2014-07-23 15:52:50 +02:00
|
|
|
<?php
|
|
|
|
|
|
|
|
class FreshRSS_javascript_Controller extends Minz_ActionController {
|
2015-02-08 18:55:48 +01:00
|
|
|
public function firstAction() {
|
|
|
|
$this->view->_useLayout(false);
|
2014-07-23 15:52:50 +02:00
|
|
|
}
|
|
|
|
|
2015-02-08 18:55:48 +01:00
|
|
|
public function actualizeAction() {
|
2014-07-23 15:52:50 +02:00
|
|
|
header('Content-Type: text/javascript; charset=UTF-8');
|
|
|
|
$feedDAO = FreshRSS_Factory::createFeedDao();
|
2015-02-08 18:55:48 +01:00
|
|
|
$this->view->feeds = $feedDAO->listFeedsOrderUpdate(FreshRSS_Context::$user_conf->ttl_default);
|
2014-07-23 15:52:50 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
public function nbUnreadsPerFeedAction() {
|
|
|
|
header('Content-Type: application/json; charset=UTF-8');
|
|
|
|
$catDAO = new FreshRSS_CategoryDAO();
|
|
|
|
$this->view->categories = $catDAO->listCategories(true, false);
|
|
|
|
}
|
|
|
|
|
|
|
|
//For Web-form login
|
|
|
|
public function nonceAction() {
|
|
|
|
header('Content-Type: application/json; charset=UTF-8');
|
|
|
|
header('Last-Modified: ' . gmdate('D, d M Y H:i:s \G\M\T'));
|
|
|
|
header('Expires: 0');
|
|
|
|
header('Cache-Control: private, no-cache, no-store, must-revalidate');
|
|
|
|
header('Pragma: no-cache');
|
|
|
|
|
|
|
|
$user = isset($_GET['user']) ? $_GET['user'] : '';
|
|
|
|
if (ctype_alnum($user)) {
|
|
|
|
try {
|
2015-02-08 18:55:48 +01:00
|
|
|
$salt = FreshRSS_Context::$system_conf->salt;
|
|
|
|
$conf = get_user_configuration($user);
|
2014-07-23 15:52:50 +02:00
|
|
|
$s = $conf->passwordHash;
|
|
|
|
if (strlen($s) >= 60) {
|
|
|
|
$this->view->salt1 = substr($s, 0, 29); //CRYPT_BLOWFISH Salt: "$2a$", a two digit cost parameter, "$", and 22 characters from the alphabet "./0-9A-Za-z".
|
2015-02-08 18:55:48 +01:00
|
|
|
$this->view->nonce = sha1($salt . uniqid(mt_rand(), true));
|
2014-07-23 15:52:50 +02:00
|
|
|
Minz_Session::_param('nonce', $this->view->nonce);
|
|
|
|
return; //Success
|
|
|
|
}
|
|
|
|
} catch (Minz_Exception $me) {
|
2015-02-08 18:55:48 +01:00
|
|
|
Minz_Log::warning('Nonce failure: ' . $me->getMessage());
|
2014-07-23 15:52:50 +02:00
|
|
|
}
|
2015-02-08 18:55:48 +01:00
|
|
|
} else {
|
|
|
|
Minz_Log::notice('Nonce failure due to invalid username!');
|
2014-07-23 15:52:50 +02:00
|
|
|
}
|
2015-11-06 16:54:20 +01:00
|
|
|
//Failure: Return random data.
|
|
|
|
$this->view->salt1 = sprintf('$2a$%02d$', FreshRSS_user_Controller::BCRYPT_COST);
|
|
|
|
$alphabet = './ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
|
|
|
|
for ($i = 22; $i > 0; $i--) {
|
|
|
|
$this->view->salt1 .= $alphabet[rand(0, 63)];
|
|
|
|
}
|
|
|
|
$this->view->nonce = sha1(rand());
|
2014-07-23 15:52:50 +02:00
|
|
|
}
|
|
|
|
}
|