modules/backend-rpc.php

   1 <?php
   2         function handle_rpc_request($link) {
   3
   4                 $subop = $_REQUEST["subop"];
   5                 $seq = (int) $_REQUEST["seq"];
   6
   7                 if ($subop == "setprofile") {
   8                         $id = db_escape_string($_REQUEST["id"]);
   9
  10                         $_SESSION["profile"] = $id;
  11                         $_SESSION["prefs_cache"] = array();
  12                         return;
  13                 }
  14
  15                 if ($subop == "remprofiles") {
  16                         $ids = split(",", db_escape_string(trim($_REQUEST["ids"])));
  17
  18                         foreach ($ids as $id) {
  19                                 if ($_SESSION["profile"] != $id) {
  20                                         db_query($link, "DELETE FROM ttrss_settings_profiles WHERE id = '$id' AND
  21                                                 owner_uid = " . $_SESSION["uid"]);
  22                                 }
  23                         }
  24                         return;
  25                 }
  26
  27                 if ($subop == "addprofile") {
  28                         $title = db_escape_string(trim($_REQUEST["title"]));
  29                         if ($title) {
  30                                 db_query($link, "BEGIN");
  31
  32                                 $result = db_query($link, "SELECT id FROM ttrss_settings_profiles
  33                                         WHERE title = '$title' AND owner_uid = " . $_SESSION["uid"]);
  34
  35                                 if (db_num_rows($result) == 0) {
  36
  37                                         db_query($link, "INSERT INTO ttrss_settings_profiles (title, owner_uid)
  38                                                 VALUES ('$title', ".$_SESSION["uid"] .")");
  39
  40                                         $result = db_query($link, "SELECT id FROM ttrss_settings_profiles WHERE
  41                                                 title = '$title'");
  42
  43                                         if (db_num_rows($result) != 0) {
  44                                                 $profile_id = db_fetch_result($result, 0, "id");
  45
  46                                                 if ($profile_id) {
  47                                                         initialize_user_prefs($link, $_SESSION["uid"], $profile_id);
  48                                                 }
  49                                         }
  50                                 }
  51
  52                                 db_query($link, "COMMIT");
  53                         }
  54                         return;
  55                 }
  56
  57                 if ($subop == "saveprofile") {
  58                         $id = db_escape_string($_REQUEST["id"]);
  59                         $title = db_escape_string(trim($_REQUEST["value"]));
  60
  61                         if ($id == 0) {
  62                                 print __("Default profile");
  63                                 return;
  64                         }
  65
  66                         if ($title) {
  67                                 db_query($link, "BEGIN");
  68
  69                                 $result = db_query($link, "SELECT id FROM ttrss_settings_profiles
  70                                         WHERE title = '$title' AND owner_uid =" . $_SESSION["uid"]);
  71
  72                                 if (db_num_rows($result) == 0) {
  73                                         db_query($link, "UPDATE ttrss_settings_profiles
  74                                                 SET title = '$title' WHERE id = '$id' AND
  75                                                 owner_uid = " . $_SESSION["uid"]);
  76                                         print $title;
  77                                 } else {
  78                                         $result = db_query($link, "SELECT title FROM ttrss_settings_profiles
  79                                                 WHERE id = '$id' AND owner_uid =" . $_SESSION["uid"]);
  80                                         print db_fetch_result($result, 0, "title");
  81                                 }
  82
  83                                 db_query($link, "COMMIT");
  84                         }
  85                         return;
  86                 }
  87
  88                 if ($subop == "remarchive") {
  89                         $ids = split(",", db_escape_string($_REQUEST["ids"]));
  90
  91                         print "<rpc-reply>";
  92
  93                         foreach ($ids as $id) {
  94                                 $result = db_query($link, "DELETE FROM ttrss_archived_feeds WHERE
  95                                         (SELECT COUNT(*) FROM ttrss_user_entries
  96                                                 WHERE orig_feed_id = '$id') = 0 AND
  97                                                 id = '$id' AND owner_uid = ".$_SESSION["uid"]);
  98
  99                                 $rc = db_affected_rows($link, $result);
 100
 101                                 print "<feed id='$id' rc='$rc'/>";
 102
 103                         }
 104
 105                         print "</rpc-reply>";
 106
 107                         return;
 108                 }
 109
 110                 if ($subop == "addfeed") {
 111
 112                         $feed = db_escape_string($_REQUEST['feed']);
 113                         $cat = db_escape_string($_REQUEST['cat']);
 114                         $login = db_escape_string($_REQUEST['login']);
 115                         $pass = db_escape_string($_REQUEST['pass']);
 116
 117                         $rc = subscribe_to_feed($link, $feed, $cat, $login, $pass);
 118
 119                         print "<rpc-reply>";
 120                         print "<result code='$rc'/>";
 121                         print "</rpc-reply>";
 122
 123                         return;
 124
 125                 }
 126
 127                 if ($subop == "extractfeedurls") {
 128                         print "<rpc-reply>";
 129
 130                         $urls = get_feeds_from_html($_REQUEST['url']);
 131                         print "<urls><![CDATA[" . json_encode($urls) . "]]></urls>";
 132
 133                         print "</rpc-reply>";
 134                         return;
 135                 }
 136
 137                 if ($subop == "togglepref") {
 138                         print "<rpc-reply>";
 139
 140                         $key = db_escape_string($_REQUEST["key"]);
 141
 142                         set_pref($link, $key, !get_pref($link, $key));
 143
 144                         $value = get_pref($link, $key);
 145
 146                         print "<param-set key=\"$key\" value=\"$value\"/>";
 147
 148                         print "</rpc-reply>";
 149
 150                         return;
 151                 }
 152
 153                 if ($subop == "setpref") {
 154                         print "<rpc-reply>";
 155
 156                         $key = db_escape_string($_REQUEST["key"]);
 157                         $value = db_escape_string($_REQUEST["value"]);
 158
 159                         set_pref($link, $key, $value);
 160
 161                         print "<param-set key=\"$key\" value=\"$value\"/>";
 162
 163                         print "</rpc-reply>";
 164
 165                         return;
 166                 }
 167
 168                 if ($subop == "mark") {
 169                         $mark = $_REQUEST["mark"];
 170                         $id = db_escape_string($_REQUEST["id"]);
 171
 172                         if ($mark == "1") {
 173                                 $mark = "true";
 174                         } else {
 175                                 $mark = "false";
 176                         }
 177
 178                         // FIXME this needs collision testing
 179
 180                         $result = db_query($link, "UPDATE ttrss_user_entries SET marked = $mark
 181                                 WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 182
 183                         print "<rpc-reply>";
 184                         print "<message>UPDATE_COUNTERS</message>";
 185                         print "</rpc-reply>";
 186
 187                         return;
 188                 }
 189
 190                 if ($subop == "delete") {
 191                         $ids = db_escape_string($_REQUEST["ids"]);
 192
 193                         $result = db_query($link, "DELETE FROM ttrss_user_entries
 194                                 WHERE ref_id IN ($ids) AND owner_uid = " . $_SESSION["uid"]);
 195
 196                         print "<rpc-reply>";
 197                         print "<message>UPDATE_COUNTERS</message>";
 198                         print "</rpc-reply>";
 199
 200                         return;
 201                 }
 202
 203                 if ($subop == "unarchive") {
 204                         $ids = db_escape_string($_REQUEST["ids"]);
 205
 206                         $result = db_query($link, "UPDATE ttrss_user_entries
 207                                 SET feed_id = orig_feed_id, orig_feed_id = NULL
 208                                 WHERE ref_id IN ($ids) AND owner_uid = " . $_SESSION["uid"]);
 209
 210                         print "<rpc-reply>";
 211                         print "<message>UPDATE_COUNTERS</message>";
 212                         print "</rpc-reply>";
 213
 214                         return;
 215                 }
 216
 217                 if ($subop == "archive") {
 218                         $ids = split(",", db_escape_string($_REQUEST["ids"]));
 219
 220                         foreach ($ids as $id) {
 221                                 archive_article($link, $id, $_SESSION["uid"]);
 222                         }
 223
 224                         print "<rpc-reply>";
 225                         print "<message>UPDATE_COUNTERS</message>";
 226                         print "</rpc-reply>";
 227
 228                         return;
 229                 }
 230
 231
 232                 if ($subop == "publ") {
 233                         $pub = $_REQUEST["pub"];
 234                         $id = db_escape_string($_REQUEST["id"]);
 235                         $note = trim(strip_tags(db_escape_string($_REQUEST["note"])));
 236
 237                         if ($pub == "1") {
 238                                 $pub = "true";
 239                         } else {
 240                                 $pub = "false";
 241                         }
 242
 243                         if ($note != 'undefined') {
 244                                 $note_qpart = "note = '$note',";
 245                         }
 246
 247                         // FIXME this needs collision testing
 248
 249                         $result = db_query($link, "UPDATE ttrss_user_entries SET
 250                                 $note_qpart
 251                                 published = $pub
 252                                 WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 253
 254
 255                         print "<rpc-reply>";
 256
 257                         if ($note != 'undefined') {
 258                                 $note_size = strlen($note);
 259                                 print "<note id=\"$id\" size=\"$note_size\">";
 260                                 print "<![CDATA[" . format_article_note($id, $note) . "]]>";
 261                                 print "</note>";
 262                         }
 263
 264                         print "<message>UPDATE_COUNTERS</message>";
 265
 266                         print "</rpc-reply>";
 267
 268                         return;
 269                 }
 270
 271                 if ($subop == "updateFeed") {
 272                         $feed_id = db_escape_string($_REQUEST["feed"]);
 273
 274                         update_rss_feed($link, $feed_id);
 275
 276                         print "<rpc-reply>";
 277                         print "<message>UPDATE_COUNTERS</message>";
 278                         print "</rpc-reply>";
 279
 280                         return;
 281                 }
 282
 283                 if ($subop == "updateAllFeeds" || $subop == "getAllCounters") {
 284
 285                         $last_article_id = (int) $_REQUEST["last_article_id"];
 286
 287                         print "<rpc-reply>";
 288
 289                         if ($seq)
 290                                 print "<seq>$seq</seq>";
 291
 292                         if ($last_article_id != getLastArticleId($link)) {
 293                                 print "<counters><![CDATA[";
 294                                 $omode = $_REQUEST["omode"];
 295
 296                                 if ($omode != "T")
 297                                         print json_encode(getAllCounters($link, $omode));
 298                                 else
 299                                         print json_encode(getGlobalCounters($link));
 300
 301                                 print "]]></counters>";
 302                         }
 303
 304                         print_runtime_info($link);
 305
 306                         print "</rpc-reply>";
 307
 308                         return;
 309                 }
 310
 311                 /* GET["cmode"] = 0 - mark as read, 1 - as unread, 2 - toggle */
 312                 if ($subop == "catchupSelected") {
 313
 314                         $ids = split(",", db_escape_string($_REQUEST["ids"]));
 315                         $cmode = sprintf("%d", $_REQUEST["cmode"]);
 316
 317                         catchupArticlesById($link, $ids, $cmode);
 318
 319                         print "<rpc-reply>";
 320                         print "<message>UPDATE_COUNTERS</message>";
 321                         print "</rpc-reply>";
 322
 323                         return;
 324                 }
 325
 326                 if ($subop == "markSelected") {
 327
 328                         $ids = split(",", db_escape_string($_REQUEST["ids"]));
 329                         $cmode = sprintf("%d", $_REQUEST["cmode"]);
 330
 331                         markArticlesById($link, $ids, $cmode);
 332
 333                         print "<rpc-reply>";
 334                         print "<message>UPDATE_COUNTERS</message>";
 335                         print "</rpc-reply>";
 336
 337                         return;
 338                 }
 339
 340                 if ($subop == "publishSelected") {
 341
 342                         $ids = split(",", db_escape_string($_REQUEST["ids"]));
 343                         $cmode = sprintf("%d", $_REQUEST["cmode"]);
 344
 345                         publishArticlesById($link, $ids, $cmode);
 346
 347                         print "<rpc-reply>";
 348                         print "<message>UPDATE_COUNTERS</message>";
 349                         print "</rpc-reply>";
 350
 351                         return;
 352                 }
 353
 354                 if ($subop == "sanityCheck") {
 355                         print "<rpc-reply>";
 356                         if (sanity_check($link)) {
 357                                 print "<error error-code=\"0\"/>";
 358
 359                                 print "<init-params><![CDATA[";
 360                                 print json_encode(make_init_params($link));
 361                                 print "]]></init-params>";
 362
 363                                 print_runtime_info($link);
 364
 365                                 # assign client-passed params to session
 366                                 $_SESSION["client.userAgent"] = $_REQUEST["ua"];
 367
 368                         }
 369                         print "</rpc-reply>";
 370
 371                         return;
 372                 }
 373
 374                 if ($subop == "globalPurge") {
 375
 376                         print "<rpc-reply>";
 377                         global_purge_old_posts($link, true);
 378                         print "</rpc-reply>";
 379
 380                         return;
 381                 }
 382
 383                 if ($subop == "getArticleLink") {
 384
 385                         $id = db_escape_string($_REQUEST["id"]);
 386
 387                         $result = db_query($link, "SELECT link FROM ttrss_entries, ttrss_user_entries
 388                                 WHERE id = '$id' AND id = ref_id AND owner_uid = '".$_SESSION['uid']."'");
 389
 390                         if (db_num_rows($result) == 1) {
 391                                 $link = htmlspecialchars(strip_tags(db_fetch_result($result, 0, "link")));
 392                                 print "<rpc-reply><link>$link</link><id>$id</id></rpc-reply>";
 393                         } else {
 394                                 print "<rpc-reply><error>Article not found</error></rpc-reply>";
 395                         }
 396
 397                         return;
 398                 }
 399
 400                 if ($subop == "setArticleTags") {
 401
 402                         global $memcache;
 403
 404                         $id = db_escape_string($_REQUEST["id"]);
 405
 406                         $tags_str = db_escape_string($_REQUEST["tags_str"]);
 407                         $tags = array_unique(trim_array(split(",", $tags_str)));
 408
 409                         db_query($link, "BEGIN");
 410
 411                         $result = db_query($link, "SELECT int_id FROM ttrss_user_entries WHERE
 412                                 ref_id = '$id' AND owner_uid = '".$_SESSION["uid"]."' LIMIT 1");
 413
 414                         if (db_num_rows($result) == 1) {
 415
 416                                 $tags_to_cache = array();
 417
 418                                 $int_id = db_fetch_result($result, 0, "int_id");
 419
 420                                 db_query($link, "DELETE FROM ttrss_tags WHERE
 421                                         post_int_id = $int_id AND owner_uid = '".$_SESSION["uid"]."'");
 422
 423                                 foreach ($tags as $tag) {
 424                                         $tag = sanitize_tag($tag);
 425
 426                                         if (!tag_is_valid($tag)) {
 427                                                 continue;
 428                                         }
 429
 430                                         if (preg_match("/^[0-9]*$/", $tag)) {
 431                                                 continue;
 432                                         }
 433
 434 //                                      print "<!-- $id : $int_id : $tag -->";
 435
 436                                         if ($tag != '') {
 437                                                 db_query($link, "INSERT INTO ttrss_tags
 438                                                         (post_int_id, owner_uid, tag_name) VALUES ('$int_id', '".$_SESSION["uid"]."', '$tag')");
 439                                         }
 440
 441                                         array_push($tags_to_cache, $tag);
 442                                 }
 443
 444                                 /* update tag cache */
 445
 446                                 $tags_str = join(",", $tags_to_cache);
 447
 448                                 db_query($link, "UPDATE ttrss_user_entries
 449                                         SET tag_cache = '$tags_str' WHERE ref_id = '$id'
 450                                         AND owner_uid = " . $_SESSION["uid"]);
 451                         }
 452
 453                         db_query($link, "COMMIT");
 454
 455                         if ($memcache) {
 456                                 $obj_id = md5("TAGS:".$_SESSION["uid"].":$id");
 457                                 $memcache->delete($obj_id);
 458                         }
 459
 460                         $tags_str = format_tags_string(get_article_tags($link, $id), $id);
 461
 462                         print "<rpc-reply>
 463                                 <tags-str id=\"$id\"><![CDATA[$tags_str]]></tags-str>
 464                                 </rpc-reply>";
 465
 466                         return;
 467                 }
 468
 469                 if ($subop == "regenOPMLKey") {
 470
 471                         print "<rpc-reply>";
 472
 473                         update_feed_access_key($link, 'OPML:Publish',
 474                                 false, $_SESSION["uid"]);
 475
 476                         $new_link = opml_publish_url($link);
 477                         print "<link><![CDATA[$new_link]]></link>";
 478                         print "</rpc-reply>";
 479                         return;
 480                 }
 481
 482                 if ($subop == "logout") {
 483                         logout_user();
 484                         print_error_xml(6);
 485                         return;
 486                 }
 487
 488                 if ($subop == "completeTags") {
 489
 490                         $search = db_escape_string($_REQUEST["search"]);
 491
 492                         $result = db_query($link, "SELECT DISTINCT tag_name FROM ttrss_tags
 493                                 WHERE owner_uid = '".$_SESSION["uid"]."' AND
 494                                 tag_name LIKE '$search%' ORDER BY tag_name
 495                                 LIMIT 10");
 496
 497                         print "<ul>";
 498                         while ($line = db_fetch_assoc($result)) {
 499                                 print "<li>" . $line["tag_name"] . "</li>";
 500                         }
 501                         print "</ul>";
 502
 503                         return;
 504                 }
 505
 506                 if ($subop == "purge") {
 507                         $ids = split(",", db_escape_string($_REQUEST["ids"]));
 508                         $days = sprintf("%d", $_REQUEST["days"]);
 509
 510                         print "<rpc-reply>";
 511
 512                         print "<message><![CDATA[";
 513
 514                         foreach ($ids as $id) {
 515
 516                                 $result = db_query($link, "SELECT id FROM ttrss_feeds WHERE
 517                                         id = '$id' AND owner_uid = ".$_SESSION["uid"]);
 518
 519                                 if (db_num_rows($result) == 1) {
 520                                         purge_feed($link, $id, $days, true);
 521                                 }
 522                         }
 523
 524                         print "]]></message>";
 525
 526                         print "</rpc-reply>";
 527
 528                         return;
 529                 }
 530
 531 /*              if ($subop == "setScore") {
 532                         $id = db_escape_string($_REQUEST["id"]);
 533                         $score = sprintf("%d", $_REQUEST["score"]);
 534
 535                         $result = db_query($link, "UPDATE ttrss_user_entries SET score = '$score'
 536                                 WHERE ref_id = '$id' AND owner_uid = ".$_SESSION["uid"]);
 537
 538                         print "<rpc-reply><message>Acknowledged.</message></rpc-reply>";
 539
 540                         return;
 541
 542                 } */
 543
 544                 if ($subop == "getArticles") {
 545                         $ids = split(",", db_escape_string($_REQUEST["ids"]));
 546
 547                         print "<rpc-reply>";
 548
 549                         foreach ($ids as $id) {
 550                                 if ($id) {
 551                                         outputArticleXML($link, $id, 0, false);
 552                                 }
 553                         }
 554                         print "</rpc-reply>";
 555
 556                         return;
 557                 }
 558
 559                 if ($subop == "checkDate") {
 560
 561                         $date = db_escape_string($_REQUEST["date"]);
 562                         $date_parsed = strtotime($date);
 563
 564                         print "<rpc-reply>";
 565
 566                         if ($date_parsed) {
 567                                 print "<result>1</result>";
 568                         } else {
 569                                 print "<result>0</result>";
 570                         }
 571
 572                         print "</rpc-reply>";
 573
 574                         return;
 575                 }
 576
 577                 if ($subop == "removeFromLabel") {
 578
 579                         $ids = explode(",", db_escape_string($_REQUEST["ids"]));
 580                         $label_id = db_escape_string($_REQUEST["lid"]);
 581
 582                         $label = db_escape_string(label_find_caption($link, $label_id,
 583                                 $_SESSION["uid"]));
 584
 585                         print "<rpc-reply>";
 586                         print "<info-for-headlines>";
 587
 588                         if ($label) {
 589
 590                                 foreach ($ids as $id) {
 591                                         label_remove_article($link, $id, $label, $_SESSION["uid"]);
 592
 593                                         print "<entry id=\"$id\"><![CDATA[";
 594
 595                                         $labels = get_article_labels($link, $id, $_SESSION["uid"]);
 596                                         print format_article_labels($labels, $id);
 597
 598                                         print "]]></entry>";
 599
 600                                 }
 601                         }
 602
 603                         print "</info-for-headlines>";
 604
 605                         print "<message>UPDATE_COUNTERS</message>";
 606                         print "</rpc-reply>";
 607
 608                         return;
 609                 }
 610
 611                 if ($subop == "assignToLabel") {
 612
 613                         $ids = split(",", db_escape_string($_REQUEST["ids"]));
 614                         $label_id = db_escape_string($_REQUEST["lid"]);
 615
 616                         $label = db_escape_string(label_find_caption($link, $label_id,
 617                                 $_SESSION["uid"]));
 618
 619                         print "<rpc-reply>";
 620
 621                         print "<info-for-headlines>";
 622
 623                         if ($label) {
 624
 625                                 foreach ($ids as $id) {
 626                                         label_add_article($link, $id, $label, $_SESSION["uid"]);
 627
 628                                         print "<entry id=\"$id\"><![CDATA[";
 629
 630                                         $labels = get_article_labels($link, $id, $_SESSION["uid"]);
 631                                         print format_article_labels($labels, $id);
 632
 633                                         print "]]></entry>";
 634
 635                                 }
 636                         }
 637
 638                         print "</info-for-headlines>";
 639
 640                         print "<message>UPDATE_COUNTERS</message>";
 641                         print "</rpc-reply>";
 642
 643                         return;
 644                 }
 645
 646                 if ($subop == "updateFeedBrowser") {
 647
 648                         $search = db_escape_string($_REQUEST["search"]);
 649                         $limit = db_escape_string($_REQUEST["limit"]);
 650                         $mode = db_escape_string($_REQUEST["mode"]);
 651
 652                         print "<rpc-reply>";
 653                         print "<content>";
 654                         print "<![CDATA[";
 655                         $ctr = print_feed_browser($link, $search, $limit, $mode);
 656                         print "]]>";
 657                         print "</content>";
 658                         print "<num-results value=\"$ctr\"/>";
 659                         print "<mode value=\"$mode\"/>";
 660                         print "</rpc-reply>";
 661
 662                         return;
 663                 }
 664
 665
 666                 if ($subop == "massSubscribe") {
 667
 668                         $ids = split(",", db_escape_string($_REQUEST["ids"]));
 669                         $mode = $_REQUEST["mode"];
 670
 671                         $subscribed = array();
 672
 673                         foreach ($ids as $id) {
 674
 675                                 if ($mode == 1) {
 676                                         $result = db_query($link, "SELECT feed_url,title FROM ttrss_feeds
 677                                                 WHERE id = '$id'");
 678                                 } else if ($mode == 2) {
 679                                         $result = db_query($link, "SELECT * FROM ttrss_archived_feeds
 680                                                 WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 681                                         $orig_id = db_escape_string(db_fetch_result($result, 0, "id"));
 682                                         $site_url = db_escape_string(db_fetch_result($result, 0, "site_url"));
 683                                 }
 684
 685                                 $feed_url = db_escape_string(db_fetch_result($result, 0, "feed_url"));
 686                                 $title = db_escape_string(db_fetch_result($result, 0, "title"));
 687
 688                                 $title_orig = db_fetch_result($result, 0, "title");
 689
 690                                 $result = db_query($link, "SELECT id FROM ttrss_feeds WHERE
 691                                                 feed_url = '$feed_url' AND owner_uid = " . $_SESSION["uid"]);
 692
 693                                 if (db_num_rows($result) == 0) {
 694                                         if ($mode == 1) {
 695                                                 $result = db_query($link,
 696                                                         "INSERT INTO ttrss_feeds (owner_uid,feed_url,title,cat_id)
 697                                                         VALUES ('".$_SESSION["uid"]."', '$feed_url', '$title', NULL)");
 698                                         } else if ($mode == 2) {
 699                                                 $result = db_query($link,
 700                                                         "INSERT INTO ttrss_feeds (id,owner_uid,feed_url,title,cat_id,site_url)
 701                                                         VALUES ('$orig_id','".$_SESSION["uid"]."', '$feed_url', '$title', NULL, '$site_url')");
 702                                         }
 703                                         array_push($subscribed, $title_orig);
 704                                 }
 705                         }
 706
 707                         $num_feeds = count($subscribed);
 708
 709                         print "<rpc-reply>";
 710                         print "<num-feeds value='$num_feeds'/>";
 711                         print "</rpc-reply>";
 712
 713                         return;
 714                 }
 715
 716                 if ($subop == "digest-get-contents") {
 717                         $article_id = db_escape_string($_REQUEST['article_id']);
 718
 719                         $result = db_query($link, "SELECT content
 720                                 FROM ttrss_entries, ttrss_user_entries
 721                                 WHERE id = '$article_id' AND ref_id = id AND owner_uid = ".$_SESSION['uid']);
 722
 723                         print "<rpc-reply>";
 724
 725                         print "<article id=\"$article_id\"><![CDATA[";
 726
 727                         $content = sanitize_rss($link, db_fetch_result($result, 0, "content"));
 728
 729                         print $content;
 730
 731                         print "]]></article>";
 732
 733                         print "</rpc-reply>";
 734
 735                         return;
 736                 }
 737
 738                 if ($subop == "digest-update") {
 739                         $feed_id = db_escape_string($_REQUEST['feed_id']);
 740                         $offset = db_escape_string($_REQUEST['offset']);
 741                         $seq = db_escape_string($_REQUEST['seq']);
 742
 743                         if (!$feed_id) $feed_id = -4;
 744                         if (!$offset) $offset = 0;
 745                         print "<rpc-reply>";
 746
 747                         print "<seq>$seq</seq>";
 748
 749                         $headlines = api_get_headlines($link, $feed_id, 10, $offset,
 750                                 '', ($feed_id == -4), true, false, "unread", "updated DESC");
 751
 752                         //function api_get_headlines($link, $feed_id, $limit, $offset,
 753                         //              $filter, $is_cat, $show_excerpt, $show_content, $view_mode) {
 754
 755                         print "<headlines-title><![CDATA[" . getFeedTitle($link, $feed_id) .
 756                                 "]]></headlines-title>";
 757
 758                         print "<headlines><![CDATA[" . json_encode($headlines) . "]]></headlines>";
 759
 760                         print "</rpc-reply>";
 761                         return;
 762                 }
 763
 764                 if ($subop == "digest-init") {
 765                         print "<rpc-reply>";
 766
 767                         $tmp_feeds = api_get_feeds($link, -3, true, false, 0);
 768
 769                         $feeds = array();
 770
 771                         foreach ($tmp_feeds as $f) {
 772                                 if ($f['id'] > 0 || $f['id'] == -4) array_push($feeds, $f);
 773                         }
 774
 775                         print "<feeds><![CDATA[" . json_encode($feeds) . "]]></feeds>";
 776
 777                         print "</rpc-reply>";
 778                         return;
 779                 }
 780
 781                 if ($subop == "catchupFeed") {
 782
 783                         $feed_id = db_escape_string($_REQUEST['feed_id']);
 784                         $is_cat = db_escape_string($_REQUEST['is_cat']);
 785
 786                         print "<rpc-reply>";
 787
 788                         catchup_feed($link, $feed_id, $is_cat);
 789
 790                         print "</rpc-reply>";
 791
 792                         return;
 793                 }
 794
 795                 if ($subop == "sendEmail") {
 796                         $secretkey = $_REQUEST['secretkey'];
 797
 798                         print "<rpc-reply>";
 799
 800                         if (DIGEST_ENABLE && $_SESSION['email_secretkey'] &&
 801                                                 $secretkey == $_SESSION['email_secretkey']) {
 802
 803                                 $_SESSION['email_secretkey'] = '';
 804
 805                                 $destination = $_REQUEST['destination'];
 806                                 $subject = $_REQUEST['subject'];
 807                                 $content = $_REQUEST['content'];
 808
 809                                 $replyto = strip_tags($_SESSION['email_replyto']);
 810                                 $fromname = strip_tags($_SESSION['email_fromname']);
 811
 812                                 $mail = new PHPMailer();
 813
 814                                 $mail->PluginDir = "lib/phpmailer/";
 815                                 $mail->SetLanguage("en", "lib/phpmailer/language/");
 816
 817                                 $mail->CharSet = "UTF-8";
 818
 819                                 $mail->From = $replyto;
 820                                 $mail->FromName = $fromname;
 821                                 $mail->AddAddress($destination);
 822
 823                                 if (DIGEST_SMTP_HOST) {
 824                                         $mail->Host = DIGEST_SMTP_HOST;
 825                                         $mail->Mailer = "smtp";
 826                                         $mail->SMTPAuth = DIGEST_SMTP_LOGIN != '';
 827                                         $mail->Username = DIGEST_SMTP_LOGIN;
 828                                         $mail->Password = DIGEST_SMTP_PASSWORD;
 829                                 }
 830
 831                                 $mail->IsHTML(false);
 832                                 $mail->Subject = $subject;
 833                                 $mail->Body = $content;
 834
 835                                 $rc = $mail->Send();
 836
 837                                 if (!$rc) {
 838                                         print "<error><![CDATA[" . $mail->ErrorInfo . "]]></error>";
 839                                 } else {
 840                                         save_email_address($link, db_escape_string($destination));
 841                                         print "<message>UPDATE_COUNTERS</message>";
 842                                 }
 843
 844                         } else {
 845                                 print "<error>Not authorized.</error>";
 846                         }
 847
 848                         print "</rpc-reply>";
 849
 850                         return;
 851                 }
 852
 853                 if ($subop == "completeEmails") {
 854
 855                         $search = db_escape_string($_REQUEST["search"]);
 856
 857                         print "<ul>";
 858
 859                         foreach ($_SESSION['stored_emails'] as $email) {
 860                                 if (strpos($email, $search) !== false) {
 861                                         print "<li>$email</li>";
 862                                 }
 863                         }
 864
 865                         print "</ul>";
 866
 867                         return;
 868                 }
 869
 870                 if ($subop == "quickAddCat") {
 871                         print "<rpc-reply>";
 872
 873                         $cat = db_escape_string($_REQUEST["cat"]);
 874
 875                         add_feed_category($link, $cat);
 876
 877                         $result = db_query($link, "SELECT id FROM ttrss_feed_categories WHERE
 878                                 title = '$cat' AND owner_uid = " . $_SESSION["uid"]);
 879
 880                         if (db_num_rows($result) == 1) {
 881                                 $id = db_fetch_result($result, 0, "id");
 882                         } else {
 883                                 $id = 0;
 884                         }
 885
 886                         print_feed_cat_select($link, "cat_id", $id);
 887
 888                         print "</rpc-reply>";
 889
 890                         return;
 891                 }
 892
 893                 if ($subop == "regenFeedKey") {
 894                         $feed_id = db_escape_string($_REQUEST['id']);
 895                         $is_cat = (bool) db_escape_string($_REQUEST['is_cat']);
 896
 897                         print "<rpc-reply>";
 898
 899                         $new_key = update_feed_access_key($link, $feed_id, $is_cat);
 900
 901                         print "<link><![CDATA[$new_key]]></link>";
 902
 903                         print "</rpc-reply>";
 904
 905                         return;
 906                 }
 907
 908                 if ($subop == "clearKeys") {
 909
 910                         db_query($link, "DELETE FROM ttrss_access_keys WHERE
 911                                 owner_uid = " . $_SESSION["uid"]);
 912
 913                         print "<rpc-reply>";
 914                         print "<message>UPDATE_COUNTERS</message>";
 915                         print "</rpc-reply>";
 916
 917                         return;
 918                 }
 919
 920                 if ($subop == "verifyRegexp") {
 921                         $reg_exp = $_REQUEST["reg_exp"];
 922
 923                         print "<rpc-reply><status>";
 924
 925                         if (@preg_match("/$reg_exp/i", "TEST") === false) {
 926                                 print "INVALID";
 927                         } else {
 928                                 print "OK";
 929                         }
 930
 931                         print "</status></rpc-reply>";
 932
 933                         return;
 934                 }
 935
 936                 if ($subop == "cdmGetArticle") {
 937                         $id = db_escape_string($_REQUEST["id"]);
 938
 939                         $result = db_query($link, "SELECT content,
 940                                 ttrss_feeds.site_url AS site_url FROM ttrss_user_entries, ttrss_feeds,
 941                                 ttrss_entries
 942                                 WHERE feed_id = ttrss_feeds.id AND ref_id = '$id' AND
 943                                 ttrss_entries.id = ref_id AND
 944                                 ttrss_user_entries.owner_uid = ".$_SESSION["uid"]);
 945
 946                         if (db_num_rows($result) != 0) {
 947                                 $line = db_fetch_assoc($result);
 948
 949                                 $article_content = sanitize_rss($link, $line["content"],
 950                                         false, false, $line['site_url']);
 951
 952                         } else {
 953                                 $article_content = '';
 954                         }
 955
 956                         print "<rpc-reply><article id=\"$id\"><![CDATA[";
 957                         print "$article_content";
 958                         print "]]></article></rpc-reply>";
 959
 960                         return;
 961                 }
 962
 963                 if ($subop == "scheduleFeedUpdate") {
 964                         $feed_id = db_escape_string($_REQUEST["id"]);
 965                         $is_cat =  db_escape_string($_REQUEST['is_cat']) == 'true';
 966
 967                         $message = __("Your request could not be completed.");
 968
 969                         if ($feed_id >= 0) {
 970                                 if (!$is_cat) {
 971                                         $message = __("Feed update has been scheduled.");
 972
 973                                         db_query($link, "UPDATE ttrss_feeds SET
 974                                                 last_update_started = '1970-01-01',
 975                                                 last_updated = '1970-01-01' WHERE id = '$feed_id' AND
 976                                                 owner_uid = ".$_SESSION["uid"]);
 977
 978                                 } else {
 979                                         $message = __("Category update has been scheduled.");
 980
 981                                         if ($feed_id)
 982                                                 $cat_query = "cat_id = '$feed_id'";
 983                                         else
 984                                                 $cat_query = "cat_id IS NULL";
 985
 986                                         db_query($link, "UPDATE ttrss_feeds SET
 987                                                 last_update_started = '1970-01-01',
 988                                                 last_updated = '1970-01-01' WHERE $cat_query AND
 989                                                 owner_uid = ".$_SESSION["uid"]);
 990                                 }
 991                         } else {
 992                                 $message = __("Can't update this kind of feed.");
 993                         }
 994
 995                         print "<rpc-reply>";
 996                         print "<message>$message</message>";
 997                         print "</rpc-reply>";
 998
 999                         return;
1000                 }
1001
1002                 print "<rpc-reply><error>Unknown method: $subop</error></rpc-reply>";
1003         }
1004 ?>