]> git.wh0rd.org - tt-rss.git/blobdiff - classes/rpc.php
git.wh0rd.org / tt-rss.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
move digest to a separate plugin
[tt-rss.git] / classes / rpc.php
diff --git a/classes/rpc.php b/classes/rpc.php
index c6fc8c26321e137ff66fbe6978476842fcc469bf..4e08c3dc7f91e1953979f496dfa4a0299fca1465 100644 (file)
--- a/classes/rpc.php
+++ b/classes/rpc.php
@@ -1,5 +1,11 @@
 <?php
-class RPC extends Protected_Handler {
+class RPC extends Handler_Protected {
+
+       function csrf_ignore($method) {
+               $csrf_ignored = array("sanitycheck", "buttonplugin", "exportget", "completelabels");
+
+               return array_search($method, $csrf_ignored) !== false;
+       }
 
        function setprofile() {
                $id = db_escape_string($_REQUEST["id"]);
@@ -8,6 +14,89 @@ class RPC extends Protected_Handler {
                $_SESSION["prefs_cache"] = array();
        }
 
+       function exportget() {
+               $exportname = CACHE_DIR . "/export/" .
+                       sha1($_SESSION['uid'] . $_SESSION['login']) . ".xml";
+
+               if (file_exists($exportname)) {
+                       header("Content-type: text/xml");
+
+                       if (function_exists('gzencode')) {
+                               header("Content-Disposition: attachment; filename=TinyTinyRSS_exported.xml.gz");
+                               echo gzencode(file_get_contents($exportname));
+                       } else {
+                               header("Content-Disposition: attachment; filename=TinyTinyRSS_exported.xml");
+                               echo file_get_contents($exportname);
+                       }
+               } else {
+                       echo "File not found.";
+               }
+       }
+
+       function exportrun() {
+               $offset = (int) db_escape_string($_REQUEST['offset']);
+               $exported = 0;
+               $limit = 250;
+
+               if ($offset < 10000 && is_writable(CACHE_DIR . "/export")) {
+                       $result = db_query($this->link, "SELECT
+                                       ttrss_entries.guid,
+                                       ttrss_entries.title,
+                                       content,
+                                       marked,
+                                       published,
+                                       score,
+                                       note,
+                                       link,
+                                       tag_cache,
+                                       label_cache,
+                                       ttrss_feeds.title AS feed_title,
+                                       ttrss_feeds.feed_url AS feed_url,
+                                       ttrss_entries.updated
+                               FROM
+                                       ttrss_user_entries LEFT JOIN ttrss_feeds ON (ttrss_feeds.id = feed_id),
+                                       ttrss_entries
+                               WHERE
+                                       (marked = true OR feed_id IS NULL) AND
+                                       ref_id = ttrss_entries.id AND
+                                       ttrss_user_entries.owner_uid = " . $_SESSION['uid'] . "
+                               ORDER BY ttrss_entries.id LIMIT $limit OFFSET $offset");
+
+                       $exportname = sha1($_SESSION['uid'] . $_SESSION['login']);
+
+                       if ($offset == 0) {
+                               $fp = fopen(CACHE_DIR . "/export/$exportname.xml", "w");
+                               fputs($fp, "<articles schema-version=\"".SCHEMA_VERSION."\">");
+                       } else {
+                               $fp = fopen(CACHE_DIR . "/export/$exportname.xml", "a");
+                       }
+
+                       if ($fp) {
+
+                               while ($line = db_fetch_assoc($result)) {
+                                       fputs($fp, "<article>");
+
+                                       foreach ($line as $k => $v) {
+                                               fputs($fp, "<$k><![CDATA[$v]]></$k>");
+                                       }
+
+                                       fputs($fp, "</article>");
+                               }
+
+                               $exported = db_num_rows($result);
+
+                               if ($exported < $limit && $exported > 0) {
+                                       fputs($fp, "</articles>");
+                               }
+
+                               fclose($fp);
+                       }
+
+               }
+
+               print json_encode(array("exported" => $exported));
+       }
+
        function remprofiles() {
                $ids = explode(",", db_escape_string(trim($_REQUEST["ids"])));
 
@@ -99,18 +188,13 @@ class RPC extends Protected_Handler {
                $cat = db_escape_string($_REQUEST['cat']);
                $login = db_escape_string($_REQUEST['login']);
                $pass = db_escape_string($_REQUEST['pass']);
+               $need_auth = db_escape_string($_REQUEST['need_auth']) != "";
 
-               $rc = subscribe_to_feed($this->link, $feed, $cat, $login, $pass);
+               $rc = subscribe_to_feed($this->link, $feed, $cat, $login, $pass, $need_auth);
 
                print json_encode(array("result" => $rc));
        }
 
-       function extractfeedurls() {
-               $urls = get_feeds_from_html($_REQUEST['url']);
-
-               print json_encode(array("urls" => $urls));
-       }
-
        function togglepref() {
                $key = db_escape_string($_REQUEST["key"]);
                set_pref($this->link, $key, !get_pref($this->link, $key));
@@ -120,12 +204,11 @@ class RPC extends Protected_Handler {
        }
 
        function setpref() {
+               // set_pref escapes input, so no need to double escape it here
+               $key = $_REQUEST['key'];
                $value = str_replace("\n", "<br/>", $_REQUEST['value']);
 
-               $key = db_escape_string($_REQUEST["key"]);
-               $value = db_escape_string($value);
-
-               set_pref($this->link, $key, $value);
+               set_pref($this->link, $key, $value, $_SESSION['uid'], $key != 'USER_STYLESHEET');
 
                print json_encode(array("param" =>$key, "value" => $value));
        }
@@ -187,7 +270,7 @@ class RPC extends Protected_Handler {
                }
 
                $result = db_query($this->link, "UPDATE ttrss_user_entries SET
-                       published = $pub
+                       published = $pub, last_read = NOW()
                        WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 
                $pubsub_result = false;
@@ -271,7 +354,6 @@ class RPC extends Protected_Handler {
        }
 
        function setArticleTags() {
-               global $memcache;
 
                $id = db_escape_string($_REQUEST["id"]);
 
@@ -325,11 +407,6 @@ class RPC extends Protected_Handler {
 
                db_query($this->link, "COMMIT");
 
-               if ($memcache) {
-                       $obj_id = md5("TAGS:".$_SESSION["uid"].":$id");
-                       $memcache->delete($obj_id);
-               }
-
                $tags = get_article_tags($this->link, $id);
                $tags_str = format_tags_string($tags, $id);
                $tags_str_full = join(", ", $tags);
@@ -349,6 +426,23 @@ class RPC extends Protected_Handler {
                print json_encode(array("link" => $new_link));
        }
 
+       function completeLabels() {
+               $search = db_escape_string($_REQUEST["search"]);
+
+               $result = db_query($this->link, "SELECT DISTINCT caption FROM
+                               ttrss_labels2
+                               WHERE owner_uid = '".$_SESSION["uid"]."' AND
+                               LOWER(caption) LIKE LOWER('$search%') ORDER BY caption
+                               LIMIT 5");
+
+               print "<ul>";
+               while ($line = db_fetch_assoc($result)) {
+                       print "<li>" . $line["caption"] . "</li>";
+               }
+               print "</ul>";
+       }
+
+
        function completeTags() {
                $search = db_escape_string($_REQUEST["search"]);
 
@@ -401,11 +495,11 @@ class RPC extends Protected_Handler {
        }
 
        function assigntolabel() {
-               return labelops(true);
+               return $this->labelops(true);
        }
 
        function removefromlabel() {
-               return labelops(false);
+               return $this->labelops(false);
        }
 
        function labelops($assign) {
@@ -500,141 +594,16 @@ class RPC extends Protected_Handler {
                }
        }
 
-       function digestgetcontents() {
-               $article_id = db_escape_string($_REQUEST['article_id']);
-
-               $result = db_query($this->link, "SELECT content,title,link,marked,published
-                       FROM ttrss_entries, ttrss_user_entries
-                       WHERE id = '$article_id' AND ref_id = id AND owner_uid = ".$_SESSION['uid']);
-
-               $content = sanitize_rss($this->link, db_fetch_result($result, 0, "content"));
-               $title = strip_tags(db_fetch_result($result, 0, "title"));
-               $article_url = htmlspecialchars(db_fetch_result($result, 0, "link"));
-               $marked = sql_bool_to_bool(db_fetch_result($result, 0, "marked"));
-               $published = sql_bool_to_bool(db_fetch_result($result, 0, "published"));
-
-               print json_encode(array("article" =>
-                       array("id" => $article_id, "url" => $article_url,
-                               "tags" => get_article_tags($this->link, $article_id),
-                               "marked" => $marked, "published" => $published,
-                               "title" => $title, "content" => $content)));
-       }
-
-       function digestupdate() {
-               $feed_id = db_escape_string($_REQUEST['feed_id']);
-               $offset = db_escape_string($_REQUEST['offset']);
-               $seq = db_escape_string($_REQUEST['seq']);
-
-               if (!$feed_id) $feed_id = -4;
-               if (!$offset) $offset = 0;
-
-               $reply = array();
-
-               $reply['seq'] = $seq;
-
-               $headlines = api_get_headlines($this->link, $feed_id, 30, $offset,
-                               '', ($feed_id == -4), true, false, "unread", "updated DESC", 0, 0);
-
-               $reply['headlines'] = array();
-               $reply['headlines']['title'] = getFeedTitle($this->link, $feed_id);
-               $reply['headlines']['content'] = $headlines;
-
-               print json_encode($reply);
-       }
-
-       function digestinit() {
-               $tmp_feeds = api_get_feeds($this->link, -4, true, false, 0);
-
-               $feeds = array();
-
-               foreach ($tmp_feeds as $f) {
-                       if ($f['id'] > 0 || $f['id'] == -4) array_push($feeds, $f);
-               }
-
-               print json_encode(array("feeds" => $feeds));
-       }
-
        function catchupFeed() {
                $feed_id = db_escape_string($_REQUEST['feed_id']);
                $is_cat = db_escape_string($_REQUEST['is_cat']) == "true";
+               $max_id = (int) db_escape_string($_REQUEST['max_id']);
 
-               catchup_feed($this->link, $feed_id, $is_cat);
+               catchup_feed($this->link, $feed_id, $is_cat, false, $max_id);
 
                print json_encode(array("message" => "UPDATE_COUNTERS"));
        }
 
-       function sendEmail() {
-               $secretkey = $_REQUEST['secretkey'];
-
-               require_once 'lib/phpmailer/class.phpmailer.php';
-
-               $reply = array();
-
-               if (DIGEST_ENABLE && $_SESSION['email_secretkey'] &&
-               $secretkey == $_SESSION['email_secretkey']) {
-
-                       $_SESSION['email_secretkey'] = '';
-
-                       $destination = $_REQUEST['destination'];
-                       $subject = $_REQUEST['subject'];
-                       $content = $_REQUEST['content'];
-
-                       $replyto = strip_tags($_SESSION['email_replyto']);
-                       $fromname = strip_tags($_SESSION['email_fromname']);
-
-                       $mail = new PHPMailer();
-
-                       $mail->PluginDir = "lib/phpmailer/";
-                       $mail->SetLanguage("en", "lib/phpmailer/language/");
-
-                       $mail->CharSet = "UTF-8";
-
-                       $mail->From = $replyto;
-                       $mail->FromName = $fromname;
-                       $mail->AddAddress($destination);
-
-                       if (DIGEST_SMTP_HOST) {
-                               $mail->Host = DIGEST_SMTP_HOST;
-                               $mail->Mailer = "smtp";
-                               $mail->SMTPAuth = DIGEST_SMTP_LOGIN != '';
-                               $mail->Username = DIGEST_SMTP_LOGIN;
-                               $mail->Password = DIGEST_SMTP_PASSWORD;
-                       }
-
-                       $mail->IsHTML(false);
-                       $mail->Subject = $subject;
-                       $mail->Body = $content;
-
-                       $rc = $mail->Send();
-
-                       if (!$rc) {
-                               $reply['error'] =  $mail->ErrorInfo;
-                       } else {
-                               save_email_address($this->link, db_escape_string($destination));
-                               $reply['message'] = "UPDATE_COUNTERS";
-                       }
-
-               } else {
-                       $reply['error'] = "Not authorized.";
-               }
-
-               print json_encode($reply);
-       }
-
-       function completeEmails() {
-               $search = db_escape_string($_REQUEST["search"]);
-
-               print "<ul>";
-
-               foreach ($_SESSION['stored_emails'] as $email) {
-                       if (strpos($email, $search) !== false) {
-                               print "<li>$email</li>";
-                       }
-               }
-
-               print "</ul>";
-       }
-
        function quickAddCat() {
                $cat = db_escape_string($_REQUEST["cat"]);
 
@@ -675,7 +644,6 @@ class RPC extends Protected_Handler {
                return;
        }
 
-
        function verifyRegexp() {
                $reg_exp = $_REQUEST["reg_exp"];
 
@@ -684,109 +652,73 @@ class RPC extends Protected_Handler {
                print json_encode(array("status" => $status));
        }
 
-       // TODO: unify with digest-get-contents?
-       function cdmGetArticle() {
-               $ids = array(db_escape_string($_REQUEST["id"]));
-               $cids = explode(",", $_REQUEST["cids"]);
-
-               $ids = array_merge($ids, $cids);
+       /* function buttonPlugin() {
+               $pclass = "button_" . basename($_REQUEST['plugin']);
+               $method = $_REQUEST['plugin_method'];
 
-               $rv = array();
-
-               foreach ($ids as $id) {
-                       $id = (int)$id;
-
-                       $result = db_query($this->link, "SELECT content,
-                                       ttrss_feeds.site_url AS site_url FROM ttrss_user_entries, ttrss_feeds,
-                                       ttrss_entries
-                                       WHERE feed_id = ttrss_feeds.id AND ref_id = '$id' AND
-                                       ttrss_entries.id = ref_id AND
-                                       ttrss_user_entries.owner_uid = ".$_SESSION["uid"]);
-
-                       if (db_num_rows($result) != 0) {
-                               $line = db_fetch_assoc($result);
-
-                               $article_content = sanitize_rss($this->link, $line["content"],
-                                       false, false, $line['site_url']);
-
-                               array_push($rv,
-                                       array("id" => $id, "content" => $article_content));
+               if (class_exists($pclass)) {
+                       $plugin = new $pclass($this->link);
+                       if (method_exists($plugin, $method)) {
+                               return $plugin->$method();
                        }
                }
+       } */
 
-               print json_encode($rv);
-       }
-
-       function scheduleFeedUpdate() {
-               $feed_id = db_escape_string($_REQUEST["id"]);
-               $is_cat =  db_escape_string($_REQUEST['is_cat']) == 'true';
+       function genHash() {
+               $hash = sha1(uniqid(rand(), true));
 
-               $message = __("Your request could not be completed.");
+               print json_encode(array("hash" => $hash));
+       }
 
-               if ($feed_id >= 0) {
-                       if (!$is_cat) {
-                               $message = __("Feed update has been scheduled.");
+       function batchAddFeeds() {
+               $cat_id = db_escape_string($_REQUEST['cat']);
+               $feeds = explode("\n", db_escape_string($_REQUEST['feeds']));
+               $login = db_escape_string($_REQUEST['login']);
+               $pass = db_escape_string($_REQUEST['pass']);
+               $need_auth = db_escape_string($_REQUEST['need_auth']) != "";
 
-                               db_query($this->link, "UPDATE ttrss_feeds SET
-                                       last_update_started = '1970-01-01',
-                                       last_updated = '1970-01-01' WHERE id = '$feed_id' AND
-                                       owner_uid = ".$_SESSION["uid"]);
+               foreach ($feeds as $feed) {
+                       $feed = trim($feed);
 
-                       } else {
-                               $message = __("Category update has been scheduled.");
+                       if (validate_feed_url($feed)) {
 
-                               if ($feed_id)
-                               $cat_query = "cat_id = '$feed_id'";
-                               else
-                               $cat_query = "cat_id IS NULL";
+                               db_query($this->link, "BEGIN");
 
-                               db_query($this->link, "UPDATE ttrss_feeds SET
-                                               last_update_started = '1970-01-01',
-                                               last_updated = '1970-01-01' WHERE $cat_query AND
-                                               owner_uid = ".$_SESSION["uid"]);
-                       }
-               } else {
-                       $message = __("Can't update this kind of feed.");
-               }
+                               $update_method = 0;
 
-               print json_encode(array("message" => $message));
-               return;
-       }
+                               if ($cat_id == "0" || !$cat_id) {
+                                       $cat_qpart = "NULL";
+                               } else {
+                                       $cat_qpart = "'$cat_id'";
+                               }
 
-       function getTweetInfo() {
-               $id = db_escape_string($_REQUEST['id']);
+                               $result = db_query($this->link,
+                                       "SELECT id FROM ttrss_feeds
+                                       WHERE feed_url = '$feed' AND owner_uid = ".$_SESSION["uid"]);
 
-               $result = db_query($this->link, "SELECT title, link
-                               FROM ttrss_entries, ttrss_user_entries
-                               WHERE id = '$id' AND ref_id = id AND owner_uid = " .$_SESSION['uid']);
+                               if (db_num_rows($result) == 0) {
+                                       $result = db_query($this->link,
+                                               "INSERT INTO ttrss_feeds
+                                                       (owner_uid,feed_url,title,cat_id,auth_login,auth_pass,update_method)
+                                               VALUES ('".$_SESSION["uid"]."', '$feed',
+                                                       '[Unknown]', $cat_qpart, '$login', '$pass', '$update_method')");
+                               }
 
-               if (db_num_rows($result) != 0) {
-                       $title = truncate_string(strip_tags(db_fetch_result($result, 0, 'title')),
-                               100, '...');
-                       $article_link = db_fetch_result($result, 0, 'link');
+                               db_query($this->link, "COMMIT");
+                       }
                }
-
-               print json_encode(array("title" => $title, "link" => $article_link,
-                               "id" => $id));
        }
 
-       function setNote() {
-               $id = db_escape_string($_REQUEST["id"]);
-               $note = trim(strip_tags(db_escape_string($_REQUEST["note"])));
+       function setScore() {
+               $ids = db_escape_string($_REQUEST['id']);
+               $score = (int)db_escape_string($_REQUEST['score']);
 
-               db_query($this->link, "UPDATE ttrss_user_entries SET note = '$note'
-                       WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
+               db_query($this->link, "UPDATE ttrss_user_entries SET
+                       score = '$score' WHERE ref_id IN ($ids) AND owner_uid = " . $_SESSION["uid"]);
 
-               $formatted_note = format_article_note($id, $note);
-
-               print json_encode(array("note" => $formatted_note,
-                               "raw_length" => mb_strlen($note)));
+               print json_encode(array("id" => $id,
+                       "score_pic" => theme_image($link, get_score_pic($score))));
        }
 
-       function genHash() {
-               $hash = sha1(uniqid(rand(), true));
-
-               print json_encode(array("hash" => $hash));
-       }
 }
 ?>
web-based news feed (RSS/Atom) reader and aggregator; see https://tt-rss.org/