aboutsummaryrefslogtreecommitdiffhomepage
path: root/inc/config.php
diff options
context:
space:
mode:
Diffstat (limited to 'inc/config.php')
-rw-r--r--inc/config.php57
1 files changed, 1 insertions, 56 deletions
diff --git a/inc/config.php b/inc/config.php
index 403217ce..063952a5 100644
--- a/inc/config.php
+++ b/inc/config.php
@@ -33,59 +33,4 @@ raintpl::$cache_dir = './cache/';
33raintpl::$base_url = get_poche_url(); 33raintpl::$base_url = get_poche_url();
34raintpl::configure('path_replace', false); 34raintpl::configure('path_replace', false);
35raintpl::configure('debug', false); 35raintpl::configure('debug', false);
36$tpl = new raintpl(); 36$tpl = new raintpl(); \ No newline at end of file
37
38# initialize session
39Session::init();
40# XSRF protection with token
41if (!empty($_POST)) {
42 if (!Session::isToken($_POST['token'])) {
43 die('Wrong token.');
44 }
45 unset($_SESSION['tokens']);
46}
47
48$ref = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER'];
49
50if (isset($_GET['login'])) {
51 // Login
52 if (!empty($_POST['login']) && !empty($_POST['password'])) {
53 if (Session::login('poche', 'poche', $_POST['login'], $_POST['password'])) {
54 if (!empty($_POST['longlastingsession'])) {
55 $_SESSION['longlastingsession'] = 31536000;
56 $_SESSION['expires_on'] = time() + $_SESSION['longlastingsession'];
57 session_set_cookie_params($_SESSION['longlastingsession']);
58 } else {
59 session_set_cookie_params(0); // when browser closes
60 }
61 session_regenerate_id(true);
62
63 MyTool::redirect();
64 }
65 logm('login failed');
66 die("Login failed !");
67 } else {
68 logm('login successful');
69 }
70}
71elseif (isset($_GET['logout'])) {
72 logm('logout');
73 Session::logout();
74 MyTool::redirect();
75}
76
77# Traitement des paramètres et déclenchement des actions
78$view = (isset ($_REQUEST['view'])) ? htmlentities($_REQUEST['view']) : 'index';
79$action = (isset ($_REQUEST['action'])) ? htmlentities($_REQUEST['action']) : '';
80$_SESSION['sort'] = (isset ($_REQUEST['sort'])) ? htmlentities($_REQUEST['sort']) : 'id';
81$id = (isset ($_REQUEST['id'])) ? htmlspecialchars($_REQUEST['id']) : '';
82$url = (isset ($_GET['url'])) ? $_GET['url'] : '';
83
84$tpl->assign('isLogged', Session::isLogged());
85$tpl->assign('referer', $ref);
86$tpl->assign('view', $view);
87$tpl->assign('poche_url', get_poche_url());
88
89if ($action != '') {
90 action_to_do($action, $url, $id);
91}