]> git.wh0rd.org - tt-rss.git/blob - backend.php
git.wh0rd.org / tt-rss.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
escape feed title in generated feed
[tt-rss.git] / backend.php
1 <?
2 require_once "sessions.php";
3 require_once "backend-rpc.php";
4
5 header("Cache-Control: no-cache, must-revalidate");
6 header("Pragma: no-cache");
7 header("Expires: -1");
8
9 /* if ($_GET["debug"]) {
10 define('DEFAULT_ERROR_LEVEL', E_ALL);
11 } else {
12 define('DEFAULT_ERROR_LEVEL', E_ERROR | E_WARNING | E_PARSE);
13 }
14
15 error_reporting(DEFAULT_ERROR_LEVEL); */
16
17 $op = $_REQUEST["op"];
18
19 define('SCHEMA_VERSION', 9);
20
21 require_once "sanity_check.php";
22 require_once "config.php";
23
24 require_once "db.php";
25 require_once "db-prefs.php";
26 require_once "functions.php";
27 require_once "magpierss/rss_fetch.inc";
28
29 $err_msg = check_configuration_variables();
30
31 if ($err_msg) {
32 header("Content-Type: application/xml");
33 print_error_xml(9, $err_msg); die;
34 }
35
36 if ((!$op || $op == "rpc" || $op == "rss" ||
37 $op == "globalUpdateFeeds") && !$_REQUEST["noxml"]) {
38 header("Content-Type: application/xml");
39 }
40
41 if (!$_SESSION["uid"] && $op != "globalUpdateFeeds" && $op != "rss") {
42
43 if ($op == "rpc") {
44 print_error_xml(6); die;
45 } else {
46 print "
47 <html><body>
48 <p>Error: Not logged in.</p>
49 <script type=\"text/javascript\">
50 if (parent.window != 'undefined') {
51 parent.window.location = \"login.php\";
52 } else {
53 window.location = \"login.php\";
54 }
55 </script>
56 </body></html>
57 ";
58 }
59 exit;
60 }
61
62 if (!$op) {
63 print_error_xml(7); exit;
64 }
65
66 $purge_intervals = array(
67 0 => "Use default",
68 -1 => "Never purge",
69 5 => "1 week old",
70 14 => "2 weeks old",
71 31 => "1 month old",
72 60 => "2 months old",
73 90 => "3 months old");
74
75 $update_intervals = array(
76 0 => "Use default",
77 -1 => "Disable updates",
78 30 => "Each 30 minutes",
79 60 => "Hourly",
80 240 => "Each 4 hours",
81 720 => "Each 12 hours",
82 1440 => "Daily",
83 10080 => "Weekly");
84
85 $access_level_names = array(
86 0 => "User",
87 10 => "Administrator");
88
89 $script_started = getmicrotime();
90
91 $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
92
93 if (!$link) {
94 if (DB_TYPE == "mysql") {
95 print mysql_error();
96 }
97 // PG seems to display its own errors just fine by default.
98 return;
99 }
100
101 if (DB_TYPE == "pgsql") {
102 pg_query("set client_encoding = 'utf-8'");
103 }
104
105 if ($_SESSION["uid"]) {
106
107 // setcookie('ttrss_vf_refresh', FEEDS_FRAME_REFRESH);
108 // setcookie('ttrss_vf_daemon', ENABLE_UPDATE_DAEMON);
109
110 /* if (get_pref($link, "ON_CATCHUP_SHOW_NEXT_FEED")) {
111 setcookie('ttrss_vf_catchupnext', 1);
112 } else {
113 setcookie('ttrss_vf_catchupnext', 0);
114 } */
115 }
116
117 $fetch = $_GET["fetch"];
118
119 // setcookie("ttrss_icons_url", ICONS_URL);
120
121 if (!sanity_check($link)) { return; }
122
123 function outputFeedList($link, $tags = false) {
124
125 print "<html><head>
126 <title>Tiny Tiny RSS : Feedlist</title>
127 <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">";
128
129 $user_theme = $_SESSION["theme"];
130 if ($user_theme) {
131 print "<link rel=\"stylesheet\" type=\"text/css\"
132 href=\"themes/$user_theme/theme.css\">";
133 }
134
135 if (get_pref($link, 'USE_COMPACT_STYLESHEET')) {
136 print "<link rel=\"stylesheet\" type=\"text/css\"
137 href=\"tt-rss_compact.css\"/>";
138 } else {
139 print "<link title=\"Compact Stylesheet\" rel=\"alternate stylesheet\"
140 type=\"text/css\" href=\"tt-rss_compact.css\"/>";
141 }
142
143 $script_dt_add = get_script_dt_add();
144
145 print "
146 <script type=\"text/javascript\" src=\"prototype.js\"></script>
147 <script type=\"text/javascript\" src=\"functions.js?$script_dt_add\"></script>
148 <script type=\"text/javascript\" src=\"feedlist.js?$script_dt_add\"></script>
149 <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
150 <!--[if gte IE 5.5000]>
151 <script type=\"text/javascript\" src=\"pngfix.js\"></script>
152 <link rel=\"stylesheet\" type=\"text/css\" href=\"tt-rss-ie.css\">
153 <![endif]-->
154 </head><body>
155 <script type=\"text/javascript\">
156 if (document.addEventListener) {
157 document.addEventListener(\"DOMContentLoaded\", init, null);
158 }
159 window.onload = init;
160 </script>";
161
162 print "<ul class=\"feedList\" id=\"feedList\">\n";
163
164 $owner_uid = $_SESSION["uid"];
165
166 if (!$tags) {
167
168 /* virtual feeds */
169
170 if (get_pref($link, 'ENABLE_FEED_CATS')) {
171 print "<li class=\"feedCat\">Special</li>";
172 print "<li id=\"feedCatHolder\"><ul class=\"feedCatList\">";
173 }
174
175 $result = db_query($link, "SELECT count(id) as num_starred
176 FROM ttrss_entries,ttrss_user_entries
177 WHERE marked = true AND
178 ttrss_user_entries.ref_id = ttrss_entries.id AND
179 unread = true AND owner_uid = '$owner_uid'");
180 $num_starred = db_fetch_result($result, 0, "num_starred");
181
182 $class = "virt";
183
184 if ($num_starred > 0) $class .= "Unread";
185
186 printFeedEntry(-1, $class, "Starred articles", $num_starred,
187 "images/mark_set.png", $link);
188
189 if (get_pref($link, 'ENABLE_FEED_CATS')) {
190 print "</ul>\n";
191 }
192
193 if (GLOBAL_ENABLE_LABELS && get_pref($link, 'ENABLE_LABELS')) {
194
195 $result = db_query($link, "SELECT id,sql_exp,description FROM
196 ttrss_labels WHERE owner_uid = '$owner_uid' ORDER by description");
197
198 if (db_num_rows($result) > 0) {
199 if (get_pref($link, 'ENABLE_FEED_CATS')) {
200 print "<li class=\"feedCat\">Labels</li>";
201 print "<li id=\"feedCatHolder\"><ul class=\"feedCatList\">";
202 } else {
203 print "<li><hr></li>";
204 }
205 }
206
207 while ($line = db_fetch_assoc($result)) {
208
209 error_reporting (0);
210
211 $tmp_result = db_query($link, "SELECT count(id) as count
212 FROM ttrss_entries,ttrss_user_entries
213 WHERE (" . $line["sql_exp"] . ") AND unread = true AND
214 ttrss_user_entries.ref_id = ttrss_entries.id
215 AND owner_uid = '$owner_uid'");
216
217 $count = db_fetch_result($tmp_result, 0, "count");
218
219 $class = "label";
220
221 if ($count > 0) {
222 $class .= "Unread";
223 }
224
225 error_reporting (DEFAULT_ERROR_LEVEL);
226
227 printFeedEntry(-$line["id"]-11,
228 $class, $line["description"], $count, "images/label.png", $link);
229
230 }
231
232 if (db_num_rows($result) > 0) {
233 if (get_pref($link, 'ENABLE_FEED_CATS')) {
234 print "</ul>";
235 }
236 }
237
238 }
239
240 // if (!get_pref($link, 'ENABLE_FEED_CATS')) {
241 print "<li><hr></li>";
242 // }
243
244 if (get_pref($link, 'ENABLE_FEED_CATS')) {
245 if (get_pref($link, "FEEDS_SORT_BY_UNREAD")) {
246 $order_by_qpart = "category,unread DESC,title";
247 } else {
248 $order_by_qpart = "category,title";
249 }
250 } else {
251 if (get_pref($link, "FEEDS_SORT_BY_UNREAD")) {
252 $order_by_qpart = "unread DESC,title";
253 } else {
254 $order_by_qpart = "title";
255 }
256 }
257
258 $result = db_query($link, "SELECT ttrss_feeds.*,
259 SUBSTRING(last_updated,1,19) AS last_updated_noms,
260 (SELECT COUNT(id) FROM ttrss_entries,ttrss_user_entries
261 WHERE feed_id = ttrss_feeds.id AND
262 ttrss_user_entries.ref_id = ttrss_entries.id AND
263 owner_uid = '$owner_uid') AS total,
264 (SELECT COUNT(id) FROM ttrss_entries,ttrss_user_entries
265 WHERE feed_id = ttrss_feeds.id AND unread = true
266 AND ttrss_user_entries.ref_id = ttrss_entries.id
267 AND owner_uid = '$owner_uid') as unread,
268 cat_id,last_error,
269 ttrss_feed_categories.title AS category,
270 ttrss_feed_categories.collapsed
271 FROM ttrss_feeds LEFT JOIN ttrss_feed_categories
272 ON (ttrss_feed_categories.id = cat_id)
273 WHERE
274 ttrss_feeds.owner_uid = '$owner_uid' AND parent_feed IS NULL
275 ORDER BY $order_by_qpart");
276
277 $actid = $_GET["actid"];
278
279 /* real feeds */
280
281 $lnum = 0;
282
283 $total_unread = 0;
284
285 $category = "";
286
287 $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
288
289 while ($line = db_fetch_assoc($result)) {
290
291 $feed = db_unescape_string($line["title"]);
292 $feed_id = $line["id"];
293
294 $subop = $_GET["subop"];
295
296 $total = $line["total"];
297 $unread = $line["unread"];
298
299 if (get_pref($link, 'HEADLINES_SMART_DATE')) {
300 $last_updated = smart_date_time(strtotime($line["last_updated_noms"]));
301 } else {
302 $last_updated = date($short_date, strtotime($line["last_updated_noms"]));
303 }
304
305 $rtl_content = sql_bool_to_bool($line["rtl_content"]);
306
307 if ($rtl_content) {
308 $rtl_tag = "dir=\"RTL\"";
309 } else {
310 $rtl_tag = "";
311 }
312
313 $tmp_result = db_query($link,
314 "SELECT id,COUNT(unread) AS unread
315 FROM ttrss_feeds LEFT JOIN ttrss_user_entries
316 ON (ttrss_feeds.id = ttrss_user_entries.feed_id)
317 WHERE parent_feed = '$feed_id' AND unread = true
318 GROUP BY ttrss_feeds.id");
319
320 if (db_num_rows($tmp_result) > 0) {
321 while ($l = db_fetch_assoc($tmp_result)) {
322 $unread += $l["unread"];
323 }
324 }
325
326 $cat_id = $line["cat_id"];
327
328 $tmp_category = $line["category"];
329
330 if (!$tmp_category) {
331 $tmp_category = "Uncategorized";
332 }
333
334 // $class = ($lnum % 2) ? "even" : "odd";
335
336 if ($line["last_error"]) {
337 $class = "error";
338 } else {
339 $class = "feed";
340 }
341
342 if ($unread > 0) $class .= "Unread";
343
344 if ($actid == $feed_id) {
345 $class .= "Selected";
346 }
347
348 $total_unread += $unread;
349
350 if ($category != $tmp_category && get_pref($link, 'ENABLE_FEED_CATS')) {
351
352 if ($category) {
353 print "</ul></li>";
354 }
355
356 $category = $tmp_category;
357
358 $collapsed = $line["collapsed"];
359
360 // workaround for NULL category
361 if ($category == "Uncategorized") {
362 if ($_COOKIE["ttrss_vf_uclps"] == 1) {
363 $collapsed = "t";
364 }
365 }
366
367 if ($collapsed == "t" || $collapsed == "1") {
368 $holder_class = "invisible";
369 $ellipsis = "...";
370 } else {
371 $holder_class = "";
372 $ellipsis = "";
373 }
374
375 if ($cat_id) {
376 $cat_id_qpart = "cat_id = '$cat_id'";
377 } else {
378 $cat_id_qpart = "cat_id IS NULL";
379 }
380
381 $tmp_result = db_query($link, "SELECT count(int_id) AS unread
382 FROM ttrss_user_entries,ttrss_feeds WHERE
383 unread = true AND
384 feed_id = ttrss_feeds.id AND $cat_id_qpart AND
385 ttrss_user_entries.owner_uid = " . $_SESSION["uid"]);
386
387 $cat_unread = db_fetch_result($tmp_result, 0, "unread");
388
389 $cat_id = sprintf("%d", $cat_id);
390
391 print "<li class=\"feedCat\" id=\"FCAT-$cat_id\">
392 <a href=\"javascript:toggleCollapseCat($cat_id)\">$tmp_category</a>
393 <a href=\"javascript:viewCategory($cat_id)\" id=\"FCAP-$cat_id\">
394 <span id=\"FCATCTR-$cat_id\"
395 class=\"$catctr_class\">($cat_unread unread)$ellipsis</span>
396 </a></li>";
397
398 // !!! NO SPACE before <ul...feedCatList - breaks firstChild DOM function
399 // -> keyboard navigation, etc.
400 print "<li id=\"feedCatHolder\" class=\"$holder_class\"><ul class=\"feedCatList\" id=\"FCATLIST-$cat_id\">";
401 }
402
403 printFeedEntry($feed_id, $class, $feed, $unread,
404 "icons/$feed_id.ico", $link, $rtl_content,
405 $last_updated, $line["last_error"]);
406
407 ++$lnum;
408 }
409
410 } else {
411
412 // tags
413
414 /* $result = db_query($link, "SELECT tag_name,count(ttrss_entries.id) AS count
415 FROM ttrss_tags,ttrss_entries,ttrss_user_entries WHERE
416 post_int_id = ttrss_user_entries.int_id AND
417 unread = true AND ref_id = ttrss_entries.id
418 AND ttrss_tags.owner_uid = '$owner_uid' GROUP BY tag_name
419 UNION
420 select tag_name,0 as count FROM ttrss_tags WHERE owner_uid = '$owner_uid'
421 ORDER BY tag_name"); */
422
423 $result = db_query($link, "SELECT tag_name,SUM((SELECT COUNT(int_id)
424 FROM ttrss_user_entries WHERE int_id = post_int_id
425 AND unread = true)) AS count FROM ttrss_tags
426 WHERE owner_uid = 2 GROUP BY tag_name ORDER BY tag_name");
427
428 $tags = array();
429
430 while ($line = db_fetch_assoc($result)) {
431 $tags[$line["tag_name"]] += $line["count"];
432 }
433
434 foreach (array_keys($tags) as $tag) {
435
436 $unread = $tags[$tag];
437
438 $class = "tag";
439
440 if ($unread > 0) {
441 $class .= "Unread";
442 }
443
444 printFeedEntry($tag, $class, $tag, $unread, "images/tag.png", $link);
445
446 }
447
448 }
449
450 if (db_num_rows($result) == 0) {
451 if ($tags) {
452 $what = "tags";
453 } else {
454 $what = "feeds";
455 }
456 print "<li>No $what to display.</li>";
457 }
458
459 print "</ul>";
460
461 print '
462 <script type="text/javascript">
463 /* for IE */
464 function statechange() {
465 if (document.readyState == "interactive") init();
466 }
467
468 if (document.readyState) {
469 if (document.readyState == "interactive" || document.readyState == "complete") {
470 init();
471 } else {
472 document.onreadystatechange = statechange;
473 }
474 }
475 </script></body></html>';
476 }
477
478
479 if ($op == "rpc") {
480 handle_rpc_request($link);
481 }
482
483 if ($op == "feeds") {
484
485 $tags = $_GET["tags"];
486
487 $subop = $_GET["subop"];
488
489 if ($subop == "catchupAll") {
490 db_query($link, "UPDATE ttrss_user_entries SET
491 last_read = NOW(),unread = false WHERE owner_uid = " . $_SESSION["uid"]);
492 }
493
494 if ($subop == "collapse") {
495 $cat_id = db_escape_string($_GET["cid"]);
496
497 db_query($link, "UPDATE ttrss_feed_categories SET
498 collapsed = NOT collapsed WHERE id = '$cat_id' AND owner_uid = " .
499 $_SESSION["uid"]);
500 return;
501 }
502
503 outputFeedList($link, $tags);
504
505 }
506
507 if ($op == "view") {
508
509 $id = db_escape_string($_GET["id"]);
510 $feed_id = db_escape_string($_GET["feed"]);
511
512 $result = db_query($link, "SELECT rtl_content FROM ttrss_feeds
513 WHERE id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]);
514
515 if (db_num_rows($result) == 1) {
516 $rtl_content = sql_bool_to_bool(db_fetch_result($result, 0, "rtl_content"));
517 } else {
518 $rtl_content = false;
519 }
520
521 if ($rtl_content) {
522 $rtl_tag = "dir=\"RTL\"";
523 $rtl_class = "RTL";
524 } else {
525 $rtl_tag = "";
526 $rtl_class = "";
527 }
528
529 $result = db_query($link, "UPDATE ttrss_user_entries
530 SET unread = false,last_read = NOW()
531 WHERE ref_id = '$id' AND feed_id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]);
532
533 $result = db_query($link, "SELECT title,link,content,feed_id,comments,int_id,
534 SUBSTRING(updated,1,16) as updated,
535 (SELECT icon_url FROM ttrss_feeds WHERE id = feed_id) as icon_url,
536 num_comments,
537 author
538 FROM ttrss_entries,ttrss_user_entries
539 WHERE id = '$id' AND ref_id = id AND owner_uid = " . $_SESSION["uid"]);
540
541 print "<html><head>
542 <title>Tiny Tiny RSS : Article $id</title>
543 <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">";
544
545 $user_theme = $_SESSION["theme"];
546 if ($user_theme) {
547 print "<link rel=\"stylesheet\" type=\"text/css\"
548 href=\"themes/$user_theme/theme.css\">";
549 }
550
551 if (get_pref($link, 'USE_COMPACT_STYLESHEET')) {
552 print "<link rel=\"stylesheet\" type=\"text/css\"
553 href=\"tt-rss_compact.css\"/>";
554 } else {
555 print "<link title=\"Compact Stylesheet\" rel=\"alternate stylesheet\"
556 type=\"text/css\" href=\"tt-rss_compact.css\"/>";
557 }
558
559 $script_dt_add = get_script_dt_add();
560
561 print "
562 <script type=\"text/javascript\" src=\"prototype.js\"></script>
563 <script type=\"text/javascript\" src=\"functions.js?$script_dt_add\"></script>
564 <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
565 </head><body $rtl_tag>";
566
567 if ($result) {
568
569 $link_target = "";
570
571 if (get_pref($link, 'OPEN_LINKS_IN_NEW_WINDOW')) {
572 $link_target = "target=\"_new\"";
573 }
574
575 $line = db_fetch_assoc($result);
576
577 if ($line["icon_url"]) {
578 $feed_icon = "<img class=\"feedIcon\" src=\"" . $line["icon_url"] . "\">";
579 } else {
580 $feed_icon = "&nbsp;";
581 }
582
583 /* if ($line["comments"] && $line["link"] != $line["comments"]) {
584 $entry_comments = "(<a href=\"".$line["comments"]."\">Comments</a>)";
585 } else {
586 $entry_comments = "";
587 } */
588
589 $num_comments = $line["num_comments"];
590 $entry_comments = "";
591
592 if ($num_comments > 0) {
593 if ($line["comments"]) {
594 $comments_url = $line["comments"];
595 } else {
596 $comments_url = $line["link"];
597 }
598 $entry_comments = "<a $link_target href=\"$comments_url\">$num_comments comments</a>";
599 } else {
600 if ($line["comments"] && $line["link"] != $line["comments"]) {
601 $entry_comments = "<a $link_target href=\"".$line["comments"]."\">comments</a>";
602 }
603 }
604
605 print "<div class=\"postReply\">";
606
607 print "<div class=\"postHeader\"><table width=\"100%\">";
608
609 $entry_author = $line["author"];
610
611 if ($entry_author) {
612 $entry_author = " - by $entry_author";
613 }
614
615 print "<tr><td><a $link_target href=\"" . $line["link"] . "\">" . $line["title"] .
616 "</a>$entry_author</td>";
617
618 $parsed_updated = date(get_pref($link, 'LONG_DATE_FORMAT'),
619 strtotime($line["updated"]));
620
621 print "<td class=\"postDate$rtl_class\">$parsed_updated</td>";
622
623 print "</tr>";
624
625 $tmp_result = db_query($link, "SELECT DISTINCT tag_name FROM
626 ttrss_tags WHERE post_int_id = " . $line["int_id"] . "
627 ORDER BY tag_name");
628
629 $tags_str = "";
630 $f_tags_str = "";
631
632 $num_tags = 0;
633
634 while ($tmp_line = db_fetch_assoc($tmp_result)) {
635 $num_tags++;
636 $tag = $tmp_line["tag_name"];
637 $tag_str = "<a href=\"javascript:parent.viewfeed('$tag')\">$tag</a>, ";
638
639 if ($num_tags == 5) {
640 $tags_str .= "<a href=\"javascript:showBlockElement('allEntryTags')\">...</a>";
641 } else if ($num_tags < 5) {
642 $tags_str .= $tag_str;
643 }
644 $f_tags_str .= $tag_str;
645 }
646
647 $tags_str = preg_replace("/, $/", "", $tags_str);
648 $f_tags_str = preg_replace("/, $/", "", $f_tags_str);
649
650 // $truncated_link = truncate_string($line["link"], 60);
651
652 if ($tags_str || $entry_comments) {
653 print "<tr><td width='50%'>
654 $entry_comments</td>
655 <td align=\"right\">$tags_str</td></tr>";
656 }
657
658 print "</table></div>";
659
660 print "<div class=\"postIcon\">" . $feed_icon . "</div>";
661 print "<div class=\"postContent\">";
662
663 if (db_num_rows($tmp_result) > 5) {
664 print "<div id=\"allEntryTags\">Tags: $f_tags_str</div>";
665 }
666
667 if (get_pref($link, 'OPEN_LINKS_IN_NEW_WINDOW')) {
668 $line["content"] = preg_replace("/href=/i", "target=\"_new\" href=", $line["content"]);
669 }
670
671 print $line["content"] . "</div>";
672
673 print "</div>";
674
675 print "<script type=\"text/javascript\">
676 try {
677 parent.update_all_counters('$feed_id');
678 } catch (e) {
679 exception_error('view/footer', e);
680 }
681 </script>";
682 }
683
684 print "</body></html>";
685 }
686
687 if ($op == "viewfeed") {
688
689 $feed = db_escape_string($_GET["feed"]);
690 $subop = db_escape_string($_GET["subop"]);
691 $view_mode = db_escape_string($_GET["view_mode"]);
692 $limit = db_escape_string($_GET["limit"]);
693 $cat_view = db_escape_string($_GET["cat"]);
694 $next_unread_feed = db_escape_string($_GET["nuf"]);
695
696 if ($subop == "undefined") $subop = "";
697
698 print "<html><head>
699 <title>Tiny Tiny RSS : Feed $feed</title>
700 <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">";
701
702 $user_theme = $_SESSION["theme"];
703 if ($user_theme) {
704 print "<link rel=\"stylesheet\" type=\"text/css\"
705 href=\"themes/$user_theme/theme.css\">";
706 }
707
708 if (get_pref($link, 'USE_COMPACT_STYLESHEET')) {
709 print "<link rel=\"stylesheet\"
710 type=\"text/css\" href=\"tt-rss_compact.css\"/>";
711
712 } else {
713 print "<link title=\"Compact Stylesheet\" rel=\"alternate stylesheet\"
714 type=\"text/css\" href=\"tt-rss_compact.css\"/>";
715 }
716
717 if ($subop == "ForceUpdate" && sprintf("%d", $feed) > 0) {
718 update_generic_feed($link, $feed, $cat_view);
719 }
720
721 if ($subop == "MarkAllRead") {
722 catchup_feed($link, $feed, $cat_view);
723
724 if (get_pref($link, 'ON_CATCHUP_SHOW_NEXT_FEED')) {
725 if ($next_unread_feed) {
726 $feed = $next_unread_feed;
727 }
728 }
729 }
730
731 if ($feed_id > 0) {
732 $result = db_query($link,
733 "SELECT id FROM ttrss_feeds WHERE id = '$feed' LIMIT 1");
734
735 if (db_num_rows($result) == 0) {
736 print "<div align='center'>
737 Feed not found.</div>";
738 return;
739 }
740 }
741
742 if (preg_match("/^-?[0-9][0-9]*$/", $feed) != false) {
743
744 $result = db_query($link, "SELECT rtl_content FROM ttrss_feeds
745 WHERE id = '$feed' AND owner_uid = " . $_SESSION["uid"]);
746
747 if (db_num_rows($result) == 1) {
748 $rtl_content = sql_bool_to_bool(db_fetch_result($result, 0, "rtl_content"));
749 } else {
750 $rtl_content = false;
751 }
752
753 if ($rtl_content) {
754 $rtl_tag = "dir=\"RTL\"";
755 } else {
756 $rtl_tag = "";
757 }
758 } else {
759 $rtl_tag = "";
760 $rtl_content = false;
761 }
762
763 $script_dt_add = get_script_dt_add();
764
765 print "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
766 <script type=\"text/javascript\" src=\"prototype.js\"></script>
767 <script type=\"text/javascript\" src=\"functions.js?$script_dt_add\"></script>
768 <script type=\"text/javascript\" src=\"viewfeed.js?$script_dt_add\"></script>
769 <!--[if gte IE 5.5000]>
770 <script type=\"text/javascript\" src=\"pngfix.js\"></script>
771 <link rel=\"stylesheet\" type=\"text/css\" href=\"tt-rss-ie.css\">
772 <![endif]-->
773 </head><body $rtl_tag>
774 <script type=\"text/javascript\">
775 if (document.addEventListener) {
776 document.addEventListener(\"DOMContentLoaded\", init, null);
777 }
778 window.onload = init;
779 </script>";
780
781 /// START /////////////////////////////////////////////////////////////////////////////////
782
783 $search = db_escape_string($_GET["query"]);
784 $search_mode = db_escape_string($_GET["search_mode"]);
785 $match_on = db_escape_string($_GET["match_on"]);
786
787 if (!$match_on) {
788 $match_on = "both";
789 }
790
791 $qfh_ret = queryFeedHeadlines($link, $feed, $limit, $view_mode, $cat_view, $search, $search_mode, $match_on);
792
793 $result = $qfh_ret[0];
794 $feed_title = $qfh_ret[1];
795 $feed_site_url = $qfh_ret[2];
796 $last_error = $qfh_ret[3];
797
798 /// STOP //////////////////////////////////////////////////////////////////////////////////
799
800 print "<div id=\"headlinesContainer\">";
801
802 if (!$result) {
803 print "<div align='center'>
804 Could not display feed (query failed). Please check label match syntax or local configuration.</div>";
805 return;
806 }
807
808 function print_headline_subtoolbar($link, $feed_site_url, $feed_title,
809 $bottom = false, $rtl_content = false, $feed_id = 0,
810 $is_cat = false, $search = false, $match_on = false,
811 $search_mode = false) {
812
813 if (!$bottom) {
814 $class = "headlinesSubToolbar";
815 $tid = "headlineActionsTop";
816 } else {
817 $class = "invisible";
818 $tid = "headlineActionsBottom";
819 }
820
821 print "<table class=\"$class\" id=\"$tid\"
822 width=\"100%\" cellspacing=\"0\" cellpadding=\"0\"><tr>";
823
824 if ($rtl_content) {
825 $rtl_cpart = "RTL";
826 } else {
827 $rtl_cpart = "";
828 }
829
830 if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
831
832 print "<td class=\"headlineActions$rtl_cpart\">
833 Select:
834 <a href='#' onclick=\"javascript:selectTableRowsByIdPrefix('headlinesList', 'RROW-', 'RCHK-', true, '', true)\">All</a>,
835 <a href='#' onclick=\"javascript:selectTableRowsByIdPrefix('headlinesList', 'RROW-', 'RCHK-', true, 'Unread', true)\">Unread</a>,
836 <a href='#' onclick=\"javascript:selectTableRowsByIdPrefix('headlinesList', 'RROW-', 'RCHK-', false)\">None</a>
837 &nbsp;&nbsp;
838 Toggle: <a href='#' onclick=\"javascript:selectionToggleUnread()\">Unread</a>,
839 <a href='#' onclick=\"javascript:selectionToggleMarked()\">Starred</a>";
840 print "</td>";
841
842 } else {
843
844 print "<td class=\"headlineActions$rtl_cpart\">
845 Select:
846 <a href=\"#\" onclick=\"javascript:cdmSelectArticles('all')\">All</a>,
847 <a href=\"#\" onclick=\"javascript:cdmSelectArticles('unread')\">Unread</a>,
848 <a href=\"#\" onclick=\"javascript:cdmSelectArticles('none')\">None</a>
849 &nbsp;&nbsp;
850 Toggle: <a href=\"#\" onclick=\"javascript:selectionToggleUnread(true)\">Unread</a>,
851 <a href=\"#\" onclick=\"javascript:selectionToggleMarked(true)\">Starred</a>";
852
853 print "</td>";
854
855 }
856
857 print "<td class=\"headlineTitle$rtl_cpart\">";
858
859 if ($feed_site_url) {
860 if (!$bottom) {
861 $target = "target=\"_blank\"";
862 }
863 print "<a $target href=\"$feed_site_url\">$feed_title</a>";
864 } else {
865 print $feed_title;
866 }
867
868 if ($search) {
869 $search_q = "&q=$search&m=$match_on&smode=$search_mode";
870 }
871
872 print "&nbsp;
873 <a target=\"_new\"
874 href=\"backend.php?op=rss&id=$feed_id&is_cat=$is_cat$search_q\"
875 <img class=\"noborder\"
876 alt=\"Generated feed\" src=\"images/feed-icon-12x12.png\">
877 </a>";
878
879 print "</td>";
880 print "</tr></table>";
881
882 }
883
884 if (db_num_rows($result) > 0) {
885
886 print_headline_subtoolbar($link, $feed_site_url, $feed_title, false,
887 $rtl_content, $feed, $cat_view, $search, $match_on, $search_mode);
888
889 if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
890 print "<table class=\"headlinesList\" id=\"headlinesList\"
891 cellspacing=\"0\" width=\"100%\">";
892 }
893
894 $lnum = 0;
895
896 error_reporting (DEFAULT_ERROR_LEVEL);
897
898 $num_unread = 0;
899
900 while ($line = db_fetch_assoc($result)) {
901
902 $class = ($lnum % 2) ? "even" : "odd";
903
904 $id = $line["id"];
905 $feed_id = $line["feed_id"];
906
907 if ($line["last_read"] == "" &&
908 ($line["unread"] != "t" && $line["unread"] != "1")) {
909
910 $update_pic = "<img id='FUPDPIC-$id' src=\"images/updated.png\"
911 alt=\"Updated\">";
912 } else {
913 $update_pic = "<img id='FUPDPIC-$id' src=\"images/blank_icon.gif\"
914 alt=\"Updated\">";
915 }
916
917 if ($line["unread"] == "t" || $line["unread"] == "1") {
918 $class .= "Unread";
919 ++$num_unread;
920 $is_unread = true;
921 } else {
922 $is_unread = false;
923 }
924
925 if ($line["marked"] == "t" || $line["marked"] == "1") {
926 $marked_pic = "<img id=\"FMARKPIC-$id\" src=\"images/mark_set.png\"
927 alt=\"Reset mark\" onclick='javascript:toggleMark($id)'>";
928 } else {
929 $marked_pic = "<img id=\"FMARKPIC-$id\" src=\"images/mark_unset.png\"
930 alt=\"Set mark\" onclick='javascript:toggleMark($id)'>";
931 }
932
933 $content_link = "<a href=\"javascript:view($id,$feed_id);\">" .
934 $line["title"] . "</a>";
935
936 if (get_pref($link, 'HEADLINES_SMART_DATE')) {
937 $updated_fmt = smart_date_time(strtotime($line["updated"]));
938 } else {
939 $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
940 $updated_fmt = date($short_date, strtotime($line["updated"]));
941 }
942
943 if (get_pref($link, 'SHOW_CONTENT_PREVIEW')) {
944 $content_preview = truncate_string(strip_tags($line["content_preview"]),
945 100);
946 }
947
948 if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
949
950 print "<tr class='$class' id='RROW-$id'>";
951
952 print "<td class='hlUpdatePic'>$update_pic</td>";
953
954 print "<td class='hlSelectRow'>
955 <input type=\"checkbox\" onclick=\"toggleSelectRow(this)\"
956 class=\"feedCheckBox\" id=\"RCHK-$id\">
957 </td>";
958
959 print "<td class='hlMarkedPic'>$marked_pic</td>";
960
961 if ($line["feed_title"]) {
962 print "<td class='hlContent'>$content_link</td>";
963 print "<td class='hlFeed'>
964 <a href='javascript:viewfeed($feed_id)'>".
965 $line["feed_title"]."</a>&nbsp;</td>";
966 } else {
967 print "<td class='hlContent' valign='middle'>";
968
969 print "<a href=\"javascript:view($id,$feed_id);\">" .
970 $line["title"];
971
972 if (get_pref($link, 'SHOW_CONTENT_PREVIEW') && !$rtl_tag) {
973 if ($content_preview) {
974 print "<span class=\"contentPreview\"> - $content_preview</span>";
975 }
976 }
977
978 print "</a>";
979 print "</td>";
980 }
981
982 print "<td class=\"hlUpdated\"><nobr>$updated_fmt&nbsp;</nobr></td>";
983
984 print "</tr>";
985
986 } else {
987
988 if ($is_unread) {
989 $add_class = "Unread";
990 } else {
991 $add_class = "";
992 }
993
994 print "<div class=\"cdmArticle$add_class\" id=\"RROW-$id\">";
995
996 print "<div class=\"cdmHeader\">";
997
998 print "<div style=\"float : right\">$updated_fmt,
999 <a class=\"cdmToggleLink\"
1000 href=\"javascript:toggleUnread($id)\">Toggle unread</a>
1001 </div>";
1002
1003 print "<a class=\"title\"
1004 onclick=\"javascript:toggleUnread($id, 0)\"
1005 target=\"new\" href=\"".$line["link"]."\">".$line["title"]."</a>";
1006
1007 if ($line["feed_title"]) {
1008 print "&nbsp;(<a href='javascript:viewfeed($feed_id)'>".$line["feed_title"]."</a>)";
1009 }
1010
1011 print "</div>";
1012
1013 print "<div class=\"cdmContent\">" . $line["content_preview"] . "</div><br clear=\"all\">";
1014
1015 print "<div style=\"float : right\">$marked_pic</div>
1016 <div lass=\"cdmFooter\">
1017 <input type=\"checkbox\" onclick=\"toggleSelectRowById(this,
1018 'RROW-$id')\" class=\"feedCheckBox\" id=\"RCHK-$id\"></div>";
1019
1020 # print "<div align=\"center\"><a class=\"cdmToggleLink\"
1021 # href=\"javascript:toggleUnread($id)\">
1022 # Toggle unread</a></div>";
1023
1024 print "</div>";
1025
1026 }
1027
1028 ++$lnum;
1029 }
1030
1031 if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
1032 print "</table>";
1033 }
1034
1035 print_headline_subtoolbar($link,
1036 "javascript:catchupPage()", "Mark page as read", true, $rtl_content);
1037
1038
1039 } else {
1040 print "<div width='100%' align='center'>No articles found.</div>";
1041 }
1042
1043 print "</div>";
1044
1045 print "
1046 <script type=\"text/javascript\">
1047 try {
1048 document.onkeydown = hotkey_handler;
1049 try {
1050 parent.update_all_counters(\"$feed\");
1051 } catch (e) {
1052 // this is workaround against mysterious permission
1053 // denied feature/bug of firefox (ticket #73)
1054 // if call from this context failed - ignore silently
1055 exception_error(\"viewfeed/footer1/counters\", e, true);
1056 }
1057 } catch (e) {
1058 exception_error(\"viewfeed/footer1\", e);
1059 }
1060
1061 /* for IE */
1062 function statechange() {
1063 if (document.readyState == \"interactive\") init();
1064 }
1065
1066 if (document.readyState) {
1067 if (document.readyState == \"interactive\" || document.readyState == \"complete\") {
1068 init();
1069 } else {
1070 document.onreadystatechange = statechange;
1071 }
1072 }
1073 </script>";
1074
1075 print "</body></html>";
1076 }
1077
1078 if ($op == "pref-feeds") {
1079
1080 $subop = $_REQUEST["subop"];
1081 $quiet = $_REQUEST["quiet"];
1082
1083 if ($subop == "massSubscribe") {
1084 $ids = split(",", db_escape_string($_GET["ids"]));
1085
1086 $subscribed = array();
1087
1088 foreach ($ids as $id) {
1089 $result = db_query($link, "SELECT feed_url,title FROM ttrss_feeds
1090 WHERE id = '$id'");
1091
1092 $feed_url = db_fetch_result($result, 0, "feed_url");
1093 $title = db_fetch_result($result, 0, "title");
1094
1095 $result = db_query($link, "SELECT id FROM ttrss_feeds WHERE
1096 feed_url = '$feed_url' AND owner_uid = " . $_SESSION["uid"]);
1097
1098 if (db_num_rows($result) == 0) {
1099 $result = db_query($link,
1100 "INSERT INTO ttrss_feeds (owner_uid,feed_url,title,cat_id)
1101 VALUES ('".$_SESSION["uid"]."', '$feed_url', '$title', NULL)");
1102
1103 array_push($subscribed, $title);
1104 }
1105 }
1106
1107 if (count($subscribed) > 0) {
1108 print "<div class=\"notice\">";
1109 print "<b>Subscribed to feeds:</b>";
1110 print "<ul class=\"nomarks\">";
1111 foreach ($subscribed as $title) {
1112 print "<li>$title</li>";
1113 }
1114 print "</ul>";
1115 print "</div>";
1116 }
1117 }
1118
1119 if ($subop == "browse") {
1120
1121 if (!ENABLE_FEED_BROWSER) {
1122 print "Feed browser is administratively disabled.";
1123 return;
1124 }
1125
1126 print "<div id=\"infoBoxTitle\">Other feeds: Top 25</div>";
1127
1128 print "<div class=\"infoBoxContents\">";
1129
1130 print "<p>Showing top 25 registered feeds, sorted by popularity:</p>";
1131
1132 # $result = db_query($link, "SELECT feed_url,count(id) AS subscribers
1133 # FROM ttrss_feeds
1134 # WHERE auth_login = '' AND auth_pass = '' AND private = false
1135 # GROUP BY feed_url ORDER BY subscribers DESC LIMIT 25");
1136
1137 $owner_uid = $_SESSION["uid"];
1138
1139 $result = db_query($link, "SELECT feed_url,COUNT(id) AS subscribers
1140 FROM ttrss_feeds WHERE (SELECT COUNT(id) = 0 FROM ttrss_feeds AS tf
1141 WHERE tf.feed_url = ttrss_feeds.feed_url
1142 AND owner_uid = '$owner_uid') GROUP BY feed_url
1143 ORDER BY subscribers DESC LIMIT 25");
1144
1145 print "<ul class='browseFeedList' id='browseFeedList'>";
1146
1147 $feedctr = 0;
1148
1149 while ($line = db_fetch_assoc($result)) {
1150 $feed_url = $line["feed_url"];
1151 $subscribers = $line["subscribers"];
1152
1153 $det_result = db_query($link, "SELECT site_url,title,id
1154 FROM ttrss_feeds WHERE feed_url = '$feed_url' LIMIT 1");
1155
1156 $details = db_fetch_assoc($det_result);
1157
1158 $icon_file = ICONS_DIR . "/" . $details["id"] . ".ico";
1159
1160 if (file_exists($icon_file) && filesize($icon_file) > 0) {
1161 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"" . ICONS_URL .
1162 "/".$details["id"].".ico\">";
1163 } else {
1164 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
1165 }
1166
1167 $check_box = "<input onclick='toggleSelectListRow(this)' class='feedBrowseCB'
1168 type=\"checkbox\" id=\"FBCHK-" . $details["id"] . "\">";
1169
1170 $class = ($feedctr % 2) ? "even" : "odd";
1171
1172 print "<li class='$class' id=\"FBROW-".$details["id"]."\">$check_box".
1173 "$feed_icon " . db_unescape_string($details["title"]) .
1174 "&nbsp;<span class='subscribers'>($subscribers)</span></li>";
1175
1176 ++$feedctr;
1177 }
1178
1179 if ($feedctr == 0) {
1180 print "<li>No feeds found to subscribe.</li>";
1181 }
1182
1183 print "</ul>";
1184
1185 print "<div align='center'>
1186 <input type=\"submit\" class=\"button\"
1187 onclick=\"feedBrowserSubscribe()\" value=\"Subscribe\">
1188 <input type='submit' class='button'
1189 onclick=\"closeInfoBox()\" value=\"Cancel\"></div>";
1190
1191 print "</div>";
1192 return;
1193 }
1194
1195 if ($subop == "editfeed") {
1196 $feed_id = db_escape_string($_REQUEST["id"]);
1197
1198 $result = db_query($link,
1199 "SELECT * FROM ttrss_feeds WHERE id = '$feed_id' AND
1200 owner_uid = " . $_SESSION["uid"]);
1201
1202 $title = htmlspecialchars(db_unescape_string(db_fetch_result($result,
1203 0, "title")));
1204
1205 $icon_file = ICONS_DIR . "/$feed_id.ico";
1206
1207 if (file_exists($icon_file) && filesize($icon_file) > 0) {
1208 $feed_icon = "<img width=\"16\" height=\"16\"
1209 src=\"" . ICONS_URL . "/$feed_id.ico\">";
1210 } else {
1211 $feed_icon = "";
1212 }
1213
1214 print "<div id=\"infoBoxTitle\">Feed editor</div>";
1215
1216 print "<div class=\"infoBoxContents\">";
1217
1218 print "<form id=\"edit_feed_form\">";
1219
1220 print "<input type=\"hidden\" name=\"id\" value=\"$feed_id\">";
1221 print "<input type=\"hidden\" name=\"op\" value=\"pref-feeds\">";
1222 print "<input type=\"hidden\" name=\"subop\" value=\"editSave\">";
1223
1224 print "<table width='100%'>";
1225
1226 print "<tr><td>Title:</td>";
1227 print "<td><input class=\"iedit\" onkeypress=\"return filterCR(event)\"
1228 name=\"title\" value=\"$title\"></td></tr>";
1229
1230 $feed_url = db_fetch_result($result, 0, "feed_url");
1231 $feed_url = htmlspecialchars(db_unescape_string(db_fetch_result($result,
1232 0, "feed_url")));
1233
1234 print "<tr><td>Feed URL:</td>";
1235 print "<td><input class=\"iedit\" onkeypress=\"return filterCR(event)\"
1236 name=\"feed_url\" value=\"$feed_url\"></td></tr>";
1237
1238 if (get_pref($link, 'ENABLE_FEED_CATS')) {
1239
1240 $cat_id = db_fetch_result($result, 0, "cat_id");
1241
1242 print "<tr><td>Category:</td>";
1243 print "<td>";
1244
1245 print_feed_cat_select($link, "cat_id", $cat_id, "class=\"iedit\"");
1246
1247 print "</td>";
1248 print "</td></tr>";
1249
1250 }
1251
1252 $update_interval = db_fetch_result($result, 0, "update_interval");
1253
1254 print "<tr><td>Update Interval:</td>";
1255
1256 print "<td>";
1257
1258 print_select_hash("update_interval", $update_interval, $update_intervals,
1259 "class=\"iedit\"");
1260
1261 print "</td>";
1262
1263 print "<tr><td>Link to:</td><td>";
1264
1265 $tmp_result = db_query($link, "SELECT COUNT(id) AS count
1266 FROM ttrss_feeds WHERE parent_feed = '$feed_id'");
1267
1268 $linked_count = db_fetch_result($tmp_result, 0, "count");
1269
1270 $parent_feed = db_fetch_result($result, 0, "parent_feed");
1271
1272 if ($linked_count > 0) {
1273 $disabled = "disabled";
1274 }
1275
1276 print "<select class=\"iedit\" $disabled name=\"parent_feed\">";
1277
1278 print "<option value=\"0\">Not linked</option>";
1279
1280 if (get_pref($link, 'ENABLE_FEED_CATS')) {
1281 if ($cat_id) {
1282 $cat_qpart = "AND cat_id = '$cat_id'";
1283 } else {
1284 $cat_qpart = "AND cat_id IS NULL";
1285 }
1286 }
1287
1288 $tmp_result = db_query($link, "SELECT id,title FROM ttrss_feeds
1289 WHERE id != '$feed_id' AND owner_uid = ".$_SESSION["uid"]."
1290 $cat_qpart ORDER BY title");
1291
1292 if (db_num_rows($tmp_result) > 0) {
1293 print "<option disabled>--------</option>";
1294 }
1295
1296 while ($tmp_line = db_fetch_assoc($tmp_result)) {
1297 if ($tmp_line["id"] == $parent_feed) {
1298 $is_selected = "selected";
1299 } else {
1300 $is_selected = "";
1301 }
1302 printf("<option $is_selected value='%d'>%s</option>",
1303 $tmp_line["id"], $tmp_line["title"]);
1304 }
1305
1306 print "</select>";
1307 print "</td></tr>";
1308
1309 $purge_interval = db_fetch_result($result, 0, "purge_interval");
1310
1311 print "<tr><td>Article purging:</td>";
1312
1313 print "<td>";
1314
1315 print_select_hash("purge_interval", $purge_interval, $purge_intervals,
1316 "class=\"iedit\"");
1317
1318 print "</td>";
1319
1320 $auth_login = db_fetch_result($result, 0, "auth_login");
1321
1322 print "<tr><td>Login:</td>";
1323 print "<td><input class=\"iedit\" onkeypress=\"return filterCR(event)\"
1324 name=\"auth_login\" value=\"$auth_login\"></td></tr>";
1325
1326 $auth_pass = db_fetch_result($result, 0, "auth_pass");
1327
1328 print "<tr><td>Password:</td>";
1329 print "<td><input class=\"iedit\" type=\"password\" name=\"auth_pass\"
1330 onkeypress=\"return filterCR(event)\"
1331 value=\"$auth_pass\"></td></tr>";
1332
1333 $private = sql_bool_to_bool(db_fetch_result($result, 0, "private"));
1334
1335 if ($private) {
1336 $checked = "checked";
1337 } else {
1338 $checked = "";
1339 }
1340
1341 print "<tr><td valign='top'>Options:</td>";
1342 print "<td><input type=\"checkbox\" name=\"private\" id=\"private\"
1343 $checked><label for=\"private\">Hide from feed browser</label>";
1344
1345 $rtl_content = sql_bool_to_bool(db_fetch_result($result, 0, "rtl_content"));
1346
1347 if ($rtl_content) {
1348 $checked = "checked";
1349 } else {
1350 $checked = "";
1351 }
1352
1353 print "<br><input type=\"checkbox\" id=\"rtl_content\" name=\"rtl_content\"
1354 $checked><label for=\"rtl_content\">Right-to-left content</label>";
1355
1356 print "</td></tr>";
1357
1358 print "</table>";
1359
1360 print "</form>";
1361
1362 print "</div>";
1363
1364 print "<div align='center'>
1365 <input type=\"submit\" class=\"button\"
1366 onclick=\"return feedEditSave()\" value=\"Save\">
1367 <input type='submit' class='button'
1368 onclick=\"return feedEditCancel()\" value=\"Cancel\"></div>";
1369 return;
1370 }
1371
1372 if ($subop == "editSave") {
1373
1374 $feed_title = db_escape_string(trim($_POST["title"]));
1375 $feed_link = db_escape_string(trim($_POST["feed_url"]));
1376 $upd_intl = db_escape_string($_POST["update_interval"]);
1377 $purge_intl = db_escape_string($_POST["purge_interval"]);
1378 $feed_id = db_escape_string($_POST["id"]);
1379 $cat_id = db_escape_string($_POST["cat_id"]);
1380 $auth_login = db_escape_string(trim($_POST["auth_login"]));
1381 $auth_pass = db_escape_string(trim($_POST["auth_pass"]));
1382 $parent_feed = db_escape_string($_POST["parent_feed"]);
1383 $private = checkbox_to_sql_bool(db_escape_string($_POST["private"]));
1384 $rtl_content = checkbox_to_sql_bool(db_escape_string($_POST["rtl_content"]));
1385
1386 if (get_pref($link, 'ENABLE_FEED_CATS')) {
1387 if ($cat_id && $cat_id != 0) {
1388 $category_qpart = "cat_id = '$cat_id',";
1389 } else {
1390 $category_qpart = 'cat_id = NULL,';
1391 }
1392 } else {
1393 $category_qpart = "";
1394 }
1395
1396 if ($parent_feed && $parent_feed != 0) {
1397 $parent_qpart = "parent_feed = '$parent_feed',";
1398 } else {
1399 $parent_qpart = 'parent_feed = NULL,';
1400 }
1401
1402 $result = db_query($link, "UPDATE ttrss_feeds SET
1403 $category_qpart
1404 $parent_qpart
1405 title = '$feed_title', feed_url = '$feed_link',
1406 update_interval = '$upd_intl',
1407 purge_interval = '$purge_intl',
1408 auth_login = '$auth_login',
1409 auth_pass = '$auth_pass',
1410 private = $private,
1411 rtl_content = $rtl_content
1412 WHERE id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]);
1413 }
1414
1415 if ($subop == "saveCat") {
1416 $cat_title = db_escape_string(trim($_GET["title"]));
1417 $cat_id = db_escape_string($_GET["id"]);
1418
1419 $result = db_query($link, "UPDATE ttrss_feed_categories SET
1420 title = '$cat_title' WHERE id = '$cat_id' AND owner_uid = ".$_SESSION["uid"]);
1421
1422 }
1423
1424 if ($subop == "remove") {
1425
1426 if (!WEB_DEMO_MODE) {
1427
1428 $ids = split(",", db_escape_string($_GET["ids"]));
1429
1430 foreach ($ids as $id) {
1431 db_query($link, "DELETE FROM ttrss_feeds
1432 WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
1433
1434 $icons_dir = ICONS_DIR;
1435
1436 if (file_exists($icons_dir . "/$id.ico")) {
1437 unlink($icons_dir . "/$id.ico");
1438 }
1439 }
1440 }
1441 }
1442
1443 if ($subop == "add") {
1444
1445 if (!WEB_DEMO_MODE) {
1446
1447 $feed_url = db_escape_string(trim($_GET["feed_url"]));
1448 $cat_id = db_escape_string($_GET["cat_id"]);
1449
1450 if (subscribe_to_feed($link, $feed_url, $cat_id)) {
1451 print "Added feed.";
1452 } else {
1453 print "<div class=\"warning\">
1454 Feed <b>$feed_url</b> already exists in the database.
1455 </div>";
1456 }
1457 }
1458 }
1459
1460 if ($subop == "addCat") {
1461
1462 if (!WEB_DEMO_MODE) {
1463
1464 $feed_cat = db_escape_string(trim($_GET["cat"]));
1465
1466 $result = db_query($link,
1467 "SELECT id FROM ttrss_feed_categories
1468 WHERE title = '$feed_cat' AND owner_uid = ".$_SESSION["uid"]);
1469
1470 if (db_num_rows($result) == 0) {
1471
1472 $result = db_query($link,
1473 "INSERT INTO ttrss_feed_categories (owner_uid,title)
1474 VALUES ('".$_SESSION["uid"]."', '$feed_cat')");
1475
1476 } else {
1477
1478 print "<div class=\"warning\">
1479 Category <b>$feed_cat</b> already exists in the database.
1480 </div>";
1481 }
1482
1483
1484 }
1485 }
1486
1487 if ($subop == "removeCats") {
1488
1489 if (!WEB_DEMO_MODE) {
1490
1491 $ids = split(",", db_escape_string($_GET["ids"]));
1492
1493 foreach ($ids as $id) {
1494
1495 db_query($link, "BEGIN");
1496
1497 $result = db_query($link,
1498 "SELECT count(id) as num_feeds FROM ttrss_feeds
1499 WHERE cat_id = '$id'");
1500
1501 $num_feeds = db_fetch_result($result, 0, "num_feeds");
1502
1503 if ($num_feeds == 0) {
1504 db_query($link, "DELETE FROM ttrss_feed_categories
1505 WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
1506 } else {
1507
1508 print "<div class=\"warning\">
1509 Unable to delete non empty feed categories.</div>";
1510
1511 }
1512
1513 db_query($link, "COMMIT");
1514 }
1515 }
1516 }
1517
1518 if ($subop == "categorize") {
1519
1520 if (!WEB_DEMO_MODE) {
1521
1522 $ids = split(",", db_escape_string($_GET["ids"]));
1523
1524 $cat_id = db_escape_string($_GET["cat_id"]);
1525
1526 if ($cat_id == 0) {
1527 $cat_id_qpart = 'NULL';
1528 } else {
1529 $cat_id_qpart = "'$cat_id'";
1530 }
1531
1532 db_query($link, "BEGIN");
1533
1534 foreach ($ids as $id) {
1535
1536 db_query($link, "UPDATE ttrss_feeds SET cat_id = $cat_id_qpart
1537 WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
1538 }
1539
1540 db_query($link, "COMMIT");
1541 }
1542
1543 }
1544
1545 if ($quiet) return;
1546
1547 // print "<h3>Edit Feeds</h3>";
1548
1549 $result = db_query($link, "SELECT id,title,feed_url,last_error
1550 FROM ttrss_feeds WHERE last_error != '' AND owner_uid = ".$_SESSION["uid"]);
1551
1552 if (db_num_rows($result) > 0) {
1553
1554 print "<div class=\"warning\">";
1555
1556 // print"<img class=\"closeButton\"
1557 // onclick=\"javascript:hideParentElement(this);\" src=\"images/close.png\">";
1558
1559 print "<a href=\"javascript:showBlockElement('feedUpdateErrors')\">
1560 <b>Some feeds have update errors (click for details)</b></a>";
1561
1562 print "<ul id=\"feedUpdateErrors\" class=\"nomarks\">";
1563
1564 while ($line = db_fetch_assoc($result)) {
1565 print "<li>" . $line["title"] . " (" . $line["feed_url"] . "): " .
1566 $line["last_error"];
1567 }
1568
1569 print "</ul>";
1570 print "</div>";
1571
1572 }
1573
1574 $feed_search = db_escape_string($_GET["search"]);
1575
1576 if (array_key_exists("search", $_GET)) {
1577 $_SESSION["prefs_feed_search"] = $feed_search;
1578 } else {
1579 $feed_search = $_SESSION["prefs_feed_search"];
1580 }
1581
1582 print "<table width='100%' class=\"prefGenericAddBox\"
1583 cellspacing='0' cellpadding='0'><tr>
1584 <td>
1585 <input id=\"fadd_link\"
1586 onkeyup=\"toggleSubmitNotEmpty(this, 'fadd_submit_btn')\"
1587 size=\"40\">
1588 <input type=\"submit\" class=\"button\"
1589 disabled=\"true\" id=\"fadd_submit_btn\"
1590 onclick=\"addFeed()\" value=\"Subscribe\">";
1591
1592 if (ENABLE_FEED_BROWSER && !SINGLE_USER_MODE) {
1593 print " <input type=\"submit\" class=\"button\"
1594 onclick=\"javascript:browseFeeds()\" value=\"Top 25\">";
1595 }
1596
1597 print "</td><td align='right'>
1598 <input id=\"feed_search\" size=\"20\"
1599 onchange=\"javascript:updateFeedList()\" value=\"$feed_search\">
1600 <input type=\"submit\" class=\"button\"
1601 onclick=\"javascript:updateFeedList()\" value=\"Search\">
1602 </td>
1603 </tr></table>";
1604
1605 $feeds_sort = db_escape_string($_GET["sort"]);
1606
1607 if (!$feeds_sort || $feeds_sort == "undefined") {
1608 $feeds_sort = $_SESSION["pref_sort_feeds"];
1609 if (!$feeds_sort) $feeds_sort = "title";
1610 }
1611
1612 $_SESSION["pref_sort_feeds"] = $feeds_sort;
1613
1614 if ($feed_search) {
1615 $search_qpart = "(UPPER(F1.title) LIKE UPPER('%$feed_search%') OR
1616 UPPER(F1.feed_url) LIKE UPPER('%$feed_search%')) AND";
1617 } else {
1618 $search_qpart = "";
1619 }
1620
1621 if (get_pref($link, 'ENABLE_FEED_CATS')) {
1622 $order_by_qpart = "category,$feeds_sort,title";
1623 } else {
1624 $order_by_qpart = "$feeds_sort,title";
1625 }
1626
1627 $result = db_query($link, "SELECT
1628 F1.id,
1629 F1.title,
1630 F1.feed_url,
1631 substring(F1.last_updated,1,16) AS last_updated,
1632 F1.parent_feed,
1633 F1.update_interval,
1634 F1.purge_interval,
1635 F1.cat_id,
1636 F2.title AS parent_title,
1637 C1.title AS category
1638 FROM
1639 ttrss_feeds AS F1
1640 LEFT JOIN ttrss_feeds AS F2
1641 ON (F1.parent_feed = F2.id)
1642 LEFT JOIN ttrss_feed_categories AS C1
1643 ON (F1.cat_id = C1.id)
1644 WHERE
1645 $search_qpart F1.owner_uid = '".$_SESSION["uid"]."'
1646 ORDER by $order_by_qpart");
1647
1648 if (db_num_rows($result) != 0) {
1649
1650 // print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
1651
1652 print "<p><table width=\"100%\" cellspacing=\"0\"
1653 class=\"prefFeedList\" id=\"prefFeedList\">";
1654 print "<tr><td class=\"selectPrompt\" colspan=\"8\">
1655 Select:
1656 <a href=\"javascript:selectPrefRows('feed', true)\">All</a>,
1657 <a href=\"javascript:selectPrefRows('feed', false)\">None</a>
1658 </td</tr>";
1659
1660 if (!get_pref($link, 'ENABLE_FEED_CATS')) {
1661 print "<tr class=\"title\">
1662 <td width='5%' align='center'>&nbsp;</td>";
1663
1664 if (get_pref($link, 'ENABLE_FEED_ICONS')) {
1665 print "<td width='3%'>&nbsp;</td>";
1666 }
1667
1668 print "
1669 <td width='40%'><a href=\"javascript:updateFeedList('title')\">Title</a></td>
1670 <td width='45%'><a href=\"javascript:updateFeedList('feed_url')\">Feed</a></td>
1671 <td width='15%' align='right'><a href=\"javascript:updateFeedList('last_updated')\">Updated</a></td>";
1672 }
1673
1674 $lnum = 0;
1675
1676 $cur_cat_id = -1;
1677
1678 while ($line = db_fetch_assoc($result)) {
1679
1680 $feed_id = $line["id"];
1681 $cat_id = $line["cat_id"];
1682
1683 $edit_title = htmlspecialchars(db_unescape_string($line["title"]));
1684 $edit_link = htmlspecialchars(db_unescape_string($line["feed_url"]));
1685 $edit_cat = htmlspecialchars(db_unescape_string($line["category"]));
1686
1687 if (!$edit_cat) $edit_cat = "Uncategorized";
1688
1689 $last_updated = $line["last_updated"];
1690
1691 if (get_pref($link, 'HEADLINES_SMART_DATE')) {
1692 $last_updated = smart_date_time(strtotime($last_updated));
1693 } else {
1694 $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
1695 $last_updated = date($short_date, strtotime($last_updated));
1696 }
1697
1698 if (get_pref($link, 'ENABLE_FEED_CATS') && $cur_cat_id != $cat_id) {
1699 $lnum = 0;
1700
1701 print "<tr><td colspan=\"6\" class=\"feedEditCat\">$edit_cat</td></tr>";
1702
1703 print "<tr class=\"title\">
1704 <td width='5%'>&nbsp;</td>";
1705
1706 if (get_pref($link, 'ENABLE_FEED_ICONS')) {
1707 print "<td width='3%'>&nbsp;</td>";
1708 }
1709
1710 print "<td width='40%'><a href=\"javascript:updateFeedList('title')\">Title</a></td>
1711 <td width='45%'><a href=\"javascript:updateFeedList('feed_url')\">Feed</a></td>
1712 <td width='15%' align='right'><a href=\"javascript:updateFeedList('last_updated')\">Updated</a></td>";
1713
1714 $cur_cat_id = $cat_id;
1715 }
1716
1717 $class = ($lnum % 2) ? "even" : "odd";
1718 $this_row_id = "id=\"FEEDR-$feed_id\"";
1719
1720 print "<tr class=\"$class\" $this_row_id>";
1721
1722 $icon_file = ICONS_DIR . "/$feed_id.ico";
1723
1724 if (file_exists($icon_file) && filesize($icon_file) > 0) {
1725 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"" . ICONS_URL . "/$feed_id.ico\">";
1726 } else {
1727 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
1728 }
1729
1730 print "<td class='feedSelect'><input onclick='toggleSelectPrefRow(this, \"feed\");'
1731 type=\"checkbox\" id=\"FRCHK-".$line["id"]."\"></td>";
1732
1733 if (get_pref($link, 'ENABLE_FEED_ICONS')) {
1734 print "<td class='feedIcon'>$feed_icon</td>";
1735 }
1736
1737 $edit_title = truncate_string($edit_title, 40);
1738 $edit_link = truncate_string($edit_link, 60);
1739
1740 $parent_title = $line["parent_title"];
1741 if ($parent_title) {
1742 $parent_title = "<span class='groupPrompt'>(linked to
1743 $parent_title)</span>";
1744 }
1745
1746 print "<td><a href=\"javascript:editFeed($feed_id);\">" .
1747 "$edit_title $parent_title" . "</a></td>";
1748
1749 print "<td><a href=\"javascript:editFeed($feed_id);\">" .
1750 $edit_link . "</a></td>";
1751
1752 print "<td align='right'><a href=\"javascript:editFeed($feed_id);\">" .
1753 "$last_updated</a></td>";
1754
1755 print "</tr>";
1756
1757 ++$lnum;
1758 }
1759
1760 print "</table>";
1761
1762 print "<p><span id=\"feedOpToolbar\">";
1763
1764 if ($subop == "edit") {
1765 print "Edit feed:&nbsp;
1766 <input type=\"submit\" class=\"button\"
1767 onclick=\"javascript:feedEditCancel()\" value=\"Cancel\">
1768 <input type=\"submit\" class=\"button\"
1769 onclick=\"javascript:feedEditSave()\" value=\"Save\">";
1770 } else {
1771
1772 print "
1773 Selection:&nbsp;
1774 <input type=\"submit\" class=\"button\" disabled=\"true\"
1775 onclick=\"javascript:editSelectedFeed()\" value=\"Edit\">
1776 <input type=\"submit\" class=\"button\" disabled=\"true\"
1777 onclick=\"javascript:removeSelectedFeeds()\" value=\"Unsubscribe\">";
1778
1779 if (get_pref($link, 'ENABLE_FEED_CATS')) {
1780
1781 print "&nbsp;|&nbsp;";
1782
1783 print_feed_cat_select($link, "sfeed_set_fcat", "", "disabled");
1784
1785 print " <input type=\"submit\" class=\"button\" disabled=\"true\"
1786 onclick=\"javascript:categorizeSelectedFeeds()\" value=\"Recategorize\">";
1787
1788 }
1789
1790 print "</span>
1791 &nbsp;All feeds: <input type=\"submit\"
1792 class=\"button\" onclick=\"gotoExportOpml()\"
1793 value=\"Export OPML\">";
1794 }
1795 } else {
1796
1797 print "<p>No feeds defined.</p>";
1798
1799 }
1800
1801 if (get_pref($link, 'ENABLE_FEED_CATS')) {
1802
1803 print "<h3>Edit Categories</h3>";
1804
1805 print "<div class=\"prefGenericAddBox\">
1806 <input id=\"fadd_cat\"
1807 onkeyup=\"toggleSubmitNotEmpty(this, 'catadd_submit_btn')\"
1808 size=\"40\">&nbsp;
1809 <input
1810 type=\"submit\" class=\"button\" disabled=\"true\" id=\"catadd_submit_btn\"
1811 onclick=\"javascript:addFeedCat()\" value=\"Create category\"></div>";
1812
1813 $result = db_query($link, "SELECT title,id FROM ttrss_feed_categories
1814 WHERE owner_uid = ".$_SESSION["uid"]."
1815 ORDER BY title");
1816
1817 if (db_num_rows($result) != 0) {
1818
1819 print "<form id=\"feed_cat_edit_form\">";
1820
1821 print "<p><table width=\"100%\" class=\"prefFeedCatList\"
1822 cellspacing=\"0\" id=\"prefFeedCatList\">";
1823
1824 print "<tr><td class=\"selectPrompt\" colspan=\"8\">
1825 Select:
1826 <a href=\"javascript:selectPrefRows('fcat', true)\">All</a>,
1827 <a href=\"javascript:selectPrefRows('fcat', false)\">None</a>
1828 </td</tr>";
1829
1830 print "<tr class=\"title\">
1831 <td width=\"5%\">&nbsp;</td><td width=\"80%\">Title</td>
1832 </tr>";
1833
1834 $lnum = 0;
1835
1836 while ($line = db_fetch_assoc($result)) {
1837
1838 $class = ($lnum % 2) ? "even" : "odd";
1839
1840 $cat_id = $line["id"];
1841
1842 $edit_cat_id = $_GET["id"];
1843
1844 if ($subop == "editCat" && $cat_id != $edit_cat_id) {
1845 $class .= "Grayed";
1846 $this_row_id = "";
1847 } else {
1848 $this_row_id = "id=\"FCATR-$cat_id\"";
1849 }
1850
1851 print "<tr class=\"$class\" $this_row_id>";
1852
1853 $edit_title = htmlspecialchars(db_unescape_string($line["title"]));
1854
1855 if (!$edit_cat_id || $subop != "editCat") {
1856
1857 print "<td align='center'><input onclick='toggleSelectPrefRow(this, \"fcat\");'
1858 type=\"checkbox\" id=\"FCCHK-".$line["id"]."\"></td>";
1859
1860 print "<td><a href=\"javascript:editFeedCat($cat_id);\">" .
1861 $edit_title . "</a></td>";
1862
1863 } else if ($cat_id != $edit_cat_id) {
1864
1865 print "<td align='center'><input disabled=\"true\" type=\"checkbox\"
1866 id=\"FRCHK-".$line["id"]."\"></td>";
1867
1868 print "<td>$edit_title</td>";
1869
1870 } else {
1871
1872 print "<td align='center'><input disabled=\"true\" type=\"checkbox\" checked>";
1873
1874 print "<input type=\"hidden\" name=\"id\" value=\"$cat_id\">";
1875 print "<input type=\"hidden\" name=\"op\" value=\"pref-feeds\">";
1876 print "<input type=\"hidden\" name=\"subop\" value=\"saveCat\">";
1877
1878 print "</td>";
1879
1880 print "<td><input onkeypress=\"return filterCR(event)\"
1881 name=\"title\" class=\"iedit\" value=\"$edit_title\"></td>";
1882
1883 }
1884
1885 print "</tr>";
1886
1887 ++$lnum;
1888 }
1889
1890 print "</table>";
1891
1892 print "</form>";
1893
1894 print "<p id=\"catOpToolbar\">";
1895
1896 if ($subop == "editCat") {
1897 print "Edit category:&nbsp;
1898 <input type=\"submit\" class=\"button\"
1899 onclick=\"return feedCatEditSave()\" value=\"Save\">
1900 <input type=\"submit\" class=\"button\"
1901 onclick=\"return feedCatEditCancel()\" value=\"Cancel\">";
1902 } else {
1903
1904 print "
1905 Selection:&nbsp;
1906 <input type=\"submit\" class=\"button\" disabled=\"true\"
1907 onclick=\"return editSelectedFeedCat()\" value=\"Edit\">
1908 <input type=\"submit\" class=\"button\" disabled=\"true\"
1909 onclick=\"return removeSelectedFeedCats()\" value=\"Remove\">";
1910
1911 }
1912
1913 } else {
1914 print "<p>No feed categories defined.</p>";
1915 }
1916 }
1917
1918 print "<h3>Import OPML</h3>
1919 <form enctype=\"multipart/form-data\" method=\"POST\" action=\"opml.php\">
1920 File: <input id=\"opml_file\" name=\"opml_file\" type=\"file\">&nbsp;
1921 <input class=\"button\" name=\"op\" onclick=\"return validateOpmlImport();\"
1922 type=\"submit\" value=\"Import\">
1923 </form>";
1924
1925 }
1926
1927 if ($op == "pref-filters") {
1928
1929 $subop = $_GET["subop"];
1930 $quiet = $_GET["quiet"];
1931
1932 if ($subop == "edit") {
1933
1934 $filter_id = db_escape_string($_GET["id"]);
1935
1936 $result = db_query($link,
1937 "SELECT * FROM ttrss_filters WHERE id = '$filter_id' AND owner_uid = " . $_SESSION["uid"]);
1938
1939 $reg_exp = htmlspecialchars(db_unescape_string(db_fetch_result($result, 0, "reg_exp")));
1940 $filter_type = db_fetch_result($result, 0, "filter_type");
1941 $feed_id = db_fetch_result($result, 0, "feed_id");
1942 $action_id = db_fetch_result($result, 0, "action_id");
1943
1944 print "<div id=\"infoBoxTitle\">Filter editor</div>";
1945 print "<div class=\"infoBoxContents\">";
1946
1947 print "<form id=\"filter_edit_form\">";
1948
1949 print "<input type=\"hidden\" name=\"op\" value=\"pref-filters\">";
1950 print "<input type=\"hidden\" name=\"id\" value=\"$filter_id\">";
1951 print "<input type=\"hidden\" name=\"subop\" value=\"editSave\">";
1952
1953 // print "<div class=\"notice\"><b>Note:</b> filter will only apply to new articles.</div>";
1954
1955 $result = db_query($link, "SELECT id,description
1956 FROM ttrss_filter_types ORDER BY description");
1957
1958 $filter_types = array();
1959
1960 while ($line = db_fetch_assoc($result)) {
1961 //array_push($filter_types, $line["description"]);
1962 $filter_types[$line["id"]] = $line["description"];
1963 }
1964
1965 print "<table width='100%'>";
1966
1967 print "<tr><td>Match:</td>
1968 <td><input onkeypress=\"return filterCR(event)\"
1969 onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
1970 name=\"reg_exp\" class=\"iedit\" value=\"$reg_exp\">";
1971
1972 print "</td><td>";
1973
1974 print_select_hash("filter_type", $filter_type, $filter_types, "class=\"iedit\"");
1975
1976 print "</td></tr>";
1977 print "<tr><td>Feed:</td><td colspan='2'>";
1978
1979 print_feed_select($link, "feed_id", $feed_id);
1980
1981 print "</td></tr>";
1982
1983 print "<tr><td>Action:</td>";
1984
1985 print "<td colspan='2'><select name=\"action_id\">";
1986
1987 $result = db_query($link, "SELECT id,description FROM ttrss_filter_actions
1988 ORDER BY name");
1989
1990 while ($line = db_fetch_assoc($result)) {
1991 $is_sel = ($line["id"] == $action_id) ? "selected" : "";
1992 printf("<option value='%d' $is_sel>%s</option>", $line["id"], $line["description"]);
1993 }
1994
1995 print "</select>";
1996
1997 print "</td></tr></table>";
1998
1999 print "</form>";
2000
2001 print "<div align='right'>";
2002
2003 print "<input type=\"submit\"
2004 id=\"infobox_submit\"
2005 class=\"button\" onclick=\"return filterEditSave()\"
2006 value=\"Save\"> ";
2007
2008 print "<input class=\"button\"
2009 type=\"submit\" onclick=\"return filterEditCancel()\"
2010 value=\"Cancel\">";
2011
2012 print "</div>";
2013
2014 return;
2015 }
2016
2017
2018 if ($subop == "editSave") {
2019
2020 $reg_exp = db_escape_string(trim($_GET["reg_exp"]));
2021 $filter_type = db_escape_string(trim($_GET["filter_type"]));
2022 $filter_id = db_escape_string($_GET["id"]);
2023 $feed_id = db_escape_string($_GET["feed_id"]);
2024 $action_id = db_escape_string($_GET["action_id"]);
2025
2026 if (!$feed_id) {
2027 $feed_id = 'NULL';
2028 } else {
2029 $feed_id = sprintf("'%s'", db_escape_string($feed_id));
2030 }
2031
2032 $result = db_query($link, "UPDATE ttrss_filters SET
2033 reg_exp = '$reg_exp',
2034 feed_id = $feed_id,
2035 action_id = '$action_id',
2036 filter_type = '$filter_type'
2037 WHERE id = '$filter_id' AND owner_uid = " . $_SESSION["uid"]);
2038 }
2039
2040 if ($subop == "remove") {
2041
2042 if (!WEB_DEMO_MODE) {
2043
2044 $ids = split(",", db_escape_string($_GET["ids"]));
2045
2046 foreach ($ids as $id) {
2047 db_query($link, "DELETE FROM ttrss_filters WHERE id = '$id' AND owner_uid = ". $_SESSION["uid"]);
2048
2049 }
2050 }
2051 }
2052
2053 if ($subop == "add") {
2054
2055 if (!WEB_DEMO_MODE) {
2056
2057 $regexp = db_escape_string(trim($_GET["reg_exp"]));
2058 $filter_type = db_escape_string(trim($_GET["filter_type"]));
2059 $feed_id = db_escape_string($_GET["feed_id"]);
2060 $action_id = db_escape_string($_GET["action_id"]);
2061
2062 if (!$feed_id) {
2063 $feed_id = 'NULL';
2064 } else {
2065 $feed_id = sprintf("'%s'", db_escape_string($feed_id));
2066 }
2067
2068 $result = db_query($link,
2069 "INSERT INTO ttrss_filters (reg_exp,filter_type,owner_uid,feed_id,
2070 action_id)
2071 VALUES
2072 ('$regexp', '$filter_type','".$_SESSION["uid"]."',
2073 $feed_id, '$action_id')");
2074 }
2075 }
2076
2077 if ($quiet) return;
2078
2079 // print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
2080
2081 $result = db_query($link, "SELECT id,description
2082 FROM ttrss_filter_types ORDER BY description");
2083
2084 $filter_types = array();
2085
2086 while ($line = db_fetch_assoc($result)) {
2087 //array_push($filter_types, $line["description"]);
2088 $filter_types[$line["id"]] = $line["description"];
2089 }
2090
2091 print "<input type=\"submit\"
2092 class=\"button\"
2093 onclick=\"return displayDlg('quickAddFilter', false)\"
2094 id=\"create_filter_btn\"
2095 value=\"Create filter\">";
2096
2097 $result = db_query($link, "SELECT
2098 ttrss_filters.id AS id,reg_exp,
2099 ttrss_filter_types.name AS filter_type_name,
2100 ttrss_filter_types.description AS filter_type_descr,
2101 feed_id,
2102 ttrss_filter_actions.description AS action_description,
2103 ttrss_feeds.title AS feed_title
2104 FROM
2105 ttrss_filter_types,ttrss_filter_actions,ttrss_filters LEFT JOIN
2106 ttrss_feeds ON (ttrss_filters.feed_id = ttrss_feeds.id)
2107 WHERE
2108 filter_type = ttrss_filter_types.id AND
2109 ttrss_filter_actions.id = action_id AND
2110 ttrss_filters.owner_uid = ".$_SESSION["uid"]."
2111 ORDER by reg_exp");
2112
2113 if (db_num_rows($result) != 0) {
2114
2115 print "<form id=\"filter_edit_form\">";
2116
2117 print "<p><table width=\"100%\" cellspacing=\"0\" class=\"prefFilterList\"
2118 id=\"prefFilterList\">";
2119
2120 print "<tr><td class=\"selectPrompt\" colspan=\"8\">
2121 Select:
2122 <a href=\"javascript:selectPrefRows('filter', true)\">All</a>,
2123 <a href=\"javascript:selectPrefRows('filter', false)\">None</a>
2124 </td</tr>";
2125
2126 print "<tr class=\"title\">
2127 <td align='center' width=\"5%\">&nbsp;</td>
2128 <td width=\"20%\">Filter expression</td>
2129 <td width=\"20%\">Feed</td>
2130 <td width=\"15%\">Match</td>
2131 <td width=\"15%\">Action</td>";
2132
2133 $lnum = 0;
2134
2135 while ($line = db_fetch_assoc($result)) {
2136
2137 $class = ($lnum % 2) ? "even" : "odd";
2138
2139 $filter_id = $line["id"];
2140 $edit_filter_id = $_GET["id"];
2141
2142 if ($subop == "edit" && $filter_id != $edit_filter_id) {
2143 $class .= "Grayed";
2144 $this_row_id = "";
2145 } else {
2146 $this_row_id = "id=\"FILRR-$filter_id\"";
2147 }
2148
2149 print "<tr class=\"$class\" $this_row_id>";
2150
2151 $line["reg_exp"] = htmlspecialchars(db_unescape_string($line["reg_exp"]));
2152
2153 if (!$line["feed_title"]) $line["feed_title"] = "All feeds";
2154
2155 $line["feed_title"] = htmlspecialchars(db_unescape_string($line["feed_title"]));
2156
2157 print "<td align='center'><input onclick='toggleSelectPrefRow(this, \"filter\");'
2158 type=\"checkbox\" id=\"FICHK-".$line["id"]."\"></td>";
2159
2160 print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2161 $line["reg_exp"] . "</td>";
2162
2163 print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2164 $line["feed_title"] . "</td>";
2165
2166 print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2167 $line["filter_type_descr"] . "</td>";
2168
2169 print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2170 $line["action_description"] . "</td>";
2171
2172 print "</tr>";
2173
2174 ++$lnum;
2175 }
2176
2177 if ($lnum == 0) {
2178 print "<tr><td colspan=\"4\" align=\"center\">No filters defined.</td></tr>";
2179 }
2180
2181 print "</table>";
2182
2183 print "</form>";
2184
2185 print "<p id=\"filterOpToolbar\">";
2186
2187 print "
2188 Selection:
2189 <input type=\"submit\" class=\"button\" disabled=\"true\"
2190 onclick=\"return editSelectedFilter()\" value=\"Edit\">
2191 <input type=\"submit\" class=\"button\" disabled=\"true\"
2192 onclick=\"return removeSelectedFilters()\" value=\"Remove\">";
2193
2194 print "</p>";
2195
2196 } else {
2197
2198 print "<p>No filters defined.</p>";
2199
2200 }
2201 }
2202
2203 // We need to accept raw SQL data in label queries, so not everything is escaped
2204 // here, this is by design. If you don't like the whole idea, disable labels
2205 // altogether with GLOBAL_ENABLE_LABELS = false
2206
2207 if ($op == "pref-labels") {
2208
2209 if (!GLOBAL_ENABLE_LABELS) {
2210 return;
2211 }
2212
2213 $subop = $_GET["subop"];
2214
2215 if ($subop == "test") {
2216
2217 $expr = trim($_GET["expr"]);
2218 $descr = trim($_GET["descr"]);
2219
2220 print "<div id=\"infoBoxTitle\">Test label: $descr</div>";
2221
2222 print "<div class='infoBoxContents'>";
2223
2224 # print "<h1>Label &laquo;$descr&raquo;</h1>";
2225
2226 // print "<p><b>Expression</b>: $expr</p>";
2227
2228 $result = db_query($link,
2229 "SELECT count(id) AS num_matches
2230 FROM ttrss_entries,ttrss_user_entries
2231 WHERE ($expr) AND
2232 ttrss_user_entries.ref_id = ttrss_entries.id AND
2233 owner_uid = " . $_SESSION["uid"]);
2234
2235 $num_matches = db_fetch_result($result, 0, "num_matches");;
2236
2237 if ($num_matches > 0) {
2238
2239 print "<p>Query returned <b>$num_matches</b> matches, showing first 15:</p>";
2240
2241 $result = db_query($link,
2242 "SELECT title,
2243 (SELECT title FROM ttrss_feeds WHERE id = feed_id) AS feed_title
2244 FROM ttrss_entries,ttrss_user_entries
2245 WHERE ($expr) AND
2246 ttrss_user_entries.ref_id = ttrss_entries.id
2247 AND owner_uid = " . $_SESSION["uid"] . "
2248 ORDER BY date_entered DESC LIMIT 15");
2249
2250 print "<ul class=\"filterTestResults\">";
2251
2252 $row_class = "even";
2253
2254 while ($line = db_fetch_assoc($result)) {
2255 $row_class = toggleEvenOdd($row_class);
2256
2257 print "<li class=\"$row_class\">".$line["title"].
2258 " <span class=\"insensitive\">(".$line["feed_title"].")</span></li>";
2259 }
2260 print "</ul>";
2261
2262 } else {
2263 print "<p>Query didn't return any matches.</p>";
2264 }
2265
2266 print "</div>";
2267
2268 print "<div align='center'>
2269 <input type='submit' class='button'
2270 onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
2271 return;
2272 }
2273
2274 if ($subop == "editSave") {
2275
2276 $sql_exp = trim($_GET["sql_exp"]);
2277 $descr = db_escape_string(trim($_GET["description"]));
2278 $label_id = db_escape_string($_GET["id"]);
2279
2280 $result = db_query($link, "UPDATE ttrss_labels SET
2281 sql_exp = '$sql_exp',
2282 description = '$descr'
2283 WHERE id = '$label_id'");
2284 }
2285
2286 if ($subop == "remove") {
2287
2288 if (!WEB_DEMO_MODE) {
2289
2290 $ids = split(",", db_escape_string($_GET["ids"]));
2291
2292 foreach ($ids as $id) {
2293 db_query($link, "DELETE FROM ttrss_labels WHERE id = '$id'");
2294
2295 }
2296 }
2297 }
2298
2299 if ($subop == "add") {
2300
2301 if (!WEB_DEMO_MODE) {
2302
2303 // no escaping is done here on purpose
2304 $exp = trim($_GET["exp"]);
2305
2306 $result = db_query($link,
2307 "INSERT INTO ttrss_labels (sql_exp,description,owner_uid)
2308 VALUES ('$exp', '$exp', '".$_SESSION["uid"]."')");
2309 }
2310 }
2311
2312 print "<div class=\"prefGenericAddBox\">
2313 <input size=\"40\"
2314 onkeyup=\"toggleSubmitNotEmpty(this, 'label_create_btn')\"
2315 id=\"ladd_expr\">&nbsp;";
2316
2317 print"<input type=\"submit\" class=\"button\"
2318 disabled=\"true\" id=\"label_create_btn\"
2319 onclick=\"javascript:addLabel()\" value=\"Create label\"></div>";
2320
2321 $result = db_query($link, "SELECT
2322 id,sql_exp,description
2323 FROM
2324 ttrss_labels
2325 WHERE
2326 owner_uid = ".$_SESSION["uid"]."
2327 ORDER by description");
2328
2329 // print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
2330
2331 if (db_num_rows($result) != 0) {
2332
2333 print "<form id=\"label_edit_form\">";
2334
2335 print "<p><table width=\"100%\" cellspacing=\"0\"
2336 class=\"prefLabelList\" id=\"prefLabelList\">";
2337
2338 print "<tr><td class=\"selectPrompt\" colspan=\"8\">
2339 Select:
2340 <a href=\"javascript:selectPrefRows('label', true)\">All</a>,
2341 <a href=\"javascript:selectPrefRows('label', false)\">None</a>
2342 </td</tr>";
2343
2344 print "<tr class=\"title\">
2345 <td width=\"5%\">&nbsp;</td>
2346 <td width=\"40%\">SQL expression
2347 <a class=\"helpLink\" href=\"javascript:displayHelpInfobox(1)\">(?)</a>
2348 </td>
2349 <td width=\"40%\">Caption</td></tr>";
2350
2351 $lnum = 0;
2352
2353 while ($line = db_fetch_assoc($result)) {
2354
2355 $class = ($lnum % 2) ? "even" : "odd";
2356
2357 $label_id = $line["id"];
2358 $edit_label_id = $_GET["id"];
2359
2360 if ($subop == "edit" && $label_id != $edit_label_id) {
2361 $class .= "Grayed";
2362 $this_row_id = "";
2363 } else {
2364 $this_row_id = "id=\"LILRR-$label_id\"";
2365 }
2366
2367 print "<tr class=\"$class\" $this_row_id>";
2368
2369 $line["sql_exp"] = htmlspecialchars($line["sql_exp"]);
2370 $line["description"] = htmlspecialchars($line["description"]);
2371
2372 if (!$edit_label_id || $subop != "edit") {
2373
2374 if (!$line["description"]) $line["description"] = "[No caption]";
2375
2376 print "<td align='center'><input onclick='toggleSelectPrefRow(this, \"label\");'
2377 type=\"checkbox\" id=\"LICHK-".$line["id"]."\"></td>";
2378
2379 print "<td><a href=\"javascript:editLabel($label_id);\">" .
2380 $line["sql_exp"] . "</td>";
2381
2382 print "<td><a href=\"javascript:editLabel($label_id);\">" .
2383 $line["description"] . "</td>";
2384
2385 } else if ($label_id != $edit_label_id) {
2386
2387 if (!$line["description"]) $line["description"] = "[No description]";
2388
2389 print "<td align='center'><input disabled=\"true\" type=\"checkbox\"
2390 id=\"LICHK-".$line["id"]."\"></td>";
2391
2392 print "<td>".$line["sql_exp"]."</td>";
2393 print "<td>".$line["description"]."</td>";
2394
2395 } else {
2396
2397 print "<td align='center'><input disabled=\"true\" type=\"checkbox\" checked>";
2398
2399 print "<input type=\"hidden\" name=\"id\" value=\"$label_id\">";
2400 print "<input type=\"hidden\" name=\"op\" value=\"pref-labels\">";
2401 print "<input type=\"hidden\" name=\"subop\" value=\"editSave\">";
2402
2403 print "</td>";
2404
2405 print "<td><input onkeypress=\"return filterCR(event)\"
2406 class=\"iedit\" name=\"sql_exp\" value=\"".$line["sql_exp"]."\"></td>";
2407
2408 print "<td><input onkeypress=\"return filterCR(event)\"
2409 class=\"iedit\" name=\"description\" value=\"".$line["description"]."\"></td>";
2410 }
2411
2412
2413 print "</tr>";
2414
2415 ++$lnum;
2416 }
2417
2418 if ($lnum == 0) {
2419 print "<tr><td colspan=\"4\" align=\"center\">No labels defined.</td></tr>";
2420 }
2421
2422 print "</table>";
2423
2424 print "</form>";
2425
2426 print "<p id=\"labelOpToolbar\">";
2427
2428 if ($subop == "edit") {
2429 print "Edit label:
2430 <input type=\"submit\" class=\"button\"
2431 onclick=\"javascript:labelTest()\" value=\"Test\">
2432 <input type=\"submit\" class=\"button\"
2433 onclick=\"javascript:labelEditSave()\" value=\"Save\">
2434 <input type=\"submit\" class=\"button\"
2435 onclick=\"javascript:labelEditCancel()\" value=\"Cancel\">";
2436
2437 } else {
2438 print "
2439 Selection:
2440 <input type=\"submit\" class=\"button\" disabled=\"true\"
2441 onclick=\"javascript:editSelectedLabel()\" value=\"Edit\">
2442 <input type=\"submit\" class=\"button\" disabled=\"true\"
2443 onclick=\"javascript:removeSelectedLabels()\" value=\"Remove\">";
2444 }
2445 } else {
2446 print "<p>No labels defined.</p>";
2447 }
2448 }
2449
2450 if ($op == "error") {
2451 print "<div width=\"100%\" align='center'>";
2452 $msg = $_GET["msg"];
2453 print $msg;
2454 print "</div>";
2455 }
2456
2457 if ($op == "help") {
2458 if (!$_GET["noheaders"]) {
2459 print "<html><head>
2460 <title>Tiny Tiny RSS : Help</title>
2461 <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">
2462 <script type=\"text/javascript\" src=\"prototype.js\"></script>
2463 <script type=\"text/javascript\" src=\"functions.js?$script_dt_add\"></script>
2464 <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
2465 </head><body>";
2466 }
2467
2468 $tid = sprintf("%d", $_GET["tid"]);
2469
2470 print "<div id=\"infoBoxTitle\">Help</div>";
2471
2472 print "<div class='infoBoxContents'>";
2473
2474 if (file_exists("help/$tid.php")) {
2475 include("help/$tid.php");
2476 } else {
2477 print "<p>Help topic not found.</p>";
2478 }
2479
2480 print "</div>";
2481
2482 print "<div align='center'>
2483 <input type='submit' class='button'
2484 onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
2485
2486 if (!$_GET["noheaders"]) {
2487 print "</body></html>";
2488 }
2489
2490 }
2491
2492 if ($op == "dlg") {
2493 $id = $_GET["id"];
2494 $param = $_GET["param"];
2495
2496 if ($id == "quickAddFeed") {
2497
2498 print "<div id=\"infoBoxTitle\">Subscribe to feed</div>";
2499 print "<div class=\"infoBoxContents\">";
2500
2501 print "<form id='feed_add_form'>";
2502
2503 print "<input type=\"hidden\" name=\"op\" value=\"pref-feeds\">";
2504 print "<input type=\"hidden\" name=\"quiet\" value=\"1\">";
2505 print "<input type=\"hidden\" name=\"subop\" value=\"add\">";
2506
2507 print "<table width='100%'>
2508 <tr><td>Feed URL:</td><td>
2509 <input class=\"iedit\" onblur=\"javascript:enableHotkeys()\"
2510 onkeypress=\"return filterCR(event)\"
2511 onkeyup=\"toggleSubmitNotEmpty(this, 'fadd_submit_btn')\"
2512 onfocus=\"javascript:disableHotkeys()\" name=\"feed_url\"></td></tr>";
2513
2514 if (get_pref($link, 'ENABLE_FEED_CATS')) {
2515 print "<tr><td>Category:</td><td>";
2516 print_feed_cat_select($link, "cat_id");
2517 print "</td></tr>";
2518 }
2519
2520 print "</table>";
2521 print "</form>";
2522
2523 print "<div align='right'>
2524 <input class=\"button\"
2525 id=\"fadd_submit_btn\" disabled=\"true\"
2526 type=\"submit\" onclick=\"javascript:qafAdd()\" value=\"Subscribe\">
2527 <input class=\"button\"
2528 type=\"submit\" onclick=\"javascript:closeInfoBox()\"
2529 value=\"Cancel\"></div>";
2530
2531 }
2532
2533 if ($id == "search") {
2534
2535 print "<div id=\"infoBoxTitle\">Search</div>";
2536 print "<div class=\"infoBoxContents\">";
2537
2538 print "<form id='search_form'>";
2539
2540 $active_feed_id = db_escape_string($_GET["param"]);
2541
2542 print "<table width='100%'><tr><td>Search:</td><td>";
2543
2544 print "<input name=\"query\" class=\"iedit\"
2545 onkeypress=\"return filterCR(event)\"
2546 onkeyup=\"toggleSubmitNotEmpty(this, 'search_submit_btn')\"
2547 value=\"\">
2548 </td></tr>";
2549
2550 print "<tr><td>Where:</td><td>";
2551
2552 print "<select name=\"search_mode\">
2553 <option value=\"all_feeds\">All feeds</option>";
2554
2555 $feed_title = getFeedTitle($link, $active_feed_id);
2556 $feed_cat_title = getFeedCatTitle($link, $active_feed_id);
2557
2558 if ($active_feed_id) {
2559 print "<option selected value=\"this_feed\">This feed ($feed_title)</option>";
2560 } else {
2561 print "<option disabled>This feed</option>";
2562 }
2563
2564 if (get_pref($link, 'ENABLE_FEED_CATS') && $active_feed_id && $active_feed_id > 0) {
2565 print "<option value=\"this_cat\">This category ($feed_cat_title)</option>";
2566 } else {
2567 print "<option disabled>This category</option>";
2568 }
2569
2570 print "</select></td></tr>";
2571
2572 print "<tr><td>Match on:</td><td>";
2573
2574 $search_fields = array(
2575 "title" => "Title",
2576 "content" => "Content",
2577 "both" => "Title or content");
2578
2579 print_select_hash("match_on", 3, $search_fields);
2580
2581 print "</td></tr></table>";
2582
2583 print "</form>";
2584
2585 print "<div align=\"right\">
2586 <input type=\"submit\"
2587 class=\"button\" onclick=\"javascript:search()\"
2588 id=\"search_submit_btn\" disabled=\"true\"
2589 value=\"Search\">
2590 <input class=\"button\"
2591 type=\"submit\" onclick=\"javascript:searchCancel()\"
2592 value=\"Cancel\"></div>";
2593
2594 print "</div>";
2595
2596 }
2597
2598 if ($id == "quickAddFilter") {
2599
2600 $active_feed_id = db_escape_string($_GET["param"]);
2601
2602 print "<div id=\"infoBoxTitle\">Create filter</div>";
2603 print "<div class=\"infoBoxContents\">";
2604
2605 print "<form id=\"filter_add_form\">";
2606
2607 print "<input type=\"hidden\" name=\"op\" value=\"pref-filters\">";
2608 print "<input type=\"hidden\" name=\"quiet\" value=\"1\">";
2609 print "<input type=\"hidden\" name=\"subop\" value=\"add\">";
2610
2611 // print "<div class=\"notice\"><b>Note:</b> filter will only apply to new articles.</div>";
2612
2613 $result = db_query($link, "SELECT id,description
2614 FROM ttrss_filter_types ORDER BY description");
2615
2616 $filter_types = array();
2617
2618 while ($line = db_fetch_assoc($result)) {
2619 //array_push($filter_types, $line["description"]);
2620 $filter_types[$line["id"]] = $line["description"];
2621 }
2622
2623 print "<table width='100%'>";
2624
2625 print "<tr><td>Match:</td>
2626 <td><input onkeypress=\"return filterCR(event)\"
2627 onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
2628 name=\"reg_exp\" class=\"iedit\">";
2629 print "</td><td>";
2630
2631 print_select_hash("filter_type", 1, $filter_types, "class=\"iedit\"");
2632
2633 print "</td></tr>";
2634 print "<tr><td>Feed:</td><td colspan='2'>";
2635
2636 print_feed_select($link, "feed_id", $active_feed_id);
2637
2638 print "</td></tr>";
2639
2640 print "<tr><td>Action:</td>";
2641
2642 print "<td colspan='2'><select name=\"action_id\">";
2643
2644 $result = db_query($link, "SELECT id,description FROM ttrss_filter_actions
2645 ORDER BY name");
2646
2647 while ($line = db_fetch_assoc($result)) {
2648 printf("<option value='%d'>%s</option>", $line["id"], $line["description"]);
2649 }
2650
2651 print "</select>";
2652
2653 print "</td></tr></table>";
2654
2655 print "</form>";
2656
2657 print "<div align='right'>";
2658
2659 print "<input type=\"submit\"
2660 id=\"infobox_submit\"
2661 class=\"button\" onclick=\"return qaddFilter()\"
2662 disabled=\"true\" value=\"Create\"> ";
2663
2664 print "<input class=\"button\"
2665 type=\"submit\" onclick=\"return closeInfoBox()\"
2666 value=\"Cancel\">";
2667
2668 print "</div>";
2669
2670 // print "</td></tr></table>";
2671
2672 }
2673
2674 print "</div>";
2675
2676 }
2677
2678 // update feeds of all users, may be used anonymously
2679 if ($op == "globalUpdateFeeds") {
2680
2681 $result = db_query($link, "SELECT id FROM ttrss_users");
2682
2683 while ($line = db_fetch_assoc($result)) {
2684 $user_id = $line["id"];
2685 // print "<!-- updating feeds of uid $user_id -->";
2686 update_all_feeds($link, false, $user_id);
2687 }
2688
2689 print "<rpc-reply>
2690 <message msg=\"All feeds updated\"/>
2691 </rpc-reply>";
2692
2693 }
2694
2695 if ($op == "pref-prefs") {
2696
2697 $subop = $_REQUEST["subop"];
2698
2699 if ($subop == "Save configuration") {
2700
2701 if (WEB_DEMO_MODE) {
2702 header("Location: prefs.php");
2703 return;
2704 }
2705
2706 $_SESSION["prefs_op_result"] = "save-config";
2707
2708 $_SESSION["prefs_cache"] = false;
2709
2710 foreach (array_keys($_POST) as $pref_name) {
2711
2712 $pref_name = db_escape_string($pref_name);
2713 $value = db_escape_string($_POST[$pref_name]);
2714
2715 $result = db_query($link, "SELECT type_name
2716 FROM ttrss_prefs,ttrss_prefs_types
2717 WHERE pref_name = '$pref_name' AND type_id = ttrss_prefs_types.id");
2718
2719 if (db_num_rows($result) > 0) {
2720
2721 $type_name = db_fetch_result($result, 0, "type_name");
2722
2723 // print "$pref_name : $type_name : $value<br>";
2724
2725 if ($type_name == "bool") {
2726 if ($value == "1") {
2727 $value = "true";
2728 } else {
2729 $value = "false";
2730 }
2731 } else if ($type_name == "integer") {
2732 $value = sprintf("%d", $value);
2733 }
2734
2735 // print "$pref_name : $type_name : $value<br>";
2736
2737 db_query($link, "UPDATE ttrss_user_prefs SET value = '$value'
2738 WHERE pref_name = '$pref_name' AND owner_uid = ".$_SESSION["uid"]);
2739
2740 }
2741
2742 header("Location: prefs.php");
2743
2744 }
2745
2746 } else if ($subop == "getHelp") {
2747
2748 $pref_name = db_escape_string($_GET["pn"]);
2749
2750 $result = db_query($link, "SELECT help_text FROM ttrss_prefs
2751 WHERE pref_name = '$pref_name'");
2752
2753 if (db_num_rows($result) > 0) {
2754 $help_text = db_fetch_result($result, 0, "help_text");
2755 print $help_text;
2756 } else {
2757 print "Unknown option: $pref_name";
2758 }
2759
2760 } else if ($subop == "Change e-mail") {
2761
2762 if (WEB_DEMO_MODE) {
2763 header("Location: prefs.php");
2764 return;
2765 }
2766
2767 $email = db_escape_string($_GET["email"]);
2768 $active_uid = $_SESSION["uid"];
2769
2770 if ($email) {
2771 db_query($link, "UPDATE ttrss_users SET email = '$email'
2772 WHERE id = '$active_uid'");
2773 }
2774
2775 header("Location: prefs.php");
2776
2777 } else if ($subop == "Change password") {
2778
2779 if (WEB_DEMO_MODE) {
2780 header("Location: prefs.php");
2781 return;
2782 }
2783
2784 $old_pw = $_POST["OLD_PASSWORD"];
2785 $new_pw = $_POST["OLD_PASSWORD"];
2786
2787 $old_pw_hash = 'SHA1:' . sha1($_POST["OLD_PASSWORD"]);
2788 $new_pw_hash = 'SHA1:' . sha1($_POST["NEW_PASSWORD"]);
2789
2790 $active_uid = $_SESSION["uid"];
2791
2792 if ($old_pw && $new_pw) {
2793
2794 $login = db_escape_string($_SERVER['PHP_AUTH_USER']);
2795
2796 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
2797 id = '$active_uid' AND (pwd_hash = '$old_pw' OR
2798 pwd_hash = '$old_pw_hash')");
2799
2800 if (db_num_rows($result) == 1) {
2801 db_query($link, "UPDATE ttrss_users SET pwd_hash = '$new_pw_hash'
2802 WHERE id = '$active_uid'");
2803
2804 $_SESSION["pwd_change_result"] = "ok";
2805 } else {
2806 $_SESSION["pwd_change_result"] = "failed";
2807 }
2808 }
2809
2810 header("Location: prefs.php");
2811
2812 } else if ($subop == "Reset to defaults") {
2813
2814 if (WEB_DEMO_MODE) {
2815 header("Location: prefs.php");
2816 return;
2817 }
2818
2819 $_SESSION["prefs_op_result"] = "reset-to-defaults";
2820
2821 if (DB_TYPE == "pgsql") {
2822 db_query($link,"UPDATE ttrss_user_prefs
2823 SET value = ttrss_prefs.def_value
2824 WHERE owner_uid = '".$_SESSION["uid"]."' AND
2825 ttrss_prefs.pref_name = ttrss_user_prefs.pref_name");
2826 } else {
2827 db_query($link, "DELETE FROM ttrss_user_prefs
2828 WHERE owner_uid = ".$_SESSION["uid"]);
2829 initialize_user_prefs($link, $_SESSION["uid"]);
2830 }
2831
2832 header("Location: prefs.php");
2833
2834 } else if ($subop == "Change theme") {
2835
2836 $theme = db_escape_string($_POST["theme"]);
2837
2838 if ($theme == "Default") {
2839 $theme_qpart = 'NULL';
2840 } else {
2841 $theme_qpart = "'$theme'";
2842 }
2843
2844 $result = db_query($link, "SELECT id,theme_path FROM ttrss_themes
2845 WHERE theme_name = '$theme'");
2846
2847 if (db_num_rows($result) == 1) {
2848 $theme_id = db_fetch_result($result, 0, "id");
2849 $theme_path = db_fetch_result($result, 0, "theme_path");
2850 } else {
2851 $theme_id = "NULL";
2852 $theme_path = "";
2853 }
2854
2855 db_query($link, "UPDATE ttrss_users SET
2856 theme_id = $theme_id WHERE id = " . $_SESSION["uid"]);
2857
2858 $_SESSION["theme"] = $theme_path;
2859
2860 header("Location: prefs.php");
2861
2862 } else {
2863
2864 if (!SINGLE_USER_MODE) {
2865
2866 $result = db_query($link, "SELECT id,email FROM ttrss_users
2867 WHERE id = ".$_SESSION["uid"]." AND (pwd_hash = 'password' OR
2868 pwd_hash = 'SHA1:".sha1("password")."')");
2869
2870 if (db_num_rows($result) != 0) {
2871 print "<div class=\"warning\">
2872 Your password is at default value, please change it.
2873 </div>";
2874 }
2875
2876 if ($_SESSION["pwd_change_result"] == "failed") {
2877 print "<div class=\"warning\">
2878 There was an error while changing your password.
2879 </div>";
2880 }
2881
2882 if ($_SESSION["pwd_change_result"] == "ok") {
2883 print "<div class=\"notice\">
2884 Password changed successfully.
2885 </div>";
2886 }
2887
2888 $_SESSION["pwd_change_result"] = "";
2889
2890 if ($_SESSION["prefs_op_result"] == "reset-to-defaults") {
2891 print "<div class=\"notice\">
2892 Your configuration was reset to defaults.
2893 </div>";
2894 }
2895
2896 if ($_SESSION["prefs_op_result"] == "save-config") {
2897 print "<div class=\"notice\">
2898 Your configuration was saved successfully.
2899 </div>";
2900 }
2901
2902 $_SESSION["prefs_op_result"] = "";
2903
2904 print "<form action=\"backend.php\" method=\"GET\">";
2905
2906 print "<table width=\"100%\" class=\"prefPrefsList\">";
2907 print "<tr><td colspan='3'><h3>Personal data</h3></tr></td>";
2908
2909 $result = db_query($link, "SELECT email FROM ttrss_users
2910 WHERE id = ".$_SESSION["uid"]);
2911
2912 $email = db_fetch_result($result, 0, "email");
2913
2914 print "<tr><td width=\"40%\">E-mail</td>";
2915 print "<td><input class=\"editbox\" name=\"email\"
2916 value=\"$email\"></td></tr>";
2917
2918 print "</table>";
2919
2920 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
2921
2922 print "<p><input class=\"button\" type=\"submit\"
2923 value=\"Change e-mail\" name=\"subop\">";
2924
2925 print "</form>";
2926
2927 print "<form action=\"backend.php\" method=\"POST\" name=\"changePassForm\">";
2928
2929 print "<table width=\"100%\" class=\"prefPrefsList\">";
2930 print "<tr><td colspan='3'><h3>Authentication</h3></tr></td>";
2931
2932 print "<tr><td width=\"40%\">Old password</td>";
2933 print "<td><input class=\"editbox\" type=\"password\"
2934 name=\"OLD_PASSWORD\"></td></tr>";
2935
2936 print "<tr><td width=\"40%\">New password</td>";
2937
2938 print "<td><input class=\"editbox\" type=\"password\"
2939 name=\"NEW_PASSWORD\"></td></tr>";
2940
2941 print "</table>";
2942
2943 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
2944
2945 print "<p><input class=\"button\" type=\"submit\"
2946 onclick=\"return validateNewPassword(this.form)\"
2947 value=\"Change password\" name=\"subop\">";
2948
2949 print "</form>";
2950
2951 }
2952
2953 $result = db_query($link, "SELECT
2954 theme_id FROM ttrss_users WHERE id = " . $_SESSION["uid"]);
2955
2956 $user_theme_id = db_fetch_result($result, 0, "theme_id");
2957
2958 $result = db_query($link, "SELECT
2959 id,theme_name FROM ttrss_themes ORDER BY theme_name");
2960
2961 if (db_num_rows($result) > 0) {
2962
2963 print "<form action=\"backend.php\" method=\"POST\">";
2964 print "<table width=\"100%\" class=\"prefPrefsList\">";
2965 print "<tr><td colspan='3'><h3>Themes</h3></tr></td>";
2966 print "<tr><td width=\"40%\">Select theme</td>";
2967 print "<td><select name=\"theme\">";
2968 print "<option>Default</option>";
2969 print "<option disabled>--------</option>";
2970
2971 while ($line = db_fetch_assoc($result)) {
2972 if ($line["id"] == $user_theme_id) {
2973 $selected = "selected";
2974 } else {
2975 $selected = "";
2976 }
2977 print "<option $selected>" . $line["theme_name"] . "</option>";
2978 }
2979 print "</select></td></tr>";
2980 print "</table>";
2981 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
2982 print "<p><input class=\"button\" type=\"submit\"
2983 value=\"Change theme\" name=\"subop\">";
2984 print "</form>";
2985 }
2986
2987 $result = db_query($link, "SELECT
2988 ttrss_user_prefs.pref_name,short_desc,help_text,value,type_name,
2989 section_name,def_value
2990 FROM ttrss_prefs,ttrss_prefs_types,ttrss_prefs_sections,ttrss_user_prefs
2991 WHERE type_id = ttrss_prefs_types.id AND
2992 section_id = ttrss_prefs_sections.id AND
2993 ttrss_user_prefs.pref_name = ttrss_prefs.pref_name AND
2994 owner_uid = ".$_SESSION["uid"]."
2995 ORDER BY section_id,short_desc");
2996
2997 print "<form action=\"backend.php\" method=\"POST\">";
2998
2999 $lnum = 0;
3000
3001 $active_section = "";
3002
3003 while ($line = db_fetch_assoc($result)) {
3004
3005 if ($active_section != $line["section_name"]) {
3006
3007 if ($active_section != "") {
3008 print "</table>";
3009 }
3010
3011 print "<p><table width=\"100%\" class=\"prefPrefsList\">";
3012
3013 $active_section = $line["section_name"];
3014
3015 print "<tr><td colspan=\"3\"><h3>$active_section</h3></td></tr>";
3016 // print "<tr class=\"title\">
3017 // <td width=\"25%\">Option</td><td>Value</td></tr>";
3018
3019 $lnum = 0;
3020 }
3021
3022 // $class = ($lnum % 2) ? "even" : "odd";
3023
3024 print "<tr>";
3025
3026 $type_name = $line["type_name"];
3027 $pref_name = $line["pref_name"];
3028 $value = $line["value"];
3029 $def_value = $line["def_value"];
3030 $help_text = $line["help_text"];
3031
3032 print "<td width=\"40%\" id=\"$pref_name\">" . $line["short_desc"];
3033
3034 if ($help_text) print "<div class=\"prefHelp\">$help_text</div>";
3035
3036 print "</td>";
3037
3038 print "<td>";
3039
3040 if ($type_name == "bool") {
3041 // print_select($pref_name, $value, array("true", "false"));
3042
3043 if ($value == "true") {
3044 $value = "Yes";
3045 } else {
3046 $value = "No";
3047 }
3048
3049 print_radio($pref_name, $value, array("Yes", "No"));
3050
3051 } else {
3052 print "<input class=\"editbox\" name=\"$pref_name\" value=\"$value\">";
3053 }
3054
3055 print "</td>";
3056
3057 print "</tr>";
3058
3059 $lnum++;
3060 }
3061
3062 print "</table>";
3063
3064 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
3065
3066 print "<p><input class=\"button\" type=\"submit\"
3067 name=\"subop\" value=\"Save configuration\">";
3068
3069 print "&nbsp;<input class=\"button\" type=\"submit\"
3070 name=\"subop\" onclick=\"return validatePrefsReset()\"
3071 value=\"Reset to defaults\"></p>";
3072
3073 print "</form>";
3074
3075 }
3076
3077 }
3078
3079 if ($op == "pref-users") {
3080
3081 $subop = $_GET["subop"];
3082
3083 if ($subop == "edit") {
3084
3085 $id = db_escape_string($_GET["id"]);
3086
3087 print "<div id=\"infoBoxTitle\">User editor</div>";
3088
3089 print "<div class=\"infoBoxContents\">";
3090
3091 print "<form id=\"user_edit_form\">";
3092
3093 print "<input type=\"hidden\" name=\"id\" value=\"$id\">";
3094 print "<input type=\"hidden\" name=\"op\" value=\"pref-users\">";
3095 print "<input type=\"hidden\" name=\"subop\" value=\"editSave\">";
3096
3097 $result = db_query($link, "SELECT * FROM ttrss_users WHERE id = '$id'");
3098
3099 $login = db_fetch_result($result, 0, "login");
3100 $access_level = db_fetch_result($result, 0, "access_level");
3101 $email = db_fetch_result($result, 0, "email");
3102
3103 print "<table width='100%'>";
3104 print "<tr><td>Login:</td><td>
3105 <input class=\"iedit\" onkeypress=\"return filterCR(event)\"
3106 name=\"login\" value=\"$login\"></td></tr>";
3107
3108 print "<tr><td>Change password:</td><td>
3109 <input class=\"iedit\" onkeypress=\"return filterCR(event)\"
3110 name=\"password\"></td></tr>";
3111
3112 print "<tr><td>E-mail:</td><td>
3113 <input class=\"iedit\" name=\"email\" onkeypress=\"return filterCR(event)\"
3114 value=\"$email\"></td></tr>";
3115
3116 $sel_disabled = ($id == $_SESSION["uid"]) ? "disabled" : "";
3117
3118 print "<tr><td>Access level:</td><td>";
3119 print_select_hash("access_level", $access_level, $access_level_names,
3120 $sel_disabled);
3121 print "</td></tr>";
3122
3123 print "</table>";
3124
3125 print "</form>";
3126
3127 print "<div align='right'>
3128 <input class=\"button\"
3129 type=\"submit\" onclick=\"return userEditSave()\"
3130 value=\"Save\">
3131 <input class=\"button\"
3132 type=\"submit\" onclick=\"return userEditCancel()\"
3133 value=\"Cancel\"></div>";
3134
3135 print "</div>";
3136
3137 return;
3138 }
3139
3140 if ($subop == "editSave") {
3141
3142 if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3143
3144 $login = db_escape_string(trim($_GET["login"]));
3145 $uid = db_escape_string($_GET["id"]);
3146 $access_level = sprintf("%d", $_GET["access_level"]);
3147 $email = db_escape_string(trim($_GET["email"]));
3148 $password = db_escape_string(trim($_GET["password"]));
3149
3150 if ($password) {
3151 $pwd_hash = 'SHA1:' . sha1($password);
3152 $pass_query_part = "pwd_hash = '$pwd_hash', ";
3153 print "<div class='notice'>Changed password for user <b>$login</b>.</div>";
3154 } else {
3155 $pass_query_part = "";
3156 }
3157
3158 db_query($link, "UPDATE ttrss_users SET $pass_query_part login = '$login',
3159 access_level = '$access_level', email = '$email' WHERE id = '$uid'");
3160
3161 }
3162 } else if ($subop == "remove") {
3163
3164 if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3165
3166 $ids = split(",", db_escape_string($_GET["ids"]));
3167
3168 foreach ($ids as $id) {
3169 db_query($link, "DELETE FROM ttrss_users WHERE id = '$id' AND id != " . $_SESSION["uid"]);
3170
3171 }
3172 }
3173 } else if ($subop == "add") {
3174
3175 if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3176
3177 $login = db_escape_string(trim($_GET["login"]));
3178 $tmp_user_pwd = make_password(8);
3179 $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd);
3180
3181 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
3182 login = '$login'");
3183
3184 if (db_num_rows($result) == 0) {
3185
3186 db_query($link, "INSERT INTO ttrss_users
3187 (login,pwd_hash,access_level,last_login)
3188 VALUES ('$login', '$pwd_hash', 0, NOW())");
3189
3190
3191 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
3192 login = '$login' AND pwd_hash = '$pwd_hash'");
3193
3194 if (db_num_rows($result) == 1) {
3195
3196 $new_uid = db_fetch_result($result, 0, "id");
3197
3198 print "<div class=\"notice\">Added user <b>".$_GET["login"].
3199 "</b> with password <b>$tmp_user_pwd</b>.</div>";
3200
3201 initialize_user($link, $new_uid);
3202
3203 } else {
3204
3205 print "<div class=\"warning\">Could not create user <b>".
3206 $_GET["login"]."</b></div>";
3207
3208 }
3209 } else {
3210 print "<div class=\"warning\">User <b>".
3211 $_GET["login"]."</b> already exists.</div>";
3212 }
3213 }
3214 } else if ($subop == "resetPass") {
3215
3216 if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3217
3218 $uid = db_escape_string($_GET["id"]);
3219
3220 $result = db_query($link, "SELECT login,email
3221 FROM ttrss_users WHERE id = '$uid'");
3222
3223 $login = db_fetch_result($result, 0, "login");
3224 $email = db_fetch_result($result, 0, "email");
3225 $tmp_user_pwd = make_password(8);
3226 $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd);
3227
3228 db_query($link, "UPDATE ttrss_users SET pwd_hash = '$pwd_hash'
3229 WHERE id = '$uid'");
3230
3231 print "<div class=\"notice\">Changed password of
3232 user <b>$login</b> to <b>$tmp_user_pwd</b>.";
3233
3234 if (MAIL_RESET_PASS && $email) {
3235 print " Notifying <b>$email</b>.";
3236
3237 mail("$login <$email>", "Password reset notification",
3238 "Hi, $login.\n".
3239 "\n".
3240 "Your password for this TT-RSS installation was reset by".
3241 " an administrator.\n".
3242 "\n".
3243 "Your new password is $tmp_user_pwd, please remember".
3244 " it for later reference.\n".
3245 "\n".
3246 "Sincerely, TT-RSS Mail Daemon.", "From: " . MAIL_FROM);
3247 }
3248
3249 print "</div>";
3250
3251 }
3252 }
3253
3254 print "<div class=\"prefGenericAddBox\">
3255 <input id=\"uadd_box\"
3256 onkeyup=\"toggleSubmitNotEmpty(this, 'user_add_btn')\"
3257 size=\"40\">&nbsp;";
3258
3259 print"<input type=\"submit\" class=\"button\"
3260 id=\"user_add_btn\" disabled=\"true\"
3261 onclick=\"javascript:addUser()\" value=\"Create user\"></div>";
3262
3263 $result = db_query($link, "SELECT
3264 id,login,access_level,email,
3265 SUBSTRING(last_login,1,16) as last_login
3266 FROM
3267 ttrss_users
3268 ORDER by login");
3269
3270 // print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
3271
3272 print "<p><table width=\"100%\" cellspacing=\"0\"
3273 class=\"prefUserList\" id=\"prefUserList\">";
3274
3275 print "<tr><td class=\"selectPrompt\" colspan=\"8\">
3276 Select:
3277 <a href=\"javascript:selectPrefRows('user', true)\">All</a>,
3278 <a href=\"javascript:selectPrefRows('user', false)\">None</a>
3279 </td</tr>";
3280
3281 print "<tr class=\"title\">
3282 <td align='center' width=\"5%\">&nbsp;</td>
3283 <td width='40%'>Login</td>
3284 <td width='40%'>Access Level</td>
3285 <td width='30%'>Last login</td></tr>";
3286
3287 $lnum = 0;
3288
3289 while ($line = db_fetch_assoc($result)) {
3290
3291 $class = ($lnum % 2) ? "even" : "odd";
3292
3293 $uid = $line["id"];
3294 $edit_uid = $_GET["id"];
3295
3296 if ($subop == "edit" && $uid != $edit_uid) {
3297 $class .= "Grayed";
3298 $this_row_id = "";
3299 } else {
3300 $this_row_id = "id=\"UMRR-$uid\"";
3301 }
3302
3303 print "<tr class=\"$class\" $this_row_id>";
3304
3305 $line["login"] = htmlspecialchars($line["login"]);
3306
3307 $line["last_login"] = date(get_pref($link, 'SHORT_DATE_FORMAT'),
3308 strtotime($line["last_login"]));
3309
3310 $access_level_names = array(0 => "User", 10 => "Administrator");
3311
3312 // if (!$edit_uid || $subop != "edit") {
3313
3314 print "<td align='center'><input onclick='toggleSelectPrefRow(this, \"user\");'
3315 type=\"checkbox\" id=\"UMCHK-$uid\"></td>";
3316
3317 print "<td><a href=\"javascript:editUser($uid);\">" .
3318 $line["login"] . "</td>";
3319
3320 if (!$line["email"]) $line["email"] = "&nbsp;";
3321
3322 print "<td><a href=\"javascript:editUser($uid);\">" .
3323 $access_level_names[$line["access_level"]] . "</td>";
3324
3325 /* } else if ($uid != $edit_uid) {
3326
3327 if (!$line["email"]) $line["email"] = "&nbsp;";
3328
3329 print "<td align='center'><input disabled=\"true\" type=\"checkbox\"
3330 id=\"UMCHK-".$line["id"]."\"></td>";
3331
3332 print "<td>".$line["login"]."</td>";
3333 print "<td>".$line["email"]."</td>";
3334 print "<td>".$access_level_names[$line["access_level"]]."</td>";
3335
3336 } else {
3337
3338 print "<td align='center'>
3339 <input disabled=\"true\" type=\"checkbox\" checked></td>";
3340
3341 print "<td><input id=\"iedit_ulogin\" value=\"".$line["login"].
3342 "\"></td>";
3343
3344 print "<td><input id=\"iedit_email\" value=\"".$line["email"].
3345 "\"></td>";
3346
3347 print "<td>";
3348 print "<select id=\"iedit_ulevel\">";
3349 foreach (array_keys($access_level_names) as $al) {
3350 if ($al == $line["access_level"]) {
3351 $selected = "selected";
3352 } else {
3353 $selected = "";
3354 }
3355 print "<option $selected id=\"$al\">" .
3356 $access_level_names[$al] . "</option>";
3357 }
3358 print "</select>";
3359 print "</td>";
3360
3361 } */
3362
3363 print "<td>".$line["last_login"]."</td>";
3364
3365 print "</tr>";
3366
3367 ++$lnum;
3368 }
3369
3370 print "</table>";
3371
3372 print "<p id='userOpToolbar'>";
3373
3374 /* if ($subop == "edit") {
3375 print "Edit user:
3376 <input type=\"submit\" class=\"button\"
3377 onclick=\"javascript:userEditSave()\" value=\"Save\">
3378 <input type=\"submit\" class=\"button\"
3379 onclick=\"javascript:userEditCancel()\" value=\"Cancel\">";
3380
3381 } else { */
3382
3383 print "
3384 Selection:
3385 <input type=\"submit\" class=\"button\" disabled=\"true\"
3386 onclick=\"javascript:selectedUserDetails()\" value=\"User details\">
3387 <input type=\"submit\" class=\"button\" disabled=\"true\"
3388 onclick=\"javascript:editSelectedUser()\" value=\"Edit\">
3389 <input type=\"submit\" class=\"button\" disabled=\"true\"
3390 onclick=\"javascript:removeSelectedUsers()\" value=\"Remove\">
3391 <input type=\"submit\" class=\"button\" disabled=\"true\"
3392 onclick=\"javascript:resetSelectedUserPass()\" value=\"Reset password\">";
3393
3394 // }
3395 }
3396
3397 if ($op == "user-details") {
3398
3399 if (WEB_DEMO_MODE || $_SESSION["access_level"] < 10) {
3400 return;
3401 }
3402
3403 /* print "<html><head>
3404 <title>Tiny Tiny RSS : User Details</title>
3405 <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">
3406 <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
3407 </head><body>"; */
3408
3409 $uid = sprintf("%d", $_GET["id"]);
3410
3411 print "<div id=\"infoBoxTitle\">User details</div>";
3412
3413 print "<div class='infoBoxContents'>";
3414
3415 $result = db_query($link, "SELECT login,
3416 SUBSTRING(last_login,1,16) AS last_login,
3417 access_level,
3418 (SELECT COUNT(int_id) FROM ttrss_user_entries
3419 WHERE owner_uid = id) AS stored_articles
3420 FROM ttrss_users
3421 WHERE id = '$uid'");
3422
3423 if (db_num_rows($result) == 0) {
3424 print "<h1>User not found</h1>";
3425 return;
3426 }
3427
3428 # print "<h1>User Details</h1>";
3429
3430 $login = db_fetch_result($result, 0, "login");
3431
3432 # print "<h1>$login</h1>";
3433
3434 print "<table width='100%'>";
3435
3436 $last_login = date(get_pref($link, 'LONG_DATE_FORMAT'),
3437 strtotime(db_fetch_result($result, 0, "last_login")));
3438 $access_level = db_fetch_result($result, 0, "access_level");
3439 $stored_articles = db_fetch_result($result, 0, "stored_articles");
3440
3441 # print "<tr><td>Username</td><td>$login</td></tr>";
3442 # print "<tr><td>Access level</td><td>$access_level</td></tr>";
3443 print "<tr><td>Last logged in</td><td>$last_login</td></tr>";
3444 print "<tr><td>Stored articles</td><td>$stored_articles</td></tr>";
3445
3446 $result = db_query($link, "SELECT COUNT(id) as num_feeds FROM ttrss_feeds
3447 WHERE owner_uid = '$uid'");
3448
3449 $num_feeds = db_fetch_result($result, 0, "num_feeds");
3450
3451 print "<tr><td>Subscribed feeds count</td><td>$num_feeds</td></tr>";
3452
3453 /* $result = db_query($link, "SELECT
3454 SUM(LENGTH(content)+LENGTH(title)+LENGTH(link)+LENGTH(guid)) AS db_size
3455 FROM ttrss_user_entries,ttrss_entries
3456 WHERE owner_uid = '$uid' AND ref_id = id");
3457
3458 $db_size = round(db_fetch_result($result, 0, "db_size") / 1024);
3459
3460 print "<tr><td>Approx. used DB size</td><td>$db_size KBytes</td></tr>"; */
3461
3462 print "</table>";
3463
3464 print "<h1>Subscribed feeds</h1>";
3465
3466 $result = db_query($link, "SELECT id,title,site_url FROM ttrss_feeds
3467 WHERE owner_uid = '$uid' ORDER BY title");
3468
3469 print "<ul class=\"userFeedList\">";
3470
3471 $row_class = "odd";
3472
3473 while ($line = db_fetch_assoc($result)) {
3474
3475 $icon_file = ICONS_URL."/".$line["id"].".ico";
3476
3477 if (file_exists($icon_file) && filesize($icon_file) > 0) {
3478 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"$icon_file\">";
3479 } else {
3480 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
3481 }
3482
3483 print "<li class=\"$row_class\">$feed_icon&nbsp;<a href=\"".$line["site_url"]."\">".$line["title"]."</a></li>";
3484
3485 $row_class = toggleEvenOdd($row_class);
3486
3487 }
3488
3489 if (db_num_rows($result) < $num_feeds) {
3490 // FIXME - add link to show ALL subscribed feeds here somewhere
3491 print "<li><img
3492 class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">&nbsp;...</li>";
3493 }
3494
3495 print "</ul>";
3496
3497 print "</div>";
3498
3499 print "<div align='center'>
3500 <input type='submit' class='button'
3501 onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
3502
3503 // print "</body></html>";
3504
3505 }
3506
3507 if ($op == "pref-feed-browser") {
3508
3509 if (!ENABLE_FEED_BROWSER) {
3510 print "Feed browser is administratively disabled.";
3511 return;
3512 }
3513
3514 $subop = $_REQUEST["subop"];
3515
3516 if ($subop == "details") {
3517 $id = db_escape_string($_GET["id"]);
3518
3519 print "<div class=\"browserFeedInfo\">";
3520 print "<b>Feed information:</b>";
3521 print "<div class=\"detailsPart\">";
3522
3523 $result = db_query($link, "SELECT
3524 feed_url,site_url,
3525 SUBSTRING(last_updated,1,19) AS last_updated
3526 FROM ttrss_feeds WHERE id = '$id'");
3527
3528 $feed_url = db_fetch_result($result, 0, "feed_url");
3529 $site_url = db_fetch_result($result, 0, "site_url");
3530 $last_updated = db_fetch_result($result, 0, "last_updated");
3531
3532 if (get_pref($link, 'HEADLINES_SMART_DATE')) {
3533 $last_updated = smart_date_time(strtotime($last_updated));
3534 } else {
3535 $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
3536 $last_updated = date($short_date, strtotime($last_updated));
3537 }
3538
3539 print "Site: <a href='$site_url'>$site_url</a> ".
3540 "(<a href='$feed_url'>feed</a>), ".
3541 "Last updated: $last_updated";
3542
3543 print "</div>";
3544
3545 $result = db_query($link, "SELECT
3546 ttrss_entries.title,
3547 content,
3548 substring(date_entered,1,19) as date_entered,
3549 substring(updated,1,19) as updated
3550 FROM ttrss_entries,ttrss_user_entries
3551 WHERE ttrss_entries.id = ref_id AND feed_id = '$id'
3552 ORDER BY updated DESC LIMIT 5");
3553
3554 if (db_num_rows($result) > 0) {
3555
3556 print "<b>Last headlines:</b><br>";
3557
3558 print "<div class=\"detailsPart\">";
3559 print "<ul class=\"compact\">";
3560 while ($line = db_fetch_assoc($result)) {
3561
3562 if (get_pref($link, 'HEADLINES_SMART_DATE')) {
3563 $entry_dt = smart_date_time(strtotime($line["updated"]));
3564 } else {
3565 $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
3566 $entry_dt = date($short_date, strtotime($line["updated"]));
3567 }
3568
3569 print "<li>" . $line["title"] .
3570 "&nbsp;<span class=\"insensitive\">($entry_dt)</span></li>";
3571 }
3572 print "</ul></div>";
3573 }
3574
3575 print "</div>";
3576
3577 return;
3578 }
3579
3580 print "<p>This panel shows feeds subscribed by other users of this system, just in case you are interested in some of them too.</p>";
3581
3582 $limit = db_escape_string($_GET["limit"]);
3583
3584 if (!$limit) $limit = 25;
3585
3586 $owner_uid = $_SESSION["uid"];
3587
3588 $result = db_query($link, "SELECT feed_url,COUNT(id) AS subscribers
3589 FROM ttrss_feeds WHERE (SELECT COUNT(id) = 0 FROM ttrss_feeds AS tf
3590 WHERE tf.feed_url = ttrss_feeds.feed_url
3591 AND owner_uid = '$owner_uid') GROUP BY feed_url
3592 ORDER BY subscribers DESC LIMIT $limit");
3593
3594
3595 print "<div style=\"float : right\">
3596 Top <select id=\"feedBrowserLimit\">";
3597
3598 foreach (array(25, 50, 100) as $l) {
3599 $issel = ($l == $limit) ? "selected" : "";
3600 print "<option $issel>$l</option>";
3601 }
3602
3603 print "</select>
3604 <input type=\"submit\" class=\"button\"
3605 onclick=\"updateBigFeedBrowser()\" value=\"Show\">
3606 </div>";
3607
3608 print "<p id=\"fbrOpToolbar\">Selection:
3609 <input type='submit' class='button' onclick=\"feedBrowserSubscribe()\"
3610 disabled=\"true\" value=\"Subscribe\">";
3611
3612 print "<ul class='nomarks' id='browseBigFeedList'>";
3613
3614 $feedctr = 0;
3615
3616 while ($line = db_fetch_assoc($result)) {
3617 $feed_url = $line["feed_url"];
3618 $subscribers = $line["subscribers"];
3619
3620 $det_result = db_query($link, "SELECT site_url,title,id
3621 FROM ttrss_feeds WHERE feed_url = '$feed_url' LIMIT 1");
3622
3623 $details = db_fetch_assoc($det_result);
3624
3625 $icon_file = ICONS_DIR . "/" . $details["id"] . ".ico";
3626
3627 if (file_exists($icon_file) && filesize($icon_file) > 0) {
3628 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"" . ICONS_URL .
3629 "/".$details["id"].".ico\">";
3630 } else {
3631 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
3632 }
3633
3634 $check_box = "<input onclick='toggleSelectFBListRow(this)' class='feedBrowseCB'
3635 type=\"checkbox\" id=\"FBCHK-" . $details["id"] . "\">";
3636
3637 $class = ($feedctr % 2) ? "even" : "odd";
3638
3639 print "<li class='$class' id=\"FBROW-".$details["id"]."\">$check_box".
3640 "$feed_icon ";
3641
3642 print "<a href=\"javascript:browserToggleExpand('".$details["id"]."')\">" .
3643 $details["title"] ."</a>&nbsp;" .
3644 "<span class='subscribers'>($subscribers)</span>";
3645
3646 print "<div class=\"browserDetails\" id=\"BRDET-" . $details["id"] . "\">";
3647 print "</div>";
3648
3649 print "</li>";
3650
3651 ++$feedctr;
3652 }
3653
3654 if ($feedctr == 0) {
3655 print "<li>No feeds found to subscribe.</li>";
3656 }
3657
3658 print "</ul>";
3659
3660 print "</div>";
3661
3662 }
3663
3664 if ($op == "rss") {
3665 $feed = db_escape_string($_GET["id"]);
3666 $user = db_escape_string($_GET["user"]);
3667 $pass = db_escape_string($_GET["pass"]);
3668 $is_cat = $_GET["is_cat"] != false;
3669
3670 $search = db_escape_string($_GET["q"]);
3671 $match_on = db_escape_string($_GET["m"]);
3672 $search_mode = db_escape_string($_GET["smode"]);
3673
3674 if (!$_SESSION["uid"] && $user && $pass) {
3675 authenticate_user($link, $user, $pass);
3676 }
3677
3678 if ($_SESSION["uid"] ||
3679 http_authenticate_user($link)) {
3680
3681 generate_syndicated_feed($link, $feed, $is_cat,
3682 $search, $search_mode, $match_on);
3683 }
3684 }
3685
3686 function check_configuration_variables() {
3687 if (!defined('SESSION_EXPIRE_TIME')) {
3688 return "config: SESSION_EXPIRE_TIME is undefined";
3689 }
3690
3691 if (SESSION_EXPIRE_TIME < 60) {
3692 return "config: SESSION_EXPIRE_TIME is too low (less than 60)";
3693 }
3694
3695 if (SESSION_EXPIRE_TIME < SESSION_COOKIE_LIFETIME_REMEMBER) {
3696 return "config: SESSION_EXPIRE_TIME should be greater or equal to" .
3697 "SESSION_COOKIE_LIFETIME_REMEMBER";
3698 }
3699
3700 if (defined('DISABLE_SESSIONS')) {
3701 return "config: you have enabled DISABLE_SESSIONS. Please disable this option.";
3702 }
3703
3704 if (DATABASE_BACKED_SESSIONS && SINGLE_USER_MODE) {
3705 return "config: DATABASE_BACKED_SESSIONS is incompatible with SINGLE_USER_MODE";
3706 }
3707
3708 return false;
3709 }
3710
3711 db_close($link);
3712 ?>
3713
3714 <!-- <?= sprintf("Backend execution time: %.4f seconds", getmicrotime() - $script_started) ?> -->
3715
web-based news feed (RSS/Atom) reader and aggregator; see https://tt-rss.org/