2013-12-22 20:55:53 -05:00
|
|
|
<?php
|
|
|
|
|
2016-12-26 09:44:53 -05:00
|
|
|
namespace Miniflux\Controller;
|
|
|
|
|
2016-08-24 21:17:58 -04:00
|
|
|
use Miniflux\Router;
|
|
|
|
use Miniflux\Response;
|
|
|
|
use Miniflux\Request;
|
2016-12-26 09:44:53 -05:00
|
|
|
use Miniflux\Session\SessionManager;
|
|
|
|
use Miniflux\Session\SessionStorage;
|
2016-08-24 21:17:58 -04:00
|
|
|
use Miniflux\Helper;
|
|
|
|
use Miniflux\Model;
|
|
|
|
use Miniflux\Translator;
|
|
|
|
use Miniflux\Handler;
|
|
|
|
|
2013-12-22 20:55:53 -05:00
|
|
|
// Called before each action
|
2016-04-17 19:44:45 -04:00
|
|
|
Router\before(function ($action) {
|
2016-12-26 09:44:53 -05:00
|
|
|
SessionManager::open(BASE_URL_DIRECTORY, SESSION_SAVE_PATH, 0);
|
2014-11-18 19:00:53 -05:00
|
|
|
|
2015-01-17 19:35:59 +01:00
|
|
|
// These actions are considered to be safe even for unauthenticated users
|
2016-12-26 09:44:53 -05:00
|
|
|
$safe_actions = array('login', 'bookmark-feed', 'logout', 'notfound');
|
|
|
|
if (! SessionStorage::getInstance()->isLogged() && ! in_array($action, $safe_actions)) {
|
2015-01-17 19:35:59 +01:00
|
|
|
if (! Model\RememberMe\authenticate()) {
|
|
|
|
Response\redirect('?action=login');
|
2014-11-18 19:00:53 -05:00
|
|
|
}
|
2015-01-17 19:35:59 +01:00
|
|
|
}
|
2013-12-22 20:55:53 -05:00
|
|
|
|
|
|
|
// Load translations
|
2016-12-26 09:44:53 -05:00
|
|
|
$language = Helper\config('language', 'en_US');
|
2015-01-30 19:45:23 +01:00
|
|
|
Translator\load($language);
|
2013-12-22 20:55:53 -05:00
|
|
|
|
2014-02-25 19:03:46 -05:00
|
|
|
// Set timezone
|
2016-12-26 09:44:53 -05:00
|
|
|
date_default_timezone_set(Helper\config('timezone', 'UTC'));
|
2014-02-25 19:03:46 -05:00
|
|
|
|
2013-12-22 20:55:53 -05:00
|
|
|
// HTTP secure headers
|
|
|
|
Response\csp(array(
|
|
|
|
'media-src' => '*',
|
2015-08-21 18:18:08 -04:00
|
|
|
'img-src' => '* data:',
|
2014-11-07 20:53:50 -05:00
|
|
|
'frame-src' => Model\Config\get_iframe_whitelist(),
|
2016-08-05 20:50:48 -04:00
|
|
|
'child-src' => Model\Config\get_iframe_whitelist(),
|
2015-05-16 09:35:50 +02:00
|
|
|
'referrer' => 'no-referrer',
|
2013-12-22 20:55:53 -05:00
|
|
|
));
|
|
|
|
|
|
|
|
Response\xss();
|
|
|
|
Response\nosniff();
|
2015-05-17 13:40:56 -04:00
|
|
|
|
2016-12-26 18:07:00 -05:00
|
|
|
if (ENABLE_XFRAME) {
|
|
|
|
Response\xframe();
|
|
|
|
}
|
|
|
|
|
2015-05-17 13:40:56 -04:00
|
|
|
if (ENABLE_HSTS && Helper\is_secure_connection()) {
|
|
|
|
Response\hsts();
|
|
|
|
}
|
2017-01-15 16:18:58 -05:00
|
|
|
|
|
|
|
if (SessionStorage::getInstance()->isLogged()) {
|
|
|
|
$user_id = SessionStorage::getInstance()->getUserId();
|
|
|
|
Model\Item\autoflush_read($user_id);
|
|
|
|
Model\Item\autoflush_unread($user_id);
|
|
|
|
}
|
2013-12-22 20:55:53 -05:00
|
|
|
});
|
|
|
|
|
2014-12-24 15:58:24 -05:00
|
|
|
// Image proxy (avoid SSL mixed content warnings)
|
2016-04-17 19:44:45 -04:00
|
|
|
Router\get_action('proxy', function () {
|
2016-08-18 22:41:39 -04:00
|
|
|
Handler\Proxy\download(rawurldecode(Request\param('url')));
|
2015-02-01 22:54:57 +01:00
|
|
|
exit;
|
2014-12-24 15:58:24 -05:00
|
|
|
});
|
2016-12-26 09:44:53 -05:00
|
|
|
|
|
|
|
function items_list($status)
|
|
|
|
{
|
|
|
|
$order = Request\param('order', 'updated');
|
|
|
|
$direction = Request\param('direction', Helper\config('items_sorting_direction'));
|
|
|
|
$offset = Request\int_param('offset', 0);
|
|
|
|
$group_id = Request\int_param('group_id', null);
|
|
|
|
$nb_items_page = Helper\config('items_per_page');
|
|
|
|
$user_id = SessionStorage::getInstance()->getUserId();
|
|
|
|
$feed_ids = array();
|
|
|
|
|
|
|
|
if ($group_id !== null) {
|
|
|
|
$feed_ids = Model\Group\get_feed_ids_by_group($group_id);
|
|
|
|
}
|
|
|
|
|
|
|
|
$items = Model\Item\get_items_by_status(
|
|
|
|
$user_id,
|
|
|
|
$status,
|
|
|
|
$feed_ids,
|
|
|
|
$offset,
|
|
|
|
$nb_items_page,
|
|
|
|
$order,
|
|
|
|
$direction
|
|
|
|
);
|
|
|
|
|
|
|
|
$nb_items = Model\Item\count_by_status($user_id, $status, $feed_ids);
|
|
|
|
$nb_unread_items = Model\Item\count_by_status($user_id, $status);
|
|
|
|
|
|
|
|
return array(
|
|
|
|
'nothing_to_read' => Request\int_param('nothing_to_read'),
|
|
|
|
'favicons' => Model\Favicon\get_items_favicons($items),
|
|
|
|
'original_marks_read' => Helper\bool_config('original_marks_read'),
|
|
|
|
'display_mode' => Helper\config('items_display_mode'),
|
|
|
|
'item_title_link' => Helper\config('item_title_link'),
|
|
|
|
'items_per_page' => $nb_items_page,
|
|
|
|
'offset' => $offset,
|
|
|
|
'direction' => $direction,
|
|
|
|
'order' => $order,
|
|
|
|
'items' => $items,
|
|
|
|
'nb_items' => $nb_items,
|
|
|
|
'nb_unread_items' => $nb_unread_items,
|
|
|
|
'group_id' => $group_id,
|
|
|
|
'groups' => Model\Group\get_all($user_id),
|
|
|
|
);
|
|
|
|
}
|