<?php
class RPC extends Protected_Handler {
+ function csrf_ignore($method) {
+ $csrf_ignored = array("sanitycheck", "buttonplugin", "exportget");
+
+ return array_search($method, $csrf_ignored) !== false;
+ }
+
function setprofile() {
$id = db_escape_string($_REQUEST["id"]);
$_SESSION["prefs_cache"] = array();
}
+ function exportget() {
+ $exportname = CACHE_DIR . "/export/" .
+ sha1($_SESSION['uid'] . $_SESSION['login']) . ".xml";
+
+ if (file_exists($exportname)) {
+ header("Content-type: text/xml");
+
+ if (function_exists('gzencode')) {
+ header("Content-Disposition: attachment; filename=TinyTinyRSS_exported.xml.gz");
+ echo gzencode(file_get_contents($exportname));
+ } else {
+ header("Content-Disposition: attachment; filename=TinyTinyRSS_exported.xml");
+ echo file_get_contents($exportname);
+ }
+ } else {
+ echo "File not found.";
+ }
+ }
+
+ function exportrun() {
+ $offset = (int) db_escape_string($_REQUEST['offset']);
+ $exported = 0;
+ $limit = 250;
+
+ if ($offset < 10000 && is_writable(CACHE_DIR . "/export")) {
+ $result = db_query($this->link, "SELECT
+ ttrss_entries.guid,
+ ttrss_entries.title,
+ content,
+ marked,
+ published,
+ score,
+ note,
+ link,
+ tag_cache,
+ label_cache,
+ ttrss_feeds.title AS feed_title,
+ ttrss_feeds.feed_url AS feed_url,
+ ttrss_entries.updated
+ FROM
+ ttrss_user_entries LEFT JOIN ttrss_feeds ON (ttrss_feeds.id = feed_id),
+ ttrss_entries
+ WHERE
+ (marked = true OR feed_id IS NULL) AND
+ ref_id = ttrss_entries.id AND
+ ttrss_user_entries.owner_uid = " . $_SESSION['uid'] . "
+ ORDER BY ttrss_entries.id LIMIT $limit OFFSET $offset");
+
+ $exportname = sha1($_SESSION['uid'] . $_SESSION['login']);
+
+ if ($offset == 0) {
+ $fp = fopen(CACHE_DIR . "/export/$exportname.xml", "w");
+ fputs($fp, "<articles schema-version=\"".SCHEMA_VERSION."\">");
+ } else {
+ $fp = fopen(CACHE_DIR . "/export/$exportname.xml", "a");
+ }
+
+ if ($fp) {
+
+ while ($line = db_fetch_assoc($result)) {
+ fputs($fp, "<article>");
+
+ foreach ($line as $k => $v) {
+ fputs($fp, "<$k><![CDATA[$v]]></$k>");
+ }
+
+ fputs($fp, "</article>");
+ }
+
+ $exported = db_num_rows($result);
+
+ if ($exported < $limit && $exported > 0) {
+ fputs($fp, "</articles>");
+ }
+
+ fclose($fp);
+ }
+
+ }
+
+ print json_encode(array("exported" => $exported));
+ }
+
function remprofiles() {
$ids = explode(",", db_escape_string(trim($_REQUEST["ids"])));
$cat = db_escape_string($_REQUEST['cat']);
$login = db_escape_string($_REQUEST['login']);
$pass = db_escape_string($_REQUEST['pass']);
+ $need_auth = db_escape_string($_REQUEST['need_auth']) != "";
- $rc = subscribe_to_feed($this->link, $feed, $cat, $login, $pass);
+ $rc = subscribe_to_feed($this->link, $feed, $cat, $login, $pass, $need_auth);
print json_encode(array("result" => $rc));
}
}
function assigntolabel() {
- return labelops(true);
+ return $this->labelops(true);
}
function removefromlabel() {
- return labelops(false);
+ return $this->labelops(false);
}
function labelops($assign) {
FROM ttrss_entries, ttrss_user_entries
WHERE id = '$article_id' AND ref_id = id AND owner_uid = ".$_SESSION['uid']);
- $content = sanitize_rss($this->link, db_fetch_result($result, 0, "content"));
+ $content = sanitize($this->link, db_fetch_result($result, 0, "content"));
$title = strip_tags(db_fetch_result($result, 0, "title"));
$article_url = htmlspecialchars(db_fetch_result($result, 0, "link"));
$marked = sql_bool_to_bool(db_fetch_result($result, 0, "marked"));
print json_encode(array("message" => "UPDATE_COUNTERS"));
}
- function sendEmail() {
- $secretkey = $_REQUEST['secretkey'];
-
- require_once 'lib/phpmailer/class.phpmailer.php';
-
- $reply = array();
-
- if (DIGEST_ENABLE && $_SESSION['email_secretkey'] &&
- $secretkey == $_SESSION['email_secretkey']) {
-
- $_SESSION['email_secretkey'] = '';
-
- $destination = $_REQUEST['destination'];
- $subject = $_REQUEST['subject'];
- $content = $_REQUEST['content'];
-
- $replyto = strip_tags($_SESSION['email_replyto']);
- $fromname = strip_tags($_SESSION['email_fromname']);
-
- $mail = new PHPMailer();
-
- $mail->PluginDir = "lib/phpmailer/";
- $mail->SetLanguage("en", "lib/phpmailer/language/");
-
- $mail->CharSet = "UTF-8";
-
- $mail->From = $replyto;
- $mail->FromName = $fromname;
- $mail->AddAddress($destination);
-
- if (DIGEST_SMTP_HOST) {
- $mail->Host = DIGEST_SMTP_HOST;
- $mail->Mailer = "smtp";
- $mail->SMTPAuth = DIGEST_SMTP_LOGIN != '';
- $mail->Username = DIGEST_SMTP_LOGIN;
- $mail->Password = DIGEST_SMTP_PASSWORD;
- }
-
- $mail->IsHTML(false);
- $mail->Subject = $subject;
- $mail->Body = $content;
-
- $rc = $mail->Send();
-
- if (!$rc) {
- $reply['error'] = $mail->ErrorInfo;
- } else {
- save_email_address($this->link, db_escape_string($destination));
- $reply['message'] = "UPDATE_COUNTERS";
- }
-
- } else {
- $reply['error'] = "Not authorized.";
- }
-
- print json_encode($reply);
- }
-
- function completeEmails() {
- $search = db_escape_string($_REQUEST["search"]);
-
- print "<ul>";
-
- foreach ($_SESSION['stored_emails'] as $email) {
- if (strpos($email, $search) !== false) {
- print "<li>$email</li>";
- }
- }
-
- print "</ul>";
- }
-
function quickAddCat() {
$cat = db_escape_string($_REQUEST["cat"]);
if (db_num_rows($result) != 0) {
$line = db_fetch_assoc($result);
- $article_content = sanitize_rss($this->link, $line["content"],
+ $article_content = sanitize($this->link, $line["content"],
false, false, $line['site_url']);
array_push($rv,
return;
}
- function getTweetInfo() {
- $id = db_escape_string($_REQUEST['id']);
-
- $result = db_query($this->link, "SELECT title, link
- FROM ttrss_entries, ttrss_user_entries
- WHERE id = '$id' AND ref_id = id AND owner_uid = " .$_SESSION['uid']);
+ function buttonPlugin() {
+ $pclass = basename($_REQUEST['plugin']) . "_button";
+ $method = $_REQUEST['plugin_method'];
- if (db_num_rows($result) != 0) {
- $title = truncate_string(strip_tags(db_fetch_result($result, 0, 'title')),
- 100, '...');
- $article_link = db_fetch_result($result, 0, 'link');
+ if (class_exists($pclass)) {
+ $plugin = new $pclass($this->link);
+ if (method_exists($plugin, $method)) {
+ return $plugin->$method();
+ }
}
+ }
- print json_encode(array("title" => $title, "link" => $article_link,
- "id" => $id));
+ function genHash() {
+ $hash = sha1(uniqid(rand(), true));
+
+ print json_encode(array("hash" => $hash));
}
- function setNote() {
- $id = db_escape_string($_REQUEST["id"]);
- $note = trim(strip_tags(db_escape_string($_REQUEST["note"])));
+ function batchAddFeeds() {
+ $cat_id = db_escape_string($_REQUEST['cat']);
+ $feeds = explode("\n", db_escape_string($_REQUEST['feeds']));
+ $login = db_escape_string($_REQUEST['login']);
+ $pass = db_escape_string($_REQUEST['pass']);
+ $need_auth = db_escape_string($_REQUEST['need_auth']) != "";
- db_query($this->link, "UPDATE ttrss_user_entries SET note = '$note'
- WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
+ $result = db_query($this->link, "SELECT twitter_oauth FROM ttrss_users
+WHERE id = ".$_SESSION['uid']);
+ $has_oauth = db_fetch_result($result, 0, 'twitter_oauth') != "";
- $formatted_note = format_article_note($id, $note);
+ foreach ($feeds as $feed) {
+ $feed = trim($feed);
- print json_encode(array("note" => $formatted_note,
- "raw_length" => mb_strlen($note)));
- }
+ if (validate_feed_url($feed)) {
- function genHash() {
- $hash = sha1(uniqid(rand(), true));
+ db_query($this->link, "BEGIN");
- print json_encode(array("hash" => $hash));
+ if (!$need_auth || !$has_oauth || strpos($url, '://api.twitter.com')
+ === false) {
+ $update_method = 0;
+ } else {
+ $update_method = 3;
+ }
+
+ if ($cat_id == "0" || !$cat_id) {
+ $cat_qpart = "NULL";
+ } else {
+ $cat_qpart = "'$cat_id'";
+ }
+
+ $result = db_query($this->link,
+ "SELECT id FROM ttrss_feeds
+ WHERE feed_url = '$feed' AND owner_uid = ".$_SESSION["uid"]);
+
+ if (db_num_rows($result) == 0) {
+ $result = db_query($this->link,
+ "INSERT INTO ttrss_feeds
+ (owner_uid,feed_url,title,cat_id,auth_login,auth_pass,update_method)
+ VALUES ('".$_SESSION["uid"]."', '$feed',
+ '[Unknown]', $cat_qpart, '$login', '$pass', '$update_method')");
+ }
+
+ db_query($this->link, "COMMIT");
+ }
+ }
}
+
}
?>