X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=index.php;h=5f43b7400c007887e94fe364bb66aabb78635499;hb=fd99a8c02d7c625771656a5c5081560027d8e6e9;hp=4962639b46145d5802f186b751cc1e53c99f696b;hpb=161395d7098ec2bd86671d15d5b54f39148e2d5b;p=github%2Fwallabag%2Fwallabag.git diff --git a/index.php b/index.php index 4962639b..5f43b740 100644 --- a/index.php +++ b/index.php @@ -8,87 +8,63 @@ * @license http://www.wtfpl.net/ see COPYING file */ -include dirname(__FILE__).'/inc/config.php'; - -pocheTools::initPhp(); - -# XSRF protection with token -if (!empty($_POST)) { - if (!Session::isToken($_POST['token'])) { - die(_('Wrong token.')); - } - unset($_SESSION['tokens']); +if (file_exists(__DIR__ . '/inc/poche/myconfig.inc.php')) { + require_once __DIR__ . '/inc/poche/myconfig.inc.php'; } +require_once './inc/poche/Tools.class.php'; +Tools::createMyConfig(); +include dirname(__FILE__).'/inc/poche/config.inc.php'; + +# Parse GET & REFERER vars $referer = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER']; +$view = Tools::checkVar('view', 'home'); +$action = Tools::checkVar('action'); +$id = Tools::checkVar('id'); +$_SESSION['sort'] = Tools::checkVar('sort', 'id'); +$url = new Url((isset ($_GET['url'])) ? $_GET['url'] : ''); +# poche actions if (isset($_GET['login'])) { - // Login - if (!empty($_POST['login']) && !empty($_POST['password'])) { - if (Session::login($_SESSION['login'], $_SESSION['pass'], $_POST['login'], encode_string($_POST['password'] . $_POST['login']))) { - pocheTools::logm('login successful'); - if (!empty($_POST['longlastingsession'])) { - $_SESSION['longlastingsession'] = 31536000; - $_SESSION['expires_on'] = time() + $_SESSION['longlastingsession']; - session_set_cookie_params($_SESSION['longlastingsession']); - } else { - session_set_cookie_params(0); // when browser closes - } - session_regenerate_id(true); - - pocheTools::redirect($referer); - } - pocheTools::logm('login failed'); - die(_("Login failed !")); - } else { - pocheTools::logm('login failed'); - } + # hello you + $poche->login($referer); } elseif (isset($_GET['logout'])) { - pocheTools::logm('logout'); - Session::logout(); - pocheTools::redirect(); + # see you soon ! + $poche->logout(); } -elseif (isset($_GET['config'])) { - if (isset($_POST['password']) && isset($_POST['password_repeat'])) { - if ($_POST['password'] == $_POST['password_repeat'] && $_POST['password'] != "") { - pocheTools::logm('password updated'); - if (!MODE_DEMO) { - $store->updatePassword(encode_string($_POST['password'] . $_SESSION['login'])); - #your password has been updated - } - else { - #in demo mode, you can\'t update password - } - } - #else - #your password can\'t be empty and you have to repeat it in the second field - } +elseif (isset($_GET['config'])) { + # Update password + $poche->updatePassword(); +} +elseif (isset($_GET['import'])) { + $import = $poche->import($_GET['from']); +} +elseif (isset($_GET['export'])) { + $poche->export(); } -# Traitement des paramètres et déclenchement des actions -$view = (isset ($_REQUEST['view'])) ? htmlentities($_REQUEST['view']) : 'index'; -$full_head = (isset ($_REQUEST['full_head'])) ? htmlentities($_REQUEST['full_head']) : 'yes'; -$action = (isset ($_REQUEST['action'])) ? htmlentities($_REQUEST['action']) : ''; -$_SESSION['sort'] = (isset ($_REQUEST['sort'])) ? htmlentities($_REQUEST['sort']) : 'id'; -$id = (isset ($_REQUEST['id'])) ? htmlspecialchars($_REQUEST['id']) : ''; -$url = (isset ($_GET['url'])) ? $_GET['url'] : ''; - +# vars to send to templates $tpl_vars = array( - 'isLogged' => Session::isLogged(), 'referer' => $referer, 'view' => $view, - 'poche_url' => pocheTools::getUrl(), - 'demo' => MODE_DEMO, + 'poche_url' => Tools::getPocheUrl(), 'title' => _('poche, a read it later open source system'), + 'token' => Session::getToken(), ); if (Session::isLogged()) { - action_to_do($action, $url, $id); - display_view($view, $id, $full_head); + $poche->action($action, $url, $id); + $tpl_file = Tools::getTplFile($view); + $tpl_vars = array_merge($tpl_vars, $poche->displayView($view, $id)); } else { - $template = $twig->loadTemplate('login.twig'); + $tpl_file = 'login.twig'; } -echo $template->render($tpl_vars); \ No newline at end of file +# because messages can be added in $poche->action(), we have to add this entry now (we can add it before) +$messages = $poche->messages->display('all', FALSE); +$tpl_vars = array_merge($tpl_vars, array('messages' => $messages)); + +# display poche +echo $poche->tpl->render($tpl_file, $tpl_vars); \ No newline at end of file