76a67cb71a
* Now an array to disable with granularity * Fixed all CSRF tokens back to 1 min * Added CSRF protection for unlock account * Unified error message for all csrf tokens * Fixed a few issues with last commit
33 lines
1.0 KiB
PHP
33 lines
1.0 KiB
PHP
<?php
|
|
|
|
// Make sure we are called from index.php
|
|
if (!defined('SECURITY')) die('Hacking attempt');
|
|
|
|
// Include markdown library
|
|
use \Michelf\Markdown;
|
|
|
|
if (!$smarty->isCached('master.tpl', $smarty_cache_key)) {
|
|
$debug->append('No cached version available, fetching from backend', 3);
|
|
// Fetch active news to display
|
|
$aNews = $news->getAllActive();
|
|
if (is_array($aNews)) {
|
|
foreach ($aNews as $key => $aData) {
|
|
// Transform Markdown content to HTML
|
|
$aNews[$key]['content'] = Markdown::defaultTransform($aData['content']);
|
|
}
|
|
}
|
|
|
|
$smarty->assign("HIDEAUTHOR", $setting->getValue('acl_hide_news_author'));
|
|
$smarty->assign("NEWS", $aNews);
|
|
} else {
|
|
$debug->append('Using cached page', 3);
|
|
}
|
|
// csrf token
|
|
if ($config['csrf']['enabled'] && !in_array('login', $config['csrf']['disabled_forms'])) {
|
|
$token = $csrftoken->getBasic($user->getCurrentIP(), 'login');
|
|
$smarty->assign('CTOKEN', $token);
|
|
}
|
|
// Load news entries for Desktop site and unauthenticated users
|
|
$smarty->assign("CONTENT", "default.tpl");
|
|
?>
|