backend.php

   1 <?
   2         session_start();
   3
   4         if ($_GET["debug"]) {
   5                 define('DEFAULT_ERROR_LEVEL', E_ALL);
   6         } else {
   7                 define('DEFAULT_ERROR_LEVEL', E_ERROR | E_WARNING | E_PARSE);
   8         }
   9
  10         error_reporting(DEFAULT_ERROR_LEVEL);
  11
  12         $op = $_REQUEST["op"];
  13
  14         if ((!$op || $op == "rpc" || $op == "globalUpdateFeeds") && !$_REQUEST["noxml"]) {
  15                 header("Content-Type: application/xml");
  16         }
  17
  18         if (!$_SESSION["uid"] && $op != "globalUpdateFeeds") {
  19
  20                 if ($op == "rpc") {
  21                         print "<error error-code=\"6\"/>";
  22                 }
  23                 exit;
  24         }
  25
  26         if (!$op) {
  27                 print "<error error-code=\"7\"/>";
  28                 exit;
  29         }
  30
  31         define('SCHEMA_VERSION', 4);
  32
  33         require_once "sanity_check.php";
  34         require_once "config.php";
  35         require_once "db.php";
  36         require_once "db-prefs.php";
  37         require_once "functions.php";
  38         require_once "magpierss/rss_fetch.inc";
  39
  40         $script_started = getmicrotime();
  41
  42         $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
  43
  44         if (!$link) {
  45                 if (DB_TYPE == "mysql") {
  46                         print mysql_error();
  47                 }
  48                 // PG seems to display its own errors just fine by default.
  49                 return;
  50         }
  51
  52         if (DB_TYPE == "pgsql") {
  53                 pg_query("set client_encoding = 'utf-8'");
  54         }
  55
  56         $fetch = $_GET["fetch"];
  57
  58         setcookie("ttrss_icons_url", ICONS_URL);
  59
  60         if (!sanity_check($link)) { return; }
  61
  62         function getAllCounters($link) {
  63                 getLabelCounters($link);
  64                 getFeedCounters($link);
  65                 getTagCounters($link);
  66                 getGlobalCounters($link);
  67                 if (get_pref($link, 'ENABLE_FEED_CATS')) {
  68                         getCategoryCounters($link);
  69                 }
  70         }
  71
  72         function getCategoryCounters($link) {
  73                 $result = db_query($link, "SELECT cat_id,SUM((SELECT COUNT(int_id)
  74                                 FROM ttrss_user_entries WHERE feed_id = ttrss_feeds.id
  75                                         AND unread = true)) AS unread FROM ttrss_feeds
  76                         WHERE
  77                                 owner_uid = ".$_SESSION["uid"]." GROUP BY cat_id");
  78
  79                 while ($line = db_fetch_assoc($result)) {
  80                         $line["cat_id"] = sprintf("%d", $line["cat_id"]);
  81                         print "<counter type=\"category\" id=\"".$line["cat_id"]."\" counter=\"".
  82                                 $line["unread"]."\"/>";
  83                 }
  84         }
  85
  86         function getFeedUnread($link, $feed) {
  87                 $n_feed = sprintf("%d", $feed);
  88
  89                 if ($n_feed == -1) {
  90                         $match_part = "marked = true";
  91                 } else if ($feed > 0) {
  92                         $match_part = "feed_id = '$n_feed'";
  93                 } else if ($feed < -10) {
  94                         $label_id = -$feed - 11;
  95
  96                         $result = db_query($link, "SELECT sql_exp FROM ttrss_labels WHERE
  97                                 id = '$label_id' AND owner_uid = " . $_SESSION["uid"]);
  98
  99                         $match_part = db_fetch_result($result, 0, "sql_exp");
 100                 }
 101
 102                 if ($match_part) {
 103
 104                         $result = db_query($link, "SELECT count(int_id) AS unread
 105                                 FROM ttrss_user_entries
 106                                 WHERE   unread = true AND $match_part AND owner_uid = " . $_SESSION["uid"]);
 107
 108                 } else {
 109
 110                         $result = db_query($link, "SELECT COUNT(post_int_id) AS unread
 111                                 FROM ttrss_tags,ttrss_user_entries
 112                                 WHERE tag_name = '$feed' AND post_int_id = int_id AND unread = true AND
 113                                         ttrss_tags.owner_uid = " . $_SESSION["uid"]);
 114                 }
 115
 116                 $unread = db_fetch_result($result, 0, "unread");
 117                 return $unread;
 118         }
 119
 120         /* FIXME this needs reworking */
 121
 122         function getGlobalCounters($link) {
 123                 $result = db_query($link, "SELECT count(id) as c_id FROM ttrss_entries,ttrss_user_entries
 124                         WHERE unread = true AND
 125                         ttrss_user_entries.ref_id = ttrss_entries.id AND
 126                         owner_uid = " . $_SESSION["uid"]);
 127                 $c_id = db_fetch_result($result, 0, "c_id");
 128                 print "<counter type=\"global\" id='global-unread' counter='$c_id'/>";
 129         }
 130
 131         function getTagCounters($link, $smart_mode = SMART_RPC_COUNTERS) {
 132
 133                 if ($smart_mode) {
 134                         if (!$_SESSION["tctr_last_value"]) {
 135                                 $_SESSION["tctr_last_value"] = array();
 136                         }
 137                 }
 138
 139                 $old_counters = $_SESSION["tctr_last_value"];
 140
 141                 $tctrs_modified = false;
 142
 143 /*              $result = db_query($link, "SELECT tag_name,count(ttrss_entries.id) AS count
 144                         FROM ttrss_tags,ttrss_entries,ttrss_user_entries WHERE
 145                         ttrss_user_entries.ref_id = ttrss_entries.id AND
 146                         ttrss_tags.owner_uid = ".$_SESSION["uid"]." AND
 147                         post_int_id = ttrss_user_entries.int_id AND unread = true GROUP BY tag_name
 148                 UNION
 149                         select tag_name,0 as count FROM ttrss_tags
 150                         WHERE ttrss_tags.owner_uid = ".$_SESSION["uid"]); */
 151
 152                 $result = db_query($link, "SELECT tag_name,SUM((SELECT COUNT(int_id)
 153                         FROM ttrss_user_entries WHERE int_id = post_int_id
 154                                 AND unread = true)) AS count FROM ttrss_tags
 155                         WHERE owner_uid = 2 GROUP BY tag_name ORDER BY tag_name");
 156
 157                 $tags = array();
 158
 159                 while ($line = db_fetch_assoc($result)) {
 160                         $tags[$line["tag_name"]] += $line["count"];
 161                 }
 162
 163                 foreach (array_keys($tags) as $tag) {
 164                         $unread = $tags[$tag];
 165
 166                         $tag = htmlspecialchars($tag);
 167
 168                         if (!$smart_mode || $old_counters[$tag] != $unread) {
 169                                 $old_counters[$tag] = $unread;
 170                                 $tctrs_modified = true;
 171                                 print "<counter type=\"tag\" id=\"$tag\" counter=\"$unread\"/>";
 172                         }
 173
 174                 }
 175
 176                 if ($smart_mode && $tctrs_modified) {
 177                         $_SESSION["tctr_last_value"] = $old_counters;
 178                 }
 179
 180         }
 181
 182         function getLabelCounters($link, $smart_mode = SMART_RPC_COUNTERS) {
 183
 184                 if ($smart_mode) {
 185                         if (!$_SESSION["lctr_last_value"]) {
 186                                 $_SESSION["lctr_last_value"] = array();
 187                         }
 188                 }
 189
 190                 $old_counters = $_SESSION["lctr_last_value"];
 191                 $lctrs_modified = false;
 192
 193                 $result = db_query($link, "SELECT count(id) as count FROM ttrss_entries,ttrss_user_entries
 194                         WHERE marked = true AND ttrss_user_entries.ref_id = ttrss_entries.id AND
 195                         unread = true AND owner_uid = ".$_SESSION["uid"]);
 196
 197                 $count = db_fetch_result($result, 0, "count");
 198
 199                 print "<counter type=\"label\" id=\"-1\" counter=\"$count\"/>";
 200
 201                 $result = db_query($link, "SELECT owner_uid,id,sql_exp,description FROM
 202                         ttrss_labels WHERE owner_uid = ".$_SESSION["uid"]." ORDER by description");
 203
 204                 while ($line = db_fetch_assoc($result)) {
 205
 206                         $id = -$line["id"] - 11;
 207
 208                         error_reporting (0);
 209
 210                         $tmp_result = db_query($link, "SELECT count(id) as count FROM ttrss_user_entries,ttrss_entries
 211                                 WHERE (" . $line["sql_exp"] . ") AND unread = true AND
 212                                 ttrss_user_entries.ref_id = ttrss_entries.id AND
 213                                 owner_uid = ".$_SESSION["uid"]);
 214
 215                         $count = db_fetch_result($tmp_result, 0, "count");
 216
 217                         if (!$smart_mode || $old_counters[$id] != $count) {
 218                                 $old_counters[$id] = $count;
 219                                 $lctrs_modified = true;
 220                                 print "<counter type=\"label\" id=\"$id\" counter=\"$count\"/>";
 221                         }
 222
 223                         error_reporting (DEFAULT_ERROR_LEVEL);
 224                 }
 225
 226                 if ($smart_mode && $lctrs_modified) {
 227                         $_SESSION["lctr_last_value"] = $old_counters;
 228                 }
 229         }
 230
 231 /*      function getFeedCounter($link, $id) {
 232
 233                 $result = db_query($link, "SELECT
 234                                 count(id) as count,last_error
 235                         FROM ttrss_entries,ttrss_user_entries,ttrss_feeds
 236                         WHERE feed_id = '$id' AND unread = true
 237                         AND ttrss_user_entries.feed_id = ttrss_feeds.id
 238                         AND ttrss_user_entries.ref_id = ttrss_entries.id");
 239
 240                         $count = db_fetch_result($result, 0, "count");
 241                         $last_error = htmlspecialchars(db_fetch_result($result, 0, "last_error"));
 242
 243                         print "<counter type=\"feed\" id=\"$id\" counter=\"$count\" error=\"$last_error\"/>";
 244         } */
 245
 246         function getFeedCounters($link, $smart_mode = SMART_RPC_COUNTERS) {
 247
 248                 if ($smart_mode) {
 249                         if (!$_SESSION["fctr_last_value"]) {
 250                                 $_SESSION["fctr_last_value"] = array();
 251                         }
 252                 }
 253
 254                 $old_counters = $_SESSION["fctr_last_value"];
 255
 256                 $result = db_query($link, "SELECT id,last_error,parent_feed,
 257                         (SELECT count(id)
 258                                 FROM ttrss_entries,ttrss_user_entries
 259                                 WHERE feed_id = ttrss_feeds.id AND
 260                                         ttrss_user_entries.ref_id = ttrss_entries.id
 261                                 AND unread = true AND owner_uid = ".$_SESSION["uid"].") as count
 262                         FROM ttrss_feeds WHERE owner_uid = ".$_SESSION["uid"] . "
 263                                 AND parent_feed IS NULL");
 264
 265                 $fctrs_modified = false;
 266
 267                 while ($line = db_fetch_assoc($result)) {
 268
 269                         $id = $line["id"];
 270                         $count = $line["count"];
 271                         $last_error = htmlspecialchars($line["last_error"]);
 272
 273                         $has_img = is_file(ICONS_DIR . "/$id.ico");
 274
 275                         $tmp_result = db_query($link,
 276                                 "SELECT id,COUNT(unread) AS unread
 277                                 FROM ttrss_feeds LEFT JOIN ttrss_user_entries
 278                                         ON (ttrss_feeds.id = ttrss_user_entries.feed_id)
 279                                 WHERE parent_feed = '$id' AND unread = true GROUP BY ttrss_feeds.id");
 280
 281                         if (db_num_rows($tmp_result) > 0) {
 282                                 while ($l = db_fetch_assoc($tmp_result)) {
 283                                         $count += $l["unread"];
 284                                 }
 285                         }
 286
 287                         if (!$smart_mode || $old_counters[$id] != $count) {
 288                                 $old_counters[$id] = $count;
 289                                 $fctrs_modified = true;
 290
 291                                 if ($last_error) {
 292                                         $error_part = "error=\"$last_error\"";
 293                                 } else {
 294                                         $error_part = "";
 295                                 }
 296
 297                                 if ($has_img) {
 298                                         $has_img_part = "hi=\"$has_img\"";
 299                                 } else {
 300                                         $has_img_part = "";
 301                                 }
 302
 303                                 print "<counter type=\"feed\" id=\"$id\" counter=\"$count\" $has_img_part $error_part/>";
 304                         }
 305                 }
 306
 307                 if ($smart_mode && $fctrs_modified) {
 308                         $_SESSION["fctr_last_value"] = $old_counters;
 309                 }
 310         }
 311
 312         function outputFeedList($link, $tags = false) {
 313
 314                 print "<html><head>
 315                         <title>Tiny Tiny RSS : Feedlist</title>
 316                         <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">";
 317
 318                 $user_theme = $_SESSION["theme"];
 319                 if ($user_theme) {
 320                         print "<link rel=\"stylesheet\" type=\"text/css\"
 321                                 href=\"themes/$user_theme/theme.css\">";
 322                 }
 323
 324                 if (get_pref($link, 'USE_COMPACT_STYLESHEET')) {
 325                         print "<link rel=\"stylesheet\" type=\"text/css\"
 326                                 href=\"tt-rss_compact.css\"/>";
 327                 } else {
 328                         print "<link title=\"Compact Stylesheet\" rel=\"alternate stylesheet\"
 329                                         type=\"text/css\" href=\"tt-rss_compact.css\"/>";
 330                 }
 331
 332                 print "<script type=\"text/javascript\" src=\"functions.js\"></script>
 333                         <script type=\"text/javascript\" src=\"feedlist.js\"></script>
 334                         <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
 335                         <!--[if gte IE 5.5000]>
 336                         <script type=\"text/javascript\" src=\"pngfix.js\"></script>
 337                         <link rel=\"stylesheet\" type=\"text/css\" href=\"tt-rss-ie.css\">
 338                         <![endif]-->
 339                         </head><body onload=\"init()\">";
 340
 341                 print "<ul class=\"feedList\" id=\"feedList\">";
 342
 343                 $owner_uid = $_SESSION["uid"];
 344
 345                 if (!$tags) {
 346
 347                         /* virtual feeds */
 348
 349                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 350                                 print "<li class=\"feedCat\">Special</li>";
 351                                 print "<li id=\"feedCatHolder\"><ul class=\"feedCatList\">";
 352                         }
 353
 354                         $result = db_query($link, "SELECT count(id) as num_starred
 355                                 FROM ttrss_entries,ttrss_user_entries
 356                                 WHERE marked = true AND
 357                                 ttrss_user_entries.ref_id = ttrss_entries.id AND
 358                                 unread = true AND owner_uid = '$owner_uid'");
 359                         $num_starred = db_fetch_result($result, 0, "num_starred");
 360
 361                         $class = "virt";
 362
 363                         if ($num_starred > 0) $class .= "Unread";
 364
 365                         printFeedEntry(-1, $class, "Starred articles", $num_starred,
 366                                 "images/mark_set.png", $link);
 367
 368                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 369                                 print "</li></ul>";
 370                         }
 371
 372                         if (GLOBAL_ENABLE_LABELS && get_pref($link, 'ENABLE_LABELS')) {
 373
 374                                 $result = db_query($link, "SELECT id,sql_exp,description FROM
 375                                         ttrss_labels WHERE owner_uid = '$owner_uid' ORDER by description");
 376
 377                                 if (db_num_rows($result) > 0) {
 378                                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 379                                                 print "<li class=\"feedCat\">Labels</li>";
 380                                                 print "<li id=\"feedCatHolder\"><ul class=\"feedCatList\">";
 381                                         } else {
 382                                                 print "<li><hr></li>";
 383                                         }
 384                                 }
 385
 386                                 while ($line = db_fetch_assoc($result)) {
 387
 388                                         error_reporting (0);
 389
 390                                         $tmp_result = db_query($link, "SELECT count(id) as count
 391                                                 FROM ttrss_entries,ttrss_user_entries
 392                                                 WHERE (" . $line["sql_exp"] . ") AND unread = true AND
 393                                                 ttrss_user_entries.ref_id = ttrss_entries.id
 394                                                 AND owner_uid = '$owner_uid'");
 395
 396                                         $count = db_fetch_result($tmp_result, 0, "count");
 397
 398                                         $class = "label";
 399
 400                                         if ($count > 0) {
 401                                                 $class .= "Unread";
 402                                         }
 403
 404                                         error_reporting (DEFAULT_ERROR_LEVEL);
 405
 406                                         printFeedEntry(-$line["id"]-11,
 407                                                 $class, $line["description"], $count, "images/label.png", $link);
 408
 409                                 }
 410
 411                                 if (db_num_rows($result) > 0) {
 412                                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 413                                                 print "</li></ul>";
 414                                         }
 415                                 }
 416
 417                         }
 418
 419 //                      if (!get_pref($link, 'ENABLE_FEED_CATS')) {
 420                                 print "<li><hr></li>";
 421 //                      }
 422
 423                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 424                                 $order_by_qpart = "category,title";
 425                         } else {
 426                                 $order_by_qpart = "title";
 427                         }
 428
 429                         $result = db_query($link, "SELECT ttrss_feeds.*,
 430                                 (SELECT COUNT(id) FROM ttrss_entries,ttrss_user_entries
 431                                         WHERE feed_id = ttrss_feeds.id AND
 432                                         ttrss_user_entries.ref_id = ttrss_entries.id AND
 433                                         owner_uid = '$owner_uid') AS total,
 434                                 (SELECT COUNT(id) FROM ttrss_entries,ttrss_user_entries
 435                                         WHERE feed_id = ttrss_feeds.id AND unread = true
 436                                                 AND ttrss_user_entries.ref_id = ttrss_entries.id
 437                                                 AND owner_uid = '$owner_uid') as unread,
 438                                 cat_id,last_error,
 439                                 ttrss_feed_categories.title AS category,
 440                                 ttrss_feed_categories.collapsed
 441                                 FROM ttrss_feeds LEFT JOIN ttrss_feed_categories
 442                                         ON (ttrss_feed_categories.id = cat_id)
 443                                 WHERE
 444                                         ttrss_feeds.owner_uid = '$owner_uid' AND parent_feed IS NULL
 445                                 ORDER BY $order_by_qpart");
 446
 447                         $actid = $_GET["actid"];
 448
 449                         /* real feeds */
 450
 451                         $lnum = 0;
 452
 453                         $total_unread = 0;
 454
 455                         $category = "";
 456
 457                         while ($line = db_fetch_assoc($result)) {
 458
 459                                 $feed = db_unescape_string($line["title"]);
 460                                 $feed_id = $line["id"];
 461
 462                                 $subop = $_GET["subop"];
 463
 464                                 $total = $line["total"];
 465                                 $unread = $line["unread"];
 466
 467                                 $tmp_result = db_query($link,
 468                                         "SELECT id,COUNT(unread) AS unread
 469                                         FROM ttrss_feeds LEFT JOIN ttrss_user_entries
 470                                                 ON (ttrss_feeds.id = ttrss_user_entries.feed_id)
 471                                         WHERE parent_feed = '$feed_id' AND unread = true
 472                                         GROUP BY ttrss_feeds.id");
 473
 474                                 if (db_num_rows($tmp_result) > 0) {
 475                                         while ($l = db_fetch_assoc($tmp_result)) {
 476                                                 $unread += $l["unread"];
 477                                         }
 478                                 }
 479
 480                                 $cat_id = $line["cat_id"];
 481
 482                                 $tmp_category = $line["category"];
 483
 484                                 if (!$tmp_category) {
 485                                         $tmp_category = "Uncategorized";
 486                                 }
 487
 488         //                      $class = ($lnum % 2) ? "even" : "odd";
 489
 490                                 if ($line["last_error"]) {
 491                                         $class = "error";
 492                                 } else {
 493                                         $class = "feed";
 494                                 }
 495
 496                                 if ($unread > 0) $class .= "Unread";
 497
 498                                 if ($actid == $feed_id) {
 499                                         $class .= "Selected";
 500                                 }
 501
 502                                 $total_unread += $unread;
 503
 504                                 if ($category != $tmp_category && get_pref($link, 'ENABLE_FEED_CATS')) {
 505
 506                                         if ($category) {
 507                                                 print "</li></ul></li>";
 508                                         }
 509
 510                                         $category = $tmp_category;
 511
 512                                         $collapsed = $line["collapsed"];
 513
 514                                         // workaround for NULL category
 515                                         if ($category == "Uncategorized") {
 516                                                 if ($_COOKIE["ttrss_vf_uclps"] == 1) {
 517                                                         $collapsed = "t";
 518                                                 }
 519                                         }
 520
 521                                         if ($collapsed == "t" || $collapsed == "1") {
 522                                                 $holder_class = "invisible";
 523                                                 $ellipsis = "...";
 524                                         } else {
 525                                                 $holder_class = "";
 526                                                 $ellipsis = "";
 527                                         }
 528
 529                                         if ($cat_id) {
 530                                                 $cat_id_qpart = "cat_id = '$cat_id'";
 531                                         } else {
 532                                                 $cat_id_qpart = "cat_id IS NULL";
 533                                         }
 534
 535                                         $tmp_result = db_query($link, "SELECT count(int_id) AS unread
 536                                                 FROM ttrss_user_entries,ttrss_feeds WHERE
 537                                                         unread = true AND
 538                                                         feed_id = ttrss_feeds.id AND $cat_id_qpart AND
 539                                                         ttrss_user_entries.owner_uid = " . $_SESSION["uid"]);
 540
 541                                         $cat_unread = db_fetch_result($tmp_result, 0, "unread");
 542
 543                                         $cat_id = sprintf("%d", $cat_id);
 544
 545                                         print "<li class=\"feedCat\" id=\"FCAT-$cat_id\">
 546                                                 <a href=\"javascript:toggleCollapseCat($cat_id)\">$tmp_category
 547                                                         <span id=\"FCATCTR-$cat_id\"
 548                                                         class=\"$catctr_class\">($cat_unread unread)$ellipsis</span></a></li>";
 549
 550                                         // !!! NO SPACE before <ul...feedCatList - breaks firstChild DOM function
 551                                         // -> keyboard navigation, etc.
 552                                         print "<li id=\"feedCatHolder\" class=\"$holder_class\"><ul class=\"feedCatList\" id=\"FCATLIST-$cat_id\">";
 553                                 }
 554
 555                                 printFeedEntry($feed_id, $class, $feed, $unread,
 556                                         "icons/$feed_id.ico", $link);
 557
 558                                 ++$lnum;
 559                         }
 560
 561                 } else {
 562
 563                         // tags
 564
 565 /*                      $result = db_query($link, "SELECT tag_name,count(ttrss_entries.id) AS count
 566                                 FROM ttrss_tags,ttrss_entries,ttrss_user_entries WHERE
 567                                 post_int_id = ttrss_user_entries.int_id AND
 568                                 unread = true AND ref_id = ttrss_entries.id
 569                                 AND ttrss_tags.owner_uid = '$owner_uid' GROUP BY tag_name
 570                         UNION
 571                                 select tag_name,0 as count FROM ttrss_tags WHERE owner_uid = '$owner_uid'
 572                         ORDER BY tag_name"); */
 573
 574                         $result = db_query($link, "SELECT tag_name,SUM((SELECT COUNT(int_id)
 575                                 FROM ttrss_user_entries WHERE int_id = post_int_id
 576                                         AND unread = true)) AS count FROM ttrss_tags
 577                                 WHERE owner_uid = 2 GROUP BY tag_name ORDER BY tag_name");
 578
 579                         $tags = array();
 580
 581                         while ($line = db_fetch_assoc($result)) {
 582                                 $tags[$line["tag_name"]] += $line["count"];
 583                         }
 584
 585                         foreach (array_keys($tags) as $tag) {
 586
 587                                 $unread = $tags[$tag];
 588
 589                                 $class = "tag";
 590
 591                                 if ($unread > 0) {
 592                                         $class .= "Unread";
 593                                 }
 594
 595                                 printFeedEntry($tag, $class, $tag, $unread, "images/tag.png", $link);
 596
 597                         }
 598
 599                 }
 600
 601                 if (db_num_rows($result) == 0) {
 602                         if ($tags) {
 603                                 $what = "tags";
 604                         } else {
 605                                 $what = "feeds";
 606                         }
 607                         print "<li>No $what to display.</li>";
 608                 }
 609
 610                 print "</ul>";
 611
 612         }
 613
 614
 615         if ($op == "rpc") {
 616
 617                 $subop = $_GET["subop"];
 618
 619                 if ($subop == "getLabelCounters") {
 620                         $aid = $_GET["aid"];
 621                         print "<rpc-reply>";
 622                         getLabelCounters($link);
 623                         if ($aid) {
 624                                 getFeedCounter($link, $aid);
 625                         }
 626                         print "</rpc-reply>";
 627                 }
 628
 629                 if ($subop == "getFeedCounters") {
 630                         print "<rpc-reply>";
 631                         getFeedCounters($link);
 632                         print "</rpc-reply>";
 633                 }
 634
 635                 if ($subop == "getAllCounters") {
 636                         print "<rpc-reply>";
 637                         getAllCounters($link);
 638                         print "</rpc-reply>";
 639                 }
 640
 641                 if ($subop == "mark") {
 642                         $mark = $_GET["mark"];
 643                         $id = db_escape_string($_GET["id"]);
 644
 645                         if ($mark == "1") {
 646                                 $mark = "true";
 647                         } else {
 648                                 $mark = "false";
 649                         }
 650
 651                         // FIXME this needs collision testing
 652
 653                         $result = db_query($link, "UPDATE ttrss_user_entries SET marked = $mark
 654                                 WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 655                 }
 656
 657                 if ($subop == "updateFeed") {
 658                         $feed_id = db_escape_string($_GET["feed"]);
 659
 660                         $result = db_query($link,
 661                                 "SELECT feed_url FROM ttrss_feeds WHERE id = '$feed_id'
 662                                         AND owner_uid = " . $_SESSION["uid"]);
 663
 664                         if (db_num_rows($result) > 0) {
 665                                 $feed_url = db_fetch_result($result, 0, "feed_url");
 666                                 update_rss_feed($link, $feed_url, $feed_id);
 667                         }
 668
 669                         print "<rpc-reply>";
 670                         getFeedCounter($link, $feed_id);
 671                         print "</rpc-reply>";
 672
 673                         return;
 674                 }
 675
 676                 if ($subop == "forceUpdateAllFeeds" || $subop == "updateAllFeeds") {
 677
 678                         update_all_feeds($link, $subop == "forceUpdateAllFeeds");
 679
 680                         $omode = $_GET["omode"];
 681
 682                         if (!$omode) $omode = "tfl";
 683
 684                         print "<rpc-reply>";
 685                         if (strchr($omode, "l")) getLabelCounters($link);
 686                         if (strchr($omode, "f")) getFeedCounters($link);
 687                         if (strchr($omode, "t")) getTagCounters($link);
 688                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 689                                 getCategoryCounters($link);
 690                         }
 691                         getGlobalCounters($link);
 692                         print "</rpc-reply>";
 693                 }
 694
 695                 /* GET["cmode"] = 0 - mark as read, 1 - as unread, 2 - toggle */
 696                 if ($subop == "catchupSelected") {
 697
 698                         $ids = split(",", db_escape_string($_GET["ids"]));
 699
 700                         $cmode = sprintf("%d", $_GET["cmode"]);
 701
 702                         foreach ($ids as $id) {
 703
 704                                 if ($cmode == 0) {
 705                                         db_query($link, "UPDATE ttrss_user_entries SET
 706                                         unread = false,last_read = NOW()
 707                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 708                                 } else if ($cmode == 1) {
 709                                         db_query($link, "UPDATE ttrss_user_entries SET
 710                                         unread = true
 711                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 712                                 } else {
 713                                         db_query($link, "UPDATE ttrss_user_entries SET
 714                                         unread = NOT unread,last_read = NOW()
 715                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 716                                 }
 717                         }
 718                         print "<rpc-reply>";
 719                         getAllCounters($link);
 720                         print "</rpc-reply>";
 721                 }
 722
 723                 if ($subop == "markSelected") {
 724
 725                         $ids = split(",", db_escape_string($_GET["ids"]));
 726
 727                         $cmode = sprintf("%d", $_GET["cmode"]);
 728
 729                         foreach ($ids as $id) {
 730
 731                                 if ($cmode == 0) {
 732                                         db_query($link, "UPDATE ttrss_user_entries SET
 733                                         marked = false
 734                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 735                                 } else if ($cmode == 1) {
 736                                         db_query($link, "UPDATE ttrss_user_entries SET
 737                                         marked = true
 738                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 739                                 } else {
 740                                         db_query($link, "UPDATE ttrss_user_entries SET
 741                                         marked = NOT marked
 742                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 743                                 }
 744                         }
 745                         print "<rpc-reply>";
 746                         getAllCounters($link);
 747                         print "</rpc-reply>";
 748                 }
 749
 750                 if ($subop == "sanityCheck") {
 751                         if (sanity_check($link)) {
 752                                 print "<error error-code=\"0\"/>";
 753                         }
 754                 }
 755
 756                 if ($subop == "globalPurge") {
 757
 758                         print "<rpc-reply>";
 759                         global_purge_old_posts($link, true);
 760                         print "</rpc-reply>";
 761
 762                 }
 763
 764         }
 765
 766         if ($op == "feeds") {
 767
 768                 $tags = $_GET["tags"];
 769
 770                 $subop = $_GET["subop"];
 771
 772                 if ($subop == "catchupAll") {
 773                         db_query($link, "UPDATE ttrss_user_entries SET
 774                                 last_read = NOW(),unread = false WHERE owner_uid = " . $_SESSION["uid"]);
 775                 }
 776
 777                 if ($subop == "collapse") {
 778                         $cat_id = db_escape_string($_GET["cid"]);
 779
 780                         db_query($link, "UPDATE ttrss_feed_categories SET
 781                                 collapsed = NOT collapsed WHERE id = '$cat_id' AND owner_uid = " .
 782                                 $_SESSION["uid"]);
 783                         return;
 784                 }
 785
 786                 outputFeedList($link, $tags);
 787
 788         }
 789
 790         if ($op == "view") {
 791
 792                 $id = $_GET["id"];
 793                 $feed_id = $_GET["feed"];
 794
 795                 $result = db_query($link, "UPDATE ttrss_user_entries
 796                         SET unread = false,last_read = NOW()
 797                         WHERE ref_id = '$id' AND feed_id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]);
 798
 799                 $addheader = $_GET["addheader"];
 800
 801                 $result = db_query($link, "SELECT title,link,content,feed_id,comments,int_id,
 802                         SUBSTRING(updated,1,16) as updated,
 803                         (SELECT icon_url FROM ttrss_feeds WHERE id = feed_id) as icon_url,
 804                         num_comments
 805                         FROM ttrss_entries,ttrss_user_entries
 806                         WHERE   id = '$id' AND ref_id = id");
 807
 808                 if ($addheader) {
 809                         print "<html><head>
 810                                 <title>Tiny Tiny RSS : Article $id</title>
 811                                 <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">";
 812
 813                         $user_theme = $_SESSION["theme"];
 814                         if ($user_theme) {
 815                                 print "<link rel=\"stylesheet\" type=\"text/css\"
 816                                         href=\"themes/$user_theme/theme.css\">";
 817                         }
 818
 819                         if (get_pref($link, 'USE_COMPACT_STYLESHEET')) {
 820                                 print "<link rel=\"stylesheet\" type=\"text/css\"
 821                                         href=\"tt-rss_compact.css\"/>";
 822                         } else {
 823                                 print "<link title=\"Compact Stylesheet\" rel=\"alternate stylesheet\"
 824                                                 type=\"text/css\" href=\"tt-rss_compact.css\"/>";
 825                         }
 826
 827                         print "<script type=\"text/javascript\" src=\"functions.js\"></script>
 828                                 <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
 829                                 </head><body>";
 830                 }
 831
 832                 if ($result) {
 833
 834                         $line = db_fetch_assoc($result);
 835
 836                         if ($line["icon_url"]) {
 837                                 $feed_icon = "<img class=\"feedIcon\" src=\"" . $line["icon_url"] . "\">";
 838                         } else {
 839                                 $feed_icon = "&nbsp;";
 840                         }
 841
 842 /*                      if ($line["comments"] && $line["link"] != $line["comments"]) {
 843                                 $entry_comments = "(<a href=\"".$line["comments"]."\">Comments</a>)";
 844                         } else {
 845                                 $entry_comments = "";
 846                         } */
 847
 848                         $num_comments = $line["num_comments"];
 849                         $entry_comments = "";
 850
 851                         if ($num_comments > 0) {
 852                                 if ($line["comments"]) {
 853                                         $comments_url = $line["comments"];
 854                                 } else {
 855                                         $comments_url = $line["link"];
 856                                 }
 857                                 $entry_comments = "<a href=\"$comments_url\">$num_comments comments</a>";
 858                         } else {
 859                                 if ($line["comments"] && $line["link"] != $line["comments"]) {
 860                                         $entry_comments = "<a href=\"".$line["comments"]."\">comments</a>";
 861                                 }
 862                         }
 863
 864                         print "<div class=\"postReply\">";
 865
 866                         print "<div class=\"postHeader\"><table width=\"100%\">";
 867
 868                         print "<tr><td><a href=\"" . $line["link"] . "\">" . $line["title"] . "</a></td>";
 869
 870                         $parsed_updated = date(get_pref($link, 'LONG_DATE_FORMAT'),
 871                                 strtotime($line["updated"]));
 872
 873                         print "<td class=\"postDate\">$parsed_updated</td>";
 874
 875                         print "</tr>";
 876
 877                         $tmp_result = db_query($link, "SELECT DISTINCT tag_name FROM
 878                                 ttrss_tags WHERE post_int_id = " . $line["int_id"] . "
 879                                 ORDER BY tag_name");
 880
 881                         $tags_str = "";
 882                         $f_tags_str = "";
 883
 884                         $num_tags = 0;
 885
 886                         while ($tmp_line = db_fetch_assoc($tmp_result)) {
 887                                 $num_tags++;
 888                                 $tag = $tmp_line["tag_name"];
 889                                 $tag_str = "<a href=\"javascript:parent.viewfeed('$tag')\">$tag</a>, ";
 890
 891                                 if ($num_tags == 5) {
 892                                         $tags_str .= "<a href=\"javascript:showBlockElement('allEntryTags')\">...</a>";
 893                                 } else if ($num_tags < 5) {
 894                                         $tags_str .= $tag_str;
 895                                 }
 896                                 $f_tags_str .= $tag_str;
 897                         }
 898
 899                         $tags_str = preg_replace("/, $/", "", $tags_str);
 900                         $f_tags_str = preg_replace("/, $/", "", $f_tags_str);
 901
 902 //                      $truncated_link = truncate_string($line["link"], 60);
 903
 904                         if ($tags_str || $entry_comments) {
 905                                 print "<tr><td width='50%'>
 906                                         $entry_comments</td>
 907                                         <td align=\"right\">$tags_str</td></tr>";
 908                         }
 909
 910                         print "</table></div>";
 911
 912                         print "<div class=\"postIcon\">" . $feed_icon . "</div>";
 913                         print "<div class=\"postContent\">";
 914
 915                         if (db_num_rows($tmp_result) > 5) {
 916                                 print "<div id=\"allEntryTags\">Tags: $f_tags_str</div>";
 917                         }
 918
 919                         print $line["content"] . "</div>";
 920
 921                         print "</div>";
 922
 923                         print "<script type=\"text/javascript\">
 924                                 update_all_counters('$feed_id');
 925                         </script>";
 926                 }
 927
 928                 if ($addheader) {
 929                         print "</body></html>";
 930                 }
 931         }
 932
 933         if ($op == "viewfeed") {
 934
 935                 $feed = $_GET["feed"];
 936                 $skip = $_GET["skip"];
 937                 $subop = $_GET["subop"];
 938                 $view_mode = $_GET["view"];
 939                 $addheader = $_GET["addheader"];
 940                 $limit = $_GET["limit"];
 941
 942                 if (!$feed) {
 943                         return;
 944                 }
 945
 946                 if (!$skip) $skip = 0;
 947
 948                 if ($subop == "undefined") $subop = "";
 949
 950                 if ($addheader) {
 951                         print "<html><head>
 952                                 <title>Tiny Tiny RSS : Feed $feed</title>
 953                                 <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">";
 954
 955                         $user_theme = $_SESSION["theme"];
 956                         if ($user_theme) {
 957                                 print "<link rel=\"stylesheet\" type=\"text/css\"
 958                                         href=\"themes/$user_theme/theme.css\">";
 959                         }
 960
 961                         if (get_pref($link, 'USE_COMPACT_STYLESHEET')) {
 962                                 print "<link rel=\"stylesheet\"
 963                                                 type=\"text/css\" href=\"tt-rss_compact.css\"/>";
 964
 965                         } else {
 966                                 print "<link title=\"Compact Stylesheet\" rel=\"alternate stylesheet\"
 967                                                 type=\"text/css\" href=\"tt-rss_compact.css\"/>";
 968                         }
 969
 970                         print "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
 971                                 <script type=\"text/javascript\" src=\"functions.js\"></script>
 972                                 <script type=\"text/javascript\" src=\"viewfeed.js\"></script>
 973                                 <!--[if gte IE 5.5000]>
 974                                 <script type=\"text/javascript\" src=\"pngfix.js\"></script>
 975                                 <link rel=\"stylesheet\" type=\"text/css\" href=\"tt-rss-ie.css\">
 976                                 <![endif]-->
 977                                 </head><body onload='init()'>";
 978                 }
 979
 980                 if ($subop == "ForceUpdate" && sprintf("%d", $feed) > 0) {
 981
 982                         $tmp_result = db_query($link, "SELECT feed_url FROM ttrss_feeds
 983                                 WHERE id = '$feed'");
 984
 985                         $feed_url = db_fetch_result($tmp_result, 0, "feed_url");
 986
 987                         update_rss_feed($link, $feed_url, $feed);
 988
 989                 }
 990
 991                 if ($subop == "MarkAllRead")  {
 992
 993                         if (sprintf("%d", $feed) != 0) {
 994
 995                                 if ($feed > 0) {
 996
 997                                         $tmp_result = db_query($link, "SELECT id
 998                                                 FROM ttrss_feeds WHERE parent_feed = '$feed'
 999                                                 ORDER BY cat_id,title");
1000
1001                                         $parent_ids = array();
1002
1003                                         if (db_num_rows($tmp_result) > 0) {
1004                                                 while ($p = db_fetch_assoc($tmp_result)) {
1005                                                         array_push($parent_ids, "feed_id = " . $p["id"]);
1006                                                 }
1007
1008                                                 $children_qpart = implode(" OR ", $parent_ids);
1009
1010                                                 db_query($link, "UPDATE ttrss_user_entries
1011                                                         SET unread = false,last_read = NOW()
1012                                                         WHERE (feed_id = '$feed' OR $children_qpart)
1013                                                         AND owner_uid = " . $_SESSION["uid"]);
1014
1015                                         } else {
1016                                                 db_query($link, "UPDATE ttrss_user_entries
1017                                                         SET unread = false,last_read = NOW()
1018                                                         WHERE feed_id = '$feed' AND owner_uid = " . $_SESSION["uid"]);
1019                                         }
1020
1021                                 } else if ($feed < 0 && $feed > -10) { // special, like starred
1022
1023                                         if ($feed == -1) {
1024                                                 db_query($link, "UPDATE ttrss_user_entries
1025                                                         SET unread = false,last_read = NOW()
1026                                                         WHERE marked = true AND owner_uid = ".$_SESSION["uid"]);
1027                                         }
1028
1029                                 } else if ($feed < -10) { // label
1030
1031                                         // TODO make this more efficient
1032
1033                                         $label_id = -$feed - 11;
1034
1035                                         $tmp_result = db_query($link, "SELECT sql_exp FROM ttrss_labels
1036                                                 WHERE id = '$label_id'");
1037
1038                                         if ($tmp_result) {
1039                                                 $sql_exp = db_fetch_result($tmp_result, 0, "sql_exp");
1040
1041                                                 db_query($link, "BEGIN");
1042
1043                                                 $tmp2_result = db_query($link,
1044                                                         "SELECT
1045                                                                 int_id
1046                                                         FROM
1047                                                                 ttrss_user_entries,ttrss_entries
1048                                                         WHERE
1049                                                                 ref_id = id AND
1050                                                                 $sql_exp AND
1051                                                                 owner_uid = " . $_SESSION["uid"]);
1052
1053                                                 while ($tmp_line = db_fetch_assoc($tmp2_result)) {
1054                                                         db_query($link, "UPDATE
1055                                                                 ttrss_user_entries
1056                                                         SET
1057                                                                 unread = false, last_read = NOW()
1058                                                         WHERE
1059                                                                 int_id = " . $tmp_line["int_id"]);
1060                                                 }
1061
1062                                                 db_query($link, "COMMIT");
1063
1064 /*                                              db_query($link, "UPDATE ttrss_user_entries,ttrss_entries
1065                                                         SET unread = false,last_read = NOW()
1066                                                         WHERE $sql_exp
1067                                                         AND ref_id = id
1068                                                         AND owner_uid = ".$_SESSION["uid"]); */
1069                                         }
1070                                 }
1071                         } else { // tag
1072                                 db_query($link, "BEGIN");
1073
1074                                 $tag_name = db_escape_string($feed);
1075
1076                                 $result = db_query($link, "SELECT post_int_id FROM ttrss_tags
1077                                         WHERE tag_name = '$tag_name' AND owner_uid = " . $_SESSION["uid"]);
1078
1079                                 while ($line = db_fetch_assoc($result)) {
1080                                         db_query($link, "UPDATE ttrss_user_entries SET
1081                                                 unread = false, last_read = NOW()
1082                                                 WHERE int_id = " . $line["post_int_id"]);
1083                                 }
1084                                 db_query($link, "COMMIT");
1085                         }
1086
1087                 }
1088
1089                 $search = db_escape_string($_GET["search"]);
1090                 $search_mode = db_escape_string($_GET["smode"]);
1091
1092                 if ($search) {
1093                         $search_query_part = "(upper(title) LIKE upper('%$search%')
1094                                 OR content LIKE '%$search%') AND";
1095                 } else {
1096                         $search_query_part = "";
1097                 }
1098
1099                 $view_query_part = "";
1100
1101                 if ($view_mode == "Adaptive") {
1102                         if ($feed != -1) {
1103                                 $unread = getFeedUnread($link, $feed);
1104                                 if ($unread > 0) {
1105                                         $view_query_part = " unread = true AND ";
1106                                 }
1107                         }
1108                 }
1109
1110                 if ($view_mode == "Starred") {
1111                         $view_query_part = " marked = true AND ";
1112                 }
1113
1114                 if ($view_mode == "Unread") {
1115                         $view_query_part = " unread = true AND ";
1116                 }
1117
1118                 if ($limit && $limit != "All") {
1119                         $limit_query_part = "LIMIT " . $limit;
1120                 }
1121
1122                 $vfeed_query_part = "";
1123
1124                 // override query strategy and enable feed display when searching globally
1125                 if ($search && $search_mode == "All feeds") {
1126                         $query_strategy_part = "id > 0";
1127                         $vfeed_query_part = "ttrss_feeds.title AS feed_title,";
1128                 } else if (sprintf("%d", $feed) == 0) {
1129                         $query_strategy_part = "ttrss_entries.id > 0";
1130                         $vfeed_query_part = "(SELECT title FROM ttrss_feeds WHERE
1131                                 id = feed_id) as feed_title,";
1132                 } else if ($feed >= 0) {
1133
1134                         $tmp_result = db_query($link, "SELECT id
1135                                 FROM ttrss_feeds WHERE parent_feed = '$feed'
1136                                 ORDER BY cat_id,title");
1137
1138                         $parent_ids = array();
1139
1140                         if (db_num_rows($tmp_result) > 0) {
1141                                 while ($p = db_fetch_assoc($tmp_result)) {
1142                                         array_push($parent_ids, "feed_id = " . $p["id"]);
1143                                 }
1144
1145                                 $query_strategy_part = sprintf("(feed_id = %d OR %s)",
1146                                         $feed, implode(" OR ", $parent_ids));
1147
1148                                 $vfeed_query_part = "ttrss_feeds.title AS feed_title,";
1149                         } else {
1150                                 $query_strategy_part = "feed_id = '$feed'";
1151                         }
1152                 } else if ($feed == -1) { // starred virtual feed
1153                         $query_strategy_part = "marked = true";
1154                         $vfeed_query_part = "ttrss_feeds.title AS feed_title,";
1155                 } else if ($feed <= -10) { // labels
1156                         $label_id = -$feed - 11;
1157
1158                         $tmp_result = db_query($link, "SELECT sql_exp FROM ttrss_labels
1159                                 WHERE id = '$label_id'");
1160
1161                         $query_strategy_part = db_fetch_result($tmp_result, 0, "sql_exp");
1162
1163                         $vfeed_query_part = "ttrss_feeds.title AS feed_title,";
1164                 } else {
1165                         $query_strategy_part = "id > 0"; // dumb
1166                 }
1167
1168                 $order_by = "updated DESC";
1169
1170 //              if ($feed < -10) {
1171 //                      $order_by = "feed_id,updated DESC";
1172 //              }
1173
1174                 $feed_title = "";
1175
1176                 if ($search && $search_mode == "All feeds") {
1177                         $feed_title = "Search results";
1178                 } else if (sprintf("%d", $feed) == 0) {
1179                         $feed_title = $feed;
1180                 } else if ($feed > 0) {
1181                         $result = db_query($link, "SELECT title,site_url,last_error FROM ttrss_feeds
1182                                 WHERE id = '$feed'");
1183
1184                         $feed_title = db_fetch_result($result, 0, "title");
1185                         $feed_site_url = db_fetch_result($result, 0, "site_url");
1186                         $last_error = db_fetch_result($result, 0, "last_error");
1187
1188                 } else if ($feed == -1) {
1189                         $feed_title = "Starred articles";
1190                 } else if ($feed < -10) {
1191                         $label_id = -$feed - 11;
1192                         $result = db_query($link, "SELECT description FROM ttrss_labels
1193                                 WHERE id = '$label_id'");
1194                         $feed_title = db_fetch_result($result, 0, "description");
1195                 } else {
1196                         $feed_title = "?";
1197                 }
1198
1199                 if ($feed < -10) error_reporting (0);
1200
1201                 print "<div id=\"headlinesContainer\">";
1202
1203                 if (sprintf("%d", $feed) != 0) {
1204
1205                         if ($feed > 0) {
1206                                 $feed_kind = "Feeds";
1207                         } else {
1208                                 $feed_kind = "Labels";
1209                         }
1210
1211 //                      if (!$vfeed_query_part) {
1212                         $content_query_part = "content as content_preview,";
1213 //                      } else {
1214 //                              $content_query_part = "";
1215 //                      }
1216
1217                         $result = db_query($link, "SELECT
1218                                         ttrss_entries.id,ttrss_entries.title,
1219                                         SUBSTRING(updated,1,16) as updated,
1220                                         unread,feed_id,marked,link,last_read,
1221                                         SUBSTRING(last_read,1,19) as last_read_noms,
1222                                         $vfeed_query_part
1223                                         $content_query_part
1224                                         SUBSTRING(updated,1,19) as updated_noms
1225                                 FROM
1226                                         ttrss_entries,ttrss_user_entries,ttrss_feeds
1227                                 WHERE
1228                                 ttrss_user_entries.feed_id = ttrss_feeds.id AND
1229                                 ttrss_user_entries.ref_id = ttrss_entries.id AND
1230                                 ttrss_user_entries.owner_uid = '".$_SESSION["uid"]."' AND
1231                                 $search_query_part
1232                                 $view_query_part
1233                                 $query_strategy_part ORDER BY $order_by
1234                                 $limit_query_part");
1235
1236                 } else {
1237                         // browsing by tag
1238
1239                         $feed_kind = "Tags";
1240
1241                         $result = db_query($link, "SELECT
1242                                 ttrss_entries.id as id,title,
1243                                 SUBSTRING(updated,1,16) as updated,
1244                                 unread,feed_id,
1245                                 marked,link,last_read,
1246                                 SUBSTRING(last_read,1,19) as last_read_noms,
1247                                 $vfeed_query_part
1248                                 $content_query_part
1249                                 SUBSTRING(updated,1,19) as updated_noms
1250                                 FROM
1251                                         ttrss_entries,ttrss_user_entries,ttrss_tags
1252                                 WHERE
1253                                         ref_id = ttrss_entries.id AND
1254                                         ttrss_user_entries.owner_uid = '".$_SESSION["uid"]."' AND
1255                                         post_int_id = int_id AND tag_name = '$feed' AND
1256                                         $view_query_part
1257                                         $search_query_part
1258                                         $query_strategy_part ORDER BY $order_by
1259                                 $limit_query_part");
1260                 }
1261
1262                 if (!$result) {
1263                         print "<div align='center'>
1264                                 Could not display feed (query failed). Please check label match syntax or local configuration.</div>";
1265                         return;
1266                 }
1267
1268                 if (db_num_rows($result) > 0) {
1269
1270                         print "<table class=\"headlinesSubToolbar\"
1271                                 width=\"100%\" cellspacing=\"0\" cellpadding=\"0\"><tr>";
1272
1273                         if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
1274
1275                                 print "<td class=\"headlineActions\">
1276                                         Select:
1277                                                                 <a href=\"javascript:selectTableRowsByIdPrefix('headlinesList',
1278                                                                         'RROW-', 'RCHK-', true, '', true)\">All</a>,
1279                                                                 <a href=\"javascript:selectTableRowsByIdPrefix('headlinesList',
1280                                                                         'RROW-', 'RCHK-', true, 'Unread', true)\">Unread</a>,
1281                                                                 <a href=\"javascript:selectTableRowsByIdPrefix('headlinesList',
1282                                                                         'RROW-', 'RCHK-', false)\">None</a>
1283                                                 &nbsp;&nbsp;
1284                                                 Toggle: <a href=\"javascript:selectionToggleUnread()\">Unread</a>,
1285                                                                 <a href=\"javascript:selectionToggleMarked()\">Starred</a>";
1286                                 print "</td>";
1287
1288                         } else {
1289
1290                                 print "<td class=\"headlineActions\">
1291                                         Select:
1292                                                                 <a href=\"javascript:cdmSelectArticles('all')\">All</a>,
1293                                                                 <a href=\"javascript:cdmSelectArticles('unread')\">Unread</a>,
1294                                                                 <a href=\"javascript:cdmSelectArticles('none')\">None</a>
1295                                                 &nbsp;&nbsp;
1296                                                 Toggle: <a href=\"javascript:selectionToggleUnread(true)\">Unread</a>,
1297                                                                 <a href=\"javascript:selectionToggleMarked(true)\">Starred</a>";
1298
1299                                 print "</td>";
1300
1301
1302                         }
1303
1304                         if ($last_error) {
1305                                         print "<td align='center' class='small'>
1306                                                 <a class=\"warning\" href=\"javascript:alert('TT-RSS encountered an error while trying to update this feed.\\n\\n$last_error')\">Could not update this feed.</a></td>";
1307                                 }
1308
1309                         print "<td class=\"headlineTitle\">";
1310
1311                         if ($feed_site_url) {
1312                                 print "<a target=\"_blank\" href=\"$feed_site_url\">$feed_title</a>";
1313                         } else {
1314                                 print $feed_title;
1315                         }
1316
1317                         print "</td>";
1318                         print "</tr></table>";
1319
1320                         if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
1321                                 print "<table class=\"headlinesList\" id=\"headlinesList\"
1322                                         cellspacing=\"0\" width=\"100%\">";
1323                         }
1324
1325                         $lnum = 0;
1326
1327                         error_reporting (DEFAULT_ERROR_LEVEL);
1328
1329                         $num_unread = 0;
1330
1331                         while ($line = db_fetch_assoc($result)) {
1332
1333                                 $class = ($lnum % 2) ? "even" : "odd";
1334
1335                                 $id = $line["id"];
1336                                 $feed_id = $line["feed_id"];
1337
1338                                 if ($line["last_read"] == "" &&
1339                                                 ($line["unread"] != "t" && $line["unread"] != "1")) {
1340
1341                                         $update_pic = "<img id='FUPDPIC-$id' src=\"images/updated.png\"
1342                                                 alt=\"Updated\">";
1343                                 } else {
1344                                         $update_pic = "<img id='FUPDPIC-$id' src=\"images/blank_icon.gif\"
1345                                                 alt=\"Updated\">";
1346                                 }
1347
1348                                 if ($line["unread"] == "t" || $line["unread"] == "1") {
1349                                         $class .= "Unread";
1350                                         ++$num_unread;
1351                                         $is_unread = true;
1352                                 } else {
1353                                         $is_unread = false;
1354                                 }
1355
1356                                 if ($line["marked"] == "t" || $line["marked"] == "1") {
1357                                         $marked_pic = "<img id=\"FMARKPIC-$id\" src=\"images/mark_set.png\"
1358                                                 alt=\"Reset mark\" onclick='javascript:toggleMark($id)'>";
1359                                 } else {
1360                                         $marked_pic = "<img id=\"FMARKPIC-$id\" src=\"images/mark_unset.png\"
1361                                                 alt=\"Set mark\" onclick='javascript:toggleMark($id)'>";
1362                                 }
1363
1364                                 $content_link = "<a href=\"javascript:view($id,$feed_id);\">" .
1365                                         $line["title"] . "</a>";
1366
1367                                 if (get_pref($link, 'HEADLINES_SMART_DATE')) {
1368                                         $updated_fmt = smart_date_time(strtotime($line["updated"]));
1369                                 } else {
1370                                         $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
1371                                         $updated_fmt = date($short_date, strtotime($line["updated"]));
1372                                 }
1373
1374                                 if (get_pref($link, 'SHOW_CONTENT_PREVIEW')) {
1375                                         $content_preview = truncate_string(strip_tags($line["content_preview"]),
1376                                                 100);
1377                                 }
1378
1379                                 if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
1380
1381                                         print "<tr class='$class' id='RROW-$id'>";
1382
1383                                         print "<td class='hlUpdatePic'>$update_pic</td>";
1384
1385                                         print "<td class='hlSelectRow'>
1386                                                 <input type=\"checkbox\" onclick=\"toggleSelectRow(this)\"
1387                                                         class=\"feedCheckBox\" id=\"RCHK-$id\">
1388                                                 </td>";
1389
1390                                         print "<td class='hlMarkedPic'>$marked_pic</td>";
1391
1392                                         if ($line["feed_title"]) {
1393                                                 print "<td class='hlContent'>$content_link</td>";
1394                                                 print "<td class='hlFeed'>
1395                                                         <a href='javascript:viewfeed($feed_id)'>".
1396                                                                 $line["feed_title"]."</a>&nbsp;</td>";
1397                                         } else {
1398                                                 print "<td class='hlContent' valign='middle'>";
1399
1400                                                 print "<a href=\"javascript:view($id,$feed_id);\">" .
1401                                                         $line["title"];
1402
1403                                                 if (get_pref($link, 'SHOW_CONTENT_PREVIEW')) {
1404
1405                                                         if ($content_preview) {
1406                                                                 print "<span class=\"contentPreview\"> - $content_preview</span>";
1407                                                         }
1408                                                 }
1409
1410                                                 print "</a>";
1411                                                 print "</td>";
1412                                         }
1413
1414                                         print "<td class=\"hlUpdated\"><nobr>$updated_fmt&nbsp;</nobr></td>";
1415
1416                                         print "</tr>";
1417
1418                                 } else {
1419
1420                                         if ($is_unread) {
1421                                                 $add_class = "Unread";
1422                                         } else {
1423                                                 $add_class = "";
1424                                         }
1425
1426                                         print "<div class=\"cdmArticle$add_class\" id=\"RROW-$id\">";
1427
1428                                         print "<div class=\"cdmHeader\">";
1429
1430                                         print "<div style=\"float : right\">$updated_fmt</div>";
1431
1432                                         print "<a href=\"".$line["link"]."\">".$line["title"]."</a>";
1433
1434                                         if ($line["feed_title"]) {
1435                                                 print "&nbsp;(<a href='javascript:viewfeed($feed_id)'>".$line["feed_title"]."</a>)";
1436                                         }
1437
1438                                         print "</div>";
1439
1440                                         print "<div class=\"cdmContent\">" . $line["content_preview"] . "</div>";
1441
1442                                         print "<div style=\"float : right\">$marked_pic</div>
1443                                                 <div class=\"cdmFooter\">
1444                                                         <input type=\"checkbox\" onclick=\"toggleSelectRowById(this,
1445                                                         'RROW-$id')\" class=\"feedCheckBox\" id=\"RCHK-$id\"></div>";
1446
1447                                         print "</div>";
1448
1449                                 }
1450
1451                                 ++$lnum;
1452                         }
1453
1454                         if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
1455                                 print "</table>";
1456                         }
1457
1458                 } else {
1459                         print "<div width='100%' align='center'>No articles found.</div>";
1460                 }
1461
1462                 print "</div>";
1463
1464                 print "<script type=\"text/javascript\">
1465                         document.onkeydown = hotkey_handler;
1466                         update_all_counters('$feed');
1467                 </script>";
1468
1469                 if ($addheader) {
1470                         print "</body></html>";
1471                 }
1472         }
1473
1474         if ($op == "pref-rpc") {
1475
1476                 $subop = $_GET["subop"];
1477
1478                 if ($subop == "unread") {
1479                         $ids = split(",", db_escape_string($_GET["ids"]));
1480                         foreach ($ids as $id) {
1481                                 db_query($link, "UPDATE ttrss_user_entries SET unread = true
1482                                         WHERE feed_id = '$id' AND owner_uid = ".$_SESSION["uid"]);
1483                         }
1484
1485                         print "Marked selected feeds as unread.";
1486                 }
1487
1488                 if ($subop == "read") {
1489                         $ids = split(",", db_escape_string($_GET["ids"]));
1490                         foreach ($ids as $id) {
1491                                 db_query($link, "UPDATE ttrss_user_entries
1492                                         SET unread = false,last_read = NOW() WHERE
1493                                                 feed_id = '$id' AND owner_uid = ".$_SESSION["uid"]);
1494                         }
1495
1496                         print "Marked selected feeds as read.";
1497
1498                 }
1499
1500         }
1501
1502         if ($op == "pref-feeds") {
1503
1504                 $subop = $_REQUEST["subop"];
1505                 $quiet = $_REQUEST["quiet"];
1506
1507                 if ($subop == "massSubscribe") {
1508                         $ids = split(",", db_escape_string($_GET["ids"]));
1509
1510                         $subscribed = array();
1511
1512                         foreach ($ids as $id) {
1513                                 $result = db_query($link, "SELECT feed_url,title FROM ttrss_feeds
1514                                         WHERE id = '$id'");
1515
1516                                 $feed_url = db_fetch_result($result, 0, "feed_url");
1517                                 $title = db_fetch_result($result, 0, "title");
1518
1519                                 $result = db_query($link, "SELECT id FROM ttrss_feeds WHERE
1520                                         feed_url = '$feed_url' AND owner_uid = " . $_SESSION["uid"]);
1521
1522                                 if (db_num_rows($result) == 0) {
1523                                         $result = db_query($link,
1524                                                 "INSERT INTO ttrss_feeds (owner_uid,feed_url,title,cat_id)
1525                                                 VALUES ('".$_SESSION["uid"]."', '$feed_url', '$title', NULL)");
1526
1527                                         array_push($subscribed, $title);
1528                                 }
1529                         }
1530
1531                         if (count($subscribed) > 0) {
1532                                 print "<div class=\"notice\">";
1533                                 print "<b>Subscribed to feeds:</b>";
1534                                 print "<ul class=\"nomarks\">";
1535                                 foreach ($subscribed as $title) {
1536                                         print "<li>$title</li>";
1537                                 }
1538                                 print "</ul>";
1539                                 print "</div>";
1540                         }
1541                 }
1542
1543                 if ($subop == "browse") {
1544
1545                         print "<div class=\"infoBoxContents\">";
1546
1547                         print "<h1>Feed browser</h1>";
1548
1549                         print "<p>Showing top 50 registered feeds, sorted by popularity:</p>";
1550
1551                         $result = db_query($link, "SELECT feed_url,count(id) AS subscribers
1552                                 FROM ttrss_feeds
1553                                 WHERE auth_login = '' AND auth_pass = '' AND private = false
1554                                 GROUP BY feed_url ORDER BY subscribers DESC LIMIT 50");
1555
1556                         print "<ul class='browseFeedList' id='browseFeedList'>";
1557
1558                         $feedctr = 0;
1559
1560                         while ($line = db_fetch_assoc($result)) {
1561                                 $feed_url = $line["feed_url"];
1562                                 $subscribers = $line["subscribers"];
1563
1564                                 $sub_result = db_query($link, "SELECT id
1565                                         FROM ttrss_feeds WHERE feed_url = '$feed_url' AND owner_uid =" .
1566                                         $_SESSION["uid"]);
1567
1568                                 if (db_num_rows($sub_result) > 0) {
1569                                         continue; // already subscribed
1570                                 }
1571
1572                                 $det_result = db_query($link, "SELECT site_url,title,id
1573                                         FROM ttrss_feeds WHERE feed_url = '$feed_url' LIMIT 1");
1574
1575                                 $details = db_fetch_assoc($det_result);
1576
1577                                 $icon_file = ICONS_DIR . "/" . $details["id"] . ".ico";
1578
1579                                 if (file_exists($icon_file) && filesize($icon_file) > 0) {
1580                                                 $feed_icon = "<img class=\"tinyFeedIcon\"       src=\"" . ICONS_URL .
1581                                                         "/".$details["id"].".ico\">";
1582                                 } else {
1583                                         $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
1584                                 }
1585
1586                                 $check_box = "<input onclick='toggleSelectListRow(this)' class='feedBrowseCB'
1587                                         type=\"checkbox\" id=\"FBCHK-" . $details["id"] . "\">";
1588
1589                                 $class = ($feedctr % 2) ? "even" : "odd";
1590
1591                                 print "<li class='$class' id=\"FBROW-".$details["id"]."\">$check_box".
1592                                         "$feed_icon " . db_unescape_string($details["title"]) .
1593                                         "&nbsp;<span class='subscribers'>($subscribers)</span></li>";
1594
1595                                         ++$feedctr;
1596                         }
1597
1598                         if ($feedctr == 0) {
1599                                 print "<li>No feeds found to subscribe.</li>";
1600                         }
1601
1602                         print "</ul>";
1603
1604                         print "<div align='center'>
1605                                 <input type=\"submit\" class=\"button\"
1606                                 onclick=\"feedBrowserSubscribe()\" value=\"Subscribe\">
1607                                 <input type='submit' class='button'
1608                                 onclick=\"closeInfoBox()\" value=\"Cancel\"></div>";
1609
1610                         print "</div>";
1611                         return;
1612                 }
1613
1614                 if ($subop == "editfeed") {
1615                         $feed_id = db_escape_string($_GET["id"]);
1616
1617                         $result = db_query($link,
1618                                 "SELECT * FROM ttrss_feeds WHERE id = '$feed_id' AND
1619                                         owner_uid = " . $_SESSION["uid"]);
1620
1621                         $title = htmlspecialchars(db_unescape_string(db_fetch_result($result,
1622                                 0, "title")));
1623
1624                         print "<div class=\"infoBoxContents\">";
1625
1626                         $icon_file = ICONS_DIR . "/$feed_id.ico";
1627
1628                         if (file_exists($icon_file) && filesize($icon_file) > 0) {
1629                                         $feed_icon = "<img width=\"16\" height=\"16\"
1630                                                 src=\"" . ICONS_URL . "/$feed_id.ico\">";
1631                         } else {
1632                                 $feed_icon = "";
1633                         }
1634
1635                         print "<h1>$feed_icon $title</h1>";
1636
1637                         print "<table width='100%'>";
1638
1639                         $row_class = "odd";
1640
1641                         print "<tr class='$row_class'><td>Title:</td>";
1642                         print "<td><input id=\"iedit_title\" value=\"$title\"></td></tr>";
1643
1644                         $feed_url = db_fetch_result($result, 0, "feed_url");
1645                         $feed_url = htmlspecialchars(db_unescape_string(db_fetch_result($result,
1646                                 0, "feed_url")));
1647                         $row_class = toggleEvenOdd($row_class);
1648
1649                         print "<tr class='$row_class'><td>Feed URL:</td>";
1650                         print "<td><input id=\"iedit_link\" value=\"$feed_url\"></td></tr>";
1651
1652                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
1653
1654                                 $cat_id = db_fetch_result($result, 0, "cat_id");
1655
1656                                 $row_class = toggleEvenOdd($row_class);
1657
1658                                 print "<tr class='$row_class'><td>Category:</td>";
1659                                 print "<td>";
1660                                 print "<select id=\"iedit_fcat\">";
1661                                 print "<option id=\"0\">Uncategorized</option>";
1662
1663                                 $tmp_result = db_query($link, "SELECT id,title FROM ttrss_feed_categories
1664                                         WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY title");
1665
1666                                 if (db_num_rows($tmp_result) > 0) {
1667                                         print "<option disabled>--------</option>";
1668                                 }
1669
1670                                 while ($tmp_line = db_fetch_assoc($tmp_result)) {
1671                                         if ($tmp_line["id"] == $cat_id) {
1672                                                 $is_selected = "selected";
1673                                         } else {
1674                                                 $is_selected = "";
1675                                         }
1676                                         printf("<option $is_selected id='%d'>%s</option>",
1677                                                 $tmp_line["id"], $tmp_line["title"]);
1678                                 }
1679
1680                                 print "</select></td>";
1681                                 print "</td></tr>";
1682
1683                         }
1684
1685                         $update_interval = db_fetch_result($result, 0, "update_interval");
1686                         $row_class = toggleEvenOdd($row_class);
1687
1688                         print "<tr class='$row_class'><td>Update Interval:</td>";
1689                         print "<td><input id=\"iedit_updintl\"
1690                                 value=\"$update_interval\"></td></tr>";
1691
1692                         $row_class = toggleEvenOdd($row_class);
1693                         print "<tr class='$row_class'><td>Link to:</td>";
1694
1695                         $tmp_result = db_query($link, "SELECT COUNT(id) AS count
1696                                 FROM ttrss_feeds WHERE parent_feed = '$feed_id'");
1697
1698                         $linked_count = db_fetch_result($tmp_result, 0, "count");
1699
1700                         $parent_feed = db_fetch_result($result, 0, "parent_feed");
1701
1702                         if ($linked_count > 0) {
1703                                 $disabled = "disabled";
1704                         }
1705
1706                         print "<select $disabled  id=\"iedit_parent_feed\">";
1707
1708                         print "<option id=\"0\">Not linked</option>";
1709
1710                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
1711                                 if ($cat_id) {
1712                                         $cat_qpart = "AND cat_id = '$cat_id'";
1713                                 } else {
1714                                         $cat_qpart = "AND cat_id IS NULL";
1715                                 }
1716                         }
1717
1718                         $tmp_result = db_query($link, "SELECT id,title FROM ttrss_feeds
1719                                 WHERE id != '$feed_id' AND owner_uid = ".$_SESSION["uid"]."
1720                                         $cat_qpart ORDER BY title");
1721
1722                                 if (db_num_rows($tmp_result) > 0) {
1723                                         print "<option disabled>--------</option>";
1724                                 }
1725
1726                                 while ($tmp_line = db_fetch_assoc($tmp_result)) {
1727                                         if ($tmp_line["id"] == $parent_feed) {
1728                                                 $is_selected = "selected";
1729                                         } else {
1730                                                 $is_selected = "";
1731                                         }
1732                                         printf("<option $is_selected id='%d'>%s</option>",
1733                                                 $tmp_line["id"], $tmp_line["title"]);
1734                                 }
1735
1736                                 print "</select></td>";
1737                                 print "</td></tr>";
1738
1739                         $purge_interval = db_fetch_result($result, 0, "purge_interval");
1740                         $row_class = toggleEvenOdd($row_class);
1741
1742                         print "<tr class='$row_class'><td>Purge Days:</td>";
1743                         print "<td><input id=\"iedit_purgintl\"
1744                                 value=\"$purge_interval\"></td></tr>";
1745
1746 //                      print "<tr><td colspan=\"2\"><b>Authentication</b></td></tr>";
1747
1748                         $row_class = toggleEvenOdd($row_class);
1749                         $auth_login = db_fetch_result($result, 0, "auth_login");
1750
1751                         print "<tr class='$row_class'><td>Login:</td>";
1752                         print "<td><input id=\"iedit_login\"
1753                                 value=\"$auth_login\"></td></tr>";
1754
1755                         $row_class = toggleEvenOdd($row_class);
1756                         $auth_pass = db_fetch_result($result, 0, "auth_pass");
1757
1758                         print "<tr class='$row_class'><td>Password:</td>";
1759                         print "<td><input type=\"password\" id=\"iedit_pass\"
1760                                 value=\"$auth_pass\"></td></tr>";
1761
1762                         $row_class = toggleEvenOdd($row_class);
1763                         $private = sql_bool_to_bool(db_fetch_result($result, 0, "private"));
1764
1765                         if ($private) {
1766                                 $checked = "checked";
1767                         } else {
1768                                 $checked = "";
1769                         }
1770
1771                         print "<tr class='$row_class'><td>Options:</td>";
1772                         print "<td><input type=\"checkbox\" id=\"iedit_private\"
1773                                 $checked><label for=\"iedit_private\">Hide from feed browser</label>
1774                                 </td></tr>";
1775
1776                         print "</table>";
1777                         print "</div>";
1778
1779                         print "<div align='center'>
1780                                 <input type=\"submit\" class=\"button\"
1781                                 onclick=\"feedEditSave()\" value=\"Save\">
1782                                 <input type='submit' class='button'
1783                                 onclick=\"feedEditCancel()\" value=\"Cancel\"></div>";
1784                         return;
1785                 }
1786
1787                 if ($subop == "editSave") {
1788                         $feed_title = db_escape_string($_POST["t"]);
1789                         $feed_link = db_escape_string($_POST["l"]);
1790                         $upd_intl = db_escape_string($_POST["ui"]);
1791                         $purge_intl = db_escape_string($_POST["pi"]);
1792                         $feed_id = db_escape_string($_POST["id"]);
1793                         $cat_id = db_escape_string($_POST["catid"]);
1794                         $auth_login = db_escape_string($_POST["login"]);
1795                         $auth_pass = db_escape_string($_POST["pass"]);
1796                         $parent_feed = db_escape_string($_POST["pfeed"]);
1797                         $private = db_escape_string($_POST["private"]);
1798
1799                         if (strtoupper($upd_intl) == "DEFAULT")
1800                                 $upd_intl = 0;
1801
1802                         if (strtoupper($upd_intl) == "DISABLED")
1803                                 $upd_intl = -1;
1804
1805                         if (strtoupper($purge_intl) == "DEFAULT")
1806                                 $purge_intl = 0;
1807
1808                         if (strtoupper($purge_intl) == "DISABLED")
1809                                 $purge_intl = -1;
1810
1811                         if ($cat_id != 0) {
1812                                 $category_qpart = "cat_id = '$cat_id'";
1813                         } else {
1814                                 $category_qpart = 'cat_id = NULL';
1815                         }
1816
1817                         if ($parent_feed != 0) {
1818                                 $parent_qpart = "parent_feed = '$parent_feed'";
1819                         } else {
1820                                 $parent_qpart = 'parent_feed = NULL';
1821                         }
1822
1823                         $result = db_query($link, "UPDATE ttrss_feeds SET
1824                                 $category_qpart,
1825                                 $parent_qpart,
1826                                 title = '$feed_title', feed_url = '$feed_link',
1827                                 update_interval = '$upd_intl',
1828                                 purge_interval = '$purge_intl',
1829                                 auth_login = '$auth_login',
1830                                 auth_pass = '$auth_pass',
1831                                 private = '$private'
1832                                 WHERE id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]);
1833                 }
1834
1835                 if ($subop == "saveCat") {
1836                         $cat_title = db_escape_string($_GET["title"]);
1837                         $cat_id = db_escape_string($_GET["id"]);
1838
1839                         $result = db_query($link, "UPDATE ttrss_feed_categories SET
1840                                 title = '$cat_title' WHERE id = '$cat_id' AND owner_uid = ".$_SESSION["uid"]);
1841
1842                 }
1843
1844                 if ($subop == "remove") {
1845
1846                         if (!WEB_DEMO_MODE) {
1847
1848                                 $ids = split(",", db_escape_string($_GET["ids"]));
1849
1850                                 foreach ($ids as $id) {
1851                                         db_query($link, "DELETE FROM ttrss_feeds
1852                                                 WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
1853
1854                                         $icons_dir = ICONS_DIR;
1855
1856                                         if (file_exists($icons_dir . "/$id.ico")) {
1857                                                 unlink($icons_dir . "/$id.ico");
1858                                         }
1859                                 }
1860                         }
1861                 }
1862
1863                 if ($subop == "add") {
1864
1865                         if (!WEB_DEMO_MODE) {
1866
1867                                 $feed_link = db_escape_string(trim($_GET["link"]));
1868                                 $cat_id = db_escape_string($_GET["cid"]);
1869
1870                                 if ($cat_id == "0" || !$cat_id) {
1871                                         $cat_qpart = "NULL";
1872                                 } else {
1873                                         $cat_qpart = "'$cat_id'";
1874                                 }
1875
1876                                 $result = db_query($link,
1877                                         "SELECT id FROM ttrss_feeds
1878                                         WHERE feed_url = '$feed_link' AND owner_uid = ".$_SESSION["uid"]);
1879
1880                                 if (db_num_rows($result) == 0) {
1881
1882                                         $result = db_query($link,
1883                                                 "INSERT INTO ttrss_feeds (owner_uid,feed_url,title,cat_id)
1884                                                 VALUES ('".$_SESSION["uid"]."', '$feed_link',
1885                                                 '[Unknown]', $cat_qpart)");
1886
1887                                         $result = db_query($link,
1888                                                 "SELECT id FROM ttrss_feeds WHERE feed_url = '$feed_link'
1889                                                 AND owner_uid = " . $_SESSION["uid"]);
1890
1891                                         $feed_id = db_fetch_result($result, 0, "id");
1892
1893                                         if ($feed_id) {
1894                                                 update_rss_feed($link, $feed_link, $feed_id, true);
1895                                         }
1896                                 } else {
1897
1898                                         print "<div class=\"warning\">
1899                                                 Feed <b>$feed_link</b> already exists in the database.
1900                                         </div>";
1901                                 }
1902                         }
1903                 }
1904
1905                 if ($subop == "addCat") {
1906
1907                         if (!WEB_DEMO_MODE) {
1908
1909                                 $feed_cat = db_escape_string(trim($_GET["cat"]));
1910
1911                                 $result = db_query($link,
1912                                         "SELECT id FROM ttrss_feed_categories
1913                                         WHERE title = '$feed_cat' AND owner_uid = ".$_SESSION["uid"]);
1914
1915                                 if (db_num_rows($result) == 0) {
1916
1917                                         $result = db_query($link,
1918                                                 "INSERT INTO ttrss_feed_categories (owner_uid,title)
1919                                                 VALUES ('".$_SESSION["uid"]."', '$feed_cat')");
1920
1921                                 } else {
1922
1923                                         print "<div class=\"warning\">
1924                                                 Category <b>$feed_cat</b> already exists in the database.
1925                                         </div>";
1926                                 }
1927
1928
1929                         }
1930                 }
1931
1932                 if ($subop == "removeCats") {
1933
1934                         if (!WEB_DEMO_MODE) {
1935
1936                                 $ids = split(",", db_escape_string($_GET["ids"]));
1937
1938                                 foreach ($ids as $id) {
1939
1940                                         db_query($link, "BEGIN");
1941
1942                                         $result = db_query($link,
1943                                                 "SELECT count(id) as num_feeds FROM ttrss_feeds
1944                                                         WHERE cat_id = '$id'");
1945
1946                                         $num_feeds = db_fetch_result($result, 0, "num_feeds");
1947
1948                                         if ($num_feeds == 0) {
1949                                                 db_query($link, "DELETE FROM ttrss_feed_categories
1950                                                         WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
1951                                         } else {
1952
1953                                                 print "<div class=\"warning\">
1954                                                         Unable to delete non empty feed categories.</div>";
1955
1956                                         }
1957
1958                                         db_query($link, "COMMIT");
1959                                 }
1960                         }
1961                 }
1962
1963                 if ($subop == "categorize") {
1964
1965                         if (!WEB_DEMO_MODE) {
1966
1967                                 $ids = split(",", db_escape_string($_GET["ids"]));
1968
1969                                 $cat_id = db_escape_string($_GET["cat_id"]);
1970
1971                                 if ($cat_id == 0) {
1972                                         $cat_id_qpart = 'NULL';
1973                                 } else {
1974                                         $cat_id_qpart = "'$cat_id'";
1975                                 }
1976
1977                                 db_query($link, "BEGIN");
1978
1979                                 foreach ($ids as $id) {
1980
1981                                         db_query($link, "UPDATE ttrss_feeds SET cat_id = $cat_id_qpart
1982                                                 WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
1983                                 }
1984
1985                                 db_query($link, "COMMIT");
1986                         }
1987
1988                 }
1989
1990                 if ($quiet) return;
1991
1992 //              print "<h3>Edit Feeds</h3>";
1993
1994                 $result = db_query($link, "SELECT id,title,feed_url,last_error
1995                         FROM ttrss_feeds WHERE last_error != '' AND owner_uid = ".$_SESSION["uid"]);
1996
1997                 if (db_num_rows($result) > 0) {
1998
1999                         print "<div class=\"warning\">";
2000
2001 //                      print"<img class=\"closeButton\"
2002 //                              onclick=\"javascript:hideParentElement(this);\" src=\"images/close.png\">";
2003
2004                         print "<a href=\"javascript:showBlockElement('feedUpdateErrors')\">
2005                                 <b>Feeds with update errors</b> (click to expand)</a>";
2006
2007                         print "<ul id=\"feedUpdateErrors\" class=\"nomarks\">";
2008
2009                         while ($line = db_fetch_assoc($result)) {
2010                                 print "<li>" . $line["title"] . " (" . $line["feed_url"] . "): " .
2011                                         $line["last_error"];
2012                         }
2013
2014                         print "</ul>";
2015                         print "</div>";
2016
2017                 }
2018
2019                 $feed_search = db_escape_string($_GET["search"]);
2020
2021                 if (array_key_exists("search", $_GET)) {
2022                         $_SESSION["prefs_feed_search"] = $feed_search;
2023                 } else {
2024                         $feed_search = $_SESSION["prefs_feed_search"];
2025                 }
2026
2027                 print "<table width='100%' class=\"prefGenericAddBox\"
2028                         cellspacing='0' cellpadding='0'><tr>
2029                         <td>
2030                                 <input id=\"fadd_link\"
2031                                 onchange=\"javascript:addFeed()\"
2032                                 size=\"40\">
2033                                 <input type=\"submit\" class=\"button\"
2034                                 onclick=\"javascript:addFeed()\" value=\"Add feed\">
2035                                 &nbsp;
2036                                 (<a href='javascript:browseFeeds()'>Top 50</a>)
2037                         </td><td align='right'>
2038                                 <input id=\"feed_search\" size=\"20\"
2039                                 onchange=\"javascript:updateFeedList()\"
2040                                 value=\"$feed_search\">
2041                                 <input type=\"submit\" class=\"button\"
2042                                 onclick=\"javascript:updateFeedList()\" value=\"Search\">
2043                         </td>
2044                         </tr></table>";
2045
2046                 $feeds_sort = db_escape_string($_GET["sort"]);
2047
2048                 if (!$feeds_sort || $feeds_sort == "undefined") {
2049                         $feeds_sort = $_SESSION["pref_sort_feeds"];
2050                         if (!$feeds_sort) $feeds_sort = "title";
2051                 }
2052
2053                 $_SESSION["pref_sort_feeds"] = $feeds_sort;
2054
2055                 if ($feed_search) {
2056                         $search_qpart = "(UPPER(F1.title) LIKE UPPER('%$feed_search%') OR
2057                                 UPPER(F1.feed_url) LIKE UPPER('%$feed_search%')) AND";
2058                 } else {
2059                         $search_qpart = "";
2060                 }
2061
2062                 $result = db_query($link, "SELECT
2063                                 F1.id,
2064                                 F1.title,
2065                                 F1.feed_url,
2066                                 substring(F1.last_updated,1,16) AS last_updated,
2067                                 F1.parent_feed,
2068                                 F1.update_interval,
2069                                 F1.purge_interval,
2070                                 F1.cat_id,
2071                                 F2.title AS parent_title,
2072                                 C1.title AS category
2073                         FROM
2074                                 ttrss_feeds AS F1
2075                                 LEFT JOIN ttrss_feeds AS F2
2076                                         ON (F1.parent_feed = F2.id)
2077                                 LEFT JOIN ttrss_feed_categories AS C1
2078                                         ON (F1.cat_id = C1.id)
2079                         WHERE
2080                                 $search_qpart F1.owner_uid = '".$_SESSION["uid"]."'
2081                         ORDER by category,$feeds_sort,title");
2082
2083                 if (db_num_rows($result) != 0) {
2084
2085                         print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
2086
2087                         print "<p><table width=\"100%\" cellspacing=\"0\"
2088                                 class=\"prefFeedList\" id=\"prefFeedList\">";
2089                         print "<tr><td class=\"selectPrompt\" colspan=\"8\">
2090                                 Select:
2091                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFeedList',
2092                                                 'FEEDR-', 'FRCHK-', true)\">All</a>,
2093                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFeedList',
2094                                                 'FEEDR-', 'FRCHK-', false)\">None</a>
2095                                 </td</tr>";
2096
2097                         if (!get_pref($link, 'ENABLE_FEED_CATS')) {
2098                                 print "<tr class=\"title\">
2099                                         <td width='5%' align='center'>&nbsp;</td>
2100                                         <td width='30%'><a href=\"javascript:updateFeedList('title')\">Title</a></td>
2101                                         <td width='30%'><a href=\"javascript:updateFeedList('feed_url')\">Feed</a></td>
2102                                         <td width='15%'><a href=\"javascript:updateFeedList('update_interval')\">Update Interval</a></td>
2103                                         <td width='15%'><a href=\"javascript:updateFeedList('purge_interval')\">Purge Days</a></td></tr>";
2104                         }
2105
2106                         $lnum = 0;
2107
2108                         $cur_cat_id = -1;
2109
2110                         while ($line = db_fetch_assoc($result)) {
2111
2112                                 $feed_id = $line["id"];
2113                                 $cat_id = $line["cat_id"];
2114
2115                                 $edit_title = htmlspecialchars(db_unescape_string($line["title"]));
2116                                 $edit_link = htmlspecialchars(db_unescape_string($line["feed_url"]));
2117                                 $edit_cat = htmlspecialchars(db_unescape_string($line["category"]));
2118
2119                                 if ($line["update_interval"] == "0") $line["update_interval"] = "Default";
2120                                 if ($line["update_interval"] == "-1") $line["update_interval"] = "Disabled";
2121                                 if ($line["purge_interval"] == "0") $line["purge_interval"] = "Default";
2122                                 if ($line["purge_interval"] < 0)        $line["purge_interval"] = "Disabled";
2123
2124                                 if (!$edit_cat) $edit_cat = "Uncategorized";
2125
2126
2127                                 if (get_pref($link, 'ENABLE_FEED_CATS') && $cur_cat_id != $cat_id) {
2128                                         $lnum = 0;
2129
2130                                         print "<tr><td colspan=\"6\" class=\"feedEditCat\">$edit_cat</td></tr>";
2131
2132                                         print "<tr class=\"title\">
2133                                                 <td width='5%' align='center'>&nbsp;</td>
2134                                                 <td width='30%'><a href=\"javascript:updateFeedList('title')\">Title</a></td>
2135                                                 <td width='30%'><a href=\"javascript:updateFeedList('feed_url')\">Feed</a></td>
2136                                                 <td width='15%'><a href=\"javascript:updateFeedList('update_interval')\">Update Interval</a></td>
2137                                                 <td width='15%'><a href=\"javascript:updateFeedList('purge_interval')\">Purge Days</a></td></tr>";
2138
2139                                         $cur_cat_id = $cat_id;
2140                                 }
2141
2142                                 $class = ($lnum % 2) ? "even" : "odd";
2143                                 $this_row_id = "id=\"FEEDR-$feed_id\"";
2144
2145                                 print "<tr class=\"$class\" $this_row_id>";
2146
2147                                 $icon_file = ICONS_DIR . "/$feed_id.ico";
2148
2149                                 if (file_exists($icon_file) && filesize($icon_file) > 0) {
2150                                                 $feed_icon = "<img class=\"tinyFeedIcon\"       src=\"" . ICONS_URL . "/$feed_id.ico\">";
2151                                 } else {
2152                                         $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
2153                                 }
2154 //                              print "<td class='feedIcon'>$feed_icon</td>";
2155
2156                                 print "<td class='feedSelect'><input onclick='toggleSelectRow(this);'
2157                                 type=\"checkbox\" id=\"FRCHK-".$line["id"]."\"></td>";
2158
2159                                 $edit_title = truncate_string($edit_title, 40);
2160                                 $edit_link = truncate_string($edit_link, 60);
2161
2162                                 $parent_title = $line["parent_title"];
2163                                 if ($parent_title) {
2164                                         $parent_title = "<span class='groupPrompt'>(linked to
2165                                                 $parent_title)</span>";
2166                                 }
2167
2168                                 print "<td><a href=\"javascript:editFeed($feed_id);\">" .
2169                                         "$feed_icon $edit_title $parent_title" . "</a></td>";
2170
2171                                 print "<td><a href=\"javascript:editFeed($feed_id);\">" .
2172                                         $edit_link . "</a></td>";
2173
2174 /*                              if (get_pref($link, 'ENABLE_FEED_CATS')) {
2175                                         print "<td><a href=\"javascript:editFeed($feed_id);\">" .
2176                                                 $edit_cat . "</a></td>";
2177                                 } */
2178
2179                                 print "<td><a href=\"javascript:editFeed($feed_id);\">" .
2180                                         $line["update_interval"] . "</a></td>";
2181
2182                                 print "<td><a href=\"javascript:editFeed($feed_id);\">" .
2183                                         $line["purge_interval"] . "</a></td>";
2184
2185                                 print "</tr>";
2186
2187                                 ++$lnum;
2188                         }
2189
2190                         print "</table>";
2191
2192                         print "<p>";
2193
2194                         if ($subop == "edit") {
2195                                 print "Edit feed:&nbsp;
2196                                         <input type=\"submit\" class=\"button\"
2197                                                 onclick=\"javascript:feedEditCancel()\" value=\"Cancel\">
2198                                         <input type=\"submit\" class=\"button\"
2199                                                 onclick=\"javascript:feedEditSave()\" value=\"Save\">";
2200                         } else {
2201
2202                                 print "
2203                                         Selection:&nbsp;
2204                                 <input type=\"submit\" class=\"button\"
2205                                         onclick=\"javascript:selectedFeedDetails()\" value=\"Details\">
2206                                 <input type=\"submit\" class=\"button\"
2207                                         onclick=\"javascript:editSelectedFeed()\" value=\"Edit\">
2208                                 <input type=\"submit\" class=\"button\"
2209                                         onclick=\"javascript:removeSelectedFeeds()\" value=\"Remove\">";
2210
2211                                 if (get_pref($link, 'ENABLE_FEED_CATS')) {
2212
2213                                         print "&nbsp;&nbsp;";
2214
2215                                         $result = db_query($link, "SELECT title,id FROM ttrss_feed_categories
2216                                                 WHERE owner_uid = ".$_SESSION["uid"]."
2217                                                 ORDER BY title");
2218
2219                                         print "<select id=\"sfeed_set_fcat\">";
2220                                         print "<option id=\"0\">Uncategorized</option>";
2221
2222                                         if (db_num_rows($result) != 0) {
2223
2224                                                 print "<option disabled>--------</option>";
2225
2226                                                 while ($line = db_fetch_assoc($result)) {
2227                                                         printf("<option id='%d'>%s</option>",
2228                                                                 $line["id"], $line["title"]);
2229                                                 }
2230                                         }
2231
2232                                         print "</select>";
2233
2234                                         print " <input type=\"submit\" class=\"button\"
2235                                         onclick=\"javascript:categorizeSelectedFeeds()\" value=\"Set category\">";
2236
2237                                 }
2238
2239                                 if (get_pref($link, 'ENABLE_PREFS_CATCHUP_UNCATCHUP')) {
2240                                         print "
2241                                         <input type=\"submit\" class=\"button\"
2242                                                 onclick=\"javascript:readSelectedFeeds(true)\" value=\"Mark as read\">
2243                                         <input type=\"submit\" class=\"button\"
2244                                                 onclick=\"javascript:readSelectedFeeds(false)\"
2245                                                 value=\"Mark as unread\">&nbsp;";
2246                                 }
2247
2248                                 print "
2249                                         &nbsp;All feeds: <input type=\"submit\"
2250                                                         class=\"button\" onclick=\"gotoExportOpml()\"
2251                                                         value=\"Export OPML\">";
2252                                 }
2253                 } else {
2254
2255                         print "<p>No feeds defined.</p>";
2256
2257                 }
2258
2259                 if (get_pref($link, 'ENABLE_FEED_CATS')) {
2260
2261                         print "<h3>Edit Categories</h3>";
2262
2263         //              print "<h3>Categories</h3>";
2264
2265                         print "<div class=\"prefGenericAddBox\">
2266                                 <input id=\"fadd_cat\"
2267                                         onchange=\"javascript:addFeedCat()\"
2268                                         size=\"40\">&nbsp;
2269                                 <input
2270                                         type=\"submit\" class=\"button\"
2271                                         onclick=\"javascript:addFeedCat()\" value=\"Add category\"></div>";
2272
2273                         $result = db_query($link, "SELECT title,id FROM ttrss_feed_categories
2274                                 WHERE owner_uid = ".$_SESSION["uid"]."
2275                                 ORDER BY title");
2276
2277                         if (db_num_rows($result) != 0) {
2278
2279                                 print "<p><table width=\"100%\" class=\"prefFeedCatList\"
2280                                         cellspacing=\"0\" id=\"prefFeedCatList\">";
2281
2282                                 print "<tr><td class=\"selectPrompt\" colspan=\"8\">
2283                                 Select:
2284                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFeedCatList',
2285                                                 'FCATR-', 'FCCHK-', true)\">All</a>,
2286                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFeedCatList',
2287                                                 'FCATR-', 'FCCHK-', false)\">None</a>
2288                                 </td</tr>";
2289
2290                                 print "<tr class=\"title\">
2291                                                         <td width=\"5%\"></td><td width=\"80%\">Title</td>
2292                                                 </tr>";
2293
2294                                 $lnum = 0;
2295
2296                                 while ($line = db_fetch_assoc($result)) {
2297
2298                                         $class = ($lnum % 2) ? "even" : "odd";
2299
2300                                         $cat_id = $line["id"];
2301
2302                                         $edit_cat_id = $_GET["id"];
2303
2304                                         if ($subop == "editCat" && $cat_id != $edit_cat_id) {
2305                                                 $class .= "Grayed";
2306                                                 $this_row_id = "";
2307                                         } else {
2308                                                 $this_row_id = "id=\"FCATR-$cat_id\"";
2309                                         }
2310
2311                                         print "<tr class=\"$class\" $this_row_id>";
2312
2313                                         $edit_title = htmlspecialchars(db_unescape_string($line["title"]));
2314
2315                                         if (!$edit_cat_id || $subop != "editCat") {
2316
2317                                                 print "<td align='center'><input onclick='toggleSelectRow(this);'
2318                                                 type=\"checkbox\" id=\"FCCHK-".$line["id"]."\"></td>";
2319
2320                                                 print "<td><a href=\"javascript:editFeedCat($cat_id);\">" .
2321                                                         $edit_title . "</a></td>";
2322
2323                                         } else if ($cat_id != $edit_cat_id) {
2324
2325                                                 print "<td><input disabled=\"true\" type=\"checkbox\"
2326                                                         id=\"FRCHK-".$line["id"]."\"></td>";
2327
2328                                                 print "<td>$edit_title</td>";
2329
2330                                         } else {
2331
2332                                                 print "<td><input disabled=\"true\" type=\"checkbox\" checked></td>";
2333
2334                                                 print "<td><input id=\"iedit_title\" value=\"$edit_title\"></td>";
2335
2336                                         }
2337
2338                                         print "</tr>";
2339
2340                                         ++$lnum;
2341                                 }
2342
2343                                 print "</table>";
2344
2345                                 print "<p>";
2346
2347                                 if ($subop == "editCat") {
2348                                         print "Edit category:&nbsp;
2349                                                 <input type=\"submit\" class=\"button\"
2350                                                         onclick=\"javascript:feedCatEditCancel()\" value=\"Cancel\">
2351                                                 <input type=\"submit\" class=\"button\"
2352                                                         onclick=\"javascript:feedCatEditSave()\" value=\"Save\">";
2353                                         } else {
2354
2355                                         print "
2356                                                 Selection:&nbsp;
2357                                         <input type=\"submit\" class=\"button\"
2358                                                 onclick=\"javascript:editSelectedFeedCat()\" value=\"Edit\">
2359                                         <input type=\"submit\" class=\"button\"
2360                                                 onclick=\"javascript:removeSelectedFeedCats()\" value=\"Remove\">";
2361
2362                                 }
2363
2364                         } else {
2365                                 print "<p>No feed categories defined.</p>";
2366                         }
2367                 }
2368
2369                 print "<h3>Import OPML</h3>
2370                 <form   enctype=\"multipart/form-data\" method=\"POST\" action=\"opml.php\">
2371                         File: <input id=\"opml_file\" name=\"opml_file\" type=\"file\">&nbsp;
2372                         <input class=\"button\" name=\"op\" onclick=\"return validateOpmlImport();\"
2373                                 type=\"submit\" value=\"Import\">
2374                         </form>";
2375
2376         }
2377
2378         if ($op == "pref-filters") {
2379
2380                 $subop = $_GET["subop"];
2381                 $quiet = $_GET["quiet"];
2382
2383                 if ($subop == "editSave") {
2384
2385                         $regexp = db_escape_string($_GET["r"]);
2386                         $descr = db_escape_string($_GET["d"]);
2387                         $match = db_escape_string($_GET["m"]);
2388                         $filter_id = db_escape_string($_GET["id"]);
2389                         $feed_id = db_escape_string($_GET["fid"]);
2390                         $action_id = db_escape_string($_GET["aid"]);
2391
2392                         if (!$feed_id) {
2393                                 $feed_id = 'NULL';
2394                         } else {
2395                                 $feed_id = sprintf("'%s'", db_escape_string($feed_id));
2396                         }
2397
2398                         $result = db_query($link, "UPDATE ttrss_filters SET
2399                                 reg_exp = '$regexp',
2400                                 description = '$descr',
2401                                 feed_id = $feed_id,
2402                                 action_id = '$action_id',
2403                                 filter_type = (SELECT id FROM ttrss_filter_types WHERE
2404                                         description = '$match')
2405                                 WHERE id = '$filter_id'");
2406                 }
2407
2408                 if ($subop == "remove") {
2409
2410                         if (!WEB_DEMO_MODE) {
2411
2412                                 $ids = split(",", db_escape_string($_GET["ids"]));
2413
2414                                 foreach ($ids as $id) {
2415                                         db_query($link, "DELETE FROM ttrss_filters WHERE id = '$id'");
2416
2417                                 }
2418                         }
2419                 }
2420
2421                 if ($subop == "add") {
2422
2423                         if (!WEB_DEMO_MODE) {
2424
2425                                 $regexp = db_escape_string(trim($_GET["regexp"]));
2426                                 $match = db_escape_string(trim($_GET["match"]));
2427                                 $feed_id = db_escape_string($_GET["fid"]);
2428                                 $action_id = db_escape_string($_GET["aid"]);
2429
2430                                 if (!$feed_id) {
2431                                         $feed_id = 'NULL';
2432                                 } else {
2433                                         $feed_id = sprintf("'%s'", db_escape_string($feed_id));
2434                                 }
2435
2436                                 $result = db_query($link,
2437                                         "INSERT INTO ttrss_filters (reg_exp,filter_type,owner_uid,feed_id,
2438                                                 action_id)
2439                                         VALUES
2440                                                 ('$regexp', (SELECT id FROM ttrss_filter_types WHERE
2441                                                         description = '$match'),'".$_SESSION["uid"]."',
2442                                                         $feed_id, '$action_id')");
2443                         }
2444                 }
2445
2446                 if ($quiet) return;
2447
2448                 $result = db_query($link, "SELECT description
2449                         FROM ttrss_filter_types ORDER BY description");
2450
2451                 $filter_types = array();
2452
2453                 while ($line = db_fetch_assoc($result)) {
2454                         array_push($filter_types, $line["description"]);
2455                 }
2456
2457                 print "<div class=\"prefGenericAddBox\">
2458                 <input id=\"fadd_regexp\" size=\"40\">&nbsp;";
2459
2460                 print_select("fadd_match", "Title", $filter_types);
2461
2462                 print "&nbsp;<select id=\"fadd_feed\">";
2463
2464                 print "<option selected id=\"0\">All feeds</option>";
2465
2466                 $result = db_query($link, "SELECT id,title FROM ttrss_feeds
2467                         WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY title");
2468
2469                 if (db_num_rows($result) > 0) {
2470                         print "<option disabled>--------</option>";
2471                 }
2472
2473                 while ($line = db_fetch_assoc($result)) {
2474                         printf("<option id='%d'>%s</option>", $line["id"], $line["title"]);
2475                 }
2476
2477                 print "</select>&nbsp;";
2478
2479                 print "&nbsp;Action: ";
2480
2481                 print "<select id=\"fadd_action\">";
2482
2483                 $result = db_query($link, "SELECT id,description FROM ttrss_filter_actions
2484                         ORDER BY name");
2485
2486                 while ($line = db_fetch_assoc($result)) {
2487                         printf("<option id='%d'>%s</option>", $line["id"], $line["description"]);
2488                 }
2489
2490                 print "</select>&nbsp;";
2491
2492                 print "<input type=\"submit\"
2493                         class=\"button\" onclick=\"javascript:addFilter()\"
2494                         value=\"Add filter\">";
2495
2496                 print "</div>";
2497
2498                 $result = db_query($link, "SELECT
2499                                 ttrss_filters.id AS id,reg_exp,
2500                                 ttrss_filters.description AS description,
2501                                 ttrss_filter_types.name AS filter_type_name,
2502                                 ttrss_filter_types.description AS filter_type_descr,
2503                                 feed_id,
2504                                 ttrss_filter_actions.description AS action_description,
2505                                 ttrss_feeds.title AS feed_title
2506                         FROM
2507                                 ttrss_filter_types,ttrss_filter_actions,ttrss_filters LEFT JOIN
2508                                         ttrss_feeds ON (ttrss_filters.feed_id = ttrss_feeds.id)
2509                         WHERE
2510                                 filter_type = ttrss_filter_types.id AND
2511                                 ttrss_filter_actions.id = action_id AND
2512                                 ttrss_filters.owner_uid = ".$_SESSION["uid"]."
2513                         ORDER by reg_exp");
2514
2515                 if (db_num_rows($result) != 0) {
2516
2517                         print "<p><table width=\"100%\" cellspacing=\"0\" class=\"prefFilterList\"
2518                                 id=\"prefFilterList\">";
2519
2520                         print "<tr><td class=\"selectPrompt\" colspan=\"8\">
2521                                 Select:
2522                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFilterList',
2523                                                 'FILRR-', 'FICHK-', true)\">All</a>,
2524                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFilterList',
2525                                                 'FILRR-', 'FICHK-', false)\">None</a>
2526                                 </td</tr>";
2527
2528                         print "<tr class=\"title\">
2529                                                 <td align='center' width=\"5%\">&nbsp;</td>
2530                                                 <td width=\"20%\">Filter expression</td>
2531                                                 <td width=\"20%\">Feed</td>
2532                                                 <td width=\"15%\">Match</td>
2533                                                 <td width=\"15%\">Action</td>
2534                                                 <td width=\"30%\">Description</td></tr>";
2535
2536                         $lnum = 0;
2537
2538                         while ($line = db_fetch_assoc($result)) {
2539
2540                                 $class = ($lnum % 2) ? "even" : "odd";
2541
2542                                 $filter_id = $line["id"];
2543                                 $edit_filter_id = $_GET["id"];
2544
2545                                 if ($subop == "edit" && $filter_id != $edit_filter_id) {
2546                                         $class .= "Grayed";
2547                                         $this_row_id = "";
2548                                 } else {
2549                                         $this_row_id = "id=\"FILRR-$filter_id\"";
2550                                 }
2551
2552                                 print "<tr class=\"$class\" $this_row_id>";
2553
2554                                 $line["regexp"] = htmlspecialchars($line["reg_exp"]);
2555                                 $line["description"] = htmlspecialchars($line["description"]);
2556
2557                                 if (!$line["feed_title"]) $line["feed_title"] = "All feeds";
2558
2559                                 if (!$edit_filter_id || $subop != "edit") {
2560
2561                                         if (!$line["description"]) $line["description"] = "[No description]";
2562
2563                                         print "<td align='center'><input onclick='toggleSelectRow(this);'
2564                                         type=\"checkbox\" id=\"FICHK-".$line["id"]."\"></td>";
2565
2566                                         print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2567                                                 $line["reg_exp"] . "</td>";
2568
2569                                         print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2570                                                 $line["feed_title"] . "</td>";
2571
2572                                         print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2573                                                 $line["filter_type_descr"] . "</td>";
2574
2575                                         print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2576                                                 $line["action_description"] . "</td>";
2577
2578                                         print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2579                                                 $line["description"] . "</td>";
2580
2581                                 } else if ($filter_id != $edit_filter_id) {
2582
2583                                         if (!$line["description"]) $line["description"] = "[No description]";
2584
2585                                         print "<td><input disabled=\"true\" type=\"checkbox\"
2586                                                 id=\"FICHK-".$line["id"]."\"></td>";
2587
2588                                         print "<td>".$line["reg_exp"]."</td>";
2589                                         print "<td>".$line["feed_title"]."</td>";
2590                                         print "<td>".$line["filter_type_descr"]."</td>";
2591                                         print "<td>".$line["action_description"]."</td>";
2592                                         print "<td>".$line["description"]."</td>";
2593
2594                                 } else {
2595
2596                                         print "<td><input disabled=\"true\" type=\"checkbox\" checked></td>";
2597
2598                                         print "<td><input id=\"iedit_regexp\" value=\"".$line["reg_exp"].
2599                                                 "\"></td>";
2600
2601                                         print "<td>";
2602                                         print "<select id=\"iedit_feed\">";
2603                                         print "<option id=\"0\">All feeds</option>";
2604
2605                                         $tmp_result = db_query($link, "SELECT id,title FROM ttrss_feeds
2606                                                 WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY title");
2607
2608                                         if (db_num_rows($tmp_result) > 0) {
2609                                                 print "<option disabled>--------</option>";
2610                                         }
2611
2612                                         while ($tmp_line = db_fetch_assoc($tmp_result)) {
2613                                                 if ($tmp_line["id"] == $line["feed_id"]) {
2614                                                         $is_selected = "selected";
2615                                                 } else {
2616                                                         $is_selected = "";
2617                                                 }
2618                                                 printf("<option $is_selected id='%d'>%s</option>",
2619                                                         $tmp_line["id"], $tmp_line["title"]);
2620                                         }
2621
2622                                         print "</select></td>";
2623
2624                                         print "<td>";
2625                                         print_select("iedit_match", $line["filter_type_descr"], $filter_types);
2626                                         print "</td>";
2627
2628                                         print "<td>";
2629                                         print "<select id=\"iedit_filter_action\">";
2630
2631                                         $tmp_result = db_query($link, "SELECT id,description FROM ttrss_filter_actions
2632                                                 ORDER BY description");
2633
2634                                         while ($tmp_line = db_fetch_assoc($tmp_result)) {
2635                                                 if ($tmp_line["description"] == $line["action_description"]) {
2636                                                         $is_selected = "selected";
2637                                                 } else {
2638                                                         $is_selected = "";
2639                                                 }
2640                                                 printf("<option $is_selected id='%d'>%s</option>",
2641                                                         $tmp_line["id"], $tmp_line["description"]);
2642                                         }
2643
2644                                         print "</select></td>";
2645
2646
2647                                         print "<td><input id=\"iedit_descr\" value=\"".$line["description"].
2648                                                 "\"></td>";
2649
2650                                         print "</td>";
2651                                 }
2652
2653                                 print "</tr>";
2654
2655                                 ++$lnum;
2656                         }
2657
2658                         if ($lnum == 0) {
2659                                 print "<tr><td colspan=\"4\" align=\"center\">No filters defined.</td></tr>";
2660                         }
2661
2662                         print "</table>";
2663
2664                         print "<p>";
2665
2666                         if ($subop == "edit") {
2667                                 print "Edit filter:
2668                                         <input type=\"submit\" class=\"button\"
2669                                                 onclick=\"javascript:filterEditSave()\" value=\"Save\">
2670                                         <input type=\"submit\" class=\"button\"
2671                                                 onclick=\"javascript:filterEditCancel()\" value=\"Cancel\">";
2672
2673                         } else {
2674
2675                                 print "
2676                                         Selection:
2677                                 <input type=\"submit\" class=\"button\"
2678                                         onclick=\"javascript:editSelectedFilter()\" value=\"Edit\">
2679                                 <input type=\"submit\" class=\"button\"
2680                                         onclick=\"javascript:removeSelectedFilters()\" value=\"Remove\">";
2681                         }
2682
2683                 } else {
2684
2685                         print "<p>No filters defined.</p>";
2686
2687                 }
2688         }
2689
2690         // We need to accept raw SQL data in label queries, so not everything is escaped
2691         // here, this is by design. If you don't like the whole idea, disable labels
2692         // altogether with GLOBAL_ENABLE_LABELS = false
2693
2694         if ($op == "pref-labels") {
2695
2696                 if (!GLOBAL_ENABLE_LABELS) {
2697                         return;
2698                 }
2699
2700                 $subop = $_GET["subop"];
2701
2702                 if ($subop == "test") {
2703
2704                         $expr = $_GET["expr"];
2705                         $descr = $_GET["descr"];
2706
2707                         print "<div class='infoBoxContents'>";
2708
2709                         print "<h1>Label &laquo;$descr&raquo;</h1>";
2710
2711 //                      print "<p><b>Expression</b>: $expr</p>";
2712
2713                         $result = db_query($link,
2714                                 "SELECT count(id) AS num_matches
2715                                         FROM ttrss_entries,ttrss_user_entries
2716                                         WHERE ($expr) AND
2717                                                 ttrss_user_entries.ref_id = ttrss_entries.id AND
2718                                                 owner_uid = " . $_SESSION["uid"]);
2719
2720                         $num_matches = db_fetch_result($result, 0, "num_matches");;
2721
2722                         if ($num_matches > 0) {
2723
2724                                 print "<p>Query returned <b>$num_matches</b> matches, first 5 follow:</p>";
2725
2726                                 $result = db_query($link,
2727                                         "SELECT title,
2728                                                 (SELECT title FROM ttrss_feeds WHERE id = feed_id) AS feed_title
2729                                         FROM ttrss_entries,ttrss_user_entries
2730                                                         WHERE ($expr) AND
2731                                                         ttrss_user_entries.ref_id = ttrss_entries.id
2732                                                         AND owner_uid = " . $_SESSION["uid"] . "
2733                                                         ORDER BY date_entered DESC LIMIT 5");
2734
2735                                 print "<ul class=\"nomarks\">";
2736                                 while ($line = db_fetch_assoc($result)) {
2737                                         print "<li>".$line["title"].
2738                                                 " <span class=\"insensitive\">(".$line["feed_title"].")</span></li>";
2739                                 }
2740                                 print "</ul>";
2741
2742                         } else {
2743                                 print "<p>Query didn't return any matches.</p>";
2744                         }
2745
2746                         print "</div>";
2747
2748                         print "<div align='center'>
2749                                 <input type='submit' class='button'
2750                                 onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
2751                         return;
2752                 }
2753
2754                 if ($subop == "editSave") {
2755
2756                         $sql_exp = $_GET["s"];
2757                         $descr = $_GET["d"];
2758                         $label_id = db_escape_string($_GET["id"]);
2759
2760 //                      print "$sql_exp : $descr : $label_id";
2761
2762                         $result = db_query($link, "UPDATE ttrss_labels SET
2763                                 sql_exp = '$sql_exp',
2764                                 description = '$descr'
2765                                 WHERE id = '$label_id'");
2766                 }
2767
2768                 if ($subop == "remove") {
2769
2770                         if (!WEB_DEMO_MODE) {
2771
2772                                 $ids = split(",", db_escape_string($_GET["ids"]));
2773
2774                                 foreach ($ids as $id) {
2775                                         db_query($link, "DELETE FROM ttrss_labels WHERE id = '$id'");
2776
2777                                 }
2778                         }
2779                 }
2780
2781                 if ($subop == "add") {
2782
2783                         if (!WEB_DEMO_MODE) {
2784
2785                                 // no escaping is done here on purpose
2786                                 $exp = trim($_GET["exp"]);
2787
2788                                 $result = db_query($link,
2789                                         "INSERT INTO ttrss_labels (sql_exp,description,owner_uid)
2790                                                 VALUES ('$exp', '$exp', '".$_SESSION["uid"]."')");
2791                         }
2792                 }
2793
2794                 print "<div class=\"prefGenericAddBox\">
2795                         <input size=\"40\" id=\"ladd_expr\">&nbsp;";
2796
2797                 print"<input type=\"submit\" class=\"button\"
2798                         onclick=\"javascript:addLabel()\" value=\"Add label\"></div>";
2799
2800                 $result = db_query($link, "SELECT
2801                                 id,sql_exp,description
2802                         FROM
2803                                 ttrss_labels
2804                         WHERE
2805                                 owner_uid = ".$_SESSION["uid"]."
2806                         ORDER by description");
2807
2808                 print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
2809
2810                 if (db_num_rows($result) != 0) {
2811
2812                         print "<p><table width=\"100%\" cellspacing=\"0\"
2813                                 class=\"prefLabelList\" id=\"prefLabelList\">";
2814
2815                         print "<tr><td class=\"selectPrompt\" colspan=\"8\">
2816                                 Select:
2817                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefLabelList',
2818                                                 'LILRR-', 'LICHK-', true)\">All</a>,
2819                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefLabelList',
2820                                                 'LILRR-', 'LICHK-', false)\">None</a>
2821                                 </td</tr>";
2822
2823                         print "<tr class=\"title\">
2824                                                 <td align='center' width=\"5%\">&nbsp;</td>
2825                                                 <td width=\"40%\">SQL expression
2826                                                 <a class=\"helpLink\" href=\"javascript:displayHelpInfobox(1)\">(?)</a>
2827                                                 </td>
2828                                                 <td width=\"40%\">Caption</td></tr>";
2829
2830                         $lnum = 0;
2831
2832                         while ($line = db_fetch_assoc($result)) {
2833
2834                                 $class = ($lnum % 2) ? "even" : "odd";
2835
2836                                 $label_id = $line["id"];
2837                                 $edit_label_id = $_GET["id"];
2838
2839                                 if ($subop == "edit" && $label_id != $edit_label_id) {
2840                                         $class .= "Grayed";
2841                                         $this_row_id = "";
2842                                 } else {
2843                                         $this_row_id = "id=\"LILRR-$label_id\"";
2844                                 }
2845
2846                                 print "<tr class=\"$class\" $this_row_id>";
2847
2848                                 $line["sql_exp"] = htmlspecialchars($line["sql_exp"]);
2849                                 $line["description"] = htmlspecialchars($line["description"]);
2850
2851                                 if (!$edit_label_id || $subop != "edit") {
2852
2853                                         if (!$line["description"]) $line["description"] = "[No caption]";
2854
2855                                         print "<td align='center'><input onclick='toggleSelectRow(this);'
2856                                         type=\"checkbox\" id=\"LICHK-".$line["id"]."\"></td>";
2857
2858                                         print "<td><a href=\"javascript:editLabel($label_id);\">" .
2859                                                 $line["sql_exp"] . "</td>";
2860
2861                                         print "<td><a href=\"javascript:editLabel($label_id);\">" .
2862                                                 $line["description"] . "</td>";
2863
2864                                 } else if ($label_id != $edit_label_id) {
2865
2866                                         if (!$line["description"]) $line["description"] = "[No description]";
2867
2868                                         print "<td><input disabled=\"true\" type=\"checkbox\"
2869                                                 id=\"LICHK-".$line["id"]."\"></td>";
2870
2871                                         print "<td>".$line["sql_exp"]."</td>";
2872                                         print "<td>".$line["description"]."</td>";
2873
2874                                 } else {
2875
2876                                         print "<td><input disabled=\"true\" type=\"checkbox\" checked></td>";
2877
2878                                         print "<td><input id=\"iedit_expr\" value=\"".$line["sql_exp"].
2879                                                 "\"></td>";
2880
2881                                         print "<td><input id=\"iedit_descr\" value=\"".$line["description"].
2882                                                 "\"></td>";
2883
2884                                 }
2885
2886
2887                                 print "</tr>";
2888
2889                                 ++$lnum;
2890                         }
2891
2892                         if ($lnum == 0) {
2893                                 print "<tr><td colspan=\"4\" align=\"center\">No labels defined.</td></tr>";
2894                         }
2895
2896                         print "</table>";
2897
2898                         print "<p>";
2899
2900                         if ($subop == "edit") {
2901                                 print "Edit label:
2902                                         <input type=\"submit\" class=\"button\"
2903                                                 onclick=\"javascript:labelTest()\" value=\"Test\">
2904                                         <input type=\"submit\" class=\"button\"
2905                                                 onclick=\"javascript:labelEditSave()\" value=\"Save\">
2906                                         <input type=\"submit\" class=\"button\"
2907                                                 onclick=\"javascript:labelEditCancel()\" value=\"Cancel\">";
2908
2909                         } else {
2910
2911                                 print "
2912                                         Selection:
2913                                 <input type=\"submit\" class=\"button\"
2914                                         onclick=\"javascript:editSelectedLabel()\" value=\"Edit\">
2915                                 <input type=\"submit\" class=\"button\"
2916                                         onclick=\"javascript:removeSelectedLabels()\" value=\"Remove\">";
2917                         }
2918                 } else {
2919                         print "<p>No labels defined.</p>";
2920                 }
2921         }
2922
2923         if ($op == "error") {
2924                 print "<div width=\"100%\" align='center'>";
2925                 $msg = $_GET["msg"];
2926                 print $msg;
2927                 print "</div>";
2928         }
2929
2930         if ($op == "help") {
2931                 if (!$_GET["noheaders"]) {
2932                         print "<html><head>
2933                                 <title>Tiny Tiny RSS : Help</title>
2934                                 <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">
2935                                 <script type=\"text/javascript\" src=\"functions.js\"></script>
2936                                 <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
2937                                 </head><body>";
2938                 }
2939
2940                 $tid = sprintf("%d", $_GET["tid"]);
2941
2942                 print "<div class='infoBoxContents'>";
2943
2944                 if (file_exists("help/$tid.php")) {
2945                         include("help/$tid.php");
2946                 } else {
2947                         print "<p>Help topic not found.</p>";
2948                 }
2949
2950                 print "</div>";
2951
2952                 print "<div align='center'>
2953                         <input type='submit' class='button'
2954                         onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
2955
2956                 if (!$_GET["noheaders"]) {
2957                         print "</body></html>";
2958                 }
2959
2960         }
2961
2962         if ($op == "dlg") {
2963                 $id = $_GET["id"];
2964                 $param = $_GET["param"];
2965
2966                 if ($id == "quickAddFeed") {
2967                         print "
2968                         Feed URL: <input
2969                         onblur=\"javascript:enableHotkeys()\" onfocus=\"javascript:disableHotkeys()\"
2970                         id=\"qafInput\">";
2971
2972                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
2973                                 $result = db_query($link, "SELECT title,id FROM ttrss_feed_categories
2974                                         WHERE owner_uid = ".$_SESSION["uid"]."
2975                                         ORDER BY title");
2976
2977                                 print " <select id=\"qafCat\">";
2978                                 print "<option id=\"0\">Uncategorized</option>";
2979
2980                                 if (db_num_rows($result) != 0) {
2981
2982                                         print "<option disabled>--------</option>";
2983
2984                                         while ($line = db_fetch_assoc($result)) {
2985                                                 printf("<option id='%d'>%s</option>",
2986                                                         $line["id"], $line["title"]);
2987                                         }
2988                                 }
2989
2990                                 print "</select>";
2991                         }
2992
2993                         print "&nbsp;<input class=\"button\"
2994                                 type=\"submit\" onclick=\"javascript:qafAdd()\" value=\"Add feed\">
2995                         <input class=\"button\"
2996                                 type=\"submit\" onclick=\"javascript:closeDlg()\"
2997                                 value=\"Cancel\">";
2998                 }
2999
3000                 if ($id == "quickDelFeed") {
3001
3002                         $param = db_escape_string($param);
3003
3004                         $result = db_query($link, "SELECT title FROM ttrss_feeds WHERE id = '$param'");
3005
3006                         if ($result) {
3007
3008                                 $f_title = db_fetch_result($result, 0, "title");
3009
3010                                 print "Remove current feed (<b>$f_title</b>)?&nbsp;
3011                                 <input class=\"button\"
3012                                         type=\"submit\" onclick=\"javascript:qfdDelete($param)\" value=\"Remove\">
3013                                 <input class=\"button\"
3014                                         type=\"submit\" onclick=\"javascript:closeDlg()\"
3015                                         value=\"Cancel\">";
3016                         } else {
3017                                 print "Error: Feed $param not found.&nbsp;
3018                                 <input class=\"button\"
3019                                         type=\"submit\" onclick=\"javascript:closeDlg()\"
3020                                         value=\"Cancel\">";
3021                         }
3022                 }
3023
3024                 if ($id == "search") {
3025
3026                         print "<input id=\"searchbox\" class=\"extSearch\"
3027                         onblur=\"javascript:enableHotkeys()\" onfocus=\"javascript:disableHotkeys()\"
3028                         onchange=\"javascript:search()\">
3029                         <select id=\"searchmodebox\">
3030                                 <option selected>All feeds</option>
3031                                 <option>This feed</option>
3032                         </select>
3033                         <input type=\"submit\"
3034                                 class=\"button\" onclick=\"javascript:search()\" value=\"Search\">
3035                         <input class=\"button\"
3036                                 type=\"submit\" onclick=\"javascript:closeDlg()\"
3037                                 value=\"Close\">";
3038
3039                 }
3040
3041                 if ($id == "quickAddFilter") {
3042
3043                         $result = db_query($link, "SELECT description
3044                                 FROM ttrss_filter_types ORDER BY description");
3045
3046                         $filter_types = array();
3047
3048                         while ($line = db_fetch_assoc($result)) {
3049                                 array_push($filter_types, $line["description"]);
3050                         }
3051
3052                         print "<table>";
3053
3054                         print "<tr><td>Match:</td><td><input id=\"fadd_regexp\" size=\"40\">&nbsp;";
3055
3056                         print_select("fadd_match", "Title", $filter_types);
3057
3058                         print "</td></tr>";
3059                         print "<tr><td>Feed:</td><td><select id=\"fadd_feed\">";
3060
3061                         print "<option selected id=\"0\">All feeds</option>";
3062
3063                         $result = db_query($link, "SELECT id,title FROM ttrss_feeds
3064                                 WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY title");
3065
3066                         if (db_num_rows($result) > 0) {
3067                                 print "<option disabled>--------</option>";
3068                         }
3069
3070                         while ($line = db_fetch_assoc($result)) {
3071                                 if ($param == $line["id"]) {
3072                                         $selected = "selected";
3073                                 } else {
3074                                         $selected = "";
3075                                 }
3076                                 printf("<option id='%d' %s>%s</option>", $line["id"], $selected, $line["title"]);
3077                         }
3078
3079                         print "</select></td></tr>";
3080
3081                         print "<tr><td>Action:</td>";
3082
3083                         print "<td><select id=\"fadd_action\">";
3084
3085                         $result = db_query($link, "SELECT id,description FROM ttrss_filter_actions
3086                                 ORDER BY name");
3087
3088                         while ($line = db_fetch_assoc($result)) {
3089                                 printf("<option id='%d'>%s</option>", $line["id"], $line["description"]);
3090                         }
3091
3092                         print "</select>";
3093
3094                         print "</td></tr><tr><td colspan=\"2\" align=\"right\">";
3095
3096                         print "<input type=\"submit\"
3097                                 class=\"button\" onclick=\"javascript:qaddFilter()\"
3098                                 value=\"Add filter\"> ";
3099
3100                         print "<input class=\"button\"
3101                                 type=\"submit\" onclick=\"javascript:closeDlg()\"
3102                                 value=\"Close\">";
3103
3104                         print "</td></tr></table>";
3105                 }
3106         }
3107
3108         // update feeds of all users, may be used anonymously
3109         if ($op == "globalUpdateFeeds") {
3110
3111                 $result = db_query($link, "SELECT id FROM ttrss_users");
3112
3113                 while ($line = db_fetch_assoc($result)) {
3114                         $user_id = $line["id"];
3115 //                      print "<!-- updating feeds of uid $user_id -->";
3116                         update_all_feeds($link, false, $user_id);
3117                 }
3118
3119                 print "<rpc-reply>
3120                         <message msg=\"All feeds updated\"/>
3121                 </rpc-reply>";
3122
3123         }
3124
3125         if ($op == "pref-prefs") {
3126
3127                 $subop = $_REQUEST["subop"];
3128
3129                 if ($subop == "Save configuration") {
3130
3131                         if (WEB_DEMO_MODE) {
3132                                 header("Location: prefs.php");
3133                                 return;
3134                         }
3135
3136                         $_SESSION["prefs_op_result"] = "save-config";
3137
3138                         $_SESSION["prefs_cache"] = false;
3139
3140                         foreach (array_keys($_POST) as $pref_name) {
3141
3142                                 $pref_name = db_escape_string($pref_name);
3143                                 $value = db_escape_string($_POST[$pref_name]);
3144
3145                                 $result = db_query($link, "SELECT type_name
3146                                         FROM ttrss_prefs,ttrss_prefs_types
3147                                         WHERE pref_name = '$pref_name' AND type_id = ttrss_prefs_types.id");
3148
3149                                 if (db_num_rows($result) > 0) {
3150
3151                                         $type_name = db_fetch_result($result, 0, "type_name");
3152
3153 //                                      print "$pref_name : $type_name : $value<br>";
3154
3155                                         if ($type_name == "bool") {
3156                                                 if ($value == "1") {
3157                                                         $value = "true";
3158                                                 } else {
3159                                                         $value = "false";
3160                                                 }
3161                                         } else if ($type_name == "integer") {
3162                                                 $value = sprintf("%d", $value);
3163                                         }
3164
3165 //                                      print "$pref_name : $type_name : $value<br>";
3166
3167                                         db_query($link, "UPDATE ttrss_user_prefs SET value = '$value'
3168                                                 WHERE pref_name = '$pref_name' AND owner_uid = ".$_SESSION["uid"]);
3169
3170                                 }
3171
3172                                 header("Location: prefs.php");
3173
3174                         }
3175
3176                 } else if ($subop == "getHelp") {
3177
3178                         $pref_name = db_escape_string($_GET["pn"]);
3179
3180                         $result = db_query($link, "SELECT help_text FROM ttrss_prefs
3181                                 WHERE pref_name = '$pref_name'");
3182
3183                         if (db_num_rows($result) > 0) {
3184                                 $help_text = db_fetch_result($result, 0, "help_text");
3185                                 print $help_text;
3186                         } else {
3187                                 print "Unknown option: $pref_name";
3188                         }
3189
3190                 } else if ($subop == "Change e-mail") {
3191
3192                         if (WEB_DEMO_MODE) {
3193                                 header("Location: prefs.php");
3194                                 return;
3195                         }
3196
3197                         $email = db_escape_string($_GET["email"]);
3198                         $active_uid = $_SESSION["uid"];
3199
3200                         if ($email) {
3201                                 db_query($link, "UPDATE ttrss_users SET email = '$email'
3202                                                 WHERE id = '$active_uid'");
3203                         }
3204
3205                         header("Location: prefs.php");
3206
3207                 } else if ($subop == "Change password") {
3208
3209                         if (WEB_DEMO_MODE) {
3210                                 header("Location: prefs.php");
3211                                 return;
3212                         }
3213
3214                         $old_pw = $_POST["OLD_PASSWORD"];
3215                         $new_pw = $_POST["OLD_PASSWORD"];
3216
3217                         $old_pw_hash = 'SHA1:' . sha1($_POST["OLD_PASSWORD"]);
3218                         $new_pw_hash = 'SHA1:' . sha1($_POST["NEW_PASSWORD"]);
3219
3220                         $active_uid = $_SESSION["uid"];
3221
3222                         if ($old_pw && $new_pw) {
3223
3224                                 $login = db_escape_string($_SERVER['PHP_AUTH_USER']);
3225
3226                                 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
3227                                         id = '$active_uid' AND (pwd_hash = '$old_pw' OR
3228                                                 pwd_hash = '$old_pw_hash')");
3229
3230                                 if (db_num_rows($result) == 1) {
3231                                         db_query($link, "UPDATE ttrss_users SET pwd_hash = '$new_pw_hash'
3232                                                 WHERE id = '$active_uid'");
3233
3234                                         $_SESSION["pwd_change_result"] = "ok";
3235                                 } else {
3236                                         $_SESSION["pwd_change_result"] = "failed";
3237                                 }
3238                         }
3239
3240                         header("Location: prefs.php");
3241
3242                 } else if ($subop == "Reset to defaults") {
3243
3244                         if (WEB_DEMO_MODE) {
3245                                 header("Location: prefs.php");
3246                                 return;
3247                         }
3248
3249                         $_SESSION["prefs_op_result"] = "reset-to-defaults";
3250
3251                         if (DB_TYPE == "pgsql") {
3252                                 db_query($link,"UPDATE ttrss_user_prefs
3253                                         SET value = ttrss_prefs.def_value
3254                                         WHERE owner_uid = '".$_SESSION["uid"]."' AND
3255                                         ttrss_prefs.pref_name = ttrss_user_prefs.pref_name");
3256                         } else {
3257                                 db_query($link, "DELETE FROM ttrss_user_prefs
3258                                         WHERE owner_uid = ".$_SESSION["uid"]);
3259                                 initialize_user_prefs($link, $_SESSION["uid"]);
3260                         }
3261
3262                         header("Location: prefs.php");
3263
3264                 } else if ($subop == "Change theme") {
3265
3266                         $theme = db_escape_string($_POST["theme"]);
3267
3268                         if ($theme == "Default") {
3269                                 $theme_qpart = 'NULL';
3270                         } else {
3271                                 $theme_qpart = "'$theme'";
3272                         }
3273
3274                         $result = db_query($link, "SELECT id,theme_path FROM ttrss_themes
3275                                 WHERE theme_name = '$theme'");
3276
3277                         if (db_num_rows($result) == 1) {
3278                                 $theme_id = db_fetch_result($result, 0, "id");
3279                                 $theme_path = db_fetch_result($result, 0, "theme_path");
3280                         } else {
3281                                 $theme_id = "NULL";
3282                                 $theme_path = "";
3283                         }
3284
3285                         db_query($link, "UPDATE ttrss_users SET
3286                                 theme_id = $theme_id WHERE id = " . $_SESSION["uid"]);
3287
3288                         $_SESSION["theme"] = $theme_path;
3289
3290                         header("Location: prefs.php");
3291
3292                 } else {
3293
3294                         if (!SINGLE_USER_MODE) {
3295
3296                                 $result = db_query($link, "SELECT id,email FROM ttrss_users
3297                                         WHERE id = ".$_SESSION["uid"]." AND (pwd_hash = 'password' OR
3298                                                 pwd_hash = 'SHA1:".sha1("password")."')");
3299
3300                                 if (db_num_rows($result) != 0) {
3301                                         print "<div class=\"warning\">
3302                                                 Your password is at default value, please change it.
3303                                         </div>";
3304                                 }
3305
3306                                 if ($_SESSION["pwd_change_result"] == "failed") {
3307                                         print "<div class=\"warning\">
3308                                                         There was an error while changing your password.
3309                                                 </div>";
3310                                 }
3311
3312                                 if ($_SESSION["pwd_change_result"] == "ok") {
3313                                         print "<div class=\"notice\">
3314                                                         Password changed successfully.
3315                                                 </div>";
3316                                 }
3317
3318                                 $_SESSION["pwd_change_result"] = "";
3319
3320                                 if ($_SESSION["prefs_op_result"] == "reset-to-defaults") {
3321                                         print "<div class=\"notice\">
3322                                                         Your configuration was reset to defaults.
3323                                                 </div>";
3324                                 }
3325
3326                                 if ($_SESSION["prefs_op_result"] == "save-config") {
3327                                         print "<div class=\"notice\">
3328                                                         Your configuration was saved successfully.
3329                                                 </div>";
3330                                 }
3331
3332                                 $_SESSION["prefs_op_result"] = "";
3333
3334                                 print "<form action=\"backend.php\" method=\"GET\">";
3335
3336                                 print "<table width=\"100%\" class=\"prefPrefsList\">";
3337                                 print "<tr><td colspan='3'><h3>Personal data</h3></tr></td>";
3338
3339                                 $result = db_query($link, "SELECT email FROM ttrss_users
3340                                         WHERE id = ".$_SESSION["uid"]);
3341
3342                                 $email = db_fetch_result($result, 0, "email");
3343
3344                                 print "<tr><td width=\"40%\">E-mail</td>";
3345                                 print "<td><input class=\"editbox\" name=\"email\"
3346                                         value=\"$email\"></td></tr>";
3347
3348                                 print "</table>";
3349
3350                                 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
3351
3352                                 print "<p><input class=\"button\" type=\"submit\"
3353                                         value=\"Change e-mail\" name=\"subop\">";
3354
3355                                 print "<form action=\"backend.php\" method=\"POST\">";
3356
3357                                 print "<table width=\"100%\" class=\"prefPrefsList\">";
3358                                 print "<tr><td colspan='3'><h3>Authentication</h3></tr></td>";
3359
3360                                 print "<tr><td width=\"40%\">Old password</td>";
3361                                 print "<td><input class=\"editbox\" type=\"password\"
3362                                         name=\"OLD_PASSWORD\"></td></tr>";
3363
3364                                 print "<tr><td width=\"40%\">New password</td>";
3365
3366                                 print "<td><input class=\"editbox\" type=\"password\"
3367                                         name=\"NEW_PASSWORD\"></td></tr>";
3368
3369                                 print "</table>";
3370
3371                                 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
3372
3373                                 print "<p><input class=\"button\" type=\"submit\"
3374                                         value=\"Change password\" name=\"subop\">";
3375
3376                                 print "</form>";
3377
3378                         }
3379
3380                         $result = db_query($link, "SELECT
3381                                 theme_id FROM ttrss_users WHERE id = " . $_SESSION["uid"]);
3382
3383                         $user_theme_id = db_fetch_result($result, 0, "theme_id");
3384
3385                         $result = db_query($link, "SELECT
3386                                 id,theme_name FROM ttrss_themes ORDER BY theme_name");
3387
3388                         if (db_num_rows($result) > 0) {
3389
3390                                 print "<form action=\"backend.php\" method=\"POST\">";
3391                                 print "<table width=\"100%\" class=\"prefPrefsList\">";
3392                                 print "<tr><td colspan='3'><h3>Themes</h3></tr></td>";
3393                                 print "<tr><td width=\"40%\">Select theme</td>";
3394                                 print "<td><select name=\"theme\">";
3395                                 print "<option>Default</option>";
3396                                 print "<option disabled>--------</option>";
3397
3398                                 while ($line = db_fetch_assoc($result)) {
3399                                         if ($line["id"] == $user_theme_id) {
3400                                                 $selected = "selected";
3401                                         } else {
3402                                                 $selected = "";
3403                                         }
3404                                         print "<option $selected>" . $line["theme_name"] . "</option>";
3405                                 }
3406                                 print "</select></td></tr>";
3407                                 print "</table>";
3408                                 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
3409                                 print "<p><input class=\"button\" type=\"submit\"
3410                                         value=\"Change theme\" name=\"subop\">";
3411                                 print "</form>";
3412                         }
3413
3414                         $result = db_query($link, "SELECT
3415                                 ttrss_user_prefs.pref_name,short_desc,help_text,value,type_name,
3416                                 section_name,def_value
3417                                 FROM ttrss_prefs,ttrss_prefs_types,ttrss_prefs_sections,ttrss_user_prefs
3418                                 WHERE type_id = ttrss_prefs_types.id AND
3419                                         section_id = ttrss_prefs_sections.id AND
3420                                         ttrss_user_prefs.pref_name = ttrss_prefs.pref_name AND
3421                                         owner_uid = ".$_SESSION["uid"]."
3422                                 ORDER BY section_id,short_desc");
3423
3424                         print "<form action=\"backend.php\" method=\"POST\">";
3425
3426                         $lnum = 0;
3427
3428                         $active_section = "";
3429
3430                         while ($line = db_fetch_assoc($result)) {
3431
3432                                 if ($active_section != $line["section_name"]) {
3433
3434                                         if ($active_section != "") {
3435                                                 print "</table>";
3436                                         }
3437
3438                                         print "<p><table width=\"100%\" class=\"prefPrefsList\">";
3439
3440                                         $active_section = $line["section_name"];
3441
3442                                         print "<tr><td colspan=\"3\"><h3>$active_section</h3></td></tr>";
3443 //                                      print "<tr class=\"title\">
3444 //                                              <td width=\"25%\">Option</td><td>Value</td></tr>";
3445
3446                                         $lnum = 0;
3447                                 }
3448
3449 //                              $class = ($lnum % 2) ? "even" : "odd";
3450
3451                                 print "<tr>";
3452
3453                                 $type_name = $line["type_name"];
3454                                 $pref_name = $line["pref_name"];
3455                                 $value = $line["value"];
3456                                 $def_value = $line["def_value"];
3457                                 $help_text = $line["help_text"];
3458
3459                                 print "<td width=\"40%\" id=\"$pref_name\">" . $line["short_desc"];
3460
3461                                 if ($help_text) print "<div class=\"prefHelp\">$help_text</div>";
3462
3463                                 print "</td>";
3464
3465                                 print "<td>";
3466
3467                                 if ($type_name == "bool") {
3468 //                                      print_select($pref_name, $value, array("true", "false"));
3469
3470                                         if ($value == "true") {
3471                                                 $value = "Yes";
3472                                         } else {
3473                                                 $value = "No";
3474                                         }
3475
3476                                         print_radio($pref_name, $value, array("Yes", "No"));
3477
3478                                 } else {
3479                                         print "<input class=\"editbox\" name=\"$pref_name\" value=\"$value\">";
3480                                 }
3481
3482                                 print "</td>";
3483
3484                                 print "</tr>";
3485
3486                                 $lnum++;
3487                         }
3488
3489                         print "</table>";
3490
3491                         print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
3492
3493                         print "<p><input class=\"button\" type=\"submit\"
3494                                 name=\"subop\" value=\"Save configuration\">";
3495
3496                         print "&nbsp;<input class=\"button\" type=\"submit\"
3497                                 name=\"subop\" onclick=\"return validatePrefsReset()\"
3498                                 value=\"Reset to defaults\"></p>";
3499
3500                         print "</form>";
3501
3502                 }
3503
3504         }
3505
3506         if ($op == "pref-users") {
3507
3508                 $subop = $_GET["subop"];
3509
3510                 if ($subop == "editSave") {
3511
3512                         if (!WEB_DEMO_MODE) {
3513
3514                                 $login = db_escape_string($_GET["l"]);
3515                                 $uid = db_escape_string($_GET["id"]);
3516                                 $access_level = sprintf("%d", $_GET["al"]);
3517                                 $email = db_escape_string($_GET["e"]);
3518
3519                                 db_query($link, "UPDATE ttrss_users SET login = '$login',
3520                                         access_level = '$access_level', email = '$email' WHERE id = '$uid'");
3521
3522                         }
3523                 } else if ($subop == "remove") {
3524
3525                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3526
3527                                 $ids = split(",", db_escape_string($_GET["ids"]));
3528
3529                                 foreach ($ids as $id) {
3530                                         db_query($link, "DELETE FROM ttrss_users WHERE id = '$id' AND id != " . $_SESSION["uid"]);
3531
3532                                 }
3533                         }
3534                 } else if ($subop == "add") {
3535
3536                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3537
3538                                 $login = db_escape_string(trim($_GET["login"]));
3539                                 $tmp_user_pwd = make_password(8);
3540                                 $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd);
3541
3542                                 db_query($link, "INSERT INTO ttrss_users (login,pwd_hash,access_level)
3543                                         VALUES ('$login', '$pwd_hash', 0)");
3544
3545
3546                                 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
3547                                         login = '$login' AND pwd_hash = '$pwd_hash'");
3548
3549                                 if (db_num_rows($result) == 1) {
3550
3551                                         $new_uid = db_fetch_result($result, 0, "id");
3552
3553                                         print "<div class=\"notice\">Added user <b>".$_GET["login"].
3554                                                 "</b> with password <b>$tmp_user_pwd</b>.</div>";
3555
3556                                         initialize_user($link, $new_uid);
3557
3558                                 } else {
3559
3560                                         print "<div class=\"warning\">Error while adding user <b>".
3561                                         $_GET["login"].".</b></div>";
3562
3563                                 }
3564                         }
3565                 } else if ($subop == "resetPass") {
3566
3567                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3568
3569                                 $uid = db_escape_string($_GET["id"]);
3570
3571                                 $result = db_query($link, "SELECT login,email
3572                                         FROM ttrss_users WHERE id = '$uid'");
3573
3574                                 $login = db_fetch_result($result, 0, "login");
3575                                 $email = db_fetch_result($result, 0, "email");
3576                                 $tmp_user_pwd = make_password(8);
3577                                 $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd);
3578
3579                                 db_query($link, "UPDATE ttrss_users SET pwd_hash = '$pwd_hash'
3580                                         WHERE id = '$uid'");
3581
3582                                 print "<div class=\"notice\">Changed password of
3583                                         user <b>$login</b> to <b>$tmp_user_pwd</b>.";
3584
3585                                 if (MAIL_RESET_PASS && $email) {
3586                                         print " Notifying <b>$email</b>.";
3587
3588                                         mail("$login <$email>", "Password reset notification",
3589                                                 "Hi, $login.\n".
3590                                                 "\n".
3591                                                 "Your password for this TT-RSS installation was reset by".
3592                                                         " an administrator.\n".
3593                                                 "\n".
3594                                                 "Your new password is $tmp_user_pwd, please remember".
3595                                                         " it for later reference.\n".
3596                                                 "\n".
3597                                                 "Sincerely, TT-RSS Mail Daemon.", "From: " . MAIL_FROM);
3598                                 }
3599
3600                                 print "</div>";
3601
3602                         }
3603                 }
3604
3605                 print "<div class=\"prefGenericAddBox\">
3606                         <input id=\"uadd_box\" onchange=\"javascript:addUser()\" size=\"40\">&nbsp;";
3607
3608                 print"<input type=\"submit\" class=\"button\"
3609                         onclick=\"javascript:addUser()\" value=\"Add user\"></div>";
3610
3611                 $result = db_query($link, "SELECT
3612                                 id,login,access_level,email,
3613                                 SUBSTRING(last_login,1,16) as last_login
3614                         FROM
3615                                 ttrss_users
3616                         ORDER by login");
3617
3618                 print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
3619
3620                 print "<p><table width=\"100%\" cellspacing=\"0\"
3621                         class=\"prefUserList\" id=\"prefUserList\">";
3622
3623                 print "<tr><td class=\"selectPrompt\" colspan=\"8\">
3624                                 Select:
3625                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefUserList',
3626                                                 'UMRR-', 'UMCHK-', true)\">All</a>,
3627                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefUserList',
3628                                                 'UMRR-', 'UMCHK-', false)\">None</a>
3629                                 </td</tr>";
3630
3631                 print "<tr class=\"title\">
3632                                         <td align='center' width=\"5%\">&nbsp;</td>
3633                                         <td width='20%'>Username</td>
3634                                         <td width='20%'>E-mail</td>
3635                                         <td width='20%'>Access Level</td>
3636                                         <td width='20%'>Last login</td></tr>";
3637
3638                 $lnum = 0;
3639
3640                 while ($line = db_fetch_assoc($result)) {
3641
3642                         $class = ($lnum % 2) ? "even" : "odd";
3643
3644                         $uid = $line["id"];
3645                         $edit_uid = $_GET["id"];
3646
3647                         if ($subop == "edit" && $uid != $edit_uid) {
3648                                 $class .= "Grayed";
3649                                 $this_row_id = "";
3650                         } else {
3651                                 $this_row_id = "id=\"UMRR-$uid\"";
3652                         }
3653
3654                         print "<tr class=\"$class\" $this_row_id>";
3655
3656                         $line["login"] = htmlspecialchars($line["login"]);
3657
3658                         $line["last_login"] = date(get_pref($link, 'SHORT_DATE_FORMAT'),
3659                                 strtotime($line["last_login"]));
3660
3661 /*                      if ($uid == $_SESSION["uid"]) {
3662
3663                                 print "<td align='center'><input disabled=\"true\" type=\"checkbox\"
3664                                         id=\"UMCHK-".$line["id"]."\"></td>";
3665
3666                                 print "<td>".$line["login"]."</td>";
3667                                 print "<td>".$line["email"]."</td>";
3668                                 print "<td>".$line["access_level"]."</td>";
3669
3670                         } else */ if (!$edit_uid || $subop != "edit") {
3671
3672                                 print "<td align='center'><input onclick='toggleSelectRow(this);'
3673                                 type=\"checkbox\" id=\"UMCHK-$uid\"></td>";
3674
3675                                 print "<td><a href=\"javascript:editUser($uid);\">" .
3676                                         $line["login"] . "</td>";
3677
3678                                 print "<td><a href=\"javascript:editUser($uid);\">" .
3679                                         $line["email"] . "</td>";
3680
3681                                 print "<td><a href=\"javascript:editUser($uid);\">" .
3682                                         $line["access_level"] . "</td>";
3683
3684                         } else if ($uid != $edit_uid) {
3685
3686                                 print "<td align='center'><input disabled=\"true\" type=\"checkbox\"
3687                                         id=\"UMCHK-".$line["id"]."\"></td>";
3688
3689                                 print "<td>".$line["login"]."</td>";
3690                                 print "<td>".$line["email"]."</td>";
3691                                 print "<td>".$line["access_level"]."</td>";
3692
3693                         } else {
3694
3695                                 print "<td align='center'>
3696                                         <input disabled=\"true\" type=\"checkbox\" checked></td>";
3697
3698                                 print "<td><input id=\"iedit_ulogin\" value=\"".$line["login"].
3699                                         "\"></td>";
3700
3701                                 print "<td><input id=\"iedit_email\" value=\"".$line["email"].
3702                                         "\"></td>";
3703
3704                                 print "<td><input id=\"iedit_ulevel\" value=\"".$line["access_level"].
3705                                         "\"></td>";
3706
3707                         }
3708
3709                         print "<td>".$line["last_login"]."</td>";
3710
3711                         print "</tr>";
3712
3713                         ++$lnum;
3714                 }
3715
3716                 print "</table>";
3717
3718                 print "<p>";
3719
3720                 if ($subop == "edit") {
3721                         print "Edit user:
3722                                 <input type=\"submit\" class=\"button\"
3723                                         onclick=\"javascript:userEditSave()\" value=\"Save\">
3724                                 <input type=\"submit\" class=\"button\"
3725                                         onclick=\"javascript:userEditCancel()\" value=\"Cancel\">";
3726
3727                 } else {
3728
3729                         print "
3730                                 Selection:
3731                         <input type=\"submit\" class=\"button\"
3732                                 onclick=\"javascript:selectedUserDetails()\" value=\"User details\">
3733                         <input type=\"submit\" class=\"button\"
3734                                 onclick=\"javascript:editSelectedUser()\" value=\"Edit\">
3735                         <input type=\"submit\" class=\"button\"
3736                                 onclick=\"javascript:removeSelectedUsers()\" value=\"Remove\">
3737                         <input type=\"submit\" class=\"button\"
3738                                 onclick=\"javascript:resetSelectedUserPass()\" value=\"Reset password\">";
3739
3740                 }
3741         }
3742
3743         if ($op == "user-details") {
3744
3745                 if (WEB_DEMO_MODE || $_SESSION["access_level"] < 10) {
3746                         return;
3747                 }
3748
3749 /*              print "<html><head>
3750                         <title>Tiny Tiny RSS : User Details</title>
3751                         <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">
3752                         <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
3753                         </head><body>"; */
3754
3755                 $uid = sprintf("%d", $_GET["id"]);
3756
3757                 print "<div class='infoBoxContents'>";
3758
3759                 $result = db_query($link, "SELECT login,
3760                         SUBSTRING(last_login,1,16) AS last_login,
3761                         access_level,
3762                         (SELECT COUNT(int_id) FROM ttrss_user_entries
3763                                 WHERE owner_uid = id) AS stored_articles
3764                         FROM ttrss_users
3765                         WHERE id = '$uid'");
3766
3767                 if (db_num_rows($result) == 0) {
3768                         print "<h1>User not found</h1>";
3769                         return;
3770                 }
3771
3772                 print "<h1>User Details</h1>";
3773
3774                 print "<table width='100%'>";
3775
3776                 $login = db_fetch_result($result, 0, "login");
3777                 $last_login = date(get_pref($link, 'LONG_DATE_FORMAT'),
3778                         strtotime(db_fetch_result($result, 0, "last_login")));
3779                 $access_level = db_fetch_result($result, 0, "access_level");
3780                 $stored_articles = db_fetch_result($result, 0, "stored_articles");
3781
3782                 print "<tr><td>Username</td><td>$login</td></tr>";
3783                 print "<tr><td>Access level</td><td>$access_level</td></tr>";
3784                 print "<tr><td>Last logged in</td><td>$last_login</td></tr>";
3785                 print "<tr><td>Stored articles</td><td>$stored_articles</td></tr>";
3786
3787                 $result = db_query($link, "SELECT COUNT(id) as num_feeds FROM ttrss_feeds
3788                         WHERE owner_uid = '$uid'");
3789
3790                 $num_feeds = db_fetch_result($result, 0, "num_feeds");
3791
3792                 print "<tr><td>Subscribed feeds count</td><td>$num_feeds</td></tr>";
3793
3794 /*              $result = db_query($link, "SELECT
3795                         SUM(LENGTH(content)+LENGTH(title)+LENGTH(link)+LENGTH(guid)) AS db_size
3796                         FROM ttrss_user_entries,ttrss_entries
3797                                 WHERE owner_uid = '$uid' AND ref_id = id");
3798
3799                 $db_size = round(db_fetch_result($result, 0, "db_size") / 1024);
3800
3801                 print "<tr><td>Approx. used DB size</td><td>$db_size KBytes</td></tr>";  */
3802
3803                 print "</table>";
3804
3805                 print "<h1>Subscribed feeds</h1>";
3806
3807                 $result = db_query($link, "SELECT id,title,site_url FROM ttrss_feeds
3808                         WHERE owner_uid = '$uid' ORDER BY title");
3809
3810                 print "<ul class=\"userFeedList\">";
3811
3812                 while ($line = db_fetch_assoc($result)) {
3813
3814                         $icon_file = ICONS_URL."/".$line["id"].".ico";
3815
3816                         if (file_exists($icon_file) && filesize($icon_file) > 0) {
3817                                 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"$icon_file\">";
3818                         } else {
3819                                 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
3820                         }
3821
3822                         print "<li>$feed_icon&nbsp;<a href=\"".$line["site_url"]."\">".$line["title"]."</a></li>";
3823                 }
3824
3825                 if (db_num_rows($result) < $num_feeds) {
3826                          // FIXME - add link to show ALL subscribed feeds here somewhere
3827                         print "<li><img
3828                                 class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">&nbsp;...</li>";
3829                 }
3830
3831                 print "</ul>";
3832
3833                 print "</div>";
3834
3835                 print "<div align='center'>
3836                         <input type='submit' class='button'
3837                         onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
3838
3839 //              print "</body></html>";
3840
3841         }
3842
3843         if ($op == "feed-details") {
3844
3845 //              $feed_id = $_GET["id"];
3846
3847                 $feed_ids = split(",", db_escape_string($_GET["id"]));
3848
3849                 print "<div class=\"infoBoxContents\">";
3850
3851                 foreach ($feed_ids as $feed_id) {
3852
3853                         $result = db_query($link,
3854                                 "SELECT
3855                                         title,feed_url,
3856                                         SUBSTRING(last_updated,1,16) as last_updated,
3857                                         icon_url,site_url,
3858                                         (SELECT COUNT(int_id) FROM ttrss_user_entries
3859                                                 WHERE feed_id = id) AS total,
3860                                         (SELECT COUNT(int_id) FROM ttrss_user_entries
3861                                                 WHERE feed_id = id AND unread = true) AS unread,
3862                                         (SELECT COUNT(int_id) FROM ttrss_user_entries
3863                                                 WHERE feed_id = id AND marked = true) AS marked
3864                                 FROM ttrss_feeds
3865                                 WHERE id = '$feed_id' AND owner_uid = ".$_SESSION["uid"]);
3866
3867                         if (db_num_rows($result) == 0) return;
3868
3869                         $title = db_unescape_string(db_fetch_result($result, 0, "title"));
3870                         $last_updated = date(get_pref($link, 'LONG_DATE_FORMAT'),
3871                                 strtotime(db_fetch_result($result, 0, "last_updated")));
3872                         $feed_url = db_fetch_result($result, 0, "feed_url");
3873                         $icon_url = db_fetch_result($result, 0, "icon_url");
3874                         $total = db_fetch_result($result, 0, "total");
3875                         $unread = db_fetch_result($result, 0, "unread");
3876                         $marked = db_fetch_result($result, 0, "marked");
3877                         $site_url = db_fetch_result($result, 0, "site_url");
3878
3879                         $result = db_query($link, "SELECT COUNT(id) AS subscribed
3880                                                 FROM ttrss_feeds WHERE feed_url = '$feed_url' AND private = false");
3881
3882                         $subscribed = db_fetch_result($result, 0, "subscribed");
3883
3884                         $icon_file = ICONS_DIR . "/$feed_id.ico";
3885
3886                         if (file_exists($icon_file) && filesize($icon_file) > 0) {
3887                                         $feed_icon = "<img width=\"16\" height=\"16\"
3888                                                 src=\"" . ICONS_URL . "/$feed_id.ico\">";
3889                         } else {
3890                                 $feed_icon = "";
3891                         }
3892
3893                         print "<h1>$feed_icon $title</h1>";
3894
3895                         print "<table width='100%'>";
3896
3897                         if ($site_url) {
3898                                 print "<tr><td width='30%'>Link</td>
3899                                         <td><a href=\"$site_url\">$site_url</a>
3900                                         <a href=\"$feed_url\">(feed)</a></td>
3901                                         </td></tr>";
3902                         } else {
3903                                 print "<tr><td width='30%'>Feed URL</td>
3904                                         <td><a href=\"$feed_url\">$feed_url</a></td></tr>";
3905                         }
3906                         print "<tr><td>Last updated</td><td>$last_updated</td></tr>";
3907                         print "<tr><td>Total articles</td><td>$total</td></tr>";
3908                         print "<tr><td>Unread articles</td><td>$unread</td></tr>";
3909                         print "<tr><td>Starred articles</td><td>$marked</td></tr>";
3910                         print "<tr><td>Subscribed users</td><td>$subscribed</td></tr>";
3911
3912                         print "</table>";
3913
3914 /*                      $result = db_query($link, "SELECT title,
3915                                 SUBSTRING(updated,1,16) AS updated,unread
3916                                 FROM ttrss_entries,ttrss_user_entries
3917                                 WHERE ref_id = id AND feed_id = '$feed_id'
3918                                 ORDER BY date_entered DESC LIMIT 5");
3919
3920                         if (db_num_rows($result) > 0) {
3921
3922                                 print "<h1>Latest headlines</h1>";
3923
3924                                 print "<ul class=\"nomarks\">";
3925
3926                                 while ($line = db_fetch_assoc($result)) {
3927                                         if ($line["unread"] == "t" || $line["unread"] == "1") {
3928                                                 $line["title"] = "<b>" . $line["title"] . "</b>";
3929                                         }
3930                                         print "<li>" . $line["title"].
3931                                         "&nbsp;<span class=\"insensitive\">(" .
3932                                                 date(get_pref($link, 'SHORT_DATE_FORMAT'),
3933                                                         strtotime($line["updated"])).
3934                                         ")</span></li>";
3935                                 }
3936
3937                                 print "</ul>";
3938
3939                         } */
3940                 }
3941
3942                 print "</div>";
3943
3944                 print "<div align='center'>
3945                         <input type='submit' class='button'
3946                         onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
3947         }
3948
3949         if ($op == "pref-feed-browser") {
3950
3951                 $subop = $_REQUEST["subop"];
3952
3953                 if ($subop == "details") {
3954                         $id = db_escape_string($_GET["id"]);
3955
3956                         print "<div class=\"browserFeedInfo\">";
3957                         print "<b>Feed information:</b>";
3958                         print "<div class=\"detailsPart\">";
3959
3960                         $result = db_query($link, "SELECT
3961                                         feed_url,site_url,
3962                                         SUBSTRING(last_updated,1,19) AS last_updated
3963                                 FROM ttrss_feeds WHERE id = '$id'");
3964
3965                         $feed_url = db_fetch_result($result, 0, "feed_url");
3966                         $site_url = db_fetch_result($result, 0, "site_url");
3967                         $last_updated = db_fetch_result($result, 0, "last_updated");
3968
3969                         if (get_pref($link, 'HEADLINES_SMART_DATE')) {
3970                                 $last_updated = smart_date_time(strtotime($last_updated));
3971                         } else {
3972                                 $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
3973                                 $last_updated = date($short_date, strtotime($last_updated));
3974                         }
3975
3976                         print "Site: <a href='$site_url'>$site_url</a> ".
3977                                 "(<a href='$feed_url'>feed</a>), ".
3978                                 "Last updated: $last_updated";
3979
3980                         print "</div>";
3981
3982                         $result = db_query($link, "SELECT
3983                                         ttrss_entries.title,
3984                                         content,
3985                                         substring(date_entered,1,19) as date_entered,
3986                                         substring(updated,1,19) as updated
3987                                 FROM ttrss_entries,ttrss_user_entries
3988                                 WHERE   ttrss_entries.id = ref_id AND feed_id = '$id'
3989                                 ORDER BY updated DESC LIMIT 5");
3990
3991                         if (db_num_rows($result) > 0) {
3992
3993                                 print "<b>Last headlines:</b><br>";
3994
3995                                 print "<div class=\"detailsPart\">";
3996                                 print "<ul class=\"compact\">";
3997                                 while ($line = db_fetch_assoc($result)) {
3998
3999                                         if (get_pref($link, 'HEADLINES_SMART_DATE')) {
4000                                                 $entry_dt = smart_date_time(strtotime($line["updated"]));
4001                                         } else {
4002                                                 $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
4003                                                 $entry_dt = date($short_date, strtotime($line["updated"]));
4004                                         }
4005
4006                                         print "<li>" . $line["title"] .
4007                                                 "&nbsp;<span class=\"insensitive\">($entry_dt)</span></li>";
4008                                 }
4009                                 print "</ul></div>";
4010                         }
4011
4012                         print "</div>";
4013
4014                         return;
4015                 }
4016
4017                 $result = db_query($link, "SELECT feed_url,count(id) AS subscribers
4018                         FROM ttrss_feeds
4019                         WHERE auth_login = '' AND auth_pass = '' AND private = false
4020                         GROUP BY feed_url ORDER BY subscribers DESC LIMIT 100");
4021
4022                 print "<ul class='nomarks' id='browseBigFeedList'>";
4023
4024                 $feedctr = 0;
4025
4026                 while ($line = db_fetch_assoc($result)) {
4027                         $feed_url = $line["feed_url"];
4028                         $subscribers = $line["subscribers"];
4029
4030                         $sub_result = db_query($link, "SELECT id
4031                                 FROM ttrss_feeds WHERE feed_url = '$feed_url' AND owner_uid =" .
4032                                 $_SESSION["uid"]);
4033
4034                         if (db_num_rows($sub_result) > 0) {
4035                                 continue; // already subscribed
4036                         }
4037
4038                         $det_result = db_query($link, "SELECT site_url,title,id
4039                                 FROM ttrss_feeds WHERE feed_url = '$feed_url' LIMIT 1");
4040
4041                         $details = db_fetch_assoc($det_result);
4042
4043                         $icon_file = ICONS_DIR . "/" . $details["id"] . ".ico";
4044
4045                         if (file_exists($icon_file) && filesize($icon_file) > 0) {
4046                                         $feed_icon = "<img class=\"tinyFeedIcon\"       src=\"" . ICONS_URL .
4047                                                 "/".$details["id"].".ico\">";
4048                         } else {
4049                                 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
4050                         }
4051
4052                         $check_box = "<input onclick='toggleSelectListRow(this)' class='feedBrowseCB'
4053                                 type=\"checkbox\" id=\"FBCHK-" . $details["id"] . "\">";
4054
4055                         $class = ($feedctr % 2) ? "even" : "odd";
4056
4057                         print "<li class='$class' id=\"FBROW-".$details["id"]."\">$check_box".
4058                                 "$feed_icon ";
4059
4060                         print "<a href=\"javascript:browserToggleExpand('".$details["id"]."')\">" .
4061                                 $details["title"] ."</a>&nbsp;" .
4062                                 "<span class='subscribers'>($subscribers)</span>";
4063
4064                         print "<div class=\"browserDetails\" id=\"BRDET-" . $details["id"] . "\">";
4065                         print "</div>";
4066
4067                         print "</li>";
4068
4069                                 ++$feedctr;
4070                 }
4071
4072                 if ($feedctr == 0) {
4073                         print "<li>No feeds found to subscribe.</li>";
4074                 }
4075
4076                 print "</ul>";
4077
4078                 print "<p>Selection:
4079                         <input type='submit' class='button' onclick=\"feedBrowserSubscribe()\"
4080                         value=\"Subscribe\"></p>";
4081
4082                 print "</div>";
4083
4084         }
4085
4086         db_close($link);
4087 ?>
4088
4089 <!-- <?= sprintf("Backend execution time: %.4f seconds", getmicrotime() - $script_started) ?> -->
4090