backend.php

   1 <?
   2         session_start();
   3
   4         if ($_GET["debug"]) {
   5                 define('DEFAULT_ERROR_LEVEL', E_ALL);
   6         } else {
   7                 define('DEFAULT_ERROR_LEVEL', E_ERROR | E_WARNING | E_PARSE);
   8         }
   9
  10         error_reporting(DEFAULT_ERROR_LEVEL);
  11
  12         $op = $_REQUEST["op"];
  13
  14         if ((!$op || $op == "rpc" || $op == "globalUpdateFeeds") && !$_REQUEST["noxml"]) {
  15                 header("Content-Type: application/xml");
  16         }
  17
  18         if (!$_SESSION["uid"] && $op != "globalUpdateFeeds") {
  19
  20                 if ($op == "rpc") {
  21                         print "<error error-code=\"6\"/>";
  22                 }
  23                 exit;
  24         }
  25
  26         if (!$op) {
  27                 print "<error error-code=\"7\"/>";
  28                 exit;
  29         }
  30
  31         define('SCHEMA_VERSION', 2);
  32
  33         require_once "sanity_check.php";
  34         require_once "config.php";
  35         require_once "db.php";
  36         require_once "db-prefs.php";
  37         require_once "functions.php";
  38         require_once "magpierss/rss_fetch.inc";
  39
  40         $script_started = getmicrotime();
  41
  42         $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
  43
  44         if (!$link) {
  45                 if (DB_TYPE == "mysql") {
  46                         print mysql_error();
  47                 }
  48                 // PG seems to display its own errors just fine by default.
  49                 return;
  50         }
  51
  52         if (DB_TYPE == "pgsql") {
  53                 pg_query("set client_encoding = 'utf-8'");
  54         }
  55
  56         $fetch = $_GET["fetch"];
  57
  58         function getAllCounters($link) {
  59                 getLabelCounters($link);
  60                 getFeedCounters($link);
  61                 getTagCounters($link);
  62                 getGlobalCounters($link);
  63         }
  64
  65         /* FIXME this needs reworking */
  66
  67         function getGlobalCounters($link) {
  68                 $result = db_query($link, "SELECT count(id) as c_id FROM ttrss_entries,ttrss_user_entries
  69                         WHERE unread = true AND
  70                         ttrss_user_entries.ref_id = ttrss_entries.id AND
  71                         owner_uid = " . $_SESSION["uid"]);
  72                 $c_id = db_fetch_result($result, 0, "c_id");
  73                 print "<counter id='global-unread' counter='$c_id'/>";
  74         }
  75
  76         function getTagCounters($link) {
  77
  78                 $result = db_query($link, "SELECT tag_name,count(ttrss_entries.id) AS count
  79                         FROM ttrss_tags,ttrss_entries,ttrss_user_entries WHERE
  80                         ttrss_user_entries.ref_id = ttrss_entries.id AND
  81                         ttrss_tags.owner_uid = ".$_SESSION["uid"]." AND
  82                         post_int_id = ttrss_user_entries.int_id AND unread = true GROUP BY tag_name
  83                 UNION
  84                         select tag_name,0 as count FROM ttrss_tags
  85                         WHERE ttrss_tags.owner_uid = ".$_SESSION["uid"]);
  86
  87                 $tags = array();
  88
  89                 while ($line = db_fetch_assoc($result)) {
  90                         $tags[$line["tag_name"]] += $line["count"];
  91                 }
  92
  93                 foreach (array_keys($tags) as $tag) {
  94                         $unread = $tags[$tag];
  95
  96                         $tag = htmlspecialchars($tag);
  97                         print "<tag id=\"$tag\" counter=\"$unread\"/>";
  98                 }
  99         }
 100
 101         function getLabelCounters($link) {
 102
 103                 $result = db_query($link, "SELECT count(id) as count FROM ttrss_entries,ttrss_user_entries
 104                         WHERE marked = true AND ttrss_user_entries.ref_id = ttrss_entries.id AND
 105                         unread = true AND owner_uid = ".$_SESSION["uid"]);
 106
 107                 $count = db_fetch_result($result, 0, "count");
 108
 109                 print "<label id=\"-1\" counter=\"$count\"/>";
 110
 111                 $result = db_query($link, "SELECT owner_uid,id,sql_exp,description FROM
 112                         ttrss_labels WHERE owner_uid = ".$_SESSION["uid"]." ORDER by description");
 113
 114                 while ($line = db_fetch_assoc($result)) {
 115
 116                         $id = -$line["id"] - 11;
 117
 118                         error_reporting (0);
 119
 120                         $tmp_result = db_query($link, "SELECT count(id) as count FROM ttrss_user_entries,ttrss_entries
 121                                 WHERE (" . $line["sql_exp"] . ") AND unread = true AND
 122                                 ttrss_user_entries.ref_id = ttrss_entries.id AND
 123                                 owner_uid = ".$_SESSION["uid"]);
 124
 125                         $count = db_fetch_result($tmp_result, 0, "count");
 126
 127                         print "<label id=\"$id\" counter=\"$count\"/>";
 128
 129                         error_reporting (DEFAULT_ERROR_LEVEL);
 130
 131                 }
 132         }
 133
 134         function getFeedCounter($link, $id) {
 135
 136                 $result = db_query($link, "SELECT
 137                                 count(id) as count FROM ttrss_entries,ttrss_user_entries
 138                         WHERE feed_id = '$id' AND unread = true
 139                         AND ttrss_user_entries.ref_id = ttrss_entries.id");
 140
 141                         $count = db_fetch_result($result, 0, "count");
 142
 143                         print "<feed id=\"$id\" counter=\"$count\"/>";
 144         }
 145
 146         function getFeedCounters($link) {
 147
 148                 $result = db_query($link, "SELECT id,
 149                         (SELECT count(id)
 150                                 FROM ttrss_entries,ttrss_user_entries
 151                                 WHERE feed_id = ttrss_feeds.id AND ttrss_user_entries.ref_id = ttrss_entries.id
 152                                 AND unread = true AND owner_uid = ".$_SESSION["uid"].") as count
 153                         FROM ttrss_feeds WHERE owner_uid = ".$_SESSION["uid"]);
 154
 155                 while ($line = db_fetch_assoc($result)) {
 156
 157                         $id = $line["id"];
 158                         $count = $line["count"];
 159
 160                         print "<feed id=\"$id\" counter=\"$count\"/>";
 161                 }
 162         }
 163
 164         function outputFeedList($link, $tags = false) {
 165
 166                 print "<html><head>
 167                         <title>Tiny Tiny RSS : Feedlist</title>
 168                         <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">";
 169
 170                 $user_theme = $_SESSION["theme"];
 171                 if ($user_theme) {
 172                         print "<link rel=\"stylesheet\" type=\"text/css\"
 173                                 href=\"themes/$user_theme/theme.css\">";
 174                 }
 175
 176                 if (get_pref($link, 'USE_COMPACT_STYLESHEET')) {
 177                         print "<link rel=\"stylesheet\" type=\"text/css\"
 178                                 href=\"tt-rss_compact.css\"/>";
 179                 } else {
 180                         print "<link title=\"Compact Stylesheet\" rel=\"alternate stylesheet\"
 181                                         type=\"text/css\" href=\"tt-rss_compact.css\"/>";
 182                 }
 183
 184                 print "<script type=\"text/javascript\" src=\"functions.js\"></script>
 185                         <script type=\"text/javascript\" src=\"feedlist.js\"></script>
 186                         <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
 187                         </head><body onload=\"init()\">";
 188
 189                 print "<ul class=\"feedList\" id=\"feedList\">";
 190
 191                 $owner_uid = $_SESSION["uid"];
 192
 193                 if (!$tags) {
 194
 195                         /* virtual feeds */
 196
 197                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 198                                 print "<li class=\"feedCat\">Special</li>";
 199                                 print "<li id=\"feedCatHolder\"><ul class=\"feedCatList\">";
 200                         }
 201
 202                         $result = db_query($link, "SELECT count(id) as num_starred
 203                                 FROM ttrss_entries,ttrss_user_entries
 204                                 WHERE marked = true AND
 205                                 ttrss_user_entries.ref_id = ttrss_entries.id AND
 206                                 unread = true AND owner_uid = '$owner_uid'");
 207                         $num_starred = db_fetch_result($result, 0, "num_starred");
 208
 209                         $class = "virt";
 210
 211                         if ($num_starred > 0) $class .= "Unread";
 212
 213                         printFeedEntry(-1, $class, "Starred articles", $num_starred,
 214                                 "images/mark_set.png", $link);
 215
 216                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 217                                 print "</li></ul>";
 218                         }
 219
 220                         if (get_pref($link, 'ENABLE_LABELS')) {
 221
 222                                 $result = db_query($link, "SELECT id,sql_exp,description FROM
 223                                         ttrss_labels WHERE owner_uid = '$owner_uid' ORDER by description");
 224
 225                                 if (db_num_rows($result) > 0) {
 226                                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 227                                                 print "<li class=\"feedCat\">Labels</li>";
 228                                                 print "<li id=\"feedCatHolder\"><ul class=\"feedCatList\">";
 229                                         } else {
 230                                                 print "<li><hr></li>";
 231                                         }
 232                                 }
 233
 234                                 while ($line = db_fetch_assoc($result)) {
 235
 236                                         error_reporting (0);
 237
 238                                         $tmp_result = db_query($link, "SELECT count(id) as count FROM ttrss_entries,ttrss_user_entries
 239                                                 WHERE (" . $line["sql_exp"] . ") AND unread = true AND
 240                                                 ttrss_user_entries.ref_id = ttrss_entries.id
 241                                                 AND owner_uid = '$owner_uid'");
 242
 243                                         $count = db_fetch_result($tmp_result, 0, "count");
 244
 245                                         $class = "label";
 246
 247                                         if ($count > 0) {
 248                                                 $class .= "Unread";
 249                                         }
 250
 251                                         error_reporting (DEFAULT_ERROR_LEVEL);
 252
 253                                         printFeedEntry(-$line["id"]-11,
 254                                                 $class, $line["description"], $count, "images/label.png", $link);
 255
 256                                 }
 257
 258                                 if (db_num_rows($result) > 0) {
 259                                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 260                                                 print "</li></ul>";
 261                                         }
 262                                 }
 263
 264                         }
 265
 266 //                      if (!get_pref($link, 'ENABLE_FEED_CATS')) {
 267                                 print "<li><hr></li>";
 268 //                      }
 269
 270                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 271                                 $order_by_qpart = "category,title";
 272                         } else {
 273                                 $order_by_qpart = "title";
 274                         }
 275
 276                         $result = db_query($link, "SELECT *,
 277                                 (SELECT count(id) FROM ttrss_entries,ttrss_user_entries
 278                                         WHERE feed_id = ttrss_feeds.id AND
 279                                         ttrss_user_entries.ref_id = ttrss_entries.id AND
 280                                         owner_uid = '$owner_uid') AS total,
 281                                 (SELECT count(id) FROM ttrss_entries,ttrss_user_entries
 282                                         WHERE feed_id = ttrss_feeds.id AND unread = true
 283                                                 AND ttrss_user_entries.ref_id = ttrss_entries.id
 284                                                 AND owner_uid = '$owner_uid') as unread,
 285                                 (SELECT title FROM ttrss_feed_categories
 286                                         WHERE id = cat_id) AS category
 287                                 FROM ttrss_feeds WHERE owner_uid = '$owner_uid' ORDER BY $order_by_qpart");
 288
 289                         $actid = $_GET["actid"];
 290
 291                         /* real feeds */
 292
 293                         $lnum = 0;
 294
 295                         $total_unread = 0;
 296
 297                         $category = "";
 298
 299                         while ($line = db_fetch_assoc($result)) {
 300
 301                                 $feed = $line["title"];
 302                                 $feed_id = $line["id"];
 303
 304                                 $subop = $_GET["subop"];
 305
 306                                 $total = $line["total"];
 307                                 $unread = $line["unread"];
 308
 309                                 $tmp_category = $line["category"];
 310
 311                                 if (!$tmp_category) {
 312                                         $tmp_category = "Uncategorized";
 313                                 }
 314
 315         //                      $class = ($lnum % 2) ? "even" : "odd";
 316
 317                                 $class = "feed";
 318
 319                                 if ($unread > 0) $class .= "Unread";
 320
 321                                 if ($actid == $feed_id) {
 322                                         $class .= "Selected";
 323                                 }
 324
 325                                 $total_unread += $unread;
 326
 327                                 if ($category != $tmp_category && get_pref($link, 'ENABLE_FEED_CATS')) {
 328
 329                                         if ($category) {
 330                                                 print "</li></ul></li>";
 331                                         }
 332
 333                                         $category = $tmp_category;
 334
 335                                         print "<li class=\"feedCat\">$category</li>";
 336                                         print "<li id=\"feedCatHolder\"><ul class=\"feedCatList\">";
 337                                 }
 338
 339                                 printFeedEntry($feed_id, $class, $feed, $unread,
 340                                         "icons/$feed_id.ico", $link);
 341
 342                                 ++$lnum;
 343                         }
 344
 345                 } else {
 346
 347                         // tags
 348
 349                         $result = db_query($link, "SELECT tag_name,count(ttrss_entries.id) AS count
 350                                 FROM ttrss_tags,ttrss_entries,ttrss_user_entries WHERE
 351                                 post_int_id = ttrss_user_entries.int_id AND
 352                                 unread = true AND ref_id = ttrss_entries.id
 353                                 AND ttrss_tags.owner_uid = '$owner_uid' GROUP BY tag_name
 354                         UNION
 355                                 select tag_name,0 as count FROM ttrss_tags WHERE owner_uid = '$owner_uid'
 356                         ORDER BY tag_name");
 357
 358                         $tags = array();
 359
 360                         while ($line = db_fetch_assoc($result)) {
 361                                 $tags[$line["tag_name"]] += $line["count"];
 362                         }
 363
 364                         foreach (array_keys($tags) as $tag) {
 365
 366                                 $unread = $tags[$tag];
 367
 368                                 $class = "tag";
 369
 370                                 if ($unread > 0) {
 371                                         $class .= "Unread";
 372                                 }
 373
 374                                 printFeedEntry($tag, $class, $tag, $unread, "images/tag.png", $link);
 375
 376                         }
 377
 378                 }
 379
 380                 if (db_num_rows($result) == 0) {
 381                         if ($tags) {
 382                                 $what = "tags";
 383                         } else {
 384                                 $what = "feeds";
 385                         }
 386                         print "<li>No $what to display.</li>";
 387                 }
 388
 389                 print "</ul>";
 390
 391         }
 392
 393
 394         if ($op == "rpc") {
 395
 396                 $subop = $_GET["subop"];
 397
 398                 if ($subop == "getLabelCounters") {
 399                         $aid = $_GET["aid"];
 400                         print "<rpc-reply>";
 401                         getLabelCounters($link);
 402                         if ($aid) {
 403                                 getFeedCounter($link, $aid);
 404                         }
 405                         print "</rpc-reply>";
 406                 }
 407
 408                 if ($subop == "getFeedCounters") {
 409                         print "<rpc-reply>";
 410                         getFeedCounters($link);
 411                         print "</rpc-reply>";
 412                 }
 413
 414                 if ($subop == "getAllCounters") {
 415                         print "<rpc-reply>";
 416                         getAllCounters($link);
 417                         print "</rpc-reply>";
 418                 }
 419
 420                 if ($subop == "mark") {
 421                         $mark = $_GET["mark"];
 422                         $id = db_escape_string($_GET["id"]);
 423
 424                         if ($mark == "1") {
 425                                 $mark = "true";
 426                         } else {
 427                                 $mark = "false";
 428                         }
 429
 430                         // FIXME this needs collision testing
 431
 432                         $result = db_query($link, "UPDATE ttrss_user_entries SET marked = $mark
 433                                 WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 434                 }
 435
 436                 if ($subop == "updateFeed") {
 437                         $feed_id = db_escape_string($_GET["feed"]);
 438
 439                         $result = db_query($link,
 440                                 "SELECT feed_url FROM ttrss_feeds WHERE id = '$feed_id'
 441                                         AND owner_uid = " . $_SESSION["uid"]);
 442
 443                         if (db_num_rows($result) > 0) {
 444                                 $feed_url = db_fetch_result($result, 0, "feed_url");
 445                                 update_rss_feed($link, $feed_url, $feed_id);
 446                         }
 447
 448                         print "<rpc-reply>";
 449                         getFeedCounter($link, $feed_id);
 450                         print "</rpc-reply>";
 451
 452                         return;
 453                 }
 454
 455                 if ($subop == "forceUpdateAllFeeds" || $subop == "updateAllFeeds") {
 456
 457                         update_all_feeds($link, $subop == "forceUpdateAllFeeds");
 458
 459                         $omode = $_GET["omode"];
 460
 461                         if (!$omode) $omode = "tfl";
 462
 463                         print "<rpc-reply>";
 464                         if (strchr($omode, "l")) getLabelCounters($link);
 465                         if (strchr($omode, "f")) getFeedCounters($link);
 466                         if (strchr($omode, "t")) getTagCounters($link);
 467                         getGlobalCounters($link);
 468                         print "</rpc-reply>";
 469                 }
 470
 471                 /* GET["cmode"] = 0 - mark as read, 1 - as unread, 2 - toggle */
 472                 if ($subop == "catchupSelected") {
 473
 474                         $ids = split(",", db_escape_string($_GET["ids"]));
 475
 476                         $cmode = sprintf("%d", $_GET["cmode"]);
 477
 478                         foreach ($ids as $id) {
 479
 480                                 if ($cmode == 0) {
 481                                         db_query($link, "UPDATE ttrss_user_entries SET
 482                                         unread = false,last_read = NOW()
 483                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 484                                 } else if ($cmode == 1) {
 485                                         db_query($link, "UPDATE ttrss_user_entries SET
 486                                         unread = true
 487                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 488                                 } else {
 489                                         db_query($link, "UPDATE ttrss_user_entries SET
 490                                         unread = NOT unread,last_read = NOW()
 491                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 492                                 }
 493                         }
 494                         print "<rpc-reply>";
 495                         getAllCounters($link);
 496                         print "</rpc-reply>";
 497                 }
 498
 499                 if ($subop == "markSelected") {
 500
 501                         $ids = split(",", db_escape_string($_GET["ids"]));
 502
 503                         $cmode = sprintf("%d", $_GET["cmode"]);
 504
 505                         foreach ($ids as $id) {
 506
 507                                 if ($cmode == 0) {
 508                                         db_query($link, "UPDATE ttrss_user_entries SET
 509                                         marked = false
 510                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 511                                 } else if ($cmode == 1) {
 512                                         db_query($link, "UPDATE ttrss_user_entries SET
 513                                         marked = true
 514                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 515                                 } else {
 516                                         db_query($link, "UPDATE ttrss_user_entries SET
 517                                         marked = NOT marked
 518                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 519                                 }
 520                         }
 521                         print "<rpc-reply>";
 522                         getAllCounters($link);
 523                         print "</rpc-reply>";
 524                 }
 525
 526                 if ($subop == "sanityCheck") {
 527
 528                         $error_code = 0;
 529
 530                         $result = db_query($link, "SELECT schema_version FROM ttrss_version");
 531
 532                         $schema_version = db_fetch_result($result, 0, "schema_version");
 533
 534                         if ($schema_version != SCHEMA_VERSION) {
 535                                 $error_code = 5;
 536                         }
 537
 538                         print "<error error-code='$error_code'/>";
 539                 }
 540
 541                 if ($subop == "globalPurge") {
 542
 543                         print "<rpc-reply>";
 544                         global_purge_old_posts($link, true);
 545                         print "</rpc-reply>";
 546
 547                 }
 548
 549         }
 550
 551         if ($op == "feeds") {
 552
 553                 $tags = $_GET["tags"];
 554
 555                 $subop = $_GET["subop"];
 556
 557                 if ($subop == "catchupAll") {
 558                         db_query($link, "UPDATE ttrss_user_entries SET
 559                                 last_read = NOW(),unread = false WHERE owner_uid = " . $_SESSION["uid"]);
 560                 }
 561
 562                 outputFeedList($link, $tags);
 563
 564         }
 565
 566         if ($op == "view") {
 567
 568                 $id = $_GET["id"];
 569                 $feed_id = $_GET["feed"];
 570
 571                 $result = db_query($link, "UPDATE ttrss_user_entries
 572                         SET unread = false,last_read = NOW()
 573                         WHERE ref_id = '$id' AND feed_id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]);
 574
 575                 $addheader = $_GET["addheader"];
 576
 577                 $result = db_query($link, "SELECT title,link,content,feed_id,comments,int_id,
 578                         SUBSTRING(updated,1,16) as updated,
 579                         (SELECT icon_url FROM ttrss_feeds WHERE id = feed_id) as icon_url
 580                         FROM ttrss_entries,ttrss_user_entries
 581                         WHERE   id = '$id' AND ref_id = id");
 582
 583                 if ($addheader) {
 584                         print "<html><head>
 585                                 <title>Tiny Tiny RSS : Article $id</title>
 586                                 <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">";
 587
 588                         $user_theme = $_SESSION["theme"];
 589                         if ($user_theme) {
 590                                 print "<link rel=\"stylesheet\" type=\"text/css\"
 591                                         href=\"themes/$user_theme/theme.css\">";
 592                         }
 593
 594                         if (get_pref($link, 'USE_COMPACT_STYLESHEET')) {
 595                                 print "<link rel=\"stylesheet\" type=\"text/css\"
 596                                         href=\"tt-rss_compact.css\"/>";
 597                         } else {
 598                                 print "<link title=\"Compact Stylesheet\" rel=\"alternate stylesheet\"
 599                                                 type=\"text/css\" href=\"tt-rss_compact.css\"/>";
 600                         }
 601
 602                         print "<script type=\"text/javascript\" src=\"functions.js\"></script>
 603                                 <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
 604                                 </head><body>";
 605                 }
 606
 607                 if ($result) {
 608
 609                         $line = db_fetch_assoc($result);
 610
 611                         if ($line["icon_url"]) {
 612                                 $feed_icon = "<img class=\"feedIcon\" src=\"" . $line["icon_url"] . "\">";
 613                         } else {
 614                                 $feed_icon = "&nbsp;";
 615                         }
 616
 617                         if ($line["comments"] && $line["link"] != $line["comments"]) {
 618                                 $entry_comments = "(<a href=\"".$line["comments"]."\">Comments</a>)";
 619                         } else {
 620                                 $entry_comments = "";
 621                         }
 622
 623                         print "<div class=\"postReply\">";
 624
 625                         print "<div class=\"postHeader\"><table width=\"100%\">";
 626
 627                         print "<tr><td>" . $line["title"] . "</td>";
 628
 629                         $parsed_updated = date(get_pref($link, 'LONG_DATE_FORMAT'),
 630                                 strtotime($line["updated"]));
 631
 632                         print "<td class=\"postDate\">$parsed_updated</td>";
 633
 634                         print "</tr>";
 635
 636                         $tmp_result = db_query($link, "SELECT DISTINCT tag_name FROM
 637                                 ttrss_tags WHERE post_int_id = " . $line["int_id"] . "
 638                                 ORDER BY tag_name");
 639
 640                         $tags_str = "";
 641                         $f_tags_str = "";
 642
 643                         $num_tags = 0;
 644
 645                         while ($tmp_line = db_fetch_assoc($tmp_result)) {
 646                                 $num_tags++;
 647                                 $tag = $tmp_line["tag_name"];
 648                                 $tag_str = "<a href=\"javascript:parent.viewfeed('$tag')\">$tag</a>, ";
 649
 650                                 if ($num_tags == 5) {
 651                                         $tags_str .= "<a href=\"javascript:showBlockElement('allEntryTags')\">...</a>";
 652                                 } else if ($num_tags < 5) {
 653                                         $tags_str .= $tag_str;
 654                                 }
 655                                 $f_tags_str .= $tag_str;
 656                         }
 657
 658                         $tags_str = preg_replace("/, $/", "", $tags_str);
 659                         $f_tags_str = preg_replace("/, $/", "", $f_tags_str);
 660
 661                         print "<tr><td width='50%'>
 662                                 <a href=\"" . $line["link"] . "\">".$line["link"]."</a>
 663                                 $entry_comments</td>
 664                                 <td align=\"right\">$tags_str</td></tr>";
 665
 666 /*                      if ($tags_str) {
 667                                 print "<tr><td><b>Tags:</b></td>
 668                                         <td width='100%'>$tags_str</td></tr>";
 669                         } */
 670
 671                         print "</table></div>";
 672
 673                         print "<div class=\"postIcon\">" . $feed_icon . "</div>";
 674                         print "<div class=\"postContent\">";
 675
 676                         if (db_num_rows($tmp_result) > 5) {
 677                                 print "<div id=\"allEntryTags\">Tags: $f_tags_str</div>";
 678                         }
 679
 680                         print $line["content"] . "</div>";
 681
 682                         print "</div>";
 683
 684                         print "<script type=\"text/javascript\">
 685                                 update_all_counters('$feed_id');
 686                         </script>";
 687                 }
 688
 689                 if ($addheader) {
 690                         print "</body></html>";
 691                 }
 692         }
 693
 694         if ($op == "viewfeed") {
 695
 696                 $feed = $_GET["feed"];
 697                 $skip = $_GET["skip"];
 698                 $subop = $_GET["subop"];
 699                 $view_mode = $_GET["view"];
 700                 $addheader = $_GET["addheader"];
 701                 $limit = $_GET["limit"];
 702                 $omode = $_GET["omode"];
 703
 704                 if ($omode == "xml") {
 705                         header("Content-Type: application/xml");
 706                 }
 707
 708                 if (!$feed) {
 709                         return;
 710                 }
 711
 712                 if (!$skip) $skip = 0;
 713
 714                 if ($subop == "undefined") $subop = "";
 715
 716                 if ($addheader) {
 717                         print "<html><head>
 718                                 <title>Tiny Tiny RSS : Feed $feed</title>
 719                                 <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">";
 720
 721                         $user_theme = $_SESSION["theme"];
 722                         if ($user_theme) {
 723                                 print "<link rel=\"stylesheet\" type=\"text/css\"
 724                                         href=\"themes/$user_theme/theme.css\">";
 725                         }
 726
 727                         if (get_pref($link, 'USE_COMPACT_STYLESHEET')) {
 728                                 print "<link rel=\"stylesheet\"
 729                                                 type=\"text/css\" href=\"tt-rss_compact.css\"/>";
 730
 731                         } else {
 732                                 print "<link title=\"Compact Stylesheet\" rel=\"alternate stylesheet\"
 733                                                 type=\"text/css\" href=\"tt-rss_compact.css\"/>";
 734                         }
 735
 736                         print "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
 737                                 <script type=\"text/javascript\" src=\"functions.js\"></script>
 738                                 <script type=\"text/javascript\" src=\"viewfeed.js\"></script>
 739                                 </head><body onload='init()'>";
 740                 }
 741
 742                 if ($subop == "ForceUpdate" && sprintf("%d", $feed) > 0) {
 743
 744                         $tmp_result = db_query($link, "SELECT feed_url FROM ttrss_feeds
 745                                 WHERE id = '$feed'");
 746
 747                         $feed_url = db_fetch_result($tmp_result, 0, "feed_url");
 748
 749                         update_rss_feed($link, $feed_url, $feed);
 750
 751                 }
 752
 753                 if ($subop == "MarkAllRead")  {
 754
 755                         if (sprintf("%d", $feed) != 0) {
 756
 757                                 if ($feed > 0) {
 758                                         db_query($link, "UPDATE ttrss_user_entries
 759                                                 SET unread = false,last_read = NOW()
 760                                                 WHERE feed_id = '$feed' AND owner_uid = " . $_SESSION["uid"]);
 761
 762                                 } else if ($feed < 0 && $feed > -10) { // special, like starred
 763
 764                                         if ($feed == -1) {
 765                                                 db_query($link, "UPDATE ttrss_user_entries
 766                                                         SET unread = false,last_read = NOW()
 767                                                         WHERE marked = true AND owner_uid = ".$_SESSION["uid"]);
 768                                         }
 769
 770                                 } else if ($feed < -10) { // label
 771
 772                                         // TODO make this more efficient
 773
 774                                         $label_id = -$feed - 11;
 775
 776                                         $tmp_result = db_query($link, "SELECT sql_exp FROM ttrss_labels
 777                                                 WHERE id = '$label_id'");
 778
 779                                         if ($tmp_result) {
 780                                                 $sql_exp = db_fetch_result($tmp_result, 0, "sql_exp");
 781
 782                                                 db_query($link, "BEGIN");
 783
 784                                                 $tmp2_result = db_query($link,
 785                                                         "SELECT
 786                                                                 int_id
 787                                                         FROM
 788                                                                 ttrss_user_entries,ttrss_entries
 789                                                         WHERE
 790                                                                 ref_id = id AND
 791                                                                 $sql_exp AND
 792                                                                 owner_uid = " . $_SESSION["uid"]);
 793
 794                                                 while ($tmp_line = db_fetch_assoc($tmp2_result)) {
 795                                                         db_query($link, "UPDATE
 796                                                                 ttrss_user_entries
 797                                                         SET
 798                                                                 unread = false, last_read = NOW()
 799                                                         WHERE
 800                                                                 int_id = " . $tmp_line["int_id"]);
 801                                                 }
 802
 803                                                 db_query($link, "COMMIT");
 804
 805 /*                                              db_query($link, "UPDATE ttrss_user_entries,ttrss_entries
 806                                                         SET unread = false,last_read = NOW()
 807                                                         WHERE $sql_exp
 808                                                         AND ref_id = id
 809                                                         AND owner_uid = ".$_SESSION["uid"]); */
 810                                         }
 811                                 }
 812                         } else { // tag
 813                                 db_query($link, "BEGIN");
 814
 815                                 $tag_name = db_escape_string($feed);
 816
 817                                 $result = db_query($link, "SELECT post_int_id FROM ttrss_tags
 818                                         WHERE tag_name = '$tag_name' AND owner_uid = " . $_SESSION["uid"]);
 819
 820                                 while ($line = db_fetch_assoc($result)) {
 821                                         db_query($link, "UPDATE ttrss_user_entries SET
 822                                                 unread = false, last_read = NOW()
 823                                                 WHERE int_id = " . $line["post_int_id"]);
 824                                 }
 825                                 db_query($link, "COMMIT");
 826                         }
 827
 828                 }
 829
 830                 $search = db_escape_string($_GET["search"]);
 831                 $search_mode = db_escape_string($_GET["smode"]);
 832
 833                 if ($search) {
 834                         $search_query_part = "(upper(title) LIKE upper('%$search%')
 835                                 OR content LIKE '%$search%') AND";
 836                 } else {
 837                         $search_query_part = "";
 838                 }
 839
 840                 $view_query_part = "";
 841
 842                 if ($view_mode == "Starred") {
 843                         $view_query_part = " marked = true AND ";
 844                 }
 845
 846                 if ($view_mode == "Unread") {
 847                         $view_query_part = " unread = true AND ";
 848                 }
 849
 850                 if ($view_mode == "Unread or Starred") {
 851                         $view_query_part = " (unread = true OR marked = true) AND ";
 852                 }
 853
 854                 if ($view_mode == "Unread or Updated") {
 855                         $view_query_part = " (unread = true OR last_read is NULL) AND ";
 856                 }
 857
 858 /*              $result = db_query($link, "SELECT count(id) AS total_entries
 859                         FROM ttrss_entries WHERE
 860                         $search_query_part
 861                         feed_id = '$feed'");
 862
 863                 $total_entries = db_fetch_result($result, 0, "total_entries"); */
 864
 865 /*              $result = db_query("SELECT count(id) AS unread_entries
 866                         FROM ttrss_entries WHERE
 867                         $search_query_part
 868                         unread = true AND
 869                         feed_id = '$feed'");
 870
 871                 $unread_entries = db_fetch_result($result, 0, "unread_entries"); */
 872
 873                 if ($limit && $limit != "All") {
 874                         $limit_query_part = "LIMIT " . $limit;
 875                 }
 876
 877                 $vfeed_query_part = "";
 878
 879                 // override query strategy and enable feed display when searching globally
 880                 if ($search && $search_mode == "All feeds") {
 881                         $query_strategy_part = "id > 0";
 882                         $vfeed_query_part = "(SELECT title FROM ttrss_feeds WHERE
 883                                 id = feed_id) as feed_title,";
 884                 } else if (sprintf("%d", $feed) == 0) {
 885                         $query_strategy_part = "ttrss_entries.id > 0";
 886                         $vfeed_query_part = "(SELECT title FROM ttrss_feeds WHERE
 887                                 id = feed_id) as feed_title,";
 888                 } else if ($feed >= 0) {
 889                         $query_strategy_part = "feed_id = '$feed'";
 890                 } else if ($feed == -1) { // starred virtual feed
 891                         $query_strategy_part = "marked = true";
 892                         $vfeed_query_part = "(SELECT title FROM ttrss_feeds WHERE
 893                                 id = feed_id) as feed_title,";
 894                 } else if ($feed <= -10) { // labels
 895                         $label_id = -$feed - 11;
 896
 897                         $tmp_result = db_query($link, "SELECT sql_exp FROM ttrss_labels
 898                                 WHERE id = '$label_id'");
 899
 900                         $query_strategy_part = db_fetch_result($tmp_result, 0, "sql_exp");
 901
 902                         $vfeed_query_part = "(SELECT title FROM ttrss_feeds WHERE
 903                                 id = feed_id) as feed_title,";
 904                 } else {
 905                         $query_strategy_part = "id > 0"; // dumb
 906                 }
 907
 908                 $order_by = "updated DESC";
 909
 910 //              if ($feed < -10) {
 911 //                      $order_by = "feed_id,updated DESC";
 912 //              }
 913
 914                 $feed_title = "";
 915
 916                 if ($search && $search_mode == "All feeds") {
 917                         $feed_title = "Search results";
 918                 } else if (sprintf("%d", $feed) == 0) {
 919                         $feed_title = $feed;
 920                 } else if ($feed > 0) {
 921                         $result = db_query($link, "SELECT title,site_url FROM ttrss_feeds
 922                                 WHERE id = '$feed'");
 923
 924                         $feed_title = db_fetch_result($result, 0, "title");
 925                         $feed_site_url = db_fetch_result($result, 0, "site_url");
 926
 927                 } else if ($feed == -1) {
 928                         $feed_title = "Starred articles";
 929                 } else if ($feed < -10) {
 930                         $label_id = -$feed - 11;
 931                         $result = db_query($link, "SELECT description FROM ttrss_labels
 932                                 WHERE id = '$label_id'");
 933                         $feed_title = db_fetch_result($result, 0, "description");
 934                 } else {
 935                         $feed_title = "?";
 936                 }
 937
 938                 if ($feed < -10) error_reporting (0);
 939
 940                 if (sprintf("%d", $feed) != 0) {
 941
 942                         if ($feed > 0) {
 943                                 $feed_kind = "Feeds";
 944                         } else {
 945                                 $feed_kind = "Labels";
 946                         }
 947
 948                         if (!$vfeed_query_part) {
 949                                 $content_query_part = "content as content_preview,";
 950                         } else {
 951                                 $content_query_part = "";
 952                         }
 953
 954                         $result = db_query($link, "SELECT
 955                                         id,title,
 956                                         SUBSTRING(updated,1,16) as updated,
 957                                         unread,feed_id,marked,link,last_read,
 958                                         SUBSTRING(last_read,1,19) as last_read_noms,
 959                                         $vfeed_query_part
 960                                         $content_query_part
 961                                         SUBSTRING(updated,1,19) as updated_noms
 962                                 FROM
 963                                         ttrss_entries,ttrss_user_entries
 964                                 WHERE
 965                                 ttrss_user_entries.ref_id = ttrss_entries.id AND
 966                                 owner_uid = '".$_SESSION["uid"]."' AND
 967                                 $search_query_part
 968                                 $view_query_part
 969                                 $query_strategy_part ORDER BY $order_by
 970                                 $limit_query_part");
 971
 972                 } else {
 973                         // browsing by tag
 974
 975                         $feed_kind = "Tags";
 976
 977                         $result = db_query($link, "SELECT
 978                                 ttrss_entries.id as id,title,
 979                                 SUBSTRING(updated,1,16) as updated,
 980                                 unread,feed_id,
 981                                 marked,link,last_read,
 982                                 SUBSTRING(last_read,1,19) as last_read_noms,
 983                                 $vfeed_query_part
 984                                 $content_query_part
 985                                 SUBSTRING(updated,1,19) as updated_noms
 986                                 FROM
 987                                         ttrss_entries,ttrss_user_entries,ttrss_tags
 988                                 WHERE
 989                                         ref_id = ttrss_entries.id AND
 990                                         ttrss_user_entries.owner_uid = '".$_SESSION["uid"]."' AND
 991                                         post_int_id = int_id AND tag_name = '$feed' AND
 992                                         $view_query_part
 993                                         $search_query_part
 994                                         $query_strategy_part ORDER BY $order_by
 995                                 $limit_query_part");
 996                 }
 997
 998                 if (!$result) {
 999                         if ($omode != "xml") {
1000                                 print "<div align='center'>
1001                                         Could not display feed (query failed). Please check label match syntax or local configuration.</div>";
1002                                 return;
1003                         } else {
1004                                 print "<error error-code=\"8\"/>";
1005
1006                         }
1007                 }
1008
1009                 if (db_num_rows($result) > 0) {
1010
1011                         if ($omode != "xml") {
1012
1013                                 print "<table class=\"headlinesSubToolbar\"
1014                                         width=\"100%\" cellspacing=\"0\" cellpadding=\"0\"><tr>";
1015
1016                                 print "<td class=\"headlineActions\">
1017                                         Select:
1018                                                         <a href=\"javascript:selectTableRowsByIdPrefix('headlinesList',
1019                                                                 'RROW-', 'RCHK-', true)\">All</a>,
1020                                                         <a href=\"javascript:selectTableRowsByIdPrefix('headlinesList',
1021                                                                 'RROW-', 'RCHK-', true, 'Unread')\">Unread</a>,
1022                                                         <a href=\"javascript:selectTableRowsByIdPrefix('headlinesList',
1023                                                                 'RROW-', 'RCHK-', false)\">None</a>
1024                                         &nbsp;&nbsp;
1025                                         Toggle: <a href=\"javascript:toggleUnread()\">Unread</a>,
1026                                                         <a href=\"javascript:toggleStarred()\">Starred</a>";
1027
1028                                 print "</td>";
1029
1030                                 print "<td class=\"headlineTitle\">";
1031
1032                                 if ($feed_site_url) {
1033                                         print "<a target=\"_blank\" href=\"$feed_site_url\">$feed_title</a>";
1034                                 } else {
1035                                         print $feed_title;
1036                                 }
1037
1038                                 print "</td>";
1039                                 print "</tr></table>";
1040
1041                                 print "<table class=\"headlinesList\" id=\"headlinesList\"
1042                                         cellspacing=\"0\" width=\"100%\">";
1043
1044                         } else {
1045                                 print "<headlines feed=\"$feed\" title=\"$feed_title\" site_url=\"$feed_site_url\">";
1046                         }
1047
1048                         $lnum = 0;
1049
1050                         error_reporting (DEFAULT_ERROR_LEVEL);
1051
1052                         $num_unread = 0;
1053
1054                         while ($line = db_fetch_assoc($result)) {
1055
1056                                 $class = ($lnum % 2) ? "even" : "odd";
1057
1058                                 $id = $line["id"];
1059                                 $feed_id = $line["feed_id"];
1060
1061                                 if ($line["last_read"] == "" &&
1062                                                 ($line["unread"] != "t" && $line["unread"] != "1")) {
1063
1064                                         $update_pic = "<img id='FUPDPIC-$id' src=\"images/updated.png\"
1065                                                 alt=\"Updated\">";
1066                                 } else {
1067                                         $update_pic = "<img id='FUPDPIC-$id' src=\"images/blank_icon.gif\"
1068                                                 alt=\"Updated\">";
1069                                 }
1070
1071                                 if ($line["unread"] == "t" || $line["unread"] == "1") {
1072                                         $class .= "Unread";
1073                                         ++$num_unread;
1074                                         $is_unread = 'true';
1075                                 } else {
1076                                         $is_unread = 'false';
1077                                 }
1078
1079                                 if ($line["marked"] == "t" || $line["marked"] == "1") {
1080                                         $marked_pic = "<img id=\"FMARKPIC-$id\" src=\"images/mark_set.png\"
1081                                                 alt=\"Reset mark\" onclick='javascript:toggleMark($id, false)'>";
1082                                 } else {
1083                                         $marked_pic = "<img id=\"FMARKPIC-$id\" src=\"images/mark_unset.png\"
1084                                                 alt=\"Set mark\" onclick='javascript:toggleMark($id, true)'>";
1085                                 }
1086
1087                                 $content_link = "<a href=\"javascript:view($id,$feed_id);\">" .
1088                                         $line["title"] . "</a>";
1089
1090                                 if (get_pref($link, 'HEADLINES_SMART_DATE')) {
1091                                         $updated_fmt = smart_date_time(strtotime($line["updated"]));
1092                                 } else {
1093                                         $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
1094                                         $updated_fmt = date($short_date, strtotime($line["updated"]));
1095                                 }
1096
1097                                 if (get_pref($link, 'SHOW_CONTENT_PREVIEW')) {
1098                                         $content_preview = truncate_string(strip_tags($line["content_preview"]), 101);
1099                                 }
1100
1101                                 if ($omode != "xml") {
1102
1103                                         print "<tr class='$class' id='RROW-$id'>";
1104                                         // onclick=\"javascript:view($id,$feed_id)\">
1105
1106                                         print "<td class='hlUpdatePic'>$update_pic</td>";
1107
1108                                         print "<td class='hlSelectRow'>
1109                                                 <input type=\"checkbox\" onclick=\"toggleSelectRow(this)\"
1110                                                         class=\"feedCheckBox\" id=\"RCHK-$id\">
1111                                                 </td>";
1112
1113                                         print "<td class='hlMarkedPic'>$marked_pic</td>";
1114
1115                                         if ($line["feed_title"]) {
1116                                                 print "<td class='hlContent'>$content_link</td>";
1117                                                 print "<td class='hlFeed'>
1118                                                         <a href='javascript:viewfeed($feed_id)'>".$line["feed_title"]."</a>&nbsp;</td>";
1119                                         } else {
1120                                                 print "<td class='hlContent'>";
1121
1122                                                 print "<a href=\"javascript:view($id,$feed_id);\">" .
1123                                                         $line["title"];
1124
1125                                                 if (get_pref($link, 'SHOW_CONTENT_PREVIEW')) {
1126
1127                                                         if ($content_preview) {
1128                                                                 print "<span class=\"contentPreview\"> - $content_preview</span>";
1129                                                         }
1130                                                 }
1131
1132                                                 print "</a>";
1133                                                 print "</td>";
1134                                         }
1135
1136                                         print "<td class=\"hlUpdated\"><nobr>$updated_fmt&nbsp;</nobr></td>";
1137
1138                                         print "</tr>";
1139
1140                                 } else {
1141
1142                                         print "<entry unread='$is_unread' id='$id'>";
1143                                         print "<title><![CDATA[" . $line["title"] . "]]></title>";
1144                                         print "<link>" . $line["link"] . "</link>";
1145                                         print "<updated>$updated_fmt</updated>";
1146                                         if ($content_preview) {
1147                                                 print "<preview><![CDATA[ $content_preview ]]></preview>";
1148                                         }
1149
1150                                         if ($line["feed_title"]) {
1151                                         print "<feed id='$feed_id'><![CDATA[" . $line["feed_title"] . "]]></feed>";
1152                                         }
1153                                         print "</entry>";
1154
1155                                 }
1156
1157
1158                                 ++$lnum;
1159                         }
1160
1161                         if ($omode != "xml") {
1162                                 print "</table>";
1163                         } else {
1164                                 print "</headlines>";
1165                         }
1166
1167                 } else {
1168                         print "<div width='100%' align='center'>No articles found.</div>";
1169                 }
1170
1171                 if ($omode != "xml") {
1172
1173                         print "<script type=\"text/javascript\">
1174                                 document.onkeydown = hotkey_handler;
1175                                 update_all_counters('$feed');
1176                         </script>";
1177
1178                         if ($addheader) {
1179                                 print "</body></html>";
1180                         }
1181                 }
1182         }
1183
1184         if ($op == "pref-rpc") {
1185
1186                 $subop = $_GET["subop"];
1187
1188                 if ($subop == "unread") {
1189                         $ids = split(",", db_escape_string($_GET["ids"]));
1190                         foreach ($ids as $id) {
1191                                 db_query($link, "UPDATE ttrss_user_entries SET unread = true
1192                                         WHERE feed_id = '$id' AND owner_uid = ".$_SESSION["uid"]);
1193                         }
1194
1195                         print "Marked selected feeds as unread.";
1196                 }
1197
1198                 if ($subop == "read") {
1199                         $ids = split(",", db_escape_string($_GET["ids"]));
1200                         foreach ($ids as $id) {
1201                                 db_query($link, "UPDATE ttrss_user_entries
1202                                         SET unread = false,last_read = NOW() WHERE
1203                                                 feed_id = '$id' AND owner_uid = ".$_SESSION["uid"]);
1204                         }
1205
1206                         print "Marked selected feeds as read.";
1207
1208                 }
1209
1210         }
1211
1212         if ($op == "pref-feeds") {
1213
1214                 $subop = $_GET["subop"];
1215
1216                 if ($subop == "editSave") {
1217                         $feed_title = db_escape_string($_GET["t"]);
1218                         $feed_link = db_escape_string($_GET["l"]);
1219                         $upd_intl = db_escape_string($_GET["ui"]);
1220                         $purge_intl = db_escape_string($_GET["pi"]);
1221                         $feed_id = db_escape_string($_GET["id"]);
1222                         $cat_id = db_escape_string($_GET["catid"]);
1223
1224                         if (strtoupper($upd_intl) == "DEFAULT")
1225                                 $upd_intl = 0;
1226
1227                         if (strtoupper($upd_intl) == "DISABLED")
1228                                 $upd_intl = -1;
1229
1230                         if (strtoupper($purge_intl) == "DEFAULT")
1231                                 $purge_intl = 0;
1232
1233                         if (strtoupper($purge_intl) == "DISABLED")
1234                                 $purge_intl = -1;
1235
1236                         if ($cat_id != 0) {
1237                                 $category_qpart = "cat_id = '$cat_id'";
1238                         } else {
1239                                 $category_qpart = 'cat_id = NULL';
1240                         }
1241
1242                         $result = db_query($link, "UPDATE ttrss_feeds SET
1243                                 $category_qpart,
1244                                 title = '$feed_title', feed_url = '$feed_link',
1245                                 update_interval = '$upd_intl',
1246                                 purge_interval = '$purge_intl'
1247                                 WHERE id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]);
1248
1249                 }
1250
1251                 if ($subop == "remove") {
1252
1253                         if (!WEB_DEMO_MODE) {
1254
1255                                 $ids = split(",", db_escape_string($_GET["ids"]));
1256
1257                                 foreach ($ids as $id) {
1258                                         db_query($link, "DELETE FROM ttrss_feeds
1259                                                 WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
1260
1261                                         $icons_dir = ICONS_DIR;
1262
1263                                         if (file_exists($icons_dir . "/$id.ico")) {
1264                                                 unlink($icons_dir . "/$id.ico");
1265                                         }
1266                                 }
1267                         }
1268                 }
1269
1270                 if ($subop == "add") {
1271
1272                         if (!WEB_DEMO_MODE) {
1273
1274                                 $feed_link = db_escape_string(trim($_GET["link"]));
1275
1276                                 $result = db_query($link,
1277                                         "SELECT id FROM ttrss_feeds
1278                                         WHERE feed_url = '$feed_link' AND owner_uid = ".$_SESSION["uid"]);
1279
1280                                 if (db_num_rows($result) == 0) {
1281
1282                                         $result = db_query($link,
1283                                                 "INSERT INTO ttrss_feeds (owner_uid,feed_url,title)
1284                                                 VALUES ('".$_SESSION["uid"]."', '$feed_link', '')");
1285
1286                                         $result = db_query($link,
1287                                         "SELECT id FROM ttrss_feeds WHERE feed_url = '$feed_link'
1288                                                 AND owner_uid = " . $_SESSION["uid"]);
1289
1290                                         $feed_id = db_fetch_result($result, 0, "id");
1291
1292                                         if ($feed_id) {
1293                                                 update_rss_feed($link, $feed_link, $feed_id, true);
1294                                         }
1295                                 } else {
1296
1297                                         print "<div class=\"warning\">
1298                                                 Feed <b>$feed_link</b> already exists in the database.
1299                                         </div>";
1300                                 }
1301                         }
1302                 }
1303
1304                 if ($subop == "addCat") {
1305
1306                         if (!WEB_DEMO_MODE) {
1307
1308                                 $feed_cat = db_escape_string(trim($_GET["cat"]));
1309
1310                                 $result = db_query($link,
1311                                         "SELECT id FROM ttrss_feed_categories
1312                                         WHERE title = '$feed_cat' AND owner_uid = ".$_SESSION["uid"]);
1313
1314                                 if (db_num_rows($result) == 0) {
1315
1316                                         $result = db_query($link,
1317                                                 "INSERT INTO ttrss_feed_categories (owner_uid,title)
1318                                                 VALUES ('".$_SESSION["uid"]."', '$feed_cat')");
1319
1320                                 } else {
1321
1322                                         print "<div class=\"warning\">
1323                                                 Category <b>$feed_cat</b> already exists in the database.
1324                                         </div>";
1325                                 }
1326
1327
1328                         }
1329                 }
1330
1331                 if ($subop == "removeCats") {
1332
1333                         if (!WEB_DEMO_MODE) {
1334
1335                                 $ids = split(",", db_escape_string($_GET["ids"]));
1336
1337                                 foreach ($ids as $id) {
1338
1339                                         db_query($link, "BEGIN");
1340
1341                                         $result = db_query($link,
1342                                                 "SELECT count(id) as num_feeds FROM ttrss_feeds
1343                                                         WHERE cat_id = '$id'");
1344
1345                                         $num_feeds = db_fetch_result($result, 0, "num_feeds");
1346
1347                                         if ($num_feeds == 0) {
1348                                                 db_query($link, "DELETE FROM ttrss_feed_categories
1349                                                         WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
1350                                         } else {
1351
1352                                                 print "<div class=\"warning\">
1353                                                         Unable to delete non empty feed categories.</div>";
1354
1355                                         }
1356
1357                                         db_query($link, "COMMIT");
1358                                 }
1359                         }
1360                 }
1361
1362                 if ($subop == "categorize") {
1363
1364                         if (!WEB_DEMO_MODE) {
1365
1366                                 $ids = split(",", db_escape_string($_GET["ids"]));
1367
1368                                 $cat_id = db_escape_string($_GET["cat_id"]);
1369
1370                                 if ($cat_id == 0) {
1371                                         $cat_id_qpart = 'NULL';
1372                                 } else {
1373                                         $cat_id_qpart = "'$cat_id'";
1374                                 }
1375
1376                                 db_query($link, "BEGIN");
1377
1378                                 foreach ($ids as $id) {
1379
1380                                         db_query($link, "UPDATE ttrss_feeds SET cat_id = $cat_id_qpart
1381                                                 WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
1382                                 }
1383
1384                                 db_query($link, "COMMIT");
1385                         }
1386
1387                 }
1388
1389 //              print "<h3>Edit Feeds</h3>";
1390
1391                 $result = db_query($link, "SELECT id,title,feed_url,last_error
1392                         FROM ttrss_feeds WHERE last_error != '' AND owner_uid = ".$_SESSION["uid"]);
1393
1394                 if (db_num_rows($result) > 0) {
1395
1396                         print "<div class=\"warning\">";
1397
1398                         print "<a href=\"javascript:showBlockElement('feedUpdateErrors')\">
1399                                 <b>Feeds with update errors</b> (click to expand)</a>";
1400
1401                         print "<ul id=\"feedUpdateErrors\" class=\"nomarks\">";
1402
1403                         while ($line = db_fetch_assoc($result)) {
1404                                 print "<li>" . $line["title"] . " (" . $line["feed_url"] . "): " .
1405                                         $line["last_error"];
1406                         }
1407
1408                         print "</ul>";
1409                         print "</div>";
1410
1411                 }
1412
1413                 $feed_search = db_escape_string($_GET["search"]);
1414
1415                 if (array_key_exists("search", $_GET)) {
1416                         $_SESSION["prefs_feed_search"] = $feed_search;
1417                 } else {
1418                         $feed_search = $_SESSION["prefs_feed_search"];
1419                 }
1420
1421                 print "<table width='100%' class=\"prefGenericAddBox\"
1422                         cellspacing='0' cellpadding='0'><tr>
1423                         <td>
1424                                 <input id=\"fadd_link\"
1425                                 onchange=\"javascript:addFeed()\"
1426                                 size=\"40\">
1427                                 <input type=\"submit\" class=\"button\"
1428                                 onclick=\"javascript:addFeed()\" value=\"Add feed\">
1429                         </td><td align='right'>
1430                                 <input id=\"feed_search\" size=\"20\"
1431                                 onchange=\"javascript:updateFeedList()\"
1432                                 value=\"$feed_search\">
1433                                 <input type=\"submit\" class=\"button\"
1434                                 onclick=\"javascript:updateFeedList()\" value=\"Search\">
1435                         </td>
1436                         </tr></table>";
1437
1438                 $feeds_sort = db_escape_string($_GET["sort"]);
1439
1440                 if (!$feeds_sort || $feeds_sort == "undefined") {
1441                         $feeds_sort = $_SESSION["pref_sort_feeds"];
1442                         if (!$feeds_sort) $feeds_sort = "title";
1443                 }
1444
1445                 $_SESSION["pref_sort_feeds"] = $feeds_sort;
1446
1447                 if ($feed_search) {
1448                         $search_qpart = "UPPER(title) LIKE UPPER('%$feed_search%') AND";
1449                 } else {
1450                         $search_qpart = "";
1451                 }
1452
1453                 $result = db_query($link, "SELECT
1454                                 id,title,feed_url,substring(last_updated,1,16) as last_updated,
1455                                 update_interval,purge_interval,
1456                                 (SELECT title FROM ttrss_feed_categories
1457                                         WHERE id = cat_id) AS category
1458                         FROM
1459                                 ttrss_feeds
1460                         WHERE
1461                                 $search_qpart owner_uid = '".$_SESSION["uid"]."'
1462                         ORDER by $feeds_sort,title");
1463
1464                 if (db_num_rows($result) != 0) {
1465
1466                         print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
1467
1468                         print "<p><table width=\"100%\" cellspacing=\"0\"
1469                                 class=\"prefFeedList\" id=\"prefFeedList\">";
1470                         print "<tr><td class=\"selectPrompt\" colspan=\"8\">
1471                                 Select:
1472                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFeedList',
1473                                                 'FEEDR-', 'FRCHK-', true)\">All</a>,
1474                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFeedList',
1475                                                 'FEEDR-', 'FRCHK-', false)\">None</a>
1476                                 </td</tr>";
1477
1478                         print "<tr class=\"title\">
1479                                                 <td width=\"3%\">&nbsp;</td>
1480                                                 <td width=\"3%\">Select</td>
1481                                                 <td width=\"20%\">
1482                                                         <a href=\"javascript:updateFeedList('title')\">Title</a></td>
1483                                                 <td width=\"20%\">
1484                                                         <a href=\"javascript:updateFeedList('feed_url')\">Link</a>
1485                                                 </td>";
1486
1487                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
1488                                 print "<td width=\"10%\">
1489                                         <a href=\"javascript:updateFeedList('category')\">Category</a></td>";
1490                         }
1491
1492                         print "
1493                                 <td width=\"10%\">
1494                                         <a href=\"javascript:updateFeedList('update_interval')\">Update Interval</a>
1495                                 </td>
1496                                 <td width=\"10%\">
1497                                         <a href=\"javascript:updateFeedList('purge_interval')\">Purge Days</a>
1498                                 </td>
1499                         </tr>";
1500
1501                         $lnum = 0;
1502
1503                         while ($line = db_fetch_assoc($result)) {
1504
1505                                 $class = ($lnum % 2) ? "even" : "odd";
1506
1507                                 $feed_id = $line["id"];
1508
1509                                 $edit_feed_id = $_GET["id"];
1510
1511                                 if ($subop == "edit" && $feed_id != $edit_feed_id) {
1512                                         $class .= "Grayed";
1513                                         $this_row_id = "";
1514                                 } else {
1515                                         $this_row_id = "id=\"FEEDR-$feed_id\"";
1516                                 }
1517
1518                                 print "<tr class=\"$class\" $this_row_id>";
1519
1520                                 $icon_file = ICONS_DIR . "/$feed_id.ico";
1521
1522                                 if (file_exists($icon_file) && filesize($icon_file) > 0) {
1523                                                 $feed_icon = "<img width=\"16\" height=\"16\"
1524                                                         src=\"" . ICONS_URL . "/$feed_id.ico\">";
1525                                 } else {
1526                                         $feed_icon = "&nbsp;";
1527                                 }
1528                                 print "<td align='center'>$feed_icon</td>";
1529
1530                                 $edit_title = htmlspecialchars(db_unescape_string($line["title"]));
1531                                 $edit_link = htmlspecialchars(db_unescape_string($line["feed_url"]));
1532                                 $edit_cat = htmlspecialchars(db_unescape_string($line["category"]));
1533
1534                                 if (!$edit_cat) $edit_cat = "Uncategorized";
1535
1536                                 if (!$edit_feed_id || $subop != "edit") {
1537
1538                                         print "<td><input onclick='toggleSelectRow(this);'
1539                                         type=\"checkbox\" id=\"FRCHK-".$line["id"]."\"></td>";
1540
1541                                         $edit_title = truncate_string($edit_title, 40);
1542                                         $edit_link = truncate_string($edit_link, 60);
1543
1544                                         print "<td><a href=\"javascript:editFeed($feed_id);\">" .
1545                                                 $edit_title . "</a></td>";
1546
1547                                         print "<td><a href=\"javascript:editFeed($feed_id);\">" .
1548                                                 $edit_link . "</a></td>";
1549
1550                                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
1551                                                 print "<td><a href=\"javascript:editFeed($feed_id);\">" .
1552                                                         $edit_cat . "</a></td>";
1553                                         }
1554
1555                                         if ($line["update_interval"] == "0")
1556                                                 $line["update_interval"] = "Default";
1557
1558                                         if ($line["update_interval"] == "-1")
1559                                                 $line["update_interval"] = "Disabled";
1560
1561                                         print "<td><a href=\"javascript:editFeed($feed_id);\">" .
1562                                                 $line["update_interval"] . "</a></td>";
1563
1564                                         if ($line["purge_interval"] == "0")
1565                                                 $line["purge_interval"] = "Default";
1566
1567                                         if ($line["purge_interval"] < 0)
1568                                                 $line["purge_interval"] = "Disabled";
1569
1570                                         print "<td><a href=\"javascript:editFeed($feed_id);\">" .
1571                                                 $line["purge_interval"] . "</a></td>";
1572
1573                                 } else if ($feed_id != $edit_feed_id) {
1574
1575                                         print "<td><input disabled=\"true\" type=\"checkbox\"
1576                                                 id=\"FRCHK-".$line["id"]."\"></td>";
1577
1578                                         $edit_title = truncate_string($edit_title, 40);
1579                                         $edit_link = truncate_string($edit_link, 60);
1580
1581                                         print "<td>$edit_title</td>";
1582                                         print "<td>$edit_link</td>";
1583
1584                                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
1585                                                 print "<td>$edit_cat</td>";
1586                                         }
1587
1588                                         if ($line["update_interval"] == "0")
1589                                                 $line["update_interval"] = "Default";
1590
1591                                         print "<td>" . $line["update_interval"] . "</td>";
1592
1593                                         if ($line["purge_interval"] == "0")
1594                                                 $line["purge_interval"] = "Default";
1595
1596                                         if ($line["purge_interval"] < 0)
1597                                                 $line["purge_interval"] = "Disabled";
1598
1599                                         print "<td>" . $line["purge_interval"] . "</td>";
1600
1601                                 } else {
1602
1603                                         print "<td><input disabled=\"true\" type=\"checkbox\" checked></td>";
1604
1605                                         print "<td><input id=\"iedit_title\" value=\"$edit_title\"></td>";
1606                                         print "<td><input id=\"iedit_link\" value=\"$edit_link\"></td>";
1607
1608                                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
1609
1610                                                 print "<td>";
1611                                                 print "<select id=\"iedit_fcat\">";
1612                                                 print "<option id=\"0\">Uncategorized</option>";
1613
1614                                                 $tmp_result = db_query($link, "SELECT id,title FROM ttrss_feed_categories
1615                                                         WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY title");
1616
1617                                                 if (db_num_rows($tmp_result) > 0) {
1618                                                         print "<option disabled>--------</option>";
1619                                                 }
1620
1621                                                 while ($tmp_line = db_fetch_assoc($tmp_result)) {
1622                                                         if ($tmp_line["id"] == $line["cat_id"]) {
1623                                                                 $is_selected = "selected";
1624                                                         } else {
1625                                                                 $is_selected = "";
1626                                                         }
1627                                                         printf("<option $is_selected id='%d'>%s</option>",
1628                                                                 $tmp_line["id"], $tmp_line["title"]);
1629                                                 }
1630
1631                                                 print "</select></td>";
1632                                                 print "</td>";
1633
1634                                         }
1635
1636                                         print "<td><input id=\"iedit_updintl\"
1637                                                 value=\"".$line["update_interval"]."\"></td>";
1638                                         print "<td><input id=\"iedit_purgintl\"
1639                                                 value=\"".$line["purge_interval"]."\"></td>";
1640
1641                                 }
1642
1643 /*                              if (!$line["last_updated"]) $line["last_updated"] = "Never";
1644
1645                                 print "<td>" . $line["last_updated"] . "</td>"; */
1646
1647                                 print "</tr>";
1648
1649                                 ++$lnum;
1650                         }
1651
1652                         print "</table>";
1653
1654                         print "<p>";
1655
1656                         if ($subop == "edit") {
1657                                 print "Edit feed:&nbsp;
1658                                         <input type=\"submit\" class=\"button\"
1659                                                 onclick=\"javascript:feedEditCancel()\" value=\"Cancel\">
1660                                         <input type=\"submit\" class=\"button\"
1661                                                 onclick=\"javascript:feedEditSave()\" value=\"Save\">";
1662                         } else {
1663
1664                                 print "
1665                                         Selection:&nbsp;
1666                                 <input type=\"submit\" class=\"button\"
1667                                         onclick=\"javascript:selectedFeedDetails()\" value=\"Details\">
1668                                 <input type=\"submit\" class=\"button\"
1669                                         onclick=\"javascript:editSelectedFeed()\" value=\"Edit\">
1670                                 <input type=\"submit\" class=\"button\"
1671                                         onclick=\"javascript:removeSelectedFeeds()\" value=\"Remove\">";
1672
1673                                 if (get_pref($link, 'ENABLE_FEED_CATS')) {
1674
1675                                         print "&nbsp;&nbsp;";
1676
1677                                         $result = db_query($link, "SELECT title,id FROM ttrss_feed_categories
1678                                                 WHERE owner_uid = ".$_SESSION["uid"]."
1679                                                 ORDER BY title");
1680
1681                                         print "<select id=\"sfeed_set_fcat\">";
1682                                         print "<option id=\"0\">Uncategorized</option>";
1683
1684                                         if (db_num_rows($result) != 0) {
1685
1686                                                 print "<option disabled>--------</option>";
1687
1688                                                 while ($line = db_fetch_assoc($result)) {
1689                                                         printf("<option id='%d'>%s</option>",
1690                                                                 $line["id"], $line["title"]);
1691                                                 }
1692                                         }
1693
1694                                         print "</select>";
1695
1696                                         print " <input type=\"submit\" class=\"button\"
1697                                         onclick=\"javascript:categorizeSelectedFeeds()\" value=\"Set category\">";
1698
1699                                 }
1700
1701                                 if (get_pref($link, 'ENABLE_PREFS_CATCHUP_UNCATCHUP')) {
1702                                         print "
1703                                         <input type=\"submit\" class=\"button\"
1704                                                 onclick=\"javascript:readSelectedFeeds(true)\" value=\"Mark as read\">
1705                                         <input type=\"submit\" class=\"button\"
1706                                                 onclick=\"javascript:readSelectedFeeds(false)\"
1707                                                 value=\"Mark as unread\">&nbsp;";
1708                                 }
1709
1710                                 print "
1711                                         &nbsp;All feeds: <input type=\"submit\"
1712                                                         class=\"button\" onclick=\"gotoExportOpml()\"
1713                                                         value=\"Export OPML\">";
1714                                 }
1715                 } else {
1716
1717                         print "<p>No feeds defined.</p>";
1718
1719                 }
1720
1721                 if (get_pref($link, 'ENABLE_FEED_CATS')) {
1722
1723                         print "<h3>Edit Categories</h3>";
1724
1725         //              print "<h3>Categories</h3>";
1726
1727                         print "<div class=\"prefGenericAddBox\">
1728                                 <input id=\"fadd_cat\"
1729                                         onchange=\"javascript:addFeedCat()\"
1730                                         size=\"40\">&nbsp;
1731                                 <input
1732                                         type=\"submit\" class=\"button\"
1733                                         onclick=\"javascript:addFeedCat()\" value=\"Add category\"></div>";
1734
1735                         $result = db_query($link, "SELECT title,id FROM ttrss_feed_categories
1736                                 WHERE owner_uid = ".$_SESSION["uid"]."
1737                                 ORDER BY title");
1738
1739                         if (db_num_rows($result) != 0) {
1740
1741                                 print "<p><table width=\"100%\" class=\"prefFeedCatList\"
1742                                         cellspacing=\"0\" id=\"prefFeedCatList\">";
1743
1744                                 print "<tr><td class=\"selectPrompt\" colspan=\"8\">
1745                                 Select:
1746                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFeedCatList',
1747                                                 'FCATR-', 'FCCHK-', true)\">All</a>,
1748                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFeedCatList',
1749                                                 'FCATR-', 'FCCHK-', false)\">None</a>
1750                                 </td</tr>";
1751
1752                                 print "<tr class=\"title\">
1753                                                         <td width=\"10%\">Select</td><td width=\"80%\">Title</td>
1754                                                 </tr>";
1755
1756                                 $lnum = 0;
1757
1758                                 while ($line = db_fetch_assoc($result)) {
1759
1760                                         $class = ($lnum % 2) ? "even" : "odd";
1761
1762                                         $cat_id = $line["id"];
1763
1764                                         $edit_cat_id = $_GET["id"];
1765
1766                                         if ($subop == "editCat" && $cat_id != $edit_cat_id) {
1767                                                 $class .= "Grayed";
1768                                                 $this_row_id = "";
1769                                         } else {
1770                                                 $this_row_id = "id=\"FCATR-$cat_id\"";
1771                                         }
1772
1773                                         print "<tr class=\"$class\" $this_row_id>";
1774
1775                                         $edit_title = htmlspecialchars(db_unescape_string($line["title"]));
1776
1777                                         if (!$edit_cat_id || $subop != "editCat") {
1778
1779                                                 print "<td><input onclick='toggleSelectRow(this);'
1780                                                 type=\"checkbox\" id=\"FCCHK-".$line["id"]."\"></td>";
1781
1782                                                 print "<td><a href=\"javascript:editFeedCat($cat_id);\">" .
1783                                                         $edit_title . "</a></td>";
1784
1785                                         } else if ($cat_id != $edit_cat_id) {
1786
1787                                                 print "<td><input disabled=\"true\" type=\"checkbox\"
1788                                                         id=\"FRCHK-".$line["id"]."\"></td>";
1789
1790                                                 print "<td>$edit_title</td>";
1791
1792                                         } else {
1793
1794                                                 print "<td><input disabled=\"true\" type=\"checkbox\" checked></td>";
1795
1796                                                 print "<td><input id=\"iedit_title\" value=\"$edit_title\"></td>";
1797
1798                                         }
1799
1800                                         print "</tr>";
1801
1802                                         ++$lnum;
1803                                 }
1804
1805                                 print "</table>";
1806
1807                                 print "<p>";
1808
1809                                 if ($subop == "editCat") {
1810                                         print "Edit category:&nbsp;
1811                                                 <input type=\"submit\" class=\"button\"
1812                                                         onclick=\"javascript:feedCatEditCancel()\" value=\"Cancel\">
1813                                                 <input type=\"submit\" class=\"button\"
1814                                                         onclick=\"javascript:feedCatEditSave()\" value=\"Save\">";
1815                                         } else {
1816
1817                                         print "
1818                                                 Selection:&nbsp;
1819                                         <input type=\"submit\" class=\"button\"
1820                                                 onclick=\"javascript:editSelectedFeedCat()\" value=\"Edit\">
1821                                         <input type=\"submit\" class=\"button\"
1822                                                 onclick=\"javascript:removeSelectedFeedCats()\" value=\"Remove\">";
1823
1824                                 }
1825
1826                         } else {
1827                                 print "<p>No feed categories defined.</p>";
1828                         }
1829                 }
1830
1831                 print "<h3>Import OPML</h3>
1832                 <form   enctype=\"multipart/form-data\" method=\"POST\" action=\"opml.php\">
1833                         File: <input id=\"opml_file\" name=\"opml_file\" type=\"file\">&nbsp;
1834                         <input class=\"button\" name=\"op\" onclick=\"return validateOpmlImport();\"
1835                                 type=\"submit\" value=\"Import\">
1836                         </form>";
1837
1838         }
1839
1840         if ($op == "pref-filters") {
1841
1842                 $subop = $_GET["subop"];
1843
1844                 if ($subop == "editSave") {
1845
1846                         $regexp = db_escape_string($_GET["r"]);
1847                         $descr = db_escape_string($_GET["d"]);
1848                         $match = db_escape_string($_GET["m"]);
1849                         $filter_id = db_escape_string($_GET["id"]);
1850                         $feed_id = db_escape_string($_GET["fid"]);
1851
1852                         if (!$feed_id) {
1853                                 $feed_id = 'NULL';
1854                         } else {
1855                                 $feed_id = sprintf("'%s'", db_escape_string($feed_id));
1856                         }
1857
1858                         $result = db_query($link, "UPDATE ttrss_filters SET
1859                                 reg_exp = '$regexp',
1860                                 description = '$descr',
1861                                 feed_id = $feed_id,
1862                                 filter_type = (SELECT id FROM ttrss_filter_types WHERE
1863                                         description = '$match')
1864                                 WHERE id = '$filter_id'");
1865                 }
1866
1867                 if ($subop == "remove") {
1868
1869                         if (!WEB_DEMO_MODE) {
1870
1871                                 $ids = split(",", db_escape_string($_GET["ids"]));
1872
1873                                 foreach ($ids as $id) {
1874                                         db_query($link, "DELETE FROM ttrss_filters WHERE id = '$id'");
1875
1876                                 }
1877                         }
1878                 }
1879
1880                 if ($subop == "add") {
1881
1882                         if (!WEB_DEMO_MODE) {
1883
1884                                 $regexp = db_escape_string(trim($_GET["regexp"]));
1885                                 $match = db_escape_string(trim($_GET["match"]));
1886                                 $feed_id = db_escape_string($_GET["fid"]);
1887
1888                                 if (!$feed_id) {
1889                                         $feed_id = 'NULL';
1890                                 } else {
1891                                         $feed_id = sprintf("'%s'", db_escape_string($feed_id));
1892                                 }
1893
1894                                 $result = db_query($link,
1895                                         "INSERT INTO ttrss_filters (reg_exp,filter_type,owner_uid,feed_id) VALUES
1896                                                 ('$regexp', (SELECT id FROM ttrss_filter_types WHERE
1897                                                         description = '$match'),'".$_SESSION["uid"]."', $feed_id)");
1898                         }
1899                 }
1900
1901                 $result = db_query($link, "SELECT description
1902                         FROM ttrss_filter_types ORDER BY description");
1903
1904                 $filter_types = array();
1905
1906                 while ($line = db_fetch_assoc($result)) {
1907                         array_push($filter_types, $line["description"]);
1908                 }
1909
1910                 print "<div class=\"prefGenericAddBox\">
1911                 <input id=\"fadd_regexp\" onchange=\"javascript:addFilter()\" size=\"40\">&nbsp;";
1912
1913                 print_select("fadd_match", "Title", $filter_types);
1914
1915                 print "&nbsp;<select id=\"fadd_feed\">";
1916
1917                 print "<option selected id=\"0\">All feeds</option>";
1918
1919                 $result = db_query($link, "SELECT id,title FROM ttrss_feeds
1920                         WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY title");
1921
1922                 if (db_num_rows($result) > 0) {
1923                         print "<option disabled>--------</option>";
1924                 }
1925
1926                 while ($line = db_fetch_assoc($result)) {
1927                         printf("<option id='%d'>%s</option>", $line["id"], $line["title"]);
1928                 }
1929
1930                 print "</select>&nbsp;";
1931
1932                 print "<input type=\"submit\"
1933                         class=\"button\" onclick=\"javascript:addFilter()\"
1934                         value=\"Add filter\">";
1935
1936                 $result = db_query($link, "SELECT
1937                                 ttrss_filters.id AS id,reg_exp,
1938                                 ttrss_filters.description AS description,
1939                                 ttrss_filter_types.name AS filter_type_name,
1940                                 ttrss_filter_types.description AS filter_type_descr,
1941                                 feed_id,
1942                                 (SELECT title FROM ttrss_feeds WHERE id = feed_id) AS feed_title
1943                         FROM
1944                                 ttrss_filters,ttrss_filter_types
1945                         WHERE
1946                                 filter_type = ttrss_filter_types.id AND
1947                                 ttrss_filters.owner_uid = ".$_SESSION["uid"]."
1948                         ORDER by reg_exp");
1949
1950                 if (db_num_rows($result) != 0) {
1951
1952                         print "<p><table width=\"100%\" cellspacing=\"0\" class=\"prefFilterList\"
1953                                 id=\"prefFilterList\">";
1954
1955                         print "<tr><td class=\"selectPrompt\" colspan=\"8\">
1956                                 Select:
1957                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFilterList',
1958                                                 'FILRR-', 'FICHK-', true)\">All</a>,
1959                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFilterList',
1960                                                 'FILRR-', 'FICHK-', false)\">None</a>
1961                                 </td</tr>";
1962
1963                         print "<tr class=\"title\">
1964                                                 <td width=\"5%\">Select</td><td width=\"30%\">Filter expression</td>
1965                                                 <td width=\"30%\">Feed</td><td width=\"10%\">Match</td>
1966                                                 <td width=\"30%\">Description</td></tr>";
1967
1968                         $lnum = 0;
1969
1970                         while ($line = db_fetch_assoc($result)) {
1971
1972                                 $class = ($lnum % 2) ? "even" : "odd";
1973
1974                                 $filter_id = $line["id"];
1975                                 $edit_filter_id = $_GET["id"];
1976
1977                                 if ($subop == "edit" && $filter_id != $edit_filter_id) {
1978                                         $class .= "Grayed";
1979                                         $this_row_id = "";
1980                                 } else {
1981                                         $this_row_id = "id=\"FILRR-$filter_id\"";
1982                                 }
1983
1984                                 print "<tr class=\"$class\" $this_row_id>";
1985
1986                                 $line["regexp"] = htmlspecialchars($line["reg_exp"]);
1987                                 $line["description"] = htmlspecialchars($line["description"]);
1988
1989                                 if (!$line["feed_title"]) $line["feed_title"] = "All feeds";
1990
1991                                 if (!$edit_filter_id || $subop != "edit") {
1992
1993                                         if (!$line["description"]) $line["description"] = "[No description]";
1994
1995                                         print "<td><input onclick='toggleSelectRow(this);'
1996                                         type=\"checkbox\" id=\"FICHK-".$line["id"]."\"></td>";
1997
1998                                         print "<td><a href=\"javascript:editFilter($filter_id);\">" .
1999                                                 $line["reg_exp"] . "</td>";
2000
2001                                         print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2002                                                 $line["feed_title"] . "</td>";
2003
2004                                         print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2005                                                 $line["filter_type_descr"] . "</td>";
2006
2007                                         print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2008                                                 $line["description"] . "</td>";
2009
2010                                 } else if ($filter_id != $edit_filter_id) {
2011
2012                                         if (!$line["description"]) $line["description"] = "[No description]";
2013
2014                                         print "<td><input disabled=\"true\" type=\"checkbox\"
2015                                                 id=\"FICHK-".$line["id"]."\"></td>";
2016
2017                                         print "<td>".$line["reg_exp"]."</td>";
2018                                         print "<td>".$line["feed_title"]."</td>";
2019                                         print "<td>".$line["filter_type_descr"]."</td>";
2020                                         print "<td>".$line["description"]."</td>";
2021
2022                                 } else {
2023
2024                                         print "<td><input disabled=\"true\" type=\"checkbox\" checked></td>";
2025
2026                                         print "<td><input id=\"iedit_regexp\" value=\"".$line["reg_exp"].
2027                                                 "\"></td>";
2028
2029                                         print "<td>";
2030
2031                                         print "<select id=\"iedit_feed\">";
2032
2033                                         print "<option id=\"0\">All feeds</option>";
2034
2035                                         if (db_num_rows($result) > 0) {
2036                                                 print "<option disabled>--------</option>";
2037                                         }
2038
2039                                         $tmp_result = db_query($link, "SELECT id,title FROM ttrss_feeds
2040                                                 WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY title");
2041
2042                                         while ($tmp_line = db_fetch_assoc($tmp_result)) {
2043                                                 if ($tmp_line["id"] == $line["feed_id"]) {
2044                                                         $is_selected = "selected";
2045                                                 } else {
2046                                                         $is_selected = "";
2047                                                 }
2048                                                 printf("<option $is_selected id='%d'>%s</option>",
2049                                                         $tmp_line["id"], $tmp_line["title"]);
2050                                         }
2051
2052                                         print "</select></td>";
2053
2054                                         print "<td>";
2055                                         print_select("iedit_match", $line["filter_type_descr"], $filter_types);
2056                                         print "</td>";
2057
2058                                         print "<td><input id=\"iedit_descr\" value=\"".$line["description"].
2059                                                 "\"></td>";
2060
2061                                         print "</td>";
2062                                 }
2063
2064                                 print "</tr>";
2065
2066                                 ++$lnum;
2067                         }
2068
2069                         if ($lnum == 0) {
2070                                 print "<tr><td colspan=\"4\" align=\"center\">No filters defined.</td></tr>";
2071                         }
2072
2073                         print "</table>";
2074
2075                         print "<p>";
2076
2077                         if ($subop == "edit") {
2078                                 print "Edit feed:
2079                                         <input type=\"submit\" class=\"button\"
2080                                                 onclick=\"javascript:filterEditCancel()\" value=\"Cancel\">
2081                                         <input type=\"submit\" class=\"button\"
2082                                                 onclick=\"javascript:filterEditSave()\" value=\"Save\">";
2083
2084                         } else {
2085
2086                                 print "
2087                                         Selection:
2088                                 <input type=\"submit\" class=\"button\"
2089                                         onclick=\"javascript:editSelectedFilter()\" value=\"Edit\">
2090                                 <input type=\"submit\" class=\"button\"
2091                                         onclick=\"javascript:removeSelectedFilters()\" value=\"Remove\">";
2092                         }
2093
2094                 } else {
2095
2096                         print "<p>No filters defined.</p>";
2097
2098                 }
2099         }
2100
2101         if ($op == "pref-labels") {
2102
2103                 $subop = $_GET["subop"];
2104
2105                 if ($subop == "test") {
2106
2107                         $expr = $_GET["expr"];
2108                         $descr = $_GET["descr"];
2109
2110                         print "<div class='infoBoxContents'>";
2111
2112                         print "<h1>Label &laquo;$descr&raquo;</h1>";
2113
2114 //                      print "<p><b>Expression</b>: $expr</p>";
2115
2116                         $result = db_query($link,
2117                                 "SELECT count(id) AS num_matches
2118                                         FROM ttrss_entries,ttrss_user_entries
2119                                         WHERE ($expr) AND
2120                                                 ttrss_user_entries.ref_id = ttrss_entries.id AND
2121                                                 owner_uid = " . $_SESSION["uid"]);
2122
2123                         $num_matches = db_fetch_result($result, 0, "num_matches");;
2124
2125                         if ($num_matches > 0) {
2126
2127                                 print "<p>Query returned <b>$num_matches</b> matches, first 5 follow:</p>";
2128
2129                                 $result = db_query($link,
2130                                         "SELECT title,
2131                                                 (SELECT title FROM ttrss_feeds WHERE id = feed_id) AS feed_title
2132                                         FROM ttrss_entries,ttrss_user_entries
2133                                                         WHERE ($expr) AND
2134                                                         ttrss_user_entries.ref_id = ttrss_entries.id
2135                                                         AND owner_uid = " . $_SESSION["uid"] . "
2136                                                         ORDER BY date_entered DESC LIMIT 5");
2137
2138                                 print "<ul class=\"nomarks\">";
2139                                 while ($line = db_fetch_assoc($result)) {
2140                                         print "<li>".$line["title"].
2141                                                 " <span class=\"insensitive\">(".$line["feed_title"].")</span></li>";
2142                                 }
2143                                 print "</ul>";
2144
2145                         } else {
2146                                 print "<p>Query didn't return any matches.</p>";
2147                         }
2148
2149                         print "</div>";
2150
2151                         print "<div align='center'>
2152                                 <input type='submit' class='button'
2153                                 onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
2154                         return;
2155                 }
2156
2157                 if ($subop == "editSave") {
2158
2159                         $sql_exp = $_GET["s"];
2160                         $descr = $_GET["d"];
2161                         $label_id = db_escape_string($_GET["id"]);
2162
2163 //                      print "$sql_exp : $descr : $label_id";
2164
2165                         $result = db_query($link, "UPDATE ttrss_labels SET
2166                                 sql_exp = '$sql_exp',
2167                                 description = '$descr'
2168                                 WHERE id = '$label_id'");
2169                 }
2170
2171                 if ($subop == "remove") {
2172
2173                         if (!WEB_DEMO_MODE) {
2174
2175                                 $ids = split(",", db_escape_string($_GET["ids"]));
2176
2177                                 foreach ($ids as $id) {
2178                                         db_query($link, "DELETE FROM ttrss_labels WHERE id = '$id'");
2179
2180                                 }
2181                         }
2182                 }
2183
2184                 if ($subop == "add") {
2185
2186                         if (!WEB_DEMO_MODE) {
2187
2188                                 // no escaping is done here on purpose
2189                                 $exp = trim($_GET["exp"]);
2190
2191                                 $result = db_query($link,
2192                                         "INSERT INTO ttrss_labels (sql_exp,description,owner_uid)
2193                                                 VALUES ('$exp', '$exp', '".$_SESSION["uid"]."')");
2194                         }
2195                 }
2196
2197                 print "<div class=\"prefGenericAddBox\">
2198                         <input size=\"40\" id=\"ladd_expr\">&nbsp;";
2199
2200                 print"<input type=\"submit\" class=\"button\"
2201                         onclick=\"javascript:addLabel()\" value=\"Add label\"></div>";
2202
2203                 $result = db_query($link, "SELECT
2204                                 id,sql_exp,description
2205                         FROM
2206                                 ttrss_labels
2207                         WHERE
2208                                 owner_uid = ".$_SESSION["uid"]."
2209                         ORDER by description");
2210
2211                 print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
2212
2213                 if (db_num_rows($result) != 0) {
2214
2215                         print "<p><table width=\"100%\" cellspacing=\"0\"
2216                                 class=\"prefLabelList\" id=\"prefLabelList\">";
2217
2218                         print "<tr><td class=\"selectPrompt\" colspan=\"8\">
2219                                 Select:
2220                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefLabelList',
2221                                                 'LILRR-', 'LICHK-', true)\">All</a>,
2222                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefLabelList',
2223                                                 'LILRR-', 'LICHK-', false)\">None</a>
2224                                 </td</tr>";
2225
2226                         print "<tr class=\"title\">
2227                                                 <td width=\"5%\">Select</td><td width=\"40%\">SQL expression
2228                                                 <a class=\"helpLink\" href=\"javascript:displayHelpInfobox(1)\">(?)</a>
2229                                                 </td>
2230                                                 <td width=\"40%\">Caption</td></tr>";
2231
2232                         $lnum = 0;
2233
2234                         while ($line = db_fetch_assoc($result)) {
2235
2236                                 $class = ($lnum % 2) ? "even" : "odd";
2237
2238                                 $label_id = $line["id"];
2239                                 $edit_label_id = $_GET["id"];
2240
2241                                 if ($subop == "edit" && $label_id != $edit_label_id) {
2242                                         $class .= "Grayed";
2243                                         $this_row_id = "";
2244                                 } else {
2245                                         $this_row_id = "id=\"LILRR-$label_id\"";
2246                                 }
2247
2248                                 print "<tr class=\"$class\" $this_row_id>";
2249
2250                                 $line["sql_exp"] = htmlspecialchars($line["sql_exp"]);
2251                                 $line["description"] = htmlspecialchars($line["description"]);
2252
2253                                 if (!$edit_label_id || $subop != "edit") {
2254
2255                                         if (!$line["description"]) $line["description"] = "[No caption]";
2256
2257                                         print "<td><input onclick='toggleSelectRow(this);'
2258                                         type=\"checkbox\" id=\"LICHK-".$line["id"]."\"></td>";
2259
2260                                         print "<td><a href=\"javascript:editLabel($label_id);\">" .
2261                                                 $line["sql_exp"] . "</td>";
2262
2263                                         print "<td><a href=\"javascript:editLabel($label_id);\">" .
2264                                                 $line["description"] . "</td>";
2265
2266                                 } else if ($label_id != $edit_label_id) {
2267
2268                                         if (!$line["description"]) $line["description"] = "[No description]";
2269
2270                                         print "<td><input disabled=\"true\" type=\"checkbox\"
2271                                                 id=\"LICHK-".$line["id"]."\"></td>";
2272
2273                                         print "<td>".$line["sql_exp"]."</td>";
2274                                         print "<td>".$line["description"]."</td>";
2275
2276                                 } else {
2277
2278                                         print "<td><input disabled=\"true\" type=\"checkbox\" checked></td>";
2279
2280                                         print "<td><input id=\"iedit_expr\" value=\"".$line["sql_exp"].
2281                                                 "\"></td>";
2282
2283                                         print "<td><input id=\"iedit_descr\" value=\"".$line["description"].
2284                                                 "\"></td>";
2285
2286                                 }
2287
2288
2289                                 print "</tr>";
2290
2291                                 ++$lnum;
2292                         }
2293
2294                         if ($lnum == 0) {
2295                                 print "<tr><td colspan=\"4\" align=\"center\">No labels defined.</td></tr>";
2296                         }
2297
2298                         print "</table>";
2299
2300                         print "<p>";
2301
2302                         if ($subop == "edit") {
2303                                 print "Edit label:
2304                                         <input type=\"submit\" class=\"button\"
2305                                                 onclick=\"javascript:labelTest()\" value=\"Test\">
2306                                         <input type=\"submit\" class=\"button\"
2307                                                 onclick=\"javascript:labelEditCancel()\" value=\"Cancel\">
2308                                         <input type=\"submit\" class=\"button\"
2309                                                 onclick=\"javascript:labelEditSave()\" value=\"Save\">";
2310
2311                         } else {
2312
2313                                 print "
2314                                         Selection:
2315                                 <input type=\"submit\" class=\"button\"
2316                                         onclick=\"javascript:editSelectedLabel()\" value=\"Edit\">
2317                                 <input type=\"submit\" class=\"button\"
2318                                         onclick=\"javascript:removeSelectedLabels()\" value=\"Remove\">";
2319                         }
2320                 } else {
2321                         print "<p>No labels defined.</p>";
2322                 }
2323         }
2324
2325         if ($op == "error") {
2326                 print "<div width=\"100%\" align='center'>";
2327                 $msg = $_GET["msg"];
2328                 print $msg;
2329                 print "</div>";
2330         }
2331
2332         if ($op == "help") {
2333                 if (!$_GET["noheaders"]) {
2334                         print "<html><head>
2335                                 <title>Tiny Tiny RSS : Help</title>
2336                                 <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">
2337                                 <script type=\"text/javascript\" src=\"functions.js\"></script>
2338                                 <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
2339                                 </head><body>";
2340                 }
2341
2342                 $tid = sprintf("%d", $_GET["tid"]);
2343
2344                 print "<div class='infoBoxContents'>";
2345
2346                 if (file_exists("help/$tid.php")) {
2347                         include("help/$tid.php");
2348                 } else {
2349                         print "<p>Help topic not found.</p>";
2350                 }
2351
2352                 print "</div>";
2353
2354                 print "<div align='center'>
2355                         <input type='submit' class='button'
2356                         onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
2357
2358                 if (!$_GET["noheaders"]) {
2359                         print "</body></html>";
2360                 }
2361
2362         }
2363
2364         if ($op == "dlg") {
2365                 $id = $_GET["id"];
2366                 $param = $_GET["param"];
2367
2368                 if ($id == "quickAddFeed") {
2369                         print "
2370                         Feed URL: <input
2371                         onblur=\"javascript:enableHotkeys()\" onfocus=\"javascript:disableHotkeys()\"
2372                         id=\"qafInput\">
2373                         <input class=\"button\"
2374                                 type=\"submit\" onclick=\"javascript:qafAdd()\" value=\"Add feed\">
2375                         <input class=\"button\"
2376                                 type=\"submit\" onclick=\"javascript:closeDlg()\"
2377                                 value=\"Cancel\">";
2378                 }
2379
2380                 if ($id == "quickDelFeed") {
2381
2382                         $param = db_escape_string($param);
2383
2384                         $result = db_query($link, "SELECT title FROM ttrss_feeds WHERE id = '$param'");
2385
2386                         if ($result) {
2387
2388                                 $f_title = db_fetch_result($result, 0, "title");
2389
2390                                 print "Remove current feed (<b>$f_title</b>)?&nbsp;
2391                                 <input class=\"button\"
2392                                         type=\"submit\" onclick=\"javascript:qfdDelete($param)\" value=\"Remove\">
2393                                 <input class=\"button\"
2394                                         type=\"submit\" onclick=\"javascript:closeDlg()\"
2395                                         value=\"Cancel\">";
2396                         } else {
2397                                 print "Error: Feed $param not found.&nbsp;
2398                                 <input class=\"button\"
2399                                         type=\"submit\" onclick=\"javascript:closeDlg()\"
2400                                         value=\"Cancel\">";
2401                         }
2402                 }
2403
2404                 if ($id == "search") {
2405
2406                         print "<input id=\"searchbox\" class=\"extSearch\"
2407                         onblur=\"javascript:enableHotkeys()\" onfocus=\"javascript:disableHotkeys()\"
2408                         onchange=\"javascript:search()\">
2409                         <select id=\"searchmodebox\">
2410                                 <option selected>All feeds</option>
2411                                 <option>This feed</option>
2412                         </select>
2413                         <input type=\"submit\"
2414                                 class=\"button\" onclick=\"javascript:search()\" value=\"Search\">
2415                         <input class=\"button\"
2416                                 type=\"submit\" onclick=\"javascript:closeDlg()\"
2417                                 value=\"Close\">";
2418
2419                 }
2420
2421         }
2422
2423         // update feeds of all users, may be used anonymously
2424         if ($op == "globalUpdateFeeds") {
2425
2426                 $result = db_query($link, "SELECT id FROM ttrss_users");
2427
2428                 while ($line = db_fetch_assoc($result)) {
2429                         $user_id = $line["id"];
2430 //                      print "<!-- updating feeds of uid $user_id -->";
2431                         update_all_feeds($link, false, $user_id);
2432                 }
2433
2434                 print "<rpc-reply>
2435                         <message msg=\"All feeds updated\"/>
2436                 </rpc-reply>";
2437
2438         }
2439
2440         if ($op == "pref-prefs") {
2441
2442                 $subop = $_REQUEST["subop"];
2443
2444                 if ($subop == "Save configuration") {
2445
2446                         if (WEB_DEMO_MODE) {
2447                                 header("Location: prefs.php");
2448                                 return;
2449                         }
2450
2451                         $_SESSION["prefs_op_result"] = "save-config";
2452
2453                         foreach (array_keys($_POST) as $pref_name) {
2454
2455                                 $pref_name = db_escape_string($pref_name);
2456                                 $value = db_escape_string($_POST[$pref_name]);
2457
2458                                 $result = db_query($link, "SELECT type_name
2459                                         FROM ttrss_prefs,ttrss_prefs_types
2460                                         WHERE pref_name = '$pref_name' AND type_id = ttrss_prefs_types.id");
2461
2462                                 if (db_num_rows($result) > 0) {
2463
2464                                         $type_name = db_fetch_result($result, 0, "type_name");
2465
2466 //                                      print "$pref_name : $type_name : $value<br>";
2467
2468                                         if ($type_name == "bool") {
2469                                                 if ($value == "1") {
2470                                                         $value = "true";
2471                                                 } else {
2472                                                         $value = "false";
2473                                                 }
2474                                         } else if ($type_name == "integer") {
2475                                                 $value = sprintf("%d", $value);
2476                                         }
2477
2478 //                                      print "$pref_name : $type_name : $value<br>";
2479
2480                                         db_query($link, "UPDATE ttrss_user_prefs SET value = '$value'
2481                                                 WHERE pref_name = '$pref_name' AND owner_uid = ".$_SESSION["uid"]);
2482
2483                                 }
2484
2485                                 header("Location: prefs.php");
2486
2487                         }
2488
2489                 } else if ($subop == "getHelp") {
2490
2491                         $pref_name = db_escape_string($_GET["pn"]);
2492
2493                         $result = db_query($link, "SELECT help_text FROM ttrss_prefs
2494                                 WHERE pref_name = '$pref_name'");
2495
2496                         if (db_num_rows($result) > 0) {
2497                                 $help_text = db_fetch_result($result, 0, "help_text");
2498                                 print $help_text;
2499                         } else {
2500                                 print "Unknown option: $pref_name";
2501                         }
2502
2503                 } else if ($subop == "Change password") {
2504
2505                         if (WEB_DEMO_MODE) {
2506                                 header("Location: prefs.php");
2507                                 return;
2508                         }
2509
2510                         $old_pw = $_POST["OLD_PASSWORD"];
2511                         $new_pw = $_POST["OLD_PASSWORD"];
2512
2513                         $old_pw_hash = 'SHA1:' . sha1($_POST["OLD_PASSWORD"]);
2514                         $new_pw_hash = 'SHA1:' . sha1($_POST["NEW_PASSWORD"]);
2515
2516                         $active_uid = $_SESSION["uid"];
2517
2518                         if ($old_pw && $new_pw) {
2519
2520                                 $login = db_escape_string($_SERVER['PHP_AUTH_USER']);
2521
2522                                 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
2523                                         id = '$active_uid' AND (pwd_hash = '$old_pw' OR
2524                                                 pwd_hash = '$old_pw_hash')");
2525
2526                                 if (db_num_rows($result) == 1) {
2527                                         db_query($link, "UPDATE ttrss_users SET pwd_hash = '$new_pw_hash'
2528                                                 WHERE id = '$active_uid'");
2529
2530                                         $_SESSION["pwd_change_result"] = "ok";
2531                                 } else {
2532                                         $_SESSION["pwd_change_result"] = "failed";
2533                                 }
2534                         }
2535
2536                         header("Location: prefs.php");
2537
2538                 } else if ($subop == "Reset to defaults") {
2539
2540                         if (WEB_DEMO_MODE) {
2541                                 header("Location: prefs.php");
2542                                 return;
2543                         }
2544
2545                         $_SESSION["prefs_op_result"] = "reset-to-defaults";
2546
2547                         if (DB_TYPE == "pgsql") {
2548                                 db_query($link,"UPDATE ttrss_user_prefs
2549                                         SET value = ttrss_prefs.def_value
2550                                         WHERE owner_uid = '".$_SESSION["uid"]."' AND
2551                                         ttrss_prefs.pref_name = ttrss_user_prefs.pref_name");
2552                         } else {
2553                                 db_query($link, "DELETE FROM ttrss_user_prefs
2554                                         WHERE owner_uid = ".$_SESSION["uid"]);
2555                                 initialize_user_prefs($link, $_SESSION["uid"]);
2556                         }
2557
2558                         header("Location: prefs.php");
2559
2560                 } else if ($subop == "Change theme") {
2561
2562                         $theme = db_escape_string($_POST["theme"]);
2563
2564                         if ($theme == "Default") {
2565                                 $theme_qpart = 'NULL';
2566                         } else {
2567                                 $theme_qpart = "'$theme'";
2568                         }
2569
2570                         $result = db_query($link, "SELECT id,theme_path FROM ttrss_themes
2571                                 WHERE theme_name = '$theme'");
2572
2573                         if (db_num_rows($result) == 1) {
2574                                 $theme_id = db_fetch_result($result, 0, "id");
2575                                 $theme_path = db_fetch_result($result, 0, "theme_path");
2576                         } else {
2577                                 $theme_id = "NULL";
2578                                 $theme_path = "";
2579                         }
2580
2581                         db_query($link, "UPDATE ttrss_users SET
2582                                 theme_id = $theme_id WHERE id = " . $_SESSION["uid"]);
2583
2584                         $_SESSION["theme"] = $theme_path;
2585
2586                         header("Location: prefs.php");
2587
2588                 } else {
2589
2590                         if (!SINGLE_USER_MODE) {
2591
2592                                 $result = db_query($link, "SELECT id FROM ttrss_users
2593                                         WHERE id = ".$_SESSION["uid"]." AND (pwd_hash = 'password' OR
2594                                                 pwd_hash = 'SHA1:".sha1("password")."')");
2595
2596                                 if (db_num_rows($result) != 0) {
2597                                         print "<div class=\"warning\">
2598                                                 Your password is at default value, please change it.
2599                                         </div>";
2600                                 }
2601
2602                                 if ($_SESSION["pwd_change_result"] == "failed") {
2603                                         print "<div class=\"warning\">
2604                                                         There was an error while changing your password.
2605                                                 </div>";
2606                                 }
2607
2608                                 if ($_SESSION["pwd_change_result"] == "ok") {
2609                                         print "<div class=\"notice\">
2610                                                         Password changed successfully.
2611                                                 </div>";
2612                                 }
2613
2614                                 $_SESSION["pwd_change_result"] = "";
2615
2616                                 if ($_SESSION["prefs_op_result"] == "reset-to-defaults") {
2617                                         print "<div class=\"notice\">
2618                                                         Your configuration was reset to defaults.
2619                                                 </div>";
2620                                 }
2621
2622                                 if ($_SESSION["prefs_op_result"] == "save-config") {
2623                                         print "<div class=\"notice\">
2624                                                         Your configuration was saved successfully.
2625                                                 </div>";
2626                                 }
2627
2628                                 $_SESSION["prefs_op_result"] = "";
2629
2630                                 print "<form action=\"backend.php\" method=\"POST\">";
2631
2632                                 print "<table width=\"100%\" class=\"prefPrefsList\">";
2633                                 print "<tr><td colspan='3'><h3>Authentication</h3></tr></td>";
2634
2635                                 print "<tr><td width=\"40%\">Old password</td>";
2636                                 print "<td><input class=\"editbox\" type=\"password\"
2637                                         name=\"OLD_PASSWORD\"></td></tr>";
2638
2639                                 print "<tr><td width=\"40%\">New password</td>";
2640
2641                                 print "<td><input class=\"editbox\" type=\"password\"
2642                                         name=\"NEW_PASSWORD\"></td></tr>";
2643
2644                                 print "</table>";
2645
2646                                 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
2647
2648                                 print "<p><input class=\"button\" type=\"submit\"
2649                                         value=\"Change password\" name=\"subop\">";
2650
2651                                 print "</form>";
2652
2653                         }
2654
2655                         $result = db_query($link, "SELECT
2656                                 theme_id FROM ttrss_users WHERE id = " . $_SESSION["uid"]);
2657
2658                         $user_theme_id = db_fetch_result($result, 0, "theme_id");
2659
2660                         $result = db_query($link, "SELECT
2661                                 id,theme_name FROM ttrss_themes ORDER BY theme_name");
2662
2663                         if (db_num_rows($result) > 0) {
2664
2665                                 print "<form action=\"backend.php\" method=\"POST\">";
2666                                 print "<table width=\"100%\" class=\"prefPrefsList\">";
2667                                 print "<tr><td colspan='3'><h3>Themes</h3></tr></td>";
2668                                 print "<tr><td width=\"40%\">Select theme</td>";
2669                                 print "<td><select name=\"theme\">";
2670                                 print "<option>Default</option>";
2671                                 print "<option disabled>--------</option>";
2672
2673                                 while ($line = db_fetch_assoc($result)) {
2674                                         if ($line["id"] == $user_theme_id) {
2675                                                 $selected = "selected";
2676                                         } else {
2677                                                 $selected = "";
2678                                         }
2679                                         print "<option $selected>" . $line["theme_name"] . "</option>";
2680                                 }
2681                                 print "</select></td></tr>";
2682                                 print "</table>";
2683                                 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
2684                                 print "<p><input class=\"button\" type=\"submit\"
2685                                         value=\"Change theme\" name=\"subop\">";
2686                                 print "</form>";
2687                         }
2688
2689                         $result = db_query($link, "SELECT
2690                                 ttrss_user_prefs.pref_name,short_desc,help_text,value,type_name,
2691                                 section_name,def_value
2692                                 FROM ttrss_prefs,ttrss_prefs_types,ttrss_prefs_sections,ttrss_user_prefs
2693                                 WHERE type_id = ttrss_prefs_types.id AND
2694                                         section_id = ttrss_prefs_sections.id AND
2695                                         ttrss_user_prefs.pref_name = ttrss_prefs.pref_name AND
2696                                         owner_uid = ".$_SESSION["uid"]."
2697                                 ORDER BY section_id,short_desc");
2698
2699                         print "<form action=\"backend.php\" method=\"POST\">";
2700
2701                         $lnum = 0;
2702
2703                         $active_section = "";
2704
2705                         while ($line = db_fetch_assoc($result)) {
2706
2707                                 if ($active_section != $line["section_name"]) {
2708
2709                                         if ($active_section != "") {
2710                                                 print "</table>";
2711                                         }
2712
2713                                         print "<p><table width=\"100%\" class=\"prefPrefsList\">";
2714
2715                                         $active_section = $line["section_name"];
2716
2717                                         print "<tr><td colspan=\"3\"><h3>$active_section</h3></td></tr>";
2718 //                                      print "<tr class=\"title\">
2719 //                                              <td width=\"25%\">Option</td><td>Value</td></tr>";
2720
2721                                         $lnum = 0;
2722                                 }
2723
2724 //                              $class = ($lnum % 2) ? "even" : "odd";
2725
2726                                 print "<tr>";
2727
2728                                 $type_name = $line["type_name"];
2729                                 $pref_name = $line["pref_name"];
2730                                 $value = $line["value"];
2731                                 $def_value = $line["def_value"];
2732                                 $help_text = $line["help_text"];
2733
2734                                 print "<td width=\"40%\" id=\"$pref_name\">" . $line["short_desc"];
2735
2736                                 if ($help_text) print "<div class=\"prefHelp\">$help_text</div>";
2737
2738                                 print "</td>";
2739
2740                                 print "<td>";
2741
2742                                 if ($type_name == "bool") {
2743 //                                      print_select($pref_name, $value, array("true", "false"));
2744
2745                                         if ($value == "true") {
2746                                                 $value = "Yes";
2747                                         } else {
2748                                                 $value = "No";
2749                                         }
2750
2751                                         print_radio($pref_name, $value, array("Yes", "No"));
2752
2753                                 } else {
2754                                         print "<input class=\"editbox\" name=\"$pref_name\" value=\"$value\">";
2755                                 }
2756
2757                                 print "</td>";
2758
2759                                 print "</tr>";
2760
2761                                 $lnum++;
2762                         }
2763
2764                         print "</table>";
2765
2766                         print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
2767
2768                         print "<p><input class=\"button\" type=\"submit\"
2769                                 name=\"subop\" value=\"Save configuration\">";
2770
2771                         print "&nbsp;<input class=\"button\" type=\"submit\"
2772                                 name=\"subop\" value=\"Reset to defaults\"></p>";
2773
2774                         print "</form>";
2775
2776                 }
2777
2778         }
2779
2780         if ($op == "pref-users") {
2781
2782                 $subop = $_GET["subop"];
2783
2784                 if ($subop == "editSave") {
2785
2786                         if (!WEB_DEMO_MODE) {
2787
2788                                 $login = db_escape_string($_GET["l"]);
2789                                 $uid = db_escape_string($_GET["id"]);
2790                                 $access_level = sprintf("%d", $_GET["al"]);
2791
2792                                 db_query($link, "UPDATE ttrss_users SET login = '$login', access_level = '$access_level' WHERE id = '$uid'");
2793
2794                         }
2795                 } else if ($subop == "remove") {
2796
2797                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
2798
2799                                 $ids = split(",", db_escape_string($_GET["ids"]));
2800
2801                                 foreach ($ids as $id) {
2802                                         db_query($link, "DELETE FROM ttrss_users WHERE id = '$id' AND id != " . $_SESSION["uid"]);
2803
2804                                 }
2805                         }
2806                 } else if ($subop == "add") {
2807
2808                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
2809
2810                                 $login = db_escape_string(trim($_GET["login"]));
2811                                 $tmp_user_pwd = make_password(8);
2812                                 $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd);
2813
2814                                 db_query($link, "INSERT INTO ttrss_users (login,pwd_hash,access_level)
2815                                         VALUES ('$login', '$pwd_hash', 0)");
2816
2817
2818                                 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
2819                                         login = '$login' AND pwd_hash = '$pwd_hash'");
2820
2821                                 if (db_num_rows($result) == 1) {
2822
2823                                         $new_uid = db_fetch_result($result, 0, "id");
2824
2825                                         print "<div class=\"notice\">Added user <b>".$_GET["login"].
2826                                                 "</b> with password <b>$tmp_user_pwd</b>.</div>";
2827
2828                                         initialize_user($link, $new_uid);
2829
2830                                 } else {
2831
2832                                         print "<div class=\"warning\">Error while adding user <b>".
2833                                         $_GET["login"].".</b></div>";
2834
2835                                 }
2836                         }
2837                 } else if ($subop == "resetPass") {
2838
2839                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
2840
2841                                 $uid = db_escape_string($_GET["id"]);
2842
2843                                 $result = db_query($link, "SELECT login FROM ttrss_users WHERE id = '$uid'");
2844
2845                                 $login = db_fetch_result($result, 0, "login");
2846                                 $tmp_user_pwd = make_password(8);
2847                                 $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd);
2848
2849                                 db_query($link, "UPDATE ttrss_users SET pwd_hash = '$pwd_hash'
2850                                         WHERE id = '$uid'");
2851
2852                                 print "<div class=\"notice\">Changed password of
2853                                         user <b>$login</b> to <b>$tmp_user_pwd</b>.</div>";
2854
2855                         }
2856                 }
2857
2858                 print "<div class=\"prefGenericAddBox\">
2859                         <input id=\"uadd_box\" onchange=\"javascript:addUser()\" size=\"40\">&nbsp;";
2860
2861                 print"<input type=\"submit\" class=\"button\"
2862                         onclick=\"javascript:addUser()\" value=\"Add user\"></div>";
2863
2864                 $result = db_query($link, "SELECT
2865                                 id,login,access_level,
2866                                 SUBSTRING(last_login,1,16) as last_login
2867                         FROM
2868                                 ttrss_users
2869                         ORDER by login");
2870
2871                 print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
2872
2873                 print "<p><table width=\"100%\" cellspacing=\"0\"
2874                         class=\"prefUserList\" id=\"prefUserList\">";
2875
2876                 print "<tr><td class=\"selectPrompt\" colspan=\"8\">
2877                                 Select:
2878                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefUserList',
2879                                                 'UMRR-', 'UMCHK-', true)\">All</a>,
2880                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefUserList',
2881                                                 'UMRR-', 'UMCHK-', false)\">None</a>
2882                                 </td</tr>";
2883
2884                 print "<tr class=\"title\">
2885                                         <td width=\"5%\">Select</td>
2886                                         <td width='30%'>Username</td>
2887                                         <td width='30%'>Access Level</td>
2888                                         <td width='30%'>Last login</td></tr>";
2889
2890                 $lnum = 0;
2891
2892                 while ($line = db_fetch_assoc($result)) {
2893
2894                         $class = ($lnum % 2) ? "even" : "odd";
2895
2896                         $uid = $line["id"];
2897                         $edit_uid = $_GET["id"];
2898
2899                         if ($uid == $_SESSION["uid"] || ($subop == "edit" && $uid != $edit_uid)) {
2900                                 $class .= "Grayed";
2901                                 $this_row_id = "";
2902                         } else {
2903                                 $this_row_id = "id=\"UMRR-$uid\"";
2904                         }
2905
2906                         print "<tr class=\"$class\" $this_row_id>";
2907
2908                         $line["login"] = htmlspecialchars($line["login"]);
2909
2910                         if ($uid == $_SESSION["uid"]) {
2911
2912                                 print "<td><input disabled=\"true\" type=\"checkbox\"
2913                                         id=\"UMCHK-".$line["id"]."\"></td>";
2914
2915                                 print "<td>".$line["login"]."</td>";
2916                                 print "<td>".$line["access_level"]."</td>";
2917
2918                         } else if (!$edit_uid || $subop != "edit") {
2919
2920                                 print "<td><input onclick='toggleSelectRow(this);'
2921                                 type=\"checkbox\" id=\"UMCHK-$uid\"></td>";
2922
2923                                 print "<td><a href=\"javascript:editUser($uid);\">" .
2924                                         $line["login"] . "</td>";
2925
2926                                 print "<td><a href=\"javascript:editUser($uid);\">" .
2927                                         $line["access_level"] . "</td>";
2928
2929                         } else if ($uid != $edit_uid) {
2930
2931                                 print "<td><input disabled=\"true\" type=\"checkbox\"
2932                                         id=\"UMCHK-".$line["id"]."\"></td>";
2933
2934                                 print "<td>".$line["login"]."</td>";
2935                                 print "<td>".$line["access_level"]."</td>";
2936
2937                         } else {
2938
2939                                 print "<td><input disabled=\"true\" type=\"checkbox\" checked></td>";
2940
2941                                 print "<td><input id=\"iedit_ulogin\" value=\"".$line["login"].
2942                                         "\"></td>";
2943
2944                                 print "<td><input id=\"iedit_ulevel\" value=\"".$line["access_level"].
2945                                         "\"></td>";
2946
2947                         }
2948
2949                         print "<td>".$line["last_login"]."</td>";
2950
2951                         print "</tr>";
2952
2953                         ++$lnum;
2954                 }
2955
2956                 print "</table>";
2957
2958                 print "<p>";
2959
2960                 if ($subop == "edit") {
2961                         print "Edit label:
2962                                 <input type=\"submit\" class=\"button\"
2963                                         onclick=\"javascript:userEditCancel()\" value=\"Cancel\">
2964                                 <input type=\"submit\" class=\"button\"
2965                                         onclick=\"javascript:userEditSave()\" value=\"Save\">";
2966
2967                 } else {
2968
2969                         print "
2970                                 Selection:
2971                         <input type=\"submit\" class=\"button\"
2972                                 onclick=\"javascript:selectedUserDetails()\" value=\"User details\">
2973                         <input type=\"submit\" class=\"button\"
2974                                 onclick=\"javascript:editSelectedUser()\" value=\"Edit\">
2975                         <input type=\"submit\" class=\"button\"
2976                                 onclick=\"javascript:removeSelectedUsers()\" value=\"Remove\">
2977                         <input type=\"submit\" class=\"button\"
2978                                 onclick=\"javascript:resetSelectedUserPass()\" value=\"Reset password\">";
2979
2980                 }
2981         }
2982
2983         if ($op == "user-details") {
2984
2985                 if (WEB_DEMO_MODE || $_SESSION["access_level"] < 10) {
2986                         return;
2987                 }
2988
2989 /*              print "<html><head>
2990                         <title>Tiny Tiny RSS : User Details</title>
2991                         <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">
2992                         <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
2993                         </head><body>"; */
2994
2995                 $uid = sprintf("%d", $_GET["id"]);
2996
2997                 print "<div class='infoBoxContents'>";
2998
2999                 $result = db_query($link, "SELECT login,
3000                         SUBSTRING(last_login,1,16) AS last_login,
3001                         access_level,
3002                         (SELECT COUNT(int_id) FROM ttrss_user_entries
3003                                 WHERE owner_uid = id) AS stored_articles
3004                         FROM ttrss_users
3005                         WHERE id = '$uid'");
3006
3007                 if (db_num_rows($result) == 0) {
3008                         print "<h1>User not found</h1>";
3009                         return;
3010                 }
3011
3012                 print "<h1>User Details</h1>";
3013
3014                 print "<table width='100%'>";
3015
3016                 $login = db_fetch_result($result, 0, "login");
3017                 $last_login = db_fetch_result($result, 0, "last_login");
3018                 $access_level = db_fetch_result($result, 0, "access_level");
3019                 $stored_articles = db_fetch_result($result, 0, "stored_articles");
3020
3021                 print "<tr><td>Username</td><td>$login</td></tr>";
3022                 print "<tr><td>Access level</td><td>$access_level</td></tr>";
3023                 print "<tr><td>Last logged in</td><td>$last_login</td></tr>";
3024                 print "<tr><td>Stored articles</td><td>$stored_articles</td></tr>";
3025
3026                 $result = db_query($link, "SELECT COUNT(id) as num_feeds FROM ttrss_feeds
3027                         WHERE owner_uid = '$uid'");
3028
3029                 $num_feeds = db_fetch_result($result, 0, "num_feeds");
3030
3031                 print "<tr><td>Subscribed feeds count</td><td>$num_feeds</td></tr>";
3032
3033 /*              $result = db_query($link, "SELECT
3034                         SUM(LENGTH(content)+LENGTH(title)+LENGTH(link)+LENGTH(guid)) AS db_size
3035                         FROM ttrss_user_entries,ttrss_entries
3036                                 WHERE owner_uid = '$uid' AND ref_id = id");
3037
3038                 $db_size = round(db_fetch_result($result, 0, "db_size") / 1024);
3039
3040                 print "<tr><td>Approx. used DB size</td><td>$db_size KBytes</td></tr>";  */
3041
3042                 print "</table>";
3043
3044                 print "<h1>Subscribed feeds</h1>";
3045
3046                 $result = db_query($link, "SELECT id,title,feed_url FROM ttrss_feeds
3047                         WHERE owner_uid = '$uid' ORDER BY title LIMIT 20");
3048
3049                 print "<ul class=\"nomarks\">";
3050
3051                 while ($line = db_fetch_assoc($result)) {
3052
3053                         $icon_file = ICONS_URL."/".$line["id"].".ico";
3054
3055                         if (file_exists($icon_file) && filesize($icon_file) > 0) {
3056                                 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"$icon_file\">";
3057                         } else {
3058                                 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
3059                         }
3060
3061                         print "<li>$feed_icon&nbsp;<a href=\"".$line["feed_url"]."\">".$line["title"]."</a></li>";
3062                 }
3063
3064                 if (db_num_rows($result) < $num_feeds) {
3065                          // FIXME - add link to show ALL subscribed feeds here somewhere
3066                         print "<li><img
3067                                 class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">&nbsp;...</li>";
3068                 }
3069
3070                 print "</ul>";
3071
3072                 print "</div>";
3073
3074                 print "<div align='center'>
3075                         <input type='submit' class='button'
3076                         onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
3077
3078 //              print "</body></html>";
3079
3080         }
3081
3082         if ($op == "feed-details") {
3083
3084                 $feed_id = $_GET["id"];
3085
3086                 $result = db_query($link,
3087                         "SELECT
3088                                 title,feed_url,last_updated,icon_url,site_url,
3089                                 (SELECT COUNT(int_id) FROM ttrss_user_entries
3090                                         WHERE feed_id = id) AS total,
3091                                 (SELECT COUNT(int_id) FROM ttrss_user_entries
3092                                         WHERE feed_id = id AND unread = true) AS unread,
3093                                 (SELECT COUNT(int_id) FROM ttrss_user_entries
3094                                         WHERE feed_id = id AND marked = true) AS marked
3095                         FROM ttrss_feeds
3096                         WHERE id = '$feed_id' AND owner_uid = ".$_SESSION["uid"]);
3097
3098                 if (db_num_rows($result) == 0) return;
3099
3100                 $title = db_fetch_result($result, 0, "title");
3101                 $last_updated = db_fetch_result($result, 0, "last_updated");
3102                 $feed_url = db_fetch_result($result, 0, "feed_url");
3103                 $icon_url = db_fetch_result($result, 0, "icon_url");
3104                 $total = db_fetch_result($result, 0, "total");
3105                 $unread = db_fetch_result($result, 0, "unread");
3106                 $marked = db_fetch_result($result, 0, "marked");
3107                 $site_url = db_fetch_result($result, 0, "site_url");
3108
3109                 $result = db_query($link, "SELECT COUNT(id) AS subscribed
3110                                         FROM ttrss_feeds WHERE feed_url = '$feed_url'");
3111
3112                 $subscribed = db_fetch_result($result, 0, "subscribed");
3113
3114                 print "<div class=\"infoBoxContents\">";
3115
3116                 $icon_file = ICONS_DIR . "/$feed_id.ico";
3117
3118                 if (file_exists($icon_file) && filesize($icon_file) > 0) {
3119                                 $feed_icon = "<img width=\"16\" height=\"16\"
3120                                         src=\"" . ICONS_URL . "/$feed_id.ico\">";
3121                 } else {
3122                         $feed_icon = "";
3123                 }
3124
3125                 print "<h1>$feed_icon $title</h1>";
3126
3127                 print "<table width='100%'>";
3128
3129                 if ($site_url) {
3130                         print "<tr><td width='30%'>Link</td>
3131                                 <td><a href=\"$site_url\">$site_url</a>
3132                                 <a href=\"$feed_url\">(feed)</a></td>
3133                                 </td></tr>";
3134                 } else {
3135                         print "<tr><td width='30%'>Feed URL</td>
3136                                 <td><a href=\"$feed_url\">$feed_url</a></td></tr>";
3137                 }
3138                 print "<tr><td>Last updated</td><td>$last_updated</td></tr>";
3139                 print "<tr><td>Total articles</td><td>$total</td></tr>";
3140                 print "<tr><td>Unread articles</td><td>$unread</td></tr>";
3141                 print "<tr><td>Starred articles</td><td>$marked</td></tr>";
3142                 print "<tr><td>Subscribed users</td><td>$subscribed</td></tr>";
3143
3144                 print "</table>";
3145
3146                 $result = db_query($link, "SELECT title,
3147                         SUBSTRING(updated,1,16) AS updated,unread
3148                         FROM ttrss_entries,ttrss_user_entries
3149                         WHERE ref_id = id AND feed_id = '$feed_id'
3150                         ORDER BY date_entered DESC LIMIT 5");
3151
3152                 if (db_num_rows($result) > 0) {
3153
3154                         print "<h1>Latest headlines</h1>";
3155
3156                         print "<ul class=\"nomarks\">";
3157
3158                         while ($line = db_fetch_assoc($result)) {
3159                                 if ($line["unread"] == "t" || $line["unread"] == "1") {
3160                                         $line["title"] = "<b>" . $line["title"] . "</b>";
3161                                 }
3162                                 print "<li>" . $line["title"].
3163                                 "&nbsp;<span class=\"insensitive\">(" .$line["updated"].")</span></li>";
3164                         }
3165
3166                         print "</ul>";
3167
3168                         print "</div>";
3169
3170                         print "<div align='center'>
3171                                 <input type='submit' class='button'
3172                                 onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
3173                 }
3174         }
3175
3176         db_close($link);
3177 ?>
3178
3179 <!-- <?= sprintf("Backend execution time: %.4f seconds", getmicrotime() - $script_started) ?> -->
3180