]> git.wh0rd.org - tt-rss.git/blob - modules/backend-rpc.php
git.wh0rd.org / tt-rss.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
check regular expression before adding/saving filter
[tt-rss.git] / modules / backend-rpc.php
1 <?php
2 function handle_rpc_request($link) {
3
4 $subop = $_REQUEST["subop"];
5
6 if ($subop == "setprofile") {
7 $id = db_escape_string($_REQUEST["id"]);
8
9 $_SESSION["profile"] = $id;
10 $_SESSION["prefs_cache"] = array();
11 return;
12 }
13
14 if ($subop == "remprofiles") {
15 $ids = split(",", db_escape_string(trim($_REQUEST["ids"])));
16
17 foreach ($ids as $id) {
18 if ($_SESSION["profile"] != $id) {
19 db_query($link, "DELETE FROM ttrss_settings_profiles WHERE id = '$id' AND
20 owner_uid = " . $_SESSION["uid"]);
21 }
22 }
23 return;
24 }
25
26 if ($subop == "addprofile") {
27 $title = db_escape_string(trim($_REQUEST["title"]));
28 if ($title) {
29 db_query($link, "BEGIN");
30
31 $result = db_query($link, "SELECT id FROM ttrss_settings_profiles
32 WHERE title = '$title' AND owner_uid = " . $_SESSION["uid"]);
33
34 if (db_num_rows($result) == 0) {
35
36 db_query($link, "INSERT INTO ttrss_settings_profiles (title, owner_uid)
37 VALUES ('$title', ".$_SESSION["uid"] .")");
38
39 $result = db_query($link, "SELECT id FROM ttrss_settings_profiles WHERE
40 title = '$title'");
41
42 if (db_num_rows($result) != 0) {
43 $profile_id = db_fetch_result($result, 0, "id");
44
45 if ($profile_id) {
46 initialize_user_prefs($link, $_SESSION["uid"], $profile_id);
47 }
48 }
49 }
50
51 db_query($link, "COMMIT");
52 }
53 return;
54 }
55
56 if ($subop == "saveprofile") {
57 $id = db_escape_string($_REQUEST["id"]);
58 $title = db_escape_string(trim($_REQUEST["value"]));
59
60 if ($id == 0) {
61 print __("Default profile");
62 return;
63 }
64
65 if ($title) {
66 db_query($link, "BEGIN");
67
68 $result = db_query($link, "SELECT id FROM ttrss_settings_profiles
69 WHERE title = '$title' AND owner_uid =" . $_SESSION["uid"]);
70
71 if (db_num_rows($result) == 0) {
72 db_query($link, "UPDATE ttrss_settings_profiles
73 SET title = '$title' WHERE id = '$id' AND
74 owner_uid = " . $_SESSION["uid"]);
75 print $title;
76 } else {
77 $result = db_query($link, "SELECT title FROM ttrss_settings_profiles
78 WHERE id = '$id' AND owner_uid =" . $_SESSION["uid"]);
79 print db_fetch_result($result, 0, "title");
80 }
81
82 db_query($link, "COMMIT");
83 }
84 return;
85 }
86
87 if ($subop == "remarchive") {
88 $ids = split(",", db_escape_string($_REQUEST["ids"]));
89
90 print "<rpc-reply>";
91
92 foreach ($ids as $id) {
93 $result = db_query($link, "DELETE FROM ttrss_archived_feeds WHERE
94 (SELECT COUNT(*) FROM ttrss_user_entries
95 WHERE orig_feed_id = '$id') = 0 AND
96 id = '$id' AND owner_uid = ".$_SESSION["uid"]);
97
98 $rc = db_affected_rows($link, $result);
99
100 print "<feed id='$id' rc='$rc'/>";
101
102 }
103
104 print "</rpc-reply>";
105
106 return;
107 }
108
109 if ($subop == "addfeed") {
110
111 $feed = db_escape_string($_REQUEST['feed']);
112 $cat = db_escape_string($_REQUEST['cat']);
113 $login = db_escape_string($_REQUEST['login']);
114 $pass = db_escape_string($_REQUEST['pass']);
115
116 $rc = subscribe_to_feed($link, $feed, $cat, $login, $pass);
117
118 print "<rpc-reply>";
119 print "<result code='$rc'/>";
120 print "</rpc-reply>";
121
122 return;
123
124 }
125
126 if ($subop == "extractfeedurls") {
127 print "<rpc-reply>";
128
129 $urls = get_feeds_from_html($_REQUEST['url']);
130 print "<urls><![CDATA[" . json_encode($urls) . "]]></urls>";
131
132 print "</rpc-reply>";
133 return;
134 }
135
136 if ($subop == "togglepref") {
137 print "<rpc-reply>";
138
139 $key = db_escape_string($_REQUEST["key"]);
140
141 set_pref($link, $key, !get_pref($link, $key));
142
143 $value = get_pref($link, $key);
144
145 print "<param-set key=\"$key\" value=\"$value\"/>";
146
147 print "</rpc-reply>";
148
149 return;
150 }
151
152 if ($subop == "setpref") {
153 print "<rpc-reply>";
154
155 $key = db_escape_string($_REQUEST["key"]);
156 $value = db_escape_string($_REQUEST["value"]);
157
158 set_pref($link, $key, $value);
159
160 print "<param-set key=\"$key\" value=\"$value\"/>";
161
162 print "</rpc-reply>";
163
164 return;
165 }
166
167 if ($subop == "mark") {
168 $mark = $_REQUEST["mark"];
169 $id = db_escape_string($_REQUEST["id"]);
170
171 if ($mark == "1") {
172 $mark = "true";
173 } else {
174 $mark = "false";
175 }
176
177 // FIXME this needs collision testing
178
179 $result = db_query($link, "UPDATE ttrss_user_entries SET marked = $mark
180 WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
181
182 print "<rpc-reply>";
183 print "<message>UPDATE_COUNTERS</message>";
184 print "</rpc-reply>";
185
186 return;
187 }
188
189 if ($subop == "delete") {
190 $ids = db_escape_string($_REQUEST["ids"]);
191
192 $result = db_query($link, "DELETE FROM ttrss_user_entries
193 WHERE ref_id IN ($ids) AND owner_uid = " . $_SESSION["uid"]);
194
195 print "<rpc-reply>";
196 print "<message>UPDATE_COUNTERS</message>";
197 print "</rpc-reply>";
198
199 return;
200 }
201
202 if ($subop == "unarchive") {
203 $ids = db_escape_string($_REQUEST["ids"]);
204
205 $result = db_query($link, "UPDATE ttrss_user_entries
206 SET feed_id = orig_feed_id, orig_feed_id = NULL
207 WHERE ref_id IN ($ids) AND owner_uid = " . $_SESSION["uid"]);
208
209 print "<rpc-reply>";
210 print "<message>UPDATE_COUNTERS</message>";
211 print "</rpc-reply>";
212
213 return;
214 }
215
216 if ($subop == "archive") {
217 $ids = split(",", db_escape_string($_REQUEST["ids"]));
218
219 foreach ($ids as $id) {
220 archive_article($link, $id, $_SESSION["uid"]);
221 }
222
223 print "<rpc-reply>";
224 print "<message>UPDATE_COUNTERS</message>";
225 print "</rpc-reply>";
226
227 return;
228 }
229
230
231 if ($subop == "publ") {
232 $pub = $_REQUEST["pub"];
233 $id = db_escape_string($_REQUEST["id"]);
234 $note = trim(strip_tags(db_escape_string($_REQUEST["note"])));
235
236 if ($pub == "1") {
237 $pub = "true";
238 } else {
239 $pub = "false";
240 }
241
242 if ($note != 'undefined') {
243 $note_qpart = "note = '$note',";
244 }
245
246 // FIXME this needs collision testing
247
248 $result = db_query($link, "UPDATE ttrss_user_entries SET
249 $note_qpart
250 published = $pub
251 WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
252
253
254 print "<rpc-reply>";
255
256 if ($note != 'undefined') {
257 $note_size = strlen($note);
258 print "<note id=\"$id\" size=\"$note_size\">";
259 print "<![CDATA[" . format_article_note($id, $note) . "]]>";
260 print "</note>";
261 }
262
263 print "<message>UPDATE_COUNTERS</message>";
264
265 print "</rpc-reply>";
266
267 return;
268 }
269
270 if ($subop == "updateFeed") {
271 $feed_id = db_escape_string($_REQUEST["feed"]);
272
273 update_rss_feed($link, $feed_id);
274
275 print "<rpc-reply>";
276 print "<message>UPDATE_COUNTERS</message>";
277 print "</rpc-reply>";
278
279 return;
280 }
281
282 if ($subop == "updateAllFeeds" || $subop == "getAllCounters") {
283
284 $last_article_id = (int) $_REQUEST["last_article_id"];
285
286 print "<rpc-reply>";
287
288 if ($last_article_id != getLastArticleId($link)) {
289 print "<counters><![CDATA[";
290 $omode = $_REQUEST["omode"];
291
292 if ($omode != "T")
293 print json_encode(getAllCounters($link, $omode));
294 else
295 print json_encode(getGlobalCounters($link));
296
297 print "]]></counters>";
298 }
299
300 print_runtime_info($link);
301
302 print "</rpc-reply>";
303
304 return;
305 }
306
307 /* GET["cmode"] = 0 - mark as read, 1 - as unread, 2 - toggle */
308 if ($subop == "catchupSelected") {
309
310 $ids = split(",", db_escape_string($_REQUEST["ids"]));
311 $cmode = sprintf("%d", $_REQUEST["cmode"]);
312
313 catchupArticlesById($link, $ids, $cmode);
314
315 print "<rpc-reply>";
316 print "<message>UPDATE_COUNTERS</message>";
317 print "</rpc-reply>";
318
319 return;
320 }
321
322 if ($subop == "markSelected") {
323
324 $ids = split(",", db_escape_string($_REQUEST["ids"]));
325 $cmode = sprintf("%d", $_REQUEST["cmode"]);
326
327 markArticlesById($link, $ids, $cmode);
328
329 print "<rpc-reply>";
330 print "<message>UPDATE_COUNTERS</message>";
331 print "</rpc-reply>";
332
333 return;
334 }
335
336 if ($subop == "publishSelected") {
337
338 $ids = split(",", db_escape_string($_REQUEST["ids"]));
339 $cmode = sprintf("%d", $_REQUEST["cmode"]);
340
341 publishArticlesById($link, $ids, $cmode);
342
343 print "<rpc-reply>";
344 print "<message>UPDATE_COUNTERS</message>";
345 print "</rpc-reply>";
346
347 return;
348 }
349
350 if ($subop == "sanityCheck") {
351 print "<rpc-reply>";
352 if (sanity_check($link)) {
353 print "<error error-code=\"0\"/>";
354
355 print "<init-params><![CDATA[";
356 print json_encode(make_init_params($link));
357 print "]]></init-params>";
358
359 print_runtime_info($link);
360
361 # assign client-passed params to session
362 $_SESSION["client.userAgent"] = $_REQUEST["ua"];
363
364 }
365 print "</rpc-reply>";
366
367 return;
368 }
369
370 if ($subop == "globalPurge") {
371
372 print "<rpc-reply>";
373 global_purge_old_posts($link, true);
374 print "</rpc-reply>";
375
376 return;
377 }
378
379 if ($subop == "getArticleLink") {
380
381 $id = db_escape_string($_REQUEST["id"]);
382
383 $result = db_query($link, "SELECT link FROM ttrss_entries, ttrss_user_entries
384 WHERE id = '$id' AND id = ref_id AND owner_uid = '".$_SESSION['uid']."'");
385
386 if (db_num_rows($result) == 1) {
387 $link = htmlspecialchars(strip_tags(db_fetch_result($result, 0, "link")));
388 print "<rpc-reply><link>$link</link><id>$id</id></rpc-reply>";
389 } else {
390 print "<rpc-reply><error>Article not found</error></rpc-reply>";
391 }
392
393 return;
394 }
395
396 if ($subop == "setArticleTags") {
397
398 global $memcache;
399
400 $id = db_escape_string($_REQUEST["id"]);
401
402 $tags_str = db_escape_string($_REQUEST["tags_str"]);
403 $tags = array_unique(trim_array(split(",", $tags_str)));
404
405 db_query($link, "BEGIN");
406
407 $result = db_query($link, "SELECT int_id FROM ttrss_user_entries WHERE
408 ref_id = '$id' AND owner_uid = '".$_SESSION["uid"]."' LIMIT 1");
409
410 if (db_num_rows($result) == 1) {
411
412 $tags_to_cache = array();
413
414 $int_id = db_fetch_result($result, 0, "int_id");
415
416 db_query($link, "DELETE FROM ttrss_tags WHERE
417 post_int_id = $int_id AND owner_uid = '".$_SESSION["uid"]."'");
418
419 foreach ($tags as $tag) {
420 $tag = sanitize_tag($tag);
421
422 if (!tag_is_valid($tag)) {
423 continue;
424 }
425
426 if (preg_match("/^[0-9]*$/", $tag)) {
427 continue;
428 }
429
430 // print "<!-- $id : $int_id : $tag -->";
431
432 if ($tag != '') {
433 db_query($link, "INSERT INTO ttrss_tags
434 (post_int_id, owner_uid, tag_name) VALUES ('$int_id', '".$_SESSION["uid"]."', '$tag')");
435 }
436
437 array_push($tags_to_cache, $tag);
438 }
439
440 /* update tag cache */
441
442 $tags_str = join(",", $tags_to_cache);
443
444 db_query($link, "UPDATE ttrss_user_entries
445 SET tag_cache = '$tags_str' WHERE ref_id = '$id'
446 AND owner_uid = " . $_SESSION["uid"]);
447 }
448
449 db_query($link, "COMMIT");
450
451 if ($memcache) {
452 $obj_id = md5("TAGS:".$_SESSION["uid"].":$id");
453 $memcache->delete($obj_id);
454 }
455
456 $tags_str = format_tags_string(get_article_tags($link, $id), $id);
457
458 print "<rpc-reply>
459 <tags-str id=\"$id\"><![CDATA[$tags_str]]></tags-str>
460 </rpc-reply>";
461
462 return;
463 }
464
465 if ($subop == "regenOPMLKey") {
466
467 print "<rpc-reply>";
468
469 update_feed_access_key($link, 'OPML:Publish',
470 false, $_SESSION["uid"]);
471
472 $new_link = opml_publish_url($link);
473 print "<link><![CDATA[$new_link]]></link>";
474 print "</rpc-reply>";
475 return;
476 }
477
478 if ($subop == "logout") {
479 logout_user();
480 print_error_xml(6);
481 return;
482 }
483
484 if ($subop == "completeTags") {
485
486 $search = db_escape_string($_REQUEST["search"]);
487
488 $result = db_query($link, "SELECT DISTINCT tag_name FROM ttrss_tags
489 WHERE owner_uid = '".$_SESSION["uid"]."' AND
490 tag_name LIKE '$search%' ORDER BY tag_name
491 LIMIT 10");
492
493 print "<ul>";
494 while ($line = db_fetch_assoc($result)) {
495 print "<li>" . $line["tag_name"] . "</li>";
496 }
497 print "</ul>";
498
499 return;
500 }
501
502 if ($subop == "purge") {
503 $ids = split(",", db_escape_string($_REQUEST["ids"]));
504 $days = sprintf("%d", $_REQUEST["days"]);
505
506 print "<rpc-reply>";
507
508 print "<message><![CDATA[";
509
510 foreach ($ids as $id) {
511
512 $result = db_query($link, "SELECT id FROM ttrss_feeds WHERE
513 id = '$id' AND owner_uid = ".$_SESSION["uid"]);
514
515 if (db_num_rows($result) == 1) {
516 purge_feed($link, $id, $days, true);
517 }
518 }
519
520 print "]]></message>";
521
522 print "</rpc-reply>";
523
524 return;
525 }
526
527 /* if ($subop == "setScore") {
528 $id = db_escape_string($_REQUEST["id"]);
529 $score = sprintf("%d", $_REQUEST["score"]);
530
531 $result = db_query($link, "UPDATE ttrss_user_entries SET score = '$score'
532 WHERE ref_id = '$id' AND owner_uid = ".$_SESSION["uid"]);
533
534 print "<rpc-reply><message>Acknowledged.</message></rpc-reply>";
535
536 return;
537
538 } */
539
540 if ($subop == "getArticles") {
541 $ids = split(",", db_escape_string($_REQUEST["ids"]));
542
543 print "<rpc-reply>";
544
545 foreach ($ids as $id) {
546 if ($id) {
547 outputArticleXML($link, $id, 0, false);
548 }
549 }
550 print "</rpc-reply>";
551
552 return;
553 }
554
555 if ($subop == "checkDate") {
556
557 $date = db_escape_string($_REQUEST["date"]);
558 $date_parsed = strtotime($date);
559
560 print "<rpc-reply>";
561
562 if ($date_parsed) {
563 print "<result>1</result>";
564 } else {
565 print "<result>0</result>";
566 }
567
568 print "</rpc-reply>";
569
570 return;
571 }
572
573 if ($subop == "removeFromLabel") {
574
575 $ids = explode(",", db_escape_string($_REQUEST["ids"]));
576 $label_id = db_escape_string($_REQUEST["lid"]);
577
578 $label = db_escape_string(label_find_caption($link, $label_id,
579 $_SESSION["uid"]));
580
581 print "<rpc-reply>";
582 print "<info-for-headlines>";
583
584 if ($label) {
585
586 foreach ($ids as $id) {
587 label_remove_article($link, $id, $label, $_SESSION["uid"]);
588
589 print "<entry id=\"$id\"><![CDATA[";
590
591 $labels = get_article_labels($link, $id, $_SESSION["uid"]);
592 print format_article_labels($labels, $id);
593
594 print "]]></entry>";
595
596 }
597 }
598
599 print "</info-for-headlines>";
600
601 print "<rpc-reply>";
602 print "<message>UPDATE_COUNTERS</message>";
603 print "</rpc-reply>";
604
605 return;
606 }
607
608 if ($subop == "assignToLabel") {
609
610 $ids = split(",", db_escape_string($_REQUEST["ids"]));
611 $label_id = db_escape_string($_REQUEST["lid"]);
612
613 $label = db_escape_string(label_find_caption($link, $label_id,
614 $_SESSION["uid"]));
615
616 print "<rpc-reply>";
617
618 print "<info-for-headlines>";
619
620 if ($label) {
621
622 foreach ($ids as $id) {
623 label_add_article($link, $id, $label, $_SESSION["uid"]);
624
625 print "<entry id=\"$id\"><![CDATA[";
626
627 $labels = get_article_labels($link, $id, $_SESSION["uid"]);
628 print format_article_labels($labels, $id);
629
630 print "]]></entry>";
631
632 }
633 }
634
635 print "</info-for-headlines>";
636
637 print "<rpc-reply>";
638 print "<message>UPDATE_COUNTERS</message>";
639 print "</rpc-reply>";
640
641 return;
642 }
643
644 if ($subop == "updateFeedBrowser") {
645
646 $search = db_escape_string($_REQUEST["search"]);
647 $limit = db_escape_string($_REQUEST["limit"]);
648 $mode = db_escape_string($_REQUEST["mode"]);
649
650 print "<rpc-reply>";
651 print "<content>";
652 print "<![CDATA[";
653 $ctr = print_feed_browser($link, $search, $limit, $mode);
654 print "]]>";
655 print "</content>";
656 print "<num-results value=\"$ctr\"/>";
657 print "<mode value=\"$mode\"/>";
658 print "</rpc-reply>";
659
660 return;
661 }
662
663
664 if ($subop == "massSubscribe") {
665
666 $ids = split(",", db_escape_string($_REQUEST["ids"]));
667 $mode = $_REQUEST["mode"];
668
669 $subscribed = array();
670
671 foreach ($ids as $id) {
672
673 if ($mode == 1) {
674 $result = db_query($link, "SELECT feed_url,title FROM ttrss_feeds
675 WHERE id = '$id'");
676 } else if ($mode == 2) {
677 $result = db_query($link, "SELECT * FROM ttrss_archived_feeds
678 WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
679 $orig_id = db_escape_string(db_fetch_result($result, 0, "id"));
680 $site_url = db_escape_string(db_fetch_result($result, 0, "site_url"));
681 }
682
683 $feed_url = db_escape_string(db_fetch_result($result, 0, "feed_url"));
684 $title = db_escape_string(db_fetch_result($result, 0, "title"));
685
686 $title_orig = db_fetch_result($result, 0, "title");
687
688 $result = db_query($link, "SELECT id FROM ttrss_feeds WHERE
689 feed_url = '$feed_url' AND owner_uid = " . $_SESSION["uid"]);
690
691 if (db_num_rows($result) == 0) {
692 if ($mode == 1) {
693 $result = db_query($link,
694 "INSERT INTO ttrss_feeds (owner_uid,feed_url,title,cat_id)
695 VALUES ('".$_SESSION["uid"]."', '$feed_url', '$title', NULL)");
696 } else if ($mode == 2) {
697 $result = db_query($link,
698 "INSERT INTO ttrss_feeds (id,owner_uid,feed_url,title,cat_id,site_url)
699 VALUES ('$orig_id','".$_SESSION["uid"]."', '$feed_url', '$title', NULL, '$site_url')");
700 }
701 array_push($subscribed, $title_orig);
702 }
703 }
704
705 $num_feeds = count($subscribed);
706
707 print "<rpc-reply>";
708 print "<num-feeds value='$num_feeds'/>";
709 print "</rpc-reply>";
710
711 return;
712 }
713
714 if ($subop == "download") {
715 $stage = (int) $_REQUEST["stage"];
716 $cidt = (int)db_escape_string($_REQUEST["cidt"]);
717 $cidb = (int)db_escape_string($_REQUEST["cidb"]);
718 $sync = db_escape_string($_REQUEST["sync"]);
719 //$amount = (int) $_REQUEST["amount"];
720 //$unread_only = db_escape_string($_REQUEST["unread_only"]);
721 //if (!$amount) $amount = 50;
722
723 /* Amount is not used by the frontend offline.js anymore, it goes by
724 * date_qpart below + cidb/cidt IDs */
725
726 $amount = 2000;
727 $unread_only = true;
728
729 print "<rpc-reply>";
730
731 $sync = split(";", $sync);
732
733 print "<sync>";
734
735 if (count($sync) > 0) {
736 if (strtotime($sync[0])) {
737 $last_online = db_escape_string($sync[0]);
738
739 print "<sync-point><![CDATA[$last_online]]></sync-point>";
740
741 for ($i = 1; $i < count($sync); $i++) {
742 $e = split(",", $sync[$i]);
743
744 if (count($e) == 3) {
745
746 $id = (int) $e[0];
747 $unread = bool_to_sql_bool((bool) $e[1]);
748 $marked = (bool)$e[2];
749
750 if ($marked) {
751 $marked = bool_to_sql_bool($marked);
752 $marked_qpart = "marked = $marked,";
753 }
754
755 $query = "UPDATE ttrss_user_entries SET
756 $marked_qpart
757 unread = $unread,
758 last_read = '$last_online'
759 WHERE ref_id = '$id' AND
760 (last_read IS NULL OR last_read < '$last_online') AND
761 owner_uid = ".$_SESSION["uid"];
762
763 $result = db_query($link, $query);
764
765 print "<sync-ok id=\"$id\"/>";
766
767 }
768 }
769
770 /* Maybe we need to further update local DB for this client */
771
772 $query = "SELECT ref_id,unread,marked FROM ttrss_user_entries
773 WHERE last_read >= '$last_online' AND
774 owner_uid = ".$_SESSION["uid"] . " LIMIT 1000";
775
776 $result = db_query($link, $query);
777
778 while ($line = db_fetch_assoc($result)) {
779 $unread = (int) sql_bool_to_bool($line["unread"]);
780 $marked = (int) sql_bool_to_bool($line["marked"]);
781
782 print "<sync-ok unread=\"$unread\" marked=\"$marked\"
783 id=\"".$line["ref_id"]."\"/>";
784 }
785
786 }
787 }
788
789 print "</sync>";
790
791 if ($stage == 0) {
792 print "<feeds>";
793
794 $result = db_query($link, "SELECT id, title, cat_id FROM
795 ttrss_feeds WHERE owner_uid = ".$_SESSION["uid"]);
796
797 while ($line = db_fetch_assoc($result)) {
798
799 $has_icon = (int) feed_has_icon($line["id"]);
800
801 print "<feed has_icon=\"$has_icon\"
802 cat_id=\"".(int)$line["cat_id"]."\" id=\"".$line["id"]."\"><![CDATA[";
803 print $line["title"];
804 print "]]></feed>";
805 }
806
807 print "</feeds>";
808
809 print "<feed-categories>";
810
811 $result = db_query($link, "SELECT id, title, collapsed FROM
812 ttrss_feed_categories WHERE owner_uid = ".$_SESSION["uid"]);
813
814 print "<category id=\"0\" collapsed=\"".
815 (int)get_pref($link, "_COLLAPSED_UNCAT")."\"><![CDATA[";
816 print __("Uncategorized");
817 print "]]></category>";
818
819 print "<category id=\"-1\" collapsed=\"".
820 (int)get_pref($link, "_COLLAPSED_SPECIAL")."\"><![CDATA[";
821 print __("Special");
822 print "]]></category>";
823
824 print "<category id=\"-2\" collapsed=\"".
825 (int)get_pref($link, "_COLLAPSED_LABELS")."\"><![CDATA[";
826 print __("Labels");
827 print "]]></category>";
828
829 while ($line = db_fetch_assoc($result)) {
830 print "<category
831 id=\"".$line["id"]."\"
832 collapsed=\"".(int)sql_bool_to_bool($line["collapsed"])."\"><![CDATA[";
833 print $line["title"];
834 print "]]></category>";
835 }
836
837 print "</feed-categories>";
838
839 print "<labels>";
840
841 $result = db_query($link, "SELECT * FROM
842 ttrss_labels2 WHERE owner_uid = ".$_SESSION["uid"]);
843
844 while ($line = db_fetch_assoc($result)) {
845 print "<label
846 id=\"".$line["id"]."\"
847 fg_color=\"".$line["fg_color"]."\"
848 bg_color=\"".$line["bg_color"]."\"
849 ><![CDATA[";
850 print $line["caption"];
851 print "]]></label>";
852 }
853
854
855 print "</labels>";
856
857 }
858
859 if ($stage > 0) {
860 print "<articles>";
861
862 $limit = 10;
863 $skip = $limit*($stage-1);
864
865 print "<limit value=\"$limit\"/>";
866
867 if ($amount > 0) $amount -= $skip;
868
869 if ($amount > 0) {
870
871 $limit = min($limit, $amount);
872
873 if ($unread_only) {
874 $unread_qpart = "(unread = true OR marked = true) AND ";
875 }
876
877 if ($cidt && $cidb) {
878 $cid_qpart = "(ttrss_entries.id > $cidt OR ttrss_entries.id < $cidb) AND ";
879 }
880
881 if (DB_TYPE == "pgsql") {
882 $date_qpart = "updated >= NOW() - INTERVAL '1 week' AND";
883 } else {
884 $date_qpart = "updated >= DATE_SUB(NOW(), INTERVAL 1 WEEK) AND";
885 }
886
887 $result = db_query($link,
888 "SELECT DISTINCT ttrss_entries.id,ttrss_entries.title,
889 guid,link,comments,
890 feed_id,content,updated,unread,marked FROM
891 ttrss_user_entries,ttrss_entries,ttrss_feeds
892 WHERE $unread_qpart $cid_qpart $date_qpart
893 ttrss_feeds.id = feed_id AND
894 ref_id = ttrss_entries.id AND
895 ttrss_user_entries.owner_uid = ".$_SESSION["uid"]."
896 ORDER BY updated DESC LIMIT $limit OFFSET $skip");
897
898 if (function_exists('json_encode')) {
899
900 while ($line = db_fetch_assoc($result)) {
901 print "<article><![CDATA[";
902
903 $line["marked"] = (int)sql_bool_to_bool($line["marked"]);
904 $line["unread"] = (int)sql_bool_to_bool($line["unread"]);
905
906 $line["labels"] = get_article_labels($link, $line["id"]);
907
908 // too slow :(
909 // $line["tags"] = format_tags_string(
910 // get_article_tags($link, $line["id"]), $line["id"]);
911
912 print json_encode($line);
913 print "]]></article>";
914 }
915 }
916
917 }
918
919 print "</articles>";
920
921 }
922
923 print "</rpc-reply>";
924
925 return;
926 }
927
928 if ($subop == "digest-get-contents") {
929 $article_id = db_escape_string($_REQUEST['article_id']);
930
931 $result = db_query($link, "SELECT content
932 FROM ttrss_entries, ttrss_user_entries
933 WHERE id = '$article_id' AND ref_id = id AND owner_uid = ".$_SESSION['uid']);
934
935 print "<rpc-reply>";
936
937 print "<article id=\"$article_id\"><![CDATA[";
938
939 $content = sanitize_rss($link, db_fetch_result($result, 0, "content"));
940
941 print $content;
942
943 print "]]></article>";
944
945 print "</rpc-reply>";
946
947 return;
948 }
949
950 if ($subop == "digest-update") {
951 $feed_id = db_escape_string($_REQUEST['feed_id']);
952 $offset = db_escape_string($_REQUEST['offset']);
953 $seq = db_escape_string($_REQUEST['seq']);
954
955 if (!$feed_id) $feed_id = -4;
956 if (!$offset) $offset = 0;
957 print "<rpc-reply>";
958
959 print "<seq>$seq</seq>";
960
961 $headlines = api_get_headlines($link, $feed_id, 10, $offset,
962 '', ($feed_id == -4), true, false, "unread", "updated DESC");
963
964 //function api_get_headlines($link, $feed_id, $limit, $offset,
965 // $filter, $is_cat, $show_excerpt, $show_content, $view_mode) {
966
967 print "<headlines-title><![CDATA[" . getFeedTitle($link, $feed_id) .
968 "]]></headlines-title>";
969
970 print "<headlines><![CDATA[" . json_encode($headlines) . "]]></headlines>";
971
972 print "</rpc-reply>";
973 return;
974 }
975
976 if ($subop == "digest-init") {
977 print "<rpc-reply>";
978
979 $tmp_feeds = api_get_feeds($link, false, true, false, 0);
980 $feeds = array();
981
982 foreach ($tmp_feeds as $f) {
983 if ($f['id'] > 0 || $f['id'] == -4) array_push($feeds, $f);
984 }
985
986 print "<feeds><![CDATA[" . json_encode($feeds) . "]]></feeds>";
987
988 print "</rpc-reply>";
989 return;
990 }
991
992 if ($subop == "catchupFeed") {
993
994 $feed_id = db_escape_string($_REQUEST['feed_id']);
995 $is_cat = db_escape_string($_REQUEST['is_cat']);
996
997 print "<rpc-reply>";
998
999 catchup_feed($link, $feed_id, $is_cat);
1000
1001 print "</rpc-reply>";
1002
1003 return;
1004 }
1005
1006 if ($subop == "sendEmail") {
1007 $secretkey = $_REQUEST['secretkey'];
1008
1009 print "<rpc-reply>";
1010
1011 if (DIGEST_ENABLE && $_SESSION['email_secretkey'] &&
1012 $secretkey == $_SESSION['email_secretkey']) {
1013
1014 $_SESSION['email_secretkey'] = '';
1015
1016 $destination = $_REQUEST['destination'];
1017 $subject = $_REQUEST['subject'];
1018 $content = $_REQUEST['content'];
1019
1020 $replyto = strip_tags($_SESSION['email_replyto']);
1021 $fromname = strip_tags($_SESSION['email_fromname']);
1022
1023 $mail = new PHPMailer();
1024
1025 $mail->PluginDir = "lib/phpmailer/";
1026 $mail->SetLanguage("en", "lib/phpmailer/language/");
1027
1028 $mail->CharSet = "UTF-8";
1029
1030 $mail->From = $replyto;
1031 $mail->FromName = $fromname;
1032 $mail->AddAddress($destination);
1033
1034 if (DIGEST_SMTP_HOST) {
1035 $mail->Host = DIGEST_SMTP_HOST;
1036 $mail->Mailer = "smtp";
1037 $mail->SMTPAuth = DIGEST_SMTP_LOGIN != '';
1038 $mail->Username = DIGEST_SMTP_LOGIN;
1039 $mail->Password = DIGEST_SMTP_PASSWORD;
1040 }
1041
1042 $mail->IsHTML(false);
1043 $mail->Subject = $subject;
1044 $mail->Body = $content;
1045
1046 $rc = $mail->Send();
1047
1048 if (!$rc) {
1049 print "<error><![CDATA[" . $mail->ErrorInfo . "]]></error>";
1050 } else {
1051 save_email_address($link, db_escape_string($destination));
1052 print "<message>UPDATE_COUNTERS</message>";
1053 }
1054
1055 } else {
1056 print "<error>Not authorized.</error>";
1057 }
1058
1059 print "</rpc-reply>";
1060
1061 return;
1062 }
1063
1064 if ($subop == "completeEmails") {
1065
1066 $search = db_escape_string($_REQUEST["search"]);
1067
1068 print "<ul>";
1069
1070 foreach ($_SESSION['stored_emails'] as $email) {
1071 if (strpos($email, $search) !== false) {
1072 print "<li>$email</li>";
1073 }
1074 }
1075
1076 print "</ul>";
1077
1078 return;
1079 }
1080
1081 if ($subop == "quickAddCat") {
1082 print "<rpc-reply>";
1083
1084 $cat = db_escape_string($_REQUEST["cat"]);
1085
1086 add_feed_category($link, $cat);
1087
1088 $result = db_query($link, "SELECT id FROM ttrss_feed_categories WHERE
1089 title = '$cat' AND owner_uid = " . $_SESSION["uid"]);
1090
1091 if (db_num_rows($result) == 1) {
1092 $id = db_fetch_result($result, 0, "id");
1093 } else {
1094 $id = 0;
1095 }
1096
1097 print_feed_cat_select($link, "cat_id", $id);
1098
1099 print "</rpc-reply>";
1100
1101 return;
1102 }
1103
1104 if ($subop == "regenFeedKey") {
1105 $feed_id = db_escape_string($_REQUEST['id']);
1106 $is_cat = (bool) db_escape_string($_REQUEST['is_cat']);
1107
1108 print "<rpc-reply>";
1109
1110 $new_key = update_feed_access_key($link, $feed_id, $is_cat);
1111
1112 print "<link><![CDATA[$new_key]]></link>";
1113
1114 print "</rpc-reply>";
1115
1116 return;
1117 }
1118
1119 if ($subop == "clearKeys") {
1120
1121 db_query($link, "DELETE FROM ttrss_access_keys WHERE
1122 owner_uid = " . $_SESSION["uid"]);
1123
1124 print "<rpc-reply>";
1125 print "<message>UPDATE_COUNTERS</message>";
1126 print "</rpc-reply>";
1127
1128 return;
1129 }
1130
1131 if ($subop == "verifyRegexp") {
1132 $reg_exp = $_REQUEST["reg_exp"];
1133
1134 print "<rpc-reply><status>";
1135
1136 if (@preg_match("/$reg_exp/i", "TEST") === false) {
1137 print "INVALID";
1138 } else {
1139 print "OK";
1140 }
1141
1142 print "</status></rpc-reply>";
1143
1144 return;
1145 }
1146
1147 print "<rpc-reply><error>Unknown method: $subop</error></rpc-reply>";
1148 }
1149 ?>
web-based news feed (RSS/Atom) reader and aggregator; see https://tt-rss.org/