]> git.wh0rd.org - tt-rss.git/blame_incremental - include/functions.php
git.wh0rd.org / tt-rss.git / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
Merge pull request #360 from zedascouves/patch-2
[tt-rss.git] / include / functions.php
... / ...
CommitLineData
1<?php
2 define('EXPECTED_CONFIG_VERSION', 26);
3 define('SCHEMA_VERSION', 124);
4
5 define('LABEL_BASE_INDEX', -1024);
6 define('PLUGIN_FEED_BASE_INDEX', -128);
7
8 define('COOKIE_LIFETIME_LONG', 86400*365);
9
10 $fetch_last_error = false;
11 $fetch_last_error_code = false;
12 $fetch_last_content_type = false;
13 $fetch_curl_used = false;
14 $suppress_debugging = false;
15
16 mb_internal_encoding("UTF-8");
17 date_default_timezone_set('UTC');
18 if (defined('E_DEPRECATED')) {
19 error_reporting(E_ALL & ~E_NOTICE & ~E_DEPRECATED);
20 } else {
21 error_reporting(E_ALL & ~E_NOTICE);
22 }
23
24 require_once 'config.php';
25
26 /**
27 * Define a constant if not already defined
28 *
29 * @param string $name The constant name.
30 * @param mixed $value The constant value.
31 * @access public
32 * @return boolean True if defined successfully or not.
33 */
34 function define_default($name, $value) {
35 defined($name) or define($name, $value);
36 }
37
38 ///// Some defaults that you can override in config.php //////
39
40 define_default('FEED_FETCH_TIMEOUT', 45);
41 // How may seconds to wait for response when requesting feed from a site
42 define_default('FEED_FETCH_NO_CACHE_TIMEOUT', 15);
43 // How may seconds to wait for response when requesting feed from a
44 // site when that feed wasn't cached before
45 define_default('FILE_FETCH_TIMEOUT', 45);
46 // Default timeout when fetching files from remote sites
47 define_default('FILE_FETCH_CONNECT_TIMEOUT', 15);
48 // How many seconds to wait for initial response from website when
49 // fetching files from remote sites
50
51 if (DB_TYPE == "pgsql") {
52 define('SUBSTRING_FOR_DATE', 'SUBSTRING_FOR_DATE');
53 } else {
54 define('SUBSTRING_FOR_DATE', 'SUBSTRING');
55 }
56
57 /**
58 * Return available translations names.
59 *
60 * @access public
61 * @return array A array of available translations.
62 */
63 function get_translations() {
64 $tr = array(
65 "auto" => "Detect automatically",
66 "ca_CA" => "Català",
67 "cs_CZ" => "Česky",
68 "en_US" => "English",
69 "es_ES" => "Español",
70 "de_DE" => "Deutsch",
71 "fr_FR" => "Français",
72 "hu_HU" => "Magyar (Hungarian)",
73 "it_IT" => "Italiano",
74 "ja_JP" => "日本語 (Japanese)",
75 "lv_LV" => "Latviešu",
76 "nb_NO" => "Norwegian bokmål",
77 "nl_NL" => "Dutch",
78 "pl_PL" => "Polski",
79 "ru_RU" => "Русский",
80 "pt_BR" => "Portuguese/Brazil",
81 "pt_PT" => "Portuguese/Portugal",
82 "zh_CN" => "Simplified Chinese",
83 "zh_TW" => "Traditional Chinese",
84 "sv_SE" => "Svenska",
85 "fi_FI" => "Suomi",
86 "tr_TR" => "Türkçe");
87
88 return $tr;
89 }
90
91 require_once "lib/accept-to-gettext.php";
92 require_once "lib/gettext/gettext.inc";
93
94 require_once "lib/languagedetect/LanguageDetect.php";
95
96 function startup_gettext() {
97
98 # Get locale from Accept-Language header
99 $lang = al2gt(array_keys(get_translations()), "text/html");
100
101 if (defined('_TRANSLATION_OVERRIDE_DEFAULT')) {
102 $lang = _TRANSLATION_OVERRIDE_DEFAULT;
103 }
104
105 if ($_SESSION["uid"] && get_schema_version() >= 120) {
106 $pref_lang = get_pref("USER_LANGUAGE", $_SESSION["uid"]);
107
108 if ($pref_lang && $pref_lang != 'auto') {
109 $lang = $pref_lang;
110 }
111 }
112
113 if ($lang) {
114 if (defined('LC_MESSAGES')) {
115 _setlocale(LC_MESSAGES, $lang);
116 } else if (defined('LC_ALL')) {
117 _setlocale(LC_ALL, $lang);
118 }
119
120 _bindtextdomain("messages", "locale");
121
122 _textdomain("messages");
123 _bind_textdomain_codeset("messages", "UTF-8");
124 }
125 }
126
127 require_once 'db-prefs.php';
128 require_once 'version.php';
129 require_once 'ccache.php';
130 require_once 'labels.php';
131
132 define('SELF_USER_AGENT', 'Tiny Tiny RSS/' . VERSION . ' (http://tt-rss.org/)');
133 ini_set('user_agent', SELF_USER_AGENT);
134
135 require_once 'lib/pubsubhubbub/publisher.php';
136
137 $schema_version = false;
138
139 function _debug_suppress($suppress) {
140 global $suppress_debugging;
141
142 $suppress_debugging = $suppress;
143 }
144
145 /**
146 * Print a timestamped debug message.
147 *
148 * @param string $msg The debug message.
149 * @return void
150 */
151 function _debug($msg, $show = true) {
152 global $suppress_debugging;
153
154 //echo "[$suppress_debugging] $msg $show\n";
155
156 if ($suppress_debugging) return false;
157
158 $ts = strftime("%H:%M:%S", time());
159 if (function_exists('posix_getpid')) {
160 $ts = "$ts/" . posix_getpid();
161 }
162
163 if ($show && !(defined('QUIET') && QUIET)) {
164 print "[$ts] $msg\n";
165 }
166
167 if (defined('LOGFILE')) {
168 $fp = fopen(LOGFILE, 'a+');
169
170 if ($fp) {
171 $locked = false;
172
173 if (function_exists("flock")) {
174 $tries = 0;
175
176 // try to lock logfile for writing
177 while ($tries < 5 && !$locked = flock($fp, LOCK_EX | LOCK_NB)) {
178 sleep(1);
179 ++$tries;
180 }
181
182 if (!$locked) {
183 fclose($fp);
184 return;
185 }
186 }
187
188 fputs($fp, "[$ts] $msg\n");
189
190 if (function_exists("flock")) {
191 flock($fp, LOCK_UN);
192 }
193
194 fclose($fp);
195 }
196 }
197
198 } // function _debug
199
200 /**
201 * Purge a feed old posts.
202 *
203 * @param mixed $link A database connection.
204 * @param mixed $feed_id The id of the purged feed.
205 * @param mixed $purge_interval Olderness of purged posts.
206 * @param boolean $debug Set to True to enable the debug. False by default.
207 * @access public
208 * @return void
209 */
210 function purge_feed($feed_id, $purge_interval, $debug = false) {
211
212 if (!$purge_interval) $purge_interval = feed_purge_interval($feed_id);
213
214 $rows = -1;
215
216 $result = db_query(
217 "SELECT owner_uid FROM ttrss_feeds WHERE id = '$feed_id'");
218
219 $owner_uid = false;
220
221 if (db_num_rows($result) == 1) {
222 $owner_uid = db_fetch_result($result, 0, "owner_uid");
223 }
224
225 if ($purge_interval == -1 || !$purge_interval) {
226 if ($owner_uid) {
227 ccache_update($feed_id, $owner_uid);
228 }
229 return;
230 }
231
232 if (!$owner_uid) return;
233
234 if (FORCE_ARTICLE_PURGE == 0) {
235 $purge_unread = get_pref("PURGE_UNREAD_ARTICLES",
236 $owner_uid, false);
237 } else {
238 $purge_unread = true;
239 $purge_interval = FORCE_ARTICLE_PURGE;
240 }
241
242 if (!$purge_unread) $query_limit = " unread = false AND ";
243
244 if (DB_TYPE == "pgsql") {
245 $pg_version = get_pgsql_version();
246
247 if (preg_match("/^7\./", $pg_version) || preg_match("/^8\.0/", $pg_version)) {
248
249 $result = db_query("DELETE FROM ttrss_user_entries WHERE
250 ttrss_entries.id = ref_id AND
251 marked = false AND
252 feed_id = '$feed_id' AND
253 $query_limit
254 ttrss_entries.date_updated < NOW() - INTERVAL '$purge_interval days'");
255
256 } else {
257
258 $result = db_query("DELETE FROM ttrss_user_entries
259 USING ttrss_entries
260 WHERE ttrss_entries.id = ref_id AND
261 marked = false AND
262 feed_id = '$feed_id' AND
263 $query_limit
264 ttrss_entries.date_updated < NOW() - INTERVAL '$purge_interval days'");
265 }
266
267 } else {
268
269/* $result = db_query("DELETE FROM ttrss_user_entries WHERE
270 marked = false AND feed_id = '$feed_id' AND
271 (SELECT date_updated FROM ttrss_entries WHERE
272 id = ref_id) < DATE_SUB(NOW(), INTERVAL $purge_interval DAY)"); */
273
274 $result = db_query("DELETE FROM ttrss_user_entries
275 USING ttrss_user_entries, ttrss_entries
276 WHERE ttrss_entries.id = ref_id AND
277 marked = false AND
278 feed_id = '$feed_id' AND
279 $query_limit
280 ttrss_entries.date_updated < DATE_SUB(NOW(), INTERVAL $purge_interval DAY)");
281 }
282
283 $rows = db_affected_rows($result);
284
285 ccache_update($feed_id, $owner_uid);
286
287 if ($debug) {
288 _debug("Purged feed $feed_id ($purge_interval): deleted $rows articles");
289 }
290
291 return $rows;
292 } // function purge_feed
293
294 function feed_purge_interval($feed_id) {
295
296 $result = db_query("SELECT purge_interval, owner_uid FROM ttrss_feeds
297 WHERE id = '$feed_id'");
298
299 if (db_num_rows($result) == 1) {
300 $purge_interval = db_fetch_result($result, 0, "purge_interval");
301 $owner_uid = db_fetch_result($result, 0, "owner_uid");
302
303 if ($purge_interval == 0) $purge_interval = get_pref(
304 'PURGE_OLD_DAYS', $owner_uid);
305
306 return $purge_interval;
307
308 } else {
309 return -1;
310 }
311 }
312
313 function purge_orphans($do_output = false) {
314
315 // purge orphaned posts in main content table
316 $result = db_query("DELETE FROM ttrss_entries WHERE
317 (SELECT COUNT(int_id) FROM ttrss_user_entries WHERE ref_id = id) = 0");
318
319 if ($do_output) {
320 $rows = db_affected_rows($result);
321 _debug("Purged $rows orphaned posts.");
322 }
323 }
324
325 function get_feed_update_interval($feed_id) {
326 $result = db_query("SELECT owner_uid, update_interval FROM
327 ttrss_feeds WHERE id = '$feed_id'");
328
329 if (db_num_rows($result) == 1) {
330 $update_interval = db_fetch_result($result, 0, "update_interval");
331 $owner_uid = db_fetch_result($result, 0, "owner_uid");
332
333 if ($update_interval != 0) {
334 return $update_interval;
335 } else {
336 return get_pref('DEFAULT_UPDATE_INTERVAL', $owner_uid, false);
337 }
338
339 } else {
340 return -1;
341 }
342 }
343
344 function fetch_file_contents($url, $type = false, $login = false, $pass = false, $post_query = false, $timeout = false, $timestamp = 0, $useragent = false) {
345
346 global $fetch_last_error;
347 global $fetch_last_error_code;
348 global $fetch_last_content_type;
349 global $fetch_curl_used;
350
351 $url = str_replace(' ', '%20', $url);
352
353 if (!defined('NO_CURL') && function_exists('curl_init')) {
354
355 $fetch_curl_used = true;
356
357 if (ini_get("safe_mode") || ini_get("open_basedir")) {
358 $new_url = geturl($url);
359 if (!$new_url) {
360 // geturl has already populated $fetch_last_error
361 return false;
362 }
363 $ch = curl_init($new_url);
364 } else {
365 $ch = curl_init($url);
366 }
367
368 if ($timestamp && !$post_query) {
369 curl_setopt($ch, CURLOPT_HTTPHEADER,
370 array("If-Modified-Since: ".gmdate('D, d M Y H:i:s \G\M\T', $timestamp)));
371 }
372
373 curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $timeout ? $timeout : FILE_FETCH_CONNECT_TIMEOUT);
374 curl_setopt($ch, CURLOPT_TIMEOUT, $timeout ? $timeout : FILE_FETCH_TIMEOUT);
375 curl_setopt($ch, CURLOPT_FOLLOWLOCATION, !ini_get("safe_mode") && !ini_get("open_basedir"));
376 curl_setopt($ch, CURLOPT_MAXREDIRS, 20);
377 curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
378 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
379 curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
380 curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
381 curl_setopt($ch, CURLOPT_USERAGENT, $useragent ? $useragent :
382 SELF_USER_AGENT);
383 curl_setopt($ch, CURLOPT_ENCODING, "");
384 curl_setopt($ch, CURLOPT_REFERER, $url);
385
386 if (!ini_get("safe_mode") && !ini_get("open_basedir")) {
387 curl_setopt($ch, CURLOPT_COOKIEJAR, "/dev/null");
388 }
389
390 if (defined('_CURL_HTTP_PROXY')) {
391 curl_setopt($ch, CURLOPT_PROXY, _CURL_HTTP_PROXY);
392 }
393
394 if ($post_query) {
395 curl_setopt($ch, CURLOPT_POST, true);
396 curl_setopt($ch, CURLOPT_POSTFIELDS, $post_query);
397 }
398
399 if ((OPENSSL_VERSION_NUMBER >= 0x0090808f) && (OPENSSL_VERSION_NUMBER < 0x10000000)) {
400 curl_setopt($ch, CURLOPT_SSLVERSION, 3);
401 }
402
403 if ($login && $pass)
404 curl_setopt($ch, CURLOPT_USERPWD, "$login:$pass");
405
406 $contents = @curl_exec($ch);
407
408 if (curl_errno($ch) === 23 || curl_errno($ch) === 61) {
409 curl_setopt($ch, CURLOPT_ENCODING, 'none');
410 $contents = @curl_exec($ch);
411 }
412
413 if ($contents === false) {
414 $fetch_last_error = curl_errno($ch) . " " . curl_error($ch);
415 curl_close($ch);
416 return false;
417 }
418
419 $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
420 $fetch_last_content_type = curl_getinfo($ch, CURLINFO_CONTENT_TYPE);
421
422 $fetch_last_error_code = $http_code;
423
424 if ($http_code != 200 || $type && strpos($fetch_last_content_type, "$type") === false) {
425 if (curl_errno($ch) != 0) {
426 $fetch_last_error = curl_errno($ch) . " " . curl_error($ch);
427 } else {
428 $fetch_last_error = "HTTP Code: $http_code";
429 }
430 curl_close($ch);
431 return false;
432 }
433
434 curl_close($ch);
435
436 return $contents;
437 } else {
438
439 $fetch_curl_used = false;
440
441 if ($login && $pass){
442 $url_parts = array();
443
444 preg_match("/(^[^:]*):\/\/(.*)/", $url, $url_parts);
445
446 $pass = urlencode($pass);
447
448 if ($url_parts[1] && $url_parts[2]) {
449 $url = $url_parts[1] . "://$login:$pass@" . $url_parts[2];
450 }
451 }
452
453 if (!$post_query && $timestamp) {
454 $context = stream_context_create(array(
455 'http' => array(
456 'method' => 'GET',
457 'header' => "If-Modified-Since: ".gmdate("D, d M Y H:i:s \\G\\M\\T\r\n", $timestamp)
458 )));
459 } else {
460 $context = NULL;
461 }
462
463 $old_error = error_get_last();
464
465 $data = @file_get_contents($url, false, $context);
466
467 $fetch_last_content_type = false; // reset if no type was sent from server
468 if (isset($http_response_header) && is_array($http_response_header)) {
469 foreach ($http_response_header as $h) {
470 if (substr(strtolower($h), 0, 13) == 'content-type:') {
471 $fetch_last_content_type = substr($h, 14);
472 // don't abort here b/c there might be more than one
473 // e.g. if we were being redirected -- last one is the right one
474 }
475
476 if (substr(strtolower($h), 0, 7) == 'http/1.') {
477 $fetch_last_error_code = (int) substr($h, 9, 3);
478 }
479 }
480 }
481
482 if (!$data) {
483 $error = error_get_last();
484
485 if ($error['message'] != $old_error['message']) {
486 $fetch_last_error = $error["message"];
487 } else {
488 $fetch_last_error = "HTTP Code: $fetch_last_error_code";
489 }
490 }
491 return $data;
492 }
493
494 }
495
496 /**
497 * Try to determine the favicon URL for a feed.
498 * adapted from wordpress favicon plugin by Jeff Minard (http://thecodepro.com/)
499 * http://dev.wp-plugins.org/file/favatars/trunk/favatars.php
500 *
501 * @param string $url A feed or page URL
502 * @access public
503 * @return mixed The favicon URL, or false if none was found.
504 */
505 function get_favicon_url($url) {
506
507 $favicon_url = false;
508
509 if ($html = @fetch_file_contents($url)) {
510
511 libxml_use_internal_errors(true);
512
513 $doc = new DOMDocument();
514 $doc->loadHTML($html);
515 $xpath = new DOMXPath($doc);
516
517 $base = $xpath->query('/html/head/base');
518 foreach ($base as $b) {
519 $url = $b->getAttribute("href");
520 break;
521 }
522
523 $entries = $xpath->query('/html/head/link[@rel="shortcut icon" or @rel="icon"]');
524 if (count($entries) > 0) {
525 foreach ($entries as $entry) {
526 $favicon_url = rewrite_relative_url($url, $entry->getAttribute("href"));
527 break;
528 }
529 }
530 }
531
532 if (!$favicon_url)
533 $favicon_url = rewrite_relative_url($url, "/favicon.ico");
534
535 return $favicon_url;
536 } // function get_favicon_url
537
538 function check_feed_favicon($site_url, $feed) {
539# print "FAVICON [$site_url]: $favicon_url\n";
540
541 $icon_file = ICONS_DIR . "/$feed.ico";
542
543 if (!file_exists($icon_file)) {
544 $favicon_url = get_favicon_url($site_url);
545
546 if ($favicon_url) {
547 // Limiting to "image" type misses those served with text/plain
548 $contents = fetch_file_contents($favicon_url); // , "image");
549
550 if ($contents) {
551 // Crude image type matching.
552 // Patterns gleaned from the file(1) source code.
553 if (preg_match('/^\x00\x00\x01\x00/', $contents)) {
554 // 0 string \000\000\001\000 MS Windows icon resource
555 //error_log("check_feed_favicon: favicon_url=$favicon_url isa MS Windows icon resource");
556 }
557 elseif (preg_match('/^GIF8/', $contents)) {
558 // 0 string GIF8 GIF image data
559 //error_log("check_feed_favicon: favicon_url=$favicon_url isa GIF image");
560 }
561 elseif (preg_match('/^\x89PNG\x0d\x0a\x1a\x0a/', $contents)) {
562 // 0 string \x89PNG\x0d\x0a\x1a\x0a PNG image data
563 //error_log("check_feed_favicon: favicon_url=$favicon_url isa PNG image");
564 }
565 elseif (preg_match('/^\xff\xd8/', $contents)) {
566 // 0 beshort 0xffd8 JPEG image data
567 //error_log("check_feed_favicon: favicon_url=$favicon_url isa JPG image");
568 }
569 else {
570 //error_log("check_feed_favicon: favicon_url=$favicon_url isa UNKNOWN type");
571 $contents = "";
572 }
573 }
574
575 if ($contents) {
576 $fp = @fopen($icon_file, "w");
577
578 if ($fp) {
579 fwrite($fp, $contents);
580 fclose($fp);
581 chmod($icon_file, 0644);
582 }
583 }
584 }
585 return $icon_file;
586 }
587 }
588
589 function print_select($id, $default, $values, $attributes = "") {
590 print "<select name=\"$id\" id=\"$id\" $attributes>";
591 foreach ($values as $v) {
592 if ($v == $default)
593 $sel = "selected=\"1\"";
594 else
595 $sel = "";
596
597 $v = trim($v);
598
599 print "<option value=\"$v\" $sel>$v</option>";
600 }
601 print "</select>";
602 }
603
604 function print_select_hash($id, $default, $values, $attributes = "") {
605 print "<select name=\"$id\" id='$id' $attributes>";
606 foreach (array_keys($values) as $v) {
607 if ($v == $default)
608 $sel = 'selected="selected"';
609 else
610 $sel = "";
611
612 $v = trim($v);
613
614 print "<option $sel value=\"$v\">".$values[$v]."</option>";
615 }
616
617 print "</select>";
618 }
619
620 function print_radio($id, $default, $true_is, $values, $attributes = "") {
621 foreach ($values as $v) {
622
623 if ($v == $default)
624 $sel = "checked";
625 else
626 $sel = "";
627
628 if ($v == $true_is) {
629 $sel .= " value=\"1\"";
630 } else {
631 $sel .= " value=\"0\"";
632 }
633
634 print "<input class=\"noborder\" dojoType=\"dijit.form.RadioButton\"
635 type=\"radio\" $sel $attributes name=\"$id\">&nbsp;$v&nbsp;";
636
637 }
638 }
639
640 function initialize_user_prefs($uid, $profile = false) {
641
642 $uid = db_escape_string($uid);
643
644 if (!$profile) {
645 $profile = "NULL";
646 $profile_qpart = "AND profile IS NULL";
647 } else {
648 $profile_qpart = "AND profile = '$profile'";
649 }
650
651 if (get_schema_version() < 63) $profile_qpart = "";
652
653 db_query("BEGIN");
654
655 $result = db_query("SELECT pref_name,def_value FROM ttrss_prefs");
656
657 $u_result = db_query("SELECT pref_name
658 FROM ttrss_user_prefs WHERE owner_uid = '$uid' $profile_qpart");
659
660 $active_prefs = array();
661
662 while ($line = db_fetch_assoc($u_result)) {
663 array_push($active_prefs, $line["pref_name"]);
664 }
665
666 while ($line = db_fetch_assoc($result)) {
667 if (array_search($line["pref_name"], $active_prefs) === FALSE) {
668// print "adding " . $line["pref_name"] . "<br>";
669
670 $line["def_value"] = db_escape_string($line["def_value"]);
671 $line["pref_name"] = db_escape_string($line["pref_name"]);
672
673 if (get_schema_version() < 63) {
674 db_query("INSERT INTO ttrss_user_prefs
675 (owner_uid,pref_name,value) VALUES
676 ('$uid', '".$line["pref_name"]."','".$line["def_value"]."')");
677
678 } else {
679 db_query("INSERT INTO ttrss_user_prefs
680 (owner_uid,pref_name,value, profile) VALUES
681 ('$uid', '".$line["pref_name"]."','".$line["def_value"]."', $profile)");
682 }
683
684 }
685 }
686
687 db_query("COMMIT");
688
689 }
690
691 function get_ssl_certificate_id() {
692 if ($_SERVER["REDIRECT_SSL_CLIENT_M_SERIAL"]) {
693 return sha1($_SERVER["REDIRECT_SSL_CLIENT_M_SERIAL"] .
694 $_SERVER["REDIRECT_SSL_CLIENT_V_START"] .
695 $_SERVER["REDIRECT_SSL_CLIENT_V_END"] .
696 $_SERVER["REDIRECT_SSL_CLIENT_S_DN"]);
697 }
698 if ($_SERVER["SSL_CLIENT_M_SERIAL"]) {
699 return sha1($_SERVER["SSL_CLIENT_M_SERIAL"] .
700 $_SERVER["SSL_CLIENT_V_START"] .
701 $_SERVER["SSL_CLIENT_V_END"] .
702 $_SERVER["SSL_CLIENT_S_DN"]);
703 }
704 return "";
705 }
706
707 function authenticate_user($login, $password, $check_only = false) {
708
709 if (!SINGLE_USER_MODE) {
710 $user_id = false;
711
712 foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_AUTH_USER) as $plugin) {
713
714 $user_id = (int) $plugin->authenticate($login, $password);
715
716 if ($user_id) {
717 $_SESSION["auth_module"] = strtolower(get_class($plugin));
718 break;
719 }
720 }
721
722 if ($user_id && !$check_only) {
723 @session_start();
724
725 $_SESSION["uid"] = $user_id;
726 $_SESSION["version"] = VERSION_STATIC;
727
728 $result = db_query("SELECT login,access_level,pwd_hash FROM ttrss_users
729 WHERE id = '$user_id'");
730
731 $_SESSION["name"] = db_fetch_result($result, 0, "login");
732 $_SESSION["access_level"] = db_fetch_result($result, 0, "access_level");
733 $_SESSION["csrf_token"] = uniqid(rand(), true);
734
735 db_query("UPDATE ttrss_users SET last_login = NOW() WHERE id = " .
736 $_SESSION["uid"]);
737
738 $_SESSION["ip_address"] = $_SERVER["REMOTE_ADDR"];
739 $_SESSION["user_agent"] = sha1($_SERVER['HTTP_USER_AGENT']);
740 $_SESSION["pwd_hash"] = db_fetch_result($result, 0, "pwd_hash");
741
742 $_SESSION["last_version_check"] = time();
743
744 initialize_user_prefs($_SESSION["uid"]);
745
746 return true;
747 }
748
749 return false;
750
751 } else {
752
753 $_SESSION["uid"] = 1;
754 $_SESSION["name"] = "admin";
755 $_SESSION["access_level"] = 10;
756
757 $_SESSION["hide_hello"] = true;
758 $_SESSION["hide_logout"] = true;
759
760 $_SESSION["auth_module"] = false;
761
762 if (!$_SESSION["csrf_token"]) {
763 $_SESSION["csrf_token"] = uniqid(rand(), true);
764 }
765
766 $_SESSION["ip_address"] = $_SERVER["REMOTE_ADDR"];
767
768 initialize_user_prefs($_SESSION["uid"]);
769
770 return true;
771 }
772 }
773
774 function make_password($length = 8) {
775
776 $password = "";
777 $possible = "0123456789abcdfghjkmnpqrstvwxyzABCDFGHJKMNPQRSTVWXYZ";
778
779 $i = 0;
780
781 while ($i < $length) {
782 $char = substr($possible, mt_rand(0, strlen($possible)-1), 1);
783
784 if (!strstr($password, $char)) {
785 $password .= $char;
786 $i++;
787 }
788 }
789 return $password;
790 }
791
792 // this is called after user is created to initialize default feeds, labels
793 // or whatever else
794
795 // user preferences are checked on every login, not here
796
797 function initialize_user($uid) {
798
799 db_query("insert into ttrss_feeds (owner_uid,title,feed_url)
800 values ('$uid', 'Tiny Tiny RSS: New Releases',
801 'http://tt-rss.org/releases.rss')");
802
803 db_query("insert into ttrss_feeds (owner_uid,title,feed_url)
804 values ('$uid', 'Tiny Tiny RSS: Forum',
805 'http://tt-rss.org/forum/rss.php')");
806 }
807
808 function logout_user() {
809 session_destroy();
810 if (isset($_COOKIE[session_name()])) {
811 setcookie(session_name(), '', time()-42000, '/');
812 }
813 }
814
815 function validate_csrf($csrf_token) {
816 return $csrf_token == $_SESSION['csrf_token'];
817 }
818
819 function load_user_plugins($owner_uid) {
820 if ($owner_uid && SCHEMA_VERSION >= 100) {
821 $plugins = get_pref("_ENABLED_PLUGINS", $owner_uid);
822
823 PluginHost::getInstance()->load($plugins, PluginHost::KIND_USER, $owner_uid);
824
825 if (get_schema_version() > 100) {
826 PluginHost::getInstance()->load_data();
827 }
828 }
829 }
830
831 function login_sequence() {
832 if (SINGLE_USER_MODE) {
833 @session_start();
834 authenticate_user("admin", null);
835 startup_gettext();
836 load_user_plugins($_SESSION["uid"]);
837 } else {
838 if (!validate_session()) $_SESSION["uid"] = false;
839
840 if (!$_SESSION["uid"]) {
841
842 if (AUTH_AUTO_LOGIN && authenticate_user(null, null)) {
843 $_SESSION["ref_schema_version"] = get_schema_version(true);
844 } else {
845 authenticate_user(null, null, true);
846 }
847
848 if (!$_SESSION["uid"]) {
849 @session_destroy();
850 setcookie(session_name(), '', time()-42000, '/');
851
852 render_login_form();
853 exit;
854 }
855
856 } else {
857 /* bump login timestamp */
858 db_query("UPDATE ttrss_users SET last_login = NOW() WHERE id = " .
859 $_SESSION["uid"]);
860 $_SESSION["last_login_update"] = time();
861 }
862
863 if ($_SESSION["uid"]) {
864 startup_gettext();
865 load_user_plugins($_SESSION["uid"]);
866
867 /* cleanup ccache */
868
869 db_query("DELETE FROM ttrss_counters_cache WHERE owner_uid = ".
870 $_SESSION["uid"] . " AND
871 (SELECT COUNT(id) FROM ttrss_feeds WHERE
872 ttrss_feeds.id = feed_id) = 0");
873
874 db_query("DELETE FROM ttrss_cat_counters_cache WHERE owner_uid = ".
875 $_SESSION["uid"] . " AND
876 (SELECT COUNT(id) FROM ttrss_feed_categories WHERE
877 ttrss_feed_categories.id = feed_id) = 0");
878
879 }
880
881 }
882 }
883
884 function truncate_string($str, $max_len, $suffix = '&hellip;') {
885 if (mb_strlen($str, "utf-8") > $max_len) {
886 return mb_substr($str, 0, $max_len, "utf-8") . $suffix;
887 } else {
888 return $str;
889 }
890 }
891
892 function convert_timestamp($timestamp, $source_tz, $dest_tz) {
893
894 try {
895 $source_tz = new DateTimeZone($source_tz);
896 } catch (Exception $e) {
897 $source_tz = new DateTimeZone('UTC');
898 }
899
900 try {
901 $dest_tz = new DateTimeZone($dest_tz);
902 } catch (Exception $e) {
903 $dest_tz = new DateTimeZone('UTC');
904 }
905
906 $dt = new DateTime(date('Y-m-d H:i:s', $timestamp), $source_tz);
907 return $dt->format('U') + $dest_tz->getOffset($dt);
908 }
909
910 function make_local_datetime($timestamp, $long, $owner_uid = false,
911 $no_smart_dt = false) {
912
913 if (!$owner_uid) $owner_uid = $_SESSION['uid'];
914 if (!$timestamp) $timestamp = '1970-01-01 0:00';
915
916 global $utc_tz;
917 global $user_tz;
918
919 if (!$utc_tz) $utc_tz = new DateTimeZone('UTC');
920
921 $timestamp = substr($timestamp, 0, 19);
922
923 # We store date in UTC internally
924 $dt = new DateTime($timestamp, $utc_tz);
925
926 $user_tz_string = get_pref('USER_TIMEZONE', $owner_uid);
927
928 if ($user_tz_string != 'Automatic') {
929
930 try {
931 if (!$user_tz) $user_tz = new DateTimeZone($user_tz_string);
932 } catch (Exception $e) {
933 $user_tz = $utc_tz;
934 }
935
936 $tz_offset = $user_tz->getOffset($dt);
937 } else {
938 $tz_offset = (int) -$_SESSION["clientTzOffset"];
939 }
940
941 $user_timestamp = $dt->format('U') + $tz_offset;
942
943 if (!$no_smart_dt) {
944 return smart_date_time($user_timestamp,
945 $tz_offset, $owner_uid);
946 } else {
947 if ($long)
948 $format = get_pref('LONG_DATE_FORMAT', $owner_uid);
949 else
950 $format = get_pref('SHORT_DATE_FORMAT', $owner_uid);
951
952 return date($format, $user_timestamp);
953 }
954 }
955
956 function smart_date_time($timestamp, $tz_offset = 0, $owner_uid = false) {
957 if (!$owner_uid) $owner_uid = $_SESSION['uid'];
958
959 if (date("Y.m.d", $timestamp) == date("Y.m.d", time() + $tz_offset)) {
960 return date("G:i", $timestamp);
961 } else if (date("Y", $timestamp) == date("Y", time() + $tz_offset)) {
962 $format = get_pref('SHORT_DATE_FORMAT', $owner_uid);
963 return date($format, $timestamp);
964 } else {
965 $format = get_pref('LONG_DATE_FORMAT', $owner_uid);
966 return date($format, $timestamp);
967 }
968 }
969
970 function sql_bool_to_bool($s) {
971 if ($s == "t" || $s == "1" || strtolower($s) == "true") {
972 return true;
973 } else {
974 return false;
975 }
976 }
977
978 function bool_to_sql_bool($s) {
979 if ($s) {
980 return "true";
981 } else {
982 return "false";
983 }
984 }
985
986 // Session caching removed due to causing wrong redirects to upgrade
987 // script when get_schema_version() is called on an obsolete session
988 // created on a previous schema version.
989 function get_schema_version($nocache = false) {
990 global $schema_version;
991
992 if (!$schema_version && !$nocache) {
993 $result = db_query("SELECT schema_version FROM ttrss_version");
994 $version = db_fetch_result($result, 0, "schema_version");
995 $schema_version = $version;
996 return $version;
997 } else {
998 return $schema_version;
999 }
1000 }
1001
1002 function sanity_check() {
1003 require_once 'errors.php';
1004 global $ERRORS;
1005
1006 $error_code = 0;
1007 $schema_version = get_schema_version(true);
1008
1009 if ($schema_version != SCHEMA_VERSION) {
1010 $error_code = 5;
1011 }
1012
1013 if (DB_TYPE == "mysql") {
1014 $result = db_query("SELECT true", false);
1015 if (db_num_rows($result) != 1) {
1016 $error_code = 10;
1017 }
1018 }
1019
1020 if (db_escape_string("testTEST") != "testTEST") {
1021 $error_code = 12;
1022 }
1023
1024 return array("code" => $error_code, "message" => $ERRORS[$error_code]);
1025 }
1026
1027 function file_is_locked($filename) {
1028 if (file_exists(LOCK_DIRECTORY . "/$filename")) {
1029 if (function_exists('flock')) {
1030 $fp = @fopen(LOCK_DIRECTORY . "/$filename", "r");
1031 if ($fp) {
1032 if (flock($fp, LOCK_EX | LOCK_NB)) {
1033 flock($fp, LOCK_UN);
1034 fclose($fp);
1035 return false;
1036 }
1037 fclose($fp);
1038 return true;
1039 } else {
1040 return false;
1041 }
1042 }
1043 return true; // consider the file always locked and skip the test
1044 } else {
1045 return false;
1046 }
1047 }
1048
1049
1050 function make_lockfile($filename) {
1051 $fp = fopen(LOCK_DIRECTORY . "/$filename", "w");
1052
1053 if ($fp && flock($fp, LOCK_EX | LOCK_NB)) {
1054 $stat_h = fstat($fp);
1055 $stat_f = stat(LOCK_DIRECTORY . "/$filename");
1056
1057 if (strtoupper(substr(PHP_OS, 0, 3)) !== 'WIN') {
1058 if ($stat_h["ino"] != $stat_f["ino"] ||
1059 $stat_h["dev"] != $stat_f["dev"]) {
1060
1061 return false;
1062 }
1063 }
1064
1065 if (function_exists('posix_getpid')) {
1066 fwrite($fp, posix_getpid() . "\n");
1067 }
1068 return $fp;
1069 } else {
1070 return false;
1071 }
1072 }
1073
1074 function make_stampfile($filename) {
1075 $fp = fopen(LOCK_DIRECTORY . "/$filename", "w");
1076
1077 if (flock($fp, LOCK_EX | LOCK_NB)) {
1078 fwrite($fp, time() . "\n");
1079 flock($fp, LOCK_UN);
1080 fclose($fp);
1081 return true;
1082 } else {
1083 return false;
1084 }
1085 }
1086
1087 function sql_random_function() {
1088 if (DB_TYPE == "mysql") {
1089 return "RAND()";
1090 } else {
1091 return "RANDOM()";
1092 }
1093 }
1094
1095 function catchup_feed($feed, $cat_view, $owner_uid = false, $max_id = false, $mode = 'all') {
1096
1097 if (!$owner_uid) $owner_uid = $_SESSION['uid'];
1098
1099 //if (preg_match("/^-?[0-9][0-9]*$/", $feed) != false) {
1100
1101 // Todo: all this interval stuff needs some generic generator function
1102
1103 $date_qpart = "false";
1104
1105 switch ($mode) {
1106 case "1day":
1107 if (DB_TYPE == "pgsql") {
1108 $date_qpart = "date_entered < NOW() - INTERVAL '1 day' ";
1109 } else {
1110 $date_qpart = "date_entered < DATE_SUB(NOW(), INTERVAL 1 DAY) ";
1111 }
1112 break;
1113 case "1week":
1114 if (DB_TYPE == "pgsql") {
1115 $date_qpart = "date_entered < NOW() - INTERVAL '1 week' ";
1116 } else {
1117 $date_qpart = "date_entered < DATE_SUB(NOW(), INTERVAL 1 WEEK) ";
1118 }
1119 break;
1120 case "2week":
1121 if (DB_TYPE == "pgsql") {
1122 $date_qpart = "date_entered < NOW() - INTERVAL '2 week' ";
1123 } else {
1124 $date_qpart = "date_entered < DATE_SUB(NOW(), INTERVAL 2 WEEK) ";
1125 }
1126 break;
1127 default:
1128 $date_qpart = "true";
1129 }
1130
1131 if (is_numeric($feed)) {
1132 if ($cat_view) {
1133
1134 if ($feed >= 0) {
1135
1136 if ($feed > 0) {
1137 $children = getChildCategories($feed, $owner_uid);
1138 array_push($children, $feed);
1139
1140 $children = join(",", $children);
1141
1142 $cat_qpart = "cat_id IN ($children)";
1143 } else {
1144 $cat_qpart = "cat_id IS NULL";
1145 }
1146
1147 db_query("UPDATE ttrss_user_entries
1148 SET unread = false, last_read = NOW() WHERE ref_id IN
1149 (SELECT id FROM
1150 (SELECT id FROM ttrss_entries, ttrss_user_entries WHERE ref_id = id
1151 AND owner_uid = $owner_uid AND unread = true AND feed_id IN
1152 (SELECT id FROM ttrss_feeds WHERE $cat_qpart) AND $date_qpart) as tmp)");
1153
1154 } else if ($feed == -2) {
1155
1156 db_query("UPDATE ttrss_user_entries
1157 SET unread = false,last_read = NOW() WHERE (SELECT COUNT(*)
1158 FROM ttrss_user_labels2, ttrss_entries WHERE article_id = ref_id AND id = ref_id AND $date_qpart) > 0
1159 AND unread = true AND owner_uid = $owner_uid");
1160 }
1161
1162 } else if ($feed > 0) {
1163
1164 db_query("UPDATE ttrss_user_entries
1165 SET unread = false, last_read = NOW() WHERE ref_id IN
1166 (SELECT id FROM
1167 (SELECT id FROM ttrss_entries, ttrss_user_entries WHERE ref_id = id
1168 AND owner_uid = $owner_uid AND unread = true AND feed_id = $feed AND $date_qpart) as tmp)");
1169
1170 } else if ($feed < 0 && $feed > LABEL_BASE_INDEX) { // special, like starred
1171
1172 if ($feed == -1) {
1173 db_query("UPDATE ttrss_user_entries
1174 SET unread = false, last_read = NOW() WHERE ref_id IN
1175 (SELECT id FROM
1176 (SELECT id FROM ttrss_entries, ttrss_user_entries WHERE ref_id = id
1177 AND owner_uid = $owner_uid AND unread = true AND marked = true AND $date_qpart) as tmp)");
1178 }
1179
1180 if ($feed == -2) {
1181 db_query("UPDATE ttrss_user_entries
1182 SET unread = false, last_read = NOW() WHERE ref_id IN
1183 (SELECT id FROM
1184 (SELECT id FROM ttrss_entries, ttrss_user_entries WHERE ref_id = id
1185 AND owner_uid = $owner_uid AND unread = true AND published = true AND $date_qpart) as tmp)");
1186 }
1187
1188 if ($feed == -3) {
1189
1190 $intl = get_pref("FRESH_ARTICLE_MAX_AGE");
1191
1192 if (DB_TYPE == "pgsql") {
1193 $match_part = "date_entered > NOW() - INTERVAL '$intl hour' ";
1194 } else {
1195 $match_part = "date_entered > DATE_SUB(NOW(),
1196 INTERVAL $intl HOUR) ";
1197 }
1198
1199 db_query("UPDATE ttrss_user_entries
1200 SET unread = false, last_read = NOW() WHERE ref_id IN
1201 (SELECT id FROM
1202 (SELECT id FROM ttrss_entries, ttrss_user_entries WHERE ref_id = id
1203 AND owner_uid = $owner_uid AND unread = true AND $date_qpart AND $match_part) as tmp)");
1204 }
1205
1206 if ($feed == -4) {
1207 db_query("UPDATE ttrss_user_entries
1208 SET unread = false, last_read = NOW() WHERE ref_id IN
1209 (SELECT id FROM
1210 (SELECT id FROM ttrss_entries, ttrss_user_entries WHERE ref_id = id
1211 AND owner_uid = $owner_uid AND unread = true AND $date_qpart) as tmp)");
1212 }
1213
1214 } else if ($feed < LABEL_BASE_INDEX) { // label
1215
1216 $label_id = feed_to_label_id($feed);
1217
1218 db_query("UPDATE ttrss_user_entries
1219 SET unread = false, last_read = NOW() WHERE ref_id IN
1220 (SELECT id FROM
1221 (SELECT ttrss_entries.id FROM ttrss_entries, ttrss_user_entries, ttrss_user_labels2 WHERE ref_id = id
1222 AND label_id = '$label_id' AND ref_id = article_id
1223 AND owner_uid = $owner_uid AND unread = true AND $date_qpart) as tmp)");
1224
1225 }
1226
1227 ccache_update($feed, $owner_uid, $cat_view);
1228
1229 } else { // tag
1230 db_query("UPDATE ttrss_user_entries
1231 SET unread = false, last_read = NOW() WHERE ref_id IN
1232 (SELECT id FROM
1233 (SELECT ttrss_entries.id FROM ttrss_entries, ttrss_user_entries, ttrss_tags WHERE ref_id = ttrss_entries.id
1234 AND post_int_id = int_id AND tag_name = '$feed'
1235 AND ttrss_user_entries.owner_uid = $owner_uid AND unread = true AND $date_qpart) as tmp)");
1236
1237 }
1238 }
1239
1240 function getAllCounters() {
1241 $data = getGlobalCounters();
1242
1243 $data = array_merge($data, getVirtCounters());
1244 $data = array_merge($data, getLabelCounters());
1245 $data = array_merge($data, getFeedCounters());
1246 $data = array_merge($data, getCategoryCounters());
1247
1248 return $data;
1249 }
1250
1251 function getCategoryTitle($cat_id)
web-based news feed (RSS/Atom) reader and aggregator; see https://tt-rss.org/