Report failed login attemps using user_error

[tt-rss.git] / classes / handler / public.php

diff --git a/classes/handler/public.php b/classes/handler/public.php
index 3e868d56e8e111d475527f9ae23828ab7d9b4ef7..f67c4fb9aca72a1864b0651f518e6e1dfca5b16a 100644 (file)
--- a/classes/handler/public.php
+++ b/classes/handler/public.php
@@ -3,7 +3,7 @@ class Handler_Public extends Handler {
 
        private function generate_syndicated_feed($owner_uid, $feed, $is_cat,
                $limit, $offset, $search, $search_mode,
-               $view_mode = false, $format = 'atom') {
+               $view_mode = false, $format = 'atom', $order = false) {
 
                require_once "lib/MiniTemplator.class.php";
 
@@ -21,6 +21,18 @@ class Handler_Public extends Handler {
                else if ($feed == -1)
                        $date_sort_field = "last_marked DESC";
 
+               switch ($order) {
+               case "title":
+                       $date_sort_field = "ttrss_entries.title";
+                       break;
+               case "date_reverse":
+                       $date_sort_field = "date_entered, updated";
+                       break;
+               case "feed_dates":
+                       $date_sort_field = "updated DESC";
+                       break;
+               }
+
                $qfh_ret = queryFeedHeadlines($feed,
                        1, $view_mode, $is_cat, $search, $search_mode,
                        $date_sort_field, $offset, $owner_uid,
@@ -98,6 +110,8 @@ class Handler_Public extends Handler {
                                        date(DATE_RFC822, strtotime($line["updated"])), true);
 
                                $tpl->setVariable('ARTICLE_AUTHOR', htmlspecialchars($line['author']), true);
+                               
+                               $tpl->setVariable('ARTICLE_SOURCE_TITLE', htmlspecialchars($line['feed_title']), true);
 
                                $tags = get_article_tags($line["id"], $owner_uid);
 
@@ -225,7 +239,7 @@ class Handler_Public extends Handler {
        function getProfiles() {
                $login = $this->dbh->escape_string($_REQUEST["login"]);
 
-               $result = $this->dbh->query("SELECT * FROM ttrss_settings_profiles,ttrss_users
+               $result = $this->dbh->query("SELECT ttrss_settings_profiles.* FROM ttrss_settings_profiles,ttrss_users
                        WHERE ttrss_users.id = ttrss_settings_profiles.owner_uid AND login = '$login' ORDER BY title");
 
                print "<select dojoType='dijit.form.Select' style='width : 220px; margin : 0px' name='profile'>";
@@ -337,6 +351,7 @@ class Handler_Public extends Handler {
                $search = $this->dbh->escape_string($_REQUEST["q"]);
                $search_mode = $this->dbh->escape_string($_REQUEST["smode"]);
                $view_mode = $this->dbh->escape_string($_REQUEST["view-mode"]);
+               $order = $this->dbh->escape_string($_REQUEST["order"]);
 
                $format = $this->dbh->escape_string($_REQUEST['format']);
 
@@ -358,7 +373,7 @@ class Handler_Public extends Handler {
 
                if ($owner_id) {
                        $this->generate_syndicated_feed($owner_id, $feed, $is_cat, $limit,
-                               $offset, $search, $search_mode, $view_mode, $format);
+                               $offset, $search, $search_mode, $view_mode, $format, $order);
                } else {
                        header('HTTP/1.1 403 Forbidden');
                }
@@ -530,6 +545,7 @@ class Handler_Public extends Handler {
                                }
                        } else {
                                $_SESSION["login_error_msg"] = __("Incorrect username or password");
+                               user_error("Failed login attempt from {$_SERVER['REMOTE_ADDR']}", E_USER_WARNING);
                        }
 
                        if ($_REQUEST['return']) {
@@ -732,6 +748,8 @@ class Handler_Public extends Handler {
        }
 
        function forgotpass() {
+               startup_gettext();
+
                header('Content-Type: text/html; charset=utf-8');
                print "<html><head><title>Tiny Tiny RSS</title>";
 
@@ -825,6 +843,8 @@ class Handler_Public extends Handler {
        }
 
        function dbupdate() {
+               startup_gettext();
+
                if (!SINGLE_USER_MODE && $_SESSION["access_level"] < 10) {
                        $_SESSION["login_error_msg"] = __("Your access level is insufficient to run this script.");
                        render_login_form();