aboutsummaryrefslogtreecommitdiff
path: root/p/api/greader.php
diff options
context:
space:
mode:
Diffstat (limited to 'p/api/greader.php')
-rw-r--r--p/api/greader.php22
1 files changed, 11 insertions, 11 deletions
diff --git a/p/api/greader.php b/p/api/greader.php
index a4b542c23..69a50eea3 100644
--- a/p/api/greader.php
+++ b/p/api/greader.php
@@ -231,10 +231,10 @@ final class GReaderAPI {
private static function token(?FreshRSS_UserConfiguration $conf) {
//http://blog.martindoms.com/2009/08/15/using-the-google-reader-api-part-1/
//https://github.com/ericmann/gReader-Library/blob/master/greader.class.php
- if ($conf == null || FreshRSS_Context::$system_conf == null) {
+ $user = Minz_User::name();
+ if ($user === null || $conf === null || FreshRSS_Context::$system_conf === null) {
self::unauthorized();
}
- $user = Minz_Session::param('currentUser', '_');
//Minz_Log::debug('token('. $user . ')', API_LOG); //TODO: Implement real token that expires
$token = str_pad(sha1(FreshRSS_Context::$system_conf->salt . $user . $conf->apiPasswordHash), 57, 'Z'); //Must have 57 characters
echo $token, "\n";
@@ -243,11 +243,11 @@ final class GReaderAPI {
private static function checkToken(?FreshRSS_UserConfiguration $conf, string $token): bool {
//http://code.google.com/p/google-reader-api/wiki/ActionToken
- if ($conf == null || FreshRSS_Context::$system_conf == null) {
+ $user = Minz_User::name();
+ if ($user === null || $conf === null || FreshRSS_Context::$system_conf === null) {
self::unauthorized();
}
- $user = Minz_Session::param('currentUser', '_');
- if ($user !== '_' && ( //TODO: Check security consequences
+ if ($user !== Minz_User::INTERNAL_USER && ( //TODO: Check security consequences
$token === '' || //FeedMe
$token === 'x')) { //Reeder
return true;
@@ -265,7 +265,7 @@ final class GReaderAPI {
if (FreshRSS_Context::$user_conf == null) {
self::unauthorized();
}
- $user = Minz_Session::param('currentUser', '_');
+ $user = Minz_User::name();
exit(json_encode(array(
'userId' => $user,
'userName' => $user,
@@ -310,7 +310,7 @@ final class GReaderAPI {
/** @return never */
private static function subscriptionExport() {
- $user = '' . Minz_Session::param('currentUser', '_');
+ $user = Minz_User::name() ?? Minz_User::INTERNAL_USER;
$export_service = new FreshRSS_Export_Service($user);
[$filename, $content] = $export_service->generateOpml();
header('Content-Type: application/xml; charset=UTF-8');
@@ -321,7 +321,7 @@ final class GReaderAPI {
/** @return never */
private static function subscriptionImport(string $opml) {
- $user = '' . Minz_Session::param('currentUser', '_');
+ $user = Minz_User::name() ?? Minz_User::INTERNAL_USER;
$importService = new FreshRSS_Import_Service($user);
$importService->importOpml($opml);
if ($importService->lastStatus()) {
@@ -390,7 +390,7 @@ final class GReaderAPI {
if (strpos($add, 'user/-/label/') === 0) {
$c_name = substr($add, 13);
} else {
- $user = Minz_Session::param('currentUser', '_');
+ $user = Minz_User::name();
$prefix = 'user/' . $user . '/label/';
if (strpos($add, $prefix) === 0) {
$c_name = substr($add, strlen($prefix));
@@ -840,7 +840,7 @@ final class GReaderAPI {
if (strpos($a, 'user/-/label/') === 0) {
$tagName = substr($a, 13);
} else {
- $user = Minz_Session::param('currentUser', '_');
+ $user = Minz_User::name() ?? '';
$prefix = 'user/' . $user . '/label/';
if (strpos($a, $prefix) === 0) {
$tagName = substr($a, strlen($prefix));
@@ -1023,7 +1023,7 @@ final class GReaderAPI {
self::clientLogin($_REQUEST['Email'], $_REQUEST['Passwd']);
}
} elseif (isset($pathInfos[3], $pathInfos[4]) && $pathInfos[1] === 'reader' && $pathInfos[2] === 'api' && $pathInfos[3] === '0') {
- if (Minz_Session::param('currentUser', '') == '') {
+ if (Minz_User::name() === null) {
self::unauthorized();
}
$timestamp = isset($_GET['ck']) ? (int)$_GET['ck'] : 0; //ck=[unix timestamp] : Use the current Unix time here, helps Google with caching.
generated by cgit v1.2.3 (git 2.39.1) at 2026-02-10 21:28:03 +0000