|
|
@@ -214,8 +214,10 @@ function token($conf) {
|
|
|
function checkToken($conf, $token) {
|
|
|
//http://code.google.com/p/google-reader-api/wiki/ActionToken
|
|
|
$user = Minz_Session::param('currentUser', '_');
|
|
|
- if ($user !== '_' && $token == '') {
|
|
|
- return true; //FeedMe //TODO: Check security consequences
|
|
|
+ if ($user !== '_' && ( //TODO: Check security consequences
|
|
|
+ $token == '' || //FeedMe
|
|
|
+ $token === 'x')) { //Reeder
|
|
|
+ return true;
|
|
|
}
|
|
|
if ($token === str_pad(sha1(FreshRSS_Context::$system_conf->salt . $user . $conf->apiPasswordHash), 57, 'Z')) {
|
|
|
return true;
|
Alexandre Alapetite