diff options
| author | Nicolas Lécureuil <neoclust@mageia.org> | 2020-05-17 14:46:00 +0200 |
|---|---|---|
| committer | Nicolas Lécureuil <neoclust@mageia.org> | 2020-05-17 14:46:00 +0200 |
| commit | e3de9d7dd1331f9718e04cc98e9ca7cfa27cf4aa (patch) | |
| tree | 336981502f93ceb9fa5ed33ea3b47dcefc5a8402 /common/admin/subscriptions.php | |
| parent | ff32e499745367b816d10f25e63ff3328214c32f (diff) | |
| download | planet-master.tar planet-master.tar.gz planet-master.tar.bz2 planet-master.tar.xz planet-master.zip | |
Sync with master of moonmoon ( version 9.0.0-rc)HEADuser/wally/upstream-10-devmaster
Source from https://github.com/Emmafrs/moonmoon/
Diffstat (limited to 'common/admin/subscriptions.php')
| -rwxr-xr-x | common/admin/subscriptions.php | 30 |
1 files changed, 20 insertions, 10 deletions
diff --git a/common/admin/subscriptions.php b/common/admin/subscriptions.php index ea2f113..f0fd896 100755 --- a/common/admin/subscriptions.php +++ b/common/admin/subscriptions.php @@ -1,21 +1,24 @@ <?php -require_once dirname(__FILE__) . '/inc/auth.inc.php'; -require_once dirname(__FILE__) . '/../app/app.php'; + +require_once __DIR__ . '/../app/app.php'; +require_once __DIR__ . '/inc/auth.inc.php'; function removeSlashes(&$item, $key){ $item = stripslashes($item); } +if (!$csrf->verify($_POST['_csrf'], 'feedmanage')) { + die('Invalid CSRF token!'); +} + if (isset($_POST['opml']) || isset($_POST['add'])) { - // Load config and old OPML - $conf = Spyc::YAMLLoad(dirname(__FILE__).'/../custom/config.yml'); - $PlanetConfig = new PlanetConfig($conf); + // Load old OPML + $oldOpml = OpmlManager::load(__DIR__.'/../custom/people.opml'); if ($PlanetConfig->getName() === '') { $PlanetConfig->setName($oldOpml->getTitle()); } - $oldOpml = OpmlManager::load(dirname(__FILE__).'/../custom/people.opml'); - $newOpml = new opml(); + $newOpml = new Opml(); $newOpml->title = $PlanetConfig->getName(); // Remove slashes if needed @@ -43,11 +46,18 @@ if (isset($_POST['opml']) || isset($_POST['add'])) { $feed = new SimplePie(); $feed->enable_cache(false); $feed->set_feed_url($_POST['url']); + if ($conf['checkcerts'] === false) { + $feed->set_curl_options([ + CURLOPT_SSL_VERIFYHOST => false, + CURLOPT_SSL_VERIFYPEER => false + ]); + } $feed->init(); $feed->handle_content_type(); - $person['name'] = $feed->get_title(); + $person['name'] = html_entity_decode($feed->get_title()); $person['website'] = $feed->get_permalink(); $person['feed'] = $feed->feed_url; + $person['isDown'] = '0'; $oldOpml->entries[] = $person; } @@ -55,10 +65,10 @@ if (isset($_POST['opml']) || isset($_POST['add'])) { } // Backup old OPML - OpmlManager::backup(dirname(__FILE__).'/../custom/people.opml'); + OpmlManager::backup(__DIR__.'/../custom/people.opml'); // Save new OPML - OpmlManager::save($newOpml, dirname(__FILE__).'/../custom/people.opml'); + OpmlManager::save($newOpml, __DIR__.'/../custom/people.opml'); } header("Location: index.php"); die(); |