aboutsummaryrefslogtreecommitdiffhomepage
path: root/index.php
diff options
context:
space:
mode:
authornicosomb <nicolas@loeuillet.org>2013-04-15 14:09:58 +0200
committernicosomb <nicolas@loeuillet.org>2013-04-15 14:09:58 +0200
commitcf3180f6b8c552bbf7214d1ba72fbf1fc90ef861 (patch)
tree86d0cad24ed4891165d720a3bb19fffe6f55c73b /index.php
parent358ab47957de18183aa3d3f7a62b631cd131f41f (diff)
downloadwallabag-cf3180f6b8c552bbf7214d1ba72fbf1fc90ef861.tar.gz
wallabag-cf3180f6b8c552bbf7214d1ba72fbf1fc90ef861.tar.zst
wallabag-cf3180f6b8c552bbf7214d1ba72fbf1fc90ef861.zip
vérificatio CSRF et mise en page
Diffstat (limited to 'index.php')
-rwxr-xr-xindex.php13
1 files changed, 9 insertions, 4 deletions
diff --git a/index.php b/index.php
index 1cb32f58..d477d699 100755
--- a/index.php
+++ b/index.php
@@ -10,12 +10,16 @@
10 10
11include dirname(__FILE__).'/inc/config.php'; 11include dirname(__FILE__).'/inc/config.php';
12 12
13$action = (isset ($_GET['action'])) ? htmlspecialchars($_GET['action']) : ''; 13$action = (isset ($_REQUEST['action'])) ? htmlentities($_REQUEST['action']) : '';
14$view = (isset ($_GET['view'])) ? htmlspecialchars($_GET['view']) : 'index'; 14$view = (isset ($_GET['view'])) ? htmlentities($_GET['view']) : 'index';
15$id = (isset ($_GET['id'])) ? htmlspecialchars($_GET['id']) : ''; 15$id = (isset ($_REQUEST['id'])) ? htmlspecialchars($_REQUEST['id']) : '';
16$url = (isset ($_GET['url'])) ? $_GET['url'] : ''; 16$url = (isset ($_GET['url'])) ? $_GET['url'] : '';
17$token = (isset ($_POST['token'])) ? $_POST['token'] : '';
18
19if ($action != '') {
20 action_to_do($action, $id, $url, $token);
21}
17 22
18action_to_do($action, $id);
19$entries = display_view($view); 23$entries = display_view($view);
20 24
21$tpl->assign('title', 'poche, a read it later open source system'); 25$tpl->assign('title', 'poche, a read it later open source system');
@@ -23,4 +27,5 @@ $tpl->assign('view', $view);
23$tpl->assign('poche_url', get_poche_url()); 27$tpl->assign('poche_url', get_poche_url());
24$tpl->assign('entries', $entries); 28$tpl->assign('entries', $entries);
25$tpl->assign('load_all_js', 1); 29$tpl->assign('load_all_js', 1);
30$tpl->assign('token', $_SESSION['token_poche']);
26$tpl->draw('home'); \ No newline at end of file 31$tpl->draw('home'); \ No newline at end of file