$id = db_escape_string($_REQUEST['id']);
$result = db_query($link, "SELECT link FROM ttrss_entries, ttrss_user_entries
- WHERE id = '$id' AND id = ref_id AND owner_uid = '".$_SESSION['uid']."'");
+ WHERE id = '$id' AND id = ref_id AND owner_uid = '".$_SESSION['uid']."'
+ LIMIT 1");
if (db_num_rows($result) == 1) {
$article_url = db_fetch_result($result, 0, 'link');
case "fbexport":
- // TODO: change to _POST
- $access_key = db_escape_string($_REQUEST["key"]);
+ $access_key = db_escape_string($_POST["key"]);
// TODO: rate limit checking using last_connected
$result = db_query($link, "SELECT id FROM ttrss_linked_instances
$instance_id = db_fetch_result($result, 0, "id");
- $result = db_query($link, "SELECT feed_url, title, subscribers
+ $result = db_query($link, "SELECT feed_url, site_url, title, subscribers
FROM ttrss_feedbrowser_cache ORDER BY subscribers DESC LIMIT 100");
$feeds = array();
array_push($feeds, $line);
}
- db_query($link, "UPDATE ttrss_linked_instances SET,
+ db_query($link, "UPDATE ttrss_linked_instances SET
last_status_in = 1 WHERE id = '$instance_id'");
print json_encode(array("feeds" => $feeds));
} else {
-
- db_query($link, "UPDATE ttrss_linked_instances SET,
- last_status_in = 0 WHERE id = '$instance_id'");
-
print json_encode(array("error" => array("code" => 6)));
}
break; // fbexport