mirror of
https://git.tt-rss.org/git/tt-rss.git
synced 2025-12-25 16:31:28 +00:00
replace old-style published feed with universal secretkey-based approach used for all feeds; do not allow user/pass handling in generated feed urls; bump schema
This commit is contained in:
Andrew Dolgov
@@ -464,25 +464,11 @@
|
||||
return;
|
||||
}
|
||||
|
||||
if ($subop == "regenPubKey") {
|
||||
|
||||
print "<rpc-reply>";
|
||||
|
||||
set_pref($link, "_PREFS_PUBLISH_KEY", generate_publish_key(), $_SESSION["uid"]);
|
||||
|
||||
$new_link = article_publish_url($link);
|
||||
|
||||
print "<link><![CDATA[$new_link]]></link>";
|
||||
|
||||
print "</rpc-reply>";
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
if ($subop == "regenOPMLKey") {
|
||||
|
||||
print "<rpc-reply>";
|
||||
set_pref($link, " _PREFS_OPML_PUBLISH_KEY", generate_publish_key(), $_SESSION["uid"]);
|
||||
set_pref($link, " _PREFS_OPML_PUBLISH_KEY",
|
||||
sha1(uniqid(rand(), true)), $_SESSION["uid"]);
|
||||
$new_link = opml_publish_url($link);
|
||||
print "<link><![CDATA[$new_link]]></link>";
|
||||
print "</rpc-reply>";
|
||||
@@ -1119,6 +1105,21 @@
|
||||
return;
|
||||
}
|
||||
|
||||
if ($subop == "regenFeedKey") {
|
||||
$feed_id = db_escape_string($_REQUEST['id']);
|
||||
$is_cat = (bool) db_escape_string($_REQUEST['is_cat']);
|
||||
|
||||
print "<rpc-reply>";
|
||||
|
||||
$new_key = update_feed_access_key($link, $feed_id, $is_cat);
|
||||
|
||||
print "<link><![CDATA[$new_key]]></link>";
|
||||
|
||||
print "</rpc-reply>";
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
print "<rpc-reply><error>Unknown method: $subop</error></rpc-reply>";
|
||||
}
|
||||
?>
|
||||
|
||||
@@ -158,33 +158,6 @@
|
||||
return;
|
||||
}
|
||||
|
||||
if ($id == "pubUrl") {
|
||||
|
||||
print "<div id=\"infoBoxTitle\">".__('Published Articles')."</div>";
|
||||
print "<div class=\"infoBoxContents\">";
|
||||
|
||||
$url_path = article_publish_url($link);
|
||||
|
||||
print __("Your Published articles feed URL is:");
|
||||
|
||||
print "<div class=\"tagCloudContainer\">";
|
||||
print "<a id='pub_feed_url' href='$url_path' target='_blank'>$url_path</a>";
|
||||
print "</div>";
|
||||
|
||||
print "<div align='center'>";
|
||||
|
||||
print "<button onclick=\"return pubRegenKey()\">".
|
||||
__('Generate new URL')."</button> ";
|
||||
|
||||
print "<input class=\"button\"
|
||||
type=\"submit\" onclick=\"return closeInfoBox()\"
|
||||
value=\"".__('Close this window')."\">";
|
||||
|
||||
print "</div></div>";
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
if ($id == "pubOPMLUrl") {
|
||||
|
||||
print "<div id=\"infoBoxTitle\">".__('Public OPML URL')."</div>";
|
||||
@@ -777,6 +750,39 @@
|
||||
return;
|
||||
}
|
||||
|
||||
if ($id == "generatedFeed") {
|
||||
|
||||
print "<div id=\"infoBoxTitle\">".__('View as RSS')."</div>";
|
||||
print "<div class=\"infoBoxContents\">";
|
||||
|
||||
$params = explode(":", $param, 3);
|
||||
$feed_id = db_escape_string($params[0]);
|
||||
$is_cat = (bool) $params[1];
|
||||
|
||||
$key = get_feed_access_key($link, $feed_id, $is_cat);
|
||||
|
||||
$url_path = htmlspecialchars($params[2]) . "&key=" . $key;
|
||||
|
||||
print __("You can view this feed as RSS using the following URL:");
|
||||
|
||||
print "<div class=\"tagCloudContainer\">";
|
||||
print "<a id='gen_feed_url' href='$url_path' target='_blank'>$url_path</a>";
|
||||
print "</div>";
|
||||
|
||||
print "<div align='center'>";
|
||||
|
||||
print "<button onclick=\"return genUrlChangeKey('$feed_id', '$is_cat')\">".
|
||||
__('Generate new URL')."</button> ";
|
||||
|
||||
print "<input class=\"button\"
|
||||
type=\"submit\" onclick=\"return closeInfoBox()\"
|
||||
value=\"".__('Close this window')."\">";
|
||||
|
||||
print "</div></div>";
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
print "<div id='infoBoxTitle'>Internal Error</div>
|
||||
<div id='infoBoxContents'>
|
||||
<p>Unknown dialog <b>$id</b></p>
|
||||
|
||||
@@ -1447,7 +1447,8 @@
|
||||
__('Export OPML')."</button>";
|
||||
|
||||
if (!get_pref($link, "_PREFS_OPML_PUBLISH_KEY")){
|
||||
set_pref($link, "_PREFS_OPML_PUBLISH_KEY", generate_publish_key());
|
||||
set_pref($link, "_PREFS_OPML_PUBLISH_KEY",
|
||||
sha1(uniqid(rand(), true)));
|
||||
}
|
||||
|
||||
print "<p>".__('Your OPML can be published publicly and can be subscribed by anyone who knows the URL below.');
|
||||
@@ -1489,13 +1490,12 @@
|
||||
|
||||
print "<h3>".__("Published articles")."</h3>";
|
||||
|
||||
if (!get_pref($link, "_PREFS_PUBLISH_KEY")) {
|
||||
set_pref($link, "_PREFS_PUBLISH_KEY", generate_publish_key());
|
||||
}
|
||||
|
||||
print "<p>".__('Published articles are exported as a public RSS feed and can be subscribed by anyone who knows the URL specified below.')."</p>";
|
||||
|
||||
print "<button onclick=\"return displayDlg('pubUrl')\">".
|
||||
$rss_url = '-2::' . htmlspecialchars(get_self_url_prefix() .
|
||||
"/backend.php?op=rss&id=-2&view-mode=all_articles");;
|
||||
|
||||
print "<button onclick=\"return displayDlg('generatedFeed', '$rss_url')\">".
|
||||
__('Display URL')."</button> ";
|
||||
|
||||
|
||||
|
||||
Reference in New Issue
Block a user