From ceb78471089b69f433bb41646e2c5016a4a19a1d Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <fox@madoka.volgo-balt.ru>
Date: Mon, 1 Apr 2013 18:06:09 +0400
Subject: add HOOK_TOOLBAR_BUTTON, HOOK_ACTION_ITEM,
 HOOK_HEADLINE_TOOLBAR_BUTTON

---
 classes/feeds.php      |  4 ++++
 classes/pluginhost.php |  3 +++
 index.php              | 18 ++++++++++++++----
 3 files changed, 21 insertions(+), 4 deletions(-)

diff --git a/classes/feeds.php b/classes/feeds.php
index ff6b864e5..0c643325f 100644
--- a/classes/feeds.php
+++ b/classes/feeds.php
@@ -143,6 +143,10 @@ class Feeds extends Handler_Protected {
 
 		//$reply .= "</h2";
 
+		foreach ($pluginhost->get_hooks($pluginhost::HOOK_HEADLINE_TOOLBAR_BUTTON) as $p) {
+			 echo $p->hook_headline_toolbar_button($feed_id, $is_cat);
+		}
+
 		return $reply;
 	}
 
diff --git a/classes/pluginhost.php b/classes/pluginhost.php
index a6ba72fc6..5b8a77fd6 100644
--- a/classes/pluginhost.php
+++ b/classes/pluginhost.php
@@ -24,6 +24,9 @@ class PluginHost {
 	const HOOK_FEED_FETCHED = 12;
 	const HOOK_SANITIZE = 13;
 	const HOOK_RENDER_ARTICLE_API = 14;
+	const HOOK_TOOLBAR_BUTTON = 15;
+	const HOOK_ACTION_ITEM = 16;
+	const HOOK_HEADLINE_TOOLBAR_BUTTON = 17;
 
 	const KIND_ALL = 1;
 	const KIND_SYSTEM = 2;
diff --git a/index.php b/index.php
index 0b8a957bb..7fb7a7878 100644
--- a/index.php
+++ b/index.php
@@ -199,12 +199,15 @@
 			<option value="2weeks"><?php echo __('Older than two weeks') ?></option>
 		</select>
 
-		<button dojoType="dijit.form.Button"
-			onclick="viewCurrentFeed()">
-			<?php echo __('Refresh') ?></button>
-
 		</form>
 
+		<?php
+			global $pluginhost;
+			foreach ($pluginhost->get_hooks($pluginhost::HOOK_TOOLBAR_BUTTON) as $p) {
+				 echo $p->hook_toolbar_button();
+			}
+		?>
+
 		<div class="actionChooser">
 
 			<button id="net-alert" dojoType="dijit.form.Button" style="display : none" disabled="true"
@@ -243,6 +246,13 @@
 					<!-- <div dojoType="dijit.MenuItem" onclick="quickMenuGo('qmcAddLabel')"><?php echo __('Create label...') ?></div>
 					<div dojoType="dijit.MenuItem" onclick="quickMenuGo('qmcAddFilter')"><?php echo __('Create filter...') ?></div> -->
 					<div dojoType="dijit.MenuItem" onclick="quickMenuGo('qmcHKhelp')"><?php echo __('Keyboard shortcuts help') ?></div>
+
+					<?php
+						foreach ($pluginhost->get_hooks($pluginhost::HOOK_ACTION_ITEM) as $p) {
+						 echo $p->hook_action_item();
+						}
+					?>
+
 					<?php if (!$_SESSION["hide_logout"]) { ?>
 						<div dojoType="dijit.MenuItem" onclick="quickMenuGo('qmcLogout')"><?php echo __('Logout') ?></div>
 					<?php } ?>
-- 
cgit v1.2.3


From 52039010366520b842a250e8907c49b02fa9d03d Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <fox@madoka.volgo-balt.ru>
Date: Mon, 1 Apr 2013 18:14:24 +0400
Subject: tweak ttrssZoom display

---
 tt-rss.css | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tt-rss.css b/tt-rss.css
index dd89bff87..c6bc77dc3 100644
--- a/tt-rss.css
+++ b/tt-rss.css
@@ -972,6 +972,7 @@ div.postHeader span.author {
 body#ttrssZoom {
 	margin-left : auto;
 	margin-right : auto;
+	padding : 2em;
 	max-width : 800px;
 	background : #f0f0f0;
 }
@@ -982,7 +983,6 @@ body#ttrssZoom div.postContent p {
 
 body#ttrssZoom div.postReply {
 	border : 1px solid #ccc;
-	margin : 20px;
 	box-shadow : 0px 0px 3px #ccc;
 }
 
-- 
cgit v1.2.3


From 837ec70e3ee4378f4d7a0a616ad0f291b311152a Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <fox@madoka.volgo-balt.ru>
Date: Mon, 1 Apr 2013 18:22:07 +0400
Subject: validate_session: check for user agent

---
 include/functions.php | 1 +
 include/sessions.php  | 3 +++
 2 files changed, 4 insertions(+)

diff --git a/include/functions.php b/include/functions.php
index e86c97474..ece6d1b91 100644
--- a/include/functions.php
+++ b/include/functions.php
@@ -621,6 +621,7 @@
 					$_SESSION["uid"]);
 
 				$_SESSION["ip_address"] = $_SERVER["REMOTE_ADDR"];
+				$_SESSION["user_agent"] = sha1($_SERVER['HTTP_USER_AGENT']);
 				$_SESSION["pwd_hash"] = db_fetch_result($result, 0, "pwd_hash");
 
 				$_SESSION["last_version_check"] = time();
diff --git a/include/sessions.php b/include/sessions.php
index 81a5a7383..778d00e3a 100644
--- a/include/sessions.php
+++ b/include/sessions.php
@@ -57,6 +57,9 @@
 		if ($_SESSION["ref_schema_version"] != session_get_schema_version($link, true))
 			return false;
 
+		if (sha1($_SERVER['HTTP_USER_AGENT']) != $_SESSION["user_agent"])
+			return false;
+
 		if ($_SESSION["uid"]) {
 			$result = db_query($link,
 				"SELECT pwd_hash FROM ttrss_users WHERE id = '".$_SESSION["uid"]."'");
-- 
cgit v1.2.3