do not use regexps in get_self_url_prefix()

[tt-rss.git] / backend.php

diff --git a/backend.php b/backend.php
index 0b0fdba4cb5c8c425f08f596fe619dec184e2fa7..bf87b55d3e63cc40aaca58b15aeac8984f6dc860 100644 (file)
--- a/backend.php
+++ b/backend.php
@@ -63,20 +63,6 @@
                authenticate_user($link, "admin", null);
        }
 
-       // TODO remove and handle within Handlers
-
-       if (!($_SESSION["uid"] && validate_session($link))) {
-               if ($op == 'pref-feeds' && $method == 'add') {
-                       header("Content-Type: text/html");
-                       login_sequence($link);
-                       render_login_form($link);
-               } else {
-                       header("Content-Type: text/plain");
-                       print json_encode(array("error" => array("code" => 6)));
-               }
-               return;
-       }
-
        $purge_intervals = array(
                0  => __("Use default"),
                -1 => __("Never purge"),
@@ -110,8 +96,7 @@
        $update_methods = array(
                0   => __("Default"),
                1   => __("Magpie"),
-               2   => __("SimplePie"),
-               3   => __("Twitter OAuth"));
+               2   => __("SimplePie"));
 
        if (DEFAULT_UPDATE_METHOD == "1") {
                $update_methods[0] .= ' (SimplePie)';
@@ -131,19 +116,12 @@
        #       return;
        #}
 
-       function __autoload($class) {
-               $file = "classes/".strtolower(basename($class)).".php";
-               if (file_exists($file)) {
-                       require $file;
-               }
-       }
-
        $op = str_replace("-", "_", $op);
 
        if (class_exists($op)) {
                $handler = new $op($link, $_REQUEST);
 
-               if ($handler) {
+               if ($handler && is_subclass_of($handler, 'Handler')) {
                        if (validate_csrf($csrf_token) || $handler->csrf_ignore($method)) {
                                if ($handler->before($method)) {
                                        if ($method && method_exists($handler, $method)) {
@@ -151,6 +129,10 @@
                                        }
                                        $handler->after();
                                        return;
+                               } else {
+                                       header("Content-Type: text/plain");
+                                       print json_encode(array("error" => array("code" => 6)));
+                                       return;
                                }
                        } else {
                                header("Content-Type: text/plain");