From 2ae0b7059f2ed56b92a8f396c63224b36f71df09 Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <noreply@fakecake.org>
Date: Tue, 23 Feb 2021 09:01:27 +0300
Subject: [PATCH] cleanup some defined-stuff

---
 api/index.php                   | 18 +-----------------
 classes/auth/base.php           |  2 +-
 classes/config.php              |  6 ++++++
 classes/db.php                  |  2 +-
 classes/pref/prefs.php          |  4 ++--
 classes/rpc.php                 |  2 +-
 classes/rssutils.php            |  8 ++++----
 classes/urlhelper.php           | 14 +++++++-------
 include/sessions.php            |  6 ++----
 plugins/af_redditimgur/init.php |  4 ++--
 plugins/af_unburn/init.php      |  8 ++++----
 plugins/auth_remote/init.php    |  2 +-
 12 files changed, 32 insertions(+), 44 deletions(-)

diff --git a/api/index.php b/api/index.php
index d1e02bbd4..4e2c06b9d 100644
--- a/api/index.php
+++ b/api/index.php
@@ -8,7 +8,6 @@
 
 	chdir("..");
 
-	define('TTRSS_SESSION_NAME', 'ttrss_api_sid');
 	define('NO_SESSION_AUTOSTART', true);
 
 	require_once "autoload.php";
@@ -20,26 +19,11 @@
 
 	ob_start();
 
-	$input = file_get_contents("php://input");
-
-	if (defined('_API_DEBUG_HTTP_ENABLED') && _API_DEBUG_HTTP_ENABLED) {
-		// Override $_REQUEST with JSON-encoded data if available
-		// fallback on HTTP parameters
-		if ($input) {
-			$input = json_decode($input, true);
-			if ($input) $_REQUEST = $input;
-		}
-	} else {
-		// Accept JSON only
-		$input = json_decode((string)$input, true);
-		$_REQUEST = $input;
-	}
+	$_REQUEST = json_decode((string)file_get_contents("php://input"), true);
 
 	if (!empty($_REQUEST["sid"])) {
 		session_id($_REQUEST["sid"]);
 		@session_start();
-	} else if (defined('_API_DEBUG_HTTP_ENABLED')) {
-		@session_start();
 	}
 
 	startup_gettext();
diff --git a/classes/auth/base.php b/classes/auth/base.php
index d54e9d8a2..f18cc2d2d 100644
--- a/classes/auth/base.php
+++ b/classes/auth/base.php
@@ -16,7 +16,7 @@ abstract class Auth_Base extends Plugin implements IAuthModule {
 	// Auto-creates specified user if allowed by system configuration
 	// Can be used instead of find_user_by_login() by external auth modules
 	function auto_create_user(string $login, $password = false) {
-		if ($login && defined('AUTH_AUTO_CREATE') && AUTH_AUTO_CREATE) {
+		if ($login && Config::get(Config::AUTH_AUTO_CREATE)) {
 			$user_id = UserHelper::find_user_by_login($login);
 
 			if (!$user_id) {
diff --git a/classes/config.php b/classes/config.php
index 6f62863e9..e7455daab 100644
--- a/classes/config.php
+++ b/classes/config.php
@@ -47,6 +47,9 @@ class Config {
 	const MAX_CONDITIONAL_INTERVAL = "MAX_CONDITIONAL_INTERVAL";
 	const DAEMON_UNSUCCESSFUL_DAYS_LIMIT = "DAEMON_UNSUCCESSFUL_DAYS_LIMIT";
 	const LOG_SENT_MAIL = "LOG_SENT_MAIL";
+	const HTTP_PROXY = "HTTP_PROXY";
+	const FORBID_PASSWORD_CHANGES = "FORBID_PASSWORD_CHANGES";
+	const TTRSS_SESSION_NAME = "TTRSS_SESSION_NAME";
 
 	private const _DEFAULTS = [
 		Config::DB_TYPE => "pgsql",
@@ -92,6 +95,9 @@ class Config {
 		Config::MAX_CONDITIONAL_INTERVAL => 3600*12,
 		Config::DAEMON_UNSUCCESSFUL_DAYS_LIMIT => 30,
 		Config::LOG_SENT_MAIL => "",
+		Config::HTTP_PROXY => "",
+		Config::FORBID_PASSWORD_CHANGES => "",
+		Config::TTRSS_SESSION_NAME => "ttrss_sid",
 	];
 
 	private static $instance;
diff --git a/classes/db.php b/classes/db.php
index cbfb9e598..a760d4402 100755
--- a/classes/db.php
+++ b/classes/db.php
@@ -41,7 +41,7 @@ class Db
 		} else if (Config::get(Config::DB_TYPE) == "mysql") {
 			$pdo->query("SET time_zone = '+0:0'");
 
-			if (defined('Config::get(Config::MYSQL_CHARSET)') && Config::get(Config::MYSQL_CHARSET)) {
+			if (Config::get(Config::MYSQL_CHARSET)) {
 				$pdo->query("SET NAMES " . Config::get(Config::MYSQL_CHARSET));
 			}
 		}
diff --git a/classes/pref/prefs.php b/classes/pref/prefs.php
index 1ca5b28be..7ee03c21f 100644
--- a/classes/pref/prefs.php
+++ b/classes/pref/prefs.php
@@ -123,8 +123,8 @@ class Pref_Prefs extends Handler_Protected {
 
 	function changepassword() {
 
-		if (defined('_TTRSS_DEMO_INSTANCE')) {
-			print "ERROR: ".format_error("Disabled in demo version.");
+		if (Config::get(Config::FORBID_PASSWORD_CHANGES)) {
+			print "ERROR: ".format_error("Access forbidden.");
 			return;
 		}
 
diff --git a/classes/rpc.php b/classes/rpc.php
index 4aa3f69d5..52d514aae 100755
--- a/classes/rpc.php
+++ b/classes/rpc.php
@@ -329,7 +329,7 @@ class RPC extends Handler_Protected {
 
 		get_version($git_commit, $git_timestamp);
 
-		if (defined('Config::get(Config::CHECK_FOR_UPDATES)') && Config::get(Config::CHECK_FOR_UPDATES) && $_SESSION["access_level"] >= 10 && $git_timestamp) {
+		if (Config::get(Config::CHECK_FOR_UPDATES) && $_SESSION["access_level"] >= 10 && $git_timestamp) {
 			$content = @UrlHelper::fetch(["url" => "https://tt-rss.org/version.json"]);
 
 			if ($content) {
diff --git a/classes/rssutils.php b/classes/rssutils.php
index 5dcbb48d6..6479d9f97 100755
--- a/classes/rssutils.php
+++ b/classes/rssutils.php
@@ -1583,13 +1583,13 @@ class RSSUtils {
 	}
 
 	static function disable_failed_feeds() {
-		if (defined('DAEMON_UNSUCCESSFUL_DAYS_LIMIT') && DAEMON_UNSUCCESSFUL_DAYS_LIMIT > 0) {
+		if (Config::get(Config::DAEMON_UNSUCCESSFUL_DAYS_LIMIT) > 0) {
 
 			$pdo = Db::pdo();
 
 			$pdo->beginTransaction();
 
-			$days = DAEMON_UNSUCCESSFUL_DAYS_LIMIT;
+			$days = Config::get(Config::DAEMON_UNSUCCESSFUL_DAYS_LIMIT);
 
 			if (Config::get(Config::DB_TYPE) == "pgsql") {
 				$interval_query = "last_successful_update < NOW() - INTERVAL '$days days' AND last_updated > NOW() - INTERVAL '1 days'";
@@ -1606,10 +1606,10 @@ class RSSUtils {
 			while ($row = $sth->fetch()) {
 				Logger::get()->log(E_USER_NOTICE,
 					sprintf("Auto disabling feed %d (%s, UID: %d) because it failed to update for %d days.",
-						$row["id"], clean($row["title"]), $row["owner_uid"], DAEMON_UNSUCCESSFUL_DAYS_LIMIT));
+						$row["id"], clean($row["title"]), $row["owner_uid"], Config::get(Config::DAEMON_UNSUCCESSFUL_DAYS_LIMIT)));
 
 				Debug::log(sprintf("Auto-disabling feed %d (%s) (failed to update for %d days).", $row["id"],
-					clean($row["title"]), DAEMON_UNSUCCESSFUL_DAYS_LIMIT));
+					clean($row["title"]), Config::get(Config::DAEMON_UNSUCCESSFUL_DAYS_LIMIT)));
 			}
 
 			$sth = $pdo->prepare("UPDATE ttrss_feeds SET update_interval = -1 WHERE
diff --git a/classes/urlhelper.php b/classes/urlhelper.php
index 42aa069e6..bf2e22a76 100644
--- a/classes/urlhelper.php
+++ b/classes/urlhelper.php
@@ -123,9 +123,9 @@ class UrlHelper {
 					 'protocol_version'=> 1.1)
 				);
 
-			if (defined('_HTTP_PROXY')) {
+			if (Config::get(Config::HTTP_PROXY)) {
 				$context_options['http']['request_fulluri'] = true;
-				$context_options['http']['proxy'] = _HTTP_PROXY;
+				$context_options['http']['proxy'] = Config::get(Config::HTTP_PROXY);
 			}
 
 			$context = stream_context_create($context_options);
@@ -231,7 +231,7 @@ class UrlHelper {
 			return false;
 		}
 
-		if (!defined('NO_CURL') && function_exists('curl_init') && !ini_get("open_basedir")) {
+		if (function_exists('curl_init') && !ini_get("open_basedir")) {
 
 			$fetch_curl_used = true;
 
@@ -283,8 +283,8 @@ class UrlHelper {
 				curl_setopt($ch, CURLOPT_COOKIEJAR, "/dev/null");
 			}
 
-			if (defined('_HTTP_PROXY')) {
-				curl_setopt($ch, CURLOPT_PROXY, _HTTP_PROXY);
+			if (Config::get(Config::HTTP_PROXY)) {
+				curl_setopt($ch, CURLOPT_PROXY, Config::get(Config::HTTP_PROXY));
 			}
 
 			if ($post_query) {
@@ -408,9 +408,9 @@ class UrlHelper {
 			if ($http_referrer)
 				array_push($context_options['http']['header'], "Referer: $http_referrer");
 
-			if (defined('_HTTP_PROXY')) {
+			if (Config::get(Config::HTTP_PROXY)) {
 				$context_options['http']['request_fulluri'] = true;
-				$context_options['http']['proxy'] = _HTTP_PROXY;
+				$context_options['http']['proxy'] = Config::get(Config::HTTP_PROXY);
 			}
 
 			$context = stream_context_create($context_options);
diff --git a/include/sessions.php b/include/sessions.php
index 8b7de0ac7..84b1d722a 100644
--- a/include/sessions.php
+++ b/include/sessions.php
@@ -1,15 +1,13 @@
 <?php
 	namespace Sessions;
 
-	// Original from http://www.daniweb.com/code/snippet43.html
-
 	require_once "autoload.php";
 	require_once "functions.php";
 	require_once "errorhandler.php";
 	require_once "lib/gettext/gettext.inc.php";
 
 	$session_expire = min(2147483647 - time() - 1, max(\Config::get(\Config::SESSION_COOKIE_LIFETIME), 86400));
-	$session_name = (!defined('TTRSS_SESSION_NAME')) ? "ttrss_sid" : TTRSS_SESSION_NAME;
+	$session_name = \Config::get(\Config::TTRSS_SESSION_NAME);
 
 	if (is_server_https()) {
 		ini_set("session.cookie_secure", "true");
@@ -48,7 +46,7 @@
 
 		if (!empty($_SESSION["uid"])) {
 
-			if (!defined('_SESSION_SKIP_UA_CHECKS') && $_SESSION["user_agent"] != sha1($_SERVER['HTTP_USER_AGENT'])) {
+			if ($_SESSION["user_agent"] != sha1($_SERVER['HTTP_USER_AGENT'])) {
 				$_SESSION["login_error_msg"] = __("Session failed to validate (UA changed).");
 				return false;
 			}
diff --git a/plugins/af_redditimgur/init.php b/plugins/af_redditimgur/init.php
index 7d5aeff5a..1aa4793ea 100755
--- a/plugins/af_redditimgur/init.php
+++ b/plugins/af_redditimgur/init.php
@@ -701,7 +701,7 @@ class Af_RedditImgur extends Plugin {
 	private function get_header($url, $header, $useragent = SELF_USER_AGENT) {
 		$ret = false;
 
-		if (function_exists("curl_init") && !defined("NO_CURL")) {
+		if (function_exists("curl_init")) {
 			$ch = curl_init($url);
 			curl_setopt($ch, CURLOPT_TIMEOUT, 5);
 			curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
@@ -727,7 +727,7 @@ class Af_RedditImgur extends Plugin {
 
 	private function readability($article, $url, $doc, $xpath, $debug = false) {
 
-		if (!defined('NO_CURL') && function_exists("curl_init") && $this->host->get($this, "enable_readability") &&
+		if (function_exists("curl_init") && $this->host->get($this, "enable_readability") &&
 			mb_strlen(strip_tags($article["content"])) <= 150) {
 
 			// do not try to embed posts linking back to other reddit posts
diff --git a/plugins/af_unburn/init.php b/plugins/af_unburn/init.php
index 4d0c56740..386b6387f 100755
--- a/plugins/af_unburn/init.php
+++ b/plugins/af_unburn/init.php
@@ -21,7 +21,7 @@ class Af_Unburn extends Plugin {
 	function hook_article_filter($article) {
 		$owner_uid = $article["owner_uid"];
 
-		if (defined('NO_CURL') || !function_exists("curl_init") || ini_get("open_basedir"))
+		if (!function_exists("curl_init") || ini_get("open_basedir"))
 			return $article;
 
 		if ((strpos($article["link"], "feedproxy.google.com") !== false ||
@@ -37,8 +37,8 @@ class Af_Unburn extends Plugin {
 				curl_setopt($ch, CURLOPT_NOBODY, true);
 				curl_setopt($ch, CURLOPT_USERAGENT, SELF_USER_AGENT);
 
-				if (defined('_CURL_HTTP_PROXY')) {
-					curl_setopt($ch, CURLOPT_PROXY, _CURL_HTTP_PROXY);
+				if (Config::get(Config::HTTP_PROXY)) {
+					curl_setopt($ch, CURLOPT_PROXY, Config::get(Config::HTTP_PROXY));
 				}
 
 				@curl_exec($ch);
@@ -80,4 +80,4 @@ class Af_Unburn extends Plugin {
 		return 2;
 	}
 
-}
\ No newline at end of file
+}
diff --git a/plugins/auth_remote/init.php b/plugins/auth_remote/init.php
index 85be67d05..f2dcfb318 100644
--- a/plugins/auth_remote/init.php
+++ b/plugins/auth_remote/init.php
@@ -56,7 +56,7 @@ class Auth_Remote extends Auth_Base {
 				$_SESSION["hide_logout"] = true;
 
 				// LemonLDAP can send user informations via HTTP HEADER
-				if (defined('AUTH_AUTO_CREATE') && AUTH_AUTO_CREATE){
+				if (Config::get(Config::AUTH_AUTO_CREATE)) {
 					// update user name
 					$fullname = isset($_SERVER['HTTP_USER_NAME']) ? $_SERVER['HTTP_USER_NAME'] : ($_SERVER['AUTHENTICATE_CN'] ?? "");
 					if ($fullname){