backend/rss: always use secret key to get uid when it is available instead of defaulting to session information; fix published url syntax being incorrect (closes #287)

This commit is contained in:
Andrew Dolgov 2010-12-27 16:47:33 +03:00
parent 32a5e3444d
commit 476edbbb5f
2 changed files with 2 additions and 2 deletions

View File

@ -474,7 +474,7 @@
authenticate_user($link, "admin", null);
}
if ($key && !$_SESSION["uid"]) {
if ($key) {
$result = db_query($link, "SELECT owner_uid FROM
ttrss_access_keys WHERE access_key = '$key' AND feed_id = '$feed'");

View File

@ -4093,7 +4093,7 @@
"</option>";
$rss_link = htmlspecialchars(get_self_url_prefix() .
"/backend.php?op=rss&id=$feed_id&is_cat=$is_cat$view_mode$search_q");
"/backend.php?op=rss&id=$feed_id&is_cat=$is_cat&view_mode=$view_mode$search_q");
print "<option value=\"0\" disabled=\"1\">".__('Feed:')."</option>";