From 98d01eb19e5824b6fd457f8d0876447cc8c87583 Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Thu, 11 Jul 2013 14:03:40 +0400 Subject: allow unsharing specific articles / creating new share key --- plugins/share/init.php | 28 +++++++++++++++++++++++++++- 1 file changed, 27 insertions(+), 1 deletion(-) (limited to 'plugins/share/init.php') diff --git a/plugins/share/init.php b/plugins/share/init.php index 72a4d4bf9..a1b0146a1 100644 --- a/plugins/share/init.php +++ b/plugins/share/init.php @@ -18,6 +18,26 @@ class Share extends Plugin { return file_get_contents(dirname(__FILE__) . "/share.js"); } + function unshare() { + $id = db_escape_string($_REQUEST['id']); + + db_query("UPDATE ttrss_user_entries SET uuid = '' WHERE int_id = '$id' + AND owner_uid = " . $_SESSION['uid']); + + print "OK"; + } + + function newkey() { + $id = db_escape_string($_REQUEST['id']); + + $uuid = db_escape_string(sha1(uniqid(rand(), true))); + + db_query("UPDATE ttrss_user_entries SET uuid = '$uuid' WHERE int_id = '$id' + AND owner_uid = " . $_SESSION['uid']); + + print json_encode(array("link" => $uuid)); + } + function hook_article_button($line) { return ""; - print "$url_path"; + print "$url_path"; print ""; /* if (!label_find_id(__('Shared'), $_SESSION["uid"])) @@ -61,6 +81,12 @@ class Share extends Plugin { print "
"; + print ""; + + print ""; + print ""; -- cgit v1.2.3-54-g00ecf From 41a7a066eff0c4914720685c38fa282e99d79041 Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Thu, 11 Jul 2013 14:11:41 +0400 Subject: share: move unsharing all articles into the plugin --- classes/pref/feeds.php | 9 --------- classes/rpc.php | 8 -------- js/prefs.js | 19 ------------------- plugins/share/init.php | 30 ++++++++++++++++++++++++++++++ plugins/share/share_prefs.js | 21 +++++++++++++++++++++ 5 files changed, 51 insertions(+), 36 deletions(-) create mode 100644 plugins/share/share_prefs.js (limited to 'plugins/share/init.php') diff --git a/classes/pref/feeds.php b/classes/pref/feeds.php index 870c4fed4..1f8c5e4a0 100644 --- a/classes/pref/feeds.php +++ b/classes/pref/feeds.php @@ -1471,15 +1471,6 @@ class Pref_Feeds extends Handler_Protected { print "

"; - print_warning(__("You can disable all articles shared by unique URLs here.")); - - print "

"; - - print " "; - - print "

"; - PluginHost::getInstance()->run_hooks(PluginHost::HOOK_PREFS_TAB_SECTION, "hook_prefs_tab_section", "prefFeedsPublishedGenerated"); diff --git a/classes/rpc.php b/classes/rpc.php index 46583feb5..9cc8e7046 100644 --- a/classes/rpc.php +++ b/classes/rpc.php @@ -467,14 +467,6 @@ class RPC extends Handler_Protected { print_feed_cat_select("cat_id", $id, ''); } - // Silent - function clearArticleKeys() { - $this->dbh->query("UPDATE ttrss_user_entries SET uuid = '' WHERE - owner_uid = " . $_SESSION["uid"]); - - return; - } - function setpanelmode() { $wide = (int) $_REQUEST["wide"]; diff --git a/js/prefs.js b/js/prefs.js index 287804c6f..67a4a378c 100644 --- a/js/prefs.js +++ b/js/prefs.js @@ -1529,25 +1529,6 @@ function clearFeedAccessKeys() { return false; } -function clearArticleAccessKeys() { - - var ok = confirm(__("This will invalidate all previously shared article URLs. Continue?")); - - if (ok) { - notify_progress("Clearing URLs..."); - - var query = "?op=rpc&method=clearArticleKeys"; - - new Ajax.Request("backend.php", { - parameters: query, - onComplete: function(transport) { - notify_info("Shared URLs cleared."); - } }); - } - - return false; -} - function resetFilterOrder() { try { notify_progress("Loading, please wait..."); diff --git a/plugins/share/init.php b/plugins/share/init.php index a1b0146a1..552aa0a31 100644 --- a/plugins/share/init.php +++ b/plugins/share/init.php @@ -12,12 +12,18 @@ class Share extends Plugin { $this->host = $host; $host->add_hook($host::HOOK_ARTICLE_BUTTON, $this); + $host->add_hook($host::HOOK_PREFS_TAB_SECTION, $this); } function get_js() { return file_get_contents(dirname(__FILE__) . "/share.js"); } + function get_prefs_js() { + return file_get_contents(dirname(__FILE__) . "/share_prefs.js"); + } + + function unshare() { $id = db_escape_string($_REQUEST['id']); @@ -27,6 +33,30 @@ class Share extends Plugin { print "OK"; } + function hook_prefs_tab_section($id) { + if ($id == "prefFeedsPublishedGenerated") { + + print_warning(__("You can disable all articles shared by unique URLs here.")); + + print "

"; + + print " "; + + print "

"; + + } + } + + // Silent + function clearArticleKeys() { + db_query("UPDATE ttrss_user_entries SET uuid = '' WHERE + owner_uid = " . $_SESSION["uid"]); + + return; + } + + function newkey() { $id = db_escape_string($_REQUEST['id']); diff --git a/plugins/share/share_prefs.js b/plugins/share/share_prefs.js new file mode 100644 index 000000000..9efe291f9 --- /dev/null +++ b/plugins/share/share_prefs.js @@ -0,0 +1,21 @@ +function clearArticleAccessKeys() { + + var ok = confirm(__("This will invalidate all previously shared article URLs. Continue?")); + + if (ok) { + notify_progress("Clearing URLs..."); + + var query = "?op=pluginhandler&plugin=share&method=clearArticleKeys"; + + new Ajax.Request("backend.php", { + parameters: query, + onComplete: function(transport) { + notify_info("Shared URLs cleared."); + } }); + } + + return false; +} + + + -- cgit v1.2.3-54-g00ecf From abb04b76a51eb871a45011da55efb222924d50ee Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Thu, 11 Jul 2013 16:20:24 +0400 Subject: share: indicate whether article is shared or not using the icon --- include/functions.php | 2 ++ plugins/share/init.php | 4 +++- plugins/share/notshared.png | Bin 0 -> 657 bytes plugins/share/share.js | 10 ++++++++++ 4 files changed, 15 insertions(+), 1 deletion(-) create mode 100644 plugins/share/notshared.png (limited to 'plugins/share/init.php') diff --git a/include/functions.php b/include/functions.php index 35edd8d1a..145f09804 100644 --- a/include/functions.php +++ b/include/functions.php @@ -2645,6 +2645,7 @@ num_comments, comments, int_id, + uuid, hide_images, unread,feed_id,marked,published,link,last_read,orig_feed_id, last_marked, last_published, @@ -2687,6 +2688,7 @@ "tag_cache," . "label_cache," . "link," . + "uuid," . "last_read," . "(SELECT hide_images FROM ttrss_feeds WHERE id = feed_id) AS hide_images," . "last_marked, last_published, " . diff --git a/plugins/share/init.php b/plugins/share/init.php index 552aa0a31..a000b8ebe 100644 --- a/plugins/share/init.php +++ b/plugins/share/init.php @@ -69,7 +69,9 @@ class Share extends Plugin { } function hook_article_button($line) { - return ""; diff --git a/plugins/share/notshared.png b/plugins/share/notshared.png new file mode 100644 index 000000000..523575306 Binary files /dev/null and b/plugins/share/notshared.png differ diff --git a/plugins/share/share.js b/plugins/share/share.js index bbfb553d5..09c973ed8 100644 --- a/plugins/share/share.js +++ b/plugins/share/share.js @@ -37,6 +37,9 @@ function shareArticle(id) { new Effect.Highlight(e); + var img = $("SHARE-IMG-" + id); + if (img) img.src = img.src.replace("notshared.png", "share.png"); + notify(''); } else { @@ -61,6 +64,10 @@ function shareArticle(id) { parameters: query, onComplete: function(transport) { notify("Article unshared."); + + var img = $("SHARE-IMG-" + id); + if (img) img.src = img.src.replace("share.png", "notshared.png"); + dialog.hide(); } }); } @@ -70,6 +77,9 @@ function shareArticle(id) { dialog.show(); + var img = $("SHARE-IMG-" + id); + if (img) img.src = img.src.replace("notshared.png", "share.png"); + } catch (e) { exception_error("shareArticle", e); } -- cgit v1.2.3-54-g00ecf From 76d78eb2e75adee00024d3beedaf437c2d91d1c6 Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Tue, 24 Dec 2013 13:27:57 +0400 Subject: remove unnecessary wrapping from share uniqid() keys --- classes/pref/feeds.php | 2 +- include/functions.php | 8 ++++---- plugins/instances/init.php | 4 ++-- plugins/share/init.php | 4 ++-- 4 files changed, 9 insertions(+), 9 deletions(-) (limited to 'plugins/share/init.php') diff --git a/classes/pref/feeds.php b/classes/pref/feeds.php index 122d4b116..05c2b229e 100644 --- a/classes/pref/feeds.php +++ b/classes/pref/feeds.php @@ -1891,7 +1891,7 @@ class Pref_Feeds extends Handler_Protected { AND owner_uid = " . $owner_uid); if ($this->dbh->num_rows($result) == 1) { - $key = $this->dbh->escape_string(sha1(uniqid(rand(), true))); + $key = $this->dbh->escape_string(uniqid()); $this->dbh->query("UPDATE ttrss_access_keys SET access_key = '$key' WHERE feed_id = '$feed_id' AND is_cat = $sql_is_cat diff --git a/include/functions.php b/include/functions.php index cf9b0510f..a64f0978a 100644 --- a/include/functions.php +++ b/include/functions.php @@ -80,7 +80,7 @@ "pt_BR" => "Portuguese/Brazil", "zh_CN" => "Simplified Chinese", "sv_SE" => "Svenska", - "fi_FI" => "Suomi", + "fi_FI" => "Suomi", "tr_TR" => "Türkçe"); return $tr; @@ -721,7 +721,7 @@ $_SESSION["name"] = db_fetch_result($result, 0, "login"); $_SESSION["access_level"] = db_fetch_result($result, 0, "access_level"); - $_SESSION["csrf_token"] = sha1(uniqid(rand(), true)); + $_SESSION["csrf_token"] = uniqid(rand(), true); db_query("UPDATE ttrss_users SET last_login = NOW() WHERE id = " . $_SESSION["uid"]); @@ -751,7 +751,7 @@ $_SESSION["auth_module"] = false; if (!$_SESSION["csrf_token"]) { - $_SESSION["csrf_token"] = sha1(uniqid(rand(), true)); + $_SESSION["csrf_token"] = uniqid(rand(), true); } $_SESSION["ip_address"] = $_SERVER["REMOTE_ADDR"]; @@ -3747,7 +3747,7 @@ if (db_num_rows($result) == 1) { return db_fetch_result($result, 0, "access_key"); } else { - $key = db_escape_string(sha1(uniqid(rand(), true))); + $key = db_escape_string(uniqid()); $result = db_query("INSERT INTO ttrss_access_keys (access_key, feed_id, is_cat, owner_uid) diff --git a/plugins/instances/init.php b/plugins/instances/init.php index aac28196f..069186ad1 100644 --- a/plugins/instances/init.php +++ b/plugins/instances/init.php @@ -407,7 +407,7 @@ class Instances extends Plugin implements IHandler { print "
"; - $access_key = sha1(uniqid(rand(), true)); + $access_key = uniqid(); /* Access key */ @@ -439,7 +439,7 @@ class Instances extends Plugin implements IHandler { } function genHash() { - $hash = sha1(uniqid(rand(), true)); + $hash = uniqid(); print json_encode(array("hash" => $hash)); } diff --git a/plugins/share/init.php b/plugins/share/init.php index a000b8ebe..5fa998757 100644 --- a/plugins/share/init.php +++ b/plugins/share/init.php @@ -60,7 +60,7 @@ class Share extends Plugin { function newkey() { $id = db_escape_string($_REQUEST['id']); - $uuid = db_escape_string(sha1(uniqid(rand(), true))); + $uuid = db_escape_string(uniqid()); db_query("UPDATE ttrss_user_entries SET uuid = '$uuid' WHERE int_id = '$id' AND owner_uid = " . $_SESSION['uid']); @@ -91,7 +91,7 @@ class Share extends Plugin { $ref_id = db_fetch_result($result, 0, "ref_id"); if (!$uuid) { - $uuid = db_escape_string(sha1(uniqid(rand(), true))); + $uuid = db_escape_string(uniqid()); db_query("UPDATE ttrss_user_entries SET uuid = '$uuid' WHERE int_id = '$param' AND owner_uid = " . $_SESSION['uid']); } -- cgit v1.2.3-54-g00ecf From 4c63934bacb628789897dc2e599e5aa30e76ccd5 Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Fri, 17 Jan 2014 13:41:27 +0400 Subject: increase randomness of shared url keys a bit --- classes/pref/feeds.php | 2 +- include/functions.php | 2 +- plugins/instances/init.php | 4 ++-- plugins/share/init.php | 4 ++-- 4 files changed, 6 insertions(+), 6 deletions(-) (limited to 'plugins/share/init.php') diff --git a/classes/pref/feeds.php b/classes/pref/feeds.php index 05c2b229e..4c51d220c 100644 --- a/classes/pref/feeds.php +++ b/classes/pref/feeds.php @@ -1891,7 +1891,7 @@ class Pref_Feeds extends Handler_Protected { AND owner_uid = " . $owner_uid); if ($this->dbh->num_rows($result) == 1) { - $key = $this->dbh->escape_string(uniqid()); + $key = $this->dbh->escape_string(uniqid(base_convert(rand(), 10, 36))); $this->dbh->query("UPDATE ttrss_access_keys SET access_key = '$key' WHERE feed_id = '$feed_id' AND is_cat = $sql_is_cat diff --git a/include/functions.php b/include/functions.php index fce15b535..28b7a7c89 100644 --- a/include/functions.php +++ b/include/functions.php @@ -3753,7 +3753,7 @@ if (db_num_rows($result) == 1) { return db_fetch_result($result, 0, "access_key"); } else { - $key = db_escape_string(uniqid()); + $key = db_escape_string(uniqid(base_convert(rand(), 10, 36))); $result = db_query("INSERT INTO ttrss_access_keys (access_key, feed_id, is_cat, owner_uid) diff --git a/plugins/instances/init.php b/plugins/instances/init.php index 069186ad1..2de0e5fd2 100644 --- a/plugins/instances/init.php +++ b/plugins/instances/init.php @@ -407,7 +407,7 @@ class Instances extends Plugin implements IHandler { print "
"; - $access_key = uniqid(); + $access_key = uniqid(rand(), true); /* Access key */ @@ -439,7 +439,7 @@ class Instances extends Plugin implements IHandler { } function genHash() { - $hash = uniqid(); + $hash = uniqid(base_convert(rand(), 10, 36)); print json_encode(array("hash" => $hash)); } diff --git a/plugins/share/init.php b/plugins/share/init.php index 5fa998757..899677c32 100644 --- a/plugins/share/init.php +++ b/plugins/share/init.php @@ -60,7 +60,7 @@ class Share extends Plugin { function newkey() { $id = db_escape_string($_REQUEST['id']); - $uuid = db_escape_string(uniqid()); + $uuid = db_escape_string(uniqid(base_convert(rand(), 10, 36))); db_query("UPDATE ttrss_user_entries SET uuid = '$uuid' WHERE int_id = '$id' AND owner_uid = " . $_SESSION['uid']); @@ -91,7 +91,7 @@ class Share extends Plugin { $ref_id = db_fetch_result($result, 0, "ref_id"); if (!$uuid) { - $uuid = db_escape_string(uniqid()); + $uuid = db_escape_string(uniqid(base_convert(rand(), 10, 36))); db_query("UPDATE ttrss_user_entries SET uuid = '$uuid' WHERE int_id = '$param' AND owner_uid = " . $_SESSION['uid']); } -- cgit v1.2.3-54-g00ecf