]> git.wh0rd.org - tt-rss.git/blob - modules/pref-feed-browser.php
git.wh0rd.org / tt-rss.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
feed browser: try to filter out feeds with login/pass in the URI (2)
[tt-rss.git] / modules / pref-feed-browser.php
1 <?php
2 function module_pref_feed_browser($link) {
3
4 if (!ENABLE_FEED_BROWSER) {
5 print __("Feed browser is administratively disabled.");
6 return;
7 }
8
9 $subop = $_REQUEST["subop"];
10
11 if ($subop == "details") {
12 $id = db_escape_string($_GET["id"]);
13
14 print "<div class=\"browserFeedInfo\">";
15 print "<b>".__('Feed information:')."</b>";
16
17 $result = db_query($link, "SELECT
18 feed_url,site_url,
19 ".SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated
20 FROM ttrss_feeds WHERE id = '$id' AND
21 auth_login = '' AND auth_pass = '' AND private IS NOT true
22 AND feed_url NOT LIKE '%:%@%/%'");
23
24 if (db_num_rows($result) == 1) {
25
26 print "<div class=\"detailsPart\">";
27
28 $feed_url = db_fetch_result($result, 0, "feed_url");
29 $site_url = db_fetch_result($result, 0, "site_url");
30 $last_updated = db_fetch_result($result, 0, "last_updated");
31
32 if (get_pref($link, 'HEADLINES_SMART_DATE')) {
33 $last_updated = smart_date_time(strtotime($last_updated));
34 } else {
35 $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
36 $last_updated = date($short_date, strtotime($last_updated));
37 }
38
39 print __("Site:")." <a target=\"_new\" href='$site_url'>$site_url</a> ".
40 "(<a target=\"_new\" href='$feed_url'>feed</a>), ".
41 __("Last updated:")." $last_updated";
42
43 print "</div>";
44
45 $result = db_query($link, "SELECT
46 ttrss_entries.title,
47 content,link,
48 ".SUBSTRING_FOR_DATE."(date_entered,1,19) as date_entered,
49 ".SUBSTRING_FOR_DATE."(updated,1,19) as updated
50 FROM ttrss_entries,ttrss_user_entries
51 WHERE ttrss_entries.id = ref_id AND feed_id = '$id'
52 ORDER BY updated DESC LIMIT 5");
53
54 if (db_num_rows($result) > 0) {
55
56 print "<b>".__('Last headlines:')."</b><br>";
57
58 print "<div class=\"detailsPart\">";
59 print "<ul class=\"compact\">";
60 while ($line = db_fetch_assoc($result)) {
61
62 if (get_pref($link, 'HEADLINES_SMART_DATE')) {
63 $entry_dt = smart_date_time(strtotime($line["updated"]));
64 } else {
65 $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
66 $entry_dt = date($short_date, strtotime($line["updated"]));
67 }
68
69 print "<li><a target=\"_new\" href=\"" . $line["link"] . "\">" . $line["title"] . "</a>" .
70 "&nbsp;<span class=\"insensitive\">($entry_dt)</span></li>";
71 }
72 print "</ul></div>";
73 }
74 } else {
75 print "<p>".__("Feed not found.")."</p>";
76 }
77
78 print "</div>";
79
80 return;
81 }
82
83 set_pref($link, "_PREFS_ACTIVE_TAB", "feedBrowser");
84
85 print "<div>".__('This panel shows feeds subscribed by other users of this system, just in case you are interested in them too.')."</div>";
86
87 $limit = db_escape_string($_GET["limit"]);
88
89 if (!$limit) $limit = 25;
90
91 $owner_uid = $_SESSION["uid"];
92
93 $result = db_query($link, "SELECT feed_url,COUNT(id) AS subscribers
94 FROM ttrss_feeds WHERE (SELECT COUNT(id) = 0 FROM ttrss_feeds AS tf
95 WHERE tf.feed_url = ttrss_feeds.feed_url
96 AND (private IS true OR feed_url LIKE '%:%@%/%' OR
97 owner_uid = '$owner_uid')) GROUP BY feed_url
98 ORDER BY subscribers DESC LIMIT $limit");
99
100 print "<br/>";
101
102 print "<div style=\"float : right\">
103 ".__('Top')." <select id=\"feedBrowserLimit\">";
104
105 foreach (array(25, 50, 100) as $l) {
106 $issel = ($l == $limit) ? "selected" : "";
107 print "<option $issel>$l</option>";
108 }
109
110 print "</select>
111 <input type=\"submit\" class=\"button\"
112 onclick=\"updateBigFeedBrowser()\" value=\"".__('Show')."\">
113 </div>";
114
115 print "<div id=\"fbrOpToolbar\">
116 <input type='submit' class='button' onclick=\"feedBrowserSubscribe()\"
117 disabled=\"true\" value=\"".__('Subscribe')."\"></div>";
118
119 print "<ul class='nomarks' id='browseBigFeedList'>";
120
121 $feedctr = 0;
122
123 while ($line = db_fetch_assoc($result)) {
124 $feed_url = $line["feed_url"];
125 $subscribers = $line["subscribers"];
126
127 // mysql returns NULL records first by default
128 if (DB_TYPE == "mysql") $order_fix = "DESC";
129
130 $det_result = db_query($link, "SELECT site_url,title,id
131 FROM ttrss_feeds WHERE feed_url = '$feed_url'
132 ORDER BY last_updated $order_fix LIMIT 1");
133
134 $details = db_fetch_assoc($det_result);
135
136 $icon_file = ICONS_DIR . "/" . $details["id"] . ".ico";
137
138 if (file_exists($icon_file) && filesize($icon_file) > 0) {
139 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"" . ICONS_URL .
140 "/".$details["id"].".ico\">";
141 } else {
142 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
143 }
144
145 $check_box = "<input onclick='toggleSelectFBListRow(this)' class='feedBrowseCB'
146 type=\"checkbox\" id=\"FBCHK-" . $details["id"] . "\">";
147
148 $class = ($feedctr % 2) ? "even" : "odd";
149
150 print "<li class='$class' id=\"FBROW-".$details["id"]."\">$check_box".
151 "$feed_icon ";
152
153 print "<a href=\"javascript:browserToggleExpand('".$details["id"]."')\">" .
154 $details["title"] ."</a>&nbsp;" .
155 "<span class='subscribers'>($subscribers)</span>";
156
157 print "<div class=\"browserDetails\" style=\"display : none\" id=\"BRDET-" . $details["id"] . "\">";
158 print "</div>";
159
160 print "</li>";
161
162 ++$feedctr;
163 }
164
165 if ($feedctr == 0) {
166 print "<li>".__('No feeds found to subscribe.')."</li>";
167 }
168
169 print "</ul>";
170
171 print "</div>";
172 }
173 ?>
web-based news feed (RSS/Atom) reader and aggregator; see https://tt-rss.org/