1 files changed, 10 insertions, 7 deletions

diff --git a/app/Controllers/javascriptController.php b/app/Controllers/javascriptController.php
index 67148350f..421cf6f72 100755
--- a/app/Controllers/javascriptController.php
+++ b/app/Controllers/javascriptController.php
@@ -1,14 +1,14 @@
 <?php
 
 class FreshRSS_javascript_Controller extends Minz_ActionController {
-	public function firstAction () {
-		$this->view->_useLayout (false);
+	public function firstAction() {
+		$this->view->_useLayout(false);
 	}
 
-	public function actualizeAction () {
+	public function actualizeAction() {
 		header('Content-Type: text/javascript; charset=UTF-8');
 		$feedDAO = FreshRSS_Factory::createFeedDao();
-		$this->view->feeds = $feedDAO->listFeedsOrderUpdate($this->view->conf->ttl_default);
+		$this->view->feeds = $feedDAO->listFeedsOrderUpdate(FreshRSS_Context::$user_conf->ttl_default);
 	}
 
 	public function nbUnreadsPerFeedAction() {
@@ -28,17 +28,20 @@ class FreshRSS_javascript_Controller extends Minz_ActionController {
 		$user = isset($_GET['user']) ? $_GET['user'] : '';
 		if (ctype_alnum($user)) {
 			try {
-				$conf = new FreshRSS_Configuration($user);
+				$salt = FreshRSS_Context::$system_conf->salt;
+				$conf = get_user_configuration($user);
 				$s = $conf->passwordHash;
 				if (strlen($s) >= 60) {
 					$this->view->salt1 = substr($s, 0, 29);	//CRYPT_BLOWFISH Salt: "$2a$", a two digit cost parameter, "$", and 22 characters from the alphabet "./0-9A-Za-z".
-					$this->view->nonce = sha1(Minz_Configuration::salt() . uniqid(mt_rand(), true));
+					$this->view->nonce = sha1($salt . uniqid(mt_rand(), true));
 					Minz_Session::_param('nonce', $this->view->nonce);
 					return;	//Success
 				}
 			} catch (Minz_Exception $me) {
-				Minz_Log::record('Nonce failure: ' . $me->getMessage(), Minz_Log::WARNING);
+				Minz_Log::warning('Nonce failure: ' . $me->getMessage());
 			}
+		} else {
+			Minz_Log::notice('Nonce failure due to invalid username!');
 		}
 		$this->view->nonce = '';	//Failure
 		$this->view->salt1 = '';