]>
Commit | Line | Data |
---|---|---|
1 | <?php | |
2 | class Article extends Handler_Protected { | |
3 | ||
4 | function csrf_ignore($method) { | |
5 | $csrf_ignored = array("redirect", "editarticletags"); | |
6 | ||
7 | return array_search($method, $csrf_ignored) !== false; | |
8 | } | |
9 | ||
10 | function redirect() { | |
11 | $id = clean($_REQUEST['id']); | |
12 | ||
13 | $sth = $this->pdo->prepare("SELECT link FROM ttrss_entries, ttrss_user_entries | |
14 | WHERE id = ? AND id = ref_id AND owner_uid = ? | |
15 | LIMIT 1"); | |
16 | $sth->execute([$id, $_SESSION['uid']]); | |
17 | ||
18 | if ($row = $sth->fetch()) { | |
19 | $article_url = $row['link']; | |
20 | $article_url = str_replace("\n", "", $article_url); | |
21 | ||
22 | header("Location: $article_url"); | |
23 | return; | |
24 | ||
25 | } else { | |
26 | print_error(__("Article not found.")); | |
27 | } | |
28 | } | |
29 | ||
30 | function view() { | |
31 | $id = clean($_REQUEST["id"]); | |
32 | $cids = explode(",", clean($_REQUEST["cids"])); | |
33 | $mode = clean($_REQUEST["mode"]); | |
34 | ||
35 | // in prefetch mode we only output requested cids, main article | |
36 | // just gets marked as read (it already exists in client cache) | |
37 | ||
38 | $articles = array(); | |
39 | ||
40 | if ($mode == "") { | |
41 | array_push($articles, $this->format_article($id, false)); | |
42 | } else if ($mode == "zoom") { | |
43 | array_push($articles, $this->format_article($id, true, true)); | |
44 | } else if ($mode == "raw") { | |
45 | if (isset($_REQUEST['html'])) { | |
46 | header("Content-Type: text/html"); | |
47 | print '<link rel="stylesheet" type="text/css" href="css/default.css"/>'; | |
48 | } | |
49 | ||
50 | $article = $this->format_article($id, false, isset($_REQUEST["zoom"])); | |
51 | print $article['content']; | |
52 | return; | |
53 | } | |
54 | ||
55 | $this->catchupArticleById($id, 0); | |
56 | ||
57 | if (!$_SESSION["bw_limit"]) { | |
58 | foreach ($cids as $cid) { | |
59 | if ($cid) { | |
60 | array_push($articles, $this->format_article($cid, false, false)); | |
61 | } | |
62 | } | |
63 | } | |
64 | ||
65 | print json_encode($articles); | |
66 | } | |
67 | ||
68 | private function catchupArticleById($id, $cmode) { | |
69 | ||
70 | if ($cmode == 0) { | |
71 | $sth = $this->pdo->prepare("UPDATE ttrss_user_entries SET | |
72 | unread = false,last_read = NOW() | |
73 | WHERE ref_id = ? AND owner_uid = ?"); | |
74 | } else if ($cmode == 1) { | |
75 | $sth = $this->pdo->prepare("UPDATE ttrss_user_entries SET | |
76 | unread = true | |
77 | WHERE ref_id = ? AND owner_uid = ?"); | |
78 | } else { | |
79 | $sth = $this->pdo->prepare("UPDATE ttrss_user_entries SET | |
80 | unread = NOT unread,last_read = NOW() | |
81 | WHERE ref_id = ? AND owner_uid = ?"); | |
82 | } | |
83 | ||
84 | $sth->execute([$id, $_SESSION['uid']]); | |
85 | ||
86 | $feed_id = $this->getArticleFeed($id); | |
87 | CCache::update($feed_id, $_SESSION["uid"]); | |
88 | } | |
89 | ||
90 | static function create_published_article($title, $url, $content, $labels_str, | |
91 | $owner_uid) { | |
92 | ||
93 | $guid = 'SHA1:' . sha1("ttshared:" . $url . $owner_uid); // include owner_uid to prevent global GUID clash | |
94 | ||
95 | if (!$content) { | |
96 | $pluginhost = new PluginHost(); | |
97 | $pluginhost->load_all(PluginHost::KIND_ALL, $owner_uid); | |
98 | $pluginhost->load_data(); | |
99 | ||
100 | $af_readability = $pluginhost->get_plugin("Af_Readability"); | |
101 | ||
102 | if ($af_readability) { | |
103 | $enable_share_anything = $pluginhost->get($af_readability, "enable_share_anything"); | |
104 | ||
105 | if ($enable_share_anything) { | |
106 | $extracted_content = $af_readability->extract_content($url); | |
107 | ||
108 | if ($extracted_content) $content = $extracted_content; | |
109 | } | |
110 | } | |
111 | } | |
112 | ||
113 | $content_hash = sha1($content); | |
114 | ||
115 | if ($labels_str != "") { | |
116 | $labels = explode(",", $labels_str); | |
117 | } else { | |
118 | $labels = array(); | |
119 | } | |
120 | ||
121 | $rc = false; | |
122 | ||
123 | if (!$title) $title = $url; | |
124 | if (!$title && !$url) return false; | |
125 | ||
126 | if (filter_var($url, FILTER_VALIDATE_URL) === FALSE) return false; | |
127 | ||
128 | $pdo = Db::pdo(); | |
129 | ||
130 | $pdo->beginTransaction(); | |
131 | ||
132 | // only check for our user data here, others might have shared this with different content etc | |
133 | $sth = $pdo->prepare("SELECT id FROM ttrss_entries, ttrss_user_entries WHERE | |
134 | guid = ? AND ref_id = id AND owner_uid = ? LIMIT 1"); | |
135 | $sth->execute([$guid, $owner_uid]); | |
136 | ||
137 | if ($row = $sth->fetch()) { | |
138 | $ref_id = $row['id']; | |
139 | ||
140 | $sth = $pdo->prepare("SELECT int_id FROM ttrss_user_entries WHERE | |
141 | ref_id = ? AND owner_uid = ? LIMIT 1"); | |
142 | $sth->execute([$ref_id, $owner_uid]); | |
143 | ||
144 | if ($row = $sth->fetch()) { | |
145 | $int_id = $row['int_id']; | |
146 | ||
147 | $sth = $pdo->prepare("UPDATE ttrss_entries SET | |
148 | content = ?, content_hash = ? WHERE id = ?"); | |
149 | $sth->execute([$content, $content_hash, $ref_id]); | |
150 | ||
151 | $sth = $pdo->prepare("UPDATE ttrss_user_entries SET published = true, | |
152 | last_published = NOW() WHERE | |
153 | int_id = ? AND owner_uid = ?"); | |
154 | $sth->execute([$int_id, $owner_uid]); | |
155 | ||
156 | } else { | |
157 | ||
158 | $sth = $pdo->prepare("INSERT INTO ttrss_user_entries | |
159 | (ref_id, uuid, feed_id, orig_feed_id, owner_uid, published, tag_cache, label_cache, | |
160 | last_read, note, unread, last_published) | |
161 | VALUES | |
162 | (?, '', NULL, NULL, ?, true, '', '', NOW(), '', false, NOW())"); | |
163 | $sth->execute([$ref_id, $owner_uid]); | |
164 | } | |
165 | ||
166 | if (count($labels) != 0) { | |
167 | foreach ($labels as $label) { | |
168 | Labels::add_article($ref_id, trim($label), $owner_uid); | |
169 | } | |
170 | } | |
171 | ||
172 | $rc = true; | |
173 | ||
174 | } else { | |
175 | $sth = $pdo->prepare("INSERT INTO ttrss_entries | |
176 | (title, guid, link, updated, content, content_hash, date_entered, date_updated) | |
177 | VALUES | |
178 | (?, ?, ?, NOW(), ?, ?, NOW(), NOW())"); | |
179 | $sth->execute([$title, $guid, $url, $content, $content_hash]); | |
180 | ||
181 | $sth = $pdo->prepare("SELECT id FROM ttrss_entries WHERE guid = ?"); | |
182 | $sth->execute([$guid]); | |
183 | ||
184 | if ($row = $sth->fetch()) { | |
185 | $ref_id = $row["id"]; | |
186 | ||
187 | $sth = $pdo->prepare("INSERT INTO ttrss_user_entries | |
188 | (ref_id, uuid, feed_id, orig_feed_id, owner_uid, published, tag_cache, label_cache, | |
189 | last_read, note, unread, last_published) | |
190 | VALUES | |
191 | (?, '', NULL, NULL, ?, true, '', '', NOW(), '', false, NOW())"); | |
192 | $sth->execute([$ref_id, $owner_uid]); | |
193 | ||
194 | if (count($labels) != 0) { | |
195 | foreach ($labels as $label) { | |
196 | Labels::add_article($ref_id, trim($label), $owner_uid); | |
197 | } | |
198 | } | |
199 | ||
200 | $rc = true; | |
201 | } | |
202 | } | |
203 | ||
204 | $pdo->commit(); | |
205 | ||
206 | return $rc; | |
207 | } | |
208 | ||
209 | function editArticleTags() { | |
210 | ||
211 | print __("Tags for this article (separated by commas):")."<br>"; | |
212 | ||
213 | $param = clean($_REQUEST['param']); | |
214 | ||
215 | $tags = Article::get_article_tags($param); | |
216 | ||
217 | $tags_str = join(", ", $tags); | |
218 | ||
219 | print_hidden("id", "$param"); | |
220 | print_hidden("op", "article"); | |
221 | print_hidden("method", "setArticleTags"); | |
222 | ||
223 | print "<table width='100%'><tr><td>"; | |
224 | ||
225 | print "<textarea dojoType=\"dijit.form.SimpleTextarea\" rows='4' | |
226 | style='height : 100px; font-size : 12px; width : 98%' id=\"tags_str\" | |
227 | name='tags_str'>$tags_str</textarea> | |
228 | <div class=\"autocomplete\" id=\"tags_choices\" | |
229 | style=\"display:none\"></div>"; | |
230 | ||
231 | print "</td></tr></table>"; | |
232 | ||
233 | print "<div class='dlgButtons'>"; | |
234 | ||
235 | print "<button dojoType=\"dijit.form.Button\" | |
236 | onclick=\"dijit.byId('editTagsDlg').execute()\">".__('Save')."</button> "; | |
237 | print "<button dojoType=\"dijit.form.Button\" | |
238 | onclick=\"dijit.byId('editTagsDlg').hide()\">".__('Cancel')."</button>"; | |
239 | print "</div>"; | |
240 | ||
241 | } | |
242 | ||
243 | function setScore() { | |
244 | $ids = explode(",", clean($_REQUEST['id'])); | |
245 | $score = (int)clean($_REQUEST['score']); | |
246 | ||
247 | $ids_qmarks = arr_qmarks($ids); | |
248 | ||
249 | $sth = $this->pdo->prepare("UPDATE ttrss_user_entries SET | |
250 | score = ? WHERE ref_id IN ($ids_qmarks) AND owner_uid = ?"); | |
251 | ||
252 | $sth->execute(array_merge([$score], $ids, [$_SESSION['uid']])); | |
253 | ||
254 | print json_encode(array("id" => $ids, | |
255 | "score" => (int)$score, | |
256 | "score_pic" => get_score_pic($score))); | |
257 | } | |
258 | ||
259 | function getScore() { | |
260 | $id = clean($_REQUEST['id']); | |
261 | ||
262 | $sth = $this->pdo->prepare("SELECT score FROM ttrss_user_entries WHERE ref_id = ? AND owner_uid = ?"); | |
263 | $sth->execute([$id, $_SESSION['uid']]); | |
264 | $row = $sth->fetch(); | |
265 | ||
266 | $score = $row['score']; | |
267 | ||
268 | print json_encode(array("id" => $id, | |
269 | "score" => (int)$score, | |
270 | "score_pic" => get_score_pic($score))); | |
271 | } | |
272 | ||
273 | ||
274 | function setArticleTags() { | |
275 | ||
276 | $id = clean($_REQUEST["id"]); | |
277 | ||
278 | $tags_str = clean($_REQUEST["tags_str"]); | |
279 | $tags = array_unique(trim_array(explode(",", $tags_str))); | |
280 | ||
281 | $this->pdo->beginTransaction(); | |
282 | ||
283 | $sth = $this->pdo->prepare("SELECT int_id FROM ttrss_user_entries WHERE | |
284 | ref_id = ? AND owner_uid = ? LIMIT 1"); | |
285 | $sth->execute([$id, $_SESSION['uid']]); | |
286 | ||
287 | if ($row = $sth->fetch()) { | |
288 | ||
289 | $tags_to_cache = array(); | |
290 | ||
291 | $int_id = $row['int_id']; | |
292 | ||
293 | $sth = $this->pdo->prepare("DELETE FROM ttrss_tags WHERE | |
294 | post_int_id = ? AND owner_uid = ?"); | |
295 | $sth->execute([$int_id, $_SESSION['uid']]); | |
296 | ||
297 | foreach ($tags as $tag) { | |
298 | $tag = sanitize_tag($tag); | |
299 | ||
300 | if (!tag_is_valid($tag)) { | |
301 | continue; | |
302 | } | |
303 | ||
304 | if (preg_match("/^[0-9]*$/", $tag)) { | |
305 | continue; | |
306 | } | |
307 | ||
308 | // print "<!-- $id : $int_id : $tag -->"; | |
309 | ||
310 | if ($tag != '') { | |
311 | $sth = $this->pdo->prepare("INSERT INTO ttrss_tags | |
312 | (post_int_id, owner_uid, tag_name) | |
313 | VALUES (?, ?, ?)"); | |
314 | ||
315 | $sth->execute([$int_id, $_SESSION['uid'], $tag]); | |
316 | } | |
317 | ||
318 | array_push($tags_to_cache, $tag); | |
319 | } | |
320 | ||
321 | /* update tag cache */ | |
322 | ||
323 | sort($tags_to_cache); | |
324 | $tags_str = join(",", $tags_to_cache); | |
325 | ||
326 | $sth = $this->pdo->prepare("UPDATE ttrss_user_entries | |
327 | SET tag_cache = ? WHERE ref_id = ? AND owner_uid = ?"); | |
328 | $sth->execute([$tags_str, $id, $_SESSION['uid']]); | |
329 | } | |
330 | ||
331 | $this->pdo->commit(); | |
332 | ||
333 | $tags = Article::get_article_tags($id); | |
334 | $tags_str = $this->format_tags_string($tags, $id); | |
335 | $tags_str_full = join(", ", $tags); | |
336 | ||
337 | if (!$tags_str_full) $tags_str_full = __("no tags"); | |
338 | ||
339 | print json_encode(array("id" => (int)$id, | |
340 | "content" => $tags_str, "content_full" => $tags_str_full)); | |
341 | } | |
342 | ||
343 | ||
344 | function completeTags() { | |
345 | $search = clean($_REQUEST["search"]); | |
346 | ||
347 | $sth = $this->pdo->prepare("SELECT DISTINCT tag_name FROM ttrss_tags | |
348 | WHERE owner_uid = ? AND | |
349 | tag_name LIKE ? ORDER BY tag_name | |
350 | LIMIT 10"); | |
351 | ||
352 | $sth->execute([$_SESSION['uid'], "$search%"]); | |
353 | ||
354 | print "<ul>"; | |
355 | while ($line = $sth->fetch()) { | |
356 | print "<li>" . $line["tag_name"] . "</li>"; | |
357 | } | |
358 | print "</ul>"; | |
359 | } | |
360 | ||
361 | function assigntolabel() { | |
362 | return $this->labelops(true); | |
363 | } | |
364 | ||
365 | function removefromlabel() { | |
366 | return $this->labelops(false); | |
367 | } | |
368 | ||
369 | private function labelops($assign) { | |
370 | $reply = array(); | |
371 | ||
372 | $ids = explode(",", clean($_REQUEST["ids"])); | |
373 | $label_id = clean($_REQUEST["lid"]); | |
374 | ||
375 | $label = db_escape_string(Labels::find_caption($label_id, | |
376 | $_SESSION["uid"])); | |
377 | ||
378 | $reply["info-for-headlines"] = array(); | |
379 | ||
380 | if ($label) { | |
381 | ||
382 | foreach ($ids as $id) { | |
383 | ||
384 | if ($assign) | |
385 | Labels::add_article($id, $label, $_SESSION["uid"]); | |
386 | else | |
387 | Labels::remove_article($id, $label, $_SESSION["uid"]); | |
388 | ||
389 | $labels = $this->get_article_labels($id, $_SESSION["uid"]); | |
390 | ||
391 | array_push($reply["info-for-headlines"], | |
392 | array("id" => $id, "labels" => $this->format_article_labels($labels))); | |
393 | ||
394 | } | |
395 | } | |
396 | ||
397 | $reply["message"] = "UPDATE_COUNTERS"; | |
398 | ||
399 | print json_encode($reply); | |
400 | } | |
401 | ||
402 | function getArticleFeed($id) { | |
403 | $sth = $this->pdo->prepare("SELECT feed_id FROM ttrss_user_entries | |
404 | WHERE ref_id = ? AND owner_uid = ?"); | |
405 | $sth->execute([$id, $_SESSION['uid']]); | |
406 | ||
407 | if ($row = $sth->fetch()) { | |
408 | return $row["feed_id"]; | |
409 | } else { | |
410 | return 0; | |
411 | } | |
412 | } | |
413 | ||
414 | static function format_article_enclosures($id, $always_display_enclosures, | |
415 | $article_content, $hide_images = false) { | |
416 | ||
417 | $result = Article::get_article_enclosures($id); | |
418 | $rv = ''; | |
419 | ||
420 | foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_FORMAT_ENCLOSURES) as $plugin) { | |
421 | $retval = $plugin->hook_format_enclosures($rv, $result, $id, $always_display_enclosures, $article_content, $hide_images); | |
422 | if (is_array($retval)) { | |
423 | $rv = $retval[0]; | |
424 | $result = $retval[1]; | |
425 | } else { | |
426 | $rv = $retval; | |
427 | } | |
428 | } | |
429 | unset($retval); // Unset to prevent breaking render if there are no HOOK_RENDER_ENCLOSURE hooks below. | |
430 | ||
431 | if ($rv === '' && !empty($result)) { | |
432 | $entries_html = array(); | |
433 | $entries = array(); | |
434 | $entries_inline = array(); | |
435 | ||
436 | foreach ($result as $line) { | |
437 | ||
438 | foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_ENCLOSURE_ENTRY) as $plugin) { | |
439 | $line = $plugin->hook_enclosure_entry($line); | |
440 | } | |
441 | ||
442 | $url = $line["content_url"]; | |
443 | $ctype = $line["content_type"]; | |
444 | $title = $line["title"]; | |
445 | $width = $line["width"]; | |
446 | $height = $line["height"]; | |
447 | ||
448 | if (!$ctype) $ctype = __("unknown type"); | |
449 | ||
450 | //$filename = substr($url, strrpos($url, "/")+1); | |
451 | $filename = basename($url); | |
452 | ||
453 | $player = format_inline_player($url, $ctype); | |
454 | ||
455 | if ($player) array_push($entries_inline, $player); | |
456 | ||
457 | # $entry .= " <a target=\"_blank\" href=\"" . htmlspecialchars($url) . "\" rel=\"noopener noreferrer\">" . | |
458 | # $filename . " (" . $ctype . ")" . "</a>"; | |
459 | ||
460 | $entry = "<div onclick=\"openUrlPopup('".htmlspecialchars($url)."')\" | |
461 | dojoType=\"dijit.MenuItem\">$filename ($ctype)</div>"; | |
462 | ||
463 | array_push($entries_html, $entry); | |
464 | ||
465 | $entry = array(); | |
466 | ||
467 | $entry["type"] = $ctype; | |
468 | $entry["filename"] = $filename; | |
469 | $entry["url"] = $url; | |
470 | $entry["title"] = $title; | |
471 | $entry["width"] = $width; | |
472 | $entry["height"] = $height; | |
473 | ||
474 | array_push($entries, $entry); | |
475 | } | |
476 | ||
477 | if ($_SESSION['uid'] && !get_pref("STRIP_IMAGES") && !$_SESSION["bw_limit"]) { | |
478 | if ($always_display_enclosures || | |
479 | !preg_match("/<img/i", $article_content)) { | |
480 | ||
481 | foreach ($entries as $entry) { | |
482 | ||
483 | foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_RENDER_ENCLOSURE) as $plugin) | |
484 | $retval = $plugin->hook_render_enclosure($entry, $hide_images); | |
485 | ||
486 | ||
487 | if ($retval) { | |
488 | $rv .= $retval; | |
489 | } else { | |
490 | ||
491 | if (preg_match("/image/", $entry["type"])) { | |
492 | ||
493 | if (!$hide_images) { | |
494 | $encsize = ''; | |
495 | if ($entry['height'] > 0) | |
496 | $encsize .= ' height="' . intval($entry['height']) . '"'; | |
497 | if ($entry['width'] > 0) | |
498 | $encsize .= ' width="' . intval($entry['width']) . '"'; | |
499 | $rv .= "<p><img | |
500 | alt=\"".htmlspecialchars($entry["filename"])."\" | |
501 | src=\"" .htmlspecialchars($entry["url"]) . "\" | |
502 | " . $encsize . " /></p>"; | |
503 | } else { | |
504 | $rv .= "<p><a target=\"_blank\" rel=\"noopener noreferrer\" | |
505 | href=\"".htmlspecialchars($entry["url"])."\" | |
506 | >" .htmlspecialchars($entry["url"]) . "</a></p>"; | |
507 | } | |
508 | ||
509 | if ($entry['title']) { | |
510 | $rv.= "<div class=\"enclosure_title\">${entry['title']}</div>"; | |
511 | } | |
512 | } | |
513 | } | |
514 | } | |
515 | } | |
516 | } | |
517 | ||
518 | if (count($entries_inline) > 0) { | |
519 | $rv .= "<hr clear='both'/>"; | |
520 | foreach ($entries_inline as $entry) { $rv .= $entry; }; | |
521 | $rv .= "<hr clear='both'/>"; | |
522 | } | |
523 | ||
524 | $rv .= "<div class=\"attachments\" dojoType=\"dijit.form.DropDownButton\">". | |
525 | "<span>" . __('Attachments')."</span>"; | |
526 | ||
527 | $rv .= "<div dojoType=\"dijit.Menu\" style=\"display: none;\">"; | |
528 | ||
529 | foreach ($entries as $entry) { | |
530 | if ($entry["title"]) | |
531 | $title = " — " . truncate_string($entry["title"], 30); | |
532 | else | |
533 | $title = ""; | |
534 | ||
535 | if ($entry["filename"]) | |
536 | $filename = truncate_middle(htmlspecialchars($entry["filename"]), 60); | |
537 | else | |
538 | $filename = ""; | |
539 | ||
540 | $rv .= "<div onclick='openUrlPopup(\"".htmlspecialchars($entry["url"])."\")' | |
541 | dojoType=\"dijit.MenuItem\">".$filename . $title."</div>"; | |
542 | ||
543 | }; | |
544 | ||
545 | $rv .= "</div>"; | |
546 | $rv .= "</div>"; | |
547 | } | |
548 | ||
549 | return $rv; | |
550 | } | |
551 | ||
552 | static function format_article($id, $mark_as_read = true, $zoom_mode = false, $owner_uid = false) { | |
553 | if (!$owner_uid) $owner_uid = $_SESSION["uid"]; | |
554 | ||
555 | $rv = array(); | |
556 | ||
557 | $rv['id'] = $id; | |
558 | ||
559 | /* we can figure out feed_id from article id anyway, why do we | |
560 | * pass feed_id here? let's ignore the argument :(*/ | |
561 | ||
562 | $pdo = Db::pdo(); | |
563 | ||
564 | $sth = $pdo->prepare("SELECT feed_id FROM ttrss_user_entries | |
565 | WHERE ref_id = ?"); | |
566 | $sth->execute([$id]); | |
567 | $row = $sth->fetch(); | |
568 | ||
569 | $feed_id = (int) $row["feed_id"]; | |
570 | ||
571 | $rv['feed_id'] = $feed_id; | |
572 | ||
573 | //if (!$zoom_mode) { print "<article id='$id'><![CDATA["; }; | |
574 | ||
575 | if ($mark_as_read) { | |
576 | $sth = $pdo->prepare("UPDATE ttrss_user_entries | |
577 | SET unread = false,last_read = NOW() | |
578 | WHERE ref_id = ? AND owner_uid = ?"); | |
579 | $sth->execute([$id, $owner_uid]); | |
580 | ||
581 | CCache::update($feed_id, $owner_uid); | |
582 | } | |
583 | ||
584 | $sth = $pdo->prepare("SELECT id,title,link,content,feed_id,comments,int_id,lang, | |
585 | ".SUBSTRING_FOR_DATE."(updated,1,16) as updated, | |
586 | (SELECT site_url FROM ttrss_feeds WHERE id = feed_id) as site_url, | |
587 | (SELECT title FROM ttrss_feeds WHERE id = feed_id) as feed_title, | |
588 | (SELECT hide_images FROM ttrss_feeds WHERE id = feed_id) as hide_images, | |
589 | (SELECT always_display_enclosures FROM ttrss_feeds WHERE id = feed_id) as always_display_enclosures, | |
590 | num_comments, | |
591 | tag_cache, | |
592 | author, | |
593 | guid, | |
594 | orig_feed_id, | |
595 | note | |
596 | FROM ttrss_entries,ttrss_user_entries | |
597 | WHERE id = ? AND ref_id = id AND owner_uid = ?"); | |
598 | $sth->execute([$id, $owner_uid]); | |
599 | ||
600 | if ($line = $sth->fetch()) { | |
601 | ||
602 | $line["tags"] = Article::get_article_tags($id, $owner_uid, $line["tag_cache"]); | |
603 | unset($line["tag_cache"]); | |
604 | ||
605 | $line["content"] = sanitize($line["content"], | |
606 | $line['hide_images'], | |
607 | $owner_uid, $line["site_url"], false, $line["id"]); | |
608 | ||
609 | foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_RENDER_ARTICLE) as $p) { | |
610 | $line = $p->hook_render_article($line); | |
611 | } | |
612 | ||
613 | $line['content'] = rewrite_cached_urls($line['content']); | |
614 | ||
615 | $num_comments = (int) $line["num_comments"]; | |
616 | $entry_comments = ""; | |
617 | ||
618 | if ($num_comments > 0) { | |
619 | if ($line["comments"]) { | |
620 | $comments_url = htmlspecialchars($line["comments"]); | |
621 | } else { | |
622 | $comments_url = htmlspecialchars($line["link"]); | |
623 | } | |
624 | $entry_comments = "<a class=\"postComments\" | |
625 | target='_blank' rel=\"noopener noreferrer\" href=\"$comments_url\">$num_comments ". | |
626 | _ngettext("comment", "comments", $num_comments)."</a>"; | |
627 | ||
628 | } else { | |
629 | if ($line["comments"] && $line["link"] != $line["comments"]) { | |
630 | $entry_comments = "<a class=\"postComments\" target='_blank' rel=\"noopener noreferrer\" href=\"".htmlspecialchars($line["comments"])."\">".__("comments")."</a>"; | |
631 | } | |
632 | } | |
633 | ||
634 | $enclosures = self::get_article_enclosures($line["id"]); | |
635 | ||
636 | if ($zoom_mode) { | |
637 | header("Content-Type: text/html"); | |
638 | $rv['content'] .= "<!DOCTYPE html> | |
639 | <html><head> | |
640 | <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/> | |
641 | <title>".$line["title"]."</title>". | |
642 | stylesheet_tag("css/default.css")." | |
643 | <link rel=\"shortcut icon\" type=\"image/png\" href=\"images/favicon.png\"> | |
644 | <link rel=\"icon\" type=\"image/png\" sizes=\"72x72\" href=\"images/favicon-72px.png\">"; | |
645 | ||
646 | $rv['content'] .= "<meta property=\"og:title\" content=\"".htmlspecialchars($line["title"])."\"/>\n"; | |
647 | $rv['content'] .= "<meta property=\"og:site_name\" content=\"".htmlspecialchars($line["feed_title"])."\"/>\n"; | |
648 | $rv['content'] .= "<meta property=\"og:description\" content=\"". | |
649 | htmlspecialchars(truncate_string(strip_tags($line["content"]), 500, "..."))."\"/>\n"; | |
650 | ||
651 | $rv['content'] .= "</head>"; | |
652 | ||
653 | $og_image = false; | |
654 | ||
655 | foreach ($enclosures as $enc) { | |
656 | if (strpos($enc["content_type"], "image/") !== FALSE) { | |
657 | $og_image = $enc["content_url"]; | |
658 | break; | |
659 | } | |
660 | } | |
661 | ||
662 | if (!$og_image) { | |
663 | $tmpdoc = new DOMDocument(); | |
664 | ||
665 | if (@$tmpdoc->loadHTML(mb_substr($line["content"], 0, 131070))) { | |
666 | $tmpxpath = new DOMXPath($tmpdoc); | |
667 | $first_img = $tmpxpath->query("//img")->item(0); | |
668 | ||
669 | if ($first_img) { | |
670 | $og_image = $first_img->getAttribute("src"); | |
671 | } | |
672 | } | |
673 | } | |
674 | ||
675 | if ($og_image) { | |
676 | $rv['content'] .= "<meta property=\"og:image\" content=\"" . htmlspecialchars($og_image) . "\"/>"; | |
677 | } | |
678 | ||
679 | $rv['content'] .= "<body class=\"claro ttrss_utility ttrss_zoom\">"; | |
680 | } | |
681 | ||
682 | $rv['content'] .= "<div class=\"postReply\" id=\"POST-$id\">"; | |
683 | ||
684 | $rv['content'] .= "<div class=\"postHeader\" id=\"POSTHDR-$id\">"; | |
685 | ||
686 | $entry_author = $line["author"]; | |
687 | ||
688 | if ($entry_author) { | |
689 | $entry_author = __(" - ") . $entry_author; | |
690 | } | |
691 | ||
692 | $parsed_updated = make_local_datetime($line["updated"], true, | |
693 | $owner_uid, true); | |
694 | ||
695 | if (!$zoom_mode) | |
696 | $rv['content'] .= "<div class=\"postDate\">$parsed_updated</div>"; | |
697 | ||
698 | if ($line["link"]) { | |
699 | $rv['content'] .= "<div class='postTitle'><a target='_blank' rel='noopener noreferrer' | |
700 | title=\"".htmlspecialchars($line['title'])."\" | |
701 | href=\"" . | |
702 | htmlspecialchars($line["link"]) . "\">" . | |
703 | $line["title"] . "</a>" . | |
704 | "<span class='author'>$entry_author</span></div>"; | |
705 | } else { | |
706 | $rv['content'] .= "<div class='postTitle'>" . $line["title"] . "$entry_author</div>"; | |
707 | } | |
708 | ||
709 | if ($zoom_mode) { | |
710 | $feed_title = htmlspecialchars($line["feed_title"]); | |
711 | ||
712 | $rv['content'] .= "<div class=\"postFeedTitle\">$feed_title</div>"; | |
713 | ||
714 | $rv['content'] .= "<div class=\"postDate\">$parsed_updated</div>"; | |
715 | } | |
716 | ||
717 | $tags_str = Article::format_tags_string($line["tags"], $id); | |
718 | $tags_str_full = join(", ", $line["tags"]); | |
719 | ||
720 | if (!$tags_str_full) $tags_str_full = __("no tags"); | |
721 | ||
722 | if (!$entry_comments) $entry_comments = " "; # placeholder | |
723 | ||
724 | $rv['content'] .= "<div class='postTags' style='float : right'> | |
725 | <img src='images/tag.png' | |
726 | class='tagsPic' alt='Tags' title='Tags'> "; | |
727 | ||
728 | if (!$zoom_mode) { | |
729 | $rv['content'] .= "<span id=\"ATSTR-$id\">$tags_str</span> | |
730 | <a title=\"".__('Edit tags for this article')."\" | |
731 | href=\"#\" onclick=\"editArticleTags($id, $feed_id)\">(+)</a>"; | |
732 | ||
733 | $rv['content'] .= "<div dojoType=\"dijit.Tooltip\" | |
734 | id=\"ATSTRTIP-$id\" connectId=\"ATSTR-$id\" | |
735 | position=\"below\">$tags_str_full</div>"; | |
736 | ||
737 | foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_ARTICLE_BUTTON) as $p) { | |
738 | $rv['content'] .= $p->hook_article_button($line); | |
739 | } | |
740 | ||
741 | } else { | |
742 | $tags_str = strip_tags($tags_str); | |
743 | $rv['content'] .= "<span id=\"ATSTR-$id\">$tags_str</span>"; | |
744 | } | |
745 | $rv['content'] .= "</div>"; | |
746 | $rv['content'] .= "<div clear='both'>"; | |
747 | ||
748 | foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_ARTICLE_LEFT_BUTTON) as $p) { | |
749 | $rv['content'] .= $p->hook_article_left_button($line); | |
750 | } | |
751 | ||
752 | $rv['content'] .= "$entry_comments</div>"; | |
753 | ||
754 | if ($line["orig_feed_id"]) { | |
755 | ||
756 | $of_sth = $pdo->prepare("SELECT * FROM ttrss_archived_feeds | |
757 | WHERE id = ? AND owner_uid = ?"); | |
758 | $of_sth->execute([$line["orig_feed_id"], $owner_uid]); | |
759 | ||
760 | if ($tmp_line = $of_sth->fetch()) { | |
761 | ||
762 | $rv['content'] .= "<div clear='both'>"; | |
763 | $rv['content'] .= __("Originally from:"); | |
764 | ||
765 | $rv['content'] .= " "; | |
766 | ||
767 | $rv['content'] .= "<a target='_blank' rel='noopener noreferrer' | |
768 | href=' " . htmlspecialchars($tmp_line['site_url']) . "'>" . | |
769 | $tmp_line['title'] . "</a>"; | |
770 | ||
771 | $rv['content'] .= " "; | |
772 | ||
773 | $rv['content'] .= "<a target='_blank' rel='noopener noreferrer' href='" . htmlspecialchars($tmp_line['feed_url']) . "'>"; | |
774 | $rv['content'] .= "<img title='".__('Feed URL')."' class='tinyFeedIcon' src='images/pub_set.png'></a>"; | |
775 | ||
776 | $rv['content'] .= "</div>"; | |
777 | } | |
778 | } | |
779 | ||
780 | $rv['content'] .= "</div>"; | |
781 | ||
782 | $rv['content'] .= "<div id=\"POSTNOTE-$id\">"; | |
783 | if ($line['note']) { | |
784 | $rv['content'] .= Article::format_article_note($id, $line['note'], !$zoom_mode); | |
785 | } | |
786 | $rv['content'] .= "</div>"; | |
787 | ||
788 | if (!$line['lang']) $line['lang'] = 'en'; | |
789 | ||
790 | $rv['content'] .= "<div class=\"postContent\" lang=\"".$line['lang']."\">"; | |
791 | ||
792 | $rv['content'] .= $line["content"]; | |
793 | ||
794 | if (!$zoom_mode) { | |
795 | $rv['content'] .= Article::format_article_enclosures($id, | |
796 | $line["always_display_enclosures"], | |
797 | $line["content"], | |
798 | $line["hide_images"]); | |
799 | } | |
800 | ||
801 | $rv['content'] .= "</div>"; | |
802 | ||
803 | $rv['content'] .= "</div>"; | |
804 | ||
805 | } | |
806 | ||
807 | if ($zoom_mode) { | |
808 | $rv['content'] .= " | |
809 | <div class='footer'> | |
810 | <button onclick=\"return window.close()\">". | |
811 | __("Close this window")."</button></div>"; | |
812 | $rv['content'] .= "</body></html>"; | |
813 | } | |
814 | ||
815 | foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_FORMAT_ARTICLE) as $p) { | |
816 | $rv['content'] = $p->hook_format_article($rv['content'], $line, $zoom_mode); | |
817 | } | |
818 | ||
819 | return $rv; | |
820 | ||
821 | } | |
822 | ||
823 | static function get_article_tags($id, $owner_uid = 0, $tag_cache = false) { | |
824 | ||
825 | $a_id = $id; | |
826 | ||
827 | if (!$owner_uid) $owner_uid = $_SESSION["uid"]; | |
828 | ||
829 | $pdo = Db::pdo(); | |
830 | ||
831 | $sth = $pdo->prepare("SELECT DISTINCT tag_name, | |
832 | owner_uid as owner FROM ttrss_tags | |
833 | WHERE post_int_id = (SELECT int_id FROM ttrss_user_entries WHERE | |
834 | ref_id = ? AND owner_uid = ? LIMIT 1) ORDER BY tag_name"); | |
835 | ||
836 | $tags = array(); | |
837 | ||
838 | /* check cache first */ | |
839 | ||
840 | if ($tag_cache === false) { | |
841 | $csth = $pdo->prepare("SELECT tag_cache FROM ttrss_user_entries | |
842 | WHERE ref_id = ? AND owner_uid = ?"); | |
843 | $csth->execute([$id, $owner_uid]); | |
844 | ||
845 | if ($row = $csth->fetch()) $tag_cache = $row["tag_cache"]; | |
846 | } | |
847 | ||
848 | if ($tag_cache) { | |
849 | $tags = explode(",", $tag_cache); | |
850 | } else { | |
851 | ||
852 | /* do it the hard way */ | |
853 | ||
854 | $sth->execute([$a_id, $owner_uid]); | |
855 | ||
856 | while ($tmp_line = $sth->fetch()) { | |
857 | array_push($tags, $tmp_line["tag_name"]); | |
858 | } | |
859 | ||
860 | /* update the cache */ | |
861 | ||
862 | $tags_str = join(",", $tags); | |
863 | ||
864 | $sth = $pdo->prepare("UPDATE ttrss_user_entries | |
865 | SET tag_cache = ? WHERE ref_id = ? | |
866 | AND owner_uid = ?"); | |
867 | $sth->execute([$tags_str, $id, $owner_uid]); | |
868 | } | |
869 | ||
870 | return $tags; | |
871 | } | |
872 | ||
873 | static function format_tags_string($tags) { | |
874 | if (!is_array($tags) || count($tags) == 0) { | |
875 | return __("no tags"); | |
876 | } else { | |
877 | $maxtags = min(5, count($tags)); | |
878 | $tags_str = ""; | |
879 | ||
880 | for ($i = 0; $i < $maxtags; $i++) { | |
881 | $tags_str .= "<a class=\"tag\" href=\"#\" onclick=\"viewfeed({feed:'".$tags[$i]."'})\">" . $tags[$i] . "</a>, "; | |
882 | } | |
883 | ||
884 | $tags_str = mb_substr($tags_str, 0, mb_strlen($tags_str)-2); | |
885 | ||
886 | if (count($tags) > $maxtags) | |
887 | $tags_str .= ", …"; | |
888 | ||
889 | return $tags_str; | |
890 | } | |
891 | } | |
892 | ||
893 | static function format_article_labels($labels) { | |
894 | ||
895 | if (!is_array($labels)) return ''; | |
896 | ||
897 | $labels_str = ""; | |
898 | ||
899 | foreach ($labels as $l) { | |
900 | $labels_str .= sprintf("<span class='hlLabelRef' | |
901 | style='color : %s; background-color : %s'>%s</span>", | |
902 | $l[2], $l[3], $l[1]); | |
903 | } | |
904 | ||
905 | return $labels_str; | |
906 | ||
907 | } | |
908 | ||
909 | static function format_article_note($id, $note, $allow_edit = true) { | |
910 | ||
911 | $str = "<div class='articleNote' onclick=\"editArticleNote($id)\"> | |
912 | <div class='noteEdit' onclick=\"editArticleNote($id)\">". | |
913 | ($allow_edit ? __('(edit note)') : "")."</div>$note</div>"; | |
914 | ||
915 | return $str; | |
916 | } | |
917 | ||
918 | static function get_article_enclosures($id) { | |
919 | ||
920 | $pdo = Db::pdo(); | |
921 | ||
922 | $sth = $pdo->prepare("SELECT * FROM ttrss_enclosures | |
923 | WHERE post_id = ? AND content_url != ''"); | |
924 | $sth->execute([$id]); | |
925 | ||
926 | $rv = array(); | |
927 | ||
928 | while ($line = $sth->fetch()) { | |
929 | ||
930 | if (file_exists(CACHE_DIR . '/images/' . sha1($line["content_url"]))) { | |
931 | $line["content_url"] = get_self_url_prefix() . '/public.php?op=cached_url&hash=' . sha1($line["content_url"]); | |
932 | } | |
933 | ||
934 | array_push($rv, $line); | |
935 | } | |
936 | ||
937 | return $rv; | |
938 | } | |
939 | ||
940 | static function purge_orphans($do_output = false) { | |
941 | ||
942 | // purge orphaned posts in main content table | |
943 | ||
944 | if (DB_TYPE == "mysql") | |
945 | $limit_qpart = "LIMIT 5000"; | |
946 | else | |
947 | $limit_qpart = ""; | |
948 | ||
949 | $pdo = Db::pdo(); | |
950 | $res = $pdo->query("DELETE FROM ttrss_entries WHERE | |
951 | NOT EXISTS (SELECT ref_id FROM ttrss_user_entries WHERE ref_id = id) $limit_qpart"); | |
952 | ||
953 | if ($do_output) { | |
954 | $rows = $res->rowCount(); | |
955 | _debug("Purged $rows orphaned posts."); | |
956 | } | |
957 | } | |
958 | ||
959 | static function catchupArticlesById($ids, $cmode, $owner_uid = false) { | |
960 | ||
961 | if (!$owner_uid) $owner_uid = $_SESSION["uid"]; | |
962 | ||
963 | $pdo = Db::pdo(); | |
964 | ||
965 | $ids_qmarks = arr_qmarks($ids); | |
966 | ||
967 | if ($cmode == 0) { | |
968 | $sth = $pdo->prepare("UPDATE ttrss_user_entries SET | |
969 | unread = false,last_read = NOW() | |
970 | WHERE ref_id IN ($ids_qmarks) AND owner_uid = ?"); | |
971 | } else if ($cmode == 1) { | |
972 | $sth = $pdo->prepare("UPDATE ttrss_user_entries SET | |
973 | unread = true | |
974 | WHERE ref_id IN ($ids_qmarks) AND owner_uid = ?"); | |
975 | } else { | |
976 | $sth = $pdo->prepare("UPDATE ttrss_user_entries SET | |
977 | unread = NOT unread,last_read = NOW() | |
978 | WHERE ref_id IN ($ids_qmarks) AND owner_uid = ?"); | |
979 | } | |
980 | ||
981 | $sth->execute(array_merge($ids, [$owner_uid])); | |
982 | ||
983 | /* update ccache */ | |
984 | ||
985 | $sth = $pdo->prepare("SELECT DISTINCT feed_id FROM ttrss_user_entries | |
986 | WHERE ref_id IN ($ids_qmarks) AND owner_uid = ?"); | |
987 | $sth->execute(array_merge($ids, [$owner_uid])); | |
988 | ||
989 | while ($line = $sth->fetch()) { | |
990 | CCache::update($line["feed_id"], $owner_uid); | |
991 | } | |
992 | } | |
993 | ||
994 | static function getLastArticleId() { | |
995 | $pdo = DB::pdo(); | |
996 | ||
997 | $sth = $pdo->prepare("SELECT ref_id AS id FROM ttrss_user_entries | |
998 | WHERE owner_uid = ? ORDER BY ref_id DESC LIMIT 1"); | |
999 | $sth->execute([$_SESSION['uid']]); | |
1000 | ||
1001 | if ($row = $sth->fetch()) { | |
1002 | return $row['id']; | |
1003 | } else { | |
1004 | return -1; | |
1005 | } | |
1006 | } | |
1007 | ||
1008 | static function get_article_labels($id, $owner_uid = false) { | |
1009 | $rv = array(); | |
1010 | ||
1011 | if (!$owner_uid) $owner_uid = $_SESSION["uid"]; | |
1012 | ||
1013 | $pdo = Db::pdo(); | |
1014 | ||
1015 | $sth = $pdo->prepare("SELECT label_cache FROM | |
1016 | ttrss_user_entries WHERE ref_id = ? AND owner_uid = ?"); | |
1017 | $sth->execute([$id, $owner_uid]); | |
1018 | ||
1019 | if ($row = $sth->fetch()) { | |
1020 | $label_cache = $row["label_cache"]; | |
1021 | ||
1022 | if ($label_cache) { | |
1023 | $tmp = json_decode($label_cache, true); | |
1024 | ||
1025 | if (!$tmp || $tmp["no-labels"] == 1) | |
1026 | return $rv; | |
1027 | else | |
1028 | return $tmp; | |
1029 | } | |
1030 | } | |
1031 | ||
1032 | $sth = $pdo->prepare("SELECT DISTINCT label_id,caption,fg_color,bg_color | |
1033 | FROM ttrss_labels2, ttrss_user_labels2 | |
1034 | WHERE id = label_id | |
1035 | AND article_id = ? | |
1036 | AND owner_uid = ? | |
1037 | ORDER BY caption"); | |
1038 | $sth->execute([$id, $owner_uid]); | |
1039 | ||
1040 | while ($line = $sth->fetch()) { | |
1041 | $rk = array(Labels::label_to_feed_id($line["label_id"]), | |
1042 | $line["caption"], $line["fg_color"], | |
1043 | $line["bg_color"]); | |
1044 | array_push($rv, $rk); | |
1045 | } | |
1046 | ||
1047 | if (count($rv) > 0) | |
1048 | Labels::update_cache($owner_uid, $id, $rv); | |
1049 | else | |
1050 | Labels::update_cache($owner_uid, $id, array("no-labels" => 1)); | |
1051 | ||
1052 | return $rv; | |
1053 | } | |
1054 | ||
1055 | } |