diff options
author | Nicolas Lœuillet <nicolas.loeuillet@gmail.com> | 2013-08-03 19:26:54 +0200 |
---|---|---|
committer | Nicolas Lœuillet <nicolas.loeuillet@gmail.com> | 2013-08-03 19:26:54 +0200 |
commit | 4f5b44bd3bd490309eb2ba7b44df4769816ba729 (patch) | |
tree | 6cefe170dfe0a5a361cb1e2d1fc4d580a3316d02 /index.php | |
parent | 2b840e0cfb63a453bea67a98541f3df9c273c5f5 (diff) | |
download | wallabag-4f5b44bd3bd490309eb2ba7b44df4769816ba729.tar.gz wallabag-4f5b44bd3bd490309eb2ba7b44df4769816ba729.tar.zst wallabag-4f5b44bd3bd490309eb2ba7b44df4769816ba729.zip |
twig implementation
Diffstat (limited to 'index.php')
-rw-r--r-- | index.php | 52 |
1 files changed, 28 insertions, 24 deletions
@@ -10,70 +10,74 @@ | |||
10 | 10 | ||
11 | include dirname(__FILE__).'/inc/config.php'; | 11 | include dirname(__FILE__).'/inc/config.php'; |
12 | 12 | ||
13 | $errors = array(); | 13 | $notices = array(); |
14 | 14 | ||
15 | # XSRF protection with token | 15 | # XSRF protection with token |
16 | if (!empty($_POST)) { | 16 | // if (!empty($_POST)) { |
17 | if (!Session::isToken($_POST['token'])) { | 17 | // if (!Session::isToken($_POST['token'])) { |
18 | #die(_('Wrong token')); | 18 | // die(_('Wrong token')); |
19 | // TODO CORRIGER ICI !!! | 19 | // // TODO remettre le test |
20 | } | 20 | // } |
21 | unset($_SESSION['tokens']); | 21 | // unset($_SESSION['tokens']); |
22 | } | 22 | // } |
23 | 23 | ||
24 | $referer = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER']; | 24 | $referer = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER']; |
25 | 25 | ||
26 | if (isset($_GET['login'])) { | 26 | if (isset($_GET['login'])) { |
27 | # hello you | ||
27 | if (!empty($_POST['login']) && !empty($_POST['password'])) { | 28 | if (!empty($_POST['login']) && !empty($_POST['password'])) { |
28 | if (Session::login($_SESSION['login'], $_SESSION['pass'], $_POST['login'], encode_string($_POST['password'] . $_POST['login']))) { | 29 | if (Session::login($_SESSION['login'], $_SESSION['pass'], $_POST['login'], encode_string($_POST['password'] . $_POST['login']))) { |
29 | pocheTools::logm('login successful'); | 30 | pocheTools::logm('login successful'); |
30 | $errors[]['value'] = _('login successful'); | 31 | $pocheTools[]['value'] = _('login successful'); |
31 | 32 | ||
32 | if (!empty($_POST['longlastingsession'])) { | 33 | if (!empty($_POST['longlastingsession'])) { |
33 | $_SESSION['longlastingsession'] = 31536000; | 34 | $_SESSION['longlastingsession'] = 31536000; |
34 | $_SESSION['expires_on'] = time() + $_SESSION['longlastingsession']; | 35 | $_SESSION['expires_on'] = time() + $_SESSION['longlastingsession']; |
35 | session_set_cookie_params($_SESSION['longlastingsession']); | 36 | session_set_cookie_params($_SESSION['longlastingsession']); |
36 | } else { | 37 | } else { |
37 | session_set_cookie_params(0); // when browser closes | 38 | session_set_cookie_params(0); |
38 | } | 39 | } |
39 | session_regenerate_id(true); | 40 | session_regenerate_id(true); |
40 | pocheTools::redirect($referer); | 41 | pocheTools::redirect($referer); |
41 | } | 42 | } |
42 | pocheTools::logm('login failed'); | 43 | pocheTools::logm('login failed'); |
43 | $errors[]['value'] = _('Login failed !'); | 44 | $notices[]['value'] = _('Login failed !'); |
45 | pocheTools::redirect(); | ||
44 | } else { | 46 | } else { |
45 | pocheTools::logm('login failed'); | 47 | pocheTools::logm('login failed'); |
48 | pocheTools::redirect(); | ||
46 | } | 49 | } |
47 | } | 50 | } |
48 | elseif (isset($_GET['logout'])) { | 51 | elseif (isset($_GET['logout'])) { |
52 | # see you soon ! | ||
49 | pocheTools::logm('logout'); | 53 | pocheTools::logm('logout'); |
50 | Session::logout(); | 54 | Session::logout(); |
51 | pocheTools::redirect(); | 55 | pocheTools::redirect(); |
52 | } | 56 | } |
53 | elseif (isset($_GET['config'])) { | 57 | elseif (isset($_GET['config'])) { |
58 | # Update password | ||
54 | if (isset($_POST['password']) && isset($_POST['password_repeat'])) { | 59 | if (isset($_POST['password']) && isset($_POST['password_repeat'])) { |
55 | if ($_POST['password'] == $_POST['password_repeat'] && $_POST['password'] != "") { | 60 | if ($_POST['password'] == $_POST['password_repeat'] && $_POST['password'] != "") { |
56 | pocheTools::logm('password updated'); | ||
57 | if (!MODE_DEMO) { | 61 | if (!MODE_DEMO) { |
62 | pocheTools::logm('password updated'); | ||
58 | $store->updatePassword(encode_string($_POST['password'] . $_SESSION['login'])); | 63 | $store->updatePassword(encode_string($_POST['password'] . $_SESSION['login'])); |
59 | #your password has been updated | 64 | Session::logout(); |
65 | pocheTools::redirect(); | ||
60 | } | 66 | } |
61 | else { | 67 | else { |
62 | #in demo mode, you can\'t update password | 68 | pocheTools::logm('in demo mode, you can\'t do this'); |
63 | } | 69 | } |
64 | } | 70 | } |
65 | #else | ||
66 | #your password can\'t be empty and you have to repeat it in the second field | ||
67 | } | 71 | } |
68 | } | 72 | } |
69 | 73 | ||
70 | # Traitement des paramètres et déclenchement des actions | 74 | # Aaaaaaand action ! |
71 | $view = (isset ($_REQUEST['view'])) ? htmlentities($_REQUEST['view']) : 'home'; | 75 | $view = (isset ($_REQUEST['view'])) ? htmlentities($_REQUEST['view']) : 'home'; |
72 | $full_head = (isset ($_REQUEST['full_head'])) ? htmlentities($_REQUEST['full_head']) : 'yes'; | 76 | $full_head = (isset ($_REQUEST['full_head'])) ? htmlentities($_REQUEST['full_head']) : 'yes'; |
73 | $action = (isset ($_REQUEST['action'])) ? htmlentities($_REQUEST['action']) : ''; | 77 | $action = (isset ($_REQUEST['action'])) ? htmlentities($_REQUEST['action']) : ''; |
74 | $_SESSION['sort'] = (isset ($_REQUEST['sort'])) ? htmlentities($_REQUEST['sort']) : 'id'; | 78 | $_SESSION['sort'] = (isset ($_REQUEST['sort'])) ? htmlentities($_REQUEST['sort']) : 'id'; |
75 | $id = (isset ($_REQUEST['id'])) ? htmlspecialchars($_REQUEST['id']) : ''; | 79 | $id = (isset ($_REQUEST['id'])) ? htmlspecialchars($_REQUEST['id']) : ''; |
76 | $url = (isset ($_GET['url'])) ? $_GET['url'] : ''; | 80 | $url = (isset ($_GET['url'])) ? $_GET['url'] : ''; |
77 | 81 | ||
78 | $tpl_vars = array( | 82 | $tpl_vars = array( |
79 | 'referer' => $referer, | 83 | 'referer' => $referer, |
@@ -82,7 +86,7 @@ $tpl_vars = array( | |||
82 | 'demo' => MODE_DEMO, | 86 | 'demo' => MODE_DEMO, |
83 | 'title' => _('poche, a read it later open source system'), | 87 | 'title' => _('poche, a read it later open source system'), |
84 | 'token' => Session::getToken(), | 88 | 'token' => Session::getToken(), |
85 | 'errors' => $errors, | 89 | 'notices' => $notices, |
86 | ); | 90 | ); |
87 | 91 | ||
88 | if (Session::isLogged()) { | 92 | if (Session::isLogged()) { |