From 96834a47b09985e1c82b82857fc108f20e8b8f2b Mon Sep 17 00:00:00 2001
From: tcitworld <tcit@tcit.fr>
Date: Fri, 16 May 2014 17:38:19 +0200
Subject: [PATCH 1/3] Added PHPePub

---
 CREDITS.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/CREDITS.md b/CREDITS.md
index c892336..ffef5b3 100644
--- a/CREDITS.md
+++ b/CREDITS.md
@@ -9,7 +9,8 @@ wallabag is based on :
 * Twig http://twig.sensiolabs.org
 * Flash messages https://github.com/plasticbrain/PHP-Flash-Messages
 * Pagination https://github.com/daveismyname/pagination
+* PHPePub https://github.com/Grandt/PHPePub/
 
 wallabag is developed by Nicolas Lœuillet under the Do What the Fuck You Want to Public License
 
-Contributors : https://github.com/wallabag/wallabag/graphs/contributors
\ No newline at end of file
+Contributors : https://github.com/wallabag/wallabag/graphs/contributors

From 800868e27ea9cb73b889537be6ff35c88fb9e443 Mon Sep 17 00:00:00 2001
From: Maryana Rozhankivska <mariroz@mr.lviv.ua>
Date: Thu, 24 Jul 2014 17:47:23 +0300
Subject: [PATCH 2/3] security fix

---
 index.php | 82 +++++++++++++++++++++++++++----------------------------
 1 file changed, 41 insertions(+), 41 deletions(-)

diff --git a/index.php b/index.php
index 481841e..2c532c0 100755
--- a/index.php
+++ b/index.php
@@ -63,54 +63,54 @@ if (! empty($notInstalledMessage)) {
 
 # poche actions
 if (isset($_GET['login'])) {
-    # hello you
+    # hello to you
     $poche->login($referer);
-} elseif (isset($_GET['logout'])) {
-    # see you soon !
-    $poche->logout();
-} elseif (isset($_GET['config'])) {
-    # Update password
-    $poche->updatePassword();
-} elseif (isset($_GET['newuser'])) {
-    $poche->createNewUser();
-} elseif (isset($_GET['deluser'])) {
-    $poche->deleteUser();
-} elseif (isset($_GET['epub'])) {
-    $poche->createEpub();
-} elseif (isset($_GET['import'])) {
-    $import = $poche->import();
-    $tpl_vars = array_merge($tpl_vars, $import);
-} elseif (isset($_GET['download'])) {
-    Tools::download_db();
-} elseif (isset($_GET['empty-cache'])) {
-    $poche->emptyCache();
-} elseif (isset($_GET['export'])) {
-    $poche->export();
-} elseif (isset($_GET['updatetheme'])) {
-    $poche->updateTheme();
-} elseif (isset($_GET['updatelanguage'])) {
-    $poche->updateLanguage();
-} elseif (isset($_GET['uploadfile'])) {
-    $poche->uploadFile();
-} elseif (isset($_GET['feed'])) {
-    if (isset($_GET['action']) && $_GET['action'] == 'generate') {
-        $poche->generateToken();
-    }
-    else {
-        $tag_id = (isset($_GET['tag_id']) ? intval($_GET['tag_id']) : 0);
-        $poche->generateFeeds($_GET['token'], filter_var($_GET['user_id'],FILTER_SANITIZE_NUMBER_INT), $tag_id, $_GET['type']);
-    }
-}
-
-elseif (isset($_GET['plainurl']) && !empty($_GET['plainurl'])) {
-    $plain_url = new Url(base64_encode($_GET['plainurl']));
-    $poche->action('add', $plain_url);
+} elseif (isset($_GET['feed']) && isset($_GET['user_id'])) {
+		$tag_id = (isset($_GET['tag_id']) ? intval($_GET['tag_id']) : 0);
+		$poche->generateFeeds($_GET['token'], filter_var($_GET['user_id'],FILTER_SANITIZE_NUMBER_INT), $tag_id, $_GET['type']);
 }
 
 if (Session::isLogged()) {
+    
+    if (isset($_GET['logout'])) {
+    	# see you soon !
+    	$poche->logout();
+    } elseif (isset($_GET['config'])) {
+    	# Update password
+    	$poche->updatePassword();
+    } elseif (isset($_GET['newuser'])) {
+    	$poche->createNewUser();
+    } elseif (isset($_GET['deluser'])) {
+    	$poche->deleteUser();
+    } elseif (isset($_GET['epub'])) {
+    	$poche->createEpub();
+    } elseif (isset($_GET['import'])) {
+    	$import = $poche->import();
+    	$tpl_vars = array_merge($tpl_vars, $import);
+    } elseif (isset($_GET['download'])) {
+    	Tools::download_db();
+    } elseif (isset($_GET['empty-cache'])) {
+    	$poche->emptyCache();
+    } elseif (isset($_GET['export'])) {
+    	$poche->export();
+    } elseif (isset($_GET['updatetheme'])) {
+    	$poche->updateTheme();
+    } elseif (isset($_GET['updatelanguage'])) {
+    	$poche->updateLanguage();
+    } elseif (isset($_GET['uploadfile'])) {
+    	$poche->uploadFile();
+    } elseif (isset($_GET['feed']) && isset($_GET['action']) && $_GET['action'] == 'generate') {
+    		$poche->generateToken();
+    }
+    elseif (isset($_GET['plainurl']) && !empty($_GET['plainurl'])) {
+    	$plain_url = new Url(base64_encode($_GET['plainurl']));
+    	$poche->action('add', $plain_url);
+    }
+  
     $poche->action($action, $url, $id);
     $tpl_file = Tools::getTplFile($view);
     $tpl_vars = array_merge($tpl_vars, $poche->displayView($view, $id));
+    
 } elseif(isset($_SERVER['PHP_AUTH_USER'])) {
     if($poche->store->userExists($_SERVER['PHP_AUTH_USER'])) {
         $poche->login($referer);

From 38cf3413dfe156ced4f5f3a8c792cef69e2735f7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Nicolas=20L=C5=93uillet?= <nicolas@loeuillet.org>
Date: Thu, 24 Jul 2014 21:41:01 +0200
Subject: [PATCH 3/3] 1.7.2

---
 index.php | 68 +++++++++++++++++++++++++++----------------------------
 1 file changed, 34 insertions(+), 34 deletions(-)

diff --git a/index.php b/index.php
index 2c532c0..b2ab146 100755
--- a/index.php
+++ b/index.php
@@ -8,7 +8,7 @@
  * @license    http://www.wtfpl.net/ see COPYING file
  */
 
-define ('POCHE', '1.7.1');
+define ('POCHE', '1.7.2');
 require 'check_setup.php';
 require_once 'inc/poche/global.inc.php';
 
@@ -72,39 +72,39 @@ if (isset($_GET['login'])) {
 
 if (Session::isLogged()) {
     
-    if (isset($_GET['logout'])) {
-    	# see you soon !
-    	$poche->logout();
-    } elseif (isset($_GET['config'])) {
-    	# Update password
-    	$poche->updatePassword();
-    } elseif (isset($_GET['newuser'])) {
-    	$poche->createNewUser();
-    } elseif (isset($_GET['deluser'])) {
-    	$poche->deleteUser();
-    } elseif (isset($_GET['epub'])) {
-    	$poche->createEpub();
-    } elseif (isset($_GET['import'])) {
-    	$import = $poche->import();
-    	$tpl_vars = array_merge($tpl_vars, $import);
-    } elseif (isset($_GET['download'])) {
-    	Tools::download_db();
-    } elseif (isset($_GET['empty-cache'])) {
-    	$poche->emptyCache();
-    } elseif (isset($_GET['export'])) {
-    	$poche->export();
-    } elseif (isset($_GET['updatetheme'])) {
-    	$poche->updateTheme();
-    } elseif (isset($_GET['updatelanguage'])) {
-    	$poche->updateLanguage();
-    } elseif (isset($_GET['uploadfile'])) {
-    	$poche->uploadFile();
-    } elseif (isset($_GET['feed']) && isset($_GET['action']) && $_GET['action'] == 'generate') {
-    		$poche->generateToken();
-    }
-    elseif (isset($_GET['plainurl']) && !empty($_GET['plainurl'])) {
-    	$plain_url = new Url(base64_encode($_GET['plainurl']));
-    	$poche->action('add', $plain_url);
+    if (isset($_GET['logout'])) {
+    	# see you soon !
+    	$poche->logout();
+    } elseif (isset($_GET['config'])) {
+    	# Update password
+    	$poche->updatePassword();
+    } elseif (isset($_GET['newuser'])) {
+    	$poche->createNewUser();
+    } elseif (isset($_GET['deluser'])) {
+    	$poche->deleteUser();
+    } elseif (isset($_GET['epub'])) {
+    	$poche->createEpub();
+    } elseif (isset($_GET['import'])) {
+    	$import = $poche->import();
+    	$tpl_vars = array_merge($tpl_vars, $import);
+    } elseif (isset($_GET['download'])) {
+    	Tools::download_db();
+    } elseif (isset($_GET['empty-cache'])) {
+    	$poche->emptyCache();
+    } elseif (isset($_GET['export'])) {
+    	$poche->export();
+    } elseif (isset($_GET['updatetheme'])) {
+    	$poche->updateTheme();
+    } elseif (isset($_GET['updatelanguage'])) {
+    	$poche->updateLanguage();
+    } elseif (isset($_GET['uploadfile'])) {
+    	$poche->uploadFile();
+    } elseif (isset($_GET['feed']) && isset($_GET['action']) && $_GET['action'] == 'generate') {
+    		$poche->generateToken();
+    }
+    elseif (isset($_GET['plainurl']) && !empty($_GET['plainurl'])) {
+    	$plain_url = new Url(base64_encode($_GET['plainurl']));
+    	$poche->action('add', $plain_url);
     }
   
     $poche->action($action, $url, $id);