aboutsummaryrefslogtreecommitdiffhomepage
path: root/index.php
diff options
context:
space:
mode:
Diffstat (limited to 'index.php')
-rw-r--r--index.php49
1 files changed, 7 insertions, 42 deletions
diff --git a/index.php b/index.php
index 40779698..1554c0a6 100644
--- a/index.php
+++ b/index.php
@@ -10,8 +10,6 @@
10 10
11include dirname(__FILE__).'/inc/poche/config.inc.php'; 11include dirname(__FILE__).'/inc/poche/config.inc.php';
12 12
13$notices = array();
14
15# XSRF protection with token 13# XSRF protection with token
16// if (!empty($_POST)) { 14// if (!empty($_POST)) {
17// if (!Session::isToken($_POST['token'])) { 15// if (!Session::isToken($_POST['token'])) {
@@ -25,50 +23,18 @@ $referer = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER'];
25 23
26if (isset($_GET['login'])) { 24if (isset($_GET['login'])) {
27 # hello you 25 # hello you
28 if (!empty($_POST['login']) && !empty($_POST['password'])) { 26 $poche->login($referer);
29 if (Session::login($_SESSION['login'], $_SESSION['pass'], $_POST['login'], Tools::encodeString($_POST['password'] . $_POST['login']))) {
30 Tools::logm('login successful');
31 $notices['value'] = _('login successful');
32
33 if (!empty($_POST['longlastingsession'])) {
34 $_SESSION['longlastingsession'] = 31536000;
35 $_SESSION['expires_on'] = time() + $_SESSION['longlastingsession'];
36 session_set_cookie_params($_SESSION['longlastingsession']);
37 } else {
38 session_set_cookie_params(0);
39 }
40 session_regenerate_id(true);
41 Tools::redirect($referer);
42 }
43 Tools::logm('login failed');
44 $notices['value'] = _('Login failed !');
45 Tools::redirect();
46 } else {
47 Tools::logm('login failed');
48 Tools::redirect();
49 }
50} 27}
51elseif (isset($_GET['logout'])) { 28elseif (isset($_GET['logout'])) {
52 # see you soon ! 29 # see you soon !
53 Tools::logm('logout'); 30 $poche->logout();
54 Session::logout();
55 Tools::redirect();
56} 31}
57elseif (isset($_GET['config'])) { 32elseif (isset($_GET['config'])) {
58 # Update password 33 # Update password
59 if (isset($_POST['password']) && isset($_POST['password_repeat'])) { 34 $poche->updatePassword();
60 if ($_POST['password'] == $_POST['password_repeat'] && $_POST['password'] != "") { 35}
61 if (!MODE_DEMO) { 36elseif (isset($_GET['import'])) {
62 Tools::logm('password updated'); 37 $poche->import($_GET['from']);
63 $poche->store->updatePassword(Tools::encodeString($_POST['password'] . $_SESSION['login']));
64 Session::logout();
65 Tools::redirect();
66 }
67 else {
68 Tools::logm('in demo mode, you can\'t do this');
69 }
70 }
71 }
72} 38}
73 39
74# Aaaaaaand action ! 40# Aaaaaaand action !
@@ -87,7 +53,6 @@ $tpl_vars = array(
87 'demo' => MODE_DEMO, 53 'demo' => MODE_DEMO,
88 'title' => _('poche, a read it later open source system'), 54 'title' => _('poche, a read it later open source system'),
89 'token' => Session::getToken(), 55 'token' => Session::getToken(),
90 'notices' => $notices,
91); 56);
92 57
93if (Session::isLogged()) { 58if (Session::isLogged()) {