pngcrush.sh

[tt-rss.git] / api / index.php

diff --git a/api/index.php b/api/index.php
index 53b78b010df0351d88c90e69513bb84e27999b9d..3fbf6bf575e914e271080b3a850be667790d9d3f 100644 (file)
--- a/api/index.php
+++ b/api/index.php
@@ -13,11 +13,13 @@
        define('TTRSS_SESSION_NAME', 'ttrss_api_sid');
        define('NO_SESSION_AUTOSTART', true);
 
+       require_once "autoload.php";
        require_once "db.php";
        require_once "db-prefs.php";
        require_once "functions.php";
        require_once "sessions.php";
 
+       ini_set('session.use_cookies', 0);
        ini_set("session.gc_maxlifetime", 86400);
 
        define('AUTH_DISABLE_OTP', true);
@@ -30,8 +32,6 @@
                ob_start();
        }
 
-       $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
-
        $input = file_get_contents("php://input");
 
        if (defined('_API_DEBUG_HTTP_ENABLED') && _API_DEBUG_HTTP_ENABLED) {
@@ -54,11 +54,27 @@
                @session_start();
        }
 
-       if (!init_connection($link)) return;
+       startup_gettext();
+
+       if (!init_plugins()) return;
+
+       if ($_SESSION["uid"]) {
+               if (!validate_session()) {
+                       header("Content-Type: text/json");
+
+                       print json_encode(array("seq" => -1,
+                               "status" => 1,
+                               "content" => array("error" => "NOT_LOGGED_IN")));
+
+                       return;
+               }
+
+               load_user_plugins( $_SESSION["uid"]);
+       }
 
        $method = strtolower($_REQUEST["op"]);
 
-       $handler = new API($link, $_REQUEST);
+       $handler = new API($_REQUEST);
 
        if ($handler->before($method)) {
                if ($method && method_exists($handler, $method)) {
@@ -69,9 +85,7 @@
                $handler->after();
        }
 
-       db_close($link);
-
        header("Api-Content-Length: " . ob_get_length());
 
        ob_end_flush();
-?>
+