<?php
-/*
+/**
* Laconica - a distributed open-source microblogging tool
* Copyright (C) 2008, Controlez-Vous, Inc.
*
define('INSTALLDIR', dirname(__FILE__));
define('LACONICA', true);
-require_once(INSTALLDIR . "/lib/common.php");
+require_once INSTALLDIR . '/lib/common.php';
+
+// get and cache current user
+
+$user = common_current_user();
+
+// initialize language env
+
+common_init_language();
$action = $_REQUEST['action'];
-if (!$action) {
- common_redirect(common_local_url('public'));
+if (!$action || !preg_match('/^[a-zA-Z0-9_-]*$/', $action)) {
+ common_redirect(common_local_url('public'));
}
-# Do an OpenID immediate request if they're not logged in
-# and they have an OpenID cookie
-
-if (!common_logged_in() &&
- $_SERVER['REQUEST_METHOD'] == 'GET' &&
- $action != 'finishimmediate')
-{
- require_once(INSTALLDIR.'/lib/openid.php');
- $openid_url = oid_get_last();
- if ($openid_url) {
- oid_check_immediate($openid_url);
- return;
- }
+// If the site is private, and they're not on one of the "public"
+// parts of the site, redirect to login
+
+if (!$user && common_config('site', 'private') &&
+ !in_array($action, array('login', 'openidlogin', 'finishopenidlogin',
+ 'recoverpassword', 'api', 'doc', 'register'))) {
+ common_redirect(common_local_url('login'));
}
$actionfile = INSTALLDIR."/actions/$action.php";
if (file_exists($actionfile)) {
- require_once($actionfile);
- $action_class = ucfirst($action)."Action";
- $action_obj = new $action_class();
- call_user_func(array($action_obj, 'handle'), $_REQUEST);
+
+ include_once $actionfile;
+
+ $action_class = ucfirst($action).'Action';
+
+ $action_obj = new $action_class();
+
+ if ($config['db']['mirror'] && $action_obj->isReadOnly()) {
+ if (is_array($config['db']['mirror'])) {
+ // "load balancing", ha ha
+ $k = array_rand($config['db']['mirror']);
+
+ $mirror = $config['db']['mirror'][$k];
+ } else {
+ $mirror = $config['db']['mirror'];
+ }
+ $config['db']['database'] = $mirror;
+ }
+ if (call_user_func(array($action_obj, 'prepare'), $_REQUEST)) {
+ call_user_func(array($action_obj, 'handle'), $_REQUEST);
+ }
} else {
- common_user_error(_t('Unknown action'));
+ common_user_error(_('Unknown action'));
}
\ No newline at end of file