Various fixes and enhancements

.travis.yml

@@ -40,7 +40,7 @@ before_script:
 
 script:
     - utils/php-parallel-lint/parallel-lint controllers daos helpers spouts templates
-    - if [ "$CS_FIXER" = true ]; then utils/php-cs-fixer/php-cs-fixer fix --verbose --dry-run; fi
+    - if [ "$CS_FIXER" = true ]; then utils/php-cs-fixer/php-cs-fixer fix --verbose --dry-run --diff; fi
 
 before_deploy:
     - source utils/package.sh

_docs/website/index.html

@@ -224,7 +224,7 @@ <h2 id="configuration_params">Configuration</h2>
                     </tr>
                     <tr>
                         <td class="documentation-first-column">base_url</td>
-                        <td>base url of the selfoss page; use this option if you use a ssl proxy which changes the $_SERVER globals</td>
+                        <td>base url of the selfoss page; use this option if you use a ssl proxy which changes the $_SERVER globals, most notably the URL path in which the app is installed.</td>
                     </tr>
                     <tr>
                         <td class="documentation-first-column">username</td>

daos/mysql/Database.php

@@ -222,38 +222,4 @@ public function __construct() {
     public function optimize() {
         @\F3::get('db')->exec('OPTIMIZE TABLE `' . \F3::get('db_prefix') . 'sources`, `' . \F3::get('db_prefix') . 'items`');
     }
-
-    /**
-     * Ensure row values have the appropriate PHP type. This assumes we are
-     * using buffered queries (sql results are in PHP memory).
-     *
-     * @param rows array of associative array representing row results
-     * @param expectedRowTypes associative array mapping columns to PDO types
-     *
-     * @return array of associative array representing row results having
-     *         expected types
-     */
-    public function ensureRowTypes($rows, $expectedRowTypes) {
-        foreach ($rows as $rowIndex => $row) {
-            foreach ($expectedRowTypes as $columnIndex => $type) {
-                if (array_key_exists($columnIndex, $row)) {
-                    switch ($type) {
-                        case \PDO::PARAM_INT:
-                            $value = intval($row[$columnIndex]);
-                            break;
-                        case \PDO::PARAM_BOOL:
-                            if ($row[$columnIndex] == '1') {
-                                $value = true;
-                            } else {
-                                $value = false;
-                            }
-                            break;
-                    }
-                    $rows[$rowIndex][$columnIndex] = $value;
-                }
-            }
-        }
-
-        return $rows;
-    }
 }

daos/mysql/Items.php

@@ -489,7 +489,7 @@ public function stats() {
             ' . $this->stmt->sumBool('unread') . ' AS unread,
             ' . $this->stmt->sumBool('starred') . ' AS starred
             FROM ' . \F3::get('db_prefix') . 'items;');
-        $res = $this->ensureRowTypes($res, [
+        $res = $this->stmt->ensureRowTypes($res, [
             'total' => \PDO::PARAM_INT,
             'unread' => \PDO::PARAM_INT,
             'starred' => \PDO::PARAM_INT
@@ -523,7 +523,7 @@ public function statuses($since) {
             FROM ' . \F3::get('db_prefix') . 'items
             WHERE ' . \F3::get('db_prefix') . 'items.updatetime > :since;',
                 [':since' => [$since, \PDO::PARAM_STR]]);
-        $res = $this->ensureRowTypes($res, [
+        $res = $this->stmt->ensureRowTypes($res, [
             'id' => \PDO::PARAM_INT,
             'unread' => \PDO::PARAM_BOOL,
             'starred' => \PDO::PARAM_BOOL

daos/mysql/Statements.php

@@ -136,4 +136,38 @@ public static function bool($bool) {
     public static function datetime($datestr) {
         return $datestr; // mysql supports ISO8601 datetime comparisons
     }
+
+    /**
+     * Ensure row values have the appropriate PHP type. This assumes we are
+     * using buffered queries (sql results are in PHP memory).
+     *
+     * @param rows array of associative array representing row results
+     * @param expectedRowTypes associative array mapping columns to PDO types
+     *
+     * @return array of associative array representing row results having
+     *         expected types
+     */
+    public function ensureRowTypes($rows, $expectedRowTypes) {
+        foreach ($rows as $rowIndex => $row) {
+            foreach ($expectedRowTypes as $columnIndex => $type) {
+                if (array_key_exists($columnIndex, $row)) {
+                    switch ($type) {
+                        case \PDO::PARAM_INT:
+                            $value = intval($row[$columnIndex]);
+                            break;
+                        case \PDO::PARAM_BOOL:
+                            if ($row[$columnIndex] == '1') {
+                                $value = true;
+                            } else {
+                                $value = false;
+                            }
+                            break;
+                    }
+                    $rows[$rowIndex][$columnIndex] = $value;
+                }
+            }
+        }
+
+        return $rows;
+    }
 }

daos/pgsql/Database.php

@@ -227,18 +227,4 @@ public function __construct() {
     public function optimize() {
         \F3::get('db')->exec('VACUUM ANALYZE');
     }
-
-    /**
-     * Ensure row values have the appropriate PHP type. This assumes we are
-     * using buffered queries (sql results are in PHP memory).
-     *
-     * @param rows array of associative array representing row results
-     * @param expectedRowTypes associative array mapping columns to PDO types
-     *
-     * @return array of associative array representing row results having
-     *         expected types
-     */
-    public function ensureRowTypes($rows, $expectedRowTypes) {
-        return $rows; // pgsql returns correct PHP types
-    }
 }

daos/pgsql/Statements.php

@@ -86,4 +86,18 @@ public static function isFalse($column) {
     public static function csvRowMatches($column, $value) {
         return "$value=ANY(string_to_array($column, ','))";
     }
+
+    /**
+     * Ensure row values have the appropriate PHP type. This assumes we are
+     * using buffered queries (sql results are in PHP memory).
+     *
+     * @param rows array of associative array representing row results
+     * @param expectedRowTypes associative array mapping columns to PDO types
+     *
+     * @return array of associative array representing row results having
+     *         expected types
+     */
+    public function ensureRowTypes($rows, $expectedRowTypes) {
+        return $rows; // pgsql returns correct PHP types
+    }
 }

helpers/Authentication.php

@@ -21,20 +21,15 @@ public function __construct() {
             return;
         }
 
+        $base_url = parse_url(\helpers\View::getBaseUrl());
+
         // session cookie will be valid for one month.
         $cookie_expire = 3600 * 24 * 30;
-        $cookie_secure = isset($_SERVER['HTTPS']) && !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off';
+        $cookie_secure = $base_url['scheme'] == 'https';
         $cookie_httponly = true;
+        $cookie_path = $base_url['path'];
+        $cookie_domain = $base_url['host'];
 
-        // check for SSL proxy and special cookie options
-        if (isset($_SERVER['HTTP_X_FORWARDED_SERVER']) && isset($_SERVER['HTTP_X_FORWARDED_HOST'])
-           && ($_SERVER['HTTP_X_FORWARDED_SERVER'] === $_SERVER['HTTP_X_FORWARDED_HOST'])) {
-            $cookie_path = '/' . $_SERVER['SERVER_NAME'] . preg_replace('/\/[^\/]+$/', '', $_SERVER['PHP_SELF']) . '/';
-            $cookie_domain = $_SERVER['HTTP_X_FORWARDED_SERVER'];
-        } else {
-            $cookie_path = \F3::get('BASE') . '/';
-            $cookie_domain = $_SERVER['SERVER_NAME'];
-        }
         session_set_cookie_params(
             $cookie_expire, $cookie_path, $cookie_domain, $cookie_secure, $cookie_httponly
         );

helpers/View.php

@@ -26,7 +26,7 @@ public function __construct() {
      * config.ini this will be used. Otherwise base url will be generated by
      * globale server variables ($_SERVER).
      */
-    public function getBaseUrl() {
+    public static function getBaseUrl() {
         $base = '';
 
         // base url in config.ini file
@@ -39,16 +39,23 @@ public function getBaseUrl() {
 
         // auto generate base url
         } else {
-            $lastSlash = strrpos($_SERVER['REQUEST_URI'], '/');
-            $subdir = $lastSlash !== false ? substr($_SERVER['REQUEST_URI'], 0, $lastSlash) : '';
-
             $protocol = 'http';
-            if (isset($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] == 'on' || $_SERVER['HTTPS'] == 1) ||
-               (isset($_SERVER['HTTP_X_FORWARDED_PROTO'])) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https' ||
-               (isset($_SERVER['HTTP_HTTPS'])) && $_SERVER['HTTP_HTTPS'] == 'https') {
+            if ((isset($_SERVER['HTTPS']) && !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ||
+                (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') ||
+                (isset($_SERVER['HTTP_HTTPS']) && $_SERVER['HTTP_HTTPS'] == 'https')) {
                 $protocol = 'https';
             }
 
+            // check for SSL proxy
+            if (isset($_SERVER['HTTP_X_FORWARDED_SERVER']) && isset($_SERVER['HTTP_X_FORWARDED_HOST'])
+            && ($_SERVER['HTTP_X_FORWARDED_SERVER'] === $_SERVER['HTTP_X_FORWARDED_HOST'])) {
+                $subdir = '/' . preg_replace('/\/[^\/]+$/', '', $_SERVER['PHP_SELF']);
+                $host = $_SERVER['HTTP_X_FORWARDED_SERVER'];
+            } else {
+                $subdir = \F3::get('BASE');
+                $host = $_SERVER['SERVER_NAME'];
+            }
+
             $port = '';
             if (($protocol == 'http' && $_SERVER['SERVER_PORT'] != '80') ||
                 ($protocol == 'https' && $_SERVER['SERVER_PORT'] != '443')) {
@@ -59,7 +66,7 @@ public function getBaseUrl() {
                 $port = ':' . $_SERVER['HTTP_X_FORWARDED_PORT'];
             }
 
-            $base = $protocol . '://' . $_SERVER['SERVER_NAME'] . $port . $subdir . '/';
+            $base = $protocol . '://' . $host . $port . $subdir . '/';
         }
 
         return $base;

public/css/style.css

@@ -16,9 +16,6 @@ body {
 select,
 input {
     border:solid 1px #ccc;
-    -moz-border-radius:2px;
-    -webkit-border-radius:2px;
-    -khtml-border-radius:2px;
     border-radius:2px;
     padding:6px;
 }
@@ -27,13 +24,13 @@ body * {
 	outline:0;
 }
 
-#error {
+#message {
     display:none;
     position:absolute;
     width:100%;
-    background:#f2dede;
-    border:1px solid #eed3d7;
-    color:#b94a48;
+    background:#e6e6fa;
+    border:1px solid #00008b;
+    color:#00008b;
     -ms-filter: "progid:DXImageTransform.Microsoft.Alpha(Opacity=90)";
     filter: alpha(opacity=90);
     -moz-opacity: 0.9;
@@ -44,6 +41,20 @@ body * {
     padding:10px;
 }
 
+#message a {
+    font-size:0.9em;
+    text-align:center;
+    border-radius:2px;
+    cursor:pointer;
+    background:#cccccc;
+}
+
+#message.error {
+    background:#f2dede;
+    border-color:#eed3d7;
+    color:#b94a48;
+}
+
 
 /* navigation */
 
@@ -77,9 +88,6 @@ body * {
         background:#3d6d69;
         font-size:0.9em;
         text-align:center;
-        -moz-border-radius:2px;
-        -webkit-border-radius:2px;
-        -khtml-border-radius:2px;
         border-radius:2px;
         cursor:pointer;
     }
@@ -198,9 +206,6 @@ body * {
             width:10px;
             height:10px;
             margin-left:-30px;
-            -moz-border-radius:2px;
-            -webkit-border-radius:2px;
-            -khtml-border-radius:2px;
             border-radius:2px;
         }
 
@@ -271,9 +276,6 @@ body * {
         left:20px;
         width:45px;
         height:45px;
-        -moz-border-radius:2px;
-        -webkit-border-radius:2px;
-        -khtml-border-radius:2px;
         border-radius:2px;
         cursor:pointer;
     }
@@ -425,9 +427,6 @@ body * {
 .source {
     margin:1px 50px 3px 5px; 
     padding:5px; 
-    -moz-border-radius:4px;
-    -webkit-border-radius:4px;
-    -khtml-border-radius:4px;
     border-radius:4px;
     background:rgba(255, 255, 255, 0.4);
     position:relative;
@@ -481,9 +480,6 @@ body * {
         }
 
     .entry-tags-tag {
-        -moz-border-radius:4px;
-        -webkit-border-radius:4px;
-        -khtml-border-radius:4px;
         border-radius:4px;
         padding:2px;
         font-size:0.8em;
@@ -550,7 +546,10 @@ body * {
             max-width: 750px;
         }
 
-        .entry-content pre,
+        .entry-content pre {
+            overflow-x: auto;
+        }
+
         .entry-content blockquote {
             overflow-x: unset;
         }
@@ -988,9 +987,6 @@ body.publicmode.notloggedin .entry-unread {
     .source {
         margin:0;
         padding:7px;
-        -moz-border-radius:0px;
-        -webkit-border-radius:0px;
-        -khtml-border-radius:0px;
         border-radius:0px;
         /*border-top:1px solid #ccc;*/
         border:0;
@@ -1004,8 +1000,6 @@ body.publicmode.notloggedin .entry-unread {
         color:#333;
         border:0;
         background:#ededed;
-        -webkit-border-radius:4px;
-        -moz-border-radius:4px;
         border-radius:4px;
         cursor:pointer;
         padding:5px;
@@ -1212,8 +1206,6 @@ body.publicmode.notloggedin .entry-unread {
                 color:#ededed;
                 border:0;
                 background:#333;
-                -webkit-border-radius:4px;
-                -moz-border-radius:4px;
                 border-radius:4px;
                 cursor:pointer;
             }
@@ -1267,9 +1259,6 @@ body.publicmode.notloggedin .entry-unread {
         .entry {
             margin:0;
             padding:7px;
-            -moz-border-radius:0px;
-            -webkit-border-radius:0px;
-            -khtml-border-radius:0px;
             border-radius:0px;
             font-size:0.8em;
             border-top:1px solid #ccc;