api/index.php

   1 <?php
   2         error_reporting(E_ERROR | E_PARSE);
   3
   4         require_once "../config.php";
   5
   6         require_once "../db.php";
   7         require_once "../db-prefs.php";
   8         require_once "../functions.php";
   9
  10         $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
  11
  12         $session_expire = SESSION_EXPIRE_TIME; //seconds
  13         $session_name = (!defined('TTRSS_SESSION_NAME')) ? "ttrss_sid_api" : TTRSS_SESSION_NAME . "_api";
  14
  15         session_name($session_name);
  16
  17         if ($_REQUEST["sid"]) {
  18                 session_id($_REQUEST["sid"]);
  19         }
  20
  21         session_start();
  22
  23         if (!$link) {
  24                 if (DB_TYPE == "mysql") {
  25                         print mysql_error();
  26                 }
  27                 // PG seems to display its own errors just fine by default.
  28                 return;
  29         }
  30
  31         init_connection($link);
  32
  33         $op = db_escape_string($_REQUEST["op"]);
  34
  35 //      header("Content-Type: application/json");
  36
  37         if (!$_SESSION["uid"] && $op != "login" && $op != "isLoggedIn") {
  38                 print json_encode(array("error" => 'NOT_LOGGED_IN'));
  39                 return;
  40         }
  41
  42         if ($_SESSION["uid"] && $op != "logout" && !get_pref($link, 'ENABLE_API_ACCESS')) {
  43                 print json_encode(array("error" => 'API_DISABLED'));
  44                 return;
  45         }
  46
  47         switch ($op) {
  48                 case "getVersion":
  49                         $rv = array("version" => VERSION);
  50                         print json_encode($rv);
  51                 break;
  52                 case "login":
  53                         $login = db_escape_string($_REQUEST["user"]);
  54                         $password = db_escape_string($_REQUEST["password"]);
  55
  56                         $result = db_query($link, "SELECT id FROM ttrss_users WHERE login = '$login'");
  57
  58                         if (db_num_rows($result) != 0) {
  59                                 $uid = db_fetch_result($result, 0, "id");
  60                         } else {
  61                                 $uid = 0;
  62                         }
  63
  64                         if (get_pref($link, "ENABLE_API_ACCESS", $uid)) {
  65                                 if (authenticate_user($link, $login, $password)) {
  66                                         print json_encode(array("session_id" => session_id()));
  67                                 } else {
  68                                         print json_encode(array("error" => "LOGIN_ERROR"));
  69                                 }
  70                         } else {
  71                                 print json_encode(array("error" => "API_DISABLED"));
  72                         }
  73
  74                         break;
  75                 case "logout":
  76                         logout_user();
  77                         print json_encode(array("status" => "OK"));
  78                         break;
  79                 case "isLoggedIn":
  80                         print json_encode(array("status" => $_SESSION["uid"] != ''));
  81                         break;
  82                 case "getUnread":
  83                         $feed_id = db_escape_string($_REQUEST["feed_id"]);
  84                         $is_cat = db_escape_string($_REQUEST["is_cat"]);
  85
  86                         if ($feed_id) {
  87                                 print json_encode(array("unread" => getFeedUnread($link, $feed_id, $is_cat)));
  88                         } else {
  89                                 print json_encode(array("unread" => getGlobalUnread($link)));
  90                         }
  91                         break;
  92                 case "getFeeds":
  93                         $cat_id = db_escape_string($_REQUEST["cat_id"]);
  94                         $unread_only = (bool)db_escape_string($_REQUEST["unread_only"]);
  95                         $limit = (int) db_escape_string($_REQUEST["limit"]);
  96                         $offset = (int) db_escape_string($_REQUEST["offset"]);
  97
  98                         if ($limit) {
  99                                 $limit_qpart = "LIMIT $limit OFFSET $offset";
 100                         } else {
 101                                 $limit_qpart = "";
 102                         }
 103
 104                         if (!$cat_id) {
 105                                 $result = db_query($link, "SELECT
 106                                         id, feed_url, cat_id, title, ".
 107                                                 SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated
 108                                                 FROM ttrss_feeds WHERE owner_uid = " . $_SESSION["uid"] .
 109                                                 "ORDER BY cat_id, title " . $limit_qpart);
 110                         } else {
 111                                 $result = db_query($link, "SELECT
 112                                         id, feed_url, cat_id, title, ".
 113                                                 SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated
 114                                                 FROM ttrss_feeds WHERE
 115                                                 cat_id = '$cat_id' AND owner_uid = " . $_SESSION["uid"] .
 116                                                 "ORDER BY cat_id, title " . $limit_qpart);
 117                         }
 118
 119                         $feeds = array();
 120
 121                         while ($line = db_fetch_assoc($result)) {
 122
 123                                 $unread = getFeedUnread($link, $line["id"]);
 124
 125                                 if ($unread || !$unread_only) {
 126
 127                                         $row = array(
 128                                                         "feed_url" => $line["feed_url"],
 129                                                         "title" => $line["title"],
 130                                                         "id" => (int)$line["id"],
 131                                                         "unread" => (int)$unread,
 132                                                         "cat_id" => (int)$line["cat_id"],
 133                                                         "last_updated" => strtotime($line["last_updated"])
 134                                                 );
 135
 136                                         array_push($feeds, $row);
 137                                 }
 138                         }
 139
 140                         /* Labels */
 141
 142                         if (!$cat_id || $cat_id == -2) {
 143                                 $counters = getLabelCounters($link, false, true);
 144
 145                                 foreach (array_keys($counters) as $id) {
 146
 147                                         $unread = $counters[$id]["counter"];
 148
 149                                         if ($unread || !$unread_only) {
 150
 151                                                 $row = array(
 152                                                                 "id" => $id,
 153                                                                 "title" => $counters[$id]["description"],
 154                                                                 "unread" => $counters[$id]["counter"],
 155                                                                 "cat_id" => -2,
 156                                                         );
 157
 158                                                 array_push($feeds, $row);
 159                                         }
 160                                 }
 161                         }
 162
 163                         /* Virtual feeds */
 164
 165                         if (!$cat_id || $cat_id == -1) {
 166                                 foreach (array(-1, -2, -3, -4) as $i) {
 167                                         $unread = getFeedUnread($link, $i);
 168
 169                                         if ($unread || !$unread_only) {
 170                                                 $title = getFeedTitle($link, $i);
 171
 172                                                 $row = array(
 173                                                                 "id" => $i,
 174                                                                 "title" => $title,
 175                                                                 "unread" => $unread,
 176                                                                 "cat_id" => -1,
 177                                                         );
 178                                                 array_push($feeds, $row);
 179                                         }
 180
 181                                 }
 182                         }
 183
 184                         print json_encode($feeds);
 185
 186                         break;
 187                 case "getCategories":
 188                         $unread_only = (bool)db_escape_string($_REQUEST["unread_only"]);
 189
 190                         $result = db_query($link, "SELECT
 191                                         id, title FROM ttrss_feed_categories
 192                                 WHERE owner_uid = " .
 193                                 $_SESSION["uid"]);
 194
 195                         $cats = array();
 196
 197                         while ($line = db_fetch_assoc($result)) {
 198                                 $unread = getFeedUnread($link, $line["id"], true);
 199
 200                                 if ($unread || !$unread_only) {
 201                                         array_push($cats, array("id" => $line["id"],
 202                                                 "title" => $line["title"],
 203                                                 "unread" => $unread));
 204                                 }
 205                         }
 206
 207                         print json_encode($cats);
 208                         break;
 209                 case "getHeadlines":
 210                         $feed_id = db_escape_string($_REQUEST["feed_id"]);
 211                         $limit = (int)db_escape_string($_REQUEST["limit"]);
 212                         $filter = db_escape_string($_REQUEST["filter"]);
 213                         $is_cat = (bool)db_escape_string($_REQUEST["is_cat"]);
 214                         $show_excerpt = (bool)db_escape_string($_REQUEST["show_excerpt"]);
 215                         $show_content = (bool)db_escape_string($_REQUEST["show_content"]);
 216
 217                         /* do not rely on params below */
 218
 219                         $search = db_escape_string($_REQUEST["search"]);
 220                         $search_mode = db_escape_string($_REQUEST["search_mode"]);
 221                         $match_on = db_escape_string($_REQUEST["match_on"]);
 222
 223                         $qfh_ret = queryFeedHeadlines($link, $feed_id, $limit,
 224                                 $view_mode, $is_cat, $search, $search_mode, $match_on);
 225
 226                         $result = $qfh_ret[0];
 227                         $feed_title = $qfh_ret[1];
 228
 229                         $headlines = array();
 230
 231                         while ($line = db_fetch_assoc($result)) {
 232                                 $is_updated = ($line["last_read"] == "" &&
 233                                         ($line["unread"] != "t" && $line["unread"] != "1"));
 234
 235                                 $headline_row = array(
 236                                                 "id" => (int)$line["id"],
 237                                                 "unread" => sql_bool_to_bool($line["unread"]),
 238                                                 "marked" => sql_bool_to_bool($line["marked"]),
 239                                                 "updated" => strtotime($line["updated"]),
 240                                                 "is_updated" => $is_updated,
 241                                                 "title" => $line["title"],
 242                                                 "feed_id" => $line["feed_id"],
 243                                         );
 244
 245                                 if ($show_excerpt) {
 246                                         $excerpt = truncate_string(strip_tags($line["content_preview"]), 100);
 247                                         $headline_row["excerpt"] = $excerpt;
 248                                 }
 249
 250                                 if ($show_content) {
 251                                         $headline_row["content"] = $line["content_preview"];
 252                                 }
 253
 254                                 array_push($headlines, $headline_row);
 255                         }
 256
 257                         print json_encode($headlines);
 258
 259                         break;
 260                 case "updateArticle":
 261                         $article_id = (int) db_escape_string($_GET["article_id"]);
 262                         $mode = (int) db_escape_string($_REQUEST["mode"]);
 263                         $field_raw = (int)db_escape_string($_REQUEST["field"]);
 264
 265                         $field = "";
 266                         $set_to = "";
 267
 268                         switch ($field_raw) {
 269                                 case 0:
 270                                         $field = "marked";
 271                                         break;
 272                                 case 1:
 273                                         $field = "published";
 274                                         break;
 275                                 case 2:
 276                                         $field = "unread";
 277                                         break;
 278                         };
 279
 280                         switch ($mode) {
 281                                 case 1:
 282                                         $set_to = "true";
 283                                         break;
 284                                 case 0:
 285                                         $set_to = "false";
 286                                         break;
 287                                 case 2:
 288                                         $set_to = "NOT $field";
 289                                         break;
 290                         }
 291
 292                         if ($field && $set_to) {
 293                                 if ($field == "unread") {
 294                                         $result = db_query($link, "UPDATE ttrss_user_entries SET $field = $set_to,
 295                                                 last_read = NOW()
 296                                                 WHERE ref_id = '$article_id' AND owner_uid = " . $_SESSION["uid"]);
 297                                 } else {
 298                                         $result = db_query($link, "UPDATE ttrss_user_entries SET $field = $set_to
 299                                                 WHERE ref_id = '$article_id' AND owner_uid = " . $_SESSION["uid"]);
 300                                 }
 301                         }
 302
 303                         break;
 304
 305                 case "getArticle":
 306
 307                         $article_id = (int)db_escape_string($_REQUEST["article_id"]);
 308
 309                         $query = "SELECT title,link,content,feed_id,comments,int_id,
 310                                 marked,unread,published,
 311                                 ".SUBSTRING_FOR_DATE."(updated,1,16) as updated,
 312                                 author
 313                                 FROM ttrss_entries,ttrss_user_entries
 314                                 WHERE   id = '$article_id' AND ref_id = id AND owner_uid = " .
 315                                         $_SESSION["uid"] ;
 316
 317                         $result = db_query($link, $query);
 318
 319                         $article = array();
 320
 321                         if (db_num_rows($result) != 0) {
 322                                 $line = db_fetch_assoc($result);
 323
 324                                 $article = array(
 325                                         "title" => $line["title"],
 326                                         "link" => $line["link"],
 327                                         "labels" => get_article_labels($link, $article_id),
 328                                         "unread" => sql_bool_to_bool($line["unread"]),
 329                                         "marked" => sql_bool_to_bool($line["marked"]),
 330                                         "published" => sql_bool_to_bool($line["published"]),
 331                                         "comments" => $line["comments"],
 332                                         "author" => $line["author"],
 333                                         "updated" => strtotime($line["updated"]),
 334                                         "content" => $line["content"],
 335                                         "feed_id" => $line["feed_id"],
 336                                 );
 337                         }
 338
 339                         print json_encode($article);
 340
 341                         break;
 342                 case "getConfig":
 343                         $config = array(
 344                                 "icons_dir" => ICONS_DIR,
 345                                 "icons_url" => ICONS_URL);
 346
 347                         if (ENABLE_UPDATE_DAEMON) {
 348                                 $config["daemon_is_running"] = file_is_locked("update_daemon.lock");
 349                         }
 350
 351                         $result = db_query($link, "SELECT COUNT(*) AS cf FROM
 352                                 ttrss_feeds WHERE owner_uid = " . $_SESSION["uid"]);
 353
 354                         $num_feeds = db_fetch_result($result, 0, "cf");
 355
 356                         $config["num_feeds"] = (int)$num_feeds;
 357
 358                         print json_encode($config);
 359
 360                         break;
 361
 362                 case "updateFeed":
 363                         $feed_id = db_escape_string($_REQUEST["feed_id"]);
 364
 365                         $result = db_query($link,
 366                                 "SELECT feed_url FROM ttrss_feeds WHERE id = '$feed_id'
 367                                         AND owner_uid = " . $_SESSION["uid"]);
 368
 369                         if (db_num_rows($result) > 0) {
 370                                 $feed_url = db_fetch_result($result, 0, "feed_url");
 371                                 update_rss_feed($link, $feed_url, $feed_id);
 372                         }
 373
 374                         print json_encode(array("status" => "OK"));
 375
 376                         break;
 377
 378                 case "getPref":
 379                         $pref_name = db_escape_string($_REQUEST["pref_name"]);
 380                         print json_encode(array("value" => get_pref($link, $pref_name)));
 381                         break;
 382
 383                 default:
 384                         print json_encode(array("error" => 'UNKNOWN_METHOD'));
 385                         break;
 386
 387         }
 388
 389         db_close($link);
 390
 391 ?>