X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=index.php;h=654403c8415d853333666ddaa1cc1cc621c5c4b6;hb=21e0af98eb28e46345ecb947c48af29e8f1c6234;hp=d477d699d965cafa945d6c9e22233beecdb94d11;hpb=cf3180f6b8c552bbf7214d1ba72fbf1fc90ef861;p=github%2Fwallabag%2Fwallabag.git diff --git a/index.php b/index.php old mode 100755 new mode 100644 index d477d699..654403c8 --- a/index.php +++ b/index.php @@ -8,24 +8,58 @@ * @license http://www.wtfpl.net/ see COPYING file */ -include dirname(__FILE__).'/inc/config.php'; +include dirname(__FILE__).'/inc/poche/config.inc.php'; -$action = (isset ($_REQUEST['action'])) ? htmlentities($_REQUEST['action']) : ''; -$view = (isset ($_GET['view'])) ? htmlentities($_GET['view']) : 'index'; -$id = (isset ($_REQUEST['id'])) ? htmlspecialchars($_REQUEST['id']) : ''; -$url = (isset ($_GET['url'])) ? $_GET['url'] : ''; -$token = (isset ($_POST['token'])) ? $_POST['token'] : ''; +#XSRF protection with token +if (!empty($_POST)) { + if (!Session::isToken($_POST['token'])) { + die(_('Wrong token')); + } + unset($_SESSION['tokens']); +} + +$referer = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER']; +$view = Tools::checkVar('view', 'home'); +$action = Tools::checkVar('action'); +$id = Tools::checkVar('id'); +$_SESSION['sort'] = Tools::checkVar('sort'); +$url = new Url((isset ($_GET['url'])) ? $_GET['url'] : ''); -if ($action != '') { - action_to_do($action, $id, $url, $token); +if (isset($_GET['login'])) { + # hello you + $poche->login($referer); +} +elseif (isset($_GET['logout'])) { + # see you soon ! + $poche->logout(); +} +elseif (isset($_GET['config'])) { + # Update password + $poche->updatePassword(); +} +elseif (isset($_GET['import'])) { + $poche->import($_GET['from']); } +elseif (isset($_GET['export'])) { + $poche->export(); +} + +$tpl_vars = array( + 'referer' => $referer, + 'view' => $view, + 'poche_url' => Tools::getPocheUrl(), + 'title' => _('poche, a read it later open source system'), + 'token' => Session::getToken(), +); -$entries = display_view($view); +if (Session::isLogged()) { + $poche->action($action, $url, $id); + $tpl_file = Tools::getTplFile($view); + $tpl_vars = array_merge($tpl_vars, $poche->displayView($view, $id)); +} +else { + $tpl_file = 'login.twig'; +} -$tpl->assign('title', 'poche, a read it later open source system'); -$tpl->assign('view', $view); -$tpl->assign('poche_url', get_poche_url()); -$tpl->assign('entries', $entries); -$tpl->assign('load_all_js', 1); -$tpl->assign('token', $_SESSION['token_poche']); -$tpl->draw('home'); \ No newline at end of file +# Aaaaaaand action ! +echo $poche->tpl->render($tpl_file, $tpl_vars); \ No newline at end of file