]>
Commit | Line | Data |
---|---|---|
1 | <? | |
2 | session_start(); | |
3 | ||
4 | if ($_GET["debug"]) { | |
5 | define('DEFAULT_ERROR_LEVEL', E_ALL); | |
6 | } else { | |
7 | define('DEFAULT_ERROR_LEVEL', E_ERROR | E_WARNING | E_PARSE); | |
8 | } | |
9 | ||
10 | require_once 'config.php'; | |
11 | require_once 'db-prefs.php'; | |
12 | ||
13 | define('MAGPIE_OUTPUT_ENCODING', 'UTF-8'); | |
14 | ||
15 | function purge_feed($link, $feed_id, $purge_interval) { | |
16 | ||
17 | if (DB_TYPE == "pgsql") { | |
18 | db_query($link, "DELETE FROM ttrss_user_entries WHERE | |
19 | marked = false AND feed_id = '$feed_id' AND | |
20 | (SELECT date_entered FROM ttrss_entries WHERE | |
21 | id = ref_id) < NOW() - INTERVAL '$purge_interval days'"); | |
22 | } else { | |
23 | db_query($link, "DELETE FROM ttrss_user_entries WHERE | |
24 | marked = false AND feed_id = '$feed_id' AND | |
25 | (SELECT date_entered FROM ttrss_entries WHERE | |
26 | id = ref_id) < DATE_SUB(NOW(), INTERVAL $purge_interval DAY)"); | |
27 | } | |
28 | } | |
29 | ||
30 | function global_purge_old_posts($link, $do_output = false) { | |
31 | ||
32 | $result = db_query($link, | |
33 | "SELECT id,purge_interval,owner_uid FROM ttrss_feeds"); | |
34 | ||
35 | while ($line = db_fetch_assoc($result)) { | |
36 | ||
37 | $feed_id = $line["id"]; | |
38 | $purge_interval = $line["purge_interval"]; | |
39 | $owner_uid = $line["owner_uid"]; | |
40 | ||
41 | if ($purge_interval == 0) { | |
42 | ||
43 | $tmp_result = db_query($link, | |
44 | "SELECT value FROM ttrss_user_prefs WHERE | |
45 | pref_name = 'PURGE_OLD_DAYS' AND owner_uid = '$owner_uid'"); | |
46 | ||
47 | if (db_num_rows($tmp_result) != 0) { | |
48 | $purge_interval = db_fetch_result($tmp_result, 0, "value"); | |
49 | } | |
50 | } | |
51 | ||
52 | if ($do_output) { | |
53 | print "<feed id='$feed_id' p_intl='$purge_interval'/>"; | |
54 | } | |
55 | ||
56 | if ($purge_interval > 0) { | |
57 | purge_feed($link, $feed_id, $purge_interval); | |
58 | } | |
59 | } | |
60 | ||
61 | // purge orphaned posts in main content table | |
62 | db_query($link, "DELETE FROM ttrss_entries WHERE | |
63 | (SELECT COUNT(int_id) FROM ttrss_user_entries WHERE ref_id = id) = 0"); | |
64 | ||
65 | } | |
66 | ||
67 | function purge_old_posts($link) { | |
68 | ||
69 | $user_id = $_SESSION["uid"]; | |
70 | ||
71 | $result = db_query($link, "SELECT id,purge_interval FROM ttrss_feeds | |
72 | WHERE owner_uid = '$user_id'"); | |
73 | ||
74 | while ($line = db_fetch_assoc($result)) { | |
75 | ||
76 | $feed_id = $line["id"]; | |
77 | $purge_interval = $line["purge_interval"]; | |
78 | ||
79 | if ($purge_interval == 0) $purge_interval = get_pref($link, 'PURGE_OLD_DAYS'); | |
80 | ||
81 | if ($purge_interval > 0) { | |
82 | purge_feed($link, $feed_id, $purge_interval); | |
83 | } | |
84 | } | |
85 | ||
86 | // purge orphaned posts in main content table | |
87 | db_query($link, "DELETE FROM ttrss_entries WHERE | |
88 | (SELECT COUNT(int_id) FROM ttrss_user_entries WHERE ref_id = id) = 0"); | |
89 | } | |
90 | ||
91 | function update_all_feeds($link, $fetch, $user_id = false) { | |
92 | ||
93 | if (WEB_DEMO_MODE) return; | |
94 | ||
95 | if (!$user_id) { | |
96 | $user_id = $_SESSION["uid"]; | |
97 | purge_old_posts($link); | |
98 | } | |
99 | ||
100 | if (DAEMON_REFRESH_ONLY && !$_GET["daemon"]) { | |
101 | return; | |
102 | } | |
103 | ||
104 | db_query($link, "BEGIN"); | |
105 | ||
106 | $result = db_query($link, "SELECT feed_url,id, | |
107 | substring(last_updated,1,19) as last_updated, | |
108 | update_interval FROM ttrss_feeds WHERE owner_uid = '$user_id'"); | |
109 | ||
110 | while ($line = db_fetch_assoc($result)) { | |
111 | $upd_intl = $line["update_interval"]; | |
112 | ||
113 | if (!$upd_intl || $upd_intl == 0) { | |
114 | $upd_intl = get_pref($link, 'DEFAULT_UPDATE_INTERVAL', $user_id); | |
115 | } | |
116 | ||
117 | if ($fetch || (!$line["last_updated"] || | |
118 | time() - strtotime($line["last_updated"]) > ($upd_intl * 60))) { | |
119 | ||
120 | update_rss_feed($link, $line["feed_url"], $line["id"]); | |
121 | } | |
122 | } | |
123 | ||
124 | db_query($link, "COMMIT"); | |
125 | ||
126 | } | |
127 | ||
128 | function check_feed_favicon($feed_url, $feed, $link) { | |
129 | $feed_url = str_replace("http://", "", $feed_url); | |
130 | $feed_url = preg_replace("/\/.*$/", "", $feed_url); | |
131 | ||
132 | $icon_url = "http://$feed_url/favicon.ico"; | |
133 | $icon_file = ICONS_DIR . "/$feed.ico"; | |
134 | ||
135 | if (!file_exists($icon_file)) { | |
136 | ||
137 | error_reporting(0); | |
138 | $r = fopen($icon_url, "r"); | |
139 | error_reporting (DEFAULT_ERROR_LEVEL); | |
140 | ||
141 | if ($r) { | |
142 | $tmpfname = tempnam("/tmp", "ttrssicon"); | |
143 | ||
144 | $t = fopen($tmpfname, "w"); | |
145 | ||
146 | while (!feof($r)) { | |
147 | $buf = fread($r, 16384); | |
148 | fwrite($t, $buf); | |
149 | } | |
150 | ||
151 | fclose($r); | |
152 | fclose($t); | |
153 | ||
154 | error_reporting(0); | |
155 | if (!rename($tmpfname, $icon_file)) { | |
156 | unlink($tmpfname); | |
157 | } | |
158 | ||
159 | chmod($icon_file, 0644); | |
160 | ||
161 | error_reporting (DEFAULT_ERROR_LEVEL); | |
162 | ||
163 | } | |
164 | } | |
165 | } | |
166 | ||
167 | function update_rss_feed($link, $feed_url, $feed) { | |
168 | ||
169 | if (WEB_DEMO_MODE) return; | |
170 | ||
171 | $feed = db_escape_string($feed); | |
172 | ||
173 | error_reporting(0); | |
174 | $rss = fetch_rss($feed_url); | |
175 | ||
176 | error_reporting (DEFAULT_ERROR_LEVEL); | |
177 | ||
178 | db_query($link, "BEGIN"); | |
179 | ||
180 | $feed = db_escape_string($feed); | |
181 | ||
182 | if ($rss) { | |
183 | ||
184 | $result = db_query($link, "SELECT title,icon_url,site_url,owner_uid | |
185 | FROM ttrss_feeds WHERE id = '$feed'"); | |
186 | ||
187 | $registered_title = db_fetch_result($result, 0, "title"); | |
188 | $orig_icon_url = db_fetch_result($result, 0, "icon_url"); | |
189 | $orig_site_url = db_fetch_result($result, 0, "site_url"); | |
190 | ||
191 | $owner_uid = db_fetch_result($result, 0, "owner_uid"); | |
192 | ||
193 | if (get_pref($link, 'ENABLE_FEED_ICONS', $owner_uid)) { | |
194 | check_feed_favicon($feed_url, $feed, $link); | |
195 | } | |
196 | ||
197 | if (!$registered_title) { | |
198 | $feed_title = db_escape_string($rss->channel["title"]); | |
199 | db_query($link, "UPDATE ttrss_feeds SET | |
200 | title = '$feed_title' WHERE id = '$feed'"); | |
201 | } | |
202 | ||
203 | $site_url = $rss->channel["link"]; | |
204 | ||
205 | if ($site_url && $orig_site_url != db_escape_string($site_url)) { | |
206 | $site_url = db_escape_string($rss->channel["link"]); | |
207 | db_query($link, "UPDATE ttrss_feeds SET | |
208 | site_url = '$site_url' WHERE id = '$feed'"); | |
209 | } | |
210 | ||
211 | // print "I: " . $rss->channel["image"]["url"]; | |
212 | ||
213 | $icon_url = $rss->image["url"]; | |
214 | ||
215 | if ($icon_url && !$orig_icon_url != db_escape_string($icon_url)) { | |
216 | $icon_url = db_escape_string($icon_url); | |
217 | db_query($link, "UPDATE ttrss_feeds SET icon_url = '$icon_url' WHERE id = '$feed'"); | |
218 | } | |
219 | ||
220 | ||
221 | $filters = array(); | |
222 | ||
223 | $result = db_query($link, "SELECT reg_exp, | |
224 | (SELECT name FROM ttrss_filter_types | |
225 | WHERE id = filter_type) as name | |
226 | FROM ttrss_filters WHERE | |
227 | owner_uid = $owner_uid AND | |
228 | (feed_id IS NULL OR feed_id = '$feed')"); | |
229 | ||
230 | while ($line = db_fetch_assoc($result)) { | |
231 | if (!$filters[$line["name"]]) $filters[$line["name"]] = array(); | |
232 | array_push($filters[$line["name"]], $line["reg_exp"]); | |
233 | } | |
234 | ||
235 | foreach ($rss->items as $item) { | |
236 | ||
237 | $entry_guid = $item["id"]; | |
238 | ||
239 | if (!$entry_guid) $entry_guid = $item["guid"]; | |
240 | if (!$entry_guid) $entry_guid = $item["link"]; | |
241 | ||
242 | if (!$entry_guid) continue; | |
243 | ||
244 | $entry_timestamp = ""; | |
245 | ||
246 | $rss_2_date = $item['pubdate']; | |
247 | $rss_1_date = $item['dc']['date']; | |
248 | $atom_date = $item['issued']; | |
249 | ||
250 | if ($atom_date != "") $entry_timestamp = parse_w3cdtf($atom_date); | |
251 | if ($rss_1_date != "") $entry_timestamp = parse_w3cdtf($rss_1_date); | |
252 | if ($rss_2_date != "") $entry_timestamp = strtotime($rss_2_date); | |
253 | ||
254 | if ($entry_timestamp == "") { | |
255 | $entry_timestamp = time(); | |
256 | $no_orig_date = 'true'; | |
257 | } else { | |
258 | $no_orig_date = 'false'; | |
259 | } | |
260 | ||
261 | $entry_timestamp_fmt = strftime("%Y/%m/%d %H:%M:%S", $entry_timestamp); | |
262 | ||
263 | $entry_title = $item["title"]; | |
264 | $entry_link = $item["link"]; | |
265 | ||
266 | if (!$entry_title) continue; | |
267 | if (!$entry_link) continue; | |
268 | ||
269 | $entry_content = $item["content:escaped"]; | |
270 | ||
271 | if (!$entry_content) $entry_content = $item["content:encoded"]; | |
272 | if (!$entry_content) $entry_content = $item["content"]; | |
273 | if (!$entry_content) $entry_content = $item["description"]; | |
274 | ||
275 | $entry_content_unescaped = $entry_content; | |
276 | ||
277 | // if (!$entry_content) continue; | |
278 | ||
279 | // WTF | |
280 | if (is_array($entry_content)) { | |
281 | $entry_content = $entry_content["encoded"]; | |
282 | if (!$entry_content) $entry_content = $entry_content["escaped"]; | |
283 | } | |
284 | ||
285 | // print_r($item); | |
286 | // print_r($entry_content); | |
287 | ||
288 | $content_hash = "SHA1:" . sha1(strip_tags($entry_content)); | |
289 | ||
290 | $entry_comments = $item["comments"]; | |
291 | ||
292 | $entry_guid = db_escape_string($entry_guid); | |
293 | ||
294 | $result = db_query($link, "SELECT id FROM ttrss_entries | |
295 | WHERE guid = '$entry_guid'"); | |
296 | ||
297 | $entry_content = db_escape_string($entry_content); | |
298 | $entry_title = db_escape_string($entry_title); | |
299 | $entry_link = db_escape_string($entry_link); | |
300 | $entry_comments = db_escape_string($entry_comments); | |
301 | ||
302 | if (db_num_rows($result) == 0) { | |
303 | ||
304 | // base post entry does not exist, create it | |
305 | ||
306 | $result = db_query($link, | |
307 | "INSERT INTO ttrss_entries | |
308 | (title, | |
309 | guid, | |
310 | link, | |
311 | updated, | |
312 | content, | |
313 | content_hash, | |
314 | no_orig_date, | |
315 | date_entered, | |
316 | comments) | |
317 | VALUES | |
318 | ('$entry_title', | |
319 | '$entry_guid', | |
320 | '$entry_link', | |
321 | '$entry_timestamp_fmt', | |
322 | '$entry_content', | |
323 | '$content_hash', | |
324 | $no_orig_date, | |
325 | NOW(), | |
326 | '$entry_comments')"); | |
327 | } | |
328 | ||
329 | // now it should exist, if not - bad luck then | |
330 | ||
331 | $result = db_query($link, "SELECT | |
332 | id,content_hash,no_orig_date,title, | |
333 | substring(updated,1,19) as updated | |
334 | FROM | |
335 | ttrss_entries | |
336 | WHERE guid = '$entry_guid'"); | |
337 | ||
338 | if (db_num_rows($result) == 1) { | |
339 | ||
340 | // this will be used below in update handler | |
341 | $orig_content_hash = db_fetch_result($result, 0, "content_hash"); | |
342 | // $orig_timestamp = strtotime(db_fetch_result($result, 0, "updated")); | |
343 | // $orig_no_orig_date = db_fetch_result($result, 0, "no_orig_date"); | |
344 | $orig_title = db_fetch_result($result, 0, "title"); | |
345 | ||
346 | $ref_id = db_fetch_result($result, 0, "id"); | |
347 | ||
348 | // check for user post link to main table | |
349 | ||
350 | // do we allow duplicate posts with same GUID in different feeds? | |
351 | if (get_pref($link, "ALLOW_DUPLICATE_POSTS", $owner_uid)) { | |
352 | $dupcheck_qpart = "AND feed_id = '$feed'"; | |
353 | } else { | |
354 | $dupcheck_qpart = ""; | |
355 | } | |
356 | ||
357 | error_reporting(0); | |
358 | if (is_filtered($entry_title, $entry_content, $entry_link, $filters)) { | |
359 | continue; | |
360 | } | |
361 | error_reporting (DEFAULT_ERROR_LEVEL); | |
362 | ||
363 | $result = db_query($link, | |
364 | "SELECT ref_id FROM ttrss_user_entries WHERE | |
365 | ref_id = '$ref_id' AND owner_uid = '$owner_uid' | |
366 | $dupcheck_qpart"); | |
367 | ||
368 | // okay it doesn't exist - create user entry | |
369 | if (db_num_rows($result) == 0) { | |
370 | $result = db_query($link, | |
371 | "INSERT INTO ttrss_user_entries | |
372 | (ref_id, owner_uid, feed_id) | |
373 | VALUES ('$ref_id', '$owner_uid', '$feed')"); | |
374 | } | |
375 | ||
376 | $post_needs_update = false; | |
377 | ||
378 | if (get_pref($link, "UPDATE_POST_ON_CHECKSUM_CHANGE", $owner_uid) && | |
379 | ($content_hash != $orig_content_hash)) { | |
380 | $post_needs_update = true; | |
381 | } | |
382 | ||
383 | if ($orig_title != $entry_title) { | |
384 | $post_needs_update = true; | |
385 | } | |
386 | ||
387 | // this doesn't seem to be very reliable | |
388 | // | |
389 | // if ($orig_timestamp != $entry_timestamp && !$orig_no_orig_date) { | |
390 | // $post_needs_update = true; | |
391 | // } | |
392 | ||
393 | // if post needs update, update it and mark all user entries | |
394 | // linking to this post as updated | |
395 | if ($post_needs_update) { | |
396 | ||
397 | // print "<!-- post $orig_title needs update : $post_needs_update -->"; | |
398 | ||
399 | db_query($link, "UPDATE ttrss_entries | |
400 | SET title = '$entry_title', content = '$entry_content' | |
401 | WHERE id = '$ref_id'"); | |
402 | ||
403 | db_query($link, "UPDATE ttrss_user_entries | |
404 | SET last_read = null WHERE ref_id = '$ref_id' AND unread = false"); | |
405 | ||
406 | } | |
407 | } | |
408 | ||
409 | /* taaaags */ | |
410 | // <a href="http://technorati.com/tag/Xorg" rel="tag">Xorg</a>, // | |
411 | ||
412 | $entry_tags = null; | |
413 | ||
414 | preg_match_all("/<a.*?rel=.tag.*?>([^>]+)<\/a>/i", | |
415 | $entry_content_unescaped, $entry_tags); | |
416 | ||
417 | // print "<br>$entry_title : $entry_content_unescaped<br>"; | |
418 | // print_r($entry_tags); | |
419 | ||
420 | $entry_tags = $entry_tags[1]; | |
421 | ||
422 | if (count($entry_tags) > 0) { | |
423 | ||
424 | $result = db_query($link, "SELECT id,int_id | |
425 | FROM ttrss_entries,ttrss_user_entries | |
426 | WHERE guid = '$entry_guid' | |
427 | AND feed_id = '$feed' AND ref_id = id | |
428 | AND owner_uid = '$owner_uid'"); | |
429 | ||
430 | if (db_num_rows($result) == 1) { | |
431 | ||
432 | $entry_id = db_fetch_result($result, 0, "id"); | |
433 | $entry_int_id = db_fetch_result($result, 0, "int_id"); | |
434 | ||
435 | foreach ($entry_tags as $tag) { | |
436 | $tag = db_escape_string(strtolower($tag)); | |
437 | ||
438 | $tag = str_replace("technorati tag: ", "", $tag); | |
439 | ||
440 | $result = db_query($link, "SELECT id FROM ttrss_tags | |
441 | WHERE tag_name = '$tag' AND post_int_id = '$entry_int_id' AND | |
442 | owner_uid = '$owner_uid' LIMIT 1"); | |
443 | ||
444 | // print db_fetch_result($result, 0, "id"); | |
445 | ||
446 | if ($result && db_num_rows($result) == 0) { | |
447 | ||
448 | // print "tagging $entry_id as $tag<br>"; | |
449 | ||
450 | db_query($link, "INSERT INTO ttrss_tags | |
451 | (owner_uid,tag_name,post_int_id) | |
452 | VALUES ('$owner_uid','$tag', '$entry_int_id')"); | |
453 | } | |
454 | } | |
455 | } | |
456 | } | |
457 | } | |
458 | ||
459 | db_query($link, "UPDATE ttrss_feeds | |
460 | SET last_updated = NOW(), last_error = '' WHERE id = '$feed'"); | |
461 | ||
462 | } else { | |
463 | $error_msg = db_escape_string(magpie_error()); | |
464 | db_query($link, | |
465 | "UPDATE ttrss_feeds SET last_error = '$error_msg', | |
466 | last_updated = NOW() WHERE id = '$feed'"); | |
467 | } | |
468 | ||
469 | db_query($link, "COMMIT"); | |
470 | ||
471 | } | |
472 | ||
473 | function print_select($id, $default, $values, $attributes = "") { | |
474 | print "<select id=\"$id\" $attributes>"; | |
475 | foreach ($values as $v) { | |
476 | if ($v == $default) | |
477 | $sel = " selected"; | |
478 | else | |
479 | $sel = ""; | |
480 | ||
481 | print "<option$sel>$v</option>"; | |
482 | } | |
483 | print "</select>"; | |
484 | } | |
485 | ||
486 | function is_filtered($title, $content, $link, $filters) { | |
487 | ||
488 | if ($filters["title"]) { | |
489 | foreach ($filters["title"] as $title_filter) { | |
490 | if (preg_match("/$title_filter/i", $title)) | |
491 | return true; | |
492 | } | |
493 | } | |
494 | ||
495 | if ($filters["content"]) { | |
496 | foreach ($filters["content"] as $content_filter) { | |
497 | if (preg_match("/$content_filter/i", $content)) | |
498 | return true; | |
499 | } | |
500 | } | |
501 | ||
502 | if ($filters["both"]) { | |
503 | foreach ($filters["both"] as $filter) { | |
504 | if (preg_match("/$filter/i", $title) || preg_match("/$filter/i", $content)) | |
505 | return true; | |
506 | } | |
507 | } | |
508 | ||
509 | if ($filters["link"]) { | |
510 | foreach ($filters["link"] as $link_filter) { | |
511 | if (preg_match("/$link_filter/i", $link)) | |
512 | return true; | |
513 | } | |
514 | } | |
515 | ||
516 | return false; | |
517 | } | |
518 | ||
519 | function printFeedEntry($feed_id, $class, $feed_title, $unread, $icon_file, $link) { | |
520 | ||
521 | if (file_exists($icon_file) && filesize($icon_file) > 0) { | |
522 | $feed_icon = "<img src=\"$icon_file\">"; | |
523 | } else { | |
524 | $feed_icon = "<img src=\"images/blank_icon.gif\">"; | |
525 | } | |
526 | ||
527 | $feed = "<a href=\"javascript:viewfeed('$feed_id', 0);\">$feed_title</a>"; | |
528 | ||
529 | print "<li id=\"FEEDR-$feed_id\" class=\"$class\">"; | |
530 | if (get_pref($link, 'ENABLE_FEED_ICONS')) { | |
531 | print "$feed_icon"; | |
532 | } | |
533 | ||
534 | print "<span id=\"FEEDN-$feed_id\">$feed</span>"; | |
535 | ||
536 | if ($unread != 0) { | |
537 | $fctr_class = ""; | |
538 | } else { | |
539 | $fctr_class = "class=\"invisible\""; | |
540 | } | |
541 | ||
542 | print "<span $fctr_class id=\"FEEDCTR-$feed_id\"> | |
543 | (<span id=\"FEEDU-$feed_id\">$unread</span>)</span>"; | |
544 | ||
545 | print "</li>"; | |
546 | ||
547 | } | |
548 | ||
549 | function getmicrotime() { | |
550 | list($usec, $sec) = explode(" ",microtime()); | |
551 | return ((float)$usec + (float)$sec); | |
552 | } | |
553 | ||
554 | function print_radio($id, $default, $values, $attributes = "") { | |
555 | foreach ($values as $v) { | |
556 | ||
557 | if ($v == $default) | |
558 | $sel = "checked"; | |
559 | else | |
560 | $sel = ""; | |
561 | ||
562 | if ($v == "Yes") { | |
563 | $sel .= " value=\"1\""; | |
564 | } else { | |
565 | $sel .= " value=\"0\""; | |
566 | } | |
567 | ||
568 | print "<input type=\"radio\" $sel $attributes name=\"$id\"> $v "; | |
569 | ||
570 | } | |
571 | } | |
572 | ||
573 | function initialize_user_prefs($link, $uid) { | |
574 | ||
575 | $uid = db_escape_string($uid); | |
576 | ||
577 | db_query($link, "BEGIN"); | |
578 | ||
579 | $result = db_query($link, "SELECT pref_name,def_value FROM ttrss_prefs"); | |
580 | ||
581 | $u_result = db_query($link, "SELECT pref_name | |
582 | FROM ttrss_user_prefs WHERE owner_uid = '$uid'"); | |
583 | ||
584 | $active_prefs = array(); | |
585 | ||
586 | while ($line = db_fetch_assoc($u_result)) { | |
587 | array_push($active_prefs, $line["pref_name"]); | |
588 | } | |
589 | ||
590 | while ($line = db_fetch_assoc($result)) { | |
591 | if (array_search($line["pref_name"], $active_prefs) === FALSE) { | |
592 | // print "adding " . $line["pref_name"] . "<br>"; | |
593 | ||
594 | db_query($link, "INSERT INTO ttrss_user_prefs | |
595 | (owner_uid,pref_name,value) VALUES | |
596 | ('$uid', '".$line["pref_name"]."','".$line["def_value"]."')"); | |
597 | ||
598 | } | |
599 | } | |
600 | ||
601 | db_query($link, "COMMIT"); | |
602 | ||
603 | } | |
604 | ||
605 | function authenticate_user($link, $login, $password) { | |
606 | ||
607 | $pwd_hash = 'SHA1:' . sha1($password); | |
608 | ||
609 | $result = db_query($link, "SELECT id,login,access_level FROM ttrss_users WHERE | |
610 | login = '$login' AND (pwd_hash = '$password' OR pwd_hash = '$pwd_hash')"); | |
611 | ||
612 | if (db_num_rows($result) == 1) { | |
613 | $_SESSION["uid"] = db_fetch_result($result, 0, "id"); | |
614 | $_SESSION["name"] = db_fetch_result($result, 0, "login"); | |
615 | $_SESSION["access_level"] = db_fetch_result($result, 0, "access_level"); | |
616 | ||
617 | db_query($link, "UPDATE ttrss_users SET last_login = NOW() WHERE id = " . | |
618 | $_SESSION["uid"]); | |
619 | ||
620 | initialize_user_prefs($link, $_SESSION["uid"]); | |
621 | ||
622 | return true; | |
623 | } | |
624 | ||
625 | return false; | |
626 | ||
627 | } | |
628 | ||
629 | function make_password($length = 8) { | |
630 | ||
631 | $password = ""; | |
632 | $possible = "0123456789bcdfghjkmnpqrstvwxyz"; | |
633 | ||
634 | $i = 0; | |
635 | ||
636 | while ($i < $length) { | |
637 | $char = substr($possible, mt_rand(0, strlen($possible)-1), 1); | |
638 | ||
639 | if (!strstr($password, $char)) { | |
640 | $password .= $char; | |
641 | $i++; | |
642 | } | |
643 | } | |
644 | return $password; | |
645 | } | |
646 | ||
647 | // this is called after user is created to initialize default feeds, labels | |
648 | // or whatever else | |
649 | ||
650 | // user preferences are checked on every login, not here | |
651 | ||
652 | function initialize_user($link, $uid) { | |
653 | ||
654 | db_query($link, "insert into ttrss_labels (owner_uid,sql_exp,description) | |
655 | values ('$uid','unread = true', 'Unread articles')"); | |
656 | ||
657 | db_query($link, "insert into ttrss_labels (owner_uid,sql_exp,description) | |
658 | values ('$uid','last_read is null and unread = false', 'Updated articles')"); | |
659 | ||
660 | db_query($link, "insert into ttrss_feeds (owner_uid,title,feed_url) | |
661 | values ('$uid', 'Tiny Tiny RSS: New Releases', | |
662 | 'http://tt-rss.spb.ru/releases.rss')"); | |
663 | ||
664 | } | |
665 | ||
666 | function logout_user() { | |
667 | session_destroy(); | |
668 | } | |
669 | ||
670 | function login_sequence($link) { | |
671 | if (!SINGLE_USER_MODE) { | |
672 | ||
673 | if (!USE_HTTP_AUTH) { | |
674 | if (!$_SESSION["uid"]) { | |
675 | header("Location: login.php?rt=tt-rss.php"); | |
676 | exit; | |
677 | } | |
678 | } else { | |
679 | if (!$_SESSION["uid"]) { | |
680 | if (!$_SERVER["PHP_AUTH_USER"]) { | |
681 | ||
682 | header('WWW-Authenticate: Basic realm="Tiny Tiny RSS"'); | |
683 | header('HTTP/1.0 401 Unauthorized'); | |
684 | exit; | |
685 | ||
686 | } else { | |
687 | $auth_result = authenticate_user($link, | |
688 | $_SERVER["PHP_AUTH_USER"], $_SERVER["PHP_AUTH_PW"]); | |
689 | ||
690 | if (!$auth_result) { | |
691 | header('WWW-Authenticate: Basic realm="Tiny Tiny RSS"'); | |
692 | header('HTTP/1.0 401 Unauthorized'); | |
693 | exit; | |
694 | } | |
695 | } | |
696 | } | |
697 | } | |
698 | } else { | |
699 | $_SESSION["uid"] = 1; | |
700 | $_SESSION["name"] = "admin"; | |
701 | initialize_user_prefs($link, 1); | |
702 | } | |
703 | } | |
704 | ?> |