response when requesting feed from a - // site when that feed wasn't cached before - if (!defined('FILE_FETCH_TIMEOUT')) define('FILE_FETCH_TIMEOUT', 45); - // Default timeout when fetching files from remote sites - if (!defined('FILE_FETCH_CONNECT_TIMEOUT')) define('FILE_FETCH_CONNECT_TIMEOUT', 15); - // How many seconds to wait for initial response from website when - // fetching files from remote sites - if (!defined('DAEMON_UPDATE_LOGIN_LIMIT')) define('DAEMON_UPDATE_LOGIN_LIMIT', 30); - // stop updating feeds if users haven't logged in for X days - if (!defined('DAEMON_FEED_LIMIT')) define('DAEMON_FEED_LIMIT', 500); - // feed limit for one update batch - if (!defined('DAEMON_SLEEP_INTERVAL')) define('DAEMON_SLEEP_INTERVAL', 120); - // default sleep interval between feed updates (sec) - if (!defined('MAX_CACHE_FILE_SIZE')) define('MAX_CACHE_FILE_SIZE', 64*1024*1024); - // do not cache files larger than that (bytes) - if (!defined('MAX_DOWNLOAD_FILE_SIZE')) define('MAX_DOWNLOAD_FILE_SIZE', 16*1024*1024); - // do not download general files larger than that (bytes) - if (!defined('MAX_FAVICON_FILE_SIZE')) define('MAX_FAVICON_FILE_SIZE', 1*1024*1024); - // do not download favicon files larger than that (bytes) - if (!defined('CACHE_MAX_DAYS')) define('CACHE_MAX_DAYS', 7); - // max age in days for various automatically cached (temporary) files - if (!defined('MAX_CONDITIONAL_INTERVAL')) define('MAX_CONDITIONAL_INTERVAL', 3600*12); - // max interval between forced unconditional updates for servers - // not complying with http if-modified-since (seconds) - // if (!defined('MAX_FETCH_REQUESTS_PER_HOST')) define('MAX_FETCH_REQUESTS_PER_HOST', 25); - // a maximum amount of allowed HTTP requests per destination host - // during a single update (i.e. within PHP process lifetime) - // this is used to not cause excessive load on the origin server on - // e.g. feed subscription when all articles are being processes - // (not implemented) - if (!defined('DAEMON_UNSUCCESSFUL_DAYS_LIMIT')) define('DAEMON_UNSUCCESSFUL_DAYS_LIMIT', 30); - // automatically disable updates for feeds which failed to - // update for this amount of days; 0 disables - - /* tunables end here */ - + require_once "config.php"; require_once "autoload.php"; if (Config::get(Config::DB_TYPE) == "pgsql") { diff --git a/include/login_form.php b/include/login_form.php index 537c7f994..168fe50aa 100755 --- a/include/login_form.php +++ b/include/login_form.php @@ -16,8 +16,8 @@ } ?> -

	".__('Login')."	".__('Access Level')."	".__('Subscribed feeds')."	".__('Registered')."	".__('Last login')."
	" . $line["login"] . "	" . $access_level_names[$line["access_level"]] . "	" . $line["num_feeds"] . "	" . $line["created"] . "	" . $line["last_login"] . "