Error: Not logged in.

"; } exit; } $purge_intervals = array( 0 => "Use default", -1 => "Never purge", 5 => "1 week old", 14 => "2 weeks old", 31 => "1 month old", 60 => "2 months old", 90 => "3 months old"); $update_intervals = array( 0 => "Use default", -1 => "Disable updates", 30 => "Each 30 minutes", 60 => "Hourly", 240 => "Each 4 hours", 720 => "Each 12 hours", 1440 => "Daily", 10080 => "Weekly"); $access_level_names = array( 0 => "User", 10 => "Administrator"); $script_started = getmicrotime(); $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME); if (!$link) { if (DB_TYPE == "mysql") { print mysql_error(); } // PG seems to display its own errors just fine by default. return; } if (DB_TYPE == "pgsql") { pg_query("set client_encoding = 'utf-8'"); } if ($_SESSION["uid"]) { // setcookie('ttrss_vf_refresh', FEEDS_FRAME_REFRESH); // setcookie('ttrss_vf_daemon', ENABLE_UPDATE_DAEMON); /* if (get_pref($link, "ON_CATCHUP_SHOW_NEXT_FEED")) { setcookie('ttrss_vf_catchupnext', 1); } else { setcookie('ttrss_vf_catchupnext', 0); } */ } $fetch = $_GET["fetch"]; // setcookie("ttrss_icons_url", ICONS_URL); if (!sanity_check($link)) { return; } function outputFeedList($link, $tags = false) { /* print " Tiny Tiny RSS : Feedlist "; $user_theme = $_SESSION["theme"]; if ($user_theme) { print ""; } if (get_pref($link, 'USE_COMPACT_STYLESHEET')) { print ""; } else { print ""; } $script_dt_add = get_script_dt_add(); print " "; */ print ""; } $category = $tmp_category; $collapsed = $line["collapsed"]; // workaround for NULL category if ($category == "Uncategorized") { if ($_COOKIE["ttrss_vf_uclps"] == 1) { $collapsed = "t"; } } if ($collapsed == "t" || $collapsed == "1") { $holder_class = "invisible"; $ellipsis = "..."; } else { $holder_class = ""; $ellipsis = ""; } $cat_id = sprintf("%d", $cat_id); $cat_unread = getCategoryUnread($link, $cat_id); print "
  • $tmp_category ($cat_unread unread)$ellipsis
  • "; // !!! NO SPACE before keyboard navigation, etc. print "
  • "; # print ' # '; } if ($op == "rpc") { handle_rpc_request($link); } if ($op == "feeds") { $tags = $_GET["tags"]; $subop = $_GET["subop"]; if ($subop == "catchupAll") { db_query($link, "UPDATE ttrss_user_entries SET last_read = NOW(),unread = false WHERE owner_uid = " . $_SESSION["uid"]); } if ($subop == "collapse") { $cat_id = db_escape_string($_GET["cid"]); db_query($link, "UPDATE ttrss_feed_categories SET collapsed = NOT collapsed WHERE id = '$cat_id' AND owner_uid = " . $_SESSION["uid"]); return; } outputFeedList($link, $tags); } if ($op == "view") { $id = db_escape_string($_GET["id"]); $feed_id = db_escape_string($_GET["feed"]); $result = db_query($link, "SELECT rtl_content FROM ttrss_feeds WHERE id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]); if (db_num_rows($result) == 1) { $rtl_content = sql_bool_to_bool(db_fetch_result($result, 0, "rtl_content")); } else { $rtl_content = false; } if ($rtl_content) { $rtl_tag = "dir=\"RTL\""; $rtl_class = "RTL"; } else { $rtl_tag = ""; $rtl_class = ""; } $result = db_query($link, "UPDATE ttrss_user_entries SET unread = false,last_read = NOW() WHERE ref_id = '$id' AND feed_id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]); $result = db_query($link, "SELECT title,link,content,feed_id,comments,int_id, SUBSTRING(updated,1,16) as updated, (SELECT icon_url FROM ttrss_feeds WHERE id = feed_id) as icon_url, num_comments, author FROM ttrss_entries,ttrss_user_entries WHERE id = '$id' AND ref_id = id AND owner_uid = " . $_SESSION["uid"]); /* print " Tiny Tiny RSS : Article $id "; $user_theme = $_SESSION["theme"]; if ($user_theme) { print ""; } if (get_pref($link, 'USE_COMPACT_STYLESHEET')) { print ""; } else { print ""; } $script_dt_add = get_script_dt_add(); print " "; */ if ($result) { $link_target = ""; if (get_pref($link, 'OPEN_LINKS_IN_NEW_WINDOW')) { $link_target = "target=\"_new\""; } $line = db_fetch_assoc($result); if ($line["icon_url"]) { $feed_icon = ""; } else { $feed_icon = " "; } /* if ($line["comments"] && $line["link"] != $line["comments"]) { $entry_comments = "(Comments)"; } else { $entry_comments = ""; } */ $num_comments = $line["num_comments"]; $entry_comments = ""; if ($num_comments > 0) { if ($line["comments"]) { $comments_url = $line["comments"]; } else { $comments_url = $line["link"]; } $entry_comments = "$num_comments comments"; } else { if ($line["comments"] && $line["link"] != $line["comments"]) { $entry_comments = "comments"; } } print "
    "; print "
    "; $entry_author = $line["author"]; if ($entry_author) { $entry_author = " - by $entry_author"; } if ($line["link"]) { print ""; } else { print ""; } $parsed_updated = date(get_pref($link, 'LONG_DATE_FORMAT'), strtotime($line["updated"])); print ""; print ""; $tmp_result = db_query($link, "SELECT DISTINCT tag_name FROM ttrss_tags WHERE post_int_id = " . $line["int_id"] . " ORDER BY tag_name"); $tags_str = ""; $f_tags_str = ""; $num_tags = 0; while ($tmp_line = db_fetch_assoc($tmp_result)) { $num_tags++; $tag = $tmp_line["tag_name"]; $tag_str = "$tag, "; if ($num_tags == 5) { $tags_str .= "..."; } else if ($num_tags < 5) { $tags_str .= $tag_str; } $f_tags_str .= $tag_str; } $tags_str = preg_replace("/, $/", "", $tags_str); $f_tags_str = preg_replace("/, $/", "", $f_tags_str); // $truncated_link = truncate_string($line["link"], 60); if ($tags_str || $entry_comments) { print ""; } print "
    " . $line["title"] . "$entry_author
    " . $line["title"] . "$entry_author$parsed_updated
    $entry_comments $tags_str
    "; print "
    " . $feed_icon . "
    "; print "
    "; if (db_num_rows($tmp_result) > 5) { print "
    Tags: $f_tags_str
    "; } if (get_pref($link, 'OPEN_LINKS_IN_NEW_WINDOW')) { $line["content"] = preg_replace("/href=/i", "target=\"_new\" href=", $line["content"]); } $line["content"] = sanitize_rss($line["content"]); print $line["content"] . "
    "; print "
    "; print ""; } // print ""; } if ($op == "viewfeed") { $feed = db_escape_string($_GET["feed"]); $subop = db_escape_string($_GET["subop"]); $view_mode = db_escape_string($_GET["view_mode"]); $limit = db_escape_string($_GET["limit"]); $cat_view = db_escape_string($_GET["cat"]); $next_unread_feed = db_escape_string($_GET["nuf"]); if ($subop == "undefined") $subop = ""; /* print " Tiny Tiny RSS : Feed $feed "; $user_theme = $_SESSION["theme"]; if ($user_theme) { print ""; } if (get_pref($link, 'USE_COMPACT_STYLESHEET')) { print ""; } else { print ""; } */ if ($subop == "CatchupSelected") { $ids = split(",", db_escape_string($_GET["ids"])); $cmode = sprintf("%d", $_GET["cmode"]); catchupArticlesById($link, $ids, $cmode); } if ($subop == "ForceUpdate" && sprintf("%d", $feed) > 0) { update_generic_feed($link, $feed, $cat_view); } if ($subop == "MarkAllRead") { catchup_feed($link, $feed, $cat_view); if (get_pref($link, 'ON_CATCHUP_SHOW_NEXT_FEED')) { if ($next_unread_feed) { $feed = $next_unread_feed; } } } if ($feed_id > 0) { $result = db_query($link, "SELECT id FROM ttrss_feeds WHERE id = '$feed' LIMIT 1"); if (db_num_rows($result) == 0) { print "
    Feed not found.
    "; return; } } if (preg_match("/^-?[0-9][0-9]*$/", $feed) != false) { $result = db_query($link, "SELECT rtl_content FROM ttrss_feeds WHERE id = '$feed' AND owner_uid = " . $_SESSION["uid"]); if (db_num_rows($result) == 1) { $rtl_content = sql_bool_to_bool(db_fetch_result($result, 0, "rtl_content")); } else { $rtl_content = false; } if ($rtl_content) { $rtl_tag = "dir=\"RTL\""; } else { $rtl_tag = ""; } } else { $rtl_tag = ""; $rtl_content = false; } $script_dt_add = get_script_dt_add(); /* print " "; */ /// START ///////////////////////////////////////////////////////////////////////////////// $search = db_escape_string($_GET["query"]); $search_mode = db_escape_string($_GET["search_mode"]); $match_on = db_escape_string($_GET["match_on"]); if (!$match_on) { $match_on = "both"; } $qfh_ret = queryFeedHeadlines($link, $feed, $limit, $view_mode, $cat_view, $search, $search_mode, $match_on); $result = $qfh_ret[0]; $feed_title = $qfh_ret[1]; $feed_site_url = $qfh_ret[2]; $last_error = $qfh_ret[3]; /// STOP ////////////////////////////////////////////////////////////////////////////////// print "
    "; if (!$result) { print "
    Could not display feed (query failed). Please check label match syntax or local configuration.
    "; return; } function print_headline_subtoolbar($link, $feed_site_url, $feed_title, $bottom = false, $rtl_content = false, $feed_id = 0, $is_cat = false, $search = false, $match_on = false, $search_mode = false) { if (!$bottom) { $class = "headlinesSubToolbar"; $tid = "headlineActionsTop"; } else { $class = "headlinesSubToolbar"; $tid = "headlineActionsBottom"; } print ""; if ($rtl_content) { $rtl_cpart = "RTL"; } else { $rtl_cpart = ""; } if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) { print ""; if ($search && $feed_id > 0 && get_pref($link, 'ENABLE_LABELS') && GLOBAL_ENABLE_LABELS) { print ""; } } else { print ""; } print ""; print "
    Select: All, Unread, None    Toggle: Unread, Starred"; print " Convert this search to label Select: All, Unread, None    Toggle: Unread, Starred"; print ""; if ($feed_site_url) { if (!$bottom) { $target = "target=\"_blank\""; } print "$feed_title"; } else { print $feed_title; } if ($search) { $search_q = "&q=$search&m=$match_on&smode=$search_mode"; } if (!$bottom) { print "  \"Generated "; } print "
    "; } if (db_num_rows($result) > 0) { print_headline_subtoolbar($link, $feed_site_url, $feed_title, false, $rtl_content, $feed, $cat_view, $search, $match_on, $search_mode); if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) { print ""; } $lnum = 0; error_reporting (DEFAULT_ERROR_LEVEL); $num_unread = 0; while ($line = db_fetch_assoc($result)) { $class = ($lnum % 2) ? "even" : "odd"; $id = $line["id"]; $feed_id = $line["feed_id"]; if ($line["last_read"] == "" && ($line["unread"] != "t" && $line["unread"] != "1")) { $update_pic = "\"Updated\""; } else { $update_pic = "\"Updated\""; } if ($line["unread"] == "t" || $line["unread"] == "1") { $class .= "Unread"; ++$num_unread; $is_unread = true; } else { $is_unread = false; } if ($line["marked"] == "t" || $line["marked"] == "1") { $marked_pic = "\"Reset"; } else { $marked_pic = "\"Set"; } # $content_link = "" . # $line["title"] . ""; $content_link = "" . $line["title"] . ""; # $content_link = "" . # $line["title"] . ""; if (get_pref($link, 'HEADLINES_SMART_DATE')) { $updated_fmt = smart_date_time(strtotime($line["updated"])); } else { $short_date = get_pref($link, 'SHORT_DATE_FORMAT'); $updated_fmt = date($short_date, strtotime($line["updated"])); } if (get_pref($link, 'SHOW_CONTENT_PREVIEW')) { $content_preview = truncate_string(strip_tags($line["content_preview"]), 100); } if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) { print ""; print ""; print ""; print ""; if ($line["feed_title"]) { print ""; print ""; } else { print ""; } print ""; print ""; } else { if ($is_unread) { $add_class = "Unread"; } else { $add_class = ""; } print "
    "; print "
    "; print "
    $updated_fmt, Toggle unread
    "; print "".$line["title"].""; if ($line["feed_title"]) { print " (".$line["feed_title"].")"; } print "
    "; print "
    " . $line["content_preview"] . "

    "; print "
    $marked_pic
    "; # print "
    # Toggle unread
    "; print "
    "; } ++$lnum; } if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) { print "
    $update_pic $marked_pic$content_link ". $line["feed_title"]." "; print "" . $line["title"]; if (get_pref($link, 'SHOW_CONTENT_PREVIEW') && !$rtl_tag) { if ($content_preview) { print " - $content_preview"; } } print ""; print "$updated_fmt 
    "; } print_headline_subtoolbar($link, "javascript:catchupPage()", "Mark page as read", true, $rtl_content); } else { print "
    No articles found.
    "; } print "
    "; # print " # "; # # print ""; } if ($op == "pref-feeds") { $subop = $_REQUEST["subop"]; $quiet = $_REQUEST["quiet"]; if ($subop == "massSubscribe") { $ids = split(",", db_escape_string($_GET["ids"])); $subscribed = array(); foreach ($ids as $id) { $result = db_query($link, "SELECT feed_url,title FROM ttrss_feeds WHERE id = '$id'"); $feed_url = db_escape_string(db_fetch_result($result, 0, "feed_url")); $title = db_escape_string(db_fetch_result($result, 0, "title")); $title_orig = db_fetch_result($result, 0, "title"); $result = db_query($link, "SELECT id FROM ttrss_feeds WHERE feed_url = '$feed_url' AND owner_uid = " . $_SESSION["uid"]); if (db_num_rows($result) == 0) { $result = db_query($link, "INSERT INTO ttrss_feeds (owner_uid,feed_url,title,cat_id) VALUES ('".$_SESSION["uid"]."', '$feed_url', '$title', NULL)"); array_push($subscribed, $title_orig); } } if (count($subscribed) > 0) { print "
    "; print "Subscribed to feeds:"; print "
      "; foreach ($subscribed as $title) { print "
    • $title
    • "; } print "
    "; print "
    "; } } if ($subop == "browse") { if (!ENABLE_FEED_BROWSER) { print "Feed browser is administratively disabled."; return; } print "
    Other feeds: Top 25
    "; print "
    "; print "

    Showing top 25 registered feeds, sorted by popularity:

    "; # $result = db_query($link, "SELECT feed_url,count(id) AS subscribers # FROM ttrss_feeds # WHERE auth_login = '' AND auth_pass = '' AND private = false # GROUP BY feed_url ORDER BY subscribers DESC LIMIT 25"); $owner_uid = $_SESSION["uid"]; $result = db_query($link, "SELECT feed_url,COUNT(id) AS subscribers FROM ttrss_feeds WHERE (SELECT COUNT(id) = 0 FROM ttrss_feeds AS tf WHERE tf.feed_url = ttrss_feeds.feed_url AND owner_uid = '$owner_uid') GROUP BY feed_url ORDER BY subscribers DESC LIMIT 25"); print "
      "; $feedctr = 0; while ($line = db_fetch_assoc($result)) { $feed_url = $line["feed_url"]; $subscribers = $line["subscribers"]; $det_result = db_query($link, "SELECT site_url,title,id FROM ttrss_feeds WHERE feed_url = '$feed_url' LIMIT 1"); $details = db_fetch_assoc($det_result); $icon_file = ICONS_DIR . "/" . $details["id"] . ".ico"; if (file_exists($icon_file) && filesize($icon_file) > 0) { $feed_icon = ""; } else { $feed_icon = ""; } $check_box = ""; $class = ($feedctr % 2) ? "even" : "odd"; print "
    • $check_box". "$feed_icon " . db_unescape_string($details["title"]) . " ($subscribers)
    • "; ++$feedctr; } if ($feedctr == 0) { print "
    • No feeds found to subscribe.
    • "; } print "
    "; print "
    "; print "
    "; return; } if ($subop == "editfeed") { $feed_id = db_escape_string($_REQUEST["id"]); $result = db_query($link, "SELECT * FROM ttrss_feeds WHERE id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]); $title = htmlspecialchars(db_unescape_string(db_fetch_result($result, 0, "title"))); $icon_file = ICONS_DIR . "/$feed_id.ico"; if (file_exists($icon_file) && filesize($icon_file) > 0) { $feed_icon = ""; } else { $feed_icon = ""; } print "
    Feed editor
    "; print "
    "; print "
    "; print ""; print ""; print ""; print ""; print ""; print ""; $feed_url = db_fetch_result($result, 0, "feed_url"); $feed_url = htmlspecialchars(db_unescape_string(db_fetch_result($result, 0, "feed_url"))); print ""; print ""; if (get_pref($link, 'ENABLE_FEED_CATS')) { $cat_id = db_fetch_result($result, 0, "cat_id"); print ""; print ""; print ""; } $update_interval = db_fetch_result($result, 0, "update_interval"); print ""; print ""; print ""; $purge_interval = db_fetch_result($result, 0, "purge_interval"); print ""; print ""; $auth_login = escape_for_form(db_fetch_result($result, 0, "auth_login")); print ""; print ""; $auth_pass = escape_for_form(db_fetch_result($result, 0, "auth_pass")); print ""; print ""; $private = sql_bool_to_bool(db_fetch_result($result, 0, "private")); if ($private) { $checked = "checked"; } else { $checked = ""; } print ""; print ""; print "
    Title:
    Feed URL:
    Category:"; $parent_feed = db_fetch_result($result, 0, "parent_feed"); if (sprintf("%d", $parent_feed) > 0) { $disabled = "disabled"; } else { $disabled = ""; } print_feed_cat_select($link, "cat_id", $cat_id, "class=\"iedit\" $disabled"); print "
    Update Interval:"; print_select_hash("update_interval", $update_interval, $update_intervals, "class=\"iedit\""); print "
    Link to:"; $tmp_result = db_query($link, "SELECT COUNT(id) AS count FROM ttrss_feeds WHERE parent_feed = '$feed_id'"); $linked_count = db_fetch_result($tmp_result, 0, "count"); $parent_feed = db_fetch_result($result, 0, "parent_feed"); if ($linked_count > 0) { $disabled = "disabled"; } else { $disabled = ""; } print ""; print "
    Article purging:"; print_select_hash("purge_interval", $purge_interval, $purge_intervals, "class=\"iedit\""); print "
    Login:
    Password:
    Options:"; $rtl_content = sql_bool_to_bool(db_fetch_result($result, 0, "rtl_content")); if ($rtl_content) { $checked = "checked"; } else { $checked = ""; } print "
    "; $hidden = sql_bool_to_bool(db_fetch_result($result, 0, "hidden")); if ($hidden) { $checked = "checked"; } else { $checked = ""; } print "
    "; $include_in_digest = sql_bool_to_bool(db_fetch_result($result, 0, "include_in_digest")); if ($include_in_digest) { $checked = "checked"; } else { $checked = ""; } print "
    "; print "
    "; print "
    "; print "
    "; print "
    "; return; } if ($subop == "editSave") { $feed_title = db_escape_string(trim($_POST["title"])); $feed_link = db_escape_string(trim($_POST["feed_url"])); $upd_intl = db_escape_string($_POST["update_interval"]); $purge_intl = db_escape_string($_POST["purge_interval"]); $feed_id = db_escape_string($_POST["id"]); $cat_id = db_escape_string($_POST["cat_id"]); $auth_login = db_escape_string(trim($_POST["auth_login"])); $auth_pass = db_escape_string(trim($_POST["auth_pass"])); $parent_feed = db_escape_string($_POST["parent_feed"]); $private = checkbox_to_sql_bool(db_escape_string($_POST["private"])); $rtl_content = checkbox_to_sql_bool(db_escape_string($_POST["rtl_content"])); $hidden = checkbox_to_sql_bool(db_escape_string($_POST["hidden"])); $include_in_digest = checkbox_to_sql_bool( db_escape_string($_POST["include_in_digest"])); if (get_pref($link, 'ENABLE_FEED_CATS')) { if ($cat_id && $cat_id != 0) { $category_qpart = "cat_id = '$cat_id',"; $category_qpart_nocomma = "cat_id = '$cat_id'"; } else { $category_qpart = 'cat_id = NULL,'; $category_qpart_nocomma = 'cat_id = NULL'; } } else { $category_qpart = ""; $category_qpart_nocomma = ""; } if ($parent_feed && $parent_feed != 0) { $parent_qpart = "parent_feed = '$parent_feed'"; } else { $parent_qpart = 'parent_feed = NULL'; } $result = db_query($link, "UPDATE ttrss_feeds SET $category_qpart $parent_qpart, title = '$feed_title', feed_url = '$feed_link', update_interval = '$upd_intl', purge_interval = '$purge_intl', auth_login = '$auth_login', auth_pass = '$auth_pass', private = $private, rtl_content = $rtl_content, hidden = $hidden, include_in_digest = $include_in_digest WHERE id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]); if (get_pref($link, 'ENABLE_FEED_CATS')) { # update linked feed categories $result = db_query($link, "UPDATE ttrss_feeds SET $category_qpart_nocomma WHERE parent_feed = '$feed_id' AND owner_uid = " . $_SESSION["uid"]); } } if ($subop == "saveCat") { $cat_title = db_escape_string(trim($_GET["title"])); $cat_id = db_escape_string($_GET["id"]); $result = db_query($link, "UPDATE ttrss_feed_categories SET title = '$cat_title' WHERE id = '$cat_id' AND owner_uid = ".$_SESSION["uid"]); } if ($subop == "remove") { if (!WEB_DEMO_MODE) { $ids = split(",", db_escape_string($_GET["ids"])); foreach ($ids as $id) { if ($id > 0) { db_query($link, "DELETE FROM ttrss_feeds WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]); $icons_dir = ICONS_DIR; if (file_exists($icons_dir . "/$id.ico")) { unlink($icons_dir . "/$id.ico"); } } else if ($id < -10) { $label_id = -$id - 11; db_query($link, "DELETE FROM ttrss_labels WHERE id = '$label_id' AND owner_uid = " . $_SESSION["uid"]); } } } } if ($subop == "add") { if (!WEB_DEMO_MODE) { $feed_url = db_escape_string(trim($_GET["feed_url"])); $cat_id = db_escape_string($_GET["cat_id"]); if (subscribe_to_feed($link, $feed_url, $cat_id)) { print "Added feed."; } else { print "
    Feed $feed_url already exists in the database.
    "; } } } if ($subop == "addCat") { if (!WEB_DEMO_MODE) { $feed_cat = db_escape_string(trim($_GET["cat"])); $result = db_query($link, "SELECT id FROM ttrss_feed_categories WHERE title = '$feed_cat' AND owner_uid = ".$_SESSION["uid"]); if (db_num_rows($result) == 0) { $result = db_query($link, "INSERT INTO ttrss_feed_categories (owner_uid,title) VALUES ('".$_SESSION["uid"]."', '$feed_cat')"); } else { print "
    Category $feed_cat already exists in the database.
    "; } } } if ($subop == "removeCats") { if (!WEB_DEMO_MODE) { $ids = split(",", db_escape_string($_GET["ids"])); foreach ($ids as $id) { db_query($link, "BEGIN"); $result = db_query($link, "SELECT count(id) as num_feeds FROM ttrss_feeds WHERE cat_id = '$id'"); $num_feeds = db_fetch_result($result, 0, "num_feeds"); if ($num_feeds == 0) { db_query($link, "DELETE FROM ttrss_feed_categories WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]); } else { print "
    Unable to delete non empty feed categories.
    "; } db_query($link, "COMMIT"); } } } if ($subop == "categorize") { if (!WEB_DEMO_MODE) { $ids = split(",", db_escape_string($_GET["ids"])); $cat_id = db_escape_string($_GET["cat_id"]); if ($cat_id == 0) { $cat_id_qpart = 'NULL'; } else { $cat_id_qpart = "'$cat_id'"; } db_query($link, "BEGIN"); foreach ($ids as $id) { db_query($link, "UPDATE ttrss_feeds SET cat_id = $cat_id_qpart WHERE id = '$id' AND parent_feed IS NULL AND owner_uid = " . $_SESSION["uid"]); # update linked feed categories db_query($link, "UPDATE ttrss_feeds SET cat_id = $cat_id_qpart WHERE parent_feed = '$id' AND owner_uid = " . $_SESSION["uid"]); } db_query($link, "COMMIT"); } } if ($quiet) return; // print "

    Edit Feeds

    "; $result = db_query($link, "SELECT id,title,feed_url,last_error FROM ttrss_feeds WHERE last_error != '' AND owner_uid = ".$_SESSION["uid"]); if (db_num_rows($result) > 0) { print "
    "; // print""; print " Some feeds have update errors (click for details)"; print "
      "; while ($line = db_fetch_assoc($result)) { print "
    • " . $line["title"] . " (" . $line["feed_url"] . "): " . $line["last_error"]; } print "
    "; print "
    "; } $feed_search = db_escape_string($_GET["search"]); if (array_key_exists("search", $_GET)) { $_SESSION["prefs_feed_search"] = $feed_search; } else { $feed_search = $_SESSION["prefs_feed_search"]; } print "
    "; if (ENABLE_FEED_BROWSER && !SINGLE_USER_MODE) { print " "; } print "
    "; $feeds_sort = db_escape_string($_GET["sort"]); if (!$feeds_sort || $feeds_sort == "undefined") { $feeds_sort = $_SESSION["pref_sort_feeds"]; if (!$feeds_sort) $feeds_sort = "title"; } $_SESSION["pref_sort_feeds"] = $feeds_sort; if ($feed_search) { $search_qpart = "(UPPER(F1.title) LIKE UPPER('%$feed_search%') OR UPPER(F1.feed_url) LIKE UPPER('%$feed_search%')) AND"; } else { $search_qpart = ""; } if (get_pref($link, 'ENABLE_FEED_CATS')) { $order_by_qpart = "category,$feeds_sort,title"; } else { $order_by_qpart = "$feeds_sort,title"; } $result = db_query($link, "SELECT F1.id, F1.title, F1.feed_url, substring(F1.last_updated,1,16) AS last_updated, F1.parent_feed, F1.update_interval, F1.purge_interval, F1.cat_id, F2.title AS parent_title, C1.title AS category, F1.hidden, F1.include_in_digest FROM ttrss_feeds AS F1 LEFT JOIN ttrss_feeds AS F2 ON (F1.parent_feed = F2.id) LEFT JOIN ttrss_feed_categories AS C1 ON (F1.cat_id = C1.id) WHERE $search_qpart F1.owner_uid = '".$_SESSION["uid"]."' ORDER by $order_by_qpart"); if (db_num_rows($result) != 0) { // print "
    PLACEHOLDER
    "; print "

    "; print ""; if (get_pref($link, 'ENABLE_FEED_ICONS')) { print ""; } print " "; } $lnum = 0; $cur_cat_id = -1; while ($line = db_fetch_assoc($result)) { $feed_id = $line["id"]; $cat_id = $line["cat_id"]; $edit_title = htmlspecialchars(db_unescape_string($line["title"])); $edit_link = htmlspecialchars(db_unescape_string($line["feed_url"])); $edit_cat = htmlspecialchars(db_unescape_string($line["category"])); $hidden = sql_bool_to_bool($line["hidden"]); if (!$edit_cat) $edit_cat = "Uncategorized"; $last_updated = $line["last_updated"]; if (get_pref($link, 'HEADLINES_SMART_DATE')) { $last_updated = smart_date_time(strtotime($last_updated)); } else { $short_date = get_pref($link, 'SHORT_DATE_FORMAT'); $last_updated = date($short_date, strtotime($last_updated)); } if (get_pref($link, 'ENABLE_FEED_CATS') && $cur_cat_id != $cat_id) { $lnum = 0; print ""; print ""; if (get_pref($link, 'ENABLE_FEED_ICONS')) { print ""; } print ""; $cur_cat_id = $cat_id; } $class = ($lnum % 2) ? "even" : "odd"; $this_row_id = "id=\"FEEDR-$feed_id\""; print ""; $icon_file = ICONS_DIR . "/$feed_id.ico"; if (file_exists($icon_file) && filesize($icon_file) > 0) { $feed_icon = ""; } else { $feed_icon = ""; } print ""; if (get_pref($link, 'ENABLE_FEED_ICONS')) { print ""; } $edit_title = truncate_string($edit_title, 40); $edit_link = truncate_string($edit_link, 60); if ($hidden) { $edit_title = "$edit_title (Hidden)"; $edit_link = "$edit_link"; $last_updated = "$last_updated"; } $parent_title = $line["parent_title"]; if ($parent_title) { $parent_title = "(linked to $parent_title)"; } print ""; print ""; print ""; print ""; ++$lnum; } print "
    Select: All, None "; if (!get_pref($link, 'ENABLE_FEED_CATS')) { print "
      Title Feed Updated
    $edit_cat
      Title Feed Updated
    $feed_icon" . "$edit_title $parent_title" . "" . $edit_link . "" . "$last_updated
    "; print "

    "; if ($subop == "edit") { print "Edit feed:  "; } else { print " Selection:  "; if (get_pref($link, 'ENABLE_FEED_CATS')) { print " | "; print_feed_cat_select($link, "sfeed_set_fcat", "", "disabled"); print " "; } print "  All feeds: "; } } else { print "

    No feeds defined.

    "; } if (get_pref($link, 'ENABLE_FEED_CATS')) { print "

    Edit Categories

    "; print "
     
    "; $result = db_query($link, "SELECT title,id FROM ttrss_feed_categories WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY title"); if (db_num_rows($result) != 0) { print "
    "; print "

    "; print ""; $lnum = 0; while ($line = db_fetch_assoc($result)) { $class = ($lnum % 2) ? "even" : "odd"; $cat_id = $line["id"]; $edit_cat_id = $_GET["id"]; if ($subop == "editCat" && $cat_id != $edit_cat_id) { $class .= "Grayed"; $this_row_id = ""; } else { $this_row_id = "id=\"FCATR-$cat_id\""; } print ""; $edit_title = htmlspecialchars(db_unescape_string($line["title"])); if (!$edit_cat_id || $subop != "editCat") { print ""; print ""; } else if ($cat_id != $edit_cat_id) { print ""; print ""; } else { print ""; print ""; } print ""; ++$lnum; } print "
    Select: All, None "; print "
     Title
    " . $edit_title . "$edit_title"; print ""; print ""; print ""; print "
    "; print "

    "; print "

    "; if ($subop == "editCat") { print "Edit category:  "; } else { print " Selection:  "; } } else { print "

    No feed categories defined.

    "; } } print "

    Import OPML

    File:  
    "; } if ($op == "pref-filters") { $subop = $_GET["subop"]; $quiet = $_GET["quiet"]; if ($subop == "edit") { $filter_id = db_escape_string($_GET["id"]); $result = db_query($link, "SELECT * FROM ttrss_filters WHERE id = '$filter_id' AND owner_uid = " . $_SESSION["uid"]); $reg_exp = htmlspecialchars(db_unescape_string(db_fetch_result($result, 0, "reg_exp"))); $filter_type = db_fetch_result($result, 0, "filter_type"); $feed_id = db_fetch_result($result, 0, "feed_id"); $action_id = db_fetch_result($result, 0, "action_id"); $enabled = sql_bool_to_bool(db_fetch_result($result, 0, "enabled")); print "
    Filter editor
    "; print "
    "; print "
    "; print ""; print ""; print ""; // print "
    Note: filter will only apply to new articles.
    "; $result = db_query($link, "SELECT id,description FROM ttrss_filter_types ORDER BY description"); $filter_types = array(); while ($line = db_fetch_assoc($result)) { //array_push($filter_types, $line["description"]); $filter_types[$line["id"]] = $line["description"]; } print ""; print ""; print ""; print ""; print ""; if ($enabled) { $checked = "checked"; } else { $checked = ""; } print "
    Match: "; print ""; print_select_hash("filter_type", $filter_type, $filter_types, "class=\"iedit\""); print "
    Feed:"; print_feed_select($link, "feed_id", $feed_id); print "
    Action:"; print "
    Options: "; print "
    "; print "
    "; print "
    "; print " "; print ""; print "
    "; return; } if ($subop == "editSave") { $reg_exp = db_escape_string(trim($_GET["reg_exp"])); $filter_type = db_escape_string(trim($_GET["filter_type"])); $filter_id = db_escape_string($_GET["id"]); $feed_id = db_escape_string($_GET["feed_id"]); $action_id = db_escape_string($_GET["action_id"]); $enabled = checkbox_to_sql_bool(db_escape_string($_GET["enabled"])); if (!$feed_id) { $feed_id = 'NULL'; } else { $feed_id = sprintf("'%s'", db_escape_string($feed_id)); } $result = db_query($link, "UPDATE ttrss_filters SET reg_exp = '$reg_exp', feed_id = $feed_id, action_id = '$action_id', filter_type = '$filter_type', enabled = $enabled WHERE id = '$filter_id' AND owner_uid = " . $_SESSION["uid"]); } if ($subop == "remove") { if (!WEB_DEMO_MODE) { $ids = split(",", db_escape_string($_GET["ids"])); foreach ($ids as $id) { db_query($link, "DELETE FROM ttrss_filters WHERE id = '$id' AND owner_uid = ". $_SESSION["uid"]); } } } if ($subop == "add") { if (!WEB_DEMO_MODE) { $regexp = db_escape_string(trim($_GET["reg_exp"])); $filter_type = db_escape_string(trim($_GET["filter_type"])); $feed_id = db_escape_string($_GET["feed_id"]); $action_id = db_escape_string($_GET["action_id"]); if (!$feed_id) { $feed_id = 'NULL'; } else { $feed_id = sprintf("'%s'", db_escape_string($feed_id)); } $result = db_query($link, "INSERT INTO ttrss_filters (reg_exp,filter_type,owner_uid,feed_id, action_id) VALUES ('$regexp', '$filter_type','".$_SESSION["uid"]."', $feed_id, '$action_id')"); } } if ($quiet) return; $sort = db_escape_string($_GET["sort"]); if (!$sort || $sort == "undefined") { $sort = "reg_exp"; } // print "
    PLACEHOLDER
    "; $result = db_query($link, "SELECT id,description FROM ttrss_filter_types ORDER BY description"); $filter_types = array(); while ($line = db_fetch_assoc($result)) { //array_push($filter_types, $line["description"]); $filter_types[$line["id"]] = $line["description"]; } print ""; $result = db_query($link, "SELECT ttrss_filters.id AS id,reg_exp, ttrss_filter_types.name AS filter_type_name, ttrss_filter_types.description AS filter_type_descr, enabled, feed_id, ttrss_filter_actions.description AS action_description, ttrss_feeds.title AS feed_title FROM ttrss_filter_types,ttrss_filter_actions,ttrss_filters LEFT JOIN ttrss_feeds ON (ttrss_filters.feed_id = ttrss_feeds.id) WHERE filter_type = ttrss_filter_types.id AND ttrss_filter_actions.id = action_id AND ttrss_filters.owner_uid = ".$_SESSION["uid"]." ORDER by $sort"); if (db_num_rows($result) != 0) { print "
    "; print "

    "; print ""; $lnum = 0; while ($line = db_fetch_assoc($result)) { $class = ($lnum % 2) ? "even" : "odd"; $filter_id = $line["id"]; $edit_filter_id = $_GET["id"]; $enabled = sql_bool_to_bool($line["enabled"]); if ($subop == "edit" && $filter_id != $edit_filter_id) { $class .= "Grayed"; $this_row_id = ""; } else { $this_row_id = "id=\"FILRR-$filter_id\""; } print ""; $line["reg_exp"] = htmlspecialchars(db_unescape_string($line["reg_exp"])); if (!$line["feed_title"]) $line["feed_title"] = "All feeds"; $line["feed_title"] = htmlspecialchars(db_unescape_string($line["feed_title"])); print ""; if (!$enabled) { $line["reg_exp"] = "" . $line["reg_exp"] . " (Disabled)"; $line["feed_title"] = "" . $line["feed_title"] . ""; $line["filter_type_descr"] = "" . $line["filter_type_descr"] . ""; $line["action_description"] = "" . $line["action_description"] . ""; } print ""; print ""; print ""; print ""; print ""; ++$lnum; } if ($lnum == 0) { print ""; } print "
    Select: All, None "; print "
      Filter expression Feed Match Action
    " . $line["reg_exp"] . "" . $line["feed_title"] . "" . $line["filter_type_descr"] . "" . $line["action_description"] . "
    No filters defined.
    "; print "

    "; print "

    "; print " Selection: "; print "

    "; } else { print "

    No filters defined.

    "; } } // We need to accept raw SQL data in label queries, so not everything is escaped // here, this is by design. If you don't like the whole idea, disable labels // altogether with GLOBAL_ENABLE_LABELS = false if ($op == "pref-labels") { if (!GLOBAL_ENABLE_LABELS) { print "

    Sorry, labels have been administratively disabled for this installation. Please contact instance owner or edit configuration file to enable this functionality.

    "; return; } $subop = $_GET["subop"]; if ($subop == "edit") { $label_id = db_escape_string($_GET["id"]); $result = db_query($link, "SELECT sql_exp,description FROM ttrss_labels WHERE owner_uid = ".$_SESSION["uid"]." AND id = '$label_id' ORDER by description"); $line = db_fetch_assoc($result); $sql_exp = htmlspecialchars(db_unescape_string($line["sql_exp"])); $description = htmlspecialchars(db_unescape_string($line["description"])); print "
    Label editor
    "; print "
    "; print "
    "; print ""; print ""; print ""; print ""; print ""; print "
    Caption: "; print "

    SQL Expression:

    "; print ""; print "
    "; print "
    "; print "
    "; print "
    "; $is_disabled = (strpos($_SERVER['HTTP_USER_AGENT'], 'Opera') !== FALSE) ? "disabled" : ""; print " "; print " "; print ""; print "
    "; return; } if ($subop == "test") { $expr = db_unescape_string(trim($_GET["expr"])); $descr = db_unescape_string(trim($_GET["descr"])); print "
    "; error_reporting(0); $result = db_query($link, "SELECT count(ttrss_entries.id) AS num_matches FROM ttrss_entries,ttrss_user_entries,ttrss_feeds WHERE ($expr) AND ttrss_user_entries.ref_id = ttrss_entries.id AND ttrss_user_entries.feed_id = ttrss_feeds.id AND ttrss_user_entries.owner_uid = " . $_SESSION["uid"], false); error_reporting (DEFAULT_ERROR_LEVEL); if (!$result) { print "

    " . db_last_error($link) . "

    "; print "
    "; return; } $num_matches = db_fetch_result($result, 0, "num_matches");; if ($num_matches > 0) { if ($num_matches > 10) { $showing_msg = ", showing first 10"; } print "

    Query returned $num_matches matches$showing_msg:

    "; $result = db_query($link, "SELECT ttrss_entries.title, (SELECT title FROM ttrss_feeds WHERE id = feed_id) AS feed_title FROM ttrss_entries,ttrss_user_entries,ttrss_feeds WHERE ($expr) AND ttrss_user_entries.ref_id = ttrss_entries.id AND ttrss_user_entries.feed_id = ttrss_feeds.id AND ttrss_user_entries.owner_uid = " . $_SESSION["uid"] . " ORDER BY date_entered DESC LIMIT 10", false); print "
      "; $row_class = "even"; while ($line = db_fetch_assoc($result)) { $row_class = toggleEvenOdd($row_class); print "
    • ".$line["title"]. " (".$line["feed_title"].")
    • "; } print "
    "; } else { print "

    Query didn't return any matches.

    "; } print "
    "; return; } if ($subop == "editSave") { $sql_exp = trim($_GET["sql_exp"]); $descr = db_escape_string(trim($_GET["description"])); $label_id = db_escape_string($_GET["id"]); $result = db_query($link, "UPDATE ttrss_labels SET sql_exp = '$sql_exp', description = '$descr' WHERE id = '$label_id'"); } if ($subop == "remove") { if (!WEB_DEMO_MODE) { $ids = split(",", db_escape_string($_GET["ids"])); foreach ($ids as $id) { db_query($link, "DELETE FROM ttrss_labels WHERE id = '$id'"); } } } if ($subop == "add") { if (!WEB_DEMO_MODE) { // no escaping is done here on purpose $sql_exp = trim($_GET["sql_exp"]); $description = db_escape_string($_GET["description"]); $result = db_query($link, "INSERT INTO ttrss_labels (sql_exp,description,owner_uid) VALUES ('$sql_exp', '$description', '".$_SESSION["uid"]."')"); } } $sort = db_escape_string($_GET["sort"]); if (!$sort || $sort == "undefined") { $sort = "description"; } print "
    "; print"
    "; $result = db_query($link, "SELECT id,sql_exp,description FROM ttrss_labels WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY $sort"); // print "
    PLACEHOLDER
    "; if (db_num_rows($result) != 0) { print "
    "; print "

    "; print ""; $lnum = 0; while ($line = db_fetch_assoc($result)) { $class = ($lnum % 2) ? "even" : "odd"; $label_id = $line["id"]; $edit_label_id = $_GET["id"]; if ($subop == "edit" && $label_id != $edit_label_id) { $class .= "Grayed"; $this_row_id = ""; } else { $this_row_id = "id=\"LILRR-$label_id\""; } print ""; $line["sql_exp"] = htmlspecialchars(db_unescape_string($line["sql_exp"])); $line["description"] = htmlspecialchars( db_unescape_string($line["description"])); if (!$line["description"]) $line["description"] = "[No caption]"; print ""; print ""; print ""; print ""; ++$lnum; } if ($lnum == 0) { print ""; } print "
    Select: All, None "; print "
      Caption SQL Expression (?)
    " . $line["description"] . "" . $line["sql_exp"] . "
    No labels defined.
    "; print "

    "; print "

    "; print " Selection: "; } else { print "

    No labels defined.

    "; } } if ($op == "error") { print "
    "; $msg = $_GET["msg"]; print $msg; print "
    "; } if ($op == "help") { if (!$_GET["noheaders"]) { print " Tiny Tiny RSS : Help "; } $tid = sprintf("%d", $_GET["tid"]); print "
    Help
    "; print "
    "; if (file_exists("help/$tid.php")) { include("help/$tid.php"); } else { print "

    Help topic not found.

    "; } print "
    "; print "
    "; if (!$_GET["noheaders"]) { print ""; } } if ($op == "dlg") { $id = $_GET["id"]; $param = $_GET["param"]; if ($id == "quickAddFeed") { print "
    Subscribe to feed
    "; print "
    "; print "
    "; print ""; print ""; print ""; print ""; if (get_pref($link, 'ENABLE_FEED_CATS')) { print ""; } print "
    Feed URL:
    Category:"; print_feed_cat_select($link, "cat_id"); print "
    "; print "
    "; print "
    "; } if ($id == "search") { print "
    Search
    "; print "
    "; print "
    "; #$active_feed_id = db_escape_string($_GET["param"]); $params = split(":", db_escape_string($_GET["param"])); $active_feed_id = sprintf("%d", $params[0]); $is_cat = $params[1] == "true"; print ""; print ""; print "
    Search:"; print "
    Where:"; print "
    Match on:"; $search_fields = array( "title" => "Title", "content" => "Content", "both" => "Title or content"); print_select_hash("match_on", 3, $search_fields); print "
    "; print "
    "; print "
    "; print "
    "; } if ($id == "quickAddLabel") { print "
    Create label
    "; print "
    "; print "
    "; print ""; print ""; print ""; print ""; print "
    Caption: "; print "

    SQL Expression:

    "; print ""; print "
    "; print "
    "; print "
    "; print "
    "; print " "; print " "; print ""; } if ($id == "quickAddFilter") { $active_feed_id = db_escape_string($_GET["param"]); print "
    Create filter
    "; print "
    "; print "
    "; print ""; print ""; print ""; // print "
    Note: filter will only apply to new articles.
    "; $result = db_query($link, "SELECT id,description FROM ttrss_filter_types ORDER BY description"); $filter_types = array(); while ($line = db_fetch_assoc($result)) { //array_push($filter_types, $line["description"]); $filter_types[$line["id"]] = $line["description"]; } print ""; print ""; print ""; print ""; print "
    Match: "; print ""; print_select_hash("filter_type", 1, $filter_types, "class=\"iedit\""); print "
    Feed:"; print_feed_select($link, "feed_id", $active_feed_id); print "
    Action:"; print "
    "; print "
    "; print "
    "; print " "; print ""; print "
    "; // print ""; } print "
    "; } // update feeds of all users, may be used anonymously if ($op == "globalUpdateFeeds") { $result = db_query($link, "SELECT id FROM ttrss_users"); while ($line = db_fetch_assoc($result)) { $user_id = $line["id"]; // print ""; update_all_feeds($link, false, $user_id); } print " "; } if ($op == "pref-prefs") { $subop = $_REQUEST["subop"]; if ($subop == "Save configuration") { if (WEB_DEMO_MODE) { header("Location: prefs.php"); return; } $_SESSION["prefs_op_result"] = "save-config"; $_SESSION["prefs_cache"] = false; foreach (array_keys($_POST) as $pref_name) { $pref_name = db_escape_string($pref_name); $value = db_escape_string($_POST[$pref_name]); $result = db_query($link, "SELECT type_name FROM ttrss_prefs,ttrss_prefs_types WHERE pref_name = '$pref_name' AND type_id = ttrss_prefs_types.id"); if (db_num_rows($result) > 0) { $type_name = db_fetch_result($result, 0, "type_name"); // print "$pref_name : $type_name : $value
    "; if ($type_name == "bool") { if ($value == "1") { $value = "true"; } else { $value = "false"; } } else if ($type_name == "integer") { $value = sprintf("%d", $value); } // print "$pref_name : $type_name : $value
    "; db_query($link, "UPDATE ttrss_user_prefs SET value = '$value' WHERE pref_name = '$pref_name' AND owner_uid = ".$_SESSION["uid"]); } header("Location: prefs.php"); } } else if ($subop == "getHelp") { $pref_name = db_escape_string($_GET["pn"]); $result = db_query($link, "SELECT help_text FROM ttrss_prefs WHERE pref_name = '$pref_name'"); if (db_num_rows($result) > 0) { $help_text = db_fetch_result($result, 0, "help_text"); print $help_text; } else { print "Unknown option: $pref_name"; } } else if ($subop == "Change e-mail") { if (WEB_DEMO_MODE) { header("Location: prefs.php"); return; } $email = db_escape_string($_GET["email"]); $active_uid = $_SESSION["uid"]; if ($email) { db_query($link, "UPDATE ttrss_users SET email = '$email' WHERE id = '$active_uid'"); } header("Location: prefs.php"); } else if ($subop == "Change password") { if (WEB_DEMO_MODE) { header("Location: prefs.php"); return; } $old_pw = $_POST["OLD_PASSWORD"]; $new_pw = $_POST["OLD_PASSWORD"]; $old_pw_hash = 'SHA1:' . sha1($_POST["OLD_PASSWORD"]); $new_pw_hash = 'SHA1:' . sha1($_POST["NEW_PASSWORD"]); $active_uid = $_SESSION["uid"]; if ($old_pw && $new_pw) { $login = db_escape_string($_SERVER['PHP_AUTH_USER']); $result = db_query($link, "SELECT id FROM ttrss_users WHERE id = '$active_uid' AND (pwd_hash = '$old_pw' OR pwd_hash = '$old_pw_hash')"); if (db_num_rows($result) == 1) { db_query($link, "UPDATE ttrss_users SET pwd_hash = '$new_pw_hash' WHERE id = '$active_uid'"); $_SESSION["pwd_change_result"] = "ok"; } else { $_SESSION["pwd_change_result"] = "failed"; } } header("Location: prefs.php"); } else if ($subop == "Reset to defaults") { if (WEB_DEMO_MODE) { header("Location: prefs.php"); return; } $_SESSION["prefs_op_result"] = "reset-to-defaults"; if (DB_TYPE == "pgsql") { db_query($link,"UPDATE ttrss_user_prefs SET value = ttrss_prefs.def_value WHERE owner_uid = '".$_SESSION["uid"]."' AND ttrss_prefs.pref_name = ttrss_user_prefs.pref_name"); } else { db_query($link, "DELETE FROM ttrss_user_prefs WHERE owner_uid = ".$_SESSION["uid"]); initialize_user_prefs($link, $_SESSION["uid"]); } header("Location: prefs.php"); } else if ($subop == "Change theme") { $theme = db_escape_string($_POST["theme"]); if ($theme == "Default") { $theme_qpart = 'NULL'; } else { $theme_qpart = "'$theme'"; } $result = db_query($link, "SELECT id,theme_path FROM ttrss_themes WHERE theme_name = '$theme'"); if (db_num_rows($result) == 1) { $theme_id = db_fetch_result($result, 0, "id"); $theme_path = db_fetch_result($result, 0, "theme_path"); } else { $theme_id = "NULL"; $theme_path = ""; } db_query($link, "UPDATE ttrss_users SET theme_id = $theme_id WHERE id = " . $_SESSION["uid"]); $_SESSION["theme"] = $theme_path; header("Location: prefs.php"); } else { print check_for_update($link); if (!SINGLE_USER_MODE) { $result = db_query($link, "SELECT id,email FROM ttrss_users WHERE id = ".$_SESSION["uid"]." AND (pwd_hash = 'password' OR pwd_hash = 'SHA1:".sha1("password")."')"); if (db_num_rows($result) != 0) { print "
    Your password is at default value, please change it.
    "; } if ($_SESSION["pwd_change_result"] == "failed") { print "
    There was an error while changing your password.
    "; } if ($_SESSION["pwd_change_result"] == "ok") { print "
    Password changed successfully.
    "; } $_SESSION["pwd_change_result"] = ""; if ($_SESSION["prefs_op_result"] == "reset-to-defaults") { print "
    Your configuration was reset to defaults.
    "; } if ($_SESSION["prefs_op_result"] == "save-config") { print "
    Your configuration was saved successfully.
    "; } $_SESSION["prefs_op_result"] = ""; print "
    "; print ""; print ""; $result = db_query($link, "SELECT email FROM ttrss_users WHERE id = ".$_SESSION["uid"]); $email = db_fetch_result($result, 0, "email"); print ""; print ""; print "

    Personal data

    E-mail
    "; print ""; print "

    "; print "

    "; print "
    "; print ""; print ""; print ""; print ""; print ""; print ""; print "

    Authentication

    Old password
    New password
    "; print ""; print "

    "; print "

    "; } $result = db_query($link, "SELECT theme_id FROM ttrss_users WHERE id = " . $_SESSION["uid"]); $user_theme_id = db_fetch_result($result, 0, "theme_id"); $result = db_query($link, "SELECT id,theme_name FROM ttrss_themes ORDER BY theme_name"); if (db_num_rows($result) > 0) { print "
    "; print ""; print ""; print ""; print ""; print "

    Themes

    Select theme
    "; print ""; print "

    "; print "

    "; } initialize_user_prefs($link, $_SESSION["uid"]); $result = db_query($link, "SELECT ttrss_user_prefs.pref_name,short_desc,help_text,value,type_name, section_name,def_value FROM ttrss_prefs,ttrss_prefs_types,ttrss_prefs_sections,ttrss_user_prefs WHERE type_id = ttrss_prefs_types.id AND section_id = ttrss_prefs_sections.id AND ttrss_user_prefs.pref_name = ttrss_prefs.pref_name AND owner_uid = ".$_SESSION["uid"]." ORDER BY section_id,short_desc"); print "
    "; $lnum = 0; $active_section = ""; while ($line = db_fetch_assoc($result)) { if ($active_section != $line["section_name"]) { if ($active_section != "") { print ""; } print "

    "; $active_section = $line["section_name"]; print ""; // print " // "; $lnum = 0; } // $class = ($lnum % 2) ? "even" : "odd"; print ""; $type_name = $line["type_name"]; $pref_name = $line["pref_name"]; $value = $line["value"]; $def_value = $line["def_value"]; $help_text = $line["help_text"]; print ""; print ""; print ""; $lnum++; } print "

    $active_section

    OptionValue
    " . $line["short_desc"]; if ($help_text) print "
    $help_text
    "; print "
    "; if ($type_name == "bool") { // print_select($pref_name, $value, array("true", "false")); if ($value == "true") { $value = "Yes"; } else { $value = "No"; } print_radio($pref_name, $value, array("Yes", "No")); } else { print ""; } print "
    "; print ""; print "

    "; print " 

    "; print "
    "; } } if ($op == "pref-users") { $subop = $_GET["subop"]; if ($subop == "edit") { $id = db_escape_string($_GET["id"]); print "
    User editor
    "; print "
    "; print "
    "; print ""; print ""; print ""; $result = db_query($link, "SELECT * FROM ttrss_users WHERE id = '$id'"); $login = db_fetch_result($result, 0, "login"); $access_level = db_fetch_result($result, 0, "access_level"); $email = db_fetch_result($result, 0, "email"); print ""; print ""; print ""; print ""; $sel_disabled = ($id == $_SESSION["uid"]) ? "disabled" : ""; print ""; print "
    Login:
    Change password:
    E-mail:
    Access level:"; print_select_hash("access_level", $access_level, $access_level_names, $sel_disabled); print "
    "; print "
    "; print "
    "; print "
    "; return; } if ($subop == "editSave") { if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) { $login = db_escape_string(trim($_GET["login"])); $uid = db_escape_string($_GET["id"]); $access_level = sprintf("%d", $_GET["access_level"]); $email = db_escape_string(trim($_GET["email"])); $password = db_escape_string(trim($_GET["password"])); if ($password) { $pwd_hash = 'SHA1:' . sha1($password); $pass_query_part = "pwd_hash = '$pwd_hash', "; print "
    Changed password for user $login.
    "; } else { $pass_query_part = ""; } db_query($link, "UPDATE ttrss_users SET $pass_query_part login = '$login', access_level = '$access_level', email = '$email' WHERE id = '$uid'"); } } else if ($subop == "remove") { if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) { $ids = split(",", db_escape_string($_GET["ids"])); foreach ($ids as $id) { db_query($link, "DELETE FROM ttrss_users WHERE id = '$id' AND id != " . $_SESSION["uid"]); } } } else if ($subop == "add") { if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) { $login = db_escape_string(trim($_GET["login"])); $tmp_user_pwd = make_password(8); $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd); $result = db_query($link, "SELECT id FROM ttrss_users WHERE login = '$login'"); if (db_num_rows($result) == 0) { db_query($link, "INSERT INTO ttrss_users (login,pwd_hash,access_level,last_login) VALUES ('$login', '$pwd_hash', 0, NOW())"); $result = db_query($link, "SELECT id FROM ttrss_users WHERE login = '$login' AND pwd_hash = '$pwd_hash'"); if (db_num_rows($result) == 1) { $new_uid = db_fetch_result($result, 0, "id"); print "
    Added user ".$_GET["login"]. " with password $tmp_user_pwd.
    "; initialize_user($link, $new_uid); } else { print "
    Could not create user ". $_GET["login"]."
    "; } } else { print "
    User ". $_GET["login"]." already exists.
    "; } } } else if ($subop == "resetPass") { if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) { $uid = db_escape_string($_GET["id"]); $result = db_query($link, "SELECT login,email FROM ttrss_users WHERE id = '$uid'"); $login = db_fetch_result($result, 0, "login"); $email = db_fetch_result($result, 0, "email"); $tmp_user_pwd = make_password(8); $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd); db_query($link, "UPDATE ttrss_users SET pwd_hash = '$pwd_hash' WHERE id = '$uid'"); print "
    Changed password of user $login to $tmp_user_pwd."; if (MAIL_RESET_PASS && $email) { print " Notifying $email."; mail("$login <$email>", "Password reset notification", "Hi, $login.\n". "\n". "Your password for this TT-RSS installation was reset by". " an administrator.\n". "\n". "Your new password is $tmp_user_pwd, please remember". " it for later reference.\n". "\n". "Sincerely, TT-RSS Mail Daemon.", "From: " . MAIL_FROM); } print "
    "; } } $sort = db_escape_string($_GET["sort"]); if (!$sort || $sort == "undefined") { $sort = "login"; } print "
     "; print"
    "; $result = db_query($link, "SELECT id,login,access_level,email, SUBSTRING(last_login,1,16) as last_login FROM ttrss_users ORDER BY $sort"); // print "
    PLACEHOLDER
    "; print "

    "; print ""; $lnum = 0; while ($line = db_fetch_assoc($result)) { $class = ($lnum % 2) ? "even" : "odd"; $uid = $line["id"]; $edit_uid = $_GET["id"]; if ($subop == "edit" && $uid != $edit_uid) { $class .= "Grayed"; $this_row_id = ""; } else { $this_row_id = "id=\"UMRR-$uid\""; } print ""; $line["login"] = htmlspecialchars($line["login"]); $line["last_login"] = date(get_pref($link, 'SHORT_DATE_FORMAT'), strtotime($line["last_login"])); $access_level_names = array(0 => "User", 10 => "Administrator"); // if (!$edit_uid || $subop != "edit") { print ""; print ""; if (!$line["email"]) $line["email"] = " "; print ""; /* } else if ($uid != $edit_uid) { if (!$line["email"]) $line["email"] = " "; print ""; print ""; print ""; print ""; } else { print ""; print ""; print ""; print ""; } */ print ""; print ""; ++$lnum; } print "
    Select: All, None "; print "
      Login Access Level Last login
    " . $line["login"] . "" . $access_level_names[$line["access_level"]] . "".$line["login"]."".$line["email"]."".$access_level_names[$line["access_level"]]." "; print ""; print "".$line["last_login"]."
    "; print "

    "; /* if ($subop == "edit") { print "Edit user: "; } else { */ print " Selection: "; // } } if ($op == "user-details") { if (WEB_DEMO_MODE || $_SESSION["access_level"] < 10) { return; } /* print " Tiny Tiny RSS : User Details "; */ $uid = sprintf("%d", $_GET["id"]); print "

    User details
    "; print "
    "; $result = db_query($link, "SELECT login, SUBSTRING(last_login,1,16) AS last_login, access_level, (SELECT COUNT(int_id) FROM ttrss_user_entries WHERE owner_uid = id) AS stored_articles FROM ttrss_users WHERE id = '$uid'"); if (db_num_rows($result) == 0) { print "

    User not found

    "; return; } # print "

    User Details

    "; $login = db_fetch_result($result, 0, "login"); # print "

    $login

    "; print ""; $last_login = date(get_pref($link, 'LONG_DATE_FORMAT'), strtotime(db_fetch_result($result, 0, "last_login"))); $access_level = db_fetch_result($result, 0, "access_level"); $stored_articles = db_fetch_result($result, 0, "stored_articles"); # print ""; # print ""; print ""; print ""; $result = db_query($link, "SELECT COUNT(id) as num_feeds FROM ttrss_feeds WHERE owner_uid = '$uid'"); $num_feeds = db_fetch_result($result, 0, "num_feeds"); print ""; /* $result = db_query($link, "SELECT SUM(LENGTH(content)+LENGTH(title)+LENGTH(link)+LENGTH(guid)) AS db_size FROM ttrss_user_entries,ttrss_entries WHERE owner_uid = '$uid' AND ref_id = id"); $db_size = round(db_fetch_result($result, 0, "db_size") / 1024); print ""; */ print "
    Username$login
    Access level$access_level
    Last logged in$last_login
    Stored articles$stored_articles
    Subscribed feeds count$num_feeds
    Approx. used DB size$db_size KBytes
    "; print "

    Subscribed feeds

    "; $result = db_query($link, "SELECT id,title,site_url FROM ttrss_feeds WHERE owner_uid = '$uid' ORDER BY title"); print "
      "; $row_class = "odd"; while ($line = db_fetch_assoc($result)) { $icon_file = ICONS_URL."/".$line["id"].".ico"; if (file_exists($icon_file) && filesize($icon_file) > 0) { $feed_icon = ""; } else { $feed_icon = ""; } print "
    • $feed_icon ".$line["title"]."
    • "; $row_class = toggleEvenOdd($row_class); } if (db_num_rows($result) < $num_feeds) { // FIXME - add link to show ALL subscribed feeds here somewhere print "
    •  ...
    • "; } print "
    "; print "
    "; print "
    "; // print ""; } if ($op == "pref-feed-browser") { if (!ENABLE_FEED_BROWSER) { print "Feed browser is administratively disabled."; return; } $subop = $_REQUEST["subop"]; if ($subop == "details") { $id = db_escape_string($_GET["id"]); print "
    "; print "Feed information:"; print "
    "; $result = db_query($link, "SELECT feed_url,site_url, SUBSTRING(last_updated,1,19) AS last_updated FROM ttrss_feeds WHERE id = '$id'"); $feed_url = db_fetch_result($result, 0, "feed_url"); $site_url = db_fetch_result($result, 0, "site_url"); $last_updated = db_fetch_result($result, 0, "last_updated"); if (get_pref($link, 'HEADLINES_SMART_DATE')) { $last_updated = smart_date_time(strtotime($last_updated)); } else { $short_date = get_pref($link, 'SHORT_DATE_FORMAT'); $last_updated = date($short_date, strtotime($last_updated)); } print "Site: $site_url ". "(feed), ". "Last updated: $last_updated"; print "
    "; $result = db_query($link, "SELECT ttrss_entries.title, content,link, substring(date_entered,1,19) as date_entered, substring(updated,1,19) as updated FROM ttrss_entries,ttrss_user_entries WHERE ttrss_entries.id = ref_id AND feed_id = '$id' ORDER BY updated DESC LIMIT 5"); if (db_num_rows($result) > 0) { print "Last headlines:
    "; print "
    "; print "
      "; while ($line = db_fetch_assoc($result)) { if (get_pref($link, 'HEADLINES_SMART_DATE')) { $entry_dt = smart_date_time(strtotime($line["updated"])); } else { $short_date = get_pref($link, 'SHORT_DATE_FORMAT'); $entry_dt = date($short_date, strtotime($line["updated"])); } print "
    • " . $line["title"] . "" . " ($entry_dt)
    • "; } print "
    "; } print "
    "; return; } print "

    This panel shows feeds subscribed by other users of this system, just in case you are interested in some of them too.

    "; $limit = db_escape_string($_GET["limit"]); if (!$limit) $limit = 25; $owner_uid = $_SESSION["uid"]; $result = db_query($link, "SELECT feed_url,COUNT(id) AS subscribers FROM ttrss_feeds WHERE (SELECT COUNT(id) = 0 FROM ttrss_feeds AS tf WHERE tf.feed_url = ttrss_feeds.feed_url AND owner_uid = '$owner_uid') GROUP BY feed_url ORDER BY subscribers DESC LIMIT $limit"); print "
    Top
    "; print "

    Selection: "; print "

      "; $feedctr = 0; while ($line = db_fetch_assoc($result)) { $feed_url = $line["feed_url"]; $subscribers = $line["subscribers"]; $det_result = db_query($link, "SELECT site_url,title,id FROM ttrss_feeds WHERE feed_url = '$feed_url' LIMIT 1"); $details = db_fetch_assoc($det_result); $icon_file = ICONS_DIR . "/" . $details["id"] . ".ico"; if (file_exists($icon_file) && filesize($icon_file) > 0) { $feed_icon = ""; } else { $feed_icon = ""; } $check_box = ""; $class = ($feedctr % 2) ? "even" : "odd"; print "
    • $check_box". "$feed_icon "; print "" . $details["title"] ." " . "($subscribers)"; print "
      "; print "
      "; print "
    • "; ++$feedctr; } if ($feedctr == 0) { print "
    • No feeds found to subscribe.
    • "; } print "
    "; print "
    "; } if ($op == "rss") { $feed = db_escape_string($_GET["id"]); $user = db_escape_string($_GET["user"]); $pass = db_escape_string($_GET["pass"]); $is_cat = $_GET["is_cat"] != false; $search = db_escape_string($_GET["q"]); $match_on = db_escape_string($_GET["m"]); $search_mode = db_escape_string($_GET["smode"]); if (!$_SESSION["uid"] && $user && $pass) { authenticate_user($link, $user, $pass); } if ($_SESSION["uid"] || http_authenticate_user($link)) { generate_syndicated_feed($link, $feed, $is_cat, $search, $search_mode, $match_on); } } function check_configuration_variables() { if (!defined('SESSION_EXPIRE_TIME')) { return "config: SESSION_EXPIRE_TIME is undefined"; } if (SESSION_EXPIRE_TIME < 60) { return "config: SESSION_EXPIRE_TIME is too low (less than 60)"; } if (SESSION_EXPIRE_TIME < SESSION_COOKIE_LIFETIME_REMEMBER) { return "config: SESSION_EXPIRE_TIME should be greater or equal to" . "SESSION_COOKIE_LIFETIME_REMEMBER"; } if (defined('DISABLE_SESSIONS')) { return "config: you have enabled DISABLE_SESSIONS. Please disable this option."; } if (DATABASE_BACKED_SESSIONS && SINGLE_USER_MODE) { return "config: DATABASE_BACKED_SESSIONS is incompatible with SINGLE_USER_MODE"; } return false; } if ($op == "labelFromSearch") { $search = db_escape_string($_GET["search"]); $search_mode = db_escape_string($_GET["smode"]); $match_on = db_escape_string($_GET["match"]); $is_cat = db_escape_string($_GET["is_cat"]); $title = db_escape_string($_GET["title"]); $feed = sprintf("%d", $_GET["feed"]); $label_qparts = array(); $search_expr = getSearchSql($search, $match_on); if ($is_cat) { if ($feed != 0) { $search_expr .= " AND ttrss_feeds.cat_id = $feed "; } else { $search_expr .= " AND ttrss_feeds.cat_id IS NULL "; } } else { if ($search_mode == "all_feeds") { // NOOP } else if ($search_mode == "this_cat") { $tmp_result = db_query($link, "SELECT cat_id FROM ttrss_feeds WHERE id = '$feed'"); $cat_id = db_fetch_result($tmp_result, 0, "cat_id"); if ($cat_id > 0) { $search_expr .= " AND ttrss_feeds.cat_id = $cat_id "; } else { $search_expr .= " AND ttrss_feeds.cat_id IS NULL "; } } else { $search_expr .= " AND ttrss_feeds.id = $feed "; } } $search_expr = db_escape_string($search_expr); print $search_expr; if ($title) { $result = db_query($link, "INSERT INTO ttrss_labels (sql_exp,description,owner_uid) VALUES ('$search_expr', '$title', '".$_SESSION["uid"]."')"); } } if ($op == "getUnread") { $login = db_escape_string($_GET["login"]); header("Content-Type: text/plain; charset=utf-8"); $result = db_query($link, "SELECT id FROM ttrss_users WHERE login = '$login'"); if (db_num_rows($result) == 1) { $uid = db_fetch_result($result, 0, "id"); print getGlobalUnread($link, $uid); } else { print "-1;User not found"; } $print_exec_time = false; } if ($op == "digestTest") { header("Content-Type: text/plain"); print_r(prepare_headlines_digest($link, $_SESSION["uid"])); $print_exec_time = false; } if ($op == "digestSend") { header("Content-Type: text/plain"); send_headlines_digests($link); $print_exec_time = false; } db_close($link); ?>