diff options
| author | Nicolas LÅ“uillet <nicolas@loeuillet.org> | 2014-07-24 21:41:16 +0200 |
|---|---|---|
| committer | Nicolas LÅ“uillet <nicolas@loeuillet.org> | 2014-07-24 21:41:16 +0200 |
| commit | af8292c1de1886cd975d79f0f42df40e0bd1c5bd (patch) | |
| tree | 310f9fce4ae50d38fdb4fb1e0ec4dbffb1b91201 | |
| parent | 0f6273cdb8c77436593782d42f271fddc7a7875d (diff) | |
| parent | 38cf3413dfe156ced4f5f3a8c792cef69e2735f7 (diff) | |
| download | wallabag-af8292c1de1886cd975d79f0f42df40e0bd1c5bd.tar.gz wallabag-af8292c1de1886cd975d79f0f42df40e0bd1c5bd.tar.zst wallabag-af8292c1de1886cd975d79f0f42df40e0bd1c5bd.zip | |
Merge branch 'fix/securityMaster'1.7.2
| -rwxr-xr-x | index.php | 84 |
1 files changed, 42 insertions, 42 deletions
| @@ -8,7 +8,7 @@ | |||
| 8 | * @license http://www.wtfpl.net/ see COPYING file | 8 | * @license http://www.wtfpl.net/ see COPYING file |
| 9 | */ | 9 | */ |
| 10 | 10 | ||
| 11 | define ('POCHE', '1.7.1'); | 11 | define ('POCHE', '1.7.2'); |
| 12 | require 'check_setup.php'; | 12 | require 'check_setup.php'; |
| 13 | require_once 'inc/poche/global.inc.php'; | 13 | require_once 'inc/poche/global.inc.php'; |
| 14 | 14 | ||
| @@ -63,54 +63,54 @@ if (! empty($notInstalledMessage)) { | |||
| 63 | 63 | ||
| 64 | # poche actions | 64 | # poche actions |
| 65 | if (isset($_GET['login'])) { | 65 | if (isset($_GET['login'])) { |
| 66 | # hello you | 66 | # hello to you |
| 67 | $poche->login($referer); | 67 | $poche->login($referer); |
| 68 | } elseif (isset($_GET['logout'])) { | 68 | } elseif (isset($_GET['feed']) && isset($_GET['user_id'])) { |
| 69 | # see you soon ! | 69 | $tag_id = (isset($_GET['tag_id']) ? intval($_GET['tag_id']) : 0); |
| 70 | $poche->logout(); | 70 | $poche->generateFeeds($_GET['token'], filter_var($_GET['user_id'],FILTER_SANITIZE_NUMBER_INT), $tag_id, $_GET['type']); |
| 71 | } elseif (isset($_GET['config'])) { | ||
| 72 | # Update password | ||
| 73 | $poche->updatePassword(); | ||
| 74 | } elseif (isset($_GET['newuser'])) { | ||
| 75 | $poche->createNewUser(); | ||
| 76 | } elseif (isset($_GET['deluser'])) { | ||
| 77 | $poche->deleteUser(); | ||
| 78 | } elseif (isset($_GET['epub'])) { | ||
| 79 | $poche->createEpub(); | ||
| 80 | } elseif (isset($_GET['import'])) { | ||
| 81 | $import = $poche->import(); | ||
| 82 | $tpl_vars = array_merge($tpl_vars, $import); | ||
| 83 | } elseif (isset($_GET['download'])) { | ||
| 84 | Tools::download_db(); | ||
| 85 | } elseif (isset($_GET['empty-cache'])) { | ||
| 86 | $poche->emptyCache(); | ||
| 87 | } elseif (isset($_GET['export'])) { | ||
| 88 | $poche->export(); | ||
| 89 | } elseif (isset($_GET['updatetheme'])) { | ||
| 90 | $poche->updateTheme(); | ||
| 91 | } elseif (isset($_GET['updatelanguage'])) { | ||
| 92 | $poche->updateLanguage(); | ||
| 93 | } elseif (isset($_GET['uploadfile'])) { | ||
| 94 | $poche->uploadFile(); | ||
| 95 | } elseif (isset($_GET['feed'])) { | ||
| 96 | if (isset($_GET['action']) && $_GET['action'] == 'generate') { | ||
| 97 | $poche->generateToken(); | ||
| 98 | } | ||
| 99 | else { | ||
| 100 | $tag_id = (isset($_GET['tag_id']) ? intval($_GET['tag_id']) : 0); | ||
| 101 | $poche->generateFeeds($_GET['token'], filter_var($_GET['user_id'],FILTER_SANITIZE_NUMBER_INT), $tag_id, $_GET['type']); | ||
| 102 | } | ||
| 103 | } | ||
| 104 | |||
| 105 | elseif (isset($_GET['plainurl']) && !empty($_GET['plainurl'])) { | ||
| 106 | $plain_url = new Url(base64_encode($_GET['plainurl'])); | ||
| 107 | $poche->action('add', $plain_url); | ||
| 108 | } | 71 | } |
| 109 | 72 | ||
| 110 | if (Session::isLogged()) { | 73 | if (Session::isLogged()) { |
| 74 | |||
| 75 | if (isset($_GET['logout'])) { | ||
| 76 | # see you soon ! | ||
| 77 | $poche->logout(); | ||
| 78 | } elseif (isset($_GET['config'])) { | ||
| 79 | # Update password | ||
| 80 | $poche->updatePassword(); | ||
| 81 | } elseif (isset($_GET['newuser'])) { | ||
| 82 | $poche->createNewUser(); | ||
| 83 | } elseif (isset($_GET['deluser'])) { | ||
| 84 | $poche->deleteUser(); | ||
| 85 | } elseif (isset($_GET['epub'])) { | ||
| 86 | $poche->createEpub(); | ||
| 87 | } elseif (isset($_GET['import'])) { | ||
| 88 | $import = $poche->import(); | ||
| 89 | $tpl_vars = array_merge($tpl_vars, $import); | ||
| 90 | } elseif (isset($_GET['download'])) { | ||
| 91 | Tools::download_db(); | ||
| 92 | } elseif (isset($_GET['empty-cache'])) { | ||
| 93 | $poche->emptyCache(); | ||
| 94 | } elseif (isset($_GET['export'])) { | ||
| 95 | $poche->export(); | ||
| 96 | } elseif (isset($_GET['updatetheme'])) { | ||
| 97 | $poche->updateTheme(); | ||
| 98 | } elseif (isset($_GET['updatelanguage'])) { | ||
| 99 | $poche->updateLanguage(); | ||
| 100 | } elseif (isset($_GET['uploadfile'])) { | ||
| 101 | $poche->uploadFile(); | ||
| 102 | } elseif (isset($_GET['feed']) && isset($_GET['action']) && $_GET['action'] == 'generate') { | ||
| 103 | $poche->generateToken(); | ||
| 104 | } | ||
| 105 | elseif (isset($_GET['plainurl']) && !empty($_GET['plainurl'])) { | ||
| 106 | $plain_url = new Url(base64_encode($_GET['plainurl'])); | ||
| 107 | $poche->action('add', $plain_url); | ||
| 108 | } | ||
| 109 | |||
| 111 | $poche->action($action, $url, $id); | 110 | $poche->action($action, $url, $id); |
| 112 | $tpl_file = Tools::getTplFile($view); | 111 | $tpl_file = Tools::getTplFile($view); |
| 113 | $tpl_vars = array_merge($tpl_vars, $poche->displayView($view, $id)); | 112 | $tpl_vars = array_merge($tpl_vars, $poche->displayView($view, $id)); |
| 113 | |||
| 114 | } elseif(isset($_SERVER['PHP_AUTH_USER'])) { | 114 | } elseif(isset($_SERVER['PHP_AUTH_USER'])) { |
| 115 | if($poche->store->userExists($_SERVER['PHP_AUTH_USER'])) { | 115 | if($poche->store->userExists($_SERVER['PHP_AUTH_USER'])) { |
| 116 | $poche->login($referer); | 116 | $poche->login($referer); |