X-Git-Url: https://git.wh0rd.org/?a=blobdiff_plain;f=backend.php;h=b2eba083eefb88231300a1349eee150609adbc03;hb=81fc862e370a1dfbd3941206fd00076e3cbf0551;hp=5511668cf5ce6c776fe007bcff058e74df276a68;hpb=cbe50c800d4846be184673e623063abee7101a0c;p=tt-rss.git diff --git a/backend.php b/backend.php index 5511668c..b2eba083 100644 --- a/backend.php +++ b/backend.php @@ -1,5 +1,6 @@ array("code" => 6))); + if ($_SESSION["uid"]) { + if (!validate_session()) { + header("Content-Type: text/json"); + print error_json(6); + return; } - return; + load_user_plugins( $_SESSION["uid"]); } $purge_intervals = array( @@ -94,89 +81,67 @@ $update_intervals = array( 0 => __("Default interval"), -1 => __("Disable updates"), - 15 => __("Each 15 minutes"), - 30 => __("Each 30 minutes"), + 15 => __("15 minutes"), + 30 => __("30 minutes"), 60 => __("Hourly"), - 240 => __("Each 4 hours"), - 720 => __("Each 12 hours"), + 240 => __("4 hours"), + 720 => __("12 hours"), 1440 => __("Daily"), 10080 => __("Weekly")); $update_intervals_nodefault = array( -1 => __("Disable updates"), - 15 => __("Each 15 minutes"), - 30 => __("Each 30 minutes"), + 15 => __("15 minutes"), + 30 => __("30 minutes"), 60 => __("Hourly"), - 240 => __("Each 4 hours"), - 720 => __("Each 12 hours"), + 240 => __("4 hours"), + 720 => __("12 hours"), 1440 => __("Daily"), 10080 => __("Weekly")); - $update_methods = array( - 0 => __("Default"), - 1 => __("Magpie"), - 2 => __("SimplePie"), - 3 => __("Twitter OAuth")); - - if (DEFAULT_UPDATE_METHOD == "1") { - $update_methods[0] .= ' (SimplePie)'; - } else { - $update_methods[0] .= ' (Magpie)'; - } - $access_level_names = array( 0 => __("User"), 5 => __("Power User"), 10 => __("Administrator")); - $error = sanity_check($link); + $op = str_replace("-", "_", $op); - if ($error['code'] != 0 && $op != "logout") { - print json_encode(array("error" => $error)); - return; - } + $override = PluginHost::getInstance()->lookup_handler($op, $method); - $op = str_replace("-", "_", $op); + if (class_exists($op) || $override) { - if (class_exists($op)) { - $handler = new $op($link, $_REQUEST); + if ($override) { + $handler = $override; + } else { + $handler = new $op($_REQUEST); + } - if ($handler) { - if ($handler->before()) { - if ($method && method_exists($handler, $method)) { - $handler->$method(); - } else if (method_exists($handler, 'index')) { - $handler->index(); + if ($handler && implements_interface($handler, 'IHandler')) { + if (validate_csrf($csrf_token) || $handler->csrf_ignore($method)) { + if ($handler->before($method)) { + if ($method && method_exists($handler, $method)) { + $handler->$method(); + } else { + if (method_exists($handler, "catchall")) { + $handler->catchall($method); + } + } + $handler->after(); + return; + } else { + header("Content-Type: text/json"); + print error_json(6); + return; } - $handler->after(); + } else { + header("Content-Type: text/json"); + print error_json(6); return; } } } - switch($op) { // Select action according to $op value. - - case "pref_filters": - require_once "modules/pref-filters.php"; - module_pref_filters($link); - break; // pref-filters - - case "pref_users": - require_once "modules/pref-users.php"; - module_pref_users($link); - break; // prefs-users - - case "pref_instances": - require_once "modules/pref-instances.php"; - module_pref_instances($link); - break; // pref-instances - - default: - header("Content-Type: text/plain"); - print json_encode(array("error" => array("code" => 7))); - break; // fallback - } // Select action according to $op value. + header("Content-Type: text/json"); + print error_json(13); - // We close the connection to database. - db_close($link); ?>