backend.php

   1 <?
   2         session_start();
   3
   4         if ($_GET["debug"]) {
   5                 define('DEFAULT_ERROR_LEVEL', E_ALL);
   6         } else {
   7                 define('DEFAULT_ERROR_LEVEL', E_ERROR | E_WARNING | E_PARSE);
   8         }
   9
  10         error_reporting(DEFAULT_ERROR_LEVEL);
  11
  12         $op = $_REQUEST["op"];
  13
  14         if ((!$op || $op == "rpc" || $op == "globalUpdateFeeds") && !$_REQUEST["noxml"]) {
  15                 header("Content-Type: application/xml");
  16         }
  17
  18         if (!$_SESSION["uid"] && $op != "globalUpdateFeeds") {
  19
  20                 if ($op == "rpc") {
  21                         print "<error error-code=\"6\"/>";
  22                 }
  23                 exit;
  24         }
  25
  26         if (!$op) {
  27                 print "<error error-code=\"7\"/>";
  28                 exit;
  29         }
  30
  31         define('SCHEMA_VERSION', 5);
  32
  33         require_once "sanity_check.php";
  34         require_once "config.php";
  35         require_once "db.php";
  36         require_once "db-prefs.php";
  37         require_once "functions.php";
  38         require_once "magpierss/rss_fetch.inc";
  39
  40         $script_started = getmicrotime();
  41
  42         $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
  43
  44         if (!$link) {
  45                 if (DB_TYPE == "mysql") {
  46                         print mysql_error();
  47                 }
  48                 // PG seems to display its own errors just fine by default.
  49                 return;
  50         }
  51
  52         if (DB_TYPE == "pgsql") {
  53                 pg_query("set client_encoding = 'utf-8'");
  54         }
  55
  56         if ($_SESSION["uid"]) {
  57                 if (get_pref($link, "HIDE_READ_FEEDS") == "true") {
  58                         setcookie("ttrss_vf_hreadf", 1);
  59                 } else {
  60                         setcookie("ttrss_vf_hreadf", 0);
  61                 }
  62
  63                 setcookie('ttrss_vf_refresh', FEEDS_FRAME_REFRESH);
  64                 setcookie('ttrss_vf_daemon', ENABLE_UPDATE_DAEMON);
  65         }
  66
  67         $fetch = $_GET["fetch"];
  68
  69         setcookie("ttrss_icons_url", ICONS_URL);
  70
  71         if (!sanity_check($link)) { return; }
  72
  73         function getAllCounters($link) {
  74                 getLabelCounters($link);
  75                 getFeedCounters($link);
  76                 getTagCounters($link);
  77                 getGlobalCounters($link);
  78                 if (get_pref($link, 'ENABLE_FEED_CATS')) {
  79                         getCategoryCounters($link);
  80                 }
  81         }
  82
  83         function getCategoryCounters($link) {
  84                 $result = db_query($link, "SELECT cat_id,SUM((SELECT COUNT(int_id)
  85                                 FROM ttrss_user_entries WHERE feed_id = ttrss_feeds.id
  86                                         AND unread = true)) AS unread FROM ttrss_feeds
  87                         WHERE
  88                                 owner_uid = ".$_SESSION["uid"]." GROUP BY cat_id");
  89
  90                 while ($line = db_fetch_assoc($result)) {
  91                         $line["cat_id"] = sprintf("%d", $line["cat_id"]);
  92                         print "<counter type=\"category\" id=\"".$line["cat_id"]."\" counter=\"".
  93                                 $line["unread"]."\"/>";
  94                 }
  95         }
  96
  97         function getFeedUnread($link, $feed) {
  98                 $n_feed = sprintf("%d", $feed);
  99
 100                 if ($n_feed == -1) {
 101                         $match_part = "marked = true";
 102                 } else if ($feed > 0) {
 103                         $match_part = "feed_id = '$n_feed'";
 104                 } else if ($feed < -10) {
 105                         $label_id = -$feed - 11;
 106
 107                         $result = db_query($link, "SELECT sql_exp FROM ttrss_labels WHERE
 108                                 id = '$label_id' AND owner_uid = " . $_SESSION["uid"]);
 109
 110                         $match_part = db_fetch_result($result, 0, "sql_exp");
 111                 }
 112
 113                 if ($match_part) {
 114
 115                         $result = db_query($link, "SELECT count(int_id) AS unread
 116                                 FROM ttrss_user_entries
 117                                 WHERE   unread = true AND $match_part AND owner_uid = " . $_SESSION["uid"]);
 118
 119                 } else {
 120
 121                         $result = db_query($link, "SELECT COUNT(post_int_id) AS unread
 122                                 FROM ttrss_tags,ttrss_user_entries
 123                                 WHERE tag_name = '$feed' AND post_int_id = int_id AND unread = true AND
 124                                         ttrss_tags.owner_uid = " . $_SESSION["uid"]);
 125                 }
 126
 127                 $unread = db_fetch_result($result, 0, "unread");
 128                 return $unread;
 129         }
 130
 131         /* FIXME this needs reworking */
 132
 133         function getGlobalUnread($link) {
 134                 $result = db_query($link, "SELECT count(id) as c_id FROM ttrss_entries,ttrss_user_entries
 135                         WHERE unread = true AND
 136                         ttrss_user_entries.ref_id = ttrss_entries.id AND
 137                         owner_uid = " . $_SESSION["uid"]);
 138                 $c_id = db_fetch_result($result, 0, "c_id");
 139                 return $c_id;
 140         }
 141
 142         function getGlobalCounters($link, $global_unread = -1) {
 143                 if ($global_unread == -1) {
 144                         $global_unread = getGlobalUnread($link);
 145                 }
 146                 print "<counter type=\"global\" id='global-unread' counter='$global_unread'/>";
 147         }
 148
 149         function getTagCounters($link, $smart_mode = SMART_RPC_COUNTERS) {
 150
 151                 if ($smart_mode) {
 152                         if (!$_SESSION["tctr_last_value"]) {
 153                                 $_SESSION["tctr_last_value"] = array();
 154                         }
 155                 }
 156
 157                 $old_counters = $_SESSION["tctr_last_value"];
 158
 159                 $tctrs_modified = false;
 160
 161 /*              $result = db_query($link, "SELECT tag_name,count(ttrss_entries.id) AS count
 162                         FROM ttrss_tags,ttrss_entries,ttrss_user_entries WHERE
 163                         ttrss_user_entries.ref_id = ttrss_entries.id AND
 164                         ttrss_tags.owner_uid = ".$_SESSION["uid"]." AND
 165                         post_int_id = ttrss_user_entries.int_id AND unread = true GROUP BY tag_name
 166                 UNION
 167                         select tag_name,0 as count FROM ttrss_tags
 168                         WHERE ttrss_tags.owner_uid = ".$_SESSION["uid"]); */
 169
 170                 $result = db_query($link, "SELECT tag_name,SUM((SELECT COUNT(int_id)
 171                         FROM ttrss_user_entries WHERE int_id = post_int_id
 172                                 AND unread = true)) AS count FROM ttrss_tags
 173                         WHERE owner_uid = 2 GROUP BY tag_name ORDER BY tag_name");
 174
 175                 $tags = array();
 176
 177                 while ($line = db_fetch_assoc($result)) {
 178                         $tags[$line["tag_name"]] += $line["count"];
 179                 }
 180
 181                 foreach (array_keys($tags) as $tag) {
 182                         $unread = $tags[$tag];
 183
 184                         $tag = htmlspecialchars($tag);
 185
 186                         if (!$smart_mode || $old_counters[$tag] != $unread) {
 187                                 $old_counters[$tag] = $unread;
 188                                 $tctrs_modified = true;
 189                                 print "<counter type=\"tag\" id=\"$tag\" counter=\"$unread\"/>";
 190                         }
 191
 192                 }
 193
 194                 if ($smart_mode && $tctrs_modified) {
 195                         $_SESSION["tctr_last_value"] = $old_counters;
 196                 }
 197
 198         }
 199
 200         function getLabelCounters($link, $smart_mode = SMART_RPC_COUNTERS) {
 201
 202                 if ($smart_mode) {
 203                         if (!$_SESSION["lctr_last_value"]) {
 204                                 $_SESSION["lctr_last_value"] = array();
 205                         }
 206                 }
 207
 208                 $old_counters = $_SESSION["lctr_last_value"];
 209                 $lctrs_modified = false;
 210
 211                 $result = db_query($link, "SELECT count(id) as count FROM ttrss_entries,ttrss_user_entries
 212                         WHERE marked = true AND ttrss_user_entries.ref_id = ttrss_entries.id AND
 213                         unread = true AND owner_uid = ".$_SESSION["uid"]);
 214
 215                 $count = db_fetch_result($result, 0, "count");
 216
 217                 print "<counter type=\"label\" id=\"-1\" counter=\"$count\"/>";
 218
 219                 $result = db_query($link, "SELECT owner_uid,id,sql_exp,description FROM
 220                         ttrss_labels WHERE owner_uid = ".$_SESSION["uid"]." ORDER by description");
 221
 222                 while ($line = db_fetch_assoc($result)) {
 223
 224                         $id = -$line["id"] - 11;
 225
 226                         error_reporting (0);
 227
 228                         $tmp_result = db_query($link, "SELECT count(id) as count FROM ttrss_user_entries,ttrss_entries
 229                                 WHERE (" . $line["sql_exp"] . ") AND unread = true AND
 230                                 ttrss_user_entries.ref_id = ttrss_entries.id AND
 231                                 owner_uid = ".$_SESSION["uid"]);
 232
 233                         $count = db_fetch_result($tmp_result, 0, "count");
 234
 235                         if (!$smart_mode || $old_counters[$id] != $count) {
 236                                 $old_counters[$id] = $count;
 237                                 $lctrs_modified = true;
 238                                 print "<counter type=\"label\" id=\"$id\" counter=\"$count\"/>";
 239                         }
 240
 241                         error_reporting (DEFAULT_ERROR_LEVEL);
 242                 }
 243
 244                 if ($smart_mode && $lctrs_modified) {
 245                         $_SESSION["lctr_last_value"] = $old_counters;
 246                 }
 247         }
 248
 249 /*      function getFeedCounter($link, $id) {
 250
 251                 $result = db_query($link, "SELECT
 252                                 count(id) as count,last_error
 253                         FROM ttrss_entries,ttrss_user_entries,ttrss_feeds
 254                         WHERE feed_id = '$id' AND unread = true
 255                         AND ttrss_user_entries.feed_id = ttrss_feeds.id
 256                         AND ttrss_user_entries.ref_id = ttrss_entries.id");
 257
 258                         $count = db_fetch_result($result, 0, "count");
 259                         $last_error = htmlspecialchars(db_fetch_result($result, 0, "last_error"));
 260
 261                         print "<counter type=\"feed\" id=\"$id\" counter=\"$count\" error=\"$last_error\"/>";
 262         } */
 263
 264         function getFeedCounters($link, $smart_mode = SMART_RPC_COUNTERS) {
 265
 266                 if ($smart_mode) {
 267                         if (!$_SESSION["fctr_last_value"]) {
 268                                 $_SESSION["fctr_last_value"] = array();
 269                         }
 270                 }
 271
 272                 $old_counters = $_SESSION["fctr_last_value"];
 273
 274                 $result = db_query($link, "SELECT id,last_error,parent_feed,
 275                         (SELECT count(id)
 276                                 FROM ttrss_entries,ttrss_user_entries
 277                                 WHERE feed_id = ttrss_feeds.id AND
 278                                         ttrss_user_entries.ref_id = ttrss_entries.id
 279                                 AND unread = true AND owner_uid = ".$_SESSION["uid"].") as count
 280                         FROM ttrss_feeds WHERE owner_uid = ".$_SESSION["uid"] . "
 281                                 AND parent_feed IS NULL");
 282
 283                 $fctrs_modified = false;
 284
 285                 while ($line = db_fetch_assoc($result)) {
 286
 287                         $id = $line["id"];
 288                         $count = $line["count"];
 289                         $last_error = htmlspecialchars($line["last_error"]);
 290
 291                         $has_img = is_file(ICONS_DIR . "/$id.ico");
 292
 293                         $tmp_result = db_query($link,
 294                                 "SELECT id,COUNT(unread) AS unread
 295                                 FROM ttrss_feeds LEFT JOIN ttrss_user_entries
 296                                         ON (ttrss_feeds.id = ttrss_user_entries.feed_id)
 297                                 WHERE parent_feed = '$id' AND unread = true GROUP BY ttrss_feeds.id");
 298
 299                         if (db_num_rows($tmp_result) > 0) {
 300                                 while ($l = db_fetch_assoc($tmp_result)) {
 301                                         $count += $l["unread"];
 302                                 }
 303                         }
 304
 305                         if (!$smart_mode || $old_counters[$id] != $count) {
 306                                 $old_counters[$id] = $count;
 307                                 $fctrs_modified = true;
 308
 309                                 if ($last_error) {
 310                                         $error_part = "error=\"$last_error\"";
 311                                 } else {
 312                                         $error_part = "";
 313                                 }
 314
 315                                 if ($has_img) {
 316                                         $has_img_part = "hi=\"$has_img\"";
 317                                 } else {
 318                                         $has_img_part = "";
 319                                 }
 320
 321                                 print "<counter type=\"feed\" id=\"$id\" counter=\"$count\" $has_img_part $error_part/>";
 322                         }
 323                 }
 324
 325                 if ($smart_mode && $fctrs_modified) {
 326                         $_SESSION["fctr_last_value"] = $old_counters;
 327                 }
 328         }
 329
 330         function outputFeedList($link, $tags = false) {
 331
 332                 print "<html><head>
 333                         <title>Tiny Tiny RSS : Feedlist</title>
 334                         <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">";
 335
 336                 $user_theme = $_SESSION["theme"];
 337                 if ($user_theme) {
 338                         print "<link rel=\"stylesheet\" type=\"text/css\"
 339                                 href=\"themes/$user_theme/theme.css\">";
 340                 }
 341
 342                 if (get_pref($link, 'USE_COMPACT_STYLESHEET')) {
 343                         print "<link rel=\"stylesheet\" type=\"text/css\"
 344                                 href=\"tt-rss_compact.css\"/>";
 345                 } else {
 346                         print "<link title=\"Compact Stylesheet\" rel=\"alternate stylesheet\"
 347                                         type=\"text/css\" href=\"tt-rss_compact.css\"/>";
 348                 }
 349
 350                 print "<script type=\"text/javascript\" src=\"functions.js\"></script>
 351                         <script type=\"text/javascript\" src=\"feedlist.js\"></script>
 352                         <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
 353                         <!--[if gte IE 5.5000]>
 354                         <script type=\"text/javascript\" src=\"pngfix.js\"></script>
 355                         <link rel=\"stylesheet\" type=\"text/css\" href=\"tt-rss-ie.css\">
 356                         <![endif]-->
 357                         </head><body onload=\"init()\">";
 358
 359                 print "<ul class=\"feedList\" id=\"feedList\">";
 360
 361                 $owner_uid = $_SESSION["uid"];
 362
 363                 if (!$tags) {
 364
 365                         /* virtual feeds */
 366
 367                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 368                                 print "<li class=\"feedCat\">Special</li>";
 369                                 print "<li id=\"feedCatHolder\"><ul class=\"feedCatList\">";
 370                         }
 371
 372                         $result = db_query($link, "SELECT count(id) as num_starred
 373                                 FROM ttrss_entries,ttrss_user_entries
 374                                 WHERE marked = true AND
 375                                 ttrss_user_entries.ref_id = ttrss_entries.id AND
 376                                 unread = true AND owner_uid = '$owner_uid'");
 377                         $num_starred = db_fetch_result($result, 0, "num_starred");
 378
 379                         $class = "virt";
 380
 381                         if ($num_starred > 0) $class .= "Unread";
 382
 383                         printFeedEntry(-1, $class, "Starred articles", $num_starred,
 384                                 "images/mark_set.png", $link);
 385
 386                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 387                                 print "</li></ul>";
 388                         }
 389
 390                         if (GLOBAL_ENABLE_LABELS && get_pref($link, 'ENABLE_LABELS')) {
 391
 392                                 $result = db_query($link, "SELECT id,sql_exp,description FROM
 393                                         ttrss_labels WHERE owner_uid = '$owner_uid' ORDER by description");
 394
 395                                 if (db_num_rows($result) > 0) {
 396                                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 397                                                 print "<li class=\"feedCat\">Labels</li>";
 398                                                 print "<li id=\"feedCatHolder\"><ul class=\"feedCatList\">";
 399                                         } else {
 400                                                 print "<li><hr></li>";
 401                                         }
 402                                 }
 403
 404                                 while ($line = db_fetch_assoc($result)) {
 405
 406                                         error_reporting (0);
 407
 408                                         $tmp_result = db_query($link, "SELECT count(id) as count
 409                                                 FROM ttrss_entries,ttrss_user_entries
 410                                                 WHERE (" . $line["sql_exp"] . ") AND unread = true AND
 411                                                 ttrss_user_entries.ref_id = ttrss_entries.id
 412                                                 AND owner_uid = '$owner_uid'");
 413
 414                                         $count = db_fetch_result($tmp_result, 0, "count");
 415
 416                                         $class = "label";
 417
 418                                         if ($count > 0) {
 419                                                 $class .= "Unread";
 420                                         }
 421
 422                                         error_reporting (DEFAULT_ERROR_LEVEL);
 423
 424                                         printFeedEntry(-$line["id"]-11,
 425                                                 $class, $line["description"], $count, "images/label.png", $link);
 426
 427                                 }
 428
 429                                 if (db_num_rows($result) > 0) {
 430                                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 431                                                 print "</li></ul>";
 432                                         }
 433                                 }
 434
 435                         }
 436
 437 //                      if (!get_pref($link, 'ENABLE_FEED_CATS')) {
 438                                 print "<li><hr></li>";
 439 //                      }
 440
 441                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 442                                 $order_by_qpart = "category,title";
 443                         } else {
 444                                 $order_by_qpart = "title";
 445                         }
 446
 447                         $result = db_query($link, "SELECT ttrss_feeds.*,
 448                                 (SELECT COUNT(id) FROM ttrss_entries,ttrss_user_entries
 449                                         WHERE feed_id = ttrss_feeds.id AND
 450                                         ttrss_user_entries.ref_id = ttrss_entries.id AND
 451                                         owner_uid = '$owner_uid') AS total,
 452                                 (SELECT COUNT(id) FROM ttrss_entries,ttrss_user_entries
 453                                         WHERE feed_id = ttrss_feeds.id AND unread = true
 454                                                 AND ttrss_user_entries.ref_id = ttrss_entries.id
 455                                                 AND owner_uid = '$owner_uid') as unread,
 456                                 cat_id,last_error,
 457                                 ttrss_feed_categories.title AS category,
 458                                 ttrss_feed_categories.collapsed
 459                                 FROM ttrss_feeds LEFT JOIN ttrss_feed_categories
 460                                         ON (ttrss_feed_categories.id = cat_id)
 461                                 WHERE
 462                                         ttrss_feeds.owner_uid = '$owner_uid' AND parent_feed IS NULL
 463                                 ORDER BY $order_by_qpart");
 464
 465                         $actid = $_GET["actid"];
 466
 467                         /* real feeds */
 468
 469                         $lnum = 0;
 470
 471                         $total_unread = 0;
 472
 473                         $category = "";
 474
 475                         while ($line = db_fetch_assoc($result)) {
 476
 477                                 $feed = db_unescape_string($line["title"]);
 478                                 $feed_id = $line["id"];
 479
 480                                 $subop = $_GET["subop"];
 481
 482                                 $total = $line["total"];
 483                                 $unread = $line["unread"];
 484
 485                                 $tmp_result = db_query($link,
 486                                         "SELECT id,COUNT(unread) AS unread
 487                                         FROM ttrss_feeds LEFT JOIN ttrss_user_entries
 488                                                 ON (ttrss_feeds.id = ttrss_user_entries.feed_id)
 489                                         WHERE parent_feed = '$feed_id' AND unread = true
 490                                         GROUP BY ttrss_feeds.id");
 491
 492                                 if (db_num_rows($tmp_result) > 0) {
 493                                         while ($l = db_fetch_assoc($tmp_result)) {
 494                                                 $unread += $l["unread"];
 495                                         }
 496                                 }
 497
 498                                 $cat_id = $line["cat_id"];
 499
 500                                 $tmp_category = $line["category"];
 501
 502                                 if (!$tmp_category) {
 503                                         $tmp_category = "Uncategorized";
 504                                 }
 505
 506         //                      $class = ($lnum % 2) ? "even" : "odd";
 507
 508                                 if ($line["last_error"]) {
 509                                         $class = "error";
 510                                 } else {
 511                                         $class = "feed";
 512                                 }
 513
 514                                 if ($unread > 0) $class .= "Unread";
 515
 516                                 if ($actid == $feed_id) {
 517                                         $class .= "Selected";
 518                                 }
 519
 520                                 $total_unread += $unread;
 521
 522                                 if ($category != $tmp_category && get_pref($link, 'ENABLE_FEED_CATS')) {
 523
 524                                         if ($category) {
 525                                                 print "</li></ul></li>";
 526                                         }
 527
 528                                         $category = $tmp_category;
 529
 530                                         $collapsed = $line["collapsed"];
 531
 532                                         // workaround for NULL category
 533                                         if ($category == "Uncategorized") {
 534                                                 if ($_COOKIE["ttrss_vf_uclps"] == 1) {
 535                                                         $collapsed = "t";
 536                                                 }
 537                                         }
 538
 539                                         if ($collapsed == "t" || $collapsed == "1") {
 540                                                 $holder_class = "invisible";
 541                                                 $ellipsis = "...";
 542                                         } else {
 543                                                 $holder_class = "";
 544                                                 $ellipsis = "";
 545                                         }
 546
 547                                         if ($cat_id) {
 548                                                 $cat_id_qpart = "cat_id = '$cat_id'";
 549                                         } else {
 550                                                 $cat_id_qpart = "cat_id IS NULL";
 551                                         }
 552
 553                                         $tmp_result = db_query($link, "SELECT count(int_id) AS unread
 554                                                 FROM ttrss_user_entries,ttrss_feeds WHERE
 555                                                         unread = true AND
 556                                                         feed_id = ttrss_feeds.id AND $cat_id_qpart AND
 557                                                         ttrss_user_entries.owner_uid = " . $_SESSION["uid"]);
 558
 559                                         $cat_unread = db_fetch_result($tmp_result, 0, "unread");
 560
 561                                         $cat_id = sprintf("%d", $cat_id);
 562
 563                                         print "<li class=\"feedCat\" id=\"FCAT-$cat_id\">
 564                                                 <a href=\"javascript:toggleCollapseCat($cat_id)\">$tmp_category
 565                                                         <span id=\"FCATCTR-$cat_id\"
 566                                                         class=\"$catctr_class\">($cat_unread unread)$ellipsis</span></a></li>";
 567
 568                                         // !!! NO SPACE before <ul...feedCatList - breaks firstChild DOM function
 569                                         // -> keyboard navigation, etc.
 570                                         print "<li id=\"feedCatHolder\" class=\"$holder_class\"><ul class=\"feedCatList\" id=\"FCATLIST-$cat_id\">";
 571                                 }
 572
 573                                 printFeedEntry($feed_id, $class, $feed, $unread,
 574                                         "icons/$feed_id.ico", $link);
 575
 576                                 ++$lnum;
 577                         }
 578
 579                 } else {
 580
 581                         // tags
 582
 583 /*                      $result = db_query($link, "SELECT tag_name,count(ttrss_entries.id) AS count
 584                                 FROM ttrss_tags,ttrss_entries,ttrss_user_entries WHERE
 585                                 post_int_id = ttrss_user_entries.int_id AND
 586                                 unread = true AND ref_id = ttrss_entries.id
 587                                 AND ttrss_tags.owner_uid = '$owner_uid' GROUP BY tag_name
 588                         UNION
 589                                 select tag_name,0 as count FROM ttrss_tags WHERE owner_uid = '$owner_uid'
 590                         ORDER BY tag_name"); */
 591
 592                         $result = db_query($link, "SELECT tag_name,SUM((SELECT COUNT(int_id)
 593                                 FROM ttrss_user_entries WHERE int_id = post_int_id
 594                                         AND unread = true)) AS count FROM ttrss_tags
 595                                 WHERE owner_uid = 2 GROUP BY tag_name ORDER BY tag_name");
 596
 597                         $tags = array();
 598
 599                         while ($line = db_fetch_assoc($result)) {
 600                                 $tags[$line["tag_name"]] += $line["count"];
 601                         }
 602
 603                         foreach (array_keys($tags) as $tag) {
 604
 605                                 $unread = $tags[$tag];
 606
 607                                 $class = "tag";
 608
 609                                 if ($unread > 0) {
 610                                         $class .= "Unread";
 611                                 }
 612
 613                                 printFeedEntry($tag, $class, $tag, $unread, "images/tag.png", $link);
 614
 615                         }
 616
 617                 }
 618
 619                 if (db_num_rows($result) == 0) {
 620                         if ($tags) {
 621                                 $what = "tags";
 622                         } else {
 623                                 $what = "feeds";
 624                         }
 625                         print "<li>No $what to display.</li>";
 626                 }
 627
 628                 print "</ul>";
 629
 630         }
 631
 632
 633         if ($op == "rpc") {
 634
 635                 $subop = $_GET["subop"];
 636
 637                 if ($subop == "setpref") {
 638                         if (WEB_DEMO_MODE) {
 639                                 return;
 640                         }
 641
 642                         print "<rpc-reply>";
 643
 644                         $key = db_escape_string($_GET["key"]);
 645                         $value = db_escape_string($_GET["value"]);
 646
 647                         set_pref($link, $key, $value);
 648
 649                         print "<param-set key=\"$key\" value=\"$value\"/>";
 650
 651                         print "</rpc-reply>";
 652
 653                 }
 654
 655                 if ($subop == "getLabelCounters") {
 656                         $aid = $_GET["aid"];
 657                         print "<rpc-reply>";
 658                         getLabelCounters($link);
 659                         if ($aid) {
 660                                 getFeedCounter($link, $aid);
 661                         }
 662                         print "</rpc-reply>";
 663                 }
 664
 665                 if ($subop == "getFeedCounters") {
 666                         print "<rpc-reply>";
 667                         getFeedCounters($link);
 668                         print "</rpc-reply>";
 669                 }
 670
 671                 if ($subop == "getAllCounters") {
 672                         print "<rpc-reply>";
 673                         getAllCounters($link);
 674                         print "</rpc-reply>";
 675                 }
 676
 677                 if ($subop == "mark") {
 678                         $mark = $_GET["mark"];
 679                         $id = db_escape_string($_GET["id"]);
 680
 681                         if ($mark == "1") {
 682                                 $mark = "true";
 683                         } else {
 684                                 $mark = "false";
 685                         }
 686
 687                         // FIXME this needs collision testing
 688
 689                         $result = db_query($link, "UPDATE ttrss_user_entries SET marked = $mark
 690                                 WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 691                 }
 692
 693                 if ($subop == "updateFeed") {
 694                         $feed_id = db_escape_string($_GET["feed"]);
 695
 696                         $result = db_query($link,
 697                                 "SELECT feed_url FROM ttrss_feeds WHERE id = '$feed_id'
 698                                         AND owner_uid = " . $_SESSION["uid"]);
 699
 700                         if (db_num_rows($result) > 0) {
 701                                 $feed_url = db_fetch_result($result, 0, "feed_url");
 702                                 update_rss_feed($link, $feed_url, $feed_id);
 703                         }
 704
 705                         print "<rpc-reply>";
 706                         getFeedCounter($link, $feed_id);
 707                         print "</rpc-reply>";
 708
 709                         return;
 710                 }
 711
 712                 if ($subop == "forceUpdateAllFeeds" || $subop == "updateAllFeeds") {
 713
 714                         if (ENABLE_UPDATE_DAEMON) {
 715
 716                                 if ($subop == "forceUpdateAllFeeds") {
 717
 718                                         $result = db_query($link, "SELECT count(id) AS cid FROM
 719                                                 ttrss_scheduled_updates WHERE feed_id IS NULL AND
 720                                                         owner_uid = " . $_SESSION["uid"]);
 721
 722                                         $cid = db_fetch_result($result, 0, "cid");
 723
 724 #                                       print "<rpc-reply>";
 725
 726                                         if ($cid == 0) {
 727
 728                                                 db_query($link, "INSERT INTO ttrss_scheduled_updates
 729                                                         (owner_uid, feed_id, entered) VALUES
 730                                                         (".$_SESSION["uid"].", NULL, NOW())");
 731
 732 //                                              print "<!-- ScheduledOK -->";
 733
 734                                         } else {
 735 //                                              print "<!-- RequestAlreadyInQueue -->";
 736                                         }
 737
 738 #                                       print "</rpc-reply>";
 739                                 }
 740
 741                         } else {
 742                                 update_all_feeds($link, $subop == "forceUpdateAllFeeds");
 743                         }
 744
 745                         $global_unread_caller = sprintf("%d", $_GET["uctr"]);
 746                         $global_unread = getGlobalUnread($link);
 747
 748                         print "<rpc-reply>";
 749
 750                         if ($global_unread_caller != $global_unread) {
 751
 752                                 $omode = $_GET["omode"];
 753
 754                                 if (!$omode) $omode = "tfl";
 755
 756                                 if (strchr($omode, "l")) getLabelCounters($link);
 757                                 if (strchr($omode, "f")) getFeedCounters($link);
 758                                 if (strchr($omode, "t")) getTagCounters($link);
 759                                 if (get_pref($link, 'ENABLE_FEED_CATS')) {
 760                                         getCategoryCounters($link);
 761                                 }
 762                         }
 763
 764                         getGlobalCounters($link, $global_unread);
 765
 766                         print "</rpc-reply>";
 767
 768                 }
 769
 770                 /* GET["cmode"] = 0 - mark as read, 1 - as unread, 2 - toggle */
 771                 if ($subop == "catchupSelected") {
 772
 773                         $ids = split(",", db_escape_string($_GET["ids"]));
 774
 775                         $cmode = sprintf("%d", $_GET["cmode"]);
 776
 777                         foreach ($ids as $id) {
 778
 779                                 if ($cmode == 0) {
 780                                         db_query($link, "UPDATE ttrss_user_entries SET
 781                                         unread = false,last_read = NOW()
 782                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 783                                 } else if ($cmode == 1) {
 784                                         db_query($link, "UPDATE ttrss_user_entries SET
 785                                         unread = true
 786                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 787                                 } else {
 788                                         db_query($link, "UPDATE ttrss_user_entries SET
 789                                         unread = NOT unread,last_read = NOW()
 790                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 791                                 }
 792                         }
 793                         print "<rpc-reply>";
 794                         getAllCounters($link);
 795                         print "</rpc-reply>";
 796                 }
 797
 798                 if ($subop == "markSelected") {
 799
 800                         $ids = split(",", db_escape_string($_GET["ids"]));
 801
 802                         $cmode = sprintf("%d", $_GET["cmode"]);
 803
 804                         foreach ($ids as $id) {
 805
 806                                 if ($cmode == 0) {
 807                                         db_query($link, "UPDATE ttrss_user_entries SET
 808                                         marked = false
 809                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 810                                 } else if ($cmode == 1) {
 811                                         db_query($link, "UPDATE ttrss_user_entries SET
 812                                         marked = true
 813                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 814                                 } else {
 815                                         db_query($link, "UPDATE ttrss_user_entries SET
 816                                         marked = NOT marked
 817                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 818                                 }
 819                         }
 820                         print "<rpc-reply>";
 821                         getAllCounters($link);
 822                         print "</rpc-reply>";
 823                 }
 824
 825                 if ($subop == "sanityCheck") {
 826                         if (sanity_check($link)) {
 827                                 print "<error error-code=\"0\"/>";
 828                         }
 829                 }
 830
 831                 if ($subop == "globalPurge") {
 832
 833                         print "<rpc-reply>";
 834                         global_purge_old_posts($link, true);
 835                         print "</rpc-reply>";
 836
 837                 }
 838
 839         }
 840
 841         if ($op == "feeds") {
 842
 843                 $tags = $_GET["tags"];
 844
 845                 $subop = $_GET["subop"];
 846
 847                 if ($subop == "catchupAll") {
 848                         db_query($link, "UPDATE ttrss_user_entries SET
 849                                 last_read = NOW(),unread = false WHERE owner_uid = " . $_SESSION["uid"]);
 850                 }
 851
 852                 if ($subop == "collapse") {
 853                         $cat_id = db_escape_string($_GET["cid"]);
 854
 855                         db_query($link, "UPDATE ttrss_feed_categories SET
 856                                 collapsed = NOT collapsed WHERE id = '$cat_id' AND owner_uid = " .
 857                                 $_SESSION["uid"]);
 858                         return;
 859                 }
 860
 861                 outputFeedList($link, $tags);
 862
 863         }
 864
 865         if ($op == "view") {
 866
 867                 $id = $_GET["id"];
 868                 $feed_id = $_GET["feed"];
 869
 870                 $result = db_query($link, "UPDATE ttrss_user_entries
 871                         SET unread = false,last_read = NOW()
 872                         WHERE ref_id = '$id' AND feed_id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]);
 873
 874                 $addheader = $_GET["addheader"];
 875
 876                 $result = db_query($link, "SELECT title,link,content,feed_id,comments,int_id,
 877                         SUBSTRING(updated,1,16) as updated,
 878                         (SELECT icon_url FROM ttrss_feeds WHERE id = feed_id) as icon_url,
 879                         num_comments
 880                         FROM ttrss_entries,ttrss_user_entries
 881                         WHERE   id = '$id' AND ref_id = id");
 882
 883                 if ($addheader) {
 884                         print "<html><head>
 885                                 <title>Tiny Tiny RSS : Article $id</title>
 886                                 <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">";
 887
 888                         $user_theme = $_SESSION["theme"];
 889                         if ($user_theme) {
 890                                 print "<link rel=\"stylesheet\" type=\"text/css\"
 891                                         href=\"themes/$user_theme/theme.css\">";
 892                         }
 893
 894                         if (get_pref($link, 'USE_COMPACT_STYLESHEET')) {
 895                                 print "<link rel=\"stylesheet\" type=\"text/css\"
 896                                         href=\"tt-rss_compact.css\"/>";
 897                         } else {
 898                                 print "<link title=\"Compact Stylesheet\" rel=\"alternate stylesheet\"
 899                                                 type=\"text/css\" href=\"tt-rss_compact.css\"/>";
 900                         }
 901
 902                         print "<script type=\"text/javascript\" src=\"functions.js\"></script>
 903                                 <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
 904                                 </head><body>";
 905                 }
 906
 907                 if ($result) {
 908
 909                         $line = db_fetch_assoc($result);
 910
 911                         if ($line["icon_url"]) {
 912                                 $feed_icon = "<img class=\"feedIcon\" src=\"" . $line["icon_url"] . "\">";
 913                         } else {
 914                                 $feed_icon = "&nbsp;";
 915                         }
 916
 917 /*                      if ($line["comments"] && $line["link"] != $line["comments"]) {
 918                                 $entry_comments = "(<a href=\"".$line["comments"]."\">Comments</a>)";
 919                         } else {
 920                                 $entry_comments = "";
 921                         } */
 922
 923                         $num_comments = $line["num_comments"];
 924                         $entry_comments = "";
 925
 926                         if ($num_comments > 0) {
 927                                 if ($line["comments"]) {
 928                                         $comments_url = $line["comments"];
 929                                 } else {
 930                                         $comments_url = $line["link"];
 931                                 }
 932                                 $entry_comments = "<a href=\"$comments_url\">$num_comments comments</a>";
 933                         } else {
 934                                 if ($line["comments"] && $line["link"] != $line["comments"]) {
 935                                         $entry_comments = "<a href=\"".$line["comments"]."\">comments</a>";
 936                                 }
 937                         }
 938
 939                         print "<div class=\"postReply\">";
 940
 941                         print "<div class=\"postHeader\"><table width=\"100%\">";
 942
 943                         print "<tr><td><a href=\"" . $line["link"] . "\">" . $line["title"] . "</a></td>";
 944
 945                         $parsed_updated = date(get_pref($link, 'LONG_DATE_FORMAT'),
 946                                 strtotime($line["updated"]));
 947
 948                         print "<td class=\"postDate\">$parsed_updated</td>";
 949
 950                         print "</tr>";
 951
 952                         $tmp_result = db_query($link, "SELECT DISTINCT tag_name FROM
 953                                 ttrss_tags WHERE post_int_id = " . $line["int_id"] . "
 954                                 ORDER BY tag_name");
 955
 956                         $tags_str = "";
 957                         $f_tags_str = "";
 958
 959                         $num_tags = 0;
 960
 961                         while ($tmp_line = db_fetch_assoc($tmp_result)) {
 962                                 $num_tags++;
 963                                 $tag = $tmp_line["tag_name"];
 964                                 $tag_str = "<a href=\"javascript:parent.viewfeed('$tag')\">$tag</a>, ";
 965
 966                                 if ($num_tags == 5) {
 967                                         $tags_str .= "<a href=\"javascript:showBlockElement('allEntryTags')\">...</a>";
 968                                 } else if ($num_tags < 5) {
 969                                         $tags_str .= $tag_str;
 970                                 }
 971                                 $f_tags_str .= $tag_str;
 972                         }
 973
 974                         $tags_str = preg_replace("/, $/", "", $tags_str);
 975                         $f_tags_str = preg_replace("/, $/", "", $f_tags_str);
 976
 977 //                      $truncated_link = truncate_string($line["link"], 60);
 978
 979                         if ($tags_str || $entry_comments) {
 980                                 print "<tr><td width='50%'>
 981                                         $entry_comments</td>
 982                                         <td align=\"right\">$tags_str</td></tr>";
 983                         }
 984
 985                         print "</table></div>";
 986
 987                         print "<div class=\"postIcon\">" . $feed_icon . "</div>";
 988                         print "<div class=\"postContent\">";
 989
 990                         if (db_num_rows($tmp_result) > 5) {
 991                                 print "<div id=\"allEntryTags\">Tags: $f_tags_str</div>";
 992                         }
 993
 994                         print $line["content"] . "</div>";
 995
 996                         print "</div>";
 997
 998                         print "<script type=\"text/javascript\">
 999                                 update_all_counters('$feed_id');
1000                         </script>";
1001                 }
1002
1003                 if ($addheader) {
1004                         print "</body></html>";
1005                 }
1006         }
1007
1008         if ($op == "viewfeed") {
1009
1010                 $feed = $_GET["feed"];
1011                 $skip = $_GET["skip"];
1012                 $subop = $_GET["subop"];
1013                 $view_mode = $_GET["view"];
1014                 $addheader = $_GET["addheader"];
1015                 $limit = $_GET["limit"];
1016
1017                 if (!$feed) {
1018                         return;
1019                 }
1020
1021                 if (!$skip) $skip = 0;
1022
1023                 if ($subop == "undefined") $subop = "";
1024
1025                 if ($addheader) {
1026                         print "<html><head>
1027                                 <title>Tiny Tiny RSS : Feed $feed</title>
1028                                 <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">";
1029
1030                         $user_theme = $_SESSION["theme"];
1031                         if ($user_theme) {
1032                                 print "<link rel=\"stylesheet\" type=\"text/css\"
1033                                         href=\"themes/$user_theme/theme.css\">";
1034                         }
1035
1036                         if (get_pref($link, 'USE_COMPACT_STYLESHEET')) {
1037                                 print "<link rel=\"stylesheet\"
1038                                                 type=\"text/css\" href=\"tt-rss_compact.css\"/>";
1039
1040                         } else {
1041                                 print "<link title=\"Compact Stylesheet\" rel=\"alternate stylesheet\"
1042                                                 type=\"text/css\" href=\"tt-rss_compact.css\"/>";
1043                         }
1044
1045                         print "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
1046                                 <script type=\"text/javascript\" src=\"functions.js\"></script>
1047                                 <script type=\"text/javascript\" src=\"viewfeed.js\"></script>
1048                                 <!--[if gte IE 5.5000]>
1049                                 <script type=\"text/javascript\" src=\"pngfix.js\"></script>
1050                                 <link rel=\"stylesheet\" type=\"text/css\" href=\"tt-rss-ie.css\">
1051                                 <![endif]-->
1052                                 </head><body onload='init()'>";
1053                 }
1054
1055                 if ($subop == "ForceUpdate" && sprintf("%d", $feed) > 0) {
1056
1057 /*                      if (ENABLE_UPDATE_DAEMON) {
1058
1059                                 if ($cid == 0) {
1060
1061                                         db_query($link, "INSERT INTO ttrss_scheduled_updates
1062                                                 (owner_uid, feed_id, entered) VALUES
1063                                                 (".$_SESSION["uid"].", '$feed', NOW())");
1064                                 }
1065
1066                         } else {
1067                                 // fixme update_rss_feed...
1068                         } */
1069
1070                         $tmp_result = db_query($link, "SELECT feed_url FROM ttrss_feeds
1071                                 WHERE id = '$feed'");
1072                         $feed_url = db_fetch_result($tmp_result, 0, "feed_url");
1073                         update_rss_feed($link, $feed_url, $feed, ENABLE_UPDATE_DAEMON);
1074                 }
1075
1076                 if ($subop == "MarkAllRead")  {
1077
1078                         if (sprintf("%d", $feed) != 0) {
1079
1080                                 if ($feed > 0) {
1081
1082                                         $tmp_result = db_query($link, "SELECT id
1083                                                 FROM ttrss_feeds WHERE parent_feed = '$feed'
1084                                                 ORDER BY cat_id,title");
1085
1086                                         $parent_ids = array();
1087
1088                                         if (db_num_rows($tmp_result) > 0) {
1089                                                 while ($p = db_fetch_assoc($tmp_result)) {
1090                                                         array_push($parent_ids, "feed_id = " . $p["id"]);
1091                                                 }
1092
1093                                                 $children_qpart = implode(" OR ", $parent_ids);
1094
1095                                                 db_query($link, "UPDATE ttrss_user_entries
1096                                                         SET unread = false,last_read = NOW()
1097                                                         WHERE (feed_id = '$feed' OR $children_qpart)
1098                                                         AND owner_uid = " . $_SESSION["uid"]);
1099
1100                                         } else {
1101                                                 db_query($link, "UPDATE ttrss_user_entries
1102                                                         SET unread = false,last_read = NOW()
1103                                                         WHERE feed_id = '$feed' AND owner_uid = " . $_SESSION["uid"]);
1104                                         }
1105
1106                                 } else if ($feed < 0 && $feed > -10) { // special, like starred
1107
1108                                         if ($feed == -1) {
1109                                                 db_query($link, "UPDATE ttrss_user_entries
1110                                                         SET unread = false,last_read = NOW()
1111                                                         WHERE marked = true AND owner_uid = ".$_SESSION["uid"]);
1112                                         }
1113
1114                                 } else if ($feed < -10) { // label
1115
1116                                         // TODO make this more efficient
1117
1118                                         $label_id = -$feed - 11;
1119
1120                                         $tmp_result = db_query($link, "SELECT sql_exp FROM ttrss_labels
1121                                                 WHERE id = '$label_id'");
1122
1123                                         if ($tmp_result) {
1124                                                 $sql_exp = db_fetch_result($tmp_result, 0, "sql_exp");
1125
1126                                                 db_query($link, "BEGIN");
1127
1128                                                 $tmp2_result = db_query($link,
1129                                                         "SELECT
1130                                                                 int_id
1131                                                         FROM
1132                                                                 ttrss_user_entries,ttrss_entries
1133                                                         WHERE
1134                                                                 ref_id = id AND
1135                                                                 $sql_exp AND
1136                                                                 owner_uid = " . $_SESSION["uid"]);
1137
1138                                                 while ($tmp_line = db_fetch_assoc($tmp2_result)) {
1139                                                         db_query($link, "UPDATE
1140                                                                 ttrss_user_entries
1141                                                         SET
1142                                                                 unread = false, last_read = NOW()
1143                                                         WHERE
1144                                                                 int_id = " . $tmp_line["int_id"]);
1145                                                 }
1146
1147                                                 db_query($link, "COMMIT");
1148
1149 /*                                              db_query($link, "UPDATE ttrss_user_entries,ttrss_entries
1150                                                         SET unread = false,last_read = NOW()
1151                                                         WHERE $sql_exp
1152                                                         AND ref_id = id
1153                                                         AND owner_uid = ".$_SESSION["uid"]); */
1154                                         }
1155                                 }
1156                         } else { // tag
1157                                 db_query($link, "BEGIN");
1158
1159                                 $tag_name = db_escape_string($feed);
1160
1161                                 $result = db_query($link, "SELECT post_int_id FROM ttrss_tags
1162                                         WHERE tag_name = '$tag_name' AND owner_uid = " . $_SESSION["uid"]);
1163
1164                                 while ($line = db_fetch_assoc($result)) {
1165                                         db_query($link, "UPDATE ttrss_user_entries SET
1166                                                 unread = false, last_read = NOW()
1167                                                 WHERE int_id = " . $line["post_int_id"]);
1168                                 }
1169                                 db_query($link, "COMMIT");
1170                         }
1171
1172                 }
1173
1174                 $search = db_escape_string($_GET["search"]);
1175                 $search_mode = db_escape_string($_GET["smode"]);
1176
1177                 if ($search) {
1178                         $search_query_part = "(upper(ttrss_entries.title) LIKE upper('%$search%')
1179                                 OR ttrss_entries.content LIKE '%$search%') AND";
1180                 } else {
1181                         $search_query_part = "";
1182                 }
1183
1184                 $view_query_part = "";
1185
1186                 if ($view_mode == "Adaptive") {
1187                         if ($search) {
1188                                 $view_query_part = " ";
1189                         } else if ($feed != -1) {
1190                                 $unread = getFeedUnread($link, $feed);
1191                                 if ($unread > 0) {
1192                                         $view_query_part = " unread = true AND ";
1193                                 }
1194                         }
1195                 }
1196
1197                 if ($view_mode == "Starred") {
1198                         $view_query_part = " marked = true AND ";
1199                 }
1200
1201                 if ($view_mode == "Unread") {
1202                         $view_query_part = " unread = true AND ";
1203                 }
1204
1205                 if ($limit && $limit != "All") {
1206                         $limit_query_part = "LIMIT " . $limit;
1207                 }
1208
1209                 $vfeed_query_part = "";
1210
1211                 // override query strategy and enable feed display when searching globally
1212                 if ($search && $search_mode == "All feeds") {
1213                         $query_strategy_part = "ttrss_entries.id > 0";
1214                         $vfeed_query_part = "ttrss_feeds.title AS feed_title,";
1215                 } else if (sprintf("%d", $feed) == 0) {
1216                         $query_strategy_part = "ttrss_entries.id > 0";
1217                         $vfeed_query_part = "(SELECT title FROM ttrss_feeds WHERE
1218                                 id = feed_id) as feed_title,";
1219                 } else if ($feed >= 0) {
1220
1221                         $tmp_result = db_query($link, "SELECT id
1222                                 FROM ttrss_feeds WHERE parent_feed = '$feed'
1223                                 ORDER BY cat_id,title");
1224
1225                         $parent_ids = array();
1226
1227                         if (db_num_rows($tmp_result) > 0) {
1228                                 while ($p = db_fetch_assoc($tmp_result)) {
1229                                         array_push($parent_ids, "feed_id = " . $p["id"]);
1230                                 }
1231
1232                                 $query_strategy_part = sprintf("(feed_id = %d OR %s)",
1233                                         $feed, implode(" OR ", $parent_ids));
1234
1235                                 $vfeed_query_part = "ttrss_feeds.title AS feed_title,";
1236                         } else {
1237                                 $query_strategy_part = "feed_id = '$feed'";
1238                         }
1239                 } else if ($feed == -1) { // starred virtual feed
1240                         $query_strategy_part = "marked = true";
1241                         $vfeed_query_part = "ttrss_feeds.title AS feed_title,";
1242                 } else if ($feed <= -10) { // labels
1243                         $label_id = -$feed - 11;
1244
1245                         $tmp_result = db_query($link, "SELECT sql_exp FROM ttrss_labels
1246                                 WHERE id = '$label_id'");
1247
1248                         $query_strategy_part = db_fetch_result($tmp_result, 0, "sql_exp");
1249
1250                         $vfeed_query_part = "ttrss_feeds.title AS feed_title,";
1251                 } else {
1252                         $query_strategy_part = "id > 0"; // dumb
1253                 }
1254
1255                 $order_by = "updated DESC";
1256
1257 //              if ($feed < -10) {
1258 //                      $order_by = "feed_id,updated DESC";
1259 //              }
1260
1261                 $feed_title = "";
1262
1263                 if ($search && $search_mode == "All feeds") {
1264                         $feed_title = "Global search results ($search)";
1265                 } else if ($search && sprintf("%d", $feed) == 0) {
1266                         $feed_title = "Feed search results ($search, $feed)";
1267                 } else if ($feed > 0) {
1268                         $result = db_query($link, "SELECT title,site_url,last_error FROM ttrss_feeds
1269                                 WHERE id = '$feed'");
1270
1271                         $feed_title = db_fetch_result($result, 0, "title");
1272                         $feed_site_url = db_fetch_result($result, 0, "site_url");
1273                         $last_error = db_fetch_result($result, 0, "last_error");
1274
1275                 } else if ($feed == -1) {
1276                         $feed_title = "Starred articles";
1277                 } else if ($feed < -10) {
1278                         $label_id = -$feed - 11;
1279                         $result = db_query($link, "SELECT description FROM ttrss_labels
1280                                 WHERE id = '$label_id'");
1281                         $feed_title = db_fetch_result($result, 0, "description");
1282                 } else {
1283                         $feed_title = "?";
1284                 }
1285
1286                 if ($feed < -10) error_reporting (0);
1287
1288                 print "<div id=\"headlinesContainer\">";
1289
1290                 if (sprintf("%d", $feed) != 0) {
1291
1292                         if ($feed > 0) {
1293                                 $feed_kind = "Feeds";
1294                         } else {
1295                                 $feed_kind = "Labels";
1296                         }
1297
1298 //                      if (!$vfeed_query_part) {
1299                         $content_query_part = "content as content_preview,";
1300 //                      } else {
1301 //                              $content_query_part = "";
1302 //                      }
1303
1304                         $result = db_query($link, "SELECT
1305                                         ttrss_entries.id,ttrss_entries.title,
1306                                         SUBSTRING(updated,1,16) as updated,
1307                                         unread,feed_id,marked,link,last_read,
1308                                         SUBSTRING(last_read,1,19) as last_read_noms,
1309                                         $vfeed_query_part
1310                                         $content_query_part
1311                                         SUBSTRING(updated,1,19) as updated_noms
1312                                 FROM
1313                                         ttrss_entries,ttrss_user_entries,ttrss_feeds
1314                                 WHERE
1315                                 ttrss_user_entries.feed_id = ttrss_feeds.id AND
1316                                 ttrss_user_entries.ref_id = ttrss_entries.id AND
1317                                 ttrss_user_entries.owner_uid = '".$_SESSION["uid"]."' AND
1318                                 $search_query_part
1319                                 $view_query_part
1320                                 $query_strategy_part ORDER BY $order_by
1321                                 $limit_query_part");
1322
1323                 } else {
1324                         // browsing by tag
1325
1326                         $feed_kind = "Tags";
1327
1328                         $result = db_query($link, "SELECT
1329                                 ttrss_entries.id as id,title,
1330                                 SUBSTRING(updated,1,16) as updated,
1331                                 unread,feed_id,
1332                                 marked,link,last_read,
1333                                 SUBSTRING(last_read,1,19) as last_read_noms,
1334                                 $vfeed_query_part
1335                                 $content_query_part
1336                                 SUBSTRING(updated,1,19) as updated_noms
1337                                 FROM
1338                                         ttrss_entries,ttrss_user_entries,ttrss_tags
1339                                 WHERE
1340                                         ref_id = ttrss_entries.id AND
1341                                         ttrss_user_entries.owner_uid = '".$_SESSION["uid"]."' AND
1342                                         post_int_id = int_id AND tag_name = '$feed' AND
1343                                         $view_query_part
1344                                         $search_query_part
1345                                         $query_strategy_part ORDER BY $order_by
1346                                 $limit_query_part");
1347                 }
1348
1349                 if (!$result) {
1350                         print "<div align='center'>
1351                                 Could not display feed (query failed). Please check label match syntax or local configuration.</div>";
1352                         return;
1353                 }
1354
1355                 if (db_num_rows($result) > 0) {
1356
1357                         print "<table class=\"headlinesSubToolbar\"
1358                                 width=\"100%\" cellspacing=\"0\" cellpadding=\"0\"><tr>";
1359
1360                         if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
1361
1362                                 print "<td class=\"headlineActions\">
1363                                         Select:
1364                                                                 <a href=\"javascript:selectTableRowsByIdPrefix('headlinesList',
1365                                                                         'RROW-', 'RCHK-', true, '', true)\">All</a>,
1366                                                                 <a href=\"javascript:selectTableRowsByIdPrefix('headlinesList',
1367                                                                         'RROW-', 'RCHK-', true, 'Unread', true)\">Unread</a>,
1368                                                                 <a href=\"javascript:selectTableRowsByIdPrefix('headlinesList',
1369                                                                         'RROW-', 'RCHK-', false)\">None</a>
1370                                                 &nbsp;&nbsp;
1371                                                 Toggle: <a href=\"javascript:selectionToggleUnread()\">Unread</a>,
1372                                                                 <a href=\"javascript:selectionToggleMarked()\">Starred</a>";
1373                                 print "</td>";
1374
1375                         } else {
1376
1377                                 print "<td class=\"headlineActions\">
1378                                         Select:
1379                                                                 <a href=\"javascript:cdmSelectArticles('all')\">All</a>,
1380                                                                 <a href=\"javascript:cdmSelectArticles('unread')\">Unread</a>,
1381                                                                 <a href=\"javascript:cdmSelectArticles('none')\">None</a>
1382                                                 &nbsp;&nbsp;
1383                                                 Toggle: <a href=\"javascript:selectionToggleUnread(true)\">Unread</a>,
1384                                                                 <a href=\"javascript:selectionToggleMarked(true)\">Starred</a>";
1385
1386                                 print "</td>";
1387
1388
1389                         }
1390
1391                         if ($last_error) {
1392                                         print "<td align='center' class='small'>
1393                                                 <a class=\"warning\" href=\"javascript:alert('TT-RSS encountered an error while trying to update this feed.\\n\\n$last_error')\">Could not update this feed.</a></td>";
1394                                 }
1395
1396                         print "<td class=\"headlineTitle\">";
1397
1398                         if ($feed_site_url) {
1399                                 print "<a target=\"_blank\" href=\"$feed_site_url\">$feed_title</a>";
1400                         } else {
1401                                 print $feed_title;
1402                         }
1403
1404                         print "</td>";
1405                         print "</tr></table>";
1406
1407                         if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
1408                                 print "<table class=\"headlinesList\" id=\"headlinesList\"
1409                                         cellspacing=\"0\" width=\"100%\">";
1410                         }
1411
1412                         $lnum = 0;
1413
1414                         error_reporting (DEFAULT_ERROR_LEVEL);
1415
1416                         $num_unread = 0;
1417
1418                         while ($line = db_fetch_assoc($result)) {
1419
1420                                 $class = ($lnum % 2) ? "even" : "odd";
1421
1422                                 $id = $line["id"];
1423                                 $feed_id = $line["feed_id"];
1424
1425                                 if ($line["last_read"] == "" &&
1426                                                 ($line["unread"] != "t" && $line["unread"] != "1")) {
1427
1428                                         $update_pic = "<img id='FUPDPIC-$id' src=\"images/updated.png\"
1429                                                 alt=\"Updated\">";
1430                                 } else {
1431                                         $update_pic = "<img id='FUPDPIC-$id' src=\"images/blank_icon.gif\"
1432                                                 alt=\"Updated\">";
1433                                 }
1434
1435                                 if ($line["unread"] == "t" || $line["unread"] == "1") {
1436                                         $class .= "Unread";
1437                                         ++$num_unread;
1438                                         $is_unread = true;
1439                                 } else {
1440                                         $is_unread = false;
1441                                 }
1442
1443                                 if ($line["marked"] == "t" || $line["marked"] == "1") {
1444                                         $marked_pic = "<img id=\"FMARKPIC-$id\" src=\"images/mark_set.png\"
1445                                                 alt=\"Reset mark\" onclick='javascript:toggleMark($id)'>";
1446                                 } else {
1447                                         $marked_pic = "<img id=\"FMARKPIC-$id\" src=\"images/mark_unset.png\"
1448                                                 alt=\"Set mark\" onclick='javascript:toggleMark($id)'>";
1449                                 }
1450
1451                                 $content_link = "<a href=\"javascript:view($id,$feed_id);\">" .
1452                                         $line["title"] . "</a>";
1453
1454                                 if (get_pref($link, 'HEADLINES_SMART_DATE')) {
1455                                         $updated_fmt = smart_date_time(strtotime($line["updated"]));
1456                                 } else {
1457                                         $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
1458                                         $updated_fmt = date($short_date, strtotime($line["updated"]));
1459                                 }
1460
1461                                 if (get_pref($link, 'SHOW_CONTENT_PREVIEW')) {
1462                                         $content_preview = truncate_string(strip_tags($line["content_preview"]),
1463                                                 100);
1464                                 }
1465
1466                                 if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
1467
1468                                         print "<tr class='$class' id='RROW-$id'>";
1469
1470                                         print "<td class='hlUpdatePic'>$update_pic</td>";
1471
1472                                         print "<td class='hlSelectRow'>
1473                                                 <input type=\"checkbox\" onclick=\"toggleSelectRow(this)\"
1474                                                         class=\"feedCheckBox\" id=\"RCHK-$id\">
1475                                                 </td>";
1476
1477                                         print "<td class='hlMarkedPic'>$marked_pic</td>";
1478
1479                                         if ($line["feed_title"]) {
1480                                                 print "<td class='hlContent'>$content_link</td>";
1481                                                 print "<td class='hlFeed'>
1482                                                         <a href='javascript:viewfeed($feed_id)'>".
1483                                                                 $line["feed_title"]."</a>&nbsp;</td>";
1484                                         } else {
1485                                                 print "<td class='hlContent' valign='middle'>";
1486
1487                                                 print "<a href=\"javascript:view($id,$feed_id);\">" .
1488                                                         $line["title"];
1489
1490                                                 if (get_pref($link, 'SHOW_CONTENT_PREVIEW')) {
1491
1492                                                         if ($content_preview) {
1493                                                                 print "<span class=\"contentPreview\"> - $content_preview</span>";
1494                                                         }
1495                                                 }
1496
1497                                                 print "</a>";
1498                                                 print "</td>";
1499                                         }
1500
1501                                         print "<td class=\"hlUpdated\"><nobr>$updated_fmt&nbsp;</nobr></td>";
1502
1503                                         print "</tr>";
1504
1505                                 } else {
1506
1507                                         if ($is_unread) {
1508                                                 $add_class = "Unread";
1509                                         } else {
1510                                                 $add_class = "";
1511                                         }
1512
1513                                         print "<div class=\"cdmArticle$add_class\" id=\"RROW-$id\">";
1514
1515                                         print "<div class=\"cdmHeader\">";
1516
1517                                         print "<div style=\"float : right\">$updated_fmt</div>";
1518
1519                                         print "<a target=\"new\" href=\"".$line["link"]."\">".$line["title"]."</a>";
1520
1521                                         if ($line["feed_title"]) {
1522                                                 print "&nbsp;(<a href='javascript:viewfeed($feed_id)'>".$line["feed_title"]."</a>)";
1523                                         }
1524
1525                                         print "</div>";
1526
1527                                         print "<div class=\"cdmContent\">" . $line["content_preview"] . "</div>";
1528
1529                                         print "<div style=\"float : right\">$marked_pic</div>
1530                                                 <div class=\"cdmFooter\">
1531                                                         <input type=\"checkbox\" onclick=\"toggleSelectRowById(this,
1532                                                         'RROW-$id')\" class=\"feedCheckBox\" id=\"RCHK-$id\"></div>";
1533
1534                                         print "</div>";
1535
1536                                 }
1537
1538                                 ++$lnum;
1539                         }
1540
1541                         if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
1542                                 print "</table>";
1543                         }
1544
1545                 } else {
1546                         print "<div width='100%' align='center'>No articles found.</div>";
1547                 }
1548
1549                 print "</div>";
1550
1551                 print "<script type=\"text/javascript\">
1552                         document.onkeydown = hotkey_handler;
1553                         // if (parent.daemon_enabled) parent.updateTitle('$feed_title');
1554                         update_all_counters('$feed');
1555                 </script>";
1556
1557                 if ($addheader) {
1558                         print "</body></html>";
1559                 }
1560         }
1561
1562         if ($op == "pref-rpc") {
1563
1564                 $subop = $_GET["subop"];
1565
1566                 if ($subop == "unread") {
1567                         $ids = split(",", db_escape_string($_GET["ids"]));
1568                         foreach ($ids as $id) {
1569                                 db_query($link, "UPDATE ttrss_user_entries SET unread = true
1570                                         WHERE feed_id = '$id' AND owner_uid = ".$_SESSION["uid"]);
1571                         }
1572
1573                         print "Marked selected feeds as unread.";
1574                 }
1575
1576                 if ($subop == "read") {
1577                         $ids = split(",", db_escape_string($_GET["ids"]));
1578                         foreach ($ids as $id) {
1579                                 db_query($link, "UPDATE ttrss_user_entries
1580                                         SET unread = false,last_read = NOW() WHERE
1581                                                 feed_id = '$id' AND owner_uid = ".$_SESSION["uid"]);
1582                         }
1583
1584                         print "Marked selected feeds as read.";
1585
1586                 }
1587
1588         }
1589
1590         if ($op == "pref-feeds") {
1591
1592                 $subop = $_REQUEST["subop"];
1593                 $quiet = $_REQUEST["quiet"];
1594
1595                 if ($subop == "massSubscribe") {
1596                         $ids = split(",", db_escape_string($_GET["ids"]));
1597
1598                         $subscribed = array();
1599
1600                         foreach ($ids as $id) {
1601                                 $result = db_query($link, "SELECT feed_url,title FROM ttrss_feeds
1602                                         WHERE id = '$id'");
1603
1604                                 $feed_url = db_fetch_result($result, 0, "feed_url");
1605                                 $title = db_fetch_result($result, 0, "title");
1606
1607                                 $result = db_query($link, "SELECT id FROM ttrss_feeds WHERE
1608                                         feed_url = '$feed_url' AND owner_uid = " . $_SESSION["uid"]);
1609
1610                                 if (db_num_rows($result) == 0) {
1611                                         $result = db_query($link,
1612                                                 "INSERT INTO ttrss_feeds (owner_uid,feed_url,title,cat_id)
1613                                                 VALUES ('".$_SESSION["uid"]."', '$feed_url', '$title', NULL)");
1614
1615                                         array_push($subscribed, $title);
1616                                 }
1617                         }
1618
1619                         if (count($subscribed) > 0) {
1620                                 print "<div class=\"notice\">";
1621                                 print "<b>Subscribed to feeds:</b>";
1622                                 print "<ul class=\"nomarks\">";
1623                                 foreach ($subscribed as $title) {
1624                                         print "<li>$title</li>";
1625                                 }
1626                                 print "</ul>";
1627                                 print "</div>";
1628                         }
1629                 }
1630
1631                 if ($subop == "browse") {
1632
1633                         if (!ENABLE_FEED_BROWSER) {
1634                                 print "Feed browser is administratively disabled.";
1635                                 return;
1636                         }
1637
1638                         print "<div class=\"infoBoxContents\">";
1639
1640                         print "<h1>Feed browser</h1>";
1641
1642                         print "<p>Showing top 50 registered feeds, sorted by popularity:</p>";
1643
1644                         $result = db_query($link, "SELECT feed_url,count(id) AS subscribers
1645                                 FROM ttrss_feeds
1646                                 WHERE auth_login = '' AND auth_pass = '' AND private = false
1647                                 GROUP BY feed_url ORDER BY subscribers DESC LIMIT 50");
1648
1649                         print "<ul class='browseFeedList' id='browseFeedList'>";
1650
1651                         $feedctr = 0;
1652
1653                         while ($line = db_fetch_assoc($result)) {
1654                                 $feed_url = $line["feed_url"];
1655                                 $subscribers = $line["subscribers"];
1656
1657                                 $sub_result = db_query($link, "SELECT id
1658                                         FROM ttrss_feeds WHERE feed_url = '$feed_url' AND owner_uid =" .
1659                                         $_SESSION["uid"]);
1660
1661                                 if (db_num_rows($sub_result) > 0) {
1662                                         continue; // already subscribed
1663                                 }
1664
1665                                 $det_result = db_query($link, "SELECT site_url,title,id
1666                                         FROM ttrss_feeds WHERE feed_url = '$feed_url' LIMIT 1");
1667
1668                                 $details = db_fetch_assoc($det_result);
1669
1670                                 $icon_file = ICONS_DIR . "/" . $details["id"] . ".ico";
1671
1672                                 if (file_exists($icon_file) && filesize($icon_file) > 0) {
1673                                                 $feed_icon = "<img class=\"tinyFeedIcon\"       src=\"" . ICONS_URL .
1674                                                         "/".$details["id"].".ico\">";
1675                                 } else {
1676                                         $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
1677                                 }
1678
1679                                 $check_box = "<input onclick='toggleSelectListRow(this)' class='feedBrowseCB'
1680                                         type=\"checkbox\" id=\"FBCHK-" . $details["id"] . "\">";
1681
1682                                 $class = ($feedctr % 2) ? "even" : "odd";
1683
1684                                 print "<li class='$class' id=\"FBROW-".$details["id"]."\">$check_box".
1685                                         "$feed_icon " . db_unescape_string($details["title"]) .
1686                                         "&nbsp;<span class='subscribers'>($subscribers)</span></li>";
1687
1688                                         ++$feedctr;
1689                         }
1690
1691                         if ($feedctr == 0) {
1692                                 print "<li>No feeds found to subscribe.</li>";
1693                         }
1694
1695                         print "</ul>";
1696
1697                         print "<div align='center'>
1698                                 <input type=\"submit\" class=\"button\"
1699                                 onclick=\"feedBrowserSubscribe()\" value=\"Subscribe\">
1700                                 <input type='submit' class='button'
1701                                 onclick=\"closeInfoBox()\" value=\"Cancel\"></div>";
1702
1703                         print "</div>";
1704                         return;
1705                 }
1706
1707                 if ($subop == "editfeed") {
1708                         $feed_id = db_escape_string($_GET["id"]);
1709
1710                         $result = db_query($link,
1711                                 "SELECT * FROM ttrss_feeds WHERE id = '$feed_id' AND
1712                                         owner_uid = " . $_SESSION["uid"]);
1713
1714                         $title = htmlspecialchars(db_unescape_string(db_fetch_result($result,
1715                                 0, "title")));
1716
1717                         print "<div class=\"infoBoxContents\">";
1718
1719                         $icon_file = ICONS_DIR . "/$feed_id.ico";
1720
1721                         if (file_exists($icon_file) && filesize($icon_file) > 0) {
1722                                         $feed_icon = "<img width=\"16\" height=\"16\"
1723                                                 src=\"" . ICONS_URL . "/$feed_id.ico\">";
1724                         } else {
1725                                 $feed_icon = "";
1726                         }
1727
1728                         print "<h1>$feed_icon $title</h1>";
1729
1730                         print "<table width='100%'>";
1731
1732                         $row_class = "odd";
1733
1734                         print "<tr class='$row_class'><td>Title:</td>";
1735                         print "<td><input id=\"iedit_title\" value=\"$title\"></td></tr>";
1736
1737                         $feed_url = db_fetch_result($result, 0, "feed_url");
1738                         $feed_url = htmlspecialchars(db_unescape_string(db_fetch_result($result,
1739                                 0, "feed_url")));
1740                         $row_class = toggleEvenOdd($row_class);
1741
1742                         print "<tr class='$row_class'><td>Feed URL:</td>";
1743                         print "<td><input id=\"iedit_link\" value=\"$feed_url\"></td></tr>";
1744
1745                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
1746
1747                                 $cat_id = db_fetch_result($result, 0, "cat_id");
1748
1749                                 $row_class = toggleEvenOdd($row_class);
1750
1751                                 print "<tr class='$row_class'><td>Category:</td>";
1752                                 print "<td>";
1753                                 print "<select id=\"iedit_fcat\">";
1754                                 print "<option id=\"0\">Uncategorized</option>";
1755
1756                                 $tmp_result = db_query($link, "SELECT id,title FROM ttrss_feed_categories
1757                                         WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY title");
1758
1759                                 if (db_num_rows($tmp_result) > 0) {
1760                                         print "<option disabled>--------</option>";
1761                                 }
1762
1763                                 while ($tmp_line = db_fetch_assoc($tmp_result)) {
1764                                         if ($tmp_line["id"] == $cat_id) {
1765                                                 $is_selected = "selected";
1766                                         } else {
1767                                                 $is_selected = "";
1768                                         }
1769                                         printf("<option $is_selected id='%d'>%s</option>",
1770                                                 $tmp_line["id"], $tmp_line["title"]);
1771                                 }
1772
1773                                 print "</select></td>";
1774                                 print "</td></tr>";
1775
1776                         }
1777
1778                         $update_interval = db_fetch_result($result, 0, "update_interval");
1779                         $row_class = toggleEvenOdd($row_class);
1780
1781                         print "<tr class='$row_class'><td>Update Interval:</td>";
1782                         print "<td><input id=\"iedit_updintl\"
1783                                 value=\"$update_interval\"></td></tr>";
1784
1785                         $row_class = toggleEvenOdd($row_class);
1786                         print "<tr class='$row_class'><td>Link to:</td>";
1787
1788                         $tmp_result = db_query($link, "SELECT COUNT(id) AS count
1789                                 FROM ttrss_feeds WHERE parent_feed = '$feed_id'");
1790
1791                         $linked_count = db_fetch_result($tmp_result, 0, "count");
1792
1793                         $parent_feed = db_fetch_result($result, 0, "parent_feed");
1794
1795                         if ($linked_count > 0) {
1796                                 $disabled = "disabled";
1797                         }
1798
1799                         print "<select $disabled  id=\"iedit_parent_feed\">";
1800
1801                         print "<option id=\"0\">Not linked</option>";
1802
1803                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
1804                                 if ($cat_id) {
1805                                         $cat_qpart = "AND cat_id = '$cat_id'";
1806                                 } else {
1807                                         $cat_qpart = "AND cat_id IS NULL";
1808                                 }
1809                         }
1810
1811                         $tmp_result = db_query($link, "SELECT id,title FROM ttrss_feeds
1812                                 WHERE id != '$feed_id' AND owner_uid = ".$_SESSION["uid"]."
1813                                         $cat_qpart ORDER BY title");
1814
1815                                 if (db_num_rows($tmp_result) > 0) {
1816                                         print "<option disabled>--------</option>";
1817                                 }
1818
1819                                 while ($tmp_line = db_fetch_assoc($tmp_result)) {
1820                                         if ($tmp_line["id"] == $parent_feed) {
1821                                                 $is_selected = "selected";
1822                                         } else {
1823                                                 $is_selected = "";
1824                                         }
1825                                         printf("<option $is_selected id='%d'>%s</option>",
1826                                                 $tmp_line["id"], $tmp_line["title"]);
1827                                 }
1828
1829                                 print "</select></td>";
1830                                 print "</td></tr>";
1831
1832                         $purge_interval = db_fetch_result($result, 0, "purge_interval");
1833                         $row_class = toggleEvenOdd($row_class);
1834
1835                         print "<tr class='$row_class'><td>Purge Days:</td>";
1836                         print "<td><input id=\"iedit_purgintl\"
1837                                 value=\"$purge_interval\"></td></tr>";
1838
1839 //                      print "<tr><td colspan=\"2\"><b>Authentication</b></td></tr>";
1840
1841                         $row_class = toggleEvenOdd($row_class);
1842                         $auth_login = db_fetch_result($result, 0, "auth_login");
1843
1844                         print "<tr class='$row_class'><td>Login:</td>";
1845                         print "<td><input id=\"iedit_login\"
1846                                 value=\"$auth_login\"></td></tr>";
1847
1848                         $row_class = toggleEvenOdd($row_class);
1849                         $auth_pass = db_fetch_result($result, 0, "auth_pass");
1850
1851                         print "<tr class='$row_class'><td>Password:</td>";
1852                         print "<td><input type=\"password\" id=\"iedit_pass\"
1853                                 value=\"$auth_pass\"></td></tr>";
1854
1855                         $row_class = toggleEvenOdd($row_class);
1856                         $private = sql_bool_to_bool(db_fetch_result($result, 0, "private"));
1857
1858                         if ($private) {
1859                                 $checked = "checked";
1860                         } else {
1861                                 $checked = "";
1862                         }
1863
1864                         print "<tr class='$row_class'><td>Options:</td>";
1865                         print "<td><input type=\"checkbox\" id=\"iedit_private\"
1866                                 $checked><label for=\"iedit_private\">Hide from feed browser</label>
1867                                 </td></tr>";
1868
1869                         print "</table>";
1870                         print "</div>";
1871
1872                         print "<div align='center'>
1873                                 <input type=\"submit\" class=\"button\"
1874                                 onclick=\"feedEditSave()\" value=\"Save\">
1875                                 <input type='submit' class='button'
1876                                 onclick=\"feedEditCancel()\" value=\"Cancel\"></div>";
1877                         return;
1878                 }
1879
1880                 if ($subop == "editSave") {
1881                         $feed_title = db_escape_string($_POST["t"]);
1882                         $feed_link = db_escape_string($_POST["l"]);
1883                         $upd_intl = db_escape_string($_POST["ui"]);
1884                         $purge_intl = db_escape_string($_POST["pi"]);
1885                         $feed_id = db_escape_string($_POST["id"]);
1886                         $cat_id = db_escape_string($_POST["catid"]);
1887                         $auth_login = db_escape_string($_POST["login"]);
1888                         $auth_pass = db_escape_string($_POST["pass"]);
1889                         $parent_feed = db_escape_string($_POST["pfeed"]);
1890                         $private = db_escape_string($_POST["is_pvt"]);
1891
1892                         if (strtoupper($upd_intl) == "DEFAULT")
1893                                 $upd_intl = 0;
1894
1895                         if (strtoupper($upd_intl) == "DISABLED")
1896                                 $upd_intl = -1;
1897
1898                         if (strtoupper($purge_intl) == "DEFAULT")
1899                                 $purge_intl = 0;
1900
1901                         if (strtoupper($purge_intl) == "DISABLED")
1902                                 $purge_intl = -1;
1903
1904                         if ($cat_id != 0) {
1905                                 $category_qpart = "cat_id = '$cat_id'";
1906                         } else {
1907                                 $category_qpart = 'cat_id = NULL';
1908                         }
1909
1910                         if ($parent_feed != 0) {
1911                                 $parent_qpart = "parent_feed = '$parent_feed'";
1912                         } else {
1913                                 $parent_qpart = 'parent_feed = NULL';
1914                         }
1915
1916                         $result = db_query($link, "UPDATE ttrss_feeds SET
1917                                 $category_qpart,
1918                                 $parent_qpart,
1919                                 title = '$feed_title', feed_url = '$feed_link',
1920                                 update_interval = '$upd_intl',
1921                                 purge_interval = '$purge_intl',
1922                                 auth_login = '$auth_login',
1923                                 auth_pass = '$auth_pass',
1924                                 private = '$private'
1925                                 WHERE id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]);
1926                 }
1927
1928                 if ($subop == "saveCat") {
1929                         $cat_title = db_escape_string($_GET["title"]);
1930                         $cat_id = db_escape_string($_GET["id"]);
1931
1932                         $result = db_query($link, "UPDATE ttrss_feed_categories SET
1933                                 title = '$cat_title' WHERE id = '$cat_id' AND owner_uid = ".$_SESSION["uid"]);
1934
1935                 }
1936
1937                 if ($subop == "remove") {
1938
1939                         if (!WEB_DEMO_MODE) {
1940
1941                                 $ids = split(",", db_escape_string($_GET["ids"]));
1942
1943                                 foreach ($ids as $id) {
1944                                         db_query($link, "DELETE FROM ttrss_feeds
1945                                                 WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
1946
1947                                         $icons_dir = ICONS_DIR;
1948
1949                                         if (file_exists($icons_dir . "/$id.ico")) {
1950                                                 unlink($icons_dir . "/$id.ico");
1951                                         }
1952                                 }
1953                         }
1954                 }
1955
1956                 if ($subop == "add") {
1957
1958                         if (!WEB_DEMO_MODE) {
1959
1960                                 $feed_link = db_escape_string(trim($_GET["link"]));
1961                                 $cat_id = db_escape_string($_GET["cid"]);
1962
1963                                 if ($cat_id == "0" || !$cat_id) {
1964                                         $cat_qpart = "NULL";
1965                                 } else {
1966                                         $cat_qpart = "'$cat_id'";
1967                                 }
1968
1969                                 $result = db_query($link,
1970                                         "SELECT id FROM ttrss_feeds
1971                                         WHERE feed_url = '$feed_link' AND owner_uid = ".$_SESSION["uid"]);
1972
1973                                 if (db_num_rows($result) == 0) {
1974
1975                                         $result = db_query($link,
1976                                                 "INSERT INTO ttrss_feeds (owner_uid,feed_url,title,cat_id)
1977                                                 VALUES ('".$_SESSION["uid"]."', '$feed_link',
1978                                                 '[Unknown]', $cat_qpart)");
1979
1980                                         $result = db_query($link,
1981                                                 "SELECT id FROM ttrss_feeds WHERE feed_url = '$feed_link'
1982                                                 AND owner_uid = " . $_SESSION["uid"]);
1983
1984                                         $feed_id = db_fetch_result($result, 0, "id");
1985
1986                                         if ($feed_id) {
1987                                                 update_rss_feed($link, $feed_link, $feed_id, true);
1988                                         }
1989                                 } else {
1990
1991                                         print "<div class=\"warning\">
1992                                                 Feed <b>$feed_link</b> already exists in the database.
1993                                         </div>";
1994                                 }
1995                         }
1996                 }
1997
1998                 if ($subop == "addCat") {
1999
2000                         if (!WEB_DEMO_MODE) {
2001
2002                                 $feed_cat = db_escape_string(trim($_GET["cat"]));
2003
2004                                 $result = db_query($link,
2005                                         "SELECT id FROM ttrss_feed_categories
2006                                         WHERE title = '$feed_cat' AND owner_uid = ".$_SESSION["uid"]);
2007
2008                                 if (db_num_rows($result) == 0) {
2009
2010                                         $result = db_query($link,
2011                                                 "INSERT INTO ttrss_feed_categories (owner_uid,title)
2012                                                 VALUES ('".$_SESSION["uid"]."', '$feed_cat')");
2013
2014                                 } else {
2015
2016                                         print "<div class=\"warning\">
2017                                                 Category <b>$feed_cat</b> already exists in the database.
2018                                         </div>";
2019                                 }
2020
2021
2022                         }
2023                 }
2024
2025                 if ($subop == "removeCats") {
2026
2027                         if (!WEB_DEMO_MODE) {
2028
2029                                 $ids = split(",", db_escape_string($_GET["ids"]));
2030
2031                                 foreach ($ids as $id) {
2032
2033                                         db_query($link, "BEGIN");
2034
2035                                         $result = db_query($link,
2036                                                 "SELECT count(id) as num_feeds FROM ttrss_feeds
2037                                                         WHERE cat_id = '$id'");
2038
2039                                         $num_feeds = db_fetch_result($result, 0, "num_feeds");
2040
2041                                         if ($num_feeds == 0) {
2042                                                 db_query($link, "DELETE FROM ttrss_feed_categories
2043                                                         WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
2044                                         } else {
2045
2046                                                 print "<div class=\"warning\">
2047                                                         Unable to delete non empty feed categories.</div>";
2048
2049                                         }
2050
2051                                         db_query($link, "COMMIT");
2052                                 }
2053                         }
2054                 }
2055
2056                 if ($subop == "categorize") {
2057
2058                         if (!WEB_DEMO_MODE) {
2059
2060                                 $ids = split(",", db_escape_string($_GET["ids"]));
2061
2062                                 $cat_id = db_escape_string($_GET["cat_id"]);
2063
2064                                 if ($cat_id == 0) {
2065                                         $cat_id_qpart = 'NULL';
2066                                 } else {
2067                                         $cat_id_qpart = "'$cat_id'";
2068                                 }
2069
2070                                 db_query($link, "BEGIN");
2071
2072                                 foreach ($ids as $id) {
2073
2074                                         db_query($link, "UPDATE ttrss_feeds SET cat_id = $cat_id_qpart
2075                                                 WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
2076                                 }
2077
2078                                 db_query($link, "COMMIT");
2079                         }
2080
2081                 }
2082
2083                 if ($quiet) return;
2084
2085 //              print "<h3>Edit Feeds</h3>";
2086
2087                 $result = db_query($link, "SELECT id,title,feed_url,last_error
2088                         FROM ttrss_feeds WHERE last_error != '' AND owner_uid = ".$_SESSION["uid"]);
2089
2090                 if (db_num_rows($result) > 0) {
2091
2092                         print "<div class=\"warning\">";
2093
2094 //                      print"<img class=\"closeButton\"
2095 //                              onclick=\"javascript:hideParentElement(this);\" src=\"images/close.png\">";
2096
2097                         print "<a href=\"javascript:showBlockElement('feedUpdateErrors')\">
2098                                 <b>Feeds with update errors</b> (click to expand)</a>";
2099
2100                         print "<ul id=\"feedUpdateErrors\" class=\"nomarks\">";
2101
2102                         while ($line = db_fetch_assoc($result)) {
2103                                 print "<li>" . $line["title"] . " (" . $line["feed_url"] . "): " .
2104                                         $line["last_error"];
2105                         }
2106
2107                         print "</ul>";
2108                         print "</div>";
2109
2110                 }
2111
2112                 $feed_search = db_escape_string($_GET["search"]);
2113
2114                 if (array_key_exists("search", $_GET)) {
2115                         $_SESSION["prefs_feed_search"] = $feed_search;
2116                 } else {
2117                         $feed_search = $_SESSION["prefs_feed_search"];
2118                 }
2119
2120                 print "<table width='100%' class=\"prefGenericAddBox\"
2121                         cellspacing='0' cellpadding='0'><tr>
2122                         <td>
2123                                 <input id=\"fadd_link\"
2124                                 onchange=\"javascript:addFeed()\"
2125                                 size=\"40\">
2126                                 <input type=\"submit\" class=\"button\"
2127                                 onclick=\"javascript:addFeed()\" value=\"Add feed\">";
2128
2129                 if (ENABLE_FEED_BROWSER) {
2130                         print "&nbsp;(<a href='javascript:browseFeeds()'>Top 50</a>)";
2131                 }
2132
2133                 print "</td><td align='right'>
2134                                 <input id=\"feed_search\" size=\"20\"
2135                                 onchange=\"javascript:updateFeedList()\"
2136                                 value=\"$feed_search\">
2137                                 <input type=\"submit\" class=\"button\"
2138                                 onclick=\"javascript:updateFeedList()\" value=\"Search\">
2139                         </td>
2140                         </tr></table>";
2141
2142                 $feeds_sort = db_escape_string($_GET["sort"]);
2143
2144                 if (!$feeds_sort || $feeds_sort == "undefined") {
2145                         $feeds_sort = $_SESSION["pref_sort_feeds"];
2146                         if (!$feeds_sort) $feeds_sort = "title";
2147                 }
2148
2149                 $_SESSION["pref_sort_feeds"] = $feeds_sort;
2150
2151                 if ($feed_search) {
2152                         $search_qpart = "(UPPER(F1.title) LIKE UPPER('%$feed_search%') OR
2153                                 UPPER(F1.feed_url) LIKE UPPER('%$feed_search%')) AND";
2154                 } else {
2155                         $search_qpart = "";
2156                 }
2157
2158                 $result = db_query($link, "SELECT
2159                                 F1.id,
2160                                 F1.title,
2161                                 F1.feed_url,
2162                                 substring(F1.last_updated,1,16) AS last_updated,
2163                                 F1.parent_feed,
2164                                 F1.update_interval,
2165                                 F1.purge_interval,
2166                                 F1.cat_id,
2167                                 F2.title AS parent_title,
2168                                 C1.title AS category
2169                         FROM
2170                                 ttrss_feeds AS F1
2171                                 LEFT JOIN ttrss_feeds AS F2
2172                                         ON (F1.parent_feed = F2.id)
2173                                 LEFT JOIN ttrss_feed_categories AS C1
2174                                         ON (F1.cat_id = C1.id)
2175                         WHERE
2176                                 $search_qpart F1.owner_uid = '".$_SESSION["uid"]."'
2177                         ORDER by category,$feeds_sort,title");
2178
2179                 if (db_num_rows($result) != 0) {
2180
2181                         print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
2182
2183                         print "<p><table width=\"100%\" cellspacing=\"0\"
2184                                 class=\"prefFeedList\" id=\"prefFeedList\">";
2185                         print "<tr><td class=\"selectPrompt\" colspan=\"8\">
2186                                 Select:
2187                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFeedList',
2188                                                 'FEEDR-', 'FRCHK-', true)\">All</a>,
2189                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFeedList',
2190                                                 'FEEDR-', 'FRCHK-', false)\">None</a>
2191                                 </td</tr>";
2192
2193                         if (!get_pref($link, 'ENABLE_FEED_CATS')) {
2194                                 print "<tr class=\"title\">
2195                                         <td width='5%' align='center'>&nbsp;</td>
2196                                         <td width='30%'><a href=\"javascript:updateFeedList('title')\">Title</a></td>
2197                                         <td width='30%'><a href=\"javascript:updateFeedList('feed_url')\">Feed</a></td>
2198                                         <td width='15%'><a href=\"javascript:updateFeedList('update_interval')\">Update Interval</a></td>
2199                                         <td width='15%'><a href=\"javascript:updateFeedList('purge_interval')\">Purge Days</a></td></tr>";
2200                         }
2201
2202                         $lnum = 0;
2203
2204                         $cur_cat_id = -1;
2205
2206                         while ($line = db_fetch_assoc($result)) {
2207
2208                                 $feed_id = $line["id"];
2209                                 $cat_id = $line["cat_id"];
2210
2211                                 $edit_title = htmlspecialchars(db_unescape_string($line["title"]));
2212                                 $edit_link = htmlspecialchars(db_unescape_string($line["feed_url"]));
2213                                 $edit_cat = htmlspecialchars(db_unescape_string($line["category"]));
2214
2215                                 if ($line["update_interval"] == "0") $line["update_interval"] = "Default";
2216                                 if ($line["update_interval"] == "-1") $line["update_interval"] = "Disabled";
2217                                 if ($line["purge_interval"] == "0") $line["purge_interval"] = "Default";
2218                                 if ($line["purge_interval"] < 0)        $line["purge_interval"] = "Disabled";
2219
2220                                 if (!$edit_cat) $edit_cat = "Uncategorized";
2221
2222
2223                                 if (get_pref($link, 'ENABLE_FEED_CATS') && $cur_cat_id != $cat_id) {
2224                                         $lnum = 0;
2225
2226                                         print "<tr><td colspan=\"6\" class=\"feedEditCat\">$edit_cat</td></tr>";
2227
2228                                         print "<tr class=\"title\">
2229                                                 <td width='5%' align='center'>&nbsp;</td>
2230                                                 <td width='30%'><a href=\"javascript:updateFeedList('title')\">Title</a></td>
2231                                                 <td width='30%'><a href=\"javascript:updateFeedList('feed_url')\">Feed</a></td>
2232                                                 <td width='15%'><a href=\"javascript:updateFeedList('update_interval')\">Update Interval</a></td>
2233                                                 <td width='15%'><a href=\"javascript:updateFeedList('purge_interval')\">Purge Days</a></td></tr>";
2234
2235                                         $cur_cat_id = $cat_id;
2236                                 }
2237
2238                                 $class = ($lnum % 2) ? "even" : "odd";
2239                                 $this_row_id = "id=\"FEEDR-$feed_id\"";
2240
2241                                 print "<tr class=\"$class\" $this_row_id>";
2242
2243                                 $icon_file = ICONS_DIR . "/$feed_id.ico";
2244
2245                                 if (file_exists($icon_file) && filesize($icon_file) > 0) {
2246                                                 $feed_icon = "<img class=\"tinyFeedIcon\"       src=\"" . ICONS_URL . "/$feed_id.ico\">";
2247                                 } else {
2248                                         $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
2249                                 }
2250 //                              print "<td class='feedIcon'>$feed_icon</td>";
2251
2252                                 print "<td class='feedSelect'><input onclick='toggleSelectRow(this);'
2253                                 type=\"checkbox\" id=\"FRCHK-".$line["id"]."\"></td>";
2254
2255                                 $edit_title = truncate_string($edit_title, 40);
2256                                 $edit_link = truncate_string($edit_link, 60);
2257
2258                                 $parent_title = $line["parent_title"];
2259                                 if ($parent_title) {
2260                                         $parent_title = "<span class='groupPrompt'>(linked to
2261                                                 $parent_title)</span>";
2262                                 }
2263
2264                                 print "<td><a href=\"javascript:editFeed($feed_id);\">" .
2265                                         "$feed_icon $edit_title $parent_title" . "</a></td>";
2266
2267                                 print "<td><a href=\"javascript:editFeed($feed_id);\">" .
2268                                         $edit_link . "</a></td>";
2269
2270 /*                              if (get_pref($link, 'ENABLE_FEED_CATS')) {
2271                                         print "<td><a href=\"javascript:editFeed($feed_id);\">" .
2272                                                 $edit_cat . "</a></td>";
2273                                 } */
2274
2275                                 print "<td><a href=\"javascript:editFeed($feed_id);\">" .
2276                                         $line["update_interval"] . "</a></td>";
2277
2278                                 print "<td><a href=\"javascript:editFeed($feed_id);\">" .
2279                                         $line["purge_interval"] . "</a></td>";
2280
2281                                 print "</tr>";
2282
2283                                 ++$lnum;
2284                         }
2285
2286                         print "</table>";
2287
2288                         print "<p>";
2289
2290                         if ($subop == "edit") {
2291                                 print "Edit feed:&nbsp;
2292                                         <input type=\"submit\" class=\"button\"
2293                                                 onclick=\"javascript:feedEditCancel()\" value=\"Cancel\">
2294                                         <input type=\"submit\" class=\"button\"
2295                                                 onclick=\"javascript:feedEditSave()\" value=\"Save\">";
2296                         } else {
2297
2298                                 print "
2299                                         Selection:&nbsp;
2300                                 <input type=\"submit\" class=\"button\"
2301                                         onclick=\"javascript:selectedFeedDetails()\" value=\"Details\">
2302                                 <input type=\"submit\" class=\"button\"
2303                                         onclick=\"javascript:editSelectedFeed()\" value=\"Edit\">
2304                                 <input type=\"submit\" class=\"button\"
2305                                         onclick=\"javascript:removeSelectedFeeds()\" value=\"Remove\">";
2306
2307                                 if (get_pref($link, 'ENABLE_FEED_CATS')) {
2308
2309                                         print "&nbsp;&nbsp;";
2310
2311                                         $result = db_query($link, "SELECT title,id FROM ttrss_feed_categories
2312                                                 WHERE owner_uid = ".$_SESSION["uid"]."
2313                                                 ORDER BY title");
2314
2315                                         print "<select id=\"sfeed_set_fcat\">";
2316                                         print "<option id=\"0\">Uncategorized</option>";
2317
2318                                         if (db_num_rows($result) != 0) {
2319
2320                                                 print "<option disabled>--------</option>";
2321
2322                                                 while ($line = db_fetch_assoc($result)) {
2323                                                         printf("<option id='%d'>%s</option>",
2324                                                                 $line["id"], $line["title"]);
2325                                                 }
2326                                         }
2327
2328                                         print "</select>";
2329
2330                                         print " <input type=\"submit\" class=\"button\"
2331                                         onclick=\"javascript:categorizeSelectedFeeds()\" value=\"Set category\">";
2332
2333                                 }
2334
2335                                 if (get_pref($link, 'ENABLE_PREFS_CATCHUP_UNCATCHUP')) {
2336                                         print "
2337                                         <input type=\"submit\" class=\"button\"
2338                                                 onclick=\"javascript:readSelectedFeeds(true)\" value=\"Mark as read\">
2339                                         <input type=\"submit\" class=\"button\"
2340                                                 onclick=\"javascript:readSelectedFeeds(false)\"
2341                                                 value=\"Mark as unread\">&nbsp;";
2342                                 }
2343
2344                                 print "
2345                                         &nbsp;All feeds: <input type=\"submit\"
2346                                                         class=\"button\" onclick=\"gotoExportOpml()\"
2347                                                         value=\"Export OPML\">";
2348                                 }
2349                 } else {
2350
2351                         print "<p>No feeds defined.</p>";
2352
2353                 }
2354
2355                 if (get_pref($link, 'ENABLE_FEED_CATS')) {
2356
2357                         print "<h3>Edit Categories</h3>";
2358
2359         //              print "<h3>Categories</h3>";
2360
2361                         print "<div class=\"prefGenericAddBox\">
2362                                 <input id=\"fadd_cat\"
2363                                         onchange=\"javascript:addFeedCat()\"
2364                                         size=\"40\">&nbsp;
2365                                 <input
2366                                         type=\"submit\" class=\"button\"
2367                                         onclick=\"javascript:addFeedCat()\" value=\"Add category\"></div>";
2368
2369                         $result = db_query($link, "SELECT title,id FROM ttrss_feed_categories
2370                                 WHERE owner_uid = ".$_SESSION["uid"]."
2371                                 ORDER BY title");
2372
2373                         if (db_num_rows($result) != 0) {
2374
2375                                 print "<p><table width=\"100%\" class=\"prefFeedCatList\"
2376                                         cellspacing=\"0\" id=\"prefFeedCatList\">";
2377
2378                                 print "<tr><td class=\"selectPrompt\" colspan=\"8\">
2379                                 Select:
2380                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFeedCatList',
2381                                                 'FCATR-', 'FCCHK-', true)\">All</a>,
2382                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFeedCatList',
2383                                                 'FCATR-', 'FCCHK-', false)\">None</a>
2384                                 </td</tr>";
2385
2386                                 print "<tr class=\"title\">
2387                                                         <td width=\"5%\"></td><td width=\"80%\">Title</td>
2388                                                 </tr>";
2389
2390                                 $lnum = 0;
2391
2392                                 while ($line = db_fetch_assoc($result)) {
2393
2394                                         $class = ($lnum % 2) ? "even" : "odd";
2395
2396                                         $cat_id = $line["id"];
2397
2398                                         $edit_cat_id = $_GET["id"];
2399
2400                                         if ($subop == "editCat" && $cat_id != $edit_cat_id) {
2401                                                 $class .= "Grayed";
2402                                                 $this_row_id = "";
2403                                         } else {
2404                                                 $this_row_id = "id=\"FCATR-$cat_id\"";
2405                                         }
2406
2407                                         print "<tr class=\"$class\" $this_row_id>";
2408
2409                                         $edit_title = htmlspecialchars(db_unescape_string($line["title"]));
2410
2411                                         if (!$edit_cat_id || $subop != "editCat") {
2412
2413                                                 print "<td align='center'><input onclick='toggleSelectRow(this);'
2414                                                 type=\"checkbox\" id=\"FCCHK-".$line["id"]."\"></td>";
2415
2416                                                 print "<td><a href=\"javascript:editFeedCat($cat_id);\">" .
2417                                                         $edit_title . "</a></td>";
2418
2419                                         } else if ($cat_id != $edit_cat_id) {
2420
2421                                                 print "<td><input disabled=\"true\" type=\"checkbox\"
2422                                                         id=\"FRCHK-".$line["id"]."\"></td>";
2423
2424                                                 print "<td>$edit_title</td>";
2425
2426                                         } else {
2427
2428                                                 print "<td><input disabled=\"true\" type=\"checkbox\" checked></td>";
2429
2430                                                 print "<td><input id=\"iedit_title\" value=\"$edit_title\"></td>";
2431
2432                                         }
2433
2434                                         print "</tr>";
2435
2436                                         ++$lnum;
2437                                 }
2438
2439                                 print "</table>";
2440
2441                                 print "<p>";
2442
2443                                 if ($subop == "editCat") {
2444                                         print "Edit category:&nbsp;
2445                                                 <input type=\"submit\" class=\"button\"
2446                                                         onclick=\"javascript:feedCatEditCancel()\" value=\"Cancel\">
2447                                                 <input type=\"submit\" class=\"button\"
2448                                                         onclick=\"javascript:feedCatEditSave()\" value=\"Save\">";
2449                                         } else {
2450
2451                                         print "
2452                                                 Selection:&nbsp;
2453                                         <input type=\"submit\" class=\"button\"
2454                                                 onclick=\"javascript:editSelectedFeedCat()\" value=\"Edit\">
2455                                         <input type=\"submit\" class=\"button\"
2456                                                 onclick=\"javascript:removeSelectedFeedCats()\" value=\"Remove\">";
2457
2458                                 }
2459
2460                         } else {
2461                                 print "<p>No feed categories defined.</p>";
2462                         }
2463                 }
2464
2465                 print "<h3>Import OPML</h3>
2466                 <form   enctype=\"multipart/form-data\" method=\"POST\" action=\"opml.php\">
2467                         File: <input id=\"opml_file\" name=\"opml_file\" type=\"file\">&nbsp;
2468                         <input class=\"button\" name=\"op\" onclick=\"return validateOpmlImport();\"
2469                                 type=\"submit\" value=\"Import\">
2470                         </form>";
2471
2472         }
2473
2474         if ($op == "pref-filters") {
2475
2476                 $subop = $_GET["subop"];
2477                 $quiet = $_GET["quiet"];
2478
2479                 if ($subop == "editSave") {
2480
2481                         $regexp = db_escape_string($_GET["r"]);
2482                         $descr = db_escape_string($_GET["d"]);
2483                         $match = db_escape_string($_GET["m"]);
2484                         $filter_id = db_escape_string($_GET["id"]);
2485                         $feed_id = db_escape_string($_GET["fid"]);
2486                         $action_id = db_escape_string($_GET["aid"]);
2487
2488                         if (!$feed_id) {
2489                                 $feed_id = 'NULL';
2490                         } else {
2491                                 $feed_id = sprintf("'%s'", db_escape_string($feed_id));
2492                         }
2493
2494                         $result = db_query($link, "UPDATE ttrss_filters SET
2495                                 reg_exp = '$regexp',
2496                                 description = '$descr',
2497                                 feed_id = $feed_id,
2498                                 action_id = '$action_id',
2499                                 filter_type = (SELECT id FROM ttrss_filter_types WHERE
2500                                         description = '$match')
2501                                 WHERE id = '$filter_id'");
2502                 }
2503
2504                 if ($subop == "remove") {
2505
2506                         if (!WEB_DEMO_MODE) {
2507
2508                                 $ids = split(",", db_escape_string($_GET["ids"]));
2509
2510                                 foreach ($ids as $id) {
2511                                         db_query($link, "DELETE FROM ttrss_filters WHERE id = '$id'");
2512
2513                                 }
2514                         }
2515                 }
2516
2517                 if ($subop == "add") {
2518
2519                         if (!WEB_DEMO_MODE) {
2520
2521                                 $regexp = db_escape_string(trim($_GET["regexp"]));
2522                                 $match = db_escape_string(trim($_GET["match"]));
2523                                 $feed_id = db_escape_string($_GET["fid"]);
2524                                 $action_id = db_escape_string($_GET["aid"]);
2525
2526                                 if (!$feed_id) {
2527                                         $feed_id = 'NULL';
2528                                 } else {
2529                                         $feed_id = sprintf("'%s'", db_escape_string($feed_id));
2530                                 }
2531
2532                                 $result = db_query($link,
2533                                         "INSERT INTO ttrss_filters (reg_exp,filter_type,owner_uid,feed_id,
2534                                                 action_id)
2535                                         VALUES
2536                                                 ('$regexp', (SELECT id FROM ttrss_filter_types WHERE
2537                                                         description = '$match'),'".$_SESSION["uid"]."',
2538                                                         $feed_id, '$action_id')");
2539                         }
2540                 }
2541
2542                 if ($quiet) return;
2543
2544                 $result = db_query($link, "SELECT description
2545                         FROM ttrss_filter_types ORDER BY description");
2546
2547                 $filter_types = array();
2548
2549                 while ($line = db_fetch_assoc($result)) {
2550                         array_push($filter_types, $line["description"]);
2551                 }
2552
2553                 print "<div class=\"prefGenericAddBox\">
2554                 <input id=\"fadd_regexp\" size=\"40\">&nbsp;";
2555
2556                 print_select("fadd_match", "Title", $filter_types);
2557
2558                 print "&nbsp;<select id=\"fadd_feed\">";
2559
2560                 print "<option selected id=\"0\">All feeds</option>";
2561
2562                 $result = db_query($link, "SELECT id,title FROM ttrss_feeds
2563                         WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY title");
2564
2565                 if (db_num_rows($result) > 0) {
2566                         print "<option disabled>--------</option>";
2567                 }
2568
2569                 while ($line = db_fetch_assoc($result)) {
2570                         printf("<option id='%d'>%s</option>", $line["id"], $line["title"]);
2571                 }
2572
2573                 print "</select>&nbsp;";
2574
2575                 print "&nbsp;Action: ";
2576
2577                 print "<select id=\"fadd_action\">";
2578
2579                 $result = db_query($link, "SELECT id,description FROM ttrss_filter_actions
2580                         ORDER BY name");
2581
2582                 while ($line = db_fetch_assoc($result)) {
2583                         printf("<option id='%d'>%s</option>", $line["id"], $line["description"]);
2584                 }
2585
2586                 print "</select>&nbsp;";
2587
2588                 print "<input type=\"submit\"
2589                         class=\"button\" onclick=\"javascript:addFilter()\"
2590                         value=\"Add filter\">";
2591
2592                 print "</div>";
2593
2594                 $result = db_query($link, "SELECT
2595                                 ttrss_filters.id AS id,reg_exp,
2596                                 ttrss_filters.description AS description,
2597                                 ttrss_filter_types.name AS filter_type_name,
2598                                 ttrss_filter_types.description AS filter_type_descr,
2599                                 feed_id,
2600                                 ttrss_filter_actions.description AS action_description,
2601                                 ttrss_feeds.title AS feed_title
2602                         FROM
2603                                 ttrss_filter_types,ttrss_filter_actions,ttrss_filters LEFT JOIN
2604                                         ttrss_feeds ON (ttrss_filters.feed_id = ttrss_feeds.id)
2605                         WHERE
2606                                 filter_type = ttrss_filter_types.id AND
2607                                 ttrss_filter_actions.id = action_id AND
2608                                 ttrss_filters.owner_uid = ".$_SESSION["uid"]."
2609                         ORDER by reg_exp");
2610
2611                 if (db_num_rows($result) != 0) {
2612
2613                         print "<p><table width=\"100%\" cellspacing=\"0\" class=\"prefFilterList\"
2614                                 id=\"prefFilterList\">";
2615
2616                         print "<tr><td class=\"selectPrompt\" colspan=\"8\">
2617                                 Select:
2618                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFilterList',
2619                                                 'FILRR-', 'FICHK-', true)\">All</a>,
2620                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFilterList',
2621                                                 'FILRR-', 'FICHK-', false)\">None</a>
2622                                 </td</tr>";
2623
2624                         print "<tr class=\"title\">
2625                                                 <td align='center' width=\"5%\">&nbsp;</td>
2626                                                 <td width=\"20%\">Filter expression</td>
2627                                                 <td width=\"20%\">Feed</td>
2628                                                 <td width=\"15%\">Match</td>
2629                                                 <td width=\"15%\">Action</td>
2630                                                 <td width=\"30%\">Description</td></tr>";
2631
2632                         $lnum = 0;
2633
2634                         while ($line = db_fetch_assoc($result)) {
2635
2636                                 $class = ($lnum % 2) ? "even" : "odd";
2637
2638                                 $filter_id = $line["id"];
2639                                 $edit_filter_id = $_GET["id"];
2640
2641                                 if ($subop == "edit" && $filter_id != $edit_filter_id) {
2642                                         $class .= "Grayed";
2643                                         $this_row_id = "";
2644                                 } else {
2645                                         $this_row_id = "id=\"FILRR-$filter_id\"";
2646                                 }
2647
2648                                 print "<tr class=\"$class\" $this_row_id>";
2649
2650                                 $line["regexp"] = htmlspecialchars($line["reg_exp"]);
2651                                 $line["description"] = htmlspecialchars($line["description"]);
2652
2653                                 if (!$line["feed_title"]) $line["feed_title"] = "All feeds";
2654
2655                                 if (!$edit_filter_id || $subop != "edit") {
2656
2657                                         if (!$line["description"]) $line["description"] = "[No description]";
2658
2659                                         print "<td align='center'><input onclick='toggleSelectRow(this);'
2660                                         type=\"checkbox\" id=\"FICHK-".$line["id"]."\"></td>";
2661
2662                                         print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2663                                                 $line["reg_exp"] . "</td>";
2664
2665                                         print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2666                                                 $line["feed_title"] . "</td>";
2667
2668                                         print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2669                                                 $line["filter_type_descr"] . "</td>";
2670
2671                                         print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2672                                                 $line["action_description"] . "</td>";
2673
2674                                         print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2675                                                 $line["description"] . "</td>";
2676
2677                                 } else if ($filter_id != $edit_filter_id) {
2678
2679                                         if (!$line["description"]) $line["description"] = "[No description]";
2680
2681                                         print "<td><input disabled=\"true\" type=\"checkbox\"
2682                                                 id=\"FICHK-".$line["id"]."\"></td>";
2683
2684                                         print "<td>".$line["reg_exp"]."</td>";
2685                                         print "<td>".$line["feed_title"]."</td>";
2686                                         print "<td>".$line["filter_type_descr"]."</td>";
2687                                         print "<td>".$line["action_description"]."</td>";
2688                                         print "<td>".$line["description"]."</td>";
2689
2690                                 } else {
2691
2692                                         print "<td><input disabled=\"true\" type=\"checkbox\" checked></td>";
2693
2694                                         print "<td><input id=\"iedit_regexp\" value=\"".$line["reg_exp"].
2695                                                 "\"></td>";
2696
2697                                         print "<td>";
2698                                         print "<select id=\"iedit_feed\">";
2699                                         print "<option id=\"0\">All feeds</option>";
2700
2701                                         $tmp_result = db_query($link, "SELECT id,title FROM ttrss_feeds
2702                                                 WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY title");
2703
2704                                         if (db_num_rows($tmp_result) > 0) {
2705                                                 print "<option disabled>--------</option>";
2706                                         }
2707
2708                                         while ($tmp_line = db_fetch_assoc($tmp_result)) {
2709                                                 if ($tmp_line["id"] == $line["feed_id"]) {
2710                                                         $is_selected = "selected";
2711                                                 } else {
2712                                                         $is_selected = "";
2713                                                 }
2714                                                 printf("<option $is_selected id='%d'>%s</option>",
2715                                                         $tmp_line["id"], $tmp_line["title"]);
2716                                         }
2717
2718                                         print "</select></td>";
2719
2720                                         print "<td>";
2721                                         print_select("iedit_match", $line["filter_type_descr"], $filter_types);
2722                                         print "</td>";
2723
2724                                         print "<td>";
2725                                         print "<select id=\"iedit_filter_action\">";
2726
2727                                         $tmp_result = db_query($link, "SELECT id,description FROM ttrss_filter_actions
2728                                                 ORDER BY description");
2729
2730                                         while ($tmp_line = db_fetch_assoc($tmp_result)) {
2731                                                 if ($tmp_line["description"] == $line["action_description"]) {
2732                                                         $is_selected = "selected";
2733                                                 } else {
2734                                                         $is_selected = "";
2735                                                 }
2736                                                 printf("<option $is_selected id='%d'>%s</option>",
2737                                                         $tmp_line["id"], $tmp_line["description"]);
2738                                         }
2739
2740                                         print "</select></td>";
2741
2742
2743                                         print "<td><input id=\"iedit_descr\" value=\"".$line["description"].
2744                                                 "\"></td>";
2745
2746                                         print "</td>";
2747                                 }
2748
2749                                 print "</tr>";
2750
2751                                 ++$lnum;
2752                         }
2753
2754                         if ($lnum == 0) {
2755                                 print "<tr><td colspan=\"4\" align=\"center\">No filters defined.</td></tr>";
2756                         }
2757
2758                         print "</table>";
2759
2760                         print "<p>";
2761
2762                         if ($subop == "edit") {
2763                                 print "Edit filter:
2764                                         <input type=\"submit\" class=\"button\"
2765                                                 onclick=\"javascript:filterEditSave()\" value=\"Save\">
2766                                         <input type=\"submit\" class=\"button\"
2767                                                 onclick=\"javascript:filterEditCancel()\" value=\"Cancel\">";
2768
2769                         } else {
2770
2771                                 print "
2772                                         Selection:
2773                                 <input type=\"submit\" class=\"button\"
2774                                         onclick=\"javascript:editSelectedFilter()\" value=\"Edit\">
2775                                 <input type=\"submit\" class=\"button\"
2776                                         onclick=\"javascript:removeSelectedFilters()\" value=\"Remove\">";
2777                         }
2778
2779                 } else {
2780
2781                         print "<p>No filters defined.</p>";
2782
2783                 }
2784         }
2785
2786         // We need to accept raw SQL data in label queries, so not everything is escaped
2787         // here, this is by design. If you don't like the whole idea, disable labels
2788         // altogether with GLOBAL_ENABLE_LABELS = false
2789
2790         if ($op == "pref-labels") {
2791
2792                 if (!GLOBAL_ENABLE_LABELS) {
2793                         return;
2794                 }
2795
2796                 $subop = $_GET["subop"];
2797
2798                 if ($subop == "test") {
2799
2800                         $expr = $_GET["expr"];
2801                         $descr = $_GET["descr"];
2802
2803                         print "<div class='infoBoxContents'>";
2804
2805                         print "<h1>Label &laquo;$descr&raquo;</h1>";
2806
2807 //                      print "<p><b>Expression</b>: $expr</p>";
2808
2809                         $result = db_query($link,
2810                                 "SELECT count(id) AS num_matches
2811                                         FROM ttrss_entries,ttrss_user_entries
2812                                         WHERE ($expr) AND
2813                                                 ttrss_user_entries.ref_id = ttrss_entries.id AND
2814                                                 owner_uid = " . $_SESSION["uid"]);
2815
2816                         $num_matches = db_fetch_result($result, 0, "num_matches");;
2817
2818                         if ($num_matches > 0) {
2819
2820                                 print "<p>Query returned <b>$num_matches</b> matches, first 5 follow:</p>";
2821
2822                                 $result = db_query($link,
2823                                         "SELECT title,
2824                                                 (SELECT title FROM ttrss_feeds WHERE id = feed_id) AS feed_title
2825                                         FROM ttrss_entries,ttrss_user_entries
2826                                                         WHERE ($expr) AND
2827                                                         ttrss_user_entries.ref_id = ttrss_entries.id
2828                                                         AND owner_uid = " . $_SESSION["uid"] . "
2829                                                         ORDER BY date_entered DESC LIMIT 5");
2830
2831                                 print "<ul class=\"nomarks\">";
2832                                 while ($line = db_fetch_assoc($result)) {
2833                                         print "<li>".$line["title"].
2834                                                 " <span class=\"insensitive\">(".$line["feed_title"].")</span></li>";
2835                                 }
2836                                 print "</ul>";
2837
2838                         } else {
2839                                 print "<p>Query didn't return any matches.</p>";
2840                         }
2841
2842                         print "</div>";
2843
2844                         print "<div align='center'>
2845                                 <input type='submit' class='button'
2846                                 onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
2847                         return;
2848                 }
2849
2850                 if ($subop == "editSave") {
2851
2852                         $sql_exp = $_GET["s"];
2853                         $descr = $_GET["d"];
2854                         $label_id = db_escape_string($_GET["id"]);
2855
2856 //                      print "$sql_exp : $descr : $label_id";
2857
2858                         $result = db_query($link, "UPDATE ttrss_labels SET
2859                                 sql_exp = '$sql_exp',
2860                                 description = '$descr'
2861                                 WHERE id = '$label_id'");
2862                 }
2863
2864                 if ($subop == "remove") {
2865
2866                         if (!WEB_DEMO_MODE) {
2867
2868                                 $ids = split(",", db_escape_string($_GET["ids"]));
2869
2870                                 foreach ($ids as $id) {
2871                                         db_query($link, "DELETE FROM ttrss_labels WHERE id = '$id'");
2872
2873                                 }
2874                         }
2875                 }
2876
2877                 if ($subop == "add") {
2878
2879                         if (!WEB_DEMO_MODE) {
2880
2881                                 // no escaping is done here on purpose
2882                                 $exp = trim($_GET["exp"]);
2883
2884                                 $result = db_query($link,
2885                                         "INSERT INTO ttrss_labels (sql_exp,description,owner_uid)
2886                                                 VALUES ('$exp', '$exp', '".$_SESSION["uid"]."')");
2887                         }
2888                 }
2889
2890                 print "<div class=\"prefGenericAddBox\">
2891                         <input size=\"40\" id=\"ladd_expr\">&nbsp;";
2892
2893                 print"<input type=\"submit\" class=\"button\"
2894                         onclick=\"javascript:addLabel()\" value=\"Add label\"></div>";
2895
2896                 $result = db_query($link, "SELECT
2897                                 id,sql_exp,description
2898                         FROM
2899                                 ttrss_labels
2900                         WHERE
2901                                 owner_uid = ".$_SESSION["uid"]."
2902                         ORDER by description");
2903
2904                 print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
2905
2906                 if (db_num_rows($result) != 0) {
2907
2908                         print "<p><table width=\"100%\" cellspacing=\"0\"
2909                                 class=\"prefLabelList\" id=\"prefLabelList\">";
2910
2911                         print "<tr><td class=\"selectPrompt\" colspan=\"8\">
2912                                 Select:
2913                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefLabelList',
2914                                                 'LILRR-', 'LICHK-', true)\">All</a>,
2915                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefLabelList',
2916                                                 'LILRR-', 'LICHK-', false)\">None</a>
2917                                 </td</tr>";
2918
2919                         print "<tr class=\"title\">
2920                                                 <td align='center' width=\"5%\">&nbsp;</td>
2921                                                 <td width=\"40%\">SQL expression
2922                                                 <a class=\"helpLink\" href=\"javascript:displayHelpInfobox(1)\">(?)</a>
2923                                                 </td>
2924                                                 <td width=\"40%\">Caption</td></tr>";
2925
2926                         $lnum = 0;
2927
2928                         while ($line = db_fetch_assoc($result)) {
2929
2930                                 $class = ($lnum % 2) ? "even" : "odd";
2931
2932                                 $label_id = $line["id"];
2933                                 $edit_label_id = $_GET["id"];
2934
2935                                 if ($subop == "edit" && $label_id != $edit_label_id) {
2936                                         $class .= "Grayed";
2937                                         $this_row_id = "";
2938                                 } else {
2939                                         $this_row_id = "id=\"LILRR-$label_id\"";
2940                                 }
2941
2942                                 print "<tr class=\"$class\" $this_row_id>";
2943
2944                                 $line["sql_exp"] = htmlspecialchars($line["sql_exp"]);
2945                                 $line["description"] = htmlspecialchars($line["description"]);
2946
2947                                 if (!$edit_label_id || $subop != "edit") {
2948
2949                                         if (!$line["description"]) $line["description"] = "[No caption]";
2950
2951                                         print "<td align='center'><input onclick='toggleSelectRow(this);'
2952                                         type=\"checkbox\" id=\"LICHK-".$line["id"]."\"></td>";
2953
2954                                         print "<td><a href=\"javascript:editLabel($label_id);\">" .
2955                                                 $line["sql_exp"] . "</td>";
2956
2957                                         print "<td><a href=\"javascript:editLabel($label_id);\">" .
2958                                                 $line["description"] . "</td>";
2959
2960                                 } else if ($label_id != $edit_label_id) {
2961
2962                                         if (!$line["description"]) $line["description"] = "[No description]";
2963
2964                                         print "<td><input disabled=\"true\" type=\"checkbox\"
2965                                                 id=\"LICHK-".$line["id"]."\"></td>";
2966
2967                                         print "<td>".$line["sql_exp"]."</td>";
2968                                         print "<td>".$line["description"]."</td>";
2969
2970                                 } else {
2971
2972                                         print "<td><input disabled=\"true\" type=\"checkbox\" checked></td>";
2973
2974                                         print "<td><input id=\"iedit_expr\" value=\"".$line["sql_exp"].
2975                                                 "\"></td>";
2976
2977                                         print "<td><input id=\"iedit_descr\" value=\"".$line["description"].
2978                                                 "\"></td>";
2979
2980                                 }
2981
2982
2983                                 print "</tr>";
2984
2985                                 ++$lnum;
2986                         }
2987
2988                         if ($lnum == 0) {
2989                                 print "<tr><td colspan=\"4\" align=\"center\">No labels defined.</td></tr>";
2990                         }
2991
2992                         print "</table>";
2993
2994                         print "<p>";
2995
2996                         if ($subop == "edit") {
2997                                 print "Edit label:
2998                                         <input type=\"submit\" class=\"button\"
2999                                                 onclick=\"javascript:labelTest()\" value=\"Test\">
3000                                         <input type=\"submit\" class=\"button\"
3001                                                 onclick=\"javascript:labelEditSave()\" value=\"Save\">
3002                                         <input type=\"submit\" class=\"button\"
3003                                                 onclick=\"javascript:labelEditCancel()\" value=\"Cancel\">";
3004
3005                         } else {
3006
3007                                 print "
3008                                         Selection:
3009                                 <input type=\"submit\" class=\"button\"
3010                                         onclick=\"javascript:editSelectedLabel()\" value=\"Edit\">
3011                                 <input type=\"submit\" class=\"button\"
3012                                         onclick=\"javascript:removeSelectedLabels()\" value=\"Remove\">";
3013                         }
3014                 } else {
3015                         print "<p>No labels defined.</p>";
3016                 }
3017         }
3018
3019         if ($op == "error") {
3020                 print "<div width=\"100%\" align='center'>";
3021                 $msg = $_GET["msg"];
3022                 print $msg;
3023                 print "</div>";
3024         }
3025
3026         if ($op == "help") {
3027                 if (!$_GET["noheaders"]) {
3028                         print "<html><head>
3029                                 <title>Tiny Tiny RSS : Help</title>
3030                                 <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">
3031                                 <script type=\"text/javascript\" src=\"functions.js\"></script>
3032                                 <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
3033                                 </head><body>";
3034                 }
3035
3036                 $tid = sprintf("%d", $_GET["tid"]);
3037
3038                 print "<div class='infoBoxContents'>";
3039
3040                 if (file_exists("help/$tid.php")) {
3041                         include("help/$tid.php");
3042                 } else {
3043                         print "<p>Help topic not found.</p>";
3044                 }
3045
3046                 print "</div>";
3047
3048                 print "<div align='center'>
3049                         <input type='submit' class='button'
3050                         onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
3051
3052                 if (!$_GET["noheaders"]) {
3053                         print "</body></html>";
3054                 }
3055
3056         }
3057
3058         if ($op == "dlg") {
3059                 $id = $_GET["id"];
3060                 $param = $_GET["param"];
3061
3062                 if ($id == "quickAddFeed") {
3063                         print "
3064                         Feed URL: <input
3065                         onblur=\"javascript:enableHotkeys()\" onfocus=\"javascript:disableHotkeys()\"
3066                         id=\"qafInput\">";
3067
3068                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
3069                                 $result = db_query($link, "SELECT title,id FROM ttrss_feed_categories
3070                                         WHERE owner_uid = ".$_SESSION["uid"]."
3071                                         ORDER BY title");
3072
3073                                 print " <select id=\"qafCat\">";
3074                                 print "<option id=\"0\">Uncategorized</option>";
3075
3076                                 if (db_num_rows($result) != 0) {
3077
3078                                         print "<option disabled>--------</option>";
3079
3080                                         while ($line = db_fetch_assoc($result)) {
3081                                                 printf("<option id='%d'>%s</option>",
3082                                                         $line["id"], $line["title"]);
3083                                         }
3084                                 }
3085
3086                                 print "</select>";
3087                         }
3088
3089                         print "&nbsp;<input class=\"button\"
3090                                 type=\"submit\" onclick=\"javascript:qafAdd()\" value=\"Add feed\">
3091                         <input class=\"button\"
3092                                 type=\"submit\" onclick=\"javascript:closeDlg()\"
3093                                 value=\"Cancel\">";
3094                 }
3095
3096                 if ($id == "quickDelFeed") {
3097
3098                         $param = db_escape_string($param);
3099
3100                         $result = db_query($link, "SELECT title FROM ttrss_feeds WHERE id = '$param'");
3101
3102                         if ($result) {
3103
3104                                 $f_title = db_fetch_result($result, 0, "title");
3105
3106                                 print "Remove current feed (<b>$f_title</b>)?&nbsp;
3107                                 <input class=\"button\"
3108                                         type=\"submit\" onclick=\"javascript:qfdDelete($param)\" value=\"Remove\">
3109                                 <input class=\"button\"
3110                                         type=\"submit\" onclick=\"javascript:closeDlg()\"
3111                                         value=\"Cancel\">";
3112                         } else {
3113                                 print "Error: Feed $param not found.&nbsp;
3114                                 <input class=\"button\"
3115                                         type=\"submit\" onclick=\"javascript:closeDlg()\"
3116                                         value=\"Cancel\">";
3117                         }
3118                 }
3119
3120                 if ($id == "search") {
3121
3122                         $active_feed_id = db_escape_string($_GET["param"]);
3123
3124                         print "<input id=\"searchbox\" class=\"extSearch\"
3125                         onblur=\"javascript:enableHotkeys()\" onfocus=\"javascript:disableHotkeys()\"
3126                         onchange=\"javascript:search()\">
3127                         <select id=\"searchmodebox\">
3128                                 <option selected>All feeds</option>";
3129
3130                         if ($active_feed_id) {
3131                                 print "<option>This feed</option>";
3132                         } else {
3133                                 print "<option disabled>This feed</option>";
3134                         }
3135
3136                         print "</select>
3137                         <input type=\"submit\"
3138                                 class=\"button\" onclick=\"javascript:search()\" value=\"Search\">
3139                         <input class=\"button\"
3140                                 type=\"submit\" onclick=\"javascript:closeDlg()\"
3141                                 value=\"Close\">";
3142
3143                 }
3144
3145                 if ($id == "quickAddFilter") {
3146
3147                         $result = db_query($link, "SELECT description
3148                                 FROM ttrss_filter_types ORDER BY description");
3149
3150                         $filter_types = array();
3151
3152                         while ($line = db_fetch_assoc($result)) {
3153                                 array_push($filter_types, $line["description"]);
3154                         }
3155
3156                         print "<table>";
3157
3158                         print "<tr><td>Match:</td><td><input id=\"fadd_regexp\" size=\"40\">&nbsp;";
3159
3160                         print_select("fadd_match", "Title", $filter_types);
3161
3162                         print "</td></tr>";
3163                         print "<tr><td>Feed:</td><td><select id=\"fadd_feed\">";
3164
3165                         print "<option selected id=\"0\">All feeds</option>";
3166
3167                         $result = db_query($link, "SELECT id,title FROM ttrss_feeds
3168                                 WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY title");
3169
3170                         if (db_num_rows($result) > 0) {
3171                                 print "<option disabled>--------</option>";
3172                         }
3173
3174                         while ($line = db_fetch_assoc($result)) {
3175                                 if ($param == $line["id"]) {
3176                                         $selected = "selected";
3177                                 } else {
3178                                         $selected = "";
3179                                 }
3180                                 printf("<option id='%d' %s>%s</option>", $line["id"], $selected, $line["title"]);
3181                         }
3182
3183                         print "</select></td></tr>";
3184
3185                         print "<tr><td>Action:</td>";
3186
3187                         print "<td><select id=\"fadd_action\">";
3188
3189                         $result = db_query($link, "SELECT id,description FROM ttrss_filter_actions
3190                                 ORDER BY name");
3191
3192                         while ($line = db_fetch_assoc($result)) {
3193                                 printf("<option id='%d'>%s</option>", $line["id"], $line["description"]);
3194                         }
3195
3196                         print "</select>";
3197
3198                         print "</td></tr><tr><td colspan=\"2\" align=\"right\">";
3199
3200                         print "<input type=\"submit\"
3201                                 class=\"button\" onclick=\"javascript:qaddFilter()\"
3202                                 value=\"Add filter\"> ";
3203
3204                         print "<input class=\"button\"
3205                                 type=\"submit\" onclick=\"javascript:closeDlg()\"
3206                                 value=\"Close\">";
3207
3208                         print "</td></tr></table>";
3209                 }
3210         }
3211
3212         // update feeds of all users, may be used anonymously
3213         if ($op == "globalUpdateFeeds") {
3214
3215                 $result = db_query($link, "SELECT id FROM ttrss_users");
3216
3217                 while ($line = db_fetch_assoc($result)) {
3218                         $user_id = $line["id"];
3219 //                      print "<!-- updating feeds of uid $user_id -->";
3220                         update_all_feeds($link, false, $user_id);
3221                 }
3222
3223                 print "<rpc-reply>
3224                         <message msg=\"All feeds updated\"/>
3225                 </rpc-reply>";
3226
3227         }
3228
3229         if ($op == "pref-prefs") {
3230
3231                 $subop = $_REQUEST["subop"];
3232
3233                 if ($subop == "Save configuration") {
3234
3235                         if (WEB_DEMO_MODE) {
3236                                 header("Location: prefs.php");
3237                                 return;
3238                         }
3239
3240                         $_SESSION["prefs_op_result"] = "save-config";
3241
3242                         $_SESSION["prefs_cache"] = false;
3243
3244                         foreach (array_keys($_POST) as $pref_name) {
3245
3246                                 $pref_name = db_escape_string($pref_name);
3247                                 $value = db_escape_string($_POST[$pref_name]);
3248
3249                                 $result = db_query($link, "SELECT type_name
3250                                         FROM ttrss_prefs,ttrss_prefs_types
3251                                         WHERE pref_name = '$pref_name' AND type_id = ttrss_prefs_types.id");
3252
3253                                 if (db_num_rows($result) > 0) {
3254
3255                                         $type_name = db_fetch_result($result, 0, "type_name");
3256
3257 //                                      print "$pref_name : $type_name : $value<br>";
3258
3259                                         if ($type_name == "bool") {
3260                                                 if ($value == "1") {
3261                                                         $value = "true";
3262                                                 } else {
3263                                                         $value = "false";
3264                                                 }
3265                                         } else if ($type_name == "integer") {
3266                                                 $value = sprintf("%d", $value);
3267                                         }
3268
3269 //                                      print "$pref_name : $type_name : $value<br>";
3270
3271                                         db_query($link, "UPDATE ttrss_user_prefs SET value = '$value'
3272                                                 WHERE pref_name = '$pref_name' AND owner_uid = ".$_SESSION["uid"]);
3273
3274                                 }
3275
3276                                 header("Location: prefs.php");
3277
3278                         }
3279
3280                 } else if ($subop == "getHelp") {
3281
3282                         $pref_name = db_escape_string($_GET["pn"]);
3283
3284                         $result = db_query($link, "SELECT help_text FROM ttrss_prefs
3285                                 WHERE pref_name = '$pref_name'");
3286
3287                         if (db_num_rows($result) > 0) {
3288                                 $help_text = db_fetch_result($result, 0, "help_text");
3289                                 print $help_text;
3290                         } else {
3291                                 print "Unknown option: $pref_name";
3292                         }
3293
3294                 } else if ($subop == "Change e-mail") {
3295
3296                         if (WEB_DEMO_MODE) {
3297                                 header("Location: prefs.php");
3298                                 return;
3299                         }
3300
3301                         $email = db_escape_string($_GET["email"]);
3302                         $active_uid = $_SESSION["uid"];
3303
3304                         if ($email) {
3305                                 db_query($link, "UPDATE ttrss_users SET email = '$email'
3306                                                 WHERE id = '$active_uid'");
3307                         }
3308
3309                         header("Location: prefs.php");
3310
3311                 } else if ($subop == "Change password") {
3312
3313                         if (WEB_DEMO_MODE) {
3314                                 header("Location: prefs.php");
3315                                 return;
3316                         }
3317
3318                         $old_pw = $_POST["OLD_PASSWORD"];
3319                         $new_pw = $_POST["OLD_PASSWORD"];
3320
3321                         $old_pw_hash = 'SHA1:' . sha1($_POST["OLD_PASSWORD"]);
3322                         $new_pw_hash = 'SHA1:' . sha1($_POST["NEW_PASSWORD"]);
3323
3324                         $active_uid = $_SESSION["uid"];
3325
3326                         if ($old_pw && $new_pw) {
3327
3328                                 $login = db_escape_string($_SERVER['PHP_AUTH_USER']);
3329
3330                                 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
3331                                         id = '$active_uid' AND (pwd_hash = '$old_pw' OR
3332                                                 pwd_hash = '$old_pw_hash')");
3333
3334                                 if (db_num_rows($result) == 1) {
3335                                         db_query($link, "UPDATE ttrss_users SET pwd_hash = '$new_pw_hash'
3336                                                 WHERE id = '$active_uid'");
3337
3338                                         $_SESSION["pwd_change_result"] = "ok";
3339                                 } else {
3340                                         $_SESSION["pwd_change_result"] = "failed";
3341                                 }
3342                         }
3343
3344                         header("Location: prefs.php");
3345
3346                 } else if ($subop == "Reset to defaults") {
3347
3348                         if (WEB_DEMO_MODE) {
3349                                 header("Location: prefs.php");
3350                                 return;
3351                         }
3352
3353                         $_SESSION["prefs_op_result"] = "reset-to-defaults";
3354
3355                         if (DB_TYPE == "pgsql") {
3356                                 db_query($link,"UPDATE ttrss_user_prefs
3357                                         SET value = ttrss_prefs.def_value
3358                                         WHERE owner_uid = '".$_SESSION["uid"]."' AND
3359                                         ttrss_prefs.pref_name = ttrss_user_prefs.pref_name");
3360                         } else {
3361                                 db_query($link, "DELETE FROM ttrss_user_prefs
3362                                         WHERE owner_uid = ".$_SESSION["uid"]);
3363                                 initialize_user_prefs($link, $_SESSION["uid"]);
3364                         }
3365
3366                         header("Location: prefs.php");
3367
3368                 } else if ($subop == "Change theme") {
3369
3370                         $theme = db_escape_string($_POST["theme"]);
3371
3372                         if ($theme == "Default") {
3373                                 $theme_qpart = 'NULL';
3374                         } else {
3375                                 $theme_qpart = "'$theme'";
3376                         }
3377
3378                         $result = db_query($link, "SELECT id,theme_path FROM ttrss_themes
3379                                 WHERE theme_name = '$theme'");
3380
3381                         if (db_num_rows($result) == 1) {
3382                                 $theme_id = db_fetch_result($result, 0, "id");
3383                                 $theme_path = db_fetch_result($result, 0, "theme_path");
3384                         } else {
3385                                 $theme_id = "NULL";
3386                                 $theme_path = "";
3387                         }
3388
3389                         db_query($link, "UPDATE ttrss_users SET
3390                                 theme_id = $theme_id WHERE id = " . $_SESSION["uid"]);
3391
3392                         $_SESSION["theme"] = $theme_path;
3393
3394                         header("Location: prefs.php");
3395
3396                 } else {
3397
3398                         if (!SINGLE_USER_MODE) {
3399
3400                                 $result = db_query($link, "SELECT id,email FROM ttrss_users
3401                                         WHERE id = ".$_SESSION["uid"]." AND (pwd_hash = 'password' OR
3402                                                 pwd_hash = 'SHA1:".sha1("password")."')");
3403
3404                                 if (db_num_rows($result) != 0) {
3405                                         print "<div class=\"warning\">
3406                                                 Your password is at default value, please change it.
3407                                         </div>";
3408                                 }
3409
3410                                 if ($_SESSION["pwd_change_result"] == "failed") {
3411                                         print "<div class=\"warning\">
3412                                                         There was an error while changing your password.
3413                                                 </div>";
3414                                 }
3415
3416                                 if ($_SESSION["pwd_change_result"] == "ok") {
3417                                         print "<div class=\"notice\">
3418                                                         Password changed successfully.
3419                                                 </div>";
3420                                 }
3421
3422                                 $_SESSION["pwd_change_result"] = "";
3423
3424                                 if ($_SESSION["prefs_op_result"] == "reset-to-defaults") {
3425                                         print "<div class=\"notice\">
3426                                                         Your configuration was reset to defaults.
3427                                                 </div>";
3428                                 }
3429
3430                                 if ($_SESSION["prefs_op_result"] == "save-config") {
3431                                         print "<div class=\"notice\">
3432                                                         Your configuration was saved successfully.
3433                                                 </div>";
3434                                 }
3435
3436                                 $_SESSION["prefs_op_result"] = "";
3437
3438                                 print "<form action=\"backend.php\" method=\"GET\">";
3439
3440                                 print "<table width=\"100%\" class=\"prefPrefsList\">";
3441                                 print "<tr><td colspan='3'><h3>Personal data</h3></tr></td>";
3442
3443                                 $result = db_query($link, "SELECT email FROM ttrss_users
3444                                         WHERE id = ".$_SESSION["uid"]);
3445
3446                                 $email = db_fetch_result($result, 0, "email");
3447
3448                                 print "<tr><td width=\"40%\">E-mail</td>";
3449                                 print "<td><input class=\"editbox\" name=\"email\"
3450                                         value=\"$email\"></td></tr>";
3451
3452                                 print "</table>";
3453
3454                                 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
3455
3456                                 print "<p><input class=\"button\" type=\"submit\"
3457                                         value=\"Change e-mail\" name=\"subop\">";
3458
3459                                 print "</form>";
3460
3461                                 print "<form action=\"backend.php\" method=\"POST\">";
3462
3463                                 print "<table width=\"100%\" class=\"prefPrefsList\">";
3464                                 print "<tr><td colspan='3'><h3>Authentication</h3></tr></td>";
3465
3466                                 print "<tr><td width=\"40%\">Old password</td>";
3467                                 print "<td><input class=\"editbox\" type=\"password\"
3468                                         name=\"OLD_PASSWORD\"></td></tr>";
3469
3470                                 print "<tr><td width=\"40%\">New password</td>";
3471
3472                                 print "<td><input class=\"editbox\" type=\"password\"
3473                                         name=\"NEW_PASSWORD\"></td></tr>";
3474
3475                                 print "</table>";
3476
3477                                 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
3478
3479                                 print "<p><input class=\"button\" type=\"submit\"
3480                                         value=\"Change password\" name=\"subop\">";
3481
3482                                 print "</form>";
3483
3484                         }
3485
3486                         $result = db_query($link, "SELECT
3487                                 theme_id FROM ttrss_users WHERE id = " . $_SESSION["uid"]);
3488
3489                         $user_theme_id = db_fetch_result($result, 0, "theme_id");
3490
3491                         $result = db_query($link, "SELECT
3492                                 id,theme_name FROM ttrss_themes ORDER BY theme_name");
3493
3494                         if (db_num_rows($result) > 0) {
3495
3496                                 print "<form action=\"backend.php\" method=\"POST\">";
3497                                 print "<table width=\"100%\" class=\"prefPrefsList\">";
3498                                 print "<tr><td colspan='3'><h3>Themes</h3></tr></td>";
3499                                 print "<tr><td width=\"40%\">Select theme</td>";
3500                                 print "<td><select name=\"theme\">";
3501                                 print "<option>Default</option>";
3502                                 print "<option disabled>--------</option>";
3503
3504                                 while ($line = db_fetch_assoc($result)) {
3505                                         if ($line["id"] == $user_theme_id) {
3506                                                 $selected = "selected";
3507                                         } else {
3508                                                 $selected = "";
3509                                         }
3510                                         print "<option $selected>" . $line["theme_name"] . "</option>";
3511                                 }
3512                                 print "</select></td></tr>";
3513                                 print "</table>";
3514                                 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
3515                                 print "<p><input class=\"button\" type=\"submit\"
3516                                         value=\"Change theme\" name=\"subop\">";
3517                                 print "</form>";
3518                         }
3519
3520                         $result = db_query($link, "SELECT
3521                                 ttrss_user_prefs.pref_name,short_desc,help_text,value,type_name,
3522                                 section_name,def_value
3523                                 FROM ttrss_prefs,ttrss_prefs_types,ttrss_prefs_sections,ttrss_user_prefs
3524                                 WHERE type_id = ttrss_prefs_types.id AND
3525                                         section_id = ttrss_prefs_sections.id AND
3526                                         ttrss_user_prefs.pref_name = ttrss_prefs.pref_name AND
3527                                         owner_uid = ".$_SESSION["uid"]."
3528                                 ORDER BY section_id,short_desc");
3529
3530                         print "<form action=\"backend.php\" method=\"POST\">";
3531
3532                         $lnum = 0;
3533
3534                         $active_section = "";
3535
3536                         while ($line = db_fetch_assoc($result)) {
3537
3538                                 if ($active_section != $line["section_name"]) {
3539
3540                                         if ($active_section != "") {
3541                                                 print "</table>";
3542                                         }
3543
3544                                         print "<p><table width=\"100%\" class=\"prefPrefsList\">";
3545
3546                                         $active_section = $line["section_name"];
3547
3548                                         print "<tr><td colspan=\"3\"><h3>$active_section</h3></td></tr>";
3549 //                                      print "<tr class=\"title\">
3550 //                                              <td width=\"25%\">Option</td><td>Value</td></tr>";
3551
3552                                         $lnum = 0;
3553                                 }
3554
3555 //                              $class = ($lnum % 2) ? "even" : "odd";
3556
3557                                 print "<tr>";
3558
3559                                 $type_name = $line["type_name"];
3560                                 $pref_name = $line["pref_name"];
3561                                 $value = $line["value"];
3562                                 $def_value = $line["def_value"];
3563                                 $help_text = $line["help_text"];
3564
3565                                 print "<td width=\"40%\" id=\"$pref_name\">" . $line["short_desc"];
3566
3567                                 if ($help_text) print "<div class=\"prefHelp\">$help_text</div>";
3568
3569                                 print "</td>";
3570
3571                                 print "<td>";
3572
3573                                 if ($type_name == "bool") {
3574 //                                      print_select($pref_name, $value, array("true", "false"));
3575
3576                                         if ($value == "true") {
3577                                                 $value = "Yes";
3578                                         } else {
3579                                                 $value = "No";
3580                                         }
3581
3582                                         print_radio($pref_name, $value, array("Yes", "No"));
3583
3584                                 } else {
3585                                         print "<input class=\"editbox\" name=\"$pref_name\" value=\"$value\">";
3586                                 }
3587
3588                                 print "</td>";
3589
3590                                 print "</tr>";
3591
3592                                 $lnum++;
3593                         }
3594
3595                         print "</table>";
3596
3597                         print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
3598
3599                         print "<p><input class=\"button\" type=\"submit\"
3600                                 name=\"subop\" value=\"Save configuration\">";
3601
3602                         print "&nbsp;<input class=\"button\" type=\"submit\"
3603                                 name=\"subop\" onclick=\"return validatePrefsReset()\"
3604                                 value=\"Reset to defaults\"></p>";
3605
3606                         print "</form>";
3607
3608                 }
3609
3610         }
3611
3612         if ($op == "pref-users") {
3613
3614                 $subop = $_GET["subop"];
3615
3616                 if ($subop == "editSave") {
3617
3618                         if (!WEB_DEMO_MODE) {
3619
3620                                 $login = db_escape_string($_GET["l"]);
3621                                 $uid = db_escape_string($_GET["id"]);
3622                                 $access_level = sprintf("%d", $_GET["al"]);
3623                                 $email = db_escape_string($_GET["e"]);
3624
3625                                 db_query($link, "UPDATE ttrss_users SET login = '$login',
3626                                         access_level = '$access_level', email = '$email' WHERE id = '$uid'");
3627
3628                         }
3629                 } else if ($subop == "remove") {
3630
3631                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3632
3633                                 $ids = split(",", db_escape_string($_GET["ids"]));
3634
3635                                 foreach ($ids as $id) {
3636                                         db_query($link, "DELETE FROM ttrss_users WHERE id = '$id' AND id != " . $_SESSION["uid"]);
3637
3638                                 }
3639                         }
3640                 } else if ($subop == "add") {
3641
3642                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3643
3644                                 $login = db_escape_string(trim($_GET["login"]));
3645                                 $tmp_user_pwd = make_password(8);
3646                                 $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd);
3647
3648                                 db_query($link, "INSERT INTO ttrss_users
3649                                         (login,pwd_hash,access_level,last_login)
3650                                         VALUES ('$login', '$pwd_hash', 0, NOW())");
3651
3652
3653                                 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
3654                                         login = '$login' AND pwd_hash = '$pwd_hash'");
3655
3656                                 if (db_num_rows($result) == 1) {
3657
3658                                         $new_uid = db_fetch_result($result, 0, "id");
3659
3660                                         print "<div class=\"notice\">Added user <b>".$_GET["login"].
3661                                                 "</b> with password <b>$tmp_user_pwd</b>.</div>";
3662
3663                                         initialize_user($link, $new_uid);
3664
3665                                 } else {
3666
3667                                         print "<div class=\"warning\">Error while adding user <b>".
3668                                         $_GET["login"].".</b></div>";
3669
3670                                 }
3671                         }
3672                 } else if ($subop == "resetPass") {
3673
3674                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3675
3676                                 $uid = db_escape_string($_GET["id"]);
3677
3678                                 $result = db_query($link, "SELECT login,email
3679                                         FROM ttrss_users WHERE id = '$uid'");
3680
3681                                 $login = db_fetch_result($result, 0, "login");
3682                                 $email = db_fetch_result($result, 0, "email");
3683                                 $tmp_user_pwd = make_password(8);
3684                                 $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd);
3685
3686                                 db_query($link, "UPDATE ttrss_users SET pwd_hash = '$pwd_hash'
3687                                         WHERE id = '$uid'");
3688
3689                                 print "<div class=\"notice\">Changed password of
3690                                         user <b>$login</b> to <b>$tmp_user_pwd</b>.";
3691
3692                                 if (MAIL_RESET_PASS && $email) {
3693                                         print " Notifying <b>$email</b>.";
3694
3695                                         mail("$login <$email>", "Password reset notification",
3696                                                 "Hi, $login.\n".
3697                                                 "\n".
3698                                                 "Your password for this TT-RSS installation was reset by".
3699                                                         " an administrator.\n".
3700                                                 "\n".
3701                                                 "Your new password is $tmp_user_pwd, please remember".
3702                                                         " it for later reference.\n".
3703                                                 "\n".
3704                                                 "Sincerely, TT-RSS Mail Daemon.", "From: " . MAIL_FROM);
3705                                 }
3706
3707                                 print "</div>";
3708
3709                         }
3710                 }
3711
3712                 print "<div class=\"prefGenericAddBox\">
3713                         <input id=\"uadd_box\" onchange=\"javascript:addUser()\" size=\"40\">&nbsp;";
3714
3715                 print"<input type=\"submit\" class=\"button\"
3716                         onclick=\"javascript:addUser()\" value=\"Add user\"></div>";
3717
3718                 $result = db_query($link, "SELECT
3719                                 id,login,access_level,email,
3720                                 SUBSTRING(last_login,1,16) as last_login
3721                         FROM
3722                                 ttrss_users
3723                         ORDER by login");
3724
3725                 print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
3726
3727                 print "<p><table width=\"100%\" cellspacing=\"0\"
3728                         class=\"prefUserList\" id=\"prefUserList\">";
3729
3730                 print "<tr><td class=\"selectPrompt\" colspan=\"8\">
3731                                 Select:
3732                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefUserList',
3733                                                 'UMRR-', 'UMCHK-', true)\">All</a>,
3734                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefUserList',
3735                                                 'UMRR-', 'UMCHK-', false)\">None</a>
3736                                 </td</tr>";
3737
3738                 print "<tr class=\"title\">
3739                                         <td align='center' width=\"5%\">&nbsp;</td>
3740                                         <td width='20%'>Username</td>
3741                                         <td width='20%'>E-mail</td>
3742                                         <td width='20%'>Access Level</td>
3743                                         <td width='20%'>Last login</td></tr>";
3744
3745                 $lnum = 0;
3746
3747                 while ($line = db_fetch_assoc($result)) {
3748
3749                         $class = ($lnum % 2) ? "even" : "odd";
3750
3751                         $uid = $line["id"];
3752                         $edit_uid = $_GET["id"];
3753
3754                         if ($subop == "edit" && $uid != $edit_uid) {
3755                                 $class .= "Grayed";
3756                                 $this_row_id = "";
3757                         } else {
3758                                 $this_row_id = "id=\"UMRR-$uid\"";
3759                         }
3760
3761                         print "<tr class=\"$class\" $this_row_id>";
3762
3763                         $line["login"] = htmlspecialchars($line["login"]);
3764
3765                         $line["last_login"] = date(get_pref($link, 'SHORT_DATE_FORMAT'),
3766                                 strtotime($line["last_login"]));
3767
3768 /*                      if ($uid == $_SESSION["uid"]) {
3769
3770                                 print "<td align='center'><input disabled=\"true\" type=\"checkbox\"
3771                                         id=\"UMCHK-".$line["id"]."\"></td>";
3772
3773                                 print "<td>".$line["login"]."</td>";
3774                                 print "<td>".$line["email"]."</td>";
3775                                 print "<td>".$line["access_level"]."</td>";
3776
3777                         } else */ if (!$edit_uid || $subop != "edit") {
3778
3779                                 print "<td align='center'><input onclick='toggleSelectRow(this);'
3780                                 type=\"checkbox\" id=\"UMCHK-$uid\"></td>";
3781
3782                                 print "<td><a href=\"javascript:editUser($uid);\">" .
3783                                         $line["login"] . "</td>";
3784
3785                                 print "<td><a href=\"javascript:editUser($uid);\">" .
3786                                         $line["email"] . "</td>";
3787
3788                                 print "<td><a href=\"javascript:editUser($uid);\">" .
3789                                         $line["access_level"] . "</td>";
3790
3791                         } else if ($uid != $edit_uid) {
3792
3793                                 print "<td align='center'><input disabled=\"true\" type=\"checkbox\"
3794                                         id=\"UMCHK-".$line["id"]."\"></td>";
3795
3796                                 print "<td>".$line["login"]."</td>";
3797                                 print "<td>".$line["email"]."</td>";
3798                                 print "<td>".$line["access_level"]."</td>";
3799
3800                         } else {
3801
3802                                 print "<td align='center'>
3803                                         <input disabled=\"true\" type=\"checkbox\" checked></td>";
3804
3805                                 print "<td><input id=\"iedit_ulogin\" value=\"".$line["login"].
3806                                         "\"></td>";
3807
3808                                 print "<td><input id=\"iedit_email\" value=\"".$line["email"].
3809                                         "\"></td>";
3810
3811                                 print "<td><input id=\"iedit_ulevel\" value=\"".$line["access_level"].
3812                                         "\"></td>";
3813
3814                         }
3815
3816                         print "<td>".$line["last_login"]."</td>";
3817
3818                         print "</tr>";
3819
3820                         ++$lnum;
3821                 }
3822
3823                 print "</table>";
3824
3825                 print "<p>";
3826
3827                 if ($subop == "edit") {
3828                         print "Edit user:
3829                                 <input type=\"submit\" class=\"button\"
3830                                         onclick=\"javascript:userEditSave()\" value=\"Save\">
3831                                 <input type=\"submit\" class=\"button\"
3832                                         onclick=\"javascript:userEditCancel()\" value=\"Cancel\">";
3833
3834                 } else {
3835
3836                         print "
3837                                 Selection:
3838                         <input type=\"submit\" class=\"button\"
3839                                 onclick=\"javascript:selectedUserDetails()\" value=\"User details\">
3840                         <input type=\"submit\" class=\"button\"
3841                                 onclick=\"javascript:editSelectedUser()\" value=\"Edit\">
3842                         <input type=\"submit\" class=\"button\"
3843                                 onclick=\"javascript:removeSelectedUsers()\" value=\"Remove\">
3844                         <input type=\"submit\" class=\"button\"
3845                                 onclick=\"javascript:resetSelectedUserPass()\" value=\"Reset password\">";
3846
3847                 }
3848         }
3849
3850         if ($op == "user-details") {
3851
3852                 if (WEB_DEMO_MODE || $_SESSION["access_level"] < 10) {
3853                         return;
3854                 }
3855
3856 /*              print "<html><head>
3857                         <title>Tiny Tiny RSS : User Details</title>
3858                         <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">
3859                         <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
3860                         </head><body>"; */
3861
3862                 $uid = sprintf("%d", $_GET["id"]);
3863
3864                 print "<div class='infoBoxContents'>";
3865
3866                 $result = db_query($link, "SELECT login,
3867                         SUBSTRING(last_login,1,16) AS last_login,
3868                         access_level,
3869                         (SELECT COUNT(int_id) FROM ttrss_user_entries
3870                                 WHERE owner_uid = id) AS stored_articles
3871                         FROM ttrss_users
3872                         WHERE id = '$uid'");
3873
3874                 if (db_num_rows($result) == 0) {
3875                         print "<h1>User not found</h1>";
3876                         return;
3877                 }
3878
3879                 print "<h1>User Details</h1>";
3880
3881                 print "<table width='100%'>";
3882
3883                 $login = db_fetch_result($result, 0, "login");
3884                 $last_login = date(get_pref($link, 'LONG_DATE_FORMAT'),
3885                         strtotime(db_fetch_result($result, 0, "last_login")));
3886                 $access_level = db_fetch_result($result, 0, "access_level");
3887                 $stored_articles = db_fetch_result($result, 0, "stored_articles");
3888
3889                 print "<tr><td>Username</td><td>$login</td></tr>";
3890                 print "<tr><td>Access level</td><td>$access_level</td></tr>";
3891                 print "<tr><td>Last logged in</td><td>$last_login</td></tr>";
3892                 print "<tr><td>Stored articles</td><td>$stored_articles</td></tr>";
3893
3894                 $result = db_query($link, "SELECT COUNT(id) as num_feeds FROM ttrss_feeds
3895                         WHERE owner_uid = '$uid'");
3896
3897                 $num_feeds = db_fetch_result($result, 0, "num_feeds");
3898
3899                 print "<tr><td>Subscribed feeds count</td><td>$num_feeds</td></tr>";
3900
3901 /*              $result = db_query($link, "SELECT
3902                         SUM(LENGTH(content)+LENGTH(title)+LENGTH(link)+LENGTH(guid)) AS db_size
3903                         FROM ttrss_user_entries,ttrss_entries
3904                                 WHERE owner_uid = '$uid' AND ref_id = id");
3905
3906                 $db_size = round(db_fetch_result($result, 0, "db_size") / 1024);
3907
3908                 print "<tr><td>Approx. used DB size</td><td>$db_size KBytes</td></tr>";  */
3909
3910                 print "</table>";
3911
3912                 print "<h1>Subscribed feeds</h1>";
3913
3914                 $result = db_query($link, "SELECT id,title,site_url FROM ttrss_feeds
3915                         WHERE owner_uid = '$uid' ORDER BY title");
3916
3917                 print "<ul class=\"userFeedList\">";
3918
3919                 while ($line = db_fetch_assoc($result)) {
3920
3921                         $icon_file = ICONS_URL."/".$line["id"].".ico";
3922
3923                         if (file_exists($icon_file) && filesize($icon_file) > 0) {
3924                                 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"$icon_file\">";
3925                         } else {
3926                                 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
3927                         }
3928
3929                         print "<li>$feed_icon&nbsp;<a href=\"".$line["site_url"]."\">".$line["title"]."</a></li>";
3930                 }
3931
3932                 if (db_num_rows($result) < $num_feeds) {
3933                          // FIXME - add link to show ALL subscribed feeds here somewhere
3934                         print "<li><img
3935                                 class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">&nbsp;...</li>";
3936                 }
3937
3938                 print "</ul>";
3939
3940                 print "</div>";
3941
3942                 print "<div align='center'>
3943                         <input type='submit' class='button'
3944                         onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
3945
3946 //              print "</body></html>";
3947
3948         }
3949
3950         if ($op == "feed-details") {
3951
3952 //              $feed_id = $_GET["id"];
3953
3954                 $feed_ids = split(",", db_escape_string($_GET["id"]));
3955
3956                 print "<div class=\"infoBoxContents\">";
3957
3958                 foreach ($feed_ids as $feed_id) {
3959
3960                         $result = db_query($link,
3961                                 "SELECT
3962                                         title,feed_url,
3963                                         SUBSTRING(last_updated,1,16) as last_updated,
3964                                         icon_url,site_url,
3965                                         (SELECT COUNT(int_id) FROM ttrss_user_entries
3966                                                 WHERE feed_id = id) AS total,
3967                                         (SELECT COUNT(int_id) FROM ttrss_user_entries
3968                                                 WHERE feed_id = id AND unread = true) AS unread,
3969                                         (SELECT COUNT(int_id) FROM ttrss_user_entries
3970                                                 WHERE feed_id = id AND marked = true) AS marked
3971                                 FROM ttrss_feeds
3972                                 WHERE id = '$feed_id' AND owner_uid = ".$_SESSION["uid"]);
3973
3974                         if (db_num_rows($result) == 0) return;
3975
3976                         $title = db_unescape_string(db_fetch_result($result, 0, "title"));
3977                         $last_updated = date(get_pref($link, 'LONG_DATE_FORMAT'),
3978                                 strtotime(db_fetch_result($result, 0, "last_updated")));
3979                         $feed_url = db_fetch_result($result, 0, "feed_url");
3980                         $icon_url = db_fetch_result($result, 0, "icon_url");
3981                         $total = db_fetch_result($result, 0, "total");
3982                         $unread = db_fetch_result($result, 0, "unread");
3983                         $marked = db_fetch_result($result, 0, "marked");
3984                         $site_url = db_fetch_result($result, 0, "site_url");
3985
3986                         $result = db_query($link, "SELECT COUNT(id) AS subscribed
3987                                                 FROM ttrss_feeds WHERE feed_url = '$feed_url' AND private = false");
3988
3989                         $subscribed = db_fetch_result($result, 0, "subscribed");
3990
3991                         $icon_file = ICONS_DIR . "/$feed_id.ico";
3992
3993                         if (file_exists($icon_file) && filesize($icon_file) > 0) {
3994                                         $feed_icon = "<img width=\"16\" height=\"16\"
3995                                                 src=\"" . ICONS_URL . "/$feed_id.ico\">";
3996                         } else {
3997                                 $feed_icon = "";
3998                         }
3999
4000                         print "<h1>$feed_icon $title</h1>";
4001
4002                         print "<table width='100%'>";
4003
4004                         if ($site_url) {
4005                                 print "<tr><td width='30%'>Link</td>
4006                                         <td><a href=\"$site_url\">$site_url</a>
4007                                         <a href=\"$feed_url\">(feed)</a></td>
4008                                         </td></tr>";
4009                         } else {
4010                                 print "<tr><td width='30%'>Feed URL</td>
4011                                         <td><a href=\"$feed_url\">$feed_url</a></td></tr>";
4012                         }
4013                         print "<tr><td>Last updated</td><td>$last_updated</td></tr>";
4014                         print "<tr><td>Total articles</td><td>$total</td></tr>";
4015                         print "<tr><td>Unread articles</td><td>$unread</td></tr>";
4016                         print "<tr><td>Starred articles</td><td>$marked</td></tr>";
4017                         print "<tr><td>Subscribed users</td><td>$subscribed</td></tr>";
4018
4019                         print "</table>";
4020
4021 /*                      $result = db_query($link, "SELECT title,
4022                                 SUBSTRING(updated,1,16) AS updated,unread
4023                                 FROM ttrss_entries,ttrss_user_entries
4024                                 WHERE ref_id = id AND feed_id = '$feed_id'
4025                                 ORDER BY date_entered DESC LIMIT 5");
4026
4027                         if (db_num_rows($result) > 0) {
4028
4029                                 print "<h1>Latest headlines</h1>";
4030
4031                                 print "<ul class=\"nomarks\">";
4032
4033                                 while ($line = db_fetch_assoc($result)) {
4034                                         if ($line["unread"] == "t" || $line["unread"] == "1") {
4035                                                 $line["title"] = "<b>" . $line["title"] . "</b>";
4036                                         }
4037                                         print "<li>" . $line["title"].
4038                                         "&nbsp;<span class=\"insensitive\">(" .
4039                                                 date(get_pref($link, 'SHORT_DATE_FORMAT'),
4040                                                         strtotime($line["updated"])).
4041                                         ")</span></li>";
4042                                 }
4043
4044                                 print "</ul>";
4045
4046                         } */
4047                 }
4048
4049                 print "</div>";
4050
4051                 print "<div align='center'>
4052                         <input type='submit' class='button'
4053                         onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
4054         }
4055
4056         if ($op == "pref-feed-browser") {
4057
4058                 if (!ENABLE_FEED_BROWSER) {
4059                         print "Feed browser is administratively disabled.";
4060                         return;
4061                 }
4062
4063                 $subop = $_REQUEST["subop"];
4064
4065                 if ($subop == "details") {
4066                         $id = db_escape_string($_GET["id"]);
4067
4068                         print "<div class=\"browserFeedInfo\">";
4069                         print "<b>Feed information:</b>";
4070                         print "<div class=\"detailsPart\">";
4071
4072                         $result = db_query($link, "SELECT
4073                                         feed_url,site_url,
4074                                         SUBSTRING(last_updated,1,19) AS last_updated
4075                                 FROM ttrss_feeds WHERE id = '$id'");
4076
4077                         $feed_url = db_fetch_result($result, 0, "feed_url");
4078                         $site_url = db_fetch_result($result, 0, "site_url");
4079                         $last_updated = db_fetch_result($result, 0, "last_updated");
4080
4081                         if (get_pref($link, 'HEADLINES_SMART_DATE')) {
4082                                 $last_updated = smart_date_time(strtotime($last_updated));
4083                         } else {
4084                                 $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
4085                                 $last_updated = date($short_date, strtotime($last_updated));
4086                         }
4087
4088                         print "Site: <a href='$site_url'>$site_url</a> ".
4089                                 "(<a href='$feed_url'>feed</a>), ".
4090                                 "Last updated: $last_updated";
4091
4092                         print "</div>";
4093
4094                         $result = db_query($link, "SELECT
4095                                         ttrss_entries.title,
4096                                         content,
4097                                         substring(date_entered,1,19) as date_entered,
4098                                         substring(updated,1,19) as updated
4099                                 FROM ttrss_entries,ttrss_user_entries
4100                                 WHERE   ttrss_entries.id = ref_id AND feed_id = '$id'
4101                                 ORDER BY updated DESC LIMIT 5");
4102
4103                         if (db_num_rows($result) > 0) {
4104
4105                                 print "<b>Last headlines:</b><br>";
4106
4107                                 print "<div class=\"detailsPart\">";
4108                                 print "<ul class=\"compact\">";
4109                                 while ($line = db_fetch_assoc($result)) {
4110
4111                                         if (get_pref($link, 'HEADLINES_SMART_DATE')) {
4112                                                 $entry_dt = smart_date_time(strtotime($line["updated"]));
4113                                         } else {
4114                                                 $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
4115                                                 $entry_dt = date($short_date, strtotime($line["updated"]));
4116                                         }
4117
4118                                         print "<li>" . $line["title"] .
4119                                                 "&nbsp;<span class=\"insensitive\">($entry_dt)</span></li>";
4120                                 }
4121                                 print "</ul></div>";
4122                         }
4123
4124                         print "</div>";
4125
4126                         return;
4127                 }
4128
4129                 $result = db_query($link, "SELECT feed_url,count(id) AS subscribers
4130                         FROM ttrss_feeds
4131                         WHERE auth_login = '' AND auth_pass = '' AND private = false
4132                         GROUP BY feed_url ORDER BY subscribers DESC LIMIT 100");
4133
4134                 print "<ul class='nomarks' id='browseBigFeedList'>";
4135
4136                 $feedctr = 0;
4137
4138                 while ($line = db_fetch_assoc($result)) {
4139                         $feed_url = $line["feed_url"];
4140                         $subscribers = $line["subscribers"];
4141
4142                         $sub_result = db_query($link, "SELECT id
4143                                 FROM ttrss_feeds WHERE feed_url = '$feed_url' AND owner_uid =" .
4144                                 $_SESSION["uid"]);
4145
4146                         if (db_num_rows($sub_result) > 0) {
4147                                 continue; // already subscribed
4148                         }
4149
4150                         $det_result = db_query($link, "SELECT site_url,title,id
4151                                 FROM ttrss_feeds WHERE feed_url = '$feed_url' LIMIT 1");
4152
4153                         $details = db_fetch_assoc($det_result);
4154
4155                         $icon_file = ICONS_DIR . "/" . $details["id"] . ".ico";
4156
4157                         if (file_exists($icon_file) && filesize($icon_file) > 0) {
4158                                         $feed_icon = "<img class=\"tinyFeedIcon\"       src=\"" . ICONS_URL .
4159                                                 "/".$details["id"].".ico\">";
4160                         } else {
4161                                 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
4162                         }
4163
4164                         $check_box = "<input onclick='toggleSelectListRow(this)' class='feedBrowseCB'
4165                                 type=\"checkbox\" id=\"FBCHK-" . $details["id"] . "\">";
4166
4167                         $class = ($feedctr % 2) ? "even" : "odd";
4168
4169                         print "<li class='$class' id=\"FBROW-".$details["id"]."\">$check_box".
4170                                 "$feed_icon ";
4171
4172                         print "<a href=\"javascript:browserToggleExpand('".$details["id"]."')\">" .
4173                                 $details["title"] ."</a>&nbsp;" .
4174                                 "<span class='subscribers'>($subscribers)</span>";
4175
4176                         print "<div class=\"browserDetails\" id=\"BRDET-" . $details["id"] . "\">";
4177                         print "</div>";
4178
4179                         print "</li>";
4180
4181                                 ++$feedctr;
4182                 }
4183
4184                 if ($feedctr == 0) {
4185                         print "<li>No feeds found to subscribe.</li>";
4186                 }
4187
4188                 print "</ul>";
4189
4190                 print "<p>Selection:
4191                         <input type='submit' class='button' onclick=\"feedBrowserSubscribe()\"
4192                         value=\"Subscribe\"></p>";
4193
4194                 print "</div>";
4195
4196         }
4197
4198         db_close($link);
4199 ?>
4200
4201 <!-- <?= sprintf("Backend execution time: %.4f seconds", getmicrotime() - $script_started) ?> -->
4202