From 4c46702672631c0cf84067d6f2c55b3bfda1db6f Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Thu, 19 Nov 2015 20:05:17 +0300 Subject: [PATCH] drop support for (obsolete, removed from recent php versions) php safe_mode setting remove ugly hacks for curl + open_basedir combination breaking support for http redirects --- include/functions.php | 15 ++----- include/functions2.php | 71 --------------------------------- include/sanity_check.php | 8 +--- install/index.php | 10 ++--- plugins/af_readability/init.php | 3 +- plugins/af_redditimgur/init.php | 3 +- plugins/af_tumblr_1280/init.php | 8 ++-- plugins/af_unburn/init.php | 59 ++------------------------- 8 files changed, 17 insertions(+), 160 deletions(-) mode change 100644 => 100755 include/functions.php mode change 100644 => 100755 include/sanity_check.php mode change 100644 => 100755 install/index.php mode change 100644 => 100755 plugins/af_readability/init.php mode change 100644 => 100755 plugins/af_tumblr_1280/init.php mode change 100644 => 100755 plugins/af_unburn/init.php diff --git a/include/functions.php b/include/functions.php old mode 100644 new mode 100755 index 92d6e9790..8d1c2a625 --- a/include/functions.php +++ b/include/functions.php @@ -351,16 +351,7 @@ $fetch_curl_used = true; - if (ini_get("safe_mode") || ini_get("open_basedir") || defined("FORCE_GETURL")) { - $new_url = geturl($url); - if (!$new_url) { - // geturl has already populated $fetch_last_error - return false; - } - $ch = curl_init($new_url); - } else { - $ch = curl_init($url); - } + $ch = curl_init($url); if ($timestamp && !$post_query) { curl_setopt($ch, CURLOPT_HTTPHEADER, @@ -369,7 +360,7 @@ curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $timeout ? $timeout : FILE_FETCH_CONNECT_TIMEOUT); curl_setopt($ch, CURLOPT_TIMEOUT, $timeout ? $timeout : FILE_FETCH_TIMEOUT); - curl_setopt($ch, CURLOPT_FOLLOWLOCATION, !ini_get("safe_mode") && !ini_get("open_basedir")); + curl_setopt($ch, CURLOPT_FOLLOWLOCATION, !ini_get("open_basedir")); curl_setopt($ch, CURLOPT_MAXREDIRS, 20); curl_setopt($ch, CURLOPT_BINARYTRANSFER, true); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); @@ -379,7 +370,7 @@ curl_setopt($ch, CURLOPT_ENCODING, ""); //curl_setopt($ch, CURLOPT_REFERER, $url); - if (!ini_get("safe_mode") && !ini_get("open_basedir")) { + if (!ini_get("open_basedir")) { curl_setopt($ch, CURLOPT_COOKIEJAR, "/dev/null"); } diff --git a/include/functions2.php b/include/functions2.php index 51759aea9..779688716 100755 --- a/include/functions2.php +++ b/include/functions2.php @@ -2249,77 +2249,6 @@ return in_array($interface, class_implements($class)); } - function geturl($url, $depth = 0, $nobody = true){ - - if ($depth == 20) return $url; - - if (!function_exists('curl_init')) - return user_error('CURL Must be installed for geturl function to work. Ask your host to enable it or uncomment extension=php_curl.dll in php.ini', E_USER_ERROR); - - $curl = curl_init(); - $header[0] = "Accept: text/xml,application/xml,application/xhtml+xml,"; - $header[0] .= "text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5"; - $header[] = "Cache-Control: max-age=0"; - $header[] = "Connection: keep-alive"; - $header[] = "Keep-Alive: 300"; - $header[] = "Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7"; - $header[] = "Accept-Language: en-us,en;q=0.5"; - $header[] = "Pragma: "; - - curl_setopt($curl, CURLOPT_URL, $url); - curl_setopt($curl, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0 Firefox/5.0'); - curl_setopt($curl, CURLOPT_HTTPHEADER, $header); - curl_setopt($curl, CURLOPT_HEADER, true); - curl_setopt($curl, CURLOPT_NOBODY, $nobody); - curl_setopt($curl, CURLOPT_REFERER, $url); - curl_setopt($curl, CURLOPT_ENCODING, 'gzip,deflate'); - curl_setopt($curl, CURLOPT_AUTOREFERER, true); - curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); - //curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true); //CURLOPT_FOLLOWLOCATION Disabled... - curl_setopt($curl, CURLOPT_TIMEOUT, 60); - - if (defined('_CURL_HTTP_PROXY')) { - curl_setopt($curl, CURLOPT_PROXY, _CURL_HTTP_PROXY); - } - - $html = curl_exec($curl); - - $status = curl_getinfo($curl); - - if($status['http_code']!=200){ - - // idiot site not allowing http head - if($status['http_code'] == 405) { - curl_close($curl); - return geturl($url, $depth +1, false); - } - - if($status['http_code'] == 301 || $status['http_code'] == 302) { - curl_close($curl); - list($header) = explode("\r\n\r\n", $html, 2); - $matches = array(); - preg_match("/(Location:|URI:)[^(\n)]*/", $header, $matches); - $url = trim(str_replace($matches[1],"",$matches[0])); - $url_parsed = parse_url($url); - return (isset($url_parsed))? geturl($url, $depth + 1):''; - } - - global $fetch_last_error; - - $fetch_last_error = curl_errno($curl) . " " . curl_error($curl); - curl_close($curl); - -# $oline=''; -# foreach($status as $key=>$eline){$oline.='['.$key.']'.$eline.' ';} -# $line =$oline." \r\n ".$url."\r\n-----------------\r\n"; -# $handle = @fopen('./curl.error.log', 'a'); -# fwrite($handle, $line); - return FALSE; - } - curl_close($curl); - return $url; - } - function get_minified_js($files) { require_once 'lib/jshrink/Minifier.php'; diff --git a/include/sanity_check.php b/include/sanity_check.php old mode 100644 new mode 100755 index 6bec43051..be314f4e2 --- a/include/sanity_check.php +++ b/include/sanity_check.php @@ -134,14 +134,10 @@ array_push($errors, "PHP support for hash() function is required but was not found."); } - if (!function_exists("ctype_lower")) { - array_push($errors, "PHP support for ctype functions are required by HTMLPurifier."); + if (ini_get("safe_mode")) { + array_push($errors, "PHP safe mode setting is obsolete and not supported by tt-rss."); } - /* if (ini_get("safe_mode")) { - array_push($errors, "PHP safe mode setting is not supported."); - } */ - if ((PUBSUBHUBBUB_HUB || PUBSUBHUBBUB_ENABLED) && !function_exists("curl_init")) { array_push($errors, "PHP support for CURL is required for PubSubHubbub."); } diff --git a/install/index.php b/install/index.php old mode 100644 new mode 100755 index e18583436..959dc6c0e --- a/install/index.php +++ b/install/index.php @@ -67,17 +67,13 @@ array_push($errors, "PHP support for hash() function is required but was not found."); } - if (!function_exists("ctype_lower")) { - array_push($errors, "PHP support for ctype functions are required by HTMLPurifier."); - } - if (!function_exists("iconv")) { array_push($errors, "PHP support for iconv is required to handle multiple charsets."); } - /* if (ini_get("safe_mode")) { - array_push($errors, "PHP safe mode setting is not supported."); - } */ + if (ini_get("safe_mode")) { + array_push($errors, "PHP safe mode setting is obsolete and not supported by tt-rss."); + } if (!class_exists("DOMDocument")) { array_push($errors, "PHP support for DOMDocument is required, but was not found."); diff --git a/plugins/af_readability/init.php b/plugins/af_readability/init.php old mode 100644 new mode 100755 index cfdcb69d3..6216d510a --- a/plugins/af_readability/init.php +++ b/plugins/af_readability/init.php @@ -106,8 +106,7 @@ class Af_Readability extends Plugin { curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_HEADER, true); curl_setopt($ch, CURLOPT_NOBODY, true); - curl_setopt($ch, CURLOPT_FOLLOWLOCATION, - !ini_get("safe_mode") && !ini_get("open_basedir")); + curl_setopt($ch, CURLOPT_FOLLOWLOCATION, !ini_get("open_basedir")); curl_setopt($ch, CURLOPT_USERAGENT, SELF_USER_AGENT); @$result = curl_exec($ch); diff --git a/plugins/af_redditimgur/init.php b/plugins/af_redditimgur/init.php index 051d51780..f99941477 100755 --- a/plugins/af_redditimgur/init.php +++ b/plugins/af_redditimgur/init.php @@ -262,8 +262,7 @@ class Af_RedditImgur extends Plugin { curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_HEADER, true); curl_setopt($ch, CURLOPT_NOBODY, true); - curl_setopt($ch, CURLOPT_FOLLOWLOCATION, - !ini_get("safe_mode") && !ini_get("open_basedir")); + curl_setopt($ch, CURLOPT_FOLLOWLOCATION, !ini_get("open_basedir")); curl_setopt($ch, CURLOPT_USERAGENT, SELF_USER_AGENT); @$result = curl_exec($ch); diff --git a/plugins/af_tumblr_1280/init.php b/plugins/af_tumblr_1280/init.php old mode 100644 new mode 100755 index f9938048b..985d8c5f8 --- a/plugins/af_tumblr_1280/init.php +++ b/plugins/af_tumblr_1280/init.php @@ -4,7 +4,7 @@ class Af_Tumblr_1280 extends Plugin { function about() { return array(1.0, - "Replace Tumblr pictures with largest size if available", + "Replace Tumblr pictures with largest size if available (requires CURL)", "fox"); } @@ -18,7 +18,8 @@ class Af_Tumblr_1280 extends Plugin { function hook_article_filter($article) { - $owner_uid = $article["owner_uid"]; + if (!function_exists("curl_init") || ini_get("open_basedir")) + return $article; $charset_hack = ' @@ -46,8 +47,7 @@ class Af_Tumblr_1280 extends Plugin { curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_HEADER, true); curl_setopt($ch, CURLOPT_NOBODY, true); - curl_setopt($ch, CURLOPT_FOLLOWLOCATION, - !ini_get("safe_mode") && !ini_get("open_basedir")); + curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); curl_setopt($ch, CURLOPT_USERAGENT, SELF_USER_AGENT); @$result = curl_exec($ch); diff --git a/plugins/af_unburn/init.php b/plugins/af_unburn/init.php old mode 100644 new mode 100755 index 5c9bc1387..593038871 --- a/plugins/af_unburn/init.php +++ b/plugins/af_unburn/init.php @@ -17,23 +17,19 @@ class Af_Unburn extends Plugin { function hook_article_filter($article) { $owner_uid = $article["owner_uid"]; - if (!function_exists("curl_init")) + if (!function_exists("curl_init") || ini_get("open_basedir")) return $article; if ((strpos($article["link"], "feedproxy.google.com") !== FALSE || strpos($article["link"], "/~r/") !== FALSE || strpos($article["link"], "feedsportal.com") !== FALSE)) { - if (ini_get("safe_mode") || ini_get("open_basedir")) { - $ch = curl_init(geturl($article["link"])); - } else { - $ch = curl_init($article["link"]); - } + $ch = curl_init($article["link"]); curl_setopt($ch, CURLOPT_TIMEOUT, 5); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_HEADER, true); - curl_setopt($ch, CURLOPT_FOLLOWLOCATION, !ini_get("safe_mode") && !ini_get("open_basedir")); + curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); curl_setopt($ch, CURLOPT_USERAGENT, SELF_USER_AGENT); if (defined('_CURL_HTTP_PROXY')) { @@ -76,55 +72,6 @@ class Af_Unburn extends Plugin { return $article; } - function geturl($url){ - - (function_exists('curl_init')) ? '' : die('cURL Must be installed for geturl function to work. Ask your host to enable it or uncomment extension=php_curl.dll in php.ini'); - - $curl = curl_init(); - $header[0] = "Accept: text/xml,application/xml,application/xhtml+xml,"; - $header[0] .= "text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5"; - $header[] = "Cache-Control: max-age=0"; - $header[] = "Connection: keep-alive"; - $header[] = "Keep-Alive: 300"; - $header[] = "Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7"; - $header[] = "Accept-Language: en-us,en;q=0.5"; - $header[] = "Pragma: "; - - curl_setopt($curl, CURLOPT_URL, $url); - curl_setopt($curl, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0 Firefox/5.0'); - curl_setopt($curl, CURLOPT_HTTPHEADER, $header); - curl_setopt($curl, CURLOPT_HEADER, true); - curl_setopt($curl, CURLOPT_REFERER, $url); - curl_setopt($curl, CURLOPT_ENCODING, 'gzip,deflate'); - curl_setopt($curl, CURLOPT_AUTOREFERER, true); - curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); - //curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true); //CURLOPT_FOLLOWLOCATION Disabled... - curl_setopt($curl, CURLOPT_TIMEOUT, 60); - - $html = curl_exec($curl); - - $status = curl_getinfo($curl); - curl_close($curl); - - if($status['http_code']!=200){ - if($status['http_code'] == 301 || $status['http_code'] == 302) { - list($header) = explode("\r\n\r\n", $html, 2); - $matches = array(); - preg_match("/(Location:|URI:)[^(\n)]*/", $header, $matches); - $url = trim(str_replace($matches[1],"",$matches[0])); - $url_parsed = parse_url($url); - return (isset($url_parsed))? geturl($url):''; - } - $oline=''; - foreach($status as $key=>$eline){$oline.='['.$key.']'.$eline.' ';} - $line =$oline." \r\n ".$url."\r\n-----------------\r\n"; - $handle = @fopen('./curl.error.log', 'a'); - fwrite($handle, $line); - return FALSE; - } - return $url; - } - function api_version() { return 2; }