backend.php

   1 <?php
   2         require_once "sessions.php";
   3         require_once "backend-rpc.php";
   4
   5         header("Cache-Control: no-cache, must-revalidate");
   6         header("Pragma: no-cache");
   7         header("Expires: -1");
   8
   9 /*      if ($_GET["debug"]) {
  10                 define('DEFAULT_ERROR_LEVEL', E_ALL);
  11         } else {
  12                 define('DEFAULT_ERROR_LEVEL', E_ERROR | E_WARNING | E_PARSE);
  13         }
  14
  15         error_reporting(DEFAULT_ERROR_LEVEL); */
  16
  17         $op = $_REQUEST["op"];
  18
  19         define('SCHEMA_VERSION', 11);
  20
  21         require_once "sanity_check.php";
  22         require_once "config.php";
  23
  24         require_once "db.php";
  25         require_once "db-prefs.php";
  26         require_once "functions.php";
  27
  28         $err_msg = check_configuration_variables();
  29
  30         $print_exec_time = true;
  31
  32         if ($err_msg) {
  33                 header("Content-Type: application/xml");
  34                 print_error_xml(9, $err_msg); die;
  35         }
  36
  37         if ((!$op || $op == "rpc" || $op == "rss" || $op == "digestSend" ||
  38                         $op == "globalUpdateFeeds") && !$_REQUEST["noxml"]) {
  39                 header("Content-Type: application/xml");
  40         }
  41
  42         if (!$op) {
  43                 header("Content-Type: application/xml");
  44                 print_error_xml(7); exit;
  45         }
  46
  47         if (!$_SESSION["uid"] && $op != "globalUpdateFeeds" && $op != "rss" && $op != "getUnread") {
  48
  49                 if ($op == "rpc") {
  50                         print_error_xml(6); die;
  51                 } else {
  52                         print "
  53                         <html><body>
  54                                 <p>Error: Not logged in.</p>
  55                                 <script type=\"text/javascript\">
  56                                         if (parent.window != 'undefined') {
  57                                                 parent.window.location = \"login.php\";
  58                                         } else {
  59                                                 window.location = \"login.php\";
  60                                         }
  61                                 </script>
  62                         </body></html>
  63                         ";
  64                 }
  65                 exit;
  66         }
  67
  68         $purge_intervals = array(
  69                 0  => "Use default",
  70                 -1 => "Never purge",
  71                 5  => "1 week old",
  72                 14 => "2 weeks old",
  73                 31 => "1 month old",
  74                 60 => "2 months old",
  75                 90 => "3 months old");
  76
  77         $update_intervals = array(
  78                 0   => "Use default",
  79                 -1  => "Disable updates",
  80                 30  => "Each 30 minutes",
  81                 60  => "Hourly",
  82                 240 => "Each 4 hours",
  83                 720 => "Each 12 hours",
  84                 1440 => "Daily",
  85                 10080 => "Weekly");
  86
  87         $access_level_names = array(
  88                 0 => "User",
  89                 10 => "Administrator");
  90
  91         $script_started = getmicrotime();
  92
  93         $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
  94
  95         if (!$link) {
  96                 if (DB_TYPE == "mysql") {
  97                         print mysql_error();
  98                 }
  99                 // PG seems to display its own errors just fine by default.
 100                 return;
 101         }
 102
 103         if (DB_TYPE == "pgsql") {
 104                 pg_query("set client_encoding = 'utf-8'");
 105         }
 106
 107         if ($_SESSION["uid"]) {
 108
 109 //              setcookie('ttrss_vf_refresh', FEEDS_FRAME_REFRESH);
 110 //              setcookie('ttrss_vf_daemon', ENABLE_UPDATE_DAEMON);
 111
 112 /*              if (get_pref($link, "ON_CATCHUP_SHOW_NEXT_FEED")) {
 113                         setcookie('ttrss_vf_catchupnext', 1);
 114                 } else {
 115                         setcookie('ttrss_vf_catchupnext', 0);
 116                 } */
 117         }
 118
 119         $fetch = $_GET["fetch"];
 120
 121 //      setcookie("ttrss_icons_url", ICONS_URL);
 122
 123         if (!sanity_check($link)) { return; }
 124
 125         function outputFeedList($link, $tags = false) {
 126
 127                 print "<ul class=\"feedList\" id=\"feedList\">\n";
 128
 129                 $owner_uid = $_SESSION["uid"];
 130
 131                 if (!$tags) {
 132
 133                         /* virtual feeds */
 134
 135                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 136                                 print "<li class=\"feedCat\">Special</li>";
 137                                 print "<li id=\"feedCatHolder\"><ul class=\"feedCatList\">";
 138                         }
 139
 140                         $num_starred = getFeedUnread($link, -1);
 141
 142                         $class = "virt";
 143
 144                         if ($num_starred > 0) $class .= "Unread";
 145
 146                         printFeedEntry(-1, $class, "Starred articles", $num_starred,
 147                                 "images/mark_set.png", $link);
 148
 149                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 150                                 print "</ul>\n";
 151                         }
 152
 153                         if (GLOBAL_ENABLE_LABELS && get_pref($link, 'ENABLE_LABELS')) {
 154
 155                                 $result = db_query($link, "SELECT id,sql_exp,description FROM
 156                                         ttrss_labels WHERE owner_uid = '$owner_uid' ORDER by description");
 157
 158                                 if (db_num_rows($result) > 0) {
 159                                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 160                                                 print "<li class=\"feedCat\">Labels</li>";
 161                                                 print "<li id=\"feedCatHolder\"><ul class=\"feedCatList\">";
 162                                         } else {
 163                                                 print "<li><hr></li>";
 164                                         }
 165                                 }
 166
 167                                 while ($line = db_fetch_assoc($result)) {
 168
 169                                         error_reporting (0);
 170
 171                                         $label_id = -$line['id'] - 11;
 172                                         $count = getFeedUnread($link, $label_id);
 173
 174                                         $class = "label";
 175
 176                                         if ($count > 0) {
 177                                                 $class .= "Unread";
 178                                         }
 179
 180                                         error_reporting (DEFAULT_ERROR_LEVEL);
 181
 182                                         printFeedEntry($label_id,
 183                                                 $class, db_unescape_string($line["description"]),
 184                                                 $count, "images/label.png", $link);
 185
 186                                 }
 187
 188                                 if (db_num_rows($result) > 0) {
 189                                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 190                                                 print "</ul>";
 191                                         }
 192                                 }
 193
 194                         }
 195
 196                         if (!get_pref($link, 'ENABLE_FEED_CATS')) {
 197                                 print "<li><hr></li>";
 198                         }
 199
 200                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 201                                 if (get_pref($link, "FEEDS_SORT_BY_UNREAD")) {
 202                                         $order_by_qpart = "category,unread DESC,title";
 203                                 } else {
 204                                         $order_by_qpart = "category,title";
 205                                 }
 206                         } else {
 207                                 if (get_pref($link, "FEEDS_SORT_BY_UNREAD")) {
 208                                         $order_by_qpart = "unread DESC,title";
 209                                 } else {
 210                                         $order_by_qpart = "title";
 211                                 }
 212                         }
 213
 214                         $result = db_query($link, "SELECT ttrss_feeds.*,
 215                                 SUBSTRING(last_updated,1,19) AS last_updated_noms,
 216                                 (SELECT COUNT(id) FROM ttrss_entries,ttrss_user_entries
 217                                         WHERE feed_id = ttrss_feeds.id AND unread = true
 218                                                 AND ttrss_user_entries.ref_id = ttrss_entries.id
 219                                                 AND owner_uid = '$owner_uid') as unread,
 220                                 cat_id,last_error,
 221                                 ttrss_feed_categories.title AS category,
 222                                 ttrss_feed_categories.collapsed
 223                                 FROM ttrss_feeds LEFT JOIN ttrss_feed_categories
 224                                         ON (ttrss_feed_categories.id = cat_id)
 225                                 WHERE
 226                                         ttrss_feeds.hidden = false AND
 227                                         ttrss_feeds.owner_uid = '$owner_uid' AND parent_feed IS NULL
 228                                 ORDER BY $order_by_qpart");
 229
 230                         $actid = $_GET["actid"];
 231
 232                         /* real feeds */
 233
 234                         $lnum = 0;
 235
 236                         $total_unread = 0;
 237
 238                         $category = "";
 239
 240                         $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
 241
 242                         while ($line = db_fetch_assoc($result)) {
 243
 244                                 $feed = db_unescape_string($line["title"]);
 245                                 $feed_id = $line["id"];
 246
 247                                 $subop = $_GET["subop"];
 248
 249                                 $unread = $line["unread"];
 250
 251                                 if (get_pref($link, 'HEADLINES_SMART_DATE')) {
 252                                         $last_updated = smart_date_time(strtotime($line["last_updated_noms"]));
 253                                 } else {
 254                                         $last_updated = date($short_date, strtotime($line["last_updated_noms"]));
 255                                 }
 256
 257                                 $rtl_content = sql_bool_to_bool($line["rtl_content"]);
 258
 259                                 if ($rtl_content) {
 260                                         $rtl_tag = "dir=\"RTL\"";
 261                                 } else {
 262                                         $rtl_tag = "";
 263                                 }
 264
 265                                 $tmp_result = db_query($link,
 266                                         "SELECT id,COUNT(unread) AS unread
 267                                         FROM ttrss_feeds LEFT JOIN ttrss_user_entries
 268                                                 ON (ttrss_feeds.id = ttrss_user_entries.feed_id)
 269                                         WHERE parent_feed = '$feed_id' AND unread = true
 270                                         GROUP BY ttrss_feeds.id");
 271
 272                                 if (db_num_rows($tmp_result) > 0) {
 273                                         while ($l = db_fetch_assoc($tmp_result)) {
 274                                                 $unread += $l["unread"];
 275                                         }
 276                                 }
 277
 278                                 $cat_id = $line["cat_id"];
 279
 280                                 $tmp_category = $line["category"];
 281
 282                                 if (!$tmp_category) {
 283                                         $tmp_category = "Uncategorized";
 284                                 }
 285
 286         //                      $class = ($lnum % 2) ? "even" : "odd";
 287
 288                                 if ($line["last_error"]) {
 289                                         $class = "error";
 290                                 } else {
 291                                         $class = "feed";
 292                                 }
 293
 294                                 if ($unread > 0) $class .= "Unread";
 295
 296                                 if ($actid == $feed_id) {
 297                                         $class .= "Selected";
 298                                 }
 299
 300                                 $total_unread += $unread;
 301
 302                                 if ($category != $tmp_category && get_pref($link, 'ENABLE_FEED_CATS')) {
 303
 304                                         if ($category) {
 305                                                 print "</ul></li>";
 306                                         }
 307
 308                                         $category = $tmp_category;
 309
 310                                         $collapsed = $line["collapsed"];
 311
 312                                         // workaround for NULL category
 313                                         if ($category == "Uncategorized") {
 314                                                 if ($_COOKIE["ttrss_vf_uclps"] == 1) {
 315                                                         $collapsed = "t";
 316                                                 }
 317                                         }
 318
 319                                         if ($collapsed == "t" || $collapsed == "1") {
 320                                                 $holder_class = "invisible";
 321                                                 $ellipsis = "...";
 322                                         } else {
 323                                                 $holder_class = "";
 324                                                 $ellipsis = "";
 325                                         }
 326
 327                                         $cat_id = sprintf("%d", $cat_id);
 328
 329                                         $cat_unread = getCategoryUnread($link, $cat_id);
 330
 331                                         print "<li class=\"feedCat\" id=\"FCAT-$cat_id\">
 332                                                 <a id=\"FCATN-$cat_id\" href=\"javascript:toggleCollapseCat($cat_id)\">$tmp_category</a>
 333                                                         <a href=\"javascript:viewCategory($cat_id)\" id=\"FCAP-$cat_id\">
 334                                                         <span id=\"FCATCTR-$cat_id\"
 335                                                         class=\"$catctr_class\">($cat_unread unread)$ellipsis</span>
 336                                                         </a></li>";
 337
 338                                         // !!! NO SPACE before <ul...feedCatList - breaks firstChild DOM function
 339                                         // -> keyboard navigation, etc.
 340                                         print "<li id=\"feedCatHolder\" class=\"$holder_class\"><ul class=\"feedCatList\" id=\"FCATLIST-$cat_id\">";
 341                                 }
 342
 343                                 printFeedEntry($feed_id, $class, $feed, $unread,
 344                                         "icons/$feed_id.ico", $link, $rtl_content,
 345                                         $last_updated, $line["last_error"]);
 346
 347                                 ++$lnum;
 348                         }
 349
 350                         if (db_num_rows($result) == 0) {
 351                                 print "<li>No feeds to display.</li>";
 352                         }
 353
 354                 } else {
 355
 356                         // tags
 357
 358 /*                      $result = db_query($link, "SELECT tag_name,count(ttrss_entries.id) AS count
 359                                 FROM ttrss_tags,ttrss_entries,ttrss_user_entries WHERE
 360                                 post_int_id = ttrss_user_entries.int_id AND
 361                                 unread = true AND ref_id = ttrss_entries.id
 362                                 AND ttrss_tags.owner_uid = '$owner_uid' GROUP BY tag_name
 363                         UNION
 364                                 select tag_name,0 as count FROM ttrss_tags WHERE owner_uid = '$owner_uid'
 365                         ORDER BY tag_name"); */
 366
 367                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 368                                 print "<li class=\"feedCat\">Tags</li>";
 369                                 print "<li id=\"feedCatHolder\"><ul class=\"feedCatList\">";
 370                         }
 371
 372                         $result = db_query($link, "SELECT tag_name,SUM((SELECT COUNT(int_id)
 373                                 FROM ttrss_user_entries WHERE int_id = post_int_id
 374                                         AND unread = true)) AS count FROM ttrss_tags
 375                                 WHERE owner_uid = 2 GROUP BY tag_name ORDER BY tag_name");
 376
 377                         $tags = array();
 378
 379                         while ($line = db_fetch_assoc($result)) {
 380                                 $tags[$line["tag_name"]] += $line["count"];
 381                         }
 382
 383                         foreach (array_keys($tags) as $tag) {
 384
 385                                 $unread = $tags[$tag];
 386
 387                                 $class = "tag";
 388
 389                                 if ($unread > 0) {
 390                                         $class .= "Unread";
 391                                 }
 392
 393                                 printFeedEntry($tag, $class, $tag, $unread, "images/tag.png", $link);
 394
 395                         }
 396
 397                         if (db_num_rows($result) == 0) {
 398                                 print "<li>No tags to display.</li>";
 399                         }
 400
 401                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 402                                 print "</ul>\n";
 403                         }
 404
 405                 }
 406
 407                 print "</ul>";
 408
 409         }
 410
 411
 412         if ($op == "rpc") {
 413                 handle_rpc_request($link);
 414         }
 415
 416         if ($op == "feeds") {
 417
 418                 $tags = $_GET["tags"];
 419
 420                 $subop = $_GET["subop"];
 421
 422                 if ($subop == "catchupAll") {
 423                         db_query($link, "UPDATE ttrss_user_entries SET
 424                                 last_read = NOW(),unread = false WHERE owner_uid = " . $_SESSION["uid"]);
 425                 }
 426
 427                 if ($subop == "collapse") {
 428                         $cat_id = db_escape_string($_GET["cid"]);
 429
 430                         db_query($link, "UPDATE ttrss_feed_categories SET
 431                                 collapsed = NOT collapsed WHERE id = '$cat_id' AND owner_uid = " .
 432                                 $_SESSION["uid"]);
 433                         return;
 434                 }
 435
 436                 outputFeedList($link, $tags);
 437
 438         }
 439
 440         if ($op == "view") {
 441
 442                 $id = db_escape_string($_GET["id"]);
 443                 $feed_id = db_escape_string($_GET["feed"]);
 444
 445                 $result = db_query($link, "SELECT rtl_content FROM ttrss_feeds
 446                         WHERE id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]);
 447
 448                 if (db_num_rows($result) == 1) {
 449                         $rtl_content = sql_bool_to_bool(db_fetch_result($result, 0, "rtl_content"));
 450                 } else {
 451                         $rtl_content = false;
 452                 }
 453
 454                 if ($rtl_content) {
 455                         $rtl_tag = "dir=\"RTL\"";
 456                         $rtl_class = "RTL";
 457                 } else {
 458                         $rtl_tag = "";
 459                         $rtl_class = "";
 460                 }
 461
 462                 $result = db_query($link, "UPDATE ttrss_user_entries
 463                         SET unread = false,last_read = NOW()
 464                         WHERE ref_id = '$id' AND feed_id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]);
 465
 466                 $result = db_query($link, "SELECT title,link,content,feed_id,comments,int_id,
 467                         SUBSTRING(updated,1,16) as updated,
 468                         (SELECT icon_url FROM ttrss_feeds WHERE id = feed_id) as icon_url,
 469                         num_comments,
 470                         author
 471                         FROM ttrss_entries,ttrss_user_entries
 472                         WHERE   id = '$id' AND ref_id = id AND owner_uid = " . $_SESSION["uid"]);
 473
 474                 if ($result) {
 475
 476                         $link_target = "";
 477
 478                         if (get_pref($link, 'OPEN_LINKS_IN_NEW_WINDOW')) {
 479                                 $link_target = "target=\"_new\"";
 480                         }
 481
 482                         $line = db_fetch_assoc($result);
 483
 484                         if ($line["icon_url"]) {
 485                                 $feed_icon = "<img class=\"feedIcon\" src=\"" . $line["icon_url"] . "\">";
 486                         } else {
 487                                 $feed_icon = "&nbsp;";
 488                         }
 489
 490 /*                      if ($line["comments"] && $line["link"] != $line["comments"]) {
 491                                 $entry_comments = "(<a href=\"".$line["comments"]."\">Comments</a>)";
 492                         } else {
 493                                 $entry_comments = "";
 494                         } */
 495
 496                         $num_comments = $line["num_comments"];
 497                         $entry_comments = "";
 498
 499                         if ($num_comments > 0) {
 500                                 if ($line["comments"]) {
 501                                         $comments_url = $line["comments"];
 502                                 } else {
 503                                         $comments_url = $line["link"];
 504                                 }
 505                                 $entry_comments = "<a $link_target href=\"$comments_url\">$num_comments comments</a>";
 506                         } else {
 507                                 if ($line["comments"] && $line["link"] != $line["comments"]) {
 508                                         $entry_comments = "<a $link_target href=\"".$line["comments"]."\">comments</a>";
 509                                 }
 510                         }
 511
 512                         print "<div class=\"postReply\">";
 513
 514                         print "<div class=\"postHeader\"><table width=\"100%\">";
 515
 516                         $entry_author = $line["author"];
 517
 518                         if ($entry_author) {
 519                                 $entry_author = " - by $entry_author";
 520                         }
 521
 522                         if ($line["link"]) {
 523                                 print "<tr><td width='70%'><a $link_target href=\"" . $line["link"] . "\">" .
 524                                         $line["title"] . "</a>$entry_author</td>";
 525                         } else {
 526                                 print "<tr><td width='30%'>" . $line["title"] . "$entry_author</td>";
 527                         }
 528
 529                         $parsed_updated = date(get_pref($link, 'LONG_DATE_FORMAT'),
 530                                 strtotime($line["updated"]));
 531
 532                         print "<td class=\"postDate$rtl_class\">$parsed_updated</td>";
 533
 534                         print "</tr>";
 535
 536                         $tmp_result = db_query($link, "SELECT DISTINCT tag_name FROM
 537                                 ttrss_tags WHERE post_int_id = " . $line["int_id"] . "
 538                                 ORDER BY tag_name");
 539
 540                         $tags_str = "";
 541                         $f_tags_str = "";
 542
 543                         $num_tags = 0;
 544
 545                         while ($tmp_line = db_fetch_assoc($tmp_result)) {
 546                                 $num_tags++;
 547                                 $tag = $tmp_line["tag_name"];
 548                                 $tag_str = "<a href=\"javascript:parent.viewfeed('$tag')\">$tag</a>, ";
 549
 550                                 if ($num_tags == 5) {
 551                                         $tags_str .= "<a href=\"javascript:showBlockElement('allEntryTags')\">...</a>";
 552                                 } else if ($num_tags < 5) {
 553                                         $tags_str .= $tag_str;
 554                                 }
 555                                 $f_tags_str .= $tag_str;
 556                         }
 557
 558                         $tags_str = preg_replace("/, $/", "", $tags_str);
 559                         $f_tags_str = preg_replace("/, $/", "", $f_tags_str);
 560
 561 //                      $truncated_link = truncate_string($line["link"], 60);
 562
 563                         if ($tags_str || $entry_comments) {
 564                                 print "<tr><td width='50%'>
 565                                         $entry_comments</td>
 566                                         <td align=\"right\">$tags_str</td></tr>";
 567                         }
 568
 569                         print "</table></div>";
 570
 571                         print "<div class=\"postIcon\">" . $feed_icon . "</div>";
 572                         print "<div class=\"postContent\">";
 573
 574                         if (db_num_rows($tmp_result) > 5) {
 575                                 print "<div id=\"allEntryTags\">Tags: $f_tags_str</div>";
 576                         }
 577
 578                         if (get_pref($link, 'OPEN_LINKS_IN_NEW_WINDOW')) {
 579                                 $line["content"] = preg_replace("/href=/i", "target=\"_new\" href=", $line["content"]);
 580                         }
 581
 582                         $line["content"] = sanitize_rss($line["content"]);
 583
 584                         print $line["content"] . "</div>";
 585
 586                         print "</div>";
 587
 588                 }
 589         }
 590
 591         if ($op == "viewfeed") {
 592
 593                 $feed = db_escape_string($_GET["feed"]);
 594                 $subop = db_escape_string($_GET["subop"]);
 595                 $view_mode = db_escape_string($_GET["view_mode"]);
 596                 $limit = db_escape_string($_GET["limit"]);
 597                 $cat_view = db_escape_string($_GET["cat"]);
 598                 $next_unread_feed = db_escape_string($_GET["nuf"]);
 599
 600                 if ($subop == "undefined") $subop = "";
 601
 602                 if ($subop == "CatchupSelected") {
 603                         $ids = split(",", db_escape_string($_GET["ids"]));
 604                         $cmode = sprintf("%d", $_GET["cmode"]);
 605
 606                         catchupArticlesById($link, $ids, $cmode);
 607                 }
 608
 609                 if ($subop == "ForceUpdate" && sprintf("%d", $feed) > 0) {
 610                         update_generic_feed($link, $feed, $cat_view);
 611                 }
 612
 613                 if ($subop == "MarkAllRead")  {
 614                         catchup_feed($link, $feed, $cat_view);
 615
 616                         if (get_pref($link, 'ON_CATCHUP_SHOW_NEXT_FEED')) {
 617                                 if ($next_unread_feed) {
 618                                         $feed = $next_unread_feed;
 619                                 }
 620                         }
 621                 }
 622
 623                 if ($feed_id > 0) {
 624                         $result = db_query($link,
 625                                 "SELECT id FROM ttrss_feeds WHERE id = '$feed' LIMIT 1");
 626
 627                         if (db_num_rows($result) == 0) {
 628                                 print "<div align='center'>
 629                                         Feed not found.</div>";
 630                                 return;
 631                         }
 632                 }
 633
 634                 if (preg_match("/^-?[0-9][0-9]*$/", $feed) != false) {
 635
 636                         $result = db_query($link, "SELECT rtl_content FROM ttrss_feeds
 637                                 WHERE id = '$feed' AND owner_uid = " . $_SESSION["uid"]);
 638
 639                         if (db_num_rows($result) == 1) {
 640                                 $rtl_content = sql_bool_to_bool(db_fetch_result($result, 0, "rtl_content"));
 641                         } else {
 642                                 $rtl_content = false;
 643                         }
 644
 645                         if ($rtl_content) {
 646                                 $rtl_tag = "dir=\"RTL\"";
 647                         } else {
 648                                 $rtl_tag = "";
 649                         }
 650                 } else {
 651                         $rtl_tag = "";
 652                         $rtl_content = false;
 653                 }
 654
 655                 $script_dt_add = get_script_dt_add();
 656
 657 /*              print "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
 658                         <script type=\"text/javascript\" src=\"prototype.js\"></script>
 659                         <script type=\"text/javascript\" src=\"functions.js?$script_dt_add\"></script>
 660                         <script type=\"text/javascript\" src=\"viewfeed.js?$script_dt_add\"></script>
 661                         <!--[if gte IE 5.5000]>
 662                         <script type=\"text/javascript\" src=\"pngfix.js\"></script>
 663                         <link rel=\"stylesheet\" type=\"text/css\" href=\"tt-rss-ie.css\">
 664                         <![endif]-->
 665                         </head><body $rtl_tag>
 666                         <script type=\"text/javascript\">
 667                         if (document.addEventListener) {
 668                                 document.addEventListener(\"DOMContentLoaded\", init, null);
 669                         }
 670                         window.onload = init;
 671                         </script>"; */
 672
 673                 /// START /////////////////////////////////////////////////////////////////////////////////
 674
 675                 $search = db_escape_string($_GET["query"]);
 676                 $search_mode = db_escape_string($_GET["search_mode"]);
 677                 $match_on = db_escape_string($_GET["match_on"]);
 678
 679                 if (!$match_on) {
 680                         $match_on = "both";
 681                 }
 682
 683                 $qfh_ret = queryFeedHeadlines($link, $feed, $limit, $view_mode, $cat_view, $search, $search_mode, $match_on);
 684
 685                 $result = $qfh_ret[0];
 686                 $feed_title = $qfh_ret[1];
 687                 $feed_site_url = $qfh_ret[2];
 688                 $last_error = $qfh_ret[3];
 689
 690                 /// STOP //////////////////////////////////////////////////////////////////////////////////
 691
 692                 print "<div id=\"headlinesContainer\" $rtl_tag>";
 693
 694                 if (!$result) {
 695                         print "<div align='center'>
 696                                 Could not display feed (query failed). Please check label match syntax or local configuration.</div>";
 697                         return;
 698                 }
 699
 700                 if (db_num_rows($result) > 0) {
 701
 702                         print_headline_subtoolbar($link, $feed_site_url, $feed_title, false,
 703                                 $rtl_content, $feed, $cat_view, $search, $match_on, $search_mode);
 704
 705                         print "<div id=\"headlinesInnerContainer\">";
 706
 707                         if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
 708                                 print "<table class=\"headlinesList\" id=\"headlinesList\"
 709                                         cellspacing=\"0\" width=\"100%\">";
 710                         }
 711
 712                         $lnum = 0;
 713
 714                         error_reporting (DEFAULT_ERROR_LEVEL);
 715
 716                         $num_unread = 0;
 717
 718                         while ($line = db_fetch_assoc($result)) {
 719
 720                                 $class = ($lnum % 2) ? "even" : "odd";
 721
 722                                 $id = $line["id"];
 723                                 $feed_id = $line["feed_id"];
 724
 725                                 if ($line["last_read"] == "" &&
 726                                                 ($line["unread"] != "t" && $line["unread"] != "1")) {
 727
 728                                         $update_pic = "<img id='FUPDPIC-$id' src=\"images/updated.png\"
 729                                                 alt=\"Updated\">";
 730                                 } else {
 731                                         $update_pic = "<img id='FUPDPIC-$id' src=\"images/blank_icon.gif\"
 732                                                 alt=\"Updated\">";
 733                                 }
 734
 735                                 if ($line["unread"] == "t" || $line["unread"] == "1") {
 736                                         $class .= "Unread";
 737                                         ++$num_unread;
 738                                         $is_unread = true;
 739                                 } else {
 740                                         $is_unread = false;
 741                                 }
 742
 743                                 if ($line["marked"] == "t" || $line["marked"] == "1") {
 744                                         $marked_pic = "<img id=\"FMARKPIC-$id\" src=\"images/mark_set.png\"
 745                                                 alt=\"Reset mark\" onclick='javascript:toggleMark($id)'>";
 746                                 } else {
 747                                         $marked_pic = "<img id=\"FMARKPIC-$id\" src=\"images/mark_unset.png\"
 748                                                 alt=\"Set mark\" onclick='javascript:toggleMark($id)'>";
 749                                 }
 750
 751 #                               $content_link = "<a target=\"_new\" href=\"".$line["link"]."\">" .
 752 #                                       $line["title"] . "</a>";
 753
 754                                 $content_link = "<a href=\"javascript:view($id,$feed_id);\">" .
 755                                         $line["title"] . "</a>";
 756
 757 #                               $content_link = "<a href=\"javascript:viewContentUrl('".$line["link"]."');\">" .
 758 #                                       $line["title"] . "</a>";
 759
 760                                 if (get_pref($link, 'HEADLINES_SMART_DATE')) {
 761                                         $updated_fmt = smart_date_time(strtotime($line["updated"]));
 762                                 } else {
 763                                         $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
 764                                         $updated_fmt = date($short_date, strtotime($line["updated"]));
 765                                 }
 766
 767                                 if (get_pref($link, 'SHOW_CONTENT_PREVIEW')) {
 768                                         $content_preview = truncate_string(strip_tags($line["content_preview"]),
 769                                                 100);
 770                                 }
 771
 772                                 if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
 773
 774                                         print "<tr class='$class' id='RROW-$id'>";
 775
 776                                         print "<td class='hlUpdatePic'>$update_pic</td>";
 777
 778                                         print "<td class='hlSelectRow'>
 779                                                 <input type=\"checkbox\" onclick=\"toggleSelectRow(this)\"
 780                                                         class=\"feedCheckBox\" id=\"RCHK-$id\">
 781                                                 </td>";
 782
 783                                         print "<td class='hlMarkedPic'>$marked_pic</td>";
 784
 785                                         if ($line["feed_title"]) {
 786                                                 print "<td class='hlContent'>$content_link</td>";
 787                                                 print "<td class='hlFeed'>
 788                                                         <a href='javascript:viewfeed($feed_id)'>".
 789                                                                 $line["feed_title"]."</a>&nbsp;</td>";
 790                                         } else {
 791                                                 print "<td class='hlContent' valign='middle'>";
 792
 793                                                 print "<a href=\"javascript:view($id,$feed_id);\">" .
 794                                                         $line["title"];
 795
 796                                                 if (get_pref($link, 'SHOW_CONTENT_PREVIEW') && !$rtl_tag) {
 797                                                         if ($content_preview) {
 798                                                                 print "<span class=\"contentPreview\"> - $content_preview</span>";
 799                                                         }
 800                                                 }
 801
 802                                                 print "</a>";
 803                                                 print "</td>";
 804                                         }
 805
 806                                         print "<td class=\"hlUpdated\"><nobr>$updated_fmt&nbsp;</nobr></td>";
 807
 808                                         print "</tr>";
 809
 810                                 } else {
 811
 812                                         if ($is_unread) {
 813                                                 $add_class = "Unread";
 814                                         } else {
 815                                                 $add_class = "";
 816                                         }
 817
 818                                         print "<div class=\"cdmArticle$add_class\" id=\"RROW-$id\">";
 819
 820                                         print "<div class=\"cdmHeader\">";
 821
 822                                         print "<div style=\"float : right\">$updated_fmt,
 823                                                 <a class=\"cdmToggleLink\"
 824                                                         href=\"javascript:toggleUnread($id)\">Toggle unread</a>
 825                                         </div>";
 826
 827                                         print "<a class=\"title\"
 828                                                 onclick=\"javascript:toggleUnread($id, 0)\"
 829                                                 target=\"new\" href=\"".$line["link"]."\">".$line["title"]."</a>";
 830
 831                                         if ($line["feed_title"]) {
 832                                                 print "&nbsp;(<a href='javascript:viewfeed($feed_id)'>".$line["feed_title"]."</a>)";
 833                                         }
 834
 835                                         print "</div>";
 836
 837                                         print "<div class=\"cdmContent\">" . $line["content_preview"] . "</div><br clear=\"all\">";
 838
 839                                         print "<div style=\"float : right\">$marked_pic</div>
 840                                                 <div lass=\"cdmFooter\">
 841                                                         <input type=\"checkbox\" onclick=\"toggleSelectRowById(this,
 842                                                         'RROW-$id')\" class=\"feedCheckBox\" id=\"RCHK-$id\"></div>";
 843
 844 #                                       print "<div align=\"center\"><a class=\"cdmToggleLink\"
 845 #                                                       href=\"javascript:toggleUnread($id)\">
 846 #                                                       Toggle unread</a></div>";
 847
 848                                         print "</div>";
 849
 850                                 }
 851
 852                                 ++$lnum;
 853                         }
 854
 855                         if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
 856                                 print "</table>";
 857                         }
 858
 859                         print "</div>";
 860
 861 //                      print_headline_subtoolbar($link,
 862 //                              "javascript:catchupPage()", "Mark page as read", true, $rtl_content);
 863
 864
 865                 } else {
 866                         print "<div class='whiteBox'>No articles found.</div>";
 867                 }
 868
 869                 print "</div>";
 870         }
 871
 872         if ($op == "pref-feeds") {
 873
 874                 $subop = $_REQUEST["subop"];
 875                 $quiet = $_REQUEST["quiet"];
 876
 877                 if ($subop == "massSubscribe") {
 878                         $ids = split(",", db_escape_string($_GET["ids"]));
 879
 880                         $subscribed = array();
 881
 882                         foreach ($ids as $id) {
 883                                 $result = db_query($link, "SELECT feed_url,title FROM ttrss_feeds
 884                                         WHERE id = '$id'");
 885
 886                                 $feed_url = db_escape_string(db_fetch_result($result, 0, "feed_url"));
 887                                 $title = db_escape_string(db_fetch_result($result, 0, "title"));
 888
 889                                 $title_orig = db_fetch_result($result, 0, "title");
 890
 891                                 $result = db_query($link, "SELECT id FROM ttrss_feeds WHERE
 892                                         feed_url = '$feed_url' AND owner_uid = " . $_SESSION["uid"]);
 893
 894                                 if (db_num_rows($result) == 0) {
 895                                         $result = db_query($link,
 896                                                 "INSERT INTO ttrss_feeds (owner_uid,feed_url,title,cat_id)
 897                                                 VALUES ('".$_SESSION["uid"]."', '$feed_url', '$title', NULL)");
 898
 899                                         array_push($subscribed, $title_orig);
 900                                 }
 901                         }
 902
 903                         if (count($subscribed) > 0) {
 904                                 print "<div class=\"notice\">";
 905                                 print "<b>Subscribed to feeds:</b>";
 906                                 print "<ul class=\"nomarks\">";
 907                                 foreach ($subscribed as $title) {
 908                                         print "<li>$title</li>";
 909                                 }
 910                                 print "</ul>";
 911                                 print "</div>";
 912                         }
 913                 }
 914
 915                 if ($subop == "browse") {
 916
 917                         if (!ENABLE_FEED_BROWSER) {
 918                                 print "Feed browser is administratively disabled.";
 919                                 return;
 920                         }
 921
 922                         print "<div id=\"infoBoxTitle\">Other feeds: Top 25</div>";
 923
 924                         print "<div class=\"infoBoxContents\">";
 925
 926                         print "<p>Showing top 25 registered feeds, sorted by popularity:</p>";
 927
 928 #                       $result = db_query($link, "SELECT feed_url,count(id) AS subscribers
 929 #                               FROM ttrss_feeds
 930 #                               WHERE auth_login = '' AND auth_pass = '' AND private = false
 931 #                               GROUP BY feed_url ORDER BY subscribers DESC LIMIT 25");
 932
 933                         $owner_uid = $_SESSION["uid"];
 934
 935                         $result = db_query($link, "SELECT feed_url,COUNT(id) AS subscribers
 936                                 FROM ttrss_feeds WHERE (SELECT COUNT(id) = 0 FROM ttrss_feeds AS tf
 937                                         WHERE tf.feed_url = ttrss_feeds.feed_url
 938                                                 AND owner_uid = '$owner_uid') GROUP BY feed_url
 939                                                         ORDER BY subscribers DESC LIMIT 25");
 940
 941                         print "<ul class='browseFeedList' id='browseFeedList'>";
 942
 943                         $feedctr = 0;
 944
 945                         while ($line = db_fetch_assoc($result)) {
 946                                 $feed_url = $line["feed_url"];
 947                                 $subscribers = $line["subscribers"];
 948
 949                                 $det_result = db_query($link, "SELECT site_url,title,id
 950                                         FROM ttrss_feeds WHERE feed_url = '$feed_url' LIMIT 1");
 951
 952                                 $details = db_fetch_assoc($det_result);
 953
 954                                 $icon_file = ICONS_DIR . "/" . $details["id"] . ".ico";
 955
 956                                 if (file_exists($icon_file) && filesize($icon_file) > 0) {
 957                                                 $feed_icon = "<img class=\"tinyFeedIcon\"       src=\"" . ICONS_URL .
 958                                                         "/".$details["id"].".ico\">";
 959                                 } else {
 960                                         $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
 961                                 }
 962
 963                                 $check_box = "<input onclick='toggleSelectListRow(this)' class='feedBrowseCB'
 964                                         type=\"checkbox\" id=\"FBCHK-" . $details["id"] . "\">";
 965
 966                                 $class = ($feedctr % 2) ? "even" : "odd";
 967
 968                                 print "<li class='$class' id=\"FBROW-".$details["id"]."\">$check_box".
 969                                         "$feed_icon " . db_unescape_string($details["title"]) .
 970                                         "&nbsp;<span class='subscribers'>($subscribers)</span></li>";
 971
 972                                         ++$feedctr;
 973                         }
 974
 975                         if ($feedctr == 0) {
 976                                 print "<li>No feeds found to subscribe.</li>";
 977                         }
 978
 979                         print "</ul>";
 980
 981                         print "<div align='center'>
 982                                 <input type=\"submit\" class=\"button\"
 983                                 onclick=\"feedBrowserSubscribe()\" value=\"Subscribe\">
 984                                 <input type='submit' class='button'
 985                                 onclick=\"closeInfoBox()\" value=\"Cancel\"></div>";
 986
 987                         print "</div>";
 988                         return;
 989                 }
 990
 991                 if ($subop == "editfeed") {
 992                         $feed_id = db_escape_string($_REQUEST["id"]);
 993
 994                         $result = db_query($link,
 995                                 "SELECT * FROM ttrss_feeds WHERE id = '$feed_id' AND
 996                                         owner_uid = " . $_SESSION["uid"]);
 997
 998                         $title = htmlspecialchars(db_unescape_string(db_fetch_result($result,
 999                                 0, "title")));
1000
1001                         $icon_file = ICONS_DIR . "/$feed_id.ico";
1002
1003                         if (file_exists($icon_file) && filesize($icon_file) > 0) {
1004                                         $feed_icon = "<img width=\"16\" height=\"16\"
1005                                                 src=\"" . ICONS_URL . "/$feed_id.ico\">";
1006                         } else {
1007                                 $feed_icon = "";
1008                         }
1009
1010                         print "<div id=\"infoBoxTitle\">Feed editor</div>";
1011
1012                         print "<div class=\"infoBoxContents\">";
1013
1014                         print "<form id=\"edit_feed_form\">";
1015
1016                         print "<input type=\"hidden\" name=\"id\" value=\"$feed_id\">";
1017                         print "<input type=\"hidden\" name=\"op\" value=\"pref-feeds\">";
1018                         print "<input type=\"hidden\" name=\"subop\" value=\"editSave\">";
1019
1020                         print "<table width='100%'>";
1021
1022                         print "<tr><td>Title:</td>";
1023                         print "<td><input class=\"iedit\" onkeypress=\"return filterCR(event, feedEditSave)\"
1024                                 name=\"title\" value=\"$title\"></td></tr>";
1025
1026                         $feed_url = db_fetch_result($result, 0, "feed_url");
1027                         $feed_url = htmlspecialchars(db_unescape_string(db_fetch_result($result,
1028                                 0, "feed_url")));
1029
1030                         print "<tr><td>Feed URL:</td>";
1031                         print "<td><input class=\"iedit\" onkeypress=\"return filterCR(event, feedEditSave)\"
1032                                 name=\"feed_url\" value=\"$feed_url\"></td></tr>";
1033
1034                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
1035
1036                                 $cat_id = db_fetch_result($result, 0, "cat_id");
1037
1038                                 print "<tr><td>Category:</td>";
1039                                 print "<td>";
1040
1041                                 $parent_feed = db_fetch_result($result, 0, "parent_feed");
1042
1043                                 if (sprintf("%d", $parent_feed) > 0) {
1044                                         $disabled = "disabled";
1045                                 } else {
1046                                         $disabled = "";
1047                                 }
1048
1049                                 print_feed_cat_select($link, "cat_id", $cat_id, "class=\"iedit\" $disabled");
1050
1051                                 print "</td>";
1052                                 print "</td></tr>";
1053
1054                         }
1055
1056                         $update_interval = db_fetch_result($result, 0, "update_interval");
1057
1058                         print "<tr><td>Update Interval:</td>";
1059
1060                         print "<td>";
1061
1062                         print_select_hash("update_interval", $update_interval, $update_intervals,
1063                                 "class=\"iedit\"");
1064
1065                         print "</td>";
1066
1067                         print "<tr><td>Link to:</td><td>";
1068
1069                         $tmp_result = db_query($link, "SELECT COUNT(id) AS count
1070                                 FROM ttrss_feeds WHERE parent_feed = '$feed_id'");
1071
1072                         $linked_count = db_fetch_result($tmp_result, 0, "count");
1073
1074                         $parent_feed = db_fetch_result($result, 0, "parent_feed");
1075
1076                         if ($linked_count > 0) {
1077                                 $disabled = "disabled";
1078                         } else {
1079                                 $disabled = "";
1080                         }
1081
1082                         print "<select class=\"iedit\" $disabled name=\"parent_feed\">";
1083
1084                         print "<option value=\"0\">Not linked</option>";
1085
1086                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
1087                                 if ($cat_id) {
1088                                         $cat_qpart = "AND cat_id = '$cat_id'";
1089                                 } else {
1090                                         $cat_qpart = "AND cat_id IS NULL";
1091                                 }
1092                         }
1093
1094                         $tmp_result = db_query($link, "SELECT id,title FROM ttrss_feeds
1095                                 WHERE id != '$feed_id' AND owner_uid = ".$_SESSION["uid"]." AND
1096                                         (SELECT COUNT(id) FROM ttrss_feeds AS T2 WHERE T2.id = ttrss_feeds.parent_feed) = 0
1097                                         $cat_qpart ORDER BY title");
1098
1099                                 if (db_num_rows($tmp_result) > 0) {
1100                                         print "<option disabled>--------</option>";
1101                                 }
1102
1103                                 while ($tmp_line = db_fetch_assoc($tmp_result)) {
1104                                         if ($tmp_line["id"] == $parent_feed) {
1105                                                 $is_selected = "selected";
1106                                         } else {
1107                                                 $is_selected = "";
1108                                         }
1109                                         printf("<option $is_selected value='%d'>%s</option>",
1110                                                 $tmp_line["id"], $tmp_line["title"]);
1111                                 }
1112
1113                         print "</select>";
1114                         print "</td></tr>";
1115
1116                         $purge_interval = db_fetch_result($result, 0, "purge_interval");
1117
1118                         print "<tr><td>Article purging:</td>";
1119
1120                         print "<td>";
1121
1122                         print_select_hash("purge_interval", $purge_interval, $purge_intervals,
1123                                 "class=\"iedit\"");
1124
1125                         print "</td>";
1126
1127                         $auth_login = escape_for_form(db_fetch_result($result, 0, "auth_login"));
1128
1129                         print "<tr><td>Login:</td>";
1130                         print "<td><input class=\"iedit\" onkeypress=\"return filterCR(event, feedEditSave)\"
1131                                 name=\"auth_login\" value=\"$auth_login\"></td></tr>";
1132
1133                         $auth_pass = escape_for_form(db_fetch_result($result, 0, "auth_pass"));
1134
1135                         print "<tr><td>Password:</td>";
1136                         print "<td><input class=\"iedit\" type=\"password\" name=\"auth_pass\"
1137                                 onkeypress=\"return filterCR(event, feedEditSave)\"
1138                                 value=\"$auth_pass\"></td></tr>";
1139
1140                         $private = sql_bool_to_bool(db_fetch_result($result, 0, "private"));
1141
1142                         if ($private) {
1143                                 $checked = "checked";
1144                         } else {
1145                                 $checked = "";
1146                         }
1147
1148                         print "<tr><td valign='top'>Options:</td>";
1149                         print "<td><input type=\"checkbox\" name=\"private\" id=\"private\"
1150                                 $checked><label for=\"private\">Hide from \"Other Feeds\"</label>";
1151
1152                         $rtl_content = sql_bool_to_bool(db_fetch_result($result, 0, "rtl_content"));
1153
1154                         if ($rtl_content) {
1155                                 $checked = "checked";
1156                         } else {
1157                                 $checked = "";
1158                         }
1159
1160                         print "<br><input type=\"checkbox\" id=\"rtl_content\" name=\"rtl_content\"
1161                                 $checked><label for=\"rtl_content\">Right-to-left content</label>";
1162
1163                         $hidden = sql_bool_to_bool(db_fetch_result($result, 0, "hidden"));
1164
1165                         if ($hidden) {
1166                                 $checked = "checked";
1167                         } else {
1168                                 $checked = "";
1169                         }
1170
1171                         print "<br><input type=\"checkbox\" id=\"hidden\" name=\"hidden\"
1172                                 $checked><label for=\"hidden\">Hide from my feed list</label>";
1173
1174                         $include_in_digest = sql_bool_to_bool(db_fetch_result($result, 0, "include_in_digest"));
1175
1176                         if ($include_in_digest) {
1177                                 $checked = "checked";
1178                         } else {
1179                                 $checked = "";
1180                         }
1181
1182                         print "<br><input type=\"checkbox\" id=\"include_in_digest\"
1183                                 name=\"include_in_digest\"
1184                                 $checked><label for=\"include_in_digest\">Include in e-mail digest</label>";
1185
1186                         print "</td></tr>";
1187
1188                         print "</table>";
1189
1190                         print "</form>";
1191
1192                         print "<div align='right'>
1193                                 <input type=\"submit\" class=\"button\"
1194                                 onclick=\"return feedEditSave()\" value=\"Save\">
1195                                 <input type='submit' class='button'
1196                                 onclick=\"return feedEditCancel()\" value=\"Cancel\"></div>";
1197
1198                         print "</div>";
1199
1200                         return;
1201                 }
1202
1203                 if ($subop == "editSave") {
1204
1205                         $feed_title = db_escape_string(trim($_POST["title"]));
1206                         $feed_link = db_escape_string(trim($_POST["feed_url"]));
1207                         $upd_intl = db_escape_string($_POST["update_interval"]);
1208                         $purge_intl = db_escape_string($_POST["purge_interval"]);
1209                         $feed_id = db_escape_string($_POST["id"]);
1210                         $cat_id = db_escape_string($_POST["cat_id"]);
1211                         $auth_login = db_escape_string(trim($_POST["auth_login"]));
1212                         $auth_pass = db_escape_string(trim($_POST["auth_pass"]));
1213                         $parent_feed = db_escape_string($_POST["parent_feed"]);
1214                         $private = checkbox_to_sql_bool(db_escape_string($_POST["private"]));
1215                         $rtl_content = checkbox_to_sql_bool(db_escape_string($_POST["rtl_content"]));
1216                         $hidden = checkbox_to_sql_bool(db_escape_string($_POST["hidden"]));
1217                         $include_in_digest = checkbox_to_sql_bool(
1218                                 db_escape_string($_POST["include_in_digest"]));
1219
1220                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
1221                                 if ($cat_id && $cat_id != 0) {
1222                                         $category_qpart = "cat_id = '$cat_id',";
1223                                         $category_qpart_nocomma = "cat_id = '$cat_id'";
1224                                 } else {
1225                                         $category_qpart = 'cat_id = NULL,';
1226                                         $category_qpart_nocomma = 'cat_id = NULL';
1227                                 }
1228                         } else {
1229                                 $category_qpart = "";
1230                                 $category_qpart_nocomma = "";
1231                         }
1232
1233                         if ($parent_feed && $parent_feed != 0) {
1234                                 $parent_qpart = "parent_feed = '$parent_feed'";
1235                         } else {
1236                                 $parent_qpart = 'parent_feed = NULL';
1237                         }
1238
1239                         $result = db_query($link, "UPDATE ttrss_feeds SET
1240                                 $category_qpart $parent_qpart,
1241                                 title = '$feed_title', feed_url = '$feed_link',
1242                                 update_interval = '$upd_intl',
1243                                 purge_interval = '$purge_intl',
1244                                 auth_login = '$auth_login',
1245                                 auth_pass = '$auth_pass',
1246                                 private = $private,
1247                                 rtl_content = $rtl_content,
1248                                 hidden = $hidden,
1249                                 include_in_digest = $include_in_digest
1250                                 WHERE id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]);
1251
1252                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
1253                                 # update linked feed categories
1254                                 $result = db_query($link, "UPDATE ttrss_feeds SET
1255                                         $category_qpart_nocomma WHERE parent_feed = '$feed_id' AND
1256                                         owner_uid = " . $_SESSION["uid"]);
1257                         }
1258                 }
1259
1260                 if ($subop == "saveCat") {
1261                         $cat_title = db_escape_string(trim($_GET["title"]));
1262                         $cat_id = db_escape_string($_GET["id"]);
1263
1264                         $result = db_query($link, "UPDATE ttrss_feed_categories SET
1265                                 title = '$cat_title' WHERE id = '$cat_id' AND owner_uid = ".$_SESSION["uid"]);
1266
1267                 }
1268
1269                 if ($subop == "remove") {
1270
1271                         if (!WEB_DEMO_MODE) {
1272
1273                                 $ids = split(",", db_escape_string($_GET["ids"]));
1274
1275                                 foreach ($ids as $id) {
1276
1277                                         if ($id > 0) {
1278
1279                                                 db_query($link, "DELETE FROM ttrss_feeds
1280                                                         WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
1281
1282                                                 $icons_dir = ICONS_DIR;
1283
1284                                                 if (file_exists($icons_dir . "/$id.ico")) {
1285                                                         unlink($icons_dir . "/$id.ico");
1286                                                 }
1287                                         } else if ($id < -10) {
1288
1289                                                 $label_id = -$id - 11;
1290
1291                                                 db_query($link, "DELETE FROM ttrss_labels
1292                                                         WHERE   id = '$label_id' AND owner_uid = " . $_SESSION["uid"]);
1293                                         }
1294                                 }
1295                         }
1296                 }
1297
1298                 if ($subop == "add") {
1299
1300                         if (!WEB_DEMO_MODE) {
1301
1302                                 $feed_url = db_escape_string(trim($_GET["feed_url"]));
1303                                 $cat_id = db_escape_string($_GET["cat_id"]);
1304
1305                                 if (subscribe_to_feed($link, $feed_url, $cat_id)) {
1306                                         print "Added feed.";
1307                                 } else {
1308                                         print "<div class=\"warning\">
1309                                                 Feed <b>$feed_url</b> already exists in the database.
1310                                         </div>";
1311                                 }
1312                         }
1313                 }
1314
1315                 if ($subop == "addCat") {
1316
1317                         if (!WEB_DEMO_MODE) {
1318
1319                                 $feed_cat = db_escape_string(trim($_GET["cat"]));
1320
1321                                 $result = db_query($link,
1322                                         "SELECT id FROM ttrss_feed_categories
1323                                         WHERE title = '$feed_cat' AND owner_uid = ".$_SESSION["uid"]);
1324
1325                                 if (db_num_rows($result) == 0) {
1326
1327                                         $result = db_query($link,
1328                                                 "INSERT INTO ttrss_feed_categories (owner_uid,title)
1329                                                 VALUES ('".$_SESSION["uid"]."', '$feed_cat')");
1330
1331                                 } else {
1332
1333                                         print "<div class=\"warning\">
1334                                                 Category <b>$feed_cat</b> already exists in the database.
1335                                         </div>";
1336                                 }
1337
1338
1339                         }
1340                 }
1341
1342                 if ($subop == "removeCats") {
1343
1344                         if (!WEB_DEMO_MODE) {
1345
1346                                 $ids = split(",", db_escape_string($_GET["ids"]));
1347
1348                                 foreach ($ids as $id) {
1349
1350                                         db_query($link, "BEGIN");
1351
1352                                         $result = db_query($link,
1353                                                 "SELECT count(id) as num_feeds FROM ttrss_feeds
1354                                                         WHERE cat_id = '$id'");
1355
1356                                         $num_feeds = db_fetch_result($result, 0, "num_feeds");
1357
1358                                         if ($num_feeds == 0) {
1359                                                 db_query($link, "DELETE FROM ttrss_feed_categories
1360                                                         WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
1361                                         } else {
1362
1363                                                 print "<div class=\"warning\">
1364                                                         Unable to delete non empty feed categories.</div>";
1365
1366                                         }
1367
1368                                         db_query($link, "COMMIT");
1369                                 }
1370                         }
1371                 }
1372
1373                 if ($subop == "categorize") {
1374
1375                         if (!WEB_DEMO_MODE) {
1376
1377                                 $ids = split(",", db_escape_string($_GET["ids"]));
1378
1379                                 $cat_id = db_escape_string($_GET["cat_id"]);
1380
1381                                 if ($cat_id == 0) {
1382                                         $cat_id_qpart = 'NULL';
1383                                 } else {
1384                                         $cat_id_qpart = "'$cat_id'";
1385                                 }
1386
1387                                 db_query($link, "BEGIN");
1388
1389                                 foreach ($ids as $id) {
1390
1391                                         db_query($link, "UPDATE ttrss_feeds SET cat_id = $cat_id_qpart
1392                                                 WHERE id = '$id' AND parent_feed IS NULL
1393                                                 AND owner_uid = " . $_SESSION["uid"]);
1394
1395                                         # update linked feed categories
1396                                         db_query($link, "UPDATE ttrss_feeds SET
1397                                                 cat_id = $cat_id_qpart WHERE parent_feed = '$id' AND
1398                                                 owner_uid = " . $_SESSION["uid"]);
1399
1400                                 }
1401
1402                                 db_query($link, "COMMIT");
1403                         }
1404
1405                 }
1406
1407                 if ($quiet) return;
1408
1409 //              print "<h3>Edit Feeds</h3>";
1410
1411                 $result = db_query($link, "SELECT id,title,feed_url,last_error
1412                         FROM ttrss_feeds WHERE last_error != '' AND owner_uid = ".$_SESSION["uid"]);
1413
1414                 if (db_num_rows($result) > 0) {
1415
1416                         print "<div class=\"warning\">";
1417
1418 //                      print"<img class=\"closeButton\"
1419 //                              onclick=\"javascript:hideParentElement(this);\" src=\"images/close.png\">";
1420
1421                         print "<a href=\"javascript:showBlockElement('feedUpdateErrors')\">
1422                                 <b>Some feeds have update errors (click for details)</b></a>";
1423
1424                         print "<ul id=\"feedUpdateErrors\" class=\"nomarks\">";
1425
1426                         while ($line = db_fetch_assoc($result)) {
1427                                 print "<li>" . $line["title"] . " (" . $line["feed_url"] . "): " .
1428                                         $line["last_error"];
1429                         }
1430
1431                         print "</ul>";
1432                         print "</div>";
1433
1434                 }
1435
1436                 $feed_search = db_escape_string($_GET["search"]);
1437
1438                 if (array_key_exists("search", $_GET)) {
1439                         $_SESSION["prefs_feed_search"] = $feed_search;
1440                 } else {
1441                         $feed_search = $_SESSION["prefs_feed_search"];
1442                 }
1443
1444                 print "<div class=\"feedEditSearch\">
1445                         <input id=\"feed_search\" size=\"20\"
1446                                 onchange=\"javascript:updateFeedList()\" value=\"$feed_search\">
1447                         <input type=\"submit\" class=\"button\"
1448                                 onclick=\"javascript:updateFeedList()\" value=\"Search\">
1449                         </div>";
1450
1451                 print "<div class=\"prefGenericAddBox\">
1452                         <input id=\"fadd_link\"
1453                                 onkeyup=\"toggleSubmitNotEmpty(this, 'fadd_submit_btn')\"
1454                                 size=\"40\">
1455                         <input type=\"submit\" class=\"button\"
1456                                 disabled=\"true\" id=\"fadd_submit_btn\"
1457                                 onclick=\"addFeed()\" value=\"Subscribe\">";
1458
1459                 if (ENABLE_FEED_BROWSER && !SINGLE_USER_MODE) {
1460                         print " <input type=\"submit\" class=\"button\"
1461                                 onclick=\"javascript:browseFeeds()\" value=\"Top 25\">";
1462                 }
1463
1464                 print "</div>";
1465
1466                 $feeds_sort = db_escape_string($_GET["sort"]);
1467
1468                 if (!$feeds_sort || $feeds_sort == "undefined") {
1469                         $feeds_sort = $_SESSION["pref_sort_feeds"];
1470                         if (!$feeds_sort) $feeds_sort = "title";
1471                 }
1472
1473                 $_SESSION["pref_sort_feeds"] = $feeds_sort;
1474
1475                 if ($feed_search) {
1476                         $search_qpart = "(UPPER(F1.title) LIKE UPPER('%$feed_search%') OR
1477                                 UPPER(F1.feed_url) LIKE UPPER('%$feed_search%')) AND";
1478                 } else {
1479                         $search_qpart = "";
1480                 }
1481
1482                 if (get_pref($link, 'ENABLE_FEED_CATS')) {
1483                         $order_by_qpart = "category,$feeds_sort,title";
1484                 } else {
1485                         $order_by_qpart = "$feeds_sort,title";
1486                 }
1487
1488                 $result = db_query($link, "SELECT
1489                                 F1.id,
1490                                 F1.title,
1491                                 F1.feed_url,
1492                                 substring(F1.last_updated,1,16) AS last_updated,
1493                                 F1.parent_feed,
1494                                 F1.update_interval,
1495                                 F1.purge_interval,
1496                                 F1.cat_id,
1497                                 F2.title AS parent_title,
1498                                 C1.title AS category,
1499                                 F1.hidden,
1500                                 F1.include_in_digest,
1501                                 (SELECT SUBSTRING(MAX(updated),1,16) FROM ttrss_user_entries,
1502                                         ttrss_entries WHERE ref_id = ttrss_entries.id
1503                                         AND feed_id = F1.id) AS last_article
1504                         FROM
1505                                 ttrss_feeds AS F1
1506                                 LEFT JOIN ttrss_feeds AS F2
1507                                         ON (F1.parent_feed = F2.id)
1508                                 LEFT JOIN ttrss_feed_categories AS C1
1509                                         ON (F1.cat_id = C1.id)
1510                         WHERE
1511                                 $search_qpart F1.owner_uid = '".$_SESSION["uid"]."'
1512                         ORDER by $order_by_qpart");
1513
1514                 if (db_num_rows($result) != 0) {
1515
1516 //                      print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
1517
1518                         print "<p><table width=\"100%\" cellspacing=\"0\"
1519                                 class=\"prefFeedList\" id=\"prefFeedList\">";
1520                         print "<tr><td class=\"selectPrompt\" colspan=\"8\">
1521                                 Select:
1522                                         <a href=\"javascript:selectPrefRows('feed', true)\">All</a>,
1523                                         <a href=\"javascript:selectPrefRows('feed', false)\">None</a>
1524                                 </td</tr>";
1525
1526                         if (!get_pref($link, 'ENABLE_FEED_CATS')) {
1527                                 print "<tr class=\"title\">
1528                                         <td width='5%' align='center'>&nbsp;</td>";
1529
1530                                 if (get_pref($link, 'ENABLE_FEED_ICONS')) {
1531                                         print "<td width='3%'>&nbsp;</td>";
1532                                 }
1533
1534                                 print "
1535                                         <td width='35%'><a href=\"javascript:updateFeedList('title')\">Title</a></td>
1536                                         <td width='35%'><a href=\"javascript:updateFeedList('feed_url')\">Feed</a></td>
1537                                         <td width='15%'><a href=\"javascript:updateFeedList('last_article')\">Last&nbsp;Article</a></td>
1538                                         <td width='15%' align='right'><a href=\"javascript:updateFeedList('last_updated')\">Updated</a></td>";
1539                         }
1540
1541                         $lnum = 0;
1542
1543                         $cur_cat_id = -1;
1544
1545                         while ($line = db_fetch_assoc($result)) {
1546
1547                                 $feed_id = $line["id"];
1548                                 $cat_id = $line["cat_id"];
1549
1550                                 $edit_title = htmlspecialchars(db_unescape_string($line["title"]));
1551                                 $edit_link = htmlspecialchars(db_unescape_string($line["feed_url"]));
1552                                 $edit_cat = htmlspecialchars(db_unescape_string($line["category"]));
1553
1554                                 $hidden = sql_bool_to_bool($line["hidden"]);
1555
1556                                 if (!$edit_cat) $edit_cat = "Uncategorized";
1557
1558                                 $last_updated = $line["last_updated"];
1559
1560                                 if (get_pref($link, 'HEADLINES_SMART_DATE')) {
1561                                         $last_updated = smart_date_time(strtotime($last_updated));
1562                                 } else {
1563                                         $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
1564                                         $last_updated = date($short_date, strtotime($last_updated));
1565                                 }
1566
1567                                 $last_article = $line["last_article"];
1568
1569                                 if (get_pref($link, 'HEADLINES_SMART_DATE')) {
1570                                         $last_article = smart_date_time(strtotime($last_article));
1571                                 } else {
1572                                         $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
1573                                         $last_article = date($short_date, strtotime($last_article));
1574                                 }
1575
1576                                 if (get_pref($link, 'ENABLE_FEED_CATS') && $cur_cat_id != $cat_id) {
1577                                         $lnum = 0;
1578
1579                                         print "<tr><td colspan=\"6\" class=\"feedEditCat\">$edit_cat</td></tr>";
1580
1581                                         print "<tr class=\"title\">
1582                                                 <td width='5%'>&nbsp;</td>";
1583
1584                                         if (get_pref($link, 'ENABLE_FEED_ICONS')) {
1585                                                 print "<td width='3%'>&nbsp;</td>";
1586                                         }
1587
1588                                         print "<td width='35%'><a href=\"javascript:updateFeedList('title')\">Title</a></td>
1589                                                 <td width='35%'><a href=\"javascript:updateFeedList('feed_url')\">Feed</a></td>
1590                                                 <td width='15%'><a href=\"javascript:updateFeedList('last_article')\">Last&nbsp;Article</a></td>
1591                                                 <td width='15%' align='right'><a href=\"javascript:updateFeedList('last_updated')\">Updated</a></td>";
1592
1593                                         $cur_cat_id = $cat_id;
1594                                 }
1595
1596                                 $class = ($lnum % 2) ? "even" : "odd";
1597                                 $this_row_id = "id=\"FEEDR-$feed_id\"";
1598
1599                                 print "<tr class=\"$class\" $this_row_id>";
1600
1601                                 $icon_file = ICONS_DIR . "/$feed_id.ico";
1602
1603                                 if (file_exists($icon_file) && filesize($icon_file) > 0) {
1604                                                 $feed_icon = "<img class=\"tinyFeedIcon\"       src=\"" . ICONS_URL . "/$feed_id.ico\">";
1605                                 } else {
1606                                         $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
1607                                 }
1608
1609                                 print "<td class='feedSelect'><input onclick='toggleSelectPrefRow(this, \"feed\");'
1610                                 type=\"checkbox\" id=\"FRCHK-".$line["id"]."\"></td>";
1611
1612                                 if (get_pref($link, 'ENABLE_FEED_ICONS')) {
1613                                         print "<td class='feedIcon'>$feed_icon</td>";
1614                                 }
1615
1616                                 $edit_title = truncate_string($edit_title, 40);
1617                                 $edit_link = truncate_string($edit_link, 60);
1618
1619                                 if ($hidden) {
1620                                         $edit_title = "<span class=\"insensitive\">$edit_title (Hidden)</span>";
1621                                         $edit_link = "<span class=\"insensitive\">$edit_link</span>";
1622                                         $last_updated = "<span class=\"insensitive\">$last_updated</span>";
1623                                         $last_article = "<span class=\"insensitive\">$last_article</span>";
1624                                 }
1625
1626                                 $parent_title = $line["parent_title"];
1627                                 if ($parent_title) {
1628                                         $parent_title = "<span class='groupPrompt'>(linked to
1629                                                 $parent_title)</span>";
1630                                 }
1631
1632                                 print "<td><a href=\"javascript:editFeed($feed_id);\">" .
1633                                         "$edit_title $parent_title" . "</a></td>";
1634
1635                                 print "<td><a href=\"javascript:editFeed($feed_id);\">" .
1636                                         $edit_link . "</a></td>";
1637
1638                                 print "<td><a href=\"javascript:editFeed($feed_id);\">" .
1639                                         "$last_article</a></td>";
1640
1641                                 print "<td align='right'><a href=\"javascript:editFeed($feed_id);\">" .
1642                                         "$last_updated</a></td>";
1643
1644                                 print "</tr>";
1645
1646                                 ++$lnum;
1647                         }
1648
1649                         print "</table>";
1650
1651                         print "<p><span id=\"feedOpToolbar\">";
1652
1653                         if ($subop == "edit") {
1654                                 print "Edit feed:&nbsp;
1655                                         <input type=\"submit\" class=\"button\"
1656                                                 onclick=\"javascript:feedEditCancel()\" value=\"Cancel\">
1657                                         <input type=\"submit\" class=\"button\"
1658                                                 onclick=\"javascript:feedEditSave()\" value=\"Save\">";
1659                         } else {
1660
1661                                 print "
1662                                         Selection:&nbsp;
1663                                 <input type=\"submit\" class=\"button\" disabled=\"true\"
1664                                         onclick=\"javascript:editSelectedFeed()\" value=\"Edit\">
1665                                 <input type=\"submit\" class=\"button\" disabled=\"true\"
1666                                         onclick=\"javascript:removeSelectedFeeds()\" value=\"Unsubscribe\">";
1667
1668                                 if (get_pref($link, 'ENABLE_FEED_CATS')) {
1669
1670                                         print "&nbsp;|&nbsp;";
1671
1672                                         print_feed_cat_select($link, "sfeed_set_fcat", "", "disabled");
1673
1674                                         print " <input type=\"submit\" class=\"button\" disabled=\"true\"
1675                                         onclick=\"javascript:categorizeSelectedFeeds()\" value=\"Recategorize\">";
1676
1677                                 }
1678
1679                                 print "</span>
1680                                         &nbsp;All feeds: <input type=\"submit\"
1681                                                         class=\"button\" onclick=\"gotoExportOpml()\"
1682                                                         value=\"Export OPML\">";
1683                                 }
1684                 } else {
1685
1686                         print "<p>No feeds defined.</p>";
1687
1688                 }
1689
1690                 if (get_pref($link, 'ENABLE_FEED_CATS')) {
1691
1692                         print "<h3>Edit Categories</h3>";
1693
1694                         print "<div class=\"prefGenericAddBox\">
1695                                 <input id=\"fadd_cat\"
1696                                         onkeyup=\"toggleSubmitNotEmpty(this, 'catadd_submit_btn')\"
1697                                         size=\"40\">&nbsp;
1698                                 <input
1699                                         type=\"submit\" class=\"button\" disabled=\"true\" id=\"catadd_submit_btn\"
1700                                         onclick=\"javascript:addFeedCat()\" value=\"Create category\"></div>";
1701
1702                         $result = db_query($link, "SELECT title,id FROM ttrss_feed_categories
1703                                 WHERE owner_uid = ".$_SESSION["uid"]."
1704                                 ORDER BY title");
1705
1706                         if (db_num_rows($result) != 0) {
1707
1708                                 print "<form id=\"feed_cat_edit_form\">";
1709
1710                                 print "<p><table width=\"100%\" class=\"prefFeedCatList\"
1711                                         cellspacing=\"0\" id=\"prefFeedCatList\">";
1712
1713                                 print "<tr><td class=\"selectPrompt\" colspan=\"8\">
1714                                 Select:
1715                                         <a href=\"javascript:selectPrefRows('fcat', true)\">All</a>,
1716                                         <a href=\"javascript:selectPrefRows('fcat', false)\">None</a>
1717                                 </td</tr>";
1718
1719                                 print "<tr class=\"title\">
1720                                                         <td width=\"5%\">&nbsp;</td><td width=\"80%\">Title</td>
1721                                                 </tr>";
1722
1723                                 $lnum = 0;
1724
1725                                 while ($line = db_fetch_assoc($result)) {
1726
1727                                         $class = ($lnum % 2) ? "even" : "odd";
1728
1729                                         $cat_id = $line["id"];
1730
1731                                         $edit_cat_id = $_GET["id"];
1732
1733                                         if ($subop == "editCat" && $cat_id != $edit_cat_id) {
1734                                                         $class .= "Grayed";
1735                                                         $this_row_id = "";
1736                                         } else {
1737                                                 $this_row_id = "id=\"FCATR-$cat_id\"";
1738                                         }
1739
1740                                         print "<tr class=\"$class\" $this_row_id>";
1741
1742                                         $edit_title = htmlspecialchars(db_unescape_string($line["title"]));
1743
1744                                         if (!$edit_cat_id || $subop != "editCat") {
1745
1746                                                 print "<td align='center'><input onclick='toggleSelectPrefRow(this, \"fcat\");'
1747                                                         type=\"checkbox\" id=\"FCCHK-".$line["id"]."\"></td>";
1748
1749                                                 print "<td><a href=\"javascript:editFeedCat($cat_id);\">" .
1750                                                         $edit_title . "</a></td>";
1751
1752                                         } else if ($cat_id != $edit_cat_id) {
1753
1754                                                 print "<td align='center'><input disabled=\"true\" type=\"checkbox\"
1755                                                         id=\"FRCHK-".$line["id"]."\"></td>";
1756
1757                                                 print "<td>$edit_title</td>";
1758
1759                                         } else {
1760
1761                                                 print "<td align='center'><input disabled=\"true\" type=\"checkbox\" checked>";
1762
1763                                                 print "<input type=\"hidden\" name=\"id\" value=\"$cat_id\">";
1764                                                 print "<input type=\"hidden\" name=\"op\" value=\"pref-feeds\">";
1765                                                 print "<input type=\"hidden\" name=\"subop\" value=\"saveCat\">";
1766
1767                                                 print "</td>";
1768
1769                                                 print "<td><input onkeypress=\"return filterCR(event)\"
1770                                                         name=\"title\" class=\"iedit\" value=\"$edit_title\"></td>";
1771
1772                                         }
1773
1774                                         print "</tr>";
1775
1776                                         ++$lnum;
1777                                 }
1778
1779                                 print "</table>";
1780
1781                                 print "</form>";
1782
1783                                 print "<p id=\"catOpToolbar\">";
1784
1785                                 if ($subop == "editCat") {
1786                                         print "Edit category:&nbsp;
1787                                                 <input type=\"submit\" class=\"button\"
1788                                                         onclick=\"return feedCatEditSave()\" value=\"Save\">
1789                                                 <input type=\"submit\" class=\"button\"
1790                                                         onclick=\"return feedCatEditCancel()\" value=\"Cancel\">";
1791                                         } else {
1792
1793                                         print "
1794                                                 Selection:&nbsp;
1795                                         <input type=\"submit\" class=\"button\" disabled=\"true\"
1796                                                 onclick=\"return editSelectedFeedCat()\" value=\"Edit\">
1797                                         <input type=\"submit\" class=\"button\" disabled=\"true\"
1798                                                 onclick=\"return removeSelectedFeedCats()\" value=\"Remove\">";
1799
1800                                 }
1801
1802                         } else {
1803                                 print "<p>No feed categories defined.</p>";
1804                         }
1805                 }
1806
1807                 print "<h3>Import OPML</h3>
1808                 <form   enctype=\"multipart/form-data\" method=\"POST\" action=\"opml.php\">
1809                         File: <input id=\"opml_file\" name=\"opml_file\" type=\"file\">&nbsp;
1810                         <input class=\"button\" name=\"op\" onclick=\"return validateOpmlImport();\"
1811                                 type=\"submit\" value=\"Import\">
1812                         </form>";
1813
1814         }
1815
1816         if ($op == "pref-filters") {
1817
1818                 $subop = $_GET["subop"];
1819                 $quiet = $_GET["quiet"];
1820
1821                 if ($subop == "edit") {
1822
1823                         $filter_id = db_escape_string($_GET["id"]);
1824
1825                         $result = db_query($link,
1826                                 "SELECT * FROM ttrss_filters WHERE id = '$filter_id' AND owner_uid = " . $_SESSION["uid"]);
1827
1828                         $reg_exp = htmlspecialchars(db_unescape_string(db_fetch_result($result, 0, "reg_exp")));
1829                         $filter_type = db_fetch_result($result, 0, "filter_type");
1830                         $feed_id = db_fetch_result($result, 0, "feed_id");
1831                         $action_id = db_fetch_result($result, 0, "action_id");
1832
1833                         $enabled = sql_bool_to_bool(db_fetch_result($result, 0, "enabled"));
1834
1835                         print "<div id=\"infoBoxTitle\">Filter editor</div>";
1836                         print "<div class=\"infoBoxContents\">";
1837
1838                         print "<form id=\"filter_edit_form\">";
1839
1840                         print "<input type=\"hidden\" name=\"op\" value=\"pref-filters\">";
1841                         print "<input type=\"hidden\" name=\"id\" value=\"$filter_id\">";
1842                         print "<input type=\"hidden\" name=\"subop\" value=\"editSave\">";
1843
1844 //                      print "<div class=\"notice\"><b>Note:</b> filter will only apply to new articles.</div>";
1845
1846                         $result = db_query($link, "SELECT id,description
1847                                 FROM ttrss_filter_types ORDER BY description");
1848
1849                         $filter_types = array();
1850
1851                         while ($line = db_fetch_assoc($result)) {
1852                                 //array_push($filter_types, $line["description"]);
1853                                 $filter_types[$line["id"]] = $line["description"];
1854                         }
1855
1856                         print "<table width='100%'>";
1857
1858                         print "<tr><td>Match:</td>
1859                                 <td><input onkeypress=\"return filterCR(event, filterEditSave)\"
1860                                          onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
1861                                         name=\"reg_exp\" class=\"iedit\" value=\"$reg_exp\">";
1862
1863                         print "</td><td>";
1864
1865                         print_select_hash("filter_type", $filter_type, $filter_types, "class=\"iedit\"");
1866
1867                         print "</td></tr>";
1868                         print "<tr><td>Feed:</td><td colspan='2'>";
1869
1870                         print_feed_select($link, "feed_id", $feed_id);
1871
1872                         print "</td></tr>";
1873
1874                         print "<tr><td>Action:</td>";
1875
1876                         print "<td colspan='2'><select name=\"action_id\">";
1877
1878                         $result = db_query($link, "SELECT id,description FROM ttrss_filter_actions
1879                                 ORDER BY name");
1880
1881                         while ($line = db_fetch_assoc($result)) {
1882                                 $is_sel = ($line["id"] == $action_id) ? "selected" : "";
1883                                 printf("<option value='%d' $is_sel>%s</option>", $line["id"], $line["description"]);
1884                         }
1885
1886                         print "</select>";
1887
1888                         print "</td></tr>";
1889
1890                         if ($enabled) {
1891                                 $checked = "checked";
1892                         } else {
1893                                 $checked = "";
1894                         }
1895
1896                         print "<tr><td>Options:</td><td>
1897                                         <input type=\"checkbox\" name=\"enabled\" id=\"enabled\" $checked>
1898                                         <label for=\"enabled\">Enabled</label>";
1899
1900                         print "</td></tr></table>";
1901
1902                         print "</form>";
1903
1904                         print "<div align='right'>";
1905
1906                         print "<input type=\"submit\"
1907                                 id=\"infobox_submit\"
1908                                 class=\"button\" onclick=\"return filterEditSave()\"
1909                                 value=\"Save\"> ";
1910
1911                         print "<input class=\"button\"
1912                                 type=\"submit\" onclick=\"return filterEditCancel()\"
1913                                 value=\"Cancel\">";
1914
1915                         print "</div>";
1916
1917                         return;
1918                 }
1919
1920
1921                 if ($subop == "editSave") {
1922
1923                         $reg_exp = db_escape_string(trim($_GET["reg_exp"]));
1924                         $filter_type = db_escape_string(trim($_GET["filter_type"]));
1925                         $filter_id = db_escape_string($_GET["id"]);
1926                         $feed_id = db_escape_string($_GET["feed_id"]);
1927                         $action_id = db_escape_string($_GET["action_id"]);
1928                         $enabled = checkbox_to_sql_bool(db_escape_string($_GET["enabled"]));
1929
1930                         if (!$feed_id) {
1931                                 $feed_id = 'NULL';
1932                         } else {
1933                                 $feed_id = sprintf("'%s'", db_escape_string($feed_id));
1934                         }
1935
1936                         $result = db_query($link, "UPDATE ttrss_filters SET
1937                                         reg_exp = '$reg_exp',
1938                                         feed_id = $feed_id,
1939                                         action_id = '$action_id',
1940                                         filter_type = '$filter_type',
1941                                         enabled = $enabled
1942                                 WHERE id = '$filter_id' AND owner_uid = " . $_SESSION["uid"]);
1943                 }
1944
1945                 if ($subop == "remove") {
1946
1947                         if (!WEB_DEMO_MODE) {
1948
1949                                 $ids = split(",", db_escape_string($_GET["ids"]));
1950
1951                                 foreach ($ids as $id) {
1952                                         db_query($link, "DELETE FROM ttrss_filters WHERE id = '$id' AND owner_uid = ". $_SESSION["uid"]);
1953
1954                                 }
1955                         }
1956                 }
1957
1958                 if ($subop == "add") {
1959
1960                         if (!WEB_DEMO_MODE) {
1961
1962                                 $regexp = db_escape_string(trim($_GET["reg_exp"]));
1963                                 $filter_type = db_escape_string(trim($_GET["filter_type"]));
1964                                 $feed_id = db_escape_string($_GET["feed_id"]);
1965                                 $action_id = db_escape_string($_GET["action_id"]);
1966
1967                                 if (!$regexp) return;
1968
1969                                 if (!$feed_id) {
1970                                         $feed_id = 'NULL';
1971                                 } else {
1972                                         $feed_id = sprintf("'%s'", db_escape_string($feed_id));
1973                                 }
1974
1975                                 $result = db_query($link,
1976                                         "INSERT INTO ttrss_filters (reg_exp,filter_type,owner_uid,feed_id,
1977                                                 action_id)
1978                                         VALUES
1979                                                 ('$regexp', '$filter_type','".$_SESSION["uid"]."',
1980                                                         $feed_id, '$action_id')");
1981                         }
1982                 }
1983
1984                 if ($quiet) return;
1985
1986                 $sort = db_escape_string($_GET["sort"]);
1987
1988                 if (!$sort || $sort == "undefined") {
1989                         $sort = "reg_exp";
1990                 }
1991
1992 //              print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
1993
1994                 $result = db_query($link, "SELECT id,description
1995                         FROM ttrss_filter_types ORDER BY description");
1996
1997                 $filter_types = array();
1998
1999                 while ($line = db_fetch_assoc($result)) {
2000                         //array_push($filter_types, $line["description"]);
2001                         $filter_types[$line["id"]] = $line["description"];
2002                 }
2003
2004                 print "<input type=\"submit\"
2005                         class=\"button\"
2006                         onclick=\"return displayDlg('quickAddFilter', false)\"
2007                         id=\"create_filter_btn\"
2008                         value=\"Create filter\">";
2009
2010                 $result = db_query($link, "SELECT
2011                                 ttrss_filters.id AS id,reg_exp,
2012                                 ttrss_filter_types.name AS filter_type_name,
2013                                 ttrss_filter_types.description AS filter_type_descr,
2014                                 enabled,
2015                                 feed_id,
2016                                 ttrss_filter_actions.description AS action_description,
2017                                 ttrss_feeds.title AS feed_title
2018                         FROM
2019                                 ttrss_filter_types,ttrss_filter_actions,ttrss_filters LEFT JOIN
2020                                         ttrss_feeds ON (ttrss_filters.feed_id = ttrss_feeds.id)
2021                         WHERE
2022                                 filter_type = ttrss_filter_types.id AND
2023                                 ttrss_filter_actions.id = action_id AND
2024                                 ttrss_filters.owner_uid = ".$_SESSION["uid"]."
2025                         ORDER by $sort");
2026
2027                 if (db_num_rows($result) != 0) {
2028
2029                         print "<form id=\"filter_edit_form\">";
2030
2031                         print "<p><table width=\"100%\" cellspacing=\"0\" class=\"prefFilterList\"
2032                                 id=\"prefFilterList\">";
2033
2034                         print "<tr><td class=\"selectPrompt\" colspan=\"8\">
2035                                 Select:
2036                                         <a href=\"javascript:selectPrefRows('filter', true)\">All</a>,
2037                                         <a href=\"javascript:selectPrefRows('filter', false)\">None</a>
2038                                 </td</tr>";
2039
2040                         print "<tr class=\"title\">
2041                                                 <td align='center' width=\"5%\">&nbsp;</td>
2042                                                 <td width=\"20%\"><a href=\"javascript:updateFilterList('reg_exp')\">Filter expression</a></td>
2043                                                 <td width=\"20%\"><a href=\"javascript:updateFilterList('feed_title')\">Feed</a></td>
2044                                                 <td width=\"15%\"><a href=\"javascript:updateFilterList('filter_type')\">Match</a></td>
2045                                                 <td width=\"15%\"><a href=\"javascript:updateFilterList('action_description')\">Action</a></td>";
2046
2047                         $lnum = 0;
2048
2049                         while ($line = db_fetch_assoc($result)) {
2050
2051                                 $class = ($lnum % 2) ? "even" : "odd";
2052
2053                                 $filter_id = $line["id"];
2054                                 $edit_filter_id = $_GET["id"];
2055
2056                                 $enabled = sql_bool_to_bool($line["enabled"]);
2057
2058                                 if ($subop == "edit" && $filter_id != $edit_filter_id) {
2059                                         $class .= "Grayed";
2060                                         $this_row_id = "";
2061                                 } else {
2062                                         $this_row_id = "id=\"FILRR-$filter_id\"";
2063                                 }
2064
2065                                 print "<tr class=\"$class\" $this_row_id>";
2066
2067                                 $line["reg_exp"] = htmlspecialchars(db_unescape_string($line["reg_exp"]));
2068
2069                                 if (!$line["feed_title"]) $line["feed_title"] = "All feeds";
2070
2071                                 $line["feed_title"] = htmlspecialchars(db_unescape_string($line["feed_title"]));
2072
2073                                 print "<td align='center'><input onclick='toggleSelectPrefRow(this, \"filter\");'
2074                                         type=\"checkbox\" id=\"FICHK-".$line["id"]."\"></td>";
2075
2076                                 if (!$enabled) {
2077                                         $line["reg_exp"] = "<span class=\"insensitive\">" .
2078                                                 $line["reg_exp"] . " (Disabled)</span>";
2079                                         $line["feed_title"] = "<span class=\"insensitive\">" .
2080                                                 $line["feed_title"] . "</span>";
2081                                         $line["filter_type_descr"] = "<span class=\"insensitive\">" .
2082                                                 $line["filter_type_descr"] . "</span>";
2083                                         $line["action_description"] = "<span class=\"insensitive\">" .
2084                                                 $line["action_description"] . "</span>";
2085                                 }
2086
2087                                 print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2088                                         $line["reg_exp"] . "</td>";
2089
2090                                 print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2091                                         $line["feed_title"] . "</td>";
2092
2093                                 print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2094                                         $line["filter_type_descr"] . "</td>";
2095
2096                                 print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2097                                         $line["action_description"] . "</td>";
2098
2099                                 print "</tr>";
2100
2101                                 ++$lnum;
2102                         }
2103
2104                         if ($lnum == 0) {
2105                                 print "<tr><td colspan=\"4\" align=\"center\">No filters defined.</td></tr>";
2106                         }
2107
2108                         print "</table>";
2109
2110                         print "</form>";
2111
2112                         print "<p id=\"filterOpToolbar\">";
2113
2114                         print "
2115                                         Selection:
2116                                 <input type=\"submit\" class=\"button\" disabled=\"true\"
2117                                         onclick=\"return editSelectedFilter()\" value=\"Edit\">
2118                                 <input type=\"submit\" class=\"button\" disabled=\"true\"
2119                                         onclick=\"return removeSelectedFilters()\" value=\"Remove\">";
2120
2121                         print "</p>";
2122
2123                 } else {
2124
2125                         print "<p>No filters defined.</p>";
2126
2127                 }
2128         }
2129
2130         // We need to accept raw SQL data in label queries, so not everything is escaped
2131         // here, this is by design. If you don't like the whole idea, disable labels
2132         // altogether with GLOBAL_ENABLE_LABELS = false
2133
2134         if ($op == "pref-labels") {
2135
2136                 if (!GLOBAL_ENABLE_LABELS) {
2137
2138                         print "<p>Sorry, labels have been administratively disabled for this installation. Please contact instance owner or edit configuration file to enable this functionality.</p>";
2139                         return;
2140                 }
2141
2142                 $subop = $_GET["subop"];
2143
2144                 if ($subop == "edit") {
2145
2146                         $label_id = db_escape_string($_GET["id"]);
2147
2148                         $result = db_query($link, "SELECT sql_exp,description   FROM ttrss_labels WHERE
2149                                 owner_uid = ".$_SESSION["uid"]." AND id = '$label_id' ORDER by description");
2150
2151                         $line = db_fetch_assoc($result);
2152
2153                         $sql_exp = htmlspecialchars(db_unescape_string($line["sql_exp"]));
2154                         $description = htmlspecialchars(db_unescape_string($line["description"]));
2155
2156                         print "<div id=\"infoBoxTitle\">Label editor</div>";
2157                         print "<div class=\"infoBoxContents\">";
2158
2159                         print "<form id=\"label_edit_form\">";
2160
2161                         print "<input type=\"hidden\" name=\"op\" value=\"pref-labels\">";
2162                         print "<input type=\"hidden\" name=\"id\" value=\"$label_id\">";
2163                         print "<input type=\"hidden\" name=\"subop\" value=\"editSave\">";
2164
2165                         print "<table width='100%'>";
2166
2167                         print "<tr><td>Caption:</td>
2168                                 <td><input onkeypress=\"return filterCR(event, labelEditSave)\"
2169                                          onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
2170                                          name=\"description\" class=\"iedit\" value=\"$description\">";
2171
2172                         print "</td></tr>";
2173
2174                         print "<tr><td colspan=\"2\">
2175                                 <p>SQL Expression:</p>";
2176
2177                         print "<textarea onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
2178                                          rows=\"4\" name=\"sql_exp\" class=\"iedit\">$sql_exp</textarea>";
2179
2180                         print "</td></tr></table>";
2181
2182                         print "</form>";
2183
2184                         print "<div style=\"display : none\" id=\"label_test_result\"></div>";
2185
2186                         print "<div align='right'>";
2187
2188                         $is_disabled = (strpos($_SERVER['HTTP_USER_AGENT'], 'Opera') !== FALSE) ? "disabled" : "";
2189
2190                         print "<input $is_disabled type=\"submit\" onclick=\"return labelTest()\" value=\"Test\">
2191                                 ";
2192
2193                         print "<input type=\"submit\"
2194                                 id=\"infobox_submit\"
2195                                 class=\"button\" onclick=\"return labelEditSave()\"
2196                                 value=\"Save\"> ";
2197
2198                         print "<input class=\"button\"
2199                                 type=\"submit\" onclick=\"return labelEditCancel()\"
2200                                 value=\"Cancel\">";
2201
2202                         print "</div>";
2203
2204                         return;
2205                 }
2206
2207                 if ($subop == "test") {
2208
2209                         $expr = db_unescape_string(trim($_GET["expr"]));
2210                         $descr = db_unescape_string(trim($_GET["descr"]));
2211
2212                         print "<div>";
2213
2214                         error_reporting(0);
2215
2216
2217                         $result = db_query($link,
2218                                 "SELECT count(ttrss_entries.id) AS num_matches
2219                                         FROM ttrss_entries,ttrss_user_entries,ttrss_feeds
2220                                         WHERE ($expr) AND
2221                                                 ttrss_user_entries.ref_id = ttrss_entries.id AND
2222                                                 ttrss_user_entries.feed_id = ttrss_feeds.id AND
2223                                                 ttrss_user_entries.owner_uid = " . $_SESSION["uid"], false);
2224
2225                         error_reporting (DEFAULT_ERROR_LEVEL);
2226
2227                         if (!$result) {
2228                                 print "<p>" . db_last_error($link) . "</p>";
2229                                 print "</div>";
2230                                 return;
2231                         }
2232
2233                         $num_matches = db_fetch_result($result, 0, "num_matches");;
2234
2235                         if ($num_matches > 0) {
2236
2237                                 if ($num_matches > 10) {
2238                                         $showing_msg = ", showing first 10";
2239                                 }
2240
2241                                 print "<p>Query returned <b>$num_matches</b> matches$showing_msg:</p>";
2242
2243                                 $result = db_query($link,
2244                                         "SELECT ttrss_entries.title,
2245                                                 (SELECT title FROM ttrss_feeds WHERE id = feed_id) AS feed_title
2246                                         FROM ttrss_entries,ttrss_user_entries,ttrss_feeds
2247                                                         WHERE ($expr) AND
2248                                                         ttrss_user_entries.ref_id = ttrss_entries.id
2249                                                         AND ttrss_user_entries.feed_id = ttrss_feeds.id
2250                                                         AND ttrss_user_entries.owner_uid = " . $_SESSION["uid"] . "
2251                                                         ORDER BY date_entered DESC LIMIT 10", false);
2252
2253                                 print "<ul class=\"labelTestResults\">";
2254
2255                                 $row_class = "even";
2256
2257                                 while ($line = db_fetch_assoc($result)) {
2258                                         $row_class = toggleEvenOdd($row_class);
2259
2260                                         print "<li class=\"$row_class\">".$line["title"].
2261                                                 " <span class=\"insensitive\">(".$line["feed_title"].")</span></li>";
2262                                 }
2263                                 print "</ul>";
2264
2265                         } else {
2266                                 print "<p>Query didn't return any matches.</p>";
2267                         }
2268
2269                         print "</div>";
2270
2271                         return;
2272                 }
2273
2274                 if ($subop == "editSave") {
2275
2276                         $sql_exp = trim($_GET["sql_exp"]);
2277                         $descr = db_escape_string(trim($_GET["description"]));
2278                         $label_id = db_escape_string($_GET["id"]);
2279
2280                         $result = db_query($link, "UPDATE ttrss_labels SET
2281                                 sql_exp = '$sql_exp',
2282                                 description = '$descr'
2283                                 WHERE id = '$label_id'");
2284                 }
2285
2286                 if ($subop == "remove") {
2287
2288                         if (!WEB_DEMO_MODE) {
2289
2290                                 $ids = split(",", db_escape_string($_GET["ids"]));
2291
2292                                 foreach ($ids as $id) {
2293                                         db_query($link, "DELETE FROM ttrss_labels WHERE id = '$id'");
2294
2295                                 }
2296                         }
2297                 }
2298
2299                 if ($subop == "add") {
2300
2301                         if (!WEB_DEMO_MODE) {
2302
2303                                 // no escaping is done here on purpose
2304                                 $sql_exp = trim($_GET["sql_exp"]);
2305                                 $description = db_escape_string($_GET["description"]);
2306
2307                                 if (!$sql_exp || !$description) return;
2308
2309                                 $result = db_query($link,
2310                                         "INSERT INTO ttrss_labels (sql_exp,description,owner_uid)
2311                                                 VALUES ('$sql_exp', '$description', '".$_SESSION["uid"]."')");
2312                         }
2313                 }
2314
2315                 $sort = db_escape_string($_GET["sort"]);
2316
2317                 if (!$sort || $sort == "undefined") {
2318                         $sort = "description";
2319                 }
2320
2321                 print "<div class=\"prefGenericAddBox\">";
2322
2323                 print"<input type=\"submit\" class=\"button\"
2324                         id=\"label_create_btn\"
2325                         onclick=\"return displayDlg('quickAddLabel', false)\"
2326                         value=\"Create label\"></div>";
2327
2328                 $result = db_query($link, "SELECT
2329                                 id,sql_exp,description
2330                         FROM
2331                                 ttrss_labels
2332                         WHERE
2333                                 owner_uid = ".$_SESSION["uid"]."
2334                         ORDER BY $sort");
2335
2336 //              print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
2337
2338                 if (db_num_rows($result) != 0) {
2339
2340                         print "<form id=\"label_edit_form\">";
2341
2342                         print "<p><table width=\"100%\" cellspacing=\"0\"
2343                                 class=\"prefLabelList\" id=\"prefLabelList\">";
2344
2345                         print "<tr><td class=\"selectPrompt\" colspan=\"8\">
2346                                 Select:
2347                                         <a href=\"javascript:selectPrefRows('label', true)\">All</a>,
2348                                         <a href=\"javascript:selectPrefRows('label', false)\">None</a>
2349                                 </td</tr>";
2350
2351                         print "<tr class=\"title\">
2352                                                 <td width=\"5%\">&nbsp;</td>
2353                                                 <td width=\"30%\"><a href=\"javascript:updateLabelList('description')\">Caption</a></td>
2354                                                 <td width=\"50%\"><a href=\"javascript:updateLabelList('sql_exp')\">SQL Expression</a>
2355                                                 <a class=\"helpLink\" href=\"javascript:displayHelpInfobox(1)\">(?)</a>
2356                                                 </td>
2357                                                 </tr>";
2358
2359                         $lnum = 0;
2360
2361                         while ($line = db_fetch_assoc($result)) {
2362
2363                                 $class = ($lnum % 2) ? "even" : "odd";
2364
2365                                 $label_id = $line["id"];
2366                                 $edit_label_id = $_GET["id"];
2367
2368                                 if ($subop == "edit" && $label_id != $edit_label_id) {
2369                                         $class .= "Grayed";
2370                                         $this_row_id = "";
2371                                 } else {
2372                                         $this_row_id = "id=\"LILRR-$label_id\"";
2373                                 }
2374
2375                                 print "<tr class=\"$class\" $this_row_id>";
2376
2377                                 $line["sql_exp"] = htmlspecialchars(db_unescape_string($line["sql_exp"]));
2378                                 $line["description"] = htmlspecialchars(
2379                                                 db_unescape_string($line["description"]));
2380
2381                                 if (!$line["description"]) $line["description"] = "[No caption]";
2382
2383                                 print "<td align='center'><input onclick='toggleSelectPrefRow(this, \"label\");'
2384                                         type=\"checkbox\" id=\"LICHK-".$line["id"]."\"></td>";
2385
2386                                 print "<td><a href=\"javascript:editLabel($label_id);\">" .
2387                                         $line["description"] . "</td>";
2388
2389                                 print "<td><a href=\"javascript:editLabel($label_id);\">" .
2390                                         $line["sql_exp"] . "</td>";
2391
2392                                 print "</tr>";
2393
2394                                 ++$lnum;
2395                         }
2396
2397                         if ($lnum == 0) {
2398                                 print "<tr><td colspan=\"4\" align=\"center\">No labels defined.</td></tr>";
2399                         }
2400
2401                         print "</table>";
2402
2403                         print "</form>";
2404
2405                         print "<p id=\"labelOpToolbar\">";
2406
2407                         print "
2408                                         Selection:
2409                                 <input type=\"submit\" class=\"button\" disabled=\"true\"
2410                                         onclick=\"javascript:editSelectedLabel()\" value=\"Edit\">
2411                                 <input type=\"submit\" class=\"button\" disabled=\"true\"
2412                                 onclick=\"javascript:removeSelectedLabels()\" value=\"Remove\">";
2413
2414                 } else {
2415                         print "<p>No labels defined.</p>";
2416                 }
2417         }
2418
2419         if ($op == "error") {
2420                 print "<div width=\"100%\" align='center'>";
2421                 $msg = $_GET["msg"];
2422                 print $msg;
2423                 print "</div>";
2424         }
2425
2426         if ($op == "help") {
2427                 if (!$_GET["noheaders"]) {
2428                         print "<html><head>
2429                                 <title>Tiny Tiny RSS : Help</title>
2430                                 <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">
2431                                 <script type=\"text/javascript\" src=\"prototype.js\"></script>
2432                                 <script type=\"text/javascript\" src=\"functions.js?$script_dt_add\"></script>
2433                                 <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
2434                                 </head><body>";
2435                 }
2436
2437                 $tid = sprintf("%d", $_GET["tid"]);
2438
2439                 print "<div id=\"infoBoxTitle\">Help</div>";
2440
2441                 print "<div class='infoBoxContents'>";
2442
2443                 if (file_exists("help/$tid.php")) {
2444                         include("help/$tid.php");
2445                 } else {
2446                         print "<p>Help topic not found.</p>";
2447                 }
2448
2449                 print "</div>";
2450
2451                 print "<div align='center'>
2452                         <input type='submit' class='button'
2453                         onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
2454
2455                 if (!$_GET["noheaders"]) {
2456                         print "</body></html>";
2457                 }
2458
2459         }
2460
2461         if ($op == "dlg") {
2462                 $id = $_GET["id"];
2463                 $param = $_GET["param"];
2464
2465                 if ($id == "quickAddFeed") {
2466
2467                         print "<div id=\"infoBoxTitle\">Subscribe to feed</div>";
2468                         print "<div class=\"infoBoxContents\">";
2469
2470                         print "<form id='feed_add_form'>";
2471
2472                         print "<input type=\"hidden\" name=\"op\" value=\"pref-feeds\">";
2473                         print "<input type=\"hidden\" name=\"quiet\" value=\"1\">";
2474                         print "<input type=\"hidden\" name=\"subop\" value=\"add\">";
2475
2476                         print "<table width='100%'>
2477                         <tr><td>Feed URL:</td><td>
2478                                 <input class=\"iedit\" onblur=\"javascript:enableHotkeys()\"
2479                                         onkeypress=\"return filterCR(event, qafAdd)\"
2480                                         onkeyup=\"toggleSubmitNotEmpty(this, 'fadd_submit_btn')\"
2481                                         onfocus=\"javascript:disableHotkeys()\" name=\"feed_url\"></td></tr>";
2482
2483                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
2484                                 print "<tr><td>Category:</td><td>";
2485                                 print_feed_cat_select($link, "cat_id");
2486                                 print "</td></tr>";
2487                         }
2488
2489                         print "</table>";
2490                         print "</form>";
2491
2492                         print "<div align='right'>
2493                                 <input class=\"button\"
2494                                         id=\"fadd_submit_btn\" disabled=\"true\"
2495                                         type=\"submit\" onclick=\"return qafAdd()\" value=\"Subscribe\">
2496                                 <input class=\"button\"
2497                                         type=\"submit\" onclick=\"return closeInfoBox()\"
2498                                         value=\"Cancel\"></div>";
2499                 }
2500
2501                 if ($id == "search") {
2502
2503                         print "<div id=\"infoBoxTitle\">Search</div>";
2504                         print "<div class=\"infoBoxContents\">";
2505
2506                         print "<form id='search_form'>";
2507
2508                         #$active_feed_id = db_escape_string($_GET["param"]);
2509
2510                         $params = split(":", db_escape_string($_GET["param"]));
2511
2512                         $active_feed_id = sprintf("%d", $params[0]);
2513                         $is_cat = $params[1] == "true";
2514
2515                         print "<table width='100%'><tr><td>Search:</td><td>";
2516
2517                         print "<input name=\"query\" class=\"iedit\"
2518                                 onkeypress=\"return filterCR(event, search)\"
2519                                 onkeyup=\"toggleSubmitNotEmpty(this, 'search_submit_btn')\"
2520                                 value=\"\">
2521                         </td></tr>";
2522
2523                         print "<tr><td>Where:</td><td>";
2524
2525                         print "<select name=\"search_mode\">
2526                                 <option value=\"all_feeds\">All feeds</option>";
2527
2528                         $feed_title = getFeedTitle($link, $active_feed_id);
2529
2530                         if (!$is_cat) {
2531                                 $feed_cat_title = getFeedCatTitle($link, $active_feed_id);
2532                         } else {
2533                                 $feed_cat_title = getCategoryTitle($link, $active_feed_id);
2534                         }
2535
2536                         if ($active_feed_id && !$is_cat) {
2537                                 print "<option selected value=\"this_feed\">This feed ($feed_title)</option>";
2538                         } else {
2539                                 print "<option disabled>This feed</option>";
2540                         }
2541
2542                         if ($is_cat) {
2543                                 $cat_preselected = "selected";
2544                         }
2545
2546                         if (get_pref($link, 'ENABLE_FEED_CATS') && ($active_feed_id > 0 || $is_cat)) {
2547                                 print "<option $cat_preselected value=\"this_cat\">This category ($feed_cat_title)</option>";
2548                         } else {
2549                                 print "<option disabled>This category</option>";
2550                         }
2551
2552                         print "</select></td></tr>";
2553
2554                         print "<tr><td>Match on:</td><td>";
2555
2556                         $search_fields = array(
2557                                 "title" => "Title",
2558                                 "content" => "Content",
2559                                 "both" => "Title or content");
2560
2561                         print_select_hash("match_on", 3, $search_fields);
2562
2563                         print "</td></tr></table>";
2564
2565                         print "</form>";
2566
2567                         print "<div align=\"right\">
2568                         <input type=\"submit\"
2569                                 class=\"button\" onclick=\"javascript:search()\"
2570                                 id=\"search_submit_btn\" disabled=\"true\"
2571                                 value=\"Search\">
2572                         <input class=\"button\"
2573                                 type=\"submit\" onclick=\"javascript:searchCancel()\"
2574                                 value=\"Cancel\"></div>";
2575
2576                         print "</div>";
2577
2578                 }
2579
2580                 if ($id == "quickAddLabel") {
2581                         print "<div id=\"infoBoxTitle\">Create label</div>";
2582                         print "<div class=\"infoBoxContents\">";
2583
2584                         print "<form id=\"label_edit_form\">";
2585
2586                         print "<input type=\"hidden\" name=\"op\" value=\"pref-labels\">";
2587                         print "<input type=\"hidden\" name=\"subop\" value=\"add\">";
2588
2589                         print "<table width='100%'>";
2590
2591                         print "<tr><td>Caption:</td>
2592                                 <td><input onkeypress=\"return filterCR(event, addLabel)\"
2593                                          onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
2594                                          name=\"description\" class=\"iedit\">";
2595
2596                         print "</td></tr>";
2597
2598                         print "<tr><td colspan=\"2\">
2599                                 <p>SQL Expression:</p>";
2600
2601                         print "<textarea onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
2602                                          rows=\"4\" name=\"sql_exp\" class=\"iedit\"></textarea>";
2603
2604                         print "</td></tr></table>";
2605
2606                         print "</form>";
2607
2608                         print "<div style=\"display : none\" id=\"label_test_result\"></div>";
2609
2610                         print "<div align='right'>";
2611
2612                         print "<input type=\"submit\" onclick=\"labelTest()\" value=\"Test\">
2613                                 ";
2614
2615                         print "<input type=\"submit\"
2616                                 id=\"infobox_submit\"
2617                                 disabled=\"true\"
2618                                 class=\"button\" onclick=\"return addLabel()\"
2619                                 value=\"Create\"> ";
2620
2621                         print "<input class=\"button\"
2622                                 type=\"submit\" onclick=\"return labelEditCancel()\"
2623                                 value=\"Cancel\">";
2624                 }
2625
2626                 if ($id == "quickAddFilter") {
2627
2628                         $active_feed_id = db_escape_string($_GET["param"]);
2629
2630                         print "<div id=\"infoBoxTitle\">Create filter</div>";
2631                         print "<div class=\"infoBoxContents\">";
2632
2633                         print "<form id=\"filter_add_form\">";
2634
2635                         print "<input type=\"hidden\" name=\"op\" value=\"pref-filters\">";
2636                         print "<input type=\"hidden\" name=\"quiet\" value=\"1\">";
2637                         print "<input type=\"hidden\" name=\"subop\" value=\"add\">";
2638
2639 //                      print "<div class=\"notice\"><b>Note:</b> filter will only apply to new articles.</div>";
2640
2641                         $result = db_query($link, "SELECT id,description
2642                                 FROM ttrss_filter_types ORDER BY description");
2643
2644                         $filter_types = array();
2645
2646                         while ($line = db_fetch_assoc($result)) {
2647                                 //array_push($filter_types, $line["description"]);
2648                                 $filter_types[$line["id"]] = $line["description"];
2649                         }
2650
2651                         print "<table width='100%'>";
2652
2653                         print "<tr><td>Match:</td>
2654                                 <td><input onkeypress=\"return filterCR(event, qaddFilter)\"
2655                                          onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
2656                                         name=\"reg_exp\" class=\"iedit\">";
2657                         print "</td><td>";
2658
2659                         print_select_hash("filter_type", 1, $filter_types, "class=\"iedit\"");
2660
2661                         print "</td></tr>";
2662                         print "<tr><td>Feed:</td><td colspan='2'>";
2663
2664                         print_feed_select($link, "feed_id", $active_feed_id);
2665
2666                         print "</td></tr>";
2667
2668                         print "<tr><td>Action:</td>";
2669
2670                         print "<td colspan='2'><select name=\"action_id\">";
2671
2672                         $result = db_query($link, "SELECT id,description FROM ttrss_filter_actions
2673                                 ORDER BY name");
2674
2675                         while ($line = db_fetch_assoc($result)) {
2676                                 printf("<option value='%d'>%s</option>", $line["id"], $line["description"]);
2677                         }
2678
2679                         print "</select>";
2680
2681                         print "</td></tr></table>";
2682
2683                         print "</form>";
2684
2685                         print "<div align='right'>";
2686
2687                         print "<input type=\"submit\"
2688                                 id=\"infobox_submit\"
2689                                 class=\"button\" onclick=\"return qaddFilter()\"
2690                                 disabled=\"true\" value=\"Create\"> ";
2691
2692                         print "<input class=\"button\"
2693                                 type=\"submit\" onclick=\"return closeInfoBox()\"
2694                                 value=\"Cancel\">";
2695
2696                         print "</div>";
2697
2698 //                      print "</td></tr></table>";
2699
2700                 }
2701
2702                 print "</div>";
2703
2704         }
2705
2706         // update feeds of all users, may be used anonymously
2707         if ($op == "globalUpdateFeeds") {
2708
2709                 $result = db_query($link, "SELECT id FROM ttrss_users");
2710
2711                 while ($line = db_fetch_assoc($result)) {
2712                         $user_id = $line["id"];
2713 //                      print "<!-- updating feeds of uid $user_id -->";
2714                         update_all_feeds($link, false, $user_id);
2715                 }
2716
2717                 print "<rpc-reply>
2718                         <message msg=\"All feeds updated\"/>
2719                 </rpc-reply>";
2720
2721         }
2722
2723         if ($op == "pref-prefs") {
2724
2725                 $subop = $_REQUEST["subop"];
2726
2727                 if ($subop == "Save configuration") {
2728
2729                         if (WEB_DEMO_MODE) {
2730                                 header("Location: prefs.php");
2731                                 return;
2732                         }
2733
2734                         $_SESSION["prefs_op_result"] = "save-config";
2735
2736                         $_SESSION["prefs_cache"] = false;
2737
2738                         foreach (array_keys($_POST) as $pref_name) {
2739
2740                                 $pref_name = db_escape_string($pref_name);
2741                                 $value = db_escape_string($_POST[$pref_name]);
2742
2743                                 $result = db_query($link, "SELECT type_name
2744                                         FROM ttrss_prefs,ttrss_prefs_types
2745                                         WHERE pref_name = '$pref_name' AND type_id = ttrss_prefs_types.id");
2746
2747                                 if (db_num_rows($result) > 0) {
2748
2749                                         $type_name = db_fetch_result($result, 0, "type_name");
2750
2751 //                                      print "$pref_name : $type_name : $value<br>";
2752
2753                                         if ($type_name == "bool") {
2754                                                 if ($value == "1") {
2755                                                         $value = "true";
2756                                                 } else {
2757                                                         $value = "false";
2758                                                 }
2759                                         } else if ($type_name == "integer") {
2760                                                 $value = sprintf("%d", $value);
2761                                         }
2762
2763 //                                      print "$pref_name : $type_name : $value<br>";
2764
2765                                         db_query($link, "UPDATE ttrss_user_prefs SET value = '$value'
2766                                                 WHERE pref_name = '$pref_name' AND owner_uid = ".$_SESSION["uid"]);
2767
2768                                 }
2769
2770                                 header("Location: prefs.php");
2771
2772                         }
2773
2774                 } else if ($subop == "getHelp") {
2775
2776                         $pref_name = db_escape_string($_GET["pn"]);
2777
2778                         $result = db_query($link, "SELECT help_text FROM ttrss_prefs
2779                                 WHERE pref_name = '$pref_name'");
2780
2781                         if (db_num_rows($result) > 0) {
2782                                 $help_text = db_fetch_result($result, 0, "help_text");
2783                                 print $help_text;
2784                         } else {
2785                                 print "Unknown option: $pref_name";
2786                         }
2787
2788                 } else if ($subop == "Change e-mail") {
2789
2790                         if (WEB_DEMO_MODE) {
2791                                 header("Location: prefs.php");
2792                                 return;
2793                         }
2794
2795                         $email = db_escape_string($_GET["email"]);
2796                         $active_uid = $_SESSION["uid"];
2797
2798                         if ($email) {
2799                                 db_query($link, "UPDATE ttrss_users SET email = '$email'
2800                                                 WHERE id = '$active_uid'");
2801                         }
2802
2803                         header("Location: prefs.php");
2804
2805                 } else if ($subop == "Change password") {
2806
2807                         if (WEB_DEMO_MODE) {
2808                                 header("Location: prefs.php");
2809                                 return;
2810                         }
2811
2812                         $old_pw = $_POST["OLD_PASSWORD"];
2813                         $new_pw = $_POST["OLD_PASSWORD"];
2814
2815                         $old_pw_hash = 'SHA1:' . sha1($_POST["OLD_PASSWORD"]);
2816                         $new_pw_hash = 'SHA1:' . sha1($_POST["NEW_PASSWORD"]);
2817
2818                         $active_uid = $_SESSION["uid"];
2819
2820                         if ($old_pw && $new_pw) {
2821
2822                                 $login = db_escape_string($_SERVER['PHP_AUTH_USER']);
2823
2824                                 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
2825                                         id = '$active_uid' AND (pwd_hash = '$old_pw' OR
2826                                                 pwd_hash = '$old_pw_hash')");
2827
2828                                 if (db_num_rows($result) == 1) {
2829                                         db_query($link, "UPDATE ttrss_users SET pwd_hash = '$new_pw_hash'
2830                                                 WHERE id = '$active_uid'");
2831
2832                                         $_SESSION["pwd_change_result"] = "ok";
2833                                 } else {
2834                                         $_SESSION["pwd_change_result"] = "failed";
2835                                 }
2836                         }
2837
2838                         header("Location: prefs.php");
2839
2840                 } else if ($subop == "Reset to defaults") {
2841
2842                         if (WEB_DEMO_MODE) {
2843                                 header("Location: prefs.php");
2844                                 return;
2845                         }
2846
2847                         $_SESSION["prefs_op_result"] = "reset-to-defaults";
2848
2849                         if (DB_TYPE == "pgsql") {
2850                                 db_query($link,"UPDATE ttrss_user_prefs
2851                                         SET value = ttrss_prefs.def_value
2852                                         WHERE owner_uid = '".$_SESSION["uid"]."' AND
2853                                         ttrss_prefs.pref_name = ttrss_user_prefs.pref_name");
2854                         } else {
2855                                 db_query($link, "DELETE FROM ttrss_user_prefs
2856                                         WHERE owner_uid = ".$_SESSION["uid"]);
2857                                 initialize_user_prefs($link, $_SESSION["uid"]);
2858                         }
2859
2860                         header("Location: prefs.php");
2861
2862                 } else if ($subop == "Change theme") {
2863
2864                         $theme = db_escape_string($_POST["theme"]);
2865
2866                         if ($theme == "Default") {
2867                                 $theme_qpart = 'NULL';
2868                         } else {
2869                                 $theme_qpart = "'$theme'";
2870                         }
2871
2872                         $result = db_query($link, "SELECT id,theme_path FROM ttrss_themes
2873                                 WHERE theme_name = '$theme'");
2874
2875                         if (db_num_rows($result) == 1) {
2876                                 $theme_id = db_fetch_result($result, 0, "id");
2877                                 $theme_path = db_fetch_result($result, 0, "theme_path");
2878                         } else {
2879                                 $theme_id = "NULL";
2880                                 $theme_path = "";
2881                         }
2882
2883                         db_query($link, "UPDATE ttrss_users SET
2884                                 theme_id = $theme_id WHERE id = " . $_SESSION["uid"]);
2885
2886                         $_SESSION["theme"] = $theme_path;
2887
2888                         header("Location: prefs.php");
2889
2890                 } else {
2891
2892                         print check_for_update($link);
2893
2894                         if (!SINGLE_USER_MODE) {
2895
2896                                 $result = db_query($link, "SELECT id,email FROM ttrss_users
2897                                         WHERE id = ".$_SESSION["uid"]." AND (pwd_hash = 'password' OR
2898                                                 pwd_hash = 'SHA1:".sha1("password")."')");
2899
2900                                 if (db_num_rows($result) != 0) {
2901                                         print "<div class=\"warning\">
2902                                                 Your password is at default value, please change it.
2903                                         </div>";
2904                                 }
2905
2906                                 if ($_SESSION["pwd_change_result"] == "failed") {
2907                                         print "<div class=\"warning\">
2908                                                         There was an error while changing your password.
2909                                                 </div>";
2910                                 }
2911
2912                                 if ($_SESSION["pwd_change_result"] == "ok") {
2913                                         print "<div class=\"notice\">
2914                                                         Password changed successfully.
2915                                                 </div>";
2916                                 }
2917
2918                                 $_SESSION["pwd_change_result"] = "";
2919
2920                                 if ($_SESSION["prefs_op_result"] == "reset-to-defaults") {
2921                                         print "<div class=\"notice\">
2922                                                         Your configuration was reset to defaults.
2923                                                 </div>";
2924                                 }
2925
2926                                 if ($_SESSION["prefs_op_result"] == "save-config") {
2927                                         print "<div class=\"notice\">
2928                                                         Your configuration was saved successfully.
2929                                                 </div>";
2930                                 }
2931
2932                                 $_SESSION["prefs_op_result"] = "";
2933
2934                                 print "<form action=\"backend.php\" method=\"GET\">";
2935
2936                                 print "<table width=\"100%\" class=\"prefPrefsList\">";
2937                                 print "<tr><td colspan='3'><h3>Personal data</h3></tr></td>";
2938
2939                                 $result = db_query($link, "SELECT email FROM ttrss_users
2940                                         WHERE id = ".$_SESSION["uid"]);
2941
2942                                 $email = db_fetch_result($result, 0, "email");
2943
2944                                 print "<tr><td width=\"40%\">E-mail</td>";
2945                                 print "<td><input class=\"editbox\" name=\"email\"
2946                                         value=\"$email\"></td></tr>";
2947
2948                                 print "</table>";
2949
2950                                 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
2951
2952                                 print "<p><input class=\"button\" type=\"submit\"
2953                                         value=\"Change e-mail\" name=\"subop\">";
2954
2955                                 print "</form>";
2956
2957                                 print "<form action=\"backend.php\" method=\"POST\" name=\"changePassForm\">";
2958
2959                                 print "<table width=\"100%\" class=\"prefPrefsList\">";
2960                                 print "<tr><td colspan='3'><h3>Authentication</h3></tr></td>";
2961
2962                                 print "<tr><td width=\"40%\">Old password</td>";
2963                                 print "<td><input class=\"editbox\" type=\"password\"
2964                                         name=\"OLD_PASSWORD\"></td></tr>";
2965
2966                                 print "<tr><td width=\"40%\">New password</td>";
2967
2968                                 print "<td><input class=\"editbox\" type=\"password\"
2969                                         name=\"NEW_PASSWORD\"></td></tr>";
2970
2971                                 print "</table>";
2972
2973                                 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
2974
2975                                 print "<p><input class=\"button\" type=\"submit\"
2976                                         onclick=\"return validateNewPassword(this.form)\"
2977                                         value=\"Change password\" name=\"subop\">";
2978
2979                                 print "</form>";
2980
2981                         }
2982
2983                         $result = db_query($link, "SELECT
2984                                 theme_id FROM ttrss_users WHERE id = " . $_SESSION["uid"]);
2985
2986                         $user_theme_id = db_fetch_result($result, 0, "theme_id");
2987
2988                         $result = db_query($link, "SELECT
2989                                 id,theme_name FROM ttrss_themes ORDER BY theme_name");
2990
2991                         if (db_num_rows($result) > 0) {
2992
2993                                 print "<form action=\"backend.php\" method=\"POST\">";
2994                                 print "<table width=\"100%\" class=\"prefPrefsList\">";
2995                                 print "<tr><td colspan='3'><h3>Themes</h3></tr></td>";
2996                                 print "<tr><td width=\"40%\">Select theme</td>";
2997                                 print "<td><select name=\"theme\">";
2998                                 print "<option>Default</option>";
2999                                 print "<option disabled>--------</option>";
3000
3001                                 while ($line = db_fetch_assoc($result)) {
3002                                         if ($line["id"] == $user_theme_id) {
3003                                                 $selected = "selected";
3004                                         } else {
3005                                                 $selected = "";
3006                                         }
3007                                         print "<option $selected>" . $line["theme_name"] . "</option>";
3008                                 }
3009                                 print "</select></td></tr>";
3010                                 print "</table>";
3011                                 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
3012                                 print "<p><input class=\"button\" type=\"submit\"
3013                                         value=\"Change theme\" name=\"subop\">";
3014                                 print "</form>";
3015                         }
3016
3017                         initialize_user_prefs($link, $_SESSION["uid"]);
3018
3019                         $result = db_query($link, "SELECT
3020                                 ttrss_user_prefs.pref_name,short_desc,help_text,value,type_name,
3021                                 section_name,def_value
3022                                 FROM ttrss_prefs,ttrss_prefs_types,ttrss_prefs_sections,ttrss_user_prefs
3023                                 WHERE type_id = ttrss_prefs_types.id AND
3024                                         section_id = ttrss_prefs_sections.id AND
3025                                         ttrss_user_prefs.pref_name = ttrss_prefs.pref_name AND
3026                                         owner_uid = ".$_SESSION["uid"]."
3027                                 ORDER BY section_id,short_desc");
3028
3029                         print "<form action=\"backend.php\" method=\"POST\">";
3030
3031                         $lnum = 0;
3032
3033                         $active_section = "";
3034
3035                         while ($line = db_fetch_assoc($result)) {
3036
3037                                 if ($active_section != $line["section_name"]) {
3038
3039                                         if ($active_section != "") {
3040                                                 print "</table>";
3041                                         }
3042
3043                                         print "<p><table width=\"100%\" class=\"prefPrefsList\">";
3044
3045                                         $active_section = $line["section_name"];
3046
3047                                         print "<tr><td colspan=\"3\"><h3>$active_section</h3></td></tr>";
3048 //                                      print "<tr class=\"title\">
3049 //                                              <td width=\"25%\">Option</td><td>Value</td></tr>";
3050
3051                                         $lnum = 0;
3052                                 }
3053
3054 //                              $class = ($lnum % 2) ? "even" : "odd";
3055
3056                                 print "<tr>";
3057
3058                                 $type_name = $line["type_name"];
3059                                 $pref_name = $line["pref_name"];
3060                                 $value = $line["value"];
3061                                 $def_value = $line["def_value"];
3062                                 $help_text = $line["help_text"];
3063
3064                                 print "<td width=\"40%\" id=\"$pref_name\">" . $line["short_desc"];
3065
3066                                 if ($help_text) print "<div class=\"prefHelp\">$help_text</div>";
3067
3068                                 print "</td>";
3069
3070                                 print "<td>";
3071
3072                                 if ($type_name == "bool") {
3073 //                                      print_select($pref_name, $value, array("true", "false"));
3074
3075                                         if ($value == "true") {
3076                                                 $value = "Yes";
3077                                         } else {
3078                                                 $value = "No";
3079                                         }
3080
3081                                         print_radio($pref_name, $value, array("Yes", "No"));
3082
3083                                 } else {
3084                                         print "<input class=\"editbox\" name=\"$pref_name\" value=\"$value\">";
3085                                 }
3086
3087                                 print "</td>";
3088
3089                                 print "</tr>";
3090
3091                                 $lnum++;
3092                         }
3093
3094                         print "</table>";
3095
3096                         print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
3097
3098                         print "<p><input class=\"button\" type=\"submit\"
3099                                 name=\"subop\" value=\"Save configuration\">";
3100
3101                         print "&nbsp;<input class=\"button\" type=\"submit\"
3102                                 name=\"subop\" onclick=\"return validatePrefsReset()\"
3103                                 value=\"Reset to defaults\"></p>";
3104
3105                         print "</form>";
3106
3107                 }
3108
3109         }
3110
3111         if ($op == "pref-users") {
3112
3113                 $subop = $_GET["subop"];
3114
3115                 if ($subop == "edit") {
3116
3117                         $id = db_escape_string($_GET["id"]);
3118
3119                         print "<div id=\"infoBoxTitle\">User editor</div>";
3120
3121                         print "<div class=\"infoBoxContents\">";
3122
3123                         print "<form id=\"user_edit_form\">";
3124
3125                         print "<input type=\"hidden\" name=\"id\" value=\"$id\">";
3126                         print "<input type=\"hidden\" name=\"op\" value=\"pref-users\">";
3127                         print "<input type=\"hidden\" name=\"subop\" value=\"editSave\">";
3128
3129                         $result = db_query($link, "SELECT * FROM ttrss_users WHERE id = '$id'");
3130
3131                         $login = db_fetch_result($result, 0, "login");
3132                         $access_level = db_fetch_result($result, 0, "access_level");
3133                         $email = db_fetch_result($result, 0, "email");
3134
3135                         print "<table width='100%'>";
3136                         print "<tr><td>Login:</td><td>
3137                                 <input class=\"iedit\" onkeypress=\"return filterCR(event)\"
3138                                 name=\"login\" value=\"$login\"></td></tr>";
3139
3140                         print "<tr><td>Change password:</td><td>
3141                                 <input class=\"iedit\" onkeypress=\"return filterCR(event)\"
3142                                 name=\"password\"></td></tr>";
3143
3144                         print "<tr><td>E-mail:</td><td>
3145                                 <input class=\"iedit\" name=\"email\" onkeypress=\"return filterCR(event)\"
3146                                 value=\"$email\"></td></tr>";
3147
3148                         $sel_disabled = ($id == $_SESSION["uid"]) ? "disabled" : "";
3149
3150                         print "<tr><td>Access level:</td><td>";
3151                         print_select_hash("access_level", $access_level, $access_level_names,
3152                                 $sel_disabled);
3153                         print "</td></tr>";
3154
3155                         print "</table>";
3156
3157                         print "</form>";
3158
3159                         print "<div align='right'>
3160                                 <input class=\"button\"
3161                                         type=\"submit\" onclick=\"return userEditSave()\"
3162                                         value=\"Save\">
3163                                 <input class=\"button\"
3164                                         type=\"submit\" onclick=\"return userEditCancel()\"
3165                                         value=\"Cancel\"></div>";
3166
3167                         print "</div>";
3168
3169                         return;
3170                 }
3171
3172                 if ($subop == "editSave") {
3173
3174                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3175
3176                                 $login = db_escape_string(trim($_GET["login"]));
3177                                 $uid = db_escape_string($_GET["id"]);
3178                                 $access_level = sprintf("%d", $_GET["access_level"]);
3179                                 $email = db_escape_string(trim($_GET["email"]));
3180                                 $password = db_escape_string(trim($_GET["password"]));
3181
3182                                 if ($password) {
3183                                         $pwd_hash = 'SHA1:' . sha1($password);
3184                                         $pass_query_part = "pwd_hash = '$pwd_hash', ";
3185                                         print "<div class='notice'>Changed password for user <b>$login</b>.</div>";
3186                                 } else {
3187                                         $pass_query_part = "";
3188                                 }
3189
3190                                 db_query($link, "UPDATE ttrss_users SET $pass_query_part login = '$login',
3191                                         access_level = '$access_level', email = '$email' WHERE id = '$uid'");
3192
3193                         }
3194                 } else if ($subop == "remove") {
3195
3196                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3197
3198                                 $ids = split(",", db_escape_string($_GET["ids"]));
3199
3200                                 foreach ($ids as $id) {
3201                                         db_query($link, "DELETE FROM ttrss_users WHERE id = '$id' AND id != " . $_SESSION["uid"]);
3202
3203                                 }
3204                         }
3205                 } else if ($subop == "add") {
3206
3207                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3208
3209                                 $login = db_escape_string(trim($_GET["login"]));
3210                                 $tmp_user_pwd = make_password(8);
3211                                 $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd);
3212
3213                                 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
3214                                         login = '$login'");
3215
3216                                 if (db_num_rows($result) == 0) {
3217
3218                                         db_query($link, "INSERT INTO ttrss_users
3219                                                 (login,pwd_hash,access_level,last_login)
3220                                                 VALUES ('$login', '$pwd_hash', 0, NOW())");
3221
3222
3223                                         $result = db_query($link, "SELECT id FROM ttrss_users WHERE
3224                                                 login = '$login' AND pwd_hash = '$pwd_hash'");
3225
3226                                         if (db_num_rows($result) == 1) {
3227
3228                                                 $new_uid = db_fetch_result($result, 0, "id");
3229
3230                                                 print "<div class=\"notice\">Added user <b>".$_GET["login"].
3231                                                         "</b> with password <b>$tmp_user_pwd</b>.</div>";
3232
3233                                                 initialize_user($link, $new_uid);
3234
3235                                         } else {
3236
3237                                                 print "<div class=\"warning\">Could not create user <b>".
3238                                                         $_GET["login"]."</b></div>";
3239
3240                                         }
3241                                 } else {
3242                                         print "<div class=\"warning\">User <b>".
3243                                                 $_GET["login"]."</b> already exists.</div>";
3244                                 }
3245                         }
3246                 } else if ($subop == "resetPass") {
3247
3248                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3249
3250                                 $uid = db_escape_string($_GET["id"]);
3251
3252                                 $result = db_query($link, "SELECT login,email
3253                                         FROM ttrss_users WHERE id = '$uid'");
3254
3255                                 $login = db_fetch_result($result, 0, "login");
3256                                 $email = db_fetch_result($result, 0, "email");
3257                                 $tmp_user_pwd = make_password(8);
3258                                 $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd);
3259
3260                                 db_query($link, "UPDATE ttrss_users SET pwd_hash = '$pwd_hash'
3261                                         WHERE id = '$uid'");
3262
3263                                 print "<div class=\"notice\">Changed password of
3264                                         user <b>$login</b> to <b>$tmp_user_pwd</b>.";
3265
3266                                 if (MAIL_RESET_PASS && $email) {
3267                                         print " Notifying <b>$email</b>.";
3268
3269                                         mail("$login <$email>", "Password reset notification",
3270                                                 "Hi, $login.\n".
3271                                                 "\n".
3272                                                 "Your password for this TT-RSS installation was reset by".
3273                                                         " an administrator.\n".
3274                                                 "\n".
3275                                                 "Your new password is $tmp_user_pwd, please remember".
3276                                                         " it for later reference.\n".
3277                                                 "\n".
3278                                                 "Sincerely, TT-RSS Mail Daemon.", "From: " . MAIL_FROM);
3279                                 }
3280
3281                                 print "</div>";
3282
3283                         }
3284                 }
3285
3286                 $sort = db_escape_string($_GET["sort"]);
3287
3288                 if (!$sort || $sort == "undefined") {
3289                         $sort = "login";
3290                 }
3291
3292                 print "<div class=\"prefGenericAddBox\">
3293                         <input id=\"uadd_box\"
3294                                 onkeyup=\"toggleSubmitNotEmpty(this, 'user_add_btn')\"
3295                                 size=\"40\">&nbsp;";
3296
3297                 print "<input type=\"submit\" class=\"button\"
3298                         id=\"user_add_btn\" disabled=\"true\"
3299                         onclick=\"javascript:addUser()\" value=\"Create user\"></div>";
3300
3301                 $result = db_query($link, "SELECT
3302                                 id,login,access_level,email,
3303                                 SUBSTRING(last_login,1,16) as last_login
3304                         FROM
3305                                 ttrss_users
3306                         ORDER BY $sort");
3307
3308 //              print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
3309
3310                 print "<p><table width=\"100%\" cellspacing=\"0\"
3311                         class=\"prefUserList\" id=\"prefUserList\">";
3312
3313                 print "<tr><td class=\"selectPrompt\" colspan=\"8\">
3314                                 Select:
3315                                         <a href=\"javascript:selectPrefRows('user', true)\">All</a>,
3316                                         <a href=\"javascript:selectPrefRows('user', false)\">None</a>
3317                                 </td</tr>";
3318
3319                 print "<tr class=\"title\">
3320                                         <td align='center' width=\"5%\">&nbsp;</td>
3321                                         <td width='40%'><a href=\"javascript:updateUsersList('login')\">Login</a></td>
3322                                         <td width='40%'><a href=\"javascript:updateUsersList('access_level')\">Access Level</a></td>
3323                                         <td width='30%'><a href=\"javascript:updateUsersList('last_login')\">Last login</a></td></tr>";
3324
3325                 $lnum = 0;
3326
3327                 while ($line = db_fetch_assoc($result)) {
3328
3329                         $class = ($lnum % 2) ? "even" : "odd";
3330
3331                         $uid = $line["id"];
3332                         $edit_uid = $_GET["id"];
3333
3334                         if ($subop == "edit" && $uid != $edit_uid) {
3335                                 $class .= "Grayed";
3336                                 $this_row_id = "";
3337                         } else {
3338                                 $this_row_id = "id=\"UMRR-$uid\"";
3339                         }
3340
3341                         print "<tr class=\"$class\" $this_row_id>";
3342
3343                         $line["login"] = htmlspecialchars($line["login"]);
3344
3345                         $line["last_login"] = date(get_pref($link, 'SHORT_DATE_FORMAT'),
3346                                 strtotime($line["last_login"]));
3347
3348                         $access_level_names = array(0 => "User", 10 => "Administrator");
3349
3350 //                      if (!$edit_uid || $subop != "edit") {
3351
3352                                 print "<td align='center'><input onclick='toggleSelectPrefRow(this, \"user\");'
3353                                 type=\"checkbox\" id=\"UMCHK-$uid\"></td>";
3354
3355                                 print "<td><a href=\"javascript:editUser($uid);\">" .
3356                                         $line["login"] . "</td>";
3357
3358                                 if (!$line["email"]) $line["email"] = "&nbsp;";
3359
3360                                 print "<td><a href=\"javascript:editUser($uid);\">" .
3361                                         $access_level_names[$line["access_level"]] . "</td>";
3362
3363 /*                      } else if ($uid != $edit_uid) {
3364
3365                                 if (!$line["email"]) $line["email"] = "&nbsp;";
3366
3367                                 print "<td align='center'><input disabled=\"true\" type=\"checkbox\"
3368                                         id=\"UMCHK-".$line["id"]."\"></td>";
3369
3370                                 print "<td>".$line["login"]."</td>";
3371                                 print "<td>".$line["email"]."</td>";
3372                                 print "<td>".$access_level_names[$line["access_level"]]."</td>";
3373
3374                         } else {
3375
3376                                 print "<td align='center'>
3377                                         <input disabled=\"true\" type=\"checkbox\" checked></td>";
3378
3379                                 print "<td><input id=\"iedit_ulogin\" value=\"".$line["login"].
3380                                         "\"></td>";
3381
3382                                 print "<td><input id=\"iedit_email\" value=\"".$line["email"].
3383                                         "\"></td>";
3384
3385                                 print "<td>";
3386                                 print "<select id=\"iedit_ulevel\">";
3387                                 foreach (array_keys($access_level_names) as $al) {
3388                                         if ($al == $line["access_level"]) {
3389                                                 $selected = "selected";
3390                                         } else {
3391                                                 $selected = "";
3392                                         }
3393                                         print "<option $selected id=\"$al\">" .
3394                                                 $access_level_names[$al] . "</option>";
3395                                 }
3396                                 print "</select>";
3397                                 print "</td>";
3398
3399                         } */
3400
3401                         print "<td>".$line["last_login"]."</td>";
3402
3403                         print "</tr>";
3404
3405                         ++$lnum;
3406                 }
3407
3408                 print "</table>";
3409
3410                 print "<p id='userOpToolbar'>";
3411
3412 /*              if ($subop == "edit") {
3413                         print "Edit user:
3414                                 <input type=\"submit\" class=\"button\"
3415                                         onclick=\"javascript:userEditSave()\" value=\"Save\">
3416                                 <input type=\"submit\" class=\"button\"
3417                                         onclick=\"javascript:userEditCancel()\" value=\"Cancel\">";
3418
3419                 } else { */
3420
3421                         print "
3422                                 Selection:
3423                         <input type=\"submit\" class=\"button\" disabled=\"true\"
3424                                 onclick=\"javascript:selectedUserDetails()\" value=\"User details\">
3425                         <input type=\"submit\" class=\"button\" disabled=\"true\"
3426                                 onclick=\"javascript:editSelectedUser()\" value=\"Edit\">
3427                         <input type=\"submit\" class=\"button\" disabled=\"true\"
3428                                 onclick=\"javascript:removeSelectedUsers()\" value=\"Remove\">
3429                         <input type=\"submit\" class=\"button\" disabled=\"true\"
3430                                 onclick=\"javascript:resetSelectedUserPass()\" value=\"Reset password\">";
3431
3432 //              }
3433         }
3434
3435         if ($op == "user-details") {
3436
3437                 if (WEB_DEMO_MODE || $_SESSION["access_level"] < 10) {
3438                         return;
3439                 }
3440
3441 /*              print "<html><head>
3442                         <title>Tiny Tiny RSS : User Details</title>
3443                         <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">
3444                         <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
3445                         </head><body>"; */
3446
3447                 $uid = sprintf("%d", $_GET["id"]);
3448
3449                 print "<div id=\"infoBoxTitle\">User details</div>";
3450
3451                 print "<div class='infoBoxContents'>";
3452
3453                 $result = db_query($link, "SELECT login,
3454                         SUBSTRING(last_login,1,16) AS last_login,
3455                         access_level,
3456                         (SELECT COUNT(int_id) FROM ttrss_user_entries
3457                                 WHERE owner_uid = id) AS stored_articles
3458                         FROM ttrss_users
3459                         WHERE id = '$uid'");
3460
3461                 if (db_num_rows($result) == 0) {
3462                         print "<h1>User not found</h1>";
3463                         return;
3464                 }
3465
3466 #               print "<h1>User Details</h1>";
3467
3468                 $login = db_fetch_result($result, 0, "login");
3469
3470 #               print "<h1>$login</h1>";
3471
3472                 print "<table width='100%'>";
3473
3474                 $last_login = date(get_pref($link, 'LONG_DATE_FORMAT'),
3475                         strtotime(db_fetch_result($result, 0, "last_login")));
3476                 $access_level = db_fetch_result($result, 0, "access_level");
3477                 $stored_articles = db_fetch_result($result, 0, "stored_articles");
3478
3479 #               print "<tr><td>Username</td><td>$login</td></tr>";
3480 #               print "<tr><td>Access level</td><td>$access_level</td></tr>";
3481                 print "<tr><td>Last logged in</td><td>$last_login</td></tr>";
3482                 print "<tr><td>Stored articles</td><td>$stored_articles</td></tr>";
3483
3484                 $result = db_query($link, "SELECT COUNT(id) as num_feeds FROM ttrss_feeds
3485                         WHERE owner_uid = '$uid'");
3486
3487                 $num_feeds = db_fetch_result($result, 0, "num_feeds");
3488
3489                 print "<tr><td>Subscribed feeds count</td><td>$num_feeds</td></tr>";
3490
3491 /*              $result = db_query($link, "SELECT
3492                         SUM(LENGTH(content)+LENGTH(title)+LENGTH(link)+LENGTH(guid)) AS db_size
3493                         FROM ttrss_user_entries,ttrss_entries
3494                                 WHERE owner_uid = '$uid' AND ref_id = id");
3495
3496                 $db_size = round(db_fetch_result($result, 0, "db_size") / 1024);
3497
3498                 print "<tr><td>Approx. used DB size</td><td>$db_size KBytes</td></tr>";  */
3499
3500                 print "</table>";
3501
3502                 print "<h1>Subscribed feeds</h1>";
3503
3504                 $result = db_query($link, "SELECT id,title,site_url FROM ttrss_feeds
3505                         WHERE owner_uid = '$uid' ORDER BY title");
3506
3507                 print "<ul class=\"userFeedList\">";
3508
3509                 $row_class = "odd";
3510
3511                 while ($line = db_fetch_assoc($result)) {
3512
3513                         $icon_file = ICONS_URL."/".$line["id"].".ico";
3514
3515                         if (file_exists($icon_file) && filesize($icon_file) > 0) {
3516                                 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"$icon_file\">";
3517                         } else {
3518                                 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
3519                         }
3520
3521                         print "<li class=\"$row_class\">$feed_icon&nbsp;<a href=\"".$line["site_url"]."\">".$line["title"]."</a></li>";
3522
3523                         $row_class = toggleEvenOdd($row_class);
3524
3525                 }
3526
3527                 if (db_num_rows($result) < $num_feeds) {
3528                          // FIXME - add link to show ALL subscribed feeds here somewhere
3529                         print "<li><img
3530                                 class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">&nbsp;...</li>";
3531                 }
3532
3533                 print "</ul>";
3534
3535                 print "</div>";
3536
3537                 print "<div align='center'>
3538                         <input type='submit' class='button'
3539                         onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
3540
3541 //              print "</body></html>";
3542
3543         }
3544
3545         if ($op == "pref-feed-browser") {
3546
3547                 if (!ENABLE_FEED_BROWSER) {
3548                         print "Feed browser is administratively disabled.";
3549                         return;
3550                 }
3551
3552                 $subop = $_REQUEST["subop"];
3553
3554                 if ($subop == "details") {
3555                         $id = db_escape_string($_GET["id"]);
3556
3557                         print "<div class=\"browserFeedInfo\">";
3558                         print "<b>Feed information:</b>";
3559                         print "<div class=\"detailsPart\">";
3560
3561                         $result = db_query($link, "SELECT
3562                                         feed_url,site_url,
3563                                         SUBSTRING(last_updated,1,19) AS last_updated
3564                                 FROM ttrss_feeds WHERE id = '$id'");
3565
3566                         $feed_url = db_fetch_result($result, 0, "feed_url");
3567                         $site_url = db_fetch_result($result, 0, "site_url");
3568                         $last_updated = db_fetch_result($result, 0, "last_updated");
3569
3570                         if (get_pref($link, 'HEADLINES_SMART_DATE')) {
3571                                 $last_updated = smart_date_time(strtotime($last_updated));
3572                         } else {
3573                                 $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
3574                                 $last_updated = date($short_date, strtotime($last_updated));
3575                         }
3576
3577                         print "Site: <a target=\"_new\" href='$site_url'>$site_url</a> ".
3578                                 "(<a target=\"_new\" href='$feed_url'>feed</a>), ".
3579                                 "Last updated: $last_updated";
3580
3581                         print "</div>";
3582
3583                         $result = db_query($link, "SELECT
3584                                         ttrss_entries.title,
3585                                         content,link,
3586                                         substring(date_entered,1,19) as date_entered,
3587                                         substring(updated,1,19) as updated
3588                                 FROM ttrss_entries,ttrss_user_entries
3589                                 WHERE   ttrss_entries.id = ref_id AND feed_id = '$id'
3590                                 ORDER BY updated DESC LIMIT 5");
3591
3592                         if (db_num_rows($result) > 0) {
3593
3594                                 print "<b>Last headlines:</b><br>";
3595
3596                                 print "<div class=\"detailsPart\">";
3597                                 print "<ul class=\"compact\">";
3598                                 while ($line = db_fetch_assoc($result)) {
3599
3600                                         if (get_pref($link, 'HEADLINES_SMART_DATE')) {
3601                                                 $entry_dt = smart_date_time(strtotime($line["updated"]));
3602                                         } else {
3603                                                 $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
3604                                                 $entry_dt = date($short_date, strtotime($line["updated"]));
3605                                         }
3606
3607                                         print "<li><a target=\"_new\" href=\"" . $line["link"] . "\">" . $line["title"] . "</a>" .
3608                                                 "&nbsp;<span class=\"insensitive\">($entry_dt)</span></li>";
3609                                 }
3610                                 print "</ul></div>";
3611                         }
3612
3613                         print "</div>";
3614
3615                         return;
3616                 }
3617
3618                 print "<p>This panel shows feeds subscribed by other users of this system, just in case you are interested in some of them too.</p>";
3619
3620                 $limit = db_escape_string($_GET["limit"]);
3621
3622                 if (!$limit) $limit = 25;
3623
3624                 $owner_uid = $_SESSION["uid"];
3625
3626                 $result = db_query($link, "SELECT feed_url,COUNT(id) AS subscribers
3627                         FROM ttrss_feeds WHERE (SELECT COUNT(id) = 0 FROM ttrss_feeds AS tf
3628                                 WHERE tf.feed_url = ttrss_feeds.feed_url
3629                                         AND owner_uid = '$owner_uid') GROUP BY feed_url
3630                                                 ORDER BY subscribers DESC LIMIT $limit");
3631
3632
3633                 print "<div style=\"float : right\">
3634                         Top <select id=\"feedBrowserLimit\">";
3635
3636                 foreach (array(25, 50, 100) as $l) {
3637                         $issel = ($l == $limit) ? "selected" : "";
3638                         print "<option $issel>$l</option>";
3639                 }
3640
3641                 print "</select>
3642                         <input type=\"submit\" class=\"button\"
3643                                 onclick=\"updateBigFeedBrowser()\" value=\"Show\">
3644                 </div>";
3645
3646                 print "<p id=\"fbrOpToolbar\">Selection:
3647                         <input type='submit' class='button' onclick=\"feedBrowserSubscribe()\"
3648                         disabled=\"true\" value=\"Subscribe\">";
3649
3650                 print "<ul class='nomarks' id='browseBigFeedList'>";
3651
3652                 $feedctr = 0;
3653
3654                 while ($line = db_fetch_assoc($result)) {
3655                         $feed_url = $line["feed_url"];
3656                         $subscribers = $line["subscribers"];
3657
3658                         $det_result = db_query($link, "SELECT site_url,title,id
3659                                 FROM ttrss_feeds WHERE feed_url = '$feed_url' LIMIT 1");
3660
3661                         $details = db_fetch_assoc($det_result);
3662
3663                         $icon_file = ICONS_DIR . "/" . $details["id"] . ".ico";
3664
3665                         if (file_exists($icon_file) && filesize($icon_file) > 0) {
3666                                         $feed_icon = "<img class=\"tinyFeedIcon\"       src=\"" . ICONS_URL .
3667                                                 "/".$details["id"].".ico\">";
3668                         } else {
3669                                 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
3670                         }
3671
3672                         $check_box = "<input onclick='toggleSelectFBListRow(this)' class='feedBrowseCB'
3673                                 type=\"checkbox\" id=\"FBCHK-" . $details["id"] . "\">";
3674
3675                         $class = ($feedctr % 2) ? "even" : "odd";
3676
3677                         print "<li class='$class' id=\"FBROW-".$details["id"]."\">$check_box".
3678                                 "$feed_icon ";
3679
3680                         print "<a href=\"javascript:browserToggleExpand('".$details["id"]."')\">" .
3681                                 $details["title"] ."</a>&nbsp;" .
3682                                 "<span class='subscribers'>($subscribers)</span>";
3683
3684                         print "<div class=\"browserDetails\" id=\"BRDET-" . $details["id"] . "\">";
3685                         print "</div>";
3686
3687                         print "</li>";
3688
3689                                 ++$feedctr;
3690                 }
3691
3692                 if ($feedctr == 0) {
3693                         print "<li>No feeds found to subscribe.</li>";
3694                 }
3695
3696                 print "</ul>";
3697
3698                 print "</div>";
3699
3700         }
3701
3702         if ($op == "rss") {
3703                 $feed = db_escape_string($_GET["id"]);
3704                 $user = db_escape_string($_GET["user"]);
3705                 $pass = db_escape_string($_GET["pass"]);
3706                 $is_cat = $_GET["is_cat"] != false;
3707
3708                 $search = db_escape_string($_GET["q"]);
3709                 $match_on = db_escape_string($_GET["m"]);
3710                 $search_mode = db_escape_string($_GET["smode"]);
3711
3712                 if (!$_SESSION["uid"] && $user && $pass) {
3713                         authenticate_user($link, $user, $pass);
3714                 }
3715
3716                 if ($_SESSION["uid"] ||
3717                         http_authenticate_user($link)) {
3718
3719                                 generate_syndicated_feed($link, $feed, $is_cat,
3720                                         $search, $search_mode, $match_on);
3721                 }
3722         }
3723
3724         function check_configuration_variables() {
3725                 if (!defined('SESSION_EXPIRE_TIME')) {
3726                         return "config: SESSION_EXPIRE_TIME is undefined";
3727                 }
3728
3729                 if (SESSION_EXPIRE_TIME < 60) {
3730                         return "config: SESSION_EXPIRE_TIME is too low (less than 60)";
3731                 }
3732
3733                 if (SESSION_EXPIRE_TIME < SESSION_COOKIE_LIFETIME_REMEMBER) {
3734                         return "config: SESSION_EXPIRE_TIME should be greater or equal to" .
3735                                 "SESSION_COOKIE_LIFETIME_REMEMBER";
3736                 }
3737
3738                 if (defined('DISABLE_SESSIONS')) {
3739                         return "config: you have enabled DISABLE_SESSIONS. Please disable this option.";
3740                 }
3741
3742                 if (DATABASE_BACKED_SESSIONS && SINGLE_USER_MODE) {
3743                         return "config: DATABASE_BACKED_SESSIONS is incompatible with SINGLE_USER_MODE";
3744                 }
3745
3746                 return false;
3747         }
3748
3749         if ($op == "labelFromSearch") {
3750                 $search = db_escape_string($_GET["search"]);
3751                 $search_mode = db_escape_string($_GET["smode"]);
3752                 $match_on = db_escape_string($_GET["match"]);
3753                 $is_cat = db_escape_string($_GET["is_cat"]);
3754                 $title = db_escape_string($_GET["title"]);
3755                 $feed = sprintf("%d", $_GET["feed"]);
3756
3757                 $label_qparts = array();
3758
3759                 $search_expr = getSearchSql($search, $match_on);
3760
3761                 if ($is_cat) {
3762                         if ($feed != 0) {
3763                                 $search_expr .= " AND ttrss_feeds.cat_id = $feed ";
3764                         } else {
3765                                 $search_expr .= " AND ttrss_feeds.cat_id IS NULL ";
3766                         }
3767                 } else {
3768                         if ($search_mode == "all_feeds") {
3769                                 // NOOP
3770                         } else if ($search_mode == "this_cat") {
3771
3772                                 $tmp_result = db_query($link, "SELECT cat_id
3773                                         FROM ttrss_feeds WHERE id = '$feed'");
3774
3775                                 $cat_id = db_fetch_result($tmp_result, 0, "cat_id");
3776
3777                                 if ($cat_id > 0) {
3778                                         $search_expr .= " AND ttrss_feeds.cat_id = $cat_id ";
3779                                 } else {
3780                                         $search_expr .= " AND ttrss_feeds.cat_id IS NULL ";
3781                                 }
3782                         } else {
3783                                 $search_expr .= " AND ttrss_feeds.id = $feed ";
3784                         }
3785
3786                 }
3787
3788                 $search_expr = db_escape_string($search_expr);
3789
3790                 print $search_expr;
3791
3792                 if ($title) {
3793                         $result = db_query($link,
3794                                 "INSERT INTO ttrss_labels (sql_exp,description,owner_uid)
3795                                 VALUES ('$search_expr', '$title', '".$_SESSION["uid"]."')");
3796                 }
3797         }
3798
3799         if ($op == "getUnread") {
3800                 $login = db_escape_string($_GET["login"]);
3801
3802                 header("Content-Type: text/plain; charset=utf-8");
3803
3804                 $result = db_query($link, "SELECT id FROM ttrss_users WHERE login = '$login'");
3805
3806                 if (db_num_rows($result) == 1) {
3807                         $uid = db_fetch_result($result, 0, "id");
3808                         print getGlobalUnread($link, $uid);
3809                 } else {
3810                         print "-1;User not found";
3811                 }
3812
3813                 $print_exec_time = false;
3814         }
3815
3816         if ($op == "digestTest") {
3817                 header("Content-Type: text/plain");
3818                 print_r(prepare_headlines_digest($link, $_SESSION["uid"]));
3819                 $print_exec_time = false;
3820
3821         }
3822
3823         if ($op == "digestSend") {
3824                 header("Content-Type: text/plain");
3825                 send_headlines_digests($link);
3826                 $print_exec_time = false;
3827
3828         }
3829
3830         db_close($link);
3831 ?>
3832
3833 <?php if ($print_exec_time) { ?>
3834 <!-- <?php echo sprintf("Backend execution time: %.4f seconds", getmicrotime() - $script_started) ?> -->
3835 <?php } ?>