backend.php

   1 <?php
   2         require_once "sessions.php";
   3         require_once "backend-rpc.php";
   4
   5         header("Cache-Control: no-cache, must-revalidate");
   6         header("Pragma: no-cache");
   7         header("Expires: -1");
   8
   9 /*      if ($_GET["debug"]) {
  10                 define('DEFAULT_ERROR_LEVEL', E_ALL);
  11         } else {
  12                 define('DEFAULT_ERROR_LEVEL', E_ERROR | E_WARNING | E_PARSE);
  13         }
  14
  15         error_reporting(DEFAULT_ERROR_LEVEL); */
  16
  17         $op = $_REQUEST["op"];
  18
  19         define('SCHEMA_VERSION', 11);
  20
  21         require_once "sanity_check.php";
  22         require_once "config.php";
  23
  24         require_once "db.php";
  25         require_once "db-prefs.php";
  26         require_once "functions.php";
  27
  28         $err_msg = check_configuration_variables();
  29
  30         $print_exec_time = true;
  31
  32         if ($err_msg) {
  33                 header("Content-Type: application/xml");
  34                 print_error_xml(9, $err_msg); die;
  35         }
  36
  37         if ((!$op || $op == "rpc" || $op == "rss" || $op == "digestSend" ||
  38                         $op == "globalUpdateFeeds") && !$_REQUEST["noxml"]) {
  39                 header("Content-Type: application/xml");
  40         }
  41
  42         if (!$op) {
  43                 header("Content-Type: application/xml");
  44                 print_error_xml(7); exit;
  45         }
  46
  47         if (!$_SESSION["uid"] && $op != "globalUpdateFeeds" && $op != "rss" && $op != "getUnread") {
  48
  49                 if ($op == "rpc") {
  50                         print_error_xml(6); die;
  51                 } else {
  52                         print "
  53                         <html><body>
  54                                 <p>Error: Not logged in.</p>
  55                                 <script type=\"text/javascript\">
  56                                         if (parent.window != 'undefined') {
  57                                                 parent.window.location = \"login.php\";
  58                                         } else {
  59                                                 window.location = \"login.php\";
  60                                         }
  61                                 </script>
  62                         </body></html>
  63                         ";
  64                 }
  65                 exit;
  66         }
  67
  68         $purge_intervals = array(
  69                 0  => "Use default",
  70                 -1 => "Never purge",
  71                 5  => "1 week old",
  72                 14 => "2 weeks old",
  73                 31 => "1 month old",
  74                 60 => "2 months old",
  75                 90 => "3 months old");
  76
  77         $update_intervals = array(
  78                 0   => "Use default",
  79                 -1  => "Disable updates",
  80                 30  => "Each 30 minutes",
  81                 60  => "Hourly",
  82                 240 => "Each 4 hours",
  83                 720 => "Each 12 hours",
  84                 1440 => "Daily",
  85                 10080 => "Weekly");
  86
  87         $access_level_names = array(
  88                 0 => "User",
  89                 10 => "Administrator");
  90
  91         $script_started = getmicrotime();
  92
  93         $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
  94
  95         if (!$link) {
  96                 if (DB_TYPE == "mysql") {
  97                         print mysql_error();
  98                 }
  99                 // PG seems to display its own errors just fine by default.
 100                 return;
 101         }
 102
 103         if (DB_TYPE == "pgsql") {
 104                 pg_query("set client_encoding = 'utf-8'");
 105         }
 106
 107         if ($_SESSION["uid"]) {
 108
 109 //              setcookie('ttrss_vf_refresh', FEEDS_FRAME_REFRESH);
 110 //              setcookie('ttrss_vf_daemon', ENABLE_UPDATE_DAEMON);
 111
 112 /*              if (get_pref($link, "ON_CATCHUP_SHOW_NEXT_FEED")) {
 113                         setcookie('ttrss_vf_catchupnext', 1);
 114                 } else {
 115                         setcookie('ttrss_vf_catchupnext', 0);
 116                 } */
 117         }
 118
 119         $fetch = $_GET["fetch"];
 120
 121 //      setcookie("ttrss_icons_url", ICONS_URL);
 122
 123         if (!sanity_check($link)) { return; }
 124
 125         function outputFeedList($link, $tags = false) {
 126
 127                 print "<ul class=\"feedList\" id=\"feedList\">\n";
 128
 129                 $owner_uid = $_SESSION["uid"];
 130
 131                 if (!$tags) {
 132
 133                         /* virtual feeds */
 134
 135                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 136                                 print "<li class=\"feedCat\">Special</li>";
 137                                 print "<li id=\"feedCatHolder\"><ul class=\"feedCatList\">";
 138                         }
 139
 140                         $num_starred = getFeedUnread($link, -1);
 141
 142                         $class = "virt";
 143
 144                         if ($num_starred > 0) $class .= "Unread";
 145
 146                         printFeedEntry(-1, $class, "Starred articles", $num_starred,
 147                                 "images/mark_set.png", $link);
 148
 149                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 150                                 print "</ul>\n";
 151                         }
 152
 153                         if (GLOBAL_ENABLE_LABELS && get_pref($link, 'ENABLE_LABELS')) {
 154
 155                                 $result = db_query($link, "SELECT id,sql_exp,description FROM
 156                                         ttrss_labels WHERE owner_uid = '$owner_uid' ORDER by description");
 157
 158                                 if (db_num_rows($result) > 0) {
 159                                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 160                                                 print "<li class=\"feedCat\">Labels</li>";
 161                                                 print "<li id=\"feedCatHolder\"><ul class=\"feedCatList\">";
 162                                         } else {
 163                                                 print "<li><hr></li>";
 164                                         }
 165                                 }
 166
 167                                 while ($line = db_fetch_assoc($result)) {
 168
 169                                         error_reporting (0);
 170
 171                                         $label_id = -$line['id'] - 11;
 172                                         $count = getFeedUnread($link, $label_id);
 173
 174                                         $class = "label";
 175
 176                                         if ($count > 0) {
 177                                                 $class .= "Unread";
 178                                         }
 179
 180                                         error_reporting (DEFAULT_ERROR_LEVEL);
 181
 182                                         printFeedEntry($label_id,
 183                                                 $class, db_unescape_string($line["description"]),
 184                                                 $count, "images/label.png", $link);
 185
 186                                 }
 187
 188                                 if (db_num_rows($result) > 0) {
 189                                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 190                                                 print "</ul>";
 191                                         }
 192                                 }
 193
 194                         }
 195
 196 //                      if (!get_pref($link, 'ENABLE_FEED_CATS')) {
 197                                 print "<li><hr></li>";
 198 //                      }
 199
 200                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 201                                 if (get_pref($link, "FEEDS_SORT_BY_UNREAD")) {
 202                                         $order_by_qpart = "category,unread DESC,title";
 203                                 } else {
 204                                         $order_by_qpart = "category,title";
 205                                 }
 206                         } else {
 207                                 if (get_pref($link, "FEEDS_SORT_BY_UNREAD")) {
 208                                         $order_by_qpart = "unread DESC,title";
 209                                 } else {
 210                                         $order_by_qpart = "title";
 211                                 }
 212                         }
 213
 214                         $result = db_query($link, "SELECT ttrss_feeds.*,
 215                                 SUBSTRING(last_updated,1,19) AS last_updated_noms,
 216                                 (SELECT COUNT(id) FROM ttrss_entries,ttrss_user_entries
 217                                         WHERE feed_id = ttrss_feeds.id AND unread = true
 218                                                 AND ttrss_user_entries.ref_id = ttrss_entries.id
 219                                                 AND owner_uid = '$owner_uid') as unread,
 220                                 cat_id,last_error,
 221                                 ttrss_feed_categories.title AS category,
 222                                 ttrss_feed_categories.collapsed
 223                                 FROM ttrss_feeds LEFT JOIN ttrss_feed_categories
 224                                         ON (ttrss_feed_categories.id = cat_id)
 225                                 WHERE
 226                                         ttrss_feeds.hidden = false AND
 227                                         ttrss_feeds.owner_uid = '$owner_uid' AND parent_feed IS NULL
 228                                 ORDER BY $order_by_qpart");
 229
 230                         $actid = $_GET["actid"];
 231
 232                         /* real feeds */
 233
 234                         $lnum = 0;
 235
 236                         $total_unread = 0;
 237
 238                         $category = "";
 239
 240                         $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
 241
 242                         while ($line = db_fetch_assoc($result)) {
 243
 244                                 $feed = db_unescape_string($line["title"]);
 245                                 $feed_id = $line["id"];
 246
 247                                 $subop = $_GET["subop"];
 248
 249                                 $unread = $line["unread"];
 250
 251                                 if (get_pref($link, 'HEADLINES_SMART_DATE')) {
 252                                         $last_updated = smart_date_time(strtotime($line["last_updated_noms"]));
 253                                 } else {
 254                                         $last_updated = date($short_date, strtotime($line["last_updated_noms"]));
 255                                 }
 256
 257                                 $rtl_content = sql_bool_to_bool($line["rtl_content"]);
 258
 259                                 if ($rtl_content) {
 260                                         $rtl_tag = "dir=\"RTL\"";
 261                                 } else {
 262                                         $rtl_tag = "";
 263                                 }
 264
 265                                 $tmp_result = db_query($link,
 266                                         "SELECT id,COUNT(unread) AS unread
 267                                         FROM ttrss_feeds LEFT JOIN ttrss_user_entries
 268                                                 ON (ttrss_feeds.id = ttrss_user_entries.feed_id)
 269                                         WHERE parent_feed = '$feed_id' AND unread = true
 270                                         GROUP BY ttrss_feeds.id");
 271
 272                                 if (db_num_rows($tmp_result) > 0) {
 273                                         while ($l = db_fetch_assoc($tmp_result)) {
 274                                                 $unread += $l["unread"];
 275                                         }
 276                                 }
 277
 278                                 $cat_id = $line["cat_id"];
 279
 280                                 $tmp_category = $line["category"];
 281
 282                                 if (!$tmp_category) {
 283                                         $tmp_category = "Uncategorized";
 284                                 }
 285
 286         //                      $class = ($lnum % 2) ? "even" : "odd";
 287
 288                                 if ($line["last_error"]) {
 289                                         $class = "error";
 290                                 } else {
 291                                         $class = "feed";
 292                                 }
 293
 294                                 if ($unread > 0) $class .= "Unread";
 295
 296                                 if ($actid == $feed_id) {
 297                                         $class .= "Selected";
 298                                 }
 299
 300                                 $total_unread += $unread;
 301
 302                                 if ($category != $tmp_category && get_pref($link, 'ENABLE_FEED_CATS')) {
 303
 304                                         if ($category) {
 305                                                 print "</ul></li>";
 306                                         }
 307
 308                                         $category = $tmp_category;
 309
 310                                         $collapsed = $line["collapsed"];
 311
 312                                         // workaround for NULL category
 313                                         if ($category == "Uncategorized") {
 314                                                 if ($_COOKIE["ttrss_vf_uclps"] == 1) {
 315                                                         $collapsed = "t";
 316                                                 }
 317                                         }
 318
 319                                         if ($collapsed == "t" || $collapsed == "1") {
 320                                                 $holder_class = "invisible";
 321                                                 $ellipsis = "...";
 322                                         } else {
 323                                                 $holder_class = "";
 324                                                 $ellipsis = "";
 325                                         }
 326
 327                                         $cat_id = sprintf("%d", $cat_id);
 328
 329                                         $cat_unread = getCategoryUnread($link, $cat_id);
 330
 331                                         print "<li class=\"feedCat\" id=\"FCAT-$cat_id\">
 332                                                 <a id=\"FCATN-$cat_id\" href=\"javascript:toggleCollapseCat($cat_id)\">$tmp_category</a>
 333                                                         <a href=\"javascript:viewCategory($cat_id)\" id=\"FCAP-$cat_id\">
 334                                                         <span id=\"FCATCTR-$cat_id\"
 335                                                         class=\"$catctr_class\">($cat_unread unread)$ellipsis</span>
 336                                                         </a></li>";
 337
 338                                         // !!! NO SPACE before <ul...feedCatList - breaks firstChild DOM function
 339                                         // -> keyboard navigation, etc.
 340                                         print "<li id=\"feedCatHolder\" class=\"$holder_class\"><ul class=\"feedCatList\" id=\"FCATLIST-$cat_id\">";
 341                                 }
 342
 343                                 printFeedEntry($feed_id, $class, $feed, $unread,
 344                                         "icons/$feed_id.ico", $link, $rtl_content,
 345                                         $last_updated, $line["last_error"]);
 346
 347                                 ++$lnum;
 348                         }
 349
 350                         if (db_num_rows($result) == 0) {
 351                                 print "<li>No feeds to display.</li>";
 352                         }
 353
 354                 } else {
 355
 356                         // tags
 357
 358 /*                      $result = db_query($link, "SELECT tag_name,count(ttrss_entries.id) AS count
 359                                 FROM ttrss_tags,ttrss_entries,ttrss_user_entries WHERE
 360                                 post_int_id = ttrss_user_entries.int_id AND
 361                                 unread = true AND ref_id = ttrss_entries.id
 362                                 AND ttrss_tags.owner_uid = '$owner_uid' GROUP BY tag_name
 363                         UNION
 364                                 select tag_name,0 as count FROM ttrss_tags WHERE owner_uid = '$owner_uid'
 365                         ORDER BY tag_name"); */
 366
 367                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 368                                 print "<li class=\"feedCat\">Tags</li>";
 369                                 print "<li id=\"feedCatHolder\"><ul class=\"feedCatList\">";
 370                         }
 371
 372                         $result = db_query($link, "SELECT tag_name,SUM((SELECT COUNT(int_id)
 373                                 FROM ttrss_user_entries WHERE int_id = post_int_id
 374                                         AND unread = true)) AS count FROM ttrss_tags
 375                                 WHERE owner_uid = 2 GROUP BY tag_name ORDER BY tag_name");
 376
 377                         $tags = array();
 378
 379                         while ($line = db_fetch_assoc($result)) {
 380                                 $tags[$line["tag_name"]] += $line["count"];
 381                         }
 382
 383                         foreach (array_keys($tags) as $tag) {
 384
 385                                 $unread = $tags[$tag];
 386
 387                                 $class = "tag";
 388
 389                                 if ($unread > 0) {
 390                                         $class .= "Unread";
 391                                 }
 392
 393                                 printFeedEntry($tag, $class, $tag, $unread, "images/tag.png", $link);
 394
 395                         }
 396
 397                         if (db_num_rows($result) == 0) {
 398                                 print "<li>No tags to display.</li>";
 399                         }
 400
 401                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 402                                 print "</ul>\n";
 403                         }
 404
 405                 }
 406
 407                 print "</ul>";
 408
 409         }
 410
 411
 412         if ($op == "rpc") {
 413                 handle_rpc_request($link);
 414         }
 415
 416         if ($op == "feeds") {
 417
 418                 $tags = $_GET["tags"];
 419
 420                 $subop = $_GET["subop"];
 421
 422                 if ($subop == "catchupAll") {
 423                         db_query($link, "UPDATE ttrss_user_entries SET
 424                                 last_read = NOW(),unread = false WHERE owner_uid = " . $_SESSION["uid"]);
 425                 }
 426
 427                 if ($subop == "collapse") {
 428                         $cat_id = db_escape_string($_GET["cid"]);
 429
 430                         db_query($link, "UPDATE ttrss_feed_categories SET
 431                                 collapsed = NOT collapsed WHERE id = '$cat_id' AND owner_uid = " .
 432                                 $_SESSION["uid"]);
 433                         return;
 434                 }
 435
 436                 outputFeedList($link, $tags);
 437
 438         }
 439
 440         if ($op == "view") {
 441
 442                 $id = db_escape_string($_GET["id"]);
 443                 $feed_id = db_escape_string($_GET["feed"]);
 444
 445                 $result = db_query($link, "SELECT rtl_content FROM ttrss_feeds
 446                         WHERE id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]);
 447
 448                 if (db_num_rows($result) == 1) {
 449                         $rtl_content = sql_bool_to_bool(db_fetch_result($result, 0, "rtl_content"));
 450                 } else {
 451                         $rtl_content = false;
 452                 }
 453
 454                 if ($rtl_content) {
 455                         $rtl_tag = "dir=\"RTL\"";
 456                         $rtl_class = "RTL";
 457                 } else {
 458                         $rtl_tag = "";
 459                         $rtl_class = "";
 460                 }
 461
 462                 $result = db_query($link, "UPDATE ttrss_user_entries
 463                         SET unread = false,last_read = NOW()
 464                         WHERE ref_id = '$id' AND feed_id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]);
 465
 466                 $result = db_query($link, "SELECT title,link,content,feed_id,comments,int_id,
 467                         SUBSTRING(updated,1,16) as updated,
 468                         (SELECT icon_url FROM ttrss_feeds WHERE id = feed_id) as icon_url,
 469                         num_comments,
 470                         author
 471                         FROM ttrss_entries,ttrss_user_entries
 472                         WHERE   id = '$id' AND ref_id = id AND owner_uid = " . $_SESSION["uid"]);
 473
 474                 if ($result) {
 475
 476                         $link_target = "";
 477
 478                         if (get_pref($link, 'OPEN_LINKS_IN_NEW_WINDOW')) {
 479                                 $link_target = "target=\"_new\"";
 480                         }
 481
 482                         $line = db_fetch_assoc($result);
 483
 484                         if ($line["icon_url"]) {
 485                                 $feed_icon = "<img class=\"feedIcon\" src=\"" . $line["icon_url"] . "\">";
 486                         } else {
 487                                 $feed_icon = "&nbsp;";
 488                         }
 489
 490 /*                      if ($line["comments"] && $line["link"] != $line["comments"]) {
 491                                 $entry_comments = "(<a href=\"".$line["comments"]."\">Comments</a>)";
 492                         } else {
 493                                 $entry_comments = "";
 494                         } */
 495
 496                         $num_comments = $line["num_comments"];
 497                         $entry_comments = "";
 498
 499                         if ($num_comments > 0) {
 500                                 if ($line["comments"]) {
 501                                         $comments_url = $line["comments"];
 502                                 } else {
 503                                         $comments_url = $line["link"];
 504                                 }
 505                                 $entry_comments = "<a $link_target href=\"$comments_url\">$num_comments comments</a>";
 506                         } else {
 507                                 if ($line["comments"] && $line["link"] != $line["comments"]) {
 508                                         $entry_comments = "<a $link_target href=\"".$line["comments"]."\">comments</a>";
 509                                 }
 510                         }
 511
 512                         print "<div class=\"postReply\">";
 513
 514                         print "<div class=\"postHeader\"><table width=\"100%\">";
 515
 516                         $entry_author = $line["author"];
 517
 518                         if ($entry_author) {
 519                                 $entry_author = " - by $entry_author";
 520                         }
 521
 522                         if ($line["link"]) {
 523                                 print "<tr><td><a $link_target href=\"" . $line["link"] . "\">" .
 524                                         $line["title"] . "</a>$entry_author</td>";
 525                         } else {
 526                                 print "<tr><td>" . $line["title"] . "$entry_author</td>";
 527                         }
 528
 529                         $parsed_updated = date(get_pref($link, 'LONG_DATE_FORMAT'),
 530                                 strtotime($line["updated"]));
 531
 532                         print "<td class=\"postDate$rtl_class\">$parsed_updated</td>";
 533
 534                         print "</tr>";
 535
 536                         $tmp_result = db_query($link, "SELECT DISTINCT tag_name FROM
 537                                 ttrss_tags WHERE post_int_id = " . $line["int_id"] . "
 538                                 ORDER BY tag_name");
 539
 540                         $tags_str = "";
 541                         $f_tags_str = "";
 542
 543                         $num_tags = 0;
 544
 545                         while ($tmp_line = db_fetch_assoc($tmp_result)) {
 546                                 $num_tags++;
 547                                 $tag = $tmp_line["tag_name"];
 548                                 $tag_str = "<a href=\"javascript:parent.viewfeed('$tag')\">$tag</a>, ";
 549
 550                                 if ($num_tags == 5) {
 551                                         $tags_str .= "<a href=\"javascript:showBlockElement('allEntryTags')\">...</a>";
 552                                 } else if ($num_tags < 5) {
 553                                         $tags_str .= $tag_str;
 554                                 }
 555                                 $f_tags_str .= $tag_str;
 556                         }
 557
 558                         $tags_str = preg_replace("/, $/", "", $tags_str);
 559                         $f_tags_str = preg_replace("/, $/", "", $f_tags_str);
 560
 561 //                      $truncated_link = truncate_string($line["link"], 60);
 562
 563                         if ($tags_str || $entry_comments) {
 564                                 print "<tr><td width='50%'>
 565                                         $entry_comments</td>
 566                                         <td align=\"right\">$tags_str</td></tr>";
 567                         }
 568
 569                         print "</table></div>";
 570
 571                         print "<div class=\"postIcon\">" . $feed_icon . "</div>";
 572                         print "<div class=\"postContent\">";
 573
 574                         if (db_num_rows($tmp_result) > 5) {
 575                                 print "<div id=\"allEntryTags\">Tags: $f_tags_str</div>";
 576                         }
 577
 578                         if (get_pref($link, 'OPEN_LINKS_IN_NEW_WINDOW')) {
 579                                 $line["content"] = preg_replace("/href=/i", "target=\"_new\" href=", $line["content"]);
 580                         }
 581
 582                         $line["content"] = sanitize_rss($line["content"]);
 583
 584                         print $line["content"] . "</div>";
 585
 586                         print "</div>";
 587
 588                 }
 589         }
 590
 591         if ($op == "viewfeed") {
 592
 593                 $feed = db_escape_string($_GET["feed"]);
 594                 $subop = db_escape_string($_GET["subop"]);
 595                 $view_mode = db_escape_string($_GET["view_mode"]);
 596                 $limit = db_escape_string($_GET["limit"]);
 597                 $cat_view = db_escape_string($_GET["cat"]);
 598                 $next_unread_feed = db_escape_string($_GET["nuf"]);
 599
 600                 if ($subop == "undefined") $subop = "";
 601
 602                 if ($subop == "CatchupSelected") {
 603                         $ids = split(",", db_escape_string($_GET["ids"]));
 604                         $cmode = sprintf("%d", $_GET["cmode"]);
 605
 606                         catchupArticlesById($link, $ids, $cmode);
 607                 }
 608
 609                 if ($subop == "ForceUpdate" && sprintf("%d", $feed) > 0) {
 610                         update_generic_feed($link, $feed, $cat_view);
 611                 }
 612
 613                 if ($subop == "MarkAllRead")  {
 614                         catchup_feed($link, $feed, $cat_view);
 615
 616                         if (get_pref($link, 'ON_CATCHUP_SHOW_NEXT_FEED')) {
 617                                 if ($next_unread_feed) {
 618                                         $feed = $next_unread_feed;
 619                                 }
 620                         }
 621                 }
 622
 623                 if ($feed_id > 0) {
 624                         $result = db_query($link,
 625                                 "SELECT id FROM ttrss_feeds WHERE id = '$feed' LIMIT 1");
 626
 627                         if (db_num_rows($result) == 0) {
 628                                 print "<div align='center'>
 629                                         Feed not found.</div>";
 630                                 return;
 631                         }
 632                 }
 633
 634                 if (preg_match("/^-?[0-9][0-9]*$/", $feed) != false) {
 635
 636                         $result = db_query($link, "SELECT rtl_content FROM ttrss_feeds
 637                                 WHERE id = '$feed' AND owner_uid = " . $_SESSION["uid"]);
 638
 639                         if (db_num_rows($result) == 1) {
 640                                 $rtl_content = sql_bool_to_bool(db_fetch_result($result, 0, "rtl_content"));
 641                         } else {
 642                                 $rtl_content = false;
 643                         }
 644
 645                         if ($rtl_content) {
 646                                 $rtl_tag = "dir=\"RTL\"";
 647                         } else {
 648                                 $rtl_tag = "";
 649                         }
 650                 } else {
 651                         $rtl_tag = "";
 652                         $rtl_content = false;
 653                 }
 654
 655                 $script_dt_add = get_script_dt_add();
 656
 657 /*              print "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
 658                         <script type=\"text/javascript\" src=\"prototype.js\"></script>
 659                         <script type=\"text/javascript\" src=\"functions.js?$script_dt_add\"></script>
 660                         <script type=\"text/javascript\" src=\"viewfeed.js?$script_dt_add\"></script>
 661                         <!--[if gte IE 5.5000]>
 662                         <script type=\"text/javascript\" src=\"pngfix.js\"></script>
 663                         <link rel=\"stylesheet\" type=\"text/css\" href=\"tt-rss-ie.css\">
 664                         <![endif]-->
 665                         </head><body $rtl_tag>
 666                         <script type=\"text/javascript\">
 667                         if (document.addEventListener) {
 668                                 document.addEventListener(\"DOMContentLoaded\", init, null);
 669                         }
 670                         window.onload = init;
 671                         </script>"; */
 672
 673                 /// START /////////////////////////////////////////////////////////////////////////////////
 674
 675                 $search = db_escape_string($_GET["query"]);
 676                 $search_mode = db_escape_string($_GET["search_mode"]);
 677                 $match_on = db_escape_string($_GET["match_on"]);
 678
 679                 if (!$match_on) {
 680                         $match_on = "both";
 681                 }
 682
 683                 $qfh_ret = queryFeedHeadlines($link, $feed, $limit, $view_mode, $cat_view, $search, $search_mode, $match_on);
 684
 685                 $result = $qfh_ret[0];
 686                 $feed_title = $qfh_ret[1];
 687                 $feed_site_url = $qfh_ret[2];
 688                 $last_error = $qfh_ret[3];
 689
 690                 /// STOP //////////////////////////////////////////////////////////////////////////////////
 691
 692                 print "<div id=\"headlinesContainer\" $rtl_tag>";
 693
 694                 if (!$result) {
 695                         print "<div align='center'>
 696                                 Could not display feed (query failed). Please check label match syntax or local configuration.</div>";
 697                         return;
 698                 }
 699
 700                 if (db_num_rows($result) > 0) {
 701
 702                         print_headline_subtoolbar($link, $feed_site_url, $feed_title, false,
 703                                 $rtl_content, $feed, $cat_view, $search, $match_on, $search_mode);
 704
 705                         print "<div id=\"headlinesInnerContainer\">";
 706
 707                         if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
 708                                 print "<table class=\"headlinesList\" id=\"headlinesList\"
 709                                         cellspacing=\"0\" width=\"100%\">";
 710                         }
 711
 712                         $lnum = 0;
 713
 714                         error_reporting (DEFAULT_ERROR_LEVEL);
 715
 716                         $num_unread = 0;
 717
 718                         while ($line = db_fetch_assoc($result)) {
 719
 720                                 $class = ($lnum % 2) ? "even" : "odd";
 721
 722                                 $id = $line["id"];
 723                                 $feed_id = $line["feed_id"];
 724
 725                                 if ($line["last_read"] == "" &&
 726                                                 ($line["unread"] != "t" && $line["unread"] != "1")) {
 727
 728                                         $update_pic = "<img id='FUPDPIC-$id' src=\"images/updated.png\"
 729                                                 alt=\"Updated\">";
 730                                 } else {
 731                                         $update_pic = "<img id='FUPDPIC-$id' src=\"images/blank_icon.gif\"
 732                                                 alt=\"Updated\">";
 733                                 }
 734
 735                                 if ($line["unread"] == "t" || $line["unread"] == "1") {
 736                                         $class .= "Unread";
 737                                         ++$num_unread;
 738                                         $is_unread = true;
 739                                 } else {
 740                                         $is_unread = false;
 741                                 }
 742
 743                                 if ($line["marked"] == "t" || $line["marked"] == "1") {
 744                                         $marked_pic = "<img id=\"FMARKPIC-$id\" src=\"images/mark_set.png\"
 745                                                 alt=\"Reset mark\" onclick='javascript:toggleMark($id)'>";
 746                                 } else {
 747                                         $marked_pic = "<img id=\"FMARKPIC-$id\" src=\"images/mark_unset.png\"
 748                                                 alt=\"Set mark\" onclick='javascript:toggleMark($id)'>";
 749                                 }
 750
 751 #                               $content_link = "<a target=\"_new\" href=\"".$line["link"]."\">" .
 752 #                                       $line["title"] . "</a>";
 753
 754                                 $content_link = "<a href=\"javascript:view($id,$feed_id);\">" .
 755                                         $line["title"] . "</a>";
 756
 757 #                               $content_link = "<a href=\"javascript:viewContentUrl('".$line["link"]."');\">" .
 758 #                                       $line["title"] . "</a>";
 759
 760                                 if (get_pref($link, 'HEADLINES_SMART_DATE')) {
 761                                         $updated_fmt = smart_date_time(strtotime($line["updated"]));
 762                                 } else {
 763                                         $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
 764                                         $updated_fmt = date($short_date, strtotime($line["updated"]));
 765                                 }
 766
 767                                 if (get_pref($link, 'SHOW_CONTENT_PREVIEW')) {
 768                                         $content_preview = truncate_string(strip_tags($line["content_preview"]),
 769                                                 100);
 770                                 }
 771
 772                                 if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
 773
 774                                         print "<tr class='$class' id='RROW-$id'>";
 775
 776                                         print "<td class='hlUpdatePic'>$update_pic</td>";
 777
 778                                         print "<td class='hlSelectRow'>
 779                                                 <input type=\"checkbox\" onclick=\"toggleSelectRow(this)\"
 780                                                         class=\"feedCheckBox\" id=\"RCHK-$id\">
 781                                                 </td>";
 782
 783                                         print "<td class='hlMarkedPic'>$marked_pic</td>";
 784
 785                                         if ($line["feed_title"]) {
 786                                                 print "<td class='hlContent'>$content_link</td>";
 787                                                 print "<td class='hlFeed'>
 788                                                         <a href='javascript:viewfeed($feed_id)'>".
 789                                                                 $line["feed_title"]."</a>&nbsp;</td>";
 790                                         } else {
 791                                                 print "<td class='hlContent' valign='middle'>";
 792
 793                                                 print "<a href=\"javascript:view($id,$feed_id);\">" .
 794                                                         $line["title"];
 795
 796                                                 if (get_pref($link, 'SHOW_CONTENT_PREVIEW') && !$rtl_tag) {
 797                                                         if ($content_preview) {
 798                                                                 print "<span class=\"contentPreview\"> - $content_preview</span>";
 799                                                         }
 800                                                 }
 801
 802                                                 print "</a>";
 803                                                 print "</td>";
 804                                         }
 805
 806                                         print "<td class=\"hlUpdated\"><nobr>$updated_fmt&nbsp;</nobr></td>";
 807
 808                                         print "</tr>";
 809
 810                                 } else {
 811
 812                                         if ($is_unread) {
 813                                                 $add_class = "Unread";
 814                                         } else {
 815                                                 $add_class = "";
 816                                         }
 817
 818                                         print "<div class=\"cdmArticle$add_class\" id=\"RROW-$id\">";
 819
 820                                         print "<div class=\"cdmHeader\">";
 821
 822                                         print "<div style=\"float : right\">$updated_fmt,
 823                                                 <a class=\"cdmToggleLink\"
 824                                                         href=\"javascript:toggleUnread($id)\">Toggle unread</a>
 825                                         </div>";
 826
 827                                         print "<a class=\"title\"
 828                                                 onclick=\"javascript:toggleUnread($id, 0)\"
 829                                                 target=\"new\" href=\"".$line["link"]."\">".$line["title"]."</a>";
 830
 831                                         if ($line["feed_title"]) {
 832                                                 print "&nbsp;(<a href='javascript:viewfeed($feed_id)'>".$line["feed_title"]."</a>)";
 833                                         }
 834
 835                                         print "</div>";
 836
 837                                         print "<div class=\"cdmContent\">" . $line["content_preview"] . "</div><br clear=\"all\">";
 838
 839                                         print "<div style=\"float : right\">$marked_pic</div>
 840                                                 <div lass=\"cdmFooter\">
 841                                                         <input type=\"checkbox\" onclick=\"toggleSelectRowById(this,
 842                                                         'RROW-$id')\" class=\"feedCheckBox\" id=\"RCHK-$id\"></div>";
 843
 844 #                                       print "<div align=\"center\"><a class=\"cdmToggleLink\"
 845 #                                                       href=\"javascript:toggleUnread($id)\">
 846 #                                                       Toggle unread</a></div>";
 847
 848                                         print "</div>";
 849
 850                                 }
 851
 852                                 ++$lnum;
 853                         }
 854
 855                         if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
 856                                 print "</table>";
 857                         }
 858
 859                         print "</div>";
 860
 861 //                      print_headline_subtoolbar($link,
 862 //                              "javascript:catchupPage()", "Mark page as read", true, $rtl_content);
 863
 864
 865                 } else {
 866                         print "<div width='100%' align='center'>No articles found.</div>";
 867                 }
 868
 869                 print "</div>";
 870         }
 871
 872         if ($op == "pref-feeds") {
 873
 874                 $subop = $_REQUEST["subop"];
 875                 $quiet = $_REQUEST["quiet"];
 876
 877                 if ($subop == "massSubscribe") {
 878                         $ids = split(",", db_escape_string($_GET["ids"]));
 879
 880                         $subscribed = array();
 881
 882                         foreach ($ids as $id) {
 883                                 $result = db_query($link, "SELECT feed_url,title FROM ttrss_feeds
 884                                         WHERE id = '$id'");
 885
 886                                 $feed_url = db_escape_string(db_fetch_result($result, 0, "feed_url"));
 887                                 $title = db_escape_string(db_fetch_result($result, 0, "title"));
 888
 889                                 $title_orig = db_fetch_result($result, 0, "title");
 890
 891                                 $result = db_query($link, "SELECT id FROM ttrss_feeds WHERE
 892                                         feed_url = '$feed_url' AND owner_uid = " . $_SESSION["uid"]);
 893
 894                                 if (db_num_rows($result) == 0) {
 895                                         $result = db_query($link,
 896                                                 "INSERT INTO ttrss_feeds (owner_uid,feed_url,title,cat_id)
 897                                                 VALUES ('".$_SESSION["uid"]."', '$feed_url', '$title', NULL)");
 898
 899                                         array_push($subscribed, $title_orig);
 900                                 }
 901                         }
 902
 903                         if (count($subscribed) > 0) {
 904                                 print "<div class=\"notice\">";
 905                                 print "<b>Subscribed to feeds:</b>";
 906                                 print "<ul class=\"nomarks\">";
 907                                 foreach ($subscribed as $title) {
 908                                         print "<li>$title</li>";
 909                                 }
 910                                 print "</ul>";
 911                                 print "</div>";
 912                         }
 913                 }
 914
 915                 if ($subop == "browse") {
 916
 917                         if (!ENABLE_FEED_BROWSER) {
 918                                 print "Feed browser is administratively disabled.";
 919                                 return;
 920                         }
 921
 922                         print "<div id=\"infoBoxTitle\">Other feeds: Top 25</div>";
 923
 924                         print "<div class=\"infoBoxContents\">";
 925
 926                         print "<p>Showing top 25 registered feeds, sorted by popularity:</p>";
 927
 928 #                       $result = db_query($link, "SELECT feed_url,count(id) AS subscribers
 929 #                               FROM ttrss_feeds
 930 #                               WHERE auth_login = '' AND auth_pass = '' AND private = false
 931 #                               GROUP BY feed_url ORDER BY subscribers DESC LIMIT 25");
 932
 933                         $owner_uid = $_SESSION["uid"];
 934
 935                         $result = db_query($link, "SELECT feed_url,COUNT(id) AS subscribers
 936                                 FROM ttrss_feeds WHERE (SELECT COUNT(id) = 0 FROM ttrss_feeds AS tf
 937                                         WHERE tf.feed_url = ttrss_feeds.feed_url
 938                                                 AND owner_uid = '$owner_uid') GROUP BY feed_url
 939                                                         ORDER BY subscribers DESC LIMIT 25");
 940
 941                         print "<ul class='browseFeedList' id='browseFeedList'>";
 942
 943                         $feedctr = 0;
 944
 945                         while ($line = db_fetch_assoc($result)) {
 946                                 $feed_url = $line["feed_url"];
 947                                 $subscribers = $line["subscribers"];
 948
 949                                 $det_result = db_query($link, "SELECT site_url,title,id
 950                                         FROM ttrss_feeds WHERE feed_url = '$feed_url' LIMIT 1");
 951
 952                                 $details = db_fetch_assoc($det_result);
 953
 954                                 $icon_file = ICONS_DIR . "/" . $details["id"] . ".ico";
 955
 956                                 if (file_exists($icon_file) && filesize($icon_file) > 0) {
 957                                                 $feed_icon = "<img class=\"tinyFeedIcon\"       src=\"" . ICONS_URL .
 958                                                         "/".$details["id"].".ico\">";
 959                                 } else {
 960                                         $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
 961                                 }
 962
 963                                 $check_box = "<input onclick='toggleSelectListRow(this)' class='feedBrowseCB'
 964                                         type=\"checkbox\" id=\"FBCHK-" . $details["id"] . "\">";
 965
 966                                 $class = ($feedctr % 2) ? "even" : "odd";
 967
 968                                 print "<li class='$class' id=\"FBROW-".$details["id"]."\">$check_box".
 969                                         "$feed_icon " . db_unescape_string($details["title"]) .
 970                                         "&nbsp;<span class='subscribers'>($subscribers)</span></li>";
 971
 972                                         ++$feedctr;
 973                         }
 974
 975                         if ($feedctr == 0) {
 976                                 print "<li>No feeds found to subscribe.</li>";
 977                         }
 978
 979                         print "</ul>";
 980
 981                         print "<div align='center'>
 982                                 <input type=\"submit\" class=\"button\"
 983                                 onclick=\"feedBrowserSubscribe()\" value=\"Subscribe\">
 984                                 <input type='submit' class='button'
 985                                 onclick=\"closeInfoBox()\" value=\"Cancel\"></div>";
 986
 987                         print "</div>";
 988                         return;
 989                 }
 990
 991                 if ($subop == "editfeed") {
 992                         $feed_id = db_escape_string($_REQUEST["id"]);
 993
 994                         $result = db_query($link,
 995                                 "SELECT * FROM ttrss_feeds WHERE id = '$feed_id' AND
 996                                         owner_uid = " . $_SESSION["uid"]);
 997
 998                         $title = htmlspecialchars(db_unescape_string(db_fetch_result($result,
 999                                 0, "title")));
1000
1001                         $icon_file = ICONS_DIR . "/$feed_id.ico";
1002
1003                         if (file_exists($icon_file) && filesize($icon_file) > 0) {
1004                                         $feed_icon = "<img width=\"16\" height=\"16\"
1005                                                 src=\"" . ICONS_URL . "/$feed_id.ico\">";
1006                         } else {
1007                                 $feed_icon = "";
1008                         }
1009
1010                         print "<div id=\"infoBoxTitle\">Feed editor</div>";
1011
1012                         print "<div class=\"infoBoxContents\">";
1013
1014                         print "<form id=\"edit_feed_form\">";
1015
1016                         print "<input type=\"hidden\" name=\"id\" value=\"$feed_id\">";
1017                         print "<input type=\"hidden\" name=\"op\" value=\"pref-feeds\">";
1018                         print "<input type=\"hidden\" name=\"subop\" value=\"editSave\">";
1019
1020                         print "<table width='100%'>";
1021
1022                         print "<tr><td>Title:</td>";
1023                         print "<td><input class=\"iedit\" onkeypress=\"return filterCR(event)\"
1024                                 name=\"title\" value=\"$title\"></td></tr>";
1025
1026                         $feed_url = db_fetch_result($result, 0, "feed_url");
1027                         $feed_url = htmlspecialchars(db_unescape_string(db_fetch_result($result,
1028                                 0, "feed_url")));
1029
1030                         print "<tr><td>Feed URL:</td>";
1031                         print "<td><input class=\"iedit\" onkeypress=\"return filterCR(event)\"
1032                                 name=\"feed_url\" value=\"$feed_url\"></td></tr>";
1033
1034                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
1035
1036                                 $cat_id = db_fetch_result($result, 0, "cat_id");
1037
1038                                 print "<tr><td>Category:</td>";
1039                                 print "<td>";
1040
1041                                 $parent_feed = db_fetch_result($result, 0, "parent_feed");
1042
1043                                 if (sprintf("%d", $parent_feed) > 0) {
1044                                         $disabled = "disabled";
1045                                 } else {
1046                                         $disabled = "";
1047                                 }
1048
1049                                 print_feed_cat_select($link, "cat_id", $cat_id, "class=\"iedit\" $disabled");
1050
1051                                 print "</td>";
1052                                 print "</td></tr>";
1053
1054                         }
1055
1056                         $update_interval = db_fetch_result($result, 0, "update_interval");
1057
1058                         print "<tr><td>Update Interval:</td>";
1059
1060                         print "<td>";
1061
1062                         print_select_hash("update_interval", $update_interval, $update_intervals,
1063                                 "class=\"iedit\"");
1064
1065                         print "</td>";
1066
1067                         print "<tr><td>Link to:</td><td>";
1068
1069                         $tmp_result = db_query($link, "SELECT COUNT(id) AS count
1070                                 FROM ttrss_feeds WHERE parent_feed = '$feed_id'");
1071
1072                         $linked_count = db_fetch_result($tmp_result, 0, "count");
1073
1074                         $parent_feed = db_fetch_result($result, 0, "parent_feed");
1075
1076                         if ($linked_count > 0) {
1077                                 $disabled = "disabled";
1078                         } else {
1079                                 $disabled = "";
1080                         }
1081
1082                         print "<select class=\"iedit\" $disabled name=\"parent_feed\">";
1083
1084                         print "<option value=\"0\">Not linked</option>";
1085
1086                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
1087                                 if ($cat_id) {
1088                                         $cat_qpart = "AND cat_id = '$cat_id'";
1089                                 } else {
1090                                         $cat_qpart = "AND cat_id IS NULL";
1091                                 }
1092                         }
1093
1094                         $tmp_result = db_query($link, "SELECT id,title FROM ttrss_feeds
1095                                 WHERE id != '$feed_id' AND owner_uid = ".$_SESSION["uid"]." AND
1096                                         (SELECT COUNT(id) FROM ttrss_feeds AS T2 WHERE T2.id = ttrss_feeds.parent_feed) = 0
1097                                         $cat_qpart ORDER BY title");
1098
1099                                 if (db_num_rows($tmp_result) > 0) {
1100                                         print "<option disabled>--------</option>";
1101                                 }
1102
1103                                 while ($tmp_line = db_fetch_assoc($tmp_result)) {
1104                                         if ($tmp_line["id"] == $parent_feed) {
1105                                                 $is_selected = "selected";
1106                                         } else {
1107                                                 $is_selected = "";
1108                                         }
1109                                         printf("<option $is_selected value='%d'>%s</option>",
1110                                                 $tmp_line["id"], $tmp_line["title"]);
1111                                 }
1112
1113                         print "</select>";
1114                         print "</td></tr>";
1115
1116                         $purge_interval = db_fetch_result($result, 0, "purge_interval");
1117
1118                         print "<tr><td>Article purging:</td>";
1119
1120                         print "<td>";
1121
1122                         print_select_hash("purge_interval", $purge_interval, $purge_intervals,
1123                                 "class=\"iedit\"");
1124
1125                         print "</td>";
1126
1127                         $auth_login = escape_for_form(db_fetch_result($result, 0, "auth_login"));
1128
1129                         print "<tr><td>Login:</td>";
1130                         print "<td><input class=\"iedit\" onkeypress=\"return filterCR(event)\"
1131                                 name=\"auth_login\" value=\"$auth_login\"></td></tr>";
1132
1133                         $auth_pass = escape_for_form(db_fetch_result($result, 0, "auth_pass"));
1134
1135                         print "<tr><td>Password:</td>";
1136                         print "<td><input class=\"iedit\" type=\"password\" name=\"auth_pass\"
1137                                 onkeypress=\"return filterCR(event)\"
1138                                 value=\"$auth_pass\"></td></tr>";
1139
1140                         $private = sql_bool_to_bool(db_fetch_result($result, 0, "private"));
1141
1142                         if ($private) {
1143                                 $checked = "checked";
1144                         } else {
1145                                 $checked = "";
1146                         }
1147
1148                         print "<tr><td valign='top'>Options:</td>";
1149                         print "<td><input type=\"checkbox\" name=\"private\" id=\"private\"
1150                                 $checked><label for=\"private\">Hide from \"Other Feeds\"</label>";
1151
1152                         $rtl_content = sql_bool_to_bool(db_fetch_result($result, 0, "rtl_content"));
1153
1154                         if ($rtl_content) {
1155                                 $checked = "checked";
1156                         } else {
1157                                 $checked = "";
1158                         }
1159
1160                         print "<br><input type=\"checkbox\" id=\"rtl_content\" name=\"rtl_content\"
1161                                 $checked><label for=\"rtl_content\">Right-to-left content</label>";
1162
1163                         $hidden = sql_bool_to_bool(db_fetch_result($result, 0, "hidden"));
1164
1165                         if ($hidden) {
1166                                 $checked = "checked";
1167                         } else {
1168                                 $checked = "";
1169                         }
1170
1171                         print "<br><input type=\"checkbox\" id=\"hidden\" name=\"hidden\"
1172                                 $checked><label for=\"hidden\">Hide from my feed list</label>";
1173
1174                         $include_in_digest = sql_bool_to_bool(db_fetch_result($result, 0, "include_in_digest"));
1175
1176                         if ($include_in_digest) {
1177                                 $checked = "checked";
1178                         } else {
1179                                 $checked = "";
1180                         }
1181
1182                         print "<br><input type=\"checkbox\" id=\"include_in_digest\"
1183                                 name=\"include_in_digest\"
1184                                 $checked><label for=\"include_in_digest\">Include in e-mail digest</label>";
1185
1186                         print "</td></tr>";
1187
1188                         print "</table>";
1189
1190                         print "</form>";
1191
1192                         print "<div align='right'>
1193                                 <input type=\"submit\" class=\"button\"
1194                                 onclick=\"return feedEditSave()\" value=\"Save\">
1195                                 <input type='submit' class='button'
1196                                 onclick=\"return feedEditCancel()\" value=\"Cancel\"></div>";
1197
1198                         print "</div>";
1199
1200                         return;
1201                 }
1202
1203                 if ($subop == "editSave") {
1204
1205                         $feed_title = db_escape_string(trim($_POST["title"]));
1206                         $feed_link = db_escape_string(trim($_POST["feed_url"]));
1207                         $upd_intl = db_escape_string($_POST["update_interval"]);
1208                         $purge_intl = db_escape_string($_POST["purge_interval"]);
1209                         $feed_id = db_escape_string($_POST["id"]);
1210                         $cat_id = db_escape_string($_POST["cat_id"]);
1211                         $auth_login = db_escape_string(trim($_POST["auth_login"]));
1212                         $auth_pass = db_escape_string(trim($_POST["auth_pass"]));
1213                         $parent_feed = db_escape_string($_POST["parent_feed"]);
1214                         $private = checkbox_to_sql_bool(db_escape_string($_POST["private"]));
1215                         $rtl_content = checkbox_to_sql_bool(db_escape_string($_POST["rtl_content"]));
1216                         $hidden = checkbox_to_sql_bool(db_escape_string($_POST["hidden"]));
1217                         $include_in_digest = checkbox_to_sql_bool(
1218                                 db_escape_string($_POST["include_in_digest"]));
1219
1220                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
1221                                 if ($cat_id && $cat_id != 0) {
1222                                         $category_qpart = "cat_id = '$cat_id',";
1223                                         $category_qpart_nocomma = "cat_id = '$cat_id'";
1224                                 } else {
1225                                         $category_qpart = 'cat_id = NULL,';
1226                                         $category_qpart_nocomma = 'cat_id = NULL';
1227                                 }
1228                         } else {
1229                                 $category_qpart = "";
1230                                 $category_qpart_nocomma = "";
1231                         }
1232
1233                         if ($parent_feed && $parent_feed != 0) {
1234                                 $parent_qpart = "parent_feed = '$parent_feed'";
1235                         } else {
1236                                 $parent_qpart = 'parent_feed = NULL';
1237                         }
1238
1239                         $result = db_query($link, "UPDATE ttrss_feeds SET
1240                                 $category_qpart $parent_qpart,
1241                                 title = '$feed_title', feed_url = '$feed_link',
1242                                 update_interval = '$upd_intl',
1243                                 purge_interval = '$purge_intl',
1244                                 auth_login = '$auth_login',
1245                                 auth_pass = '$auth_pass',
1246                                 private = $private,
1247                                 rtl_content = $rtl_content,
1248                                 hidden = $hidden,
1249                                 include_in_digest = $include_in_digest
1250                                 WHERE id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]);
1251
1252                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
1253                                 # update linked feed categories
1254                                 $result = db_query($link, "UPDATE ttrss_feeds SET
1255                                         $category_qpart_nocomma WHERE parent_feed = '$feed_id' AND
1256                                         owner_uid = " . $_SESSION["uid"]);
1257                         }
1258                 }
1259
1260                 if ($subop == "saveCat") {
1261                         $cat_title = db_escape_string(trim($_GET["title"]));
1262                         $cat_id = db_escape_string($_GET["id"]);
1263
1264                         $result = db_query($link, "UPDATE ttrss_feed_categories SET
1265                                 title = '$cat_title' WHERE id = '$cat_id' AND owner_uid = ".$_SESSION["uid"]);
1266
1267                 }
1268
1269                 if ($subop == "remove") {
1270
1271                         if (!WEB_DEMO_MODE) {
1272
1273                                 $ids = split(",", db_escape_string($_GET["ids"]));
1274
1275                                 foreach ($ids as $id) {
1276
1277                                         if ($id > 0) {
1278
1279                                                 db_query($link, "DELETE FROM ttrss_feeds
1280                                                         WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
1281
1282                                                 $icons_dir = ICONS_DIR;
1283
1284                                                 if (file_exists($icons_dir . "/$id.ico")) {
1285                                                         unlink($icons_dir . "/$id.ico");
1286                                                 }
1287                                         } else if ($id < -10) {
1288
1289                                                 $label_id = -$id - 11;
1290
1291                                                 db_query($link, "DELETE FROM ttrss_labels
1292                                                         WHERE   id = '$label_id' AND owner_uid = " . $_SESSION["uid"]);
1293                                         }
1294                                 }
1295                         }
1296                 }
1297
1298                 if ($subop == "add") {
1299
1300                         if (!WEB_DEMO_MODE) {
1301
1302                                 $feed_url = db_escape_string(trim($_GET["feed_url"]));
1303                                 $cat_id = db_escape_string($_GET["cat_id"]);
1304
1305                                 if (subscribe_to_feed($link, $feed_url, $cat_id)) {
1306                                         print "Added feed.";
1307                                 } else {
1308                                         print "<div class=\"warning\">
1309                                                 Feed <b>$feed_url</b> already exists in the database.
1310                                         </div>";
1311                                 }
1312                         }
1313                 }
1314
1315                 if ($subop == "addCat") {
1316
1317                         if (!WEB_DEMO_MODE) {
1318
1319                                 $feed_cat = db_escape_string(trim($_GET["cat"]));
1320
1321                                 $result = db_query($link,
1322                                         "SELECT id FROM ttrss_feed_categories
1323                                         WHERE title = '$feed_cat' AND owner_uid = ".$_SESSION["uid"]);
1324
1325                                 if (db_num_rows($result) == 0) {
1326
1327                                         $result = db_query($link,
1328                                                 "INSERT INTO ttrss_feed_categories (owner_uid,title)
1329                                                 VALUES ('".$_SESSION["uid"]."', '$feed_cat')");
1330
1331                                 } else {
1332
1333                                         print "<div class=\"warning\">
1334                                                 Category <b>$feed_cat</b> already exists in the database.
1335                                         </div>";
1336                                 }
1337
1338
1339                         }
1340                 }
1341
1342                 if ($subop == "removeCats") {
1343
1344                         if (!WEB_DEMO_MODE) {
1345
1346                                 $ids = split(",", db_escape_string($_GET["ids"]));
1347
1348                                 foreach ($ids as $id) {
1349
1350                                         db_query($link, "BEGIN");
1351
1352                                         $result = db_query($link,
1353                                                 "SELECT count(id) as num_feeds FROM ttrss_feeds
1354                                                         WHERE cat_id = '$id'");
1355
1356                                         $num_feeds = db_fetch_result($result, 0, "num_feeds");
1357
1358                                         if ($num_feeds == 0) {
1359                                                 db_query($link, "DELETE FROM ttrss_feed_categories
1360                                                         WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
1361                                         } else {
1362
1363                                                 print "<div class=\"warning\">
1364                                                         Unable to delete non empty feed categories.</div>";
1365
1366                                         }
1367
1368                                         db_query($link, "COMMIT");
1369                                 }
1370                         }
1371                 }
1372
1373                 if ($subop == "categorize") {
1374
1375                         if (!WEB_DEMO_MODE) {
1376
1377                                 $ids = split(",", db_escape_string($_GET["ids"]));
1378
1379                                 $cat_id = db_escape_string($_GET["cat_id"]);
1380
1381                                 if ($cat_id == 0) {
1382                                         $cat_id_qpart = 'NULL';
1383                                 } else {
1384                                         $cat_id_qpart = "'$cat_id'";
1385                                 }
1386
1387                                 db_query($link, "BEGIN");
1388
1389                                 foreach ($ids as $id) {
1390
1391                                         db_query($link, "UPDATE ttrss_feeds SET cat_id = $cat_id_qpart
1392                                                 WHERE id = '$id' AND parent_feed IS NULL
1393                                                 AND owner_uid = " . $_SESSION["uid"]);
1394
1395                                         # update linked feed categories
1396                                         db_query($link, "UPDATE ttrss_feeds SET
1397                                                 cat_id = $cat_id_qpart WHERE parent_feed = '$id' AND
1398                                                 owner_uid = " . $_SESSION["uid"]);
1399
1400                                 }
1401
1402                                 db_query($link, "COMMIT");
1403                         }
1404
1405                 }
1406
1407                 if ($quiet) return;
1408
1409 //              print "<h3>Edit Feeds</h3>";
1410
1411                 $result = db_query($link, "SELECT id,title,feed_url,last_error
1412                         FROM ttrss_feeds WHERE last_error != '' AND owner_uid = ".$_SESSION["uid"]);
1413
1414                 if (db_num_rows($result) > 0) {
1415
1416                         print "<div class=\"warning\">";
1417
1418 //                      print"<img class=\"closeButton\"
1419 //                              onclick=\"javascript:hideParentElement(this);\" src=\"images/close.png\">";
1420
1421                         print "<a href=\"javascript:showBlockElement('feedUpdateErrors')\">
1422                                 <b>Some feeds have update errors (click for details)</b></a>";
1423
1424                         print "<ul id=\"feedUpdateErrors\" class=\"nomarks\">";
1425
1426                         while ($line = db_fetch_assoc($result)) {
1427                                 print "<li>" . $line["title"] . " (" . $line["feed_url"] . "): " .
1428                                         $line["last_error"];
1429                         }
1430
1431                         print "</ul>";
1432                         print "</div>";
1433
1434                 }
1435
1436                 $feed_search = db_escape_string($_GET["search"]);
1437
1438                 if (array_key_exists("search", $_GET)) {
1439                         $_SESSION["prefs_feed_search"] = $feed_search;
1440                 } else {
1441                         $feed_search = $_SESSION["prefs_feed_search"];
1442                 }
1443
1444                 print "<table width='100%' class=\"prefGenericAddBox\"
1445                         cellspacing='0' cellpadding='0'><tr>
1446                         <td>
1447                                 <input id=\"fadd_link\"
1448                                         onkeyup=\"toggleSubmitNotEmpty(this, 'fadd_submit_btn')\"
1449                                         size=\"40\">
1450                                 <input type=\"submit\" class=\"button\"
1451                                         disabled=\"true\" id=\"fadd_submit_btn\"
1452                                         onclick=\"addFeed()\" value=\"Subscribe\">";
1453
1454                 if (ENABLE_FEED_BROWSER && !SINGLE_USER_MODE) {
1455                         print " <input type=\"submit\" class=\"button\"
1456                                 onclick=\"javascript:browseFeeds()\" value=\"Top 25\">";
1457                 }
1458
1459                 print "</td><td align='right'>
1460                                 <input id=\"feed_search\" size=\"20\"
1461                                         onchange=\"javascript:updateFeedList()\" value=\"$feed_search\">
1462                                 <input type=\"submit\" class=\"button\"
1463                                 onclick=\"javascript:updateFeedList()\" value=\"Search\">
1464                         </td>
1465                         </tr></table>";
1466
1467                 $feeds_sort = db_escape_string($_GET["sort"]);
1468
1469                 if (!$feeds_sort || $feeds_sort == "undefined") {
1470                         $feeds_sort = $_SESSION["pref_sort_feeds"];
1471                         if (!$feeds_sort) $feeds_sort = "title";
1472                 }
1473
1474                 $_SESSION["pref_sort_feeds"] = $feeds_sort;
1475
1476                 if ($feed_search) {
1477                         $search_qpart = "(UPPER(F1.title) LIKE UPPER('%$feed_search%') OR
1478                                 UPPER(F1.feed_url) LIKE UPPER('%$feed_search%')) AND";
1479                 } else {
1480                         $search_qpart = "";
1481                 }
1482
1483                 if (get_pref($link, 'ENABLE_FEED_CATS')) {
1484                         $order_by_qpart = "category,$feeds_sort,title";
1485                 } else {
1486                         $order_by_qpart = "$feeds_sort,title";
1487                 }
1488
1489                 $result = db_query($link, "SELECT
1490                                 F1.id,
1491                                 F1.title,
1492                                 F1.feed_url,
1493                                 substring(F1.last_updated,1,16) AS last_updated,
1494                                 F1.parent_feed,
1495                                 F1.update_interval,
1496                                 F1.purge_interval,
1497                                 F1.cat_id,
1498                                 F2.title AS parent_title,
1499                                 C1.title AS category,
1500                                 F1.hidden,
1501                                 F1.include_in_digest
1502                         FROM
1503                                 ttrss_feeds AS F1
1504                                 LEFT JOIN ttrss_feeds AS F2
1505                                         ON (F1.parent_feed = F2.id)
1506                                 LEFT JOIN ttrss_feed_categories AS C1
1507                                         ON (F1.cat_id = C1.id)
1508                         WHERE
1509                                 $search_qpart F1.owner_uid = '".$_SESSION["uid"]."'
1510                         ORDER by $order_by_qpart");
1511
1512                 if (db_num_rows($result) != 0) {
1513
1514 //                      print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
1515
1516                         print "<p><table width=\"100%\" cellspacing=\"0\"
1517                                 class=\"prefFeedList\" id=\"prefFeedList\">";
1518                         print "<tr><td class=\"selectPrompt\" colspan=\"8\">
1519                                 Select:
1520                                         <a href=\"javascript:selectPrefRows('feed', true)\">All</a>,
1521                                         <a href=\"javascript:selectPrefRows('feed', false)\">None</a>
1522                                 </td</tr>";
1523
1524                         if (!get_pref($link, 'ENABLE_FEED_CATS')) {
1525                                 print "<tr class=\"title\">
1526                                         <td width='5%' align='center'>&nbsp;</td>";
1527
1528                                 if (get_pref($link, 'ENABLE_FEED_ICONS')) {
1529                                         print "<td width='3%'>&nbsp;</td>";
1530                                 }
1531
1532                                 print "
1533                                         <td width='40%'><a href=\"javascript:updateFeedList('title')\">Title</a></td>
1534                                         <td width='45%'><a href=\"javascript:updateFeedList('feed_url')\">Feed</a></td>
1535                                         <td width='15%' align='right'><a href=\"javascript:updateFeedList('last_updated')\">Updated</a></td>";
1536                         }
1537
1538                         $lnum = 0;
1539
1540                         $cur_cat_id = -1;
1541
1542                         while ($line = db_fetch_assoc($result)) {
1543
1544                                 $feed_id = $line["id"];
1545                                 $cat_id = $line["cat_id"];
1546
1547                                 $edit_title = htmlspecialchars(db_unescape_string($line["title"]));
1548                                 $edit_link = htmlspecialchars(db_unescape_string($line["feed_url"]));
1549                                 $edit_cat = htmlspecialchars(db_unescape_string($line["category"]));
1550
1551                                 $hidden = sql_bool_to_bool($line["hidden"]);
1552
1553                                 if (!$edit_cat) $edit_cat = "Uncategorized";
1554
1555                                 $last_updated = $line["last_updated"];
1556
1557                                 if (get_pref($link, 'HEADLINES_SMART_DATE')) {
1558                                         $last_updated = smart_date_time(strtotime($last_updated));
1559                                 } else {
1560                                         $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
1561                                         $last_updated = date($short_date, strtotime($last_updated));
1562                                 }
1563
1564                                 if (get_pref($link, 'ENABLE_FEED_CATS') && $cur_cat_id != $cat_id) {
1565                                         $lnum = 0;
1566
1567                                         print "<tr><td colspan=\"6\" class=\"feedEditCat\">$edit_cat</td></tr>";
1568
1569                                         print "<tr class=\"title\">
1570                                                 <td width='5%'>&nbsp;</td>";
1571
1572                                         if (get_pref($link, 'ENABLE_FEED_ICONS')) {
1573                                                 print "<td width='3%'>&nbsp;</td>";
1574                                         }
1575
1576                                         print "<td width='40%'><a href=\"javascript:updateFeedList('title')\">Title</a></td>
1577                                                 <td width='45%'><a href=\"javascript:updateFeedList('feed_url')\">Feed</a></td>
1578                                                 <td width='15%' align='right'><a href=\"javascript:updateFeedList('last_updated')\">Updated</a></td>";
1579
1580                                         $cur_cat_id = $cat_id;
1581                                 }
1582
1583                                 $class = ($lnum % 2) ? "even" : "odd";
1584                                 $this_row_id = "id=\"FEEDR-$feed_id\"";
1585
1586                                 print "<tr class=\"$class\" $this_row_id>";
1587
1588                                 $icon_file = ICONS_DIR . "/$feed_id.ico";
1589
1590                                 if (file_exists($icon_file) && filesize($icon_file) > 0) {
1591                                                 $feed_icon = "<img class=\"tinyFeedIcon\"       src=\"" . ICONS_URL . "/$feed_id.ico\">";
1592                                 } else {
1593                                         $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
1594                                 }
1595
1596                                 print "<td class='feedSelect'><input onclick='toggleSelectPrefRow(this, \"feed\");'
1597                                 type=\"checkbox\" id=\"FRCHK-".$line["id"]."\"></td>";
1598
1599                                 if (get_pref($link, 'ENABLE_FEED_ICONS')) {
1600                                         print "<td class='feedIcon'>$feed_icon</td>";
1601                                 }
1602
1603                                 $edit_title = truncate_string($edit_title, 40);
1604                                 $edit_link = truncate_string($edit_link, 60);
1605
1606                                 if ($hidden) {
1607                                         $edit_title = "<span class=\"insensitive\">$edit_title (Hidden)</span>";
1608                                         $edit_link = "<span class=\"insensitive\">$edit_link</span>";
1609                                         $last_updated = "<span class=\"insensitive\">$last_updated</span>";
1610                                 }
1611
1612                                 $parent_title = $line["parent_title"];
1613                                 if ($parent_title) {
1614                                         $parent_title = "<span class='groupPrompt'>(linked to
1615                                                 $parent_title)</span>";
1616                                 }
1617
1618                                 print "<td><a href=\"javascript:editFeed($feed_id);\">" .
1619                                         "$edit_title $parent_title" . "</a></td>";
1620
1621                                 print "<td><a href=\"javascript:editFeed($feed_id);\">" .
1622                                         $edit_link . "</a></td>";
1623
1624                                 print "<td align='right'><a href=\"javascript:editFeed($feed_id);\">" .
1625                                         "$last_updated</a></td>";
1626
1627                                 print "</tr>";
1628
1629                                 ++$lnum;
1630                         }
1631
1632                         print "</table>";
1633
1634                         print "<p><span id=\"feedOpToolbar\">";
1635
1636                         if ($subop == "edit") {
1637                                 print "Edit feed:&nbsp;
1638                                         <input type=\"submit\" class=\"button\"
1639                                                 onclick=\"javascript:feedEditCancel()\" value=\"Cancel\">
1640                                         <input type=\"submit\" class=\"button\"
1641                                                 onclick=\"javascript:feedEditSave()\" value=\"Save\">";
1642                         } else {
1643
1644                                 print "
1645                                         Selection:&nbsp;
1646                                 <input type=\"submit\" class=\"button\" disabled=\"true\"
1647                                         onclick=\"javascript:editSelectedFeed()\" value=\"Edit\">
1648                                 <input type=\"submit\" class=\"button\" disabled=\"true\"
1649                                         onclick=\"javascript:removeSelectedFeeds()\" value=\"Unsubscribe\">";
1650
1651                                 if (get_pref($link, 'ENABLE_FEED_CATS')) {
1652
1653                                         print "&nbsp;|&nbsp;";
1654
1655                                         print_feed_cat_select($link, "sfeed_set_fcat", "", "disabled");
1656
1657                                         print " <input type=\"submit\" class=\"button\" disabled=\"true\"
1658                                         onclick=\"javascript:categorizeSelectedFeeds()\" value=\"Recategorize\">";
1659
1660                                 }
1661
1662                                 print "</span>
1663                                         &nbsp;All feeds: <input type=\"submit\"
1664                                                         class=\"button\" onclick=\"gotoExportOpml()\"
1665                                                         value=\"Export OPML\">";
1666                                 }
1667                 } else {
1668
1669                         print "<p>No feeds defined.</p>";
1670
1671                 }
1672
1673                 if (get_pref($link, 'ENABLE_FEED_CATS')) {
1674
1675                         print "<h3>Edit Categories</h3>";
1676
1677                         print "<div class=\"prefGenericAddBox\">
1678                                 <input id=\"fadd_cat\"
1679                                         onkeyup=\"toggleSubmitNotEmpty(this, 'catadd_submit_btn')\"
1680                                         size=\"40\">&nbsp;
1681                                 <input
1682                                         type=\"submit\" class=\"button\" disabled=\"true\" id=\"catadd_submit_btn\"
1683                                         onclick=\"javascript:addFeedCat()\" value=\"Create category\"></div>";
1684
1685                         $result = db_query($link, "SELECT title,id FROM ttrss_feed_categories
1686                                 WHERE owner_uid = ".$_SESSION["uid"]."
1687                                 ORDER BY title");
1688
1689                         if (db_num_rows($result) != 0) {
1690
1691                                 print "<form id=\"feed_cat_edit_form\">";
1692
1693                                 print "<p><table width=\"100%\" class=\"prefFeedCatList\"
1694                                         cellspacing=\"0\" id=\"prefFeedCatList\">";
1695
1696                                 print "<tr><td class=\"selectPrompt\" colspan=\"8\">
1697                                 Select:
1698                                         <a href=\"javascript:selectPrefRows('fcat', true)\">All</a>,
1699                                         <a href=\"javascript:selectPrefRows('fcat', false)\">None</a>
1700                                 </td</tr>";
1701
1702                                 print "<tr class=\"title\">
1703                                                         <td width=\"5%\">&nbsp;</td><td width=\"80%\">Title</td>
1704                                                 </tr>";
1705
1706                                 $lnum = 0;
1707
1708                                 while ($line = db_fetch_assoc($result)) {
1709
1710                                         $class = ($lnum % 2) ? "even" : "odd";
1711
1712                                         $cat_id = $line["id"];
1713
1714                                         $edit_cat_id = $_GET["id"];
1715
1716                                         if ($subop == "editCat" && $cat_id != $edit_cat_id) {
1717                                                         $class .= "Grayed";
1718                                                         $this_row_id = "";
1719                                         } else {
1720                                                 $this_row_id = "id=\"FCATR-$cat_id\"";
1721                                         }
1722
1723                                         print "<tr class=\"$class\" $this_row_id>";
1724
1725                                         $edit_title = htmlspecialchars(db_unescape_string($line["title"]));
1726
1727                                         if (!$edit_cat_id || $subop != "editCat") {
1728
1729                                                 print "<td align='center'><input onclick='toggleSelectPrefRow(this, \"fcat\");'
1730                                                         type=\"checkbox\" id=\"FCCHK-".$line["id"]."\"></td>";
1731
1732                                                 print "<td><a href=\"javascript:editFeedCat($cat_id);\">" .
1733                                                         $edit_title . "</a></td>";
1734
1735                                         } else if ($cat_id != $edit_cat_id) {
1736
1737                                                 print "<td align='center'><input disabled=\"true\" type=\"checkbox\"
1738                                                         id=\"FRCHK-".$line["id"]."\"></td>";
1739
1740                                                 print "<td>$edit_title</td>";
1741
1742                                         } else {
1743
1744                                                 print "<td align='center'><input disabled=\"true\" type=\"checkbox\" checked>";
1745
1746                                                 print "<input type=\"hidden\" name=\"id\" value=\"$cat_id\">";
1747                                                 print "<input type=\"hidden\" name=\"op\" value=\"pref-feeds\">";
1748                                                 print "<input type=\"hidden\" name=\"subop\" value=\"saveCat\">";
1749
1750                                                 print "</td>";
1751
1752                                                 print "<td><input onkeypress=\"return filterCR(event)\"
1753                                                         name=\"title\" class=\"iedit\" value=\"$edit_title\"></td>";
1754
1755                                         }
1756
1757                                         print "</tr>";
1758
1759                                         ++$lnum;
1760                                 }
1761
1762                                 print "</table>";
1763
1764                                 print "</form>";
1765
1766                                 print "<p id=\"catOpToolbar\">";
1767
1768                                 if ($subop == "editCat") {
1769                                         print "Edit category:&nbsp;
1770                                                 <input type=\"submit\" class=\"button\"
1771                                                         onclick=\"return feedCatEditSave()\" value=\"Save\">
1772                                                 <input type=\"submit\" class=\"button\"
1773                                                         onclick=\"return feedCatEditCancel()\" value=\"Cancel\">";
1774                                         } else {
1775
1776                                         print "
1777                                                 Selection:&nbsp;
1778                                         <input type=\"submit\" class=\"button\" disabled=\"true\"
1779                                                 onclick=\"return editSelectedFeedCat()\" value=\"Edit\">
1780                                         <input type=\"submit\" class=\"button\" disabled=\"true\"
1781                                                 onclick=\"return removeSelectedFeedCats()\" value=\"Remove\">";
1782
1783                                 }
1784
1785                         } else {
1786                                 print "<p>No feed categories defined.</p>";
1787                         }
1788                 }
1789
1790                 print "<h3>Import OPML</h3>
1791                 <form   enctype=\"multipart/form-data\" method=\"POST\" action=\"opml.php\">
1792                         File: <input id=\"opml_file\" name=\"opml_file\" type=\"file\">&nbsp;
1793                         <input class=\"button\" name=\"op\" onclick=\"return validateOpmlImport();\"
1794                                 type=\"submit\" value=\"Import\">
1795                         </form>";
1796
1797         }
1798
1799         if ($op == "pref-filters") {
1800
1801                 $subop = $_GET["subop"];
1802                 $quiet = $_GET["quiet"];
1803
1804                 if ($subop == "edit") {
1805
1806                         $filter_id = db_escape_string($_GET["id"]);
1807
1808                         $result = db_query($link,
1809                                 "SELECT * FROM ttrss_filters WHERE id = '$filter_id' AND owner_uid = " . $_SESSION["uid"]);
1810
1811                         $reg_exp = htmlspecialchars(db_unescape_string(db_fetch_result($result, 0, "reg_exp")));
1812                         $filter_type = db_fetch_result($result, 0, "filter_type");
1813                         $feed_id = db_fetch_result($result, 0, "feed_id");
1814                         $action_id = db_fetch_result($result, 0, "action_id");
1815
1816                         $enabled = sql_bool_to_bool(db_fetch_result($result, 0, "enabled"));
1817
1818                         print "<div id=\"infoBoxTitle\">Filter editor</div>";
1819                         print "<div class=\"infoBoxContents\">";
1820
1821                         print "<form id=\"filter_edit_form\">";
1822
1823                         print "<input type=\"hidden\" name=\"op\" value=\"pref-filters\">";
1824                         print "<input type=\"hidden\" name=\"id\" value=\"$filter_id\">";
1825                         print "<input type=\"hidden\" name=\"subop\" value=\"editSave\">";
1826
1827 //                      print "<div class=\"notice\"><b>Note:</b> filter will only apply to new articles.</div>";
1828
1829                         $result = db_query($link, "SELECT id,description
1830                                 FROM ttrss_filter_types ORDER BY description");
1831
1832                         $filter_types = array();
1833
1834                         while ($line = db_fetch_assoc($result)) {
1835                                 //array_push($filter_types, $line["description"]);
1836                                 $filter_types[$line["id"]] = $line["description"];
1837                         }
1838
1839                         print "<table width='100%'>";
1840
1841                         print "<tr><td>Match:</td>
1842                                 <td><input onkeypress=\"return filterCR(event)\"
1843                                          onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
1844                                         name=\"reg_exp\" class=\"iedit\" value=\"$reg_exp\">";
1845
1846                         print "</td><td>";
1847
1848                         print_select_hash("filter_type", $filter_type, $filter_types, "class=\"iedit\"");
1849
1850                         print "</td></tr>";
1851                         print "<tr><td>Feed:</td><td colspan='2'>";
1852
1853                         print_feed_select($link, "feed_id", $feed_id);
1854
1855                         print "</td></tr>";
1856
1857                         print "<tr><td>Action:</td>";
1858
1859                         print "<td colspan='2'><select name=\"action_id\">";
1860
1861                         $result = db_query($link, "SELECT id,description FROM ttrss_filter_actions
1862                                 ORDER BY name");
1863
1864                         while ($line = db_fetch_assoc($result)) {
1865                                 $is_sel = ($line["id"] == $action_id) ? "selected" : "";
1866                                 printf("<option value='%d' $is_sel>%s</option>", $line["id"], $line["description"]);
1867                         }
1868
1869                         print "</select>";
1870
1871                         print "</td></tr>";
1872
1873                         if ($enabled) {
1874                                 $checked = "checked";
1875                         } else {
1876                                 $checked = "";
1877                         }
1878
1879                         print "<tr><td>Options:</td><td>
1880                                         <input type=\"checkbox\" name=\"enabled\" id=\"enabled\" $checked>
1881                                         <label for=\"enabled\">Enabled</label>";
1882
1883                         print "</td></tr></table>";
1884
1885                         print "</form>";
1886
1887                         print "<div align='right'>";
1888
1889                         print "<input type=\"submit\"
1890                                 id=\"infobox_submit\"
1891                                 class=\"button\" onclick=\"return filterEditSave()\"
1892                                 value=\"Save\"> ";
1893
1894                         print "<input class=\"button\"
1895                                 type=\"submit\" onclick=\"return filterEditCancel()\"
1896                                 value=\"Cancel\">";
1897
1898                         print "</div>";
1899
1900                         return;
1901                 }
1902
1903
1904                 if ($subop == "editSave") {
1905
1906                         $reg_exp = db_escape_string(trim($_GET["reg_exp"]));
1907                         $filter_type = db_escape_string(trim($_GET["filter_type"]));
1908                         $filter_id = db_escape_string($_GET["id"]);
1909                         $feed_id = db_escape_string($_GET["feed_id"]);
1910                         $action_id = db_escape_string($_GET["action_id"]);
1911                         $enabled = checkbox_to_sql_bool(db_escape_string($_GET["enabled"]));
1912
1913                         if (!$feed_id) {
1914                                 $feed_id = 'NULL';
1915                         } else {
1916                                 $feed_id = sprintf("'%s'", db_escape_string($feed_id));
1917                         }
1918
1919                         $result = db_query($link, "UPDATE ttrss_filters SET
1920                                         reg_exp = '$reg_exp',
1921                                         feed_id = $feed_id,
1922                                         action_id = '$action_id',
1923                                         filter_type = '$filter_type',
1924                                         enabled = $enabled
1925                                 WHERE id = '$filter_id' AND owner_uid = " . $_SESSION["uid"]);
1926                 }
1927
1928                 if ($subop == "remove") {
1929
1930                         if (!WEB_DEMO_MODE) {
1931
1932                                 $ids = split(",", db_escape_string($_GET["ids"]));
1933
1934                                 foreach ($ids as $id) {
1935                                         db_query($link, "DELETE FROM ttrss_filters WHERE id = '$id' AND owner_uid = ". $_SESSION["uid"]);
1936
1937                                 }
1938                         }
1939                 }
1940
1941                 if ($subop == "add") {
1942
1943                         if (!WEB_DEMO_MODE) {
1944
1945                                 $regexp = db_escape_string(trim($_GET["reg_exp"]));
1946                                 $filter_type = db_escape_string(trim($_GET["filter_type"]));
1947                                 $feed_id = db_escape_string($_GET["feed_id"]);
1948                                 $action_id = db_escape_string($_GET["action_id"]);
1949
1950                                 if (!$feed_id) {
1951                                         $feed_id = 'NULL';
1952                                 } else {
1953                                         $feed_id = sprintf("'%s'", db_escape_string($feed_id));
1954                                 }
1955
1956                                 $result = db_query($link,
1957                                         "INSERT INTO ttrss_filters (reg_exp,filter_type,owner_uid,feed_id,
1958                                                 action_id)
1959                                         VALUES
1960                                                 ('$regexp', '$filter_type','".$_SESSION["uid"]."',
1961                                                         $feed_id, '$action_id')");
1962                         }
1963                 }
1964
1965                 if ($quiet) return;
1966
1967                 $sort = db_escape_string($_GET["sort"]);
1968
1969                 if (!$sort || $sort == "undefined") {
1970                         $sort = "reg_exp";
1971                 }
1972
1973 //              print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
1974
1975                 $result = db_query($link, "SELECT id,description
1976                         FROM ttrss_filter_types ORDER BY description");
1977
1978                 $filter_types = array();
1979
1980                 while ($line = db_fetch_assoc($result)) {
1981                         //array_push($filter_types, $line["description"]);
1982                         $filter_types[$line["id"]] = $line["description"];
1983                 }
1984
1985                 print "<input type=\"submit\"
1986                         class=\"button\"
1987                         onclick=\"return displayDlg('quickAddFilter', false)\"
1988                         id=\"create_filter_btn\"
1989                         value=\"Create filter\">";
1990
1991                 $result = db_query($link, "SELECT
1992                                 ttrss_filters.id AS id,reg_exp,
1993                                 ttrss_filter_types.name AS filter_type_name,
1994                                 ttrss_filter_types.description AS filter_type_descr,
1995                                 enabled,
1996                                 feed_id,
1997                                 ttrss_filter_actions.description AS action_description,
1998                                 ttrss_feeds.title AS feed_title
1999                         FROM
2000                                 ttrss_filter_types,ttrss_filter_actions,ttrss_filters LEFT JOIN
2001                                         ttrss_feeds ON (ttrss_filters.feed_id = ttrss_feeds.id)
2002                         WHERE
2003                                 filter_type = ttrss_filter_types.id AND
2004                                 ttrss_filter_actions.id = action_id AND
2005                                 ttrss_filters.owner_uid = ".$_SESSION["uid"]."
2006                         ORDER by $sort");
2007
2008                 if (db_num_rows($result) != 0) {
2009
2010                         print "<form id=\"filter_edit_form\">";
2011
2012                         print "<p><table width=\"100%\" cellspacing=\"0\" class=\"prefFilterList\"
2013                                 id=\"prefFilterList\">";
2014
2015                         print "<tr><td class=\"selectPrompt\" colspan=\"8\">
2016                                 Select:
2017                                         <a href=\"javascript:selectPrefRows('filter', true)\">All</a>,
2018                                         <a href=\"javascript:selectPrefRows('filter', false)\">None</a>
2019                                 </td</tr>";
2020
2021                         print "<tr class=\"title\">
2022                                                 <td align='center' width=\"5%\">&nbsp;</td>
2023                                                 <td width=\"20%\"><a href=\"javascript:updateFilterList('reg_exp')\">Filter expression</a></td>
2024                                                 <td width=\"20%\"><a href=\"javascript:updateFilterList('feed_title')\">Feed</a></td>
2025                                                 <td width=\"15%\"><a href=\"javascript:updateFilterList('filter_type')\">Match</a></td>
2026                                                 <td width=\"15%\"><a href=\"javascript:updateFilterList('action_description')\">Action</a></td>";
2027
2028                         $lnum = 0;
2029
2030                         while ($line = db_fetch_assoc($result)) {
2031
2032                                 $class = ($lnum % 2) ? "even" : "odd";
2033
2034                                 $filter_id = $line["id"];
2035                                 $edit_filter_id = $_GET["id"];
2036
2037                                 $enabled = sql_bool_to_bool($line["enabled"]);
2038
2039                                 if ($subop == "edit" && $filter_id != $edit_filter_id) {
2040                                         $class .= "Grayed";
2041                                         $this_row_id = "";
2042                                 } else {
2043                                         $this_row_id = "id=\"FILRR-$filter_id\"";
2044                                 }
2045
2046                                 print "<tr class=\"$class\" $this_row_id>";
2047
2048                                 $line["reg_exp"] = htmlspecialchars(db_unescape_string($line["reg_exp"]));
2049
2050                                 if (!$line["feed_title"]) $line["feed_title"] = "All feeds";
2051
2052                                 $line["feed_title"] = htmlspecialchars(db_unescape_string($line["feed_title"]));
2053
2054                                 print "<td align='center'><input onclick='toggleSelectPrefRow(this, \"filter\");'
2055                                         type=\"checkbox\" id=\"FICHK-".$line["id"]."\"></td>";
2056
2057                                 if (!$enabled) {
2058                                         $line["reg_exp"] = "<span class=\"insensitive\">" .
2059                                                 $line["reg_exp"] . " (Disabled)</span>";
2060                                         $line["feed_title"] = "<span class=\"insensitive\">" .
2061                                                 $line["feed_title"] . "</span>";
2062                                         $line["filter_type_descr"] = "<span class=\"insensitive\">" .
2063                                                 $line["filter_type_descr"] . "</span>";
2064                                         $line["action_description"] = "<span class=\"insensitive\">" .
2065                                                 $line["action_description"] . "</span>";
2066                                 }
2067
2068                                 print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2069                                         $line["reg_exp"] . "</td>";
2070
2071                                 print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2072                                         $line["feed_title"] . "</td>";
2073
2074                                 print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2075                                         $line["filter_type_descr"] . "</td>";
2076
2077                                 print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2078                                         $line["action_description"] . "</td>";
2079
2080                                 print "</tr>";
2081
2082                                 ++$lnum;
2083                         }
2084
2085                         if ($lnum == 0) {
2086                                 print "<tr><td colspan=\"4\" align=\"center\">No filters defined.</td></tr>";
2087                         }
2088
2089                         print "</table>";
2090
2091                         print "</form>";
2092
2093                         print "<p id=\"filterOpToolbar\">";
2094
2095                         print "
2096                                         Selection:
2097                                 <input type=\"submit\" class=\"button\" disabled=\"true\"
2098                                         onclick=\"return editSelectedFilter()\" value=\"Edit\">
2099                                 <input type=\"submit\" class=\"button\" disabled=\"true\"
2100                                         onclick=\"return removeSelectedFilters()\" value=\"Remove\">";
2101
2102                         print "</p>";
2103
2104                 } else {
2105
2106                         print "<p>No filters defined.</p>";
2107
2108                 }
2109         }
2110
2111         // We need to accept raw SQL data in label queries, so not everything is escaped
2112         // here, this is by design. If you don't like the whole idea, disable labels
2113         // altogether with GLOBAL_ENABLE_LABELS = false
2114
2115         if ($op == "pref-labels") {
2116
2117                 if (!GLOBAL_ENABLE_LABELS) {
2118
2119                         print "<p>Sorry, labels have been administratively disabled for this installation. Please contact instance owner or edit configuration file to enable this functionality.</p>";
2120                         return;
2121                 }
2122
2123                 $subop = $_GET["subop"];
2124
2125                 if ($subop == "edit") {
2126
2127                         $label_id = db_escape_string($_GET["id"]);
2128
2129                         $result = db_query($link, "SELECT sql_exp,description   FROM ttrss_labels WHERE
2130                                 owner_uid = ".$_SESSION["uid"]." AND id = '$label_id' ORDER by description");
2131
2132                         $line = db_fetch_assoc($result);
2133
2134                         $sql_exp = htmlspecialchars(db_unescape_string($line["sql_exp"]));
2135                         $description = htmlspecialchars(db_unescape_string($line["description"]));
2136
2137                         print "<div id=\"infoBoxTitle\">Label editor</div>";
2138                         print "<div class=\"infoBoxContents\">";
2139
2140                         print "<form id=\"label_edit_form\">";
2141
2142                         print "<input type=\"hidden\" name=\"op\" value=\"pref-labels\">";
2143                         print "<input type=\"hidden\" name=\"id\" value=\"$label_id\">";
2144                         print "<input type=\"hidden\" name=\"subop\" value=\"editSave\">";
2145
2146                         print "<table width='100%'>";
2147
2148                         print "<tr><td>Caption:</td>
2149                                 <td><input onkeypress=\"return filterCR(event)\"
2150                                          onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
2151                                          name=\"description\" class=\"iedit\" value=\"$description\">";
2152
2153                         print "</td></tr>";
2154
2155                         print "<tr><td colspan=\"2\">
2156                                 <p>SQL Expression:</p>";
2157
2158                         print "<textarea onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
2159                                          rows=\"4\" name=\"sql_exp\" class=\"iedit\">$sql_exp</textarea>";
2160
2161                         print "</td></tr></table>";
2162
2163                         print "</form>";
2164
2165                         print "<div style=\"display : none\" id=\"label_test_result\"></div>";
2166
2167                         print "<div align='right'>";
2168
2169                         $is_disabled = (strpos($_SERVER['HTTP_USER_AGENT'], 'Opera') !== FALSE) ? "disabled" : "";
2170
2171                         print "<input $is_disabled type=\"submit\" onclick=\"return labelTest()\" value=\"Test\">
2172                                 ";
2173
2174                         print "<input type=\"submit\"
2175                                 id=\"infobox_submit\"
2176                                 class=\"button\" onclick=\"return labelEditSave()\"
2177                                 value=\"Save\"> ";
2178
2179                         print "<input class=\"button\"
2180                                 type=\"submit\" onclick=\"return labelEditCancel()\"
2181                                 value=\"Cancel\">";
2182
2183                         print "</div>";
2184
2185                         return;
2186                 }
2187
2188                 if ($subop == "test") {
2189
2190                         $expr = db_unescape_string(trim($_GET["expr"]));
2191                         $descr = db_unescape_string(trim($_GET["descr"]));
2192
2193                         print "<div>";
2194
2195                         error_reporting(0);
2196
2197
2198                         $result = db_query($link,
2199                                 "SELECT count(ttrss_entries.id) AS num_matches
2200                                         FROM ttrss_entries,ttrss_user_entries,ttrss_feeds
2201                                         WHERE ($expr) AND
2202                                                 ttrss_user_entries.ref_id = ttrss_entries.id AND
2203                                                 ttrss_user_entries.feed_id = ttrss_feeds.id AND
2204                                                 ttrss_user_entries.owner_uid = " . $_SESSION["uid"], false);
2205
2206                         error_reporting (DEFAULT_ERROR_LEVEL);
2207
2208                         if (!$result) {
2209                                 print "<p>" . db_last_error($link) . "</p>";
2210                                 print "</div>";
2211                                 return;
2212                         }
2213
2214                         $num_matches = db_fetch_result($result, 0, "num_matches");;
2215
2216                         if ($num_matches > 0) {
2217
2218                                 if ($num_matches > 10) {
2219                                         $showing_msg = ", showing first 10";
2220                                 }
2221
2222                                 print "<p>Query returned <b>$num_matches</b> matches$showing_msg:</p>";
2223
2224                                 $result = db_query($link,
2225                                         "SELECT ttrss_entries.title,
2226                                                 (SELECT title FROM ttrss_feeds WHERE id = feed_id) AS feed_title
2227                                         FROM ttrss_entries,ttrss_user_entries,ttrss_feeds
2228                                                         WHERE ($expr) AND
2229                                                         ttrss_user_entries.ref_id = ttrss_entries.id
2230                                                         AND ttrss_user_entries.feed_id = ttrss_feeds.id
2231                                                         AND ttrss_user_entries.owner_uid = " . $_SESSION["uid"] . "
2232                                                         ORDER BY date_entered DESC LIMIT 10", false);
2233
2234                                 print "<ul class=\"labelTestResults\">";
2235
2236                                 $row_class = "even";
2237
2238                                 while ($line = db_fetch_assoc($result)) {
2239                                         $row_class = toggleEvenOdd($row_class);
2240
2241                                         print "<li class=\"$row_class\">".$line["title"].
2242                                                 " <span class=\"insensitive\">(".$line["feed_title"].")</span></li>";
2243                                 }
2244                                 print "</ul>";
2245
2246                         } else {
2247                                 print "<p>Query didn't return any matches.</p>";
2248                         }
2249
2250                         print "</div>";
2251
2252                         return;
2253                 }
2254
2255                 if ($subop == "editSave") {
2256
2257                         $sql_exp = trim($_GET["sql_exp"]);
2258                         $descr = db_escape_string(trim($_GET["description"]));
2259                         $label_id = db_escape_string($_GET["id"]);
2260
2261                         $result = db_query($link, "UPDATE ttrss_labels SET
2262                                 sql_exp = '$sql_exp',
2263                                 description = '$descr'
2264                                 WHERE id = '$label_id'");
2265                 }
2266
2267                 if ($subop == "remove") {
2268
2269                         if (!WEB_DEMO_MODE) {
2270
2271                                 $ids = split(",", db_escape_string($_GET["ids"]));
2272
2273                                 foreach ($ids as $id) {
2274                                         db_query($link, "DELETE FROM ttrss_labels WHERE id = '$id'");
2275
2276                                 }
2277                         }
2278                 }
2279
2280                 if ($subop == "add") {
2281
2282                         if (!WEB_DEMO_MODE) {
2283
2284                                 // no escaping is done here on purpose
2285                                 $sql_exp = trim($_GET["sql_exp"]);
2286                                 $description = db_escape_string($_GET["description"]);
2287
2288                                 $result = db_query($link,
2289                                         "INSERT INTO ttrss_labels (sql_exp,description,owner_uid)
2290                                                 VALUES ('$sql_exp', '$description', '".$_SESSION["uid"]."')");
2291                         }
2292                 }
2293
2294                 $sort = db_escape_string($_GET["sort"]);
2295
2296                 if (!$sort || $sort == "undefined") {
2297                         $sort = "description";
2298                 }
2299
2300                 print "<div class=\"prefGenericAddBox\">";
2301
2302                 print"<input type=\"submit\" class=\"button\"
2303                         id=\"label_create_btn\"
2304                         onclick=\"return displayDlg('quickAddLabel', false)\"
2305                         value=\"Create label\"></div>";
2306
2307                 $result = db_query($link, "SELECT
2308                                 id,sql_exp,description
2309                         FROM
2310                                 ttrss_labels
2311                         WHERE
2312                                 owner_uid = ".$_SESSION["uid"]."
2313                         ORDER BY $sort");
2314
2315 //              print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
2316
2317                 if (db_num_rows($result) != 0) {
2318
2319                         print "<form id=\"label_edit_form\">";
2320
2321                         print "<p><table width=\"100%\" cellspacing=\"0\"
2322                                 class=\"prefLabelList\" id=\"prefLabelList\">";
2323
2324                         print "<tr><td class=\"selectPrompt\" colspan=\"8\">
2325                                 Select:
2326                                         <a href=\"javascript:selectPrefRows('label', true)\">All</a>,
2327                                         <a href=\"javascript:selectPrefRows('label', false)\">None</a>
2328                                 </td</tr>";
2329
2330                         print "<tr class=\"title\">
2331                                                 <td width=\"5%\">&nbsp;</td>
2332                                                 <td width=\"30%\"><a href=\"javascript:updateLabelList('description')\">Caption</a></td>
2333                                                 <td width=\"50%\"><a href=\"javascript:updateLabelList('sql_exp')\">SQL Expression</a>
2334                                                 <a class=\"helpLink\" href=\"javascript:displayHelpInfobox(1)\">(?)</a>
2335                                                 </td>
2336                                                 </tr>";
2337
2338                         $lnum = 0;
2339
2340                         while ($line = db_fetch_assoc($result)) {
2341
2342                                 $class = ($lnum % 2) ? "even" : "odd";
2343
2344                                 $label_id = $line["id"];
2345                                 $edit_label_id = $_GET["id"];
2346
2347                                 if ($subop == "edit" && $label_id != $edit_label_id) {
2348                                         $class .= "Grayed";
2349                                         $this_row_id = "";
2350                                 } else {
2351                                         $this_row_id = "id=\"LILRR-$label_id\"";
2352                                 }
2353
2354                                 print "<tr class=\"$class\" $this_row_id>";
2355
2356                                 $line["sql_exp"] = htmlspecialchars(db_unescape_string($line["sql_exp"]));
2357                                 $line["description"] = htmlspecialchars(
2358                                                 db_unescape_string($line["description"]));
2359
2360                                 if (!$line["description"]) $line["description"] = "[No caption]";
2361
2362                                 print "<td align='center'><input onclick='toggleSelectPrefRow(this, \"label\");'
2363                                         type=\"checkbox\" id=\"LICHK-".$line["id"]."\"></td>";
2364
2365                                 print "<td><a href=\"javascript:editLabel($label_id);\">" .
2366                                         $line["description"] . "</td>";
2367
2368                                 print "<td><a href=\"javascript:editLabel($label_id);\">" .
2369                                         $line["sql_exp"] . "</td>";
2370
2371                                 print "</tr>";
2372
2373                                 ++$lnum;
2374                         }
2375
2376                         if ($lnum == 0) {
2377                                 print "<tr><td colspan=\"4\" align=\"center\">No labels defined.</td></tr>";
2378                         }
2379
2380                         print "</table>";
2381
2382                         print "</form>";
2383
2384                         print "<p id=\"labelOpToolbar\">";
2385
2386                         print "
2387                                         Selection:
2388                                 <input type=\"submit\" class=\"button\" disabled=\"true\"
2389                                         onclick=\"javascript:editSelectedLabel()\" value=\"Edit\">
2390                                 <input type=\"submit\" class=\"button\" disabled=\"true\"
2391                                 onclick=\"javascript:removeSelectedLabels()\" value=\"Remove\">";
2392
2393                 } else {
2394                         print "<p>No labels defined.</p>";
2395                 }
2396         }
2397
2398         if ($op == "error") {
2399                 print "<div width=\"100%\" align='center'>";
2400                 $msg = $_GET["msg"];
2401                 print $msg;
2402                 print "</div>";
2403         }
2404
2405         if ($op == "help") {
2406                 if (!$_GET["noheaders"]) {
2407                         print "<html><head>
2408                                 <title>Tiny Tiny RSS : Help</title>
2409                                 <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">
2410                                 <script type=\"text/javascript\" src=\"prototype.js\"></script>
2411                                 <script type=\"text/javascript\" src=\"functions.js?$script_dt_add\"></script>
2412                                 <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
2413                                 </head><body>";
2414                 }
2415
2416                 $tid = sprintf("%d", $_GET["tid"]);
2417
2418                 print "<div id=\"infoBoxTitle\">Help</div>";
2419
2420                 print "<div class='infoBoxContents'>";
2421
2422                 if (file_exists("help/$tid.php")) {
2423                         include("help/$tid.php");
2424                 } else {
2425                         print "<p>Help topic not found.</p>";
2426                 }
2427
2428                 print "</div>";
2429
2430                 print "<div align='center'>
2431                         <input type='submit' class='button'
2432                         onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
2433
2434                 if (!$_GET["noheaders"]) {
2435                         print "</body></html>";
2436                 }
2437
2438         }
2439
2440         if ($op == "dlg") {
2441                 $id = $_GET["id"];
2442                 $param = $_GET["param"];
2443
2444                 if ($id == "quickAddFeed") {
2445
2446                         print "<div id=\"infoBoxTitle\">Subscribe to feed</div>";
2447                         print "<div class=\"infoBoxContents\">";
2448
2449                         print "<form id='feed_add_form'>";
2450
2451                         print "<input type=\"hidden\" name=\"op\" value=\"pref-feeds\">";
2452                         print "<input type=\"hidden\" name=\"quiet\" value=\"1\">";
2453                         print "<input type=\"hidden\" name=\"subop\" value=\"add\">";
2454
2455                         print "<table width='100%'>
2456                         <tr><td>Feed URL:</td><td>
2457                                 <input class=\"iedit\" onblur=\"javascript:enableHotkeys()\"
2458                                         onkeypress=\"return filterCR(event)\"
2459                                         onkeyup=\"toggleSubmitNotEmpty(this, 'fadd_submit_btn')\"
2460                                         onfocus=\"javascript:disableHotkeys()\" name=\"feed_url\"></td></tr>";
2461
2462                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
2463                                 print "<tr><td>Category:</td><td>";
2464                                 print_feed_cat_select($link, "cat_id");
2465                                 print "</td></tr>";
2466                         }
2467
2468                         print "</table>";
2469                         print "</form>";
2470
2471                         print "<div align='right'>
2472                                 <input class=\"button\"
2473                                         id=\"fadd_submit_btn\" disabled=\"true\"
2474                                         type=\"submit\" onclick=\"return qafAdd()\" value=\"Subscribe\">
2475                                 <input class=\"button\"
2476                                         type=\"submit\" onclick=\"return closeInfoBox()\"
2477                                         value=\"Cancel\"></div>";
2478                 }
2479
2480                 if ($id == "search") {
2481
2482                         print "<div id=\"infoBoxTitle\">Search</div>";
2483                         print "<div class=\"infoBoxContents\">";
2484
2485                         print "<form id='search_form'>";
2486
2487                         #$active_feed_id = db_escape_string($_GET["param"]);
2488
2489                         $params = split(":", db_escape_string($_GET["param"]));
2490
2491                         $active_feed_id = sprintf("%d", $params[0]);
2492                         $is_cat = $params[1] == "true";
2493
2494                         print "<table width='100%'><tr><td>Search:</td><td>";
2495
2496                         print "<input name=\"query\" class=\"iedit\"
2497                                 onkeypress=\"return filterCR(event)\"
2498                                 onkeyup=\"toggleSubmitNotEmpty(this, 'search_submit_btn')\"
2499                                 value=\"\">
2500                         </td></tr>";
2501
2502                         print "<tr><td>Where:</td><td>";
2503
2504                         print "<select name=\"search_mode\">
2505                                 <option value=\"all_feeds\">All feeds</option>";
2506
2507                         $feed_title = getFeedTitle($link, $active_feed_id);
2508
2509                         if (!$is_cat) {
2510                                 $feed_cat_title = getFeedCatTitle($link, $active_feed_id);
2511                         } else {
2512                                 $feed_cat_title = getCategoryTitle($link, $active_feed_id);
2513                         }
2514
2515                         if ($active_feed_id && !$is_cat) {
2516                                 print "<option selected value=\"this_feed\">This feed ($feed_title)</option>";
2517                         } else {
2518                                 print "<option disabled>This feed</option>";
2519                         }
2520
2521                         if ($is_cat) {
2522                                 $cat_preselected = "selected";
2523                         }
2524
2525                         if (get_pref($link, 'ENABLE_FEED_CATS') && ($active_feed_id > 0 || $is_cat)) {
2526                                 print "<option $cat_preselected value=\"this_cat\">This category ($feed_cat_title)</option>";
2527                         } else {
2528                                 print "<option disabled>This category</option>";
2529                         }
2530
2531                         print "</select></td></tr>";
2532
2533                         print "<tr><td>Match on:</td><td>";
2534
2535                         $search_fields = array(
2536                                 "title" => "Title",
2537                                 "content" => "Content",
2538                                 "both" => "Title or content");
2539
2540                         print_select_hash("match_on", 3, $search_fields);
2541
2542                         print "</td></tr></table>";
2543
2544                         print "</form>";
2545
2546                         print "<div align=\"right\">
2547                         <input type=\"submit\"
2548                                 class=\"button\" onclick=\"javascript:search()\"
2549                                 id=\"search_submit_btn\" disabled=\"true\"
2550                                 value=\"Search\">
2551                         <input class=\"button\"
2552                                 type=\"submit\" onclick=\"javascript:searchCancel()\"
2553                                 value=\"Cancel\"></div>";
2554
2555                         print "</div>";
2556
2557                 }
2558
2559                 if ($id == "quickAddLabel") {
2560                         print "<div id=\"infoBoxTitle\">Create label</div>";
2561                         print "<div class=\"infoBoxContents\">";
2562
2563                         print "<form id=\"label_edit_form\">";
2564
2565                         print "<input type=\"hidden\" name=\"op\" value=\"pref-labels\">";
2566                         print "<input type=\"hidden\" name=\"subop\" value=\"add\">";
2567
2568                         print "<table width='100%'>";
2569
2570                         print "<tr><td>Caption:</td>
2571                                 <td><input onkeypress=\"return filterCR(event)\"
2572                                          onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
2573                                          name=\"description\" class=\"iedit\">";
2574
2575                         print "</td></tr>";
2576
2577                         print "<tr><td colspan=\"2\">
2578                                 <p>SQL Expression:</p>";
2579
2580                         print "<textarea onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
2581                                          rows=\"4\" name=\"sql_exp\" class=\"iedit\"></textarea>";
2582
2583                         print "</td></tr></table>";
2584
2585                         print "</form>";
2586
2587                         print "<div style=\"display : none\" id=\"label_test_result\"></div>";
2588
2589                         print "<div align='right'>";
2590
2591                         print "<input type=\"submit\" onclick=\"labelTest()\" value=\"Test\">
2592                                 ";
2593
2594                         print "<input type=\"submit\"
2595                                 id=\"infobox_submit\"
2596                                 disabled=\"true\"
2597                                 class=\"button\" onclick=\"return addLabel()\"
2598                                 value=\"Create\"> ";
2599
2600                         print "<input class=\"button\"
2601                                 type=\"submit\" onclick=\"return labelEditCancel()\"
2602                                 value=\"Cancel\">";
2603                 }
2604
2605                 if ($id == "quickAddFilter") {
2606
2607                         $active_feed_id = db_escape_string($_GET["param"]);
2608
2609                         print "<div id=\"infoBoxTitle\">Create filter</div>";
2610                         print "<div class=\"infoBoxContents\">";
2611
2612                         print "<form id=\"filter_add_form\">";
2613
2614                         print "<input type=\"hidden\" name=\"op\" value=\"pref-filters\">";
2615                         print "<input type=\"hidden\" name=\"quiet\" value=\"1\">";
2616                         print "<input type=\"hidden\" name=\"subop\" value=\"add\">";
2617
2618 //                      print "<div class=\"notice\"><b>Note:</b> filter will only apply to new articles.</div>";
2619
2620                         $result = db_query($link, "SELECT id,description
2621                                 FROM ttrss_filter_types ORDER BY description");
2622
2623                         $filter_types = array();
2624
2625                         while ($line = db_fetch_assoc($result)) {
2626                                 //array_push($filter_types, $line["description"]);
2627                                 $filter_types[$line["id"]] = $line["description"];
2628                         }
2629
2630                         print "<table width='100%'>";
2631
2632                         print "<tr><td>Match:</td>
2633                                 <td><input onkeypress=\"return filterCR(event)\"
2634                                          onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
2635                                         name=\"reg_exp\" class=\"iedit\">";
2636                         print "</td><td>";
2637
2638                         print_select_hash("filter_type", 1, $filter_types, "class=\"iedit\"");
2639
2640                         print "</td></tr>";
2641                         print "<tr><td>Feed:</td><td colspan='2'>";
2642
2643                         print_feed_select($link, "feed_id", $active_feed_id);
2644
2645                         print "</td></tr>";
2646
2647                         print "<tr><td>Action:</td>";
2648
2649                         print "<td colspan='2'><select name=\"action_id\">";
2650
2651                         $result = db_query($link, "SELECT id,description FROM ttrss_filter_actions
2652                                 ORDER BY name");
2653
2654                         while ($line = db_fetch_assoc($result)) {
2655                                 printf("<option value='%d'>%s</option>", $line["id"], $line["description"]);
2656                         }
2657
2658                         print "</select>";
2659
2660                         print "</td></tr></table>";
2661
2662                         print "</form>";
2663
2664                         print "<div align='right'>";
2665
2666                         print "<input type=\"submit\"
2667                                 id=\"infobox_submit\"
2668                                 class=\"button\" onclick=\"return qaddFilter()\"
2669                                 disabled=\"true\" value=\"Create\"> ";
2670
2671                         print "<input class=\"button\"
2672                                 type=\"submit\" onclick=\"return closeInfoBox()\"
2673                                 value=\"Cancel\">";
2674
2675                         print "</div>";
2676
2677 //                      print "</td></tr></table>";
2678
2679                 }
2680
2681                 print "</div>";
2682
2683         }
2684
2685         // update feeds of all users, may be used anonymously
2686         if ($op == "globalUpdateFeeds") {
2687
2688                 $result = db_query($link, "SELECT id FROM ttrss_users");
2689
2690                 while ($line = db_fetch_assoc($result)) {
2691                         $user_id = $line["id"];
2692 //                      print "<!-- updating feeds of uid $user_id -->";
2693                         update_all_feeds($link, false, $user_id);
2694                 }
2695
2696                 print "<rpc-reply>
2697                         <message msg=\"All feeds updated\"/>
2698                 </rpc-reply>";
2699
2700         }
2701
2702         if ($op == "pref-prefs") {
2703
2704                 $subop = $_REQUEST["subop"];
2705
2706                 if ($subop == "Save configuration") {
2707
2708                         if (WEB_DEMO_MODE) {
2709                                 header("Location: prefs.php");
2710                                 return;
2711                         }
2712
2713                         $_SESSION["prefs_op_result"] = "save-config";
2714
2715                         $_SESSION["prefs_cache"] = false;
2716
2717                         foreach (array_keys($_POST) as $pref_name) {
2718
2719                                 $pref_name = db_escape_string($pref_name);
2720                                 $value = db_escape_string($_POST[$pref_name]);
2721
2722                                 $result = db_query($link, "SELECT type_name
2723                                         FROM ttrss_prefs,ttrss_prefs_types
2724                                         WHERE pref_name = '$pref_name' AND type_id = ttrss_prefs_types.id");
2725
2726                                 if (db_num_rows($result) > 0) {
2727
2728                                         $type_name = db_fetch_result($result, 0, "type_name");
2729
2730 //                                      print "$pref_name : $type_name : $value<br>";
2731
2732                                         if ($type_name == "bool") {
2733                                                 if ($value == "1") {
2734                                                         $value = "true";
2735                                                 } else {
2736                                                         $value = "false";
2737                                                 }
2738                                         } else if ($type_name == "integer") {
2739                                                 $value = sprintf("%d", $value);
2740                                         }
2741
2742 //                                      print "$pref_name : $type_name : $value<br>";
2743
2744                                         db_query($link, "UPDATE ttrss_user_prefs SET value = '$value'
2745                                                 WHERE pref_name = '$pref_name' AND owner_uid = ".$_SESSION["uid"]);
2746
2747                                 }
2748
2749                                 header("Location: prefs.php");
2750
2751                         }
2752
2753                 } else if ($subop == "getHelp") {
2754
2755                         $pref_name = db_escape_string($_GET["pn"]);
2756
2757                         $result = db_query($link, "SELECT help_text FROM ttrss_prefs
2758                                 WHERE pref_name = '$pref_name'");
2759
2760                         if (db_num_rows($result) > 0) {
2761                                 $help_text = db_fetch_result($result, 0, "help_text");
2762                                 print $help_text;
2763                         } else {
2764                                 print "Unknown option: $pref_name";
2765                         }
2766
2767                 } else if ($subop == "Change e-mail") {
2768
2769                         if (WEB_DEMO_MODE) {
2770                                 header("Location: prefs.php");
2771                                 return;
2772                         }
2773
2774                         $email = db_escape_string($_GET["email"]);
2775                         $active_uid = $_SESSION["uid"];
2776
2777                         if ($email) {
2778                                 db_query($link, "UPDATE ttrss_users SET email = '$email'
2779                                                 WHERE id = '$active_uid'");
2780                         }
2781
2782                         header("Location: prefs.php");
2783
2784                 } else if ($subop == "Change password") {
2785
2786                         if (WEB_DEMO_MODE) {
2787                                 header("Location: prefs.php");
2788                                 return;
2789                         }
2790
2791                         $old_pw = $_POST["OLD_PASSWORD"];
2792                         $new_pw = $_POST["OLD_PASSWORD"];
2793
2794                         $old_pw_hash = 'SHA1:' . sha1($_POST["OLD_PASSWORD"]);
2795                         $new_pw_hash = 'SHA1:' . sha1($_POST["NEW_PASSWORD"]);
2796
2797                         $active_uid = $_SESSION["uid"];
2798
2799                         if ($old_pw && $new_pw) {
2800
2801                                 $login = db_escape_string($_SERVER['PHP_AUTH_USER']);
2802
2803                                 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
2804                                         id = '$active_uid' AND (pwd_hash = '$old_pw' OR
2805                                                 pwd_hash = '$old_pw_hash')");
2806
2807                                 if (db_num_rows($result) == 1) {
2808                                         db_query($link, "UPDATE ttrss_users SET pwd_hash = '$new_pw_hash'
2809                                                 WHERE id = '$active_uid'");
2810
2811                                         $_SESSION["pwd_change_result"] = "ok";
2812                                 } else {
2813                                         $_SESSION["pwd_change_result"] = "failed";
2814                                 }
2815                         }
2816
2817                         header("Location: prefs.php");
2818
2819                 } else if ($subop == "Reset to defaults") {
2820
2821                         if (WEB_DEMO_MODE) {
2822                                 header("Location: prefs.php");
2823                                 return;
2824                         }
2825
2826                         $_SESSION["prefs_op_result"] = "reset-to-defaults";
2827
2828                         if (DB_TYPE == "pgsql") {
2829                                 db_query($link,"UPDATE ttrss_user_prefs
2830                                         SET value = ttrss_prefs.def_value
2831                                         WHERE owner_uid = '".$_SESSION["uid"]."' AND
2832                                         ttrss_prefs.pref_name = ttrss_user_prefs.pref_name");
2833                         } else {
2834                                 db_query($link, "DELETE FROM ttrss_user_prefs
2835                                         WHERE owner_uid = ".$_SESSION["uid"]);
2836                                 initialize_user_prefs($link, $_SESSION["uid"]);
2837                         }
2838
2839                         header("Location: prefs.php");
2840
2841                 } else if ($subop == "Change theme") {
2842
2843                         $theme = db_escape_string($_POST["theme"]);
2844
2845                         if ($theme == "Default") {
2846                                 $theme_qpart = 'NULL';
2847                         } else {
2848                                 $theme_qpart = "'$theme'";
2849                         }
2850
2851                         $result = db_query($link, "SELECT id,theme_path FROM ttrss_themes
2852                                 WHERE theme_name = '$theme'");
2853
2854                         if (db_num_rows($result) == 1) {
2855                                 $theme_id = db_fetch_result($result, 0, "id");
2856                                 $theme_path = db_fetch_result($result, 0, "theme_path");
2857                         } else {
2858                                 $theme_id = "NULL";
2859                                 $theme_path = "";
2860                         }
2861
2862                         db_query($link, "UPDATE ttrss_users SET
2863                                 theme_id = $theme_id WHERE id = " . $_SESSION["uid"]);
2864
2865                         $_SESSION["theme"] = $theme_path;
2866
2867                         header("Location: prefs.php");
2868
2869                 } else {
2870
2871                         print check_for_update($link);
2872
2873                         if (!SINGLE_USER_MODE) {
2874
2875                                 $result = db_query($link, "SELECT id,email FROM ttrss_users
2876                                         WHERE id = ".$_SESSION["uid"]." AND (pwd_hash = 'password' OR
2877                                                 pwd_hash = 'SHA1:".sha1("password")."')");
2878
2879                                 if (db_num_rows($result) != 0) {
2880                                         print "<div class=\"warning\">
2881                                                 Your password is at default value, please change it.
2882                                         </div>";
2883                                 }
2884
2885                                 if ($_SESSION["pwd_change_result"] == "failed") {
2886                                         print "<div class=\"warning\">
2887                                                         There was an error while changing your password.
2888                                                 </div>";
2889                                 }
2890
2891                                 if ($_SESSION["pwd_change_result"] == "ok") {
2892                                         print "<div class=\"notice\">
2893                                                         Password changed successfully.
2894                                                 </div>";
2895                                 }
2896
2897                                 $_SESSION["pwd_change_result"] = "";
2898
2899                                 if ($_SESSION["prefs_op_result"] == "reset-to-defaults") {
2900                                         print "<div class=\"notice\">
2901                                                         Your configuration was reset to defaults.
2902                                                 </div>";
2903                                 }
2904
2905                                 if ($_SESSION["prefs_op_result"] == "save-config") {
2906                                         print "<div class=\"notice\">
2907                                                         Your configuration was saved successfully.
2908                                                 </div>";
2909                                 }
2910
2911                                 $_SESSION["prefs_op_result"] = "";
2912
2913                                 print "<form action=\"backend.php\" method=\"GET\">";
2914
2915                                 print "<table width=\"100%\" class=\"prefPrefsList\">";
2916                                 print "<tr><td colspan='3'><h3>Personal data</h3></tr></td>";
2917
2918                                 $result = db_query($link, "SELECT email FROM ttrss_users
2919                                         WHERE id = ".$_SESSION["uid"]);
2920
2921                                 $email = db_fetch_result($result, 0, "email");
2922
2923                                 print "<tr><td width=\"40%\">E-mail</td>";
2924                                 print "<td><input class=\"editbox\" name=\"email\"
2925                                         value=\"$email\"></td></tr>";
2926
2927                                 print "</table>";
2928
2929                                 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
2930
2931                                 print "<p><input class=\"button\" type=\"submit\"
2932                                         value=\"Change e-mail\" name=\"subop\">";
2933
2934                                 print "</form>";
2935
2936                                 print "<form action=\"backend.php\" method=\"POST\" name=\"changePassForm\">";
2937
2938                                 print "<table width=\"100%\" class=\"prefPrefsList\">";
2939                                 print "<tr><td colspan='3'><h3>Authentication</h3></tr></td>";
2940
2941                                 print "<tr><td width=\"40%\">Old password</td>";
2942                                 print "<td><input class=\"editbox\" type=\"password\"
2943                                         name=\"OLD_PASSWORD\"></td></tr>";
2944
2945                                 print "<tr><td width=\"40%\">New password</td>";
2946
2947                                 print "<td><input class=\"editbox\" type=\"password\"
2948                                         name=\"NEW_PASSWORD\"></td></tr>";
2949
2950                                 print "</table>";
2951
2952                                 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
2953
2954                                 print "<p><input class=\"button\" type=\"submit\"
2955                                         onclick=\"return validateNewPassword(this.form)\"
2956                                         value=\"Change password\" name=\"subop\">";
2957
2958                                 print "</form>";
2959
2960                         }
2961
2962                         $result = db_query($link, "SELECT
2963                                 theme_id FROM ttrss_users WHERE id = " . $_SESSION["uid"]);
2964
2965                         $user_theme_id = db_fetch_result($result, 0, "theme_id");
2966
2967                         $result = db_query($link, "SELECT
2968                                 id,theme_name FROM ttrss_themes ORDER BY theme_name");
2969
2970                         if (db_num_rows($result) > 0) {
2971
2972                                 print "<form action=\"backend.php\" method=\"POST\">";
2973                                 print "<table width=\"100%\" class=\"prefPrefsList\">";
2974                                 print "<tr><td colspan='3'><h3>Themes</h3></tr></td>";
2975                                 print "<tr><td width=\"40%\">Select theme</td>";
2976                                 print "<td><select name=\"theme\">";
2977                                 print "<option>Default</option>";
2978                                 print "<option disabled>--------</option>";
2979
2980                                 while ($line = db_fetch_assoc($result)) {
2981                                         if ($line["id"] == $user_theme_id) {
2982                                                 $selected = "selected";
2983                                         } else {
2984                                                 $selected = "";
2985                                         }
2986                                         print "<option $selected>" . $line["theme_name"] . "</option>";
2987                                 }
2988                                 print "</select></td></tr>";
2989                                 print "</table>";
2990                                 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
2991                                 print "<p><input class=\"button\" type=\"submit\"
2992                                         value=\"Change theme\" name=\"subop\">";
2993                                 print "</form>";
2994                         }
2995
2996                         initialize_user_prefs($link, $_SESSION["uid"]);
2997
2998                         $result = db_query($link, "SELECT
2999                                 ttrss_user_prefs.pref_name,short_desc,help_text,value,type_name,
3000                                 section_name,def_value
3001                                 FROM ttrss_prefs,ttrss_prefs_types,ttrss_prefs_sections,ttrss_user_prefs
3002                                 WHERE type_id = ttrss_prefs_types.id AND
3003                                         section_id = ttrss_prefs_sections.id AND
3004                                         ttrss_user_prefs.pref_name = ttrss_prefs.pref_name AND
3005                                         owner_uid = ".$_SESSION["uid"]."
3006                                 ORDER BY section_id,short_desc");
3007
3008                         print "<form action=\"backend.php\" method=\"POST\">";
3009
3010                         $lnum = 0;
3011
3012                         $active_section = "";
3013
3014                         while ($line = db_fetch_assoc($result)) {
3015
3016                                 if ($active_section != $line["section_name"]) {
3017
3018                                         if ($active_section != "") {
3019                                                 print "</table>";
3020                                         }
3021
3022                                         print "<p><table width=\"100%\" class=\"prefPrefsList\">";
3023
3024                                         $active_section = $line["section_name"];
3025
3026                                         print "<tr><td colspan=\"3\"><h3>$active_section</h3></td></tr>";
3027 //                                      print "<tr class=\"title\">
3028 //                                              <td width=\"25%\">Option</td><td>Value</td></tr>";
3029
3030                                         $lnum = 0;
3031                                 }
3032
3033 //                              $class = ($lnum % 2) ? "even" : "odd";
3034
3035                                 print "<tr>";
3036
3037                                 $type_name = $line["type_name"];
3038                                 $pref_name = $line["pref_name"];
3039                                 $value = $line["value"];
3040                                 $def_value = $line["def_value"];
3041                                 $help_text = $line["help_text"];
3042
3043                                 print "<td width=\"40%\" id=\"$pref_name\">" . $line["short_desc"];
3044
3045                                 if ($help_text) print "<div class=\"prefHelp\">$help_text</div>";
3046
3047                                 print "</td>";
3048
3049                                 print "<td>";
3050
3051                                 if ($type_name == "bool") {
3052 //                                      print_select($pref_name, $value, array("true", "false"));
3053
3054                                         if ($value == "true") {
3055                                                 $value = "Yes";
3056                                         } else {
3057                                                 $value = "No";
3058                                         }
3059
3060                                         print_radio($pref_name, $value, array("Yes", "No"));
3061
3062                                 } else {
3063                                         print "<input class=\"editbox\" name=\"$pref_name\" value=\"$value\">";
3064                                 }
3065
3066                                 print "</td>";
3067
3068                                 print "</tr>";
3069
3070                                 $lnum++;
3071                         }
3072
3073                         print "</table>";
3074
3075                         print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
3076
3077                         print "<p><input class=\"button\" type=\"submit\"
3078                                 name=\"subop\" value=\"Save configuration\">";
3079
3080                         print "&nbsp;<input class=\"button\" type=\"submit\"
3081                                 name=\"subop\" onclick=\"return validatePrefsReset()\"
3082                                 value=\"Reset to defaults\"></p>";
3083
3084                         print "</form>";
3085
3086                 }
3087
3088         }
3089
3090         if ($op == "pref-users") {
3091
3092                 $subop = $_GET["subop"];
3093
3094                 if ($subop == "edit") {
3095
3096                         $id = db_escape_string($_GET["id"]);
3097
3098                         print "<div id=\"infoBoxTitle\">User editor</div>";
3099
3100                         print "<div class=\"infoBoxContents\">";
3101
3102                         print "<form id=\"user_edit_form\">";
3103
3104                         print "<input type=\"hidden\" name=\"id\" value=\"$id\">";
3105                         print "<input type=\"hidden\" name=\"op\" value=\"pref-users\">";
3106                         print "<input type=\"hidden\" name=\"subop\" value=\"editSave\">";
3107
3108                         $result = db_query($link, "SELECT * FROM ttrss_users WHERE id = '$id'");
3109
3110                         $login = db_fetch_result($result, 0, "login");
3111                         $access_level = db_fetch_result($result, 0, "access_level");
3112                         $email = db_fetch_result($result, 0, "email");
3113
3114                         print "<table width='100%'>";
3115                         print "<tr><td>Login:</td><td>
3116                                 <input class=\"iedit\" onkeypress=\"return filterCR(event)\"
3117                                 name=\"login\" value=\"$login\"></td></tr>";
3118
3119                         print "<tr><td>Change password:</td><td>
3120                                 <input class=\"iedit\" onkeypress=\"return filterCR(event)\"
3121                                 name=\"password\"></td></tr>";
3122
3123                         print "<tr><td>E-mail:</td><td>
3124                                 <input class=\"iedit\" name=\"email\" onkeypress=\"return filterCR(event)\"
3125                                 value=\"$email\"></td></tr>";
3126
3127                         $sel_disabled = ($id == $_SESSION["uid"]) ? "disabled" : "";
3128
3129                         print "<tr><td>Access level:</td><td>";
3130                         print_select_hash("access_level", $access_level, $access_level_names,
3131                                 $sel_disabled);
3132                         print "</td></tr>";
3133
3134                         print "</table>";
3135
3136                         print "</form>";
3137
3138                         print "<div align='right'>
3139                                 <input class=\"button\"
3140                                         type=\"submit\" onclick=\"return userEditSave()\"
3141                                         value=\"Save\">
3142                                 <input class=\"button\"
3143                                         type=\"submit\" onclick=\"return userEditCancel()\"
3144                                         value=\"Cancel\"></div>";
3145
3146                         print "</div>";
3147
3148                         return;
3149                 }
3150
3151                 if ($subop == "editSave") {
3152
3153                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3154
3155                                 $login = db_escape_string(trim($_GET["login"]));
3156                                 $uid = db_escape_string($_GET["id"]);
3157                                 $access_level = sprintf("%d", $_GET["access_level"]);
3158                                 $email = db_escape_string(trim($_GET["email"]));
3159                                 $password = db_escape_string(trim($_GET["password"]));
3160
3161                                 if ($password) {
3162                                         $pwd_hash = 'SHA1:' . sha1($password);
3163                                         $pass_query_part = "pwd_hash = '$pwd_hash', ";
3164                                         print "<div class='notice'>Changed password for user <b>$login</b>.</div>";
3165                                 } else {
3166                                         $pass_query_part = "";
3167                                 }
3168
3169                                 db_query($link, "UPDATE ttrss_users SET $pass_query_part login = '$login',
3170                                         access_level = '$access_level', email = '$email' WHERE id = '$uid'");
3171
3172                         }
3173                 } else if ($subop == "remove") {
3174
3175                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3176
3177                                 $ids = split(",", db_escape_string($_GET["ids"]));
3178
3179                                 foreach ($ids as $id) {
3180                                         db_query($link, "DELETE FROM ttrss_users WHERE id = '$id' AND id != " . $_SESSION["uid"]);
3181
3182                                 }
3183                         }
3184                 } else if ($subop == "add") {
3185
3186                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3187
3188                                 $login = db_escape_string(trim($_GET["login"]));
3189                                 $tmp_user_pwd = make_password(8);
3190                                 $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd);
3191
3192                                 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
3193                                         login = '$login'");
3194
3195                                 if (db_num_rows($result) == 0) {
3196
3197                                         db_query($link, "INSERT INTO ttrss_users
3198                                                 (login,pwd_hash,access_level,last_login)
3199                                                 VALUES ('$login', '$pwd_hash', 0, NOW())");
3200
3201
3202                                         $result = db_query($link, "SELECT id FROM ttrss_users WHERE
3203                                                 login = '$login' AND pwd_hash = '$pwd_hash'");
3204
3205                                         if (db_num_rows($result) == 1) {
3206
3207                                                 $new_uid = db_fetch_result($result, 0, "id");
3208
3209                                                 print "<div class=\"notice\">Added user <b>".$_GET["login"].
3210                                                         "</b> with password <b>$tmp_user_pwd</b>.</div>";
3211
3212                                                 initialize_user($link, $new_uid);
3213
3214                                         } else {
3215
3216                                                 print "<div class=\"warning\">Could not create user <b>".
3217                                                         $_GET["login"]."</b></div>";
3218
3219                                         }
3220                                 } else {
3221                                         print "<div class=\"warning\">User <b>".
3222                                                 $_GET["login"]."</b> already exists.</div>";
3223                                 }
3224                         }
3225                 } else if ($subop == "resetPass") {
3226
3227                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3228
3229                                 $uid = db_escape_string($_GET["id"]);
3230
3231                                 $result = db_query($link, "SELECT login,email
3232                                         FROM ttrss_users WHERE id = '$uid'");
3233
3234                                 $login = db_fetch_result($result, 0, "login");
3235                                 $email = db_fetch_result($result, 0, "email");
3236                                 $tmp_user_pwd = make_password(8);
3237                                 $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd);
3238
3239                                 db_query($link, "UPDATE ttrss_users SET pwd_hash = '$pwd_hash'
3240                                         WHERE id = '$uid'");
3241
3242                                 print "<div class=\"notice\">Changed password of
3243                                         user <b>$login</b> to <b>$tmp_user_pwd</b>.";
3244
3245                                 if (MAIL_RESET_PASS && $email) {
3246                                         print " Notifying <b>$email</b>.";
3247
3248                                         mail("$login <$email>", "Password reset notification",
3249                                                 "Hi, $login.\n".
3250                                                 "\n".
3251                                                 "Your password for this TT-RSS installation was reset by".
3252                                                         " an administrator.\n".
3253                                                 "\n".
3254                                                 "Your new password is $tmp_user_pwd, please remember".
3255                                                         " it for later reference.\n".
3256                                                 "\n".
3257                                                 "Sincerely, TT-RSS Mail Daemon.", "From: " . MAIL_FROM);
3258                                 }
3259
3260                                 print "</div>";
3261
3262                         }
3263                 }
3264
3265                 $sort = db_escape_string($_GET["sort"]);
3266
3267                 if (!$sort || $sort == "undefined") {
3268                         $sort = "login";
3269                 }
3270
3271                 print "<div class=\"prefGenericAddBox\">
3272                         <input id=\"uadd_box\"
3273                                 onkeyup=\"toggleSubmitNotEmpty(this, 'user_add_btn')\"
3274                                 size=\"40\">&nbsp;";
3275
3276                 print"<input type=\"submit\" class=\"button\"
3277                         id=\"user_add_btn\" disabled=\"true\"
3278                         onclick=\"javascript:addUser()\" value=\"Create user\"></div>";
3279
3280                 $result = db_query($link, "SELECT
3281                                 id,login,access_level,email,
3282                                 SUBSTRING(last_login,1,16) as last_login
3283                         FROM
3284                                 ttrss_users
3285                         ORDER BY $sort");
3286
3287 //              print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
3288
3289                 print "<p><table width=\"100%\" cellspacing=\"0\"
3290                         class=\"prefUserList\" id=\"prefUserList\">";
3291
3292                 print "<tr><td class=\"selectPrompt\" colspan=\"8\">
3293                                 Select:
3294                                         <a href=\"javascript:selectPrefRows('user', true)\">All</a>,
3295                                         <a href=\"javascript:selectPrefRows('user', false)\">None</a>
3296                                 </td</tr>";
3297
3298                 print "<tr class=\"title\">
3299                                         <td align='center' width=\"5%\">&nbsp;</td>
3300                                         <td width='40%'><a href=\"javascript:updateUsersList('login')\">Login</a></td>
3301                                         <td width='40%'><a href=\"javascript:updateUsersList('access_level')\">Access Level</a></td>
3302                                         <td width='30%'><a href=\"javascript:updateUsersList('last_login')\">Last login</a></td></tr>";
3303
3304                 $lnum = 0;
3305
3306                 while ($line = db_fetch_assoc($result)) {
3307
3308                         $class = ($lnum % 2) ? "even" : "odd";
3309
3310                         $uid = $line["id"];
3311                         $edit_uid = $_GET["id"];
3312
3313                         if ($subop == "edit" && $uid != $edit_uid) {
3314                                 $class .= "Grayed";
3315                                 $this_row_id = "";
3316                         } else {
3317                                 $this_row_id = "id=\"UMRR-$uid\"";
3318                         }
3319
3320                         print "<tr class=\"$class\" $this_row_id>";
3321
3322                         $line["login"] = htmlspecialchars($line["login"]);
3323
3324                         $line["last_login"] = date(get_pref($link, 'SHORT_DATE_FORMAT'),
3325                                 strtotime($line["last_login"]));
3326
3327                         $access_level_names = array(0 => "User", 10 => "Administrator");
3328
3329 //                      if (!$edit_uid || $subop != "edit") {
3330
3331                                 print "<td align='center'><input onclick='toggleSelectPrefRow(this, \"user\");'
3332                                 type=\"checkbox\" id=\"UMCHK-$uid\"></td>";
3333
3334                                 print "<td><a href=\"javascript:editUser($uid);\">" .
3335                                         $line["login"] . "</td>";
3336
3337                                 if (!$line["email"]) $line["email"] = "&nbsp;";
3338
3339                                 print "<td><a href=\"javascript:editUser($uid);\">" .
3340                                         $access_level_names[$line["access_level"]] . "</td>";
3341
3342 /*                      } else if ($uid != $edit_uid) {
3343
3344                                 if (!$line["email"]) $line["email"] = "&nbsp;";
3345
3346                                 print "<td align='center'><input disabled=\"true\" type=\"checkbox\"
3347                                         id=\"UMCHK-".$line["id"]."\"></td>";
3348
3349                                 print "<td>".$line["login"]."</td>";
3350                                 print "<td>".$line["email"]."</td>";
3351                                 print "<td>".$access_level_names[$line["access_level"]]."</td>";
3352
3353                         } else {
3354
3355                                 print "<td align='center'>
3356                                         <input disabled=\"true\" type=\"checkbox\" checked></td>";
3357
3358                                 print "<td><input id=\"iedit_ulogin\" value=\"".$line["login"].
3359                                         "\"></td>";
3360
3361                                 print "<td><input id=\"iedit_email\" value=\"".$line["email"].
3362                                         "\"></td>";
3363
3364                                 print "<td>";
3365                                 print "<select id=\"iedit_ulevel\">";
3366                                 foreach (array_keys($access_level_names) as $al) {
3367                                         if ($al == $line["access_level"]) {
3368                                                 $selected = "selected";
3369                                         } else {
3370                                                 $selected = "";
3371                                         }
3372                                         print "<option $selected id=\"$al\">" .
3373                                                 $access_level_names[$al] . "</option>";
3374                                 }
3375                                 print "</select>";
3376                                 print "</td>";
3377
3378                         } */
3379
3380                         print "<td>".$line["last_login"]."</td>";
3381
3382                         print "</tr>";
3383
3384                         ++$lnum;
3385                 }
3386
3387                 print "</table>";
3388
3389                 print "<p id='userOpToolbar'>";
3390
3391 /*              if ($subop == "edit") {
3392                         print "Edit user:
3393                                 <input type=\"submit\" class=\"button\"
3394                                         onclick=\"javascript:userEditSave()\" value=\"Save\">
3395                                 <input type=\"submit\" class=\"button\"
3396                                         onclick=\"javascript:userEditCancel()\" value=\"Cancel\">";
3397
3398                 } else { */
3399
3400                         print "
3401                                 Selection:
3402                         <input type=\"submit\" class=\"button\" disabled=\"true\"
3403                                 onclick=\"javascript:selectedUserDetails()\" value=\"User details\">
3404                         <input type=\"submit\" class=\"button\" disabled=\"true\"
3405                                 onclick=\"javascript:editSelectedUser()\" value=\"Edit\">
3406                         <input type=\"submit\" class=\"button\" disabled=\"true\"
3407                                 onclick=\"javascript:removeSelectedUsers()\" value=\"Remove\">
3408                         <input type=\"submit\" class=\"button\" disabled=\"true\"
3409                                 onclick=\"javascript:resetSelectedUserPass()\" value=\"Reset password\">";
3410
3411 //              }
3412         }
3413
3414         if ($op == "user-details") {
3415
3416                 if (WEB_DEMO_MODE || $_SESSION["access_level"] < 10) {
3417                         return;
3418                 }
3419
3420 /*              print "<html><head>
3421                         <title>Tiny Tiny RSS : User Details</title>
3422                         <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">
3423                         <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
3424                         </head><body>"; */
3425
3426                 $uid = sprintf("%d", $_GET["id"]);
3427
3428                 print "<div id=\"infoBoxTitle\">User details</div>";
3429
3430                 print "<div class='infoBoxContents'>";
3431
3432                 $result = db_query($link, "SELECT login,
3433                         SUBSTRING(last_login,1,16) AS last_login,
3434                         access_level,
3435                         (SELECT COUNT(int_id) FROM ttrss_user_entries
3436                                 WHERE owner_uid = id) AS stored_articles
3437                         FROM ttrss_users
3438                         WHERE id = '$uid'");
3439
3440                 if (db_num_rows($result) == 0) {
3441                         print "<h1>User not found</h1>";
3442                         return;
3443                 }
3444
3445 #               print "<h1>User Details</h1>";
3446
3447                 $login = db_fetch_result($result, 0, "login");
3448
3449 #               print "<h1>$login</h1>";
3450
3451                 print "<table width='100%'>";
3452
3453                 $last_login = date(get_pref($link, 'LONG_DATE_FORMAT'),
3454                         strtotime(db_fetch_result($result, 0, "last_login")));
3455                 $access_level = db_fetch_result($result, 0, "access_level");
3456                 $stored_articles = db_fetch_result($result, 0, "stored_articles");
3457
3458 #               print "<tr><td>Username</td><td>$login</td></tr>";
3459 #               print "<tr><td>Access level</td><td>$access_level</td></tr>";
3460                 print "<tr><td>Last logged in</td><td>$last_login</td></tr>";
3461                 print "<tr><td>Stored articles</td><td>$stored_articles</td></tr>";
3462
3463                 $result = db_query($link, "SELECT COUNT(id) as num_feeds FROM ttrss_feeds
3464                         WHERE owner_uid = '$uid'");
3465
3466                 $num_feeds = db_fetch_result($result, 0, "num_feeds");
3467
3468                 print "<tr><td>Subscribed feeds count</td><td>$num_feeds</td></tr>";
3469
3470 /*              $result = db_query($link, "SELECT
3471                         SUM(LENGTH(content)+LENGTH(title)+LENGTH(link)+LENGTH(guid)) AS db_size
3472                         FROM ttrss_user_entries,ttrss_entries
3473                                 WHERE owner_uid = '$uid' AND ref_id = id");
3474
3475                 $db_size = round(db_fetch_result($result, 0, "db_size") / 1024);
3476
3477                 print "<tr><td>Approx. used DB size</td><td>$db_size KBytes</td></tr>";  */
3478
3479                 print "</table>";
3480
3481                 print "<h1>Subscribed feeds</h1>";
3482
3483                 $result = db_query($link, "SELECT id,title,site_url FROM ttrss_feeds
3484                         WHERE owner_uid = '$uid' ORDER BY title");
3485
3486                 print "<ul class=\"userFeedList\">";
3487
3488                 $row_class = "odd";
3489
3490                 while ($line = db_fetch_assoc($result)) {
3491
3492                         $icon_file = ICONS_URL."/".$line["id"].".ico";
3493
3494                         if (file_exists($icon_file) && filesize($icon_file) > 0) {
3495                                 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"$icon_file\">";
3496                         } else {
3497                                 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
3498                         }
3499
3500                         print "<li class=\"$row_class\">$feed_icon&nbsp;<a href=\"".$line["site_url"]."\">".$line["title"]."</a></li>";
3501
3502                         $row_class = toggleEvenOdd($row_class);
3503
3504                 }
3505
3506                 if (db_num_rows($result) < $num_feeds) {
3507                          // FIXME - add link to show ALL subscribed feeds here somewhere
3508                         print "<li><img
3509                                 class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">&nbsp;...</li>";
3510                 }
3511
3512                 print "</ul>";
3513
3514                 print "</div>";
3515
3516                 print "<div align='center'>
3517                         <input type='submit' class='button'
3518                         onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
3519
3520 //              print "</body></html>";
3521
3522         }
3523
3524         if ($op == "pref-feed-browser") {
3525
3526                 if (!ENABLE_FEED_BROWSER) {
3527                         print "Feed browser is administratively disabled.";
3528                         return;
3529                 }
3530
3531                 $subop = $_REQUEST["subop"];
3532
3533                 if ($subop == "details") {
3534                         $id = db_escape_string($_GET["id"]);
3535
3536                         print "<div class=\"browserFeedInfo\">";
3537                         print "<b>Feed information:</b>";
3538                         print "<div class=\"detailsPart\">";
3539
3540                         $result = db_query($link, "SELECT
3541                                         feed_url,site_url,
3542                                         SUBSTRING(last_updated,1,19) AS last_updated
3543                                 FROM ttrss_feeds WHERE id = '$id'");
3544
3545                         $feed_url = db_fetch_result($result, 0, "feed_url");
3546                         $site_url = db_fetch_result($result, 0, "site_url");
3547                         $last_updated = db_fetch_result($result, 0, "last_updated");
3548
3549                         if (get_pref($link, 'HEADLINES_SMART_DATE')) {
3550                                 $last_updated = smart_date_time(strtotime($last_updated));
3551                         } else {
3552                                 $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
3553                                 $last_updated = date($short_date, strtotime($last_updated));
3554                         }
3555
3556                         print "Site: <a target=\"_new\" href='$site_url'>$site_url</a> ".
3557                                 "(<a target=\"_new\" href='$feed_url'>feed</a>), ".
3558                                 "Last updated: $last_updated";
3559
3560                         print "</div>";
3561
3562                         $result = db_query($link, "SELECT
3563                                         ttrss_entries.title,
3564                                         content,link,
3565                                         substring(date_entered,1,19) as date_entered,
3566                                         substring(updated,1,19) as updated
3567                                 FROM ttrss_entries,ttrss_user_entries
3568                                 WHERE   ttrss_entries.id = ref_id AND feed_id = '$id'
3569                                 ORDER BY updated DESC LIMIT 5");
3570
3571                         if (db_num_rows($result) > 0) {
3572
3573                                 print "<b>Last headlines:</b><br>";
3574
3575                                 print "<div class=\"detailsPart\">";
3576                                 print "<ul class=\"compact\">";
3577                                 while ($line = db_fetch_assoc($result)) {
3578
3579                                         if (get_pref($link, 'HEADLINES_SMART_DATE')) {
3580                                                 $entry_dt = smart_date_time(strtotime($line["updated"]));
3581                                         } else {
3582                                                 $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
3583                                                 $entry_dt = date($short_date, strtotime($line["updated"]));
3584                                         }
3585
3586                                         print "<li><a target=\"_new\" href=\"" . $line["link"] . "\">" . $line["title"] . "</a>" .
3587                                                 "&nbsp;<span class=\"insensitive\">($entry_dt)</span></li>";
3588                                 }
3589                                 print "</ul></div>";
3590                         }
3591
3592                         print "</div>";
3593
3594                         return;
3595                 }
3596
3597                 print "<p>This panel shows feeds subscribed by other users of this system, just in case you are interested in some of them too.</p>";
3598
3599                 $limit = db_escape_string($_GET["limit"]);
3600
3601                 if (!$limit) $limit = 25;
3602
3603                 $owner_uid = $_SESSION["uid"];
3604
3605                 $result = db_query($link, "SELECT feed_url,COUNT(id) AS subscribers
3606                         FROM ttrss_feeds WHERE (SELECT COUNT(id) = 0 FROM ttrss_feeds AS tf
3607                                 WHERE tf.feed_url = ttrss_feeds.feed_url
3608                                         AND owner_uid = '$owner_uid') GROUP BY feed_url
3609                                                 ORDER BY subscribers DESC LIMIT $limit");
3610
3611
3612                 print "<div style=\"float : right\">
3613                         Top <select id=\"feedBrowserLimit\">";
3614
3615                 foreach (array(25, 50, 100) as $l) {
3616                         $issel = ($l == $limit) ? "selected" : "";
3617                         print "<option $issel>$l</option>";
3618                 }
3619
3620                 print "</select>
3621                         <input type=\"submit\" class=\"button\"
3622                                 onclick=\"updateBigFeedBrowser()\" value=\"Show\">
3623                 </div>";
3624
3625                 print "<p id=\"fbrOpToolbar\">Selection:
3626                         <input type='submit' class='button' onclick=\"feedBrowserSubscribe()\"
3627                         disabled=\"true\" value=\"Subscribe\">";
3628
3629                 print "<ul class='nomarks' id='browseBigFeedList'>";
3630
3631                 $feedctr = 0;
3632
3633                 while ($line = db_fetch_assoc($result)) {
3634                         $feed_url = $line["feed_url"];
3635                         $subscribers = $line["subscribers"];
3636
3637                         $det_result = db_query($link, "SELECT site_url,title,id
3638                                 FROM ttrss_feeds WHERE feed_url = '$feed_url' LIMIT 1");
3639
3640                         $details = db_fetch_assoc($det_result);
3641
3642                         $icon_file = ICONS_DIR . "/" . $details["id"] . ".ico";
3643
3644                         if (file_exists($icon_file) && filesize($icon_file) > 0) {
3645                                         $feed_icon = "<img class=\"tinyFeedIcon\"       src=\"" . ICONS_URL .
3646                                                 "/".$details["id"].".ico\">";
3647                         } else {
3648                                 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
3649                         }
3650
3651                         $check_box = "<input onclick='toggleSelectFBListRow(this)' class='feedBrowseCB'
3652                                 type=\"checkbox\" id=\"FBCHK-" . $details["id"] . "\">";
3653
3654                         $class = ($feedctr % 2) ? "even" : "odd";
3655
3656                         print "<li class='$class' id=\"FBROW-".$details["id"]."\">$check_box".
3657                                 "$feed_icon ";
3658
3659                         print "<a href=\"javascript:browserToggleExpand('".$details["id"]."')\">" .
3660                                 $details["title"] ."</a>&nbsp;" .
3661                                 "<span class='subscribers'>($subscribers)</span>";
3662
3663                         print "<div class=\"browserDetails\" id=\"BRDET-" . $details["id"] . "\">";
3664                         print "</div>";
3665
3666                         print "</li>";
3667
3668                                 ++$feedctr;
3669                 }
3670
3671                 if ($feedctr == 0) {
3672                         print "<li>No feeds found to subscribe.</li>";
3673                 }
3674
3675                 print "</ul>";
3676
3677                 print "</div>";
3678
3679         }
3680
3681         if ($op == "rss") {
3682                 $feed = db_escape_string($_GET["id"]);
3683                 $user = db_escape_string($_GET["user"]);
3684                 $pass = db_escape_string($_GET["pass"]);
3685                 $is_cat = $_GET["is_cat"] != false;
3686
3687                 $search = db_escape_string($_GET["q"]);
3688                 $match_on = db_escape_string($_GET["m"]);
3689                 $search_mode = db_escape_string($_GET["smode"]);
3690
3691                 if (!$_SESSION["uid"] && $user && $pass) {
3692                         authenticate_user($link, $user, $pass);
3693                 }
3694
3695                 if ($_SESSION["uid"] ||
3696                         http_authenticate_user($link)) {
3697
3698                                 generate_syndicated_feed($link, $feed, $is_cat,
3699                                         $search, $search_mode, $match_on);
3700                 }
3701         }
3702
3703         function check_configuration_variables() {
3704                 if (!defined('SESSION_EXPIRE_TIME')) {
3705                         return "config: SESSION_EXPIRE_TIME is undefined";
3706                 }
3707
3708                 if (SESSION_EXPIRE_TIME < 60) {
3709                         return "config: SESSION_EXPIRE_TIME is too low (less than 60)";
3710                 }
3711
3712                 if (SESSION_EXPIRE_TIME < SESSION_COOKIE_LIFETIME_REMEMBER) {
3713                         return "config: SESSION_EXPIRE_TIME should be greater or equal to" .
3714                                 "SESSION_COOKIE_LIFETIME_REMEMBER";
3715                 }
3716
3717                 if (defined('DISABLE_SESSIONS')) {
3718                         return "config: you have enabled DISABLE_SESSIONS. Please disable this option.";
3719                 }
3720
3721                 if (DATABASE_BACKED_SESSIONS && SINGLE_USER_MODE) {
3722                         return "config: DATABASE_BACKED_SESSIONS is incompatible with SINGLE_USER_MODE";
3723                 }
3724
3725                 return false;
3726         }
3727
3728         if ($op == "labelFromSearch") {
3729                 $search = db_escape_string($_GET["search"]);
3730                 $search_mode = db_escape_string($_GET["smode"]);
3731                 $match_on = db_escape_string($_GET["match"]);
3732                 $is_cat = db_escape_string($_GET["is_cat"]);
3733                 $title = db_escape_string($_GET["title"]);
3734                 $feed = sprintf("%d", $_GET["feed"]);
3735
3736                 $label_qparts = array();
3737
3738                 $search_expr = getSearchSql($search, $match_on);
3739
3740                 if ($is_cat) {
3741                         if ($feed != 0) {
3742                                 $search_expr .= " AND ttrss_feeds.cat_id = $feed ";
3743                         } else {
3744                                 $search_expr .= " AND ttrss_feeds.cat_id IS NULL ";
3745                         }
3746                 } else {
3747                         if ($search_mode == "all_feeds") {
3748                                 // NOOP
3749                         } else if ($search_mode == "this_cat") {
3750
3751                                 $tmp_result = db_query($link, "SELECT cat_id
3752                                         FROM ttrss_feeds WHERE id = '$feed'");
3753
3754                                 $cat_id = db_fetch_result($tmp_result, 0, "cat_id");
3755
3756                                 if ($cat_id > 0) {
3757                                         $search_expr .= " AND ttrss_feeds.cat_id = $cat_id ";
3758                                 } else {
3759                                         $search_expr .= " AND ttrss_feeds.cat_id IS NULL ";
3760                                 }
3761                         } else {
3762                                 $search_expr .= " AND ttrss_feeds.id = $feed ";
3763                         }
3764
3765                 }
3766
3767                 $search_expr = db_escape_string($search_expr);
3768
3769                 print $search_expr;
3770
3771                 if ($title) {
3772                         $result = db_query($link,
3773                                 "INSERT INTO ttrss_labels (sql_exp,description,owner_uid)
3774                                 VALUES ('$search_expr', '$title', '".$_SESSION["uid"]."')");
3775                 }
3776         }
3777
3778         if ($op == "getUnread") {
3779                 $login = db_escape_string($_GET["login"]);
3780
3781                 header("Content-Type: text/plain; charset=utf-8");
3782
3783                 $result = db_query($link, "SELECT id FROM ttrss_users WHERE login = '$login'");
3784
3785                 if (db_num_rows($result) == 1) {
3786                         $uid = db_fetch_result($result, 0, "id");
3787                         print getGlobalUnread($link, $uid);
3788                 } else {
3789                         print "-1;User not found";
3790                 }
3791
3792                 $print_exec_time = false;
3793         }
3794
3795         if ($op == "digestTest") {
3796                 header("Content-Type: text/plain");
3797                 print_r(prepare_headlines_digest($link, $_SESSION["uid"]));
3798                 $print_exec_time = false;
3799
3800         }
3801
3802         if ($op == "digestSend") {
3803                 header("Content-Type: text/plain");
3804                 send_headlines_digests($link);
3805                 $print_exec_time = false;
3806
3807         }
3808
3809         db_close($link);
3810 ?>
3811
3812 <?php if ($print_exec_time) { ?>
3813 <!-- <?php echo sprintf("Backend execution time: %.4f seconds", getmicrotime() - $script_started) ?> -->
3814 <?php } ?>