modules/backend-rpc.php

   1 <?php
   2         function handle_rpc_request($link) {
   3
   4                 $subop = $_GET["subop"];
   5
   6                 if ($subop == "setpref") {
   7                         if (WEB_DEMO_MODE) {
   8                                 return;
   9                         }
  10
  11                         print "<rpc-reply>";
  12
  13                         $key = db_escape_string($_GET["key"]);
  14                         $value = db_escape_string($_GET["value"]);
  15
  16                         set_pref($link, $key, $value);
  17
  18                         print "<param-set key=\"$key\" value=\"$value\"/>";
  19
  20                         print "</rpc-reply>";
  21
  22                 }
  23
  24                 if ($subop == "getLabelCounters") {
  25                         $aid = $_GET["aid"];
  26                         print "<rpc-reply>";
  27                         print "<counters>";
  28                         getLabelCounters($link);
  29                         if ($aid) {
  30                                 getFeedCounter($link, $aid);
  31                         }
  32                         print "</counters>";
  33                         print "</rpc-reply>";
  34                 }
  35
  36                 if ($subop == "getFeedCounters") {
  37                         print "<rpc-reply>";
  38                         print "<counters>";
  39                         getFeedCounters($link);
  40                         print "</counters>";
  41                         print "</rpc-reply>";
  42                 }
  43
  44                 if ($subop == "getAllCounters") {
  45                         print "<rpc-reply>";
  46                         print "<counters>";
  47
  48                         $omode = $_GET["omode"];
  49
  50                         getAllCounters($link, $omode);
  51                         print "</counters>";
  52                         print_runtime_info($link);
  53                         print "</rpc-reply>";
  54                 }
  55
  56                 if ($subop == "mark") {
  57                         $mark = $_GET["mark"];
  58                         $id = db_escape_string($_GET["id"]);
  59
  60                         if ($mark == "1") {
  61                                 $mark = "true";
  62                         } else {
  63                                 $mark = "false";
  64                         }
  65
  66                         // FIXME this needs collision testing
  67
  68                         $result = db_query($link, "UPDATE ttrss_user_entries SET marked = $mark
  69                                 WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
  70                 }
  71
  72                 if ($subop == "updateFeed") {
  73                         $feed_id = db_escape_string($_GET["feed"]);
  74
  75                         $result = db_query($link,
  76                                 "SELECT feed_url FROM ttrss_feeds WHERE id = '$feed_id'
  77                                         AND owner_uid = " . $_SESSION["uid"]);
  78
  79                         if (db_num_rows($result) > 0) {
  80                                 $feed_url = db_fetch_result($result, 0, "feed_url");
  81                                 update_rss_feed($link, $feed_url, $feed_id);
  82                         }
  83
  84                         print "<rpc-reply>";
  85                         print "<counters>";
  86                         getFeedCounter($link, $feed_id);
  87                         print "</counters>";
  88                         print "</rpc-reply>";
  89
  90                         return;
  91                 }
  92
  93                 if ($subop == "forceUpdateAllFeeds" || $subop == "updateAllFeeds") {
  94
  95                         if (ENABLE_UPDATE_DAEMON) {
  96
  97                                 if ($subop == "forceUpdateAllFeeds") {
  98
  99                                         $result = db_query($link, "SELECT count(id) AS cid FROM
 100                                                 ttrss_scheduled_updates WHERE feed_id IS NULL AND
 101                                                         owner_uid = " . $_SESSION["uid"]);
 102
 103                                         $cid = db_fetch_result($result, 0, "cid");
 104
 105                                         if ($cid == 0) {
 106
 107                                                 db_query($link, "INSERT INTO ttrss_scheduled_updates
 108                                                         (owner_uid, feed_id, entered) VALUES
 109                                                         (".$_SESSION["uid"].", NULL, NOW())");
 110
 111                                         }
 112                                 }
 113
 114                         } else {
 115                                 update_all_feeds($link, $subop == "forceUpdateAllFeeds");
 116                         }
 117
 118                         $global_unread_caller = sprintf("%d", $_GET["uctr"]);
 119                         $global_unread = getGlobalUnread($link);
 120
 121                         print "<rpc-reply>";
 122
 123                         print "<counters>";
 124
 125                         if ($global_unread_caller != $global_unread) {
 126
 127                                 $omode = $_GET["omode"];
 128
 129                                 if (!$omode) $omode = "tflc";
 130
 131                                 if (strchr($omode, "l")) getLabelCounters($link);
 132                                 if (strchr($omode, "f")) getFeedCounters($link);
 133                                 if (strchr($omode, "t")) getTagCounters($link);
 134                                 if (strchr($omode, "c")) {
 135                                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 136                                                 getCategoryCounters($link);
 137                                         }
 138                                 }
 139                         }
 140
 141                         getGlobalCounters($link, $global_unread);
 142
 143                         print "</counters>";
 144
 145                         print_runtime_info($link);
 146
 147                         print "</rpc-reply>";
 148
 149                 }
 150
 151                 /* GET["cmode"] = 0 - mark as read, 1 - as unread, 2 - toggle */
 152                 if ($subop == "catchupSelected") {
 153
 154                         $ids = split(",", db_escape_string($_GET["ids"]));
 155                         $cmode = sprintf("%d", $_GET["cmode"]);
 156
 157                         catchupArticlesById($link, $ids, $cmode);
 158
 159                         print "<rpc-reply>";
 160                         print "<counters>";
 161                         getAllCounters($link);
 162                         print "</counters>";
 163                         print_runtime_info($link);
 164                         print "</rpc-reply>";
 165                 }
 166
 167                 if ($subop == "markSelected") {
 168
 169                         $ids = split(",", db_escape_string($_GET["ids"]));
 170                         $cmode = sprintf("%d", $_GET["cmode"]);
 171
 172                         markArticlesById($link, $ids, $cmode);
 173
 174                         print "<rpc-reply>";
 175                         print "<counters>";
 176                         getAllCounters($link);
 177                         print "</counters>";
 178                         print_runtime_info($link);
 179                         print "</rpc-reply>";
 180                 }
 181
 182                 if ($subop == "sanityCheck") {
 183                         print "<rpc-reply>";
 184                         if (sanity_check($link)) {
 185                                 print "<error error-code=\"0\"/>";
 186                                 print_init_params($link);
 187                                 print_runtime_info($link);
 188
 189                                 # assign client-passed params to session
 190                                 $_SESSION["client.userAgent"] = $_GET["ua"];
 191
 192                         }
 193                         print "</rpc-reply>";
 194                 }
 195
 196                 if ($subop == "globalPurge") {
 197
 198                         print "<rpc-reply>";
 199                         global_purge_old_posts($link, true);
 200                         print "</rpc-reply>";
 201
 202                 }
 203
 204                 if ($subop == "getArticleLink") {
 205
 206                         $id = db_escape_string($_GET["id"]);
 207
 208                         $result = db_query($link, "SELECT link FROM ttrss_entries, ttrss_user_entries
 209                                 WHERE id = '$id' AND id = ref_id AND owner_uid = '".$_SESSION['uid']."'");
 210
 211                         if (db_num_rows($result) == 1) {
 212                                 $link = strip_tags(db_fetch_result($result, 0, "link"));
 213                                 print "<rpc-reply><link>$link</link><id>$id</id></rpc-reply>";
 214                         } else {
 215                                 print "<rpc-reply><error>Article not found</error></rpc-reply>";
 216                         }
 217                 }
 218
 219                 if ($subop == "setArticleTags") {
 220
 221                         $id = db_escape_string($_GET["id"]);
 222
 223                         $tags_str = db_escape_string($_GET["tags_str"]);
 224
 225                         $tags = array_unique(trim_array(split(",", $tags_str)));
 226
 227                         db_query($link, "BEGIN");
 228
 229                         $result = db_query($link, "SELECT int_id FROM ttrss_user_entries WHERE
 230                                 ref_id = '$id' AND owner_uid = '".$_SESSION["uid"]."' LIMIT 1");
 231
 232                         if (db_num_rows($result) == 1) {
 233
 234                                 $int_id = db_fetch_result($result, 0, "int_id");
 235
 236                                 db_query($link, "DELETE FROM ttrss_tags WHERE
 237                                         post_int_id = $int_id AND owner_uid = '".$_SESSION["uid"]."'");
 238
 239                                 foreach ($tags as $tag) {
 240                                         $tag = sanitize_tag($tag);
 241
 242                                         if (!tag_is_valid($tag)) {
 243                                                 continue;
 244                                         }
 245
 246                                         if (preg_match("/^[0-9]*$/", $tag)) {
 247                                                 continue;
 248                                         }
 249
 250 //                                      print "<!-- $tag -->";
 251
 252                                         if ($tag != '') {
 253                                                 db_query($link, "INSERT INTO ttrss_tags
 254                                                         (post_int_id, owner_uid, tag_name) VALUES ('$int_id', '".$_SESSION["uid"]."', '$tag')");
 255                                         }
 256                                 }
 257                         }
 258
 259                         db_query($link, "COMMIT");
 260
 261                         print "<rpc-reply>
 262                                 <message>$id</message>
 263                                 </rpc-reply>";
 264
 265                 }
 266
 267                 if ($subop == "logout") {
 268                         logout_user();
 269                         print_error_xml(6);
 270                 }
 271
 272         }
 273 ?>