<?php
-class RPC extends Protected_Handler {
+class RPC extends Handler_Protected {
function csrf_ignore($method) {
- $csrf_ignored = array("sanitycheck", "buttonplugin", "exportget");
+ $csrf_ignored = array("sanitycheck", "buttonplugin", "exportget", "completelabels");
return array_search($method, $csrf_ignored) !== false;
}
print json_encode(array("result" => $rc));
}
- function extractfeedurls() {
- $urls = get_feeds_from_html($_REQUEST['url']);
-
- print json_encode(array("urls" => $urls));
- }
-
function togglepref() {
$key = db_escape_string($_REQUEST["key"]);
set_pref($this->link, $key, !get_pref($this->link, $key));
}
function setpref() {
+ // set_pref escapes input, so no need to double escape it here
+ $key = $_REQUEST['key'];
$value = str_replace("\n", "<br/>", $_REQUEST['value']);
- $key = db_escape_string($_REQUEST["key"]);
- $value = db_escape_string($value);
-
- set_pref($this->link, $key, $value);
+ set_pref($this->link, $key, $value, $_SESSION['uid'], $key != 'USER_STYLESHEET');
print json_encode(array("param" =>$key, "value" => $value));
}
}
$result = db_query($this->link, "UPDATE ttrss_user_entries SET
- published = $pub
+ published = $pub, last_read = NOW()
WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
$pubsub_result = false;
}
function setArticleTags() {
- global $memcache;
$id = db_escape_string($_REQUEST["id"]);
db_query($this->link, "COMMIT");
- if ($memcache) {
- $obj_id = md5("TAGS:".$_SESSION["uid"].":$id");
- $memcache->delete($obj_id);
- }
-
$tags = get_article_tags($this->link, $id);
$tags_str = format_tags_string($tags, $id);
$tags_str_full = join(", ", $tags);
print json_encode(array("link" => $new_link));
}
+ function completeLabels() {
+ $search = db_escape_string($_REQUEST["search"]);
+
+ $result = db_query($this->link, "SELECT DISTINCT caption FROM
+ ttrss_labels2
+ WHERE owner_uid = '".$_SESSION["uid"]."' AND
+ LOWER(caption) LIKE LOWER('$search%') ORDER BY caption
+ LIMIT 5");
+
+ print "<ul>";
+ while ($line = db_fetch_assoc($result)) {
+ print "<li>" . $line["caption"] . "</li>";
+ }
+ print "</ul>";
+ }
+
+
function completeTags() {
$search = db_escape_string($_REQUEST["search"]);
function catchupFeed() {
$feed_id = db_escape_string($_REQUEST['feed_id']);
$is_cat = db_escape_string($_REQUEST['is_cat']) == "true";
+ $max_id = (int) db_escape_string($_REQUEST['max_id']);
- catchup_feed($this->link, $feed_id, $is_cat);
+ catchup_feed($this->link, $feed_id, $is_cat, false, $max_id);
print json_encode(array("message" => "UPDATE_COUNTERS"));
}
return;
}
-
function verifyRegexp() {
$reg_exp = $_REQUEST["reg_exp"];
print json_encode(array("status" => $status));
}
- // TODO: unify with digest-get-contents?
- function cdmGetArticle() {
- $ids = array(db_escape_string($_REQUEST["id"]));
- $cids = explode(",", $_REQUEST["cids"]);
-
- $ids = array_merge($ids, $cids);
-
- $rv = array();
-
- foreach ($ids as $id) {
- $id = (int)$id;
-
- $result = db_query($this->link, "SELECT content,
- ttrss_feeds.site_url AS site_url FROM ttrss_user_entries, ttrss_feeds,
- ttrss_entries
- WHERE feed_id = ttrss_feeds.id AND ref_id = '$id' AND
- ttrss_entries.id = ref_id AND
- ttrss_user_entries.owner_uid = ".$_SESSION["uid"]);
-
- if (db_num_rows($result) != 0) {
- $line = db_fetch_assoc($result);
-
- $article_content = sanitize($this->link, $line["content"],
- false, false, $line['site_url']);
+ /* function buttonPlugin() {
+ $pclass = "button_" . basename($_REQUEST['plugin']);
+ $method = $_REQUEST['plugin_method'];
- array_push($rv,
- array("id" => $id, "content" => $article_content));
+ if (class_exists($pclass)) {
+ $plugin = new $pclass($this->link);
+ if (method_exists($plugin, $method)) {
+ return $plugin->$method();
}
}
+ } */
- print json_encode($rv);
- }
+ function genHash() {
+ $hash = sha1(uniqid(rand(), true));
- function scheduleFeedUpdate() {
- $feed_id = db_escape_string($_REQUEST["id"]);
- $is_cat = db_escape_string($_REQUEST['is_cat']) == 'true';
+ print json_encode(array("hash" => $hash));
+ }
- $message = __("Your request could not be completed.");
+ function batchAddFeeds() {
+ $cat_id = db_escape_string($_REQUEST['cat']);
+ $feeds = explode("\n", db_escape_string($_REQUEST['feeds']));
+ $login = db_escape_string($_REQUEST['login']);
+ $pass = db_escape_string($_REQUEST['pass']);
+ $need_auth = db_escape_string($_REQUEST['need_auth']) != "";
- if ($feed_id >= 0) {
- if (!$is_cat) {
- $message = __("Feed update has been scheduled.");
+ foreach ($feeds as $feed) {
+ $feed = trim($feed);
- db_query($this->link, "UPDATE ttrss_feeds SET
- last_update_started = '1970-01-01',
- last_updated = '1970-01-01' WHERE id = '$feed_id' AND
- owner_uid = ".$_SESSION["uid"]);
+ if (validate_feed_url($feed)) {
- } else {
- $message = __("Category update has been scheduled.");
+ db_query($this->link, "BEGIN");
- if ($feed_id)
- $cat_query = "cat_id = '$feed_id'";
- else
- $cat_query = "cat_id IS NULL";
+ $update_method = 0;
- db_query($this->link, "UPDATE ttrss_feeds SET
- last_update_started = '1970-01-01',
- last_updated = '1970-01-01' WHERE $cat_query AND
- owner_uid = ".$_SESSION["uid"]);
- }
- } else {
- $message = __("Can't update this kind of feed.");
- }
+ if ($cat_id == "0" || !$cat_id) {
+ $cat_qpart = "NULL";
+ } else {
+ $cat_qpart = "'$cat_id'";
+ }
- print json_encode(array("message" => $message));
- return;
- }
+ $result = db_query($this->link,
+ "SELECT id FROM ttrss_feeds
+ WHERE feed_url = '$feed' AND owner_uid = ".$_SESSION["uid"]);
- function buttonPlugin() {
- $pclass = basename($_REQUEST['plugin']) . "_button";
- $method = $_REQUEST['plugin_method'];
+ if (db_num_rows($result) == 0) {
+ $result = db_query($this->link,
+ "INSERT INTO ttrss_feeds
+ (owner_uid,feed_url,title,cat_id,auth_login,auth_pass,update_method)
+ VALUES ('".$_SESSION["uid"]."', '$feed',
+ '[Unknown]', $cat_qpart, '$login', '$pass', '$update_method')");
+ }
- if (class_exists($pclass)) {
- $plugin = new $pclass($this->link);
- if (method_exists($plugin, $method)) {
- return $plugin->$method();
+ db_query($this->link, "COMMIT");
}
}
}
- function genHash() {
- $hash = sha1(uniqid(rand(), true));
+ function setScore() {
+ $ids = db_escape_string($_REQUEST['id']);
+ $score = (int)db_escape_string($_REQUEST['score']);
- print json_encode(array("hash" => $hash));
+ db_query($this->link, "UPDATE ttrss_user_entries SET
+ score = '$score' WHERE ref_id IN ($ids) AND owner_uid = " . $_SESSION["uid"]);
+
+ print json_encode(array("id" => $id,
+ "score_pic" => theme_image($link, get_score_pic($score))));
}
+
}
?>
git.wh0rd.org / tt-rss.git / blobdiff