From a1953dff8f39b225b408c3046246e9446a01f305 Mon Sep 17 00:00:00 2001 From: nicosomb Date: Fri, 19 Apr 2013 11:41:12 +0200 Subject: =?UTF-8?q?tout=20est=20recentr=C3=A9=20sur=20index.php?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- inc/Session.class.php | 2 +- inc/config.php | 57 +--------------------------------------------- inc/functions.php | 47 +++++++++++++++++++++++++++++++++++++- index.php | 62 +++++++++++++++++++++++++++++++++++++++++++-------- js/poche.js | 15 ++++++++----- process.php | 16 ------------- tpl/entries.html | 8 +++---- tpl/home.html | 4 ++-- tpl/login.html | 4 +++- tpl/view.html | 7 +++--- view.php | 35 ----------------------------- 11 files changed, 123 insertions(+), 134 deletions(-) delete mode 100644 process.php delete mode 100644 view.php diff --git a/inc/Session.class.php b/inc/Session.class.php index 06fa6a8e..ee12b3d1 100644 --- a/inc/Session.class.php +++ b/inc/Session.class.php @@ -93,7 +93,7 @@ class Session // Force logout public static function logout() { - unset($_SESSION['uid'],$_SESSION['info'],$_SESSION['expires_on']); + unset($_SESSION['uid'],$_SESSION['info'],$_SESSION['expires_on'],$_SESSION['tokens']); } // Make sure user is logged in. diff --git a/inc/config.php b/inc/config.php index 403217ce..063952a5 100644 --- a/inc/config.php +++ b/inc/config.php @@ -33,59 +33,4 @@ raintpl::$cache_dir = './cache/'; raintpl::$base_url = get_poche_url(); raintpl::configure('path_replace', false); raintpl::configure('debug', false); -$tpl = new raintpl(); - -# initialize session -Session::init(); -# XSRF protection with token -if (!empty($_POST)) { - if (!Session::isToken($_POST['token'])) { - die('Wrong token.'); - } - unset($_SESSION['tokens']); -} - -$ref = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER']; - -if (isset($_GET['login'])) { - // Login - if (!empty($_POST['login']) && !empty($_POST['password'])) { - if (Session::login('poche', 'poche', $_POST['login'], $_POST['password'])) { - if (!empty($_POST['longlastingsession'])) { - $_SESSION['longlastingsession'] = 31536000; - $_SESSION['expires_on'] = time() + $_SESSION['longlastingsession']; - session_set_cookie_params($_SESSION['longlastingsession']); - } else { - session_set_cookie_params(0); // when browser closes - } - session_regenerate_id(true); - - MyTool::redirect(); - } - logm('login failed'); - die("Login failed !"); - } else { - logm('login successful'); - } -} -elseif (isset($_GET['logout'])) { - logm('logout'); - Session::logout(); - MyTool::redirect(); -} - -# Traitement des paramètres et déclenchement des actions -$view = (isset ($_REQUEST['view'])) ? htmlentities($_REQUEST['view']) : 'index'; -$action = (isset ($_REQUEST['action'])) ? htmlentities($_REQUEST['action']) : ''; -$_SESSION['sort'] = (isset ($_REQUEST['sort'])) ? htmlentities($_REQUEST['sort']) : 'id'; -$id = (isset ($_REQUEST['id'])) ? htmlspecialchars($_REQUEST['id']) : ''; -$url = (isset ($_GET['url'])) ? $_GET['url'] : ''; - -$tpl->assign('isLogged', Session::isLogged()); -$tpl->assign('referer', $ref); -$tpl->assign('view', $view); -$tpl->assign('poche_url', get_poche_url()); - -if ($action != '') { - action_to_do($action, $url, $id); -} +$tpl = new raintpl(); \ No newline at end of file diff --git a/inc/functions.php b/inc/functions.php index 13acd36f..ef1fc0e2 100644 --- a/inc/functions.php +++ b/inc/functions.php @@ -226,10 +226,55 @@ function remove_directory($directory) } } +function display_view($view, $id = 0, $full_head = 'yes') +{ + global $tpl; + + switch ($view) + { + case 'view': + $entry = get_article($id); + + if ($entry != NULL) { + $tpl->assign('id', $entry[0]['id']); + $tpl->assign('url', $entry[0]['url']); + $tpl->assign('title', $entry[0]['title']); + $tpl->assign('content', $entry[0]['content']); + $tpl->assign('is_fav', $entry[0]['is_fav']); + $tpl->assign('is_read', $entry[0]['is_read']); + $tpl->assign('load_all_js', 0); + $tpl->draw('view'); + } + else { + logm('error in view call : entry is NULL'); + } + + logm('view link #' . $id); + break; + default: # home view + $entries = get_entries($view); + + $tpl->assign('entries', $entries); + + if ($full_head == 'yes') { + $tpl->assign('load_all_js', 1); + $tpl->draw('head'); + $tpl->draw('home'); + } + + $tpl->draw('entries'); + + if ($full_head == 'yes') { + $tpl->draw('js'); + $tpl->draw('footer'); + } + break; + } +} + /** * Appel d'une action (mark as fav, archive, delete) */ - function action_to_do($action, $url, $id = 0) { global $db; diff --git a/index.php b/index.php index 995426b4..9a81a741 100644 --- a/index.php +++ b/index.php @@ -10,19 +10,63 @@ include dirname(__FILE__).'/inc/config.php'; -$entries = get_entries($view); +# initialize session +Session::init(); +# XSRF protection with token +if (!empty($_POST)) { + if (!Session::isToken($_POST['token'])) { + die('Wrong token.'); + } + unset($_SESSION['tokens']); +} + +if (isset($_GET['login'])) { + // Login + if (!empty($_POST['login']) && !empty($_POST['password'])) { + if (Session::login('poche', 'poche', $_POST['login'], $_POST['password'])) { + logm('login successful'); + if (!empty($_POST['longlastingsession'])) { + $_SESSION['longlastingsession'] = 31536000; + $_SESSION['expires_on'] = time() + $_SESSION['longlastingsession']; + session_set_cookie_params($_SESSION['longlastingsession']); + } else { + session_set_cookie_params(0); // when browser closes + } + session_regenerate_id(true); + MyTool::redirect(); + } + logm('login failed'); + die("Login failed !"); + } else { + logm('login failed'); + } +} +elseif (isset($_GET['logout'])) { + logm('logout'); + Session::logout(); + MyTool::redirect(); +} + +# Traitement des paramètres et déclenchement des actions +$view = (isset ($_REQUEST['view'])) ? htmlentities($_REQUEST['view']) : 'index'; +$full_head = (isset ($_REQUEST['full_head'])) ? htmlentities($_REQUEST['full_head']) : 'yes'; +$action = (isset ($_REQUEST['action'])) ? htmlentities($_REQUEST['action']) : ''; +$_SESSION['sort'] = (isset ($_REQUEST['sort'])) ? htmlentities($_REQUEST['sort']) : 'id'; +$id = (isset ($_REQUEST['id'])) ? htmlspecialchars($_REQUEST['id']) : ''; +$url = (isset ($_GET['url'])) ? $_GET['url'] : ''; +$ref = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER']; + +$tpl->assign('isLogged', Session::isLogged()); +$tpl->assign('referer', $ref); +$tpl->assign('view', $view); +$tpl->assign('poche_url', get_poche_url()); $tpl->assign('title', 'poche, a read it later open source system'); -$tpl->assign('entries', $entries); -$tpl->assign('load_all_js', 1); -$tpl->draw('head'); if (Session::isLogged()) { - $tpl->draw('home'); - $tpl->draw('entries'); - $tpl->draw('js'); + action_to_do($action, $url, $id); + display_view($view, $id, $full_head); } else { $tpl->draw('login'); -} -$tpl->draw('footer'); \ No newline at end of file +} \ No newline at end of file diff --git a/js/poche.js b/js/poche.js index 98fc48ea..6bc3c188 100644 --- a/js/poche.js +++ b/js/poche.js @@ -1,16 +1,16 @@ -function toggle_favorite(element, id, token) { +function toggle_favorite(element, id) { $(element).toggleClass('fav-off'); $.ajax ({ url: "index.php?action=toggle_fav", - data:{id:id, token:token} + data:{id:id} }); } -function toggle_archive(element, id, token, view_article) { +function toggle_archive(element, id, view_article) { $(element).toggleClass('archive-off'); $.ajax ({ url: "index.php?action=toggle_archive", - data:{id:id, token:token} + data:{id:id} }); var obj = $('#entry-'+id); @@ -22,6 +22,9 @@ function toggle_archive(element, id, token, view_article) { } } -function sort_links(view, sort, token) { - $('#content').load('process.php', { view: view, sort: sort, token: token } ); +function sort_links(view, sort) { + //$('#content').load('index.php', { view: view, sort: sort, full_head: 'no' } ); + $.get('index.php', { view: view, sort: sort, full_head: 'no' }, function(data) { + $('#content').html(data); + }); } \ No newline at end of file diff --git a/process.php b/process.php deleted file mode 100644 index 14686885..00000000 --- a/process.php +++ /dev/null @@ -1,16 +0,0 @@ - - * @copyright 2013 - * @license http://www.wtfpl.net/ see COPYING file - */ - -include dirname(__FILE__).'/inc/config.php'; - -$entries = display_view($view); -$tpl->assign('token', $_SESSION['token_poche']); -$tpl->assign('entries', $entries); -$tpl->draw('entries'); \ No newline at end of file diff --git a/tpl/entries.html b/tpl/entries.html index c74bc346..648e1ce9 100644 --- a/tpl/entries.html +++ b/tpl/entries.html @@ -2,13 +2,13 @@

- {$value.title} + {$value.title}

    -
    • -
    • -
    • +
    • +
    • +
diff --git a/tpl/home.html b/tpl/home.html index 216f39b9..6fb9444c 100644 --- a/tpl/home.html +++ b/tpl/home.html @@ -6,7 +6,7 @@
  • logout
    • \ No newline at end of file diff --git a/tpl/login.html b/tpl/login.html index bf0f4fa6..d3139ab3 100644 --- a/tpl/login.html +++ b/tpl/login.html @@ -1,3 +1,4 @@ +{include="head"}

    login to your poche

    @@ -18,4 +19,5 @@
    -
    \ No newline at end of file + +{include="footer"} \ No newline at end of file diff --git a/tpl/view.html b/tpl/view.html index 1191bd82..4b8ce60f 100644 --- a/tpl/view.html +++ b/tpl/view.html @@ -23,9 +23,10 @@
    diff --git a/view.php b/view.php deleted file mode 100644 index 29a5b324..00000000 --- a/view.php +++ /dev/null @@ -1,35 +0,0 @@ - - * @copyright 2013 - * @license http://www.wtfpl.net/ see COPYING file - */ - -include dirname(__FILE__).'/inc/config.php'; - -$id = (isset ($_GET['id'])) ? htmlspecialchars($_GET['id']) : ''; - -if(!empty($id)) { - - $entry = get_article($id); - - if ($entry != NULL) { - $tpl->assign('id', $entry[0]['id']); - $tpl->assign('url', $entry[0]['url']); - $tpl->assign('title', $entry[0]['title']); - $tpl->assign('content', $entry[0]['content']); - $tpl->assign('is_fav', $entry[0]['is_fav']); - $tpl->assign('is_read', $entry[0]['is_read']); - $tpl->assign('load_all_js', 0); - $tpl->draw('view'); - } - else { - logm('error in view call : entry is NULL'); - } -} -else { - logm('error in view call : id is empty'); -} \ No newline at end of file -- cgit v1.2.3