diff options
| author | Nicolas Lœuillet <nicolas.loeuillet@gmail.com> | 2013-08-03 08:25:11 +0200 |
|---|---|---|
| committer | Nicolas Lœuillet <nicolas.loeuillet@gmail.com> | 2013-08-03 08:25:11 +0200 |
| commit | 8cbb2a88024969f7efd90f8053f3b0805fa2f8fa (patch) | |
| tree | 0bb5c7fb3adc752d9ea9a933b524bd08631ca11a /index.php | |
| parent | c67e13e04baab64bcc63fd0dca46125513250c44 (diff) | |
| download | wallabag-8cbb2a88024969f7efd90f8053f3b0805fa2f8fa.tar.gz wallabag-8cbb2a88024969f7efd90f8053f3b0805fa2f8fa.tar.zst wallabag-8cbb2a88024969f7efd90f8053f3b0805fa2f8fa.zip | |
twig implementation
Diffstat (limited to 'index.php')
| -rw-r--r-- | index.php | 23 |
1 files changed, 13 insertions, 10 deletions
| @@ -10,12 +10,12 @@ | |||
| 10 | 10 | ||
| 11 | include dirname(__FILE__).'/inc/config.php'; | 11 | include dirname(__FILE__).'/inc/config.php'; |
| 12 | 12 | ||
| 13 | pocheTools::initPhp(); | 13 | $errors = array(); |
| 14 | 14 | ||
| 15 | # XSRF protection with token | 15 | # XSRF protection with token |
| 16 | if (!empty($_POST)) { | 16 | if (!empty($_POST)) { |
| 17 | if (!Session::isToken($_POST['token'])) { | 17 | if (!Session::isToken($_POST['token'])) { |
| 18 | die(_('Wrong token.')); | 18 | die(_('Wrong token')); |
| 19 | } | 19 | } |
| 20 | unset($_SESSION['tokens']); | 20 | unset($_SESSION['tokens']); |
| 21 | } | 21 | } |
| @@ -23,10 +23,11 @@ if (!empty($_POST)) { | |||
| 23 | $referer = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER']; | 23 | $referer = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER']; |
| 24 | 24 | ||
| 25 | if (isset($_GET['login'])) { | 25 | if (isset($_GET['login'])) { |
| 26 | // Login | ||
| 27 | if (!empty($_POST['login']) && !empty($_POST['password'])) { | 26 | if (!empty($_POST['login']) && !empty($_POST['password'])) { |
| 28 | if (Session::login($_SESSION['login'], $_SESSION['pass'], $_POST['login'], encode_string($_POST['password'] . $_POST['login']))) { | 27 | if (Session::login($_SESSION['login'], $_SESSION['pass'], $_POST['login'], encode_string($_POST['password'] . $_POST['login']))) { |
| 29 | pocheTools::logm('login successful'); | 28 | pocheTools::logm('login successful'); |
| 29 | $errors[]['value'] = _('login successful'); | ||
| 30 | |||
| 30 | if (!empty($_POST['longlastingsession'])) { | 31 | if (!empty($_POST['longlastingsession'])) { |
| 31 | $_SESSION['longlastingsession'] = 31536000; | 32 | $_SESSION['longlastingsession'] = 31536000; |
| 32 | $_SESSION['expires_on'] = time() + $_SESSION['longlastingsession']; | 33 | $_SESSION['expires_on'] = time() + $_SESSION['longlastingsession']; |
| @@ -35,11 +36,10 @@ if (isset($_GET['login'])) { | |||
| 35 | session_set_cookie_params(0); // when browser closes | 36 | session_set_cookie_params(0); // when browser closes |
| 36 | } | 37 | } |
| 37 | session_regenerate_id(true); | 38 | session_regenerate_id(true); |
| 38 | |||
| 39 | pocheTools::redirect($referer); | 39 | pocheTools::redirect($referer); |
| 40 | } | 40 | } |
| 41 | pocheTools::logm('login failed'); | 41 | pocheTools::logm('login failed'); |
| 42 | die(_("Login failed !")); | 42 | $errors[]['value'] = _('Login failed !'); |
| 43 | } else { | 43 | } else { |
| 44 | pocheTools::logm('login failed'); | 44 | pocheTools::logm('login failed'); |
| 45 | } | 45 | } |
| @@ -67,7 +67,7 @@ elseif (isset($_GET['config'])) { | |||
| 67 | } | 67 | } |
| 68 | 68 | ||
| 69 | # Traitement des paramètres et déclenchement des actions | 69 | # Traitement des paramètres et déclenchement des actions |
| 70 | $view = (isset ($_REQUEST['view'])) ? htmlentities($_REQUEST['view']) : 'index'; | 70 | $view = (isset ($_REQUEST['view'])) ? htmlentities($_REQUEST['view']) : 'home'; |
| 71 | $full_head = (isset ($_REQUEST['full_head'])) ? htmlentities($_REQUEST['full_head']) : 'yes'; | 71 | $full_head = (isset ($_REQUEST['full_head'])) ? htmlentities($_REQUEST['full_head']) : 'yes'; |
| 72 | $action = (isset ($_REQUEST['action'])) ? htmlentities($_REQUEST['action']) : ''; | 72 | $action = (isset ($_REQUEST['action'])) ? htmlentities($_REQUEST['action']) : ''; |
| 73 | $_SESSION['sort'] = (isset ($_REQUEST['sort'])) ? htmlentities($_REQUEST['sort']) : 'id'; | 73 | $_SESSION['sort'] = (isset ($_REQUEST['sort'])) ? htmlentities($_REQUEST['sort']) : 'id'; |
| @@ -75,20 +75,23 @@ $id = (isset ($_REQUEST['id'])) ? htmlspecialchars($_REQUEST['id | |||
| 75 | $url = (isset ($_GET['url'])) ? $_GET['url'] : ''; | 75 | $url = (isset ($_GET['url'])) ? $_GET['url'] : ''; |
| 76 | 76 | ||
| 77 | $tpl_vars = array( | 77 | $tpl_vars = array( |
| 78 | 'isLogged' => Session::isLogged(), | ||
| 79 | 'referer' => $referer, | 78 | 'referer' => $referer, |
| 80 | 'view' => $view, | 79 | 'view' => $view, |
| 81 | 'poche_url' => pocheTools::getUrl(), | 80 | 'poche_url' => pocheTools::getUrl(), |
| 82 | 'demo' => MODE_DEMO, | 81 | 'demo' => MODE_DEMO, |
| 83 | 'title' => _('poche, a read it later open source system'), | 82 | 'title' => _('poche, a read it later open source system'), |
| 83 | 'token' => Session::getToken(), | ||
| 84 | 'errors' => $errors, | ||
| 84 | ); | 85 | ); |
| 85 | 86 | ||
| 87 | $tpl_file = 'home.twig'; | ||
| 88 | |||
| 86 | if (Session::isLogged()) { | 89 | if (Session::isLogged()) { |
| 87 | action_to_do($action, $url, $id); | 90 | action_to_do($action, $url, $id); |
| 88 | display_view($view, $id, $full_head); | 91 | $tpl_vars = array_merge($tpl_vars, display_view($view, $id)); |
| 89 | } | 92 | } |
| 90 | else { | 93 | else { |
| 91 | $template = $twig->loadTemplate('login.twig'); | 94 | $tpl_file = 'login.twig'; |
| 92 | } | 95 | } |
| 93 | 96 | ||
| 94 | echo $template->render($tpl_vars); \ No newline at end of file | 97 | echo $twig->render($tpl_file, $tpl_vars); \ No newline at end of file |