break;
}
- /*$qfh_ret = queryFeedHeadlines($feed,
- 1, $view_mode, $is_cat, $search, false,
- $date_sort_field, $offset, $owner_uid,
- false, 0, true, true, false, false, $start_ts);*/
-
- //function queryFeedHeadlines($feed,
- // $limit, $view_mode, $cat_view, $search, $search_mode,
- // $override_order = false, $offset = 0, $owner_uid = 0,
- // $filter = false, $since_id = 0, $include_children = false, $ignore_vfeed_group = false, $override_strategy = false, $override_vfeed = false, $start_ts = false, $check_top_id = false) {
-
$params = array(
"owner_uid" => $owner_uid,
"feed" => $feed,
"start_ts" => $start_ts
);
- $qfh_ret = queryFeedHeadlines($params);
+ $qfh_ret = Feeds::queryFeedHeadlines($params);
$result = $qfh_ret[0];
header("Last-Modified: $last_modified", true);
}
- /*$qfh_ret = queryFeedHeadlines($feed,
- $limit, $view_mode, $is_cat, $search, false,
- $date_sort_field, $offset, $owner_uid,
- false, 0, true, true, false, false, $start_ts);*/
-
$params = array(
"owner_uid" => $owner_uid,
"feed" => $feed,
"start_ts" => $start_ts
);
- $qfh_ret = queryFeedHeadlines($params);
+ $qfh_ret = Feeds::queryFeedHeadlines($params);
$result = $qfh_ret[0];
$feed_title = htmlspecialchars($qfh_ret[1]);
$tpl->setVariable('SELF_URL', htmlspecialchars(get_self_url_prefix()), true);
while ($line = $this->dbh->fetch_assoc($result)) {
- $line["content_preview"] = truncate_string(strip_tags($line["content"]), 100, '...');
+ $line["content_preview"] = sanitize(truncate_string(strip_tags($line["content"]), 100, '...'));
foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_QUERY_HEADLINES) as $p) {
$line = $p->hook_query_headlines($line);
$tpl->setVariable('ARTICLE_SOURCE_LINK', htmlspecialchars($line['site_url'] ? $line["site_url"] : get_self_url_prefix()), true);
$tpl->setVariable('ARTICLE_SOURCE_TITLE', htmlspecialchars($line['feed_title'] ? $line['feed_title'] : $feed_title), true);
- $tags = get_article_tags($line["id"], $owner_uid);
+ $tags = Article::get_article_tags($line["id"], $owner_uid);
foreach ($tags as $tag) {
$tpl->setVariable('ARTICLE_CATEGORY', htmlspecialchars($tag), true);
$tpl->addBlock('category');
}
- $enclosures = get_article_enclosures($line["id"]);
+ $enclosures = Article::get_article_enclosures($line["id"]);
foreach ($enclosures as $e) {
$type = htmlspecialchars($e['content_type']);
while ($line = $this->dbh->fetch_assoc($result)) {
- $line["content_preview"] = truncate_string(strip_tags($line["content_preview"]), 100, '...');
+ $line["content_preview"] = sanitize(truncate_string(strip_tags($line["content_preview"]), 100, '...'));
foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_QUERY_HEADLINES) as $p) {
$line = $p->hook_query_headlines($line, 100);
if ($line['note']) $article['note'] = $line['note'];
if ($article['author']) $article['author'] = $line['author'];
- $tags = get_article_tags($line["id"], $owner_uid);
+ $tags = Article::get_article_tags($line["id"], $owner_uid);
if (count($tags) > 0) {
$article['tags'] = array();
}
}
- $enclosures = get_article_enclosures($line["id"]);
+ $enclosures = Article::get_article_enclosures($line["id"]);
if (count($enclosures) > 0) {
$article['enclosures'] = array();
if ($this->dbh->num_rows($result) == 1) {
$uid = $this->dbh->fetch_result($result, 0, "id");
- print getGlobalUnread($uid);
+ print Feeds::getGlobalUnread($uid);
if ($fresh) {
print ";";
- print getFeedArticles(-3, false, true, $uid);
+ print Feeds::getFeedArticles(-3, false, true, $uid);
}
} else {
$id = $this->dbh->fetch_result($result, 0, "ref_id");
$owner_uid = $this->dbh->fetch_result($result, 0, "owner_uid");
- $article = format_article($id, false, true, $owner_uid);
+ $article = Article::format_article($id, false, true, $owner_uid);
print_r($article['content']);
alt=\"Tiny Tiny RSS\"/>
<h1>".__("Subscribe to feed...")."</h1><div class='content'>";
- $rc = subscribe_to_feed($feed_url);
+ $rc = Feeds::subscribe_to_feed($feed_url);
switch ($rc['code']) {
case 0:
for ($i = $updater->getSchemaVersion() + 1; $i <= SCHEMA_VERSION; $i++) {
print "<li>Performing update up to version $i...";
- $result = $updater->performUpdateTo($i);
+ $result = $updater->performUpdateTo($i, true);
if (!$result) {
print "<span class='err'>FAILED!</span></li></ul>";
<input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
</form>";
- break;
+ return;
} else {
print "<span class='ok'>OK!</span></li>";
}
<?php
}
- function cached_image() {
+ function cached_url() {
@$hash = basename($_GET['hash']);
+ // we don't need an extension to find the file, hash is a complete URL
+ $hash = preg_replace("/\.[^\.]*$/", "", $hash);
+
if ($hash) {
- $filename = CACHE_DIR . '/images/' . $hash . '.png';
+ $filename = CACHE_DIR . '/images/' . $hash;
if (file_exists($filename)) {
+ header("Content-Disposition: inline; filename=\"$hash\"");
+ $mimetype = mime_content_type($filename);
+
/* See if we can use X-Sendfile */
$xsendfile = false;
if (function_exists('apache_get_modules') &&
if ($xsendfile) {
header("X-Sendfile: $filename");
- header("Content-type: application/octet-stream");
- header('Content-Disposition: attachment; filename="' . basename($filename) . '"');
+ header("Content-type: $mimetype");
+ header('Content-Disposition: inline; filename="' . basename($filename) . '"');
} else {
- header("Content-type: image/png");
+ header("Content-type: $mimetype");
$stamp = gmdate("D, d M Y H:i:s", filemtime($filename)). " GMT";
header("Last-Modified: $stamp", true);
readfile($filename);
return "tag:" . parse_url(get_self_url_prefix(), PHP_URL_HOST) . ",$timestamp:/$id";
}
+
+ // this should be used very carefully because this endpoint is exposed to unauthenticated users
+ // plugin data is not loaded because there's no user context and owner_uid/session may or may not be available
+ // in general, don't do anything user-related in here and do not modify $_SESSION
+ public function pluginhandler() {
+ $host = new PluginHost();
+
+ $plugin = basename($_REQUEST["plugin"]);
+ $method = $_REQUEST["pmethod"];
+
+ $host->load($plugin, PluginHost::KIND_USER, 0);
+ $host->load_data();
+
+ $pclass = $host->get_plugin($plugin);
+
+ if ($pclass) {
+ if (method_exists($pclass, $method)) {
+ if ($pclass->is_public_method($method)) {
+ $pclass->$method();
+ } else {
+ header("Content-Type: text/json");
+ print error_json(6);
+ }
+ } else {
+ header("Content-Type: text/json");
+ print error_json(13);
+ }
+ } else {
+ header("Content-Type: text/json");
+ print error_json(14);
+ }
+ }
}
-?>
+?>
\ No newline at end of file