implement ProtectedHandler

2011-12-13 14:15:42 +04:00 · 2011-12-13 14:15:42 +04:00 · 46da73c255
parent 8e17d6636e
commit 46da73c255
10 changed files with 79 additions and 71 deletions
--- a/classes/article.php
+++ b/classes/article.php
@ -1,5 +1,5 @@
 <?php
-class Article extends Handler {
+class Article extends Protected_Handler {

 	function redirect() {
 		$id = db_escape_string($_REQUEST['id']);
--- a/classes/dlg.php
+++ b/classes/dlg.php
@ -1,5 +1,5 @@
 <?php
-class Dlg extends Handler {
+class Dlg extends Protected_Handler {
 	private $param;

 	function before() {
--- a/classes/feeds.php
+++ b/classes/feeds.php
@ -1,5 +1,5 @@
 <?php
-class Feeds extends Handler {
+class Feeds extends Protected_Handler {

 	function catchupAll() {
 		db_query($this->link, "UPDATE ttrss_user_entries SET
--- a/classes/pref_feeds.php
+++ b/classes/pref_feeds.php
@ -1,5 +1,5 @@
 <?php
-class Pref_Feeds extends Handler {
+class Pref_Feeds extends Protected_Handler {
 	function batch_edit_cbox($elem, $label = false) {
 		print "<input type=\"checkbox\" title=\"".__("Check to enable field")."\"
 			onchange=\"dijit.byId('feedEditDlg').toggleField(this, '$elem', '$label')\">";
--- a/classes/pref_filters.php
+++ b/classes/pref_filters.php
@ -1,5 +1,5 @@
 <?php
-class Pref_Filters extends Handler {
+class Pref_Filters extends Protected_Handler {

 	function filter_test($filter_type, $reg_exp,
 			$action_id, $action_param, $filter_param, $inverse, $feed_id) {
--- a/classes/pref_labels.php
+++ b/classes/pref_labels.php
@ -1,5 +1,5 @@
 <?php
-class Pref_Labels extends Handler {
+class Pref_Labels extends Protected_Handler {

 	function edit() {
 		$label_id = db_escape_string($_REQUEST['id']);
--- a/classes/pref_prefs.php
+++ b/classes/pref_prefs.php
@ -1,5 +1,5 @@
 <?php
-class Pref_Prefs extends Handler {
+class Pref_Prefs extends Protected_Handler {

 	function changepassword() {

--- a/classes/pref_users.php
+++ b/classes/pref_users.php
@ -1,5 +1,5 @@
 <?php
-class Pref_Users extends Handler {
+class Pref_Users extends Protected_Handler {

 		function before() {
 			if (parent::before()) {
--- a/classes/protected_handler.php
+++ b/classes/protected_handler.php
@ -0,0 +1,8 @@
+<?php
+class Protected_Handler extends Handler {
+
+	function before() {
+		return parent::before() && $_SESSION['uid'];
+	}
+}
+?>
--- a/classes/rpc.php
+++ b/classes/rpc.php
@ -1,5 +1,5 @@
 <?php
-class RPC extends Handler {
+class RPC extends Protected_Handler {

 	function setprofile() {
 		$id = db_escape_string($_REQUEST["id"]);