add php8 compatibility

README.md

@@ -4,7 +4,7 @@ Buddylink is a simple personal/shared Reading list/Bookmark manager self hosted
 ## Install and upgrade
 ### Requirements
 - apache 2.4 (or Nginx)
-- php 7.4
+- php 8.0
 
 ### Installation
 Copy the files in the folder and give access to public. Default user is superadmin/superadmin
@@ -28,7 +28,7 @@ https://chromewebstore.google.com/detail/buddylink/heipdpcackofcbgicienckpjeopod
 - [x] manage sharing tab between users of same group
 
 ## Modules
-- Fat-Free Framework 3.7 (https://fatfreeframework.com)
+- Fat-Free Framework 3.8.2 (https://fatfreeframework.com)
 - Font Awesome Free 6.3.0 (https://fontawesome.com)
 - Bootstrap 5.0.2 (https://getbootstrap.com/)
 - jQuery 3.6.0 (https://jquery.com/)

app/authentication.php

@@ -9,6 +9,11 @@ function loginpage($f3) {
 		if(empty($f3->get('SESSION.token'))){
 			$f3->set('SESSION.token', $token);
 			$f3->set('token', $token);
+		}else{
+			$f3->clear('SESSION');
+			$f3->clear('COOKIE');
+			$f3->set('SESSION.token', $token);
+			$f3->set('token', $token);
 		}
 
 		echo Template::instance()->render('login.html');
@@ -65,35 +70,48 @@ function logout($f3) {
 
 		$f3->clear('SESSION');
 		$requestpage = $f3->get('COOKIE.requestpage');
+		//remove cookie from browser
+		if(!empty($_COOKIE)){
+			foreach(array_keys($_COOKIE) as $key){
+				setcookie($key, '', time() - 3600); // empty value and old timestamp
+			}
+		}
 		$f3->clear('COOKIE');
 		$f3->set('COOKIE.requestpage', $requestpage, 1296000);
 
 		$f3->reroute('/login');
 	}
 
 	function checklogged($f3) {
+		$audit = \Audit::instance();
+		$f3->set('isdesktop', $audit->isdesktop());
+
 		$session_username = $f3->get('SESSION.username');
 		$session_token = $f3->get('SESSION.token');
+
 		$f3->set('COOKIE.requestpage', $f3->get('REALM'), 1296000);
 
 		$user_present = $f3->get('DB')->exec('SELECT * FROM user WHERE user_id=?', $session_username);
-
-		$user_data = $f3->get('DB')->exec('SELECT * FROM user_session WHERE user_id=? and token=?', array($session_username, $session_token));
-		$user_data = $user_data[0];
-
-		if (!empty($user_present) && !empty($session_token) && !empty($session_username) && !empty($user_data['token_expire']) && strtotime($user_data['token_expire']) >= strtotime(date('Y-m-d H:i:s'))) {
-			$exipration_date = date('Y-m-d H:i:s', strtotime('+15 day', strtotime(date("Y-m-d H:i:s"))));
-			$f3->get('DB')->exec('UPDATE user_session SET token_expire = ? WHERE id=?', array($exipration_date, $user_data['id']));
-			$active_user = $f3->get('DB')->exec('SELECT * FROM user WHERE user_id=?', $session_username);
-			$f3->set('active_user', array('user_id' => $active_user[0]['user_id'], 'bearer' => $active_user[0]['bearer'], 'password' => $active_user[0]['password'], 'group_id' => $active_user[0]['group_id'], 'superadmin' => $active_user[0]['superadmin']));
-
-			$f3->set('COOKIE.requestpage', $f3->get('REALM'), 1296000);
-
-			return true;
-		} else {
+
+		if(!empty($user_present) && !empty($session_token) && !empty($session_username)){
+			$user_data = $f3->get('DB')->exec('SELECT * FROM user_session WHERE user_id=? and token=?', array($session_username, $session_token));
+			$user_data = $user_data[0];
+
+			if (!empty($user_data['token_expire']) && strtotime($user_data['token_expire']) >= strtotime(date('Y-m-d H:i:s'))) {
+				$exipration_date = date('Y-m-d H:i:s', strtotime('+15 day', strtotime(date("Y-m-d H:i:s"))));
+				$f3->get('DB')->exec('UPDATE user_session SET token_expire = ? WHERE id=?', array($exipration_date, $user_data['id']));
+				$active_user = $f3->get('DB')->exec('SELECT * FROM user WHERE user_id=?', $session_username);
+				$f3->set('active_user', array('user_id' => $active_user[0]['user_id'], 'bearer' => $active_user[0]['bearer'], 'password' => $active_user[0]['password'], 'group_id' => $active_user[0]['group_id'], 'superadmin' => $active_user[0]['superadmin']));
+
+				$f3->set('COOKIE.requestpage', $f3->get('REALM'), 1296000);
+				return true;
+			} else {
+				$f3->set('COOKIE.requestpage', $f3->get('REALM'), 1296000);
+				return false;
+			}
+		}else{
 			$f3->set('COOKIE.requestpage', $f3->get('REALM'), 1296000);
-
-			return false;
+			return false;	
 		}
 	}
 }

app/privatepages.php

@@ -130,110 +130,4 @@ function linkedit($f3) {
 
 		$f3->reroute($f3->get('URI'));
 	}
-
-	function settings($f3) {
-		$current_user = $f3->get('active_user');
-
-		$f3->set('content', 'private-settings.html');
-	}
-
-	function settingsedit($f3) {
-		$current_user = $f3->get('active_user');
-		$task = $f3->get('POST.task');
-
-		if ($task == 'token-refresh') {
-			$check = true;
-			while ($check) {
-				$bearer = $this->generateRandomString(50);
-				$result = $f3->get('DB')->exec("SELECT count(1) as occurence FROM user WHERE bearer=?", $bearer);
-				if ($result[0]['occurence'] == 0) {
-					$check = false;
-				}
-			}
-			$f3->get('DB')->exec("UPDATE user SET bearer=? where user_id=?", array($bearer, $current_user['user_id']));
-		} elseif ($task == 'password-change') {
-			$password_old = $f3->get('POST.password-old');
-			$password_new = $f3->get('POST.password-new');
-
-			if ($this->encriptDecript($f3, $current_user['password'], 'd') !== $password_old) {
-				$f3->reroute('/settings?status=password-error');
-			} else {
-				$f3->get('DB')->exec("UPDATE user SET password=? where user_id=?", array($this->encriptDecript($f3, $password_new), $current_user['user_id']));
-				$f3->reroute('/settings?status=password-changed');
-			}
-		}
-
-		$f3->reroute('/settings');
-	}
-
-	function supersettings($f3) {
-		$current_user = $f3->get('active_user');
-
-		if($current_user['superadmin'] != 1){
-			$f3->reroute("/");
-		}
-
-		$result = $f3->get('DB')->exec("SELECT count(1) as rows FROM user_session WHERE token_expire>=?", date("Y-m-d H:i:s"));
-		$f3->set('active_session', $result[0]['rows']);
-
-		$results = $f3->get('DB')->exec("SELECT * FROM user");
-		$f3->set('users', $results);
-
-		$f3->set('content', 'private-super-settings.html');
-	}
-
-	function supersettingsedit($f3) {
-		$current_user = $f3->get('active_user');
-		$task = $f3->get('POST.task');
-
-		if($current_user['superadmin'] != 1){
-			$f3->reroute("/");
-		}
-
-		if ($task == 'delete') {
-			$user_id = $f3->get('POST.delete-id');
-
-			$f3->get('DB')->exec("DELETE FROM user WHERE id = ?", $user_id);
-		} elseif ($task == 'edit') {
-			$user_id = $f3->get('POST.user-id');
-
-			if ($user_id == 0) {
-				$result = $f3->get('DB')->exec("SELECT count(1) as rows FROM user WHERE user_id = ?", $f3->get('POST.user-user'));
-				if ($result[0]['rows'] > 0) {
-					$f3->reroute('/supersettings?result=same-userid');
-				}
-				if ($f3->get('POST.user-superadmin') == '1') {
-					$f3->get('DB')->exec("INSERT INTO user(user_id, group_id, password, bearer, superadmin) VALUES(?,?,?,?,?)",
-						array($f3->get('POST.user-user'), $f3->get('POST.user-group'), $this->encriptDecript($f3, $f3->get('POST.user-password')), $this->generateRandomString(50), 1));
-				} else {
-					$f3->get('DB')->exec("INSERT INTO user(user_id, group_id, password, bearer, superadmin) VALUES(?,?,?,?,?)",
-						array($f3->get('POST.user-user'), $f3->get('POST.user-group'), $this->encriptDecript($f3, $f3->get('POST.user-password')), $this->generateRandomString(50), 0));
-				}
-			} else {
-				if ($f3->get('POST.user-password') != '') {
-					$f3->get('DB')->exec("UPDATE user SET password=? WHERE id=?", array($this->encriptDecript($f3, $f3->get('POST.user-password')), $user_id));
-				}
-				if ($f3->get('POST.user-superadmin') == '1') {
-					$f3->get('DB')->exec("UPDATE user SET superadmin=? WHERE id=?",
-						array(1, $user_id));
-				} else {
-					$f3->get('DB')->exec("UPDATE user SETsuperadmin=? WHERE id=?",
-						array(0, $user_id));
-				}
-			}
-		} elseif ($task == 'end-session') {
-			$f3->get('DB')->exec("DELETE FROM user_session");
-			$f3->get('DB')->exec("UPDATE sqlite_sequence SET seq=? where name=?", array(1, 'user_session'));
-		} elseif ($task == 'delete-campaign-hits') {
-			$f3->get('DB')->exec("UPDATE campaign SET hit=0");
-		} elseif ($task == 'delete-data-visit') {
-			$f3->get('DB')->exec("DELETE FROM visitor");
-			$f3->get('DB')->exec("DELETE FROM page_view");
-			$f3->get('DB')->exec("UPDATE sqlite_sequence SET seq=? where name=?", array(1, 'page_view'));
-			$f3->get('DB')->exec("DELETE FROM referrer");
-			$f3->get('DB')->exec("UPDATE sqlite_sequence SET seq=? where name=?", array(1, 'referrer'));
-		}
-
-		$f3->reroute('/supersettings');
-	}
 }

app/routes.ini

@@ -21,7 +21,7 @@ POST /login=authentication->login
 GET /logout=authentication->logout
 GET /checklogged=authentication->getloginapi
 
-GET /supersettings=privatepages->supersettings
-POST /supersettings=privatepages->supersettingsedit
-GET /settings=privatepages->settings
-POST /settings=privatepages->settingsedit
+GET /supersettings=settings->supersettings
+POST /supersettings=settings->supersettingsedit
+GET /settings=settings->settings
+POST /settings=settings->settingsedit

app/settings.php

@@ -0,0 +1,116 @@
+<?php
+class settings extends privatepages {
+	function settings($f3) {
+		$current_user = $f3->get('active_user');
+
+		$f3->set('password_change', $f3->get('GET.status'));
+
+		$result = $f3->get('DB')->exec("SELECT bearer FROM user WHERE user_id = ?", $current_user['user_id']);
+		$f3->set('bearer', $result[0]['bearer']);
+
+		$f3->set('content', 'private-settings.html');
+	}
+
+	function settingsedit($f3) {
+		$current_user = $f3->get('active_user');
+		$task = $f3->get('POST.task');
+
+		if ($task == 'token-refresh') {
+			$check = true;
+			while ($check) {
+				$bearer = $this->generateRandomString(50);
+				$result = $f3->get('DB')->exec("SELECT count(1) as occurence FROM user WHERE bearer=?", $bearer);
+				if ($result[0]['occurence'] == 0) {
+					$check = false;
+				}
+			}
+			$f3->get('DB')->exec("UPDATE user SET bearer=? where user_id=?", array($bearer, $current_user['user_id']));
+		} elseif ($task == 'password-change') {
+			$password_old = $f3->get('POST.password-old');
+			$password_new = $f3->get('POST.password-new');
+
+			if ($this->encriptDecript($f3, $current_user['password'], 'd') !== $password_old) {
+				$f3->set('password_error', true);
+				$this->settings($f3);
+			} else {
+				$f3->get('DB')->exec("UPDATE user SET password=? where user_id=?", array($this->encriptDecript($f3, $password_new), $current_user['user_id']));
+				$f3->set('password_changed',true);
+				$this->settings($f3);
+			}
+		}
+
+		$f3->reroute('/settings');
+	}
+
+	function supersettings($f3) {
+		$current_user = $f3->get('active_user');
+
+		if($current_user['superadmin'] != 1){
+			$f3->reroute("/");
+		}
+		$result = $f3->get('DB')->exec("SELECT count(1) as rows FROM user_session WHERE token_expire>=?", date("Y-m-d H:i:s"));
+		$f3->set('active_session', $result[0]['rows']);
+
+		$results = $f3->get('DB')->exec("SELECT * FROM user");
+		$f3->set('users', $results);
+
+		$f3->set('content', 'private-super-settings.html');
+	}
+
+	function supersettingsedit($f3) {
+		$current_user = $f3->get('active_user');
+
+		if($current_user['superadmin'] != 1){
+			$f3->reroute("/");
+		}
+
+		$task = $f3->get('POST.task');
+
+		if ($task == 'delete') {
+			$user_id = $f3->get('POST.delete-id');
+
+			$f3->get('DB')->exec("DELETE FROM user WHERE id = ?", $user_id);
+		} elseif ($task == 'edit') {
+			$user_id = $f3->get('POST.user-id');
+
+			if ($user_id == 0) {
+				$result = $f3->get('DB')->exec("SELECT count(1) as rows FROM user WHERE user_id = ?", $f3->get('POST.user-user'));
+				if ($result[0]['rows'] > 0) {
+					$f3->set('same_userid', true);
+					$this->supersettings($f3);
+				}
+				if ($f3->get('POST.user-superadmin') == '1') {
+					$f3->get('DB')->exec("INSERT INTO user(user_id, group_id, password, bearer, superadmin) VALUES(?,?,?,?,?)",
+						array($f3->get('POST.user-user'), $f3->get('POST.user-group'), $this->encriptDecript($f3, $f3->get('POST.user-password')), $this->generateRandomString(50), 1));
+				} else {
+					$f3->get('DB')->exec("INSERT INTO user(user_id, group_id, password, bearer, superadmin) VALUES(?,?,?,?,?)",
+						array($f3->get('POST.user-user'), $f3->get('POST.user-group'), $this->encriptDecript($f3, $f3->get('POST.user-password')), $this->generateRandomString(50), 0));
+				}
+			} else {
+				if ($f3->get('POST.user-password') != '') {
+					$f3->get('DB')->exec("UPDATE user SET password=? WHERE id=?", array($this->encriptDecript($f3, $f3->get('POST.user-password')), $user_id));
+				}
+				if ($f3->get('POST.user-superadmin') == '1') {
+					$f3->get('DB')->exec("UPDATE user SET group_id=?, superadmin=? WHERE id=?",
+						array($f3->get('POST.user-group'), 1, $user_id));
+				} else {
+					$f3->get('DB')->exec("UPDATE user SET group_id=?, superadmin=? WHERE id=?",
+						array($f3->get('POST.user-group'), 0, $user_id));
+				}
+			}
+		} elseif ($task == 'end-session') {
+			$f3->get('DB')->exec("DELETE FROM user_session");
+			$f3->get('DB')->exec("UPDATE sqlite_sequence SET seq=? where name=?", array(1, 'user_session'));
+		} elseif ($task == 'delete-campaign-hits') {
+			$f3->get('DB')->exec("UPDATE campaign SET hit=0");
+		} elseif ($task == 'delete-data-visit') {
+			$f3->get('DB')->exec("DELETE FROM visitor");
+			$f3->get('DB')->exec("DELETE FROM page_view");
+			$f3->get('DB')->exec("UPDATE sqlite_sequence SET seq=? where name=?", array(1, 'page_view'));
+			$f3->get('DB')->exec("DELETE FROM referrer");
+			$f3->get('DB')->exec("UPDATE sqlite_sequence SET seq=? where name=?", array(1, 'referrer'));
+		}
+
+		$f3->reroute('/supersettings');
+	}
+}

public/service-worker.js

@@ -1,13 +1,3 @@
 self.addEventListener('activate', event => {
 	console.log("Service Worker Avviato");
-});
-
-// Service Worker fetch event
-self.addEventListener('fetch', (event) => {
-	event.respondWith(
-		caches.match(event.request).then((response) => {
-			// Check if the request is in the cache
-			return response || fetch(event.request);
-		})
-	);
 });

ui/login.html

@@ -56,7 +56,7 @@ <h3>{{@site['title']}}</h3>
 
 		<div class="card shadow-lg">
 			<div class="card-body">
-				<check if="{{ @login_error }}">
+				<check if="{{ isset(@login_error) }}">
 					<true>
 						<div class="alert alert-danger">
 							<i class="icon fas fa-ban"></i> Error during login

ui/private-item.html

@@ -56,7 +56,7 @@
 				<repeat group="{{@link_list}}" value="{{@item}}">
 					<li data-id="{{ @item['id'] }}" class="shadow">
 						<div class="row ml-2 text-truncate">
-							<h6 class="mb-0"><img src="https://www.google.com/s2/favicons?domain={{@item['link']}}&sz=32" alt="{{@item['name']}} favicon"> <a href="{{@item['link']}}" target="_blank" class="link-yellow"><span class="name">{{@item['name']}}</span> (<span class="link">{{@item['link']}}</span>)</a></h6>
+							<h6 class="mb-0"><img src="https://www.google.com/s2/favicons?domain={{@item['link']}}&sz=32" alt="{{@item['name']}} favicon"> <a href="{{@item['link']}}" target="_blank" class="link-yellow"><span class="name">{{@item['name']}}</span><check if="{{@isdesktop}}"><true> (<span class="link">{{@item['link']}}</span>)</true></check></a></h6>
 							<div class="row mt-1 d-flex justify-content-between">
 								<div class="col-md-4">
 									<check if="{{@item['share'] == 1}}">

ui/private-settings.html

@@ -28,7 +28,7 @@ <h1 class="h2">Settings</h1>
 		<div class="col-12">
 			<label class="form-label">Change password</label>
 			<div class="mb-3">
-				<input type="password" class="form-control mb-3 <check if='{{ @GET.status == "password-error"}}'><true>is-invalid</true></check>" name="password-old" placeholder="Old password" required>
+				<input type="password" class="form-control mb-3 <check if='{{ isset(@password_error) }}'><true>is-invalid</true></check>" name="password-old" placeholder="Old password" required>
 				<div class="invalid-feedback">
 					Provided password is different from saved one. No chage password was made
 				</div>
@@ -51,7 +51,7 @@ <h1 class="h2">Settings</h1>
 			</div>
 		</div>
 	</form>
-	<check if='{{ @GET.status == "password-changed"}}'>
+	<check if='{{ isset(@password_changed) }}'>
 		<true>
 			<div style="text-align: right;" class="text-success">Password changed</div>
 		</true>

ui/private-super-settings.html

@@ -40,7 +40,7 @@ <h1 class="h2">Super settings</h1>
 	<div class="col-12 d-flex justify-content-end">
 		<button type="button" class="btn btn-tool" data-bs-toggle="modal" data-bs-target="#user-modal-edit"><i class="fa-regular fa-square-plus"></i></button>
 	</div>
-	<check if='{{ @GET.status == "same-userid"}}'>
+	<check if='{{ isset(@same_userid) }}'>
 		<true>
 			<div style="text-align: right;" class="text-danger">User not created: duplicated user_id</div>
 		</true>