mirror of
https://github.com/FreshRSS/FreshRSS.git
synced 2026-03-28 19:22:33 -04:00
Fix Controllers to use the correct config system
See https://github.com/FreshRSS/FreshRSS/issues/730
This commit is contained in:
Marien Fressinaud
@@ -18,8 +18,9 @@ class FreshRSS_feed_Controller extends Minz_ActionController {
|
||||
$token_param = Minz_Request::param('token', '');
|
||||
$token_is_ok = ($token != '' && $token == $token_param);
|
||||
$action = Minz_Request::actionName();
|
||||
$allow_anonymous_refresh = FreshRSS_Context::$system_conf->general['allow_anonymous_refresh'];
|
||||
if ($action !== 'actualize' ||
|
||||
!(Minz_Configuration::allowAnonymousRefresh() || $token_is_ok)) {
|
||||
!($allow_anonymous_refresh || $token_is_ok)) {
|
||||
Minz_Error::error(403);
|
||||
}
|
||||
}
|
||||
@@ -65,7 +66,7 @@ class FreshRSS_feed_Controller extends Minz_ActionController {
|
||||
'params' => array(),
|
||||
);
|
||||
|
||||
$limits = Minz_Configuration::limits();
|
||||
$limits = FreshRSS_Context::$system_conf->limits;
|
||||
$this->view->feeds = $feedDAO->listFeeds();
|
||||
if (count($this->view->feeds) >= $limits['max_feeds']) {
|
||||
Minz_Request::bad(_t('feedback.sub.feed.over_max', $limits['max_feeds']),
|
||||
|
||||
@@ -174,7 +174,7 @@ class FreshRSS_importExport_Controller extends Minz_ActionController {
|
||||
|
||||
$nb_feeds = count($this->feedDAO->listFeeds());
|
||||
$nb_cats = count($this->catDAO->listCategories(false));
|
||||
$limits = Minz_Configuration::limits();
|
||||
$limits = FreshRSS_Context::$system_conf->limits;
|
||||
|
||||
foreach ($opml_elements as $elt) {
|
||||
$is_error = false;
|
||||
@@ -323,7 +323,7 @@ class FreshRSS_importExport_Controller extends Minz_ActionController {
|
||||
$article_to_feed = array();
|
||||
|
||||
$nb_feeds = count($this->feedDAO->listFeeds());
|
||||
$limits = Minz_Configuration::limits();
|
||||
$limits = FreshRSS_Context::$system_conf->limits;
|
||||
|
||||
// First, we check feeds of articles are in DB (and add them if needed).
|
||||
foreach ($article_object['items'] as $item) {
|
||||
|
||||
@@ -20,7 +20,8 @@ class FreshRSS_index_Controller extends Minz_ActionController {
|
||||
* This action displays the normal view of FreshRSS.
|
||||
*/
|
||||
public function normalAction() {
|
||||
if (!FreshRSS_Auth::hasAccess() && !Minz_Configuration::allowAnonymous()) {
|
||||
$allow_anonymous = FreshRSS_Context::$system_conf->general['allow_anonymous'];
|
||||
if (!FreshRSS_Auth::hasAccess() && !$allow_anonymous) {
|
||||
Minz_Request::forward(array('c' => 'auth', 'a' => 'login'));
|
||||
return;
|
||||
}
|
||||
@@ -82,7 +83,8 @@ class FreshRSS_index_Controller extends Minz_ActionController {
|
||||
* This action displays the global view of FreshRSS.
|
||||
*/
|
||||
public function globalAction() {
|
||||
if (!FreshRSS_Auth::hasAccess() && !Minz_Configuration::allowAnonymous()) {
|
||||
$allow_anonymous = FreshRSS_Context::$system_conf->general['allow_anonymous'];
|
||||
if (!FreshRSS_Auth::hasAccess() && !$allow_anonymous) {
|
||||
Minz_Request::forward(array('c' => 'auth', 'a' => 'login'));
|
||||
return;
|
||||
}
|
||||
@@ -109,13 +111,14 @@ class FreshRSS_index_Controller extends Minz_ActionController {
|
||||
* This action displays the RSS feed of FreshRSS.
|
||||
*/
|
||||
public function rssAction() {
|
||||
$allow_anonymous = FreshRSS_Context::$system_conf->general['allow_anonymous'];
|
||||
$token = FreshRSS_Context::$user_conf->token;
|
||||
$token_param = Minz_Request::param('token', '');
|
||||
$token_is_ok = ($token != '' && $token === $token_param);
|
||||
|
||||
// Check if user has access.
|
||||
if (!FreshRSS_Auth::hasAccess() &&
|
||||
!Minz_Configuration::allowAnonymous() &&
|
||||
!$allow_anonymous &&
|
||||
!$token_is_ok) {
|
||||
Minz_Error::error(403);
|
||||
}
|
||||
|
||||
@@ -28,11 +28,12 @@ class FreshRSS_javascript_Controller extends Minz_ActionController {
|
||||
$user = isset($_GET['user']) ? $_GET['user'] : '';
|
||||
if (ctype_alnum($user)) {
|
||||
try {
|
||||
$salt = FreshRSS_Context::$system_conf->general['salt'];
|
||||
$conf = new FreshRSS_Configuration($user);
|
||||
$s = $conf->passwordHash;
|
||||
if (strlen($s) >= 60) {
|
||||
$this->view->salt1 = substr($s, 0, 29); //CRYPT_BLOWFISH Salt: "$2a$", a two digit cost parameter, "$", and 22 characters from the alphabet "./0-9A-Za-z".
|
||||
$this->view->nonce = sha1(Minz_Configuration::salt() . uniqid(mt_rand(), true));
|
||||
$this->view->nonce = sha1($salt . uniqid(mt_rand(), true));
|
||||
Minz_Session::_param('nonce', $this->view->nonce);
|
||||
return; //Success
|
||||
}
|
||||
|
||||
@@ -105,7 +105,7 @@ class FreshRSS_user_Controller extends Minz_ActionController {
|
||||
|
||||
public function createAction() {
|
||||
if (Minz_Request::isPost() && FreshRSS_Auth::hasAccess('admin')) {
|
||||
$db = Minz_Configuration::dataBase();
|
||||
$db = FreshRSS_Context::$system_conf->db;
|
||||
require_once(APP_PATH . '/SQL/install.sql.' . $db['type'] . '.php');
|
||||
|
||||
$new_user_language = Minz_Request::param('new_user_language', FreshRSS_Context::$user_conf->language);
|
||||
@@ -118,7 +118,8 @@ class FreshRSS_user_Controller extends Minz_ActionController {
|
||||
$ok = ($new_user_name != '') && ctype_alnum($new_user_name);
|
||||
|
||||
if ($ok) {
|
||||
$ok &= (strcasecmp($new_user_name, Minz_Configuration::defaultUser()) !== 0); //It is forbidden to alter the default user
|
||||
$default_user = FreshRSS_Context::$system_conf->general['default_user'];
|
||||
$ok &= (strcasecmp($new_user_name, $default_user) !== 0); //It is forbidden to alter the default user
|
||||
|
||||
$ok &= !in_array(strtoupper($new_user_name), array_map('strtoupper', listUsers())); //Not an existing user, case-insensitive
|
||||
|
||||
@@ -179,7 +180,7 @@ class FreshRSS_user_Controller extends Minz_ActionController {
|
||||
|
||||
public function deleteAction() {
|
||||
if (Minz_Request::isPost() && FreshRSS_Auth::hasAccess('admin')) {
|
||||
$db = Minz_Configuration::dataBase();
|
||||
$db = FreshRSS_Context::$system_conf->db;
|
||||
require_once(APP_PATH . '/SQL/install.sql.' . $db['type'] . '.php');
|
||||
|
||||
$username = Minz_Request::param('username');
|
||||
@@ -187,7 +188,8 @@ class FreshRSS_user_Controller extends Minz_ActionController {
|
||||
$user_data = join_path(DATA_PATH, 'users', $username);
|
||||
|
||||
if ($ok) {
|
||||
$ok &= (strcasecmp($username, Minz_Configuration::defaultUser()) !== 0); //It is forbidden to delete the default user
|
||||
$default_user = FreshRSS_Context::$system_conf->general['default_user'];
|
||||
$ok &= (strcasecmp($username, $default_user) !== 0); //It is forbidden to delete the default user
|
||||
}
|
||||
if ($ok) {
|
||||
$ok &= is_dir($user_data);
|
||||
|
||||
@@ -119,7 +119,8 @@ function html_only_entity_decode($text) {
|
||||
}
|
||||
|
||||
function customSimplePie() {
|
||||
$limits = Minz_Configuration::limits();
|
||||
$system_conf = Minz_Configuration::get('system');
|
||||
$limits = $system_conf->limits;
|
||||
$simplePie = new SimplePie();
|
||||
$simplePie->set_useragent(_t('gen.freshrss') . '/' . FRESHRSS_VERSION . ' (' . PHP_OS . '; ' . FRESHRSS_WEBSITE . ') ' . SIMPLEPIE_NAME . '/' . SIMPLEPIE_VERSION);
|
||||
$simplePie->set_cache_location(CACHE_PATH);
|
||||
|
||||
Reference in New Issue
Block a user