backend.php

   1 <?
   2         require_once "sessions.php";
   3         require_once "backend-rpc.php";
   4
   5         header("Cache-Control: no-cache, must-revalidate");
   6         header("Pragma: no-cache");
   7         header("Expires: -1");
   8
   9 /*      if ($_GET["debug"]) {
  10                 define('DEFAULT_ERROR_LEVEL', E_ALL);
  11         } else {
  12                 define('DEFAULT_ERROR_LEVEL', E_ERROR | E_WARNING | E_PARSE);
  13         }
  14
  15         error_reporting(DEFAULT_ERROR_LEVEL); */
  16
  17         $op = $_REQUEST["op"];
  18
  19         define('SCHEMA_VERSION', 9);
  20
  21         require_once "sanity_check.php";
  22         require_once "config.php";
  23
  24         require_once "db.php";
  25         require_once "db-prefs.php";
  26         require_once "functions.php";
  27         require_once "magpierss/rss_fetch.inc";
  28
  29         $err_msg = check_configuration_variables();
  30
  31         if ($err_msg) {
  32                 header("Content-Type: application/xml");
  33                 print_error_xml(9, $err_msg); die;
  34         }
  35
  36         if ((!$op || $op == "rpc" || $op == "rss" ||
  37                         $op == "globalUpdateFeeds") && !$_REQUEST["noxml"]) {
  38                 header("Content-Type: application/xml");
  39         }
  40
  41         if (!$_SESSION["uid"] && $op != "globalUpdateFeeds" && $op != "rss") {
  42
  43                 if ($op == "rpc") {
  44                         print_error_xml(6); die;
  45                 } else {
  46                         print "
  47                         <html><body>
  48                                 <p>Error: Not logged in.</p>
  49                                 <script type=\"text/javascript\">
  50                                         if (parent.window != 'undefined') {
  51                                                 parent.window.location = \"login.php\";
  52                                         } else {
  53                                                 window.location = \"login.php\";
  54                                         }
  55                                 </script>
  56                         </body></html>
  57                         ";
  58                 }
  59                 exit;
  60         }
  61
  62         if (!$op) {
  63                 print_error_xml(7); exit;
  64         }
  65
  66         $purge_intervals = array(
  67                 0  => "Use default",
  68                 -1 => "Never purge",
  69                 5  => "1 week old",
  70                 14 => "2 weeks old",
  71                 31 => "1 month old",
  72                 60 => "2 months old",
  73                 90 => "3 months old");
  74
  75         $update_intervals = array(
  76                 0   => "Use default",
  77                 -1  => "Disable updates",
  78                 30  => "Each 30 minutes",
  79                 60  => "Hourly",
  80                 240 => "Each 4 hours",
  81                 720 => "Each 12 hours",
  82                 1440 => "Daily",
  83                 10080 => "Weekly");
  84
  85         $access_level_names = array(
  86                 0 => "User",
  87                 10 => "Administrator");
  88
  89         $script_started = getmicrotime();
  90
  91         $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
  92
  93         if (!$link) {
  94                 if (DB_TYPE == "mysql") {
  95                         print mysql_error();
  96                 }
  97                 // PG seems to display its own errors just fine by default.
  98                 return;
  99         }
 100
 101         if (DB_TYPE == "pgsql") {
 102                 pg_query("set client_encoding = 'utf-8'");
 103         }
 104
 105         if ($_SESSION["uid"]) {
 106
 107 //              setcookie('ttrss_vf_refresh', FEEDS_FRAME_REFRESH);
 108 //              setcookie('ttrss_vf_daemon', ENABLE_UPDATE_DAEMON);
 109
 110 /*              if (get_pref($link, "ON_CATCHUP_SHOW_NEXT_FEED")) {
 111                         setcookie('ttrss_vf_catchupnext', 1);
 112                 } else {
 113                         setcookie('ttrss_vf_catchupnext', 0);
 114                 } */
 115         }
 116
 117         $fetch = $_GET["fetch"];
 118
 119 //      setcookie("ttrss_icons_url", ICONS_URL);
 120
 121         if (!sanity_check($link)) { return; }
 122
 123         function outputFeedList($link, $tags = false) {
 124
 125                 print "<html><head>
 126                         <title>Tiny Tiny RSS : Feedlist</title>
 127                         <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">";
 128
 129                 $user_theme = $_SESSION["theme"];
 130                 if ($user_theme) {
 131                         print "<link rel=\"stylesheet\" type=\"text/css\"
 132                                 href=\"themes/$user_theme/theme.css\">";
 133                 }
 134
 135                 if (get_pref($link, 'USE_COMPACT_STYLESHEET')) {
 136                         print "<link rel=\"stylesheet\" type=\"text/css\"
 137                                 href=\"tt-rss_compact.css\"/>";
 138                 } else {
 139                         print "<link title=\"Compact Stylesheet\" rel=\"alternate stylesheet\"
 140                                         type=\"text/css\" href=\"tt-rss_compact.css\"/>";
 141                 }
 142
 143                 $script_dt_add = get_script_dt_add();
 144
 145                 print "
 146                         <script type=\"text/javascript\" src=\"prototype.js\"></script>
 147                         <script type=\"text/javascript\" src=\"functions.js?$script_dt_add\"></script>
 148                         <script type=\"text/javascript\" src=\"feedlist.js?$script_dt_add\"></script>
 149                         <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
 150                         <!--[if gte IE 5.5000]>
 151                         <script type=\"text/javascript\" src=\"pngfix.js\"></script>
 152                         <link rel=\"stylesheet\" type=\"text/css\" href=\"tt-rss-ie.css\">
 153                         <![endif]-->
 154                         </head><body>
 155                         <script type=\"text/javascript\">
 156                                 if (document.addEventListener) {
 157                                         document.addEventListener(\"DOMContentLoaded\", init, null);
 158                                 }
 159                                 window.onload = init;
 160                         </script>";
 161
 162                 print "<ul class=\"feedList\" id=\"feedList\">\n";
 163
 164                 $owner_uid = $_SESSION["uid"];
 165
 166                 if (!$tags) {
 167
 168                         /* virtual feeds */
 169
 170                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 171                                 print "<li class=\"feedCat\">Special</li>";
 172                                 print "<li id=\"feedCatHolder\"><ul class=\"feedCatList\">";
 173                         }
 174
 175                         $result = db_query($link, "SELECT count(id) as num_starred
 176                                 FROM ttrss_entries,ttrss_user_entries
 177                                 WHERE marked = true AND
 178                                 ttrss_user_entries.ref_id = ttrss_entries.id AND
 179                                 unread = true AND owner_uid = '$owner_uid'");
 180                         $num_starred = db_fetch_result($result, 0, "num_starred");
 181
 182                         $class = "virt";
 183
 184                         if ($num_starred > 0) $class .= "Unread";
 185
 186                         printFeedEntry(-1, $class, "Starred articles", $num_starred,
 187                                 "images/mark_set.png", $link);
 188
 189                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 190                                 print "</ul>\n";
 191                         }
 192
 193                         if (GLOBAL_ENABLE_LABELS && get_pref($link, 'ENABLE_LABELS')) {
 194
 195                                 $result = db_query($link, "SELECT id,sql_exp,description FROM
 196                                         ttrss_labels WHERE owner_uid = '$owner_uid' ORDER by description");
 197
 198                                 if (db_num_rows($result) > 0) {
 199                                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 200                                                 print "<li class=\"feedCat\">Labels</li>";
 201                                                 print "<li id=\"feedCatHolder\"><ul class=\"feedCatList\">";
 202                                         } else {
 203                                                 print "<li><hr></li>";
 204                                         }
 205                                 }
 206
 207                                 while ($line = db_fetch_assoc($result)) {
 208
 209                                         error_reporting (0);
 210
 211                                         $tmp_result = db_query($link, "SELECT count(ttrss_entries.id) as count
 212                                                 FROM ttrss_entries,ttrss_user_entries,ttrss_feeds
 213                                                 WHERE (" . $line["sql_exp"] . ") AND unread = true AND
 214                                                 ttrss_user_entries.ref_id = ttrss_entries.id AND
 215                                                 ttrss_user_entries.feed_id = ttrss_feeds.id
 216                                                 AND ttrss_user_entries.owner_uid = '$owner_uid'");
 217
 218                                         $count = db_fetch_result($tmp_result, 0, "count");
 219
 220                                         $class = "label";
 221
 222                                         if ($count > 0) {
 223                                                 $class .= "Unread";
 224                                         }
 225
 226                                         error_reporting (DEFAULT_ERROR_LEVEL);
 227
 228                                         printFeedEntry(-$line["id"]-11,
 229                                                 $class, db_unescape_string($line["description"]),
 230                                                 $count, "images/label.png", $link);
 231
 232                                 }
 233
 234                                 if (db_num_rows($result) > 0) {
 235                                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 236                                                 print "</ul>";
 237                                         }
 238                                 }
 239
 240                         }
 241
 242 //                      if (!get_pref($link, 'ENABLE_FEED_CATS')) {
 243                                 print "<li><hr></li>";
 244 //                      }
 245
 246                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 247                                 if (get_pref($link, "FEEDS_SORT_BY_UNREAD")) {
 248                                         $order_by_qpart = "category,unread DESC,title";
 249                                 } else {
 250                                         $order_by_qpart = "category,title";
 251                                 }
 252                         } else {
 253                                 if (get_pref($link, "FEEDS_SORT_BY_UNREAD")) {
 254                                         $order_by_qpart = "unread DESC,title";
 255                                 } else {
 256                                         $order_by_qpart = "title";
 257                                 }
 258                         }
 259
 260                         $result = db_query($link, "SELECT ttrss_feeds.*,
 261                                 SUBSTRING(last_updated,1,19) AS last_updated_noms,
 262                                 (SELECT COUNT(id) FROM ttrss_entries,ttrss_user_entries
 263                                         WHERE feed_id = ttrss_feeds.id AND
 264                                         ttrss_user_entries.ref_id = ttrss_entries.id AND
 265                                         owner_uid = '$owner_uid') AS total,
 266                                 (SELECT COUNT(id) FROM ttrss_entries,ttrss_user_entries
 267                                         WHERE feed_id = ttrss_feeds.id AND unread = true
 268                                                 AND ttrss_user_entries.ref_id = ttrss_entries.id
 269                                                 AND owner_uid = '$owner_uid') as unread,
 270                                 cat_id,last_error,
 271                                 ttrss_feed_categories.title AS category,
 272                                 ttrss_feed_categories.collapsed
 273                                 FROM ttrss_feeds LEFT JOIN ttrss_feed_categories
 274                                         ON (ttrss_feed_categories.id = cat_id)
 275                                 WHERE
 276                                         ttrss_feeds.owner_uid = '$owner_uid' AND parent_feed IS NULL
 277                                 ORDER BY $order_by_qpart");
 278
 279                         $actid = $_GET["actid"];
 280
 281                         /* real feeds */
 282
 283                         $lnum = 0;
 284
 285                         $total_unread = 0;
 286
 287                         $category = "";
 288
 289                         $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
 290
 291                         while ($line = db_fetch_assoc($result)) {
 292
 293                                 $feed = db_unescape_string($line["title"]);
 294                                 $feed_id = $line["id"];
 295
 296                                 $subop = $_GET["subop"];
 297
 298                                 $total = $line["total"];
 299                                 $unread = $line["unread"];
 300
 301                                 if (get_pref($link, 'HEADLINES_SMART_DATE')) {
 302                                         $last_updated = smart_date_time(strtotime($line["last_updated_noms"]));
 303                                 } else {
 304                                         $last_updated = date($short_date, strtotime($line["last_updated_noms"]));
 305                                 }
 306
 307                                 $rtl_content = sql_bool_to_bool($line["rtl_content"]);
 308
 309                                 if ($rtl_content) {
 310                                         $rtl_tag = "dir=\"RTL\"";
 311                                 } else {
 312                                         $rtl_tag = "";
 313                                 }
 314
 315                                 $tmp_result = db_query($link,
 316                                         "SELECT id,COUNT(unread) AS unread
 317                                         FROM ttrss_feeds LEFT JOIN ttrss_user_entries
 318                                                 ON (ttrss_feeds.id = ttrss_user_entries.feed_id)
 319                                         WHERE parent_feed = '$feed_id' AND unread = true
 320                                         GROUP BY ttrss_feeds.id");
 321
 322                                 if (db_num_rows($tmp_result) > 0) {
 323                                         while ($l = db_fetch_assoc($tmp_result)) {
 324                                                 $unread += $l["unread"];
 325                                         }
 326                                 }
 327
 328                                 $cat_id = $line["cat_id"];
 329
 330                                 $tmp_category = $line["category"];
 331
 332                                 if (!$tmp_category) {
 333                                         $tmp_category = "Uncategorized";
 334                                 }
 335
 336         //                      $class = ($lnum % 2) ? "even" : "odd";
 337
 338                                 if ($line["last_error"]) {
 339                                         $class = "error";
 340                                 } else {
 341                                         $class = "feed";
 342                                 }
 343
 344                                 if ($unread > 0) $class .= "Unread";
 345
 346                                 if ($actid == $feed_id) {
 347                                         $class .= "Selected";
 348                                 }
 349
 350                                 $total_unread += $unread;
 351
 352                                 if ($category != $tmp_category && get_pref($link, 'ENABLE_FEED_CATS')) {
 353
 354                                         if ($category) {
 355                                                 print "</ul></li>";
 356                                         }
 357
 358                                         $category = $tmp_category;
 359
 360                                         $collapsed = $line["collapsed"];
 361
 362                                         // workaround for NULL category
 363                                         if ($category == "Uncategorized") {
 364                                                 if ($_COOKIE["ttrss_vf_uclps"] == 1) {
 365                                                         $collapsed = "t";
 366                                                 }
 367                                         }
 368
 369                                         if ($collapsed == "t" || $collapsed == "1") {
 370                                                 $holder_class = "invisible";
 371                                                 $ellipsis = "...";
 372                                         } else {
 373                                                 $holder_class = "";
 374                                                 $ellipsis = "";
 375                                         }
 376
 377                                         if ($cat_id) {
 378                                                 $cat_id_qpart = "cat_id = '$cat_id'";
 379                                         } else {
 380                                                 $cat_id_qpart = "cat_id IS NULL";
 381                                         }
 382
 383                                         $tmp_result = db_query($link, "SELECT count(int_id) AS unread
 384                                                 FROM ttrss_user_entries,ttrss_feeds WHERE
 385                                                         unread = true AND
 386                                                         feed_id = ttrss_feeds.id AND $cat_id_qpart AND
 387                                                         ttrss_user_entries.owner_uid = " . $_SESSION["uid"]);
 388
 389                                         $cat_unread = db_fetch_result($tmp_result, 0, "unread");
 390
 391                                         $cat_id = sprintf("%d", $cat_id);
 392
 393                                         print "<li class=\"feedCat\" id=\"FCAT-$cat_id\">
 394                                                 <a id=\"FCATN-$cat_id\" href=\"javascript:toggleCollapseCat($cat_id)\">$tmp_category</a>
 395                                                         <a href=\"javascript:viewCategory($cat_id)\" id=\"FCAP-$cat_id\">
 396                                                         <span id=\"FCATCTR-$cat_id\"
 397                                                         class=\"$catctr_class\">($cat_unread unread)$ellipsis</span>
 398                                                         </a></li>";
 399
 400                                         // !!! NO SPACE before <ul...feedCatList - breaks firstChild DOM function
 401                                         // -> keyboard navigation, etc.
 402                                         print "<li id=\"feedCatHolder\" class=\"$holder_class\"><ul class=\"feedCatList\" id=\"FCATLIST-$cat_id\">";
 403                                 }
 404
 405                                 printFeedEntry($feed_id, $class, $feed, $unread,
 406                                         "icons/$feed_id.ico", $link, $rtl_content,
 407                                         $last_updated, $line["last_error"]);
 408
 409                                 ++$lnum;
 410                         }
 411
 412                 } else {
 413
 414                         // tags
 415
 416 /*                      $result = db_query($link, "SELECT tag_name,count(ttrss_entries.id) AS count
 417                                 FROM ttrss_tags,ttrss_entries,ttrss_user_entries WHERE
 418                                 post_int_id = ttrss_user_entries.int_id AND
 419                                 unread = true AND ref_id = ttrss_entries.id
 420                                 AND ttrss_tags.owner_uid = '$owner_uid' GROUP BY tag_name
 421                         UNION
 422                                 select tag_name,0 as count FROM ttrss_tags WHERE owner_uid = '$owner_uid'
 423                         ORDER BY tag_name"); */
 424
 425                         $result = db_query($link, "SELECT tag_name,SUM((SELECT COUNT(int_id)
 426                                 FROM ttrss_user_entries WHERE int_id = post_int_id
 427                                         AND unread = true)) AS count FROM ttrss_tags
 428                                 WHERE owner_uid = 2 GROUP BY tag_name ORDER BY tag_name");
 429
 430                         $tags = array();
 431
 432                         while ($line = db_fetch_assoc($result)) {
 433                                 $tags[$line["tag_name"]] += $line["count"];
 434                         }
 435
 436                         foreach (array_keys($tags) as $tag) {
 437
 438                                 $unread = $tags[$tag];
 439
 440                                 $class = "tag";
 441
 442                                 if ($unread > 0) {
 443                                         $class .= "Unread";
 444                                 }
 445
 446                                 printFeedEntry($tag, $class, $tag, $unread, "images/tag.png", $link);
 447
 448                         }
 449
 450                 }
 451
 452                 if (db_num_rows($result) == 0) {
 453                         if ($tags) {
 454                                 $what = "tags";
 455                         } else {
 456                                 $what = "feeds";
 457                         }
 458                         print "<li>No $what to display.</li>";
 459                 }
 460
 461                 print "</ul>";
 462
 463                 print '
 464                         <script type="text/javascript">
 465                                 /* for IE */
 466                                 function statechange() {
 467                                         if (document.readyState == "interactive") init();
 468                                 }
 469
 470                                 if (document.readyState) {
 471                                         if (document.readyState == "interactive" || document.readyState == "complete") {
 472                                                 init();
 473                                         } else {
 474                                                 document.onreadystatechange = statechange;
 475                                         }
 476                                 }
 477                         </script></body></html>';
 478         }
 479
 480
 481         if ($op == "rpc") {
 482                 handle_rpc_request($link);
 483         }
 484
 485         if ($op == "feeds") {
 486
 487                 $tags = $_GET["tags"];
 488
 489                 $subop = $_GET["subop"];
 490
 491                 if ($subop == "catchupAll") {
 492                         db_query($link, "UPDATE ttrss_user_entries SET
 493                                 last_read = NOW(),unread = false WHERE owner_uid = " . $_SESSION["uid"]);
 494                 }
 495
 496                 if ($subop == "collapse") {
 497                         $cat_id = db_escape_string($_GET["cid"]);
 498
 499                         db_query($link, "UPDATE ttrss_feed_categories SET
 500                                 collapsed = NOT collapsed WHERE id = '$cat_id' AND owner_uid = " .
 501                                 $_SESSION["uid"]);
 502                         return;
 503                 }
 504
 505                 outputFeedList($link, $tags);
 506
 507         }
 508
 509         if ($op == "view") {
 510
 511                 $id = db_escape_string($_GET["id"]);
 512                 $feed_id = db_escape_string($_GET["feed"]);
 513
 514                 $result = db_query($link, "SELECT rtl_content FROM ttrss_feeds
 515                         WHERE id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]);
 516
 517                 if (db_num_rows($result) == 1) {
 518                         $rtl_content = sql_bool_to_bool(db_fetch_result($result, 0, "rtl_content"));
 519                 } else {
 520                         $rtl_content = false;
 521                 }
 522
 523                 if ($rtl_content) {
 524                         $rtl_tag = "dir=\"RTL\"";
 525                         $rtl_class = "RTL";
 526                 } else {
 527                         $rtl_tag = "";
 528                         $rtl_class = "";
 529                 }
 530
 531                 $result = db_query($link, "UPDATE ttrss_user_entries
 532                         SET unread = false,last_read = NOW()
 533                         WHERE ref_id = '$id' AND feed_id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]);
 534
 535                 $result = db_query($link, "SELECT title,link,content,feed_id,comments,int_id,
 536                         SUBSTRING(updated,1,16) as updated,
 537                         (SELECT icon_url FROM ttrss_feeds WHERE id = feed_id) as icon_url,
 538                         num_comments,
 539                         author
 540                         FROM ttrss_entries,ttrss_user_entries
 541                         WHERE   id = '$id' AND ref_id = id AND owner_uid = " . $_SESSION["uid"]);
 542
 543                 print "<html><head>
 544                         <title>Tiny Tiny RSS : Article $id</title>
 545                         <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">";
 546
 547                 $user_theme = $_SESSION["theme"];
 548                 if ($user_theme) {
 549                         print "<link rel=\"stylesheet\" type=\"text/css\"
 550                                 href=\"themes/$user_theme/theme.css\">";
 551                 }
 552
 553                 if (get_pref($link, 'USE_COMPACT_STYLESHEET')) {
 554                         print "<link rel=\"stylesheet\" type=\"text/css\"
 555                                 href=\"tt-rss_compact.css\"/>";
 556                 } else {
 557                         print "<link title=\"Compact Stylesheet\" rel=\"alternate stylesheet\"
 558                                         type=\"text/css\" href=\"tt-rss_compact.css\"/>";
 559                 }
 560
 561                 $script_dt_add = get_script_dt_add();
 562
 563                 print "
 564                         <script type=\"text/javascript\" src=\"prototype.js\"></script>
 565                         <script type=\"text/javascript\" src=\"functions.js?$script_dt_add\"></script>
 566                         <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
 567                         </head><body $rtl_tag>";
 568
 569                 if ($result) {
 570
 571                         $link_target = "";
 572
 573                         if (get_pref($link, 'OPEN_LINKS_IN_NEW_WINDOW')) {
 574                                 $link_target = "target=\"_new\"";
 575                         }
 576
 577                         $line = db_fetch_assoc($result);
 578
 579                         if ($line["icon_url"]) {
 580                                 $feed_icon = "<img class=\"feedIcon\" src=\"" . $line["icon_url"] . "\">";
 581                         } else {
 582                                 $feed_icon = "&nbsp;";
 583                         }
 584
 585 /*                      if ($line["comments"] && $line["link"] != $line["comments"]) {
 586                                 $entry_comments = "(<a href=\"".$line["comments"]."\">Comments</a>)";
 587                         } else {
 588                                 $entry_comments = "";
 589                         } */
 590
 591                         $num_comments = $line["num_comments"];
 592                         $entry_comments = "";
 593
 594                         if ($num_comments > 0) {
 595                                 if ($line["comments"]) {
 596                                         $comments_url = $line["comments"];
 597                                 } else {
 598                                         $comments_url = $line["link"];
 599                                 }
 600                                 $entry_comments = "<a $link_target href=\"$comments_url\">$num_comments comments</a>";
 601                         } else {
 602                                 if ($line["comments"] && $line["link"] != $line["comments"]) {
 603                                         $entry_comments = "<a $link_target href=\"".$line["comments"]."\">comments</a>";
 604                                 }
 605                         }
 606
 607                         print "<div class=\"postReply\">";
 608
 609                         print "<div class=\"postHeader\"><table width=\"100%\">";
 610
 611                         $entry_author = $line["author"];
 612
 613                         if ($entry_author) {
 614                                 $entry_author = " - by $entry_author";
 615                         }
 616
 617                         print "<tr><td><a $link_target href=\"" . $line["link"] . "\">" . $line["title"] .
 618                                 "</a>$entry_author</td>";
 619
 620                         $parsed_updated = date(get_pref($link, 'LONG_DATE_FORMAT'),
 621                                 strtotime($line["updated"]));
 622
 623                         print "<td class=\"postDate$rtl_class\">$parsed_updated</td>";
 624
 625                         print "</tr>";
 626
 627                         $tmp_result = db_query($link, "SELECT DISTINCT tag_name FROM
 628                                 ttrss_tags WHERE post_int_id = " . $line["int_id"] . "
 629                                 ORDER BY tag_name");
 630
 631                         $tags_str = "";
 632                         $f_tags_str = "";
 633
 634                         $num_tags = 0;
 635
 636                         while ($tmp_line = db_fetch_assoc($tmp_result)) {
 637                                 $num_tags++;
 638                                 $tag = $tmp_line["tag_name"];
 639                                 $tag_str = "<a href=\"javascript:parent.viewfeed('$tag')\">$tag</a>, ";
 640
 641                                 if ($num_tags == 5) {
 642                                         $tags_str .= "<a href=\"javascript:showBlockElement('allEntryTags')\">...</a>";
 643                                 } else if ($num_tags < 5) {
 644                                         $tags_str .= $tag_str;
 645                                 }
 646                                 $f_tags_str .= $tag_str;
 647                         }
 648
 649                         $tags_str = preg_replace("/, $/", "", $tags_str);
 650                         $f_tags_str = preg_replace("/, $/", "", $f_tags_str);
 651
 652 //                      $truncated_link = truncate_string($line["link"], 60);
 653
 654                         if ($tags_str || $entry_comments) {
 655                                 print "<tr><td width='50%'>
 656                                         $entry_comments</td>
 657                                         <td align=\"right\">$tags_str</td></tr>";
 658                         }
 659
 660                         print "</table></div>";
 661
 662                         print "<div class=\"postIcon\">" . $feed_icon . "</div>";
 663                         print "<div class=\"postContent\">";
 664
 665                         if (db_num_rows($tmp_result) > 5) {
 666                                 print "<div id=\"allEntryTags\">Tags: $f_tags_str</div>";
 667                         }
 668
 669                         if (get_pref($link, 'OPEN_LINKS_IN_NEW_WINDOW')) {
 670                                 $line["content"] = preg_replace("/href=/i", "target=\"_new\" href=", $line["content"]);
 671                         }
 672
 673                         print $line["content"] . "</div>";
 674
 675                         print "</div>";
 676
 677                         print "<script type=\"text/javascript\">
 678                                 try {
 679                                         parent.update_all_counters('$feed_id');
 680                                 } catch (e) {
 681                                         exception_error('view/footer', e);
 682                                 }
 683                         </script>";
 684                 }
 685
 686                 print "</body></html>";
 687         }
 688
 689         if ($op == "viewfeed") {
 690
 691                 $feed = db_escape_string($_GET["feed"]);
 692                 $subop = db_escape_string($_GET["subop"]);
 693                 $view_mode = db_escape_string($_GET["view_mode"]);
 694                 $limit = db_escape_string($_GET["limit"]);
 695                 $cat_view = db_escape_string($_GET["cat"]);
 696                 $next_unread_feed = db_escape_string($_GET["nuf"]);
 697
 698                 if ($subop == "undefined") $subop = "";
 699
 700                 print "<html><head>
 701                         <title>Tiny Tiny RSS : Feed $feed</title>
 702                         <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">";
 703
 704                 $user_theme = $_SESSION["theme"];
 705                 if ($user_theme) {
 706                         print "<link rel=\"stylesheet\" type=\"text/css\"
 707                                 href=\"themes/$user_theme/theme.css\">";
 708                 }
 709
 710                 if (get_pref($link, 'USE_COMPACT_STYLESHEET')) {
 711                         print "<link rel=\"stylesheet\"
 712                                         type=\"text/css\" href=\"tt-rss_compact.css\"/>";
 713
 714                 } else {
 715                         print "<link title=\"Compact Stylesheet\" rel=\"alternate stylesheet\"
 716                                         type=\"text/css\" href=\"tt-rss_compact.css\"/>";
 717                 }
 718
 719                 if ($subop == "ForceUpdate" && sprintf("%d", $feed) > 0) {
 720                         update_generic_feed($link, $feed, $cat_view);
 721                 }
 722
 723                 if ($subop == "MarkAllRead")  {
 724                         catchup_feed($link, $feed, $cat_view);
 725
 726                         if (get_pref($link, 'ON_CATCHUP_SHOW_NEXT_FEED')) {
 727                                 if ($next_unread_feed) {
 728                                         $feed = $next_unread_feed;
 729                                 }
 730                         }
 731                 }
 732
 733                 if ($feed_id > 0) {
 734                         $result = db_query($link,
 735                                 "SELECT id FROM ttrss_feeds WHERE id = '$feed' LIMIT 1");
 736
 737                         if (db_num_rows($result) == 0) {
 738                                 print "<div align='center'>
 739                                         Feed not found.</div>";
 740                                 return;
 741                         }
 742                 }
 743
 744                 if (preg_match("/^-?[0-9][0-9]*$/", $feed) != false) {
 745
 746                         $result = db_query($link, "SELECT rtl_content FROM ttrss_feeds
 747                                 WHERE id = '$feed' AND owner_uid = " . $_SESSION["uid"]);
 748
 749                         if (db_num_rows($result) == 1) {
 750                                 $rtl_content = sql_bool_to_bool(db_fetch_result($result, 0, "rtl_content"));
 751                         } else {
 752                                 $rtl_content = false;
 753                         }
 754
 755                         if ($rtl_content) {
 756                                 $rtl_tag = "dir=\"RTL\"";
 757                         } else {
 758                                 $rtl_tag = "";
 759                         }
 760                 } else {
 761                         $rtl_tag = "";
 762                         $rtl_content = false;
 763                 }
 764
 765                 $script_dt_add = get_script_dt_add();
 766
 767                 print "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
 768                         <script type=\"text/javascript\" src=\"prototype.js\"></script>
 769                         <script type=\"text/javascript\" src=\"functions.js?$script_dt_add\"></script>
 770                         <script type=\"text/javascript\" src=\"viewfeed.js?$script_dt_add\"></script>
 771                         <!--[if gte IE 5.5000]>
 772                         <script type=\"text/javascript\" src=\"pngfix.js\"></script>
 773                         <link rel=\"stylesheet\" type=\"text/css\" href=\"tt-rss-ie.css\">
 774                         <![endif]-->
 775                         </head><body $rtl_tag>
 776                         <script type=\"text/javascript\">
 777                         if (document.addEventListener) {
 778                                 document.addEventListener(\"DOMContentLoaded\", init, null);
 779                         }
 780                         window.onload = init;
 781                         </script>";
 782
 783                 /// START /////////////////////////////////////////////////////////////////////////////////
 784
 785                 $search = db_escape_string($_GET["query"]);
 786                 $search_mode = db_escape_string($_GET["search_mode"]);
 787                 $match_on = db_escape_string($_GET["match_on"]);
 788
 789                 if (!$match_on) {
 790                         $match_on = "both";
 791                 }
 792
 793                 $qfh_ret = queryFeedHeadlines($link, $feed, $limit, $view_mode, $cat_view, $search, $search_mode, $match_on);
 794
 795                 $result = $qfh_ret[0];
 796                 $feed_title = $qfh_ret[1];
 797                 $feed_site_url = $qfh_ret[2];
 798                 $last_error = $qfh_ret[3];
 799
 800                 /// STOP //////////////////////////////////////////////////////////////////////////////////
 801
 802                 print "<div id=\"headlinesContainer\">";
 803
 804                 if (!$result) {
 805                         print "<div align='center'>
 806                                 Could not display feed (query failed). Please check label match syntax or local configuration.</div>";
 807                         return;
 808                 }
 809
 810                 function print_headline_subtoolbar($link, $feed_site_url, $feed_title,
 811                         $bottom = false, $rtl_content = false, $feed_id = 0,
 812                         $is_cat = false, $search = false, $match_on = false,
 813                         $search_mode = false) {
 814
 815                         if (!$bottom) {
 816                                 $class = "headlinesSubToolbar";
 817                                 $tid = "headlineActionsTop";
 818                         } else {
 819                                 $class = "invisible";
 820                                 $tid = "headlineActionsBottom";
 821                         }
 822
 823                         print "<table class=\"$class\" id=\"$tid\"
 824                                 width=\"100%\" cellspacing=\"0\" cellpadding=\"0\"><tr>";
 825
 826                         if ($rtl_content) {
 827                                 $rtl_cpart = "RTL";
 828                         } else {
 829                                 $rtl_cpart = "";
 830                         }
 831
 832                         if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
 833
 834                                 print "<td class=\"headlineActions$rtl_cpart\">
 835                                         Select:
 836                                                                 <a href='#' onclick=\"javascript:selectTableRowsByIdPrefix('headlinesList', 'RROW-', 'RCHK-', true, '', true)\">All</a>,
 837                                                                 <a href='#' onclick=\"javascript:selectTableRowsByIdPrefix('headlinesList', 'RROW-', 'RCHK-', true, 'Unread', true)\">Unread</a>,
 838                                                                 <a href='#' onclick=\"javascript:selectTableRowsByIdPrefix('headlinesList', 'RROW-', 'RCHK-', false)\">None</a>
 839                                                 &nbsp;&nbsp;
 840                                                 Toggle: <a href='#' onclick=\"javascript:selectionToggleUnread()\">Unread</a>,
 841                                                         <a href='#' onclick=\"javascript:selectionToggleMarked()\">Starred</a>";
 842
 843                                 print "</td>";
 844
 845                                 if ($search && $feed_id > 0 && get_pref($link, 'ENABLE_LABELS') && GLOBAL_ENABLE_LABELS) {
 846                                         print "<td class=\"headlineActions$rtl_cpart\">
 847                                                 <a href=\"javascript:labelFromSearch('$search', '$search_mode',
 848                                                                 '$match_on', '$feed_id', '$is_cat');\">
 849                                                         Convert this search to label</a></td>";
 850                                 }
 851
 852                         } else {
 853
 854                                 print "<td class=\"headlineActions$rtl_cpart\">
 855                                         Select:
 856                                                                 <a href=\"#\" onclick=\"javascript:cdmSelectArticles('all')\">All</a>,
 857                                                                 <a href=\"#\" onclick=\"javascript:cdmSelectArticles('unread')\">Unread</a>,
 858                                                                 <a href=\"#\" onclick=\"javascript:cdmSelectArticles('none')\">None</a>
 859                                                 &nbsp;&nbsp;
 860                                                 Toggle: <a href=\"#\" onclick=\"javascript:selectionToggleUnread(true)\">Unread</a>,
 861                                                                 <a href=\"#\" onclick=\"javascript:selectionToggleMarked(true)\">Starred</a>";
 862
 863                                 print "</td>";
 864
 865                         }
 866
 867                         print "<td class=\"headlineTitle$rtl_cpart\">";
 868
 869                         if ($feed_site_url) {
 870                                 if (!$bottom) {
 871                                         $target = "target=\"_blank\"";
 872                                 }
 873                                 print "<a $target href=\"$feed_site_url\">$feed_title</a>";
 874                         } else {
 875                                 print $feed_title;
 876                         }
 877
 878                         if ($search) {
 879                                 $search_q = "&q=$search&m=$match_on&smode=$search_mode";
 880                         }
 881
 882                         if (!$bottom) {
 883                                 print "&nbsp;
 884                                         <a target=\"_new\"
 885                                                 href=\"backend.php?op=rss&id=$feed_id&is_cat=$is_cat$search_q\"
 886                                                 <img class=\"noborder\"
 887                                                         alt=\"Generated feed\" src=\"images/feed-icon-12x12.png\">
 888                                         </a>";
 889                         }
 890
 891                         print "</td>";
 892                         print "</tr></table>";
 893
 894                 }
 895
 896                 if (db_num_rows($result) > 0) {
 897
 898                         print_headline_subtoolbar($link, $feed_site_url, $feed_title, false,
 899                                 $rtl_content, $feed, $cat_view, $search, $match_on, $search_mode);
 900
 901                         if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
 902                                 print "<table class=\"headlinesList\" id=\"headlinesList\"
 903                                         cellspacing=\"0\" width=\"100%\">";
 904                         }
 905
 906                         $lnum = 0;
 907
 908                         error_reporting (DEFAULT_ERROR_LEVEL);
 909
 910                         $num_unread = 0;
 911
 912                         while ($line = db_fetch_assoc($result)) {
 913
 914                                 $class = ($lnum % 2) ? "even" : "odd";
 915
 916                                 $id = $line["id"];
 917                                 $feed_id = $line["feed_id"];
 918
 919                                 if ($line["last_read"] == "" &&
 920                                                 ($line["unread"] != "t" && $line["unread"] != "1")) {
 921
 922                                         $update_pic = "<img id='FUPDPIC-$id' src=\"images/updated.png\"
 923                                                 alt=\"Updated\">";
 924                                 } else {
 925                                         $update_pic = "<img id='FUPDPIC-$id' src=\"images/blank_icon.gif\"
 926                                                 alt=\"Updated\">";
 927                                 }
 928
 929                                 if ($line["unread"] == "t" || $line["unread"] == "1") {
 930                                         $class .= "Unread";
 931                                         ++$num_unread;
 932                                         $is_unread = true;
 933                                 } else {
 934                                         $is_unread = false;
 935                                 }
 936
 937                                 if ($line["marked"] == "t" || $line["marked"] == "1") {
 938                                         $marked_pic = "<img id=\"FMARKPIC-$id\" src=\"images/mark_set.png\"
 939                                                 alt=\"Reset mark\" onclick='javascript:toggleMark($id)'>";
 940                                 } else {
 941                                         $marked_pic = "<img id=\"FMARKPIC-$id\" src=\"images/mark_unset.png\"
 942                                                 alt=\"Set mark\" onclick='javascript:toggleMark($id)'>";
 943                                 }
 944
 945                                 $content_link = "<a href=\"javascript:view($id,$feed_id);\">" .
 946                                         $line["title"] . "</a>";
 947
 948                                 if (get_pref($link, 'HEADLINES_SMART_DATE')) {
 949                                         $updated_fmt = smart_date_time(strtotime($line["updated"]));
 950                                 } else {
 951                                         $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
 952                                         $updated_fmt = date($short_date, strtotime($line["updated"]));
 953                                 }
 954
 955                                 if (get_pref($link, 'SHOW_CONTENT_PREVIEW')) {
 956                                         $content_preview = truncate_string(strip_tags($line["content_preview"]),
 957                                                 100);
 958                                 }
 959
 960                                 if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
 961
 962                                         print "<tr class='$class' id='RROW-$id'>";
 963
 964                                         print "<td class='hlUpdatePic'>$update_pic</td>";
 965
 966                                         print "<td class='hlSelectRow'>
 967                                                 <input type=\"checkbox\" onclick=\"toggleSelectRow(this)\"
 968                                                         class=\"feedCheckBox\" id=\"RCHK-$id\">
 969                                                 </td>";
 970
 971                                         print "<td class='hlMarkedPic'>$marked_pic</td>";
 972
 973                                         if ($line["feed_title"]) {
 974                                                 print "<td class='hlContent'>$content_link</td>";
 975                                                 print "<td class='hlFeed'>
 976                                                         <a href='javascript:viewfeed($feed_id)'>".
 977                                                                 $line["feed_title"]."</a>&nbsp;</td>";
 978                                         } else {
 979                                                 print "<td class='hlContent' valign='middle'>";
 980
 981                                                 print "<a href=\"javascript:view($id,$feed_id);\">" .
 982                                                         $line["title"];
 983
 984                                                 if (get_pref($link, 'SHOW_CONTENT_PREVIEW') && !$rtl_tag) {
 985                                                         if ($content_preview) {
 986                                                                 print "<span class=\"contentPreview\"> - $content_preview</span>";
 987                                                         }
 988                                                 }
 989
 990                                                 print "</a>";
 991                                                 print "</td>";
 992                                         }
 993
 994                                         print "<td class=\"hlUpdated\"><nobr>$updated_fmt&nbsp;</nobr></td>";
 995
 996                                         print "</tr>";
 997
 998                                 } else {
 999
1000                                         if ($is_unread) {
1001                                                 $add_class = "Unread";
1002                                         } else {
1003                                                 $add_class = "";
1004                                         }
1005
1006                                         print "<div class=\"cdmArticle$add_class\" id=\"RROW-$id\">";
1007
1008                                         print "<div class=\"cdmHeader\">";
1009
1010                                         print "<div style=\"float : right\">$updated_fmt,
1011                                                 <a class=\"cdmToggleLink\"
1012                                                         href=\"javascript:toggleUnread($id)\">Toggle unread</a>
1013                                         </div>";
1014
1015                                         print "<a class=\"title\"
1016                                                 onclick=\"javascript:toggleUnread($id, 0)\"
1017                                                 target=\"new\" href=\"".$line["link"]."\">".$line["title"]."</a>";
1018
1019                                         if ($line["feed_title"]) {
1020                                                 print "&nbsp;(<a href='javascript:viewfeed($feed_id)'>".$line["feed_title"]."</a>)";
1021                                         }
1022
1023                                         print "</div>";
1024
1025                                         print "<div class=\"cdmContent\">" . $line["content_preview"] . "</div><br clear=\"all\">";
1026
1027                                         print "<div style=\"float : right\">$marked_pic</div>
1028                                                 <div lass=\"cdmFooter\">
1029                                                         <input type=\"checkbox\" onclick=\"toggleSelectRowById(this,
1030                                                         'RROW-$id')\" class=\"feedCheckBox\" id=\"RCHK-$id\"></div>";
1031
1032 #                                       print "<div align=\"center\"><a class=\"cdmToggleLink\"
1033 #                                                       href=\"javascript:toggleUnread($id)\">
1034 #                                                       Toggle unread</a></div>";
1035
1036                                         print "</div>";
1037
1038                                 }
1039
1040                                 ++$lnum;
1041                         }
1042
1043                         if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
1044                                 print "</table>";
1045                         }
1046
1047                         print_headline_subtoolbar($link,
1048                                 "javascript:catchupPage()", "Mark page as read", true, $rtl_content);
1049
1050
1051                 } else {
1052                         print "<div width='100%' align='center'>No articles found.</div>";
1053                 }
1054
1055                 print "</div>";
1056
1057                 print "
1058                         <script type=\"text/javascript\">
1059                                 try {
1060                                         document.onkeydown = hotkey_handler;
1061                                         try {
1062                                                 parent.update_all_counters(\"$feed\");
1063                                         } catch (e) {
1064                                                 // this is workaround against mysterious permission
1065                                                 // denied feature/bug of firefox (ticket #73)
1066                                                 // if call from this context failed - ignore silently
1067                                                 exception_error(\"viewfeed/footer1/counters\", e, true);
1068                                         }
1069                                 } catch (e) {
1070                                         exception_error(\"viewfeed/footer1\", e);
1071                                 }
1072
1073                                 /* for IE */
1074                                 function statechange() {
1075                                         if (document.readyState == \"interactive\") init();
1076                                 }
1077
1078                                 if (document.readyState) {
1079                                         if (document.readyState == \"interactive\" || document.readyState == \"complete\") {
1080                                                 init();
1081                                         } else {
1082                                                 document.onreadystatechange = statechange;
1083                                         }
1084                                 }
1085                         </script>";
1086
1087                 print "</body></html>";
1088         }
1089
1090         if ($op == "pref-feeds") {
1091
1092                 $subop = $_REQUEST["subop"];
1093                 $quiet = $_REQUEST["quiet"];
1094
1095                 if ($subop == "massSubscribe") {
1096                         $ids = split(",", db_escape_string($_GET["ids"]));
1097
1098                         $subscribed = array();
1099
1100                         foreach ($ids as $id) {
1101                                 $result = db_query($link, "SELECT feed_url,title FROM ttrss_feeds
1102                                         WHERE id = '$id'");
1103
1104                                 $feed_url = db_fetch_result($result, 0, "feed_url");
1105                                 $title = db_fetch_result($result, 0, "title");
1106
1107                                 $result = db_query($link, "SELECT id FROM ttrss_feeds WHERE
1108                                         feed_url = '$feed_url' AND owner_uid = " . $_SESSION["uid"]);
1109
1110                                 if (db_num_rows($result) == 0) {
1111                                         $result = db_query($link,
1112                                                 "INSERT INTO ttrss_feeds (owner_uid,feed_url,title,cat_id)
1113                                                 VALUES ('".$_SESSION["uid"]."', '$feed_url', '$title', NULL)");
1114
1115                                         array_push($subscribed, $title);
1116                                 }
1117                         }
1118
1119                         if (count($subscribed) > 0) {
1120                                 print "<div class=\"notice\">";
1121                                 print "<b>Subscribed to feeds:</b>";
1122                                 print "<ul class=\"nomarks\">";
1123                                 foreach ($subscribed as $title) {
1124                                         print "<li>$title</li>";
1125                                 }
1126                                 print "</ul>";
1127                                 print "</div>";
1128                         }
1129                 }
1130
1131                 if ($subop == "browse") {
1132
1133                         if (!ENABLE_FEED_BROWSER) {
1134                                 print "Feed browser is administratively disabled.";
1135                                 return;
1136                         }
1137
1138                         print "<div id=\"infoBoxTitle\">Other feeds: Top 25</div>";
1139
1140                         print "<div class=\"infoBoxContents\">";
1141
1142                         print "<p>Showing top 25 registered feeds, sorted by popularity:</p>";
1143
1144 #                       $result = db_query($link, "SELECT feed_url,count(id) AS subscribers
1145 #                               FROM ttrss_feeds
1146 #                               WHERE auth_login = '' AND auth_pass = '' AND private = false
1147 #                               GROUP BY feed_url ORDER BY subscribers DESC LIMIT 25");
1148
1149                         $owner_uid = $_SESSION["uid"];
1150
1151                         $result = db_query($link, "SELECT feed_url,COUNT(id) AS subscribers
1152                                 FROM ttrss_feeds WHERE (SELECT COUNT(id) = 0 FROM ttrss_feeds AS tf
1153                                         WHERE tf.feed_url = ttrss_feeds.feed_url
1154                                                 AND owner_uid = '$owner_uid') GROUP BY feed_url
1155                                                         ORDER BY subscribers DESC LIMIT 25");
1156
1157                         print "<ul class='browseFeedList' id='browseFeedList'>";
1158
1159                         $feedctr = 0;
1160
1161                         while ($line = db_fetch_assoc($result)) {
1162                                 $feed_url = $line["feed_url"];
1163                                 $subscribers = $line["subscribers"];
1164
1165                                 $det_result = db_query($link, "SELECT site_url,title,id
1166                                         FROM ttrss_feeds WHERE feed_url = '$feed_url' LIMIT 1");
1167
1168                                 $details = db_fetch_assoc($det_result);
1169
1170                                 $icon_file = ICONS_DIR . "/" . $details["id"] . ".ico";
1171
1172                                 if (file_exists($icon_file) && filesize($icon_file) > 0) {
1173                                                 $feed_icon = "<img class=\"tinyFeedIcon\"       src=\"" . ICONS_URL .
1174                                                         "/".$details["id"].".ico\">";
1175                                 } else {
1176                                         $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
1177                                 }
1178
1179                                 $check_box = "<input onclick='toggleSelectListRow(this)' class='feedBrowseCB'
1180                                         type=\"checkbox\" id=\"FBCHK-" . $details["id"] . "\">";
1181
1182                                 $class = ($feedctr % 2) ? "even" : "odd";
1183
1184                                 print "<li class='$class' id=\"FBROW-".$details["id"]."\">$check_box".
1185                                         "$feed_icon " . db_unescape_string($details["title"]) .
1186                                         "&nbsp;<span class='subscribers'>($subscribers)</span></li>";
1187
1188                                         ++$feedctr;
1189                         }
1190
1191                         if ($feedctr == 0) {
1192                                 print "<li>No feeds found to subscribe.</li>";
1193                         }
1194
1195                         print "</ul>";
1196
1197                         print "<div align='center'>
1198                                 <input type=\"submit\" class=\"button\"
1199                                 onclick=\"feedBrowserSubscribe()\" value=\"Subscribe\">
1200                                 <input type='submit' class='button'
1201                                 onclick=\"closeInfoBox()\" value=\"Cancel\"></div>";
1202
1203                         print "</div>";
1204                         return;
1205                 }
1206
1207                 if ($subop == "editfeed") {
1208                         $feed_id = db_escape_string($_REQUEST["id"]);
1209
1210                         $result = db_query($link,
1211                                 "SELECT * FROM ttrss_feeds WHERE id = '$feed_id' AND
1212                                         owner_uid = " . $_SESSION["uid"]);
1213
1214                         $title = htmlspecialchars(db_unescape_string(db_fetch_result($result,
1215                                 0, "title")));
1216
1217                         $icon_file = ICONS_DIR . "/$feed_id.ico";
1218
1219                         if (file_exists($icon_file) && filesize($icon_file) > 0) {
1220                                         $feed_icon = "<img width=\"16\" height=\"16\"
1221                                                 src=\"" . ICONS_URL . "/$feed_id.ico\">";
1222                         } else {
1223                                 $feed_icon = "";
1224                         }
1225
1226                         print "<div id=\"infoBoxTitle\">Feed editor</div>";
1227
1228                         print "<div class=\"infoBoxContents\">";
1229
1230                         print "<form id=\"edit_feed_form\">";
1231
1232                         print "<input type=\"hidden\" name=\"id\" value=\"$feed_id\">";
1233                         print "<input type=\"hidden\" name=\"op\" value=\"pref-feeds\">";
1234                         print "<input type=\"hidden\" name=\"subop\" value=\"editSave\">";
1235
1236                         print "<table width='100%'>";
1237
1238                         print "<tr><td>Title:</td>";
1239                         print "<td><input class=\"iedit\" onkeypress=\"return filterCR(event)\"
1240                                 name=\"title\" value=\"$title\"></td></tr>";
1241
1242                         $feed_url = db_fetch_result($result, 0, "feed_url");
1243                         $feed_url = htmlspecialchars(db_unescape_string(db_fetch_result($result,
1244                                 0, "feed_url")));
1245
1246                         print "<tr><td>Feed URL:</td>";
1247                         print "<td><input class=\"iedit\" onkeypress=\"return filterCR(event)\"
1248                                 name=\"feed_url\" value=\"$feed_url\"></td></tr>";
1249
1250                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
1251
1252                                 $cat_id = db_fetch_result($result, 0, "cat_id");
1253
1254                                 print "<tr><td>Category:</td>";
1255                                 print "<td>";
1256
1257                                 print_feed_cat_select($link, "cat_id", $cat_id, "class=\"iedit\"");
1258
1259                                 print "</td>";
1260                                 print "</td></tr>";
1261
1262                         }
1263
1264                         $update_interval = db_fetch_result($result, 0, "update_interval");
1265
1266                         print "<tr><td>Update Interval:</td>";
1267
1268                         print "<td>";
1269
1270                         print_select_hash("update_interval", $update_interval, $update_intervals,
1271                                 "class=\"iedit\"");
1272
1273                         print "</td>";
1274
1275                         print "<tr><td>Link to:</td><td>";
1276
1277                         $tmp_result = db_query($link, "SELECT COUNT(id) AS count
1278                                 FROM ttrss_feeds WHERE parent_feed = '$feed_id'");
1279
1280                         $linked_count = db_fetch_result($tmp_result, 0, "count");
1281
1282                         $parent_feed = db_fetch_result($result, 0, "parent_feed");
1283
1284                         if ($linked_count > 0) {
1285                                 $disabled = "disabled";
1286                         }
1287
1288                         print "<select class=\"iedit\" $disabled name=\"parent_feed\">";
1289
1290                         print "<option value=\"0\">Not linked</option>";
1291
1292                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
1293                                 if ($cat_id) {
1294                                         $cat_qpart = "AND cat_id = '$cat_id'";
1295                                 } else {
1296                                         $cat_qpart = "AND cat_id IS NULL";
1297                                 }
1298                         }
1299
1300                         $tmp_result = db_query($link, "SELECT id,title FROM ttrss_feeds
1301                                 WHERE id != '$feed_id' AND owner_uid = ".$_SESSION["uid"]."
1302                                         $cat_qpart ORDER BY title");
1303
1304                                 if (db_num_rows($tmp_result) > 0) {
1305                                         print "<option disabled>--------</option>";
1306                                 }
1307
1308                                 while ($tmp_line = db_fetch_assoc($tmp_result)) {
1309                                         if ($tmp_line["id"] == $parent_feed) {
1310                                                 $is_selected = "selected";
1311                                         } else {
1312                                                 $is_selected = "";
1313                                         }
1314                                         printf("<option $is_selected value='%d'>%s</option>",
1315                                                 $tmp_line["id"], $tmp_line["title"]);
1316                                 }
1317
1318                         print "</select>";
1319                         print "</td></tr>";
1320
1321                         $purge_interval = db_fetch_result($result, 0, "purge_interval");
1322
1323                         print "<tr><td>Article purging:</td>";
1324
1325                         print "<td>";
1326
1327                         print_select_hash("purge_interval", $purge_interval, $purge_intervals,
1328                                 "class=\"iedit\"");
1329
1330                         print "</td>";
1331
1332                         $auth_login = db_fetch_result($result, 0, "auth_login");
1333
1334                         print "<tr><td>Login:</td>";
1335                         print "<td><input class=\"iedit\" onkeypress=\"return filterCR(event)\"
1336                                 name=\"auth_login\" value=\"$auth_login\"></td></tr>";
1337
1338                         $auth_pass = db_fetch_result($result, 0, "auth_pass");
1339
1340                         print "<tr><td>Password:</td>";
1341                         print "<td><input class=\"iedit\" type=\"password\" name=\"auth_pass\"
1342                                 onkeypress=\"return filterCR(event)\"
1343                                 value=\"$auth_pass\"></td></tr>";
1344
1345                         $private = sql_bool_to_bool(db_fetch_result($result, 0, "private"));
1346
1347                         if ($private) {
1348                                 $checked = "checked";
1349                         } else {
1350                                 $checked = "";
1351                         }
1352
1353                         print "<tr><td valign='top'>Options:</td>";
1354                         print "<td><input type=\"checkbox\" name=\"private\" id=\"private\"
1355                                 $checked><label for=\"private\">Hide from feed browser</label>";
1356
1357                         $rtl_content = sql_bool_to_bool(db_fetch_result($result, 0, "rtl_content"));
1358
1359                         if ($rtl_content) {
1360                                 $checked = "checked";
1361                         } else {
1362                                 $checked = "";
1363                         }
1364
1365                         print "<br><input type=\"checkbox\" id=\"rtl_content\" name=\"rtl_content\"
1366                                 $checked><label for=\"rtl_content\">Right-to-left content</label>";
1367
1368                         print "</td></tr>";
1369
1370                         print "</table>";
1371
1372                         print "</form>";
1373
1374                         print "</div>";
1375
1376                         print "<div align='center'>
1377                                 <input type=\"submit\" class=\"button\"
1378                                 onclick=\"return feedEditSave()\" value=\"Save\">
1379                                 <input type='submit' class='button'
1380                                 onclick=\"return feedEditCancel()\" value=\"Cancel\"></div>";
1381                         return;
1382                 }
1383
1384                 if ($subop == "editSave") {
1385
1386                         $feed_title = db_escape_string(trim($_POST["title"]));
1387                         $feed_link = db_escape_string(trim($_POST["feed_url"]));
1388                         $upd_intl = db_escape_string($_POST["update_interval"]);
1389                         $purge_intl = db_escape_string($_POST["purge_interval"]);
1390                         $feed_id = db_escape_string($_POST["id"]);
1391                         $cat_id = db_escape_string($_POST["cat_id"]);
1392                         $auth_login = db_escape_string(trim($_POST["auth_login"]));
1393                         $auth_pass = db_escape_string(trim($_POST["auth_pass"]));
1394                         $parent_feed = db_escape_string($_POST["parent_feed"]);
1395                         $private = checkbox_to_sql_bool(db_escape_string($_POST["private"]));
1396                         $rtl_content = checkbox_to_sql_bool(db_escape_string($_POST["rtl_content"]));
1397
1398                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
1399                                 if ($cat_id && $cat_id != 0) {
1400                                         $category_qpart = "cat_id = '$cat_id',";
1401                                 } else {
1402                                         $category_qpart = 'cat_id = NULL,';
1403                                 }
1404                         } else {
1405                                 $category_qpart = "";
1406                         }
1407
1408                         if ($parent_feed && $parent_feed != 0) {
1409                                 $parent_qpart = "parent_feed = '$parent_feed',";
1410                         } else {
1411                                 $parent_qpart = 'parent_feed = NULL,';
1412                         }
1413
1414                         $result = db_query($link, "UPDATE ttrss_feeds SET
1415                                 $category_qpart
1416                                 $parent_qpart
1417                                 title = '$feed_title', feed_url = '$feed_link',
1418                                 update_interval = '$upd_intl',
1419                                 purge_interval = '$purge_intl',
1420                                 auth_login = '$auth_login',
1421                                 auth_pass = '$auth_pass',
1422                                 private = $private,
1423                                 rtl_content = $rtl_content
1424                                 WHERE id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]);
1425                 }
1426
1427                 if ($subop == "saveCat") {
1428                         $cat_title = db_escape_string(trim($_GET["title"]));
1429                         $cat_id = db_escape_string($_GET["id"]);
1430
1431                         $result = db_query($link, "UPDATE ttrss_feed_categories SET
1432                                 title = '$cat_title' WHERE id = '$cat_id' AND owner_uid = ".$_SESSION["uid"]);
1433
1434                 }
1435
1436                 if ($subop == "remove") {
1437
1438                         if (!WEB_DEMO_MODE) {
1439
1440                                 $ids = split(",", db_escape_string($_GET["ids"]));
1441
1442                                 foreach ($ids as $id) {
1443
1444                                         if ($id > 0) {
1445
1446                                                 db_query($link, "DELETE FROM ttrss_feeds
1447                                                         WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
1448
1449                                                 $icons_dir = ICONS_DIR;
1450
1451                                                 if (file_exists($icons_dir . "/$id.ico")) {
1452                                                         unlink($icons_dir . "/$id.ico");
1453                                                 }
1454                                         } else if ($id < -10) {
1455
1456                                                 $label_id = -$id - 11;
1457
1458                                                 db_query($link, "DELETE FROM ttrss_labels
1459                                                         WHERE   id = '$label_id' AND owner_uid = " . $_SESSION["uid"]);
1460                                         }
1461                                 }
1462                         }
1463                 }
1464
1465                 if ($subop == "add") {
1466
1467                         if (!WEB_DEMO_MODE) {
1468
1469                                 $feed_url = db_escape_string(trim($_GET["feed_url"]));
1470                                 $cat_id = db_escape_string($_GET["cat_id"]);
1471
1472                                 if (subscribe_to_feed($link, $feed_url, $cat_id)) {
1473                                         print "Added feed.";
1474                                 } else {
1475                                         print "<div class=\"warning\">
1476                                                 Feed <b>$feed_url</b> already exists in the database.
1477                                         </div>";
1478                                 }
1479                         }
1480                 }
1481
1482                 if ($subop == "addCat") {
1483
1484                         if (!WEB_DEMO_MODE) {
1485
1486                                 $feed_cat = db_escape_string(trim($_GET["cat"]));
1487
1488                                 $result = db_query($link,
1489                                         "SELECT id FROM ttrss_feed_categories
1490                                         WHERE title = '$feed_cat' AND owner_uid = ".$_SESSION["uid"]);
1491
1492                                 if (db_num_rows($result) == 0) {
1493
1494                                         $result = db_query($link,
1495                                                 "INSERT INTO ttrss_feed_categories (owner_uid,title)
1496                                                 VALUES ('".$_SESSION["uid"]."', '$feed_cat')");
1497
1498                                 } else {
1499
1500                                         print "<div class=\"warning\">
1501                                                 Category <b>$feed_cat</b> already exists in the database.
1502                                         </div>";
1503                                 }
1504
1505
1506                         }
1507                 }
1508
1509                 if ($subop == "removeCats") {
1510
1511                         if (!WEB_DEMO_MODE) {
1512
1513                                 $ids = split(",", db_escape_string($_GET["ids"]));
1514
1515                                 foreach ($ids as $id) {
1516
1517                                         db_query($link, "BEGIN");
1518
1519                                         $result = db_query($link,
1520                                                 "SELECT count(id) as num_feeds FROM ttrss_feeds
1521                                                         WHERE cat_id = '$id'");
1522
1523                                         $num_feeds = db_fetch_result($result, 0, "num_feeds");
1524
1525                                         if ($num_feeds == 0) {
1526                                                 db_query($link, "DELETE FROM ttrss_feed_categories
1527                                                         WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
1528                                         } else {
1529
1530                                                 print "<div class=\"warning\">
1531                                                         Unable to delete non empty feed categories.</div>";
1532
1533                                         }
1534
1535                                         db_query($link, "COMMIT");
1536                                 }
1537                         }
1538                 }
1539
1540                 if ($subop == "categorize") {
1541
1542                         if (!WEB_DEMO_MODE) {
1543
1544                                 $ids = split(",", db_escape_string($_GET["ids"]));
1545
1546                                 $cat_id = db_escape_string($_GET["cat_id"]);
1547
1548                                 if ($cat_id == 0) {
1549                                         $cat_id_qpart = 'NULL';
1550                                 } else {
1551                                         $cat_id_qpart = "'$cat_id'";
1552                                 }
1553
1554                                 db_query($link, "BEGIN");
1555
1556                                 foreach ($ids as $id) {
1557
1558                                         db_query($link, "UPDATE ttrss_feeds SET cat_id = $cat_id_qpart
1559                                                 WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
1560                                 }
1561
1562                                 db_query($link, "COMMIT");
1563                         }
1564
1565                 }
1566
1567                 if ($quiet) return;
1568
1569 //              print "<h3>Edit Feeds</h3>";
1570
1571                 $result = db_query($link, "SELECT id,title,feed_url,last_error
1572                         FROM ttrss_feeds WHERE last_error != '' AND owner_uid = ".$_SESSION["uid"]);
1573
1574                 if (db_num_rows($result) > 0) {
1575
1576                         print "<div class=\"warning\">";
1577
1578 //                      print"<img class=\"closeButton\"
1579 //                              onclick=\"javascript:hideParentElement(this);\" src=\"images/close.png\">";
1580
1581                         print "<a href=\"javascript:showBlockElement('feedUpdateErrors')\">
1582                                 <b>Some feeds have update errors (click for details)</b></a>";
1583
1584                         print "<ul id=\"feedUpdateErrors\" class=\"nomarks\">";
1585
1586                         while ($line = db_fetch_assoc($result)) {
1587                                 print "<li>" . $line["title"] . " (" . $line["feed_url"] . "): " .
1588                                         $line["last_error"];
1589                         }
1590
1591                         print "</ul>";
1592                         print "</div>";
1593
1594                 }
1595
1596                 $feed_search = db_escape_string($_GET["search"]);
1597
1598                 if (array_key_exists("search", $_GET)) {
1599                         $_SESSION["prefs_feed_search"] = $feed_search;
1600                 } else {
1601                         $feed_search = $_SESSION["prefs_feed_search"];
1602                 }
1603
1604                 print "<table width='100%' class=\"prefGenericAddBox\"
1605                         cellspacing='0' cellpadding='0'><tr>
1606                         <td>
1607                                 <input id=\"fadd_link\"
1608                                         onkeyup=\"toggleSubmitNotEmpty(this, 'fadd_submit_btn')\"
1609                                         size=\"40\">
1610                                 <input type=\"submit\" class=\"button\"
1611                                         disabled=\"true\" id=\"fadd_submit_btn\"
1612                                         onclick=\"addFeed()\" value=\"Subscribe\">";
1613
1614                 if (ENABLE_FEED_BROWSER && !SINGLE_USER_MODE) {
1615                         print " <input type=\"submit\" class=\"button\"
1616                                 onclick=\"javascript:browseFeeds()\" value=\"Top 25\">";
1617                 }
1618
1619                 print "</td><td align='right'>
1620                                 <input id=\"feed_search\" size=\"20\"
1621                                         onchange=\"javascript:updateFeedList()\" value=\"$feed_search\">
1622                                 <input type=\"submit\" class=\"button\"
1623                                 onclick=\"javascript:updateFeedList()\" value=\"Search\">
1624                         </td>
1625                         </tr></table>";
1626
1627                 $feeds_sort = db_escape_string($_GET["sort"]);
1628
1629                 if (!$feeds_sort || $feeds_sort == "undefined") {
1630                         $feeds_sort = $_SESSION["pref_sort_feeds"];
1631                         if (!$feeds_sort) $feeds_sort = "title";
1632                 }
1633
1634                 $_SESSION["pref_sort_feeds"] = $feeds_sort;
1635
1636                 if ($feed_search) {
1637                         $search_qpart = "(UPPER(F1.title) LIKE UPPER('%$feed_search%') OR
1638                                 UPPER(F1.feed_url) LIKE UPPER('%$feed_search%')) AND";
1639                 } else {
1640                         $search_qpart = "";
1641                 }
1642
1643                 if (get_pref($link, 'ENABLE_FEED_CATS')) {
1644                         $order_by_qpart = "category,$feeds_sort,title";
1645                 } else {
1646                         $order_by_qpart = "$feeds_sort,title";
1647                 }
1648
1649                 $result = db_query($link, "SELECT
1650                                 F1.id,
1651                                 F1.title,
1652                                 F1.feed_url,
1653                                 substring(F1.last_updated,1,16) AS last_updated,
1654                                 F1.parent_feed,
1655                                 F1.update_interval,
1656                                 F1.purge_interval,
1657                                 F1.cat_id,
1658                                 F2.title AS parent_title,
1659                                 C1.title AS category
1660                         FROM
1661                                 ttrss_feeds AS F1
1662                                 LEFT JOIN ttrss_feeds AS F2
1663                                         ON (F1.parent_feed = F2.id)
1664                                 LEFT JOIN ttrss_feed_categories AS C1
1665                                         ON (F1.cat_id = C1.id)
1666                         WHERE
1667                                 $search_qpart F1.owner_uid = '".$_SESSION["uid"]."'
1668                         ORDER by $order_by_qpart");
1669
1670                 if (db_num_rows($result) != 0) {
1671
1672 //                      print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
1673
1674                         print "<p><table width=\"100%\" cellspacing=\"0\"
1675                                 class=\"prefFeedList\" id=\"prefFeedList\">";
1676                         print "<tr><td class=\"selectPrompt\" colspan=\"8\">
1677                                 Select:
1678                                         <a href=\"javascript:selectPrefRows('feed', true)\">All</a>,
1679                                         <a href=\"javascript:selectPrefRows('feed', false)\">None</a>
1680                                 </td</tr>";
1681
1682                         if (!get_pref($link, 'ENABLE_FEED_CATS')) {
1683                                 print "<tr class=\"title\">
1684                                         <td width='5%' align='center'>&nbsp;</td>";
1685
1686                                 if (get_pref($link, 'ENABLE_FEED_ICONS')) {
1687                                         print "<td width='3%'>&nbsp;</td>";
1688                                 }
1689
1690                                 print "
1691                                         <td width='40%'><a href=\"javascript:updateFeedList('title')\">Title</a></td>
1692                                         <td width='45%'><a href=\"javascript:updateFeedList('feed_url')\">Feed</a></td>
1693                                         <td width='15%' align='right'><a href=\"javascript:updateFeedList('last_updated')\">Updated</a></td>";
1694                         }
1695
1696                         $lnum = 0;
1697
1698                         $cur_cat_id = -1;
1699
1700                         while ($line = db_fetch_assoc($result)) {
1701
1702                                 $feed_id = $line["id"];
1703                                 $cat_id = $line["cat_id"];
1704
1705                                 $edit_title = htmlspecialchars(db_unescape_string($line["title"]));
1706                                 $edit_link = htmlspecialchars(db_unescape_string($line["feed_url"]));
1707                                 $edit_cat = htmlspecialchars(db_unescape_string($line["category"]));
1708
1709                                 if (!$edit_cat) $edit_cat = "Uncategorized";
1710
1711                                 $last_updated = $line["last_updated"];
1712
1713                                 if (get_pref($link, 'HEADLINES_SMART_DATE')) {
1714                                         $last_updated = smart_date_time(strtotime($last_updated));
1715                                 } else {
1716                                         $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
1717                                         $last_updated = date($short_date, strtotime($last_updated));
1718                                 }
1719
1720                                 if (get_pref($link, 'ENABLE_FEED_CATS') && $cur_cat_id != $cat_id) {
1721                                         $lnum = 0;
1722
1723                                         print "<tr><td colspan=\"6\" class=\"feedEditCat\">$edit_cat</td></tr>";
1724
1725                                         print "<tr class=\"title\">
1726                                                 <td width='5%'>&nbsp;</td>";
1727
1728                                         if (get_pref($link, 'ENABLE_FEED_ICONS')) {
1729                                                 print "<td width='3%'>&nbsp;</td>";
1730                                         }
1731
1732                                         print "<td width='40%'><a href=\"javascript:updateFeedList('title')\">Title</a></td>
1733                                                 <td width='45%'><a href=\"javascript:updateFeedList('feed_url')\">Feed</a></td>
1734                                                 <td width='15%' align='right'><a href=\"javascript:updateFeedList('last_updated')\">Updated</a></td>";
1735
1736                                         $cur_cat_id = $cat_id;
1737                                 }
1738
1739                                 $class = ($lnum % 2) ? "even" : "odd";
1740                                 $this_row_id = "id=\"FEEDR-$feed_id\"";
1741
1742                                 print "<tr class=\"$class\" $this_row_id>";
1743
1744                                 $icon_file = ICONS_DIR . "/$feed_id.ico";
1745
1746                                 if (file_exists($icon_file) && filesize($icon_file) > 0) {
1747                                                 $feed_icon = "<img class=\"tinyFeedIcon\"       src=\"" . ICONS_URL . "/$feed_id.ico\">";
1748                                 } else {
1749                                         $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
1750                                 }
1751
1752                                 print "<td class='feedSelect'><input onclick='toggleSelectPrefRow(this, \"feed\");'
1753                                 type=\"checkbox\" id=\"FRCHK-".$line["id"]."\"></td>";
1754
1755                                 if (get_pref($link, 'ENABLE_FEED_ICONS')) {
1756                                         print "<td class='feedIcon'>$feed_icon</td>";
1757                                 }
1758
1759                                 $edit_title = truncate_string($edit_title, 40);
1760                                 $edit_link = truncate_string($edit_link, 60);
1761
1762                                 $parent_title = $line["parent_title"];
1763                                 if ($parent_title) {
1764                                         $parent_title = "<span class='groupPrompt'>(linked to
1765                                                 $parent_title)</span>";
1766                                 }
1767
1768                                 print "<td><a href=\"javascript:editFeed($feed_id);\">" .
1769                                         "$edit_title $parent_title" . "</a></td>";
1770
1771                                 print "<td><a href=\"javascript:editFeed($feed_id);\">" .
1772                                         $edit_link . "</a></td>";
1773
1774                                 print "<td align='right'><a href=\"javascript:editFeed($feed_id);\">" .
1775                                         "$last_updated</a></td>";
1776
1777                                 print "</tr>";
1778
1779                                 ++$lnum;
1780                         }
1781
1782                         print "</table>";
1783
1784                         print "<p><span id=\"feedOpToolbar\">";
1785
1786                         if ($subop == "edit") {
1787                                 print "Edit feed:&nbsp;
1788                                         <input type=\"submit\" class=\"button\"
1789                                                 onclick=\"javascript:feedEditCancel()\" value=\"Cancel\">
1790                                         <input type=\"submit\" class=\"button\"
1791                                                 onclick=\"javascript:feedEditSave()\" value=\"Save\">";
1792                         } else {
1793
1794                                 print "
1795                                         Selection:&nbsp;
1796                                 <input type=\"submit\" class=\"button\" disabled=\"true\"
1797                                         onclick=\"javascript:editSelectedFeed()\" value=\"Edit\">
1798                                 <input type=\"submit\" class=\"button\" disabled=\"true\"
1799                                         onclick=\"javascript:removeSelectedFeeds()\" value=\"Unsubscribe\">";
1800
1801                                 if (get_pref($link, 'ENABLE_FEED_CATS')) {
1802
1803                                         print "&nbsp;|&nbsp;";
1804
1805                                         print_feed_cat_select($link, "sfeed_set_fcat", "", "disabled");
1806
1807                                         print " <input type=\"submit\" class=\"button\" disabled=\"true\"
1808                                         onclick=\"javascript:categorizeSelectedFeeds()\" value=\"Recategorize\">";
1809
1810                                 }
1811
1812                                 print "</span>
1813                                         &nbsp;All feeds: <input type=\"submit\"
1814                                                         class=\"button\" onclick=\"gotoExportOpml()\"
1815                                                         value=\"Export OPML\">";
1816                                 }
1817                 } else {
1818
1819                         print "<p>No feeds defined.</p>";
1820
1821                 }
1822
1823                 if (get_pref($link, 'ENABLE_FEED_CATS')) {
1824
1825                         print "<h3>Edit Categories</h3>";
1826
1827                         print "<div class=\"prefGenericAddBox\">
1828                                 <input id=\"fadd_cat\"
1829                                         onkeyup=\"toggleSubmitNotEmpty(this, 'catadd_submit_btn')\"
1830                                         size=\"40\">&nbsp;
1831                                 <input
1832                                         type=\"submit\" class=\"button\" disabled=\"true\" id=\"catadd_submit_btn\"
1833                                         onclick=\"javascript:addFeedCat()\" value=\"Create category\"></div>";
1834
1835                         $result = db_query($link, "SELECT title,id FROM ttrss_feed_categories
1836                                 WHERE owner_uid = ".$_SESSION["uid"]."
1837                                 ORDER BY title");
1838
1839                         if (db_num_rows($result) != 0) {
1840
1841                                 print "<form id=\"feed_cat_edit_form\">";
1842
1843                                 print "<p><table width=\"100%\" class=\"prefFeedCatList\"
1844                                         cellspacing=\"0\" id=\"prefFeedCatList\">";
1845
1846                                 print "<tr><td class=\"selectPrompt\" colspan=\"8\">
1847                                 Select:
1848                                         <a href=\"javascript:selectPrefRows('fcat', true)\">All</a>,
1849                                         <a href=\"javascript:selectPrefRows('fcat', false)\">None</a>
1850                                 </td</tr>";
1851
1852                                 print "<tr class=\"title\">
1853                                                         <td width=\"5%\">&nbsp;</td><td width=\"80%\">Title</td>
1854                                                 </tr>";
1855
1856                                 $lnum = 0;
1857
1858                                 while ($line = db_fetch_assoc($result)) {
1859
1860                                         $class = ($lnum % 2) ? "even" : "odd";
1861
1862                                         $cat_id = $line["id"];
1863
1864                                         $edit_cat_id = $_GET["id"];
1865
1866                                         if ($subop == "editCat" && $cat_id != $edit_cat_id) {
1867                                                         $class .= "Grayed";
1868                                                         $this_row_id = "";
1869                                         } else {
1870                                                 $this_row_id = "id=\"FCATR-$cat_id\"";
1871                                         }
1872
1873                                         print "<tr class=\"$class\" $this_row_id>";
1874
1875                                         $edit_title = htmlspecialchars(db_unescape_string($line["title"]));
1876
1877                                         if (!$edit_cat_id || $subop != "editCat") {
1878
1879                                                 print "<td align='center'><input onclick='toggleSelectPrefRow(this, \"fcat\");'
1880                                                         type=\"checkbox\" id=\"FCCHK-".$line["id"]."\"></td>";
1881
1882                                                 print "<td><a href=\"javascript:editFeedCat($cat_id);\">" .
1883                                                         $edit_title . "</a></td>";
1884
1885                                         } else if ($cat_id != $edit_cat_id) {
1886
1887                                                 print "<td align='center'><input disabled=\"true\" type=\"checkbox\"
1888                                                         id=\"FRCHK-".$line["id"]."\"></td>";
1889
1890                                                 print "<td>$edit_title</td>";
1891
1892                                         } else {
1893
1894                                                 print "<td align='center'><input disabled=\"true\" type=\"checkbox\" checked>";
1895
1896                                                 print "<input type=\"hidden\" name=\"id\" value=\"$cat_id\">";
1897                                                 print "<input type=\"hidden\" name=\"op\" value=\"pref-feeds\">";
1898                                                 print "<input type=\"hidden\" name=\"subop\" value=\"saveCat\">";
1899
1900                                                 print "</td>";
1901
1902                                                 print "<td><input onkeypress=\"return filterCR(event)\"
1903                                                         name=\"title\" class=\"iedit\" value=\"$edit_title\"></td>";
1904
1905                                         }
1906
1907                                         print "</tr>";
1908
1909                                         ++$lnum;
1910                                 }
1911
1912                                 print "</table>";
1913
1914                                 print "</form>";
1915
1916                                 print "<p id=\"catOpToolbar\">";
1917
1918                                 if ($subop == "editCat") {
1919                                         print "Edit category:&nbsp;
1920                                                 <input type=\"submit\" class=\"button\"
1921                                                         onclick=\"return feedCatEditSave()\" value=\"Save\">
1922                                                 <input type=\"submit\" class=\"button\"
1923                                                         onclick=\"return feedCatEditCancel()\" value=\"Cancel\">";
1924                                         } else {
1925
1926                                         print "
1927                                                 Selection:&nbsp;
1928                                         <input type=\"submit\" class=\"button\" disabled=\"true\"
1929                                                 onclick=\"return editSelectedFeedCat()\" value=\"Edit\">
1930                                         <input type=\"submit\" class=\"button\" disabled=\"true\"
1931                                                 onclick=\"return removeSelectedFeedCats()\" value=\"Remove\">";
1932
1933                                 }
1934
1935                         } else {
1936                                 print "<p>No feed categories defined.</p>";
1937                         }
1938                 }
1939
1940                 print "<h3>Import OPML</h3>
1941                 <form   enctype=\"multipart/form-data\" method=\"POST\" action=\"opml.php\">
1942                         File: <input id=\"opml_file\" name=\"opml_file\" type=\"file\">&nbsp;
1943                         <input class=\"button\" name=\"op\" onclick=\"return validateOpmlImport();\"
1944                                 type=\"submit\" value=\"Import\">
1945                         </form>";
1946
1947         }
1948
1949         if ($op == "pref-filters") {
1950
1951                 $subop = $_GET["subop"];
1952                 $quiet = $_GET["quiet"];
1953
1954                 if ($subop == "edit") {
1955
1956                         $filter_id = db_escape_string($_GET["id"]);
1957
1958                         $result = db_query($link,
1959                                 "SELECT * FROM ttrss_filters WHERE id = '$filter_id' AND owner_uid = " . $_SESSION["uid"]);
1960
1961                         $reg_exp = htmlspecialchars(db_unescape_string(db_fetch_result($result, 0, "reg_exp")));
1962                         $filter_type = db_fetch_result($result, 0, "filter_type");
1963                         $feed_id = db_fetch_result($result, 0, "feed_id");
1964                         $action_id = db_fetch_result($result, 0, "action_id");
1965
1966                         print "<div id=\"infoBoxTitle\">Filter editor</div>";
1967                         print "<div class=\"infoBoxContents\">";
1968
1969                         print "<form id=\"filter_edit_form\">";
1970
1971                         print "<input type=\"hidden\" name=\"op\" value=\"pref-filters\">";
1972                         print "<input type=\"hidden\" name=\"id\" value=\"$filter_id\">";
1973                         print "<input type=\"hidden\" name=\"subop\" value=\"editSave\">";
1974
1975 //                      print "<div class=\"notice\"><b>Note:</b> filter will only apply to new articles.</div>";
1976
1977                         $result = db_query($link, "SELECT id,description
1978                                 FROM ttrss_filter_types ORDER BY description");
1979
1980                         $filter_types = array();
1981
1982                         while ($line = db_fetch_assoc($result)) {
1983                                 //array_push($filter_types, $line["description"]);
1984                                 $filter_types[$line["id"]] = $line["description"];
1985                         }
1986
1987                         print "<table width='100%'>";
1988
1989                         print "<tr><td>Match:</td>
1990                                 <td><input onkeypress=\"return filterCR(event)\"
1991                                          onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
1992                                         name=\"reg_exp\" class=\"iedit\" value=\"$reg_exp\">";
1993
1994                         print "</td><td>";
1995
1996                         print_select_hash("filter_type", $filter_type, $filter_types, "class=\"iedit\"");
1997
1998                         print "</td></tr>";
1999                         print "<tr><td>Feed:</td><td colspan='2'>";
2000
2001                         print_feed_select($link, "feed_id", $feed_id);
2002
2003                         print "</td></tr>";
2004
2005                         print "<tr><td>Action:</td>";
2006
2007                         print "<td colspan='2'><select name=\"action_id\">";
2008
2009                         $result = db_query($link, "SELECT id,description FROM ttrss_filter_actions
2010                                 ORDER BY name");
2011
2012                         while ($line = db_fetch_assoc($result)) {
2013                                 $is_sel = ($line["id"] == $action_id) ? "selected" : "";
2014                                 printf("<option value='%d' $is_sel>%s</option>", $line["id"], $line["description"]);
2015                         }
2016
2017                         print "</select>";
2018
2019                         print "</td></tr></table>";
2020
2021                         print "</form>";
2022
2023                         print "<div align='right'>";
2024
2025                         print "<input type=\"submit\"
2026                                 id=\"infobox_submit\"
2027                                 class=\"button\" onclick=\"return filterEditSave()\"
2028                                 value=\"Save\"> ";
2029
2030                         print "<input class=\"button\"
2031                                 type=\"submit\" onclick=\"return filterEditCancel()\"
2032                                 value=\"Cancel\">";
2033
2034                         print "</div>";
2035
2036                         return;
2037                 }
2038
2039
2040                 if ($subop == "editSave") {
2041
2042                         $reg_exp = db_escape_string(trim($_GET["reg_exp"]));
2043                         $filter_type = db_escape_string(trim($_GET["filter_type"]));
2044                         $filter_id = db_escape_string($_GET["id"]);
2045                         $feed_id = db_escape_string($_GET["feed_id"]);
2046                         $action_id = db_escape_string($_GET["action_id"]);
2047
2048                         if (!$feed_id) {
2049                                 $feed_id = 'NULL';
2050                         } else {
2051                                 $feed_id = sprintf("'%s'", db_escape_string($feed_id));
2052                         }
2053
2054                         $result = db_query($link, "UPDATE ttrss_filters SET
2055                                         reg_exp = '$reg_exp',
2056                                         feed_id = $feed_id,
2057                                         action_id = '$action_id',
2058                                         filter_type = '$filter_type'
2059                                 WHERE id = '$filter_id' AND owner_uid = " . $_SESSION["uid"]);
2060                 }
2061
2062                 if ($subop == "remove") {
2063
2064                         if (!WEB_DEMO_MODE) {
2065
2066                                 $ids = split(",", db_escape_string($_GET["ids"]));
2067
2068                                 foreach ($ids as $id) {
2069                                         db_query($link, "DELETE FROM ttrss_filters WHERE id = '$id' AND owner_uid = ". $_SESSION["uid"]);
2070
2071                                 }
2072                         }
2073                 }
2074
2075                 if ($subop == "add") {
2076
2077                         if (!WEB_DEMO_MODE) {
2078
2079                                 $regexp = db_escape_string(trim($_GET["reg_exp"]));
2080                                 $filter_type = db_escape_string(trim($_GET["filter_type"]));
2081                                 $feed_id = db_escape_string($_GET["feed_id"]);
2082                                 $action_id = db_escape_string($_GET["action_id"]);
2083
2084                                 if (!$feed_id) {
2085                                         $feed_id = 'NULL';
2086                                 } else {
2087                                         $feed_id = sprintf("'%s'", db_escape_string($feed_id));
2088                                 }
2089
2090                                 $result = db_query($link,
2091                                         "INSERT INTO ttrss_filters (reg_exp,filter_type,owner_uid,feed_id,
2092                                                 action_id)
2093                                         VALUES
2094                                                 ('$regexp', '$filter_type','".$_SESSION["uid"]."',
2095                                                         $feed_id, '$action_id')");
2096                         }
2097                 }
2098
2099                 if ($quiet) return;
2100
2101 //              print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
2102
2103                 $result = db_query($link, "SELECT id,description
2104                         FROM ttrss_filter_types ORDER BY description");
2105
2106                 $filter_types = array();
2107
2108                 while ($line = db_fetch_assoc($result)) {
2109                         //array_push($filter_types, $line["description"]);
2110                         $filter_types[$line["id"]] = $line["description"];
2111                 }
2112
2113                 print "<input type=\"submit\"
2114                         class=\"button\"
2115                         onclick=\"return displayDlg('quickAddFilter', false)\"
2116                         id=\"create_filter_btn\"
2117                         value=\"Create filter\">";
2118
2119                 $result = db_query($link, "SELECT
2120                                 ttrss_filters.id AS id,reg_exp,
2121                                 ttrss_filter_types.name AS filter_type_name,
2122                                 ttrss_filter_types.description AS filter_type_descr,
2123                                 feed_id,
2124                                 ttrss_filter_actions.description AS action_description,
2125                                 ttrss_feeds.title AS feed_title
2126                         FROM
2127                                 ttrss_filter_types,ttrss_filter_actions,ttrss_filters LEFT JOIN
2128                                         ttrss_feeds ON (ttrss_filters.feed_id = ttrss_feeds.id)
2129                         WHERE
2130                                 filter_type = ttrss_filter_types.id AND
2131                                 ttrss_filter_actions.id = action_id AND
2132                                 ttrss_filters.owner_uid = ".$_SESSION["uid"]."
2133                         ORDER by reg_exp");
2134
2135                 if (db_num_rows($result) != 0) {
2136
2137                         print "<form id=\"filter_edit_form\">";
2138
2139                         print "<p><table width=\"100%\" cellspacing=\"0\" class=\"prefFilterList\"
2140                                 id=\"prefFilterList\">";
2141
2142                         print "<tr><td class=\"selectPrompt\" colspan=\"8\">
2143                                 Select:
2144                                         <a href=\"javascript:selectPrefRows('filter', true)\">All</a>,
2145                                         <a href=\"javascript:selectPrefRows('filter', false)\">None</a>
2146                                 </td</tr>";
2147
2148                         print "<tr class=\"title\">
2149                                                 <td align='center' width=\"5%\">&nbsp;</td>
2150                                                 <td width=\"20%\">Filter expression</td>
2151                                                 <td width=\"20%\">Feed</td>
2152                                                 <td width=\"15%\">Match</td>
2153                                                 <td width=\"15%\">Action</td>";
2154
2155                         $lnum = 0;
2156
2157                         while ($line = db_fetch_assoc($result)) {
2158
2159                                 $class = ($lnum % 2) ? "even" : "odd";
2160
2161                                 $filter_id = $line["id"];
2162                                 $edit_filter_id = $_GET["id"];
2163
2164                                 if ($subop == "edit" && $filter_id != $edit_filter_id) {
2165                                         $class .= "Grayed";
2166                                         $this_row_id = "";
2167                                 } else {
2168                                         $this_row_id = "id=\"FILRR-$filter_id\"";
2169                                 }
2170
2171                                 print "<tr class=\"$class\" $this_row_id>";
2172
2173                                 $line["reg_exp"] = htmlspecialchars(db_unescape_string($line["reg_exp"]));
2174
2175                                 if (!$line["feed_title"]) $line["feed_title"] = "All feeds";
2176
2177                                 $line["feed_title"] = htmlspecialchars(db_unescape_string($line["feed_title"]));
2178
2179                                 print "<td align='center'><input onclick='toggleSelectPrefRow(this, \"filter\");'
2180                                         type=\"checkbox\" id=\"FICHK-".$line["id"]."\"></td>";
2181
2182                                 print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2183                                         $line["reg_exp"] . "</td>";
2184
2185                                 print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2186                                         $line["feed_title"] . "</td>";
2187
2188                                 print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2189                                         $line["filter_type_descr"] . "</td>";
2190
2191                                 print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2192                                         $line["action_description"] . "</td>";
2193
2194                                 print "</tr>";
2195
2196                                 ++$lnum;
2197                         }
2198
2199                         if ($lnum == 0) {
2200                                 print "<tr><td colspan=\"4\" align=\"center\">No filters defined.</td></tr>";
2201                         }
2202
2203                         print "</table>";
2204
2205                         print "</form>";
2206
2207                         print "<p id=\"filterOpToolbar\">";
2208
2209                         print "
2210                                         Selection:
2211                                 <input type=\"submit\" class=\"button\" disabled=\"true\"
2212                                         onclick=\"return editSelectedFilter()\" value=\"Edit\">
2213                                 <input type=\"submit\" class=\"button\" disabled=\"true\"
2214                                         onclick=\"return removeSelectedFilters()\" value=\"Remove\">";
2215
2216                         print "</p>";
2217
2218                 } else {
2219
2220                         print "<p>No filters defined.</p>";
2221
2222                 }
2223         }
2224
2225         // We need to accept raw SQL data in label queries, so not everything is escaped
2226         // here, this is by design. If you don't like the whole idea, disable labels
2227         // altogether with GLOBAL_ENABLE_LABELS = false
2228
2229         if ($op == "pref-labels") {
2230
2231                 if (!GLOBAL_ENABLE_LABELS) {
2232                         return;
2233                 }
2234
2235                 $subop = $_GET["subop"];
2236
2237                 if ($subop == "test") {
2238
2239                         $expr = db_unescape_string(trim($_GET["expr"]));
2240                         $descr = db_unescape_string(trim($_GET["descr"]));
2241
2242                         print "<div id=\"infoBoxTitle\">Test label: $descr</div>";
2243
2244                         print "<div class='infoBoxContents'>";
2245
2246 #                       print "<h1>Label &laquo;$descr&raquo;</h1>";
2247
2248 //                      print "<p><b>Expression</b>: $expr</p>";
2249
2250                         $result = db_query($link,
2251                                 "SELECT count(ttrss_entries.id) AS num_matches
2252                                         FROM ttrss_entries,ttrss_user_entries,ttrss_feeds
2253                                         WHERE ($expr) AND
2254                                                 ttrss_user_entries.ref_id = ttrss_entries.id AND
2255                                                 ttrss_user_entries.feed_id = ttrss_feeds.id AND
2256                                                 ttrss_user_entries.owner_uid = " . $_SESSION["uid"]);
2257
2258                         $num_matches = db_fetch_result($result, 0, "num_matches");;
2259
2260                         if ($num_matches > 0) {
2261
2262                                 print "<p>Query returned <b>$num_matches</b> matches, showing first 15:</p>";
2263
2264                                 $result = db_query($link,
2265                                         "SELECT ttrss_entries.title,
2266                                                 (SELECT title FROM ttrss_feeds WHERE id = feed_id) AS feed_title
2267                                         FROM ttrss_entries,ttrss_user_entries,ttrss_feeds
2268                                                         WHERE ($expr) AND
2269                                                         ttrss_user_entries.ref_id = ttrss_entries.id
2270                                                         AND ttrss_user_entries.feed_id = ttrss_feeds.id
2271                                                         AND ttrss_user_entries.owner_uid = " . $_SESSION["uid"] . "
2272                                                         ORDER BY date_entered DESC LIMIT 15");
2273
2274                                 print "<ul class=\"filterTestResults\">";
2275
2276                                 $row_class = "even";
2277
2278                                 while ($line = db_fetch_assoc($result)) {
2279                                         $row_class = toggleEvenOdd($row_class);
2280
2281                                         print "<li class=\"$row_class\">".$line["title"].
2282                                                 " <span class=\"insensitive\">(".$line["feed_title"].")</span></li>";
2283                                 }
2284                                 print "</ul>";
2285
2286                         } else {
2287                                 print "<p>Query didn't return any matches.</p>";
2288                         }
2289
2290                         print "</div>";
2291
2292                         print "<div align='center'>
2293                                 <input type='submit' class='button'
2294                                 onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
2295                         return;
2296                 }
2297
2298                 if ($subop == "editSave") {
2299
2300                         $sql_exp = trim($_GET["sql_exp"]);
2301                         $descr = db_escape_string(trim($_GET["description"]));
2302                         $label_id = db_escape_string($_GET["id"]);
2303
2304                         $result = db_query($link, "UPDATE ttrss_labels SET
2305                                 sql_exp = '$sql_exp',
2306                                 description = '$descr'
2307                                 WHERE id = '$label_id'");
2308                 }
2309
2310                 if ($subop == "remove") {
2311
2312                         if (!WEB_DEMO_MODE) {
2313
2314                                 $ids = split(",", db_escape_string($_GET["ids"]));
2315
2316                                 foreach ($ids as $id) {
2317                                         db_query($link, "DELETE FROM ttrss_labels WHERE id = '$id'");
2318
2319                                 }
2320                         }
2321                 }
2322
2323                 if ($subop == "add") {
2324
2325                         if (!WEB_DEMO_MODE) {
2326
2327                                 // no escaping is done here on purpose
2328                                 $exp = trim($_GET["exp"]);
2329
2330                                 $result = db_query($link,
2331                                         "INSERT INTO ttrss_labels (sql_exp,description,owner_uid)
2332                                                 VALUES ('$exp', '$exp', '".$_SESSION["uid"]."')");
2333                         }
2334                 }
2335
2336                 print "<div class=\"prefGenericAddBox\">
2337                         <input size=\"40\"
2338                                 onkeyup=\"toggleSubmitNotEmpty(this, 'label_create_btn')\"
2339                                 id=\"ladd_expr\">&nbsp;";
2340
2341                 print"<input type=\"submit\" class=\"button\"
2342                         disabled=\"true\" id=\"label_create_btn\"
2343                         onclick=\"javascript:addLabel()\" value=\"Create label\"></div>";
2344
2345                 $result = db_query($link, "SELECT
2346                                 id,sql_exp,description
2347                         FROM
2348                                 ttrss_labels
2349                         WHERE
2350                                 owner_uid = ".$_SESSION["uid"]."
2351                         ORDER by description");
2352
2353 //              print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
2354
2355                 if (db_num_rows($result) != 0) {
2356
2357                         print "<form id=\"label_edit_form\">";
2358
2359                         print "<p><table width=\"100%\" cellspacing=\"0\"
2360                                 class=\"prefLabelList\" id=\"prefLabelList\">";
2361
2362                         print "<tr><td class=\"selectPrompt\" colspan=\"8\">
2363                                 Select:
2364                                         <a href=\"javascript:selectPrefRows('label', true)\">All</a>,
2365                                         <a href=\"javascript:selectPrefRows('label', false)\">None</a>
2366                                 </td</tr>";
2367
2368                         print "<tr class=\"title\">
2369                                                 <td width=\"5%\">&nbsp;</td>
2370                                                 <td width=\"40%\">SQL expression
2371                                                 <a class=\"helpLink\" href=\"javascript:displayHelpInfobox(1)\">(?)</a>
2372                                                 </td>
2373                                                 <td width=\"40%\">Caption</td></tr>";
2374
2375                         $lnum = 0;
2376
2377                         while ($line = db_fetch_assoc($result)) {
2378
2379                                 $class = ($lnum % 2) ? "even" : "odd";
2380
2381                                 $label_id = $line["id"];
2382                                 $edit_label_id = $_GET["id"];
2383
2384                                 if ($subop == "edit" && $label_id != $edit_label_id) {
2385                                         $class .= "Grayed";
2386                                         $this_row_id = "";
2387                                 } else {
2388                                         $this_row_id = "id=\"LILRR-$label_id\"";
2389                                 }
2390
2391                                 print "<tr class=\"$class\" $this_row_id>";
2392
2393                                 $line["sql_exp"] = htmlspecialchars($line["sql_exp"]);
2394                                 $line["description"] = htmlspecialchars($line["description"]);
2395
2396                                 if (!$edit_label_id || $subop != "edit") {
2397
2398                                         if (!$line["description"]) $line["description"] = "[No caption]";
2399
2400                                         print "<td align='center'><input onclick='toggleSelectPrefRow(this, \"label\");'
2401                                         type=\"checkbox\" id=\"LICHK-".$line["id"]."\"></td>";
2402
2403                                         print "<td><a href=\"javascript:editLabel($label_id);\">" .
2404                                                 $line["sql_exp"] . "</td>";
2405
2406                                         print "<td><a href=\"javascript:editLabel($label_id);\">" .
2407                                                 $line["description"] . "</td>";
2408
2409                                 } else if ($label_id != $edit_label_id) {
2410
2411                                         if (!$line["description"]) $line["description"] = "[No description]";
2412
2413                                         print "<td align='center'><input disabled=\"true\" type=\"checkbox\"
2414                                                 id=\"LICHK-".$line["id"]."\"></td>";
2415
2416                                         print "<td>".$line["sql_exp"]."</td>";
2417                                         print "<td>".$line["description"]."</td>";
2418
2419                                 } else {
2420
2421                                         print "<td align='center'><input disabled=\"true\" type=\"checkbox\" checked>";
2422
2423                                         print "<input type=\"hidden\" name=\"id\" value=\"$label_id\">";
2424                                         print "<input type=\"hidden\" name=\"op\" value=\"pref-labels\">";
2425                                         print "<input type=\"hidden\" name=\"subop\" value=\"editSave\">";
2426
2427                                         print "</td>";
2428
2429                                         print "<td><input onkeypress=\"return filterCR(event)\"
2430                                                 class=\"iedit\" name=\"sql_exp\" value=\"".$line["sql_exp"]."\"></td>";
2431
2432                                         print "<td><input onkeypress=\"return filterCR(event)\"
2433                                                 class=\"iedit\" name=\"description\" value=\"".$line["description"]."\"></td>";
2434                                 }
2435
2436
2437                                 print "</tr>";
2438
2439                                 ++$lnum;
2440                         }
2441
2442                         if ($lnum == 0) {
2443                                 print "<tr><td colspan=\"4\" align=\"center\">No labels defined.</td></tr>";
2444                         }
2445
2446                         print "</table>";
2447
2448                         print "</form>";
2449
2450                         print "<p id=\"labelOpToolbar\">";
2451
2452                         if ($subop == "edit") {
2453                                 print "Edit label:
2454                                         <input type=\"submit\" class=\"button\"
2455                                                 onclick=\"javascript:labelTest()\" value=\"Test\">
2456                                         <input type=\"submit\" class=\"button\"
2457                                                 onclick=\"javascript:labelEditSave()\" value=\"Save\">
2458                                         <input type=\"submit\" class=\"button\"
2459                                                 onclick=\"javascript:labelEditCancel()\" value=\"Cancel\">";
2460
2461                         } else {
2462                                 print "
2463                                         Selection:
2464                                 <input type=\"submit\" class=\"button\" disabled=\"true\"
2465                                         onclick=\"javascript:editSelectedLabel()\" value=\"Edit\">
2466                                 <input type=\"submit\" class=\"button\" disabled=\"true\"
2467                                         onclick=\"javascript:removeSelectedLabels()\" value=\"Remove\">";
2468                         }
2469                 } else {
2470                         print "<p>No labels defined.</p>";
2471                 }
2472         }
2473
2474         if ($op == "error") {
2475                 print "<div width=\"100%\" align='center'>";
2476                 $msg = $_GET["msg"];
2477                 print $msg;
2478                 print "</div>";
2479         }
2480
2481         if ($op == "help") {
2482                 if (!$_GET["noheaders"]) {
2483                         print "<html><head>
2484                                 <title>Tiny Tiny RSS : Help</title>
2485                                 <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">
2486                                 <script type=\"text/javascript\" src=\"prototype.js\"></script>
2487                                 <script type=\"text/javascript\" src=\"functions.js?$script_dt_add\"></script>
2488                                 <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
2489                                 </head><body>";
2490                 }
2491
2492                 $tid = sprintf("%d", $_GET["tid"]);
2493
2494                 print "<div id=\"infoBoxTitle\">Help</div>";
2495
2496                 print "<div class='infoBoxContents'>";
2497
2498                 if (file_exists("help/$tid.php")) {
2499                         include("help/$tid.php");
2500                 } else {
2501                         print "<p>Help topic not found.</p>";
2502                 }
2503
2504                 print "</div>";
2505
2506                 print "<div align='center'>
2507                         <input type='submit' class='button'
2508                         onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
2509
2510                 if (!$_GET["noheaders"]) {
2511                         print "</body></html>";
2512                 }
2513
2514         }
2515
2516         if ($op == "dlg") {
2517                 $id = $_GET["id"];
2518                 $param = $_GET["param"];
2519
2520                 if ($id == "quickAddFeed") {
2521
2522                         print "<div id=\"infoBoxTitle\">Subscribe to feed</div>";
2523                         print "<div class=\"infoBoxContents\">";
2524
2525                         print "<form id='feed_add_form'>";
2526
2527                         print "<input type=\"hidden\" name=\"op\" value=\"pref-feeds\">";
2528                         print "<input type=\"hidden\" name=\"quiet\" value=\"1\">";
2529                         print "<input type=\"hidden\" name=\"subop\" value=\"add\">";
2530
2531                         print "<table width='100%'>
2532                         <tr><td>Feed URL:</td><td>
2533                                 <input class=\"iedit\" onblur=\"javascript:enableHotkeys()\"
2534                                         onkeypress=\"return filterCR(event)\"
2535                                         onkeyup=\"toggleSubmitNotEmpty(this, 'fadd_submit_btn')\"
2536                                         onfocus=\"javascript:disableHotkeys()\" name=\"feed_url\"></td></tr>";
2537
2538                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
2539                                 print "<tr><td>Category:</td><td>";
2540                                 print_feed_cat_select($link, "cat_id");
2541                                 print "</td></tr>";
2542                         }
2543
2544                         print "</table>";
2545                         print "</form>";
2546
2547                         print "<div align='right'>
2548                                 <input class=\"button\"
2549                                         id=\"fadd_submit_btn\" disabled=\"true\"
2550                                         type=\"submit\" onclick=\"javascript:qafAdd()\" value=\"Subscribe\">
2551                                 <input class=\"button\"
2552                                         type=\"submit\" onclick=\"javascript:closeInfoBox()\"
2553                                         value=\"Cancel\"></div>";
2554
2555                 }
2556
2557                 if ($id == "search") {
2558
2559                         print "<div id=\"infoBoxTitle\">Search</div>";
2560                         print "<div class=\"infoBoxContents\">";
2561
2562                         print "<form id='search_form'>";
2563
2564                         #$active_feed_id = db_escape_string($_GET["param"]);
2565
2566                         $params = split(":", db_escape_string($_GET["param"]));
2567
2568                         $active_feed_id = sprintf("%d", $params[0]);
2569                         $is_cat = $params[1] == "true";
2570
2571                         print "<table width='100%'><tr><td>Search:</td><td>";
2572
2573                         print "<input name=\"query\" class=\"iedit\"
2574                                 onkeypress=\"return filterCR(event)\"
2575                                 onkeyup=\"toggleSubmitNotEmpty(this, 'search_submit_btn')\"
2576                                 value=\"\">
2577                         </td></tr>";
2578
2579                         print "<tr><td>Where:</td><td>";
2580
2581                         print "<select name=\"search_mode\">
2582                                 <option value=\"all_feeds\">All feeds</option>";
2583
2584                         $feed_title = getFeedTitle($link, $active_feed_id);
2585
2586                         if (!$is_cat) {
2587                                 $feed_cat_title = getFeedCatTitle($link, $active_feed_id);
2588                         } else {
2589                                 $feed_cat_title = getCategoryTitle($link, $active_feed_id);
2590                         }
2591
2592                         if ($active_feed_id && !$is_cat) {
2593                                 print "<option selected value=\"this_feed\">This feed ($feed_title)</option>";
2594                         } else {
2595                                 print "<option disabled>This feed</option>";
2596                         }
2597
2598                         if ($is_cat) {
2599                                 $cat_preselected = "selected";
2600                         }
2601
2602                         if (get_pref($link, 'ENABLE_FEED_CATS') && ($active_feed_id > 0 || $is_cat)) {
2603                                 print "<option $cat_preselected value=\"this_cat\">This category ($feed_cat_title)</option>";
2604                         } else {
2605                                 print "<option disabled>This category</option>";
2606                         }
2607
2608                         print "</select></td></tr>";
2609
2610                         print "<tr><td>Match on:</td><td>";
2611
2612                         $search_fields = array(
2613                                 "title" => "Title",
2614                                 "content" => "Content",
2615                                 "both" => "Title or content");
2616
2617                         print_select_hash("match_on", 3, $search_fields);
2618
2619                         print "</td></tr></table>";
2620
2621                         print "</form>";
2622
2623                         print "<div align=\"right\">
2624                         <input type=\"submit\"
2625                                 class=\"button\" onclick=\"javascript:search()\"
2626                                 id=\"search_submit_btn\" disabled=\"true\"
2627                                 value=\"Search\">
2628                         <input class=\"button\"
2629                                 type=\"submit\" onclick=\"javascript:searchCancel()\"
2630                                 value=\"Cancel\"></div>";
2631
2632                         print "</div>";
2633
2634                 }
2635
2636                 if ($id == "quickAddFilter") {
2637
2638                         $active_feed_id = db_escape_string($_GET["param"]);
2639
2640                         print "<div id=\"infoBoxTitle\">Create filter</div>";
2641                         print "<div class=\"infoBoxContents\">";
2642
2643                         print "<form id=\"filter_add_form\">";
2644
2645                         print "<input type=\"hidden\" name=\"op\" value=\"pref-filters\">";
2646                         print "<input type=\"hidden\" name=\"quiet\" value=\"1\">";
2647                         print "<input type=\"hidden\" name=\"subop\" value=\"add\">";
2648
2649 //                      print "<div class=\"notice\"><b>Note:</b> filter will only apply to new articles.</div>";
2650
2651                         $result = db_query($link, "SELECT id,description
2652                                 FROM ttrss_filter_types ORDER BY description");
2653
2654                         $filter_types = array();
2655
2656                         while ($line = db_fetch_assoc($result)) {
2657                                 //array_push($filter_types, $line["description"]);
2658                                 $filter_types[$line["id"]] = $line["description"];
2659                         }
2660
2661                         print "<table width='100%'>";
2662
2663                         print "<tr><td>Match:</td>
2664                                 <td><input onkeypress=\"return filterCR(event)\"
2665                                          onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
2666                                         name=\"reg_exp\" class=\"iedit\">";
2667                         print "</td><td>";
2668
2669                         print_select_hash("filter_type", 1, $filter_types, "class=\"iedit\"");
2670
2671                         print "</td></tr>";
2672                         print "<tr><td>Feed:</td><td colspan='2'>";
2673
2674                         print_feed_select($link, "feed_id", $active_feed_id);
2675
2676                         print "</td></tr>";
2677
2678                         print "<tr><td>Action:</td>";
2679
2680                         print "<td colspan='2'><select name=\"action_id\">";
2681
2682                         $result = db_query($link, "SELECT id,description FROM ttrss_filter_actions
2683                                 ORDER BY name");
2684
2685                         while ($line = db_fetch_assoc($result)) {
2686                                 printf("<option value='%d'>%s</option>", $line["id"], $line["description"]);
2687                         }
2688
2689                         print "</select>";
2690
2691                         print "</td></tr></table>";
2692
2693                         print "</form>";
2694
2695                         print "<div align='right'>";
2696
2697                         print "<input type=\"submit\"
2698                                 id=\"infobox_submit\"
2699                                 class=\"button\" onclick=\"return qaddFilter()\"
2700                                 disabled=\"true\" value=\"Create\"> ";
2701
2702                         print "<input class=\"button\"
2703                                 type=\"submit\" onclick=\"return closeInfoBox()\"
2704                                 value=\"Cancel\">";
2705
2706                         print "</div>";
2707
2708 //                      print "</td></tr></table>";
2709
2710                 }
2711
2712                 print "</div>";
2713
2714         }
2715
2716         // update feeds of all users, may be used anonymously
2717         if ($op == "globalUpdateFeeds") {
2718
2719                 $result = db_query($link, "SELECT id FROM ttrss_users");
2720
2721                 while ($line = db_fetch_assoc($result)) {
2722                         $user_id = $line["id"];
2723 //                      print "<!-- updating feeds of uid $user_id -->";
2724                         update_all_feeds($link, false, $user_id);
2725                 }
2726
2727                 print "<rpc-reply>
2728                         <message msg=\"All feeds updated\"/>
2729                 </rpc-reply>";
2730
2731         }
2732
2733         if ($op == "pref-prefs") {
2734
2735                 $subop = $_REQUEST["subop"];
2736
2737                 if ($subop == "Save configuration") {
2738
2739                         if (WEB_DEMO_MODE) {
2740                                 header("Location: prefs.php");
2741                                 return;
2742                         }
2743
2744                         $_SESSION["prefs_op_result"] = "save-config";
2745
2746                         $_SESSION["prefs_cache"] = false;
2747
2748                         foreach (array_keys($_POST) as $pref_name) {
2749
2750                                 $pref_name = db_escape_string($pref_name);
2751                                 $value = db_escape_string($_POST[$pref_name]);
2752
2753                                 $result = db_query($link, "SELECT type_name
2754                                         FROM ttrss_prefs,ttrss_prefs_types
2755                                         WHERE pref_name = '$pref_name' AND type_id = ttrss_prefs_types.id");
2756
2757                                 if (db_num_rows($result) > 0) {
2758
2759                                         $type_name = db_fetch_result($result, 0, "type_name");
2760
2761 //                                      print "$pref_name : $type_name : $value<br>";
2762
2763                                         if ($type_name == "bool") {
2764                                                 if ($value == "1") {
2765                                                         $value = "true";
2766                                                 } else {
2767                                                         $value = "false";
2768                                                 }
2769                                         } else if ($type_name == "integer") {
2770                                                 $value = sprintf("%d", $value);
2771                                         }
2772
2773 //                                      print "$pref_name : $type_name : $value<br>";
2774
2775                                         db_query($link, "UPDATE ttrss_user_prefs SET value = '$value'
2776                                                 WHERE pref_name = '$pref_name' AND owner_uid = ".$_SESSION["uid"]);
2777
2778                                 }
2779
2780                                 header("Location: prefs.php");
2781
2782                         }
2783
2784                 } else if ($subop == "getHelp") {
2785
2786                         $pref_name = db_escape_string($_GET["pn"]);
2787
2788                         $result = db_query($link, "SELECT help_text FROM ttrss_prefs
2789                                 WHERE pref_name = '$pref_name'");
2790
2791                         if (db_num_rows($result) > 0) {
2792                                 $help_text = db_fetch_result($result, 0, "help_text");
2793                                 print $help_text;
2794                         } else {
2795                                 print "Unknown option: $pref_name";
2796                         }
2797
2798                 } else if ($subop == "Change e-mail") {
2799
2800                         if (WEB_DEMO_MODE) {
2801                                 header("Location: prefs.php");
2802                                 return;
2803                         }
2804
2805                         $email = db_escape_string($_GET["email"]);
2806                         $active_uid = $_SESSION["uid"];
2807
2808                         if ($email) {
2809                                 db_query($link, "UPDATE ttrss_users SET email = '$email'
2810                                                 WHERE id = '$active_uid'");
2811                         }
2812
2813                         header("Location: prefs.php");
2814
2815                 } else if ($subop == "Change password") {
2816
2817                         if (WEB_DEMO_MODE) {
2818                                 header("Location: prefs.php");
2819                                 return;
2820                         }
2821
2822                         $old_pw = $_POST["OLD_PASSWORD"];
2823                         $new_pw = $_POST["OLD_PASSWORD"];
2824
2825                         $old_pw_hash = 'SHA1:' . sha1($_POST["OLD_PASSWORD"]);
2826                         $new_pw_hash = 'SHA1:' . sha1($_POST["NEW_PASSWORD"]);
2827
2828                         $active_uid = $_SESSION["uid"];
2829
2830                         if ($old_pw && $new_pw) {
2831
2832                                 $login = db_escape_string($_SERVER['PHP_AUTH_USER']);
2833
2834                                 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
2835                                         id = '$active_uid' AND (pwd_hash = '$old_pw' OR
2836                                                 pwd_hash = '$old_pw_hash')");
2837
2838                                 if (db_num_rows($result) == 1) {
2839                                         db_query($link, "UPDATE ttrss_users SET pwd_hash = '$new_pw_hash'
2840                                                 WHERE id = '$active_uid'");
2841
2842                                         $_SESSION["pwd_change_result"] = "ok";
2843                                 } else {
2844                                         $_SESSION["pwd_change_result"] = "failed";
2845                                 }
2846                         }
2847
2848                         header("Location: prefs.php");
2849
2850                 } else if ($subop == "Reset to defaults") {
2851
2852                         if (WEB_DEMO_MODE) {
2853                                 header("Location: prefs.php");
2854                                 return;
2855                         }
2856
2857                         $_SESSION["prefs_op_result"] = "reset-to-defaults";
2858
2859                         if (DB_TYPE == "pgsql") {
2860                                 db_query($link,"UPDATE ttrss_user_prefs
2861                                         SET value = ttrss_prefs.def_value
2862                                         WHERE owner_uid = '".$_SESSION["uid"]."' AND
2863                                         ttrss_prefs.pref_name = ttrss_user_prefs.pref_name");
2864                         } else {
2865                                 db_query($link, "DELETE FROM ttrss_user_prefs
2866                                         WHERE owner_uid = ".$_SESSION["uid"]);
2867                                 initialize_user_prefs($link, $_SESSION["uid"]);
2868                         }
2869
2870                         header("Location: prefs.php");
2871
2872                 } else if ($subop == "Change theme") {
2873
2874                         $theme = db_escape_string($_POST["theme"]);
2875
2876                         if ($theme == "Default") {
2877                                 $theme_qpart = 'NULL';
2878                         } else {
2879                                 $theme_qpart = "'$theme'";
2880                         }
2881
2882                         $result = db_query($link, "SELECT id,theme_path FROM ttrss_themes
2883                                 WHERE theme_name = '$theme'");
2884
2885                         if (db_num_rows($result) == 1) {
2886                                 $theme_id = db_fetch_result($result, 0, "id");
2887                                 $theme_path = db_fetch_result($result, 0, "theme_path");
2888                         } else {
2889                                 $theme_id = "NULL";
2890                                 $theme_path = "";
2891                         }
2892
2893                         db_query($link, "UPDATE ttrss_users SET
2894                                 theme_id = $theme_id WHERE id = " . $_SESSION["uid"]);
2895
2896                         $_SESSION["theme"] = $theme_path;
2897
2898                         header("Location: prefs.php");
2899
2900                 } else {
2901
2902                         if (!SINGLE_USER_MODE) {
2903
2904                                 $result = db_query($link, "SELECT id,email FROM ttrss_users
2905                                         WHERE id = ".$_SESSION["uid"]." AND (pwd_hash = 'password' OR
2906                                                 pwd_hash = 'SHA1:".sha1("password")."')");
2907
2908                                 if (db_num_rows($result) != 0) {
2909                                         print "<div class=\"warning\">
2910                                                 Your password is at default value, please change it.
2911                                         </div>";
2912                                 }
2913
2914                                 if ($_SESSION["pwd_change_result"] == "failed") {
2915                                         print "<div class=\"warning\">
2916                                                         There was an error while changing your password.
2917                                                 </div>";
2918                                 }
2919
2920                                 if ($_SESSION["pwd_change_result"] == "ok") {
2921                                         print "<div class=\"notice\">
2922                                                         Password changed successfully.
2923                                                 </div>";
2924                                 }
2925
2926                                 $_SESSION["pwd_change_result"] = "";
2927
2928                                 if ($_SESSION["prefs_op_result"] == "reset-to-defaults") {
2929                                         print "<div class=\"notice\">
2930                                                         Your configuration was reset to defaults.
2931                                                 </div>";
2932                                 }
2933
2934                                 if ($_SESSION["prefs_op_result"] == "save-config") {
2935                                         print "<div class=\"notice\">
2936                                                         Your configuration was saved successfully.
2937                                                 </div>";
2938                                 }
2939
2940                                 $_SESSION["prefs_op_result"] = "";
2941
2942                                 print "<form action=\"backend.php\" method=\"GET\">";
2943
2944                                 print "<table width=\"100%\" class=\"prefPrefsList\">";
2945                                 print "<tr><td colspan='3'><h3>Personal data</h3></tr></td>";
2946
2947                                 $result = db_query($link, "SELECT email FROM ttrss_users
2948                                         WHERE id = ".$_SESSION["uid"]);
2949
2950                                 $email = db_fetch_result($result, 0, "email");
2951
2952                                 print "<tr><td width=\"40%\">E-mail</td>";
2953                                 print "<td><input class=\"editbox\" name=\"email\"
2954                                         value=\"$email\"></td></tr>";
2955
2956                                 print "</table>";
2957
2958                                 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
2959
2960                                 print "<p><input class=\"button\" type=\"submit\"
2961                                         value=\"Change e-mail\" name=\"subop\">";
2962
2963                                 print "</form>";
2964
2965                                 print "<form action=\"backend.php\" method=\"POST\" name=\"changePassForm\">";
2966
2967                                 print "<table width=\"100%\" class=\"prefPrefsList\">";
2968                                 print "<tr><td colspan='3'><h3>Authentication</h3></tr></td>";
2969
2970                                 print "<tr><td width=\"40%\">Old password</td>";
2971                                 print "<td><input class=\"editbox\" type=\"password\"
2972                                         name=\"OLD_PASSWORD\"></td></tr>";
2973
2974                                 print "<tr><td width=\"40%\">New password</td>";
2975
2976                                 print "<td><input class=\"editbox\" type=\"password\"
2977                                         name=\"NEW_PASSWORD\"></td></tr>";
2978
2979                                 print "</table>";
2980
2981                                 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
2982
2983                                 print "<p><input class=\"button\" type=\"submit\"
2984                                         onclick=\"return validateNewPassword(this.form)\"
2985                                         value=\"Change password\" name=\"subop\">";
2986
2987                                 print "</form>";
2988
2989                         }
2990
2991                         $result = db_query($link, "SELECT
2992                                 theme_id FROM ttrss_users WHERE id = " . $_SESSION["uid"]);
2993
2994                         $user_theme_id = db_fetch_result($result, 0, "theme_id");
2995
2996                         $result = db_query($link, "SELECT
2997                                 id,theme_name FROM ttrss_themes ORDER BY theme_name");
2998
2999                         if (db_num_rows($result) > 0) {
3000
3001                                 print "<form action=\"backend.php\" method=\"POST\">";
3002                                 print "<table width=\"100%\" class=\"prefPrefsList\">";
3003                                 print "<tr><td colspan='3'><h3>Themes</h3></tr></td>";
3004                                 print "<tr><td width=\"40%\">Select theme</td>";
3005                                 print "<td><select name=\"theme\">";
3006                                 print "<option>Default</option>";
3007                                 print "<option disabled>--------</option>";
3008
3009                                 while ($line = db_fetch_assoc($result)) {
3010                                         if ($line["id"] == $user_theme_id) {
3011                                                 $selected = "selected";
3012                                         } else {
3013                                                 $selected = "";
3014                                         }
3015                                         print "<option $selected>" . $line["theme_name"] . "</option>";
3016                                 }
3017                                 print "</select></td></tr>";
3018                                 print "</table>";
3019                                 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
3020                                 print "<p><input class=\"button\" type=\"submit\"
3021                                         value=\"Change theme\" name=\"subop\">";
3022                                 print "</form>";
3023                         }
3024
3025                         $result = db_query($link, "SELECT
3026                                 ttrss_user_prefs.pref_name,short_desc,help_text,value,type_name,
3027                                 section_name,def_value
3028                                 FROM ttrss_prefs,ttrss_prefs_types,ttrss_prefs_sections,ttrss_user_prefs
3029                                 WHERE type_id = ttrss_prefs_types.id AND
3030                                         section_id = ttrss_prefs_sections.id AND
3031                                         ttrss_user_prefs.pref_name = ttrss_prefs.pref_name AND
3032                                         owner_uid = ".$_SESSION["uid"]."
3033                                 ORDER BY section_id,short_desc");
3034
3035                         print "<form action=\"backend.php\" method=\"POST\">";
3036
3037                         $lnum = 0;
3038
3039                         $active_section = "";
3040
3041                         while ($line = db_fetch_assoc($result)) {
3042
3043                                 if ($active_section != $line["section_name"]) {
3044
3045                                         if ($active_section != "") {
3046                                                 print "</table>";
3047                                         }
3048
3049                                         print "<p><table width=\"100%\" class=\"prefPrefsList\">";
3050
3051                                         $active_section = $line["section_name"];
3052
3053                                         print "<tr><td colspan=\"3\"><h3>$active_section</h3></td></tr>";
3054 //                                      print "<tr class=\"title\">
3055 //                                              <td width=\"25%\">Option</td><td>Value</td></tr>";
3056
3057                                         $lnum = 0;
3058                                 }
3059
3060 //                              $class = ($lnum % 2) ? "even" : "odd";
3061
3062                                 print "<tr>";
3063
3064                                 $type_name = $line["type_name"];
3065                                 $pref_name = $line["pref_name"];
3066                                 $value = $line["value"];
3067                                 $def_value = $line["def_value"];
3068                                 $help_text = $line["help_text"];
3069
3070                                 print "<td width=\"40%\" id=\"$pref_name\">" . $line["short_desc"];
3071
3072                                 if ($help_text) print "<div class=\"prefHelp\">$help_text</div>";
3073
3074                                 print "</td>";
3075
3076                                 print "<td>";
3077
3078                                 if ($type_name == "bool") {
3079 //                                      print_select($pref_name, $value, array("true", "false"));
3080
3081                                         if ($value == "true") {
3082                                                 $value = "Yes";
3083                                         } else {
3084                                                 $value = "No";
3085                                         }
3086
3087                                         print_radio($pref_name, $value, array("Yes", "No"));
3088
3089                                 } else {
3090                                         print "<input class=\"editbox\" name=\"$pref_name\" value=\"$value\">";
3091                                 }
3092
3093                                 print "</td>";
3094
3095                                 print "</tr>";
3096
3097                                 $lnum++;
3098                         }
3099
3100                         print "</table>";
3101
3102                         print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
3103
3104                         print "<p><input class=\"button\" type=\"submit\"
3105                                 name=\"subop\" value=\"Save configuration\">";
3106
3107                         print "&nbsp;<input class=\"button\" type=\"submit\"
3108                                 name=\"subop\" onclick=\"return validatePrefsReset()\"
3109                                 value=\"Reset to defaults\"></p>";
3110
3111                         print "</form>";
3112
3113                 }
3114
3115         }
3116
3117         if ($op == "pref-users") {
3118
3119                 $subop = $_GET["subop"];
3120
3121                 if ($subop == "edit") {
3122
3123                         $id = db_escape_string($_GET["id"]);
3124
3125                         print "<div id=\"infoBoxTitle\">User editor</div>";
3126
3127                         print "<div class=\"infoBoxContents\">";
3128
3129                         print "<form id=\"user_edit_form\">";
3130
3131                         print "<input type=\"hidden\" name=\"id\" value=\"$id\">";
3132                         print "<input type=\"hidden\" name=\"op\" value=\"pref-users\">";
3133                         print "<input type=\"hidden\" name=\"subop\" value=\"editSave\">";
3134
3135                         $result = db_query($link, "SELECT * FROM ttrss_users WHERE id = '$id'");
3136
3137                         $login = db_fetch_result($result, 0, "login");
3138                         $access_level = db_fetch_result($result, 0, "access_level");
3139                         $email = db_fetch_result($result, 0, "email");
3140
3141                         print "<table width='100%'>";
3142                         print "<tr><td>Login:</td><td>
3143                                 <input class=\"iedit\" onkeypress=\"return filterCR(event)\"
3144                                 name=\"login\" value=\"$login\"></td></tr>";
3145
3146                         print "<tr><td>Change password:</td><td>
3147                                 <input class=\"iedit\" onkeypress=\"return filterCR(event)\"
3148                                 name=\"password\"></td></tr>";
3149
3150                         print "<tr><td>E-mail:</td><td>
3151                                 <input class=\"iedit\" name=\"email\" onkeypress=\"return filterCR(event)\"
3152                                 value=\"$email\"></td></tr>";
3153
3154                         $sel_disabled = ($id == $_SESSION["uid"]) ? "disabled" : "";
3155
3156                         print "<tr><td>Access level:</td><td>";
3157                         print_select_hash("access_level", $access_level, $access_level_names,
3158                                 $sel_disabled);
3159                         print "</td></tr>";
3160
3161                         print "</table>";
3162
3163                         print "</form>";
3164
3165                         print "<div align='right'>
3166                                 <input class=\"button\"
3167                                         type=\"submit\" onclick=\"return userEditSave()\"
3168                                         value=\"Save\">
3169                                 <input class=\"button\"
3170                                         type=\"submit\" onclick=\"return userEditCancel()\"
3171                                         value=\"Cancel\"></div>";
3172
3173                         print "</div>";
3174
3175                         return;
3176                 }
3177
3178                 if ($subop == "editSave") {
3179
3180                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3181
3182                                 $login = db_escape_string(trim($_GET["login"]));
3183                                 $uid = db_escape_string($_GET["id"]);
3184                                 $access_level = sprintf("%d", $_GET["access_level"]);
3185                                 $email = db_escape_string(trim($_GET["email"]));
3186                                 $password = db_escape_string(trim($_GET["password"]));
3187
3188                                 if ($password) {
3189                                         $pwd_hash = 'SHA1:' . sha1($password);
3190                                         $pass_query_part = "pwd_hash = '$pwd_hash', ";
3191                                         print "<div class='notice'>Changed password for user <b>$login</b>.</div>";
3192                                 } else {
3193                                         $pass_query_part = "";
3194                                 }
3195
3196                                 db_query($link, "UPDATE ttrss_users SET $pass_query_part login = '$login',
3197                                         access_level = '$access_level', email = '$email' WHERE id = '$uid'");
3198
3199                         }
3200                 } else if ($subop == "remove") {
3201
3202                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3203
3204                                 $ids = split(",", db_escape_string($_GET["ids"]));
3205
3206                                 foreach ($ids as $id) {
3207                                         db_query($link, "DELETE FROM ttrss_users WHERE id = '$id' AND id != " . $_SESSION["uid"]);
3208
3209                                 }
3210                         }
3211                 } else if ($subop == "add") {
3212
3213                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3214
3215                                 $login = db_escape_string(trim($_GET["login"]));
3216                                 $tmp_user_pwd = make_password(8);
3217                                 $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd);
3218
3219                                 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
3220                                         login = '$login'");
3221
3222                                 if (db_num_rows($result) == 0) {
3223
3224                                         db_query($link, "INSERT INTO ttrss_users
3225                                                 (login,pwd_hash,access_level,last_login)
3226                                                 VALUES ('$login', '$pwd_hash', 0, NOW())");
3227
3228
3229                                         $result = db_query($link, "SELECT id FROM ttrss_users WHERE
3230                                                 login = '$login' AND pwd_hash = '$pwd_hash'");
3231
3232                                         if (db_num_rows($result) == 1) {
3233
3234                                                 $new_uid = db_fetch_result($result, 0, "id");
3235
3236                                                 print "<div class=\"notice\">Added user <b>".$_GET["login"].
3237                                                         "</b> with password <b>$tmp_user_pwd</b>.</div>";
3238
3239                                                 initialize_user($link, $new_uid);
3240
3241                                         } else {
3242
3243                                                 print "<div class=\"warning\">Could not create user <b>".
3244                                                         $_GET["login"]."</b></div>";
3245
3246                                         }
3247                                 } else {
3248                                         print "<div class=\"warning\">User <b>".
3249                                                 $_GET["login"]."</b> already exists.</div>";
3250                                 }
3251                         }
3252                 } else if ($subop == "resetPass") {
3253
3254                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3255
3256                                 $uid = db_escape_string($_GET["id"]);
3257
3258                                 $result = db_query($link, "SELECT login,email
3259                                         FROM ttrss_users WHERE id = '$uid'");
3260
3261                                 $login = db_fetch_result($result, 0, "login");
3262                                 $email = db_fetch_result($result, 0, "email");
3263                                 $tmp_user_pwd = make_password(8);
3264                                 $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd);
3265
3266                                 db_query($link, "UPDATE ttrss_users SET pwd_hash = '$pwd_hash'
3267                                         WHERE id = '$uid'");
3268
3269                                 print "<div class=\"notice\">Changed password of
3270                                         user <b>$login</b> to <b>$tmp_user_pwd</b>.";
3271
3272                                 if (MAIL_RESET_PASS && $email) {
3273                                         print " Notifying <b>$email</b>.";
3274
3275                                         mail("$login <$email>", "Password reset notification",
3276                                                 "Hi, $login.\n".
3277                                                 "\n".
3278                                                 "Your password for this TT-RSS installation was reset by".
3279                                                         " an administrator.\n".
3280                                                 "\n".
3281                                                 "Your new password is $tmp_user_pwd, please remember".
3282                                                         " it for later reference.\n".
3283                                                 "\n".
3284                                                 "Sincerely, TT-RSS Mail Daemon.", "From: " . MAIL_FROM);
3285                                 }
3286
3287                                 print "</div>";
3288
3289                         }
3290                 }
3291
3292                 print "<div class=\"prefGenericAddBox\">
3293                         <input id=\"uadd_box\"
3294                                 onkeyup=\"toggleSubmitNotEmpty(this, 'user_add_btn')\"
3295                                 size=\"40\">&nbsp;";
3296
3297                 print"<input type=\"submit\" class=\"button\"
3298                         id=\"user_add_btn\" disabled=\"true\"
3299                         onclick=\"javascript:addUser()\" value=\"Create user\"></div>";
3300
3301                 $result = db_query($link, "SELECT
3302                                 id,login,access_level,email,
3303                                 SUBSTRING(last_login,1,16) as last_login
3304                         FROM
3305                                 ttrss_users
3306                         ORDER by login");
3307
3308 //              print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
3309
3310                 print "<p><table width=\"100%\" cellspacing=\"0\"
3311                         class=\"prefUserList\" id=\"prefUserList\">";
3312
3313                 print "<tr><td class=\"selectPrompt\" colspan=\"8\">
3314                                 Select:
3315                                         <a href=\"javascript:selectPrefRows('user', true)\">All</a>,
3316                                         <a href=\"javascript:selectPrefRows('user', false)\">None</a>
3317                                 </td</tr>";
3318
3319                 print "<tr class=\"title\">
3320                                         <td align='center' width=\"5%\">&nbsp;</td>
3321                                         <td width='40%'>Login</td>
3322                                         <td width='40%'>Access Level</td>
3323                                         <td width='30%'>Last login</td></tr>";
3324
3325                 $lnum = 0;
3326
3327                 while ($line = db_fetch_assoc($result)) {
3328
3329                         $class = ($lnum % 2) ? "even" : "odd";
3330
3331                         $uid = $line["id"];
3332                         $edit_uid = $_GET["id"];
3333
3334                         if ($subop == "edit" && $uid != $edit_uid) {
3335                                 $class .= "Grayed";
3336                                 $this_row_id = "";
3337                         } else {
3338                                 $this_row_id = "id=\"UMRR-$uid\"";
3339                         }
3340
3341                         print "<tr class=\"$class\" $this_row_id>";
3342
3343                         $line["login"] = htmlspecialchars($line["login"]);
3344
3345                         $line["last_login"] = date(get_pref($link, 'SHORT_DATE_FORMAT'),
3346                                 strtotime($line["last_login"]));
3347
3348                         $access_level_names = array(0 => "User", 10 => "Administrator");
3349
3350 //                      if (!$edit_uid || $subop != "edit") {
3351
3352                                 print "<td align='center'><input onclick='toggleSelectPrefRow(this, \"user\");'
3353                                 type=\"checkbox\" id=\"UMCHK-$uid\"></td>";
3354
3355                                 print "<td><a href=\"javascript:editUser($uid);\">" .
3356                                         $line["login"] . "</td>";
3357
3358                                 if (!$line["email"]) $line["email"] = "&nbsp;";
3359
3360                                 print "<td><a href=\"javascript:editUser($uid);\">" .
3361                                         $access_level_names[$line["access_level"]] . "</td>";
3362
3363 /*                      } else if ($uid != $edit_uid) {
3364
3365                                 if (!$line["email"]) $line["email"] = "&nbsp;";
3366
3367                                 print "<td align='center'><input disabled=\"true\" type=\"checkbox\"
3368                                         id=\"UMCHK-".$line["id"]."\"></td>";
3369
3370                                 print "<td>".$line["login"]."</td>";
3371                                 print "<td>".$line["email"]."</td>";
3372                                 print "<td>".$access_level_names[$line["access_level"]]."</td>";
3373
3374                         } else {
3375
3376                                 print "<td align='center'>
3377                                         <input disabled=\"true\" type=\"checkbox\" checked></td>";
3378
3379                                 print "<td><input id=\"iedit_ulogin\" value=\"".$line["login"].
3380                                         "\"></td>";
3381
3382                                 print "<td><input id=\"iedit_email\" value=\"".$line["email"].
3383                                         "\"></td>";
3384
3385                                 print "<td>";
3386                                 print "<select id=\"iedit_ulevel\">";
3387                                 foreach (array_keys($access_level_names) as $al) {
3388                                         if ($al == $line["access_level"]) {
3389                                                 $selected = "selected";
3390                                         } else {
3391                                                 $selected = "";
3392                                         }
3393                                         print "<option $selected id=\"$al\">" .
3394                                                 $access_level_names[$al] . "</option>";
3395                                 }
3396                                 print "</select>";
3397                                 print "</td>";
3398
3399                         } */
3400
3401                         print "<td>".$line["last_login"]."</td>";
3402
3403                         print "</tr>";
3404
3405                         ++$lnum;
3406                 }
3407
3408                 print "</table>";
3409
3410                 print "<p id='userOpToolbar'>";
3411
3412 /*              if ($subop == "edit") {
3413                         print "Edit user:
3414                                 <input type=\"submit\" class=\"button\"
3415                                         onclick=\"javascript:userEditSave()\" value=\"Save\">
3416                                 <input type=\"submit\" class=\"button\"
3417                                         onclick=\"javascript:userEditCancel()\" value=\"Cancel\">";
3418
3419                 } else { */
3420
3421                         print "
3422                                 Selection:
3423                         <input type=\"submit\" class=\"button\" disabled=\"true\"
3424                                 onclick=\"javascript:selectedUserDetails()\" value=\"User details\">
3425                         <input type=\"submit\" class=\"button\" disabled=\"true\"
3426                                 onclick=\"javascript:editSelectedUser()\" value=\"Edit\">
3427                         <input type=\"submit\" class=\"button\" disabled=\"true\"
3428                                 onclick=\"javascript:removeSelectedUsers()\" value=\"Remove\">
3429                         <input type=\"submit\" class=\"button\" disabled=\"true\"
3430                                 onclick=\"javascript:resetSelectedUserPass()\" value=\"Reset password\">";
3431
3432 //              }
3433         }
3434
3435         if ($op == "user-details") {
3436
3437                 if (WEB_DEMO_MODE || $_SESSION["access_level"] < 10) {
3438                         return;
3439                 }
3440
3441 /*              print "<html><head>
3442                         <title>Tiny Tiny RSS : User Details</title>
3443                         <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">
3444                         <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
3445                         </head><body>"; */
3446
3447                 $uid = sprintf("%d", $_GET["id"]);
3448
3449                 print "<div id=\"infoBoxTitle\">User details</div>";
3450
3451                 print "<div class='infoBoxContents'>";
3452
3453                 $result = db_query($link, "SELECT login,
3454                         SUBSTRING(last_login,1,16) AS last_login,
3455                         access_level,
3456                         (SELECT COUNT(int_id) FROM ttrss_user_entries
3457                                 WHERE owner_uid = id) AS stored_articles
3458                         FROM ttrss_users
3459                         WHERE id = '$uid'");
3460
3461                 if (db_num_rows($result) == 0) {
3462                         print "<h1>User not found</h1>";
3463                         return;
3464                 }
3465
3466 #               print "<h1>User Details</h1>";
3467
3468                 $login = db_fetch_result($result, 0, "login");
3469
3470 #               print "<h1>$login</h1>";
3471
3472                 print "<table width='100%'>";
3473
3474                 $last_login = date(get_pref($link, 'LONG_DATE_FORMAT'),
3475                         strtotime(db_fetch_result($result, 0, "last_login")));
3476                 $access_level = db_fetch_result($result, 0, "access_level");
3477                 $stored_articles = db_fetch_result($result, 0, "stored_articles");
3478
3479 #               print "<tr><td>Username</td><td>$login</td></tr>";
3480 #               print "<tr><td>Access level</td><td>$access_level</td></tr>";
3481                 print "<tr><td>Last logged in</td><td>$last_login</td></tr>";
3482                 print "<tr><td>Stored articles</td><td>$stored_articles</td></tr>";
3483
3484                 $result = db_query($link, "SELECT COUNT(id) as num_feeds FROM ttrss_feeds
3485                         WHERE owner_uid = '$uid'");
3486
3487                 $num_feeds = db_fetch_result($result, 0, "num_feeds");
3488
3489                 print "<tr><td>Subscribed feeds count</td><td>$num_feeds</td></tr>";
3490
3491 /*              $result = db_query($link, "SELECT
3492                         SUM(LENGTH(content)+LENGTH(title)+LENGTH(link)+LENGTH(guid)) AS db_size
3493                         FROM ttrss_user_entries,ttrss_entries
3494                                 WHERE owner_uid = '$uid' AND ref_id = id");
3495
3496                 $db_size = round(db_fetch_result($result, 0, "db_size") / 1024);
3497
3498                 print "<tr><td>Approx. used DB size</td><td>$db_size KBytes</td></tr>";  */
3499
3500                 print "</table>";
3501
3502                 print "<h1>Subscribed feeds</h1>";
3503
3504                 $result = db_query($link, "SELECT id,title,site_url FROM ttrss_feeds
3505                         WHERE owner_uid = '$uid' ORDER BY title");
3506
3507                 print "<ul class=\"userFeedList\">";
3508
3509                 $row_class = "odd";
3510
3511                 while ($line = db_fetch_assoc($result)) {
3512
3513                         $icon_file = ICONS_URL."/".$line["id"].".ico";
3514
3515                         if (file_exists($icon_file) && filesize($icon_file) > 0) {
3516                                 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"$icon_file\">";
3517                         } else {
3518                                 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
3519                         }
3520
3521                         print "<li class=\"$row_class\">$feed_icon&nbsp;<a href=\"".$line["site_url"]."\">".$line["title"]."</a></li>";
3522
3523                         $row_class = toggleEvenOdd($row_class);
3524
3525                 }
3526
3527                 if (db_num_rows($result) < $num_feeds) {
3528                          // FIXME - add link to show ALL subscribed feeds here somewhere
3529                         print "<li><img
3530                                 class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">&nbsp;...</li>";
3531                 }
3532
3533                 print "</ul>";
3534
3535                 print "</div>";
3536
3537                 print "<div align='center'>
3538                         <input type='submit' class='button'
3539                         onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
3540
3541 //              print "</body></html>";
3542
3543         }
3544
3545         if ($op == "pref-feed-browser") {
3546
3547                 if (!ENABLE_FEED_BROWSER) {
3548                         print "Feed browser is administratively disabled.";
3549                         return;
3550                 }
3551
3552                 $subop = $_REQUEST["subop"];
3553
3554                 if ($subop == "details") {
3555                         $id = db_escape_string($_GET["id"]);
3556
3557                         print "<div class=\"browserFeedInfo\">";
3558                         print "<b>Feed information:</b>";
3559                         print "<div class=\"detailsPart\">";
3560
3561                         $result = db_query($link, "SELECT
3562                                         feed_url,site_url,
3563                                         SUBSTRING(last_updated,1,19) AS last_updated
3564                                 FROM ttrss_feeds WHERE id = '$id'");
3565
3566                         $feed_url = db_fetch_result($result, 0, "feed_url");
3567                         $site_url = db_fetch_result($result, 0, "site_url");
3568                         $last_updated = db_fetch_result($result, 0, "last_updated");
3569
3570                         if (get_pref($link, 'HEADLINES_SMART_DATE')) {
3571                                 $last_updated = smart_date_time(strtotime($last_updated));
3572                         } else {
3573                                 $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
3574                                 $last_updated = date($short_date, strtotime($last_updated));
3575                         }
3576
3577                         print "Site: <a href='$site_url'>$site_url</a> ".
3578                                 "(<a href='$feed_url'>feed</a>), ".
3579                                 "Last updated: $last_updated";
3580
3581                         print "</div>";
3582
3583                         $result = db_query($link, "SELECT
3584                                         ttrss_entries.title,
3585                                         content,
3586                                         substring(date_entered,1,19) as date_entered,
3587                                         substring(updated,1,19) as updated
3588                                 FROM ttrss_entries,ttrss_user_entries
3589                                 WHERE   ttrss_entries.id = ref_id AND feed_id = '$id'
3590                                 ORDER BY updated DESC LIMIT 5");
3591
3592                         if (db_num_rows($result) > 0) {
3593
3594                                 print "<b>Last headlines:</b><br>";
3595
3596                                 print "<div class=\"detailsPart\">";
3597                                 print "<ul class=\"compact\">";
3598                                 while ($line = db_fetch_assoc($result)) {
3599
3600                                         if (get_pref($link, 'HEADLINES_SMART_DATE')) {
3601                                                 $entry_dt = smart_date_time(strtotime($line["updated"]));
3602                                         } else {
3603                                                 $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
3604                                                 $entry_dt = date($short_date, strtotime($line["updated"]));
3605                                         }
3606
3607                                         print "<li>" . $line["title"] .
3608                                                 "&nbsp;<span class=\"insensitive\">($entry_dt)</span></li>";
3609                                 }
3610                                 print "</ul></div>";
3611                         }
3612
3613                         print "</div>";
3614
3615                         return;
3616                 }
3617
3618                 print "<p>This panel shows feeds subscribed by other users of this system, just in case you are interested in some of them too.</p>";
3619
3620                 $limit = db_escape_string($_GET["limit"]);
3621
3622                 if (!$limit) $limit = 25;
3623
3624                 $owner_uid = $_SESSION["uid"];
3625
3626                 $result = db_query($link, "SELECT feed_url,COUNT(id) AS subscribers
3627                         FROM ttrss_feeds WHERE (SELECT COUNT(id) = 0 FROM ttrss_feeds AS tf
3628                                 WHERE tf.feed_url = ttrss_feeds.feed_url
3629                                         AND owner_uid = '$owner_uid') GROUP BY feed_url
3630                                                 ORDER BY subscribers DESC LIMIT $limit");
3631
3632
3633                 print "<div style=\"float : right\">
3634                         Top <select id=\"feedBrowserLimit\">";
3635
3636                 foreach (array(25, 50, 100) as $l) {
3637                         $issel = ($l == $limit) ? "selected" : "";
3638                         print "<option $issel>$l</option>";
3639                 }
3640
3641                 print "</select>
3642                         <input type=\"submit\" class=\"button\"
3643                                 onclick=\"updateBigFeedBrowser()\" value=\"Show\">
3644                 </div>";
3645
3646                 print "<p id=\"fbrOpToolbar\">Selection:
3647                         <input type='submit' class='button' onclick=\"feedBrowserSubscribe()\"
3648                         disabled=\"true\" value=\"Subscribe\">";
3649
3650                 print "<ul class='nomarks' id='browseBigFeedList'>";
3651
3652                 $feedctr = 0;
3653
3654                 while ($line = db_fetch_assoc($result)) {
3655                         $feed_url = $line["feed_url"];
3656                         $subscribers = $line["subscribers"];
3657
3658                         $det_result = db_query($link, "SELECT site_url,title,id
3659                                 FROM ttrss_feeds WHERE feed_url = '$feed_url' LIMIT 1");
3660
3661                         $details = db_fetch_assoc($det_result);
3662
3663                         $icon_file = ICONS_DIR . "/" . $details["id"] . ".ico";
3664
3665                         if (file_exists($icon_file) && filesize($icon_file) > 0) {
3666                                         $feed_icon = "<img class=\"tinyFeedIcon\"       src=\"" . ICONS_URL .
3667                                                 "/".$details["id"].".ico\">";
3668                         } else {
3669                                 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
3670                         }
3671
3672                         $check_box = "<input onclick='toggleSelectFBListRow(this)' class='feedBrowseCB'
3673                                 type=\"checkbox\" id=\"FBCHK-" . $details["id"] . "\">";
3674
3675                         $class = ($feedctr % 2) ? "even" : "odd";
3676
3677                         print "<li class='$class' id=\"FBROW-".$details["id"]."\">$check_box".
3678                                 "$feed_icon ";
3679
3680                         print "<a href=\"javascript:browserToggleExpand('".$details["id"]."')\">" .
3681                                 $details["title"] ."</a>&nbsp;" .
3682                                 "<span class='subscribers'>($subscribers)</span>";
3683
3684                         print "<div class=\"browserDetails\" id=\"BRDET-" . $details["id"] . "\">";
3685                         print "</div>";
3686
3687                         print "</li>";
3688
3689                                 ++$feedctr;
3690                 }
3691
3692                 if ($feedctr == 0) {
3693                         print "<li>No feeds found to subscribe.</li>";
3694                 }
3695
3696                 print "</ul>";
3697
3698                 print "</div>";
3699
3700         }
3701
3702         if ($op == "rss") {
3703                 $feed = db_escape_string($_GET["id"]);
3704                 $user = db_escape_string($_GET["user"]);
3705                 $pass = db_escape_string($_GET["pass"]);
3706                 $is_cat = $_GET["is_cat"] != false;
3707
3708                 $search = db_escape_string($_GET["q"]);
3709                 $match_on = db_escape_string($_GET["m"]);
3710                 $search_mode = db_escape_string($_GET["smode"]);
3711
3712                 if (!$_SESSION["uid"] && $user && $pass) {
3713                         authenticate_user($link, $user, $pass);
3714                 }
3715
3716                 if ($_SESSION["uid"] ||
3717                         http_authenticate_user($link)) {
3718
3719                                 generate_syndicated_feed($link, $feed, $is_cat,
3720                                         $search, $search_mode, $match_on);
3721                 }
3722         }
3723
3724         function check_configuration_variables() {
3725                 if (!defined('SESSION_EXPIRE_TIME')) {
3726                         return "config: SESSION_EXPIRE_TIME is undefined";
3727                 }
3728
3729                 if (SESSION_EXPIRE_TIME < 60) {
3730                         return "config: SESSION_EXPIRE_TIME is too low (less than 60)";
3731                 }
3732
3733                 if (SESSION_EXPIRE_TIME < SESSION_COOKIE_LIFETIME_REMEMBER) {
3734                         return "config: SESSION_EXPIRE_TIME should be greater or equal to" .
3735                                 "SESSION_COOKIE_LIFETIME_REMEMBER";
3736                 }
3737
3738                 if (defined('DISABLE_SESSIONS')) {
3739                         return "config: you have enabled DISABLE_SESSIONS. Please disable this option.";
3740                 }
3741
3742                 if (DATABASE_BACKED_SESSIONS && SINGLE_USER_MODE) {
3743                         return "config: DATABASE_BACKED_SESSIONS is incompatible with SINGLE_USER_MODE";
3744                 }
3745
3746                 return false;
3747         }
3748
3749         if ($op == "labelFromSearch") {
3750                 $search = db_escape_string($_GET["search"]);
3751                 $search_mode = db_escape_string($_GET["smode"]);
3752                 $match_on = db_escape_string($_GET["match"]);
3753                 $is_cat = db_escape_string($_GET["is_cat"]);
3754                 $title = db_escape_string($_GET["title"]);
3755                 $feed = sprintf("%d", $_GET["feed"]);
3756
3757                 $label_qparts = array();
3758
3759                 $search_expr = getSearchSql($search, $match_on);
3760
3761                 if ($is_cat) {
3762                         if ($feed != 0) {
3763                                 $search_expr .= " AND ttrss_feeds.cat_id = $feed ";
3764                         } else {
3765                                 $search_expr .= " AND ttrss_feeds.cat_id IS NULL ";
3766                         }
3767                 } else {
3768                         if ($search_mode == "all_feeds") {
3769                                 // NOOP
3770                         } else if ($search_mode == "this_cat") {
3771
3772                                 $tmp_result = db_query($link, "SELECT cat_id
3773                                         FROM ttrss_feeds WHERE id = '$feed'");
3774
3775                                 $cat_id = db_fetch_result($tmp_result, 0, "cat_id");
3776
3777                                 if ($cat_id > 0) {
3778                                         $search_expr .= " AND ttrss_feeds.cat_id = $cat_id ";
3779                                 } else {
3780                                         $search_expr .= " AND ttrss_feeds.cat_id IS NULL ";
3781                                 }
3782                         } else {
3783                                 $search_expr .= " AND ttrss_feeds.id = $feed ";
3784                         }
3785
3786                 }
3787
3788                 $search_expr = db_escape_string($search_expr);
3789
3790                 print $search_expr;
3791
3792                 if ($title) {
3793                         $result = db_query($link,
3794                                 "INSERT INTO ttrss_labels (sql_exp,description,owner_uid)
3795                                 VALUES ('$search_expr', '$title', '".$_SESSION["uid"]."')");
3796                 }
3797         }
3798
3799         db_close($link);
3800 ?>
3801
3802 <!-- <?= sprintf("Backend execution time: %.4f seconds", getmicrotime() - $script_started) ?> -->
3803