<?
session_start();
- $_SESSION["uid"] = 1; // FIXME: placeholder
-
require_once 'config.php';
require_once 'db-prefs.php';
+// $_SESSION["uid"] = PLACEHOLDER_UID; // FIXME: placeholder
+// $_SESSION["name"] = PLACEHOLDER_NAME;
+
define('MAGPIE_OUTPUT_ENCODING', 'UTF-8');
function purge_old_posts($link) {
$result = db_query($link, "SELECT reg_exp,
(SELECT name FROM ttrss_filter_types
WHERE id = filter_type) as name
- FROM ttrss_filters");
+ FROM ttrss_filters WHERE owner_uid = ".$_SESSION["uid"]);
while ($line = db_fetch_assoc($result)) {
if (!$filters[$line["name"]]) $filters[$line["name"]] = array();
FROM
ttrss_entries
WHERE
- guid = '$entry_guid'");
+ guid = '$entry_guid' AND owner_uid = " . $_SESSION["uid"]);
// print db_num_rows($result) . "$entry_guid<br/>";
feed_id,
comments,
no_orig_date,
- date_entered)
+ date_entered,
+ owner_uid)
VALUES
('$entry_title',
'$entry_guid',
'$feed',
'$entry_comments',
$no_orig_date,
- NOW())";
+ NOW(),".$_SESSION["uid"].")";
$result = db_query($link, $query);
$tag = db_escape_string(strtolower($tag));
$result = db_query($link, "SELECT id FROM ttrss_tags
- WHERE tag_name = '$tag' AND post_id = '$entry_id' LIMIT 1");
+ WHERE tag_name = '$tag' AND post_id = '$entry_id' AND owner_uid = ".$_SESSION["uid"]." LIMIT 1");
if ($result && db_num_rows($result) == 0) {
// print "tagging $entry_id as $tag<br>";
- db_query($link, "INSERT INTO ttrss_tags (tag_name,post_id)
- VALUES ('$tag', '$entry_id')");
+ db_query($link, "INSERT INTO ttrss_tags (owner_uid,tag_name,post_id)
+ VALUES ('".$_SESSION["uid"]."','$tag', '$entry_id')");
}
}
}
}
}
+ function initialize_user_prefs($link, $uid) {
+
+ $uid = db_escape_string($uid);
+
+ db_query($link, "BEGIN");
+
+ $result = db_query($link, "SELECT pref_name,def_value FROM ttrss_prefs");
+
+ $u_result = db_query($link, "SELECT pref_name
+ FROM ttrss_user_prefs WHERE owner_uid = '$uid'");
+
+ $active_prefs = array();
+
+ while ($line = db_fetch_assoc($u_result)) {
+ array_push($active_prefs, $line["pref_name"]);
+ }
+
+ while ($line = db_fetch_assoc($result)) {
+ if (array_search($line["pref_name"], $active_prefs) === FALSE) {
+// print "adding " . $line["pref_name"] . "<br>";
+
+ db_query($link, "INSERT INTO ttrss_user_prefs
+ (owner_uid,pref_name,value) VALUES
+ ('$uid', '".$line["pref_name"]."','".$line["def_value"]."')");
+
+ }
+ }
+
+ db_query($link, "COMMIT");
+
+ }
+
+ function authenticate_user($link, $login, $password) {
+
+ $pwd_hash = 'SHA1:' . sha1($password);
+
+ $result = db_query($link, "SELECT id,login FROM ttrss_users WHERE
+ login = '$login' AND (pwd_hash = '$password' OR pwd_hash = '$pwd_hash')");
+
+ if (db_num_rows($result) == 1) {
+ $_SESSION["uid"] = db_fetch_result($result, 0, "id");
+ $_SESSION["name"] = db_fetch_result($result, 0, "login");
+
+ return true;
+ }
+
+ return false;
+
+ }
+
+ function http_authenticate_user($link) {
+
+ if (!$_SERVER['PHP_AUTH_USER']) {
+
+ header('WWW-Authenticate: Basic realm="Tiny Tiny RSS"');
+ header('HTTP/1.0 401 Unauthorized');
+ print "<h1>401 Unathorized</h1>";
+ exit;
+
+ } else {
+
+ $login = db_escape_string($_SERVER['PHP_AUTH_USER']);
+ $password = db_escape_string($_SERVER['PHP_AUTH_PW']);
+
+ return authenticate_user($link, $login, $password);
+ }
+ }
+
?>