mirror/FreshRSS
0
0
Fork 0
mirror of https://github.com/FreshRSS/FreshRSS.git synced 2026-05-07 06:33:27 -04:00
Code Issues Packages Projects Releases Wiki Activity

Improve code redirection for indexController

Browse Source 
- add comments
- forward request is done in the controller (no Minz_Request::forward() in the
view, please)
- "soft" forward to the login form (no need of 302)
- show a 403 page (no authenticated) for rss output when token is wrong
This commit is contained in:
Marien Fressinaud
2014-02-15 11:43:07 +01:00
parent fb7bc50673
commit a34941f418
3 changed files with 19 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
app/Controllers/feedController.php
View File

@@ -3,7 +3,10 @@
class FreshRSS_feed_Controller extends Minz_ActionController {
public function firstAction () {
if (!$this->view->loginOk) {
$token = $this->view->conf->token; //TODO: check the token logic again, and if it is still needed
// Token is useful in the case that anonymous refresh is forbidden
// and CRON task cannot be used with php command so the user can
// set a CRON task to refresh his feeds by using token inside url
$token = $this->view->conf->token;
$token_param = Minz_Request::param ('token', '');
$token_is_ok = ($token != '' && $token == $token_param);
$action = Minz_Request::actionName ();