X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=src%2FApp%2FPage.php;h=96bb59425efd151f405bd025d41dfb98a1058f70;hb=e659a0314086dd700dbe5e754e383ab758725805;hp=c9beb0d484a7ecd4404f9e668fad8d6040275000;hpb=b3f9cef94a7be372428767125f85b7fec085b460;p=friendica.git diff --git a/src/App/Page.php b/src/App/Page.php index c9beb0d484..96bb59425e 100644 --- a/src/App/Page.php +++ b/src/App/Page.php @@ -1,6 +1,6 @@ '', 'template' => '', 'title' => '', + 'section' => '', + 'module' => '', ]; /** * @var string The basepath of the page @@ -116,76 +118,40 @@ class Page implements ArrayAccess } } + // ArrayAccess interface + /** - * Whether a offset exists - * - * @link https://php.net/manual/en/arrayaccess.offsetexists.php - * - * @param mixed $offset

- * An offset to check for. - *

- * - * @return boolean true on success or false on failure. - *

- *

- * The return value will be casted to boolean if non-boolean was returned. - * @since 5.0.0 + * @inheritDoc */ - public function offsetExists($offset) + #[\ReturnTypeWillChange] + public function offsetExists($offset): bool { return isset($this->page[$offset]); } /** - * Offset to retrieve - * - * @link https://php.net/manual/en/arrayaccess.offsetget.php - * - * @param mixed $offset

- * The offset to retrieve. - *

- * - * @return mixed Can return all value types. - * @since 5.0.0 + * @inheritDoc */ + #[\ReturnTypeWillChange] public function offsetGet($offset) { return $this->page[$offset] ?? null; } /** - * Offset to set - * - * @link https://php.net/manual/en/arrayaccess.offsetset.php - * - * @param mixed $offset

- * The offset to assign the value to. - *

- * @param mixed $value

- * The value to set. - *

- * - * @return void - * @since 5.0.0 + * @inheritDoc */ - public function offsetSet($offset, $value) + #[\ReturnTypeWillChange] + public function offsetSet($offset, $value): void { $this->page[$offset] = $value; } /** - * Offset to unset - * - * @link https://php.net/manual/en/arrayaccess.offsetunset.php - * - * @param mixed $offset

- * The offset to unset. - *

- * - * @return void - * @since 5.0.0 + * @inheritDoc */ - public function offsetUnset($offset) + #[\ReturnTypeWillChange] + public function offsetUnset($offset): void { if (isset($this->page[$offset])) { unset($this->page[$offset]); @@ -222,17 +188,18 @@ class Page implements ArrayAccess * - Infinite scroll data * - head.tpl template * - * @param App $app The Friendica App instance - * @param Arguments $args The Friendica App Arguments - * @param L10n $l10n The l10n language instance - * @param IManageConfigValues $config The Friendica configuration - * @param IManagePersonalConfigValues $pConfig The Friendica personal configuration (for user) + * @param App $app The Friendica App instance + * @param Arguments $args The Friendica App Arguments + * @param L10n $l10n The l10n language instance + * @param IManageConfigValues $config The Friendica configuration + * @param IManagePersonalConfigValues $pConfig The Friendica personal configuration (for user) + * @param int $localUID The local user id * * @throws HTTPException\InternalServerErrorException */ - private function initHead(App $app, Arguments $args, L10n $l10n, IManageConfigValues $config, IManagePersonalConfigValues $pConfig) + private function initHead(App $app, Arguments $args, L10n $l10n, IManageConfigValues $config, IManagePersonalConfigValues $pConfig, int $localUID) { - $interval = ((DI::userSession()->getLocalUserId()) ? $pConfig->get(DI::userSession()->getLocalUserId(), 'system', 'update_interval') : 40000); + $interval = ($localUID ? $pConfig->get($localUID, 'system', 'update_interval') : 40000); // If the update is 'deactivated' set it to the highest integer number (~24 days) if ($interval < 0) { @@ -277,15 +244,44 @@ class Page implements ArrayAccess * being first */ $this->page['htmlhead'] = Renderer::replaceMacros($tpl, [ - '$local_user' => DI::userSession()->getLocalUserId(), + '$l10n' => [ + 'delitem' => $l10n->t('Delete this item?'), + 'blockAuthor' => $l10n->t('Block this author? They won\'t be able to follow you nor see your public posts, and you won\'t be able to see their posts and their notifications.'), + 'ignoreAuthor' => $l10n->t('Ignore this author? You won\'t be able to see their posts and their notifications.'), + 'collapseAuthor' => $l10n->t('Collapse this author\'s posts?'), + + 'likeError' => $l10n->t('Like not successful'), + 'dislikeError' => $l10n->t('Dislike not successful'), + 'announceError' => $l10n->t('Sharing not successful'), + 'attendError' => $l10n->t('Attendance unsuccessful'), + 'srvError' => $l10n->t('Backend error'), + 'netError' => $l10n->t('Network error'), + + // Dropzone + 'dictDefaultMessage' => $l10n->t('Drop files here to upload'), + 'dictFallbackMessage' => $l10n->t("Your browser does not support drag and drop file uploads."), + 'dictFallbackText' => $l10n->t('Please use the fallback form below to upload your files like in the olden days.'), + 'dictFileTooBig' => $l10n->t('File is too big ({{filesize}}MiB). Max filesize: {{maxFilesize}}MiB.'), + 'dictInvalidFileType' => $l10n->t("You can't upload files of this type."), + 'dictResponseError' => $l10n->t('Server responded with {{statusCode}} code.'), + 'dictCancelUpload' => $l10n->t('Cancel upload'), + 'dictUploadCanceled' => $l10n->t('Upload canceled.'), + 'dictCancelUploadConfirmation' => $l10n->t('Are you sure you want to cancel this upload?'), + 'dictRemoveFile' => $l10n->t('Remove file'), + 'dictMaxFilesExceeded' => $l10n->t("You can't upload any more files."), + ], + + '$local_user' => $localUID, '$generator' => 'Friendica' . ' ' . App::VERSION, - '$delitem' => $l10n->t('Delete this item?'), - '$blockAuthor' => $l10n->t('Block this author? They won\'t be able to follow you nor see your public posts, and you won\'t be able to see their posts and their notifications.'), '$update_interval' => $interval, '$shortcut_icon' => $shortcut_icon, '$touch_icon' => $touch_icon, '$block_public' => intval($config->get('system', 'block_public')), '$stylesheets' => $this->stylesheets, + + // Dropzone + '$max_imagesize' => round(\Friendica\Util\Strings::getBytesFromShorthand($config->get('system', 'maximagesize')) / 1000000, 1), + ]) . $this->page['htmlhead']; } @@ -310,12 +306,12 @@ class Page implements ArrayAccess } return $pageURL; } - + /** * Initializes Page->page['footer']. * * Includes: - * - Javascript homebase + * - JavaScript homebase * - Mobile toggle link * - Registered footer scripts (through App->registerFooterScript()) * - footer.tpl template @@ -442,12 +438,16 @@ class Page implements ArrayAccess * @param Mode $mode The current node mode * @param ResponseInterface $response The Response of the module class, including type, content & headers * @param L10n $l10n The l10n language class + * @param Profiler $profiler * @param IManageConfigValues $config The Configuration of this node * @param IManagePersonalConfigValues $pconfig The personal/user configuration - * - * @throws HTTPException\InternalServerErrorException|HTTPException\ServiceUnavailableException + * @param Nav $nav + * @param int $localUID + * @throws HTTPException\MethodNotAllowedException + * @throws HTTPException\InternalServerErrorException + * @throws HTTPException\ServiceUnavailableException */ - public function run(App $app, BaseURL $baseURL, Arguments $args, Mode $mode, ResponseInterface $response, L10n $l10n, Profiler $profiler, IManageConfigValues $config, IManagePersonalConfigValues $pconfig) + public function run(App $app, BaseURL $baseURL, Arguments $args, Mode $mode, ResponseInterface $response, L10n $l10n, Profiler $profiler, IManageConfigValues $config, IManagePersonalConfigValues $pconfig, Nav $nav, int $localUID) { $moduleName = $args->getModuleName(); @@ -481,7 +481,7 @@ class Page implements ArrayAccess * all the module functions have executed so that all * theme choices made by the modules can take effect. */ - $this->initHead($app, $args, $l10n, $config, $pconfig); + $this->initHead($app, $args, $l10n, $config, $pconfig, $localUID); /* Build the page ending -- this is stuff that goes right before * the closing tag @@ -497,21 +497,7 @@ class Page implements ArrayAccess // Add the navigation (menu) template if ($moduleName != 'install' && $moduleName != 'maintenance') { $this->page['htmlhead'] .= Renderer::replaceMacros(Renderer::getMarkupTemplate('nav_head.tpl'), []); - $this->page['nav'] = Nav::build($app); - } - - foreach ($response->getHeaders() as $key => $header) { - if (is_array($header)) { - $header_str = implode(',', $header); - } else { - $header_str = $header; - } - - if (empty($key)) { - header($header_str); - } else { - header("$key: $header_str"); - } + $this->page['nav'] = $nav->getHtml(); } // Build the page - now that we have all the components @@ -523,7 +509,7 @@ class Page implements ArrayAccess $content = mb_convert_encoding($this->page["content"], 'HTML-ENTITIES', "UTF-8"); - /// @TODO one day, kill those error-surpressing @ stuff, or PHP should ban it + /// @TODO one day, kill those error-suppressing @ stuff, or PHP should ban it @$doc->loadHTML($content); $xpath = new DOMXPath($doc); @@ -544,10 +530,15 @@ class Page implements ArrayAccess $page = $this->page; + // add and escape some common but crucial content for direct "echo" in HTML (security) + $page['title'] = htmlspecialchars($page['title'] ?? ''); + $page['section'] = htmlspecialchars($args->get(0) ?? 'generic'); + $page['module'] = htmlspecialchars($args->getModuleName() ?? ''); + header("X-Friendica-Version: " . App::VERSION); header("Content-type: text/html; charset=utf-8"); - if ($config->get('system', 'hsts') && ($baseURL->getSSLPolicy() == BaseURL::SSL_POLICY_FULL)) { + if ($config->get('system', 'hsts') && ($baseURL->getScheme() === 'https')) { header("Strict-Transport-Security: max-age=31536000"); } @@ -579,6 +570,10 @@ class Page implements ArrayAccess // Used as is in view/php/default.php $lang = $l10n->getCurrentLang(); + ob_start(); require_once $template; + $body = ob_get_clean(); + + return $response->withBody(Utils::streamFor($body)); } }