$reply .= "<span class=\"main\">";
$reply .= "<span id='selected_prompt'></span>";
- $reply .= "<span class=\"sel_links\">
+ /*$reply .= "<span class=\"sel_links\">
<a href=\"#\" onclick=\"$sel_all_link\">".__('All')."</a>,
<a href=\"#\" onclick=\"$sel_unread_link\">".__('Unread')."</a>,
<a href=\"#\" onclick=\"$sel_inv_link\">".__('Invert')."</a>,
<a href=\"#\" onclick=\"$sel_none_link\">".__('None')."</a></li>";
- $reply .= "</span> ";
+ $reply .= "</span> "; */
$reply .= "<select dojoType=\"dijit.form.Select\"
onchange=\"headlineActionsChange(this)\">";
- $reply .= "<option value=\"false\">".__('More...')."</option>";
+
+ $reply .= "<option value=\"0\" disabled='1'>".__('Select...')."</option>";
+
+ $reply .= "<option value=\"$sel_all_link\">".__('All')."</option>";
+ $reply .= "<option value=\"$sel_unread_link\">".__('Unread')."</option>";
+ $reply .= "<option value=\"$sel_inv_link\">".__('Invert')."</option>";
+ $reply .= "<option value=\"$sel_none_link\">".__('None')."</option>";
$reply .= "<option value=\"0\" disabled=\"1\">".__('Selection toggle:')."</option>";
if ($method == "ForceUpdate" && $feed > 0 && is_numeric($feed)) {
// Update the feed if required with some basic flood control
- $result = $this->dbh->query(
- "SELECT cache_images,".SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated
- FROM ttrss_feeds WHERE id = '$feed'");
+ $any_needs_curl = false;
+
+ if (ini_get("open_basedir")) {
+ $pluginhost = PluginHost::getInstance();
+ foreach ($pluginhost->get_plugins() as $plugin) {
+ $flags = $plugin->flags();
+
+ if (isset($flags["needs_curl"]) && $flags["needs_curl"]) {
+ $any_needs_curl = true;
+ break;
+ }
+ }
+ }
+
+ //if ($_REQUEST["debug"]) print "<!-- any_needs_curl: $any_needs_curl -->";
+
+ if (!$any_needs_curl) {
+
+ $result = $this->dbh->query(
+ "SELECT cache_images," . SUBSTRING_FOR_DATE . "(last_updated,1,19) AS last_updated
+ FROM ttrss_feeds WHERE id = '$feed'");
if ($this->dbh->num_rows($result) != 0) {
$last_updated = strtotime($this->dbh->fetch_result($result, 0, "last_updated"));
update_rss_feed($feed, true, true);
} else {
$this->dbh->query("UPDATE ttrss_feeds SET last_updated = '1970-01-01', last_update_started = '1970-01-01'
- WHERE id = '$feed'");
+ WHERE id = '$feed'");
}
}
+ } else {
+ $this->dbh->query("UPDATE ttrss_feeds SET last_updated = '1970-01-01', last_update_started = '1970-01-01'
+ WHERE id = '$feed'");
+ }
}
if ($method_split[0] == "MarkAllReadGR") {
alt=\"Publish article\" onclick='togglePub($id)'>";
}
-# $content_link = "<a target=\"_blank\" href=\"".$line["link"]."\">" .
+# $content_link = "<a target=\"_blank\" rel=\"noopener noreferrer\" href=\"".$line["link"]."\">" .
# $line["title"] . "</a>";
# $content_link = "<a
$vf_catchup_link = "<a class='catchup' onclick='catchupFeedInGroup($feed_id);' href='#'>".__('mark feed as read')."</a>";
- $reply['content'] .= "<div id='FTITLE-$feed_id' class='cdmFeedTitle'>".
+ $reply['content'] .= "<div data-feed-id='$feed_id' id='FTITLE-$feed_id' class='cdmFeedTitle'>".
"<div style='float : right'>$feed_icon_img</div>".
"<a class='title' href=\"#\" onclick=\"viewfeed({feed:$feed_id})\">".
$line["feed_title"]."</a>
$mouseover_attrs = "onmouseover='postMouseIn(event, $id)'
onmouseout='postMouseOut($id)'";
- $reply['content'] .= "<div class='hl $class' orig-feed-id='$feed_id' id='RROW-$id' $mouseover_attrs>";
+ $reply['content'] .= "<div class='hl hlMenuAttach $class' data-orig-feed-id='$feed_id' data-article-id='$id' id='RROW-$id' $mouseover_attrs>";
$reply['content'] .= "<div class='hlLeft'>";
//$feed_icon_img = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\" alt=\"\">";
}
- $reply['content'] .= "<div id='FTITLE-$feed_id' class='cdmFeedTitle'>".
+ $reply['content'] .= "<div data-feed-id='$feed_id' id='FTITLE-$feed_id' class='cdmFeedTitle'>".
"<div style=\"float : right\">$feed_icon_img</div>".
"<a href=\"#\" class='title' onclick=\"viewfeed({feed:$feed_id})\">".
$line["feed_title"]."</a> $vf_catchup_link</div>";
$expanded_class = $expand_cdm ? "expanded" : "expandable";
$reply['content'] .= "<div class=\"cdm $hlc_suffix $expanded_class $class\"
- id=\"RROW-$id\" orig-feed-id='$feed_id' $mouseover_attrs>";
+ id=\"RROW-$id\" data-article-id='$id' data-orig-feed-id='$feed_id' $mouseover_attrs>";
$reply['content'] .= "<div class=\"cdmHeader\">";
$reply['content'] .= "<div style=\"vertical-align : middle\">";
$reply['content'] .= "<span id=\"RTITLE-$id\"
onclick=\"return cdmClicked(event, $id);\"
- class=\"titleWrap $hlc_suffix\">
+ class=\"titleWrap hlMenuAttach $hlc_suffix\">
<a class=\"title $hlc_suffix\"
title=\"".htmlspecialchars($line["title"])."\"
- target=\"_blank\" href=\"".
+ target=\"_blank\" rel=\"noopener noreferrer\" href=\"".
htmlspecialchars($line["link"])."\">".
$line["title"] .
"</a> <span class=\"author\">$entry_author</span>";
if ($line["orig_feed_id"]) {
$tmp_result = $this->dbh->query("SELECT * FROM ttrss_archived_feeds
- WHERE id = ".$line["orig_feed_id"]);
+ WHERE id = ".$line["orig_feed_id"] . " AND owner_uid = " . $_SESSION["uid"]);
if ($this->dbh->num_rows($tmp_result) != 0) {
$tmp_line = $this->dbh->fetch_assoc($tmp_result);
- $reply['content'] .= "<a target='_blank'
+ $reply['content'] .= "<a target='_blank' rel='noopener noreferrer'
href=' " . htmlspecialchars($tmp_line['site_url']) . "'>" .
$tmp_line['title'] . "</a>";
$reply['content'] .= " ";
- $reply['content'] .= "<a target='_blank' href='" . htmlspecialchars($tmp_line['feed_url']) . "'>";
+ $reply['content'] .= "<a target='_blank' rel='noopener noreferrer' href='" . htmlspecialchars($tmp_line['feed_url']) . "'>";
$reply['content'] .= "<img title='".__('Feed URL')."'class='tinyFeedIcon' src='images/pub_unset.png'></a>";
$reply['content'] .= "</div>";
$reply['content'] .= "<span id=\"CWRAP-$id\">";
-// if (!$expand_cdm) {
- $reply['content'] .= "<span id=\"CENCW-$id\" style=\"display : none\">";
- $reply['content'] .= htmlspecialchars($line["content"]);
- $reply['content'] .= "</span.";
-
-// } else {
-// $reply['content'] .= $line["content"];
-// }
+ $reply['content'] .= "<span id=\"CENCW-$id\" class=\"cencw\" style=\"display : none\">";
+ $reply['content'] .= htmlspecialchars($line["content"]);
+ $reply['content'] .= "</span>";
$reply['content'] .= "</span>";
<a title=\"".__('Edit tags for this article')."\"
href=\"#\" onclick=\"editArticleTags($id)\">(+)</a>";
- $num_comments = $line["num_comments"];
+ $num_comments = (int) $line["num_comments"];
$entry_comments = "";
if ($num_comments > 0) {
$comments_url = htmlspecialchars($line["link"]);
}
$entry_comments = "<a class=\"postComments\"
- target='_blank' href=\"$comments_url\">$num_comments ".
+ target='_blank' rel='noopener noreferrer' href=\"$comments_url\">$num_comments ".
_ngettext("comment", "comments", $num_comments)."</a>";
} else {
if ($line["comments"] && $line["link"] != $line["comments"]) {
- $entry_comments = "<a class=\"postComments\" target='_blank' href=\"".htmlspecialchars($line["comments"])."\">".__("comments")."</a>";
+ $entry_comments = "<a class=\"postComments\" target='_blank' rel='noopener noreferrer' href=\"".htmlspecialchars($line["comments"])."\">".__("comments")."</a>";
}
}
}
function quickAddFeed() {
- print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"op\" value=\"rpc\">";
- print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"method\" value=\"addfeed\">";
+ print_hidden("op", "rpc");
+ print_hidden("method", "addfeed");
+
+ print "<div id='fadd_error_message' style='display : none' class='alert alert-danger'></div>";
print "<div id='fadd_multiple_notify' style='display : none'>";
print_notice("Provided URL is a HTML page referencing multiple feeds, please select required feed from the dropdown menu below.");
" <input dojoType=\"dijit.form.TextBox\" name='login'\"
placeHolder=\"".__("Login")."\"
+ autocomplete=\"new-password\"
style=\"width : 10em;\"> ".
" <input
placeHolder=\"".__("Password")."\"
dojoType=\"dijit.form.TextBox\" type='password'
+ autocomplete=\"new-password\"
style=\"width : 10em;\" name='pass'\">
</div></div>";
$browser_search = $this->dbh->escape_string($_REQUEST["search"]);
- print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"op\" value=\"rpc\">";
- print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"method\" value=\"updateFeedBrowser\">";
+ print_hidden("op", "rpc");
+ print_hidden("method", "updateFeedBrowser");
print "<div dojoType=\"dijit.Toolbar\">
<div style='float : right'>