From: Banana Date: Wed, 1 Jan 2020 18:52:21 +0000 (+0100) Subject: issue #2 and copy info updated for 2020 X-Git-Tag: 2.4_2020-02-16~12 X-Git-Url: http://91.132.146.200/gitweb/?a=commitdiff_plain;h=5e513c1b0eea1b45998d71cb47629dea9665fb29;p=insipid.git issue #2 and copy info updated for 2020 --- diff --git a/ChangeLog b/ChangeLog index 5c5d475..cc014f3 100755 --- a/ChangeLog +++ b/ChangeLog @@ -2,6 +2,8 @@ version x.x - Seven Portals (tba) + Now including update instructions + DB export only insipid tables and not the whole DB itself. + + #2 Protection if the email-import.php file if it needs to be + in a web accessible folder + Fixed the search for words. See update instructions how to correct your data version 2.3 - Guardian of Steel (2019-12-30) diff --git a/documentation/email-importer.txt b/documentation/email-importer.txt index f533409..1207e05 100644 --- a/documentation/email-importer.txt +++ b/documentation/email-importer.txt @@ -1,18 +1,17 @@ Insipid has a feature to fetch new links from E-Mails. Those E-Mails are read from a configured IMAP mailbox. +# Requirements You need to enable the imap/ssl functions within PHP and have a IMAP mailbox on a SSL/TLS email server. +# Config Set the config variables in the config file. Make sure you an individual marker string! There is no "security" within this method. Only the special string you can define. The new links will be hidden at first. You need to verify them before they are visible in your list. -Access the moderation with this link: index.php?p=stats -After authentication there will be more info and one called Moderation - Here are the important configs: EMAIL_SERVER => Address of your E-Mail server @@ -25,10 +24,24 @@ EMAIL_SERVER_PORT_SMTP => The SSL SMTP port for using the report back function. EMAIL_REPLY_BACK_VALID => Multiple E-Mails addresses which can be reported back to. RFC822-style comma-separated email addresses EMAIL_REPLY_BACK_ADDRESS => The E-Mail address which sends the report mail. Usually the address from which your read the mails +# Moderation +Access the moderation with this link: index.php?p=stats +After authentication there will be more info and one called Moderation +# Usage Syntax of the E-Mail body: absolute-link|multiple,category,strings|multiple,tag,strings\n new-absolute-link|multiple,category,strings|multiple,tag,strings\n -Create a cronjob to execute the email-import.php file. \ No newline at end of file +Create a cronjob to execute the email-import.php file. + +# Access and "protection" +If the file needs to be in a web accessible folder you can either use the provided htaccess file +or active the "protection" with a secret given by URL / cli param. +If you activate EMAIL_JOB_PROTECT you NEED to set an individual string in EMAIL_JOB_PROTECT_SECRET +AND remove the provided .htaccess file in the job folder. + +Use the following settings in the config file: +define('EMAIL_JOB_PROTECT', false); => Set to true if you want this kind of "protection" +define('EMAIL_JOB_PROTECT_SECRET', 'YOUR_SOME_SECRET_STRING'); => Change to your liking \ No newline at end of file diff --git a/documentation/update.txt b/documentation/update.txt index 0ee461d..7f328a5 100644 --- a/documentation/update.txt +++ b/documentation/update.txt @@ -1,7 +1,11 @@ -If you are updating from a previous version make sure every update info from the version -your are updating from is done. +If you are updating from a previous version make sure every update info from +the version your are updating from is done. x.x -+ Run (after authentication) at /index.php?p=stats the "Search index update" to make the -search work again correctly. At success, there is no confirmation. To validate you can now search -for single words case-insensitive. \ No newline at end of file ++ Run (after authentication) at /index.php?p=stats the "Search index update" +to make the search work again correctly. At success, there is no confirmation. +To validate you can now search for single words case-insensitive. + ++ Update config file with tow new settings. See config.default for more info +define('EMAIL_JOB_PROTECT', false); +define('EMAIL_JOB_PROTECT_SECRET', 'SOME_SECRET_STRING'); \ No newline at end of file diff --git a/webroot/config.default.php b/webroot/config.default.php index 76d2177..724a2ea 100644 --- a/webroot/config.default.php +++ b/webroot/config.default.php @@ -3,7 +3,7 @@ * Insipid * Personal web-bookmark-system * - * Copyright 2016-2019 Johannes Keßler + * Copyright 2016-2020 Johannes Keßler * * Development starting from 2011: Johannes Keßler * https://www.bananas-playground.net/projekt/insipid/ @@ -50,6 +50,12 @@ define("USE_PAGE_AUTH",false); # results per page define("RESULTS_PER_PAGE",12); +# if the location of email-import.php needs to be in a web accessible folder +# you can protect it by setting EMAIL_JOB_PROTECT to true +# and EMAIL_JOB_PROTECT_SECRET to a special secret string +# AND remove the default provided .htaccess file in the job folder +define('EMAIL_JOB_PROTECT', false); # Default false +define('EMAIL_JOB_PROTECT_SECRET', 'YOUR_SOME_SECRET_STRING'); # Your own secret string # settings for importing from e-mail # SSL/TLS only # IMAP (reading), SMTP (sending) diff --git a/webroot/index.php b/webroot/index.php index 4150334..7b6be3c 100644 --- a/webroot/index.php +++ b/webroot/index.php @@ -3,7 +3,7 @@ * Insipid * Personal web-bookmark-system * - * Copyright 2016-2019 Johannes Keßler + * Copyright 2016-2020 Johannes Keßler * * Development starting from 2011: Johannes Keßler * https://www.bananas-playground.net/projekt/insipid/ diff --git a/webroot/job/email-import.php b/webroot/job/email-import.php index f48b586..4815cfc 100644 --- a/webroot/job/email-import.php +++ b/webroot/job/email-import.php @@ -3,7 +3,7 @@ * Insipid * Personal web-bookmark-system * - * Copyright 2016-2019 Johannes Keßler + * Copyright 2016-2020 Johannes Keßler * * Development starting from 2011: Johannes Keßler * https://www.bananas-playground.net/projekt/insipid/ @@ -45,6 +45,29 @@ else { } require('../config.php'); + +// if the file needs to be in a web accessible folder +// you can either use the provided htaccess file +// or active the "protection" with a secret given by URL / cli param +if(defined('EMAIL_JOB_PROTECT') && EMAIL_JOB_PROTECT === true + && defined('EMAIL_JOB_PROTECT_SECRET')) { + + $_hiddenSouce = false; + + $cliOptions = getopt("",array("hiddenSouce::")); + if(!empty($cliOptions)) { + $_hiddenSouce = trim($cliOptions['hiddenSouce']); + } + elseif(isset($_GET['hiddenSouce']) && !empty($_GET['hiddenSouce'])) { + $_hiddenSouce = trim($_GET['hiddenSouce']); + } + + if($_hiddenSouce !== EMAIL_JOB_PROTECT_SECRET) { + error_log('ERROR Required param wrong.'); + exit("401\n"); + } +} + require('../lib/summoner.class.php'); require('../lib/tag.class.php'); require('../lib/category.class.php'); diff --git a/webroot/lib/email-import-helper.class.php b/webroot/lib/email-import-helper.class.php index 0017102..42db67c 100644 --- a/webroot/lib/email-import-helper.class.php +++ b/webroot/lib/email-import-helper.class.php @@ -3,7 +3,7 @@ * Insipid * Personal web-bookmark-system * - * Copyright 2016-2019 Johannes Keßler + * Copyright 2016-2020 Johannes Keßler * * Development starting from 2011: Johannes Keßler * https://www.bananas-playground.net/projekt/insipid/ diff --git a/webroot/lib/link.class.php b/webroot/lib/link.class.php index 2ef8ce8..df4709a 100644 --- a/webroot/lib/link.class.php +++ b/webroot/lib/link.class.php @@ -3,7 +3,7 @@ * Insipid * Personal web-bookmark-system * - * Copyright 2016-2019 Johannes Keßler + * Copyright 2016-2020 Johannes Keßler * * Development starting from 2011: Johannes Keßler * https://www.bananas-playground.net/projekt/insipid/ diff --git a/webroot/lib/management.class.php b/webroot/lib/management.class.php index df0c57a..9f07ed0 100644 --- a/webroot/lib/management.class.php +++ b/webroot/lib/management.class.php @@ -3,7 +3,7 @@ * Insipid * Personal web-bookmark-system * - * Copyright 2016-2019 Johannes Keßler + * Copyright 2016-2020 Johannes Keßler * * Development starting from 2011: Johannes Keßler * https://www.bananas-playground.net/projekt/insipid/ diff --git a/webroot/lib/simple-imap.class.php b/webroot/lib/simple-imap.class.php index a6ee6f2..c7d492d 100644 --- a/webroot/lib/simple-imap.class.php +++ b/webroot/lib/simple-imap.class.php @@ -1,6 +1,6 @@