Fix downloading SQLite database from all users

diff --git a/inc/poche/Routing.class.php b/inc/poche/Routing.class.php
index 004bd45a928f56215acd0ab8837b8c57dbb6853e..0b373058029777acc582736faffddaeaa46e6cf8 100755 (executable)
--- a/inc/poche/Routing.class.php
+++ b/inc/poche/Routing.class.php
@@ -124,8 +124,6 @@ class Routing
             } elseif (isset($_GET['import'])) {
                 $import = $this->wallabag->import();
                 $tplVars = array_merge($this->vars, $import);
-            } elseif (isset($_GET['download'])) {
-                Tools::downloadDb();
             } elseif (isset($_GET['empty-cache'])) {
                 Tools::emptyCache();
             } elseif (isset($_GET['export'])) {

diff --git a/inc/poche/Tools.class.php b/inc/poche/Tools.class.php
index 63137d765542a8724991c68b3314ceba8f574d0b..c2c1bdab161c1a6e4823e595c367a3fae0480793 100755 (executable)
--- a/inc/poche/Tools.class.php
+++ b/inc/poche/Tools.class.php
@@ -296,18 +296,20 @@ final class Tools
 
     /**
      * Download the sqlite database
+     * Function not longer used for security reasons
      */
-    public static function downloadDb()
-    {
-        header('Content-Disposition: attachment; filename="poche.sqlite.gz"');
-        self::_status(200);
 
-        header('Content-Transfer-Encoding: binary');
-        header('Content-Type: application/octet-stream');
-        echo gzencode(file_get_contents(STORAGE_SQLITE));
+    // public static function downloadDb()
+    // {
+    //     header('Content-Disposition: attachment; filename="poche.sqlite.gz"');
+    //     self::_status(200);
 
-        exit;
-    }
+    //     header('Content-Transfer-Encoding: binary');
+    //     header('Content-Type: application/octet-stream');
+    //     echo gzencode(file_get_contents(STORAGE_SQLITE));
+
+    //     exit;
+    // }
 
     /**
      * Get the content for a given URL (by a call to FullTextFeed)

diff --git a/themes/baggy/config.twig b/themes/baggy/config.twig
index e45c3218fa7c4b6638183a39c0baa0dbcdbd736a..7bd229cbe66c911e479fb6a8bfe52fb3d20c390b 100755 (executable)
--- a/themes/baggy/config.twig
+++ b/themes/baggy/config.twig
@@ -121,8 +121,6 @@
             <p><a href="?import">{% trans "You can click here to fetch content for articles with no content." %}</a></p>
             
             <h2>{% trans "Export your wallabag data" %}</h2>
-            {% if constant('STORAGE') == 'sqlite' %}
-            <p><a href="?download" target="_blank">{% trans "Click here" %}</a> {% trans "to download your database." %}</p>{% endif %}
             <p><a href="?export" target="_blank">{% trans "Click here" %}</a> {% trans "to export your wallabag data." %}</p>
             
             <h2>{% trans "Fancy an E-Book ?" %}</h2>

diff --git a/themes/default/config.twig b/themes/default/config.twig
index 8f047ae6ad6162296e0d739a7717ab25eeefa966..5656fadd76ed7a96c4ed9770dcc992180cb3195a 100755 (executable)
--- a/themes/default/config.twig
+++ b/themes/default/config.twig
@@ -121,7 +121,6 @@
 
             <h2>{% trans "Export your wallabag data" %}</h2>
             {% if constant('STORAGE') == 'sqlite' %}
-            <p><a href="?download" target="_blank">{% trans "Click here" %}</a> {% trans "to download your database." %}</p>{% endif %}
             <p><a href="?export" target="_blank">{% trans "Click here" %}</a> {% trans "to export your wallabag data." %}</p>
 
             <h2>{% trans "Cache" %}</h2>