]>
Commit | Line | Data |
---|---|---|
de8260cb AD |
1 | <?php |
2 | ||
3 | class API extends Handler { | |
4 | ||
8361e724 | 5 | const API_LEVEL = 4; |
de8260cb AD |
6 | |
7 | const STATUS_OK = 0; | |
8 | const STATUS_ERR = 1; | |
9 | ||
10 | private $seq; | |
11 | ||
12 | function before($method) { | |
13 | if (parent::before($method)) { | |
839b0658 | 14 | header("Content-Type: text/plain"); |
de8260cb AD |
15 | |
16 | if (!$_SESSION["uid"] && $method != "login" && $method != "isloggedin") { | |
17 | print $this->wrap(self::STATUS_ERR, array("error" => 'NOT_LOGGED_IN')); | |
18 | return false; | |
19 | } | |
20 | ||
21 | if ($_SESSION["uid"] && $method != "logout" && !get_pref($this->link, 'ENABLE_API_ACCESS')) { | |
22 | print $this->wrap(self::STATUS_ERR, array("error" => 'API_DISABLED')); | |
23 | return false; | |
24 | } | |
25 | ||
26 | $this->seq = (int) $_REQUEST['seq']; | |
27 | ||
de8260cb AD |
28 | return true; |
29 | } | |
30 | return false; | |
31 | } | |
32 | ||
33 | function wrap($status, $reply) { | |
34 | print json_encode(array("seq" => $this->seq, | |
35 | "status" => $status, | |
36 | "content" => $reply)); | |
37 | } | |
38 | ||
39 | function getVersion() { | |
40 | $rv = array("version" => VERSION); | |
41 | print $this->wrap(self::STATUS_OK, $rv); | |
42 | } | |
43 | ||
44 | function getApiLevel() { | |
a3b5394a | 45 | $rv = array("level" => self::API_LEVEL); |
de8260cb AD |
46 | print $this->wrap(self::STATUS_OK, $rv); |
47 | } | |
48 | ||
49 | function login() { | |
50 | $login = db_escape_string($_REQUEST["user"]); | |
51 | $password = $_REQUEST["password"]; | |
52 | $password_base64 = base64_decode($_REQUEST["password"]); | |
53 | ||
54 | if (SINGLE_USER_MODE) $login = "admin"; | |
55 | ||
56 | $result = db_query($this->link, "SELECT id FROM ttrss_users WHERE login = '$login'"); | |
57 | ||
58 | if (db_num_rows($result) != 0) { | |
59 | $uid = db_fetch_result($result, 0, "id"); | |
60 | } else { | |
61 | $uid = 0; | |
62 | } | |
63 | ||
64 | if (!$uid) { | |
65 | print $this->wrap(self::STATUS_ERR, array("error" => "LOGIN_ERROR")); | |
66 | return; | |
67 | } | |
68 | ||
69 | if (get_pref($this->link, "ENABLE_API_ACCESS", $uid)) { | |
70 | if (authenticate_user($this->link, $login, $password)) { // try login with normal password | |
5ba4ebc6 AD |
71 | print $this->wrap(self::STATUS_OK, array("session_id" => session_id(), |
72 | "api_level" => self::API_LEVEL)); | |
de8260cb | 73 | } else if (authenticate_user($this->link, $login, $password_base64)) { // else try with base64_decoded password |
5ba4ebc6 AD |
74 | print $this->wrap(self::STATUS_OK, array("session_id" => session_id(), |
75 | "api_level" => self::API_LEVEL)); | |
de8260cb AD |
76 | } else { // else we are not logged in |
77 | print $this->wrap(self::STATUS_ERR, array("error" => "LOGIN_ERROR")); | |
78 | } | |
79 | } else { | |
80 | print $this->wrap(self::STATUS_ERR, array("error" => "API_DISABLED")); | |
81 | } | |
82 | ||
83 | } | |
84 | ||
85 | function logout() { | |
86 | logout_user(); | |
87 | print $this->wrap(self::STATUS_OK, array("status" => "OK")); | |
88 | } | |
89 | ||
90 | function isLoggedIn() { | |
91 | print $this->wrap(self::STATUS_OK, array("status" => $_SESSION["uid"] != '')); | |
92 | } | |
93 | ||
94 | function getUnread() { | |
95 | $feed_id = db_escape_string($_REQUEST["feed_id"]); | |
96 | $is_cat = db_escape_string($_REQUEST["is_cat"]); | |
97 | ||
98 | if ($feed_id) { | |
99 | print $this->wrap(self::STATUS_OK, array("unread" => getFeedUnread($this->link, $feed_id, $is_cat))); | |
100 | } else { | |
101 | print $this->wrap(self::STATUS_OK, array("unread" => getGlobalUnread($this->link))); | |
102 | } | |
103 | } | |
104 | ||
105 | /* Method added for ttrss-reader for Android */ | |
106 | function getCounters() { | |
107 | ||
108 | /* flct (flc is the default) FIXME: document */ | |
109 | $output_mode = db_escape_string($_REQUEST["output_mode"]); | |
110 | ||
111 | print $this->wrap(self::STATUS_OK, getAllCounters($this->link, $output_mode)); | |
112 | } | |
113 | ||
114 | function getFeeds() { | |
115 | $cat_id = db_escape_string($_REQUEST["cat_id"]); | |
116 | $unread_only = (bool)db_escape_string($_REQUEST["unread_only"]); | |
117 | $limit = (int) db_escape_string($_REQUEST["limit"]); | |
118 | $offset = (int) db_escape_string($_REQUEST["offset"]); | |
48646336 | 119 | $include_nested = (bool)db_escape_string($_REQUEST["include_nested"]); |
de8260cb | 120 | |
48646336 | 121 | $feeds = api_get_feeds($this->link, $cat_id, $unread_only, $limit, $offset, $include_nested); |
de8260cb AD |
122 | |
123 | print $this->wrap(self::STATUS_OK, $feeds); | |
124 | } | |
125 | ||
126 | function getCategories() { | |
127 | $unread_only = (bool)db_escape_string($_REQUEST["unread_only"]); | |
48646336 | 128 | $enable_nested = (bool)db_escape_string($_REQUEST["enable_nested"]); |
de8260cb AD |
129 | |
130 | // TODO do not return empty categories, return Uncategorized and standard virtual cats | |
131 | ||
48646336 AD |
132 | if ($enable_nested) |
133 | $nested_qpart = "parent_cat IS NULL"; | |
134 | else | |
135 | $nested_qpart = "true"; | |
136 | ||
de8260cb | 137 | $result = db_query($this->link, "SELECT |
b11e9943 | 138 | id, title, order_id FROM ttrss_feed_categories |
48646336 | 139 | WHERE $nested_qpart AND owner_uid = " . |
de8260cb AD |
140 | $_SESSION["uid"]); |
141 | ||
142 | $cats = array(); | |
143 | ||
144 | while ($line = db_fetch_assoc($result)) { | |
145 | $unread = getFeedUnread($this->link, $line["id"], true); | |
146 | ||
48646336 AD |
147 | if ($enable_nested) |
148 | $unread += getCategoryChildrenUnread($this->link, $line["id"]); | |
149 | ||
de8260cb AD |
150 | if ($unread || !$unread_only) { |
151 | array_push($cats, array("id" => $line["id"], | |
152 | "title" => $line["title"], | |
b11e9943 AD |
153 | "unread" => $unread, |
154 | "order_id" => (int) $line["order_id"], | |
155 | )); | |
de8260cb AD |
156 | } |
157 | } | |
158 | ||
159 | foreach (array(-2,-1,0) as $cat_id) { | |
160 | $unread = getFeedUnread($this->link, $cat_id, true); | |
161 | ||
162 | if ($unread || !$unread_only) { | |
163 | array_push($cats, array("id" => $cat_id, | |
164 | "title" => getCategoryTitle($this->link, $cat_id), | |
165 | "unread" => $unread)); | |
166 | } | |
167 | } | |
168 | ||
169 | print $this->wrap(self::STATUS_OK, $cats); | |
170 | } | |
171 | ||
172 | function getHeadlines() { | |
173 | $feed_id = db_escape_string($_REQUEST["feed_id"]); | |
8aa3becc | 174 | if ($feed_id != "") { |
de8260cb AD |
175 | |
176 | $limit = (int)db_escape_string($_REQUEST["limit"]); | |
1a740cf6 AD |
177 | |
178 | if (!$limit || $limit >= 60) $limit = 60; | |
179 | ||
de8260cb AD |
180 | $offset = (int)db_escape_string($_REQUEST["skip"]); |
181 | $filter = db_escape_string($_REQUEST["filter"]); | |
182 | $is_cat = (bool)db_escape_string($_REQUEST["is_cat"]); | |
183 | $show_excerpt = (bool)db_escape_string($_REQUEST["show_excerpt"]); | |
184 | $show_content = (bool)db_escape_string($_REQUEST["show_content"]); | |
185 | /* all_articles, unread, adaptive, marked, updated */ | |
186 | $view_mode = db_escape_string($_REQUEST["view_mode"]); | |
187 | $include_attachments = (bool)db_escape_string($_REQUEST["include_attachments"]); | |
188 | $since_id = (int)db_escape_string($_REQUEST["since_id"]); | |
48646336 | 189 | $include_nested = (bool)db_escape_string($_REQUEST["include_nested"]); |
db9e00e3 | 190 | $sanitize_content = true; |
de8260cb | 191 | |
3e4af5b0 AD |
192 | /* do not rely on params below */ |
193 | ||
194 | $search = db_escape_string($_REQUEST["search"]); | |
195 | $search_mode = db_escape_string($_REQUEST["search_mode"]); | |
196 | $match_on = db_escape_string($_REQUEST["match_on"]); | |
197 | ||
de8260cb AD |
198 | $headlines = api_get_headlines($this->link, $feed_id, $limit, $offset, |
199 | $filter, $is_cat, $show_excerpt, $show_content, $view_mode, false, | |
48646336 | 200 | $include_attachments, $since_id, $search, $search_mode, $match_on, |
db9e00e3 | 201 | $include_nested, $sanitize_content); |
de8260cb AD |
202 | |
203 | print $this->wrap(self::STATUS_OK, $headlines); | |
204 | } else { | |
205 | print $this->wrap(self::STATUS_ERR, array("error" => 'INCORRECT_USAGE')); | |
206 | } | |
207 | } | |
208 | ||
209 | function updateArticle() { | |
210 | $article_ids = array_filter(explode(",", db_escape_string($_REQUEST["article_ids"])), is_numeric); | |
211 | $mode = (int) db_escape_string($_REQUEST["mode"]); | |
212 | $data = db_escape_string($_REQUEST["data"]); | |
213 | $field_raw = (int)db_escape_string($_REQUEST["field"]); | |
214 | ||
215 | $field = ""; | |
216 | $set_to = ""; | |
217 | ||
218 | switch ($field_raw) { | |
219 | case 0: | |
220 | $field = "marked"; | |
221 | break; | |
222 | case 1: | |
223 | $field = "published"; | |
224 | break; | |
225 | case 2: | |
226 | $field = "unread"; | |
227 | break; | |
228 | case 3: | |
229 | $field = "note"; | |
230 | }; | |
231 | ||
232 | switch ($mode) { | |
233 | case 1: | |
234 | $set_to = "true"; | |
235 | break; | |
236 | case 0: | |
237 | $set_to = "false"; | |
238 | break; | |
239 | case 2: | |
240 | $set_to = "NOT $field"; | |
241 | break; | |
242 | } | |
243 | ||
244 | if ($field == "note") $set_to = "'$data'"; | |
245 | ||
246 | if ($field && $set_to && count($article_ids) > 0) { | |
247 | ||
248 | $article_ids = join(", ", $article_ids); | |
249 | ||
250 | if ($field == "unread") { | |
251 | $result = db_query($this->link, "UPDATE ttrss_user_entries SET $field = $set_to, | |
252 | last_read = NOW() | |
253 | WHERE ref_id IN ($article_ids) AND owner_uid = " . $_SESSION["uid"]); | |
254 | } else { | |
255 | $result = db_query($this->link, "UPDATE ttrss_user_entries SET $field = $set_to | |
256 | WHERE ref_id IN ($article_ids) AND owner_uid = " . $_SESSION["uid"]); | |
257 | } | |
258 | ||
259 | $num_updated = db_affected_rows($this->link, $result); | |
260 | ||
261 | if ($num_updated > 0 && $field == "unread") { | |
262 | $result = db_query($this->link, "SELECT DISTINCT feed_id FROM ttrss_user_entries | |
263 | WHERE ref_id IN ($article_ids)"); | |
264 | ||
265 | while ($line = db_fetch_assoc($result)) { | |
266 | ccache_update($this->link, $line["feed_id"], $_SESSION["uid"]); | |
267 | } | |
268 | } | |
269 | ||
270 | print $this->wrap(self::STATUS_OK, array("status" => "OK", | |
271 | "updated" => $num_updated)); | |
272 | ||
273 | } else { | |
274 | print $this->wrap(self::STATUS_ERR, array("error" => 'INCORRECT_USAGE')); | |
275 | } | |
276 | ||
277 | } | |
278 | ||
279 | function getArticle() { | |
280 | ||
281 | $article_id = join(",", array_filter(explode(",", db_escape_string($_REQUEST["article_id"])), is_numeric)); | |
282 | ||
87764a50 | 283 | $query = "SELECT id,title,link,content,cached_content,feed_id,comments,int_id, |
de8260cb AD |
284 | marked,unread,published, |
285 | ".SUBSTRING_FOR_DATE."(updated,1,16) as updated, | |
286 | author | |
287 | FROM ttrss_entries,ttrss_user_entries | |
288 | WHERE id IN ($article_id) AND ref_id = id AND owner_uid = " . | |
289 | $_SESSION["uid"] ; | |
290 | ||
291 | $result = db_query($this->link, $query); | |
292 | ||
293 | $articles = array(); | |
294 | ||
295 | if (db_num_rows($result) != 0) { | |
296 | ||
297 | while ($line = db_fetch_assoc($result)) { | |
298 | ||
299 | $attachments = get_article_enclosures($this->link, $line['id']); | |
300 | ||
301 | $article = array( | |
302 | "id" => $line["id"], | |
303 | "title" => $line["title"], | |
304 | "link" => $line["link"], | |
305 | "labels" => get_article_labels($this->link, $line['id']), | |
306 | "unread" => sql_bool_to_bool($line["unread"]), | |
307 | "marked" => sql_bool_to_bool($line["marked"]), | |
308 | "published" => sql_bool_to_bool($line["published"]), | |
309 | "comments" => $line["comments"], | |
310 | "author" => $line["author"], | |
311 | "updated" => strtotime($line["updated"]), | |
87764a50 | 312 | "content" => $line["cached_content"] != "" ? $line["cached_content"] : $line["content"], |
de8260cb AD |
313 | "feed_id" => $line["feed_id"], |
314 | "attachments" => $attachments | |
315 | ); | |
316 | ||
317 | array_push($articles, $article); | |
318 | ||
319 | } | |
320 | } | |
321 | ||
322 | print $this->wrap(self::STATUS_OK, $articles); | |
323 | ||
324 | } | |
325 | ||
326 | function getConfig() { | |
327 | $config = array( | |
328 | "icons_dir" => ICONS_DIR, | |
329 | "icons_url" => ICONS_URL); | |
330 | ||
331 | $config["daemon_is_running"] = file_is_locked("update_daemon.lock"); | |
332 | ||
333 | $result = db_query($this->link, "SELECT COUNT(*) AS cf FROM | |
334 | ttrss_feeds WHERE owner_uid = " . $_SESSION["uid"]); | |
335 | ||
336 | $num_feeds = db_fetch_result($result, 0, "cf"); | |
337 | ||
338 | $config["num_feeds"] = (int)$num_feeds; | |
339 | ||
340 | print $this->wrap(self::STATUS_OK, $config); | |
341 | } | |
342 | ||
343 | function updateFeed() { | |
344 | $feed_id = db_escape_string($_REQUEST["feed_id"]); | |
345 | ||
346 | update_rss_feed($this->link, $feed_id, true); | |
347 | ||
348 | print $this->wrap(self::STATUS_OK, array("status" => "OK")); | |
349 | } | |
350 | ||
351 | function catchupFeed() { | |
352 | $feed_id = db_escape_string($_REQUEST["feed_id"]); | |
353 | $is_cat = db_escape_string($_REQUEST["is_cat"]); | |
354 | ||
355 | catchup_feed($this->link, $feed_id, $is_cat); | |
356 | ||
357 | print $this->wrap(self::STATUS_OK, array("status" => "OK")); | |
358 | } | |
359 | ||
360 | function getPref() { | |
361 | $pref_name = db_escape_string($_REQUEST["pref_name"]); | |
362 | ||
363 | print $this->wrap(self::STATUS_OK, array("value" => get_pref($this->link, $pref_name))); | |
364 | } | |
365 | ||
ea1c2903 AD |
366 | function getLabels() { |
367 | //$article_ids = array_filter(explode(",", db_escape_string($_REQUEST["article_ids"])), is_numeric); | |
368 | ||
369 | $article_id = (int)$_REQUEST['article_id']; | |
370 | ||
371 | $rv = array(); | |
372 | ||
373 | $result = db_query($this->link, "SELECT id, caption, fg_color, bg_color | |
374 | FROM ttrss_labels2 | |
375 | WHERE owner_uid = '".$_SESSION['uid']."' ORDER BY caption"); | |
376 | ||
377 | if ($article_id) | |
378 | $article_labels = get_article_labels($this->link, $article_id); | |
379 | else | |
380 | $article_labels = array(); | |
381 | ||
382 | while ($line = db_fetch_assoc($result)) { | |
383 | ||
384 | $checked = false; | |
385 | foreach ($article_labels as $al) { | |
386 | if ($al[0] == $line['id']) { | |
387 | $checked = true; | |
388 | break; | |
389 | } | |
390 | } | |
391 | ||
392 | array_push($rv, array( | |
393 | "id" => (int)$line['id'], | |
394 | "caption" => $line['caption'], | |
395 | "fg_color" => $line['fg_color'], | |
396 | "bg_color" => $line['bg_color'], | |
397 | "checked" => $checked)); | |
398 | } | |
399 | ||
400 | print $this->wrap(self::STATUS_OK, $rv); | |
401 | } | |
402 | ||
396bfdf9 AD |
403 | function setArticleLabel() { |
404 | ||
405 | $article_ids = array_filter(explode(",", db_escape_string($_REQUEST["article_ids"])), is_numeric); | |
406 | $label_id = (int) db_escape_string($_REQUEST['label_id']); | |
407 | $assign = (bool) db_escape_string($_REQUEST['assign']) == "true"; | |
408 | ||
409 | $label = db_escape_string(label_find_caption($this->link, | |
410 | $label_id, $_SESSION["uid"])); | |
411 | ||
412 | $num_updated = 0; | |
413 | ||
414 | if ($label) { | |
415 | ||
416 | foreach ($article_ids as $id) { | |
417 | ||
418 | if ($assign) | |
419 | label_add_article($this->link, $id, $label, $_SESSION["uid"]); | |
420 | else | |
421 | label_remove_article($this->link, $id, $label, $_SESSION["uid"]); | |
422 | ||
423 | ++$num_updated; | |
424 | ||
425 | } | |
426 | } | |
427 | ||
428 | print $this->wrap(self::STATUS_OK, array("status" => "OK", | |
429 | "updated" => $num_updated)); | |
430 | ||
431 | } | |
432 | ||
de8260cb AD |
433 | function index() { |
434 | print $this->wrap(self::STATUS_ERR, array("error" => 'UNKNOWN_METHOD')); | |
435 | } | |
436 | ||
8361e724 AD |
437 | function shareToPublished() { |
438 | $title = db_escape_string(strip_tags($_REQUEST["title"])); | |
439 | $url = db_escape_string(strip_tags($_REQUEST["url"])); | |
440 | $content = db_escape_string(strip_tags($_REQUEST["content"])); | |
441 | ||
1b4d1a6b | 442 | if (create_published_article($this->link, $title, $url, $content, "", $_SESSION["uid"])) { |
8361e724 AD |
443 | print $this->wrap(self::STATUS_OK, array("status" => 'OK')); |
444 | } else { | |
445 | print $this->wrap(self::STATUS_ERR, array("error" => 'Publishing failed')); | |
446 | } | |
447 | } | |
de8260cb AD |
448 | } |
449 | ||
450 | ?> |