<?php
define('EXPECTED_CONFIG_VERSION', 26);
- define('SCHEMA_VERSION', 97);
+ define('SCHEMA_VERSION', 100);
$fetch_last_error = false;
+ $pluginhost = false;
function __autoload($class) {
$class_file = str_replace("_", "/", strtolower(basename($class)));
if (file_exists($file)) {
require $file;
}
+
}
mb_internal_encoding("UTF-8");
$lang = _TRANSLATION_OVERRIDE_DEFAULT;
}
- if ($_COOKIE["ttrss_lang"] && $_COOKIE["ttrss_lang"] != "auto") {
- $lang = $_COOKIE["ttrss_lang"];
- }
-
/* In login action of mobile version */
if ($_POST["language"] && defined('MOBILE_VERSION')) {
$lang = $_POST["language"];
- $_COOKIE["ttrss_lang"] = $lang;
+ } else {
+ $lang = $_SESSION["language"];
}
if ($lang) {
require_once 'db-prefs.php';
require_once 'version.php';
- define('MAGPIE_OUTPUT_ENCODING', 'UTF-8');
-
- define('SELF_USER_AGENT', 'Tiny Tiny RSS/' . VERSION . ' (http://tt-rss.org/)');
- define('MAGPIE_USER_AGENT', SELF_USER_AGENT);
-
ini_set('user_agent', SELF_USER_AGENT);
require_once 'lib/pubsubhubbub/publisher.php';
-
- $purifier = false;
+ require_once 'lib/htmLawed.php';
$tz_offset = -1;
$utc_tz = new DateTimeZone('UTC');
print "</select>";
}
- function get_article_filters($filters, $title, $content, $link, $timestamp, $author, $tags) {
- $matches = array();
-
- foreach ($filters as $filter) {
- $match_any_rule = $filter["match_any_rule"];
- $filter_match = false;
-
- foreach ($filter["rules"] as $rule) {
- $match = false;
- $reg_exp = $rule["reg_exp"];
-
- if (!$reg_exp)
- continue;
-
- switch ($rule["type"]) {
- case "title":
- $match = @preg_match("/$reg_exp/i", $title);
- break;
- case "content":
- $match = @preg_match("/$reg_exp/i", $content);
- break;
- case "both":
- $match = (@preg_match("/$reg_exp/i", $title) || @preg_match("/$reg_exp/i", $title));
- break;
- case "link":
- $match = @preg_match("/$reg_exp/i", $link);
- break;
- case "author":
- $match = @preg_match("/$reg_exp/i", $author);
- break;
- case "tag":
- $tag_string = join(",", $tags);
- $match = @preg_match("/$reg_exp/i", $tag_string);
- break;
- }
-
- if ($match_any_rule) {
- if ($match) {
- $filter_match = true;
- break;
- }
- } else {
- $filter_match = $match;
- if (!$match) {
- break;
- }
- }
- }
-
- if ($filter_match) {
- foreach ($filter["actions"] AS $action) {
- array_push($matches, $action);
- }
- }
- }
-
- return $matches;
- }
-
- function find_article_filter($filters, $filter_name) {
- foreach ($filters as $f) {
- if ($f["type"] == $filter_name) {
- return $f;
- };
- }
- return false;
- }
-
- function find_article_filters($filters, $filter_name) {
- $results = array();
-
- foreach ($filters as $f) {
- if ($f["type"] == $filter_name) {
- array_push($results, $f);
- };
- }
- return $results;
- }
-
- function calculate_article_score($filters) {
- $score = 0;
-
- foreach ($filters as $f) {
- if ($f["type"] == "score") {
- $score += $f["param"];
- };
- }
- return $score;
- }
-
- function assign_article_to_labels($link, $id, $filters, $owner_uid) {
- foreach ($filters as $f) {
- if ($f["type"] == "label") {
- label_add_article($link, $id, $f["param"], $owner_uid);
- };
- }
- }
-
function getmicrotime() {
list($usec, $sec) = explode(" ",microtime());
return ((float)$usec + (float)$sec);
return true;
}
+ function load_user_plugins($link, $owner_uid) {
+ if ($owner_uid) {
+ $plugins = get_pref($link, "_ENABLED_PLUGINS", $owner_uid);
+
+ global $pluginhost;
+ $pluginhost->load($plugins, $pluginhost::KIND_USER);
+ }
+ }
+
function login_sequence($link, $login_form = 0) {
if (SINGLE_USER_MODE) {
- return authenticate_user($link, "admin", null);
+ authenticate_user($link, "admin", null);
+ load_user_plugins($link, $_SESSION["uid"]);
} else {
if (!$_SESSION["uid"] || !validate_session($link)) {
/* bump login timestamp */
db_query($link, "UPDATE ttrss_users SET last_login = NOW() WHERE id = " .
$_SESSION["uid"]);
-
- if ($_SESSION["language"] && SESSION_COOKIE_LIFETIME > 0) {
- setcookie("ttrss_lang", $_SESSION["language"],
- time() + SESSION_COOKIE_LIFETIME);
- }
}
- }
- }
-
-
- /* function login_sequence($link, $mobile = false) {
- $_SESSION["prefs_cache"] = array();
-
- if (!SINGLE_USER_MODE) {
-
- $login_action = $_POST["login_action"];
-
- # try to authenticate user if called from login form
- if ($login_action == "do_login") {
- $login = db_escape_string($_POST["login"]);
- $password = $_POST["password"];
- $remember_me = $_POST["remember_me"];
-
- if (authenticate_user($link, $login, $password)) {
- $_POST["password"] = "";
-
- $_SESSION["language"] = $_POST["language"];
- $_SESSION["ref_schema_version"] = get_schema_version($link, true);
- $_SESSION["bw_limit"] = !!$_POST["bw_limit"];
-
- if ($_POST["profile"]) {
- $profile = db_escape_string($_POST["profile"]);
-
- $result = db_query($link, "SELECT id FROM ttrss_settings_profiles
- WHERE id = '$profile' AND owner_uid = " . $_SESSION["uid"]);
-
- if (db_num_rows($result) != 0) {
- $_SESSION["profile"] = $profile;
- $_SESSION["prefs_cache"] = array();
- }
- }
-
- if ($_REQUEST['return']) {
- header("Location: " . $_REQUEST['return']);
- } else {
- header("Location: " . $_SERVER["REQUEST_URI"]);
- }
-
- exit;
-
- return;
- } else {
- $_SESSION["login_error_msg"] = __("Incorrect username or password");
- }
+ if ($_SESSION["uid"] && $_SESSION["language"] && SESSION_COOKIE_LIFETIME > 0) {
+ setcookie("ttrss_lang", $_SESSION["language"],
+ time() + SESSION_COOKIE_LIFETIME);
}
- if (!$_SESSION["uid"] || !validate_session($link)) {
-
- if (AUTH_AUTO_LOGIN && authenticate_user($link, null, null)) {
- $_SESSION["ref_schema_version"] = get_schema_version($link, true);
- } else {
- authenticate_user($link, null, null, true);
- render_login_form($link, $mobile);
- exit;
- }
- } else {
- // bump login timestamp
- db_query($link, "UPDATE ttrss_users SET last_login = NOW() WHERE id = " .
- $_SESSION["uid"]);
-
- if ($_SESSION["language"] && SESSION_COOKIE_LIFETIME > 0) {
- setcookie("ttrss_lang", $_SESSION["language"],
- time() + SESSION_COOKIE_LIFETIME);
- }
-
- // try to remove possible duplicates from feed counter cache
-// ccache_cleanup($link, $_SESSION["uid"]);
+ if ($_SESSION["uid"]) {
+ load_user_plugins($link, $_SESSION["uid"]);
}
-
- } else {
- return authenticate_user($link, "admin", null);
}
- } */
+ }
function truncate_string($str, $max_len, $suffix = '…') {
if (mb_strlen($str, "utf-8") > $max_len - 3) {
if (!$url || !validate_feed_url($url)) return array("code" => 2);
- $update_method = 0;
-
$contents = @fetch_file_contents($url, false, $auth_login, $auth_pass);
if (!$contents) {
"INSERT INTO ttrss_feeds
(owner_uid,feed_url,title,cat_id, auth_login,auth_pass,update_method)
VALUES ('".$_SESSION["uid"]."', '$url',
- '[Unknown]', $cat_qpart, '$auth_login', '$auth_pass', '$update_method')");
+ '[Unknown]', $cat_qpart, '$auth_login', '$auth_pass', 0)");
$result = db_query($link,
"SELECT id FROM ttrss_feeds WHERE feed_url = '$url'
return "images/archive.png";
break;
case -1:
- return "images/mark_set.png";
+ return "images/mark_set.svg";
break;
case -2:
- return "images/pub_set.png";
+ return "images/pub_set.svg";
break;
case -3:
return "images/fresh.png";
$params["sign_progress"] = theme_image($link, "images/indicator_white.gif");
$params["sign_progress_tiny"] = theme_image($link, "images/indicator_tiny.gif");
- $params["sign_excl"] = theme_image($link, "images/sign_excl.png");
- $params["sign_info"] = theme_image($link, "images/sign_info.png");
+ $params["sign_excl"] = theme_image($link, "images/sign_excl.svg");
+ $params["sign_info"] = theme_image($link, "images/sign_info.svg");
foreach (array("ON_CATCHUP_SHOW_NEXT_FEED", "HIDE_READ_FEEDS",
"ENABLE_FEED_CATS", "FEEDS_SORT_BY_UNREAD", "CONFIRM_FEED_CATCHUP",
$override_order = "updated DESC";
- $filter_query_part = filter_to_sql($filter) . " AND";
+ $filter_query_part = filter_to_sql($link, $filter, $owner_uid);
+
+ // Try to check if SQL regexp implementation chokes on a valid regexp
+ $result = db_query($link, "SELECT true AS true FROM ttrss_entries,
+ ttrss_user_entries, ttrss_feeds, ttrss_feed_categories
+ WHERE $filter_query_part LIMIT 1", false);
+
+ $test = db_fetch_result($result, 0, "true");
+
+ if (!$test) {
+ $filter_query_part = "false AND";
+ } else {
+ $filter_query_part .= " AND";
+ }
+
} else {
$filter_query_part = "";
}
}
}
- $content_query_part = "content as content_preview,";
+ $content_query_part = "content as content_preview, cached_content, ";
if (is_numeric($feed)) {
$offset_query_part = "OFFSET $offset";
}
+ // proper override_order applied above
if ($vfeed_query_part && get_pref($link, 'VFEED_GROUP_BY_FEED', $owner_uid)) {
if (!$override_order) {
$order_by = "ttrss_feeds.title, $order_by";
+ } else {
+ $order_by = "ttrss_feeds.title, $override_order";
}
}
}
function sanitize($link, $str, $force_strip_tags = false, $owner = false, $site_url = false) {
- global $purifier;
-
if (!$owner) $owner = $_SESSION["uid"];
$res = trim($str); if (!$res) return '';
- // create global Purifier object if needed
- if (!$purifier) {
- require_once 'lib/htmlpurifier/library/HTMLPurifier.auto.php';
-
- $config = HTMLPurifier_Config::createDefault();
-
- $allowed = "p,a[href],i,em,b,strong,code,pre,blockquote,br,img[src|alt|title|align|hspace],ul,ol,li,h1,h2,h3,h4,s,object[classid|type|id|name|width|height|codebase],param[name|value],table,tr,td,span[class]";
-
- $config->set('HTML.SafeObject', true);
- @$config->set('HTML', 'Allowed', $allowed);
- $config->set('Output.FlashCompat', true);
- $config->set('Attr.EnableID', true);
- if (!defined('MOBILE_VERSION')) {
- @$config->set('Cache', 'SerializerPath', CACHE_DIR . "/htmlpurifier");
- } else {
- @$config->set('Cache', 'SerializerPath', "../" . CACHE_DIR . "/htmlpurifier");
- }
-
- $config->set('Filter.YouTube', true);
-
- $purifier = new HTMLPurifier($config);
- }
-
- $res = $purifier->purify($res);
+ $config = array('safe' => 1, 'deny_attribute' => 'style, width, height, class, id', 'comment' => 1, 'cdata' => 1);
+ $res = htmLawed($res, $config);
if (get_pref($link, "STRIP_IMAGES", $owner)) {
$res = preg_replace('/<img[^>]+>/is', '', $res);
return $doc->saveXML($node, LIBXML_NOEMPTYTAG);
}
- /**
- * Send by mail a digest of last articles.
- *
- * @param mixed $link The database connection.
- * @param integer $limit The maximum number of articles by digest.
- * @return boolean Return false if digests are not enabled.
- */
- function send_headlines_digests($link, $debug = false) {
-
- require_once 'lib/phpmailer/class.phpmailer.php';
-
- $user_limit = 15; // amount of users to process (e.g. emails to send out)
- $limit = 1000; // maximum amount of headlines to include
-
- if ($debug) _debug("Sending digests, batch of max $user_limit users, headline limit = $limit");
-
- if (DB_TYPE == "pgsql") {
- $interval_query = "last_digest_sent < NOW() - INTERVAL '1 days'";
- } else if (DB_TYPE == "mysql") {
- $interval_query = "last_digest_sent < DATE_SUB(NOW(), INTERVAL 1 DAY)";
- }
-
- $result = db_query($link, "SELECT id,email FROM ttrss_users
- WHERE email != '' AND (last_digest_sent IS NULL OR $interval_query)");
-
- while ($line = db_fetch_assoc($result)) {
-
- if (get_pref($link, 'DIGEST_ENABLE', $line['id'], false)) {
- $preferred_ts = strtotime(get_pref($link, 'DIGEST_PREFERRED_TIME', $line['id'], '00:00'));
-
- // try to send digests within 2 hours of preferred time
- if ($preferred_ts && time() >= $preferred_ts &&
- time() - $preferred_ts <= 7200) {
-
- if ($debug) print "Sending digest for UID:" . $line['id'] . " - " . $line["email"] . " ... ";
-
- $do_catchup = get_pref($link, 'DIGEST_CATCHUP', $line['id'], false);
-
- global $tz_offset;
-
- // reset tz_offset global to prevent tz cache clash between users
- $tz_offset = -1;
-
- $tuple = prepare_headlines_digest($link, $line["id"], 1, $limit);
- $digest = $tuple[0];
- $headlines_count = $tuple[1];
- $affected_ids = $tuple[2];
- $digest_text = $tuple[3];
-
- if ($headlines_count > 0) {
-
- $mail = new PHPMailer();
-
- $mail->PluginDir = "lib/phpmailer/";
- $mail->SetLanguage("en", "lib/phpmailer/language/");
-
- $mail->CharSet = "UTF-8";
-
- $mail->From = SMTP_FROM_ADDRESS;
- $mail->FromName = SMTP_FROM_NAME;
- $mail->AddAddress($line["email"], $line["login"]);
-
- if (SMTP_HOST) {
- $mail->Host = SMTP_HOST;
- $mail->Mailer = "smtp";
- $mail->SMTPAuth = SMTP_LOGIN != '';
- $mail->Username = SMTP_LOGIN;
- $mail->Password = SMTP_PASSWORD;
- }
-
- $mail->IsHTML(true);
- $mail->Subject = DIGEST_SUBJECT;
- $mail->Body = $digest;
- $mail->AltBody = $digest_text;
-
- $rc = $mail->Send();
-
- if (!$rc && $debug) print "ERROR: " . $mail->ErrorInfo;
-
- if ($debug) print "RC=$rc\n";
-
- if ($rc && $do_catchup) {
- if ($debug) print "Marking affected articles as read...\n";
- catchupArticlesById($link, $affected_ids, 0, $line["id"]);
- }
- } else {
- if ($debug) print "No headlines\n";
- }
-
- db_query($link, "UPDATE ttrss_users SET last_digest_sent = NOW()
- WHERE id = " . $line["id"]);
-
- }
- }
- }
-
- if ($debug) _debug("All done.");
-
- }
-
- function prepare_headlines_digest($link, $user_id, $days = 1, $limit = 1000) {
-
- require_once "lib/MiniTemplator.class.php";
-
- $tpl = new MiniTemplator;
- $tpl_t = new MiniTemplator;
-
- $tpl->readTemplateFromFile("templates/digest_template_html.txt");
- $tpl_t->readTemplateFromFile("templates/digest_template.txt");
-
- $user_tz_string = get_pref($link, 'USER_TIMEZONE', $user_id);
- $local_ts = convert_timestamp(time(), 'UTC', $user_tz_string);
-
- $tpl->setVariable('CUR_DATE', date('Y/m/d', $local_ts));
- $tpl->setVariable('CUR_TIME', date('G:i', $local_ts));
-
- $tpl_t->setVariable('CUR_DATE', date('Y/m/d', $local_ts));
- $tpl_t->setVariable('CUR_TIME', date('G:i', $local_ts));
-
- $affected_ids = array();
-
- if (DB_TYPE == "pgsql") {
- $interval_query = "ttrss_entries.date_updated > NOW() - INTERVAL '$days days'";
- } else if (DB_TYPE == "mysql") {
- $interval_query = "ttrss_entries.date_updated > DATE_SUB(NOW(), INTERVAL $days DAY)";
- }
-
- $result = db_query($link, "SELECT ttrss_entries.title,
- ttrss_feeds.title AS feed_title,
- COALESCE(ttrss_feed_categories.title, '".__('Uncategorized')."') AS cat_title,
- date_updated,
- ttrss_user_entries.ref_id,
- link,
- score,
- content,
- ".SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated
- FROM
- ttrss_user_entries,ttrss_entries,ttrss_feeds
- LEFT JOIN
- ttrss_feed_categories ON (cat_id = ttrss_feed_categories.id)
- WHERE
- ref_id = ttrss_entries.id AND feed_id = ttrss_feeds.id
- AND include_in_digest = true
- AND $interval_query
- AND ttrss_user_entries.owner_uid = $user_id
- AND unread = true
- AND score >= 0
- ORDER BY ttrss_feed_categories.title, ttrss_feeds.title, score DESC, date_updated DESC
- LIMIT $limit");
-
- $cur_feed_title = "";
-
- $headlines_count = db_num_rows($result);
-
- $headlines = array();
-
- while ($line = db_fetch_assoc($result)) {
- array_push($headlines, $line);
- }
-
- for ($i = 0; $i < sizeof($headlines); $i++) {
-
- $line = $headlines[$i];
-
- array_push($affected_ids, $line["ref_id"]);
-
- $updated = make_local_datetime($link, $line['last_updated'], false,
- $user_id);
-
-/* if ($line["score"] != 0) {
- if ($line["score"] > 0) $line["score"] = '+' . $line["score"];
-
- $line["title"] .= " (".$line['score'].")";
- } */
-
- if (get_pref($link, 'ENABLE_FEED_CATS', $user_id)) {
- $line['feed_title'] = $line['cat_title'] . " / " . $line['feed_title'];
- }
-
- $tpl->setVariable('FEED_TITLE', $line["feed_title"]);
- $tpl->setVariable('ARTICLE_TITLE', $line["title"]);
- $tpl->setVariable('ARTICLE_LINK', $line["link"]);
- $tpl->setVariable('ARTICLE_UPDATED', $updated);
- $tpl->setVariable('ARTICLE_EXCERPT',
- truncate_string(strip_tags($line["content"]), 300));
-// $tpl->setVariable('ARTICLE_CONTENT',
-// strip_tags($article_content));
-
- $tpl->addBlock('article');
-
- $tpl_t->setVariable('FEED_TITLE', $line["feed_title"]);
- $tpl_t->setVariable('ARTICLE_TITLE', $line["title"]);
- $tpl_t->setVariable('ARTICLE_LINK', $line["link"]);
- $tpl_t->setVariable('ARTICLE_UPDATED', $updated);
-// $tpl_t->setVariable('ARTICLE_EXCERPT',
-// truncate_string(strip_tags($line["excerpt"]), 100));
-
- $tpl_t->addBlock('article');
-
- if ($headlines[$i]['feed_title'] != $headlines[$i+1]['feed_title']) {
- $tpl->addBlock('feed');
- $tpl_t->addBlock('feed');
- }
-
- }
-
- $tpl->addBlock('digest');
- $tpl->generateOutputToString($tmp);
-
- $tpl_t->addBlock('digest');
- $tpl_t->generateOutputToString($tmp_t);
-
- return array($tmp, $headlines_count, $affected_ids, $tmp_t);
- }
-
function check_for_update($link) {
if (CHECK_FOR_NEW_VERSION && $_SESSION['access_level'] >= 10) {
$version_url = "http://tt-rss.org/version.php?ver=" . VERSION;
function format_warning($msg, $id = "") {
global $link;
return "<div class=\"warning\" id=\"$id\">
- <img src=\"".theme_image($link, "images/sign_excl.png")."\">$msg</div>";
+ <img src=\"".theme_image($link, "images/sign_excl.svg")."\">$msg</div>";
}
function format_notice($msg, $id = "") {
global $link;
return "<div class=\"notice\" id=\"$id\">
- <img src=\"".theme_image($link, "images/sign_info.png")."\">$msg</div>";
+ <img src=\"".theme_image($link, "images/sign_info.svg")."\">$msg</div>";
}
function format_error($msg, $id = "") {
global $link;
return "<div class=\"error\" id=\"$id\">
- <img src=\"".theme_image($link, "images/sign_excl.png")."\">$msg</div>";
+ <img src=\"".theme_image($link, "images/sign_excl.svg")."\">$msg</div>";
}
function print_notice($msg) {
//if (!$zoom_mode) { print "<article id='$id'><![CDATA["; };
- $result = db_query($link, "SELECT rtl_content, always_display_enclosures FROM ttrss_feeds
+ $result = db_query($link, "SELECT rtl_content, always_display_enclosures, cache_content FROM ttrss_feeds
WHERE id = '$feed_id' AND owner_uid = $owner_uid");
if (db_num_rows($result) == 1) {
$rtl_content = sql_bool_to_bool(db_fetch_result($result, 0, "rtl_content"));
$always_display_enclosures = sql_bool_to_bool(db_fetch_result($result, 0, "always_display_enclosures"));
+ $cache_content = sql_bool_to_bool(db_fetch_result($result, 0, "cache_content"));
} else {
$rtl_content = false;
$always_display_enclosures = false;
+ $cache_content = false;
}
if ($rtl_content) {
ccache_update($link, $feed_id, $owner_uid);
}
- $result = db_query($link, "SELECT title,link,content,feed_id,comments,int_id,
+ $result = db_query($link, "SELECT id,title,link,content,feed_id,comments,int_id,
".SUBSTRING_FOR_DATE."(updated,1,16) as updated,
(SELECT icon_url FROM ttrss_feeds WHERE id = feed_id) as icon_url,
(SELECT site_url FROM ttrss_feeds WHERE id = feed_id) as site_url,
tag_cache,
author,
orig_feed_id,
- note
+ note,
+ cached_content
FROM ttrss_entries,ttrss_user_entries
WHERE id = '$id' AND ref_id = id AND owner_uid = $owner_uid");
if ($num_comments > 0) {
if ($line["comments"]) {
- $comments_url = $line["comments"];
+ $comments_url = htmlspecialchars($line["comments"]);
} else {
- $comments_url = $line["link"];
+ $comments_url = htmlspecialchars($line["link"]);
}
$entry_comments = "<a target='_blank' href=\"$comments_url\">$num_comments comments</a>";
} else {
if ($line["comments"] && $line["link"] != $line["comments"]) {
- $entry_comments = "<a target='_blank' href=\"".$line["comments"]."\">comments</a>";
+ $entry_comments = "<a target='_blank' href=\"".htmlspecialchars($line["comments"])."\">comments</a>";
}
}
</head><body>";
}
- $title_escaped = db_escape_string($line['title']);
+ $title_escaped = htmlspecialchars($line['title']);
$rv['content'] .= "<div id=\"PTITLE-$id\" style=\"display : none\">" .
truncate_string(strip_tags($line['title']), 15) . "</div>";
$rv['content'] .= "<div class='postTitle'><a target='_blank'
title=\"".htmlspecialchars($line['title'])."\"
href=\"" .
- $line["link"] . "\">" .
+ htmlspecialchars($line["link"]) . "\">" .
$line["title"] .
"<span class='author'>$entry_author</span></a></div>";
} else {
onclick=\"postOpenInNewTab(event, $id)\"
alt='Zoom' title='".__('Open article in new tab')."'>";
- $button_plugins = explode(",", ARTICLE_BUTTON_PLUGINS);
+ global $pluginhost;
- foreach ($button_plugins as $p) {
- $pclass = trim("button_${p}");
-
- if (class_exists($pclass)) {
- $plugin = new $pclass($link);
- $rv['content'] .= $plugin->render($id, $line);
- }
+ foreach ($pluginhost->get_hooks($pluginhost::HOOK_ARTICLE_BUTTON) as $p) {
+ $rv['content'] .= $p->hook_article_button($line);
}
$rv['content'] .= "<img src=\"".theme_image($link, 'images/digest_checkbox.png')."\"
$rv['content'] .= " ";
$rv['content'] .= "<a target='_blank' href='" . htmlspecialchars($tmp_line['feed_url']) . "'>";
- $rv['content'] .= "<img title='".__('Feed URL')."'class='tinyFeedIcon' src='images/pub_set.png'></a>";
+ $rv['content'] .= "<img title='".__('Feed URL')."'class='tinyFeedIcon' src='images/pub_set.svg'></a>";
$rv['content'] .= "</div>";
}
}
}
+ if ($cache_content && $line["cached_content"] != "") {
+ $line["content"] =& $line["cached_content"];
+ }
+
$article_content = sanitize($link, $line["content"], false, $owner_uid,
$feed_site_url);
}
function get_self_url_prefix() {
- return SELF_URL_PATH;
+ if (strrpos(SELF_URL_PATH, "/") === strlen(SELF_URL_PATH)-1) {
+ return substr(SELF_URL_PATH, 0, strlen(SELF_URL_PATH)-1);
+ } else {
+ return SELF_URL_PATH;
+ }
}
function opml_publish_url($link){
}
} // function encrypt_password
- function sanitize_article_content($text) {
- # we don't support CDATA sections in articles, they break our own escaping
- $text = preg_replace("/\[\[CDATA/", "", $text);
- $text = preg_replace("/\]\]\>/", "", $text);
- return $text;
- }
-
function load_filters($link, $feed_id, $owner_uid, $action_id = false) {
$filters = array();
db_query($link, "SET NAMES " . MYSQL_CHARSET);
}
}
+
+ global $pluginhost;
+
+ $pluginhost = new PluginHost($link);
+ $pluginhost->load(PLUGINS, $pluginhost::KIND_ALL);
+
return true;
} else {
print "Unable to connect to database:" . db_last_error();
}
}
- function get_article_labels($link, $id) {
+ function get_article_labels($link, $id, $owner_uid = false) {
$rv = array();
+ if (!$owner_uid) $owner_uid = $_SESSION["uid"];
$result = db_query($link, "SELECT label_cache FROM
ttrss_user_entries WHERE ref_id = '$id' AND owner_uid = " .
- $_SESSION["uid"]);
+ $owner_uid);
- $label_cache = db_fetch_result($result, 0, "label_cache");
-
- if ($label_cache) {
+ if (db_num_rows($result) > 0) {
+ $label_cache = db_fetch_result($result, 0, "label_cache");
- $label_cache = json_decode($label_cache, true);
+ if ($label_cache) {
+ $label_cache = json_decode($label_cache, true);
- if ($label_cache["no-labels"] == 1)
- return $rv;
- else
- return $label_cache;
+ if ($label_cache["no-labels"] == 1)
+ return $rv;
+ else
+ return $label_cache;
+ }
}
$result = db_query($link,
FROM ttrss_labels2, ttrss_user_labels2
WHERE id = label_id
AND article_id = '$id'
- AND owner_uid = ".$_SESSION["uid"] . "
+ AND owner_uid = ". $owner_uid . "
ORDER BY caption");
while ($line = db_fetch_assoc($result)) {
}
if (count($rv) > 0)
- label_update_cache($link, $id, $rv);
+ label_update_cache($link, $owner_uid, $id, $rv);
else
- label_update_cache($link, $id, array("no-labels" => 1));
+ label_update_cache($link, $owner_uid, $id, array("no-labels" => 1));
return $rv;
}
}
}
- function label_update_cache($link, $id, $labels = false, $force = false) {
+ function get_all_labels($link, $owner_uid) {
+ $rv = array();
+
+ $result = db_query($link, "SELECT fg_color, bg_color, caption FROM ttrss_labels2 WHERE owner_uid = " . $owner_uid);
+
+ while ($line = db_fetch_assoc($result)) {
+ array_push($rv, $line);
+ }
+
+ return $rv;
+ }
+
+ function label_update_cache($link, $owner_uid, $id, $labels = false, $force = false) {
if ($force)
label_clear_cache($link, $id);
$labels = db_escape_string(json_encode($labels));
db_query($link, "UPDATE ttrss_user_entries SET
- label_cache = '$labels' WHERE ref_id = '$id'");
+ label_cache = '$labels' WHERE ref_id = '$id' AND owner_uid = '$owner_uid'");
}
function api_get_headlines($link, $feed_id, $limit, $offset,
$filter, $is_cat, $show_excerpt, $show_content, $view_mode, $order,
$include_attachments, $since_id,
- $search = "", $search_mode = "", $match_on = "", $include_nested = false) {
+ $search = "", $search_mode = "", $match_on = "",
+ $include_nested = false, $sanitize_content = true) {
$qfh_ret = queryFeedHeadlines($link, $feed_id, $limit,
$view_mode, $is_cat, $search, $search_mode, $match_on,
}
if ($show_content) {
- $headline_row["content"] = $line["content_preview"];
+
+ if ($line["cached_content"] != "") {
+ $line["content_preview"] =& $line["cached_content"];
+ }
+
+ if ($sanitize_content) {
+ $headline_row["content"] = sanitize($link,
+ $line["content_preview"], false, false, $line["site_url"]);
+ } else {
+ $headline_row["content"] = $line["content_preview"];
+ }
}
// unify label output to ease parsing
}
function is_html($content) {
- return preg_match("/<html|DOCTYPE html/i", $content) !== 0;
+ return preg_match("/<html|DOCTYPE html/i", substr($content, 0, 20)) !== 0;
}
function url_is_html($url, $login = false, $pass = false) {
return $html;
}
- function filter_to_sql($filter) {
+ function filter_to_sql($link, $filter, $owner_uid) {
$query = array();
if (DB_TYPE == "pgsql")
}
if (isset($rule["cat_id"])) {
- $qpart .= " AND cat_id " . ($rule["cat_id"] ? '= ' . $rule["cat_id"] : 'IS NULL');
- }
-
- array_push($query, "($qpart)");
-
- }
- }
-
- if (count($query) > 0) {
- return "(" . join($filter["match_any_rule"] ? "OR" : "AND", $query) . ")";
- } else {
- return "(false)";
- }
- }
-
- // Status codes:
- // -1 - never connected
- // 0 - no data received
- // 1 - data received successfully
- // 2 - did not receive valid data
- // >10 - server error, code + 10 (e.g. 16 means server error 6)
-
- function get_linked_feeds($link, $instance_id = false) {
- if ($instance_id)
- $instance_qpart = "id = '$instance_id' AND ";
- else
- $instance_qpart = "";
-
- if (DB_TYPE == "pgsql") {
- $date_qpart = "last_connected < NOW() - INTERVAL '6 hours'";
- } else {
- $date_qpart = "last_connected < DATE_SUB(NOW(), INTERVAL 6 HOUR)";
- }
-
- $result = db_query($link, "SELECT id, access_key, access_url FROM ttrss_linked_instances
- WHERE $instance_qpart $date_qpart ORDER BY last_connected");
-
- while ($line = db_fetch_assoc($result)) {
- $id = $line['id'];
-
- _debug("Updating: " . $line['access_url'] . " ($id)");
-
- $fetch_url = $line['access_url'] . '/public.php?op=fbexport';
- $post_query = 'key=' . $line['access_key'];
- $feeds = fetch_file_contents($fetch_url, false, false, false, $post_query);
+ if ($rule["cat_id"] > 0) {
+ $children = getChildCategories($link, $rule["cat_id"], $owner_uid);
+ array_push($children, $rule["cat_id"]);
- // try doing it the old way
- if (!$feeds) {
- $fetch_url = $line['access_url'] . '/backend.php?op=fbexport';
- $feeds = fetch_file_contents($fetch_url, false, false, false, $post_query);
- }
-
- if ($feeds) {
- $feeds = json_decode($feeds, true);
+ $children = join(",", $children);
- if ($feeds) {
- if ($feeds['error']) {
- $status = $feeds['error']['code'] + 10;
+ $cat_qpart = "cat_id IN ($children)";
} else {
- $status = 1;
-
- if (count($feeds['feeds']) > 0) {
-
- db_query($link, "DELETE FROM ttrss_linked_feeds
- WHERE instance_id = '$id'");
-
- foreach ($feeds['feeds'] as $feed) {
- $feed_url = db_escape_string($feed['feed_url']);
- $title = db_escape_string($feed['title']);
- $subscribers = db_escape_string($feed['subscribers']);
- $site_url = db_escape_string($feed['site_url']);
-
- db_query($link, "INSERT INTO ttrss_linked_feeds
- (feed_url, site_url, title, subscribers, instance_id, created, updated)
- VALUES
- ('$feed_url', '$site_url', '$title', '$subscribers', '$id', NOW(), NOW())");
- }
- } else {
- // received 0 feeds, this might indicate that
- // the instance on the other hand is rebuilding feedbrowser cache
- // we will try again later
-
- // TODO: maybe perform expiration based on updated here?
- }
-
- _debug("Processed " . count($feeds['feeds']) . " feeds.");
+ $cat_qpart = "cat_id IS NULL";
}
- } else {
- $status = 2;
- }
-
- } else {
- $status = 0;
- }
-
- _debug("Status: $status");
-
- db_query($link, "UPDATE ttrss_linked_instances SET
- last_status_out = '$status', last_connected = NOW() WHERE id = '$id'");
-
- }
- }
-
- function make_feed_browser($link, $search, $limit, $mode = 1) {
-
- $owner_uid = $_SESSION["uid"];
- $rv = '';
-
- if ($search) {
- $search_qpart = "AND (UPPER(feed_url) LIKE UPPER('%$search%') OR
- UPPER(title) LIKE UPPER('%$search%'))";
- } else {
- $search_qpart = "";
- }
-
- if ($mode == 1) {
- /* $result = db_query($link, "SELECT feed_url, subscribers FROM
- ttrss_feedbrowser_cache WHERE (SELECT COUNT(id) = 0 FROM ttrss_feeds AS tf
- WHERE tf.feed_url = ttrss_feedbrowser_cache.feed_url
- AND owner_uid = '$owner_uid') $search_qpart
- ORDER BY subscribers DESC LIMIT $limit"); */
-
- $result = db_query($link, "SELECT feed_url, site_url, title, SUM(subscribers) AS subscribers FROM
- (SELECT feed_url, site_url, title, subscribers FROM ttrss_feedbrowser_cache UNION ALL
- SELECT feed_url, site_url, title, subscribers FROM ttrss_linked_feeds) AS qqq
- WHERE
- (SELECT COUNT(id) = 0 FROM ttrss_feeds AS tf
- WHERE tf.feed_url = qqq.feed_url
- AND owner_uid = '$owner_uid') $search_qpart
- GROUP BY feed_url, site_url, title ORDER BY subscribers DESC LIMIT $limit");
-
- } else if ($mode == 2) {
- $result = db_query($link, "SELECT *,
- (SELECT COUNT(*) FROM ttrss_user_entries WHERE
- orig_feed_id = ttrss_archived_feeds.id) AS articles_archived
- FROM
- ttrss_archived_feeds
- WHERE
- (SELECT COUNT(*) FROM ttrss_feeds
- WHERE ttrss_feeds.feed_url = ttrss_archived_feeds.feed_url AND
- owner_uid = '$owner_uid') = 0 AND
- owner_uid = '$owner_uid' $search_qpart
- ORDER BY id DESC LIMIT $limit");
- }
-
- $feedctr = 0;
-
- while ($line = db_fetch_assoc($result)) {
-
- if ($mode == 1) {
-
- $feed_url = htmlspecialchars($line["feed_url"]);
- $site_url = htmlspecialchars($line["site_url"]);
- $subscribers = $line["subscribers"];
-
- $check_box = "<input onclick='toggleSelectListRow2(this)'
- dojoType=\"dijit.form.CheckBox\"
- type=\"checkbox\" \">";
-
- $class = ($feedctr % 2) ? "even" : "odd";
- $site_url = "<a target=\"_blank\"
- href=\"$site_url\">
- <span class=\"fb_feedTitle\">".
- htmlspecialchars($line["title"])."</span></a>";
-
- $feed_url = "<a target=\"_blank\" class=\"fb_feedUrl\"
- href=\"$feed_url\"><img src='images/feed-icon-12x12.png'
- style='vertical-align : middle'></a>";
-
- $rv .= "<li>$check_box $feed_url $site_url".
- " <span class='subscribers'>($subscribers)</span></li>";
-
- } else if ($mode == 2) {
- $feed_url = htmlspecialchars($line["feed_url"]);
- $site_url = htmlspecialchars($line["site_url"]);
- $title = htmlspecialchars($line["title"]);
-
- $check_box = "<input onclick='toggleSelectListRow2(this)' dojoType=\"dijit.form.CheckBox\"
- type=\"checkbox\">";
-
- $class = ($feedctr % 2) ? "even" : "odd";
-
- if ($line['articles_archived'] > 0) {
- $archived = sprintf(__("%d archived articles"), $line['articles_archived']);
- $archived = " <span class='subscribers'>($archived)</span>";
- } else {
- $archived = '';
+ $qpart .= " AND $cat_qpart";
}
- $site_url = "<a target=\"_blank\"
- href=\"$site_url\">
- <span class=\"fb_feedTitle\">".
- htmlspecialchars($line["title"])."</span></a>";
-
- $feed_url = "<a target=\"_blank\" class=\"fb_feedUrl\"
- href=\"$feed_url\"><img src='images/feed-icon-12x12.png'
- style='vertical-align : middle'></a>";
-
+ array_push($query, "($qpart)");
- $rv .= "<li id=\"FBROW-".$line["id"]."\">".
- "$check_box $feed_url $site_url $archived</li>";
}
-
- ++$feedctr;
}
- if ($feedctr == 0) {
- $rv .= "<li style=\"text-align : center\"><p>".__('No feeds found.')."</p></li>";
+ if (count($query) > 0) {
+ return "(" . join($filter["match_any_rule"] ? "OR" : "AND", $query) . ")";
+ } else {
+ return "(false)";
}
-
- return $rv;
}
if (!function_exists('gzdecode')) {
}
}
- function perform_data_import($link, $filename, $owner_uid) {
-
- $num_imported = 0;
- $num_processed = 0;
- $num_feeds_created = 0;
-
- $doc = @DOMDocument::load($filename);
-
- if (!$doc) {
- $contents = file_get_contents($filename);
-
- if ($contents) {
- $data = @gzuncompress($contents);
- }
-
- if (!$data) {
- $data = @gzdecode($contents);
- }
-
- if ($data)
- $doc = DOMDocument::loadXML($data);
- }
-
- if ($doc) {
-
- $xpath = new DOMXpath($doc);
-
- $container = $doc->firstChild;
-
- if ($container && $container->hasAttribute('schema-version')) {
- $schema_version = $container->getAttribute('schema-version');
-
- if ($schema_version != SCHEMA_VERSION) {
- print "<p>" .__("Could not import: incorrect schema version.") . "</p>";
- return;
- }
-
- } else {
- print "<p>" . __("Could not import: unrecognized document format.") . "</p>";
- return;
- }
-
- $articles = $xpath->query("//article");
-
- foreach ($articles as $article_node) {
- if ($article_node->childNodes) {
-
- $ref_id = 0;
-
- $article = array();
-
- foreach ($article_node->childNodes as $child) {
- if ($child->nodeName != 'label_cache')
- $article[$child->nodeName] = db_escape_string($child->nodeValue);
- else
- $article[$child->nodeName] = $child->nodeValue;
- }
-
- //print_r($article);
-
- if ($article['guid']) {
-
- ++$num_processed;
-
- //db_query($link, "BEGIN");
-
- //print 'GUID:' . $article['guid'] . "\n";
-
- $result = db_query($link, "SELECT id FROM ttrss_entries
- WHERE guid = '".$article['guid']."'");
-
- if (db_num_rows($result) == 0) {
-
- $result = db_query($link,
- "INSERT INTO ttrss_entries
- (title,
- guid,
- link,
- updated,
- content,
- content_hash,
- no_orig_date,
- date_updated,
- date_entered,
- comments,
- num_comments,
- author)
- VALUES
- ('".$article['title']."',
- '".$article['guid']."',
- '".$article['link']."',
- '".$article['updated']."',
- '".$article['content']."',
- '".sha1($article['content'])."',
- false,
- NOW(),
- NOW(),
- '',
- '0',
- '')");
-
- $result = db_query($link, "SELECT id FROM ttrss_entries
- WHERE guid = '".$article['guid']."'");
-
- if (db_num_rows($result) != 0) {
- $ref_id = db_fetch_result($result, 0, "id");
- }
-
- } else {
- $ref_id = db_fetch_result($result, 0, "id");
- }
-
- //print "Got ref ID: $ref_id\n";
-
- if ($ref_id) {
-
- $feed_url = $article['feed_url'];
- $feed_title = $article['feed_title'];
-
- $feed = 'NULL';
-
- if ($feed_url && $feed_title) {
- $result = db_query($link, "SELECT id FROM ttrss_feeds
- WHERE feed_url = '$feed_url' AND owner_uid = '$owner_uid'");
-
- if (db_num_rows($result) != 0) {
- $feed = db_fetch_result($result, 0, "id");
- } else {
- // try autocreating feed in Uncategorized...
-
- $result = db_query($link, "INSERT INTO ttrss_feeds (owner_uid,
- feed_url, title) VALUES ($owner_uid, '$feed_url', '$feed_title')");
-
- $result = db_query($link, "SELECT id FROM ttrss_feeds
- WHERE feed_url = '$feed_url' AND owner_uid = '$owner_uid'");
-
- if (db_num_rows($result) != 0) {
- ++$num_feeds_created;
-
- $feed = db_fetch_result($result, 0, "id");
- }
- }
- }
-
- if ($feed != 'NULL')
- $feed_qpart = "feed_id = $feed";
- else
- $feed_qpart = "feed_id IS NULL";
-
- //print "$ref_id / $feed / " . $article['title'] . "\n";
-
- $result = db_query($link, "SELECT int_id FROM ttrss_user_entries
- WHERE ref_id = '$ref_id' AND owner_uid = '$owner_uid' AND $feed_qpart");
-
- if (db_num_rows($result) == 0) {
-
- $marked = bool_to_sql_bool(sql_bool_to_bool($article['marked']));
- $published = bool_to_sql_bool(sql_bool_to_bool($article['published']));
- $score = (int) $article['score'];
-
- $tag_cache = $article['tag_cache'];
- $label_cache = db_escape_string($article['label_cache']);
- $note = $article['note'];
-
- //print "Importing " . $article['title'] . "<br/>";
-
- ++$num_imported;
-
- $result = db_query($link,
- "INSERT INTO ttrss_user_entries
- (ref_id, owner_uid, feed_id, unread, last_read, marked,
- published, score, tag_cache, label_cache, uuid, note)
- VALUES ($ref_id, $owner_uid, $feed, false,
- NULL, $marked, $published, $score, '$tag_cache',
- '$label_cache', '', '$note')");
-
- $label_cache = json_decode($label_cache, true);
-
- if (is_array($label_cache) && $label_cache["no-labels"] != 1) {
- foreach ($label_cache as $label) {
-
- label_create($link, $label[1],
- $label[2], $label[3], $owner_uid);
-
- label_add_article($link, $ref_id, $label[1], $owner_uid);
-
- }
- }
-
- //db_query($link, "COMMIT");
- }
- }
- }
- }
- }
-
- print "<p>" .
- T_sprintf("Finished: %d articles processed, %d imported, %d feeds created.",
- $num_processed, $num_imported, $num_feeds_created) .
- "</p>";
-
- } else {
-
- print "<p>" . __("Could not load XML document.") . "</p>";
-
- }
- }
-
function get_random_bytes($length) {
if (function_exists('openssl_random_pseudo_bytes')) {
return openssl_random_pseudo_bytes($length);
}
- function create_published_article($link, $title, $url, $content, $owner_uid) {
- $guid = sha1($url);
+ function create_published_article($link, $title, $url, $content, $labels_str,
+ $owner_uid) {
+
+ $guid = sha1($url . $owner_uid); // include owner_uid to prevent global GUID clash
$content_hash = sha1($content);
+ if ($labels_str != "") {
+ $labels = explode(",", $labels_str);
+ } else {
+ $labels = array();
+ }
+
$rc = false;
if (!$title) $title = $url;
('$ref_id', '', NULL, NULL, $owner_uid, true, '', '', NOW(), '', false)");
}
+ if (count($labels) != 0) {
+ foreach ($labels as $label) {
+ label_add_article($link, $ref_id, trim($label), $owner_uid);
+ }
+ }
+
$rc = true;
} else {
VALUES
('$ref_id', '', NULL, NULL, $owner_uid, true, '', '', NOW(), '', false)");
+ if (count($labels) != 0) {
+ foreach ($labels as $label) {
+ label_add_article($link, $ref_id, trim($label), $owner_uid);
+ }
+ }
+
$rc = true;
}
}
return $rc;
}
+ function implements_interface($class, $interface) {
+ return in_array($interface, class_implements($class));
+ }
+
?>
git.wh0rd.org / tt-rss.git / blobdiff