Compat SPIP 4.1

.editorconfig

@@ -0,0 +1,12 @@
+# EditorConfig is awesome: https://EditorConfig.org
+
+# top-most EditorConfig file
+root = true
+
+[*]
+indent_style = tab
+indent_size = 2
+end_of_line = lf
+charset = utf-8
+trim_trailing_whitespace = true
+insert_final_newline = false

.gitattributes

@@ -0,0 +1,9 @@
+/phpstan.neon.dist export-ignore
+/phpstan-baseline.neon export-ignore
+/phpstan-constants.php export-ignore
+/.gitignore export-ignore
+/.gitattributes export-ignore
+/tests/ export-ignore
+/phpunit.xml.dist export-ignore
+/.php-cs-fixer.dist.php export-ignore
+/.editorconfig export-ignore

.gitignore

@@ -0,0 +1,8 @@
+/vendor/
+/composer.lock
+/.phpunit.cache
+/phpunit.xml
+/.php-cs-fixer.cache
+/.php-cs-fixer.php
+/phpstan.neon
+/bin/

CHANGELOG.md

@@ -0,0 +1,8 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## Unreleased

action/api.php

@@ -3,119 +3,123 @@
 function action_api_dist() {
 
 	$xml = false;
+	$id_me = 0;
 
 	// forcer le https sauf si on a define('_API_HTTPS', false)
-	if (!defined('_API_HTTPS')
-	OR _API_HTTPS) {
-		if ($_SERVER['SERVER_PORT'] != 443)
-			erreur_405("Please use https");
+	if (
+		!defined('_API_HTTPS')
+		or _API_HTTPS
+	) {
+		if ($_SERVER['SERVER_PORT'] != 443) {
+			erreur_405('Please use https');
+		}
 	}
 
 	include_spip('inc/session');
 	$id_auteur = session_get('id_auteur');
-	if ($id_auteur < 1) erreur_405("The username and/or password used for authentication are invalid", 401);
+	if ($id_auteur < 1) {
+		erreur_405('The username and/or password used for authentication are invalid', 401);
+	}
+
+	$method = $_SERVER['REQUEST_METHOD'];
+
 
-	$method = $_SERVER["REQUEST_METHOD"];
-
-
-	if ($method == "PUT") {
+	if ($method == 'PUT') {
 		// UPDATE
-		
-		$putdata = fopen("php://input", "r");
-		
+
+		$putdata = fopen('php://input', 'r');
+
 		/* Open a file for writing */
 		/* Read the data 1 KB at a time
 		   and write to the file */
-		while ($data = fread($putdata, 1024))
+		while ($data = fread($putdata, 1024)) {
 			$xml .= $data;
+		}
 		fclose($putdata);
 		$xml = trim($xml);
 	}
-	else if ($method == "POST") {	
-		$xml = trim(isset($GLOBALS["HTTP_RAW_POST_DATA"]) ? isset($GLOBALS["HTTP_RAW_POST_DATA"]) : file_get_contents('php://input'));
+	elseif ($method == 'POST') {
+		$xml = trim(isset($GLOBALS['HTTP_RAW_POST_DATA']) ?: file_get_contents('php://input'));
 
-		$contenttype = $_SERVER["CONTENT_TYPE"];
-		if (!preg_match(",application\/(atom\+)?xml,", $contenttype)) {
-			erreur_405("Wrong content-type");
+		$contenttype = $_SERVER['CONTENT_TYPE'];
+		if (!preg_match(',application\/(atom\+)?xml,', $contenttype)) {
+			erreur_405('Wrong content-type');
 		}
-
-
-	} else if ($method == "DELETE") {
-		$url = $_SERVER["REQUEST_URI"];
-		if (preg_match("/messages\/([0-9]+)$/", $url, $regs)) {
+	} elseif ($method == 'DELETE') {
+		$url = $_SERVER['REQUEST_URI'];
+		if (preg_match('/messages\/([0-9]+)$/', $url, $regs)) {
 			$id_me = $regs[1];
 			echo "Supprimer: $id_me";
 		}
-	} else if ($method == "GET") {
-		$url = $_SERVER["REQUEST_URI"];
-		if (preg_match("/messages\/([0-9]+)$/", $url, $regs)) {
+	} elseif ($method == 'GET') {
+		$url = $_SERVER['REQUEST_URI'];
+		if (preg_match('/messages\/([0-9]+)$/', $url, $regs)) {
 			$id_me = $regs[1];
 		} else {
-			erreur_405("No message found");
+			erreur_405('No message found');
 		}
 	}
-	
+
 	if ($xml) {
-
-
-		$xml = preg_replace("/<entry[^>]*>/msU", "<entry xmlns='http://www.w3.org/2005/Atom' xmlns:thr='http://purl.org/syndication/thread/1.0'>", $xml);
-
+		$xml = preg_replace('/<entry[^>]*>/msU', "<entry xmlns='http://www.w3.org/2005/Atom' xmlns:thr='http://purl.org/syndication/thread/1.0'>", $xml);
+
 		$res = new SimpleXMLElement($xml);
 		$id = $res->id;
 
 		$id_parent = 0;
 		$summary = trim($res->summary);
 		$content = trim($res->content);
-
-		if (strlen($summary) > 0) $texte_message = $summary;
-		else $texte_message = $content;
-
-
-		if (strlen($texte_message) < 1) die ("No text");
-
-		$reply = $res->xpath("thr:in-reply-to/@ref");
+
+		if (strlen($summary) > 0) {
+			$texte_message = $summary;
+		} else {
+			$texte_message = $content;
+		}
+
+
+		if (strlen($texte_message) < 1) {
+			die('No text');
+		}
+
+		$reply = $res->xpath('thr:in-reply-to/@ref');
 		if ($reply) {
 			$reply = $reply[0];
-			if (preg_match("/message\:([0-9]+)/", $reply, $regs)) {
+			if (preg_match('/message\:([0-9]+)/', $reply, $regs)) {
 				$id_parent = $regs[1];
 			}
 		}
 
 		// creer ou modifier un message ?
 		// si on passe id = message:1234 remplacer ce message
 		// si on passe id = "uuid:azertyu" pour creer OU remplacer
-		$id_me = 0;
-		if (preg_match("/^message\:(\d+)/", $id, $regs)) {
+		$uuid = null;
+		if (preg_match('/^message\:(\d+)/', $id, $regs)) {
 			$id_me = $regs[1];
-			$uuid = null;
-		} else if (preg_match("/^uuid\:(.+)/", $id, $regs)) {
+		} elseif (preg_match('/^uuid\:(.+)/', $id, $regs)) {
 			include_spip('inc/uuid');
 			$uuid = $regs[1];
-			if (!UUID::Valid($uuid))
-				erreur_405("Error - invalid UUID format");
-		} else if (strlen($id)>0) {
-			erreur_405("Error - your ID does not match an acceptable format");
+			if (!UUID::Valid($uuid)) {
+				erreur_405('Error - invalid UUID format');
+			}
+		} elseif (strlen($id) > 0) {
+			erreur_405('Error - your ID does not match an acceptable format');
 		}
 
-		$ret = instance_me ($id_auteur, $texte_message,  $id_me, $id_parent, $time="NOW()", $uuid);
+		$ret = instance_me($id_auteur, $texte_message, $id_me, $id_parent, $time = 'NOW()', $uuid);
 
-		$id_me = $ret["id_me"];
-
-		if (!$id_me) erreur_405("Unexpected error - not saved in base");
+		$id_me = $ret['id_me'];
 
-		cache_message($id_me);
+		if (!$id_me) {
+			erreur_405('Unexpected error - not saved in base');
+		}
 
+		cache_message($id_me);
 	}
-
-	header("Content-type: application/atom+xml; charset=utf-8");
-
-	echo "<"."?xml version=\"1.0\" encoding=\"utf-8\"?>\n";
-	echo microcache($id_me, "noisettes/atom_me");
-
-	exit();
-
-}
 
+	header('Content-type: application/atom+xml; charset=utf-8');
 
+	echo '<' . "?xml version=\"1.0\" encoding=\"utf-8\"?>\n";
+	echo microcache($id_me, 'noisettes/atom_me');
 
-?>
+	exit();
+}

action/api_auteur.php

@@ -1,67 +1,62 @@
 <?php
 
-
-
 function action_api_auteur() {
 
 	$xml = false;
 
-	if (!defined('_API_HTTPS')
-	OR _API_HTTPS) {
-		if ($_SERVER['SERVER_PORT'] != 443)
-			erreur_405("Please use https");
+	if (
+		!defined('_API_HTTPS')
+		or _API_HTTPS
+	) {
+		if ($_SERVER['SERVER_PORT'] != 443) {
+			erreur_405('Please use https');
+		}
 	}
 
 	$id_auteur = $GLOBALS['visiteur_session']['id_auteur'];
-	if ($id_auteur < 1) erreur_405("Unknown user", 401);
-	$method = $_SERVER["REQUEST_METHOD"];
-
-
-	if ($method == "GET") {
-		$url = $_SERVER["REQUEST_URI"];	
-
-		if (preg_match(",/api/people/(.*)?/messages\/?([0-9]+)?,", $url, $regs)) {
+	if ($id_auteur < 1) {
+		erreur_405('Unknown user', 401);
+	}
+	$method = $_SERVER['REQUEST_METHOD'];
+
+
+	if ($method == 'GET') {
+		$url = $_SERVER['REQUEST_URI'];
+
+		if (preg_match(',/api/people/(.*)?/messages\/?([0-9]+)?,', $url, $regs)) {
 			$login = $regs[1];
 			$debut = $regs[2];
-			
-			$ret = "";
-			
-			$query = sql_select("id_auteur", "spip_auteurs", "login='$login' && statut!='nouveau' && statut != 'poubelle'");
+
+			$ret = '';
+
+			$query = sql_select('id_auteur', 'spip_auteurs', "login='$login' && statut!='nouveau' && statut != 'poubelle'");
 			if ($row = sql_fetch($query)) {
-				$id_auteur = $row["id_auteur"];
-
+				$id_auteur = $row['id_auteur'];
 
-				header("Content-type: application/atom+xml; charset=utf-8");	
-				if ($debut < 0) echo microcache($id_auteur, "noisettes/atom_messages_auteur");
-				else {
-					$contenu = recuperer_fond("noisettes/atom_messages_auteur", 
-						array(
+
+				header('Content-type: application/atom+xml; charset=utf-8');
+				if ($debut < 0) {
+					echo microcache($id_auteur, 'noisettes/atom_messages_auteur');
+				} else {
+					$contenu = recuperer_fond(
+						'noisettes/atom_messages_auteur',
+						[
 							'id' => $id_auteur,
-							"debut_messages" => $debut
-						));
+							'debut_messages' => $debut
+						]
+					);
 					echo $contenu;
 				}
-
-
 			} else {
 				erreur_405("$login not found");
 			}
-
 		} else {
-			erreur_405("Wrong URL");
+			erreur_405('Wrong URL');
 		}
-
-
-
 	} else {
-		erreur_405("Unknow method - use GET to retrieve data");
+		erreur_405('Unknow method - use GET to retrieve data');
 	}
 
-			
+
 	exit();
-
 }
-
-
-
-?>

action/api_url.php

@@ -3,8 +3,8 @@
 function action_api_url() {
 	$code = _request('code');
 
-	$site = array();
-	$messages = array();
+	$site = [];
+	$messages = [];
 	$url = '';
 
 	// md5 ?
@@ -22,27 +22,25 @@ function action_api_url() {
 
 	foreach ($site as $s) {
 		$url = $s['url_site'];
-		foreach (sql_allfetsel('*', 'spip_me_syndic', 'id_syndic='.$s['id_syndic']) as $m) {
+		foreach (sql_allfetsel('*', 'spip_me_syndic', 'id_syndic=' . $s['id_syndic']) as $m) {
 			$messages[] = intval($m['id_me']);
 		}
 	}
 
-	$rep = array(
-		'status' => (($site AND $messages) ? 'success' : 'fail'),
+	$rep = [
+		'status' => (($site and $messages) ? 'success' : 'fail'),
 		'url' => $url,
 		'messages' => $messages,
-	);
-	
+	];
+
 	@header('Content-Type: text/plain; charset=utf-8');
 	echo json_encode($rep);
-
-
 }
 
 
 function recherche_site_par_md5($code) {
 	// attention seenthis bouffe le / final d'une URL,
 	// on a donc deux md5 possibles
-	$f = sql_allfetsel('id_syndic, url_site', 'spip_syndic', '(MD5(url_site)='._q($code).' OR MD5(CONCAT(url_site,"/"))='._q($code).')');
+	$f = sql_allfetsel('id_syndic, url_site', 'spip_syndic', '(MD5(url_site)=' . _q($code) . ' OR MD5(CONCAT(url_site,"/"))=' . _q($code) . ')');
 	return $f;
 }