|
|
|
@ -1,22 +1,24 @@ |
|
|
|
|
<?php |
|
|
|
|
class FreshRSS extends Minz_FrontController { |
|
|
|
|
public function init($currentUser = null) { |
|
|
|
|
Minz_Session::init('FreshRSS'); |
|
|
|
|
$this->accessControl($currentUser); |
|
|
|
|
public function init() { |
|
|
|
|
if (!isset($_SESSION)) { |
|
|
|
|
Minz_Session::init('FreshRSS'); |
|
|
|
|
} |
|
|
|
|
$this->accessControl(Minz_Session::param('currentUser', '')); |
|
|
|
|
$this->loadParamsView(); |
|
|
|
|
$this->loadStylesAndScripts(); |
|
|
|
|
$this->loadNotifications(); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
private function accessControl($currentUser) { |
|
|
|
|
if ($currentUser === null) { |
|
|
|
|
if ($currentUser == '') { |
|
|
|
|
switch (Minz_Configuration::authType()) { |
|
|
|
|
case 'http_auth': |
|
|
|
|
$currentUser = httpAuthUser(); |
|
|
|
|
$loginOk = $currentUser != ''; |
|
|
|
|
break; |
|
|
|
|
case 'persona': |
|
|
|
|
$currentUser = Minz_Configuration::defaultUser(); |
|
|
|
|
$currentUser = Minz_Configuration::defaultUser(); //TODO: Make Persona compatible with multi-user |
|
|
|
|
$loginOk = Minz_Session::param('mail') != ''; |
|
|
|
|
break; |
|
|
|
|
case 'none': |
|
|
|
@ -24,28 +26,49 @@ class FreshRSS extends Minz_FrontController { |
|
|
|
|
$loginOk = true; |
|
|
|
|
break; |
|
|
|
|
default: |
|
|
|
|
$currentUser = Minz_Configuration::defaultUser(); |
|
|
|
|
$loginOk = false; |
|
|
|
|
break; |
|
|
|
|
} |
|
|
|
|
} elseif ((PHP_SAPI === 'cli') && (Minz_Request::actionName() === 'actualize')) { //Command line |
|
|
|
|
Minz_Configuration::_authType('none'); |
|
|
|
|
} else { |
|
|
|
|
$loginOk = true; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
if (!$loginOk || !isValidUser($currentUser)) { |
|
|
|
|
$currentUser = Minz_Configuration::defaultUser(); |
|
|
|
|
$loginOk = false; |
|
|
|
|
if (!ctype_alnum($currentUser)) { |
|
|
|
|
Minz_Session::_param('currentUser', ''); |
|
|
|
|
die('Invalid username [' . $currentUser . ']!'); |
|
|
|
|
} |
|
|
|
|
Minz_Configuration::_currentUser($currentUser); |
|
|
|
|
Minz_View::_param ('loginOk', $loginOk); |
|
|
|
|
|
|
|
|
|
try { |
|
|
|
|
$this->conf = new FreshRSS_Configuration($currentUser); |
|
|
|
|
} catch (Minz_Exception $e) { |
|
|
|
|
// Permission denied or conf file does not exist |
|
|
|
|
die($e->getMessage()); |
|
|
|
|
Minz_Session::_param('currentUser', ''); |
|
|
|
|
die('Invalid configuration for user [' . $currentUser . ']! ' . $e->getMessage()); //Permission denied or conf file does not exist |
|
|
|
|
} |
|
|
|
|
Minz_View::_param ('conf', $this->conf); |
|
|
|
|
Minz_Session::_param('currentUser', $currentUser); |
|
|
|
|
|
|
|
|
|
if ($loginOk) { |
|
|
|
|
switch (Minz_Configuration::authType()) { |
|
|
|
|
case 'http_auth': |
|
|
|
|
$loginOk = $currentUser === httpAuthUser(); |
|
|
|
|
break; |
|
|
|
|
case 'persona': |
|
|
|
|
$loginOk = Minz_Session::param('mail') === $this->conf->mail_login; |
|
|
|
|
break; |
|
|
|
|
case 'none': |
|
|
|
|
$loginOk = true; |
|
|
|
|
break; |
|
|
|
|
default: |
|
|
|
|
$loginOk = false; |
|
|
|
|
break; |
|
|
|
|
} |
|
|
|
|
if ((!$loginOk) && (PHP_SAPI === 'cli') && (Minz_Request::actionName() === 'actualize')) { //Command line |
|
|
|
|
Minz_Configuration::_authType('none'); |
|
|
|
|
$loginOk = true; |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
Minz_View::_param ('loginOk', $loginOk); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
private function loadParamsView () { |
|
|
|
|