X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=index.php;h=5f43b7400c007887e94fe364bb66aabb78635499;hb=1cbd70639c5f97f6030d0df6624ca200dba86945;hp=6eefd277e808647b331e42ca4c184cb03a0a38c4;hpb=37c6ed4e7a75238504a28d6be5fbaad475689526;p=github%2Fwallabag%2Fwallabag.git diff --git a/index.php b/index.php index 6eefd277..5f43b740 100644 --- a/index.php +++ b/index.php @@ -8,66 +8,63 @@ * @license http://www.wtfpl.net/ see COPYING file */ -include dirname(__FILE__).'/inc/config.php'; - -myTool::initPhp(); - -# XSRF protection with token -if (!empty($_POST)) { - if (!Session::isToken($_POST['token'])) { - die('Wrong token.'); - } - unset($_SESSION['tokens']); +if (file_exists(__DIR__ . '/inc/poche/myconfig.inc.php')) { + require_once __DIR__ . '/inc/poche/myconfig.inc.php'; } +require_once './inc/poche/Tools.class.php'; +Tools::createMyConfig(); -$ref = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER']; +include dirname(__FILE__).'/inc/poche/config.inc.php'; -if (isset($_GET['login'])) { - // Login - if (!empty($_POST['login']) && !empty($_POST['password'])) { - if (Session::login('poche', 'poche', $_POST['login'], $_POST['password'])) { - logm('login successful'); - if (!empty($_POST['longlastingsession'])) { - $_SESSION['longlastingsession'] = 31536000; - $_SESSION['expires_on'] = time() + $_SESSION['longlastingsession']; - session_set_cookie_params($_SESSION['longlastingsession']); - } else { - session_set_cookie_params(0); // when browser closes - } - session_regenerate_id(true); +# Parse GET & REFERER vars +$referer = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER']; +$view = Tools::checkVar('view', 'home'); +$action = Tools::checkVar('action'); +$id = Tools::checkVar('id'); +$_SESSION['sort'] = Tools::checkVar('sort', 'id'); +$url = new Url((isset ($_GET['url'])) ? $_GET['url'] : ''); - MyTool::redirect($ref); - } - logm('login failed'); - die("Login failed !"); - } else { - logm('login failed'); - } +# poche actions +if (isset($_GET['login'])) { + # hello you + $poche->login($referer); } elseif (isset($_GET['logout'])) { - logm('logout'); - Session::logout(); - MyTool::redirect(); + # see you soon ! + $poche->logout(); +} +elseif (isset($_GET['config'])) { + # Update password + $poche->updatePassword(); +} +elseif (isset($_GET['import'])) { + $import = $poche->import($_GET['from']); +} +elseif (isset($_GET['export'])) { + $poche->export(); } -# Traitement des paramètres et déclenchement des actions -$view = (isset ($_REQUEST['view'])) ? htmlentities($_REQUEST['view']) : 'index'; -$full_head = (isset ($_REQUEST['full_head'])) ? htmlentities($_REQUEST['full_head']) : 'yes'; -$action = (isset ($_REQUEST['action'])) ? htmlentities($_REQUEST['action']) : ''; -$_SESSION['sort'] = (isset ($_REQUEST['sort'])) ? htmlentities($_REQUEST['sort']) : 'id'; -$id = (isset ($_REQUEST['id'])) ? htmlspecialchars($_REQUEST['id']) : ''; -$url = (isset ($_GET['url'])) ? $_GET['url'] : ''; - -$tpl->assign('isLogged', Session::isLogged()); -$tpl->assign('referer', $ref); -$tpl->assign('view', $view); -$tpl->assign('poche_url', myTool::getUrl()); -$tpl->assign('title', 'poche, a read it later open source system'); +# vars to send to templates +$tpl_vars = array( + 'referer' => $referer, + 'view' => $view, + 'poche_url' => Tools::getPocheUrl(), + 'title' => _('poche, a read it later open source system'), + 'token' => Session::getToken(), +); if (Session::isLogged()) { - action_to_do($action, $url, $id); - display_view($view, $id, $full_head); + $poche->action($action, $url, $id); + $tpl_file = Tools::getTplFile($view); + $tpl_vars = array_merge($tpl_vars, $poche->displayView($view, $id)); } else { - $tpl->draw('login'); + $tpl_file = 'login.twig'; } + +# because messages can be added in $poche->action(), we have to add this entry now (we can add it before) +$messages = $poche->messages->display('all', FALSE); +$tpl_vars = array_merge($tpl_vars, array('messages' => $messages)); + +# display poche +echo $poche->tpl->render($tpl_file, $tpl_vars); \ No newline at end of file