From 9645e3c3c6982c45b289dd3a56d9f2b2aff961e5 Mon Sep 17 00:00:00 2001
From: "Committo,Ergo:sum" <esj@rezo.net>
Date: Mon, 25 Aug 2008 22:06:31 +0000
Subject: [PATCH] =?UTF-8?q?Introduction=20dans=20les=20squelettes=20{{{pri?=
=?UTF-8?q?ve/rss}}}=20du=20contr=C3=B4le=20de=20s=C3=A9curit=C3=A9,=20et?=
=?UTF-8?q?=20changement=20des=20liens=20des=20boutons=20donnant=20un=20fl?=
=?UTF-8?q?ux=20RSS=20priv=C3=A9=20qui=20appellent=20=C3=A0=20pr=C3=A9sent?=
=?UTF-8?q?=20directement=20un=20squelette=20({{{prive/rss.html}}}),=20et?=
=?UTF-8?q?=20non=20plus=20le=20script=20{{{action/rss.php}}}.=20R=C3=A9?=
=?UTF-8?q?=C3=A9criture=20de=20celui-ci,=20qui=20accepte=20toujours=20les?=
=?UTF-8?q?=20anciens=20liens=20et=20leur=20communique=20le=20r=C3=A9sulta?=
=?UTF-8?q?t=20attendu=20malgr=C3=A9=20ces=20changements,=20au=20prix=20d'?=
=?UTF-8?q?un=20deuxi=C3=A8me=20contr=C3=B4le=20de=20s=C3=A9curit=C3=A9.?=
=?UTF-8?q?=20Mais=20il=20faudrait=20=C3=A9vacuer=20compl=C3=A8tement=20ce?=
=?UTF-8?q?=20script=20et=20retourner=20une=20redirection=20d=C3=A9finitiv?=
=?UTF-8?q?e,=20pas=20triviale=20car=20le=20hash=20n'est=20pas=20le=20m?=
=?UTF-8?q?=C3=AAme=20entre=20les=20deux=20versions.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
.gitattributes | 1 +
ecrire/action/rss.php | 13 +++++++++----
ecrire/exec/accueil.php | 2 +-
ecrire/inc/acces.php | 13 +++++++------
ecrire/public/parametrer.php | 2 +-
prive/rss.html | 1 +
prive/rss/a_suivre.html | 11 +++++++++--
prive/rss/forums.html | 11 +++++++++--
prive/rss/forums_interne.html | 11 +++++++++--
prive/rss/forums_prop.html | 11 +++++++++--
prive/rss/forums_public.html | 11 +++++++++--
prive/rss/forums_spam.html | 11 +++++++++--
prive/rss/forums_vide.html | 11 +++++++++--
prive/rss/messagerie.html | 10 ++++++++--
prive/rss/revisions.html | 10 ++++++++--
prive/rss/signatures.html | 14 ++++++++++----
16 files changed, 109 insertions(+), 34 deletions(-)
create mode 100644 prive/rss.html
diff --git a/.gitattributes b/.gitattributes
index 5a9eb4c356..ceea1bfe8b 100644
--- a/.gitattributes
+++ b/.gitattributes
@@ -765,6 +765,7 @@ prive/modeles/text.html -text
prive/modeles/video.html -text
prive/puce_prive.gif -text
prive/puce_prive_rtl.gif -text
+prive/rss.html -text
prive/rss/a_suivre.html -text
prive/rss/forums.html -text
prive/rss/forums_interne.html -text
diff --git a/ecrire/action/rss.php b/ecrire/action/rss.php
index 8bd3080248..c865add26c 100644
--- a/ecrire/action/rss.php
+++ b/ecrire/action/rss.php
@@ -12,6 +12,9 @@
if (!defined("_ECRIRE_INC_VERSION")) return;
+// Ce script n'est plus utile qu'a la compatibilite avec les liens
+// produits par l'ancienne definition de bouton_spip_rss
+
include_spip('inc/acces');
include_spip('inc/texte'); // utile pour l'espace public, deja fait sinon
@@ -38,18 +41,20 @@ function action_rss_dist()
if (verifier_low_sec($id, $cle, "rss $op $args")) {
lang_select($lang);
$op = str_replace('-', '_', $op);
- $contexte = array('fond' => 'prive/rss/' . $op);
- foreach (split(':', $args) as $bout) {
+ $contexte = $_REQUEST;
+ $contexte['cle'] = afficher_low_sec($id, $op, $args);
+ $contexte['fond'] = 'prive/rss/' . $op;
+ foreach (split(':', $args) as $bout) {
list($var, $val) = split('-', $bout, 2);
$contexte[$var] = $val;
- }
+ }
$f = charger_fonction($op, 'rss', true);
if ($f) $contexte = $f($contexte);
} else $contexte = '';
if ($contexte) {
$r = evaluer_fond ('', $contexte);
echo $r['texte'];
- $message ="spip_rss s'applique sur " . $contexte['fond'] . " et $args pour $id par $f";
+ $message ="spip_rss s'applique sur " . $contexte['fond'] . " et $args pour $id par $f cle " . $contexte['cle'];
} else $message = ("spip_rss sur '$op $args pour $id' incorrect");
spip_log("$message (" . spip_timer('rss') .')');
exit;
diff --git a/ecrire/exec/accueil.php b/ecrire/exec/accueil.php
index 26df58244e..0f2d32873e 100644
--- a/ecrire/exec/accueil.php
+++ b/ecrire/exec/accueil.php
@@ -87,7 +87,7 @@ function encours_accueil()
: '' )
)
. $res
- . bouton_spip_rss('a-suivre')
+ . bouton_spip_rss('a_suivre')
. fin_cadre_couleur_foncee(true)
. "</div>";
}
diff --git a/ecrire/inc/acces.php b/ecrire/inc/acces.php
index 9756bf1782..5ae1da1529 100644
--- a/ecrire/inc/acces.php
+++ b/ecrire/inc/acces.php
@@ -99,6 +99,7 @@ function low_sec($id_auteur) {
// Inclure les arguments significatifs pour le hachage
// cas particulier du statut pour compatibilite ancien suivi_revisions
// http://doc.spip.org/@generer_url_low_sec
+
function generer_url_low_sec($action, $args, $id_auteur=0, $lang='')
{
$a = '';
@@ -111,18 +112,18 @@ function generer_url_low_sec($action, $args, $id_auteur=0, $lang='')
}
$a = substr($a,1);
}
- $cle = afficher_low_sec($id_auteur, "rss $action $a");
- return generer_url_action('rss', "$b&cle=$cle&args=$a");
+ $cle = afficher_low_sec($id_auteur, $action, $a);
+ return generer_url_public("rss", "$b&cle=$cle&args=$a");
}
// http://doc.spip.org/@afficher_low_sec
-function afficher_low_sec ($id_auteur, $action='') {
- return substr(md5($action.low_sec($id_auteur)),0,8);
+function afficher_low_sec ($id_auteur, $action='', $args='') {
+ return substr(md5($action.$args.low_sec($id_auteur)),0,8);
}
// http://doc.spip.org/@verifier_low_sec
-function verifier_low_sec ($id_auteur, $cle, $action='') {
- return ($cle == afficher_low_sec($id_auteur, $action));
+function verifier_low_sec ($id_auteur, $cle, $action='', $args='') {
+ return ($cle == afficher_low_sec($id_auteur, $action, $args));
}
// http://doc.spip.org/@effacer_low_sec
diff --git a/ecrire/public/parametrer.php b/ecrire/public/parametrer.php
index ee47db2dfd..72837c4077 100644
--- a/ecrire/public/parametrer.php
+++ b/ecrire/public/parametrer.php
@@ -16,8 +16,8 @@ if (!defined("_ECRIRE_INC_VERSION")) return;
// Ce fichier calcule une page en executant un squelette.
//
-include_spip('base/abstract_sql');
include_spip('inc/lang');
+include_spip('inc/acces');
// NB: Ce fichier peut initialiser $dossier_squelettes (old-style)
// donc il faut l'inclure "en globals"
diff --git a/prive/rss.html b/prive/rss.html
new file mode 100644
index 0000000000..b90a1f803f
--- /dev/null
+++ b/prive/rss.html
@@ -0,0 +1 @@
+#HTTP_HEADER{Content-Type: text/xml; charset=#CHARSET}<INCLURE{fond=prive/rss/#ENV{op}}{env}>
\ No newline at end of file
diff --git a/prive/rss/a_suivre.html b/prive/rss/a_suivre.html
index 86f4304681..c48dfd2b31 100644
--- a/prive/rss/a_suivre.html
+++ b/prive/rss/a_suivre.html
@@ -1,4 +1,6 @@
-#HTTP_HEADER{Content-Type: text/xml; charset=#CHARSET}<?xml version="1.0" encoding="#CHARSET" ?>
+#HTTP_HEADER{Content-Type: text/xml; charset=#CHARSET}#CACHE{900}<BOUCLE0(AUTEURS){tout}{id_auteur=#ENV{id}}{lang_select}><?php
+if ([(#ID_AUTEUR|verifier_low_sec{#ENV{cle}, #ENV{op}, #ENV{args}}|?{1,0})]) {
+?><?xml version="1.0" encoding="#CHARSET" ?>
<rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:thr="http://purl.org/syndication/thread/1.0">
<channel xml:lang="#LANG">
@@ -48,4 +50,9 @@ rsort($rss);
echo join('',$rss);
?>
</channel>
-</rss>
+</rss><?php
+} else {
+include_spip('inc/minipres');
+echo minipres();
+}?></BOUCLE0>
+
diff --git a/prive/rss/forums.html b/prive/rss/forums.html
index 325f613888..b99aa92c0c 100644
--- a/prive/rss/forums.html
+++ b/prive/rss/forums.html
@@ -1,4 +1,6 @@
-#HTTP_HEADER{Content-Type: text/xml; charset=#CHARSET}<?xml version="1.0" encoding="#CHARSET" ?>
+#HTTP_HEADER{Content-Type: text/xml; charset=#CHARSET}#CACHE{900}<BOUCLE0(AUTEURS){tout}{id_auteur=#ENV{id}}{lang_select}><?php
+if ([(#ID_AUTEUR|verifier_low_sec{#ENV{cle}, #ENV{op}, #ENV{args}}|?{1,0})]) {
+?><?xml version="1.0" encoding="#CHARSET" ?>
<rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:thr="http://purl.org/syndication/thread/1.0">
<channel xml:lang="[(#ENV{lang}|texte_backend)]">
@@ -21,4 +23,9 @@
<description>[ (#TEXTE|liens_absolus|texte_backend)]#NOTES</description>
</item></BOUCLE_RSS>
</channel>
-</rss>
+</rss><?php
+} else {
+include_spip('inc/minipres');
+echo minipres();
+}?></BOUCLE0>
+
diff --git a/prive/rss/forums_interne.html b/prive/rss/forums_interne.html
index e524e84ba0..ba236ffc63 100644
--- a/prive/rss/forums_interne.html
+++ b/prive/rss/forums_interne.html
@@ -1,4 +1,6 @@
-#HTTP_HEADER{Content-Type: text/xml; charset=#CHARSET}<?xml version="1.0" encoding="#CHARSET" ?>
+#HTTP_HEADER{Content-Type: text/xml; charset=#CHARSET}#CACHE{900}<BOUCLE0(AUTEURS){tout}{id_auteur=#ENV{id}}{lang_select}><?php
+if ([(#ID_AUTEUR|verifier_low_sec{#ENV{cle}, #ENV{op}, #ENV{args}}|?{1,0})]) {
+?><?xml version="1.0" encoding="#CHARSET" ?>
<rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:thr="http://purl.org/syndication/thread/1.0">
<channel xml:lang="[(#ENV{lang}|texte_backend)]">
@@ -21,4 +23,9 @@
<description>[ (#TEXTE|liens_absolus|texte_backend)]#NOTES</description>
</item></BOUCLE_RSS>
</channel>
-</rss>
+</rss><?php
+} else {
+include_spip('inc/minipres');
+echo minipres();
+}?></BOUCLE0>
+
diff --git a/prive/rss/forums_prop.html b/prive/rss/forums_prop.html
index 0e2079e140..f67cf6a5e4 100644
--- a/prive/rss/forums_prop.html
+++ b/prive/rss/forums_prop.html
@@ -1,4 +1,6 @@
-#HTTP_HEADER{Content-Type: text/xml; charset=#CHARSET}<?xml version="1.0" encoding="#CHARSET" ?>
+#HTTP_HEADER{Content-Type: text/xml; charset=#CHARSET}#CACHE{900}<BOUCLE0(AUTEURS){tout}{id_auteur=#ENV{id}}{lang_select}><?php
+if ([(#ID_AUTEUR|verifier_low_sec{#ENV{cle}, #ENV{op}, #ENV{args}}|?{1,0})]) {
+?><?xml version="1.0" encoding="#CHARSET" ?>
<rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:thr="http://purl.org/syndication/thread/1.0">
<channel xml:lang="[(#ENV{lang}|texte_backend)]">
@@ -21,4 +23,9 @@
<description>[ (#TEXTE|liens_absolus|texte_backend)]#NOTES</description>
</item></BOUCLE_RSS>
</channel>
-</rss>
+</rss><?php
+} else {
+include_spip('inc/minipres');
+echo minipres();
+}?></BOUCLE0>
+
diff --git a/prive/rss/forums_public.html b/prive/rss/forums_public.html
index 491954710e..07b744e9e2 100644
--- a/prive/rss/forums_public.html
+++ b/prive/rss/forums_public.html
@@ -1,4 +1,6 @@
-#HTTP_HEADER{Content-Type: text/xml; charset=#CHARSET}<?xml version="1.0" encoding="#CHARSET" ?>
+#HTTP_HEADER{Content-Type: text/xml; charset=#CHARSET}#CACHE{900}<BOUCLE0(AUTEURS){tout}{id_auteur=#ENV{id}}{lang_select}><?php
+if ([(#ID_AUTEUR|verifier_low_sec{#ENV{cle}, #ENV{op}, #ENV{args}}|?{1,0})]) {
+?><?xml version="1.0" encoding="#CHARSET" ?>
<rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:thr="http://purl.org/syndication/thread/1.0">
<channel xml:lang="[(#ENV{lang}|texte_backend)]">
@@ -21,4 +23,9 @@
<description>[ (#TEXTE|liens_absolus|texte_backend)]#NOTES</description>
</item></BOUCLE_RSS>
</channel>
-</rss>
+</rss><?php
+} else {
+include_spip('inc/minipres');
+echo minipres();
+}?></BOUCLE0>
+
diff --git a/prive/rss/forums_spam.html b/prive/rss/forums_spam.html
index 1587a8e64d..6f0076461d 100644
--- a/prive/rss/forums_spam.html
+++ b/prive/rss/forums_spam.html
@@ -1,4 +1,6 @@
-#HTTP_HEADER{Content-Type: text/xml; charset=#CHARSET}<?xml version="1.0" encoding="#CHARSET" ?>
+#HTTP_HEADER{Content-Type: text/xml; charset=#CHARSET}#CACHE{900}<BOUCLE0(AUTEURS){tout}{id_auteur=#ENV{id}}{lang_select}><?php
+if ([(#ID_AUTEUR|verifier_low_sec{#ENV{cle}, #ENV{op}, #ENV{args}}|?{1,0})]) {
+?><?xml version="1.0" encoding="#CHARSET" ?>
<rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:thr="http://purl.org/syndication/thread/1.0">
<channel xml:lang="[(#ENV{lang}|texte_backend)]">
@@ -21,4 +23,9 @@
<description>[ (#TEXTE|liens_absolus|texte_backend)]#NOTES</description>
</item></BOUCLE_RSS>
</channel>
-</rss>
+</rss><?php
+} else {
+include_spip('inc/minipres');
+echo minipres();
+}?></BOUCLE0>
+
diff --git a/prive/rss/forums_vide.html b/prive/rss/forums_vide.html
index ca51260cda..25f61a6469 100644
--- a/prive/rss/forums_vide.html
+++ b/prive/rss/forums_vide.html
@@ -1,4 +1,6 @@
-#HTTP_HEADER{Content-Type: text/xml; charset=#CHARSET}<?xml version="1.0" encoding="#CHARSET" ?>
+#HTTP_HEADER{Content-Type: text/xml; charset=#CHARSET}#CACHE{900}<BOUCLE0(AUTEURS){tout}{id_auteur=#ENV{id}}{lang_select}><?php
+if ([(#ID_AUTEUR|verifier_low_sec{#ENV{cle}, #ENV{op}, #ENV{args}}|?{1,0})]) {
+?><?xml version="1.0" encoding="#CHARSET" ?>
<rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:thr="http://purl.org/syndication/thread/1.0">
<channel xml:lang="[(#ENV{lang}|texte_backend)]">
@@ -21,4 +23,9 @@
<description>[ (#TEXTE|liens_absolus|texte_backend)]#NOTES</description>
</item></BOUCLE_RSS>
</channel>
-</rss>
+</rss><?php
+} else {
+include_spip('inc/minipres');
+echo minipres();
+}?></BOUCLE0>
+
diff --git a/prive/rss/messagerie.html b/prive/rss/messagerie.html
index 57ccd747d5..a5a5bbff36 100644
--- a/prive/rss/messagerie.html
+++ b/prive/rss/messagerie.html
@@ -1,4 +1,6 @@
-#HTTP_HEADER{Content-Type: text/xml; charset=#CHARSET}<?xml version="1.0" encoding="#CHARSET" ?>
+#HTTP_HEADER{Content-Type: text/xml; charset=#CHARSET}#CACHE{900}<BOUCLE0(AUTEURS){tout}{id_auteur=#ENV{id}}{lang_select}><?php
+if ([(#ID_AUTEUR|verifier_low_sec{#ENV{cle}, #ENV{op}, #ENV{args}}|?{1,0})]) {
+?><?xml version="1.0" encoding="#CHARSET" ?>
<rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:thr="http://purl.org/syndication/thread/1.0">
<channel xml:lang="#LANG">
@@ -39,4 +41,8 @@ rsort($rss);
echo join('',$rss);
?>
</channel>
-</rss>
+</rss><?php
+} else {
+include_spip('inc/minipres');
+echo minipres();
+}?></BOUCLE0>
diff --git a/prive/rss/revisions.html b/prive/rss/revisions.html
index eb237af41e..cdbbad3f78 100644
--- a/prive/rss/revisions.html
+++ b/prive/rss/revisions.html
@@ -1,4 +1,6 @@
-#HTTP_HEADER{Content-Type: text/xml; charset=#CHARSET}<?xml version="1.0" encoding="#CHARSET" ?>
+#HTTP_HEADER{Content-Type: text/xml; charset=#CHARSET}#CACHE{900}<BOUCLE0(AUTEURS){tout}{id_auteur=#ENV{id}}{lang_select}><?php
+if ([(#ID_AUTEUR|verifier_low_sec{#ENV{cle}, #ENV{op}, #ENV{args}}|?{1,0})]) {
+?><?xml version="1.0" encoding="#CHARSET" ?>
<rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:thr="http://purl.org/syndication/thread/1.0">
<channel xml:lang="[(#ENV{lang}|texte_backend)]">
@@ -18,4 +20,8 @@
<description>[(#ID_ARTICLE|revisions_diff{#ID_VERSION})]</description>
</item></BOUCLE_RSS>
</channel>
-</rss>
+</rss><?php
+} else {
+include_spip('inc/minipres');
+echo minipres();
+}?></BOUCLE0>
diff --git a/prive/rss/signatures.html b/prive/rss/signatures.html
index 5438834ff9..6edb5ea3a9 100644
--- a/prive/rss/signatures.html
+++ b/prive/rss/signatures.html
@@ -1,4 +1,6 @@
-#HTTP_HEADER{Content-Type: text/xml; charset=#CHARSET}<?xml version="1.0" encoding="#CHARSET" ?>
+#HTTP_HEADER{Content-Type: text/xml; charset=#CHARSET}#CACHE{900}<BOUCLE0(AUTEURS){tout}{id_auteur=#ENV{id}}{lang_select}><?php
+if ([(#ID_AUTEUR|verifier_low_sec{#ENV{cle}, #ENV{op}, #ENV{args}}|?{1,0})]) {
+?><?xml version="1.0" encoding="#CHARSET" ?>
<rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:thr="http://purl.org/syndication/thread/1.0">
<channel xml:lang="[(#ENV{lang}|texte_backend)]">
@@ -7,7 +9,7 @@
<description></description>
<language>[(#ENV{lang}|texte_backend)]</language>
<BOUCLE_RSS(SIGNATURES){!par date}{0,50}
- ><BOUCLE0(ARTICLES){id_article}>
+ ><BOUCLE_A(ARTICLES){id_article}>
<item>
<title>[(#TITRE|texte_backend)]</title>
<link>[(#URL_ARTICLE|url_absolue|texte_backend)]</link>
@@ -17,6 +19,10 @@
[<dc:language>(#LANG|texte_backend)</dc:language>]
<dc:creator>[(#NOM_EMAIL|texte_backend)][ <(#EMAIL|texte_backend)>]</dc:creator>
<description>[(#_RSS:URL_SITE|propre|liens_absolus)][ (#MESSAGE|couper{300}|liens_absolus|texte_backend)]</description>
- </item></BOUCLE0></BOUCLE_RSS>
+ </item></BOUCLE_A></BOUCLE_RSS>
</channel>
-</rss>
+</rss><?php
+} else {
+include_spip('inc/minipres');
+echo minipres();
+}?></BOUCLE0>
--
GitLab