]>
Commit | Line | Data |
---|---|---|
e46efced | 1 | <?php |
2 | /** | |
3 | * poche, a read it later open source system | |
4 | * | |
5 | * @category poche | |
6 | * @author Nicolas Lœuillet <nicolas@loeuillet.org> | |
7 | * @copyright 2013 | |
8 | * @license http://www.wtfpl.net/ see COPYING file | |
9 | */ | |
1c182b6c | 10 | |
d178419c | 11 | if (!is_dir('db/')) { |
12 | @mkdir('db/',0705); | |
13 | } | |
14 | ||
e46efced | 15 | define ('DB_PATH', 'sqlite:./db/poche.sqlite'); |
d178419c | 16 | define ('ABS_PATH', 'assets/'); |
d06f30ef | 17 | define ('CONVERT_LINKS_FOOTNOTES', TRUE); |
64458521 | 18 | define ('DOWNLOAD_PICTURES', TRUE); |
e46efced | 19 | |
20 | include 'db.php'; | |
21 | include 'functions.php'; | |
22 | require_once 'Readability.php'; | |
23 | require_once 'Encoding.php'; | |
8046748b | 24 | require_once 'rain.tpl.class.php'; |
e4d2565e | 25 | require_once 'MyTool.class.php'; |
26 | require_once 'Session.class.php'; | |
8046748b | 27 | |
28 | $db = new db(DB_PATH); | |
29 | ||
e4d2565e | 30 | # initialisation de RainTPL |
8046748b | 31 | raintpl::$tpl_dir = './tpl/'; |
32 | raintpl::$cache_dir = './cache/'; | |
33 | raintpl::$base_url = get_poche_url(); | |
34 | raintpl::configure('path_replace', false); | |
35 | raintpl::configure('debug', false); | |
cf3180f6 | 36 | $tpl = new raintpl(); |
37 | ||
e4d2565e | 38 | # initialize session |
39 | Session::init(); | |
40 | # XSRF protection with token | |
41 | if (!empty($_POST)) { | |
42 | if (!Session::isToken($_POST['token'])) { | |
43 | die('Wrong token.'); | |
44 | } | |
45 | unset($_SESSION['tokens']); | |
46 | } | |
47 | ||
48 | $ref = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER']; | |
49 | ||
50 | if (isset($_GET['login'])) { | |
51 | // Login | |
52 | if (!empty($_POST['login']) && !empty($_POST['password'])) { | |
53 | if (Session::login('poche', 'poche', $_POST['login'], $_POST['password'])) { | |
54 | if (!empty($_POST['longlastingsession'])) { | |
55 | $_SESSION['longlastingsession'] = 31536000; | |
56 | $_SESSION['expires_on'] = time() + $_SESSION['longlastingsession']; | |
57 | session_set_cookie_params($_SESSION['longlastingsession']); | |
58 | } else { | |
59 | session_set_cookie_params(0); // when browser closes | |
60 | } | |
61 | session_regenerate_id(true); | |
cf3180f6 | 62 | |
e4d2565e | 63 | MyTool::redirect(); |
64 | } | |
65 | logm('login failed'); | |
66 | die("Login failed !"); | |
67 | } else { | |
68 | logm('login successful'); | |
69 | } | |
70 | } | |
71 | elseif (isset($_GET['logout'])) { | |
72 | logm('logout'); | |
73 | Session::logout(); | |
74 | MyTool::redirect(); | |
139769aa | 75 | } |
76 | ||
77 | # Traitement des paramètres et déclenchement des actions | |
9fee2e72 | 78 | $view = (isset ($_REQUEST['view'])) ? htmlentities($_REQUEST['view']) : 'index'; |
139769aa | 79 | $action = (isset ($_REQUEST['action'])) ? htmlentities($_REQUEST['action']) : ''; |
139769aa | 80 | $_SESSION['sort'] = (isset ($_REQUEST['sort'])) ? htmlentities($_REQUEST['sort']) : 'id'; |
81 | $id = (isset ($_REQUEST['id'])) ? htmlspecialchars($_REQUEST['id']) : ''; | |
82 | $url = (isset ($_GET['url'])) ? $_GET['url'] : ''; | |
e4d2565e | 83 | |
84 | $tpl->assign('isLogged', Session::isLogged()); | |
85 | $tpl->assign('referer', $ref); | |
86 | $tpl->assign('view', $view); | |
87 | $tpl->assign('poche_url', get_poche_url()); | |
139769aa | 88 | |
89 | if ($action != '') { | |
e4d2565e | 90 | action_to_do($action, $url, $id); |
1c182b6c | 91 | } |