diff --git a/inc/poche/config.inc.php b/inc/poche/config.inc.php index d91a44b..ee0f661 100644 --- a/inc/poche/config.inc.php +++ b/inc/poche/config.inc.php @@ -29,7 +29,6 @@ $storage_type = 'sqlite'; # sqlite, mysql, (file, not yet) # /!\ Be careful if you change the lines below /!\ require_once './inc/poche/Tools.class.php'; require_once './inc/poche/Url.class.php'; -require_once './inc/3rdparty/Session.class.php'; require_once './inc/3rdparty/class.messages.php'; require_once './inc/poche/Poche.class.php'; require_once './inc/3rdparty/Readability.php'; @@ -39,9 +38,18 @@ require_once './inc/store/' . $storage_type . '.class.php'; require_once './vendor/autoload.php'; require_once './inc/3rdparty/simple_html_dom.php'; require_once './inc/3rdparty/paginator.php'; +require_once './inc/3rdparty/Session.class.php'; if (DOWNLOAD_PICTURES) { require_once './inc/poche/pochePictures.php'; } -$poche = new Poche($storage_type); \ No newline at end of file +$poche = new Poche($storage_type); + +#XSRF protection with token +// if (!empty($_POST)) { +// if (!Session::isToken($_POST['token'])) { +// die(_('Wrong token')); +// } +// unset($_SESSION['tokens']); +// } \ No newline at end of file diff --git a/index.php b/index.php index 98ada1b..d0dd4ab 100644 --- a/index.php +++ b/index.php @@ -10,14 +10,6 @@ include dirname(__FILE__).'/inc/poche/config.inc.php'; -#XSRF protection with token -// if (!empty($_POST)) { -// if (!Session::isToken($_POST['token'])) { -// die(_('Wrong token')); -// } -// unset($_SESSION['tokens']); -// } - $referer = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER']; $view = Tools::checkVar('view', 'home'); $action = Tools::checkVar('action');