}
require_once 'db-prefs.php';
- require_once 'compat.php';
require_once 'errors.php';
require_once 'version.php';
$config = HTMLPurifier_Config::createDefault();
- $allowed = "p,a[href],i,em,b,strong,code,pre,blockquote,br,img[src|alt|title],ul,ol,li,h1,h2,h3,h4";
+ $allowed = "p,a[href],i,em,b,strong,code,pre,blockquote,br,img[src|alt|title],ul,ol,li,h1,h2,h3,h4,s";
$config->set('HTML', 'Allowed', $allowed);
$purifier = new HTMLPurifier($config);
}
function fetch_file_contents($url, $type = false) {
- if (USE_CURL_FOR_ICONS) {
+ if (USE_CURL) {
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 15);
$favicon_url = rewrite_relative_url($url, "/favicon.ico");
// Run a test to see if what we have attempted to get actually exists.
- if(USE_CURL_FOR_ICONS || url_validate($favicon_url)) {
+ if(USE_CURL || url_validate($favicon_url)) {
return $favicon_url;
} else {
return false;
_debug("enabling image cache");
}
- $rss->set_image_handler('./image.php', 'i');
+ $rss->set_image_handler(get_self_url_prefix() . '/image.php', 'i');
}
if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
$icon_url = substr($icon_url, 0, 250);
if ($icon_url && $orig_icon_url != $icon_url) {
- if (USE_CURL_FOR_ICONS || url_validate($icon_url)) {
+ if (USE_CURL || url_validate($icon_url)) {
db_query($link, "UPDATE ttrss_feeds SET icon_url = '$icon_url' WHERE id = '$feed'");
}
}
$filters = load_filters($link, $feed, $owner_uid);
+ if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
+ print_r($filters);
+ }
+
if ($use_simplepie) {
$iterator = $rss->get_items();
} else {
}
function validate_session($link) {
- if (SINGLE_USER_MODE) {
- return true;
- }
+ if (SINGLE_USER_MODE) return true;
- if (SESSION_CHECK_ADDRESS && $_SESSION["uid"]) {
- if ($_SESSION["ip_address"]) {
- if ($_SESSION["ip_address"] != $_SERVER["REMOTE_ADDR"]) {
- $_SESSION["login_error_msg"] = __("Session failed to validate (incorrect IP)");
- return false;
- }
- }
- }
+ $check_ip = $_SESSION['ip_address'];
+
+ switch (SESSION_CHECK_ADDRESS) {
+ case 0:
+ $check_ip = '';
+ break;
+ case 1:
+ $check_ip = substr($check_ip, 0, strrpos($check_ip, '.')+1);
+ break;
+ case 2:
+ $check_ip = substr($check_ip, 0, strrpos($check_ip, '.'));
+ $check_ip = substr($check_ip, 0, strrpos($check_ip, '.')+1);
+ break;
+ };
- if ($_SESSION["ref_schema_version"] != get_schema_version($link, true)) {
+ if ($check_ip && strpos($_SERVER['REMOTE_ADDR'], $check_ip) !== 0) {
+ $_SESSION["login_error_msg"] =
+ __("Session failed to validate (incorrect IP)");
return false;
}
+ if ($_SESSION["ref_schema_version"] != get_schema_version($link, true))
+ return false;
+
if ($_SESSION["uid"]) {
$result = db_query($link,
}
if (!$_SESSION["uid"] || !validate_session($link)) {
- render_login_form($link, $mobile);
- //header("Location: login.php");
- exit;
+ if (defined('ALLOW_REMOTE_USER_AUTH') && ALLOW_REMOTE_USER_AUTH
+ && $_SERVER["REMOTE_USER"] && defined('AUTO_LOGIN') && AUTO_LOGIN) {
+ authenticate_user($link,$_SERVER['REMOTE_USER'],null);
+ $_SESSION["ref_schema_version"] = get_schema_version($link, true);
+ } else {
+ render_login_form($link, $mobile);
+ //header("Location: login.php");
+ exit;
+ }
} else {
/* bump login timestamp */
db_query($link, "UPDATE ttrss_users SET last_login = NOW() WHERE id = " .
} else if ($n_feed == -2) {
$match_part = "published = true";
} else if ($n_feed == -3) {
- $match_part = "unread = true";
+ $match_part = "unread = true AND score >= 0";
$intl = get_pref($link, "FRESH_ARTICLE_MAX_AGE", $owner_uid);
foreach (array("ON_CATCHUP_SHOW_NEXT_FEED", "HIDE_READ_FEEDS",
"ENABLE_FEED_CATS", "FEEDS_SORT_BY_UNREAD", "CONFIRM_FEED_CATCHUP",
"CDM_AUTO_CATCHUP", "FRESH_ARTICLE_MAX_AGE", "DEFAULT_ARTICLE_LIMIT",
- "HIDE_READ_SHOWS_SPECIAL", "HIDE_FEEDLIST", "COMBINED_DISPLAY_MODE") as $param) {
+ "HIDE_READ_SHOWS_SPECIAL", "COMBINED_DISPLAY_MODE") as $param) {
$params[strtolower($param)] = (int) get_pref($link, $param);
}
$params["default_view_mode"] = get_pref($link, "_DEFAULT_VIEW_MODE");
$params["default_view_limit"] = (int) get_pref($link, "_DEFAULT_VIEW_LIMIT");
$params["default_view_order_by"] = get_pref($link, "_DEFAULT_VIEW_ORDER_BY");
- $params["prefs_active_tab"] = get_pref($link, "_PREFS_ACTIVE_TAB");
- $params["infobox_disable_overlay"] = get_pref($link, "_INFOBOX_DISABLE_OVERLAY");
$params["bw_limit"] = (int) $_SESSION["bw_limit"];
- $params["offline_enabled"] = (int) get_pref($link, "ENABLE_OFFLINE_READING");
$result = db_query($link, "SELECT MAX(id) AS mid, COUNT(*) AS nf FROM
ttrss_feeds WHERE owner_uid = " . $_SESSION["uid"]);
}
} else if ($feed == -3) { // fresh virtual feed
- $query_strategy_part = "unread = true";
+ $query_strategy_part = "unread = true AND score >= 0";
$intl = get_pref($link, "FRESH_ARTICLE_MAX_AGE", $owner_uid);
$res = preg_replace('/<img[^>]+>/is', '', $res);
}
+ if (strpos($res, "href=") === false)
+ $res = rewrite_urls($res);
+
$charset_hack = '<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
</head>';
"</option>";
$rss_link = htmlspecialchars(get_self_url_prefix() .
- "/backend.php?op=rss&id=$feed_id&is_cat=$is_cat$view_mode$search_q");
+ "/backend.php?op=rss&id=$feed_id&is_cat=$is_cat&view_mode=$view_mode$search_q");
+
+ print "<option value=\"0\" disabled=\"1\">".__('Feed:')."</option>";
print "<option value=\"displayDlg('generatedFeed', '$feed_id:$is_cat:$rss_link')\">".__('View as RSS')."</option>";
<img src=\"".theme_image($link, "images/sign_excl.png")."\">$msg</div>";
}
- function format_notice($msg) {
+ function format_notice($msg, $id = "") {
global $link;
return "<div class=\"notice\" id=\"$id\">
<img src=\"".theme_image($link, "images/sign_info.png")."\">$msg</div>";
}
- function format_error($msg) {
+ function format_error($msg, $id = "") {
global $link;
return "<div class=\"error\" id=\"$id\">
<img src=\"".theme_image($link, "images/sign_excl.png")."\">$msg</div>";
$entry = "";
- if ($ctype == "audio/mpeg") {
-
- $entry .= "<object type=\"application/x-shockwave-flash\"
- data=\"extras/button/musicplayer.swf?song_url=$url\"
- width=\"17\" height=\"17\" style='float : left; margin-right : 5px;'>
- <param name=\"movie\" value=\"extras/button/musicplayer.swf?song_url=$url\" /> </object>";
+ if (strpos($ctype, "audio/") === 0) {
+
+ if ($_SESSION["hasAudio"] && (strpos($ctype, "ogg") !== false ||
+ strpos($_SERVER['HTTP_USER_AGENT'], "Chrome") !== false ||
+ strpos($_SERVER['HTTP_USER_AGENT'], "Safari") !== false )) {
+
+ $id = 'AUDIO-' . uniqid();
+
+ $entry .= "<audio id=\"$id\"\">
+ <source src=\"$url\"></source>
+ </audio>";
+
+ $entry .= "<span onclick=\"player(this)\"
+ title=\"".__("Click to play")."\" status=\"0\"
+ class=\"player\" audio-id=\"$id\">".__("Play")."</span>";
+
+ } else {
+
+ $entry .= "<object type=\"application/x-shockwave-flash\"
+ data=\"extras/button/musicplayer.swf?song_url=$url\"
+ width=\"17\" height=\"17\" style='float : left; margin-right : 5px;'>
+ <param name=\"movie\"
+ value=\"extras/button/musicplayer.swf?song_url=$url\" />
+ </object>";
+ }
}
+ $filename = substr($url, strrpos($url, "/")+1);
+
+ $entry .= " <a target=\"_blank\" href=\"" . htmlspecialchars($url) . "\">" .
+ $filename . " (" . $ctype . ")" . "</a>";
+
return $entry;
}
print "<div class=\"postDate$rtl_class\">$parsed_updated</div>";
if ($line["link"]) {
- print "<div clear='both'><a target='_blank' href=\"" .
+ print "<div clear='both'><a target='_blank'
+ title=\"".htmlspecialchars($line['title'])."\"
+ href=\"" .
$line["link"] . "\">" .
- $line["title"] . "<span class='author'>$entry_author</span></a></div>";
+ truncate_string($line["title"], 100) .
+ "<span class='author'>$entry_author</span></a></div>";
} else {
print "<div clear='both'>" . $line["title"] . "$entry_author</div>";
}
onclick=\"postOpenInNewTab(event, $id)\"
alt='Zoom' title='".__('Open article in new tab')."'>";
- $note_escaped = htmlspecialchars($line['note'], ENT_QUOTES);
+ //$note_escaped = htmlspecialchars($line['note'], ENT_QUOTES);
print "<img src=\"".theme_image($link, 'images/art-pub-note.png')."\"
class='tagsPic' style=\"cursor : pointer\"
- onclick=\"publishWithNote($id, '$note_escaped')\"
- alt='PubNote' title='".__('Publish article with a note')."'>";
+ onclick=\"editArticleNote($id)\"
+ alt='PubNote' title='".__('Edit article note')."'>";
if (DIGEST_ENABLE) {
print "<img src=\"".theme_image($link, 'images/art-email.png')."\"
href=\"".htmlspecialchars($feed_site_url)."\">".
$feed_icon . "</a></div>";
- print "<div class=\"postContent\">";
-
- $article_content = sanitize_rss($link, $line["content"], false, false,
- $feed_site_url);
-
print "<div id=\"POSTNOTE-$id\">";
if ($line['note']) {
print format_article_note($id, $line['note']);
}
print "</div>";
+ print "<div class=\"postContent\">";
+
+ $article_content = sanitize_rss($link, $line["content"], false, false,
+ $feed_site_url);
+
print $article_content;
print_article_enclosures($link, $id, $always_display_enclosures,
catchupArticlesById($link, $ids, $cmode);
}
+ if ($subop == "ForceUpdate" && sprintf("%d", $feed) > 0) {
+ update_rss_feed($link, $feed, true);
+ }
+
if ($subop == "MarkAllRead") {
catchup_feed($link, $feed, $cat_view);
onclick=\"return cdmClicked(event, $id);\"
class=\"titleWrap$hlc_suffix\">
<a class=\"title\"
+ title=\"".htmlspecialchars($line['title'])."\"
target=\"_blank\" href=\"".
- htmlspecialchars($line["link"])."\">".$line["title"].
+ htmlspecialchars($line["link"])."\">".
+ truncate_string($line["title"], 100) .
" $entry_author</a>";
print $labels_str;
alt='Zoom'
title='".__('Open article in new tab')."'>";
- $note_escaped = htmlspecialchars($line['note'], ENT_QUOTES);
+ //$note_escaped = htmlspecialchars($line['note'], ENT_QUOTES);
print "<img src=\"images/art-pub-note.png\"
style=\"cursor : pointer\" style=\"cursor : pointer\"
- onclick=\"publishWithNote($id, '$note_escaped')\"
- alt='PubNote' title='".__('Publish article with a note')."'>";
+ onclick=\"editArticleNote($id)\"
+ alt='PubNote' title='".__('Edit article note')."'>";
if (DIGEST_ENABLE) {
print "<img src=\"".theme_image($link, 'images/art-email.png')."\"
function format_article_note($id, $note) {
- $note_escaped = htmlspecialchars($note, ENT_QUOTES);
-
- $str = "<div class='articleNote'>";
- $str .= $note;
- $str .= "<div class='articleNoteOps'>";
- $str .= "<a href=\"javascript:publishWithNote($id, '$note_escaped')\">".
- __('edit note')."</a>";
- $str .= "</div>";
- $str .= "</div>";
+ $str = "<div class='articleNote' title=\"".__('edit note')."\"
+ onclick=\"editArticleNote($id)\">$note</div>";
return $str;
}
if (!$ctype) $ctype = __("unknown type");
- $filename = substr($url, strrpos($url, "/")+1);
+# $filename = substr($url, strrpos($url, "/")+1);
$entry = format_inline_player($link, $url, $ctype);
- $entry .= " <a target=\"_blank\" href=\"" . htmlspecialchars($url) . "\">" .
- $filename . " (" . $ctype . ")" . "</a>";
+# $entry .= " <a target=\"_blank\" href=\"" . htmlspecialchars($url) . "\">" .
+# $filename . " (" . $ctype . ")" . "</a>";
array_push($entries_html, $entry);
if ($value) {
print "<style type=\"text/css\">";
- print $value;
+ print str_replace("<br/>", "\n", $value);
print "</style>";
}
}
+ function rewrite_urls($line) {
+ global $url_regex;
+
+ $urls = null;
+
+ $result = preg_replace("/((?<!=.)((http|https|ftp)+):\/\/[^ ,!]+)/i",
+ "<a target=\"_blank\" href=\"\\1\">\\1</a>", $line);
+
+ return $result;
+ }
+
?>