[tt-rss.git] / modules / backend-rpc.php

<?php
	function handle_rpc_request($link) {

		$subop = $_GET["subop"];

		if ($subop == "setpref") {
			if (WEB_DEMO_MODE) {
				return;
			}

			print "<rpc-reply>";

			$key = db_escape_string($_GET["key"]);
			$value = db_escape_string($_GET["value"]);

			set_pref($link, $key, $value);

			print "<param-set key=\"$key\" value=\"$value\"/>";

			print "</rpc-reply>";

		}

		if ($subop == "getLabelCounters") {
			$aid = $_GET["aid"];		
			print "<rpc-reply>";
			print "<counters>";
			getLabelCounters($link);
			if ($aid) {
				getFeedCounter($link, $aid);
			}
			print "</counters>";
			print "</rpc-reply>";
		}

		if ($subop == "getFeedCounters") {
			print "<rpc-reply>";
			print "<counters>";
			getFeedCounters($link);
			print "</counters>";
			print "</rpc-reply>";
		}

		if ($subop == "getAllCounters") {
			print "<rpc-reply>";			
			print "<counters>";

			$omode = $_GET["omode"];

			getAllCounters($link, $omode);
			print "</counters>";
			print_runtime_info($link);
			print "</rpc-reply>";
		}

		if ($subop == "mark") {
			$mark = $_GET["mark"];
			$id = db_escape_string($_GET["id"]);

			if ($mark == "1") {
				$mark = "true";
			} else {
				$mark = "false";
			}

			// FIXME this needs collision testing

			$result = db_query($link, "UPDATE ttrss_user_entries SET marked = $mark
				WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);

			print "<rpc-reply><counters>";
			getGlobalCounters($link);
			getLabelCounters($link);
			if (get_pref($link, 'ENABLE_FEED_CATS')) {
				getCategoryCounters($link);
			}
			print "</counters></rpc-reply>";

		}

		if ($subop == "publ") {
			$pub = $_GET["pub"];
			$id = db_escape_string($_GET["id"]);

			if ($pub == "1") {
				$pub = "true";
			} else {
				$pub = "false";
			}

			// FIXME this needs collision testing

			$result = db_query($link, "UPDATE ttrss_user_entries SET published = $pub
				WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);

			print "<rpc-reply><counters>";
			getGlobalCounters($link);
			getLabelCounters($link);
			if (get_pref($link, 'ENABLE_FEED_CATS')) {
				getCategoryCounters($link);
			}
			print "</counters></rpc-reply>";

		}

		if ($subop == "updateFeed") {
			$feed_id = db_escape_string($_GET["feed"]);

			$result = db_query($link, 
				"SELECT feed_url FROM ttrss_feeds WHERE id = '$feed_id'
					AND owner_uid = " . $_SESSION["uid"]);

			if (db_num_rows($result) > 0) {			
				$feed_url = db_fetch_result($result, 0, "feed_url");
				update_rss_feed($link, $feed_url, $feed_id);
			}

			print "<rpc-reply>";	
			print "<counters>";
			getFeedCounter($link, $feed_id);
			print "</counters>";
			print "</rpc-reply>";
			
			return;
		}

		if ($subop == "forceUpdateAllFeeds" || $subop == "updateAllFeeds") {
	
			if (ENABLE_UPDATE_DAEMON) {

				if ($subop == "forceUpdateAllFeeds") {

					$result = db_query($link, "SELECT count(id) AS cid FROM
						ttrss_scheduled_updates WHERE feed_id IS NULL AND
							owner_uid = " . $_SESSION["uid"]);
	
					$cid = db_fetch_result($result, 0, "cid");

					if ($cid == 0) {
	
						db_query($link, "INSERT INTO ttrss_scheduled_updates
							(owner_uid, feed_id, entered) VALUES
							(".$_SESSION["uid"].", NULL, NOW())");
					
					}
				}
				
			} else {	
				update_all_feeds($link, $subop == "forceUpdateAllFeeds");
			}

			$global_unread_caller = sprintf("%d", $_GET["uctr"]);
			$global_unread = getGlobalUnread($link);

			print "<rpc-reply>";

			print "<counters>";

			if ($global_unread_caller != $global_unread) {

	 			$omode = $_GET["omode"];
	 
	 			if (!$omode) $omode = "tflc";
	 
	 			if (strchr($omode, "l")) getLabelCounters($link);
	 			if (strchr($omode, "f")) getFeedCounters($link);
	 			if (strchr($omode, "t")) getTagCounters($link);
	 			if (strchr($omode, "c")) {			
		 			if (get_pref($link, 'ENABLE_FEED_CATS')) {
		 				getCategoryCounters($link);
		 			}
				}
			}

 			getGlobalCounters($link, $global_unread);

			print "</counters>";

			print_runtime_info($link);

			print "</rpc-reply>";

		}

		/* GET["cmode"] = 0 - mark as read, 1 - as unread, 2 - toggle */
		if ($subop == "catchupSelected") {

			$ids = split(",", db_escape_string($_GET["ids"]));
			$cmode = sprintf("%d", $_GET["cmode"]);

			catchupArticlesById($link, $ids, $cmode);

			print "<rpc-reply>";
			print "<counters>";
			getAllCounters($link, $_GET["omode"]);
			print "</counters>";
			print_runtime_info($link);
			print "</rpc-reply>";
		}

		if ($subop == "markSelected") {

			$ids = split(",", db_escape_string($_GET["ids"]));
			$cmode = sprintf("%d", $_GET["cmode"]);

			markArticlesById($link, $ids, $cmode);

			print "<rpc-reply>";
			print "<counters>";
			getAllCounters($link, $_GET["omode"]);
			print "</counters>";
			print_runtime_info($link);
			print "</rpc-reply>";
		}

		if ($subop == "publishSelected") {

			$ids = split(",", db_escape_string($_GET["ids"]));
			$cmode = sprintf("%d", $_GET["cmode"]);

			publishArticlesById($link, $ids, $cmode);

			print "<rpc-reply>";
			print "<counters>";
			getAllCounters($link, $_GET["omode"]);
			print "</counters>";
			print_runtime_info($link);
			print "</rpc-reply>";
		}

		if ($subop == "sanityCheck") {
			print "<rpc-reply>";
			if (sanity_check($link)) {
				print "<error error-code=\"0\"/>";
				print_init_params($link);
				print_runtime_info($link);

				# assign client-passed params to session
				$_SESSION["client.userAgent"] = $_GET["ua"];

			}
			print "</rpc-reply>";
		}		

		if ($subop == "globalPurge") {

			print "<rpc-reply>";
			global_purge_old_posts($link, true);
			print "</rpc-reply>";

		}

		if ($subop == "getArticleLink") {

			$id = db_escape_string($_GET["id"]);

			$result = db_query($link, "SELECT link FROM ttrss_entries, ttrss_user_entries
				WHERE id = '$id' AND id = ref_id AND owner_uid = '".$_SESSION['uid']."'");

			if (db_num_rows($result) == 1) {
				$link = strip_tags(db_fetch_result($result, 0, "link"));
				print "<rpc-reply><link>$link</link><id>$id</id></rpc-reply>";
			} else {
				print "<rpc-reply><error>Article not found</error></rpc-reply>";
			}
		}

		if ($subop == "setArticleTags") {

			$id = db_escape_string($_GET["id"]);

			$tags_str = db_escape_string($_GET["tags_str"]);

			$tags = array_unique(trim_array(split(",", $tags_str)));

			db_query($link, "BEGIN");

			$result = db_query($link, "SELECT int_id FROM ttrss_user_entries WHERE
				ref_id = '$id' AND owner_uid = '".$_SESSION["uid"]."' LIMIT 1");

			if (db_num_rows($result) == 1) {

				$int_id = db_fetch_result($result, 0, "int_id");

				db_query($link, "DELETE FROM ttrss_tags WHERE 
					post_int_id = $int_id AND owner_uid = '".$_SESSION["uid"]."'");

				foreach ($tags as $tag) {
					$tag = sanitize_tag($tag);	

					if (!tag_is_valid($tag)) {
						continue;
					}

					if (preg_match("/^[0-9]*$/", $tag)) {
						continue;
					}

					print "<!-- $id : $int_id : $tag -->";
					
					if ($tag != '') {
						db_query($link, "INSERT INTO ttrss_tags 
							(post_int_id, owner_uid, tag_name) VALUES ('$int_id', '".$_SESSION["uid"]."', '$tag')");
					}
				}
			}

			db_query($link, "COMMIT");

			print "<rpc-reply>
				<message>$id</message>
				</rpc-reply>";

		}

		if ($subop == "regenPubKey") {

			print "<rpc-reply>";

			set_pref($link, "_PREFS_PUBLISH_KEY", generate_publish_key());

			$new_link = article_publish_url($link);		

			print "<link><![CDATA[$new_link]]></link>";

			print "</rpc-reply>";

		}

		if ($subop == "logout") {
			logout_user();
			print_error_xml(6);
		}

		if ($subop == "completeTags") {

			$search = db_escape_string($_REQUEST["search"]);

			$result = db_query($link, "SELECT DISTINCT tag_name FROM ttrss_tags 
				WHERE owner_uid = '".$_SESSION["uid"]."' AND
			  	tag_name LIKE '$search%' ORDER BY tag_name
				LIMIT 10");

			print "<ul>";
			while ($line = db_fetch_assoc($result)) {
				print "<li>" . $line["tag_name"] . "</li>";
			}
			print "</ul>";

		}

	}
?>
Commit	Line	Data
1d3a17c7	1	<?php
01b3e191 AD	2	function handle_rpc_request($link) {
	3
	4	$subop = $_GET["subop"];
	5
	6	if ($subop == "setpref") {
	7	if (WEB_DEMO_MODE) {
	8	return;
	9	}
	10
	11	print "<rpc-reply>";
	12
	13	$key = db_escape_string($_GET["key"]);
	14	$value = db_escape_string($_GET["value"]);
	15
	16	set_pref($link, $key, $value);
	17
	18	print "<param-set key=\"$key\" value=\"$value\"/>";
	19
	20	print "</rpc-reply>";
	21
	22	}
	23
	24	if ($subop == "getLabelCounters") {
	25	$aid = $_GET["aid"];
	26	print "<rpc-reply>";
f54f515f	27	print "<counters>";
01b3e191 AD	28	getLabelCounters($link);
	29	if ($aid) {
	30	getFeedCounter($link, $aid);
	31	}
f54f515f	32	print "</counters>";
01b3e191 AD	33	print "</rpc-reply>";
	34	}
	35
	36	if ($subop == "getFeedCounters") {
	37	print "<rpc-reply>";
f54f515f	38	print "<counters>";
01b3e191	39	getFeedCounters($link);
f54f515f	40	print "</counters>";
01b3e191 AD	41	print "</rpc-reply>";
	42	}
	43
	44	if ($subop == "getAllCounters") {
cf4d339c	45	print "<rpc-reply>";
f54f515f	46	print "<counters>";
cf4d339c AD	47
	48	$omode = $_GET["omode"];
	49
	50	getAllCounters($link, $omode);
f54f515f AD	51	print "</counters>";
f54f515f AD	52	print_runtime_info($link);
01b3e191 AD	53	print "</rpc-reply>";
	54	}
	55
	56	if ($subop == "mark") {
	57	$mark = $_GET["mark"];
	58	$id = db_escape_string($_GET["id"]);
	59
	60	if ($mark == "1") {
	61	$mark = "true";
	62	} else {
	63	$mark = "false";
	64	}
	65
	66	// FIXME this needs collision testing
	67
	68	$result = db_query($link, "UPDATE ttrss_user_entries SET marked = $mark
	69	WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
49aa6de9	70
36e05046 AD	71	print "<rpc-reply><counters>";
	72	getGlobalCounters($link);
	73	getLabelCounters($link);
	74	if (get_pref($link, 'ENABLE_FEED_CATS')) {
	75	getCategoryCounters($link);
	76	}
	77	print "</counters></rpc-reply>";
49aa6de9	78
01b3e191 AD	79	}
01b3e191 AD	80
e4f4b46f AD	81	if ($subop == "publ") {
	82	$pub = $_GET["pub"];
	83	$id = db_escape_string($_GET["id"]);
	84
	85	if ($pub == "1") {
0a8011eb	86	$pub = "true";
e4f4b46f AD	87	} else {
	88	$pub = "false";
	89	}
	90
	91	// FIXME this needs collision testing
	92
	93	$result = db_query($link, "UPDATE ttrss_user_entries SET published = $pub
	94	WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
49aa6de9	95
36e05046 AD	96	print "<rpc-reply><counters>";
	97	getGlobalCounters($link);
	98	getLabelCounters($link);
	99	if (get_pref($link, 'ENABLE_FEED_CATS')) {
	100	getCategoryCounters($link);
	101	}
	102	print "</counters></rpc-reply>";
49aa6de9	103
e4f4b46f AD	104	}
e4f4b46f AD	105
01b3e191 AD	106	if ($subop == "updateFeed") {
	107	$feed_id = db_escape_string($_GET["feed"]);
	108
	109	$result = db_query($link,
	110	"SELECT feed_url FROM ttrss_feeds WHERE id = '$feed_id'
	111	AND owner_uid = " . $_SESSION["uid"]);
	112
	113	if (db_num_rows($result) > 0) {
	114	$feed_url = db_fetch_result($result, 0, "feed_url");
	115	update_rss_feed($link, $feed_url, $feed_id);
	116	}
	117
f54f515f AD	118	print "<rpc-reply>";
f54f515f AD	119	print "<counters>";
01b3e191	120	getFeedCounter($link, $feed_id);
f54f515f	121	print "</counters>";
01b3e191 AD	122	print "</rpc-reply>";
	123
	124	return;
	125	}
	126
	127	if ($subop == "forceUpdateAllFeeds" \|\| $subop == "updateAllFeeds") {
	128
	129	if (ENABLE_UPDATE_DAEMON) {
	130
	131	if ($subop == "forceUpdateAllFeeds") {
	132
	133	$result = db_query($link, "SELECT count(id) AS cid FROM
	134	ttrss_scheduled_updates WHERE feed_id IS NULL AND
	135	owner_uid = " . $_SESSION["uid"]);
	136
	137	$cid = db_fetch_result($result, 0, "cid");
	138
	139	if ($cid == 0) {
	140
	141	db_query($link, "INSERT INTO ttrss_scheduled_updates
	142	(owner_uid, feed_id, entered) VALUES
	143	(".$_SESSION["uid"].", NULL, NOW())");
	144
	145	}
	146	}
	147
	148	} else {
	149	update_all_feeds($link, $subop == "forceUpdateAllFeeds");
	150	}
	151
	152	$global_unread_caller = sprintf("%d", $_GET["uctr"]);
	153	$global_unread = getGlobalUnread($link);
	154
	155	print "<rpc-reply>";
	156
f54f515f AD	157	print "<counters>";
f54f515f AD	158
01b3e191 AD	159	if ($global_unread_caller != $global_unread) {
	160
	161	$omode = $_GET["omode"];
	162
	163	if (!$omode) $omode = "tflc";
	164
	165	if (strchr($omode, "l")) getLabelCounters($link);
	166	if (strchr($omode, "f")) getFeedCounters($link);
	167	if (strchr($omode, "t")) getTagCounters($link);
	168	if (strchr($omode, "c")) {
	169	if (get_pref($link, 'ENABLE_FEED_CATS')) {
	170	getCategoryCounters($link);
	171	}
	172	}
	173	}
	174
	175	getGlobalCounters($link, $global_unread);
	176
f54f515f AD	177	print "</counters>";
	178
	179	print_runtime_info($link);
	180
01b3e191 AD	181	print "</rpc-reply>";
	182
	183	}
472782e8	184
01b3e191 AD	185	/* GET["cmode"] = 0 - mark as read, 1 - as unread, 2 - toggle */
	186	if ($subop == "catchupSelected") {
	187
	188	$ids = split(",", db_escape_string($_GET["ids"]));
01b3e191 AD	189	$cmode = sprintf("%d", $_GET["cmode"]);
01b3e191 AD	190
472782e8	191	catchupArticlesById($link, $ids, $cmode);
01b3e191	192
01b3e191	193	print "<rpc-reply>";
f54f515f	194	print "<counters>";
2bc2147f	195	getAllCounters($link, $_GET["omode"]);
f54f515f AD	196	print "</counters>";
f54f515f AD	197	print_runtime_info($link);
01b3e191 AD	198	print "</rpc-reply>";
	199	}
	200
	201	if ($subop == "markSelected") {
	202
	203	$ids = split(",", db_escape_string($_GET["ids"]));
01b3e191 AD	204	$cmode = sprintf("%d", $_GET["cmode"]);
01b3e191 AD	205
18eddb2c AD	206	markArticlesById($link, $ids, $cmode);
18eddb2c AD	207
01b3e191	208	print "<rpc-reply>";
f54f515f	209	print "<counters>";
2bc2147f	210	getAllCounters($link, $_GET["omode"]);
f54f515f AD	211	print "</counters>";
f54f515f AD	212	print_runtime_info($link);
01b3e191 AD	213	print "</rpc-reply>";
	214	}
	215
e4f4b46f AD	216	if ($subop == "publishSelected") {
	217
	218	$ids = split(",", db_escape_string($_GET["ids"]));
	219	$cmode = sprintf("%d", $_GET["cmode"]);
	220
	221	publishArticlesById($link, $ids, $cmode);
	222
	223	print "<rpc-reply>";
	224	print "<counters>";
2bc2147f	225	getAllCounters($link, $_GET["omode"]);
e4f4b46f AD	226	print "</counters>";
	227	print_runtime_info($link);
	228	print "</rpc-reply>";
	229	}
	230
01b3e191	231	if ($subop == "sanityCheck") {
3ac2b520	232	print "<rpc-reply>";
01b3e191 AD	233	if (sanity_check($link)) {
01b3e191 AD	234	print "<error error-code=\"0\"/>";
3ac2b520	235	print_init_params($link);
f54f515f	236	print_runtime_info($link);
4220d6b0 AD	237
	238	# assign client-passed params to session
	239	$_SESSION["client.userAgent"] = $_GET["ua"];
	240
01b3e191	241	}
3ac2b520 AD	242	print "</rpc-reply>";
3ac2b520 AD	243	}
01b3e191 AD	244
	245	if ($subop == "globalPurge") {
	246
	247	print "<rpc-reply>";
	248	global_purge_old_posts($link, true);
	249	print "</rpc-reply>";
	250
	251	}
3ac2b520	252
298f3f78 AD	253	if ($subop == "getArticleLink") {
	254
	255	$id = db_escape_string($_GET["id"]);
	256
	257	$result = db_query($link, "SELECT link FROM ttrss_entries, ttrss_user_entries
	258	WHERE id = '$id' AND id = ref_id AND owner_uid = '".$_SESSION['uid']."'");
	259
	260	if (db_num_rows($result) == 1) {
	261	$link = strip_tags(db_fetch_result($result, 0, "link"));
e2ccbfab	262	print "<rpc-reply><link>$link</link><id>$id</id></rpc-reply>";
298f3f78 AD	263	} else {
	264	print "<rpc-reply><error>Article not found</error></rpc-reply>";
	265	}
	266	}
	267
0b126ac2	268	if ($subop == "setArticleTags") {
14b6c54b	269
0b126ac2	270	$id = db_escape_string($_GET["id"]);
14b6c54b	271
0b126ac2 AD	272	$tags_str = db_escape_string($_GET["tags_str"]);
0b126ac2 AD	273
d62a3b63	274	$tags = array_unique(trim_array(split(",", $tags_str)));
0b126ac2 AD	275
	276	db_query($link, "BEGIN");
	277
	278	$result = db_query($link, "SELECT int_id FROM ttrss_user_entries WHERE
	279	ref_id = '$id' AND owner_uid = '".$_SESSION["uid"]."' LIMIT 1");
	280
	281	if (db_num_rows($result) == 1) {
	282
	283	$int_id = db_fetch_result($result, 0, "int_id");
	284
	285	db_query($link, "DELETE FROM ttrss_tags WHERE
	286	post_int_id = $int_id AND owner_uid = '".$_SESSION["uid"]."'");
	287
	288	foreach ($tags as $tag) {
14b6c54b	289	$tag = sanitize_tag($tag);
0b126ac2	290
ef063748 AD	291	if (!tag_is_valid($tag)) {
	292	continue;
	293	}
	294
0b126ac2 AD	295	if (preg_match("/^[0-9]*$/", $tag)) {
	296	continue;
	297	}
14b6c54b	298
9cfd409d	299	print "<!-- $id : $int_id : $tag -->";
0b126ac2 AD	300
	301	if ($tag != '') {
	302	db_query($link, "INSERT INTO ttrss_tags
	303	(post_int_id, owner_uid, tag_name) VALUES ('$int_id', '".$_SESSION["uid"]."', '$tag')");
	304	}
	305	}
	306	}
	307
	308	db_query($link, "COMMIT");
	309
	310	print "<rpc-reply>
	311	<message>$id</message>
	312	</rpc-reply>";
	313
	314	}
01a87dff	315
945c243e AD	316	if ($subop == "regenPubKey") {
	317
	318	print "<rpc-reply>";
	319
	320	set_pref($link, "_PREFS_PUBLISH_KEY", generate_publish_key());
945c243e	321
f56e3080	322	$new_link = article_publish_url($link);
945c243e AD	323
	324	print "<link><![CDATA[$new_link]]></link>";
	325
	326	print "</rpc-reply>";
	327
	328	}
	329
01a87dff AD	330	if ($subop == "logout") {
	331	logout_user();
	332	print_error_xml(6);
	333	}
	334
05fcdf52 AD	335	if ($subop == "completeTags") {
	336
	337	$search = db_escape_string($_REQUEST["search"]);
	338
	339	$result = db_query($link, "SELECT DISTINCT tag_name FROM ttrss_tags
	340	WHERE owner_uid = '".$_SESSION["uid"]."' AND
	341	tag_name LIKE '$search%' ORDER BY tag_name
	342	LIMIT 10");
	343
	344	print "<ul>";
	345	while ($line = db_fetch_assoc($result)) {
	346	print "<li>" . $line["tag_name"] . "</li>";
	347	}
	348	print "</ul>";
	349
	350	}
	351
01b3e191 AD	352	}
01b3e191 AD	353	?>