$favicon_url = get_favicon_url($site_url);
if ($favicon_url) {
- $contents = fetch_file_contents($favicon_url, "image");
+ // Limiting to "image" type misses those served with text/plain
+ $contents = fetch_file_contents($favicon_url); // , "image");
+
+ if ($contents) {
+ // Crude image type matching.
+ // Patterns gleaned from the file(1) source code.
+ if (preg_match('/^\x00\x00\x01\x00/', $contents)) {
+ // 0 string \000\000\001\000 MS Windows icon resource
+ //error_log("check_feed_favicon: favicon_url=$favicon_url isa MS Windows icon resource");
+ }
+ elseif (preg_match('/^GIF8/', $contents)) {
+ // 0 string GIF8 GIF image data
+ //error_log("check_feed_favicon: favicon_url=$favicon_url isa GIF image");
+ }
+ elseif (preg_match('/^\x89PNG\x0d\x0a\x1a\x0a/', $contents)) {
+ // 0 string \x89PNG\x0d\x0a\x1a\x0a PNG image data
+ //error_log("check_feed_favicon: favicon_url=$favicon_url isa PNG image");
+ }
+ elseif (preg_match('/^\xff\xd8/', $contents)) {
+ // 0 beshort 0xffd8 JPEG image data
+ //error_log("check_feed_favicon: favicon_url=$favicon_url isa JPG image");
+ }
+ else {
+ //error_log("check_feed_favicon: favicon_url=$favicon_url isa UNKNOWN type");
+ $contents = "";
+ }
+ }
if ($contents) {
$fp = @fopen($icon_file, "w");
// First login ?
if (db_num_rows($result) == 0) {
- $salt = substr(bin2hex(openssl_random_pseudo_bytes(125)), 0, 250);
+ $salt = substr(bin2hex(get_random_bytes(125)), 0, 250);
$pwd_hash = encrypt_password($password, $salt, true);
$query2 = "INSERT INTO ttrss_users
}
}
- } else {
+ } else if (get_schema_version($link) > 87) {
$result = db_query($link, "SELECT salt FROM ttrss_users WHERE
login = '$login'");
+ if (db_num_rows($result) != 1) {
+ return false;
+ }
+
$salt = db_fetch_result($result, 0, "salt");
if ($salt == "") {
if (db_num_rows($result) == 1) {
// upgrade password to MODE2
- $salt = substr(bin2hex(openssl_random_pseudo_bytes(125)), 0, 250);
+ $salt = substr(bin2hex(get_random_bytes(125)), 0, 250);
$pwd_hash = encrypt_password($password, $salt, true);
db_query($link, "UPDATE ttrss_users SET
login = '$login' AND pwd_hash = '$pwd_hash'";
}
+ } else {
+ $query = "SELECT id,login,access_level,pwd_hash
+ FROM ttrss_users WHERE
+ login = '$login' AND (pwd_hash = '$pwd_hash1' OR
+ pwd_hash = '$pwd_hash2')";
}
$result = db_query($link, $query);
$_SESSION["uid"] = 1;
$_SESSION["name"] = "admin";
+ $_SESSION["access_level"] = 10;
+
+ if (!$_SESSION["csrf_token"]) {
+ $_SESSION["csrf_token"] = sha1(uniqid(rand(), true));
+ }
$_SESSION["ip_address"] = $_SERVER["REMOTE_ADDR"];
function make_password($length = 8) {
- return substr(bin2hex(openssl_random_pseudo_bytes($length / 2)), 0, $length);
+ $password = "";
+ $possible = "0123456789abcdfghjkmnpqrstvwxyzABCDFGHJKMNPQRSTVWXYZ";
+
+ $i = 0;
+
+ while ($i < $length) {
+ $char = substr($possible, mt_rand(0, strlen($possible)-1), 1);
+
+ if (!strstr($password, $char)) {
+ $password .= $char;
+ $i++;
+ }
+ }
+ return $password;
}
// this is called after user is created to initialize default feeds, labels
}
}
- function catchup_feed($link, $feed, $cat_view, $owner_uid = false) {
+ function catchup_feed($link, $feed, $cat_view, $owner_uid = false, $max_id = false) {
if (!$owner_uid) $owner_uid = $_SESSION['uid'];
//if (preg_match("/^-?[0-9][0-9]*$/", $feed) != false) {
+ $ref_check_qpart = ($max_id &&
+ !get_pref($link, 'REVERSE_HEADLINES')) ? "ref_id <= '$max_id'" : "true";
+
if (is_numeric($feed)) {
if ($cat_view) {
db_query($link, "UPDATE ttrss_user_entries
SET unread = false,last_read = NOW()
- WHERE feed_id = '$tmp_feed' AND owner_uid = $owner_uid");
+ WHERE feed_id = '$tmp_feed'
+ AND $ref_check_qpart
+ AND owner_uid = $owner_uid");
}
} else if ($feed == -2) {
db_query($link, "UPDATE ttrss_user_entries
SET unread = false,last_read = NOW() WHERE (SELECT COUNT(*)
FROM ttrss_user_labels2 WHERE article_id = ref_id) > 0
- AND unread = true AND owner_uid = $owner_uid");
+ AND $ref_check_qpart
+ AND unread = true AND owner_uid = $owner_uid");
}
} else if ($feed > 0) {
db_query($link, "UPDATE ttrss_user_entries
SET unread = false,last_read = NOW()
- WHERE feed_id = '$feed' AND owner_uid = $owner_uid");
+ WHERE feed_id = '$feed'
+ AND $ref_check_qpart
+ AND owner_uid = $owner_uid");
} else if ($feed < 0 && $feed > -10) { // special, like starred
if ($feed == -1) {
db_query($link, "UPDATE ttrss_user_entries
SET unread = false,last_read = NOW()
- WHERE marked = true AND owner_uid = $owner_uid");
+ WHERE marked = true
+ AND $ref_check_qpart
+ AND owner_uid = $owner_uid");
}
if ($feed == -2) {
db_query($link, "UPDATE ttrss_user_entries
SET unread = false,last_read = NOW()
- WHERE published = true AND owner_uid = $owner_uid");
+ WHERE published = true
+ AND $ref_check_qpart
+ AND owner_uid = $owner_uid");
}
if ($feed == -3) {
if ($feed == -4) {
db_query($link, "UPDATE ttrss_user_entries
SET unread = false,last_read = NOW()
- WHERE owner_uid = $owner_uid");
+ WHERE $ref_check_qpart AND owner_uid = $owner_uid");
}
} else if ($feed < -10) { // label
db_query($link, "UPDATE ttrss_user_entries, ttrss_user_labels2
SET unread = false, last_read = NOW()
WHERE label_id = '$label_id' AND unread = true
+ AND $ref_check_qpart
AND owner_uid = '$owner_uid' AND ref_id = article_id");
}
while ($line = db_fetch_assoc($result)) {
db_query($link, "UPDATE ttrss_user_entries SET
unread = false, last_read = NOW()
- WHERE int_id = " . $line["post_int_id"]);
+ WHERE $ref_check_qpart AND int_id = " . $line["post_int_id"]);
}
db_query($link, "COMMIT");
}
}
/**
- * Subscribes the user to the given feed
- *
- * @param resource $link Database connection
- * @param string $url Feed URL to subscribe to
- * @param integer $cat_id Category ID the feed shall be added to
- * @param string $auth_login (optional) Feed username
- * @param string $auth_pass (optional) Feed password
- *
* @return integer Status code:
* 0 - OK, Feed already exists
* 1 - OK, Feed added
* 5 - Couldn't download the URL content.
*/
function subscribe_to_feed($link, $url, $cat_id = 0,
- $auth_login = '', $auth_pass = '') {
+ $auth_login = '', $auth_pass = '', $need_auth = false) {
require_once "include/rssfuncs.php";
$has_oauth = db_fetch_result($result, 0, 'twitter_oauth');
- if (!$has_oauth || strpos($url, '://api.twitter.com') === false) {
+ if (!$need_auth || !$has_oauth || strpos($url, '://api.twitter.com') === false) {
if (!fetch_file_contents($url, false, $auth_login, $auth_pass)) return 5;
if (url_is_html($url, $auth_login, $auth_pass)) {
} else if ($feed == 0 && !$cat_view) { // archive virtual feed
$query_strategy_part = "feed_id IS NULL";
} else if ($feed == 0 && $cat_view) { // uncategorized
- $query_strategy_part = "cat_id IS NULL";
+ $query_strategy_part = "cat_id IS NULL AND feed_id IS NOT NULL";
$vfeed_query_part = "ttrss_feeds.title AS feed_title,";
} else if ($feed == -1) { // starred virtual feed
$query_strategy_part = "marked = true";
$node = $doc->getElementsByTagName('body')->item(0);
- return $doc->saveXML($node);
+ return $doc->saveXML($node, LIBXML_NOEMPTYTAG);
}
/**
* @param integer $limit The maximum number of articles by digest.
* @return boolean Return false if digests are not enabled.
*/
- function send_headlines_digests($link, $limit = 100, $debug = true) {
+ function send_headlines_digests($link, $debug = false) {
require_once 'lib/phpmailer/class.phpmailer.php';
$user_limit = 15; // amount of users to process (e.g. emails to send out)
- $days = 1;
+ $limit = 1000; // maximum amount of headlines to include
- if ($debug) _debug("Sending digests, batch of max $user_limit users, days = $days, headline limit = $limit");
+ if ($debug) _debug("Sending digests, batch of max $user_limit users, headline limit = $limit");
if (DB_TYPE == "pgsql") {
- $interval_query = "last_digest_sent < NOW() - INTERVAL '$days days'";
+ $interval_query = "last_digest_sent < NOW() - INTERVAL '1 days'";
} else if (DB_TYPE == "mysql") {
- $interval_query = "last_digest_sent < DATE_SUB(NOW(), INTERVAL $days DAY)";
+ $interval_query = "last_digest_sent < DATE_SUB(NOW(), INTERVAL 1 DAY)";
}
$result = db_query($link, "SELECT id,email FROM ttrss_users
while ($line = db_fetch_assoc($result)) {
if (get_pref($link, 'DIGEST_ENABLE', $line['id'], false)) {
- print "Sending digest for UID:" . $line['id'] . " - " . $line["email"] . " ... ";
+ $preferred_ts = strtotime(get_pref($link, 'DIGEST_PREFERRED_TIME', $line['id'], '00:00'));
- $do_catchup = get_pref($link, 'DIGEST_CATCHUP', $line['id'], false);
+ // try to send digests within 2 hours of preferred time
+ if ($preferred_ts && time() >= $preferred_ts &&
+ time() - $preferred_ts <= 7200) {
- $tuple = prepare_headlines_digest($link, $line["id"], $days, $limit);
- $digest = $tuple[0];
- $headlines_count = $tuple[1];
- $affected_ids = $tuple[2];
- $digest_text = $tuple[3];
+ if ($debug) print "Sending digest for UID:" . $line['id'] . " - " . $line["email"] . " ... ";
- if ($headlines_count > 0) {
+ $do_catchup = get_pref($link, 'DIGEST_CATCHUP', $line['id'], false);
- $mail = new PHPMailer();
+ global $tz_offset;
- $mail->PluginDir = "lib/phpmailer/";
- $mail->SetLanguage("en", "lib/phpmailer/language/");
+ // reset tz_offset global to prevent tz cache clash between users
+ $tz_offset = -1;
- $mail->CharSet = "UTF-8";
+ $tuple = prepare_headlines_digest($link, $line["id"], 1, $limit);
+ $digest = $tuple[0];
+ $headlines_count = $tuple[1];
+ $affected_ids = $tuple[2];
+ $digest_text = $tuple[3];
- $mail->From = SMTP_FROM_ADDRESS;
- $mail->FromName = SMTP_FROM_NAME;
- $mail->AddAddress($line["email"], $line["login"]);
+ if ($headlines_count > 0) {
- if (SMTP_HOST) {
- $mail->Host = SMTP_HOST;
- $mail->Mailer = "smtp";
- $mail->SMTPAuth = SMTP_LOGIN != '';
- $mail->Username = SMTP_LOGIN;
- $mail->Password = SMTP_PASSWORD;
- }
+ $mail = new PHPMailer();
+
+ $mail->PluginDir = "lib/phpmailer/";
+ $mail->SetLanguage("en", "lib/phpmailer/language/");
+
+ $mail->CharSet = "UTF-8";
+
+ $mail->From = SMTP_FROM_ADDRESS;
+ $mail->FromName = SMTP_FROM_NAME;
+ $mail->AddAddress($line["email"], $line["login"]);
+
+ if (SMTP_HOST) {
+ $mail->Host = SMTP_HOST;
+ $mail->Mailer = "smtp";
+ $mail->SMTPAuth = SMTP_LOGIN != '';
+ $mail->Username = SMTP_LOGIN;
+ $mail->Password = SMTP_PASSWORD;
+ }
- $mail->IsHTML(true);
- $mail->Subject = DIGEST_SUBJECT;
- $mail->Body = $digest;
- $mail->AltBody = $digest_text;
+ $mail->IsHTML(true);
+ $mail->Subject = DIGEST_SUBJECT;
+ $mail->Body = $digest;
+ $mail->AltBody = $digest_text;
- $rc = $mail->Send();
+ $rc = $mail->Send();
- if (!$rc) print "ERROR: " . $mail->ErrorInfo;
+ if (!$rc && $debug) print "ERROR: " . $mail->ErrorInfo;
- print "RC=$rc\n";
+ if ($debug) print "RC=$rc\n";
- if ($rc && $do_catchup) {
- print "Marking affected articles as read...\n";
- catchupArticlesById($link, $affected_ids, 0, $line["id"]);
+ if ($rc && $do_catchup) {
+ if ($debug) print "Marking affected articles as read...\n";
+ catchupArticlesById($link, $affected_ids, 0, $line["id"]);
+ }
+ } else {
+ if ($debug) print "No headlines\n";
}
- } else {
- print "No headlines\n";
- }
- db_query($link, "UPDATE ttrss_users SET last_digest_sent = NOW()
- WHERE id = " . $line["id"]);
+ db_query($link, "UPDATE ttrss_users SET last_digest_sent = NOW()
+ WHERE id = " . $line["id"]);
+
+ }
}
}
}
- function prepare_headlines_digest($link, $user_id, $days = 1, $limit = 100) {
+ function prepare_headlines_digest($link, $user_id, $days = 1, $limit = 1000) {
require_once "lib/MiniTemplator.class.php";
$tpl->readTemplateFromFile("templates/digest_template_html.txt");
$tpl_t->readTemplateFromFile("templates/digest_template.txt");
- $tpl->setVariable('CUR_DATE', date('Y/m/d'));
- $tpl->setVariable('CUR_TIME', date('G:i'));
+ $user_tz_string = get_pref($link, 'USER_TIMEZONE', $user_id);
+ $local_ts = convert_timestamp(time(), 'UTC', $user_tz_string);
+
+ $tpl->setVariable('CUR_DATE', date('Y/m/d', $local_ts));
+ $tpl->setVariable('CUR_TIME', date('G:i', $local_ts));
- $tpl_t->setVariable('CUR_DATE', date('Y/m/d'));
- $tpl_t->setVariable('CUR_TIME', date('G:i'));
+ $tpl_t->setVariable('CUR_DATE', date('Y/m/d', $local_ts));
+ $tpl_t->setVariable('CUR_TIME', date('G:i', $local_ts));
$affected_ids = array();
$result = db_query($link, "SELECT ttrss_entries.title,
ttrss_feeds.title AS feed_title,
+ ttrss_feed_categories.title AS cat_title,
date_updated,
ttrss_user_entries.ref_id,
link,
- SUBSTRING(content, 1, 120) AS excerpt,
+ score,
+ content,
".SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated
FROM
ttrss_user_entries,ttrss_entries,ttrss_feeds
+ LEFT JOIN
+ ttrss_feed_categories ON (cat_id = ttrss_feed_categories.id)
WHERE
ref_id = ttrss_entries.id AND feed_id = ttrss_feeds.id
AND include_in_digest = true
AND $interval_query
AND ttrss_user_entries.owner_uid = $user_id
AND unread = true
- ORDER BY ttrss_feeds.title, date_updated DESC
+ AND score >= 0
+ ORDER BY ttrss_feed_categories.title, ttrss_feeds.title, score DESC, date_updated DESC
LIMIT $limit");
$cur_feed_title = "";
$updated = make_local_datetime($link, $line['last_updated'], false,
$user_id);
+/* if ($line["score"] != 0) {
+ if ($line["score"] > 0) $line["score"] = '+' . $line["score"];
+
+ $line["title"] .= " (".$line['score'].")";
+ } */
+
+ if (get_pref($link, 'ENABLE_FEED_CATS', $user_id)) {
+ if (!$line['cat_title']) $line['cat_title'] = __("Uncategorized");
+
+ $line['feed_title'] = $line['cat_title'] . " / " . $line['feed_title'];
+ }
+
$tpl->setVariable('FEED_TITLE', $line["feed_title"]);
$tpl->setVariable('ARTICLE_TITLE', $line["title"]);
$tpl->setVariable('ARTICLE_LINK', $line["link"]);
$tpl->setVariable('ARTICLE_UPDATED', $updated);
$tpl->setVariable('ARTICLE_EXCERPT',
- truncate_string(strip_tags($line["excerpt"]), 100));
+ truncate_string(strip_tags($line["content"]), 300));
+// $tpl->setVariable('ARTICLE_CONTENT',
+// strip_tags($article_content));
$tpl->addBlock('article');
if ($cat_id == -4 || $cat_id == -3) {
$result = db_query($link, "SELECT
- id, feed_url, cat_id, title, ".
+ id, feed_url, cat_id, title, order_id, ".
SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated
FROM ttrss_feeds WHERE owner_uid = " . $_SESSION["uid"] .
" ORDER BY cat_id, title " . $limit_qpart);
$cat_qpart = "cat_id IS NULL";
$result = db_query($link, "SELECT
- id, feed_url, cat_id, title, ".
+ id, feed_url, cat_id, title, order_id, ".
SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated
FROM ttrss_feeds WHERE
$cat_qpart AND owner_uid = " . $_SESSION["uid"] .
"unread" => (int)$unread,
"has_icon" => $has_icon,
"cat_id" => (int)$line["cat_id"],
- "last_updated" => strtotime($line["last_updated"])
+ "last_updated" => strtotime($line["last_updated"]),
+ "order_id" => (int) $line["order_id"],
);
array_push($feeds, $row);
$headline_row["labels"] = $labels;
+ $headline_row["feed_title"] = $line["feed_title"];
+
array_push($headlines, $headline_row);
}
* @return string Absolute URL
*/
function rewrite_relative_url($url, $rel_url) {
- if (strpos($rel_url, "://") !== false) {
+ if (strpos($rel_url, "magnet:") === 0) {
+ return $rel_url;
+ } else if (strpos($rel_url, "://") !== false) {
return $rel_url;
} else if (strpos($rel_url, "/") === 0)
{
$node = $doc->getElementsByTagName('body')->item(0);
- return $doc->saveXML($node);
+ // http://tt-rss.org/forum/viewtopic.php?f=1&t=970
+ if ($node)
+ return $doc->saveXML($node, LIBXML_NOEMPTYTAG);
+ else
+ return $html;
}
function filter_to_sql($filter) {
$query = "";
- if (DB_TYPE == "pgsql")
- $reg_qpart = "~";
- else
- $reg_qpart = "REGEXP";
+ $regexp_valid = preg_match('/' . $filter['reg_exp'] . '/',
+ $filter['reg_exp']) !== FALSE;
- switch ($filter["type"]) {
- case "title":
- $query = "LOWER(ttrss_entries.title) $reg_qpart LOWER('".
- $filter['reg_exp'] . "')";
- break;
- case "content":
- $query = "LOWER(ttrss_entries.content) $reg_qpart LOWER('".
- $filter['reg_exp'] . "')";
- break;
- case "both":
- $query = "LOWER(ttrss_entries.title) $reg_qpart LOWER('".
- $filter['reg_exp'] . "') OR LOWER(" .
- "ttrss_entries.content) $reg_qpart LOWER('" . $filter['reg_exp'] . "')";
- break;
- case "tag":
- $query = "LOWER(ttrss_user_entries.tag_cache) $reg_qpart LOWER('".
- $filter['reg_exp'] . "')";
- break;
- case "link":
- $query = "LOWER(ttrss_entries.link) $reg_qpart LOWER('".
- $filter['reg_exp'] . "')";
- break;
- case "date":
+ if ($regexp_valid) {
- if ($filter["filter_param"] == "before")
- $cmp_qpart = "<";
- else
- $cmp_qpart = ">=";
+ if (DB_TYPE == "pgsql")
+ $reg_qpart = "~";
+ else
+ $reg_qpart = "REGEXP";
- $timestamp = date("Y-m-d H:N:s", strtotime($filter["reg_exp"]));
- $query = "ttrss_entries.date_entered $cmp_qpart '$timestamp'";
- break;
- case "author":
- $query = "LOWER(ttrss_entries.author) $reg_qpart LOWER('".
- $filter['reg_exp'] . "')";
- break;
- }
+ switch ($filter["type"]) {
+ case "title":
+ $query = "LOWER(ttrss_entries.title) $reg_qpart LOWER('".
+ $filter['reg_exp'] . "')";
+ break;
+ case "content":
+ $query = "LOWER(ttrss_entries.content) $reg_qpart LOWER('".
+ $filter['reg_exp'] . "')";
+ break;
+ case "both":
+ $query = "LOWER(ttrss_entries.title) $reg_qpart LOWER('".
+ $filter['reg_exp'] . "') OR LOWER(" .
+ "ttrss_entries.content) $reg_qpart LOWER('" . $filter['reg_exp'] . "')";
+ break;
+ case "tag":
+ $query = "LOWER(ttrss_user_entries.tag_cache) $reg_qpart LOWER('".
+ $filter['reg_exp'] . "')";
+ break;
+ case "link":
+ $query = "LOWER(ttrss_entries.link) $reg_qpart LOWER('".
+ $filter['reg_exp'] . "')";
+ break;
+ case "date":
- if ($filter["inverse"])
- $query = "NOT ($query)";
+ if ($filter["filter_param"] == "before")
+ $cmp_qpart = "<";
+ else
+ $cmp_qpart = ">=";
- if ($query) {
- if (DB_TYPE == "pgsql") {
- $query = " ($query) AND ttrss_entries.date_entered > NOW() - INTERVAL '14 days'";
- } else {
- $query = " ($query) AND ttrss_entries.date_entered > DATE_SUB(NOW(), INTERVAL 14 DAY)";
+ $timestamp = date("Y-m-d H:N:s", strtotime($filter["reg_exp"]));
+ $query = "ttrss_entries.date_entered $cmp_qpart '$timestamp'";
+ break;
+ case "author":
+ $query = "LOWER(ttrss_entries.author) $reg_qpart LOWER('".
+ $filter['reg_exp'] . "')";
+ break;
}
- $query .= " AND ";
- }
+ if ($filter["inverse"])
+ $query = "NOT ($query)";
+
+ if ($query) {
+ if (DB_TYPE == "pgsql") {
+ $query = " ($query) AND ttrss_entries.date_entered > NOW() - INTERVAL '14 days'";
+ } else {
+ $query = " ($query) AND ttrss_entries.date_entered > DATE_SUB(NOW(), INTERVAL 14 DAY)";
+ }
+ $query .= " AND ";
+ }
- return $query;
+ return $query;
+ } else {
+ return false;
+ }
}
// Status codes:
}
}
+
+ function get_random_bytes($length) {
+ if (function_exists('openssl_random_pseudo_bytes')) {
+ return openssl_random_pseudo_bytes($length);
+ } else {
+ $output = "";
+
+ for ($i = 0; $i < $length; $i++)
+ $output .= chr(mt_rand(0, 255));
+
+ return $output;
+ }
+ }
?>