backend.php

   1 <?
   2         session_start();
   3
   4         if ($_GET["debug"]) {
   5                 define('DEFAULT_ERROR_LEVEL', E_ALL);
   6         } else {
   7                 define('DEFAULT_ERROR_LEVEL', E_ERROR | E_WARNING | E_PARSE);
   8         }
   9
  10         error_reporting(DEFAULT_ERROR_LEVEL);
  11
  12         $op = $_REQUEST["op"];
  13
  14         if ((!$op || $op == "rpc" || $op == "globalUpdateFeeds") && !$_REQUEST["noxml"]) {
  15                 header("Content-Type: application/xml");
  16         }
  17
  18         if (!$_SESSION["uid"] && $op != "globalUpdateFeeds") {
  19
  20                 if ($op == "rpc") {
  21                         print "<error error-code=\"6\"/>";
  22                 }
  23                 exit;
  24         }
  25
  26         if (!$op) {
  27                 print "<error error-code=\"7\"/>";
  28                 exit;
  29         }
  30
  31         define('SCHEMA_VERSION', 2);
  32
  33         require_once "sanity_check.php";
  34         require_once "config.php";
  35         require_once "db.php";
  36         require_once "db-prefs.php";
  37         require_once "functions.php";
  38         require_once "magpierss/rss_fetch.inc";
  39
  40         $script_started = getmicrotime();
  41
  42         $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
  43
  44         if (!$link) {
  45                 if (DB_TYPE == "mysql") {
  46                         print mysql_error();
  47                 }
  48                 // PG seems to display its own errors just fine by default.
  49                 return;
  50         }
  51
  52         if (DB_TYPE == "pgsql") {
  53                 pg_query("set client_encoding = 'utf-8'");
  54         }
  55
  56         $fetch = $_GET["fetch"];
  57
  58         function getAllCounters($link) {
  59                 getLabelCounters($link);
  60                 getFeedCounters($link);
  61                 getTagCounters($link);
  62                 getGlobalCounters($link);
  63         }
  64
  65         /* FIXME this needs reworking */
  66
  67         function getGlobalCounters($link) {
  68                 $result = db_query($link, "SELECT count(id) as c_id FROM ttrss_entries,ttrss_user_entries
  69                         WHERE unread = true AND
  70                         ttrss_user_entries.ref_id = ttrss_entries.id AND
  71                         owner_uid = " . $_SESSION["uid"]);
  72                 $c_id = db_fetch_result($result, 0, "c_id");
  73                 print "<counter id='global-unread' counter='$c_id'/>";
  74         }
  75
  76         function getTagCounters($link) {
  77
  78                 $result = db_query($link, "SELECT tag_name,count(ttrss_entries.id) AS count
  79                         FROM ttrss_tags,ttrss_entries,ttrss_user_entries WHERE
  80                         ttrss_user_entries.ref_id = ttrss_entries.id AND
  81                         ttrss_tags.owner_uid = ".$_SESSION["uid"]." AND
  82                         post_int_id = ttrss_user_entries.int_id AND unread = true GROUP BY tag_name
  83                 UNION
  84                         select tag_name,0 as count FROM ttrss_tags
  85                         WHERE ttrss_tags.owner_uid = ".$_SESSION["uid"]);
  86
  87                 $tags = array();
  88
  89                 while ($line = db_fetch_assoc($result)) {
  90                         $tags[$line["tag_name"]] += $line["count"];
  91                 }
  92
  93                 foreach (array_keys($tags) as $tag) {
  94                         $unread = $tags[$tag];
  95
  96                         $tag = htmlspecialchars($tag);
  97                         print "<tag id=\"$tag\" counter=\"$unread\"/>";
  98                 }
  99         }
 100
 101         function getLabelCounters($link) {
 102
 103                 $result = db_query($link, "SELECT count(id) as count FROM ttrss_entries,ttrss_user_entries
 104                         WHERE marked = true AND ttrss_user_entries.ref_id = ttrss_entries.id AND
 105                         unread = true AND owner_uid = ".$_SESSION["uid"]);
 106
 107                 $count = db_fetch_result($result, 0, "count");
 108
 109                 print "<label id=\"-1\" counter=\"$count\"/>";
 110
 111                 $result = db_query($link, "SELECT owner_uid,id,sql_exp,description FROM
 112                         ttrss_labels WHERE owner_uid = ".$_SESSION["uid"]." ORDER by description");
 113
 114                 while ($line = db_fetch_assoc($result)) {
 115
 116                         $id = -$line["id"] - 11;
 117
 118                         error_reporting (0);
 119
 120                         $tmp_result = db_query($link, "SELECT count(id) as count FROM ttrss_user_entries,ttrss_entries
 121                                 WHERE (" . $line["sql_exp"] . ") AND unread = true AND
 122                                 ttrss_user_entries.ref_id = ttrss_entries.id AND
 123                                 owner_uid = ".$_SESSION["uid"]);
 124
 125                         $count = db_fetch_result($tmp_result, 0, "count");
 126
 127                         print "<label id=\"$id\" counter=\"$count\"/>";
 128
 129                         error_reporting (DEFAULT_ERROR_LEVEL);
 130
 131                 }
 132         }
 133
 134         function getFeedCounter($link, $id) {
 135
 136                 $result = db_query($link, "SELECT
 137                                 count(id) as count FROM ttrss_entries,ttrss_user_entries
 138                         WHERE feed_id = '$id' AND unread = true
 139                         AND ttrss_user_entries.ref_id = ttrss_entries.id");
 140
 141                         $count = db_fetch_result($result, 0, "count");
 142
 143                         print "<feed id=\"$id\" counter=\"$count\"/>";
 144         }
 145
 146         function getFeedCounters($link) {
 147
 148                 $result = db_query($link, "SELECT id,
 149                         (SELECT count(id)
 150                                 FROM ttrss_entries,ttrss_user_entries
 151                                 WHERE feed_id = ttrss_feeds.id AND ttrss_user_entries.ref_id = ttrss_entries.id
 152                                 AND unread = true AND owner_uid = ".$_SESSION["uid"].") as count
 153                         FROM ttrss_feeds WHERE owner_uid = ".$_SESSION["uid"]);
 154
 155                 while ($line = db_fetch_assoc($result)) {
 156
 157                         $id = $line["id"];
 158                         $count = $line["count"];
 159
 160                         print "<feed id=\"$id\" counter=\"$count\"/>";
 161                 }
 162         }
 163
 164         function outputFeedList($link, $tags = false) {
 165
 166                 print "<html><head>
 167                         <title>Tiny Tiny RSS : Feedlist</title>
 168                         <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">";
 169
 170                 $user_theme = $_SESSION["theme"];
 171                 if ($user_theme) {
 172                         print "<link rel=\"stylesheet\" type=\"text/css\"
 173                                 href=\"themes/$user_theme/theme.css\">";
 174                 }
 175
 176                 if (get_pref($link, 'USE_COMPACT_STYLESHEET')) {
 177                         print "<link rel=\"stylesheet\" type=\"text/css\"
 178                                 href=\"tt-rss_compact.css\"/>";
 179                 } else {
 180                         print "<link title=\"Compact Stylesheet\" rel=\"alternate stylesheet\"
 181                                         type=\"text/css\" href=\"tt-rss_compact.css\"/>";
 182                 }
 183
 184                 print "<script type=\"text/javascript\" src=\"functions.js\"></script>
 185                         <script type=\"text/javascript\" src=\"feedlist.js\"></script>
 186                         <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
 187                         </head><body onload=\"init()\">";
 188
 189                 print "<ul class=\"feedList\" id=\"feedList\">";
 190
 191                 $owner_uid = $_SESSION["uid"];
 192
 193                 if (!$tags) {
 194
 195                         /* virtual feeds */
 196
 197                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 198                                 print "<li class=\"feedCat\">Special</li>";
 199                                 print "<li id=\"feedCatHolder\"><ul class=\"feedCatList\">";
 200                         }
 201
 202                         $result = db_query($link, "SELECT count(id) as num_starred
 203                                 FROM ttrss_entries,ttrss_user_entries
 204                                 WHERE marked = true AND
 205                                 ttrss_user_entries.ref_id = ttrss_entries.id AND
 206                                 unread = true AND owner_uid = '$owner_uid'");
 207                         $num_starred = db_fetch_result($result, 0, "num_starred");
 208
 209                         $class = "virt";
 210
 211                         if ($num_starred > 0) $class .= "Unread";
 212
 213                         printFeedEntry(-1, $class, "Starred articles", $num_starred,
 214                                 "images/mark_set.png", $link);
 215
 216                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 217                                 print "</li></ul>";
 218                         }
 219
 220                         if (get_pref($link, 'ENABLE_LABELS')) {
 221
 222                                 $result = db_query($link, "SELECT id,sql_exp,description FROM
 223                                         ttrss_labels WHERE owner_uid = '$owner_uid' ORDER by description");
 224
 225                                 if (db_num_rows($result) > 0) {
 226                                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 227                                                 print "<li class=\"feedCat\">Labels</li>";
 228                                                 print "<li id=\"feedCatHolder\"><ul class=\"feedCatList\">";
 229                                         } else {
 230                                                 print "<li><hr></li>";
 231                                         }
 232                                 }
 233
 234                                 while ($line = db_fetch_assoc($result)) {
 235
 236                                         error_reporting (0);
 237
 238                                         $tmp_result = db_query($link, "SELECT count(id) as count FROM ttrss_entries,ttrss_user_entries
 239                                                 WHERE (" . $line["sql_exp"] . ") AND unread = true AND
 240                                                 ttrss_user_entries.ref_id = ttrss_entries.id
 241                                                 AND owner_uid = '$owner_uid'");
 242
 243                                         $count = db_fetch_result($tmp_result, 0, "count");
 244
 245                                         $class = "label";
 246
 247                                         if ($count > 0) {
 248                                                 $class .= "Unread";
 249                                         }
 250
 251                                         error_reporting (DEFAULT_ERROR_LEVEL);
 252
 253                                         printFeedEntry(-$line["id"]-11,
 254                                                 $class, $line["description"], $count, "images/label.png", $link);
 255
 256                                 }
 257
 258                                 if (db_num_rows($result) > 0) {
 259                                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 260                                                 print "</li></ul>";
 261                                         }
 262                                 }
 263
 264                         }
 265
 266 //                      if (!get_pref($link, 'ENABLE_FEED_CATS')) {
 267                                 print "<li><hr></li>";
 268 //                      }
 269
 270                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 271                                 $order_by_qpart = "category,title";
 272                         } else {
 273                                 $order_by_qpart = "title";
 274                         }
 275
 276                         $result = db_query($link, "SELECT *,
 277                                 (SELECT count(id) FROM ttrss_entries,ttrss_user_entries
 278                                         WHERE feed_id = ttrss_feeds.id AND
 279                                         ttrss_user_entries.ref_id = ttrss_entries.id AND
 280                                         owner_uid = '$owner_uid') AS total,
 281                                 (SELECT count(id) FROM ttrss_entries,ttrss_user_entries
 282                                         WHERE feed_id = ttrss_feeds.id AND unread = true
 283                                                 AND ttrss_user_entries.ref_id = ttrss_entries.id
 284                                                 AND owner_uid = '$owner_uid') as unread,
 285                                 (SELECT title FROM ttrss_feed_categories
 286                                         WHERE id = cat_id) AS category
 287                                 FROM ttrss_feeds WHERE owner_uid = '$owner_uid' ORDER BY $order_by_qpart");
 288
 289                         $actid = $_GET["actid"];
 290
 291                         /* real feeds */
 292
 293                         $lnum = 0;
 294
 295                         $total_unread = 0;
 296
 297                         $category = "";
 298
 299                         while ($line = db_fetch_assoc($result)) {
 300
 301                                 $feed = $line["title"];
 302                                 $feed_id = $line["id"];
 303
 304                                 $subop = $_GET["subop"];
 305
 306                                 $total = $line["total"];
 307                                 $unread = $line["unread"];
 308
 309                                 $tmp_category = $line["category"];
 310
 311                                 if (!$tmp_category) {
 312                                         $tmp_category = "Uncategorized";
 313                                 }
 314
 315         //                      $class = ($lnum % 2) ? "even" : "odd";
 316
 317                                 $class = "feed";
 318
 319                                 if ($unread > 0) $class .= "Unread";
 320
 321                                 if ($actid == $feed_id) {
 322                                         $class .= "Selected";
 323                                 }
 324
 325                                 $total_unread += $unread;
 326
 327                                 if ($category != $tmp_category && get_pref($link, 'ENABLE_FEED_CATS')) {
 328
 329                                         if ($category) {
 330                                                 print "</li></ul></li>";
 331                                         }
 332
 333                                         $category = $tmp_category;
 334
 335                                         print "<li class=\"feedCat\">$category</li>";
 336                                         print "<li id=\"feedCatHolder\"><ul class=\"feedCatList\">";
 337                                 }
 338
 339                                 printFeedEntry($feed_id, $class, $feed, $unread,
 340                                         "icons/$feed_id.ico", $link);
 341
 342                                 ++$lnum;
 343                         }
 344
 345                 } else {
 346
 347                         // tags
 348
 349                         $result = db_query($link, "SELECT tag_name,count(ttrss_entries.id) AS count
 350                                 FROM ttrss_tags,ttrss_entries,ttrss_user_entries WHERE
 351                                 post_int_id = ttrss_user_entries.int_id AND
 352                                 unread = true AND ref_id = ttrss_entries.id
 353                                 AND ttrss_tags.owner_uid = '$owner_uid' GROUP BY tag_name
 354                         UNION
 355                                 select tag_name,0 as count FROM ttrss_tags WHERE owner_uid = '$owner_uid'
 356                         ORDER BY tag_name");
 357
 358                         $tags = array();
 359
 360                         while ($line = db_fetch_assoc($result)) {
 361                                 $tags[$line["tag_name"]] += $line["count"];
 362                         }
 363
 364                         foreach (array_keys($tags) as $tag) {
 365
 366                                 $unread = $tags[$tag];
 367
 368                                 $class = "tag";
 369
 370                                 if ($unread > 0) {
 371                                         $class .= "Unread";
 372                                 }
 373
 374                                 printFeedEntry($tag, $class, $tag, $unread, "images/tag.png", $link);
 375
 376                         }
 377
 378                 }
 379
 380                 if (db_num_rows($result) == 0) {
 381                         if ($tags) {
 382                                 $what = "tags";
 383                         } else {
 384                                 $what = "feeds";
 385                         }
 386                         print "<li>No $what to display.</li>";
 387                 }
 388
 389                 print "</ul>";
 390
 391                 print "<div class=\"invisible\" id=\"FEEDTU\">$total_unread</div>";
 392
 393         }
 394
 395
 396         if ($op == "rpc") {
 397
 398                 $subop = $_GET["subop"];
 399
 400                 if ($subop == "getLabelCounters") {
 401                         $aid = $_GET["aid"];
 402                         print "<rpc-reply>";
 403                         getLabelCounters($link);
 404                         if ($aid) {
 405                                 getFeedCounter($link, $aid);
 406                         }
 407                         print "</rpc-reply>";
 408                 }
 409
 410                 if ($subop == "getFeedCounters") {
 411                         print "<rpc-reply>";
 412                         getFeedCounters($link);
 413                         print "</rpc-reply>";
 414                 }
 415
 416                 if ($subop == "getAllCounters") {
 417                         print "<rpc-reply>";
 418                         getAllCounters($link);
 419                         print "</rpc-reply>";
 420                 }
 421
 422                 if ($subop == "mark") {
 423                         $mark = $_GET["mark"];
 424                         $id = db_escape_string($_GET["id"]);
 425
 426                         if ($mark == "1") {
 427                                 $mark = "true";
 428                         } else {
 429                                 $mark = "false";
 430                         }
 431
 432                         // FIXME this needs collision testing
 433
 434                         $result = db_query($link, "UPDATE ttrss_user_entries SET marked = $mark
 435                                 WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 436                 }
 437
 438                 if ($subop == "updateFeed") {
 439                         $feed_id = db_escape_string($_GET["feed"]);
 440
 441                         $result = db_query($link,
 442                                 "SELECT feed_url FROM ttrss_feeds WHERE id = '$feed_id'
 443                                         AND owner_uid = " . $_SESSION["uid"]);
 444
 445                         if (db_num_rows($result) > 0) {
 446                                 $feed_url = db_fetch_result($result, 0, "feed_url");
 447                                 update_rss_feed($link, $feed_url, $feed_id);
 448                         }
 449
 450                         print "<rpc-reply>";
 451                         getFeedCounter($link, $feed_id);
 452                         print "</rpc-reply>";
 453
 454                         return;
 455                 }
 456
 457                 if ($subop == "forceUpdateAllFeeds" || $subop == "updateAllFeeds") {
 458
 459                         update_all_feeds($link, $subop == "forceUpdateAllFeeds");
 460
 461                         $omode = $_GET["omode"];
 462
 463                         if (!$omode) $omode = "tfl";
 464
 465                         print "<rpc-reply>";
 466                         if (strchr($omode, "l")) getLabelCounters($link);
 467                         if (strchr($omode, "f")) getFeedCounters($link);
 468                         if (strchr($omode, "t")) getTagCounters($link);
 469                         getGlobalCounters($link);
 470                         print "</rpc-reply>";
 471                 }
 472
 473                 /* GET["cmode"] = 0 - mark as read, 1 - as unread, 2 - toggle */
 474                 if ($subop == "catchupSelected") {
 475
 476                         $ids = split(",", $_GET["ids"]);
 477
 478                         $cmode = sprintf("%d", $_GET["cmode"]);
 479
 480                         foreach ($ids as $id) {
 481
 482                                 if ($cmode == 0) {
 483                                         db_query($link, "UPDATE ttrss_user_entries SET
 484                                         unread = false,last_read = NOW()
 485                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 486                                 } else if ($cmode == 1) {
 487                                         db_query($link, "UPDATE ttrss_user_entries SET
 488                                         unread = true
 489                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 490                                 } else {
 491                                         db_query($link, "UPDATE ttrss_user_entries SET
 492                                         unread = NOT unread,last_read = NOW()
 493                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 494                                 }
 495                         }
 496                         print "<rpc-reply>";
 497                         getAllCounters($link);
 498                         print "</rpc-reply>";
 499                 }
 500
 501                 if ($subop == "markSelected") {
 502
 503                         $ids = split(",", $_GET["ids"]);
 504
 505                         $cmode = sprintf("%d", $_GET["cmode"]);
 506
 507                         foreach ($ids as $id) {
 508
 509                                 if ($cmode == 0) {
 510                                         db_query($link, "UPDATE ttrss_user_entries SET
 511                                         marked = false
 512                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 513                                 } else if ($cmode == 1) {
 514                                         db_query($link, "UPDATE ttrss_user_entries SET
 515                                         marked = true
 516                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 517                                 } else {
 518                                         db_query($link, "UPDATE ttrss_user_entries SET
 519                                         marked = NOT marked
 520                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 521                                 }
 522                         }
 523                         print "<rpc-reply>";
 524                         getAllCounters($link);
 525                         print "</rpc-reply>";
 526                 }
 527
 528                 if ($subop == "sanityCheck") {
 529
 530                         $error_code = 0;
 531
 532                         $result = db_query($link, "SELECT schema_version FROM ttrss_version");
 533
 534                         $schema_version = db_fetch_result($result, 0, "schema_version");
 535
 536                         if ($schema_version != SCHEMA_VERSION) {
 537                                 $error_code = 5;
 538                         }
 539
 540                         print "<error error-code='$error_code'/>";
 541                 }
 542
 543                 if ($subop == "globalPurge") {
 544
 545                         print "<rpc-reply>";
 546                         global_purge_old_posts($link, true);
 547                         print "</rpc-reply>";
 548
 549                 }
 550
 551         }
 552
 553         if ($op == "feeds") {
 554
 555                 $tags = $_GET["tags"];
 556
 557                 $subop = $_GET["subop"];
 558
 559                 if ($subop == "catchupAll") {
 560                         db_query($link, "UPDATE ttrss_user_entries SET
 561                                 last_read = NOW(),unread = false WHERE owner_uid = " . $_SESSION["uid"]);
 562                 }
 563
 564                 outputFeedList($link, $tags);
 565
 566         }
 567
 568         if ($op == "view") {
 569
 570                 $id = $_GET["id"];
 571                 $feed_id = $_GET["feed"];
 572
 573                 $result = db_query($link, "UPDATE ttrss_user_entries
 574                         SET unread = false,last_read = NOW()
 575                         WHERE ref_id = '$id' AND feed_id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]);
 576
 577                 $addheader = $_GET["addheader"];
 578
 579                 $result = db_query($link, "SELECT title,link,content,feed_id,comments,int_id,
 580                         (SELECT icon_url FROM ttrss_feeds WHERE id = feed_id) as icon_url
 581                         FROM ttrss_entries,ttrss_user_entries
 582                         WHERE   id = '$id' AND ref_id = id");
 583
 584                 if ($addheader) {
 585                         print "<html><head>
 586                                 <title>Tiny Tiny RSS : Article $id</title>
 587                                 <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">";
 588
 589                         $user_theme = $_SESSION["theme"];
 590                         if ($user_theme) {
 591                                 print "<link rel=\"stylesheet\" type=\"text/css\"
 592                                         href=\"themes/$user_theme/theme.css\">";
 593                         }
 594
 595                         if (get_pref($link, 'USE_COMPACT_STYLESHEET')) {
 596                                 print "<link rel=\"stylesheet\" type=\"text/css\"
 597                                         href=\"tt-rss_compact.css\"/>";
 598                         } else {
 599                                 print "<link title=\"Compact Stylesheet\" rel=\"alternate stylesheet\"
 600                                                 type=\"text/css\" href=\"tt-rss_compact.css\"/>";
 601                         }
 602
 603                         print "<script type=\"text/javascript\" src=\"functions.js\"></script>
 604                                 <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
 605                                 </head><body>";
 606                 }
 607
 608                 if ($result) {
 609
 610                         $line = db_fetch_assoc($result);
 611
 612                         if ($line["icon_url"]) {
 613                                 $feed_icon = "<img class=\"feedIcon\" src=\"" . $line["icon_url"] . "\">";
 614                         } else {
 615                                 $feed_icon = "&nbsp;";
 616                         }
 617
 618                         if ($line["comments"] && $line["link"] != $line["comments"]) {
 619                                 $entry_comments = "(<a href=\"".$line["comments"]."\">Comments</a>)";
 620                         } else {
 621                                 $entry_comments = "";
 622                         }
 623
 624                         print "<div class=\"postReply\">";
 625
 626                         print "<div class=\"postHeader\"><table width=\"100%\">";
 627
 628                         print "<tr><td colspan='2'>" . $line["title"] . "</td></tr>";
 629
 630                         $tmp_result = db_query($link, "SELECT DISTINCT tag_name FROM
 631                                 ttrss_tags WHERE post_int_id = " . $line["int_id"] . "
 632                                 ORDER BY tag_name");
 633
 634                         $tags_str = "";
 635
 636                         while ($tmp_line = db_fetch_assoc($tmp_result)) {
 637                                 $tag = $tmp_line["tag_name"];
 638                                 $tags_str .= "<a href=\"javascript:parent.viewfeed('$tag')\">$tag</a>, ";
 639                         }
 640
 641                         $tags_str = preg_replace("/, $/", "", $tags_str);
 642
 643                         print "<tr><td width='50%'>
 644                                 <a href=\"" . $line["link"] . "\">".$line["link"]."</a>
 645                                 $entry_comments</td>
 646                                 <td align=\"right\">$tags_str</td></tr>";
 647
 648 /*                      if ($tags_str) {
 649                                 print "<tr><td><b>Tags:</b></td>
 650                                         <td width='100%'>$tags_str</td></tr>";
 651                         } */
 652
 653                         print "</table></div>";
 654
 655                         print "<div class=\"postIcon\">" . $feed_icon . "</div>";
 656                         print "<div class=\"postContent\">" . $line["content"] . "</div>";
 657
 658                         print "</div>";
 659
 660                         print "<script type=\"text/javascript\">
 661                                 update_all_counters('$feed_id');
 662                         </script>";
 663                 }
 664
 665                 if ($addheader) {
 666                         print "</body></html>";
 667                 }
 668         }
 669
 670         if ($op == "viewfeed") {
 671
 672                 $feed = $_GET["feed"];
 673                 $skip = $_GET["skip"];
 674                 $subop = $_GET["subop"];
 675                 $view_mode = $_GET["view"];
 676                 $addheader = $_GET["addheader"];
 677                 $limit = $_GET["limit"];
 678
 679                 if (!$feed) {
 680                         return;
 681                 }
 682
 683                 if (!$skip) $skip = 0;
 684
 685                 if ($subop == "undefined") $subop = "";
 686
 687                 if ($addheader) {
 688                         print "<html><head>
 689                                 <title>Tiny Tiny RSS : Feed $feed</title>
 690                                 <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">";
 691
 692                         $user_theme = $_SESSION["theme"];
 693                         if ($user_theme) {
 694                                 print "<link rel=\"stylesheet\" type=\"text/css\"
 695                                         href=\"themes/$user_theme/theme.css\">";
 696                         }
 697
 698                         if (get_pref($link, 'USE_COMPACT_STYLESHEET')) {
 699                                 print "<link rel=\"stylesheet\"
 700                                                 type=\"text/css\" href=\"tt-rss_compact.css\"/>";
 701
 702                         } else {
 703                                 print "<link title=\"Compact Stylesheet\" rel=\"alternate stylesheet\"
 704                                                 type=\"text/css\" href=\"tt-rss_compact.css\"/>";
 705                         }
 706
 707                         print "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
 708                                 <script type=\"text/javascript\" src=\"functions.js\"></script>
 709                                 <script type=\"text/javascript\" src=\"viewfeed.js\"></script>
 710                                 </head><body onload='init()'>";
 711                 }
 712
 713                 if ($subop == "ForceUpdate" && sprintf("%d", $feed) > 0) {
 714
 715                         $tmp_result = db_query($link, "SELECT feed_url FROM ttrss_feeds
 716                                 WHERE id = '$feed'");
 717
 718                         $feed_url = db_fetch_result($tmp_result, 0, "feed_url");
 719
 720                         update_rss_feed($link, $feed_url, $feed);
 721
 722                 }
 723
 724                 if ($subop == "MarkAllRead")  {
 725
 726                         if (sprintf("%d", $feed) != 0) {
 727
 728                                 if ($feed > 0) {
 729                                         db_query($link, "UPDATE ttrss_user_entries
 730                                                 SET unread = false,last_read = NOW()
 731                                                 WHERE feed_id = '$feed' AND owner_uid = " . $_SESSION["uid"]);
 732
 733                                 } else if ($feed < 0 && $feed > -10) { // special, like starred
 734
 735                                         if ($feed == -1) {
 736                                                 db_query($link, "UPDATE ttrss_user_entries
 737                                                         SET unread = false,last_read = NOW()
 738                                                         WHERE marked = true AND owner_uid = ".$_SESSION["uid"]);
 739                                         }
 740
 741                                 } else if ($feed < -10) { // label
 742
 743                                         // TODO make this more efficient
 744
 745                                         $label_id = -$feed - 11;
 746
 747                                         $tmp_result = db_query($link, "SELECT sql_exp FROM ttrss_labels
 748                                                 WHERE id = '$label_id'");
 749
 750                                         if ($tmp_result) {
 751                                                 $sql_exp = db_fetch_result($tmp_result, 0, "sql_exp");
 752
 753                                                 db_query($link, "BEGIN");
 754
 755                                                 $tmp2_result = db_query($link,
 756                                                         "SELECT
 757                                                                 int_id
 758                                                         FROM
 759                                                                 ttrss_user_entries,ttrss_entries
 760                                                         WHERE
 761                                                                 ref_id = id AND
 762                                                                 $sql_exp AND
 763                                                                 owner_uid = " . $_SESSION["uid"]);
 764
 765                                                 while ($tmp_line = db_fetch_assoc($tmp2_result)) {
 766                                                         db_query($link, "UPDATE
 767                                                                 ttrss_user_entries
 768                                                         SET
 769                                                                 unread = false, last_read = NOW()
 770                                                         WHERE
 771                                                                 int_id = " . $tmp_line["int_id"]);
 772                                                 }
 773
 774                                                 db_query($link, "COMMIT");
 775
 776 /*                                              db_query($link, "UPDATE ttrss_user_entries,ttrss_entries
 777                                                         SET unread = false,last_read = NOW()
 778                                                         WHERE $sql_exp
 779                                                         AND ref_id = id
 780                                                         AND owner_uid = ".$_SESSION["uid"]); */
 781                                         }
 782                                 }
 783                         } else { // tag
 784                                 db_query($link, "BEGIN");
 785
 786                                 $tag_name = db_escape_string($feed);
 787
 788                                 $result = db_query($link, "SELECT post_int_id FROM ttrss_tags
 789                                         WHERE tag_name = '$tag_name' AND owner_uid = " . $_SESSION["uid"]);
 790
 791                                 while ($line = db_fetch_assoc($result)) {
 792                                         db_query($link, "UPDATE ttrss_user_entries SET
 793                                                 unread = false, last_read = NOW()
 794                                                 WHERE int_id = " . $line["post_int_id"]);
 795                                 }
 796                                 db_query($link, "COMMIT");
 797                         }
 798
 799                 }
 800
 801                 $search = $_GET["search"];
 802
 803                 $search_mode = $_GET["smode"];
 804
 805                 if ($search) {
 806                         $search_query_part = "(upper(title) LIKE upper('%$search%')
 807                                 OR content LIKE '%$search%') AND";
 808                 } else {
 809                         $search_query_part = "";
 810                 }
 811
 812                 $view_query_part = "";
 813
 814                 if ($view_mode == "Starred") {
 815                         $view_query_part = " marked = true AND ";
 816                 }
 817
 818                 if ($view_mode == "Unread") {
 819                         $view_query_part = " unread = true AND ";
 820                 }
 821
 822                 if ($view_mode == "Unread or Starred") {
 823                         $view_query_part = " (unread = true OR marked = true) AND ";
 824                 }
 825
 826                 if ($view_mode == "Unread or Updated") {
 827                         $view_query_part = " (unread = true OR last_read is NULL) AND ";
 828                 }
 829
 830 /*              $result = db_query($link, "SELECT count(id) AS total_entries
 831                         FROM ttrss_entries WHERE
 832                         $search_query_part
 833                         feed_id = '$feed'");
 834
 835                 $total_entries = db_fetch_result($result, 0, "total_entries"); */
 836
 837 /*              $result = db_query("SELECT count(id) AS unread_entries
 838                         FROM ttrss_entries WHERE
 839                         $search_query_part
 840                         unread = true AND
 841                         feed_id = '$feed'");
 842
 843                 $unread_entries = db_fetch_result($result, 0, "unread_entries"); */
 844
 845                 if ($limit && $limit != "All") {
 846                         $limit_query_part = "LIMIT " . $limit;
 847                 }
 848
 849                 $vfeed_query_part = "";
 850
 851                 // override query strategy and enable feed display when searching globally
 852                 if ($search && $search_mode == "All feeds") {
 853                         $query_strategy_part = "id > 0";
 854                         $vfeed_query_part = "(SELECT title FROM ttrss_feeds WHERE
 855                                 id = feed_id) as feed_title,";
 856                 } else if (sprintf("%d", $feed) == 0) {
 857                         $query_strategy_part = "ttrss_entries.id > 0";
 858                         $vfeed_query_part = "(SELECT title FROM ttrss_feeds WHERE
 859                                 id = feed_id) as feed_title,";
 860                 } else if ($feed >= 0) {
 861                         $query_strategy_part = "feed_id = '$feed'";
 862                 } else if ($feed == -1) { // starred virtual feed
 863                         $query_strategy_part = "marked = true";
 864                         $vfeed_query_part = "(SELECT title FROM ttrss_feeds WHERE
 865                                 id = feed_id) as feed_title,";
 866                 } else if ($feed <= -10) { // labels
 867                         $label_id = -$feed - 11;
 868
 869                         $tmp_result = db_query($link, "SELECT sql_exp FROM ttrss_labels
 870                                 WHERE id = '$label_id'");
 871
 872                         $query_strategy_part = db_fetch_result($tmp_result, 0, "sql_exp");
 873
 874                         $vfeed_query_part = "(SELECT title FROM ttrss_feeds WHERE
 875                                 id = feed_id) as feed_title,";
 876                 } else {
 877                         $query_strategy_part = "id > 0"; // dumb
 878                 }
 879
 880                 $order_by = "updated DESC";
 881
 882 //              if ($feed < -10) {
 883 //                      $order_by = "feed_id,updated DESC";
 884 //              }
 885
 886                 $feed_title = "";
 887
 888                 if ($search && $search_mode == "All feeds") {
 889                         $feed_title = "Search results";
 890                 } else if (sprintf("%d", $feed) == 0) {
 891                         $feed_title = $feed;
 892                 } else if ($feed > 0) {
 893                         $result = db_query($link, "SELECT title,site_url FROM ttrss_feeds
 894                                 WHERE id = '$feed'");
 895
 896                         $feed_title = db_fetch_result($result, 0, "title");
 897                         $feed_site_url = db_fetch_result($result, 0, "site_url");
 898
 899                 } else if ($feed == -1) {
 900                         $feed_title = "Starred articles";
 901                 } else if ($feed < -10) {
 902                         $label_id = -$feed - 11;
 903                         $result = db_query($link, "SELECT description FROM ttrss_labels
 904                                 WHERE id = '$label_id'");
 905                         $feed_title = db_fetch_result($result, 0, "description");
 906                 } else {
 907                         $feed_title = "?";
 908                 }
 909
 910                 print "<table class=\"headlinesSubToolbar\"
 911                         width=\"100%\" cellspacing=\"0\" cellpadding=\"0\"><tr>";
 912
 913                 print "<td class=\"headlineActions\">
 914                         Select:
 915                                         <a href=\"javascript:selectTableRowsByIdPrefix('headlinesList',
 916                                                 'RROW-', 'RCHK-', true)\">All</a>,
 917                                         <a href=\"javascript:selectTableRowsByIdPrefix('headlinesList',
 918                                                 'RROW-', 'RCHK-', true, 'Unread')\">Unread</a>,
 919                                         <a href=\"javascript:selectTableRowsByIdPrefix('headlinesList',
 920                                                 'RROW-', 'RCHK-', false)\">None</a>
 921                         &nbsp;&nbsp;
 922                         Toggle: <a href=\"javascript:toggleUnread()\">Unread</a>,
 923                                         <a href=\"javascript:toggleStarred()\">Starred</a>";
 924
 925 /*              print "&nbsp;&nbsp;
 926                         View:
 927                                 <a href=\"javascript:limitView('All')\">All</a>,
 928                                 <a href=\"javascript:limitView('Unread')\">Unread</a>,
 929                                 <a href=\"javascript:limitView('Starred')\">Starred</a>
 930                         &nbsp;&nbsp;
 931                         Feed:
 932                                 <a href=\"javascript:updateCurrentFeed()\">Update</a>,
 933                                 <a href=\"javascript:catchupCurrentFeed()\">Mark as read</a>"; */
 934
 935                 print "</td>";
 936
 937                 print "<td class=\"headlineTitle\">";
 938
 939                 if ($feed_site_url) {
 940                         print "<a href=\"$feed_site_url\">$feed_title</a>";
 941                 } else {
 942                         print $feed_title;
 943                 }
 944
 945                 print "</td>";
 946                 print "</tr></table>";
 947
 948                 print "<table class=\"headlinesList\" id=\"headlinesList\" width=\"100%\">";
 949
 950
 951                 if ($feed < -10) error_reporting (0);
 952
 953                 if (sprintf("%d", $feed) != 0) {
 954
 955                         if ($feed > 0) {
 956                                 $feed_kind = "Feeds";
 957                         } else {
 958                                 $feed_kind = "Labels";
 959                         }
 960
 961                         $result = db_query($link, "SELECT
 962                                         id,title,
 963                                         SUBSTRING(updated,1,16) as updated,
 964                                         unread,feed_id,marked,link,last_read,
 965                                         SUBSTRING(last_read,1,19) as last_read_noms,
 966                                         $vfeed_query_part
 967                                         SUBSTRING(updated,1,19) as updated_noms
 968                                 FROM
 969                                         ttrss_entries,ttrss_user_entries
 970                                 WHERE
 971                                 ttrss_user_entries.ref_id = ttrss_entries.id AND
 972                                 owner_uid = '".$_SESSION["uid"]."' AND
 973                                 $search_query_part
 974                                 $view_query_part
 975                                 $query_strategy_part ORDER BY $order_by
 976                                 $limit_query_part");
 977
 978                 } else {
 979                         // browsing by tag
 980
 981                         $feed_kind = "Tags";
 982
 983                         $result = db_query($link, "SELECT
 984                                 ttrss_entries.id as id,title,
 985                                 SUBSTRING(updated,1,16) as updated,
 986                                 unread,feed_id,
 987                                 marked,link,last_read,
 988                                 SUBSTRING(last_read,1,19) as last_read_noms,
 989                                 $vfeed_query_part
 990                                 SUBSTRING(updated,1,19) as updated_noms
 991                                 FROM
 992                                         ttrss_entries,ttrss_user_entries,ttrss_tags
 993                                 WHERE
 994                                         ref_id = ttrss_entries.id AND
 995                                         ttrss_user_entries.owner_uid = '".$_SESSION["uid"]."' AND
 996                                         post_int_id = int_id AND tag_name = '$feed' AND
 997                                         $view_query_part
 998                                         $search_query_part
 999                                         $query_strategy_part ORDER BY $order_by
1000                                 $limit_query_part");
1001                 }
1002
1003                 if (!$result) {
1004                         print "<tr><td colspan='4' align='center'>
1005                                 Could not display feed (query failed). Please check match syntax or local configuration.</td></tr>";
1006                         return;
1007                 }
1008
1009                 $lnum = 0;
1010
1011                 error_reporting (DEFAULT_ERROR_LEVEL);
1012
1013                 $num_unread = 0;
1014
1015                 while ($line = db_fetch_assoc($result)) {
1016
1017                         $class = ($lnum % 2) ? "even" : "odd";
1018
1019                         $id = $line["id"];
1020                         $feed_id = $line["feed_id"];
1021
1022 //                      printf("L %d (%s) &gt; U %d (%s) = %d<br>",
1023 //                              strtotime($line["last_read_noms"]), $line["last_read_noms"],
1024 //                              strtotime($line["updated"]), $line["updated"],
1025 //                              strtotime($line["last_read"]) >= strtotime($line["updated"]));
1026
1027 /*                      if ($line["last_read"] != "" && $line["updated"] != "" &&
1028                                 strtotime($line["last_read_noms"]) < strtotime($line["updated_noms"])) {
1029
1030                                 $update_pic = "<img id='FUPDPIC-$id' src=\"images/updated.png\"
1031                                         alt=\"Updated\">";
1032
1033                         } else {
1034
1035                                 $update_pic = "<img id='FUPDPIC-$id' src=\"images/blank_icon.gif\"
1036                                         alt=\"Updated\">";
1037
1038                         } */
1039
1040                         if ($line["last_read"] == "" &&
1041                                         ($line["unread"] != "t" && $line["unread"] != "1")) {
1042
1043                                 $update_pic = "<img id='FUPDPIC-$id' src=\"images/updated.png\"
1044                                         alt=\"Updated\">";
1045                         } else {
1046                                 $update_pic = "<img id='FUPDPIC-$id' src=\"images/blank_icon.gif\"
1047                                         alt=\"Updated\">";
1048                         }
1049
1050                         if ($line["unread"] == "t" || $line["unread"] == "1") {
1051                                 $class .= "Unread";
1052                                 ++$num_unread;
1053                         }
1054
1055                         if ($line["marked"] == "t" || $line["marked"] == "1") {
1056                                 $marked_pic = "<img id=\"FMARKPIC-$id\" src=\"images/mark_set.png\"
1057                                         alt=\"Reset mark\" onclick='javascript:toggleMark($id, false)'>";
1058                         } else {
1059                                 $marked_pic = "<img id=\"FMARKPIC-$id\" src=\"images/mark_unset.png\"
1060                                         alt=\"Set mark\" onclick='javascript:toggleMark($id, true)'>";
1061                         }
1062
1063                         $content_link = "<a id=\"FTITLE-$id\" href=\"javascript:view($id,$feed_id);\">" .
1064                                 $line["title"] . "</a>";
1065
1066                         print "<tr class='$class' id='RROW-$id'>";
1067                         // onclick=\"javascript:view($id,$feed_id)\">
1068
1069                         print "<td valign='center' align='center'>$update_pic</td>";
1070
1071                         print "<td valign='center' align='center'>
1072                                 <input type=\"checkbox\" onclick=\"toggleSelectRow(this)\"
1073                                         class=\"feedCheckBox\" id=\"RCHK-$id\">
1074                                 </td>";
1075
1076                         print "<td valign='center' align='center'>$marked_pic</td>";
1077
1078                         print "<td width='20%'>
1079                                 <a href=\"javascript:view($id,$feed_id);\">".$line["updated"]."</a></td>";
1080
1081                         if ($line["feed_title"]) {
1082                                 print "<td width='55%'>$content_link</td>";
1083                                 print "<td width='20%'>
1084                                         <a href='javascript:viewfeed($feed_id)'>".$line["feed_title"]."</a></td>";
1085                         } else {
1086                                 print "<td width='75%'>$content_link</td>";
1087                         }
1088
1089                         print "</tr>";
1090
1091                         ++$lnum;
1092                 }
1093
1094                 if ($lnum == 0) {
1095                         print "<tr><td align='center'>No articles found.</td></tr>";
1096                 }
1097
1098                 print "</table>";
1099
1100                 print "<script type=\"text/javascript\">
1101                         document.onkeydown = hotkey_handler;
1102                         update_all_counters('$feed');
1103                 </script>";
1104
1105                 if ($addheader) {
1106                         print "</body></html>";
1107                 }
1108
1109         }
1110
1111         if ($op == "pref-rpc") {
1112
1113                 $subop = $_GET["subop"];
1114
1115                 if ($subop == "unread") {
1116                         $ids = split(",", $_GET["ids"]);
1117                         foreach ($ids as $id) {
1118                                 db_query($link, "UPDATE ttrss_user_entries SET unread = true
1119                                         WHERE feed_id = '$id' AND owner_uid = ".$_SESSION["uid"]);
1120                         }
1121
1122                         print "Marked selected feeds as unread.";
1123                 }
1124
1125                 if ($subop == "read") {
1126                         $ids = split(",", $_GET["ids"]);
1127                         foreach ($ids as $id) {
1128                                 db_query($link, "UPDATE ttrss_user_entries
1129                                         SET unread = false,last_read = NOW() WHERE
1130                                                 feed_id = '$id' AND owner_uid = ".$_SESSION["uid"]);
1131                         }
1132
1133                         print "Marked selected feeds as read.";
1134
1135                 }
1136
1137         }
1138
1139         if ($op == "pref-feeds") {
1140
1141                 $subop = $_GET["subop"];
1142
1143                 if ($subop == "editSave") {
1144                         $feed_title = db_escape_string($_GET["t"]);
1145                         $feed_link = db_escape_string($_GET["l"]);
1146                         $upd_intl = db_escape_string($_GET["ui"]);
1147                         $purge_intl = db_escape_string($_GET["pi"]);
1148                         $feed_id = db_escape_string($_GET["id"]);
1149                         $cat_id = db_escape_string($_GET["catid"]);
1150
1151                         if (strtoupper($upd_intl) == "DEFAULT")
1152                                 $upd_intl = 0;
1153
1154                         if (strtoupper($purge_intl) == "DEFAULT")
1155                                 $purge_intl = 0;
1156
1157                         if (strtoupper($purge_intl) == "DISABLED")
1158                                 $purge_intl = -1;
1159
1160                         if ($cat_id != 0) {
1161                                 $category_qpart = "cat_id = '$cat_id'";
1162                         } else {
1163                                 $category_qpart = 'cat_id = NULL';
1164                         }
1165
1166                         $result = db_query($link, "UPDATE ttrss_feeds SET
1167                                 $category_qpart,
1168                                 title = '$feed_title', feed_url = '$feed_link',
1169                                 update_interval = '$upd_intl',
1170                                 purge_interval = '$purge_intl'
1171                                 WHERE id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]);
1172
1173                 }
1174
1175                 if ($subop == "remove") {
1176
1177                         if (!WEB_DEMO_MODE) {
1178
1179                                 $ids = split(",", $_GET["ids"]);
1180
1181                                 foreach ($ids as $id) {
1182                                         db_query($link, "DELETE FROM ttrss_feeds
1183                                                 WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
1184
1185                                         $icons_dir = ICONS_DIR;
1186
1187                                         if (file_exists($icons_dir . "/$id.ico")) {
1188                                                 unlink($icons_dir . "/$id.ico");
1189                                         }
1190                                 }
1191                         }
1192                 }
1193
1194                 if ($subop == "add") {
1195
1196                         if (!WEB_DEMO_MODE) {
1197
1198                                 $feed_link = db_escape_string(trim($_GET["link"]));
1199
1200                                 $result = db_query($link,
1201                                         "SELECT id FROM ttrss_feeds
1202                                         WHERE feed_url = '$feed_link' AND owner_uid = ".$_SESSION["uid"]);
1203
1204                                 if (db_num_rows($result) == 0) {
1205
1206                                         $result = db_query($link,
1207                                                 "INSERT INTO ttrss_feeds (owner_uid,feed_url,title)
1208                                                 VALUES ('".$_SESSION["uid"]."', '$feed_link', '')");
1209
1210                                         $result = db_query($link,
1211                                         "SELECT id FROM ttrss_feeds WHERE feed_url = '$feed_link'
1212                                                 AND owner_uid = " . $_SESSION["uid"]);
1213
1214                                         $feed_id = db_fetch_result($result, 0, "id");
1215
1216                                         if ($feed_id) {
1217                                                 update_rss_feed($link, $feed_link, $feed_id);
1218                                         }
1219                                 } else {
1220
1221                                         print "<div class=\"warning\">
1222                                                 Feed <b>$feed_link</b> already exists in the database.
1223                                         </div>";
1224                                 }
1225                         }
1226                 }
1227
1228                 if ($subop == "addCat") {
1229
1230                         if (!WEB_DEMO_MODE) {
1231
1232                                 $feed_cat = db_escape_string(trim($_GET["cat"]));
1233
1234                                 $result = db_query($link,
1235                                         "SELECT id FROM ttrss_feed_categories
1236                                         WHERE title = '$feed_cat' AND owner_uid = ".$_SESSION["uid"]);
1237
1238                                 if (db_num_rows($result) == 0) {
1239
1240                                         $result = db_query($link,
1241                                                 "INSERT INTO ttrss_feed_categories (owner_uid,title)
1242                                                 VALUES ('".$_SESSION["uid"]."', '$feed_cat')");
1243
1244                                 } else {
1245
1246                                         print "<div class=\"warning\">
1247                                                 Category <b>$feed_cat</b> already exists in the database.
1248                                         </div>";
1249                                 }
1250
1251
1252                         }
1253                 }
1254
1255                 if ($subop == "removeCats") {
1256
1257                         if (!WEB_DEMO_MODE) {
1258
1259                                 $ids = split(",", $_GET["ids"]);
1260
1261                                 foreach ($ids as $id) {
1262
1263                                         db_query($link, "BEGIN");
1264
1265                                         $result = db_query($link,
1266                                                 "SELECT count(id) as num_feeds FROM ttrss_feeds
1267                                                         WHERE cat_id = '$id'");
1268
1269                                         $num_feeds = db_fetch_result($result, 0, "num_feeds");
1270
1271                                         if ($num_feeds == 0) {
1272                                                 db_query($link, "DELETE FROM ttrss_feed_categories
1273                                                         WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
1274                                         } else {
1275
1276                                                 print "<div class=\"warning\">
1277                                                         Unable to delete non empty feed categories.</div>";
1278
1279                                         }
1280
1281                                         db_query($link, "COMMIT");
1282                                 }
1283                         }
1284                 }
1285
1286 //              print "<h3>Edit Feeds</h3>";
1287
1288                 $result = db_query($link, "SELECT id,title,feed_url,last_error
1289                         FROM ttrss_feeds WHERE last_error != '' AND owner_uid = ".$_SESSION["uid"]);
1290
1291                 if (db_num_rows($result) > 0) {
1292
1293                         print "<div class=\"warning\">";
1294
1295                         print "<b>Feeds with update errors:</b>";
1296
1297                         print "<ul class=\"nomarks\">";
1298
1299                         while ($line = db_fetch_assoc($result)) {
1300                                 print "<li>" . $line["title"] . " (" . $line["feed_url"] . "): " .
1301                                         $line["last_error"];
1302                         }
1303
1304                         print "</ul>";
1305                         print "</div>";
1306
1307                 }
1308
1309                 print "<p><div class=\"prefGenericAddBox\">
1310                         <input id=\"fadd_link\" size=\"40\">&nbsp;<input
1311                                 type=\"submit\" class=\"button\"
1312                                 onclick=\"javascript:addFeed()\" value=\"Add feed\"></div>";
1313
1314                 $feeds_sort = db_escape_string($_GET["sort"]);
1315
1316                 if (!$feeds_sort || $feeds_sort == "undefined") {
1317                         $feeds_sort = $_SESSION["pref_sort_feeds"];
1318                         if (!$feeds_sort) $feeds_sort = "title";
1319                 }
1320
1321                 $_SESSION["pref_sort_feeds"] = $feeds_sort;
1322
1323                 $result = db_query($link, "SELECT
1324                                 id,title,feed_url,substring(last_updated,1,16) as last_updated,
1325                                 update_interval,purge_interval,
1326                                 (SELECT title FROM ttrss_feed_categories
1327                                         WHERE id = cat_id) AS category
1328                         FROM
1329                                 ttrss_feeds WHERE owner_uid = '".$_SESSION["uid"]."'
1330                         ORDER by $feeds_sort,title");
1331
1332                 if (db_num_rows($result) != 0) {
1333
1334                         print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
1335
1336                         print "<p><table width=\"100%\" class=\"prefFeedList\" id=\"prefFeedList\">";
1337                         print "<tr><td class=\"selectPrompt\" colspan=\"8\">
1338                                 Select:
1339                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFeedList',
1340                                                 'FEEDR-', 'FRCHK-', true)\">All</a>,
1341                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFeedList',
1342                                                 'FEEDR-', 'FRCHK-', false)\">None</a>
1343                                 </td</tr>";
1344
1345                         print "<tr class=\"title\">
1346                                                 <td width=\"3%\">&nbsp;</td>
1347                                                 <td width=\"3%\">Select</td>
1348                                                 <td width=\"20%\">
1349                                                         <a href=\"javascript:updateFeedList('title')\">Title</a></td>
1350                                                 <td width=\"20%\">
1351                                                         <a href=\"javascript:updateFeedList('feed_url')\">Link</a>
1352                                                 </td>";
1353
1354                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
1355                                 print "<td width=\"10%\">
1356                                         <a href=\"javascript:updateFeedList('category')\">Category</a></td>";
1357                         }
1358
1359                         print "
1360                                 <td width=\"10%\">
1361                                         <a href=\"javascript:updateFeedList('update_interval')\">Update Interval</a>
1362                                 </td>
1363                                 <td width=\"10%\">
1364                                         <a href=\"javascript:updateFeedList('purge_interval')\">Purge Days</a>
1365                                 </td>
1366                         </tr>";
1367
1368                         $lnum = 0;
1369
1370                         while ($line = db_fetch_assoc($result)) {
1371
1372                                 $class = ($lnum % 2) ? "even" : "odd";
1373
1374                                 $feed_id = $line["id"];
1375
1376                                 $edit_feed_id = $_GET["id"];
1377
1378                                 if ($subop == "edit" && $feed_id != $edit_feed_id) {
1379                                         $class .= "Grayed";
1380                                         $this_row_id = "";
1381                                 } else {
1382                                         $this_row_id = "id=\"FEEDR-$feed_id\"";
1383                                 }
1384
1385                                 print "<tr class=\"$class\" $this_row_id>";
1386
1387                                 $icon_file = ICONS_DIR . "/$feed_id.ico";
1388
1389                                 if (file_exists($icon_file) && filesize($icon_file) > 0) {
1390                                                 $feed_icon = "<img width=\"16\" height=\"16\"
1391                                                         src=\"" . ICONS_URL . "/$feed_id.ico\">";
1392                                 } else {
1393                                         $feed_icon = "&nbsp;";
1394                                 }
1395                                 print "<td align='center'>$feed_icon</td>";
1396
1397                                 $edit_title = htmlspecialchars(db_unescape_string($line["title"]));
1398                                 $edit_link = htmlspecialchars(db_unescape_string($line["feed_url"]));
1399                                 $edit_cat = htmlspecialchars(db_unescape_string($line["category"]));
1400
1401                                 if (!$edit_cat) $edit_cat = "Uncategorized";
1402
1403                                 if (!$edit_feed_id || $subop != "edit") {
1404
1405                                         print "<td><input onclick='toggleSelectRow(this);'
1406                                         type=\"checkbox\" id=\"FRCHK-".$line["id"]."\"></td>";
1407
1408                                         $edit_title = truncate_string($edit_title, 40);
1409                                         $edit_link = truncate_string($edit_link, 60);
1410
1411                                         print "<td><a href=\"javascript:editFeed($feed_id);\">" .
1412                                                 $edit_title . "</a></td>";
1413
1414                                         print "<td><a href=\"javascript:editFeed($feed_id);\">" .
1415                                                 $edit_link . "</a></td>";
1416
1417                                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
1418                                                 print "<td><a href=\"javascript:editFeed($feed_id);\">" .
1419                                                         $edit_cat . "</a></td>";
1420                                         }
1421
1422                                         if ($line["update_interval"] == "0")
1423                                                 $line["update_interval"] = "Default";
1424
1425                                         print "<td><a href=\"javascript:editFeed($feed_id);\">" .
1426                                                 $line["update_interval"] . "</a></td>";
1427
1428                                         if ($line["purge_interval"] == "0")
1429                                                 $line["purge_interval"] = "Default";
1430
1431                                         if ($line["purge_interval"] < 0)
1432                                                 $line["purge_interval"] = "Disabled";
1433
1434                                         print "<td><a href=\"javascript:editFeed($feed_id);\">" .
1435                                                 $line["purge_interval"] . "</a></td>";
1436
1437                                 } else if ($feed_id != $edit_feed_id) {
1438
1439                                         print "<td><input disabled=\"true\" type=\"checkbox\"
1440                                                 id=\"FRCHK-".$line["id"]."\"></td>";
1441
1442                                         $edit_title = truncate_string($edit_title, 40);
1443                                         $edit_link = truncate_string($edit_link, 60);
1444
1445                                         print "<td>$edit_title</td>";
1446                                         print "<td>$edit_link</td>";
1447
1448                                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
1449                                                 print "<td>$edit_cat</td>";
1450                                         }
1451
1452                                         if ($line["update_interval"] == "0")
1453                                                 $line["update_interval"] = "Default";
1454
1455                                         print "<td>" . $line["update_interval"] . "</td>";
1456
1457                                         if ($line["purge_interval"] == "0")
1458                                                 $line["purge_interval"] = "Default";
1459
1460                                         if ($line["purge_interval"] < 0)
1461                                                 $line["purge_interval"] = "Disabled";
1462
1463                                         print "<td>" . $line["purge_interval"] . "</td>";
1464
1465                                 } else {
1466
1467                                         print "<td><input disabled=\"true\" type=\"checkbox\" checked></td>";
1468
1469                                         print "<td><input id=\"iedit_title\" value=\"$edit_title\"></td>";
1470                                         print "<td><input id=\"iedit_link\" value=\"$edit_link\"></td>";
1471
1472                                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
1473
1474                                                 print "<td>";
1475                                                 print "<select id=\"iedit_fcat\">";
1476                                                 print "<option id=\"0\">Uncategorized</option>";
1477
1478                                                 $tmp_result = db_query($link, "SELECT id,title FROM ttrss_feed_categories
1479                                                         WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY title");
1480
1481                                                 if (db_num_rows($tmp_result) > 0) {
1482                                                         print "<option disabled>--------</option>";
1483                                                 }
1484
1485                                                 while ($tmp_line = db_fetch_assoc($tmp_result)) {
1486                                                         if ($tmp_line["id"] == $line["cat_id"]) {
1487                                                                 $is_selected = "selected";
1488                                                         } else {
1489                                                                 $is_selected = "";
1490                                                         }
1491                                                         printf("<option $is_selected id='%d'>%s</option>",
1492                                                                 $tmp_line["id"], $tmp_line["title"]);
1493                                                 }
1494
1495                                                 print "</select></td>";
1496                                                 print "</td>";
1497
1498                                         }
1499
1500                                         print "<td><input id=\"iedit_updintl\"
1501                                                 value=\"".$line["update_interval"]."\"></td>";
1502                                         print "<td><input id=\"iedit_purgintl\"
1503                                                 value=\"".$line["purge_interval"]."\"></td>";
1504
1505                                 }
1506
1507 /*                              if (!$line["last_updated"]) $line["last_updated"] = "Never";
1508
1509                                 print "<td>" . $line["last_updated"] . "</td>"; */
1510
1511                                 print "</tr>";
1512
1513                                 ++$lnum;
1514                         }
1515
1516                         print "</table>";
1517
1518                         print "<p>";
1519
1520                         if ($subop == "edit") {
1521                                 print "Edit feed:&nbsp;
1522                                         <input type=\"submit\" class=\"button\"
1523                                                 onclick=\"javascript:feedEditCancel()\" value=\"Cancel\">
1524                                         <input type=\"submit\" class=\"button\"
1525                                                 onclick=\"javascript:feedEditSave()\" value=\"Save\">";
1526                         } else {
1527
1528                                 print "
1529                                         Selection:&nbsp;
1530                                 <input type=\"submit\" class=\"button\"
1531                                         onclick=\"javascript:selectedFeedDetails()\" value=\"Details\">
1532                                 <input type=\"submit\" class=\"button\"
1533                                         onclick=\"javascript:editSelectedFeed()\" value=\"Edit\">
1534                                 <input type=\"submit\" class=\"button\"
1535                                         onclick=\"javascript:removeSelectedFeeds()\" value=\"Remove\">";
1536
1537                                 if (get_pref($link, 'ENABLE_PREFS_CATCHUP_UNCATCHUP')) {
1538                                         print "
1539                                         <input type=\"submit\" class=\"button\"
1540                                                 onclick=\"javascript:readSelectedFeeds(true)\" value=\"Mark as read\">
1541                                         <input type=\"submit\" class=\"button\"
1542                                                 onclick=\"javascript:readSelectedFeeds(false)\"
1543                                                 value=\"Mark as unread\">&nbsp;";
1544                                 }
1545
1546                                 print "
1547                                         All feeds: <input type=\"submit\"
1548                                                         class=\"button\" onclick=\"gotoExportOpml()\"
1549                                                         value=\"Export OPML\">";
1550                                 }
1551                 } else {
1552
1553                         print "<p>No feeds defined.</p>";
1554
1555                 }
1556
1557                 if (get_pref($link, 'ENABLE_FEED_CATS')) {
1558
1559                         print "<h3>Edit Categories</h3>";
1560
1561         //              print "<h3>Categories</h3>";
1562
1563                         print "<div class=\"prefGenericAddBox\">
1564                                 <input id=\"fadd_cat\" size=\"40\">&nbsp;<input
1565                                         type=\"submit\" class=\"button\"
1566                                         onclick=\"javascript:addFeedCat()\" value=\"Add category\"></div>";
1567
1568                         $result = db_query($link, "SELECT title,id FROM ttrss_feed_categories
1569                                 WHERE owner_uid = ".$_SESSION["uid"]."
1570                                 ORDER BY title");
1571
1572                         if (db_num_rows($result) != 0) {
1573
1574                                 print "<p><table width=\"100%\" class=\"prefFeedCatList\"
1575                                         id=\"prefFeedCatList\">";
1576
1577                                 print "<tr><td class=\"selectPrompt\" colspan=\"8\">
1578                                 Select:
1579                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFeedCatList',
1580                                                 'FCATR-', 'FCCHK-', true)\">All</a>,
1581                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFeedCatList',
1582                                                 'FCATR-', 'FCCHK-', false)\">None</a>
1583                                 </td</tr>";
1584
1585                                 print "<tr class=\"title\">
1586                                                         <td width=\"10%\">Select</td><td width=\"80%\">Title</td>
1587                                                 </tr>";
1588
1589                                 $lnum = 0;
1590
1591                                 while ($line = db_fetch_assoc($result)) {
1592
1593                                         $class = ($lnum % 2) ? "even" : "odd";
1594
1595                                         $cat_id = $line["id"];
1596
1597                                         $edit_cat_id = $_GET["id"];
1598
1599                                         if ($subop == "editCat" && $cat_id != $edit_cat_id) {
1600                                                 $class .= "Grayed";
1601                                                 $this_row_id = "";
1602                                         } else {
1603                                                 $this_row_id = "id=\"FCATR-$cat_id\"";
1604                                         }
1605
1606                                         print "<tr class=\"$class\" $this_row_id>";
1607
1608                                         $edit_title = htmlspecialchars(db_unescape_string($line["title"]));
1609
1610                                         if (!$edit_cat_id || $subop != "editCat") {
1611
1612                                                 print "<td><input onclick='toggleSelectRow(this);'
1613                                                 type=\"checkbox\" id=\"FCCHK-".$line["id"]."\"></td>";
1614
1615                                                 print "<td><a href=\"javascript:editFeedCat($cat_id);\">" .
1616                                                         $edit_title . "</a></td>";
1617
1618                                         } else if ($cat_id != $edit_cat_id) {
1619
1620                                                 print "<td><input disabled=\"true\" type=\"checkbox\"
1621                                                         id=\"FRCHK-".$line["id"]."\"></td>";
1622
1623                                                 print "<td>$edit_title</td>";
1624
1625                                         } else {
1626
1627                                                 print "<td><input disabled=\"true\" type=\"checkbox\" checked></td>";
1628
1629                                                 print "<td><input id=\"iedit_title\" value=\"$edit_title\"></td>";
1630
1631                                         }
1632
1633                                         print "</tr>";
1634
1635                                         ++$lnum;
1636                                 }
1637
1638                                 print "</table>";
1639
1640                                 print "<p>";
1641
1642                                 if ($subop == "editCat") {
1643                                         print "Edit category:&nbsp;
1644                                                 <input type=\"submit\" class=\"button\"
1645                                                         onclick=\"javascript:feedCatEditCancel()\" value=\"Cancel\">
1646                                                 <input type=\"submit\" class=\"button\"
1647                                                         onclick=\"javascript:feedCatEditSave()\" value=\"Save\">";
1648                                         } else {
1649
1650                                         print "
1651                                                 Selection:&nbsp;
1652                                         <input type=\"submit\" class=\"button\"
1653                                                 onclick=\"javascript:editSelectedFeedCat()\" value=\"Edit\">
1654                                         <input type=\"submit\" class=\"button\"
1655                                                 onclick=\"javascript:removeSelectedFeedCats()\" value=\"Remove\">";
1656
1657                                 }
1658
1659                         } else {
1660                                 print "<p>No feed categories defined.</p>";
1661                         }
1662                 }
1663
1664                 print "<h3>Import OPML</h3>
1665                 <form   enctype=\"multipart/form-data\" method=\"POST\" action=\"opml.php\">
1666                         File: <input id=\"opml_file\" name=\"opml_file\" type=\"file\">&nbsp;
1667                         <input class=\"button\" name=\"op\" onclick=\"return validateOpmlImport();\"
1668                                 type=\"submit\" value=\"Import\">
1669                         </form>";
1670
1671         }
1672
1673         if ($op == "pref-filters") {
1674
1675                 $subop = $_GET["subop"];
1676
1677                 if ($subop == "editSave") {
1678
1679                         $regexp = db_escape_string($_GET["r"]);
1680                         $descr = db_escape_string($_GET["d"]);
1681                         $match = db_escape_string($_GET["m"]);
1682                         $filter_id = db_escape_string($_GET["id"]);
1683                         $feed_id = db_escape_string($_GET["fid"]);
1684
1685                         if (!$feed_id) {
1686                                 $feed_id = 'NULL';
1687                         } else {
1688                                 $feed_id = sprintf("'%s'", db_escape_string($feed_id));
1689                         }
1690
1691                         $result = db_query($link, "UPDATE ttrss_filters SET
1692                                 reg_exp = '$regexp',
1693                                 description = '$descr',
1694                                 feed_id = $feed_id,
1695                                 filter_type = (SELECT id FROM ttrss_filter_types WHERE
1696                                         description = '$match')
1697                                 WHERE id = '$filter_id'");
1698                 }
1699
1700                 if ($subop == "remove") {
1701
1702                         if (!WEB_DEMO_MODE) {
1703
1704                                 $ids = split(",", $_GET["ids"]);
1705
1706                                 foreach ($ids as $id) {
1707                                         db_query($link, "DELETE FROM ttrss_filters WHERE id = '$id'");
1708
1709                                 }
1710                         }
1711                 }
1712
1713                 if ($subop == "add") {
1714
1715                         if (!WEB_DEMO_MODE) {
1716
1717                                 $regexp = db_escape_string(trim($_GET["regexp"]));
1718                                 $match = db_escape_string(trim($_GET["match"]));
1719                                 $feed_id = db_escape_string($_GET["fid"]);
1720
1721                                 if (!$feed_id) {
1722                                         $feed_id = 'NULL';
1723                                 } else {
1724                                         $feed_id = sprintf("'%s'", db_escape_string($feed_id));
1725                                 }
1726
1727                                 $result = db_query($link,
1728                                         "INSERT INTO ttrss_filters (reg_exp,filter_type,owner_uid,feed_id) VALUES
1729                                                 ('$regexp', (SELECT id FROM ttrss_filter_types WHERE
1730                                                         description = '$match'),'".$_SESSION["uid"]."', $feed_id)");
1731                         }
1732                 }
1733
1734                 $result = db_query($link, "SELECT description
1735                         FROM ttrss_filter_types ORDER BY description");
1736
1737                 $filter_types = array();
1738
1739                 while ($line = db_fetch_assoc($result)) {
1740                         array_push($filter_types, $line["description"]);
1741                 }
1742
1743                 print "<div class=\"prefGenericAddBox\">
1744                 <input id=\"fadd_regexp\" size=\"40\">&nbsp;";
1745
1746                 print_select("fadd_match", "Title", $filter_types);
1747
1748                 print "&nbsp;<select id=\"fadd_feed\">";
1749
1750                 print "<option selected id=\"0\">All feeds</option>";
1751
1752                 $result = db_query($link, "SELECT id,title FROM ttrss_feeds
1753                         WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY title");
1754
1755                 if (db_num_rows($result) > 0) {
1756                         print "<option disabled>--------</option>";
1757                 }
1758
1759                 while ($line = db_fetch_assoc($result)) {
1760                         printf("<option id='%d'>%s</option>", $line["id"], $line["title"]);
1761                 }
1762
1763                 print "</select>&nbsp;";
1764
1765                 print "<input type=\"submit\"
1766                         class=\"button\" onclick=\"javascript:addFilter()\"
1767                         value=\"Add filter\">";
1768
1769                 $result = db_query($link, "SELECT
1770                                 ttrss_filters.id AS id,reg_exp,
1771                                 ttrss_filters.description AS description,
1772                                 ttrss_filter_types.name AS filter_type_name,
1773                                 ttrss_filter_types.description AS filter_type_descr,
1774                                 feed_id,
1775                                 (SELECT title FROM ttrss_feeds WHERE id = feed_id) AS feed_title
1776                         FROM
1777                                 ttrss_filters,ttrss_filter_types
1778                         WHERE
1779                                 filter_type = ttrss_filter_types.id AND
1780                                 ttrss_filters.owner_uid = ".$_SESSION["uid"]."
1781                         ORDER by reg_exp");
1782
1783                 if (db_num_rows($result) != 0) {
1784
1785                         print "<p><table width=\"100%\" class=\"prefFilterList\" id=\"prefFilterList\">";
1786
1787                         print "<tr><td class=\"selectPrompt\" colspan=\"8\">
1788                                 Select:
1789                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFilterList',
1790                                                 'FILRR-', 'FICHK-', true)\">All</a>,
1791                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFilterList',
1792                                                 'FILRR-', 'FICHK-', false)\">None</a>
1793                                 </td</tr>";
1794
1795                         print "<tr class=\"title\">
1796                                                 <td width=\"5%\">Select</td><td width=\"30%\">Filter expression</td>
1797                                                 <td width=\"30%\">Feed</td><td width=\"10%\">Match</td>
1798                                                 <td width=\"30%\">Description</td></tr>";
1799
1800                         $lnum = 0;
1801
1802                         while ($line = db_fetch_assoc($result)) {
1803
1804                                 $class = ($lnum % 2) ? "even" : "odd";
1805
1806                                 $filter_id = $line["id"];
1807                                 $edit_filter_id = $_GET["id"];
1808
1809                                 if ($subop == "edit" && $filter_id != $edit_filter_id) {
1810                                         $class .= "Grayed";
1811                                         $this_row_id = "";
1812                                 } else {
1813                                         $this_row_id = "id=\"FILRR-$filter_id\"";
1814                                 }
1815
1816                                 print "<tr class=\"$class\" $this_row_id>";
1817
1818                                 $line["regexp"] = htmlspecialchars($line["reg_exp"]);
1819                                 $line["description"] = htmlspecialchars($line["description"]);
1820
1821                                 if (!$line["feed_title"]) $line["feed_title"] = "All feeds";
1822
1823                                 if (!$edit_filter_id || $subop != "edit") {
1824
1825                                         if (!$line["description"]) $line["description"] = "[No description]";
1826
1827                                         print "<td><input onclick='toggleSelectRow(this);'
1828                                         type=\"checkbox\" id=\"FICHK-".$line["id"]."\"></td>";
1829
1830                                         print "<td><a href=\"javascript:editFilter($filter_id);\">" .
1831                                                 $line["reg_exp"] . "</td>";
1832
1833                                         print "<td><a href=\"javascript:editFilter($filter_id);\">" .
1834                                                 $line["feed_title"] . "</td>";
1835
1836                                         print "<td><a href=\"javascript:editFilter($filter_id);\">" .
1837                                                 $line["filter_type_descr"] . "</td>";
1838
1839                                         print "<td><a href=\"javascript:editFilter($filter_id);\">" .
1840                                                 $line["description"] . "</td>";
1841
1842                                 } else if ($filter_id != $edit_filter_id) {
1843
1844                                         if (!$line["description"]) $line["description"] = "[No description]";
1845
1846                                         print "<td><input disabled=\"true\" type=\"checkbox\"
1847                                                 id=\"FICHK-".$line["id"]."\"></td>";
1848
1849                                         print "<td>".$line["reg_exp"]."</td>";
1850                                         print "<td>".$line["feed_title"]."</td>";
1851                                         print "<td>".$line["filter_type_descr"]."</td>";
1852                                         print "<td>".$line["description"]."</td>";
1853
1854                                 } else {
1855
1856                                         print "<td><input disabled=\"true\" type=\"checkbox\" checked></td>";
1857
1858                                         print "<td><input id=\"iedit_regexp\" value=\"".$line["reg_exp"].
1859                                                 "\"></td>";
1860
1861                                         print "<td>";
1862
1863                                         print "<select id=\"iedit_feed\">";
1864
1865                                         print "<option id=\"0\">All feeds</option>";
1866
1867                                         if (db_num_rows($result) > 0) {
1868                                                 print "<option disabled>--------</option>";
1869                                         }
1870
1871                                         $tmp_result = db_query($link, "SELECT id,title FROM ttrss_feeds
1872                                                 WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY title");
1873
1874                                         while ($tmp_line = db_fetch_assoc($tmp_result)) {
1875                                                 if ($tmp_line["id"] == $line["feed_id"]) {
1876                                                         $is_selected = "selected";
1877                                                 } else {
1878                                                         $is_selected = "";
1879                                                 }
1880                                                 printf("<option $is_selected id='%d'>%s</option>",
1881                                                         $tmp_line["id"], $tmp_line["title"]);
1882                                         }
1883
1884                                         print "</select></td>";
1885
1886                                         print "<td>";
1887                                         print_select("iedit_match", $line["filter_type_descr"], $filter_types);
1888                                         print "</td>";
1889
1890                                         print "<td><input id=\"iedit_descr\" value=\"".$line["description"].
1891                                                 "\"></td>";
1892
1893                                         print "</td>";
1894                                 }
1895
1896                                 print "</tr>";
1897
1898                                 ++$lnum;
1899                         }
1900
1901                         if ($lnum == 0) {
1902                                 print "<tr><td colspan=\"4\" align=\"center\">No filters defined.</td></tr>";
1903                         }
1904
1905                         print "</table>";
1906
1907                         print "<p>";
1908
1909                         if ($subop == "edit") {
1910                                 print "Edit feed:
1911                                         <input type=\"submit\" class=\"button\"
1912                                                 onclick=\"javascript:filterEditCancel()\" value=\"Cancel\">
1913                                         <input type=\"submit\" class=\"button\"
1914                                                 onclick=\"javascript:filterEditSave()\" value=\"Save\">";
1915
1916                         } else {
1917
1918                                 print "
1919                                         Selection:
1920                                 <input type=\"submit\" class=\"button\"
1921                                         onclick=\"javascript:editSelectedFilter()\" value=\"Edit\">
1922                                 <input type=\"submit\" class=\"button\"
1923                                         onclick=\"javascript:removeSelectedFilters()\" value=\"Remove\">";
1924                         }
1925
1926                 } else {
1927
1928                         print "<p>No filters defined.</p>";
1929
1930                 }
1931         }
1932
1933         if ($op == "pref-labels") {
1934
1935                 $subop = $_GET["subop"];
1936
1937                 if ($subop == "test") {
1938
1939                         $expr = $_GET["expr"];
1940                         $descr = $_GET["descr"];
1941
1942                         print "<div class='infoBoxContents'>";
1943
1944                         print "<h1>Label &laquo;$descr&raquo;</h1>";
1945
1946 //                      print "<p><b>Expression</b>: $expr</p>";
1947
1948                         $result = db_query($link,
1949                                 "SELECT count(id) AS num_matches
1950                                         FROM ttrss_entries,ttrss_user_entries
1951                                         WHERE ($expr) AND
1952                                                 ttrss_user_entries.ref_id = ttrss_entries.id AND
1953                                                 owner_uid = " . $_SESSION["uid"]);
1954
1955                         $num_matches = db_fetch_result($result, 0, "num_matches");;
1956
1957                         if ($num_matches > 0) {
1958
1959                                 print "<p>Query returned <b>$num_matches</b> matches, first 5 follow:</p>";
1960
1961                                 $result = db_query($link,
1962                                         "SELECT title,
1963                                                 (SELECT title FROM ttrss_feeds WHERE id = feed_id) AS feed_title
1964                                         FROM ttrss_entries,ttrss_user_entries
1965                                                         WHERE ($expr) AND
1966                                                         ttrss_user_entries.ref_id = ttrss_entries.id
1967                                                         AND owner_uid = " . $_SESSION["uid"] . "
1968                                                         ORDER BY date_entered DESC LIMIT 5");
1969
1970                                 print "<ul class=\"nomarks\">";
1971                                 while ($line = db_fetch_assoc($result)) {
1972                                         print "<li>".$line["title"].
1973                                                 " <span class=\"insensitive\">(".$line["feed_title"].")</span></li>";
1974                                 }
1975                                 print "</ul>";
1976
1977                         } else {
1978                                 print "<p>Query didn't return any matches.</p>";
1979                         }
1980
1981                         print "</div>";
1982
1983                         print "<div align='center'>
1984                                 <input type='submit' class='button'
1985                                 onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
1986                         return;
1987                 }
1988
1989                 if ($subop == "editSave") {
1990
1991                         $sql_exp = $_GET["s"];
1992                         $descr = $_GET["d"];
1993                         $label_id = db_escape_string($_GET["id"]);
1994
1995 //                      print "$sql_exp : $descr : $label_id";
1996
1997                         $result = db_query($link, "UPDATE ttrss_labels SET
1998                                 sql_exp = '$sql_exp',
1999                                 description = '$descr'
2000                                 WHERE id = '$label_id'");
2001                 }
2002
2003                 if ($subop == "remove") {
2004
2005                         if (!WEB_DEMO_MODE) {
2006
2007                                 $ids = split(",", $_GET["ids"]);
2008
2009                                 foreach ($ids as $id) {
2010                                         db_query($link, "DELETE FROM ttrss_labels WHERE id = '$id'");
2011
2012                                 }
2013                         }
2014                 }
2015
2016                 if ($subop == "add") {
2017
2018                         if (!WEB_DEMO_MODE) {
2019
2020                                 // no escaping is done here on purpose
2021                                 $exp = trim($_GET["exp"]);
2022
2023                                 $result = db_query($link,
2024                                         "INSERT INTO ttrss_labels (sql_exp,description,owner_uid)
2025                                                 VALUES ('$exp', '$exp', '".$_SESSION["uid"]."')");
2026                         }
2027                 }
2028
2029                 print "<div class=\"prefGenericAddBox\">
2030                         <input size=\"40\" id=\"ladd_expr\">&nbsp;";
2031
2032                 print"<input type=\"submit\" class=\"button\"
2033                         onclick=\"javascript:addLabel()\" value=\"Add label\"></div>";
2034
2035                 $result = db_query($link, "SELECT
2036                                 id,sql_exp,description
2037                         FROM
2038                                 ttrss_labels
2039                         WHERE
2040                                 owner_uid = ".$_SESSION["uid"]."
2041                         ORDER by description");
2042
2043                 print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
2044
2045                 if (db_num_rows($result) != 0) {
2046
2047                         print "<p><table width=\"100%\" class=\"prefLabelList\" id=\"prefLabelList\">";
2048
2049                         print "<tr><td class=\"selectPrompt\" colspan=\"8\">
2050                                 Select:
2051                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefLabelList',
2052                                                 'LILRR-', 'LICHK-', true)\">All</a>,
2053                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefLabelList',
2054                                                 'LILRR-', 'LICHK-', false)\">None</a>
2055                                 </td</tr>";
2056
2057                         print "<tr class=\"title\">
2058                                                 <td width=\"5%\">Select</td><td width=\"40%\">SQL expression
2059                                                 <a class=\"helpLink\" href=\"javascript:displayHelpInfobox(1)\">(?)</a>
2060                                                 </td>
2061                                                 <td width=\"40%\">Caption</td></tr>";
2062
2063                         $lnum = 0;
2064
2065                         while ($line = db_fetch_assoc($result)) {
2066
2067                                 $class = ($lnum % 2) ? "even" : "odd";
2068
2069                                 $label_id = $line["id"];
2070                                 $edit_label_id = $_GET["id"];
2071
2072                                 if ($subop == "edit" && $label_id != $edit_label_id) {
2073                                         $class .= "Grayed";
2074                                         $this_row_id = "";
2075                                 } else {
2076                                         $this_row_id = "id=\"LILRR-$label_id\"";
2077                                 }
2078
2079                                 print "<tr class=\"$class\" $this_row_id>";
2080
2081                                 $line["sql_exp"] = htmlspecialchars($line["sql_exp"]);
2082                                 $line["description"] = htmlspecialchars($line["description"]);
2083
2084                                 if (!$edit_label_id || $subop != "edit") {
2085
2086                                         if (!$line["description"]) $line["description"] = "[No caption]";
2087
2088                                         print "<td><input onclick='toggleSelectRow(this);'
2089                                         type=\"checkbox\" id=\"LICHK-".$line["id"]."\"></td>";
2090
2091                                         print "<td><a href=\"javascript:editLabel($label_id);\">" .
2092                                                 $line["sql_exp"] . "</td>";
2093
2094                                         print "<td><a href=\"javascript:editLabel($label_id);\">" .
2095                                                 $line["description"] . "</td>";
2096
2097                                 } else if ($label_id != $edit_label_id) {
2098
2099                                         if (!$line["description"]) $line["description"] = "[No description]";
2100
2101                                         print "<td><input disabled=\"true\" type=\"checkbox\"
2102                                                 id=\"LICHK-".$line["id"]."\"></td>";
2103
2104                                         print "<td>".$line["sql_exp"]."</td>";
2105                                         print "<td>".$line["description"]."</td>";
2106
2107                                 } else {
2108
2109                                         print "<td><input disabled=\"true\" type=\"checkbox\" checked></td>";
2110
2111                                         print "<td><input id=\"iedit_expr\" value=\"".$line["sql_exp"].
2112                                                 "\"></td>";
2113
2114                                         print "<td><input id=\"iedit_descr\" value=\"".$line["description"].
2115                                                 "\"></td>";
2116
2117                                 }
2118
2119
2120                                 print "</tr>";
2121
2122                                 ++$lnum;
2123                         }
2124
2125                         if ($lnum == 0) {
2126                                 print "<tr><td colspan=\"4\" align=\"center\">No labels defined.</td></tr>";
2127                         }
2128
2129                         print "</table>";
2130
2131                         print "<p>";
2132
2133                         if ($subop == "edit") {
2134                                 print "Edit label:
2135                                         <input type=\"submit\" class=\"button\"
2136                                                 onclick=\"javascript:labelTest()\" value=\"Test\">
2137                                         <input type=\"submit\" class=\"button\"
2138                                                 onclick=\"javascript:labelEditCancel()\" value=\"Cancel\">
2139                                         <input type=\"submit\" class=\"button\"
2140                                                 onclick=\"javascript:labelEditSave()\" value=\"Save\">";
2141
2142                         } else {
2143
2144                                 print "
2145                                         Selection:
2146                                 <input type=\"submit\" class=\"button\"
2147                                         onclick=\"javascript:editSelectedLabel()\" value=\"Edit\">
2148                                 <input type=\"submit\" class=\"button\"
2149                                         onclick=\"javascript:removeSelectedLabels()\" value=\"Remove\">";
2150                         }
2151                 } else {
2152                         print "<p>No labels defined.</p>";
2153                 }
2154         }
2155
2156         if ($op == "error") {
2157                 print "<div width=\"100%\" align='center'>";
2158                 $msg = $_GET["msg"];
2159                 print $msg;
2160                 print "</div>";
2161         }
2162
2163         if ($op == "help") {
2164                 if (!$_GET["noheaders"]) {
2165                         print "<html><head>
2166                                 <title>Tiny Tiny RSS : Help</title>
2167                                 <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">
2168                                 <script type=\"text/javascript\" src=\"functions.js\"></script>
2169                                 <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
2170                                 </head><body>";
2171                 }
2172
2173                 $tid = sprintf("%d", $_GET["tid"]);
2174
2175                 print "<div class='infoBoxContents'>";
2176
2177                 if (file_exists("help/$tid.php")) {
2178                         include("help/$tid.php");
2179                 } else {
2180                         print "<p>Help topic not found.</p>";
2181                 }
2182
2183                 print "</div>";
2184
2185                 print "<div align='center'>
2186                         <input type='submit' class='button'
2187                         onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
2188
2189                 if (!$_GET["noheaders"]) {
2190                         print "</body></html>";
2191                 }
2192
2193         }
2194
2195         if ($op == "dlg") {
2196                 $id = $_GET["id"];
2197                 $param = $_GET["param"];
2198
2199                 if ($id == "quickAddFeed") {
2200                         print "
2201                         Feed URL: <input
2202                         onblur=\"javascript:enableHotkeys()\" onfocus=\"javascript:disableHotkeys()\"
2203                         id=\"qafInput\">
2204                         <input class=\"button\"
2205                                 type=\"submit\" onclick=\"javascript:qafAdd()\" value=\"Add feed\">
2206                         <input class=\"button\"
2207                                 type=\"submit\" onclick=\"javascript:closeDlg()\"
2208                                 value=\"Cancel\">";
2209                 }
2210
2211                 if ($id == "quickDelFeed") {
2212
2213                         $param = db_escape_string($param);
2214
2215                         $result = db_query($link, "SELECT title FROM ttrss_feeds WHERE id = '$param'");
2216
2217                         if ($result) {
2218
2219                                 $f_title = db_fetch_result($result, 0, "title");
2220
2221                                 print "Remove current feed (<b>$f_title</b>)?&nbsp;
2222                                 <input class=\"button\"
2223                                         type=\"submit\" onclick=\"javascript:qfdDelete($param)\" value=\"Remove\">
2224                                 <input class=\"button\"
2225                                         type=\"submit\" onclick=\"javascript:closeDlg()\"
2226                                         value=\"Cancel\">";
2227                         } else {
2228                                 print "Error: Feed $param not found.&nbsp;
2229                                 <input class=\"button\"
2230                                         type=\"submit\" onclick=\"javascript:closeDlg()\"
2231                                         value=\"Cancel\">";
2232                         }
2233                 }
2234
2235                 if ($id == "search") {
2236
2237                         print "<input id=\"searchbox\" class=\"extSearch\"
2238                         onblur=\"javascript:enableHotkeys()\" onfocus=\"javascript:disableHotkeys()\"
2239                         onchange=\"javascript:search()\">
2240                         <select id=\"searchmodebox\">
2241                                 <option selected>All feeds</option>
2242                                 <option>This feed</option>
2243                         </select>
2244                         <input type=\"submit\"
2245                                 class=\"button\" onclick=\"javascript:search()\" value=\"Search\">
2246                         <input class=\"button\"
2247                                 type=\"submit\" onclick=\"javascript:closeDlg()\"
2248                                 value=\"Close\">";
2249
2250                 }
2251
2252         }
2253
2254         // update feeds of all users, may be used anonymously
2255         if ($op == "globalUpdateFeeds") {
2256
2257                 $result = db_query($link, "SELECT id FROM ttrss_users");
2258
2259                 while ($line = db_fetch_assoc($result)) {
2260                         $user_id = $line["id"];
2261 //                      print "<!-- updating feeds of uid $user_id -->";
2262                         update_all_feeds($link, false, $user_id);
2263                 }
2264
2265                 print "<rpc-reply>
2266                         <message msg=\"All feeds updated\"/>
2267                 </rpc-reply>";
2268
2269         }
2270
2271         if ($op == "pref-prefs") {
2272
2273                 $subop = $_REQUEST["subop"];
2274
2275                 if ($subop == "Save configuration") {
2276
2277                         if (WEB_DEMO_MODE) {
2278                                 header("Location: prefs.php");
2279                                 return;
2280                         }
2281
2282                         $_SESSION["prefs_op_result"] = "save-config";
2283
2284                         foreach (array_keys($_POST) as $pref_name) {
2285
2286                                 $pref_name = db_escape_string($pref_name);
2287                                 $value = db_escape_string($_POST[$pref_name]);
2288
2289                                 $result = db_query($link, "SELECT type_name
2290                                         FROM ttrss_prefs,ttrss_prefs_types
2291                                         WHERE pref_name = '$pref_name' AND type_id = ttrss_prefs_types.id");
2292
2293                                 if (db_num_rows($result) > 0) {
2294
2295                                         $type_name = db_fetch_result($result, 0, "type_name");
2296
2297 //                                      print "$pref_name : $type_name : $value<br>";
2298
2299                                         if ($type_name == "bool") {
2300                                                 if ($value == "1") {
2301                                                         $value = "true";
2302                                                 } else {
2303                                                         $value = "false";
2304                                                 }
2305                                         } else if ($type_name == "integer") {
2306                                                 $value = sprintf("%d", $value);
2307                                         }
2308
2309 //                                      print "$pref_name : $type_name : $value<br>";
2310
2311                                         db_query($link, "UPDATE ttrss_user_prefs SET value = '$value'
2312                                                 WHERE pref_name = '$pref_name' AND owner_uid = ".$_SESSION["uid"]);
2313
2314                                 }
2315
2316                                 header("Location: prefs.php");
2317
2318                         }
2319
2320                 } else if ($subop == "getHelp") {
2321
2322                         $pref_name = db_escape_string($_GET["pn"]);
2323
2324                         $result = db_query($link, "SELECT help_text FROM ttrss_prefs
2325                                 WHERE pref_name = '$pref_name'");
2326
2327                         if (db_num_rows($result) > 0) {
2328                                 $help_text = db_fetch_result($result, 0, "help_text");
2329                                 print $help_text;
2330                         } else {
2331                                 print "Unknown option: $pref_name";
2332                         }
2333
2334                 } else if ($subop == "Change password") {
2335
2336                         if (WEB_DEMO_MODE) {
2337                                 header("Location: prefs.php");
2338                                 return;
2339                         }
2340
2341                         $old_pw = $_POST["OLD_PASSWORD"];
2342                         $new_pw = $_POST["OLD_PASSWORD"];
2343
2344                         $old_pw_hash = 'SHA1:' . sha1($_POST["OLD_PASSWORD"]);
2345                         $new_pw_hash = 'SHA1:' . sha1($_POST["NEW_PASSWORD"]);
2346
2347                         $active_uid = $_SESSION["uid"];
2348
2349                         if ($old_pw && $new_pw) {
2350
2351                                 $login = db_escape_string($_SERVER['PHP_AUTH_USER']);
2352
2353                                 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
2354                                         id = '$active_uid' AND (pwd_hash = '$old_pw' OR
2355                                                 pwd_hash = '$old_pw_hash')");
2356
2357                                 if (db_num_rows($result) == 1) {
2358                                         db_query($link, "UPDATE ttrss_users SET pwd_hash = '$new_pw_hash'
2359                                                 WHERE id = '$active_uid'");
2360
2361                                         $_SESSION["pwd_change_result"] = "ok";
2362                                 } else {
2363                                         $_SESSION["pwd_change_result"] = "failed";
2364                                 }
2365                         }
2366
2367                         header("Location: prefs.php");
2368
2369                 } else if ($subop == "Reset to defaults") {
2370
2371                         if (WEB_DEMO_MODE) {
2372                                 header("Location: prefs.php");
2373                                 return;
2374                         }
2375
2376                         $_SESSION["prefs_op_result"] = "reset-to-defaults";
2377
2378                         if (DB_TYPE == "pgsql") {
2379                                 db_query($link,"UPDATE ttrss_user_prefs
2380                                         SET value = ttrss_prefs.def_value
2381                                         WHERE owner_uid = '".$_SESSION["uid"]."' AND
2382                                         ttrss_prefs.pref_name = ttrss_user_prefs.pref_name");
2383                         } else {
2384                                 db_query($link, "DELETE FROM ttrss_user_prefs
2385                                         WHERE owner_uid = ".$_SESSION["uid"]);
2386                                 initialize_user_prefs($link, $_SESSION["uid"]);
2387                         }
2388
2389                         header("Location: prefs.php");
2390
2391                 } else if ($subop == "Change theme") {
2392
2393                         $theme = db_escape_string($_POST["theme"]);
2394
2395                         if ($theme == "Default") {
2396                                 $theme_qpart = 'NULL';
2397                         } else {
2398                                 $theme_qpart = "'$theme'";
2399                         }
2400
2401                         $result = db_query($link, "SELECT id,theme_path FROM ttrss_themes
2402                                 WHERE theme_name = '$theme'");
2403
2404                         if (db_num_rows($result) == 1) {
2405                                 $theme_id = db_fetch_result($result, 0, "id");
2406                                 $theme_path = db_fetch_result($result, 0, "theme_path");
2407                         } else {
2408                                 $theme_id = "NULL";
2409                                 $theme_path = "";
2410                         }
2411
2412                         db_query($link, "UPDATE ttrss_users SET
2413                                 theme_id = $theme_id WHERE id = " . $_SESSION["uid"]);
2414
2415                         $_SESSION["theme"] = $theme_path;
2416
2417                         header("Location: prefs.php");
2418
2419                 } else {
2420
2421                         if (!SINGLE_USER_MODE) {
2422
2423                                 $result = db_query($link, "SELECT id FROM ttrss_users
2424                                         WHERE id = ".$_SESSION["uid"]." AND (pwd_hash = 'password' OR
2425                                                 pwd_hash = 'SHA1:".sha1("password")."')");
2426
2427                                 if (db_num_rows($result) != 0) {
2428                                         print "<div class=\"warning\">
2429                                                 Your password is at default value, please change it.
2430                                         </div>";
2431                                 }
2432
2433                                 if ($_SESSION["pwd_change_result"] == "failed") {
2434                                         print "<div class=\"warning\">
2435                                                         There was an error while changing your password.
2436                                                 </div>";
2437                                 }
2438
2439                                 if ($_SESSION["pwd_change_result"] == "ok") {
2440                                         print "<div class=\"notice\">
2441                                                         Password changed successfully.
2442                                                 </div>";
2443                                 }
2444
2445                                 $_SESSION["pwd_change_result"] = "";
2446
2447                                 if ($_SESSION["prefs_op_result"] == "reset-to-defaults") {
2448                                         print "<div class=\"notice\">
2449                                                         Your configuration was reset to defaults.
2450                                                 </div>";
2451                                 }
2452
2453                                 if ($_SESSION["prefs_op_result"] == "save-config") {
2454                                         print "<div class=\"notice\">
2455                                                         Your configuration was saved successfully.
2456                                                 </div>";
2457                                 }
2458
2459                                 $_SESSION["prefs_op_result"] = "";
2460
2461                                 print "<form action=\"backend.php\" method=\"POST\">";
2462
2463                                 print "<table width=\"100%\" class=\"prefPrefsList\">";
2464                                 print "<tr><td colspan='3'><h3>Authentication</h3></tr></td>";
2465
2466                                 print "<tr><td width=\"40%\">Old password</td>";
2467                                 print "<td><input class=\"editbox\" type=\"password\"
2468                                         name=\"OLD_PASSWORD\"></td></tr>";
2469
2470                                 print "<tr><td width=\"40%\">New password</td>";
2471
2472                                 print "<td><input class=\"editbox\" type=\"password\"
2473                                         name=\"NEW_PASSWORD\"></td></tr>";
2474
2475                                 print "</table>";
2476
2477                                 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
2478
2479                                 print "<p><input class=\"button\" type=\"submit\"
2480                                         value=\"Change password\" name=\"subop\">";
2481
2482                                 print "</form>";
2483
2484                         }
2485
2486                         $result = db_query($link, "SELECT
2487                                 theme_id FROM ttrss_users WHERE id = " . $_SESSION["uid"]);
2488
2489                         $user_theme_id = db_fetch_result($result, 0, "theme_id");
2490
2491                         $result = db_query($link, "SELECT
2492                                 id,theme_name FROM ttrss_themes ORDER BY theme_name");
2493
2494                         if (db_num_rows($result) > 0) {
2495
2496                                 print "<form action=\"backend.php\" method=\"POST\">";
2497                                 print "<table width=\"100%\" class=\"prefPrefsList\">";
2498                                 print "<tr><td colspan='3'><h3>Themes</h3></tr></td>";
2499                                 print "<tr><td width=\"40%\">Select theme</td>";
2500                                 print "<td><select name=\"theme\">";
2501                                 print "<option>Default</option>";
2502                                 print "<option disabled>--------</option>";
2503
2504                                 while ($line = db_fetch_assoc($result)) {
2505                                         if ($line["id"] == $user_theme_id) {
2506                                                 $selected = "selected";
2507                                         } else {
2508                                                 $selected = "";
2509                                         }
2510                                         print "<option $selected>" . $line["theme_name"] . "</option>";
2511                                 }
2512                                 print "</select></td></tr>";
2513                                 print "</table>";
2514                                 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
2515                                 print "<p><input class=\"button\" type=\"submit\"
2516                                         value=\"Change theme\" name=\"subop\">";
2517                                 print "</form>";
2518                         }
2519
2520                         $result = db_query($link, "SELECT
2521                                 ttrss_user_prefs.pref_name,short_desc,help_text,value,type_name,
2522                                 section_name,def_value
2523                                 FROM ttrss_prefs,ttrss_prefs_types,ttrss_prefs_sections,ttrss_user_prefs
2524                                 WHERE type_id = ttrss_prefs_types.id AND
2525                                         section_id = ttrss_prefs_sections.id AND
2526                                         ttrss_user_prefs.pref_name = ttrss_prefs.pref_name AND
2527                                         owner_uid = ".$_SESSION["uid"]."
2528                                 ORDER BY section_id,short_desc");
2529
2530                         print "<form action=\"backend.php\" method=\"POST\">";
2531
2532                         $lnum = 0;
2533
2534                         $active_section = "";
2535
2536                         while ($line = db_fetch_assoc($result)) {
2537
2538                                 if ($active_section != $line["section_name"]) {
2539
2540                                         if ($active_section != "") {
2541                                                 print "</table>";
2542                                         }
2543
2544                                         print "<p><table width=\"100%\" class=\"prefPrefsList\">";
2545
2546                                         $active_section = $line["section_name"];
2547
2548                                         print "<tr><td colspan=\"3\"><h3>$active_section</h3></td></tr>";
2549 //                                      print "<tr class=\"title\">
2550 //                                              <td width=\"25%\">Option</td><td>Value</td></tr>";
2551
2552                                         $lnum = 0;
2553                                 }
2554
2555 //                              $class = ($lnum % 2) ? "even" : "odd";
2556
2557                                 print "<tr>";
2558
2559                                 $type_name = $line["type_name"];
2560                                 $pref_name = $line["pref_name"];
2561                                 $value = $line["value"];
2562                                 $def_value = $line["def_value"];
2563                                 $help_text = $line["help_text"];
2564
2565                                 print "<td width=\"40%\" id=\"$pref_name\">" . $line["short_desc"];
2566
2567                                 if ($help_text) print "<div class=\"prefHelp\">$help_text</div>";
2568
2569                                 print "</td>";
2570
2571                                 print "<td>";
2572
2573                                 if ($type_name == "bool") {
2574 //                                      print_select($pref_name, $value, array("true", "false"));
2575
2576                                         if ($value == "true") {
2577                                                 $value = "Yes";
2578                                         } else {
2579                                                 $value = "No";
2580                                         }
2581
2582                                         print_radio($pref_name, $value, array("Yes", "No"));
2583
2584                                 } else {
2585                                         print "<input class=\"editbox\" name=\"$pref_name\" value=\"$value\">";
2586                                 }
2587
2588                                 print "</td>";
2589
2590                                 print "</tr>";
2591
2592                                 $lnum++;
2593                         }
2594
2595                         print "</table>";
2596
2597                         print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
2598
2599                         print "<p><input class=\"button\" type=\"submit\"
2600                                 name=\"subop\" value=\"Save configuration\">";
2601
2602                         print "&nbsp;<input class=\"button\" type=\"submit\"
2603                                 name=\"subop\" value=\"Reset to defaults\"></p>";
2604
2605                         print "</form>";
2606
2607                 }
2608
2609         }
2610
2611         if ($op == "pref-users") {
2612
2613                 $subop = $_GET["subop"];
2614
2615                 if ($subop == "editSave") {
2616
2617                         if (!WEB_DEMO_MODE) {
2618
2619                                 $login = db_escape_string($_GET["l"]);
2620                                 $uid = db_escape_string($_GET["id"]);
2621                                 $access_level = sprintf("%d", $_GET["al"]);
2622
2623                                 db_query($link, "UPDATE ttrss_users SET login = '$login', access_level = '$access_level' WHERE id = '$uid'");
2624
2625                         }
2626                 } else if ($subop == "remove") {
2627
2628                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
2629
2630                                 $ids = split(",", $_GET["ids"]);
2631
2632                                 foreach ($ids as $id) {
2633                                         db_query($link, "DELETE FROM ttrss_users WHERE id = '$id' AND id != " . $_SESSION["uid"]);
2634
2635                                 }
2636                         }
2637                 } else if ($subop == "add") {
2638
2639                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
2640
2641                                 $login = db_escape_string(trim($_GET["login"]));
2642                                 $tmp_user_pwd = make_password(8);
2643                                 $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd);
2644
2645                                 db_query($link, "INSERT INTO ttrss_users (login,pwd_hash,access_level)
2646                                         VALUES ('$login', '$pwd_hash', 0)");
2647
2648
2649                                 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
2650                                         login = '$login' AND pwd_hash = '$pwd_hash'");
2651
2652                                 if (db_num_rows($result) == 1) {
2653
2654                                         $new_uid = db_fetch_result($result, 0, "id");
2655
2656                                         print "<div class=\"notice\">Added user <b>".$_GET["login"].
2657                                                 "</b> with password <b>$tmp_user_pwd</b>.</div>";
2658
2659                                         initialize_user($link, $new_uid);
2660
2661                                 } else {
2662
2663                                         print "<div class=\"warning\">Error while adding user <b>".
2664                                         $_GET["login"].".</b></div>";
2665
2666                                 }
2667                         }
2668                 } else if ($subop == "resetPass") {
2669
2670                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
2671
2672                                 $uid = db_escape_string($_GET["id"]);
2673
2674                                 $result = db_query($link, "SELECT login FROM ttrss_users WHERE id = '$uid'");
2675
2676                                 $login = db_fetch_result($result, 0, "login");
2677                                 $tmp_user_pwd = make_password(8);
2678                                 $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd);
2679
2680                                 db_query($link, "UPDATE ttrss_users SET pwd_hash = '$pwd_hash'
2681                                         WHERE id = '$uid'");
2682
2683                                 print "<div class=\"notice\">Changed password of
2684                                         user <b>$login</b> to <b>$tmp_user_pwd</b>.</div>";
2685
2686                         }
2687                 }
2688
2689                 print "<div class=\"prefGenericAddBox\">
2690                         <input id=\"uadd_box\" size=\"40\">&nbsp;";
2691
2692                 print"<input type=\"submit\" class=\"button\"
2693                         onclick=\"javascript:addUser()\" value=\"Add user\"></div>";
2694
2695                 $result = db_query($link, "SELECT
2696                                 id,login,access_level,
2697                                 SUBSTRING(last_login,1,16) as last_login
2698                         FROM
2699                                 ttrss_users
2700                         ORDER by login");
2701
2702                 print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
2703
2704                 print "<p><table width=\"100%\" class=\"prefUserList\" id=\"prefUserList\">";
2705
2706                 print "<tr><td class=\"selectPrompt\" colspan=\"8\">
2707                                 Select:
2708                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefUserList',
2709                                                 'UMRR-', 'UMCHK-', true)\">All</a>,
2710                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefUserList',
2711                                                 'UMRR-', 'UMCHK-', false)\">None</a>
2712                                 </td</tr>";
2713
2714                 print "<tr class=\"title\">
2715                                         <td width=\"5%\">Select</td>
2716                                         <td width='30%'>Username</td>
2717                                         <td width='30%'>Access Level</td>
2718                                         <td width='30%'>Last login</td></tr>";
2719
2720                 $lnum = 0;
2721
2722                 while ($line = db_fetch_assoc($result)) {
2723
2724                         $class = ($lnum % 2) ? "even" : "odd";
2725
2726                         $uid = $line["id"];
2727                         $edit_uid = $_GET["id"];
2728
2729                         if ($uid == $_SESSION["uid"] || ($subop == "edit" && $uid != $edit_uid)) {
2730                                 $class .= "Grayed";
2731                                 $this_row_id = "";
2732                         } else {
2733                                 $this_row_id = "id=\"UMRR-$uid\"";
2734                         }
2735
2736                         print "<tr class=\"$class\" $this_row_id>";
2737
2738                         $line["login"] = htmlspecialchars($line["login"]);
2739
2740                         if ($uid == $_SESSION["uid"]) {
2741
2742                                 print "<td><input disabled=\"true\" type=\"checkbox\"
2743                                         id=\"UMCHK-".$line["id"]."\"></td>";
2744
2745                                 print "<td>".$line["login"]."</td>";
2746                                 print "<td>".$line["access_level"]."</td>";
2747
2748                         } else if (!$edit_uid || $subop != "edit") {
2749
2750                                 print "<td><input onclick='toggleSelectRow(this);'
2751                                 type=\"checkbox\" id=\"UMCHK-$uid\"></td>";
2752
2753                                 print "<td><a href=\"javascript:editUser($uid);\">" .
2754                                         $line["login"] . "</td>";
2755
2756                                 print "<td><a href=\"javascript:editUser($uid);\">" .
2757                                         $line["access_level"] . "</td>";
2758
2759                         } else if ($uid != $edit_uid) {
2760
2761                                 print "<td><input disabled=\"true\" type=\"checkbox\"
2762                                         id=\"UMCHK-".$line["id"]."\"></td>";
2763
2764                                 print "<td>".$line["login"]."</td>";
2765                                 print "<td>".$line["access_level"]."</td>";
2766
2767                         } else {
2768
2769                                 print "<td><input disabled=\"true\" type=\"checkbox\" checked></td>";
2770
2771                                 print "<td><input id=\"iedit_ulogin\" value=\"".$line["login"].
2772                                         "\"></td>";
2773
2774                                 print "<td><input id=\"iedit_ulevel\" value=\"".$line["access_level"].
2775                                         "\"></td>";
2776
2777                         }
2778
2779                         print "<td>".$line["last_login"]."</td>";
2780
2781                         print "</tr>";
2782
2783                         ++$lnum;
2784                 }
2785
2786                 print "</table>";
2787
2788                 print "<p>";
2789
2790                 if ($subop == "edit") {
2791                         print "Edit label:
2792                                 <input type=\"submit\" class=\"button\"
2793                                         onclick=\"javascript:userEditCancel()\" value=\"Cancel\">
2794                                 <input type=\"submit\" class=\"button\"
2795                                         onclick=\"javascript:userEditSave()\" value=\"Save\">";
2796
2797                 } else {
2798
2799                         print "
2800                                 Selection:
2801                         <input type=\"submit\" class=\"button\"
2802                                 onclick=\"javascript:selectedUserDetails()\" value=\"User details\">
2803                         <input type=\"submit\" class=\"button\"
2804                                 onclick=\"javascript:editSelectedUser()\" value=\"Edit\">
2805                         <input type=\"submit\" class=\"button\"
2806                                 onclick=\"javascript:removeSelectedUsers()\" value=\"Remove\">
2807                         <input type=\"submit\" class=\"button\"
2808                                 onclick=\"javascript:resetSelectedUserPass()\" value=\"Reset password\">";
2809
2810                 }
2811         }
2812
2813         if ($op == "user-details") {
2814
2815                 if (WEB_DEMO_MODE || $_SESSION["access_level"] < 10) {
2816                         return;
2817                 }
2818
2819 /*              print "<html><head>
2820                         <title>Tiny Tiny RSS : User Details</title>
2821                         <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">
2822                         <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
2823                         </head><body>"; */
2824
2825                 $uid = sprintf("%d", $_GET["id"]);
2826
2827                 print "<div class='infoBoxContents'>";
2828
2829                 $result = db_query($link, "SELECT login,
2830                         SUBSTRING(last_login,1,16) AS last_login,
2831                         access_level,
2832                         (SELECT COUNT(int_id) FROM ttrss_user_entries
2833                                 WHERE owner_uid = id) AS stored_articles
2834                         FROM ttrss_users
2835                         WHERE id = '$uid'");
2836
2837                 if (db_num_rows($result) == 0) {
2838                         print "<h1>User not found</h1>";
2839                         return;
2840                 }
2841
2842                 print "<h1>User Details</h1>";
2843
2844                 print "<table width='100%'>";
2845
2846                 $login = db_fetch_result($result, 0, "login");
2847                 $last_login = db_fetch_result($result, 0, "last_login");
2848                 $access_level = db_fetch_result($result, 0, "access_level");
2849                 $stored_articles = db_fetch_result($result, 0, "stored_articles");
2850
2851                 print "<tr><td>Username</td><td>$login</td></tr>";
2852                 print "<tr><td>Access level</td><td>$access_level</td></tr>";
2853                 print "<tr><td>Last logged in</td><td>$last_login</td></tr>";
2854                 print "<tr><td>Stored articles</td><td>$stored_articles</td></tr>";
2855
2856                 $result = db_query($link, "SELECT COUNT(id) as num_feeds FROM ttrss_feeds
2857                         WHERE owner_uid = '$uid'");
2858
2859                 $num_feeds = db_fetch_result($result, 0, "num_feeds");
2860
2861                 print "<tr><td>Subscribed feeds count</td><td>$num_feeds</td></tr>";
2862
2863 /*              $result = db_query($link, "SELECT
2864                         SUM(LENGTH(content)+LENGTH(title)+LENGTH(link)+LENGTH(guid)) AS db_size
2865                         FROM ttrss_user_entries,ttrss_entries
2866                                 WHERE owner_uid = '$uid' AND ref_id = id");
2867
2868                 $db_size = round(db_fetch_result($result, 0, "db_size") / 1024);
2869
2870                 print "<tr><td>Approx. used DB size</td><td>$db_size KBytes</td></tr>";  */
2871
2872                 print "</table>";
2873
2874                 print "<h1>Subscribed feeds</h1>";
2875
2876                 $result = db_query($link, "SELECT id,title,feed_url FROM ttrss_feeds
2877                         WHERE owner_uid = '$uid' ORDER BY title");
2878
2879                 print "<ul class=\"nomarks\">";
2880
2881                 while ($line = db_fetch_assoc($result)) {
2882
2883                         $icon_file = ICONS_URL."/".$line["id"].".ico";
2884
2885                         if (file_exists($icon_file) && filesize($icon_file) > 0) {
2886                                 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"$icon_file\">";
2887                         } else {
2888                                 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
2889                         }
2890
2891                         print "<li>$feed_icon&nbsp;<a href=\"".$line["feed_url"]."\">".$line["title"]."</a></li>";
2892                 }
2893
2894                 print "</ul>";
2895
2896                 print "</div>";
2897
2898                 print "<div align='center'>
2899                         <input type='submit' class='button'
2900                         onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
2901
2902 //              print "</body></html>";
2903
2904         }
2905
2906         if ($op == "feed-details") {
2907
2908                 $feed_id = $_GET["id"];
2909
2910                 $result = db_query($link,
2911                         "SELECT
2912                                 title,feed_url,last_updated,icon_url,site_url,
2913                                 (SELECT COUNT(int_id) FROM ttrss_user_entries
2914                                         WHERE feed_id = id) AS total,
2915                                 (SELECT COUNT(int_id) FROM ttrss_user_entries
2916                                         WHERE feed_id = id AND unread = true) AS unread,
2917                                 (SELECT COUNT(int_id) FROM ttrss_user_entries
2918                                         WHERE feed_id = id AND marked = true) AS marked
2919                         FROM ttrss_feeds
2920                         WHERE id = '$feed_id' AND owner_uid = ".$_SESSION["uid"]);
2921
2922                 if (db_num_rows($result) == 0) return;
2923
2924                 $title = db_fetch_result($result, 0, "title");
2925                 $last_updated = db_fetch_result($result, 0, "last_updated");
2926                 $feed_url = db_fetch_result($result, 0, "feed_url");
2927                 $icon_url = db_fetch_result($result, 0, "icon_url");
2928                 $total = db_fetch_result($result, 0, "total");
2929                 $unread = db_fetch_result($result, 0, "unread");
2930                 $marked = db_fetch_result($result, 0, "marked");
2931                 $site_url = db_fetch_result($result, 0, "site_url");
2932
2933                 $result = db_query($link, "SELECT COUNT(id) AS subscribed
2934                                         FROM ttrss_feeds WHERE feed_url = '$feed_url'");
2935
2936                 $subscribed = db_fetch_result($result, 0, "subscribed");
2937
2938                 print "<div class=\"infoBoxContents\">";
2939
2940                 $icon_file = ICONS_DIR . "/$feed_id.ico";
2941
2942                 if (file_exists($icon_file) && filesize($icon_file) > 0) {
2943                                 $feed_icon = "<img width=\"16\" height=\"16\"
2944                                         src=\"" . ICONS_URL . "/$feed_id.ico\">";
2945                 } else {
2946                         $feed_icon = "";
2947                 }
2948
2949                 print "<h1>$feed_icon $title</h1>";
2950
2951                 print "<table width='100%'>";
2952
2953                 if ($site_url) {
2954                         print "<tr><td width='30%'>Link</td>
2955                                 <td><a href=\"$site_url\">$site_url</a>
2956                                 <a href=\"$feed_url\">(feed)</a></td>
2957                                 </td></tr>";
2958                 } else {
2959                         print "<tr><td width='30%'>Feed URL</td>
2960                                 <td><a href=\"$feed_url\">$feed_url</a></td></tr>";
2961                 }
2962                 print "<tr><td>Last updated</td><td>$last_updated</td></tr>";
2963                 print "<tr><td>Total articles</td><td>$total</td></tr>";
2964                 print "<tr><td>Unread articles</td><td>$unread</td></tr>";
2965                 print "<tr><td>Starred articles</td><td>$marked</td></tr>";
2966                 print "<tr><td>Subscribed users</td><td>$subscribed</td></tr>";
2967
2968                 print "</table>";
2969
2970                 $result = db_query($link, "SELECT title,
2971                         SUBSTRING(updated,1,16) AS updated,unread
2972                         FROM ttrss_entries,ttrss_user_entries
2973                         WHERE ref_id = id AND feed_id = '$feed_id'
2974                         ORDER BY date_entered DESC LIMIT 5");
2975
2976                 if (db_num_rows($result) > 0) {
2977
2978                         print "<h1>Latest headlines</h1>";
2979
2980                         print "<ul class=\"nomarks\">";
2981
2982                         while ($line = db_fetch_assoc($result)) {
2983                                 if ($line["unread"] == "t" || $line["unread"] == "1") {
2984                                         $line["title"] = "<b>" . $line["title"] . "</b>";
2985                                 }
2986                                 print "<li>" . $line["title"].
2987                                 "&nbsp;<span class=\"insensitive\">(" .$line["updated"].")</span></li>";
2988                         }
2989
2990                         print "</ul>";
2991
2992                         print "</div>";
2993
2994                         print "<div align='center'>
2995                                 <input type='submit' class='button'
2996                                 onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
2997                 }
2998         }
2999
3000         db_close($link);
3001 ?>
3002
3003 <!-- <?= sprintf("Backend execution time: %.4f seconds", getmicrotime() - $script_started) ?> -->
3004