backend.php

   1 <?
   2         session_start();
   3
   4         if ($_GET["debug"]) {
   5                 define('DEFAULT_ERROR_LEVEL', E_ALL);
   6         } else {
   7                 define('DEFAULT_ERROR_LEVEL', E_ERROR | E_WARNING | E_PARSE);
   8         }
   9
  10         error_reporting(DEFAULT_ERROR_LEVEL);
  11
  12         $op = $_REQUEST["op"];
  13
  14         if ((!$op || $op == "rpc" || $op == "globalUpdateFeeds") && !$_REQUEST["noxml"]) {
  15                 header("Content-Type: application/xml");
  16         }
  17
  18         if (!$_SESSION["uid"] && $op != "globalUpdateFeeds") {
  19
  20                 if ($op == "rpc") {
  21                         print "<error error-code=\"6\"/>";
  22                 }
  23                 exit;
  24         }
  25
  26         if (!$op) {
  27                 print "<error error-code=\"7\"/>";
  28                 exit;
  29         }
  30
  31         define('SCHEMA_VERSION', 5);
  32
  33         require_once "sanity_check.php";
  34         require_once "config.php";
  35         require_once "db.php";
  36         require_once "db-prefs.php";
  37         require_once "functions.php";
  38         require_once "magpierss/rss_fetch.inc";
  39
  40         $script_started = getmicrotime();
  41
  42         $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
  43
  44         if (!$link) {
  45                 if (DB_TYPE == "mysql") {
  46                         print mysql_error();
  47                 }
  48                 // PG seems to display its own errors just fine by default.
  49                 return;
  50         }
  51
  52         if (DB_TYPE == "pgsql") {
  53                 pg_query("set client_encoding = 'utf-8'");
  54         }
  55
  56         if ($_SESSION["uid"]) {
  57                 if (get_pref($link, "HIDE_READ_FEEDS") == "true") {
  58                         setcookie("ttrss_vf_hreadf", 1);
  59                 } else {
  60                         setcookie("ttrss_vf_hreadf", 0);
  61                 }
  62
  63                 setcookie('ttrss_vf_refresh', FEEDS_FRAME_REFRESH);
  64                 setcookie('ttrss_vf_daemon', ENABLE_UPDATE_DAEMON);
  65         }
  66
  67         $fetch = $_GET["fetch"];
  68
  69         setcookie("ttrss_icons_url", ICONS_URL);
  70
  71         if (!sanity_check($link)) { return; }
  72
  73         function getAllCounters($link) {
  74                 getLabelCounters($link);
  75                 getFeedCounters($link);
  76                 getTagCounters($link);
  77                 getGlobalCounters($link);
  78                 if (get_pref($link, 'ENABLE_FEED_CATS')) {
  79                         getCategoryCounters($link);
  80                 }
  81         }
  82
  83         function getCategoryCounters($link) {
  84                 $result = db_query($link, "SELECT cat_id,SUM((SELECT COUNT(int_id)
  85                                 FROM ttrss_user_entries WHERE feed_id = ttrss_feeds.id
  86                                         AND unread = true)) AS unread FROM ttrss_feeds
  87                         WHERE
  88                                 owner_uid = ".$_SESSION["uid"]." GROUP BY cat_id");
  89
  90                 while ($line = db_fetch_assoc($result)) {
  91                         $line["cat_id"] = sprintf("%d", $line["cat_id"]);
  92                         print "<counter type=\"category\" id=\"".$line["cat_id"]."\" counter=\"".
  93                                 $line["unread"]."\"/>";
  94                 }
  95         }
  96
  97         function getFeedUnread($link, $feed) {
  98                 $n_feed = sprintf("%d", $feed);
  99
 100                 if ($n_feed == -1) {
 101                         $match_part = "marked = true";
 102                 } else if ($feed > 0) {
 103                         $match_part = "feed_id = '$n_feed'";
 104                 } else if ($feed < -10) {
 105                         $label_id = -$feed - 11;
 106
 107                         $result = db_query($link, "SELECT sql_exp FROM ttrss_labels WHERE
 108                                 id = '$label_id' AND owner_uid = " . $_SESSION["uid"]);
 109
 110                         $match_part = db_fetch_result($result, 0, "sql_exp");
 111                 }
 112
 113                 if ($match_part) {
 114
 115                         $result = db_query($link, "SELECT count(int_id) AS unread
 116                                 FROM ttrss_user_entries
 117                                 WHERE   unread = true AND $match_part AND owner_uid = " . $_SESSION["uid"]);
 118
 119                 } else {
 120
 121                         $result = db_query($link, "SELECT COUNT(post_int_id) AS unread
 122                                 FROM ttrss_tags,ttrss_user_entries
 123                                 WHERE tag_name = '$feed' AND post_int_id = int_id AND unread = true AND
 124                                         ttrss_tags.owner_uid = " . $_SESSION["uid"]);
 125                 }
 126
 127                 $unread = db_fetch_result($result, 0, "unread");
 128                 return $unread;
 129         }
 130
 131         /* FIXME this needs reworking */
 132
 133         function getGlobalUnread($link) {
 134                 $result = db_query($link, "SELECT count(id) as c_id FROM ttrss_entries,ttrss_user_entries
 135                         WHERE unread = true AND
 136                         ttrss_user_entries.ref_id = ttrss_entries.id AND
 137                         owner_uid = " . $_SESSION["uid"]);
 138                 $c_id = db_fetch_result($result, 0, "c_id");
 139                 return $c_id;
 140         }
 141
 142         function getGlobalCounters($link, $global_unread = -1) {
 143                 if ($global_unread == -1) {
 144                         $global_unread = getGlobalUnread($link);
 145                 }
 146                 print "<counter type=\"global\" id='global-unread' counter='$global_unread'/>";
 147         }
 148
 149         function getTagCounters($link, $smart_mode = SMART_RPC_COUNTERS) {
 150
 151                 if ($smart_mode) {
 152                         if (!$_SESSION["tctr_last_value"]) {
 153                                 $_SESSION["tctr_last_value"] = array();
 154                         }
 155                 }
 156
 157                 $old_counters = $_SESSION["tctr_last_value"];
 158
 159                 $tctrs_modified = false;
 160
 161 /*              $result = db_query($link, "SELECT tag_name,count(ttrss_entries.id) AS count
 162                         FROM ttrss_tags,ttrss_entries,ttrss_user_entries WHERE
 163                         ttrss_user_entries.ref_id = ttrss_entries.id AND
 164                         ttrss_tags.owner_uid = ".$_SESSION["uid"]." AND
 165                         post_int_id = ttrss_user_entries.int_id AND unread = true GROUP BY tag_name
 166                 UNION
 167                         select tag_name,0 as count FROM ttrss_tags
 168                         WHERE ttrss_tags.owner_uid = ".$_SESSION["uid"]); */
 169
 170                 $result = db_query($link, "SELECT tag_name,SUM((SELECT COUNT(int_id)
 171                         FROM ttrss_user_entries WHERE int_id = post_int_id
 172                                 AND unread = true)) AS count FROM ttrss_tags
 173                         WHERE owner_uid = 2 GROUP BY tag_name ORDER BY tag_name");
 174
 175                 $tags = array();
 176
 177                 while ($line = db_fetch_assoc($result)) {
 178                         $tags[$line["tag_name"]] += $line["count"];
 179                 }
 180
 181                 foreach (array_keys($tags) as $tag) {
 182                         $unread = $tags[$tag];
 183
 184                         $tag = htmlspecialchars($tag);
 185
 186                         if (!$smart_mode || $old_counters[$tag] != $unread) {
 187                                 $old_counters[$tag] = $unread;
 188                                 $tctrs_modified = true;
 189                                 print "<counter type=\"tag\" id=\"$tag\" counter=\"$unread\"/>";
 190                         }
 191
 192                 }
 193
 194                 if ($smart_mode && $tctrs_modified) {
 195                         $_SESSION["tctr_last_value"] = $old_counters;
 196                 }
 197
 198         }
 199
 200         function getLabelCounters($link, $smart_mode = SMART_RPC_COUNTERS) {
 201
 202                 if ($smart_mode) {
 203                         if (!$_SESSION["lctr_last_value"]) {
 204                                 $_SESSION["lctr_last_value"] = array();
 205                         }
 206                 }
 207
 208                 $old_counters = $_SESSION["lctr_last_value"];
 209                 $lctrs_modified = false;
 210
 211                 $result = db_query($link, "SELECT count(id) as count FROM ttrss_entries,ttrss_user_entries
 212                         WHERE marked = true AND ttrss_user_entries.ref_id = ttrss_entries.id AND
 213                         unread = true AND owner_uid = ".$_SESSION["uid"]);
 214
 215                 $count = db_fetch_result($result, 0, "count");
 216
 217                 print "<counter type=\"label\" id=\"-1\" counter=\"$count\"/>";
 218
 219                 $result = db_query($link, "SELECT owner_uid,id,sql_exp,description FROM
 220                         ttrss_labels WHERE owner_uid = ".$_SESSION["uid"]." ORDER by description");
 221
 222                 while ($line = db_fetch_assoc($result)) {
 223
 224                         $id = -$line["id"] - 11;
 225
 226                         error_reporting (0);
 227
 228                         $tmp_result = db_query($link, "SELECT count(id) as count FROM ttrss_user_entries,ttrss_entries
 229                                 WHERE (" . $line["sql_exp"] . ") AND unread = true AND
 230                                 ttrss_user_entries.ref_id = ttrss_entries.id AND
 231                                 owner_uid = ".$_SESSION["uid"]);
 232
 233                         $count = db_fetch_result($tmp_result, 0, "count");
 234
 235                         if (!$smart_mode || $old_counters[$id] != $count) {
 236                                 $old_counters[$id] = $count;
 237                                 $lctrs_modified = true;
 238                                 print "<counter type=\"label\" id=\"$id\" counter=\"$count\"/>";
 239                         }
 240
 241                         error_reporting (DEFAULT_ERROR_LEVEL);
 242                 }
 243
 244                 if ($smart_mode && $lctrs_modified) {
 245                         $_SESSION["lctr_last_value"] = $old_counters;
 246                 }
 247         }
 248
 249 /*      function getFeedCounter($link, $id) {
 250
 251                 $result = db_query($link, "SELECT
 252                                 count(id) as count,last_error
 253                         FROM ttrss_entries,ttrss_user_entries,ttrss_feeds
 254                         WHERE feed_id = '$id' AND unread = true
 255                         AND ttrss_user_entries.feed_id = ttrss_feeds.id
 256                         AND ttrss_user_entries.ref_id = ttrss_entries.id");
 257
 258                         $count = db_fetch_result($result, 0, "count");
 259                         $last_error = htmlspecialchars(db_fetch_result($result, 0, "last_error"));
 260
 261                         print "<counter type=\"feed\" id=\"$id\" counter=\"$count\" error=\"$last_error\"/>";
 262         } */
 263
 264         function getFeedCounters($link, $smart_mode = SMART_RPC_COUNTERS) {
 265
 266                 if ($smart_mode) {
 267                         if (!$_SESSION["fctr_last_value"]) {
 268                                 $_SESSION["fctr_last_value"] = array();
 269                         }
 270                 }
 271
 272                 $old_counters = $_SESSION["fctr_last_value"];
 273
 274                 $result = db_query($link, "SELECT id,last_error,parent_feed,
 275                         (SELECT count(id)
 276                                 FROM ttrss_entries,ttrss_user_entries
 277                                 WHERE feed_id = ttrss_feeds.id AND
 278                                         ttrss_user_entries.ref_id = ttrss_entries.id
 279                                 AND unread = true AND owner_uid = ".$_SESSION["uid"].") as count
 280                         FROM ttrss_feeds WHERE owner_uid = ".$_SESSION["uid"] . "
 281                                 AND parent_feed IS NULL");
 282
 283                 $fctrs_modified = false;
 284
 285                 while ($line = db_fetch_assoc($result)) {
 286
 287                         $id = $line["id"];
 288                         $count = $line["count"];
 289                         $last_error = htmlspecialchars($line["last_error"]);
 290
 291                         $has_img = is_file(ICONS_DIR . "/$id.ico");
 292
 293                         $tmp_result = db_query($link,
 294                                 "SELECT id,COUNT(unread) AS unread
 295                                 FROM ttrss_feeds LEFT JOIN ttrss_user_entries
 296                                         ON (ttrss_feeds.id = ttrss_user_entries.feed_id)
 297                                 WHERE parent_feed = '$id' AND unread = true GROUP BY ttrss_feeds.id");
 298
 299                         if (db_num_rows($tmp_result) > 0) {
 300                                 while ($l = db_fetch_assoc($tmp_result)) {
 301                                         $count += $l["unread"];
 302                                 }
 303                         }
 304
 305                         if (!$smart_mode || $old_counters[$id] != $count) {
 306                                 $old_counters[$id] = $count;
 307                                 $fctrs_modified = true;
 308
 309                                 if ($last_error) {
 310                                         $error_part = "error=\"$last_error\"";
 311                                 } else {
 312                                         $error_part = "";
 313                                 }
 314
 315                                 if ($has_img) {
 316                                         $has_img_part = "hi=\"$has_img\"";
 317                                 } else {
 318                                         $has_img_part = "";
 319                                 }
 320
 321                                 print "<counter type=\"feed\" id=\"$id\" counter=\"$count\" $has_img_part $error_part/>";
 322                         }
 323                 }
 324
 325                 if ($smart_mode && $fctrs_modified) {
 326                         $_SESSION["fctr_last_value"] = $old_counters;
 327                 }
 328         }
 329
 330         function outputFeedList($link, $tags = false) {
 331
 332                 print "<html><head>
 333                         <title>Tiny Tiny RSS : Feedlist</title>
 334                         <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">";
 335
 336                 $user_theme = $_SESSION["theme"];
 337                 if ($user_theme) {
 338                         print "<link rel=\"stylesheet\" type=\"text/css\"
 339                                 href=\"themes/$user_theme/theme.css\">";
 340                 }
 341
 342                 if (get_pref($link, 'USE_COMPACT_STYLESHEET')) {
 343                         print "<link rel=\"stylesheet\" type=\"text/css\"
 344                                 href=\"tt-rss_compact.css\"/>";
 345                 } else {
 346                         print "<link title=\"Compact Stylesheet\" rel=\"alternate stylesheet\"
 347                                         type=\"text/css\" href=\"tt-rss_compact.css\"/>";
 348                 }
 349
 350                 print "<script type=\"text/javascript\" src=\"functions.js\"></script>
 351                         <script type=\"text/javascript\" src=\"feedlist.js\"></script>
 352                         <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
 353                         <!--[if gte IE 5.5000]>
 354                         <script type=\"text/javascript\" src=\"pngfix.js\"></script>
 355                         <link rel=\"stylesheet\" type=\"text/css\" href=\"tt-rss-ie.css\">
 356                         <![endif]-->
 357                         </head><body>
 358                         <script type=\"text/javascript\">
 359                                 if (document.addEventListener) {
 360                                         document.addEventListener(\"DOMContentLoaded\", init, null);
 361                                 }
 362                                 window.onload = init;
 363                         </script>";
 364
 365                 print "<ul class=\"feedList\" id=\"feedList\">\n";
 366
 367                 $owner_uid = $_SESSION["uid"];
 368
 369                 if (!$tags) {
 370
 371                         /* virtual feeds */
 372
 373                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 374                                 print "<li class=\"feedCat\">Special</li>\n";
 375                                 print "<li id=\"feedCatHolder\"><ul class=\"feedCatList\">\n";
 376                         }
 377
 378                         $result = db_query($link, "SELECT count(id) as num_starred
 379                                 FROM ttrss_entries,ttrss_user_entries
 380                                 WHERE marked = true AND
 381                                 ttrss_user_entries.ref_id = ttrss_entries.id AND
 382                                 unread = true AND owner_uid = '$owner_uid'");
 383                         $num_starred = db_fetch_result($result, 0, "num_starred");
 384
 385                         $class = "virt";
 386
 387                         if ($num_starred > 0) $class .= "Unread";
 388
 389                         printFeedEntry(-1, $class, "Starred articles", $num_starred,
 390                                 "images/mark_set.png", $link);
 391
 392                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 393                                 print "</ul>\n";
 394                         }
 395
 396                         if (GLOBAL_ENABLE_LABELS && get_pref($link, 'ENABLE_LABELS')) {
 397
 398                                 $result = db_query($link, "SELECT id,sql_exp,description FROM
 399                                         ttrss_labels WHERE owner_uid = '$owner_uid' ORDER by description");
 400
 401                                 if (db_num_rows($result) > 0) {
 402                                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 403                                                 print "<li class=\"feedCat\">Labels</li>\n";
 404                                                 print "<li id=\"feedCatHolder\"><ul class=\"feedCatList\">\n";
 405                                         } else {
 406                                                 print "<li><hr></li>\n";
 407                                         }
 408                                 }
 409
 410                                 while ($line = db_fetch_assoc($result)) {
 411
 412                                         error_reporting (0);
 413
 414                                         $tmp_result = db_query($link, "SELECT count(id) as count
 415                                                 FROM ttrss_entries,ttrss_user_entries
 416                                                 WHERE (" . $line["sql_exp"] . ") AND unread = true AND
 417                                                 ttrss_user_entries.ref_id = ttrss_entries.id
 418                                                 AND owner_uid = '$owner_uid'");
 419
 420                                         $count = db_fetch_result($tmp_result, 0, "count");
 421
 422                                         $class = "label";
 423
 424                                         if ($count > 0) {
 425                                                 $class .= "Unread";
 426                                         }
 427
 428                                         error_reporting (DEFAULT_ERROR_LEVEL);
 429
 430                                         printFeedEntry(-$line["id"]-11,
 431                                                 $class, $line["description"], $count, "images/label.png", $link);
 432
 433                                 }
 434
 435                                 if (db_num_rows($result) > 0) {
 436                                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 437                                                 print "</ul>";
 438                                         }
 439                                 }
 440
 441                         }
 442
 443 //                      if (!get_pref($link, 'ENABLE_FEED_CATS')) {
 444                                 print "<li><hr></li>";
 445 //                      }
 446
 447                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 448                                 $order_by_qpart = "category,title";
 449                         } else {
 450                                 $order_by_qpart = "title";
 451                         }
 452
 453                         $result = db_query($link, "SELECT ttrss_feeds.*,
 454                                 (SELECT COUNT(id) FROM ttrss_entries,ttrss_user_entries
 455                                         WHERE feed_id = ttrss_feeds.id AND
 456                                         ttrss_user_entries.ref_id = ttrss_entries.id AND
 457                                         owner_uid = '$owner_uid') AS total,
 458                                 (SELECT COUNT(id) FROM ttrss_entries,ttrss_user_entries
 459                                         WHERE feed_id = ttrss_feeds.id AND unread = true
 460                                                 AND ttrss_user_entries.ref_id = ttrss_entries.id
 461                                                 AND owner_uid = '$owner_uid') as unread,
 462                                 cat_id,last_error,
 463                                 ttrss_feed_categories.title AS category,
 464                                 ttrss_feed_categories.collapsed
 465                                 FROM ttrss_feeds LEFT JOIN ttrss_feed_categories
 466                                         ON (ttrss_feed_categories.id = cat_id)
 467                                 WHERE
 468                                         ttrss_feeds.owner_uid = '$owner_uid' AND parent_feed IS NULL
 469                                 ORDER BY $order_by_qpart");
 470
 471                         $actid = $_GET["actid"];
 472
 473                         /* real feeds */
 474
 475                         $lnum = 0;
 476
 477                         $total_unread = 0;
 478
 479                         $category = "";
 480
 481                         while ($line = db_fetch_assoc($result)) {
 482
 483                                 $feed = db_unescape_string($line["title"]);
 484                                 $feed_id = $line["id"];
 485
 486                                 $subop = $_GET["subop"];
 487
 488                                 $total = $line["total"];
 489                                 $unread = $line["unread"];
 490
 491                                 $tmp_result = db_query($link,
 492                                         "SELECT id,COUNT(unread) AS unread
 493                                         FROM ttrss_feeds LEFT JOIN ttrss_user_entries
 494                                                 ON (ttrss_feeds.id = ttrss_user_entries.feed_id)
 495                                         WHERE parent_feed = '$feed_id' AND unread = true
 496                                         GROUP BY ttrss_feeds.id");
 497
 498                                 if (db_num_rows($tmp_result) > 0) {
 499                                         while ($l = db_fetch_assoc($tmp_result)) {
 500                                                 $unread += $l["unread"];
 501                                         }
 502                                 }
 503
 504                                 $cat_id = $line["cat_id"];
 505
 506                                 $tmp_category = $line["category"];
 507
 508                                 if (!$tmp_category) {
 509                                         $tmp_category = "Uncategorized";
 510                                 }
 511
 512         //                      $class = ($lnum % 2) ? "even" : "odd";
 513
 514                                 if ($line["last_error"]) {
 515                                         $class = "error";
 516                                 } else {
 517                                         $class = "feed";
 518                                 }
 519
 520                                 if ($unread > 0) $class .= "Unread";
 521
 522                                 if ($actid == $feed_id) {
 523                                         $class .= "Selected";
 524                                 }
 525
 526                                 $total_unread += $unread;
 527
 528                                 if ($category != $tmp_category && get_pref($link, 'ENABLE_FEED_CATS')) {
 529
 530                                         if ($category) {
 531                                                 print "</ul></li>";
 532                                         }
 533
 534                                         $category = $tmp_category;
 535
 536                                         $collapsed = $line["collapsed"];
 537
 538                                         // workaround for NULL category
 539                                         if ($category == "Uncategorized") {
 540                                                 if ($_COOKIE["ttrss_vf_uclps"] == 1) {
 541                                                         $collapsed = "t";
 542                                                 }
 543                                         }
 544
 545                                         if ($collapsed == "t" || $collapsed == "1") {
 546                                                 $holder_class = "invisible";
 547                                                 $ellipsis = "...";
 548                                         } else {
 549                                                 $holder_class = "";
 550                                                 $ellipsis = "";
 551                                         }
 552
 553                                         if ($cat_id) {
 554                                                 $cat_id_qpart = "cat_id = '$cat_id'";
 555                                         } else {
 556                                                 $cat_id_qpart = "cat_id IS NULL";
 557                                         }
 558
 559                                         $tmp_result = db_query($link, "SELECT count(int_id) AS unread
 560                                                 FROM ttrss_user_entries,ttrss_feeds WHERE
 561                                                         unread = true AND
 562                                                         feed_id = ttrss_feeds.id AND $cat_id_qpart AND
 563                                                         ttrss_user_entries.owner_uid = " . $_SESSION["uid"]);
 564
 565                                         $cat_unread = db_fetch_result($tmp_result, 0, "unread");
 566
 567                                         $cat_id = sprintf("%d", $cat_id);
 568
 569                                         print "<li class=\"feedCat\" id=\"FCAT-$cat_id\">
 570                                                 <a href=\"javascript:toggleCollapseCat($cat_id)\">$tmp_category
 571                                                         <span id=\"FCATCTR-$cat_id\"
 572                                                         class=\"$catctr_class\">($cat_unread unread)$ellipsis</span></a></li>";
 573
 574                                         // !!! NO SPACE before <ul...feedCatList - breaks firstChild DOM function
 575                                         // -> keyboard navigation, etc.
 576                                         print "<li id=\"feedCatHolder\" class=\"$holder_class\"><ul class=\"feedCatList\" id=\"FCATLIST-$cat_id\">";
 577                                 }
 578
 579                                 printFeedEntry($feed_id, $class, $feed, $unread,
 580                                         "icons/$feed_id.ico", $link);
 581
 582                                 ++$lnum;
 583                         }
 584
 585                 } else {
 586
 587                         // tags
 588
 589 /*                      $result = db_query($link, "SELECT tag_name,count(ttrss_entries.id) AS count
 590                                 FROM ttrss_tags,ttrss_entries,ttrss_user_entries WHERE
 591                                 post_int_id = ttrss_user_entries.int_id AND
 592                                 unread = true AND ref_id = ttrss_entries.id
 593                                 AND ttrss_tags.owner_uid = '$owner_uid' GROUP BY tag_name
 594                         UNION
 595                                 select tag_name,0 as count FROM ttrss_tags WHERE owner_uid = '$owner_uid'
 596                         ORDER BY tag_name"); */
 597
 598                         $result = db_query($link, "SELECT tag_name,SUM((SELECT COUNT(int_id)
 599                                 FROM ttrss_user_entries WHERE int_id = post_int_id
 600                                         AND unread = true)) AS count FROM ttrss_tags
 601                                 WHERE owner_uid = 2 GROUP BY tag_name ORDER BY tag_name");
 602
 603                         $tags = array();
 604
 605                         while ($line = db_fetch_assoc($result)) {
 606                                 $tags[$line["tag_name"]] += $line["count"];
 607                         }
 608
 609                         foreach (array_keys($tags) as $tag) {
 610
 611                                 $unread = $tags[$tag];
 612
 613                                 $class = "tag";
 614
 615                                 if ($unread > 0) {
 616                                         $class .= "Unread";
 617                                 }
 618
 619                                 printFeedEntry($tag, $class, $tag, $unread, "images/tag.png", $link);
 620
 621                         }
 622
 623                 }
 624
 625                 if (db_num_rows($result) == 0) {
 626                         if ($tags) {
 627                                 $what = "tags";
 628                         } else {
 629                                 $what = "feeds";
 630                         }
 631                         print "<li>No $what to display.</li>";
 632                 }
 633
 634                 print "</ul>";
 635
 636                 print '
 637                         <script type="text/javascript">
 638                                 /* for IE */
 639                                 function statechange() {
 640                                         if (document.readyState == "interactive") init();
 641                                 }
 642
 643                                 if (document.readyState) {
 644                                         if (document.readyState == "interactive" || document.readyState == "complete") {
 645                                                 init();
 646                                         } else {
 647                                                 document.onreadystatechange = statechange;
 648                                         }
 649                                 }
 650                         </script></body></html>';
 651         }
 652
 653
 654         if ($op == "rpc") {
 655
 656                 $subop = $_GET["subop"];
 657
 658                 if ($subop == "setpref") {
 659                         if (WEB_DEMO_MODE) {
 660                                 return;
 661                         }
 662
 663                         print "<rpc-reply>";
 664
 665                         $key = db_escape_string($_GET["key"]);
 666                         $value = db_escape_string($_GET["value"]);
 667
 668                         set_pref($link, $key, $value);
 669
 670                         print "<param-set key=\"$key\" value=\"$value\"/>";
 671
 672                         print "</rpc-reply>";
 673
 674                 }
 675
 676                 if ($subop == "getLabelCounters") {
 677                         $aid = $_GET["aid"];
 678                         print "<rpc-reply>";
 679                         getLabelCounters($link);
 680                         if ($aid) {
 681                                 getFeedCounter($link, $aid);
 682                         }
 683                         print "</rpc-reply>";
 684                 }
 685
 686                 if ($subop == "getFeedCounters") {
 687                         print "<rpc-reply>";
 688                         getFeedCounters($link);
 689                         print "</rpc-reply>";
 690                 }
 691
 692                 if ($subop == "getAllCounters") {
 693                         print "<rpc-reply>";
 694                         getAllCounters($link);
 695                         print "</rpc-reply>";
 696                 }
 697
 698                 if ($subop == "mark") {
 699                         $mark = $_GET["mark"];
 700                         $id = db_escape_string($_GET["id"]);
 701
 702                         if ($mark == "1") {
 703                                 $mark = "true";
 704                         } else {
 705                                 $mark = "false";
 706                         }
 707
 708                         // FIXME this needs collision testing
 709
 710                         $result = db_query($link, "UPDATE ttrss_user_entries SET marked = $mark
 711                                 WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 712                 }
 713
 714                 if ($subop == "updateFeed") {
 715                         $feed_id = db_escape_string($_GET["feed"]);
 716
 717                         $result = db_query($link,
 718                                 "SELECT feed_url FROM ttrss_feeds WHERE id = '$feed_id'
 719                                         AND owner_uid = " . $_SESSION["uid"]);
 720
 721                         if (db_num_rows($result) > 0) {
 722                                 $feed_url = db_fetch_result($result, 0, "feed_url");
 723                                 update_rss_feed($link, $feed_url, $feed_id);
 724                         }
 725
 726                         print "<rpc-reply>";
 727                         getFeedCounter($link, $feed_id);
 728                         print "</rpc-reply>";
 729
 730                         return;
 731                 }
 732
 733                 if ($subop == "forceUpdateAllFeeds" || $subop == "updateAllFeeds") {
 734
 735                         if (ENABLE_UPDATE_DAEMON) {
 736
 737                                 if ($subop == "forceUpdateAllFeeds") {
 738
 739                                         $result = db_query($link, "SELECT count(id) AS cid FROM
 740                                                 ttrss_scheduled_updates WHERE feed_id IS NULL AND
 741                                                         owner_uid = " . $_SESSION["uid"]);
 742
 743                                         $cid = db_fetch_result($result, 0, "cid");
 744
 745 #                                       print "<rpc-reply>";
 746
 747                                         if ($cid == 0) {
 748
 749                                                 db_query($link, "INSERT INTO ttrss_scheduled_updates
 750                                                         (owner_uid, feed_id, entered) VALUES
 751                                                         (".$_SESSION["uid"].", NULL, NOW())");
 752
 753 //                                              print "<!-- ScheduledOK -->";
 754
 755                                         } else {
 756 //                                              print "<!-- RequestAlreadyInQueue -->";
 757                                         }
 758
 759 #                                       print "</rpc-reply>";
 760                                 }
 761
 762                         } else {
 763                                 update_all_feeds($link, $subop == "forceUpdateAllFeeds");
 764                         }
 765
 766                         $global_unread_caller = sprintf("%d", $_GET["uctr"]);
 767                         $global_unread = getGlobalUnread($link);
 768
 769                         print "<rpc-reply>";
 770
 771                         if ($global_unread_caller != $global_unread) {
 772
 773                                 $omode = $_GET["omode"];
 774
 775                                 if (!$omode) $omode = "tflc";
 776
 777                                 if (strchr($omode, "l")) getLabelCounters($link);
 778                                 if (strchr($omode, "f")) getFeedCounters($link);
 779                                 if (strchr($omode, "t")) getTagCounters($link);
 780                                 if (strchr($omode, "c")) {
 781                                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 782                                                 getCategoryCounters($link);
 783                                         }
 784                                 }
 785                         }
 786
 787                         getGlobalCounters($link, $global_unread);
 788
 789                         print "</rpc-reply>";
 790
 791                 }
 792
 793                 /* GET["cmode"] = 0 - mark as read, 1 - as unread, 2 - toggle */
 794                 if ($subop == "catchupSelected") {
 795
 796                         $ids = split(",", db_escape_string($_GET["ids"]));
 797
 798                         $cmode = sprintf("%d", $_GET["cmode"]);
 799
 800                         foreach ($ids as $id) {
 801
 802                                 if ($cmode == 0) {
 803                                         db_query($link, "UPDATE ttrss_user_entries SET
 804                                         unread = false,last_read = NOW()
 805                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 806                                 } else if ($cmode == 1) {
 807                                         db_query($link, "UPDATE ttrss_user_entries SET
 808                                         unread = true
 809                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 810                                 } else {
 811                                         db_query($link, "UPDATE ttrss_user_entries SET
 812                                         unread = NOT unread,last_read = NOW()
 813                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 814                                 }
 815                         }
 816                         print "<rpc-reply>";
 817                         getAllCounters($link);
 818                         print "</rpc-reply>";
 819                 }
 820
 821                 if ($subop == "markSelected") {
 822
 823                         $ids = split(",", db_escape_string($_GET["ids"]));
 824
 825                         $cmode = sprintf("%d", $_GET["cmode"]);
 826
 827                         foreach ($ids as $id) {
 828
 829                                 if ($cmode == 0) {
 830                                         db_query($link, "UPDATE ttrss_user_entries SET
 831                                         marked = false
 832                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 833                                 } else if ($cmode == 1) {
 834                                         db_query($link, "UPDATE ttrss_user_entries SET
 835                                         marked = true
 836                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 837                                 } else {
 838                                         db_query($link, "UPDATE ttrss_user_entries SET
 839                                         marked = NOT marked
 840                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 841                                 }
 842                         }
 843                         print "<rpc-reply>";
 844                         getAllCounters($link);
 845                         print "</rpc-reply>";
 846                 }
 847
 848                 if ($subop == "sanityCheck") {
 849                         if (sanity_check($link)) {
 850                                 print "<error error-code=\"0\"/>";
 851                         }
 852                 }
 853
 854                 if ($subop == "globalPurge") {
 855
 856                         print "<rpc-reply>";
 857                         global_purge_old_posts($link, true);
 858                         print "</rpc-reply>";
 859
 860                 }
 861
 862         }
 863
 864         if ($op == "feeds") {
 865
 866                 $tags = $_GET["tags"];
 867
 868                 $subop = $_GET["subop"];
 869
 870                 if ($subop == "catchupAll") {
 871                         db_query($link, "UPDATE ttrss_user_entries SET
 872                                 last_read = NOW(),unread = false WHERE owner_uid = " . $_SESSION["uid"]);
 873                 }
 874
 875                 if ($subop == "collapse") {
 876                         $cat_id = db_escape_string($_GET["cid"]);
 877
 878                         db_query($link, "UPDATE ttrss_feed_categories SET
 879                                 collapsed = NOT collapsed WHERE id = '$cat_id' AND owner_uid = " .
 880                                 $_SESSION["uid"]);
 881                         return;
 882                 }
 883
 884                 outputFeedList($link, $tags);
 885
 886         }
 887
 888         if ($op == "view") {
 889
 890                 $id = $_GET["id"];
 891                 $feed_id = $_GET["feed"];
 892
 893                 $result = db_query($link, "UPDATE ttrss_user_entries
 894                         SET unread = false,last_read = NOW()
 895                         WHERE ref_id = '$id' AND feed_id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]);
 896
 897                 $addheader = $_GET["addheader"];
 898
 899                 $result = db_query($link, "SELECT title,link,content,feed_id,comments,int_id,
 900                         SUBSTRING(updated,1,16) as updated,
 901                         (SELECT icon_url FROM ttrss_feeds WHERE id = feed_id) as icon_url,
 902                         num_comments
 903                         FROM ttrss_entries,ttrss_user_entries
 904                         WHERE   id = '$id' AND ref_id = id");
 905
 906                 if ($addheader) {
 907                         print "<html><head>
 908                                 <title>Tiny Tiny RSS : Article $id</title>
 909                                 <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">";
 910
 911                         $user_theme = $_SESSION["theme"];
 912                         if ($user_theme) {
 913                                 print "<link rel=\"stylesheet\" type=\"text/css\"
 914                                         href=\"themes/$user_theme/theme.css\">";
 915                         }
 916
 917                         if (get_pref($link, 'USE_COMPACT_STYLESHEET')) {
 918                                 print "<link rel=\"stylesheet\" type=\"text/css\"
 919                                         href=\"tt-rss_compact.css\"/>";
 920                         } else {
 921                                 print "<link title=\"Compact Stylesheet\" rel=\"alternate stylesheet\"
 922                                                 type=\"text/css\" href=\"tt-rss_compact.css\"/>";
 923                         }
 924
 925                         print "<script type=\"text/javascript\" src=\"functions.js\"></script>
 926                                 <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
 927                                 </head><body>";
 928                 }
 929
 930                 if ($result) {
 931
 932                         $line = db_fetch_assoc($result);
 933
 934                         if ($line["icon_url"]) {
 935                                 $feed_icon = "<img class=\"feedIcon\" src=\"" . $line["icon_url"] . "\">";
 936                         } else {
 937                                 $feed_icon = "&nbsp;";
 938                         }
 939
 940 /*                      if ($line["comments"] && $line["link"] != $line["comments"]) {
 941                                 $entry_comments = "(<a href=\"".$line["comments"]."\">Comments</a>)";
 942                         } else {
 943                                 $entry_comments = "";
 944                         } */
 945
 946                         $num_comments = $line["num_comments"];
 947                         $entry_comments = "";
 948
 949                         if ($num_comments > 0) {
 950                                 if ($line["comments"]) {
 951                                         $comments_url = $line["comments"];
 952                                 } else {
 953                                         $comments_url = $line["link"];
 954                                 }
 955                                 $entry_comments = "<a href=\"$comments_url\">$num_comments comments</a>";
 956                         } else {
 957                                 if ($line["comments"] && $line["link"] != $line["comments"]) {
 958                                         $entry_comments = "<a href=\"".$line["comments"]."\">comments</a>";
 959                                 }
 960                         }
 961
 962                         print "<div class=\"postReply\">";
 963
 964                         print "<div class=\"postHeader\"><table width=\"100%\">";
 965
 966                         print "<tr><td><a href=\"" . $line["link"] . "\">" . $line["title"] . "</a></td>";
 967
 968                         $parsed_updated = date(get_pref($link, 'LONG_DATE_FORMAT'),
 969                                 strtotime($line["updated"]));
 970
 971                         print "<td class=\"postDate\">$parsed_updated</td>";
 972
 973                         print "</tr>";
 974
 975                         $tmp_result = db_query($link, "SELECT DISTINCT tag_name FROM
 976                                 ttrss_tags WHERE post_int_id = " . $line["int_id"] . "
 977                                 ORDER BY tag_name");
 978
 979                         $tags_str = "";
 980                         $f_tags_str = "";
 981
 982                         $num_tags = 0;
 983
 984                         while ($tmp_line = db_fetch_assoc($tmp_result)) {
 985                                 $num_tags++;
 986                                 $tag = $tmp_line["tag_name"];
 987                                 $tag_str = "<a href=\"javascript:parent.viewfeed('$tag')\">$tag</a>, ";
 988
 989                                 if ($num_tags == 5) {
 990                                         $tags_str .= "<a href=\"javascript:showBlockElement('allEntryTags')\">...</a>";
 991                                 } else if ($num_tags < 5) {
 992                                         $tags_str .= $tag_str;
 993                                 }
 994                                 $f_tags_str .= $tag_str;
 995                         }
 996
 997                         $tags_str = preg_replace("/, $/", "", $tags_str);
 998                         $f_tags_str = preg_replace("/, $/", "", $f_tags_str);
 999
1000 //                      $truncated_link = truncate_string($line["link"], 60);
1001
1002                         if ($tags_str || $entry_comments) {
1003                                 print "<tr><td width='50%'>
1004                                         $entry_comments</td>
1005                                         <td align=\"right\">$tags_str</td></tr>";
1006                         }
1007
1008                         print "</table></div>";
1009
1010                         print "<div class=\"postIcon\">" . $feed_icon . "</div>";
1011                         print "<div class=\"postContent\">";
1012
1013                         if (db_num_rows($tmp_result) > 5) {
1014                                 print "<div id=\"allEntryTags\">Tags: $f_tags_str</div>";
1015                         }
1016
1017                         print $line["content"] . "</div>";
1018
1019                         print "</div>";
1020
1021                         print "<script type=\"text/javascript\">
1022                                 update_all_counters('$feed_id');
1023                         </script>";
1024                 }
1025
1026                 if ($addheader) {
1027                         print "</body></html>";
1028                 }
1029         }
1030
1031         if ($op == "viewfeed") {
1032
1033                 $feed = $_GET["feed"];
1034                 $skip = $_GET["skip"];
1035                 $subop = $_GET["subop"];
1036                 $view_mode = $_GET["view"];
1037                 $addheader = $_GET["addheader"];
1038                 $limit = $_GET["limit"];
1039
1040                 if (!$feed) {
1041                         return;
1042                 }
1043
1044                 if (!$skip) $skip = 0;
1045
1046                 if ($subop == "undefined") $subop = "";
1047
1048                 if ($addheader) {
1049                         print "<html><head>
1050                                 <title>Tiny Tiny RSS : Feed $feed</title>
1051                                 <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">";
1052
1053                         $user_theme = $_SESSION["theme"];
1054                         if ($user_theme) {
1055                                 print "<link rel=\"stylesheet\" type=\"text/css\"
1056                                         href=\"themes/$user_theme/theme.css\">";
1057                         }
1058
1059                         if (get_pref($link, 'USE_COMPACT_STYLESHEET')) {
1060                                 print "<link rel=\"stylesheet\"
1061                                                 type=\"text/css\" href=\"tt-rss_compact.css\"/>";
1062
1063                         } else {
1064                                 print "<link title=\"Compact Stylesheet\" rel=\"alternate stylesheet\"
1065                                                 type=\"text/css\" href=\"tt-rss_compact.css\"/>";
1066                         }
1067
1068                         print "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
1069                                 <script type=\"text/javascript\" src=\"functions.js\"></script>
1070                                 <script type=\"text/javascript\" src=\"viewfeed.js\"></script>
1071                                 <!--[if gte IE 5.5000]>
1072                                 <script type=\"text/javascript\" src=\"pngfix.js\"></script>
1073                                 <link rel=\"stylesheet\" type=\"text/css\" href=\"tt-rss-ie.css\">
1074                                 <![endif]-->
1075                                 </head><body>
1076                                 <script type=\"text/javascript\">
1077                                 if (document.addEventListener) {
1078                                         document.addEventListener(\"DOMContentLoaded\", init, null);
1079                                 }
1080                                 window.onload = init;
1081                                 </script>";
1082                 }
1083
1084                 if ($subop == "ForceUpdate" && sprintf("%d", $feed) > 0) {
1085
1086 /*                      if (ENABLE_UPDATE_DAEMON) {
1087
1088                                 if ($cid == 0) {
1089
1090                                         db_query($link, "INSERT INTO ttrss_scheduled_updates
1091                                                 (owner_uid, feed_id, entered) VALUES
1092                                                 (".$_SESSION["uid"].", '$feed', NOW())");
1093                                 }
1094
1095                         } else {
1096                                 // fixme update_rss_feed...
1097                         } */
1098
1099                         $tmp_result = db_query($link, "SELECT feed_url FROM ttrss_feeds
1100                                 WHERE id = '$feed'");
1101                         $feed_url = db_fetch_result($tmp_result, 0, "feed_url");
1102                         update_rss_feed($link, $feed_url, $feed, ENABLE_UPDATE_DAEMON);
1103                 }
1104
1105                 if ($subop == "MarkAllRead")  {
1106
1107                         if (sprintf("%d", $feed) != 0) {
1108
1109                                 if ($feed > 0) {
1110
1111                                         $tmp_result = db_query($link, "SELECT id
1112                                                 FROM ttrss_feeds WHERE parent_feed = '$feed'
1113                                                 ORDER BY cat_id,title");
1114
1115                                         $parent_ids = array();
1116
1117                                         if (db_num_rows($tmp_result) > 0) {
1118                                                 while ($p = db_fetch_assoc($tmp_result)) {
1119                                                         array_push($parent_ids, "feed_id = " . $p["id"]);
1120                                                 }
1121
1122                                                 $children_qpart = implode(" OR ", $parent_ids);
1123
1124                                                 db_query($link, "UPDATE ttrss_user_entries
1125                                                         SET unread = false,last_read = NOW()
1126                                                         WHERE (feed_id = '$feed' OR $children_qpart)
1127                                                         AND owner_uid = " . $_SESSION["uid"]);
1128
1129                                         } else {
1130                                                 db_query($link, "UPDATE ttrss_user_entries
1131                                                         SET unread = false,last_read = NOW()
1132                                                         WHERE feed_id = '$feed' AND owner_uid = " . $_SESSION["uid"]);
1133                                         }
1134
1135                                 } else if ($feed < 0 && $feed > -10) { // special, like starred
1136
1137                                         if ($feed == -1) {
1138                                                 db_query($link, "UPDATE ttrss_user_entries
1139                                                         SET unread = false,last_read = NOW()
1140                                                         WHERE marked = true AND owner_uid = ".$_SESSION["uid"]);
1141                                         }
1142
1143                                 } else if ($feed < -10) { // label
1144
1145                                         // TODO make this more efficient
1146
1147                                         $label_id = -$feed - 11;
1148
1149                                         $tmp_result = db_query($link, "SELECT sql_exp FROM ttrss_labels
1150                                                 WHERE id = '$label_id'");
1151
1152                                         if ($tmp_result) {
1153                                                 $sql_exp = db_fetch_result($tmp_result, 0, "sql_exp");
1154
1155                                                 db_query($link, "BEGIN");
1156
1157                                                 $tmp2_result = db_query($link,
1158                                                         "SELECT
1159                                                                 int_id
1160                                                         FROM
1161                                                                 ttrss_user_entries,ttrss_entries
1162                                                         WHERE
1163                                                                 ref_id = id AND
1164                                                                 $sql_exp AND
1165                                                                 owner_uid = " . $_SESSION["uid"]);
1166
1167                                                 while ($tmp_line = db_fetch_assoc($tmp2_result)) {
1168                                                         db_query($link, "UPDATE
1169                                                                 ttrss_user_entries
1170                                                         SET
1171                                                                 unread = false, last_read = NOW()
1172                                                         WHERE
1173                                                                 int_id = " . $tmp_line["int_id"]);
1174                                                 }
1175
1176                                                 db_query($link, "COMMIT");
1177
1178 /*                                              db_query($link, "UPDATE ttrss_user_entries,ttrss_entries
1179                                                         SET unread = false,last_read = NOW()
1180                                                         WHERE $sql_exp
1181                                                         AND ref_id = id
1182                                                         AND owner_uid = ".$_SESSION["uid"]); */
1183                                         }
1184                                 }
1185                         } else { // tag
1186                                 db_query($link, "BEGIN");
1187
1188                                 $tag_name = db_escape_string($feed);
1189
1190                                 $result = db_query($link, "SELECT post_int_id FROM ttrss_tags
1191                                         WHERE tag_name = '$tag_name' AND owner_uid = " . $_SESSION["uid"]);
1192
1193                                 while ($line = db_fetch_assoc($result)) {
1194                                         db_query($link, "UPDATE ttrss_user_entries SET
1195                                                 unread = false, last_read = NOW()
1196                                                 WHERE int_id = " . $line["post_int_id"]);
1197                                 }
1198                                 db_query($link, "COMMIT");
1199                         }
1200
1201                 }
1202
1203                 $search = db_escape_string($_GET["search"]);
1204                 $search_mode = db_escape_string($_GET["smode"]);
1205
1206                 if ($search) {
1207                         $search_query_part = "(upper(ttrss_entries.title) LIKE upper('%$search%')
1208                                 OR ttrss_entries.content LIKE '%$search%') AND";
1209                 } else {
1210                         $search_query_part = "";
1211                 }
1212
1213                 $view_query_part = "";
1214
1215                 if ($view_mode == "Adaptive") {
1216                         if ($search) {
1217                                 $view_query_part = " ";
1218                         } else if ($feed != -1) {
1219                                 $unread = getFeedUnread($link, $feed);
1220                                 if ($unread > 0) {
1221                                         $view_query_part = " unread = true AND ";
1222                                 }
1223                         }
1224                 }
1225
1226                 if ($view_mode == "Starred") {
1227                         $view_query_part = " marked = true AND ";
1228                 }
1229
1230                 if ($view_mode == "Unread") {
1231                         $view_query_part = " unread = true AND ";
1232                 }
1233
1234                 if ($limit && $limit != "All") {
1235                         $limit_query_part = "LIMIT " . $limit;
1236                 }
1237
1238                 $vfeed_query_part = "";
1239
1240                 // override query strategy and enable feed display when searching globally
1241                 if ($search && $search_mode == "All feeds") {
1242                         $query_strategy_part = "ttrss_entries.id > 0";
1243                         $vfeed_query_part = "ttrss_feeds.title AS feed_title,";
1244                 } else if (sprintf("%d", $feed) == 0) {
1245                         $query_strategy_part = "ttrss_entries.id > 0";
1246                         $vfeed_query_part = "(SELECT title FROM ttrss_feeds WHERE
1247                                 id = feed_id) as feed_title,";
1248                 } else if ($feed >= 0) {
1249
1250                         $tmp_result = db_query($link, "SELECT id
1251                                 FROM ttrss_feeds WHERE parent_feed = '$feed'
1252                                 ORDER BY cat_id,title");
1253
1254                         $parent_ids = array();
1255
1256                         if (db_num_rows($tmp_result) > 0) {
1257                                 while ($p = db_fetch_assoc($tmp_result)) {
1258                                         array_push($parent_ids, "feed_id = " . $p["id"]);
1259                                 }
1260
1261                                 $query_strategy_part = sprintf("(feed_id = %d OR %s)",
1262                                         $feed, implode(" OR ", $parent_ids));
1263
1264                                 $vfeed_query_part = "ttrss_feeds.title AS feed_title,";
1265                         } else {
1266                                 $query_strategy_part = "feed_id = '$feed'";
1267                         }
1268                 } else if ($feed == -1) { // starred virtual feed
1269                         $query_strategy_part = "marked = true";
1270                         $vfeed_query_part = "ttrss_feeds.title AS feed_title,";
1271                 } else if ($feed <= -10) { // labels
1272                         $label_id = -$feed - 11;
1273
1274                         $tmp_result = db_query($link, "SELECT sql_exp FROM ttrss_labels
1275                                 WHERE id = '$label_id'");
1276
1277                         $query_strategy_part = db_fetch_result($tmp_result, 0, "sql_exp");
1278
1279                         $vfeed_query_part = "ttrss_feeds.title AS feed_title,";
1280                 } else {
1281                         $query_strategy_part = "id > 0"; // dumb
1282                 }
1283
1284                 $order_by = "updated DESC";
1285
1286 //              if ($feed < -10) {
1287 //                      $order_by = "feed_id,updated DESC";
1288 //              }
1289
1290                 $feed_title = "";
1291
1292                 if ($search && $search_mode == "All feeds") {
1293                         $feed_title = "Global search results ($search)";
1294                 } else if ($search && sprintf("%d", $feed) == 0) {
1295                         $feed_title = "Feed search results ($search, $feed)";
1296                 } else if ($feed > 0) {
1297                         $result = db_query($link, "SELECT title,site_url,last_error FROM ttrss_feeds
1298                                 WHERE id = '$feed'");
1299
1300                         $feed_title = db_fetch_result($result, 0, "title");
1301                         $feed_site_url = db_fetch_result($result, 0, "site_url");
1302                         $last_error = db_fetch_result($result, 0, "last_error");
1303
1304                 } else if ($feed == -1) {
1305                         $feed_title = "Starred articles";
1306                 } else if ($feed < -10) {
1307                         $label_id = -$feed - 11;
1308                         $result = db_query($link, "SELECT description FROM ttrss_labels
1309                                 WHERE id = '$label_id'");
1310                         $feed_title = db_fetch_result($result, 0, "description");
1311                 } else {
1312                         $feed_title = "?";
1313                 }
1314
1315                 if ($feed < -10) error_reporting (0);
1316
1317                 print "<div id=\"headlinesContainer\">";
1318
1319                 if (sprintf("%d", $feed) != 0) {
1320
1321                         if ($feed > 0) {
1322                                 $feed_kind = "Feeds";
1323                         } else {
1324                                 $feed_kind = "Labels";
1325                         }
1326
1327 //                      if (!$vfeed_query_part) {
1328                         $content_query_part = "content as content_preview,";
1329 //                      } else {
1330 //                              $content_query_part = "";
1331 //                      }
1332
1333                         $result = db_query($link, "SELECT
1334                                         ttrss_entries.id,ttrss_entries.title,
1335                                         SUBSTRING(updated,1,16) as updated,
1336                                         unread,feed_id,marked,link,last_read,
1337                                         SUBSTRING(last_read,1,19) as last_read_noms,
1338                                         $vfeed_query_part
1339                                         $content_query_part
1340                                         SUBSTRING(updated,1,19) as updated_noms
1341                                 FROM
1342                                         ttrss_entries,ttrss_user_entries,ttrss_feeds
1343                                 WHERE
1344                                 ttrss_user_entries.feed_id = ttrss_feeds.id AND
1345                                 ttrss_user_entries.ref_id = ttrss_entries.id AND
1346                                 ttrss_user_entries.owner_uid = '".$_SESSION["uid"]."' AND
1347                                 $search_query_part
1348                                 $view_query_part
1349                                 $query_strategy_part ORDER BY $order_by
1350                                 $limit_query_part");
1351
1352                 } else {
1353                         // browsing by tag
1354
1355                         $feed_kind = "Tags";
1356
1357                         $result = db_query($link, "SELECT
1358                                 ttrss_entries.id as id,title,
1359                                 SUBSTRING(updated,1,16) as updated,
1360                                 unread,feed_id,
1361                                 marked,link,last_read,
1362                                 SUBSTRING(last_read,1,19) as last_read_noms,
1363                                 $vfeed_query_part
1364                                 $content_query_part
1365                                 SUBSTRING(updated,1,19) as updated_noms
1366                                 FROM
1367                                         ttrss_entries,ttrss_user_entries,ttrss_tags
1368                                 WHERE
1369                                         ref_id = ttrss_entries.id AND
1370                                         ttrss_user_entries.owner_uid = '".$_SESSION["uid"]."' AND
1371                                         post_int_id = int_id AND tag_name = '$feed' AND
1372                                         $view_query_part
1373                                         $search_query_part
1374                                         $query_strategy_part ORDER BY $order_by
1375                                 $limit_query_part");
1376                 }
1377
1378                 if (!$result) {
1379                         print "<div align='center'>
1380                                 Could not display feed (query failed). Please check label match syntax or local configuration.</div>";
1381                         return;
1382                 }
1383
1384                 function print_headline_subtoolbar($link, $feed_site_url, $feed_title) {
1385
1386                         print "<table class=\"headlinesSubToolbar\"
1387                                 width=\"100%\" cellspacing=\"0\" cellpadding=\"0\"><tr>";
1388
1389                         if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
1390
1391                                 print "<td class=\"headlineActions\">
1392                                         Select:
1393                                                                 <a href=\"javascript:selectTableRowsByIdPrefix('headlinesList',
1394                                                                         'RROW-', 'RCHK-', true, '', true)\">All</a>,
1395                                                                 <a href=\"javascript:selectTableRowsByIdPrefix('headlinesList',
1396                                                                         'RROW-', 'RCHK-', true, 'Unread', true)\">Unread</a>,
1397                                                                 <a href=\"javascript:selectTableRowsByIdPrefix('headlinesList',
1398                                                                         'RROW-', 'RCHK-', false)\">None</a>
1399                                                 &nbsp;&nbsp;
1400                                                 Toggle: <a href=\"javascript:selectionToggleUnread()\">Unread</a>,
1401                                                                 <a href=\"javascript:selectionToggleMarked()\">Starred</a>";
1402                                 print "</td>";
1403
1404                         } else {
1405
1406                                 print "<td class=\"headlineActions\">
1407                                         Select:
1408                                                                 <a href=\"javascript:cdmSelectArticles('all')\">All</a>,
1409                                                                 <a href=\"javascript:cdmSelectArticles('unread')\">Unread</a>,
1410                                                                 <a href=\"javascript:cdmSelectArticles('none')\">None</a>
1411                                                 &nbsp;&nbsp;
1412                                                 Toggle: <a href=\"javascript:selectionToggleUnread(true)\">Unread</a>,
1413                                                                 <a href=\"javascript:selectionToggleMarked(true)\">Starred</a>";
1414
1415                                 print "</td>";
1416
1417                         }
1418
1419                         if ($last_error) {
1420                                         print "<td align='center' class='small'>
1421                                                 <a class=\"warning\" href=\"javascript:alert('TT-RSS encountered an error while trying to update this feed.\\n\\n$last_error')\">Could not update this feed.</a></td>";
1422                         }
1423
1424                         print "<td class=\"headlineTitle\">";
1425
1426                         if ($feed_site_url) {
1427                                 print "<a target=\"_blank\" href=\"$feed_site_url\">$feed_title</a>";
1428                         } else {
1429                                 print $feed_title;
1430                         }
1431
1432                         print "</td>";
1433                         print "</tr></table>";
1434
1435                 }
1436
1437                 if (db_num_rows($result) > 0) {
1438
1439                         print_headline_subtoolbar($link, $feed_site_url, $feed_title);
1440
1441                         if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
1442                                 print "<table class=\"headlinesList\" id=\"headlinesList\"
1443                                         cellspacing=\"0\" width=\"100%\">";
1444                         }
1445
1446                         $lnum = 0;
1447
1448                         error_reporting (DEFAULT_ERROR_LEVEL);
1449
1450                         $num_unread = 0;
1451
1452                         while ($line = db_fetch_assoc($result)) {
1453
1454                                 $class = ($lnum % 2) ? "even" : "odd";
1455
1456                                 $id = $line["id"];
1457                                 $feed_id = $line["feed_id"];
1458
1459                                 if ($line["last_read"] == "" &&
1460                                                 ($line["unread"] != "t" && $line["unread"] != "1")) {
1461
1462                                         $update_pic = "<img id='FUPDPIC-$id' src=\"images/updated.png\"
1463                                                 alt=\"Updated\">";
1464                                 } else {
1465                                         $update_pic = "<img id='FUPDPIC-$id' src=\"images/blank_icon.gif\"
1466                                                 alt=\"Updated\">";
1467                                 }
1468
1469                                 if ($line["unread"] == "t" || $line["unread"] == "1") {
1470                                         $class .= "Unread";
1471                                         ++$num_unread;
1472                                         $is_unread = true;
1473                                 } else {
1474                                         $is_unread = false;
1475                                 }
1476
1477                                 if ($line["marked"] == "t" || $line["marked"] == "1") {
1478                                         $marked_pic = "<img id=\"FMARKPIC-$id\" src=\"images/mark_set.png\"
1479                                                 alt=\"Reset mark\" onclick='javascript:toggleMark($id)'>";
1480                                 } else {
1481                                         $marked_pic = "<img id=\"FMARKPIC-$id\" src=\"images/mark_unset.png\"
1482                                                 alt=\"Set mark\" onclick='javascript:toggleMark($id)'>";
1483                                 }
1484
1485                                 $content_link = "<a href=\"javascript:view($id,$feed_id);\">" .
1486                                         $line["title"] . "</a>";
1487
1488                                 if (get_pref($link, 'HEADLINES_SMART_DATE')) {
1489                                         $updated_fmt = smart_date_time(strtotime($line["updated"]));
1490                                 } else {
1491                                         $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
1492                                         $updated_fmt = date($short_date, strtotime($line["updated"]));
1493                                 }
1494
1495                                 if (get_pref($link, 'SHOW_CONTENT_PREVIEW')) {
1496                                         $content_preview = truncate_string(strip_tags($line["content_preview"]),
1497                                                 100);
1498                                 }
1499
1500                                 if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
1501
1502                                         print "<tr class='$class' id='RROW-$id'>";
1503
1504                                         print "<td class='hlUpdatePic'>$update_pic</td>";
1505
1506                                         print "<td class='hlSelectRow'>
1507                                                 <input type=\"checkbox\" onclick=\"toggleSelectRow(this)\"
1508                                                         class=\"feedCheckBox\" id=\"RCHK-$id\">
1509                                                 </td>";
1510
1511                                         print "<td class='hlMarkedPic'>$marked_pic</td>";
1512
1513                                         if ($line["feed_title"]) {
1514                                                 print "<td class='hlContent'>$content_link</td>";
1515                                                 print "<td class='hlFeed'>
1516                                                         <a href='javascript:viewfeed($feed_id)'>".
1517                                                                 $line["feed_title"]."</a>&nbsp;</td>";
1518                                         } else {
1519                                                 print "<td class='hlContent' valign='middle'>";
1520
1521                                                 print "<a href=\"javascript:view($id,$feed_id);\">" .
1522                                                         $line["title"];
1523
1524                                                 if (get_pref($link, 'SHOW_CONTENT_PREVIEW')) {
1525
1526                                                         if ($content_preview) {
1527                                                                 print "<span class=\"contentPreview\"> - $content_preview</span>";
1528                                                         }
1529                                                 }
1530
1531                                                 print "</a>";
1532                                                 print "</td>";
1533                                         }
1534
1535                                         print "<td class=\"hlUpdated\"><nobr>$updated_fmt&nbsp;</nobr></td>";
1536
1537                                         print "</tr>";
1538
1539                                 } else {
1540
1541                                         if ($is_unread) {
1542                                                 $add_class = "Unread";
1543                                         } else {
1544                                                 $add_class = "";
1545                                         }
1546
1547                                         print "<div class=\"cdmArticle$add_class\" id=\"RROW-$id\">";
1548
1549                                         print "<div class=\"cdmHeader\">";
1550
1551                                         print "<div style=\"float : right\">$updated_fmt</div>";
1552
1553                                         print "<a target=\"new\" href=\"".$line["link"]."\">".$line["title"]."</a>";
1554
1555                                         if ($line["feed_title"]) {
1556                                                 print "&nbsp;(<a href='javascript:viewfeed($feed_id)'>".$line["feed_title"]."</a>)";
1557                                         }
1558
1559                                         print "</div>";
1560
1561                                         print "<div class=\"cdmContent\">" . $line["content_preview"] . "</div>";
1562
1563                                         print "<div style=\"float : right\">$marked_pic</div>
1564                                                 <div class=\"cdmFooter\">
1565                                                         <input type=\"checkbox\" onclick=\"toggleSelectRowById(this,
1566                                                         'RROW-$id')\" class=\"feedCheckBox\" id=\"RCHK-$id\"></div>";
1567
1568                                         print "</div>";
1569
1570                                 }
1571
1572                                 ++$lnum;
1573                         }
1574
1575                         if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
1576                                 print "</table>";
1577                         }
1578
1579                         print_headline_subtoolbar($link, "javascript:catchupPage()", "Mark page as read");
1580
1581
1582                 } else {
1583                         print "<div width='100%' align='center'>No articles found.</div>";
1584                 }
1585
1586                 print "</div>";
1587
1588                 print "<script type=\"text/javascript\">
1589                         document.onkeydown = hotkey_handler;
1590                         // if (parent.daemon_enabled) parent.updateTitle('$feed_title');
1591                         update_all_counters('$feed');
1592                 </script>";
1593
1594                 print '
1595                         <script type="text/javascript">
1596                                 /* for IE */
1597                                 function statechange() {
1598                                         if (document.readyState == "interactive") init();
1599                                 }
1600
1601                                 if (document.readyState) {
1602                                         if (document.readyState == "interactive" || document.readyState == "complete") {
1603                                                 init();
1604                                         } else {
1605                                                 document.onreadystatechange = statechange;
1606                                         }
1607                                 }
1608                         </script>';
1609
1610                 if ($addheader) {
1611                         print "</body></html>";
1612                 }
1613         }
1614
1615         if ($op == "pref-rpc") {
1616
1617                 $subop = $_GET["subop"];
1618
1619                 if ($subop == "unread") {
1620                         $ids = split(",", db_escape_string($_GET["ids"]));
1621                         foreach ($ids as $id) {
1622                                 db_query($link, "UPDATE ttrss_user_entries SET unread = true
1623                                         WHERE feed_id = '$id' AND owner_uid = ".$_SESSION["uid"]);
1624                         }
1625
1626                         print "Marked selected feeds as unread.";
1627                 }
1628
1629                 if ($subop == "read") {
1630                         $ids = split(",", db_escape_string($_GET["ids"]));
1631                         foreach ($ids as $id) {
1632                                 db_query($link, "UPDATE ttrss_user_entries
1633                                         SET unread = false,last_read = NOW() WHERE
1634                                                 feed_id = '$id' AND owner_uid = ".$_SESSION["uid"]);
1635                         }
1636
1637                         print "Marked selected feeds as read.";
1638
1639                 }
1640
1641         }
1642
1643         if ($op == "pref-feeds") {
1644
1645                 $subop = $_REQUEST["subop"];
1646                 $quiet = $_REQUEST["quiet"];
1647
1648                 if ($subop == "massSubscribe") {
1649                         $ids = split(",", db_escape_string($_GET["ids"]));
1650
1651                         $subscribed = array();
1652
1653                         foreach ($ids as $id) {
1654                                 $result = db_query($link, "SELECT feed_url,title FROM ttrss_feeds
1655                                         WHERE id = '$id'");
1656
1657                                 $feed_url = db_fetch_result($result, 0, "feed_url");
1658                                 $title = db_fetch_result($result, 0, "title");
1659
1660                                 $result = db_query($link, "SELECT id FROM ttrss_feeds WHERE
1661                                         feed_url = '$feed_url' AND owner_uid = " . $_SESSION["uid"]);
1662
1663                                 if (db_num_rows($result) == 0) {
1664                                         $result = db_query($link,
1665                                                 "INSERT INTO ttrss_feeds (owner_uid,feed_url,title,cat_id)
1666                                                 VALUES ('".$_SESSION["uid"]."', '$feed_url', '$title', NULL)");
1667
1668                                         array_push($subscribed, $title);
1669                                 }
1670                         }
1671
1672                         if (count($subscribed) > 0) {
1673                                 print "<div class=\"notice\">";
1674                                 print "<b>Subscribed to feeds:</b>";
1675                                 print "<ul class=\"nomarks\">";
1676                                 foreach ($subscribed as $title) {
1677                                         print "<li>$title</li>";
1678                                 }
1679                                 print "</ul>";
1680                                 print "</div>";
1681                         }
1682                 }
1683
1684                 if ($subop == "browse") {
1685
1686                         if (!ENABLE_FEED_BROWSER) {
1687                                 print "Feed browser is administratively disabled.";
1688                                 return;
1689                         }
1690
1691                         print "<div class=\"infoBoxContents\">";
1692
1693                         print "<h1>Feed browser</h1>";
1694
1695                         print "<p>Showing top 50 registered feeds, sorted by popularity:</p>";
1696
1697                         $result = db_query($link, "SELECT feed_url,count(id) AS subscribers
1698                                 FROM ttrss_feeds
1699                                 WHERE auth_login = '' AND auth_pass = '' AND private = false
1700                                 GROUP BY feed_url ORDER BY subscribers DESC LIMIT 50");
1701
1702                         print "<ul class='browseFeedList' id='browseFeedList'>";
1703
1704                         $feedctr = 0;
1705
1706                         while ($line = db_fetch_assoc($result)) {
1707                                 $feed_url = $line["feed_url"];
1708                                 $subscribers = $line["subscribers"];
1709
1710                                 $sub_result = db_query($link, "SELECT id
1711                                         FROM ttrss_feeds WHERE feed_url = '$feed_url' AND owner_uid =" .
1712                                         $_SESSION["uid"]);
1713
1714                                 if (db_num_rows($sub_result) > 0) {
1715                                         continue; // already subscribed
1716                                 }
1717
1718                                 $det_result = db_query($link, "SELECT site_url,title,id
1719                                         FROM ttrss_feeds WHERE feed_url = '$feed_url' LIMIT 1");
1720
1721                                 $details = db_fetch_assoc($det_result);
1722
1723                                 $icon_file = ICONS_DIR . "/" . $details["id"] . ".ico";
1724
1725                                 if (file_exists($icon_file) && filesize($icon_file) > 0) {
1726                                                 $feed_icon = "<img class=\"tinyFeedIcon\"       src=\"" . ICONS_URL .
1727                                                         "/".$details["id"].".ico\">";
1728                                 } else {
1729                                         $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
1730                                 }
1731
1732                                 $check_box = "<input onclick='toggleSelectListRow(this)' class='feedBrowseCB'
1733                                         type=\"checkbox\" id=\"FBCHK-" . $details["id"] . "\">";
1734
1735                                 $class = ($feedctr % 2) ? "even" : "odd";
1736
1737                                 print "<li class='$class' id=\"FBROW-".$details["id"]."\">$check_box".
1738                                         "$feed_icon " . db_unescape_string($details["title"]) .
1739                                         "&nbsp;<span class='subscribers'>($subscribers)</span></li>";
1740
1741                                         ++$feedctr;
1742                         }
1743
1744                         if ($feedctr == 0) {
1745                                 print "<li>No feeds found to subscribe.</li>";
1746                         }
1747
1748                         print "</ul>";
1749
1750                         print "<div align='center'>
1751                                 <input type=\"submit\" class=\"button\"
1752                                 onclick=\"feedBrowserSubscribe()\" value=\"Subscribe\">
1753                                 <input type='submit' class='button'
1754                                 onclick=\"closeInfoBox()\" value=\"Cancel\"></div>";
1755
1756                         print "</div>";
1757                         return;
1758                 }
1759
1760                 if ($subop == "editfeed") {
1761                         $feed_id = db_escape_string($_GET["id"]);
1762
1763                         $result = db_query($link,
1764                                 "SELECT * FROM ttrss_feeds WHERE id = '$feed_id' AND
1765                                         owner_uid = " . $_SESSION["uid"]);
1766
1767                         $title = htmlspecialchars(db_unescape_string(db_fetch_result($result,
1768                                 0, "title")));
1769
1770                         print "<div class=\"infoBoxContents\">";
1771
1772                         $icon_file = ICONS_DIR . "/$feed_id.ico";
1773
1774                         if (file_exists($icon_file) && filesize($icon_file) > 0) {
1775                                         $feed_icon = "<img width=\"16\" height=\"16\"
1776                                                 src=\"" . ICONS_URL . "/$feed_id.ico\">";
1777                         } else {
1778                                 $feed_icon = "";
1779                         }
1780
1781                         print "<h1>$feed_icon $title</h1>";
1782
1783                         print "<table width='100%'>";
1784
1785                         $row_class = "odd";
1786
1787                         print "<tr class='$row_class'><td>Title:</td>";
1788                         print "<td><input id=\"iedit_title\" value=\"$title\"></td></tr>";
1789
1790                         $feed_url = db_fetch_result($result, 0, "feed_url");
1791                         $feed_url = htmlspecialchars(db_unescape_string(db_fetch_result($result,
1792                                 0, "feed_url")));
1793                         $row_class = toggleEvenOdd($row_class);
1794
1795                         print "<tr class='$row_class'><td>Feed URL:</td>";
1796                         print "<td><input id=\"iedit_link\" value=\"$feed_url\"></td></tr>";
1797
1798                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
1799
1800                                 $cat_id = db_fetch_result($result, 0, "cat_id");
1801
1802                                 $row_class = toggleEvenOdd($row_class);
1803
1804                                 print "<tr class='$row_class'><td>Category:</td>";
1805                                 print "<td>";
1806                                 print "<select id=\"iedit_fcat\">";
1807                                 print "<option id=\"0\">Uncategorized</option>";
1808
1809                                 $tmp_result = db_query($link, "SELECT id,title FROM ttrss_feed_categories
1810                                         WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY title");
1811
1812                                 if (db_num_rows($tmp_result) > 0) {
1813                                         print "<option disabled>--------</option>";
1814                                 }
1815
1816                                 while ($tmp_line = db_fetch_assoc($tmp_result)) {
1817                                         if ($tmp_line["id"] == $cat_id) {
1818                                                 $is_selected = "selected";
1819                                         } else {
1820                                                 $is_selected = "";
1821                                         }
1822                                         printf("<option $is_selected id='%d'>%s</option>",
1823                                                 $tmp_line["id"], $tmp_line["title"]);
1824                                 }
1825
1826                                 print "</select></td>";
1827                                 print "</td></tr>";
1828
1829                         }
1830
1831                         $update_interval = db_fetch_result($result, 0, "update_interval");
1832                         $row_class = toggleEvenOdd($row_class);
1833
1834                         print "<tr class='$row_class'><td>Update Interval:</td>";
1835                         print "<td><input id=\"iedit_updintl\"
1836                                 value=\"$update_interval\"></td></tr>";
1837
1838                         $row_class = toggleEvenOdd($row_class);
1839                         print "<tr class='$row_class'><td>Link to:</td>";
1840
1841                         $tmp_result = db_query($link, "SELECT COUNT(id) AS count
1842                                 FROM ttrss_feeds WHERE parent_feed = '$feed_id'");
1843
1844                         $linked_count = db_fetch_result($tmp_result, 0, "count");
1845
1846                         $parent_feed = db_fetch_result($result, 0, "parent_feed");
1847
1848                         if ($linked_count > 0) {
1849                                 $disabled = "disabled";
1850                         }
1851
1852                         print "<select $disabled  id=\"iedit_parent_feed\">";
1853
1854                         print "<option id=\"0\">Not linked</option>";
1855
1856                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
1857                                 if ($cat_id) {
1858                                         $cat_qpart = "AND cat_id = '$cat_id'";
1859                                 } else {
1860                                         $cat_qpart = "AND cat_id IS NULL";
1861                                 }
1862                         }
1863
1864                         $tmp_result = db_query($link, "SELECT id,title FROM ttrss_feeds
1865                                 WHERE id != '$feed_id' AND owner_uid = ".$_SESSION["uid"]."
1866                                         $cat_qpart ORDER BY title");
1867
1868                                 if (db_num_rows($tmp_result) > 0) {
1869                                         print "<option disabled>--------</option>";
1870                                 }
1871
1872                                 while ($tmp_line = db_fetch_assoc($tmp_result)) {
1873                                         if ($tmp_line["id"] == $parent_feed) {
1874                                                 $is_selected = "selected";
1875                                         } else {
1876                                                 $is_selected = "";
1877                                         }
1878                                         printf("<option $is_selected id='%d'>%s</option>",
1879                                                 $tmp_line["id"], $tmp_line["title"]);
1880                                 }
1881
1882                                 print "</select></td>";
1883                                 print "</td></tr>";
1884
1885                         $purge_interval = db_fetch_result($result, 0, "purge_interval");
1886                         $row_class = toggleEvenOdd($row_class);
1887
1888                         print "<tr class='$row_class'><td>Purge Days:</td>";
1889                         print "<td><input id=\"iedit_purgintl\"
1890                                 value=\"$purge_interval\"></td></tr>";
1891
1892 //                      print "<tr><td colspan=\"2\"><b>Authentication</b></td></tr>";
1893
1894                         $row_class = toggleEvenOdd($row_class);
1895                         $auth_login = db_fetch_result($result, 0, "auth_login");
1896
1897                         print "<tr class='$row_class'><td>Login:</td>";
1898                         print "<td><input id=\"iedit_login\"
1899                                 value=\"$auth_login\"></td></tr>";
1900
1901                         $row_class = toggleEvenOdd($row_class);
1902                         $auth_pass = db_fetch_result($result, 0, "auth_pass");
1903
1904                         print "<tr class='$row_class'><td>Password:</td>";
1905                         print "<td><input type=\"password\" id=\"iedit_pass\"
1906                                 value=\"$auth_pass\"></td></tr>";
1907
1908                         $row_class = toggleEvenOdd($row_class);
1909                         $private = sql_bool_to_bool(db_fetch_result($result, 0, "private"));
1910
1911                         if ($private) {
1912                                 $checked = "checked";
1913                         } else {
1914                                 $checked = "";
1915                         }
1916
1917                         print "<tr class='$row_class'><td>Options:</td>";
1918                         print "<td><input type=\"checkbox\" id=\"iedit_private\"
1919                                 $checked><label for=\"iedit_private\">Hide from feed browser</label>
1920                                 </td></tr>";
1921
1922                         print "</table>";
1923                         print "</div>";
1924
1925                         print "<div align='center'>
1926                                 <input type=\"submit\" class=\"button\"
1927                                 onclick=\"feedEditSave()\" value=\"Save\">
1928                                 <input type='submit' class='button'
1929                                 onclick=\"feedEditCancel()\" value=\"Cancel\"></div>";
1930                         return;
1931                 }
1932
1933                 if ($subop == "editSave") {
1934                         $feed_title = db_escape_string($_POST["t"]);
1935                         $feed_link = db_escape_string($_POST["l"]);
1936                         $upd_intl = db_escape_string($_POST["ui"]);
1937                         $purge_intl = db_escape_string($_POST["pi"]);
1938                         $feed_id = db_escape_string($_POST["id"]);
1939                         $cat_id = db_escape_string($_POST["catid"]);
1940                         $auth_login = db_escape_string($_POST["login"]);
1941                         $auth_pass = db_escape_string($_POST["pass"]);
1942                         $parent_feed = db_escape_string($_POST["pfeed"]);
1943                         $private = db_escape_string($_POST["is_pvt"]);
1944
1945                         if (strtoupper($upd_intl) == "DEFAULT")
1946                                 $upd_intl = 0;
1947
1948                         if (strtoupper($upd_intl) == "DISABLED")
1949                                 $upd_intl = -1;
1950
1951                         if (strtoupper($purge_intl) == "DEFAULT")
1952                                 $purge_intl = 0;
1953
1954                         if (strtoupper($purge_intl) == "DISABLED")
1955                                 $purge_intl = -1;
1956
1957                         if ($cat_id != 0) {
1958                                 $category_qpart = "cat_id = '$cat_id'";
1959                         } else {
1960                                 $category_qpart = 'cat_id = NULL';
1961                         }
1962
1963                         if ($parent_feed != 0) {
1964                                 $parent_qpart = "parent_feed = '$parent_feed'";
1965                         } else {
1966                                 $parent_qpart = 'parent_feed = NULL';
1967                         }
1968
1969                         $result = db_query($link, "UPDATE ttrss_feeds SET
1970                                 $category_qpart,
1971                                 $parent_qpart,
1972                                 title = '$feed_title', feed_url = '$feed_link',
1973                                 update_interval = '$upd_intl',
1974                                 purge_interval = '$purge_intl',
1975                                 auth_login = '$auth_login',
1976                                 auth_pass = '$auth_pass',
1977                                 private = '$private'
1978                                 WHERE id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]);
1979                 }
1980
1981                 if ($subop == "saveCat") {
1982                         $cat_title = db_escape_string($_GET["title"]);
1983                         $cat_id = db_escape_string($_GET["id"]);
1984
1985                         $result = db_query($link, "UPDATE ttrss_feed_categories SET
1986                                 title = '$cat_title' WHERE id = '$cat_id' AND owner_uid = ".$_SESSION["uid"]);
1987
1988                 }
1989
1990                 if ($subop == "remove") {
1991
1992                         if (!WEB_DEMO_MODE) {
1993
1994                                 $ids = split(",", db_escape_string($_GET["ids"]));
1995
1996                                 foreach ($ids as $id) {
1997                                         db_query($link, "DELETE FROM ttrss_feeds
1998                                                 WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
1999
2000                                         $icons_dir = ICONS_DIR;
2001
2002                                         if (file_exists($icons_dir . "/$id.ico")) {
2003                                                 unlink($icons_dir . "/$id.ico");
2004                                         }
2005                                 }
2006                         }
2007                 }
2008
2009                 if ($subop == "add") {
2010
2011                         if (!WEB_DEMO_MODE) {
2012
2013                                 $feed_link = db_escape_string(trim($_GET["link"]));
2014                                 $cat_id = db_escape_string($_GET["cid"]);
2015
2016                                 if ($cat_id == "0" || !$cat_id) {
2017                                         $cat_qpart = "NULL";
2018                                 } else {
2019                                         $cat_qpart = "'$cat_id'";
2020                                 }
2021
2022                                 $result = db_query($link,
2023                                         "SELECT id FROM ttrss_feeds
2024                                         WHERE feed_url = '$feed_link' AND owner_uid = ".$_SESSION["uid"]);
2025
2026                                 if (db_num_rows($result) == 0) {
2027
2028                                         $result = db_query($link,
2029                                                 "INSERT INTO ttrss_feeds (owner_uid,feed_url,title,cat_id)
2030                                                 VALUES ('".$_SESSION["uid"]."', '$feed_link',
2031                                                 '[Unknown]', $cat_qpart)");
2032
2033                                         $result = db_query($link,
2034                                                 "SELECT id FROM ttrss_feeds WHERE feed_url = '$feed_link'
2035                                                 AND owner_uid = " . $_SESSION["uid"]);
2036
2037                                         $feed_id = db_fetch_result($result, 0, "id");
2038
2039                                         if ($feed_id) {
2040                                                 update_rss_feed($link, $feed_link, $feed_id, true);
2041                                         }
2042                                 } else {
2043
2044                                         print "<div class=\"warning\">
2045                                                 Feed <b>$feed_link</b> already exists in the database.
2046                                         </div>";
2047                                 }
2048                         }
2049                 }
2050
2051                 if ($subop == "addCat") {
2052
2053                         if (!WEB_DEMO_MODE) {
2054
2055                                 $feed_cat = db_escape_string(trim($_GET["cat"]));
2056
2057                                 $result = db_query($link,
2058                                         "SELECT id FROM ttrss_feed_categories
2059                                         WHERE title = '$feed_cat' AND owner_uid = ".$_SESSION["uid"]);
2060
2061                                 if (db_num_rows($result) == 0) {
2062
2063                                         $result = db_query($link,
2064                                                 "INSERT INTO ttrss_feed_categories (owner_uid,title)
2065                                                 VALUES ('".$_SESSION["uid"]."', '$feed_cat')");
2066
2067                                 } else {
2068
2069                                         print "<div class=\"warning\">
2070                                                 Category <b>$feed_cat</b> already exists in the database.
2071                                         </div>";
2072                                 }
2073
2074
2075                         }
2076                 }
2077
2078                 if ($subop == "removeCats") {
2079
2080                         if (!WEB_DEMO_MODE) {
2081
2082                                 $ids = split(",", db_escape_string($_GET["ids"]));
2083
2084                                 foreach ($ids as $id) {
2085
2086                                         db_query($link, "BEGIN");
2087
2088                                         $result = db_query($link,
2089                                                 "SELECT count(id) as num_feeds FROM ttrss_feeds
2090                                                         WHERE cat_id = '$id'");
2091
2092                                         $num_feeds = db_fetch_result($result, 0, "num_feeds");
2093
2094                                         if ($num_feeds == 0) {
2095                                                 db_query($link, "DELETE FROM ttrss_feed_categories
2096                                                         WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
2097                                         } else {
2098
2099                                                 print "<div class=\"warning\">
2100                                                         Unable to delete non empty feed categories.</div>";
2101
2102                                         }
2103
2104                                         db_query($link, "COMMIT");
2105                                 }
2106                         }
2107                 }
2108
2109                 if ($subop == "categorize") {
2110
2111                         if (!WEB_DEMO_MODE) {
2112
2113                                 $ids = split(",", db_escape_string($_GET["ids"]));
2114
2115                                 $cat_id = db_escape_string($_GET["cat_id"]);
2116
2117                                 if ($cat_id == 0) {
2118                                         $cat_id_qpart = 'NULL';
2119                                 } else {
2120                                         $cat_id_qpart = "'$cat_id'";
2121                                 }
2122
2123                                 db_query($link, "BEGIN");
2124
2125                                 foreach ($ids as $id) {
2126
2127                                         db_query($link, "UPDATE ttrss_feeds SET cat_id = $cat_id_qpart
2128                                                 WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
2129                                 }
2130
2131                                 db_query($link, "COMMIT");
2132                         }
2133
2134                 }
2135
2136                 if ($quiet) return;
2137
2138 //              print "<h3>Edit Feeds</h3>";
2139
2140                 $result = db_query($link, "SELECT id,title,feed_url,last_error
2141                         FROM ttrss_feeds WHERE last_error != '' AND owner_uid = ".$_SESSION["uid"]);
2142
2143                 if (db_num_rows($result) > 0) {
2144
2145                         print "<div class=\"warning\">";
2146
2147 //                      print"<img class=\"closeButton\"
2148 //                              onclick=\"javascript:hideParentElement(this);\" src=\"images/close.png\">";
2149
2150                         print "<a href=\"javascript:showBlockElement('feedUpdateErrors')\">
2151                                 <b>Feeds with update errors</b> (click to expand)</a>";
2152
2153                         print "<ul id=\"feedUpdateErrors\" class=\"nomarks\">";
2154
2155                         while ($line = db_fetch_assoc($result)) {
2156                                 print "<li>" . $line["title"] . " (" . $line["feed_url"] . "): " .
2157                                         $line["last_error"];
2158                         }
2159
2160                         print "</ul>";
2161                         print "</div>";
2162
2163                 }
2164
2165                 $feed_search = db_escape_string($_GET["search"]);
2166
2167                 if (array_key_exists("search", $_GET)) {
2168                         $_SESSION["prefs_feed_search"] = $feed_search;
2169                 } else {
2170                         $feed_search = $_SESSION["prefs_feed_search"];
2171                 }
2172
2173                 print "<table width='100%' class=\"prefGenericAddBox\"
2174                         cellspacing='0' cellpadding='0'><tr>
2175                         <td>
2176                                 <input id=\"fadd_link\"
2177                                 onchange=\"javascript:addFeed()\"
2178                                 size=\"40\">
2179                                 <input type=\"submit\" class=\"button\"
2180                                 onclick=\"javascript:addFeed()\" value=\"Add feed\">";
2181
2182                 if (ENABLE_FEED_BROWSER) {
2183                         print "&nbsp;(<a href='javascript:browseFeeds()'>Top 50</a>)";
2184                 }
2185
2186                 print "</td><td align='right'>
2187                                 <input id=\"feed_search\" size=\"20\"
2188                                 onchange=\"javascript:updateFeedList()\"
2189                                 value=\"$feed_search\">
2190                                 <input type=\"submit\" class=\"button\"
2191                                 onclick=\"javascript:updateFeedList()\" value=\"Search\">
2192                         </td>
2193                         </tr></table>";
2194
2195                 $feeds_sort = db_escape_string($_GET["sort"]);
2196
2197                 if (!$feeds_sort || $feeds_sort == "undefined") {
2198                         $feeds_sort = $_SESSION["pref_sort_feeds"];
2199                         if (!$feeds_sort) $feeds_sort = "title";
2200                 }
2201
2202                 $_SESSION["pref_sort_feeds"] = $feeds_sort;
2203
2204                 if ($feed_search) {
2205                         $search_qpart = "(UPPER(F1.title) LIKE UPPER('%$feed_search%') OR
2206                                 UPPER(F1.feed_url) LIKE UPPER('%$feed_search%')) AND";
2207                 } else {
2208                         $search_qpart = "";
2209                 }
2210
2211                 $result = db_query($link, "SELECT
2212                                 F1.id,
2213                                 F1.title,
2214                                 F1.feed_url,
2215                                 substring(F1.last_updated,1,16) AS last_updated,
2216                                 F1.parent_feed,
2217                                 F1.update_interval,
2218                                 F1.purge_interval,
2219                                 F1.cat_id,
2220                                 F2.title AS parent_title,
2221                                 C1.title AS category
2222                         FROM
2223                                 ttrss_feeds AS F1
2224                                 LEFT JOIN ttrss_feeds AS F2
2225                                         ON (F1.parent_feed = F2.id)
2226                                 LEFT JOIN ttrss_feed_categories AS C1
2227                                         ON (F1.cat_id = C1.id)
2228                         WHERE
2229                                 $search_qpart F1.owner_uid = '".$_SESSION["uid"]."'
2230                         ORDER by category,$feeds_sort,title");
2231
2232                 if (db_num_rows($result) != 0) {
2233
2234                         print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
2235
2236                         print "<p><table width=\"100%\" cellspacing=\"0\"
2237                                 class=\"prefFeedList\" id=\"prefFeedList\">";
2238                         print "<tr><td class=\"selectPrompt\" colspan=\"8\">
2239                                 Select:
2240                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFeedList',
2241                                                 'FEEDR-', 'FRCHK-', true)\">All</a>,
2242                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFeedList',
2243                                                 'FEEDR-', 'FRCHK-', false)\">None</a>
2244                                 </td</tr>";
2245
2246                         if (!get_pref($link, 'ENABLE_FEED_CATS')) {
2247                                 print "<tr class=\"title\">
2248                                         <td width='5%' align='center'>&nbsp;</td>
2249                                         <td width='30%'><a href=\"javascript:updateFeedList('title')\">Title</a></td>
2250                                         <td width='30%'><a href=\"javascript:updateFeedList('feed_url')\">Feed</a></td>
2251                                         <td width='15%'><a href=\"javascript:updateFeedList('update_interval')\">Update Interval</a></td>
2252                                         <td width='15%'><a href=\"javascript:updateFeedList('purge_interval')\">Purge Days</a></td></tr>";
2253                         }
2254
2255                         $lnum = 0;
2256
2257                         $cur_cat_id = -1;
2258
2259                         while ($line = db_fetch_assoc($result)) {
2260
2261                                 $feed_id = $line["id"];
2262                                 $cat_id = $line["cat_id"];
2263
2264                                 $edit_title = htmlspecialchars(db_unescape_string($line["title"]));
2265                                 $edit_link = htmlspecialchars(db_unescape_string($line["feed_url"]));
2266                                 $edit_cat = htmlspecialchars(db_unescape_string($line["category"]));
2267
2268                                 if ($line["update_interval"] == "0") $line["update_interval"] = "Default";
2269                                 if ($line["update_interval"] == "-1") $line["update_interval"] = "Disabled";
2270                                 if ($line["purge_interval"] == "0") $line["purge_interval"] = "Default";
2271                                 if ($line["purge_interval"] < 0)        $line["purge_interval"] = "Disabled";
2272
2273                                 if (!$edit_cat) $edit_cat = "Uncategorized";
2274
2275
2276                                 if (get_pref($link, 'ENABLE_FEED_CATS') && $cur_cat_id != $cat_id) {
2277                                         $lnum = 0;
2278
2279                                         print "<tr><td colspan=\"6\" class=\"feedEditCat\">$edit_cat</td></tr>";
2280
2281                                         print "<tr class=\"title\">
2282                                                 <td width='5%' align='center'>&nbsp;</td>
2283                                                 <td width='30%'><a href=\"javascript:updateFeedList('title')\">Title</a></td>
2284                                                 <td width='30%'><a href=\"javascript:updateFeedList('feed_url')\">Feed</a></td>
2285                                                 <td width='15%'><a href=\"javascript:updateFeedList('update_interval')\">Update Interval</a></td>
2286                                                 <td width='15%'><a href=\"javascript:updateFeedList('purge_interval')\">Purge Days</a></td></tr>";
2287
2288                                         $cur_cat_id = $cat_id;
2289                                 }
2290
2291                                 $class = ($lnum % 2) ? "even" : "odd";
2292                                 $this_row_id = "id=\"FEEDR-$feed_id\"";
2293
2294                                 print "<tr class=\"$class\" $this_row_id>";
2295
2296                                 $icon_file = ICONS_DIR . "/$feed_id.ico";
2297
2298                                 if (file_exists($icon_file) && filesize($icon_file) > 0) {
2299                                                 $feed_icon = "<img class=\"tinyFeedIcon\"       src=\"" . ICONS_URL . "/$feed_id.ico\">";
2300                                 } else {
2301                                         $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
2302                                 }
2303 //                              print "<td class='feedIcon'>$feed_icon</td>";
2304
2305                                 print "<td class='feedSelect'><input onclick='toggleSelectRow(this);'
2306                                 type=\"checkbox\" id=\"FRCHK-".$line["id"]."\"></td>";
2307
2308                                 $edit_title = truncate_string($edit_title, 40);
2309                                 $edit_link = truncate_string($edit_link, 60);
2310
2311                                 $parent_title = $line["parent_title"];
2312                                 if ($parent_title) {
2313                                         $parent_title = "<span class='groupPrompt'>(linked to
2314                                                 $parent_title)</span>";
2315                                 }
2316
2317                                 print "<td><a href=\"javascript:editFeed($feed_id);\">" .
2318                                         "$feed_icon $edit_title $parent_title" . "</a></td>";
2319
2320                                 print "<td><a href=\"javascript:editFeed($feed_id);\">" .
2321                                         $edit_link . "</a></td>";
2322
2323 /*                              if (get_pref($link, 'ENABLE_FEED_CATS')) {
2324                                         print "<td><a href=\"javascript:editFeed($feed_id);\">" .
2325                                                 $edit_cat . "</a></td>";
2326                                 } */
2327
2328                                 print "<td><a href=\"javascript:editFeed($feed_id);\">" .
2329                                         $line["update_interval"] . "</a></td>";
2330
2331                                 print "<td><a href=\"javascript:editFeed($feed_id);\">" .
2332                                         $line["purge_interval"] . "</a></td>";
2333
2334                                 print "</tr>";
2335
2336                                 ++$lnum;
2337                         }
2338
2339                         print "</table>";
2340
2341                         print "<p>";
2342
2343                         if ($subop == "edit") {
2344                                 print "Edit feed:&nbsp;
2345                                         <input type=\"submit\" class=\"button\"
2346                                                 onclick=\"javascript:feedEditCancel()\" value=\"Cancel\">
2347                                         <input type=\"submit\" class=\"button\"
2348                                                 onclick=\"javascript:feedEditSave()\" value=\"Save\">";
2349                         } else {
2350
2351                                 print "
2352                                         Selection:&nbsp;
2353                                 <input type=\"submit\" class=\"button\"
2354                                         onclick=\"javascript:selectedFeedDetails()\" value=\"Details\">
2355                                 <input type=\"submit\" class=\"button\"
2356                                         onclick=\"javascript:editSelectedFeed()\" value=\"Edit\">
2357                                 <input type=\"submit\" class=\"button\"
2358                                         onclick=\"javascript:removeSelectedFeeds()\" value=\"Remove\">";
2359
2360                                 if (get_pref($link, 'ENABLE_FEED_CATS')) {
2361
2362                                         print "&nbsp;&nbsp;";
2363
2364                                         $result = db_query($link, "SELECT title,id FROM ttrss_feed_categories
2365                                                 WHERE owner_uid = ".$_SESSION["uid"]."
2366                                                 ORDER BY title");
2367
2368                                         print "<select id=\"sfeed_set_fcat\">";
2369                                         print "<option id=\"0\">Uncategorized</option>";
2370
2371                                         if (db_num_rows($result) != 0) {
2372
2373                                                 print "<option disabled>--------</option>";
2374
2375                                                 while ($line = db_fetch_assoc($result)) {
2376                                                         printf("<option id='%d'>%s</option>",
2377                                                                 $line["id"], $line["title"]);
2378                                                 }
2379                                         }
2380
2381                                         print "</select>";
2382
2383                                         print " <input type=\"submit\" class=\"button\"
2384                                         onclick=\"javascript:categorizeSelectedFeeds()\" value=\"Set category\">";
2385
2386                                 }
2387
2388                                 if (get_pref($link, 'ENABLE_PREFS_CATCHUP_UNCATCHUP')) {
2389                                         print "
2390                                         <input type=\"submit\" class=\"button\"
2391                                                 onclick=\"javascript:readSelectedFeeds(true)\" value=\"Mark as read\">
2392                                         <input type=\"submit\" class=\"button\"
2393                                                 onclick=\"javascript:readSelectedFeeds(false)\"
2394                                                 value=\"Mark as unread\">&nbsp;";
2395                                 }
2396
2397                                 print "
2398                                         &nbsp;All feeds: <input type=\"submit\"
2399                                                         class=\"button\" onclick=\"gotoExportOpml()\"
2400                                                         value=\"Export OPML\">";
2401                                 }
2402                 } else {
2403
2404                         print "<p>No feeds defined.</p>";
2405
2406                 }
2407
2408                 if (get_pref($link, 'ENABLE_FEED_CATS')) {
2409
2410                         print "<h3>Edit Categories</h3>";
2411
2412         //              print "<h3>Categories</h3>";
2413
2414                         print "<div class=\"prefGenericAddBox\">
2415                                 <input id=\"fadd_cat\"
2416                                         onchange=\"javascript:addFeedCat()\"
2417                                         size=\"40\">&nbsp;
2418                                 <input
2419                                         type=\"submit\" class=\"button\"
2420                                         onclick=\"javascript:addFeedCat()\" value=\"Add category\"></div>";
2421
2422                         $result = db_query($link, "SELECT title,id FROM ttrss_feed_categories
2423                                 WHERE owner_uid = ".$_SESSION["uid"]."
2424                                 ORDER BY title");
2425
2426                         if (db_num_rows($result) != 0) {
2427
2428                                 print "<p><table width=\"100%\" class=\"prefFeedCatList\"
2429                                         cellspacing=\"0\" id=\"prefFeedCatList\">";
2430
2431                                 print "<tr><td class=\"selectPrompt\" colspan=\"8\">
2432                                 Select:
2433                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFeedCatList',
2434                                                 'FCATR-', 'FCCHK-', true)\">All</a>,
2435                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFeedCatList',
2436                                                 'FCATR-', 'FCCHK-', false)\">None</a>
2437                                 </td</tr>";
2438
2439                                 print "<tr class=\"title\">
2440                                                         <td width=\"5%\"></td><td width=\"80%\">Title</td>
2441                                                 </tr>";
2442
2443                                 $lnum = 0;
2444
2445                                 while ($line = db_fetch_assoc($result)) {
2446
2447                                         $class = ($lnum % 2) ? "even" : "odd";
2448
2449                                         $cat_id = $line["id"];
2450
2451                                         $edit_cat_id = $_GET["id"];
2452
2453                                         if ($subop == "editCat" && $cat_id != $edit_cat_id) {
2454                                                 $class .= "Grayed";
2455                                                 $this_row_id = "";
2456                                         } else {
2457                                                 $this_row_id = "id=\"FCATR-$cat_id\"";
2458                                         }
2459
2460                                         print "<tr class=\"$class\" $this_row_id>";
2461
2462                                         $edit_title = htmlspecialchars(db_unescape_string($line["title"]));
2463
2464                                         if (!$edit_cat_id || $subop != "editCat") {
2465
2466                                                 print "<td align='center'><input onclick='toggleSelectRow(this);'
2467                                                 type=\"checkbox\" id=\"FCCHK-".$line["id"]."\"></td>";
2468
2469                                                 print "<td><a href=\"javascript:editFeedCat($cat_id);\">" .
2470                                                         $edit_title . "</a></td>";
2471
2472                                         } else if ($cat_id != $edit_cat_id) {
2473
2474                                                 print "<td><input disabled=\"true\" type=\"checkbox\"
2475                                                         id=\"FRCHK-".$line["id"]."\"></td>";
2476
2477                                                 print "<td>$edit_title</td>";
2478
2479                                         } else {
2480
2481                                                 print "<td><input disabled=\"true\" type=\"checkbox\" checked></td>";
2482
2483                                                 print "<td><input id=\"iedit_title\" value=\"$edit_title\"></td>";
2484
2485                                         }
2486
2487                                         print "</tr>";
2488
2489                                         ++$lnum;
2490                                 }
2491
2492                                 print "</table>";
2493
2494                                 print "<p>";
2495
2496                                 if ($subop == "editCat") {
2497                                         print "Edit category:&nbsp;
2498                                                 <input type=\"submit\" class=\"button\"
2499                                                         onclick=\"javascript:feedCatEditCancel()\" value=\"Cancel\">
2500                                                 <input type=\"submit\" class=\"button\"
2501                                                         onclick=\"javascript:feedCatEditSave()\" value=\"Save\">";
2502                                         } else {
2503
2504                                         print "
2505                                                 Selection:&nbsp;
2506                                         <input type=\"submit\" class=\"button\"
2507                                                 onclick=\"javascript:editSelectedFeedCat()\" value=\"Edit\">
2508                                         <input type=\"submit\" class=\"button\"
2509                                                 onclick=\"javascript:removeSelectedFeedCats()\" value=\"Remove\">";
2510
2511                                 }
2512
2513                         } else {
2514                                 print "<p>No feed categories defined.</p>";
2515                         }
2516                 }
2517
2518                 print "<h3>Import OPML</h3>
2519                 <form   enctype=\"multipart/form-data\" method=\"POST\" action=\"opml.php\">
2520                         File: <input id=\"opml_file\" name=\"opml_file\" type=\"file\">&nbsp;
2521                         <input class=\"button\" name=\"op\" onclick=\"return validateOpmlImport();\"
2522                                 type=\"submit\" value=\"Import\">
2523                         </form>";
2524
2525         }
2526
2527         if ($op == "pref-filters") {
2528
2529                 $subop = $_GET["subop"];
2530                 $quiet = $_GET["quiet"];
2531
2532                 if ($subop == "editSave") {
2533
2534                         $regexp = db_escape_string($_GET["r"]);
2535                         $descr = db_escape_string($_GET["d"]);
2536                         $match = db_escape_string($_GET["m"]);
2537                         $filter_id = db_escape_string($_GET["id"]);
2538                         $feed_id = db_escape_string($_GET["fid"]);
2539                         $action_id = db_escape_string($_GET["aid"]);
2540
2541                         if (!$feed_id) {
2542                                 $feed_id = 'NULL';
2543                         } else {
2544                                 $feed_id = sprintf("'%s'", db_escape_string($feed_id));
2545                         }
2546
2547                         $result = db_query($link, "UPDATE ttrss_filters SET
2548                                 reg_exp = '$regexp',
2549                                 description = '$descr',
2550                                 feed_id = $feed_id,
2551                                 action_id = '$action_id',
2552                                 filter_type = (SELECT id FROM ttrss_filter_types WHERE
2553                                         description = '$match')
2554                                 WHERE id = '$filter_id'");
2555                 }
2556
2557                 if ($subop == "remove") {
2558
2559                         if (!WEB_DEMO_MODE) {
2560
2561                                 $ids = split(",", db_escape_string($_GET["ids"]));
2562
2563                                 foreach ($ids as $id) {
2564                                         db_query($link, "DELETE FROM ttrss_filters WHERE id = '$id'");
2565
2566                                 }
2567                         }
2568                 }
2569
2570                 if ($subop == "add") {
2571
2572                         if (!WEB_DEMO_MODE) {
2573
2574                                 $regexp = db_escape_string(trim($_GET["regexp"]));
2575                                 $match = db_escape_string(trim($_GET["match"]));
2576                                 $feed_id = db_escape_string($_GET["fid"]);
2577                                 $action_id = db_escape_string($_GET["aid"]);
2578
2579                                 if (!$feed_id) {
2580                                         $feed_id = 'NULL';
2581                                 } else {
2582                                         $feed_id = sprintf("'%s'", db_escape_string($feed_id));
2583                                 }
2584
2585                                 $result = db_query($link,
2586                                         "INSERT INTO ttrss_filters (reg_exp,filter_type,owner_uid,feed_id,
2587                                                 action_id)
2588                                         VALUES
2589                                                 ('$regexp', (SELECT id FROM ttrss_filter_types WHERE
2590                                                         description = '$match'),'".$_SESSION["uid"]."',
2591                                                         $feed_id, '$action_id')");
2592                         }
2593                 }
2594
2595                 if ($quiet) return;
2596
2597                 $result = db_query($link, "SELECT description
2598                         FROM ttrss_filter_types ORDER BY description");
2599
2600                 $filter_types = array();
2601
2602                 while ($line = db_fetch_assoc($result)) {
2603                         array_push($filter_types, $line["description"]);
2604                 }
2605
2606                 print "<div class=\"prefGenericAddBox\">
2607                 <input id=\"fadd_regexp\" size=\"40\">&nbsp;";
2608
2609                 print_select("fadd_match", "Title", $filter_types);
2610
2611                 print "&nbsp;<select id=\"fadd_feed\">";
2612
2613                 print "<option selected id=\"0\">All feeds</option>";
2614
2615                 $result = db_query($link, "SELECT id,title FROM ttrss_feeds
2616                         WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY title");
2617
2618                 if (db_num_rows($result) > 0) {
2619                         print "<option disabled>--------</option>";
2620                 }
2621
2622                 while ($line = db_fetch_assoc($result)) {
2623                         printf("<option id='%d'>%s</option>", $line["id"], $line["title"]);
2624                 }
2625
2626                 print "</select>&nbsp;";
2627
2628                 print "&nbsp;Action: ";
2629
2630                 print "<select id=\"fadd_action\">";
2631
2632                 $result = db_query($link, "SELECT id,description FROM ttrss_filter_actions
2633                         ORDER BY name");
2634
2635                 while ($line = db_fetch_assoc($result)) {
2636                         printf("<option id='%d'>%s</option>", $line["id"], $line["description"]);
2637                 }
2638
2639                 print "</select>&nbsp;";
2640
2641                 print "<input type=\"submit\"
2642                         class=\"button\" onclick=\"javascript:addFilter()\"
2643                         value=\"Add filter\">";
2644
2645                 print "</div>";
2646
2647                 $result = db_query($link, "SELECT
2648                                 ttrss_filters.id AS id,reg_exp,
2649                                 ttrss_filters.description AS description,
2650                                 ttrss_filter_types.name AS filter_type_name,
2651                                 ttrss_filter_types.description AS filter_type_descr,
2652                                 feed_id,
2653                                 ttrss_filter_actions.description AS action_description,
2654                                 ttrss_feeds.title AS feed_title
2655                         FROM
2656                                 ttrss_filter_types,ttrss_filter_actions,ttrss_filters LEFT JOIN
2657                                         ttrss_feeds ON (ttrss_filters.feed_id = ttrss_feeds.id)
2658                         WHERE
2659                                 filter_type = ttrss_filter_types.id AND
2660                                 ttrss_filter_actions.id = action_id AND
2661                                 ttrss_filters.owner_uid = ".$_SESSION["uid"]."
2662                         ORDER by reg_exp");
2663
2664                 if (db_num_rows($result) != 0) {
2665
2666                         print "<p><table width=\"100%\" cellspacing=\"0\" class=\"prefFilterList\"
2667                                 id=\"prefFilterList\">";
2668
2669                         print "<tr><td class=\"selectPrompt\" colspan=\"8\">
2670                                 Select:
2671                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFilterList',
2672                                                 'FILRR-', 'FICHK-', true)\">All</a>,
2673                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFilterList',
2674                                                 'FILRR-', 'FICHK-', false)\">None</a>
2675                                 </td</tr>";
2676
2677                         print "<tr class=\"title\">
2678                                                 <td align='center' width=\"5%\">&nbsp;</td>
2679                                                 <td width=\"20%\">Filter expression</td>
2680                                                 <td width=\"20%\">Feed</td>
2681                                                 <td width=\"15%\">Match</td>
2682                                                 <td width=\"15%\">Action</td>
2683                                                 <td width=\"30%\">Description</td></tr>";
2684
2685                         $lnum = 0;
2686
2687                         while ($line = db_fetch_assoc($result)) {
2688
2689                                 $class = ($lnum % 2) ? "even" : "odd";
2690
2691                                 $filter_id = $line["id"];
2692                                 $edit_filter_id = $_GET["id"];
2693
2694                                 if ($subop == "edit" && $filter_id != $edit_filter_id) {
2695                                         $class .= "Grayed";
2696                                         $this_row_id = "";
2697                                 } else {
2698                                         $this_row_id = "id=\"FILRR-$filter_id\"";
2699                                 }
2700
2701                                 print "<tr class=\"$class\" $this_row_id>";
2702
2703                                 $line["regexp"] = htmlspecialchars($line["reg_exp"]);
2704                                 $line["description"] = htmlspecialchars($line["description"]);
2705
2706                                 if (!$line["feed_title"]) $line["feed_title"] = "All feeds";
2707
2708                                 if (!$edit_filter_id || $subop != "edit") {
2709
2710                                         if (!$line["description"]) $line["description"] = "[No description]";
2711
2712                                         print "<td align='center'><input onclick='toggleSelectRow(this);'
2713                                         type=\"checkbox\" id=\"FICHK-".$line["id"]."\"></td>";
2714
2715                                         print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2716                                                 $line["reg_exp"] . "</td>";
2717
2718                                         print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2719                                                 $line["feed_title"] . "</td>";
2720
2721                                         print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2722                                                 $line["filter_type_descr"] . "</td>";
2723
2724                                         print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2725                                                 $line["action_description"] . "</td>";
2726
2727                                         print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2728                                                 $line["description"] . "</td>";
2729
2730                                 } else if ($filter_id != $edit_filter_id) {
2731
2732                                         if (!$line["description"]) $line["description"] = "[No description]";
2733
2734                                         print "<td><input disabled=\"true\" type=\"checkbox\"
2735                                                 id=\"FICHK-".$line["id"]."\"></td>";
2736
2737                                         print "<td>".$line["reg_exp"]."</td>";
2738                                         print "<td>".$line["feed_title"]."</td>";
2739                                         print "<td>".$line["filter_type_descr"]."</td>";
2740                                         print "<td>".$line["action_description"]."</td>";
2741                                         print "<td>".$line["description"]."</td>";
2742
2743                                 } else {
2744
2745                                         print "<td><input disabled=\"true\" type=\"checkbox\" checked></td>";
2746
2747                                         print "<td><input id=\"iedit_regexp\" value=\"".$line["reg_exp"].
2748                                                 "\"></td>";
2749
2750                                         print "<td>";
2751                                         print "<select id=\"iedit_feed\">";
2752                                         print "<option id=\"0\">All feeds</option>";
2753
2754                                         $tmp_result = db_query($link, "SELECT id,title FROM ttrss_feeds
2755                                                 WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY title");
2756
2757                                         if (db_num_rows($tmp_result) > 0) {
2758                                                 print "<option disabled>--------</option>";
2759                                         }
2760
2761                                         while ($tmp_line = db_fetch_assoc($tmp_result)) {
2762                                                 if ($tmp_line["id"] == $line["feed_id"]) {
2763                                                         $is_selected = "selected";
2764                                                 } else {
2765                                                         $is_selected = "";
2766                                                 }
2767                                                 printf("<option $is_selected id='%d'>%s</option>",
2768                                                         $tmp_line["id"], $tmp_line["title"]);
2769                                         }
2770
2771                                         print "</select></td>";
2772
2773                                         print "<td>";
2774                                         print_select("iedit_match", $line["filter_type_descr"], $filter_types);
2775                                         print "</td>";
2776
2777                                         print "<td>";
2778                                         print "<select id=\"iedit_filter_action\">";
2779
2780                                         $tmp_result = db_query($link, "SELECT id,description FROM ttrss_filter_actions
2781                                                 ORDER BY description");
2782
2783                                         while ($tmp_line = db_fetch_assoc($tmp_result)) {
2784                                                 if ($tmp_line["description"] == $line["action_description"]) {
2785                                                         $is_selected = "selected";
2786                                                 } else {
2787                                                         $is_selected = "";
2788                                                 }
2789                                                 printf("<option $is_selected id='%d'>%s</option>",
2790                                                         $tmp_line["id"], $tmp_line["description"]);
2791                                         }
2792
2793                                         print "</select></td>";
2794
2795
2796                                         print "<td><input id=\"iedit_descr\" value=\"".$line["description"].
2797                                                 "\"></td>";
2798
2799                                         print "</td>";
2800                                 }
2801
2802                                 print "</tr>";
2803
2804                                 ++$lnum;
2805                         }
2806
2807                         if ($lnum == 0) {
2808                                 print "<tr><td colspan=\"4\" align=\"center\">No filters defined.</td></tr>";
2809                         }
2810
2811                         print "</table>";
2812
2813                         print "<p>";
2814
2815                         if ($subop == "edit") {
2816                                 print "Edit filter:
2817                                         <input type=\"submit\" class=\"button\"
2818                                                 onclick=\"javascript:filterEditSave()\" value=\"Save\">
2819                                         <input type=\"submit\" class=\"button\"
2820                                                 onclick=\"javascript:filterEditCancel()\" value=\"Cancel\">";
2821
2822                         } else {
2823
2824                                 print "
2825                                         Selection:
2826                                 <input type=\"submit\" class=\"button\"
2827                                         onclick=\"javascript:editSelectedFilter()\" value=\"Edit\">
2828                                 <input type=\"submit\" class=\"button\"
2829                                         onclick=\"javascript:removeSelectedFilters()\" value=\"Remove\">";
2830                         }
2831
2832                 } else {
2833
2834                         print "<p>No filters defined.</p>";
2835
2836                 }
2837         }
2838
2839         // We need to accept raw SQL data in label queries, so not everything is escaped
2840         // here, this is by design. If you don't like the whole idea, disable labels
2841         // altogether with GLOBAL_ENABLE_LABELS = false
2842
2843         if ($op == "pref-labels") {
2844
2845                 if (!GLOBAL_ENABLE_LABELS) {
2846                         return;
2847                 }
2848
2849                 $subop = $_GET["subop"];
2850
2851                 if ($subop == "test") {
2852
2853                         $expr = $_GET["expr"];
2854                         $descr = $_GET["descr"];
2855
2856                         print "<div class='infoBoxContents'>";
2857
2858                         print "<h1>Label &laquo;$descr&raquo;</h1>";
2859
2860 //                      print "<p><b>Expression</b>: $expr</p>";
2861
2862                         $result = db_query($link,
2863                                 "SELECT count(id) AS num_matches
2864                                         FROM ttrss_entries,ttrss_user_entries
2865                                         WHERE ($expr) AND
2866                                                 ttrss_user_entries.ref_id = ttrss_entries.id AND
2867                                                 owner_uid = " . $_SESSION["uid"]);
2868
2869                         $num_matches = db_fetch_result($result, 0, "num_matches");;
2870
2871                         if ($num_matches > 0) {
2872
2873                                 print "<p>Query returned <b>$num_matches</b> matches, first 5 follow:</p>";
2874
2875                                 $result = db_query($link,
2876                                         "SELECT title,
2877                                                 (SELECT title FROM ttrss_feeds WHERE id = feed_id) AS feed_title
2878                                         FROM ttrss_entries,ttrss_user_entries
2879                                                         WHERE ($expr) AND
2880                                                         ttrss_user_entries.ref_id = ttrss_entries.id
2881                                                         AND owner_uid = " . $_SESSION["uid"] . "
2882                                                         ORDER BY date_entered DESC LIMIT 5");
2883
2884                                 print "<ul class=\"nomarks\">";
2885                                 while ($line = db_fetch_assoc($result)) {
2886                                         print "<li>".$line["title"].
2887                                                 " <span class=\"insensitive\">(".$line["feed_title"].")</span></li>";
2888                                 }
2889                                 print "</ul>";
2890
2891                         } else {
2892                                 print "<p>Query didn't return any matches.</p>";
2893                         }
2894
2895                         print "</div>";
2896
2897                         print "<div align='center'>
2898                                 <input type='submit' class='button'
2899                                 onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
2900                         return;
2901                 }
2902
2903                 if ($subop == "editSave") {
2904
2905                         $sql_exp = $_GET["s"];
2906                         $descr = $_GET["d"];
2907                         $label_id = db_escape_string($_GET["id"]);
2908
2909 //                      print "$sql_exp : $descr : $label_id";
2910
2911                         $result = db_query($link, "UPDATE ttrss_labels SET
2912                                 sql_exp = '$sql_exp',
2913                                 description = '$descr'
2914                                 WHERE id = '$label_id'");
2915                 }
2916
2917                 if ($subop == "remove") {
2918
2919                         if (!WEB_DEMO_MODE) {
2920
2921                                 $ids = split(",", db_escape_string($_GET["ids"]));
2922
2923                                 foreach ($ids as $id) {
2924                                         db_query($link, "DELETE FROM ttrss_labels WHERE id = '$id'");
2925
2926                                 }
2927                         }
2928                 }
2929
2930                 if ($subop == "add") {
2931
2932                         if (!WEB_DEMO_MODE) {
2933
2934                                 // no escaping is done here on purpose
2935                                 $exp = trim($_GET["exp"]);
2936
2937                                 $result = db_query($link,
2938                                         "INSERT INTO ttrss_labels (sql_exp,description,owner_uid)
2939                                                 VALUES ('$exp', '$exp', '".$_SESSION["uid"]."')");
2940                         }
2941                 }
2942
2943                 print "<div class=\"prefGenericAddBox\">
2944                         <input size=\"40\" id=\"ladd_expr\">&nbsp;";
2945
2946                 print"<input type=\"submit\" class=\"button\"
2947                         onclick=\"javascript:addLabel()\" value=\"Add label\"></div>";
2948
2949                 $result = db_query($link, "SELECT
2950                                 id,sql_exp,description
2951                         FROM
2952                                 ttrss_labels
2953                         WHERE
2954                                 owner_uid = ".$_SESSION["uid"]."
2955                         ORDER by description");
2956
2957                 print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
2958
2959                 if (db_num_rows($result) != 0) {
2960
2961                         print "<p><table width=\"100%\" cellspacing=\"0\"
2962                                 class=\"prefLabelList\" id=\"prefLabelList\">";
2963
2964                         print "<tr><td class=\"selectPrompt\" colspan=\"8\">
2965                                 Select:
2966                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefLabelList',
2967                                                 'LILRR-', 'LICHK-', true)\">All</a>,
2968                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefLabelList',
2969                                                 'LILRR-', 'LICHK-', false)\">None</a>
2970                                 </td</tr>";
2971
2972                         print "<tr class=\"title\">
2973                                                 <td align='center' width=\"5%\">&nbsp;</td>
2974                                                 <td width=\"40%\">SQL expression
2975                                                 <a class=\"helpLink\" href=\"javascript:displayHelpInfobox(1)\">(?)</a>
2976                                                 </td>
2977                                                 <td width=\"40%\">Caption</td></tr>";
2978
2979                         $lnum = 0;
2980
2981                         while ($line = db_fetch_assoc($result)) {
2982
2983                                 $class = ($lnum % 2) ? "even" : "odd";
2984
2985                                 $label_id = $line["id"];
2986                                 $edit_label_id = $_GET["id"];
2987
2988                                 if ($subop == "edit" && $label_id != $edit_label_id) {
2989                                         $class .= "Grayed";
2990                                         $this_row_id = "";
2991                                 } else {
2992                                         $this_row_id = "id=\"LILRR-$label_id\"";
2993                                 }
2994
2995                                 print "<tr class=\"$class\" $this_row_id>";
2996
2997                                 $line["sql_exp"] = htmlspecialchars($line["sql_exp"]);
2998                                 $line["description"] = htmlspecialchars($line["description"]);
2999
3000                                 if (!$edit_label_id || $subop != "edit") {
3001
3002                                         if (!$line["description"]) $line["description"] = "[No caption]";
3003
3004                                         print "<td align='center'><input onclick='toggleSelectRow(this);'
3005                                         type=\"checkbox\" id=\"LICHK-".$line["id"]."\"></td>";
3006
3007                                         print "<td><a href=\"javascript:editLabel($label_id);\">" .
3008                                                 $line["sql_exp"] . "</td>";
3009
3010                                         print "<td><a href=\"javascript:editLabel($label_id);\">" .
3011                                                 $line["description"] . "</td>";
3012
3013                                 } else if ($label_id != $edit_label_id) {
3014
3015                                         if (!$line["description"]) $line["description"] = "[No description]";
3016
3017                                         print "<td><input disabled=\"true\" type=\"checkbox\"
3018                                                 id=\"LICHK-".$line["id"]."\"></td>";
3019
3020                                         print "<td>".$line["sql_exp"]."</td>";
3021                                         print "<td>".$line["description"]."</td>";
3022
3023                                 } else {
3024
3025                                         print "<td><input disabled=\"true\" type=\"checkbox\" checked></td>";
3026
3027                                         print "<td><input id=\"iedit_expr\" value=\"".$line["sql_exp"].
3028                                                 "\"></td>";
3029
3030                                         print "<td><input id=\"iedit_descr\" value=\"".$line["description"].
3031                                                 "\"></td>";
3032
3033                                 }
3034
3035
3036                                 print "</tr>";
3037
3038                                 ++$lnum;
3039                         }
3040
3041                         if ($lnum == 0) {
3042                                 print "<tr><td colspan=\"4\" align=\"center\">No labels defined.</td></tr>";
3043                         }
3044
3045                         print "</table>";
3046
3047                         print "<p>";
3048
3049                         if ($subop == "edit") {
3050                                 print "Edit label:
3051                                         <input type=\"submit\" class=\"button\"
3052                                                 onclick=\"javascript:labelTest()\" value=\"Test\">
3053                                         <input type=\"submit\" class=\"button\"
3054                                                 onclick=\"javascript:labelEditSave()\" value=\"Save\">
3055                                         <input type=\"submit\" class=\"button\"
3056                                                 onclick=\"javascript:labelEditCancel()\" value=\"Cancel\">";
3057
3058                         } else {
3059
3060                                 print "
3061                                         Selection:
3062                                 <input type=\"submit\" class=\"button\"
3063                                         onclick=\"javascript:editSelectedLabel()\" value=\"Edit\">
3064                                 <input type=\"submit\" class=\"button\"
3065                                         onclick=\"javascript:removeSelectedLabels()\" value=\"Remove\">";
3066                         }
3067                 } else {
3068                         print "<p>No labels defined.</p>";
3069                 }
3070         }
3071
3072         if ($op == "error") {
3073                 print "<div width=\"100%\" align='center'>";
3074                 $msg = $_GET["msg"];
3075                 print $msg;
3076                 print "</div>";
3077         }
3078
3079         if ($op == "help") {
3080                 if (!$_GET["noheaders"]) {
3081                         print "<html><head>
3082                                 <title>Tiny Tiny RSS : Help</title>
3083                                 <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">
3084                                 <script type=\"text/javascript\" src=\"functions.js\"></script>
3085                                 <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
3086                                 </head><body>";
3087                 }
3088
3089                 $tid = sprintf("%d", $_GET["tid"]);
3090
3091                 print "<div class='infoBoxContents'>";
3092
3093                 if (file_exists("help/$tid.php")) {
3094                         include("help/$tid.php");
3095                 } else {
3096                         print "<p>Help topic not found.</p>";
3097                 }
3098
3099                 print "</div>";
3100
3101                 print "<div align='center'>
3102                         <input type='submit' class='button'
3103                         onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
3104
3105                 if (!$_GET["noheaders"]) {
3106                         print "</body></html>";
3107                 }
3108
3109         }
3110
3111         if ($op == "dlg") {
3112                 $id = $_GET["id"];
3113                 $param = $_GET["param"];
3114
3115                 if ($id == "quickAddFeed") {
3116                         print "
3117                         Feed URL: <input
3118                         onblur=\"javascript:enableHotkeys()\" onfocus=\"javascript:disableHotkeys()\"
3119                         id=\"qafInput\">";
3120
3121                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
3122                                 $result = db_query($link, "SELECT title,id FROM ttrss_feed_categories
3123                                         WHERE owner_uid = ".$_SESSION["uid"]."
3124                                         ORDER BY title");
3125
3126                                 print " <select id=\"qafCat\">";
3127                                 print "<option id=\"0\">Uncategorized</option>";
3128
3129                                 if (db_num_rows($result) != 0) {
3130
3131                                         print "<option disabled>--------</option>";
3132
3133                                         while ($line = db_fetch_assoc($result)) {
3134                                                 printf("<option id='%d'>%s</option>",
3135                                                         $line["id"], $line["title"]);
3136                                         }
3137                                 }
3138
3139                                 print "</select>";
3140                         }
3141
3142                         print "&nbsp;<input class=\"button\"
3143                                 type=\"submit\" onclick=\"javascript:qafAdd()\" value=\"Add feed\">
3144                         <input class=\"button\"
3145                                 type=\"submit\" onclick=\"javascript:closeDlg()\"
3146                                 value=\"Cancel\">";
3147                 }
3148
3149                 if ($id == "quickDelFeed") {
3150
3151                         $param = db_escape_string($param);
3152
3153                         $result = db_query($link, "SELECT title FROM ttrss_feeds WHERE id = '$param'");
3154
3155                         if ($result) {
3156
3157                                 $f_title = db_fetch_result($result, 0, "title");
3158
3159                                 print "Remove current feed (<b>$f_title</b>)?&nbsp;
3160                                 <input class=\"button\"
3161                                         type=\"submit\" onclick=\"javascript:qfdDelete($param)\" value=\"Remove\">
3162                                 <input class=\"button\"
3163                                         type=\"submit\" onclick=\"javascript:closeDlg()\"
3164                                         value=\"Cancel\">";
3165                         } else {
3166                                 print "Error: Feed $param not found.&nbsp;
3167                                 <input class=\"button\"
3168                                         type=\"submit\" onclick=\"javascript:closeDlg()\"
3169                                         value=\"Cancel\">";
3170                         }
3171                 }
3172
3173                 if ($id == "search") {
3174
3175                         $active_feed_id = db_escape_string($_GET["param"]);
3176
3177                         print "<input id=\"searchbox\" class=\"extSearch\"
3178                         onblur=\"javascript:enableHotkeys()\" onfocus=\"javascript:disableHotkeys()\"
3179                         onchange=\"javascript:search()\">
3180                         <select id=\"searchmodebox\">
3181                                 <option selected>All feeds</option>";
3182
3183                         if ($active_feed_id) {
3184                                 print "<option>This feed</option>";
3185                         } else {
3186                                 print "<option disabled>This feed</option>";
3187                         }
3188
3189                         print "</select>
3190                         <input type=\"submit\"
3191                                 class=\"button\" onclick=\"javascript:search()\" value=\"Search\">
3192                         <input class=\"button\"
3193                                 type=\"submit\" onclick=\"javascript:closeDlg()\"
3194                                 value=\"Close\">";
3195
3196                 }
3197
3198                 if ($id == "quickAddFilter") {
3199
3200                         $result = db_query($link, "SELECT description
3201                                 FROM ttrss_filter_types ORDER BY description");
3202
3203                         $filter_types = array();
3204
3205                         while ($line = db_fetch_assoc($result)) {
3206                                 array_push($filter_types, $line["description"]);
3207                         }
3208
3209                         print "<table>";
3210
3211                         print "<tr><td>Match:</td><td><input id=\"fadd_regexp\" size=\"40\">&nbsp;";
3212
3213                         print_select("fadd_match", "Title", $filter_types);
3214
3215                         print "</td></tr>";
3216                         print "<tr><td>Feed:</td><td><select id=\"fadd_feed\">";
3217
3218                         print "<option selected id=\"0\">All feeds</option>";
3219
3220                         $result = db_query($link, "SELECT id,title FROM ttrss_feeds
3221                                 WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY title");
3222
3223                         if (db_num_rows($result) > 0) {
3224                                 print "<option disabled>--------</option>";
3225                         }
3226
3227                         while ($line = db_fetch_assoc($result)) {
3228                                 if ($param == $line["id"]) {
3229                                         $selected = "selected";
3230                                 } else {
3231                                         $selected = "";
3232                                 }
3233                                 printf("<option id='%d' %s>%s</option>", $line["id"], $selected, $line["title"]);
3234                         }
3235
3236                         print "</select></td></tr>";
3237
3238                         print "<tr><td>Action:</td>";
3239
3240                         print "<td><select id=\"fadd_action\">";
3241
3242                         $result = db_query($link, "SELECT id,description FROM ttrss_filter_actions
3243                                 ORDER BY name");
3244
3245                         while ($line = db_fetch_assoc($result)) {
3246                                 printf("<option id='%d'>%s</option>", $line["id"], $line["description"]);
3247                         }
3248
3249                         print "</select>";
3250
3251                         print "</td></tr><tr><td colspan=\"2\" align=\"right\">";
3252
3253                         print "<input type=\"submit\"
3254                                 class=\"button\" onclick=\"javascript:qaddFilter()\"
3255                                 value=\"Add filter\"> ";
3256
3257                         print "<input class=\"button\"
3258                                 type=\"submit\" onclick=\"javascript:closeDlg()\"
3259                                 value=\"Close\">";
3260
3261                         print "</td></tr></table>";
3262                 }
3263         }
3264
3265         // update feeds of all users, may be used anonymously
3266         if ($op == "globalUpdateFeeds") {
3267
3268                 $result = db_query($link, "SELECT id FROM ttrss_users");
3269
3270                 while ($line = db_fetch_assoc($result)) {
3271                         $user_id = $line["id"];
3272 //                      print "<!-- updating feeds of uid $user_id -->";
3273                         update_all_feeds($link, false, $user_id);
3274                 }
3275
3276                 print "<rpc-reply>
3277                         <message msg=\"All feeds updated\"/>
3278                 </rpc-reply>";
3279
3280         }
3281
3282         if ($op == "pref-prefs") {
3283
3284                 $subop = $_REQUEST["subop"];
3285
3286                 if ($subop == "Save configuration") {
3287
3288                         if (WEB_DEMO_MODE) {
3289                                 header("Location: prefs.php");
3290                                 return;
3291                         }
3292
3293                         $_SESSION["prefs_op_result"] = "save-config";
3294
3295                         $_SESSION["prefs_cache"] = false;
3296
3297                         foreach (array_keys($_POST) as $pref_name) {
3298
3299                                 $pref_name = db_escape_string($pref_name);
3300                                 $value = db_escape_string($_POST[$pref_name]);
3301
3302                                 $result = db_query($link, "SELECT type_name
3303                                         FROM ttrss_prefs,ttrss_prefs_types
3304                                         WHERE pref_name = '$pref_name' AND type_id = ttrss_prefs_types.id");
3305
3306                                 if (db_num_rows($result) > 0) {
3307
3308                                         $type_name = db_fetch_result($result, 0, "type_name");
3309
3310 //                                      print "$pref_name : $type_name : $value<br>";
3311
3312                                         if ($type_name == "bool") {
3313                                                 if ($value == "1") {
3314                                                         $value = "true";
3315                                                 } else {
3316                                                         $value = "false";
3317                                                 }
3318                                         } else if ($type_name == "integer") {
3319                                                 $value = sprintf("%d", $value);
3320                                         }
3321
3322 //                                      print "$pref_name : $type_name : $value<br>";
3323
3324                                         db_query($link, "UPDATE ttrss_user_prefs SET value = '$value'
3325                                                 WHERE pref_name = '$pref_name' AND owner_uid = ".$_SESSION["uid"]);
3326
3327                                 }
3328
3329                                 header("Location: prefs.php");
3330
3331                         }
3332
3333                 } else if ($subop == "getHelp") {
3334
3335                         $pref_name = db_escape_string($_GET["pn"]);
3336
3337                         $result = db_query($link, "SELECT help_text FROM ttrss_prefs
3338                                 WHERE pref_name = '$pref_name'");
3339
3340                         if (db_num_rows($result) > 0) {
3341                                 $help_text = db_fetch_result($result, 0, "help_text");
3342                                 print $help_text;
3343                         } else {
3344                                 print "Unknown option: $pref_name";
3345                         }
3346
3347                 } else if ($subop == "Change e-mail") {
3348
3349                         if (WEB_DEMO_MODE) {
3350                                 header("Location: prefs.php");
3351                                 return;
3352                         }
3353
3354                         $email = db_escape_string($_GET["email"]);
3355                         $active_uid = $_SESSION["uid"];
3356
3357                         if ($email) {
3358                                 db_query($link, "UPDATE ttrss_users SET email = '$email'
3359                                                 WHERE id = '$active_uid'");
3360                         }
3361
3362                         header("Location: prefs.php");
3363
3364                 } else if ($subop == "Change password") {
3365
3366                         if (WEB_DEMO_MODE) {
3367                                 header("Location: prefs.php");
3368                                 return;
3369                         }
3370
3371                         $old_pw = $_POST["OLD_PASSWORD"];
3372                         $new_pw = $_POST["OLD_PASSWORD"];
3373
3374                         $old_pw_hash = 'SHA1:' . sha1($_POST["OLD_PASSWORD"]);
3375                         $new_pw_hash = 'SHA1:' . sha1($_POST["NEW_PASSWORD"]);
3376
3377                         $active_uid = $_SESSION["uid"];
3378
3379                         if ($old_pw && $new_pw) {
3380
3381                                 $login = db_escape_string($_SERVER['PHP_AUTH_USER']);
3382
3383                                 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
3384                                         id = '$active_uid' AND (pwd_hash = '$old_pw' OR
3385                                                 pwd_hash = '$old_pw_hash')");
3386
3387                                 if (db_num_rows($result) == 1) {
3388                                         db_query($link, "UPDATE ttrss_users SET pwd_hash = '$new_pw_hash'
3389                                                 WHERE id = '$active_uid'");
3390
3391                                         $_SESSION["pwd_change_result"] = "ok";
3392                                 } else {
3393                                         $_SESSION["pwd_change_result"] = "failed";
3394                                 }
3395                         }
3396
3397                         header("Location: prefs.php");
3398
3399                 } else if ($subop == "Reset to defaults") {
3400
3401                         if (WEB_DEMO_MODE) {
3402                                 header("Location: prefs.php");
3403                                 return;
3404                         }
3405
3406                         $_SESSION["prefs_op_result"] = "reset-to-defaults";
3407
3408                         if (DB_TYPE == "pgsql") {
3409                                 db_query($link,"UPDATE ttrss_user_prefs
3410                                         SET value = ttrss_prefs.def_value
3411                                         WHERE owner_uid = '".$_SESSION["uid"]."' AND
3412                                         ttrss_prefs.pref_name = ttrss_user_prefs.pref_name");
3413                         } else {
3414                                 db_query($link, "DELETE FROM ttrss_user_prefs
3415                                         WHERE owner_uid = ".$_SESSION["uid"]);
3416                                 initialize_user_prefs($link, $_SESSION["uid"]);
3417                         }
3418
3419                         header("Location: prefs.php");
3420
3421                 } else if ($subop == "Change theme") {
3422
3423                         $theme = db_escape_string($_POST["theme"]);
3424
3425                         if ($theme == "Default") {
3426                                 $theme_qpart = 'NULL';
3427                         } else {
3428                                 $theme_qpart = "'$theme'";
3429                         }
3430
3431                         $result = db_query($link, "SELECT id,theme_path FROM ttrss_themes
3432                                 WHERE theme_name = '$theme'");
3433
3434                         if (db_num_rows($result) == 1) {
3435                                 $theme_id = db_fetch_result($result, 0, "id");
3436                                 $theme_path = db_fetch_result($result, 0, "theme_path");
3437                         } else {
3438                                 $theme_id = "NULL";
3439                                 $theme_path = "";
3440                         }
3441
3442                         db_query($link, "UPDATE ttrss_users SET
3443                                 theme_id = $theme_id WHERE id = " . $_SESSION["uid"]);
3444
3445                         $_SESSION["theme"] = $theme_path;
3446
3447                         header("Location: prefs.php");
3448
3449                 } else {
3450
3451                         if (!SINGLE_USER_MODE) {
3452
3453                                 $result = db_query($link, "SELECT id,email FROM ttrss_users
3454                                         WHERE id = ".$_SESSION["uid"]." AND (pwd_hash = 'password' OR
3455                                                 pwd_hash = 'SHA1:".sha1("password")."')");
3456
3457                                 if (db_num_rows($result) != 0) {
3458                                         print "<div class=\"warning\">
3459                                                 Your password is at default value, please change it.
3460                                         </div>";
3461                                 }
3462
3463                                 if ($_SESSION["pwd_change_result"] == "failed") {
3464                                         print "<div class=\"warning\">
3465                                                         There was an error while changing your password.
3466                                                 </div>";
3467                                 }
3468
3469                                 if ($_SESSION["pwd_change_result"] == "ok") {
3470                                         print "<div class=\"notice\">
3471                                                         Password changed successfully.
3472                                                 </div>";
3473                                 }
3474
3475                                 $_SESSION["pwd_change_result"] = "";
3476
3477                                 if ($_SESSION["prefs_op_result"] == "reset-to-defaults") {
3478                                         print "<div class=\"notice\">
3479                                                         Your configuration was reset to defaults.
3480                                                 </div>";
3481                                 }
3482
3483                                 if ($_SESSION["prefs_op_result"] == "save-config") {
3484                                         print "<div class=\"notice\">
3485                                                         Your configuration was saved successfully.
3486                                                 </div>";
3487                                 }
3488
3489                                 $_SESSION["prefs_op_result"] = "";
3490
3491                                 print "<form action=\"backend.php\" method=\"GET\">";
3492
3493                                 print "<table width=\"100%\" class=\"prefPrefsList\">";
3494                                 print "<tr><td colspan='3'><h3>Personal data</h3></tr></td>";
3495
3496                                 $result = db_query($link, "SELECT email FROM ttrss_users
3497                                         WHERE id = ".$_SESSION["uid"]);
3498
3499                                 $email = db_fetch_result($result, 0, "email");
3500
3501                                 print "<tr><td width=\"40%\">E-mail</td>";
3502                                 print "<td><input class=\"editbox\" name=\"email\"
3503                                         value=\"$email\"></td></tr>";
3504
3505                                 print "</table>";
3506
3507                                 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
3508
3509                                 print "<p><input class=\"button\" type=\"submit\"
3510                                         value=\"Change e-mail\" name=\"subop\">";
3511
3512                                 print "</form>";
3513
3514                                 print "<form action=\"backend.php\" method=\"POST\">";
3515
3516                                 print "<table width=\"100%\" class=\"prefPrefsList\">";
3517                                 print "<tr><td colspan='3'><h3>Authentication</h3></tr></td>";
3518
3519                                 print "<tr><td width=\"40%\">Old password</td>";
3520                                 print "<td><input class=\"editbox\" type=\"password\"
3521                                         name=\"OLD_PASSWORD\"></td></tr>";
3522
3523                                 print "<tr><td width=\"40%\">New password</td>";
3524
3525                                 print "<td><input class=\"editbox\" type=\"password\"
3526                                         name=\"NEW_PASSWORD\"></td></tr>";
3527
3528                                 print "</table>";
3529
3530                                 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
3531
3532                                 print "<p><input class=\"button\" type=\"submit\"
3533                                         value=\"Change password\" name=\"subop\">";
3534
3535                                 print "</form>";
3536
3537                         }
3538
3539                         $result = db_query($link, "SELECT
3540                                 theme_id FROM ttrss_users WHERE id = " . $_SESSION["uid"]);
3541
3542                         $user_theme_id = db_fetch_result($result, 0, "theme_id");
3543
3544                         $result = db_query($link, "SELECT
3545                                 id,theme_name FROM ttrss_themes ORDER BY theme_name");
3546
3547                         if (db_num_rows($result) > 0) {
3548
3549                                 print "<form action=\"backend.php\" method=\"POST\">";
3550                                 print "<table width=\"100%\" class=\"prefPrefsList\">";
3551                                 print "<tr><td colspan='3'><h3>Themes</h3></tr></td>";
3552                                 print "<tr><td width=\"40%\">Select theme</td>";
3553                                 print "<td><select name=\"theme\">";
3554                                 print "<option>Default</option>";
3555                                 print "<option disabled>--------</option>";
3556
3557                                 while ($line = db_fetch_assoc($result)) {
3558                                         if ($line["id"] == $user_theme_id) {
3559                                                 $selected = "selected";
3560                                         } else {
3561                                                 $selected = "";
3562                                         }
3563                                         print "<option $selected>" . $line["theme_name"] . "</option>";
3564                                 }
3565                                 print "</select></td></tr>";
3566                                 print "</table>";
3567                                 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
3568                                 print "<p><input class=\"button\" type=\"submit\"
3569                                         value=\"Change theme\" name=\"subop\">";
3570                                 print "</form>";
3571                         }
3572
3573                         $result = db_query($link, "SELECT
3574                                 ttrss_user_prefs.pref_name,short_desc,help_text,value,type_name,
3575                                 section_name,def_value
3576                                 FROM ttrss_prefs,ttrss_prefs_types,ttrss_prefs_sections,ttrss_user_prefs
3577                                 WHERE type_id = ttrss_prefs_types.id AND
3578                                         section_id = ttrss_prefs_sections.id AND
3579                                         ttrss_user_prefs.pref_name = ttrss_prefs.pref_name AND
3580                                         owner_uid = ".$_SESSION["uid"]."
3581                                 ORDER BY section_id,short_desc");
3582
3583                         print "<form action=\"backend.php\" method=\"POST\">";
3584
3585                         $lnum = 0;
3586
3587                         $active_section = "";
3588
3589                         while ($line = db_fetch_assoc($result)) {
3590
3591                                 if ($active_section != $line["section_name"]) {
3592
3593                                         if ($active_section != "") {
3594                                                 print "</table>";
3595                                         }
3596
3597                                         print "<p><table width=\"100%\" class=\"prefPrefsList\">";
3598
3599                                         $active_section = $line["section_name"];
3600
3601                                         print "<tr><td colspan=\"3\"><h3>$active_section</h3></td></tr>";
3602 //                                      print "<tr class=\"title\">
3603 //                                              <td width=\"25%\">Option</td><td>Value</td></tr>";
3604
3605                                         $lnum = 0;
3606                                 }
3607
3608 //                              $class = ($lnum % 2) ? "even" : "odd";
3609
3610                                 print "<tr>";
3611
3612                                 $type_name = $line["type_name"];
3613                                 $pref_name = $line["pref_name"];
3614                                 $value = $line["value"];
3615                                 $def_value = $line["def_value"];
3616                                 $help_text = $line["help_text"];
3617
3618                                 print "<td width=\"40%\" id=\"$pref_name\">" . $line["short_desc"];
3619
3620                                 if ($help_text) print "<div class=\"prefHelp\">$help_text</div>";
3621
3622                                 print "</td>";
3623
3624                                 print "<td>";
3625
3626                                 if ($type_name == "bool") {
3627 //                                      print_select($pref_name, $value, array("true", "false"));
3628
3629                                         if ($value == "true") {
3630                                                 $value = "Yes";
3631                                         } else {
3632                                                 $value = "No";
3633                                         }
3634
3635                                         print_radio($pref_name, $value, array("Yes", "No"));
3636
3637                                 } else {
3638                                         print "<input class=\"editbox\" name=\"$pref_name\" value=\"$value\">";
3639                                 }
3640
3641                                 print "</td>";
3642
3643                                 print "</tr>";
3644
3645                                 $lnum++;
3646                         }
3647
3648                         print "</table>";
3649
3650                         print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
3651
3652                         print "<p><input class=\"button\" type=\"submit\"
3653                                 name=\"subop\" value=\"Save configuration\">";
3654
3655                         print "&nbsp;<input class=\"button\" type=\"submit\"
3656                                 name=\"subop\" onclick=\"return validatePrefsReset()\"
3657                                 value=\"Reset to defaults\"></p>";
3658
3659                         print "</form>";
3660
3661                 }
3662
3663         }
3664
3665         if ($op == "pref-users") {
3666
3667                 $subop = $_GET["subop"];
3668
3669                 if ($subop == "editSave") {
3670
3671                         if (!WEB_DEMO_MODE) {
3672
3673                                 $login = db_escape_string($_GET["l"]);
3674                                 $uid = db_escape_string($_GET["id"]);
3675                                 $access_level = sprintf("%d", $_GET["al"]);
3676                                 $email = db_escape_string($_GET["e"]);
3677
3678                                 db_query($link, "UPDATE ttrss_users SET login = '$login',
3679                                         access_level = '$access_level', email = '$email' WHERE id = '$uid'");
3680
3681                         }
3682                 } else if ($subop == "remove") {
3683
3684                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3685
3686                                 $ids = split(",", db_escape_string($_GET["ids"]));
3687
3688                                 foreach ($ids as $id) {
3689                                         db_query($link, "DELETE FROM ttrss_users WHERE id = '$id' AND id != " . $_SESSION["uid"]);
3690
3691                                 }
3692                         }
3693                 } else if ($subop == "add") {
3694
3695                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3696
3697                                 $login = db_escape_string(trim($_GET["login"]));
3698                                 $tmp_user_pwd = make_password(8);
3699                                 $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd);
3700
3701                                 db_query($link, "INSERT INTO ttrss_users
3702                                         (login,pwd_hash,access_level,last_login)
3703                                         VALUES ('$login', '$pwd_hash', 0, NOW())");
3704
3705
3706                                 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
3707                                         login = '$login' AND pwd_hash = '$pwd_hash'");
3708
3709                                 if (db_num_rows($result) == 1) {
3710
3711                                         $new_uid = db_fetch_result($result, 0, "id");
3712
3713                                         print "<div class=\"notice\">Added user <b>".$_GET["login"].
3714                                                 "</b> with password <b>$tmp_user_pwd</b>.</div>";
3715
3716                                         initialize_user($link, $new_uid);
3717
3718                                 } else {
3719
3720                                         print "<div class=\"warning\">Error while adding user <b>".
3721                                         $_GET["login"].".</b></div>";
3722
3723                                 }
3724                         }
3725                 } else if ($subop == "resetPass") {
3726
3727                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3728
3729                                 $uid = db_escape_string($_GET["id"]);
3730
3731                                 $result = db_query($link, "SELECT login,email
3732                                         FROM ttrss_users WHERE id = '$uid'");
3733
3734                                 $login = db_fetch_result($result, 0, "login");
3735                                 $email = db_fetch_result($result, 0, "email");
3736                                 $tmp_user_pwd = make_password(8);
3737                                 $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd);
3738
3739                                 db_query($link, "UPDATE ttrss_users SET pwd_hash = '$pwd_hash'
3740                                         WHERE id = '$uid'");
3741
3742                                 print "<div class=\"notice\">Changed password of
3743                                         user <b>$login</b> to <b>$tmp_user_pwd</b>.";
3744
3745                                 if (MAIL_RESET_PASS && $email) {
3746                                         print " Notifying <b>$email</b>.";
3747
3748                                         mail("$login <$email>", "Password reset notification",
3749                                                 "Hi, $login.\n".
3750                                                 "\n".
3751                                                 "Your password for this TT-RSS installation was reset by".
3752                                                         " an administrator.\n".
3753                                                 "\n".
3754                                                 "Your new password is $tmp_user_pwd, please remember".
3755                                                         " it for later reference.\n".
3756                                                 "\n".
3757                                                 "Sincerely, TT-RSS Mail Daemon.", "From: " . MAIL_FROM);
3758                                 }
3759
3760                                 print "</div>";
3761
3762                         }
3763                 }
3764
3765                 print "<div class=\"prefGenericAddBox\">
3766                         <input id=\"uadd_box\" onchange=\"javascript:addUser()\" size=\"40\">&nbsp;";
3767
3768                 print"<input type=\"submit\" class=\"button\"
3769                         onclick=\"javascript:addUser()\" value=\"Add user\"></div>";
3770
3771                 $result = db_query($link, "SELECT
3772                                 id,login,access_level,email,
3773                                 SUBSTRING(last_login,1,16) as last_login
3774                         FROM
3775                                 ttrss_users
3776                         ORDER by login");
3777
3778                 print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
3779
3780                 print "<p><table width=\"100%\" cellspacing=\"0\"
3781                         class=\"prefUserList\" id=\"prefUserList\">";
3782
3783                 print "<tr><td class=\"selectPrompt\" colspan=\"8\">
3784                                 Select:
3785                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefUserList',
3786                                                 'UMRR-', 'UMCHK-', true)\">All</a>,
3787                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefUserList',
3788                                                 'UMRR-', 'UMCHK-', false)\">None</a>
3789                                 </td</tr>";
3790
3791                 print "<tr class=\"title\">
3792                                         <td align='center' width=\"5%\">&nbsp;</td>
3793                                         <td width='20%'>Username</td>
3794                                         <td width='20%'>E-mail</td>
3795                                         <td width='20%'>Access Level</td>
3796                                         <td width='20%'>Last login</td></tr>";
3797
3798                 $lnum = 0;
3799
3800                 while ($line = db_fetch_assoc($result)) {
3801
3802                         $class = ($lnum % 2) ? "even" : "odd";
3803
3804                         $uid = $line["id"];
3805                         $edit_uid = $_GET["id"];
3806
3807                         if ($subop == "edit" && $uid != $edit_uid) {
3808                                 $class .= "Grayed";
3809                                 $this_row_id = "";
3810                         } else {
3811                                 $this_row_id = "id=\"UMRR-$uid\"";
3812                         }
3813
3814                         print "<tr class=\"$class\" $this_row_id>";
3815
3816                         $line["login"] = htmlspecialchars($line["login"]);
3817
3818                         $line["last_login"] = date(get_pref($link, 'SHORT_DATE_FORMAT'),
3819                                 strtotime($line["last_login"]));
3820
3821 /*                      if ($uid == $_SESSION["uid"]) {
3822
3823                                 print "<td align='center'><input disabled=\"true\" type=\"checkbox\"
3824                                         id=\"UMCHK-".$line["id"]."\"></td>";
3825
3826                                 print "<td>".$line["login"]."</td>";
3827                                 print "<td>".$line["email"]."</td>";
3828                                 print "<td>".$line["access_level"]."</td>";
3829
3830                         } else */ if (!$edit_uid || $subop != "edit") {
3831
3832                                 print "<td align='center'><input onclick='toggleSelectRow(this);'
3833                                 type=\"checkbox\" id=\"UMCHK-$uid\"></td>";
3834
3835                                 print "<td><a href=\"javascript:editUser($uid);\">" .
3836                                         $line["login"] . "</td>";
3837
3838                                 print "<td><a href=\"javascript:editUser($uid);\">" .
3839                                         $line["email"] . "</td>";
3840
3841                                 print "<td><a href=\"javascript:editUser($uid);\">" .
3842                                         $line["access_level"] . "</td>";
3843
3844                         } else if ($uid != $edit_uid) {
3845
3846                                 print "<td align='center'><input disabled=\"true\" type=\"checkbox\"
3847                                         id=\"UMCHK-".$line["id"]."\"></td>";
3848
3849                                 print "<td>".$line["login"]."</td>";
3850                                 print "<td>".$line["email"]."</td>";
3851                                 print "<td>".$line["access_level"]."</td>";
3852
3853                         } else {
3854
3855                                 print "<td align='center'>
3856                                         <input disabled=\"true\" type=\"checkbox\" checked></td>";
3857
3858                                 print "<td><input id=\"iedit_ulogin\" value=\"".$line["login"].
3859                                         "\"></td>";
3860
3861                                 print "<td><input id=\"iedit_email\" value=\"".$line["email"].
3862                                         "\"></td>";
3863
3864                                 print "<td><input id=\"iedit_ulevel\" value=\"".$line["access_level"].
3865                                         "\"></td>";
3866
3867                         }
3868
3869                         print "<td>".$line["last_login"]."</td>";
3870
3871                         print "</tr>";
3872
3873                         ++$lnum;
3874                 }
3875
3876                 print "</table>";
3877
3878                 print "<p>";
3879
3880                 if ($subop == "edit") {
3881                         print "Edit user:
3882                                 <input type=\"submit\" class=\"button\"
3883                                         onclick=\"javascript:userEditSave()\" value=\"Save\">
3884                                 <input type=\"submit\" class=\"button\"
3885                                         onclick=\"javascript:userEditCancel()\" value=\"Cancel\">";
3886
3887                 } else {
3888
3889                         print "
3890                                 Selection:
3891                         <input type=\"submit\" class=\"button\"
3892                                 onclick=\"javascript:selectedUserDetails()\" value=\"User details\">
3893                         <input type=\"submit\" class=\"button\"
3894                                 onclick=\"javascript:editSelectedUser()\" value=\"Edit\">
3895                         <input type=\"submit\" class=\"button\"
3896                                 onclick=\"javascript:removeSelectedUsers()\" value=\"Remove\">
3897                         <input type=\"submit\" class=\"button\"
3898                                 onclick=\"javascript:resetSelectedUserPass()\" value=\"Reset password\">";
3899
3900                 }
3901         }
3902
3903         if ($op == "user-details") {
3904
3905                 if (WEB_DEMO_MODE || $_SESSION["access_level"] < 10) {
3906                         return;
3907                 }
3908
3909 /*              print "<html><head>
3910                         <title>Tiny Tiny RSS : User Details</title>
3911                         <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">
3912                         <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
3913                         </head><body>"; */
3914
3915                 $uid = sprintf("%d", $_GET["id"]);
3916
3917                 print "<div class='infoBoxContents'>";
3918
3919                 $result = db_query($link, "SELECT login,
3920                         SUBSTRING(last_login,1,16) AS last_login,
3921                         access_level,
3922                         (SELECT COUNT(int_id) FROM ttrss_user_entries
3923                                 WHERE owner_uid = id) AS stored_articles
3924                         FROM ttrss_users
3925                         WHERE id = '$uid'");
3926
3927                 if (db_num_rows($result) == 0) {
3928                         print "<h1>User not found</h1>";
3929                         return;
3930                 }
3931
3932                 print "<h1>User Details</h1>";
3933
3934                 print "<table width='100%'>";
3935
3936                 $login = db_fetch_result($result, 0, "login");
3937                 $last_login = date(get_pref($link, 'LONG_DATE_FORMAT'),
3938                         strtotime(db_fetch_result($result, 0, "last_login")));
3939                 $access_level = db_fetch_result($result, 0, "access_level");
3940                 $stored_articles = db_fetch_result($result, 0, "stored_articles");
3941
3942                 print "<tr><td>Username</td><td>$login</td></tr>";
3943                 print "<tr><td>Access level</td><td>$access_level</td></tr>";
3944                 print "<tr><td>Last logged in</td><td>$last_login</td></tr>";
3945                 print "<tr><td>Stored articles</td><td>$stored_articles</td></tr>";
3946
3947                 $result = db_query($link, "SELECT COUNT(id) as num_feeds FROM ttrss_feeds
3948                         WHERE owner_uid = '$uid'");
3949
3950                 $num_feeds = db_fetch_result($result, 0, "num_feeds");
3951
3952                 print "<tr><td>Subscribed feeds count</td><td>$num_feeds</td></tr>";
3953
3954 /*              $result = db_query($link, "SELECT
3955                         SUM(LENGTH(content)+LENGTH(title)+LENGTH(link)+LENGTH(guid)) AS db_size
3956                         FROM ttrss_user_entries,ttrss_entries
3957                                 WHERE owner_uid = '$uid' AND ref_id = id");
3958
3959                 $db_size = round(db_fetch_result($result, 0, "db_size") / 1024);
3960
3961                 print "<tr><td>Approx. used DB size</td><td>$db_size KBytes</td></tr>";  */
3962
3963                 print "</table>";
3964
3965                 print "<h1>Subscribed feeds</h1>";
3966
3967                 $result = db_query($link, "SELECT id,title,site_url FROM ttrss_feeds
3968                         WHERE owner_uid = '$uid' ORDER BY title");
3969
3970                 print "<ul class=\"userFeedList\">";
3971
3972                 while ($line = db_fetch_assoc($result)) {
3973
3974                         $icon_file = ICONS_URL."/".$line["id"].".ico";
3975
3976                         if (file_exists($icon_file) && filesize($icon_file) > 0) {
3977                                 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"$icon_file\">";
3978                         } else {
3979                                 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
3980                         }
3981
3982                         print "<li>$feed_icon&nbsp;<a href=\"".$line["site_url"]."\">".$line["title"]."</a></li>";
3983                 }
3984
3985                 if (db_num_rows($result) < $num_feeds) {
3986                          // FIXME - add link to show ALL subscribed feeds here somewhere
3987                         print "<li><img
3988                                 class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">&nbsp;...</li>";
3989                 }
3990
3991                 print "</ul>";
3992
3993                 print "</div>";
3994
3995                 print "<div align='center'>
3996                         <input type='submit' class='button'
3997                         onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
3998
3999 //              print "</body></html>";
4000
4001         }
4002
4003         if ($op == "feed-details") {
4004
4005 //              $feed_id = $_GET["id"];
4006
4007                 $feed_ids = split(",", db_escape_string($_GET["id"]));
4008
4009                 print "<div class=\"infoBoxContents\">";
4010
4011                 foreach ($feed_ids as $feed_id) {
4012
4013                         $result = db_query($link,
4014                                 "SELECT
4015                                         title,feed_url,
4016                                         SUBSTRING(last_updated,1,16) as last_updated,
4017                                         icon_url,site_url,
4018                                         (SELECT COUNT(int_id) FROM ttrss_user_entries
4019                                                 WHERE feed_id = id) AS total,
4020                                         (SELECT COUNT(int_id) FROM ttrss_user_entries
4021                                                 WHERE feed_id = id AND unread = true) AS unread,
4022                                         (SELECT COUNT(int_id) FROM ttrss_user_entries
4023                                                 WHERE feed_id = id AND marked = true) AS marked
4024                                 FROM ttrss_feeds
4025                                 WHERE id = '$feed_id' AND owner_uid = ".$_SESSION["uid"]);
4026
4027                         if (db_num_rows($result) == 0) return;
4028
4029                         $title = db_unescape_string(db_fetch_result($result, 0, "title"));
4030                         $last_updated = date(get_pref($link, 'LONG_DATE_FORMAT'),
4031                                 strtotime(db_fetch_result($result, 0, "last_updated")));
4032                         $feed_url = db_fetch_result($result, 0, "feed_url");
4033                         $icon_url = db_fetch_result($result, 0, "icon_url");
4034                         $total = db_fetch_result($result, 0, "total");
4035                         $unread = db_fetch_result($result, 0, "unread");
4036                         $marked = db_fetch_result($result, 0, "marked");
4037                         $site_url = db_fetch_result($result, 0, "site_url");
4038
4039                         $result = db_query($link, "SELECT COUNT(id) AS subscribed
4040                                                 FROM ttrss_feeds WHERE feed_url = '$feed_url' AND private = false");
4041
4042                         $subscribed = db_fetch_result($result, 0, "subscribed");
4043
4044                         $icon_file = ICONS_DIR . "/$feed_id.ico";
4045
4046                         if (file_exists($icon_file) && filesize($icon_file) > 0) {
4047                                         $feed_icon = "<img width=\"16\" height=\"16\"
4048                                                 src=\"" . ICONS_URL . "/$feed_id.ico\">";
4049                         } else {
4050                                 $feed_icon = "";
4051                         }
4052
4053                         print "<h1>$feed_icon $title</h1>";
4054
4055                         print "<table width='100%'>";
4056
4057                         if ($site_url) {
4058                                 print "<tr><td width='30%'>Link</td>
4059                                         <td><a href=\"$site_url\">$site_url</a>
4060                                         <a href=\"$feed_url\">(feed)</a></td>
4061                                         </td></tr>";
4062                         } else {
4063                                 print "<tr><td width='30%'>Feed URL</td>
4064                                         <td><a href=\"$feed_url\">$feed_url</a></td></tr>";
4065                         }
4066                         print "<tr><td>Last updated</td><td>$last_updated</td></tr>";
4067                         print "<tr><td>Total articles</td><td>$total</td></tr>";
4068                         print "<tr><td>Unread articles</td><td>$unread</td></tr>";
4069                         print "<tr><td>Starred articles</td><td>$marked</td></tr>";
4070                         print "<tr><td>Subscribed users</td><td>$subscribed</td></tr>";
4071
4072                         print "</table>";
4073
4074 /*                      $result = db_query($link, "SELECT title,
4075                                 SUBSTRING(updated,1,16) AS updated,unread
4076                                 FROM ttrss_entries,ttrss_user_entries
4077                                 WHERE ref_id = id AND feed_id = '$feed_id'
4078                                 ORDER BY date_entered DESC LIMIT 5");
4079
4080                         if (db_num_rows($result) > 0) {
4081
4082                                 print "<h1>Latest headlines</h1>";
4083
4084                                 print "<ul class=\"nomarks\">";
4085
4086                                 while ($line = db_fetch_assoc($result)) {
4087                                         if ($line["unread"] == "t" || $line["unread"] == "1") {
4088                                                 $line["title"] = "<b>" . $line["title"] . "</b>";
4089                                         }
4090                                         print "<li>" . $line["title"].
4091                                         "&nbsp;<span class=\"insensitive\">(" .
4092                                                 date(get_pref($link, 'SHORT_DATE_FORMAT'),
4093                                                         strtotime($line["updated"])).
4094                                         ")</span></li>";
4095                                 }
4096
4097                                 print "</ul>";
4098
4099                         } */
4100                 }
4101
4102                 print "</div>";
4103
4104                 print "<div align='center'>
4105                         <input type='submit' class='button'
4106                         onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
4107         }
4108
4109         if ($op == "pref-feed-browser") {
4110
4111                 if (!ENABLE_FEED_BROWSER) {
4112                         print "Feed browser is administratively disabled.";
4113                         return;
4114                 }
4115
4116                 $subop = $_REQUEST["subop"];
4117
4118                 if ($subop == "details") {
4119                         $id = db_escape_string($_GET["id"]);
4120
4121                         print "<div class=\"browserFeedInfo\">";
4122                         print "<b>Feed information:</b>";
4123                         print "<div class=\"detailsPart\">";
4124
4125                         $result = db_query($link, "SELECT
4126                                         feed_url,site_url,
4127                                         SUBSTRING(last_updated,1,19) AS last_updated
4128                                 FROM ttrss_feeds WHERE id = '$id'");
4129
4130                         $feed_url = db_fetch_result($result, 0, "feed_url");
4131                         $site_url = db_fetch_result($result, 0, "site_url");
4132                         $last_updated = db_fetch_result($result, 0, "last_updated");
4133
4134                         if (get_pref($link, 'HEADLINES_SMART_DATE')) {
4135                                 $last_updated = smart_date_time(strtotime($last_updated));
4136                         } else {
4137                                 $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
4138                                 $last_updated = date($short_date, strtotime($last_updated));
4139                         }
4140
4141                         print "Site: <a href='$site_url'>$site_url</a> ".
4142                                 "(<a href='$feed_url'>feed</a>), ".
4143                                 "Last updated: $last_updated";
4144
4145                         print "</div>";
4146
4147                         $result = db_query($link, "SELECT
4148                                         ttrss_entries.title,
4149                                         content,
4150                                         substring(date_entered,1,19) as date_entered,
4151                                         substring(updated,1,19) as updated
4152                                 FROM ttrss_entries,ttrss_user_entries
4153                                 WHERE   ttrss_entries.id = ref_id AND feed_id = '$id'
4154                                 ORDER BY updated DESC LIMIT 5");
4155
4156                         if (db_num_rows($result) > 0) {
4157
4158                                 print "<b>Last headlines:</b><br>";
4159
4160                                 print "<div class=\"detailsPart\">";
4161                                 print "<ul class=\"compact\">";
4162                                 while ($line = db_fetch_assoc($result)) {
4163
4164                                         if (get_pref($link, 'HEADLINES_SMART_DATE')) {
4165                                                 $entry_dt = smart_date_time(strtotime($line["updated"]));
4166                                         } else {
4167                                                 $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
4168                                                 $entry_dt = date($short_date, strtotime($line["updated"]));
4169                                         }
4170
4171                                         print "<li>" . $line["title"] .
4172                                                 "&nbsp;<span class=\"insensitive\">($entry_dt)</span></li>";
4173                                 }
4174                                 print "</ul></div>";
4175                         }
4176
4177                         print "</div>";
4178
4179                         return;
4180                 }
4181
4182                 $result = db_query($link, "SELECT feed_url,count(id) AS subscribers
4183                         FROM ttrss_feeds
4184                         WHERE auth_login = '' AND auth_pass = '' AND private = false
4185                         GROUP BY feed_url ORDER BY subscribers DESC LIMIT 100");
4186
4187                 print "<ul class='nomarks' id='browseBigFeedList'>";
4188
4189                 $feedctr = 0;
4190
4191                 while ($line = db_fetch_assoc($result)) {
4192                         $feed_url = $line["feed_url"];
4193                         $subscribers = $line["subscribers"];
4194
4195                         $sub_result = db_query($link, "SELECT id
4196                                 FROM ttrss_feeds WHERE feed_url = '$feed_url' AND owner_uid =" .
4197                                 $_SESSION["uid"]);
4198
4199                         if (db_num_rows($sub_result) > 0) {
4200                                 continue; // already subscribed
4201                         }
4202
4203                         $det_result = db_query($link, "SELECT site_url,title,id
4204                                 FROM ttrss_feeds WHERE feed_url = '$feed_url' LIMIT 1");
4205
4206                         $details = db_fetch_assoc($det_result);
4207
4208                         $icon_file = ICONS_DIR . "/" . $details["id"] . ".ico";
4209
4210                         if (file_exists($icon_file) && filesize($icon_file) > 0) {
4211                                         $feed_icon = "<img class=\"tinyFeedIcon\"       src=\"" . ICONS_URL .
4212                                                 "/".$details["id"].".ico\">";
4213                         } else {
4214                                 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
4215                         }
4216
4217                         $check_box = "<input onclick='toggleSelectListRow(this)' class='feedBrowseCB'
4218                                 type=\"checkbox\" id=\"FBCHK-" . $details["id"] . "\">";
4219
4220                         $class = ($feedctr % 2) ? "even" : "odd";
4221
4222                         print "<li class='$class' id=\"FBROW-".$details["id"]."\">$check_box".
4223                                 "$feed_icon ";
4224
4225                         print "<a href=\"javascript:browserToggleExpand('".$details["id"]."')\">" .
4226                                 $details["title"] ."</a>&nbsp;" .
4227                                 "<span class='subscribers'>($subscribers)</span>";
4228
4229                         print "<div class=\"browserDetails\" id=\"BRDET-" . $details["id"] . "\">";
4230                         print "</div>";
4231
4232                         print "</li>";
4233
4234                                 ++$feedctr;
4235                 }
4236
4237                 if ($feedctr == 0) {
4238                         print "<li>No feeds found to subscribe.</li>";
4239                 }
4240
4241                 print "</ul>";
4242
4243                 print "<p>Selection:
4244                         <input type='submit' class='button' onclick=\"feedBrowserSubscribe()\"
4245                         value=\"Subscribe\"></p>";
4246
4247                 print "</div>";
4248
4249         }
4250
4251         db_close($link);
4252 ?>
4253
4254 <!-- <?= sprintf("Backend execution time: %.4f seconds", getmicrotime() - $script_started) ?> -->
4255