]>
Commit | Line | Data |
---|---|---|
1 | <? | |
2 | session_start(); | |
3 | ||
4 | require_once 'config.php'; | |
5 | require_once 'db-prefs.php'; | |
6 | ||
7 | define('MAGPIE_OUTPUT_ENCODING', 'UTF-8'); | |
8 | ||
9 | function purge_feed($link, $feed_id, $purge_interval) { | |
10 | ||
11 | if (DB_TYPE == "pgsql") { | |
12 | db_query($link, "DELETE FROM ttrss_user_entries WHERE | |
13 | marked = false AND feed_id = '$feed_id' AND | |
14 | (SELECT date_entered FROM ttrss_entries WHERE | |
15 | id = ref_id) < NOW() - INTERVAL '$purge_interval days'"); | |
16 | } else { | |
17 | db_query($link, "DELETE FROM ttrss_user_entries WHERE | |
18 | marked = false AND feed_id = '$feed_id' AND | |
19 | (SELECT date_entered FROM ttrss_entries WHERE | |
20 | id = ref_id) < DATE_SUB(NOW(), INTERVAL $purge_interval DAY)"); | |
21 | } | |
22 | } | |
23 | ||
24 | function global_purge_old_posts($link, $do_output = false) { | |
25 | ||
26 | $result = db_query($link, | |
27 | "SELECT id,purge_interval,owner_uid FROM ttrss_feeds"); | |
28 | ||
29 | while ($line = db_fetch_assoc($result)) { | |
30 | ||
31 | $feed_id = $line["id"]; | |
32 | $purge_interval = $line["purge_interval"]; | |
33 | $owner_uid = $line["owner_uid"]; | |
34 | ||
35 | if ($purge_interval == 0) { | |
36 | ||
37 | $tmp_result = db_query($link, | |
38 | "SELECT value FROM ttrss_user_prefs WHERE | |
39 | pref_name = 'PURGE_OLD_DAYS' AND owner_uid = '$owner_uid'"); | |
40 | ||
41 | if (db_num_rows($tmp_result) != 0) { | |
42 | $purge_interval = db_fetch_result($tmp_result, 0, "value"); | |
43 | } | |
44 | } | |
45 | ||
46 | if ($do_output) { | |
47 | print "<feed id='$feed_id' p_intl='$purge_interval'/>"; | |
48 | } | |
49 | ||
50 | if ($purge_interval > 0) { | |
51 | purge_feed($link, $feed_id, $purge_interval); | |
52 | } | |
53 | } | |
54 | ||
55 | // purge orphaned posts in main content table | |
56 | db_query($link, "DELETE FROM ttrss_entries WHERE | |
57 | (SELECT COUNT(int_id) FROM ttrss_user_entries WHERE ref_id = id) = 0"); | |
58 | ||
59 | } | |
60 | ||
61 | function purge_old_posts($link) { | |
62 | ||
63 | $user_id = $_SESSION["uid"]; | |
64 | ||
65 | $result = db_query($link, "SELECT id,purge_interval FROM ttrss_feeds | |
66 | WHERE owner_uid = '$user_id'"); | |
67 | ||
68 | while ($line = db_fetch_assoc($result)) { | |
69 | ||
70 | $feed_id = $line["id"]; | |
71 | $purge_interval = $line["purge_interval"]; | |
72 | ||
73 | if ($purge_interval == 0) $purge_interval = get_pref($link, 'PURGE_OLD_DAYS'); | |
74 | ||
75 | if ($purge_interval > 0) { | |
76 | purge_feed($link, $feed_id, $purge_interval); | |
77 | } | |
78 | } | |
79 | ||
80 | // purge orphaned posts in main content table | |
81 | db_query($link, "DELETE FROM ttrss_entries WHERE | |
82 | (SELECT COUNT(int_id) FROM ttrss_user_entries WHERE ref_id = id) = 0"); | |
83 | } | |
84 | ||
85 | function update_all_feeds($link, $fetch, $user_id = false) { | |
86 | ||
87 | if (WEB_DEMO_MODE) return; | |
88 | ||
89 | if (!$user_id) { | |
90 | $user_id = $_SESSION["uid"]; | |
91 | purge_old_posts($link); | |
92 | } | |
93 | ||
94 | if (get_pref($link, 'DAEMON_REFRESH_ONLY', $user_id)) { | |
95 | if (!$_GET["daemon"]) { | |
96 | return; | |
97 | } | |
98 | } | |
99 | ||
100 | db_query($link, "BEGIN"); | |
101 | ||
102 | $result = db_query($link, "SELECT feed_url,id, | |
103 | substring(last_updated,1,19) as last_updated, | |
104 | update_interval FROM ttrss_feeds WHERE owner_uid = '$user_id'"); | |
105 | ||
106 | while ($line = db_fetch_assoc($result)) { | |
107 | $upd_intl = $line["update_interval"]; | |
108 | ||
109 | if (!$upd_intl || $upd_intl == 0) { | |
110 | $upd_intl = get_pref($link, 'DEFAULT_UPDATE_INTERVAL', $user_id); | |
111 | } | |
112 | ||
113 | if ($fetch || (!$line["last_updated"] || | |
114 | time() - strtotime($line["last_updated"]) > ($upd_intl * 60))) { | |
115 | ||
116 | update_rss_feed($link, $line["feed_url"], $line["id"]); | |
117 | } | |
118 | } | |
119 | ||
120 | db_query($link, "COMMIT"); | |
121 | ||
122 | } | |
123 | ||
124 | function check_feed_favicon($feed_url, $feed, $link) { | |
125 | $feed_url = str_replace("http://", "", $feed_url); | |
126 | $feed_url = preg_replace("/\/.*$/", "", $feed_url); | |
127 | ||
128 | $icon_url = "http://$feed_url/favicon.ico"; | |
129 | $icon_file = ICONS_DIR . "/$feed.ico"; | |
130 | ||
131 | if (!file_exists($icon_file)) { | |
132 | ||
133 | error_reporting(0); | |
134 | $r = fopen($icon_url, "r"); | |
135 | error_reporting (E_ERROR | E_WARNING | E_PARSE); | |
136 | ||
137 | if ($r) { | |
138 | $tmpfname = tempnam("/tmp", "ttrssicon"); | |
139 | ||
140 | $t = fopen($tmpfname, "w"); | |
141 | ||
142 | while (!feof($r)) { | |
143 | $buf = fread($r, 16384); | |
144 | fwrite($t, $buf); | |
145 | } | |
146 | ||
147 | fclose($r); | |
148 | fclose($t); | |
149 | ||
150 | error_reporting(0); | |
151 | if (!rename($tmpfname, $icon_file)) { | |
152 | unlink($tmpfname); | |
153 | } | |
154 | ||
155 | chmod($icon_file, 0644); | |
156 | ||
157 | error_reporting (E_ERROR | E_WARNING | E_PARSE); | |
158 | ||
159 | } | |
160 | } | |
161 | } | |
162 | ||
163 | function update_rss_feed($link, $feed_url, $feed) { | |
164 | ||
165 | if (WEB_DEMO_MODE) return; | |
166 | ||
167 | $feed = db_escape_string($feed); | |
168 | ||
169 | error_reporting(0); | |
170 | $rss = fetch_rss($feed_url); | |
171 | ||
172 | error_reporting (E_ERROR | E_WARNING | E_PARSE); | |
173 | ||
174 | db_query($link, "BEGIN"); | |
175 | ||
176 | $feed = db_escape_string($feed); | |
177 | ||
178 | if ($rss) { | |
179 | ||
180 | $result = db_query($link, "SELECT title,icon_url,site_url,owner_uid | |
181 | FROM ttrss_feeds WHERE id = '$feed'"); | |
182 | ||
183 | $registered_title = db_fetch_result($result, 0, "title"); | |
184 | $orig_icon_url = db_fetch_result($result, 0, "icon_url"); | |
185 | $orig_site_url = db_fetch_result($result, 0, "site_url"); | |
186 | ||
187 | $owner_uid = db_fetch_result($result, 0, "owner_uid"); | |
188 | ||
189 | if (get_pref($link, 'ENABLE_FEED_ICONS', $owner_uid)) { | |
190 | check_feed_favicon($feed_url, $feed, $link); | |
191 | } | |
192 | ||
193 | if (!$registered_title) { | |
194 | $feed_title = db_escape_string($rss->channel["title"]); | |
195 | db_query($link, "UPDATE ttrss_feeds SET | |
196 | title = '$feed_title' WHERE id = '$feed'"); | |
197 | } | |
198 | ||
199 | if (!$orig_site_url && $rss->channel["link"]) { | |
200 | $site_url = db_escape_string($rss->channel["link"]); | |
201 | db_query($link, "UPDATE ttrss_feeds SET | |
202 | site_url = '$site_url' WHERE id = '$feed'"); | |
203 | } | |
204 | ||
205 | // print "I: " . $rss->channel["image"]["url"]; | |
206 | ||
207 | $icon_url = $rss->image["url"]; | |
208 | ||
209 | if ($icon_url && !$orig_icon_url) { | |
210 | $icon_url = db_escape_string($icon_url); | |
211 | db_query($link, "UPDATE ttrss_feeds SET icon_url = '$icon_url' WHERE id = '$feed'"); | |
212 | } | |
213 | ||
214 | ||
215 | $filters = array(); | |
216 | ||
217 | $result = db_query($link, "SELECT reg_exp, | |
218 | (SELECT name FROM ttrss_filter_types | |
219 | WHERE id = filter_type) as name | |
220 | FROM ttrss_filters WHERE owner_uid = $owner_uid"); | |
221 | ||
222 | while ($line = db_fetch_assoc($result)) { | |
223 | if (!$filters[$line["name"]]) $filters[$line["name"]] = array(); | |
224 | array_push($filters[$line["name"]], $line["reg_exp"]); | |
225 | } | |
226 | ||
227 | foreach ($rss->items as $item) { | |
228 | ||
229 | $entry_guid = $item["id"]; | |
230 | ||
231 | if (!$entry_guid) $entry_guid = $item["guid"]; | |
232 | if (!$entry_guid) $entry_guid = $item["link"]; | |
233 | ||
234 | if (!$entry_guid) continue; | |
235 | ||
236 | $entry_timestamp = ""; | |
237 | ||
238 | $rss_2_date = $item['pubdate']; | |
239 | $rss_1_date = $item['dc']['date']; | |
240 | $atom_date = $item['issued']; | |
241 | ||
242 | if ($atom_date != "") $entry_timestamp = parse_w3cdtf($atom_date); | |
243 | if ($rss_1_date != "") $entry_timestamp = parse_w3cdtf($rss_1_date); | |
244 | if ($rss_2_date != "") $entry_timestamp = strtotime($rss_2_date); | |
245 | ||
246 | if ($entry_timestamp == "") { | |
247 | $entry_timestamp = time(); | |
248 | $no_orig_date = 'true'; | |
249 | } else { | |
250 | $no_orig_date = 'false'; | |
251 | } | |
252 | ||
253 | $entry_timestamp_fmt = strftime("%Y/%m/%d %H:%M:%S", $entry_timestamp); | |
254 | ||
255 | $entry_title = $item["title"]; | |
256 | $entry_link = $item["link"]; | |
257 | ||
258 | if (!$entry_title) continue; | |
259 | if (!$entry_link) continue; | |
260 | ||
261 | $entry_content = $item["content:escaped"]; | |
262 | ||
263 | if (!$entry_content) $entry_content = $item["content:encoded"]; | |
264 | if (!$entry_content) $entry_content = $item["content"]; | |
265 | if (!$entry_content) $entry_content = $item["description"]; | |
266 | ||
267 | // if (!$entry_content) continue; | |
268 | ||
269 | // WTF | |
270 | if (is_array($entry_content)) { | |
271 | $entry_content = $entry_content["encoded"]; | |
272 | if (!$entry_content) $entry_content = $entry_content["escaped"]; | |
273 | } | |
274 | ||
275 | // print_r($item); | |
276 | // print_r($entry_content); | |
277 | ||
278 | $content_hash = "SHA1:" . sha1(strip_tags($entry_content)); | |
279 | ||
280 | $entry_comments = $item["comments"]; | |
281 | ||
282 | $entry_guid = db_escape_string($entry_guid); | |
283 | ||
284 | $result = db_query($link, "SELECT id FROM ttrss_entries | |
285 | WHERE guid = '$entry_guid'"); | |
286 | ||
287 | $entry_content = db_escape_string($entry_content); | |
288 | $entry_title = db_escape_string($entry_title); | |
289 | $entry_link = db_escape_string($entry_link); | |
290 | $entry_comments = db_escape_string($entry_comments); | |
291 | ||
292 | if (db_num_rows($result) == 0) { | |
293 | ||
294 | // base post entry does not exist, create it | |
295 | ||
296 | error_reporting(0); | |
297 | if (is_filtered($entry_title, $entry_content, $filters)) { | |
298 | continue; | |
299 | } | |
300 | error_reporting (E_ERROR | E_WARNING | E_PARSE); | |
301 | ||
302 | $result = db_query($link, | |
303 | "INSERT INTO ttrss_entries | |
304 | (title, | |
305 | guid, | |
306 | link, | |
307 | updated, | |
308 | content, | |
309 | content_hash, | |
310 | no_orig_date, | |
311 | date_entered, | |
312 | comments) | |
313 | VALUES | |
314 | ('$entry_title', | |
315 | '$entry_guid', | |
316 | '$entry_link', | |
317 | '$entry_timestamp_fmt', | |
318 | '$entry_content', | |
319 | '$content_hash', | |
320 | $no_orig_date, | |
321 | NOW(), | |
322 | '$entry_comments')"); | |
323 | } | |
324 | ||
325 | // now it should exist, if not - bad luck then | |
326 | ||
327 | $result = db_query($link, "SELECT | |
328 | id,content_hash,no_orig_date,title, | |
329 | substring(updated,1,19) as updated | |
330 | FROM | |
331 | ttrss_entries | |
332 | WHERE guid = '$entry_guid'"); | |
333 | ||
334 | if (db_num_rows($result) == 1) { | |
335 | ||
336 | // this will be used below in update handler | |
337 | $orig_content_hash = db_fetch_result($result, 0, "content_hash"); | |
338 | // $orig_timestamp = strtotime(db_fetch_result($result, 0, "updated")); | |
339 | // $orig_no_orig_date = db_fetch_result($result, 0, "no_orig_date"); | |
340 | $orig_title = db_fetch_result($result, 0, "title"); | |
341 | ||
342 | $ref_id = db_fetch_result($result, 0, "id"); | |
343 | ||
344 | // check for user post link to main table | |
345 | ||
346 | // do we allow duplicate posts with same GUID in different feeds? | |
347 | if (get_pref($link, "ALLOW_DUPLICATE_POSTS", $owner_uid)) { | |
348 | $dupcheck_qpart = "AND feed_id = '$feed'"; | |
349 | } else { | |
350 | $dupcheck_qpart = ""; | |
351 | } | |
352 | ||
353 | $result = db_query($link, | |
354 | "SELECT ref_id FROM ttrss_user_entries WHERE | |
355 | ref_id = '$ref_id' AND owner_uid = '$owner_uid' | |
356 | $dupcheck_qpart"); | |
357 | ||
358 | // okay it doesn't exist - create user entry | |
359 | if (db_num_rows($result) == 0) { | |
360 | $result = db_query($link, | |
361 | "INSERT INTO ttrss_user_entries | |
362 | (ref_id, owner_uid, feed_id) | |
363 | VALUES ('$ref_id', '$owner_uid', '$feed')"); | |
364 | } | |
365 | ||
366 | $post_needs_update = false; | |
367 | ||
368 | if (get_pref($link, "UPDATE_POST_ON_CHECKSUM_CHANGE", $owner_uid) && | |
369 | ($content_hash != $orig_content_hash)) { | |
370 | $post_needs_update = true; | |
371 | } | |
372 | ||
373 | if ($orig_title != $entry_title) { | |
374 | $post_needs_update = true; | |
375 | } | |
376 | ||
377 | // this doesn't seem to be very reliable | |
378 | // | |
379 | // if ($orig_timestamp != $entry_timestamp && !$orig_no_orig_date) { | |
380 | // $post_needs_update = true; | |
381 | // } | |
382 | ||
383 | // if post needs update, update it and mark all user entries | |
384 | // linking to this post as updated | |
385 | if ($post_needs_update) { | |
386 | ||
387 | // print "<!-- post $orig_title needs update : $post_needs_update -->"; | |
388 | ||
389 | db_query($link, "UPDATE ttrss_entries | |
390 | SET title = '$entry_title', content = '$entry_content' | |
391 | WHERE id = '$ref_id'"); | |
392 | ||
393 | db_query($link, "UPDATE ttrss_user_entries | |
394 | SET last_read = null WHERE ref_id = '$ref_id' AND unread = false"); | |
395 | ||
396 | } | |
397 | } | |
398 | ||
399 | /* taaaags */ | |
400 | // <a href="http://technorati.com/tag/Xorg" rel="tag">Xorg</a>, // | |
401 | ||
402 | $entry_tags = null; | |
403 | ||
404 | preg_match_all("/<a.*?rel=.tag.*?>([^>]+)<\/a>/i", $entry_content, | |
405 | $entry_tags); | |
406 | ||
407 | $entry_tags = $entry_tags[1]; | |
408 | ||
409 | if (count($entry_tags) > 0) { | |
410 | ||
411 | $result = db_query($link, "SELECT id,int_id | |
412 | FROM ttrss_entries,ttrss_user_entries | |
413 | WHERE guid = '$entry_guid' | |
414 | AND feed_id = '$feed' AND ref_id = id | |
415 | AND owner_uid = '$owner_uid'"); | |
416 | ||
417 | if (db_num_rows($result) == 1) { | |
418 | ||
419 | $entry_id = db_fetch_result($result, 0, "id"); | |
420 | $entry_int_id = db_fetch_result($result, 0, "int_id"); | |
421 | ||
422 | foreach ($entry_tags as $tag) { | |
423 | $tag = db_escape_string(strtolower($tag)); | |
424 | ||
425 | $tag = str_replace("technorati tag: ", "", $tag); | |
426 | ||
427 | $result = db_query($link, "SELECT id FROM ttrss_tags | |
428 | WHERE tag_name = '$tag' AND post_int_id = '$entry_int_id' AND | |
429 | owner_uid = '$owner_uid' LIMIT 1"); | |
430 | ||
431 | // print db_fetch_result($result, 0, "id"); | |
432 | ||
433 | if ($result && db_num_rows($result) == 0) { | |
434 | ||
435 | // print "tagging $entry_id as $tag<br>"; | |
436 | ||
437 | db_query($link, "INSERT INTO ttrss_tags | |
438 | (owner_uid,tag_name,post_int_id) | |
439 | VALUES ('$owner_uid','$tag', '$entry_int_id')"); | |
440 | } | |
441 | } | |
442 | } | |
443 | } | |
444 | } | |
445 | ||
446 | db_query($link, "UPDATE ttrss_feeds | |
447 | SET last_updated = NOW(), last_error = '' WHERE id = '$feed'"); | |
448 | ||
449 | } else { | |
450 | $error_msg = db_escape_string(magpie_error()); | |
451 | db_query($link, | |
452 | "UPDATE ttrss_feeds SET last_error = '$error_msg', | |
453 | last_updated = NOW() WHERE id = '$feed'"); | |
454 | } | |
455 | ||
456 | db_query($link, "COMMIT"); | |
457 | ||
458 | } | |
459 | ||
460 | function print_select($id, $default, $values, $attributes = "") { | |
461 | print "<select id=\"$id\" $attributes>"; | |
462 | foreach ($values as $v) { | |
463 | if ($v == $default) | |
464 | $sel = " selected"; | |
465 | else | |
466 | $sel = ""; | |
467 | ||
468 | print "<option$sel>$v</option>"; | |
469 | } | |
470 | print "</select>"; | |
471 | } | |
472 | ||
473 | function is_filtered($title, $content, $filters) { | |
474 | ||
475 | if ($filters["title"]) { | |
476 | foreach ($filters["title"] as $title_filter) { | |
477 | if (preg_match("/$title_filter/i", $title)) | |
478 | return true; | |
479 | } | |
480 | } | |
481 | ||
482 | if ($filters["content"]) { | |
483 | foreach ($filters["content"] as $content_filter) { | |
484 | if (preg_match("/$content_filter/i", $content)) | |
485 | return true; | |
486 | } | |
487 | } | |
488 | ||
489 | if ($filters["both"]) { | |
490 | foreach ($filters["both"] as $filter) { | |
491 | if (preg_match("/$filter/i", $title) || preg_match("/$filter/i", $content)) | |
492 | return true; | |
493 | } | |
494 | } | |
495 | ||
496 | return false; | |
497 | } | |
498 | ||
499 | function printFeedEntry($feed_id, $class, $feed_title, $unread, $icon_file, $link) { | |
500 | ||
501 | if (file_exists($icon_file) && filesize($icon_file) > 0) { | |
502 | $feed_icon = "<img src=\"$icon_file\">"; | |
503 | } else { | |
504 | $feed_icon = "<img src=\"images/blank_icon.gif\">"; | |
505 | } | |
506 | ||
507 | $feed = "<a href=\"javascript:viewfeed('$feed_id', 0);\">$feed_title</a>"; | |
508 | ||
509 | print "<li id=\"FEEDR-$feed_id\" class=\"$class\">"; | |
510 | if (get_pref($link, 'ENABLE_FEED_ICONS')) { | |
511 | print "$feed_icon"; | |
512 | } | |
513 | ||
514 | print "<span id=\"FEEDN-$feed_id\">$feed</span>"; | |
515 | ||
516 | if ($unread != 0) { | |
517 | $fctr_class = ""; | |
518 | } else { | |
519 | $fctr_class = "class=\"invisible\""; | |
520 | } | |
521 | ||
522 | print "<span $fctr_class id=\"FEEDCTR-$feed_id\"> | |
523 | (<span id=\"FEEDU-$feed_id\">$unread</span>)</span>"; | |
524 | ||
525 | print "</li>"; | |
526 | ||
527 | } | |
528 | ||
529 | function getmicrotime() { | |
530 | list($usec, $sec) = explode(" ",microtime()); | |
531 | return ((float)$usec + (float)$sec); | |
532 | } | |
533 | ||
534 | function print_radio($id, $default, $values, $attributes = "") { | |
535 | foreach ($values as $v) { | |
536 | ||
537 | if ($v == $default) | |
538 | $sel = "checked"; | |
539 | else | |
540 | $sel = ""; | |
541 | ||
542 | if ($v == "Yes") { | |
543 | $sel .= " value=\"1\""; | |
544 | } else { | |
545 | $sel .= " value=\"0\""; | |
546 | } | |
547 | ||
548 | print "<input type=\"radio\" $sel $attributes name=\"$id\"> $v "; | |
549 | ||
550 | } | |
551 | } | |
552 | ||
553 | function initialize_user_prefs($link, $uid) { | |
554 | ||
555 | $uid = db_escape_string($uid); | |
556 | ||
557 | db_query($link, "BEGIN"); | |
558 | ||
559 | $result = db_query($link, "SELECT pref_name,def_value FROM ttrss_prefs"); | |
560 | ||
561 | $u_result = db_query($link, "SELECT pref_name | |
562 | FROM ttrss_user_prefs WHERE owner_uid = '$uid'"); | |
563 | ||
564 | $active_prefs = array(); | |
565 | ||
566 | while ($line = db_fetch_assoc($u_result)) { | |
567 | array_push($active_prefs, $line["pref_name"]); | |
568 | } | |
569 | ||
570 | while ($line = db_fetch_assoc($result)) { | |
571 | if (array_search($line["pref_name"], $active_prefs) === FALSE) { | |
572 | // print "adding " . $line["pref_name"] . "<br>"; | |
573 | ||
574 | db_query($link, "INSERT INTO ttrss_user_prefs | |
575 | (owner_uid,pref_name,value) VALUES | |
576 | ('$uid', '".$line["pref_name"]."','".$line["def_value"]."')"); | |
577 | ||
578 | } | |
579 | } | |
580 | ||
581 | db_query($link, "COMMIT"); | |
582 | ||
583 | } | |
584 | ||
585 | function authenticate_user($link, $login, $password) { | |
586 | ||
587 | $pwd_hash = 'SHA1:' . sha1($password); | |
588 | ||
589 | $result = db_query($link, "SELECT id,login,access_level FROM ttrss_users WHERE | |
590 | login = '$login' AND (pwd_hash = '$password' OR pwd_hash = '$pwd_hash')"); | |
591 | ||
592 | if (db_num_rows($result) == 1) { | |
593 | $_SESSION["uid"] = db_fetch_result($result, 0, "id"); | |
594 | $_SESSION["name"] = db_fetch_result($result, 0, "login"); | |
595 | $_SESSION["access_level"] = db_fetch_result($result, 0, "access_level"); | |
596 | ||
597 | db_query($link, "UPDATE ttrss_users SET last_login = NOW() WHERE id = " . | |
598 | $_SESSION["uid"]); | |
599 | ||
600 | return true; | |
601 | } | |
602 | ||
603 | return false; | |
604 | ||
605 | } | |
606 | ||
607 | function http_authenticate_user($link, $force_logout) { | |
608 | ||
609 | if (!$_SERVER['PHP_AUTH_USER'] || $force_logout) { | |
610 | ||
611 | if ($force_logout) logout_user(); | |
612 | ||
613 | header('WWW-Authenticate: Basic realm="Tiny Tiny RSS"'); | |
614 | header('HTTP/1.0 401 Unauthorized'); | |
615 | print "<h1>401 Unathorized</h1>"; | |
616 | ||
617 | exit; | |
618 | ||
619 | } else { | |
620 | ||
621 | $login = db_escape_string($_SERVER['PHP_AUTH_USER']); | |
622 | $password = db_escape_string($_SERVER['PHP_AUTH_PW']); | |
623 | ||
624 | return authenticate_user($link, $login, $password); | |
625 | } | |
626 | } | |
627 | ||
628 | function make_password($length = 8) { | |
629 | ||
630 | $password = ""; | |
631 | $possible = "0123456789bcdfghjkmnpqrstvwxyz"; | |
632 | ||
633 | $i = 0; | |
634 | ||
635 | while ($i < $length) { | |
636 | $char = substr($possible, mt_rand(0, strlen($possible)-1), 1); | |
637 | ||
638 | if (!strstr($password, $char)) { | |
639 | $password .= $char; | |
640 | $i++; | |
641 | } | |
642 | } | |
643 | return $password; | |
644 | } | |
645 | ||
646 | // this is called after user is created to initialize default feeds, labels | |
647 | // or whatever else | |
648 | ||
649 | // user preferences are checked on every login, not here | |
650 | ||
651 | function initialize_user($link, $uid) { | |
652 | ||
653 | db_query($link, "insert into ttrss_labels (owner_uid,sql_exp,description) | |
654 | values ('$uid','unread = true', 'Unread articles')"); | |
655 | ||
656 | db_query($link, "insert into ttrss_labels (owner_uid,sql_exp,description) | |
657 | values ('$uid','last_read is null and unread = false', 'Updated articles')"); | |
658 | ||
659 | db_query($link, "insert into ttrss_feeds (owner_uid,title,feed_url) | |
660 | values ('$uid', 'Tiny Tiny RSS Dev. Feed', | |
661 | 'http://bah.spb.su/darcsweb/darcsweb.cgi?r=tt-rss;a=rss')"); | |
662 | ||
663 | } | |
664 | ||
665 | function logout_user() { | |
666 | $_SESSION["uid"] = null; | |
667 | $_SESSION["name"] = null; | |
668 | $_SESSION["access_level"] = null; | |
669 | session_destroy(); | |
670 | } | |
671 | ||
672 | function login_sequence($link) { | |
673 | if (!SINGLE_USER_MODE) { | |
674 | ||
675 | if (!USE_HTTP_AUTH) { | |
676 | if (!$_SESSION["uid"]) { | |
677 | header("Location: login.php?rt=tt-rss.php"); | |
678 | exit; | |
679 | } | |
680 | } else { | |
681 | if (!http_authenticate_user($link, false)) { | |
682 | exit; | |
683 | } | |
684 | } | |
685 | } else { | |
686 | $_SESSION["uid"] = 1; | |
687 | $_SESSION["name"] = "admin"; | |
688 | initialize_user_prefs($link, 1); | |
689 | } | |
690 | } | |
691 | ?> |