diff options
Diffstat (limited to 'p/api/greader.php')
| -rw-r--r-- | p/api/greader.php | 46 |
1 files changed, 23 insertions, 23 deletions
diff --git a/p/api/greader.php b/p/api/greader.php index 91a7b5d13..5f351195c 100644 --- a/p/api/greader.php +++ b/p/api/greader.php @@ -179,15 +179,15 @@ final class GReaderAPI { $user = $headerAuthX[0]; if (FreshRSS_user_Controller::checkUsername($user)) { FreshRSS_Context::initUser($user); - if (FreshRSS_Context::$user_conf == null || FreshRSS_Context::$system_conf == null) { + if (!FreshRSS_Context::hasUserConf() || !FreshRSS_Context::hasSystemConf()) { Minz_Log::warning('Invalid API user ' . $user . ': configuration cannot be found.'); self::unauthorized(); } - if (!FreshRSS_Context::$user_conf->enabled) { + if (!FreshRSS_Context::userConf()->enabled) { Minz_Log::warning('Invalid API user ' . $user . ': configuration cannot be found.'); self::unauthorized(); } - if ($headerAuthX[1] === sha1(FreshRSS_Context::$system_conf->salt . $user . FreshRSS_Context::$user_conf->apiPasswordHash)) { + if ($headerAuthX[1] === sha1(FreshRSS_Context::systemConf()->salt . $user . FreshRSS_Context::userConf()->apiPasswordHash)) { return $user; } else { Minz_Log::warning('Invalid API authorisation for user ' . $user); @@ -206,14 +206,14 @@ final class GReaderAPI { //https://web.archive.org/web/20130604091042/http://undoc.in/clientLogin.html if (FreshRSS_user_Controller::checkUsername($email)) { FreshRSS_Context::initUser($email); - if (FreshRSS_Context::$user_conf == null || FreshRSS_Context::$system_conf == null) { + if (!FreshRSS_Context::hasUserConf() || !FreshRSS_Context::hasSystemConf()) { Minz_Log::warning('Invalid API user ' . $email . ': configuration cannot be found.'); self::unauthorized(); } - if (FreshRSS_Context::$user_conf->apiPasswordHash != '' && password_verify($pass, FreshRSS_Context::$user_conf->apiPasswordHash)) { + if (FreshRSS_Context::userConf()->apiPasswordHash != '' && password_verify($pass, FreshRSS_Context::userConf()->apiPasswordHash)) { header('Content-Type: text/plain; charset=UTF-8'); - $auth = $email . '/' . sha1(FreshRSS_Context::$system_conf->salt . $email . FreshRSS_Context::$user_conf->apiPasswordHash); + $auth = $email . '/' . sha1(FreshRSS_Context::systemConf()->salt . $email . FreshRSS_Context::userConf()->apiPasswordHash); echo 'SID=', $auth, "\n", 'LSID=null', "\n", //Vienna RSS 'Auth=', $auth, "\n"; @@ -234,11 +234,11 @@ final class GReaderAPI { //http://blog.martindoms.com/2009/08/15/using-the-google-reader-api-part-1/ //https://github.com/ericmann/gReader-Library/blob/master/greader.class.php $user = Minz_User::name(); - if ($user === null || $conf === null || FreshRSS_Context::$system_conf === null) { + if ($user === null || $conf === null || !FreshRSS_Context::hasSystemConf()) { self::unauthorized(); } //Minz_Log::debug('token('. $user . ')', API_LOG); //TODO: Implement real token that expires - $token = str_pad(sha1(FreshRSS_Context::$system_conf->salt . $user . $conf->apiPasswordHash), 57, 'Z'); //Must have 57 characters + $token = str_pad(sha1(FreshRSS_Context::systemConf()->salt . $user . $conf->apiPasswordHash), 57, 'Z'); //Must have 57 characters echo $token, "\n"; exit(); } @@ -246,7 +246,7 @@ final class GReaderAPI { private static function checkToken(?FreshRSS_UserConfiguration $conf, string $token): bool { //http://code.google.com/p/google-reader-api/wiki/ActionToken $user = Minz_User::name(); - if ($user === null || $conf === null || FreshRSS_Context::$system_conf === null) { + if ($user === null || $conf === null || !FreshRSS_Context::hasSystemConf()) { self::unauthorized(); } if ($user !== Minz_User::INTERNAL_USER && ( //TODO: Check security consequences @@ -254,7 +254,7 @@ final class GReaderAPI { $token === 'x')) { //Reeder return true; } - if ($token === str_pad(sha1(FreshRSS_Context::$system_conf->salt . $user . $conf->apiPasswordHash), 57, 'Z')) { + if ($token === str_pad(sha1(FreshRSS_Context::systemConf()->salt . $user . $conf->apiPasswordHash), 57, 'Z')) { return true; } Minz_Log::warning('Invalid POST token: ' . $token, API_LOG); @@ -264,7 +264,7 @@ final class GReaderAPI { /** @return never */ private static function userInfo() { //https://github.com/theoldreader/api#user-info - if (FreshRSS_Context::$user_conf == null) { + if (!FreshRSS_Context::hasUserConf()) { self::unauthorized(); } $user = Minz_User::name(); @@ -272,7 +272,7 @@ final class GReaderAPI { 'userId' => $user, 'userName' => $user, 'userProfileId' => $user, - 'userEmail' => FreshRSS_Context::$user_conf->mail_login, + 'userEmail' => FreshRSS_Context::userConf()->mail_login, ), JSON_OPTIONS)); } @@ -340,11 +340,11 @@ final class GReaderAPI { /** @return never */ private static function subscriptionList() { - if (FreshRSS_Context::$system_conf == null) { + if (!FreshRSS_Context::hasSystemConf()) { self::internalServerError(); } header('Content-Type: application/json; charset=UTF-8'); - $salt = FreshRSS_Context::$system_conf->salt; + $salt = FreshRSS_Context::systemConf()->salt; $faviconsUrl = Minz_Url::display('/f.php?', '', true); $faviconsUrl = str_replace('/api/greader.php/reader/api/0/subscription', '', $faviconsUrl); //Security if base_url is not set properly $subscriptions = array(); @@ -1003,7 +1003,7 @@ final class GReaderAPI { //Minz_Log::debug('----------------------------------------------------------------', API_LOG); //Minz_Log::debug(debugInfo(), API_LOG); - if (FreshRSS_Context::$system_conf == null || !FreshRSS_Context::$system_conf->api_enabled) { + if (!FreshRSS_Context::hasSystemConf() || !FreshRSS_Context::systemConf()->api_enabled) { self::serviceUnavailable(); } elseif ($pathInfos[1] === 'check' && $pathInfos[2] === 'compatibility') { self::checkCompatibility(); @@ -1014,10 +1014,10 @@ final class GReaderAPI { if ($pathInfos[1] !== 'accounts') { self::authorizationToUser(); } - if (FreshRSS_Context::$user_conf != null) { - Minz_Translate::init(FreshRSS_Context::$user_conf->language); + if (FreshRSS_Context::hasUserConf()) { + Minz_Translate::init(FreshRSS_Context::userConf()->language); Minz_ExtensionManager::init(); - Minz_ExtensionManager::enableByList(FreshRSS_Context::$user_conf->extensions_enabled, 'user'); + Minz_ExtensionManager::enableByList(FreshRSS_Context::userConf()->extensions_enabled, 'user'); } else { Minz_Translate::init(); } @@ -1163,7 +1163,7 @@ final class GReaderAPI { // Always exits case 'edit-tag': //http://blog.martindoms.com/2010/01/20/using-the-google-reader-api-part-3/ $token = isset($_POST['T']) ? trim($_POST['T']) : ''; - self::checkToken(FreshRSS_Context::$user_conf, $token); + self::checkToken(FreshRSS_Context::userConf(), $token); $a = $_POST['a'] ?? ''; //Add: user/-/state/com.google/read user/-/state/com.google/starred $r = $_POST['r'] ?? ''; //Remove: user/-/state/com.google/read user/-/state/com.google/starred $e_ids = multiplePosts('i'); //item IDs @@ -1171,14 +1171,14 @@ final class GReaderAPI { // Always exits case 'rename-tag': //https://github.com/theoldreader/api $token = isset($_POST['T']) ? trim($_POST['T']) : ''; - self::checkToken(FreshRSS_Context::$user_conf, $token); + self::checkToken(FreshRSS_Context::userConf(), $token); $s = $_POST['s'] ?? ''; //user/-/label/Folder $dest = $_POST['dest'] ?? ''; //user/-/label/NewFolder self::renameTag($s, $dest); // Always exits case 'disable-tag': //https://github.com/theoldreader/api $token = isset($_POST['T']) ? trim($_POST['T']) : ''; - self::checkToken(FreshRSS_Context::$user_conf, $token); + self::checkToken(FreshRSS_Context::userConf(), $token); $s_s = multiplePosts('s'); foreach ($s_s as $s) { self::disableTag($s); //user/-/label/Folder @@ -1186,7 +1186,7 @@ final class GReaderAPI { // Always exits case 'mark-all-as-read': $token = isset($_POST['T']) ? trim($_POST['T']) : ''; - self::checkToken(FreshRSS_Context::$user_conf, $token); + self::checkToken(FreshRSS_Context::userConf(), $token); $streamId = trim($_POST['s'] ?? ''); $ts = trim($_POST['ts'] ?? '0'); //Older than timestamp in nanoseconds if (!ctype_digit($ts)) { @@ -1195,7 +1195,7 @@ final class GReaderAPI { self::markAllAsRead($streamId, $ts); // Always exits case 'token': - self::token(FreshRSS_Context::$user_conf); + self::token(FreshRSS_Context::userConf()); // Always exits case 'user-info': self::userInfo(); |