UI improvements

[tt-rss.git] / backend.php
diff --git a/backend.php b/backend.php

index 4aaec48ad3521b12bb6839726d1bdda66b43ddae..1a53d1c68d5abdc5f32d6076b7245de29653d555 100644 (file)
--- a/backend.php
+++ b/backend.php
@@ -1,13 +1,8 @@
  <?php
         require_once "sessions.php";
         require_once "modules/backend-rpc.php";
-       
-       header("Cache-Control: no-cache, must-revalidate");
-       header("Cache-Control: no-cache, must-revalidate");
  
-       header("Pragma: no-cache");
-       header("Expires: -1");
-       
+
  /*     if ($_GET["debug"]) {
                 define('DEFAULT_ERROR_LEVEL', E_ALL);
         } else {
@@ -16,8 +11,6 @@
         
         error_reporting(DEFAULT_ERROR_LEVEL); */
  
-       $op = $_REQUEST["op"];
-
         define('SCHEMA_VERSION', 13);
  
         require_once "sanity_check.php";
@@ -27,6 +20,27 @@
         require_once "db-prefs.php";
         require_once "functions.php";
  
+       no_cache_incantation();
+
+       $script_started = getmicrotime();
+
+       $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME); 
+
+       if (!$link) {
+               if (DB_TYPE == "mysql") {
+                       print mysql_error();
+               }
+               // PG seems to display its own errors just fine by default.             
+               return;
+       }
+
+       if (DB_TYPE == "pgsql") {
+               pg_query("set client_encoding = 'UTF-8'");
+               pg_set_client_encoding("UNICODE");
+       }
+
+       $op = $_REQUEST["op"];
+
         $print_exec_time = false;
  
         if ((!$op || $op == "rpc" || $op == "rss" || $op == "digestSend" ||
@@ -40,8 +54,9 @@
                 header("Content-Type: application/xml");
                 print_error_xml(7); exit;
         }
-
-       if (!$_SESSION["uid"] && $op != "globalUpdateFeeds" && $op != "rss" && $op != "getUnread") {
+       
+       if (!($_SESSION["uid"] && validate_session($link)) && $op != "globalUpdateFeeds" 
+                       && $op != "rss" && $op != "getUnread") {
  
                 if ($op == "rpc") {
                         print_error_xml(6); die;
@@ -51,9 +66,9 @@
                                 <p>Error: Not logged in.</p>
                                 <script type=\"text/javascript\">
                                         if (parent.window != 'undefined') {
-                                               parent.window.location = \"login.php\";         
+                                               parent.window.location = \"tt-rss.php\";                
                                         } else {
-                                               window.location = \"login.php\";
+                                               window.location = \"tt-rss.php\";
                                         }
                                 </script>
                         </body></html>
@@ -95,22 +110,6 @@
         require_once "modules/pref-users.php";
         require_once "modules/pref-feed-browser.php"; 
  
-       $script_started = getmicrotime();
-
-       $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME); 
-
-       if (!$link) {
-               if (DB_TYPE == "mysql") {
-                       print mysql_error();
-               }
-               // PG seems to display its own errors just fine by default.             
-               return;
-       }
-
-       if (DB_TYPE == "pgsql") {
-               pg_query("set client_encoding = 'UTF-8'");
-               pg_set_client_encoding("UNICODE");
-       }
  
         if (!sanity_check($link)) { return; }