backend/rss: always use secret key to get uid when it is available instead of defaulting to session information; fix published url syntax being incorrect (closes #287)

master
Andrew Dolgov 14 years ago
parent 32a5e3444d
commit 476edbbb5f

@ -474,7 +474,7 @@
authenticate_user($link, "admin", null); authenticate_user($link, "admin", null);
} }
if ($key && !$_SESSION["uid"]) { if ($key) {
$result = db_query($link, "SELECT owner_uid FROM $result = db_query($link, "SELECT owner_uid FROM
ttrss_access_keys WHERE access_key = '$key' AND feed_id = '$feed'"); ttrss_access_keys WHERE access_key = '$key' AND feed_id = '$feed'");

@ -4093,7 +4093,7 @@
"</option>"; "</option>";
$rss_link = htmlspecialchars(get_self_url_prefix() . $rss_link = htmlspecialchars(get_self_url_prefix() .
"/backend.php?op=rss&id=$feed_id&is_cat=$is_cat$view_mode$search_q"); "/backend.php?op=rss&id=$feed_id&is_cat=$is_cat&view_mode=$view_mode$search_q");
print "<option value=\"0\" disabled=\"1\">".__('Feed:')."</option>"; print "<option value=\"0\" disabled=\"1\">".__('Feed:')."</option>";

Loading…
Cancel
Save