]>
git.wh0rd.org - tt-rss.git/blob - classes/pref/prefs.php
3 class Pref_Prefs
extends Handler_Protected
{
5 private $pref_help = array ();
6 private $pref_sections = array ();
8 function csrf_ignore ( $method ) {
9 $csrf_ignored = array ( "index" , "updateself" , "customizecss" , "editprefprofiles" );
11 return array_search ( $method , $csrf_ignored ) !== false ;
14 function __construct ( $args ) {
15 parent
:: __construct ( $args );
17 $this -> pref_sections
= array (
24 $this -> pref_help
= array (
25 "ALLOW_DUPLICATE_POSTS" => array ( __ ( "Allow duplicate articles" ), "" ),
26 "BLACKLISTED_TAGS" => array ( __ ( "Blacklisted tags" ), __ ( "When auto-detecting tags in articles these tags will not be applied (comma-separated list)." )),
27 "CDM_AUTO_CATCHUP" => array ( __ ( "Automatically mark articles as read" ), __ ( "This option enables marking articles as read automatically while you scroll article list." )),
28 "CDM_EXPANDED" => array ( __ ( "Automatically expand articles in combined mode" ), "" ),
29 "COMBINED_DISPLAY_MODE" => array ( __ ( "Combined feed display" ), __ ( "Display expanded list of feed articles, instead of separate displays for headlines and article content" )),
30 "CONFIRM_FEED_CATCHUP" => array ( __ ( "Confirm marking feed as read" ), "" ),
31 "DEFAULT_ARTICLE_LIMIT" => array ( __ ( "Amount of articles to display at once" ), "" ),
32 "DEFAULT_UPDATE_INTERVAL" => array ( __ ( "Default feed update interval" ), __ ( "Shortest interval at which a feed will be checked for updates regardless of update method" )),
33 "DIGEST_CATCHUP" => array ( __ ( "Mark articles in e-mail digest as read" ), "" ),
34 "DIGEST_ENABLE" => array ( __ ( "Enable e-mail digest" ), __ ( "This option enables sending daily digest of new (and unread) headlines on your configured e-mail address" )),
35 "DIGEST_PREFERRED_TIME" => array ( __ ( "Try to send digests around specified time" ), __ ( "Uses UTC timezone" )),
36 "ENABLE_API_ACCESS" => array ( __ ( "Enable API access" ), __ ( "Allows external clients to access this account through the API" )),
37 "ENABLE_FEED_CATS" => array ( __ ( "Enable feed categories" ), "" ),
38 "FEEDS_SORT_BY_UNREAD" => array ( __ ( "Sort feeds by unread articles count" ), "" ),
39 "FRESH_ARTICLE_MAX_AGE" => array ( __ ( "Maximum age of fresh articles (in hours)" ), "" ),
40 "HIDE_READ_FEEDS" => array ( __ ( "Hide feeds with no unread articles" ), "" ),
41 "HIDE_READ_SHOWS_SPECIAL" => array ( __ ( "Show special feeds when hiding read feeds" ), "" ),
42 "LONG_DATE_FORMAT" => array ( __ ( "Long date format" ), __ ( "The syntax used is identical to the PHP <a href='http://php.net/manual/function.date.php'>date()</a> function." )),
43 "ON_CATCHUP_SHOW_NEXT_FEED" => array ( __ ( "On catchup show next feed" ), __ ( "Automatically open next feed with unread articles after marking one as read" )),
44 "PURGE_OLD_DAYS" => array ( __ ( "Purge articles after this number of days (0 - disables)" ), "" ),
45 "PURGE_UNREAD_ARTICLES" => array ( __ ( "Purge unread articles" ), "" ),
46 "REVERSE_HEADLINES" => array ( __ ( "Reverse headline order (oldest first)" ), "" ),
47 "SHORT_DATE_FORMAT" => array ( __ ( "Short date format" ), "" ),
48 "SHOW_CONTENT_PREVIEW" => array ( __ ( "Show content preview in headlines list" ), "" ),
49 "SORT_HEADLINES_BY_FEED_DATE" => array ( __ ( "Sort headlines by feed date" ), __ ( "Use feed-specified date to sort headlines instead of local import date." )),
50 "SSL_CERT_SERIAL" => array ( __ ( "Login with an SSL certificate" ), __ ( "Click to register your SSL client certificate with tt-rss" )),
51 "STRIP_IMAGES" => array ( __ ( "Do not embed images in articles" ), "" ),
52 "STRIP_UNSAFE_TAGS" => array ( __ ( "Strip unsafe tags from articles" ), __ ( "Strip all but most common HTML tags when reading articles." )),
53 "USER_STYLESHEET" => array ( __ ( "Customize stylesheet" ), __ ( "Customize CSS stylesheet to your liking" )),
54 "USER_TIMEZONE" => array ( __ ( "Time zone" ), "" ),
55 "VFEED_GROUP_BY_FEED" => array ( __ ( "Group headlines in virtual feeds" ), __ ( "Special feeds, labels, and categories are grouped by originating feeds" )),
56 "USER_LANGUAGE" => array ( __ ( "Language" )),
57 "USER_CSS_THEME" => array ( __ ( "Theme" ), __ ( "Select one of the available CSS themes" ))
61 function changepassword () {
63 $old_pw = clean ( $_POST [ "old_password" ]);
64 $new_pw = clean ( $_POST [ "new_password" ]);
65 $con_pw = clean ( $_POST [ "confirm_password" ]);
68 print "ERROR: " . format_error ( "Old password cannot be blank." );
73 print "ERROR: " . format_error ( "New password cannot be blank." );
77 if ( $new_pw != $con_pw ) {
78 print "ERROR: " . format_error ( "Entered passwords do not match." );
82 $authenticator = PluginHost
:: getInstance ()-> get_plugin ( $_SESSION [ "auth_module" ]);
84 if ( method_exists ( $authenticator , "change_password" )) {
85 print format_notice ( $authenticator -> change_password ( $_SESSION [ "uid" ], $old_pw , $new_pw ));
87 print "ERROR: " . format_error ( "Function not supported by authentication module." );
91 function saveconfig () {
92 $boolean_prefs = explode ( "," , clean ( $_POST [ "boolean_prefs" ]));
94 foreach ( $boolean_prefs as $pref ) {
95 if (! isset ( $_POST [ $pref ])) $_POST [ $pref ] = 'false' ;
100 foreach ( array_keys ( $_POST ) as $pref_name ) {
102 $value = $_POST [ $pref_name ];
104 if ( $pref_name == 'DIGEST_PREFERRED_TIME' ) {
105 if ( get_pref ( 'DIGEST_PREFERRED_TIME' ) != $value ) {
107 $sth = $this -> pdo
-> prepare ( "UPDATE ttrss_users SET
108 last_digest_sent = NULL WHERE id = ?" );
109 $sth -> execute ([ $_SESSION [ 'uid' ]]);
114 if ( $pref_name == "USER_LANGUAGE" ) {
115 if ( $_SESSION [ "language" ] != $value ) {
120 set_pref ( $pref_name , $value );
124 print "PREFS_NEED_RELOAD" ;
126 print __ ( "The configuration was saved." );
130 function changeemail () {
132 $email = clean ( $_POST [ "email" ]);
133 $full_name = clean ( $_POST [ "full_name" ]);
134 $active_uid = $_SESSION [ "uid" ];
136 $sth = $this -> pdo
-> prepare ( "UPDATE ttrss_users SET email = ?,
137 full_name = ? WHERE id = ?" );
138 $sth -> execute ([ $email , $full_name , $active_uid ]);
140 print __ ( "Your personal data has been saved." );
145 function resetconfig () {
147 $_SESSION [ "prefs_op_result" ] = "reset-to-defaults" ;
149 $sth = $this -> pdo
-> query ( "DELETE FROM ttrss_user_prefs
150 WHERE (profile = :profile OR (:profile IS NULL AND profile IS NULL))
151 AND owner_uid = :uid" );
152 $sth -> execute ([ ":profile" => $_SESSION [ 'profile' ], ":uid" => $_SESSION [ 'uid' ]]);
154 initialize_user_prefs ( $_SESSION [ "uid" ], $_SESSION [ "profile" ]);
156 echo __ ( "Your preferences are now set to default values." );
161 global $access_level_names ;
163 $prefs_blacklist = array ( "ALLOW_DUPLICATE_POSTS" , "STRIP_UNSAFE_TAGS" , "REVERSE_HEADLINES" ,
164 "SORT_HEADLINES_BY_FEED_DATE" , "DEFAULT_ARTICLE_LIMIT" ,
165 "FEEDS_SORT_BY_UNREAD" );
167 /* "FEEDS_SORT_BY_UNREAD", "HIDE_READ_FEEDS", "REVERSE_HEADLINES" */
169 $profile_blacklist = array ( "ALLOW_DUPLICATE_POSTS" , "PURGE_OLD_DAYS" ,
170 "PURGE_UNREAD_ARTICLES" , "DIGEST_ENABLE" , "DIGEST_CATCHUP" ,
171 "BLACKLISTED_TAGS" , "ENABLE_API_ACCESS" , "UPDATE_POST_ON_CHECKSUM_CHANGE" ,
172 "DEFAULT_UPDATE_INTERVAL" , "USER_TIMEZONE" , "SORT_HEADLINES_BY_FEED_DATE" ,
173 "SSL_CERT_SERIAL" , "DIGEST_PREFERRED_TIME" );
176 $_SESSION [ "prefs_op_result" ] = "" ;
178 print "<div dojoType= \" dijit.layout.AccordionContainer \" region= \" center \" >" ;
179 print "<div dojoType= \" dijit.layout.AccordionPane \" title= \" " . __ ( 'Personal data / Authentication' ). " \" >" ;
181 print "<form dojoType= \" dijit.form.Form \" id= \" changeUserdataForm \" >" ;
183 print "<script type= \" dojo/method \" event= \" onSubmit \" args= \" evt \" >
184 evt.preventDefault();
185 if (this.validate()) {
186 notify_progress('Saving data...', true);
188 new Ajax.Request('backend.php', {
189 parameters: dojo.objectToQuery(this.getValues()),
190 onComplete: function(transport) {
191 notify_callback2(transport);
197 print "<table width= \" 100% \" class= \" prefPrefsList \" >" ;
199 print "<h2>" . __ ( "Personal data" ) . "</h2>" ;
201 $sth = $this -> pdo
-> prepare ( "SELECT email,full_name,otp_enabled,
202 access_level FROM ttrss_users
204 $sth -> execute ([ $_SESSION [ "uid" ]]);
205 $row = $sth -> fetch ();
207 $email = htmlspecialchars ( $row [ "email" ]);
208 $full_name = htmlspecialchars ( $row [ "full_name" ]);
209 $otp_enabled = sql_bool_to_bool ( $row [ "otp_enabled" ]);
211 print "<tr><td width= \" 40% \" >" . __ ( 'Full name' ). "</td>" ;
212 print "<td class= \" prefValue \" ><input dojoType= \" dijit.form.ValidationTextBox \" name= \" full_name \" required= \" 1 \"
213 value= \" $full_name\" ></td></tr>" ;
215 print "<tr><td width= \" 40% \" >" . __ ( 'E-mail' ). "</td>" ;
216 print "<td class= \" prefValue \" ><input dojoType= \" dijit.form.ValidationTextBox \" name= \" email \" required= \" 1 \" value= \" $email\" ></td></tr>" ;
218 if (! SINGLE_USER_MODE
&& ! $_SESSION [ "hide_hello" ]) {
220 $access_level = $row [ "access_level" ];
221 print "<tr><td width= \" 40% \" >" . __ ( 'Access level' ). "</td>" ;
222 print "<td>" . $access_level_names [ $access_level ] . "</td></tr>" ;
227 print_hidden ( "op" , "pref-prefs" );
228 print_hidden ( "method" , "changeemail" );
230 print "<p><button dojoType= \" dijit.form.Button \" type= \" submit \" class= \" btn-primary \" >" .
231 __ ( "Save data" ). "</button>" ;
235 if ( $_SESSION [ "auth_module" ]) {
236 $authenticator = PluginHost
:: getInstance ()-> get_plugin ( $_SESSION [ "auth_module" ]);
238 $authenticator = false ;
241 if ( $authenticator && method_exists ( $authenticator , "change_password" )) {
243 print "<h2>" . __ ( "Password" ) . "</h2>" ;
245 print "<div style='display : none' id='pwd_change_infobox'></div>" ;
247 print "<form dojoType= \" dijit.form.Form \" >" ;
249 print "<script type= \" dojo/method \" event= \" onSubmit \" args= \" evt \" >
250 evt.preventDefault();
251 if (this.validate()) {
252 notify_progress('Changing password...', true);
254 new Ajax.Request('backend.php', {
255 parameters: dojo.objectToQuery(this.getValues()),
256 onComplete: function(transport) {
258 if (transport.responseText.indexOf('ERROR: ') == 0) {
260 $('pwd_change_infobox').innerHTML =
261 transport.responseText.replace('ERROR: ', '');
264 $('pwd_change_infobox').innerHTML =
265 transport.responseText.replace('ERROR: ', '');
267 var warn = $('default_pass_warning');
268 if (warn) Element.hide(warn);
271 new Effect.Appear('pwd_change_infobox');
279 print_notice ( __ ( "Changing your current password will disable OTP." ));
282 print "<table width= \" 100% \" class= \" prefPrefsList \" >" ;
284 print "<tr><td width= \" 40% \" >" . __ ( "Old password" ). "</td>" ;
285 print "<td class= \" prefValue \" ><input dojoType= \" dijit.form.ValidationTextBox \" type= \" password \" required= \" 1 \" name= \" old_password \" ></td></tr>" ;
287 print "<tr><td width= \" 40% \" >" . __ ( "New password" ). "</td>" ;
289 print "<td class= \" prefValue \" ><input dojoType= \" dijit.form.ValidationTextBox \" type= \" password \" required= \" 1 \"
290 name= \" new_password \" ></td></tr>" ;
292 print "<tr><td width= \" 40% \" >" . __ ( "Confirm password" ). "</td>" ;
294 print "<td class= \" prefValue \" ><input dojoType= \" dijit.form.ValidationTextBox \" type= \" password \" required= \" 1 \" name= \" confirm_password \" ></td></tr>" ;
298 print_hidden ( "op" , "pref-prefs" );
299 print_hidden ( "method" , "changepassword" );
301 print "<p><button dojoType= \" dijit.form.Button \" type= \" submit \" class= \" btn-primary \" >" .
302 __ ( "Change password" ). "</button>" ;
306 if ( $_SESSION [ "auth_module" ] == "auth_internal" ) {
308 print "<h2>" . __ ( "One time passwords / Authenticator" ) . "</h2>" ;
312 print_notice ( __ ( "One time passwords are currently enabled. Enter your current password below to disable." ));
314 print "<form dojoType= \" dijit.form.Form \" >" ;
316 print "<script type= \" dojo/method \" event= \" onSubmit \" args= \" evt \" >
317 evt.preventDefault();
318 if (this.validate()) {
319 notify_progress('Disabling OTP', true);
321 new Ajax.Request('backend.php', {
322 parameters: dojo.objectToQuery(this.getValues()),
323 onComplete: function(transport) {
325 if (transport.responseText.indexOf('ERROR: ') == 0) {
326 notify_error(transport.responseText.replace('ERROR: ', ''));
328 window.location.reload();
335 print "<table width= \" 100% \" class= \" prefPrefsList \" >" ;
337 print "<tr><td width= \" 40% \" >" . __ ( "Enter your password" ). "</td>" ;
339 print "<td class= \" prefValue \" ><input dojoType= \" dijit.form.ValidationTextBox \" type= \" password \" required= \" 1 \"
340 name= \" password \" ></td></tr>" ;
344 print_hidden ( "op" , "pref-prefs" );
345 print_hidden ( "method" , "otpdisable" );
347 print "<p><button dojoType= \" dijit.form.Button \" type= \" submit \" >" .
348 __ ( "Disable OTP" ). "</button>" ;
352 } else if ( function_exists ( "imagecreatefromstring" )) {
354 print_warning ( __ ( "You will need a compatible Authenticator to use this. Changing your password would automatically disable OTP." ));
356 print "<p>" . __ ( "Scan the following code by the Authenticator application:" ). "</p>" ;
358 $csrf_token = $_SESSION [ "csrf_token" ];
360 print "<img src= \" backend.php?op=pref-prefs&method=otpqrcode&csrf_token= $csrf_token\" >" ;
362 print "<form dojoType= \" dijit.form.Form \" id= \" changeOtpForm \" >" ;
364 print_hidden ( "op" , "pref-prefs" );
365 print_hidden ( "method" , "otpenable" );
367 print "<script type= \" dojo/method \" event= \" onSubmit \" args= \" evt \" >
368 evt.preventDefault();
369 if (this.validate()) {
370 notify_progress('Saving data...', true);
372 new Ajax.Request('backend.php', {
373 parameters: dojo.objectToQuery(this.getValues()),
374 onComplete: function(transport) {
376 if (transport.responseText.indexOf('ERROR:') == 0) {
377 notify_error(transport.responseText.replace('ERROR:', ''));
379 window.location.reload();
386 print "<table width= \" 100% \" class= \" prefPrefsList \" >" ;
388 print "<tr><td width= \" 40% \" >" . __ ( "Enter your password" ). "</td>" ;
390 print "<td class= \" prefValue \" ><input dojoType= \" dijit.form.ValidationTextBox \" type= \" password \" required= \" 1 \"
391 name= \" password \" ></td></tr>" ;
393 print "<tr><td width= \" 40% \" >" . __ ( "Enter the generated one time password" ). "</td>" ;
395 print "<td class= \" prefValue \" ><input dojoType= \" dijit.form.ValidationTextBox \" autocomplete= \" off \"
397 name= \" otp \" ></td></tr>" ;
399 print "<tr><td colspan= \" 2 \" >" ;
401 print "</td></tr><tr><td colspan= \" 2 \" >" ;
406 print "<p><button dojoType= \" dijit.form.Button \" type= \" submit \" class= \" btn-primary \" >" .
407 __ ( "Enable OTP" ). "</button>" ;
413 print_notice ( __ ( "PHP GD functions are required for OTP support." ));
420 PluginHost
:: getInstance ()-> run_hooks ( PluginHost
:: HOOK_PREFS_TAB_SECTION
,
421 "hook_prefs_tab_section" , "prefPrefsAuth" );
423 print "</div>" ; #pane
425 print "<div dojoType= \" dijit.layout.AccordionPane \" selected= \" true \" title= \" " . __ ( 'Preferences' ). " \" >" ;
427 print "<form dojoType= \" dijit.form.Form \" id= \" changeSettingsForm \" >" ;
429 print "<script type= \" dojo/method \" event= \" onSubmit \" args= \" evt, quit \" >
430 if (evt) evt.preventDefault();
431 if (this.validate()) {
432 console.log(dojo.objectToQuery(this.getValues()));
434 new Ajax.Request('backend.php', {
435 parameters: dojo.objectToQuery(this.getValues()),
436 onComplete: function(transport) {
437 var msg = transport.responseText;
441 if (msg == 'PREFS_NEED_RELOAD') {
442 window.location.reload();
451 print '<div dojoType="dijit.layout.BorderContainer" gutters="false">' ;
453 print '<div dojoType="dijit.layout.ContentPane" region="center" style="overflow-y : auto">' ;
455 if ( $_SESSION [ "profile" ]) {
456 print_notice ( __ ( "Some preferences are only available in default profile." ));
459 if ( $_SESSION [ "profile" ]) {
460 initialize_user_prefs ( $_SESSION [ "uid" ], $_SESSION [ "profile" ]);
462 initialize_user_prefs ( $_SESSION [ "uid" ]);
465 $sth = $this -> pdo
-> prepare ( "SELECT DISTINCT
466 ttrss_user_prefs.pref_name,value,type_name,
467 ttrss_prefs_sections.order_id,
469 FROM ttrss_prefs,ttrss_prefs_types,ttrss_prefs_sections,ttrss_user_prefs
470 WHERE type_id = ttrss_prefs_types.id AND
471 (profile = :profile OR (:profile IS NULL AND profile IS NULL)) AND
472 section_id = ttrss_prefs_sections.id AND
473 ttrss_user_prefs.pref_name = ttrss_prefs.pref_name AND
475 ORDER BY ttrss_prefs_sections.order_id,pref_name" );
476 $sth -> execute ([ ":uid" => $_SESSION [ 'uid' ], ":profile" => $_SESSION [ 'profile' ]]);
480 $active_section = "" ;
482 $listed_boolean_prefs = array ();
484 while ( $line = $sth -> fetch ()) {
486 if ( in_array ( $line [ "pref_name" ], $prefs_blacklist )) {
490 $type_name = $line [ "type_name" ];
491 $pref_name = $line [ "pref_name" ];
492 $section_name = $this -> getSectionName ( $line [ "section_id" ]);
493 $value = $line [ "value" ];
495 $short_desc = $this -> getShortDesc ( $pref_name );
496 $help_text = $this -> getHelpText ( $pref_name );
498 if (! $short_desc ) continue ;
500 if ( $_SESSION [ "profile" ] && in_array ( $line [ "pref_name" ],
501 $profile_blacklist )) {
505 if ( $active_section != $line [ "section_id" ]) {
507 if ( $active_section != "" ) {
511 print "<table width= \" 100% \" class= \" prefPrefsList \" >" ;
513 $active_section = $line [ "section_id" ];
515 print "<tr><td colspan= \" 3 \" ><h3>" . $section_name . "</h3></td></tr>" ;
522 print "<td width= \" 40% \" class= \" prefName \" id= \" $pref_name\" >" ;
523 print "<label for='CB_ $pref_name '>" ;
527 if ( $help_text ) print "<div class= \" prefHelp \" >" . __ ( $help_text ). "</div>" ;
531 print "<td class= \" prefValue \" >" ;
533 if ( $pref_name == "USER_LANGUAGE" ) {
534 print_select_hash ( $pref_name , $value , get_translations (),
535 "style='width : 220px; margin : 0px' dojoType='dijit.form.Select'" );
537 } else if ( $pref_name == "USER_TIMEZONE" ) {
539 $timezones = explode ( " \n " , file_get_contents ( "lib/timezones.txt" ));
541 print_select ( $pref_name , $value , $timezones , 'dojoType="dijit.form.FilteringSelect"' );
542 } else if ( $pref_name == "USER_STYLESHEET" ) {
544 print "<button dojoType= \" dijit.form.Button \"
545 onclick= \" customizeCSS() \" >" . __ ( 'Customize' ) . "</button>" ;
547 } else if ( $pref_name == "USER_CSS_THEME" ) {
549 $themes = array_merge ( glob ( "themes/*.php" ), glob ( "themes/*.css" ), glob ( "themes.local/*.css" ));
550 $themes = array_map ( "basename" , $themes );
551 $themes = array_filter ( $themes , "theme_valid" );
554 if (! theme_valid ( $value )) $value = "default.php" ;
556 print_select ( $pref_name , $value , $themes ,
557 'dojoType="dijit.form.Select"' );
560 } else if ( $pref_name == "DEFAULT_UPDATE_INTERVAL" ) {
562 global $update_intervals_nodefault ;
564 print_select_hash ( $pref_name , $value , $update_intervals_nodefault ,
565 'dojoType="dijit.form.Select"' );
567 } else if ( $type_name == "bool" ) {
569 array_push ( $listed_boolean_prefs , $pref_name );
571 $checked = ( $value == "true" ) ?
"checked= \" checked \" " : "" ;
573 if ( $pref_name == "PURGE_UNREAD_ARTICLES" && FORCE_ARTICLE_PURGE
!= 0 ) {
574 $disabled = "disabled= \" 1 \" " ;
575 $checked = "checked= \" checked \" " ;
580 print "<input type='checkbox' name=' $pref_name ' $checked $disabled
581 dojoType='dijit.form.CheckBox' id='CB_ $pref_name ' value='1'>" ;
583 } else if ( array_search ( $pref_name , array ( 'FRESH_ARTICLE_MAX_AGE' ,
584 'PURGE_OLD_DAYS' , 'LONG_DATE_FORMAT' , 'SHORT_DATE_FORMAT' )) !== false ) {
586 $regexp = ( $type_name == 'integer' ) ?
'regexp="^\d*$"' : '' ;
588 if ( $pref_name == "PURGE_OLD_DAYS" && FORCE_ARTICLE_PURGE
!= 0 ) {
589 $disabled = "disabled= \" 1 \" " ;
590 $value = FORCE_ARTICLE_PURGE
;
595 print "<input dojoType= \" dijit.form.ValidationTextBox \"
596 required= \" 1 \" $regexp $disabled
597 name= \" $pref_name\" value= \" $value\" >" ;
599 } else if ( $pref_name == "SSL_CERT_SERIAL" ) {
601 print "<input dojoType= \" dijit.form.ValidationTextBox \"
602 id= \" SSL_CERT_SERIAL \" readonly= \" 1 \"
603 name= \" $pref_name\" value= \" $value\" >" ;
605 $cert_serial = htmlspecialchars ( get_ssl_certificate_id ());
606 $has_serial = ( $cert_serial ) ?
"false" : "true" ;
610 print " <button dojoType= \" dijit.form.Button \" disabled= \" $has_serial\"
611 onclick= \" insertSSLserial(' $cert_serial ') \" >" .
612 __ ( 'Register' ) . "</button>" ;
614 print " <button dojoType= \" dijit.form.Button \"
615 onclick= \" insertSSLserial('') \" >" .
616 __ ( 'Clear' ) . "</button>" ;
618 } else if ( $pref_name == 'DIGEST_PREFERRED_TIME' ) {
619 print "<input dojoType= \" dijit.form.ValidationTextBox \"
620 id= \" $pref_name\" regexp= \" [012]?\d:\d\d \" placeHolder= \" 12:00 \"
621 name= \" $pref_name\" value= \" $value\" ><div class= \" insensitive \" >" .
622 T_sprintf ( "Current server time: %s (UTC)" , date ( "H:i" )) . "</div>" ;
624 $regexp = ( $type_name == 'integer' ) ?
'regexp="^\d*$"' : '' ;
626 print "<input dojoType= \" dijit.form.ValidationTextBox \"
628 name= \" $pref_name\" value= \" $value\" >" ;
640 $listed_boolean_prefs = htmlspecialchars ( join ( "," , $listed_boolean_prefs ));
642 print_hidden ( "boolean_prefs" , " $listed_boolean_prefs " );
644 PluginHost
:: getInstance ()-> run_hooks ( PluginHost
:: HOOK_PREFS_TAB_SECTION
,
645 "hook_prefs_tab_section" , "prefPrefsPrefsInside" );
647 print '</div>' ; # inside pane
648 print '<div dojoType="dijit.layout.ContentPane" region="bottom">' ;
650 print_hidden ( "op" , "pref-prefs" );
651 print_hidden ( "method" , "saveconfig" );
653 print "<div dojoType= \" dijit.form.ComboButton \" type= \" submit \" class= \" btn-primary \" >
654 <span>" . __ ( 'Save configuration' ). "</span>
655 <div dojoType= \" dijit.DropDownMenu \" >
656 <div dojoType= \" dijit.MenuItem \"
657 onclick= \" dijit.byId('changeSettingsForm').onSubmit(null, true) \" >" .
658 __ ( "Save and exit preferences" ). "</div>
662 print "<button dojoType= \" dijit.form.Button \" onclick= \" return editProfiles() \" >" .
663 __ ( 'Manage profiles' ). "</button> " ;
665 print "<button dojoType= \" dijit.form.Button \" class= \" btn-danger \" onclick= \" return validatePrefsReset() \" >" .
666 __ ( 'Reset to defaults' ). "</button>" ;
670 PluginHost
:: getInstance ()-> run_hooks ( PluginHost
:: HOOK_PREFS_TAB_SECTION
,
671 "hook_prefs_tab_section" , "prefPrefsPrefsOutside" );
674 print '</div>' ; # inner pane
675 print '</div>' ; # border container
677 print "</div>" ; #pane
679 print "<div dojoType= \" dijit.layout.AccordionPane \" title= \" " . __ ( 'Plugins' ). " \" >" ;
681 print_notice ( __ ( "You will need to reload Tiny Tiny RSS for plugin changes to take effect." ));
683 if ( ini_get ( "open_basedir" ) && function_exists ( "curl_init" ) && ! defined ( "NO_CURL" )) {
684 print_warning ( "Your PHP configuration has open_basedir restrictions enabled. Some plugins relying on CURL for functionality may not work correctly." );
687 print "<form dojoType= \" dijit.form.Form \" id= \" changePluginsForm \" >" ;
689 print "<script type= \" dojo/method \" event= \" onSubmit \" args= \" evt \" >
690 evt.preventDefault();
691 if (this.validate()) {
692 notify_progress('Saving data...', true);
694 new Ajax.Request('backend.php', {
695 parameters: dojo.objectToQuery(this.getValues()),
696 onComplete: function(transport) {
698 if (confirm(__('Selected plugins have been enabled. Reload?'))) {
699 window.location.reload();
706 print_hidden ( "op" , "pref-prefs" );
707 print_hidden ( "method" , "setplugins" );
709 print "<table width='100%' class='prefPluginsList'>" ;
711 print "<tr><td colspan='5'><h3>" . __ ( "System plugins" ). "</h3>" .
712 format_notice ( __ ( "System plugins are enabled in <strong>config.php</strong> for all users." )).
715 print "<tr class= \" title \" >
716 <td width= \" 5% \" > </td>
717 <td width='10%'>" . __ ( 'Plugin' ). "</td>
718 <td width=''>" . __ ( 'Description' ). "</td>
719 <td width='5%'>" . __ ( 'Version' ). "</td>
720 <td width='10%'>" . __ ( 'Author' ). "</td></tr>" ;
722 $system_enabled = array_map ( "trim" , explode ( "," , PLUGINS
));
723 $user_enabled = array_map ( "trim" , explode ( "," , get_pref ( "_ENABLED_PLUGINS" , $_SESSION [ 'uid' ])));
725 $tmppluginhost = new PluginHost ();
726 $tmppluginhost -> load_all ( $tmppluginhost :: KIND_ALL
, $_SESSION [ "uid" ], true );
727 $tmppluginhost -> load_data ( true );
729 foreach ( $tmppluginhost -> get_plugins () as $name => $plugin ) {
730 $about = $plugin -> about ();
733 if ( in_array ( $name , $system_enabled )) {
734 $checked = "checked='1'" ;
741 print "<td align='center'><input disabled='1'
742 dojoType= \" dijit.form.CheckBox \" $checked
743 type= \" checkbox \" ></td>" ;
745 $plugin_icon = $checked ?
"plugin.png" : "plugin_disabled.png" ;
747 print "<td><label><img src='images/ $plugin_icon ' alt=''> $name </label></td>" ;
748 print "<td>" . htmlspecialchars ( $about [ 1 ]);
750 print " — <a target= \" _blank \" rel= \" noopener noreferrer \" class= \" visibleLink \"
751 href= \" " . htmlspecialchars ( $about [ 4 ]). " \" >" . __ ( "more info" ). "</a>" ;
754 print "<td>" . htmlspecialchars ( sprintf ( "%.2f" , $about [ 0 ])) . "</td>" ;
755 print "<td>" . htmlspecialchars ( $about [ 2 ]) . "</td>" ;
757 if ( count ( $tmppluginhost -> get_all ( $plugin )) > 0 ) {
758 if ( in_array ( $name , $system_enabled )) {
759 print "<td><a href='#' onclick= \" clearPluginData(' $name ') \"
760 class='visibleLink'>" . __ ( "Clear data" ). "</a></td>" ;
769 print "<tr><td colspan='4'><h3>" . __ ( "User plugins" ). "</h3></td></tr>" ;
771 print "<tr class= \" title \" >
772 <td width= \" 5% \" > </td>
773 <td width='10%'>" . __ ( 'Plugin' ). "</td>
774 <td width=''>" . __ ( 'Description' ). "</td>
775 <td width='5%'>" . __ ( 'Version' ). "</td>
776 <td width='10%'>" . __ ( 'Author' ). "</td></tr>" ;
779 foreach ( $tmppluginhost -> get_plugins () as $name => $plugin ) {
780 $about = $plugin -> about ();
784 if ( in_array ( $name , $system_enabled )) {
785 $checked = "checked='1'" ;
786 $disabled = "disabled='1'" ;
788 } else if ( in_array ( $name , $user_enabled )) {
789 $checked = "checked='1'" ;
791 $rowclass = "Selected" ;
798 print "<tr class=' $rowclass '>" ;
800 $plugin_icon = $checked ?
"plugin.png" : "plugin_disabled.png" ;
802 print "<td align='center'><input id='FPCHK- $name ' name='plugins[]' value=' $name ' onclick='toggleSelectRow2(this);'
803 dojoType= \" dijit.form.CheckBox \" $checked $disabled
804 type= \" checkbox \" ></td>" ;
806 print "<td><label for='FPCHK- $name '><img src='images/ $plugin_icon ' alt=''> $name </label></td>" ;
807 print "<td><label for='FPCHK- $name '>" . htmlspecialchars ( $about [ 1 ]) . "</label>" ;
809 print " — <a target= \" _blank \" rel= \" noopener noreferrer \" class= \" visibleLink \"
810 href= \" " . htmlspecialchars ( $about [ 4 ]). " \" >" . __ ( "more info" ). "</a>" ;
814 print "<td>" . htmlspecialchars ( sprintf ( "%.2f" , $about [ 0 ])) . "</td>" ;
815 print "<td>" . htmlspecialchars ( $about [ 2 ]) . "</td>" ;
817 if ( count ( $tmppluginhost -> get_all ( $plugin )) > 0 ) {
818 if ( in_array ( $name , $system_enabled ) ||
in_array ( $name , $user_enabled )) {
819 print "<td><a href='#' onclick= \" clearPluginData(' $name ') \" class='visibleLink'>" . __ ( "Clear data" ). "</a></td>" ;
833 print "<p><button dojoType= \" dijit.form.Button \" type= \" submit \" >" .
834 __ ( "Enable selected plugins" ). "</button></p>" ;
838 print "</div>" ; #pane
840 PluginHost
:: getInstance ()-> run_hooks ( PluginHost
:: HOOK_PREFS_TAB
,
841 "hook_prefs_tab" , "prefPrefs" );
843 print "</div>" ; #container
846 function toggleAdvanced () {
847 $_SESSION [ "prefs_show_advanced" ] = ! $_SESSION [ "prefs_show_advanced" ];
850 function otpqrcode () {
851 require_once "lib/otphp/vendor/base32.php" ;
852 require_once "lib/otphp/lib/otp.php" ;
853 require_once "lib/otphp/lib/totp.php" ;
854 require_once "lib/phpqrcode/phpqrcode.php" ;
856 $sth = $this -> pdo
-> prepare ( "SELECT login,salt,otp_enabled
859 $sth -> execute ([ $_SESSION [ 'uid' ]]);
861 if ( $row = $sth -> fetch ()) {
863 $base32 = new Base32 ();
865 $login = $row [ "login" ];
866 $otp_enabled = sql_bool_to_bool ( $row [ "otp_enabled" ]);
869 $secret = $base32 -> encode ( sha1 ( $row [ "salt" ]));
871 QRcode
:: png ( "otpauth://totp/" . urlencode ( $login ).
872 "?secret= $secret &issuer=" . urlencode ( "Tiny Tiny RSS" ));
878 function otpenable () {
879 require_once "lib/otphp/vendor/base32.php" ;
880 require_once "lib/otphp/lib/otp.php" ;
881 require_once "lib/otphp/lib/totp.php" ;
883 $password = clean ( $_REQUEST [ "password" ]);
884 $otp = clean ( $_REQUEST [ "otp" ]);
886 $authenticator = PluginHost
:: getInstance ()-> get_plugin ( $_SESSION [ "auth_module" ]);
888 if ( $authenticator -> check_password ( $_SESSION [ "uid" ], $password )) {
890 $sth = $this -> pdo
-> query ( "SELECT salt
893 $sth -> execute ([ $_SESSION [ 'uid' ]]);
895 if ( $row = $sth -> fetch ()) {
897 $base32 = new Base32 ();
899 $secret = $base32 -> encode ( sha1 ( $row [ "salt" ]));
900 $topt = new \OTPHP\
TOTP ( $secret );
902 $otp_check = $topt -> now ();
904 if ( $otp == $otp_check ) {
905 $sth = $this -> pdo
-> prepare ( "UPDATE ttrss_users
906 SET otp_enabled = true WHERE id = ?" );
908 $sth -> execute ([ $_SESSION [ 'uid' ]]);
912 print "ERROR:" . __ ( "Incorrect one time password" );
917 print "ERROR:" . __ ( "Incorrect password" );
922 static function isdefaultpassword () {
923 $authenticator = PluginHost
:: getInstance ()-> get_plugin ( $_SESSION [ "auth_module" ]);
925 if ( $authenticator && $authenticator -> check_password ( $_SESSION [ "uid" ], "password" )) {
932 function otpdisable () {
933 $password = clean ( $_REQUEST [ "password" ]);
935 $authenticator = PluginHost
:: getInstance ()-> get_plugin ( $_SESSION [ "auth_module" ]);
937 if ( $authenticator -> check_password ( $_SESSION [ "uid" ], $password )) {
939 $sth = $this -> pdo
-> prepare ( "UPDATE ttrss_users SET otp_enabled = false WHERE
941 $sth -> execute ([ $_SESSION [ 'uid' ]]);
945 print "ERROR: " . __ ( "Incorrect password" );
950 function setplugins () {
951 if ( is_array ( clean ( $_REQUEST [ "plugins" ])))
952 $plugins = join ( "," , clean ( $_REQUEST [ "plugins" ]));
956 set_pref ( "_ENABLED_PLUGINS" , $plugins , $_SESSION [ "uid" ]);
959 function clearplugindata () {
960 $name = clean ( $_REQUEST [ "name" ]);
962 PluginHost
:: getInstance ()-> clear_data ( PluginHost
:: getInstance ()-> get_plugin ( $name ));
965 function customizeCSS () {
966 $value = get_pref ( "USER_STYLESHEET" );
968 $value = str_replace ( "<br/>" , " \n " , $value );
970 print_notice ( T_sprintf ( "You can override colors, fonts and layout of your currently selected theme with custom CSS declarations here. <a target= \" _blank \" class= \" visibleLink \" href= \" %s\" >This file</a> can be used as a baseline." , "css/tt-rss.css" ));
972 print_hidden ( "op" , "rpc" );
973 print_hidden ( "method" , "setpref" );
974 print_hidden ( "key" , "USER_STYLESHEET" );
976 print "<table width='100%'><tr><td>" ;
977 print "<textarea dojoType= \" dijit.form.SimpleTextarea \"
978 style='font-size : 12px; width : 98%; height: 200px;'
979 placeHolder='body#ttrssMain { font-size : 14px; };'
980 name='value'> $value </textarea>" ;
981 print "</td></tr></table>" ;
983 print "<div class='dlgButtons'>" ;
984 print "<button dojoType= \" dijit.form.Button \"
985 onclick= \" dijit.byId('cssEditDlg').execute() \" >" . __ ( 'Save' ). "</button> " ;
986 print "<button dojoType= \" dijit.form.Button \"
987 onclick= \" dijit.byId('cssEditDlg').hide() \" >" . __ ( 'Cancel' ). "</button>" ;
992 function editPrefProfiles () {
993 print "<div dojoType= \" dijit.Toolbar \" >" ;
995 print "<div dojoType= \" dijit.form.DropDownButton \" >" .
996 "<span>" . __ ( 'Select' ). "</span>" ;
997 print "<div dojoType= \" dijit.Menu \" style= \" display: none; \" >" ;
998 print "<div onclick= \" selectTableRows('prefFeedProfileList', 'all') \"
999 dojoType= \" dijit.MenuItem \" >" . __ ( 'All' ). "</div>" ;
1000 print "<div onclick= \" selectTableRows('prefFeedProfileList', 'none') \"
1001 dojoType= \" dijit.MenuItem \" >" . __ ( 'None' ). "</div>" ;
1002 print "</div></div>" ;
1004 print "<div style= \" float : right \" >" ;
1006 print "<input name= \" newprofile \" dojoType= \" dijit.form.ValidationTextBox \"
1008 <button dojoType= \" dijit.form.Button \"
1009 onclick= \" dijit.byId('profileEditDlg').addProfile() \" >" .
1010 __ ( 'Create profile' ). "</button></div>" ;
1014 $sth = $this -> pdo
-> prepare ( "SELECT title,id FROM ttrss_settings_profiles
1015 WHERE owner_uid = ? ORDER BY title" );
1016 $sth -> execute ([ $_SESSION [ 'uid' ]]);
1018 print "<div class= \" prefProfileHolder \" >" ;
1020 print "<form id= \" profile_edit_form \" onsubmit= \" return false \" >" ;
1022 print "<table width= \" 100% \" class= \" prefFeedProfileList \"
1023 cellspacing= \" 0 \" id= \" prefFeedProfileList \" >" ;
1025 print "<tr class= \" placeholder \" id= \" FCATR-0 \" >" ; #odd
1027 print "<td width='5%' align='center'><input
1029 onclick='toggleSelectRow2(this);'
1030 dojoType= \" dijit.form.CheckBox \"
1031 type= \" checkbox \" ></td>" ;
1033 if (! $_SESSION [ "profile" ]) {
1034 $is_active = __ ( "(active)" );
1039 print "<td><span>" .
1040 __ ( "Default profile" ) . " $is_active </span></td>" ;
1046 while ( $line = $sth -> fetch ()) {
1048 $profile_id = $line [ "id" ];
1049 $this_row_id = "id= \" FCATR- $profile_id\" " ;
1051 print "<tr class= \" placeholder \" $this_row_id >" ;
1053 $edit_title = htmlspecialchars ( $line [ "title" ]);
1055 print "<td width='5%' align='center'><input
1056 onclick='toggleSelectRow2(this);'
1057 id='FCATC- $profile_id '
1058 dojoType= \" dijit.form.CheckBox \"
1059 type= \" checkbox \" ></td>" ;
1061 if ( $_SESSION [ "profile" ] == $line [ "id" ]) {
1062 $is_active = __ ( "(active)" );
1067 print "<td><span dojoType= \" dijit.InlineEditBox \"
1068 width= \" 300px \" autoSave= \" false \"
1069 profile-id= \" $profile_id\" >" . $edit_title .
1070 "<script type= \" dojo/method \" event= \" onChange \" args= \" item \" >
1074 content: {op: 'rpc', method: 'saveprofile',
1076 id: this.srcNodeRef.getAttribute('profile-id')},
1077 load: function(response) {
1078 elem.attr('value', response);
1082 </span> $is_active </td>" ;
1093 print "<div class='dlgButtons'>
1094 <div style='float : left'>
1095 <button dojoType= \" dijit.form.Button \" onclick= \" dijit.byId('profileEditDlg').removeSelected() \" >" .
1096 __ ( 'Remove selected profiles' ). "</button>
1097 <button dojoType= \" dijit.form.Button \" onclick= \" dijit.byId('profileEditDlg').activateProfile() \" >" .
1098 __ ( 'Activate profile' ). "</button>
1101 print "<button dojoType= \" dijit.form.Button \" onclick= \" dijit.byId('profileEditDlg').hide() \" >" .
1102 __ ( 'Close this window' ). "</button>" ;
1107 private function getShortDesc ( $pref_name ) {
1108 if ( isset ( $this -> pref_help
[ $pref_name ])) {
1109 return $this -> pref_help
[ $pref_name ][ 0 ];
1114 private function getHelpText ( $pref_name ) {
1115 if ( isset ( $this -> pref_help
[ $pref_name ])) {
1116 return $this -> pref_help
[ $pref_name ][ 1 ];
1121 private function getSectionName ( $id ) {
1122 if ( isset ( $this -> pref_sections
[ $id ])) {
1123 return $this -> pref_sections
[ $id ];