[tt-rss.git] / classes / api.php

<?php

class API extends Handler {

	const API_LEVEL  = 4;

	const STATUS_OK  = 0;
	const STATUS_ERR = 1;

	private $seq;

	function before($method) {
		if (parent::before($method)) {
			header("Content-Type: text/json");

			if (!$_SESSION["uid"] && $method != "login" && $method != "isloggedin") {
				print $this->wrap(self::STATUS_ERR, array("error" => 'NOT_LOGGED_IN'));
				return false;
			}

			if ($_SESSION["uid"] && $method != "logout" && !get_pref($this->link, 'ENABLE_API_ACCESS')) {
				print $this->wrap(self::STATUS_ERR, array("error" => 'API_DISABLED'));
				return false;
			}

			$this->seq = (int) $_REQUEST['seq'];

			return true;
		}
		return false;
	}

	function wrap($status, $reply) {
		print json_encode(array("seq" => $this->seq,
			"status" => $status,
			"content" => $reply));
	}

	function getVersion() {
		$rv = array("version" => VERSION);
		print $this->wrap(self::STATUS_OK, $rv);
	}

	function getApiLevel() {
		$rv = array("level" => self::API_LEVEL);
		print $this->wrap(self::STATUS_OK, $rv);
	}

	function login() {
		$login = db_escape_string($_REQUEST["user"]);
		$password = $_REQUEST["password"];
		$password_base64 = base64_decode($_REQUEST["password"]);

		if (SINGLE_USER_MODE) $login = "admin";

		$result = db_query($this->link, "SELECT id FROM ttrss_users WHERE login = '$login'");

		if (db_num_rows($result) != 0) {
			$uid = db_fetch_result($result, 0, "id");
		} else {
			$uid = 0;
		}

		if (!$uid) {
			print $this->wrap(self::STATUS_ERR, array("error" => "LOGIN_ERROR"));
			return;
		}

		if (get_pref($this->link, "ENABLE_API_ACCESS", $uid)) {
			if (authenticate_user($this->link, $login, $password)) {               // try login with normal password
				print $this->wrap(self::STATUS_OK, array("session_id" => session_id(),
					"api_level" => self::API_LEVEL));
			} else if (authenticate_user($this->link, $login, $password_base64)) { // else try with base64_decoded password
				print $this->wrap(self::STATUS_OK,	array("session_id" => session_id(),
					"api_level" => self::API_LEVEL));
			} else {                                                         // else we are not logged in
				print $this->wrap(self::STATUS_ERR, array("error" => "LOGIN_ERROR"));
			}
		} else {
			print $this->wrap(self::STATUS_ERR, array("error" => "API_DISABLED"));
		}

	}

	function logout() {
		logout_user();
		print $this->wrap(self::STATUS_OK, array("status" => "OK"));
	}

	function isLoggedIn() {
		print $this->wrap(self::STATUS_OK, array("status" => $_SESSION["uid"] != ''));
	}

	function getUnread() {
		$feed_id = db_escape_string($_REQUEST["feed_id"]);
		$is_cat = db_escape_string($_REQUEST["is_cat"]);

		if ($feed_id) {
			print $this->wrap(self::STATUS_OK, array("unread" => getFeedUnread($this->link, $feed_id, $is_cat)));
		} else {
			print $this->wrap(self::STATUS_OK, array("unread" => getGlobalUnread($this->link)));
		}
	}

	/* Method added for ttrss-reader for Android */
	function getCounters() {
		print $this->wrap(self::STATUS_OK, getAllCounters($this->link));
	}

	function getFeeds() {
		$cat_id = db_escape_string($_REQUEST["cat_id"]);
		$unread_only = (bool)db_escape_string($_REQUEST["unread_only"]);
		$limit = (int) db_escape_string($_REQUEST["limit"]);
		$offset = (int) db_escape_string($_REQUEST["offset"]);
		$include_nested = (bool)db_escape_string($_REQUEST["include_nested"]);

		$feeds = $this->api_get_feeds($this->link, $cat_id, $unread_only, $limit, $offset, $include_nested);

		print $this->wrap(self::STATUS_OK, $feeds);
	}

	function getCategories() {
		$unread_only = (bool)db_escape_string($_REQUEST["unread_only"]);
		$enable_nested = (bool)db_escape_string($_REQUEST["enable_nested"]);

		// TODO do not return empty categories, return Uncategorized and standard virtual cats

		if ($enable_nested)
			$nested_qpart = "parent_cat IS NULL";
		else
			$nested_qpart = "true";

		$result = db_query($this->link, "SELECT
				id, title, order_id, (SELECT COUNT(id) FROM
				ttrss_feeds WHERE
				ttrss_feed_categories.id IS NOT NULL AND cat_id = ttrss_feed_categories.id) AS num_feeds
			FROM ttrss_feed_categories
			WHERE $nested_qpart AND owner_uid = " .
			$_SESSION["uid"]);

		$cats = array();

		while ($line = db_fetch_assoc($result)) {
			if ($line["num_feeds"] > 0) {
				$unread = getFeedUnread($this->link, $line["id"], true);

				if ($enable_nested)
					$unread += getCategoryChildrenUnread($this->link, $line["id"]);

				if ($unread || !$unread_only) {
					array_push($cats, array("id" => $line["id"],
						"title" => $line["title"],
						"unread" => $unread,
						"order_id" => (int) $line["order_id"],
					));
				}
			}
		}

		foreach (array(-2,-1,0) as $cat_id) {
			$unread = getFeedUnread($this->link, $cat_id, true);

			if ($unread || !$unread_only) {
				array_push($cats, array("id" => $cat_id,
					"title" => getCategoryTitle($this->link, $cat_id),
					"unread" => $unread));
			}
		}

		print $this->wrap(self::STATUS_OK, $cats);
	}

	function getHeadlines() {
		$feed_id = db_escape_string($_REQUEST["feed_id"]);
		if ($feed_id != "") {

			$limit = (int)db_escape_string($_REQUEST["limit"]);

			if (!$limit || $limit >= 60) $limit = 60;

			$offset = (int)db_escape_string($_REQUEST["skip"]);
			$filter = db_escape_string($_REQUEST["filter"]);
			$is_cat = (bool)db_escape_string($_REQUEST["is_cat"]);
			$show_excerpt = (bool)db_escape_string($_REQUEST["show_excerpt"]);
			$show_content = (bool)db_escape_string($_REQUEST["show_content"]);
			/* all_articles, unread, adaptive, marked, updated */
			$view_mode = db_escape_string($_REQUEST["view_mode"]);
			$include_attachments = (bool)db_escape_string($_REQUEST["include_attachments"]);
			$since_id = (int)db_escape_string($_REQUEST["since_id"]);
			$include_nested = (bool)db_escape_string($_REQUEST["include_nested"]);
			$sanitize_content = true;

			/* do not rely on params below */

			$search = db_escape_string($_REQUEST["search"]);
			$search_mode = db_escape_string($_REQUEST["search_mode"]);
			$match_on = db_escape_string($_REQUEST["match_on"]);

			$headlines = $this->api_get_headlines($this->link, $feed_id, $limit, $offset,
				$filter, $is_cat, $show_excerpt, $show_content, $view_mode, false,
				$include_attachments, $since_id, $search, $search_mode, $match_on,
				$include_nested, $sanitize_content);

			print $this->wrap(self::STATUS_OK, $headlines);
		} else {
			print $this->wrap(self::STATUS_ERR, array("error" => 'INCORRECT_USAGE'));
		}
	}

	function updateArticle() {
		$article_ids = array_filter(explode(",", db_escape_string($_REQUEST["article_ids"])), is_numeric);
		$mode = (int) db_escape_string($_REQUEST["mode"]);
		$data = db_escape_string($_REQUEST["data"]);
		$field_raw = (int)db_escape_string($_REQUEST["field"]);

		$field = "";
		$set_to = "";

		switch ($field_raw) {
			case 0:
				$field = "marked";
				break;
			case 1:
				$field = "published";
				break;
			case 2:
				$field = "unread";
				break;
			case 3:
				$field = "note";
		};

		switch ($mode) {
			case 1:
				$set_to = "true";
				break;
			case 0:
				$set_to = "false";
				break;
			case 2:
				$set_to = "NOT $field";
				break;
		}

		if ($field == "note") $set_to = "'$data'";

		if ($field && $set_to && count($article_ids) > 0) {

			$article_ids = join(", ", $article_ids);

			if ($field == "unread") {
				$result = db_query($this->link, "UPDATE ttrss_user_entries SET $field = $set_to,
					last_read = NOW()
					WHERE ref_id IN ($article_ids) AND owner_uid = " . $_SESSION["uid"]);
			} else {
				$result = db_query($this->link, "UPDATE ttrss_user_entries SET $field = $set_to
					WHERE ref_id IN ($article_ids) AND owner_uid = " . $_SESSION["uid"]);
			}

			$num_updated = db_affected_rows($this->link, $result);

			if ($num_updated > 0 && $field == "unread") {
				$result = db_query($this->link, "SELECT DISTINCT feed_id FROM ttrss_user_entries
					WHERE ref_id IN ($article_ids)");

				while ($line = db_fetch_assoc($result)) {
					ccache_update($this->link, $line["feed_id"], $_SESSION["uid"]);
				}
			}

			print $this->wrap(self::STATUS_OK, array("status" => "OK",
				"updated" => $num_updated));

		} else {
			print $this->wrap(self::STATUS_ERR, array("error" => 'INCORRECT_USAGE'));
		}

	}

	function getArticle() {

		$article_id = join(",", array_filter(explode(",", db_escape_string($_REQUEST["article_id"])), is_numeric));

		$query = "SELECT id,title,link,content,cached_content,feed_id,comments,int_id,
			marked,unread,published,
			".SUBSTRING_FOR_DATE."(updated,1,16) as updated,
			author
			FROM ttrss_entries,ttrss_user_entries
			WHERE	id IN ($article_id) AND ref_id = id AND owner_uid = " .
				$_SESSION["uid"] ;

		$result = db_query($this->link, $query);

		$articles = array();

		if (db_num_rows($result) != 0) {

			while ($line = db_fetch_assoc($result)) {

				$attachments = get_article_enclosures($this->link, $line['id']);

				$article = array(
					"id" => $line["id"],
					"title" => $line["title"],
					"link" => $line["link"],
					"labels" => get_article_labels($this->link, $line['id']),
					"unread" => sql_bool_to_bool($line["unread"]),
					"marked" => sql_bool_to_bool($line["marked"]),
					"published" => sql_bool_to_bool($line["published"]),
					"comments" => $line["comments"],
					"author" => $line["author"],
					"updated" => strtotime($line["updated"]),
					"content" => $line["cached_content"] != "" ? $line["cached_content"] : $line["content"],
					"feed_id" => $line["feed_id"],
					"attachments" => $attachments
				);

				array_push($articles, $article);

			}
		}

		print $this->wrap(self::STATUS_OK, $articles);

	}

	function getConfig() {
		$config = array(
			"icons_dir" => ICONS_DIR,
			"icons_url" => ICONS_URL);

		$config["daemon_is_running"] = file_is_locked("update_daemon.lock");

		$result = db_query($this->link, "SELECT COUNT(*) AS cf FROM
			ttrss_feeds WHERE owner_uid = " . $_SESSION["uid"]);

		$num_feeds = db_fetch_result($result, 0, "cf");

		$config["num_feeds"] = (int)$num_feeds;

		print $this->wrap(self::STATUS_OK, $config);
	}

	function updateFeed() {
		$feed_id = db_escape_string($_REQUEST["feed_id"]);

		update_rss_feed($this->link, $feed_id, true);

		print $this->wrap(self::STATUS_OK, array("status" => "OK"));
	}

	function catchupFeed() {
		$feed_id = db_escape_string($_REQUEST["feed_id"]);
		$is_cat = db_escape_string($_REQUEST["is_cat"]);

		catchup_feed($this->link, $feed_id, $is_cat);

		print $this->wrap(self::STATUS_OK, array("status" => "OK"));
	}

	function getPref() {
		$pref_name = db_escape_string($_REQUEST["pref_name"]);

		print $this->wrap(self::STATUS_OK, array("value" => get_pref($this->link, $pref_name)));
	}

	function getLabels() {
		//$article_ids = array_filter(explode(",", db_escape_string($_REQUEST["article_ids"])), is_numeric);

		$article_id = (int)$_REQUEST['article_id'];

		$rv = array();

		$result = db_query($this->link, "SELECT id, caption, fg_color, bg_color
			FROM ttrss_labels2
			WHERE owner_uid = '".$_SESSION['uid']."' ORDER BY caption");

		if ($article_id)
			$article_labels = get_article_labels($this->link, $article_id);
		else
			$article_labels = array();

		while ($line = db_fetch_assoc($result)) {

			$checked = false;
			foreach ($article_labels as $al) {
				if ($al[0] == $line['id']) {
					$checked = true;
					break;
				}
			}

			array_push($rv, array(
				"id" => (int)$line['id'],
				"caption" => $line['caption'],
				"fg_color" => $line['fg_color'],
				"bg_color" => $line['bg_color'],
				"checked" => $checked));
		}

		print $this->wrap(self::STATUS_OK, $rv);
	}

	function setArticleLabel() {

		$article_ids = array_filter(explode(",", db_escape_string($_REQUEST["article_ids"])), is_numeric);
		$label_id = (int) db_escape_string($_REQUEST['label_id']);
		$assign = (bool) db_escape_string($_REQUEST['assign']) == "true";

		$label = db_escape_string(label_find_caption($this->link,
			$label_id, $_SESSION["uid"]));

		$num_updated = 0;

		if ($label) {

			foreach ($article_ids as $id) {

				if ($assign)
					label_add_article($this->link, $id, $label, $_SESSION["uid"]);
				else
					label_remove_article($this->link, $id, $label, $_SESSION["uid"]);

				++$num_updated;

			}
		}

		print $this->wrap(self::STATUS_OK, array("status" => "OK",
			"updated" => $num_updated));

	}

	function index() {
		print $this->wrap(self::STATUS_ERR, array("error" => 'UNKNOWN_METHOD'));
	}

	function shareToPublished() {
		$title = db_escape_string(strip_tags($_REQUEST["title"]));
		$url = db_escape_string(strip_tags($_REQUEST["url"]));
		$content = db_escape_string(strip_tags($_REQUEST["content"]));

		if (Article::create_published_article($this->link, $title, $url, $content, "", $_SESSION["uid"])) {
			print $this->wrap(self::STATUS_OK, array("status" => 'OK'));
		} else {
			print $this->wrap(self::STATUS_ERR, array("error" => 'Publishing failed'));
		}
	}

	static function api_get_feeds($link, $cat_id, $unread_only, $limit, $offset, $include_nested = false) {

			$feeds = array();

			/* Labels */

			if ($cat_id == -4 || $cat_id == -2) {
				$counters = getLabelCounters($link, true);

				foreach (array_values($counters) as $cv) {

					$unread = $cv["counter"];

					if ($unread || !$unread_only) {

						$row = array(
								"id" => $cv["id"],
								"title" => $cv["description"],
								"unread" => $cv["counter"],
								"cat_id" => -2,
							);

						array_push($feeds, $row);
					}
				}
			}

			/* Virtual feeds */

			if ($cat_id == -4 || $cat_id == -1) {
				foreach (array(-1, -2, -3, -4, -6, 0) as $i) {
					$unread = getFeedUnread($link, $i);

					if ($unread || !$unread_only) {
						$title = getFeedTitle($link, $i);

						$row = array(
								"id" => $i,
								"title" => $title,
								"unread" => $unread,
								"cat_id" => -1,
							);
						array_push($feeds, $row);
					}

				}
			}

			/* Child cats */

			if ($include_nested && $cat_id) {
				$result = db_query($link, "SELECT
					id, title FROM ttrss_feed_categories
					WHERE parent_cat = '$cat_id' AND owner_uid = " . $_SESSION["uid"] .
				" ORDER BY id, title");

				while ($line = db_fetch_assoc($result)) {
					$unread = getFeedUnread($link, $line["id"], true) +
						getCategoryChildrenUnread($link, $line["id"]);

					if ($unread || !$unread_only) {
						$row = array(
								"id" => $line["id"],
								"title" => $line["title"],
								"unread" => $unread,
								"is_cat" => true,
							);
						array_push($feeds, $row);
					}
				}
			}

			/* Real feeds */

			if ($limit) {
				$limit_qpart = "LIMIT $limit OFFSET $offset";
			} else {
				$limit_qpart = "";
			}

			if ($cat_id == -4 || $cat_id == -3) {
				$result = db_query($link, "SELECT
					id, feed_url, cat_id, title, order_id, ".
						SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated
						FROM ttrss_feeds WHERE owner_uid = " . $_SESSION["uid"] .
						" ORDER BY cat_id, title " . $limit_qpart);
			} else {

				if ($cat_id)
					$cat_qpart = "cat_id = '$cat_id'";
				else
					$cat_qpart = "cat_id IS NULL";

				$result = db_query($link, "SELECT
					id, feed_url, cat_id, title, order_id, ".
						SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated
						FROM ttrss_feeds WHERE
						$cat_qpart AND owner_uid = " . $_SESSION["uid"] .
						" ORDER BY cat_id, title " . $limit_qpart);
			}

			while ($line = db_fetch_assoc($result)) {

				$unread = getFeedUnread($link, $line["id"]);

				$has_icon = feed_has_icon($line['id']);

				if ($unread || !$unread_only) {

					$row = array(
							"feed_url" => $line["feed_url"],
							"title" => $line["title"],
							"id" => (int)$line["id"],
							"unread" => (int)$unread,
							"has_icon" => $has_icon,
							"cat_id" => (int)$line["cat_id"],
							"last_updated" => strtotime($line["last_updated"]),
							"order_id" => (int) $line["order_id"],
						);

					array_push($feeds, $row);
				}
			}

		return $feeds;
	}

	static function api_get_headlines($link, $feed_id, $limit, $offset,
				$filter, $is_cat, $show_excerpt, $show_content, $view_mode, $order,
				$include_attachments, $since_id,
				$search = "", $search_mode = "", $match_on = "",
				$include_nested = false, $sanitize_content = true) {

			$qfh_ret = queryFeedHeadlines($link, $feed_id, $limit,
				$view_mode, $is_cat, $search, $search_mode, $match_on,
				$order, $offset, 0, false, $since_id, $include_nested);

			$result = $qfh_ret[0];
			$feed_title = $qfh_ret[1];

			$headlines = array();

			while ($line = db_fetch_assoc($result)) {
				$is_updated = ($line["last_read"] == "" &&
					($line["unread"] != "t" && $line["unread"] != "1"));

				$tags = explode(",", $line["tag_cache"]);
				$labels = json_decode($line["label_cache"], true);

				//if (!$tags) $tags = get_article_tags($link, $line["id"]);
				//if (!$labels) $labels = get_article_labels($link, $line["id"]);

				$headline_row = array(
						"id" => (int)$line["id"],
						"unread" => sql_bool_to_bool($line["unread"]),
						"marked" => sql_bool_to_bool($line["marked"]),
						"published" => sql_bool_to_bool($line["published"]),
						"updated" => strtotime($line["updated"]),
						"is_updated" => $is_updated,
						"title" => $line["title"],
						"link" => $line["link"],
						"feed_id" => $line["feed_id"],
						"tags" => $tags,
					);

					if ($include_attachments)
						$headline_row['attachments'] = get_article_enclosures($link,
							$line['id']);

				if ($show_excerpt) {
					$excerpt = truncate_string(strip_tags($line["content_preview"]), 100);
					$headline_row["excerpt"] = $excerpt;
				}

				if ($show_content) {

					if ($line["cached_content"] != "") {
						$line["content_preview"] =& $line["cached_content"];
					}

					if ($sanitize_content) {
						$headline_row["content"] = sanitize($link,
							$line["content_preview"], false, false, $line["site_url"]);
					} else {
						$headline_row["content"] = $line["content_preview"];
					}
				}

				// unify label output to ease parsing
				if ($labels["no-labels"] == 1) $labels = array();

				$headline_row["labels"] = $labels;

				$headline_row["feed_title"] = $line["feed_title"];

				$headline_row["comments_count"] = (int)$line["num_comments"];
				$headline_row["comments_link"] = $line["comments"];

				$headline_row["always_display_attachments"] = sql_bool_to_bool($line["always_display_enclosures"]);

				array_push($headlines, $headline_row);
			}

			return $headlines;
	}

}

?>
Commit	Line	Data
de8260cb AD	1	<?php
	2
	3	class API extends Handler {
	4
8361e724	5	const API_LEVEL = 4;
de8260cb AD	6
	7	const STATUS_OK = 0;
	8	const STATUS_ERR = 1;
	9
	10	private $seq;
	11
	12	function before($method) {
	13	if (parent::before($method)) {
12f31782	14	header("Content-Type: text/json");
de8260cb AD	15
	16	if (!$_SESSION["uid"] && $method != "login" && $method != "isloggedin") {
	17	print $this->wrap(self::STATUS_ERR, array("error" => 'NOT_LOGGED_IN'));
	18	return false;
	19	}
	20
	21	if ($_SESSION["uid"] && $method != "logout" && !get_pref($this->link, 'ENABLE_API_ACCESS')) {
	22	print $this->wrap(self::STATUS_ERR, array("error" => 'API_DISABLED'));
	23	return false;
	24	}
	25
	26	$this->seq = (int) $_REQUEST['seq'];
	27
de8260cb AD	28	return true;
	29	}
	30	return false;
	31	}
	32
	33	function wrap($status, $reply) {
	34	print json_encode(array("seq" => $this->seq,
	35	"status" => $status,
	36	"content" => $reply));
	37	}
	38
	39	function getVersion() {
	40	$rv = array("version" => VERSION);
	41	print $this->wrap(self::STATUS_OK, $rv);
	42	}
	43
	44	function getApiLevel() {
a3b5394a	45	$rv = array("level" => self::API_LEVEL);
de8260cb AD	46	print $this->wrap(self::STATUS_OK, $rv);
	47	}
	48
	49	function login() {
	50	$login = db_escape_string($_REQUEST["user"]);
	51	$password = $_REQUEST["password"];
	52	$password_base64 = base64_decode($_REQUEST["password"]);
	53
	54	if (SINGLE_USER_MODE) $login = "admin";
	55
	56	$result = db_query($this->link, "SELECT id FROM ttrss_users WHERE login = '$login'");
	57
	58	if (db_num_rows($result) != 0) {
	59	$uid = db_fetch_result($result, 0, "id");
	60	} else {
	61	$uid = 0;
	62	}
	63
	64	if (!$uid) {
	65	print $this->wrap(self::STATUS_ERR, array("error" => "LOGIN_ERROR"));
	66	return;
	67	}
	68
	69	if (get_pref($this->link, "ENABLE_API_ACCESS", $uid)) {
	70	if (authenticate_user($this->link, $login, $password)) { // try login with normal password
5ba4ebc6 AD	71	print $this->wrap(self::STATUS_OK, array("session_id" => session_id(),
5ba4ebc6 AD	72	"api_level" => self::API_LEVEL));
de8260cb	73	} else if (authenticate_user($this->link, $login, $password_base64)) { // else try with base64_decoded password
5ba4ebc6 AD	74	print $this->wrap(self::STATUS_OK, array("session_id" => session_id(),
5ba4ebc6 AD	75	"api_level" => self::API_LEVEL));
de8260cb AD	76	} else { // else we are not logged in
	77	print $this->wrap(self::STATUS_ERR, array("error" => "LOGIN_ERROR"));
	78	}
	79	} else {
	80	print $this->wrap(self::STATUS_ERR, array("error" => "API_DISABLED"));
	81	}
	82
	83	}
	84
	85	function logout() {
	86	logout_user();
	87	print $this->wrap(self::STATUS_OK, array("status" => "OK"));
	88	}
	89
	90	function isLoggedIn() {
	91	print $this->wrap(self::STATUS_OK, array("status" => $_SESSION["uid"] != ''));
	92	}
	93
	94	function getUnread() {
	95	$feed_id = db_escape_string($_REQUEST["feed_id"]);
	96	$is_cat = db_escape_string($_REQUEST["is_cat"]);
	97
	98	if ($feed_id) {
	99	print $this->wrap(self::STATUS_OK, array("unread" => getFeedUnread($this->link, $feed_id, $is_cat)));
	100	} else {
	101	print $this->wrap(self::STATUS_OK, array("unread" => getGlobalUnread($this->link)));
	102	}
	103	}
	104
	105	/* Method added for ttrss-reader for Android */
	106	function getCounters() {
5b55e9e2	107	print $this->wrap(self::STATUS_OK, getAllCounters($this->link));
de8260cb AD	108	}
	109
	110	function getFeeds() {
	111	$cat_id = db_escape_string($_REQUEST["cat_id"]);
	112	$unread_only = (bool)db_escape_string($_REQUEST["unread_only"]);
	113	$limit = (int) db_escape_string($_REQUEST["limit"]);
	114	$offset = (int) db_escape_string($_REQUEST["offset"]);
48646336	115	$include_nested = (bool)db_escape_string($_REQUEST["include_nested"]);
de8260cb	116
04f60eb7	117	$feeds = $this->api_get_feeds($this->link, $cat_id, $unread_only, $limit, $offset, $include_nested);
de8260cb AD	118
	119	print $this->wrap(self::STATUS_OK, $feeds);
	120	}
	121
	122	function getCategories() {
	123	$unread_only = (bool)db_escape_string($_REQUEST["unread_only"]);
48646336	124	$enable_nested = (bool)db_escape_string($_REQUEST["enable_nested"]);
de8260cb AD	125
	126	// TODO do not return empty categories, return Uncategorized and standard virtual cats
	127
48646336 AD	128	if ($enable_nested)
	129	$nested_qpart = "parent_cat IS NULL";
	130	else
	131	$nested_qpart = "true";
	132
de8260cb	133	$result = db_query($this->link, "SELECT
d49dfa38 AD	134	id, title, order_id, (SELECT COUNT(id) FROM
	135	ttrss_feeds WHERE
	136	ttrss_feed_categories.id IS NOT NULL AND cat_id = ttrss_feed_categories.id) AS num_feeds
	137	FROM ttrss_feed_categories
48646336	138	WHERE $nested_qpart AND owner_uid = " .
de8260cb AD	139	$_SESSION["uid"]);
	140
	141	$cats = array();
	142
	143	while ($line = db_fetch_assoc($result)) {
d49dfa38 AD	144	if ($line["num_feeds"] > 0) {
	145	$unread = getFeedUnread($this->link, $line["id"], true);
	146
	147	if ($enable_nested)
	148	$unread += getCategoryChildrenUnread($this->link, $line["id"]);
	149
	150	if ($unread \|\| !$unread_only) {
	151	array_push($cats, array("id" => $line["id"],
	152	"title" => $line["title"],
	153	"unread" => $unread,
	154	"order_id" => (int) $line["order_id"],
	155	));
	156	}
de8260cb AD	157	}
	158	}
	159
	160	foreach (array(-2,-1,0) as $cat_id) {
	161	$unread = getFeedUnread($this->link, $cat_id, true);
	162
	163	if ($unread \|\| !$unread_only) {
	164	array_push($cats, array("id" => $cat_id,
	165	"title" => getCategoryTitle($this->link, $cat_id),
	166	"unread" => $unread));
	167	}
	168	}
	169
	170	print $this->wrap(self::STATUS_OK, $cats);
	171	}
	172
	173	function getHeadlines() {
	174	$feed_id = db_escape_string($_REQUEST["feed_id"]);
8aa3becc	175	if ($feed_id != "") {
de8260cb AD	176
de8260cb AD	177	$limit = (int)db_escape_string($_REQUEST["limit"]);
1a740cf6 AD	178
	179	if (!$limit \|\| $limit >= 60) $limit = 60;
	180
de8260cb AD	181	$offset = (int)db_escape_string($_REQUEST["skip"]);
	182	$filter = db_escape_string($_REQUEST["filter"]);
	183	$is_cat = (bool)db_escape_string($_REQUEST["is_cat"]);
	184	$show_excerpt = (bool)db_escape_string($_REQUEST["show_excerpt"]);
	185	$show_content = (bool)db_escape_string($_REQUEST["show_content"]);
	186	/* all_articles, unread, adaptive, marked, updated */
	187	$view_mode = db_escape_string($_REQUEST["view_mode"]);
	188	$include_attachments = (bool)db_escape_string($_REQUEST["include_attachments"]);
	189	$since_id = (int)db_escape_string($_REQUEST["since_id"]);
48646336	190	$include_nested = (bool)db_escape_string($_REQUEST["include_nested"]);
db9e00e3	191	$sanitize_content = true;
de8260cb	192
3e4af5b0 AD	193	/* do not rely on params below */
	194
	195	$search = db_escape_string($_REQUEST["search"]);
	196	$search_mode = db_escape_string($_REQUEST["search_mode"]);
	197	$match_on = db_escape_string($_REQUEST["match_on"]);
	198
04f60eb7	199	$headlines = $this->api_get_headlines($this->link, $feed_id, $limit, $offset,
de8260cb	200	$filter, $is_cat, $show_excerpt, $show_content, $view_mode, false,
48646336	201	$include_attachments, $since_id, $search, $search_mode, $match_on,
db9e00e3	202	$include_nested, $sanitize_content);
de8260cb AD	203
	204	print $this->wrap(self::STATUS_OK, $headlines);
	205	} else {
	206	print $this->wrap(self::STATUS_ERR, array("error" => 'INCORRECT_USAGE'));
	207	}
	208	}
	209
	210	function updateArticle() {
	211	$article_ids = array_filter(explode(",", db_escape_string($_REQUEST["article_ids"])), is_numeric);
	212	$mode = (int) db_escape_string($_REQUEST["mode"]);
	213	$data = db_escape_string($_REQUEST["data"]);
	214	$field_raw = (int)db_escape_string($_REQUEST["field"]);
	215
	216	$field = "";
	217	$set_to = "";
	218
	219	switch ($field_raw) {
	220	case 0:
	221	$field = "marked";
	222	break;
	223	case 1:
	224	$field = "published";
	225	break;
	226	case 2:
	227	$field = "unread";
	228	break;
	229	case 3:
	230	$field = "note";
	231	};
	232
	233	switch ($mode) {
	234	case 1:
	235	$set_to = "true";
	236	break;
	237	case 0:
	238	$set_to = "false";
	239	break;
	240	case 2:
	241	$set_to = "NOT $field";
	242	break;
	243	}
	244
	245	if ($field == "note") $set_to = "'$data'";
	246
	247	if ($field && $set_to && count($article_ids) > 0) {
	248
	249	$article_ids = join(", ", $article_ids);
	250
	251	if ($field == "unread") {
	252	$result = db_query($this->link, "UPDATE ttrss_user_entries SET $field = $set_to,
	253	last_read = NOW()
	254	WHERE ref_id IN ($article_ids) AND owner_uid = " . $_SESSION["uid"]);
	255	} else {
	256	$result = db_query($this->link, "UPDATE ttrss_user_entries SET $field = $set_to
	257	WHERE ref_id IN ($article_ids) AND owner_uid = " . $_SESSION["uid"]);
	258	}
	259
	260	$num_updated = db_affected_rows($this->link, $result);
	261
	262	if ($num_updated > 0 && $field == "unread") {
	263	$result = db_query($this->link, "SELECT DISTINCT feed_id FROM ttrss_user_entries
	264	WHERE ref_id IN ($article_ids)");
	265
	266	while ($line = db_fetch_assoc($result)) {
267	ccache_update($this->link, $line["feed_id"], $_SESSION["uid"]);
268	}
269	}
270
271	print $this->wrap(self::STATUS_OK, array("status" => "OK",
272	"updated" => $num_updated));
273
274	} else {
275	print $this->wrap(self::STATUS_ERR, array("error" => 'INCORRECT_USAGE'));
276	}
277
278	}
279
280	function getArticle() {
281
282	$article_id = join(",", array_filter(explode(",", db_escape_string($_REQUEST["article_id"])), is_numeric));
283
87764a50	284	$query = "SELECT id,title,link,content,cached_content,feed_id,comments,int_id,
de8260cb AD	285	marked,unread,published,
	286	".SUBSTRING_FOR_DATE."(updated,1,16) as updated,
	287	author
	288	FROM ttrss_entries,ttrss_user_entries
	289	WHERE id IN ($article_id) AND ref_id = id AND owner_uid = " .
	290	$_SESSION["uid"] ;
	291
	292	$result = db_query($this->link, $query);
	293
	294	$articles = array();
	295
	296	if (db_num_rows($result) != 0) {
	297
	298	while ($line = db_fetch_assoc($result)) {
	299
	300	$attachments = get_article_enclosures($this->link, $line['id']);
	301
	302	$article = array(
	303	"id" => $line["id"],
	304	"title" => $line["title"],
	305	"link" => $line["link"],
	306	"labels" => get_article_labels($this->link, $line['id']),
	307	"unread" => sql_bool_to_bool($line["unread"]),
	308	"marked" => sql_bool_to_bool($line["marked"]),
	309	"published" => sql_bool_to_bool($line["published"]),
	310	"comments" => $line["comments"],
	311	"author" => $line["author"],
	312	"updated" => strtotime($line["updated"]),
87764a50	313	"content" => $line["cached_content"] != "" ? $line["cached_content"] : $line["content"],
de8260cb AD	314	"feed_id" => $line["feed_id"],
	315	"attachments" => $attachments
	316	);
	317
	318	array_push($articles, $article);
	319
	320	}
	321	}
	322
	323	print $this->wrap(self::STATUS_OK, $articles);
	324
	325	}
	326
	327	function getConfig() {
	328	$config = array(
	329	"icons_dir" => ICONS_DIR,
	330	"icons_url" => ICONS_URL);
	331
	332	$config["daemon_is_running"] = file_is_locked("update_daemon.lock");
	333
	334	$result = db_query($this->link, "SELECT COUNT(*) AS cf FROM
	335	ttrss_feeds WHERE owner_uid = " . $_SESSION["uid"]);
	336
	337	$num_feeds = db_fetch_result($result, 0, "cf");
	338
	339	$config["num_feeds"] = (int)$num_feeds;
	340
	341	print $this->wrap(self::STATUS_OK, $config);
	342	}
	343
	344	function updateFeed() {
	345	$feed_id = db_escape_string($_REQUEST["feed_id"]);
	346
	347	update_rss_feed($this->link, $feed_id, true);
	348
	349	print $this->wrap(self::STATUS_OK, array("status" => "OK"));
	350	}
	351
	352	function catchupFeed() {
	353	$feed_id = db_escape_string($_REQUEST["feed_id"]);
	354	$is_cat = db_escape_string($_REQUEST["is_cat"]);
	355
	356	catchup_feed($this->link, $feed_id, $is_cat);
	357
	358	print $this->wrap(self::STATUS_OK, array("status" => "OK"));
	359	}
	360
	361	function getPref() {
	362	$pref_name = db_escape_string($_REQUEST["pref_name"]);
	363
	364	print $this->wrap(self::STATUS_OK, array("value" => get_pref($this->link, $pref_name)));
	365	}
	366
ea1c2903 AD	367	function getLabels() {
	368	//$article_ids = array_filter(explode(",", db_escape_string($_REQUEST["article_ids"])), is_numeric);
	369
	370	$article_id = (int)$_REQUEST['article_id'];
	371
	372	$rv = array();
	373
	374	$result = db_query($this->link, "SELECT id, caption, fg_color, bg_color
	375	FROM ttrss_labels2
	376	WHERE owner_uid = '".$_SESSION['uid']."' ORDER BY caption");
	377
	378	if ($article_id)
	379	$article_labels = get_article_labels($this->link, $article_id);
	380	else
	381	$article_labels = array();
	382
	383	while ($line = db_fetch_assoc($result)) {
	384
	385	$checked = false;
	386	foreach ($article_labels as $al) {
	387	if ($al[0] == $line['id']) {
	388	$checked = true;
	389	break;
	390	}
	391	}
	392
	393	array_push($rv, array(
	394	"id" => (int)$line['id'],
	395	"caption" => $line['caption'],
	396	"fg_color" => $line['fg_color'],
	397	"bg_color" => $line['bg_color'],
	398	"checked" => $checked));
	399	}
	400
	401	print $this->wrap(self::STATUS_OK, $rv);
	402	}
	403
396bfdf9 AD	404	function setArticleLabel() {
	405
	406	$article_ids = array_filter(explode(",", db_escape_string($_REQUEST["article_ids"])), is_numeric);
	407	$label_id = (int) db_escape_string($_REQUEST['label_id']);
	408	$assign = (bool) db_escape_string($_REQUEST['assign']) == "true";
	409
	410	$label = db_escape_string(label_find_caption($this->link,
	411	$label_id, $_SESSION["uid"]));
	412
	413	$num_updated = 0;
	414
	415	if ($label) {
	416
	417	foreach ($article_ids as $id) {
	418
	419	if ($assign)
	420	label_add_article($this->link, $id, $label, $_SESSION["uid"]);
	421	else
	422	label_remove_article($this->link, $id, $label, $_SESSION["uid"]);
	423
	424	++$num_updated;
	425
	426	}
	427	}
	428
	429	print $this->wrap(self::STATUS_OK, array("status" => "OK",
	430	"updated" => $num_updated));
	431
	432	}
	433
de8260cb AD	434	function index() {
	435	print $this->wrap(self::STATUS_ERR, array("error" => 'UNKNOWN_METHOD'));
	436	}
	437
8361e724 AD	438	function shareToPublished() {
	439	$title = db_escape_string(strip_tags($_REQUEST["title"]));
	440	$url = db_escape_string(strip_tags($_REQUEST["url"]));
	441	$content = db_escape_string(strip_tags($_REQUEST["content"]));
	442
50832719	443	if (Article::create_published_article($this->link, $title, $url, $content, "", $_SESSION["uid"])) {
8361e724 AD	444	print $this->wrap(self::STATUS_OK, array("status" => 'OK'));
	445	} else {
	446	print $this->wrap(self::STATUS_ERR, array("error" => 'Publishing failed'));
	447	}
	448	}
04f60eb7 AD	449
	450	static function api_get_feeds($link, $cat_id, $unread_only, $limit, $offset, $include_nested = false) {
	451
	452	$feeds = array();
	453
	454	/* Labels */
	455
	456	if ($cat_id == -4 \|\| $cat_id == -2) {
	457	$counters = getLabelCounters($link, true);
	458
	459	foreach (array_values($counters) as $cv) {
	460
	461	$unread = $cv["counter"];
	462
	463	if ($unread \|\| !$unread_only) {
	464
	465	$row = array(
	466	"id" => $cv["id"],
	467	"title" => $cv["description"],
	468	"unread" => $cv["counter"],
	469	"cat_id" => -2,
	470	);
	471
	472	array_push($feeds, $row);
	473	}
	474	}
	475	}
	476
	477	/* Virtual feeds */
	478
	479	if ($cat_id == -4 \|\| $cat_id == -1) {
	480	foreach (array(-1, -2, -3, -4, -6, 0) as $i) {
	481	$unread = getFeedUnread($link, $i);
	482
	483	if ($unread \|\| !$unread_only) {
	484	$title = getFeedTitle($link, $i);
	485
	486	$row = array(
	487	"id" => $i,
	488	"title" => $title,
	489	"unread" => $unread,
	490	"cat_id" => -1,
	491	);
	492	array_push($feeds, $row);
	493	}
	494
	495	}
	496	}
	497
	498	/* Child cats */
	499
	500	if ($include_nested && $cat_id) {
	501	$result = db_query($link, "SELECT
	502	id, title FROM ttrss_feed_categories
	503	WHERE parent_cat = '$cat_id' AND owner_uid = " . $_SESSION["uid"] .
	504	" ORDER BY id, title");
	505
	506	while ($line = db_fetch_assoc($result)) {
	507	$unread = getFeedUnread($link, $line["id"], true) +
	508	getCategoryChildrenUnread($link, $line["id"]);
	509
	510	if ($unread \|\| !$unread_only) {
	511	$row = array(
	512	"id" => $line["id"],
513	"title" => $line["title"],
514	"unread" => $unread,
515	"is_cat" => true,
516	);
517	array_push($feeds, $row);
518	}
519	}
520	}
521
522	/* Real feeds */
523
524	if ($limit) {
525	$limit_qpart = "LIMIT $limit OFFSET $offset";
526	} else {
527	$limit_qpart = "";
528	}
529
530	if ($cat_id == -4 \|\| $cat_id == -3) {
531	$result = db_query($link, "SELECT
532	id, feed_url, cat_id, title, order_id, ".
533	SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated
534	FROM ttrss_feeds WHERE owner_uid = " . $_SESSION["uid"] .
535	" ORDER BY cat_id, title " . $limit_qpart);
536	} else {
537
538	if ($cat_id)
539	$cat_qpart = "cat_id = '$cat_id'";
540	else
541	$cat_qpart = "cat_id IS NULL";
542
543	$result = db_query($link, "SELECT
544	id, feed_url, cat_id, title, order_id, ".
545	SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated
546	FROM ttrss_feeds WHERE
547	$cat_qpart AND owner_uid = " . $_SESSION["uid"] .
548	" ORDER BY cat_id, title " . $limit_qpart);
549	}
550
551	while ($line = db_fetch_assoc($result)) {
552
553	$unread = getFeedUnread($link, $line["id"]);
554
555	$has_icon = feed_has_icon($line['id']);
556
557	if ($unread \|\| !$unread_only) {
558
559	$row = array(
560	"feed_url" => $line["feed_url"],
561	"title" => $line["title"],
562	"id" => (int)$line["id"],
563	"unread" => (int)$unread,
564	"has_icon" => $has_icon,
565	"cat_id" => (int)$line["cat_id"],
566	"last_updated" => strtotime($line["last_updated"]),
567	"order_id" => (int) $line["order_id"],
568	);
569
570	array_push($feeds, $row);
571	}
572	}
573
574	return $feeds;
575	}
576
577	static function api_get_headlines($link, $feed_id, $limit, $offset,
578	$filter, $is_cat, $show_excerpt, $show_content, $view_mode, $order,
579	$include_attachments, $since_id,
580	$search = "", $search_mode = "", $match_on = "",
581	$include_nested = false, $sanitize_content = true) {
582
583	$qfh_ret = queryFeedHeadlines($link, $feed_id, $limit,
584	$view_mode, $is_cat, $search, $search_mode, $match_on,
585	$order, $offset, 0, false, $since_id, $include_nested);
586
587	$result = $qfh_ret[0];
588	$feed_title = $qfh_ret[1];
589
590	$headlines = array();
591
592	while ($line = db_fetch_assoc($result)) {
593	$is_updated = ($line["last_read"] == "" &&
594	($line["unread"] != "t" && $line["unread"] != "1"));
595
596	$tags = explode(",", $line["tag_cache"]);
597	$labels = json_decode($line["label_cache"], true);
598
599	//if (!$tags) $tags = get_article_tags($link, $line["id"]);
600	//if (!$labels) $labels = get_article_labels($link, $line["id"]);
601
602	$headline_row = array(
603	"id" => (int)$line["id"],
604	"unread" => sql_bool_to_bool($line["unread"]),
605	"marked" => sql_bool_to_bool($line["marked"]),
606	"published" => sql_bool_to_bool($line["published"]),
607	"updated" => strtotime($line["updated"]),
608	"is_updated" => $is_updated,
609	"title" => $line["title"],
610	"link" => $line["link"],
611	"feed_id" => $line["feed_id"],
612	"tags" => $tags,
613	);
614
615	if ($include_attachments)
616	$headline_row['attachments'] = get_article_enclosures($link,
617	$line['id']);
618
619	if ($show_excerpt) {
620	$excerpt = truncate_string(strip_tags($line["content_preview"]), 100);
621	$headline_row["excerpt"] = $excerpt;
622	}
623
624	if ($show_content) {
625
626	if ($line["cached_content"] != "") {
627	$line["content_preview"] =& $line["cached_content"];
628	}
629
630	if ($sanitize_content) {
631	$headline_row["content"] = sanitize($link,
632	$line["content_preview"], false, false, $line["site_url"]);
633	} else {
634	$headline_row["content"] = $line["content_preview"];
635	}
636	}
637
638	// unify label output to ease parsing
639	if ($labels["no-labels"] == 1) $labels = array();
640
641	$headline_row["labels"] = $labels;
642
643	$headline_row["feed_title"] = $line["feed_title"];
644
645	$headline_row["comments_count"] = (int)$line["num_comments"];
646	$headline_row["comments_link"] = $line["comments"];
647
648	$headline_row["always_display_attachments"] = sql_bool_to_bool($line["always_display_enclosures"]);
649
650	array_push($headlines, $headline_row);
651	}
652
653	return $headlines;
654	}
655
de8260cb AD	656	}
	657
	658	?>