modules/backend-rpc.php

   1 <?php
   2         function handle_rpc_request($link) {
   3
   4                 $subop = $_GET["subop"];
   5
   6                 if ($subop == "setpref") {
   7                         if (WEB_DEMO_MODE) {
   8                                 return;
   9                         }
  10
  11                         print "<rpc-reply>";
  12
  13                         $key = db_escape_string($_GET["key"]);
  14                         $value = db_escape_string($_GET["value"]);
  15
  16                         set_pref($link, $key, $value);
  17
  18                         print "<param-set key=\"$key\" value=\"$value\"/>";
  19
  20                         print "</rpc-reply>";
  21
  22                         return;
  23                 }
  24
  25                 if ($subop == "getLabelCounters") {
  26                         $aid = $_GET["aid"];
  27                         print "<rpc-reply>";
  28                         print "<counters>";
  29                         getLabelCounters($link);
  30                         if ($aid) {
  31                                 getFeedCounter($link, $aid);
  32                         }
  33                         print "</counters>";
  34                         print "</rpc-reply>";
  35
  36                         return;
  37                 }
  38
  39                 if ($subop == "getFeedCounters") {
  40                         print "<rpc-reply>";
  41                         print "<counters>";
  42                         getFeedCounters($link);
  43                         print "</counters>";
  44                         print "</rpc-reply>";
  45
  46                         return;
  47                 }
  48
  49                 if ($subop == "getAllCounters") {
  50                         print "<rpc-reply>";
  51                         print "<counters>";
  52
  53                         $omode = $_GET["omode"];
  54
  55                         getAllCounters($link, $omode);
  56                         print "</counters>";
  57                         print_runtime_info($link);
  58                         print "</rpc-reply>";
  59
  60                         return;
  61                 }
  62
  63                 if ($subop == "mark") {
  64                         $mark = $_GET["mark"];
  65                         $id = db_escape_string($_GET["id"]);
  66
  67                         if ($mark == "1") {
  68                                 $mark = "true";
  69                         } else {
  70                                 $mark = "false";
  71                         }
  72
  73                         // FIXME this needs collision testing
  74
  75                         $result = db_query($link, "UPDATE ttrss_user_entries SET marked = $mark
  76                                 WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
  77
  78                         print "<rpc-reply><counters>";
  79                         getGlobalCounters($link);
  80                         getLabelCounters($link);
  81                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
  82                                 getCategoryCounters($link);
  83                         }
  84                         print "</counters></rpc-reply>";
  85
  86                         return;
  87                 }
  88
  89                 if ($subop == "publ") {
  90                         $pub = $_GET["pub"];
  91                         $id = db_escape_string($_GET["id"]);
  92
  93                         if ($pub == "1") {
  94                                 $pub = "true";
  95                         } else {
  96                                 $pub = "false";
  97                         }
  98
  99                         // FIXME this needs collision testing
 100
 101                         $result = db_query($link, "UPDATE ttrss_user_entries SET published = $pub
 102                                 WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 103
 104                         print "<rpc-reply><counters>";
 105                         getGlobalCounters($link);
 106                         getLabelCounters($link);
 107                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 108                                 getCategoryCounters($link);
 109                         }
 110                         print "</counters></rpc-reply>";
 111
 112                         return;
 113                 }
 114
 115                 if ($subop == "updateFeed") {
 116                         $feed_id = db_escape_string($_GET["feed"]);
 117
 118                         $result = db_query($link,
 119                                 "SELECT feed_url FROM ttrss_feeds WHERE id = '$feed_id'
 120                                         AND owner_uid = " . $_SESSION["uid"]);
 121
 122                         if (db_num_rows($result) > 0) {
 123                                 $feed_url = db_fetch_result($result, 0, "feed_url");
 124                                 update_rss_feed($link, $feed_url, $feed_id);
 125                         }
 126
 127                         print "<rpc-reply>";
 128                         print "<counters>";
 129                         getFeedCounter($link, $feed_id);
 130                         print "</counters>";
 131                         print "</rpc-reply>";
 132
 133                         return;
 134                 }
 135
 136                 if ($subop == "forceUpdateAllFeeds" || $subop == "updateAllFeeds") {
 137
 138                         if (ENABLE_UPDATE_DAEMON) {
 139
 140                                 if ($subop == "forceUpdateAllFeeds") {
 141
 142                                         $result = db_query($link, "SELECT count(id) AS cid FROM
 143                                                 ttrss_scheduled_updates WHERE feed_id IS NULL AND
 144                                                         owner_uid = " . $_SESSION["uid"]);
 145
 146                                         $cid = db_fetch_result($result, 0, "cid");
 147
 148                                         if ($cid == 0) {
 149
 150                                                 db_query($link, "INSERT INTO ttrss_scheduled_updates
 151                                                         (owner_uid, feed_id, entered) VALUES
 152                                                         (".$_SESSION["uid"].", NULL, NOW())");
 153
 154                                         }
 155                                 }
 156
 157                         } else {
 158                                 update_all_feeds($link, $subop == "forceUpdateAllFeeds");
 159                         }
 160
 161                         $global_unread_caller = sprintf("%d", $_GET["uctr"]);
 162                         $global_unread = getGlobalUnread($link);
 163
 164                         print "<rpc-reply>";
 165
 166                         print "<counters>";
 167
 168                         if ($global_unread_caller != $global_unread) {
 169
 170                                 $omode = $_GET["omode"];
 171
 172                                 if (!$omode) $omode = "tflc";
 173
 174                                 if (strchr($omode, "l")) getLabelCounters($link);
 175                                 if (strchr($omode, "f")) getFeedCounters($link);
 176                                 if (strchr($omode, "t")) getTagCounters($link);
 177                                 if (strchr($omode, "c")) {
 178                                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 179                                                 getCategoryCounters($link);
 180                                         }
 181                                 }
 182                         }
 183
 184                         getGlobalCounters($link, $global_unread);
 185
 186                         print "</counters>";
 187
 188                         print_runtime_info($link);
 189
 190                         print "</rpc-reply>";
 191
 192                         return;
 193                 }
 194
 195                 /* GET["cmode"] = 0 - mark as read, 1 - as unread, 2 - toggle */
 196                 if ($subop == "catchupSelected") {
 197
 198                         $ids = split(",", db_escape_string($_GET["ids"]));
 199                         $cmode = sprintf("%d", $_GET["cmode"]);
 200
 201                         catchupArticlesById($link, $ids, $cmode);
 202
 203                         print "<rpc-reply>";
 204                         print "<counters>";
 205                         getAllCounters($link, $_GET["omode"]);
 206                         print "</counters>";
 207                         print_runtime_info($link);
 208                         print "</rpc-reply>";
 209
 210                         return;
 211                 }
 212
 213                 if ($subop == "markSelected") {
 214
 215                         $ids = split(",", db_escape_string($_GET["ids"]));
 216                         $cmode = sprintf("%d", $_GET["cmode"]);
 217
 218                         markArticlesById($link, $ids, $cmode);
 219
 220                         print "<rpc-reply>";
 221                         print "<counters>";
 222                         getAllCounters($link, $_GET["omode"]);
 223                         print "</counters>";
 224                         print_runtime_info($link);
 225                         print "</rpc-reply>";
 226
 227                         return;
 228                 }
 229
 230                 if ($subop == "publishSelected") {
 231
 232                         $ids = split(",", db_escape_string($_GET["ids"]));
 233                         $cmode = sprintf("%d", $_GET["cmode"]);
 234
 235                         publishArticlesById($link, $ids, $cmode);
 236
 237                         print "<rpc-reply>";
 238                         print "<counters>";
 239                         getAllCounters($link, $_GET["omode"]);
 240                         print "</counters>";
 241                         print_runtime_info($link);
 242                         print "</rpc-reply>";
 243
 244                         return;
 245                 }
 246
 247                 if ($subop == "sanityCheck") {
 248                         print "<rpc-reply>";
 249                         if (sanity_check($link)) {
 250                                 print "<error error-code=\"0\"/>";
 251                                 print_init_params($link);
 252                                 print_runtime_info($link);
 253
 254                                 # assign client-passed params to session
 255                                 $_SESSION["client.userAgent"] = $_GET["ua"];
 256
 257                         }
 258                         print "</rpc-reply>";
 259
 260                         return;
 261                 }
 262
 263                 if ($subop == "globalPurge") {
 264
 265                         print "<rpc-reply>";
 266                         global_purge_old_posts($link, true);
 267                         print "</rpc-reply>";
 268
 269                         return;
 270                 }
 271
 272                 if ($subop == "getArticleLink") {
 273
 274                         $id = db_escape_string($_GET["id"]);
 275
 276                         $result = db_query($link, "SELECT link FROM ttrss_entries, ttrss_user_entries
 277                                 WHERE id = '$id' AND id = ref_id AND owner_uid = '".$_SESSION['uid']."'");
 278
 279                         if (db_num_rows($result) == 1) {
 280                                 $link = strip_tags(db_fetch_result($result, 0, "link"));
 281                                 print "<rpc-reply><link>$link</link><id>$id</id></rpc-reply>";
 282                         } else {
 283                                 print "<rpc-reply><error>Article not found</error></rpc-reply>";
 284                         }
 285
 286                         return;
 287                 }
 288
 289                 if ($subop == "setArticleTags") {
 290
 291                         $id = db_escape_string($_GET["id"]);
 292
 293                         $tags_str = db_escape_string($_GET["tags_str"]);
 294
 295                         $tags = array_unique(trim_array(split(",", $tags_str)));
 296
 297                         db_query($link, "BEGIN");
 298
 299                         $result = db_query($link, "SELECT int_id FROM ttrss_user_entries WHERE
 300                                 ref_id = '$id' AND owner_uid = '".$_SESSION["uid"]."' LIMIT 1");
 301
 302                         if (db_num_rows($result) == 1) {
 303
 304                                 $int_id = db_fetch_result($result, 0, "int_id");
 305
 306                                 db_query($link, "DELETE FROM ttrss_tags WHERE
 307                                         post_int_id = $int_id AND owner_uid = '".$_SESSION["uid"]."'");
 308
 309                                 foreach ($tags as $tag) {
 310                                         $tag = sanitize_tag($tag);
 311
 312                                         if (!tag_is_valid($tag)) {
 313                                                 continue;
 314                                         }
 315
 316                                         if (preg_match("/^[0-9]*$/", $tag)) {
 317                                                 continue;
 318                                         }
 319
 320                                         print "<!-- $id : $int_id : $tag -->";
 321
 322                                         if ($tag != '') {
 323                                                 db_query($link, "INSERT INTO ttrss_tags
 324                                                         (post_int_id, owner_uid, tag_name) VALUES ('$int_id', '".$_SESSION["uid"]."', '$tag')");
 325                                         }
 326                                 }
 327                         }
 328
 329                         db_query($link, "COMMIT");
 330
 331                         print "<rpc-reply>
 332                                 <message>$id</message>
 333                                 </rpc-reply>";
 334
 335                         return;
 336                 }
 337
 338                 if ($subop == "regenPubKey") {
 339
 340                         print "<rpc-reply>";
 341
 342                         set_pref($link, "_PREFS_PUBLISH_KEY", generate_publish_key());
 343
 344                         $new_link = article_publish_url($link);
 345
 346                         print "<link><![CDATA[$new_link]]></link>";
 347
 348                         print "</rpc-reply>";
 349
 350                         return;
 351                 }
 352
 353                 if ($subop == "logout") {
 354                         logout_user();
 355                         print_error_xml(6);
 356                         return;
 357                 }
 358
 359                 if ($subop == "completeTags") {
 360
 361                         $search = db_escape_string($_REQUEST["search"]);
 362
 363                         $result = db_query($link, "SELECT DISTINCT tag_name FROM ttrss_tags
 364                                 WHERE owner_uid = '".$_SESSION["uid"]."' AND
 365                                 tag_name LIKE '$search%' ORDER BY tag_name
 366                                 LIMIT 10");
 367
 368                         print "<ul>";
 369                         while ($line = db_fetch_assoc($result)) {
 370                                 print "<li>" . $line["tag_name"] . "</li>";
 371                         }
 372                         print "</ul>";
 373
 374                         return;
 375                 }
 376
 377                 print "<rpc-reply><error>Unknown method: $subop</error></rpc-reply>";
 378         }
 379 ?>