From: Nicolas LÅ“uillet Date: Thu, 24 Jul 2014 19:41:16 +0000 (+0200) Subject: Merge branch 'fix/securityMaster' X-Git-Tag: 1.7.2 X-Git-Url: https://git.immae.eu/?a=commitdiff_plain;h=af8292c1de1886cd975d79f0f42df40e0bd1c5bd;hp=0f6273cdb8c77436593782d42f271fddc7a7875d;p=github%2Fwallabag%2Fwallabag.git Merge branch 'fix/securityMaster' --- diff --git a/index.php b/index.php index 481841ec..b2ab1461 100755 --- a/index.php +++ b/index.php @@ -8,7 +8,7 @@ * @license http://www.wtfpl.net/ see COPYING file */ -define ('POCHE', '1.7.1'); +define ('POCHE', '1.7.2'); require 'check_setup.php'; require_once 'inc/poche/global.inc.php'; @@ -63,54 +63,54 @@ if (! empty($notInstalledMessage)) { # poche actions if (isset($_GET['login'])) { - # hello you + # hello to you $poche->login($referer); -} elseif (isset($_GET['logout'])) { - # see you soon ! - $poche->logout(); -} elseif (isset($_GET['config'])) { - # Update password - $poche->updatePassword(); -} elseif (isset($_GET['newuser'])) { - $poche->createNewUser(); -} elseif (isset($_GET['deluser'])) { - $poche->deleteUser(); -} elseif (isset($_GET['epub'])) { - $poche->createEpub(); -} elseif (isset($_GET['import'])) { - $import = $poche->import(); - $tpl_vars = array_merge($tpl_vars, $import); -} elseif (isset($_GET['download'])) { - Tools::download_db(); -} elseif (isset($_GET['empty-cache'])) { - $poche->emptyCache(); -} elseif (isset($_GET['export'])) { - $poche->export(); -} elseif (isset($_GET['updatetheme'])) { - $poche->updateTheme(); -} elseif (isset($_GET['updatelanguage'])) { - $poche->updateLanguage(); -} elseif (isset($_GET['uploadfile'])) { - $poche->uploadFile(); -} elseif (isset($_GET['feed'])) { - if (isset($_GET['action']) && $_GET['action'] == 'generate') { - $poche->generateToken(); - } - else { - $tag_id = (isset($_GET['tag_id']) ? intval($_GET['tag_id']) : 0); - $poche->generateFeeds($_GET['token'], filter_var($_GET['user_id'],FILTER_SANITIZE_NUMBER_INT), $tag_id, $_GET['type']); - } -} - -elseif (isset($_GET['plainurl']) && !empty($_GET['plainurl'])) { - $plain_url = new Url(base64_encode($_GET['plainurl'])); - $poche->action('add', $plain_url); +} elseif (isset($_GET['feed']) && isset($_GET['user_id'])) { + $tag_id = (isset($_GET['tag_id']) ? intval($_GET['tag_id']) : 0); + $poche->generateFeeds($_GET['token'], filter_var($_GET['user_id'],FILTER_SANITIZE_NUMBER_INT), $tag_id, $_GET['type']); } if (Session::isLogged()) { + + if (isset($_GET['logout'])) { + # see you soon ! + $poche->logout(); + } elseif (isset($_GET['config'])) { + # Update password + $poche->updatePassword(); + } elseif (isset($_GET['newuser'])) { + $poche->createNewUser(); + } elseif (isset($_GET['deluser'])) { + $poche->deleteUser(); + } elseif (isset($_GET['epub'])) { + $poche->createEpub(); + } elseif (isset($_GET['import'])) { + $import = $poche->import(); + $tpl_vars = array_merge($tpl_vars, $import); + } elseif (isset($_GET['download'])) { + Tools::download_db(); + } elseif (isset($_GET['empty-cache'])) { + $poche->emptyCache(); + } elseif (isset($_GET['export'])) { + $poche->export(); + } elseif (isset($_GET['updatetheme'])) { + $poche->updateTheme(); + } elseif (isset($_GET['updatelanguage'])) { + $poche->updateLanguage(); + } elseif (isset($_GET['uploadfile'])) { + $poche->uploadFile(); + } elseif (isset($_GET['feed']) && isset($_GET['action']) && $_GET['action'] == 'generate') { + $poche->generateToken(); + } + elseif (isset($_GET['plainurl']) && !empty($_GET['plainurl'])) { + $plain_url = new Url(base64_encode($_GET['plainurl'])); + $poche->action('add', $plain_url); + } + $poche->action($action, $url, $id); $tpl_file = Tools::getTplFile($view); $tpl_vars = array_merge($tpl_vars, $poche->displayView($view, $id)); + } elseif(isset($_SERVER['PHP_AUTH_USER'])) { if($poche->store->userExists($_SERVER['PHP_AUTH_USER'])) { $poche->login($referer);