X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=index.php;h=4962639b46145d5802f186b751cc1e53c99f696b;hb=c67e13e04baab64bcc63fd0dca46125513250c44;hp=829d5513542789bf4c220cb457ca22f0f12bb166;hpb=88958248fab89c8bfa0014c6e4c300cb27a522b2;p=github%2Fwallabag%2Fwallabag.git diff --git a/index.php b/index.php index 829d5513..4962639b 100644 --- a/index.php +++ b/index.php @@ -10,24 +10,23 @@ include dirname(__FILE__).'/inc/config.php'; -myTool::initPhp(); +pocheTools::initPhp(); # XSRF protection with token if (!empty($_POST)) { if (!Session::isToken($_POST['token'])) { - die('Wrong token.'); + die(_('Wrong token.')); } unset($_SESSION['tokens']); } -$ref = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER']; +$referer = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER']; if (isset($_GET['login'])) { // Login if (!empty($_POST['login']) && !empty($_POST['password'])) { - if (Session::login('poche', 'poche', $_POST['login'], $_POST['password'])) { - logm('login successful'); - $msg->add('s', 'welcome in your pocket!'); + if (Session::login($_SESSION['login'], $_SESSION['pass'], $_POST['login'], encode_string($_POST['password'] . $_POST['login']))) { + pocheTools::logm('login successful'); if (!empty($_POST['longlastingsession'])) { $_SESSION['longlastingsession'] = 31536000; $_SESSION['expires_on'] = time() + $_SESSION['longlastingsession']; @@ -37,18 +36,34 @@ if (isset($_GET['login'])) { } session_regenerate_id(true); - MyTool::redirect($ref); + pocheTools::redirect($referer); } - logm('login failed'); - die("Login failed !"); + pocheTools::logm('login failed'); + die(_("Login failed !")); } else { - logm('login failed'); + pocheTools::logm('login failed'); } } elseif (isset($_GET['logout'])) { - logm('logout'); + pocheTools::logm('logout'); Session::logout(); - MyTool::redirect(); + pocheTools::redirect(); +} +elseif (isset($_GET['config'])) { + if (isset($_POST['password']) && isset($_POST['password_repeat'])) { + if ($_POST['password'] == $_POST['password_repeat'] && $_POST['password'] != "") { + pocheTools::logm('password updated'); + if (!MODE_DEMO) { + $store->updatePassword(encode_string($_POST['password'] . $_SESSION['login'])); + #your password has been updated + } + else { + #in demo mode, you can\'t update password + } + } + #else + #your password can\'t be empty and you have to repeat it in the second field + } } # Traitement des paramètres et déclenchement des actions @@ -59,16 +74,21 @@ $_SESSION['sort'] = (isset ($_REQUEST['sort'])) ? htmlentities($_REQUEST['sort $id = (isset ($_REQUEST['id'])) ? htmlspecialchars($_REQUEST['id']) : ''; $url = (isset ($_GET['url'])) ? $_GET['url'] : ''; -$tpl->assign('isLogged', Session::isLogged()); -$tpl->assign('referer', $ref); -$tpl->assign('view', $view); -$tpl->assign('poche_url', myTool::getUrl()); -$tpl->assign('title', 'poche, a read it later open source system'); +$tpl_vars = array( + 'isLogged' => Session::isLogged(), + 'referer' => $referer, + 'view' => $view, + 'poche_url' => pocheTools::getUrl(), + 'demo' => MODE_DEMO, + 'title' => _('poche, a read it later open source system'), +); if (Session::isLogged()) { action_to_do($action, $url, $id); display_view($view, $id, $full_head); } else { - $tpl->draw('login'); + $template = $twig->loadTemplate('login.twig'); } + +echo $template->render($tpl_vars); \ No newline at end of file