]> git.wh0rd.org - tt-rss.git/blobdiff - classes/feeds.php
git.wh0rd.org / tt-rss.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
ccache, misc: fixes
[tt-rss.git] / classes / feeds.php
diff --git a/classes/feeds.php b/classes/feeds.php
index a96e53fcf1feb50b705600de9d58714cf03bc638..244a44f8f91305011c4c328729f9fbca40a6ce97 100755 (executable)
--- a/classes/feeds.php
+++ b/classes/feeds.php
@@ -193,24 +193,23 @@ class Feeds extends Handler_Protected {
 
                        if (!$any_needs_curl) {
 
-                               $result = $this->dbh->query(
+                               $result = db_query(
                                                "SELECT cache_images," . SUBSTRING_FOR_DATE . "(last_updated,1,19) AS last_updated
                                                FROM ttrss_feeds WHERE id = '$feed'");
 
-                               if ($this->dbh->num_rows($result) != 0) {
-                                       $last_updated = strtotime($this->dbh->fetch_result($result, 0, "last_updated"));
-                                       $cache_images = sql_bool_to_bool($this->dbh->fetch_result($result, 0, "cache_images"));
+                               if (db_num_rows($result) != 0) {
+                                       $last_updated = strtotime(db_fetch_result($result, 0, "last_updated"));
+                                       $cache_images = sql_bool_to_bool(db_fetch_result($result, 0, "cache_images"));
 
                                        if (!$cache_images && time() - $last_updated > 120) {
-                                               include "rssfuncs.php";
-                                               update_rss_feed($feed, true);
+                                               RSSUtils::update_rss_feed($feed, true);
                                        } else {
-                                               $this->dbh->query("UPDATE ttrss_feeds SET last_updated = '1970-01-01', last_update_started = '1970-01-01'
+                                               db_query("UPDATE ttrss_feeds SET last_updated = '1970-01-01', last_update_started = '1970-01-01'
                                                                WHERE id = '$feed'");
                                        }
                                }
                        } else {
-                               $this->dbh->query("UPDATE ttrss_feeds SET last_updated = '1970-01-01', last_update_started = '1970-01-01'
+                               db_query("UPDATE ttrss_feeds SET last_updated = '1970-01-01', last_update_started = '1970-01-01'
                                                                WHERE id = '$feed'");
                        }
                }
@@ -222,16 +221,16 @@ class Feeds extends Handler_Protected {
                // FIXME: might break tag display?
 
                if (is_numeric($feed) && $feed > 0 && !$cat_view) {
-                       $result = $this->dbh->query(
+                       $result = db_query(
                                "SELECT id FROM ttrss_feeds WHERE id = '$feed' LIMIT 1");
 
-                       if ($this->dbh->num_rows($result) == 0) {
+                       if (db_num_rows($result) == 0) {
                                $reply['content'] = "<div align='center'>".__('Feed not found.')."</div>";
                        }
                }
 
-               @$search = $this->dbh->escape_string($_REQUEST["query"]);
-               @$search_language = $this->dbh->escape_string($_REQUEST["search_language"]); // PGSQL only
+               @$search = db_escape_string($_REQUEST["query"]);
+               @$search_language = db_escape_string($_REQUEST["search_language"]); // PGSQL only
 
                if ($search) {
                        $disable_cache = true;
@@ -301,7 +300,7 @@ class Feeds extends Handler_Protected {
                        $feed, $cat_view, $search,
                        $last_error, $last_updated);
 
-               $headlines_count = is_numeric($result) ? 0 : $this->dbh->num_rows($result);
+               $headlines_count = is_numeric($result) ? 0 : db_num_rows($result);
 
                if ($offset == 0) {
                        foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_HEADLINES_BEFORE) as $p) {
@@ -322,7 +321,7 @@ class Feeds extends Handler_Protected {
 
                        $expand_cdm = get_pref('CDM_EXPANDED');
 
-                       while ($line = $this->dbh->fetch_assoc($result)) {
+                       while ($line = db_fetch_assoc($result)) {
 
                                $line["content_preview"] =  "&mdash; " . truncate_string(strip_tags($line["content"]), 250);
 
@@ -581,21 +580,21 @@ class Feeds extends Handler_Protected {
                                                onmouseout='postMouseOut($id)'";
 
                                        $expanded_class = $expand_cdm ? "expanded" : "expandable";
-
-                                       $reply['content'] .= "<div class=\"cdm $hlc_suffix $expanded_class $class\"
+                                       
+                                       $tmp_content = "<div class=\"cdm $hlc_suffix $expanded_class $class\"
                                                id=\"RROW-$id\" data-article-id='$id' data-orig-feed-id='$feed_id' $mouseover_attrs>";
 
-                                       $reply['content'] .= "<div class=\"cdmHeader\">";
-                                       $reply['content'] .= "<div style=\"vertical-align : middle\">";
+                                       $tmp_content .= "<div class=\"cdmHeader\">";
+                                       $tmp_content .= "<div style=\"vertical-align : middle\">";
 
-                                       $reply['content'] .= "<input dojoType=\"dijit.form.CheckBox\"
+                                       $tmp_content .= "<input dojoType=\"dijit.form.CheckBox\"
                                                        type=\"checkbox\" onclick=\"toggleSelectRow2(this, false, true)\"
                                                        class='rchk'>";
 
-                                       $reply['content'] .= "$marked_pic";
-                                       $reply['content'] .= "$published_pic";
+                                       $tmp_content .= "$marked_pic";
+                                       $tmp_content .= "$published_pic";
 
-                                       $reply['content'] .= "</div>";
+                                       $tmp_content .= "</div>";
 
                                        if ($highlight_words && count($highlight_words > 0)) {
                                                foreach ($highlight_words as $word) {
@@ -605,7 +604,7 @@ class Feeds extends Handler_Protected {
                                        }
 
                                        // data-article-id included for context menu
-                                       $reply['content'] .= "<span id=\"RTITLE-$id\"
+                                       $tmp_content .= "<span id=\"RTITLE-$id\"
                                                onclick=\"return cdmClicked(event, $id);\"
                                                data-article-id=\"$id\"
                                                class=\"titleWrap hlMenuAttach $hlc_suffix\">                                           
@@ -616,9 +615,9 @@ class Feeds extends Handler_Protected {
                                                $line["title"] .
                                                "</a> <span class=\"author\">$entry_author</span>";
 
-                                       $reply['content'] .= $labels_str;
+                                       $tmp_content .= $labels_str;
 
-                                       $reply['content'] .= "<span class='collapseBtn' style='display : none'>
+                                       $tmp_content .= "<span class='collapseBtn' style='display : none'>
                                                <img src=\"images/collapse.png\" onclick=\"cdmCollapseArticle(event, $id)\"
                                                title=\"".__("Collapse article")."\"/></span>";
 
@@ -627,15 +626,15 @@ class Feeds extends Handler_Protected {
                                        else
                                                $excerpt_hidden = "style=\"display : none\"";
 
-                                       $reply['content'] .= "<span $excerpt_hidden id=\"CEXC-$id\" class=\"cdmExcerpt\">" . $content_preview . "</span>";
+                                       $tmp_content .= "<span $excerpt_hidden id=\"CEXC-$id\" class=\"cdmExcerpt\">" . $content_preview . "</span>";
 
-                                       $reply['content'] .= "</span>";
+                                       $tmp_content .= "</span>";
 
                                        if (!$vfeed_group_enabled) {
                                                if (@$line["feed_title"]) {
                                                        $rgba = @$rgba_cache[$feed_id];
 
-                                                       $reply['content'] .= "<div class=\"hlFeed\">
+                                                       $tmp_content .= "<div class=\"hlFeed\">
                                                                <a href=\"#\" style=\"background-color: rgba($rgba,0.3)\"
                                                                onclick=\"viewfeed({feed:$feed_id})\">".
                                                                truncate_string($line["feed_title"],30)."</a>
@@ -643,90 +642,87 @@ class Feeds extends Handler_Protected {
                                                }
                                        }
 
-                                       $reply['content'] .= "<span class='updated' title='$date_entered_fmt'>
-                                               $updated_fmt</span>";
+                                       $tmp_content .= "<span class='updated' title='$date_entered_fmt'>$updated_fmt</span>";
 
-                                       $reply['content'] .= "<div class='scoreWrap' style=\"vertical-align : middle\">";
-                                       $reply['content'] .= "$score_pic";
+                                       $tmp_content .= "<div class='scoreWrap' style=\"vertical-align : middle\">";
+                                       $tmp_content .= "$score_pic";
 
                                        if (!get_pref("VFEED_GROUP_BY_FEED") && $line["feed_title"]) {
-                                               $reply['content'] .= "<span style=\"cursor : pointer\"
+                                               $tmp_content .= "<span style=\"cursor : pointer\"
                                                        title=\"".htmlspecialchars($line["feed_title"])."\"
                                                        onclick=\"viewfeed({feed:$feed_id})\">$feed_icon_img</span>";
                                        }
-                                       $reply['content'] .= "</div>";
+                                       $tmp_content .= "</div>"; //scoreWrap
 
-                                       $reply['content'] .= "</div>";
+                                       $tmp_content .= "</div>"; //cdmHeader
 
-                                       $reply['content'] .= "<div class=\"cdmContent\" $content_hidden
+                                       $tmp_content .= "<div class=\"cdmContent\" $content_hidden
                                                onclick=\"return cdmClicked(event, $id, true);\"
                                                id=\"CICD-$id\">";
 
-                                       $reply['content'] .= "<div id=\"POSTNOTE-$id\">";
+                                       $tmp_content .= "<div id=\"POSTNOTE-$id\">";
                                        if ($line['note']) {
-                                               $reply['content'] .= Article::format_article_note($id, $line['note']);
+                                               $tmp_content .= Article::format_article_note($id, $line['note']);
                                        }
-                                       $reply['content'] .= "</div>";
+                                       $tmp_content .= "</div>"; //POSTNOTE
 
                                        if (!$line['lang']) $line['lang'] = 'en';
 
-                                       $reply['content'] .= "<div class=\"cdmContentInner\" lang=\"".$line['lang']."\">";
+                                       $tmp_content .= "<div class=\"cdmContentInner\" lang=\"".$line['lang']."\">";
 
-                       if ($line["orig_feed_id"]) {
+                                       if ($line["orig_feed_id"]) {
 
-                               $tmp_result = $this->dbh->query("SELECT * FROM ttrss_archived_feeds
-                                       WHERE id = ".$line["orig_feed_id"] . " AND owner_uid = " . $_SESSION["uid"]);
+                                               $tmp_result = db_query("SELECT * FROM ttrss_archived_feeds
+                                                       WHERE id = ".$line["orig_feed_id"] . " AND owner_uid = " . $_SESSION["uid"]);
 
-                                               if ($this->dbh->num_rows($tmp_result) != 0) {
+                                               if (db_num_rows($tmp_result) != 0) {
 
-                                                       $reply['content'] .= "<div clear='both'>";
-                                                       $reply['content'] .= __("Originally from:");
+                                                       $tmp_content .= "<div clear='both'>";
+                                                       $tmp_content .= __("Originally from:");
 
-                                                       $reply['content'] .= "&nbsp;";
+                                                       $tmp_content .= "&nbsp;";
 
-                                                       $tmp_line = $this->dbh->fetch_assoc($tmp_result);
+                                                       $tmp_line = db_fetch_assoc($tmp_result);
 
-                                                       $reply['content'] .= "<a target='_blank' rel='noopener noreferrer'
+                                                       $tmp_content .= "<a target='_blank' rel='noopener noreferrer'
                                                                href=' " . htmlspecialchars($tmp_line['site_url']) . "'>" .
                                                                $tmp_line['title'] . "</a>";
 
-                                                       $reply['content'] .= "&nbsp;";
+                                                       $tmp_content .= "&nbsp;";
 
-                                                       $reply['content'] .= "<a target='_blank' rel='noopener noreferrer' href='" . htmlspecialchars($tmp_line['feed_url']) . "'>";
-                                                       $reply['content'] .= "<img title='".__('Feed URL')."'class='tinyFeedIcon' src='images/pub_unset.png'></a>";
+                                                       $tmp_content .= "<a target='_blank' rel='noopener noreferrer' href='" . htmlspecialchars($tmp_line['feed_url']) . "'>";
+                                                       $tmp_content .= "<img title='".__('Feed URL')."'class='tinyFeedIcon' src='images/pub_unset.png'></a>";
 
-                                                       $reply['content'] .= "</div>";
+                                                       $tmp_content .= "</div>";
                                                }
                                        }
 
-                                       $reply['content'] .= "<span id=\"CWRAP-$id\">";
-
-                                       $reply['content'] .= "<span id=\"CENCW-$id\" class=\"cencw\" style=\"display : none\">";
-                                       $reply['content'] .= htmlspecialchars($line["content"]);
-                                       $reply['content'] .= "</span>";
+                                       $tmp_content .= "<span id=\"CWRAP-$id\">";
+                                       $tmp_content .= "<span id=\"CENCW-$id\" class=\"cencw\" style=\"display : none\">";
+                                       $tmp_content .= htmlspecialchars($line["content"]);
+                                       $tmp_content .= "</span>";
+                                       $tmp_content .= "</span>";
 
-                                       $reply['content'] .= "</span>";
+                                       $tmp_content .= "</div>"; //cdmContentInner
 
-                                       $reply['content'] .= "</div>";
-
-                                       $reply['content'] .= "<div class=\"cdmIntermediate\">";
+                                       $tmp_content .= "<div class=\"cdmIntermediate\">";
 
                                        $always_display_enclosures = sql_bool_to_bool($line["always_display_enclosures"]);
-                                       $reply['content'] .= Article::format_article_enclosures($id, $always_display_enclosures, $line["content"], sql_bool_to_bool($line["hide_images"]));
+                                       $tmp_content .= Article::format_article_enclosures($id, $always_display_enclosures, $line["content"], sql_bool_to_bool($line["hide_images"]));
 
-                                       $reply['content'] .= "</div>";
+                                       $tmp_content .= "</div>"; // cdmIntermediate
 
-                                       $reply['content'] .= "<div class=\"cdmFooter\" onclick=\"cdmFooterClick(event)\">";
+                                       $tmp_content .= "<div class=\"cdmFooter\" onclick=\"cdmFooterClick(event)\">";
 
                                        foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_ARTICLE_LEFT_BUTTON) as $p) {
-                                               $reply['content'] .= $p->hook_article_left_button($line);
+                                               $tmp_content .= $p->hook_article_left_button($line);
                                        }
 
                                        $tags_str = Article::format_tags_string($tags, $id);
 
-                                       $reply['content'] .= "<span class='left'>";
+                                       $tmp_content .= "<span class='left'>";
 
-                                       $reply['content'] .= "<img src='images/tag.png' alt='Tags' title='Tags'>
+                                       $tmp_content .= "<img src='images/tag.png' alt='Tags' title='Tags'>
                                                <span id=\"ATSTR-$id\">$tags_str</span>
                                                <a title=\"".__('Edit tags for this article')."\"
                                                href=\"#\" onclick=\"editArticleTags($id)\">(+)</a>";
@@ -750,25 +746,29 @@ class Feeds extends Handler_Protected {
                                                }
                                        }
 
-                                       if ($entry_comments) $reply['content'] .= "&nbsp;($entry_comments)";
+                                       if ($entry_comments) $tmp_content .= "&nbsp;($entry_comments)";
 
-                                       $reply['content'] .= "</span>";
-                                       $reply['content'] .= "<div>";
+                                       $tmp_content .= "</span>";
+                                       $tmp_content .= "<div>";
 
-//                                     $reply['content'] .= "$marked_pic";
-//                                     $reply['content'] .= "$published_pic";
+//                                     $tmp_content .= "$marked_pic";
+//                                     $tmp_content .= "$published_pic";
 
                                        foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_ARTICLE_BUTTON) as $p) {
-                                               $reply['content'] .= $p->hook_article_button($line);
+                                               $tmp_content .= $p->hook_article_button($line);
                                        }
 
-                                       $reply['content'] .= "</div>";
-                                       $reply['content'] .= "</div>";
+                                       $tmp_content .= "</div>"; // buttons
 
-                                       $reply['content'] .= "</div>";
+                                       $tmp_content .= "</div>"; // cdmFooter
+                                       $tmp_content .= "</div>"; // cdmContent
+                                       $tmp_content .= "</div>"; // RROW.cdm
 
-                                       $reply['content'] .= "</div>";
+                                       foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_FORMAT_ARTICLE_CDM) as $p) {
+                                               $tmp_content = $p->hook_format_article_cdm($tmp_content, $line);
+                                       }
 
+                                       $reply['content'] .= $tmp_content;
                                }
 
                                ++$lnum;
@@ -802,18 +802,18 @@ class Feeds extends Handler_Protected {
 
                                $reply['content'] .= "<p><span class=\"insensitive\">";
 
-                               $result = $this->dbh->query("SELECT ".SUBSTRING_FOR_DATE."(MAX(last_updated), 1, 19) AS last_updated FROM ttrss_feeds
+                               $result = db_query("SELECT ".SUBSTRING_FOR_DATE."(MAX(last_updated), 1, 19) AS last_updated FROM ttrss_feeds
                                        WHERE owner_uid = " . $_SESSION['uid']);
 
-                               $last_updated = $this->dbh->fetch_result($result, 0, "last_updated");
+                               $last_updated = db_fetch_result($result, 0, "last_updated");
                                $last_updated = make_local_datetime($last_updated, false);
 
                                $reply['content'] .= sprintf(__("Feeds last updated at %s"), $last_updated);
 
-                               $result = $this->dbh->query("SELECT COUNT(id) AS num_errors
+                               $result = db_query("SELECT COUNT(id) AS num_errors
                                        FROM ttrss_feeds WHERE last_error != '' AND owner_uid = ".$_SESSION["uid"]);
 
-                               $num_errors = $this->dbh->fetch_result($result, 0, "num_errors");
+                               $num_errors = db_fetch_result($result, 0, "num_errors");
 
                                if ($num_errors > 0) {
                                        $reply['content'] .= "<br/>";
@@ -834,8 +834,10 @@ class Feeds extends Handler_Protected {
        }
 
        function catchupAll() {
-               $this->dbh->query("UPDATE ttrss_user_entries SET
-                                               last_read = NOW(), unread = false WHERE unread = true AND owner_uid = " . $_SESSION["uid"]);
+               $sth = $this->pdo->prepare("UPDATE ttrss_user_entries SET
+                                               last_read = NOW(), unread = false WHERE unread = true AND owner_uid = ?");
+               $sth->execute([$_SESSION['uid']]);
+
                CCache::zero_all($_SESSION["uid"]);
        }
 
@@ -846,16 +848,16 @@ class Feeds extends Handler_Protected {
 
                if ($_REQUEST["debug"]) $timing_info = print_checkpoint("0", $timing_info);
 
-               $feed = $this->dbh->escape_string($_REQUEST["feed"]);
-               $method = $this->dbh->escape_string($_REQUEST["m"]);
-               $view_mode = $this->dbh->escape_string($_REQUEST["view_mode"]);
+               $feed = db_escape_string($_REQUEST["feed"]);
+               $method = db_escape_string($_REQUEST["m"]);
+               $view_mode = db_escape_string($_REQUEST["view_mode"]);
                $limit = 30;
                @$cat_view = $_REQUEST["cat"] == "true";
-               @$next_unread_feed = $this->dbh->escape_string($_REQUEST["nuf"]);
-               @$offset = $this->dbh->escape_string($_REQUEST["skip"]);
-               @$vgroup_last_feed = $this->dbh->escape_string($_REQUEST["vgrlf"]);
-               $order_by = $this->dbh->escape_string($_REQUEST["order_by"]);
-               $check_first_id = $this->dbh->escape_string($_REQUEST["fid"]);
+               @$next_unread_feed = db_escape_string($_REQUEST["nuf"]);
+               @$offset = db_escape_string($_REQUEST["skip"]);
+               @$vgroup_last_feed = db_escape_string($_REQUEST["vgrlf"]);
+               $order_by = db_escape_string($_REQUEST["order_by"]);
+               $check_first_id = db_escape_string($_REQUEST["fid"]);
 
                if (is_numeric($feed)) $feed = (int) $feed;
 
@@ -867,21 +869,30 @@ class Feeds extends Handler_Protected {
                        return;
                }
 
-               $result = false;
-
+               $sth = false;
                if ($feed < LABEL_BASE_INDEX) {
-                       $label_feed = feed_to_label_id($feed);
-                       $result = $this->dbh->query("SELECT id FROM ttrss_labels2 WHERE
-                                                       id = '$label_feed' AND owner_uid = " . $_SESSION['uid']);
+
+                       $label_feed = Labels::feed_to_label_id($feed);
+
+                       $sth = $this->pdo->prepare("SELECT id FROM ttrss_labels2 WHERE
+                                                       id = ? AND owner_uid = ?");
+                       $sth->execute([$label_feed, $_SESSION['uid']]);
+
                } else if (!$cat_view && is_numeric($feed) && $feed > 0) {
-                       $result = $this->dbh->query("SELECT id FROM ttrss_feeds WHERE
-                                                       id = '$feed' AND owner_uid = " . $_SESSION['uid']);
+
+                       $sth = $this->pdo->prepare("SELECT id FROM ttrss_feeds WHERE
+                                                       id = ? AND owner_uid = ?");
+                       $sth->execute([$feed, $_SESSION['uid']]);
+
                } else if ($cat_view && is_numeric($feed) && $feed > 0) {
-                       $result = $this->dbh->query("SELECT id FROM ttrss_feed_categories WHERE
-                                                       id = '$feed' AND owner_uid = " . $_SESSION['uid']);
+
+                       $sth = $this->pdo->prepare("SELECT id FROM ttrss_feed_categories WHERE
+                                                       id = ? AND owner_uid = ?");
+
+                       $sth->execute([$feed, $_SESSION['uid']]);
                }
 
-               if ($result && $this->dbh->num_rows($result) == 0) {
+               if ($sth && !$sth->fetch()) {
                        print json_encode($this->generate_error_feed(__("Feed not found.")));
                        return;
                }
@@ -898,14 +909,16 @@ class Feeds extends Handler_Protected {
 
                /* bump login timestamp if needed */
                if (time() - $_SESSION["last_login_update"] > 3600) {
-                       $this->dbh->query("UPDATE ttrss_users SET last_login = NOW() WHERE id = " .
-                               $_SESSION["uid"]);
+                       $sth = $this->pdo->prepare("UPDATE ttrss_users SET last_login = NOW() WHERE id = ?");
+                       $sth->execute([$_SESSION['uid']]);
+
                        $_SESSION["last_login_update"] = time();
                }
 
                if (!$cat_view && is_numeric($feed) && $feed > 0) {
-                       $this->dbh->query("UPDATE ttrss_feeds SET last_viewed = NOW()
-                                                       WHERE id = '$feed' AND owner_uid = ".$_SESSION["uid"]);
+                       $sth = $this->pdo->prepare("UPDATE ttrss_feeds SET last_viewed = NOW()
+                                                       WHERE id = ? AND owner_uid = ?");
+                       $sth->execute([$feed, $_SESSION['uid']]);
                }
 
                $reply['headlines'] = array();
@@ -915,7 +928,7 @@ class Feeds extends Handler_Protected {
 
                switch ($order_by) {
                case "title":
-                       $override_order = "ttrss_entries.title";
+                       $override_order = "ttrss_entries.title, date_entered, updated";
                        break;
                case "date_reverse":
                        $override_order = "score DESC, date_entered, updated";
@@ -976,18 +989,21 @@ class Feeds extends Handler_Protected {
 
                $reply['headlines']['content'] .= "<p><span class=\"insensitive\">";
 
-               $result = $this->dbh->query("SELECT ".SUBSTRING_FOR_DATE."(MAX(last_updated), 1, 19) AS last_updated FROM ttrss_feeds
-                       WHERE owner_uid = " . $_SESSION['uid']);
+               $sth = $this->pdo->prepare("SELECT ".SUBSTRING_FOR_DATE."(MAX(last_updated), 1, 19) AS last_updated FROM ttrss_feeds
+                       WHERE owner_uid = ?");
+               $sth->execute([$_SESSION['uid']]);
+               $row = $sth->fetch();
 
-               $last_updated = $this->dbh->fetch_result($result, 0, "last_updated");
-               $last_updated = make_local_datetime($last_updated, false);
+               $last_updated = make_local_datetime($row["last_updated"], false);
 
                $reply['headlines']['content'] .= sprintf(__("Feeds last updated at %s"), $last_updated);
 
-               $result = $this->dbh->query("SELECT COUNT(id) AS num_errors
-                       FROM ttrss_feeds WHERE last_error != '' AND owner_uid = ".$_SESSION["uid"]);
+               $sth = $this->pdo->prepare("SELECT COUNT(id) AS num_errors
+                       FROM ttrss_feeds WHERE last_error != '' AND owner_uid = ?");
+               $sth->execute([$_SESSION['uid']]);
+               $row = $sth->fetch();
 
-               $num_errors = $this->dbh->fetch_result($result, 0, "num_errors");
+               $num_errors = $row["num_errors"];
 
                if ($num_errors > 0) {
                        $reply['headlines']['content'] .= "<br/>";
@@ -1104,7 +1120,7 @@ class Feeds extends Handler_Protected {
        function feedBrowser() {
                if (defined('_DISABLE_FEED_BROWSER') && _DISABLE_FEED_BROWSER) return;
 
-               $browser_search = $this->dbh->escape_string($_REQUEST["search"]);
+               $browser_search = db_escape_string($_REQUEST["search"]);
 
                print_hidden("op", "rpc");
                print_hidden("method", "updateFeedBrowser");
@@ -1150,7 +1166,7 @@ class Feeds extends Handler_Protected {
        }
 
        function search() {
-               $this->params = explode(":", $this->dbh->escape_string($_REQUEST["param"]), 2);
+               $this->params = explode(":", db_escape_string($_REQUEST["param"]), 2);
 
                $active_feed_id = sprintf("%d", $this->params[0]);
                $is_cat = $this->params[1] != "false";
@@ -1222,8 +1238,7 @@ class Feeds extends Handler_Protected {
                <pre><?php
 
                if ($do_update) {
-                       include "rssfuncs.php";
-                       update_rss_feed($feed_id, true);
+                       RSSUtils::update_rss_feed($feed_id, true);
                }
 
                ?></pre>
@@ -1238,9 +1253,10 @@ class Feeds extends Handler_Protected {
 
                if (!$owner_uid) $owner_uid = $_SESSION['uid'];
 
+               $pdo = Db::pdo();
+
                // Todo: all this interval stuff needs some generic generator function
 
-               $date_qpart = "false";
                $search_qpart = is_array($search) && $search[0] ? search_to_sql($search[0], $search[1])[0] : 'true';
 
                switch ($mode) {
@@ -1285,50 +1301,55 @@ class Feeds extends Handler_Protected {
                                                $cat_qpart = "cat_id IS NULL";
                                        }
 
-                                       db_query("UPDATE ttrss_user_entries
+                                       $sth = $pdo->prepare("UPDATE ttrss_user_entries
                                                SET unread = false, last_read = NOW() WHERE ref_id IN
                                                        (SELECT id FROM
                                                                (SELECT DISTINCT id FROM ttrss_entries, ttrss_user_entries WHERE ref_id = id
-                                                                       AND owner_uid = $owner_uid AND unread = true AND feed_id IN
+                                                                       AND owner_uid = ? AND unread = true AND feed_id IN
                                                                                (SELECT id FROM ttrss_feeds WHERE $cat_qpart) AND $date_qpart AND $search_qpart) as tmp)");
+                                       $sth->execute([$owner_uid]);
 
                                } else if ($feed == -2) {
 
-                                       db_query("UPDATE ttrss_user_entries
+                                       $sth = $pdo->prepare("UPDATE ttrss_user_entries
                                                SET unread = false,last_read = NOW() WHERE (SELECT COUNT(*)
                                                        FROM ttrss_user_labels2, ttrss_entries WHERE article_id = ref_id AND id = ref_id AND $date_qpart AND $search_qpart) > 0
-                                                       AND unread = true AND owner_uid = $owner_uid");
+                                                       AND unread = true AND owner_uid = ?");
+                                       $sth->execute([$owner_uid]);
                                }
 
                        } else if ($feed > 0) {
 
-                               db_query("UPDATE ttrss_user_entries
+                               $sth = $pdo->prepare("UPDATE ttrss_user_entries
                                        SET unread = false, last_read = NOW() WHERE ref_id IN
                                                (SELECT id FROM
                                                        (SELECT DISTINCT id FROM ttrss_entries, ttrss_user_entries WHERE ref_id = id
-                                                               AND owner_uid = $owner_uid AND unread = true AND feed_id = $feed AND $date_qpart AND $search_qpart) as tmp)");
+                                                               AND owner_uid = ? AND unread = true AND feed_id = ? AND $date_qpart AND $search_qpart) as tmp)");
+                               $sth->execute([$owner_uid, $feed]);
 
                        } else if ($feed < 0 && $feed > LABEL_BASE_INDEX) { // special, like starred
 
                                if ($feed == -1) {
-                                       db_query("UPDATE ttrss_user_entries
+                                       $sth = $pdo->prepare("UPDATE ttrss_user_entries
                                                SET unread = false, last_read = NOW() WHERE ref_id IN
                                                        (SELECT id FROM
                                                                (SELECT DISTINCT id FROM ttrss_entries, ttrss_user_entries WHERE ref_id = id
-                                                                       AND owner_uid = $owner_uid AND unread = true AND marked = true AND $date_qpart AND $search_qpart) as tmp)");
+                                                                       AND owner_uid = ? AND unread = true AND marked = true AND $date_qpart AND $search_qpart) as tmp)");
+                                       $sth->execute([$owner_uid]);
                                }
 
                                if ($feed == -2) {
-                                       db_query("UPDATE ttrss_user_entries
+                                       $sth = $pdo->prepare("UPDATE ttrss_user_entries
                                                SET unread = false, last_read = NOW() WHERE ref_id IN
                                                        (SELECT id FROM
                                                                (SELECT DISTINCT id FROM ttrss_entries, ttrss_user_entries WHERE ref_id = id
-                                                                       AND owner_uid = $owner_uid AND unread = true AND published = true AND $date_qpart AND $search_qpart) as tmp)");
+                                                                       AND owner_uid = ? AND unread = true AND published = true AND $date_qpart AND $search_qpart) as tmp)");
+                                       $sth->execute([$owner_uid]);
                                }
 
                                if ($feed == -3) {
 
-                                       $intl = get_pref("FRESH_ARTICLE_MAX_AGE");
+                                       $intl = (int) get_pref("FRESH_ARTICLE_MAX_AGE");
 
                                        if (DB_TYPE == "pgsql") {
                                                $match_part = "date_entered > NOW() - INTERVAL '$intl hour' ";
@@ -1337,43 +1358,47 @@ class Feeds extends Handler_Protected {
                                                        INTERVAL $intl HOUR) ";
                                        }
 
-                                       db_query("UPDATE ttrss_user_entries
+                                       $sth = $pdo->prepare("UPDATE ttrss_user_entries
                                                SET unread = false, last_read = NOW() WHERE ref_id IN
                                                        (SELECT id FROM
                                                                (SELECT DISTINCT id FROM ttrss_entries, ttrss_user_entries WHERE ref_id = id
-                                                                       AND owner_uid = $owner_uid AND score >= 0 AND unread = true AND $date_qpart AND $match_part AND $search_qpart) as tmp)");
+                                                                       AND owner_uid = ? AND score >= 0 AND unread = true AND $date_qpart AND $match_part AND $search_qpart) as tmp)");
+                                       $sth->execute([$owner_uid]);
                                }
 
                                if ($feed == -4) {
-                                       db_query("UPDATE ttrss_user_entries
+                                       $sth = $pdo->prepare("UPDATE ttrss_user_entries
                                                SET unread = false, last_read = NOW() WHERE ref_id IN
                                                        (SELECT id FROM
                                                                (SELECT DISTINCT id FROM ttrss_entries, ttrss_user_entries WHERE ref_id = id
-                                                                       AND owner_uid = $owner_uid AND unread = true AND $date_qpart AND $search_qpart) as tmp)");
+                                                                       AND owner_uid = ? AND unread = true AND $date_qpart AND $search_qpart) as tmp)");
+                                       $sth->execute([$owner_uid]);
                                }
 
                        } else if ($feed < LABEL_BASE_INDEX) { // label
 
-                               $label_id = feed_to_label_id($feed);
+                               $label_id = Labels::feed_to_label_id($feed);
 
-                               db_query("UPDATE ttrss_user_entries
+                               $sth = $pdo->prepare("UPDATE ttrss_user_entries
                                        SET unread = false, last_read = NOW() WHERE ref_id IN
                                                (SELECT id FROM
                                                        (SELECT DISTINCT ttrss_entries.id FROM ttrss_entries, ttrss_user_entries, ttrss_user_labels2 WHERE ref_id = id
-                                                               AND label_id = '$label_id' AND ref_id = article_id
-                                                               AND owner_uid = $owner_uid AND unread = true AND $date_qpart AND $search_qpart) as tmp)");
+                                                               AND label_id = ? AND ref_id = article_id
+                                                               AND owner_uid = ? AND unread = true AND $date_qpart AND $search_qpart) as tmp)");
+                               $sth->execute([$label_id, $owner_uid]);
 
                        }
 
                        CCache::update($feed, $owner_uid, $cat_view);
 
                } else { // tag
-                       db_query("UPDATE ttrss_user_entries
+                       $sth = $pdo->prepare("UPDATE ttrss_user_entries
                                SET unread = false, last_read = NOW() WHERE ref_id IN
                                        (SELECT id FROM
                                                (SELECT DISTINCT ttrss_entries.id FROM ttrss_entries, ttrss_user_entries, ttrss_tags WHERE ref_id = ttrss_entries.id
-                                                       AND post_int_id = int_id AND tag_name = '$feed'
-                                                       AND ttrss_user_entries.owner_uid = $owner_uid AND unread = true AND $date_qpart AND $search_qpart) as tmp)");
+                                                       AND post_int_id = int_id AND tag_name = ?
+                                                       AND ttrss_user_entries.owner_uid = ? AND unread = true AND $date_qpart AND $search_qpart) as tmp)");
+                       $sth->execute([$feed, $owner_uid]);
 
                }
        }
@@ -1435,7 +1460,7 @@ class Feeds extends Handler_Protected {
 
                } else if ($feed < LABEL_BASE_INDEX) {
 
-                       $label_id = feed_to_label_id($feed);
+                       $label_id = Labels::feed_to_label_id($feed);
 
                        return Feeds::getLabelUnread($label_id, $owner_uid);
 
@@ -1491,8 +1516,6 @@ class Feeds extends Handler_Protected {
                global $fetch_last_error;
                global $fetch_last_error_content;
 
-               require_once "include/rssfuncs.php";
-
                $url = fix_url($url);
 
                if (!$url || !validate_feed_url($url)) return array("code" => 2);
@@ -1533,7 +1556,6 @@ class Feeds extends Handler_Protected {
                        "SELECT id FROM ttrss_feeds
                        WHERE feed_url = '$url' AND owner_uid = ".$_SESSION["uid"]);
 
-               $auth_pass_encrypted = 'false';
                $auth_pass = db_escape_string($auth_pass);
 
                if (db_num_rows($result) == 0) {
@@ -1541,7 +1563,7 @@ class Feeds extends Handler_Protected {
                                "INSERT INTO ttrss_feeds
                                        (owner_uid,feed_url,title,cat_id, auth_login,auth_pass,update_method,auth_pass_encrypted)
                                VALUES ('".$_SESSION["uid"]."', '$url',
-                               '[Unknown]', $cat_qpart, '$auth_login', '$auth_pass', 0, $auth_pass_encrypted)");
+                               '[Unknown]', $cat_qpart, '$auth_login', '$auth_pass', 0, false)");
 
                        $result = db_query(
                                "SELECT id FROM ttrss_feeds WHERE feed_url = '$url'
@@ -1550,7 +1572,7 @@ class Feeds extends Handler_Protected {
                        $feed_id = db_fetch_result($result, 0, "id");
 
                        if ($feed_id) {
-                               set_basic_feed_info($feed_id);
+                               RSSUtils::set_basic_feed_info($feed_id);
                        }
 
                        return array("code" => 1, "feed_id" => (int) $feed_id);
@@ -1593,6 +1615,8 @@ class Feeds extends Handler_Protected {
        }
 
        static function getFeedTitle($id, $cat = false) {
+           $pdo = Db::pdo();
+
                if ($cat) {
                        return Feeds::getCategoryTitle($id);
                } else if ($id == -1) {
@@ -1608,21 +1632,29 @@ class Feeds extends Handler_Protected {
                } else if ($id == -6) {
                        return __("Recently read");
                } else if ($id < LABEL_BASE_INDEX) {
-                       $label_id = feed_to_label_id($id);
-                       $result = db_query("SELECT caption FROM ttrss_labels2 WHERE id = '$label_id'");
-                       if (db_num_rows($result) == 1) {
-                               return db_fetch_result($result, 0, "caption");
+
+                       $label_id = Labels::feed_to_label_id($id);
+
+                       $sth = $pdo->prepare("SELECT caption FROM ttrss_labels2 WHERE id = ?");
+                       $sth->execute([$label_id]);
+
+                       if ($row = $sth->fetch()) {
+                               return $row["caption"];
                        } else {
                                return "Unknown label ($label_id)";
                        }
 
                } else if (is_numeric($id) && $id > 0) {
-                       $result = db_query("SELECT title FROM ttrss_feeds WHERE id = '$id'");
-                       if (db_num_rows($result) == 1) {
-                               return db_fetch_result($result, 0, "title");
+
+                   $sth = $pdo->prepare("SELECT title FROM ttrss_feeds WHERE id = ?");
+                   $sth->execute([$id]);
+
+                   if ($row = $sth->fetch()) {
+                               return $row["title"];
                        } else {
                                return "Unknown feed ($id)";
                        }
+
                } else {
                        return $id;
                }
@@ -1931,7 +1963,7 @@ class Feeds extends Handler_Protected {
                        $query_strategy_part = "true";
                        $vfeed_query_part = "ttrss_feeds.title AS feed_title,";
                } else if ($feed <= LABEL_BASE_INDEX) { // labels
-                       $label_id = feed_to_label_id($feed);
+                       $label_id = Labels::feed_to_label_id($feed);
 
                        $query_strategy_part = "label_id = '$label_id' AND
                                        ttrss_labels2.id = ttrss_user_labels2.label_id AND
@@ -2184,5 +2216,18 @@ class Feeds extends Handler_Protected {
                return $rv;
        }
 
+       static function getFeedCategory($feed) {
+               $result = db_query("SELECT cat_id FROM ttrss_feeds
+                               WHERE id = '$feed'");
+
+               if (db_num_rows($result) > 0) {
+                       return db_fetch_result($result, 0, "cat_id");
+               } else {
+                       return false;
+               }
+
+       }
+
+
 }
 
web-based news feed (RSS/Atom) reader and aggregator; see https://tt-rss.org/