X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=index.php;h=dd70a989d897ebd5b6cbb51bb1e251818f51a779;hb=55821e04c188997d258645975220828e195d0df4;hp=ef18254a4166f5a58976522dd8b270bad5ab8ae0;hpb=8046748b424f95a92ab599ecc973f57eb05246ce;p=github%2Fwallabag%2Fwallabag.git diff --git a/index.php b/index.php old mode 100755 new mode 100644 index ef18254a..dd70a989 --- a/index.php +++ b/index.php @@ -8,77 +8,61 @@ * @license http://www.wtfpl.net/ see COPYING file */ -include dirname(__FILE__).'/inc/config.php'; +include dirname(__FILE__).'/inc/poche/config.inc.php'; -$action = (isset ($_GET['action'])) ? htmlspecialchars($_GET['action']) : ''; -$view = (isset ($_GET['view'])) ? htmlspecialchars($_GET['view']) : ''; -$id = (isset ($_GET['id'])) ? htmlspecialchars($_GET['id']) : ''; -$url = (isset ($_GET['url'])) ? $_GET['url'] : ''; +#XSRF protection with token +// if (!empty($_POST)) { +// if (!Session::isToken($_POST['token'])) { +// die(_('Wrong token')); +// } +// unset($_SESSION['tokens']); +// } -switch ($action) -{ - case 'add': - if ($url == '') - continue; +$referer = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER']; +$view = Tools::checkVar('view', 'home'); +$action = Tools::checkVar('action'); +$id = Tools::checkVar('id'); +$_SESSION['sort'] = Tools::checkVar('sort'); +$url = new Url((isset ($_GET['url'])) ? $_GET['url'] : ''); - $parametres_url = prepare_url($url); - $sql_action = 'INSERT INTO entries ( url, title, content ) VALUES (?, ?, ?)'; - $params_action = array($url, $parametres_url['title'], $parametres_url['content']); - break; - case 'delete': - $sql_action = "DELETE FROM entries WHERE id=?"; - $params_action = array($id); - break; - default: - break; +if (isset($_GET['login'])) { + # hello you + $poche->login($referer); } - -try -{ - # action query - if (isset($sql_action)) - { - $query = $db->getHandle()->prepare($sql_action); - $query->execute($params_action); - } +elseif (isset($_GET['logout'])) { + # see you soon ! + $poche->logout(); } -catch (Exception $e) -{ - die('action query error : '.$e->getMessage()); +elseif (isset($_GET['config'])) { + # Update password + $poche->updatePassword(); } - -switch ($view) -{ - case 'archive': - $sql = "SELECT * FROM entries WHERE is_read=? ORDER BY id desc"; - $params = array(-1); - break; - case 'fav' : - $sql = "SELECT * FROM entries WHERE is_fav=? ORDER BY id desc"; - $params = array(-1); - break; - default: - $sql = "SELECT * FROM entries WHERE is_read=? ORDER BY id desc"; - $params = array(0); - $view = 'index'; - break; +elseif (isset($_GET['import'])) { + $poche->import($_GET['from']); +} +elseif (isset($_GET['export'])) { + $poche->export(); } -# view query -try -{ - $query = $db->getHandle()->prepare($sql); - $query->execute($params); - $entries = $query->fetchAll(); +$tpl_vars = array( + 'referer' => $referer, + 'view' => $view, + 'poche_url' => Tools::getPocheUrl(), + 'title' => _('poche, a read it later open source system'), + 'token' => Session::getToken(), +); + +if (Session::isLogged()) { + $poche->action($action, $url, $id); + $tpl_file = Tools::getTplFile($view); + $tpl_vars = array_merge($tpl_vars, $poche->displayView($view, $id)); } -catch (Exception $e) -{ - die('view query error : '.$e->getMessage()); +else { + $tpl_file = 'login.twig'; } -$tpl->assign('title', 'poche, a read it later open source system'); -$tpl->assign('view', $view); -$tpl->assign('poche_url', get_poche_url()); -$tpl->assign('entries', $entries); -$tpl->assign('load_all_js', 1); -$tpl->draw('home'); \ No newline at end of file +# because messages can be added in $poche->action(), we have to add this entry now (we can add it before) +$tpl_vars = array_merge($tpl_vars, array('messages' => $poche->messages->display())); + +# Aaaaaaand action ! +echo $poche->tpl->render($tpl_file, $tpl_vars); \ No newline at end of file