From: garvinhicking <garvinhicking>
Date: Thu, 14 Sep 2006 08:45:13 +0000 (+0000)
Subject: Upgrade remoteRSS plugin
X-Git-Tag: 1.1~89
X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=412a59bba8afd34e4efc93015a54f5a19c59b3b6;p=s9y.git
Upgrade remoteRSS plugin
---
diff --git a/include/functions_images.inc.php b/include/functions_images.inc.php
index 221afd5..35a30a7 100644
--- a/include/functions_images.inc.php
+++ b/include/functions_images.inc.php
@@ -256,8 +256,10 @@ function serendipity_fetchImageFromDatabase($id, $mode = 'read') {
$cond['distinct'] = '';
}
- serendipity_ACL_SQL($cond, false, 'directory', $mode);
-
+ if ($mode != 'discard') {
+ serendipity_ACL_SQL($cond, false, 'directory', $mode);
+ }
+
$rs = serendipity_db_query("SELECT {$cond['distinct']} i.id, i.name, i.extension, i.mime, i.size, i.dimensions_width, i.dimensions_height, i.date, i.thumbnail_name, i.authorid, i.path, i.hotlink, i.realname
FROM {$serendipity['dbPrefix']}images AS i
{$cond['joins']}
diff --git a/plugins/serendipity_plugin_remoterss/UTF-8/lang_de.inc.php b/plugins/serendipity_plugin_remoterss/UTF-8/lang_de.inc.php
index d94bce4..6431e3a 100644
--- a/plugins/serendipity_plugin_remoterss/UTF-8/lang_de.inc.php
+++ b/plugins/serendipity_plugin_remoterss/UTF-8/lang_de.inc.php
@@ -1,21 +1,28 @@
<?php # $Id$
- @define('PLUGIN_REMOTERSS_TITLE', 'Fremder RSS/OPML-Blogroll Feed');
- @define('PLUGIN_REMOTERSS_BLAHBLAH', 'Zeigt Einträge eines externen RSS/OPML-Feeds an (z.B. Blogroll)');
- @define('PLUGIN_REMOTERSS_NUMBER', 'Anzahl der Einträge');
- @define('PLUGIN_REMOTERSS_NUMBER_BLAHBLAH', 'Wieviele Einträge sollen angezeigt werden? (Standard: alle im Feed)');
- @define('PLUGIN_REMOTERSS_SIDEBARTITLE', 'Feed-Titel');
- @define('PLUGIN_REMOTERSS_SIDEBARTITLE_BLAHBLAH', 'Titel der Feed-Anzeige in der Sidebar des Blogs');
- @define('PLUGIN_REMOTERSS_RSSURI', 'RSS/OPML-URI');
- @define('PLUGIN_REMOTERSS_RSSURI_BLAHBLAH', 'URI des RSS/OPML-Feeds, der angezeigt werden soll');
- @define('PLUGIN_REMOTERSS_RSSTARGET', 'Link-Target');
- @define('PLUGIN_REMOTERSS_RSSTARGET_BLAHBLAH', 'Target des Links zu einem der angezeigten RSS-Einträge (Standard: _blank)');
- @define('PLUGIN_REMOTERSS_NOURI', 'Kein RSS/OPML-Feed gewählt');
- @define('PLUGIN_REMOTERSS_CACHETIME', 'Wann wird der Feed aktualisiert?');
- @define('PLUGIN_REMOTERSS_CACHETIME_BLAHBLAH', 'Die Inhalte des fremden Feeds werden gecached. Sobald der Cache älter ist als X Sekunden wird er aktualisiert (Standard: 3 Stunden)');
- @define('PLUGIN_REMOTERSS_FEEDTYPE', 'Typ des Feeds');
- @define('PLUGIN_REMOTERSS_FEEDTYPE_BLAHBLAH', 'Wählen Sie das Format des einzubindenden Feeds');
- @define('PLUGIN_REMOTERSS_BULLETIMG', 'Bullet Image');
- @define('PLUGIN_REMOTERSS_BULLETIMG_BLAHBLAH', 'Image to display before each headline.');
- @define('PLUGIN_REMOTERSS_DISPLAYDATE', 'Display Date');
- @define('PLUGIN_REMOTERSS_DISPLAYDATE_BLAHBLAH', 'Display the date below the headline?');
+@define('PLUGIN_REMOTERSS_TITLE', 'Fremder RSS/OPML-Blogroll Feed');
+@define('PLUGIN_REMOTERSS_BLAHBLAH', 'Zeigt Einträge eines externen RSS/OPML-Feeds an (z.B. Blogroll)');
+@define('PLUGIN_REMOTERSS_NUMBER', 'Anzahl der Einträge');
+@define('PLUGIN_REMOTERSS_NUMBER_BLAHBLAH', 'Wieviele Einträge sollen angezeigt werden? (Standard: alle im Feed)');
+@define('PLUGIN_REMOTERSS_SIDEBARTITLE', 'Feed-Titel');
+@define('PLUGIN_REMOTERSS_SIDEBARTITLE_BLAHBLAH', 'Titel der Feed-Anzeige in der Sidebar des Blogs');
+@define('PLUGIN_REMOTERSS_RSSURI', 'RSS/OPML-URI');
+@define('PLUGIN_REMOTERSS_RSSURI_BLAHBLAH', 'URI des RSS/OPML-Feeds, der angezeigt werden soll');
+@define('PLUGIN_REMOTERSS_RSSTARGET', 'Link-Target');
+@define('PLUGIN_REMOTERSS_RSSTARGET_BLAHBLAH', 'Target des Links zu einem der angezeigten RSS-Einträge (Standard: _blank)');
+@define('PLUGIN_REMOTERSS_NOURI', 'Kein RSS/OPML-Feed gewählt');
+@define('PLUGIN_REMOTERSS_CACHETIME', 'Wann wird der Feed aktualisiert?');
+@define('PLUGIN_REMOTERSS_CACHETIME_BLAHBLAH', 'Die Inhalte des fremden Feeds werden gecached. Sobald der Cache älter ist als X Sekunden wird er aktualisiert (Standard: 3 Stunden)');
+@define('PLUGIN_REMOTERSS_FEEDTYPE', 'Typ des Feeds');
+@define('PLUGIN_REMOTERSS_FEEDTYPE_BLAHBLAH', 'Wählen Sie das Format des einzubindenden Feeds');
+@define('PLUGIN_REMOTERSS_BULLETIMG', 'Bullet Image');
+@define('PLUGIN_REMOTERSS_BULLETIMG_BLAHBLAH', 'Image to display before each headline.');
+@define('PLUGIN_REMOTERSS_DISPLAYDATE', 'Display Date');
+@define('PLUGIN_REMOTERSS_DISPLAYDATE_BLAHBLAH', 'Display the date below the headline?');
+
+@define('PLUGIN_REMOTERSS_RSSLINK', 'RSS-Link verwenden?');
+@define('PLUGIN_REMOTERSS_RSSLINK_DESC', 'Soll ein Hyperlink auf den im RSS-Feed angegebenen Link gesetzt werden?');
+@define('PLUGIN_REMOTERSS_RSSFIELD', 'RSS Zielelement');
+@define('PLUGIN_REMOTERSS_RSSFIELD_DESC', 'Welches Element des RSS-Feeds soll dargestellt werden? (z.B.: "title", "content:encoded", "description", ...)');
+@define('PLUGIN_REMOTERSS_RSSESCAPE', 'HTML-Ausgabe escapen?');
+@define('PLUGIN_REMOTERSS_RSSESCAPE_DESC', 'Wenn aktiviert, wird HTML in RSS-Feeds maskiert und "sicher" ausgegeben. Wenn diese Option deaktiviert ist, wird HTML in einem Feed interpretiert - dies stellt eine potentielle Gefahr dar, wenn der eingebundene Feed nicht ihrer ist!');
diff --git a/plugins/serendipity_plugin_remoterss/lang_de.inc.php b/plugins/serendipity_plugin_remoterss/lang_de.inc.php
index 4c6fd41..2be801f 100644
--- a/plugins/serendipity_plugin_remoterss/lang_de.inc.php
+++ b/plugins/serendipity_plugin_remoterss/lang_de.inc.php
@@ -1,21 +1,28 @@
<?php # $Id$
- @define('PLUGIN_REMOTERSS_TITLE', 'Fremder RSS/OPML-Blogroll Feed');
- @define('PLUGIN_REMOTERSS_BLAHBLAH', 'Zeigt Einträge eines externen RSS/OPML-Feeds an (z.B. Blogroll)');
- @define('PLUGIN_REMOTERSS_NUMBER', 'Anzahl der Einträge');
- @define('PLUGIN_REMOTERSS_NUMBER_BLAHBLAH', 'Wieviele Einträge sollen angezeigt werden? (Standard: alle im Feed)');
- @define('PLUGIN_REMOTERSS_SIDEBARTITLE', 'Feed-Titel');
- @define('PLUGIN_REMOTERSS_SIDEBARTITLE_BLAHBLAH', 'Titel der Feed-Anzeige in der Sidebar des Blogs');
- @define('PLUGIN_REMOTERSS_RSSURI', 'RSS/OPML-URI');
- @define('PLUGIN_REMOTERSS_RSSURI_BLAHBLAH', 'URI des RSS/OPML-Feeds, der angezeigt werden soll');
- @define('PLUGIN_REMOTERSS_RSSTARGET', 'Link-Target');
- @define('PLUGIN_REMOTERSS_RSSTARGET_BLAHBLAH', 'Target des Links zu einem der angezeigten RSS-Einträge (Standard: _blank)');
- @define('PLUGIN_REMOTERSS_NOURI', 'Kein RSS/OPML-Feed gewählt');
- @define('PLUGIN_REMOTERSS_CACHETIME', 'Wann wird der Feed aktualisiert?');
- @define('PLUGIN_REMOTERSS_CACHETIME_BLAHBLAH', 'Die Inhalte des fremden Feeds werden gecached. Sobald der Cache älter ist als X Sekunden wird er aktualisiert (Standard: 3 Stunden)');
- @define('PLUGIN_REMOTERSS_FEEDTYPE', 'Typ des Feeds');
- @define('PLUGIN_REMOTERSS_FEEDTYPE_BLAHBLAH', 'Wählen Sie das Format des einzubindenden Feeds');
- @define('PLUGIN_REMOTERSS_BULLETIMG', 'Bullet Image');
- @define('PLUGIN_REMOTERSS_BULLETIMG_BLAHBLAH', 'Image to display before each headline.');
- @define('PLUGIN_REMOTERSS_DISPLAYDATE', 'Display Date');
- @define('PLUGIN_REMOTERSS_DISPLAYDATE_BLAHBLAH', 'Display the date below the headline?');
+@define('PLUGIN_REMOTERSS_TITLE', 'Fremder RSS/OPML-Blogroll Feed');
+@define('PLUGIN_REMOTERSS_BLAHBLAH', 'Zeigt Einträge eines externen RSS/OPML-Feeds an (z.B. Blogroll)');
+@define('PLUGIN_REMOTERSS_NUMBER', 'Anzahl der Einträge');
+@define('PLUGIN_REMOTERSS_NUMBER_BLAHBLAH', 'Wieviele Einträge sollen angezeigt werden? (Standard: alle im Feed)');
+@define('PLUGIN_REMOTERSS_SIDEBARTITLE', 'Feed-Titel');
+@define('PLUGIN_REMOTERSS_SIDEBARTITLE_BLAHBLAH', 'Titel der Feed-Anzeige in der Sidebar des Blogs');
+@define('PLUGIN_REMOTERSS_RSSURI', 'RSS/OPML-URI');
+@define('PLUGIN_REMOTERSS_RSSURI_BLAHBLAH', 'URI des RSS/OPML-Feeds, der angezeigt werden soll');
+@define('PLUGIN_REMOTERSS_RSSTARGET', 'Link-Target');
+@define('PLUGIN_REMOTERSS_RSSTARGET_BLAHBLAH', 'Target des Links zu einem der angezeigten RSS-Einträge (Standard: _blank)');
+@define('PLUGIN_REMOTERSS_NOURI', 'Kein RSS/OPML-Feed gewählt');
+@define('PLUGIN_REMOTERSS_CACHETIME', 'Wann wird der Feed aktualisiert?');
+@define('PLUGIN_REMOTERSS_CACHETIME_BLAHBLAH', 'Die Inhalte des fremden Feeds werden gecached. Sobald der Cache älter ist als X Sekunden wird er aktualisiert (Standard: 3 Stunden)');
+@define('PLUGIN_REMOTERSS_FEEDTYPE', 'Typ des Feeds');
+@define('PLUGIN_REMOTERSS_FEEDTYPE_BLAHBLAH', 'Wählen Sie das Format des einzubindenden Feeds');
+@define('PLUGIN_REMOTERSS_BULLETIMG', 'Bullet Image');
+@define('PLUGIN_REMOTERSS_BULLETIMG_BLAHBLAH', 'Image to display before each headline.');
+@define('PLUGIN_REMOTERSS_DISPLAYDATE', 'Display Date');
+@define('PLUGIN_REMOTERSS_DISPLAYDATE_BLAHBLAH', 'Display the date below the headline?');
+
+@define('PLUGIN_REMOTERSS_RSSLINK', 'RSS-Link verwenden?');
+@define('PLUGIN_REMOTERSS_RSSLINK_DESC', 'Soll ein Hyperlink auf den im RSS-Feed angegebenen Link gesetzt werden?');
+@define('PLUGIN_REMOTERSS_RSSFIELD', 'RSS Zielelement');
+@define('PLUGIN_REMOTERSS_RSSFIELD_DESC', 'Welches Element des RSS-Feeds soll dargestellt werden? (z.B.: "title", "content:encoded", "description", ...)');
+@define('PLUGIN_REMOTERSS_RSSESCAPE', 'HTML-Ausgabe escapen?');
+@define('PLUGIN_REMOTERSS_RSSESCAPE_DESC', 'Wenn aktiviert, wird HTML in RSS-Feeds maskiert und "sicher" ausgegeben. Wenn diese Option deaktiviert ist, wird HTML in einem Feed interpretiert - dies stellt eine potentielle Gefahr dar, wenn der eingebundene Feed nicht ihrer ist!');
diff --git a/plugins/serendipity_plugin_remoterss/lang_en.inc.php b/plugins/serendipity_plugin_remoterss/lang_en.inc.php
index 4c62b0f..17e6885 100644
--- a/plugins/serendipity_plugin_remoterss/lang_en.inc.php
+++ b/plugins/serendipity_plugin_remoterss/lang_en.inc.php
@@ -26,4 +26,11 @@
@define('PLUGIN_REMOTERSS_DISPLAYDATE', 'Display Date');
@define('PLUGIN_REMOTERSS_DISPLAYDATE_BLAHBLAH', 'Display the date below the headline?');
+@define('PLUGIN_REMOTERSS_RSSLINK', 'Use RSS-Link?');
+@define('PLUGIN_REMOTERSS_RSSLINK_DESC', 'Shall a link be set to the link specified in the RSS feed?');
+@define('PLUGIN_REMOTERSS_RSSFIELD', 'RSS display element');
+@define('PLUGIN_REMOTERSS_RSSFIELD_DESC', 'Whic element of the RSS feed should be displayed? (i.e.: "title", "content:encoded", "description", ...)');
+@define('PLUGIN_REMOTERSS_RSSESCAPE', 'Escape HTML output');
+@define('PLUGIN_REMOTERSS_RSSESCAPE_DESC', 'If enabled, HTML in RSS-feeds will be escaped and no XSS is possible. If this option is disabled, HTML in the feeds can be interpretated. This is a possible security issue, if the embedded feed is not yours!');
+
?>
diff --git a/plugins/serendipity_plugin_remoterss/serendipity_plugin_remoterss.php b/plugins/serendipity_plugin_remoterss/serendipity_plugin_remoterss.php
index efd028f..b4027b7 100644
--- a/plugins/serendipity_plugin_remoterss/serendipity_plugin_remoterss.php
+++ b/plugins/serendipity_plugin_remoterss/serendipity_plugin_remoterss.php
@@ -47,6 +47,7 @@ class s9y_remoterss_XMLTree {
function GetXMLTree($file) {
require_once S9Y_PEAR_PATH . 'HTTP/Request.php';
+ serendipity_request_start();
$req = &new HTTP_Request($file);
if (PEAR::isError($req->sendRequest()) || $req->getResponseCode() != '200') {
@@ -55,6 +56,7 @@ class s9y_remoterss_XMLTree {
// Fetch file
$data = $req->getResponseBody();
}
+ serendipity_request_end();
// Global replacements
// by: waldo@wh-e.com - trim space around tags not within
@@ -255,18 +257,40 @@ class serendipity_plugin_remoterss extends serendipity_plugin {
$propbag->add('description', PLUGIN_REMOTERSS_BLAHBLAH);
$propbag->add('stackable', true);
$propbag->add('author', 'Udo Gerhards, Richard Thomas Harrison');
- $propbag->add('version', '1.5');
+ $propbag->add('version', '1.7');
$propbag->add('requirements', array(
'serendipity' => '0.8',
'smarty' => '2.6.7',
'php' => '4.1.0'
));
- $propbag->add('configuration', array('number', 'displaydate', 'dateformat', 'sidebartitle', 'rssuri', 'charset', 'target', 'cachetime', 'feedtype', 'bulletimg', 'markup'));
+ $propbag->add('configuration', array('number', 'use_rss_link', 'show_rss_element', 'escape_rss', 'displaydate', 'dateformat', 'sidebartitle', 'rssuri', 'charset', 'target', 'cachetime', 'feedtype', 'bulletimg', 'markup'));
$propbag->add('groups', array('FRONTEND_EXTERNAL_SERVICES'));
}
function introspect_config_item($name, &$propbag) {
switch($name) {
+
+ case 'use_rss_link':
+ $propbag->add('type', 'boolean');
+ $propbag->add('name', PLUGIN_REMOTERSS_RSSLINK);
+ $propbag->add('description', PLUGIN_REMOTERSS_RSSLINK_DESC);
+ $propbag->add('default', 'false');
+ break;
+
+ case 'escape_rss':
+ $propbag->add('type', 'boolean');
+ $propbag->add('name', PLUGIN_REMOTERSS_RSSESCAPE);
+ $propbag->add('description', PLUGIN_REMOTERSS_RSSESCAPE_DESC);
+ $propbag->add('default', 'true');
+ break;
+
+ case 'show_rss_element':
+ $propbag->add('type', 'string');
+ $propbag->add('name', PLUGIN_REMOTERSS_RSSFIELD);
+ $propbag->add('description', PLUGIN_REMOTERSS_RSSFIELD_DESC);
+ $propbag->add('default', 'title');
+ break;
+
case 'markup':
$propbag->add('type', 'boolean');
$propbag->add('name', DO_MARKUP);
@@ -376,22 +400,25 @@ class serendipity_plugin_remoterss extends serendipity_plugin {
// Disabled by now. May get enabled in the future, but for now the extra HTTP call isn't worth trying.
return true;
require_once S9Y_PEAR_PATH . 'HTTP/Request.php';
+ serendipity_request_start();
$req = &new HTTP_Request($uri);
-
+
if (PEAR::isError($req->sendRequest()) || !preg_match('@^[23]..@', $req->getResponseCode())) {
+ serendipity_request_end();
return false;
} else {
+ serendipity_request_end();
return true;
}
}
function debug($msg) {
static $debug = false;
-
+
if ($debug === false) {
return false;
}
-
+
$fp = fopen('rss.log', 'a');
fwrite($fp, '[' . date('Y-m-d H:i') . '] ' . $msg . "\n");
fclose($fp);
@@ -443,17 +470,35 @@ class serendipity_plugin_remoterss extends serendipity_plugin {
$c->parse($rssuri);
$this->encoding = $c->rss['encoding'];
+ $use_rss_link = serendipity_db_bool($this->get_config('use_rss_link'));
+ $rss_element = $this->get_config('show_rss_element');
+ $escape_rss = serendipity_db_bool($this->get_config('escape_rss'));
$i = 0;
$content = '';
while (($showAll || ($i < $number)) && ($item = $c->getNextItem())) {
if (empty($item['title'])) {
continue;
}
- $content .= '<a href="' . $this->decode($item['link']) . '" ' . (!empty($target) ? 'target="'.$target.'"' : '') . '>';
+
+ if ($use_rss_link) {
+ $content .= '<a href="' . $this->decode($item['link']) . '" ' . (!empty($target) ? 'target="'.$target.'"' : '') . '>';
+ }
+
if (!empty($bulletimg)) {
$content .= '<img src="' . $bulletimg . '" border="0" alt="*" /> ';
}
- $content .= $this->decode($item['title']) . "</a><br />\n";
+
+ if ($escape_rss) {
+ $content .= $this->decode($item[$rss_element]);
+ } else {
+ $content .= htmlspecialchars($this->decode($item[$rss_element]));
+ }
+
+ if ($use_rss_link) {
+ $content .= '</a>';
+ }
+
+ $content .= "<br />\n";
$item['timestamp'] = @strtotime(isset($item['pubdate']) ? $item['pubdate'] : $item['dc:date']);
if (!($item['timestamp'] == -1) AND ($displaydate == 'true')) {
$content .= '<div class="serendipitySideBarDate">'
@@ -589,9 +634,9 @@ class serendipity_plugin_remoterss extends serendipity_plugin {
} else {
return $string;
}
-
+
return $out;
-
+
case 'UTF-8':
default:
$out = utf8_decode($string);
diff --git a/serendipity_admin_image_selector.php b/serendipity_admin_image_selector.php
index ff11530..9320c56 100644
--- a/serendipity_admin_image_selector.php
+++ b/serendipity_admin_image_selector.php
@@ -98,6 +98,7 @@ switch ($serendipity['GET']['step']) {
$media['external'] = ob_get_contents();
ob_end_clean();
if (isset($created_thumbnail) && isset($image_id)) {
+ $media['is_uploaded'] = true;
$serendipity['GET']['image'] = $media['imgID'] = (int)$image_id; // $image_id is passed from images.inc.php
break;
} else {