<?php\r
-class Feeds extends Protected_Handler {\r
+require_once "colors.php";\r
+\r
+class Feeds extends Handler_Protected {\r
\r
function csrf_ignore($method) {\r
$csrf_ignored = array("index");\r
return array_search($method, $csrf_ignored) !== false;\r
}\r
\r
+ private function make_gradient($end, $class) {\r
+ $start = $class == "even" ? "#f0f0f0" : "#ffffff";\r
+\r
+ return "style='background: linear-gradient(left , $start 6%, $end 100%);\r
+ background: -o-linear-gradient(left , $start 6%, $end 100%);\r
+ background: -moz-linear-gradient(left , $start 6%, $end 100%);\r
+ background: -webkit-linear-gradient(left , $start 6%, $end 100%);\r
+ background: -ms-linear-gradient(left , $start 6%, $end 100%);\r
+ background: -webkit-gradient(linear, left top, right top,\r
+ color-stop(0.06, $start), color-stop(1, $end));'";\r
+ }\r
+\r
private function format_headline_subtoolbar($feed_site_url, $feed_title,\r
$feed_id, $is_cat, $search, $match_on,\r
$search_mode, $view_mode, $error) {\r
// right part\r
\r
$reply .= "<span class='r'>";\r
+ $reply .= "<span id='feed_title'>";\r
\r
if ($feed_site_url) {\r
$target = "target=\"_blank\"";\r
$reply .= $feed_title;\r
}\r
\r
+ $reply .= "</span>";\r
+\r
$reply .= "\r
<a href=\"#\"\r
title=\"".__("View as RSS feed")."\"\r
\r
private function format_headlines_list($feed, $method, $view_mode, $limit, $cat_view,\r
$next_unread_feed, $offset, $vgr_last_feed = false,\r
- $override_order = false) {\r
+ $override_order = false, $include_children = false) {\r
\r
$disable_cache = false;\r
\r
\r
$method_split = explode(":", $method);\r
\r
- if ($method == "ForceUpdate" && $feed && is_numeric($feed) > 0) {\r
- include "rssfuncs.php";\r
- update_rss_feed($this->link, $feed, true);\r
+ if ($method == "ForceUpdate" && $feed > 0 && is_numeric($feed)) {\r
+ // Update the feed if required with some basic flood control\r
+\r
+ $result = db_query($this->link,\r
+ "SELECT cache_images,".SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated\r
+ FROM ttrss_feeds WHERE id = '$feed'");\r
+\r
+ if (db_num_rows($result) != 0) {\r
+ $last_updated = strtotime(db_fetch_result($result, 0, "last_updated"));\r
+ $cache_images = sql_bool_to_bool(db_fetch_result($result, 0, "cache_images"));\r
+\r
+ if (!$cache_images && time() - $last_updated > 120 || isset($_REQUEST['DevForceUpdate'])) {\r
+ include "rssfuncs.php";\r
+ update_rss_feed($this->link, $feed, true, true);\r
+ }\r
+ }\r
}\r
\r
if ($method_split[0] == "MarkAllReadGR") {\r
}\r
}\r
\r
- if (preg_match("/^-?[0-9][0-9]*$/", $feed) != false) {\r
+ if (is_numeric($feed) && $feed > 0) {\r
\r
$result = db_query($this->link, "SELECT rtl_content FROM ttrss_feeds\r
WHERE id = '$feed' AND owner_uid = " . $_SESSION["uid"]);\r
}\r
// error_log("search_mode: " . $search_mode);\r
$qfh_ret = queryFeedHeadlines($this->link, $feed, $limit, $view_mode, $cat_view,\r
- $search, $search_mode, $match_on, $override_order, $offset);\r
+ $search, $search_mode, $match_on, $override_order, $offset, 0,\r
+ false, 0, $include_children);\r
\r
if ($_REQUEST["debug"]) $timing_info = print_checkpoint("H1", $timing_info);\r
\r
if (get_pref($this->link, 'COMBINED_DISPLAY_MODE')) {\r
$button_plugins = array();\r
foreach (explode(",", ARTICLE_BUTTON_PLUGINS) as $p) {\r
- $pclass = trim("${p}_button");\r
+ $pclass = "button_" . trim($p);\r
\r
if (class_exists($pclass)) {\r
$plugin = new $pclass($link);\r
if ($_REQUEST["debug"]) $timing_info = print_checkpoint("PS", $timing_info);\r
\r
while ($line = db_fetch_assoc($result)) {\r
-\r
$class = ($lnum % 2) ? "even" : "odd";\r
\r
$id = $line["id"];\r
$feed_id = $line["feed_id"];\r
$label_cache = $line["label_cache"];\r
$labels = false;\r
+ $label_row_style = "";\r
\r
if ($label_cache) {\r
$label_cache = json_decode($label_cache, true);\r
\r
if (!is_array($labels)) $labels = get_article_labels($this->link, $id);\r
\r
+ if (count($labels) > 0) {\r
+ for ($i = 0; $i < min(4, count($labels)); $i++) {\r
+ $bg = rgb2hsl(_color_unpack($labels[$i][3]));\r
+\r
+ if ($bg && $bg[1] > 0) {\r
+ $bg[1] = 0.1;\r
+ $bg[2] = 1;\r
+\r
+ $bg = _color_pack(hsl2rgb($bg));\r
+ $label_row_style = $this->make_gradient($bg, $class);;\r
+\r
+ break;\r
+ }\r
+ }\r
+ }\r
+\r
$labels_str = "<span id=\"HLLCTR-$id\">";\r
$labels_str .= format_article_labels($labels, $id);\r
$labels_str .= "</span>";\r
$mouseover_attrs = "onmouseover='postMouseIn($id)'\r
onmouseout='postMouseOut($id)'";\r
\r
- $reply['content'] .= "<div class='$class' id='RROW-$id' $mouseover_attrs>";\r
+ $reply['content'] .= "<div class='$class' id='RROW-$id' $label_row_style $mouseover_attrs>";\r
\r
$reply['content'] .= "<div class='hlUpdPic'>$update_pic</div>";\r
\r
$mouseover_attrs = "onmouseover='postMouseIn($id)'\r
onmouseout='postMouseOut($id)'";\r
\r
- $reply['content'] .= "<div class=\"$class\"\r
+ $reply['content'] .= "<div class=\"$class\" $label_row_style\r
id=\"RROW-$id\" $mouseover_attrs'>";\r
\r
$reply['content'] .= "<div class=\"cdmHeader\">";\r
$reply['content'] .= "</div>";\r
\r
$reply['content'] .= "<div id=\"PTITLE-FULL-$id\" style=\"display : none\">" .\r
- strip_tags($line['title']) . "</div>";\r
+ htmlspecialchars(strip_tags($line['title'])) . "</div>";\r
\r
$reply['content'] .= "<span id=\"RTITLE-$id\"\r
onclick=\"return cdmClicked(event, $id);\"\r
title=\"".htmlspecialchars($line['title'])."\"\r
target=\"_blank\" href=\"".\r
htmlspecialchars($line["link"])."\">".\r
- truncate_string($line["title"], 100) .\r
+ $line["title"] .\r
" $entry_author</a>";\r
\r
$reply['content'] .= $labels_str;\r
$reply['content'] .= "</div>";\r
\r
$reply['content'] .= "<span id=\"CWRAP-$id\">";\r
- $reply['content'] .= $expand_cdm ? $article_content : '';\r
+ $reply['content'] .= $article_content;\r
$reply['content'] .= "</span>";\r
\r
/* $tmp_result = db_query($this->link, "SELECT always_display_enclosures FROM\r
\r
if ($num_comments > 0) {\r
if ($line["comments"]) {\r
- $comments_url = $line["comments"];\r
+ $comments_url = htmlspecialchars($line["comments"]);\r
} else {\r
- $comments_url = $line["link"];\r
+ $comments_url = htmlspecialchars($line["link"]);\r
}\r
$entry_comments = "<a target='_blank' href=\"$comments_url\">$num_comments comments</a>";\r
} else {\r
if ($line["comments"] && $line["link"] != $line["comments"]) {\r
- $entry_comments = "<a target='_blank' href=\"".$line["comments"]."\">comments</a>";\r
+ $entry_comments = "<a target='_blank' href=\"".htmlspecialchars($line["comments"])."\">comments</a>";\r
}\r
}\r
\r
toggle_collapse_cat($this->link, $cat_id, $mode);\r
}\r
\r
- function index() {\r
- $root = (bool)$_REQUEST["root"];\r
-\r
- if (!$root) {\r
- print json_encode($this->outputFeedList($this->link));\r
- } else {\r
-\r
- $feeds = $this->outputFeedList($this->link, false);\r
-\r
- $root = array();\r
- $root['id'] = 'root';\r
- $root['name'] = __('Feeds');\r
- $root['items'] = $feeds['items'];\r
-\r
- $fl = array();\r
- $fl['identifier'] = 'id';\r
- $fl['label'] = 'name';\r
- $fl['items'] = array($root);\r
-\r
- print json_encode($fl);\r
- }\r
- }\r
-\r
function view() {\r
$timing_info = getmicrotime();\r
\r
$method = db_escape_string($_REQUEST["m"]);\r
$view_mode = db_escape_string($_REQUEST["view_mode"]);\r
$limit = (int) get_pref($this->link, "DEFAULT_ARTICLE_LIMIT");\r
- @$cat_view = db_escape_string($_REQUEST["cat"]) == "true";\r
+ @$cat_view = $_REQUEST["cat"] == "true";\r
@$next_unread_feed = db_escape_string($_REQUEST["nuf"]);\r
@$offset = db_escape_string($_REQUEST["skip"]);\r
@$vgroup_last_feed = db_escape_string($_REQUEST["vgrlf"]);\r
set_pref($this->link, "_DEFAULT_VIEW_LIMIT", $limit);\r
set_pref($this->link, "_DEFAULT_VIEW_ORDER_BY", $order_by);\r
\r
- if (!$cat_view && preg_match("/^[0-9][0-9]*$/", $feed)) {\r
+ if (!$cat_view && is_numeric($feed) && $feed > 0) {\r
db_query($this->link, "UPDATE ttrss_feeds SET last_viewed = NOW()\r
WHERE id = '$feed' AND owner_uid = ".$_SESSION["uid"]);\r
}\r
\r
$ret = $this->format_headlines_list($feed, $method,\r
$view_mode, $limit, $cat_view, $next_unread_feed, $offset,\r
- $vgroup_last_feed, $override_order);\r
+ $vgroup_last_feed, $override_order, true);\r
\r
$topmost_article_ids = $ret[0];\r
$headlines_count = $ret[1];\r