mirror/FreshRSS
0
0
Fork 0
mirror of https://github.com/FreshRSS/FreshRSS.git synced 2026-02-06 03:21:10 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
6549932d59aef3b72a9da29294af0f30ffb77af5
FreshRSS/app/Controllers/indexController.php
Inverle 7915abd833 Implement custom feed favicons (#7646) 
Closes #3789, #6503

Icon setting when no custom icon is set yet:

![image](https://github.com/user-attachments/assets/28b07dd0-7dac-4c76-b1d7-77035f91a87a)

- `Change...` button opens a file dialog, and after selecting a file shows the chosen icon in the preview on the left. `Submit` must be clicked after selecting the icon.
- `Reset to default` changes the preview icon to the default one, and also requires `Submit` to be clicked to apply the changes.

Full list of changes:
- CSP now includes `blob:` in `img-src` for
   - `indexAction()` and `feedAction()` in `subscriptionController.php`
   - all of the view actions in `indexController.php`
- Introduce new attribute `customFavicon (boolean)` for feeds that indicates if the feed has a custom favicon
   - `hashFavicon()` in `Feed.php` is dependent on this attribute
      - `hashFavicon()` has a new parameter called `skipCache (boolean)` that allows the reset of the favicon hash for the Feed object
      - `resetFaviconHash()` just calls `hashFavicon(skipCache: true)`
- `f.php` URLs now have the format of `/f.php?h=XXXXX&t=cachebuster`, where the `t` parameter is only used for serving custom favicons
   - if `t` parameter is set, `f.php` returns a `Cache-Control: immutable` header
- `stripos` and `strpos` were changed to `str_contains` in various places (refactor)
- JS for handling the custom favicon configuration logic is in `extra.js` inside `init_update_feed()` which is called when feed configuration is opened from the aside or when the subscription management page with the feed is loaded
   - Server-side code for uploading the icon in `subscriptionController.php` under `feedAction()`
   - Errors that may occur during the setting of a custom favicon:
      - Unsupported image file type (handled only server-side with `isImgMime()`)
      - When the file is bigger than 1 MiB (default), handled both client-side and server-side
      - Standard feed error when `updateFeed()` fails
- JS vars `javascript_vars.phtml` are no longer escaped with `htmlspecialchars()`, instead with json encoding,
- CSS for disabled buttons was added
- Max favicon file size is configurable with the `max_favicon_upload_size` option in `config.php` (not exposed via UI)
- Custom favicons are currently deleted only when they are either reset to the default icon, or the feed gets deleted. They do not get deleted when the user deletes their account without removing their feeds first.
- ` faviconPrepare()` and `faviconRebuild()` are not allowed to be called when the `customFavicon` attribute is `true`
- New i18n strings:
   - `'sub.feed.icon' => 'Icon'`
   - `'sub.feed.change_favicon' => 'Change…'`
   - `'sub.feed.reset_favicon' => 'Reset to default'`
   - `'sub.feed.favicon_changed_by_ext' => 'The icon has been set by the <b>%s</b> extension.'`
   - `'feedback.sub.feed.favicon.too_large' => 'Uploaded icon is too large. The maximum file size is <em>%s</em>.'`
   - `'feedback.sub.feed.favicon.unsupported_format' => 'Unsupported image file format!'`
- Extension hook `custom_favicon_hash`
   - `setCustomFavicon()` method
   - `resetCustomFavicon()` method
   - `customFaviconExt` and `customFaviconDisallowDel` attributes
   - example of usage: https://github.com/FreshRSS/Extensions/pull/337
- Extension hook `custom_favicon_btn_url`
   - Allows extensions to implement a button for setting a custom favicon for individual feeds by providing an URL. The URL will be sent a POST request with the `extAction` field set to either `query_icon_info` or `update_icon`, along with an `id` field which describes the feed's ID.
2025-06-30 12:01:56 +02:00

357 lines
11 KiB
PHP
Raw Blame History

<?php
declare(strict_types=1);
/**
* This class handles main actions of FreshRSS.
*/
class FreshRSS_index_Controller extends FreshRSS_ActionController {
#[\Override]
public function firstAction(): void {
$this->view->html_url = Minz_Url::display(['c' => 'index', 'a' => 'index'], 'html', 'root');
}
/**
* This action only redirect on the default view mode (normal or global)
*/
public function indexAction(): void {
$preferred_output = FreshRSS_Context::userConf()->view_mode;
$viewMode = FreshRSS_ViewMode::getAllModes()[$preferred_output] ?? null;
// Fallback to 'normal' if the preferred mode was not found
if ($viewMode === null) {
Minz_Request::setBadNotification(_t('feedback.extensions.invalid_view_mode', $preferred_output));
$viewMode = FreshRSS_ViewMode::getAllModes()['normal'];
}
Minz_Request::forward([
'c' => $viewMode->controller(),
'a' => $viewMode->action(),
]);
}
/**
* This action displays the normal view of FreshRSS.
*/
public function normalAction(): void {
$allow_anonymous = FreshRSS_Context::systemConf()->allow_anonymous;
if (!FreshRSS_Auth::hasAccess() && !$allow_anonymous) {
Minz_Request::forward(['c' => 'auth', 'a' => 'login']);
return;
}
$id = Minz_Request::paramInt('id');
if ($id !== 0) {
$view = Minz_Request::paramString('a');
$url_redirect = ['c' => 'subscription', 'a' => 'feed', 'params' => ['id' => (string)$id, 'from' => $view]];
Minz_Request::forward($url_redirect, true);
return;
}
try {
FreshRSS_Context::updateUsingRequest(true);
} catch (FreshRSS_Context_Exception $e) {
Minz_Error::error(404);
}
$this->_csp([
'default-src' => "'self'",
'frame-src' => '*',
'img-src' => '* data: blob:',
'frame-ancestors' => "'none'",
'media-src' => '*',
]);
$this->view->categories = FreshRSS_Context::categories();
$this->view->rss_title = FreshRSS_Context::$name . ' | ' . FreshRSS_View::title();
$title = FreshRSS_Context::$name;
if (FreshRSS_Context::$get_unread > 0) {
$title = '(' . FreshRSS_Context::$get_unread . ') ' . $title;
}
FreshRSS_View::prependTitle($title . ' · ');
if (FreshRSS_Context::$id_max === '0') {
FreshRSS_Context::$id_max = uTimeString();
}
$this->view->callbackBeforeFeeds = static function (FreshRSS_View $view) {
$view->tags = FreshRSS_Context::labels(true);
$view->nbUnreadTags = 0;
foreach ($view->tags as $tag) {
$view->nbUnreadTags += $tag->nbUnread();
}
};
$this->view->callbackBeforeEntries = static function (FreshRSS_View $view) {
try {
// +1 to account for paging logic
$view->entries = FreshRSS_index_Controller::listEntriesByContext(FreshRSS_Context::$number + 1);
ob_start(); //Buffer "one entry at a time"
} catch (FreshRSS_EntriesGetter_Exception $e) {
Minz_Log::notice($e->getMessage());
Minz_Error::error(404);
}
};
$this->view->callbackBeforePagination = static function (?FreshRSS_View $view, int $nbEntries, FreshRSS_Entry $lastEntry) {
if ($nbEntries > FreshRSS_Context::$number) {
//We have enough entries: we discard the last one to use it for the next articles' page
ob_clean();
FreshRSS_Context::$continuation_id = $lastEntry->id();
} else {
FreshRSS_Context::$continuation_id = '0';
}
ob_end_flush();
};
}
/**
* This action displays the reader view of FreshRSS.
*
* @todo: change this view into specific CSS rules?
*/
public function readerAction(): void {
$this->normalAction();
}
/**
* This action displays the global view of FreshRSS.
*/
public function globalAction(): void {
$allow_anonymous = FreshRSS_Context::systemConf()->allow_anonymous;
if (!FreshRSS_Auth::hasAccess() && !$allow_anonymous) {
Minz_Request::forward(['c' => 'auth', 'a' => 'login']);
return;
}
FreshRSS_View::appendScript(Minz_Url::display('/scripts/extra.js?' . @filemtime(PUBLIC_PATH . '/scripts/extra.js')));
FreshRSS_View::appendScript(Minz_Url::display('/scripts/global_view.js?' . @filemtime(PUBLIC_PATH . '/scripts/global_view.js')));
try {
FreshRSS_Context::updateUsingRequest(true);
} catch (FreshRSS_Context_Exception) {
Minz_Error::error(404);
}
$this->view->categories = FreshRSS_Context::categories();
$this->view->rss_title = FreshRSS_Context::$name . ' | ' . FreshRSS_View::title();
$title = _t('index.feed.title_global');
if (FreshRSS_Context::$get_unread > 0) {
$title = '(' . FreshRSS_Context::$get_unread . ') ' . $title;
}
FreshRSS_View::prependTitle($title . ' · ');
$this->_csp([
'default-src' => "'self'",
'frame-src' => '*',
'img-src' => '* data: blob:',
'frame-ancestors' => "'none'",
'media-src' => '*',
]);
}
/**
* This action displays the RSS feed of FreshRSS.
* @deprecated See user query RSS sharing instead
*/
public function rssAction(): void {
$allow_anonymous = FreshRSS_Context::systemConf()->allow_anonymous;
$token = FreshRSS_Context::userConf()->token;
$token_param = Minz_Request::paramString('token');
$token_is_ok = ($token != '' && $token === $token_param);
// Check if user has access.
if (!FreshRSS_Auth::hasAccess() &&
!$allow_anonymous &&
!$token_is_ok) {
Minz_Error::error(403);
}
try {
FreshRSS_Context::updateUsingRequest(false);
} catch (FreshRSS_Context_Exception $e) {
Minz_Error::error(404);
}
try {
$this->view->entries = FreshRSS_index_Controller::listEntriesByContext();
} catch (FreshRSS_EntriesGetter_Exception $e) {
Minz_Log::notice($e->getMessage());
Minz_Error::error(404);
}
$this->view->html_url = Minz_Url::display('', 'html', true);
$this->view->rss_title = FreshRSS_Context::$name . ' | ' . FreshRSS_View::title();
$queryString = $_SERVER['QUERY_STRING'] ?? '';
$this->view->rss_url = htmlspecialchars(
PUBLIC_TO_INDEX_PATH . '/' . ($queryString === '' || !is_string($queryString) ? '' : '?' . $queryString), ENT_COMPAT, 'UTF-8');
// No layout for RSS output.
$this->view->_layout(null);
header('Content-Type: application/rss+xml; charset=utf-8');
}
/**
* @deprecated See user query OPML sharing instead
*/
public function opmlAction(): void {
$allow_anonymous = FreshRSS_Context::systemConf()->allow_anonymous;
$token = FreshRSS_Context::userConf()->token;
$token_param = Minz_Request::paramString('token');
$token_is_ok = ($token != '' && $token === $token_param);
// Check if user has access.
if (!FreshRSS_Auth::hasAccess() && !$allow_anonymous && !$token_is_ok) {
Minz_Error::error(403);
}
try {
FreshRSS_Context::updateUsingRequest(false);
} catch (FreshRSS_Context_Exception) {
Minz_Error::error(404);
}
$get = FreshRSS_Context::currentGet(true);
$type = (string)$get[0];
$id = (int)$get[1];
$this->view->excludeMutedFeeds = $type !== 'f'; // Exclude muted feeds except when we focus on a feed
switch ($type) {
case 'a': // All PRIORITY_MAIN_STREAM
case 'A': // All except PRIORITY_ARCHIVED
case 'Z': // All including PRIORITY_ARCHIVED
$this->view->categories = FreshRSS_Context::categories();
break;
case 'c':
$cat = FreshRSS_Context::categories()[$id] ?? null;
if ($cat == null) {
Minz_Error::error(404);
return;
}
$this->view->categories = [$cat->id() => $cat];
break;
case 'f':
// We most likely already have the feed object in cache
$feed = FreshRSS_Category::findFeed(FreshRSS_Context::categories(), $id);
if ($feed === null) {
$feedDAO = FreshRSS_Factory::createFeedDao();
$feed = $feedDAO->searchById($id);
if ($feed == null) {
Minz_Error::error(404);
return;
}
}
$this->view->feeds = [$feed->id() => $feed];
break;
case 's':
case 't':
case 'T':
default:
Minz_Error::error(404);
return;
}
// No layout for OPML output.
$this->view->_layout(null);
header('Content-Type: application/xml; charset=utf-8');
}
/**
* This method returns a list of entries based on the Context object.
* @param int $postsPerPage override `FreshRSS_Context::$number`
* @return Traversable<FreshRSS_Entry>
* @throws FreshRSS_EntriesGetter_Exception
*/
public static function listEntriesByContext(?int $postsPerPage = null): Traversable {
$entryDAO = FreshRSS_Factory::createEntryDao();
$get = FreshRSS_Context::currentGet(true);
if (is_array($get)) {
$type = $get[0];
$id = (int)($get[1]);
} else {
$type = $get;
$id = 0;
}
$id_min = '0';
if (FreshRSS_Context::$sinceHours > 0) {
$id_min = (time() - (FreshRSS_Context::$sinceHours * 3600)) . '000000';
}
$continuation_value = 0;
if (FreshRSS_Context::$continuation_id !== '0') {
if (in_array(FreshRSS_Context::$sort, ['date', 'link', 'title'], true)) {
$pagingEntry = $entryDAO->searchById(FreshRSS_Context::$continuation_id);
$continuation_value = $pagingEntry === null ? 0 : match (FreshRSS_Context::$sort) {
'date' => $pagingEntry->date(true),
'link' => $pagingEntry->link(true),
'title' => $pagingEntry->title(),
};
} elseif (FreshRSS_Context::$sort === 'rand') {
FreshRSS_Context::$continuation_id = '0';
}
}
foreach ($entryDAO->listWhere(
$type, $id, FreshRSS_Context::$state, FreshRSS_Context::$search,
id_min: $id_min, id_max: FreshRSS_Context::$id_max, sort: FreshRSS_Context::$sort, order: FreshRSS_Context::$order,
continuation_id: FreshRSS_Context::$continuation_id, continuation_value: $continuation_value,
limit: $postsPerPage ?? FreshRSS_Context::$number, offset: FreshRSS_Context::$offset) as $entry) {
yield $entry;
}
}
/**
* This action displays the about page of FreshRSS.
*/
public function aboutAction(): void {
FreshRSS_View::prependTitle(_t('index.about.title') . ' · ');
}
/**
* This action displays the EULA/TOS (Terms of Service) page of FreshRSS.
* This page is enabled only if admin created a data/tos.html file.
* The content of the page is the content of data/tos.html.
* It returns 404 if there is no EULA/TOS.
*/
public function tosAction(): void {
$terms_of_service = file_get_contents(TOS_FILENAME);
if ($terms_of_service === false) {
Minz_Error::error(404);
return;
}
$this->view->terms_of_service = $terms_of_service;
$this->view->can_register = !max_registrations_reached();
FreshRSS_View::prependTitle(_t('index.tos.title') . ' · ');
}
/**
* This action displays logs of FreshRSS for the current user.
*/
public function logsAction(): void {
if (!FreshRSS_Auth::hasAccess()) {
Minz_Error::error(403);
}
FreshRSS_View::prependTitle(_t('index.log.title') . ' · ');
if (Minz_Request::isPost()) {
FreshRSS_LogDAO::truncate();
}
$logs = FreshRSS_LogDAO::lines(); //TODO: ask only the necessary lines
//gestion pagination
$page = Minz_Request::paramInt('page') ?: 1;
$this->view->logsPaginator = new Minz_Paginator($logs);
$this->view->logsPaginator->_nbItemsPerPage(50);
$this->view->logsPaginator->_currentPage($page);
}
}
Reference in New Issue View Git Blame Copy Permalink