- if (!$link) {
- if (DB_TYPE == "mysql") {
- print mysql_error();
- }
- // PG seems to display its own errors just fine by default.
- return;
- }
-
- init_connection($link);
-
- $op = db_escape_string($_REQUEST["op"]);
- $seq = (int) $_REQUEST["seq"];
-
- header("Content-Type: text/plain");
-
- function api_wrap_reply($status, $seq, $reply) {
- print json_encode(array("seq" => $seq,
- "status" => $status,
- "content" => $reply));
- }
-
- if (!$_SESSION["uid"] && $op != "login" && $op != "isLoggedIn") {
- print api_wrap_reply(API_STATUS_ERR, $seq, array("error" => 'NOT_LOGGED_IN'));
- return;
- }
-
- if ($_SESSION["uid"] && $op != "logout" && !get_pref($link, 'ENABLE_API_ACCESS')) {
- print api_wrap_reply(API_STATUS_ERR, $seq, array("error" => 'API_DISABLED'));
- return;
- }
-
- switch ($op) {
-
- case "getVersion":
- $rv = array("version" => VERSION);
- print api_wrap_reply(API_STATUS_OK, $seq, $rv);
- break;
-
- case "login":
- $login = db_escape_string($_REQUEST["user"]);
- $password = db_escape_string($_REQUEST["password"]);
- $password_base64 = db_escape_string(base64_decode($_REQUEST["password"]));
-
- if (SINGLE_USER_MODE) $login = "admin";
-
- $result = db_query($link, "SELECT id FROM ttrss_users WHERE login = '$login'");
-
- if (db_num_rows($result) != 0) {
- $uid = db_fetch_result($result, 0, "id");
- } else {
- $uid = 0;
- }
-
- if (!$uid) {
- print api_wrap_reply(API_STATUS_ERR, $seq,
- array("error" => "LOGIN_ERROR"));
- return;
- }
-
- if (get_pref($link, "ENABLE_API_ACCESS", $uid)) {
- if (authenticate_user($link, $login, $password)) { // try login with normal password
- print api_wrap_reply(API_STATUS_OK, $seq,
- array("session_id" => session_id()));
- } else if (authenticate_user($link, $login, $password_base64)) { // else try with base64_decoded password
- print api_wrap_reply(API_STATUS_OK, $seq,
- array("session_id" => session_id()));
- } else { // else we are not logged in
- print api_wrap_reply(API_STATUS_ERR, $seq,
- array("error" => "LOGIN_ERROR"));
- }
- } else {
- print api_wrap_reply(API_STATUS_ERR, $seq,
- array("error" => "API_DISABLED"));
- }
-
- break;
-
- case "logout":
- logout_user();
- print api_wrap_reply(API_STATUS_OK, $seq, array("status" => "OK"));
- break;
-
- case "isLoggedIn":
- print api_wrap_reply(API_STATUS_OK, $seq,
- array("status" => $_SESSION["uid"] != ''));
- break;
-
- case "getUnread":
- $feed_id = db_escape_string($_REQUEST["feed_id"]);
- $is_cat = db_escape_string($_REQUEST["is_cat"]);
-
- if ($feed_id) {
- print api_wrap_reply(API_STATUS_OK, $seq,
- array("unread" => getFeedUnread($link, $feed_id, $is_cat)));
- } else {
- print api_wrap_reply(API_STATUS_OK, $seq,
- array("unread" => getGlobalUnread($link)));
- }
- break;
-
- /* Method added for ttrss-reader for Android */
- case "getCounters":
-
- /* flct (flc is the default) FIXME: document */
- $output_mode = db_escape_string($_REQUEST["output_mode"]);
-
- print api_wrap_reply(API_STATUS_OK, $seq,
- getAllCounters($link, $output_mode));
- break;
-
- case "getFeeds":
- $cat_id = db_escape_string($_REQUEST["cat_id"]);
- $unread_only = (bool)db_escape_string($_REQUEST["unread_only"]);
- $limit = (int) db_escape_string($_REQUEST["limit"]);
- $offset = (int) db_escape_string($_REQUEST["offset"]);
-
- chdir(".."); // so feed_has_icon() would work properly for relative ICONS_DIR
-
- $feeds = api_get_feeds($link, $cat_id, $unread_only, $limit, $offset);
-
- print api_wrap_reply(API_STATUS_OK, $seq, $feeds);
-
- break;
-
- case "getCategories":
- $unread_only = (bool)db_escape_string($_REQUEST["unread_only"]);
-
- $result = db_query($link, "SELECT
- id, title FROM ttrss_feed_categories
- WHERE owner_uid = " .
- $_SESSION["uid"]);
-
- $cats = array();
-
- while ($line = db_fetch_assoc($result)) {
- $unread = getFeedUnread($link, $line["id"], true);
-
- if ($unread || !$unread_only) {
- array_push($cats, array("id" => $line["id"],
- "title" => $line["title"],
- "unread" => $unread));
- }
- }
-
- print api_wrap_reply(API_STATUS_OK, $seq, $cats);
- break;
-
- case "getHeadlines":
- $feed_id = db_escape_string($_REQUEST["feed_id"]);
- $limit = (int)db_escape_string($_REQUEST["limit"]);
- $offset = (int)db_escape_string($_REQUEST["skip"]);
- $filter = db_escape_string($_REQUEST["filter"]);
- $is_cat = (bool)db_escape_string($_REQUEST["is_cat"]);
- $show_excerpt = (bool)db_escape_string($_REQUEST["show_excerpt"]);
- $show_content = (bool)db_escape_string($_REQUEST["show_content"]);
- /* all_articles, unread, adaptive, marked, updated */
- $view_mode = db_escape_string($_REQUEST["view_mode"]);
- $include_attachments = (bool)db_escape_string($_REQUEST["include_attachments"]);
- $since_id = (int)db_escape_string($_REQUEST["since_id"]);
-
- $headlines = api_get_headlines($link, $feed_id, $limit, $offset,
- $filter, $is_cat, $show_excerpt, $show_content, $view_mode, false,
- $include_attachments, $since_id);