backend.php

   1 <?
   2         session_start();
   3
   4         if ($_GET["debug"]) {
   5                 define('DEFAULT_ERROR_LEVEL', E_ALL);
   6         } else {
   7                 define('DEFAULT_ERROR_LEVEL', E_ERROR | E_WARNING | E_PARSE);
   8         }
   9
  10         error_reporting(DEFAULT_ERROR_LEVEL);
  11
  12         $op = $_REQUEST["op"];
  13
  14         if ((!$op || $op == "rpc" || $op == "globalUpdateFeeds") && !$_REQUEST["noxml"]) {
  15                 header("Content-Type: application/xml");
  16         }
  17
  18         if (!$_SESSION["uid"] && $op != "globalUpdateFeeds") {
  19
  20                 if ($op == "rpc") {
  21                         print "<error error-code=\"6\"/>";
  22                 }
  23                 exit;
  24         }
  25
  26         if (!$op) {
  27                 print "<error error-code=\"7\"/>";
  28                 exit;
  29         }
  30
  31         define('SCHEMA_VERSION', 2);
  32
  33         require_once "sanity_check.php";
  34         require_once "config.php";
  35         require_once "db.php";
  36         require_once "db-prefs.php";
  37         require_once "functions.php";
  38         require_once "magpierss/rss_fetch.inc";
  39
  40         $script_started = getmicrotime();
  41
  42         $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
  43
  44         if (!$link) {
  45                 if (DB_TYPE == "mysql") {
  46                         print mysql_error();
  47                 }
  48                 // PG seems to display its own errors just fine by default.
  49                 return;
  50         }
  51
  52         if (DB_TYPE == "pgsql") {
  53                 pg_query("set client_encoding = 'utf-8'");
  54         }
  55
  56         $fetch = $_GET["fetch"];
  57
  58         function getAllCounters($link) {
  59                 getLabelCounters($link);
  60                 getFeedCounters($link);
  61                 getTagCounters($link);
  62                 getGlobalCounters($link);
  63         }
  64
  65         /* FIXME this needs reworking */
  66
  67         function getGlobalCounters($link) {
  68                 $result = db_query($link, "SELECT count(id) as c_id FROM ttrss_entries,ttrss_user_entries
  69                         WHERE unread = true AND
  70                         ttrss_user_entries.ref_id = ttrss_entries.id AND
  71                         owner_uid = " . $_SESSION["uid"]);
  72                 $c_id = db_fetch_result($result, 0, "c_id");
  73                 print "<counter id='global-unread' counter='$c_id'/>";
  74         }
  75
  76         function getTagCounters($link) {
  77
  78                 $result = db_query($link, "SELECT tag_name,count(ttrss_entries.id) AS count
  79                         FROM ttrss_tags,ttrss_entries,ttrss_user_entries WHERE
  80                         ttrss_user_entries.ref_id = ttrss_entries.id AND
  81                         ttrss_tags.owner_uid = ".$_SESSION["uid"]." AND
  82                         post_int_id = ttrss_user_entries.int_id AND unread = true GROUP BY tag_name
  83                 UNION
  84                         select tag_name,0 as count FROM ttrss_tags
  85                         WHERE ttrss_tags.owner_uid = ".$_SESSION["uid"]);
  86
  87                 $tags = array();
  88
  89                 while ($line = db_fetch_assoc($result)) {
  90                         $tags[$line["tag_name"]] += $line["count"];
  91                 }
  92
  93                 foreach (array_keys($tags) as $tag) {
  94                         $unread = $tags[$tag];
  95
  96                         $tag = htmlspecialchars($tag);
  97                         print "<tag id=\"$tag\" counter=\"$unread\"/>";
  98                 }
  99         }
 100
 101         function getLabelCounters($link) {
 102
 103                 $result = db_query($link, "SELECT count(id) as count FROM ttrss_entries,ttrss_user_entries
 104                         WHERE marked = true AND ttrss_user_entries.ref_id = ttrss_entries.id AND
 105                         unread = true AND owner_uid = ".$_SESSION["uid"]);
 106
 107                 $count = db_fetch_result($result, 0, "count");
 108
 109                 print "<label id=\"-1\" counter=\"$count\"/>";
 110
 111                 $result = db_query($link, "SELECT owner_uid,id,sql_exp,description FROM
 112                         ttrss_labels WHERE owner_uid = ".$_SESSION["uid"]." ORDER by description");
 113
 114                 while ($line = db_fetch_assoc($result)) {
 115
 116                         $id = -$line["id"] - 11;
 117
 118                         error_reporting (0);
 119
 120                         $tmp_result = db_query($link, "SELECT count(id) as count FROM ttrss_user_entries,ttrss_entries
 121                                 WHERE (" . $line["sql_exp"] . ") AND unread = true AND
 122                                 ttrss_user_entries.ref_id = ttrss_entries.id AND
 123                                 owner_uid = ".$_SESSION["uid"]);
 124
 125                         $count = db_fetch_result($tmp_result, 0, "count");
 126
 127                         print "<label id=\"$id\" counter=\"$count\"/>";
 128
 129                         error_reporting (DEFAULT_ERROR_LEVEL);
 130
 131                 }
 132         }
 133
 134         function getFeedCounter($link, $id) {
 135
 136                 $result = db_query($link, "SELECT
 137                                 count(id) as count FROM ttrss_entries,ttrss_user_entries
 138                         WHERE feed_id = '$id' AND unread = true
 139                         AND ttrss_user_entries.ref_id = ttrss_entries.id");
 140
 141                         $count = db_fetch_result($result, 0, "count");
 142
 143                         print "<feed id=\"$id\" counter=\"$count\"/>";
 144         }
 145
 146         function getFeedCounters($link) {
 147
 148                 $result = db_query($link, "SELECT id,
 149                         (SELECT count(id)
 150                                 FROM ttrss_entries,ttrss_user_entries
 151                                 WHERE feed_id = ttrss_feeds.id AND ttrss_user_entries.ref_id = ttrss_entries.id
 152                                 AND unread = true AND owner_uid = ".$_SESSION["uid"].") as count
 153                         FROM ttrss_feeds WHERE owner_uid = ".$_SESSION["uid"]);
 154
 155                 while ($line = db_fetch_assoc($result)) {
 156
 157                         $id = $line["id"];
 158                         $count = $line["count"];
 159
 160                         print "<feed id=\"$id\" counter=\"$count\"/>";
 161                 }
 162         }
 163
 164         function outputFeedList($link, $tags = false) {
 165
 166                 print "<html><head>
 167                         <title>Tiny Tiny RSS : Feedlist</title>
 168                         <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">";
 169
 170                 $user_theme = $_SESSION["theme"];
 171                 if ($user_theme) {
 172                         print "<link rel=\"stylesheet\" type=\"text/css\"
 173                                 href=\"themes/$user_theme/theme.css\">";
 174                 }
 175
 176                 if (get_pref($link, 'USE_COMPACT_STYLESHEET')) {
 177                         print "<link rel=\"stylesheet\" type=\"text/css\"
 178                                 href=\"tt-rss_compact.css\"/>";
 179                 } else {
 180                         print "<link title=\"Compact Stylesheet\" rel=\"alternate stylesheet\"
 181                                         type=\"text/css\" href=\"tt-rss_compact.css\"/>";
 182                 }
 183
 184                 print "<script type=\"text/javascript\" src=\"functions.js\"></script>
 185                         <script type=\"text/javascript\" src=\"feedlist.js\"></script>
 186                         <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
 187                         </head><body onload=\"init()\">";
 188
 189                 print "<ul class=\"feedList\" id=\"feedList\">";
 190
 191                 $owner_uid = $_SESSION["uid"];
 192
 193                 if (!$tags) {
 194
 195                         /* virtual feeds */
 196
 197                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 198                                 print "<li class=\"feedCat\">Special</li>";
 199                                 print "<li id=\"feedCatHolder\"><ul class=\"feedCatList\">";
 200                         }
 201
 202                         $result = db_query($link, "SELECT count(id) as num_starred
 203                                 FROM ttrss_entries,ttrss_user_entries
 204                                 WHERE marked = true AND
 205                                 ttrss_user_entries.ref_id = ttrss_entries.id AND
 206                                 unread = true AND owner_uid = '$owner_uid'");
 207                         $num_starred = db_fetch_result($result, 0, "num_starred");
 208
 209                         $class = "virt";
 210
 211                         if ($num_starred > 0) $class .= "Unread";
 212
 213                         printFeedEntry(-1, $class, "Starred articles", $num_starred,
 214                                 "images/mark_set.png", $link);
 215
 216                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 217                                 print "</li></ul>";
 218                         }
 219
 220                         if (get_pref($link, 'ENABLE_LABELS')) {
 221
 222                                 $result = db_query($link, "SELECT id,sql_exp,description FROM
 223                                         ttrss_labels WHERE owner_uid = '$owner_uid' ORDER by description");
 224
 225                                 if (db_num_rows($result) > 0) {
 226                                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 227                                                 print "<li class=\"feedCat\">Labels</li>";
 228                                                 print "<li id=\"feedCatHolder\"><ul class=\"feedCatList\">";
 229                                         } else {
 230                                                 print "<li><hr></li>";
 231                                         }
 232                                 }
 233
 234                                 while ($line = db_fetch_assoc($result)) {
 235
 236                                         error_reporting (0);
 237
 238                                         $tmp_result = db_query($link, "SELECT count(id) as count FROM ttrss_entries,ttrss_user_entries
 239                                                 WHERE (" . $line["sql_exp"] . ") AND unread = true AND
 240                                                 ttrss_user_entries.ref_id = ttrss_entries.id
 241                                                 AND owner_uid = '$owner_uid'");
 242
 243                                         $count = db_fetch_result($tmp_result, 0, "count");
 244
 245                                         $class = "label";
 246
 247                                         if ($count > 0) {
 248                                                 $class .= "Unread";
 249                                         }
 250
 251                                         error_reporting (DEFAULT_ERROR_LEVEL);
 252
 253                                         printFeedEntry(-$line["id"]-11,
 254                                                 $class, $line["description"], $count, "images/label.png", $link);
 255
 256                                 }
 257
 258                                 if (db_num_rows($result) > 0) {
 259                                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 260                                                 print "</li></ul>";
 261                                         }
 262                                 }
 263
 264                         }
 265
 266 //                      if (!get_pref($link, 'ENABLE_FEED_CATS')) {
 267                                 print "<li><hr></li>";
 268 //                      }
 269
 270                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 271                                 $order_by_qpart = "category,title";
 272                         } else {
 273                                 $order_by_qpart = "title";
 274                         }
 275
 276                         $result = db_query($link, "SELECT *,
 277                                 (SELECT count(id) FROM ttrss_entries,ttrss_user_entries
 278                                         WHERE feed_id = ttrss_feeds.id AND
 279                                         ttrss_user_entries.ref_id = ttrss_entries.id AND
 280                                         owner_uid = '$owner_uid') AS total,
 281                                 (SELECT count(id) FROM ttrss_entries,ttrss_user_entries
 282                                         WHERE feed_id = ttrss_feeds.id AND unread = true
 283                                                 AND ttrss_user_entries.ref_id = ttrss_entries.id
 284                                                 AND owner_uid = '$owner_uid') as unread,
 285                                 (SELECT title FROM ttrss_feed_categories
 286                                         WHERE id = cat_id) AS category
 287                                 FROM ttrss_feeds WHERE owner_uid = '$owner_uid' ORDER BY $order_by_qpart");
 288
 289                         $actid = $_GET["actid"];
 290
 291                         /* real feeds */
 292
 293                         $lnum = 0;
 294
 295                         $total_unread = 0;
 296
 297                         $category = "";
 298
 299                         while ($line = db_fetch_assoc($result)) {
 300
 301                                 $feed = $line["title"];
 302                                 $feed_id = $line["id"];
 303
 304                                 $subop = $_GET["subop"];
 305
 306                                 $total = $line["total"];
 307                                 $unread = $line["unread"];
 308
 309                                 $tmp_category = $line["category"];
 310
 311                                 if (!$tmp_category) {
 312                                         $tmp_category = "Uncategorized";
 313                                 }
 314
 315         //                      $class = ($lnum % 2) ? "even" : "odd";
 316
 317                                 $class = "feed";
 318
 319                                 if ($unread > 0) $class .= "Unread";
 320
 321                                 if ($actid == $feed_id) {
 322                                         $class .= "Selected";
 323                                 }
 324
 325                                 $total_unread += $unread;
 326
 327                                 if ($category != $tmp_category && get_pref($link, 'ENABLE_FEED_CATS')) {
 328
 329                                         if ($category) {
 330                                                 print "</li></ul></li>";
 331                                         }
 332
 333                                         $category = $tmp_category;
 334
 335                                         print "<li class=\"feedCat\">$category</li>";
 336                                         print "<li id=\"feedCatHolder\"><ul class=\"feedCatList\">";
 337                                 }
 338
 339                                 printFeedEntry($feed_id, $class, $feed, $unread,
 340                                         "icons/$feed_id.ico", $link);
 341
 342                                 ++$lnum;
 343                         }
 344
 345                 } else {
 346
 347                         // tags
 348
 349                         $result = db_query($link, "SELECT tag_name,count(ttrss_entries.id) AS count
 350                                 FROM ttrss_tags,ttrss_entries,ttrss_user_entries WHERE
 351                                 post_int_id = ttrss_user_entries.int_id AND
 352                                 unread = true AND ref_id = ttrss_entries.id
 353                                 AND ttrss_tags.owner_uid = '$owner_uid' GROUP BY tag_name
 354                         UNION
 355                                 select tag_name,0 as count FROM ttrss_tags WHERE owner_uid = '$owner_uid'
 356                         ORDER BY tag_name");
 357
 358                         $tags = array();
 359
 360                         while ($line = db_fetch_assoc($result)) {
 361                                 $tags[$line["tag_name"]] += $line["count"];
 362                         }
 363
 364                         foreach (array_keys($tags) as $tag) {
 365
 366                                 $unread = $tags[$tag];
 367
 368                                 $class = "tag";
 369
 370                                 if ($unread > 0) {
 371                                         $class .= "Unread";
 372                                 }
 373
 374                                 printFeedEntry($tag, $class, $tag, $unread, "images/tag.png", $link);
 375
 376                         }
 377
 378                 }
 379
 380                 if (db_num_rows($result) == 0) {
 381                         if ($tags) {
 382                                 $what = "tags";
 383                         } else {
 384                                 $what = "feeds";
 385                         }
 386                         print "<li>No $what to display.</li>";
 387                 }
 388
 389                 print "</ul>";
 390
 391                 print "<div class=\"invisible\" id=\"FEEDTU\">$total_unread</div>";
 392
 393         }
 394
 395
 396         if ($op == "rpc") {
 397
 398                 $subop = $_GET["subop"];
 399
 400                 if ($subop == "getLabelCounters") {
 401                         $aid = $_GET["aid"];
 402                         print "<rpc-reply>";
 403                         getLabelCounters($link);
 404                         if ($aid) {
 405                                 getFeedCounter($link, $aid);
 406                         }
 407                         print "</rpc-reply>";
 408                 }
 409
 410                 if ($subop == "getFeedCounters") {
 411                         print "<rpc-reply>";
 412                         getFeedCounters($link);
 413                         print "</rpc-reply>";
 414                 }
 415
 416                 if ($subop == "getAllCounters") {
 417                         print "<rpc-reply>";
 418                         getAllCounters($link);
 419                         print "</rpc-reply>";
 420                 }
 421
 422                 if ($subop == "mark") {
 423                         $mark = $_GET["mark"];
 424                         $id = db_escape_string($_GET["id"]);
 425
 426                         if ($mark == "1") {
 427                                 $mark = "true";
 428                         } else {
 429                                 $mark = "false";
 430                         }
 431
 432                         // FIXME this needs collision testing
 433
 434                         $result = db_query($link, "UPDATE ttrss_user_entries SET marked = $mark
 435                                 WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 436                 }
 437
 438                 if ($subop == "updateFeed") {
 439                         $feed_id = db_escape_string($_GET["feed"]);
 440
 441                         $result = db_query($link,
 442                                 "SELECT feed_url FROM ttrss_feeds WHERE id = '$feed_id'
 443                                         AND owner_uid = " . $_SESSION["uid"]);
 444
 445                         if (db_num_rows($result) > 0) {
 446                                 $feed_url = db_fetch_result($result, 0, "feed_url");
 447                                 update_rss_feed($link, $feed_url, $feed_id);
 448                         }
 449
 450                         print "<rpc-reply>";
 451                         getFeedCounter($link, $feed_id);
 452                         print "</rpc-reply>";
 453
 454                         return;
 455                 }
 456
 457                 if ($subop == "forceUpdateAllFeeds" || $subop == "updateAllFeeds") {
 458
 459                         update_all_feeds($link, $subop == "forceUpdateAllFeeds");
 460
 461                         $omode = $_GET["omode"];
 462
 463                         if (!$omode) $omode = "tfl";
 464
 465                         print "<rpc-reply>";
 466                         if (strchr($omode, "l")) getLabelCounters($link);
 467                         if (strchr($omode, "f")) getFeedCounters($link);
 468                         if (strchr($omode, "t")) getTagCounters($link);
 469                         getGlobalCounters($link);
 470                         print "</rpc-reply>";
 471                 }
 472
 473                 /* GET["cmode"] = 0 - mark as read, 1 - as unread, 2 - toggle */
 474                 if ($subop == "catchupSelected") {
 475
 476                         $ids = split(",", $_GET["ids"]);
 477
 478                         $cmode = sprintf("%d", $_GET["cmode"]);
 479
 480                         foreach ($ids as $id) {
 481
 482                                 if ($cmode == 0) {
 483                                         db_query($link, "UPDATE ttrss_user_entries SET
 484                                         unread = false,last_read = NOW()
 485                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 486                                 } else if ($cmode == 1) {
 487                                         db_query($link, "UPDATE ttrss_user_entries SET
 488                                         unread = true
 489                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 490                                 } else {
 491                                         db_query($link, "UPDATE ttrss_user_entries SET
 492                                         unread = NOT unread,last_read = NOW()
 493                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 494                                 }
 495                         }
 496                         print "<rpc-reply>";
 497                         getAllCounters($link);
 498                         print "</rpc-reply>";
 499                 }
 500
 501                 if ($subop == "markSelected") {
 502
 503                         $ids = split(",", $_GET["ids"]);
 504
 505                         $cmode = sprintf("%d", $_GET["cmode"]);
 506
 507                         foreach ($ids as $id) {
 508
 509                                 if ($cmode == 0) {
 510                                         db_query($link, "UPDATE ttrss_user_entries SET
 511                                         marked = false
 512                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 513                                 } else if ($cmode == 1) {
 514                                         db_query($link, "UPDATE ttrss_user_entries SET
 515                                         marked = true
 516                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 517                                 } else {
 518                                         db_query($link, "UPDATE ttrss_user_entries SET
 519                                         marked = NOT marked
 520                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 521                                 }
 522                         }
 523                         print "<rpc-reply>";
 524                         getAllCounters($link);
 525                         print "</rpc-reply>";
 526                 }
 527
 528                 if ($subop == "sanityCheck") {
 529
 530                         $error_code = 0;
 531
 532                         $result = db_query($link, "SELECT schema_version FROM ttrss_version");
 533
 534                         $schema_version = db_fetch_result($result, 0, "schema_version");
 535
 536                         if ($schema_version != SCHEMA_VERSION) {
 537                                 $error_code = 5;
 538                         }
 539
 540                         print "<error error-code='$error_code'/>";
 541                 }
 542
 543                 if ($subop == "globalPurge") {
 544
 545                         print "<rpc-reply>";
 546                         global_purge_old_posts($link, true);
 547                         print "</rpc-reply>";
 548
 549                 }
 550
 551         }
 552
 553         if ($op == "feeds") {
 554
 555                 $tags = $_GET["tags"];
 556
 557                 $subop = $_GET["subop"];
 558
 559                 if ($subop == "catchupAll") {
 560                         db_query($link, "UPDATE ttrss_user_entries SET
 561                                 last_read = NOW(),unread = false WHERE owner_uid = " . $_SESSION["uid"]);
 562                 }
 563
 564                 outputFeedList($link, $tags);
 565
 566         }
 567
 568         if ($op == "view") {
 569
 570                 $id = $_GET["id"];
 571                 $feed_id = $_GET["feed"];
 572
 573                 $result = db_query($link, "UPDATE ttrss_user_entries
 574                         SET unread = false,last_read = NOW()
 575                         WHERE ref_id = '$id' AND feed_id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]);
 576
 577                 $addheader = $_GET["addheader"];
 578
 579                 $result = db_query($link, "SELECT title,link,content,feed_id,comments,int_id,
 580                         (SELECT icon_url FROM ttrss_feeds WHERE id = feed_id) as icon_url
 581                         FROM ttrss_entries,ttrss_user_entries
 582                         WHERE   id = '$id' AND ref_id = id");
 583
 584                 if ($addheader) {
 585                         print "<html><head>
 586                                 <title>Tiny Tiny RSS : Article $id</title>
 587                                 <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">";
 588
 589                         $user_theme = $_SESSION["theme"];
 590                         if ($user_theme) {
 591                                 print "<link rel=\"stylesheet\" type=\"text/css\"
 592                                         href=\"themes/$user_theme/theme.css\">";
 593                         }
 594
 595                         if (get_pref($link, 'USE_COMPACT_STYLESHEET')) {
 596                                 print "<link rel=\"stylesheet\" type=\"text/css\"
 597                                         href=\"tt-rss_compact.css\"/>";
 598                         } else {
 599                                 print "<link title=\"Compact Stylesheet\" rel=\"alternate stylesheet\"
 600                                                 type=\"text/css\" href=\"tt-rss_compact.css\"/>";
 601                         }
 602
 603                         print "<script type=\"text/javascript\" src=\"functions.js\"></script>
 604                                 <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
 605                                 </head><body>";
 606                 }
 607
 608                 if ($result) {
 609
 610                         $line = db_fetch_assoc($result);
 611
 612                         if ($line["icon_url"]) {
 613                                 $feed_icon = "<img class=\"feedIcon\" src=\"" . $line["icon_url"] . "\">";
 614                         } else {
 615                                 $feed_icon = "&nbsp;";
 616                         }
 617
 618                         if ($line["comments"] && $line["link"] != $line["comments"]) {
 619                                 $entry_comments = "(<a href=\"".$line["comments"]."\">Comments</a>)";
 620                         } else {
 621                                 $entry_comments = "";
 622                         }
 623
 624                         print "<div class=\"postReply\">";
 625
 626                         print "<div class=\"postHeader\"><table width=\"100%\">";
 627
 628                         print "<tr><td colspan='2'>" . $line["title"] . "</td></tr>";
 629
 630                         $tmp_result = db_query($link, "SELECT DISTINCT tag_name FROM
 631                                 ttrss_tags WHERE post_int_id = " . $line["int_id"] . "
 632                                 ORDER BY tag_name");
 633
 634                         $tags_str = "";
 635
 636                         while ($tmp_line = db_fetch_assoc($tmp_result)) {
 637                                 $tag = $tmp_line["tag_name"];
 638                                 $tags_str .= "<a href=\"javascript:parent.viewfeed('$tag')\">$tag</a>, ";
 639                         }
 640
 641                         $tags_str = preg_replace("/, $/", "", $tags_str);
 642
 643                         print "<tr><td width='50%'>
 644                                 <a href=\"" . $line["link"] . "\">".$line["link"]."</a>
 645                                 $entry_comments</td>
 646                                 <td align=\"right\">$tags_str</td></tr>";
 647
 648 /*                      if ($tags_str) {
 649                                 print "<tr><td><b>Tags:</b></td>
 650                                         <td width='100%'>$tags_str</td></tr>";
 651                         } */
 652
 653                         print "</table></div>";
 654
 655                         print "<div class=\"postIcon\">" . $feed_icon . "</div>";
 656                         print "<div class=\"postContent\">" . $line["content"] . "</div>";
 657
 658                         print "</div>";
 659
 660                         print "<script type=\"text/javascript\">
 661                                 update_all_counters('$feed_id');
 662                         </script>";
 663                 }
 664
 665                 if ($addheader) {
 666                         print "</body></html>";
 667                 }
 668         }
 669
 670         if ($op == "viewfeed") {
 671
 672                 $feed = $_GET["feed"];
 673                 $skip = $_GET["skip"];
 674                 $subop = $_GET["subop"];
 675                 $view_mode = $_GET["view"];
 676                 $addheader = $_GET["addheader"];
 677                 $limit = $_GET["limit"];
 678
 679                 if (!$feed) {
 680                         return;
 681                 }
 682
 683                 if (!$skip) $skip = 0;
 684
 685                 if ($subop == "undefined") $subop = "";
 686
 687                 if ($addheader) {
 688                         print "<html><head>
 689                                 <title>Tiny Tiny RSS : Feed $feed</title>
 690                                 <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">";
 691
 692                         $user_theme = $_SESSION["theme"];
 693                         if ($user_theme) {
 694                                 print "<link rel=\"stylesheet\" type=\"text/css\"
 695                                         href=\"themes/$user_theme/theme.css\">";
 696                         }
 697
 698                         if (get_pref($link, 'USE_COMPACT_STYLESHEET')) {
 699                                 print "<link rel=\"stylesheet\"
 700                                                 type=\"text/css\" href=\"tt-rss_compact.css\"/>";
 701
 702                         } else {
 703                                 print "<link title=\"Compact Stylesheet\" rel=\"alternate stylesheet\"
 704                                                 type=\"text/css\" href=\"tt-rss_compact.css\"/>";
 705                         }
 706
 707                         print "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
 708                                 <script type=\"text/javascript\" src=\"functions.js\"></script>
 709                                 <script type=\"text/javascript\" src=\"viewfeed.js\"></script>
 710                                 </head><body onload='init()'>";
 711                 }
 712
 713                 if ($subop == "ForceUpdate" && sprintf("%d", $feed) > 0) {
 714
 715                         $tmp_result = db_query($link, "SELECT feed_url FROM ttrss_feeds
 716                                 WHERE id = '$feed'");
 717
 718                         $feed_url = db_fetch_result($tmp_result, 0, "feed_url");
 719
 720                         update_rss_feed($link, $feed_url, $feed);
 721
 722                 }
 723
 724                 if ($subop == "MarkAllRead")  {
 725
 726                         if (sprintf("%d", $feed) != 0) {
 727
 728                                 if ($feed > 0) {
 729                                         db_query($link, "UPDATE ttrss_user_entries
 730                                                 SET unread = false,last_read = NOW()
 731                                                 WHERE feed_id = '$feed' AND owner_uid = " . $_SESSION["uid"]);
 732
 733                                 } else if ($feed < 0 && $feed > -10) { // special, like starred
 734
 735                                         if ($feed == -1) {
 736                                                 db_query($link, "UPDATE ttrss_user_entries
 737                                                         SET unread = false,last_read = NOW()
 738                                                         WHERE marked = true AND owner_uid = ".$_SESSION["uid"]);
 739                                         }
 740
 741                                 } else if ($feed < -10) { // label
 742
 743                                         // TODO make this more efficient
 744
 745                                         $label_id = -$feed - 11;
 746
 747                                         $tmp_result = db_query($link, "SELECT sql_exp FROM ttrss_labels
 748                                                 WHERE id = '$label_id'");
 749
 750                                         if ($tmp_result) {
 751                                                 $sql_exp = db_fetch_result($tmp_result, 0, "sql_exp");
 752
 753                                                 db_query($link, "BEGIN");
 754
 755                                                 $tmp2_result = db_query($link,
 756                                                         "SELECT
 757                                                                 int_id
 758                                                         FROM
 759                                                                 ttrss_user_entries,ttrss_entries
 760                                                         WHERE
 761                                                                 ref_id = id AND
 762                                                                 $sql_exp AND
 763                                                                 owner_uid = " . $_SESSION["uid"]);
 764
 765                                                 while ($tmp_line = db_fetch_assoc($tmp2_result)) {
 766                                                         db_query($link, "UPDATE
 767                                                                 ttrss_user_entries
 768                                                         SET
 769                                                                 unread = false, last_read = NOW()
 770                                                         WHERE
 771                                                                 int_id = " . $tmp_line["int_id"]);
 772                                                 }
 773
 774                                                 db_query($link, "COMMIT");
 775
 776 /*                                              db_query($link, "UPDATE ttrss_user_entries,ttrss_entries
 777                                                         SET unread = false,last_read = NOW()
 778                                                         WHERE $sql_exp
 779                                                         AND ref_id = id
 780                                                         AND owner_uid = ".$_SESSION["uid"]); */
 781                                         }
 782                                 }
 783                         } else { // tag
 784                                 db_query($link, "BEGIN");
 785
 786                                 $tag_name = db_escape_string($feed);
 787
 788                                 $result = db_query($link, "SELECT post_int_id FROM ttrss_tags
 789                                         WHERE tag_name = '$tag_name' AND owner_uid = " . $_SESSION["uid"]);
 790
 791                                 while ($line = db_fetch_assoc($result)) {
 792                                         db_query($link, "UPDATE ttrss_user_entries SET
 793                                                 unread = false, last_read = NOW()
 794                                                 WHERE int_id = " . $line["post_int_id"]);
 795                                 }
 796                                 db_query($link, "COMMIT");
 797                         }
 798
 799                 }
 800
 801                 $search = $_GET["search"];
 802
 803                 $search_mode = $_GET["smode"];
 804
 805                 if ($search) {
 806                         $search_query_part = "(upper(title) LIKE upper('%$search%')
 807                                 OR content LIKE '%$search%') AND";
 808                 } else {
 809                         $search_query_part = "";
 810                 }
 811
 812                 $view_query_part = "";
 813
 814                 if ($view_mode == "Starred") {
 815                         $view_query_part = " marked = true AND ";
 816                 }
 817
 818                 if ($view_mode == "Unread") {
 819                         $view_query_part = " unread = true AND ";
 820                 }
 821
 822                 if ($view_mode == "Unread or Starred") {
 823                         $view_query_part = " (unread = true OR marked = true) AND ";
 824                 }
 825
 826                 if ($view_mode == "Unread or Updated") {
 827                         $view_query_part = " (unread = true OR last_read is NULL) AND ";
 828                 }
 829
 830 /*              $result = db_query($link, "SELECT count(id) AS total_entries
 831                         FROM ttrss_entries WHERE
 832                         $search_query_part
 833                         feed_id = '$feed'");
 834
 835                 $total_entries = db_fetch_result($result, 0, "total_entries"); */
 836
 837 /*              $result = db_query("SELECT count(id) AS unread_entries
 838                         FROM ttrss_entries WHERE
 839                         $search_query_part
 840                         unread = true AND
 841                         feed_id = '$feed'");
 842
 843                 $unread_entries = db_fetch_result($result, 0, "unread_entries"); */
 844
 845                 if ($limit && $limit != "All") {
 846                         $limit_query_part = "LIMIT " . $limit;
 847                 }
 848
 849                 $vfeed_query_part = "";
 850
 851                 // override query strategy and enable feed display when searching globally
 852                 if ($search && $search_mode == "All feeds") {
 853                         $query_strategy_part = "id > 0";
 854                         $vfeed_query_part = "(SELECT title FROM ttrss_feeds WHERE
 855                                 id = feed_id) as feed_title,";
 856                 } else if (sprintf("%d", $feed) == 0) {
 857                         $query_strategy_part = "ttrss_entries.id > 0";
 858                         $vfeed_query_part = "(SELECT title FROM ttrss_feeds WHERE
 859                                 id = feed_id) as feed_title,";
 860                 } else if ($feed >= 0) {
 861                         $query_strategy_part = "feed_id = '$feed'";
 862                 } else if ($feed == -1) { // starred virtual feed
 863                         $query_strategy_part = "marked = true";
 864                         $vfeed_query_part = "(SELECT title FROM ttrss_feeds WHERE
 865                                 id = feed_id) as feed_title,";
 866                 } else if ($feed <= -10) { // labels
 867                         $label_id = -$feed - 11;
 868
 869                         $tmp_result = db_query($link, "SELECT sql_exp FROM ttrss_labels
 870                                 WHERE id = '$label_id'");
 871
 872                         $query_strategy_part = db_fetch_result($tmp_result, 0, "sql_exp");
 873
 874                         $vfeed_query_part = "(SELECT title FROM ttrss_feeds WHERE
 875                                 id = feed_id) as feed_title,";
 876                 } else {
 877                         $query_strategy_part = "id > 0"; // dumb
 878                 }
 879
 880                 $order_by = "updated DESC";
 881
 882 //              if ($feed < -10) {
 883 //                      $order_by = "feed_id,updated DESC";
 884 //              }
 885
 886                 $feed_title = "";
 887
 888                 if ($search && $search_mode == "All feeds") {
 889                         $feed_title = "Search results";
 890                 } else if (sprintf("%d", $feed) == 0) {
 891                         $feed_title = $feed;
 892                 } else if ($feed > 0) {
 893                         $result = db_query($link, "SELECT title,site_url FROM ttrss_feeds
 894                                 WHERE id = '$feed'");
 895
 896                         $feed_title = db_fetch_result($result, 0, "title");
 897                         $feed_site_url = db_fetch_result($result, 0, "site_url");
 898
 899                 } else if ($feed == -1) {
 900                         $feed_title = "Starred articles";
 901                 } else if ($feed < -10) {
 902                         $label_id = -$feed - 11;
 903                         $result = db_query($link, "SELECT description FROM ttrss_labels
 904                                 WHERE id = '$label_id'");
 905                         $feed_title = db_fetch_result($result, 0, "description");
 906                 } else {
 907                         $feed_title = "?";
 908                 }
 909
 910                 print "<table class=\"headlinesSubToolbar\"
 911                         width=\"100%\" cellspacing=\"0\" cellpadding=\"0\"><tr>";
 912
 913                 print "<td class=\"headlineActions\">
 914                         Select:
 915                                         <a href=\"javascript:selectTableRowsByIdPrefix('headlinesList',
 916                                                 'RROW-', 'RCHK-', true)\">All</a>,
 917                                         <a href=\"javascript:selectTableRowsByIdPrefix('headlinesList',
 918                                                 'RROW-', 'RCHK-', true, 'Unread')\">Unread</a>,
 919                                         <a href=\"javascript:selectTableRowsByIdPrefix('headlinesList',
 920                                                 'RROW-', 'RCHK-', false)\">None</a>
 921                         &nbsp;&nbsp;
 922                         Toggle: <a href=\"javascript:toggleUnread()\">Unread</a>,
 923                                         <a href=\"javascript:toggleStarred()\">Starred</a>";
 924
 925 /*              print "&nbsp;&nbsp;
 926                         View:
 927                                 <a href=\"javascript:limitView('All')\">All</a>,
 928                                 <a href=\"javascript:limitView('Unread')\">Unread</a>,
 929                                 <a href=\"javascript:limitView('Starred')\">Starred</a>
 930                         &nbsp;&nbsp;
 931                         Feed:
 932                                 <a href=\"javascript:updateCurrentFeed()\">Update</a>,
 933                                 <a href=\"javascript:catchupCurrentFeed()\">Mark as read</a>"; */
 934
 935                 print "</td>";
 936
 937                 print "<td class=\"headlineTitle\">";
 938
 939                 if ($feed_site_url) {
 940                         print "<a target=\"_blank\" href=\"$feed_site_url\">$feed_title</a>";
 941                 } else {
 942                         print $feed_title;
 943                 }
 944
 945                 print "</td>";
 946                 print "</tr></table>";
 947
 948                 print "<table class=\"headlinesList\" id=\"headlinesList\"
 949                         cellspacing=\"0\" width=\"100%\">";
 950
 951
 952                 if ($feed < -10) error_reporting (0);
 953
 954                 if (sprintf("%d", $feed) != 0) {
 955
 956                         if ($feed > 0) {
 957                                 $feed_kind = "Feeds";
 958                         } else {
 959                                 $feed_kind = "Labels";
 960                         }
 961
 962                         if (!$vfeed_query_part) {
 963                                 $content_query_part = "content as content_preview,";
 964                         } else {
 965                                 $content_query_part = "";
 966                         }
 967
 968                         $result = db_query($link, "SELECT
 969                                         id,title,
 970                                         SUBSTRING(updated,1,16) as updated,
 971                                         unread,feed_id,marked,link,last_read,
 972                                         SUBSTRING(last_read,1,19) as last_read_noms,
 973                                         $vfeed_query_part
 974                                         $content_query_part
 975                                         SUBSTRING(updated,1,19) as updated_noms
 976                                 FROM
 977                                         ttrss_entries,ttrss_user_entries
 978                                 WHERE
 979                                 ttrss_user_entries.ref_id = ttrss_entries.id AND
 980                                 owner_uid = '".$_SESSION["uid"]."' AND
 981                                 $search_query_part
 982                                 $view_query_part
 983                                 $query_strategy_part ORDER BY $order_by
 984                                 $limit_query_part");
 985
 986                 } else {
 987                         // browsing by tag
 988
 989                         $feed_kind = "Tags";
 990
 991                         $result = db_query($link, "SELECT
 992                                 ttrss_entries.id as id,title,
 993                                 SUBSTRING(updated,1,16) as updated,
 994                                 unread,feed_id,
 995                                 marked,link,last_read,
 996                                 SUBSTRING(last_read,1,19) as last_read_noms,
 997                                 $vfeed_query_part
 998                                 $content_query_part
 999                                 SUBSTRING(updated,1,19) as updated_noms
1000                                 FROM
1001                                         ttrss_entries,ttrss_user_entries,ttrss_tags
1002                                 WHERE
1003                                         ref_id = ttrss_entries.id AND
1004                                         ttrss_user_entries.owner_uid = '".$_SESSION["uid"]."' AND
1005                                         post_int_id = int_id AND tag_name = '$feed' AND
1006                                         $view_query_part
1007                                         $search_query_part
1008                                         $query_strategy_part ORDER BY $order_by
1009                                 $limit_query_part");
1010                 }
1011
1012                 if (!$result) {
1013                         print "<tr><td colspan='4' align='center'>
1014                                 Could not display feed (query failed). Please check match syntax or local configuration.</td></tr>";
1015                         return;
1016                 }
1017
1018                 $lnum = 0;
1019
1020                 error_reporting (DEFAULT_ERROR_LEVEL);
1021
1022                 $num_unread = 0;
1023
1024                 while ($line = db_fetch_assoc($result)) {
1025
1026                         $class = ($lnum % 2) ? "even" : "odd";
1027
1028                         $id = $line["id"];
1029                         $feed_id = $line["feed_id"];
1030
1031                         if ($line["last_read"] == "" &&
1032                                         ($line["unread"] != "t" && $line["unread"] != "1")) {
1033
1034                                 $update_pic = "<img id='FUPDPIC-$id' src=\"images/updated.png\"
1035                                         alt=\"Updated\">";
1036                         } else {
1037                                 $update_pic = "<img id='FUPDPIC-$id' src=\"images/blank_icon.gif\"
1038                                         alt=\"Updated\">";
1039                         }
1040
1041                         if ($line["unread"] == "t" || $line["unread"] == "1") {
1042                                 $class .= "Unread";
1043                                 ++$num_unread;
1044                         }
1045
1046                         if ($line["marked"] == "t" || $line["marked"] == "1") {
1047                                 $marked_pic = "<img id=\"FMARKPIC-$id\" src=\"images/mark_set.png\"
1048                                         alt=\"Reset mark\" onclick='javascript:toggleMark($id, false)'>";
1049                         } else {
1050                                 $marked_pic = "<img id=\"FMARKPIC-$id\" src=\"images/mark_unset.png\"
1051                                         alt=\"Set mark\" onclick='javascript:toggleMark($id, true)'>";
1052                         }
1053
1054                         $content_link = "<a id=\"FTITLE-$id\" href=\"javascript:view($id,$feed_id);\">" .
1055                                 $line["title"] . "</a>";
1056
1057                         print "<tr class='$class' id='RROW-$id'>";
1058                         // onclick=\"javascript:view($id,$feed_id)\">
1059
1060                         print "<td valign='center' class='hlUpdatePic'>$update_pic</td>";
1061
1062                         print "<td valign='center' class='hlSelectRow'>
1063                                 <input type=\"checkbox\" onclick=\"toggleSelectRow(this)\"
1064                                         class=\"feedCheckBox\" id=\"RCHK-$id\">
1065                                 </td>";
1066
1067                         print "<td valign='center' class='hlMarkedPic'>$marked_pic</td>";
1068
1069                         if ($line["feed_title"]) {
1070                                 print "<td class='hlContent'>$content_link</td>";
1071                                 print "<td class='hlFeed'>
1072                                         <a href='javascript:viewfeed($feed_id)'>".$line["feed_title"]."</a></td>";
1073                         } else {
1074                                 print "<td class='hlContent'>";
1075
1076                                 print "<a id=\"FTITLE-$id\" href=\"javascript:view($id,$feed_id);\">" .
1077                                         $line["title"];
1078
1079                                 if (get_pref($link, 'SHOW_CONTENT_PREVIEW')) {
1080
1081                                         $content_preview = truncate_string(strip_tags($line["content_preview"]),
1082                                                 101);
1083
1084                                         print "<span class=\"contentPreview\"> - $content_preview</span>";
1085                                 }
1086
1087                                 print "</a>";
1088                                 print "</td>";
1089                         }
1090
1091                         $updated_fmt = date("M d, G:i", strtotime($line["updated"]));
1092                         print "<td class=\"hlUpdated\"><nobr>$updated_fmt</nobr></td>";
1093
1094                         print "</tr>";
1095
1096                         ++$lnum;
1097                 }
1098
1099                 if ($lnum == 0) {
1100                         print "<tr><td align='center'>No articles found.</td></tr>";
1101                 }
1102
1103                 print "</table>";
1104
1105                 print "<script type=\"text/javascript\">
1106                         document.onkeydown = hotkey_handler;
1107                         update_all_counters('$feed');
1108                 </script>";
1109
1110                 if ($addheader) {
1111                         print "</body></html>";
1112                 }
1113
1114         }
1115
1116         if ($op == "pref-rpc") {
1117
1118                 $subop = $_GET["subop"];
1119
1120                 if ($subop == "unread") {
1121                         $ids = split(",", $_GET["ids"]);
1122                         foreach ($ids as $id) {
1123                                 db_query($link, "UPDATE ttrss_user_entries SET unread = true
1124                                         WHERE feed_id = '$id' AND owner_uid = ".$_SESSION["uid"]);
1125                         }
1126
1127                         print "Marked selected feeds as unread.";
1128                 }
1129
1130                 if ($subop == "read") {
1131                         $ids = split(",", $_GET["ids"]);
1132                         foreach ($ids as $id) {
1133                                 db_query($link, "UPDATE ttrss_user_entries
1134                                         SET unread = false,last_read = NOW() WHERE
1135                                                 feed_id = '$id' AND owner_uid = ".$_SESSION["uid"]);
1136                         }
1137
1138                         print "Marked selected feeds as read.";
1139
1140                 }
1141
1142         }
1143
1144         if ($op == "pref-feeds") {
1145
1146                 $subop = $_GET["subop"];
1147
1148                 if ($subop == "editSave") {
1149                         $feed_title = db_escape_string($_GET["t"]);
1150                         $feed_link = db_escape_string($_GET["l"]);
1151                         $upd_intl = db_escape_string($_GET["ui"]);
1152                         $purge_intl = db_escape_string($_GET["pi"]);
1153                         $feed_id = db_escape_string($_GET["id"]);
1154                         $cat_id = db_escape_string($_GET["catid"]);
1155
1156                         if (strtoupper($upd_intl) == "DEFAULT")
1157                                 $upd_intl = 0;
1158
1159                         if (strtoupper($purge_intl) == "DEFAULT")
1160                                 $purge_intl = 0;
1161
1162                         if (strtoupper($purge_intl) == "DISABLED")
1163                                 $purge_intl = -1;
1164
1165                         if ($cat_id != 0) {
1166                                 $category_qpart = "cat_id = '$cat_id'";
1167                         } else {
1168                                 $category_qpart = 'cat_id = NULL';
1169                         }
1170
1171                         $result = db_query($link, "UPDATE ttrss_feeds SET
1172                                 $category_qpart,
1173                                 title = '$feed_title', feed_url = '$feed_link',
1174                                 update_interval = '$upd_intl',
1175                                 purge_interval = '$purge_intl'
1176                                 WHERE id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]);
1177
1178                 }
1179
1180                 if ($subop == "remove") {
1181
1182                         if (!WEB_DEMO_MODE) {
1183
1184                                 $ids = split(",", $_GET["ids"]);
1185
1186                                 foreach ($ids as $id) {
1187                                         db_query($link, "DELETE FROM ttrss_feeds
1188                                                 WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
1189
1190                                         $icons_dir = ICONS_DIR;
1191
1192                                         if (file_exists($icons_dir . "/$id.ico")) {
1193                                                 unlink($icons_dir . "/$id.ico");
1194                                         }
1195                                 }
1196                         }
1197                 }
1198
1199                 if ($subop == "add") {
1200
1201                         if (!WEB_DEMO_MODE) {
1202
1203                                 $feed_link = db_escape_string(trim($_GET["link"]));
1204
1205                                 $result = db_query($link,
1206                                         "SELECT id FROM ttrss_feeds
1207                                         WHERE feed_url = '$feed_link' AND owner_uid = ".$_SESSION["uid"]);
1208
1209                                 if (db_num_rows($result) == 0) {
1210
1211                                         $result = db_query($link,
1212                                                 "INSERT INTO ttrss_feeds (owner_uid,feed_url,title)
1213                                                 VALUES ('".$_SESSION["uid"]."', '$feed_link', '')");
1214
1215                                         $result = db_query($link,
1216                                         "SELECT id FROM ttrss_feeds WHERE feed_url = '$feed_link'
1217                                                 AND owner_uid = " . $_SESSION["uid"]);
1218
1219                                         $feed_id = db_fetch_result($result, 0, "id");
1220
1221                                         if ($feed_id) {
1222                                                 update_rss_feed($link, $feed_link, $feed_id, true);
1223                                         }
1224                                 } else {
1225
1226                                         print "<div class=\"warning\">
1227                                                 Feed <b>$feed_link</b> already exists in the database.
1228                                         </div>";
1229                                 }
1230                         }
1231                 }
1232
1233                 if ($subop == "addCat") {
1234
1235                         if (!WEB_DEMO_MODE) {
1236
1237                                 $feed_cat = db_escape_string(trim($_GET["cat"]));
1238
1239                                 $result = db_query($link,
1240                                         "SELECT id FROM ttrss_feed_categories
1241                                         WHERE title = '$feed_cat' AND owner_uid = ".$_SESSION["uid"]);
1242
1243                                 if (db_num_rows($result) == 0) {
1244
1245                                         $result = db_query($link,
1246                                                 "INSERT INTO ttrss_feed_categories (owner_uid,title)
1247                                                 VALUES ('".$_SESSION["uid"]."', '$feed_cat')");
1248
1249                                 } else {
1250
1251                                         print "<div class=\"warning\">
1252                                                 Category <b>$feed_cat</b> already exists in the database.
1253                                         </div>";
1254                                 }
1255
1256
1257                         }
1258                 }
1259
1260                 if ($subop == "removeCats") {
1261
1262                         if (!WEB_DEMO_MODE) {
1263
1264                                 $ids = split(",", $_GET["ids"]);
1265
1266                                 foreach ($ids as $id) {
1267
1268                                         db_query($link, "BEGIN");
1269
1270                                         $result = db_query($link,
1271                                                 "SELECT count(id) as num_feeds FROM ttrss_feeds
1272                                                         WHERE cat_id = '$id'");
1273
1274                                         $num_feeds = db_fetch_result($result, 0, "num_feeds");
1275
1276                                         if ($num_feeds == 0) {
1277                                                 db_query($link, "DELETE FROM ttrss_feed_categories
1278                                                         WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
1279                                         } else {
1280
1281                                                 print "<div class=\"warning\">
1282                                                         Unable to delete non empty feed categories.</div>";
1283
1284                                         }
1285
1286                                         db_query($link, "COMMIT");
1287                                 }
1288                         }
1289                 }
1290
1291 //              print "<h3>Edit Feeds</h3>";
1292
1293                 $result = db_query($link, "SELECT id,title,feed_url,last_error
1294                         FROM ttrss_feeds WHERE last_error != '' AND owner_uid = ".$_SESSION["uid"]);
1295
1296                 if (db_num_rows($result) > 0) {
1297
1298                         print "<div class=\"warning\">";
1299
1300                         print "<b>Feeds with update errors:</b>";
1301
1302                         print "<ul class=\"nomarks\">";
1303
1304                         while ($line = db_fetch_assoc($result)) {
1305                                 print "<li>" . $line["title"] . " (" . $line["feed_url"] . "): " .
1306                                         $line["last_error"];
1307                         }
1308
1309                         print "</ul>";
1310                         print "</div>";
1311
1312                 }
1313
1314                 print "<p><div class=\"prefGenericAddBox\">
1315                         <input id=\"fadd_link\" size=\"40\">&nbsp;<input
1316                                 type=\"submit\" class=\"button\"
1317                                 onclick=\"javascript:addFeed()\" value=\"Add feed\"></div>";
1318
1319                 $feeds_sort = db_escape_string($_GET["sort"]);
1320
1321                 if (!$feeds_sort || $feeds_sort == "undefined") {
1322                         $feeds_sort = $_SESSION["pref_sort_feeds"];
1323                         if (!$feeds_sort) $feeds_sort = "title";
1324                 }
1325
1326                 $_SESSION["pref_sort_feeds"] = $feeds_sort;
1327
1328                 $result = db_query($link, "SELECT
1329                                 id,title,feed_url,substring(last_updated,1,16) as last_updated,
1330                                 update_interval,purge_interval,
1331                                 (SELECT title FROM ttrss_feed_categories
1332                                         WHERE id = cat_id) AS category
1333                         FROM
1334                                 ttrss_feeds WHERE owner_uid = '".$_SESSION["uid"]."'
1335                         ORDER by $feeds_sort,title");
1336
1337                 if (db_num_rows($result) != 0) {
1338
1339                         print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
1340
1341                         print "<p><table width=\"100%\" cellspacing=\"0\"
1342                                 class=\"prefFeedList\" id=\"prefFeedList\">";
1343                         print "<tr><td class=\"selectPrompt\" colspan=\"8\">
1344                                 Select:
1345                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFeedList',
1346                                                 'FEEDR-', 'FRCHK-', true)\">All</a>,
1347                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFeedList',
1348                                                 'FEEDR-', 'FRCHK-', false)\">None</a>
1349                                 </td</tr>";
1350
1351                         print "<tr class=\"title\">
1352                                                 <td width=\"3%\">&nbsp;</td>
1353                                                 <td width=\"3%\">Select</td>
1354                                                 <td width=\"20%\">
1355                                                         <a href=\"javascript:updateFeedList('title')\">Title</a></td>
1356                                                 <td width=\"20%\">
1357                                                         <a href=\"javascript:updateFeedList('feed_url')\">Link</a>
1358                                                 </td>";
1359
1360                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
1361                                 print "<td width=\"10%\">
1362                                         <a href=\"javascript:updateFeedList('category')\">Category</a></td>";
1363                         }
1364
1365                         print "
1366                                 <td width=\"10%\">
1367                                         <a href=\"javascript:updateFeedList('update_interval')\">Update Interval</a>
1368                                 </td>
1369                                 <td width=\"10%\">
1370                                         <a href=\"javascript:updateFeedList('purge_interval')\">Purge Days</a>
1371                                 </td>
1372                         </tr>";
1373
1374                         $lnum = 0;
1375
1376                         while ($line = db_fetch_assoc($result)) {
1377
1378                                 $class = ($lnum % 2) ? "even" : "odd";
1379
1380                                 $feed_id = $line["id"];
1381
1382                                 $edit_feed_id = $_GET["id"];
1383
1384                                 if ($subop == "edit" && $feed_id != $edit_feed_id) {
1385                                         $class .= "Grayed";
1386                                         $this_row_id = "";
1387                                 } else {
1388                                         $this_row_id = "id=\"FEEDR-$feed_id\"";
1389                                 }
1390
1391                                 print "<tr class=\"$class\" $this_row_id>";
1392
1393                                 $icon_file = ICONS_DIR . "/$feed_id.ico";
1394
1395                                 if (file_exists($icon_file) && filesize($icon_file) > 0) {
1396                                                 $feed_icon = "<img width=\"16\" height=\"16\"
1397                                                         src=\"" . ICONS_URL . "/$feed_id.ico\">";
1398                                 } else {
1399                                         $feed_icon = "&nbsp;";
1400                                 }
1401                                 print "<td align='center'>$feed_icon</td>";
1402
1403                                 $edit_title = htmlspecialchars(db_unescape_string($line["title"]));
1404                                 $edit_link = htmlspecialchars(db_unescape_string($line["feed_url"]));
1405                                 $edit_cat = htmlspecialchars(db_unescape_string($line["category"]));
1406
1407                                 if (!$edit_cat) $edit_cat = "Uncategorized";
1408
1409                                 if (!$edit_feed_id || $subop != "edit") {
1410
1411                                         print "<td><input onclick='toggleSelectRow(this);'
1412                                         type=\"checkbox\" id=\"FRCHK-".$line["id"]."\"></td>";
1413
1414                                         $edit_title = truncate_string($edit_title, 40);
1415                                         $edit_link = truncate_string($edit_link, 60);
1416
1417                                         print "<td><a href=\"javascript:editFeed($feed_id);\">" .
1418                                                 $edit_title . "</a></td>";
1419
1420                                         print "<td><a href=\"javascript:editFeed($feed_id);\">" .
1421                                                 $edit_link . "</a></td>";
1422
1423                                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
1424                                                 print "<td><a href=\"javascript:editFeed($feed_id);\">" .
1425                                                         $edit_cat . "</a></td>";
1426                                         }
1427
1428                                         if ($line["update_interval"] == "0")
1429                                                 $line["update_interval"] = "Default";
1430
1431                                         print "<td><a href=\"javascript:editFeed($feed_id);\">" .
1432                                                 $line["update_interval"] . "</a></td>";
1433
1434                                         if ($line["purge_interval"] == "0")
1435                                                 $line["purge_interval"] = "Default";
1436
1437                                         if ($line["purge_interval"] < 0)
1438                                                 $line["purge_interval"] = "Disabled";
1439
1440                                         print "<td><a href=\"javascript:editFeed($feed_id);\">" .
1441                                                 $line["purge_interval"] . "</a></td>";
1442
1443                                 } else if ($feed_id != $edit_feed_id) {
1444
1445                                         print "<td><input disabled=\"true\" type=\"checkbox\"
1446                                                 id=\"FRCHK-".$line["id"]."\"></td>";
1447
1448                                         $edit_title = truncate_string($edit_title, 40);
1449                                         $edit_link = truncate_string($edit_link, 60);
1450
1451                                         print "<td>$edit_title</td>";
1452                                         print "<td>$edit_link</td>";
1453
1454                                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
1455                                                 print "<td>$edit_cat</td>";
1456                                         }
1457
1458                                         if ($line["update_interval"] == "0")
1459                                                 $line["update_interval"] = "Default";
1460
1461                                         print "<td>" . $line["update_interval"] . "</td>";
1462
1463                                         if ($line["purge_interval"] == "0")
1464                                                 $line["purge_interval"] = "Default";
1465
1466                                         if ($line["purge_interval"] < 0)
1467                                                 $line["purge_interval"] = "Disabled";
1468
1469                                         print "<td>" . $line["purge_interval"] . "</td>";
1470
1471                                 } else {
1472
1473                                         print "<td><input disabled=\"true\" type=\"checkbox\" checked></td>";
1474
1475                                         print "<td><input id=\"iedit_title\" value=\"$edit_title\"></td>";
1476                                         print "<td><input id=\"iedit_link\" value=\"$edit_link\"></td>";
1477
1478                                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
1479
1480                                                 print "<td>";
1481                                                 print "<select id=\"iedit_fcat\">";
1482                                                 print "<option id=\"0\">Uncategorized</option>";
1483
1484                                                 $tmp_result = db_query($link, "SELECT id,title FROM ttrss_feed_categories
1485                                                         WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY title");
1486
1487                                                 if (db_num_rows($tmp_result) > 0) {
1488                                                         print "<option disabled>--------</option>";
1489                                                 }
1490
1491                                                 while ($tmp_line = db_fetch_assoc($tmp_result)) {
1492                                                         if ($tmp_line["id"] == $line["cat_id"]) {
1493                                                                 $is_selected = "selected";
1494                                                         } else {
1495                                                                 $is_selected = "";
1496                                                         }
1497                                                         printf("<option $is_selected id='%d'>%s</option>",
1498                                                                 $tmp_line["id"], $tmp_line["title"]);
1499                                                 }
1500
1501                                                 print "</select></td>";
1502                                                 print "</td>";
1503
1504                                         }
1505
1506                                         print "<td><input id=\"iedit_updintl\"
1507                                                 value=\"".$line["update_interval"]."\"></td>";
1508                                         print "<td><input id=\"iedit_purgintl\"
1509                                                 value=\"".$line["purge_interval"]."\"></td>";
1510
1511                                 }
1512
1513 /*                              if (!$line["last_updated"]) $line["last_updated"] = "Never";
1514
1515                                 print "<td>" . $line["last_updated"] . "</td>"; */
1516
1517                                 print "</tr>";
1518
1519                                 ++$lnum;
1520                         }
1521
1522                         print "</table>";
1523
1524                         print "<p>";
1525
1526                         if ($subop == "edit") {
1527                                 print "Edit feed:&nbsp;
1528                                         <input type=\"submit\" class=\"button\"
1529                                                 onclick=\"javascript:feedEditCancel()\" value=\"Cancel\">
1530                                         <input type=\"submit\" class=\"button\"
1531                                                 onclick=\"javascript:feedEditSave()\" value=\"Save\">";
1532                         } else {
1533
1534                                 print "
1535                                         Selection:&nbsp;
1536                                 <input type=\"submit\" class=\"button\"
1537                                         onclick=\"javascript:selectedFeedDetails()\" value=\"Details\">
1538                                 <input type=\"submit\" class=\"button\"
1539                                         onclick=\"javascript:editSelectedFeed()\" value=\"Edit\">
1540                                 <input type=\"submit\" class=\"button\"
1541                                         onclick=\"javascript:removeSelectedFeeds()\" value=\"Remove\">";
1542
1543                                 if (get_pref($link, 'ENABLE_PREFS_CATCHUP_UNCATCHUP')) {
1544                                         print "
1545                                         <input type=\"submit\" class=\"button\"
1546                                                 onclick=\"javascript:readSelectedFeeds(true)\" value=\"Mark as read\">
1547                                         <input type=\"submit\" class=\"button\"
1548                                                 onclick=\"javascript:readSelectedFeeds(false)\"
1549                                                 value=\"Mark as unread\">&nbsp;";
1550                                 }
1551
1552                                 print "
1553                                         All feeds: <input type=\"submit\"
1554                                                         class=\"button\" onclick=\"gotoExportOpml()\"
1555                                                         value=\"Export OPML\">";
1556                                 }
1557                 } else {
1558
1559                         print "<p>No feeds defined.</p>";
1560
1561                 }
1562
1563                 if (get_pref($link, 'ENABLE_FEED_CATS')) {
1564
1565                         print "<h3>Edit Categories</h3>";
1566
1567         //              print "<h3>Categories</h3>";
1568
1569                         print "<div class=\"prefGenericAddBox\">
1570                                 <input id=\"fadd_cat\" size=\"40\">&nbsp;<input
1571                                         type=\"submit\" class=\"button\"
1572                                         onclick=\"javascript:addFeedCat()\" value=\"Add category\"></div>";
1573
1574                         $result = db_query($link, "SELECT title,id FROM ttrss_feed_categories
1575                                 WHERE owner_uid = ".$_SESSION["uid"]."
1576                                 ORDER BY title");
1577
1578                         if (db_num_rows($result) != 0) {
1579
1580                                 print "<p><table width=\"100%\" class=\"prefFeedCatList\"
1581                                         cellspacing=\"0\" id=\"prefFeedCatList\">";
1582
1583                                 print "<tr><td class=\"selectPrompt\" colspan=\"8\">
1584                                 Select:
1585                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFeedCatList',
1586                                                 'FCATR-', 'FCCHK-', true)\">All</a>,
1587                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFeedCatList',
1588                                                 'FCATR-', 'FCCHK-', false)\">None</a>
1589                                 </td</tr>";
1590
1591                                 print "<tr class=\"title\">
1592                                                         <td width=\"10%\">Select</td><td width=\"80%\">Title</td>
1593                                                 </tr>";
1594
1595                                 $lnum = 0;
1596
1597                                 while ($line = db_fetch_assoc($result)) {
1598
1599                                         $class = ($lnum % 2) ? "even" : "odd";
1600
1601                                         $cat_id = $line["id"];
1602
1603                                         $edit_cat_id = $_GET["id"];
1604
1605                                         if ($subop == "editCat" && $cat_id != $edit_cat_id) {
1606                                                 $class .= "Grayed";
1607                                                 $this_row_id = "";
1608                                         } else {
1609                                                 $this_row_id = "id=\"FCATR-$cat_id\"";
1610                                         }
1611
1612                                         print "<tr class=\"$class\" $this_row_id>";
1613
1614                                         $edit_title = htmlspecialchars(db_unescape_string($line["title"]));
1615
1616                                         if (!$edit_cat_id || $subop != "editCat") {
1617
1618                                                 print "<td><input onclick='toggleSelectRow(this);'
1619                                                 type=\"checkbox\" id=\"FCCHK-".$line["id"]."\"></td>";
1620
1621                                                 print "<td><a href=\"javascript:editFeedCat($cat_id);\">" .
1622                                                         $edit_title . "</a></td>";
1623
1624                                         } else if ($cat_id != $edit_cat_id) {
1625
1626                                                 print "<td><input disabled=\"true\" type=\"checkbox\"
1627                                                         id=\"FRCHK-".$line["id"]."\"></td>";
1628
1629                                                 print "<td>$edit_title</td>";
1630
1631                                         } else {
1632
1633                                                 print "<td><input disabled=\"true\" type=\"checkbox\" checked></td>";
1634
1635                                                 print "<td><input id=\"iedit_title\" value=\"$edit_title\"></td>";
1636
1637                                         }
1638
1639                                         print "</tr>";
1640
1641                                         ++$lnum;
1642                                 }
1643
1644                                 print "</table>";
1645
1646                                 print "<p>";
1647
1648                                 if ($subop == "editCat") {
1649                                         print "Edit category:&nbsp;
1650                                                 <input type=\"submit\" class=\"button\"
1651                                                         onclick=\"javascript:feedCatEditCancel()\" value=\"Cancel\">
1652                                                 <input type=\"submit\" class=\"button\"
1653                                                         onclick=\"javascript:feedCatEditSave()\" value=\"Save\">";
1654                                         } else {
1655
1656                                         print "
1657                                                 Selection:&nbsp;
1658                                         <input type=\"submit\" class=\"button\"
1659                                                 onclick=\"javascript:editSelectedFeedCat()\" value=\"Edit\">
1660                                         <input type=\"submit\" class=\"button\"
1661                                                 onclick=\"javascript:removeSelectedFeedCats()\" value=\"Remove\">";
1662
1663                                 }
1664
1665                         } else {
1666                                 print "<p>No feed categories defined.</p>";
1667                         }
1668                 }
1669
1670                 print "<h3>Import OPML</h3>
1671                 <form   enctype=\"multipart/form-data\" method=\"POST\" action=\"opml.php\">
1672                         File: <input id=\"opml_file\" name=\"opml_file\" type=\"file\">&nbsp;
1673                         <input class=\"button\" name=\"op\" onclick=\"return validateOpmlImport();\"
1674                                 type=\"submit\" value=\"Import\">
1675                         </form>";
1676
1677         }
1678
1679         if ($op == "pref-filters") {
1680
1681                 $subop = $_GET["subop"];
1682
1683                 if ($subop == "editSave") {
1684
1685                         $regexp = db_escape_string($_GET["r"]);
1686                         $descr = db_escape_string($_GET["d"]);
1687                         $match = db_escape_string($_GET["m"]);
1688                         $filter_id = db_escape_string($_GET["id"]);
1689                         $feed_id = db_escape_string($_GET["fid"]);
1690
1691                         if (!$feed_id) {
1692                                 $feed_id = 'NULL';
1693                         } else {
1694                                 $feed_id = sprintf("'%s'", db_escape_string($feed_id));
1695                         }
1696
1697                         $result = db_query($link, "UPDATE ttrss_filters SET
1698                                 reg_exp = '$regexp',
1699                                 description = '$descr',
1700                                 feed_id = $feed_id,
1701                                 filter_type = (SELECT id FROM ttrss_filter_types WHERE
1702                                         description = '$match')
1703                                 WHERE id = '$filter_id'");
1704                 }
1705
1706                 if ($subop == "remove") {
1707
1708                         if (!WEB_DEMO_MODE) {
1709
1710                                 $ids = split(",", $_GET["ids"]);
1711
1712                                 foreach ($ids as $id) {
1713                                         db_query($link, "DELETE FROM ttrss_filters WHERE id = '$id'");
1714
1715                                 }
1716                         }
1717                 }
1718
1719                 if ($subop == "add") {
1720
1721                         if (!WEB_DEMO_MODE) {
1722
1723                                 $regexp = db_escape_string(trim($_GET["regexp"]));
1724                                 $match = db_escape_string(trim($_GET["match"]));
1725                                 $feed_id = db_escape_string($_GET["fid"]);
1726
1727                                 if (!$feed_id) {
1728                                         $feed_id = 'NULL';
1729                                 } else {
1730                                         $feed_id = sprintf("'%s'", db_escape_string($feed_id));
1731                                 }
1732
1733                                 $result = db_query($link,
1734                                         "INSERT INTO ttrss_filters (reg_exp,filter_type,owner_uid,feed_id) VALUES
1735                                                 ('$regexp', (SELECT id FROM ttrss_filter_types WHERE
1736                                                         description = '$match'),'".$_SESSION["uid"]."', $feed_id)");
1737                         }
1738                 }
1739
1740                 $result = db_query($link, "SELECT description
1741                         FROM ttrss_filter_types ORDER BY description");
1742
1743                 $filter_types = array();
1744
1745                 while ($line = db_fetch_assoc($result)) {
1746                         array_push($filter_types, $line["description"]);
1747                 }
1748
1749                 print "<div class=\"prefGenericAddBox\">
1750                 <input id=\"fadd_regexp\" size=\"40\">&nbsp;";
1751
1752                 print_select("fadd_match", "Title", $filter_types);
1753
1754                 print "&nbsp;<select id=\"fadd_feed\">";
1755
1756                 print "<option selected id=\"0\">All feeds</option>";
1757
1758                 $result = db_query($link, "SELECT id,title FROM ttrss_feeds
1759                         WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY title");
1760
1761                 if (db_num_rows($result) > 0) {
1762                         print "<option disabled>--------</option>";
1763                 }
1764
1765                 while ($line = db_fetch_assoc($result)) {
1766                         printf("<option id='%d'>%s</option>", $line["id"], $line["title"]);
1767                 }
1768
1769                 print "</select>&nbsp;";
1770
1771                 print "<input type=\"submit\"
1772                         class=\"button\" onclick=\"javascript:addFilter()\"
1773                         value=\"Add filter\">";
1774
1775                 $result = db_query($link, "SELECT
1776                                 ttrss_filters.id AS id,reg_exp,
1777                                 ttrss_filters.description AS description,
1778                                 ttrss_filter_types.name AS filter_type_name,
1779                                 ttrss_filter_types.description AS filter_type_descr,
1780                                 feed_id,
1781                                 (SELECT title FROM ttrss_feeds WHERE id = feed_id) AS feed_title
1782                         FROM
1783                                 ttrss_filters,ttrss_filter_types
1784                         WHERE
1785                                 filter_type = ttrss_filter_types.id AND
1786                                 ttrss_filters.owner_uid = ".$_SESSION["uid"]."
1787                         ORDER by reg_exp");
1788
1789                 if (db_num_rows($result) != 0) {
1790
1791                         print "<p><table width=\"100%\" cellspacing=\"0\" class=\"prefFilterList\"
1792                                 id=\"prefFilterList\">";
1793
1794                         print "<tr><td class=\"selectPrompt\" colspan=\"8\">
1795                                 Select:
1796                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFilterList',
1797                                                 'FILRR-', 'FICHK-', true)\">All</a>,
1798                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFilterList',
1799                                                 'FILRR-', 'FICHK-', false)\">None</a>
1800                                 </td</tr>";
1801
1802                         print "<tr class=\"title\">
1803                                                 <td width=\"5%\">Select</td><td width=\"30%\">Filter expression</td>
1804                                                 <td width=\"30%\">Feed</td><td width=\"10%\">Match</td>
1805                                                 <td width=\"30%\">Description</td></tr>";
1806
1807                         $lnum = 0;
1808
1809                         while ($line = db_fetch_assoc($result)) {
1810
1811                                 $class = ($lnum % 2) ? "even" : "odd";
1812
1813                                 $filter_id = $line["id"];
1814                                 $edit_filter_id = $_GET["id"];
1815
1816                                 if ($subop == "edit" && $filter_id != $edit_filter_id) {
1817                                         $class .= "Grayed";
1818                                         $this_row_id = "";
1819                                 } else {
1820                                         $this_row_id = "id=\"FILRR-$filter_id\"";
1821                                 }
1822
1823                                 print "<tr class=\"$class\" $this_row_id>";
1824
1825                                 $line["regexp"] = htmlspecialchars($line["reg_exp"]);
1826                                 $line["description"] = htmlspecialchars($line["description"]);
1827
1828                                 if (!$line["feed_title"]) $line["feed_title"] = "All feeds";
1829
1830                                 if (!$edit_filter_id || $subop != "edit") {
1831
1832                                         if (!$line["description"]) $line["description"] = "[No description]";
1833
1834                                         print "<td><input onclick='toggleSelectRow(this);'
1835                                         type=\"checkbox\" id=\"FICHK-".$line["id"]."\"></td>";
1836
1837                                         print "<td><a href=\"javascript:editFilter($filter_id);\">" .
1838                                                 $line["reg_exp"] . "</td>";
1839
1840                                         print "<td><a href=\"javascript:editFilter($filter_id);\">" .
1841                                                 $line["feed_title"] . "</td>";
1842
1843                                         print "<td><a href=\"javascript:editFilter($filter_id);\">" .
1844                                                 $line["filter_type_descr"] . "</td>";
1845
1846                                         print "<td><a href=\"javascript:editFilter($filter_id);\">" .
1847                                                 $line["description"] . "</td>";
1848
1849                                 } else if ($filter_id != $edit_filter_id) {
1850
1851                                         if (!$line["description"]) $line["description"] = "[No description]";
1852
1853                                         print "<td><input disabled=\"true\" type=\"checkbox\"
1854                                                 id=\"FICHK-".$line["id"]."\"></td>";
1855
1856                                         print "<td>".$line["reg_exp"]."</td>";
1857                                         print "<td>".$line["feed_title"]."</td>";
1858                                         print "<td>".$line["filter_type_descr"]."</td>";
1859                                         print "<td>".$line["description"]."</td>";
1860
1861                                 } else {
1862
1863                                         print "<td><input disabled=\"true\" type=\"checkbox\" checked></td>";
1864
1865                                         print "<td><input id=\"iedit_regexp\" value=\"".$line["reg_exp"].
1866                                                 "\"></td>";
1867
1868                                         print "<td>";
1869
1870                                         print "<select id=\"iedit_feed\">";
1871
1872                                         print "<option id=\"0\">All feeds</option>";
1873
1874                                         if (db_num_rows($result) > 0) {
1875                                                 print "<option disabled>--------</option>";
1876                                         }
1877
1878                                         $tmp_result = db_query($link, "SELECT id,title FROM ttrss_feeds
1879                                                 WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY title");
1880
1881                                         while ($tmp_line = db_fetch_assoc($tmp_result)) {
1882                                                 if ($tmp_line["id"] == $line["feed_id"]) {
1883                                                         $is_selected = "selected";
1884                                                 } else {
1885                                                         $is_selected = "";
1886                                                 }
1887                                                 printf("<option $is_selected id='%d'>%s</option>",
1888                                                         $tmp_line["id"], $tmp_line["title"]);
1889                                         }
1890
1891                                         print "</select></td>";
1892
1893                                         print "<td>";
1894                                         print_select("iedit_match", $line["filter_type_descr"], $filter_types);
1895                                         print "</td>";
1896
1897                                         print "<td><input id=\"iedit_descr\" value=\"".$line["description"].
1898                                                 "\"></td>";
1899
1900                                         print "</td>";
1901                                 }
1902
1903                                 print "</tr>";
1904
1905                                 ++$lnum;
1906                         }
1907
1908                         if ($lnum == 0) {
1909                                 print "<tr><td colspan=\"4\" align=\"center\">No filters defined.</td></tr>";
1910                         }
1911
1912                         print "</table>";
1913
1914                         print "<p>";
1915
1916                         if ($subop == "edit") {
1917                                 print "Edit feed:
1918                                         <input type=\"submit\" class=\"button\"
1919                                                 onclick=\"javascript:filterEditCancel()\" value=\"Cancel\">
1920                                         <input type=\"submit\" class=\"button\"
1921                                                 onclick=\"javascript:filterEditSave()\" value=\"Save\">";
1922
1923                         } else {
1924
1925                                 print "
1926                                         Selection:
1927                                 <input type=\"submit\" class=\"button\"
1928                                         onclick=\"javascript:editSelectedFilter()\" value=\"Edit\">
1929                                 <input type=\"submit\" class=\"button\"
1930                                         onclick=\"javascript:removeSelectedFilters()\" value=\"Remove\">";
1931                         }
1932
1933                 } else {
1934
1935                         print "<p>No filters defined.</p>";
1936
1937                 }
1938         }
1939
1940         if ($op == "pref-labels") {
1941
1942                 $subop = $_GET["subop"];
1943
1944                 if ($subop == "test") {
1945
1946                         $expr = $_GET["expr"];
1947                         $descr = $_GET["descr"];
1948
1949                         print "<div class='infoBoxContents'>";
1950
1951                         print "<h1>Label &laquo;$descr&raquo;</h1>";
1952
1953 //                      print "<p><b>Expression</b>: $expr</p>";
1954
1955                         $result = db_query($link,
1956                                 "SELECT count(id) AS num_matches
1957                                         FROM ttrss_entries,ttrss_user_entries
1958                                         WHERE ($expr) AND
1959                                                 ttrss_user_entries.ref_id = ttrss_entries.id AND
1960                                                 owner_uid = " . $_SESSION["uid"]);
1961
1962                         $num_matches = db_fetch_result($result, 0, "num_matches");;
1963
1964                         if ($num_matches > 0) {
1965
1966                                 print "<p>Query returned <b>$num_matches</b> matches, first 5 follow:</p>";
1967
1968                                 $result = db_query($link,
1969                                         "SELECT title,
1970                                                 (SELECT title FROM ttrss_feeds WHERE id = feed_id) AS feed_title
1971                                         FROM ttrss_entries,ttrss_user_entries
1972                                                         WHERE ($expr) AND
1973                                                         ttrss_user_entries.ref_id = ttrss_entries.id
1974                                                         AND owner_uid = " . $_SESSION["uid"] . "
1975                                                         ORDER BY date_entered DESC LIMIT 5");
1976
1977                                 print "<ul class=\"nomarks\">";
1978                                 while ($line = db_fetch_assoc($result)) {
1979                                         print "<li>".$line["title"].
1980                                                 " <span class=\"insensitive\">(".$line["feed_title"].")</span></li>";
1981                                 }
1982                                 print "</ul>";
1983
1984                         } else {
1985                                 print "<p>Query didn't return any matches.</p>";
1986                         }
1987
1988                         print "</div>";
1989
1990                         print "<div align='center'>
1991                                 <input type='submit' class='button'
1992                                 onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
1993                         return;
1994                 }
1995
1996                 if ($subop == "editSave") {
1997
1998                         $sql_exp = $_GET["s"];
1999                         $descr = $_GET["d"];
2000                         $label_id = db_escape_string($_GET["id"]);
2001
2002 //                      print "$sql_exp : $descr : $label_id";
2003
2004                         $result = db_query($link, "UPDATE ttrss_labels SET
2005                                 sql_exp = '$sql_exp',
2006                                 description = '$descr'
2007                                 WHERE id = '$label_id'");
2008                 }
2009
2010                 if ($subop == "remove") {
2011
2012                         if (!WEB_DEMO_MODE) {
2013
2014                                 $ids = split(",", $_GET["ids"]);
2015
2016                                 foreach ($ids as $id) {
2017                                         db_query($link, "DELETE FROM ttrss_labels WHERE id = '$id'");
2018
2019                                 }
2020                         }
2021                 }
2022
2023                 if ($subop == "add") {
2024
2025                         if (!WEB_DEMO_MODE) {
2026
2027                                 // no escaping is done here on purpose
2028                                 $exp = trim($_GET["exp"]);
2029
2030                                 $result = db_query($link,
2031                                         "INSERT INTO ttrss_labels (sql_exp,description,owner_uid)
2032                                                 VALUES ('$exp', '$exp', '".$_SESSION["uid"]."')");
2033                         }
2034                 }
2035
2036                 print "<div class=\"prefGenericAddBox\">
2037                         <input size=\"40\" id=\"ladd_expr\">&nbsp;";
2038
2039                 print"<input type=\"submit\" class=\"button\"
2040                         onclick=\"javascript:addLabel()\" value=\"Add label\"></div>";
2041
2042                 $result = db_query($link, "SELECT
2043                                 id,sql_exp,description
2044                         FROM
2045                                 ttrss_labels
2046                         WHERE
2047                                 owner_uid = ".$_SESSION["uid"]."
2048                         ORDER by description");
2049
2050                 print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
2051
2052                 if (db_num_rows($result) != 0) {
2053
2054                         print "<p><table width=\"100%\" cellspacing=\"0\"
2055                                 class=\"prefLabelList\" id=\"prefLabelList\">";
2056
2057                         print "<tr><td class=\"selectPrompt\" colspan=\"8\">
2058                                 Select:
2059                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefLabelList',
2060                                                 'LILRR-', 'LICHK-', true)\">All</a>,
2061                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefLabelList',
2062                                                 'LILRR-', 'LICHK-', false)\">None</a>
2063                                 </td</tr>";
2064
2065                         print "<tr class=\"title\">
2066                                                 <td width=\"5%\">Select</td><td width=\"40%\">SQL expression
2067                                                 <a class=\"helpLink\" href=\"javascript:displayHelpInfobox(1)\">(?)</a>
2068                                                 </td>
2069                                                 <td width=\"40%\">Caption</td></tr>";
2070
2071                         $lnum = 0;
2072
2073                         while ($line = db_fetch_assoc($result)) {
2074
2075                                 $class = ($lnum % 2) ? "even" : "odd";
2076
2077                                 $label_id = $line["id"];
2078                                 $edit_label_id = $_GET["id"];
2079
2080                                 if ($subop == "edit" && $label_id != $edit_label_id) {
2081                                         $class .= "Grayed";
2082                                         $this_row_id = "";
2083                                 } else {
2084                                         $this_row_id = "id=\"LILRR-$label_id\"";
2085                                 }
2086
2087                                 print "<tr class=\"$class\" $this_row_id>";
2088
2089                                 $line["sql_exp"] = htmlspecialchars($line["sql_exp"]);
2090                                 $line["description"] = htmlspecialchars($line["description"]);
2091
2092                                 if (!$edit_label_id || $subop != "edit") {
2093
2094                                         if (!$line["description"]) $line["description"] = "[No caption]";
2095
2096                                         print "<td><input onclick='toggleSelectRow(this);'
2097                                         type=\"checkbox\" id=\"LICHK-".$line["id"]."\"></td>";
2098
2099                                         print "<td><a href=\"javascript:editLabel($label_id);\">" .
2100                                                 $line["sql_exp"] . "</td>";
2101
2102                                         print "<td><a href=\"javascript:editLabel($label_id);\">" .
2103                                                 $line["description"] . "</td>";
2104
2105                                 } else if ($label_id != $edit_label_id) {
2106
2107                                         if (!$line["description"]) $line["description"] = "[No description]";
2108
2109                                         print "<td><input disabled=\"true\" type=\"checkbox\"
2110                                                 id=\"LICHK-".$line["id"]."\"></td>";
2111
2112                                         print "<td>".$line["sql_exp"]."</td>";
2113                                         print "<td>".$line["description"]."</td>";
2114
2115                                 } else {
2116
2117                                         print "<td><input disabled=\"true\" type=\"checkbox\" checked></td>";
2118
2119                                         print "<td><input id=\"iedit_expr\" value=\"".$line["sql_exp"].
2120                                                 "\"></td>";
2121
2122                                         print "<td><input id=\"iedit_descr\" value=\"".$line["description"].
2123                                                 "\"></td>";
2124
2125                                 }
2126
2127
2128                                 print "</tr>";
2129
2130                                 ++$lnum;
2131                         }
2132
2133                         if ($lnum == 0) {
2134                                 print "<tr><td colspan=\"4\" align=\"center\">No labels defined.</td></tr>";
2135                         }
2136
2137                         print "</table>";
2138
2139                         print "<p>";
2140
2141                         if ($subop == "edit") {
2142                                 print "Edit label:
2143                                         <input type=\"submit\" class=\"button\"
2144                                                 onclick=\"javascript:labelTest()\" value=\"Test\">
2145                                         <input type=\"submit\" class=\"button\"
2146                                                 onclick=\"javascript:labelEditCancel()\" value=\"Cancel\">
2147                                         <input type=\"submit\" class=\"button\"
2148                                                 onclick=\"javascript:labelEditSave()\" value=\"Save\">";
2149
2150                         } else {
2151
2152                                 print "
2153                                         Selection:
2154                                 <input type=\"submit\" class=\"button\"
2155                                         onclick=\"javascript:editSelectedLabel()\" value=\"Edit\">
2156                                 <input type=\"submit\" class=\"button\"
2157                                         onclick=\"javascript:removeSelectedLabels()\" value=\"Remove\">";
2158                         }
2159                 } else {
2160                         print "<p>No labels defined.</p>";
2161                 }
2162         }
2163
2164         if ($op == "error") {
2165                 print "<div width=\"100%\" align='center'>";
2166                 $msg = $_GET["msg"];
2167                 print $msg;
2168                 print "</div>";
2169         }
2170
2171         if ($op == "help") {
2172                 if (!$_GET["noheaders"]) {
2173                         print "<html><head>
2174                                 <title>Tiny Tiny RSS : Help</title>
2175                                 <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">
2176                                 <script type=\"text/javascript\" src=\"functions.js\"></script>
2177                                 <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
2178                                 </head><body>";
2179                 }
2180
2181                 $tid = sprintf("%d", $_GET["tid"]);
2182
2183                 print "<div class='infoBoxContents'>";
2184
2185                 if (file_exists("help/$tid.php")) {
2186                         include("help/$tid.php");
2187                 } else {
2188                         print "<p>Help topic not found.</p>";
2189                 }
2190
2191                 print "</div>";
2192
2193                 print "<div align='center'>
2194                         <input type='submit' class='button'
2195                         onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
2196
2197                 if (!$_GET["noheaders"]) {
2198                         print "</body></html>";
2199                 }
2200
2201         }
2202
2203         if ($op == "dlg") {
2204                 $id = $_GET["id"];
2205                 $param = $_GET["param"];
2206
2207                 if ($id == "quickAddFeed") {
2208                         print "
2209                         Feed URL: <input
2210                         onblur=\"javascript:enableHotkeys()\" onfocus=\"javascript:disableHotkeys()\"
2211                         id=\"qafInput\">
2212                         <input class=\"button\"
2213                                 type=\"submit\" onclick=\"javascript:qafAdd()\" value=\"Add feed\">
2214                         <input class=\"button\"
2215                                 type=\"submit\" onclick=\"javascript:closeDlg()\"
2216                                 value=\"Cancel\">";
2217                 }
2218
2219                 if ($id == "quickDelFeed") {
2220
2221                         $param = db_escape_string($param);
2222
2223                         $result = db_query($link, "SELECT title FROM ttrss_feeds WHERE id = '$param'");
2224
2225                         if ($result) {
2226
2227                                 $f_title = db_fetch_result($result, 0, "title");
2228
2229                                 print "Remove current feed (<b>$f_title</b>)?&nbsp;
2230                                 <input class=\"button\"
2231                                         type=\"submit\" onclick=\"javascript:qfdDelete($param)\" value=\"Remove\">
2232                                 <input class=\"button\"
2233                                         type=\"submit\" onclick=\"javascript:closeDlg()\"
2234                                         value=\"Cancel\">";
2235                         } else {
2236                                 print "Error: Feed $param not found.&nbsp;
2237                                 <input class=\"button\"
2238                                         type=\"submit\" onclick=\"javascript:closeDlg()\"
2239                                         value=\"Cancel\">";
2240                         }
2241                 }
2242
2243                 if ($id == "search") {
2244
2245                         print "<input id=\"searchbox\" class=\"extSearch\"
2246                         onblur=\"javascript:enableHotkeys()\" onfocus=\"javascript:disableHotkeys()\"
2247                         onchange=\"javascript:search()\">
2248                         <select id=\"searchmodebox\">
2249                                 <option selected>All feeds</option>
2250                                 <option>This feed</option>
2251                         </select>
2252                         <input type=\"submit\"
2253                                 class=\"button\" onclick=\"javascript:search()\" value=\"Search\">
2254                         <input class=\"button\"
2255                                 type=\"submit\" onclick=\"javascript:closeDlg()\"
2256                                 value=\"Close\">";
2257
2258                 }
2259
2260         }
2261
2262         // update feeds of all users, may be used anonymously
2263         if ($op == "globalUpdateFeeds") {
2264
2265                 $result = db_query($link, "SELECT id FROM ttrss_users");
2266
2267                 while ($line = db_fetch_assoc($result)) {
2268                         $user_id = $line["id"];
2269 //                      print "<!-- updating feeds of uid $user_id -->";
2270                         update_all_feeds($link, false, $user_id);
2271                 }
2272
2273                 print "<rpc-reply>
2274                         <message msg=\"All feeds updated\"/>
2275                 </rpc-reply>";
2276
2277         }
2278
2279         if ($op == "pref-prefs") {
2280
2281                 $subop = $_REQUEST["subop"];
2282
2283                 if ($subop == "Save configuration") {
2284
2285                         if (WEB_DEMO_MODE) {
2286                                 header("Location: prefs.php");
2287                                 return;
2288                         }
2289
2290                         $_SESSION["prefs_op_result"] = "save-config";
2291
2292                         foreach (array_keys($_POST) as $pref_name) {
2293
2294                                 $pref_name = db_escape_string($pref_name);
2295                                 $value = db_escape_string($_POST[$pref_name]);
2296
2297                                 $result = db_query($link, "SELECT type_name
2298                                         FROM ttrss_prefs,ttrss_prefs_types
2299                                         WHERE pref_name = '$pref_name' AND type_id = ttrss_prefs_types.id");
2300
2301                                 if (db_num_rows($result) > 0) {
2302
2303                                         $type_name = db_fetch_result($result, 0, "type_name");
2304
2305 //                                      print "$pref_name : $type_name : $value<br>";
2306
2307                                         if ($type_name == "bool") {
2308                                                 if ($value == "1") {
2309                                                         $value = "true";
2310                                                 } else {
2311                                                         $value = "false";
2312                                                 }
2313                                         } else if ($type_name == "integer") {
2314                                                 $value = sprintf("%d", $value);
2315                                         }
2316
2317 //                                      print "$pref_name : $type_name : $value<br>";
2318
2319                                         db_query($link, "UPDATE ttrss_user_prefs SET value = '$value'
2320                                                 WHERE pref_name = '$pref_name' AND owner_uid = ".$_SESSION["uid"]);
2321
2322                                 }
2323
2324                                 header("Location: prefs.php");
2325
2326                         }
2327
2328                 } else if ($subop == "getHelp") {
2329
2330                         $pref_name = db_escape_string($_GET["pn"]);
2331
2332                         $result = db_query($link, "SELECT help_text FROM ttrss_prefs
2333                                 WHERE pref_name = '$pref_name'");
2334
2335                         if (db_num_rows($result) > 0) {
2336                                 $help_text = db_fetch_result($result, 0, "help_text");
2337                                 print $help_text;
2338                         } else {
2339                                 print "Unknown option: $pref_name";
2340                         }
2341
2342                 } else if ($subop == "Change password") {
2343
2344                         if (WEB_DEMO_MODE) {
2345                                 header("Location: prefs.php");
2346                                 return;
2347                         }
2348
2349                         $old_pw = $_POST["OLD_PASSWORD"];
2350                         $new_pw = $_POST["OLD_PASSWORD"];
2351
2352                         $old_pw_hash = 'SHA1:' . sha1($_POST["OLD_PASSWORD"]);
2353                         $new_pw_hash = 'SHA1:' . sha1($_POST["NEW_PASSWORD"]);
2354
2355                         $active_uid = $_SESSION["uid"];
2356
2357                         if ($old_pw && $new_pw) {
2358
2359                                 $login = db_escape_string($_SERVER['PHP_AUTH_USER']);
2360
2361                                 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
2362                                         id = '$active_uid' AND (pwd_hash = '$old_pw' OR
2363                                                 pwd_hash = '$old_pw_hash')");
2364
2365                                 if (db_num_rows($result) == 1) {
2366                                         db_query($link, "UPDATE ttrss_users SET pwd_hash = '$new_pw_hash'
2367                                                 WHERE id = '$active_uid'");
2368
2369                                         $_SESSION["pwd_change_result"] = "ok";
2370                                 } else {
2371                                         $_SESSION["pwd_change_result"] = "failed";
2372                                 }
2373                         }
2374
2375                         header("Location: prefs.php");
2376
2377                 } else if ($subop == "Reset to defaults") {
2378
2379                         if (WEB_DEMO_MODE) {
2380                                 header("Location: prefs.php");
2381                                 return;
2382                         }
2383
2384                         $_SESSION["prefs_op_result"] = "reset-to-defaults";
2385
2386                         if (DB_TYPE == "pgsql") {
2387                                 db_query($link,"UPDATE ttrss_user_prefs
2388                                         SET value = ttrss_prefs.def_value
2389                                         WHERE owner_uid = '".$_SESSION["uid"]."' AND
2390                                         ttrss_prefs.pref_name = ttrss_user_prefs.pref_name");
2391                         } else {
2392                                 db_query($link, "DELETE FROM ttrss_user_prefs
2393                                         WHERE owner_uid = ".$_SESSION["uid"]);
2394                                 initialize_user_prefs($link, $_SESSION["uid"]);
2395                         }
2396
2397                         header("Location: prefs.php");
2398
2399                 } else if ($subop == "Change theme") {
2400
2401                         $theme = db_escape_string($_POST["theme"]);
2402
2403                         if ($theme == "Default") {
2404                                 $theme_qpart = 'NULL';
2405                         } else {
2406                                 $theme_qpart = "'$theme'";
2407                         }
2408
2409                         $result = db_query($link, "SELECT id,theme_path FROM ttrss_themes
2410                                 WHERE theme_name = '$theme'");
2411
2412                         if (db_num_rows($result) == 1) {
2413                                 $theme_id = db_fetch_result($result, 0, "id");
2414                                 $theme_path = db_fetch_result($result, 0, "theme_path");
2415                         } else {
2416                                 $theme_id = "NULL";
2417                                 $theme_path = "";
2418                         }
2419
2420                         db_query($link, "UPDATE ttrss_users SET
2421                                 theme_id = $theme_id WHERE id = " . $_SESSION["uid"]);
2422
2423                         $_SESSION["theme"] = $theme_path;
2424
2425                         header("Location: prefs.php");
2426
2427                 } else {
2428
2429                         if (!SINGLE_USER_MODE) {
2430
2431                                 $result = db_query($link, "SELECT id FROM ttrss_users
2432                                         WHERE id = ".$_SESSION["uid"]." AND (pwd_hash = 'password' OR
2433                                                 pwd_hash = 'SHA1:".sha1("password")."')");
2434
2435                                 if (db_num_rows($result) != 0) {
2436                                         print "<div class=\"warning\">
2437                                                 Your password is at default value, please change it.
2438                                         </div>";
2439                                 }
2440
2441                                 if ($_SESSION["pwd_change_result"] == "failed") {
2442                                         print "<div class=\"warning\">
2443                                                         There was an error while changing your password.
2444                                                 </div>";
2445                                 }
2446
2447                                 if ($_SESSION["pwd_change_result"] == "ok") {
2448                                         print "<div class=\"notice\">
2449                                                         Password changed successfully.
2450                                                 </div>";
2451                                 }
2452
2453                                 $_SESSION["pwd_change_result"] = "";
2454
2455                                 if ($_SESSION["prefs_op_result"] == "reset-to-defaults") {
2456                                         print "<div class=\"notice\">
2457                                                         Your configuration was reset to defaults.
2458                                                 </div>";
2459                                 }
2460
2461                                 if ($_SESSION["prefs_op_result"] == "save-config") {
2462                                         print "<div class=\"notice\">
2463                                                         Your configuration was saved successfully.
2464                                                 </div>";
2465                                 }
2466
2467                                 $_SESSION["prefs_op_result"] = "";
2468
2469                                 print "<form action=\"backend.php\" method=\"POST\">";
2470
2471                                 print "<table width=\"100%\" class=\"prefPrefsList\">";
2472                                 print "<tr><td colspan='3'><h3>Authentication</h3></tr></td>";
2473
2474                                 print "<tr><td width=\"40%\">Old password</td>";
2475                                 print "<td><input class=\"editbox\" type=\"password\"
2476                                         name=\"OLD_PASSWORD\"></td></tr>";
2477
2478                                 print "<tr><td width=\"40%\">New password</td>";
2479
2480                                 print "<td><input class=\"editbox\" type=\"password\"
2481                                         name=\"NEW_PASSWORD\"></td></tr>";
2482
2483                                 print "</table>";
2484
2485                                 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
2486
2487                                 print "<p><input class=\"button\" type=\"submit\"
2488                                         value=\"Change password\" name=\"subop\">";
2489
2490                                 print "</form>";
2491
2492                         }
2493
2494                         $result = db_query($link, "SELECT
2495                                 theme_id FROM ttrss_users WHERE id = " . $_SESSION["uid"]);
2496
2497                         $user_theme_id = db_fetch_result($result, 0, "theme_id");
2498
2499                         $result = db_query($link, "SELECT
2500                                 id,theme_name FROM ttrss_themes ORDER BY theme_name");
2501
2502                         if (db_num_rows($result) > 0) {
2503
2504                                 print "<form action=\"backend.php\" method=\"POST\">";
2505                                 print "<table width=\"100%\" class=\"prefPrefsList\">";
2506                                 print "<tr><td colspan='3'><h3>Themes</h3></tr></td>";
2507                                 print "<tr><td width=\"40%\">Select theme</td>";
2508                                 print "<td><select name=\"theme\">";
2509                                 print "<option>Default</option>";
2510                                 print "<option disabled>--------</option>";
2511
2512                                 while ($line = db_fetch_assoc($result)) {
2513                                         if ($line["id"] == $user_theme_id) {
2514                                                 $selected = "selected";
2515                                         } else {
2516                                                 $selected = "";
2517                                         }
2518                                         print "<option $selected>" . $line["theme_name"] . "</option>";
2519                                 }
2520                                 print "</select></td></tr>";
2521                                 print "</table>";
2522                                 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
2523                                 print "<p><input class=\"button\" type=\"submit\"
2524                                         value=\"Change theme\" name=\"subop\">";
2525                                 print "</form>";
2526                         }
2527
2528                         $result = db_query($link, "SELECT
2529                                 ttrss_user_prefs.pref_name,short_desc,help_text,value,type_name,
2530                                 section_name,def_value
2531                                 FROM ttrss_prefs,ttrss_prefs_types,ttrss_prefs_sections,ttrss_user_prefs
2532                                 WHERE type_id = ttrss_prefs_types.id AND
2533                                         section_id = ttrss_prefs_sections.id AND
2534                                         ttrss_user_prefs.pref_name = ttrss_prefs.pref_name AND
2535                                         owner_uid = ".$_SESSION["uid"]."
2536                                 ORDER BY section_id,short_desc");
2537
2538                         print "<form action=\"backend.php\" method=\"POST\">";
2539
2540                         $lnum = 0;
2541
2542                         $active_section = "";
2543
2544                         while ($line = db_fetch_assoc($result)) {
2545
2546                                 if ($active_section != $line["section_name"]) {
2547
2548                                         if ($active_section != "") {
2549                                                 print "</table>";
2550                                         }
2551
2552                                         print "<p><table width=\"100%\" class=\"prefPrefsList\">";
2553
2554                                         $active_section = $line["section_name"];
2555
2556                                         print "<tr><td colspan=\"3\"><h3>$active_section</h3></td></tr>";
2557 //                                      print "<tr class=\"title\">
2558 //                                              <td width=\"25%\">Option</td><td>Value</td></tr>";
2559
2560                                         $lnum = 0;
2561                                 }
2562
2563 //                              $class = ($lnum % 2) ? "even" : "odd";
2564
2565                                 print "<tr>";
2566
2567                                 $type_name = $line["type_name"];
2568                                 $pref_name = $line["pref_name"];
2569                                 $value = $line["value"];
2570                                 $def_value = $line["def_value"];
2571                                 $help_text = $line["help_text"];
2572
2573                                 print "<td width=\"40%\" id=\"$pref_name\">" . $line["short_desc"];
2574
2575                                 if ($help_text) print "<div class=\"prefHelp\">$help_text</div>";
2576
2577                                 print "</td>";
2578
2579                                 print "<td>";
2580
2581                                 if ($type_name == "bool") {
2582 //                                      print_select($pref_name, $value, array("true", "false"));
2583
2584                                         if ($value == "true") {
2585                                                 $value = "Yes";
2586                                         } else {
2587                                                 $value = "No";
2588                                         }
2589
2590                                         print_radio($pref_name, $value, array("Yes", "No"));
2591
2592                                 } else {
2593                                         print "<input class=\"editbox\" name=\"$pref_name\" value=\"$value\">";
2594                                 }
2595
2596                                 print "</td>";
2597
2598                                 print "</tr>";
2599
2600                                 $lnum++;
2601                         }
2602
2603                         print "</table>";
2604
2605                         print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
2606
2607                         print "<p><input class=\"button\" type=\"submit\"
2608                                 name=\"subop\" value=\"Save configuration\">";
2609
2610                         print "&nbsp;<input class=\"button\" type=\"submit\"
2611                                 name=\"subop\" value=\"Reset to defaults\"></p>";
2612
2613                         print "</form>";
2614
2615                 }
2616
2617         }
2618
2619         if ($op == "pref-users") {
2620
2621                 $subop = $_GET["subop"];
2622
2623                 if ($subop == "editSave") {
2624
2625                         if (!WEB_DEMO_MODE) {
2626
2627                                 $login = db_escape_string($_GET["l"]);
2628                                 $uid = db_escape_string($_GET["id"]);
2629                                 $access_level = sprintf("%d", $_GET["al"]);
2630
2631                                 db_query($link, "UPDATE ttrss_users SET login = '$login', access_level = '$access_level' WHERE id = '$uid'");
2632
2633                         }
2634                 } else if ($subop == "remove") {
2635
2636                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
2637
2638                                 $ids = split(",", $_GET["ids"]);
2639
2640                                 foreach ($ids as $id) {
2641                                         db_query($link, "DELETE FROM ttrss_users WHERE id = '$id' AND id != " . $_SESSION["uid"]);
2642
2643                                 }
2644                         }
2645                 } else if ($subop == "add") {
2646
2647                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
2648
2649                                 $login = db_escape_string(trim($_GET["login"]));
2650                                 $tmp_user_pwd = make_password(8);
2651                                 $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd);
2652
2653                                 db_query($link, "INSERT INTO ttrss_users (login,pwd_hash,access_level)
2654                                         VALUES ('$login', '$pwd_hash', 0)");
2655
2656
2657                                 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
2658                                         login = '$login' AND pwd_hash = '$pwd_hash'");
2659
2660                                 if (db_num_rows($result) == 1) {
2661
2662                                         $new_uid = db_fetch_result($result, 0, "id");
2663
2664                                         print "<div class=\"notice\">Added user <b>".$_GET["login"].
2665                                                 "</b> with password <b>$tmp_user_pwd</b>.</div>";
2666
2667                                         initialize_user($link, $new_uid);
2668
2669                                 } else {
2670
2671                                         print "<div class=\"warning\">Error while adding user <b>".
2672                                         $_GET["login"].".</b></div>";
2673
2674                                 }
2675                         }
2676                 } else if ($subop == "resetPass") {
2677
2678                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
2679
2680                                 $uid = db_escape_string($_GET["id"]);
2681
2682                                 $result = db_query($link, "SELECT login FROM ttrss_users WHERE id = '$uid'");
2683
2684                                 $login = db_fetch_result($result, 0, "login");
2685                                 $tmp_user_pwd = make_password(8);
2686                                 $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd);
2687
2688                                 db_query($link, "UPDATE ttrss_users SET pwd_hash = '$pwd_hash'
2689                                         WHERE id = '$uid'");
2690
2691                                 print "<div class=\"notice\">Changed password of
2692                                         user <b>$login</b> to <b>$tmp_user_pwd</b>.</div>";
2693
2694                         }
2695                 }
2696
2697                 print "<div class=\"prefGenericAddBox\">
2698                         <input id=\"uadd_box\" size=\"40\">&nbsp;";
2699
2700                 print"<input type=\"submit\" class=\"button\"
2701                         onclick=\"javascript:addUser()\" value=\"Add user\"></div>";
2702
2703                 $result = db_query($link, "SELECT
2704                                 id,login,access_level,
2705                                 SUBSTRING(last_login,1,16) as last_login
2706                         FROM
2707                                 ttrss_users
2708                         ORDER by login");
2709
2710                 print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
2711
2712                 print "<p><table width=\"100%\" cellspacing=\"0\"
2713                         class=\"prefUserList\" id=\"prefUserList\">";
2714
2715                 print "<tr><td class=\"selectPrompt\" colspan=\"8\">
2716                                 Select:
2717                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefUserList',
2718                                                 'UMRR-', 'UMCHK-', true)\">All</a>,
2719                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefUserList',
2720                                                 'UMRR-', 'UMCHK-', false)\">None</a>
2721                                 </td</tr>";
2722
2723                 print "<tr class=\"title\">
2724                                         <td width=\"5%\">Select</td>
2725                                         <td width='30%'>Username</td>
2726                                         <td width='30%'>Access Level</td>
2727                                         <td width='30%'>Last login</td></tr>";
2728
2729                 $lnum = 0;
2730
2731                 while ($line = db_fetch_assoc($result)) {
2732
2733                         $class = ($lnum % 2) ? "even" : "odd";
2734
2735                         $uid = $line["id"];
2736                         $edit_uid = $_GET["id"];
2737
2738                         if ($uid == $_SESSION["uid"] || ($subop == "edit" && $uid != $edit_uid)) {
2739                                 $class .= "Grayed";
2740                                 $this_row_id = "";
2741                         } else {
2742                                 $this_row_id = "id=\"UMRR-$uid\"";
2743                         }
2744
2745                         print "<tr class=\"$class\" $this_row_id>";
2746
2747                         $line["login"] = htmlspecialchars($line["login"]);
2748
2749                         if ($uid == $_SESSION["uid"]) {
2750
2751                                 print "<td><input disabled=\"true\" type=\"checkbox\"
2752                                         id=\"UMCHK-".$line["id"]."\"></td>";
2753
2754                                 print "<td>".$line["login"]."</td>";
2755                                 print "<td>".$line["access_level"]."</td>";
2756
2757                         } else if (!$edit_uid || $subop != "edit") {
2758
2759                                 print "<td><input onclick='toggleSelectRow(this);'
2760                                 type=\"checkbox\" id=\"UMCHK-$uid\"></td>";
2761
2762                                 print "<td><a href=\"javascript:editUser($uid);\">" .
2763                                         $line["login"] . "</td>";
2764
2765                                 print "<td><a href=\"javascript:editUser($uid);\">" .
2766                                         $line["access_level"] . "</td>";
2767
2768                         } else if ($uid != $edit_uid) {
2769
2770                                 print "<td><input disabled=\"true\" type=\"checkbox\"
2771                                         id=\"UMCHK-".$line["id"]."\"></td>";
2772
2773                                 print "<td>".$line["login"]."</td>";
2774                                 print "<td>".$line["access_level"]."</td>";
2775
2776                         } else {
2777
2778                                 print "<td><input disabled=\"true\" type=\"checkbox\" checked></td>";
2779
2780                                 print "<td><input id=\"iedit_ulogin\" value=\"".$line["login"].
2781                                         "\"></td>";
2782
2783                                 print "<td><input id=\"iedit_ulevel\" value=\"".$line["access_level"].
2784                                         "\"></td>";
2785
2786                         }
2787
2788                         print "<td>".$line["last_login"]."</td>";
2789
2790                         print "</tr>";
2791
2792                         ++$lnum;
2793                 }
2794
2795                 print "</table>";
2796
2797                 print "<p>";
2798
2799                 if ($subop == "edit") {
2800                         print "Edit label:
2801                                 <input type=\"submit\" class=\"button\"
2802                                         onclick=\"javascript:userEditCancel()\" value=\"Cancel\">
2803                                 <input type=\"submit\" class=\"button\"
2804                                         onclick=\"javascript:userEditSave()\" value=\"Save\">";
2805
2806                 } else {
2807
2808                         print "
2809                                 Selection:
2810                         <input type=\"submit\" class=\"button\"
2811                                 onclick=\"javascript:selectedUserDetails()\" value=\"User details\">
2812                         <input type=\"submit\" class=\"button\"
2813                                 onclick=\"javascript:editSelectedUser()\" value=\"Edit\">
2814                         <input type=\"submit\" class=\"button\"
2815                                 onclick=\"javascript:removeSelectedUsers()\" value=\"Remove\">
2816                         <input type=\"submit\" class=\"button\"
2817                                 onclick=\"javascript:resetSelectedUserPass()\" value=\"Reset password\">";
2818
2819                 }
2820         }
2821
2822         if ($op == "user-details") {
2823
2824                 if (WEB_DEMO_MODE || $_SESSION["access_level"] < 10) {
2825                         return;
2826                 }
2827
2828 /*              print "<html><head>
2829                         <title>Tiny Tiny RSS : User Details</title>
2830                         <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">
2831                         <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
2832                         </head><body>"; */
2833
2834                 $uid = sprintf("%d", $_GET["id"]);
2835
2836                 print "<div class='infoBoxContents'>";
2837
2838                 $result = db_query($link, "SELECT login,
2839                         SUBSTRING(last_login,1,16) AS last_login,
2840                         access_level,
2841                         (SELECT COUNT(int_id) FROM ttrss_user_entries
2842                                 WHERE owner_uid = id) AS stored_articles
2843                         FROM ttrss_users
2844                         WHERE id = '$uid'");
2845
2846                 if (db_num_rows($result) == 0) {
2847                         print "<h1>User not found</h1>";
2848                         return;
2849                 }
2850
2851                 print "<h1>User Details</h1>";
2852
2853                 print "<table width='100%'>";
2854
2855                 $login = db_fetch_result($result, 0, "login");
2856                 $last_login = db_fetch_result($result, 0, "last_login");
2857                 $access_level = db_fetch_result($result, 0, "access_level");
2858                 $stored_articles = db_fetch_result($result, 0, "stored_articles");
2859
2860                 print "<tr><td>Username</td><td>$login</td></tr>";
2861                 print "<tr><td>Access level</td><td>$access_level</td></tr>";
2862                 print "<tr><td>Last logged in</td><td>$last_login</td></tr>";
2863                 print "<tr><td>Stored articles</td><td>$stored_articles</td></tr>";
2864
2865                 $result = db_query($link, "SELECT COUNT(id) as num_feeds FROM ttrss_feeds
2866                         WHERE owner_uid = '$uid'");
2867
2868                 $num_feeds = db_fetch_result($result, 0, "num_feeds");
2869
2870                 print "<tr><td>Subscribed feeds count</td><td>$num_feeds</td></tr>";
2871
2872 /*              $result = db_query($link, "SELECT
2873                         SUM(LENGTH(content)+LENGTH(title)+LENGTH(link)+LENGTH(guid)) AS db_size
2874                         FROM ttrss_user_entries,ttrss_entries
2875                                 WHERE owner_uid = '$uid' AND ref_id = id");
2876
2877                 $db_size = round(db_fetch_result($result, 0, "db_size") / 1024);
2878
2879                 print "<tr><td>Approx. used DB size</td><td>$db_size KBytes</td></tr>";  */
2880
2881                 print "</table>";
2882
2883                 print "<h1>Subscribed feeds</h1>";
2884
2885                 $result = db_query($link, "SELECT id,title,feed_url FROM ttrss_feeds
2886                         WHERE owner_uid = '$uid' ORDER BY title");
2887
2888                 print "<ul class=\"nomarks\">";
2889
2890                 while ($line = db_fetch_assoc($result)) {
2891
2892                         $icon_file = ICONS_URL."/".$line["id"].".ico";
2893
2894                         if (file_exists($icon_file) && filesize($icon_file) > 0) {
2895                                 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"$icon_file\">";
2896                         } else {
2897                                 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
2898                         }
2899
2900                         print "<li>$feed_icon&nbsp;<a href=\"".$line["feed_url"]."\">".$line["title"]."</a></li>";
2901                 }
2902
2903                 print "</ul>";
2904
2905                 print "</div>";
2906
2907                 print "<div align='center'>
2908                         <input type='submit' class='button'
2909                         onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
2910
2911 //              print "</body></html>";
2912
2913         }
2914
2915         if ($op == "feed-details") {
2916
2917                 $feed_id = $_GET["id"];
2918
2919                 $result = db_query($link,
2920                         "SELECT
2921                                 title,feed_url,last_updated,icon_url,site_url,
2922                                 (SELECT COUNT(int_id) FROM ttrss_user_entries
2923                                         WHERE feed_id = id) AS total,
2924                                 (SELECT COUNT(int_id) FROM ttrss_user_entries
2925                                         WHERE feed_id = id AND unread = true) AS unread,
2926                                 (SELECT COUNT(int_id) FROM ttrss_user_entries
2927                                         WHERE feed_id = id AND marked = true) AS marked
2928                         FROM ttrss_feeds
2929                         WHERE id = '$feed_id' AND owner_uid = ".$_SESSION["uid"]);
2930
2931                 if (db_num_rows($result) == 0) return;
2932
2933                 $title = db_fetch_result($result, 0, "title");
2934                 $last_updated = db_fetch_result($result, 0, "last_updated");
2935                 $feed_url = db_fetch_result($result, 0, "feed_url");
2936                 $icon_url = db_fetch_result($result, 0, "icon_url");
2937                 $total = db_fetch_result($result, 0, "total");
2938                 $unread = db_fetch_result($result, 0, "unread");
2939                 $marked = db_fetch_result($result, 0, "marked");
2940                 $site_url = db_fetch_result($result, 0, "site_url");
2941
2942                 $result = db_query($link, "SELECT COUNT(id) AS subscribed
2943                                         FROM ttrss_feeds WHERE feed_url = '$feed_url'");
2944
2945                 $subscribed = db_fetch_result($result, 0, "subscribed");
2946
2947                 print "<div class=\"infoBoxContents\">";
2948
2949                 $icon_file = ICONS_DIR . "/$feed_id.ico";
2950
2951                 if (file_exists($icon_file) && filesize($icon_file) > 0) {
2952                                 $feed_icon = "<img width=\"16\" height=\"16\"
2953                                         src=\"" . ICONS_URL . "/$feed_id.ico\">";
2954                 } else {
2955                         $feed_icon = "";
2956                 }
2957
2958                 print "<h1>$feed_icon $title</h1>";
2959
2960                 print "<table width='100%'>";
2961
2962                 if ($site_url) {
2963                         print "<tr><td width='30%'>Link</td>
2964                                 <td><a href=\"$site_url\">$site_url</a>
2965                                 <a href=\"$feed_url\">(feed)</a></td>
2966                                 </td></tr>";
2967                 } else {
2968                         print "<tr><td width='30%'>Feed URL</td>
2969                                 <td><a href=\"$feed_url\">$feed_url</a></td></tr>";
2970                 }
2971                 print "<tr><td>Last updated</td><td>$last_updated</td></tr>";
2972                 print "<tr><td>Total articles</td><td>$total</td></tr>";
2973                 print "<tr><td>Unread articles</td><td>$unread</td></tr>";
2974                 print "<tr><td>Starred articles</td><td>$marked</td></tr>";
2975                 print "<tr><td>Subscribed users</td><td>$subscribed</td></tr>";
2976
2977                 print "</table>";
2978
2979                 $result = db_query($link, "SELECT title,
2980                         SUBSTRING(updated,1,16) AS updated,unread
2981                         FROM ttrss_entries,ttrss_user_entries
2982                         WHERE ref_id = id AND feed_id = '$feed_id'
2983                         ORDER BY date_entered DESC LIMIT 5");
2984
2985                 if (db_num_rows($result) > 0) {
2986
2987                         print "<h1>Latest headlines</h1>";
2988
2989                         print "<ul class=\"nomarks\">";
2990
2991                         while ($line = db_fetch_assoc($result)) {
2992                                 if ($line["unread"] == "t" || $line["unread"] == "1") {
2993                                         $line["title"] = "<b>" . $line["title"] . "</b>";
2994                                 }
2995                                 print "<li>" . $line["title"].
2996                                 "&nbsp;<span class=\"insensitive\">(" .$line["updated"].")</span></li>";
2997                         }
2998
2999                         print "</ul>";
3000
3001                         print "</div>";
3002
3003                         print "<div align='center'>
3004                                 <input type='submit' class='button'
3005                                 onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
3006                 }
3007         }
3008
3009         db_close($link);
3010 ?>
3011
3012 <!-- <?= sprintf("Backend execution time: %.4f seconds", getmicrotime() - $script_started) ?> -->
3013