close #69: in the config page, you are notified of the release of a new version

[github/wallabag/wallabag.git] / index.php

diff --git a/index.php b/index.php
index 94c72a275114510b0c7b352405646622fdb786d0..654403c8415d853333666ddaa1cc1cc621c5c4b6 100644 (file)
--- a/index.php
+++ b/index.php
@@ -11,16 +11,15 @@
 include dirname(__FILE__).'/inc/poche/config.inc.php';
 
 #XSRF protection with token
-// if (!empty($_POST)) {
-//     if (!Session::isToken($_POST['token'])) {
-//         die(_('Wrong token'));
-//         // TODO remettre le test
-//     }
-//     unset($_SESSION['tokens']);
-// }
+if (!empty($_POST)) {
+    if (!Session::isToken($_POST['token'])) {
+        die(_('Wrong token'));
+    }
+    unset($_SESSION['tokens']);
+}
 
 $referer = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER'];
-$view = Tools::checkVar('view');
+$view = Tools::checkVar('view', 'home');
 $action = Tools::checkVar('action');
 $id = Tools::checkVar('id');
 $_SESSION['sort'] = Tools::checkVar('sort');
@@ -49,7 +48,6 @@ $tpl_vars = array(
     'referer' => $referer,
     'view' => $view,
     'poche_url' => Tools::getPocheUrl(),
-    'demo' => MODE_DEMO,
     'title' => _('poche, a read it later open source system'),
     'token' => Session::getToken(),
 );