backend.php

   1 <?
   2         session_start();
   3
   4         if ($_GET["debug"]) {
   5                 define('DEFAULT_ERROR_LEVEL', E_ALL);
   6         } else {
   7                 define('DEFAULT_ERROR_LEVEL', E_ERROR | E_WARNING | E_PARSE);
   8         }
   9
  10         error_reporting(DEFAULT_ERROR_LEVEL);
  11
  12         $op = $_REQUEST["op"];
  13
  14         if ((!$op || $op == "rpc" || $op == "globalUpdateFeeds") && !$_REQUEST["noxml"]) {
  15                 header("Content-Type: application/xml");
  16         }
  17
  18         if (!$_SESSION["uid"] && $op != "globalUpdateFeeds") {
  19
  20                 if ($op == "rpc") {
  21                         print "<error error-code=\"6\"/>";
  22                 }
  23                 exit;
  24         }
  25
  26         if (!$op) {
  27                 print "<error error-code=\"7\"/>";
  28                 exit;
  29         }
  30
  31         define('SCHEMA_VERSION', 2);
  32
  33         require_once "sanity_check.php";
  34         require_once "config.php";
  35         require_once "db.php";
  36         require_once "db-prefs.php";
  37         require_once "functions.php";
  38         require_once "magpierss/rss_fetch.inc";
  39
  40         $script_started = getmicrotime();
  41
  42         $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
  43
  44         if (!$link) {
  45                 if (DB_TYPE == "mysql") {
  46                         print mysql_error();
  47                 }
  48                 // PG seems to display its own errors just fine by default.
  49                 return;
  50         }
  51
  52         if (DB_TYPE == "pgsql") {
  53                 pg_query("set client_encoding = 'utf-8'");
  54         }
  55
  56         $fetch = $_GET["fetch"];
  57
  58         function getAllCounters($link) {
  59                 getLabelCounters($link);
  60                 getFeedCounters($link);
  61                 getTagCounters($link);
  62                 getGlobalCounters($link);
  63         }
  64
  65         /* FIXME this needs reworking */
  66
  67         function getGlobalCounters($link) {
  68                 $result = db_query($link, "SELECT count(id) as c_id FROM ttrss_entries,ttrss_user_entries
  69                         WHERE unread = true AND
  70                         ttrss_user_entries.ref_id = ttrss_entries.id AND
  71                         owner_uid = " . $_SESSION["uid"]);
  72                 $c_id = db_fetch_result($result, 0, "c_id");
  73                 print "<counter id='global-unread' counter='$c_id'/>";
  74         }
  75
  76         function getTagCounters($link) {
  77
  78                 $result = db_query($link, "SELECT tag_name,count(ttrss_entries.id) AS count
  79                         FROM ttrss_tags,ttrss_entries,ttrss_user_entries WHERE
  80                         ttrss_user_entries.ref_id = ttrss_entries.id AND
  81                         ttrss_tags.owner_uid = ".$_SESSION["uid"]." AND
  82                         post_int_id = ttrss_user_entries.int_id AND unread = true GROUP BY tag_name
  83                 UNION
  84                         select tag_name,0 as count FROM ttrss_tags
  85                         WHERE ttrss_tags.owner_uid = ".$_SESSION["uid"]);
  86
  87                 $tags = array();
  88
  89                 while ($line = db_fetch_assoc($result)) {
  90                         $tags[$line["tag_name"]] += $line["count"];
  91                 }
  92
  93                 foreach (array_keys($tags) as $tag) {
  94                         $unread = $tags[$tag];
  95
  96                         $tag = htmlspecialchars($tag);
  97                         print "<tag id=\"$tag\" counter=\"$unread\"/>";
  98                 }
  99         }
 100
 101         function getLabelCounters($link) {
 102
 103                 $result = db_query($link, "SELECT count(id) as count FROM ttrss_entries,ttrss_user_entries
 104                         WHERE marked = true AND ttrss_user_entries.ref_id = ttrss_entries.id AND
 105                         unread = true AND owner_uid = ".$_SESSION["uid"]);
 106
 107                 $count = db_fetch_result($result, 0, "count");
 108
 109                 print "<label id=\"-1\" counter=\"$count\"/>";
 110
 111                 $result = db_query($link, "SELECT owner_uid,id,sql_exp,description FROM
 112                         ttrss_labels WHERE owner_uid = ".$_SESSION["uid"]." ORDER by description");
 113
 114                 while ($line = db_fetch_assoc($result)) {
 115
 116                         $id = -$line["id"] - 11;
 117
 118                         error_reporting (0);
 119
 120                         $tmp_result = db_query($link, "SELECT count(id) as count FROM ttrss_user_entries,ttrss_entries
 121                                 WHERE (" . $line["sql_exp"] . ") AND unread = true AND
 122                                 ttrss_user_entries.ref_id = ttrss_entries.id AND
 123                                 owner_uid = ".$_SESSION["uid"]);
 124
 125                         $count = db_fetch_result($tmp_result, 0, "count");
 126
 127                         print "<label id=\"$id\" counter=\"$count\"/>";
 128
 129                         error_reporting (DEFAULT_ERROR_LEVEL);
 130
 131                 }
 132         }
 133
 134         function getFeedCounter($link, $id) {
 135
 136                 $result = db_query($link, "SELECT
 137                                 count(id) as count FROM ttrss_entries,ttrss_user_entries
 138                         WHERE feed_id = '$id' AND unread = true
 139                         AND ttrss_user_entries.ref_id = ttrss_entries.id");
 140
 141                         $count = db_fetch_result($result, 0, "count");
 142
 143                         print "<feed id=\"$id\" counter=\"$count\"/>";
 144         }
 145
 146         function getFeedCounters($link) {
 147
 148                 $result = db_query($link, "SELECT id,
 149                         (SELECT count(id)
 150                                 FROM ttrss_entries,ttrss_user_entries
 151                                 WHERE feed_id = ttrss_feeds.id AND ttrss_user_entries.ref_id = ttrss_entries.id
 152                                 AND unread = true AND owner_uid = ".$_SESSION["uid"].") as count
 153                         FROM ttrss_feeds WHERE owner_uid = ".$_SESSION["uid"]);
 154
 155                 while ($line = db_fetch_assoc($result)) {
 156
 157                         $id = $line["id"];
 158                         $count = $line["count"];
 159
 160                         print "<feed id=\"$id\" counter=\"$count\"/>";
 161                 }
 162         }
 163
 164         function outputFeedList($link, $tags = false) {
 165
 166                 print "<html><head>
 167                         <title>Tiny Tiny RSS : Feedlist</title>
 168                         <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">";
 169
 170                 $user_theme = $_SESSION["theme"];
 171                 if ($user_theme) {
 172                         print "<link rel=\"stylesheet\" type=\"text/css\"
 173                                 href=\"themes/$user_theme/theme.css\">";
 174                 }
 175
 176                 if (get_pref($link, 'USE_COMPACT_STYLESHEET')) {
 177                         print "<link rel=\"stylesheet\" type=\"text/css\"
 178                                 href=\"tt-rss_compact.css\"/>";
 179                 } else {
 180                         print "<link title=\"Compact Stylesheet\" rel=\"alternate stylesheet\"
 181                                         type=\"text/css\" href=\"tt-rss_compact.css\"/>";
 182                 }
 183
 184                 print "<script type=\"text/javascript\" src=\"functions.js\"></script>
 185                         <script type=\"text/javascript\" src=\"feedlist.js\"></script>
 186                         <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
 187                         </head><body onload=\"init()\">";
 188
 189                 print "<ul class=\"feedList\" id=\"feedList\">";
 190
 191                 $owner_uid = $_SESSION["uid"];
 192
 193                 if (!$tags) {
 194
 195                         /* virtual feeds */
 196
 197                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 198                                 print "<li class=\"feedCat\">Special</li>";
 199                                 print "<li id=\"feedCatHolder\"><ul class=\"feedCatList\">";
 200                         }
 201
 202                         $result = db_query($link, "SELECT count(id) as num_starred
 203                                 FROM ttrss_entries,ttrss_user_entries
 204                                 WHERE marked = true AND
 205                                 ttrss_user_entries.ref_id = ttrss_entries.id AND
 206                                 unread = true AND owner_uid = '$owner_uid'");
 207                         $num_starred = db_fetch_result($result, 0, "num_starred");
 208
 209                         $class = "virt";
 210
 211                         if ($num_starred > 0) $class .= "Unread";
 212
 213                         printFeedEntry(-1, $class, "Starred articles", $num_starred,
 214                                 "images/mark_set.png", $link);
 215
 216                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 217                                 print "</li></ul>";
 218                         }
 219
 220                         if (get_pref($link, 'ENABLE_LABELS')) {
 221
 222                                 $result = db_query($link, "SELECT id,sql_exp,description FROM
 223                                         ttrss_labels WHERE owner_uid = '$owner_uid' ORDER by description");
 224
 225                                 if (db_num_rows($result) > 0) {
 226                                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 227                                                 print "<li class=\"feedCat\">Labels</li>";
 228                                                 print "<li id=\"feedCatHolder\"><ul class=\"feedCatList\">";
 229                                         } else {
 230                                                 print "<li><hr></li>";
 231                                         }
 232                                 }
 233
 234                                 while ($line = db_fetch_assoc($result)) {
 235
 236                                         error_reporting (0);
 237
 238                                         $tmp_result = db_query($link, "SELECT count(id) as count FROM ttrss_entries,ttrss_user_entries
 239                                                 WHERE (" . $line["sql_exp"] . ") AND unread = true AND
 240                                                 ttrss_user_entries.ref_id = ttrss_entries.id
 241                                                 AND owner_uid = '$owner_uid'");
 242
 243                                         $count = db_fetch_result($tmp_result, 0, "count");
 244
 245                                         $class = "label";
 246
 247                                         if ($count > 0) {
 248                                                 $class .= "Unread";
 249                                         }
 250
 251                                         error_reporting (DEFAULT_ERROR_LEVEL);
 252
 253                                         printFeedEntry(-$line["id"]-11,
 254                                                 $class, $line["description"], $count, "images/label.png", $link);
 255
 256                                 }
 257
 258                                 if (db_num_rows($result) > 0) {
 259                                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 260                                                 print "</li></ul>";
 261                                         }
 262                                 }
 263
 264                         }
 265
 266 //                      if (!get_pref($link, 'ENABLE_FEED_CATS')) {
 267                                 print "<li><hr></li>";
 268 //                      }
 269
 270                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 271                                 $order_by_qpart = "category,title";
 272                         } else {
 273                                 $order_by_qpart = "title";
 274                         }
 275
 276                         $result = db_query($link, "SELECT *,
 277                                 (SELECT count(id) FROM ttrss_entries,ttrss_user_entries
 278                                         WHERE feed_id = ttrss_feeds.id AND
 279                                         ttrss_user_entries.ref_id = ttrss_entries.id AND
 280                                         owner_uid = '$owner_uid') AS total,
 281                                 (SELECT count(id) FROM ttrss_entries,ttrss_user_entries
 282                                         WHERE feed_id = ttrss_feeds.id AND unread = true
 283                                                 AND ttrss_user_entries.ref_id = ttrss_entries.id
 284                                                 AND owner_uid = '$owner_uid') as unread,
 285                                 (SELECT title FROM ttrss_feed_categories
 286                                         WHERE id = cat_id) AS category
 287                                 FROM ttrss_feeds WHERE owner_uid = '$owner_uid' ORDER BY $order_by_qpart");
 288
 289                         $actid = $_GET["actid"];
 290
 291                         /* real feeds */
 292
 293                         $lnum = 0;
 294
 295                         $total_unread = 0;
 296
 297                         $category = "";
 298
 299                         while ($line = db_fetch_assoc($result)) {
 300
 301                                 $feed = $line["title"];
 302                                 $feed_id = $line["id"];
 303
 304                                 $subop = $_GET["subop"];
 305
 306                                 $total = $line["total"];
 307                                 $unread = $line["unread"];
 308
 309                                 $tmp_category = $line["category"];
 310
 311                                 if (!$tmp_category) {
 312                                         $tmp_category = "Uncategorized";
 313                                 }
 314
 315         //                      $class = ($lnum % 2) ? "even" : "odd";
 316
 317                                 $class = "feed";
 318
 319                                 if ($unread > 0) $class .= "Unread";
 320
 321                                 if ($actid == $feed_id) {
 322                                         $class .= "Selected";
 323                                 }
 324
 325                                 $total_unread += $unread;
 326
 327                                 if ($category != $tmp_category && get_pref($link, 'ENABLE_FEED_CATS')) {
 328
 329                                         if ($category) {
 330                                                 print "</li></ul></li>";
 331                                         }
 332
 333                                         $category = $tmp_category;
 334
 335                                         print "<li class=\"feedCat\">$category</li>";
 336                                         print "<li id=\"feedCatHolder\"><ul class=\"feedCatList\">";
 337                                 }
 338
 339                                 printFeedEntry($feed_id, $class, $feed, $unread,
 340                                         "icons/$feed_id.ico", $link);
 341
 342                                 ++$lnum;
 343                         }
 344
 345                 } else {
 346
 347                         // tags
 348
 349                         $result = db_query($link, "SELECT tag_name,count(ttrss_entries.id) AS count
 350                                 FROM ttrss_tags,ttrss_entries,ttrss_user_entries WHERE
 351                                 post_int_id = ttrss_user_entries.int_id AND
 352                                 unread = true AND ref_id = ttrss_entries.id
 353                                 AND ttrss_tags.owner_uid = '$owner_uid' GROUP BY tag_name
 354                         UNION
 355                                 select tag_name,0 as count FROM ttrss_tags WHERE owner_uid = '$owner_uid'
 356                         ORDER BY tag_name");
 357
 358                         $tags = array();
 359
 360                         while ($line = db_fetch_assoc($result)) {
 361                                 $tags[$line["tag_name"]] += $line["count"];
 362                         }
 363
 364                         foreach (array_keys($tags) as $tag) {
 365
 366                                 $unread = $tags[$tag];
 367
 368                                 $class = "tag";
 369
 370                                 if ($unread > 0) {
 371                                         $class .= "Unread";
 372                                 }
 373
 374                                 printFeedEntry($tag, $class, $tag, $unread, "images/tag.png", $link);
 375
 376                         }
 377
 378                 }
 379
 380                 if (db_num_rows($result) == 0) {
 381                         if ($tags) {
 382                                 $what = "tags";
 383                         } else {
 384                                 $what = "feeds";
 385                         }
 386                         print "<li>No $what to display.</li>";
 387                 }
 388
 389                 print "</ul>";
 390
 391                 print "<div class=\"invisible\" id=\"FEEDTU\">$total_unread</div>";
 392
 393         }
 394
 395
 396         if ($op == "rpc") {
 397
 398                 $subop = $_GET["subop"];
 399
 400                 if ($subop == "getLabelCounters") {
 401                         $aid = $_GET["aid"];
 402                         print "<rpc-reply>";
 403                         getLabelCounters($link);
 404                         if ($aid) {
 405                                 getFeedCounter($link, $aid);
 406                         }
 407                         print "</rpc-reply>";
 408                 }
 409
 410                 if ($subop == "getFeedCounters") {
 411                         print "<rpc-reply>";
 412                         getFeedCounters($link);
 413                         print "</rpc-reply>";
 414                 }
 415
 416                 if ($subop == "getAllCounters") {
 417                         print "<rpc-reply>";
 418                         getAllCounters($link);
 419                         print "</rpc-reply>";
 420                 }
 421
 422                 if ($subop == "mark") {
 423                         $mark = $_GET["mark"];
 424                         $id = db_escape_string($_GET["id"]);
 425
 426                         if ($mark == "1") {
 427                                 $mark = "true";
 428                         } else {
 429                                 $mark = "false";
 430                         }
 431
 432                         // FIXME this needs collision testing
 433
 434                         $result = db_query($link, "UPDATE ttrss_user_entries SET marked = $mark
 435                                 WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 436                 }
 437
 438                 if ($subop == "updateFeed") {
 439                         $feed_id = db_escape_string($_GET["feed"]);
 440
 441                         $result = db_query($link,
 442                                 "SELECT feed_url FROM ttrss_feeds WHERE id = '$feed_id'
 443                                         AND owner_uid = " . $_SESSION["uid"]);
 444
 445                         if (db_num_rows($result) > 0) {
 446                                 $feed_url = db_fetch_result($result, 0, "feed_url");
 447                                 update_rss_feed($link, $feed_url, $feed_id);
 448                         }
 449
 450                         print "<rpc-reply>";
 451                         getFeedCounter($link, $feed_id);
 452                         print "</rpc-reply>";
 453
 454                         return;
 455                 }
 456
 457                 if ($subop == "forceUpdateAllFeeds" || $subop == "updateAllFeeds") {
 458
 459                         update_all_feeds($link, $subop == "forceUpdateAllFeeds");
 460
 461                         $omode = $_GET["omode"];
 462
 463                         if (!$omode) $omode = "tfl";
 464
 465                         print "<rpc-reply>";
 466                         if (strchr($omode, "l")) getLabelCounters($link);
 467                         if (strchr($omode, "f")) getFeedCounters($link);
 468                         if (strchr($omode, "t")) getTagCounters($link);
 469                         getGlobalCounters($link);
 470                         print "</rpc-reply>";
 471                 }
 472
 473                 /* GET["cmode"] = 0 - mark as read, 1 - as unread, 2 - toggle */
 474                 if ($subop == "catchupSelected") {
 475
 476                         $ids = split(",", $_GET["ids"]);
 477
 478                         $cmode = sprintf("%d", $_GET["cmode"]);
 479
 480                         foreach ($ids as $id) {
 481
 482                                 if ($cmode == 0) {
 483                                         db_query($link, "UPDATE ttrss_user_entries SET
 484                                         unread = false,last_read = NOW()
 485                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 486                                 } else if ($cmode == 1) {
 487                                         db_query($link, "UPDATE ttrss_user_entries SET
 488                                         unread = true
 489                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 490                                 } else {
 491                                         db_query($link, "UPDATE ttrss_user_entries SET
 492                                         unread = NOT unread,last_read = NOW()
 493                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 494                                 }
 495                         }
 496                         print "<rpc-reply>";
 497                         getAllCounters($link);
 498                         print "</rpc-reply>";
 499                 }
 500
 501                 if ($subop == "markSelected") {
 502
 503                         $ids = split(",", $_GET["ids"]);
 504
 505                         $cmode = sprintf("%d", $_GET["cmode"]);
 506
 507                         foreach ($ids as $id) {
 508
 509                                 if ($cmode == 0) {
 510                                         db_query($link, "UPDATE ttrss_user_entries SET
 511                                         marked = false
 512                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 513                                 } else if ($cmode == 1) {
 514                                         db_query($link, "UPDATE ttrss_user_entries SET
 515                                         marked = true
 516                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 517                                 } else {
 518                                         db_query($link, "UPDATE ttrss_user_entries SET
 519                                         marked = NOT marked
 520                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 521                                 }
 522                         }
 523                         print "<rpc-reply>";
 524                         getAllCounters($link);
 525                         print "</rpc-reply>";
 526                 }
 527
 528                 if ($subop == "sanityCheck") {
 529
 530                         $error_code = 0;
 531
 532                         $result = db_query($link, "SELECT schema_version FROM ttrss_version");
 533
 534                         $schema_version = db_fetch_result($result, 0, "schema_version");
 535
 536                         if ($schema_version != SCHEMA_VERSION) {
 537                                 $error_code = 5;
 538                         }
 539
 540                         print "<error error-code='$error_code'/>";
 541                 }
 542
 543                 if ($subop == "globalPurge") {
 544
 545                         print "<rpc-reply>";
 546                         global_purge_old_posts($link, true);
 547                         print "</rpc-reply>";
 548
 549                 }
 550
 551         }
 552
 553         if ($op == "feeds") {
 554
 555                 $tags = $_GET["tags"];
 556
 557                 $subop = $_GET["subop"];
 558
 559                 if ($subop == "catchupAll") {
 560                         db_query($link, "UPDATE ttrss_user_entries SET
 561                                 last_read = NOW(),unread = false WHERE owner_uid = " . $_SESSION["uid"]);
 562                 }
 563
 564                 outputFeedList($link, $tags);
 565
 566         }
 567
 568         if ($op == "view") {
 569
 570                 $id = $_GET["id"];
 571                 $feed_id = $_GET["feed"];
 572
 573                 $result = db_query($link, "UPDATE ttrss_user_entries
 574                         SET unread = false,last_read = NOW()
 575                         WHERE ref_id = '$id' AND feed_id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]);
 576
 577                 $addheader = $_GET["addheader"];
 578
 579                 $result = db_query($link, "SELECT title,link,content,feed_id,comments,int_id,
 580                         SUBSTRING(updated,1,16) as updated,
 581                         (SELECT icon_url FROM ttrss_feeds WHERE id = feed_id) as icon_url
 582                         FROM ttrss_entries,ttrss_user_entries
 583                         WHERE   id = '$id' AND ref_id = id");
 584
 585                 if ($addheader) {
 586                         print "<html><head>
 587                                 <title>Tiny Tiny RSS : Article $id</title>
 588                                 <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">";
 589
 590                         $user_theme = $_SESSION["theme"];
 591                         if ($user_theme) {
 592                                 print "<link rel=\"stylesheet\" type=\"text/css\"
 593                                         href=\"themes/$user_theme/theme.css\">";
 594                         }
 595
 596                         if (get_pref($link, 'USE_COMPACT_STYLESHEET')) {
 597                                 print "<link rel=\"stylesheet\" type=\"text/css\"
 598                                         href=\"tt-rss_compact.css\"/>";
 599                         } else {
 600                                 print "<link title=\"Compact Stylesheet\" rel=\"alternate stylesheet\"
 601                                                 type=\"text/css\" href=\"tt-rss_compact.css\"/>";
 602                         }
 603
 604                         print "<script type=\"text/javascript\" src=\"functions.js\"></script>
 605                                 <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
 606                                 </head><body>";
 607                 }
 608
 609                 if ($result) {
 610
 611                         $line = db_fetch_assoc($result);
 612
 613                         if ($line["icon_url"]) {
 614                                 $feed_icon = "<img class=\"feedIcon\" src=\"" . $line["icon_url"] . "\">";
 615                         } else {
 616                                 $feed_icon = "&nbsp;";
 617                         }
 618
 619                         if ($line["comments"] && $line["link"] != $line["comments"]) {
 620                                 $entry_comments = "(<a href=\"".$line["comments"]."\">Comments</a>)";
 621                         } else {
 622                                 $entry_comments = "";
 623                         }
 624
 625                         print "<div class=\"postReply\">";
 626
 627                         print "<div class=\"postHeader\"><table width=\"100%\">";
 628
 629                         print "<tr><td>" . $line["title"] . "</td>";
 630
 631                         $parsed_updated = date(get_pref($link, 'LONG_DATE_FORMAT'),
 632                                 strtotime($line["updated"]));
 633
 634                         print "<td class=\"postDate\">$parsed_updated</td>";
 635
 636                         print "</tr>";
 637
 638                         $tmp_result = db_query($link, "SELECT DISTINCT tag_name FROM
 639                                 ttrss_tags WHERE post_int_id = " . $line["int_id"] . "
 640                                 ORDER BY tag_name");
 641
 642                         $tags_str = "";
 643
 644                         while ($tmp_line = db_fetch_assoc($tmp_result)) {
 645                                 $tag = $tmp_line["tag_name"];
 646                                 $tags_str .= "<a href=\"javascript:parent.viewfeed('$tag')\">$tag</a>, ";
 647                         }
 648
 649                         $tags_str = preg_replace("/, $/", "", $tags_str);
 650
 651                         print "<tr><td width='50%'>
 652                                 <a href=\"" . $line["link"] . "\">".$line["link"]."</a>
 653                                 $entry_comments</td>
 654                                 <td align=\"right\">$tags_str</td></tr>";
 655
 656 /*                      if ($tags_str) {
 657                                 print "<tr><td><b>Tags:</b></td>
 658                                         <td width='100%'>$tags_str</td></tr>";
 659                         } */
 660
 661                         print "</table></div>";
 662
 663                         print "<div class=\"postIcon\">" . $feed_icon . "</div>";
 664                         print "<div class=\"postContent\">" . $line["content"] . "</div>";
 665
 666                         print "</div>";
 667
 668                         print "<script type=\"text/javascript\">
 669                                 update_all_counters('$feed_id');
 670                         </script>";
 671                 }
 672
 673                 if ($addheader) {
 674                         print "</body></html>";
 675                 }
 676         }
 677
 678         if ($op == "viewfeed") {
 679
 680                 $feed = $_GET["feed"];
 681                 $skip = $_GET["skip"];
 682                 $subop = $_GET["subop"];
 683                 $view_mode = $_GET["view"];
 684                 $addheader = $_GET["addheader"];
 685                 $limit = $_GET["limit"];
 686
 687                 if (!$feed) {
 688                         return;
 689                 }
 690
 691                 if (!$skip) $skip = 0;
 692
 693                 if ($subop == "undefined") $subop = "";
 694
 695                 if ($addheader) {
 696                         print "<html><head>
 697                                 <title>Tiny Tiny RSS : Feed $feed</title>
 698                                 <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">";
 699
 700                         $user_theme = $_SESSION["theme"];
 701                         if ($user_theme) {
 702                                 print "<link rel=\"stylesheet\" type=\"text/css\"
 703                                         href=\"themes/$user_theme/theme.css\">";
 704                         }
 705
 706                         if (get_pref($link, 'USE_COMPACT_STYLESHEET')) {
 707                                 print "<link rel=\"stylesheet\"
 708                                                 type=\"text/css\" href=\"tt-rss_compact.css\"/>";
 709
 710                         } else {
 711                                 print "<link title=\"Compact Stylesheet\" rel=\"alternate stylesheet\"
 712                                                 type=\"text/css\" href=\"tt-rss_compact.css\"/>";
 713                         }
 714
 715                         print "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
 716                                 <script type=\"text/javascript\" src=\"functions.js\"></script>
 717                                 <script type=\"text/javascript\" src=\"viewfeed.js\"></script>
 718                                 </head><body onload='init()'>";
 719                 }
 720
 721                 if ($subop == "ForceUpdate" && sprintf("%d", $feed) > 0) {
 722
 723                         $tmp_result = db_query($link, "SELECT feed_url FROM ttrss_feeds
 724                                 WHERE id = '$feed'");
 725
 726                         $feed_url = db_fetch_result($tmp_result, 0, "feed_url");
 727
 728                         update_rss_feed($link, $feed_url, $feed);
 729
 730                 }
 731
 732                 if ($subop == "MarkAllRead")  {
 733
 734                         if (sprintf("%d", $feed) != 0) {
 735
 736                                 if ($feed > 0) {
 737                                         db_query($link, "UPDATE ttrss_user_entries
 738                                                 SET unread = false,last_read = NOW()
 739                                                 WHERE feed_id = '$feed' AND owner_uid = " . $_SESSION["uid"]);
 740
 741                                 } else if ($feed < 0 && $feed > -10) { // special, like starred
 742
 743                                         if ($feed == -1) {
 744                                                 db_query($link, "UPDATE ttrss_user_entries
 745                                                         SET unread = false,last_read = NOW()
 746                                                         WHERE marked = true AND owner_uid = ".$_SESSION["uid"]);
 747                                         }
 748
 749                                 } else if ($feed < -10) { // label
 750
 751                                         // TODO make this more efficient
 752
 753                                         $label_id = -$feed - 11;
 754
 755                                         $tmp_result = db_query($link, "SELECT sql_exp FROM ttrss_labels
 756                                                 WHERE id = '$label_id'");
 757
 758                                         if ($tmp_result) {
 759                                                 $sql_exp = db_fetch_result($tmp_result, 0, "sql_exp");
 760
 761                                                 db_query($link, "BEGIN");
 762
 763                                                 $tmp2_result = db_query($link,
 764                                                         "SELECT
 765                                                                 int_id
 766                                                         FROM
 767                                                                 ttrss_user_entries,ttrss_entries
 768                                                         WHERE
 769                                                                 ref_id = id AND
 770                                                                 $sql_exp AND
 771                                                                 owner_uid = " . $_SESSION["uid"]);
 772
 773                                                 while ($tmp_line = db_fetch_assoc($tmp2_result)) {
 774                                                         db_query($link, "UPDATE
 775                                                                 ttrss_user_entries
 776                                                         SET
 777                                                                 unread = false, last_read = NOW()
 778                                                         WHERE
 779                                                                 int_id = " . $tmp_line["int_id"]);
 780                                                 }
 781
 782                                                 db_query($link, "COMMIT");
 783
 784 /*                                              db_query($link, "UPDATE ttrss_user_entries,ttrss_entries
 785                                                         SET unread = false,last_read = NOW()
 786                                                         WHERE $sql_exp
 787                                                         AND ref_id = id
 788                                                         AND owner_uid = ".$_SESSION["uid"]); */
 789                                         }
 790                                 }
 791                         } else { // tag
 792                                 db_query($link, "BEGIN");
 793
 794                                 $tag_name = db_escape_string($feed);
 795
 796                                 $result = db_query($link, "SELECT post_int_id FROM ttrss_tags
 797                                         WHERE tag_name = '$tag_name' AND owner_uid = " . $_SESSION["uid"]);
 798
 799                                 while ($line = db_fetch_assoc($result)) {
 800                                         db_query($link, "UPDATE ttrss_user_entries SET
 801                                                 unread = false, last_read = NOW()
 802                                                 WHERE int_id = " . $line["post_int_id"]);
 803                                 }
 804                                 db_query($link, "COMMIT");
 805                         }
 806
 807                 }
 808
 809                 $search = $_GET["search"];
 810
 811                 $search_mode = $_GET["smode"];
 812
 813                 if ($search) {
 814                         $search_query_part = "(upper(title) LIKE upper('%$search%')
 815                                 OR content LIKE '%$search%') AND";
 816                 } else {
 817                         $search_query_part = "";
 818                 }
 819
 820                 $view_query_part = "";
 821
 822                 if ($view_mode == "Starred") {
 823                         $view_query_part = " marked = true AND ";
 824                 }
 825
 826                 if ($view_mode == "Unread") {
 827                         $view_query_part = " unread = true AND ";
 828                 }
 829
 830                 if ($view_mode == "Unread or Starred") {
 831                         $view_query_part = " (unread = true OR marked = true) AND ";
 832                 }
 833
 834                 if ($view_mode == "Unread or Updated") {
 835                         $view_query_part = " (unread = true OR last_read is NULL) AND ";
 836                 }
 837
 838 /*              $result = db_query($link, "SELECT count(id) AS total_entries
 839                         FROM ttrss_entries WHERE
 840                         $search_query_part
 841                         feed_id = '$feed'");
 842
 843                 $total_entries = db_fetch_result($result, 0, "total_entries"); */
 844
 845 /*              $result = db_query("SELECT count(id) AS unread_entries
 846                         FROM ttrss_entries WHERE
 847                         $search_query_part
 848                         unread = true AND
 849                         feed_id = '$feed'");
 850
 851                 $unread_entries = db_fetch_result($result, 0, "unread_entries"); */
 852
 853                 if ($limit && $limit != "All") {
 854                         $limit_query_part = "LIMIT " . $limit;
 855                 }
 856
 857                 $vfeed_query_part = "";
 858
 859                 // override query strategy and enable feed display when searching globally
 860                 if ($search && $search_mode == "All feeds") {
 861                         $query_strategy_part = "id > 0";
 862                         $vfeed_query_part = "(SELECT title FROM ttrss_feeds WHERE
 863                                 id = feed_id) as feed_title,";
 864                 } else if (sprintf("%d", $feed) == 0) {
 865                         $query_strategy_part = "ttrss_entries.id > 0";
 866                         $vfeed_query_part = "(SELECT title FROM ttrss_feeds WHERE
 867                                 id = feed_id) as feed_title,";
 868                 } else if ($feed >= 0) {
 869                         $query_strategy_part = "feed_id = '$feed'";
 870                 } else if ($feed == -1) { // starred virtual feed
 871                         $query_strategy_part = "marked = true";
 872                         $vfeed_query_part = "(SELECT title FROM ttrss_feeds WHERE
 873                                 id = feed_id) as feed_title,";
 874                 } else if ($feed <= -10) { // labels
 875                         $label_id = -$feed - 11;
 876
 877                         $tmp_result = db_query($link, "SELECT sql_exp FROM ttrss_labels
 878                                 WHERE id = '$label_id'");
 879
 880                         $query_strategy_part = db_fetch_result($tmp_result, 0, "sql_exp");
 881
 882                         $vfeed_query_part = "(SELECT title FROM ttrss_feeds WHERE
 883                                 id = feed_id) as feed_title,";
 884                 } else {
 885                         $query_strategy_part = "id > 0"; // dumb
 886                 }
 887
 888                 $order_by = "updated DESC";
 889
 890 //              if ($feed < -10) {
 891 //                      $order_by = "feed_id,updated DESC";
 892 //              }
 893
 894                 $feed_title = "";
 895
 896                 if ($search && $search_mode == "All feeds") {
 897                         $feed_title = "Search results";
 898                 } else if (sprintf("%d", $feed) == 0) {
 899                         $feed_title = $feed;
 900                 } else if ($feed > 0) {
 901                         $result = db_query($link, "SELECT title,site_url FROM ttrss_feeds
 902                                 WHERE id = '$feed'");
 903
 904                         $feed_title = db_fetch_result($result, 0, "title");
 905                         $feed_site_url = db_fetch_result($result, 0, "site_url");
 906
 907                 } else if ($feed == -1) {
 908                         $feed_title = "Starred articles";
 909                 } else if ($feed < -10) {
 910                         $label_id = -$feed - 11;
 911                         $result = db_query($link, "SELECT description FROM ttrss_labels
 912                                 WHERE id = '$label_id'");
 913                         $feed_title = db_fetch_result($result, 0, "description");
 914                 } else {
 915                         $feed_title = "?";
 916                 }
 917
 918                 if ($feed < -10) error_reporting (0);
 919
 920                 if (sprintf("%d", $feed) != 0) {
 921
 922                         if ($feed > 0) {
 923                                 $feed_kind = "Feeds";
 924                         } else {
 925                                 $feed_kind = "Labels";
 926                         }
 927
 928                         if (!$vfeed_query_part) {
 929                                 $content_query_part = "content as content_preview,";
 930                         } else {
 931                                 $content_query_part = "";
 932                         }
 933
 934                         $result = db_query($link, "SELECT
 935                                         id,title,
 936                                         SUBSTRING(updated,1,16) as updated,
 937                                         unread,feed_id,marked,link,last_read,
 938                                         SUBSTRING(last_read,1,19) as last_read_noms,
 939                                         $vfeed_query_part
 940                                         $content_query_part
 941                                         SUBSTRING(updated,1,19) as updated_noms
 942                                 FROM
 943                                         ttrss_entries,ttrss_user_entries
 944                                 WHERE
 945                                 ttrss_user_entries.ref_id = ttrss_entries.id AND
 946                                 owner_uid = '".$_SESSION["uid"]."' AND
 947                                 $search_query_part
 948                                 $view_query_part
 949                                 $query_strategy_part ORDER BY $order_by
 950                                 $limit_query_part");
 951
 952                 } else {
 953                         // browsing by tag
 954
 955                         $feed_kind = "Tags";
 956
 957                         $result = db_query($link, "SELECT
 958                                 ttrss_entries.id as id,title,
 959                                 SUBSTRING(updated,1,16) as updated,
 960                                 unread,feed_id,
 961                                 marked,link,last_read,
 962                                 SUBSTRING(last_read,1,19) as last_read_noms,
 963                                 $vfeed_query_part
 964                                 $content_query_part
 965                                 SUBSTRING(updated,1,19) as updated_noms
 966                                 FROM
 967                                         ttrss_entries,ttrss_user_entries,ttrss_tags
 968                                 WHERE
 969                                         ref_id = ttrss_entries.id AND
 970                                         ttrss_user_entries.owner_uid = '".$_SESSION["uid"]."' AND
 971                                         post_int_id = int_id AND tag_name = '$feed' AND
 972                                         $view_query_part
 973                                         $search_query_part
 974                                         $query_strategy_part ORDER BY $order_by
 975                                 $limit_query_part");
 976                 }
 977
 978                 if (!$result) {
 979                         print "<div align='center'>
 980                                 Could not display feed (query failed). Please check match syntax or local configuration.</div>";
 981                         return;
 982                 }
 983
 984                 if (db_num_rows($result) > 0) {
 985
 986                         print "<table class=\"headlinesSubToolbar\"
 987                                 width=\"100%\" cellspacing=\"0\" cellpadding=\"0\"><tr>";
 988
 989                         print "<td class=\"headlineActions\">
 990                                 Select:
 991                                                 <a href=\"javascript:selectTableRowsByIdPrefix('headlinesList',
 992                                                         'RROW-', 'RCHK-', true)\">All</a>,
 993                                                 <a href=\"javascript:selectTableRowsByIdPrefix('headlinesList',
 994                                                         'RROW-', 'RCHK-', true, 'Unread')\">Unread</a>,
 995                                                 <a href=\"javascript:selectTableRowsByIdPrefix('headlinesList',
 996                                                         'RROW-', 'RCHK-', false)\">None</a>
 997                                 &nbsp;&nbsp;
 998                                 Toggle: <a href=\"javascript:toggleUnread()\">Unread</a>,
 999                                                 <a href=\"javascript:toggleStarred()\">Starred</a>";
1000
1001                         print "</td>";
1002
1003                         print "<td class=\"headlineTitle\">";
1004
1005                         if ($feed_site_url) {
1006                                 print "<a target=\"_blank\" href=\"$feed_site_url\">$feed_title</a>";
1007                         } else {
1008                                 print $feed_title;
1009                         }
1010
1011                         print "</td>";
1012                         print "</tr></table>";
1013
1014
1015                         print "<table class=\"headlinesList\" id=\"headlinesList\"
1016                                 cellspacing=\"0\" width=\"100%\">";
1017
1018                         $lnum = 0;
1019
1020                         error_reporting (DEFAULT_ERROR_LEVEL);
1021
1022                         $num_unread = 0;
1023
1024                         while ($line = db_fetch_assoc($result)) {
1025
1026                                 $class = ($lnum % 2) ? "even" : "odd";
1027
1028                                 $id = $line["id"];
1029                                 $feed_id = $line["feed_id"];
1030
1031                                 if ($line["last_read"] == "" &&
1032                                                 ($line["unread"] != "t" && $line["unread"] != "1")) {
1033
1034                                         $update_pic = "<img id='FUPDPIC-$id' src=\"images/updated.png\"
1035                                                 alt=\"Updated\">";
1036                                 } else {
1037                                         $update_pic = "<img id='FUPDPIC-$id' src=\"images/blank_icon.gif\"
1038                                                 alt=\"Updated\">";
1039                                 }
1040
1041                                 if ($line["unread"] == "t" || $line["unread"] == "1") {
1042                                         $class .= "Unread";
1043                                         ++$num_unread;
1044                                 }
1045
1046                                 if ($line["marked"] == "t" || $line["marked"] == "1") {
1047                                         $marked_pic = "<img id=\"FMARKPIC-$id\" src=\"images/mark_set.png\"
1048                                                 alt=\"Reset mark\" onclick='javascript:toggleMark($id, false)'>";
1049                                 } else {
1050                                         $marked_pic = "<img id=\"FMARKPIC-$id\" src=\"images/mark_unset.png\"
1051                                                 alt=\"Set mark\" onclick='javascript:toggleMark($id, true)'>";
1052                                 }
1053
1054                                 $content_link = "<a id=\"FTITLE-$id\" href=\"javascript:view($id,$feed_id);\">" .
1055                                         $line["title"] . "</a>";
1056
1057                                 print "<tr class='$class' id='RROW-$id'>";
1058                                 // onclick=\"javascript:view($id,$feed_id)\">
1059
1060                                 print "<td class='hlUpdatePic'>$update_pic</td>";
1061
1062                                 print "<td class='hlSelectRow'>
1063                                         <input type=\"checkbox\" onclick=\"toggleSelectRow(this)\"
1064                                                 class=\"feedCheckBox\" id=\"RCHK-$id\">
1065                                         </td>";
1066
1067                                 print "<td class='hlMarkedPic'>$marked_pic</td>";
1068
1069                                 if ($line["feed_title"]) {
1070                                         print "<td class='hlContent'>$content_link</td>";
1071                                         print "<td class='hlFeed'>
1072                                                 <a href='javascript:viewfeed($feed_id)'>".$line["feed_title"]."</a></td>";
1073                                 } else {
1074                                         print "<td class='hlContent'>";
1075
1076                                         print "<a id=\"FTITLE-$id\" href=\"javascript:view($id,$feed_id);\">" .
1077                                                 $line["title"];
1078
1079                                         if (get_pref($link, 'SHOW_CONTENT_PREVIEW')) {
1080
1081                                                 $content_preview = truncate_string(strip_tags($line["content_preview"]),
1082                                                         101);
1083
1084                                                 if ($content_preview) {
1085                                                         print "<span class=\"contentPreview\"> - $content_preview</span>";
1086                                                 }
1087                                         }
1088
1089                                         print "</a>";
1090                                         print "</td>";
1091                                 }
1092
1093                                 if (get_pref($link, 'HEADLINES_SMART_DATE')) {
1094                                         $updated_fmt = smart_date_time(strtotime($line["updated"]));
1095                                 } else {
1096                                         $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
1097                                         $updated_fmt = date($short_date, strtotime($line["updated"]));
1098                                 }
1099
1100                                 print "<td class=\"hlUpdated\"><nobr>$updated_fmt&nbsp;</nobr></td>";
1101
1102                                 print "</tr>";
1103
1104                                 ++$lnum;
1105                         }
1106
1107                         print "</table>";
1108
1109                 } else {
1110                         print "<div width='100%' align='center'>No articles found.</div>";
1111                 }
1112
1113                 print "<script type=\"text/javascript\">
1114                         document.onkeydown = hotkey_handler;
1115                         update_all_counters('$feed');
1116                 </script>";
1117
1118                 if ($addheader) {
1119                         print "</body></html>";
1120                 }
1121
1122         }
1123
1124         if ($op == "pref-rpc") {
1125
1126                 $subop = $_GET["subop"];
1127
1128                 if ($subop == "unread") {
1129                         $ids = split(",", $_GET["ids"]);
1130                         foreach ($ids as $id) {
1131                                 db_query($link, "UPDATE ttrss_user_entries SET unread = true
1132                                         WHERE feed_id = '$id' AND owner_uid = ".$_SESSION["uid"]);
1133                         }
1134
1135                         print "Marked selected feeds as unread.";
1136                 }
1137
1138                 if ($subop == "read") {
1139                         $ids = split(",", $_GET["ids"]);
1140                         foreach ($ids as $id) {
1141                                 db_query($link, "UPDATE ttrss_user_entries
1142                                         SET unread = false,last_read = NOW() WHERE
1143                                                 feed_id = '$id' AND owner_uid = ".$_SESSION["uid"]);
1144                         }
1145
1146                         print "Marked selected feeds as read.";
1147
1148                 }
1149
1150         }
1151
1152         if ($op == "pref-feeds") {
1153
1154                 $subop = $_GET["subop"];
1155
1156                 if ($subop == "editSave") {
1157                         $feed_title = db_escape_string($_GET["t"]);
1158                         $feed_link = db_escape_string($_GET["l"]);
1159                         $upd_intl = db_escape_string($_GET["ui"]);
1160                         $purge_intl = db_escape_string($_GET["pi"]);
1161                         $feed_id = db_escape_string($_GET["id"]);
1162                         $cat_id = db_escape_string($_GET["catid"]);
1163
1164                         if (strtoupper($upd_intl) == "DEFAULT")
1165                                 $upd_intl = 0;
1166
1167                         if (strtoupper($purge_intl) == "DEFAULT")
1168                                 $purge_intl = 0;
1169
1170                         if (strtoupper($purge_intl) == "DISABLED")
1171                                 $purge_intl = -1;
1172
1173                         if ($cat_id != 0) {
1174                                 $category_qpart = "cat_id = '$cat_id'";
1175                         } else {
1176                                 $category_qpart = 'cat_id = NULL';
1177                         }
1178
1179                         $result = db_query($link, "UPDATE ttrss_feeds SET
1180                                 $category_qpart,
1181                                 title = '$feed_title', feed_url = '$feed_link',
1182                                 update_interval = '$upd_intl',
1183                                 purge_interval = '$purge_intl'
1184                                 WHERE id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]);
1185
1186                 }
1187
1188                 if ($subop == "remove") {
1189
1190                         if (!WEB_DEMO_MODE) {
1191
1192                                 $ids = split(",", $_GET["ids"]);
1193
1194                                 foreach ($ids as $id) {
1195                                         db_query($link, "DELETE FROM ttrss_feeds
1196                                                 WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
1197
1198                                         $icons_dir = ICONS_DIR;
1199
1200                                         if (file_exists($icons_dir . "/$id.ico")) {
1201                                                 unlink($icons_dir . "/$id.ico");
1202                                         }
1203                                 }
1204                         }
1205                 }
1206
1207                 if ($subop == "add") {
1208
1209                         if (!WEB_DEMO_MODE) {
1210
1211                                 $feed_link = db_escape_string(trim($_GET["link"]));
1212
1213                                 $result = db_query($link,
1214                                         "SELECT id FROM ttrss_feeds
1215                                         WHERE feed_url = '$feed_link' AND owner_uid = ".$_SESSION["uid"]);
1216
1217                                 if (db_num_rows($result) == 0) {
1218
1219                                         $result = db_query($link,
1220                                                 "INSERT INTO ttrss_feeds (owner_uid,feed_url,title)
1221                                                 VALUES ('".$_SESSION["uid"]."', '$feed_link', '')");
1222
1223                                         $result = db_query($link,
1224                                         "SELECT id FROM ttrss_feeds WHERE feed_url = '$feed_link'
1225                                                 AND owner_uid = " . $_SESSION["uid"]);
1226
1227                                         $feed_id = db_fetch_result($result, 0, "id");
1228
1229                                         if ($feed_id) {
1230                                                 update_rss_feed($link, $feed_link, $feed_id, true);
1231                                         }
1232                                 } else {
1233
1234                                         print "<div class=\"warning\">
1235                                                 Feed <b>$feed_link</b> already exists in the database.
1236                                         </div>";
1237                                 }
1238                         }
1239                 }
1240
1241                 if ($subop == "addCat") {
1242
1243                         if (!WEB_DEMO_MODE) {
1244
1245                                 $feed_cat = db_escape_string(trim($_GET["cat"]));
1246
1247                                 $result = db_query($link,
1248                                         "SELECT id FROM ttrss_feed_categories
1249                                         WHERE title = '$feed_cat' AND owner_uid = ".$_SESSION["uid"]);
1250
1251                                 if (db_num_rows($result) == 0) {
1252
1253                                         $result = db_query($link,
1254                                                 "INSERT INTO ttrss_feed_categories (owner_uid,title)
1255                                                 VALUES ('".$_SESSION["uid"]."', '$feed_cat')");
1256
1257                                 } else {
1258
1259                                         print "<div class=\"warning\">
1260                                                 Category <b>$feed_cat</b> already exists in the database.
1261                                         </div>";
1262                                 }
1263
1264
1265                         }
1266                 }
1267
1268                 if ($subop == "removeCats") {
1269
1270                         if (!WEB_DEMO_MODE) {
1271
1272                                 $ids = split(",", $_GET["ids"]);
1273
1274                                 foreach ($ids as $id) {
1275
1276                                         db_query($link, "BEGIN");
1277
1278                                         $result = db_query($link,
1279                                                 "SELECT count(id) as num_feeds FROM ttrss_feeds
1280                                                         WHERE cat_id = '$id'");
1281
1282                                         $num_feeds = db_fetch_result($result, 0, "num_feeds");
1283
1284                                         if ($num_feeds == 0) {
1285                                                 db_query($link, "DELETE FROM ttrss_feed_categories
1286                                                         WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
1287                                         } else {
1288
1289                                                 print "<div class=\"warning\">
1290                                                         Unable to delete non empty feed categories.</div>";
1291
1292                                         }
1293
1294                                         db_query($link, "COMMIT");
1295                                 }
1296                         }
1297                 }
1298
1299 //              print "<h3>Edit Feeds</h3>";
1300
1301                 $result = db_query($link, "SELECT id,title,feed_url,last_error
1302                         FROM ttrss_feeds WHERE last_error != '' AND owner_uid = ".$_SESSION["uid"]);
1303
1304                 if (db_num_rows($result) > 0) {
1305
1306                         print "<div class=\"warning\">";
1307
1308                         print "<b>Feeds with update errors:</b>";
1309
1310                         print "<ul class=\"nomarks\">";
1311
1312                         while ($line = db_fetch_assoc($result)) {
1313                                 print "<li>" . $line["title"] . " (" . $line["feed_url"] . "): " .
1314                                         $line["last_error"];
1315                         }
1316
1317                         print "</ul>";
1318                         print "</div>";
1319
1320                 }
1321
1322                 print "<p><div class=\"prefGenericAddBox\">
1323                         <input id=\"fadd_link\" size=\"40\">&nbsp;<input
1324                                 type=\"submit\" class=\"button\"
1325                                 onclick=\"javascript:addFeed()\" value=\"Add feed\"></div>";
1326
1327                 $feeds_sort = db_escape_string($_GET["sort"]);
1328
1329                 if (!$feeds_sort || $feeds_sort == "undefined") {
1330                         $feeds_sort = $_SESSION["pref_sort_feeds"];
1331                         if (!$feeds_sort) $feeds_sort = "title";
1332                 }
1333
1334                 $_SESSION["pref_sort_feeds"] = $feeds_sort;
1335
1336                 $result = db_query($link, "SELECT
1337                                 id,title,feed_url,substring(last_updated,1,16) as last_updated,
1338                                 update_interval,purge_interval,
1339                                 (SELECT title FROM ttrss_feed_categories
1340                                         WHERE id = cat_id) AS category
1341                         FROM
1342                                 ttrss_feeds WHERE owner_uid = '".$_SESSION["uid"]."'
1343                         ORDER by $feeds_sort,title");
1344
1345                 if (db_num_rows($result) != 0) {
1346
1347                         print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
1348
1349                         print "<p><table width=\"100%\" cellspacing=\"0\"
1350                                 class=\"prefFeedList\" id=\"prefFeedList\">";
1351                         print "<tr><td class=\"selectPrompt\" colspan=\"8\">
1352                                 Select:
1353                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFeedList',
1354                                                 'FEEDR-', 'FRCHK-', true)\">All</a>,
1355                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFeedList',
1356                                                 'FEEDR-', 'FRCHK-', false)\">None</a>
1357                                 </td</tr>";
1358
1359                         print "<tr class=\"title\">
1360                                                 <td width=\"3%\">&nbsp;</td>
1361                                                 <td width=\"3%\">Select</td>
1362                                                 <td width=\"20%\">
1363                                                         <a href=\"javascript:updateFeedList('title')\">Title</a></td>
1364                                                 <td width=\"20%\">
1365                                                         <a href=\"javascript:updateFeedList('feed_url')\">Link</a>
1366                                                 </td>";
1367
1368                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
1369                                 print "<td width=\"10%\">
1370                                         <a href=\"javascript:updateFeedList('category')\">Category</a></td>";
1371                         }
1372
1373                         print "
1374                                 <td width=\"10%\">
1375                                         <a href=\"javascript:updateFeedList('update_interval')\">Update Interval</a>
1376                                 </td>
1377                                 <td width=\"10%\">
1378                                         <a href=\"javascript:updateFeedList('purge_interval')\">Purge Days</a>
1379                                 </td>
1380                         </tr>";
1381
1382                         $lnum = 0;
1383
1384                         while ($line = db_fetch_assoc($result)) {
1385
1386                                 $class = ($lnum % 2) ? "even" : "odd";
1387
1388                                 $feed_id = $line["id"];
1389
1390                                 $edit_feed_id = $_GET["id"];
1391
1392                                 if ($subop == "edit" && $feed_id != $edit_feed_id) {
1393                                         $class .= "Grayed";
1394                                         $this_row_id = "";
1395                                 } else {
1396                                         $this_row_id = "id=\"FEEDR-$feed_id\"";
1397                                 }
1398
1399                                 print "<tr class=\"$class\" $this_row_id>";
1400
1401                                 $icon_file = ICONS_DIR . "/$feed_id.ico";
1402
1403                                 if (file_exists($icon_file) && filesize($icon_file) > 0) {
1404                                                 $feed_icon = "<img width=\"16\" height=\"16\"
1405                                                         src=\"" . ICONS_URL . "/$feed_id.ico\">";
1406                                 } else {
1407                                         $feed_icon = "&nbsp;";
1408                                 }
1409                                 print "<td align='center'>$feed_icon</td>";
1410
1411                                 $edit_title = htmlspecialchars(db_unescape_string($line["title"]));
1412                                 $edit_link = htmlspecialchars(db_unescape_string($line["feed_url"]));
1413                                 $edit_cat = htmlspecialchars(db_unescape_string($line["category"]));
1414
1415                                 if (!$edit_cat) $edit_cat = "Uncategorized";
1416
1417                                 if (!$edit_feed_id || $subop != "edit") {
1418
1419                                         print "<td><input onclick='toggleSelectRow(this);'
1420                                         type=\"checkbox\" id=\"FRCHK-".$line["id"]."\"></td>";
1421
1422                                         $edit_title = truncate_string($edit_title, 40);
1423                                         $edit_link = truncate_string($edit_link, 60);
1424
1425                                         print "<td><a href=\"javascript:editFeed($feed_id);\">" .
1426                                                 $edit_title . "</a></td>";
1427
1428                                         print "<td><a href=\"javascript:editFeed($feed_id);\">" .
1429                                                 $edit_link . "</a></td>";
1430
1431                                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
1432                                                 print "<td><a href=\"javascript:editFeed($feed_id);\">" .
1433                                                         $edit_cat . "</a></td>";
1434                                         }
1435
1436                                         if ($line["update_interval"] == "0")
1437                                                 $line["update_interval"] = "Default";
1438
1439                                         print "<td><a href=\"javascript:editFeed($feed_id);\">" .
1440                                                 $line["update_interval"] . "</a></td>";
1441
1442                                         if ($line["purge_interval"] == "0")
1443                                                 $line["purge_interval"] = "Default";
1444
1445                                         if ($line["purge_interval"] < 0)
1446                                                 $line["purge_interval"] = "Disabled";
1447
1448                                         print "<td><a href=\"javascript:editFeed($feed_id);\">" .
1449                                                 $line["purge_interval"] . "</a></td>";
1450
1451                                 } else if ($feed_id != $edit_feed_id) {
1452
1453                                         print "<td><input disabled=\"true\" type=\"checkbox\"
1454                                                 id=\"FRCHK-".$line["id"]."\"></td>";
1455
1456                                         $edit_title = truncate_string($edit_title, 40);
1457                                         $edit_link = truncate_string($edit_link, 60);
1458
1459                                         print "<td>$edit_title</td>";
1460                                         print "<td>$edit_link</td>";
1461
1462                                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
1463                                                 print "<td>$edit_cat</td>";
1464                                         }
1465
1466                                         if ($line["update_interval"] == "0")
1467                                                 $line["update_interval"] = "Default";
1468
1469                                         print "<td>" . $line["update_interval"] . "</td>";
1470
1471                                         if ($line["purge_interval"] == "0")
1472                                                 $line["purge_interval"] = "Default";
1473
1474                                         if ($line["purge_interval"] < 0)
1475                                                 $line["purge_interval"] = "Disabled";
1476
1477                                         print "<td>" . $line["purge_interval"] . "</td>";
1478
1479                                 } else {
1480
1481                                         print "<td><input disabled=\"true\" type=\"checkbox\" checked></td>";
1482
1483                                         print "<td><input id=\"iedit_title\" value=\"$edit_title\"></td>";
1484                                         print "<td><input id=\"iedit_link\" value=\"$edit_link\"></td>";
1485
1486                                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
1487
1488                                                 print "<td>";
1489                                                 print "<select id=\"iedit_fcat\">";
1490                                                 print "<option id=\"0\">Uncategorized</option>";
1491
1492                                                 $tmp_result = db_query($link, "SELECT id,title FROM ttrss_feed_categories
1493                                                         WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY title");
1494
1495                                                 if (db_num_rows($tmp_result) > 0) {
1496                                                         print "<option disabled>--------</option>";
1497                                                 }
1498
1499                                                 while ($tmp_line = db_fetch_assoc($tmp_result)) {
1500                                                         if ($tmp_line["id"] == $line["cat_id"]) {
1501                                                                 $is_selected = "selected";
1502                                                         } else {
1503                                                                 $is_selected = "";
1504                                                         }
1505                                                         printf("<option $is_selected id='%d'>%s</option>",
1506                                                                 $tmp_line["id"], $tmp_line["title"]);
1507                                                 }
1508
1509                                                 print "</select></td>";
1510                                                 print "</td>";
1511
1512                                         }
1513
1514                                         print "<td><input id=\"iedit_updintl\"
1515                                                 value=\"".$line["update_interval"]."\"></td>";
1516                                         print "<td><input id=\"iedit_purgintl\"
1517                                                 value=\"".$line["purge_interval"]."\"></td>";
1518
1519                                 }
1520
1521 /*                              if (!$line["last_updated"]) $line["last_updated"] = "Never";
1522
1523                                 print "<td>" . $line["last_updated"] . "</td>"; */
1524
1525                                 print "</tr>";
1526
1527                                 ++$lnum;
1528                         }
1529
1530                         print "</table>";
1531
1532                         print "<p>";
1533
1534                         if ($subop == "edit") {
1535                                 print "Edit feed:&nbsp;
1536                                         <input type=\"submit\" class=\"button\"
1537                                                 onclick=\"javascript:feedEditCancel()\" value=\"Cancel\">
1538                                         <input type=\"submit\" class=\"button\"
1539                                                 onclick=\"javascript:feedEditSave()\" value=\"Save\">";
1540                         } else {
1541
1542                                 print "
1543                                         Selection:&nbsp;
1544                                 <input type=\"submit\" class=\"button\"
1545                                         onclick=\"javascript:selectedFeedDetails()\" value=\"Details\">
1546                                 <input type=\"submit\" class=\"button\"
1547                                         onclick=\"javascript:editSelectedFeed()\" value=\"Edit\">
1548                                 <input type=\"submit\" class=\"button\"
1549                                         onclick=\"javascript:removeSelectedFeeds()\" value=\"Remove\">";
1550
1551                                 if (get_pref($link, 'ENABLE_PREFS_CATCHUP_UNCATCHUP')) {
1552                                         print "
1553                                         <input type=\"submit\" class=\"button\"
1554                                                 onclick=\"javascript:readSelectedFeeds(true)\" value=\"Mark as read\">
1555                                         <input type=\"submit\" class=\"button\"
1556                                                 onclick=\"javascript:readSelectedFeeds(false)\"
1557                                                 value=\"Mark as unread\">&nbsp;";
1558                                 }
1559
1560                                 print "
1561                                         All feeds: <input type=\"submit\"
1562                                                         class=\"button\" onclick=\"gotoExportOpml()\"
1563                                                         value=\"Export OPML\">";
1564                                 }
1565                 } else {
1566
1567                         print "<p>No feeds defined.</p>";
1568
1569                 }
1570
1571                 if (get_pref($link, 'ENABLE_FEED_CATS')) {
1572
1573                         print "<h3>Edit Categories</h3>";
1574
1575         //              print "<h3>Categories</h3>";
1576
1577                         print "<div class=\"prefGenericAddBox\">
1578                                 <input id=\"fadd_cat\" size=\"40\">&nbsp;<input
1579                                         type=\"submit\" class=\"button\"
1580                                         onclick=\"javascript:addFeedCat()\" value=\"Add category\"></div>";
1581
1582                         $result = db_query($link, "SELECT title,id FROM ttrss_feed_categories
1583                                 WHERE owner_uid = ".$_SESSION["uid"]."
1584                                 ORDER BY title");
1585
1586                         if (db_num_rows($result) != 0) {
1587
1588                                 print "<p><table width=\"100%\" class=\"prefFeedCatList\"
1589                                         cellspacing=\"0\" id=\"prefFeedCatList\">";
1590
1591                                 print "<tr><td class=\"selectPrompt\" colspan=\"8\">
1592                                 Select:
1593                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFeedCatList',
1594                                                 'FCATR-', 'FCCHK-', true)\">All</a>,
1595                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFeedCatList',
1596                                                 'FCATR-', 'FCCHK-', false)\">None</a>
1597                                 </td</tr>";
1598
1599                                 print "<tr class=\"title\">
1600                                                         <td width=\"10%\">Select</td><td width=\"80%\">Title</td>
1601                                                 </tr>";
1602
1603                                 $lnum = 0;
1604
1605                                 while ($line = db_fetch_assoc($result)) {
1606
1607                                         $class = ($lnum % 2) ? "even" : "odd";
1608
1609                                         $cat_id = $line["id"];
1610
1611                                         $edit_cat_id = $_GET["id"];
1612
1613                                         if ($subop == "editCat" && $cat_id != $edit_cat_id) {
1614                                                 $class .= "Grayed";
1615                                                 $this_row_id = "";
1616                                         } else {
1617                                                 $this_row_id = "id=\"FCATR-$cat_id\"";
1618                                         }
1619
1620                                         print "<tr class=\"$class\" $this_row_id>";
1621
1622                                         $edit_title = htmlspecialchars(db_unescape_string($line["title"]));
1623
1624                                         if (!$edit_cat_id || $subop != "editCat") {
1625
1626                                                 print "<td><input onclick='toggleSelectRow(this);'
1627                                                 type=\"checkbox\" id=\"FCCHK-".$line["id"]."\"></td>";
1628
1629                                                 print "<td><a href=\"javascript:editFeedCat($cat_id);\">" .
1630                                                         $edit_title . "</a></td>";
1631
1632                                         } else if ($cat_id != $edit_cat_id) {
1633
1634                                                 print "<td><input disabled=\"true\" type=\"checkbox\"
1635                                                         id=\"FRCHK-".$line["id"]."\"></td>";
1636
1637                                                 print "<td>$edit_title</td>";
1638
1639                                         } else {
1640
1641                                                 print "<td><input disabled=\"true\" type=\"checkbox\" checked></td>";
1642
1643                                                 print "<td><input id=\"iedit_title\" value=\"$edit_title\"></td>";
1644
1645                                         }
1646
1647                                         print "</tr>";
1648
1649                                         ++$lnum;
1650                                 }
1651
1652                                 print "</table>";
1653
1654                                 print "<p>";
1655
1656                                 if ($subop == "editCat") {
1657                                         print "Edit category:&nbsp;
1658                                                 <input type=\"submit\" class=\"button\"
1659                                                         onclick=\"javascript:feedCatEditCancel()\" value=\"Cancel\">
1660                                                 <input type=\"submit\" class=\"button\"
1661                                                         onclick=\"javascript:feedCatEditSave()\" value=\"Save\">";
1662                                         } else {
1663
1664                                         print "
1665                                                 Selection:&nbsp;
1666                                         <input type=\"submit\" class=\"button\"
1667                                                 onclick=\"javascript:editSelectedFeedCat()\" value=\"Edit\">
1668                                         <input type=\"submit\" class=\"button\"
1669                                                 onclick=\"javascript:removeSelectedFeedCats()\" value=\"Remove\">";
1670
1671                                 }
1672
1673                         } else {
1674                                 print "<p>No feed categories defined.</p>";
1675                         }
1676                 }
1677
1678                 print "<h3>Import OPML</h3>
1679                 <form   enctype=\"multipart/form-data\" method=\"POST\" action=\"opml.php\">
1680                         File: <input id=\"opml_file\" name=\"opml_file\" type=\"file\">&nbsp;
1681                         <input class=\"button\" name=\"op\" onclick=\"return validateOpmlImport();\"
1682                                 type=\"submit\" value=\"Import\">
1683                         </form>";
1684
1685         }
1686
1687         if ($op == "pref-filters") {
1688
1689                 $subop = $_GET["subop"];
1690
1691                 if ($subop == "editSave") {
1692
1693                         $regexp = db_escape_string($_GET["r"]);
1694                         $descr = db_escape_string($_GET["d"]);
1695                         $match = db_escape_string($_GET["m"]);
1696                         $filter_id = db_escape_string($_GET["id"]);
1697                         $feed_id = db_escape_string($_GET["fid"]);
1698
1699                         if (!$feed_id) {
1700                                 $feed_id = 'NULL';
1701                         } else {
1702                                 $feed_id = sprintf("'%s'", db_escape_string($feed_id));
1703                         }
1704
1705                         $result = db_query($link, "UPDATE ttrss_filters SET
1706                                 reg_exp = '$regexp',
1707                                 description = '$descr',
1708                                 feed_id = $feed_id,
1709                                 filter_type = (SELECT id FROM ttrss_filter_types WHERE
1710                                         description = '$match')
1711                                 WHERE id = '$filter_id'");
1712                 }
1713
1714                 if ($subop == "remove") {
1715
1716                         if (!WEB_DEMO_MODE) {
1717
1718                                 $ids = split(",", $_GET["ids"]);
1719
1720                                 foreach ($ids as $id) {
1721                                         db_query($link, "DELETE FROM ttrss_filters WHERE id = '$id'");
1722
1723                                 }
1724                         }
1725                 }
1726
1727                 if ($subop == "add") {
1728
1729                         if (!WEB_DEMO_MODE) {
1730
1731                                 $regexp = db_escape_string(trim($_GET["regexp"]));
1732                                 $match = db_escape_string(trim($_GET["match"]));
1733                                 $feed_id = db_escape_string($_GET["fid"]);
1734
1735                                 if (!$feed_id) {
1736                                         $feed_id = 'NULL';
1737                                 } else {
1738                                         $feed_id = sprintf("'%s'", db_escape_string($feed_id));
1739                                 }
1740
1741                                 $result = db_query($link,
1742                                         "INSERT INTO ttrss_filters (reg_exp,filter_type,owner_uid,feed_id) VALUES
1743                                                 ('$regexp', (SELECT id FROM ttrss_filter_types WHERE
1744                                                         description = '$match'),'".$_SESSION["uid"]."', $feed_id)");
1745                         }
1746                 }
1747
1748                 $result = db_query($link, "SELECT description
1749                         FROM ttrss_filter_types ORDER BY description");
1750
1751                 $filter_types = array();
1752
1753                 while ($line = db_fetch_assoc($result)) {
1754                         array_push($filter_types, $line["description"]);
1755                 }
1756
1757                 print "<div class=\"prefGenericAddBox\">
1758                 <input id=\"fadd_regexp\" size=\"40\">&nbsp;";
1759
1760                 print_select("fadd_match", "Title", $filter_types);
1761
1762                 print "&nbsp;<select id=\"fadd_feed\">";
1763
1764                 print "<option selected id=\"0\">All feeds</option>";
1765
1766                 $result = db_query($link, "SELECT id,title FROM ttrss_feeds
1767                         WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY title");
1768
1769                 if (db_num_rows($result) > 0) {
1770                         print "<option disabled>--------</option>";
1771                 }
1772
1773                 while ($line = db_fetch_assoc($result)) {
1774                         printf("<option id='%d'>%s</option>", $line["id"], $line["title"]);
1775                 }
1776
1777                 print "</select>&nbsp;";
1778
1779                 print "<input type=\"submit\"
1780                         class=\"button\" onclick=\"javascript:addFilter()\"
1781                         value=\"Add filter\">";
1782
1783                 $result = db_query($link, "SELECT
1784                                 ttrss_filters.id AS id,reg_exp,
1785                                 ttrss_filters.description AS description,
1786                                 ttrss_filter_types.name AS filter_type_name,
1787                                 ttrss_filter_types.description AS filter_type_descr,
1788                                 feed_id,
1789                                 (SELECT title FROM ttrss_feeds WHERE id = feed_id) AS feed_title
1790                         FROM
1791                                 ttrss_filters,ttrss_filter_types
1792                         WHERE
1793                                 filter_type = ttrss_filter_types.id AND
1794                                 ttrss_filters.owner_uid = ".$_SESSION["uid"]."
1795                         ORDER by reg_exp");
1796
1797                 if (db_num_rows($result) != 0) {
1798
1799                         print "<p><table width=\"100%\" cellspacing=\"0\" class=\"prefFilterList\"
1800                                 id=\"prefFilterList\">";
1801
1802                         print "<tr><td class=\"selectPrompt\" colspan=\"8\">
1803                                 Select:
1804                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFilterList',
1805                                                 'FILRR-', 'FICHK-', true)\">All</a>,
1806                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFilterList',
1807                                                 'FILRR-', 'FICHK-', false)\">None</a>
1808                                 </td</tr>";
1809
1810                         print "<tr class=\"title\">
1811                                                 <td width=\"5%\">Select</td><td width=\"30%\">Filter expression</td>
1812                                                 <td width=\"30%\">Feed</td><td width=\"10%\">Match</td>
1813                                                 <td width=\"30%\">Description</td></tr>";
1814
1815                         $lnum = 0;
1816
1817                         while ($line = db_fetch_assoc($result)) {
1818
1819                                 $class = ($lnum % 2) ? "even" : "odd";
1820
1821                                 $filter_id = $line["id"];
1822                                 $edit_filter_id = $_GET["id"];
1823
1824                                 if ($subop == "edit" && $filter_id != $edit_filter_id) {
1825                                         $class .= "Grayed";
1826                                         $this_row_id = "";
1827                                 } else {
1828                                         $this_row_id = "id=\"FILRR-$filter_id\"";
1829                                 }
1830
1831                                 print "<tr class=\"$class\" $this_row_id>";
1832
1833                                 $line["regexp"] = htmlspecialchars($line["reg_exp"]);
1834                                 $line["description"] = htmlspecialchars($line["description"]);
1835
1836                                 if (!$line["feed_title"]) $line["feed_title"] = "All feeds";
1837
1838                                 if (!$edit_filter_id || $subop != "edit") {
1839
1840                                         if (!$line["description"]) $line["description"] = "[No description]";
1841
1842                                         print "<td><input onclick='toggleSelectRow(this);'
1843                                         type=\"checkbox\" id=\"FICHK-".$line["id"]."\"></td>";
1844
1845                                         print "<td><a href=\"javascript:editFilter($filter_id);\">" .
1846                                                 $line["reg_exp"] . "</td>";
1847
1848                                         print "<td><a href=\"javascript:editFilter($filter_id);\">" .
1849                                                 $line["feed_title"] . "</td>";
1850
1851                                         print "<td><a href=\"javascript:editFilter($filter_id);\">" .
1852                                                 $line["filter_type_descr"] . "</td>";
1853
1854                                         print "<td><a href=\"javascript:editFilter($filter_id);\">" .
1855                                                 $line["description"] . "</td>";
1856
1857                                 } else if ($filter_id != $edit_filter_id) {
1858
1859                                         if (!$line["description"]) $line["description"] = "[No description]";
1860
1861                                         print "<td><input disabled=\"true\" type=\"checkbox\"
1862                                                 id=\"FICHK-".$line["id"]."\"></td>";
1863
1864                                         print "<td>".$line["reg_exp"]."</td>";
1865                                         print "<td>".$line["feed_title"]."</td>";
1866                                         print "<td>".$line["filter_type_descr"]."</td>";
1867                                         print "<td>".$line["description"]."</td>";
1868
1869                                 } else {
1870
1871                                         print "<td><input disabled=\"true\" type=\"checkbox\" checked></td>";
1872
1873                                         print "<td><input id=\"iedit_regexp\" value=\"".$line["reg_exp"].
1874                                                 "\"></td>";
1875
1876                                         print "<td>";
1877
1878                                         print "<select id=\"iedit_feed\">";
1879
1880                                         print "<option id=\"0\">All feeds</option>";
1881
1882                                         if (db_num_rows($result) > 0) {
1883                                                 print "<option disabled>--------</option>";
1884                                         }
1885
1886                                         $tmp_result = db_query($link, "SELECT id,title FROM ttrss_feeds
1887                                                 WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY title");
1888
1889                                         while ($tmp_line = db_fetch_assoc($tmp_result)) {
1890                                                 if ($tmp_line["id"] == $line["feed_id"]) {
1891                                                         $is_selected = "selected";
1892                                                 } else {
1893                                                         $is_selected = "";
1894                                                 }
1895                                                 printf("<option $is_selected id='%d'>%s</option>",
1896                                                         $tmp_line["id"], $tmp_line["title"]);
1897                                         }
1898
1899                                         print "</select></td>";
1900
1901                                         print "<td>";
1902                                         print_select("iedit_match", $line["filter_type_descr"], $filter_types);
1903                                         print "</td>";
1904
1905                                         print "<td><input id=\"iedit_descr\" value=\"".$line["description"].
1906                                                 "\"></td>";
1907
1908                                         print "</td>";
1909                                 }
1910
1911                                 print "</tr>";
1912
1913                                 ++$lnum;
1914                         }
1915
1916                         if ($lnum == 0) {
1917                                 print "<tr><td colspan=\"4\" align=\"center\">No filters defined.</td></tr>";
1918                         }
1919
1920                         print "</table>";
1921
1922                         print "<p>";
1923
1924                         if ($subop == "edit") {
1925                                 print "Edit feed:
1926                                         <input type=\"submit\" class=\"button\"
1927                                                 onclick=\"javascript:filterEditCancel()\" value=\"Cancel\">
1928                                         <input type=\"submit\" class=\"button\"
1929                                                 onclick=\"javascript:filterEditSave()\" value=\"Save\">";
1930
1931                         } else {
1932
1933                                 print "
1934                                         Selection:
1935                                 <input type=\"submit\" class=\"button\"
1936                                         onclick=\"javascript:editSelectedFilter()\" value=\"Edit\">
1937                                 <input type=\"submit\" class=\"button\"
1938                                         onclick=\"javascript:removeSelectedFilters()\" value=\"Remove\">";
1939                         }
1940
1941                 } else {
1942
1943                         print "<p>No filters defined.</p>";
1944
1945                 }
1946         }
1947
1948         if ($op == "pref-labels") {
1949
1950                 $subop = $_GET["subop"];
1951
1952                 if ($subop == "test") {
1953
1954                         $expr = $_GET["expr"];
1955                         $descr = $_GET["descr"];
1956
1957                         print "<div class='infoBoxContents'>";
1958
1959                         print "<h1>Label &laquo;$descr&raquo;</h1>";
1960
1961 //                      print "<p><b>Expression</b>: $expr</p>";
1962
1963                         $result = db_query($link,
1964                                 "SELECT count(id) AS num_matches
1965                                         FROM ttrss_entries,ttrss_user_entries
1966                                         WHERE ($expr) AND
1967                                                 ttrss_user_entries.ref_id = ttrss_entries.id AND
1968                                                 owner_uid = " . $_SESSION["uid"]);
1969
1970                         $num_matches = db_fetch_result($result, 0, "num_matches");;
1971
1972                         if ($num_matches > 0) {
1973
1974                                 print "<p>Query returned <b>$num_matches</b> matches, first 5 follow:</p>";
1975
1976                                 $result = db_query($link,
1977                                         "SELECT title,
1978                                                 (SELECT title FROM ttrss_feeds WHERE id = feed_id) AS feed_title
1979                                         FROM ttrss_entries,ttrss_user_entries
1980                                                         WHERE ($expr) AND
1981                                                         ttrss_user_entries.ref_id = ttrss_entries.id
1982                                                         AND owner_uid = " . $_SESSION["uid"] . "
1983                                                         ORDER BY date_entered DESC LIMIT 5");
1984
1985                                 print "<ul class=\"nomarks\">";
1986                                 while ($line = db_fetch_assoc($result)) {
1987                                         print "<li>".$line["title"].
1988                                                 " <span class=\"insensitive\">(".$line["feed_title"].")</span></li>";
1989                                 }
1990                                 print "</ul>";
1991
1992                         } else {
1993                                 print "<p>Query didn't return any matches.</p>";
1994                         }
1995
1996                         print "</div>";
1997
1998                         print "<div align='center'>
1999                                 <input type='submit' class='button'
2000                                 onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
2001                         return;
2002                 }
2003
2004                 if ($subop == "editSave") {
2005
2006                         $sql_exp = $_GET["s"];
2007                         $descr = $_GET["d"];
2008                         $label_id = db_escape_string($_GET["id"]);
2009
2010 //                      print "$sql_exp : $descr : $label_id";
2011
2012                         $result = db_query($link, "UPDATE ttrss_labels SET
2013                                 sql_exp = '$sql_exp',
2014                                 description = '$descr'
2015                                 WHERE id = '$label_id'");
2016                 }
2017
2018                 if ($subop == "remove") {
2019
2020                         if (!WEB_DEMO_MODE) {
2021
2022                                 $ids = split(",", $_GET["ids"]);
2023
2024                                 foreach ($ids as $id) {
2025                                         db_query($link, "DELETE FROM ttrss_labels WHERE id = '$id'");
2026
2027                                 }
2028                         }
2029                 }
2030
2031                 if ($subop == "add") {
2032
2033                         if (!WEB_DEMO_MODE) {
2034
2035                                 // no escaping is done here on purpose
2036                                 $exp = trim($_GET["exp"]);
2037
2038                                 $result = db_query($link,
2039                                         "INSERT INTO ttrss_labels (sql_exp,description,owner_uid)
2040                                                 VALUES ('$exp', '$exp', '".$_SESSION["uid"]."')");
2041                         }
2042                 }
2043
2044                 print "<div class=\"prefGenericAddBox\">
2045                         <input size=\"40\" id=\"ladd_expr\">&nbsp;";
2046
2047                 print"<input type=\"submit\" class=\"button\"
2048                         onclick=\"javascript:addLabel()\" value=\"Add label\"></div>";
2049
2050                 $result = db_query($link, "SELECT
2051                                 id,sql_exp,description
2052                         FROM
2053                                 ttrss_labels
2054                         WHERE
2055                                 owner_uid = ".$_SESSION["uid"]."
2056                         ORDER by description");
2057
2058                 print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
2059
2060                 if (db_num_rows($result) != 0) {
2061
2062                         print "<p><table width=\"100%\" cellspacing=\"0\"
2063                                 class=\"prefLabelList\" id=\"prefLabelList\">";
2064
2065                         print "<tr><td class=\"selectPrompt\" colspan=\"8\">
2066                                 Select:
2067                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefLabelList',
2068                                                 'LILRR-', 'LICHK-', true)\">All</a>,
2069                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefLabelList',
2070                                                 'LILRR-', 'LICHK-', false)\">None</a>
2071                                 </td</tr>";
2072
2073                         print "<tr class=\"title\">
2074                                                 <td width=\"5%\">Select</td><td width=\"40%\">SQL expression
2075                                                 <a class=\"helpLink\" href=\"javascript:displayHelpInfobox(1)\">(?)</a>
2076                                                 </td>
2077                                                 <td width=\"40%\">Caption</td></tr>";
2078
2079                         $lnum = 0;
2080
2081                         while ($line = db_fetch_assoc($result)) {
2082
2083                                 $class = ($lnum % 2) ? "even" : "odd";
2084
2085                                 $label_id = $line["id"];
2086                                 $edit_label_id = $_GET["id"];
2087
2088                                 if ($subop == "edit" && $label_id != $edit_label_id) {
2089                                         $class .= "Grayed";
2090                                         $this_row_id = "";
2091                                 } else {
2092                                         $this_row_id = "id=\"LILRR-$label_id\"";
2093                                 }
2094
2095                                 print "<tr class=\"$class\" $this_row_id>";
2096
2097                                 $line["sql_exp"] = htmlspecialchars($line["sql_exp"]);
2098                                 $line["description"] = htmlspecialchars($line["description"]);
2099
2100                                 if (!$edit_label_id || $subop != "edit") {
2101
2102                                         if (!$line["description"]) $line["description"] = "[No caption]";
2103
2104                                         print "<td><input onclick='toggleSelectRow(this);'
2105                                         type=\"checkbox\" id=\"LICHK-".$line["id"]."\"></td>";
2106
2107                                         print "<td><a href=\"javascript:editLabel($label_id);\">" .
2108                                                 $line["sql_exp"] . "</td>";
2109
2110                                         print "<td><a href=\"javascript:editLabel($label_id);\">" .
2111                                                 $line["description"] . "</td>";
2112
2113                                 } else if ($label_id != $edit_label_id) {
2114
2115                                         if (!$line["description"]) $line["description"] = "[No description]";
2116
2117                                         print "<td><input disabled=\"true\" type=\"checkbox\"
2118                                                 id=\"LICHK-".$line["id"]."\"></td>";
2119
2120                                         print "<td>".$line["sql_exp"]."</td>";
2121                                         print "<td>".$line["description"]."</td>";
2122
2123                                 } else {
2124
2125                                         print "<td><input disabled=\"true\" type=\"checkbox\" checked></td>";
2126
2127                                         print "<td><input id=\"iedit_expr\" value=\"".$line["sql_exp"].
2128                                                 "\"></td>";
2129
2130                                         print "<td><input id=\"iedit_descr\" value=\"".$line["description"].
2131                                                 "\"></td>";
2132
2133                                 }
2134
2135
2136                                 print "</tr>";
2137
2138                                 ++$lnum;
2139                         }
2140
2141                         if ($lnum == 0) {
2142                                 print "<tr><td colspan=\"4\" align=\"center\">No labels defined.</td></tr>";
2143                         }
2144
2145                         print "</table>";
2146
2147                         print "<p>";
2148
2149                         if ($subop == "edit") {
2150                                 print "Edit label:
2151                                         <input type=\"submit\" class=\"button\"
2152                                                 onclick=\"javascript:labelTest()\" value=\"Test\">
2153                                         <input type=\"submit\" class=\"button\"
2154                                                 onclick=\"javascript:labelEditCancel()\" value=\"Cancel\">
2155                                         <input type=\"submit\" class=\"button\"
2156                                                 onclick=\"javascript:labelEditSave()\" value=\"Save\">";
2157
2158                         } else {
2159
2160                                 print "
2161                                         Selection:
2162                                 <input type=\"submit\" class=\"button\"
2163                                         onclick=\"javascript:editSelectedLabel()\" value=\"Edit\">
2164                                 <input type=\"submit\" class=\"button\"
2165                                         onclick=\"javascript:removeSelectedLabels()\" value=\"Remove\">";
2166                         }
2167                 } else {
2168                         print "<p>No labels defined.</p>";
2169                 }
2170         }
2171
2172         if ($op == "error") {
2173                 print "<div width=\"100%\" align='center'>";
2174                 $msg = $_GET["msg"];
2175                 print $msg;
2176                 print "</div>";
2177         }
2178
2179         if ($op == "help") {
2180                 if (!$_GET["noheaders"]) {
2181                         print "<html><head>
2182                                 <title>Tiny Tiny RSS : Help</title>
2183                                 <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">
2184                                 <script type=\"text/javascript\" src=\"functions.js\"></script>
2185                                 <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
2186                                 </head><body>";
2187                 }
2188
2189                 $tid = sprintf("%d", $_GET["tid"]);
2190
2191                 print "<div class='infoBoxContents'>";
2192
2193                 if (file_exists("help/$tid.php")) {
2194                         include("help/$tid.php");
2195                 } else {
2196                         print "<p>Help topic not found.</p>";
2197                 }
2198
2199                 print "</div>";
2200
2201                 print "<div align='center'>
2202                         <input type='submit' class='button'
2203                         onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
2204
2205                 if (!$_GET["noheaders"]) {
2206                         print "</body></html>";
2207                 }
2208
2209         }
2210
2211         if ($op == "dlg") {
2212                 $id = $_GET["id"];
2213                 $param = $_GET["param"];
2214
2215                 if ($id == "quickAddFeed") {
2216                         print "
2217                         Feed URL: <input
2218                         onblur=\"javascript:enableHotkeys()\" onfocus=\"javascript:disableHotkeys()\"
2219                         id=\"qafInput\">
2220                         <input class=\"button\"
2221                                 type=\"submit\" onclick=\"javascript:qafAdd()\" value=\"Add feed\">
2222                         <input class=\"button\"
2223                                 type=\"submit\" onclick=\"javascript:closeDlg()\"
2224                                 value=\"Cancel\">";
2225                 }
2226
2227                 if ($id == "quickDelFeed") {
2228
2229                         $param = db_escape_string($param);
2230
2231                         $result = db_query($link, "SELECT title FROM ttrss_feeds WHERE id = '$param'");
2232
2233                         if ($result) {
2234
2235                                 $f_title = db_fetch_result($result, 0, "title");
2236
2237                                 print "Remove current feed (<b>$f_title</b>)?&nbsp;
2238                                 <input class=\"button\"
2239                                         type=\"submit\" onclick=\"javascript:qfdDelete($param)\" value=\"Remove\">
2240                                 <input class=\"button\"
2241                                         type=\"submit\" onclick=\"javascript:closeDlg()\"
2242                                         value=\"Cancel\">";
2243                         } else {
2244                                 print "Error: Feed $param not found.&nbsp;
2245                                 <input class=\"button\"
2246                                         type=\"submit\" onclick=\"javascript:closeDlg()\"
2247                                         value=\"Cancel\">";
2248                         }
2249                 }
2250
2251                 if ($id == "search") {
2252
2253                         print "<input id=\"searchbox\" class=\"extSearch\"
2254                         onblur=\"javascript:enableHotkeys()\" onfocus=\"javascript:disableHotkeys()\"
2255                         onchange=\"javascript:search()\">
2256                         <select id=\"searchmodebox\">
2257                                 <option selected>All feeds</option>
2258                                 <option>This feed</option>
2259                         </select>
2260                         <input type=\"submit\"
2261                                 class=\"button\" onclick=\"javascript:search()\" value=\"Search\">
2262                         <input class=\"button\"
2263                                 type=\"submit\" onclick=\"javascript:closeDlg()\"
2264                                 value=\"Close\">";
2265
2266                 }
2267
2268         }
2269
2270         // update feeds of all users, may be used anonymously
2271         if ($op == "globalUpdateFeeds") {
2272
2273                 $result = db_query($link, "SELECT id FROM ttrss_users");
2274
2275                 while ($line = db_fetch_assoc($result)) {
2276                         $user_id = $line["id"];
2277 //                      print "<!-- updating feeds of uid $user_id -->";
2278                         update_all_feeds($link, false, $user_id);
2279                 }
2280
2281                 print "<rpc-reply>
2282                         <message msg=\"All feeds updated\"/>
2283                 </rpc-reply>";
2284
2285         }
2286
2287         if ($op == "pref-prefs") {
2288
2289                 $subop = $_REQUEST["subop"];
2290
2291                 if ($subop == "Save configuration") {
2292
2293                         if (WEB_DEMO_MODE) {
2294                                 header("Location: prefs.php");
2295                                 return;
2296                         }
2297
2298                         $_SESSION["prefs_op_result"] = "save-config";
2299
2300                         foreach (array_keys($_POST) as $pref_name) {
2301
2302                                 $pref_name = db_escape_string($pref_name);
2303                                 $value = db_escape_string($_POST[$pref_name]);
2304
2305                                 $result = db_query($link, "SELECT type_name
2306                                         FROM ttrss_prefs,ttrss_prefs_types
2307                                         WHERE pref_name = '$pref_name' AND type_id = ttrss_prefs_types.id");
2308
2309                                 if (db_num_rows($result) > 0) {
2310
2311                                         $type_name = db_fetch_result($result, 0, "type_name");
2312
2313 //                                      print "$pref_name : $type_name : $value<br>";
2314
2315                                         if ($type_name == "bool") {
2316                                                 if ($value == "1") {
2317                                                         $value = "true";
2318                                                 } else {
2319                                                         $value = "false";
2320                                                 }
2321                                         } else if ($type_name == "integer") {
2322                                                 $value = sprintf("%d", $value);
2323                                         }
2324
2325 //                                      print "$pref_name : $type_name : $value<br>";
2326
2327                                         db_query($link, "UPDATE ttrss_user_prefs SET value = '$value'
2328                                                 WHERE pref_name = '$pref_name' AND owner_uid = ".$_SESSION["uid"]);
2329
2330                                 }
2331
2332                                 header("Location: prefs.php");
2333
2334                         }
2335
2336                 } else if ($subop == "getHelp") {
2337
2338                         $pref_name = db_escape_string($_GET["pn"]);
2339
2340                         $result = db_query($link, "SELECT help_text FROM ttrss_prefs
2341                                 WHERE pref_name = '$pref_name'");
2342
2343                         if (db_num_rows($result) > 0) {
2344                                 $help_text = db_fetch_result($result, 0, "help_text");
2345                                 print $help_text;
2346                         } else {
2347                                 print "Unknown option: $pref_name";
2348                         }
2349
2350                 } else if ($subop == "Change password") {
2351
2352                         if (WEB_DEMO_MODE) {
2353                                 header("Location: prefs.php");
2354                                 return;
2355                         }
2356
2357                         $old_pw = $_POST["OLD_PASSWORD"];
2358                         $new_pw = $_POST["OLD_PASSWORD"];
2359
2360                         $old_pw_hash = 'SHA1:' . sha1($_POST["OLD_PASSWORD"]);
2361                         $new_pw_hash = 'SHA1:' . sha1($_POST["NEW_PASSWORD"]);
2362
2363                         $active_uid = $_SESSION["uid"];
2364
2365                         if ($old_pw && $new_pw) {
2366
2367                                 $login = db_escape_string($_SERVER['PHP_AUTH_USER']);
2368
2369                                 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
2370                                         id = '$active_uid' AND (pwd_hash = '$old_pw' OR
2371                                                 pwd_hash = '$old_pw_hash')");
2372
2373                                 if (db_num_rows($result) == 1) {
2374                                         db_query($link, "UPDATE ttrss_users SET pwd_hash = '$new_pw_hash'
2375                                                 WHERE id = '$active_uid'");
2376
2377                                         $_SESSION["pwd_change_result"] = "ok";
2378                                 } else {
2379                                         $_SESSION["pwd_change_result"] = "failed";
2380                                 }
2381                         }
2382
2383                         header("Location: prefs.php");
2384
2385                 } else if ($subop == "Reset to defaults") {
2386
2387                         if (WEB_DEMO_MODE) {
2388                                 header("Location: prefs.php");
2389                                 return;
2390                         }
2391
2392                         $_SESSION["prefs_op_result"] = "reset-to-defaults";
2393
2394                         if (DB_TYPE == "pgsql") {
2395                                 db_query($link,"UPDATE ttrss_user_prefs
2396                                         SET value = ttrss_prefs.def_value
2397                                         WHERE owner_uid = '".$_SESSION["uid"]."' AND
2398                                         ttrss_prefs.pref_name = ttrss_user_prefs.pref_name");
2399                         } else {
2400                                 db_query($link, "DELETE FROM ttrss_user_prefs
2401                                         WHERE owner_uid = ".$_SESSION["uid"]);
2402                                 initialize_user_prefs($link, $_SESSION["uid"]);
2403                         }
2404
2405                         header("Location: prefs.php");
2406
2407                 } else if ($subop == "Change theme") {
2408
2409                         $theme = db_escape_string($_POST["theme"]);
2410
2411                         if ($theme == "Default") {
2412                                 $theme_qpart = 'NULL';
2413                         } else {
2414                                 $theme_qpart = "'$theme'";
2415                         }
2416
2417                         $result = db_query($link, "SELECT id,theme_path FROM ttrss_themes
2418                                 WHERE theme_name = '$theme'");
2419
2420                         if (db_num_rows($result) == 1) {
2421                                 $theme_id = db_fetch_result($result, 0, "id");
2422                                 $theme_path = db_fetch_result($result, 0, "theme_path");
2423                         } else {
2424                                 $theme_id = "NULL";
2425                                 $theme_path = "";
2426                         }
2427
2428                         db_query($link, "UPDATE ttrss_users SET
2429                                 theme_id = $theme_id WHERE id = " . $_SESSION["uid"]);
2430
2431                         $_SESSION["theme"] = $theme_path;
2432
2433                         header("Location: prefs.php");
2434
2435                 } else {
2436
2437                         if (!SINGLE_USER_MODE) {
2438
2439                                 $result = db_query($link, "SELECT id FROM ttrss_users
2440                                         WHERE id = ".$_SESSION["uid"]." AND (pwd_hash = 'password' OR
2441                                                 pwd_hash = 'SHA1:".sha1("password")."')");
2442
2443                                 if (db_num_rows($result) != 0) {
2444                                         print "<div class=\"warning\">
2445                                                 Your password is at default value, please change it.
2446                                         </div>";
2447                                 }
2448
2449                                 if ($_SESSION["pwd_change_result"] == "failed") {
2450                                         print "<div class=\"warning\">
2451                                                         There was an error while changing your password.
2452                                                 </div>";
2453                                 }
2454
2455                                 if ($_SESSION["pwd_change_result"] == "ok") {
2456                                         print "<div class=\"notice\">
2457                                                         Password changed successfully.
2458                                                 </div>";
2459                                 }
2460
2461                                 $_SESSION["pwd_change_result"] = "";
2462
2463                                 if ($_SESSION["prefs_op_result"] == "reset-to-defaults") {
2464                                         print "<div class=\"notice\">
2465                                                         Your configuration was reset to defaults.
2466                                                 </div>";
2467                                 }
2468
2469                                 if ($_SESSION["prefs_op_result"] == "save-config") {
2470                                         print "<div class=\"notice\">
2471                                                         Your configuration was saved successfully.
2472                                                 </div>";
2473                                 }
2474
2475                                 $_SESSION["prefs_op_result"] = "";
2476
2477                                 print "<form action=\"backend.php\" method=\"POST\">";
2478
2479                                 print "<table width=\"100%\" class=\"prefPrefsList\">";
2480                                 print "<tr><td colspan='3'><h3>Authentication</h3></tr></td>";
2481
2482                                 print "<tr><td width=\"40%\">Old password</td>";
2483                                 print "<td><input class=\"editbox\" type=\"password\"
2484                                         name=\"OLD_PASSWORD\"></td></tr>";
2485
2486                                 print "<tr><td width=\"40%\">New password</td>";
2487
2488                                 print "<td><input class=\"editbox\" type=\"password\"
2489                                         name=\"NEW_PASSWORD\"></td></tr>";
2490
2491                                 print "</table>";
2492
2493                                 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
2494
2495                                 print "<p><input class=\"button\" type=\"submit\"
2496                                         value=\"Change password\" name=\"subop\">";
2497
2498                                 print "</form>";
2499
2500                         }
2501
2502                         $result = db_query($link, "SELECT
2503                                 theme_id FROM ttrss_users WHERE id = " . $_SESSION["uid"]);
2504
2505                         $user_theme_id = db_fetch_result($result, 0, "theme_id");
2506
2507                         $result = db_query($link, "SELECT
2508                                 id,theme_name FROM ttrss_themes ORDER BY theme_name");
2509
2510                         if (db_num_rows($result) > 0) {
2511
2512                                 print "<form action=\"backend.php\" method=\"POST\">";
2513                                 print "<table width=\"100%\" class=\"prefPrefsList\">";
2514                                 print "<tr><td colspan='3'><h3>Themes</h3></tr></td>";
2515                                 print "<tr><td width=\"40%\">Select theme</td>";
2516                                 print "<td><select name=\"theme\">";
2517                                 print "<option>Default</option>";
2518                                 print "<option disabled>--------</option>";
2519
2520                                 while ($line = db_fetch_assoc($result)) {
2521                                         if ($line["id"] == $user_theme_id) {
2522                                                 $selected = "selected";
2523                                         } else {
2524                                                 $selected = "";
2525                                         }
2526                                         print "<option $selected>" . $line["theme_name"] . "</option>";
2527                                 }
2528                                 print "</select></td></tr>";
2529                                 print "</table>";
2530                                 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
2531                                 print "<p><input class=\"button\" type=\"submit\"
2532                                         value=\"Change theme\" name=\"subop\">";
2533                                 print "</form>";
2534                         }
2535
2536                         $result = db_query($link, "SELECT
2537                                 ttrss_user_prefs.pref_name,short_desc,help_text,value,type_name,
2538                                 section_name,def_value
2539                                 FROM ttrss_prefs,ttrss_prefs_types,ttrss_prefs_sections,ttrss_user_prefs
2540                                 WHERE type_id = ttrss_prefs_types.id AND
2541                                         section_id = ttrss_prefs_sections.id AND
2542                                         ttrss_user_prefs.pref_name = ttrss_prefs.pref_name AND
2543                                         owner_uid = ".$_SESSION["uid"]."
2544                                 ORDER BY section_id,short_desc");
2545
2546                         print "<form action=\"backend.php\" method=\"POST\">";
2547
2548                         $lnum = 0;
2549
2550                         $active_section = "";
2551
2552                         while ($line = db_fetch_assoc($result)) {
2553
2554                                 if ($active_section != $line["section_name"]) {
2555
2556                                         if ($active_section != "") {
2557                                                 print "</table>";
2558                                         }
2559
2560                                         print "<p><table width=\"100%\" class=\"prefPrefsList\">";
2561
2562                                         $active_section = $line["section_name"];
2563
2564                                         print "<tr><td colspan=\"3\"><h3>$active_section</h3></td></tr>";
2565 //                                      print "<tr class=\"title\">
2566 //                                              <td width=\"25%\">Option</td><td>Value</td></tr>";
2567
2568                                         $lnum = 0;
2569                                 }
2570
2571 //                              $class = ($lnum % 2) ? "even" : "odd";
2572
2573                                 print "<tr>";
2574
2575                                 $type_name = $line["type_name"];
2576                                 $pref_name = $line["pref_name"];
2577                                 $value = $line["value"];
2578                                 $def_value = $line["def_value"];
2579                                 $help_text = $line["help_text"];
2580
2581                                 print "<td width=\"40%\" id=\"$pref_name\">" . $line["short_desc"];
2582
2583                                 if ($help_text) print "<div class=\"prefHelp\">$help_text</div>";
2584
2585                                 print "</td>";
2586
2587                                 print "<td>";
2588
2589                                 if ($type_name == "bool") {
2590 //                                      print_select($pref_name, $value, array("true", "false"));
2591
2592                                         if ($value == "true") {
2593                                                 $value = "Yes";
2594                                         } else {
2595                                                 $value = "No";
2596                                         }
2597
2598                                         print_radio($pref_name, $value, array("Yes", "No"));
2599
2600                                 } else {
2601                                         print "<input class=\"editbox\" name=\"$pref_name\" value=\"$value\">";
2602                                 }
2603
2604                                 print "</td>";
2605
2606                                 print "</tr>";
2607
2608                                 $lnum++;
2609                         }
2610
2611                         print "</table>";
2612
2613                         print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
2614
2615                         print "<p><input class=\"button\" type=\"submit\"
2616                                 name=\"subop\" value=\"Save configuration\">";
2617
2618                         print "&nbsp;<input class=\"button\" type=\"submit\"
2619                                 name=\"subop\" value=\"Reset to defaults\"></p>";
2620
2621                         print "</form>";
2622
2623                 }
2624
2625         }
2626
2627         if ($op == "pref-users") {
2628
2629                 $subop = $_GET["subop"];
2630
2631                 if ($subop == "editSave") {
2632
2633                         if (!WEB_DEMO_MODE) {
2634
2635                                 $login = db_escape_string($_GET["l"]);
2636                                 $uid = db_escape_string($_GET["id"]);
2637                                 $access_level = sprintf("%d", $_GET["al"]);
2638
2639                                 db_query($link, "UPDATE ttrss_users SET login = '$login', access_level = '$access_level' WHERE id = '$uid'");
2640
2641                         }
2642                 } else if ($subop == "remove") {
2643
2644                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
2645
2646                                 $ids = split(",", $_GET["ids"]);
2647
2648                                 foreach ($ids as $id) {
2649                                         db_query($link, "DELETE FROM ttrss_users WHERE id = '$id' AND id != " . $_SESSION["uid"]);
2650
2651                                 }
2652                         }
2653                 } else if ($subop == "add") {
2654
2655                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
2656
2657                                 $login = db_escape_string(trim($_GET["login"]));
2658                                 $tmp_user_pwd = make_password(8);
2659                                 $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd);
2660
2661                                 db_query($link, "INSERT INTO ttrss_users (login,pwd_hash,access_level)
2662                                         VALUES ('$login', '$pwd_hash', 0)");
2663
2664
2665                                 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
2666                                         login = '$login' AND pwd_hash = '$pwd_hash'");
2667
2668                                 if (db_num_rows($result) == 1) {
2669
2670                                         $new_uid = db_fetch_result($result, 0, "id");
2671
2672                                         print "<div class=\"notice\">Added user <b>".$_GET["login"].
2673                                                 "</b> with password <b>$tmp_user_pwd</b>.</div>";
2674
2675                                         initialize_user($link, $new_uid);
2676
2677                                 } else {
2678
2679                                         print "<div class=\"warning\">Error while adding user <b>".
2680                                         $_GET["login"].".</b></div>";
2681
2682                                 }
2683                         }
2684                 } else if ($subop == "resetPass") {
2685
2686                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
2687
2688                                 $uid = db_escape_string($_GET["id"]);
2689
2690                                 $result = db_query($link, "SELECT login FROM ttrss_users WHERE id = '$uid'");
2691
2692                                 $login = db_fetch_result($result, 0, "login");
2693                                 $tmp_user_pwd = make_password(8);
2694                                 $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd);
2695
2696                                 db_query($link, "UPDATE ttrss_users SET pwd_hash = '$pwd_hash'
2697                                         WHERE id = '$uid'");
2698
2699                                 print "<div class=\"notice\">Changed password of
2700                                         user <b>$login</b> to <b>$tmp_user_pwd</b>.</div>";
2701
2702                         }
2703                 }
2704
2705                 print "<div class=\"prefGenericAddBox\">
2706                         <input id=\"uadd_box\" size=\"40\">&nbsp;";
2707
2708                 print"<input type=\"submit\" class=\"button\"
2709                         onclick=\"javascript:addUser()\" value=\"Add user\"></div>";
2710
2711                 $result = db_query($link, "SELECT
2712                                 id,login,access_level,
2713                                 SUBSTRING(last_login,1,16) as last_login
2714                         FROM
2715                                 ttrss_users
2716                         ORDER by login");
2717
2718                 print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
2719
2720                 print "<p><table width=\"100%\" cellspacing=\"0\"
2721                         class=\"prefUserList\" id=\"prefUserList\">";
2722
2723                 print "<tr><td class=\"selectPrompt\" colspan=\"8\">
2724                                 Select:
2725                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefUserList',
2726                                                 'UMRR-', 'UMCHK-', true)\">All</a>,
2727                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefUserList',
2728                                                 'UMRR-', 'UMCHK-', false)\">None</a>
2729                                 </td</tr>";
2730
2731                 print "<tr class=\"title\">
2732                                         <td width=\"5%\">Select</td>
2733                                         <td width='30%'>Username</td>
2734                                         <td width='30%'>Access Level</td>
2735                                         <td width='30%'>Last login</td></tr>";
2736
2737                 $lnum = 0;
2738
2739                 while ($line = db_fetch_assoc($result)) {
2740
2741                         $class = ($lnum % 2) ? "even" : "odd";
2742
2743                         $uid = $line["id"];
2744                         $edit_uid = $_GET["id"];
2745
2746                         if ($uid == $_SESSION["uid"] || ($subop == "edit" && $uid != $edit_uid)) {
2747                                 $class .= "Grayed";
2748                                 $this_row_id = "";
2749                         } else {
2750                                 $this_row_id = "id=\"UMRR-$uid\"";
2751                         }
2752
2753                         print "<tr class=\"$class\" $this_row_id>";
2754
2755                         $line["login"] = htmlspecialchars($line["login"]);
2756
2757                         if ($uid == $_SESSION["uid"]) {
2758
2759                                 print "<td><input disabled=\"true\" type=\"checkbox\"
2760                                         id=\"UMCHK-".$line["id"]."\"></td>";
2761
2762                                 print "<td>".$line["login"]."</td>";
2763                                 print "<td>".$line["access_level"]."</td>";
2764
2765                         } else if (!$edit_uid || $subop != "edit") {
2766
2767                                 print "<td><input onclick='toggleSelectRow(this);'
2768                                 type=\"checkbox\" id=\"UMCHK-$uid\"></td>";
2769
2770                                 print "<td><a href=\"javascript:editUser($uid);\">" .
2771                                         $line["login"] . "</td>";
2772
2773                                 print "<td><a href=\"javascript:editUser($uid);\">" .
2774                                         $line["access_level"] . "</td>";
2775
2776                         } else if ($uid != $edit_uid) {
2777
2778                                 print "<td><input disabled=\"true\" type=\"checkbox\"
2779                                         id=\"UMCHK-".$line["id"]."\"></td>";
2780
2781                                 print "<td>".$line["login"]."</td>";
2782                                 print "<td>".$line["access_level"]."</td>";
2783
2784                         } else {
2785
2786                                 print "<td><input disabled=\"true\" type=\"checkbox\" checked></td>";
2787
2788                                 print "<td><input id=\"iedit_ulogin\" value=\"".$line["login"].
2789                                         "\"></td>";
2790
2791                                 print "<td><input id=\"iedit_ulevel\" value=\"".$line["access_level"].
2792                                         "\"></td>";
2793
2794                         }
2795
2796                         print "<td>".$line["last_login"]."</td>";
2797
2798                         print "</tr>";
2799
2800                         ++$lnum;
2801                 }
2802
2803                 print "</table>";
2804
2805                 print "<p>";
2806
2807                 if ($subop == "edit") {
2808                         print "Edit label:
2809                                 <input type=\"submit\" class=\"button\"
2810                                         onclick=\"javascript:userEditCancel()\" value=\"Cancel\">
2811                                 <input type=\"submit\" class=\"button\"
2812                                         onclick=\"javascript:userEditSave()\" value=\"Save\">";
2813
2814                 } else {
2815
2816                         print "
2817                                 Selection:
2818                         <input type=\"submit\" class=\"button\"
2819                                 onclick=\"javascript:selectedUserDetails()\" value=\"User details\">
2820                         <input type=\"submit\" class=\"button\"
2821                                 onclick=\"javascript:editSelectedUser()\" value=\"Edit\">
2822                         <input type=\"submit\" class=\"button\"
2823                                 onclick=\"javascript:removeSelectedUsers()\" value=\"Remove\">
2824                         <input type=\"submit\" class=\"button\"
2825                                 onclick=\"javascript:resetSelectedUserPass()\" value=\"Reset password\">";
2826
2827                 }
2828         }
2829
2830         if ($op == "user-details") {
2831
2832                 if (WEB_DEMO_MODE || $_SESSION["access_level"] < 10) {
2833                         return;
2834                 }
2835
2836 /*              print "<html><head>
2837                         <title>Tiny Tiny RSS : User Details</title>
2838                         <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">
2839                         <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
2840                         </head><body>"; */
2841
2842                 $uid = sprintf("%d", $_GET["id"]);
2843
2844                 print "<div class='infoBoxContents'>";
2845
2846                 $result = db_query($link, "SELECT login,
2847                         SUBSTRING(last_login,1,16) AS last_login,
2848                         access_level,
2849                         (SELECT COUNT(int_id) FROM ttrss_user_entries
2850                                 WHERE owner_uid = id) AS stored_articles
2851                         FROM ttrss_users
2852                         WHERE id = '$uid'");
2853
2854                 if (db_num_rows($result) == 0) {
2855                         print "<h1>User not found</h1>";
2856                         return;
2857                 }
2858
2859                 print "<h1>User Details</h1>";
2860
2861                 print "<table width='100%'>";
2862
2863                 $login = db_fetch_result($result, 0, "login");
2864                 $last_login = db_fetch_result($result, 0, "last_login");
2865                 $access_level = db_fetch_result($result, 0, "access_level");
2866                 $stored_articles = db_fetch_result($result, 0, "stored_articles");
2867
2868                 print "<tr><td>Username</td><td>$login</td></tr>";
2869                 print "<tr><td>Access level</td><td>$access_level</td></tr>";
2870                 print "<tr><td>Last logged in</td><td>$last_login</td></tr>";
2871                 print "<tr><td>Stored articles</td><td>$stored_articles</td></tr>";
2872
2873                 $result = db_query($link, "SELECT COUNT(id) as num_feeds FROM ttrss_feeds
2874                         WHERE owner_uid = '$uid'");
2875
2876                 $num_feeds = db_fetch_result($result, 0, "num_feeds");
2877
2878                 print "<tr><td>Subscribed feeds count</td><td>$num_feeds</td></tr>";
2879
2880 /*              $result = db_query($link, "SELECT
2881                         SUM(LENGTH(content)+LENGTH(title)+LENGTH(link)+LENGTH(guid)) AS db_size
2882                         FROM ttrss_user_entries,ttrss_entries
2883                                 WHERE owner_uid = '$uid' AND ref_id = id");
2884
2885                 $db_size = round(db_fetch_result($result, 0, "db_size") / 1024);
2886
2887                 print "<tr><td>Approx. used DB size</td><td>$db_size KBytes</td></tr>";  */
2888
2889                 print "</table>";
2890
2891                 print "<h1>Subscribed feeds</h1>";
2892
2893                 $result = db_query($link, "SELECT id,title,feed_url FROM ttrss_feeds
2894                         WHERE owner_uid = '$uid' ORDER BY title");
2895
2896                 print "<ul class=\"nomarks\">";
2897
2898                 while ($line = db_fetch_assoc($result)) {
2899
2900                         $icon_file = ICONS_URL."/".$line["id"].".ico";
2901
2902                         if (file_exists($icon_file) && filesize($icon_file) > 0) {
2903                                 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"$icon_file\">";
2904                         } else {
2905                                 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
2906                         }
2907
2908                         print "<li>$feed_icon&nbsp;<a href=\"".$line["feed_url"]."\">".$line["title"]."</a></li>";
2909                 }
2910
2911                 print "</ul>";
2912
2913                 print "</div>";
2914
2915                 print "<div align='center'>
2916                         <input type='submit' class='button'
2917                         onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
2918
2919 //              print "</body></html>";
2920
2921         }
2922
2923         if ($op == "feed-details") {
2924
2925                 $feed_id = $_GET["id"];
2926
2927                 $result = db_query($link,
2928                         "SELECT
2929                                 title,feed_url,last_updated,icon_url,site_url,
2930                                 (SELECT COUNT(int_id) FROM ttrss_user_entries
2931                                         WHERE feed_id = id) AS total,
2932                                 (SELECT COUNT(int_id) FROM ttrss_user_entries
2933                                         WHERE feed_id = id AND unread = true) AS unread,
2934                                 (SELECT COUNT(int_id) FROM ttrss_user_entries
2935                                         WHERE feed_id = id AND marked = true) AS marked
2936                         FROM ttrss_feeds
2937                         WHERE id = '$feed_id' AND owner_uid = ".$_SESSION["uid"]);
2938
2939                 if (db_num_rows($result) == 0) return;
2940
2941                 $title = db_fetch_result($result, 0, "title");
2942                 $last_updated = db_fetch_result($result, 0, "last_updated");
2943                 $feed_url = db_fetch_result($result, 0, "feed_url");
2944                 $icon_url = db_fetch_result($result, 0, "icon_url");
2945                 $total = db_fetch_result($result, 0, "total");
2946                 $unread = db_fetch_result($result, 0, "unread");
2947                 $marked = db_fetch_result($result, 0, "marked");
2948                 $site_url = db_fetch_result($result, 0, "site_url");
2949
2950                 $result = db_query($link, "SELECT COUNT(id) AS subscribed
2951                                         FROM ttrss_feeds WHERE feed_url = '$feed_url'");
2952
2953                 $subscribed = db_fetch_result($result, 0, "subscribed");
2954
2955                 print "<div class=\"infoBoxContents\">";
2956
2957                 $icon_file = ICONS_DIR . "/$feed_id.ico";
2958
2959                 if (file_exists($icon_file) && filesize($icon_file) > 0) {
2960                                 $feed_icon = "<img width=\"16\" height=\"16\"
2961                                         src=\"" . ICONS_URL . "/$feed_id.ico\">";
2962                 } else {
2963                         $feed_icon = "";
2964                 }
2965
2966                 print "<h1>$feed_icon $title</h1>";
2967
2968                 print "<table width='100%'>";
2969
2970                 if ($site_url) {
2971                         print "<tr><td width='30%'>Link</td>
2972                                 <td><a href=\"$site_url\">$site_url</a>
2973                                 <a href=\"$feed_url\">(feed)</a></td>
2974                                 </td></tr>";
2975                 } else {
2976                         print "<tr><td width='30%'>Feed URL</td>
2977                                 <td><a href=\"$feed_url\">$feed_url</a></td></tr>";
2978                 }
2979                 print "<tr><td>Last updated</td><td>$last_updated</td></tr>";
2980                 print "<tr><td>Total articles</td><td>$total</td></tr>";
2981                 print "<tr><td>Unread articles</td><td>$unread</td></tr>";
2982                 print "<tr><td>Starred articles</td><td>$marked</td></tr>";
2983                 print "<tr><td>Subscribed users</td><td>$subscribed</td></tr>";
2984
2985                 print "</table>";
2986
2987                 $result = db_query($link, "SELECT title,
2988                         SUBSTRING(updated,1,16) AS updated,unread
2989                         FROM ttrss_entries,ttrss_user_entries
2990                         WHERE ref_id = id AND feed_id = '$feed_id'
2991                         ORDER BY date_entered DESC LIMIT 5");
2992
2993                 if (db_num_rows($result) > 0) {
2994
2995                         print "<h1>Latest headlines</h1>";
2996
2997                         print "<ul class=\"nomarks\">";
2998
2999                         while ($line = db_fetch_assoc($result)) {
3000                                 if ($line["unread"] == "t" || $line["unread"] == "1") {
3001                                         $line["title"] = "<b>" . $line["title"] . "</b>";
3002                                 }
3003                                 print "<li>" . $line["title"].
3004                                 "&nbsp;<span class=\"insensitive\">(" .$line["updated"].")</span></li>";
3005                         }
3006
3007                         print "</ul>";
3008
3009                         print "</div>";
3010
3011                         print "<div align='center'>
3012                                 <input type='submit' class='button'
3013                                 onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
3014                 }
3015         }
3016
3017         db_close($link);
3018 ?>
3019
3020 <!-- <?= sprintf("Backend execution time: %.4f seconds", getmicrotime() - $script_started) ?> -->
3021