aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorNicolas LÅ“uillet <nicolas@loeuillet.org>2014-07-24 21:41:16 +0200
committerNicolas LÅ“uillet <nicolas@loeuillet.org>2014-07-24 21:41:16 +0200
commitaf8292c1de1886cd975d79f0f42df40e0bd1c5bd (patch)
tree310f9fce4ae50d38fdb4fb1e0ec4dbffb1b91201
parent0f6273cdb8c77436593782d42f271fddc7a7875d (diff)
parent38cf3413dfe156ced4f5f3a8c792cef69e2735f7 (diff)
downloadwallabag-1.7.2.tar.gz
wallabag-1.7.2.tar.zst
wallabag-1.7.2.zip
Merge branch 'fix/securityMaster'1.7.2
-rwxr-xr-xindex.php84
1 files changed, 42 insertions, 42 deletions
diff --git a/index.php b/index.php
index 481841ec..b2ab1461 100755
--- a/index.php
+++ b/index.php
@@ -8,7 +8,7 @@
8 * @license http://www.wtfpl.net/ see COPYING file 8 * @license http://www.wtfpl.net/ see COPYING file
9 */ 9 */
10 10
11define ('POCHE', '1.7.1'); 11define ('POCHE', '1.7.2');
12require 'check_setup.php'; 12require 'check_setup.php';
13require_once 'inc/poche/global.inc.php'; 13require_once 'inc/poche/global.inc.php';
14 14
@@ -63,54 +63,54 @@ if (! empty($notInstalledMessage)) {
63 63
64# poche actions 64# poche actions
65if (isset($_GET['login'])) { 65if (isset($_GET['login'])) {
66 # hello you 66 # hello to you
67 $poche->login($referer); 67 $poche->login($referer);
68} elseif (isset($_GET['logout'])) { 68} elseif (isset($_GET['feed']) && isset($_GET['user_id'])) {
69 # see you soon ! 69 $tag_id = (isset($_GET['tag_id']) ? intval($_GET['tag_id']) : 0);
70 $poche->logout(); 70 $poche->generateFeeds($_GET['token'], filter_var($_GET['user_id'],FILTER_SANITIZE_NUMBER_INT), $tag_id, $_GET['type']);
71} elseif (isset($_GET['config'])) {
72 # Update password
73 $poche->updatePassword();
74} elseif (isset($_GET['newuser'])) {
75 $poche->createNewUser();
76} elseif (isset($_GET['deluser'])) {
77 $poche->deleteUser();
78} elseif (isset($_GET['epub'])) {
79 $poche->createEpub();
80} elseif (isset($_GET['import'])) {
81 $import = $poche->import();
82 $tpl_vars = array_merge($tpl_vars, $import);
83} elseif (isset($_GET['download'])) {
84 Tools::download_db();
85} elseif (isset($_GET['empty-cache'])) {
86 $poche->emptyCache();
87} elseif (isset($_GET['export'])) {
88 $poche->export();
89} elseif (isset($_GET['updatetheme'])) {
90 $poche->updateTheme();
91} elseif (isset($_GET['updatelanguage'])) {
92 $poche->updateLanguage();
93} elseif (isset($_GET['uploadfile'])) {
94 $poche->uploadFile();
95} elseif (isset($_GET['feed'])) {
96 if (isset($_GET['action']) && $_GET['action'] == 'generate') {
97 $poche->generateToken();
98 }
99 else {
100 $tag_id = (isset($_GET['tag_id']) ? intval($_GET['tag_id']) : 0);
101 $poche->generateFeeds($_GET['token'], filter_var($_GET['user_id'],FILTER_SANITIZE_NUMBER_INT), $tag_id, $_GET['type']);
102 }
103}
104
105elseif (isset($_GET['plainurl']) && !empty($_GET['plainurl'])) {
106 $plain_url = new Url(base64_encode($_GET['plainurl']));
107 $poche->action('add', $plain_url);
108} 71}
109 72
110if (Session::isLogged()) { 73if (Session::isLogged()) {
74
75 if (isset($_GET['logout'])) {
76 # see you soon !
77 $poche->logout();
78 } elseif (isset($_GET['config'])) {
79 # Update password
80 $poche->updatePassword();
81 } elseif (isset($_GET['newuser'])) {
82 $poche->createNewUser();
83 } elseif (isset($_GET['deluser'])) {
84 $poche->deleteUser();
85 } elseif (isset($_GET['epub'])) {
86 $poche->createEpub();
87 } elseif (isset($_GET['import'])) {
88 $import = $poche->import();
89 $tpl_vars = array_merge($tpl_vars, $import);
90 } elseif (isset($_GET['download'])) {
91 Tools::download_db();
92 } elseif (isset($_GET['empty-cache'])) {
93 $poche->emptyCache();
94 } elseif (isset($_GET['export'])) {
95 $poche->export();
96 } elseif (isset($_GET['updatetheme'])) {
97 $poche->updateTheme();
98 } elseif (isset($_GET['updatelanguage'])) {
99 $poche->updateLanguage();
100 } elseif (isset($_GET['uploadfile'])) {
101 $poche->uploadFile();
102 } elseif (isset($_GET['feed']) && isset($_GET['action']) && $_GET['action'] == 'generate') {
103 $poche->generateToken();
104 }
105 elseif (isset($_GET['plainurl']) && !empty($_GET['plainurl'])) {
106 $plain_url = new Url(base64_encode($_GET['plainurl']));
107 $poche->action('add', $plain_url);
108 }
109
111 $poche->action($action, $url, $id); 110 $poche->action($action, $url, $id);
112 $tpl_file = Tools::getTplFile($view); 111 $tpl_file = Tools::getTplFile($view);
113 $tpl_vars = array_merge($tpl_vars, $poche->displayView($view, $id)); 112 $tpl_vars = array_merge($tpl_vars, $poche->displayView($view, $id));
113
114} elseif(isset($_SERVER['PHP_AUTH_USER'])) { 114} elseif(isset($_SERVER['PHP_AUTH_USER'])) {
115 if($poche->store->userExists($_SERVER['PHP_AUTH_USER'])) { 115 if($poche->store->userExists($_SERVER['PHP_AUTH_USER'])) {
116 $poche->login($referer); 116 $poche->login($referer);