aboutsummaryrefslogtreecommitdiffhomepage
path: root/index.php
diff options
context:
space:
mode:
Diffstat (limited to 'index.php')
-rw-r--r--index.php34
1 files changed, 17 insertions, 17 deletions
diff --git a/index.php b/index.php
index 1554c0a6..381b8ccc 100644
--- a/index.php
+++ b/index.php
@@ -10,16 +10,21 @@
10 10
11include dirname(__FILE__).'/inc/poche/config.inc.php'; 11include dirname(__FILE__).'/inc/poche/config.inc.php';
12 12
13# XSRF protection with token 13#XSRF protection with token
14// if (!empty($_POST)) { 14if (!empty($_POST)) {
15// if (!Session::isToken($_POST['token'])) { 15 if (!Session::isToken($_POST['token'])) {
16// die(_('Wrong token')); 16 die(_('Wrong token'));
17// // TODO remettre le test 17 // TODO remettre le test
18// } 18 }
19// unset($_SESSION['tokens']); 19 unset($_SESSION['tokens']);
20// } 20}
21 21
22$referer = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER']; 22$referer = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER'];
23$view = Tools::checkVar('view');
24$action = Tools::checkVar('action');
25$id = Tools::checkVar('id');
26$_SESSION['sort'] = Tools::checkVar('sort');
27$url = new Url((isset ($_GET['url'])) ? $_GET['url'] : '');
23 28
24if (isset($_GET['login'])) { 29if (isset($_GET['login'])) {
25 # hello you 30 # hello you
@@ -36,15 +41,9 @@ elseif (isset($_GET['config'])) {
36elseif (isset($_GET['import'])) { 41elseif (isset($_GET['import'])) {
37 $poche->import($_GET['from']); 42 $poche->import($_GET['from']);
38} 43}
39 44elseif (isset($_GET['export'])) {
40# Aaaaaaand action ! 45 $poche->export();
41$view = (isset ($_REQUEST['view'])) ? htmlentities($_REQUEST['view']) : 'home'; 46}
42$full_head = (isset ($_REQUEST['full_head'])) ? htmlentities($_REQUEST['full_head']) : 'yes';
43$action = (isset ($_REQUEST['action'])) ? htmlentities($_REQUEST['action']) : '';
44$_SESSION['sort'] = (isset ($_REQUEST['sort'])) ? htmlentities($_REQUEST['sort']) : 'id';
45$id = (isset ($_REQUEST['id'])) ? htmlspecialchars($_REQUEST['id']) : '';
46
47$url = new Url((isset ($_GET['url'])) ? $_GET['url'] : '');
48 47
49$tpl_vars = array( 48$tpl_vars = array(
50 'referer' => $referer, 49 'referer' => $referer,
@@ -64,4 +63,5 @@ else {
64 $tpl_file = 'login.twig'; 63 $tpl_file = 'login.twig';
65} 64}
66 65
66# Aaaaaaand action !
67echo $poche->tpl->render($tpl_file, $tpl_vars); \ No newline at end of file 67echo $poche->tpl->render($tpl_file, $tpl_vars); \ No newline at end of file