[tt-rss.git] / classes / pref_instances.php

<?php
class Pref_Instances extends Protected_Handler {

	function csrf_ignore($method) {
		$csrf_ignored = array("index", "edit");

		return array_search($method, $csrf_ignored) !== false;
	}

	function before() {
		if (parent::before()) {
			if ($_SESSION["access_level"] < 10) {
				print __("Your access level is insufficient to open this tab.");
				return false;
			}
			return true;
		}
		return false;
	}

	function remove() {
		$ids = db_escape_string($_REQUEST['ids']);

		db_query($this->link, "DELETE FROM ttrss_linked_instances WHERE
			id IN ($ids)");
	}

	function add() {
		$id = db_escape_string($_REQUEST["id"]);
		$access_url = db_escape_string($_REQUEST["access_url"]);
		$access_key = db_escape_string($_REQUEST["access_key"]);

		db_query($this->link, "BEGIN");

		$result = db_query($this->link, "SELECT id FROM ttrss_linked_instances
			WHERE access_url = '$access_url'");

		if (db_num_rows($result) == 0) {
			db_query($this->link, "INSERT INTO ttrss_linked_instances
				(access_url, access_key, last_connected, last_status_in, last_status_out)
				VALUES
				('$access_url', '$access_key', '1970-01-01', -1, -1)");

		}

		db_query($this->link, "COMMIT");
	}

	function edit() {
		$id = db_escape_string($_REQUEST["id"]);

		$result = db_query($this->link, "SELECT * FROM ttrss_linked_instances WHERE
			id = '$id'");

		print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\"  name=\"id\" value=\"$id\">";
		print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\"  name=\"op\" value=\"pref-instances\">";
		print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\"  name=\"method\" value=\"editSave\">";

		print "<div class=\"dlgSec\">".__("Instance")."</div>";

		print "<div class=\"dlgSecCont\">";

		/* URL */

		$access_url = htmlspecialchars(db_fetch_result($result, 0, "access_url"));

		print __("URL:") . " ";

		print "<input dojoType=\"dijit.form.ValidationTextBox\" required=\"1\"
			placeHolder=\"".__("Instance URL")."\"
			regExp='^(http|https)://.*'
			style=\"font-size : 16px; width: 20em\" name=\"access_url\"
			value=\"$access_url\">";

		print "<hr/>";

		$access_key = htmlspecialchars(db_fetch_result($result, 0, "access_key"));

		/* Access key */

		print __("Access key:") . " ";

		print "<input dojoType=\"dijit.form.ValidationTextBox\" required=\"1\"
			placeHolder=\"".__("Access key")."\" regExp='\w{40}'
			style=\"width: 20em\" name=\"access_key\" id=\"instance_edit_key\"
			value=\"$access_key\">";

		print "<p class='insensitive'>" . __("Use one access key for both linked instances.");

		print "</div>";

		print "<div class=\"dlgButtons\">
			<div style='float : left'>
				<button dojoType=\"dijit.form.Button\"
					onclick=\"return dijit.byId('instanceEditDlg').regenKey()\">".
					__('Generate new key')."</button>
			</div>
			<button dojoType=\"dijit.form.Button\"
				onclick=\"return dijit.byId('instanceEditDlg').execute()\">".
				__('Save')."</button>
			<button dojoType=\"dijit.form.Button\"
				onclick=\"return dijit.byId('instanceEditDlg').hide()\"\">".
				__('Cancel')."</button></div>";

	}

	function editSave() {
		$id = db_escape_string($_REQUEST["id"]);
		$access_url = db_escape_string($_REQUEST["access_url"]);
		$access_key = db_escape_string($_REQUEST["access_key"]);

		db_query($this->link, "UPDATE ttrss_linked_instances SET
			access_key = '$access_key', access_url = '$access_url',
			last_connected = '1970-01-01'
			WHERE id = '$id'");

	}

	function index() {

		if (!function_exists('curl_init')) {
			print "<div style='padding : 1em'>";
			print_error("This functionality requires CURL functions. Please enable CURL in your PHP configuration (you might also want to disable open_basedir in php.ini) and reload this page.");
			print "</div>";
		}

		print "<div id=\"pref-instance-wrap\" dojoType=\"dijit.layout.BorderContainer\" gutters=\"false\">";
		print "<div id=\"pref-instance-header\" dojoType=\"dijit.layout.ContentPane\" region=\"top\">";

		print "<div id=\"pref-instance-toolbar\" dojoType=\"dijit.Toolbar\">";

		$sort = db_escape_string($_REQUEST["sort"]);

		if (!$sort || $sort == "undefined") {
			$sort = "access_url";
		}

		print "<div dojoType=\"dijit.form.DropDownButton\">".
				"<span>" . __('Select')."</span>";
		print "<div dojoType=\"dijit.Menu\" style=\"display: none;\">";
		print "<div onclick=\"selectTableRows('prefInstanceList', 'all')\"
			dojoType=\"dijit.MenuItem\">".__('All')."</div>";
		print "<div onclick=\"selectTableRows('prefInstanceList', 'none')\"
			dojoType=\"dijit.MenuItem\">".__('None')."</div>";
		print "</div></div>";

		print "<button dojoType=\"dijit.form.Button\" onclick=\"addInstance()\">".__('Link instance')."</button>";
		print "<button dojoType=\"dijit.form.Button\" onclick=\"editSelectedInstance()\">".__('Edit')."</button>";
		print "<button dojoType=\"dijit.form.Button\" onclick=\"removeSelectedInstances()\">".__('Remove')."</button>";

		print "</div>"; #toolbar

		$result = db_query($this->link, "SELECT *,
			(SELECT COUNT(*) FROM ttrss_linked_feeds
				WHERE instance_id = ttrss_linked_instances.id) AS num_feeds
			FROM ttrss_linked_instances
			ORDER BY $sort");

		print "<p class=\"insensitive\" style='margin-left : 1em;'>" . __("You can connect other instances of Tiny Tiny RSS to this one to share Popular feeds. Link to this instance of Tiny Tiny RSS by using this URL:");

		print " <a href=\"#\" onclick=\"alert('".htmlspecialchars(get_self_url_prefix())."')\">(display url)</a>";

		print "<p><table width='100%' id='prefInstanceList' class='prefInstanceList' cellspacing='0'>";

		print "<tr class=\"title\">
			<td align='center' width=\"5%\">&nbsp;</td>
			<td width=''><a href=\"#\" onclick=\"updateInstanceList('access_url')\">".__('Instance URL')."</a></td>
			<td width='20%'><a href=\"#\" onclick=\"updateInstanceList('access_key')\">".__('Access key')."</a></td>
			<td width='10%'><a href=\"#\" onclick=\"updateUsersList('last_connected')\">".__('Last connected')."</a></td>
			<td width='10%'><a href=\"#\" onclick=\"updateUsersList('num_feeds')\">".__('Stored feeds')."</a></td>
			</tr>";

		$lnum = 0;

		while ($line = db_fetch_assoc($result)) {
			$class = ($lnum % 2) ? "even" : "odd";

			$id = $line['id'];
			$this_row_id = "id=\"LIRR-$id\"";

			$line["last_connected"] = make_local_datetime($this->link, $line["last_connected"], false);

			print "<tr class=\"$class\" $this_row_id>";

			print "<td align='center'><input onclick='toggleSelectRow(this);'
				type=\"checkbox\" id=\"LICHK-$id\"></td>";

			$onclick = "onclick='editInstance($id, event)' title='".__('Click to edit')."'";

			$access_key = mb_substr($line['access_key'], 0, 4) . '...' .
				mb_substr($line['access_key'], -4);

			print "<td $onclick>" . htmlspecialchars($line['access_url']) . "</td>";
			print "<td $onclick>" . htmlspecialchars($access_key) . "</td>";
			print "<td $onclick>" . htmlspecialchars($line['last_connected']) . "</td>";
			print "<td $onclick>" . htmlspecialchars($line['num_feeds']) . "</td>";

			print "</tr>";

			++$lnum;
		}

		print "</table>";

		print "</div>"; #pane
		print "</div>"; #container

	}
}
?>
Commit	Line	Data
5f0a3741 AD	1	<?php
	2	class Pref_Instances extends Protected_Handler {
	3
8484ce22 AD	4	function csrf_ignore($method) {
	5	$csrf_ignored = array("index", "edit");
	6
	7	return array_search($method, $csrf_ignored) !== false;
	8	}
	9
5f0a3741 AD	10	function before() {
	11	if (parent::before()) {
	12	if ($_SESSION["access_level"] < 10) {
	13	print __("Your access level is insufficient to open this tab.");
	14	return false;
	15	}
	16	return true;
	17	}
	18	return false;
	19	}
	20
	21	function remove() {
	22	$ids = db_escape_string($_REQUEST['ids']);
	23
	24	db_query($this->link, "DELETE FROM ttrss_linked_instances WHERE
	25	id IN ($ids)");
	26	}
	27
	28	function add() {
	29	$id = db_escape_string($_REQUEST["id"]);
	30	$access_url = db_escape_string($_REQUEST["access_url"]);
	31	$access_key = db_escape_string($_REQUEST["access_key"]);
	32
	33	db_query($this->link, "BEGIN");
	34
	35	$result = db_query($this->link, "SELECT id FROM ttrss_linked_instances
	36	WHERE access_url = '$access_url'");
	37
	38	if (db_num_rows($result) == 0) {
	39	db_query($this->link, "INSERT INTO ttrss_linked_instances
	40	(access_url, access_key, last_connected, last_status_in, last_status_out)
	41	VALUES
	42	('$access_url', '$access_key', '1970-01-01', -1, -1)");
	43
	44	}
	45
	46	db_query($this->link, "COMMIT");
	47	}
	48
	49	function edit() {
	50	$id = db_escape_string($_REQUEST["id"]);
	51
	52	$result = db_query($this->link, "SELECT * FROM ttrss_linked_instances WHERE
	53	id = '$id'");
	54
	55	print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"id\" value=\"$id\">";
	56	print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"op\" value=\"pref-instances\">";
	57	print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"method\" value=\"editSave\">";
	58
	59	print "<div class=\"dlgSec\">".__("Instance")."</div>";
	60
	61	print "<div class=\"dlgSecCont\">";
	62
	63	/* URL */
	64
	65	$access_url = htmlspecialchars(db_fetch_result($result, 0, "access_url"));
	66
	67	print __("URL:") . " ";
	68
	69	print "<input dojoType=\"dijit.form.ValidationTextBox\" required=\"1\"
	70	placeHolder=\"".__("Instance URL")."\"
	71	regExp='^(http\|https)://.*'
	72	style=\"font-size : 16px; width: 20em\" name=\"access_url\"
	73	value=\"$access_url\">";
74
75	print "<hr/>";
76
77	$access_key = htmlspecialchars(db_fetch_result($result, 0, "access_key"));
78
79	/* Access key */
80
81	print __("Access key:") . " ";
82
83	print "<input dojoType=\"dijit.form.ValidationTextBox\" required=\"1\"
84	placeHolder=\"".__("Access key")."\" regExp='\w{40}'
85	style=\"width: 20em\" name=\"access_key\" id=\"instance_edit_key\"
86	value=\"$access_key\">";
87
88	print "<p class='insensitive'>" . __("Use one access key for both linked instances.");
89
90	print "</div>";
91
92	print "<div class=\"dlgButtons\">
93	<div style='float : left'>
94	<button dojoType=\"dijit.form.Button\"
95	onclick=\"return dijit.byId('instanceEditDlg').regenKey()\">".
96	__('Generate new key')."</button>
97	</div>
98	<button dojoType=\"dijit.form.Button\"
99	onclick=\"return dijit.byId('instanceEditDlg').execute()\">".
100	__('Save')."</button>
101	<button dojoType=\"dijit.form.Button\"
102	onclick=\"return dijit.byId('instanceEditDlg').hide()\"\">".
103	__('Cancel')."</button></div>";
104
105	}
106
107	function editSave() {
108	$id = db_escape_string($_REQUEST["id"]);
109	$access_url = db_escape_string($_REQUEST["access_url"]);
110	$access_key = db_escape_string($_REQUEST["access_key"]);
111
112	db_query($this->link, "UPDATE ttrss_linked_instances SET
113	access_key = '$access_key', access_url = '$access_url',
114	last_connected = '1970-01-01'
115	WHERE id = '$id'");
116
117	}
118
119	function index() {
120
121	if (!function_exists('curl_init')) {
122	print "<div style='padding : 1em'>";
123	print_error("This functionality requires CURL functions. Please enable CURL in your PHP configuration (you might also want to disable open_basedir in php.ini) and reload this page.");
124	print "</div>";
125	}
126
127	print "<div id=\"pref-instance-wrap\" dojoType=\"dijit.layout.BorderContainer\" gutters=\"false\">";
128	print "<div id=\"pref-instance-header\" dojoType=\"dijit.layout.ContentPane\" region=\"top\">";
129
130	print "<div id=\"pref-instance-toolbar\" dojoType=\"dijit.Toolbar\">";
131
132	$sort = db_escape_string($_REQUEST["sort"]);
133
134	if (!$sort \|\| $sort == "undefined") {
135	$sort = "access_url";
136	}
137
138	print "<div dojoType=\"dijit.form.DropDownButton\">".
139	"<span>" . __('Select')."</span>";
140	print "<div dojoType=\"dijit.Menu\" style=\"display: none;\">";
141	print "<div onclick=\"selectTableRows('prefInstanceList', 'all')\"
142	dojoType=\"dijit.MenuItem\">".__('All')."</div>";
143	print "<div onclick=\"selectTableRows('prefInstanceList', 'none')\"
144	dojoType=\"dijit.MenuItem\">".__('None')."</div>";
145	print "</div></div>";
146
147	print "<button dojoType=\"dijit.form.Button\" onclick=\"addInstance()\">".__('Link instance')."</button>";
148	print "<button dojoType=\"dijit.form.Button\" onclick=\"editSelectedInstance()\">".__('Edit')."</button>";
149	print "<button dojoType=\"dijit.form.Button\" onclick=\"removeSelectedInstances()\">".__('Remove')."</button>";
150
151	print "</div>"; #toolbar
152
153	$result = db_query($this->link, "SELECT *,
154	(SELECT COUNT(*) FROM ttrss_linked_feeds
155	WHERE instance_id = ttrss_linked_instances.id) AS num_feeds
156	FROM ttrss_linked_instances
157	ORDER BY $sort");
158
159	print "<p class=\"insensitive\" style='margin-left : 1em;'>" . __("You can connect other instances of Tiny Tiny RSS to this one to share Popular feeds. Link to this instance of Tiny Tiny RSS by using this URL:");
160
161	print " <a href=\"#\" onclick=\"alert('".htmlspecialchars(get_self_url_prefix())."')\">(display url)</a>";
162
163	print "<p><table width='100%' id='prefInstanceList' class='prefInstanceList' cellspacing='0'>";
164
165	print "<tr class=\"title\">
166	<td align='center' width=\"5%\"> </td>
167	<td width=''><a href=\"#\" onclick=\"updateInstanceList('access_url')\">".__('Instance URL')."</a></td>
168	<td width='20%'><a href=\"#\" onclick=\"updateInstanceList('access_key')\">".__('Access key')."</a></td>
169	<td width='10%'><a href=\"#\" onclick=\"updateUsersList('last_connected')\">".__('Last connected')."</a></td>
170	<td width='10%'><a href=\"#\" onclick=\"updateUsersList('num_feeds')\">".__('Stored feeds')."</a></td>
171	</tr>";
172
173	$lnum = 0;
174
175	while ($line = db_fetch_assoc($result)) {
176	$class = ($lnum % 2) ? "even" : "odd";
177
178	$id = $line['id'];
179	$this_row_id = "id=\"LIRR-$id\"";
180
181	$line["last_connected"] = make_local_datetime($this->link, $line["last_connected"], false);
182
183	print "<tr class=\"$class\" $this_row_id>";
184
185	print "<td align='center'><input onclick='toggleSelectRow(this);'
186	type=\"checkbox\" id=\"LICHK-$id\"></td>";
187
188	$onclick = "onclick='editInstance($id, event)' title='".__('Click to edit')."'";
189
190	$access_key = mb_substr($line['access_key'], 0, 4) . '...' .
191	mb_substr($line['access_key'], -4);
192
193	print "<td $onclick>" . htmlspecialchars($line['access_url']) . "</td>";
194	print "<td $onclick>" . htmlspecialchars($access_key) . "</td>";
195	print "<td $onclick>" . htmlspecialchars($line['last_connected']) . "</td>";
196	print "<td $onclick>" . htmlspecialchars($line['num_feeds']) . "</td>";
197
198	print "</tr>";
199
200	++$lnum;
201	}
202
203	print "</table>";
204
205	print "</div>"; #pane
206	print "</div>"; #container
207
208	}
209	}
210	?>