backend.php

   1 <?php
   2         require_once "sessions.php";
   3         require_once "backend-rpc.php";
   4
   5         header("Cache-Control: no-cache, must-revalidate");
   6         header("Pragma: no-cache");
   7         header("Expires: -1");
   8
   9 /*      if ($_GET["debug"]) {
  10                 define('DEFAULT_ERROR_LEVEL', E_ALL);
  11         } else {
  12                 define('DEFAULT_ERROR_LEVEL', E_ERROR | E_WARNING | E_PARSE);
  13         }
  14
  15         error_reporting(DEFAULT_ERROR_LEVEL); */
  16
  17         $op = $_REQUEST["op"];
  18
  19         define('SCHEMA_VERSION', 11);
  20
  21         require_once "sanity_check.php";
  22         require_once "config.php";
  23
  24         require_once "db.php";
  25         require_once "db-prefs.php";
  26         require_once "functions.php";
  27
  28         $err_msg = check_configuration_variables();
  29
  30         $print_exec_time = true;
  31
  32         if ($err_msg) {
  33                 header("Content-Type: application/xml");
  34                 print_error_xml(9, $err_msg); die;
  35         }
  36
  37         if ((!$op || $op == "rpc" || $op == "rss" || $op == "digestSend" ||
  38                         $op == "globalUpdateFeeds") && !$_REQUEST["noxml"]) {
  39                 header("Content-Type: application/xml");
  40         }
  41
  42         if (!$op) {
  43                 header("Content-Type: application/xml");
  44                 print_error_xml(7); exit;
  45         }
  46
  47         if (!$_SESSION["uid"] && $op != "globalUpdateFeeds" && $op != "rss" && $op != "getUnread") {
  48
  49                 if ($op == "rpc") {
  50                         print_error_xml(6); die;
  51                 } else {
  52                         print "
  53                         <html><body>
  54                                 <p>Error: Not logged in.</p>
  55                                 <script type=\"text/javascript\">
  56                                         if (parent.window != 'undefined') {
  57                                                 parent.window.location = \"login.php\";
  58                                         } else {
  59                                                 window.location = \"login.php\";
  60                                         }
  61                                 </script>
  62                         </body></html>
  63                         ";
  64                 }
  65                 exit;
  66         }
  67
  68         $purge_intervals = array(
  69                 0  => "Use default",
  70                 -1 => "Never purge",
  71                 5  => "1 week old",
  72                 14 => "2 weeks old",
  73                 31 => "1 month old",
  74                 60 => "2 months old",
  75                 90 => "3 months old");
  76
  77         $update_intervals = array(
  78                 0   => "Use default",
  79                 -1  => "Disable updates",
  80                 30  => "Each 30 minutes",
  81                 60  => "Hourly",
  82                 240 => "Each 4 hours",
  83                 720 => "Each 12 hours",
  84                 1440 => "Daily",
  85                 10080 => "Weekly");
  86
  87         $access_level_names = array(
  88                 0 => "User",
  89                 10 => "Administrator");
  90
  91         $script_started = getmicrotime();
  92
  93         $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
  94
  95         if (!$link) {
  96                 if (DB_TYPE == "mysql") {
  97                         print mysql_error();
  98                 }
  99                 // PG seems to display its own errors just fine by default.
 100                 return;
 101         }
 102
 103         if (DB_TYPE == "pgsql") {
 104                 pg_query("set client_encoding = 'utf-8'");
 105         }
 106
 107         if ($_SESSION["uid"]) {
 108
 109 //              setcookie('ttrss_vf_refresh', FEEDS_FRAME_REFRESH);
 110 //              setcookie('ttrss_vf_daemon', ENABLE_UPDATE_DAEMON);
 111
 112 /*              if (get_pref($link, "ON_CATCHUP_SHOW_NEXT_FEED")) {
 113                         setcookie('ttrss_vf_catchupnext', 1);
 114                 } else {
 115                         setcookie('ttrss_vf_catchupnext', 0);
 116                 } */
 117         }
 118
 119         $fetch = $_GET["fetch"];
 120
 121 //      setcookie("ttrss_icons_url", ICONS_URL);
 122
 123         if (!sanity_check($link)) { return; }
 124
 125         function outputFeedList($link, $tags = false) {
 126
 127                 print "<ul class=\"feedList\" id=\"feedList\">\n";
 128
 129                 $owner_uid = $_SESSION["uid"];
 130
 131                 if (!$tags) {
 132
 133                         /* virtual feeds */
 134
 135                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 136                                 print "<li class=\"feedCat\">Special</li>";
 137                                 print "<li id=\"feedCatHolder\"><ul class=\"feedCatList\">";
 138                         }
 139
 140                         $num_starred = getFeedUnread($link, -1);
 141
 142                         $class = "virt";
 143
 144                         if ($num_starred > 0) $class .= "Unread";
 145
 146                         printFeedEntry(-1, $class, "Starred articles", $num_starred,
 147                                 "images/mark_set.png", $link);
 148
 149                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 150                                 print "</ul>\n";
 151                         }
 152
 153                         if (GLOBAL_ENABLE_LABELS && get_pref($link, 'ENABLE_LABELS')) {
 154
 155                                 $result = db_query($link, "SELECT id,sql_exp,description FROM
 156                                         ttrss_labels WHERE owner_uid = '$owner_uid' ORDER by description");
 157
 158                                 if (db_num_rows($result) > 0) {
 159                                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 160                                                 print "<li class=\"feedCat\">Labels</li>";
 161                                                 print "<li id=\"feedCatHolder\"><ul class=\"feedCatList\">";
 162                                         } else {
 163                                                 print "<li><hr></li>";
 164                                         }
 165                                 }
 166
 167                                 while ($line = db_fetch_assoc($result)) {
 168
 169                                         error_reporting (0);
 170
 171                                         $label_id = -$line['id'] - 11;
 172                                         $count = getFeedUnread($link, $label_id);
 173
 174                                         $class = "label";
 175
 176                                         if ($count > 0) {
 177                                                 $class .= "Unread";
 178                                         }
 179
 180                                         error_reporting (DEFAULT_ERROR_LEVEL);
 181
 182                                         printFeedEntry($label_id,
 183                                                 $class, db_unescape_string($line["description"]),
 184                                                 $count, "images/label.png", $link);
 185
 186                                 }
 187
 188                                 if (db_num_rows($result) > 0) {
 189                                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 190                                                 print "</ul>";
 191                                         }
 192                                 }
 193
 194                         }
 195
 196 //                      if (!get_pref($link, 'ENABLE_FEED_CATS')) {
 197                                 print "<li><hr></li>";
 198 //                      }
 199
 200                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 201                                 if (get_pref($link, "FEEDS_SORT_BY_UNREAD")) {
 202                                         $order_by_qpart = "category,unread DESC,title";
 203                                 } else {
 204                                         $order_by_qpart = "category,title";
 205                                 }
 206                         } else {
 207                                 if (get_pref($link, "FEEDS_SORT_BY_UNREAD")) {
 208                                         $order_by_qpart = "unread DESC,title";
 209                                 } else {
 210                                         $order_by_qpart = "title";
 211                                 }
 212                         }
 213
 214                         $result = db_query($link, "SELECT ttrss_feeds.*,
 215                                 SUBSTRING(last_updated,1,19) AS last_updated_noms,
 216                                 (SELECT COUNT(id) FROM ttrss_entries,ttrss_user_entries
 217                                         WHERE feed_id = ttrss_feeds.id AND
 218                                         ttrss_user_entries.ref_id = ttrss_entries.id AND
 219                                         owner_uid = '$owner_uid') AS total,
 220                                 (SELECT COUNT(id) FROM ttrss_entries,ttrss_user_entries
 221                                         WHERE feed_id = ttrss_feeds.id AND unread = true
 222                                                 AND ttrss_user_entries.ref_id = ttrss_entries.id
 223                                                 AND owner_uid = '$owner_uid') as unread,
 224                                 cat_id,last_error,
 225                                 ttrss_feed_categories.title AS category,
 226                                 ttrss_feed_categories.collapsed
 227                                 FROM ttrss_feeds LEFT JOIN ttrss_feed_categories
 228                                         ON (ttrss_feed_categories.id = cat_id)
 229                                 WHERE
 230                                         ttrss_feeds.hidden = false AND
 231                                         ttrss_feeds.owner_uid = '$owner_uid' AND parent_feed IS NULL
 232                                 ORDER BY $order_by_qpart");
 233
 234                         $actid = $_GET["actid"];
 235
 236                         /* real feeds */
 237
 238                         $lnum = 0;
 239
 240                         $total_unread = 0;
 241
 242                         $category = "";
 243
 244                         $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
 245
 246                         while ($line = db_fetch_assoc($result)) {
 247
 248                                 $feed = db_unescape_string($line["title"]);
 249                                 $feed_id = $line["id"];
 250
 251                                 $subop = $_GET["subop"];
 252
 253                                 $total = $line["total"];
 254                                 $unread = $line["unread"];
 255
 256                                 if (get_pref($link, 'HEADLINES_SMART_DATE')) {
 257                                         $last_updated = smart_date_time(strtotime($line["last_updated_noms"]));
 258                                 } else {
 259                                         $last_updated = date($short_date, strtotime($line["last_updated_noms"]));
 260                                 }
 261
 262                                 $rtl_content = sql_bool_to_bool($line["rtl_content"]);
 263
 264                                 if ($rtl_content) {
 265                                         $rtl_tag = "dir=\"RTL\"";
 266                                 } else {
 267                                         $rtl_tag = "";
 268                                 }
 269
 270                                 $tmp_result = db_query($link,
 271                                         "SELECT id,COUNT(unread) AS unread
 272                                         FROM ttrss_feeds LEFT JOIN ttrss_user_entries
 273                                                 ON (ttrss_feeds.id = ttrss_user_entries.feed_id)
 274                                         WHERE parent_feed = '$feed_id' AND unread = true
 275                                         GROUP BY ttrss_feeds.id");
 276
 277                                 if (db_num_rows($tmp_result) > 0) {
 278                                         while ($l = db_fetch_assoc($tmp_result)) {
 279                                                 $unread += $l["unread"];
 280                                         }
 281                                 }
 282
 283                                 $cat_id = $line["cat_id"];
 284
 285                                 $tmp_category = $line["category"];
 286
 287                                 if (!$tmp_category) {
 288                                         $tmp_category = "Uncategorized";
 289                                 }
 290
 291         //                      $class = ($lnum % 2) ? "even" : "odd";
 292
 293                                 if ($line["last_error"]) {
 294                                         $class = "error";
 295                                 } else {
 296                                         $class = "feed";
 297                                 }
 298
 299                                 if ($unread > 0) $class .= "Unread";
 300
 301                                 if ($actid == $feed_id) {
 302                                         $class .= "Selected";
 303                                 }
 304
 305                                 $total_unread += $unread;
 306
 307                                 if ($category != $tmp_category && get_pref($link, 'ENABLE_FEED_CATS')) {
 308
 309                                         if ($category) {
 310                                                 print "</ul></li>";
 311                                         }
 312
 313                                         $category = $tmp_category;
 314
 315                                         $collapsed = $line["collapsed"];
 316
 317                                         // workaround for NULL category
 318                                         if ($category == "Uncategorized") {
 319                                                 if ($_COOKIE["ttrss_vf_uclps"] == 1) {
 320                                                         $collapsed = "t";
 321                                                 }
 322                                         }
 323
 324                                         if ($collapsed == "t" || $collapsed == "1") {
 325                                                 $holder_class = "invisible";
 326                                                 $ellipsis = "...";
 327                                         } else {
 328                                                 $holder_class = "";
 329                                                 $ellipsis = "";
 330                                         }
 331
 332                                         $cat_id = sprintf("%d", $cat_id);
 333
 334                                         $cat_unread = getCategoryUnread($link, $cat_id);
 335
 336                                         print "<li class=\"feedCat\" id=\"FCAT-$cat_id\">
 337                                                 <a id=\"FCATN-$cat_id\" href=\"javascript:toggleCollapseCat($cat_id)\">$tmp_category</a>
 338                                                         <a href=\"javascript:viewCategory($cat_id)\" id=\"FCAP-$cat_id\">
 339                                                         <span id=\"FCATCTR-$cat_id\"
 340                                                         class=\"$catctr_class\">($cat_unread unread)$ellipsis</span>
 341                                                         </a></li>";
 342
 343                                         // !!! NO SPACE before <ul...feedCatList - breaks firstChild DOM function
 344                                         // -> keyboard navigation, etc.
 345                                         print "<li id=\"feedCatHolder\" class=\"$holder_class\"><ul class=\"feedCatList\" id=\"FCATLIST-$cat_id\">";
 346                                 }
 347
 348                                 printFeedEntry($feed_id, $class, $feed, $unread,
 349                                         "icons/$feed_id.ico", $link, $rtl_content,
 350                                         $last_updated, $line["last_error"]);
 351
 352                                 ++$lnum;
 353                         }
 354
 355                 } else {
 356
 357                         // tags
 358
 359 /*                      $result = db_query($link, "SELECT tag_name,count(ttrss_entries.id) AS count
 360                                 FROM ttrss_tags,ttrss_entries,ttrss_user_entries WHERE
 361                                 post_int_id = ttrss_user_entries.int_id AND
 362                                 unread = true AND ref_id = ttrss_entries.id
 363                                 AND ttrss_tags.owner_uid = '$owner_uid' GROUP BY tag_name
 364                         UNION
 365                                 select tag_name,0 as count FROM ttrss_tags WHERE owner_uid = '$owner_uid'
 366                         ORDER BY tag_name"); */
 367
 368                         $result = db_query($link, "SELECT tag_name,SUM((SELECT COUNT(int_id)
 369                                 FROM ttrss_user_entries WHERE int_id = post_int_id
 370                                         AND unread = true)) AS count FROM ttrss_tags
 371                                 WHERE owner_uid = 2 GROUP BY tag_name ORDER BY tag_name");
 372
 373                         $tags = array();
 374
 375                         while ($line = db_fetch_assoc($result)) {
 376                                 $tags[$line["tag_name"]] += $line["count"];
 377                         }
 378
 379                         foreach (array_keys($tags) as $tag) {
 380
 381                                 $unread = $tags[$tag];
 382
 383                                 $class = "tag";
 384
 385                                 if ($unread > 0) {
 386                                         $class .= "Unread";
 387                                 }
 388
 389                                 printFeedEntry($tag, $class, $tag, $unread, "images/tag.png", $link);
 390
 391                         }
 392
 393                 }
 394
 395                 if (db_num_rows($result) == 0) {
 396                         if ($tags) {
 397                                 $what = "tags";
 398                         } else {
 399                                 $what = "feeds";
 400                         }
 401                         print "<li>No $what to display.</li>";
 402                 }
 403
 404                 print "</ul>";
 405
 406         }
 407
 408
 409         if ($op == "rpc") {
 410                 handle_rpc_request($link);
 411         }
 412
 413         if ($op == "feeds") {
 414
 415                 $tags = $_GET["tags"];
 416
 417                 $subop = $_GET["subop"];
 418
 419                 if ($subop == "catchupAll") {
 420                         db_query($link, "UPDATE ttrss_user_entries SET
 421                                 last_read = NOW(),unread = false WHERE owner_uid = " . $_SESSION["uid"]);
 422                 }
 423
 424                 if ($subop == "collapse") {
 425                         $cat_id = db_escape_string($_GET["cid"]);
 426
 427                         db_query($link, "UPDATE ttrss_feed_categories SET
 428                                 collapsed = NOT collapsed WHERE id = '$cat_id' AND owner_uid = " .
 429                                 $_SESSION["uid"]);
 430                         return;
 431                 }
 432
 433                 outputFeedList($link, $tags);
 434
 435         }
 436
 437         if ($op == "view") {
 438
 439                 $id = db_escape_string($_GET["id"]);
 440                 $feed_id = db_escape_string($_GET["feed"]);
 441
 442                 $result = db_query($link, "SELECT rtl_content FROM ttrss_feeds
 443                         WHERE id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]);
 444
 445                 if (db_num_rows($result) == 1) {
 446                         $rtl_content = sql_bool_to_bool(db_fetch_result($result, 0, "rtl_content"));
 447                 } else {
 448                         $rtl_content = false;
 449                 }
 450
 451                 if ($rtl_content) {
 452                         $rtl_tag = "dir=\"RTL\"";
 453                         $rtl_class = "RTL";
 454                 } else {
 455                         $rtl_tag = "";
 456                         $rtl_class = "";
 457                 }
 458
 459                 $result = db_query($link, "UPDATE ttrss_user_entries
 460                         SET unread = false,last_read = NOW()
 461                         WHERE ref_id = '$id' AND feed_id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]);
 462
 463                 $result = db_query($link, "SELECT title,link,content,feed_id,comments,int_id,
 464                         SUBSTRING(updated,1,16) as updated,
 465                         (SELECT icon_url FROM ttrss_feeds WHERE id = feed_id) as icon_url,
 466                         num_comments,
 467                         author
 468                         FROM ttrss_entries,ttrss_user_entries
 469                         WHERE   id = '$id' AND ref_id = id AND owner_uid = " . $_SESSION["uid"]);
 470
 471                 if ($result) {
 472
 473                         $link_target = "";
 474
 475                         if (get_pref($link, 'OPEN_LINKS_IN_NEW_WINDOW')) {
 476                                 $link_target = "target=\"_new\"";
 477                         }
 478
 479                         $line = db_fetch_assoc($result);
 480
 481                         if ($line["icon_url"]) {
 482                                 $feed_icon = "<img class=\"feedIcon\" src=\"" . $line["icon_url"] . "\">";
 483                         } else {
 484                                 $feed_icon = "&nbsp;";
 485                         }
 486
 487 /*                      if ($line["comments"] && $line["link"] != $line["comments"]) {
 488                                 $entry_comments = "(<a href=\"".$line["comments"]."\">Comments</a>)";
 489                         } else {
 490                                 $entry_comments = "";
 491                         } */
 492
 493                         $num_comments = $line["num_comments"];
 494                         $entry_comments = "";
 495
 496                         if ($num_comments > 0) {
 497                                 if ($line["comments"]) {
 498                                         $comments_url = $line["comments"];
 499                                 } else {
 500                                         $comments_url = $line["link"];
 501                                 }
 502                                 $entry_comments = "<a $link_target href=\"$comments_url\">$num_comments comments</a>";
 503                         } else {
 504                                 if ($line["comments"] && $line["link"] != $line["comments"]) {
 505                                         $entry_comments = "<a $link_target href=\"".$line["comments"]."\">comments</a>";
 506                                 }
 507                         }
 508
 509                         print "<div class=\"postReply\">";
 510
 511                         print "<div class=\"postHeader\"><table width=\"100%\">";
 512
 513                         $entry_author = $line["author"];
 514
 515                         if ($entry_author) {
 516                                 $entry_author = " - by $entry_author";
 517                         }
 518
 519                         if ($line["link"]) {
 520                                 print "<tr><td><a $link_target href=\"" . $line["link"] . "\">" .
 521                                         $line["title"] . "</a>$entry_author</td>";
 522                         } else {
 523                                 print "<tr><td>" . $line["title"] . "$entry_author</td>";
 524                         }
 525
 526                         $parsed_updated = date(get_pref($link, 'LONG_DATE_FORMAT'),
 527                                 strtotime($line["updated"]));
 528
 529                         print "<td class=\"postDate$rtl_class\">$parsed_updated</td>";
 530
 531                         print "</tr>";
 532
 533                         $tmp_result = db_query($link, "SELECT DISTINCT tag_name FROM
 534                                 ttrss_tags WHERE post_int_id = " . $line["int_id"] . "
 535                                 ORDER BY tag_name");
 536
 537                         $tags_str = "";
 538                         $f_tags_str = "";
 539
 540                         $num_tags = 0;
 541
 542                         while ($tmp_line = db_fetch_assoc($tmp_result)) {
 543                                 $num_tags++;
 544                                 $tag = $tmp_line["tag_name"];
 545                                 $tag_str = "<a href=\"javascript:parent.viewfeed('$tag')\">$tag</a>, ";
 546
 547                                 if ($num_tags == 5) {
 548                                         $tags_str .= "<a href=\"javascript:showBlockElement('allEntryTags')\">...</a>";
 549                                 } else if ($num_tags < 5) {
 550                                         $tags_str .= $tag_str;
 551                                 }
 552                                 $f_tags_str .= $tag_str;
 553                         }
 554
 555                         $tags_str = preg_replace("/, $/", "", $tags_str);
 556                         $f_tags_str = preg_replace("/, $/", "", $f_tags_str);
 557
 558 //                      $truncated_link = truncate_string($line["link"], 60);
 559
 560                         if ($tags_str || $entry_comments) {
 561                                 print "<tr><td width='50%'>
 562                                         $entry_comments</td>
 563                                         <td align=\"right\">$tags_str</td></tr>";
 564                         }
 565
 566                         print "</table></div>";
 567
 568                         print "<div class=\"postIcon\">" . $feed_icon . "</div>";
 569                         print "<div class=\"postContent\">";
 570
 571                         if (db_num_rows($tmp_result) > 5) {
 572                                 print "<div id=\"allEntryTags\">Tags: $f_tags_str</div>";
 573                         }
 574
 575                         if (get_pref($link, 'OPEN_LINKS_IN_NEW_WINDOW')) {
 576                                 $line["content"] = preg_replace("/href=/i", "target=\"_new\" href=", $line["content"]);
 577                         }
 578
 579                         $line["content"] = sanitize_rss($line["content"]);
 580
 581                         print $line["content"] . "</div>";
 582
 583                         print "</div>";
 584
 585                 }
 586         }
 587
 588         if ($op == "viewfeed") {
 589
 590                 $feed = db_escape_string($_GET["feed"]);
 591                 $subop = db_escape_string($_GET["subop"]);
 592                 $view_mode = db_escape_string($_GET["view_mode"]);
 593                 $limit = db_escape_string($_GET["limit"]);
 594                 $cat_view = db_escape_string($_GET["cat"]);
 595                 $next_unread_feed = db_escape_string($_GET["nuf"]);
 596
 597                 if ($subop == "undefined") $subop = "";
 598
 599                 if ($subop == "CatchupSelected") {
 600                         $ids = split(",", db_escape_string($_GET["ids"]));
 601                         $cmode = sprintf("%d", $_GET["cmode"]);
 602
 603                         catchupArticlesById($link, $ids, $cmode);
 604                 }
 605
 606                 if ($subop == "ForceUpdate" && sprintf("%d", $feed) > 0) {
 607                         update_generic_feed($link, $feed, $cat_view);
 608                 }
 609
 610                 if ($subop == "MarkAllRead")  {
 611                         catchup_feed($link, $feed, $cat_view);
 612
 613                         if (get_pref($link, 'ON_CATCHUP_SHOW_NEXT_FEED')) {
 614                                 if ($next_unread_feed) {
 615                                         $feed = $next_unread_feed;
 616                                 }
 617                         }
 618                 }
 619
 620                 if ($feed_id > 0) {
 621                         $result = db_query($link,
 622                                 "SELECT id FROM ttrss_feeds WHERE id = '$feed' LIMIT 1");
 623
 624                         if (db_num_rows($result) == 0) {
 625                                 print "<div align='center'>
 626                                         Feed not found.</div>";
 627                                 return;
 628                         }
 629                 }
 630
 631                 if (preg_match("/^-?[0-9][0-9]*$/", $feed) != false) {
 632
 633                         $result = db_query($link, "SELECT rtl_content FROM ttrss_feeds
 634                                 WHERE id = '$feed' AND owner_uid = " . $_SESSION["uid"]);
 635
 636                         if (db_num_rows($result) == 1) {
 637                                 $rtl_content = sql_bool_to_bool(db_fetch_result($result, 0, "rtl_content"));
 638                         } else {
 639                                 $rtl_content = false;
 640                         }
 641
 642                         if ($rtl_content) {
 643                                 $rtl_tag = "dir=\"RTL\"";
 644                         } else {
 645                                 $rtl_tag = "";
 646                         }
 647                 } else {
 648                         $rtl_tag = "";
 649                         $rtl_content = false;
 650                 }
 651
 652                 $script_dt_add = get_script_dt_add();
 653
 654 /*              print "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
 655                         <script type=\"text/javascript\" src=\"prototype.js\"></script>
 656                         <script type=\"text/javascript\" src=\"functions.js?$script_dt_add\"></script>
 657                         <script type=\"text/javascript\" src=\"viewfeed.js?$script_dt_add\"></script>
 658                         <!--[if gte IE 5.5000]>
 659                         <script type=\"text/javascript\" src=\"pngfix.js\"></script>
 660                         <link rel=\"stylesheet\" type=\"text/css\" href=\"tt-rss-ie.css\">
 661                         <![endif]-->
 662                         </head><body $rtl_tag>
 663                         <script type=\"text/javascript\">
 664                         if (document.addEventListener) {
 665                                 document.addEventListener(\"DOMContentLoaded\", init, null);
 666                         }
 667                         window.onload = init;
 668                         </script>"; */
 669
 670                 /// START /////////////////////////////////////////////////////////////////////////////////
 671
 672                 $search = db_escape_string($_GET["query"]);
 673                 $search_mode = db_escape_string($_GET["search_mode"]);
 674                 $match_on = db_escape_string($_GET["match_on"]);
 675
 676                 if (!$match_on) {
 677                         $match_on = "both";
 678                 }
 679
 680                 $qfh_ret = queryFeedHeadlines($link, $feed, $limit, $view_mode, $cat_view, $search, $search_mode, $match_on);
 681
 682                 $result = $qfh_ret[0];
 683                 $feed_title = $qfh_ret[1];
 684                 $feed_site_url = $qfh_ret[2];
 685                 $last_error = $qfh_ret[3];
 686
 687                 /// STOP //////////////////////////////////////////////////////////////////////////////////
 688
 689                 print "<div id=\"headlinesContainer\" $rtl_tag>";
 690
 691                 if (!$result) {
 692                         print "<div align='center'>
 693                                 Could not display feed (query failed). Please check label match syntax or local configuration.</div>";
 694                         return;
 695                 }
 696
 697                 if (db_num_rows($result) > 0) {
 698
 699                         print_headline_subtoolbar($link, $feed_site_url, $feed_title, false,
 700                                 $rtl_content, $feed, $cat_view, $search, $match_on, $search_mode);
 701
 702                         print "<div id=\"headlinesInnerContainer\">";
 703
 704                         if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
 705                                 print "<table class=\"headlinesList\" id=\"headlinesList\"
 706                                         cellspacing=\"0\" width=\"100%\">";
 707                         }
 708
 709                         $lnum = 0;
 710
 711                         error_reporting (DEFAULT_ERROR_LEVEL);
 712
 713                         $num_unread = 0;
 714
 715                         while ($line = db_fetch_assoc($result)) {
 716
 717                                 $class = ($lnum % 2) ? "even" : "odd";
 718
 719                                 $id = $line["id"];
 720                                 $feed_id = $line["feed_id"];
 721
 722                                 if ($line["last_read"] == "" &&
 723                                                 ($line["unread"] != "t" && $line["unread"] != "1")) {
 724
 725                                         $update_pic = "<img id='FUPDPIC-$id' src=\"images/updated.png\"
 726                                                 alt=\"Updated\">";
 727                                 } else {
 728                                         $update_pic = "<img id='FUPDPIC-$id' src=\"images/blank_icon.gif\"
 729                                                 alt=\"Updated\">";
 730                                 }
 731
 732                                 if ($line["unread"] == "t" || $line["unread"] == "1") {
 733                                         $class .= "Unread";
 734                                         ++$num_unread;
 735                                         $is_unread = true;
 736                                 } else {
 737                                         $is_unread = false;
 738                                 }
 739
 740                                 if ($line["marked"] == "t" || $line["marked"] == "1") {
 741                                         $marked_pic = "<img id=\"FMARKPIC-$id\" src=\"images/mark_set.png\"
 742                                                 alt=\"Reset mark\" onclick='javascript:toggleMark($id)'>";
 743                                 } else {
 744                                         $marked_pic = "<img id=\"FMARKPIC-$id\" src=\"images/mark_unset.png\"
 745                                                 alt=\"Set mark\" onclick='javascript:toggleMark($id)'>";
 746                                 }
 747
 748 #                               $content_link = "<a target=\"_new\" href=\"".$line["link"]."\">" .
 749 #                                       $line["title"] . "</a>";
 750
 751                                 $content_link = "<a href=\"javascript:view($id,$feed_id);\">" .
 752                                         $line["title"] . "</a>";
 753
 754 #                               $content_link = "<a href=\"javascript:viewContentUrl('".$line["link"]."');\">" .
 755 #                                       $line["title"] . "</a>";
 756
 757                                 if (get_pref($link, 'HEADLINES_SMART_DATE')) {
 758                                         $updated_fmt = smart_date_time(strtotime($line["updated"]));
 759                                 } else {
 760                                         $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
 761                                         $updated_fmt = date($short_date, strtotime($line["updated"]));
 762                                 }
 763
 764                                 if (get_pref($link, 'SHOW_CONTENT_PREVIEW')) {
 765                                         $content_preview = truncate_string(strip_tags($line["content_preview"]),
 766                                                 100);
 767                                 }
 768
 769                                 if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
 770
 771                                         print "<tr class='$class' id='RROW-$id'>";
 772
 773                                         print "<td class='hlUpdatePic'>$update_pic</td>";
 774
 775                                         print "<td class='hlSelectRow'>
 776                                                 <input type=\"checkbox\" onclick=\"toggleSelectRow(this)\"
 777                                                         class=\"feedCheckBox\" id=\"RCHK-$id\">
 778                                                 </td>";
 779
 780                                         print "<td class='hlMarkedPic'>$marked_pic</td>";
 781
 782                                         if ($line["feed_title"]) {
 783                                                 print "<td class='hlContent'>$content_link</td>";
 784                                                 print "<td class='hlFeed'>
 785                                                         <a href='javascript:viewfeed($feed_id)'>".
 786                                                                 $line["feed_title"]."</a>&nbsp;</td>";
 787                                         } else {
 788                                                 print "<td class='hlContent' valign='middle'>";
 789
 790                                                 print "<a href=\"javascript:view($id,$feed_id);\">" .
 791                                                         $line["title"];
 792
 793                                                 if (get_pref($link, 'SHOW_CONTENT_PREVIEW') && !$rtl_tag) {
 794                                                         if ($content_preview) {
 795                                                                 print "<span class=\"contentPreview\"> - $content_preview</span>";
 796                                                         }
 797                                                 }
 798
 799                                                 print "</a>";
 800                                                 print "</td>";
 801                                         }
 802
 803                                         print "<td class=\"hlUpdated\"><nobr>$updated_fmt&nbsp;</nobr></td>";
 804
 805                                         print "</tr>";
 806
 807                                 } else {
 808
 809                                         if ($is_unread) {
 810                                                 $add_class = "Unread";
 811                                         } else {
 812                                                 $add_class = "";
 813                                         }
 814
 815                                         print "<div class=\"cdmArticle$add_class\" id=\"RROW-$id\">";
 816
 817                                         print "<div class=\"cdmHeader\">";
 818
 819                                         print "<div style=\"float : right\">$updated_fmt,
 820                                                 <a class=\"cdmToggleLink\"
 821                                                         href=\"javascript:toggleUnread($id)\">Toggle unread</a>
 822                                         </div>";
 823
 824                                         print "<a class=\"title\"
 825                                                 onclick=\"javascript:toggleUnread($id, 0)\"
 826                                                 target=\"new\" href=\"".$line["link"]."\">".$line["title"]."</a>";
 827
 828                                         if ($line["feed_title"]) {
 829                                                 print "&nbsp;(<a href='javascript:viewfeed($feed_id)'>".$line["feed_title"]."</a>)";
 830                                         }
 831
 832                                         print "</div>";
 833
 834                                         print "<div class=\"cdmContent\">" . $line["content_preview"] . "</div><br clear=\"all\">";
 835
 836                                         print "<div style=\"float : right\">$marked_pic</div>
 837                                                 <div lass=\"cdmFooter\">
 838                                                         <input type=\"checkbox\" onclick=\"toggleSelectRowById(this,
 839                                                         'RROW-$id')\" class=\"feedCheckBox\" id=\"RCHK-$id\"></div>";
 840
 841 #                                       print "<div align=\"center\"><a class=\"cdmToggleLink\"
 842 #                                                       href=\"javascript:toggleUnread($id)\">
 843 #                                                       Toggle unread</a></div>";
 844
 845                                         print "</div>";
 846
 847                                 }
 848
 849                                 ++$lnum;
 850                         }
 851
 852                         if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
 853                                 print "</table>";
 854                         }
 855
 856                         print "</div>";
 857
 858 //                      print_headline_subtoolbar($link,
 859 //                              "javascript:catchupPage()", "Mark page as read", true, $rtl_content);
 860
 861
 862                 } else {
 863                         print "<div width='100%' align='center'>No articles found.</div>";
 864                 }
 865
 866                 print "</div>";
 867         }
 868
 869         if ($op == "pref-feeds") {
 870
 871                 $subop = $_REQUEST["subop"];
 872                 $quiet = $_REQUEST["quiet"];
 873
 874                 if ($subop == "massSubscribe") {
 875                         $ids = split(",", db_escape_string($_GET["ids"]));
 876
 877                         $subscribed = array();
 878
 879                         foreach ($ids as $id) {
 880                                 $result = db_query($link, "SELECT feed_url,title FROM ttrss_feeds
 881                                         WHERE id = '$id'");
 882
 883                                 $feed_url = db_escape_string(db_fetch_result($result, 0, "feed_url"));
 884                                 $title = db_escape_string(db_fetch_result($result, 0, "title"));
 885
 886                                 $title_orig = db_fetch_result($result, 0, "title");
 887
 888                                 $result = db_query($link, "SELECT id FROM ttrss_feeds WHERE
 889                                         feed_url = '$feed_url' AND owner_uid = " . $_SESSION["uid"]);
 890
 891                                 if (db_num_rows($result) == 0) {
 892                                         $result = db_query($link,
 893                                                 "INSERT INTO ttrss_feeds (owner_uid,feed_url,title,cat_id)
 894                                                 VALUES ('".$_SESSION["uid"]."', '$feed_url', '$title', NULL)");
 895
 896                                         array_push($subscribed, $title_orig);
 897                                 }
 898                         }
 899
 900                         if (count($subscribed) > 0) {
 901                                 print "<div class=\"notice\">";
 902                                 print "<b>Subscribed to feeds:</b>";
 903                                 print "<ul class=\"nomarks\">";
 904                                 foreach ($subscribed as $title) {
 905                                         print "<li>$title</li>";
 906                                 }
 907                                 print "</ul>";
 908                                 print "</div>";
 909                         }
 910                 }
 911
 912                 if ($subop == "browse") {
 913
 914                         if (!ENABLE_FEED_BROWSER) {
 915                                 print "Feed browser is administratively disabled.";
 916                                 return;
 917                         }
 918
 919                         print "<div id=\"infoBoxTitle\">Other feeds: Top 25</div>";
 920
 921                         print "<div class=\"infoBoxContents\">";
 922
 923                         print "<p>Showing top 25 registered feeds, sorted by popularity:</p>";
 924
 925 #                       $result = db_query($link, "SELECT feed_url,count(id) AS subscribers
 926 #                               FROM ttrss_feeds
 927 #                               WHERE auth_login = '' AND auth_pass = '' AND private = false
 928 #                               GROUP BY feed_url ORDER BY subscribers DESC LIMIT 25");
 929
 930                         $owner_uid = $_SESSION["uid"];
 931
 932                         $result = db_query($link, "SELECT feed_url,COUNT(id) AS subscribers
 933                                 FROM ttrss_feeds WHERE (SELECT COUNT(id) = 0 FROM ttrss_feeds AS tf
 934                                         WHERE tf.feed_url = ttrss_feeds.feed_url
 935                                                 AND owner_uid = '$owner_uid') GROUP BY feed_url
 936                                                         ORDER BY subscribers DESC LIMIT 25");
 937
 938                         print "<ul class='browseFeedList' id='browseFeedList'>";
 939
 940                         $feedctr = 0;
 941
 942                         while ($line = db_fetch_assoc($result)) {
 943                                 $feed_url = $line["feed_url"];
 944                                 $subscribers = $line["subscribers"];
 945
 946                                 $det_result = db_query($link, "SELECT site_url,title,id
 947                                         FROM ttrss_feeds WHERE feed_url = '$feed_url' LIMIT 1");
 948
 949                                 $details = db_fetch_assoc($det_result);
 950
 951                                 $icon_file = ICONS_DIR . "/" . $details["id"] . ".ico";
 952
 953                                 if (file_exists($icon_file) && filesize($icon_file) > 0) {
 954                                                 $feed_icon = "<img class=\"tinyFeedIcon\"       src=\"" . ICONS_URL .
 955                                                         "/".$details["id"].".ico\">";
 956                                 } else {
 957                                         $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
 958                                 }
 959
 960                                 $check_box = "<input onclick='toggleSelectListRow(this)' class='feedBrowseCB'
 961                                         type=\"checkbox\" id=\"FBCHK-" . $details["id"] . "\">";
 962
 963                                 $class = ($feedctr % 2) ? "even" : "odd";
 964
 965                                 print "<li class='$class' id=\"FBROW-".$details["id"]."\">$check_box".
 966                                         "$feed_icon " . db_unescape_string($details["title"]) .
 967                                         "&nbsp;<span class='subscribers'>($subscribers)</span></li>";
 968
 969                                         ++$feedctr;
 970                         }
 971
 972                         if ($feedctr == 0) {
 973                                 print "<li>No feeds found to subscribe.</li>";
 974                         }
 975
 976                         print "</ul>";
 977
 978                         print "<div align='center'>
 979                                 <input type=\"submit\" class=\"button\"
 980                                 onclick=\"feedBrowserSubscribe()\" value=\"Subscribe\">
 981                                 <input type='submit' class='button'
 982                                 onclick=\"closeInfoBox()\" value=\"Cancel\"></div>";
 983
 984                         print "</div>";
 985                         return;
 986                 }
 987
 988                 if ($subop == "editfeed") {
 989                         $feed_id = db_escape_string($_REQUEST["id"]);
 990
 991                         $result = db_query($link,
 992                                 "SELECT * FROM ttrss_feeds WHERE id = '$feed_id' AND
 993                                         owner_uid = " . $_SESSION["uid"]);
 994
 995                         $title = htmlspecialchars(db_unescape_string(db_fetch_result($result,
 996                                 0, "title")));
 997
 998                         $icon_file = ICONS_DIR . "/$feed_id.ico";
 999
1000                         if (file_exists($icon_file) && filesize($icon_file) > 0) {
1001                                         $feed_icon = "<img width=\"16\" height=\"16\"
1002                                                 src=\"" . ICONS_URL . "/$feed_id.ico\">";
1003                         } else {
1004                                 $feed_icon = "";
1005                         }
1006
1007                         print "<div id=\"infoBoxTitle\">Feed editor</div>";
1008
1009                         print "<div class=\"infoBoxContents\">";
1010
1011                         print "<form id=\"edit_feed_form\">";
1012
1013                         print "<input type=\"hidden\" name=\"id\" value=\"$feed_id\">";
1014                         print "<input type=\"hidden\" name=\"op\" value=\"pref-feeds\">";
1015                         print "<input type=\"hidden\" name=\"subop\" value=\"editSave\">";
1016
1017                         print "<table width='100%'>";
1018
1019                         print "<tr><td>Title:</td>";
1020                         print "<td><input class=\"iedit\" onkeypress=\"return filterCR(event)\"
1021                                 name=\"title\" value=\"$title\"></td></tr>";
1022
1023                         $feed_url = db_fetch_result($result, 0, "feed_url");
1024                         $feed_url = htmlspecialchars(db_unescape_string(db_fetch_result($result,
1025                                 0, "feed_url")));
1026
1027                         print "<tr><td>Feed URL:</td>";
1028                         print "<td><input class=\"iedit\" onkeypress=\"return filterCR(event)\"
1029                                 name=\"feed_url\" value=\"$feed_url\"></td></tr>";
1030
1031                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
1032
1033                                 $cat_id = db_fetch_result($result, 0, "cat_id");
1034
1035                                 print "<tr><td>Category:</td>";
1036                                 print "<td>";
1037
1038                                 $parent_feed = db_fetch_result($result, 0, "parent_feed");
1039
1040                                 if (sprintf("%d", $parent_feed) > 0) {
1041                                         $disabled = "disabled";
1042                                 } else {
1043                                         $disabled = "";
1044                                 }
1045
1046                                 print_feed_cat_select($link, "cat_id", $cat_id, "class=\"iedit\" $disabled");
1047
1048                                 print "</td>";
1049                                 print "</td></tr>";
1050
1051                         }
1052
1053                         $update_interval = db_fetch_result($result, 0, "update_interval");
1054
1055                         print "<tr><td>Update Interval:</td>";
1056
1057                         print "<td>";
1058
1059                         print_select_hash("update_interval", $update_interval, $update_intervals,
1060                                 "class=\"iedit\"");
1061
1062                         print "</td>";
1063
1064                         print "<tr><td>Link to:</td><td>";
1065
1066                         $tmp_result = db_query($link, "SELECT COUNT(id) AS count
1067                                 FROM ttrss_feeds WHERE parent_feed = '$feed_id'");
1068
1069                         $linked_count = db_fetch_result($tmp_result, 0, "count");
1070
1071                         $parent_feed = db_fetch_result($result, 0, "parent_feed");
1072
1073                         if ($linked_count > 0) {
1074                                 $disabled = "disabled";
1075                         } else {
1076                                 $disabled = "";
1077                         }
1078
1079                         print "<select class=\"iedit\" $disabled name=\"parent_feed\">";
1080
1081                         print "<option value=\"0\">Not linked</option>";
1082
1083                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
1084                                 if ($cat_id) {
1085                                         $cat_qpart = "AND cat_id = '$cat_id'";
1086                                 } else {
1087                                         $cat_qpart = "AND cat_id IS NULL";
1088                                 }
1089                         }
1090
1091                         $tmp_result = db_query($link, "SELECT id,title FROM ttrss_feeds
1092                                 WHERE id != '$feed_id' AND owner_uid = ".$_SESSION["uid"]." AND
1093                                         (SELECT COUNT(id) FROM ttrss_feeds AS T2 WHERE T2.id = ttrss_feeds.parent_feed) = 0
1094                                         $cat_qpart ORDER BY title");
1095
1096                                 if (db_num_rows($tmp_result) > 0) {
1097                                         print "<option disabled>--------</option>";
1098                                 }
1099
1100                                 while ($tmp_line = db_fetch_assoc($tmp_result)) {
1101                                         if ($tmp_line["id"] == $parent_feed) {
1102                                                 $is_selected = "selected";
1103                                         } else {
1104                                                 $is_selected = "";
1105                                         }
1106                                         printf("<option $is_selected value='%d'>%s</option>",
1107                                                 $tmp_line["id"], $tmp_line["title"]);
1108                                 }
1109
1110                         print "</select>";
1111                         print "</td></tr>";
1112
1113                         $purge_interval = db_fetch_result($result, 0, "purge_interval");
1114
1115                         print "<tr><td>Article purging:</td>";
1116
1117                         print "<td>";
1118
1119                         print_select_hash("purge_interval", $purge_interval, $purge_intervals,
1120                                 "class=\"iedit\"");
1121
1122                         print "</td>";
1123
1124                         $auth_login = escape_for_form(db_fetch_result($result, 0, "auth_login"));
1125
1126                         print "<tr><td>Login:</td>";
1127                         print "<td><input class=\"iedit\" onkeypress=\"return filterCR(event)\"
1128                                 name=\"auth_login\" value=\"$auth_login\"></td></tr>";
1129
1130                         $auth_pass = escape_for_form(db_fetch_result($result, 0, "auth_pass"));
1131
1132                         print "<tr><td>Password:</td>";
1133                         print "<td><input class=\"iedit\" type=\"password\" name=\"auth_pass\"
1134                                 onkeypress=\"return filterCR(event)\"
1135                                 value=\"$auth_pass\"></td></tr>";
1136
1137                         $private = sql_bool_to_bool(db_fetch_result($result, 0, "private"));
1138
1139                         if ($private) {
1140                                 $checked = "checked";
1141                         } else {
1142                                 $checked = "";
1143                         }
1144
1145                         print "<tr><td valign='top'>Options:</td>";
1146                         print "<td><input type=\"checkbox\" name=\"private\" id=\"private\"
1147                                 $checked><label for=\"private\">Hide from \"Other Feeds\"</label>";
1148
1149                         $rtl_content = sql_bool_to_bool(db_fetch_result($result, 0, "rtl_content"));
1150
1151                         if ($rtl_content) {
1152                                 $checked = "checked";
1153                         } else {
1154                                 $checked = "";
1155                         }
1156
1157                         print "<br><input type=\"checkbox\" id=\"rtl_content\" name=\"rtl_content\"
1158                                 $checked><label for=\"rtl_content\">Right-to-left content</label>";
1159
1160                         $hidden = sql_bool_to_bool(db_fetch_result($result, 0, "hidden"));
1161
1162                         if ($hidden) {
1163                                 $checked = "checked";
1164                         } else {
1165                                 $checked = "";
1166                         }
1167
1168                         print "<br><input type=\"checkbox\" id=\"hidden\" name=\"hidden\"
1169                                 $checked><label for=\"hidden\">Hide from my feed list</label>";
1170
1171                         $include_in_digest = sql_bool_to_bool(db_fetch_result($result, 0, "include_in_digest"));
1172
1173                         if ($include_in_digest) {
1174                                 $checked = "checked";
1175                         } else {
1176                                 $checked = "";
1177                         }
1178
1179                         print "<br><input type=\"checkbox\" id=\"include_in_digest\"
1180                                 name=\"include_in_digest\"
1181                                 $checked><label for=\"include_in_digest\">Include in e-mail digest</label>";
1182
1183                         print "</td></tr>";
1184
1185                         print "</table>";
1186
1187                         print "</form>";
1188
1189                         print "<div align='right'>
1190                                 <input type=\"submit\" class=\"button\"
1191                                 onclick=\"return feedEditSave()\" value=\"Save\">
1192                                 <input type='submit' class='button'
1193                                 onclick=\"return feedEditCancel()\" value=\"Cancel\"></div>";
1194
1195                         print "</div>";
1196
1197                         return;
1198                 }
1199
1200                 if ($subop == "editSave") {
1201
1202                         $feed_title = db_escape_string(trim($_POST["title"]));
1203                         $feed_link = db_escape_string(trim($_POST["feed_url"]));
1204                         $upd_intl = db_escape_string($_POST["update_interval"]);
1205                         $purge_intl = db_escape_string($_POST["purge_interval"]);
1206                         $feed_id = db_escape_string($_POST["id"]);
1207                         $cat_id = db_escape_string($_POST["cat_id"]);
1208                         $auth_login = db_escape_string(trim($_POST["auth_login"]));
1209                         $auth_pass = db_escape_string(trim($_POST["auth_pass"]));
1210                         $parent_feed = db_escape_string($_POST["parent_feed"]);
1211                         $private = checkbox_to_sql_bool(db_escape_string($_POST["private"]));
1212                         $rtl_content = checkbox_to_sql_bool(db_escape_string($_POST["rtl_content"]));
1213                         $hidden = checkbox_to_sql_bool(db_escape_string($_POST["hidden"]));
1214                         $include_in_digest = checkbox_to_sql_bool(
1215                                 db_escape_string($_POST["include_in_digest"]));
1216
1217                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
1218                                 if ($cat_id && $cat_id != 0) {
1219                                         $category_qpart = "cat_id = '$cat_id',";
1220                                         $category_qpart_nocomma = "cat_id = '$cat_id'";
1221                                 } else {
1222                                         $category_qpart = 'cat_id = NULL,';
1223                                         $category_qpart_nocomma = 'cat_id = NULL';
1224                                 }
1225                         } else {
1226                                 $category_qpart = "";
1227                                 $category_qpart_nocomma = "";
1228                         }
1229
1230                         if ($parent_feed && $parent_feed != 0) {
1231                                 $parent_qpart = "parent_feed = '$parent_feed'";
1232                         } else {
1233                                 $parent_qpart = 'parent_feed = NULL';
1234                         }
1235
1236                         $result = db_query($link, "UPDATE ttrss_feeds SET
1237                                 $category_qpart $parent_qpart,
1238                                 title = '$feed_title', feed_url = '$feed_link',
1239                                 update_interval = '$upd_intl',
1240                                 purge_interval = '$purge_intl',
1241                                 auth_login = '$auth_login',
1242                                 auth_pass = '$auth_pass',
1243                                 private = $private,
1244                                 rtl_content = $rtl_content,
1245                                 hidden = $hidden,
1246                                 include_in_digest = $include_in_digest
1247                                 WHERE id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]);
1248
1249                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
1250                                 # update linked feed categories
1251                                 $result = db_query($link, "UPDATE ttrss_feeds SET
1252                                         $category_qpart_nocomma WHERE parent_feed = '$feed_id' AND
1253                                         owner_uid = " . $_SESSION["uid"]);
1254                         }
1255                 }
1256
1257                 if ($subop == "saveCat") {
1258                         $cat_title = db_escape_string(trim($_GET["title"]));
1259                         $cat_id = db_escape_string($_GET["id"]);
1260
1261                         $result = db_query($link, "UPDATE ttrss_feed_categories SET
1262                                 title = '$cat_title' WHERE id = '$cat_id' AND owner_uid = ".$_SESSION["uid"]);
1263
1264                 }
1265
1266                 if ($subop == "remove") {
1267
1268                         if (!WEB_DEMO_MODE) {
1269
1270                                 $ids = split(",", db_escape_string($_GET["ids"]));
1271
1272                                 foreach ($ids as $id) {
1273
1274                                         if ($id > 0) {
1275
1276                                                 db_query($link, "DELETE FROM ttrss_feeds
1277                                                         WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
1278
1279                                                 $icons_dir = ICONS_DIR;
1280
1281                                                 if (file_exists($icons_dir . "/$id.ico")) {
1282                                                         unlink($icons_dir . "/$id.ico");
1283                                                 }
1284                                         } else if ($id < -10) {
1285
1286                                                 $label_id = -$id - 11;
1287
1288                                                 db_query($link, "DELETE FROM ttrss_labels
1289                                                         WHERE   id = '$label_id' AND owner_uid = " . $_SESSION["uid"]);
1290                                         }
1291                                 }
1292                         }
1293                 }
1294
1295                 if ($subop == "add") {
1296
1297                         if (!WEB_DEMO_MODE) {
1298
1299                                 $feed_url = db_escape_string(trim($_GET["feed_url"]));
1300                                 $cat_id = db_escape_string($_GET["cat_id"]);
1301
1302                                 if (subscribe_to_feed($link, $feed_url, $cat_id)) {
1303                                         print "Added feed.";
1304                                 } else {
1305                                         print "<div class=\"warning\">
1306                                                 Feed <b>$feed_url</b> already exists in the database.
1307                                         </div>";
1308                                 }
1309                         }
1310                 }
1311
1312                 if ($subop == "addCat") {
1313
1314                         if (!WEB_DEMO_MODE) {
1315
1316                                 $feed_cat = db_escape_string(trim($_GET["cat"]));
1317
1318                                 $result = db_query($link,
1319                                         "SELECT id FROM ttrss_feed_categories
1320                                         WHERE title = '$feed_cat' AND owner_uid = ".$_SESSION["uid"]);
1321
1322                                 if (db_num_rows($result) == 0) {
1323
1324                                         $result = db_query($link,
1325                                                 "INSERT INTO ttrss_feed_categories (owner_uid,title)
1326                                                 VALUES ('".$_SESSION["uid"]."', '$feed_cat')");
1327
1328                                 } else {
1329
1330                                         print "<div class=\"warning\">
1331                                                 Category <b>$feed_cat</b> already exists in the database.
1332                                         </div>";
1333                                 }
1334
1335
1336                         }
1337                 }
1338
1339                 if ($subop == "removeCats") {
1340
1341                         if (!WEB_DEMO_MODE) {
1342
1343                                 $ids = split(",", db_escape_string($_GET["ids"]));
1344
1345                                 foreach ($ids as $id) {
1346
1347                                         db_query($link, "BEGIN");
1348
1349                                         $result = db_query($link,
1350                                                 "SELECT count(id) as num_feeds FROM ttrss_feeds
1351                                                         WHERE cat_id = '$id'");
1352
1353                                         $num_feeds = db_fetch_result($result, 0, "num_feeds");
1354
1355                                         if ($num_feeds == 0) {
1356                                                 db_query($link, "DELETE FROM ttrss_feed_categories
1357                                                         WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
1358                                         } else {
1359
1360                                                 print "<div class=\"warning\">
1361                                                         Unable to delete non empty feed categories.</div>";
1362
1363                                         }
1364
1365                                         db_query($link, "COMMIT");
1366                                 }
1367                         }
1368                 }
1369
1370                 if ($subop == "categorize") {
1371
1372                         if (!WEB_DEMO_MODE) {
1373
1374                                 $ids = split(",", db_escape_string($_GET["ids"]));
1375
1376                                 $cat_id = db_escape_string($_GET["cat_id"]);
1377
1378                                 if ($cat_id == 0) {
1379                                         $cat_id_qpart = 'NULL';
1380                                 } else {
1381                                         $cat_id_qpart = "'$cat_id'";
1382                                 }
1383
1384                                 db_query($link, "BEGIN");
1385
1386                                 foreach ($ids as $id) {
1387
1388                                         db_query($link, "UPDATE ttrss_feeds SET cat_id = $cat_id_qpart
1389                                                 WHERE id = '$id' AND parent_feed IS NULL
1390                                                 AND owner_uid = " . $_SESSION["uid"]);
1391
1392                                         # update linked feed categories
1393                                         db_query($link, "UPDATE ttrss_feeds SET
1394                                                 cat_id = $cat_id_qpart WHERE parent_feed = '$id' AND
1395                                                 owner_uid = " . $_SESSION["uid"]);
1396
1397                                 }
1398
1399                                 db_query($link, "COMMIT");
1400                         }
1401
1402                 }
1403
1404                 if ($quiet) return;
1405
1406 //              print "<h3>Edit Feeds</h3>";
1407
1408                 $result = db_query($link, "SELECT id,title,feed_url,last_error
1409                         FROM ttrss_feeds WHERE last_error != '' AND owner_uid = ".$_SESSION["uid"]);
1410
1411                 if (db_num_rows($result) > 0) {
1412
1413                         print "<div class=\"warning\">";
1414
1415 //                      print"<img class=\"closeButton\"
1416 //                              onclick=\"javascript:hideParentElement(this);\" src=\"images/close.png\">";
1417
1418                         print "<a href=\"javascript:showBlockElement('feedUpdateErrors')\">
1419                                 <b>Some feeds have update errors (click for details)</b></a>";
1420
1421                         print "<ul id=\"feedUpdateErrors\" class=\"nomarks\">";
1422
1423                         while ($line = db_fetch_assoc($result)) {
1424                                 print "<li>" . $line["title"] . " (" . $line["feed_url"] . "): " .
1425                                         $line["last_error"];
1426                         }
1427
1428                         print "</ul>";
1429                         print "</div>";
1430
1431                 }
1432
1433                 $feed_search = db_escape_string($_GET["search"]);
1434
1435                 if (array_key_exists("search", $_GET)) {
1436                         $_SESSION["prefs_feed_search"] = $feed_search;
1437                 } else {
1438                         $feed_search = $_SESSION["prefs_feed_search"];
1439                 }
1440
1441                 print "<table width='100%' class=\"prefGenericAddBox\"
1442                         cellspacing='0' cellpadding='0'><tr>
1443                         <td>
1444                                 <input id=\"fadd_link\"
1445                                         onkeyup=\"toggleSubmitNotEmpty(this, 'fadd_submit_btn')\"
1446                                         size=\"40\">
1447                                 <input type=\"submit\" class=\"button\"
1448                                         disabled=\"true\" id=\"fadd_submit_btn\"
1449                                         onclick=\"addFeed()\" value=\"Subscribe\">";
1450
1451                 if (ENABLE_FEED_BROWSER && !SINGLE_USER_MODE) {
1452                         print " <input type=\"submit\" class=\"button\"
1453                                 onclick=\"javascript:browseFeeds()\" value=\"Top 25\">";
1454                 }
1455
1456                 print "</td><td align='right'>
1457                                 <input id=\"feed_search\" size=\"20\"
1458                                         onchange=\"javascript:updateFeedList()\" value=\"$feed_search\">
1459                                 <input type=\"submit\" class=\"button\"
1460                                 onclick=\"javascript:updateFeedList()\" value=\"Search\">
1461                         </td>
1462                         </tr></table>";
1463
1464                 $feeds_sort = db_escape_string($_GET["sort"]);
1465
1466                 if (!$feeds_sort || $feeds_sort == "undefined") {
1467                         $feeds_sort = $_SESSION["pref_sort_feeds"];
1468                         if (!$feeds_sort) $feeds_sort = "title";
1469                 }
1470
1471                 $_SESSION["pref_sort_feeds"] = $feeds_sort;
1472
1473                 if ($feed_search) {
1474                         $search_qpart = "(UPPER(F1.title) LIKE UPPER('%$feed_search%') OR
1475                                 UPPER(F1.feed_url) LIKE UPPER('%$feed_search%')) AND";
1476                 } else {
1477                         $search_qpart = "";
1478                 }
1479
1480                 if (get_pref($link, 'ENABLE_FEED_CATS')) {
1481                         $order_by_qpart = "category,$feeds_sort,title";
1482                 } else {
1483                         $order_by_qpart = "$feeds_sort,title";
1484                 }
1485
1486                 $result = db_query($link, "SELECT
1487                                 F1.id,
1488                                 F1.title,
1489                                 F1.feed_url,
1490                                 substring(F1.last_updated,1,16) AS last_updated,
1491                                 F1.parent_feed,
1492                                 F1.update_interval,
1493                                 F1.purge_interval,
1494                                 F1.cat_id,
1495                                 F2.title AS parent_title,
1496                                 C1.title AS category,
1497                                 F1.hidden,
1498                                 F1.include_in_digest
1499                         FROM
1500                                 ttrss_feeds AS F1
1501                                 LEFT JOIN ttrss_feeds AS F2
1502                                         ON (F1.parent_feed = F2.id)
1503                                 LEFT JOIN ttrss_feed_categories AS C1
1504                                         ON (F1.cat_id = C1.id)
1505                         WHERE
1506                                 $search_qpart F1.owner_uid = '".$_SESSION["uid"]."'
1507                         ORDER by $order_by_qpart");
1508
1509                 if (db_num_rows($result) != 0) {
1510
1511 //                      print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
1512
1513                         print "<p><table width=\"100%\" cellspacing=\"0\"
1514                                 class=\"prefFeedList\" id=\"prefFeedList\">";
1515                         print "<tr><td class=\"selectPrompt\" colspan=\"8\">
1516                                 Select:
1517                                         <a href=\"javascript:selectPrefRows('feed', true)\">All</a>,
1518                                         <a href=\"javascript:selectPrefRows('feed', false)\">None</a>
1519                                 </td</tr>";
1520
1521                         if (!get_pref($link, 'ENABLE_FEED_CATS')) {
1522                                 print "<tr class=\"title\">
1523                                         <td width='5%' align='center'>&nbsp;</td>";
1524
1525                                 if (get_pref($link, 'ENABLE_FEED_ICONS')) {
1526                                         print "<td width='3%'>&nbsp;</td>";
1527                                 }
1528
1529                                 print "
1530                                         <td width='40%'><a href=\"javascript:updateFeedList('title')\">Title</a></td>
1531                                         <td width='45%'><a href=\"javascript:updateFeedList('feed_url')\">Feed</a></td>
1532                                         <td width='15%' align='right'><a href=\"javascript:updateFeedList('last_updated')\">Updated</a></td>";
1533                         }
1534
1535                         $lnum = 0;
1536
1537                         $cur_cat_id = -1;
1538
1539                         while ($line = db_fetch_assoc($result)) {
1540
1541                                 $feed_id = $line["id"];
1542                                 $cat_id = $line["cat_id"];
1543
1544                                 $edit_title = htmlspecialchars(db_unescape_string($line["title"]));
1545                                 $edit_link = htmlspecialchars(db_unescape_string($line["feed_url"]));
1546                                 $edit_cat = htmlspecialchars(db_unescape_string($line["category"]));
1547
1548                                 $hidden = sql_bool_to_bool($line["hidden"]);
1549
1550                                 if (!$edit_cat) $edit_cat = "Uncategorized";
1551
1552                                 $last_updated = $line["last_updated"];
1553
1554                                 if (get_pref($link, 'HEADLINES_SMART_DATE')) {
1555                                         $last_updated = smart_date_time(strtotime($last_updated));
1556                                 } else {
1557                                         $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
1558                                         $last_updated = date($short_date, strtotime($last_updated));
1559                                 }
1560
1561                                 if (get_pref($link, 'ENABLE_FEED_CATS') && $cur_cat_id != $cat_id) {
1562                                         $lnum = 0;
1563
1564                                         print "<tr><td colspan=\"6\" class=\"feedEditCat\">$edit_cat</td></tr>";
1565
1566                                         print "<tr class=\"title\">
1567                                                 <td width='5%'>&nbsp;</td>";
1568
1569                                         if (get_pref($link, 'ENABLE_FEED_ICONS')) {
1570                                                 print "<td width='3%'>&nbsp;</td>";
1571                                         }
1572
1573                                         print "<td width='40%'><a href=\"javascript:updateFeedList('title')\">Title</a></td>
1574                                                 <td width='45%'><a href=\"javascript:updateFeedList('feed_url')\">Feed</a></td>
1575                                                 <td width='15%' align='right'><a href=\"javascript:updateFeedList('last_updated')\">Updated</a></td>";
1576
1577                                         $cur_cat_id = $cat_id;
1578                                 }
1579
1580                                 $class = ($lnum % 2) ? "even" : "odd";
1581                                 $this_row_id = "id=\"FEEDR-$feed_id\"";
1582
1583                                 print "<tr class=\"$class\" $this_row_id>";
1584
1585                                 $icon_file = ICONS_DIR . "/$feed_id.ico";
1586
1587                                 if (file_exists($icon_file) && filesize($icon_file) > 0) {
1588                                                 $feed_icon = "<img class=\"tinyFeedIcon\"       src=\"" . ICONS_URL . "/$feed_id.ico\">";
1589                                 } else {
1590                                         $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
1591                                 }
1592
1593                                 print "<td class='feedSelect'><input onclick='toggleSelectPrefRow(this, \"feed\");'
1594                                 type=\"checkbox\" id=\"FRCHK-".$line["id"]."\"></td>";
1595
1596                                 if (get_pref($link, 'ENABLE_FEED_ICONS')) {
1597                                         print "<td class='feedIcon'>$feed_icon</td>";
1598                                 }
1599
1600                                 $edit_title = truncate_string($edit_title, 40);
1601                                 $edit_link = truncate_string($edit_link, 60);
1602
1603                                 if ($hidden) {
1604                                         $edit_title = "<span class=\"insensitive\">$edit_title (Hidden)</span>";
1605                                         $edit_link = "<span class=\"insensitive\">$edit_link</span>";
1606                                         $last_updated = "<span class=\"insensitive\">$last_updated</span>";
1607                                 }
1608
1609                                 $parent_title = $line["parent_title"];
1610                                 if ($parent_title) {
1611                                         $parent_title = "<span class='groupPrompt'>(linked to
1612                                                 $parent_title)</span>";
1613                                 }
1614
1615                                 print "<td><a href=\"javascript:editFeed($feed_id);\">" .
1616                                         "$edit_title $parent_title" . "</a></td>";
1617
1618                                 print "<td><a href=\"javascript:editFeed($feed_id);\">" .
1619                                         $edit_link . "</a></td>";
1620
1621                                 print "<td align='right'><a href=\"javascript:editFeed($feed_id);\">" .
1622                                         "$last_updated</a></td>";
1623
1624                                 print "</tr>";
1625
1626                                 ++$lnum;
1627                         }
1628
1629                         print "</table>";
1630
1631                         print "<p><span id=\"feedOpToolbar\">";
1632
1633                         if ($subop == "edit") {
1634                                 print "Edit feed:&nbsp;
1635                                         <input type=\"submit\" class=\"button\"
1636                                                 onclick=\"javascript:feedEditCancel()\" value=\"Cancel\">
1637                                         <input type=\"submit\" class=\"button\"
1638                                                 onclick=\"javascript:feedEditSave()\" value=\"Save\">";
1639                         } else {
1640
1641                                 print "
1642                                         Selection:&nbsp;
1643                                 <input type=\"submit\" class=\"button\" disabled=\"true\"
1644                                         onclick=\"javascript:editSelectedFeed()\" value=\"Edit\">
1645                                 <input type=\"submit\" class=\"button\" disabled=\"true\"
1646                                         onclick=\"javascript:removeSelectedFeeds()\" value=\"Unsubscribe\">";
1647
1648                                 if (get_pref($link, 'ENABLE_FEED_CATS')) {
1649
1650                                         print "&nbsp;|&nbsp;";
1651
1652                                         print_feed_cat_select($link, "sfeed_set_fcat", "", "disabled");
1653
1654                                         print " <input type=\"submit\" class=\"button\" disabled=\"true\"
1655                                         onclick=\"javascript:categorizeSelectedFeeds()\" value=\"Recategorize\">";
1656
1657                                 }
1658
1659                                 print "</span>
1660                                         &nbsp;All feeds: <input type=\"submit\"
1661                                                         class=\"button\" onclick=\"gotoExportOpml()\"
1662                                                         value=\"Export OPML\">";
1663                                 }
1664                 } else {
1665
1666                         print "<p>No feeds defined.</p>";
1667
1668                 }
1669
1670                 if (get_pref($link, 'ENABLE_FEED_CATS')) {
1671
1672                         print "<h3>Edit Categories</h3>";
1673
1674                         print "<div class=\"prefGenericAddBox\">
1675                                 <input id=\"fadd_cat\"
1676                                         onkeyup=\"toggleSubmitNotEmpty(this, 'catadd_submit_btn')\"
1677                                         size=\"40\">&nbsp;
1678                                 <input
1679                                         type=\"submit\" class=\"button\" disabled=\"true\" id=\"catadd_submit_btn\"
1680                                         onclick=\"javascript:addFeedCat()\" value=\"Create category\"></div>";
1681
1682                         $result = db_query($link, "SELECT title,id FROM ttrss_feed_categories
1683                                 WHERE owner_uid = ".$_SESSION["uid"]."
1684                                 ORDER BY title");
1685
1686                         if (db_num_rows($result) != 0) {
1687
1688                                 print "<form id=\"feed_cat_edit_form\">";
1689
1690                                 print "<p><table width=\"100%\" class=\"prefFeedCatList\"
1691                                         cellspacing=\"0\" id=\"prefFeedCatList\">";
1692
1693                                 print "<tr><td class=\"selectPrompt\" colspan=\"8\">
1694                                 Select:
1695                                         <a href=\"javascript:selectPrefRows('fcat', true)\">All</a>,
1696                                         <a href=\"javascript:selectPrefRows('fcat', false)\">None</a>
1697                                 </td</tr>";
1698
1699                                 print "<tr class=\"title\">
1700                                                         <td width=\"5%\">&nbsp;</td><td width=\"80%\">Title</td>
1701                                                 </tr>";
1702
1703                                 $lnum = 0;
1704
1705                                 while ($line = db_fetch_assoc($result)) {
1706
1707                                         $class = ($lnum % 2) ? "even" : "odd";
1708
1709                                         $cat_id = $line["id"];
1710
1711                                         $edit_cat_id = $_GET["id"];
1712
1713                                         if ($subop == "editCat" && $cat_id != $edit_cat_id) {
1714                                                         $class .= "Grayed";
1715                                                         $this_row_id = "";
1716                                         } else {
1717                                                 $this_row_id = "id=\"FCATR-$cat_id\"";
1718                                         }
1719
1720                                         print "<tr class=\"$class\" $this_row_id>";
1721
1722                                         $edit_title = htmlspecialchars(db_unescape_string($line["title"]));
1723
1724                                         if (!$edit_cat_id || $subop != "editCat") {
1725
1726                                                 print "<td align='center'><input onclick='toggleSelectPrefRow(this, \"fcat\");'
1727                                                         type=\"checkbox\" id=\"FCCHK-".$line["id"]."\"></td>";
1728
1729                                                 print "<td><a href=\"javascript:editFeedCat($cat_id);\">" .
1730                                                         $edit_title . "</a></td>";
1731
1732                                         } else if ($cat_id != $edit_cat_id) {
1733
1734                                                 print "<td align='center'><input disabled=\"true\" type=\"checkbox\"
1735                                                         id=\"FRCHK-".$line["id"]."\"></td>";
1736
1737                                                 print "<td>$edit_title</td>";
1738
1739                                         } else {
1740
1741                                                 print "<td align='center'><input disabled=\"true\" type=\"checkbox\" checked>";
1742
1743                                                 print "<input type=\"hidden\" name=\"id\" value=\"$cat_id\">";
1744                                                 print "<input type=\"hidden\" name=\"op\" value=\"pref-feeds\">";
1745                                                 print "<input type=\"hidden\" name=\"subop\" value=\"saveCat\">";
1746
1747                                                 print "</td>";
1748
1749                                                 print "<td><input onkeypress=\"return filterCR(event)\"
1750                                                         name=\"title\" class=\"iedit\" value=\"$edit_title\"></td>";
1751
1752                                         }
1753
1754                                         print "</tr>";
1755
1756                                         ++$lnum;
1757                                 }
1758
1759                                 print "</table>";
1760
1761                                 print "</form>";
1762
1763                                 print "<p id=\"catOpToolbar\">";
1764
1765                                 if ($subop == "editCat") {
1766                                         print "Edit category:&nbsp;
1767                                                 <input type=\"submit\" class=\"button\"
1768                                                         onclick=\"return feedCatEditSave()\" value=\"Save\">
1769                                                 <input type=\"submit\" class=\"button\"
1770                                                         onclick=\"return feedCatEditCancel()\" value=\"Cancel\">";
1771                                         } else {
1772
1773                                         print "
1774                                                 Selection:&nbsp;
1775                                         <input type=\"submit\" class=\"button\" disabled=\"true\"
1776                                                 onclick=\"return editSelectedFeedCat()\" value=\"Edit\">
1777                                         <input type=\"submit\" class=\"button\" disabled=\"true\"
1778                                                 onclick=\"return removeSelectedFeedCats()\" value=\"Remove\">";
1779
1780                                 }
1781
1782                         } else {
1783                                 print "<p>No feed categories defined.</p>";
1784                         }
1785                 }
1786
1787                 print "<h3>Import OPML</h3>
1788                 <form   enctype=\"multipart/form-data\" method=\"POST\" action=\"opml.php\">
1789                         File: <input id=\"opml_file\" name=\"opml_file\" type=\"file\">&nbsp;
1790                         <input class=\"button\" name=\"op\" onclick=\"return validateOpmlImport();\"
1791                                 type=\"submit\" value=\"Import\">
1792                         </form>";
1793
1794         }
1795
1796         if ($op == "pref-filters") {
1797
1798                 $subop = $_GET["subop"];
1799                 $quiet = $_GET["quiet"];
1800
1801                 if ($subop == "edit") {
1802
1803                         $filter_id = db_escape_string($_GET["id"]);
1804
1805                         $result = db_query($link,
1806                                 "SELECT * FROM ttrss_filters WHERE id = '$filter_id' AND owner_uid = " . $_SESSION["uid"]);
1807
1808                         $reg_exp = htmlspecialchars(db_unescape_string(db_fetch_result($result, 0, "reg_exp")));
1809                         $filter_type = db_fetch_result($result, 0, "filter_type");
1810                         $feed_id = db_fetch_result($result, 0, "feed_id");
1811                         $action_id = db_fetch_result($result, 0, "action_id");
1812
1813                         $enabled = sql_bool_to_bool(db_fetch_result($result, 0, "enabled"));
1814
1815                         print "<div id=\"infoBoxTitle\">Filter editor</div>";
1816                         print "<div class=\"infoBoxContents\">";
1817
1818                         print "<form id=\"filter_edit_form\">";
1819
1820                         print "<input type=\"hidden\" name=\"op\" value=\"pref-filters\">";
1821                         print "<input type=\"hidden\" name=\"id\" value=\"$filter_id\">";
1822                         print "<input type=\"hidden\" name=\"subop\" value=\"editSave\">";
1823
1824 //                      print "<div class=\"notice\"><b>Note:</b> filter will only apply to new articles.</div>";
1825
1826                         $result = db_query($link, "SELECT id,description
1827                                 FROM ttrss_filter_types ORDER BY description");
1828
1829                         $filter_types = array();
1830
1831                         while ($line = db_fetch_assoc($result)) {
1832                                 //array_push($filter_types, $line["description"]);
1833                                 $filter_types[$line["id"]] = $line["description"];
1834                         }
1835
1836                         print "<table width='100%'>";
1837
1838                         print "<tr><td>Match:</td>
1839                                 <td><input onkeypress=\"return filterCR(event)\"
1840                                          onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
1841                                         name=\"reg_exp\" class=\"iedit\" value=\"$reg_exp\">";
1842
1843                         print "</td><td>";
1844
1845                         print_select_hash("filter_type", $filter_type, $filter_types, "class=\"iedit\"");
1846
1847                         print "</td></tr>";
1848                         print "<tr><td>Feed:</td><td colspan='2'>";
1849
1850                         print_feed_select($link, "feed_id", $feed_id);
1851
1852                         print "</td></tr>";
1853
1854                         print "<tr><td>Action:</td>";
1855
1856                         print "<td colspan='2'><select name=\"action_id\">";
1857
1858                         $result = db_query($link, "SELECT id,description FROM ttrss_filter_actions
1859                                 ORDER BY name");
1860
1861                         while ($line = db_fetch_assoc($result)) {
1862                                 $is_sel = ($line["id"] == $action_id) ? "selected" : "";
1863                                 printf("<option value='%d' $is_sel>%s</option>", $line["id"], $line["description"]);
1864                         }
1865
1866                         print "</select>";
1867
1868                         print "</td></tr>";
1869
1870                         if ($enabled) {
1871                                 $checked = "checked";
1872                         } else {
1873                                 $checked = "";
1874                         }
1875
1876                         print "<tr><td>Options:</td><td>
1877                                         <input type=\"checkbox\" name=\"enabled\" id=\"enabled\" $checked>
1878                                         <label for=\"enabled\">Enabled</label>";
1879
1880                         print "</td></tr></table>";
1881
1882                         print "</form>";
1883
1884                         print "<div align='right'>";
1885
1886                         print "<input type=\"submit\"
1887                                 id=\"infobox_submit\"
1888                                 class=\"button\" onclick=\"return filterEditSave()\"
1889                                 value=\"Save\"> ";
1890
1891                         print "<input class=\"button\"
1892                                 type=\"submit\" onclick=\"return filterEditCancel()\"
1893                                 value=\"Cancel\">";
1894
1895                         print "</div>";
1896
1897                         return;
1898                 }
1899
1900
1901                 if ($subop == "editSave") {
1902
1903                         $reg_exp = db_escape_string(trim($_GET["reg_exp"]));
1904                         $filter_type = db_escape_string(trim($_GET["filter_type"]));
1905                         $filter_id = db_escape_string($_GET["id"]);
1906                         $feed_id = db_escape_string($_GET["feed_id"]);
1907                         $action_id = db_escape_string($_GET["action_id"]);
1908                         $enabled = checkbox_to_sql_bool(db_escape_string($_GET["enabled"]));
1909
1910                         if (!$feed_id) {
1911                                 $feed_id = 'NULL';
1912                         } else {
1913                                 $feed_id = sprintf("'%s'", db_escape_string($feed_id));
1914                         }
1915
1916                         $result = db_query($link, "UPDATE ttrss_filters SET
1917                                         reg_exp = '$reg_exp',
1918                                         feed_id = $feed_id,
1919                                         action_id = '$action_id',
1920                                         filter_type = '$filter_type',
1921                                         enabled = $enabled
1922                                 WHERE id = '$filter_id' AND owner_uid = " . $_SESSION["uid"]);
1923                 }
1924
1925                 if ($subop == "remove") {
1926
1927                         if (!WEB_DEMO_MODE) {
1928
1929                                 $ids = split(",", db_escape_string($_GET["ids"]));
1930
1931                                 foreach ($ids as $id) {
1932                                         db_query($link, "DELETE FROM ttrss_filters WHERE id = '$id' AND owner_uid = ". $_SESSION["uid"]);
1933
1934                                 }
1935                         }
1936                 }
1937
1938                 if ($subop == "add") {
1939
1940                         if (!WEB_DEMO_MODE) {
1941
1942                                 $regexp = db_escape_string(trim($_GET["reg_exp"]));
1943                                 $filter_type = db_escape_string(trim($_GET["filter_type"]));
1944                                 $feed_id = db_escape_string($_GET["feed_id"]);
1945                                 $action_id = db_escape_string($_GET["action_id"]);
1946
1947                                 if (!$feed_id) {
1948                                         $feed_id = 'NULL';
1949                                 } else {
1950                                         $feed_id = sprintf("'%s'", db_escape_string($feed_id));
1951                                 }
1952
1953                                 $result = db_query($link,
1954                                         "INSERT INTO ttrss_filters (reg_exp,filter_type,owner_uid,feed_id,
1955                                                 action_id)
1956                                         VALUES
1957                                                 ('$regexp', '$filter_type','".$_SESSION["uid"]."',
1958                                                         $feed_id, '$action_id')");
1959                         }
1960                 }
1961
1962                 if ($quiet) return;
1963
1964                 $sort = db_escape_string($_GET["sort"]);
1965
1966                 if (!$sort || $sort == "undefined") {
1967                         $sort = "reg_exp";
1968                 }
1969
1970 //              print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
1971
1972                 $result = db_query($link, "SELECT id,description
1973                         FROM ttrss_filter_types ORDER BY description");
1974
1975                 $filter_types = array();
1976
1977                 while ($line = db_fetch_assoc($result)) {
1978                         //array_push($filter_types, $line["description"]);
1979                         $filter_types[$line["id"]] = $line["description"];
1980                 }
1981
1982                 print "<input type=\"submit\"
1983                         class=\"button\"
1984                         onclick=\"return displayDlg('quickAddFilter', false)\"
1985                         id=\"create_filter_btn\"
1986                         value=\"Create filter\">";
1987
1988                 $result = db_query($link, "SELECT
1989                                 ttrss_filters.id AS id,reg_exp,
1990                                 ttrss_filter_types.name AS filter_type_name,
1991                                 ttrss_filter_types.description AS filter_type_descr,
1992                                 enabled,
1993                                 feed_id,
1994                                 ttrss_filter_actions.description AS action_description,
1995                                 ttrss_feeds.title AS feed_title
1996                         FROM
1997                                 ttrss_filter_types,ttrss_filter_actions,ttrss_filters LEFT JOIN
1998                                         ttrss_feeds ON (ttrss_filters.feed_id = ttrss_feeds.id)
1999                         WHERE
2000                                 filter_type = ttrss_filter_types.id AND
2001                                 ttrss_filter_actions.id = action_id AND
2002                                 ttrss_filters.owner_uid = ".$_SESSION["uid"]."
2003                         ORDER by $sort");
2004
2005                 if (db_num_rows($result) != 0) {
2006
2007                         print "<form id=\"filter_edit_form\">";
2008
2009                         print "<p><table width=\"100%\" cellspacing=\"0\" class=\"prefFilterList\"
2010                                 id=\"prefFilterList\">";
2011
2012                         print "<tr><td class=\"selectPrompt\" colspan=\"8\">
2013                                 Select:
2014                                         <a href=\"javascript:selectPrefRows('filter', true)\">All</a>,
2015                                         <a href=\"javascript:selectPrefRows('filter', false)\">None</a>
2016                                 </td</tr>";
2017
2018                         print "<tr class=\"title\">
2019                                                 <td align='center' width=\"5%\">&nbsp;</td>
2020                                                 <td width=\"20%\"><a href=\"javascript:updateFilterList('reg_exp')\">Filter expression</a></td>
2021                                                 <td width=\"20%\"><a href=\"javascript:updateFilterList('feed_title')\">Feed</a></td>
2022                                                 <td width=\"15%\"><a href=\"javascript:updateFilterList('filter_type')\">Match</a></td>
2023                                                 <td width=\"15%\"><a href=\"javascript:updateFilterList('action_description')\">Action</a></td>";
2024
2025                         $lnum = 0;
2026
2027                         while ($line = db_fetch_assoc($result)) {
2028
2029                                 $class = ($lnum % 2) ? "even" : "odd";
2030
2031                                 $filter_id = $line["id"];
2032                                 $edit_filter_id = $_GET["id"];
2033
2034                                 $enabled = sql_bool_to_bool($line["enabled"]);
2035
2036                                 if ($subop == "edit" && $filter_id != $edit_filter_id) {
2037                                         $class .= "Grayed";
2038                                         $this_row_id = "";
2039                                 } else {
2040                                         $this_row_id = "id=\"FILRR-$filter_id\"";
2041                                 }
2042
2043                                 print "<tr class=\"$class\" $this_row_id>";
2044
2045                                 $line["reg_exp"] = htmlspecialchars(db_unescape_string($line["reg_exp"]));
2046
2047                                 if (!$line["feed_title"]) $line["feed_title"] = "All feeds";
2048
2049                                 $line["feed_title"] = htmlspecialchars(db_unescape_string($line["feed_title"]));
2050
2051                                 print "<td align='center'><input onclick='toggleSelectPrefRow(this, \"filter\");'
2052                                         type=\"checkbox\" id=\"FICHK-".$line["id"]."\"></td>";
2053
2054                                 if (!$enabled) {
2055                                         $line["reg_exp"] = "<span class=\"insensitive\">" .
2056                                                 $line["reg_exp"] . " (Disabled)</span>";
2057                                         $line["feed_title"] = "<span class=\"insensitive\">" .
2058                                                 $line["feed_title"] . "</span>";
2059                                         $line["filter_type_descr"] = "<span class=\"insensitive\">" .
2060                                                 $line["filter_type_descr"] . "</span>";
2061                                         $line["action_description"] = "<span class=\"insensitive\">" .
2062                                                 $line["action_description"] . "</span>";
2063                                 }
2064
2065                                 print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2066                                         $line["reg_exp"] . "</td>";
2067
2068                                 print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2069                                         $line["feed_title"] . "</td>";
2070
2071                                 print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2072                                         $line["filter_type_descr"] . "</td>";
2073
2074                                 print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2075                                         $line["action_description"] . "</td>";
2076
2077                                 print "</tr>";
2078
2079                                 ++$lnum;
2080                         }
2081
2082                         if ($lnum == 0) {
2083                                 print "<tr><td colspan=\"4\" align=\"center\">No filters defined.</td></tr>";
2084                         }
2085
2086                         print "</table>";
2087
2088                         print "</form>";
2089
2090                         print "<p id=\"filterOpToolbar\">";
2091
2092                         print "
2093                                         Selection:
2094                                 <input type=\"submit\" class=\"button\" disabled=\"true\"
2095                                         onclick=\"return editSelectedFilter()\" value=\"Edit\">
2096                                 <input type=\"submit\" class=\"button\" disabled=\"true\"
2097                                         onclick=\"return removeSelectedFilters()\" value=\"Remove\">";
2098
2099                         print "</p>";
2100
2101                 } else {
2102
2103                         print "<p>No filters defined.</p>";
2104
2105                 }
2106         }
2107
2108         // We need to accept raw SQL data in label queries, so not everything is escaped
2109         // here, this is by design. If you don't like the whole idea, disable labels
2110         // altogether with GLOBAL_ENABLE_LABELS = false
2111
2112         if ($op == "pref-labels") {
2113
2114                 if (!GLOBAL_ENABLE_LABELS) {
2115
2116                         print "<p>Sorry, labels have been administratively disabled for this installation. Please contact instance owner or edit configuration file to enable this functionality.</p>";
2117                         return;
2118                 }
2119
2120                 $subop = $_GET["subop"];
2121
2122                 if ($subop == "edit") {
2123
2124                         $label_id = db_escape_string($_GET["id"]);
2125
2126                         $result = db_query($link, "SELECT sql_exp,description   FROM ttrss_labels WHERE
2127                                 owner_uid = ".$_SESSION["uid"]." AND id = '$label_id' ORDER by description");
2128
2129                         $line = db_fetch_assoc($result);
2130
2131                         $sql_exp = htmlspecialchars(db_unescape_string($line["sql_exp"]));
2132                         $description = htmlspecialchars(db_unescape_string($line["description"]));
2133
2134                         print "<div id=\"infoBoxTitle\">Label editor</div>";
2135                         print "<div class=\"infoBoxContents\">";
2136
2137                         print "<form id=\"label_edit_form\">";
2138
2139                         print "<input type=\"hidden\" name=\"op\" value=\"pref-labels\">";
2140                         print "<input type=\"hidden\" name=\"id\" value=\"$label_id\">";
2141                         print "<input type=\"hidden\" name=\"subop\" value=\"editSave\">";
2142
2143                         print "<table width='100%'>";
2144
2145                         print "<tr><td>Caption:</td>
2146                                 <td><input onkeypress=\"return filterCR(event)\"
2147                                          onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
2148                                          name=\"description\" class=\"iedit\" value=\"$description\">";
2149
2150                         print "</td></tr>";
2151
2152                         print "<tr><td colspan=\"2\">
2153                                 <p>SQL Expression:</p>";
2154
2155                         print "<textarea onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
2156                                          rows=\"4\" name=\"sql_exp\" class=\"iedit\">$sql_exp</textarea>";
2157
2158                         print "</td></tr></table>";
2159
2160                         print "</form>";
2161
2162                         print "<div style=\"display : none\" id=\"label_test_result\"></div>";
2163
2164                         print "<div align='right'>";
2165
2166                         $is_disabled = (strpos($_SERVER['HTTP_USER_AGENT'], 'Opera') !== FALSE) ? "disabled" : "";
2167
2168                         print "<input $is_disabled type=\"submit\" onclick=\"return labelTest()\" value=\"Test\">
2169                                 ";
2170
2171                         print "<input type=\"submit\"
2172                                 id=\"infobox_submit\"
2173                                 class=\"button\" onclick=\"return labelEditSave()\"
2174                                 value=\"Save\"> ";
2175
2176                         print "<input class=\"button\"
2177                                 type=\"submit\" onclick=\"return labelEditCancel()\"
2178                                 value=\"Cancel\">";
2179
2180                         print "</div>";
2181
2182                         return;
2183                 }
2184
2185                 if ($subop == "test") {
2186
2187                         $expr = db_unescape_string(trim($_GET["expr"]));
2188                         $descr = db_unescape_string(trim($_GET["descr"]));
2189
2190                         print "<div>";
2191
2192                         error_reporting(0);
2193
2194
2195                         $result = db_query($link,
2196                                 "SELECT count(ttrss_entries.id) AS num_matches
2197                                         FROM ttrss_entries,ttrss_user_entries,ttrss_feeds
2198                                         WHERE ($expr) AND
2199                                                 ttrss_user_entries.ref_id = ttrss_entries.id AND
2200                                                 ttrss_user_entries.feed_id = ttrss_feeds.id AND
2201                                                 ttrss_user_entries.owner_uid = " . $_SESSION["uid"], false);
2202
2203                         error_reporting (DEFAULT_ERROR_LEVEL);
2204
2205                         if (!$result) {
2206                                 print "<p>" . db_last_error($link) . "</p>";
2207                                 print "</div>";
2208                                 return;
2209                         }
2210
2211                         $num_matches = db_fetch_result($result, 0, "num_matches");;
2212
2213                         if ($num_matches > 0) {
2214
2215                                 if ($num_matches > 10) {
2216                                         $showing_msg = ", showing first 10";
2217                                 }
2218
2219                                 print "<p>Query returned <b>$num_matches</b> matches$showing_msg:</p>";
2220
2221                                 $result = db_query($link,
2222                                         "SELECT ttrss_entries.title,
2223                                                 (SELECT title FROM ttrss_feeds WHERE id = feed_id) AS feed_title
2224                                         FROM ttrss_entries,ttrss_user_entries,ttrss_feeds
2225                                                         WHERE ($expr) AND
2226                                                         ttrss_user_entries.ref_id = ttrss_entries.id
2227                                                         AND ttrss_user_entries.feed_id = ttrss_feeds.id
2228                                                         AND ttrss_user_entries.owner_uid = " . $_SESSION["uid"] . "
2229                                                         ORDER BY date_entered DESC LIMIT 10", false);
2230
2231                                 print "<ul class=\"labelTestResults\">";
2232
2233                                 $row_class = "even";
2234
2235                                 while ($line = db_fetch_assoc($result)) {
2236                                         $row_class = toggleEvenOdd($row_class);
2237
2238                                         print "<li class=\"$row_class\">".$line["title"].
2239                                                 " <span class=\"insensitive\">(".$line["feed_title"].")</span></li>";
2240                                 }
2241                                 print "</ul>";
2242
2243                         } else {
2244                                 print "<p>Query didn't return any matches.</p>";
2245                         }
2246
2247                         print "</div>";
2248
2249                         return;
2250                 }
2251
2252                 if ($subop == "editSave") {
2253
2254                         $sql_exp = trim($_GET["sql_exp"]);
2255                         $descr = db_escape_string(trim($_GET["description"]));
2256                         $label_id = db_escape_string($_GET["id"]);
2257
2258                         $result = db_query($link, "UPDATE ttrss_labels SET
2259                                 sql_exp = '$sql_exp',
2260                                 description = '$descr'
2261                                 WHERE id = '$label_id'");
2262                 }
2263
2264                 if ($subop == "remove") {
2265
2266                         if (!WEB_DEMO_MODE) {
2267
2268                                 $ids = split(",", db_escape_string($_GET["ids"]));
2269
2270                                 foreach ($ids as $id) {
2271                                         db_query($link, "DELETE FROM ttrss_labels WHERE id = '$id'");
2272
2273                                 }
2274                         }
2275                 }
2276
2277                 if ($subop == "add") {
2278
2279                         if (!WEB_DEMO_MODE) {
2280
2281                                 // no escaping is done here on purpose
2282                                 $sql_exp = trim($_GET["sql_exp"]);
2283                                 $description = db_escape_string($_GET["description"]);
2284
2285                                 $result = db_query($link,
2286                                         "INSERT INTO ttrss_labels (sql_exp,description,owner_uid)
2287                                                 VALUES ('$sql_exp', '$description', '".$_SESSION["uid"]."')");
2288                         }
2289                 }
2290
2291                 $sort = db_escape_string($_GET["sort"]);
2292
2293                 if (!$sort || $sort == "undefined") {
2294                         $sort = "description";
2295                 }
2296
2297                 print "<div class=\"prefGenericAddBox\">";
2298
2299                 print"<input type=\"submit\" class=\"button\"
2300                         id=\"label_create_btn\"
2301                         onclick=\"return displayDlg('quickAddLabel', false)\"
2302                         value=\"Create label\"></div>";
2303
2304                 $result = db_query($link, "SELECT
2305                                 id,sql_exp,description
2306                         FROM
2307                                 ttrss_labels
2308                         WHERE
2309                                 owner_uid = ".$_SESSION["uid"]."
2310                         ORDER BY $sort");
2311
2312 //              print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
2313
2314                 if (db_num_rows($result) != 0) {
2315
2316                         print "<form id=\"label_edit_form\">";
2317
2318                         print "<p><table width=\"100%\" cellspacing=\"0\"
2319                                 class=\"prefLabelList\" id=\"prefLabelList\">";
2320
2321                         print "<tr><td class=\"selectPrompt\" colspan=\"8\">
2322                                 Select:
2323                                         <a href=\"javascript:selectPrefRows('label', true)\">All</a>,
2324                                         <a href=\"javascript:selectPrefRows('label', false)\">None</a>
2325                                 </td</tr>";
2326
2327                         print "<tr class=\"title\">
2328                                                 <td width=\"5%\">&nbsp;</td>
2329                                                 <td width=\"30%\"><a href=\"javascript:updateLabelList('description')\">Caption</a></td>
2330                                                 <td width=\"50%\"><a href=\"javascript:updateLabelList('sql_exp')\">SQL Expression</a>
2331                                                 <a class=\"helpLink\" href=\"javascript:displayHelpInfobox(1)\">(?)</a>
2332                                                 </td>
2333                                                 </tr>";
2334
2335                         $lnum = 0;
2336
2337                         while ($line = db_fetch_assoc($result)) {
2338
2339                                 $class = ($lnum % 2) ? "even" : "odd";
2340
2341                                 $label_id = $line["id"];
2342                                 $edit_label_id = $_GET["id"];
2343
2344                                 if ($subop == "edit" && $label_id != $edit_label_id) {
2345                                         $class .= "Grayed";
2346                                         $this_row_id = "";
2347                                 } else {
2348                                         $this_row_id = "id=\"LILRR-$label_id\"";
2349                                 }
2350
2351                                 print "<tr class=\"$class\" $this_row_id>";
2352
2353                                 $line["sql_exp"] = htmlspecialchars(db_unescape_string($line["sql_exp"]));
2354                                 $line["description"] = htmlspecialchars(
2355                                                 db_unescape_string($line["description"]));
2356
2357                                 if (!$line["description"]) $line["description"] = "[No caption]";
2358
2359                                 print "<td align='center'><input onclick='toggleSelectPrefRow(this, \"label\");'
2360                                         type=\"checkbox\" id=\"LICHK-".$line["id"]."\"></td>";
2361
2362                                 print "<td><a href=\"javascript:editLabel($label_id);\">" .
2363                                         $line["description"] . "</td>";
2364
2365                                 print "<td><a href=\"javascript:editLabel($label_id);\">" .
2366                                         $line["sql_exp"] . "</td>";
2367
2368                                 print "</tr>";
2369
2370                                 ++$lnum;
2371                         }
2372
2373                         if ($lnum == 0) {
2374                                 print "<tr><td colspan=\"4\" align=\"center\">No labels defined.</td></tr>";
2375                         }
2376
2377                         print "</table>";
2378
2379                         print "</form>";
2380
2381                         print "<p id=\"labelOpToolbar\">";
2382
2383                         print "
2384                                         Selection:
2385                                 <input type=\"submit\" class=\"button\" disabled=\"true\"
2386                                         onclick=\"javascript:editSelectedLabel()\" value=\"Edit\">
2387                                 <input type=\"submit\" class=\"button\" disabled=\"true\"
2388                                 onclick=\"javascript:removeSelectedLabels()\" value=\"Remove\">";
2389
2390                 } else {
2391                         print "<p>No labels defined.</p>";
2392                 }
2393         }
2394
2395         if ($op == "error") {
2396                 print "<div width=\"100%\" align='center'>";
2397                 $msg = $_GET["msg"];
2398                 print $msg;
2399                 print "</div>";
2400         }
2401
2402         if ($op == "help") {
2403                 if (!$_GET["noheaders"]) {
2404                         print "<html><head>
2405                                 <title>Tiny Tiny RSS : Help</title>
2406                                 <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">
2407                                 <script type=\"text/javascript\" src=\"prototype.js\"></script>
2408                                 <script type=\"text/javascript\" src=\"functions.js?$script_dt_add\"></script>
2409                                 <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
2410                                 </head><body>";
2411                 }
2412
2413                 $tid = sprintf("%d", $_GET["tid"]);
2414
2415                 print "<div id=\"infoBoxTitle\">Help</div>";
2416
2417                 print "<div class='infoBoxContents'>";
2418
2419                 if (file_exists("help/$tid.php")) {
2420                         include("help/$tid.php");
2421                 } else {
2422                         print "<p>Help topic not found.</p>";
2423                 }
2424
2425                 print "</div>";
2426
2427                 print "<div align='center'>
2428                         <input type='submit' class='button'
2429                         onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
2430
2431                 if (!$_GET["noheaders"]) {
2432                         print "</body></html>";
2433                 }
2434
2435         }
2436
2437         if ($op == "dlg") {
2438                 $id = $_GET["id"];
2439                 $param = $_GET["param"];
2440
2441                 if ($id == "quickAddFeed") {
2442
2443                         print "<div id=\"infoBoxTitle\">Subscribe to feed</div>";
2444                         print "<div class=\"infoBoxContents\">";
2445
2446                         print "<form id='feed_add_form'>";
2447
2448                         print "<input type=\"hidden\" name=\"op\" value=\"pref-feeds\">";
2449                         print "<input type=\"hidden\" name=\"quiet\" value=\"1\">";
2450                         print "<input type=\"hidden\" name=\"subop\" value=\"add\">";
2451
2452                         print "<table width='100%'>
2453                         <tr><td>Feed URL:</td><td>
2454                                 <input class=\"iedit\" onblur=\"javascript:enableHotkeys()\"
2455                                         onkeypress=\"return filterCR(event)\"
2456                                         onkeyup=\"toggleSubmitNotEmpty(this, 'fadd_submit_btn')\"
2457                                         onfocus=\"javascript:disableHotkeys()\" name=\"feed_url\"></td></tr>";
2458
2459                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
2460                                 print "<tr><td>Category:</td><td>";
2461                                 print_feed_cat_select($link, "cat_id");
2462                                 print "</td></tr>";
2463                         }
2464
2465                         print "</table>";
2466                         print "</form>";
2467
2468                         print "<div align='right'>
2469                                 <input class=\"button\"
2470                                         id=\"fadd_submit_btn\" disabled=\"true\"
2471                                         type=\"submit\" onclick=\"return qafAdd()\" value=\"Subscribe\">
2472                                 <input class=\"button\"
2473                                         type=\"submit\" onclick=\"return closeInfoBox()\"
2474                                         value=\"Cancel\"></div>";
2475                 }
2476
2477                 if ($id == "search") {
2478
2479                         print "<div id=\"infoBoxTitle\">Search</div>";
2480                         print "<div class=\"infoBoxContents\">";
2481
2482                         print "<form id='search_form'>";
2483
2484                         #$active_feed_id = db_escape_string($_GET["param"]);
2485
2486                         $params = split(":", db_escape_string($_GET["param"]));
2487
2488                         $active_feed_id = sprintf("%d", $params[0]);
2489                         $is_cat = $params[1] == "true";
2490
2491                         print "<table width='100%'><tr><td>Search:</td><td>";
2492
2493                         print "<input name=\"query\" class=\"iedit\"
2494                                 onkeypress=\"return filterCR(event)\"
2495                                 onkeyup=\"toggleSubmitNotEmpty(this, 'search_submit_btn')\"
2496                                 value=\"\">
2497                         </td></tr>";
2498
2499                         print "<tr><td>Where:</td><td>";
2500
2501                         print "<select name=\"search_mode\">
2502                                 <option value=\"all_feeds\">All feeds</option>";
2503
2504                         $feed_title = getFeedTitle($link, $active_feed_id);
2505
2506                         if (!$is_cat) {
2507                                 $feed_cat_title = getFeedCatTitle($link, $active_feed_id);
2508                         } else {
2509                                 $feed_cat_title = getCategoryTitle($link, $active_feed_id);
2510                         }
2511
2512                         if ($active_feed_id && !$is_cat) {
2513                                 print "<option selected value=\"this_feed\">This feed ($feed_title)</option>";
2514                         } else {
2515                                 print "<option disabled>This feed</option>";
2516                         }
2517
2518                         if ($is_cat) {
2519                                 $cat_preselected = "selected";
2520                         }
2521
2522                         if (get_pref($link, 'ENABLE_FEED_CATS') && ($active_feed_id > 0 || $is_cat)) {
2523                                 print "<option $cat_preselected value=\"this_cat\">This category ($feed_cat_title)</option>";
2524                         } else {
2525                                 print "<option disabled>This category</option>";
2526                         }
2527
2528                         print "</select></td></tr>";
2529
2530                         print "<tr><td>Match on:</td><td>";
2531
2532                         $search_fields = array(
2533                                 "title" => "Title",
2534                                 "content" => "Content",
2535                                 "both" => "Title or content");
2536
2537                         print_select_hash("match_on", 3, $search_fields);
2538
2539                         print "</td></tr></table>";
2540
2541                         print "</form>";
2542
2543                         print "<div align=\"right\">
2544                         <input type=\"submit\"
2545                                 class=\"button\" onclick=\"javascript:search()\"
2546                                 id=\"search_submit_btn\" disabled=\"true\"
2547                                 value=\"Search\">
2548                         <input class=\"button\"
2549                                 type=\"submit\" onclick=\"javascript:searchCancel()\"
2550                                 value=\"Cancel\"></div>";
2551
2552                         print "</div>";
2553
2554                 }
2555
2556                 if ($id == "quickAddLabel") {
2557                         print "<div id=\"infoBoxTitle\">Create label</div>";
2558                         print "<div class=\"infoBoxContents\">";
2559
2560                         print "<form id=\"label_edit_form\">";
2561
2562                         print "<input type=\"hidden\" name=\"op\" value=\"pref-labels\">";
2563                         print "<input type=\"hidden\" name=\"subop\" value=\"add\">";
2564
2565                         print "<table width='100%'>";
2566
2567                         print "<tr><td>Caption:</td>
2568                                 <td><input onkeypress=\"return filterCR(event)\"
2569                                          onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
2570                                          name=\"description\" class=\"iedit\">";
2571
2572                         print "</td></tr>";
2573
2574                         print "<tr><td colspan=\"2\">
2575                                 <p>SQL Expression:</p>";
2576
2577                         print "<textarea onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
2578                                          rows=\"4\" name=\"sql_exp\" class=\"iedit\"></textarea>";
2579
2580                         print "</td></tr></table>";
2581
2582                         print "</form>";
2583
2584                         print "<div style=\"display : none\" id=\"label_test_result\"></div>";
2585
2586                         print "<div align='right'>";
2587
2588                         print "<input type=\"submit\" onclick=\"labelTest()\" value=\"Test\">
2589                                 ";
2590
2591                         print "<input type=\"submit\"
2592                                 id=\"infobox_submit\"
2593                                 disabled=\"true\"
2594                                 class=\"button\" onclick=\"return addLabel()\"
2595                                 value=\"Create\"> ";
2596
2597                         print "<input class=\"button\"
2598                                 type=\"submit\" onclick=\"return labelEditCancel()\"
2599                                 value=\"Cancel\">";
2600                 }
2601
2602                 if ($id == "quickAddFilter") {
2603
2604                         $active_feed_id = db_escape_string($_GET["param"]);
2605
2606                         print "<div id=\"infoBoxTitle\">Create filter</div>";
2607                         print "<div class=\"infoBoxContents\">";
2608
2609                         print "<form id=\"filter_add_form\">";
2610
2611                         print "<input type=\"hidden\" name=\"op\" value=\"pref-filters\">";
2612                         print "<input type=\"hidden\" name=\"quiet\" value=\"1\">";
2613                         print "<input type=\"hidden\" name=\"subop\" value=\"add\">";
2614
2615 //                      print "<div class=\"notice\"><b>Note:</b> filter will only apply to new articles.</div>";
2616
2617                         $result = db_query($link, "SELECT id,description
2618                                 FROM ttrss_filter_types ORDER BY description");
2619
2620                         $filter_types = array();
2621
2622                         while ($line = db_fetch_assoc($result)) {
2623                                 //array_push($filter_types, $line["description"]);
2624                                 $filter_types[$line["id"]] = $line["description"];
2625                         }
2626
2627                         print "<table width='100%'>";
2628
2629                         print "<tr><td>Match:</td>
2630                                 <td><input onkeypress=\"return filterCR(event)\"
2631                                          onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
2632                                         name=\"reg_exp\" class=\"iedit\">";
2633                         print "</td><td>";
2634
2635                         print_select_hash("filter_type", 1, $filter_types, "class=\"iedit\"");
2636
2637                         print "</td></tr>";
2638                         print "<tr><td>Feed:</td><td colspan='2'>";
2639
2640                         print_feed_select($link, "feed_id", $active_feed_id);
2641
2642                         print "</td></tr>";
2643
2644                         print "<tr><td>Action:</td>";
2645
2646                         print "<td colspan='2'><select name=\"action_id\">";
2647
2648                         $result = db_query($link, "SELECT id,description FROM ttrss_filter_actions
2649                                 ORDER BY name");
2650
2651                         while ($line = db_fetch_assoc($result)) {
2652                                 printf("<option value='%d'>%s</option>", $line["id"], $line["description"]);
2653                         }
2654
2655                         print "</select>";
2656
2657                         print "</td></tr></table>";
2658
2659                         print "</form>";
2660
2661                         print "<div align='right'>";
2662
2663                         print "<input type=\"submit\"
2664                                 id=\"infobox_submit\"
2665                                 class=\"button\" onclick=\"return qaddFilter()\"
2666                                 disabled=\"true\" value=\"Create\"> ";
2667
2668                         print "<input class=\"button\"
2669                                 type=\"submit\" onclick=\"return closeInfoBox()\"
2670                                 value=\"Cancel\">";
2671
2672                         print "</div>";
2673
2674 //                      print "</td></tr></table>";
2675
2676                 }
2677
2678                 print "</div>";
2679
2680         }
2681
2682         // update feeds of all users, may be used anonymously
2683         if ($op == "globalUpdateFeeds") {
2684
2685                 $result = db_query($link, "SELECT id FROM ttrss_users");
2686
2687                 while ($line = db_fetch_assoc($result)) {
2688                         $user_id = $line["id"];
2689 //                      print "<!-- updating feeds of uid $user_id -->";
2690                         update_all_feeds($link, false, $user_id);
2691                 }
2692
2693                 print "<rpc-reply>
2694                         <message msg=\"All feeds updated\"/>
2695                 </rpc-reply>";
2696
2697         }
2698
2699         if ($op == "pref-prefs") {
2700
2701                 $subop = $_REQUEST["subop"];
2702
2703                 if ($subop == "Save configuration") {
2704
2705                         if (WEB_DEMO_MODE) {
2706                                 header("Location: prefs.php");
2707                                 return;
2708                         }
2709
2710                         $_SESSION["prefs_op_result"] = "save-config";
2711
2712                         $_SESSION["prefs_cache"] = false;
2713
2714                         foreach (array_keys($_POST) as $pref_name) {
2715
2716                                 $pref_name = db_escape_string($pref_name);
2717                                 $value = db_escape_string($_POST[$pref_name]);
2718
2719                                 $result = db_query($link, "SELECT type_name
2720                                         FROM ttrss_prefs,ttrss_prefs_types
2721                                         WHERE pref_name = '$pref_name' AND type_id = ttrss_prefs_types.id");
2722
2723                                 if (db_num_rows($result) > 0) {
2724
2725                                         $type_name = db_fetch_result($result, 0, "type_name");
2726
2727 //                                      print "$pref_name : $type_name : $value<br>";
2728
2729                                         if ($type_name == "bool") {
2730                                                 if ($value == "1") {
2731                                                         $value = "true";
2732                                                 } else {
2733                                                         $value = "false";
2734                                                 }
2735                                         } else if ($type_name == "integer") {
2736                                                 $value = sprintf("%d", $value);
2737                                         }
2738
2739 //                                      print "$pref_name : $type_name : $value<br>";
2740
2741                                         db_query($link, "UPDATE ttrss_user_prefs SET value = '$value'
2742                                                 WHERE pref_name = '$pref_name' AND owner_uid = ".$_SESSION["uid"]);
2743
2744                                 }
2745
2746                                 header("Location: prefs.php");
2747
2748                         }
2749
2750                 } else if ($subop == "getHelp") {
2751
2752                         $pref_name = db_escape_string($_GET["pn"]);
2753
2754                         $result = db_query($link, "SELECT help_text FROM ttrss_prefs
2755                                 WHERE pref_name = '$pref_name'");
2756
2757                         if (db_num_rows($result) > 0) {
2758                                 $help_text = db_fetch_result($result, 0, "help_text");
2759                                 print $help_text;
2760                         } else {
2761                                 print "Unknown option: $pref_name";
2762                         }
2763
2764                 } else if ($subop == "Change e-mail") {
2765
2766                         if (WEB_DEMO_MODE) {
2767                                 header("Location: prefs.php");
2768                                 return;
2769                         }
2770
2771                         $email = db_escape_string($_GET["email"]);
2772                         $active_uid = $_SESSION["uid"];
2773
2774                         if ($email) {
2775                                 db_query($link, "UPDATE ttrss_users SET email = '$email'
2776                                                 WHERE id = '$active_uid'");
2777                         }
2778
2779                         header("Location: prefs.php");
2780
2781                 } else if ($subop == "Change password") {
2782
2783                         if (WEB_DEMO_MODE) {
2784                                 header("Location: prefs.php");
2785                                 return;
2786                         }
2787
2788                         $old_pw = $_POST["OLD_PASSWORD"];
2789                         $new_pw = $_POST["OLD_PASSWORD"];
2790
2791                         $old_pw_hash = 'SHA1:' . sha1($_POST["OLD_PASSWORD"]);
2792                         $new_pw_hash = 'SHA1:' . sha1($_POST["NEW_PASSWORD"]);
2793
2794                         $active_uid = $_SESSION["uid"];
2795
2796                         if ($old_pw && $new_pw) {
2797
2798                                 $login = db_escape_string($_SERVER['PHP_AUTH_USER']);
2799
2800                                 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
2801                                         id = '$active_uid' AND (pwd_hash = '$old_pw' OR
2802                                                 pwd_hash = '$old_pw_hash')");
2803
2804                                 if (db_num_rows($result) == 1) {
2805                                         db_query($link, "UPDATE ttrss_users SET pwd_hash = '$new_pw_hash'
2806                                                 WHERE id = '$active_uid'");
2807
2808                                         $_SESSION["pwd_change_result"] = "ok";
2809                                 } else {
2810                                         $_SESSION["pwd_change_result"] = "failed";
2811                                 }
2812                         }
2813
2814                         header("Location: prefs.php");
2815
2816                 } else if ($subop == "Reset to defaults") {
2817
2818                         if (WEB_DEMO_MODE) {
2819                                 header("Location: prefs.php");
2820                                 return;
2821                         }
2822
2823                         $_SESSION["prefs_op_result"] = "reset-to-defaults";
2824
2825                         if (DB_TYPE == "pgsql") {
2826                                 db_query($link,"UPDATE ttrss_user_prefs
2827                                         SET value = ttrss_prefs.def_value
2828                                         WHERE owner_uid = '".$_SESSION["uid"]."' AND
2829                                         ttrss_prefs.pref_name = ttrss_user_prefs.pref_name");
2830                         } else {
2831                                 db_query($link, "DELETE FROM ttrss_user_prefs
2832                                         WHERE owner_uid = ".$_SESSION["uid"]);
2833                                 initialize_user_prefs($link, $_SESSION["uid"]);
2834                         }
2835
2836                         header("Location: prefs.php");
2837
2838                 } else if ($subop == "Change theme") {
2839
2840                         $theme = db_escape_string($_POST["theme"]);
2841
2842                         if ($theme == "Default") {
2843                                 $theme_qpart = 'NULL';
2844                         } else {
2845                                 $theme_qpart = "'$theme'";
2846                         }
2847
2848                         $result = db_query($link, "SELECT id,theme_path FROM ttrss_themes
2849                                 WHERE theme_name = '$theme'");
2850
2851                         if (db_num_rows($result) == 1) {
2852                                 $theme_id = db_fetch_result($result, 0, "id");
2853                                 $theme_path = db_fetch_result($result, 0, "theme_path");
2854                         } else {
2855                                 $theme_id = "NULL";
2856                                 $theme_path = "";
2857                         }
2858
2859                         db_query($link, "UPDATE ttrss_users SET
2860                                 theme_id = $theme_id WHERE id = " . $_SESSION["uid"]);
2861
2862                         $_SESSION["theme"] = $theme_path;
2863
2864                         header("Location: prefs.php");
2865
2866                 } else {
2867
2868                         print check_for_update($link);
2869
2870                         if (!SINGLE_USER_MODE) {
2871
2872                                 $result = db_query($link, "SELECT id,email FROM ttrss_users
2873                                         WHERE id = ".$_SESSION["uid"]." AND (pwd_hash = 'password' OR
2874                                                 pwd_hash = 'SHA1:".sha1("password")."')");
2875
2876                                 if (db_num_rows($result) != 0) {
2877                                         print "<div class=\"warning\">
2878                                                 Your password is at default value, please change it.
2879                                         </div>";
2880                                 }
2881
2882                                 if ($_SESSION["pwd_change_result"] == "failed") {
2883                                         print "<div class=\"warning\">
2884                                                         There was an error while changing your password.
2885                                                 </div>";
2886                                 }
2887
2888                                 if ($_SESSION["pwd_change_result"] == "ok") {
2889                                         print "<div class=\"notice\">
2890                                                         Password changed successfully.
2891                                                 </div>";
2892                                 }
2893
2894                                 $_SESSION["pwd_change_result"] = "";
2895
2896                                 if ($_SESSION["prefs_op_result"] == "reset-to-defaults") {
2897                                         print "<div class=\"notice\">
2898                                                         Your configuration was reset to defaults.
2899                                                 </div>";
2900                                 }
2901
2902                                 if ($_SESSION["prefs_op_result"] == "save-config") {
2903                                         print "<div class=\"notice\">
2904                                                         Your configuration was saved successfully.
2905                                                 </div>";
2906                                 }
2907
2908                                 $_SESSION["prefs_op_result"] = "";
2909
2910                                 print "<form action=\"backend.php\" method=\"GET\">";
2911
2912                                 print "<table width=\"100%\" class=\"prefPrefsList\">";
2913                                 print "<tr><td colspan='3'><h3>Personal data</h3></tr></td>";
2914
2915                                 $result = db_query($link, "SELECT email FROM ttrss_users
2916                                         WHERE id = ".$_SESSION["uid"]);
2917
2918                                 $email = db_fetch_result($result, 0, "email");
2919
2920                                 print "<tr><td width=\"40%\">E-mail</td>";
2921                                 print "<td><input class=\"editbox\" name=\"email\"
2922                                         value=\"$email\"></td></tr>";
2923
2924                                 print "</table>";
2925
2926                                 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
2927
2928                                 print "<p><input class=\"button\" type=\"submit\"
2929                                         value=\"Change e-mail\" name=\"subop\">";
2930
2931                                 print "</form>";
2932
2933                                 print "<form action=\"backend.php\" method=\"POST\" name=\"changePassForm\">";
2934
2935                                 print "<table width=\"100%\" class=\"prefPrefsList\">";
2936                                 print "<tr><td colspan='3'><h3>Authentication</h3></tr></td>";
2937
2938                                 print "<tr><td width=\"40%\">Old password</td>";
2939                                 print "<td><input class=\"editbox\" type=\"password\"
2940                                         name=\"OLD_PASSWORD\"></td></tr>";
2941
2942                                 print "<tr><td width=\"40%\">New password</td>";
2943
2944                                 print "<td><input class=\"editbox\" type=\"password\"
2945                                         name=\"NEW_PASSWORD\"></td></tr>";
2946
2947                                 print "</table>";
2948
2949                                 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
2950
2951                                 print "<p><input class=\"button\" type=\"submit\"
2952                                         onclick=\"return validateNewPassword(this.form)\"
2953                                         value=\"Change password\" name=\"subop\">";
2954
2955                                 print "</form>";
2956
2957                         }
2958
2959                         $result = db_query($link, "SELECT
2960                                 theme_id FROM ttrss_users WHERE id = " . $_SESSION["uid"]);
2961
2962                         $user_theme_id = db_fetch_result($result, 0, "theme_id");
2963
2964                         $result = db_query($link, "SELECT
2965                                 id,theme_name FROM ttrss_themes ORDER BY theme_name");
2966
2967                         if (db_num_rows($result) > 0) {
2968
2969                                 print "<form action=\"backend.php\" method=\"POST\">";
2970                                 print "<table width=\"100%\" class=\"prefPrefsList\">";
2971                                 print "<tr><td colspan='3'><h3>Themes</h3></tr></td>";
2972                                 print "<tr><td width=\"40%\">Select theme</td>";
2973                                 print "<td><select name=\"theme\">";
2974                                 print "<option>Default</option>";
2975                                 print "<option disabled>--------</option>";
2976
2977                                 while ($line = db_fetch_assoc($result)) {
2978                                         if ($line["id"] == $user_theme_id) {
2979                                                 $selected = "selected";
2980                                         } else {
2981                                                 $selected = "";
2982                                         }
2983                                         print "<option $selected>" . $line["theme_name"] . "</option>";
2984                                 }
2985                                 print "</select></td></tr>";
2986                                 print "</table>";
2987                                 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
2988                                 print "<p><input class=\"button\" type=\"submit\"
2989                                         value=\"Change theme\" name=\"subop\">";
2990                                 print "</form>";
2991                         }
2992
2993                         initialize_user_prefs($link, $_SESSION["uid"]);
2994
2995                         $result = db_query($link, "SELECT
2996                                 ttrss_user_prefs.pref_name,short_desc,help_text,value,type_name,
2997                                 section_name,def_value
2998                                 FROM ttrss_prefs,ttrss_prefs_types,ttrss_prefs_sections,ttrss_user_prefs
2999                                 WHERE type_id = ttrss_prefs_types.id AND
3000                                         section_id = ttrss_prefs_sections.id AND
3001                                         ttrss_user_prefs.pref_name = ttrss_prefs.pref_name AND
3002                                         owner_uid = ".$_SESSION["uid"]."
3003                                 ORDER BY section_id,short_desc");
3004
3005                         print "<form action=\"backend.php\" method=\"POST\">";
3006
3007                         $lnum = 0;
3008
3009                         $active_section = "";
3010
3011                         while ($line = db_fetch_assoc($result)) {
3012
3013                                 if ($active_section != $line["section_name"]) {
3014
3015                                         if ($active_section != "") {
3016                                                 print "</table>";
3017                                         }
3018
3019                                         print "<p><table width=\"100%\" class=\"prefPrefsList\">";
3020
3021                                         $active_section = $line["section_name"];
3022
3023                                         print "<tr><td colspan=\"3\"><h3>$active_section</h3></td></tr>";
3024 //                                      print "<tr class=\"title\">
3025 //                                              <td width=\"25%\">Option</td><td>Value</td></tr>";
3026
3027                                         $lnum = 0;
3028                                 }
3029
3030 //                              $class = ($lnum % 2) ? "even" : "odd";
3031
3032                                 print "<tr>";
3033
3034                                 $type_name = $line["type_name"];
3035                                 $pref_name = $line["pref_name"];
3036                                 $value = $line["value"];
3037                                 $def_value = $line["def_value"];
3038                                 $help_text = $line["help_text"];
3039
3040                                 print "<td width=\"40%\" id=\"$pref_name\">" . $line["short_desc"];
3041
3042                                 if ($help_text) print "<div class=\"prefHelp\">$help_text</div>";
3043
3044                                 print "</td>";
3045
3046                                 print "<td>";
3047
3048                                 if ($type_name == "bool") {
3049 //                                      print_select($pref_name, $value, array("true", "false"));
3050
3051                                         if ($value == "true") {
3052                                                 $value = "Yes";
3053                                         } else {
3054                                                 $value = "No";
3055                                         }
3056
3057                                         print_radio($pref_name, $value, array("Yes", "No"));
3058
3059                                 } else {
3060                                         print "<input class=\"editbox\" name=\"$pref_name\" value=\"$value\">";
3061                                 }
3062
3063                                 print "</td>";
3064
3065                                 print "</tr>";
3066
3067                                 $lnum++;
3068                         }
3069
3070                         print "</table>";
3071
3072                         print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
3073
3074                         print "<p><input class=\"button\" type=\"submit\"
3075                                 name=\"subop\" value=\"Save configuration\">";
3076
3077                         print "&nbsp;<input class=\"button\" type=\"submit\"
3078                                 name=\"subop\" onclick=\"return validatePrefsReset()\"
3079                                 value=\"Reset to defaults\"></p>";
3080
3081                         print "</form>";
3082
3083                 }
3084
3085         }
3086
3087         if ($op == "pref-users") {
3088
3089                 $subop = $_GET["subop"];
3090
3091                 if ($subop == "edit") {
3092
3093                         $id = db_escape_string($_GET["id"]);
3094
3095                         print "<div id=\"infoBoxTitle\">User editor</div>";
3096
3097                         print "<div class=\"infoBoxContents\">";
3098
3099                         print "<form id=\"user_edit_form\">";
3100
3101                         print "<input type=\"hidden\" name=\"id\" value=\"$id\">";
3102                         print "<input type=\"hidden\" name=\"op\" value=\"pref-users\">";
3103                         print "<input type=\"hidden\" name=\"subop\" value=\"editSave\">";
3104
3105                         $result = db_query($link, "SELECT * FROM ttrss_users WHERE id = '$id'");
3106
3107                         $login = db_fetch_result($result, 0, "login");
3108                         $access_level = db_fetch_result($result, 0, "access_level");
3109                         $email = db_fetch_result($result, 0, "email");
3110
3111                         print "<table width='100%'>";
3112                         print "<tr><td>Login:</td><td>
3113                                 <input class=\"iedit\" onkeypress=\"return filterCR(event)\"
3114                                 name=\"login\" value=\"$login\"></td></tr>";
3115
3116                         print "<tr><td>Change password:</td><td>
3117                                 <input class=\"iedit\" onkeypress=\"return filterCR(event)\"
3118                                 name=\"password\"></td></tr>";
3119
3120                         print "<tr><td>E-mail:</td><td>
3121                                 <input class=\"iedit\" name=\"email\" onkeypress=\"return filterCR(event)\"
3122                                 value=\"$email\"></td></tr>";
3123
3124                         $sel_disabled = ($id == $_SESSION["uid"]) ? "disabled" : "";
3125
3126                         print "<tr><td>Access level:</td><td>";
3127                         print_select_hash("access_level", $access_level, $access_level_names,
3128                                 $sel_disabled);
3129                         print "</td></tr>";
3130
3131                         print "</table>";
3132
3133                         print "</form>";
3134
3135                         print "<div align='right'>
3136                                 <input class=\"button\"
3137                                         type=\"submit\" onclick=\"return userEditSave()\"
3138                                         value=\"Save\">
3139                                 <input class=\"button\"
3140                                         type=\"submit\" onclick=\"return userEditCancel()\"
3141                                         value=\"Cancel\"></div>";
3142
3143                         print "</div>";
3144
3145                         return;
3146                 }
3147
3148                 if ($subop == "editSave") {
3149
3150                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3151
3152                                 $login = db_escape_string(trim($_GET["login"]));
3153                                 $uid = db_escape_string($_GET["id"]);
3154                                 $access_level = sprintf("%d", $_GET["access_level"]);
3155                                 $email = db_escape_string(trim($_GET["email"]));
3156                                 $password = db_escape_string(trim($_GET["password"]));
3157
3158                                 if ($password) {
3159                                         $pwd_hash = 'SHA1:' . sha1($password);
3160                                         $pass_query_part = "pwd_hash = '$pwd_hash', ";
3161                                         print "<div class='notice'>Changed password for user <b>$login</b>.</div>";
3162                                 } else {
3163                                         $pass_query_part = "";
3164                                 }
3165
3166                                 db_query($link, "UPDATE ttrss_users SET $pass_query_part login = '$login',
3167                                         access_level = '$access_level', email = '$email' WHERE id = '$uid'");
3168
3169                         }
3170                 } else if ($subop == "remove") {
3171
3172                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3173
3174                                 $ids = split(",", db_escape_string($_GET["ids"]));
3175
3176                                 foreach ($ids as $id) {
3177                                         db_query($link, "DELETE FROM ttrss_users WHERE id = '$id' AND id != " . $_SESSION["uid"]);
3178
3179                                 }
3180                         }
3181                 } else if ($subop == "add") {
3182
3183                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3184
3185                                 $login = db_escape_string(trim($_GET["login"]));
3186                                 $tmp_user_pwd = make_password(8);
3187                                 $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd);
3188
3189                                 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
3190                                         login = '$login'");
3191
3192                                 if (db_num_rows($result) == 0) {
3193
3194                                         db_query($link, "INSERT INTO ttrss_users
3195                                                 (login,pwd_hash,access_level,last_login)
3196                                                 VALUES ('$login', '$pwd_hash', 0, NOW())");
3197
3198
3199                                         $result = db_query($link, "SELECT id FROM ttrss_users WHERE
3200                                                 login = '$login' AND pwd_hash = '$pwd_hash'");
3201
3202                                         if (db_num_rows($result) == 1) {
3203
3204                                                 $new_uid = db_fetch_result($result, 0, "id");
3205
3206                                                 print "<div class=\"notice\">Added user <b>".$_GET["login"].
3207                                                         "</b> with password <b>$tmp_user_pwd</b>.</div>";
3208
3209                                                 initialize_user($link, $new_uid);
3210
3211                                         } else {
3212
3213                                                 print "<div class=\"warning\">Could not create user <b>".
3214                                                         $_GET["login"]."</b></div>";
3215
3216                                         }
3217                                 } else {
3218                                         print "<div class=\"warning\">User <b>".
3219                                                 $_GET["login"]."</b> already exists.</div>";
3220                                 }
3221                         }
3222                 } else if ($subop == "resetPass") {
3223
3224                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3225
3226                                 $uid = db_escape_string($_GET["id"]);
3227
3228                                 $result = db_query($link, "SELECT login,email
3229                                         FROM ttrss_users WHERE id = '$uid'");
3230
3231                                 $login = db_fetch_result($result, 0, "login");
3232                                 $email = db_fetch_result($result, 0, "email");
3233                                 $tmp_user_pwd = make_password(8);
3234                                 $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd);
3235
3236                                 db_query($link, "UPDATE ttrss_users SET pwd_hash = '$pwd_hash'
3237                                         WHERE id = '$uid'");
3238
3239                                 print "<div class=\"notice\">Changed password of
3240                                         user <b>$login</b> to <b>$tmp_user_pwd</b>.";
3241
3242                                 if (MAIL_RESET_PASS && $email) {
3243                                         print " Notifying <b>$email</b>.";
3244
3245                                         mail("$login <$email>", "Password reset notification",
3246                                                 "Hi, $login.\n".
3247                                                 "\n".
3248                                                 "Your password for this TT-RSS installation was reset by".
3249                                                         " an administrator.\n".
3250                                                 "\n".
3251                                                 "Your new password is $tmp_user_pwd, please remember".
3252                                                         " it for later reference.\n".
3253                                                 "\n".
3254                                                 "Sincerely, TT-RSS Mail Daemon.", "From: " . MAIL_FROM);
3255                                 }
3256
3257                                 print "</div>";
3258
3259                         }
3260                 }
3261
3262                 $sort = db_escape_string($_GET["sort"]);
3263
3264                 if (!$sort || $sort == "undefined") {
3265                         $sort = "login";
3266                 }
3267
3268                 print "<div class=\"prefGenericAddBox\">
3269                         <input id=\"uadd_box\"
3270                                 onkeyup=\"toggleSubmitNotEmpty(this, 'user_add_btn')\"
3271                                 size=\"40\">&nbsp;";
3272
3273                 print"<input type=\"submit\" class=\"button\"
3274                         id=\"user_add_btn\" disabled=\"true\"
3275                         onclick=\"javascript:addUser()\" value=\"Create user\"></div>";
3276
3277                 $result = db_query($link, "SELECT
3278                                 id,login,access_level,email,
3279                                 SUBSTRING(last_login,1,16) as last_login
3280                         FROM
3281                                 ttrss_users
3282                         ORDER BY $sort");
3283
3284 //              print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
3285
3286                 print "<p><table width=\"100%\" cellspacing=\"0\"
3287                         class=\"prefUserList\" id=\"prefUserList\">";
3288
3289                 print "<tr><td class=\"selectPrompt\" colspan=\"8\">
3290                                 Select:
3291                                         <a href=\"javascript:selectPrefRows('user', true)\">All</a>,
3292                                         <a href=\"javascript:selectPrefRows('user', false)\">None</a>
3293                                 </td</tr>";
3294
3295                 print "<tr class=\"title\">
3296                                         <td align='center' width=\"5%\">&nbsp;</td>
3297                                         <td width='40%'><a href=\"javascript:updateUsersList('login')\">Login</a></td>
3298                                         <td width='40%'><a href=\"javascript:updateUsersList('access_level')\">Access Level</a></td>
3299                                         <td width='30%'><a href=\"javascript:updateUsersList('last_login')\">Last login</a></td></tr>";
3300
3301                 $lnum = 0;
3302
3303                 while ($line = db_fetch_assoc($result)) {
3304
3305                         $class = ($lnum % 2) ? "even" : "odd";
3306
3307                         $uid = $line["id"];
3308                         $edit_uid = $_GET["id"];
3309
3310                         if ($subop == "edit" && $uid != $edit_uid) {
3311                                 $class .= "Grayed";
3312                                 $this_row_id = "";
3313                         } else {
3314                                 $this_row_id = "id=\"UMRR-$uid\"";
3315                         }
3316
3317                         print "<tr class=\"$class\" $this_row_id>";
3318
3319                         $line["login"] = htmlspecialchars($line["login"]);
3320
3321                         $line["last_login"] = date(get_pref($link, 'SHORT_DATE_FORMAT'),
3322                                 strtotime($line["last_login"]));
3323
3324                         $access_level_names = array(0 => "User", 10 => "Administrator");
3325
3326 //                      if (!$edit_uid || $subop != "edit") {
3327
3328                                 print "<td align='center'><input onclick='toggleSelectPrefRow(this, \"user\");'
3329                                 type=\"checkbox\" id=\"UMCHK-$uid\"></td>";
3330
3331                                 print "<td><a href=\"javascript:editUser($uid);\">" .
3332                                         $line["login"] . "</td>";
3333
3334                                 if (!$line["email"]) $line["email"] = "&nbsp;";
3335
3336                                 print "<td><a href=\"javascript:editUser($uid);\">" .
3337                                         $access_level_names[$line["access_level"]] . "</td>";
3338
3339 /*                      } else if ($uid != $edit_uid) {
3340
3341                                 if (!$line["email"]) $line["email"] = "&nbsp;";
3342
3343                                 print "<td align='center'><input disabled=\"true\" type=\"checkbox\"
3344                                         id=\"UMCHK-".$line["id"]."\"></td>";
3345
3346                                 print "<td>".$line["login"]."</td>";
3347                                 print "<td>".$line["email"]."</td>";
3348                                 print "<td>".$access_level_names[$line["access_level"]]."</td>";
3349
3350                         } else {
3351
3352                                 print "<td align='center'>
3353                                         <input disabled=\"true\" type=\"checkbox\" checked></td>";
3354
3355                                 print "<td><input id=\"iedit_ulogin\" value=\"".$line["login"].
3356                                         "\"></td>";
3357
3358                                 print "<td><input id=\"iedit_email\" value=\"".$line["email"].
3359                                         "\"></td>";
3360
3361                                 print "<td>";
3362                                 print "<select id=\"iedit_ulevel\">";
3363                                 foreach (array_keys($access_level_names) as $al) {
3364                                         if ($al == $line["access_level"]) {
3365                                                 $selected = "selected";
3366                                         } else {
3367                                                 $selected = "";
3368                                         }
3369                                         print "<option $selected id=\"$al\">" .
3370                                                 $access_level_names[$al] . "</option>";
3371                                 }
3372                                 print "</select>";
3373                                 print "</td>";
3374
3375                         } */
3376
3377                         print "<td>".$line["last_login"]."</td>";
3378
3379                         print "</tr>";
3380
3381                         ++$lnum;
3382                 }
3383
3384                 print "</table>";
3385
3386                 print "<p id='userOpToolbar'>";
3387
3388 /*              if ($subop == "edit") {
3389                         print "Edit user:
3390                                 <input type=\"submit\" class=\"button\"
3391                                         onclick=\"javascript:userEditSave()\" value=\"Save\">
3392                                 <input type=\"submit\" class=\"button\"
3393                                         onclick=\"javascript:userEditCancel()\" value=\"Cancel\">";
3394
3395                 } else { */
3396
3397                         print "
3398                                 Selection:
3399                         <input type=\"submit\" class=\"button\" disabled=\"true\"
3400                                 onclick=\"javascript:selectedUserDetails()\" value=\"User details\">
3401                         <input type=\"submit\" class=\"button\" disabled=\"true\"
3402                                 onclick=\"javascript:editSelectedUser()\" value=\"Edit\">
3403                         <input type=\"submit\" class=\"button\" disabled=\"true\"
3404                                 onclick=\"javascript:removeSelectedUsers()\" value=\"Remove\">
3405                         <input type=\"submit\" class=\"button\" disabled=\"true\"
3406                                 onclick=\"javascript:resetSelectedUserPass()\" value=\"Reset password\">";
3407
3408 //              }
3409         }
3410
3411         if ($op == "user-details") {
3412
3413                 if (WEB_DEMO_MODE || $_SESSION["access_level"] < 10) {
3414                         return;
3415                 }
3416
3417 /*              print "<html><head>
3418                         <title>Tiny Tiny RSS : User Details</title>
3419                         <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">
3420                         <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
3421                         </head><body>"; */
3422
3423                 $uid = sprintf("%d", $_GET["id"]);
3424
3425                 print "<div id=\"infoBoxTitle\">User details</div>";
3426
3427                 print "<div class='infoBoxContents'>";
3428
3429                 $result = db_query($link, "SELECT login,
3430                         SUBSTRING(last_login,1,16) AS last_login,
3431                         access_level,
3432                         (SELECT COUNT(int_id) FROM ttrss_user_entries
3433                                 WHERE owner_uid = id) AS stored_articles
3434                         FROM ttrss_users
3435                         WHERE id = '$uid'");
3436
3437                 if (db_num_rows($result) == 0) {
3438                         print "<h1>User not found</h1>";
3439                         return;
3440                 }
3441
3442 #               print "<h1>User Details</h1>";
3443
3444                 $login = db_fetch_result($result, 0, "login");
3445
3446 #               print "<h1>$login</h1>";
3447
3448                 print "<table width='100%'>";
3449
3450                 $last_login = date(get_pref($link, 'LONG_DATE_FORMAT'),
3451                         strtotime(db_fetch_result($result, 0, "last_login")));
3452                 $access_level = db_fetch_result($result, 0, "access_level");
3453                 $stored_articles = db_fetch_result($result, 0, "stored_articles");
3454
3455 #               print "<tr><td>Username</td><td>$login</td></tr>";
3456 #               print "<tr><td>Access level</td><td>$access_level</td></tr>";
3457                 print "<tr><td>Last logged in</td><td>$last_login</td></tr>";
3458                 print "<tr><td>Stored articles</td><td>$stored_articles</td></tr>";
3459
3460                 $result = db_query($link, "SELECT COUNT(id) as num_feeds FROM ttrss_feeds
3461                         WHERE owner_uid = '$uid'");
3462
3463                 $num_feeds = db_fetch_result($result, 0, "num_feeds");
3464
3465                 print "<tr><td>Subscribed feeds count</td><td>$num_feeds</td></tr>";
3466
3467 /*              $result = db_query($link, "SELECT
3468                         SUM(LENGTH(content)+LENGTH(title)+LENGTH(link)+LENGTH(guid)) AS db_size
3469                         FROM ttrss_user_entries,ttrss_entries
3470                                 WHERE owner_uid = '$uid' AND ref_id = id");
3471
3472                 $db_size = round(db_fetch_result($result, 0, "db_size") / 1024);
3473
3474                 print "<tr><td>Approx. used DB size</td><td>$db_size KBytes</td></tr>";  */
3475
3476                 print "</table>";
3477
3478                 print "<h1>Subscribed feeds</h1>";
3479
3480                 $result = db_query($link, "SELECT id,title,site_url FROM ttrss_feeds
3481                         WHERE owner_uid = '$uid' ORDER BY title");
3482
3483                 print "<ul class=\"userFeedList\">";
3484
3485                 $row_class = "odd";
3486
3487                 while ($line = db_fetch_assoc($result)) {
3488
3489                         $icon_file = ICONS_URL."/".$line["id"].".ico";
3490
3491                         if (file_exists($icon_file) && filesize($icon_file) > 0) {
3492                                 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"$icon_file\">";
3493                         } else {
3494                                 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
3495                         }
3496
3497                         print "<li class=\"$row_class\">$feed_icon&nbsp;<a href=\"".$line["site_url"]."\">".$line["title"]."</a></li>";
3498
3499                         $row_class = toggleEvenOdd($row_class);
3500
3501                 }
3502
3503                 if (db_num_rows($result) < $num_feeds) {
3504                          // FIXME - add link to show ALL subscribed feeds here somewhere
3505                         print "<li><img
3506                                 class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">&nbsp;...</li>";
3507                 }
3508
3509                 print "</ul>";
3510
3511                 print "</div>";
3512
3513                 print "<div align='center'>
3514                         <input type='submit' class='button'
3515                         onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
3516
3517 //              print "</body></html>";
3518
3519         }
3520
3521         if ($op == "pref-feed-browser") {
3522
3523                 if (!ENABLE_FEED_BROWSER) {
3524                         print "Feed browser is administratively disabled.";
3525                         return;
3526                 }
3527
3528                 $subop = $_REQUEST["subop"];
3529
3530                 if ($subop == "details") {
3531                         $id = db_escape_string($_GET["id"]);
3532
3533                         print "<div class=\"browserFeedInfo\">";
3534                         print "<b>Feed information:</b>";
3535                         print "<div class=\"detailsPart\">";
3536
3537                         $result = db_query($link, "SELECT
3538                                         feed_url,site_url,
3539                                         SUBSTRING(last_updated,1,19) AS last_updated
3540                                 FROM ttrss_feeds WHERE id = '$id'");
3541
3542                         $feed_url = db_fetch_result($result, 0, "feed_url");
3543                         $site_url = db_fetch_result($result, 0, "site_url");
3544                         $last_updated = db_fetch_result($result, 0, "last_updated");
3545
3546                         if (get_pref($link, 'HEADLINES_SMART_DATE')) {
3547                                 $last_updated = smart_date_time(strtotime($last_updated));
3548                         } else {
3549                                 $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
3550                                 $last_updated = date($short_date, strtotime($last_updated));
3551                         }
3552
3553                         print "Site: <a target=\"_new\" href='$site_url'>$site_url</a> ".
3554                                 "(<a target=\"_new\" href='$feed_url'>feed</a>), ".
3555                                 "Last updated: $last_updated";
3556
3557                         print "</div>";
3558
3559                         $result = db_query($link, "SELECT
3560                                         ttrss_entries.title,
3561                                         content,link,
3562                                         substring(date_entered,1,19) as date_entered,
3563                                         substring(updated,1,19) as updated
3564                                 FROM ttrss_entries,ttrss_user_entries
3565                                 WHERE   ttrss_entries.id = ref_id AND feed_id = '$id'
3566                                 ORDER BY updated DESC LIMIT 5");
3567
3568                         if (db_num_rows($result) > 0) {
3569
3570                                 print "<b>Last headlines:</b><br>";
3571
3572                                 print "<div class=\"detailsPart\">";
3573                                 print "<ul class=\"compact\">";
3574                                 while ($line = db_fetch_assoc($result)) {
3575
3576                                         if (get_pref($link, 'HEADLINES_SMART_DATE')) {
3577                                                 $entry_dt = smart_date_time(strtotime($line["updated"]));
3578                                         } else {
3579                                                 $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
3580                                                 $entry_dt = date($short_date, strtotime($line["updated"]));
3581                                         }
3582
3583                                         print "<li><a target=\"_new\" href=\"" . $line["link"] . "\">" . $line["title"] . "</a>" .
3584                                                 "&nbsp;<span class=\"insensitive\">($entry_dt)</span></li>";
3585                                 }
3586                                 print "</ul></div>";
3587                         }
3588
3589                         print "</div>";
3590
3591                         return;
3592                 }
3593
3594                 print "<p>This panel shows feeds subscribed by other users of this system, just in case you are interested in some of them too.</p>";
3595
3596                 $limit = db_escape_string($_GET["limit"]);
3597
3598                 if (!$limit) $limit = 25;
3599
3600                 $owner_uid = $_SESSION["uid"];
3601
3602                 $result = db_query($link, "SELECT feed_url,COUNT(id) AS subscribers
3603                         FROM ttrss_feeds WHERE (SELECT COUNT(id) = 0 FROM ttrss_feeds AS tf
3604                                 WHERE tf.feed_url = ttrss_feeds.feed_url
3605                                         AND owner_uid = '$owner_uid') GROUP BY feed_url
3606                                                 ORDER BY subscribers DESC LIMIT $limit");
3607
3608
3609                 print "<div style=\"float : right\">
3610                         Top <select id=\"feedBrowserLimit\">";
3611
3612                 foreach (array(25, 50, 100) as $l) {
3613                         $issel = ($l == $limit) ? "selected" : "";
3614                         print "<option $issel>$l</option>";
3615                 }
3616
3617                 print "</select>
3618                         <input type=\"submit\" class=\"button\"
3619                                 onclick=\"updateBigFeedBrowser()\" value=\"Show\">
3620                 </div>";
3621
3622                 print "<p id=\"fbrOpToolbar\">Selection:
3623                         <input type='submit' class='button' onclick=\"feedBrowserSubscribe()\"
3624                         disabled=\"true\" value=\"Subscribe\">";
3625
3626                 print "<ul class='nomarks' id='browseBigFeedList'>";
3627
3628                 $feedctr = 0;
3629
3630                 while ($line = db_fetch_assoc($result)) {
3631                         $feed_url = $line["feed_url"];
3632                         $subscribers = $line["subscribers"];
3633
3634                         $det_result = db_query($link, "SELECT site_url,title,id
3635                                 FROM ttrss_feeds WHERE feed_url = '$feed_url' LIMIT 1");
3636
3637                         $details = db_fetch_assoc($det_result);
3638
3639                         $icon_file = ICONS_DIR . "/" . $details["id"] . ".ico";
3640
3641                         if (file_exists($icon_file) && filesize($icon_file) > 0) {
3642                                         $feed_icon = "<img class=\"tinyFeedIcon\"       src=\"" . ICONS_URL .
3643                                                 "/".$details["id"].".ico\">";
3644                         } else {
3645                                 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
3646                         }
3647
3648                         $check_box = "<input onclick='toggleSelectFBListRow(this)' class='feedBrowseCB'
3649                                 type=\"checkbox\" id=\"FBCHK-" . $details["id"] . "\">";
3650
3651                         $class = ($feedctr % 2) ? "even" : "odd";
3652
3653                         print "<li class='$class' id=\"FBROW-".$details["id"]."\">$check_box".
3654                                 "$feed_icon ";
3655
3656                         print "<a href=\"javascript:browserToggleExpand('".$details["id"]."')\">" .
3657                                 $details["title"] ."</a>&nbsp;" .
3658                                 "<span class='subscribers'>($subscribers)</span>";
3659
3660                         print "<div class=\"browserDetails\" id=\"BRDET-" . $details["id"] . "\">";
3661                         print "</div>";
3662
3663                         print "</li>";
3664
3665                                 ++$feedctr;
3666                 }
3667
3668                 if ($feedctr == 0) {
3669                         print "<li>No feeds found to subscribe.</li>";
3670                 }
3671
3672                 print "</ul>";
3673
3674                 print "</div>";
3675
3676         }
3677
3678         if ($op == "rss") {
3679                 $feed = db_escape_string($_GET["id"]);
3680                 $user = db_escape_string($_GET["user"]);
3681                 $pass = db_escape_string($_GET["pass"]);
3682                 $is_cat = $_GET["is_cat"] != false;
3683
3684                 $search = db_escape_string($_GET["q"]);
3685                 $match_on = db_escape_string($_GET["m"]);
3686                 $search_mode = db_escape_string($_GET["smode"]);
3687
3688                 if (!$_SESSION["uid"] && $user && $pass) {
3689                         authenticate_user($link, $user, $pass);
3690                 }
3691
3692                 if ($_SESSION["uid"] ||
3693                         http_authenticate_user($link)) {
3694
3695                                 generate_syndicated_feed($link, $feed, $is_cat,
3696                                         $search, $search_mode, $match_on);
3697                 }
3698         }
3699
3700         function check_configuration_variables() {
3701                 if (!defined('SESSION_EXPIRE_TIME')) {
3702                         return "config: SESSION_EXPIRE_TIME is undefined";
3703                 }
3704
3705                 if (SESSION_EXPIRE_TIME < 60) {
3706                         return "config: SESSION_EXPIRE_TIME is too low (less than 60)";
3707                 }
3708
3709                 if (SESSION_EXPIRE_TIME < SESSION_COOKIE_LIFETIME_REMEMBER) {
3710                         return "config: SESSION_EXPIRE_TIME should be greater or equal to" .
3711                                 "SESSION_COOKIE_LIFETIME_REMEMBER";
3712                 }
3713
3714                 if (defined('DISABLE_SESSIONS')) {
3715                         return "config: you have enabled DISABLE_SESSIONS. Please disable this option.";
3716                 }
3717
3718                 if (DATABASE_BACKED_SESSIONS && SINGLE_USER_MODE) {
3719                         return "config: DATABASE_BACKED_SESSIONS is incompatible with SINGLE_USER_MODE";
3720                 }
3721
3722                 return false;
3723         }
3724
3725         if ($op == "labelFromSearch") {
3726                 $search = db_escape_string($_GET["search"]);
3727                 $search_mode = db_escape_string($_GET["smode"]);
3728                 $match_on = db_escape_string($_GET["match"]);
3729                 $is_cat = db_escape_string($_GET["is_cat"]);
3730                 $title = db_escape_string($_GET["title"]);
3731                 $feed = sprintf("%d", $_GET["feed"]);
3732
3733                 $label_qparts = array();
3734
3735                 $search_expr = getSearchSql($search, $match_on);
3736
3737                 if ($is_cat) {
3738                         if ($feed != 0) {
3739                                 $search_expr .= " AND ttrss_feeds.cat_id = $feed ";
3740                         } else {
3741                                 $search_expr .= " AND ttrss_feeds.cat_id IS NULL ";
3742                         }
3743                 } else {
3744                         if ($search_mode == "all_feeds") {
3745                                 // NOOP
3746                         } else if ($search_mode == "this_cat") {
3747
3748                                 $tmp_result = db_query($link, "SELECT cat_id
3749                                         FROM ttrss_feeds WHERE id = '$feed'");
3750
3751                                 $cat_id = db_fetch_result($tmp_result, 0, "cat_id");
3752
3753                                 if ($cat_id > 0) {
3754                                         $search_expr .= " AND ttrss_feeds.cat_id = $cat_id ";
3755                                 } else {
3756                                         $search_expr .= " AND ttrss_feeds.cat_id IS NULL ";
3757                                 }
3758                         } else {
3759                                 $search_expr .= " AND ttrss_feeds.id = $feed ";
3760                         }
3761
3762                 }
3763
3764                 $search_expr = db_escape_string($search_expr);
3765
3766                 print $search_expr;
3767
3768                 if ($title) {
3769                         $result = db_query($link,
3770                                 "INSERT INTO ttrss_labels (sql_exp,description,owner_uid)
3771                                 VALUES ('$search_expr', '$title', '".$_SESSION["uid"]."')");
3772                 }
3773         }
3774
3775         if ($op == "getUnread") {
3776                 $login = db_escape_string($_GET["login"]);
3777
3778                 header("Content-Type: text/plain; charset=utf-8");
3779
3780                 $result = db_query($link, "SELECT id FROM ttrss_users WHERE login = '$login'");
3781
3782                 if (db_num_rows($result) == 1) {
3783                         $uid = db_fetch_result($result, 0, "id");
3784                         print getGlobalUnread($link, $uid);
3785                 } else {
3786                         print "-1;User not found";
3787                 }
3788
3789                 $print_exec_time = false;
3790         }
3791
3792         if ($op == "digestTest") {
3793                 header("Content-Type: text/plain");
3794                 print_r(prepare_headlines_digest($link, $_SESSION["uid"]));
3795                 $print_exec_time = false;
3796
3797         }
3798
3799         if ($op == "digestSend") {
3800                 header("Content-Type: text/plain");
3801                 send_headlines_digests($link);
3802                 $print_exec_time = false;
3803
3804         }
3805
3806         db_close($link);
3807 ?>
3808
3809 <?php if ($print_exec_time) { ?>
3810 <!-- <?php echo sprintf("Backend execution time: %.4f seconds", getmicrotime() - $script_started) ?> -->
3811 <?php } ?>