From a6071a0d9824908ea48099a66435d70d74b9b1b8 Mon Sep 17 00:00:00 2001
From: Alexandre Alapetite <alexandre@alapetite.fr>
Date: Fri, 12 Aug 2016 22:56:02 +0200
Subject: PHP 5.3 compatibility for callback

https://github.com/FreshRSS/FreshRSS/issues/1208
---
 app/Controllers/indexController.php | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

(limited to 'app/Controllers')

diff --git a/app/Controllers/indexController.php b/app/Controllers/indexController.php
index 7e626720e..2333ff69d 100755
--- a/app/Controllers/indexController.php
+++ b/app/Controllers/indexController.php
@@ -32,9 +32,9 @@ class FreshRSS_index_Controller extends Minz_ActionController {
 			Minz_Error::error(404);
 		}
 
-		$this->view->callbackBeforeContent = function() {
+		$this->view->callbackBeforeContent = function($view) {
 			try {
-				$entries = $this->listEntriesByContext();
+				$entries = FreshRSS_index_Controller::listEntriesByContext();
 
 				$nb_entries = count($entries);
 				if ($nb_entries > FreshRSS_Context::$number) {
@@ -55,7 +55,7 @@ class FreshRSS_index_Controller extends Minz_ActionController {
 					}
 				}
 
-				$this->view->entries = $entries;
+				$view->entries = $entries;
 			} catch (FreshRSS_EntriesGetter_Exception $e) {
 				Minz_Log::notice($e->getMessage());
 				Minz_Error::error(404);
@@ -132,7 +132,7 @@ class FreshRSS_index_Controller extends Minz_ActionController {
 		}
 
 		try {
-			$this->view->entries = $this->listEntriesByContext();
+			$this->view->entries = FreshRSS_index_Controller::listEntriesByContext();
 		} catch (FreshRSS_EntriesGetter_Exception $e) {
 			Minz_Log::notice($e->getMessage());
 			Minz_Error::error(404);
@@ -189,7 +189,7 @@ class FreshRSS_index_Controller extends Minz_ActionController {
 	/**
 	 * This method returns a list of entries based on the Context object.
 	 */
-	private function listEntriesByContext() {
+	private static function listEntriesByContext() {
 		$entryDAO = FreshRSS_Factory::createEntryDao();
 
 		$get = FreshRSS_Context::currentGet(true);
-- 
cgit v1.2.3


From af31f1b20fa7675a208c7a73933231ac2fb8928a Mon Sep 17 00:00:00 2001
From: Alexandre Alapetite <alexandre@alapetite.fr>
Date: Sat, 13 Aug 2016 10:35:45 +0200
Subject: PHP 5.3 scope compatibility

https://github.com/FreshRSS/FreshRSS/issues/1208
---
 app/Controllers/indexController.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'app/Controllers')

diff --git a/app/Controllers/indexController.php b/app/Controllers/indexController.php
index 2333ff69d..5d7925eed 100755
--- a/app/Controllers/indexController.php
+++ b/app/Controllers/indexController.php
@@ -189,7 +189,7 @@ class FreshRSS_index_Controller extends Minz_ActionController {
 	/**
 	 * This method returns a list of entries based on the Context object.
 	 */
-	private static function listEntriesByContext() {
+	public static function listEntriesByContext() {
 		$entryDAO = FreshRSS_Factory::createEntryDao();
 
 		$get = FreshRSS_Context::currentGet(true);
-- 
cgit v1.2.3


From 02d1d66235d9ca5dd71929c76a1ecec94cf14f3d Mon Sep 17 00:00:00 2001
From: Alexandre Alapetite <alexandre@alapetite.fr>
Date: Sat, 13 Aug 2016 15:35:52 +0200
Subject: PHP 5.3 more compatibility

https://github.com/FreshRSS/FreshRSS/pull/1209#issuecomment-239617504
https://github.com/FreshRSS/FreshRSS/issues/1208
---
 app/Controllers/indexController.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'app/Controllers')

diff --git a/app/Controllers/indexController.php b/app/Controllers/indexController.php
index 5d7925eed..2332d225d 100755
--- a/app/Controllers/indexController.php
+++ b/app/Controllers/indexController.php
@@ -61,9 +61,9 @@ class FreshRSS_index_Controller extends Minz_ActionController {
 				Minz_Error::error(404);
 			}
 
-			$this->view->categories = FreshRSS_Context::$categories;
+			$view->categories = FreshRSS_Context::$categories;
 
-			$this->view->rss_title = FreshRSS_Context::$name . ' | ' . Minz_View::title();
+			$view->rss_title = FreshRSS_Context::$name . ' | ' . Minz_View::title();
 			$title = FreshRSS_Context::$name;
 			if (FreshRSS_Context::$get_unread > 0) {
 				$title = '(' . FreshRSS_Context::$get_unread . ') ' . $title;
-- 
cgit v1.2.3


From 56ffc115d15bf136bfced74707ccc1f41c7b5e44 Mon Sep 17 00:00:00 2001
From: Alexandre Alapetite <alexandre@alapetite.fr>
Date: Sat, 13 Aug 2016 19:10:32 +0200
Subject: Do not mix POST and GET params

Avoid returning CSRF POST token for a GET
---
 app/Controllers/configureController.php |  4 ++--
 app/Models/Auth.php                     |  2 +-
 app/views/entry/bookmark.phtml          | 19 +++++++++----------
 app/views/entry/read.phtml              | 19 +++++++++----------
 app/views/helpers/logs_pagination.phtml |  2 +-
 app/views/index/global.phtml            |  2 +-
 6 files changed, 23 insertions(+), 25 deletions(-)

(limited to 'app/Controllers')

diff --git a/app/Controllers/configureController.php b/app/Controllers/configureController.php
index d0f0bd68b..147a2fe06 100755
--- a/app/Controllers/configureController.php
+++ b/app/Controllers/configureController.php
@@ -139,7 +139,7 @@ class FreshRSS_configure_Controller extends Minz_ActionController {
 	 */
 	public function sharingAction() {
 		if (Minz_Request::isPost()) {
-			$params = Minz_Request::params();
+			$params = Minz_Request::fetchGET();
 			FreshRSS_Context::$user_conf->sharing = $params['share'];
 			FreshRSS_Context::$user_conf->save();
 			invalidateHttpCache();
@@ -282,7 +282,7 @@ class FreshRSS_configure_Controller extends Minz_ActionController {
 		foreach (FreshRSS_Context::$user_conf->queries as $key => $query) {
 			$queries[$key] = new FreshRSS_UserQuery($query, $feed_dao, $category_dao);
 		}
-		$params = Minz_Request::params();
+		$params = Minz_Request::fetchGET();
 		$params['url'] = Minz_Url::display(array('params' => $params));
 		$params['name'] = _t('conf.query.number', count($queries) + 1);
 		$queries[] = new FreshRSS_UserQuery($params, $feed_dao, $category_dao);
diff --git a/app/Models/Auth.php b/app/Models/Auth.php
index f0e8db5a2..b93942e19 100644
--- a/app/Models/Auth.php
+++ b/app/Models/Auth.php
@@ -173,7 +173,7 @@ class FreshRSS_Auth {
 			return true;	//Not logged in yet
 		}
 		if ($token === null) {
-			$token = Minz_Request::param('_csrf');
+			$token = Minz_Request::fetchPOST('_csrf');
 		}
 		return $token === $csrf;
 	}
diff --git a/app/views/entry/bookmark.phtml b/app/views/entry/bookmark.phtml
index 6b5a4ed03..d85706669 100755
--- a/app/views/entry/bookmark.phtml
+++ b/app/views/entry/bookmark.phtml
@@ -1,17 +1,16 @@
 <?php
 header('Content-Type: application/json; charset=UTF-8');
 
-if (Minz_Request::param('is_favorite', true)) {
-	Minz_Request::_param('is_favorite', 0);
-} else {
-	Minz_Request::_param('is_favorite', 1);
-}
-
-$url = Minz_Url::display(array(
+$url = array(
 	'c' => Minz_Request::controllerName(),
 	'a' => Minz_Request::actionName(),
-	'params' => Minz_Request::params(),
-));
+	'params' => Minz_Request::fetchGET(),
+);
+
+$url['params']['is_favorite'] = Minz_Request::param('is_favorite', true) ? '0' : '1';
 
 FreshRSS::loadStylesAndScripts();
-echo json_encode(array('url' => str_ireplace('&amp;', '&', $url), 'icon' => _i(Minz_Request::param('is_favorite') ? 'non-starred' : 'starred')));
+echo json_encode(array(
+		'url' => str_ireplace('&amp;', '&', Minz_Url::display($url)),
+		'icon' => _i($url['params']['is_favorite'] === '1' ? 'non-starred' : 'starred')
+	));
diff --git a/app/views/entry/read.phtml b/app/views/entry/read.phtml
index 7d0e3de82..73977d94b 100755
--- a/app/views/entry/read.phtml
+++ b/app/views/entry/read.phtml
@@ -1,17 +1,16 @@
 <?php
 header('Content-Type: application/json; charset=UTF-8');
 
-if (Minz_Request::param('is_read', true)) {
-	Minz_Request::_param('is_read', 0);
-} else {
-	Minz_Request::_param('is_read', 1);
-}
-
-$url = Minz_Url::display(array(
+$url = array(
 	'c' => Minz_Request::controllerName(),
 	'a' => Minz_Request::actionName(),
-	'params' => Minz_Request::params(),
-));
+	'params' => Minz_Request::fetchGET(),
+);
+
+$url['params']['is_read'] = Minz_Request::param('is_read', true) ? '0' : '1';
 
 FreshRSS::loadStylesAndScripts();
-echo json_encode(array('url' => str_ireplace('&amp;', '&', $url), 'icon' => _i(Minz_Request::param('is_read') ? 'unread' : 'read')));
+echo json_encode(array(
+		'url' => str_ireplace('&amp;', '&', Minz_Url::display($url)),
+		'icon' => _i($url['params']['is_read'] === '1' ? 'unread' : 'read')
+	));
diff --git a/app/views/helpers/logs_pagination.phtml b/app/views/helpers/logs_pagination.phtml
index 58b3c68f4..bf9d91f04 100755
--- a/app/views/helpers/logs_pagination.phtml
+++ b/app/views/helpers/logs_pagination.phtml
@@ -1,7 +1,7 @@
 <?php
 	$c = Minz_Request::controllerName();
 	$a = Minz_Request::actionName();
-	$params = Minz_Request::params();
+	$params = Minz_Request::fetchGET();
 ?>
 
 <?php if ($this->nbPage > 1) { ?>
diff --git a/app/views/index/global.phtml b/app/views/index/global.phtml
index 0ffa3bc54..1e53e4f8c 100644
--- a/app/views/index/global.phtml
+++ b/app/views/index/global.phtml
@@ -14,7 +14,7 @@
 	$url_base = array(
 		'c' => 'index',
 		'a' => 'normal',
-		'params' => Minz_Request::params()
+		'params' => Minz_Request::fetchGET(),
 	);
 
 	foreach ($this->categories as $cat) {
-- 
cgit v1.2.3