From 45c960a4516946f1ff8cb1f801ea36282330ca98 Mon Sep 17 00:00:00 2001 From: VirtualTam Date: Wed, 24 Jun 2015 23:01:21 +0200 Subject: [PATCH] LinkDB: do not access global variables Relates to #218 Removes "hidden" access to the following variables: - $GLOBALS['config']['datastore'] - PHPPREFIX - PHPSUFFIX Signed-off-by: VirtualTam --- application/LinkDB.php | 29 +++++++++++++++++++---------- index.php | 8 ++++++-- tests/LinkDBTest.php | 32 +++++++++++++------------------- tests/utils/ReferenceLinkDB.php | 4 ++-- 4 files changed, 40 insertions(+), 33 deletions(-) diff --git a/application/LinkDB.php b/application/LinkDB.php index 2b3fb60bb..25e2fc7d0 100644 --- a/application/LinkDB.php +++ b/application/LinkDB.php @@ -27,6 +27,15 @@ */ class LinkDB implements Iterator, Countable, ArrayAccess { + // Links are stored as a PHP serialized string + private $datastore; + + // Datastore PHP prefix + protected static $phpPrefix = ''; + // List of links (associative array) // - key: link date (e.g. "20110823_124546"), // - value: associative array (keys: title, description...) @@ -55,9 +64,9 @@ class LinkDB implements Iterator, Countable, ArrayAccess * * @param $isLoggedIn is the user logged in? */ - function __construct($isLoggedIn, $hidePublicLinks) + function __construct($datastore, $isLoggedIn, $hidePublicLinks) { - // FIXME: do not access $GLOBALS, pass the datastore instead + $this->datastore = $datastore; $this->loggedIn = $isLoggedIn; $this->hidePublicLinks = $hidePublicLinks; $this->checkDB(); @@ -172,7 +181,7 @@ function valid() */ private function checkDB() { - if (file_exists($GLOBALS['config']['DATASTORE'])) { + if (file_exists($this->datastore)) { return; } @@ -202,8 +211,8 @@ private function checkDB() // TODO: raise an exception if the file is not write-able file_put_contents( // FIXME: do not use $GLOBALS - $GLOBALS['config']['DATASTORE'], - PHPPREFIX.base64_encode(gzdeflate(serialize($this->links))).PHPSUFFIX + $this->datastore, + self::$phpPrefix.base64_encode(gzdeflate(serialize($this->links))).self::$phpSuffix ); } @@ -225,10 +234,10 @@ private function readdb() // FIXME: do not use $GLOBALS $this->links = array(); - if (file_exists($GLOBALS['config']['DATASTORE'])) { + if (file_exists($this->datastore)) { $this->links = unserialize(gzinflate(base64_decode( - substr(file_get_contents($GLOBALS['config']['DATASTORE']), - strlen(PHPPREFIX), -strlen(PHPSUFFIX))))); + substr(file_get_contents($this->datastore), + strlen(self::$phpPrefix), -strlen(self::$phpSuffix))))); } // If user is not logged in, filter private links. @@ -266,8 +275,8 @@ public function savedb() die('You are not authorized to change the database.'); } file_put_contents( - $GLOBALS['config']['DATASTORE'], - PHPPREFIX.base64_encode(gzdeflate(serialize($this->links))).PHPSUFFIX + $this->datastore, + self::$phpPrefix.base64_encode(gzdeflate(serialize($this->links))).self::$phpSuffix ); invalidateCaches(); } diff --git a/index.php b/index.php index 96a601ded..bbe302a63 100644 --- a/index.php +++ b/index.php @@ -41,8 +41,6 @@ if (is_file($GLOBALS['config']['DATADIR'].'/options.php')) require($GLOBALS['config']['DATADIR'].'/options.php'); define('shaarli_version','0.0.45beta'); -define('PHPPREFIX',''); // Suffix to encapsulate data in PHP code. // http://server.com/x/shaarli --> /shaarli/ define('WEB_PATH', substr($_SERVER["REQUEST_URI"], 0, 1+strrpos($_SERVER["REQUEST_URI"], '/', 0))); @@ -700,6 +698,7 @@ function showRSS() // If cached was not found (or not usable), then read the database and build the response: $LINKSDB = new LinkDB( + $GLOBALS['config']['DATASTORE'], isLoggedIn() || $GLOBALS['config']['OPEN_SHAARLI'], $GLOBALS['config']['HIDE_PUBLIC_LINKS'] ); @@ -780,6 +779,7 @@ function showATOM() // Read links from database (and filter private links if used it not logged in). $LINKSDB = new LinkDB( + $GLOBALS['config']['DATASTORE'], isLoggedIn() || $GLOBALS['config']['OPEN_SHAARLI'], $GLOBALS['config']['HIDE_PUBLIC_LINKS'] ); @@ -866,6 +866,7 @@ function showDailyRSS() // Read links from database (and filter private links if used it not logged in). $LINKSDB = new LinkDB( + $GLOBALS['config']['DATASTORE'], isLoggedIn() || $GLOBALS['config']['OPEN_SHAARLI'], $GLOBALS['config']['HIDE_PUBLIC_LINKS'] ); @@ -937,6 +938,7 @@ function showDailyRSS() function showDaily() { $LINKSDB = new LinkDB( + $GLOBALS['config']['DATASTORE'], isLoggedIn() || $GLOBALS['config']['OPEN_SHAARLI'], $GLOBALS['config']['HIDE_PUBLIC_LINKS'] ); @@ -1006,6 +1008,7 @@ function showDaily() function renderPage() { $LINKSDB = new LinkDB( + $GLOBALS['config']['DATASTORE'], isLoggedIn() || $GLOBALS['config']['OPEN_SHAARLI'], $GLOBALS['config']['HIDE_PUBLIC_LINKS'] ); @@ -1587,6 +1590,7 @@ function importFile() { if (!(isLoggedIn() || $GLOBALS['config']['OPEN_SHAARLI'])) { die('Not allowed.'); } $LINKSDB = new LinkDB( + $GLOBALS['config']['DATASTORE'], isLoggedIn() || $GLOBALS['config']['OPEN_SHAARLI'], $GLOBALS['config']['HIDE_PUBLIC_LINKS'] ); diff --git a/tests/LinkDBTest.php b/tests/LinkDBTest.php index f67d4d9bd..0d3433597 100644 --- a/tests/LinkDBTest.php +++ b/tests/LinkDBTest.php @@ -7,9 +7,6 @@ require_once 'application/Utils.php'; require_once 'tests/utils/ReferenceLinkDB.php'; -define('PHPPREFIX', ''); - /** * Unitary tests for LinkDB @@ -38,11 +35,10 @@ class LinkDBTest extends PHPUnit_Framework_TestCase public static function setUpBeforeClass() { self::$refDB = new ReferenceLinkDB(); - self::$refDB->write(self::$testDatastore, PHPPREFIX, PHPSUFFIX); + self::$refDB->write(self::$testDatastore); - $GLOBALS['config']['DATASTORE'] = self::$testDatastore; - self::$publicLinkDB = new LinkDB(false, false); - self::$privateLinkDB = new LinkDB(true, false); + self::$publicLinkDB = new LinkDB(self::$testDatastore, false, false); + self::$privateLinkDB = new LinkDB(self::$testDatastore, true, false); } /** @@ -50,7 +46,6 @@ public static function setUpBeforeClass() */ protected function setUp() { - $GLOBALS['config']['DATASTORE'] = self::$testDatastore; if (file_exists(self::$testDatastore)) { unlink(self::$testDatastore); } @@ -76,7 +71,7 @@ protected static function getMethod($name) */ public function testConstructLoggedIn() { - new LinkDB(true, false); + new LinkDB(self::$testDatastore, true, false); $this->assertFileExists(self::$testDatastore); } @@ -85,7 +80,7 @@ public function testConstructLoggedIn() */ public function testConstructLoggedOut() { - new LinkDB(false, false); + new LinkDB(self::$testDatastore, false, false); $this->assertFileExists(self::$testDatastore); } @@ -97,8 +92,7 @@ public function testConstructLoggedOut() */ public function testConstructDatastoreNotWriteable() { - $GLOBALS['config']['DATASTORE'] = 'null/store.db'; - new LinkDB(false, false); + new LinkDB('null/store.db', false, false); } /** @@ -106,7 +100,7 @@ public function testConstructDatastoreNotWriteable() */ public function testCheckDBNew() { - $linkDB = new LinkDB(false, false); + $linkDB = new LinkDB(self::$testDatastore, false, false); unlink(self::$testDatastore); $this->assertFileNotExists(self::$testDatastore); @@ -126,7 +120,7 @@ public function testCheckDBNew() */ public function testCheckDBLoad() { - $linkDB = new LinkDB(false, false); + $linkDB = new LinkDB(self::$testDatastore, false, false); $this->assertEquals( self::$dummyDatastoreSHA1, sha1_file(self::$testDatastore) @@ -147,8 +141,8 @@ public function testCheckDBLoad() */ public function testReadEmptyDB() { - file_put_contents(self::$testDatastore, PHPPREFIX.'S7QysKquBQA='.PHPSUFFIX); - $emptyDB = new LinkDB(false, false); + file_put_contents(self::$testDatastore, ''); + $emptyDB = new LinkDB(self::$testDatastore, false, false); $this->assertEquals(0, sizeof($emptyDB)); $this->assertEquals(0, count($emptyDB)); } @@ -180,7 +174,7 @@ public function testReadPrivateDB() */ public function testSaveDB() { - $testDB = new LinkDB(true, false); + $testDB = new LinkDB(self::$testDatastore, true, false); $dbSize = sizeof($testDB); $link = array( @@ -198,7 +192,7 @@ function invalidateCaches() {} $testDB->savedb(); - $testDB = new LinkDB(true, false); + $testDB = new LinkDB(self::$testDatastore, true, false); $this->assertEquals($dbSize + 1, sizeof($testDB)); } @@ -222,7 +216,7 @@ public function testCount() */ public function testCountHiddenPublic() { - $linkDB = new LinkDB(false, true); + $linkDB = new LinkDB(self::$testDatastore, false, true); $this->assertEquals( 0, diff --git a/tests/utils/ReferenceLinkDB.php b/tests/utils/ReferenceLinkDB.php index 2cb05baeb..59ba671fc 100644 --- a/tests/utils/ReferenceLinkDB.php +++ b/tests/utils/ReferenceLinkDB.php @@ -93,11 +93,11 @@ protected function addLink($title, $url, $description, $private, $date, $tags) /** * Writes data to the datastore */ - public function write($filename, $prefix, $suffix) + public function write($filename) { file_put_contents( $filename, - $prefix.base64_encode(gzdeflate(serialize($this->links))).$suffix + 'links))).' */ ?>' ); }