api/index.php

   1 <?php
   2         error_reporting(E_ERROR | E_PARSE);
   3
   4         require_once "../config.php";
   5
   6         require_once "../db.php";
   7         require_once "../db-prefs.php";
   8         require_once "../functions.php";
   9
  10         $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
  11
  12         $session_expire = SESSION_EXPIRE_TIME; //seconds
  13         $session_name = (!defined('TTRSS_SESSION_NAME')) ? "ttrss_sid_api" : TTRSS_SESSION_NAME . "_api";
  14
  15         session_name($session_name);
  16
  17         if ($_REQUEST["sid"]) {
  18                 session_id($_REQUEST["sid"]);
  19         }
  20
  21         session_start();
  22
  23         if (!$link) {
  24                 if (DB_TYPE == "mysql") {
  25                         print mysql_error();
  26                 }
  27                 // PG seems to display its own errors just fine by default.
  28                 return;
  29         }
  30
  31         init_connection($link);
  32
  33         $op = db_escape_string($_REQUEST["op"]);
  34
  35 //      header("Content-Type: application/json");
  36
  37         if (!$_SESSION["uid"] && $op != "login" && $op != "isLoggedIn") {
  38                 print json_encode(array("error" => 'NOT_LOGGED_IN'));
  39                 return;
  40         }
  41
  42         if ($_SESSION["uid"] && $op != "logout" && !get_pref($link, 'ENABLE_API_ACCESS')) {
  43                 print json_encode(array("error" => 'API_DISABLED'));
  44                 return;
  45         }
  46
  47         switch ($op) {
  48                 case "getVersion":
  49                         $rv = array("version" => VERSION);
  50                         print json_encode($rv);
  51                 break;
  52                 case "login":
  53                         $login = db_escape_string($_REQUEST["user"]);
  54                         $password = db_escape_string($_REQUEST["password"]);
  55
  56                         $result = db_query($link, "SELECT id FROM ttrss_users WHERE login = '$login'");
  57
  58                         if (db_num_rows($result) != 0) {
  59                                 $uid = db_fetch_result($result, 0, "id");
  60                         } else {
  61                                 $uid = 0;
  62                         }
  63
  64                         if ($uid && get_pref($link, "ENABLE_API_ACCESS", $uid)) {
  65                                 if (authenticate_user($link, $login, $password)) {
  66                                         print json_encode(array("session_id" => session_id()));
  67                                 } else {
  68                                         print json_encode(array("error" => "LOGIN_ERROR"));
  69                                 }
  70                         } else {
  71                                 print json_encode(array("error" => "API_DISABLED"));
  72                         }
  73
  74                         break;
  75                 case "logout":
  76                         logout_user();
  77                         print json_encode(array("status" => "OK"));
  78                         break;
  79                 case "isLoggedIn":
  80                         print json_encode(array("status" => $_SESSION["uid"] != ''));
  81                         break;
  82                 case "getUnread":
  83                         $feed_id = db_escape_string($_REQUEST["feed_id"]);
  84                         $is_cat = db_escape_string($_REQUEST["is_cat"]);
  85
  86                         if ($feed_id) {
  87                                 print json_encode(array("unread" => getFeedUnread($link, $feed_id, $is_cat)));
  88                         } else {
  89                                 print json_encode(array("unread" => getGlobalUnread($link)));
  90                         }
  91                         break;
  92                 case "getCounters":
  93
  94                         /* TODO */
  95
  96                         break;
  97                 case "getFeeds":
  98                         $cat_id = db_escape_string($_REQUEST["cat_id"]);
  99                         $unread_only = (bool)db_escape_string($_REQUEST["unread_only"]);
 100                         $limit = (int) db_escape_string($_REQUEST["limit"]);
 101                         $offset = (int) db_escape_string($_REQUEST["offset"]);
 102
 103                         $feeds = api_get_feeds($link, $cat_id, $unread_only, $limit, $offset);
 104
 105                         print json_encode($feeds);
 106
 107                         break;
 108                 case "getCategories":
 109                         $unread_only = (bool)db_escape_string($_REQUEST["unread_only"]);
 110
 111                         $result = db_query($link, "SELECT
 112                                         id, title FROM ttrss_feed_categories
 113                                 WHERE owner_uid = " .
 114                                 $_SESSION["uid"]);
 115
 116                         $cats = array();
 117
 118                         while ($line = db_fetch_assoc($result)) {
 119                                 $unread = getFeedUnread($link, $line["id"], true);
 120
 121                                 if ($unread || !$unread_only) {
 122                                         array_push($cats, array("id" => $line["id"],
 123                                                 "title" => $line["title"],
 124                                                 "unread" => $unread));
 125                                 }
 126                         }
 127
 128                         print json_encode($cats);
 129                         break;
 130                 case "getHeadlines":
 131                         $feed_id = db_escape_string($_REQUEST["feed_id"]);
 132                         $limit = (int)db_escape_string($_REQUEST["limit"]);
 133                         $offset = (int)db_escape_string($_REQUEST["skip"]);
 134                         $filter = db_escape_string($_REQUEST["filter"]);
 135                         $is_cat = (bool)db_escape_string($_REQUEST["is_cat"]);
 136                         $show_excerpt = (bool)db_escape_string($_REQUEST["show_excerpt"]);
 137                         $show_content = (bool)db_escape_string($_REQUEST["show_content"]);
 138                         /* all_articles, unread, adaptive, marked, updated */
 139                         $view_mode = db_escape_string($_REQUEST["view_mode"]);
 140
 141                         $headlines = api_get_headlines($link, $feed_id, $limit, $offset,
 142                                 $filter, $is_cat, $show_excerpt, $show_content, $view_mode, false);
 143
 144                         print json_encode($headlines);
 145
 146                         break;
 147                 case "updateArticle":
 148                         $article_ids = split(",", db_escape_string($_REQUEST["article_ids"]));
 149                         $mode = (int) db_escape_string($_REQUEST["mode"]);
 150                         $field_raw = (int)db_escape_string($_REQUEST["field"]);
 151
 152                         $field = "";
 153                         $set_to = "";
 154
 155                         switch ($field_raw) {
 156                                 case 0:
 157                                         $field = "marked";
 158                                         break;
 159                                 case 1:
 160                                         $field = "published";
 161                                         break;
 162                                 case 2:
 163                                         $field = "unread";
 164                                         break;
 165                         };
 166
 167                         switch ($mode) {
 168                                 case 1:
 169                                         $set_to = "true";
 170                                         break;
 171                                 case 0:
 172                                         $set_to = "false";
 173                                         break;
 174                                 case 2:
 175                                         $set_to = "NOT $field";
 176                                         break;
 177                         }
 178
 179                         if ($field && $set_to && count($article_ids) > 0) {
 180
 181                                 $article_ids = join(", ", $article_ids);
 182
 183                                 if ($field == "unread") {
 184                                         $result = db_query($link, "UPDATE ttrss_user_entries SET $field = $set_to,
 185                                                 last_read = NOW()
 186                                                 WHERE ref_id IN ($article_ids) AND owner_uid = " . $_SESSION["uid"]);
 187                                 } else {
 188                                         $result = db_query($link, "UPDATE ttrss_user_entries SET $field = $set_to
 189                                                 WHERE ref_id IN ($article_ids) AND owner_uid = " . $_SESSION["uid"]);
 190                                 }
 191                         }
 192
 193                         break;
 194
 195                 case "getArticle":
 196
 197                         $article_id = db_escape_string($_REQUEST["article_id"]);
 198
 199                         $query = "SELECT id,title,link,content,feed_id,comments,int_id,
 200                                 marked,unread,published,
 201                                 ".SUBSTRING_FOR_DATE."(updated,1,16) as updated,
 202                                 author
 203                                 FROM ttrss_entries,ttrss_user_entries
 204                                 WHERE   id IN ($article_id) AND ref_id = id AND owner_uid = " .
 205                                         $_SESSION["uid"] ;
 206
 207                         $result = db_query($link, $query);
 208
 209                         if (db_num_rows($result) != 0) {
 210
 211                                 while ($line = db_fetch_assoc($result)) {
 212
 213                                         $attachments = get_article_enclosures($link, $line['id']);
 214
 215                                         $article = array(
 216                                                 "id" => $line["id"],
 217                                                 "title" => $line["title"],
 218                                                 "link" => $line["link"],
 219                                                 "labels" => get_article_labels($link, $line['id']),
 220                                                 "unread" => sql_bool_to_bool($line["unread"]),
 221                                                 "marked" => sql_bool_to_bool($line["marked"]),
 222                                                 "published" => sql_bool_to_bool($line["published"]),
 223                                                 "comments" => $line["comments"],
 224                                                 "author" => $line["author"],
 225                                                 "updated" => strtotime($line["updated"]),
 226                                                 "content" => $line["content"],
 227                                                 "feed_id" => $line["feed_id"],
 228                                                 "attachments" => $attachments
 229                                         );
 230
 231                                         print json_encode($article);
 232                                 }
 233                         }
 234
 235                         break;
 236                 case "getConfig":
 237                         $config = array(
 238                                 "icons_dir" => ICONS_DIR,
 239                                 "icons_url" => ICONS_URL);
 240
 241                         if (ENABLE_UPDATE_DAEMON) {
 242                                 $config["daemon_is_running"] = file_is_locked("update_daemon.lock");
 243                         }
 244
 245                         $result = db_query($link, "SELECT COUNT(*) AS cf FROM
 246                                 ttrss_feeds WHERE owner_uid = " . $_SESSION["uid"]);
 247
 248                         $num_feeds = db_fetch_result($result, 0, "cf");
 249
 250                         $config["num_feeds"] = (int)$num_feeds;
 251
 252                         print json_encode($config);
 253
 254                         break;
 255
 256                 case "updateFeed":
 257                         $feed_id = db_escape_string($_REQUEST["feed_id"]);
 258
 259                         update_rss_feed($link, $feed_id, true);
 260
 261                         print json_encode(array("status" => "OK"));
 262
 263                         break;
 264
 265                 case "catchupFeed":
 266                         $feed_id = db_escape_string($_REQUEST["feed_id"]);
 267                         $is_cat = db_escape_string($_REQUEST["category"]);
 268
 269                         catchup_feed($link, $feed_id, $is_cat);
 270
 271                         print json_encode(array("status" => "OK"));
 272
 273                         break;
 274
 275                 case "getPref":
 276                         $pref_name = db_escape_string($_REQUEST["pref_name"]);
 277                         print json_encode(array("value" => get_pref($link, $pref_name)));
 278                         break;
 279
 280                 default:
 281                         print json_encode(array("error" => 'UNKNOWN_METHOD'));
 282                         break;
 283
 284         }
 285
 286         db_close($link);
 287
 288 ?>