backend/rss: always use secret key to get uid when it is available instead of defaulting to session information; fix published url syntax being incorrect (closes #287)
This commit is contained in:
parent
32a5e3444d
commit
476edbbb5f
|
@ -474,7 +474,7 @@
|
|||
authenticate_user($link, "admin", null);
|
||||
}
|
||||
|
||||
if ($key && !$_SESSION["uid"]) {
|
||||
if ($key) {
|
||||
$result = db_query($link, "SELECT owner_uid FROM
|
||||
ttrss_access_keys WHERE access_key = '$key' AND feed_id = '$feed'");
|
||||
|
||||
|
|
|
@ -4093,7 +4093,7 @@
|
|||
"</option>";
|
||||
|
||||
$rss_link = htmlspecialchars(get_self_url_prefix() .
|
||||
"/backend.php?op=rss&id=$feed_id&is_cat=$is_cat$view_mode$search_q");
|
||||
"/backend.php?op=rss&id=$feed_id&is_cat=$is_cat&view_mode=$view_mode$search_q");
|
||||
|
||||
print "<option value=\"0\" disabled=\"1\">".__('Feed:')."</option>";
|
||||
|
||||
|
|
Loading…
Reference in New Issue