]>
Commit | Line | Data |
---|---|---|
1a268ba7 NL |
1 | <?php |
2 | /** | |
3 | * poche, a read it later open source system | |
4 | * | |
5 | * @category poche | |
421b65eb | 6 | * @author Nicolas Lœuillet <support@inthepoche.com> |
1a268ba7 NL |
7 | * @copyright 2013 |
8 | * @license http://www.wtfpl.net/ see COPYING file | |
9 | */ | |
10 | ||
eb1af592 | 11 | include dirname(__FILE__).'/inc/poche/config.inc.php'; |
1a268ba7 | 12 | |
a1953dff | 13 | # XSRF protection with token |
4f5b44bd NL |
14 | // if (!empty($_POST)) { |
15 | // if (!Session::isToken($_POST['token'])) { | |
16 | // die(_('Wrong token')); | |
17 | // // TODO remettre le test | |
18 | // } | |
19 | // unset($_SESSION['tokens']); | |
20 | // } | |
a1953dff | 21 | |
a4565e88 | 22 | $referer = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER']; |
8c72b98d | 23 | |
a1953dff | 24 | if (isset($_GET['login'])) { |
4f5b44bd | 25 | # hello you |
c765c367 | 26 | $poche->login($referer); |
a1953dff | 27 | } |
28 | elseif (isset($_GET['logout'])) { | |
4f5b44bd | 29 | # see you soon ! |
c765c367 | 30 | $poche->logout(); |
a1953dff | 31 | } |
c765c367 | 32 | elseif (isset($_GET['config'])) { |
4f5b44bd | 33 | # Update password |
c765c367 NL |
34 | $poche->updatePassword(); |
35 | } | |
36 | elseif (isset($_GET['import'])) { | |
37 | $poche->import($_GET['from']); | |
da368cc8 | 38 | } |
a1953dff | 39 | |
4f5b44bd NL |
40 | # Aaaaaaand action ! |
41 | $view = (isset ($_REQUEST['view'])) ? htmlentities($_REQUEST['view']) : 'home'; | |
42 | $full_head = (isset ($_REQUEST['full_head'])) ? htmlentities($_REQUEST['full_head']) : 'yes'; | |
43 | $action = (isset ($_REQUEST['action'])) ? htmlentities($_REQUEST['action']) : ''; | |
44 | $_SESSION['sort'] = (isset ($_REQUEST['sort'])) ? htmlentities($_REQUEST['sort']) : 'id'; | |
45 | $id = (isset ($_REQUEST['id'])) ? htmlspecialchars($_REQUEST['id']) : ''; | |
eb1af592 NL |
46 | |
47 | $url = new Url((isset ($_GET['url'])) ? $_GET['url'] : ''); | |
a1953dff | 48 | |
a4565e88 | 49 | $tpl_vars = array( |
a4565e88 NL |
50 | 'referer' => $referer, |
51 | 'view' => $view, | |
eb1af592 | 52 | 'poche_url' => Tools::getPocheUrl(), |
a4565e88 NL |
53 | 'demo' => MODE_DEMO, |
54 | 'title' => _('poche, a read it later open source system'), | |
8cbb2a88 | 55 | 'token' => Session::getToken(), |
a4565e88 | 56 | ); |
139769aa | 57 | |
e4d2565e | 58 | if (Session::isLogged()) { |
eb1af592 NL |
59 | $poche->action($action, $url, $id); |
60 | $tpl_file = Tools::getTplFile($view); | |
61 | $tpl_vars = array_merge($tpl_vars, $poche->displayView($view, $id)); | |
e4d2565e | 62 | } |
63 | else { | |
8cbb2a88 | 64 | $tpl_file = 'login.twig'; |
8c72b98d | 65 | } |
a4565e88 | 66 | |
eb1af592 | 67 | echo $poche->tpl->render($tpl_file, $tpl_vars); |