backend.php

   1 <?
   2         require_once "sessions.php";
   3         require_once "backend-rpc.php";
   4
   5         header("Cache-Control: no-cache, must-revalidate");
   6         header("Pragma: no-cache");
   7         header("Expires: -1");
   8
   9 /*      if ($_GET["debug"]) {
  10                 define('DEFAULT_ERROR_LEVEL', E_ALL);
  11         } else {
  12                 define('DEFAULT_ERROR_LEVEL', E_ERROR | E_WARNING | E_PARSE);
  13         }
  14
  15         error_reporting(DEFAULT_ERROR_LEVEL); */
  16
  17         $op = $_REQUEST["op"];
  18
  19         define('SCHEMA_VERSION', 8);
  20
  21         require_once "sanity_check.php";
  22         require_once "config.php";
  23
  24         require_once "db.php";
  25         require_once "db-prefs.php";
  26         require_once "functions.php";
  27         require_once "magpierss/rss_fetch.inc";
  28
  29         $err_msg = check_configuration_variables();
  30
  31         if ($err_msg) {
  32                 header("Content-Type: application/xml");
  33                 print_error_xml(9, $err_msg); die;
  34         }
  35
  36         if ((!$op || $op == "rpc" || $op == "globalUpdateFeeds") && !$_REQUEST["noxml"]) {
  37                 header("Content-Type: application/xml");
  38         }
  39
  40         if (!$_SESSION["uid"] && $op != "globalUpdateFeeds") {
  41
  42                 if ($op == "rpc") {
  43                         print_error_xml(6); die;
  44                 } else {
  45                         print "
  46                         <html><body>
  47                                 <p>Error: Not logged in.</p>
  48                                 <script type=\"text/javascript\">
  49                                         if (parent.window != 'undefined') {
  50                                                 parent.window.location = \"login.php\";
  51                                         } else {
  52                                                 window.location = \"login.php\";
  53                                         }
  54                                 </script>
  55                         </body></html>
  56                         ";
  57                 }
  58                 exit;
  59         }
  60
  61         if (!$op) {
  62                 print_error_xml(7); exit;
  63         }
  64
  65         $purge_intervals = array(
  66                 0  => "Default",
  67                 -1 => "Never purge",
  68                 5  => "1 week",
  69                 14 => "2 weeks",
  70                 31 => "1 month",
  71                 60 => "2 months",
  72                 90 => "3 months");
  73
  74         $update_intervals = array(
  75                 0   => "Default",
  76                 -1  => "Disable updates",
  77                 30  => "30 minutes",
  78                 60  => "1 hour",
  79                 240 => "4 hours",
  80                 720 => "12 hours",
  81                 1440 => "Daily",
  82                 10080 => "Weekly");
  83
  84         $script_started = getmicrotime();
  85
  86         $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
  87
  88         if (!$link) {
  89                 if (DB_TYPE == "mysql") {
  90                         print mysql_error();
  91                 }
  92                 // PG seems to display its own errors just fine by default.
  93                 return;
  94         }
  95
  96         if (DB_TYPE == "pgsql") {
  97                 pg_query("set client_encoding = 'utf-8'");
  98         }
  99
 100         if ($_SESSION["uid"]) {
 101                 if (get_pref($link, "HIDE_READ_FEEDS") == "true") {
 102                         setcookie("ttrss_vf_hreadf", 1);
 103                 } else {
 104                         setcookie("ttrss_vf_hreadf", 0);
 105                 }
 106
 107                 setcookie('ttrss_vf_refresh', FEEDS_FRAME_REFRESH);
 108                 setcookie('ttrss_vf_daemon', ENABLE_UPDATE_DAEMON);
 109
 110                 if (get_pref($link, "ON_CATCHUP_SHOW_NEXT_FEED")) {
 111                         setcookie('ttrss_vf_catchupnext', 1);
 112                 } else {
 113                         setcookie('ttrss_vf_catchupnext', 0);
 114                 }
 115         }
 116
 117         $fetch = $_GET["fetch"];
 118
 119 //      setcookie("ttrss_icons_url", ICONS_URL);
 120
 121         if (!sanity_check($link)) { return; }
 122
 123         function outputFeedList($link, $tags = false) {
 124
 125                 print "<html><head>
 126                         <title>Tiny Tiny RSS : Feedlist</title>
 127                         <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">";
 128
 129                 $user_theme = $_SESSION["theme"];
 130                 if ($user_theme) {
 131                         print "<link rel=\"stylesheet\" type=\"text/css\"
 132                                 href=\"themes/$user_theme/theme.css\">";
 133                 }
 134
 135                 if (get_pref($link, 'USE_COMPACT_STYLESHEET')) {
 136                         print "<link rel=\"stylesheet\" type=\"text/css\"
 137                                 href=\"tt-rss_compact.css\"/>";
 138                 } else {
 139                         print "<link title=\"Compact Stylesheet\" rel=\"alternate stylesheet\"
 140                                         type=\"text/css\" href=\"tt-rss_compact.css\"/>";
 141                 }
 142
 143                 $script_dt_add = get_script_dt_add();
 144
 145                 print "<script type=\"text/javascript\" src=\"functions.js?$script_dt_add\"></script>
 146                         <script type=\"text/javascript\" src=\"feedlist.js?$script_dt_add\"></script>
 147                         <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
 148                         <!--[if gte IE 5.5000]>
 149                         <script type=\"text/javascript\" src=\"pngfix.js\"></script>
 150                         <link rel=\"stylesheet\" type=\"text/css\" href=\"tt-rss-ie.css\">
 151                         <![endif]-->
 152                         </head><body>
 153                         <script type=\"text/javascript\">
 154                                 if (document.addEventListener) {
 155                                         document.addEventListener(\"DOMContentLoaded\", init, null);
 156                                 }
 157                                 window.onload = init;
 158                         </script>";
 159
 160                 print "<ul class=\"feedList\" id=\"feedList\">\n";
 161
 162                 $owner_uid = $_SESSION["uid"];
 163
 164                 if (!$tags) {
 165
 166                         /* virtual feeds */
 167
 168                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 169                                 print "<li class=\"feedCat\">Special</li>";
 170                                 print "<li id=\"feedCatHolder\"><ul class=\"feedCatList\">";
 171                         }
 172
 173                         $result = db_query($link, "SELECT count(id) as num_starred
 174                                 FROM ttrss_entries,ttrss_user_entries
 175                                 WHERE marked = true AND
 176                                 ttrss_user_entries.ref_id = ttrss_entries.id AND
 177                                 unread = true AND owner_uid = '$owner_uid'");
 178                         $num_starred = db_fetch_result($result, 0, "num_starred");
 179
 180                         $class = "virt";
 181
 182                         if ($num_starred > 0) $class .= "Unread";
 183
 184                         printFeedEntry(-1, $class, "Starred articles", $num_starred,
 185                                 "images/mark_set.png", $link);
 186
 187                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 188                                 print "</ul>\n";
 189                         }
 190
 191                         if (GLOBAL_ENABLE_LABELS && get_pref($link, 'ENABLE_LABELS')) {
 192
 193                                 $result = db_query($link, "SELECT id,sql_exp,description FROM
 194                                         ttrss_labels WHERE owner_uid = '$owner_uid' ORDER by description");
 195
 196                                 if (db_num_rows($result) > 0) {
 197                                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 198                                                 print "<li class=\"feedCat\">Labels</li>";
 199                                                 print "<li id=\"feedCatHolder\"><ul class=\"feedCatList\">";
 200                                         } else {
 201                                                 print "<li><hr></li>";
 202                                         }
 203                                 }
 204
 205                                 while ($line = db_fetch_assoc($result)) {
 206
 207                                         error_reporting (0);
 208
 209                                         $tmp_result = db_query($link, "SELECT count(id) as count
 210                                                 FROM ttrss_entries,ttrss_user_entries
 211                                                 WHERE (" . $line["sql_exp"] . ") AND unread = true AND
 212                                                 ttrss_user_entries.ref_id = ttrss_entries.id
 213                                                 AND owner_uid = '$owner_uid'");
 214
 215                                         $count = db_fetch_result($tmp_result, 0, "count");
 216
 217                                         $class = "label";
 218
 219                                         if ($count > 0) {
 220                                                 $class .= "Unread";
 221                                         }
 222
 223                                         error_reporting (DEFAULT_ERROR_LEVEL);
 224
 225                                         printFeedEntry(-$line["id"]-11,
 226                                                 $class, $line["description"], $count, "images/label.png", $link);
 227
 228                                 }
 229
 230                                 if (db_num_rows($result) > 0) {
 231                                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 232                                                 print "</ul>";
 233                                         }
 234                                 }
 235
 236                         }
 237
 238 //                      if (!get_pref($link, 'ENABLE_FEED_CATS')) {
 239                                 print "<li><hr></li>";
 240 //                      }
 241
 242                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 243                                 $order_by_qpart = "category,title";
 244                         } else {
 245                                 $order_by_qpart = "title";
 246                         }
 247
 248                         $result = db_query($link, "SELECT ttrss_feeds.*,
 249                                 SUBSTRING(last_updated,1,19) AS last_updated_noms,
 250                                 (SELECT COUNT(id) FROM ttrss_entries,ttrss_user_entries
 251                                         WHERE feed_id = ttrss_feeds.id AND
 252                                         ttrss_user_entries.ref_id = ttrss_entries.id AND
 253                                         owner_uid = '$owner_uid') AS total,
 254                                 (SELECT COUNT(id) FROM ttrss_entries,ttrss_user_entries
 255                                         WHERE feed_id = ttrss_feeds.id AND unread = true
 256                                                 AND ttrss_user_entries.ref_id = ttrss_entries.id
 257                                                 AND owner_uid = '$owner_uid') as unread,
 258                                 cat_id,last_error,
 259                                 ttrss_feed_categories.title AS category,
 260                                 ttrss_feed_categories.collapsed
 261                                 FROM ttrss_feeds LEFT JOIN ttrss_feed_categories
 262                                         ON (ttrss_feed_categories.id = cat_id)
 263                                 WHERE
 264                                         ttrss_feeds.owner_uid = '$owner_uid' AND parent_feed IS NULL
 265                                 ORDER BY $order_by_qpart");
 266
 267                         $actid = $_GET["actid"];
 268
 269                         /* real feeds */
 270
 271                         $lnum = 0;
 272
 273                         $total_unread = 0;
 274
 275                         $category = "";
 276
 277                         $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
 278
 279                         while ($line = db_fetch_assoc($result)) {
 280
 281                                 $feed = db_unescape_string($line["title"]);
 282                                 $feed_id = $line["id"];
 283
 284                                 $subop = $_GET["subop"];
 285
 286                                 $total = $line["total"];
 287                                 $unread = $line["unread"];
 288
 289                                 if (get_pref($link, 'HEADLINES_SMART_DATE')) {
 290                                         $last_updated = smart_date_time(strtotime($line["last_updated_noms"]));
 291                                 } else {
 292                                         $last_updated = date($short_date, strtotime($line["last_updated_noms"]));
 293                                 }
 294
 295                                 $rtl_content = sql_bool_to_bool($line["rtl_content"]);
 296
 297                                 if ($rtl_content) {
 298                                         $rtl_tag = "dir=\"RTL\"";
 299                                 } else {
 300                                         $rtl_tag = "";
 301                                 }
 302
 303                                 $tmp_result = db_query($link,
 304                                         "SELECT id,COUNT(unread) AS unread
 305                                         FROM ttrss_feeds LEFT JOIN ttrss_user_entries
 306                                                 ON (ttrss_feeds.id = ttrss_user_entries.feed_id)
 307                                         WHERE parent_feed = '$feed_id' AND unread = true
 308                                         GROUP BY ttrss_feeds.id");
 309
 310                                 if (db_num_rows($tmp_result) > 0) {
 311                                         while ($l = db_fetch_assoc($tmp_result)) {
 312                                                 $unread += $l["unread"];
 313                                         }
 314                                 }
 315
 316                                 $cat_id = $line["cat_id"];
 317
 318                                 $tmp_category = $line["category"];
 319
 320                                 if (!$tmp_category) {
 321                                         $tmp_category = "Uncategorized";
 322                                 }
 323
 324         //                      $class = ($lnum % 2) ? "even" : "odd";
 325
 326                                 if ($line["last_error"]) {
 327                                         $class = "error";
 328                                 } else {
 329                                         $class = "feed";
 330                                 }
 331
 332                                 if ($unread > 0) $class .= "Unread";
 333
 334                                 if ($actid == $feed_id) {
 335                                         $class .= "Selected";
 336                                 }
 337
 338                                 $total_unread += $unread;
 339
 340                                 if ($category != $tmp_category && get_pref($link, 'ENABLE_FEED_CATS')) {
 341
 342                                         if ($category) {
 343                                                 print "</ul></li>";
 344                                         }
 345
 346                                         $category = $tmp_category;
 347
 348                                         $collapsed = $line["collapsed"];
 349
 350                                         // workaround for NULL category
 351                                         if ($category == "Uncategorized") {
 352                                                 if ($_COOKIE["ttrss_vf_uclps"] == 1) {
 353                                                         $collapsed = "t";
 354                                                 }
 355                                         }
 356
 357                                         if ($collapsed == "t" || $collapsed == "1") {
 358                                                 $holder_class = "invisible";
 359                                                 $ellipsis = "...";
 360                                         } else {
 361                                                 $holder_class = "";
 362                                                 $ellipsis = "";
 363                                         }
 364
 365                                         if ($cat_id) {
 366                                                 $cat_id_qpart = "cat_id = '$cat_id'";
 367                                         } else {
 368                                                 $cat_id_qpart = "cat_id IS NULL";
 369                                         }
 370
 371                                         $tmp_result = db_query($link, "SELECT count(int_id) AS unread
 372                                                 FROM ttrss_user_entries,ttrss_feeds WHERE
 373                                                         unread = true AND
 374                                                         feed_id = ttrss_feeds.id AND $cat_id_qpart AND
 375                                                         ttrss_user_entries.owner_uid = " . $_SESSION["uid"]);
 376
 377                                         $cat_unread = db_fetch_result($tmp_result, 0, "unread");
 378
 379                                         $cat_id = sprintf("%d", $cat_id);
 380
 381                                         print "<li class=\"feedCat\" id=\"FCAT-$cat_id\">
 382                                                 <a href=\"javascript:toggleCollapseCat($cat_id)\">$tmp_category</a>
 383                                                         <a href=\"javascript:viewCategory($cat_id)\" id=\"FCAP-$cat_id\">
 384                                                         <span id=\"FCATCTR-$cat_id\"
 385                                                         class=\"$catctr_class\">($cat_unread unread)$ellipsis</span>
 386                                                         </a></li>";
 387
 388                                         // !!! NO SPACE before <ul...feedCatList - breaks firstChild DOM function
 389                                         // -> keyboard navigation, etc.
 390                                         print "<li id=\"feedCatHolder\" class=\"$holder_class\"><ul class=\"feedCatList\" id=\"FCATLIST-$cat_id\">";
 391                                 }
 392
 393                                 printFeedEntry($feed_id, $class, $feed, $unread,
 394                                         "icons/$feed_id.ico", $link, $rtl_content,
 395                                         $last_updated, $line["last_error"]);
 396
 397                                 ++$lnum;
 398                         }
 399
 400                 } else {
 401
 402                         // tags
 403
 404 /*                      $result = db_query($link, "SELECT tag_name,count(ttrss_entries.id) AS count
 405                                 FROM ttrss_tags,ttrss_entries,ttrss_user_entries WHERE
 406                                 post_int_id = ttrss_user_entries.int_id AND
 407                                 unread = true AND ref_id = ttrss_entries.id
 408                                 AND ttrss_tags.owner_uid = '$owner_uid' GROUP BY tag_name
 409                         UNION
 410                                 select tag_name,0 as count FROM ttrss_tags WHERE owner_uid = '$owner_uid'
 411                         ORDER BY tag_name"); */
 412
 413                         $result = db_query($link, "SELECT tag_name,SUM((SELECT COUNT(int_id)
 414                                 FROM ttrss_user_entries WHERE int_id = post_int_id
 415                                         AND unread = true)) AS count FROM ttrss_tags
 416                                 WHERE owner_uid = 2 GROUP BY tag_name ORDER BY tag_name");
 417
 418                         $tags = array();
 419
 420                         while ($line = db_fetch_assoc($result)) {
 421                                 $tags[$line["tag_name"]] += $line["count"];
 422                         }
 423
 424                         foreach (array_keys($tags) as $tag) {
 425
 426                                 $unread = $tags[$tag];
 427
 428                                 $class = "tag";
 429
 430                                 if ($unread > 0) {
 431                                         $class .= "Unread";
 432                                 }
 433
 434                                 printFeedEntry($tag, $class, $tag, $unread, "images/tag.png", $link);
 435
 436                         }
 437
 438                 }
 439
 440                 if (db_num_rows($result) == 0) {
 441                         if ($tags) {
 442                                 $what = "tags";
 443                         } else {
 444                                 $what = "feeds";
 445                         }
 446                         print "<li>No $what to display.</li>";
 447                 }
 448
 449                 print "</ul>";
 450
 451                 print '
 452                         <script type="text/javascript">
 453                                 /* for IE */
 454                                 function statechange() {
 455                                         if (document.readyState == "interactive") init();
 456                                 }
 457
 458                                 if (document.readyState) {
 459                                         if (document.readyState == "interactive" || document.readyState == "complete") {
 460                                                 init();
 461                                         } else {
 462                                                 document.onreadystatechange = statechange;
 463                                         }
 464                                 }
 465                         </script></body></html>';
 466         }
 467
 468
 469         if ($op == "rpc") {
 470                 handle_rpc_request($link);
 471         }
 472
 473         if ($op == "feeds") {
 474
 475                 $tags = $_GET["tags"];
 476
 477                 $subop = $_GET["subop"];
 478
 479                 if ($subop == "catchupAll") {
 480                         db_query($link, "UPDATE ttrss_user_entries SET
 481                                 last_read = NOW(),unread = false WHERE owner_uid = " . $_SESSION["uid"]);
 482                 }
 483
 484                 if ($subop == "collapse") {
 485                         $cat_id = db_escape_string($_GET["cid"]);
 486
 487                         db_query($link, "UPDATE ttrss_feed_categories SET
 488                                 collapsed = NOT collapsed WHERE id = '$cat_id' AND owner_uid = " .
 489                                 $_SESSION["uid"]);
 490                         return;
 491                 }
 492
 493                 outputFeedList($link, $tags);
 494
 495         }
 496
 497         if ($op == "view") {
 498
 499                 $id = db_escape_string($_GET["id"]);
 500                 $feed_id = db_escape_string($_GET["feed"]);
 501
 502                 $result = db_query($link, "SELECT rtl_content FROM ttrss_feeds
 503                         WHERE id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]);
 504
 505                 if (db_num_rows($result) == 1) {
 506                         $rtl_content = sql_bool_to_bool(db_fetch_result($result, 0, "rtl_content"));
 507                 } else {
 508                         $rtl_content = false;
 509                 }
 510
 511                 if ($rtl_content) {
 512                         $rtl_tag = "dir=\"RTL\"";
 513                         $rtl_class = "RTL";
 514                 } else {
 515                         $rtl_tag = "";
 516                         $rtl_class = "";
 517                 }
 518
 519                 $result = db_query($link, "UPDATE ttrss_user_entries
 520                         SET unread = false,last_read = NOW()
 521                         WHERE ref_id = '$id' AND feed_id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]);
 522
 523                 $result = db_query($link, "SELECT title,link,content,feed_id,comments,int_id,
 524                         SUBSTRING(updated,1,16) as updated,
 525                         (SELECT icon_url FROM ttrss_feeds WHERE id = feed_id) as icon_url,
 526                         num_comments,
 527                         author
 528                         FROM ttrss_entries,ttrss_user_entries
 529                         WHERE   id = '$id' AND ref_id = id AND owner_uid = " . $_SESSION["uid"]);
 530
 531                 print "<html><head>
 532                         <title>Tiny Tiny RSS : Article $id</title>
 533                         <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">";
 534
 535                 $user_theme = $_SESSION["theme"];
 536                 if ($user_theme) {
 537                         print "<link rel=\"stylesheet\" type=\"text/css\"
 538                                 href=\"themes/$user_theme/theme.css\">";
 539                 }
 540
 541                 if (get_pref($link, 'USE_COMPACT_STYLESHEET')) {
 542                         print "<link rel=\"stylesheet\" type=\"text/css\"
 543                                 href=\"tt-rss_compact.css\"/>";
 544                 } else {
 545                         print "<link title=\"Compact Stylesheet\" rel=\"alternate stylesheet\"
 546                                         type=\"text/css\" href=\"tt-rss_compact.css\"/>";
 547                 }
 548
 549                 $script_dt_add = get_script_dt_add();
 550
 551                 print "<script type=\"text/javascript\" src=\"functions.js?$script_dt_add\"></script>
 552                         <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
 553                         </head><body $rtl_tag>";
 554
 555                 if ($result) {
 556
 557                         $line = db_fetch_assoc($result);
 558
 559                         if ($line["icon_url"]) {
 560                                 $feed_icon = "<img class=\"feedIcon\" src=\"" . $line["icon_url"] . "\">";
 561                         } else {
 562                                 $feed_icon = "&nbsp;";
 563                         }
 564
 565 /*                      if ($line["comments"] && $line["link"] != $line["comments"]) {
 566                                 $entry_comments = "(<a href=\"".$line["comments"]."\">Comments</a>)";
 567                         } else {
 568                                 $entry_comments = "";
 569                         } */
 570
 571                         $num_comments = $line["num_comments"];
 572                         $entry_comments = "";
 573
 574                         if ($num_comments > 0) {
 575                                 if ($line["comments"]) {
 576                                         $comments_url = $line["comments"];
 577                                 } else {
 578                                         $comments_url = $line["link"];
 579                                 }
 580                                 $entry_comments = "<a href=\"$comments_url\">$num_comments comments</a>";
 581                         } else {
 582                                 if ($line["comments"] && $line["link"] != $line["comments"]) {
 583                                         $entry_comments = "<a href=\"".$line["comments"]."\">comments</a>";
 584                                 }
 585                         }
 586
 587                         print "<div class=\"postReply\">";
 588
 589                         print "<div class=\"postHeader\"><table width=\"100%\">";
 590
 591                         $entry_author = $line["author"];
 592
 593                         if ($entry_author) {
 594                                 $entry_author = " - by $entry_author";
 595                         }
 596
 597                         print "<tr><td><a href=\"" . $line["link"] . "\">" . $line["title"] .
 598                                 "</a>$entry_author</td>";
 599
 600                         $parsed_updated = date(get_pref($link, 'LONG_DATE_FORMAT'),
 601                                 strtotime($line["updated"]));
 602
 603                         print "<td class=\"postDate$rtl_class\">$parsed_updated</td>";
 604
 605                         print "</tr>";
 606
 607                         $tmp_result = db_query($link, "SELECT DISTINCT tag_name FROM
 608                                 ttrss_tags WHERE post_int_id = " . $line["int_id"] . "
 609                                 ORDER BY tag_name");
 610
 611                         $tags_str = "";
 612                         $f_tags_str = "";
 613
 614                         $num_tags = 0;
 615
 616                         while ($tmp_line = db_fetch_assoc($tmp_result)) {
 617                                 $num_tags++;
 618                                 $tag = $tmp_line["tag_name"];
 619                                 $tag_str = "<a href=\"javascript:parent.viewfeed('$tag')\">$tag</a>, ";
 620
 621                                 if ($num_tags == 5) {
 622                                         $tags_str .= "<a href=\"javascript:showBlockElement('allEntryTags')\">...</a>";
 623                                 } else if ($num_tags < 5) {
 624                                         $tags_str .= $tag_str;
 625                                 }
 626                                 $f_tags_str .= $tag_str;
 627                         }
 628
 629                         $tags_str = preg_replace("/, $/", "", $tags_str);
 630                         $f_tags_str = preg_replace("/, $/", "", $f_tags_str);
 631
 632 //                      $truncated_link = truncate_string($line["link"], 60);
 633
 634                         if ($tags_str || $entry_comments) {
 635                                 print "<tr><td width='50%'>
 636                                         $entry_comments</td>
 637                                         <td align=\"right\">$tags_str</td></tr>";
 638                         }
 639
 640                         print "</table></div>";
 641
 642                         print "<div class=\"postIcon\">" . $feed_icon . "</div>";
 643                         print "<div class=\"postContent\">";
 644
 645                         if (db_num_rows($tmp_result) > 5) {
 646                                 print "<div id=\"allEntryTags\">Tags: $f_tags_str</div>";
 647                         }
 648
 649                         if (get_pref($link, 'OPEN_LINKS_IN_NEW_WINDOW')) {
 650                                 $line["content"] = preg_replace("/href=/i", "target=\"_new\" href=", $line["content"]);
 651                         }
 652
 653                         print $line["content"] . "</div>";
 654
 655                         print "</div>";
 656
 657                         print "<script type=\"text/javascript\">
 658                                 update_all_counters('$feed_id');
 659                         </script>";
 660                 }
 661
 662                 print "</body></html>";
 663         }
 664
 665         if ($op == "viewfeed") {
 666
 667                 $feed = db_escape_string($_GET["feed"]);
 668                 $skip = db_escape_string($_GET["skip"]);
 669                 $subop = db_escape_string($_GET["subop"]);
 670                 $view_mode = db_escape_string($_GET["view"]);
 671                 $limit = db_escape_string($_GET["limit"]);
 672                 $cat_view = db_escape_string($_GET["cat"]);
 673                 $next_unread_feed = db_escape_string($_GET["nuf"]);
 674
 675                 if (!$skip) $skip = 0;
 676
 677                 if ($subop == "undefined") $subop = "";
 678
 679                 print "<html><head>
 680                         <title>Tiny Tiny RSS : Feed $feed</title>
 681                         <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">";
 682
 683                 $user_theme = $_SESSION["theme"];
 684                 if ($user_theme) {
 685                         print "<link rel=\"stylesheet\" type=\"text/css\"
 686                                 href=\"themes/$user_theme/theme.css\">";
 687                 }
 688
 689                 if (get_pref($link, 'USE_COMPACT_STYLESHEET')) {
 690                         print "<link rel=\"stylesheet\"
 691                                         type=\"text/css\" href=\"tt-rss_compact.css\"/>";
 692
 693                 } else {
 694                         print "<link title=\"Compact Stylesheet\" rel=\"alternate stylesheet\"
 695                                         type=\"text/css\" href=\"tt-rss_compact.css\"/>";
 696                 }
 697
 698                 if ($subop == "ForceUpdate" && sprintf("%d", $feed) > 0) {
 699                         update_generic_feed($link, $feed, $cat_view);
 700                 }
 701
 702                 if ($subop == "MarkAllRead")  {
 703                         catchup_feed($link, $feed, $cat_view);
 704
 705                         if (get_pref($link, 'ON_CATCHUP_SHOW_NEXT_FEED')) {
 706                                 if ($next_unread_feed) {
 707                                         $feed = $next_unread_feed;
 708                                 }
 709                         }
 710                 }
 711
 712                 if (preg_match("/^-?[0-9][0-9]*$/", $feed) != false) {
 713
 714                         $result = db_query($link, "SELECT rtl_content FROM ttrss_feeds
 715                                 WHERE id = '$feed' AND owner_uid = " . $_SESSION["uid"]);
 716
 717                         if (db_num_rows($result) == 1) {
 718                                 $rtl_content = sql_bool_to_bool(db_fetch_result($result, 0, "rtl_content"));
 719                         } else {
 720                                 $rtl_content = false;
 721                         }
 722
 723                         if ($rtl_content) {
 724                                 $rtl_tag = "dir=\"RTL\"";
 725                         } else {
 726                                 $rtl_tag = "";
 727                         }
 728                 } else {
 729                         $rtl_tag = "";
 730                         $rtl_content = false;
 731                 }
 732
 733                 $script_dt_add = get_script_dt_add();
 734
 735                 print "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
 736                         <script type=\"text/javascript\" src=\"functions.js?$script_dt_add\"></script>
 737                         <script type=\"text/javascript\" src=\"viewfeed.js?$script_dt_add\"></script>
 738                         <!--[if gte IE 5.5000]>
 739                         <script type=\"text/javascript\" src=\"pngfix.js\"></script>
 740                         <link rel=\"stylesheet\" type=\"text/css\" href=\"tt-rss-ie.css\">
 741                         <![endif]-->
 742                         </head><body $rtl_tag>
 743                         <script type=\"text/javascript\">
 744                         if (document.addEventListener) {
 745                                 document.addEventListener(\"DOMContentLoaded\", init, null);
 746                         }
 747                         window.onload = init;
 748                         </script>";
 749
 750                 $search = db_escape_string($_GET["search"]);
 751                 $search_mode = db_escape_string($_GET["smode"]);
 752
 753                 if ($search) {
 754                         $search_query_part = "(upper(ttrss_entries.title) LIKE upper('%$search%')
 755                                 OR ttrss_entries.content LIKE '%$search%') AND";
 756                 } else {
 757                         $search_query_part = "";
 758                 }
 759
 760                 $view_query_part = "";
 761
 762                 if ($view_mode == "Adaptive") {
 763                         if ($search) {
 764                                 $view_query_part = " ";
 765                         } else if ($feed != -1) {
 766                                 $unread = getFeedUnread($link, $feed);
 767                                 if ($unread > 0) {
 768                                         $view_query_part = " unread = true AND ";
 769                                 }
 770                         }
 771                 }
 772
 773                 if ($view_mode == "Starred") {
 774                         $view_query_part = " marked = true AND ";
 775                 }
 776
 777                 if ($view_mode == "Unread") {
 778                         $view_query_part = " unread = true AND ";
 779                 }
 780
 781                 if ($limit && $limit != "All") {
 782                         $limit_query_part = "LIMIT " . $limit;
 783                 }
 784
 785                 $vfeed_query_part = "";
 786
 787                 // override query strategy and enable feed display when searching globally
 788                 if ($search && $search_mode == "All feeds") {
 789                         $query_strategy_part = "ttrss_entries.id > 0";
 790                         $vfeed_query_part = "ttrss_feeds.title AS feed_title,";
 791                 } else if (preg_match("/^-?[0-9][0-9]*$/", $feed) == false) {
 792                         $query_strategy_part = "ttrss_entries.id > 0";
 793                         $vfeed_query_part = "(SELECT title FROM ttrss_feeds WHERE
 794                                 id = feed_id) as feed_title,";
 795                 } else if ($feed >= 0 && $search && $search_mode == "This category") {
 796
 797                         $vfeed_query_part = "ttrss_feeds.title AS feed_title,";
 798
 799                         $tmp_result = db_query($link, "SELECT id
 800                                 FROM ttrss_feeds WHERE cat_id =
 801                                         (SELECT cat_id FROM ttrss_feeds WHERE id = '$feed') AND id != '$feed'");
 802
 803                         $cat_siblings = array();
 804
 805                         if (db_num_rows($tmp_result) > 0) {
 806                                 while ($p = db_fetch_assoc($tmp_result)) {
 807                                         array_push($cat_siblings, "feed_id = " . $p["id"]);
 808                                 }
 809
 810                                 $query_strategy_part = sprintf("(feed_id = %d OR %s)",
 811                                         $feed, implode(" OR ", $cat_siblings));
 812
 813                         } else {
 814                                 $query_strategy_part = "ttrss_entries.id > 0";
 815                         }
 816
 817                 } else if ($feed >= 0) {
 818
 819                         if ($cat_view) {
 820
 821                                 if ($feed > 0) {
 822                                         $query_strategy_part = "cat_id = '$feed'";
 823                                 } else {
 824                                         $query_strategy_part = "cat_id IS NULL";
 825                                 }
 826
 827                                 $vfeed_query_part = "ttrss_feeds.title AS feed_title,";
 828
 829                         } else {
 830                                 $tmp_result = db_query($link, "SELECT id
 831                                         FROM ttrss_feeds WHERE parent_feed = '$feed'
 832                                         ORDER BY cat_id,title");
 833
 834                                 $parent_ids = array();
 835
 836                                 if (db_num_rows($tmp_result) > 0) {
 837                                         while ($p = db_fetch_assoc($tmp_result)) {
 838                                                 array_push($parent_ids, "feed_id = " . $p["id"]);
 839                                         }
 840
 841                                         $query_strategy_part = sprintf("(feed_id = %d OR %s)",
 842                                                 $feed, implode(" OR ", $parent_ids));
 843
 844                                         $vfeed_query_part = "ttrss_feeds.title AS feed_title,";
 845                                 } else {
 846                                         $query_strategy_part = "feed_id = '$feed'";
 847                                 }
 848                         }
 849                 } else if ($feed == -1) { // starred virtual feed
 850                         $query_strategy_part = "marked = true";
 851                         $vfeed_query_part = "ttrss_feeds.title AS feed_title,";
 852                 } else if ($feed <= -10) { // labels
 853                         $label_id = -$feed - 11;
 854
 855                         $tmp_result = db_query($link, "SELECT sql_exp FROM ttrss_labels
 856                                 WHERE id = '$label_id'");
 857
 858                         $query_strategy_part = db_fetch_result($tmp_result, 0, "sql_exp");
 859
 860                         $vfeed_query_part = "ttrss_feeds.title AS feed_title,";
 861                 } else {
 862                         $query_strategy_part = "id > 0"; // dumb
 863                 }
 864
 865                 $order_by = "updated DESC";
 866
 867 //              if ($feed < -10) {
 868 //                      $order_by = "feed_id,updated DESC";
 869 //              }
 870
 871                 $feed_title = "";
 872
 873                 if ($search && $search_mode == "All feeds") {
 874                         $feed_title = "Global search results ($search)";
 875                 } else if ($search && preg_match('/^-?[0-9][0-9]*$/', $feed) == false) {
 876                         $feed_title = "Feed search results ($search, $feed)";
 877                 } else if (preg_match('/^-?[0-9][0-9]*$/', $feed) == false) {
 878                         $feed_title = $feed;
 879                 } else if (preg_match('/^-?[0-9][0-9]*$/', $feed) != false && $feed >= 0) {
 880
 881                         if ($cat_view) {
 882
 883                                 if ($feed != 0) {
 884                                         $result = db_query($link, "SELECT title FROM ttrss_feed_categories
 885                                                 WHERE id = '$feed' AND owner_uid = " . $_SESSION["uid"]);
 886                                         $feed_title = db_fetch_result($result, 0, "title");
 887                                 } else {
 888                                         $feed_title = "Uncategorized";
 889                                 }
 890                         } else {
 891
 892                                 $result = db_query($link, "SELECT title,site_url,last_error FROM ttrss_feeds
 893                                         WHERE id = '$feed' AND owner_uid = " . $_SESSION["uid"]);
 894
 895                                 $feed_title = db_fetch_result($result, 0, "title");
 896                                 $feed_site_url = db_fetch_result($result, 0, "site_url");
 897                                 $last_error = db_fetch_result($result, 0, "last_error");
 898
 899                         }
 900
 901                 } else if ($feed == -1) {
 902                         $feed_title = "Starred articles";
 903                 } else if ($feed < -10) {
 904                         $label_id = -$feed - 11;
 905                         $result = db_query($link, "SELECT description FROM ttrss_labels
 906                                 WHERE id = '$label_id'");
 907                         $feed_title = db_fetch_result($result, 0, "description");
 908                 } else {
 909                         $feed_title = "?";
 910                 }
 911
 912                 $feed_title = db_unescape_string($feed_title);
 913
 914                 if ($feed < -10) error_reporting (0);
 915
 916                 print "<div id=\"headlinesContainer\">";
 917
 918                 if (preg_match("/^-?[0-9][0-9]*$/", $feed) != false) {
 919
 920                         if ($feed >= 0) {
 921                                 $feed_kind = "Feeds";
 922                         } else {
 923                                 $feed_kind = "Labels";
 924                         }
 925
 926 //                      if (!$vfeed_query_part) {
 927                         $content_query_part = "content as content_preview,";
 928 //                      } else {
 929 //                              $content_query_part = "";
 930 //                      }
 931
 932                         $query = "SELECT
 933                                         ttrss_entries.id,ttrss_entries.title,
 934                                         SUBSTRING(updated,1,16) as updated,
 935                                         unread,feed_id,marked,link,last_read,
 936                                         SUBSTRING(last_read,1,19) as last_read_noms,
 937                                         $vfeed_query_part
 938                                         $content_query_part
 939                                         SUBSTRING(updated,1,19) as updated_noms
 940                                 FROM
 941                                         ttrss_entries,ttrss_user_entries,ttrss_feeds
 942                                 WHERE
 943                                 ttrss_user_entries.feed_id = ttrss_feeds.id AND
 944                                 ttrss_user_entries.ref_id = ttrss_entries.id AND
 945                                 ttrss_user_entries.owner_uid = '".$_SESSION["uid"]."' AND
 946                                 $search_query_part
 947                                 $view_query_part
 948                                 $query_strategy_part ORDER BY $order_by
 949                                 $limit_query_part";
 950
 951                         $result = db_query($link, $query);
 952
 953                         if ($_GET["debug"]) print $query;
 954
 955                 } else {
 956                         // browsing by tag
 957
 958                         $feed_kind = "Tags";
 959
 960                         $result = db_query($link, "SELECT
 961                                 ttrss_entries.id as id,title,
 962                                 SUBSTRING(updated,1,16) as updated,
 963                                 unread,feed_id,
 964                                 marked,link,last_read,
 965                                 SUBSTRING(last_read,1,19) as last_read_noms,
 966                                 $vfeed_query_part
 967                                 $content_query_part
 968                                 SUBSTRING(updated,1,19) as updated_noms
 969                                 FROM
 970                                         ttrss_entries,ttrss_user_entries,ttrss_tags
 971                                 WHERE
 972                                         ref_id = ttrss_entries.id AND
 973                                         ttrss_user_entries.owner_uid = '".$_SESSION["uid"]."' AND
 974                                         post_int_id = int_id AND tag_name = '$feed' AND
 975                                         $view_query_part
 976                                         $search_query_part
 977                                         $query_strategy_part ORDER BY $order_by
 978                                 $limit_query_part");
 979                 }
 980
 981                 if (!$result) {
 982                         print "<div align='center'>
 983                                 Could not display feed (query failed). Please check label match syntax or local configuration.</div>";
 984                         return;
 985                 }
 986
 987                 function print_headline_subtoolbar($link, $feed_site_url, $feed_title,
 988                                                 $bottom = false, $rtl_content = false) {
 989
 990                         if (!$bottom) {
 991                                 $class = "headlinesSubToolbar";
 992                                 $tid = "headlineActionsTop";
 993                         } else {
 994                                 $class = "invisible";
 995                                 $tid = "headlineActionsBottom";
 996                         }
 997
 998                         print "<table class=\"$class\" id=\"$tid\"
 999                                 width=\"100%\" cellspacing=\"0\" cellpadding=\"0\"><tr>";
1000
1001                         if ($rtl_content) {
1002                                 $rtl_cpart = "RTL";
1003                         } else {
1004                                 $rtl_cpart = "";
1005                         }
1006
1007                         if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
1008
1009                                 print "<td class=\"headlineActions$rtl_cpart\">
1010                                         Select:
1011                                                                 <a href='#' onclick=\"javascript:selectTableRowsByIdPrefix('headlinesList', 'RROW-', 'RCHK-', true, '', true)\">All</a>,
1012                                                                 <a href='#' onclick=\"javascript:selectTableRowsByIdPrefix('headlinesList', 'RROW-', 'RCHK-', true, 'Unread', true)\">Unread</a>,
1013                                                                 <a href='#' onclick=\"javascript:selectTableRowsByIdPrefix('headlinesList', 'RROW-', 'RCHK-', false)\">None</a>
1014                                                 &nbsp;&nbsp;
1015                                                 Toggle: <a href='#' onclick=\"javascript:selectionToggleUnread()\">Unread</a>,
1016                                                                 <a href='#' onclick=\"javascript:selectionToggleMarked()\">Starred</a>";
1017                                 print "</td>";
1018
1019                         } else {
1020
1021                                 print "<td class=\"headlineActions$rtl_cpart\">
1022                                         Select:
1023                                                                 <a href=\"#\" onclick=\"javascript:cdmSelectArticles('all')\">All</a>,
1024                                                                 <a href=\"#\" onclick=\"javascript:cdmSelectArticles('unread')\">Unread</a>,
1025                                                                 <a href=\"#\" onclick=\"javascript:cdmSelectArticles('none')\">None</a>
1026                                                 &nbsp;&nbsp;
1027                                                 Toggle: <a href=\"#\" onclick=\"javascript:selectionToggleUnread(true)\">Unread</a>,
1028                                                                 <a href=\"#\" onclick=\"javascript:selectionToggleMarked(true)\">Starred</a>";
1029
1030                                 print "</td>";
1031
1032                         }
1033
1034                         print "<td class=\"headlineTitle$rtl_cpart\">";
1035
1036                         if ($feed_site_url) {
1037                                 if (!$bottom) {
1038                                         $target = "target=\"_blank\"";
1039                                 }
1040                                 print "<a $target href=\"$feed_site_url\">$feed_title</a>";
1041                         } else {
1042                                 print $feed_title;
1043                         }
1044
1045                         print "</td>";
1046                         print "</tr></table>";
1047
1048                 }
1049
1050                 if (db_num_rows($result) > 0) {
1051
1052                         print_headline_subtoolbar($link, $feed_site_url, $feed_title, false,
1053                                 $rtl_content);
1054
1055                         if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
1056                                 print "<table class=\"headlinesList\" id=\"headlinesList\"
1057                                         cellspacing=\"0\" width=\"100%\">";
1058                         }
1059
1060                         $lnum = 0;
1061
1062                         error_reporting (DEFAULT_ERROR_LEVEL);
1063
1064                         $num_unread = 0;
1065
1066                         while ($line = db_fetch_assoc($result)) {
1067
1068                                 $class = ($lnum % 2) ? "even" : "odd";
1069
1070                                 $id = $line["id"];
1071                                 $feed_id = $line["feed_id"];
1072
1073                                 if ($line["last_read"] == "" &&
1074                                                 ($line["unread"] != "t" && $line["unread"] != "1")) {
1075
1076                                         $update_pic = "<img id='FUPDPIC-$id' src=\"images/updated.png\"
1077                                                 alt=\"Updated\">";
1078                                 } else {
1079                                         $update_pic = "<img id='FUPDPIC-$id' src=\"images/blank_icon.gif\"
1080                                                 alt=\"Updated\">";
1081                                 }
1082
1083                                 if ($line["unread"] == "t" || $line["unread"] == "1") {
1084                                         $class .= "Unread";
1085                                         ++$num_unread;
1086                                         $is_unread = true;
1087                                 } else {
1088                                         $is_unread = false;
1089                                 }
1090
1091                                 if ($line["marked"] == "t" || $line["marked"] == "1") {
1092                                         $marked_pic = "<img id=\"FMARKPIC-$id\" src=\"images/mark_set.png\"
1093                                                 alt=\"Reset mark\" onclick='javascript:toggleMark($id)'>";
1094                                 } else {
1095                                         $marked_pic = "<img id=\"FMARKPIC-$id\" src=\"images/mark_unset.png\"
1096                                                 alt=\"Set mark\" onclick='javascript:toggleMark($id)'>";
1097                                 }
1098
1099                                 $content_link = "<a href=\"javascript:view($id,$feed_id);\">" .
1100                                         $line["title"] . "</a>";
1101
1102                                 if (get_pref($link, 'HEADLINES_SMART_DATE')) {
1103                                         $updated_fmt = smart_date_time(strtotime($line["updated"]));
1104                                 } else {
1105                                         $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
1106                                         $updated_fmt = date($short_date, strtotime($line["updated"]));
1107                                 }
1108
1109                                 if (get_pref($link, 'SHOW_CONTENT_PREVIEW')) {
1110                                         $content_preview = truncate_string(strip_tags($line["content_preview"]),
1111                                                 100);
1112                                 }
1113
1114                                 if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
1115
1116                                         print "<tr class='$class' id='RROW-$id'>";
1117
1118                                         print "<td class='hlUpdatePic'>$update_pic</td>";
1119
1120                                         print "<td class='hlSelectRow'>
1121                                                 <input type=\"checkbox\" onclick=\"toggleSelectRow(this)\"
1122                                                         class=\"feedCheckBox\" id=\"RCHK-$id\">
1123                                                 </td>";
1124
1125                                         print "<td class='hlMarkedPic'>$marked_pic</td>";
1126
1127                                         if ($line["feed_title"]) {
1128                                                 print "<td class='hlContent'>$content_link</td>";
1129                                                 print "<td class='hlFeed'>
1130                                                         <a href='javascript:viewfeed($feed_id)'>".
1131                                                                 $line["feed_title"]."</a>&nbsp;</td>";
1132                                         } else {
1133                                                 print "<td class='hlContent' valign='middle'>";
1134
1135                                                 print "<a href=\"javascript:view($id,$feed_id);\">" .
1136                                                         $line["title"];
1137
1138                                                 if (get_pref($link, 'SHOW_CONTENT_PREVIEW') && !$rtl_tag) {
1139                                                         if ($content_preview) {
1140                                                                 print "<span class=\"contentPreview\"> - $content_preview</span>";
1141                                                         }
1142                                                 }
1143
1144                                                 print "</a>";
1145                                                 print "</td>";
1146                                         }
1147
1148                                         print "<td class=\"hlUpdated\"><nobr>$updated_fmt&nbsp;</nobr></td>";
1149
1150                                         print "</tr>";
1151
1152                                 } else {
1153
1154                                         if ($is_unread) {
1155                                                 $add_class = "Unread";
1156                                         } else {
1157                                                 $add_class = "";
1158                                         }
1159
1160                                         print "<div class=\"cdmArticle$add_class\" id=\"RROW-$id\">";
1161
1162                                         print "<div class=\"cdmHeader\">";
1163
1164                                         print "<div style=\"float : right\">$updated_fmt,
1165                                                 <a class=\"cdmToggleLink\"
1166                                                         href=\"javascript:toggleUnread($id)\">Toggle unread</a>
1167                                         </div>";
1168
1169                                         print "<a class=\"title\"
1170                                                 onclick=\"javascript:toggleUnread($id, 0)\"
1171                                                 target=\"new\" href=\"".$line["link"]."\">".$line["title"]."</a>";
1172
1173                                         if ($line["feed_title"]) {
1174                                                 print "&nbsp;(<a href='javascript:viewfeed($feed_id)'>".$line["feed_title"]."</a>)";
1175                                         }
1176
1177                                         print "</div>";
1178
1179                                         print "<div class=\"cdmContent\">" . $line["content_preview"] . "</div>";
1180
1181                                         print "<div style=\"float : right\">$marked_pic</div>
1182                                                 <div lass=\"cdmFooter\">
1183                                                         <input type=\"checkbox\" onclick=\"toggleSelectRowById(this,
1184                                                         'RROW-$id')\" class=\"feedCheckBox\" id=\"RCHK-$id\"></div>";
1185
1186 #                                       print "<div align=\"center\"><a class=\"cdmToggleLink\"
1187 #                                                       href=\"javascript:toggleUnread($id)\">
1188 #                                                       Toggle unread</a></div>";
1189
1190                                         print "</div>";
1191
1192                                 }
1193
1194                                 ++$lnum;
1195                         }
1196
1197                         if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
1198                                 print "</table>";
1199                         }
1200
1201                         print_headline_subtoolbar($link,
1202                                 "javascript:catchupPage()", "Mark page as read", true, $rtl_content);
1203
1204
1205                 } else {
1206                         print "<div width='100%' align='center'>No articles found.</div>";
1207                 }
1208
1209                 print "</div>";
1210
1211                 print "<script type=\"text/javascript\">
1212                         document.onkeydown = hotkey_handler;
1213                         // if (parent.daemon_enabled) parent.updateTitle('$feed_title');
1214                         update_all_counters('$feed');
1215                 </script>";
1216
1217                 print '
1218                         <script type="text/javascript">
1219                                 /* for IE */
1220                                 function statechange() {
1221                                         if (document.readyState == "interactive") init();
1222                                 }
1223
1224                                 if (document.readyState) {
1225                                         if (document.readyState == "interactive" || document.readyState == "complete") {
1226                                                 init();
1227                                         } else {
1228                                                 document.onreadystatechange = statechange;
1229                                         }
1230                                 }
1231                         </script>';
1232
1233                 print "</body></html>";
1234         }
1235
1236         if ($op == "pref-rpc") {
1237
1238                 $subop = $_GET["subop"];
1239
1240                 if ($subop == "unread") {
1241                         $ids = split(",", db_escape_string($_GET["ids"]));
1242                         foreach ($ids as $id) {
1243                                 db_query($link, "UPDATE ttrss_user_entries SET unread = true
1244                                         WHERE feed_id = '$id' AND owner_uid = ".$_SESSION["uid"]);
1245                         }
1246
1247                         print "Marked selected feeds as unread.";
1248                 }
1249
1250                 if ($subop == "read") {
1251                         $ids = split(",", db_escape_string($_GET["ids"]));
1252                         foreach ($ids as $id) {
1253                                 db_query($link, "UPDATE ttrss_user_entries
1254                                         SET unread = false,last_read = NOW() WHERE
1255                                                 feed_id = '$id' AND owner_uid = ".$_SESSION["uid"]);
1256                         }
1257
1258                         print "Marked selected feeds as read.";
1259
1260                 }
1261
1262         }
1263
1264         if ($op == "pref-feeds") {
1265
1266                 $subop = $_REQUEST["subop"];
1267                 $quiet = $_REQUEST["quiet"];
1268
1269                 if ($subop == "massSubscribe") {
1270                         $ids = split(",", db_escape_string($_GET["ids"]));
1271
1272                         $subscribed = array();
1273
1274                         foreach ($ids as $id) {
1275                                 $result = db_query($link, "SELECT feed_url,title FROM ttrss_feeds
1276                                         WHERE id = '$id'");
1277
1278                                 $feed_url = db_fetch_result($result, 0, "feed_url");
1279                                 $title = db_fetch_result($result, 0, "title");
1280
1281                                 $result = db_query($link, "SELECT id FROM ttrss_feeds WHERE
1282                                         feed_url = '$feed_url' AND owner_uid = " . $_SESSION["uid"]);
1283
1284                                 if (db_num_rows($result) == 0) {
1285                                         $result = db_query($link,
1286                                                 "INSERT INTO ttrss_feeds (owner_uid,feed_url,title,cat_id)
1287                                                 VALUES ('".$_SESSION["uid"]."', '$feed_url', '$title', NULL)");
1288
1289                                         array_push($subscribed, $title);
1290                                 }
1291                         }
1292
1293                         if (count($subscribed) > 0) {
1294                                 print "<div class=\"notice\">";
1295                                 print "<b>Subscribed to feeds:</b>";
1296                                 print "<ul class=\"nomarks\">";
1297                                 foreach ($subscribed as $title) {
1298                                         print "<li>$title</li>";
1299                                 }
1300                                 print "</ul>";
1301                                 print "</div>";
1302                         }
1303                 }
1304
1305                 if ($subop == "browse") {
1306
1307                         if (!ENABLE_FEED_BROWSER) {
1308                                 print "Feed browser is administratively disabled.";
1309                                 return;
1310                         }
1311
1312                         print "<div class=\"infoBoxContents\">";
1313
1314                         print "<h1>Feed browser</h1>";
1315
1316                         print "<p>Showing top 50 registered feeds, sorted by popularity:</p>";
1317
1318                         $result = db_query($link, "SELECT feed_url,count(id) AS subscribers
1319                                 FROM ttrss_feeds
1320                                 WHERE auth_login = '' AND auth_pass = '' AND private = false
1321                                 GROUP BY feed_url ORDER BY subscribers DESC LIMIT 50");
1322
1323                         print "<ul class='browseFeedList' id='browseFeedList'>";
1324
1325                         $feedctr = 0;
1326
1327                         while ($line = db_fetch_assoc($result)) {
1328                                 $feed_url = $line["feed_url"];
1329                                 $subscribers = $line["subscribers"];
1330
1331                                 $sub_result = db_query($link, "SELECT id
1332                                         FROM ttrss_feeds WHERE feed_url = '$feed_url' AND owner_uid =" .
1333                                         $_SESSION["uid"]);
1334
1335                                 if (db_num_rows($sub_result) > 0) {
1336                                         continue; // already subscribed
1337                                 }
1338
1339                                 $det_result = db_query($link, "SELECT site_url,title,id
1340                                         FROM ttrss_feeds WHERE feed_url = '$feed_url' LIMIT 1");
1341
1342                                 $details = db_fetch_assoc($det_result);
1343
1344                                 $icon_file = ICONS_DIR . "/" . $details["id"] . ".ico";
1345
1346                                 if (file_exists($icon_file) && filesize($icon_file) > 0) {
1347                                                 $feed_icon = "<img class=\"tinyFeedIcon\"       src=\"" . ICONS_URL .
1348                                                         "/".$details["id"].".ico\">";
1349                                 } else {
1350                                         $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
1351                                 }
1352
1353                                 $check_box = "<input onclick='toggleSelectListRow(this)' class='feedBrowseCB'
1354                                         type=\"checkbox\" id=\"FBCHK-" . $details["id"] . "\">";
1355
1356                                 $class = ($feedctr % 2) ? "even" : "odd";
1357
1358                                 print "<li class='$class' id=\"FBROW-".$details["id"]."\">$check_box".
1359                                         "$feed_icon " . db_unescape_string($details["title"]) .
1360                                         "&nbsp;<span class='subscribers'>($subscribers)</span></li>";
1361
1362                                         ++$feedctr;
1363                         }
1364
1365                         if ($feedctr == 0) {
1366                                 print "<li>No feeds found to subscribe.</li>";
1367                         }
1368
1369                         print "</ul>";
1370
1371                         print "<div align='center'>
1372                                 <input type=\"submit\" class=\"button\"
1373                                 onclick=\"feedBrowserSubscribe()\" value=\"Subscribe\">
1374                                 <input type='submit' class='button'
1375                                 onclick=\"closeInfoBox()\" value=\"Cancel\"></div>";
1376
1377                         print "</div>";
1378                         return;
1379                 }
1380
1381                 if ($subop == "editfeed") {
1382                         $feed_id = db_escape_string($_GET["id"]);
1383
1384                         $result = db_query($link,
1385                                 "SELECT * FROM ttrss_feeds WHERE id = '$feed_id' AND
1386                                         owner_uid = " . $_SESSION["uid"]);
1387
1388                         $title = htmlspecialchars(db_unescape_string(db_fetch_result($result,
1389                                 0, "title")));
1390
1391                         print "<div class=\"infoBoxContents\">";
1392
1393                         $icon_file = ICONS_DIR . "/$feed_id.ico";
1394
1395                         if (file_exists($icon_file) && filesize($icon_file) > 0) {
1396                                         $feed_icon = "<img width=\"16\" height=\"16\"
1397                                                 src=\"" . ICONS_URL . "/$feed_id.ico\">";
1398                         } else {
1399                                 $feed_icon = "";
1400                         }
1401
1402                         print "<h1>$feed_icon $title</h1>";
1403
1404                         print "<table width='100%'>";
1405
1406 #                       $row_class = "odd";
1407
1408                         print "<tr class='$row_class'><td>Title:</td>";
1409                         print "<td><input id=\"iedit_title\" value=\"$title\"></td></tr>";
1410
1411                         $feed_url = db_fetch_result($result, 0, "feed_url");
1412                         $feed_url = htmlspecialchars(db_unescape_string(db_fetch_result($result,
1413                                 0, "feed_url")));
1414 #                       $row_class = toggleEvenOdd($row_class);
1415
1416                         print "<tr class='$row_class'><td>Feed URL:</td>";
1417                         print "<td><input id=\"iedit_link\" value=\"$feed_url\"></td></tr>";
1418
1419                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
1420
1421                                 $cat_id = db_fetch_result($result, 0, "cat_id");
1422
1423 #                               $row_class = toggleEvenOdd($row_class);
1424
1425                                 print "<tr class='$row_class'><td>Category:</td>";
1426                                 print "<td>";
1427                                 print "<select id=\"iedit_fcat\">";
1428                                 print "<option id=\"0\">Uncategorized</option>";
1429
1430                                 $tmp_result = db_query($link, "SELECT id,title FROM ttrss_feed_categories
1431                                         WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY title");
1432
1433                                 if (db_num_rows($tmp_result) > 0) {
1434                                         print "<option disabled>--------</option>";
1435                                 }
1436
1437                                 while ($tmp_line = db_fetch_assoc($tmp_result)) {
1438                                         if ($tmp_line["id"] == $cat_id) {
1439                                                 $is_selected = "selected";
1440                                         } else {
1441                                                 $is_selected = "";
1442                                         }
1443                                         printf("<option $is_selected id='%d'>%s</option>",
1444                                                 $tmp_line["id"], $tmp_line["title"]);
1445                                 }
1446
1447                                 print "</select></td>";
1448                                 print "</td></tr>";
1449
1450                         }
1451
1452                         $update_interval = db_fetch_result($result, 0, "update_interval");
1453 #                       $row_class = toggleEvenOdd($row_class);
1454
1455                         print "<tr class='$row_class'><td>Update Interval:</td>";
1456 //                      print "<td><input id=\"iedit_updintl\"
1457 //                              value=\"$update_interval\"></td></tr>";
1458
1459                         print "<td>";
1460
1461                         print "<select id=\"iedit_updintl\">";
1462
1463                         foreach (array_keys($update_intervals) as $i) {
1464
1465                                 if ($i == $update_interval) {
1466                                         $selected = "selected";
1467                                 } else {
1468                                         $selected = "";
1469                                 }
1470                                 print "<option $selected id=\"$i\">" . $update_intervals[$i] . "</option>";
1471                         }
1472
1473                         print "</select>";
1474
1475                         print "</td>";
1476
1477 #                       $row_class = toggleEvenOdd($row_class);
1478                         print "<tr class='$row_class'><td>Link to:</td>";
1479
1480                         $tmp_result = db_query($link, "SELECT COUNT(id) AS count
1481                                 FROM ttrss_feeds WHERE parent_feed = '$feed_id'");
1482
1483                         $linked_count = db_fetch_result($tmp_result, 0, "count");
1484
1485                         $parent_feed = db_fetch_result($result, 0, "parent_feed");
1486
1487                         if ($linked_count > 0) {
1488                                 $disabled = "disabled";
1489                         }
1490
1491                         print "<select $disabled  id=\"iedit_parent_feed\">";
1492
1493                         print "<option id=\"0\">Not linked</option>";
1494
1495                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
1496                                 if ($cat_id) {
1497                                         $cat_qpart = "AND cat_id = '$cat_id'";
1498                                 } else {
1499                                         $cat_qpart = "AND cat_id IS NULL";
1500                                 }
1501                         }
1502
1503                         $tmp_result = db_query($link, "SELECT id,title FROM ttrss_feeds
1504                                 WHERE id != '$feed_id' AND owner_uid = ".$_SESSION["uid"]."
1505                                         $cat_qpart ORDER BY title");
1506
1507                                 if (db_num_rows($tmp_result) > 0) {
1508                                         print "<option disabled>--------</option>";
1509                                 }
1510
1511                                 while ($tmp_line = db_fetch_assoc($tmp_result)) {
1512                                         if ($tmp_line["id"] == $parent_feed) {
1513                                                 $is_selected = "selected";
1514                                         } else {
1515                                                 $is_selected = "";
1516                                         }
1517                                         printf("<option $is_selected id='%d'>%s</option>",
1518                                                 $tmp_line["id"], $tmp_line["title"]);
1519                                 }
1520
1521                                 print "</select></td>";
1522                                 print "</td></tr>";
1523
1524                         $purge_interval = db_fetch_result($result, 0, "purge_interval");
1525 #                       $row_class = toggleEvenOdd($row_class);
1526
1527                         print "<tr class='$row_class'><td>Purge Days:</td>";
1528 //                      print "<td><input id=\"iedit_purgintl\"
1529 //                              value=\"$purge_interval\"></td></tr>";
1530
1531                         print "<td>";
1532
1533                         print "<select id=\"iedit_purgintl\">";
1534
1535                         foreach (array_keys($purge_intervals) as $i) {
1536
1537                                 if ($i == $purge_interval) {
1538                                         $selected = "selected";
1539                                 } else {
1540                                         $selected = "";
1541                                 }
1542                                 print "<option $selected id=\"$i\">" . $purge_intervals[$i] . "</option>";
1543                         }
1544
1545                         print "</select>";
1546
1547                         print "</td>";
1548
1549 //                      print "<tr><td colspan=\"2\"><b>Authentication</b></td></tr>";
1550
1551 #                       $row_class = toggleEvenOdd($row_class);
1552                         $auth_login = db_fetch_result($result, 0, "auth_login");
1553
1554                         print "<tr class='$row_class'><td>Login:</td>";
1555                         print "<td><input id=\"iedit_login\"
1556                                 value=\"$auth_login\"></td></tr>";
1557
1558 #                       $row_class = toggleEvenOdd($row_class);
1559                         $auth_pass = db_fetch_result($result, 0, "auth_pass");
1560
1561                         print "<tr class='$row_class'><td>Password:</td>";
1562                         print "<td><input type=\"password\" id=\"iedit_pass\"
1563                                 value=\"$auth_pass\"></td></tr>";
1564
1565 #                       $row_class = toggleEvenOdd($row_class);
1566                         $private = sql_bool_to_bool(db_fetch_result($result, 0, "private"));
1567
1568                         if ($private) {
1569                                 $checked = "checked";
1570                         } else {
1571                                 $checked = "";
1572                         }
1573
1574                         print "<tr class='$row_class'><td valign='top'>Options:</td>";
1575                         print "<td><input type=\"checkbox\" id=\"iedit_private\"
1576                                 $checked><label for=\"iedit_private\">Hide from feed browser</label>";
1577
1578                         $rtl_content = sql_bool_to_bool(db_fetch_result($result, 0, "rtl_content"));
1579
1580                         if ($rtl_content) {
1581                                 $checked = "checked";
1582                         } else {
1583                                 $checked = "";
1584                         }
1585
1586                         print "<br><input type=\"checkbox\" id=\"iedit_rtl\"
1587                                 $checked><label for=\"iedit_rtl\">Right-to-left content</label>";
1588
1589                         print "</td></tr>";
1590
1591                         print "</table>";
1592                         print "</div>";
1593
1594                         print "<div align='center'>
1595                                 <input type=\"submit\" class=\"button\"
1596                                 onclick=\"feedEditSave()\" value=\"Save\">
1597                                 <input type='submit' class='button'
1598                                 onclick=\"feedEditCancel()\" value=\"Cancel\"></div>";
1599                         return;
1600                 }
1601
1602                 if ($subop == "editSave") {
1603                         $feed_title = db_escape_string($_POST["t"]);
1604                         $feed_link = db_escape_string($_POST["l"]);
1605                         $upd_intl = db_escape_string($_POST["ui"]);
1606                         $purge_intl = db_escape_string($_POST["pi"]);
1607                         $feed_id = db_escape_string($_POST["id"]);
1608                         $cat_id = db_escape_string($_POST["catid"]);
1609                         $auth_login = db_escape_string($_POST["login"]);
1610                         $auth_pass = db_escape_string($_POST["pass"]);
1611                         $parent_feed = db_escape_string($_POST["pfeed"]);
1612                         $private = db_escape_string($_POST["is_pvt"]);
1613                         $rtl_content = db_escape_string($_POST["is_rtl"]);
1614
1615                         if (strtoupper($upd_intl) == "DEFAULT")
1616                                 $upd_intl = 0;
1617
1618                         if (strtoupper($upd_intl) == "DISABLED")
1619                                 $upd_intl = -1;
1620
1621                         if (strtoupper($purge_intl) == "DEFAULT")
1622                                 $purge_intl = 0;
1623
1624                         if (strtoupper($purge_intl) == "DISABLED")
1625                                 $purge_intl = -1;
1626
1627                         if ($cat_id != 0) {
1628                                 $category_qpart = "cat_id = '$cat_id'";
1629                         } else {
1630                                 $category_qpart = 'cat_id = NULL';
1631                         }
1632
1633                         if ($parent_feed != 0) {
1634                                 $parent_qpart = "parent_feed = '$parent_feed'";
1635                         } else {
1636                                 $parent_qpart = 'parent_feed = NULL';
1637                         }
1638
1639                         $result = db_query($link, "UPDATE ttrss_feeds SET
1640                                 $category_qpart,
1641                                 $parent_qpart,
1642                                 title = '$feed_title', feed_url = '$feed_link',
1643                                 update_interval = '$upd_intl',
1644                                 purge_interval = '$purge_intl',
1645                                 auth_login = '$auth_login',
1646                                 auth_pass = '$auth_pass',
1647                                 private = $private,
1648                                 rtl_content = $rtl_content
1649                                 WHERE id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]);
1650                 }
1651
1652                 if ($subop == "saveCat") {
1653                         $cat_title = db_escape_string($_GET["title"]);
1654                         $cat_id = db_escape_string($_GET["id"]);
1655
1656                         $result = db_query($link, "UPDATE ttrss_feed_categories SET
1657                                 title = '$cat_title' WHERE id = '$cat_id' AND owner_uid = ".$_SESSION["uid"]);
1658
1659                 }
1660
1661                 if ($subop == "remove") {
1662
1663                         if (!WEB_DEMO_MODE) {
1664
1665                                 $ids = split(",", db_escape_string($_GET["ids"]));
1666
1667                                 foreach ($ids as $id) {
1668                                         db_query($link, "DELETE FROM ttrss_feeds
1669                                                 WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
1670
1671                                         $icons_dir = ICONS_DIR;
1672
1673                                         if (file_exists($icons_dir . "/$id.ico")) {
1674                                                 unlink($icons_dir . "/$id.ico");
1675                                         }
1676                                 }
1677                         }
1678                 }
1679
1680                 if ($subop == "add") {
1681
1682                         if (!WEB_DEMO_MODE) {
1683
1684                                 $feed_link = db_escape_string(trim($_GET["link"]));
1685                                 $cat_id = db_escape_string($_GET["cid"]);
1686
1687                                 if (subscribe_to_feed($link, $feed_link, $cat_id)) {
1688                                         print "Added feed.";
1689                                 } else {
1690                                         print "<div class=\"warning\">
1691                                                 Feed <b>$feed_link</b> already exists in the database.
1692                                         </div>";
1693                                 }
1694                         }
1695                 }
1696
1697                 if ($subop == "addCat") {
1698
1699                         if (!WEB_DEMO_MODE) {
1700
1701                                 $feed_cat = db_escape_string(trim($_GET["cat"]));
1702
1703                                 $result = db_query($link,
1704                                         "SELECT id FROM ttrss_feed_categories
1705                                         WHERE title = '$feed_cat' AND owner_uid = ".$_SESSION["uid"]);
1706
1707                                 if (db_num_rows($result) == 0) {
1708
1709                                         $result = db_query($link,
1710                                                 "INSERT INTO ttrss_feed_categories (owner_uid,title)
1711                                                 VALUES ('".$_SESSION["uid"]."', '$feed_cat')");
1712
1713                                 } else {
1714
1715                                         print "<div class=\"warning\">
1716                                                 Category <b>$feed_cat</b> already exists in the database.
1717                                         </div>";
1718                                 }
1719
1720
1721                         }
1722                 }
1723
1724                 if ($subop == "removeCats") {
1725
1726                         if (!WEB_DEMO_MODE) {
1727
1728                                 $ids = split(",", db_escape_string($_GET["ids"]));
1729
1730                                 foreach ($ids as $id) {
1731
1732                                         db_query($link, "BEGIN");
1733
1734                                         $result = db_query($link,
1735                                                 "SELECT count(id) as num_feeds FROM ttrss_feeds
1736                                                         WHERE cat_id = '$id'");
1737
1738                                         $num_feeds = db_fetch_result($result, 0, "num_feeds");
1739
1740                                         if ($num_feeds == 0) {
1741                                                 db_query($link, "DELETE FROM ttrss_feed_categories
1742                                                         WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
1743                                         } else {
1744
1745                                                 print "<div class=\"warning\">
1746                                                         Unable to delete non empty feed categories.</div>";
1747
1748                                         }
1749
1750                                         db_query($link, "COMMIT");
1751                                 }
1752                         }
1753                 }
1754
1755                 if ($subop == "categorize") {
1756
1757                         if (!WEB_DEMO_MODE) {
1758
1759                                 $ids = split(",", db_escape_string($_GET["ids"]));
1760
1761                                 $cat_id = db_escape_string($_GET["cat_id"]);
1762
1763                                 if ($cat_id == 0) {
1764                                         $cat_id_qpart = 'NULL';
1765                                 } else {
1766                                         $cat_id_qpart = "'$cat_id'";
1767                                 }
1768
1769                                 db_query($link, "BEGIN");
1770
1771                                 foreach ($ids as $id) {
1772
1773                                         db_query($link, "UPDATE ttrss_feeds SET cat_id = $cat_id_qpart
1774                                                 WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
1775                                 }
1776
1777                                 db_query($link, "COMMIT");
1778                         }
1779
1780                 }
1781
1782                 if ($quiet) return;
1783
1784 //              print "<h3>Edit Feeds</h3>";
1785
1786                 $result = db_query($link, "SELECT id,title,feed_url,last_error
1787                         FROM ttrss_feeds WHERE last_error != '' AND owner_uid = ".$_SESSION["uid"]);
1788
1789                 if (db_num_rows($result) > 0) {
1790
1791                         print "<div class=\"warning\">";
1792
1793 //                      print"<img class=\"closeButton\"
1794 //                              onclick=\"javascript:hideParentElement(this);\" src=\"images/close.png\">";
1795
1796                         print "<a href=\"javascript:showBlockElement('feedUpdateErrors')\">
1797                                 <b>Feeds with update errors</b> (click to expand)</a>";
1798
1799                         print "<ul id=\"feedUpdateErrors\" class=\"nomarks\">";
1800
1801                         while ($line = db_fetch_assoc($result)) {
1802                                 print "<li>" . $line["title"] . " (" . $line["feed_url"] . "): " .
1803                                         $line["last_error"];
1804                         }
1805
1806                         print "</ul>";
1807                         print "</div>";
1808
1809                 }
1810
1811                 $feed_search = db_escape_string($_GET["search"]);
1812
1813                 if (array_key_exists("search", $_GET)) {
1814                         $_SESSION["prefs_feed_search"] = $feed_search;
1815                 } else {
1816                         $feed_search = $_SESSION["prefs_feed_search"];
1817                 }
1818
1819                 print "<table width='100%' class=\"prefGenericAddBox\"
1820                         cellspacing='0' cellpadding='0'><tr>
1821                         <td>
1822                                 <input id=\"fadd_link\"
1823                                 onchange=\"javascript:addFeed()\"
1824                                 size=\"40\">
1825                                 <input type=\"submit\" class=\"button\"
1826                                 onclick=\"javascript:addFeed()\" value=\"Add feed\">";
1827
1828                 if (ENABLE_FEED_BROWSER && !SINGLE_USER_MODE) {
1829                         print "&nbsp;(<a href='javascript:browseFeeds()'>Top 50</a>)";
1830                 }
1831
1832                 print "</td><td align='right'>
1833                                 <input id=\"feed_search\" size=\"20\"
1834                                 onchange=\"javascript:updateFeedList()\"
1835                                 value=\"$feed_search\">
1836                                 <input type=\"submit\" class=\"button\"
1837                                 onclick=\"javascript:updateFeedList()\" value=\"Search\">
1838                         </td>
1839                         </tr></table>";
1840
1841                 $feeds_sort = db_escape_string($_GET["sort"]);
1842
1843                 if (!$feeds_sort || $feeds_sort == "undefined") {
1844                         $feeds_sort = $_SESSION["pref_sort_feeds"];
1845                         if (!$feeds_sort) $feeds_sort = "title";
1846                 }
1847
1848                 $_SESSION["pref_sort_feeds"] = $feeds_sort;
1849
1850                 if ($feed_search) {
1851                         $search_qpart = "(UPPER(F1.title) LIKE UPPER('%$feed_search%') OR
1852                                 UPPER(F1.feed_url) LIKE UPPER('%$feed_search%')) AND";
1853                 } else {
1854                         $search_qpart = "";
1855                 }
1856
1857                 $result = db_query($link, "SELECT
1858                                 F1.id,
1859                                 F1.title,
1860                                 F1.feed_url,
1861                                 substring(F1.last_updated,1,16) AS last_updated,
1862                                 F1.parent_feed,
1863                                 F1.update_interval,
1864                                 F1.purge_interval,
1865                                 F1.cat_id,
1866                                 F2.title AS parent_title,
1867                                 C1.title AS category
1868                         FROM
1869                                 ttrss_feeds AS F1
1870                                 LEFT JOIN ttrss_feeds AS F2
1871                                         ON (F1.parent_feed = F2.id)
1872                                 LEFT JOIN ttrss_feed_categories AS C1
1873                                         ON (F1.cat_id = C1.id)
1874                         WHERE
1875                                 $search_qpart F1.owner_uid = '".$_SESSION["uid"]."'
1876                         ORDER by category,$feeds_sort,title");
1877
1878                 if (db_num_rows($result) != 0) {
1879
1880                         print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
1881
1882                         print "<p><table width=\"100%\" cellspacing=\"0\"
1883                                 class=\"prefFeedList\" id=\"prefFeedList\">";
1884                         print "<tr><td class=\"selectPrompt\" colspan=\"8\">
1885                                 Select:
1886                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFeedList',
1887                                                 'FEEDR-', 'FRCHK-', true)\">All</a>,
1888                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFeedList',
1889                                                 'FEEDR-', 'FRCHK-', false)\">None</a>
1890                                 </td</tr>";
1891
1892                         if (!get_pref($link, 'ENABLE_FEED_CATS')) {
1893                                 print "<tr class=\"title\">
1894                                         <td width='5%' align='center'>&nbsp;</td>
1895                                         <td width='40%'><a href=\"javascript:updateFeedList('title')\">Title</a></td>
1896                                         <td width='45%'><a href=\"javascript:updateFeedList('feed_url')\">Feed</a></td>
1897                                         <td width='15%' align='right'><a href=\"javascript:updateFeedList('last_updated')\">Updated</a></td>";
1898                         }
1899
1900                         $lnum = 0;
1901
1902                         $cur_cat_id = -1;
1903
1904                         while ($line = db_fetch_assoc($result)) {
1905
1906                                 $feed_id = $line["id"];
1907                                 $cat_id = $line["cat_id"];
1908
1909                                 $edit_title = htmlspecialchars(db_unescape_string($line["title"]));
1910                                 $edit_link = htmlspecialchars(db_unescape_string($line["feed_url"]));
1911                                 $edit_cat = htmlspecialchars(db_unescape_string($line["category"]));
1912
1913                                 if (!$edit_cat) $edit_cat = "Uncategorized";
1914
1915                                 $last_updated = $line["last_updated"];
1916
1917                                 if (get_pref($link, 'HEADLINES_SMART_DATE')) {
1918                                         $last_updated = smart_date_time(strtotime($last_updated));
1919                                 } else {
1920                                         $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
1921                                         $last_updated = date($short_date, strtotime($last_updated));
1922                                 }
1923
1924                                 if (get_pref($link, 'ENABLE_FEED_CATS') && $cur_cat_id != $cat_id) {
1925                                         $lnum = 0;
1926
1927                                         print "<tr><td colspan=\"6\" class=\"feedEditCat\">$edit_cat</td></tr>";
1928
1929                                         print "<tr class=\"title\">
1930                                                 <td width='5%' align='center'>&nbsp;</td>
1931                                                 <td width='40%'><a href=\"javascript:updateFeedList('title')\">Title</a></td>
1932                                                 <td width='45%'><a href=\"javascript:updateFeedList('feed_url')\">Feed</a></td>
1933                                                 <td width='15%' align='right'><a href=\"javascript:updateFeedList('last_updated')\">Updated</a></td>";
1934
1935                                         $cur_cat_id = $cat_id;
1936                                 }
1937
1938                                 $class = ($lnum % 2) ? "even" : "odd";
1939                                 $this_row_id = "id=\"FEEDR-$feed_id\"";
1940
1941                                 print "<tr class=\"$class\" $this_row_id>";
1942
1943                                 $icon_file = ICONS_DIR . "/$feed_id.ico";
1944
1945                                 if (file_exists($icon_file) && filesize($icon_file) > 0) {
1946                                                 $feed_icon = "<img class=\"tinyFeedIcon\"       src=\"" . ICONS_URL . "/$feed_id.ico\">";
1947                                 } else {
1948                                         $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
1949                                 }
1950 //                              print "<td class='feedIcon'>$feed_icon</td>";
1951
1952                                 print "<td class='feedSelect'><input onclick='toggleSelectRow(this);'
1953                                 type=\"checkbox\" id=\"FRCHK-".$line["id"]."\"></td>";
1954
1955                                 $edit_title = truncate_string($edit_title, 40);
1956                                 $edit_link = truncate_string($edit_link, 60);
1957
1958                                 $parent_title = $line["parent_title"];
1959                                 if ($parent_title) {
1960                                         $parent_title = "<span class='groupPrompt'>(linked to
1961                                                 $parent_title)</span>";
1962                                 }
1963
1964                                 print "<td><a href=\"javascript:editFeed($feed_id);\">" .
1965                                         "$feed_icon $edit_title $parent_title" . "</a></td>";
1966
1967                                 print "<td><a href=\"javascript:editFeed($feed_id);\">" .
1968                                         $edit_link . "</a></td>";
1969
1970 /*                              if (get_pref($link, 'ENABLE_FEED_CATS')) {
1971                                         print "<td><a href=\"javascript:editFeed($feed_id);\">" .
1972                                                 $edit_cat . "</a></td>";
1973                                 } */
1974
1975 /*                              print "<td><a href=\"javascript:editFeed($feed_id);\">" .
1976                                         $update_intervals[$line["update_interval"]] . "</a></td>";
1977
1978                                 print "<td><a href=\"javascript:editFeed($feed_id);\">" .
1979                                         $purge_intervals[$line["purge_interval"]] . "</a></td>"; */
1980
1981                                 print "<td align='right'><a href=\"javascript:editFeed($feed_id);\">" .
1982                                         "$last_updated</a></td>";
1983
1984                                 print "</tr>";
1985
1986                                 ++$lnum;
1987                         }
1988
1989                         print "</table>";
1990
1991                         print "<p>";
1992
1993                         if ($subop == "edit") {
1994                                 print "Edit feed:&nbsp;
1995                                         <input type=\"submit\" class=\"button\"
1996                                                 onclick=\"javascript:feedEditCancel()\" value=\"Cancel\">
1997                                         <input type=\"submit\" class=\"button\"
1998                                                 onclick=\"javascript:feedEditSave()\" value=\"Save\">";
1999                         } else {
2000
2001                                 print "
2002                                         Selection:&nbsp;
2003                                 <input type=\"submit\" class=\"button\"
2004                                         onclick=\"javascript:selectedFeedDetails()\" value=\"Details\">
2005                                 <input type=\"submit\" class=\"button\"
2006                                         onclick=\"javascript:editSelectedFeed()\" value=\"Edit\">
2007                                 <input type=\"submit\" class=\"button\"
2008                                         onclick=\"javascript:removeSelectedFeeds()\" value=\"Remove\">";
2009
2010                                 if (get_pref($link, 'ENABLE_FEED_CATS')) {
2011
2012                                         print "&nbsp;&nbsp;";
2013
2014                                         $result = db_query($link, "SELECT title,id FROM ttrss_feed_categories
2015                                                 WHERE owner_uid = ".$_SESSION["uid"]."
2016                                                 ORDER BY title");
2017
2018                                         print "<select id=\"sfeed_set_fcat\">";
2019                                         print "<option id=\"0\">Uncategorized</option>";
2020
2021                                         if (db_num_rows($result) != 0) {
2022
2023                                                 print "<option disabled>--------</option>";
2024
2025                                                 while ($line = db_fetch_assoc($result)) {
2026                                                         printf("<option id='%d'>%s</option>",
2027                                                                 $line["id"], $line["title"]);
2028                                                 }
2029                                         }
2030
2031                                         print "</select>";
2032
2033                                         print " <input type=\"submit\" class=\"button\"
2034                                         onclick=\"javascript:categorizeSelectedFeeds()\" value=\"Recategorize\">";
2035
2036                                 }
2037
2038                                 print "
2039                                         &nbsp;All feeds: <input type=\"submit\"
2040                                                         class=\"button\" onclick=\"gotoExportOpml()\"
2041                                                         value=\"Export OPML\">";
2042                                 }
2043                 } else {
2044
2045                         print "<p>No feeds defined.</p>";
2046
2047                 }
2048
2049                 if (get_pref($link, 'ENABLE_FEED_CATS')) {
2050
2051                         print "<h3>Edit Categories</h3>";
2052
2053         //              print "<h3>Categories</h3>";
2054
2055                         print "<div class=\"prefGenericAddBox\">
2056                                 <input id=\"fadd_cat\"
2057                                         onchange=\"javascript:addFeedCat()\"
2058                                         size=\"40\">&nbsp;
2059                                 <input
2060                                         type=\"submit\" class=\"button\"
2061                                         onclick=\"javascript:addFeedCat()\" value=\"Add category\"></div>";
2062
2063                         $result = db_query($link, "SELECT title,id FROM ttrss_feed_categories
2064                                 WHERE owner_uid = ".$_SESSION["uid"]."
2065                                 ORDER BY title");
2066
2067                         if (db_num_rows($result) != 0) {
2068
2069                                 print "<p><table width=\"100%\" class=\"prefFeedCatList\"
2070                                         cellspacing=\"0\" id=\"prefFeedCatList\">";
2071
2072                                 print "<tr><td class=\"selectPrompt\" colspan=\"8\">
2073                                 Select:
2074                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFeedCatList',
2075                                                 'FCATR-', 'FCCHK-', true)\">All</a>,
2076                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFeedCatList',
2077                                                 'FCATR-', 'FCCHK-', false)\">None</a>
2078                                 </td</tr>";
2079
2080                                 print "<tr class=\"title\">
2081                                                         <td width=\"5%\">&nbsp;</td><td width=\"80%\">Title</td>
2082                                                 </tr>";
2083
2084                                 $lnum = 0;
2085
2086                                 while ($line = db_fetch_assoc($result)) {
2087
2088                                         $class = ($lnum % 2) ? "even" : "odd";
2089
2090                                         $cat_id = $line["id"];
2091
2092                                         $edit_cat_id = $_GET["id"];
2093
2094                                         if ($subop == "editCat" && $cat_id != $edit_cat_id) {
2095                                                 $class .= "Grayed";
2096                                                 $this_row_id = "";
2097                                         } else {
2098                                                 $this_row_id = "id=\"FCATR-$cat_id\"";
2099                                         }
2100
2101                                         print "<tr class=\"$class\" $this_row_id>";
2102
2103                                         $edit_title = htmlspecialchars(db_unescape_string($line["title"]));
2104
2105                                         if (!$edit_cat_id || $subop != "editCat") {
2106
2107                                                 print "<td align='center'><input onclick='toggleSelectRow(this);'
2108                                                 type=\"checkbox\" id=\"FCCHK-".$line["id"]."\"></td>";
2109
2110                                                 print "<td><a href=\"javascript:editFeedCat($cat_id);\">" .
2111                                                         $edit_title . "</a></td>";
2112
2113                                         } else if ($cat_id != $edit_cat_id) {
2114
2115                                                 print "<td><input disabled=\"true\" type=\"checkbox\"
2116                                                         id=\"FRCHK-".$line["id"]."\"></td>";
2117
2118                                                 print "<td>$edit_title</td>";
2119
2120                                         } else {
2121
2122                                                 print "<td><input disabled=\"true\" type=\"checkbox\" checked></td>";
2123
2124                                                 print "<td><input id=\"iedit_title\" value=\"$edit_title\"></td>";
2125
2126                                         }
2127
2128                                         print "</tr>";
2129
2130                                         ++$lnum;
2131                                 }
2132
2133                                 print "</table>";
2134
2135                                 print "<p>";
2136
2137                                 if ($subop == "editCat") {
2138                                         print "Edit category:&nbsp;
2139                                                 <input type=\"submit\" class=\"button\"
2140                                                         onclick=\"javascript:feedCatEditCancel()\" value=\"Cancel\">
2141                                                 <input type=\"submit\" class=\"button\"
2142                                                         onclick=\"javascript:feedCatEditSave()\" value=\"Save\">";
2143                                         } else {
2144
2145                                         print "
2146                                                 Selection:&nbsp;
2147                                         <input type=\"submit\" class=\"button\"
2148                                                 onclick=\"javascript:editSelectedFeedCat()\" value=\"Edit\">
2149                                         <input type=\"submit\" class=\"button\"
2150                                                 onclick=\"javascript:removeSelectedFeedCats()\" value=\"Remove\">";
2151
2152                                 }
2153
2154                         } else {
2155                                 print "<p>No feed categories defined.</p>";
2156                         }
2157                 }
2158
2159                 print "<h3>Import OPML</h3>
2160                 <form   enctype=\"multipart/form-data\" method=\"POST\" action=\"opml.php\">
2161                         File: <input id=\"opml_file\" name=\"opml_file\" type=\"file\">&nbsp;
2162                         <input class=\"button\" name=\"op\" onclick=\"return validateOpmlImport();\"
2163                                 type=\"submit\" value=\"Import\">
2164                         </form>";
2165
2166         }
2167
2168         if ($op == "pref-filters") {
2169
2170                 $subop = $_GET["subop"];
2171                 $quiet = $_GET["quiet"];
2172
2173                 if ($subop == "editSave") {
2174
2175                         $regexp = db_escape_string($_GET["r"]);
2176                         $match = db_escape_string($_GET["m"]);
2177                         $filter_id = db_escape_string($_GET["id"]);
2178                         $feed_id = db_escape_string($_GET["fid"]);
2179                         $action_id = db_escape_string($_GET["aid"]);
2180
2181                         if (!$feed_id) {
2182                                 $feed_id = 'NULL';
2183                         } else {
2184                                 $feed_id = sprintf("'%s'", db_escape_string($feed_id));
2185                         }
2186
2187                         $result = db_query($link, "UPDATE ttrss_filters SET
2188                                 reg_exp = '$regexp',
2189                                 feed_id = $feed_id,
2190                                 action_id = '$action_id',
2191                                 filter_type = (SELECT id FROM ttrss_filter_types WHERE
2192                                         description = '$match')
2193                                 WHERE id = '$filter_id'");
2194                 }
2195
2196                 if ($subop == "remove") {
2197
2198                         if (!WEB_DEMO_MODE) {
2199
2200                                 $ids = split(",", db_escape_string($_GET["ids"]));
2201
2202                                 foreach ($ids as $id) {
2203                                         db_query($link, "DELETE FROM ttrss_filters WHERE id = '$id'");
2204
2205                                 }
2206                         }
2207                 }
2208
2209                 if ($subop == "add") {
2210
2211                         if (!WEB_DEMO_MODE) {
2212
2213                                 $regexp = db_escape_string(trim($_GET["regexp"]));
2214                                 $match = db_escape_string(trim($_GET["match"]));
2215                                 $feed_id = db_escape_string($_GET["fid"]);
2216                                 $action_id = db_escape_string($_GET["aid"]);
2217
2218                                 if (!$feed_id) {
2219                                         $feed_id = 'NULL';
2220                                 } else {
2221                                         $feed_id = sprintf("'%s'", db_escape_string($feed_id));
2222                                 }
2223
2224                                 $result = db_query($link,
2225                                         "INSERT INTO ttrss_filters (reg_exp,filter_type,owner_uid,feed_id,
2226                                                 action_id)
2227                                         VALUES
2228                                                 ('$regexp', (SELECT id FROM ttrss_filter_types WHERE
2229                                                         description = '$match'),'".$_SESSION["uid"]."',
2230                                                         $feed_id, '$action_id')");
2231                         }
2232                 }
2233
2234                 if ($quiet) return;
2235
2236                 print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
2237
2238                 $result = db_query($link, "SELECT description
2239                         FROM ttrss_filter_types ORDER BY description");
2240
2241                 $filter_types = array();
2242
2243                 while ($line = db_fetch_assoc($result)) {
2244                         array_push($filter_types, $line["description"]);
2245                 }
2246
2247 /*              print "<div class=\"prefGenericAddBox\">
2248                 <input id=\"fadd_regexp\" size=\"40\">&nbsp;";
2249
2250                 print_select("fadd_match", "Title", $filter_types);
2251
2252                 print "&nbsp;<select id=\"fadd_feed\">";
2253
2254                 print "<option selected id=\"0\">All feeds</option>";
2255
2256                 $result = db_query($link, "SELECT id,title FROM ttrss_feeds
2257                         WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY title");
2258
2259                 if (db_num_rows($result) > 0) {
2260                         print "<option disabled>--------</option>";
2261                 }
2262
2263                 while ($line = db_fetch_assoc($result)) {
2264                         printf("<option id='%d'>%s</option>", $line["id"],
2265                                 db_unescape_string($line["title"]));
2266                 }
2267
2268                 print "</select>&nbsp;";
2269
2270                 print "&nbsp;Action: ";
2271
2272                 print "<select id=\"fadd_action\">";
2273
2274                 $result = db_query($link, "SELECT id,description FROM ttrss_filter_actions
2275                         ORDER BY name");
2276
2277                 while ($line = db_fetch_assoc($result)) {
2278                         printf("<option id='%d'>%s</option>", $line["id"], $line["description"]);
2279                 }
2280
2281                 print "</select>&nbsp;";
2282
2283 /*              print "<input type=\"submit\"
2284                         class=\"button\" onclick=\"javascript:testFilter()\"
2285                         value=\"Test filter\"> "; */
2286
2287 /*              print "<input type=\"submit\"
2288                         class=\"button\" onclick=\"javascript:addFilter()\"
2289                         value=\"Create filter\">"; */
2290
2291                 print "<input type=\"submit\"
2292                         class=\"button\"
2293                         onclick=\"javascript:displayDlg('quickAddFilter', false)\"
2294                         value=\"Create filter\">";
2295
2296 //              print "</div>";
2297
2298                 $result = db_query($link, "SELECT
2299                                 ttrss_filters.id AS id,reg_exp,
2300                                 ttrss_filter_types.name AS filter_type_name,
2301                                 ttrss_filter_types.description AS filter_type_descr,
2302                                 feed_id,
2303                                 ttrss_filter_actions.description AS action_description,
2304                                 ttrss_feeds.title AS feed_title
2305                         FROM
2306                                 ttrss_filter_types,ttrss_filter_actions,ttrss_filters LEFT JOIN
2307                                         ttrss_feeds ON (ttrss_filters.feed_id = ttrss_feeds.id)
2308                         WHERE
2309                                 filter_type = ttrss_filter_types.id AND
2310                                 ttrss_filter_actions.id = action_id AND
2311                                 ttrss_filters.owner_uid = ".$_SESSION["uid"]."
2312                         ORDER by reg_exp");
2313
2314                 if (db_num_rows($result) != 0) {
2315
2316                         print "<p><table width=\"100%\" cellspacing=\"0\" class=\"prefFilterList\"
2317                                 id=\"prefFilterList\">";
2318
2319                         print "<tr><td class=\"selectPrompt\" colspan=\"8\">
2320                                 Select:
2321                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFilterList',
2322                                                 'FILRR-', 'FICHK-', true)\">All</a>,
2323                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFilterList',
2324                                                 'FILRR-', 'FICHK-', false)\">None</a>
2325                                 </td</tr>";
2326
2327                         print "<tr class=\"title\">
2328                                                 <td align='center' width=\"5%\">&nbsp;</td>
2329                                                 <td width=\"20%\">Filter expression</td>
2330                                                 <td width=\"20%\">Feed</td>
2331                                                 <td width=\"15%\">Match</td>
2332                                                 <td width=\"15%\">Action</td>";
2333
2334                         $lnum = 0;
2335
2336                         while ($line = db_fetch_assoc($result)) {
2337
2338                                 $class = ($lnum % 2) ? "even" : "odd";
2339
2340                                 $filter_id = $line["id"];
2341                                 $edit_filter_id = $_GET["id"];
2342
2343                                 if ($subop == "edit" && $filter_id != $edit_filter_id) {
2344                                         $class .= "Grayed";
2345                                         $this_row_id = "";
2346                                 } else {
2347                                         $this_row_id = "id=\"FILRR-$filter_id\"";
2348                                 }
2349
2350                                 print "<tr class=\"$class\" $this_row_id>";
2351
2352                                 $line["regexp"] = htmlspecialchars($line["reg_exp"]);
2353
2354                                 if (!$line["feed_title"]) $line["feed_title"] = "All feeds";
2355
2356                                 if (!$edit_filter_id || $subop != "edit") {
2357
2358                                         print "<td align='center'><input onclick='toggleSelectRow(this);'
2359                                         type=\"checkbox\" id=\"FICHK-".$line["id"]."\"></td>";
2360
2361                                         print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2362                                                 $line["reg_exp"] . "</td>";
2363
2364                                         print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2365                                                 $line["feed_title"] . "</td>";
2366
2367                                         print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2368                                                 $line["filter_type_descr"] . "</td>";
2369
2370                                         print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2371                                                 $line["action_description"] . "</td>";
2372
2373                                 } else if ($filter_id != $edit_filter_id) {
2374
2375                                         if (!$line["description"]) $line["description"] = "[No description]";
2376
2377                                         print "<td><input disabled=\"true\" type=\"checkbox\"
2378                                                 id=\"FICHK-".$line["id"]."\"></td>";
2379
2380                                         print "<td>".$line["reg_exp"]."</td>";
2381                                         print "<td>".$line["feed_title"]."</td>";
2382                                         print "<td>".$line["filter_type_descr"]."</td>";
2383                                         print "<td>".$line["action_description"]."</td>";
2384
2385                                 } else {
2386
2387                                         print "<td><input disabled=\"true\" type=\"checkbox\" checked></td>";
2388
2389                                         print "<td><input id=\"iedit_regexp\" value=\"".$line["reg_exp"].
2390                                                 "\"></td>";
2391
2392                                         print "<td>";
2393                                         print "<select id=\"iedit_feed\">";
2394                                         print "<option id=\"0\">All feeds</option>";
2395
2396                                         $tmp_result = db_query($link, "SELECT id,title FROM ttrss_feeds
2397                                                 WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY title");
2398
2399                                         if (db_num_rows($tmp_result) > 0) {
2400                                                 print "<option disabled>--------</option>";
2401                                         }
2402
2403                                         while ($tmp_line = db_fetch_assoc($tmp_result)) {
2404                                                 if ($tmp_line["id"] == $line["feed_id"]) {
2405                                                         $is_selected = "selected";
2406                                                 } else {
2407                                                         $is_selected = "";
2408                                                 }
2409                                                 printf("<option $is_selected id='%d'>%s</option>",
2410                                                         $tmp_line["id"], db_unescape_string($tmp_line["title"]));
2411                                         }
2412
2413                                         print "</select></td>";
2414
2415                                         print "<td>";
2416                                         print_select("iedit_match", $line["filter_type_descr"], $filter_types);
2417                                         print "</td>";
2418
2419                                         print "<td>";
2420                                         print "<select id=\"iedit_filter_action\">";
2421
2422                                         $tmp_result = db_query($link, "SELECT id,description FROM ttrss_filter_actions
2423                                                 ORDER BY description");
2424
2425                                         while ($tmp_line = db_fetch_assoc($tmp_result)) {
2426                                                 if ($tmp_line["description"] == $line["action_description"]) {
2427                                                         $is_selected = "selected";
2428                                                 } else {
2429                                                         $is_selected = "";
2430                                                 }
2431                                                 printf("<option $is_selected id='%d'>%s</option>",
2432                                                         $tmp_line["id"], $tmp_line["description"]);
2433                                         }
2434
2435                                         print "</select></td>";
2436
2437                                         print "</td>";
2438                                 }
2439
2440                                 print "</tr>";
2441
2442                                 ++$lnum;
2443                         }
2444
2445                         if ($lnum == 0) {
2446                                 print "<tr><td colspan=\"4\" align=\"center\">No filters defined.</td></tr>";
2447                         }
2448
2449                         print "</table>";
2450
2451                         print "<p>";
2452
2453                         if ($subop == "edit") {
2454                                 print "Edit filter:
2455                                         <input type=\"submit\" class=\"button\"
2456                                                 onclick=\"javascript:filterEditSave()\" value=\"Save\">
2457                                         <input type=\"submit\" class=\"button\"
2458                                                 onclick=\"javascript:filterEditCancel()\" value=\"Cancel\">";
2459
2460                         } else {
2461
2462                                 print "
2463                                         Selection:
2464                                 <input type=\"submit\" class=\"button\"
2465                                         onclick=\"javascript:editSelectedFilter()\" value=\"Edit\">
2466                                 <input type=\"submit\" class=\"button\"
2467                                         onclick=\"javascript:removeSelectedFilters()\" value=\"Remove\">";
2468                         }
2469
2470                 } else {
2471
2472                         print "<p>No filters defined.</p>";
2473
2474                 }
2475         }
2476
2477         // We need to accept raw SQL data in label queries, so not everything is escaped
2478         // here, this is by design. If you don't like the whole idea, disable labels
2479         // altogether with GLOBAL_ENABLE_LABELS = false
2480
2481         if ($op == "pref-labels") {
2482
2483                 if (!GLOBAL_ENABLE_LABELS) {
2484                         return;
2485                 }
2486
2487                 $subop = $_GET["subop"];
2488
2489                 if ($subop == "test") {
2490
2491                         $expr = $_GET["expr"];
2492                         $descr = $_GET["descr"];
2493
2494                         print "<div class='infoBoxContents'>";
2495
2496                         print "<h1>Label &laquo;$descr&raquo;</h1>";
2497
2498 //                      print "<p><b>Expression</b>: $expr</p>";
2499
2500                         $result = db_query($link,
2501                                 "SELECT count(id) AS num_matches
2502                                         FROM ttrss_entries,ttrss_user_entries
2503                                         WHERE ($expr) AND
2504                                                 ttrss_user_entries.ref_id = ttrss_entries.id AND
2505                                                 owner_uid = " . $_SESSION["uid"]);
2506
2507                         $num_matches = db_fetch_result($result, 0, "num_matches");;
2508
2509                         if ($num_matches > 0) {
2510
2511                                 print "<p>Query returned <b>$num_matches</b> matches, first 5 follow:</p>";
2512
2513                                 $result = db_query($link,
2514                                         "SELECT title,
2515                                                 (SELECT title FROM ttrss_feeds WHERE id = feed_id) AS feed_title
2516                                         FROM ttrss_entries,ttrss_user_entries
2517                                                         WHERE ($expr) AND
2518                                                         ttrss_user_entries.ref_id = ttrss_entries.id
2519                                                         AND owner_uid = " . $_SESSION["uid"] . "
2520                                                         ORDER BY date_entered DESC LIMIT 5");
2521
2522                                 print "<ul class=\"nomarks\">";
2523                                 while ($line = db_fetch_assoc($result)) {
2524                                         print "<li>".$line["title"].
2525                                                 " <span class=\"insensitive\">(".$line["feed_title"].")</span></li>";
2526                                 }
2527                                 print "</ul>";
2528
2529                         } else {
2530                                 print "<p>Query didn't return any matches.</p>";
2531                         }
2532
2533                         print "</div>";
2534
2535                         print "<div align='center'>
2536                                 <input type='submit' class='button'
2537                                 onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
2538                         return;
2539                 }
2540
2541                 if ($subop == "editSave") {
2542
2543                         $sql_exp = $_GET["s"];
2544                         $descr = $_GET["d"];
2545                         $label_id = db_escape_string($_GET["id"]);
2546
2547 //                      print "$sql_exp : $descr : $label_id";
2548
2549                         $result = db_query($link, "UPDATE ttrss_labels SET
2550                                 sql_exp = '$sql_exp',
2551                                 description = '$descr'
2552                                 WHERE id = '$label_id'");
2553                 }
2554
2555                 if ($subop == "remove") {
2556
2557                         if (!WEB_DEMO_MODE) {
2558
2559                                 $ids = split(",", db_escape_string($_GET["ids"]));
2560
2561                                 foreach ($ids as $id) {
2562                                         db_query($link, "DELETE FROM ttrss_labels WHERE id = '$id'");
2563
2564                                 }
2565                         }
2566                 }
2567
2568                 if ($subop == "add") {
2569
2570                         if (!WEB_DEMO_MODE) {
2571
2572                                 // no escaping is done here on purpose
2573                                 $exp = trim($_GET["exp"]);
2574
2575                                 $result = db_query($link,
2576                                         "INSERT INTO ttrss_labels (sql_exp,description,owner_uid)
2577                                                 VALUES ('$exp', '$exp', '".$_SESSION["uid"]."')");
2578                         }
2579                 }
2580
2581                 print "<div class=\"prefGenericAddBox\">
2582                         <input size=\"40\" id=\"ladd_expr\">&nbsp;";
2583
2584                 print"<input type=\"submit\" class=\"button\"
2585                         onclick=\"javascript:addLabel()\" value=\"Add label\"></div>";
2586
2587                 $result = db_query($link, "SELECT
2588                                 id,sql_exp,description
2589                         FROM
2590                                 ttrss_labels
2591                         WHERE
2592                                 owner_uid = ".$_SESSION["uid"]."
2593                         ORDER by description");
2594
2595                 print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
2596
2597                 if (db_num_rows($result) != 0) {
2598
2599                         print "<p><table width=\"100%\" cellspacing=\"0\"
2600                                 class=\"prefLabelList\" id=\"prefLabelList\">";
2601
2602                         print "<tr><td class=\"selectPrompt\" colspan=\"8\">
2603                                 Select:
2604                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefLabelList',
2605                                                 'LILRR-', 'LICHK-', true)\">All</a>,
2606                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefLabelList',
2607                                                 'LILRR-', 'LICHK-', false)\">None</a>
2608                                 </td</tr>";
2609
2610                         print "<tr class=\"title\">
2611                                                 <td align='center' width=\"5%\">&nbsp;</td>
2612                                                 <td width=\"40%\">SQL expression
2613                                                 <a class=\"helpLink\" href=\"javascript:displayHelpInfobox(1)\">(?)</a>
2614                                                 </td>
2615                                                 <td width=\"40%\">Caption</td></tr>";
2616
2617                         $lnum = 0;
2618
2619                         while ($line = db_fetch_assoc($result)) {
2620
2621                                 $class = ($lnum % 2) ? "even" : "odd";
2622
2623                                 $label_id = $line["id"];
2624                                 $edit_label_id = $_GET["id"];
2625
2626                                 if ($subop == "edit" && $label_id != $edit_label_id) {
2627                                         $class .= "Grayed";
2628                                         $this_row_id = "";
2629                                 } else {
2630                                         $this_row_id = "id=\"LILRR-$label_id\"";
2631                                 }
2632
2633                                 print "<tr class=\"$class\" $this_row_id>";
2634
2635                                 $line["sql_exp"] = htmlspecialchars($line["sql_exp"]);
2636                                 $line["description"] = htmlspecialchars($line["description"]);
2637
2638                                 if (!$edit_label_id || $subop != "edit") {
2639
2640                                         if (!$line["description"]) $line["description"] = "[No caption]";
2641
2642                                         print "<td align='center'><input onclick='toggleSelectRow(this);'
2643                                         type=\"checkbox\" id=\"LICHK-".$line["id"]."\"></td>";
2644
2645                                         print "<td><a href=\"javascript:editLabel($label_id);\">" .
2646                                                 $line["sql_exp"] . "</td>";
2647
2648                                         print "<td><a href=\"javascript:editLabel($label_id);\">" .
2649                                                 $line["description"] . "</td>";
2650
2651                                 } else if ($label_id != $edit_label_id) {
2652
2653                                         if (!$line["description"]) $line["description"] = "[No description]";
2654
2655                                         print "<td><input disabled=\"true\" type=\"checkbox\"
2656                                                 id=\"LICHK-".$line["id"]."\"></td>";
2657
2658                                         print "<td>".$line["sql_exp"]."</td>";
2659                                         print "<td>".$line["description"]."</td>";
2660
2661                                 } else {
2662
2663                                         print "<td><input disabled=\"true\" type=\"checkbox\" checked></td>";
2664
2665                                         print "<td><input id=\"iedit_expr\" value=\"".$line["sql_exp"].
2666                                                 "\"></td>";
2667
2668                                         print "<td><input id=\"iedit_descr\" value=\"".$line["description"].
2669                                                 "\"></td>";
2670
2671                                 }
2672
2673
2674                                 print "</tr>";
2675
2676                                 ++$lnum;
2677                         }
2678
2679                         if ($lnum == 0) {
2680                                 print "<tr><td colspan=\"4\" align=\"center\">No labels defined.</td></tr>";
2681                         }
2682
2683                         print "</table>";
2684
2685                         print "<p>";
2686
2687                         if ($subop == "edit") {
2688                                 print "Edit label:
2689                                         <input type=\"submit\" class=\"button\"
2690                                                 onclick=\"javascript:labelTest()\" value=\"Test\">
2691                                         <input type=\"submit\" class=\"button\"
2692                                                 onclick=\"javascript:labelEditSave()\" value=\"Save\">
2693                                         <input type=\"submit\" class=\"button\"
2694                                                 onclick=\"javascript:labelEditCancel()\" value=\"Cancel\">";
2695
2696                         } else {
2697
2698                                 print "
2699                                         Selection:
2700                                 <input type=\"submit\" class=\"button\"
2701                                         onclick=\"javascript:editSelectedLabel()\" value=\"Edit\">
2702                                 <input type=\"submit\" class=\"button\"
2703                                         onclick=\"javascript:removeSelectedLabels()\" value=\"Remove\">";
2704                         }
2705                 } else {
2706                         print "<p>No labels defined.</p>";
2707                 }
2708         }
2709
2710         if ($op == "error") {
2711                 print "<div width=\"100%\" align='center'>";
2712                 $msg = $_GET["msg"];
2713                 print $msg;
2714                 print "</div>";
2715         }
2716
2717         if ($op == "help") {
2718                 if (!$_GET["noheaders"]) {
2719                         print "<html><head>
2720                                 <title>Tiny Tiny RSS : Help</title>
2721                                 <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">
2722                                 <script type=\"text/javascript\" src=\"functions.js?$script_dt_add\"></script>
2723                                 <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
2724                                 </head><body>";
2725                 }
2726
2727                 $tid = sprintf("%d", $_GET["tid"]);
2728
2729                 print "<div class='infoBoxContents'>";
2730
2731                 if (file_exists("help/$tid.php")) {
2732                         include("help/$tid.php");
2733                 } else {
2734                         print "<p>Help topic not found.</p>";
2735                 }
2736
2737                 print "</div>";
2738
2739                 print "<div align='center'>
2740                         <input type='submit' class='button'
2741                         onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
2742
2743                 if (!$_GET["noheaders"]) {
2744                         print "</body></html>";
2745                 }
2746
2747         }
2748
2749         if ($op == "dlg") {
2750                 $id = $_GET["id"];
2751                 $param = $_GET["param"];
2752
2753                 print "<div class=\"infoBoxContents\">";
2754
2755                 if ($id == "quickAddFeed") {
2756                         print "
2757                         Feed URL: <input
2758                         onblur=\"javascript:enableHotkeys()\" onfocus=\"javascript:disableHotkeys()\"
2759                         id=\"qafInput\">";
2760
2761                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
2762                                 $result = db_query($link, "SELECT title,id FROM ttrss_feed_categories
2763                                         WHERE owner_uid = ".$_SESSION["uid"]."
2764                                         ORDER BY title");
2765
2766                                 print " <select id=\"qafCat\">";
2767                                 print "<option id=\"0\">Uncategorized</option>";
2768
2769                                 if (db_num_rows($result) != 0) {
2770
2771                                         print "<option disabled>--------</option>";
2772
2773                                         while ($line = db_fetch_assoc($result)) {
2774                                                 printf("<option id='%d'>%s</option>",
2775                                                         $line["id"], $line["title"]);
2776                                         }
2777                                 }
2778
2779                                 print "</select>";
2780                         }
2781
2782                         print "&nbsp;<input class=\"button\"
2783                                 type=\"submit\" onclick=\"javascript:qafAdd()\" value=\"Add feed\">
2784                         <input class=\"button\"
2785                                 type=\"submit\" onclick=\"javascript:closeDlg()\"
2786                                 value=\"Cancel\">";
2787                 }
2788
2789                 if ($id == "quickDelFeed") {
2790
2791                         $param = db_escape_string($param);
2792
2793                         $result = db_query($link, "SELECT title FROM ttrss_feeds WHERE id = '$param'");
2794
2795                         if ($result) {
2796
2797                                 $f_title = db_fetch_result($result, 0, "title");
2798
2799                                 print "Remove current feed (<b>$f_title</b>)?&nbsp;
2800                                 <input class=\"button\"
2801                                         type=\"submit\" onclick=\"javascript:qfdDelete($param)\" value=\"Remove\">
2802                                 <input class=\"button\"
2803                                         type=\"submit\" onclick=\"javascript:closeDlg()\"
2804                                         value=\"Cancel\">";
2805                         } else {
2806                                 print "Error: Feed $param not found.&nbsp;
2807                                 <input class=\"button\"
2808                                         type=\"submit\" onclick=\"javascript:closeDlg()\"
2809                                         value=\"Cancel\">";
2810                         }
2811                 }
2812
2813                 if ($id == "search") {
2814
2815                         $active_feed_id = db_escape_string($_GET["param"]);
2816
2817                         print "<input id=\"searchbox\" class=\"extSearch\"
2818                         onblur=\"javascript:enableHotkeys()\" onfocus=\"javascript:disableHotkeys()\"
2819                         onchange=\"javascript:search()\">
2820                         <select id=\"searchmodebox\">
2821                                 <option selected>All feeds</option>";
2822
2823                         if ($active_feed_id) {
2824                                 print "<option>This feed</option>";
2825                         } else {
2826                                 print "<option disabled>This feed</option>";
2827                         }
2828
2829                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
2830                                 print "<option>This category</option>";
2831                         }
2832
2833                         print "</select>
2834                         <input type=\"submit\"
2835                                 class=\"button\" onclick=\"javascript:search()\" value=\"Search\">
2836                         <input class=\"button\"
2837                                 type=\"submit\" onclick=\"javascript:closeDlg()\"
2838                                 value=\"Close\">";
2839
2840                 }
2841
2842                 if ($id == "quickAddFilter") {
2843
2844                         $result = db_query($link, "SELECT description
2845                                 FROM ttrss_filter_types ORDER BY description");
2846
2847                         $filter_types = array();
2848
2849                         while ($line = db_fetch_assoc($result)) {
2850                                 array_push($filter_types, $line["description"]);
2851                         }
2852
2853                         print "<table>";
2854
2855                         print "<tr><td>Match:</td><td><input id=\"fadd_regexp\" size=\"40\">&nbsp;";
2856
2857                         print_select("fadd_match", "Title", $filter_types);
2858
2859                         print "</td></tr>";
2860                         print "<tr><td>Feed:</td><td><select id=\"fadd_feed\">";
2861
2862                         print "<option selected id=\"0\">All feeds</option>";
2863
2864                         $result = db_query($link, "SELECT id,title FROM ttrss_feeds
2865                                 WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY title");
2866
2867                         if (db_num_rows($result) > 0) {
2868                                 print "<option disabled>--------</option>";
2869                         }
2870
2871                         while ($line = db_fetch_assoc($result)) {
2872                                 if ($param == $line["id"]) {
2873                                         $selected = "selected";
2874                                 } else {
2875                                         $selected = "";
2876                                 }
2877                                 printf("<option id='%d' %s>%s</option>", $line["id"], $selected, $line["title"]);
2878                         }
2879
2880                         print "</select></td></tr>";
2881
2882                         print "<tr><td>Action:</td>";
2883
2884                         print "<td><select id=\"fadd_action\">";
2885
2886                         $result = db_query($link, "SELECT id,description FROM ttrss_filter_actions
2887                                 ORDER BY name");
2888
2889                         while ($line = db_fetch_assoc($result)) {
2890                                 printf("<option id='%d'>%s</option>", $line["id"], $line["description"]);
2891                         }
2892
2893                         print "</select>";
2894
2895                         print "</td></tr><tr><td colspan=\"2\" align=\"right\">";
2896
2897                         print "<input type=\"submit\"
2898                                 class=\"button\" onclick=\"javascript:qaddFilter()\"
2899                                 value=\"Add filter\"> ";
2900
2901                         print "<input class=\"button\"
2902                                 type=\"submit\" onclick=\"javascript:closeDlg()\"
2903                                 value=\"Close\">";
2904
2905                         print "</td></tr></table>";
2906                 }
2907
2908                 print "</div>";
2909
2910         }
2911
2912         // update feeds of all users, may be used anonymously
2913         if ($op == "globalUpdateFeeds") {
2914
2915                 $result = db_query($link, "SELECT id FROM ttrss_users");
2916
2917                 while ($line = db_fetch_assoc($result)) {
2918                         $user_id = $line["id"];
2919 //                      print "<!-- updating feeds of uid $user_id -->";
2920                         update_all_feeds($link, false, $user_id);
2921                 }
2922
2923                 print "<rpc-reply>
2924                         <message msg=\"All feeds updated\"/>
2925                 </rpc-reply>";
2926
2927         }
2928
2929         if ($op == "pref-prefs") {
2930
2931                 $subop = $_REQUEST["subop"];
2932
2933                 if ($subop == "Save configuration") {
2934
2935                         if (WEB_DEMO_MODE) {
2936                                 header("Location: prefs.php");
2937                                 return;
2938                         }
2939
2940                         $_SESSION["prefs_op_result"] = "save-config";
2941
2942                         $_SESSION["prefs_cache"] = false;
2943
2944                         foreach (array_keys($_POST) as $pref_name) {
2945
2946                                 $pref_name = db_escape_string($pref_name);
2947                                 $value = db_escape_string($_POST[$pref_name]);
2948
2949                                 $result = db_query($link, "SELECT type_name
2950                                         FROM ttrss_prefs,ttrss_prefs_types
2951                                         WHERE pref_name = '$pref_name' AND type_id = ttrss_prefs_types.id");
2952
2953                                 if (db_num_rows($result) > 0) {
2954
2955                                         $type_name = db_fetch_result($result, 0, "type_name");
2956
2957 //                                      print "$pref_name : $type_name : $value<br>";
2958
2959                                         if ($type_name == "bool") {
2960                                                 if ($value == "1") {
2961                                                         $value = "true";
2962                                                 } else {
2963                                                         $value = "false";
2964                                                 }
2965                                         } else if ($type_name == "integer") {
2966                                                 $value = sprintf("%d", $value);
2967                                         }
2968
2969 //                                      print "$pref_name : $type_name : $value<br>";
2970
2971                                         db_query($link, "UPDATE ttrss_user_prefs SET value = '$value'
2972                                                 WHERE pref_name = '$pref_name' AND owner_uid = ".$_SESSION["uid"]);
2973
2974                                 }
2975
2976                                 header("Location: prefs.php");
2977
2978                         }
2979
2980                 } else if ($subop == "getHelp") {
2981
2982                         $pref_name = db_escape_string($_GET["pn"]);
2983
2984                         $result = db_query($link, "SELECT help_text FROM ttrss_prefs
2985                                 WHERE pref_name = '$pref_name'");
2986
2987                         if (db_num_rows($result) > 0) {
2988                                 $help_text = db_fetch_result($result, 0, "help_text");
2989                                 print $help_text;
2990                         } else {
2991                                 print "Unknown option: $pref_name";
2992                         }
2993
2994                 } else if ($subop == "Change e-mail") {
2995
2996                         if (WEB_DEMO_MODE) {
2997                                 header("Location: prefs.php");
2998                                 return;
2999                         }
3000
3001                         $email = db_escape_string($_GET["email"]);
3002                         $active_uid = $_SESSION["uid"];
3003
3004                         if ($email) {
3005                                 db_query($link, "UPDATE ttrss_users SET email = '$email'
3006                                                 WHERE id = '$active_uid'");
3007                         }
3008
3009                         header("Location: prefs.php");
3010
3011                 } else if ($subop == "Change password") {
3012
3013                         if (WEB_DEMO_MODE) {
3014                                 header("Location: prefs.php");
3015                                 return;
3016                         }
3017
3018                         $old_pw = $_POST["OLD_PASSWORD"];
3019                         $new_pw = $_POST["OLD_PASSWORD"];
3020
3021                         $old_pw_hash = 'SHA1:' . sha1($_POST["OLD_PASSWORD"]);
3022                         $new_pw_hash = 'SHA1:' . sha1($_POST["NEW_PASSWORD"]);
3023
3024                         $active_uid = $_SESSION["uid"];
3025
3026                         if ($old_pw && $new_pw) {
3027
3028                                 $login = db_escape_string($_SERVER['PHP_AUTH_USER']);
3029
3030                                 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
3031                                         id = '$active_uid' AND (pwd_hash = '$old_pw' OR
3032                                                 pwd_hash = '$old_pw_hash')");
3033
3034                                 if (db_num_rows($result) == 1) {
3035                                         db_query($link, "UPDATE ttrss_users SET pwd_hash = '$new_pw_hash'
3036                                                 WHERE id = '$active_uid'");
3037
3038                                         $_SESSION["pwd_change_result"] = "ok";
3039                                 } else {
3040                                         $_SESSION["pwd_change_result"] = "failed";
3041                                 }
3042                         }
3043
3044                         header("Location: prefs.php");
3045
3046                 } else if ($subop == "Reset to defaults") {
3047
3048                         if (WEB_DEMO_MODE) {
3049                                 header("Location: prefs.php");
3050                                 return;
3051                         }
3052
3053                         $_SESSION["prefs_op_result"] = "reset-to-defaults";
3054
3055                         if (DB_TYPE == "pgsql") {
3056                                 db_query($link,"UPDATE ttrss_user_prefs
3057                                         SET value = ttrss_prefs.def_value
3058                                         WHERE owner_uid = '".$_SESSION["uid"]."' AND
3059                                         ttrss_prefs.pref_name = ttrss_user_prefs.pref_name");
3060                         } else {
3061                                 db_query($link, "DELETE FROM ttrss_user_prefs
3062                                         WHERE owner_uid = ".$_SESSION["uid"]);
3063                                 initialize_user_prefs($link, $_SESSION["uid"]);
3064                         }
3065
3066                         header("Location: prefs.php");
3067
3068                 } else if ($subop == "Change theme") {
3069
3070                         $theme = db_escape_string($_POST["theme"]);
3071
3072                         if ($theme == "Default") {
3073                                 $theme_qpart = 'NULL';
3074                         } else {
3075                                 $theme_qpart = "'$theme'";
3076                         }
3077
3078                         $result = db_query($link, "SELECT id,theme_path FROM ttrss_themes
3079                                 WHERE theme_name = '$theme'");
3080
3081                         if (db_num_rows($result) == 1) {
3082                                 $theme_id = db_fetch_result($result, 0, "id");
3083                                 $theme_path = db_fetch_result($result, 0, "theme_path");
3084                         } else {
3085                                 $theme_id = "NULL";
3086                                 $theme_path = "";
3087                         }
3088
3089                         db_query($link, "UPDATE ttrss_users SET
3090                                 theme_id = $theme_id WHERE id = " . $_SESSION["uid"]);
3091
3092                         $_SESSION["theme"] = $theme_path;
3093
3094                         header("Location: prefs.php");
3095
3096                 } else {
3097
3098                         if (!SINGLE_USER_MODE) {
3099
3100                                 $result = db_query($link, "SELECT id,email FROM ttrss_users
3101                                         WHERE id = ".$_SESSION["uid"]." AND (pwd_hash = 'password' OR
3102                                                 pwd_hash = 'SHA1:".sha1("password")."')");
3103
3104                                 if (db_num_rows($result) != 0) {
3105                                         print "<div class=\"warning\">
3106                                                 Your password is at default value, please change it.
3107                                         </div>";
3108                                 }
3109
3110                                 if ($_SESSION["pwd_change_result"] == "failed") {
3111                                         print "<div class=\"warning\">
3112                                                         There was an error while changing your password.
3113                                                 </div>";
3114                                 }
3115
3116                                 if ($_SESSION["pwd_change_result"] == "ok") {
3117                                         print "<div class=\"notice\">
3118                                                         Password changed successfully.
3119                                                 </div>";
3120                                 }
3121
3122                                 $_SESSION["pwd_change_result"] = "";
3123
3124                                 if ($_SESSION["prefs_op_result"] == "reset-to-defaults") {
3125                                         print "<div class=\"notice\">
3126                                                         Your configuration was reset to defaults.
3127                                                 </div>";
3128                                 }
3129
3130                                 if ($_SESSION["prefs_op_result"] == "save-config") {
3131                                         print "<div class=\"notice\">
3132                                                         Your configuration was saved successfully.
3133                                                 </div>";
3134                                 }
3135
3136                                 $_SESSION["prefs_op_result"] = "";
3137
3138                                 print "<form action=\"backend.php\" method=\"GET\">";
3139
3140                                 print "<table width=\"100%\" class=\"prefPrefsList\">";
3141                                 print "<tr><td colspan='3'><h3>Personal data</h3></tr></td>";
3142
3143                                 $result = db_query($link, "SELECT email FROM ttrss_users
3144                                         WHERE id = ".$_SESSION["uid"]);
3145
3146                                 $email = db_fetch_result($result, 0, "email");
3147
3148                                 print "<tr><td width=\"40%\">E-mail</td>";
3149                                 print "<td><input class=\"editbox\" name=\"email\"
3150                                         value=\"$email\"></td></tr>";
3151
3152                                 print "</table>";
3153
3154                                 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
3155
3156                                 print "<p><input class=\"button\" type=\"submit\"
3157                                         value=\"Change e-mail\" name=\"subop\">";
3158
3159                                 print "</form>";
3160
3161                                 print "<form action=\"backend.php\" method=\"POST\">";
3162
3163                                 print "<table width=\"100%\" class=\"prefPrefsList\">";
3164                                 print "<tr><td colspan='3'><h3>Authentication</h3></tr></td>";
3165
3166                                 print "<tr><td width=\"40%\">Old password</td>";
3167                                 print "<td><input class=\"editbox\" type=\"password\"
3168                                         name=\"OLD_PASSWORD\"></td></tr>";
3169
3170                                 print "<tr><td width=\"40%\">New password</td>";
3171
3172                                 print "<td><input class=\"editbox\" type=\"password\"
3173                                         name=\"NEW_PASSWORD\"></td></tr>";
3174
3175                                 print "</table>";
3176
3177                                 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
3178
3179                                 print "<p><input class=\"button\" type=\"submit\"
3180                                         value=\"Change password\" name=\"subop\">";
3181
3182                                 print "</form>";
3183
3184                         }
3185
3186                         $result = db_query($link, "SELECT
3187                                 theme_id FROM ttrss_users WHERE id = " . $_SESSION["uid"]);
3188
3189                         $user_theme_id = db_fetch_result($result, 0, "theme_id");
3190
3191                         $result = db_query($link, "SELECT
3192                                 id,theme_name FROM ttrss_themes ORDER BY theme_name");
3193
3194                         if (db_num_rows($result) > 0) {
3195
3196                                 print "<form action=\"backend.php\" method=\"POST\">";
3197                                 print "<table width=\"100%\" class=\"prefPrefsList\">";
3198                                 print "<tr><td colspan='3'><h3>Themes</h3></tr></td>";
3199                                 print "<tr><td width=\"40%\">Select theme</td>";
3200                                 print "<td><select name=\"theme\">";
3201                                 print "<option>Default</option>";
3202                                 print "<option disabled>--------</option>";
3203
3204                                 while ($line = db_fetch_assoc($result)) {
3205                                         if ($line["id"] == $user_theme_id) {
3206                                                 $selected = "selected";
3207                                         } else {
3208                                                 $selected = "";
3209                                         }
3210                                         print "<option $selected>" . $line["theme_name"] . "</option>";
3211                                 }
3212                                 print "</select></td></tr>";
3213                                 print "</table>";
3214                                 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
3215                                 print "<p><input class=\"button\" type=\"submit\"
3216                                         value=\"Change theme\" name=\"subop\">";
3217                                 print "</form>";
3218                         }
3219
3220                         $result = db_query($link, "SELECT
3221                                 ttrss_user_prefs.pref_name,short_desc,help_text,value,type_name,
3222                                 section_name,def_value
3223                                 FROM ttrss_prefs,ttrss_prefs_types,ttrss_prefs_sections,ttrss_user_prefs
3224                                 WHERE type_id = ttrss_prefs_types.id AND
3225                                         section_id = ttrss_prefs_sections.id AND
3226                                         ttrss_user_prefs.pref_name = ttrss_prefs.pref_name AND
3227                                         owner_uid = ".$_SESSION["uid"]."
3228                                 ORDER BY section_id,short_desc");
3229
3230                         print "<form action=\"backend.php\" method=\"POST\">";
3231
3232                         $lnum = 0;
3233
3234                         $active_section = "";
3235
3236                         while ($line = db_fetch_assoc($result)) {
3237
3238                                 if ($active_section != $line["section_name"]) {
3239
3240                                         if ($active_section != "") {
3241                                                 print "</table>";
3242                                         }
3243
3244                                         print "<p><table width=\"100%\" class=\"prefPrefsList\">";
3245
3246                                         $active_section = $line["section_name"];
3247
3248                                         print "<tr><td colspan=\"3\"><h3>$active_section</h3></td></tr>";
3249 //                                      print "<tr class=\"title\">
3250 //                                              <td width=\"25%\">Option</td><td>Value</td></tr>";
3251
3252                                         $lnum = 0;
3253                                 }
3254
3255 //                              $class = ($lnum % 2) ? "even" : "odd";
3256
3257                                 print "<tr>";
3258
3259                                 $type_name = $line["type_name"];
3260                                 $pref_name = $line["pref_name"];
3261                                 $value = $line["value"];
3262                                 $def_value = $line["def_value"];
3263                                 $help_text = $line["help_text"];
3264
3265                                 print "<td width=\"40%\" id=\"$pref_name\">" . $line["short_desc"];
3266
3267                                 if ($help_text) print "<div class=\"prefHelp\">$help_text</div>";
3268
3269                                 print "</td>";
3270
3271                                 print "<td>";
3272
3273                                 if ($type_name == "bool") {
3274 //                                      print_select($pref_name, $value, array("true", "false"));
3275
3276                                         if ($value == "true") {
3277                                                 $value = "Yes";
3278                                         } else {
3279                                                 $value = "No";
3280                                         }
3281
3282                                         print_radio($pref_name, $value, array("Yes", "No"));
3283
3284                                 } else {
3285                                         print "<input class=\"editbox\" name=\"$pref_name\" value=\"$value\">";
3286                                 }
3287
3288                                 print "</td>";
3289
3290                                 print "</tr>";
3291
3292                                 $lnum++;
3293                         }
3294
3295                         print "</table>";
3296
3297                         print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
3298
3299                         print "<p><input class=\"button\" type=\"submit\"
3300                                 name=\"subop\" value=\"Save configuration\">";
3301
3302                         print "&nbsp;<input class=\"button\" type=\"submit\"
3303                                 name=\"subop\" onclick=\"return validatePrefsReset()\"
3304                                 value=\"Reset to defaults\"></p>";
3305
3306                         print "</form>";
3307
3308                 }
3309
3310         }
3311
3312         if ($op == "pref-users") {
3313
3314                 $subop = $_GET["subop"];
3315
3316                 if ($subop == "editSave") {
3317
3318                         if (!WEB_DEMO_MODE) {
3319
3320                                 $login = db_escape_string($_GET["l"]);
3321                                 $uid = db_escape_string($_GET["id"]);
3322                                 $access_level = sprintf("%d", $_GET["al"]);
3323                                 $email = db_escape_string($_GET["e"]);
3324
3325                                 db_query($link, "UPDATE ttrss_users SET login = '$login',
3326                                         access_level = '$access_level', email = '$email' WHERE id = '$uid'");
3327
3328                         }
3329                 } else if ($subop == "remove") {
3330
3331                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3332
3333                                 $ids = split(",", db_escape_string($_GET["ids"]));
3334
3335                                 foreach ($ids as $id) {
3336                                         db_query($link, "DELETE FROM ttrss_users WHERE id = '$id' AND id != " . $_SESSION["uid"]);
3337
3338                                 }
3339                         }
3340                 } else if ($subop == "add") {
3341
3342                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3343
3344                                 $login = db_escape_string(trim($_GET["login"]));
3345                                 $tmp_user_pwd = make_password(8);
3346                                 $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd);
3347
3348                                 db_query($link, "INSERT INTO ttrss_users
3349                                         (login,pwd_hash,access_level,last_login)
3350                                         VALUES ('$login', '$pwd_hash', 0, NOW())");
3351
3352
3353                                 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
3354                                         login = '$login' AND pwd_hash = '$pwd_hash'");
3355
3356                                 if (db_num_rows($result) == 1) {
3357
3358                                         $new_uid = db_fetch_result($result, 0, "id");
3359
3360                                         print "<div class=\"notice\">Added user <b>".$_GET["login"].
3361                                                 "</b> with password <b>$tmp_user_pwd</b>.</div>";
3362
3363                                         initialize_user($link, $new_uid);
3364
3365                                 } else {
3366
3367                                         print "<div class=\"warning\">Error while adding user <b>".
3368                                         $_GET["login"].".</b></div>";
3369
3370                                 }
3371                         }
3372                 } else if ($subop == "resetPass") {
3373
3374                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3375
3376                                 $uid = db_escape_string($_GET["id"]);
3377
3378                                 $result = db_query($link, "SELECT login,email
3379                                         FROM ttrss_users WHERE id = '$uid'");
3380
3381                                 $login = db_fetch_result($result, 0, "login");
3382                                 $email = db_fetch_result($result, 0, "email");
3383                                 $tmp_user_pwd = make_password(8);
3384                                 $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd);
3385
3386                                 db_query($link, "UPDATE ttrss_users SET pwd_hash = '$pwd_hash'
3387                                         WHERE id = '$uid'");
3388
3389                                 print "<div class=\"notice\">Changed password of
3390                                         user <b>$login</b> to <b>$tmp_user_pwd</b>.";
3391
3392                                 if (MAIL_RESET_PASS && $email) {
3393                                         print " Notifying <b>$email</b>.";
3394
3395                                         mail("$login <$email>", "Password reset notification",
3396                                                 "Hi, $login.\n".
3397                                                 "\n".
3398                                                 "Your password for this TT-RSS installation was reset by".
3399                                                         " an administrator.\n".
3400                                                 "\n".
3401                                                 "Your new password is $tmp_user_pwd, please remember".
3402                                                         " it for later reference.\n".
3403                                                 "\n".
3404                                                 "Sincerely, TT-RSS Mail Daemon.", "From: " . MAIL_FROM);
3405                                 }
3406
3407                                 print "</div>";
3408
3409                         }
3410                 }
3411
3412                 print "<div class=\"prefGenericAddBox\">
3413                         <input id=\"uadd_box\" onchange=\"javascript:addUser()\" size=\"40\">&nbsp;";
3414
3415                 print"<input type=\"submit\" class=\"button\"
3416                         onclick=\"javascript:addUser()\" value=\"Add user\"></div>";
3417
3418                 $result = db_query($link, "SELECT
3419                                 id,login,access_level,email,
3420                                 SUBSTRING(last_login,1,16) as last_login
3421                         FROM
3422                                 ttrss_users
3423                         ORDER by login");
3424
3425                 print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
3426
3427                 print "<p><table width=\"100%\" cellspacing=\"0\"
3428                         class=\"prefUserList\" id=\"prefUserList\">";
3429
3430                 print "<tr><td class=\"selectPrompt\" colspan=\"8\">
3431                                 Select:
3432                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefUserList',
3433                                                 'UMRR-', 'UMCHK-', true)\">All</a>,
3434                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefUserList',
3435                                                 'UMRR-', 'UMCHK-', false)\">None</a>
3436                                 </td</tr>";
3437
3438                 print "<tr class=\"title\">
3439                                         <td align='center' width=\"5%\">&nbsp;</td>
3440                                         <td width='20%'>Login</td>
3441                                         <td width='20%'>E-mail</td>
3442                                         <td width='20%'>Access Level</td>
3443                                         <td width='20%'>Last login</td></tr>";
3444
3445                 $lnum = 0;
3446
3447                 while ($line = db_fetch_assoc($result)) {
3448
3449                         $class = ($lnum % 2) ? "even" : "odd";
3450
3451                         $uid = $line["id"];
3452                         $edit_uid = $_GET["id"];
3453
3454                         if ($subop == "edit" && $uid != $edit_uid) {
3455                                 $class .= "Grayed";
3456                                 $this_row_id = "";
3457                         } else {
3458                                 $this_row_id = "id=\"UMRR-$uid\"";
3459                         }
3460
3461                         print "<tr class=\"$class\" $this_row_id>";
3462
3463                         $line["login"] = htmlspecialchars($line["login"]);
3464
3465                         $line["last_login"] = date(get_pref($link, 'SHORT_DATE_FORMAT'),
3466                                 strtotime($line["last_login"]));
3467
3468                         $access_level_names = array(0 => "User", 10 => "Administrator");
3469
3470 /*                      if ($uid == $_SESSION["uid"]) {
3471
3472                                 print "<td align='center'><input disabled=\"true\" type=\"checkbox\"
3473                                         id=\"UMCHK-".$line["id"]."\"></td>";
3474
3475                                 print "<td>".$line["login"]."</td>";
3476                                 print "<td>".$line["email"]."</td>";
3477                                 print "<td>".$line["access_level"]."</td>";
3478
3479                         } else */ if (!$edit_uid || $subop != "edit") {
3480
3481                                 print "<td align='center'><input onclick='toggleSelectRow(this);'
3482                                 type=\"checkbox\" id=\"UMCHK-$uid\"></td>";
3483
3484                                 print "<td><a href=\"javascript:editUser($uid);\">" .
3485                                         $line["login"] . "</td>";
3486
3487                                 if (!$line["email"]) $line["email"] = "&nbsp;";
3488
3489                                 print "<td><a href=\"javascript:editUser($uid);\">" .
3490                                         $line["email"] . "</td>";
3491
3492                                 print "<td><a href=\"javascript:editUser($uid);\">" .
3493                                         $access_level_names[$line["access_level"]] . "</td>";
3494
3495                         } else if ($uid != $edit_uid) {
3496
3497                                 if (!$line["email"]) $line["email"] = "&nbsp;";
3498
3499                                 print "<td align='center'><input disabled=\"true\" type=\"checkbox\"
3500                                         id=\"UMCHK-".$line["id"]."\"></td>";
3501
3502                                 print "<td>".$line["login"]."</td>";
3503                                 print "<td>".$line["email"]."</td>";
3504                                 print "<td>".$access_level_names[$line["access_level"]]."</td>";
3505
3506                         } else {
3507
3508                                 print "<td align='center'>
3509                                         <input disabled=\"true\" type=\"checkbox\" checked></td>";
3510
3511                                 print "<td><input id=\"iedit_ulogin\" value=\"".$line["login"].
3512                                         "\"></td>";
3513
3514                                 print "<td><input id=\"iedit_email\" value=\"".$line["email"].
3515                                         "\"></td>";
3516
3517 //                              print "<td><input id=\"iedit_ulevel\" value=\"".$line["access_level"].
3518 //                                      "\"></td>";
3519
3520                                 print "<td>";
3521                                 print "<select id=\"iedit_ulevel\">";
3522                                 foreach (array_keys($access_level_names) as $al) {
3523                                         if ($al == $line["access_level"]) {
3524                                                 $selected = "selected";
3525                                         } else {
3526                                                 $selected = "";
3527                                         }
3528                                         print "<option $selected id=\"$al\">" .
3529                                                 $access_level_names[$al] . "</option>";
3530                                 }
3531                                 print "</select>";
3532                                 print "</td>";
3533
3534                         }
3535
3536                         print "<td>".$line["last_login"]."</td>";
3537
3538                         print "</tr>";
3539
3540                         ++$lnum;
3541                 }
3542
3543                 print "</table>";
3544
3545                 print "<p>";
3546
3547                 if ($subop == "edit") {
3548                         print "Edit user:
3549                                 <input type=\"submit\" class=\"button\"
3550                                         onclick=\"javascript:userEditSave()\" value=\"Save\">
3551                                 <input type=\"submit\" class=\"button\"
3552                                         onclick=\"javascript:userEditCancel()\" value=\"Cancel\">";
3553
3554                 } else {
3555
3556                         print "
3557                                 Selection:
3558                         <input type=\"submit\" class=\"button\"
3559                                 onclick=\"javascript:selectedUserDetails()\" value=\"User details\">
3560                         <input type=\"submit\" class=\"button\"
3561                                 onclick=\"javascript:editSelectedUser()\" value=\"Edit\">
3562                         <input type=\"submit\" class=\"button\"
3563                                 onclick=\"javascript:removeSelectedUsers()\" value=\"Remove\">
3564                         <input type=\"submit\" class=\"button\"
3565                                 onclick=\"javascript:resetSelectedUserPass()\" value=\"Reset password\">";
3566
3567                 }
3568         }
3569
3570         if ($op == "user-details") {
3571
3572                 if (WEB_DEMO_MODE || $_SESSION["access_level"] < 10) {
3573                         return;
3574                 }
3575
3576 /*              print "<html><head>
3577                         <title>Tiny Tiny RSS : User Details</title>
3578                         <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">
3579                         <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
3580                         </head><body>"; */
3581
3582                 $uid = sprintf("%d", $_GET["id"]);
3583
3584                 print "<div class='infoBoxContents'>";
3585
3586                 $result = db_query($link, "SELECT login,
3587                         SUBSTRING(last_login,1,16) AS last_login,
3588                         access_level,
3589                         (SELECT COUNT(int_id) FROM ttrss_user_entries
3590                                 WHERE owner_uid = id) AS stored_articles
3591                         FROM ttrss_users
3592                         WHERE id = '$uid'");
3593
3594                 if (db_num_rows($result) == 0) {
3595                         print "<h1>User not found</h1>";
3596                         return;
3597                 }
3598
3599 #               print "<h1>User Details</h1>";
3600
3601                 $login = db_fetch_result($result, 0, "login");
3602
3603                 print "<h1>$login</h1>";
3604
3605                 print "<table width='100%'>";
3606
3607                 $last_login = date(get_pref($link, 'LONG_DATE_FORMAT'),
3608                         strtotime(db_fetch_result($result, 0, "last_login")));
3609                 $access_level = db_fetch_result($result, 0, "access_level");
3610                 $stored_articles = db_fetch_result($result, 0, "stored_articles");
3611
3612 #               print "<tr><td>Username</td><td>$login</td></tr>";
3613                 print "<tr><td>Access level</td><td>$access_level</td></tr>";
3614                 print "<tr><td>Last logged in</td><td>$last_login</td></tr>";
3615                 print "<tr><td>Stored articles</td><td>$stored_articles</td></tr>";
3616
3617                 $result = db_query($link, "SELECT COUNT(id) as num_feeds FROM ttrss_feeds
3618                         WHERE owner_uid = '$uid'");
3619
3620                 $num_feeds = db_fetch_result($result, 0, "num_feeds");
3621
3622                 print "<tr><td>Subscribed feeds count</td><td>$num_feeds</td></tr>";
3623
3624 /*              $result = db_query($link, "SELECT
3625                         SUM(LENGTH(content)+LENGTH(title)+LENGTH(link)+LENGTH(guid)) AS db_size
3626                         FROM ttrss_user_entries,ttrss_entries
3627                                 WHERE owner_uid = '$uid' AND ref_id = id");
3628
3629                 $db_size = round(db_fetch_result($result, 0, "db_size") / 1024);
3630
3631                 print "<tr><td>Approx. used DB size</td><td>$db_size KBytes</td></tr>";  */
3632
3633                 print "</table>";
3634
3635                 print "<h1>Subscribed feeds</h1>";
3636
3637                 $result = db_query($link, "SELECT id,title,site_url FROM ttrss_feeds
3638                         WHERE owner_uid = '$uid' ORDER BY title");
3639
3640                 print "<ul class=\"userFeedList\">";
3641
3642                 $row_class = "odd";
3643
3644                 while ($line = db_fetch_assoc($result)) {
3645
3646                         $icon_file = ICONS_URL."/".$line["id"].".ico";
3647
3648                         if (file_exists($icon_file) && filesize($icon_file) > 0) {
3649                                 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"$icon_file\">";
3650                         } else {
3651                                 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
3652                         }
3653
3654                         print "<li class=\"$row_class\">$feed_icon&nbsp;<a href=\"".$line["site_url"]."\">".$line["title"]."</a></li>";
3655
3656                         $row_class = toggleEvenOdd($row_class);
3657
3658                 }
3659
3660                 if (db_num_rows($result) < $num_feeds) {
3661                          // FIXME - add link to show ALL subscribed feeds here somewhere
3662                         print "<li><img
3663                                 class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">&nbsp;...</li>";
3664                 }
3665
3666                 print "</ul>";
3667
3668                 print "</div>";
3669
3670                 print "<div align='center'>
3671                         <input type='submit' class='button'
3672                         onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
3673
3674 //              print "</body></html>";
3675
3676         }
3677
3678         if ($op == "feed-details") {
3679
3680 //              $feed_id = $_GET["id"];
3681
3682                 $feed_ids = split(",", db_escape_string($_GET["id"]));
3683
3684                 print "<div class=\"infoBoxContents\">";
3685
3686                 foreach ($feed_ids as $feed_id) {
3687
3688                         $result = db_query($link,
3689                                 "SELECT
3690                                         title,feed_url,
3691                                         SUBSTRING(last_updated,1,16) as last_updated,
3692                                         icon_url,site_url,
3693                                         (SELECT COUNT(int_id) FROM ttrss_user_entries
3694                                                 WHERE feed_id = id) AS total,
3695                                         (SELECT COUNT(int_id) FROM ttrss_user_entries
3696                                                 WHERE feed_id = id AND unread = true) AS unread,
3697                                         (SELECT COUNT(int_id) FROM ttrss_user_entries
3698                                                 WHERE feed_id = id AND marked = true) AS marked
3699                                 FROM ttrss_feeds
3700                                 WHERE id = '$feed_id' AND owner_uid = ".$_SESSION["uid"]);
3701
3702                         if (db_num_rows($result) == 0) return;
3703
3704                         $title = db_unescape_string(db_fetch_result($result, 0, "title"));
3705                         $last_updated = date(get_pref($link, 'LONG_DATE_FORMAT'),
3706                                 strtotime(db_fetch_result($result, 0, "last_updated")));
3707                         $feed_url = db_fetch_result($result, 0, "feed_url");
3708                         $icon_url = db_fetch_result($result, 0, "icon_url");
3709                         $total = db_fetch_result($result, 0, "total");
3710                         $unread = db_fetch_result($result, 0, "unread");
3711                         $marked = db_fetch_result($result, 0, "marked");
3712                         $site_url = db_fetch_result($result, 0, "site_url");
3713
3714                         $result = db_query($link, "SELECT COUNT(id) AS subscribed
3715                                                 FROM ttrss_feeds WHERE feed_url = '$feed_url' AND private = false");
3716
3717                         $subscribed = db_fetch_result($result, 0, "subscribed");
3718
3719                         $icon_file = ICONS_DIR . "/$feed_id.ico";
3720
3721                         if (file_exists($icon_file) && filesize($icon_file) > 0) {
3722                                         $feed_icon = "<img width=\"16\" height=\"16\"
3723                                                 src=\"" . ICONS_URL . "/$feed_id.ico\">";
3724                         } else {
3725                                 $feed_icon = "";
3726                         }
3727
3728                         print "<h1>$feed_icon $title</h1>";
3729
3730                         print "<table width='100%'>";
3731
3732                         if ($site_url) {
3733                                 print "<tr><td width='30%'>Link</td>
3734                                         <td><a href=\"$site_url\">$site_url</a>
3735                                         <a href=\"$feed_url\">(feed)</a></td>
3736                                         </td></tr>";
3737                         } else {
3738                                 print "<tr><td width='30%'>Feed URL</td>
3739                                         <td><a href=\"$feed_url\">$feed_url</a></td></tr>";
3740                         }
3741                         print "<tr><td>Last updated</td><td>$last_updated</td></tr>";
3742                         print "<tr><td>Total articles</td><td>$total</td></tr>";
3743                         print "<tr><td>Unread articles</td><td>$unread</td></tr>";
3744                         print "<tr><td>Starred articles</td><td>$marked</td></tr>";
3745                         print "<tr><td>Subscribed users</td><td>$subscribed</td></tr>";
3746
3747                         print "</table>";
3748
3749 /*                      $result = db_query($link, "SELECT title,
3750                                 SUBSTRING(updated,1,16) AS updated,unread
3751                                 FROM ttrss_entries,ttrss_user_entries
3752                                 WHERE ref_id = id AND feed_id = '$feed_id'
3753                                 ORDER BY date_entered DESC LIMIT 5");
3754
3755                         if (db_num_rows($result) > 0) {
3756
3757                                 print "<h1>Latest headlines</h1>";
3758
3759                                 print "<ul class=\"nomarks\">";
3760
3761                                 while ($line = db_fetch_assoc($result)) {
3762                                         if ($line["unread"] == "t" || $line["unread"] == "1") {
3763                                                 $line["title"] = "<b>" . $line["title"] . "</b>";
3764                                         }
3765                                         print "<li>" . $line["title"].
3766                                         "&nbsp;<span class=\"insensitive\">(" .
3767                                                 date(get_pref($link, 'SHORT_DATE_FORMAT'),
3768                                                         strtotime($line["updated"])).
3769                                         ")</span></li>";
3770                                 }
3771
3772                                 print "</ul>";
3773
3774                         } */
3775                 }
3776
3777                 print "</div>";
3778
3779                 print "<div align='center'>
3780                         <input type='submit' class='button'
3781                         onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
3782         }
3783
3784         if ($op == "pref-feed-browser") {
3785
3786                 if (!ENABLE_FEED_BROWSER) {
3787                         print "Feed browser is administratively disabled.";
3788                         return;
3789                 }
3790
3791                 $subop = $_REQUEST["subop"];
3792
3793                 if ($subop == "details") {
3794                         $id = db_escape_string($_GET["id"]);
3795
3796                         print "<div class=\"browserFeedInfo\">";
3797                         print "<b>Feed information:</b>";
3798                         print "<div class=\"detailsPart\">";
3799
3800                         $result = db_query($link, "SELECT
3801                                         feed_url,site_url,
3802                                         SUBSTRING(last_updated,1,19) AS last_updated
3803                                 FROM ttrss_feeds WHERE id = '$id'");
3804
3805                         $feed_url = db_fetch_result($result, 0, "feed_url");
3806                         $site_url = db_fetch_result($result, 0, "site_url");
3807                         $last_updated = db_fetch_result($result, 0, "last_updated");
3808
3809                         if (get_pref($link, 'HEADLINES_SMART_DATE')) {
3810                                 $last_updated = smart_date_time(strtotime($last_updated));
3811                         } else {
3812                                 $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
3813                                 $last_updated = date($short_date, strtotime($last_updated));
3814                         }
3815
3816                         print "Site: <a href='$site_url'>$site_url</a> ".
3817                                 "(<a href='$feed_url'>feed</a>), ".
3818                                 "Last updated: $last_updated";
3819
3820                         print "</div>";
3821
3822                         $result = db_query($link, "SELECT
3823                                         ttrss_entries.title,
3824                                         content,
3825                                         substring(date_entered,1,19) as date_entered,
3826                                         substring(updated,1,19) as updated
3827                                 FROM ttrss_entries,ttrss_user_entries
3828                                 WHERE   ttrss_entries.id = ref_id AND feed_id = '$id'
3829                                 ORDER BY updated DESC LIMIT 5");
3830
3831                         if (db_num_rows($result) > 0) {
3832
3833                                 print "<b>Last headlines:</b><br>";
3834
3835                                 print "<div class=\"detailsPart\">";
3836                                 print "<ul class=\"compact\">";
3837                                 while ($line = db_fetch_assoc($result)) {
3838
3839                                         if (get_pref($link, 'HEADLINES_SMART_DATE')) {
3840                                                 $entry_dt = smart_date_time(strtotime($line["updated"]));
3841                                         } else {
3842                                                 $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
3843                                                 $entry_dt = date($short_date, strtotime($line["updated"]));
3844                                         }
3845
3846                                         print "<li>" . $line["title"] .
3847                                                 "&nbsp;<span class=\"insensitive\">($entry_dt)</span></li>";
3848                                 }
3849                                 print "</ul></div>";
3850                         }
3851
3852                         print "</div>";
3853
3854                         return;
3855                 }
3856
3857                 print "<p>This panel shows feeds subscribed by other users of this system, just in case you are interested in some of them too.</p>";
3858
3859                 $result = db_query($link, "SELECT feed_url,count(id) AS subscribers
3860                         FROM ttrss_feeds
3861                         WHERE auth_login = '' AND auth_pass = '' AND private = false
3862                         GROUP BY feed_url ORDER BY subscribers DESC LIMIT 100");
3863
3864                 print "<p>Selection:
3865                         <input type='submit' class='button' onclick=\"feedBrowserSubscribe()\"
3866                         value=\"Subscribe\">";
3867
3868                 print "<ul class='nomarks' id='browseBigFeedList'>";
3869
3870                 $feedctr = 0;
3871
3872                 while ($line = db_fetch_assoc($result)) {
3873                         $feed_url = $line["feed_url"];
3874                         $subscribers = $line["subscribers"];
3875
3876                         $sub_result = db_query($link, "SELECT id
3877                                 FROM ttrss_feeds WHERE feed_url = '$feed_url' AND owner_uid =" .
3878                                 $_SESSION["uid"]);
3879
3880                         if (db_num_rows($sub_result) > 0) {
3881                                 continue; // already subscribed
3882                         }
3883
3884                         $det_result = db_query($link, "SELECT site_url,title,id
3885                                 FROM ttrss_feeds WHERE feed_url = '$feed_url' LIMIT 1");
3886
3887                         $details = db_fetch_assoc($det_result);
3888
3889                         $icon_file = ICONS_DIR . "/" . $details["id"] . ".ico";
3890
3891                         if (file_exists($icon_file) && filesize($icon_file) > 0) {
3892                                         $feed_icon = "<img class=\"tinyFeedIcon\"       src=\"" . ICONS_URL .
3893                                                 "/".$details["id"].".ico\">";
3894                         } else {
3895                                 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
3896                         }
3897
3898                         $check_box = "<input onclick='toggleSelectListRow(this)' class='feedBrowseCB'
3899                                 type=\"checkbox\" id=\"FBCHK-" . $details["id"] . "\">";
3900
3901                         $class = ($feedctr % 2) ? "even" : "odd";
3902
3903                         print "<li class='$class' id=\"FBROW-".$details["id"]."\">$check_box".
3904                                 "$feed_icon ";
3905
3906                         print "<a href=\"javascript:browserToggleExpand('".$details["id"]."')\">" .
3907                                 $details["title"] ."</a>&nbsp;" .
3908                                 "<span class='subscribers'>($subscribers)</span>";
3909
3910                         print "<div class=\"browserDetails\" id=\"BRDET-" . $details["id"] . "\">";
3911                         print "</div>";
3912
3913                         print "</li>";
3914
3915                                 ++$feedctr;
3916                 }
3917
3918                 if ($feedctr == 0) {
3919                         print "<li>No feeds found to subscribe.</li>";
3920                 }
3921
3922                 print "</ul>";
3923
3924                 print "</div>";
3925
3926         }
3927
3928         function check_configuration_variables() {
3929                 if (!defined('SESSION_EXPIRE_TIME')) {
3930                         return "config: SESSION_EXPIRE_TIME is undefined";
3931                 }
3932
3933                 if (SESSION_EXPIRE_TIME < 60) {
3934                         return "config: SESSION_EXPIRE_TIME is too low (less than 60)";
3935                 }
3936
3937                 if (SESSION_EXPIRE_TIME < SESSION_COOKIE_LIFETIME_REMEMBER) {
3938                         return "config: SESSION_EXPIRE_TIME should be greater or equal to" .
3939                                 "SESSION_COOKIE_LIFETIME_REMEMBER";
3940                 }
3941
3942                 if (defined('DISABLE_SESSIONS')) {
3943                         return "config: you have enabled DISABLE_SESSIONS. Please disable this option.";
3944                 }
3945
3946                 if (DATABASE_BACKED_SESSIONS && SINGLE_USER_MODE) {
3947                         return "config: DATABASE_BACKED_SESSIONS is incompatible with SINGLE_USER_MODE";
3948                 }
3949
3950                 return false;
3951         }
3952
3953         db_close($link);
3954 ?>
3955
3956 <!-- <?= sprintf("Backend execution time: %.4f seconds", getmicrotime() - $script_started) ?> -->
3957