diff options
Diffstat (limited to 'classes/api.php')
| -rwxr-xr-x | classes/api.php | 34 |
1 files changed, 10 insertions, 24 deletions
diff --git a/classes/api.php b/classes/api.php index 339e9eef1..ce046e66a 100755 --- a/classes/api.php +++ b/classes/api.php @@ -74,10 +74,10 @@ class API extends Handler { } if (get_pref("ENABLE_API_ACCESS", $uid)) { - if (authenticate_user($login, $password, false, Auth_Base::AUTH_SERVICE_API)) { // try login with normal password + if (UserHelper::authenticate($login, $password, false, Auth_Base::AUTH_SERVICE_API)) { // try login with normal password $this->wrap(self::STATUS_OK, array("session_id" => session_id(), "api_level" => self::API_LEVEL)); - } else if (authenticate_user($login, $password_base64, false, Auth_Base::AUTH_SERVICE_API)) { // else try with base64_decoded password + } else if (UserHelper::authenticate($login, $password_base64, false, Auth_Base::AUTH_SERVICE_API)) { // else try with base64_decoded password $this->wrap(self::STATUS_OK, array("session_id" => session_id(), "api_level" => self::API_LEVEL)); } else { // else we are not logged in @@ -91,7 +91,7 @@ class API extends Handler { } function logout() { - logout_user(); + Pref_Users::logout_user(); $this->wrap(self::STATUS_OK, array("status" => "OK")); } @@ -160,9 +160,9 @@ class API extends Handler { $unread += Feeds::getCategoryChildrenUnread($line["id"]); if ($unread || !$unread_only) { - array_push($cats, array("id" => $line["id"], + array_push($cats, array("id" => (int) $line["id"], "title" => $line["title"], - "unread" => $unread, + "unread" => (int) $unread, "order_id" => (int) $line["order_id"], )); } @@ -174,9 +174,9 @@ class API extends Handler { $unread = getFeedUnread($cat_id, true); if ($unread || !$unread_only) { - array_push($cats, array("id" => $cat_id, + array_push($cats, array("id" => (int) $cat_id, "title" => Feeds::getCategoryTitle($cat_id), - "unread" => $unread)); + "unread" => (int) $unread)); } } } @@ -214,21 +214,7 @@ class API extends Handler { $_SESSION['hasSandbox'] = $has_sandbox; - $skip_first_id_check = false; - - $override_order = false; - switch (clean($_REQUEST["order_by"])) { - case "title": - $override_order = "ttrss_entries.title, date_entered, updated"; - break; - case "date_reverse": - $override_order = "score DESC, date_entered, updated"; - $skip_first_id_check = true; - break; - case "feed_dates": - $override_order = "updated DESC"; - break; - } + list($override_order, $skip_first_id_check) = Feeds::order_to_override_query(clean($_REQUEST["order_by"])); /* do not rely on params below */ @@ -357,7 +343,7 @@ class API extends Handler { ); if ($sanitize_content) { - $article["content"] = sanitize( + $article["content"] = Sanitizer::sanitize( $line["content"], API::param_to_bool($line['hide_images']), false, $line["site_url"], false, $line["id"]); @@ -762,7 +748,7 @@ class API extends Handler { if ($show_content) { if ($sanitize_content) { - $headline_row["content"] = sanitize( + $headline_row["content"] = Sanitizer::sanitize( $line["content"], API::param_to_bool($line['hide_images']), false, $line["site_url"], false, $line["id"]); |