backend.php

   1 <?php
   2         require_once "sessions.php";
   3         require_once "backend-rpc.php";
   4
   5         header("Cache-Control: no-cache, must-revalidate");
   6         header("Pragma: no-cache");
   7         header("Expires: -1");
   8
   9 /*      if ($_GET["debug"]) {
  10                 define('DEFAULT_ERROR_LEVEL', E_ALL);
  11         } else {
  12                 define('DEFAULT_ERROR_LEVEL', E_ERROR | E_WARNING | E_PARSE);
  13         }
  14
  15         error_reporting(DEFAULT_ERROR_LEVEL); */
  16
  17         $op = $_REQUEST["op"];
  18
  19         define('SCHEMA_VERSION', 10);
  20
  21         require_once "sanity_check.php";
  22         require_once "config.php";
  23
  24         require_once "db.php";
  25         require_once "db-prefs.php";
  26         require_once "functions.php";
  27
  28         $err_msg = check_configuration_variables();
  29
  30         $print_exec_time = true;
  31
  32         if ($err_msg) {
  33                 header("Content-Type: application/xml");
  34                 print_error_xml(9, $err_msg); die;
  35         }
  36
  37         if ((!$op || $op == "rpc" || $op == "rss" || $op == "digestSend" ||
  38                         $op == "globalUpdateFeeds") && !$_REQUEST["noxml"]) {
  39                 header("Content-Type: application/xml");
  40         }
  41
  42         if (!$op) {
  43                 header("Content-Type: application/xml");
  44                 print_error_xml(7); exit;
  45         }
  46
  47         if (!$_SESSION["uid"] && $op != "globalUpdateFeeds" && $op != "rss" && $op != "getUnread") {
  48
  49                 if ($op == "rpc") {
  50                         print_error_xml(6); die;
  51                 } else {
  52                         print "
  53                         <html><body>
  54                                 <p>Error: Not logged in.</p>
  55                                 <script type=\"text/javascript\">
  56                                         if (parent.window != 'undefined') {
  57                                                 parent.window.location = \"login.php\";
  58                                         } else {
  59                                                 window.location = \"login.php\";
  60                                         }
  61                                 </script>
  62                         </body></html>
  63                         ";
  64                 }
  65                 exit;
  66         }
  67
  68         $purge_intervals = array(
  69                 0  => "Use default",
  70                 -1 => "Never purge",
  71                 5  => "1 week old",
  72                 14 => "2 weeks old",
  73                 31 => "1 month old",
  74                 60 => "2 months old",
  75                 90 => "3 months old");
  76
  77         $update_intervals = array(
  78                 0   => "Use default",
  79                 -1  => "Disable updates",
  80                 30  => "Each 30 minutes",
  81                 60  => "Hourly",
  82                 240 => "Each 4 hours",
  83                 720 => "Each 12 hours",
  84                 1440 => "Daily",
  85                 10080 => "Weekly");
  86
  87         $access_level_names = array(
  88                 0 => "User",
  89                 10 => "Administrator");
  90
  91         $script_started = getmicrotime();
  92
  93         $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
  94
  95         if (!$link) {
  96                 if (DB_TYPE == "mysql") {
  97                         print mysql_error();
  98                 }
  99                 // PG seems to display its own errors just fine by default.
 100                 return;
 101         }
 102
 103         if (DB_TYPE == "pgsql") {
 104                 pg_query("set client_encoding = 'utf-8'");
 105         }
 106
 107         if ($_SESSION["uid"]) {
 108
 109 //              setcookie('ttrss_vf_refresh', FEEDS_FRAME_REFRESH);
 110 //              setcookie('ttrss_vf_daemon', ENABLE_UPDATE_DAEMON);
 111
 112 /*              if (get_pref($link, "ON_CATCHUP_SHOW_NEXT_FEED")) {
 113                         setcookie('ttrss_vf_catchupnext', 1);
 114                 } else {
 115                         setcookie('ttrss_vf_catchupnext', 0);
 116                 } */
 117         }
 118
 119         $fetch = $_GET["fetch"];
 120
 121 //      setcookie("ttrss_icons_url", ICONS_URL);
 122
 123         if (!sanity_check($link)) { return; }
 124
 125         function outputFeedList($link, $tags = false) {
 126
 127 /*              print "<html><head>
 128                         <title>Tiny Tiny RSS : Feedlist</title>
 129                         <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">";
 130
 131                 $user_theme = $_SESSION["theme"];
 132                 if ($user_theme) {
 133                         print "<link rel=\"stylesheet\" type=\"text/css\"
 134                                 href=\"themes/$user_theme/theme.css\">";
 135                 }
 136
 137                 if (get_pref($link, 'USE_COMPACT_STYLESHEET')) {
 138                         print "<link rel=\"stylesheet\" type=\"text/css\"
 139                                 href=\"tt-rss_compact.css\"/>";
 140                 } else {
 141                         print "<link title=\"Compact Stylesheet\" rel=\"alternate stylesheet\"
 142                                         type=\"text/css\" href=\"tt-rss_compact.css\"/>";
 143                 }
 144
 145                 $script_dt_add = get_script_dt_add();
 146
 147                 print "
 148                         <script type=\"text/javascript\" src=\"prototype.js\"></script>
 149                         <script type=\"text/javascript\" src=\"functions.js?$script_dt_add\"></script>
 150                         <script type=\"text/javascript\" src=\"feedlist.js?$script_dt_add\"></script>
 151                         <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
 152                         <!--[if gte IE 5.5000]>
 153                         <script type=\"text/javascript\" src=\"pngfix.js\"></script>
 154                         <link rel=\"stylesheet\" type=\"text/css\" href=\"tt-rss-ie.css\">
 155                         <![endif]-->
 156                         </head><body>
 157                         <script type=\"text/javascript\">
 158                                 if (document.addEventListener) {
 159                                         document.addEventListener(\"DOMContentLoaded\", init, null);
 160                                 }
 161                                 window.onload = init;
 162                         </script>"; */
 163
 164                 print "<ul class=\"feedList\" id=\"feedList\">\n";
 165
 166                 $owner_uid = $_SESSION["uid"];
 167
 168                 if (!$tags) {
 169
 170                         /* virtual feeds */
 171
 172                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 173                                 print "<li class=\"feedCat\">Special</li>";
 174                                 print "<li id=\"feedCatHolder\"><ul class=\"feedCatList\">";
 175                         }
 176
 177                         $num_starred = getFeedUnread($link, -1);
 178
 179                         $class = "virt";
 180
 181                         if ($num_starred > 0) $class .= "Unread";
 182
 183                         printFeedEntry(-1, $class, "Starred articles", $num_starred,
 184                                 "images/mark_set.png", $link);
 185
 186                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 187                                 print "</ul>\n";
 188                         }
 189
 190                         if (GLOBAL_ENABLE_LABELS && get_pref($link, 'ENABLE_LABELS')) {
 191
 192                                 $result = db_query($link, "SELECT id,sql_exp,description FROM
 193                                         ttrss_labels WHERE owner_uid = '$owner_uid' ORDER by description");
 194
 195                                 if (db_num_rows($result) > 0) {
 196                                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 197                                                 print "<li class=\"feedCat\">Labels</li>";
 198                                                 print "<li id=\"feedCatHolder\"><ul class=\"feedCatList\">";
 199                                         } else {
 200                                                 print "<li><hr></li>";
 201                                         }
 202                                 }
 203
 204                                 while ($line = db_fetch_assoc($result)) {
 205
 206                                         error_reporting (0);
 207
 208                                         $label_id = -$line['id'] - 11;
 209                                         $count = getFeedUnread($link, $label_id);
 210
 211                                         $class = "label";
 212
 213                                         if ($count > 0) {
 214                                                 $class .= "Unread";
 215                                         }
 216
 217                                         error_reporting (DEFAULT_ERROR_LEVEL);
 218
 219                                         printFeedEntry($label_id,
 220                                                 $class, db_unescape_string($line["description"]),
 221                                                 $count, "images/label.png", $link);
 222
 223                                 }
 224
 225                                 if (db_num_rows($result) > 0) {
 226                                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 227                                                 print "</ul>";
 228                                         }
 229                                 }
 230
 231                         }
 232
 233 //                      if (!get_pref($link, 'ENABLE_FEED_CATS')) {
 234                                 print "<li><hr></li>";
 235 //                      }
 236
 237                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 238                                 if (get_pref($link, "FEEDS_SORT_BY_UNREAD")) {
 239                                         $order_by_qpart = "category,unread DESC,title";
 240                                 } else {
 241                                         $order_by_qpart = "category,title";
 242                                 }
 243                         } else {
 244                                 if (get_pref($link, "FEEDS_SORT_BY_UNREAD")) {
 245                                         $order_by_qpart = "unread DESC,title";
 246                                 } else {
 247                                         $order_by_qpart = "title";
 248                                 }
 249                         }
 250
 251                         $result = db_query($link, "SELECT ttrss_feeds.*,
 252                                 SUBSTRING(last_updated,1,19) AS last_updated_noms,
 253                                 (SELECT COUNT(id) FROM ttrss_entries,ttrss_user_entries
 254                                         WHERE feed_id = ttrss_feeds.id AND
 255                                         ttrss_user_entries.ref_id = ttrss_entries.id AND
 256                                         owner_uid = '$owner_uid') AS total,
 257                                 (SELECT COUNT(id) FROM ttrss_entries,ttrss_user_entries
 258                                         WHERE feed_id = ttrss_feeds.id AND unread = true
 259                                                 AND ttrss_user_entries.ref_id = ttrss_entries.id
 260                                                 AND owner_uid = '$owner_uid') as unread,
 261                                 cat_id,last_error,
 262                                 ttrss_feed_categories.title AS category,
 263                                 ttrss_feed_categories.collapsed
 264                                 FROM ttrss_feeds LEFT JOIN ttrss_feed_categories
 265                                         ON (ttrss_feed_categories.id = cat_id)
 266                                 WHERE
 267                                         ttrss_feeds.hidden = false AND
 268                                         ttrss_feeds.owner_uid = '$owner_uid' AND parent_feed IS NULL
 269                                 ORDER BY $order_by_qpart");
 270
 271                         $actid = $_GET["actid"];
 272
 273                         /* real feeds */
 274
 275                         $lnum = 0;
 276
 277                         $total_unread = 0;
 278
 279                         $category = "";
 280
 281                         $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
 282
 283                         while ($line = db_fetch_assoc($result)) {
 284
 285                                 $feed = db_unescape_string($line["title"]);
 286                                 $feed_id = $line["id"];
 287
 288                                 $subop = $_GET["subop"];
 289
 290                                 $total = $line["total"];
 291                                 $unread = $line["unread"];
 292
 293                                 if (get_pref($link, 'HEADLINES_SMART_DATE')) {
 294                                         $last_updated = smart_date_time(strtotime($line["last_updated_noms"]));
 295                                 } else {
 296                                         $last_updated = date($short_date, strtotime($line["last_updated_noms"]));
 297                                 }
 298
 299                                 $rtl_content = sql_bool_to_bool($line["rtl_content"]);
 300
 301                                 if ($rtl_content) {
 302                                         $rtl_tag = "dir=\"RTL\"";
 303                                 } else {
 304                                         $rtl_tag = "";
 305                                 }
 306
 307                                 $tmp_result = db_query($link,
 308                                         "SELECT id,COUNT(unread) AS unread
 309                                         FROM ttrss_feeds LEFT JOIN ttrss_user_entries
 310                                                 ON (ttrss_feeds.id = ttrss_user_entries.feed_id)
 311                                         WHERE parent_feed = '$feed_id' AND unread = true
 312                                         GROUP BY ttrss_feeds.id");
 313
 314                                 if (db_num_rows($tmp_result) > 0) {
 315                                         while ($l = db_fetch_assoc($tmp_result)) {
 316                                                 $unread += $l["unread"];
 317                                         }
 318                                 }
 319
 320                                 $cat_id = $line["cat_id"];
 321
 322                                 $tmp_category = $line["category"];
 323
 324                                 if (!$tmp_category) {
 325                                         $tmp_category = "Uncategorized";
 326                                 }
 327
 328         //                      $class = ($lnum % 2) ? "even" : "odd";
 329
 330                                 if ($line["last_error"]) {
 331                                         $class = "error";
 332                                 } else {
 333                                         $class = "feed";
 334                                 }
 335
 336                                 if ($unread > 0) $class .= "Unread";
 337
 338                                 if ($actid == $feed_id) {
 339                                         $class .= "Selected";
 340                                 }
 341
 342                                 $total_unread += $unread;
 343
 344                                 if ($category != $tmp_category && get_pref($link, 'ENABLE_FEED_CATS')) {
 345
 346                                         if ($category) {
 347                                                 print "</ul></li>";
 348                                         }
 349
 350                                         $category = $tmp_category;
 351
 352                                         $collapsed = $line["collapsed"];
 353
 354                                         // workaround for NULL category
 355                                         if ($category == "Uncategorized") {
 356                                                 if ($_COOKIE["ttrss_vf_uclps"] == 1) {
 357                                                         $collapsed = "t";
 358                                                 }
 359                                         }
 360
 361                                         if ($collapsed == "t" || $collapsed == "1") {
 362                                                 $holder_class = "invisible";
 363                                                 $ellipsis = "...";
 364                                         } else {
 365                                                 $holder_class = "";
 366                                                 $ellipsis = "";
 367                                         }
 368
 369                                         $cat_id = sprintf("%d", $cat_id);
 370
 371                                         $cat_unread = getCategoryUnread($link, $cat_id);
 372
 373                                         print "<li class=\"feedCat\" id=\"FCAT-$cat_id\">
 374                                                 <a id=\"FCATN-$cat_id\" href=\"javascript:toggleCollapseCat($cat_id)\">$tmp_category</a>
 375                                                         <a href=\"javascript:viewCategory($cat_id)\" id=\"FCAP-$cat_id\">
 376                                                         <span id=\"FCATCTR-$cat_id\"
 377                                                         class=\"$catctr_class\">($cat_unread unread)$ellipsis</span>
 378                                                         </a></li>";
 379
 380                                         // !!! NO SPACE before <ul...feedCatList - breaks firstChild DOM function
 381                                         // -> keyboard navigation, etc.
 382                                         print "<li id=\"feedCatHolder\" class=\"$holder_class\"><ul class=\"feedCatList\" id=\"FCATLIST-$cat_id\">";
 383                                 }
 384
 385                                 printFeedEntry($feed_id, $class, $feed, $unread,
 386                                         "icons/$feed_id.ico", $link, $rtl_content,
 387                                         $last_updated, $line["last_error"]);
 388
 389                                 ++$lnum;
 390                         }
 391
 392                 } else {
 393
 394                         // tags
 395
 396 /*                      $result = db_query($link, "SELECT tag_name,count(ttrss_entries.id) AS count
 397                                 FROM ttrss_tags,ttrss_entries,ttrss_user_entries WHERE
 398                                 post_int_id = ttrss_user_entries.int_id AND
 399                                 unread = true AND ref_id = ttrss_entries.id
 400                                 AND ttrss_tags.owner_uid = '$owner_uid' GROUP BY tag_name
 401                         UNION
 402                                 select tag_name,0 as count FROM ttrss_tags WHERE owner_uid = '$owner_uid'
 403                         ORDER BY tag_name"); */
 404
 405                         $result = db_query($link, "SELECT tag_name,SUM((SELECT COUNT(int_id)
 406                                 FROM ttrss_user_entries WHERE int_id = post_int_id
 407                                         AND unread = true)) AS count FROM ttrss_tags
 408                                 WHERE owner_uid = 2 GROUP BY tag_name ORDER BY tag_name");
 409
 410                         $tags = array();
 411
 412                         while ($line = db_fetch_assoc($result)) {
 413                                 $tags[$line["tag_name"]] += $line["count"];
 414                         }
 415
 416                         foreach (array_keys($tags) as $tag) {
 417
 418                                 $unread = $tags[$tag];
 419
 420                                 $class = "tag";
 421
 422                                 if ($unread > 0) {
 423                                         $class .= "Unread";
 424                                 }
 425
 426                                 printFeedEntry($tag, $class, $tag, $unread, "images/tag.png", $link);
 427
 428                         }
 429
 430                 }
 431
 432                 if (db_num_rows($result) == 0) {
 433                         if ($tags) {
 434                                 $what = "tags";
 435                         } else {
 436                                 $what = "feeds";
 437                         }
 438                         print "<li>No $what to display.</li>";
 439                 }
 440
 441                 print "</ul>";
 442
 443 #               print '
 444 #                       <script type="text/javascript">
 445 #                               /* for IE */
 446 #                               function statechange() {
 447 #                                       if (document.readyState == "interactive") init();
 448 #                               }
 449 #
 450 #                               if (document.readyState) {
 451 #                                       if (document.readyState == "interactive" || document.readyState == "complete") {
 452 #                                               init();
 453 #                                       } else {
 454 #                                               document.onreadystatechange = statechange;
 455 #                                       }
 456 #                               }
 457 #                       </script></body></html>';
 458         }
 459
 460
 461         if ($op == "rpc") {
 462                 handle_rpc_request($link);
 463         }
 464
 465         if ($op == "feeds") {
 466
 467                 $tags = $_GET["tags"];
 468
 469                 $subop = $_GET["subop"];
 470
 471                 if ($subop == "catchupAll") {
 472                         db_query($link, "UPDATE ttrss_user_entries SET
 473                                 last_read = NOW(),unread = false WHERE owner_uid = " . $_SESSION["uid"]);
 474                 }
 475
 476                 if ($subop == "collapse") {
 477                         $cat_id = db_escape_string($_GET["cid"]);
 478
 479                         db_query($link, "UPDATE ttrss_feed_categories SET
 480                                 collapsed = NOT collapsed WHERE id = '$cat_id' AND owner_uid = " .
 481                                 $_SESSION["uid"]);
 482                         return;
 483                 }
 484
 485                 outputFeedList($link, $tags);
 486
 487         }
 488
 489         if ($op == "view") {
 490
 491                 $id = db_escape_string($_GET["id"]);
 492                 $feed_id = db_escape_string($_GET["feed"]);
 493
 494                 $result = db_query($link, "SELECT rtl_content FROM ttrss_feeds
 495                         WHERE id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]);
 496
 497                 if (db_num_rows($result) == 1) {
 498                         $rtl_content = sql_bool_to_bool(db_fetch_result($result, 0, "rtl_content"));
 499                 } else {
 500                         $rtl_content = false;
 501                 }
 502
 503                 if ($rtl_content) {
 504                         $rtl_tag = "dir=\"RTL\"";
 505                         $rtl_class = "RTL";
 506                 } else {
 507                         $rtl_tag = "";
 508                         $rtl_class = "";
 509                 }
 510
 511                 $result = db_query($link, "UPDATE ttrss_user_entries
 512                         SET unread = false,last_read = NOW()
 513                         WHERE ref_id = '$id' AND feed_id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]);
 514
 515                 $result = db_query($link, "SELECT title,link,content,feed_id,comments,int_id,
 516                         SUBSTRING(updated,1,16) as updated,
 517                         (SELECT icon_url FROM ttrss_feeds WHERE id = feed_id) as icon_url,
 518                         num_comments,
 519                         author
 520                         FROM ttrss_entries,ttrss_user_entries
 521                         WHERE   id = '$id' AND ref_id = id AND owner_uid = " . $_SESSION["uid"]);
 522
 523 /*              print "<html><head>
 524                         <title>Tiny Tiny RSS : Article $id</title>
 525                         <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">";
 526
 527                 $user_theme = $_SESSION["theme"];
 528                 if ($user_theme) {
 529                         print "<link rel=\"stylesheet\" type=\"text/css\"
 530                                 href=\"themes/$user_theme/theme.css\">";
 531                 }
 532
 533                 if (get_pref($link, 'USE_COMPACT_STYLESHEET')) {
 534                         print "<link rel=\"stylesheet\" type=\"text/css\"
 535                                 href=\"tt-rss_compact.css\"/>";
 536                 } else {
 537                         print "<link title=\"Compact Stylesheet\" rel=\"alternate stylesheet\"
 538                                         type=\"text/css\" href=\"tt-rss_compact.css\"/>";
 539                 }
 540
 541                 $script_dt_add = get_script_dt_add();
 542
 543                 print "
 544                         <script type=\"text/javascript\" src=\"prototype.js\"></script>
 545                         <script type=\"text/javascript\" src=\"functions.js?$script_dt_add\"></script>
 546                         <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
 547                         </head><body $rtl_tag>"; */
 548
 549                 if ($result) {
 550
 551                         $link_target = "";
 552
 553                         if (get_pref($link, 'OPEN_LINKS_IN_NEW_WINDOW')) {
 554                                 $link_target = "target=\"_new\"";
 555                         }
 556
 557                         $line = db_fetch_assoc($result);
 558
 559                         if ($line["icon_url"]) {
 560                                 $feed_icon = "<img class=\"feedIcon\" src=\"" . $line["icon_url"] . "\">";
 561                         } else {
 562                                 $feed_icon = "&nbsp;";
 563                         }
 564
 565 /*                      if ($line["comments"] && $line["link"] != $line["comments"]) {
 566                                 $entry_comments = "(<a href=\"".$line["comments"]."\">Comments</a>)";
 567                         } else {
 568                                 $entry_comments = "";
 569                         } */
 570
 571                         $num_comments = $line["num_comments"];
 572                         $entry_comments = "";
 573
 574                         if ($num_comments > 0) {
 575                                 if ($line["comments"]) {
 576                                         $comments_url = $line["comments"];
 577                                 } else {
 578                                         $comments_url = $line["link"];
 579                                 }
 580                                 $entry_comments = "<a $link_target href=\"$comments_url\">$num_comments comments</a>";
 581                         } else {
 582                                 if ($line["comments"] && $line["link"] != $line["comments"]) {
 583                                         $entry_comments = "<a $link_target href=\"".$line["comments"]."\">comments</a>";
 584                                 }
 585                         }
 586
 587                         print "<div class=\"postReply\">";
 588
 589                         print "<div class=\"postHeader\"><table width=\"100%\">";
 590
 591                         $entry_author = $line["author"];
 592
 593                         if ($entry_author) {
 594                                 $entry_author = " - by $entry_author";
 595                         }
 596
 597                         if ($line["link"]) {
 598                                 print "<tr><td><a $link_target href=\"" . $line["link"] . "\">" .
 599                                         $line["title"] . "</a>$entry_author</td>";
 600                         } else {
 601                                 print "<tr><td>" . $line["title"] . "$entry_author</td>";
 602                         }
 603
 604                         $parsed_updated = date(get_pref($link, 'LONG_DATE_FORMAT'),
 605                                 strtotime($line["updated"]));
 606
 607                         print "<td class=\"postDate$rtl_class\">$parsed_updated</td>";
 608
 609                         print "</tr>";
 610
 611                         $tmp_result = db_query($link, "SELECT DISTINCT tag_name FROM
 612                                 ttrss_tags WHERE post_int_id = " . $line["int_id"] . "
 613                                 ORDER BY tag_name");
 614
 615                         $tags_str = "";
 616                         $f_tags_str = "";
 617
 618                         $num_tags = 0;
 619
 620                         while ($tmp_line = db_fetch_assoc($tmp_result)) {
 621                                 $num_tags++;
 622                                 $tag = $tmp_line["tag_name"];
 623                                 $tag_str = "<a href=\"javascript:parent.viewfeed('$tag')\">$tag</a>, ";
 624
 625                                 if ($num_tags == 5) {
 626                                         $tags_str .= "<a href=\"javascript:showBlockElement('allEntryTags')\">...</a>";
 627                                 } else if ($num_tags < 5) {
 628                                         $tags_str .= $tag_str;
 629                                 }
 630                                 $f_tags_str .= $tag_str;
 631                         }
 632
 633                         $tags_str = preg_replace("/, $/", "", $tags_str);
 634                         $f_tags_str = preg_replace("/, $/", "", $f_tags_str);
 635
 636 //                      $truncated_link = truncate_string($line["link"], 60);
 637
 638                         if ($tags_str || $entry_comments) {
 639                                 print "<tr><td width='50%'>
 640                                         $entry_comments</td>
 641                                         <td align=\"right\">$tags_str</td></tr>";
 642                         }
 643
 644                         print "</table></div>";
 645
 646                         print "<div class=\"postIcon\">" . $feed_icon . "</div>";
 647                         print "<div class=\"postContent\">";
 648
 649                         if (db_num_rows($tmp_result) > 5) {
 650                                 print "<div id=\"allEntryTags\">Tags: $f_tags_str</div>";
 651                         }
 652
 653                         if (get_pref($link, 'OPEN_LINKS_IN_NEW_WINDOW')) {
 654                                 $line["content"] = preg_replace("/href=/i", "target=\"_new\" href=", $line["content"]);
 655                         }
 656
 657                         $line["content"] = sanitize_rss($line["content"]);
 658
 659                         print $line["content"] . "</div>";
 660
 661                         print "</div>";
 662
 663                         print "<script type=\"text/javascript\">
 664                                 try {
 665                                         parent.update_all_counters('$feed_id');
 666                                 } catch (e) {
 667                                         exception_error('view/footer', e);
 668                                 }
 669                         </script>";
 670                 }
 671
 672 //              print "</body></html>";
 673         }
 674
 675         if ($op == "viewfeed") {
 676
 677                 $feed = db_escape_string($_GET["feed"]);
 678                 $subop = db_escape_string($_GET["subop"]);
 679                 $view_mode = db_escape_string($_GET["view_mode"]);
 680                 $limit = db_escape_string($_GET["limit"]);
 681                 $cat_view = db_escape_string($_GET["cat"]);
 682                 $next_unread_feed = db_escape_string($_GET["nuf"]);
 683
 684                 if ($subop == "undefined") $subop = "";
 685
 686 /*              print "<html><head>
 687                         <title>Tiny Tiny RSS : Feed $feed</title>
 688                         <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">";
 689
 690                 $user_theme = $_SESSION["theme"];
 691                 if ($user_theme) {
 692                         print "<link rel=\"stylesheet\" type=\"text/css\"
 693                                 href=\"themes/$user_theme/theme.css\">";
 694                 }
 695
 696                 if (get_pref($link, 'USE_COMPACT_STYLESHEET')) {
 697                         print "<link rel=\"stylesheet\"
 698                                         type=\"text/css\" href=\"tt-rss_compact.css\"/>";
 699
 700                 } else {
 701                         print "<link title=\"Compact Stylesheet\" rel=\"alternate stylesheet\"
 702                                         type=\"text/css\" href=\"tt-rss_compact.css\"/>";
 703                 } */
 704
 705                 if ($subop == "CatchupSelected") {
 706                         $ids = split(",", db_escape_string($_GET["ids"]));
 707                         $cmode = sprintf("%d", $_GET["cmode"]);
 708
 709                         catchupArticlesById($link, $ids, $cmode);
 710                 }
 711
 712                 if ($subop == "ForceUpdate" && sprintf("%d", $feed) > 0) {
 713                         update_generic_feed($link, $feed, $cat_view);
 714                 }
 715
 716                 if ($subop == "MarkAllRead")  {
 717                         catchup_feed($link, $feed, $cat_view);
 718
 719                         if (get_pref($link, 'ON_CATCHUP_SHOW_NEXT_FEED')) {
 720                                 if ($next_unread_feed) {
 721                                         $feed = $next_unread_feed;
 722                                 }
 723                         }
 724                 }
 725
 726                 if ($feed_id > 0) {
 727                         $result = db_query($link,
 728                                 "SELECT id FROM ttrss_feeds WHERE id = '$feed' LIMIT 1");
 729
 730                         if (db_num_rows($result) == 0) {
 731                                 print "<div align='center'>
 732                                         Feed not found.</div>";
 733                                 return;
 734                         }
 735                 }
 736
 737                 if (preg_match("/^-?[0-9][0-9]*$/", $feed) != false) {
 738
 739                         $result = db_query($link, "SELECT rtl_content FROM ttrss_feeds
 740                                 WHERE id = '$feed' AND owner_uid = " . $_SESSION["uid"]);
 741
 742                         if (db_num_rows($result) == 1) {
 743                                 $rtl_content = sql_bool_to_bool(db_fetch_result($result, 0, "rtl_content"));
 744                         } else {
 745                                 $rtl_content = false;
 746                         }
 747
 748                         if ($rtl_content) {
 749                                 $rtl_tag = "dir=\"RTL\"";
 750                         } else {
 751                                 $rtl_tag = "";
 752                         }
 753                 } else {
 754                         $rtl_tag = "";
 755                         $rtl_content = false;
 756                 }
 757
 758                 $script_dt_add = get_script_dt_add();
 759
 760 /*              print "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
 761                         <script type=\"text/javascript\" src=\"prototype.js\"></script>
 762                         <script type=\"text/javascript\" src=\"functions.js?$script_dt_add\"></script>
 763                         <script type=\"text/javascript\" src=\"viewfeed.js?$script_dt_add\"></script>
 764                         <!--[if gte IE 5.5000]>
 765                         <script type=\"text/javascript\" src=\"pngfix.js\"></script>
 766                         <link rel=\"stylesheet\" type=\"text/css\" href=\"tt-rss-ie.css\">
 767                         <![endif]-->
 768                         </head><body $rtl_tag>
 769                         <script type=\"text/javascript\">
 770                         if (document.addEventListener) {
 771                                 document.addEventListener(\"DOMContentLoaded\", init, null);
 772                         }
 773                         window.onload = init;
 774                         </script>"; */
 775
 776                 /// START /////////////////////////////////////////////////////////////////////////////////
 777
 778                 $search = db_escape_string($_GET["query"]);
 779                 $search_mode = db_escape_string($_GET["search_mode"]);
 780                 $match_on = db_escape_string($_GET["match_on"]);
 781
 782                 if (!$match_on) {
 783                         $match_on = "both";
 784                 }
 785
 786                 $qfh_ret = queryFeedHeadlines($link, $feed, $limit, $view_mode, $cat_view, $search, $search_mode, $match_on);
 787
 788                 $result = $qfh_ret[0];
 789                 $feed_title = $qfh_ret[1];
 790                 $feed_site_url = $qfh_ret[2];
 791                 $last_error = $qfh_ret[3];
 792
 793                 /// STOP //////////////////////////////////////////////////////////////////////////////////
 794
 795                 print "<div id=\"headlinesContainer\">";
 796
 797                 if (!$result) {
 798                         print "<div align='center'>
 799                                 Could not display feed (query failed). Please check label match syntax or local configuration.</div>";
 800                         return;
 801                 }
 802
 803                 function print_headline_subtoolbar($link, $feed_site_url, $feed_title,
 804                         $bottom = false, $rtl_content = false, $feed_id = 0,
 805                         $is_cat = false, $search = false, $match_on = false,
 806                         $search_mode = false) {
 807
 808                         if (!$bottom) {
 809                                 $class = "headlinesSubToolbar";
 810                                 $tid = "headlineActionsTop";
 811                         } else {
 812                                 $class = "headlinesSubToolbar";
 813                                 $tid = "headlineActionsBottom";
 814                         }
 815
 816                         print "<table class=\"$class\" id=\"$tid\"
 817                                 width=\"100%\" cellspacing=\"0\" cellpadding=\"0\"><tr>";
 818
 819                         if ($rtl_content) {
 820                                 $rtl_cpart = "RTL";
 821                         } else {
 822                                 $rtl_cpart = "";
 823                         }
 824
 825                         if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
 826
 827                                 print "<td class=\"headlineActions$rtl_cpart\">
 828                                         Select:
 829                                                                 <a href=\"javascript:selectTableRowsByIdPrefix('headlinesList', 'RROW-', 'RCHK-', true, '', true)\">All</a>,
 830                                                                 <a href=\"javascript:selectTableRowsByIdPrefix('headlinesList', 'RROW-', 'RCHK-', true, 'Unread', true)\">Unread</a>,
 831                                                                 <a href=\"javascript:selectTableRowsByIdPrefix('headlinesList', 'RROW-', 'RCHK-', false)\">None</a>
 832                                                 &nbsp;&nbsp;
 833                                                 Toggle: <a href=\"javascript:selectionToggleUnread()\">Unread</a>,
 834                                                         <a href=\"javascript:selectionToggleMarked()\">Starred</a>";
 835
 836                                 print "</td>";
 837
 838                                 if ($search && $feed_id > 0 && get_pref($link, 'ENABLE_LABELS') && GLOBAL_ENABLE_LABELS) {
 839                                         print "<td class=\"headlineActions$rtl_cpart\">
 840                                                 <a href=\"javascript:labelFromSearch('$search', '$search_mode',
 841                                                                 '$match_on', '$feed_id', '$is_cat');\">
 842                                                         Convert this search to label</a></td>";
 843                                 }
 844
 845                         } else {
 846
 847                                 print "<td class=\"headlineActions$rtl_cpart\">
 848                                         Select:
 849                                                                 <a href=\"javascript:cdmSelectArticles('all')\">All</a>,
 850                                                                 <a href=\"javascript:cdmSelectArticles('unread')\">Unread</a>,
 851                                                                 <a href=\"javascript:cdmSelectArticles('none')\">None</a>
 852                                                 &nbsp;&nbsp;
 853                                                 Toggle: <a href=\"javascript:selectionToggleUnread(true)\">Unread</a>,
 854                                                                 <a href=\"javascript:selectionToggleMarked(true)\">Starred</a>";
 855
 856                                 print "</td>";
 857
 858                         }
 859
 860                         print "<td class=\"headlineTitle$rtl_cpart\">";
 861
 862                         if ($feed_site_url) {
 863                                 if (!$bottom) {
 864                                         $target = "target=\"_blank\"";
 865                                 }
 866                                 print "<a $target href=\"$feed_site_url\">$feed_title</a>";
 867                         } else {
 868                                 print $feed_title;
 869                         }
 870
 871                         if ($search) {
 872                                 $search_q = "&q=$search&m=$match_on&smode=$search_mode";
 873                         }
 874
 875                         if (!$bottom) {
 876                                 print "&nbsp;
 877                                         <a target=\"_new\"
 878                                                 href=\"backend.php?op=rss&id=$feed_id&is_cat=$is_cat$search_q\">
 879                                                 <img class=\"noborder\"
 880                                                         alt=\"Generated feed\" src=\"images/feed-icon-12x12.png\">
 881                                         </a>";
 882                         }
 883
 884                         print "</td>";
 885                         print "</tr></table>";
 886
 887                 }
 888
 889                 if (db_num_rows($result) > 0) {
 890
 891                         print_headline_subtoolbar($link, $feed_site_url, $feed_title, false,
 892                                 $rtl_content, $feed, $cat_view, $search, $match_on, $search_mode);
 893
 894                         if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
 895                                 print "<table class=\"headlinesList\" id=\"headlinesList\"
 896                                         cellspacing=\"0\" width=\"100%\">";
 897                         }
 898
 899                         $lnum = 0;
 900
 901                         error_reporting (DEFAULT_ERROR_LEVEL);
 902
 903                         $num_unread = 0;
 904
 905                         while ($line = db_fetch_assoc($result)) {
 906
 907                                 $class = ($lnum % 2) ? "even" : "odd";
 908
 909                                 $id = $line["id"];
 910                                 $feed_id = $line["feed_id"];
 911
 912                                 if ($line["last_read"] == "" &&
 913                                                 ($line["unread"] != "t" && $line["unread"] != "1")) {
 914
 915                                         $update_pic = "<img id='FUPDPIC-$id' src=\"images/updated.png\"
 916                                                 alt=\"Updated\">";
 917                                 } else {
 918                                         $update_pic = "<img id='FUPDPIC-$id' src=\"images/blank_icon.gif\"
 919                                                 alt=\"Updated\">";
 920                                 }
 921
 922                                 if ($line["unread"] == "t" || $line["unread"] == "1") {
 923                                         $class .= "Unread";
 924                                         ++$num_unread;
 925                                         $is_unread = true;
 926                                 } else {
 927                                         $is_unread = false;
 928                                 }
 929
 930                                 if ($line["marked"] == "t" || $line["marked"] == "1") {
 931                                         $marked_pic = "<img id=\"FMARKPIC-$id\" src=\"images/mark_set.png\"
 932                                                 alt=\"Reset mark\" onclick='javascript:toggleMark($id)'>";
 933                                 } else {
 934                                         $marked_pic = "<img id=\"FMARKPIC-$id\" src=\"images/mark_unset.png\"
 935                                                 alt=\"Set mark\" onclick='javascript:toggleMark($id)'>";
 936                                 }
 937
 938 #                               $content_link = "<a target=\"_new\" href=\"".$line["link"]."\">" .
 939 #                                       $line["title"] . "</a>";
 940
 941                                 $content_link = "<a href=\"javascript:view($id,$feed_id);\">" .
 942                                         $line["title"] . "</a>";
 943
 944 #                               $content_link = "<a href=\"javascript:viewContentUrl('".$line["link"]."');\">" .
 945 #                                       $line["title"] . "</a>";
 946
 947                                 if (get_pref($link, 'HEADLINES_SMART_DATE')) {
 948                                         $updated_fmt = smart_date_time(strtotime($line["updated"]));
 949                                 } else {
 950                                         $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
 951                                         $updated_fmt = date($short_date, strtotime($line["updated"]));
 952                                 }
 953
 954                                 if (get_pref($link, 'SHOW_CONTENT_PREVIEW')) {
 955                                         $content_preview = truncate_string(strip_tags($line["content_preview"]),
 956                                                 100);
 957                                 }
 958
 959                                 if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
 960
 961                                         print "<tr class='$class' id='RROW-$id'>";
 962
 963                                         print "<td class='hlUpdatePic'>$update_pic</td>";
 964
 965                                         print "<td class='hlSelectRow'>
 966                                                 <input type=\"checkbox\" onclick=\"toggleSelectRow(this)\"
 967                                                         class=\"feedCheckBox\" id=\"RCHK-$id\">
 968                                                 </td>";
 969
 970                                         print "<td class='hlMarkedPic'>$marked_pic</td>";
 971
 972                                         if ($line["feed_title"]) {
 973                                                 print "<td class='hlContent'>$content_link</td>";
 974                                                 print "<td class='hlFeed'>
 975                                                         <a href='javascript:viewfeed($feed_id)'>".
 976                                                                 $line["feed_title"]."</a>&nbsp;</td>";
 977                                         } else {
 978                                                 print "<td class='hlContent' valign='middle'>";
 979
 980                                                 print "<a href=\"javascript:view($id,$feed_id);\">" .
 981                                                         $line["title"];
 982
 983                                                 if (get_pref($link, 'SHOW_CONTENT_PREVIEW') && !$rtl_tag) {
 984                                                         if ($content_preview) {
 985                                                                 print "<span class=\"contentPreview\"> - $content_preview</span>";
 986                                                         }
 987                                                 }
 988
 989                                                 print "</a>";
 990                                                 print "</td>";
 991                                         }
 992
 993                                         print "<td class=\"hlUpdated\"><nobr>$updated_fmt&nbsp;</nobr></td>";
 994
 995                                         print "</tr>";
 996
 997                                 } else {
 998
 999                                         if ($is_unread) {
1000                                                 $add_class = "Unread";
1001                                         } else {
1002                                                 $add_class = "";
1003                                         }
1004
1005                                         print "<div class=\"cdmArticle$add_class\" id=\"RROW-$id\">";
1006
1007                                         print "<div class=\"cdmHeader\">";
1008
1009                                         print "<div style=\"float : right\">$updated_fmt,
1010                                                 <a class=\"cdmToggleLink\"
1011                                                         href=\"javascript:toggleUnread($id)\">Toggle unread</a>
1012                                         </div>";
1013
1014                                         print "<a class=\"title\"
1015                                                 onclick=\"javascript:toggleUnread($id, 0)\"
1016                                                 target=\"new\" href=\"".$line["link"]."\">".$line["title"]."</a>";
1017
1018                                         if ($line["feed_title"]) {
1019                                                 print "&nbsp;(<a href='javascript:viewfeed($feed_id)'>".$line["feed_title"]."</a>)";
1020                                         }
1021
1022                                         print "</div>";
1023
1024                                         print "<div class=\"cdmContent\">" . $line["content_preview"] . "</div><br clear=\"all\">";
1025
1026                                         print "<div style=\"float : right\">$marked_pic</div>
1027                                                 <div lass=\"cdmFooter\">
1028                                                         <input type=\"checkbox\" onclick=\"toggleSelectRowById(this,
1029                                                         'RROW-$id')\" class=\"feedCheckBox\" id=\"RCHK-$id\"></div>";
1030
1031 #                                       print "<div align=\"center\"><a class=\"cdmToggleLink\"
1032 #                                                       href=\"javascript:toggleUnread($id)\">
1033 #                                                       Toggle unread</a></div>";
1034
1035                                         print "</div>";
1036
1037                                 }
1038
1039                                 ++$lnum;
1040                         }
1041
1042                         if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
1043                                 print "</table>";
1044                         }
1045
1046                         print_headline_subtoolbar($link,
1047                                 "javascript:catchupPage()", "Mark page as read", true, $rtl_content);
1048
1049
1050                 } else {
1051                         print "<div width='100%' align='center'>No articles found.</div>";
1052                 }
1053
1054                 print "</div>";
1055
1056 #               print "
1057 #                       <script type=\"text/javascript\">
1058 #                               try {
1059 #                                       document.onkeydown = hotkey_handler;
1060 #                                       try {
1061 #                                               parent.update_all_counters(\"$feed\");
1062 #                                       } catch (e) {
1063 #                                               // this is workaround against mysterious permission
1064 #                                               // denied feature/bug of firefox (ticket #73)
1065 #                                               // if call from this context failed - ignore silently
1066 #                                               exception_error(\"viewfeed/footer1/counters\", e, true);
1067 #                                       }
1068 #                               } catch (e) {
1069 #                                       exception_error(\"viewfeed/footer1\", e);
1070 #                               }
1071 #
1072 #                               /* for IE */
1073 #                               function statechange() {
1074 #                                       if (document.readyState == \"interactive\") init();
1075 #                               }
1076 #
1077 #                               if (document.readyState) {
1078 #                                       if (document.readyState == \"interactive\" || document.readyState == \"complete\") {
1079 #                                               init();
1080 #                                       } else {
1081 #                                               document.onreadystatechange = statechange;
1082 #                                       }
1083 #                               }
1084 #                       </script>";
1085 #
1086 #               print "</body></html>";
1087         }
1088
1089         if ($op == "pref-feeds") {
1090
1091                 $subop = $_REQUEST["subop"];
1092                 $quiet = $_REQUEST["quiet"];
1093
1094                 if ($subop == "massSubscribe") {
1095                         $ids = split(",", db_escape_string($_GET["ids"]));
1096
1097                         $subscribed = array();
1098
1099                         foreach ($ids as $id) {
1100                                 $result = db_query($link, "SELECT feed_url,title FROM ttrss_feeds
1101                                         WHERE id = '$id'");
1102
1103                                 $feed_url = db_escape_string(db_fetch_result($result, 0, "feed_url"));
1104                                 $title = db_escape_string(db_fetch_result($result, 0, "title"));
1105
1106                                 $title_orig = db_fetch_result($result, 0, "title");
1107
1108                                 $result = db_query($link, "SELECT id FROM ttrss_feeds WHERE
1109                                         feed_url = '$feed_url' AND owner_uid = " . $_SESSION["uid"]);
1110
1111                                 if (db_num_rows($result) == 0) {
1112                                         $result = db_query($link,
1113                                                 "INSERT INTO ttrss_feeds (owner_uid,feed_url,title,cat_id)
1114                                                 VALUES ('".$_SESSION["uid"]."', '$feed_url', '$title', NULL)");
1115
1116                                         array_push($subscribed, $title_orig);
1117                                 }
1118                         }
1119
1120                         if (count($subscribed) > 0) {
1121                                 print "<div class=\"notice\">";
1122                                 print "<b>Subscribed to feeds:</b>";
1123                                 print "<ul class=\"nomarks\">";
1124                                 foreach ($subscribed as $title) {
1125                                         print "<li>$title</li>";
1126                                 }
1127                                 print "</ul>";
1128                                 print "</div>";
1129                         }
1130                 }
1131
1132                 if ($subop == "browse") {
1133
1134                         if (!ENABLE_FEED_BROWSER) {
1135                                 print "Feed browser is administratively disabled.";
1136                                 return;
1137                         }
1138
1139                         print "<div id=\"infoBoxTitle\">Other feeds: Top 25</div>";
1140
1141                         print "<div class=\"infoBoxContents\">";
1142
1143                         print "<p>Showing top 25 registered feeds, sorted by popularity:</p>";
1144
1145 #                       $result = db_query($link, "SELECT feed_url,count(id) AS subscribers
1146 #                               FROM ttrss_feeds
1147 #                               WHERE auth_login = '' AND auth_pass = '' AND private = false
1148 #                               GROUP BY feed_url ORDER BY subscribers DESC LIMIT 25");
1149
1150                         $owner_uid = $_SESSION["uid"];
1151
1152                         $result = db_query($link, "SELECT feed_url,COUNT(id) AS subscribers
1153                                 FROM ttrss_feeds WHERE (SELECT COUNT(id) = 0 FROM ttrss_feeds AS tf
1154                                         WHERE tf.feed_url = ttrss_feeds.feed_url
1155                                                 AND owner_uid = '$owner_uid') GROUP BY feed_url
1156                                                         ORDER BY subscribers DESC LIMIT 25");
1157
1158                         print "<ul class='browseFeedList' id='browseFeedList'>";
1159
1160                         $feedctr = 0;
1161
1162                         while ($line = db_fetch_assoc($result)) {
1163                                 $feed_url = $line["feed_url"];
1164                                 $subscribers = $line["subscribers"];
1165
1166                                 $det_result = db_query($link, "SELECT site_url,title,id
1167                                         FROM ttrss_feeds WHERE feed_url = '$feed_url' LIMIT 1");
1168
1169                                 $details = db_fetch_assoc($det_result);
1170
1171                                 $icon_file = ICONS_DIR . "/" . $details["id"] . ".ico";
1172
1173                                 if (file_exists($icon_file) && filesize($icon_file) > 0) {
1174                                                 $feed_icon = "<img class=\"tinyFeedIcon\"       src=\"" . ICONS_URL .
1175                                                         "/".$details["id"].".ico\">";
1176                                 } else {
1177                                         $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
1178                                 }
1179
1180                                 $check_box = "<input onclick='toggleSelectListRow(this)' class='feedBrowseCB'
1181                                         type=\"checkbox\" id=\"FBCHK-" . $details["id"] . "\">";
1182
1183                                 $class = ($feedctr % 2) ? "even" : "odd";
1184
1185                                 print "<li class='$class' id=\"FBROW-".$details["id"]."\">$check_box".
1186                                         "$feed_icon " . db_unescape_string($details["title"]) .
1187                                         "&nbsp;<span class='subscribers'>($subscribers)</span></li>";
1188
1189                                         ++$feedctr;
1190                         }
1191
1192                         if ($feedctr == 0) {
1193                                 print "<li>No feeds found to subscribe.</li>";
1194                         }
1195
1196                         print "</ul>";
1197
1198                         print "<div align='center'>
1199                                 <input type=\"submit\" class=\"button\"
1200                                 onclick=\"feedBrowserSubscribe()\" value=\"Subscribe\">
1201                                 <input type='submit' class='button'
1202                                 onclick=\"closeInfoBox()\" value=\"Cancel\"></div>";
1203
1204                         print "</div>";
1205                         return;
1206                 }
1207
1208                 if ($subop == "editfeed") {
1209                         $feed_id = db_escape_string($_REQUEST["id"]);
1210
1211                         $result = db_query($link,
1212                                 "SELECT * FROM ttrss_feeds WHERE id = '$feed_id' AND
1213                                         owner_uid = " . $_SESSION["uid"]);
1214
1215                         $title = htmlspecialchars(db_unescape_string(db_fetch_result($result,
1216                                 0, "title")));
1217
1218                         $icon_file = ICONS_DIR . "/$feed_id.ico";
1219
1220                         if (file_exists($icon_file) && filesize($icon_file) > 0) {
1221                                         $feed_icon = "<img width=\"16\" height=\"16\"
1222                                                 src=\"" . ICONS_URL . "/$feed_id.ico\">";
1223                         } else {
1224                                 $feed_icon = "";
1225                         }
1226
1227                         print "<div id=\"infoBoxTitle\">Feed editor</div>";
1228
1229                         print "<div class=\"infoBoxContents\">";
1230
1231                         print "<form id=\"edit_feed_form\">";
1232
1233                         print "<input type=\"hidden\" name=\"id\" value=\"$feed_id\">";
1234                         print "<input type=\"hidden\" name=\"op\" value=\"pref-feeds\">";
1235                         print "<input type=\"hidden\" name=\"subop\" value=\"editSave\">";
1236
1237                         print "<table width='100%'>";
1238
1239                         print "<tr><td>Title:</td>";
1240                         print "<td><input class=\"iedit\" onkeypress=\"return filterCR(event)\"
1241                                 name=\"title\" value=\"$title\"></td></tr>";
1242
1243                         $feed_url = db_fetch_result($result, 0, "feed_url");
1244                         $feed_url = htmlspecialchars(db_unescape_string(db_fetch_result($result,
1245                                 0, "feed_url")));
1246
1247                         print "<tr><td>Feed URL:</td>";
1248                         print "<td><input class=\"iedit\" onkeypress=\"return filterCR(event)\"
1249                                 name=\"feed_url\" value=\"$feed_url\"></td></tr>";
1250
1251                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
1252
1253                                 $cat_id = db_fetch_result($result, 0, "cat_id");
1254
1255                                 print "<tr><td>Category:</td>";
1256                                 print "<td>";
1257
1258                                 $parent_feed = db_fetch_result($result, 0, "parent_feed");
1259
1260                                 if (sprintf("%d", $parent_feed) > 0) {
1261                                         $disabled = "disabled";
1262                                 } else {
1263                                         $disabled = "";
1264                                 }
1265
1266                                 print_feed_cat_select($link, "cat_id", $cat_id, "class=\"iedit\" $disabled");
1267
1268                                 print "</td>";
1269                                 print "</td></tr>";
1270
1271                         }
1272
1273                         $update_interval = db_fetch_result($result, 0, "update_interval");
1274
1275                         print "<tr><td>Update Interval:</td>";
1276
1277                         print "<td>";
1278
1279                         print_select_hash("update_interval", $update_interval, $update_intervals,
1280                                 "class=\"iedit\"");
1281
1282                         print "</td>";
1283
1284                         print "<tr><td>Link to:</td><td>";
1285
1286                         $tmp_result = db_query($link, "SELECT COUNT(id) AS count
1287                                 FROM ttrss_feeds WHERE parent_feed = '$feed_id'");
1288
1289                         $linked_count = db_fetch_result($tmp_result, 0, "count");
1290
1291                         $parent_feed = db_fetch_result($result, 0, "parent_feed");
1292
1293                         if ($linked_count > 0) {
1294                                 $disabled = "disabled";
1295                         } else {
1296                                 $disabled = "";
1297                         }
1298
1299                         print "<select class=\"iedit\" $disabled name=\"parent_feed\">";
1300
1301                         print "<option value=\"0\">Not linked</option>";
1302
1303                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
1304                                 if ($cat_id) {
1305                                         $cat_qpart = "AND cat_id = '$cat_id'";
1306                                 } else {
1307                                         $cat_qpart = "AND cat_id IS NULL";
1308                                 }
1309                         }
1310
1311                         $tmp_result = db_query($link, "SELECT id,title FROM ttrss_feeds
1312                                 WHERE id != '$feed_id' AND owner_uid = ".$_SESSION["uid"]." AND
1313                                         (SELECT COUNT(id) FROM ttrss_feeds AS T2 WHERE T2.id = ttrss_feeds.parent_feed) = 0
1314                                         $cat_qpart ORDER BY title");
1315
1316                                 if (db_num_rows($tmp_result) > 0) {
1317                                         print "<option disabled>--------</option>";
1318                                 }
1319
1320                                 while ($tmp_line = db_fetch_assoc($tmp_result)) {
1321                                         if ($tmp_line["id"] == $parent_feed) {
1322                                                 $is_selected = "selected";
1323                                         } else {
1324                                                 $is_selected = "";
1325                                         }
1326                                         printf("<option $is_selected value='%d'>%s</option>",
1327                                                 $tmp_line["id"], $tmp_line["title"]);
1328                                 }
1329
1330                         print "</select>";
1331                         print "</td></tr>";
1332
1333                         $purge_interval = db_fetch_result($result, 0, "purge_interval");
1334
1335                         print "<tr><td>Article purging:</td>";
1336
1337                         print "<td>";
1338
1339                         print_select_hash("purge_interval", $purge_interval, $purge_intervals,
1340                                 "class=\"iedit\"");
1341
1342                         print "</td>";
1343
1344                         $auth_login = escape_for_form(db_fetch_result($result, 0, "auth_login"));
1345
1346                         print "<tr><td>Login:</td>";
1347                         print "<td><input class=\"iedit\" onkeypress=\"return filterCR(event)\"
1348                                 name=\"auth_login\" value=\"$auth_login\"></td></tr>";
1349
1350                         $auth_pass = escape_for_form(db_fetch_result($result, 0, "auth_pass"));
1351
1352                         print "<tr><td>Password:</td>";
1353                         print "<td><input class=\"iedit\" type=\"password\" name=\"auth_pass\"
1354                                 onkeypress=\"return filterCR(event)\"
1355                                 value=\"$auth_pass\"></td></tr>";
1356
1357                         $private = sql_bool_to_bool(db_fetch_result($result, 0, "private"));
1358
1359                         if ($private) {
1360                                 $checked = "checked";
1361                         } else {
1362                                 $checked = "";
1363                         }
1364
1365                         print "<tr><td valign='top'>Options:</td>";
1366                         print "<td><input type=\"checkbox\" name=\"private\" id=\"private\"
1367                                 $checked><label for=\"private\">Hide from \"Other Feeds\"</label>";
1368
1369                         $rtl_content = sql_bool_to_bool(db_fetch_result($result, 0, "rtl_content"));
1370
1371                         if ($rtl_content) {
1372                                 $checked = "checked";
1373                         } else {
1374                                 $checked = "";
1375                         }
1376
1377                         print "<br><input type=\"checkbox\" id=\"rtl_content\" name=\"rtl_content\"
1378                                 $checked><label for=\"rtl_content\">Right-to-left content</label>";
1379
1380                         $hidden = sql_bool_to_bool(db_fetch_result($result, 0, "hidden"));
1381
1382                         if ($hidden) {
1383                                 $checked = "checked";
1384                         } else {
1385                                 $checked = "";
1386                         }
1387
1388                         print "<br><input type=\"checkbox\" id=\"hidden\" name=\"hidden\"
1389                                 $checked><label for=\"hidden\">Hide from my feed list</label>";
1390
1391                         $include_in_digest = sql_bool_to_bool(db_fetch_result($result, 0, "include_in_digest"));
1392
1393                         if ($include_in_digest) {
1394                                 $checked = "checked";
1395                         } else {
1396                                 $checked = "";
1397                         }
1398
1399                         print "<br><input type=\"checkbox\" id=\"include_in_digest\"
1400                                 name=\"include_in_digest\"
1401                                 $checked><label for=\"include_in_digest\">Include in e-mail digest</label>";
1402
1403                         print "</td></tr>";
1404
1405                         print "</table>";
1406
1407                         print "</form>";
1408
1409                         print "<div align='right'>
1410                                 <input type=\"submit\" class=\"button\"
1411                                 onclick=\"return feedEditSave()\" value=\"Save\">
1412                                 <input type='submit' class='button'
1413                                 onclick=\"return feedEditCancel()\" value=\"Cancel\"></div>";
1414
1415                         print "</div>";
1416
1417                         return;
1418                 }
1419
1420                 if ($subop == "editSave") {
1421
1422                         $feed_title = db_escape_string(trim($_POST["title"]));
1423                         $feed_link = db_escape_string(trim($_POST["feed_url"]));
1424                         $upd_intl = db_escape_string($_POST["update_interval"]);
1425                         $purge_intl = db_escape_string($_POST["purge_interval"]);
1426                         $feed_id = db_escape_string($_POST["id"]);
1427                         $cat_id = db_escape_string($_POST["cat_id"]);
1428                         $auth_login = db_escape_string(trim($_POST["auth_login"]));
1429                         $auth_pass = db_escape_string(trim($_POST["auth_pass"]));
1430                         $parent_feed = db_escape_string($_POST["parent_feed"]);
1431                         $private = checkbox_to_sql_bool(db_escape_string($_POST["private"]));
1432                         $rtl_content = checkbox_to_sql_bool(db_escape_string($_POST["rtl_content"]));
1433                         $hidden = checkbox_to_sql_bool(db_escape_string($_POST["hidden"]));
1434                         $include_in_digest = checkbox_to_sql_bool(
1435                                 db_escape_string($_POST["include_in_digest"]));
1436
1437                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
1438                                 if ($cat_id && $cat_id != 0) {
1439                                         $category_qpart = "cat_id = '$cat_id',";
1440                                         $category_qpart_nocomma = "cat_id = '$cat_id'";
1441                                 } else {
1442                                         $category_qpart = 'cat_id = NULL,';
1443                                         $category_qpart_nocomma = 'cat_id = NULL';
1444                                 }
1445                         } else {
1446                                 $category_qpart = "";
1447                                 $category_qpart_nocomma = "";
1448                         }
1449
1450                         if ($parent_feed && $parent_feed != 0) {
1451                                 $parent_qpart = "parent_feed = '$parent_feed'";
1452                         } else {
1453                                 $parent_qpart = 'parent_feed = NULL';
1454                         }
1455
1456                         $result = db_query($link, "UPDATE ttrss_feeds SET
1457                                 $category_qpart $parent_qpart,
1458                                 title = '$feed_title', feed_url = '$feed_link',
1459                                 update_interval = '$upd_intl',
1460                                 purge_interval = '$purge_intl',
1461                                 auth_login = '$auth_login',
1462                                 auth_pass = '$auth_pass',
1463                                 private = $private,
1464                                 rtl_content = $rtl_content,
1465                                 hidden = $hidden,
1466                                 include_in_digest = $include_in_digest
1467                                 WHERE id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]);
1468
1469                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
1470                                 # update linked feed categories
1471                                 $result = db_query($link, "UPDATE ttrss_feeds SET
1472                                         $category_qpart_nocomma WHERE parent_feed = '$feed_id' AND
1473                                         owner_uid = " . $_SESSION["uid"]);
1474                         }
1475                 }
1476
1477                 if ($subop == "saveCat") {
1478                         $cat_title = db_escape_string(trim($_GET["title"]));
1479                         $cat_id = db_escape_string($_GET["id"]);
1480
1481                         $result = db_query($link, "UPDATE ttrss_feed_categories SET
1482                                 title = '$cat_title' WHERE id = '$cat_id' AND owner_uid = ".$_SESSION["uid"]);
1483
1484                 }
1485
1486                 if ($subop == "remove") {
1487
1488                         if (!WEB_DEMO_MODE) {
1489
1490                                 $ids = split(",", db_escape_string($_GET["ids"]));
1491
1492                                 foreach ($ids as $id) {
1493
1494                                         if ($id > 0) {
1495
1496                                                 db_query($link, "DELETE FROM ttrss_feeds
1497                                                         WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
1498
1499                                                 $icons_dir = ICONS_DIR;
1500
1501                                                 if (file_exists($icons_dir . "/$id.ico")) {
1502                                                         unlink($icons_dir . "/$id.ico");
1503                                                 }
1504                                         } else if ($id < -10) {
1505
1506                                                 $label_id = -$id - 11;
1507
1508                                                 db_query($link, "DELETE FROM ttrss_labels
1509                                                         WHERE   id = '$label_id' AND owner_uid = " . $_SESSION["uid"]);
1510                                         }
1511                                 }
1512                         }
1513                 }
1514
1515                 if ($subop == "add") {
1516
1517                         if (!WEB_DEMO_MODE) {
1518
1519                                 $feed_url = db_escape_string(trim($_GET["feed_url"]));
1520                                 $cat_id = db_escape_string($_GET["cat_id"]);
1521
1522                                 if (subscribe_to_feed($link, $feed_url, $cat_id)) {
1523                                         print "Added feed.";
1524                                 } else {
1525                                         print "<div class=\"warning\">
1526                                                 Feed <b>$feed_url</b> already exists in the database.
1527                                         </div>";
1528                                 }
1529                         }
1530                 }
1531
1532                 if ($subop == "addCat") {
1533
1534                         if (!WEB_DEMO_MODE) {
1535
1536                                 $feed_cat = db_escape_string(trim($_GET["cat"]));
1537
1538                                 $result = db_query($link,
1539                                         "SELECT id FROM ttrss_feed_categories
1540                                         WHERE title = '$feed_cat' AND owner_uid = ".$_SESSION["uid"]);
1541
1542                                 if (db_num_rows($result) == 0) {
1543
1544                                         $result = db_query($link,
1545                                                 "INSERT INTO ttrss_feed_categories (owner_uid,title)
1546                                                 VALUES ('".$_SESSION["uid"]."', '$feed_cat')");
1547
1548                                 } else {
1549
1550                                         print "<div class=\"warning\">
1551                                                 Category <b>$feed_cat</b> already exists in the database.
1552                                         </div>";
1553                                 }
1554
1555
1556                         }
1557                 }
1558
1559                 if ($subop == "removeCats") {
1560
1561                         if (!WEB_DEMO_MODE) {
1562
1563                                 $ids = split(",", db_escape_string($_GET["ids"]));
1564
1565                                 foreach ($ids as $id) {
1566
1567                                         db_query($link, "BEGIN");
1568
1569                                         $result = db_query($link,
1570                                                 "SELECT count(id) as num_feeds FROM ttrss_feeds
1571                                                         WHERE cat_id = '$id'");
1572
1573                                         $num_feeds = db_fetch_result($result, 0, "num_feeds");
1574
1575                                         if ($num_feeds == 0) {
1576                                                 db_query($link, "DELETE FROM ttrss_feed_categories
1577                                                         WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
1578                                         } else {
1579
1580                                                 print "<div class=\"warning\">
1581                                                         Unable to delete non empty feed categories.</div>";
1582
1583                                         }
1584
1585                                         db_query($link, "COMMIT");
1586                                 }
1587                         }
1588                 }
1589
1590                 if ($subop == "categorize") {
1591
1592                         if (!WEB_DEMO_MODE) {
1593
1594                                 $ids = split(",", db_escape_string($_GET["ids"]));
1595
1596                                 $cat_id = db_escape_string($_GET["cat_id"]);
1597
1598                                 if ($cat_id == 0) {
1599                                         $cat_id_qpart = 'NULL';
1600                                 } else {
1601                                         $cat_id_qpart = "'$cat_id'";
1602                                 }
1603
1604                                 db_query($link, "BEGIN");
1605
1606                                 foreach ($ids as $id) {
1607
1608                                         db_query($link, "UPDATE ttrss_feeds SET cat_id = $cat_id_qpart
1609                                                 WHERE id = '$id' AND parent_feed IS NULL
1610                                                 AND owner_uid = " . $_SESSION["uid"]);
1611
1612                                         # update linked feed categories
1613                                         db_query($link, "UPDATE ttrss_feeds SET
1614                                                 cat_id = $cat_id_qpart WHERE parent_feed = '$id' AND
1615                                                 owner_uid = " . $_SESSION["uid"]);
1616
1617                                 }
1618
1619                                 db_query($link, "COMMIT");
1620                         }
1621
1622                 }
1623
1624                 if ($quiet) return;
1625
1626 //              print "<h3>Edit Feeds</h3>";
1627
1628                 $result = db_query($link, "SELECT id,title,feed_url,last_error
1629                         FROM ttrss_feeds WHERE last_error != '' AND owner_uid = ".$_SESSION["uid"]);
1630
1631                 if (db_num_rows($result) > 0) {
1632
1633                         print "<div class=\"warning\">";
1634
1635 //                      print"<img class=\"closeButton\"
1636 //                              onclick=\"javascript:hideParentElement(this);\" src=\"images/close.png\">";
1637
1638                         print "<a href=\"javascript:showBlockElement('feedUpdateErrors')\">
1639                                 <b>Some feeds have update errors (click for details)</b></a>";
1640
1641                         print "<ul id=\"feedUpdateErrors\" class=\"nomarks\">";
1642
1643                         while ($line = db_fetch_assoc($result)) {
1644                                 print "<li>" . $line["title"] . " (" . $line["feed_url"] . "): " .
1645                                         $line["last_error"];
1646                         }
1647
1648                         print "</ul>";
1649                         print "</div>";
1650
1651                 }
1652
1653                 $feed_search = db_escape_string($_GET["search"]);
1654
1655                 if (array_key_exists("search", $_GET)) {
1656                         $_SESSION["prefs_feed_search"] = $feed_search;
1657                 } else {
1658                         $feed_search = $_SESSION["prefs_feed_search"];
1659                 }
1660
1661                 print "<table width='100%' class=\"prefGenericAddBox\"
1662                         cellspacing='0' cellpadding='0'><tr>
1663                         <td>
1664                                 <input id=\"fadd_link\"
1665                                         onkeyup=\"toggleSubmitNotEmpty(this, 'fadd_submit_btn')\"
1666                                         size=\"40\">
1667                                 <input type=\"submit\" class=\"button\"
1668                                         disabled=\"true\" id=\"fadd_submit_btn\"
1669                                         onclick=\"addFeed()\" value=\"Subscribe\">";
1670
1671                 if (ENABLE_FEED_BROWSER && !SINGLE_USER_MODE) {
1672                         print " <input type=\"submit\" class=\"button\"
1673                                 onclick=\"javascript:browseFeeds()\" value=\"Top 25\">";
1674                 }
1675
1676                 print "</td><td align='right'>
1677                                 <input id=\"feed_search\" size=\"20\"
1678                                         onchange=\"javascript:updateFeedList()\" value=\"$feed_search\">
1679                                 <input type=\"submit\" class=\"button\"
1680                                 onclick=\"javascript:updateFeedList()\" value=\"Search\">
1681                         </td>
1682                         </tr></table>";
1683
1684                 $feeds_sort = db_escape_string($_GET["sort"]);
1685
1686                 if (!$feeds_sort || $feeds_sort == "undefined") {
1687                         $feeds_sort = $_SESSION["pref_sort_feeds"];
1688                         if (!$feeds_sort) $feeds_sort = "title";
1689                 }
1690
1691                 $_SESSION["pref_sort_feeds"] = $feeds_sort;
1692
1693                 if ($feed_search) {
1694                         $search_qpart = "(UPPER(F1.title) LIKE UPPER('%$feed_search%') OR
1695                                 UPPER(F1.feed_url) LIKE UPPER('%$feed_search%')) AND";
1696                 } else {
1697                         $search_qpart = "";
1698                 }
1699
1700                 if (get_pref($link, 'ENABLE_FEED_CATS')) {
1701                         $order_by_qpart = "category,$feeds_sort,title";
1702                 } else {
1703                         $order_by_qpart = "$feeds_sort,title";
1704                 }
1705
1706                 $result = db_query($link, "SELECT
1707                                 F1.id,
1708                                 F1.title,
1709                                 F1.feed_url,
1710                                 substring(F1.last_updated,1,16) AS last_updated,
1711                                 F1.parent_feed,
1712                                 F1.update_interval,
1713                                 F1.purge_interval,
1714                                 F1.cat_id,
1715                                 F2.title AS parent_title,
1716                                 C1.title AS category,
1717                                 F1.hidden,
1718                                 F1.include_in_digest
1719                         FROM
1720                                 ttrss_feeds AS F1
1721                                 LEFT JOIN ttrss_feeds AS F2
1722                                         ON (F1.parent_feed = F2.id)
1723                                 LEFT JOIN ttrss_feed_categories AS C1
1724                                         ON (F1.cat_id = C1.id)
1725                         WHERE
1726                                 $search_qpart F1.owner_uid = '".$_SESSION["uid"]."'
1727                         ORDER by $order_by_qpart");
1728
1729                 if (db_num_rows($result) != 0) {
1730
1731 //                      print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
1732
1733                         print "<p><table width=\"100%\" cellspacing=\"0\"
1734                                 class=\"prefFeedList\" id=\"prefFeedList\">";
1735                         print "<tr><td class=\"selectPrompt\" colspan=\"8\">
1736                                 Select:
1737                                         <a href=\"javascript:selectPrefRows('feed', true)\">All</a>,
1738                                         <a href=\"javascript:selectPrefRows('feed', false)\">None</a>
1739                                 </td</tr>";
1740
1741                         if (!get_pref($link, 'ENABLE_FEED_CATS')) {
1742                                 print "<tr class=\"title\">
1743                                         <td width='5%' align='center'>&nbsp;</td>";
1744
1745                                 if (get_pref($link, 'ENABLE_FEED_ICONS')) {
1746                                         print "<td width='3%'>&nbsp;</td>";
1747                                 }
1748
1749                                 print "
1750                                         <td width='40%'><a href=\"javascript:updateFeedList('title')\">Title</a></td>
1751                                         <td width='45%'><a href=\"javascript:updateFeedList('feed_url')\">Feed</a></td>
1752                                         <td width='15%' align='right'><a href=\"javascript:updateFeedList('last_updated')\">Updated</a></td>";
1753                         }
1754
1755                         $lnum = 0;
1756
1757                         $cur_cat_id = -1;
1758
1759                         while ($line = db_fetch_assoc($result)) {
1760
1761                                 $feed_id = $line["id"];
1762                                 $cat_id = $line["cat_id"];
1763
1764                                 $edit_title = htmlspecialchars(db_unescape_string($line["title"]));
1765                                 $edit_link = htmlspecialchars(db_unescape_string($line["feed_url"]));
1766                                 $edit_cat = htmlspecialchars(db_unescape_string($line["category"]));
1767
1768                                 $hidden = sql_bool_to_bool($line["hidden"]);
1769
1770                                 if (!$edit_cat) $edit_cat = "Uncategorized";
1771
1772                                 $last_updated = $line["last_updated"];
1773
1774                                 if (get_pref($link, 'HEADLINES_SMART_DATE')) {
1775                                         $last_updated = smart_date_time(strtotime($last_updated));
1776                                 } else {
1777                                         $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
1778                                         $last_updated = date($short_date, strtotime($last_updated));
1779                                 }
1780
1781                                 if (get_pref($link, 'ENABLE_FEED_CATS') && $cur_cat_id != $cat_id) {
1782                                         $lnum = 0;
1783
1784                                         print "<tr><td colspan=\"6\" class=\"feedEditCat\">$edit_cat</td></tr>";
1785
1786                                         print "<tr class=\"title\">
1787                                                 <td width='5%'>&nbsp;</td>";
1788
1789                                         if (get_pref($link, 'ENABLE_FEED_ICONS')) {
1790                                                 print "<td width='3%'>&nbsp;</td>";
1791                                         }
1792
1793                                         print "<td width='40%'><a href=\"javascript:updateFeedList('title')\">Title</a></td>
1794                                                 <td width='45%'><a href=\"javascript:updateFeedList('feed_url')\">Feed</a></td>
1795                                                 <td width='15%' align='right'><a href=\"javascript:updateFeedList('last_updated')\">Updated</a></td>";
1796
1797                                         $cur_cat_id = $cat_id;
1798                                 }
1799
1800                                 $class = ($lnum % 2) ? "even" : "odd";
1801                                 $this_row_id = "id=\"FEEDR-$feed_id\"";
1802
1803                                 print "<tr class=\"$class\" $this_row_id>";
1804
1805                                 $icon_file = ICONS_DIR . "/$feed_id.ico";
1806
1807                                 if (file_exists($icon_file) && filesize($icon_file) > 0) {
1808                                                 $feed_icon = "<img class=\"tinyFeedIcon\"       src=\"" . ICONS_URL . "/$feed_id.ico\">";
1809                                 } else {
1810                                         $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
1811                                 }
1812
1813                                 print "<td class='feedSelect'><input onclick='toggleSelectPrefRow(this, \"feed\");'
1814                                 type=\"checkbox\" id=\"FRCHK-".$line["id"]."\"></td>";
1815
1816                                 if (get_pref($link, 'ENABLE_FEED_ICONS')) {
1817                                         print "<td class='feedIcon'>$feed_icon</td>";
1818                                 }
1819
1820                                 $edit_title = truncate_string($edit_title, 40);
1821                                 $edit_link = truncate_string($edit_link, 60);
1822
1823                                 if ($hidden) {
1824                                         $edit_title = "<span class=\"insensitive\">$edit_title (Hidden)</span>";
1825                                         $edit_link = "<span class=\"insensitive\">$edit_link</span>";
1826                                         $last_updated = "<span class=\"insensitive\">$last_updated</span>";
1827                                 }
1828
1829                                 $parent_title = $line["parent_title"];
1830                                 if ($parent_title) {
1831                                         $parent_title = "<span class='groupPrompt'>(linked to
1832                                                 $parent_title)</span>";
1833                                 }
1834
1835                                 print "<td><a href=\"javascript:editFeed($feed_id);\">" .
1836                                         "$edit_title $parent_title" . "</a></td>";
1837
1838                                 print "<td><a href=\"javascript:editFeed($feed_id);\">" .
1839                                         $edit_link . "</a></td>";
1840
1841                                 print "<td align='right'><a href=\"javascript:editFeed($feed_id);\">" .
1842                                         "$last_updated</a></td>";
1843
1844                                 print "</tr>";
1845
1846                                 ++$lnum;
1847                         }
1848
1849                         print "</table>";
1850
1851                         print "<p><span id=\"feedOpToolbar\">";
1852
1853                         if ($subop == "edit") {
1854                                 print "Edit feed:&nbsp;
1855                                         <input type=\"submit\" class=\"button\"
1856                                                 onclick=\"javascript:feedEditCancel()\" value=\"Cancel\">
1857                                         <input type=\"submit\" class=\"button\"
1858                                                 onclick=\"javascript:feedEditSave()\" value=\"Save\">";
1859                         } else {
1860
1861                                 print "
1862                                         Selection:&nbsp;
1863                                 <input type=\"submit\" class=\"button\" disabled=\"true\"
1864                                         onclick=\"javascript:editSelectedFeed()\" value=\"Edit\">
1865                                 <input type=\"submit\" class=\"button\" disabled=\"true\"
1866                                         onclick=\"javascript:removeSelectedFeeds()\" value=\"Unsubscribe\">";
1867
1868                                 if (get_pref($link, 'ENABLE_FEED_CATS')) {
1869
1870                                         print "&nbsp;|&nbsp;";
1871
1872                                         print_feed_cat_select($link, "sfeed_set_fcat", "", "disabled");
1873
1874                                         print " <input type=\"submit\" class=\"button\" disabled=\"true\"
1875                                         onclick=\"javascript:categorizeSelectedFeeds()\" value=\"Recategorize\">";
1876
1877                                 }
1878
1879                                 print "</span>
1880                                         &nbsp;All feeds: <input type=\"submit\"
1881                                                         class=\"button\" onclick=\"gotoExportOpml()\"
1882                                                         value=\"Export OPML\">";
1883                                 }
1884                 } else {
1885
1886                         print "<p>No feeds defined.</p>";
1887
1888                 }
1889
1890                 if (get_pref($link, 'ENABLE_FEED_CATS')) {
1891
1892                         print "<h3>Edit Categories</h3>";
1893
1894                         print "<div class=\"prefGenericAddBox\">
1895                                 <input id=\"fadd_cat\"
1896                                         onkeyup=\"toggleSubmitNotEmpty(this, 'catadd_submit_btn')\"
1897                                         size=\"40\">&nbsp;
1898                                 <input
1899                                         type=\"submit\" class=\"button\" disabled=\"true\" id=\"catadd_submit_btn\"
1900                                         onclick=\"javascript:addFeedCat()\" value=\"Create category\"></div>";
1901
1902                         $result = db_query($link, "SELECT title,id FROM ttrss_feed_categories
1903                                 WHERE owner_uid = ".$_SESSION["uid"]."
1904                                 ORDER BY title");
1905
1906                         if (db_num_rows($result) != 0) {
1907
1908                                 print "<form id=\"feed_cat_edit_form\">";
1909
1910                                 print "<p><table width=\"100%\" class=\"prefFeedCatList\"
1911                                         cellspacing=\"0\" id=\"prefFeedCatList\">";
1912
1913                                 print "<tr><td class=\"selectPrompt\" colspan=\"8\">
1914                                 Select:
1915                                         <a href=\"javascript:selectPrefRows('fcat', true)\">All</a>,
1916                                         <a href=\"javascript:selectPrefRows('fcat', false)\">None</a>
1917                                 </td</tr>";
1918
1919                                 print "<tr class=\"title\">
1920                                                         <td width=\"5%\">&nbsp;</td><td width=\"80%\">Title</td>
1921                                                 </tr>";
1922
1923                                 $lnum = 0;
1924
1925                                 while ($line = db_fetch_assoc($result)) {
1926
1927                                         $class = ($lnum % 2) ? "even" : "odd";
1928
1929                                         $cat_id = $line["id"];
1930
1931                                         $edit_cat_id = $_GET["id"];
1932
1933                                         if ($subop == "editCat" && $cat_id != $edit_cat_id) {
1934                                                         $class .= "Grayed";
1935                                                         $this_row_id = "";
1936                                         } else {
1937                                                 $this_row_id = "id=\"FCATR-$cat_id\"";
1938                                         }
1939
1940                                         print "<tr class=\"$class\" $this_row_id>";
1941
1942                                         $edit_title = htmlspecialchars(db_unescape_string($line["title"]));
1943
1944                                         if (!$edit_cat_id || $subop != "editCat") {
1945
1946                                                 print "<td align='center'><input onclick='toggleSelectPrefRow(this, \"fcat\");'
1947                                                         type=\"checkbox\" id=\"FCCHK-".$line["id"]."\"></td>";
1948
1949                                                 print "<td><a href=\"javascript:editFeedCat($cat_id);\">" .
1950                                                         $edit_title . "</a></td>";
1951
1952                                         } else if ($cat_id != $edit_cat_id) {
1953
1954                                                 print "<td align='center'><input disabled=\"true\" type=\"checkbox\"
1955                                                         id=\"FRCHK-".$line["id"]."\"></td>";
1956
1957                                                 print "<td>$edit_title</td>";
1958
1959                                         } else {
1960
1961                                                 print "<td align='center'><input disabled=\"true\" type=\"checkbox\" checked>";
1962
1963                                                 print "<input type=\"hidden\" name=\"id\" value=\"$cat_id\">";
1964                                                 print "<input type=\"hidden\" name=\"op\" value=\"pref-feeds\">";
1965                                                 print "<input type=\"hidden\" name=\"subop\" value=\"saveCat\">";
1966
1967                                                 print "</td>";
1968
1969                                                 print "<td><input onkeypress=\"return filterCR(event)\"
1970                                                         name=\"title\" class=\"iedit\" value=\"$edit_title\"></td>";
1971
1972                                         }
1973
1974                                         print "</tr>";
1975
1976                                         ++$lnum;
1977                                 }
1978
1979                                 print "</table>";
1980
1981                                 print "</form>";
1982
1983                                 print "<p id=\"catOpToolbar\">";
1984
1985                                 if ($subop == "editCat") {
1986                                         print "Edit category:&nbsp;
1987                                                 <input type=\"submit\" class=\"button\"
1988                                                         onclick=\"return feedCatEditSave()\" value=\"Save\">
1989                                                 <input type=\"submit\" class=\"button\"
1990                                                         onclick=\"return feedCatEditCancel()\" value=\"Cancel\">";
1991                                         } else {
1992
1993                                         print "
1994                                                 Selection:&nbsp;
1995                                         <input type=\"submit\" class=\"button\" disabled=\"true\"
1996                                                 onclick=\"return editSelectedFeedCat()\" value=\"Edit\">
1997                                         <input type=\"submit\" class=\"button\" disabled=\"true\"
1998                                                 onclick=\"return removeSelectedFeedCats()\" value=\"Remove\">";
1999
2000                                 }
2001
2002                         } else {
2003                                 print "<p>No feed categories defined.</p>";
2004                         }
2005                 }
2006
2007                 print "<h3>Import OPML</h3>
2008                 <form   enctype=\"multipart/form-data\" method=\"POST\" action=\"opml.php\">
2009                         File: <input id=\"opml_file\" name=\"opml_file\" type=\"file\">&nbsp;
2010                         <input class=\"button\" name=\"op\" onclick=\"return validateOpmlImport();\"
2011                                 type=\"submit\" value=\"Import\">
2012                         </form>";
2013
2014         }
2015
2016         if ($op == "pref-filters") {
2017
2018                 $subop = $_GET["subop"];
2019                 $quiet = $_GET["quiet"];
2020
2021                 if ($subop == "edit") {
2022
2023                         $filter_id = db_escape_string($_GET["id"]);
2024
2025                         $result = db_query($link,
2026                                 "SELECT * FROM ttrss_filters WHERE id = '$filter_id' AND owner_uid = " . $_SESSION["uid"]);
2027
2028                         $reg_exp = htmlspecialchars(db_unescape_string(db_fetch_result($result, 0, "reg_exp")));
2029                         $filter_type = db_fetch_result($result, 0, "filter_type");
2030                         $feed_id = db_fetch_result($result, 0, "feed_id");
2031                         $action_id = db_fetch_result($result, 0, "action_id");
2032
2033                         $enabled = sql_bool_to_bool(db_fetch_result($result, 0, "enabled"));
2034
2035                         print "<div id=\"infoBoxTitle\">Filter editor</div>";
2036                         print "<div class=\"infoBoxContents\">";
2037
2038                         print "<form id=\"filter_edit_form\">";
2039
2040                         print "<input type=\"hidden\" name=\"op\" value=\"pref-filters\">";
2041                         print "<input type=\"hidden\" name=\"id\" value=\"$filter_id\">";
2042                         print "<input type=\"hidden\" name=\"subop\" value=\"editSave\">";
2043
2044 //                      print "<div class=\"notice\"><b>Note:</b> filter will only apply to new articles.</div>";
2045
2046                         $result = db_query($link, "SELECT id,description
2047                                 FROM ttrss_filter_types ORDER BY description");
2048
2049                         $filter_types = array();
2050
2051                         while ($line = db_fetch_assoc($result)) {
2052                                 //array_push($filter_types, $line["description"]);
2053                                 $filter_types[$line["id"]] = $line["description"];
2054                         }
2055
2056                         print "<table width='100%'>";
2057
2058                         print "<tr><td>Match:</td>
2059                                 <td><input onkeypress=\"return filterCR(event)\"
2060                                          onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
2061                                         name=\"reg_exp\" class=\"iedit\" value=\"$reg_exp\">";
2062
2063                         print "</td><td>";
2064
2065                         print_select_hash("filter_type", $filter_type, $filter_types, "class=\"iedit\"");
2066
2067                         print "</td></tr>";
2068                         print "<tr><td>Feed:</td><td colspan='2'>";
2069
2070                         print_feed_select($link, "feed_id", $feed_id);
2071
2072                         print "</td></tr>";
2073
2074                         print "<tr><td>Action:</td>";
2075
2076                         print "<td colspan='2'><select name=\"action_id\">";
2077
2078                         $result = db_query($link, "SELECT id,description FROM ttrss_filter_actions
2079                                 ORDER BY name");
2080
2081                         while ($line = db_fetch_assoc($result)) {
2082                                 $is_sel = ($line["id"] == $action_id) ? "selected" : "";
2083                                 printf("<option value='%d' $is_sel>%s</option>", $line["id"], $line["description"]);
2084                         }
2085
2086                         print "</select>";
2087
2088                         print "</td></tr>";
2089
2090                         if ($enabled) {
2091                                 $checked = "checked";
2092                         } else {
2093                                 $checked = "";
2094                         }
2095
2096                         print "<tr><td>Options:</td><td>
2097                                         <input type=\"checkbox\" name=\"enabled\" id=\"enabled\" $checked>
2098                                         <label for=\"enabled\">Enabled</label>";
2099
2100                         print "</td></tr></table>";
2101
2102                         print "</form>";
2103
2104                         print "<div align='right'>";
2105
2106                         print "<input type=\"submit\"
2107                                 id=\"infobox_submit\"
2108                                 class=\"button\" onclick=\"return filterEditSave()\"
2109                                 value=\"Save\"> ";
2110
2111                         print "<input class=\"button\"
2112                                 type=\"submit\" onclick=\"return filterEditCancel()\"
2113                                 value=\"Cancel\">";
2114
2115                         print "</div>";
2116
2117                         return;
2118                 }
2119
2120
2121                 if ($subop == "editSave") {
2122
2123                         $reg_exp = db_escape_string(trim($_GET["reg_exp"]));
2124                         $filter_type = db_escape_string(trim($_GET["filter_type"]));
2125                         $filter_id = db_escape_string($_GET["id"]);
2126                         $feed_id = db_escape_string($_GET["feed_id"]);
2127                         $action_id = db_escape_string($_GET["action_id"]);
2128                         $enabled = checkbox_to_sql_bool(db_escape_string($_GET["enabled"]));
2129
2130                         if (!$feed_id) {
2131                                 $feed_id = 'NULL';
2132                         } else {
2133                                 $feed_id = sprintf("'%s'", db_escape_string($feed_id));
2134                         }
2135
2136                         $result = db_query($link, "UPDATE ttrss_filters SET
2137                                         reg_exp = '$reg_exp',
2138                                         feed_id = $feed_id,
2139                                         action_id = '$action_id',
2140                                         filter_type = '$filter_type',
2141                                         enabled = $enabled
2142                                 WHERE id = '$filter_id' AND owner_uid = " . $_SESSION["uid"]);
2143                 }
2144
2145                 if ($subop == "remove") {
2146
2147                         if (!WEB_DEMO_MODE) {
2148
2149                                 $ids = split(",", db_escape_string($_GET["ids"]));
2150
2151                                 foreach ($ids as $id) {
2152                                         db_query($link, "DELETE FROM ttrss_filters WHERE id = '$id' AND owner_uid = ". $_SESSION["uid"]);
2153
2154                                 }
2155                         }
2156                 }
2157
2158                 if ($subop == "add") {
2159
2160                         if (!WEB_DEMO_MODE) {
2161
2162                                 $regexp = db_escape_string(trim($_GET["reg_exp"]));
2163                                 $filter_type = db_escape_string(trim($_GET["filter_type"]));
2164                                 $feed_id = db_escape_string($_GET["feed_id"]);
2165                                 $action_id = db_escape_string($_GET["action_id"]);
2166
2167                                 if (!$feed_id) {
2168                                         $feed_id = 'NULL';
2169                                 } else {
2170                                         $feed_id = sprintf("'%s'", db_escape_string($feed_id));
2171                                 }
2172
2173                                 $result = db_query($link,
2174                                         "INSERT INTO ttrss_filters (reg_exp,filter_type,owner_uid,feed_id,
2175                                                 action_id)
2176                                         VALUES
2177                                                 ('$regexp', '$filter_type','".$_SESSION["uid"]."',
2178                                                         $feed_id, '$action_id')");
2179                         }
2180                 }
2181
2182                 if ($quiet) return;
2183
2184                 $sort = db_escape_string($_GET["sort"]);
2185
2186                 if (!$sort || $sort == "undefined") {
2187                         $sort = "reg_exp";
2188                 }
2189
2190 //              print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
2191
2192                 $result = db_query($link, "SELECT id,description
2193                         FROM ttrss_filter_types ORDER BY description");
2194
2195                 $filter_types = array();
2196
2197                 while ($line = db_fetch_assoc($result)) {
2198                         //array_push($filter_types, $line["description"]);
2199                         $filter_types[$line["id"]] = $line["description"];
2200                 }
2201
2202                 print "<input type=\"submit\"
2203                         class=\"button\"
2204                         onclick=\"return displayDlg('quickAddFilter', false)\"
2205                         id=\"create_filter_btn\"
2206                         value=\"Create filter\">";
2207
2208                 $result = db_query($link, "SELECT
2209                                 ttrss_filters.id AS id,reg_exp,
2210                                 ttrss_filter_types.name AS filter_type_name,
2211                                 ttrss_filter_types.description AS filter_type_descr,
2212                                 enabled,
2213                                 feed_id,
2214                                 ttrss_filter_actions.description AS action_description,
2215                                 ttrss_feeds.title AS feed_title
2216                         FROM
2217                                 ttrss_filter_types,ttrss_filter_actions,ttrss_filters LEFT JOIN
2218                                         ttrss_feeds ON (ttrss_filters.feed_id = ttrss_feeds.id)
2219                         WHERE
2220                                 filter_type = ttrss_filter_types.id AND
2221                                 ttrss_filter_actions.id = action_id AND
2222                                 ttrss_filters.owner_uid = ".$_SESSION["uid"]."
2223                         ORDER by $sort");
2224
2225                 if (db_num_rows($result) != 0) {
2226
2227                         print "<form id=\"filter_edit_form\">";
2228
2229                         print "<p><table width=\"100%\" cellspacing=\"0\" class=\"prefFilterList\"
2230                                 id=\"prefFilterList\">";
2231
2232                         print "<tr><td class=\"selectPrompt\" colspan=\"8\">
2233                                 Select:
2234                                         <a href=\"javascript:selectPrefRows('filter', true)\">All</a>,
2235                                         <a href=\"javascript:selectPrefRows('filter', false)\">None</a>
2236                                 </td</tr>";
2237
2238                         print "<tr class=\"title\">
2239                                                 <td align='center' width=\"5%\">&nbsp;</td>
2240                                                 <td width=\"20%\"><a href=\"javascript:updateFilterList('reg_exp')\">Filter expression</a></td>
2241                                                 <td width=\"20%\"><a href=\"javascript:updateFilterList('feed_title')\">Feed</a></td>
2242                                                 <td width=\"15%\"><a href=\"javascript:updateFilterList('filter_type')\">Match</a></td>
2243                                                 <td width=\"15%\"><a href=\"javascript:updateFilterList('action_description')\">Action</a></td>";
2244
2245                         $lnum = 0;
2246
2247                         while ($line = db_fetch_assoc($result)) {
2248
2249                                 $class = ($lnum % 2) ? "even" : "odd";
2250
2251                                 $filter_id = $line["id"];
2252                                 $edit_filter_id = $_GET["id"];
2253
2254                                 $enabled = sql_bool_to_bool($line["enabled"]);
2255
2256                                 if ($subop == "edit" && $filter_id != $edit_filter_id) {
2257                                         $class .= "Grayed";
2258                                         $this_row_id = "";
2259                                 } else {
2260                                         $this_row_id = "id=\"FILRR-$filter_id\"";
2261                                 }
2262
2263                                 print "<tr class=\"$class\" $this_row_id>";
2264
2265                                 $line["reg_exp"] = htmlspecialchars(db_unescape_string($line["reg_exp"]));
2266
2267                                 if (!$line["feed_title"]) $line["feed_title"] = "All feeds";
2268
2269                                 $line["feed_title"] = htmlspecialchars(db_unescape_string($line["feed_title"]));
2270
2271                                 print "<td align='center'><input onclick='toggleSelectPrefRow(this, \"filter\");'
2272                                         type=\"checkbox\" id=\"FICHK-".$line["id"]."\"></td>";
2273
2274                                 if (!$enabled) {
2275                                         $line["reg_exp"] = "<span class=\"insensitive\">" .
2276                                                 $line["reg_exp"] . " (Disabled)</span>";
2277                                         $line["feed_title"] = "<span class=\"insensitive\">" .
2278                                                 $line["feed_title"] . "</span>";
2279                                         $line["filter_type_descr"] = "<span class=\"insensitive\">" .
2280                                                 $line["filter_type_descr"] . "</span>";
2281                                         $line["action_description"] = "<span class=\"insensitive\">" .
2282                                                 $line["action_description"] . "</span>";
2283                                 }
2284
2285                                 print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2286                                         $line["reg_exp"] . "</td>";
2287
2288                                 print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2289                                         $line["feed_title"] . "</td>";
2290
2291                                 print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2292                                         $line["filter_type_descr"] . "</td>";
2293
2294                                 print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2295                                         $line["action_description"] . "</td>";
2296
2297                                 print "</tr>";
2298
2299                                 ++$lnum;
2300                         }
2301
2302                         if ($lnum == 0) {
2303                                 print "<tr><td colspan=\"4\" align=\"center\">No filters defined.</td></tr>";
2304                         }
2305
2306                         print "</table>";
2307
2308                         print "</form>";
2309
2310                         print "<p id=\"filterOpToolbar\">";
2311
2312                         print "
2313                                         Selection:
2314                                 <input type=\"submit\" class=\"button\" disabled=\"true\"
2315                                         onclick=\"return editSelectedFilter()\" value=\"Edit\">
2316                                 <input type=\"submit\" class=\"button\" disabled=\"true\"
2317                                         onclick=\"return removeSelectedFilters()\" value=\"Remove\">";
2318
2319                         print "</p>";
2320
2321                 } else {
2322
2323                         print "<p>No filters defined.</p>";
2324
2325                 }
2326         }
2327
2328         // We need to accept raw SQL data in label queries, so not everything is escaped
2329         // here, this is by design. If you don't like the whole idea, disable labels
2330         // altogether with GLOBAL_ENABLE_LABELS = false
2331
2332         if ($op == "pref-labels") {
2333
2334                 if (!GLOBAL_ENABLE_LABELS) {
2335
2336                         print "<p>Sorry, labels have been administratively disabled for this installation. Please contact instance owner or edit configuration file to enable this functionality.</p>";
2337                         return;
2338                 }
2339
2340                 $subop = $_GET["subop"];
2341
2342                 if ($subop == "edit") {
2343
2344                         $label_id = db_escape_string($_GET["id"]);
2345
2346                         $result = db_query($link, "SELECT sql_exp,description   FROM ttrss_labels WHERE
2347                                 owner_uid = ".$_SESSION["uid"]." AND id = '$label_id' ORDER by description");
2348
2349                         $line = db_fetch_assoc($result);
2350
2351                         $sql_exp = htmlspecialchars(db_unescape_string($line["sql_exp"]));
2352                         $description = htmlspecialchars(db_unescape_string($line["description"]));
2353
2354                         print "<div id=\"infoBoxTitle\">Label editor</div>";
2355                         print "<div class=\"infoBoxContents\">";
2356
2357                         print "<form id=\"label_edit_form\">";
2358
2359                         print "<input type=\"hidden\" name=\"op\" value=\"pref-labels\">";
2360                         print "<input type=\"hidden\" name=\"id\" value=\"$label_id\">";
2361                         print "<input type=\"hidden\" name=\"subop\" value=\"editSave\">";
2362
2363                         print "<table width='100%'>";
2364
2365                         print "<tr><td>Caption:</td>
2366                                 <td><input onkeypress=\"return filterCR(event)\"
2367                                          onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
2368                                          name=\"description\" class=\"iedit\" value=\"$description\">";
2369
2370                         print "</td></tr>";
2371
2372                         print "<tr><td colspan=\"2\">
2373                                 <p>SQL Expression:</p>";
2374
2375                         print "<textarea onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
2376                                          rows=\"4\" name=\"sql_exp\" class=\"iedit\">$sql_exp</textarea>";
2377
2378                         print "</td></tr></table>";
2379
2380                         print "</form>";
2381
2382                         print "<div style=\"display : none\" id=\"label_test_result\"></div>";
2383
2384                         print "<div align='right'>";
2385
2386                         $is_disabled = (strpos($_SERVER['HTTP_USER_AGENT'], 'Opera') !== FALSE) ? "disabled" : "";
2387
2388                         print "<input $is_disabled type=\"submit\" onclick=\"return labelTest()\" value=\"Test\">
2389                                 ";
2390
2391                         print "<input type=\"submit\"
2392                                 id=\"infobox_submit\"
2393                                 class=\"button\" onclick=\"return labelEditSave()\"
2394                                 value=\"Save\"> ";
2395
2396                         print "<input class=\"button\"
2397                                 type=\"submit\" onclick=\"return labelEditCancel()\"
2398                                 value=\"Cancel\">";
2399
2400                         print "</div>";
2401
2402                         return;
2403                 }
2404
2405                 if ($subop == "test") {
2406
2407                         $expr = db_unescape_string(trim($_GET["expr"]));
2408                         $descr = db_unescape_string(trim($_GET["descr"]));
2409
2410                         print "<div>";
2411
2412                         error_reporting(0);
2413
2414
2415                         $result = db_query($link,
2416                                 "SELECT count(ttrss_entries.id) AS num_matches
2417                                         FROM ttrss_entries,ttrss_user_entries,ttrss_feeds
2418                                         WHERE ($expr) AND
2419                                                 ttrss_user_entries.ref_id = ttrss_entries.id AND
2420                                                 ttrss_user_entries.feed_id = ttrss_feeds.id AND
2421                                                 ttrss_user_entries.owner_uid = " . $_SESSION["uid"], false);
2422
2423                         error_reporting (DEFAULT_ERROR_LEVEL);
2424
2425                         if (!$result) {
2426                                 print "<p>" . db_last_error($link) . "</p>";
2427                                 print "</div>";
2428                                 return;
2429                         }
2430
2431                         $num_matches = db_fetch_result($result, 0, "num_matches");;
2432
2433                         if ($num_matches > 0) {
2434
2435                                 if ($num_matches > 10) {
2436                                         $showing_msg = ", showing first 10";
2437                                 }
2438
2439                                 print "<p>Query returned <b>$num_matches</b> matches$showing_msg:</p>";
2440
2441                                 $result = db_query($link,
2442                                         "SELECT ttrss_entries.title,
2443                                                 (SELECT title FROM ttrss_feeds WHERE id = feed_id) AS feed_title
2444                                         FROM ttrss_entries,ttrss_user_entries,ttrss_feeds
2445                                                         WHERE ($expr) AND
2446                                                         ttrss_user_entries.ref_id = ttrss_entries.id
2447                                                         AND ttrss_user_entries.feed_id = ttrss_feeds.id
2448                                                         AND ttrss_user_entries.owner_uid = " . $_SESSION["uid"] . "
2449                                                         ORDER BY date_entered DESC LIMIT 10", false);
2450
2451                                 print "<ul class=\"labelTestResults\">";
2452
2453                                 $row_class = "even";
2454
2455                                 while ($line = db_fetch_assoc($result)) {
2456                                         $row_class = toggleEvenOdd($row_class);
2457
2458                                         print "<li class=\"$row_class\">".$line["title"].
2459                                                 " <span class=\"insensitive\">(".$line["feed_title"].")</span></li>";
2460                                 }
2461                                 print "</ul>";
2462
2463                         } else {
2464                                 print "<p>Query didn't return any matches.</p>";
2465                         }
2466
2467                         print "</div>";
2468
2469                         return;
2470                 }
2471
2472                 if ($subop == "editSave") {
2473
2474                         $sql_exp = trim($_GET["sql_exp"]);
2475                         $descr = db_escape_string(trim($_GET["description"]));
2476                         $label_id = db_escape_string($_GET["id"]);
2477
2478                         $result = db_query($link, "UPDATE ttrss_labels SET
2479                                 sql_exp = '$sql_exp',
2480                                 description = '$descr'
2481                                 WHERE id = '$label_id'");
2482                 }
2483
2484                 if ($subop == "remove") {
2485
2486                         if (!WEB_DEMO_MODE) {
2487
2488                                 $ids = split(",", db_escape_string($_GET["ids"]));
2489
2490                                 foreach ($ids as $id) {
2491                                         db_query($link, "DELETE FROM ttrss_labels WHERE id = '$id'");
2492
2493                                 }
2494                         }
2495                 }
2496
2497                 if ($subop == "add") {
2498
2499                         if (!WEB_DEMO_MODE) {
2500
2501                                 // no escaping is done here on purpose
2502                                 $sql_exp = trim($_GET["sql_exp"]);
2503                                 $description = db_escape_string($_GET["description"]);
2504
2505                                 $result = db_query($link,
2506                                         "INSERT INTO ttrss_labels (sql_exp,description,owner_uid)
2507                                                 VALUES ('$sql_exp', '$description', '".$_SESSION["uid"]."')");
2508                         }
2509                 }
2510
2511                 $sort = db_escape_string($_GET["sort"]);
2512
2513                 if (!$sort || $sort == "undefined") {
2514                         $sort = "description";
2515                 }
2516
2517                 print "<div class=\"prefGenericAddBox\">";
2518
2519                 print"<input type=\"submit\" class=\"button\"
2520                         id=\"label_create_btn\"
2521                         onclick=\"return displayDlg('quickAddLabel', false)\"
2522                         value=\"Create label\"></div>";
2523
2524                 $result = db_query($link, "SELECT
2525                                 id,sql_exp,description
2526                         FROM
2527                                 ttrss_labels
2528                         WHERE
2529                                 owner_uid = ".$_SESSION["uid"]."
2530                         ORDER BY $sort");
2531
2532 //              print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
2533
2534                 if (db_num_rows($result) != 0) {
2535
2536                         print "<form id=\"label_edit_form\">";
2537
2538                         print "<p><table width=\"100%\" cellspacing=\"0\"
2539                                 class=\"prefLabelList\" id=\"prefLabelList\">";
2540
2541                         print "<tr><td class=\"selectPrompt\" colspan=\"8\">
2542                                 Select:
2543                                         <a href=\"javascript:selectPrefRows('label', true)\">All</a>,
2544                                         <a href=\"javascript:selectPrefRows('label', false)\">None</a>
2545                                 </td</tr>";
2546
2547                         print "<tr class=\"title\">
2548                                                 <td width=\"5%\">&nbsp;</td>
2549                                                 <td width=\"30%\"><a href=\"javascript:updateLabelList('description')\">Caption</a></td>
2550                                                 <td width=\"50%\"><a href=\"javascript:updateLabelList('sql_exp')\">SQL Expression</a>
2551                                                 <a class=\"helpLink\" href=\"javascript:displayHelpInfobox(1)\">(?)</a>
2552                                                 </td>
2553                                                 </tr>";
2554
2555                         $lnum = 0;
2556
2557                         while ($line = db_fetch_assoc($result)) {
2558
2559                                 $class = ($lnum % 2) ? "even" : "odd";
2560
2561                                 $label_id = $line["id"];
2562                                 $edit_label_id = $_GET["id"];
2563
2564                                 if ($subop == "edit" && $label_id != $edit_label_id) {
2565                                         $class .= "Grayed";
2566                                         $this_row_id = "";
2567                                 } else {
2568                                         $this_row_id = "id=\"LILRR-$label_id\"";
2569                                 }
2570
2571                                 print "<tr class=\"$class\" $this_row_id>";
2572
2573                                 $line["sql_exp"] = htmlspecialchars(db_unescape_string($line["sql_exp"]));
2574                                 $line["description"] = htmlspecialchars(
2575                                                 db_unescape_string($line["description"]));
2576
2577                                 if (!$line["description"]) $line["description"] = "[No caption]";
2578
2579                                 print "<td align='center'><input onclick='toggleSelectPrefRow(this, \"label\");'
2580                                         type=\"checkbox\" id=\"LICHK-".$line["id"]."\"></td>";
2581
2582                                 print "<td><a href=\"javascript:editLabel($label_id);\">" .
2583                                         $line["description"] . "</td>";
2584
2585                                 print "<td><a href=\"javascript:editLabel($label_id);\">" .
2586                                         $line["sql_exp"] . "</td>";
2587
2588                                 print "</tr>";
2589
2590                                 ++$lnum;
2591                         }
2592
2593                         if ($lnum == 0) {
2594                                 print "<tr><td colspan=\"4\" align=\"center\">No labels defined.</td></tr>";
2595                         }
2596
2597                         print "</table>";
2598
2599                         print "</form>";
2600
2601                         print "<p id=\"labelOpToolbar\">";
2602
2603                         print "
2604                                         Selection:
2605                                 <input type=\"submit\" class=\"button\" disabled=\"true\"
2606                                         onclick=\"javascript:editSelectedLabel()\" value=\"Edit\">
2607                                 <input type=\"submit\" class=\"button\" disabled=\"true\"
2608                                 onclick=\"javascript:removeSelectedLabels()\" value=\"Remove\">";
2609
2610                 } else {
2611                         print "<p>No labels defined.</p>";
2612                 }
2613         }
2614
2615         if ($op == "error") {
2616                 print "<div width=\"100%\" align='center'>";
2617                 $msg = $_GET["msg"];
2618                 print $msg;
2619                 print "</div>";
2620         }
2621
2622         if ($op == "help") {
2623                 if (!$_GET["noheaders"]) {
2624                         print "<html><head>
2625                                 <title>Tiny Tiny RSS : Help</title>
2626                                 <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">
2627                                 <script type=\"text/javascript\" src=\"prototype.js\"></script>
2628                                 <script type=\"text/javascript\" src=\"functions.js?$script_dt_add\"></script>
2629                                 <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
2630                                 </head><body>";
2631                 }
2632
2633                 $tid = sprintf("%d", $_GET["tid"]);
2634
2635                 print "<div id=\"infoBoxTitle\">Help</div>";
2636
2637                 print "<div class='infoBoxContents'>";
2638
2639                 if (file_exists("help/$tid.php")) {
2640                         include("help/$tid.php");
2641                 } else {
2642                         print "<p>Help topic not found.</p>";
2643                 }
2644
2645                 print "</div>";
2646
2647                 print "<div align='center'>
2648                         <input type='submit' class='button'
2649                         onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
2650
2651                 if (!$_GET["noheaders"]) {
2652                         print "</body></html>";
2653                 }
2654
2655         }
2656
2657         if ($op == "dlg") {
2658                 $id = $_GET["id"];
2659                 $param = $_GET["param"];
2660
2661                 if ($id == "quickAddFeed") {
2662
2663                         print "<div id=\"infoBoxTitle\">Subscribe to feed</div>";
2664                         print "<div class=\"infoBoxContents\">";
2665
2666                         print "<form id='feed_add_form'>";
2667
2668                         print "<input type=\"hidden\" name=\"op\" value=\"pref-feeds\">";
2669                         print "<input type=\"hidden\" name=\"quiet\" value=\"1\">";
2670                         print "<input type=\"hidden\" name=\"subop\" value=\"add\">";
2671
2672                         print "<table width='100%'>
2673                         <tr><td>Feed URL:</td><td>
2674                                 <input class=\"iedit\" onblur=\"javascript:enableHotkeys()\"
2675                                         onkeypress=\"return filterCR(event)\"
2676                                         onkeyup=\"toggleSubmitNotEmpty(this, 'fadd_submit_btn')\"
2677                                         onfocus=\"javascript:disableHotkeys()\" name=\"feed_url\"></td></tr>";
2678
2679                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
2680                                 print "<tr><td>Category:</td><td>";
2681                                 print_feed_cat_select($link, "cat_id");
2682                                 print "</td></tr>";
2683                         }
2684
2685                         print "</table>";
2686                         print "</form>";
2687
2688                         print "<div align='right'>
2689                                 <input class=\"button\"
2690                                         id=\"fadd_submit_btn\" disabled=\"true\"
2691                                         type=\"submit\" onclick=\"javascript:qafAdd()\" value=\"Subscribe\">
2692                                 <input class=\"button\"
2693                                         type=\"submit\" onclick=\"javascript:closeInfoBox()\"
2694                                         value=\"Cancel\"></div>";
2695
2696                 }
2697
2698                 if ($id == "search") {
2699
2700                         print "<div id=\"infoBoxTitle\">Search</div>";
2701                         print "<div class=\"infoBoxContents\">";
2702
2703                         print "<form id='search_form'>";
2704
2705                         #$active_feed_id = db_escape_string($_GET["param"]);
2706
2707                         $params = split(":", db_escape_string($_GET["param"]));
2708
2709                         $active_feed_id = sprintf("%d", $params[0]);
2710                         $is_cat = $params[1] == "true";
2711
2712                         print "<table width='100%'><tr><td>Search:</td><td>";
2713
2714                         print "<input name=\"query\" class=\"iedit\"
2715                                 onkeypress=\"return filterCR(event)\"
2716                                 onkeyup=\"toggleSubmitNotEmpty(this, 'search_submit_btn')\"
2717                                 value=\"\">
2718                         </td></tr>";
2719
2720                         print "<tr><td>Where:</td><td>";
2721
2722                         print "<select name=\"search_mode\">
2723                                 <option value=\"all_feeds\">All feeds</option>";
2724
2725                         $feed_title = getFeedTitle($link, $active_feed_id);
2726
2727                         if (!$is_cat) {
2728                                 $feed_cat_title = getFeedCatTitle($link, $active_feed_id);
2729                         } else {
2730                                 $feed_cat_title = getCategoryTitle($link, $active_feed_id);
2731                         }
2732
2733                         if ($active_feed_id && !$is_cat) {
2734                                 print "<option selected value=\"this_feed\">This feed ($feed_title)</option>";
2735                         } else {
2736                                 print "<option disabled>This feed</option>";
2737                         }
2738
2739                         if ($is_cat) {
2740                                 $cat_preselected = "selected";
2741                         }
2742
2743                         if (get_pref($link, 'ENABLE_FEED_CATS') && ($active_feed_id > 0 || $is_cat)) {
2744                                 print "<option $cat_preselected value=\"this_cat\">This category ($feed_cat_title)</option>";
2745                         } else {
2746                                 print "<option disabled>This category</option>";
2747                         }
2748
2749                         print "</select></td></tr>";
2750
2751                         print "<tr><td>Match on:</td><td>";
2752
2753                         $search_fields = array(
2754                                 "title" => "Title",
2755                                 "content" => "Content",
2756                                 "both" => "Title or content");
2757
2758                         print_select_hash("match_on", 3, $search_fields);
2759
2760                         print "</td></tr></table>";
2761
2762                         print "</form>";
2763
2764                         print "<div align=\"right\">
2765                         <input type=\"submit\"
2766                                 class=\"button\" onclick=\"javascript:search()\"
2767                                 id=\"search_submit_btn\" disabled=\"true\"
2768                                 value=\"Search\">
2769                         <input class=\"button\"
2770                                 type=\"submit\" onclick=\"javascript:searchCancel()\"
2771                                 value=\"Cancel\"></div>";
2772
2773                         print "</div>";
2774
2775                 }
2776
2777                 if ($id == "quickAddLabel") {
2778                         print "<div id=\"infoBoxTitle\">Create label</div>";
2779                         print "<div class=\"infoBoxContents\">";
2780
2781                         print "<form id=\"label_edit_form\">";
2782
2783                         print "<input type=\"hidden\" name=\"op\" value=\"pref-labels\">";
2784                         print "<input type=\"hidden\" name=\"subop\" value=\"add\">";
2785
2786                         print "<table width='100%'>";
2787
2788                         print "<tr><td>Caption:</td>
2789                                 <td><input onkeypress=\"return filterCR(event)\"
2790                                          onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
2791                                          name=\"description\" class=\"iedit\">";
2792
2793                         print "</td></tr>";
2794
2795                         print "<tr><td colspan=\"2\">
2796                                 <p>SQL Expression:</p>";
2797
2798                         print "<textarea onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
2799                                          rows=\"4\" name=\"sql_exp\" class=\"iedit\"></textarea>";
2800
2801                         print "</td></tr></table>";
2802
2803                         print "</form>";
2804
2805                         print "<div style=\"display : none\" id=\"label_test_result\"></div>";
2806
2807                         print "<div align='right'>";
2808
2809                         print "<input type=\"submit\" onclick=\"labelTest()\" value=\"Test\">
2810                                 ";
2811
2812                         print "<input type=\"submit\"
2813                                 id=\"infobox_submit\"
2814                                 disabled=\"true\"
2815                                 class=\"button\" onclick=\"return addLabel()\"
2816                                 value=\"Create\"> ";
2817
2818                         print "<input class=\"button\"
2819                                 type=\"submit\" onclick=\"return labelEditCancel()\"
2820                                 value=\"Cancel\">";
2821                 }
2822
2823                 if ($id == "quickAddFilter") {
2824
2825                         $active_feed_id = db_escape_string($_GET["param"]);
2826
2827                         print "<div id=\"infoBoxTitle\">Create filter</div>";
2828                         print "<div class=\"infoBoxContents\">";
2829
2830                         print "<form id=\"filter_add_form\">";
2831
2832                         print "<input type=\"hidden\" name=\"op\" value=\"pref-filters\">";
2833                         print "<input type=\"hidden\" name=\"quiet\" value=\"1\">";
2834                         print "<input type=\"hidden\" name=\"subop\" value=\"add\">";
2835
2836 //                      print "<div class=\"notice\"><b>Note:</b> filter will only apply to new articles.</div>";
2837
2838                         $result = db_query($link, "SELECT id,description
2839                                 FROM ttrss_filter_types ORDER BY description");
2840
2841                         $filter_types = array();
2842
2843                         while ($line = db_fetch_assoc($result)) {
2844                                 //array_push($filter_types, $line["description"]);
2845                                 $filter_types[$line["id"]] = $line["description"];
2846                         }
2847
2848                         print "<table width='100%'>";
2849
2850                         print "<tr><td>Match:</td>
2851                                 <td><input onkeypress=\"return filterCR(event)\"
2852                                          onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
2853                                         name=\"reg_exp\" class=\"iedit\">";
2854                         print "</td><td>";
2855
2856                         print_select_hash("filter_type", 1, $filter_types, "class=\"iedit\"");
2857
2858                         print "</td></tr>";
2859                         print "<tr><td>Feed:</td><td colspan='2'>";
2860
2861                         print_feed_select($link, "feed_id", $active_feed_id);
2862
2863                         print "</td></tr>";
2864
2865                         print "<tr><td>Action:</td>";
2866
2867                         print "<td colspan='2'><select name=\"action_id\">";
2868
2869                         $result = db_query($link, "SELECT id,description FROM ttrss_filter_actions
2870                                 ORDER BY name");
2871
2872                         while ($line = db_fetch_assoc($result)) {
2873                                 printf("<option value='%d'>%s</option>", $line["id"], $line["description"]);
2874                         }
2875
2876                         print "</select>";
2877
2878                         print "</td></tr></table>";
2879
2880                         print "</form>";
2881
2882                         print "<div align='right'>";
2883
2884                         print "<input type=\"submit\"
2885                                 id=\"infobox_submit\"
2886                                 class=\"button\" onclick=\"return qaddFilter()\"
2887                                 disabled=\"true\" value=\"Create\"> ";
2888
2889                         print "<input class=\"button\"
2890                                 type=\"submit\" onclick=\"return closeInfoBox()\"
2891                                 value=\"Cancel\">";
2892
2893                         print "</div>";
2894
2895 //                      print "</td></tr></table>";
2896
2897                 }
2898
2899                 print "</div>";
2900
2901         }
2902
2903         // update feeds of all users, may be used anonymously
2904         if ($op == "globalUpdateFeeds") {
2905
2906                 $result = db_query($link, "SELECT id FROM ttrss_users");
2907
2908                 while ($line = db_fetch_assoc($result)) {
2909                         $user_id = $line["id"];
2910 //                      print "<!-- updating feeds of uid $user_id -->";
2911                         update_all_feeds($link, false, $user_id);
2912                 }
2913
2914                 print "<rpc-reply>
2915                         <message msg=\"All feeds updated\"/>
2916                 </rpc-reply>";
2917
2918         }
2919
2920         if ($op == "pref-prefs") {
2921
2922                 $subop = $_REQUEST["subop"];
2923
2924                 if ($subop == "Save configuration") {
2925
2926                         if (WEB_DEMO_MODE) {
2927                                 header("Location: prefs.php");
2928                                 return;
2929                         }
2930
2931                         $_SESSION["prefs_op_result"] = "save-config";
2932
2933                         $_SESSION["prefs_cache"] = false;
2934
2935                         foreach (array_keys($_POST) as $pref_name) {
2936
2937                                 $pref_name = db_escape_string($pref_name);
2938                                 $value = db_escape_string($_POST[$pref_name]);
2939
2940                                 $result = db_query($link, "SELECT type_name
2941                                         FROM ttrss_prefs,ttrss_prefs_types
2942                                         WHERE pref_name = '$pref_name' AND type_id = ttrss_prefs_types.id");
2943
2944                                 if (db_num_rows($result) > 0) {
2945
2946                                         $type_name = db_fetch_result($result, 0, "type_name");
2947
2948 //                                      print "$pref_name : $type_name : $value<br>";
2949
2950                                         if ($type_name == "bool") {
2951                                                 if ($value == "1") {
2952                                                         $value = "true";
2953                                                 } else {
2954                                                         $value = "false";
2955                                                 }
2956                                         } else if ($type_name == "integer") {
2957                                                 $value = sprintf("%d", $value);
2958                                         }
2959
2960 //                                      print "$pref_name : $type_name : $value<br>";
2961
2962                                         db_query($link, "UPDATE ttrss_user_prefs SET value = '$value'
2963                                                 WHERE pref_name = '$pref_name' AND owner_uid = ".$_SESSION["uid"]);
2964
2965                                 }
2966
2967                                 header("Location: prefs.php");
2968
2969                         }
2970
2971                 } else if ($subop == "getHelp") {
2972
2973                         $pref_name = db_escape_string($_GET["pn"]);
2974
2975                         $result = db_query($link, "SELECT help_text FROM ttrss_prefs
2976                                 WHERE pref_name = '$pref_name'");
2977
2978                         if (db_num_rows($result) > 0) {
2979                                 $help_text = db_fetch_result($result, 0, "help_text");
2980                                 print $help_text;
2981                         } else {
2982                                 print "Unknown option: $pref_name";
2983                         }
2984
2985                 } else if ($subop == "Change e-mail") {
2986
2987                         if (WEB_DEMO_MODE) {
2988                                 header("Location: prefs.php");
2989                                 return;
2990                         }
2991
2992                         $email = db_escape_string($_GET["email"]);
2993                         $active_uid = $_SESSION["uid"];
2994
2995                         if ($email) {
2996                                 db_query($link, "UPDATE ttrss_users SET email = '$email'
2997                                                 WHERE id = '$active_uid'");
2998                         }
2999
3000                         header("Location: prefs.php");
3001
3002                 } else if ($subop == "Change password") {
3003
3004                         if (WEB_DEMO_MODE) {
3005                                 header("Location: prefs.php");
3006                                 return;
3007                         }
3008
3009                         $old_pw = $_POST["OLD_PASSWORD"];
3010                         $new_pw = $_POST["OLD_PASSWORD"];
3011
3012                         $old_pw_hash = 'SHA1:' . sha1($_POST["OLD_PASSWORD"]);
3013                         $new_pw_hash = 'SHA1:' . sha1($_POST["NEW_PASSWORD"]);
3014
3015                         $active_uid = $_SESSION["uid"];
3016
3017                         if ($old_pw && $new_pw) {
3018
3019                                 $login = db_escape_string($_SERVER['PHP_AUTH_USER']);
3020
3021                                 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
3022                                         id = '$active_uid' AND (pwd_hash = '$old_pw' OR
3023                                                 pwd_hash = '$old_pw_hash')");
3024
3025                                 if (db_num_rows($result) == 1) {
3026                                         db_query($link, "UPDATE ttrss_users SET pwd_hash = '$new_pw_hash'
3027                                                 WHERE id = '$active_uid'");
3028
3029                                         $_SESSION["pwd_change_result"] = "ok";
3030                                 } else {
3031                                         $_SESSION["pwd_change_result"] = "failed";
3032                                 }
3033                         }
3034
3035                         header("Location: prefs.php");
3036
3037                 } else if ($subop == "Reset to defaults") {
3038
3039                         if (WEB_DEMO_MODE) {
3040                                 header("Location: prefs.php");
3041                                 return;
3042                         }
3043
3044                         $_SESSION["prefs_op_result"] = "reset-to-defaults";
3045
3046                         if (DB_TYPE == "pgsql") {
3047                                 db_query($link,"UPDATE ttrss_user_prefs
3048                                         SET value = ttrss_prefs.def_value
3049                                         WHERE owner_uid = '".$_SESSION["uid"]."' AND
3050                                         ttrss_prefs.pref_name = ttrss_user_prefs.pref_name");
3051                         } else {
3052                                 db_query($link, "DELETE FROM ttrss_user_prefs
3053                                         WHERE owner_uid = ".$_SESSION["uid"]);
3054                                 initialize_user_prefs($link, $_SESSION["uid"]);
3055                         }
3056
3057                         header("Location: prefs.php");
3058
3059                 } else if ($subop == "Change theme") {
3060
3061                         $theme = db_escape_string($_POST["theme"]);
3062
3063                         if ($theme == "Default") {
3064                                 $theme_qpart = 'NULL';
3065                         } else {
3066                                 $theme_qpart = "'$theme'";
3067                         }
3068
3069                         $result = db_query($link, "SELECT id,theme_path FROM ttrss_themes
3070                                 WHERE theme_name = '$theme'");
3071
3072                         if (db_num_rows($result) == 1) {
3073                                 $theme_id = db_fetch_result($result, 0, "id");
3074                                 $theme_path = db_fetch_result($result, 0, "theme_path");
3075                         } else {
3076                                 $theme_id = "NULL";
3077                                 $theme_path = "";
3078                         }
3079
3080                         db_query($link, "UPDATE ttrss_users SET
3081                                 theme_id = $theme_id WHERE id = " . $_SESSION["uid"]);
3082
3083                         $_SESSION["theme"] = $theme_path;
3084
3085                         header("Location: prefs.php");
3086
3087                 } else {
3088
3089                         print check_for_update($link);
3090
3091                         if (!SINGLE_USER_MODE) {
3092
3093                                 $result = db_query($link, "SELECT id,email FROM ttrss_users
3094                                         WHERE id = ".$_SESSION["uid"]." AND (pwd_hash = 'password' OR
3095                                                 pwd_hash = 'SHA1:".sha1("password")."')");
3096
3097                                 if (db_num_rows($result) != 0) {
3098                                         print "<div class=\"warning\">
3099                                                 Your password is at default value, please change it.
3100                                         </div>";
3101                                 }
3102
3103                                 if ($_SESSION["pwd_change_result"] == "failed") {
3104                                         print "<div class=\"warning\">
3105                                                         There was an error while changing your password.
3106                                                 </div>";
3107                                 }
3108
3109                                 if ($_SESSION["pwd_change_result"] == "ok") {
3110                                         print "<div class=\"notice\">
3111                                                         Password changed successfully.
3112                                                 </div>";
3113                                 }
3114
3115                                 $_SESSION["pwd_change_result"] = "";
3116
3117                                 if ($_SESSION["prefs_op_result"] == "reset-to-defaults") {
3118                                         print "<div class=\"notice\">
3119                                                         Your configuration was reset to defaults.
3120                                                 </div>";
3121                                 }
3122
3123                                 if ($_SESSION["prefs_op_result"] == "save-config") {
3124                                         print "<div class=\"notice\">
3125                                                         Your configuration was saved successfully.
3126                                                 </div>";
3127                                 }
3128
3129                                 $_SESSION["prefs_op_result"] = "";
3130
3131                                 print "<form action=\"backend.php\" method=\"GET\">";
3132
3133                                 print "<table width=\"100%\" class=\"prefPrefsList\">";
3134                                 print "<tr><td colspan='3'><h3>Personal data</h3></tr></td>";
3135
3136                                 $result = db_query($link, "SELECT email FROM ttrss_users
3137                                         WHERE id = ".$_SESSION["uid"]);
3138
3139                                 $email = db_fetch_result($result, 0, "email");
3140
3141                                 print "<tr><td width=\"40%\">E-mail</td>";
3142                                 print "<td><input class=\"editbox\" name=\"email\"
3143                                         value=\"$email\"></td></tr>";
3144
3145                                 print "</table>";
3146
3147                                 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
3148
3149                                 print "<p><input class=\"button\" type=\"submit\"
3150                                         value=\"Change e-mail\" name=\"subop\">";
3151
3152                                 print "</form>";
3153
3154                                 print "<form action=\"backend.php\" method=\"POST\" name=\"changePassForm\">";
3155
3156                                 print "<table width=\"100%\" class=\"prefPrefsList\">";
3157                                 print "<tr><td colspan='3'><h3>Authentication</h3></tr></td>";
3158
3159                                 print "<tr><td width=\"40%\">Old password</td>";
3160                                 print "<td><input class=\"editbox\" type=\"password\"
3161                                         name=\"OLD_PASSWORD\"></td></tr>";
3162
3163                                 print "<tr><td width=\"40%\">New password</td>";
3164
3165                                 print "<td><input class=\"editbox\" type=\"password\"
3166                                         name=\"NEW_PASSWORD\"></td></tr>";
3167
3168                                 print "</table>";
3169
3170                                 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
3171
3172                                 print "<p><input class=\"button\" type=\"submit\"
3173                                         onclick=\"return validateNewPassword(this.form)\"
3174                                         value=\"Change password\" name=\"subop\">";
3175
3176                                 print "</form>";
3177
3178                         }
3179
3180                         $result = db_query($link, "SELECT
3181                                 theme_id FROM ttrss_users WHERE id = " . $_SESSION["uid"]);
3182
3183                         $user_theme_id = db_fetch_result($result, 0, "theme_id");
3184
3185                         $result = db_query($link, "SELECT
3186                                 id,theme_name FROM ttrss_themes ORDER BY theme_name");
3187
3188                         if (db_num_rows($result) > 0) {
3189
3190                                 print "<form action=\"backend.php\" method=\"POST\">";
3191                                 print "<table width=\"100%\" class=\"prefPrefsList\">";
3192                                 print "<tr><td colspan='3'><h3>Themes</h3></tr></td>";
3193                                 print "<tr><td width=\"40%\">Select theme</td>";
3194                                 print "<td><select name=\"theme\">";
3195                                 print "<option>Default</option>";
3196                                 print "<option disabled>--------</option>";
3197
3198                                 while ($line = db_fetch_assoc($result)) {
3199                                         if ($line["id"] == $user_theme_id) {
3200                                                 $selected = "selected";
3201                                         } else {
3202                                                 $selected = "";
3203                                         }
3204                                         print "<option $selected>" . $line["theme_name"] . "</option>";
3205                                 }
3206                                 print "</select></td></tr>";
3207                                 print "</table>";
3208                                 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
3209                                 print "<p><input class=\"button\" type=\"submit\"
3210                                         value=\"Change theme\" name=\"subop\">";
3211                                 print "</form>";
3212                         }
3213
3214                         initialize_user_prefs($link, $_SESSION["uid"]);
3215
3216                         $result = db_query($link, "SELECT
3217                                 ttrss_user_prefs.pref_name,short_desc,help_text,value,type_name,
3218                                 section_name,def_value
3219                                 FROM ttrss_prefs,ttrss_prefs_types,ttrss_prefs_sections,ttrss_user_prefs
3220                                 WHERE type_id = ttrss_prefs_types.id AND
3221                                         section_id = ttrss_prefs_sections.id AND
3222                                         ttrss_user_prefs.pref_name = ttrss_prefs.pref_name AND
3223                                         owner_uid = ".$_SESSION["uid"]."
3224                                 ORDER BY section_id,short_desc");
3225
3226                         print "<form action=\"backend.php\" method=\"POST\">";
3227
3228                         $lnum = 0;
3229
3230                         $active_section = "";
3231
3232                         while ($line = db_fetch_assoc($result)) {
3233
3234                                 if ($active_section != $line["section_name"]) {
3235
3236                                         if ($active_section != "") {
3237                                                 print "</table>";
3238                                         }
3239
3240                                         print "<p><table width=\"100%\" class=\"prefPrefsList\">";
3241
3242                                         $active_section = $line["section_name"];
3243
3244                                         print "<tr><td colspan=\"3\"><h3>$active_section</h3></td></tr>";
3245 //                                      print "<tr class=\"title\">
3246 //                                              <td width=\"25%\">Option</td><td>Value</td></tr>";
3247
3248                                         $lnum = 0;
3249                                 }
3250
3251 //                              $class = ($lnum % 2) ? "even" : "odd";
3252
3253                                 print "<tr>";
3254
3255                                 $type_name = $line["type_name"];
3256                                 $pref_name = $line["pref_name"];
3257                                 $value = $line["value"];
3258                                 $def_value = $line["def_value"];
3259                                 $help_text = $line["help_text"];
3260
3261                                 print "<td width=\"40%\" id=\"$pref_name\">" . $line["short_desc"];
3262
3263                                 if ($help_text) print "<div class=\"prefHelp\">$help_text</div>";
3264
3265                                 print "</td>";
3266
3267                                 print "<td>";
3268
3269                                 if ($type_name == "bool") {
3270 //                                      print_select($pref_name, $value, array("true", "false"));
3271
3272                                         if ($value == "true") {
3273                                                 $value = "Yes";
3274                                         } else {
3275                                                 $value = "No";
3276                                         }
3277
3278                                         print_radio($pref_name, $value, array("Yes", "No"));
3279
3280                                 } else {
3281                                         print "<input class=\"editbox\" name=\"$pref_name\" value=\"$value\">";
3282                                 }
3283
3284                                 print "</td>";
3285
3286                                 print "</tr>";
3287
3288                                 $lnum++;
3289                         }
3290
3291                         print "</table>";
3292
3293                         print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
3294
3295                         print "<p><input class=\"button\" type=\"submit\"
3296                                 name=\"subop\" value=\"Save configuration\">";
3297
3298                         print "&nbsp;<input class=\"button\" type=\"submit\"
3299                                 name=\"subop\" onclick=\"return validatePrefsReset()\"
3300                                 value=\"Reset to defaults\"></p>";
3301
3302                         print "</form>";
3303
3304                 }
3305
3306         }
3307
3308         if ($op == "pref-users") {
3309
3310                 $subop = $_GET["subop"];
3311
3312                 if ($subop == "edit") {
3313
3314                         $id = db_escape_string($_GET["id"]);
3315
3316                         print "<div id=\"infoBoxTitle\">User editor</div>";
3317
3318                         print "<div class=\"infoBoxContents\">";
3319
3320                         print "<form id=\"user_edit_form\">";
3321
3322                         print "<input type=\"hidden\" name=\"id\" value=\"$id\">";
3323                         print "<input type=\"hidden\" name=\"op\" value=\"pref-users\">";
3324                         print "<input type=\"hidden\" name=\"subop\" value=\"editSave\">";
3325
3326                         $result = db_query($link, "SELECT * FROM ttrss_users WHERE id = '$id'");
3327
3328                         $login = db_fetch_result($result, 0, "login");
3329                         $access_level = db_fetch_result($result, 0, "access_level");
3330                         $email = db_fetch_result($result, 0, "email");
3331
3332                         print "<table width='100%'>";
3333                         print "<tr><td>Login:</td><td>
3334                                 <input class=\"iedit\" onkeypress=\"return filterCR(event)\"
3335                                 name=\"login\" value=\"$login\"></td></tr>";
3336
3337                         print "<tr><td>Change password:</td><td>
3338                                 <input class=\"iedit\" onkeypress=\"return filterCR(event)\"
3339                                 name=\"password\"></td></tr>";
3340
3341                         print "<tr><td>E-mail:</td><td>
3342                                 <input class=\"iedit\" name=\"email\" onkeypress=\"return filterCR(event)\"
3343                                 value=\"$email\"></td></tr>";
3344
3345                         $sel_disabled = ($id == $_SESSION["uid"]) ? "disabled" : "";
3346
3347                         print "<tr><td>Access level:</td><td>";
3348                         print_select_hash("access_level", $access_level, $access_level_names,
3349                                 $sel_disabled);
3350                         print "</td></tr>";
3351
3352                         print "</table>";
3353
3354                         print "</form>";
3355
3356                         print "<div align='right'>
3357                                 <input class=\"button\"
3358                                         type=\"submit\" onclick=\"return userEditSave()\"
3359                                         value=\"Save\">
3360                                 <input class=\"button\"
3361                                         type=\"submit\" onclick=\"return userEditCancel()\"
3362                                         value=\"Cancel\"></div>";
3363
3364                         print "</div>";
3365
3366                         return;
3367                 }
3368
3369                 if ($subop == "editSave") {
3370
3371                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3372
3373                                 $login = db_escape_string(trim($_GET["login"]));
3374                                 $uid = db_escape_string($_GET["id"]);
3375                                 $access_level = sprintf("%d", $_GET["access_level"]);
3376                                 $email = db_escape_string(trim($_GET["email"]));
3377                                 $password = db_escape_string(trim($_GET["password"]));
3378
3379                                 if ($password) {
3380                                         $pwd_hash = 'SHA1:' . sha1($password);
3381                                         $pass_query_part = "pwd_hash = '$pwd_hash', ";
3382                                         print "<div class='notice'>Changed password for user <b>$login</b>.</div>";
3383                                 } else {
3384                                         $pass_query_part = "";
3385                                 }
3386
3387                                 db_query($link, "UPDATE ttrss_users SET $pass_query_part login = '$login',
3388                                         access_level = '$access_level', email = '$email' WHERE id = '$uid'");
3389
3390                         }
3391                 } else if ($subop == "remove") {
3392
3393                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3394
3395                                 $ids = split(",", db_escape_string($_GET["ids"]));
3396
3397                                 foreach ($ids as $id) {
3398                                         db_query($link, "DELETE FROM ttrss_users WHERE id = '$id' AND id != " . $_SESSION["uid"]);
3399
3400                                 }
3401                         }
3402                 } else if ($subop == "add") {
3403
3404                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3405
3406                                 $login = db_escape_string(trim($_GET["login"]));
3407                                 $tmp_user_pwd = make_password(8);
3408                                 $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd);
3409
3410                                 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
3411                                         login = '$login'");
3412
3413                                 if (db_num_rows($result) == 0) {
3414
3415                                         db_query($link, "INSERT INTO ttrss_users
3416                                                 (login,pwd_hash,access_level,last_login)
3417                                                 VALUES ('$login', '$pwd_hash', 0, NOW())");
3418
3419
3420                                         $result = db_query($link, "SELECT id FROM ttrss_users WHERE
3421                                                 login = '$login' AND pwd_hash = '$pwd_hash'");
3422
3423                                         if (db_num_rows($result) == 1) {
3424
3425                                                 $new_uid = db_fetch_result($result, 0, "id");
3426
3427                                                 print "<div class=\"notice\">Added user <b>".$_GET["login"].
3428                                                         "</b> with password <b>$tmp_user_pwd</b>.</div>";
3429
3430                                                 initialize_user($link, $new_uid);
3431
3432                                         } else {
3433
3434                                                 print "<div class=\"warning\">Could not create user <b>".
3435                                                         $_GET["login"]."</b></div>";
3436
3437                                         }
3438                                 } else {
3439                                         print "<div class=\"warning\">User <b>".
3440                                                 $_GET["login"]."</b> already exists.</div>";
3441                                 }
3442                         }
3443                 } else if ($subop == "resetPass") {
3444
3445                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3446
3447                                 $uid = db_escape_string($_GET["id"]);
3448
3449                                 $result = db_query($link, "SELECT login,email
3450                                         FROM ttrss_users WHERE id = '$uid'");
3451
3452                                 $login = db_fetch_result($result, 0, "login");
3453                                 $email = db_fetch_result($result, 0, "email");
3454                                 $tmp_user_pwd = make_password(8);
3455                                 $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd);
3456
3457                                 db_query($link, "UPDATE ttrss_users SET pwd_hash = '$pwd_hash'
3458                                         WHERE id = '$uid'");
3459
3460                                 print "<div class=\"notice\">Changed password of
3461                                         user <b>$login</b> to <b>$tmp_user_pwd</b>.";
3462
3463                                 if (MAIL_RESET_PASS && $email) {
3464                                         print " Notifying <b>$email</b>.";
3465
3466                                         mail("$login <$email>", "Password reset notification",
3467                                                 "Hi, $login.\n".
3468                                                 "\n".
3469                                                 "Your password for this TT-RSS installation was reset by".
3470                                                         " an administrator.\n".
3471                                                 "\n".
3472                                                 "Your new password is $tmp_user_pwd, please remember".
3473                                                         " it for later reference.\n".
3474                                                 "\n".
3475                                                 "Sincerely, TT-RSS Mail Daemon.", "From: " . MAIL_FROM);
3476                                 }
3477
3478                                 print "</div>";
3479
3480                         }
3481                 }
3482
3483                 $sort = db_escape_string($_GET["sort"]);
3484
3485                 if (!$sort || $sort == "undefined") {
3486                         $sort = "login";
3487                 }
3488
3489                 print "<div class=\"prefGenericAddBox\">
3490                         <input id=\"uadd_box\"
3491                                 onkeyup=\"toggleSubmitNotEmpty(this, 'user_add_btn')\"
3492                                 size=\"40\">&nbsp;";
3493
3494                 print"<input type=\"submit\" class=\"button\"
3495                         id=\"user_add_btn\" disabled=\"true\"
3496                         onclick=\"javascript:addUser()\" value=\"Create user\"></div>";
3497
3498                 $result = db_query($link, "SELECT
3499                                 id,login,access_level,email,
3500                                 SUBSTRING(last_login,1,16) as last_login
3501                         FROM
3502                                 ttrss_users
3503                         ORDER BY $sort");
3504
3505 //              print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
3506
3507                 print "<p><table width=\"100%\" cellspacing=\"0\"
3508                         class=\"prefUserList\" id=\"prefUserList\">";
3509
3510                 print "<tr><td class=\"selectPrompt\" colspan=\"8\">
3511                                 Select:
3512                                         <a href=\"javascript:selectPrefRows('user', true)\">All</a>,
3513                                         <a href=\"javascript:selectPrefRows('user', false)\">None</a>
3514                                 </td</tr>";
3515
3516                 print "<tr class=\"title\">
3517                                         <td align='center' width=\"5%\">&nbsp;</td>
3518                                         <td width='40%'><a href=\"javascript:updateUsersList('login')\">Login</a></td>
3519                                         <td width='40%'><a href=\"javascript:updateUsersList('access_level')\">Access Level</a></td>
3520                                         <td width='30%'><a href=\"javascript:updateUsersList('last_login')\">Last login</a></td></tr>";
3521
3522                 $lnum = 0;
3523
3524                 while ($line = db_fetch_assoc($result)) {
3525
3526                         $class = ($lnum % 2) ? "even" : "odd";
3527
3528                         $uid = $line["id"];
3529                         $edit_uid = $_GET["id"];
3530
3531                         if ($subop == "edit" && $uid != $edit_uid) {
3532                                 $class .= "Grayed";
3533                                 $this_row_id = "";
3534                         } else {
3535                                 $this_row_id = "id=\"UMRR-$uid\"";
3536                         }
3537
3538                         print "<tr class=\"$class\" $this_row_id>";
3539
3540                         $line["login"] = htmlspecialchars($line["login"]);
3541
3542                         $line["last_login"] = date(get_pref($link, 'SHORT_DATE_FORMAT'),
3543                                 strtotime($line["last_login"]));
3544
3545                         $access_level_names = array(0 => "User", 10 => "Administrator");
3546
3547 //                      if (!$edit_uid || $subop != "edit") {
3548
3549                                 print "<td align='center'><input onclick='toggleSelectPrefRow(this, \"user\");'
3550                                 type=\"checkbox\" id=\"UMCHK-$uid\"></td>";
3551
3552                                 print "<td><a href=\"javascript:editUser($uid);\">" .
3553                                         $line["login"] . "</td>";
3554
3555                                 if (!$line["email"]) $line["email"] = "&nbsp;";
3556
3557                                 print "<td><a href=\"javascript:editUser($uid);\">" .
3558                                         $access_level_names[$line["access_level"]] . "</td>";
3559
3560 /*                      } else if ($uid != $edit_uid) {
3561
3562                                 if (!$line["email"]) $line["email"] = "&nbsp;";
3563
3564                                 print "<td align='center'><input disabled=\"true\" type=\"checkbox\"
3565                                         id=\"UMCHK-".$line["id"]."\"></td>";
3566
3567                                 print "<td>".$line["login"]."</td>";
3568                                 print "<td>".$line["email"]."</td>";
3569                                 print "<td>".$access_level_names[$line["access_level"]]."</td>";
3570
3571                         } else {
3572
3573                                 print "<td align='center'>
3574                                         <input disabled=\"true\" type=\"checkbox\" checked></td>";
3575
3576                                 print "<td><input id=\"iedit_ulogin\" value=\"".$line["login"].
3577                                         "\"></td>";
3578
3579                                 print "<td><input id=\"iedit_email\" value=\"".$line["email"].
3580                                         "\"></td>";
3581
3582                                 print "<td>";
3583                                 print "<select id=\"iedit_ulevel\">";
3584                                 foreach (array_keys($access_level_names) as $al) {
3585                                         if ($al == $line["access_level"]) {
3586                                                 $selected = "selected";
3587                                         } else {
3588                                                 $selected = "";
3589                                         }
3590                                         print "<option $selected id=\"$al\">" .
3591                                                 $access_level_names[$al] . "</option>";
3592                                 }
3593                                 print "</select>";
3594                                 print "</td>";
3595
3596                         } */
3597
3598                         print "<td>".$line["last_login"]."</td>";
3599
3600                         print "</tr>";
3601
3602                         ++$lnum;
3603                 }
3604
3605                 print "</table>";
3606
3607                 print "<p id='userOpToolbar'>";
3608
3609 /*              if ($subop == "edit") {
3610                         print "Edit user:
3611                                 <input type=\"submit\" class=\"button\"
3612                                         onclick=\"javascript:userEditSave()\" value=\"Save\">
3613                                 <input type=\"submit\" class=\"button\"
3614                                         onclick=\"javascript:userEditCancel()\" value=\"Cancel\">";
3615
3616                 } else { */
3617
3618                         print "
3619                                 Selection:
3620                         <input type=\"submit\" class=\"button\" disabled=\"true\"
3621                                 onclick=\"javascript:selectedUserDetails()\" value=\"User details\">
3622                         <input type=\"submit\" class=\"button\" disabled=\"true\"
3623                                 onclick=\"javascript:editSelectedUser()\" value=\"Edit\">
3624                         <input type=\"submit\" class=\"button\" disabled=\"true\"
3625                                 onclick=\"javascript:removeSelectedUsers()\" value=\"Remove\">
3626                         <input type=\"submit\" class=\"button\" disabled=\"true\"
3627                                 onclick=\"javascript:resetSelectedUserPass()\" value=\"Reset password\">";
3628
3629 //              }
3630         }
3631
3632         if ($op == "user-details") {
3633
3634                 if (WEB_DEMO_MODE || $_SESSION["access_level"] < 10) {
3635                         return;
3636                 }
3637
3638 /*              print "<html><head>
3639                         <title>Tiny Tiny RSS : User Details</title>
3640                         <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">
3641                         <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
3642                         </head><body>"; */
3643
3644                 $uid = sprintf("%d", $_GET["id"]);
3645
3646                 print "<div id=\"infoBoxTitle\">User details</div>";
3647
3648                 print "<div class='infoBoxContents'>";
3649
3650                 $result = db_query($link, "SELECT login,
3651                         SUBSTRING(last_login,1,16) AS last_login,
3652                         access_level,
3653                         (SELECT COUNT(int_id) FROM ttrss_user_entries
3654                                 WHERE owner_uid = id) AS stored_articles
3655                         FROM ttrss_users
3656                         WHERE id = '$uid'");
3657
3658                 if (db_num_rows($result) == 0) {
3659                         print "<h1>User not found</h1>";
3660                         return;
3661                 }
3662
3663 #               print "<h1>User Details</h1>";
3664
3665                 $login = db_fetch_result($result, 0, "login");
3666
3667 #               print "<h1>$login</h1>";
3668
3669                 print "<table width='100%'>";
3670
3671                 $last_login = date(get_pref($link, 'LONG_DATE_FORMAT'),
3672                         strtotime(db_fetch_result($result, 0, "last_login")));
3673                 $access_level = db_fetch_result($result, 0, "access_level");
3674                 $stored_articles = db_fetch_result($result, 0, "stored_articles");
3675
3676 #               print "<tr><td>Username</td><td>$login</td></tr>";
3677 #               print "<tr><td>Access level</td><td>$access_level</td></tr>";
3678                 print "<tr><td>Last logged in</td><td>$last_login</td></tr>";
3679                 print "<tr><td>Stored articles</td><td>$stored_articles</td></tr>";
3680
3681                 $result = db_query($link, "SELECT COUNT(id) as num_feeds FROM ttrss_feeds
3682                         WHERE owner_uid = '$uid'");
3683
3684                 $num_feeds = db_fetch_result($result, 0, "num_feeds");
3685
3686                 print "<tr><td>Subscribed feeds count</td><td>$num_feeds</td></tr>";
3687
3688 /*              $result = db_query($link, "SELECT
3689                         SUM(LENGTH(content)+LENGTH(title)+LENGTH(link)+LENGTH(guid)) AS db_size
3690                         FROM ttrss_user_entries,ttrss_entries
3691                                 WHERE owner_uid = '$uid' AND ref_id = id");
3692
3693                 $db_size = round(db_fetch_result($result, 0, "db_size") / 1024);
3694
3695                 print "<tr><td>Approx. used DB size</td><td>$db_size KBytes</td></tr>";  */
3696
3697                 print "</table>";
3698
3699                 print "<h1>Subscribed feeds</h1>";
3700
3701                 $result = db_query($link, "SELECT id,title,site_url FROM ttrss_feeds
3702                         WHERE owner_uid = '$uid' ORDER BY title");
3703
3704                 print "<ul class=\"userFeedList\">";
3705
3706                 $row_class = "odd";
3707
3708                 while ($line = db_fetch_assoc($result)) {
3709
3710                         $icon_file = ICONS_URL."/".$line["id"].".ico";
3711
3712                         if (file_exists($icon_file) && filesize($icon_file) > 0) {
3713                                 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"$icon_file\">";
3714                         } else {
3715                                 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
3716                         }
3717
3718                         print "<li class=\"$row_class\">$feed_icon&nbsp;<a href=\"".$line["site_url"]."\">".$line["title"]."</a></li>";
3719
3720                         $row_class = toggleEvenOdd($row_class);
3721
3722                 }
3723
3724                 if (db_num_rows($result) < $num_feeds) {
3725                          // FIXME - add link to show ALL subscribed feeds here somewhere
3726                         print "<li><img
3727                                 class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">&nbsp;...</li>";
3728                 }
3729
3730                 print "</ul>";
3731
3732                 print "</div>";
3733
3734                 print "<div align='center'>
3735                         <input type='submit' class='button'
3736                         onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
3737
3738 //              print "</body></html>";
3739
3740         }
3741
3742         if ($op == "pref-feed-browser") {
3743
3744                 if (!ENABLE_FEED_BROWSER) {
3745                         print "Feed browser is administratively disabled.";
3746                         return;
3747                 }
3748
3749                 $subop = $_REQUEST["subop"];
3750
3751                 if ($subop == "details") {
3752                         $id = db_escape_string($_GET["id"]);
3753
3754                         print "<div class=\"browserFeedInfo\">";
3755                         print "<b>Feed information:</b>";
3756                         print "<div class=\"detailsPart\">";
3757
3758                         $result = db_query($link, "SELECT
3759                                         feed_url,site_url,
3760                                         SUBSTRING(last_updated,1,19) AS last_updated
3761                                 FROM ttrss_feeds WHERE id = '$id'");
3762
3763                         $feed_url = db_fetch_result($result, 0, "feed_url");
3764                         $site_url = db_fetch_result($result, 0, "site_url");
3765                         $last_updated = db_fetch_result($result, 0, "last_updated");
3766
3767                         if (get_pref($link, 'HEADLINES_SMART_DATE')) {
3768                                 $last_updated = smart_date_time(strtotime($last_updated));
3769                         } else {
3770                                 $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
3771                                 $last_updated = date($short_date, strtotime($last_updated));
3772                         }
3773
3774                         print "Site: <a target=\"_new\" href='$site_url'>$site_url</a> ".
3775                                 "(<a target=\"_new\" href='$feed_url'>feed</a>), ".
3776                                 "Last updated: $last_updated";
3777
3778                         print "</div>";
3779
3780                         $result = db_query($link, "SELECT
3781                                         ttrss_entries.title,
3782                                         content,link,
3783                                         substring(date_entered,1,19) as date_entered,
3784                                         substring(updated,1,19) as updated
3785                                 FROM ttrss_entries,ttrss_user_entries
3786                                 WHERE   ttrss_entries.id = ref_id AND feed_id = '$id'
3787                                 ORDER BY updated DESC LIMIT 5");
3788
3789                         if (db_num_rows($result) > 0) {
3790
3791                                 print "<b>Last headlines:</b><br>";
3792
3793                                 print "<div class=\"detailsPart\">";
3794                                 print "<ul class=\"compact\">";
3795                                 while ($line = db_fetch_assoc($result)) {
3796
3797                                         if (get_pref($link, 'HEADLINES_SMART_DATE')) {
3798                                                 $entry_dt = smart_date_time(strtotime($line["updated"]));
3799                                         } else {
3800                                                 $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
3801                                                 $entry_dt = date($short_date, strtotime($line["updated"]));
3802                                         }
3803
3804                                         print "<li><a target=\"_new\" href=\"" . $line["link"] . "\">" . $line["title"] . "</a>" .
3805                                                 "&nbsp;<span class=\"insensitive\">($entry_dt)</span></li>";
3806                                 }
3807                                 print "</ul></div>";
3808                         }
3809
3810                         print "</div>";
3811
3812                         return;
3813                 }
3814
3815                 print "<p>This panel shows feeds subscribed by other users of this system, just in case you are interested in some of them too.</p>";
3816
3817                 $limit = db_escape_string($_GET["limit"]);
3818
3819                 if (!$limit) $limit = 25;
3820
3821                 $owner_uid = $_SESSION["uid"];
3822
3823                 $result = db_query($link, "SELECT feed_url,COUNT(id) AS subscribers
3824                         FROM ttrss_feeds WHERE (SELECT COUNT(id) = 0 FROM ttrss_feeds AS tf
3825                                 WHERE tf.feed_url = ttrss_feeds.feed_url
3826                                         AND owner_uid = '$owner_uid') GROUP BY feed_url
3827                                                 ORDER BY subscribers DESC LIMIT $limit");
3828
3829
3830                 print "<div style=\"float : right\">
3831                         Top <select id=\"feedBrowserLimit\">";
3832
3833                 foreach (array(25, 50, 100) as $l) {
3834                         $issel = ($l == $limit) ? "selected" : "";
3835                         print "<option $issel>$l</option>";
3836                 }
3837
3838                 print "</select>
3839                         <input type=\"submit\" class=\"button\"
3840                                 onclick=\"updateBigFeedBrowser()\" value=\"Show\">
3841                 </div>";
3842
3843                 print "<p id=\"fbrOpToolbar\">Selection:
3844                         <input type='submit' class='button' onclick=\"feedBrowserSubscribe()\"
3845                         disabled=\"true\" value=\"Subscribe\">";
3846
3847                 print "<ul class='nomarks' id='browseBigFeedList'>";
3848
3849                 $feedctr = 0;
3850
3851                 while ($line = db_fetch_assoc($result)) {
3852                         $feed_url = $line["feed_url"];
3853                         $subscribers = $line["subscribers"];
3854
3855                         $det_result = db_query($link, "SELECT site_url,title,id
3856                                 FROM ttrss_feeds WHERE feed_url = '$feed_url' LIMIT 1");
3857
3858                         $details = db_fetch_assoc($det_result);
3859
3860                         $icon_file = ICONS_DIR . "/" . $details["id"] . ".ico";
3861
3862                         if (file_exists($icon_file) && filesize($icon_file) > 0) {
3863                                         $feed_icon = "<img class=\"tinyFeedIcon\"       src=\"" . ICONS_URL .
3864                                                 "/".$details["id"].".ico\">";
3865                         } else {
3866                                 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
3867                         }
3868
3869                         $check_box = "<input onclick='toggleSelectFBListRow(this)' class='feedBrowseCB'
3870                                 type=\"checkbox\" id=\"FBCHK-" . $details["id"] . "\">";
3871
3872                         $class = ($feedctr % 2) ? "even" : "odd";
3873
3874                         print "<li class='$class' id=\"FBROW-".$details["id"]."\">$check_box".
3875                                 "$feed_icon ";
3876
3877                         print "<a href=\"javascript:browserToggleExpand('".$details["id"]."')\">" .
3878                                 $details["title"] ."</a>&nbsp;" .
3879                                 "<span class='subscribers'>($subscribers)</span>";
3880
3881                         print "<div class=\"browserDetails\" id=\"BRDET-" . $details["id"] . "\">";
3882                         print "</div>";
3883
3884                         print "</li>";
3885
3886                                 ++$feedctr;
3887                 }
3888
3889                 if ($feedctr == 0) {
3890                         print "<li>No feeds found to subscribe.</li>";
3891                 }
3892
3893                 print "</ul>";
3894
3895                 print "</div>";
3896
3897         }
3898
3899         if ($op == "rss") {
3900                 $feed = db_escape_string($_GET["id"]);
3901                 $user = db_escape_string($_GET["user"]);
3902                 $pass = db_escape_string($_GET["pass"]);
3903                 $is_cat = $_GET["is_cat"] != false;
3904
3905                 $search = db_escape_string($_GET["q"]);
3906                 $match_on = db_escape_string($_GET["m"]);
3907                 $search_mode = db_escape_string($_GET["smode"]);
3908
3909                 if (!$_SESSION["uid"] && $user && $pass) {
3910                         authenticate_user($link, $user, $pass);
3911                 }
3912
3913                 if ($_SESSION["uid"] ||
3914                         http_authenticate_user($link)) {
3915
3916                                 generate_syndicated_feed($link, $feed, $is_cat,
3917                                         $search, $search_mode, $match_on);
3918                 }
3919         }
3920
3921         function check_configuration_variables() {
3922                 if (!defined('SESSION_EXPIRE_TIME')) {
3923                         return "config: SESSION_EXPIRE_TIME is undefined";
3924                 }
3925
3926                 if (SESSION_EXPIRE_TIME < 60) {
3927                         return "config: SESSION_EXPIRE_TIME is too low (less than 60)";
3928                 }
3929
3930                 if (SESSION_EXPIRE_TIME < SESSION_COOKIE_LIFETIME_REMEMBER) {
3931                         return "config: SESSION_EXPIRE_TIME should be greater or equal to" .
3932                                 "SESSION_COOKIE_LIFETIME_REMEMBER";
3933                 }
3934
3935                 if (defined('DISABLE_SESSIONS')) {
3936                         return "config: you have enabled DISABLE_SESSIONS. Please disable this option.";
3937                 }
3938
3939                 if (DATABASE_BACKED_SESSIONS && SINGLE_USER_MODE) {
3940                         return "config: DATABASE_BACKED_SESSIONS is incompatible with SINGLE_USER_MODE";
3941                 }
3942
3943                 return false;
3944         }
3945
3946         if ($op == "labelFromSearch") {
3947                 $search = db_escape_string($_GET["search"]);
3948                 $search_mode = db_escape_string($_GET["smode"]);
3949                 $match_on = db_escape_string($_GET["match"]);
3950                 $is_cat = db_escape_string($_GET["is_cat"]);
3951                 $title = db_escape_string($_GET["title"]);
3952                 $feed = sprintf("%d", $_GET["feed"]);
3953
3954                 $label_qparts = array();
3955
3956                 $search_expr = getSearchSql($search, $match_on);
3957
3958                 if ($is_cat) {
3959                         if ($feed != 0) {
3960                                 $search_expr .= " AND ttrss_feeds.cat_id = $feed ";
3961                         } else {
3962                                 $search_expr .= " AND ttrss_feeds.cat_id IS NULL ";
3963                         }
3964                 } else {
3965                         if ($search_mode == "all_feeds") {
3966                                 // NOOP
3967                         } else if ($search_mode == "this_cat") {
3968
3969                                 $tmp_result = db_query($link, "SELECT cat_id
3970                                         FROM ttrss_feeds WHERE id = '$feed'");
3971
3972                                 $cat_id = db_fetch_result($tmp_result, 0, "cat_id");
3973
3974                                 if ($cat_id > 0) {
3975                                         $search_expr .= " AND ttrss_feeds.cat_id = $cat_id ";
3976                                 } else {
3977                                         $search_expr .= " AND ttrss_feeds.cat_id IS NULL ";
3978                                 }
3979                         } else {
3980                                 $search_expr .= " AND ttrss_feeds.id = $feed ";
3981                         }
3982
3983                 }
3984
3985                 $search_expr = db_escape_string($search_expr);
3986
3987                 print $search_expr;
3988
3989                 if ($title) {
3990                         $result = db_query($link,
3991                                 "INSERT INTO ttrss_labels (sql_exp,description,owner_uid)
3992                                 VALUES ('$search_expr', '$title', '".$_SESSION["uid"]."')");
3993                 }
3994         }
3995
3996         if ($op == "getUnread") {
3997                 $login = db_escape_string($_GET["login"]);
3998
3999                 header("Content-Type: text/plain; charset=utf-8");
4000
4001                 $result = db_query($link, "SELECT id FROM ttrss_users WHERE login = '$login'");
4002
4003                 if (db_num_rows($result) == 1) {
4004                         $uid = db_fetch_result($result, 0, "id");
4005                         print getGlobalUnread($link, $uid);
4006                 } else {
4007                         print "-1;User not found";
4008                 }
4009
4010                 $print_exec_time = false;
4011         }
4012
4013         if ($op == "digestTest") {
4014                 header("Content-Type: text/plain");
4015                 print_r(prepare_headlines_digest($link, $_SESSION["uid"]));
4016                 $print_exec_time = false;
4017
4018         }
4019
4020         if ($op == "digestSend") {
4021                 header("Content-Type: text/plain");
4022                 send_headlines_digests($link);
4023                 $print_exec_time = false;
4024
4025         }
4026
4027         db_close($link);
4028 ?>
4029
4030 <?php if ($print_exec_time) { ?>
4031 <!-- <?php echo sprintf("Backend execution time: %.4f seconds", getmicrotime() - $script_started) ?> -->
4032 <?php } ?>