Merge branch '729-move_data' into dev

To update, please follow instructions in https://github.com/FreshRSS/FreshRSS/issues/729

app/Controllers/userController.php

@@ -109,7 +109,8 @@ class FreshRSS_user_Controller extends Minz_ActionController {
 			require_once(APP_PATH . '/SQL/install.sql.' . $db['type'] . '.php');
 
 			$new_user_language = Minz_Request::param('new_user_language', FreshRSS_Context::$conf->language);
-			if (!in_array($new_user_language, FreshRSS_Context::$conf->availableLanguages())) {
+			$languages = FreshRSS_Context::$conf->availableLanguages();
+			if (!isset($languages[$new_user_language])) {
 				$new_user_language = FreshRSS_Context::$conf->language;
 			}
 
@@ -121,11 +122,10 @@ class FreshRSS_user_Controller extends Minz_ActionController {
 
 				$ok &= !in_array(strtoupper($new_user_name), array_map('strtoupper', listUsers()));	//Not an existing user, case-insensitive
 
-				$configPath = DATA_PATH . '/' . $new_user_name . '_user.php';
+				$configPath = join_path(DATA_PATH, 'users', $new_user_name, 'config.php');
 				$ok &= !file_exists($configPath);
 			}
 			if ($ok) {
-			
 				$passwordPlain = Minz_Request::param('new_user_passwordPlain', '', true);
 				$passwordHash = '';
 				if ($passwordPlain != '') {
@@ -147,12 +147,13 @@ class FreshRSS_user_Controller extends Minz_ActionController {
 				if (empty($new_user_email)) {
 					$new_user_email = '';
 				} else {
-					$personaFile = DATA_PATH . '/persona/' . $new_user_email . '.txt';
+					$personaFile = join_path(DATA_PATH, 'persona', $new_user_email . '.txt');
 					@unlink($personaFile);
 					$ok &= (file_put_contents($personaFile, $new_user_name) !== false);
 				}
 			}
 			if ($ok) {
+				mkdir(join_path(DATA_PATH, 'users', $new_user_name));
 				$config_array = array(
 					'language' => $new_user_language,
 					'passwordHash' => $passwordHash,
@@ -183,18 +184,18 @@ class FreshRSS_user_Controller extends Minz_ActionController {
 
 			$username = Minz_Request::param('username');
 			$ok = ctype_alnum($username);
+			$user_data = join_path(DATA_PATH, 'users', $username);
 
 			if ($ok) {
 				$ok &= (strcasecmp($username, Minz_Configuration::defaultUser()) !== 0);	//It is forbidden to delete the default user
 			}
 			if ($ok) {
-				$configPath = DATA_PATH . '/' . $username . '_user.php';
-				$ok &= file_exists($configPath);
+				$ok &= is_dir($user_data);
 			}
 			if ($ok) {
 				$userDAO = new FreshRSS_UserDAO();
 				$ok &= $userDAO->deleteUser($username);
-				$ok &= unlink($configPath);
+				$ok &= recursive_unlink($user_data);
 				//TODO: delete Persona file
 			}
 			invalidateHttpCache();

app/Models/Configuration.php

@@ -74,7 +74,7 @@ class FreshRSS_Configuration {
 	private $shares;
 
 	public function __construct($user) {
-		$this->filename = DATA_PATH . DIRECTORY_SEPARATOR . $user . '_user.php';
+		$this->filename = join_path(DATA_PATH, 'users', $user, 'config.php');
 
 		$data = @include($this->filename);
 		if (!is_array($data)) {
@@ -89,7 +89,7 @@ class FreshRSS_Configuration {
 		}
 		$this->data['user'] = $user;
 
-		$this->shares = DATA_PATH . DIRECTORY_SEPARATOR . 'shares.php';
+		$this->shares = join_path(DATA_PATH, 'shares.php');
 
 		$shares = @include($this->shares);
 		if (!is_array($shares)) {

app/Models/EntryDAOSQLite.php

@@ -169,6 +169,6 @@ class FreshRSS_EntryDAOSQLite extends FreshRSS_EntryDAO {
 	}
 
 	public function size($all = false) {
-		return @filesize(DATA_PATH . '/' . $this->current_user . '.sqlite');
+		return @filesize(join_path(DATA_PATH, 'users', $this->current_user, 'db.sqlite'));
 	}
 }

app/Models/LogDAO.php

@@ -3,7 +3,7 @@
 class FreshRSS_LogDAO {
 	public static function lines() {
 		$logs = array();
-		$handle = @fopen(LOG_PATH . '/' . Minz_Session::param('currentUser', '_') . '.log', 'r');
+		$handle = @fopen(join_path(DATA_PATH, 'users', Minz_Session::param('currentUser', '_'), 'log.txt'), 'r');
 		if ($handle) {
 			while (($line = fgets($handle)) !== false) {
 				if (preg_match('/^\[([^\[]+)\] \[([^\[]+)\] --- (.*)$/', $line, $matches)) {
@@ -20,6 +20,6 @@ class FreshRSS_LogDAO {
 	}
 
 	public static function truncate() {
-		file_put_contents(LOG_PATH . '/' . Minz_Session::param('currentUser', '_') . '.log', '');
+		file_put_contents(join_path(DATA_PATH, 'users', Minz_Session::param('currentUser', '_'), 'log.txt'), '');
 	}
 }

app/Models/UserDAO.php

@@ -38,7 +38,7 @@ class FreshRSS_UserDAO extends Minz_ModelPdo {
 		require_once(APP_PATH . '/SQL/install.sql.' . $db['type'] . '.php');
 
 		if ($db['type'] === 'sqlite') {
-			return unlink(DATA_PATH . '/' . $username . '.sqlite');
+			return unlink(join_path(DATA_PATH, 'users', $username, 'db.sqlite'));
 		} else {
 			$userPDO = new Minz_ModelPdo($username);
 
@@ -55,14 +55,14 @@ class FreshRSS_UserDAO extends Minz_ModelPdo {
 	}
 
 	public static function exist($username) {
-		return file_exists(DATA_PATH . '/' . $username . '_user.php');
+		return is_dir(join_path(DATA_PATH , 'users', $username));
 	}
 
 	public static function touch($username) {
-		return touch(DATA_PATH . '/' . $username . '_user.php');
+		return touch(join_path(DATA_PATH , 'users', $username, 'config.php'));
 	}
 
 	public static function mtime($username) {
-		return @filemtime(DATA_PATH . '/' . $username . '_user.php');
+		return @filemtime(join_path(DATA_PATH , 'users', $username, 'config.php'));
 	}
 }

app/actualize_script.php

@@ -56,9 +56,9 @@ foreach ($users as $myUser) {
 	$freshRSS->run();
 
 	if (!invalidateHttpCache()) {
-		syslog(LOG_NOTICE, 'FreshRSS write access problem in ' . LOG_PATH . '/*.log!');
+		syslog(LOG_NOTICE, 'FreshRSS write access problem in ' . USERS_PATH . '/*/log.txt!');
 		if (defined('STDERR')) {
-			fwrite(STDERR, 'Write access problem in ' . LOG_PATH . '/*.log!' . "\n");
+			fwrite(STDERR, 'Write access problem in ' . USERS_PATH . '/*/log.txt!' . "\n");
 		}
 	}
 	Minz_Session::unset_session(true);

app/i18n/en/install.php

@@ -3,6 +3,7 @@
 return array(
 	'action' => array(
 		'finish' => 'Complete installation',
+		'fix_errors_before' => 'Fix errors before skip to the next step.',
 		'next_step' => 'Go to the next step',
 	),
 	'auth' => array(
@@ -57,10 +58,6 @@ return array(
 			'nok' => 'Please check that you are not altering your HTTP REFERER.',
 			'ok' => 'Your HTTP REFERER is known and corresponds to your server.',
 		),
-		'logs' => array(
-			'nok' => 'Check permissions on <em>./data/logs</em> directory. HTTP server must have rights to write into',
-			'ok' => 'Permissions on logs directory are good.',
-		),
 		'minz' => array(
 			'nok' => 'You lack the Minz framework.',
 			'ok' => 'You have the Minz framework.',
@@ -81,6 +78,10 @@ return array(
 			'nok' => 'Your PHP version is %s but FreshRSS requires at least version %s.',
 			'ok' => 'Your PHP version is %s, which is compatible with FreshRSS.',
 		),
+		'users' => array(
+			'nok' => 'Check permissions on <em>./data/users</em> directory. HTTP server must have rights to write into',
+			'ok' => 'Permissions on users directory are good.',
+		),
 	),
 	'conf' => array(
 		'_' => 'General configuration',

app/i18n/fr/install.php

@@ -3,6 +3,7 @@
 return array(
 	'action' => array(
 		'finish' => 'Terminer l’installation',
+		'fix_errors_before' => 'Veuillez corriger les erreurs avant de passer à l’étape suivante.',
 		'next_step' => 'Passer à l’étape suivante',
 	),
 	'auth' => array(
@@ -57,10 +58,6 @@ return array(
 			'nok' => 'Veuillez vérifier que vous ne modifiez pas votre HTTP REFERER.',
 			'ok' => 'Le HTTP REFERER est connu et semble correspondre à votre serveur.',
 		),
-		'logs' => array(
-			'nok' => 'Veuillez vérifier les droits sur le répertoire <em>./data/logs</em>. Le serveur HTTP doit être capable d’écrire dedans',
-			'ok' => 'Les droits sur le répertoire des logs sont bons.',
-		),
 		'minz' => array(
 			'nok' => 'Vous ne disposez pas de la librairie Minz.',
 			'ok' => 'Vous disposez du framework Minz',
@@ -81,6 +78,10 @@ return array(
 			'nok' => 'Votre version de PHP est la %s mais FreshRSS requiert au moins la version %s.',
 			'ok' => 'Votre version de PHP est la %s, qui est compatible avec FreshRSS.',
 		),
+		'users' => array(
+			'nok' => 'Veuillez vérifier les droits sur le répertoire <em>./data/users</em>. Le serveur HTTP doit être capable d’écrire dedans',
+			'ok' => 'Les droits sur le répertoire des utilisateurs sont bons.',
+		),
 	),
 	'conf' => array(
 		'_' => 'Configuration générale',

app/install.php

@@ -132,12 +132,17 @@ function saveStep2() {
 			'token' => $token,
 		);
 
-		$configPath = DATA_PATH . '/' . $_SESSION['default_user'] . '_user.php';
-		@unlink($configPath);	//To avoid access-rights problems
-		file_put_contents($configPath, "<?php\n return " . var_export($config_array, true) . ';');
+		// Create default user files but first, we delete previous data to
+		// avoid access right problems.
+		$user_dir = join_path(USERS_PATH, $_SESSION['default_user']);
+		$user_config_path = join_path($user_dir, 'config.php');
+
+		recursive_unlink($user_dir);
+		mkdir($user_dir);
+		file_put_contents($user_config_path, "<?php\n return " . var_export($config_array, true) . ';');
 
 		if ($_SESSION['mail_login'] != '') {
-			$personaFile = DATA_PATH . '/persona/' . $_SESSION['mail_login'] . '.txt';
+			$personaFile = join_path(DATA_PATH, 'persona', $_SESSION['mail_login'] . '.txt');
 			@unlink($personaFile);
 			file_put_contents($personaFile, $_SESSION['default_user']);
 		}
@@ -193,8 +198,8 @@ function saveStep3() {
 			),
 		);
 
-		@unlink(DATA_PATH . '/config.php');	//To avoid access-rights problems
-		file_put_contents(DATA_PATH . '/config.php', "<?php\n return " . var_export($ini_array, true) . ';');
+		@unlink(join_path(DATA_PATH, 'config.php'));	//To avoid access-rights problems
+		file_put_contents(join_path(DATA_PATH, 'config.php'), "<?php\n return " . var_export($ini_array, true) . ';');
 
 		$res = checkBD();
 
@@ -217,7 +222,7 @@ function newPdo() {
 		);
 		break;
 	case 'sqlite':
-		$str = 'sqlite:' . DATA_PATH . '/' . $_SESSION['default_user'] . '.sqlite';
+		$str = 'sqlite:' . join_path(USERS_PATH, $_SESSION['default_user'], 'db.sqlite');
 		$driver_options = array(
 			PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
 		);
@@ -229,7 +234,7 @@ function newPdo() {
 }
 
 function deleteInstall() {
-	$res = unlink(DATA_PATH . '/do-install.txt');
+	$res = unlink(join_path(DATA_PATH, 'do-install.txt'));
 
 	if (!$res) {
 		return false;
@@ -270,7 +275,7 @@ function checkStep0() {
 
 function checkStep1() {
 	$php = version_compare(PHP_VERSION, '5.2.1') >= 0;
-	$minz = file_exists(LIB_PATH . '/Minz');
+	$minz = file_exists(join_path(LIB_PATH, 'Minz'));
 	$curl = extension_loaded('curl');
 	$pdo_mysql = extension_loaded('pdo_mysql');
 	$pdo_sqlite = extension_loaded('pdo_sqlite');
@@ -280,9 +285,9 @@ function checkStep1() {
 	$dom = class_exists('DOMDocument');
 	$data = DATA_PATH && is_writable(DATA_PATH);
 	$cache = CACHE_PATH && is_writable(CACHE_PATH);
-	$log = LOG_PATH && is_writable(LOG_PATH);
-	$favicons = is_writable(DATA_PATH . '/favicons');
-	$persona = is_writable(DATA_PATH . '/persona');
+	$users = USERS_PATH && is_writable(USERS_PATH);
+	$favicons = is_writable(join_path(DATA_PATH, 'favicons'));
+	$persona = is_writable(join_path(DATA_PATH, 'persona'));
 	$http_referer = is_referer_from_same_domain();
 
 	return array(
@@ -297,12 +302,12 @@ function checkStep1() {
 		'dom' => $dom ? 'ok' : 'ko',
 		'data' => $data ? 'ok' : 'ko',
 		'cache' => $cache ? 'ok' : 'ko',
-		'log' => $log ? 'ok' : 'ko',
+		'users' => $users ? 'ok' : 'ko',
 		'favicons' => $favicons ? 'ok' : 'ko',
 		'persona' => $persona ? 'ok' : 'ko',
 		'http_referer' => $http_referer ? 'ok' : 'ko',
 		'all' => $php && $minz && $curl && $pdo && $pcre && $ctype && $dom &&
-		         $data && $cache && $log && $favicons && $persona && $http_referer ?
+		         $data && $cache && $users && $favicons && $persona && $http_referer ?
 		         'ok' : 'ko'
 	);
 }
@@ -327,7 +332,7 @@ function checkStep2() {
 	if ($defaultUser === null) {
 		$defaultUser = empty($_SESSION['default_user']) ? '' : $_SESSION['default_user'];
 	}
-	$data = is_writable(DATA_PATH . '/' . $defaultUser . '_user.php');
+	$data = is_writable(join_path(USERS_PATH, $defaultUser, 'config.php'));
 
 	return array(
 		'conf' => $conf ? 'ok' : 'ko',
@@ -339,7 +344,7 @@ function checkStep2() {
 }
 
 function checkStep3() {
-	$conf = is_writable(DATA_PATH . '/config.php');
+	$conf = is_writable(join_path(DATA_PATH, 'config.php'));
 
 	$bd = isset($_SESSION['bd_type']) &&
 	      isset($_SESSION['bd_host']) &&
@@ -382,7 +387,7 @@ function checkBD() {
 			$str = 'mysql:host=' . $_SESSION['bd_host'] . ';dbname=' . $_SESSION['bd_base'];
 			break;
 		case 'sqlite':
-			$str = 'sqlite:' . DATA_PATH . '/' . $_SESSION['default_user'] . '.sqlite';
+			$str = 'sqlite:' . join_path(USERS_PATH, $_SESSION['default_user'], 'db.sqlite');
 			$driver_options = array(
 				PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
 			);
@@ -414,7 +419,7 @@ function checkBD() {
 	}
 
 	if (!$ok) {
-		@unlink(DATA_PATH . '/config.php');
+		@unlink(join_path(DATA_PATH, 'config.php'));
 	}
 
 	return $ok;
@@ -470,7 +475,7 @@ function printStep1() {
 	<?php if ($res['minz'] == 'ok') { ?>
 	<p class="alert alert-success"><span class="alert-head"><?php echo _t('gen.short.ok'); ?></span> <?php echo _t('install.check.minz.ok'); ?></p>
 	<?php } else { ?>
-	<p class="alert alert-error"><span class="alert-head"><?php echo _t('gen.short.damn'); ?></span> <?php echo _t('install.check.minz.nok', LIB_PATH . '/Minz'); ?></p>
+	<p class="alert alert-error"><span class="alert-head"><?php echo _t('gen.short.damn'); ?></span> <?php echo _t('install.check.minz.nok', join_path(LIB_PATH, 'Minz')); ?></p>
 	<?php } ?>
 
 	<?php if ($res['pdo'] == 'ok') { ?>
@@ -516,10 +521,10 @@ function printStep1() {
 	<p class="alert alert-error"><span class="alert-head"><?php echo _t('gen.short.damn'); ?></span> <?php echo _t('install.check.cache.nok', CACHE_PATH); ?></p>
 	<?php } ?>
 
-	<?php if ($res['log'] == 'ok') { ?>
-	<p class="alert alert-success"><span class="alert-head"><?php echo _t('gen.short.ok'); ?></span> <?php echo _t('install.check.logs.ok'); ?></p>
+	<?php if ($res['users'] == 'ok') { ?>
+	<p class="alert alert-success"><span class="alert-head"><?php echo _t('gen.short.ok'); ?></span> <?php echo _t('install.check.users.ok'); ?></p>
 	<?php } else { ?>
-	<p class="alert alert-error"><span class="alert-head"><?php echo _t('gen.short.damn'); ?></span> <?php echo _t('install.check.logs.nok', LOG_PATH); ?></p>
+	<p class="alert alert-error"><span class="alert-head"><?php echo _t('gen.short.damn'); ?></span> <?php echo _t('install.check.users.nok', USERS_PATH); ?></p>
 	<?php } ?>
 
 	<?php if ($res['favicons'] == 'ok') { ?>

constants.php

@@ -16,7 +16,7 @@ define('FRESHRSS_PATH', dirname(__FILE__));
 
 	define('DATA_PATH', FRESHRSS_PATH . '/data');
 		define('UPDATE_FILENAME', DATA_PATH . '/update.php');
-		define('LOG_PATH', DATA_PATH . '/log');
+		define('USERS_PATH', DATA_PATH . '/users');
 		define('CACHE_PATH', DATA_PATH . '/cache');
 
 	define('LIB_PATH', FRESHRSS_PATH . '/lib');

data/.gitignore

@@ -1,6 +1,5 @@
 application.ini
 config.php
-*_user.php
 *.sqlite
 touch.txt
 no-cache.txt

data/log/.gitignore

@@ -1 +0,0 @@
-*.log

data/users/.gitignore

@@ -0,0 +1,4 @@
+db.sqlite
+config.php
+log.txt
+

lib/Minz/FrontController.php

@@ -30,10 +30,6 @@ class Minz_FrontController {
 	 * Initialise le dispatcher, met à jour la Request
 	 */
 	public function __construct () {
-		if (LOG_PATH === false) {
-			$this->killApp ('Path not found: LOG_PATH');
-		}
-
 		try {
 			Minz_Configuration::init ();
 

lib/Minz/Log.php

@@ -28,7 +28,7 @@ class Minz_Log {
 	 * 	- level = NOTICE et environment = PRODUCTION
 	 * @param $information message d'erreur / information à enregistrer
 	 * @param $level niveau d'erreur
-	 * @param $file_name fichier de log, par défaut LOG_PATH/application.log
+	 * @param $file_name fichier de log
 	 */
 	public static function record ($information, $level, $file_name = null) {
 		$env = Minz_Configuration::environment ();
@@ -37,7 +37,7 @@ class Minz_Log {
 		       || ($env === Minz_Configuration::PRODUCTION
 		       && ($level >= Minz_Log::NOTICE)))) {
 			if ($file_name === null) {
-				$file_name = LOG_PATH . '/' . Minz_Session::param('currentUser', '_') . '.log';
+				$file_name = join_path(USERS_PATH, Minz_Session::param('currentUser', '_'), 'log.txt');
 			}
 
 			switch ($level) {
@@ -71,7 +71,7 @@ class Minz_Log {
 	 * Automatise le log des variables globales $_GET et $_POST
 	 * Fait appel à la fonction record(...)
 	 * Ne fonctionne qu'en environnement "development"
-	 * @param $file_name fichier de log, par défaut LOG_PATH/application.log
+	 * @param $file_name fichier de log
 	 */
 	public static function recordRequest($file_name = null) {
 		$msg_get = str_replace("\n", '', '$_GET content : ' . print_r($_GET, true));

lib/Minz/ModelPdo.php

@@ -63,7 +63,7 @@ class Minz_ModelPdo {
 				);
 				$this->prefix = $db['prefix'] . $currentUser . '_';
 			} elseif ($type === 'sqlite') {
-				$string = 'sqlite:' . DATA_PATH . '/' . $currentUser . '.sqlite';
+				$string = 'sqlite:' . join_path(DATA_PATH, 'users', $currentUser, 'db.sqlite');
 				$driver_options = array(
 					//PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
 				);

lib/lib_rss.php

@@ -15,6 +15,17 @@ if (!function_exists('json_encode')) {
 	}
 }
 
+/**
+ * Build a directory path by concatenating a list of directory names.
+ *
+ * @param $path_parts a list of directory names
+ * @return a string corresponding to the final pathname
+ */
+function join_path() {
+	$path_parts = func_get_args();
+	return join(DIRECTORY_SEPARATOR, $path_parts);
+}
+
 //<Auto-loading>
 function classAutoloader($class) {
 	if (strpos($class, 'FreshRSS') === 0) {
@@ -205,19 +216,24 @@ function uSecString() {
 
 function invalidateHttpCache() {
 	Minz_Session::_param('touch', uTimeString());
-	return touch(LOG_PATH . '/' . Minz_Session::param('currentUser', '_') . '.log');
+	return touch(join_path(DATA_PATH, 'users', Minz_Session::param('currentUser', '_'), 'log.txt'));
 }
 
-function usernameFromPath($userPath) {
-	if (preg_match('%/([A-Za-z0-9]{1,16})_user\.php$%', $userPath, $matches)) {
-		return $matches[1];
-	} else {
-		return '';
+function listUsers() {
+	$final_list = array();
+	$base_path = join_path(DATA_PATH, 'users');
+	$dir_list = array_values(array_diff(
+		scandir($base_path),
+		array('..', '.', '_')
+	));
+
+	foreach ($dir_list as $file) {
+		if (is_dir(join_path($base_path, $file))) {
+			$final_list[] = $file;
+		}
 	}
-}
 
-function listUsers() {
-	return array_map('usernameFromPath', glob(DATA_PATH . '/*_user.php'));
+	return $final_list;
 }
 
 function httpAuthUser() {
@@ -284,7 +300,7 @@ function check_install_files() {
 	return array(
 		'data' => DATA_PATH && is_writable(DATA_PATH),
 		'cache' => CACHE_PATH && is_writable(CACHE_PATH),
-		'logs' => LOG_PATH && is_writable(LOG_PATH),
+		'users' => USERS_PATH && is_writable(USERS_PATH),
 		'favicons' => is_writable(DATA_PATH . '/favicons'),
 		'persona' => is_writable(DATA_PATH . '/persona'),
 		'tokens' => is_writable(DATA_PATH . '/tokens'),

p/api/greader.php

@@ -77,7 +77,7 @@ class MyPDO extends Minz_ModelPdo {
 }
 
 function logMe($text) {
-	file_put_contents(LOG_PATH . '/api.log', $text, FILE_APPEND);
+	file_put_contents(join_path(USERS_PATH, '_', 'log_api.txt'), $text, FILE_APPEND);
 }
 
 function debugInfo() {

p/i/index.php

@@ -32,8 +32,8 @@ if (file_exists(DATA_PATH . '/do-install.txt')) {
 		require(LIB_PATH . '/http-conditional.php');
 		$currentUser = Minz_Session::param('currentUser', '');
 		$dateLastModification = $currentUser === '' ? time() : max(
-			@filemtime(LOG_PATH . '/' . $currentUser . '.log'),
-			@filemtime(DATA_PATH . '/config.php')
+			@filemtime(join_path(USERS_PATH, $currentUser, 'log.txt')),
+			@filemtime(join_path(DATA_PATH . 'config.php'))
 		);
 		if (httpConditional($dateLastModification, 0, 0, false, PHP_COMPRESSION, true)) {
 			exit();	//No need to send anything