From 92efd68a3a13e49fe7bbfb8441611c0dcd639415 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Mon, 30 Dec 2013 01:03:32 +0100 Subject: Début de mode multi-utilisateur avec http_auth MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit + Légère optimisation de Minz_View. + Encore plus de tests de bibliothèques dans install.php Contribue à https://github.com/marienfressinaud/FreshRSS/issues/126 et https://github.com/marienfressinaud/FreshRSS/issues/303 --- app/Controllers/configureController.php | 5 +---- app/Controllers/entryController.php | 4 ++-- app/Controllers/feedController.php | 27 ++++++++++++--------------- app/Controllers/indexController.php | 31 ++++++++++++++----------------- 4 files changed, 29 insertions(+), 38 deletions(-) (limited to 'app/Controllers') diff --git a/app/Controllers/configureController.php b/app/Controllers/configureController.php index 0c0b4951d..656e2ac89 100755 --- a/app/Controllers/configureController.php +++ b/app/Controllers/configureController.php @@ -2,7 +2,7 @@ class FreshRSS_configure_Controller extends Minz_ActionController { public function firstAction () { - if (login_is_conf ($this->view->conf) && !is_logged ()) { + if (!$this->view->loginOk) { Minz_Error::error ( 403, array ('error' => array (Minz_Translate::t ('access_denied'))) @@ -16,7 +16,6 @@ class FreshRSS_configure_Controller extends Minz_ActionController { public function categorizeAction () { $feedDAO = new FreshRSS_FeedDAO (); $catDAO = new FreshRSS_CategoryDAO (); - $catDAO->checkDefault (); $defaultCategory = $catDAO->getDefault (); $defaultId = $defaultCategory->id (); @@ -167,8 +166,6 @@ class FreshRSS_configure_Controller extends Minz_ActionController { $this->view->conf->_bottomline_link(Minz_Request::param('bottomline_link', false)); $this->view->conf->save(); - Minz_Session::_param ('mail', $this->view->conf->mail_login); - Minz_Session::_param ('language', $this->view->conf->language); Minz_Translate::reset (); diff --git a/app/Controllers/entryController.php b/app/Controllers/entryController.php index b0fc37cdf..da4ab5ecc 100755 --- a/app/Controllers/entryController.php +++ b/app/Controllers/entryController.php @@ -2,7 +2,7 @@ class FreshRSS_entry_Controller extends Minz_ActionController { public function firstAction () { - if (login_is_conf ($this->view->conf) && !is_logged ()) { + if (!$this->view->loginOk) { Minz_Error::error ( 403, array ('error' => array (Minz_Translate::t ('access_denied'))) @@ -38,7 +38,7 @@ class FreshRSS_entry_Controller extends Minz_ActionController { $nextGet = Minz_Request::param ('nextGet', $get); $idMax = Minz_Request::param ('idMax', 0); - $is_read = !!$is_read; + $is_read = (bool)$is_read; $entryDAO = new FreshRSS_EntryDAO (); if ($id == false) { diff --git a/app/Controllers/feedController.php b/app/Controllers/feedController.php index 42a0dcb11..2d7c0ab43 100755 --- a/app/Controllers/feedController.php +++ b/app/Controllers/feedController.php @@ -2,18 +2,17 @@ class FreshRSS_feed_Controller extends Minz_ActionController { public function firstAction () { - $token = $this->view->conf->token; - $token_param = Minz_Request::param ('token', ''); - $token_is_ok = ($token != '' && $token == $token_param); - $action = Minz_Request::actionName (); - - if (login_is_conf ($this->view->conf) && - !is_logged () && - !($token_is_ok && $action == 'actualize')) { - Minz_Error::error ( - 403, - array ('error' => array (Minz_Translate::t ('access_denied'))) - ); + if (!$this->view->loginOk) { + $token = $this->view->conf->token; //TODO: check the token logic again, and if it is still needed + $token_param = Minz_Request::param ('token', ''); + $token_is_ok = ($token != '' && $token == $token_param); + $action = Minz_Request::actionName (); + if (!($token_is_ok && $action === 'actualize')) { + Minz_Error::error ( + 403, + array ('error' => array (Minz_Translate::t ('access_denied'))) + ); + } } $this->catDAO = new FreshRSS_CategoryDAO (); @@ -411,10 +410,8 @@ class FreshRSS_feed_Controller extends Minz_ActionController { } private function addCategories ($categories) { - $catDAO = new FreshRSS_CategoryDAO (); - foreach ($categories as $cat) { - if (!$catDAO->searchByName ($cat->name ())) { + if (!$this->catDAO->searchByName ($cat->name ())) { $values = array ( 'id' => $cat->id (), 'name' => $cat->name (), diff --git a/app/Controllers/indexController.php b/app/Controllers/indexController.php index 54826636f..66809964d 100755 --- a/app/Controllers/indexController.php +++ b/app/Controllers/indexController.php @@ -16,17 +16,18 @@ class FreshRSS_index_Controller extends Minz_ActionController { public function indexAction () { $output = Minz_Request::param ('output'); - - $token = $this->view->conf->token; - $token_param = Minz_Request::param ('token', ''); - $token_is_ok = ($token != '' && $token === $token_param); - - // check if user is log in - if(login_is_conf ($this->view->conf) && - !is_logged() && - !Minz_Configuration::allowAnonymous() && - !($output === 'rss' && $token_is_ok)) { - return; + $token = ''; + + // check if user is logged in + if (!$this->view->loginOk && !Minz_Configuration::allowAnonymous()) + { + $token = $this->view->conf->token; + $token_param = Minz_Request::param ('token', ''); + $token_is_ok = ($token != '' && $token === $token_param); + if (!($output === 'rss' && $token_is_ok)) { + return; + } + $params['token'] = $token; } // construction of RSS url of this feed @@ -35,11 +36,6 @@ class FreshRSS_index_Controller extends Minz_ActionController { if (isset ($params['search'])) { $params['search'] = urlencode ($params['search']); } - if (login_is_conf($this->view->conf) && - !Minz_Configuration::allowAnonymous() && - $token !== '') { - $params['token'] = $token; - } $this->view->rss_url = array ( 'c' => 'index', 'a' => 'index', @@ -212,7 +208,7 @@ class FreshRSS_index_Controller extends Minz_ActionController { } public function logsAction () { - if (login_is_conf ($this->view->conf) && !is_logged ()) { + if (!$this->view->loginOk) { Minz_Error::error ( 403, array ('error' => array (Minz_Translate::t ('access_denied'))) @@ -255,6 +251,7 @@ class FreshRSS_index_Controller extends Minz_ActionController { $res = json_decode ($result, true); if ($res['status'] === 'okay' && $res['email'] === $this->view->conf->mail_login) { Minz_Session::_param ('mail', $res['email']); + $this->view->loginOk = true; invalidateHttpCache(); } else { $res = array (); -- cgit v1.2.3