]> git.wh0rd.org - tt-rss.git/blob - backend.php
git.wh0rd.org / tt-rss.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
implement new version checking (2)
[tt-rss.git] / backend.php
1 <?php
2 require_once "sessions.php";
3 require_once "backend-rpc.php";
4
5 header("Cache-Control: no-cache, must-revalidate");
6 header("Pragma: no-cache");
7 header("Expires: -1");
8
9 /* if ($_GET["debug"]) {
10 define('DEFAULT_ERROR_LEVEL', E_ALL);
11 } else {
12 define('DEFAULT_ERROR_LEVEL', E_ERROR | E_WARNING | E_PARSE);
13 }
14
15 error_reporting(DEFAULT_ERROR_LEVEL); */
16
17 $op = $_REQUEST["op"];
18
19 define('SCHEMA_VERSION', 9);
20
21 require_once "sanity_check.php";
22 require_once "config.php";
23
24 require_once "db.php";
25 require_once "db-prefs.php";
26 require_once "functions.php";
27
28 $err_msg = check_configuration_variables();
29
30 if ($err_msg) {
31 header("Content-Type: application/xml");
32 print_error_xml(9, $err_msg); die;
33 }
34
35 if ((!$op || $op == "rpc" || $op == "rss" ||
36 $op == "globalUpdateFeeds") && !$_REQUEST["noxml"]) {
37 header("Content-Type: application/xml");
38 }
39
40 if (!$op) {
41 header("Content-Type: application/xml");
42 print_error_xml(7); exit;
43 }
44
45 if (!$_SESSION["uid"] && $op != "globalUpdateFeeds" && $op != "rss" && $op != "getUnread") {
46
47 if ($op == "rpc") {
48 print_error_xml(6); die;
49 } else {
50 print "
51 <html><body>
52 <p>Error: Not logged in.</p>
53 <script type=\"text/javascript\">
54 if (parent.window != 'undefined') {
55 parent.window.location = \"login.php\";
56 } else {
57 window.location = \"login.php\";
58 }
59 </script>
60 </body></html>
61 ";
62 }
63 exit;
64 }
65
66 $purge_intervals = array(
67 0 => "Use default",
68 -1 => "Never purge",
69 5 => "1 week old",
70 14 => "2 weeks old",
71 31 => "1 month old",
72 60 => "2 months old",
73 90 => "3 months old");
74
75 $update_intervals = array(
76 0 => "Use default",
77 -1 => "Disable updates",
78 30 => "Each 30 minutes",
79 60 => "Hourly",
80 240 => "Each 4 hours",
81 720 => "Each 12 hours",
82 1440 => "Daily",
83 10080 => "Weekly");
84
85 $access_level_names = array(
86 0 => "User",
87 10 => "Administrator");
88
89 $script_started = getmicrotime();
90
91 $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
92
93 if (!$link) {
94 if (DB_TYPE == "mysql") {
95 print mysql_error();
96 }
97 // PG seems to display its own errors just fine by default.
98 return;
99 }
100
101 if (DB_TYPE == "pgsql") {
102 pg_query("set client_encoding = 'utf-8'");
103 }
104
105 if ($_SESSION["uid"]) {
106
107 // setcookie('ttrss_vf_refresh', FEEDS_FRAME_REFRESH);
108 // setcookie('ttrss_vf_daemon', ENABLE_UPDATE_DAEMON);
109
110 /* if (get_pref($link, "ON_CATCHUP_SHOW_NEXT_FEED")) {
111 setcookie('ttrss_vf_catchupnext', 1);
112 } else {
113 setcookie('ttrss_vf_catchupnext', 0);
114 } */
115 }
116
117 $fetch = $_GET["fetch"];
118
119 // setcookie("ttrss_icons_url", ICONS_URL);
120
121 if (!sanity_check($link)) { return; }
122
123 function outputFeedList($link, $tags = false) {
124
125 print "<html><head>
126 <title>Tiny Tiny RSS : Feedlist</title>
127 <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">";
128
129 $user_theme = $_SESSION["theme"];
130 if ($user_theme) {
131 print "<link rel=\"stylesheet\" type=\"text/css\"
132 href=\"themes/$user_theme/theme.css\">";
133 }
134
135 if (get_pref($link, 'USE_COMPACT_STYLESHEET')) {
136 print "<link rel=\"stylesheet\" type=\"text/css\"
137 href=\"tt-rss_compact.css\"/>";
138 } else {
139 print "<link title=\"Compact Stylesheet\" rel=\"alternate stylesheet\"
140 type=\"text/css\" href=\"tt-rss_compact.css\"/>";
141 }
142
143 $script_dt_add = get_script_dt_add();
144
145 print "
146 <script type=\"text/javascript\" src=\"prototype.js\"></script>
147 <script type=\"text/javascript\" src=\"functions.js?$script_dt_add\"></script>
148 <script type=\"text/javascript\" src=\"feedlist.js?$script_dt_add\"></script>
149 <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
150 <!--[if gte IE 5.5000]>
151 <script type=\"text/javascript\" src=\"pngfix.js\"></script>
152 <link rel=\"stylesheet\" type=\"text/css\" href=\"tt-rss-ie.css\">
153 <![endif]-->
154 </head><body>
155 <script type=\"text/javascript\">
156 if (document.addEventListener) {
157 document.addEventListener(\"DOMContentLoaded\", init, null);
158 }
159 window.onload = init;
160 </script>";
161
162 print "<ul class=\"feedList\" id=\"feedList\">\n";
163
164 $owner_uid = $_SESSION["uid"];
165
166 if (!$tags) {
167
168 /* virtual feeds */
169
170 if (get_pref($link, 'ENABLE_FEED_CATS')) {
171 print "<li class=\"feedCat\">Special</li>";
172 print "<li id=\"feedCatHolder\"><ul class=\"feedCatList\">";
173 }
174
175 $num_starred = getFeedUnread($link, -1);
176
177 $class = "virt";
178
179 if ($num_starred > 0) $class .= "Unread";
180
181 printFeedEntry(-1, $class, "Starred articles", $num_starred,
182 "images/mark_set.png", $link);
183
184 if (get_pref($link, 'ENABLE_FEED_CATS')) {
185 print "</ul>\n";
186 }
187
188 if (GLOBAL_ENABLE_LABELS && get_pref($link, 'ENABLE_LABELS')) {
189
190 $result = db_query($link, "SELECT id,sql_exp,description FROM
191 ttrss_labels WHERE owner_uid = '$owner_uid' ORDER by description");
192
193 if (db_num_rows($result) > 0) {
194 if (get_pref($link, 'ENABLE_FEED_CATS')) {
195 print "<li class=\"feedCat\">Labels</li>";
196 print "<li id=\"feedCatHolder\"><ul class=\"feedCatList\">";
197 } else {
198 print "<li><hr></li>";
199 }
200 }
201
202 while ($line = db_fetch_assoc($result)) {
203
204 error_reporting (0);
205
206 $label_id = -$line['id'] - 11;
207 $count = getFeedUnread($link, $label_id);
208
209 $class = "label";
210
211 if ($count > 0) {
212 $class .= "Unread";
213 }
214
215 error_reporting (DEFAULT_ERROR_LEVEL);
216
217 printFeedEntry($label_id,
218 $class, db_unescape_string($line["description"]),
219 $count, "images/label.png", $link);
220
221 }
222
223 if (db_num_rows($result) > 0) {
224 if (get_pref($link, 'ENABLE_FEED_CATS')) {
225 print "</ul>";
226 }
227 }
228
229 }
230
231 // if (!get_pref($link, 'ENABLE_FEED_CATS')) {
232 print "<li><hr></li>";
233 // }
234
235 if (get_pref($link, 'ENABLE_FEED_CATS')) {
236 if (get_pref($link, "FEEDS_SORT_BY_UNREAD")) {
237 $order_by_qpart = "category,unread DESC,title";
238 } else {
239 $order_by_qpart = "category,title";
240 }
241 } else {
242 if (get_pref($link, "FEEDS_SORT_BY_UNREAD")) {
243 $order_by_qpart = "unread DESC,title";
244 } else {
245 $order_by_qpart = "title";
246 }
247 }
248
249 $result = db_query($link, "SELECT ttrss_feeds.*,
250 SUBSTRING(last_updated,1,19) AS last_updated_noms,
251 (SELECT COUNT(id) FROM ttrss_entries,ttrss_user_entries
252 WHERE feed_id = ttrss_feeds.id AND
253 ttrss_user_entries.ref_id = ttrss_entries.id AND
254 owner_uid = '$owner_uid') AS total,
255 (SELECT COUNT(id) FROM ttrss_entries,ttrss_user_entries
256 WHERE feed_id = ttrss_feeds.id AND unread = true
257 AND ttrss_user_entries.ref_id = ttrss_entries.id
258 AND owner_uid = '$owner_uid') as unread,
259 cat_id,last_error,
260 ttrss_feed_categories.title AS category,
261 ttrss_feed_categories.collapsed
262 FROM ttrss_feeds LEFT JOIN ttrss_feed_categories
263 ON (ttrss_feed_categories.id = cat_id)
264 WHERE
265 ttrss_feeds.hidden = false AND
266 ttrss_feeds.owner_uid = '$owner_uid' AND parent_feed IS NULL
267 ORDER BY $order_by_qpart");
268
269 $actid = $_GET["actid"];
270
271 /* real feeds */
272
273 $lnum = 0;
274
275 $total_unread = 0;
276
277 $category = "";
278
279 $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
280
281 while ($line = db_fetch_assoc($result)) {
282
283 $feed = db_unescape_string($line["title"]);
284 $feed_id = $line["id"];
285
286 $subop = $_GET["subop"];
287
288 $total = $line["total"];
289 $unread = $line["unread"];
290
291 if (get_pref($link, 'HEADLINES_SMART_DATE')) {
292 $last_updated = smart_date_time(strtotime($line["last_updated_noms"]));
293 } else {
294 $last_updated = date($short_date, strtotime($line["last_updated_noms"]));
295 }
296
297 $rtl_content = sql_bool_to_bool($line["rtl_content"]);
298
299 if ($rtl_content) {
300 $rtl_tag = "dir=\"RTL\"";
301 } else {
302 $rtl_tag = "";
303 }
304
305 $tmp_result = db_query($link,
306 "SELECT id,COUNT(unread) AS unread
307 FROM ttrss_feeds LEFT JOIN ttrss_user_entries
308 ON (ttrss_feeds.id = ttrss_user_entries.feed_id)
309 WHERE parent_feed = '$feed_id' AND unread = true
310 GROUP BY ttrss_feeds.id");
311
312 if (db_num_rows($tmp_result) > 0) {
313 while ($l = db_fetch_assoc($tmp_result)) {
314 $unread += $l["unread"];
315 }
316 }
317
318 $cat_id = $line["cat_id"];
319
320 $tmp_category = $line["category"];
321
322 if (!$tmp_category) {
323 $tmp_category = "Uncategorized";
324 }
325
326 // $class = ($lnum % 2) ? "even" : "odd";
327
328 if ($line["last_error"]) {
329 $class = "error";
330 } else {
331 $class = "feed";
332 }
333
334 if ($unread > 0) $class .= "Unread";
335
336 if ($actid == $feed_id) {
337 $class .= "Selected";
338 }
339
340 $total_unread += $unread;
341
342 if ($category != $tmp_category && get_pref($link, 'ENABLE_FEED_CATS')) {
343
344 if ($category) {
345 print "</ul></li>";
346 }
347
348 $category = $tmp_category;
349
350 $collapsed = $line["collapsed"];
351
352 // workaround for NULL category
353 if ($category == "Uncategorized") {
354 if ($_COOKIE["ttrss_vf_uclps"] == 1) {
355 $collapsed = "t";
356 }
357 }
358
359 if ($collapsed == "t" || $collapsed == "1") {
360 $holder_class = "invisible";
361 $ellipsis = "...";
362 } else {
363 $holder_class = "";
364 $ellipsis = "";
365 }
366
367 $cat_id = sprintf("%d", $cat_id);
368
369 $cat_unread = getCategoryUnread($link, $cat_id);
370
371 print "<li class=\"feedCat\" id=\"FCAT-$cat_id\">
372 <a id=\"FCATN-$cat_id\" href=\"javascript:toggleCollapseCat($cat_id)\">$tmp_category</a>
373 <a href=\"javascript:viewCategory($cat_id)\" id=\"FCAP-$cat_id\">
374 <span id=\"FCATCTR-$cat_id\"
375 class=\"$catctr_class\">($cat_unread unread)$ellipsis</span>
376 </a></li>";
377
378 // !!! NO SPACE before <ul...feedCatList - breaks firstChild DOM function
379 // -> keyboard navigation, etc.
380 print "<li id=\"feedCatHolder\" class=\"$holder_class\"><ul class=\"feedCatList\" id=\"FCATLIST-$cat_id\">";
381 }
382
383 printFeedEntry($feed_id, $class, $feed, $unread,
384 "icons/$feed_id.ico", $link, $rtl_content,
385 $last_updated, $line["last_error"]);
386
387 ++$lnum;
388 }
389
390 } else {
391
392 // tags
393
394 /* $result = db_query($link, "SELECT tag_name,count(ttrss_entries.id) AS count
395 FROM ttrss_tags,ttrss_entries,ttrss_user_entries WHERE
396 post_int_id = ttrss_user_entries.int_id AND
397 unread = true AND ref_id = ttrss_entries.id
398 AND ttrss_tags.owner_uid = '$owner_uid' GROUP BY tag_name
399 UNION
400 select tag_name,0 as count FROM ttrss_tags WHERE owner_uid = '$owner_uid'
401 ORDER BY tag_name"); */
402
403 $result = db_query($link, "SELECT tag_name,SUM((SELECT COUNT(int_id)
404 FROM ttrss_user_entries WHERE int_id = post_int_id
405 AND unread = true)) AS count FROM ttrss_tags
406 WHERE owner_uid = 2 GROUP BY tag_name ORDER BY tag_name");
407
408 $tags = array();
409
410 while ($line = db_fetch_assoc($result)) {
411 $tags[$line["tag_name"]] += $line["count"];
412 }
413
414 foreach (array_keys($tags) as $tag) {
415
416 $unread = $tags[$tag];
417
418 $class = "tag";
419
420 if ($unread > 0) {
421 $class .= "Unread";
422 }
423
424 printFeedEntry($tag, $class, $tag, $unread, "images/tag.png", $link);
425
426 }
427
428 }
429
430 if (db_num_rows($result) == 0) {
431 if ($tags) {
432 $what = "tags";
433 } else {
434 $what = "feeds";
435 }
436 print "<li>No $what to display.</li>";
437 }
438
439 print "</ul>";
440
441 print '
442 <script type="text/javascript">
443 /* for IE */
444 function statechange() {
445 if (document.readyState == "interactive") init();
446 }
447
448 if (document.readyState) {
449 if (document.readyState == "interactive" || document.readyState == "complete") {
450 init();
451 } else {
452 document.onreadystatechange = statechange;
453 }
454 }
455 </script></body></html>';
456 }
457
458
459 if ($op == "rpc") {
460 handle_rpc_request($link);
461 }
462
463 if ($op == "feeds") {
464
465 $tags = $_GET["tags"];
466
467 $subop = $_GET["subop"];
468
469 if ($subop == "catchupAll") {
470 db_query($link, "UPDATE ttrss_user_entries SET
471 last_read = NOW(),unread = false WHERE owner_uid = " . $_SESSION["uid"]);
472 }
473
474 if ($subop == "collapse") {
475 $cat_id = db_escape_string($_GET["cid"]);
476
477 db_query($link, "UPDATE ttrss_feed_categories SET
478 collapsed = NOT collapsed WHERE id = '$cat_id' AND owner_uid = " .
479 $_SESSION["uid"]);
480 return;
481 }
482
483 outputFeedList($link, $tags);
484
485 }
486
487 if ($op == "view") {
488
489 $id = db_escape_string($_GET["id"]);
490 $feed_id = db_escape_string($_GET["feed"]);
491
492 $result = db_query($link, "SELECT rtl_content FROM ttrss_feeds
493 WHERE id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]);
494
495 if (db_num_rows($result) == 1) {
496 $rtl_content = sql_bool_to_bool(db_fetch_result($result, 0, "rtl_content"));
497 } else {
498 $rtl_content = false;
499 }
500
501 if ($rtl_content) {
502 $rtl_tag = "dir=\"RTL\"";
503 $rtl_class = "RTL";
504 } else {
505 $rtl_tag = "";
506 $rtl_class = "";
507 }
508
509 $result = db_query($link, "UPDATE ttrss_user_entries
510 SET unread = false,last_read = NOW()
511 WHERE ref_id = '$id' AND feed_id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]);
512
513 $result = db_query($link, "SELECT title,link,content,feed_id,comments,int_id,
514 SUBSTRING(updated,1,16) as updated,
515 (SELECT icon_url FROM ttrss_feeds WHERE id = feed_id) as icon_url,
516 num_comments,
517 author
518 FROM ttrss_entries,ttrss_user_entries
519 WHERE id = '$id' AND ref_id = id AND owner_uid = " . $_SESSION["uid"]);
520
521 print "<html><head>
522 <title>Tiny Tiny RSS : Article $id</title>
523 <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">";
524
525 $user_theme = $_SESSION["theme"];
526 if ($user_theme) {
527 print "<link rel=\"stylesheet\" type=\"text/css\"
528 href=\"themes/$user_theme/theme.css\">";
529 }
530
531 if (get_pref($link, 'USE_COMPACT_STYLESHEET')) {
532 print "<link rel=\"stylesheet\" type=\"text/css\"
533 href=\"tt-rss_compact.css\"/>";
534 } else {
535 print "<link title=\"Compact Stylesheet\" rel=\"alternate stylesheet\"
536 type=\"text/css\" href=\"tt-rss_compact.css\"/>";
537 }
538
539 $script_dt_add = get_script_dt_add();
540
541 print "
542 <script type=\"text/javascript\" src=\"prototype.js\"></script>
543 <script type=\"text/javascript\" src=\"functions.js?$script_dt_add\"></script>
544 <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
545 </head><body $rtl_tag>";
546
547 if ($result) {
548
549 $link_target = "";
550
551 if (get_pref($link, 'OPEN_LINKS_IN_NEW_WINDOW')) {
552 $link_target = "target=\"_new\"";
553 }
554
555 $line = db_fetch_assoc($result);
556
557 if ($line["icon_url"]) {
558 $feed_icon = "<img class=\"feedIcon\" src=\"" . $line["icon_url"] . "\">";
559 } else {
560 $feed_icon = "&nbsp;";
561 }
562
563 /* if ($line["comments"] && $line["link"] != $line["comments"]) {
564 $entry_comments = "(<a href=\"".$line["comments"]."\">Comments</a>)";
565 } else {
566 $entry_comments = "";
567 } */
568
569 $num_comments = $line["num_comments"];
570 $entry_comments = "";
571
572 if ($num_comments > 0) {
573 if ($line["comments"]) {
574 $comments_url = $line["comments"];
575 } else {
576 $comments_url = $line["link"];
577 }
578 $entry_comments = "<a $link_target href=\"$comments_url\">$num_comments comments</a>";
579 } else {
580 if ($line["comments"] && $line["link"] != $line["comments"]) {
581 $entry_comments = "<a $link_target href=\"".$line["comments"]."\">comments</a>";
582 }
583 }
584
585 print "<div class=\"postReply\">";
586
587 print "<div class=\"postHeader\"><table width=\"100%\">";
588
589 $entry_author = $line["author"];
590
591 if ($entry_author) {
592 $entry_author = " - by $entry_author";
593 }
594
595 print "<tr><td><a $link_target href=\"" . $line["link"] . "\">" . $line["title"] .
596 "</a>$entry_author</td>";
597
598 $parsed_updated = date(get_pref($link, 'LONG_DATE_FORMAT'),
599 strtotime($line["updated"]));
600
601 print "<td class=\"postDate$rtl_class\">$parsed_updated</td>";
602
603 print "</tr>";
604
605 $tmp_result = db_query($link, "SELECT DISTINCT tag_name FROM
606 ttrss_tags WHERE post_int_id = " . $line["int_id"] . "
607 ORDER BY tag_name");
608
609 $tags_str = "";
610 $f_tags_str = "";
611
612 $num_tags = 0;
613
614 while ($tmp_line = db_fetch_assoc($tmp_result)) {
615 $num_tags++;
616 $tag = $tmp_line["tag_name"];
617 $tag_str = "<a href=\"javascript:parent.viewfeed('$tag')\">$tag</a>, ";
618
619 if ($num_tags == 5) {
620 $tags_str .= "<a href=\"javascript:showBlockElement('allEntryTags')\">...</a>";
621 } else if ($num_tags < 5) {
622 $tags_str .= $tag_str;
623 }
624 $f_tags_str .= $tag_str;
625 }
626
627 $tags_str = preg_replace("/, $/", "", $tags_str);
628 $f_tags_str = preg_replace("/, $/", "", $f_tags_str);
629
630 // $truncated_link = truncate_string($line["link"], 60);
631
632 if ($tags_str || $entry_comments) {
633 print "<tr><td width='50%'>
634 $entry_comments</td>
635 <td align=\"right\">$tags_str</td></tr>";
636 }
637
638 print "</table></div>";
639
640 print "<div class=\"postIcon\">" . $feed_icon . "</div>";
641 print "<div class=\"postContent\">";
642
643 if (db_num_rows($tmp_result) > 5) {
644 print "<div id=\"allEntryTags\">Tags: $f_tags_str</div>";
645 }
646
647 if (get_pref($link, 'OPEN_LINKS_IN_NEW_WINDOW')) {
648 $line["content"] = preg_replace("/href=/i", "target=\"_new\" href=", $line["content"]);
649 }
650
651 print $line["content"] . "</div>";
652
653 print "</div>";
654
655 print "<script type=\"text/javascript\">
656 try {
657 parent.update_all_counters('$feed_id');
658 } catch (e) {
659 exception_error('view/footer', e);
660 }
661 </script>";
662 }
663
664 print "</body></html>";
665 }
666
667 if ($op == "viewfeed") {
668
669 $feed = db_escape_string($_GET["feed"]);
670 $subop = db_escape_string($_GET["subop"]);
671 $view_mode = db_escape_string($_GET["view_mode"]);
672 $limit = db_escape_string($_GET["limit"]);
673 $cat_view = db_escape_string($_GET["cat"]);
674 $next_unread_feed = db_escape_string($_GET["nuf"]);
675
676 if ($subop == "undefined") $subop = "";
677
678 print "<html><head>
679 <title>Tiny Tiny RSS : Feed $feed</title>
680 <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">";
681
682 $user_theme = $_SESSION["theme"];
683 if ($user_theme) {
684 print "<link rel=\"stylesheet\" type=\"text/css\"
685 href=\"themes/$user_theme/theme.css\">";
686 }
687
688 if (get_pref($link, 'USE_COMPACT_STYLESHEET')) {
689 print "<link rel=\"stylesheet\"
690 type=\"text/css\" href=\"tt-rss_compact.css\"/>";
691
692 } else {
693 print "<link title=\"Compact Stylesheet\" rel=\"alternate stylesheet\"
694 type=\"text/css\" href=\"tt-rss_compact.css\"/>";
695 }
696
697 if ($subop == "ForceUpdate" && sprintf("%d", $feed) > 0) {
698 update_generic_feed($link, $feed, $cat_view);
699 }
700
701 if ($subop == "MarkAllRead") {
702 catchup_feed($link, $feed, $cat_view);
703
704 if (get_pref($link, 'ON_CATCHUP_SHOW_NEXT_FEED')) {
705 if ($next_unread_feed) {
706 $feed = $next_unread_feed;
707 }
708 }
709 }
710
711 if ($feed_id > 0) {
712 $result = db_query($link,
713 "SELECT id FROM ttrss_feeds WHERE id = '$feed' LIMIT 1");
714
715 if (db_num_rows($result) == 0) {
716 print "<div align='center'>
717 Feed not found.</div>";
718 return;
719 }
720 }
721
722 if (preg_match("/^-?[0-9][0-9]*$/", $feed) != false) {
723
724 $result = db_query($link, "SELECT rtl_content FROM ttrss_feeds
725 WHERE id = '$feed' AND owner_uid = " . $_SESSION["uid"]);
726
727 if (db_num_rows($result) == 1) {
728 $rtl_content = sql_bool_to_bool(db_fetch_result($result, 0, "rtl_content"));
729 } else {
730 $rtl_content = false;
731 }
732
733 if ($rtl_content) {
734 $rtl_tag = "dir=\"RTL\"";
735 } else {
736 $rtl_tag = "";
737 }
738 } else {
739 $rtl_tag = "";
740 $rtl_content = false;
741 }
742
743 $script_dt_add = get_script_dt_add();
744
745 print "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
746 <script type=\"text/javascript\" src=\"prototype.js\"></script>
747 <script type=\"text/javascript\" src=\"functions.js?$script_dt_add\"></script>
748 <script type=\"text/javascript\" src=\"viewfeed.js?$script_dt_add\"></script>
749 <!--[if gte IE 5.5000]>
750 <script type=\"text/javascript\" src=\"pngfix.js\"></script>
751 <link rel=\"stylesheet\" type=\"text/css\" href=\"tt-rss-ie.css\">
752 <![endif]-->
753 </head><body $rtl_tag>
754 <script type=\"text/javascript\">
755 if (document.addEventListener) {
756 document.addEventListener(\"DOMContentLoaded\", init, null);
757 }
758 window.onload = init;
759 </script>";
760
761 /// START /////////////////////////////////////////////////////////////////////////////////
762
763 $search = db_escape_string($_GET["query"]);
764 $search_mode = db_escape_string($_GET["search_mode"]);
765 $match_on = db_escape_string($_GET["match_on"]);
766
767 if (!$match_on) {
768 $match_on = "both";
769 }
770
771 $qfh_ret = queryFeedHeadlines($link, $feed, $limit, $view_mode, $cat_view, $search, $search_mode, $match_on);
772
773 $result = $qfh_ret[0];
774 $feed_title = $qfh_ret[1];
775 $feed_site_url = $qfh_ret[2];
776 $last_error = $qfh_ret[3];
777
778 /// STOP //////////////////////////////////////////////////////////////////////////////////
779
780 print "<div id=\"headlinesContainer\">";
781
782 if (!$result) {
783 print "<div align='center'>
784 Could not display feed (query failed). Please check label match syntax or local configuration.</div>";
785 return;
786 }
787
788 function print_headline_subtoolbar($link, $feed_site_url, $feed_title,
789 $bottom = false, $rtl_content = false, $feed_id = 0,
790 $is_cat = false, $search = false, $match_on = false,
791 $search_mode = false) {
792
793 if (!$bottom) {
794 $class = "headlinesSubToolbar";
795 $tid = "headlineActionsTop";
796 } else {
797 $class = "invisible";
798 $tid = "headlineActionsBottom";
799 }
800
801 print "<table class=\"$class\" id=\"$tid\"
802 width=\"100%\" cellspacing=\"0\" cellpadding=\"0\"><tr>";
803
804 if ($rtl_content) {
805 $rtl_cpart = "RTL";
806 } else {
807 $rtl_cpart = "";
808 }
809
810 if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
811
812 print "<td class=\"headlineActions$rtl_cpart\">
813 Select:
814 <a href=\"javascript:selectTableRowsByIdPrefix('headlinesList', 'RROW-', 'RCHK-', true, '', true)\">All</a>,
815 <a href=\"javascript:selectTableRowsByIdPrefix('headlinesList', 'RROW-', 'RCHK-', true, 'Unread', true)\">Unread</a>,
816 <a href=\"javascript:selectTableRowsByIdPrefix('headlinesList', 'RROW-', 'RCHK-', false)\">None</a>
817 &nbsp;&nbsp;
818 Toggle: <a href=\"javascript:selectionToggleUnread()\">Unread</a>,
819 <a href=\"javascript:selectionToggleMarked()\">Starred</a>";
820
821 print "</td>";
822
823 if ($search && $feed_id > 0 && get_pref($link, 'ENABLE_LABELS') && GLOBAL_ENABLE_LABELS) {
824 print "<td class=\"headlineActions$rtl_cpart\">
825 <a href=\"javascript:labelFromSearch('$search', '$search_mode',
826 '$match_on', '$feed_id', '$is_cat');\">
827 Convert this search to label</a></td>";
828 }
829
830 } else {
831
832 print "<td class=\"headlineActions$rtl_cpart\">
833 Select:
834 <a href=\"javascript:cdmSelectArticles('all')\">All</a>,
835 <a href=\"javascript:cdmSelectArticles('unread')\">Unread</a>,
836 <a href=\"javascript:cdmSelectArticles('none')\">None</a>
837 &nbsp;&nbsp;
838 Toggle: <a href=\"javascript:selectionToggleUnread(true)\">Unread</a>,
839 <a href=\"javascript:selectionToggleMarked(true)\">Starred</a>";
840
841 print "</td>";
842
843 }
844
845 print "<td class=\"headlineTitle$rtl_cpart\">";
846
847 if ($feed_site_url) {
848 if (!$bottom) {
849 $target = "target=\"_blank\"";
850 }
851 print "<a $target href=\"$feed_site_url\">$feed_title</a>";
852 } else {
853 print $feed_title;
854 }
855
856 if ($search) {
857 $search_q = "&q=$search&m=$match_on&smode=$search_mode";
858 }
859
860 if (!$bottom) {
861 print "&nbsp;
862 <a target=\"_new\"
863 href=\"backend.php?op=rss&id=$feed_id&is_cat=$is_cat$search_q\"
864 <img class=\"noborder\"
865 alt=\"Generated feed\" src=\"images/feed-icon-12x12.png\">
866 </a>";
867 }
868
869 print "</td>";
870 print "</tr></table>";
871
872 }
873
874 if (db_num_rows($result) > 0) {
875
876 print_headline_subtoolbar($link, $feed_site_url, $feed_title, false,
877 $rtl_content, $feed, $cat_view, $search, $match_on, $search_mode);
878
879 if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
880 print "<table class=\"headlinesList\" id=\"headlinesList\"
881 cellspacing=\"0\" width=\"100%\">";
882 }
883
884 $lnum = 0;
885
886 error_reporting (DEFAULT_ERROR_LEVEL);
887
888 $num_unread = 0;
889
890 while ($line = db_fetch_assoc($result)) {
891
892 $class = ($lnum % 2) ? "even" : "odd";
893
894 $id = $line["id"];
895 $feed_id = $line["feed_id"];
896
897 if ($line["last_read"] == "" &&
898 ($line["unread"] != "t" && $line["unread"] != "1")) {
899
900 $update_pic = "<img id='FUPDPIC-$id' src=\"images/updated.png\"
901 alt=\"Updated\">";
902 } else {
903 $update_pic = "<img id='FUPDPIC-$id' src=\"images/blank_icon.gif\"
904 alt=\"Updated\">";
905 }
906
907 if ($line["unread"] == "t" || $line["unread"] == "1") {
908 $class .= "Unread";
909 ++$num_unread;
910 $is_unread = true;
911 } else {
912 $is_unread = false;
913 }
914
915 if ($line["marked"] == "t" || $line["marked"] == "1") {
916 $marked_pic = "<img id=\"FMARKPIC-$id\" src=\"images/mark_set.png\"
917 alt=\"Reset mark\" onclick='javascript:toggleMark($id)'>";
918 } else {
919 $marked_pic = "<img id=\"FMARKPIC-$id\" src=\"images/mark_unset.png\"
920 alt=\"Set mark\" onclick='javascript:toggleMark($id)'>";
921 }
922
923 $content_link = "<a href=\"javascript:view($id,$feed_id);\">" .
924 $line["title"] . "</a>";
925
926 if (get_pref($link, 'HEADLINES_SMART_DATE')) {
927 $updated_fmt = smart_date_time(strtotime($line["updated"]));
928 } else {
929 $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
930 $updated_fmt = date($short_date, strtotime($line["updated"]));
931 }
932
933 if (get_pref($link, 'SHOW_CONTENT_PREVIEW')) {
934 $content_preview = truncate_string(strip_tags($line["content_preview"]),
935 100);
936 }
937
938 if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
939
940 print "<tr class='$class' id='RROW-$id'>";
941
942 print "<td class='hlUpdatePic'>$update_pic</td>";
943
944 print "<td class='hlSelectRow'>
945 <input type=\"checkbox\" onclick=\"toggleSelectRow(this)\"
946 class=\"feedCheckBox\" id=\"RCHK-$id\">
947 </td>";
948
949 print "<td class='hlMarkedPic'>$marked_pic</td>";
950
951 if ($line["feed_title"]) {
952 print "<td class='hlContent'>$content_link</td>";
953 print "<td class='hlFeed'>
954 <a href='javascript:viewfeed($feed_id)'>".
955 $line["feed_title"]."</a>&nbsp;</td>";
956 } else {
957 print "<td class='hlContent' valign='middle'>";
958
959 print "<a href=\"javascript:view($id,$feed_id);\">" .
960 $line["title"];
961
962 if (get_pref($link, 'SHOW_CONTENT_PREVIEW') && !$rtl_tag) {
963 if ($content_preview) {
964 print "<span class=\"contentPreview\"> - $content_preview</span>";
965 }
966 }
967
968 print "</a>";
969 print "</td>";
970 }
971
972 print "<td class=\"hlUpdated\"><nobr>$updated_fmt&nbsp;</nobr></td>";
973
974 print "</tr>";
975
976 } else {
977
978 if ($is_unread) {
979 $add_class = "Unread";
980 } else {
981 $add_class = "";
982 }
983
984 print "<div class=\"cdmArticle$add_class\" id=\"RROW-$id\">";
985
986 print "<div class=\"cdmHeader\">";
987
988 print "<div style=\"float : right\">$updated_fmt,
989 <a class=\"cdmToggleLink\"
990 href=\"javascript:toggleUnread($id)\">Toggle unread</a>
991 </div>";
992
993 print "<a class=\"title\"
994 onclick=\"javascript:toggleUnread($id, 0)\"
995 target=\"new\" href=\"".$line["link"]."\">".$line["title"]."</a>";
996
997 if ($line["feed_title"]) {
998 print "&nbsp;(<a href='javascript:viewfeed($feed_id)'>".$line["feed_title"]."</a>)";
999 }
1000
1001 print "</div>";
1002
1003 print "<div class=\"cdmContent\">" . $line["content_preview"] . "</div><br clear=\"all\">";
1004
1005 print "<div style=\"float : right\">$marked_pic</div>
1006 <div lass=\"cdmFooter\">
1007 <input type=\"checkbox\" onclick=\"toggleSelectRowById(this,
1008 'RROW-$id')\" class=\"feedCheckBox\" id=\"RCHK-$id\"></div>";
1009
1010 # print "<div align=\"center\"><a class=\"cdmToggleLink\"
1011 # href=\"javascript:toggleUnread($id)\">
1012 # Toggle unread</a></div>";
1013
1014 print "</div>";
1015
1016 }
1017
1018 ++$lnum;
1019 }
1020
1021 if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
1022 print "</table>";
1023 }
1024
1025 print_headline_subtoolbar($link,
1026 "javascript:catchupPage()", "Mark page as read", true, $rtl_content);
1027
1028
1029 } else {
1030 print "<div width='100%' align='center'>No articles found.</div>";
1031 }
1032
1033 print "</div>";
1034
1035 print "
1036 <script type=\"text/javascript\">
1037 try {
1038 document.onkeydown = hotkey_handler;
1039 try {
1040 parent.update_all_counters(\"$feed\");
1041 } catch (e) {
1042 // this is workaround against mysterious permission
1043 // denied feature/bug of firefox (ticket #73)
1044 // if call from this context failed - ignore silently
1045 exception_error(\"viewfeed/footer1/counters\", e, true);
1046 }
1047 } catch (e) {
1048 exception_error(\"viewfeed/footer1\", e);
1049 }
1050
1051 /* for IE */
1052 function statechange() {
1053 if (document.readyState == \"interactive\") init();
1054 }
1055
1056 if (document.readyState) {
1057 if (document.readyState == \"interactive\" || document.readyState == \"complete\") {
1058 init();
1059 } else {
1060 document.onreadystatechange = statechange;
1061 }
1062 }
1063 </script>";
1064
1065 print "</body></html>";
1066 }
1067
1068 if ($op == "pref-feeds") {
1069
1070 $subop = $_REQUEST["subop"];
1071 $quiet = $_REQUEST["quiet"];
1072
1073 if ($subop == "massSubscribe") {
1074 $ids = split(",", db_escape_string($_GET["ids"]));
1075
1076 $subscribed = array();
1077
1078 foreach ($ids as $id) {
1079 $result = db_query($link, "SELECT feed_url,title FROM ttrss_feeds
1080 WHERE id = '$id'");
1081
1082 $feed_url = db_fetch_result($result, 0, "feed_url");
1083 $title = db_fetch_result($result, 0, "title");
1084
1085 $result = db_query($link, "SELECT id FROM ttrss_feeds WHERE
1086 feed_url = '$feed_url' AND owner_uid = " . $_SESSION["uid"]);
1087
1088 if (db_num_rows($result) == 0) {
1089 $result = db_query($link,
1090 "INSERT INTO ttrss_feeds (owner_uid,feed_url,title,cat_id)
1091 VALUES ('".$_SESSION["uid"]."', '$feed_url', '$title', NULL)");
1092
1093 array_push($subscribed, $title);
1094 }
1095 }
1096
1097 if (count($subscribed) > 0) {
1098 print "<div class=\"notice\">";
1099 print "<b>Subscribed to feeds:</b>";
1100 print "<ul class=\"nomarks\">";
1101 foreach ($subscribed as $title) {
1102 print "<li>$title</li>";
1103 }
1104 print "</ul>";
1105 print "</div>";
1106 }
1107 }
1108
1109 if ($subop == "browse") {
1110
1111 if (!ENABLE_FEED_BROWSER) {
1112 print "Feed browser is administratively disabled.";
1113 return;
1114 }
1115
1116 print "<div id=\"infoBoxTitle\">Other feeds: Top 25</div>";
1117
1118 print "<div class=\"infoBoxContents\">";
1119
1120 print "<p>Showing top 25 registered feeds, sorted by popularity:</p>";
1121
1122 # $result = db_query($link, "SELECT feed_url,count(id) AS subscribers
1123 # FROM ttrss_feeds
1124 # WHERE auth_login = '' AND auth_pass = '' AND private = false
1125 # GROUP BY feed_url ORDER BY subscribers DESC LIMIT 25");
1126
1127 $owner_uid = $_SESSION["uid"];
1128
1129 $result = db_query($link, "SELECT feed_url,COUNT(id) AS subscribers
1130 FROM ttrss_feeds WHERE (SELECT COUNT(id) = 0 FROM ttrss_feeds AS tf
1131 WHERE tf.feed_url = ttrss_feeds.feed_url
1132 AND owner_uid = '$owner_uid') GROUP BY feed_url
1133 ORDER BY subscribers DESC LIMIT 25");
1134
1135 print "<ul class='browseFeedList' id='browseFeedList'>";
1136
1137 $feedctr = 0;
1138
1139 while ($line = db_fetch_assoc($result)) {
1140 $feed_url = $line["feed_url"];
1141 $subscribers = $line["subscribers"];
1142
1143 $det_result = db_query($link, "SELECT site_url,title,id
1144 FROM ttrss_feeds WHERE feed_url = '$feed_url' LIMIT 1");
1145
1146 $details = db_fetch_assoc($det_result);
1147
1148 $icon_file = ICONS_DIR . "/" . $details["id"] . ".ico";
1149
1150 if (file_exists($icon_file) && filesize($icon_file) > 0) {
1151 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"" . ICONS_URL .
1152 "/".$details["id"].".ico\">";
1153 } else {
1154 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
1155 }
1156
1157 $check_box = "<input onclick='toggleSelectListRow(this)' class='feedBrowseCB'
1158 type=\"checkbox\" id=\"FBCHK-" . $details["id"] . "\">";
1159
1160 $class = ($feedctr % 2) ? "even" : "odd";
1161
1162 print "<li class='$class' id=\"FBROW-".$details["id"]."\">$check_box".
1163 "$feed_icon " . db_unescape_string($details["title"]) .
1164 "&nbsp;<span class='subscribers'>($subscribers)</span></li>";
1165
1166 ++$feedctr;
1167 }
1168
1169 if ($feedctr == 0) {
1170 print "<li>No feeds found to subscribe.</li>";
1171 }
1172
1173 print "</ul>";
1174
1175 print "<div align='center'>
1176 <input type=\"submit\" class=\"button\"
1177 onclick=\"feedBrowserSubscribe()\" value=\"Subscribe\">
1178 <input type='submit' class='button'
1179 onclick=\"closeInfoBox()\" value=\"Cancel\"></div>";
1180
1181 print "</div>";
1182 return;
1183 }
1184
1185 if ($subop == "editfeed") {
1186 $feed_id = db_escape_string($_REQUEST["id"]);
1187
1188 $result = db_query($link,
1189 "SELECT * FROM ttrss_feeds WHERE id = '$feed_id' AND
1190 owner_uid = " . $_SESSION["uid"]);
1191
1192 $title = htmlspecialchars(db_unescape_string(db_fetch_result($result,
1193 0, "title")));
1194
1195 $icon_file = ICONS_DIR . "/$feed_id.ico";
1196
1197 if (file_exists($icon_file) && filesize($icon_file) > 0) {
1198 $feed_icon = "<img width=\"16\" height=\"16\"
1199 src=\"" . ICONS_URL . "/$feed_id.ico\">";
1200 } else {
1201 $feed_icon = "";
1202 }
1203
1204 print "<div id=\"infoBoxTitle\">Feed editor</div>";
1205
1206 print "<div class=\"infoBoxContents\">";
1207
1208 print "<form id=\"edit_feed_form\">";
1209
1210 print "<input type=\"hidden\" name=\"id\" value=\"$feed_id\">";
1211 print "<input type=\"hidden\" name=\"op\" value=\"pref-feeds\">";
1212 print "<input type=\"hidden\" name=\"subop\" value=\"editSave\">";
1213
1214 print "<table width='100%'>";
1215
1216 print "<tr><td>Title:</td>";
1217 print "<td><input class=\"iedit\" onkeypress=\"return filterCR(event)\"
1218 name=\"title\" value=\"$title\"></td></tr>";
1219
1220 $feed_url = db_fetch_result($result, 0, "feed_url");
1221 $feed_url = htmlspecialchars(db_unescape_string(db_fetch_result($result,
1222 0, "feed_url")));
1223
1224 print "<tr><td>Feed URL:</td>";
1225 print "<td><input class=\"iedit\" onkeypress=\"return filterCR(event)\"
1226 name=\"feed_url\" value=\"$feed_url\"></td></tr>";
1227
1228 if (get_pref($link, 'ENABLE_FEED_CATS')) {
1229
1230 $cat_id = db_fetch_result($result, 0, "cat_id");
1231
1232 print "<tr><td>Category:</td>";
1233 print "<td>";
1234
1235 print_feed_cat_select($link, "cat_id", $cat_id, "class=\"iedit\"");
1236
1237 print "</td>";
1238 print "</td></tr>";
1239
1240 }
1241
1242 $update_interval = db_fetch_result($result, 0, "update_interval");
1243
1244 print "<tr><td>Update Interval:</td>";
1245
1246 print "<td>";
1247
1248 print_select_hash("update_interval", $update_interval, $update_intervals,
1249 "class=\"iedit\"");
1250
1251 print "</td>";
1252
1253 print "<tr><td>Link to:</td><td>";
1254
1255 $tmp_result = db_query($link, "SELECT COUNT(id) AS count
1256 FROM ttrss_feeds WHERE parent_feed = '$feed_id'");
1257
1258 $linked_count = db_fetch_result($tmp_result, 0, "count");
1259
1260 $parent_feed = db_fetch_result($result, 0, "parent_feed");
1261
1262 if ($linked_count > 0) {
1263 $disabled = "disabled";
1264 }
1265
1266 print "<select class=\"iedit\" $disabled name=\"parent_feed\">";
1267
1268 print "<option value=\"0\">Not linked</option>";
1269
1270 if (get_pref($link, 'ENABLE_FEED_CATS')) {
1271 if ($cat_id) {
1272 $cat_qpart = "AND cat_id = '$cat_id'";
1273 } else {
1274 $cat_qpart = "AND cat_id IS NULL";
1275 }
1276 }
1277
1278 $tmp_result = db_query($link, "SELECT id,title FROM ttrss_feeds
1279 WHERE id != '$feed_id' AND owner_uid = ".$_SESSION["uid"]."
1280 $cat_qpart ORDER BY title");
1281
1282 if (db_num_rows($tmp_result) > 0) {
1283 print "<option disabled>--------</option>";
1284 }
1285
1286 while ($tmp_line = db_fetch_assoc($tmp_result)) {
1287 if ($tmp_line["id"] == $parent_feed) {
1288 $is_selected = "selected";
1289 } else {
1290 $is_selected = "";
1291 }
1292 printf("<option $is_selected value='%d'>%s</option>",
1293 $tmp_line["id"], $tmp_line["title"]);
1294 }
1295
1296 print "</select>";
1297 print "</td></tr>";
1298
1299 $purge_interval = db_fetch_result($result, 0, "purge_interval");
1300
1301 print "<tr><td>Article purging:</td>";
1302
1303 print "<td>";
1304
1305 print_select_hash("purge_interval", $purge_interval, $purge_intervals,
1306 "class=\"iedit\"");
1307
1308 print "</td>";
1309
1310 $auth_login = db_fetch_result($result, 0, "auth_login");
1311
1312 print "<tr><td>Login:</td>";
1313 print "<td><input class=\"iedit\" onkeypress=\"return filterCR(event)\"
1314 name=\"auth_login\" value=\"$auth_login\"></td></tr>";
1315
1316 $auth_pass = db_fetch_result($result, 0, "auth_pass");
1317
1318 print "<tr><td>Password:</td>";
1319 print "<td><input class=\"iedit\" type=\"password\" name=\"auth_pass\"
1320 onkeypress=\"return filterCR(event)\"
1321 value=\"$auth_pass\"></td></tr>";
1322
1323 $private = sql_bool_to_bool(db_fetch_result($result, 0, "private"));
1324
1325 if ($private) {
1326 $checked = "checked";
1327 } else {
1328 $checked = "";
1329 }
1330
1331 print "<tr><td valign='top'>Options:</td>";
1332 print "<td><input type=\"checkbox\" name=\"private\" id=\"private\"
1333 $checked><label for=\"private\">Hide from \"Other Feeds\"</label>";
1334
1335 $rtl_content = sql_bool_to_bool(db_fetch_result($result, 0, "rtl_content"));
1336
1337 if ($rtl_content) {
1338 $checked = "checked";
1339 } else {
1340 $checked = "";
1341 }
1342
1343 print "<br><input type=\"checkbox\" id=\"rtl_content\" name=\"rtl_content\"
1344 $checked><label for=\"rtl_content\">Right-to-left content</label>";
1345
1346 $hidden = sql_bool_to_bool(db_fetch_result($result, 0, "hidden"));
1347
1348 if ($hidden) {
1349 $checked = "checked";
1350 } else {
1351 $checked = "";
1352 }
1353
1354 print "<br><input type=\"checkbox\" id=\"hidden\" name=\"hidden\"
1355 $checked><label for=\"hidden\">Hide from my feed list</label>";
1356
1357 print "</td></tr>";
1358
1359 print "</table>";
1360
1361 print "</form>";
1362
1363 print "<div align='right'>
1364 <input type=\"submit\" class=\"button\"
1365 onclick=\"return feedEditSave()\" value=\"Save\">
1366 <input type='submit' class='button'
1367 onclick=\"return feedEditCancel()\" value=\"Cancel\"></div>";
1368
1369 print "</div>";
1370
1371 return;
1372 }
1373
1374 if ($subop == "editSave") {
1375
1376 $feed_title = db_escape_string(trim($_POST["title"]));
1377 $feed_link = db_escape_string(trim($_POST["feed_url"]));
1378 $upd_intl = db_escape_string($_POST["update_interval"]);
1379 $purge_intl = db_escape_string($_POST["purge_interval"]);
1380 $feed_id = db_escape_string($_POST["id"]);
1381 $cat_id = db_escape_string($_POST["cat_id"]);
1382 $auth_login = db_escape_string(trim($_POST["auth_login"]));
1383 $auth_pass = db_escape_string(trim($_POST["auth_pass"]));
1384 $parent_feed = db_escape_string($_POST["parent_feed"]);
1385 $private = checkbox_to_sql_bool(db_escape_string($_POST["private"]));
1386 $rtl_content = checkbox_to_sql_bool(db_escape_string($_POST["rtl_content"]));
1387 $hidden = checkbox_to_sql_bool(db_escape_string($_POST["hidden"]));
1388
1389 if (get_pref($link, 'ENABLE_FEED_CATS')) {
1390 if ($cat_id && $cat_id != 0) {
1391 $category_qpart = "cat_id = '$cat_id',";
1392 } else {
1393 $category_qpart = 'cat_id = NULL,';
1394 }
1395 } else {
1396 $category_qpart = "";
1397 }
1398
1399 if ($parent_feed && $parent_feed != 0) {
1400 $parent_qpart = "parent_feed = '$parent_feed',";
1401 } else {
1402 $parent_qpart = 'parent_feed = NULL,';
1403 }
1404
1405 $result = db_query($link, "UPDATE ttrss_feeds SET
1406 $category_qpart
1407 $parent_qpart
1408 title = '$feed_title', feed_url = '$feed_link',
1409 update_interval = '$upd_intl',
1410 purge_interval = '$purge_intl',
1411 auth_login = '$auth_login',
1412 auth_pass = '$auth_pass',
1413 private = $private,
1414 rtl_content = $rtl_content,
1415 hidden = $hidden
1416 WHERE id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]);
1417 }
1418
1419 if ($subop == "saveCat") {
1420 $cat_title = db_escape_string(trim($_GET["title"]));
1421 $cat_id = db_escape_string($_GET["id"]);
1422
1423 $result = db_query($link, "UPDATE ttrss_feed_categories SET
1424 title = '$cat_title' WHERE id = '$cat_id' AND owner_uid = ".$_SESSION["uid"]);
1425
1426 }
1427
1428 if ($subop == "remove") {
1429
1430 if (!WEB_DEMO_MODE) {
1431
1432 $ids = split(",", db_escape_string($_GET["ids"]));
1433
1434 foreach ($ids as $id) {
1435
1436 if ($id > 0) {
1437
1438 db_query($link, "DELETE FROM ttrss_feeds
1439 WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
1440
1441 $icons_dir = ICONS_DIR;
1442
1443 if (file_exists($icons_dir . "/$id.ico")) {
1444 unlink($icons_dir . "/$id.ico");
1445 }
1446 } else if ($id < -10) {
1447
1448 $label_id = -$id - 11;
1449
1450 db_query($link, "DELETE FROM ttrss_labels
1451 WHERE id = '$label_id' AND owner_uid = " . $_SESSION["uid"]);
1452 }
1453 }
1454 }
1455 }
1456
1457 if ($subop == "add") {
1458
1459 if (!WEB_DEMO_MODE) {
1460
1461 $feed_url = db_escape_string(trim($_GET["feed_url"]));
1462 $cat_id = db_escape_string($_GET["cat_id"]);
1463
1464 if (subscribe_to_feed($link, $feed_url, $cat_id)) {
1465 print "Added feed.";
1466 } else {
1467 print "<div class=\"warning\">
1468 Feed <b>$feed_url</b> already exists in the database.
1469 </div>";
1470 }
1471 }
1472 }
1473
1474 if ($subop == "addCat") {
1475
1476 if (!WEB_DEMO_MODE) {
1477
1478 $feed_cat = db_escape_string(trim($_GET["cat"]));
1479
1480 $result = db_query($link,
1481 "SELECT id FROM ttrss_feed_categories
1482 WHERE title = '$feed_cat' AND owner_uid = ".$_SESSION["uid"]);
1483
1484 if (db_num_rows($result) == 0) {
1485
1486 $result = db_query($link,
1487 "INSERT INTO ttrss_feed_categories (owner_uid,title)
1488 VALUES ('".$_SESSION["uid"]."', '$feed_cat')");
1489
1490 } else {
1491
1492 print "<div class=\"warning\">
1493 Category <b>$feed_cat</b> already exists in the database.
1494 </div>";
1495 }
1496
1497
1498 }
1499 }
1500
1501 if ($subop == "removeCats") {
1502
1503 if (!WEB_DEMO_MODE) {
1504
1505 $ids = split(",", db_escape_string($_GET["ids"]));
1506
1507 foreach ($ids as $id) {
1508
1509 db_query($link, "BEGIN");
1510
1511 $result = db_query($link,
1512 "SELECT count(id) as num_feeds FROM ttrss_feeds
1513 WHERE cat_id = '$id'");
1514
1515 $num_feeds = db_fetch_result($result, 0, "num_feeds");
1516
1517 if ($num_feeds == 0) {
1518 db_query($link, "DELETE FROM ttrss_feed_categories
1519 WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
1520 } else {
1521
1522 print "<div class=\"warning\">
1523 Unable to delete non empty feed categories.</div>";
1524
1525 }
1526
1527 db_query($link, "COMMIT");
1528 }
1529 }
1530 }
1531
1532 if ($subop == "categorize") {
1533
1534 if (!WEB_DEMO_MODE) {
1535
1536 $ids = split(",", db_escape_string($_GET["ids"]));
1537
1538 $cat_id = db_escape_string($_GET["cat_id"]);
1539
1540 if ($cat_id == 0) {
1541 $cat_id_qpart = 'NULL';
1542 } else {
1543 $cat_id_qpart = "'$cat_id'";
1544 }
1545
1546 db_query($link, "BEGIN");
1547
1548 foreach ($ids as $id) {
1549
1550 db_query($link, "UPDATE ttrss_feeds SET cat_id = $cat_id_qpart
1551 WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
1552 }
1553
1554 db_query($link, "COMMIT");
1555 }
1556
1557 }
1558
1559 if ($quiet) return;
1560
1561 // print "<h3>Edit Feeds</h3>";
1562
1563 $result = db_query($link, "SELECT id,title,feed_url,last_error
1564 FROM ttrss_feeds WHERE last_error != '' AND owner_uid = ".$_SESSION["uid"]);
1565
1566 if (db_num_rows($result) > 0) {
1567
1568 print "<div class=\"warning\">";
1569
1570 // print"<img class=\"closeButton\"
1571 // onclick=\"javascript:hideParentElement(this);\" src=\"images/close.png\">";
1572
1573 print "<a href=\"javascript:showBlockElement('feedUpdateErrors')\">
1574 <b>Some feeds have update errors (click for details)</b></a>";
1575
1576 print "<ul id=\"feedUpdateErrors\" class=\"nomarks\">";
1577
1578 while ($line = db_fetch_assoc($result)) {
1579 print "<li>" . $line["title"] . " (" . $line["feed_url"] . "): " .
1580 $line["last_error"];
1581 }
1582
1583 print "</ul>";
1584 print "</div>";
1585
1586 }
1587
1588 $feed_search = db_escape_string($_GET["search"]);
1589
1590 if (array_key_exists("search", $_GET)) {
1591 $_SESSION["prefs_feed_search"] = $feed_search;
1592 } else {
1593 $feed_search = $_SESSION["prefs_feed_search"];
1594 }
1595
1596 print "<table width='100%' class=\"prefGenericAddBox\"
1597 cellspacing='0' cellpadding='0'><tr>
1598 <td>
1599 <input id=\"fadd_link\"
1600 onkeyup=\"toggleSubmitNotEmpty(this, 'fadd_submit_btn')\"
1601 size=\"40\">
1602 <input type=\"submit\" class=\"button\"
1603 disabled=\"true\" id=\"fadd_submit_btn\"
1604 onclick=\"addFeed()\" value=\"Subscribe\">";
1605
1606 if (ENABLE_FEED_BROWSER && !SINGLE_USER_MODE) {
1607 print " <input type=\"submit\" class=\"button\"
1608 onclick=\"javascript:browseFeeds()\" value=\"Top 25\">";
1609 }
1610
1611 print "</td><td align='right'>
1612 <input id=\"feed_search\" size=\"20\"
1613 onchange=\"javascript:updateFeedList()\" value=\"$feed_search\">
1614 <input type=\"submit\" class=\"button\"
1615 onclick=\"javascript:updateFeedList()\" value=\"Search\">
1616 </td>
1617 </tr></table>";
1618
1619 $feeds_sort = db_escape_string($_GET["sort"]);
1620
1621 if (!$feeds_sort || $feeds_sort == "undefined") {
1622 $feeds_sort = $_SESSION["pref_sort_feeds"];
1623 if (!$feeds_sort) $feeds_sort = "title";
1624 }
1625
1626 $_SESSION["pref_sort_feeds"] = $feeds_sort;
1627
1628 if ($feed_search) {
1629 $search_qpart = "(UPPER(F1.title) LIKE UPPER('%$feed_search%') OR
1630 UPPER(F1.feed_url) LIKE UPPER('%$feed_search%')) AND";
1631 } else {
1632 $search_qpart = "";
1633 }
1634
1635 if (get_pref($link, 'ENABLE_FEED_CATS')) {
1636 $order_by_qpart = "category,$feeds_sort,title";
1637 } else {
1638 $order_by_qpart = "$feeds_sort,title";
1639 }
1640
1641 $result = db_query($link, "SELECT
1642 F1.id,
1643 F1.title,
1644 F1.feed_url,
1645 substring(F1.last_updated,1,16) AS last_updated,
1646 F1.parent_feed,
1647 F1.update_interval,
1648 F1.purge_interval,
1649 F1.cat_id,
1650 F2.title AS parent_title,
1651 C1.title AS category,
1652 F1.hidden
1653 FROM
1654 ttrss_feeds AS F1
1655 LEFT JOIN ttrss_feeds AS F2
1656 ON (F1.parent_feed = F2.id)
1657 LEFT JOIN ttrss_feed_categories AS C1
1658 ON (F1.cat_id = C1.id)
1659 WHERE
1660 $search_qpart F1.owner_uid = '".$_SESSION["uid"]."'
1661 ORDER by $order_by_qpart");
1662
1663 if (db_num_rows($result) != 0) {
1664
1665 // print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
1666
1667 print "<p><table width=\"100%\" cellspacing=\"0\"
1668 class=\"prefFeedList\" id=\"prefFeedList\">";
1669 print "<tr><td class=\"selectPrompt\" colspan=\"8\">
1670 Select:
1671 <a href=\"javascript:selectPrefRows('feed', true)\">All</a>,
1672 <a href=\"javascript:selectPrefRows('feed', false)\">None</a>
1673 </td</tr>";
1674
1675 if (!get_pref($link, 'ENABLE_FEED_CATS')) {
1676 print "<tr class=\"title\">
1677 <td width='5%' align='center'>&nbsp;</td>";
1678
1679 if (get_pref($link, 'ENABLE_FEED_ICONS')) {
1680 print "<td width='3%'>&nbsp;</td>";
1681 }
1682
1683 print "
1684 <td width='40%'><a href=\"javascript:updateFeedList('title')\">Title</a></td>
1685 <td width='45%'><a href=\"javascript:updateFeedList('feed_url')\">Feed</a></td>
1686 <td width='15%' align='right'><a href=\"javascript:updateFeedList('last_updated')\">Updated</a></td>";
1687 }
1688
1689 $lnum = 0;
1690
1691 $cur_cat_id = -1;
1692
1693 while ($line = db_fetch_assoc($result)) {
1694
1695 $feed_id = $line["id"];
1696 $cat_id = $line["cat_id"];
1697
1698 $edit_title = htmlspecialchars(db_unescape_string($line["title"]));
1699 $edit_link = htmlspecialchars(db_unescape_string($line["feed_url"]));
1700 $edit_cat = htmlspecialchars(db_unescape_string($line["category"]));
1701
1702 $hidden = sql_bool_to_bool($line["hidden"]);
1703
1704 if (!$edit_cat) $edit_cat = "Uncategorized";
1705
1706 $last_updated = $line["last_updated"];
1707
1708 if (get_pref($link, 'HEADLINES_SMART_DATE')) {
1709 $last_updated = smart_date_time(strtotime($last_updated));
1710 } else {
1711 $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
1712 $last_updated = date($short_date, strtotime($last_updated));
1713 }
1714
1715 if (get_pref($link, 'ENABLE_FEED_CATS') && $cur_cat_id != $cat_id) {
1716 $lnum = 0;
1717
1718 print "<tr><td colspan=\"6\" class=\"feedEditCat\">$edit_cat</td></tr>";
1719
1720 print "<tr class=\"title\">
1721 <td width='5%'>&nbsp;</td>";
1722
1723 if (get_pref($link, 'ENABLE_FEED_ICONS')) {
1724 print "<td width='3%'>&nbsp;</td>";
1725 }
1726
1727 print "<td width='40%'><a href=\"javascript:updateFeedList('title')\">Title</a></td>
1728 <td width='45%'><a href=\"javascript:updateFeedList('feed_url')\">Feed</a></td>
1729 <td width='15%' align='right'><a href=\"javascript:updateFeedList('last_updated')\">Updated</a></td>";
1730
1731 $cur_cat_id = $cat_id;
1732 }
1733
1734 $class = ($lnum % 2) ? "even" : "odd";
1735 $this_row_id = "id=\"FEEDR-$feed_id\"";
1736
1737 print "<tr class=\"$class\" $this_row_id>";
1738
1739 $icon_file = ICONS_DIR . "/$feed_id.ico";
1740
1741 if (file_exists($icon_file) && filesize($icon_file) > 0) {
1742 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"" . ICONS_URL . "/$feed_id.ico\">";
1743 } else {
1744 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
1745 }
1746
1747 print "<td class='feedSelect'><input onclick='toggleSelectPrefRow(this, \"feed\");'
1748 type=\"checkbox\" id=\"FRCHK-".$line["id"]."\"></td>";
1749
1750 if (get_pref($link, 'ENABLE_FEED_ICONS')) {
1751 print "<td class='feedIcon'>$feed_icon</td>";
1752 }
1753
1754 $edit_title = truncate_string($edit_title, 40);
1755 $edit_link = truncate_string($edit_link, 60);
1756
1757 if ($hidden) {
1758 $edit_title = "<span class=\"insensitive\">$edit_title (Hidden)</span>";
1759 $edit_link = "<span class=\"insensitive\">$edit_link</span>";
1760 $last_updated = "<span class=\"insensitive\">$last_updated</span>";
1761 }
1762
1763 $parent_title = $line["parent_title"];
1764 if ($parent_title) {
1765 $parent_title = "<span class='groupPrompt'>(linked to
1766 $parent_title)</span>";
1767 }
1768
1769 print "<td><a href=\"javascript:editFeed($feed_id);\">" .
1770 "$edit_title $parent_title" . "</a></td>";
1771
1772 print "<td><a href=\"javascript:editFeed($feed_id);\">" .
1773 $edit_link . "</a></td>";
1774
1775 print "<td align='right'><a href=\"javascript:editFeed($feed_id);\">" .
1776 "$last_updated</a></td>";
1777
1778 print "</tr>";
1779
1780 ++$lnum;
1781 }
1782
1783 print "</table>";
1784
1785 print "<p><span id=\"feedOpToolbar\">";
1786
1787 if ($subop == "edit") {
1788 print "Edit feed:&nbsp;
1789 <input type=\"submit\" class=\"button\"
1790 onclick=\"javascript:feedEditCancel()\" value=\"Cancel\">
1791 <input type=\"submit\" class=\"button\"
1792 onclick=\"javascript:feedEditSave()\" value=\"Save\">";
1793 } else {
1794
1795 print "
1796 Selection:&nbsp;
1797 <input type=\"submit\" class=\"button\" disabled=\"true\"
1798 onclick=\"javascript:editSelectedFeed()\" value=\"Edit\">
1799 <input type=\"submit\" class=\"button\" disabled=\"true\"
1800 onclick=\"javascript:removeSelectedFeeds()\" value=\"Unsubscribe\">";
1801
1802 if (get_pref($link, 'ENABLE_FEED_CATS')) {
1803
1804 print "&nbsp;|&nbsp;";
1805
1806 print_feed_cat_select($link, "sfeed_set_fcat", "", "disabled");
1807
1808 print " <input type=\"submit\" class=\"button\" disabled=\"true\"
1809 onclick=\"javascript:categorizeSelectedFeeds()\" value=\"Recategorize\">";
1810
1811 }
1812
1813 print "</span>
1814 &nbsp;All feeds: <input type=\"submit\"
1815 class=\"button\" onclick=\"gotoExportOpml()\"
1816 value=\"Export OPML\">";
1817 }
1818 } else {
1819
1820 print "<p>No feeds defined.</p>";
1821
1822 }
1823
1824 if (get_pref($link, 'ENABLE_FEED_CATS')) {
1825
1826 print "<h3>Edit Categories</h3>";
1827
1828 print "<div class=\"prefGenericAddBox\">
1829 <input id=\"fadd_cat\"
1830 onkeyup=\"toggleSubmitNotEmpty(this, 'catadd_submit_btn')\"
1831 size=\"40\">&nbsp;
1832 <input
1833 type=\"submit\" class=\"button\" disabled=\"true\" id=\"catadd_submit_btn\"
1834 onclick=\"javascript:addFeedCat()\" value=\"Create category\"></div>";
1835
1836 $result = db_query($link, "SELECT title,id FROM ttrss_feed_categories
1837 WHERE owner_uid = ".$_SESSION["uid"]."
1838 ORDER BY title");
1839
1840 if (db_num_rows($result) != 0) {
1841
1842 print "<form id=\"feed_cat_edit_form\">";
1843
1844 print "<p><table width=\"100%\" class=\"prefFeedCatList\"
1845 cellspacing=\"0\" id=\"prefFeedCatList\">";
1846
1847 print "<tr><td class=\"selectPrompt\" colspan=\"8\">
1848 Select:
1849 <a href=\"javascript:selectPrefRows('fcat', true)\">All</a>,
1850 <a href=\"javascript:selectPrefRows('fcat', false)\">None</a>
1851 </td</tr>";
1852
1853 print "<tr class=\"title\">
1854 <td width=\"5%\">&nbsp;</td><td width=\"80%\">Title</td>
1855 </tr>";
1856
1857 $lnum = 0;
1858
1859 while ($line = db_fetch_assoc($result)) {
1860
1861 $class = ($lnum % 2) ? "even" : "odd";
1862
1863 $cat_id = $line["id"];
1864
1865 $edit_cat_id = $_GET["id"];
1866
1867 if ($subop == "editCat" && $cat_id != $edit_cat_id) {
1868 $class .= "Grayed";
1869 $this_row_id = "";
1870 } else {
1871 $this_row_id = "id=\"FCATR-$cat_id\"";
1872 }
1873
1874 print "<tr class=\"$class\" $this_row_id>";
1875
1876 $edit_title = htmlspecialchars(db_unescape_string($line["title"]));
1877
1878 if (!$edit_cat_id || $subop != "editCat") {
1879
1880 print "<td align='center'><input onclick='toggleSelectPrefRow(this, \"fcat\");'
1881 type=\"checkbox\" id=\"FCCHK-".$line["id"]."\"></td>";
1882
1883 print "<td><a href=\"javascript:editFeedCat($cat_id);\">" .
1884 $edit_title . "</a></td>";
1885
1886 } else if ($cat_id != $edit_cat_id) {
1887
1888 print "<td align='center'><input disabled=\"true\" type=\"checkbox\"
1889 id=\"FRCHK-".$line["id"]."\"></td>";
1890
1891 print "<td>$edit_title</td>";
1892
1893 } else {
1894
1895 print "<td align='center'><input disabled=\"true\" type=\"checkbox\" checked>";
1896
1897 print "<input type=\"hidden\" name=\"id\" value=\"$cat_id\">";
1898 print "<input type=\"hidden\" name=\"op\" value=\"pref-feeds\">";
1899 print "<input type=\"hidden\" name=\"subop\" value=\"saveCat\">";
1900
1901 print "</td>";
1902
1903 print "<td><input onkeypress=\"return filterCR(event)\"
1904 name=\"title\" class=\"iedit\" value=\"$edit_title\"></td>";
1905
1906 }
1907
1908 print "</tr>";
1909
1910 ++$lnum;
1911 }
1912
1913 print "</table>";
1914
1915 print "</form>";
1916
1917 print "<p id=\"catOpToolbar\">";
1918
1919 if ($subop == "editCat") {
1920 print "Edit category:&nbsp;
1921 <input type=\"submit\" class=\"button\"
1922 onclick=\"return feedCatEditSave()\" value=\"Save\">
1923 <input type=\"submit\" class=\"button\"
1924 onclick=\"return feedCatEditCancel()\" value=\"Cancel\">";
1925 } else {
1926
1927 print "
1928 Selection:&nbsp;
1929 <input type=\"submit\" class=\"button\" disabled=\"true\"
1930 onclick=\"return editSelectedFeedCat()\" value=\"Edit\">
1931 <input type=\"submit\" class=\"button\" disabled=\"true\"
1932 onclick=\"return removeSelectedFeedCats()\" value=\"Remove\">";
1933
1934 }
1935
1936 } else {
1937 print "<p>No feed categories defined.</p>";
1938 }
1939 }
1940
1941 print "<h3>Import OPML</h3>
1942 <form enctype=\"multipart/form-data\" method=\"POST\" action=\"opml.php\">
1943 File: <input id=\"opml_file\" name=\"opml_file\" type=\"file\">&nbsp;
1944 <input class=\"button\" name=\"op\" onclick=\"return validateOpmlImport();\"
1945 type=\"submit\" value=\"Import\">
1946 </form>";
1947
1948 }
1949
1950 if ($op == "pref-filters") {
1951
1952 $subop = $_GET["subop"];
1953 $quiet = $_GET["quiet"];
1954
1955 if ($subop == "edit") {
1956
1957 $filter_id = db_escape_string($_GET["id"]);
1958
1959 $result = db_query($link,
1960 "SELECT * FROM ttrss_filters WHERE id = '$filter_id' AND owner_uid = " . $_SESSION["uid"]);
1961
1962 $reg_exp = htmlspecialchars(db_unescape_string(db_fetch_result($result, 0, "reg_exp")));
1963 $filter_type = db_fetch_result($result, 0, "filter_type");
1964 $feed_id = db_fetch_result($result, 0, "feed_id");
1965 $action_id = db_fetch_result($result, 0, "action_id");
1966
1967 print "<div id=\"infoBoxTitle\">Filter editor</div>";
1968 print "<div class=\"infoBoxContents\">";
1969
1970 print "<form id=\"filter_edit_form\">";
1971
1972 print "<input type=\"hidden\" name=\"op\" value=\"pref-filters\">";
1973 print "<input type=\"hidden\" name=\"id\" value=\"$filter_id\">";
1974 print "<input type=\"hidden\" name=\"subop\" value=\"editSave\">";
1975
1976 // print "<div class=\"notice\"><b>Note:</b> filter will only apply to new articles.</div>";
1977
1978 $result = db_query($link, "SELECT id,description
1979 FROM ttrss_filter_types ORDER BY description");
1980
1981 $filter_types = array();
1982
1983 while ($line = db_fetch_assoc($result)) {
1984 //array_push($filter_types, $line["description"]);
1985 $filter_types[$line["id"]] = $line["description"];
1986 }
1987
1988 print "<table width='100%'>";
1989
1990 print "<tr><td>Match:</td>
1991 <td><input onkeypress=\"return filterCR(event)\"
1992 onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
1993 name=\"reg_exp\" class=\"iedit\" value=\"$reg_exp\">";
1994
1995 print "</td><td>";
1996
1997 print_select_hash("filter_type", $filter_type, $filter_types, "class=\"iedit\"");
1998
1999 print "</td></tr>";
2000 print "<tr><td>Feed:</td><td colspan='2'>";
2001
2002 print_feed_select($link, "feed_id", $feed_id);
2003
2004 print "</td></tr>";
2005
2006 print "<tr><td>Action:</td>";
2007
2008 print "<td colspan='2'><select name=\"action_id\">";
2009
2010 $result = db_query($link, "SELECT id,description FROM ttrss_filter_actions
2011 ORDER BY name");
2012
2013 while ($line = db_fetch_assoc($result)) {
2014 $is_sel = ($line["id"] == $action_id) ? "selected" : "";
2015 printf("<option value='%d' $is_sel>%s</option>", $line["id"], $line["description"]);
2016 }
2017
2018 print "</select>";
2019
2020 print "</td></tr></table>";
2021
2022 print "</form>";
2023
2024 print "<div align='right'>";
2025
2026 print "<input type=\"submit\"
2027 id=\"infobox_submit\"
2028 class=\"button\" onclick=\"return filterEditSave()\"
2029 value=\"Save\"> ";
2030
2031 print "<input class=\"button\"
2032 type=\"submit\" onclick=\"return filterEditCancel()\"
2033 value=\"Cancel\">";
2034
2035 print "</div>";
2036
2037 return;
2038 }
2039
2040
2041 if ($subop == "editSave") {
2042
2043 $reg_exp = db_escape_string(trim($_GET["reg_exp"]));
2044 $filter_type = db_escape_string(trim($_GET["filter_type"]));
2045 $filter_id = db_escape_string($_GET["id"]);
2046 $feed_id = db_escape_string($_GET["feed_id"]);
2047 $action_id = db_escape_string($_GET["action_id"]);
2048
2049 if (!$feed_id) {
2050 $feed_id = 'NULL';
2051 } else {
2052 $feed_id = sprintf("'%s'", db_escape_string($feed_id));
2053 }
2054
2055 $result = db_query($link, "UPDATE ttrss_filters SET
2056 reg_exp = '$reg_exp',
2057 feed_id = $feed_id,
2058 action_id = '$action_id',
2059 filter_type = '$filter_type'
2060 WHERE id = '$filter_id' AND owner_uid = " . $_SESSION["uid"]);
2061 }
2062
2063 if ($subop == "remove") {
2064
2065 if (!WEB_DEMO_MODE) {
2066
2067 $ids = split(",", db_escape_string($_GET["ids"]));
2068
2069 foreach ($ids as $id) {
2070 db_query($link, "DELETE FROM ttrss_filters WHERE id = '$id' AND owner_uid = ". $_SESSION["uid"]);
2071
2072 }
2073 }
2074 }
2075
2076 if ($subop == "add") {
2077
2078 if (!WEB_DEMO_MODE) {
2079
2080 $regexp = db_escape_string(trim($_GET["reg_exp"]));
2081 $filter_type = db_escape_string(trim($_GET["filter_type"]));
2082 $feed_id = db_escape_string($_GET["feed_id"]);
2083 $action_id = db_escape_string($_GET["action_id"]);
2084
2085 if (!$feed_id) {
2086 $feed_id = 'NULL';
2087 } else {
2088 $feed_id = sprintf("'%s'", db_escape_string($feed_id));
2089 }
2090
2091 $result = db_query($link,
2092 "INSERT INTO ttrss_filters (reg_exp,filter_type,owner_uid,feed_id,
2093 action_id)
2094 VALUES
2095 ('$regexp', '$filter_type','".$_SESSION["uid"]."',
2096 $feed_id, '$action_id')");
2097 }
2098 }
2099
2100 if ($quiet) return;
2101
2102 // print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
2103
2104 $result = db_query($link, "SELECT id,description
2105 FROM ttrss_filter_types ORDER BY description");
2106
2107 $filter_types = array();
2108
2109 while ($line = db_fetch_assoc($result)) {
2110 //array_push($filter_types, $line["description"]);
2111 $filter_types[$line["id"]] = $line["description"];
2112 }
2113
2114 print "<input type=\"submit\"
2115 class=\"button\"
2116 onclick=\"return displayDlg('quickAddFilter', false)\"
2117 id=\"create_filter_btn\"
2118 value=\"Create filter\">";
2119
2120 $result = db_query($link, "SELECT
2121 ttrss_filters.id AS id,reg_exp,
2122 ttrss_filter_types.name AS filter_type_name,
2123 ttrss_filter_types.description AS filter_type_descr,
2124 feed_id,
2125 ttrss_filter_actions.description AS action_description,
2126 ttrss_feeds.title AS feed_title
2127 FROM
2128 ttrss_filter_types,ttrss_filter_actions,ttrss_filters LEFT JOIN
2129 ttrss_feeds ON (ttrss_filters.feed_id = ttrss_feeds.id)
2130 WHERE
2131 filter_type = ttrss_filter_types.id AND
2132 ttrss_filter_actions.id = action_id AND
2133 ttrss_filters.owner_uid = ".$_SESSION["uid"]."
2134 ORDER by reg_exp");
2135
2136 if (db_num_rows($result) != 0) {
2137
2138 print "<form id=\"filter_edit_form\">";
2139
2140 print "<p><table width=\"100%\" cellspacing=\"0\" class=\"prefFilterList\"
2141 id=\"prefFilterList\">";
2142
2143 print "<tr><td class=\"selectPrompt\" colspan=\"8\">
2144 Select:
2145 <a href=\"javascript:selectPrefRows('filter', true)\">All</a>,
2146 <a href=\"javascript:selectPrefRows('filter', false)\">None</a>
2147 </td</tr>";
2148
2149 print "<tr class=\"title\">
2150 <td align='center' width=\"5%\">&nbsp;</td>
2151 <td width=\"20%\">Filter expression</td>
2152 <td width=\"20%\">Feed</td>
2153 <td width=\"15%\">Match</td>
2154 <td width=\"15%\">Action</td>";
2155
2156 $lnum = 0;
2157
2158 while ($line = db_fetch_assoc($result)) {
2159
2160 $class = ($lnum % 2) ? "even" : "odd";
2161
2162 $filter_id = $line["id"];
2163 $edit_filter_id = $_GET["id"];
2164
2165 if ($subop == "edit" && $filter_id != $edit_filter_id) {
2166 $class .= "Grayed";
2167 $this_row_id = "";
2168 } else {
2169 $this_row_id = "id=\"FILRR-$filter_id\"";
2170 }
2171
2172 print "<tr class=\"$class\" $this_row_id>";
2173
2174 $line["reg_exp"] = htmlspecialchars(db_unescape_string($line["reg_exp"]));
2175
2176 if (!$line["feed_title"]) $line["feed_title"] = "All feeds";
2177
2178 $line["feed_title"] = htmlspecialchars(db_unescape_string($line["feed_title"]));
2179
2180 print "<td align='center'><input onclick='toggleSelectPrefRow(this, \"filter\");'
2181 type=\"checkbox\" id=\"FICHK-".$line["id"]."\"></td>";
2182
2183 print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2184 $line["reg_exp"] . "</td>";
2185
2186 print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2187 $line["feed_title"] . "</td>";
2188
2189 print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2190 $line["filter_type_descr"] . "</td>";
2191
2192 print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2193 $line["action_description"] . "</td>";
2194
2195 print "</tr>";
2196
2197 ++$lnum;
2198 }
2199
2200 if ($lnum == 0) {
2201 print "<tr><td colspan=\"4\" align=\"center\">No filters defined.</td></tr>";
2202 }
2203
2204 print "</table>";
2205
2206 print "</form>";
2207
2208 print "<p id=\"filterOpToolbar\">";
2209
2210 print "
2211 Selection:
2212 <input type=\"submit\" class=\"button\" disabled=\"true\"
2213 onclick=\"return editSelectedFilter()\" value=\"Edit\">
2214 <input type=\"submit\" class=\"button\" disabled=\"true\"
2215 onclick=\"return removeSelectedFilters()\" value=\"Remove\">";
2216
2217 print "</p>";
2218
2219 } else {
2220
2221 print "<p>No filters defined.</p>";
2222
2223 }
2224 }
2225
2226 // We need to accept raw SQL data in label queries, so not everything is escaped
2227 // here, this is by design. If you don't like the whole idea, disable labels
2228 // altogether with GLOBAL_ENABLE_LABELS = false
2229
2230 if ($op == "pref-labels") {
2231
2232 if (!GLOBAL_ENABLE_LABELS) {
2233
2234 print "<p>Sorry, labels have been administratively disabled for this installation. Please contact instance owner or edit configuration file to enable this functionality.</p>";
2235 return;
2236 }
2237
2238 $subop = $_GET["subop"];
2239
2240 if ($subop == "edit") {
2241
2242 $label_id = db_escape_string($_GET["id"]);
2243
2244 $result = db_query($link, "SELECT sql_exp,description FROM ttrss_labels WHERE
2245 owner_uid = ".$_SESSION["uid"]." AND id = '$label_id' ORDER by description");
2246
2247 $line = db_fetch_assoc($result);
2248
2249 $sql_exp = htmlspecialchars(db_unescape_string($line["sql_exp"]));
2250 $description = htmlspecialchars(db_unescape_string($line["description"]));
2251
2252 print "<div id=\"infoBoxTitle\">Label editor</div>";
2253 print "<div class=\"infoBoxContents\">";
2254
2255 print "<form id=\"label_edit_form\">";
2256
2257 print "<input type=\"hidden\" name=\"op\" value=\"pref-labels\">";
2258 print "<input type=\"hidden\" name=\"id\" value=\"$label_id\">";
2259 print "<input type=\"hidden\" name=\"subop\" value=\"editSave\">";
2260
2261 print "<table width='100%'>";
2262
2263 print "<tr><td>Caption:</td>
2264 <td><input onkeypress=\"return filterCR(event)\"
2265 onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
2266 name=\"description\" class=\"iedit\" value=\"$description\">";
2267
2268 print "</td></tr>";
2269
2270 print "<tr><td colspan=\"2\">
2271 <p>SQL Expression:</p>";
2272
2273 print "<textarea onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
2274 rows=\"4\" name=\"sql_exp\" class=\"iedit\">$sql_exp</textarea>";
2275
2276 print "</td></tr></table>";
2277
2278 print "</form>";
2279
2280 print "<div style=\"display : none\" id=\"label_test_result\"></div>";
2281
2282 print "<div align='right'>";
2283
2284 print "<input type=\"submit\" onclick=\"labelTest()\" value=\"Test\">
2285 ";
2286
2287 print "<input type=\"submit\"
2288 id=\"infobox_submit\"
2289 class=\"button\" onclick=\"return labelEditSave()\"
2290 value=\"Save\"> ";
2291
2292 print "<input class=\"button\"
2293 type=\"submit\" onclick=\"return labelEditCancel()\"
2294 value=\"Cancel\">";
2295
2296 print "</div>";
2297
2298 return;
2299 }
2300
2301 if ($subop == "test") {
2302
2303 $expr = db_unescape_string(trim($_GET["expr"]));
2304 $descr = db_unescape_string(trim($_GET["descr"]));
2305
2306 print "<div>";
2307
2308 error_reporting(0);
2309
2310
2311 $result = db_query($link,
2312 "SELECT count(ttrss_entries.id) AS num_matches
2313 FROM ttrss_entries,ttrss_user_entries,ttrss_feeds
2314 WHERE ($expr) AND
2315 ttrss_user_entries.ref_id = ttrss_entries.id AND
2316 ttrss_user_entries.feed_id = ttrss_feeds.id AND
2317 ttrss_user_entries.owner_uid = " . $_SESSION["uid"], false);
2318
2319 error_reporting (DEFAULT_ERROR_LEVEL);
2320
2321 if (!$result) {
2322 print "<p>" . db_last_error($link) . "</p>";
2323 print "</div>";
2324 return;
2325 }
2326
2327 $num_matches = db_fetch_result($result, 0, "num_matches");;
2328
2329 if ($num_matches > 0) {
2330
2331 if ($num_matches > 10) {
2332 $showing_msg = ", showing first 10";
2333 }
2334
2335 print "<p>Query returned <b>$num_matches</b> matches$showing_msg:</p>";
2336
2337 $result = db_query($link,
2338 "SELECT ttrss_entries.title,
2339 (SELECT title FROM ttrss_feeds WHERE id = feed_id) AS feed_title
2340 FROM ttrss_entries,ttrss_user_entries,ttrss_feeds
2341 WHERE ($expr) AND
2342 ttrss_user_entries.ref_id = ttrss_entries.id
2343 AND ttrss_user_entries.feed_id = ttrss_feeds.id
2344 AND ttrss_user_entries.owner_uid = " . $_SESSION["uid"] . "
2345 ORDER BY date_entered DESC LIMIT 10", false);
2346
2347 print "<ul class=\"labelTestResults\">";
2348
2349 $row_class = "even";
2350
2351 while ($line = db_fetch_assoc($result)) {
2352 $row_class = toggleEvenOdd($row_class);
2353
2354 print "<li class=\"$row_class\">".$line["title"].
2355 " <span class=\"insensitive\">(".$line["feed_title"].")</span></li>";
2356 }
2357 print "</ul>";
2358
2359 } else {
2360 print "<p>Query didn't return any matches.</p>";
2361 }
2362
2363 print "</div>";
2364
2365 return;
2366 }
2367
2368 if ($subop == "editSave") {
2369
2370 $sql_exp = trim($_GET["sql_exp"]);
2371 $descr = db_escape_string(trim($_GET["description"]));
2372 $label_id = db_escape_string($_GET["id"]);
2373
2374 $result = db_query($link, "UPDATE ttrss_labels SET
2375 sql_exp = '$sql_exp',
2376 description = '$descr'
2377 WHERE id = '$label_id'");
2378 }
2379
2380 if ($subop == "remove") {
2381
2382 if (!WEB_DEMO_MODE) {
2383
2384 $ids = split(",", db_escape_string($_GET["ids"]));
2385
2386 foreach ($ids as $id) {
2387 db_query($link, "DELETE FROM ttrss_labels WHERE id = '$id'");
2388
2389 }
2390 }
2391 }
2392
2393 if ($subop == "add") {
2394
2395 if (!WEB_DEMO_MODE) {
2396
2397 // no escaping is done here on purpose
2398 $sql_exp = trim($_GET["sql_exp"]);
2399 $description = db_escape_string($_GET["description"]);
2400
2401 $result = db_query($link,
2402 "INSERT INTO ttrss_labels (sql_exp,description,owner_uid)
2403 VALUES ('$sql_exp', '$description', '".$_SESSION["uid"]."')");
2404 }
2405 }
2406
2407 print "<div class=\"prefGenericAddBox\">";
2408
2409 print"<input type=\"submit\" class=\"button\"
2410 id=\"label_create_btn\"
2411 onclick=\"return displayDlg('quickAddLabel', false)\"
2412 value=\"Create label\"></div>";
2413
2414 $result = db_query($link, "SELECT
2415 id,sql_exp,description
2416 FROM
2417 ttrss_labels
2418 WHERE
2419 owner_uid = ".$_SESSION["uid"]."
2420 ORDER by description");
2421
2422 // print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
2423
2424 if (db_num_rows($result) != 0) {
2425
2426 print "<form id=\"label_edit_form\">";
2427
2428 print "<p><table width=\"100%\" cellspacing=\"0\"
2429 class=\"prefLabelList\" id=\"prefLabelList\">";
2430
2431 print "<tr><td class=\"selectPrompt\" colspan=\"8\">
2432 Select:
2433 <a href=\"javascript:selectPrefRows('label', true)\">All</a>,
2434 <a href=\"javascript:selectPrefRows('label', false)\">None</a>
2435 </td</tr>";
2436
2437 print "<tr class=\"title\">
2438 <td width=\"5%\">&nbsp;</td>
2439 <td width=\"30%\">Caption</td>
2440 <td width=\"50%\">SQL Expression
2441 <a class=\"helpLink\" href=\"javascript:displayHelpInfobox(1)\">(?)</a>
2442 </td>
2443 </tr>";
2444
2445 $lnum = 0;
2446
2447 while ($line = db_fetch_assoc($result)) {
2448
2449 $class = ($lnum % 2) ? "even" : "odd";
2450
2451 $label_id = $line["id"];
2452 $edit_label_id = $_GET["id"];
2453
2454 if ($subop == "edit" && $label_id != $edit_label_id) {
2455 $class .= "Grayed";
2456 $this_row_id = "";
2457 } else {
2458 $this_row_id = "id=\"LILRR-$label_id\"";
2459 }
2460
2461 print "<tr class=\"$class\" $this_row_id>";
2462
2463 $line["sql_exp"] = htmlspecialchars(db_unescape_string($line["sql_exp"]));
2464 $line["description"] = htmlspecialchars(
2465 db_unescape_string($line["description"]));
2466
2467 if (!$line["description"]) $line["description"] = "[No caption]";
2468
2469 print "<td align='center'><input onclick='toggleSelectPrefRow(this, \"label\");'
2470 type=\"checkbox\" id=\"LICHK-".$line["id"]."\"></td>";
2471
2472 print "<td><a href=\"javascript:editLabel($label_id);\">" .
2473 $line["description"] . "</td>";
2474
2475 print "<td><a href=\"javascript:editLabel($label_id);\">" .
2476 $line["sql_exp"] . "</td>";
2477
2478 print "</tr>";
2479
2480 ++$lnum;
2481 }
2482
2483 if ($lnum == 0) {
2484 print "<tr><td colspan=\"4\" align=\"center\">No labels defined.</td></tr>";
2485 }
2486
2487 print "</table>";
2488
2489 print "</form>";
2490
2491 print "<p id=\"labelOpToolbar\">";
2492
2493 print "
2494 Selection:
2495 <input type=\"submit\" class=\"button\" disabled=\"true\"
2496 onclick=\"javascript:editSelectedLabel()\" value=\"Edit\">
2497 <input type=\"submit\" class=\"button\" disabled=\"true\"
2498 onclick=\"javascript:removeSelectedLabels()\" value=\"Remove\">";
2499
2500 } else {
2501 print "<p>No labels defined.</p>";
2502 }
2503 }
2504
2505 if ($op == "error") {
2506 print "<div width=\"100%\" align='center'>";
2507 $msg = $_GET["msg"];
2508 print $msg;
2509 print "</div>";
2510 }
2511
2512 if ($op == "help") {
2513 if (!$_GET["noheaders"]) {
2514 print "<html><head>
2515 <title>Tiny Tiny RSS : Help</title>
2516 <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">
2517 <script type=\"text/javascript\" src=\"prototype.js\"></script>
2518 <script type=\"text/javascript\" src=\"functions.js?$script_dt_add\"></script>
2519 <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
2520 </head><body>";
2521 }
2522
2523 $tid = sprintf("%d", $_GET["tid"]);
2524
2525 print "<div id=\"infoBoxTitle\">Help</div>";
2526
2527 print "<div class='infoBoxContents'>";
2528
2529 if (file_exists("help/$tid.php")) {
2530 include("help/$tid.php");
2531 } else {
2532 print "<p>Help topic not found.</p>";
2533 }
2534
2535 print "</div>";
2536
2537 print "<div align='center'>
2538 <input type='submit' class='button'
2539 onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
2540
2541 if (!$_GET["noheaders"]) {
2542 print "</body></html>";
2543 }
2544
2545 }
2546
2547 if ($op == "dlg") {
2548 $id = $_GET["id"];
2549 $param = $_GET["param"];
2550
2551 if ($id == "quickAddFeed") {
2552
2553 print "<div id=\"infoBoxTitle\">Subscribe to feed</div>";
2554 print "<div class=\"infoBoxContents\">";
2555
2556 print "<form id='feed_add_form'>";
2557
2558 print "<input type=\"hidden\" name=\"op\" value=\"pref-feeds\">";
2559 print "<input type=\"hidden\" name=\"quiet\" value=\"1\">";
2560 print "<input type=\"hidden\" name=\"subop\" value=\"add\">";
2561
2562 print "<table width='100%'>
2563 <tr><td>Feed URL:</td><td>
2564 <input class=\"iedit\" onblur=\"javascript:enableHotkeys()\"
2565 onkeypress=\"return filterCR(event)\"
2566 onkeyup=\"toggleSubmitNotEmpty(this, 'fadd_submit_btn')\"
2567 onfocus=\"javascript:disableHotkeys()\" name=\"feed_url\"></td></tr>";
2568
2569 if (get_pref($link, 'ENABLE_FEED_CATS')) {
2570 print "<tr><td>Category:</td><td>";
2571 print_feed_cat_select($link, "cat_id");
2572 print "</td></tr>";
2573 }
2574
2575 print "</table>";
2576 print "</form>";
2577
2578 print "<div align='right'>
2579 <input class=\"button\"
2580 id=\"fadd_submit_btn\" disabled=\"true\"
2581 type=\"submit\" onclick=\"javascript:qafAdd()\" value=\"Subscribe\">
2582 <input class=\"button\"
2583 type=\"submit\" onclick=\"javascript:closeInfoBox()\"
2584 value=\"Cancel\"></div>";
2585
2586 }
2587
2588 if ($id == "search") {
2589
2590 print "<div id=\"infoBoxTitle\">Search</div>";
2591 print "<div class=\"infoBoxContents\">";
2592
2593 print "<form id='search_form'>";
2594
2595 #$active_feed_id = db_escape_string($_GET["param"]);
2596
2597 $params = split(":", db_escape_string($_GET["param"]));
2598
2599 $active_feed_id = sprintf("%d", $params[0]);
2600 $is_cat = $params[1] == "true";
2601
2602 print "<table width='100%'><tr><td>Search:</td><td>";
2603
2604 print "<input name=\"query\" class=\"iedit\"
2605 onkeypress=\"return filterCR(event)\"
2606 onkeyup=\"toggleSubmitNotEmpty(this, 'search_submit_btn')\"
2607 value=\"\">
2608 </td></tr>";
2609
2610 print "<tr><td>Where:</td><td>";
2611
2612 print "<select name=\"search_mode\">
2613 <option value=\"all_feeds\">All feeds</option>";
2614
2615 $feed_title = getFeedTitle($link, $active_feed_id);
2616
2617 if (!$is_cat) {
2618 $feed_cat_title = getFeedCatTitle($link, $active_feed_id);
2619 } else {
2620 $feed_cat_title = getCategoryTitle($link, $active_feed_id);
2621 }
2622
2623 if ($active_feed_id && !$is_cat) {
2624 print "<option selected value=\"this_feed\">This feed ($feed_title)</option>";
2625 } else {
2626 print "<option disabled>This feed</option>";
2627 }
2628
2629 if ($is_cat) {
2630 $cat_preselected = "selected";
2631 }
2632
2633 if (get_pref($link, 'ENABLE_FEED_CATS') && ($active_feed_id > 0 || $is_cat)) {
2634 print "<option $cat_preselected value=\"this_cat\">This category ($feed_cat_title)</option>";
2635 } else {
2636 print "<option disabled>This category</option>";
2637 }
2638
2639 print "</select></td></tr>";
2640
2641 print "<tr><td>Match on:</td><td>";
2642
2643 $search_fields = array(
2644 "title" => "Title",
2645 "content" => "Content",
2646 "both" => "Title or content");
2647
2648 print_select_hash("match_on", 3, $search_fields);
2649
2650 print "</td></tr></table>";
2651
2652 print "</form>";
2653
2654 print "<div align=\"right\">
2655 <input type=\"submit\"
2656 class=\"button\" onclick=\"javascript:search()\"
2657 id=\"search_submit_btn\" disabled=\"true\"
2658 value=\"Search\">
2659 <input class=\"button\"
2660 type=\"submit\" onclick=\"javascript:searchCancel()\"
2661 value=\"Cancel\"></div>";
2662
2663 print "</div>";
2664
2665 }
2666
2667 if ($id == "quickAddLabel") {
2668 print "<div id=\"infoBoxTitle\">Create label</div>";
2669 print "<div class=\"infoBoxContents\">";
2670
2671 print "<form id=\"label_edit_form\">";
2672
2673 print "<input type=\"hidden\" name=\"op\" value=\"pref-labels\">";
2674 print "<input type=\"hidden\" name=\"subop\" value=\"add\">";
2675
2676 print "<table width='100%'>";
2677
2678 print "<tr><td>Caption:</td>
2679 <td><input onkeypress=\"return filterCR(event)\"
2680 onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
2681 name=\"description\" class=\"iedit\">";
2682
2683 print "</td></tr>";
2684
2685 print "<tr><td colspan=\"2\">
2686 <p>SQL Expression:</p>";
2687
2688 print "<textarea onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
2689 rows=\"4\" name=\"sql_exp\" class=\"iedit\"></textarea>";
2690
2691 print "</td></tr></table>";
2692
2693 print "</form>";
2694
2695 print "<div style=\"display : none\" id=\"label_test_result\"></div>";
2696
2697 print "<div align='right'>";
2698
2699 print "<input type=\"submit\" onclick=\"labelTest()\" value=\"Test\">
2700 ";
2701
2702 print "<input type=\"submit\"
2703 id=\"infobox_submit\"
2704 disabled=\"true\"
2705 class=\"button\" onclick=\"return addLabel()\"
2706 value=\"Create\"> ";
2707
2708 print "<input class=\"button\"
2709 type=\"submit\" onclick=\"return labelEditCancel()\"
2710 value=\"Cancel\">";
2711 }
2712
2713 if ($id == "quickAddFilter") {
2714
2715 $active_feed_id = db_escape_string($_GET["param"]);
2716
2717 print "<div id=\"infoBoxTitle\">Create filter</div>";
2718 print "<div class=\"infoBoxContents\">";
2719
2720 print "<form id=\"filter_add_form\">";
2721
2722 print "<input type=\"hidden\" name=\"op\" value=\"pref-filters\">";
2723 print "<input type=\"hidden\" name=\"quiet\" value=\"1\">";
2724 print "<input type=\"hidden\" name=\"subop\" value=\"add\">";
2725
2726 // print "<div class=\"notice\"><b>Note:</b> filter will only apply to new articles.</div>";
2727
2728 $result = db_query($link, "SELECT id,description
2729 FROM ttrss_filter_types ORDER BY description");
2730
2731 $filter_types = array();
2732
2733 while ($line = db_fetch_assoc($result)) {
2734 //array_push($filter_types, $line["description"]);
2735 $filter_types[$line["id"]] = $line["description"];
2736 }
2737
2738 print "<table width='100%'>";
2739
2740 print "<tr><td>Match:</td>
2741 <td><input onkeypress=\"return filterCR(event)\"
2742 onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
2743 name=\"reg_exp\" class=\"iedit\">";
2744 print "</td><td>";
2745
2746 print_select_hash("filter_type", 1, $filter_types, "class=\"iedit\"");
2747
2748 print "</td></tr>";
2749 print "<tr><td>Feed:</td><td colspan='2'>";
2750
2751 print_feed_select($link, "feed_id", $active_feed_id);
2752
2753 print "</td></tr>";
2754
2755 print "<tr><td>Action:</td>";
2756
2757 print "<td colspan='2'><select name=\"action_id\">";
2758
2759 $result = db_query($link, "SELECT id,description FROM ttrss_filter_actions
2760 ORDER BY name");
2761
2762 while ($line = db_fetch_assoc($result)) {
2763 printf("<option value='%d'>%s</option>", $line["id"], $line["description"]);
2764 }
2765
2766 print "</select>";
2767
2768 print "</td></tr></table>";
2769
2770 print "</form>";
2771
2772 print "<div align='right'>";
2773
2774 print "<input type=\"submit\"
2775 id=\"infobox_submit\"
2776 class=\"button\" onclick=\"return qaddFilter()\"
2777 disabled=\"true\" value=\"Create\"> ";
2778
2779 print "<input class=\"button\"
2780 type=\"submit\" onclick=\"return closeInfoBox()\"
2781 value=\"Cancel\">";
2782
2783 print "</div>";
2784
2785 // print "</td></tr></table>";
2786
2787 }
2788
2789 print "</div>";
2790
2791 }
2792
2793 // update feeds of all users, may be used anonymously
2794 if ($op == "globalUpdateFeeds") {
2795
2796 $result = db_query($link, "SELECT id FROM ttrss_users");
2797
2798 while ($line = db_fetch_assoc($result)) {
2799 $user_id = $line["id"];
2800 // print "<!-- updating feeds of uid $user_id -->";
2801 update_all_feeds($link, false, $user_id);
2802 }
2803
2804 print "<rpc-reply>
2805 <message msg=\"All feeds updated\"/>
2806 </rpc-reply>";
2807
2808 }
2809
2810 if ($op == "pref-prefs") {
2811
2812 $subop = $_REQUEST["subop"];
2813
2814 if ($subop == "Save configuration") {
2815
2816 if (WEB_DEMO_MODE) {
2817 header("Location: prefs.php");
2818 return;
2819 }
2820
2821 $_SESSION["prefs_op_result"] = "save-config";
2822
2823 $_SESSION["prefs_cache"] = false;
2824
2825 foreach (array_keys($_POST) as $pref_name) {
2826
2827 $pref_name = db_escape_string($pref_name);
2828 $value = db_escape_string($_POST[$pref_name]);
2829
2830 $result = db_query($link, "SELECT type_name
2831 FROM ttrss_prefs,ttrss_prefs_types
2832 WHERE pref_name = '$pref_name' AND type_id = ttrss_prefs_types.id");
2833
2834 if (db_num_rows($result) > 0) {
2835
2836 $type_name = db_fetch_result($result, 0, "type_name");
2837
2838 // print "$pref_name : $type_name : $value<br>";
2839
2840 if ($type_name == "bool") {
2841 if ($value == "1") {
2842 $value = "true";
2843 } else {
2844 $value = "false";
2845 }
2846 } else if ($type_name == "integer") {
2847 $value = sprintf("%d", $value);
2848 }
2849
2850 // print "$pref_name : $type_name : $value<br>";
2851
2852 db_query($link, "UPDATE ttrss_user_prefs SET value = '$value'
2853 WHERE pref_name = '$pref_name' AND owner_uid = ".$_SESSION["uid"]);
2854
2855 }
2856
2857 header("Location: prefs.php");
2858
2859 }
2860
2861 } else if ($subop == "getHelp") {
2862
2863 $pref_name = db_escape_string($_GET["pn"]);
2864
2865 $result = db_query($link, "SELECT help_text FROM ttrss_prefs
2866 WHERE pref_name = '$pref_name'");
2867
2868 if (db_num_rows($result) > 0) {
2869 $help_text = db_fetch_result($result, 0, "help_text");
2870 print $help_text;
2871 } else {
2872 print "Unknown option: $pref_name";
2873 }
2874
2875 } else if ($subop == "Change e-mail") {
2876
2877 if (WEB_DEMO_MODE) {
2878 header("Location: prefs.php");
2879 return;
2880 }
2881
2882 $email = db_escape_string($_GET["email"]);
2883 $active_uid = $_SESSION["uid"];
2884
2885 if ($email) {
2886 db_query($link, "UPDATE ttrss_users SET email = '$email'
2887 WHERE id = '$active_uid'");
2888 }
2889
2890 header("Location: prefs.php");
2891
2892 } else if ($subop == "Change password") {
2893
2894 if (WEB_DEMO_MODE) {
2895 header("Location: prefs.php");
2896 return;
2897 }
2898
2899 $old_pw = $_POST["OLD_PASSWORD"];
2900 $new_pw = $_POST["OLD_PASSWORD"];
2901
2902 $old_pw_hash = 'SHA1:' . sha1($_POST["OLD_PASSWORD"]);
2903 $new_pw_hash = 'SHA1:' . sha1($_POST["NEW_PASSWORD"]);
2904
2905 $active_uid = $_SESSION["uid"];
2906
2907 if ($old_pw && $new_pw) {
2908
2909 $login = db_escape_string($_SERVER['PHP_AUTH_USER']);
2910
2911 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
2912 id = '$active_uid' AND (pwd_hash = '$old_pw' OR
2913 pwd_hash = '$old_pw_hash')");
2914
2915 if (db_num_rows($result) == 1) {
2916 db_query($link, "UPDATE ttrss_users SET pwd_hash = '$new_pw_hash'
2917 WHERE id = '$active_uid'");
2918
2919 $_SESSION["pwd_change_result"] = "ok";
2920 } else {
2921 $_SESSION["pwd_change_result"] = "failed";
2922 }
2923 }
2924
2925 header("Location: prefs.php");
2926
2927 } else if ($subop == "Reset to defaults") {
2928
2929 if (WEB_DEMO_MODE) {
2930 header("Location: prefs.php");
2931 return;
2932 }
2933
2934 $_SESSION["prefs_op_result"] = "reset-to-defaults";
2935
2936 if (DB_TYPE == "pgsql") {
2937 db_query($link,"UPDATE ttrss_user_prefs
2938 SET value = ttrss_prefs.def_value
2939 WHERE owner_uid = '".$_SESSION["uid"]."' AND
2940 ttrss_prefs.pref_name = ttrss_user_prefs.pref_name");
2941 } else {
2942 db_query($link, "DELETE FROM ttrss_user_prefs
2943 WHERE owner_uid = ".$_SESSION["uid"]);
2944 initialize_user_prefs($link, $_SESSION["uid"]);
2945 }
2946
2947 header("Location: prefs.php");
2948
2949 } else if ($subop == "Change theme") {
2950
2951 $theme = db_escape_string($_POST["theme"]);
2952
2953 if ($theme == "Default") {
2954 $theme_qpart = 'NULL';
2955 } else {
2956 $theme_qpart = "'$theme'";
2957 }
2958
2959 $result = db_query($link, "SELECT id,theme_path FROM ttrss_themes
2960 WHERE theme_name = '$theme'");
2961
2962 if (db_num_rows($result) == 1) {
2963 $theme_id = db_fetch_result($result, 0, "id");
2964 $theme_path = db_fetch_result($result, 0, "theme_path");
2965 } else {
2966 $theme_id = "NULL";
2967 $theme_path = "";
2968 }
2969
2970 db_query($link, "UPDATE ttrss_users SET
2971 theme_id = $theme_id WHERE id = " . $_SESSION["uid"]);
2972
2973 $_SESSION["theme"] = $theme_path;
2974
2975 header("Location: prefs.php");
2976
2977 } else {
2978
2979 print check_for_update($link);
2980
2981 if (!SINGLE_USER_MODE) {
2982
2983 $result = db_query($link, "SELECT id,email FROM ttrss_users
2984 WHERE id = ".$_SESSION["uid"]." AND (pwd_hash = 'password' OR
2985 pwd_hash = 'SHA1:".sha1("password")."')");
2986
2987 if (db_num_rows($result) != 0) {
2988 print "<div class=\"warning\">
2989 Your password is at default value, please change it.
2990 </div>";
2991 }
2992
2993 if ($_SESSION["pwd_change_result"] == "failed") {
2994 print "<div class=\"warning\">
2995 There was an error while changing your password.
2996 </div>";
2997 }
2998
2999 if ($_SESSION["pwd_change_result"] == "ok") {
3000 print "<div class=\"notice\">
3001 Password changed successfully.
3002 </div>";
3003 }
3004
3005 $_SESSION["pwd_change_result"] = "";
3006
3007 if ($_SESSION["prefs_op_result"] == "reset-to-defaults") {
3008 print "<div class=\"notice\">
3009 Your configuration was reset to defaults.
3010 </div>";
3011 }
3012
3013 if ($_SESSION["prefs_op_result"] == "save-config") {
3014 print "<div class=\"notice\">
3015 Your configuration was saved successfully.
3016 </div>";
3017 }
3018
3019 $_SESSION["prefs_op_result"] = "";
3020
3021 print "<form action=\"backend.php\" method=\"GET\">";
3022
3023 print "<table width=\"100%\" class=\"prefPrefsList\">";
3024 print "<tr><td colspan='3'><h3>Personal data</h3></tr></td>";
3025
3026 $result = db_query($link, "SELECT email FROM ttrss_users
3027 WHERE id = ".$_SESSION["uid"]);
3028
3029 $email = db_fetch_result($result, 0, "email");
3030
3031 print "<tr><td width=\"40%\">E-mail</td>";
3032 print "<td><input class=\"editbox\" name=\"email\"
3033 value=\"$email\"></td></tr>";
3034
3035 print "</table>";
3036
3037 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
3038
3039 print "<p><input class=\"button\" type=\"submit\"
3040 value=\"Change e-mail\" name=\"subop\">";
3041
3042 print "</form>";
3043
3044 print "<form action=\"backend.php\" method=\"POST\" name=\"changePassForm\">";
3045
3046 print "<table width=\"100%\" class=\"prefPrefsList\">";
3047 print "<tr><td colspan='3'><h3>Authentication</h3></tr></td>";
3048
3049 print "<tr><td width=\"40%\">Old password</td>";
3050 print "<td><input class=\"editbox\" type=\"password\"
3051 name=\"OLD_PASSWORD\"></td></tr>";
3052
3053 print "<tr><td width=\"40%\">New password</td>";
3054
3055 print "<td><input class=\"editbox\" type=\"password\"
3056 name=\"NEW_PASSWORD\"></td></tr>";
3057
3058 print "</table>";
3059
3060 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
3061
3062 print "<p><input class=\"button\" type=\"submit\"
3063 onclick=\"return validateNewPassword(this.form)\"
3064 value=\"Change password\" name=\"subop\">";
3065
3066 print "</form>";
3067
3068 }
3069
3070 $result = db_query($link, "SELECT
3071 theme_id FROM ttrss_users WHERE id = " . $_SESSION["uid"]);
3072
3073 $user_theme_id = db_fetch_result($result, 0, "theme_id");
3074
3075 $result = db_query($link, "SELECT
3076 id,theme_name FROM ttrss_themes ORDER BY theme_name");
3077
3078 if (db_num_rows($result) > 0) {
3079
3080 print "<form action=\"backend.php\" method=\"POST\">";
3081 print "<table width=\"100%\" class=\"prefPrefsList\">";
3082 print "<tr><td colspan='3'><h3>Themes</h3></tr></td>";
3083 print "<tr><td width=\"40%\">Select theme</td>";
3084 print "<td><select name=\"theme\">";
3085 print "<option>Default</option>";
3086 print "<option disabled>--------</option>";
3087
3088 while ($line = db_fetch_assoc($result)) {
3089 if ($line["id"] == $user_theme_id) {
3090 $selected = "selected";
3091 } else {
3092 $selected = "";
3093 }
3094 print "<option $selected>" . $line["theme_name"] . "</option>";
3095 }
3096 print "</select></td></tr>";
3097 print "</table>";
3098 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
3099 print "<p><input class=\"button\" type=\"submit\"
3100 value=\"Change theme\" name=\"subop\">";
3101 print "</form>";
3102 }
3103
3104 $result = db_query($link, "SELECT
3105 ttrss_user_prefs.pref_name,short_desc,help_text,value,type_name,
3106 section_name,def_value
3107 FROM ttrss_prefs,ttrss_prefs_types,ttrss_prefs_sections,ttrss_user_prefs
3108 WHERE type_id = ttrss_prefs_types.id AND
3109 section_id = ttrss_prefs_sections.id AND
3110 ttrss_user_prefs.pref_name = ttrss_prefs.pref_name AND
3111 owner_uid = ".$_SESSION["uid"]."
3112 ORDER BY section_id,short_desc");
3113
3114 print "<form action=\"backend.php\" method=\"POST\">";
3115
3116 $lnum = 0;
3117
3118 $active_section = "";
3119
3120 while ($line = db_fetch_assoc($result)) {
3121
3122 if ($active_section != $line["section_name"]) {
3123
3124 if ($active_section != "") {
3125 print "</table>";
3126 }
3127
3128 print "<p><table width=\"100%\" class=\"prefPrefsList\">";
3129
3130 $active_section = $line["section_name"];
3131
3132 print "<tr><td colspan=\"3\"><h3>$active_section</h3></td></tr>";
3133 // print "<tr class=\"title\">
3134 // <td width=\"25%\">Option</td><td>Value</td></tr>";
3135
3136 $lnum = 0;
3137 }
3138
3139 // $class = ($lnum % 2) ? "even" : "odd";
3140
3141 print "<tr>";
3142
3143 $type_name = $line["type_name"];
3144 $pref_name = $line["pref_name"];
3145 $value = $line["value"];
3146 $def_value = $line["def_value"];
3147 $help_text = $line["help_text"];
3148
3149 print "<td width=\"40%\" id=\"$pref_name\">" . $line["short_desc"];
3150
3151 if ($help_text) print "<div class=\"prefHelp\">$help_text</div>";
3152
3153 print "</td>";
3154
3155 print "<td>";
3156
3157 if ($type_name == "bool") {
3158 // print_select($pref_name, $value, array("true", "false"));
3159
3160 if ($value == "true") {
3161 $value = "Yes";
3162 } else {
3163 $value = "No";
3164 }
3165
3166 print_radio($pref_name, $value, array("Yes", "No"));
3167
3168 } else {
3169 print "<input class=\"editbox\" name=\"$pref_name\" value=\"$value\">";
3170 }
3171
3172 print "</td>";
3173
3174 print "</tr>";
3175
3176 $lnum++;
3177 }
3178
3179 print "</table>";
3180
3181 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
3182
3183 print "<p><input class=\"button\" type=\"submit\"
3184 name=\"subop\" value=\"Save configuration\">";
3185
3186 print "&nbsp;<input class=\"button\" type=\"submit\"
3187 name=\"subop\" onclick=\"return validatePrefsReset()\"
3188 value=\"Reset to defaults\"></p>";
3189
3190 print "</form>";
3191
3192 }
3193
3194 }
3195
3196 if ($op == "pref-users") {
3197
3198 $subop = $_GET["subop"];
3199
3200 if ($subop == "edit") {
3201
3202 $id = db_escape_string($_GET["id"]);
3203
3204 print "<div id=\"infoBoxTitle\">User editor</div>";
3205
3206 print "<div class=\"infoBoxContents\">";
3207
3208 print "<form id=\"user_edit_form\">";
3209
3210 print "<input type=\"hidden\" name=\"id\" value=\"$id\">";
3211 print "<input type=\"hidden\" name=\"op\" value=\"pref-users\">";
3212 print "<input type=\"hidden\" name=\"subop\" value=\"editSave\">";
3213
3214 $result = db_query($link, "SELECT * FROM ttrss_users WHERE id = '$id'");
3215
3216 $login = db_fetch_result($result, 0, "login");
3217 $access_level = db_fetch_result($result, 0, "access_level");
3218 $email = db_fetch_result($result, 0, "email");
3219
3220 print "<table width='100%'>";
3221 print "<tr><td>Login:</td><td>
3222 <input class=\"iedit\" onkeypress=\"return filterCR(event)\"
3223 name=\"login\" value=\"$login\"></td></tr>";
3224
3225 print "<tr><td>Change password:</td><td>
3226 <input class=\"iedit\" onkeypress=\"return filterCR(event)\"
3227 name=\"password\"></td></tr>";
3228
3229 print "<tr><td>E-mail:</td><td>
3230 <input class=\"iedit\" name=\"email\" onkeypress=\"return filterCR(event)\"
3231 value=\"$email\"></td></tr>";
3232
3233 $sel_disabled = ($id == $_SESSION["uid"]) ? "disabled" : "";
3234
3235 print "<tr><td>Access level:</td><td>";
3236 print_select_hash("access_level", $access_level, $access_level_names,
3237 $sel_disabled);
3238 print "</td></tr>";
3239
3240 print "</table>";
3241
3242 print "</form>";
3243
3244 print "<div align='right'>
3245 <input class=\"button\"
3246 type=\"submit\" onclick=\"return userEditSave()\"
3247 value=\"Save\">
3248 <input class=\"button\"
3249 type=\"submit\" onclick=\"return userEditCancel()\"
3250 value=\"Cancel\"></div>";
3251
3252 print "</div>";
3253
3254 return;
3255 }
3256
3257 if ($subop == "editSave") {
3258
3259 if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3260
3261 $login = db_escape_string(trim($_GET["login"]));
3262 $uid = db_escape_string($_GET["id"]);
3263 $access_level = sprintf("%d", $_GET["access_level"]);
3264 $email = db_escape_string(trim($_GET["email"]));
3265 $password = db_escape_string(trim($_GET["password"]));
3266
3267 if ($password) {
3268 $pwd_hash = 'SHA1:' . sha1($password);
3269 $pass_query_part = "pwd_hash = '$pwd_hash', ";
3270 print "<div class='notice'>Changed password for user <b>$login</b>.</div>";
3271 } else {
3272 $pass_query_part = "";
3273 }
3274
3275 db_query($link, "UPDATE ttrss_users SET $pass_query_part login = '$login',
3276 access_level = '$access_level', email = '$email' WHERE id = '$uid'");
3277
3278 }
3279 } else if ($subop == "remove") {
3280
3281 if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3282
3283 $ids = split(",", db_escape_string($_GET["ids"]));
3284
3285 foreach ($ids as $id) {
3286 db_query($link, "DELETE FROM ttrss_users WHERE id = '$id' AND id != " . $_SESSION["uid"]);
3287
3288 }
3289 }
3290 } else if ($subop == "add") {
3291
3292 if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3293
3294 $login = db_escape_string(trim($_GET["login"]));
3295 $tmp_user_pwd = make_password(8);
3296 $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd);
3297
3298 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
3299 login = '$login'");
3300
3301 if (db_num_rows($result) == 0) {
3302
3303 db_query($link, "INSERT INTO ttrss_users
3304 (login,pwd_hash,access_level,last_login)
3305 VALUES ('$login', '$pwd_hash', 0, NOW())");
3306
3307
3308 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
3309 login = '$login' AND pwd_hash = '$pwd_hash'");
3310
3311 if (db_num_rows($result) == 1) {
3312
3313 $new_uid = db_fetch_result($result, 0, "id");
3314
3315 print "<div class=\"notice\">Added user <b>".$_GET["login"].
3316 "</b> with password <b>$tmp_user_pwd</b>.</div>";
3317
3318 initialize_user($link, $new_uid);
3319
3320 } else {
3321
3322 print "<div class=\"warning\">Could not create user <b>".
3323 $_GET["login"]."</b></div>";
3324
3325 }
3326 } else {
3327 print "<div class=\"warning\">User <b>".
3328 $_GET["login"]."</b> already exists.</div>";
3329 }
3330 }
3331 } else if ($subop == "resetPass") {
3332
3333 if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3334
3335 $uid = db_escape_string($_GET["id"]);
3336
3337 $result = db_query($link, "SELECT login,email
3338 FROM ttrss_users WHERE id = '$uid'");
3339
3340 $login = db_fetch_result($result, 0, "login");
3341 $email = db_fetch_result($result, 0, "email");
3342 $tmp_user_pwd = make_password(8);
3343 $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd);
3344
3345 db_query($link, "UPDATE ttrss_users SET pwd_hash = '$pwd_hash'
3346 WHERE id = '$uid'");
3347
3348 print "<div class=\"notice\">Changed password of
3349 user <b>$login</b> to <b>$tmp_user_pwd</b>.";
3350
3351 if (MAIL_RESET_PASS && $email) {
3352 print " Notifying <b>$email</b>.";
3353
3354 mail("$login <$email>", "Password reset notification",
3355 "Hi, $login.\n".
3356 "\n".
3357 "Your password for this TT-RSS installation was reset by".
3358 " an administrator.\n".
3359 "\n".
3360 "Your new password is $tmp_user_pwd, please remember".
3361 " it for later reference.\n".
3362 "\n".
3363 "Sincerely, TT-RSS Mail Daemon.", "From: " . MAIL_FROM);
3364 }
3365
3366 print "</div>";
3367
3368 }
3369 }
3370
3371 print "<div class=\"prefGenericAddBox\">
3372 <input id=\"uadd_box\"
3373 onkeyup=\"toggleSubmitNotEmpty(this, 'user_add_btn')\"
3374 size=\"40\">&nbsp;";
3375
3376 print"<input type=\"submit\" class=\"button\"
3377 id=\"user_add_btn\" disabled=\"true\"
3378 onclick=\"javascript:addUser()\" value=\"Create user\"></div>";
3379
3380 $result = db_query($link, "SELECT
3381 id,login,access_level,email,
3382 SUBSTRING(last_login,1,16) as last_login
3383 FROM
3384 ttrss_users
3385 ORDER by login");
3386
3387 // print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
3388
3389 print "<p><table width=\"100%\" cellspacing=\"0\"
3390 class=\"prefUserList\" id=\"prefUserList\">";
3391
3392 print "<tr><td class=\"selectPrompt\" colspan=\"8\">
3393 Select:
3394 <a href=\"javascript:selectPrefRows('user', true)\">All</a>,
3395 <a href=\"javascript:selectPrefRows('user', false)\">None</a>
3396 </td</tr>";
3397
3398 print "<tr class=\"title\">
3399 <td align='center' width=\"5%\">&nbsp;</td>
3400 <td width='40%'>Login</td>
3401 <td width='40%'>Access Level</td>
3402 <td width='30%'>Last login</td></tr>";
3403
3404 $lnum = 0;
3405
3406 while ($line = db_fetch_assoc($result)) {
3407
3408 $class = ($lnum % 2) ? "even" : "odd";
3409
3410 $uid = $line["id"];
3411 $edit_uid = $_GET["id"];
3412
3413 if ($subop == "edit" && $uid != $edit_uid) {
3414 $class .= "Grayed";
3415 $this_row_id = "";
3416 } else {
3417 $this_row_id = "id=\"UMRR-$uid\"";
3418 }
3419
3420 print "<tr class=\"$class\" $this_row_id>";
3421
3422 $line["login"] = htmlspecialchars($line["login"]);
3423
3424 $line["last_login"] = date(get_pref($link, 'SHORT_DATE_FORMAT'),
3425 strtotime($line["last_login"]));
3426
3427 $access_level_names = array(0 => "User", 10 => "Administrator");
3428
3429 // if (!$edit_uid || $subop != "edit") {
3430
3431 print "<td align='center'><input onclick='toggleSelectPrefRow(this, \"user\");'
3432 type=\"checkbox\" id=\"UMCHK-$uid\"></td>";
3433
3434 print "<td><a href=\"javascript:editUser($uid);\">" .
3435 $line["login"] . "</td>";
3436
3437 if (!$line["email"]) $line["email"] = "&nbsp;";
3438
3439 print "<td><a href=\"javascript:editUser($uid);\">" .
3440 $access_level_names[$line["access_level"]] . "</td>";
3441
3442 /* } else if ($uid != $edit_uid) {
3443
3444 if (!$line["email"]) $line["email"] = "&nbsp;";
3445
3446 print "<td align='center'><input disabled=\"true\" type=\"checkbox\"
3447 id=\"UMCHK-".$line["id"]."\"></td>";
3448
3449 print "<td>".$line["login"]."</td>";
3450 print "<td>".$line["email"]."</td>";
3451 print "<td>".$access_level_names[$line["access_level"]]."</td>";
3452
3453 } else {
3454
3455 print "<td align='center'>
3456 <input disabled=\"true\" type=\"checkbox\" checked></td>";
3457
3458 print "<td><input id=\"iedit_ulogin\" value=\"".$line["login"].
3459 "\"></td>";
3460
3461 print "<td><input id=\"iedit_email\" value=\"".$line["email"].
3462 "\"></td>";
3463
3464 print "<td>";
3465 print "<select id=\"iedit_ulevel\">";
3466 foreach (array_keys($access_level_names) as $al) {
3467 if ($al == $line["access_level"]) {
3468 $selected = "selected";
3469 } else {
3470 $selected = "";
3471 }
3472 print "<option $selected id=\"$al\">" .
3473 $access_level_names[$al] . "</option>";
3474 }
3475 print "</select>";
3476 print "</td>";
3477
3478 } */
3479
3480 print "<td>".$line["last_login"]."</td>";
3481
3482 print "</tr>";
3483
3484 ++$lnum;
3485 }
3486
3487 print "</table>";
3488
3489 print "<p id='userOpToolbar'>";
3490
3491 /* if ($subop == "edit") {
3492 print "Edit user:
3493 <input type=\"submit\" class=\"button\"
3494 onclick=\"javascript:userEditSave()\" value=\"Save\">
3495 <input type=\"submit\" class=\"button\"
3496 onclick=\"javascript:userEditCancel()\" value=\"Cancel\">";
3497
3498 } else { */
3499
3500 print "
3501 Selection:
3502 <input type=\"submit\" class=\"button\" disabled=\"true\"
3503 onclick=\"javascript:selectedUserDetails()\" value=\"User details\">
3504 <input type=\"submit\" class=\"button\" disabled=\"true\"
3505 onclick=\"javascript:editSelectedUser()\" value=\"Edit\">
3506 <input type=\"submit\" class=\"button\" disabled=\"true\"
3507 onclick=\"javascript:removeSelectedUsers()\" value=\"Remove\">
3508 <input type=\"submit\" class=\"button\" disabled=\"true\"
3509 onclick=\"javascript:resetSelectedUserPass()\" value=\"Reset password\">";
3510
3511 // }
3512 }
3513
3514 if ($op == "user-details") {
3515
3516 if (WEB_DEMO_MODE || $_SESSION["access_level"] < 10) {
3517 return;
3518 }
3519
3520 /* print "<html><head>
3521 <title>Tiny Tiny RSS : User Details</title>
3522 <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">
3523 <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
3524 </head><body>"; */
3525
3526 $uid = sprintf("%d", $_GET["id"]);
3527
3528 print "<div id=\"infoBoxTitle\">User details</div>";
3529
3530 print "<div class='infoBoxContents'>";
3531
3532 $result = db_query($link, "SELECT login,
3533 SUBSTRING(last_login,1,16) AS last_login,
3534 access_level,
3535 (SELECT COUNT(int_id) FROM ttrss_user_entries
3536 WHERE owner_uid = id) AS stored_articles
3537 FROM ttrss_users
3538 WHERE id = '$uid'");
3539
3540 if (db_num_rows($result) == 0) {
3541 print "<h1>User not found</h1>";
3542 return;
3543 }
3544
3545 # print "<h1>User Details</h1>";
3546
3547 $login = db_fetch_result($result, 0, "login");
3548
3549 # print "<h1>$login</h1>";
3550
3551 print "<table width='100%'>";
3552
3553 $last_login = date(get_pref($link, 'LONG_DATE_FORMAT'),
3554 strtotime(db_fetch_result($result, 0, "last_login")));
3555 $access_level = db_fetch_result($result, 0, "access_level");
3556 $stored_articles = db_fetch_result($result, 0, "stored_articles");
3557
3558 # print "<tr><td>Username</td><td>$login</td></tr>";
3559 # print "<tr><td>Access level</td><td>$access_level</td></tr>";
3560 print "<tr><td>Last logged in</td><td>$last_login</td></tr>";
3561 print "<tr><td>Stored articles</td><td>$stored_articles</td></tr>";
3562
3563 $result = db_query($link, "SELECT COUNT(id) as num_feeds FROM ttrss_feeds
3564 WHERE owner_uid = '$uid'");
3565
3566 $num_feeds = db_fetch_result($result, 0, "num_feeds");
3567
3568 print "<tr><td>Subscribed feeds count</td><td>$num_feeds</td></tr>";
3569
3570 /* $result = db_query($link, "SELECT
3571 SUM(LENGTH(content)+LENGTH(title)+LENGTH(link)+LENGTH(guid)) AS db_size
3572 FROM ttrss_user_entries,ttrss_entries
3573 WHERE owner_uid = '$uid' AND ref_id = id");
3574
3575 $db_size = round(db_fetch_result($result, 0, "db_size") / 1024);
3576
3577 print "<tr><td>Approx. used DB size</td><td>$db_size KBytes</td></tr>"; */
3578
3579 print "</table>";
3580
3581 print "<h1>Subscribed feeds</h1>";
3582
3583 $result = db_query($link, "SELECT id,title,site_url FROM ttrss_feeds
3584 WHERE owner_uid = '$uid' ORDER BY title");
3585
3586 print "<ul class=\"userFeedList\">";
3587
3588 $row_class = "odd";
3589
3590 while ($line = db_fetch_assoc($result)) {
3591
3592 $icon_file = ICONS_URL."/".$line["id"].".ico";
3593
3594 if (file_exists($icon_file) && filesize($icon_file) > 0) {
3595 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"$icon_file\">";
3596 } else {
3597 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
3598 }
3599
3600 print "<li class=\"$row_class\">$feed_icon&nbsp;<a href=\"".$line["site_url"]."\">".$line["title"]."</a></li>";
3601
3602 $row_class = toggleEvenOdd($row_class);
3603
3604 }
3605
3606 if (db_num_rows($result) < $num_feeds) {
3607 // FIXME - add link to show ALL subscribed feeds here somewhere
3608 print "<li><img
3609 class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">&nbsp;...</li>";
3610 }
3611
3612 print "</ul>";
3613
3614 print "</div>";
3615
3616 print "<div align='center'>
3617 <input type='submit' class='button'
3618 onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
3619
3620 // print "</body></html>";
3621
3622 }
3623
3624 if ($op == "pref-feed-browser") {
3625
3626 if (!ENABLE_FEED_BROWSER) {
3627 print "Feed browser is administratively disabled.";
3628 return;
3629 }
3630
3631 $subop = $_REQUEST["subop"];
3632
3633 if ($subop == "details") {
3634 $id = db_escape_string($_GET["id"]);
3635
3636 print "<div class=\"browserFeedInfo\">";
3637 print "<b>Feed information:</b>";
3638 print "<div class=\"detailsPart\">";
3639
3640 $result = db_query($link, "SELECT
3641 feed_url,site_url,
3642 SUBSTRING(last_updated,1,19) AS last_updated
3643 FROM ttrss_feeds WHERE id = '$id'");
3644
3645 $feed_url = db_fetch_result($result, 0, "feed_url");
3646 $site_url = db_fetch_result($result, 0, "site_url");
3647 $last_updated = db_fetch_result($result, 0, "last_updated");
3648
3649 if (get_pref($link, 'HEADLINES_SMART_DATE')) {
3650 $last_updated = smart_date_time(strtotime($last_updated));
3651 } else {
3652 $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
3653 $last_updated = date($short_date, strtotime($last_updated));
3654 }
3655
3656 print "Site: <a href='$site_url'>$site_url</a> ".
3657 "(<a href='$feed_url'>feed</a>), ".
3658 "Last updated: $last_updated";
3659
3660 print "</div>";
3661
3662 $result = db_query($link, "SELECT
3663 ttrss_entries.title,
3664 content,
3665 substring(date_entered,1,19) as date_entered,
3666 substring(updated,1,19) as updated
3667 FROM ttrss_entries,ttrss_user_entries
3668 WHERE ttrss_entries.id = ref_id AND feed_id = '$id'
3669 ORDER BY updated DESC LIMIT 5");
3670
3671 if (db_num_rows($result) > 0) {
3672
3673 print "<b>Last headlines:</b><br>";
3674
3675 print "<div class=\"detailsPart\">";
3676 print "<ul class=\"compact\">";
3677 while ($line = db_fetch_assoc($result)) {
3678
3679 if (get_pref($link, 'HEADLINES_SMART_DATE')) {
3680 $entry_dt = smart_date_time(strtotime($line["updated"]));
3681 } else {
3682 $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
3683 $entry_dt = date($short_date, strtotime($line["updated"]));
3684 }
3685
3686 print "<li>" . $line["title"] .
3687 "&nbsp;<span class=\"insensitive\">($entry_dt)</span></li>";
3688 }
3689 print "</ul></div>";
3690 }
3691
3692 print "</div>";
3693
3694 return;
3695 }
3696
3697 print "<p>This panel shows feeds subscribed by other users of this system, just in case you are interested in some of them too.</p>";
3698
3699 $limit = db_escape_string($_GET["limit"]);
3700
3701 if (!$limit) $limit = 25;
3702
3703 $owner_uid = $_SESSION["uid"];
3704
3705 $result = db_query($link, "SELECT feed_url,COUNT(id) AS subscribers
3706 FROM ttrss_feeds WHERE (SELECT COUNT(id) = 0 FROM ttrss_feeds AS tf
3707 WHERE tf.feed_url = ttrss_feeds.feed_url
3708 AND owner_uid = '$owner_uid') GROUP BY feed_url
3709 ORDER BY subscribers DESC LIMIT $limit");
3710
3711
3712 print "<div style=\"float : right\">
3713 Top <select id=\"feedBrowserLimit\">";
3714
3715 foreach (array(25, 50, 100) as $l) {
3716 $issel = ($l == $limit) ? "selected" : "";
3717 print "<option $issel>$l</option>";
3718 }
3719
3720 print "</select>
3721 <input type=\"submit\" class=\"button\"
3722 onclick=\"updateBigFeedBrowser()\" value=\"Show\">
3723 </div>";
3724
3725 print "<p id=\"fbrOpToolbar\">Selection:
3726 <input type='submit' class='button' onclick=\"feedBrowserSubscribe()\"
3727 disabled=\"true\" value=\"Subscribe\">";
3728
3729 print "<ul class='nomarks' id='browseBigFeedList'>";
3730
3731 $feedctr = 0;
3732
3733 while ($line = db_fetch_assoc($result)) {
3734 $feed_url = $line["feed_url"];
3735 $subscribers = $line["subscribers"];
3736
3737 $det_result = db_query($link, "SELECT site_url,title,id
3738 FROM ttrss_feeds WHERE feed_url = '$feed_url' LIMIT 1");
3739
3740 $details = db_fetch_assoc($det_result);
3741
3742 $icon_file = ICONS_DIR . "/" . $details["id"] . ".ico";
3743
3744 if (file_exists($icon_file) && filesize($icon_file) > 0) {
3745 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"" . ICONS_URL .
3746 "/".$details["id"].".ico\">";
3747 } else {
3748 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
3749 }
3750
3751 $check_box = "<input onclick='toggleSelectFBListRow(this)' class='feedBrowseCB'
3752 type=\"checkbox\" id=\"FBCHK-" . $details["id"] . "\">";
3753
3754 $class = ($feedctr % 2) ? "even" : "odd";
3755
3756 print "<li class='$class' id=\"FBROW-".$details["id"]."\">$check_box".
3757 "$feed_icon ";
3758
3759 print "<a href=\"javascript:browserToggleExpand('".$details["id"]."')\">" .
3760 $details["title"] ."</a>&nbsp;" .
3761 "<span class='subscribers'>($subscribers)</span>";
3762
3763 print "<div class=\"browserDetails\" id=\"BRDET-" . $details["id"] . "\">";
3764 print "</div>";
3765
3766 print "</li>";
3767
3768 ++$feedctr;
3769 }
3770
3771 if ($feedctr == 0) {
3772 print "<li>No feeds found to subscribe.</li>";
3773 }
3774
3775 print "</ul>";
3776
3777 print "</div>";
3778
3779 }
3780
3781 if ($op == "rss") {
3782 $feed = db_escape_string($_GET["id"]);
3783 $user = db_escape_string($_GET["user"]);
3784 $pass = db_escape_string($_GET["pass"]);
3785 $is_cat = $_GET["is_cat"] != false;
3786
3787 $search = db_escape_string($_GET["q"]);
3788 $match_on = db_escape_string($_GET["m"]);
3789 $search_mode = db_escape_string($_GET["smode"]);
3790
3791 if (!$_SESSION["uid"] && $user && $pass) {
3792 authenticate_user($link, $user, $pass);
3793 }
3794
3795 if ($_SESSION["uid"] ||
3796 http_authenticate_user($link)) {
3797
3798 generate_syndicated_feed($link, $feed, $is_cat,
3799 $search, $search_mode, $match_on);
3800 }
3801 }
3802
3803 function check_configuration_variables() {
3804 if (!defined('SESSION_EXPIRE_TIME')) {
3805 return "config: SESSION_EXPIRE_TIME is undefined";
3806 }
3807
3808 if (SESSION_EXPIRE_TIME < 60) {
3809 return "config: SESSION_EXPIRE_TIME is too low (less than 60)";
3810 }
3811
3812 if (SESSION_EXPIRE_TIME < SESSION_COOKIE_LIFETIME_REMEMBER) {
3813 return "config: SESSION_EXPIRE_TIME should be greater or equal to" .
3814 "SESSION_COOKIE_LIFETIME_REMEMBER";
3815 }
3816
3817 if (defined('DISABLE_SESSIONS')) {
3818 return "config: you have enabled DISABLE_SESSIONS. Please disable this option.";
3819 }
3820
3821 if (DATABASE_BACKED_SESSIONS && SINGLE_USER_MODE) {
3822 return "config: DATABASE_BACKED_SESSIONS is incompatible with SINGLE_USER_MODE";
3823 }
3824
3825 return false;
3826 }
3827
3828 if ($op == "labelFromSearch") {
3829 $search = db_escape_string($_GET["search"]);
3830 $search_mode = db_escape_string($_GET["smode"]);
3831 $match_on = db_escape_string($_GET["match"]);
3832 $is_cat = db_escape_string($_GET["is_cat"]);
3833 $title = db_escape_string($_GET["title"]);
3834 $feed = sprintf("%d", $_GET["feed"]);
3835
3836 $label_qparts = array();
3837
3838 $search_expr = getSearchSql($search, $match_on);
3839
3840 if ($is_cat) {
3841 if ($feed != 0) {
3842 $search_expr .= " AND ttrss_feeds.cat_id = $feed ";
3843 } else {
3844 $search_expr .= " AND ttrss_feeds.cat_id IS NULL ";
3845 }
3846 } else {
3847 if ($search_mode == "all_feeds") {
3848 // NOOP
3849 } else if ($search_mode == "this_cat") {
3850
3851 $tmp_result = db_query($link, "SELECT cat_id
3852 FROM ttrss_feeds WHERE id = '$feed'");
3853
3854 $cat_id = db_fetch_result($tmp_result, 0, "cat_id");
3855
3856 if ($cat_id > 0) {
3857 $search_expr .= " AND ttrss_feeds.cat_id = $cat_id ";
3858 } else {
3859 $search_expr .= " AND ttrss_feeds.cat_id IS NULL ";
3860 }
3861 } else {
3862 $search_expr .= " AND ttrss_feeds.id = $feed ";
3863 }
3864
3865 }
3866
3867 $search_expr = db_escape_string($search_expr);
3868
3869 print $search_expr;
3870
3871 if ($title) {
3872 $result = db_query($link,
3873 "INSERT INTO ttrss_labels (sql_exp,description,owner_uid)
3874 VALUES ('$search_expr', '$title', '".$_SESSION["uid"]."')");
3875 }
3876 }
3877
3878 if ($op == "getUnread") {
3879 $login = db_escape_string($_GET["login"]);
3880
3881 header("Content-Type: text/plain");
3882
3883 $result = db_query($link, "SELECT id FROM ttrss_users WHERE login = '$login'");
3884
3885 if (db_num_rows($result) == 1) {
3886 $uid = db_fetch_result($result, 0, "id");
3887 print getGlobalUnread($link, $uid);
3888 } else {
3889 print "Error: user not found";
3890 }
3891 }
3892
3893 db_close($link);
3894 ?>
3895
3896 <?php if ($op != "getUnread") { ?>
3897 <!-- <?php echo sprintf("Backend execution time: %.4f seconds", getmicrotime() - $script_started) ?> -->
3898 <?php } ?>
web-based news feed (RSS/Atom) reader and aggregator; see https://tt-rss.org/