]> git.wh0rd.org - tt-rss.git/blob - backend.php
git.wh0rd.org / tt-rss.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
prevent feed chain-linking
[tt-rss.git] / backend.php
1 <?php
2 require_once "sessions.php";
3 require_once "backend-rpc.php";
4
5 header("Cache-Control: no-cache, must-revalidate");
6 header("Pragma: no-cache");
7 header("Expires: -1");
8
9 /* if ($_GET["debug"]) {
10 define('DEFAULT_ERROR_LEVEL', E_ALL);
11 } else {
12 define('DEFAULT_ERROR_LEVEL', E_ERROR | E_WARNING | E_PARSE);
13 }
14
15 error_reporting(DEFAULT_ERROR_LEVEL); */
16
17 $op = $_REQUEST["op"];
18
19 define('SCHEMA_VERSION', 10);
20
21 require_once "sanity_check.php";
22 require_once "config.php";
23
24 require_once "db.php";
25 require_once "db-prefs.php";
26 require_once "functions.php";
27
28 $err_msg = check_configuration_variables();
29
30 $print_exec_time = true;
31
32 if ($err_msg) {
33 header("Content-Type: application/xml");
34 print_error_xml(9, $err_msg); die;
35 }
36
37 if ((!$op || $op == "rpc" || $op == "rss" || $op == "digestSend" ||
38 $op == "globalUpdateFeeds") && !$_REQUEST["noxml"]) {
39 header("Content-Type: application/xml");
40 }
41
42 if (!$op) {
43 header("Content-Type: application/xml");
44 print_error_xml(7); exit;
45 }
46
47 if (!$_SESSION["uid"] && $op != "globalUpdateFeeds" && $op != "rss" && $op != "getUnread") {
48
49 if ($op == "rpc") {
50 print_error_xml(6); die;
51 } else {
52 print "
53 <html><body>
54 <p>Error: Not logged in.</p>
55 <script type=\"text/javascript\">
56 if (parent.window != 'undefined') {
57 parent.window.location = \"login.php\";
58 } else {
59 window.location = \"login.php\";
60 }
61 </script>
62 </body></html>
63 ";
64 }
65 exit;
66 }
67
68 $purge_intervals = array(
69 0 => "Use default",
70 -1 => "Never purge",
71 5 => "1 week old",
72 14 => "2 weeks old",
73 31 => "1 month old",
74 60 => "2 months old",
75 90 => "3 months old");
76
77 $update_intervals = array(
78 0 => "Use default",
79 -1 => "Disable updates",
80 30 => "Each 30 minutes",
81 60 => "Hourly",
82 240 => "Each 4 hours",
83 720 => "Each 12 hours",
84 1440 => "Daily",
85 10080 => "Weekly");
86
87 $access_level_names = array(
88 0 => "User",
89 10 => "Administrator");
90
91 $script_started = getmicrotime();
92
93 $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
94
95 if (!$link) {
96 if (DB_TYPE == "mysql") {
97 print mysql_error();
98 }
99 // PG seems to display its own errors just fine by default.
100 return;
101 }
102
103 if (DB_TYPE == "pgsql") {
104 pg_query("set client_encoding = 'utf-8'");
105 }
106
107 if ($_SESSION["uid"]) {
108
109 // setcookie('ttrss_vf_refresh', FEEDS_FRAME_REFRESH);
110 // setcookie('ttrss_vf_daemon', ENABLE_UPDATE_DAEMON);
111
112 /* if (get_pref($link, "ON_CATCHUP_SHOW_NEXT_FEED")) {
113 setcookie('ttrss_vf_catchupnext', 1);
114 } else {
115 setcookie('ttrss_vf_catchupnext', 0);
116 } */
117 }
118
119 $fetch = $_GET["fetch"];
120
121 // setcookie("ttrss_icons_url", ICONS_URL);
122
123 if (!sanity_check($link)) { return; }
124
125 function outputFeedList($link, $tags = false) {
126
127 print "<html><head>
128 <title>Tiny Tiny RSS : Feedlist</title>
129 <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">";
130
131 $user_theme = $_SESSION["theme"];
132 if ($user_theme) {
133 print "<link rel=\"stylesheet\" type=\"text/css\"
134 href=\"themes/$user_theme/theme.css\">";
135 }
136
137 if (get_pref($link, 'USE_COMPACT_STYLESHEET')) {
138 print "<link rel=\"stylesheet\" type=\"text/css\"
139 href=\"tt-rss_compact.css\"/>";
140 } else {
141 print "<link title=\"Compact Stylesheet\" rel=\"alternate stylesheet\"
142 type=\"text/css\" href=\"tt-rss_compact.css\"/>";
143 }
144
145 $script_dt_add = get_script_dt_add();
146
147 print "
148 <script type=\"text/javascript\" src=\"prototype.js\"></script>
149 <script type=\"text/javascript\" src=\"functions.js?$script_dt_add\"></script>
150 <script type=\"text/javascript\" src=\"feedlist.js?$script_dt_add\"></script>
151 <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
152 <!--[if gte IE 5.5000]>
153 <script type=\"text/javascript\" src=\"pngfix.js\"></script>
154 <link rel=\"stylesheet\" type=\"text/css\" href=\"tt-rss-ie.css\">
155 <![endif]-->
156 </head><body>
157 <script type=\"text/javascript\">
158 if (document.addEventListener) {
159 document.addEventListener(\"DOMContentLoaded\", init, null);
160 }
161 window.onload = init;
162 </script>";
163
164 print "<ul class=\"feedList\" id=\"feedList\">\n";
165
166 $owner_uid = $_SESSION["uid"];
167
168 if (!$tags) {
169
170 /* virtual feeds */
171
172 if (get_pref($link, 'ENABLE_FEED_CATS')) {
173 print "<li class=\"feedCat\">Special</li>";
174 print "<li id=\"feedCatHolder\"><ul class=\"feedCatList\">";
175 }
176
177 $num_starred = getFeedUnread($link, -1);
178
179 $class = "virt";
180
181 if ($num_starred > 0) $class .= "Unread";
182
183 printFeedEntry(-1, $class, "Starred articles", $num_starred,
184 "images/mark_set.png", $link);
185
186 if (get_pref($link, 'ENABLE_FEED_CATS')) {
187 print "</ul>\n";
188 }
189
190 if (GLOBAL_ENABLE_LABELS && get_pref($link, 'ENABLE_LABELS')) {
191
192 $result = db_query($link, "SELECT id,sql_exp,description FROM
193 ttrss_labels WHERE owner_uid = '$owner_uid' ORDER by description");
194
195 if (db_num_rows($result) > 0) {
196 if (get_pref($link, 'ENABLE_FEED_CATS')) {
197 print "<li class=\"feedCat\">Labels</li>";
198 print "<li id=\"feedCatHolder\"><ul class=\"feedCatList\">";
199 } else {
200 print "<li><hr></li>";
201 }
202 }
203
204 while ($line = db_fetch_assoc($result)) {
205
206 error_reporting (0);
207
208 $label_id = -$line['id'] - 11;
209 $count = getFeedUnread($link, $label_id);
210
211 $class = "label";
212
213 if ($count > 0) {
214 $class .= "Unread";
215 }
216
217 error_reporting (DEFAULT_ERROR_LEVEL);
218
219 printFeedEntry($label_id,
220 $class, db_unescape_string($line["description"]),
221 $count, "images/label.png", $link);
222
223 }
224
225 if (db_num_rows($result) > 0) {
226 if (get_pref($link, 'ENABLE_FEED_CATS')) {
227 print "</ul>";
228 }
229 }
230
231 }
232
233 // if (!get_pref($link, 'ENABLE_FEED_CATS')) {
234 print "<li><hr></li>";
235 // }
236
237 if (get_pref($link, 'ENABLE_FEED_CATS')) {
238 if (get_pref($link, "FEEDS_SORT_BY_UNREAD")) {
239 $order_by_qpart = "category,unread DESC,title";
240 } else {
241 $order_by_qpart = "category,title";
242 }
243 } else {
244 if (get_pref($link, "FEEDS_SORT_BY_UNREAD")) {
245 $order_by_qpart = "unread DESC,title";
246 } else {
247 $order_by_qpart = "title";
248 }
249 }
250
251 $result = db_query($link, "SELECT ttrss_feeds.*,
252 SUBSTRING(last_updated,1,19) AS last_updated_noms,
253 (SELECT COUNT(id) FROM ttrss_entries,ttrss_user_entries
254 WHERE feed_id = ttrss_feeds.id AND
255 ttrss_user_entries.ref_id = ttrss_entries.id AND
256 owner_uid = '$owner_uid') AS total,
257 (SELECT COUNT(id) FROM ttrss_entries,ttrss_user_entries
258 WHERE feed_id = ttrss_feeds.id AND unread = true
259 AND ttrss_user_entries.ref_id = ttrss_entries.id
260 AND owner_uid = '$owner_uid') as unread,
261 cat_id,last_error,
262 ttrss_feed_categories.title AS category,
263 ttrss_feed_categories.collapsed
264 FROM ttrss_feeds LEFT JOIN ttrss_feed_categories
265 ON (ttrss_feed_categories.id = cat_id)
266 WHERE
267 ttrss_feeds.hidden = false AND
268 ttrss_feeds.owner_uid = '$owner_uid' AND parent_feed IS NULL
269 ORDER BY $order_by_qpart");
270
271 $actid = $_GET["actid"];
272
273 /* real feeds */
274
275 $lnum = 0;
276
277 $total_unread = 0;
278
279 $category = "";
280
281 $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
282
283 while ($line = db_fetch_assoc($result)) {
284
285 $feed = db_unescape_string($line["title"]);
286 $feed_id = $line["id"];
287
288 $subop = $_GET["subop"];
289
290 $total = $line["total"];
291 $unread = $line["unread"];
292
293 if (get_pref($link, 'HEADLINES_SMART_DATE')) {
294 $last_updated = smart_date_time(strtotime($line["last_updated_noms"]));
295 } else {
296 $last_updated = date($short_date, strtotime($line["last_updated_noms"]));
297 }
298
299 $rtl_content = sql_bool_to_bool($line["rtl_content"]);
300
301 if ($rtl_content) {
302 $rtl_tag = "dir=\"RTL\"";
303 } else {
304 $rtl_tag = "";
305 }
306
307 $tmp_result = db_query($link,
308 "SELECT id,COUNT(unread) AS unread
309 FROM ttrss_feeds LEFT JOIN ttrss_user_entries
310 ON (ttrss_feeds.id = ttrss_user_entries.feed_id)
311 WHERE parent_feed = '$feed_id' AND unread = true
312 GROUP BY ttrss_feeds.id");
313
314 if (db_num_rows($tmp_result) > 0) {
315 while ($l = db_fetch_assoc($tmp_result)) {
316 $unread += $l["unread"];
317 }
318 }
319
320 $cat_id = $line["cat_id"];
321
322 $tmp_category = $line["category"];
323
324 if (!$tmp_category) {
325 $tmp_category = "Uncategorized";
326 }
327
328 // $class = ($lnum % 2) ? "even" : "odd";
329
330 if ($line["last_error"]) {
331 $class = "error";
332 } else {
333 $class = "feed";
334 }
335
336 if ($unread > 0) $class .= "Unread";
337
338 if ($actid == $feed_id) {
339 $class .= "Selected";
340 }
341
342 $total_unread += $unread;
343
344 if ($category != $tmp_category && get_pref($link, 'ENABLE_FEED_CATS')) {
345
346 if ($category) {
347 print "</ul></li>";
348 }
349
350 $category = $tmp_category;
351
352 $collapsed = $line["collapsed"];
353
354 // workaround for NULL category
355 if ($category == "Uncategorized") {
356 if ($_COOKIE["ttrss_vf_uclps"] == 1) {
357 $collapsed = "t";
358 }
359 }
360
361 if ($collapsed == "t" || $collapsed == "1") {
362 $holder_class = "invisible";
363 $ellipsis = "...";
364 } else {
365 $holder_class = "";
366 $ellipsis = "";
367 }
368
369 $cat_id = sprintf("%d", $cat_id);
370
371 $cat_unread = getCategoryUnread($link, $cat_id);
372
373 print "<li class=\"feedCat\" id=\"FCAT-$cat_id\">
374 <a id=\"FCATN-$cat_id\" href=\"javascript:toggleCollapseCat($cat_id)\">$tmp_category</a>
375 <a href=\"javascript:viewCategory($cat_id)\" id=\"FCAP-$cat_id\">
376 <span id=\"FCATCTR-$cat_id\"
377 class=\"$catctr_class\">($cat_unread unread)$ellipsis</span>
378 </a></li>";
379
380 // !!! NO SPACE before <ul...feedCatList - breaks firstChild DOM function
381 // -> keyboard navigation, etc.
382 print "<li id=\"feedCatHolder\" class=\"$holder_class\"><ul class=\"feedCatList\" id=\"FCATLIST-$cat_id\">";
383 }
384
385 printFeedEntry($feed_id, $class, $feed, $unread,
386 "icons/$feed_id.ico", $link, $rtl_content,
387 $last_updated, $line["last_error"]);
388
389 ++$lnum;
390 }
391
392 } else {
393
394 // tags
395
396 /* $result = db_query($link, "SELECT tag_name,count(ttrss_entries.id) AS count
397 FROM ttrss_tags,ttrss_entries,ttrss_user_entries WHERE
398 post_int_id = ttrss_user_entries.int_id AND
399 unread = true AND ref_id = ttrss_entries.id
400 AND ttrss_tags.owner_uid = '$owner_uid' GROUP BY tag_name
401 UNION
402 select tag_name,0 as count FROM ttrss_tags WHERE owner_uid = '$owner_uid'
403 ORDER BY tag_name"); */
404
405 $result = db_query($link, "SELECT tag_name,SUM((SELECT COUNT(int_id)
406 FROM ttrss_user_entries WHERE int_id = post_int_id
407 AND unread = true)) AS count FROM ttrss_tags
408 WHERE owner_uid = 2 GROUP BY tag_name ORDER BY tag_name");
409
410 $tags = array();
411
412 while ($line = db_fetch_assoc($result)) {
413 $tags[$line["tag_name"]] += $line["count"];
414 }
415
416 foreach (array_keys($tags) as $tag) {
417
418 $unread = $tags[$tag];
419
420 $class = "tag";
421
422 if ($unread > 0) {
423 $class .= "Unread";
424 }
425
426 printFeedEntry($tag, $class, $tag, $unread, "images/tag.png", $link);
427
428 }
429
430 }
431
432 if (db_num_rows($result) == 0) {
433 if ($tags) {
434 $what = "tags";
435 } else {
436 $what = "feeds";
437 }
438 print "<li>No $what to display.</li>";
439 }
440
441 print "</ul>";
442
443 print '
444 <script type="text/javascript">
445 /* for IE */
446 function statechange() {
447 if (document.readyState == "interactive") init();
448 }
449
450 if (document.readyState) {
451 if (document.readyState == "interactive" || document.readyState == "complete") {
452 init();
453 } else {
454 document.onreadystatechange = statechange;
455 }
456 }
457 </script></body></html>';
458 }
459
460
461 if ($op == "rpc") {
462 handle_rpc_request($link);
463 }
464
465 if ($op == "feeds") {
466
467 $tags = $_GET["tags"];
468
469 $subop = $_GET["subop"];
470
471 if ($subop == "catchupAll") {
472 db_query($link, "UPDATE ttrss_user_entries SET
473 last_read = NOW(),unread = false WHERE owner_uid = " . $_SESSION["uid"]);
474 }
475
476 if ($subop == "collapse") {
477 $cat_id = db_escape_string($_GET["cid"]);
478
479 db_query($link, "UPDATE ttrss_feed_categories SET
480 collapsed = NOT collapsed WHERE id = '$cat_id' AND owner_uid = " .
481 $_SESSION["uid"]);
482 return;
483 }
484
485 outputFeedList($link, $tags);
486
487 }
488
489 if ($op == "view") {
490
491 $id = db_escape_string($_GET["id"]);
492 $feed_id = db_escape_string($_GET["feed"]);
493
494 $result = db_query($link, "SELECT rtl_content FROM ttrss_feeds
495 WHERE id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]);
496
497 if (db_num_rows($result) == 1) {
498 $rtl_content = sql_bool_to_bool(db_fetch_result($result, 0, "rtl_content"));
499 } else {
500 $rtl_content = false;
501 }
502
503 if ($rtl_content) {
504 $rtl_tag = "dir=\"RTL\"";
505 $rtl_class = "RTL";
506 } else {
507 $rtl_tag = "";
508 $rtl_class = "";
509 }
510
511 $result = db_query($link, "UPDATE ttrss_user_entries
512 SET unread = false,last_read = NOW()
513 WHERE ref_id = '$id' AND feed_id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]);
514
515 $result = db_query($link, "SELECT title,link,content,feed_id,comments,int_id,
516 SUBSTRING(updated,1,16) as updated,
517 (SELECT icon_url FROM ttrss_feeds WHERE id = feed_id) as icon_url,
518 num_comments,
519 author
520 FROM ttrss_entries,ttrss_user_entries
521 WHERE id = '$id' AND ref_id = id AND owner_uid = " . $_SESSION["uid"]);
522
523 print "<html><head>
524 <title>Tiny Tiny RSS : Article $id</title>
525 <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">";
526
527 $user_theme = $_SESSION["theme"];
528 if ($user_theme) {
529 print "<link rel=\"stylesheet\" type=\"text/css\"
530 href=\"themes/$user_theme/theme.css\">";
531 }
532
533 if (get_pref($link, 'USE_COMPACT_STYLESHEET')) {
534 print "<link rel=\"stylesheet\" type=\"text/css\"
535 href=\"tt-rss_compact.css\"/>";
536 } else {
537 print "<link title=\"Compact Stylesheet\" rel=\"alternate stylesheet\"
538 type=\"text/css\" href=\"tt-rss_compact.css\"/>";
539 }
540
541 $script_dt_add = get_script_dt_add();
542
543 print "
544 <script type=\"text/javascript\" src=\"prototype.js\"></script>
545 <script type=\"text/javascript\" src=\"functions.js?$script_dt_add\"></script>
546 <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
547 </head><body $rtl_tag>";
548
549 if ($result) {
550
551 $link_target = "";
552
553 if (get_pref($link, 'OPEN_LINKS_IN_NEW_WINDOW')) {
554 $link_target = "target=\"_new\"";
555 }
556
557 $line = db_fetch_assoc($result);
558
559 if ($line["icon_url"]) {
560 $feed_icon = "<img class=\"feedIcon\" src=\"" . $line["icon_url"] . "\">";
561 } else {
562 $feed_icon = "&nbsp;";
563 }
564
565 /* if ($line["comments"] && $line["link"] != $line["comments"]) {
566 $entry_comments = "(<a href=\"".$line["comments"]."\">Comments</a>)";
567 } else {
568 $entry_comments = "";
569 } */
570
571 $num_comments = $line["num_comments"];
572 $entry_comments = "";
573
574 if ($num_comments > 0) {
575 if ($line["comments"]) {
576 $comments_url = $line["comments"];
577 } else {
578 $comments_url = $line["link"];
579 }
580 $entry_comments = "<a $link_target href=\"$comments_url\">$num_comments comments</a>";
581 } else {
582 if ($line["comments"] && $line["link"] != $line["comments"]) {
583 $entry_comments = "<a $link_target href=\"".$line["comments"]."\">comments</a>";
584 }
585 }
586
587 print "<div class=\"postReply\">";
588
589 print "<div class=\"postHeader\"><table width=\"100%\">";
590
591 $entry_author = $line["author"];
592
593 if ($entry_author) {
594 $entry_author = " - by $entry_author";
595 }
596
597 print "<tr><td><a $link_target href=\"" . $line["link"] . "\">" . $line["title"] .
598 "</a>$entry_author</td>";
599
600 $parsed_updated = date(get_pref($link, 'LONG_DATE_FORMAT'),
601 strtotime($line["updated"]));
602
603 print "<td class=\"postDate$rtl_class\">$parsed_updated</td>";
604
605 print "</tr>";
606
607 $tmp_result = db_query($link, "SELECT DISTINCT tag_name FROM
608 ttrss_tags WHERE post_int_id = " . $line["int_id"] . "
609 ORDER BY tag_name");
610
611 $tags_str = "";
612 $f_tags_str = "";
613
614 $num_tags = 0;
615
616 while ($tmp_line = db_fetch_assoc($tmp_result)) {
617 $num_tags++;
618 $tag = $tmp_line["tag_name"];
619 $tag_str = "<a href=\"javascript:parent.viewfeed('$tag')\">$tag</a>, ";
620
621 if ($num_tags == 5) {
622 $tags_str .= "<a href=\"javascript:showBlockElement('allEntryTags')\">...</a>";
623 } else if ($num_tags < 5) {
624 $tags_str .= $tag_str;
625 }
626 $f_tags_str .= $tag_str;
627 }
628
629 $tags_str = preg_replace("/, $/", "", $tags_str);
630 $f_tags_str = preg_replace("/, $/", "", $f_tags_str);
631
632 // $truncated_link = truncate_string($line["link"], 60);
633
634 if ($tags_str || $entry_comments) {
635 print "<tr><td width='50%'>
636 $entry_comments</td>
637 <td align=\"right\">$tags_str</td></tr>";
638 }
639
640 print "</table></div>";
641
642 print "<div class=\"postIcon\">" . $feed_icon . "</div>";
643 print "<div class=\"postContent\">";
644
645 if (db_num_rows($tmp_result) > 5) {
646 print "<div id=\"allEntryTags\">Tags: $f_tags_str</div>";
647 }
648
649 if (get_pref($link, 'OPEN_LINKS_IN_NEW_WINDOW')) {
650 $line["content"] = preg_replace("/href=/i", "target=\"_new\" href=", $line["content"]);
651 }
652
653 print $line["content"] . "</div>";
654
655 print "</div>";
656
657 print "<script type=\"text/javascript\">
658 try {
659 parent.update_all_counters('$feed_id');
660 } catch (e) {
661 exception_error('view/footer', e);
662 }
663 </script>";
664 }
665
666 print "</body></html>";
667 }
668
669 if ($op == "viewfeed") {
670
671 $feed = db_escape_string($_GET["feed"]);
672 $subop = db_escape_string($_GET["subop"]);
673 $view_mode = db_escape_string($_GET["view_mode"]);
674 $limit = db_escape_string($_GET["limit"]);
675 $cat_view = db_escape_string($_GET["cat"]);
676 $next_unread_feed = db_escape_string($_GET["nuf"]);
677
678 if ($subop == "undefined") $subop = "";
679
680 print "<html><head>
681 <title>Tiny Tiny RSS : Feed $feed</title>
682 <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">";
683
684 $user_theme = $_SESSION["theme"];
685 if ($user_theme) {
686 print "<link rel=\"stylesheet\" type=\"text/css\"
687 href=\"themes/$user_theme/theme.css\">";
688 }
689
690 if (get_pref($link, 'USE_COMPACT_STYLESHEET')) {
691 print "<link rel=\"stylesheet\"
692 type=\"text/css\" href=\"tt-rss_compact.css\"/>";
693
694 } else {
695 print "<link title=\"Compact Stylesheet\" rel=\"alternate stylesheet\"
696 type=\"text/css\" href=\"tt-rss_compact.css\"/>";
697 }
698
699 if ($subop == "ForceUpdate" && sprintf("%d", $feed) > 0) {
700 update_generic_feed($link, $feed, $cat_view);
701 }
702
703 if ($subop == "MarkAllRead") {
704 catchup_feed($link, $feed, $cat_view);
705
706 if (get_pref($link, 'ON_CATCHUP_SHOW_NEXT_FEED')) {
707 if ($next_unread_feed) {
708 $feed = $next_unread_feed;
709 }
710 }
711 }
712
713 if ($feed_id > 0) {
714 $result = db_query($link,
715 "SELECT id FROM ttrss_feeds WHERE id = '$feed' LIMIT 1");
716
717 if (db_num_rows($result) == 0) {
718 print "<div align='center'>
719 Feed not found.</div>";
720 return;
721 }
722 }
723
724 if (preg_match("/^-?[0-9][0-9]*$/", $feed) != false) {
725
726 $result = db_query($link, "SELECT rtl_content FROM ttrss_feeds
727 WHERE id = '$feed' AND owner_uid = " . $_SESSION["uid"]);
728
729 if (db_num_rows($result) == 1) {
730 $rtl_content = sql_bool_to_bool(db_fetch_result($result, 0, "rtl_content"));
731 } else {
732 $rtl_content = false;
733 }
734
735 if ($rtl_content) {
736 $rtl_tag = "dir=\"RTL\"";
737 } else {
738 $rtl_tag = "";
739 }
740 } else {
741 $rtl_tag = "";
742 $rtl_content = false;
743 }
744
745 $script_dt_add = get_script_dt_add();
746
747 print "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
748 <script type=\"text/javascript\" src=\"prototype.js\"></script>
749 <script type=\"text/javascript\" src=\"functions.js?$script_dt_add\"></script>
750 <script type=\"text/javascript\" src=\"viewfeed.js?$script_dt_add\"></script>
751 <!--[if gte IE 5.5000]>
752 <script type=\"text/javascript\" src=\"pngfix.js\"></script>
753 <link rel=\"stylesheet\" type=\"text/css\" href=\"tt-rss-ie.css\">
754 <![endif]-->
755 </head><body $rtl_tag>
756 <script type=\"text/javascript\">
757 if (document.addEventListener) {
758 document.addEventListener(\"DOMContentLoaded\", init, null);
759 }
760 window.onload = init;
761 </script>";
762
763 /// START /////////////////////////////////////////////////////////////////////////////////
764
765 $search = db_escape_string($_GET["query"]);
766 $search_mode = db_escape_string($_GET["search_mode"]);
767 $match_on = db_escape_string($_GET["match_on"]);
768
769 if (!$match_on) {
770 $match_on = "both";
771 }
772
773 $qfh_ret = queryFeedHeadlines($link, $feed, $limit, $view_mode, $cat_view, $search, $search_mode, $match_on);
774
775 $result = $qfh_ret[0];
776 $feed_title = $qfh_ret[1];
777 $feed_site_url = $qfh_ret[2];
778 $last_error = $qfh_ret[3];
779
780 /// STOP //////////////////////////////////////////////////////////////////////////////////
781
782 print "<div id=\"headlinesContainer\">";
783
784 if (!$result) {
785 print "<div align='center'>
786 Could not display feed (query failed). Please check label match syntax or local configuration.</div>";
787 return;
788 }
789
790 function print_headline_subtoolbar($link, $feed_site_url, $feed_title,
791 $bottom = false, $rtl_content = false, $feed_id = 0,
792 $is_cat = false, $search = false, $match_on = false,
793 $search_mode = false) {
794
795 if (!$bottom) {
796 $class = "headlinesSubToolbar";
797 $tid = "headlineActionsTop";
798 } else {
799 $class = "invisible";
800 $tid = "headlineActionsBottom";
801 }
802
803 print "<table class=\"$class\" id=\"$tid\"
804 width=\"100%\" cellspacing=\"0\" cellpadding=\"0\"><tr>";
805
806 if ($rtl_content) {
807 $rtl_cpart = "RTL";
808 } else {
809 $rtl_cpart = "";
810 }
811
812 if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
813
814 print "<td class=\"headlineActions$rtl_cpart\">
815 Select:
816 <a href=\"javascript:selectTableRowsByIdPrefix('headlinesList', 'RROW-', 'RCHK-', true, '', true)\">All</a>,
817 <a href=\"javascript:selectTableRowsByIdPrefix('headlinesList', 'RROW-', 'RCHK-', true, 'Unread', true)\">Unread</a>,
818 <a href=\"javascript:selectTableRowsByIdPrefix('headlinesList', 'RROW-', 'RCHK-', false)\">None</a>
819 &nbsp;&nbsp;
820 Toggle: <a href=\"javascript:selectionToggleUnread()\">Unread</a>,
821 <a href=\"javascript:selectionToggleMarked()\">Starred</a>";
822
823 print "</td>";
824
825 if ($search && $feed_id > 0 && get_pref($link, 'ENABLE_LABELS') && GLOBAL_ENABLE_LABELS) {
826 print "<td class=\"headlineActions$rtl_cpart\">
827 <a href=\"javascript:labelFromSearch('$search', '$search_mode',
828 '$match_on', '$feed_id', '$is_cat');\">
829 Convert this search to label</a></td>";
830 }
831
832 } else {
833
834 print "<td class=\"headlineActions$rtl_cpart\">
835 Select:
836 <a href=\"javascript:cdmSelectArticles('all')\">All</a>,
837 <a href=\"javascript:cdmSelectArticles('unread')\">Unread</a>,
838 <a href=\"javascript:cdmSelectArticles('none')\">None</a>
839 &nbsp;&nbsp;
840 Toggle: <a href=\"javascript:selectionToggleUnread(true)\">Unread</a>,
841 <a href=\"javascript:selectionToggleMarked(true)\">Starred</a>";
842
843 print "</td>";
844
845 }
846
847 print "<td class=\"headlineTitle$rtl_cpart\">";
848
849 if ($feed_site_url) {
850 if (!$bottom) {
851 $target = "target=\"_blank\"";
852 }
853 print "<a $target href=\"$feed_site_url\">$feed_title</a>";
854 } else {
855 print $feed_title;
856 }
857
858 if ($search) {
859 $search_q = "&q=$search&m=$match_on&smode=$search_mode";
860 }
861
862 if (!$bottom) {
863 print "&nbsp;
864 <a target=\"_new\"
865 href=\"backend.php?op=rss&id=$feed_id&is_cat=$is_cat$search_q\">
866 <img class=\"noborder\"
867 alt=\"Generated feed\" src=\"images/feed-icon-12x12.png\">
868 </a>";
869 }
870
871 print "</td>";
872 print "</tr></table>";
873
874 }
875
876 if (db_num_rows($result) > 0) {
877
878 print_headline_subtoolbar($link, $feed_site_url, $feed_title, false,
879 $rtl_content, $feed, $cat_view, $search, $match_on, $search_mode);
880
881 if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
882 print "<table class=\"headlinesList\" id=\"headlinesList\"
883 cellspacing=\"0\" width=\"100%\">";
884 }
885
886 $lnum = 0;
887
888 error_reporting (DEFAULT_ERROR_LEVEL);
889
890 $num_unread = 0;
891
892 while ($line = db_fetch_assoc($result)) {
893
894 $class = ($lnum % 2) ? "even" : "odd";
895
896 $id = $line["id"];
897 $feed_id = $line["feed_id"];
898
899 if ($line["last_read"] == "" &&
900 ($line["unread"] != "t" && $line["unread"] != "1")) {
901
902 $update_pic = "<img id='FUPDPIC-$id' src=\"images/updated.png\"
903 alt=\"Updated\">";
904 } else {
905 $update_pic = "<img id='FUPDPIC-$id' src=\"images/blank_icon.gif\"
906 alt=\"Updated\">";
907 }
908
909 if ($line["unread"] == "t" || $line["unread"] == "1") {
910 $class .= "Unread";
911 ++$num_unread;
912 $is_unread = true;
913 } else {
914 $is_unread = false;
915 }
916
917 if ($line["marked"] == "t" || $line["marked"] == "1") {
918 $marked_pic = "<img id=\"FMARKPIC-$id\" src=\"images/mark_set.png\"
919 alt=\"Reset mark\" onclick='javascript:toggleMark($id)'>";
920 } else {
921 $marked_pic = "<img id=\"FMARKPIC-$id\" src=\"images/mark_unset.png\"
922 alt=\"Set mark\" onclick='javascript:toggleMark($id)'>";
923 }
924
925 $content_link = "<a href=\"javascript:view($id,$feed_id);\">" .
926 $line["title"] . "</a>";
927
928 if (get_pref($link, 'HEADLINES_SMART_DATE')) {
929 $updated_fmt = smart_date_time(strtotime($line["updated"]));
930 } else {
931 $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
932 $updated_fmt = date($short_date, strtotime($line["updated"]));
933 }
934
935 if (get_pref($link, 'SHOW_CONTENT_PREVIEW')) {
936 $content_preview = truncate_string(strip_tags($line["content_preview"]),
937 100);
938 }
939
940 if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
941
942 print "<tr class='$class' id='RROW-$id'>";
943
944 print "<td class='hlUpdatePic'>$update_pic</td>";
945
946 print "<td class='hlSelectRow'>
947 <input type=\"checkbox\" onclick=\"toggleSelectRow(this)\"
948 class=\"feedCheckBox\" id=\"RCHK-$id\">
949 </td>";
950
951 print "<td class='hlMarkedPic'>$marked_pic</td>";
952
953 if ($line["feed_title"]) {
954 print "<td class='hlContent'>$content_link</td>";
955 print "<td class='hlFeed'>
956 <a href='javascript:viewfeed($feed_id)'>".
957 $line["feed_title"]."</a>&nbsp;</td>";
958 } else {
959 print "<td class='hlContent' valign='middle'>";
960
961 print "<a href=\"javascript:view($id,$feed_id);\">" .
962 $line["title"];
963
964 if (get_pref($link, 'SHOW_CONTENT_PREVIEW') && !$rtl_tag) {
965 if ($content_preview) {
966 print "<span class=\"contentPreview\"> - $content_preview</span>";
967 }
968 }
969
970 print "</a>";
971 print "</td>";
972 }
973
974 print "<td class=\"hlUpdated\"><nobr>$updated_fmt&nbsp;</nobr></td>";
975
976 print "</tr>";
977
978 } else {
979
980 if ($is_unread) {
981 $add_class = "Unread";
982 } else {
983 $add_class = "";
984 }
985
986 print "<div class=\"cdmArticle$add_class\" id=\"RROW-$id\">";
987
988 print "<div class=\"cdmHeader\">";
989
990 print "<div style=\"float : right\">$updated_fmt,
991 <a class=\"cdmToggleLink\"
992 href=\"javascript:toggleUnread($id)\">Toggle unread</a>
993 </div>";
994
995 print "<a class=\"title\"
996 onclick=\"javascript:toggleUnread($id, 0)\"
997 target=\"new\" href=\"".$line["link"]."\">".$line["title"]."</a>";
998
999 if ($line["feed_title"]) {
1000 print "&nbsp;(<a href='javascript:viewfeed($feed_id)'>".$line["feed_title"]."</a>)";
1001 }
1002
1003 print "</div>";
1004
1005 print "<div class=\"cdmContent\">" . $line["content_preview"] . "</div><br clear=\"all\">";
1006
1007 print "<div style=\"float : right\">$marked_pic</div>
1008 <div lass=\"cdmFooter\">
1009 <input type=\"checkbox\" onclick=\"toggleSelectRowById(this,
1010 'RROW-$id')\" class=\"feedCheckBox\" id=\"RCHK-$id\"></div>";
1011
1012 # print "<div align=\"center\"><a class=\"cdmToggleLink\"
1013 # href=\"javascript:toggleUnread($id)\">
1014 # Toggle unread</a></div>";
1015
1016 print "</div>";
1017
1018 }
1019
1020 ++$lnum;
1021 }
1022
1023 if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
1024 print "</table>";
1025 }
1026
1027 print_headline_subtoolbar($link,
1028 "javascript:catchupPage()", "Mark page as read", true, $rtl_content);
1029
1030
1031 } else {
1032 print "<div width='100%' align='center'>No articles found.</div>";
1033 }
1034
1035 print "</div>";
1036
1037 print "
1038 <script type=\"text/javascript\">
1039 try {
1040 document.onkeydown = hotkey_handler;
1041 try {
1042 parent.update_all_counters(\"$feed\");
1043 } catch (e) {
1044 // this is workaround against mysterious permission
1045 // denied feature/bug of firefox (ticket #73)
1046 // if call from this context failed - ignore silently
1047 exception_error(\"viewfeed/footer1/counters\", e, true);
1048 }
1049 } catch (e) {
1050 exception_error(\"viewfeed/footer1\", e);
1051 }
1052
1053 /* for IE */
1054 function statechange() {
1055 if (document.readyState == \"interactive\") init();
1056 }
1057
1058 if (document.readyState) {
1059 if (document.readyState == \"interactive\" || document.readyState == \"complete\") {
1060 init();
1061 } else {
1062 document.onreadystatechange = statechange;
1063 }
1064 }
1065 </script>";
1066
1067 print "</body></html>";
1068 }
1069
1070 if ($op == "pref-feeds") {
1071
1072 $subop = $_REQUEST["subop"];
1073 $quiet = $_REQUEST["quiet"];
1074
1075 if ($subop == "massSubscribe") {
1076 $ids = split(",", db_escape_string($_GET["ids"]));
1077
1078 $subscribed = array();
1079
1080 foreach ($ids as $id) {
1081 $result = db_query($link, "SELECT feed_url,title FROM ttrss_feeds
1082 WHERE id = '$id'");
1083
1084 $feed_url = db_escape_string(db_fetch_result($result, 0, "feed_url"));
1085 $title = db_escape_string(db_fetch_result($result, 0, "title"));
1086
1087 $title_orig = db_fetch_result($result, 0, "title");
1088
1089 $result = db_query($link, "SELECT id FROM ttrss_feeds WHERE
1090 feed_url = '$feed_url' AND owner_uid = " . $_SESSION["uid"]);
1091
1092 if (db_num_rows($result) == 0) {
1093 $result = db_query($link,
1094 "INSERT INTO ttrss_feeds (owner_uid,feed_url,title,cat_id)
1095 VALUES ('".$_SESSION["uid"]."', '$feed_url', '$title', NULL)");
1096
1097 array_push($subscribed, $title_orig);
1098 }
1099 }
1100
1101 if (count($subscribed) > 0) {
1102 print "<div class=\"notice\">";
1103 print "<b>Subscribed to feeds:</b>";
1104 print "<ul class=\"nomarks\">";
1105 foreach ($subscribed as $title) {
1106 print "<li>$title</li>";
1107 }
1108 print "</ul>";
1109 print "</div>";
1110 }
1111 }
1112
1113 if ($subop == "browse") {
1114
1115 if (!ENABLE_FEED_BROWSER) {
1116 print "Feed browser is administratively disabled.";
1117 return;
1118 }
1119
1120 print "<div id=\"infoBoxTitle\">Other feeds: Top 25</div>";
1121
1122 print "<div class=\"infoBoxContents\">";
1123
1124 print "<p>Showing top 25 registered feeds, sorted by popularity:</p>";
1125
1126 # $result = db_query($link, "SELECT feed_url,count(id) AS subscribers
1127 # FROM ttrss_feeds
1128 # WHERE auth_login = '' AND auth_pass = '' AND private = false
1129 # GROUP BY feed_url ORDER BY subscribers DESC LIMIT 25");
1130
1131 $owner_uid = $_SESSION["uid"];
1132
1133 $result = db_query($link, "SELECT feed_url,COUNT(id) AS subscribers
1134 FROM ttrss_feeds WHERE (SELECT COUNT(id) = 0 FROM ttrss_feeds AS tf
1135 WHERE tf.feed_url = ttrss_feeds.feed_url
1136 AND owner_uid = '$owner_uid') GROUP BY feed_url
1137 ORDER BY subscribers DESC LIMIT 25");
1138
1139 print "<ul class='browseFeedList' id='browseFeedList'>";
1140
1141 $feedctr = 0;
1142
1143 while ($line = db_fetch_assoc($result)) {
1144 $feed_url = $line["feed_url"];
1145 $subscribers = $line["subscribers"];
1146
1147 $det_result = db_query($link, "SELECT site_url,title,id
1148 FROM ttrss_feeds WHERE feed_url = '$feed_url' LIMIT 1");
1149
1150 $details = db_fetch_assoc($det_result);
1151
1152 $icon_file = ICONS_DIR . "/" . $details["id"] . ".ico";
1153
1154 if (file_exists($icon_file) && filesize($icon_file) > 0) {
1155 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"" . ICONS_URL .
1156 "/".$details["id"].".ico\">";
1157 } else {
1158 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
1159 }
1160
1161 $check_box = "<input onclick='toggleSelectListRow(this)' class='feedBrowseCB'
1162 type=\"checkbox\" id=\"FBCHK-" . $details["id"] . "\">";
1163
1164 $class = ($feedctr % 2) ? "even" : "odd";
1165
1166 print "<li class='$class' id=\"FBROW-".$details["id"]."\">$check_box".
1167 "$feed_icon " . db_unescape_string($details["title"]) .
1168 "&nbsp;<span class='subscribers'>($subscribers)</span></li>";
1169
1170 ++$feedctr;
1171 }
1172
1173 if ($feedctr == 0) {
1174 print "<li>No feeds found to subscribe.</li>";
1175 }
1176
1177 print "</ul>";
1178
1179 print "<div align='center'>
1180 <input type=\"submit\" class=\"button\"
1181 onclick=\"feedBrowserSubscribe()\" value=\"Subscribe\">
1182 <input type='submit' class='button'
1183 onclick=\"closeInfoBox()\" value=\"Cancel\"></div>";
1184
1185 print "</div>";
1186 return;
1187 }
1188
1189 if ($subop == "editfeed") {
1190 $feed_id = db_escape_string($_REQUEST["id"]);
1191
1192 $result = db_query($link,
1193 "SELECT * FROM ttrss_feeds WHERE id = '$feed_id' AND
1194 owner_uid = " . $_SESSION["uid"]);
1195
1196 $title = htmlspecialchars(db_unescape_string(db_fetch_result($result,
1197 0, "title")));
1198
1199 $icon_file = ICONS_DIR . "/$feed_id.ico";
1200
1201 if (file_exists($icon_file) && filesize($icon_file) > 0) {
1202 $feed_icon = "<img width=\"16\" height=\"16\"
1203 src=\"" . ICONS_URL . "/$feed_id.ico\">";
1204 } else {
1205 $feed_icon = "";
1206 }
1207
1208 print "<div id=\"infoBoxTitle\">Feed editor</div>";
1209
1210 print "<div class=\"infoBoxContents\">";
1211
1212 print "<form id=\"edit_feed_form\">";
1213
1214 print "<input type=\"hidden\" name=\"id\" value=\"$feed_id\">";
1215 print "<input type=\"hidden\" name=\"op\" value=\"pref-feeds\">";
1216 print "<input type=\"hidden\" name=\"subop\" value=\"editSave\">";
1217
1218 print "<table width='100%'>";
1219
1220 print "<tr><td>Title:</td>";
1221 print "<td><input class=\"iedit\" onkeypress=\"return filterCR(event)\"
1222 name=\"title\" value=\"$title\"></td></tr>";
1223
1224 $feed_url = db_fetch_result($result, 0, "feed_url");
1225 $feed_url = htmlspecialchars(db_unescape_string(db_fetch_result($result,
1226 0, "feed_url")));
1227
1228 print "<tr><td>Feed URL:</td>";
1229 print "<td><input class=\"iedit\" onkeypress=\"return filterCR(event)\"
1230 name=\"feed_url\" value=\"$feed_url\"></td></tr>";
1231
1232 if (get_pref($link, 'ENABLE_FEED_CATS')) {
1233
1234 $cat_id = db_fetch_result($result, 0, "cat_id");
1235
1236 print "<tr><td>Category:</td>";
1237 print "<td>";
1238
1239 $parent_feed = db_fetch_result($result, 0, "parent_feed");
1240
1241 if (sprintf("%d", $parent_feed) > 0) {
1242 $disabled = "disabled";
1243 } else {
1244 $disabled = "";
1245 }
1246
1247 print_feed_cat_select($link, "cat_id", $cat_id, "class=\"iedit\" $disabled");
1248
1249 print "</td>";
1250 print "</td></tr>";
1251
1252 }
1253
1254 $update_interval = db_fetch_result($result, 0, "update_interval");
1255
1256 print "<tr><td>Update Interval:</td>";
1257
1258 print "<td>";
1259
1260 print_select_hash("update_interval", $update_interval, $update_intervals,
1261 "class=\"iedit\"");
1262
1263 print "</td>";
1264
1265 print "<tr><td>Link to:</td><td>";
1266
1267 $tmp_result = db_query($link, "SELECT COUNT(id) AS count
1268 FROM ttrss_feeds WHERE parent_feed = '$feed_id'");
1269
1270 $linked_count = db_fetch_result($tmp_result, 0, "count");
1271
1272 $parent_feed = db_fetch_result($result, 0, "parent_feed");
1273
1274 if ($linked_count > 0) {
1275 $disabled = "disabled";
1276 } else {
1277 $disabled = "";
1278 }
1279
1280 print "<select class=\"iedit\" $disabled name=\"parent_feed\">";
1281
1282 print "<option value=\"0\">Not linked</option>";
1283
1284 if (get_pref($link, 'ENABLE_FEED_CATS')) {
1285 if ($cat_id) {
1286 $cat_qpart = "AND cat_id = '$cat_id'";
1287 } else {
1288 $cat_qpart = "AND cat_id IS NULL";
1289 }
1290 }
1291
1292 $tmp_result = db_query($link, "SELECT id,title FROM ttrss_feeds
1293 WHERE id != '$feed_id' AND owner_uid = ".$_SESSION["uid"]." AND
1294 (SELECT COUNT(id) FROM ttrss_feeds AS T2 WHERE T2.id = ttrss_feeds.parent_feed) = 0
1295 $cat_qpart ORDER BY title");
1296
1297 if (db_num_rows($tmp_result) > 0) {
1298 print "<option disabled>--------</option>";
1299 }
1300
1301 while ($tmp_line = db_fetch_assoc($tmp_result)) {
1302 if ($tmp_line["id"] == $parent_feed) {
1303 $is_selected = "selected";
1304 } else {
1305 $is_selected = "";
1306 }
1307 printf("<option $is_selected value='%d'>%s</option>",
1308 $tmp_line["id"], $tmp_line["title"]);
1309 }
1310
1311 print "</select>";
1312 print "</td></tr>";
1313
1314 $purge_interval = db_fetch_result($result, 0, "purge_interval");
1315
1316 print "<tr><td>Article purging:</td>";
1317
1318 print "<td>";
1319
1320 print_select_hash("purge_interval", $purge_interval, $purge_intervals,
1321 "class=\"iedit\"");
1322
1323 print "</td>";
1324
1325 $auth_login = db_fetch_result($result, 0, "auth_login");
1326
1327 print "<tr><td>Login:</td>";
1328 print "<td><input class=\"iedit\" onkeypress=\"return filterCR(event)\"
1329 name=\"auth_login\" value=\"$auth_login\"></td></tr>";
1330
1331 $auth_pass = db_fetch_result($result, 0, "auth_pass");
1332
1333 print "<tr><td>Password:</td>";
1334 print "<td><input class=\"iedit\" type=\"password\" name=\"auth_pass\"
1335 onkeypress=\"return filterCR(event)\"
1336 value=\"$auth_pass\"></td></tr>";
1337
1338 $private = sql_bool_to_bool(db_fetch_result($result, 0, "private"));
1339
1340 if ($private) {
1341 $checked = "checked";
1342 } else {
1343 $checked = "";
1344 }
1345
1346 print "<tr><td valign='top'>Options:</td>";
1347 print "<td><input type=\"checkbox\" name=\"private\" id=\"private\"
1348 $checked><label for=\"private\">Hide from \"Other Feeds\"</label>";
1349
1350 $rtl_content = sql_bool_to_bool(db_fetch_result($result, 0, "rtl_content"));
1351
1352 if ($rtl_content) {
1353 $checked = "checked";
1354 } else {
1355 $checked = "";
1356 }
1357
1358 print "<br><input type=\"checkbox\" id=\"rtl_content\" name=\"rtl_content\"
1359 $checked><label for=\"rtl_content\">Right-to-left content</label>";
1360
1361 $hidden = sql_bool_to_bool(db_fetch_result($result, 0, "hidden"));
1362
1363 if ($hidden) {
1364 $checked = "checked";
1365 } else {
1366 $checked = "";
1367 }
1368
1369 print "<br><input type=\"checkbox\" id=\"hidden\" name=\"hidden\"
1370 $checked><label for=\"hidden\">Hide from my feed list</label>";
1371
1372 $include_in_digest = sql_bool_to_bool(db_fetch_result($result, 0, "include_in_digest"));
1373
1374 if ($include_in_digest) {
1375 $checked = "checked";
1376 } else {
1377 $checked = "";
1378 }
1379
1380 print "<br><input type=\"checkbox\" id=\"include_in_digest\"
1381 name=\"include_in_digest\"
1382 $checked><label for=\"include_in_digest\">Include in e-mail digest</label>";
1383
1384 print "</td></tr>";
1385
1386 print "</table>";
1387
1388 print "</form>";
1389
1390 print "<div align='right'>
1391 <input type=\"submit\" class=\"button\"
1392 onclick=\"return feedEditSave()\" value=\"Save\">
1393 <input type='submit' class='button'
1394 onclick=\"return feedEditCancel()\" value=\"Cancel\"></div>";
1395
1396 print "</div>";
1397
1398 return;
1399 }
1400
1401 if ($subop == "editSave") {
1402
1403 $feed_title = db_escape_string(trim($_POST["title"]));
1404 $feed_link = db_escape_string(trim($_POST["feed_url"]));
1405 $upd_intl = db_escape_string($_POST["update_interval"]);
1406 $purge_intl = db_escape_string($_POST["purge_interval"]);
1407 $feed_id = db_escape_string($_POST["id"]);
1408 $cat_id = db_escape_string($_POST["cat_id"]);
1409 $auth_login = db_escape_string(trim($_POST["auth_login"]));
1410 $auth_pass = db_escape_string(trim($_POST["auth_pass"]));
1411 $parent_feed = db_escape_string($_POST["parent_feed"]);
1412 $private = checkbox_to_sql_bool(db_escape_string($_POST["private"]));
1413 $rtl_content = checkbox_to_sql_bool(db_escape_string($_POST["rtl_content"]));
1414 $hidden = checkbox_to_sql_bool(db_escape_string($_POST["hidden"]));
1415 $include_in_digest = checkbox_to_sql_bool(
1416 db_escape_string($_POST["include_in_digest"]));
1417
1418 if (get_pref($link, 'ENABLE_FEED_CATS')) {
1419 if ($cat_id && $cat_id != 0) {
1420 $category_qpart = "cat_id = '$cat_id'";
1421 } else {
1422 $category_qpart = 'cat_id = NULL';
1423 }
1424 } else {
1425 $category_qpart = "";
1426 }
1427
1428 if ($parent_feed && $parent_feed != 0) {
1429 $parent_qpart = "parent_feed = '$parent_feed'";
1430 } else {
1431 $parent_qpart = 'parent_feed = NULL';
1432 }
1433
1434 $result = db_query($link, "UPDATE ttrss_feeds SET
1435 $category_qpart,
1436 $parent_qpart,
1437 title = '$feed_title', feed_url = '$feed_link',
1438 update_interval = '$upd_intl',
1439 purge_interval = '$purge_intl',
1440 auth_login = '$auth_login',
1441 auth_pass = '$auth_pass',
1442 private = $private,
1443 rtl_content = $rtl_content,
1444 hidden = $hidden,
1445 include_in_digest = $include_in_digest
1446 WHERE id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]);
1447
1448 # update linked feed categories
1449 $result = db_query($link, "UPDATE ttrss_feeds SET
1450 $category_qpart WHERE parent_feed = '$feed_id' AND
1451 owner_uid = " . $_SESSION["uid"]);
1452 }
1453
1454 if ($subop == "saveCat") {
1455 $cat_title = db_escape_string(trim($_GET["title"]));
1456 $cat_id = db_escape_string($_GET["id"]);
1457
1458 $result = db_query($link, "UPDATE ttrss_feed_categories SET
1459 title = '$cat_title' WHERE id = '$cat_id' AND owner_uid = ".$_SESSION["uid"]);
1460
1461 }
1462
1463 if ($subop == "remove") {
1464
1465 if (!WEB_DEMO_MODE) {
1466
1467 $ids = split(",", db_escape_string($_GET["ids"]));
1468
1469 foreach ($ids as $id) {
1470
1471 if ($id > 0) {
1472
1473 db_query($link, "DELETE FROM ttrss_feeds
1474 WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
1475
1476 $icons_dir = ICONS_DIR;
1477
1478 if (file_exists($icons_dir . "/$id.ico")) {
1479 unlink($icons_dir . "/$id.ico");
1480 }
1481 } else if ($id < -10) {
1482
1483 $label_id = -$id - 11;
1484
1485 db_query($link, "DELETE FROM ttrss_labels
1486 WHERE id = '$label_id' AND owner_uid = " . $_SESSION["uid"]);
1487 }
1488 }
1489 }
1490 }
1491
1492 if ($subop == "add") {
1493
1494 if (!WEB_DEMO_MODE) {
1495
1496 $feed_url = db_escape_string(trim($_GET["feed_url"]));
1497 $cat_id = db_escape_string($_GET["cat_id"]);
1498
1499 if (subscribe_to_feed($link, $feed_url, $cat_id)) {
1500 print "Added feed.";
1501 } else {
1502 print "<div class=\"warning\">
1503 Feed <b>$feed_url</b> already exists in the database.
1504 </div>";
1505 }
1506 }
1507 }
1508
1509 if ($subop == "addCat") {
1510
1511 if (!WEB_DEMO_MODE) {
1512
1513 $feed_cat = db_escape_string(trim($_GET["cat"]));
1514
1515 $result = db_query($link,
1516 "SELECT id FROM ttrss_feed_categories
1517 WHERE title = '$feed_cat' AND owner_uid = ".$_SESSION["uid"]);
1518
1519 if (db_num_rows($result) == 0) {
1520
1521 $result = db_query($link,
1522 "INSERT INTO ttrss_feed_categories (owner_uid,title)
1523 VALUES ('".$_SESSION["uid"]."', '$feed_cat')");
1524
1525 } else {
1526
1527 print "<div class=\"warning\">
1528 Category <b>$feed_cat</b> already exists in the database.
1529 </div>";
1530 }
1531
1532
1533 }
1534 }
1535
1536 if ($subop == "removeCats") {
1537
1538 if (!WEB_DEMO_MODE) {
1539
1540 $ids = split(",", db_escape_string($_GET["ids"]));
1541
1542 foreach ($ids as $id) {
1543
1544 db_query($link, "BEGIN");
1545
1546 $result = db_query($link,
1547 "SELECT count(id) as num_feeds FROM ttrss_feeds
1548 WHERE cat_id = '$id'");
1549
1550 $num_feeds = db_fetch_result($result, 0, "num_feeds");
1551
1552 if ($num_feeds == 0) {
1553 db_query($link, "DELETE FROM ttrss_feed_categories
1554 WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
1555 } else {
1556
1557 print "<div class=\"warning\">
1558 Unable to delete non empty feed categories.</div>";
1559
1560 }
1561
1562 db_query($link, "COMMIT");
1563 }
1564 }
1565 }
1566
1567 if ($subop == "categorize") {
1568
1569 if (!WEB_DEMO_MODE) {
1570
1571 $ids = split(",", db_escape_string($_GET["ids"]));
1572
1573 $cat_id = db_escape_string($_GET["cat_id"]);
1574
1575 if ($cat_id == 0) {
1576 $cat_id_qpart = 'NULL';
1577 } else {
1578 $cat_id_qpart = "'$cat_id'";
1579 }
1580
1581 db_query($link, "BEGIN");
1582
1583 foreach ($ids as $id) {
1584
1585 db_query($link, "UPDATE ttrss_feeds SET cat_id = $cat_id_qpart
1586 WHERE id = '$id' AND parent_feed IS NULL
1587 AND owner_uid = " . $_SESSION["uid"]);
1588
1589 # update linked feed categories
1590 db_query($link, "UPDATE ttrss_feeds SET
1591 cat_id = $cat_id_qpart WHERE parent_feed = '$id' AND
1592 owner_uid = " . $_SESSION["uid"]);
1593
1594 }
1595
1596 db_query($link, "COMMIT");
1597 }
1598
1599 }
1600
1601 if ($quiet) return;
1602
1603 // print "<h3>Edit Feeds</h3>";
1604
1605 $result = db_query($link, "SELECT id,title,feed_url,last_error
1606 FROM ttrss_feeds WHERE last_error != '' AND owner_uid = ".$_SESSION["uid"]);
1607
1608 if (db_num_rows($result) > 0) {
1609
1610 print "<div class=\"warning\">";
1611
1612 // print"<img class=\"closeButton\"
1613 // onclick=\"javascript:hideParentElement(this);\" src=\"images/close.png\">";
1614
1615 print "<a href=\"javascript:showBlockElement('feedUpdateErrors')\">
1616 <b>Some feeds have update errors (click for details)</b></a>";
1617
1618 print "<ul id=\"feedUpdateErrors\" class=\"nomarks\">";
1619
1620 while ($line = db_fetch_assoc($result)) {
1621 print "<li>" . $line["title"] . " (" . $line["feed_url"] . "): " .
1622 $line["last_error"];
1623 }
1624
1625 print "</ul>";
1626 print "</div>";
1627
1628 }
1629
1630 $feed_search = db_escape_string($_GET["search"]);
1631
1632 if (array_key_exists("search", $_GET)) {
1633 $_SESSION["prefs_feed_search"] = $feed_search;
1634 } else {
1635 $feed_search = $_SESSION["prefs_feed_search"];
1636 }
1637
1638 print "<table width='100%' class=\"prefGenericAddBox\"
1639 cellspacing='0' cellpadding='0'><tr>
1640 <td>
1641 <input id=\"fadd_link\"
1642 onkeyup=\"toggleSubmitNotEmpty(this, 'fadd_submit_btn')\"
1643 size=\"40\">
1644 <input type=\"submit\" class=\"button\"
1645 disabled=\"true\" id=\"fadd_submit_btn\"
1646 onclick=\"addFeed()\" value=\"Subscribe\">";
1647
1648 if (ENABLE_FEED_BROWSER && !SINGLE_USER_MODE) {
1649 print " <input type=\"submit\" class=\"button\"
1650 onclick=\"javascript:browseFeeds()\" value=\"Top 25\">";
1651 }
1652
1653 print "</td><td align='right'>
1654 <input id=\"feed_search\" size=\"20\"
1655 onchange=\"javascript:updateFeedList()\" value=\"$feed_search\">
1656 <input type=\"submit\" class=\"button\"
1657 onclick=\"javascript:updateFeedList()\" value=\"Search\">
1658 </td>
1659 </tr></table>";
1660
1661 $feeds_sort = db_escape_string($_GET["sort"]);
1662
1663 if (!$feeds_sort || $feeds_sort == "undefined") {
1664 $feeds_sort = $_SESSION["pref_sort_feeds"];
1665 if (!$feeds_sort) $feeds_sort = "title";
1666 }
1667
1668 $_SESSION["pref_sort_feeds"] = $feeds_sort;
1669
1670 if ($feed_search) {
1671 $search_qpart = "(UPPER(F1.title) LIKE UPPER('%$feed_search%') OR
1672 UPPER(F1.feed_url) LIKE UPPER('%$feed_search%')) AND";
1673 } else {
1674 $search_qpart = "";
1675 }
1676
1677 if (get_pref($link, 'ENABLE_FEED_CATS')) {
1678 $order_by_qpart = "category,$feeds_sort,title";
1679 } else {
1680 $order_by_qpart = "$feeds_sort,title";
1681 }
1682
1683 $result = db_query($link, "SELECT
1684 F1.id,
1685 F1.title,
1686 F1.feed_url,
1687 substring(F1.last_updated,1,16) AS last_updated,
1688 F1.parent_feed,
1689 F1.update_interval,
1690 F1.purge_interval,
1691 F1.cat_id,
1692 F2.title AS parent_title,
1693 C1.title AS category,
1694 F1.hidden,
1695 F1.include_in_digest
1696 FROM
1697 ttrss_feeds AS F1
1698 LEFT JOIN ttrss_feeds AS F2
1699 ON (F1.parent_feed = F2.id)
1700 LEFT JOIN ttrss_feed_categories AS C1
1701 ON (F1.cat_id = C1.id)
1702 WHERE
1703 $search_qpart F1.owner_uid = '".$_SESSION["uid"]."'
1704 ORDER by $order_by_qpart");
1705
1706 if (db_num_rows($result) != 0) {
1707
1708 // print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
1709
1710 print "<p><table width=\"100%\" cellspacing=\"0\"
1711 class=\"prefFeedList\" id=\"prefFeedList\">";
1712 print "<tr><td class=\"selectPrompt\" colspan=\"8\">
1713 Select:
1714 <a href=\"javascript:selectPrefRows('feed', true)\">All</a>,
1715 <a href=\"javascript:selectPrefRows('feed', false)\">None</a>
1716 </td</tr>";
1717
1718 if (!get_pref($link, 'ENABLE_FEED_CATS')) {
1719 print "<tr class=\"title\">
1720 <td width='5%' align='center'>&nbsp;</td>";
1721
1722 if (get_pref($link, 'ENABLE_FEED_ICONS')) {
1723 print "<td width='3%'>&nbsp;</td>";
1724 }
1725
1726 print "
1727 <td width='40%'><a href=\"javascript:updateFeedList('title')\">Title</a></td>
1728 <td width='45%'><a href=\"javascript:updateFeedList('feed_url')\">Feed</a></td>
1729 <td width='15%' align='right'><a href=\"javascript:updateFeedList('last_updated')\">Updated</a></td>";
1730 }
1731
1732 $lnum = 0;
1733
1734 $cur_cat_id = -1;
1735
1736 while ($line = db_fetch_assoc($result)) {
1737
1738 $feed_id = $line["id"];
1739 $cat_id = $line["cat_id"];
1740
1741 $edit_title = htmlspecialchars(db_unescape_string($line["title"]));
1742 $edit_link = htmlspecialchars(db_unescape_string($line["feed_url"]));
1743 $edit_cat = htmlspecialchars(db_unescape_string($line["category"]));
1744
1745 $hidden = sql_bool_to_bool($line["hidden"]);
1746
1747 if (!$edit_cat) $edit_cat = "Uncategorized";
1748
1749 $last_updated = $line["last_updated"];
1750
1751 if (get_pref($link, 'HEADLINES_SMART_DATE')) {
1752 $last_updated = smart_date_time(strtotime($last_updated));
1753 } else {
1754 $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
1755 $last_updated = date($short_date, strtotime($last_updated));
1756 }
1757
1758 if (get_pref($link, 'ENABLE_FEED_CATS') && $cur_cat_id != $cat_id) {
1759 $lnum = 0;
1760
1761 print "<tr><td colspan=\"6\" class=\"feedEditCat\">$edit_cat</td></tr>";
1762
1763 print "<tr class=\"title\">
1764 <td width='5%'>&nbsp;</td>";
1765
1766 if (get_pref($link, 'ENABLE_FEED_ICONS')) {
1767 print "<td width='3%'>&nbsp;</td>";
1768 }
1769
1770 print "<td width='40%'><a href=\"javascript:updateFeedList('title')\">Title</a></td>
1771 <td width='45%'><a href=\"javascript:updateFeedList('feed_url')\">Feed</a></td>
1772 <td width='15%' align='right'><a href=\"javascript:updateFeedList('last_updated')\">Updated</a></td>";
1773
1774 $cur_cat_id = $cat_id;
1775 }
1776
1777 $class = ($lnum % 2) ? "even" : "odd";
1778 $this_row_id = "id=\"FEEDR-$feed_id\"";
1779
1780 print "<tr class=\"$class\" $this_row_id>";
1781
1782 $icon_file = ICONS_DIR . "/$feed_id.ico";
1783
1784 if (file_exists($icon_file) && filesize($icon_file) > 0) {
1785 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"" . ICONS_URL . "/$feed_id.ico\">";
1786 } else {
1787 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
1788 }
1789
1790 print "<td class='feedSelect'><input onclick='toggleSelectPrefRow(this, \"feed\");'
1791 type=\"checkbox\" id=\"FRCHK-".$line["id"]."\"></td>";
1792
1793 if (get_pref($link, 'ENABLE_FEED_ICONS')) {
1794 print "<td class='feedIcon'>$feed_icon</td>";
1795 }
1796
1797 $edit_title = truncate_string($edit_title, 40);
1798 $edit_link = truncate_string($edit_link, 60);
1799
1800 if ($hidden) {
1801 $edit_title = "<span class=\"insensitive\">$edit_title (Hidden)</span>";
1802 $edit_link = "<span class=\"insensitive\">$edit_link</span>";
1803 $last_updated = "<span class=\"insensitive\">$last_updated</span>";
1804 }
1805
1806 $parent_title = $line["parent_title"];
1807 if ($parent_title) {
1808 $parent_title = "<span class='groupPrompt'>(linked to
1809 $parent_title)</span>";
1810 }
1811
1812 print "<td><a href=\"javascript:editFeed($feed_id);\">" .
1813 "$edit_title $parent_title" . "</a></td>";
1814
1815 print "<td><a href=\"javascript:editFeed($feed_id);\">" .
1816 $edit_link . "</a></td>";
1817
1818 print "<td align='right'><a href=\"javascript:editFeed($feed_id);\">" .
1819 "$last_updated</a></td>";
1820
1821 print "</tr>";
1822
1823 ++$lnum;
1824 }
1825
1826 print "</table>";
1827
1828 print "<p><span id=\"feedOpToolbar\">";
1829
1830 if ($subop == "edit") {
1831 print "Edit feed:&nbsp;
1832 <input type=\"submit\" class=\"button\"
1833 onclick=\"javascript:feedEditCancel()\" value=\"Cancel\">
1834 <input type=\"submit\" class=\"button\"
1835 onclick=\"javascript:feedEditSave()\" value=\"Save\">";
1836 } else {
1837
1838 print "
1839 Selection:&nbsp;
1840 <input type=\"submit\" class=\"button\" disabled=\"true\"
1841 onclick=\"javascript:editSelectedFeed()\" value=\"Edit\">
1842 <input type=\"submit\" class=\"button\" disabled=\"true\"
1843 onclick=\"javascript:removeSelectedFeeds()\" value=\"Unsubscribe\">";
1844
1845 if (get_pref($link, 'ENABLE_FEED_CATS')) {
1846
1847 print "&nbsp;|&nbsp;";
1848
1849 print_feed_cat_select($link, "sfeed_set_fcat", "", "disabled");
1850
1851 print " <input type=\"submit\" class=\"button\" disabled=\"true\"
1852 onclick=\"javascript:categorizeSelectedFeeds()\" value=\"Recategorize\">";
1853
1854 }
1855
1856 print "</span>
1857 &nbsp;All feeds: <input type=\"submit\"
1858 class=\"button\" onclick=\"gotoExportOpml()\"
1859 value=\"Export OPML\">";
1860 }
1861 } else {
1862
1863 print "<p>No feeds defined.</p>";
1864
1865 }
1866
1867 if (get_pref($link, 'ENABLE_FEED_CATS')) {
1868
1869 print "<h3>Edit Categories</h3>";
1870
1871 print "<div class=\"prefGenericAddBox\">
1872 <input id=\"fadd_cat\"
1873 onkeyup=\"toggleSubmitNotEmpty(this, 'catadd_submit_btn')\"
1874 size=\"40\">&nbsp;
1875 <input
1876 type=\"submit\" class=\"button\" disabled=\"true\" id=\"catadd_submit_btn\"
1877 onclick=\"javascript:addFeedCat()\" value=\"Create category\"></div>";
1878
1879 $result = db_query($link, "SELECT title,id FROM ttrss_feed_categories
1880 WHERE owner_uid = ".$_SESSION["uid"]."
1881 ORDER BY title");
1882
1883 if (db_num_rows($result) != 0) {
1884
1885 print "<form id=\"feed_cat_edit_form\">";
1886
1887 print "<p><table width=\"100%\" class=\"prefFeedCatList\"
1888 cellspacing=\"0\" id=\"prefFeedCatList\">";
1889
1890 print "<tr><td class=\"selectPrompt\" colspan=\"8\">
1891 Select:
1892 <a href=\"javascript:selectPrefRows('fcat', true)\">All</a>,
1893 <a href=\"javascript:selectPrefRows('fcat', false)\">None</a>
1894 </td</tr>";
1895
1896 print "<tr class=\"title\">
1897 <td width=\"5%\">&nbsp;</td><td width=\"80%\">Title</td>
1898 </tr>";
1899
1900 $lnum = 0;
1901
1902 while ($line = db_fetch_assoc($result)) {
1903
1904 $class = ($lnum % 2) ? "even" : "odd";
1905
1906 $cat_id = $line["id"];
1907
1908 $edit_cat_id = $_GET["id"];
1909
1910 if ($subop == "editCat" && $cat_id != $edit_cat_id) {
1911 $class .= "Grayed";
1912 $this_row_id = "";
1913 } else {
1914 $this_row_id = "id=\"FCATR-$cat_id\"";
1915 }
1916
1917 print "<tr class=\"$class\" $this_row_id>";
1918
1919 $edit_title = htmlspecialchars(db_unescape_string($line["title"]));
1920
1921 if (!$edit_cat_id || $subop != "editCat") {
1922
1923 print "<td align='center'><input onclick='toggleSelectPrefRow(this, \"fcat\");'
1924 type=\"checkbox\" id=\"FCCHK-".$line["id"]."\"></td>";
1925
1926 print "<td><a href=\"javascript:editFeedCat($cat_id);\">" .
1927 $edit_title . "</a></td>";
1928
1929 } else if ($cat_id != $edit_cat_id) {
1930
1931 print "<td align='center'><input disabled=\"true\" type=\"checkbox\"
1932 id=\"FRCHK-".$line["id"]."\"></td>";
1933
1934 print "<td>$edit_title</td>";
1935
1936 } else {
1937
1938 print "<td align='center'><input disabled=\"true\" type=\"checkbox\" checked>";
1939
1940 print "<input type=\"hidden\" name=\"id\" value=\"$cat_id\">";
1941 print "<input type=\"hidden\" name=\"op\" value=\"pref-feeds\">";
1942 print "<input type=\"hidden\" name=\"subop\" value=\"saveCat\">";
1943
1944 print "</td>";
1945
1946 print "<td><input onkeypress=\"return filterCR(event)\"
1947 name=\"title\" class=\"iedit\" value=\"$edit_title\"></td>";
1948
1949 }
1950
1951 print "</tr>";
1952
1953 ++$lnum;
1954 }
1955
1956 print "</table>";
1957
1958 print "</form>";
1959
1960 print "<p id=\"catOpToolbar\">";
1961
1962 if ($subop == "editCat") {
1963 print "Edit category:&nbsp;
1964 <input type=\"submit\" class=\"button\"
1965 onclick=\"return feedCatEditSave()\" value=\"Save\">
1966 <input type=\"submit\" class=\"button\"
1967 onclick=\"return feedCatEditCancel()\" value=\"Cancel\">";
1968 } else {
1969
1970 print "
1971 Selection:&nbsp;
1972 <input type=\"submit\" class=\"button\" disabled=\"true\"
1973 onclick=\"return editSelectedFeedCat()\" value=\"Edit\">
1974 <input type=\"submit\" class=\"button\" disabled=\"true\"
1975 onclick=\"return removeSelectedFeedCats()\" value=\"Remove\">";
1976
1977 }
1978
1979 } else {
1980 print "<p>No feed categories defined.</p>";
1981 }
1982 }
1983
1984 print "<h3>Import OPML</h3>
1985 <form enctype=\"multipart/form-data\" method=\"POST\" action=\"opml.php\">
1986 File: <input id=\"opml_file\" name=\"opml_file\" type=\"file\">&nbsp;
1987 <input class=\"button\" name=\"op\" onclick=\"return validateOpmlImport();\"
1988 type=\"submit\" value=\"Import\">
1989 </form>";
1990
1991 }
1992
1993 if ($op == "pref-filters") {
1994
1995 $subop = $_GET["subop"];
1996 $quiet = $_GET["quiet"];
1997
1998 if ($subop == "edit") {
1999
2000 $filter_id = db_escape_string($_GET["id"]);
2001
2002 $result = db_query($link,
2003 "SELECT * FROM ttrss_filters WHERE id = '$filter_id' AND owner_uid = " . $_SESSION["uid"]);
2004
2005 $reg_exp = htmlspecialchars(db_unescape_string(db_fetch_result($result, 0, "reg_exp")));
2006 $filter_type = db_fetch_result($result, 0, "filter_type");
2007 $feed_id = db_fetch_result($result, 0, "feed_id");
2008 $action_id = db_fetch_result($result, 0, "action_id");
2009
2010 $enabled = sql_bool_to_bool(db_fetch_result($result, 0, "enabled"));
2011
2012 print "<div id=\"infoBoxTitle\">Filter editor</div>";
2013 print "<div class=\"infoBoxContents\">";
2014
2015 print "<form id=\"filter_edit_form\">";
2016
2017 print "<input type=\"hidden\" name=\"op\" value=\"pref-filters\">";
2018 print "<input type=\"hidden\" name=\"id\" value=\"$filter_id\">";
2019 print "<input type=\"hidden\" name=\"subop\" value=\"editSave\">";
2020
2021 // print "<div class=\"notice\"><b>Note:</b> filter will only apply to new articles.</div>";
2022
2023 $result = db_query($link, "SELECT id,description
2024 FROM ttrss_filter_types ORDER BY description");
2025
2026 $filter_types = array();
2027
2028 while ($line = db_fetch_assoc($result)) {
2029 //array_push($filter_types, $line["description"]);
2030 $filter_types[$line["id"]] = $line["description"];
2031 }
2032
2033 print "<table width='100%'>";
2034
2035 print "<tr><td>Match:</td>
2036 <td><input onkeypress=\"return filterCR(event)\"
2037 onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
2038 name=\"reg_exp\" class=\"iedit\" value=\"$reg_exp\">";
2039
2040 print "</td><td>";
2041
2042 print_select_hash("filter_type", $filter_type, $filter_types, "class=\"iedit\"");
2043
2044 print "</td></tr>";
2045 print "<tr><td>Feed:</td><td colspan='2'>";
2046
2047 print_feed_select($link, "feed_id", $feed_id);
2048
2049 print "</td></tr>";
2050
2051 print "<tr><td>Action:</td>";
2052
2053 print "<td colspan='2'><select name=\"action_id\">";
2054
2055 $result = db_query($link, "SELECT id,description FROM ttrss_filter_actions
2056 ORDER BY name");
2057
2058 while ($line = db_fetch_assoc($result)) {
2059 $is_sel = ($line["id"] == $action_id) ? "selected" : "";
2060 printf("<option value='%d' $is_sel>%s</option>", $line["id"], $line["description"]);
2061 }
2062
2063 print "</select>";
2064
2065 print "</td></tr>";
2066
2067 if ($enabled) {
2068 $checked = "checked";
2069 } else {
2070 $checked = "";
2071 }
2072
2073 print "<tr><td>Options:</td><td>
2074 <input type=\"checkbox\" name=\"enabled\" id=\"enabled\" $checked>
2075 <label for=\"enabled\">Enabled</label>";
2076
2077 print "</td></tr></table>";
2078
2079 print "</form>";
2080
2081 print "<div align='right'>";
2082
2083 print "<input type=\"submit\"
2084 id=\"infobox_submit\"
2085 class=\"button\" onclick=\"return filterEditSave()\"
2086 value=\"Save\"> ";
2087
2088 print "<input class=\"button\"
2089 type=\"submit\" onclick=\"return filterEditCancel()\"
2090 value=\"Cancel\">";
2091
2092 print "</div>";
2093
2094 return;
2095 }
2096
2097
2098 if ($subop == "editSave") {
2099
2100 $reg_exp = db_escape_string(trim($_GET["reg_exp"]));
2101 $filter_type = db_escape_string(trim($_GET["filter_type"]));
2102 $filter_id = db_escape_string($_GET["id"]);
2103 $feed_id = db_escape_string($_GET["feed_id"]);
2104 $action_id = db_escape_string($_GET["action_id"]);
2105 $enabled = checkbox_to_sql_bool(db_escape_string($_GET["enabled"]));
2106
2107 if (!$feed_id) {
2108 $feed_id = 'NULL';
2109 } else {
2110 $feed_id = sprintf("'%s'", db_escape_string($feed_id));
2111 }
2112
2113 $result = db_query($link, "UPDATE ttrss_filters SET
2114 reg_exp = '$reg_exp',
2115 feed_id = $feed_id,
2116 action_id = '$action_id',
2117 filter_type = '$filter_type',
2118 enabled = $enabled
2119 WHERE id = '$filter_id' AND owner_uid = " . $_SESSION["uid"]);
2120 }
2121
2122 if ($subop == "remove") {
2123
2124 if (!WEB_DEMO_MODE) {
2125
2126 $ids = split(",", db_escape_string($_GET["ids"]));
2127
2128 foreach ($ids as $id) {
2129 db_query($link, "DELETE FROM ttrss_filters WHERE id = '$id' AND owner_uid = ". $_SESSION["uid"]);
2130
2131 }
2132 }
2133 }
2134
2135 if ($subop == "add") {
2136
2137 if (!WEB_DEMO_MODE) {
2138
2139 $regexp = db_escape_string(trim($_GET["reg_exp"]));
2140 $filter_type = db_escape_string(trim($_GET["filter_type"]));
2141 $feed_id = db_escape_string($_GET["feed_id"]);
2142 $action_id = db_escape_string($_GET["action_id"]);
2143
2144 if (!$feed_id) {
2145 $feed_id = 'NULL';
2146 } else {
2147 $feed_id = sprintf("'%s'", db_escape_string($feed_id));
2148 }
2149
2150 $result = db_query($link,
2151 "INSERT INTO ttrss_filters (reg_exp,filter_type,owner_uid,feed_id,
2152 action_id)
2153 VALUES
2154 ('$regexp', '$filter_type','".$_SESSION["uid"]."',
2155 $feed_id, '$action_id')");
2156 }
2157 }
2158
2159 if ($quiet) return;
2160
2161 $sort = db_escape_string($_GET["sort"]);
2162
2163 if (!$sort || $sort == "undefined") {
2164 $sort = "reg_exp";
2165 }
2166
2167 // print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
2168
2169 $result = db_query($link, "SELECT id,description
2170 FROM ttrss_filter_types ORDER BY description");
2171
2172 $filter_types = array();
2173
2174 while ($line = db_fetch_assoc($result)) {
2175 //array_push($filter_types, $line["description"]);
2176 $filter_types[$line["id"]] = $line["description"];
2177 }
2178
2179 print "<input type=\"submit\"
2180 class=\"button\"
2181 onclick=\"return displayDlg('quickAddFilter', false)\"
2182 id=\"create_filter_btn\"
2183 value=\"Create filter\">";
2184
2185 $result = db_query($link, "SELECT
2186 ttrss_filters.id AS id,reg_exp,
2187 ttrss_filter_types.name AS filter_type_name,
2188 ttrss_filter_types.description AS filter_type_descr,
2189 enabled,
2190 feed_id,
2191 ttrss_filter_actions.description AS action_description,
2192 ttrss_feeds.title AS feed_title
2193 FROM
2194 ttrss_filter_types,ttrss_filter_actions,ttrss_filters LEFT JOIN
2195 ttrss_feeds ON (ttrss_filters.feed_id = ttrss_feeds.id)
2196 WHERE
2197 filter_type = ttrss_filter_types.id AND
2198 ttrss_filter_actions.id = action_id AND
2199 ttrss_filters.owner_uid = ".$_SESSION["uid"]."
2200 ORDER by $sort");
2201
2202 if (db_num_rows($result) != 0) {
2203
2204 print "<form id=\"filter_edit_form\">";
2205
2206 print "<p><table width=\"100%\" cellspacing=\"0\" class=\"prefFilterList\"
2207 id=\"prefFilterList\">";
2208
2209 print "<tr><td class=\"selectPrompt\" colspan=\"8\">
2210 Select:
2211 <a href=\"javascript:selectPrefRows('filter', true)\">All</a>,
2212 <a href=\"javascript:selectPrefRows('filter', false)\">None</a>
2213 </td</tr>";
2214
2215 print "<tr class=\"title\">
2216 <td align='center' width=\"5%\">&nbsp;</td>
2217 <td width=\"20%\"><a href=\"javascript:updateFilterList('reg_exp')\">Filter expression</a></td>
2218 <td width=\"20%\"><a href=\"javascript:updateFilterList('feed_title')\">Feed</a></td>
2219 <td width=\"15%\"><a href=\"javascript:updateFilterList('filter_type')\">Match</a></td>
2220 <td width=\"15%\"><a href=\"javascript:updateFilterList('action_description')\">Action</a></td>";
2221
2222 $lnum = 0;
2223
2224 while ($line = db_fetch_assoc($result)) {
2225
2226 $class = ($lnum % 2) ? "even" : "odd";
2227
2228 $filter_id = $line["id"];
2229 $edit_filter_id = $_GET["id"];
2230
2231 $enabled = sql_bool_to_bool($line["enabled"]);
2232
2233 if ($subop == "edit" && $filter_id != $edit_filter_id) {
2234 $class .= "Grayed";
2235 $this_row_id = "";
2236 } else {
2237 $this_row_id = "id=\"FILRR-$filter_id\"";
2238 }
2239
2240 print "<tr class=\"$class\" $this_row_id>";
2241
2242 $line["reg_exp"] = htmlspecialchars(db_unescape_string($line["reg_exp"]));
2243
2244 if (!$line["feed_title"]) $line["feed_title"] = "All feeds";
2245
2246 $line["feed_title"] = htmlspecialchars(db_unescape_string($line["feed_title"]));
2247
2248 print "<td align='center'><input onclick='toggleSelectPrefRow(this, \"filter\");'
2249 type=\"checkbox\" id=\"FICHK-".$line["id"]."\"></td>";
2250
2251 if (!$enabled) {
2252 $line["reg_exp"] = "<span class=\"insensitive\">" .
2253 $line["reg_exp"] . " (Disabled)</span>";
2254 $line["feed_title"] = "<span class=\"insensitive\">" .
2255 $line["feed_title"] . "</span>";
2256 $line["filter_type_descr"] = "<span class=\"insensitive\">" .
2257 $line["filter_type_descr"] . "</span>";
2258 $line["action_description"] = "<span class=\"insensitive\">" .
2259 $line["action_description"] . "</span>";
2260 }
2261
2262 print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2263 $line["reg_exp"] . "</td>";
2264
2265 print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2266 $line["feed_title"] . "</td>";
2267
2268 print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2269 $line["filter_type_descr"] . "</td>";
2270
2271 print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2272 $line["action_description"] . "</td>";
2273
2274 print "</tr>";
2275
2276 ++$lnum;
2277 }
2278
2279 if ($lnum == 0) {
2280 print "<tr><td colspan=\"4\" align=\"center\">No filters defined.</td></tr>";
2281 }
2282
2283 print "</table>";
2284
2285 print "</form>";
2286
2287 print "<p id=\"filterOpToolbar\">";
2288
2289 print "
2290 Selection:
2291 <input type=\"submit\" class=\"button\" disabled=\"true\"
2292 onclick=\"return editSelectedFilter()\" value=\"Edit\">
2293 <input type=\"submit\" class=\"button\" disabled=\"true\"
2294 onclick=\"return removeSelectedFilters()\" value=\"Remove\">";
2295
2296 print "</p>";
2297
2298 } else {
2299
2300 print "<p>No filters defined.</p>";
2301
2302 }
2303 }
2304
2305 // We need to accept raw SQL data in label queries, so not everything is escaped
2306 // here, this is by design. If you don't like the whole idea, disable labels
2307 // altogether with GLOBAL_ENABLE_LABELS = false
2308
2309 if ($op == "pref-labels") {
2310
2311 if (!GLOBAL_ENABLE_LABELS) {
2312
2313 print "<p>Sorry, labels have been administratively disabled for this installation. Please contact instance owner or edit configuration file to enable this functionality.</p>";
2314 return;
2315 }
2316
2317 $subop = $_GET["subop"];
2318
2319 if ($subop == "edit") {
2320
2321 $label_id = db_escape_string($_GET["id"]);
2322
2323 $result = db_query($link, "SELECT sql_exp,description FROM ttrss_labels WHERE
2324 owner_uid = ".$_SESSION["uid"]." AND id = '$label_id' ORDER by description");
2325
2326 $line = db_fetch_assoc($result);
2327
2328 $sql_exp = htmlspecialchars(db_unescape_string($line["sql_exp"]));
2329 $description = htmlspecialchars(db_unescape_string($line["description"]));
2330
2331 print "<div id=\"infoBoxTitle\">Label editor</div>";
2332 print "<div class=\"infoBoxContents\">";
2333
2334 print "<form id=\"label_edit_form\">";
2335
2336 print "<input type=\"hidden\" name=\"op\" value=\"pref-labels\">";
2337 print "<input type=\"hidden\" name=\"id\" value=\"$label_id\">";
2338 print "<input type=\"hidden\" name=\"subop\" value=\"editSave\">";
2339
2340 print "<table width='100%'>";
2341
2342 print "<tr><td>Caption:</td>
2343 <td><input onkeypress=\"return filterCR(event)\"
2344 onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
2345 name=\"description\" class=\"iedit\" value=\"$description\">";
2346
2347 print "</td></tr>";
2348
2349 print "<tr><td colspan=\"2\">
2350 <p>SQL Expression:</p>";
2351
2352 print "<textarea onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
2353 rows=\"4\" name=\"sql_exp\" class=\"iedit\">$sql_exp</textarea>";
2354
2355 print "</td></tr></table>";
2356
2357 print "</form>";
2358
2359 print "<div style=\"display : none\" id=\"label_test_result\"></div>";
2360
2361 print "<div align='right'>";
2362
2363 $is_disabled = (strpos($_SERVER['HTTP_USER_AGENT'], 'Opera') !== FALSE) ? "disabled" : "";
2364
2365 print "<input $is_disabled type=\"submit\" onclick=\"return labelTest()\" value=\"Test\">
2366 ";
2367
2368 print "<input type=\"submit\"
2369 id=\"infobox_submit\"
2370 class=\"button\" onclick=\"return labelEditSave()\"
2371 value=\"Save\"> ";
2372
2373 print "<input class=\"button\"
2374 type=\"submit\" onclick=\"return labelEditCancel()\"
2375 value=\"Cancel\">";
2376
2377 print "</div>";
2378
2379 return;
2380 }
2381
2382 if ($subop == "test") {
2383
2384 $expr = db_unescape_string(trim($_GET["expr"]));
2385 $descr = db_unescape_string(trim($_GET["descr"]));
2386
2387 print "<div>";
2388
2389 error_reporting(0);
2390
2391
2392 $result = db_query($link,
2393 "SELECT count(ttrss_entries.id) AS num_matches
2394 FROM ttrss_entries,ttrss_user_entries,ttrss_feeds
2395 WHERE ($expr) AND
2396 ttrss_user_entries.ref_id = ttrss_entries.id AND
2397 ttrss_user_entries.feed_id = ttrss_feeds.id AND
2398 ttrss_user_entries.owner_uid = " . $_SESSION["uid"], false);
2399
2400 error_reporting (DEFAULT_ERROR_LEVEL);
2401
2402 if (!$result) {
2403 print "<p>" . db_last_error($link) . "</p>";
2404 print "</div>";
2405 return;
2406 }
2407
2408 $num_matches = db_fetch_result($result, 0, "num_matches");;
2409
2410 if ($num_matches > 0) {
2411
2412 if ($num_matches > 10) {
2413 $showing_msg = ", showing first 10";
2414 }
2415
2416 print "<p>Query returned <b>$num_matches</b> matches$showing_msg:</p>";
2417
2418 $result = db_query($link,
2419 "SELECT ttrss_entries.title,
2420 (SELECT title FROM ttrss_feeds WHERE id = feed_id) AS feed_title
2421 FROM ttrss_entries,ttrss_user_entries,ttrss_feeds
2422 WHERE ($expr) AND
2423 ttrss_user_entries.ref_id = ttrss_entries.id
2424 AND ttrss_user_entries.feed_id = ttrss_feeds.id
2425 AND ttrss_user_entries.owner_uid = " . $_SESSION["uid"] . "
2426 ORDER BY date_entered DESC LIMIT 10", false);
2427
2428 print "<ul class=\"labelTestResults\">";
2429
2430 $row_class = "even";
2431
2432 while ($line = db_fetch_assoc($result)) {
2433 $row_class = toggleEvenOdd($row_class);
2434
2435 print "<li class=\"$row_class\">".$line["title"].
2436 " <span class=\"insensitive\">(".$line["feed_title"].")</span></li>";
2437 }
2438 print "</ul>";
2439
2440 } else {
2441 print "<p>Query didn't return any matches.</p>";
2442 }
2443
2444 print "</div>";
2445
2446 return;
2447 }
2448
2449 if ($subop == "editSave") {
2450
2451 $sql_exp = trim($_GET["sql_exp"]);
2452 $descr = db_escape_string(trim($_GET["description"]));
2453 $label_id = db_escape_string($_GET["id"]);
2454
2455 $result = db_query($link, "UPDATE ttrss_labels SET
2456 sql_exp = '$sql_exp',
2457 description = '$descr'
2458 WHERE id = '$label_id'");
2459 }
2460
2461 if ($subop == "remove") {
2462
2463 if (!WEB_DEMO_MODE) {
2464
2465 $ids = split(",", db_escape_string($_GET["ids"]));
2466
2467 foreach ($ids as $id) {
2468 db_query($link, "DELETE FROM ttrss_labels WHERE id = '$id'");
2469
2470 }
2471 }
2472 }
2473
2474 if ($subop == "add") {
2475
2476 if (!WEB_DEMO_MODE) {
2477
2478 // no escaping is done here on purpose
2479 $sql_exp = trim($_GET["sql_exp"]);
2480 $description = db_escape_string($_GET["description"]);
2481
2482 $result = db_query($link,
2483 "INSERT INTO ttrss_labels (sql_exp,description,owner_uid)
2484 VALUES ('$sql_exp', '$description', '".$_SESSION["uid"]."')");
2485 }
2486 }
2487
2488 $sort = db_escape_string($_GET["sort"]);
2489
2490 if (!$sort || $sort == "undefined") {
2491 $sort = "description";
2492 }
2493
2494 print "<div class=\"prefGenericAddBox\">";
2495
2496 print"<input type=\"submit\" class=\"button\"
2497 id=\"label_create_btn\"
2498 onclick=\"return displayDlg('quickAddLabel', false)\"
2499 value=\"Create label\"></div>";
2500
2501 $result = db_query($link, "SELECT
2502 id,sql_exp,description
2503 FROM
2504 ttrss_labels
2505 WHERE
2506 owner_uid = ".$_SESSION["uid"]."
2507 ORDER BY $sort");
2508
2509 // print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
2510
2511 if (db_num_rows($result) != 0) {
2512
2513 print "<form id=\"label_edit_form\">";
2514
2515 print "<p><table width=\"100%\" cellspacing=\"0\"
2516 class=\"prefLabelList\" id=\"prefLabelList\">";
2517
2518 print "<tr><td class=\"selectPrompt\" colspan=\"8\">
2519 Select:
2520 <a href=\"javascript:selectPrefRows('label', true)\">All</a>,
2521 <a href=\"javascript:selectPrefRows('label', false)\">None</a>
2522 </td</tr>";
2523
2524 print "<tr class=\"title\">
2525 <td width=\"5%\">&nbsp;</td>
2526 <td width=\"30%\"><a href=\"javascript:updateLabelList('description')\">Caption</a></td>
2527 <td width=\"50%\"><a href=\"javascript:updateLabelList('sql_exp')\">SQL Expression</a>
2528 <a class=\"helpLink\" href=\"javascript:displayHelpInfobox(1)\">(?)</a>
2529 </td>
2530 </tr>";
2531
2532 $lnum = 0;
2533
2534 while ($line = db_fetch_assoc($result)) {
2535
2536 $class = ($lnum % 2) ? "even" : "odd";
2537
2538 $label_id = $line["id"];
2539 $edit_label_id = $_GET["id"];
2540
2541 if ($subop == "edit" && $label_id != $edit_label_id) {
2542 $class .= "Grayed";
2543 $this_row_id = "";
2544 } else {
2545 $this_row_id = "id=\"LILRR-$label_id\"";
2546 }
2547
2548 print "<tr class=\"$class\" $this_row_id>";
2549
2550 $line["sql_exp"] = htmlspecialchars(db_unescape_string($line["sql_exp"]));
2551 $line["description"] = htmlspecialchars(
2552 db_unescape_string($line["description"]));
2553
2554 if (!$line["description"]) $line["description"] = "[No caption]";
2555
2556 print "<td align='center'><input onclick='toggleSelectPrefRow(this, \"label\");'
2557 type=\"checkbox\" id=\"LICHK-".$line["id"]."\"></td>";
2558
2559 print "<td><a href=\"javascript:editLabel($label_id);\">" .
2560 $line["description"] . "</td>";
2561
2562 print "<td><a href=\"javascript:editLabel($label_id);\">" .
2563 $line["sql_exp"] . "</td>";
2564
2565 print "</tr>";
2566
2567 ++$lnum;
2568 }
2569
2570 if ($lnum == 0) {
2571 print "<tr><td colspan=\"4\" align=\"center\">No labels defined.</td></tr>";
2572 }
2573
2574 print "</table>";
2575
2576 print "</form>";
2577
2578 print "<p id=\"labelOpToolbar\">";
2579
2580 print "
2581 Selection:
2582 <input type=\"submit\" class=\"button\" disabled=\"true\"
2583 onclick=\"javascript:editSelectedLabel()\" value=\"Edit\">
2584 <input type=\"submit\" class=\"button\" disabled=\"true\"
2585 onclick=\"javascript:removeSelectedLabels()\" value=\"Remove\">";
2586
2587 } else {
2588 print "<p>No labels defined.</p>";
2589 }
2590 }
2591
2592 if ($op == "error") {
2593 print "<div width=\"100%\" align='center'>";
2594 $msg = $_GET["msg"];
2595 print $msg;
2596 print "</div>";
2597 }
2598
2599 if ($op == "help") {
2600 if (!$_GET["noheaders"]) {
2601 print "<html><head>
2602 <title>Tiny Tiny RSS : Help</title>
2603 <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">
2604 <script type=\"text/javascript\" src=\"prototype.js\"></script>
2605 <script type=\"text/javascript\" src=\"functions.js?$script_dt_add\"></script>
2606 <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
2607 </head><body>";
2608 }
2609
2610 $tid = sprintf("%d", $_GET["tid"]);
2611
2612 print "<div id=\"infoBoxTitle\">Help</div>";
2613
2614 print "<div class='infoBoxContents'>";
2615
2616 if (file_exists("help/$tid.php")) {
2617 include("help/$tid.php");
2618 } else {
2619 print "<p>Help topic not found.</p>";
2620 }
2621
2622 print "</div>";
2623
2624 print "<div align='center'>
2625 <input type='submit' class='button'
2626 onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
2627
2628 if (!$_GET["noheaders"]) {
2629 print "</body></html>";
2630 }
2631
2632 }
2633
2634 if ($op == "dlg") {
2635 $id = $_GET["id"];
2636 $param = $_GET["param"];
2637
2638 if ($id == "quickAddFeed") {
2639
2640 print "<div id=\"infoBoxTitle\">Subscribe to feed</div>";
2641 print "<div class=\"infoBoxContents\">";
2642
2643 print "<form id='feed_add_form'>";
2644
2645 print "<input type=\"hidden\" name=\"op\" value=\"pref-feeds\">";
2646 print "<input type=\"hidden\" name=\"quiet\" value=\"1\">";
2647 print "<input type=\"hidden\" name=\"subop\" value=\"add\">";
2648
2649 print "<table width='100%'>
2650 <tr><td>Feed URL:</td><td>
2651 <input class=\"iedit\" onblur=\"javascript:enableHotkeys()\"
2652 onkeypress=\"return filterCR(event)\"
2653 onkeyup=\"toggleSubmitNotEmpty(this, 'fadd_submit_btn')\"
2654 onfocus=\"javascript:disableHotkeys()\" name=\"feed_url\"></td></tr>";
2655
2656 if (get_pref($link, 'ENABLE_FEED_CATS')) {
2657 print "<tr><td>Category:</td><td>";
2658 print_feed_cat_select($link, "cat_id");
2659 print "</td></tr>";
2660 }
2661
2662 print "</table>";
2663 print "</form>";
2664
2665 print "<div align='right'>
2666 <input class=\"button\"
2667 id=\"fadd_submit_btn\" disabled=\"true\"
2668 type=\"submit\" onclick=\"javascript:qafAdd()\" value=\"Subscribe\">
2669 <input class=\"button\"
2670 type=\"submit\" onclick=\"javascript:closeInfoBox()\"
2671 value=\"Cancel\"></div>";
2672
2673 }
2674
2675 if ($id == "search") {
2676
2677 print "<div id=\"infoBoxTitle\">Search</div>";
2678 print "<div class=\"infoBoxContents\">";
2679
2680 print "<form id='search_form'>";
2681
2682 #$active_feed_id = db_escape_string($_GET["param"]);
2683
2684 $params = split(":", db_escape_string($_GET["param"]));
2685
2686 $active_feed_id = sprintf("%d", $params[0]);
2687 $is_cat = $params[1] == "true";
2688
2689 print "<table width='100%'><tr><td>Search:</td><td>";
2690
2691 print "<input name=\"query\" class=\"iedit\"
2692 onkeypress=\"return filterCR(event)\"
2693 onkeyup=\"toggleSubmitNotEmpty(this, 'search_submit_btn')\"
2694 value=\"\">
2695 </td></tr>";
2696
2697 print "<tr><td>Where:</td><td>";
2698
2699 print "<select name=\"search_mode\">
2700 <option value=\"all_feeds\">All feeds</option>";
2701
2702 $feed_title = getFeedTitle($link, $active_feed_id);
2703
2704 if (!$is_cat) {
2705 $feed_cat_title = getFeedCatTitle($link, $active_feed_id);
2706 } else {
2707 $feed_cat_title = getCategoryTitle($link, $active_feed_id);
2708 }
2709
2710 if ($active_feed_id && !$is_cat) {
2711 print "<option selected value=\"this_feed\">This feed ($feed_title)</option>";
2712 } else {
2713 print "<option disabled>This feed</option>";
2714 }
2715
2716 if ($is_cat) {
2717 $cat_preselected = "selected";
2718 }
2719
2720 if (get_pref($link, 'ENABLE_FEED_CATS') && ($active_feed_id > 0 || $is_cat)) {
2721 print "<option $cat_preselected value=\"this_cat\">This category ($feed_cat_title)</option>";
2722 } else {
2723 print "<option disabled>This category</option>";
2724 }
2725
2726 print "</select></td></tr>";
2727
2728 print "<tr><td>Match on:</td><td>";
2729
2730 $search_fields = array(
2731 "title" => "Title",
2732 "content" => "Content",
2733 "both" => "Title or content");
2734
2735 print_select_hash("match_on", 3, $search_fields);
2736
2737 print "</td></tr></table>";
2738
2739 print "</form>";
2740
2741 print "<div align=\"right\">
2742 <input type=\"submit\"
2743 class=\"button\" onclick=\"javascript:search()\"
2744 id=\"search_submit_btn\" disabled=\"true\"
2745 value=\"Search\">
2746 <input class=\"button\"
2747 type=\"submit\" onclick=\"javascript:searchCancel()\"
2748 value=\"Cancel\"></div>";
2749
2750 print "</div>";
2751
2752 }
2753
2754 if ($id == "quickAddLabel") {
2755 print "<div id=\"infoBoxTitle\">Create label</div>";
2756 print "<div class=\"infoBoxContents\">";
2757
2758 print "<form id=\"label_edit_form\">";
2759
2760 print "<input type=\"hidden\" name=\"op\" value=\"pref-labels\">";
2761 print "<input type=\"hidden\" name=\"subop\" value=\"add\">";
2762
2763 print "<table width='100%'>";
2764
2765 print "<tr><td>Caption:</td>
2766 <td><input onkeypress=\"return filterCR(event)\"
2767 onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
2768 name=\"description\" class=\"iedit\">";
2769
2770 print "</td></tr>";
2771
2772 print "<tr><td colspan=\"2\">
2773 <p>SQL Expression:</p>";
2774
2775 print "<textarea onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
2776 rows=\"4\" name=\"sql_exp\" class=\"iedit\"></textarea>";
2777
2778 print "</td></tr></table>";
2779
2780 print "</form>";
2781
2782 print "<div style=\"display : none\" id=\"label_test_result\"></div>";
2783
2784 print "<div align='right'>";
2785
2786 print "<input type=\"submit\" onclick=\"labelTest()\" value=\"Test\">
2787 ";
2788
2789 print "<input type=\"submit\"
2790 id=\"infobox_submit\"
2791 disabled=\"true\"
2792 class=\"button\" onclick=\"return addLabel()\"
2793 value=\"Create\"> ";
2794
2795 print "<input class=\"button\"
2796 type=\"submit\" onclick=\"return labelEditCancel()\"
2797 value=\"Cancel\">";
2798 }
2799
2800 if ($id == "quickAddFilter") {
2801
2802 $active_feed_id = db_escape_string($_GET["param"]);
2803
2804 print "<div id=\"infoBoxTitle\">Create filter</div>";
2805 print "<div class=\"infoBoxContents\">";
2806
2807 print "<form id=\"filter_add_form\">";
2808
2809 print "<input type=\"hidden\" name=\"op\" value=\"pref-filters\">";
2810 print "<input type=\"hidden\" name=\"quiet\" value=\"1\">";
2811 print "<input type=\"hidden\" name=\"subop\" value=\"add\">";
2812
2813 // print "<div class=\"notice\"><b>Note:</b> filter will only apply to new articles.</div>";
2814
2815 $result = db_query($link, "SELECT id,description
2816 FROM ttrss_filter_types ORDER BY description");
2817
2818 $filter_types = array();
2819
2820 while ($line = db_fetch_assoc($result)) {
2821 //array_push($filter_types, $line["description"]);
2822 $filter_types[$line["id"]] = $line["description"];
2823 }
2824
2825 print "<table width='100%'>";
2826
2827 print "<tr><td>Match:</td>
2828 <td><input onkeypress=\"return filterCR(event)\"
2829 onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
2830 name=\"reg_exp\" class=\"iedit\">";
2831 print "</td><td>";
2832
2833 print_select_hash("filter_type", 1, $filter_types, "class=\"iedit\"");
2834
2835 print "</td></tr>";
2836 print "<tr><td>Feed:</td><td colspan='2'>";
2837
2838 print_feed_select($link, "feed_id", $active_feed_id);
2839
2840 print "</td></tr>";
2841
2842 print "<tr><td>Action:</td>";
2843
2844 print "<td colspan='2'><select name=\"action_id\">";
2845
2846 $result = db_query($link, "SELECT id,description FROM ttrss_filter_actions
2847 ORDER BY name");
2848
2849 while ($line = db_fetch_assoc($result)) {
2850 printf("<option value='%d'>%s</option>", $line["id"], $line["description"]);
2851 }
2852
2853 print "</select>";
2854
2855 print "</td></tr></table>";
2856
2857 print "</form>";
2858
2859 print "<div align='right'>";
2860
2861 print "<input type=\"submit\"
2862 id=\"infobox_submit\"
2863 class=\"button\" onclick=\"return qaddFilter()\"
2864 disabled=\"true\" value=\"Create\"> ";
2865
2866 print "<input class=\"button\"
2867 type=\"submit\" onclick=\"return closeInfoBox()\"
2868 value=\"Cancel\">";
2869
2870 print "</div>";
2871
2872 // print "</td></tr></table>";
2873
2874 }
2875
2876 print "</div>";
2877
2878 }
2879
2880 // update feeds of all users, may be used anonymously
2881 if ($op == "globalUpdateFeeds") {
2882
2883 $result = db_query($link, "SELECT id FROM ttrss_users");
2884
2885 while ($line = db_fetch_assoc($result)) {
2886 $user_id = $line["id"];
2887 // print "<!-- updating feeds of uid $user_id -->";
2888 update_all_feeds($link, false, $user_id);
2889 }
2890
2891 print "<rpc-reply>
2892 <message msg=\"All feeds updated\"/>
2893 </rpc-reply>";
2894
2895 }
2896
2897 if ($op == "pref-prefs") {
2898
2899 $subop = $_REQUEST["subop"];
2900
2901 if ($subop == "Save configuration") {
2902
2903 if (WEB_DEMO_MODE) {
2904 header("Location: prefs.php");
2905 return;
2906 }
2907
2908 $_SESSION["prefs_op_result"] = "save-config";
2909
2910 $_SESSION["prefs_cache"] = false;
2911
2912 foreach (array_keys($_POST) as $pref_name) {
2913
2914 $pref_name = db_escape_string($pref_name);
2915 $value = db_escape_string($_POST[$pref_name]);
2916
2917 $result = db_query($link, "SELECT type_name
2918 FROM ttrss_prefs,ttrss_prefs_types
2919 WHERE pref_name = '$pref_name' AND type_id = ttrss_prefs_types.id");
2920
2921 if (db_num_rows($result) > 0) {
2922
2923 $type_name = db_fetch_result($result, 0, "type_name");
2924
2925 // print "$pref_name : $type_name : $value<br>";
2926
2927 if ($type_name == "bool") {
2928 if ($value == "1") {
2929 $value = "true";
2930 } else {
2931 $value = "false";
2932 }
2933 } else if ($type_name == "integer") {
2934 $value = sprintf("%d", $value);
2935 }
2936
2937 // print "$pref_name : $type_name : $value<br>";
2938
2939 db_query($link, "UPDATE ttrss_user_prefs SET value = '$value'
2940 WHERE pref_name = '$pref_name' AND owner_uid = ".$_SESSION["uid"]);
2941
2942 }
2943
2944 header("Location: prefs.php");
2945
2946 }
2947
2948 } else if ($subop == "getHelp") {
2949
2950 $pref_name = db_escape_string($_GET["pn"]);
2951
2952 $result = db_query($link, "SELECT help_text FROM ttrss_prefs
2953 WHERE pref_name = '$pref_name'");
2954
2955 if (db_num_rows($result) > 0) {
2956 $help_text = db_fetch_result($result, 0, "help_text");
2957 print $help_text;
2958 } else {
2959 print "Unknown option: $pref_name";
2960 }
2961
2962 } else if ($subop == "Change e-mail") {
2963
2964 if (WEB_DEMO_MODE) {
2965 header("Location: prefs.php");
2966 return;
2967 }
2968
2969 $email = db_escape_string($_GET["email"]);
2970 $active_uid = $_SESSION["uid"];
2971
2972 if ($email) {
2973 db_query($link, "UPDATE ttrss_users SET email = '$email'
2974 WHERE id = '$active_uid'");
2975 }
2976
2977 header("Location: prefs.php");
2978
2979 } else if ($subop == "Change password") {
2980
2981 if (WEB_DEMO_MODE) {
2982 header("Location: prefs.php");
2983 return;
2984 }
2985
2986 $old_pw = $_POST["OLD_PASSWORD"];
2987 $new_pw = $_POST["OLD_PASSWORD"];
2988
2989 $old_pw_hash = 'SHA1:' . sha1($_POST["OLD_PASSWORD"]);
2990 $new_pw_hash = 'SHA1:' . sha1($_POST["NEW_PASSWORD"]);
2991
2992 $active_uid = $_SESSION["uid"];
2993
2994 if ($old_pw && $new_pw) {
2995
2996 $login = db_escape_string($_SERVER['PHP_AUTH_USER']);
2997
2998 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
2999 id = '$active_uid' AND (pwd_hash = '$old_pw' OR
3000 pwd_hash = '$old_pw_hash')");
3001
3002 if (db_num_rows($result) == 1) {
3003 db_query($link, "UPDATE ttrss_users SET pwd_hash = '$new_pw_hash'
3004 WHERE id = '$active_uid'");
3005
3006 $_SESSION["pwd_change_result"] = "ok";
3007 } else {
3008 $_SESSION["pwd_change_result"] = "failed";
3009 }
3010 }
3011
3012 header("Location: prefs.php");
3013
3014 } else if ($subop == "Reset to defaults") {
3015
3016 if (WEB_DEMO_MODE) {
3017 header("Location: prefs.php");
3018 return;
3019 }
3020
3021 $_SESSION["prefs_op_result"] = "reset-to-defaults";
3022
3023 if (DB_TYPE == "pgsql") {
3024 db_query($link,"UPDATE ttrss_user_prefs
3025 SET value = ttrss_prefs.def_value
3026 WHERE owner_uid = '".$_SESSION["uid"]."' AND
3027 ttrss_prefs.pref_name = ttrss_user_prefs.pref_name");
3028 } else {
3029 db_query($link, "DELETE FROM ttrss_user_prefs
3030 WHERE owner_uid = ".$_SESSION["uid"]);
3031 initialize_user_prefs($link, $_SESSION["uid"]);
3032 }
3033
3034 header("Location: prefs.php");
3035
3036 } else if ($subop == "Change theme") {
3037
3038 $theme = db_escape_string($_POST["theme"]);
3039
3040 if ($theme == "Default") {
3041 $theme_qpart = 'NULL';
3042 } else {
3043 $theme_qpart = "'$theme'";
3044 }
3045
3046 $result = db_query($link, "SELECT id,theme_path FROM ttrss_themes
3047 WHERE theme_name = '$theme'");
3048
3049 if (db_num_rows($result) == 1) {
3050 $theme_id = db_fetch_result($result, 0, "id");
3051 $theme_path = db_fetch_result($result, 0, "theme_path");
3052 } else {
3053 $theme_id = "NULL";
3054 $theme_path = "";
3055 }
3056
3057 db_query($link, "UPDATE ttrss_users SET
3058 theme_id = $theme_id WHERE id = " . $_SESSION["uid"]);
3059
3060 $_SESSION["theme"] = $theme_path;
3061
3062 header("Location: prefs.php");
3063
3064 } else {
3065
3066 print check_for_update($link);
3067
3068 if (!SINGLE_USER_MODE) {
3069
3070 $result = db_query($link, "SELECT id,email FROM ttrss_users
3071 WHERE id = ".$_SESSION["uid"]." AND (pwd_hash = 'password' OR
3072 pwd_hash = 'SHA1:".sha1("password")."')");
3073
3074 if (db_num_rows($result) != 0) {
3075 print "<div class=\"warning\">
3076 Your password is at default value, please change it.
3077 </div>";
3078 }
3079
3080 if ($_SESSION["pwd_change_result"] == "failed") {
3081 print "<div class=\"warning\">
3082 There was an error while changing your password.
3083 </div>";
3084 }
3085
3086 if ($_SESSION["pwd_change_result"] == "ok") {
3087 print "<div class=\"notice\">
3088 Password changed successfully.
3089 </div>";
3090 }
3091
3092 $_SESSION["pwd_change_result"] = "";
3093
3094 if ($_SESSION["prefs_op_result"] == "reset-to-defaults") {
3095 print "<div class=\"notice\">
3096 Your configuration was reset to defaults.
3097 </div>";
3098 }
3099
3100 if ($_SESSION["prefs_op_result"] == "save-config") {
3101 print "<div class=\"notice\">
3102 Your configuration was saved successfully.
3103 </div>";
3104 }
3105
3106 $_SESSION["prefs_op_result"] = "";
3107
3108 print "<form action=\"backend.php\" method=\"GET\">";
3109
3110 print "<table width=\"100%\" class=\"prefPrefsList\">";
3111 print "<tr><td colspan='3'><h3>Personal data</h3></tr></td>";
3112
3113 $result = db_query($link, "SELECT email FROM ttrss_users
3114 WHERE id = ".$_SESSION["uid"]);
3115
3116 $email = db_fetch_result($result, 0, "email");
3117
3118 print "<tr><td width=\"40%\">E-mail</td>";
3119 print "<td><input class=\"editbox\" name=\"email\"
3120 value=\"$email\"></td></tr>";
3121
3122 print "</table>";
3123
3124 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
3125
3126 print "<p><input class=\"button\" type=\"submit\"
3127 value=\"Change e-mail\" name=\"subop\">";
3128
3129 print "</form>";
3130
3131 print "<form action=\"backend.php\" method=\"POST\" name=\"changePassForm\">";
3132
3133 print "<table width=\"100%\" class=\"prefPrefsList\">";
3134 print "<tr><td colspan='3'><h3>Authentication</h3></tr></td>";
3135
3136 print "<tr><td width=\"40%\">Old password</td>";
3137 print "<td><input class=\"editbox\" type=\"password\"
3138 name=\"OLD_PASSWORD\"></td></tr>";
3139
3140 print "<tr><td width=\"40%\">New password</td>";
3141
3142 print "<td><input class=\"editbox\" type=\"password\"
3143 name=\"NEW_PASSWORD\"></td></tr>";
3144
3145 print "</table>";
3146
3147 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
3148
3149 print "<p><input class=\"button\" type=\"submit\"
3150 onclick=\"return validateNewPassword(this.form)\"
3151 value=\"Change password\" name=\"subop\">";
3152
3153 print "</form>";
3154
3155 }
3156
3157 $result = db_query($link, "SELECT
3158 theme_id FROM ttrss_users WHERE id = " . $_SESSION["uid"]);
3159
3160 $user_theme_id = db_fetch_result($result, 0, "theme_id");
3161
3162 $result = db_query($link, "SELECT
3163 id,theme_name FROM ttrss_themes ORDER BY theme_name");
3164
3165 if (db_num_rows($result) > 0) {
3166
3167 print "<form action=\"backend.php\" method=\"POST\">";
3168 print "<table width=\"100%\" class=\"prefPrefsList\">";
3169 print "<tr><td colspan='3'><h3>Themes</h3></tr></td>";
3170 print "<tr><td width=\"40%\">Select theme</td>";
3171 print "<td><select name=\"theme\">";
3172 print "<option>Default</option>";
3173 print "<option disabled>--------</option>";
3174
3175 while ($line = db_fetch_assoc($result)) {
3176 if ($line["id"] == $user_theme_id) {
3177 $selected = "selected";
3178 } else {
3179 $selected = "";
3180 }
3181 print "<option $selected>" . $line["theme_name"] . "</option>";
3182 }
3183 print "</select></td></tr>";
3184 print "</table>";
3185 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
3186 print "<p><input class=\"button\" type=\"submit\"
3187 value=\"Change theme\" name=\"subop\">";
3188 print "</form>";
3189 }
3190
3191 initialize_user_prefs($link, $_SESSION["uid"]);
3192
3193 $result = db_query($link, "SELECT
3194 ttrss_user_prefs.pref_name,short_desc,help_text,value,type_name,
3195 section_name,def_value
3196 FROM ttrss_prefs,ttrss_prefs_types,ttrss_prefs_sections,ttrss_user_prefs
3197 WHERE type_id = ttrss_prefs_types.id AND
3198 section_id = ttrss_prefs_sections.id AND
3199 ttrss_user_prefs.pref_name = ttrss_prefs.pref_name AND
3200 owner_uid = ".$_SESSION["uid"]."
3201 ORDER BY section_id,short_desc");
3202
3203 print "<form action=\"backend.php\" method=\"POST\">";
3204
3205 $lnum = 0;
3206
3207 $active_section = "";
3208
3209 while ($line = db_fetch_assoc($result)) {
3210
3211 if ($active_section != $line["section_name"]) {
3212
3213 if ($active_section != "") {
3214 print "</table>";
3215 }
3216
3217 print "<p><table width=\"100%\" class=\"prefPrefsList\">";
3218
3219 $active_section = $line["section_name"];
3220
3221 print "<tr><td colspan=\"3\"><h3>$active_section</h3></td></tr>";
3222 // print "<tr class=\"title\">
3223 // <td width=\"25%\">Option</td><td>Value</td></tr>";
3224
3225 $lnum = 0;
3226 }
3227
3228 // $class = ($lnum % 2) ? "even" : "odd";
3229
3230 print "<tr>";
3231
3232 $type_name = $line["type_name"];
3233 $pref_name = $line["pref_name"];
3234 $value = $line["value"];
3235 $def_value = $line["def_value"];
3236 $help_text = $line["help_text"];
3237
3238 print "<td width=\"40%\" id=\"$pref_name\">" . $line["short_desc"];
3239
3240 if ($help_text) print "<div class=\"prefHelp\">$help_text</div>";
3241
3242 print "</td>";
3243
3244 print "<td>";
3245
3246 if ($type_name == "bool") {
3247 // print_select($pref_name, $value, array("true", "false"));
3248
3249 if ($value == "true") {
3250 $value = "Yes";
3251 } else {
3252 $value = "No";
3253 }
3254
3255 print_radio($pref_name, $value, array("Yes", "No"));
3256
3257 } else {
3258 print "<input class=\"editbox\" name=\"$pref_name\" value=\"$value\">";
3259 }
3260
3261 print "</td>";
3262
3263 print "</tr>";
3264
3265 $lnum++;
3266 }
3267
3268 print "</table>";
3269
3270 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
3271
3272 print "<p><input class=\"button\" type=\"submit\"
3273 name=\"subop\" value=\"Save configuration\">";
3274
3275 print "&nbsp;<input class=\"button\" type=\"submit\"
3276 name=\"subop\" onclick=\"return validatePrefsReset()\"
3277 value=\"Reset to defaults\"></p>";
3278
3279 print "</form>";
3280
3281 }
3282
3283 }
3284
3285 if ($op == "pref-users") {
3286
3287 $subop = $_GET["subop"];
3288
3289 if ($subop == "edit") {
3290
3291 $id = db_escape_string($_GET["id"]);
3292
3293 print "<div id=\"infoBoxTitle\">User editor</div>";
3294
3295 print "<div class=\"infoBoxContents\">";
3296
3297 print "<form id=\"user_edit_form\">";
3298
3299 print "<input type=\"hidden\" name=\"id\" value=\"$id\">";
3300 print "<input type=\"hidden\" name=\"op\" value=\"pref-users\">";
3301 print "<input type=\"hidden\" name=\"subop\" value=\"editSave\">";
3302
3303 $result = db_query($link, "SELECT * FROM ttrss_users WHERE id = '$id'");
3304
3305 $login = db_fetch_result($result, 0, "login");
3306 $access_level = db_fetch_result($result, 0, "access_level");
3307 $email = db_fetch_result($result, 0, "email");
3308
3309 print "<table width='100%'>";
3310 print "<tr><td>Login:</td><td>
3311 <input class=\"iedit\" onkeypress=\"return filterCR(event)\"
3312 name=\"login\" value=\"$login\"></td></tr>";
3313
3314 print "<tr><td>Change password:</td><td>
3315 <input class=\"iedit\" onkeypress=\"return filterCR(event)\"
3316 name=\"password\"></td></tr>";
3317
3318 print "<tr><td>E-mail:</td><td>
3319 <input class=\"iedit\" name=\"email\" onkeypress=\"return filterCR(event)\"
3320 value=\"$email\"></td></tr>";
3321
3322 $sel_disabled = ($id == $_SESSION["uid"]) ? "disabled" : "";
3323
3324 print "<tr><td>Access level:</td><td>";
3325 print_select_hash("access_level", $access_level, $access_level_names,
3326 $sel_disabled);
3327 print "</td></tr>";
3328
3329 print "</table>";
3330
3331 print "</form>";
3332
3333 print "<div align='right'>
3334 <input class=\"button\"
3335 type=\"submit\" onclick=\"return userEditSave()\"
3336 value=\"Save\">
3337 <input class=\"button\"
3338 type=\"submit\" onclick=\"return userEditCancel()\"
3339 value=\"Cancel\"></div>";
3340
3341 print "</div>";
3342
3343 return;
3344 }
3345
3346 if ($subop == "editSave") {
3347
3348 if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3349
3350 $login = db_escape_string(trim($_GET["login"]));
3351 $uid = db_escape_string($_GET["id"]);
3352 $access_level = sprintf("%d", $_GET["access_level"]);
3353 $email = db_escape_string(trim($_GET["email"]));
3354 $password = db_escape_string(trim($_GET["password"]));
3355
3356 if ($password) {
3357 $pwd_hash = 'SHA1:' . sha1($password);
3358 $pass_query_part = "pwd_hash = '$pwd_hash', ";
3359 print "<div class='notice'>Changed password for user <b>$login</b>.</div>";
3360 } else {
3361 $pass_query_part = "";
3362 }
3363
3364 db_query($link, "UPDATE ttrss_users SET $pass_query_part login = '$login',
3365 access_level = '$access_level', email = '$email' WHERE id = '$uid'");
3366
3367 }
3368 } else if ($subop == "remove") {
3369
3370 if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3371
3372 $ids = split(",", db_escape_string($_GET["ids"]));
3373
3374 foreach ($ids as $id) {
3375 db_query($link, "DELETE FROM ttrss_users WHERE id = '$id' AND id != " . $_SESSION["uid"]);
3376
3377 }
3378 }
3379 } else if ($subop == "add") {
3380
3381 if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3382
3383 $login = db_escape_string(trim($_GET["login"]));
3384 $tmp_user_pwd = make_password(8);
3385 $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd);
3386
3387 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
3388 login = '$login'");
3389
3390 if (db_num_rows($result) == 0) {
3391
3392 db_query($link, "INSERT INTO ttrss_users
3393 (login,pwd_hash,access_level,last_login)
3394 VALUES ('$login', '$pwd_hash', 0, NOW())");
3395
3396
3397 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
3398 login = '$login' AND pwd_hash = '$pwd_hash'");
3399
3400 if (db_num_rows($result) == 1) {
3401
3402 $new_uid = db_fetch_result($result, 0, "id");
3403
3404 print "<div class=\"notice\">Added user <b>".$_GET["login"].
3405 "</b> with password <b>$tmp_user_pwd</b>.</div>";
3406
3407 initialize_user($link, $new_uid);
3408
3409 } else {
3410
3411 print "<div class=\"warning\">Could not create user <b>".
3412 $_GET["login"]."</b></div>";
3413
3414 }
3415 } else {
3416 print "<div class=\"warning\">User <b>".
3417 $_GET["login"]."</b> already exists.</div>";
3418 }
3419 }
3420 } else if ($subop == "resetPass") {
3421
3422 if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3423
3424 $uid = db_escape_string($_GET["id"]);
3425
3426 $result = db_query($link, "SELECT login,email
3427 FROM ttrss_users WHERE id = '$uid'");
3428
3429 $login = db_fetch_result($result, 0, "login");
3430 $email = db_fetch_result($result, 0, "email");
3431 $tmp_user_pwd = make_password(8);
3432 $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd);
3433
3434 db_query($link, "UPDATE ttrss_users SET pwd_hash = '$pwd_hash'
3435 WHERE id = '$uid'");
3436
3437 print "<div class=\"notice\">Changed password of
3438 user <b>$login</b> to <b>$tmp_user_pwd</b>.";
3439
3440 if (MAIL_RESET_PASS && $email) {
3441 print " Notifying <b>$email</b>.";
3442
3443 mail("$login <$email>", "Password reset notification",
3444 "Hi, $login.\n".
3445 "\n".
3446 "Your password for this TT-RSS installation was reset by".
3447 " an administrator.\n".
3448 "\n".
3449 "Your new password is $tmp_user_pwd, please remember".
3450 " it for later reference.\n".
3451 "\n".
3452 "Sincerely, TT-RSS Mail Daemon.", "From: " . MAIL_FROM);
3453 }
3454
3455 print "</div>";
3456
3457 }
3458 }
3459
3460 $sort = db_escape_string($_GET["sort"]);
3461
3462 if (!$sort || $sort == "undefined") {
3463 $sort = "login";
3464 }
3465
3466 print "<div class=\"prefGenericAddBox\">
3467 <input id=\"uadd_box\"
3468 onkeyup=\"toggleSubmitNotEmpty(this, 'user_add_btn')\"
3469 size=\"40\">&nbsp;";
3470
3471 print"<input type=\"submit\" class=\"button\"
3472 id=\"user_add_btn\" disabled=\"true\"
3473 onclick=\"javascript:addUser()\" value=\"Create user\"></div>";
3474
3475 $result = db_query($link, "SELECT
3476 id,login,access_level,email,
3477 SUBSTRING(last_login,1,16) as last_login
3478 FROM
3479 ttrss_users
3480 ORDER BY $sort");
3481
3482 // print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
3483
3484 print "<p><table width=\"100%\" cellspacing=\"0\"
3485 class=\"prefUserList\" id=\"prefUserList\">";
3486
3487 print "<tr><td class=\"selectPrompt\" colspan=\"8\">
3488 Select:
3489 <a href=\"javascript:selectPrefRows('user', true)\">All</a>,
3490 <a href=\"javascript:selectPrefRows('user', false)\">None</a>
3491 </td</tr>";
3492
3493 print "<tr class=\"title\">
3494 <td align='center' width=\"5%\">&nbsp;</td>
3495 <td width='40%'><a href=\"javascript:updateUsersList('login')\">Login</a></td>
3496 <td width='40%'><a href=\"javascript:updateUsersList('access_level')\">Access Level</a></td>
3497 <td width='30%'><a href=\"javascript:updateUsersList('last_login')\">Last login</a></td></tr>";
3498
3499 $lnum = 0;
3500
3501 while ($line = db_fetch_assoc($result)) {
3502
3503 $class = ($lnum % 2) ? "even" : "odd";
3504
3505 $uid = $line["id"];
3506 $edit_uid = $_GET["id"];
3507
3508 if ($subop == "edit" && $uid != $edit_uid) {
3509 $class .= "Grayed";
3510 $this_row_id = "";
3511 } else {
3512 $this_row_id = "id=\"UMRR-$uid\"";
3513 }
3514
3515 print "<tr class=\"$class\" $this_row_id>";
3516
3517 $line["login"] = htmlspecialchars($line["login"]);
3518
3519 $line["last_login"] = date(get_pref($link, 'SHORT_DATE_FORMAT'),
3520 strtotime($line["last_login"]));
3521
3522 $access_level_names = array(0 => "User", 10 => "Administrator");
3523
3524 // if (!$edit_uid || $subop != "edit") {
3525
3526 print "<td align='center'><input onclick='toggleSelectPrefRow(this, \"user\");'
3527 type=\"checkbox\" id=\"UMCHK-$uid\"></td>";
3528
3529 print "<td><a href=\"javascript:editUser($uid);\">" .
3530 $line["login"] . "</td>";
3531
3532 if (!$line["email"]) $line["email"] = "&nbsp;";
3533
3534 print "<td><a href=\"javascript:editUser($uid);\">" .
3535 $access_level_names[$line["access_level"]] . "</td>";
3536
3537 /* } else if ($uid != $edit_uid) {
3538
3539 if (!$line["email"]) $line["email"] = "&nbsp;";
3540
3541 print "<td align='center'><input disabled=\"true\" type=\"checkbox\"
3542 id=\"UMCHK-".$line["id"]."\"></td>";
3543
3544 print "<td>".$line["login"]."</td>";
3545 print "<td>".$line["email"]."</td>";
3546 print "<td>".$access_level_names[$line["access_level"]]."</td>";
3547
3548 } else {
3549
3550 print "<td align='center'>
3551 <input disabled=\"true\" type=\"checkbox\" checked></td>";
3552
3553 print "<td><input id=\"iedit_ulogin\" value=\"".$line["login"].
3554 "\"></td>";
3555
3556 print "<td><input id=\"iedit_email\" value=\"".$line["email"].
3557 "\"></td>";
3558
3559 print "<td>";
3560 print "<select id=\"iedit_ulevel\">";
3561 foreach (array_keys($access_level_names) as $al) {
3562 if ($al == $line["access_level"]) {
3563 $selected = "selected";
3564 } else {
3565 $selected = "";
3566 }
3567 print "<option $selected id=\"$al\">" .
3568 $access_level_names[$al] . "</option>";
3569 }
3570 print "</select>";
3571 print "</td>";
3572
3573 } */
3574
3575 print "<td>".$line["last_login"]."</td>";
3576
3577 print "</tr>";
3578
3579 ++$lnum;
3580 }
3581
3582 print "</table>";
3583
3584 print "<p id='userOpToolbar'>";
3585
3586 /* if ($subop == "edit") {
3587 print "Edit user:
3588 <input type=\"submit\" class=\"button\"
3589 onclick=\"javascript:userEditSave()\" value=\"Save\">
3590 <input type=\"submit\" class=\"button\"
3591 onclick=\"javascript:userEditCancel()\" value=\"Cancel\">";
3592
3593 } else { */
3594
3595 print "
3596 Selection:
3597 <input type=\"submit\" class=\"button\" disabled=\"true\"
3598 onclick=\"javascript:selectedUserDetails()\" value=\"User details\">
3599 <input type=\"submit\" class=\"button\" disabled=\"true\"
3600 onclick=\"javascript:editSelectedUser()\" value=\"Edit\">
3601 <input type=\"submit\" class=\"button\" disabled=\"true\"
3602 onclick=\"javascript:removeSelectedUsers()\" value=\"Remove\">
3603 <input type=\"submit\" class=\"button\" disabled=\"true\"
3604 onclick=\"javascript:resetSelectedUserPass()\" value=\"Reset password\">";
3605
3606 // }
3607 }
3608
3609 if ($op == "user-details") {
3610
3611 if (WEB_DEMO_MODE || $_SESSION["access_level"] < 10) {
3612 return;
3613 }
3614
3615 /* print "<html><head>
3616 <title>Tiny Tiny RSS : User Details</title>
3617 <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">
3618 <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
3619 </head><body>"; */
3620
3621 $uid = sprintf("%d", $_GET["id"]);
3622
3623 print "<div id=\"infoBoxTitle\">User details</div>";
3624
3625 print "<div class='infoBoxContents'>";
3626
3627 $result = db_query($link, "SELECT login,
3628 SUBSTRING(last_login,1,16) AS last_login,
3629 access_level,
3630 (SELECT COUNT(int_id) FROM ttrss_user_entries
3631 WHERE owner_uid = id) AS stored_articles
3632 FROM ttrss_users
3633 WHERE id = '$uid'");
3634
3635 if (db_num_rows($result) == 0) {
3636 print "<h1>User not found</h1>";
3637 return;
3638 }
3639
3640 # print "<h1>User Details</h1>";
3641
3642 $login = db_fetch_result($result, 0, "login");
3643
3644 # print "<h1>$login</h1>";
3645
3646 print "<table width='100%'>";
3647
3648 $last_login = date(get_pref($link, 'LONG_DATE_FORMAT'),
3649 strtotime(db_fetch_result($result, 0, "last_login")));
3650 $access_level = db_fetch_result($result, 0, "access_level");
3651 $stored_articles = db_fetch_result($result, 0, "stored_articles");
3652
3653 # print "<tr><td>Username</td><td>$login</td></tr>";
3654 # print "<tr><td>Access level</td><td>$access_level</td></tr>";
3655 print "<tr><td>Last logged in</td><td>$last_login</td></tr>";
3656 print "<tr><td>Stored articles</td><td>$stored_articles</td></tr>";
3657
3658 $result = db_query($link, "SELECT COUNT(id) as num_feeds FROM ttrss_feeds
3659 WHERE owner_uid = '$uid'");
3660
3661 $num_feeds = db_fetch_result($result, 0, "num_feeds");
3662
3663 print "<tr><td>Subscribed feeds count</td><td>$num_feeds</td></tr>";
3664
3665 /* $result = db_query($link, "SELECT
3666 SUM(LENGTH(content)+LENGTH(title)+LENGTH(link)+LENGTH(guid)) AS db_size
3667 FROM ttrss_user_entries,ttrss_entries
3668 WHERE owner_uid = '$uid' AND ref_id = id");
3669
3670 $db_size = round(db_fetch_result($result, 0, "db_size") / 1024);
3671
3672 print "<tr><td>Approx. used DB size</td><td>$db_size KBytes</td></tr>"; */
3673
3674 print "</table>";
3675
3676 print "<h1>Subscribed feeds</h1>";
3677
3678 $result = db_query($link, "SELECT id,title,site_url FROM ttrss_feeds
3679 WHERE owner_uid = '$uid' ORDER BY title");
3680
3681 print "<ul class=\"userFeedList\">";
3682
3683 $row_class = "odd";
3684
3685 while ($line = db_fetch_assoc($result)) {
3686
3687 $icon_file = ICONS_URL."/".$line["id"].".ico";
3688
3689 if (file_exists($icon_file) && filesize($icon_file) > 0) {
3690 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"$icon_file\">";
3691 } else {
3692 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
3693 }
3694
3695 print "<li class=\"$row_class\">$feed_icon&nbsp;<a href=\"".$line["site_url"]."\">".$line["title"]."</a></li>";
3696
3697 $row_class = toggleEvenOdd($row_class);
3698
3699 }
3700
3701 if (db_num_rows($result) < $num_feeds) {
3702 // FIXME - add link to show ALL subscribed feeds here somewhere
3703 print "<li><img
3704 class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">&nbsp;...</li>";
3705 }
3706
3707 print "</ul>";
3708
3709 print "</div>";
3710
3711 print "<div align='center'>
3712 <input type='submit' class='button'
3713 onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
3714
3715 // print "</body></html>";
3716
3717 }
3718
3719 if ($op == "pref-feed-browser") {
3720
3721 if (!ENABLE_FEED_BROWSER) {
3722 print "Feed browser is administratively disabled.";
3723 return;
3724 }
3725
3726 $subop = $_REQUEST["subop"];
3727
3728 if ($subop == "details") {
3729 $id = db_escape_string($_GET["id"]);
3730
3731 print "<div class=\"browserFeedInfo\">";
3732 print "<b>Feed information:</b>";
3733 print "<div class=\"detailsPart\">";
3734
3735 $result = db_query($link, "SELECT
3736 feed_url,site_url,
3737 SUBSTRING(last_updated,1,19) AS last_updated
3738 FROM ttrss_feeds WHERE id = '$id'");
3739
3740 $feed_url = db_fetch_result($result, 0, "feed_url");
3741 $site_url = db_fetch_result($result, 0, "site_url");
3742 $last_updated = db_fetch_result($result, 0, "last_updated");
3743
3744 if (get_pref($link, 'HEADLINES_SMART_DATE')) {
3745 $last_updated = smart_date_time(strtotime($last_updated));
3746 } else {
3747 $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
3748 $last_updated = date($short_date, strtotime($last_updated));
3749 }
3750
3751 print "Site: <a href='$site_url'>$site_url</a> ".
3752 "(<a href='$feed_url'>feed</a>), ".
3753 "Last updated: $last_updated";
3754
3755 print "</div>";
3756
3757 $result = db_query($link, "SELECT
3758 ttrss_entries.title,
3759 content,
3760 substring(date_entered,1,19) as date_entered,
3761 substring(updated,1,19) as updated
3762 FROM ttrss_entries,ttrss_user_entries
3763 WHERE ttrss_entries.id = ref_id AND feed_id = '$id'
3764 ORDER BY updated DESC LIMIT 5");
3765
3766 if (db_num_rows($result) > 0) {
3767
3768 print "<b>Last headlines:</b><br>";
3769
3770 print "<div class=\"detailsPart\">";
3771 print "<ul class=\"compact\">";
3772 while ($line = db_fetch_assoc($result)) {
3773
3774 if (get_pref($link, 'HEADLINES_SMART_DATE')) {
3775 $entry_dt = smart_date_time(strtotime($line["updated"]));
3776 } else {
3777 $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
3778 $entry_dt = date($short_date, strtotime($line["updated"]));
3779 }
3780
3781 print "<li>" . $line["title"] .
3782 "&nbsp;<span class=\"insensitive\">($entry_dt)</span></li>";
3783 }
3784 print "</ul></div>";
3785 }
3786
3787 print "</div>";
3788
3789 return;
3790 }
3791
3792 print "<p>This panel shows feeds subscribed by other users of this system, just in case you are interested in some of them too.</p>";
3793
3794 $limit = db_escape_string($_GET["limit"]);
3795
3796 if (!$limit) $limit = 25;
3797
3798 $owner_uid = $_SESSION["uid"];
3799
3800 $result = db_query($link, "SELECT feed_url,COUNT(id) AS subscribers
3801 FROM ttrss_feeds WHERE (SELECT COUNT(id) = 0 FROM ttrss_feeds AS tf
3802 WHERE tf.feed_url = ttrss_feeds.feed_url
3803 AND owner_uid = '$owner_uid') GROUP BY feed_url
3804 ORDER BY subscribers DESC LIMIT $limit");
3805
3806
3807 print "<div style=\"float : right\">
3808 Top <select id=\"feedBrowserLimit\">";
3809
3810 foreach (array(25, 50, 100) as $l) {
3811 $issel = ($l == $limit) ? "selected" : "";
3812 print "<option $issel>$l</option>";
3813 }
3814
3815 print "</select>
3816 <input type=\"submit\" class=\"button\"
3817 onclick=\"updateBigFeedBrowser()\" value=\"Show\">
3818 </div>";
3819
3820 print "<p id=\"fbrOpToolbar\">Selection:
3821 <input type='submit' class='button' onclick=\"feedBrowserSubscribe()\"
3822 disabled=\"true\" value=\"Subscribe\">";
3823
3824 print "<ul class='nomarks' id='browseBigFeedList'>";
3825
3826 $feedctr = 0;
3827
3828 while ($line = db_fetch_assoc($result)) {
3829 $feed_url = $line["feed_url"];
3830 $subscribers = $line["subscribers"];
3831
3832 $det_result = db_query($link, "SELECT site_url,title,id
3833 FROM ttrss_feeds WHERE feed_url = '$feed_url' LIMIT 1");
3834
3835 $details = db_fetch_assoc($det_result);
3836
3837 $icon_file = ICONS_DIR . "/" . $details["id"] . ".ico";
3838
3839 if (file_exists($icon_file) && filesize($icon_file) > 0) {
3840 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"" . ICONS_URL .
3841 "/".$details["id"].".ico\">";
3842 } else {
3843 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
3844 }
3845
3846 $check_box = "<input onclick='toggleSelectFBListRow(this)' class='feedBrowseCB'
3847 type=\"checkbox\" id=\"FBCHK-" . $details["id"] . "\">";
3848
3849 $class = ($feedctr % 2) ? "even" : "odd";
3850
3851 print "<li class='$class' id=\"FBROW-".$details["id"]."\">$check_box".
3852 "$feed_icon ";
3853
3854 print "<a href=\"javascript:browserToggleExpand('".$details["id"]."')\">" .
3855 $details["title"] ."</a>&nbsp;" .
3856 "<span class='subscribers'>($subscribers)</span>";
3857
3858 print "<div class=\"browserDetails\" id=\"BRDET-" . $details["id"] . "\">";
3859 print "</div>";
3860
3861 print "</li>";
3862
3863 ++$feedctr;
3864 }
3865
3866 if ($feedctr == 0) {
3867 print "<li>No feeds found to subscribe.</li>";
3868 }
3869
3870 print "</ul>";
3871
3872 print "</div>";
3873
3874 }
3875
3876 if ($op == "rss") {
3877 $feed = db_escape_string($_GET["id"]);
3878 $user = db_escape_string($_GET["user"]);
3879 $pass = db_escape_string($_GET["pass"]);
3880 $is_cat = $_GET["is_cat"] != false;
3881
3882 $search = db_escape_string($_GET["q"]);
3883 $match_on = db_escape_string($_GET["m"]);
3884 $search_mode = db_escape_string($_GET["smode"]);
3885
3886 if (!$_SESSION["uid"] && $user && $pass) {
3887 authenticate_user($link, $user, $pass);
3888 }
3889
3890 if ($_SESSION["uid"] ||
3891 http_authenticate_user($link)) {
3892
3893 generate_syndicated_feed($link, $feed, $is_cat,
3894 $search, $search_mode, $match_on);
3895 }
3896 }
3897
3898 function check_configuration_variables() {
3899 if (!defined('SESSION_EXPIRE_TIME')) {
3900 return "config: SESSION_EXPIRE_TIME is undefined";
3901 }
3902
3903 if (SESSION_EXPIRE_TIME < 60) {
3904 return "config: SESSION_EXPIRE_TIME is too low (less than 60)";
3905 }
3906
3907 if (SESSION_EXPIRE_TIME < SESSION_COOKIE_LIFETIME_REMEMBER) {
3908 return "config: SESSION_EXPIRE_TIME should be greater or equal to" .
3909 "SESSION_COOKIE_LIFETIME_REMEMBER";
3910 }
3911
3912 if (defined('DISABLE_SESSIONS')) {
3913 return "config: you have enabled DISABLE_SESSIONS. Please disable this option.";
3914 }
3915
3916 if (DATABASE_BACKED_SESSIONS && SINGLE_USER_MODE) {
3917 return "config: DATABASE_BACKED_SESSIONS is incompatible with SINGLE_USER_MODE";
3918 }
3919
3920 return false;
3921 }
3922
3923 if ($op == "labelFromSearch") {
3924 $search = db_escape_string($_GET["search"]);
3925 $search_mode = db_escape_string($_GET["smode"]);
3926 $match_on = db_escape_string($_GET["match"]);
3927 $is_cat = db_escape_string($_GET["is_cat"]);
3928 $title = db_escape_string($_GET["title"]);
3929 $feed = sprintf("%d", $_GET["feed"]);
3930
3931 $label_qparts = array();
3932
3933 $search_expr = getSearchSql($search, $match_on);
3934
3935 if ($is_cat) {
3936 if ($feed != 0) {
3937 $search_expr .= " AND ttrss_feeds.cat_id = $feed ";
3938 } else {
3939 $search_expr .= " AND ttrss_feeds.cat_id IS NULL ";
3940 }
3941 } else {
3942 if ($search_mode == "all_feeds") {
3943 // NOOP
3944 } else if ($search_mode == "this_cat") {
3945
3946 $tmp_result = db_query($link, "SELECT cat_id
3947 FROM ttrss_feeds WHERE id = '$feed'");
3948
3949 $cat_id = db_fetch_result($tmp_result, 0, "cat_id");
3950
3951 if ($cat_id > 0) {
3952 $search_expr .= " AND ttrss_feeds.cat_id = $cat_id ";
3953 } else {
3954 $search_expr .= " AND ttrss_feeds.cat_id IS NULL ";
3955 }
3956 } else {
3957 $search_expr .= " AND ttrss_feeds.id = $feed ";
3958 }
3959
3960 }
3961
3962 $search_expr = db_escape_string($search_expr);
3963
3964 print $search_expr;
3965
3966 if ($title) {
3967 $result = db_query($link,
3968 "INSERT INTO ttrss_labels (sql_exp,description,owner_uid)
3969 VALUES ('$search_expr', '$title', '".$_SESSION["uid"]."')");
3970 }
3971 }
3972
3973 if ($op == "getUnread") {
3974 $login = db_escape_string($_GET["login"]);
3975
3976 header("Content-Type: text/plain; charset=utf-8");
3977
3978 $result = db_query($link, "SELECT id FROM ttrss_users WHERE login = '$login'");
3979
3980 if (db_num_rows($result) == 1) {
3981 $uid = db_fetch_result($result, 0, "id");
3982 print getGlobalUnread($link, $uid);
3983 } else {
3984 print "Error: user not found";
3985 }
3986
3987 $print_exec_time = false;
3988 }
3989
3990 if ($op == "digestTest") {
3991 header("Content-Type: text/plain");
3992 print_r(prepare_headlines_digest($link, $_SESSION["uid"]));
3993 $print_exec_time = false;
3994
3995 }
3996
3997 if ($op == "digestSend") {
3998 header("Content-Type: text/plain");
3999 send_headlines_digests($link);
4000 $print_exec_time = false;
4001
4002 }
4003
4004 db_close($link);
4005 ?>
4006
4007 <?php if ($print_exec_time) { ?>
4008 <!-- <?php echo sprintf("Backend execution time: %.4f seconds", getmicrotime() - $script_started) ?> -->
4009 <?php } ?>
web-based news feed (RSS/Atom) reader and aggregator; see https://tt-rss.org/