diff options
| author |  Marien Fressinaud <dev@marienfressinaud.fr>
| 2013-11-08 19:13:46 +0100 |
|---|---|---|
| committer | Marien Fressinaud <dev@marienfressinaud.fr>
| 2013-11-08 19:13:46 +0100 |
| commit | 602230ec536551601292d7af4a8632bc2eec6966 (patch) | |
| tree | 1719213e65d69d3a48bf7e9a7994178203ec578b /app/controllers/feedController.php | |
| parent | 934d8aa21c6b7b26222196d7911556131a063e12 (diff) | |
Fix issue #238: possibilité d'actualiser avec token
En précisant le token il est possible maintenant d'actualiser les flux
sans avoir besoin de se connecter
Diffstat (limited to 'app/controllers/feedController.php')
| -rwxr-xr-x | app/controllers/feedController.php | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/app/controllers/feedController.php b/app/controllers/feedController.php index 0fd362065..31bade9f5 100755 --- a/app/controllers/feedController.php +++ b/app/controllers/feedController.php @@ -2,7 +2,14 @@ class feedController extends ActionController { public function firstAction () { - if (login_is_conf ($this->view->conf) && !is_logged ()) { + $token = $this->view->conf->token(); + $token_param = Request::param ('token', ''); + $token_is_ok = ($token != '' && $token == $token_param); + $action = Request::actionName (); + + if (login_is_conf ($this->view->conf) && + !is_logged () && + !($token_is_ok && $action == 'actualize')) { Error::error ( 403, array ('error' => array (Translate::t ('access_denied'))) |