X-Git-Url: https://git.wh0rd.org/?a=blobdiff_plain;f=api%2Findex.php;h=3fbf6bf575e914e271080b3a850be667790d9d3f;hb=07fd4f8d9d4f301f5ad88ff9e80f042fc3eb0c36;hp=2d555678fec25ffb9d523294bbab5b4809ccf17b;hpb=6eaf31932003b53737c4cd45a50cd29b06955f3f;p=tt-rss.git

diff --git a/api/index.php b/api/index.php
index 2d555678..3fbf6bf5 100644
--- a/api/index.php
+++ b/api/index.php
@@ -3,30 +3,35 @@
 
 	require_once "../config.php";
 
-	set_include_path(get_include_path() . PATH_SEPARATOR .
-		dirname(__FILE__) . PATH_SEPARATOR .
+	set_include_path(dirname(__FILE__) . PATH_SEPARATOR .
 		dirname(dirname(__FILE__)) . PATH_SEPARATOR .
-		dirname(dirname(__FILE__)) . "/include" );
+		dirname(dirname(__FILE__)) . "/include" . PATH_SEPARATOR .
+  		get_include_path());
 
 	chdir("..");
 
+	define('TTRSS_SESSION_NAME', 'ttrss_api_sid');
+	define('NO_SESSION_AUTOSTART', true);
+
+	require_once "autoload.php";
 	require_once "db.php";
 	require_once "db-prefs.php";
 	require_once "functions.php";
+	require_once "sessions.php";
+
+	ini_set('session.use_cookies', 0);
+	ini_set("session.gc_maxlifetime", 86400);
+
+	define('AUTH_DISABLE_OTP', true);
 
 	if (defined('ENABLE_GZIP_OUTPUT') && ENABLE_GZIP_OUTPUT &&
 			function_exists("ob_gzhandler")) {
 
 		ob_start("ob_gzhandler");
+	} else {
+		ob_start();
 	}
 
-	$link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
-
-	$session_expire = SESSION_EXPIRE_TIME; //seconds
-	$session_name = (!defined('TTRSS_SESSION_NAME')) ? "ttrss_sid_api" : TTRSS_SESSION_NAME . "_api";
-
-	session_name($session_name);
-
 	$input = file_get_contents("php://input");
 
 	if (defined('_API_DEBUG_HTTP_ENABLED') && _API_DEBUG_HTTP_ENABLED) {
@@ -44,15 +49,32 @@
 
 	if ($_REQUEST["sid"]) {
 		session_id($_REQUEST["sid"]);
+		@session_start();
+	} else if (defined('_API_DEBUG_HTTP_ENABLED')) {
+		@session_start();
 	}
 
-	session_start();
+	startup_gettext();
 
-	if (!init_connection($link)) return;
+	if (!init_plugins()) return;
+
+	if ($_SESSION["uid"]) {
+		if (!validate_session()) {
+			header("Content-Type: text/json");
+
+			print json_encode(array("seq" => -1,
+				"status" => 1,
+				"content" => array("error" => "NOT_LOGGED_IN")));
+
+			return;
+		}
+
+		load_user_plugins( $_SESSION["uid"]);
+	}
 
 	$method = strtolower($_REQUEST["op"]);
 
-	$handler = new API($link, $_REQUEST);
+	$handler = new API($_REQUEST);
 
 	if ($handler->before($method)) {
 		if ($method && method_exists($handler, $method)) {
@@ -63,6 +85,7 @@
 		$handler->after();
 	}
 
-	db_close($link);
+	header("Api-Content-Length: " . ob_get_length());
+
+	ob_end_flush();
 
-?>