From 538cdfa8839ca9a3d0bfe9b1a89af8e125aa3490 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20L=C5=93uillet?= Date: Wed, 31 Jul 2013 19:37:14 +0200 Subject: fix #70: if demo mode, fields are filled --- index.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'index.php') diff --git a/index.php b/index.php index 0a778d08..5de8f7f0 100644 --- a/index.php +++ b/index.php @@ -54,7 +54,7 @@ elseif (isset($_GET['config'])) { if (isset($_POST['password']) && isset($_POST['password_repeat'])) { if ($_POST['password'] == $_POST['password_repeat'] && $_POST['password'] != "") { logm('password updated'); - if (!DEMO) { + if (!MODE_DEMO) { $store->updatePassword(encode_string($_POST['password'] . $_SESSION['login'])); $msg->add('s', 'your password has been updated'); } @@ -79,6 +79,7 @@ $tpl->assign('isLogged', Session::isLogged()); $tpl->assign('referer', $ref); $tpl->assign('view', $view); $tpl->assign('poche_url', myTool::getUrl()); +$tpl->assign('demo', MODE_DEMO); $tpl->assign('title', 'poche, a read it later open source system'); if (Session::isLogged()) { @@ -86,5 +87,6 @@ if (Session::isLogged()) { display_view($view, $id, $full_head); } else { + $tpl->draw('login'); } -- cgit v1.2.3 From 2ee436eaa19fd5819a0e6c705b5fcc93f11fb338 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20L=C5=93uillet?= Date: Fri, 2 Aug 2013 10:39:03 +0200 Subject: poche / pocket / bolsillo / Tasche & more --- index.php | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'index.php') diff --git a/index.php b/index.php index 5de8f7f0..fdaeabc3 100644 --- a/index.php +++ b/index.php @@ -15,7 +15,7 @@ myTool::initPhp(); # XSRF protection with token if (!empty($_POST)) { if (!Session::isToken($_POST['token'])) { - die('Wrong token.'); + die(_('Wrong token.')); } unset($_SESSION['tokens']); } @@ -40,7 +40,7 @@ if (isset($_GET['login'])) { MyTool::redirect($ref); } logm('login failed'); - die("Login failed !"); + die(_("Login failed !")); } else { logm('login failed'); } @@ -56,14 +56,14 @@ elseif (isset($_GET['config'])) { logm('password updated'); if (!MODE_DEMO) { $store->updatePassword(encode_string($_POST['password'] . $_SESSION['login'])); - $msg->add('s', 'your password has been updated'); + $msg->add('s', _('your password has been updated')); } else { - $msg->add('i', 'in demo mode, you can\'t update password'); + $msg->add('i', _('in demo mode, you can\'t update password')); } } else - $msg->add('e', 'your password can\'t be empty and you have to repeat it in the second field'); + $msg->add('e', _('your password can\'t be empty and you have to repeat it in the second field')); } } @@ -80,7 +80,7 @@ $tpl->assign('referer', $ref); $tpl->assign('view', $view); $tpl->assign('poche_url', myTool::getUrl()); $tpl->assign('demo', MODE_DEMO); -$tpl->assign('title', 'poche, a read it later open source system'); +$tpl->assign('title', _('poche, a read it later open source system')); if (Session::isLogged()) { action_to_do($action, $url, $id); -- cgit v1.2.3 From a4565e88edbc8e3bd092a475469769c86a4c350c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20L=C5=93uillet?= Date: Fri, 2 Aug 2013 22:40:51 +0200 Subject: add Twig & refactor poche --- index.php | 46 ++++++++++++++++++++++++---------------------- 1 file changed, 24 insertions(+), 22 deletions(-) (limited to 'index.php') diff --git a/index.php b/index.php index fdaeabc3..78daaaf9 100644 --- a/index.php +++ b/index.php @@ -10,7 +10,7 @@ include dirname(__FILE__).'/inc/config.php'; -myTool::initPhp(); +pocheTool::initPhp(); # XSRF protection with token if (!empty($_POST)) { @@ -20,14 +20,13 @@ if (!empty($_POST)) { unset($_SESSION['tokens']); } -$ref = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER']; +$referer = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER']; if (isset($_GET['login'])) { // Login if (!empty($_POST['login']) && !empty($_POST['password'])) { if (Session::login($_SESSION['login'], $_SESSION['pass'], $_POST['login'], encode_string($_POST['password'] . $_POST['login']))) { - logm('login successful'); - $msg->add('s', 'welcome in your poche!'); + pocheTool::logm('login successful'); if (!empty($_POST['longlastingsession'])) { $_SESSION['longlastingsession'] = 31536000; $_SESSION['expires_on'] = time() + $_SESSION['longlastingsession']; @@ -37,33 +36,33 @@ if (isset($_GET['login'])) { } session_regenerate_id(true); - MyTool::redirect($ref); + pocheTool::redirect($referer); } - logm('login failed'); + pocheTool::logm('login failed'); die(_("Login failed !")); } else { - logm('login failed'); + pocheTool::logm('login failed'); } } elseif (isset($_GET['logout'])) { - logm('logout'); + pocheTool::logm('logout'); Session::logout(); - MyTool::redirect(); + pocheTool::redirect(); } elseif (isset($_GET['config'])) { if (isset($_POST['password']) && isset($_POST['password_repeat'])) { if ($_POST['password'] == $_POST['password_repeat'] && $_POST['password'] != "") { - logm('password updated'); + pocheTool::logm('password updated'); if (!MODE_DEMO) { $store->updatePassword(encode_string($_POST['password'] . $_SESSION['login'])); - $msg->add('s', _('your password has been updated')); + #your password has been updated } else { - $msg->add('i', _('in demo mode, you can\'t update password')); + #in demo mode, you can\'t update password } } - else - $msg->add('e', _('your password can\'t be empty and you have to repeat it in the second field')); + #else + #your password can\'t be empty and you have to repeat it in the second field } } @@ -75,18 +74,21 @@ $_SESSION['sort'] = (isset ($_REQUEST['sort'])) ? htmlentities($_REQUEST['sort $id = (isset ($_REQUEST['id'])) ? htmlspecialchars($_REQUEST['id']) : ''; $url = (isset ($_GET['url'])) ? $_GET['url'] : ''; -$tpl->assign('isLogged', Session::isLogged()); -$tpl->assign('referer', $ref); -$tpl->assign('view', $view); -$tpl->assign('poche_url', myTool::getUrl()); -$tpl->assign('demo', MODE_DEMO); -$tpl->assign('title', _('poche, a read it later open source system')); +$tpl_vars = array( + 'isLogged' => Session::isLogged(), + 'referer' => $referer, + 'view' => $view, + 'poche_url' => pocheTool::getUrl(), + 'demo' => MODE_DEMO, + 'title' => _('poche, a read it later open source system'), +); if (Session::isLogged()) { action_to_do($action, $url, $id); display_view($view, $id, $full_head); } else { - - $tpl->draw('login'); + $template = $twig->loadTemplate('login.twig'); } + +echo $template->render($tpl_vars); \ No newline at end of file -- cgit v1.2.3 From 161395d7098ec2bd86671d15d5b54f39148e2d5b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20L=C5=93uillet?= Date: Fri, 2 Aug 2013 23:04:24 +0200 Subject: mv pochetool pochetools --- index.php | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) (limited to 'index.php') diff --git a/index.php b/index.php index 78daaaf9..4962639b 100644 --- a/index.php +++ b/index.php @@ -10,7 +10,7 @@ include dirname(__FILE__).'/inc/config.php'; -pocheTool::initPhp(); +pocheTools::initPhp(); # XSRF protection with token if (!empty($_POST)) { @@ -26,7 +26,7 @@ if (isset($_GET['login'])) { // Login if (!empty($_POST['login']) && !empty($_POST['password'])) { if (Session::login($_SESSION['login'], $_SESSION['pass'], $_POST['login'], encode_string($_POST['password'] . $_POST['login']))) { - pocheTool::logm('login successful'); + pocheTools::logm('login successful'); if (!empty($_POST['longlastingsession'])) { $_SESSION['longlastingsession'] = 31536000; $_SESSION['expires_on'] = time() + $_SESSION['longlastingsession']; @@ -36,23 +36,23 @@ if (isset($_GET['login'])) { } session_regenerate_id(true); - pocheTool::redirect($referer); + pocheTools::redirect($referer); } - pocheTool::logm('login failed'); + pocheTools::logm('login failed'); die(_("Login failed !")); } else { - pocheTool::logm('login failed'); + pocheTools::logm('login failed'); } } elseif (isset($_GET['logout'])) { - pocheTool::logm('logout'); + pocheTools::logm('logout'); Session::logout(); - pocheTool::redirect(); + pocheTools::redirect(); } elseif (isset($_GET['config'])) { if (isset($_POST['password']) && isset($_POST['password_repeat'])) { if ($_POST['password'] == $_POST['password_repeat'] && $_POST['password'] != "") { - pocheTool::logm('password updated'); + pocheTools::logm('password updated'); if (!MODE_DEMO) { $store->updatePassword(encode_string($_POST['password'] . $_SESSION['login'])); #your password has been updated @@ -78,7 +78,7 @@ $tpl_vars = array( 'isLogged' => Session::isLogged(), 'referer' => $referer, 'view' => $view, - 'poche_url' => pocheTool::getUrl(), + 'poche_url' => pocheTools::getUrl(), 'demo' => MODE_DEMO, 'title' => _('poche, a read it later open source system'), ); -- cgit v1.2.3 From 8cbb2a88024969f7efd90f8053f3b0805fa2f8fa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20L=C5=93uillet?= Date: Sat, 3 Aug 2013 08:25:11 +0200 Subject: twig implementation --- index.php | 23 +++++++++++++---------- 1 file changed, 13 insertions(+), 10 deletions(-) (limited to 'index.php') diff --git a/index.php b/index.php index 4962639b..f0a8aef4 100644 --- a/index.php +++ b/index.php @@ -10,12 +10,12 @@ include dirname(__FILE__).'/inc/config.php'; -pocheTools::initPhp(); +$errors = array(); # XSRF protection with token if (!empty($_POST)) { if (!Session::isToken($_POST['token'])) { - die(_('Wrong token.')); + die(_('Wrong token')); } unset($_SESSION['tokens']); } @@ -23,10 +23,11 @@ if (!empty($_POST)) { $referer = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER']; if (isset($_GET['login'])) { - // Login if (!empty($_POST['login']) && !empty($_POST['password'])) { if (Session::login($_SESSION['login'], $_SESSION['pass'], $_POST['login'], encode_string($_POST['password'] . $_POST['login']))) { pocheTools::logm('login successful'); + $errors[]['value'] = _('login successful'); + if (!empty($_POST['longlastingsession'])) { $_SESSION['longlastingsession'] = 31536000; $_SESSION['expires_on'] = time() + $_SESSION['longlastingsession']; @@ -35,11 +36,10 @@ if (isset($_GET['login'])) { session_set_cookie_params(0); // when browser closes } session_regenerate_id(true); - pocheTools::redirect($referer); } pocheTools::logm('login failed'); - die(_("Login failed !")); + $errors[]['value'] = _('Login failed !'); } else { pocheTools::logm('login failed'); } @@ -67,7 +67,7 @@ elseif (isset($_GET['config'])) { } # Traitement des paramètres et déclenchement des actions -$view = (isset ($_REQUEST['view'])) ? htmlentities($_REQUEST['view']) : 'index'; +$view = (isset ($_REQUEST['view'])) ? htmlentities($_REQUEST['view']) : 'home'; $full_head = (isset ($_REQUEST['full_head'])) ? htmlentities($_REQUEST['full_head']) : 'yes'; $action = (isset ($_REQUEST['action'])) ? htmlentities($_REQUEST['action']) : ''; $_SESSION['sort'] = (isset ($_REQUEST['sort'])) ? htmlentities($_REQUEST['sort']) : 'id'; @@ -75,20 +75,23 @@ $id = (isset ($_REQUEST['id'])) ? htmlspecialchars($_REQUEST['id $url = (isset ($_GET['url'])) ? $_GET['url'] : ''; $tpl_vars = array( - 'isLogged' => Session::isLogged(), 'referer' => $referer, 'view' => $view, 'poche_url' => pocheTools::getUrl(), 'demo' => MODE_DEMO, 'title' => _('poche, a read it later open source system'), + 'token' => Session::getToken(), + 'errors' => $errors, ); +$tpl_file = 'home.twig'; + if (Session::isLogged()) { action_to_do($action, $url, $id); - display_view($view, $id, $full_head); + $tpl_vars = array_merge($tpl_vars, display_view($view, $id)); } else { - $template = $twig->loadTemplate('login.twig'); + $tpl_file = 'login.twig'; } -echo $template->render($tpl_vars); \ No newline at end of file +echo $twig->render($tpl_file, $tpl_vars); \ No newline at end of file -- cgit v1.2.3 From 2b840e0cfb63a453bea67a98541f3df9c273c5f5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20L=C5=93uillet?= Date: Sat, 3 Aug 2013 08:57:35 +0200 Subject: twig implementation --- index.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'index.php') diff --git a/index.php b/index.php index f0a8aef4..81bd0174 100644 --- a/index.php +++ b/index.php @@ -15,7 +15,8 @@ $errors = array(); # XSRF protection with token if (!empty($_POST)) { if (!Session::isToken($_POST['token'])) { - die(_('Wrong token')); + #die(_('Wrong token')); + // TODO CORRIGER ICI !!! } unset($_SESSION['tokens']); } @@ -84,10 +85,9 @@ $tpl_vars = array( 'errors' => $errors, ); -$tpl_file = 'home.twig'; - if (Session::isLogged()) { action_to_do($action, $url, $id); + $tpl_file = get_tpl_file($view); $tpl_vars = array_merge($tpl_vars, display_view($view, $id)); } else { -- cgit v1.2.3 From 4f5b44bd3bd490309eb2ba7b44df4769816ba729 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20L=C5=93uillet?= Date: Sat, 3 Aug 2013 19:26:54 +0200 Subject: twig implementation --- index.php | 52 ++++++++++++++++++++++++++++------------------------ 1 file changed, 28 insertions(+), 24 deletions(-) (limited to 'index.php') diff --git a/index.php b/index.php index 81bd0174..dc064428 100644 --- a/index.php +++ b/index.php @@ -10,70 +10,74 @@ include dirname(__FILE__).'/inc/config.php'; -$errors = array(); +$notices = array(); # XSRF protection with token -if (!empty($_POST)) { - if (!Session::isToken($_POST['token'])) { - #die(_('Wrong token')); - // TODO CORRIGER ICI !!! - } - unset($_SESSION['tokens']); -} +// if (!empty($_POST)) { +// if (!Session::isToken($_POST['token'])) { +// die(_('Wrong token')); +// // TODO remettre le test +// } +// unset($_SESSION['tokens']); +// } $referer = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER']; if (isset($_GET['login'])) { + # hello you if (!empty($_POST['login']) && !empty($_POST['password'])) { if (Session::login($_SESSION['login'], $_SESSION['pass'], $_POST['login'], encode_string($_POST['password'] . $_POST['login']))) { pocheTools::logm('login successful'); - $errors[]['value'] = _('login successful'); + $pocheTools[]['value'] = _('login successful'); if (!empty($_POST['longlastingsession'])) { $_SESSION['longlastingsession'] = 31536000; $_SESSION['expires_on'] = time() + $_SESSION['longlastingsession']; session_set_cookie_params($_SESSION['longlastingsession']); } else { - session_set_cookie_params(0); // when browser closes + session_set_cookie_params(0); } session_regenerate_id(true); pocheTools::redirect($referer); } pocheTools::logm('login failed'); - $errors[]['value'] = _('Login failed !'); + $notices[]['value'] = _('Login failed !'); + pocheTools::redirect(); } else { pocheTools::logm('login failed'); + pocheTools::redirect(); } } elseif (isset($_GET['logout'])) { + # see you soon ! pocheTools::logm('logout'); Session::logout(); pocheTools::redirect(); } elseif (isset($_GET['config'])) { + # Update password if (isset($_POST['password']) && isset($_POST['password_repeat'])) { if ($_POST['password'] == $_POST['password_repeat'] && $_POST['password'] != "") { - pocheTools::logm('password updated'); if (!MODE_DEMO) { + pocheTools::logm('password updated'); $store->updatePassword(encode_string($_POST['password'] . $_SESSION['login'])); - #your password has been updated + Session::logout(); + pocheTools::redirect(); } else { - #in demo mode, you can\'t update password + pocheTools::logm('in demo mode, you can\'t do this'); } } - #else - #your password can\'t be empty and you have to repeat it in the second field } } -# Traitement des paramètres et déclenchement des actions -$view = (isset ($_REQUEST['view'])) ? htmlentities($_REQUEST['view']) : 'home'; -$full_head = (isset ($_REQUEST['full_head'])) ? htmlentities($_REQUEST['full_head']) : 'yes'; -$action = (isset ($_REQUEST['action'])) ? htmlentities($_REQUEST['action']) : ''; -$_SESSION['sort'] = (isset ($_REQUEST['sort'])) ? htmlentities($_REQUEST['sort']) : 'id'; -$id = (isset ($_REQUEST['id'])) ? htmlspecialchars($_REQUEST['id']) : ''; -$url = (isset ($_GET['url'])) ? $_GET['url'] : ''; +# Aaaaaaand action ! +$view = (isset ($_REQUEST['view'])) ? htmlentities($_REQUEST['view']) : 'home'; +$full_head = (isset ($_REQUEST['full_head'])) ? htmlentities($_REQUEST['full_head']) : 'yes'; +$action = (isset ($_REQUEST['action'])) ? htmlentities($_REQUEST['action']) : ''; +$_SESSION['sort'] = (isset ($_REQUEST['sort'])) ? htmlentities($_REQUEST['sort']) : 'id'; +$id = (isset ($_REQUEST['id'])) ? htmlspecialchars($_REQUEST['id']) : ''; +$url = (isset ($_GET['url'])) ? $_GET['url'] : ''; $tpl_vars = array( 'referer' => $referer, @@ -82,7 +86,7 @@ $tpl_vars = array( 'demo' => MODE_DEMO, 'title' => _('poche, a read it later open source system'), 'token' => Session::getToken(), - 'errors' => $errors, + 'notices' => $notices, ); if (Session::isLogged()) { -- cgit v1.2.3 From eb1af592194e225bf887e4893e697f0ab8dd9a26 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20L=C5=93uillet?= Date: Sun, 4 Aug 2013 20:58:31 +0200 Subject: refactoring --- index.php | 45 +++++++++++++++++++++++---------------------- 1 file changed, 23 insertions(+), 22 deletions(-) (limited to 'index.php') diff --git a/index.php b/index.php index dc064428..40779698 100644 --- a/index.php +++ b/index.php @@ -8,7 +8,7 @@ * @license http://www.wtfpl.net/ see COPYING file */ -include dirname(__FILE__).'/inc/config.php'; +include dirname(__FILE__).'/inc/poche/config.inc.php'; $notices = array(); @@ -26,9 +26,9 @@ $referer = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER']; if (isset($_GET['login'])) { # hello you if (!empty($_POST['login']) && !empty($_POST['password'])) { - if (Session::login($_SESSION['login'], $_SESSION['pass'], $_POST['login'], encode_string($_POST['password'] . $_POST['login']))) { - pocheTools::logm('login successful'); - $pocheTools[]['value'] = _('login successful'); + if (Session::login($_SESSION['login'], $_SESSION['pass'], $_POST['login'], Tools::encodeString($_POST['password'] . $_POST['login']))) { + Tools::logm('login successful'); + $notices['value'] = _('login successful'); if (!empty($_POST['longlastingsession'])) { $_SESSION['longlastingsession'] = 31536000; @@ -38,34 +38,34 @@ if (isset($_GET['login'])) { session_set_cookie_params(0); } session_regenerate_id(true); - pocheTools::redirect($referer); + Tools::redirect($referer); } - pocheTools::logm('login failed'); - $notices[]['value'] = _('Login failed !'); - pocheTools::redirect(); + Tools::logm('login failed'); + $notices['value'] = _('Login failed !'); + Tools::redirect(); } else { - pocheTools::logm('login failed'); - pocheTools::redirect(); + Tools::logm('login failed'); + Tools::redirect(); } } elseif (isset($_GET['logout'])) { # see you soon ! - pocheTools::logm('logout'); + Tools::logm('logout'); Session::logout(); - pocheTools::redirect(); + Tools::redirect(); } elseif (isset($_GET['config'])) { # Update password if (isset($_POST['password']) && isset($_POST['password_repeat'])) { if ($_POST['password'] == $_POST['password_repeat'] && $_POST['password'] != "") { if (!MODE_DEMO) { - pocheTools::logm('password updated'); - $store->updatePassword(encode_string($_POST['password'] . $_SESSION['login'])); + Tools::logm('password updated'); + $poche->store->updatePassword(Tools::encodeString($_POST['password'] . $_SESSION['login'])); Session::logout(); - pocheTools::redirect(); + Tools::redirect(); } else { - pocheTools::logm('in demo mode, you can\'t do this'); + Tools::logm('in demo mode, you can\'t do this'); } } } @@ -77,12 +77,13 @@ $full_head = (isset ($_REQUEST['full_head'])) ? htmlentities($_REQUEST['full_hea $action = (isset ($_REQUEST['action'])) ? htmlentities($_REQUEST['action']) : ''; $_SESSION['sort'] = (isset ($_REQUEST['sort'])) ? htmlentities($_REQUEST['sort']) : 'id'; $id = (isset ($_REQUEST['id'])) ? htmlspecialchars($_REQUEST['id']) : ''; -$url = (isset ($_GET['url'])) ? $_GET['url'] : ''; + +$url = new Url((isset ($_GET['url'])) ? $_GET['url'] : ''); $tpl_vars = array( 'referer' => $referer, 'view' => $view, - 'poche_url' => pocheTools::getUrl(), + 'poche_url' => Tools::getPocheUrl(), 'demo' => MODE_DEMO, 'title' => _('poche, a read it later open source system'), 'token' => Session::getToken(), @@ -90,12 +91,12 @@ $tpl_vars = array( ); if (Session::isLogged()) { - action_to_do($action, $url, $id); - $tpl_file = get_tpl_file($view); - $tpl_vars = array_merge($tpl_vars, display_view($view, $id)); + $poche->action($action, $url, $id); + $tpl_file = Tools::getTplFile($view); + $tpl_vars = array_merge($tpl_vars, $poche->displayView($view, $id)); } else { $tpl_file = 'login.twig'; } -echo $twig->render($tpl_file, $tpl_vars); \ No newline at end of file +echo $poche->tpl->render($tpl_file, $tpl_vars); \ No newline at end of file -- cgit v1.2.3 From c765c3679fee3ed9e4bad9954a808116187a7e83 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20L=C5=93uillet?= Date: Sun, 4 Aug 2013 21:42:46 +0200 Subject: import in poche and not in an external file --- index.php | 49 +++++++------------------------------------------ 1 file changed, 7 insertions(+), 42 deletions(-) (limited to 'index.php') diff --git a/index.php b/index.php index 40779698..1554c0a6 100644 --- a/index.php +++ b/index.php @@ -10,8 +10,6 @@ include dirname(__FILE__).'/inc/poche/config.inc.php'; -$notices = array(); - # XSRF protection with token // if (!empty($_POST)) { // if (!Session::isToken($_POST['token'])) { @@ -25,50 +23,18 @@ $referer = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER']; if (isset($_GET['login'])) { # hello you - if (!empty($_POST['login']) && !empty($_POST['password'])) { - if (Session::login($_SESSION['login'], $_SESSION['pass'], $_POST['login'], Tools::encodeString($_POST['password'] . $_POST['login']))) { - Tools::logm('login successful'); - $notices['value'] = _('login successful'); - - if (!empty($_POST['longlastingsession'])) { - $_SESSION['longlastingsession'] = 31536000; - $_SESSION['expires_on'] = time() + $_SESSION['longlastingsession']; - session_set_cookie_params($_SESSION['longlastingsession']); - } else { - session_set_cookie_params(0); - } - session_regenerate_id(true); - Tools::redirect($referer); - } - Tools::logm('login failed'); - $notices['value'] = _('Login failed !'); - Tools::redirect(); - } else { - Tools::logm('login failed'); - Tools::redirect(); - } + $poche->login($referer); } elseif (isset($_GET['logout'])) { # see you soon ! - Tools::logm('logout'); - Session::logout(); - Tools::redirect(); + $poche->logout(); } -elseif (isset($_GET['config'])) { +elseif (isset($_GET['config'])) { # Update password - if (isset($_POST['password']) && isset($_POST['password_repeat'])) { - if ($_POST['password'] == $_POST['password_repeat'] && $_POST['password'] != "") { - if (!MODE_DEMO) { - Tools::logm('password updated'); - $poche->store->updatePassword(Tools::encodeString($_POST['password'] . $_SESSION['login'])); - Session::logout(); - Tools::redirect(); - } - else { - Tools::logm('in demo mode, you can\'t do this'); - } - } - } + $poche->updatePassword(); +} +elseif (isset($_GET['import'])) { + $poche->import($_GET['from']); } # Aaaaaaand action ! @@ -87,7 +53,6 @@ $tpl_vars = array( 'demo' => MODE_DEMO, 'title' => _('poche, a read it later open source system'), 'token' => Session::getToken(), - 'notices' => $notices, ); if (Session::isLogged()) { -- cgit v1.2.3 From 63c35580c7d60e2278ee6fe9ba2d4440ff0308d6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20L=C5=93uillet?= Date: Sun, 4 Aug 2013 22:35:08 +0200 Subject: twig implementation --- index.php | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-) (limited to 'index.php') diff --git a/index.php b/index.php index 1554c0a6..381b8ccc 100644 --- a/index.php +++ b/index.php @@ -10,16 +10,21 @@ include dirname(__FILE__).'/inc/poche/config.inc.php'; -# XSRF protection with token -// if (!empty($_POST)) { -// if (!Session::isToken($_POST['token'])) { -// die(_('Wrong token')); -// // TODO remettre le test -// } -// unset($_SESSION['tokens']); -// } +#XSRF protection with token +if (!empty($_POST)) { + if (!Session::isToken($_POST['token'])) { + die(_('Wrong token')); + // TODO remettre le test + } + unset($_SESSION['tokens']); +} $referer = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER']; +$view = Tools::checkVar('view'); +$action = Tools::checkVar('action'); +$id = Tools::checkVar('id'); +$_SESSION['sort'] = Tools::checkVar('sort'); +$url = new Url((isset ($_GET['url'])) ? $_GET['url'] : ''); if (isset($_GET['login'])) { # hello you @@ -36,15 +41,9 @@ elseif (isset($_GET['config'])) { elseif (isset($_GET['import'])) { $poche->import($_GET['from']); } - -# Aaaaaaand action ! -$view = (isset ($_REQUEST['view'])) ? htmlentities($_REQUEST['view']) : 'home'; -$full_head = (isset ($_REQUEST['full_head'])) ? htmlentities($_REQUEST['full_head']) : 'yes'; -$action = (isset ($_REQUEST['action'])) ? htmlentities($_REQUEST['action']) : ''; -$_SESSION['sort'] = (isset ($_REQUEST['sort'])) ? htmlentities($_REQUEST['sort']) : 'id'; -$id = (isset ($_REQUEST['id'])) ? htmlspecialchars($_REQUEST['id']) : ''; - -$url = new Url((isset ($_GET['url'])) ? $_GET['url'] : ''); +elseif (isset($_GET['export'])) { + $poche->export(); +} $tpl_vars = array( 'referer' => $referer, @@ -64,4 +63,5 @@ else { $tpl_file = 'login.twig'; } +# Aaaaaaand action ! echo $poche->tpl->render($tpl_file, $tpl_vars); \ No newline at end of file -- cgit v1.2.3 From 2a1791a4b1c319fc5bbc286d0bc94827fe1feec9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20L=C5=93uillet?= Date: Sun, 4 Aug 2013 22:51:12 +0200 Subject: view of an article --- index.php | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) (limited to 'index.php') diff --git a/index.php b/index.php index 381b8ccc..94c72a27 100644 --- a/index.php +++ b/index.php @@ -11,13 +11,13 @@ include dirname(__FILE__).'/inc/poche/config.inc.php'; #XSRF protection with token -if (!empty($_POST)) { - if (!Session::isToken($_POST['token'])) { - die(_('Wrong token')); - // TODO remettre le test - } - unset($_SESSION['tokens']); -} +// if (!empty($_POST)) { +// if (!Session::isToken($_POST['token'])) { +// die(_('Wrong token')); +// // TODO remettre le test +// } +// unset($_SESSION['tokens']); +// } $referer = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER']; $view = Tools::checkVar('view'); -- cgit v1.2.3 From a62788c61ef80e6b0f1cf0b6304b2dfd2223aa38 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20L=C5=93uillet?= Date: Mon, 5 Aug 2013 09:43:33 +0200 Subject: #100: welcome to you, instapaper users --- index.php | 1 - 1 file changed, 1 deletion(-) (limited to 'index.php') diff --git a/index.php b/index.php index 94c72a27..294620d1 100644 --- a/index.php +++ b/index.php @@ -49,7 +49,6 @@ $tpl_vars = array( 'referer' => $referer, 'view' => $view, 'poche_url' => Tools::getPocheUrl(), - 'demo' => MODE_DEMO, 'title' => _('poche, a read it later open source system'), 'token' => Session::getToken(), ); -- cgit v1.2.3 From 7f959169b7220b4ed3e083cb2a545fe2c5400f9c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20L=C5=93uillet?= Date: Mon, 5 Aug 2013 10:32:15 +0200 Subject: copy of poche.sqlite --- index.php | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) (limited to 'index.php') diff --git a/index.php b/index.php index 294620d1..654403c8 100644 --- a/index.php +++ b/index.php @@ -11,16 +11,15 @@ include dirname(__FILE__).'/inc/poche/config.inc.php'; #XSRF protection with token -// if (!empty($_POST)) { -// if (!Session::isToken($_POST['token'])) { -// die(_('Wrong token')); -// // TODO remettre le test -// } -// unset($_SESSION['tokens']); -// } +if (!empty($_POST)) { + if (!Session::isToken($_POST['token'])) { + die(_('Wrong token')); + } + unset($_SESSION['tokens']); +} $referer = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER']; -$view = Tools::checkVar('view'); +$view = Tools::checkVar('view', 'home'); $action = Tools::checkVar('action'); $id = Tools::checkVar('id'); $_SESSION['sort'] = Tools::checkVar('sort'); -- cgit v1.2.3 From b161295d0b53a5ae194e236b0a7c662e9ac2ff9a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20L=C5=93uillet?= Date: Mon, 5 Aug 2013 12:53:56 +0200 Subject: remove xsrf check --- index.php | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'index.php') diff --git a/index.php b/index.php index 654403c8..19774bb6 100644 --- a/index.php +++ b/index.php @@ -11,12 +11,12 @@ include dirname(__FILE__).'/inc/poche/config.inc.php'; #XSRF protection with token -if (!empty($_POST)) { - if (!Session::isToken($_POST['token'])) { - die(_('Wrong token')); - } - unset($_SESSION['tokens']); -} +// if (!empty($_POST)) { +// if (!Session::isToken($_POST['token'])) { +// die(_('Wrong token')); +// } +// unset($_SESSION['tokens']); +// } $referer = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER']; $view = Tools::checkVar('view', 'home'); -- cgit v1.2.3 From 55821e04c188997d258645975220828e195d0df4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20L=C5=93uillet?= Date: Mon, 5 Aug 2013 15:54:37 +0200 Subject: share email +twitter / class messages --- index.php | 3 +++ 1 file changed, 3 insertions(+) (limited to 'index.php') diff --git a/index.php b/index.php index 19774bb6..dd70a989 100644 --- a/index.php +++ b/index.php @@ -61,5 +61,8 @@ else { $tpl_file = 'login.twig'; } +# because messages can be added in $poche->action(), we have to add this entry now (we can add it before) +$tpl_vars = array_merge($tpl_vars, array('messages' => $poche->messages->display())); + # Aaaaaaand action ! echo $poche->tpl->render($tpl_file, $tpl_vars); \ No newline at end of file -- cgit v1.2.3 From 6a361945eaf86a978b82bd6fb3442fe64428d9df Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20L=C5=93uillet?= Date: Mon, 5 Aug 2013 21:56:32 +0200 Subject: new design, pagination & more --- index.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'index.php') diff --git a/index.php b/index.php index dd70a989..98ada1bd 100644 --- a/index.php +++ b/index.php @@ -62,7 +62,8 @@ else { } # because messages can be added in $poche->action(), we have to add this entry now (we can add it before) -$tpl_vars = array_merge($tpl_vars, array('messages' => $poche->messages->display())); +$messages = $poche->messages->display('all', FALSE); +$tpl_vars = array_merge($tpl_vars, array('messages' => $messages)); # Aaaaaaand action ! echo $poche->tpl->render($tpl_file, $tpl_vars); \ No newline at end of file -- cgit v1.2.3 From 6fb3a2a18591a4c79e91a90282d88cd84554f83c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20L=C5=93uillet?= Date: Mon, 5 Aug 2013 22:50:00 +0200 Subject: move xsrf test --- index.php | 8 -------- 1 file changed, 8 deletions(-) (limited to 'index.php') diff --git a/index.php b/index.php index 98ada1bd..d0dd4ab5 100644 --- a/index.php +++ b/index.php @@ -10,14 +10,6 @@ include dirname(__FILE__).'/inc/poche/config.inc.php'; -#XSRF protection with token -// if (!empty($_POST)) { -// if (!Session::isToken($_POST['token'])) { -// die(_('Wrong token')); -// } -// unset($_SESSION['tokens']); -// } - $referer = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER']; $view = Tools::checkVar('view', 'home'); $action = Tools::checkVar('action'); -- cgit v1.2.3 From f6df40db46a1ee3d422d205e38c1a47c7555f4cb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20L=C5=93uillet?= Date: Mon, 5 Aug 2013 23:11:10 +0200 Subject: default sorting --- index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'index.php') diff --git a/index.php b/index.php index d0dd4ab5..40cadf88 100644 --- a/index.php +++ b/index.php @@ -14,7 +14,7 @@ $referer = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER']; $view = Tools::checkVar('view', 'home'); $action = Tools::checkVar('action'); $id = Tools::checkVar('id'); -$_SESSION['sort'] = Tools::checkVar('sort'); +$_SESSION['sort'] = Tools::checkVar('sort', 'id'); $url = new Url((isset ($_GET['url'])) ? $_GET['url'] : ''); if (isset($_GET['login'])) { -- cgit v1.2.3 From ed06f040776d5e2f38b938005ebc2b09ddd41bd4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20L=C5=93uillet?= Date: Thu, 8 Aug 2013 09:11:12 +0200 Subject: test if /install exists --- index.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'index.php') diff --git a/index.php b/index.php index 40cadf88..353df873 100644 --- a/index.php +++ b/index.php @@ -10,6 +10,7 @@ include dirname(__FILE__).'/inc/poche/config.inc.php'; +# Parse GET & REFERER vars $referer = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER']; $view = Tools::checkVar('view', 'home'); $action = Tools::checkVar('action'); @@ -17,6 +18,7 @@ $id = Tools::checkVar('id'); $_SESSION['sort'] = Tools::checkVar('sort', 'id'); $url = new Url((isset ($_GET['url'])) ? $_GET['url'] : ''); +# poche actions if (isset($_GET['login'])) { # hello you $poche->login($referer); @@ -36,6 +38,7 @@ elseif (isset($_GET['export'])) { $poche->export(); } +# vars to send to templates $tpl_vars = array( 'referer' => $referer, 'view' => $view, @@ -50,6 +53,7 @@ if (Session::isLogged()) { $tpl_vars = array_merge($tpl_vars, $poche->displayView($view, $id)); } else { + # login $tpl_file = 'login.twig'; } @@ -57,5 +61,5 @@ else { $messages = $poche->messages->display('all', FALSE); $tpl_vars = array_merge($tpl_vars, array('messages' => $messages)); -# Aaaaaaand action ! +# display poche echo $poche->tpl->render($tpl_file, $tpl_vars); \ No newline at end of file -- cgit v1.2.3 From 07ee09f49ad3a6ac567f123b338ccb75b1464164 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20L=C5=93uillet?= Date: Thu, 8 Aug 2013 12:33:02 +0200 Subject: comments --- index.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'index.php') diff --git a/index.php b/index.php index 353df873..a60e4e94 100644 --- a/index.php +++ b/index.php @@ -32,7 +32,7 @@ elseif (isset($_GET['config'])) { $poche->updatePassword(); } elseif (isset($_GET['import'])) { - $poche->import($_GET['from']); + $import = $poche->import($_GET['from']); } elseif (isset($_GET['export'])) { $poche->export(); @@ -53,7 +53,6 @@ if (Session::isLogged()) { $tpl_vars = array_merge($tpl_vars, $poche->displayView($view, $id)); } else { - # login $tpl_file = 'login.twig'; } -- cgit v1.2.3