X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=index.php;h=5b8384ba8886fc15258163b9e3cdf295d061b777;hb=3fdcc7bd47114776a5a8a280783529ee2dd690a1;hp=90fdac81ee5287b4cb8af343d4056e08b1ed344f;hpb=141a86c503af8e314381b3ee39ba4287fdfac63e;p=github%2Fshaarli%2FShaarli.git diff --git a/index.php b/index.php index 90fdac81..5b8384ba 100644 --- a/index.php +++ b/index.php @@ -496,9 +496,9 @@ if (isset($_POST['login'])) else { ban_loginFailed(); - $redir = ''; + $redir = '&username='. $_POST['login']; if (isset($_GET['post'])) { - $redir = '?post=' . urlencode($_GET['post']); + $redir .= '&post=' . urlencode($_GET['post']); foreach (array('description', 'source', 'title') as $param) { if (!empty($_GET[$param])) { $redir .= '&' . $param . '=' . urlencode($_GET[$param]); @@ -569,7 +569,7 @@ function tokenOk($token) // This RSS feed cannot be filtered. function showDailyRSS() { // Cache system - $query = $_SERVER["QUERY_STRING"]; + $query = $_SERVER['QUERY_STRING']; $cache = new CachedPage( $GLOBALS['config']['PAGECACHE'], page_url($_SERVER), @@ -823,12 +823,15 @@ function renderPage() if ($GLOBALS['config']['OPEN_SHAARLI']) { header('Location: ?'); exit; } // No need to login for open Shaarli $token=''; if (ban_canLogin()) $token=getToken(); // Do not waste token generation if not useful. $PAGE->assign('token',$token); + if (isset($_GET['username'])) { + $PAGE->assign('username', escape($_GET['username'])); + } $PAGE->assign('returnurl',(isset($_SERVER['HTTP_REFERER']) ? escape($_SERVER['HTTP_REFERER']):'')); $PAGE->renderPage('loginform'); exit; } // -------- User wants to logout. - if (isset($_SERVER["QUERY_STRING"]) && startswith($_SERVER["QUERY_STRING"],'do=logout')) + if (isset($_SERVER['QUERY_STRING']) && startsWith($_SERVER['QUERY_STRING'], 'do=logout')) { invalidateCaches($GLOBALS['config']['PAGECACHE']); logout(); @@ -1077,12 +1080,6 @@ function renderPage() exit; } - // Same case as above except that user tried to access ?do=addlink without being logged in - // Note: passing empty parameters makes Shaarli generate default URLs and descriptions. - if (isset($_GET['do']) && $_GET['do'] === 'addlink') { - header('Location: ?do=login&post='); - exit; - } showLinkList($PAGE, $LINKSDB); if (isset($_GET['edit_link'])) { header('Location: ?do=login&edit_link='. escape($_GET['edit_link'])); @@ -1506,7 +1503,7 @@ function renderPage() } // -------- User is uploading a file for import - if (isset($_SERVER["QUERY_STRING"]) && startswith($_SERVER["QUERY_STRING"],'do=upload')) + if (isset($_SERVER['QUERY_STRING']) && startsWith($_SERVER['QUERY_STRING'], 'do=upload')) { // If file is too big, some form field may be missing. if (!isset($_POST['token']) || (!isset($_FILES)) || (isset($_FILES['filetoupload']['size']) && $_FILES['filetoupload']['size']==0)) @@ -1608,7 +1605,7 @@ function importFile($LINKSDB) { $link = array('linkdate'=>'','title'=>'','url'=>'','description'=>'','tags'=>'','private'=>0); $d = explode('