<?php
define('EXPECTED_CONFIG_VERSION', 26);
- define('SCHEMA_VERSION', 127);
+ define('SCHEMA_VERSION', 134);
define('LABEL_BASE_INDEX', -1024);
define('PLUGIN_FEED_BASE_INDEX', -128);
$fetch_last_error_code = false;
$fetch_last_content_type = false;
$fetch_last_error_content = false; // curl only for the time being
+ $fetch_effective_url = false;
$fetch_curl_used = false;
- $suppress_debugging = false;
libxml_disable_entity_loader(true);
- mb_internal_encoding("UTF-8");
+ // separate test because this is included before sanity checks
+ if (function_exists("mb_internal_encoding")) mb_internal_encoding("UTF-8");
+
date_default_timezone_set('UTC');
if (defined('E_DEPRECATED')) {
error_reporting(E_ALL & ~E_NOTICE & ~E_DEPRECATED);
/**
* Define a constant if not already defined
- *
- * @param string $name The constant name.
- * @param mixed $value The constant value.
- * @access public
- * @return boolean True if defined successfully or not.
*/
function define_default($name, $value) {
defined($name) or define($name, $value);
}
- ///// Some defaults that you can override in config.php //////
+ /* Some tunables you can override in config.php using define(): */
define_default('FEED_FETCH_TIMEOUT', 45);
// How may seconds to wait for response when requesting feed from a site
define_default('FILE_FETCH_CONNECT_TIMEOUT', 15);
// How many seconds to wait for initial response from website when
// fetching files from remote sites
+ define_default('DAEMON_UPDATE_LOGIN_LIMIT', 30);
+ // stop updating feeds if users haven't logged in for X days
+ define_default('DAEMON_FEED_LIMIT', 500);
+ // feed limit for one update batch
+ define_default('DAEMON_SLEEP_INTERVAL', 120);
+ // default sleep interval between feed updates (sec)
+ define_default('MIN_CACHE_FILE_SIZE', 1024);
+ // do not cache files smaller than that (bytes)
+ define_default('MAX_CACHE_FILE_SIZE', 64*1024*1024);
+ // do not cache files larger than that (bytes)
+ define_default('MAX_DOWNLOAD_FILE_SIZE', 16*1024*1024);
+ // do not download general files larger than that (bytes)
+ define_default('CACHE_MAX_DAYS', 7);
+ // max age in days for various automatically cached (temporary) files
+ define_default('MAX_CONDITIONAL_INTERVAL', 3600*12);
+ // max interval between forced unconditional updates for servers
+ // not complying with http if-modified-since (seconds)
+
+ /* tunables end here */
if (DB_TYPE == "pgsql") {
define('SUBSTRING_FOR_DATE', 'SUBSTRING_FOR_DATE');
require_once 'db-prefs.php';
require_once 'version.php';
- require_once 'ccache.php';
- require_once 'labels.php';
+ require_once 'controls.php';
define('SELF_USER_AGENT', 'Tiny Tiny RSS/' . VERSION . ' (http://tt-rss.org/)');
ini_set('user_agent', SELF_USER_AGENT);
- require_once 'lib/pubsubhubbub/publisher.php';
-
$schema_version = false;
- function _debug_suppress($suppress) {
- global $suppress_debugging;
-
- $suppress_debugging = $suppress;
+ // TODO: compat wrapper, remove at some point
+ function _debug($msg) {
+ Debug::log($msg);
}
- /**
- * Print a timestamped debug message.
- *
- * @param string $msg The debug message.
- * @return void
- */
- function _debug($msg, $show = true) {
- global $suppress_debugging;
-
- //echo "[$suppress_debugging] $msg $show\n";
-
- if ($suppress_debugging) return false;
-
- $ts = strftime("%H:%M:%S", time());
- if (function_exists('posix_getpid')) {
- $ts = "$ts/" . posix_getpid();
- }
-
- if ($show && !(defined('QUIET') && QUIET)) {
- print "[$ts] $msg\n";
- }
-
- if (defined('LOGFILE')) {
- $fp = fopen(LOGFILE, 'a+');
-
- if ($fp) {
- $locked = false;
-
- if (function_exists("flock")) {
- $tries = 0;
-
- // try to lock logfile for writing
- while ($tries < 5 && !$locked = flock($fp, LOCK_EX | LOCK_NB)) {
- sleep(1);
- ++$tries;
- }
-
- if (!$locked) {
- fclose($fp);
- return;
- }
- }
-
- fputs($fp, "[$ts] $msg\n");
-
- if (function_exists("flock")) {
- flock($fp, LOCK_UN);
- }
-
- fclose($fp);
- }
- }
-
- } // function _debug
-
/**
* Purge a feed old posts.
*
* @access public
* @return void
*/
- function purge_feed($feed_id, $purge_interval, $debug = false) {
+ function purge_feed($feed_id, $purge_interval) {
if (!$purge_interval) $purge_interval = feed_purge_interval($feed_id);
- $rows = -1;
+ $pdo = Db::pdo();
- $result = db_query(
- "SELECT owner_uid FROM ttrss_feeds WHERE id = '$feed_id'");
+ $sth = $pdo->prepare("SELECT owner_uid FROM ttrss_feeds WHERE id = ?");
+ $sth->execute([$feed_id]);
$owner_uid = false;
- if (db_num_rows($result) == 1) {
- $owner_uid = db_fetch_result($result, 0, "owner_uid");
+ if ($row = $sth->fetch()) {
+ $owner_uid = $row["owner_uid"];
}
if ($purge_interval == -1 || !$purge_interval) {
if ($owner_uid) {
- ccache_update($feed_id, $owner_uid);
+ CCache::update($feed_id, $owner_uid);
}
return;
}
$purge_interval = FORCE_ARTICLE_PURGE;
}
- if (!$purge_unread) $query_limit = " unread = false AND ";
+ if (!$purge_unread)
+ $query_limit = " unread = false AND ";
+ else
+ $query_limit = "";
- if (DB_TYPE == "pgsql") {
- $pg_version = get_pgsql_version();
-
- if (preg_match("/^7\./", $pg_version) || preg_match("/^8\.0/", $pg_version)) {
-
- $result = db_query("DELETE FROM ttrss_user_entries WHERE
- ttrss_entries.id = ref_id AND
- marked = false AND
- feed_id = '$feed_id' AND
- $query_limit
- ttrss_entries.date_updated < NOW() - INTERVAL '$purge_interval days'");
-
- } else {
+ $purge_interval = (int) $purge_interval;
- $result = db_query("DELETE FROM ttrss_user_entries
- USING ttrss_entries
- WHERE ttrss_entries.id = ref_id AND
- marked = false AND
- feed_id = '$feed_id' AND
- $query_limit
- ttrss_entries.date_updated < NOW() - INTERVAL '$purge_interval days'");
- }
+ if (DB_TYPE == "pgsql") {
+ $sth = $pdo->prepare("DELETE FROM ttrss_user_entries
+ USING ttrss_entries
+ WHERE ttrss_entries.id = ref_id AND
+ marked = false AND
+ feed_id = ? AND
+ $query_limit
+ ttrss_entries.date_updated < NOW() - INTERVAL '$purge_interval days'");
+ $sth->execute([$feed_id]);
} else {
-
-/* $result = db_query("DELETE FROM ttrss_user_entries WHERE
- marked = false AND feed_id = '$feed_id' AND
- (SELECT date_updated FROM ttrss_entries WHERE
- id = ref_id) < DATE_SUB(NOW(), INTERVAL $purge_interval DAY)"); */
-
- $result = db_query("DELETE FROM ttrss_user_entries
+ $sth = $pdo->prepare("DELETE FROM ttrss_user_entries
USING ttrss_user_entries, ttrss_entries
WHERE ttrss_entries.id = ref_id AND
marked = false AND
- feed_id = '$feed_id' AND
+ feed_id = ? AND
$query_limit
ttrss_entries.date_updated < DATE_SUB(NOW(), INTERVAL $purge_interval DAY)");
+ $sth->execute([$feed_id]);
+
}
- $rows = db_affected_rows($result);
+ $rows = $sth->rowCount();
- ccache_update($feed_id, $owner_uid);
+ CCache::update($feed_id, $owner_uid);
- if ($debug) {
- _debug("Purged feed $feed_id ($purge_interval): deleted $rows articles");
- }
+ Debug::log("Purged feed $feed_id ($purge_interval): deleted $rows articles");
return $rows;
} // function purge_feed
function feed_purge_interval($feed_id) {
- $result = db_query("SELECT purge_interval, owner_uid FROM ttrss_feeds
- WHERE id = '$feed_id'");
+ $pdo = DB::pdo();
- if (db_num_rows($result) == 1) {
- $purge_interval = db_fetch_result($result, 0, "purge_interval");
- $owner_uid = db_fetch_result($result, 0, "owner_uid");
+ $sth = $pdo->prepare("SELECT purge_interval, owner_uid FROM ttrss_feeds
+ WHERE id = ?");
+ $sth->execute([$feed_id]);
+
+ if ($row = $sth->fetch()) {
+ $purge_interval = $row["purge_interval"];
+ $owner_uid = $row["owner_uid"];
if ($purge_interval == 0) $purge_interval = get_pref(
'PURGE_OLD_DAYS', $owner_uid);
}
}
- function purge_orphans($do_output = false) {
+ // TODO: max_size currently only works for CURL transfers
+ // TODO: multiple-argument way is deprecated, first parameter is a hash now
+ function fetch_file_contents($options /* previously: 0: $url , 1: $type = false, 2: $login = false, 3: $pass = false,
+ 4: $post_query = false, 5: $timeout = false, 6: $timestamp = 0, 7: $useragent = false*/) {
- // purge orphaned posts in main content table
- $result = db_query("DELETE FROM ttrss_entries WHERE
- NOT EXISTS (SELECT ref_id FROM ttrss_user_entries WHERE ref_id = id)");
+ global $fetch_last_error;
+ global $fetch_last_error_code;
+ global $fetch_last_error_content;
+ global $fetch_last_content_type;
+ global $fetch_last_modified;
+ global $fetch_effective_url;
+ global $fetch_curl_used;
- if ($do_output) {
- $rows = db_affected_rows($result);
- _debug("Purged $rows orphaned posts.");
- }
- }
+ $fetch_last_error = false;
+ $fetch_last_error_code = -1;
+ $fetch_last_error_content = "";
+ $fetch_last_content_type = "";
+ $fetch_curl_used = false;
+ $fetch_last_modified = "";
+ $fetch_effective_url = "";
- function get_feed_update_interval($feed_id) {
- $result = db_query("SELECT owner_uid, update_interval FROM
- ttrss_feeds WHERE id = '$feed_id'");
+ if (!is_array($options)) {
- if (db_num_rows($result) == 1) {
- $update_interval = db_fetch_result($result, 0, "update_interval");
- $owner_uid = db_fetch_result($result, 0, "owner_uid");
+ // falling back on compatibility shim
+ $option_names = [ "url", "type", "login", "pass", "post_query", "timeout", "last_modified", "useragent" ];
+ $tmp = [];
- if ($update_interval != 0) {
- return $update_interval;
- } else {
- return get_pref('DEFAULT_UPDATE_INTERVAL', $owner_uid, false);
+ for ($i = 0; $i < func_num_args(); $i++) {
+ $tmp[$option_names[$i]] = func_get_arg($i);
}
- } else {
- return -1;
- }
- }
-
- function fetch_file_contents($url, $type = false, $login = false, $pass = false, $post_query = false, $timeout = false, $timestamp = 0, $useragent = false) {
-
- global $fetch_last_error;
- global $fetch_last_error_code;
- global $fetch_last_error_content;
- global $fetch_last_content_type;
- global $fetch_curl_used;
+ $options = $tmp;
+
+ /*$options = array(
+ "url" => func_get_arg(0),
+ "type" => @func_get_arg(1),
+ "login" => @func_get_arg(2),
+ "pass" => @func_get_arg(3),
+ "post_query" => @func_get_arg(4),
+ "timeout" => @func_get_arg(5),
+ "timestamp" => @func_get_arg(6),
+ "useragent" => @func_get_arg(7)
+ ); */
+ }
+
+ $url = $options["url"];
+ $type = isset($options["type"]) ? $options["type"] : false;
+ $login = isset($options["login"]) ? $options["login"] : false;
+ $pass = isset($options["pass"]) ? $options["pass"] : false;
+ $post_query = isset($options["post_query"]) ? $options["post_query"] : false;
+ $timeout = isset($options["timeout"]) ? $options["timeout"] : false;
+ $last_modified = isset($options["last_modified"]) ? $options["last_modified"] : "";
+ $useragent = isset($options["useragent"]) ? $options["useragent"] : false;
+ $followlocation = isset($options["followlocation"]) ? $options["followlocation"] : true;
+ $max_size = isset($options["max_size"]) ? $options["max_size"] : MAX_DOWNLOAD_FILE_SIZE; // in bytes
+ $http_accept = isset($options["http_accept"]) ? $options["http_accept"] : false;
$url = ltrim($url, ' ');
$url = str_replace(' ', '%20', $url);
if (strpos($url, "//") === 0)
$url = 'http:' . $url;
- if (!defined('NO_CURL') && function_exists('curl_init')) {
+ if (!defined('NO_CURL') && function_exists('curl_init') && !ini_get("open_basedir")) {
$fetch_curl_used = true;
- if (ini_get("safe_mode") || ini_get("open_basedir") || defined("FORCE_GETURL")) {
- $new_url = geturl($url);
- if (!$new_url) {
- // geturl has already populated $fetch_last_error
- return false;
- }
- $ch = curl_init($new_url);
- } else {
- $ch = curl_init($url);
- }
+ $ch = curl_init($url);
- if ($timestamp && !$post_query) {
- curl_setopt($ch, CURLOPT_HTTPHEADER,
- array("If-Modified-Since: ".gmdate('D, d M Y H:i:s \G\M\T', $timestamp)));
- }
+ $curl_http_headers = [];
+
+ if ($last_modified && !$post_query)
+ array_push($curl_http_headers, "If-Modified-Since: $last_modified");
+
+ if ($http_accept)
+ array_push($curl_http_headers, "Accept: " . $http_accept);
+
+ if (count($curl_http_headers) > 0)
+ curl_setopt($ch, CURLOPT_HTTPHEADER, $curl_http_headers);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $timeout ? $timeout : FILE_FETCH_CONNECT_TIMEOUT);
curl_setopt($ch, CURLOPT_TIMEOUT, $timeout ? $timeout : FILE_FETCH_TIMEOUT);
- curl_setopt($ch, CURLOPT_FOLLOWLOCATION, !ini_get("safe_mode") && !ini_get("open_basedir"));
+ curl_setopt($ch, CURLOPT_FOLLOWLOCATION, !ini_get("open_basedir") && $followlocation);
curl_setopt($ch, CURLOPT_MAXREDIRS, 20);
curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
- curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
+ curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
curl_setopt($ch, CURLOPT_USERAGENT, $useragent ? $useragent :
SELF_USER_AGENT);
curl_setopt($ch, CURLOPT_ENCODING, "");
//curl_setopt($ch, CURLOPT_REFERER, $url);
- if (!ini_get("safe_mode") && !ini_get("open_basedir")) {
+ if ($max_size) {
+ curl_setopt($ch, CURLOPT_NOPROGRESS, false);
+ curl_setopt($ch, CURLOPT_BUFFERSIZE, 16384); // needed to get 5 arguments in progress function?
+
+ // holy shit closures in php
+ // download & upload are *expected* sizes respectively, could be zero
+ curl_setopt($ch, CURLOPT_PROGRESSFUNCTION, function($curl_handle, $download_size, $downloaded, $upload_size, $uploaded) use( &$max_size) {
+ Debug::log("[curl progressfunction] $downloaded $max_size", Debug::$LOG_EXTENDED);
+
+ return ($downloaded > $max_size) ? 1 : 0; // if max size is set, abort when exceeding it
+ });
+
+ }
+
+ if (!ini_get("open_basedir")) {
curl_setopt($ch, CURLOPT_COOKIEJAR, "/dev/null");
}
- if (defined('_CURL_HTTP_PROXY')) {
- curl_setopt($ch, CURLOPT_PROXY, _CURL_HTTP_PROXY);
+ if (defined('_HTTP_PROXY')) {
+ curl_setopt($ch, CURLOPT_PROXY, _HTTP_PROXY);
}
if ($post_query) {
if ($login && $pass)
curl_setopt($ch, CURLOPT_USERPWD, "$login:$pass");
- $contents = @curl_exec($ch);
+ $ret = @curl_exec($ch);
+
+ $headers_length = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
+ $headers = explode("\r\n", substr($ret, 0, $headers_length));
+ $contents = substr($ret, $headers_length);
+
+ foreach ($headers as $header) {
+ if (strstr($header, ": ") !== FALSE) {
+ list ($key, $value) = explode(": ", $header);
+
+ if (strtolower($key) == "last-modified") {
+ $fetch_last_modified = $value;
+ }
+ }
+
+ if (substr(strtolower($header), 0, 7) == 'http/1.') {
+ $fetch_last_error_code = (int) substr($header, 9, 3);
+ $fetch_last_error = $header;
+ }
+ }
if (curl_errno($ch) === 23 || curl_errno($ch) === 61) {
curl_setopt($ch, CURLOPT_ENCODING, 'none');
$contents = @curl_exec($ch);
}
- if ($contents === false) {
- $fetch_last_error = curl_errno($ch) . " " . curl_error($ch);
- curl_close($ch);
- return false;
- }
-
$http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
$fetch_last_content_type = curl_getinfo($ch, CURLINFO_CONTENT_TYPE);
+ $fetch_effective_url = curl_getinfo($ch, CURLINFO_EFFECTIVE_URL);
+
$fetch_last_error_code = $http_code;
if ($http_code != 200 || $type && strpos($fetch_last_content_type, "$type") === false) {
+
if (curl_errno($ch) != 0) {
- $fetch_last_error = curl_errno($ch) . " " . curl_error($ch);
- } else {
- $fetch_last_error = "HTTP Code: $http_code";
+ $fetch_last_error .= "; " . curl_errno($ch) . " " . curl_error($ch);
}
+
$fetch_last_error_content = $contents;
curl_close($ch);
return false;
}
+ if (!$contents) {
+ $fetch_last_error = curl_errno($ch) . " " . curl_error($ch);
+ curl_close($ch);
+ return false;
+ }
+
curl_close($ch);
return $contents;
}
}
- if (!$post_query && $timestamp) {
- $context = stream_context_create(array(
- 'http' => array(
+ // TODO: should this support POST requests or not? idk
+
+ $context_options = array(
+ 'http' => array(
+ 'header' => array(
+ 'Connection: close'
+ ),
'method' => 'GET',
- 'header' => "If-Modified-Since: ".gmdate("D, d M Y H:i:s \\G\\M\\T\r\n", $timestamp)
- )));
- } else {
- $context = NULL;
+ 'ignore_errors' => true,
+ 'timeout' => $timeout ? $timeout : FILE_FETCH_TIMEOUT,
+ 'protocol_version'=> 1.1)
+ );
+
+ if (!$post_query && $last_modified)
+ array_push($context_options['http']['header'], "If-Modified-Since: $last_modified");
+
+ if ($http_accept)
+ array_push($context_options['http']['header'], "Accept: $http_accept");
+
+ if (defined('_HTTP_PROXY')) {
+ $context_options['http']['request_fulluri'] = true;
+ $context_options['http']['proxy'] = _HTTP_PROXY;
}
+ $context = stream_context_create($context_options);
+
$old_error = error_get_last();
+ $fetch_effective_url = $url;
+
$data = @file_get_contents($url, false, $context);
- $fetch_last_content_type = false; // reset if no type was sent from server
if (isset($http_response_header) && is_array($http_response_header)) {
- foreach ($http_response_header as $h) {
- if (substr(strtolower($h), 0, 13) == 'content-type:') {
- $fetch_last_content_type = substr($h, 14);
- // don't abort here b/c there might be more than one
- // e.g. if we were being redirected -- last one is the right one
+ foreach ($http_response_header as $header) {
+ if (strstr($header, ": ") !== FALSE) {
+ list ($key, $value) = explode(": ", $header);
+
+ $key = strtolower($key);
+
+ if ($key == 'content-type') {
+ $fetch_last_content_type = $value;
+ // don't abort here b/c there might be more than one
+ // e.g. if we were being redirected -- last one is the right one
+ } else if ($key == 'last-modified') {
+ $fetch_last_modified = $value;
+ } else if ($key == 'location') {
+ $fetch_effective_url = $value;
+ }
}
- if (substr(strtolower($h), 0, 7) == 'http/1.') {
- $fetch_last_error_code = (int) substr($h, 9, 3);
+ if (substr(strtolower($header), 0, 7) == 'http/1.') {
+ $fetch_last_error_code = (int) substr($header, 9, 3);
+ $fetch_last_error = $header;
}
}
}
- if (!$data) {
+ if ($fetch_last_error_code != 200) {
$error = error_get_last();
if ($error['message'] != $old_error['message']) {
- $fetch_last_error = $error["message"];
- } else {
- $fetch_last_error = "HTTP Code: $fetch_last_error_code";
+ $fetch_last_error .= "; " . $error["message"];
}
+
+ $fetch_last_error_content = $data;
+
+ return false;
}
return $data;
}
$doc->loadHTML($html);
$xpath = new DOMXPath($doc);
- $base = $xpath->query('/html/head/base');
+ $base = $xpath->query('/html/head/base[@href]');
foreach ($base as $b) {
- $url = $b->getAttribute("href");
+ $url = rewrite_relative_url($url, $b->getAttribute("href"));
break;
}
return $favicon_url;
} // function get_favicon_url
- function check_feed_favicon($site_url, $feed) {
-# print "FAVICON [$site_url]: $favicon_url\n";
-
- $icon_file = ICONS_DIR . "/$feed.ico";
-
- if (!file_exists($icon_file)) {
- $favicon_url = get_favicon_url($site_url);
-
- if ($favicon_url) {
- // Limiting to "image" type misses those served with text/plain
- $contents = fetch_file_contents($favicon_url); // , "image");
-
- if ($contents) {
- // Crude image type matching.
- // Patterns gleaned from the file(1) source code.
- if (preg_match('/^\x00\x00\x01\x00/', $contents)) {
- // 0 string \000\000\001\000 MS Windows icon resource
- //error_log("check_feed_favicon: favicon_url=$favicon_url isa MS Windows icon resource");
- }
- elseif (preg_match('/^GIF8/', $contents)) {
- // 0 string GIF8 GIF image data
- //error_log("check_feed_favicon: favicon_url=$favicon_url isa GIF image");
- }
- elseif (preg_match('/^\x89PNG\x0d\x0a\x1a\x0a/', $contents)) {
- // 0 string \x89PNG\x0d\x0a\x1a\x0a PNG image data
- //error_log("check_feed_favicon: favicon_url=$favicon_url isa PNG image");
- }
- elseif (preg_match('/^\xff\xd8/', $contents)) {
- // 0 beshort 0xffd8 JPEG image data
- //error_log("check_feed_favicon: favicon_url=$favicon_url isa JPG image");
- }
- else {
- //error_log("check_feed_favicon: favicon_url=$favicon_url isa UNKNOWN type");
- $contents = "";
- }
- }
-
- if ($contents) {
- $fp = @fopen($icon_file, "w");
-
- if ($fp) {
- fwrite($fp, $contents);
- fclose($fp);
- chmod($icon_file, 0644);
- }
- }
- }
- return $icon_file;
- }
- }
-
- function print_select($id, $default, $values, $attributes = "") {
- print "<select name=\"$id\" id=\"$id\" $attributes>";
- foreach ($values as $v) {
- if ($v == $default)
- $sel = "selected=\"1\"";
- else
- $sel = "";
-
- $v = trim($v);
-
- print "<option value=\"$v\" $sel>$v</option>";
- }
- print "</select>";
- }
-
- function print_select_hash($id, $default, $values, $attributes = "") {
- print "<select name=\"$id\" id='$id' $attributes>";
- foreach (array_keys($values) as $v) {
- if ($v == $default)
- $sel = 'selected="selected"';
- else
- $sel = "";
-
- $v = trim($v);
-
- print "<option $sel value=\"$v\">".$values[$v]."</option>";
- }
-
- print "</select>";
- }
-
- function print_radio($id, $default, $true_is, $values, $attributes = "") {
- foreach ($values as $v) {
-
- if ($v == $default)
- $sel = "checked";
- else
- $sel = "";
-
- if ($v == $true_is) {
- $sel .= " value=\"1\"";
- } else {
- $sel .= " value=\"0\"";
- }
-
- print "<input class=\"noborder\" dojoType=\"dijit.form.RadioButton\"
- type=\"radio\" $sel $attributes name=\"$id\"> $v ";
-
- }
- }
-
function initialize_user_prefs($uid, $profile = false) {
- $uid = db_escape_string($uid);
+ if (get_schema_version() < 63) $profile_qpart = "";
+
+ $pdo = DB::pdo();
+ $in_nested_tr = false;
- if (!$profile) {
- $profile = "NULL";
- $profile_qpart = "AND profile IS NULL";
- } else {
- $profile_qpart = "AND profile = '$profile'";
+ try {
+ $pdo->beginTransaction();
+ } catch (Exception $e) {
+ $in_nested_tr = true;
}
- if (get_schema_version() < 63) $profile_qpart = "";
-
- db_query("BEGIN");
+ $sth = $pdo->query("SELECT pref_name,def_value FROM ttrss_prefs");
- $result = db_query("SELECT pref_name,def_value FROM ttrss_prefs");
+ $profile = $profile ? $profile : null;
- $u_result = db_query("SELECT pref_name
- FROM ttrss_user_prefs WHERE owner_uid = '$uid' $profile_qpart");
+ $u_sth = $pdo->prepare("SELECT pref_name
+ FROM ttrss_user_prefs WHERE owner_uid = :uid AND
+ (profile = :profile OR (:profile IS NULL AND profile IS NULL))");
+ $u_sth->execute([':uid' => $uid, ':profile' => $profile]);
$active_prefs = array();
- while ($line = db_fetch_assoc($u_result)) {
+ while ($line = $u_sth->fetch()) {
array_push($active_prefs, $line["pref_name"]);
}
- while ($line = db_fetch_assoc($result)) {
+ while ($line = $sth->fetch()) {
if (array_search($line["pref_name"], $active_prefs) === FALSE) {
// print "adding " . $line["pref_name"] . "<br>";
- $line["def_value"] = db_escape_string($line["def_value"]);
- $line["pref_name"] = db_escape_string($line["pref_name"]);
-
if (get_schema_version() < 63) {
- db_query("INSERT INTO ttrss_user_prefs
+ $i_sth = $pdo->prepare("INSERT INTO ttrss_user_prefs
(owner_uid,pref_name,value) VALUES
- ('$uid', '".$line["pref_name"]."','".$line["def_value"]."')");
+ (?, ?, ?)");
+ $i_sth->execute([$uid, $line["pref_name"], $line["def_value"]]);
} else {
- db_query("INSERT INTO ttrss_user_prefs
+ $i_sth = $pdo->prepare("INSERT INTO ttrss_user_prefs
(owner_uid,pref_name,value, profile) VALUES
- ('$uid', '".$line["pref_name"]."','".$line["def_value"]."', $profile)");
+ (?, ?, ?, ?)");
+ $i_sth->execute([$uid, $line["pref_name"], $line["def_value"], $profile]);
}
}
}
- db_query("COMMIT");
+ if (!$in_nested_tr) $pdo->commit();
}
if (!SINGLE_USER_MODE) {
$user_id = false;
+ $auth_module = false;
foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_AUTH_USER) as $plugin) {
$user_id = (int) $plugin->authenticate($login, $password);
if ($user_id) {
- $_SESSION["auth_module"] = strtolower(get_class($plugin));
+ $auth_module = strtolower(get_class($plugin));
break;
}
}
if ($user_id && !$check_only) {
- @session_start();
+
+ session_start();
+ session_regenerate_id(true);
$_SESSION["uid"] = $user_id;
$_SESSION["version"] = VERSION_STATIC;
+ $_SESSION["auth_module"] = $auth_module;
- $result = db_query("SELECT login,access_level,pwd_hash FROM ttrss_users
- WHERE id = '$user_id'");
+ $pdo = DB::pdo();
+ $sth = $pdo->prepare("SELECT login,access_level,pwd_hash FROM ttrss_users
+ WHERE id = ?");
+ $sth->execute([$user_id]);
+ $row = $sth->fetch();
- $_SESSION["name"] = db_fetch_result($result, 0, "login");
- $_SESSION["access_level"] = db_fetch_result($result, 0, "access_level");
+ $_SESSION["name"] = $row["login"];
+ $_SESSION["access_level"] = $row["access_level"];
$_SESSION["csrf_token"] = uniqid_short();
- db_query("UPDATE ttrss_users SET last_login = NOW() WHERE id = " .
- $_SESSION["uid"]);
+ $usth = $pdo->prepare("UPDATE ttrss_users SET last_login = NOW() WHERE id = ?");
+ $usth->execute([$user_id]);
$_SESSION["ip_address"] = $_SERVER["REMOTE_ADDR"];
$_SESSION["user_agent"] = sha1($_SERVER['HTTP_USER_AGENT']);
- $_SESSION["pwd_hash"] = db_fetch_result($result, 0, "pwd_hash");
+ $_SESSION["pwd_hash"] = $row["pwd_hash"];
$_SESSION["last_version_check"] = time();
}
}
+ // this is used for user http parameters unless HTML code is actually needed
+ function clean($param) {
+ if (is_array($param)) {
+ return array_map("strip_tags", $param);
+ } else if (is_string($param)) {
+ return strip_tags($param);
+ } else {
+ return $param;
+ }
+ }
+
function make_password($length = 8) {
$password = "";
$possible = "0123456789abcdfghjkmnpqrstvwxyzABCDFGHJKMNPQRSTVWXYZ";
- $i = 0;
+ $i = 0;
while ($i < $length) {
$char = substr($possible, mt_rand(0, strlen($possible)-1), 1);
function initialize_user($uid) {
- db_query("insert into ttrss_feeds (owner_uid,title,feed_url)
- values ('$uid', 'Tiny Tiny RSS: Forum',
+ $pdo = DB::pdo();
+
+ $sth = $pdo->prepare("insert into ttrss_feeds (owner_uid,title,feed_url)
+ values (?, 'Tiny Tiny RSS: Forum',
'http://tt-rss.org/forum/rss.php')");
+ $sth->execute([$uid]);
}
function logout_user() {
- session_destroy();
+ @session_destroy();
if (isset($_COOKIE[session_name()])) {
setcookie(session_name(), '', time()-42000, '/');
}
+ session_commit();
}
function validate_csrf($csrf_token) {
return $csrf_token == $_SESSION['csrf_token'];
}
- function load_user_plugins($owner_uid) {
+ function load_user_plugins($owner_uid, $pluginhost = false) {
+
+ if (!$pluginhost) $pluginhost = PluginHost::getInstance();
+
if ($owner_uid && SCHEMA_VERSION >= 100) {
$plugins = get_pref("_ENABLED_PLUGINS", $owner_uid);
- PluginHost::getInstance()->load($plugins, PluginHost::KIND_USER, $owner_uid);
+ $pluginhost->load($plugins, PluginHost::KIND_USER, $owner_uid);
if (get_schema_version() > 100) {
- PluginHost::getInstance()->load_data();
+ $pluginhost->load_data();
}
}
}
function login_sequence() {
+ $pdo = Db::pdo();
+
if (SINGLE_USER_MODE) {
@session_start();
authenticate_user("admin", null);
if (!$_SESSION["uid"]) {
if (AUTH_AUTO_LOGIN && authenticate_user(null, null)) {
- $_SESSION["ref_schema_version"] = get_schema_version(true);
+ $_SESSION["ref_schema_version"] = get_schema_version(true);
} else {
authenticate_user(null, null, true);
}
if (!$_SESSION["uid"]) {
- @session_destroy();
- setcookie(session_name(), '', time()-42000, '/');
+ logout_user();
render_login_form();
exit;
} else {
/* bump login timestamp */
- db_query("UPDATE ttrss_users SET last_login = NOW() WHERE id = " .
- $_SESSION["uid"]);
+ $sth = $pdo->prepare("UPDATE ttrss_users SET last_login = NOW() WHERE id = ?");
+ $sth->execute([$_SESSION['uid']]);
+
$_SESSION["last_login_update"] = time();
}
/* cleanup ccache */
- db_query("DELETE FROM ttrss_counters_cache WHERE owner_uid = ".
- $_SESSION["uid"] . " AND
+ $sth = $pdo->prepare("DELETE FROM ttrss_counters_cache WHERE owner_uid = ?
+ AND
(SELECT COUNT(id) FROM ttrss_feeds WHERE
ttrss_feeds.id = feed_id) = 0");
- db_query("DELETE FROM ttrss_cat_counters_cache WHERE owner_uid = ".
- $_SESSION["uid"] . " AND
+ $sth->execute([$_SESSION['uid']]);
+
+ $sth = $pdo->prepare("DELETE FROM ttrss_cat_counters_cache WHERE owner_uid = ?
+ AND
(SELECT COUNT(id) FROM ttrss_feed_categories WHERE
ttrss_feed_categories.id = feed_id) = 0");
+ $sth->execute([$_SESSION['uid']]);
}
}
}
}
+ // is not utf8 clean
+ function truncate_middle($str, $max_len, $suffix = '…') {
+ if (strlen($str) > $max_len) {
+ return substr_replace($str, $suffix, $max_len / 2, mb_strlen($str) - $max_len);
+ } else {
+ return $str;
+ }
+ }
+
function convert_timestamp($timestamp, $source_tz, $dest_tz) {
try {
}
function sql_bool_to_bool($s) {
- if ($s == "t" || $s == "1" || strtolower($s) == "true") {
- return true;
- } else {
- return false;
- }
+ return $s && ($s !== "f" && $s !== "false"); //no-op for PDO, backwards compat for legacy layer
}
function bool_to_sql_bool($s) {
- if ($s) {
- return "true";
- } else {
- return "false";
- }
+ return $s ? 1 : 0;
}
// Session caching removed due to causing wrong redirects to upgrade
function get_schema_version($nocache = false) {
global $schema_version;
+ $pdo = DB::pdo();
+
if (!$schema_version && !$nocache) {
- $result = db_query("SELECT schema_version FROM ttrss_version");
- $version = db_fetch_result($result, 0, "schema_version");
+ $row = $pdo->query("SELECT schema_version FROM ttrss_version")->fetch();
+ $version = $row["schema_version"];
$schema_version = $version;
return $version;
} else {
$error_code = 5;
}
- if (DB_TYPE == "mysql") {
- $result = db_query("SELECT true", false);
- if (db_num_rows($result) != 1) {
- $error_code = 10;
- }
- }
-
- if (db_escape_string("testTEST") != "testTEST") {
- $error_code = 12;
- }
-
return array("code" => $error_code, "message" => $ERRORS[$error_code]);
}
}
}
- function catchup_feed($feed, $cat_view, $owner_uid = false, $max_id = false, $mode = 'all') {
-
- if (!$owner_uid) $owner_uid = $_SESSION['uid'];
-
- //if (preg_match("/^-?[0-9][0-9]*$/", $feed) != false) {
-
- // Todo: all this interval stuff needs some generic generator function
-
- $date_qpart = "false";
-
- switch ($mode) {
- case "1day":
- if (DB_TYPE == "pgsql") {
- $date_qpart = "date_entered < NOW() - INTERVAL '1 day' ";
- } else {
- $date_qpart = "date_entered < DATE_SUB(NOW(), INTERVAL 1 DAY) ";
- }
- break;
- case "1week":
- if (DB_TYPE == "pgsql") {
- $date_qpart = "date_entered < NOW() - INTERVAL '1 week' ";
- } else {
- $date_qpart = "date_entered < DATE_SUB(NOW(), INTERVAL 1 WEEK) ";
- }
- break;
- case "2week":
- if (DB_TYPE == "pgsql") {
- $date_qpart = "date_entered < NOW() - INTERVAL '2 week' ";
- } else {
- $date_qpart = "date_entered < DATE_SUB(NOW(), INTERVAL 2 WEEK) ";
- }
- break;
- default:
- $date_qpart = "true";
- }
-
- if (is_numeric($feed)) {
- if ($cat_view) {
-
- if ($feed >= 0) {
-
- if ($feed > 0) {
- $children = getChildCategories($feed, $owner_uid);
- array_push($children, $feed);
-
- $children = join(",", $children);
-
- $cat_qpart = "cat_id IN ($children)";
- } else {
- $cat_qpart = "cat_id IS NULL";
- }
+ function getFeedUnread($feed, $is_cat = false) {
+ return Feeds::getFeedArticles($feed, $is_cat, true, $_SESSION["uid"]);
+ }
- db_query("UPDATE ttrss_user_entries
- SET unread = false, last_read = NOW() WHERE ref_id IN
- (SELECT id FROM
- (SELECT id FROM ttrss_entries, ttrss_user_entries WHERE ref_id = id
- AND owner_uid = $owner_uid AND unread = true AND feed_id IN
- (SELECT id FROM ttrss_feeds WHERE $cat_qpart) AND $date_qpart) as tmp)");
+ function checkbox_to_sql_bool($val) {
+ return ($val == "on") ? 1 : 0;
+ }
- } else if ($feed == -2) {
+ function uniqid_short() {
+ return uniqid(base_convert(rand(), 10, 36));
+ }
- db_query("UPDATE ttrss_user_entries
- SET unread = false,last_read = NOW() WHERE (SELECT COUNT(*)
- FROM ttrss_user_labels2, ttrss_entries WHERE article_id = ref_id AND id = ref_id AND $date_qpart) > 0
- AND unread = true AND owner_uid = $owner_uid");
- }
+ function make_init_params() {
+ $params = array();
- } else if ($feed > 0) {
+ foreach (array("ON_CATCHUP_SHOW_NEXT_FEED", "HIDE_READ_FEEDS",
+ "ENABLE_FEED_CATS", "FEEDS_SORT_BY_UNREAD", "CONFIRM_FEED_CATCHUP",
+ "CDM_AUTO_CATCHUP", "FRESH_ARTICLE_MAX_AGE",
+ "HIDE_READ_SHOWS_SPECIAL", "COMBINED_DISPLAY_MODE") as $param) {
- db_query("UPDATE ttrss_user_entries
- SET unread = false, last_read = NOW() WHERE ref_id IN
- (SELECT id FROM
- (SELECT id FROM ttrss_entries, ttrss_user_entries WHERE ref_id = id
- AND owner_uid = $owner_uid AND unread = true AND feed_id = $feed AND $date_qpart) as tmp)");
+ $params[strtolower($param)] = (int) get_pref($param);
+ }
- } else if ($feed < 0 && $feed > LABEL_BASE_INDEX) { // special, like starred
+ $params["icons_url"] = ICONS_URL;
+ $params["cookie_lifetime"] = SESSION_COOKIE_LIFETIME;
+ $params["default_view_mode"] = get_pref("_DEFAULT_VIEW_MODE");
+ $params["default_view_limit"] = (int) get_pref("_DEFAULT_VIEW_LIMIT");
+ $params["default_view_order_by"] = get_pref("_DEFAULT_VIEW_ORDER_BY");
+ $params["bw_limit"] = (int) $_SESSION["bw_limit"];
+ $params["is_default_pw"] = Pref_Prefs::isdefaultpassword();
+ $params["label_base_index"] = (int) LABEL_BASE_INDEX;
- if ($feed == -1) {
- db_query("UPDATE ttrss_user_entries
- SET unread = false, last_read = NOW() WHERE ref_id IN
- (SELECT id FROM
- (SELECT id FROM ttrss_entries, ttrss_user_entries WHERE ref_id = id
- AND owner_uid = $owner_uid AND unread = true AND marked = true AND $date_qpart) as tmp)");
- }
+ $theme = get_pref( "USER_CSS_THEME", false, false);
+ $params["theme"] = theme_valid("$theme") ? $theme : "";
- if ($feed == -2) {
- db_query("UPDATE ttrss_user_entries
- SET unread = false, last_read = NOW() WHERE ref_id IN
- (SELECT id FROM
- (SELECT id FROM ttrss_entries, ttrss_user_entries WHERE ref_id = id
- AND owner_uid = $owner_uid AND unread = true AND published = true AND $date_qpart) as tmp)");
- }
+ $params["plugins"] = implode(", ", PluginHost::getInstance()->get_plugin_names());
- if ($feed == -3) {
+ $params["php_platform"] = PHP_OS;
+ $params["php_version"] = PHP_VERSION;
- $intl = get_pref("FRESH_ARTICLE_MAX_AGE");
+ $params["sanity_checksum"] = sha1(file_get_contents("include/sanity_check.php"));
- if (DB_TYPE == "pgsql") {
- $match_part = "date_entered > NOW() - INTERVAL '$intl hour' ";
- } else {
- $match_part = "date_entered > DATE_SUB(NOW(),
- INTERVAL $intl HOUR) ";
- }
+ $pdo = Db::pdo();
- db_query("UPDATE ttrss_user_entries
- SET unread = false, last_read = NOW() WHERE ref_id IN
- (SELECT id FROM
- (SELECT id FROM ttrss_entries, ttrss_user_entries WHERE ref_id = id
- AND owner_uid = $owner_uid AND score >= 0 AND unread = true AND $date_qpart AND $match_part) as tmp)");
- }
+ $sth = $pdo->prepare("SELECT MAX(id) AS mid, COUNT(*) AS nf FROM
+ ttrss_feeds WHERE owner_uid = ?");
+ $sth->execute([$_SESSION['uid']]);
+ $row = $sth->fetch();
- if ($feed == -4) {
- db_query("UPDATE ttrss_user_entries
- SET unread = false, last_read = NOW() WHERE ref_id IN
- (SELECT id FROM
- (SELECT id FROM ttrss_entries, ttrss_user_entries WHERE ref_id = id
- AND owner_uid = $owner_uid AND unread = true AND $date_qpart) as tmp)");
- }
+ $max_feed_id = $row["mid"];
+ $num_feeds = $row["nf"];
- } else if ($feed < LABEL_BASE_INDEX) { // label
+ $params["max_feed_id"] = (int) $max_feed_id;
+ $params["num_feeds"] = (int) $num_feeds;
- $label_id = feed_to_label_id($feed);
+ $params["hotkeys"] = get_hotkeys_map();
- db_query("UPDATE ttrss_user_entries
- SET unread = false, last_read = NOW() WHERE ref_id IN
- (SELECT id FROM
- (SELECT ttrss_entries.id FROM ttrss_entries, ttrss_user_entries, ttrss_user_labels2 WHERE ref_id = id
- AND label_id = '$label_id' AND ref_id = article_id
- AND owner_uid = $owner_uid AND unread = true AND $date_qpart) as tmp)");
+ $params["csrf_token"] = $_SESSION["csrf_token"];
+ $params["widescreen"] = (int) $_COOKIE["ttrss_widescreen"];
- }
+ $params['simple_update'] = defined('SIMPLE_UPDATE_MODE') && SIMPLE_UPDATE_MODE;
- ccache_update($feed, $owner_uid, $cat_view);
+ $params["icon_alert"] = base64_img("images/alert.png");
+ $params["icon_information"] = base64_img("images/information.png");
+ $params["icon_cross"] = base64_img("images/cross.png");
+ $params["icon_indicator_white"] = base64_img("images/indicator_white.gif");
- } else { // tag
- db_query("UPDATE ttrss_user_entries
- SET unread = false, last_read = NOW() WHERE ref_id IN
- (SELECT id FROM
- (SELECT ttrss_entries.id FROM ttrss_entries, ttrss_user_entries, ttrss_tags WHERE ref_id = ttrss_entries.id
- AND post_int_id = int_id AND tag_name = '$feed'
- AND ttrss_user_entries.owner_uid = $owner_uid AND unread = true AND $date_qpart) as tmp)");
+ $params["labels"] = Labels::get_all_labels($_SESSION["uid"]);
- }
+ return $params;
}
- function getAllCounters() {
- $data = getGlobalCounters();
+ function get_hotkeys_info() {
+ $hotkeys = array(
+ __("Navigation") => array(
+ "next_feed" => __("Open next feed"),
+ "prev_feed" => __("Open previous feed"),
+ "next_article" => __("Open next article"),
+ "prev_article" => __("Open previous article"),
+ "next_article_noscroll" => __("Open next article (don't scroll long articles)"),
+ "prev_article_noscroll" => __("Open previous article (don't scroll long articles)"),
+ "next_article_noexpand" => __("Move to next article (don't expand or mark read)"),
+ "prev_article_noexpand" => __("Move to previous article (don't expand or mark read)"),
+ "search_dialog" => __("Show search dialog")),
+ __("Article") => array(
+ "toggle_mark" => __("Toggle starred"),
+ "toggle_publ" => __("Toggle published"),
+ "toggle_unread" => __("Toggle unread"),
+ "edit_tags" => __("Edit tags"),
+ "open_in_new_window" => __("Open in new window"),
+ "catchup_below" => __("Mark below as read"),
+ "catchup_above" => __("Mark above as read"),
+ "article_scroll_down" => __("Scroll down"),
+ "article_scroll_up" => __("Scroll up"),
+ "select_article_cursor" => __("Select article under cursor"),
+ "email_article" => __("Email article"),
+ "close_article" => __("Close/collapse article"),
+ "toggle_expand" => __("Toggle article expansion (combined mode)"),
+ "toggle_widescreen" => __("Toggle widescreen mode"),
+ "toggle_embed_original" => __("Toggle embed original")),
+ __("Article selection") => array(
+ "select_all" => __("Select all articles"),
+ "select_unread" => __("Select unread"),
+ "select_marked" => __("Select starred"),
+ "select_published" => __("Select published"),
+ "select_invert" => __("Invert selection"),
+ "select_none" => __("Deselect everything")),
+ __("Feed") => array(
+ "feed_refresh" => __("Refresh current feed"),
+ "feed_unhide_read" => __("Un/hide read feeds"),
+ "feed_subscribe" => __("Subscribe to feed"),
+ "feed_edit" => __("Edit feed"),
+ "feed_catchup" => __("Mark as read"),
+ "feed_reverse" => __("Reverse headlines"),
+ "feed_toggle_vgroup" => __("Toggle headline grouping"),
+ "feed_debug_update" => __("Debug feed update"),
+ "feed_debug_viewfeed" => __("Debug viewfeed()"),
+ "catchup_all" => __("Mark all feeds as read"),
+ "cat_toggle_collapse" => __("Un/collapse current category"),
+ "toggle_combined_mode" => __("Toggle combined mode")),
+ __("Go to") => array(
+ "goto_all" => __("All articles"),
+ "goto_fresh" => __("Fresh"),
+ "goto_marked" => __("Starred"),
+ "goto_published" => __("Published"),
+ "goto_tagcloud" => __("Tag cloud"),
+ "goto_prefs" => __("Preferences")),
+ __("Other") => array(
+ "create_label" => __("Create label"),
+ "create_filter" => __("Create filter"),
+ "collapse_sidebar" => __("Un/collapse sidebar"),
+ "help_dialog" => __("Show help dialog"))
+ );
+
+ foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_HOTKEY_INFO) as $plugin) {
+ $hotkeys = $plugin->hook_hotkey_info($hotkeys);
+ }
+
+ return $hotkeys;
+ }
- $data = array_merge($data, getVirtCounters());
- $data = array_merge($data, getLabelCounters());
- $data = array_merge($data, getFeedCounters());
- $data = array_merge($data, getCategoryCounters());
+ function get_hotkeys_map() {
+ $hotkeys = array(
+ // "navigation" => array(
+ "k" => "next_feed",
+ "j" => "prev_feed",
+ "n" => "next_article",
+ "p" => "prev_article",
+ "(38)|up" => "prev_article",
+ "(40)|down" => "next_article",
+ // "^(38)|Ctrl-up" => "prev_article_noscroll",
+ // "^(40)|Ctrl-down" => "next_article_noscroll",
+ "(191)|/" => "search_dialog",
+ // "article" => array(
+ "s" => "toggle_mark",
+ "*s" => "toggle_publ",
+ "u" => "toggle_unread",
+ "*t" => "edit_tags",
+ "o" => "open_in_new_window",
+ "c p" => "catchup_below",
+ "c n" => "catchup_above",
+ "*n" => "article_scroll_down",
+ "*p" => "article_scroll_up",
+ "*(38)|Shift+up" => "article_scroll_up",
+ "*(40)|Shift+down" => "article_scroll_down",
+ "a *w" => "toggle_widescreen",
+ "a e" => "toggle_embed_original",
+ "e" => "email_article",
+ "a q" => "close_article",
+ // "article_selection" => array(
+ "a a" => "select_all",
+ "a u" => "select_unread",
+ "a *u" => "select_marked",
+ "a p" => "select_published",
+ "a i" => "select_invert",
+ "a n" => "select_none",
+ // "feed" => array(
+ "f r" => "feed_refresh",
+ "f a" => "feed_unhide_read",
+ "f s" => "feed_subscribe",
+ "f e" => "feed_edit",
+ "f q" => "feed_catchup",
+ "f x" => "feed_reverse",
+ "f g" => "feed_toggle_vgroup",
+ "f *d" => "feed_debug_update",
+ "f *g" => "feed_debug_viewfeed",
+ "f *c" => "toggle_combined_mode",
+ "*q" => "catchup_all",
+ "x" => "cat_toggle_collapse",
+ // "goto" => array(
+ "g a" => "goto_all",
+ "g f" => "goto_fresh",
+ "g s" => "goto_marked",
+ "g p" => "goto_published",
+ "g t" => "goto_tagcloud",
+ "g *p" => "goto_prefs",
+ // "other" => array(
+ "(9)|Tab" => "select_article_cursor", // tab
+ "c l" => "create_label",
+ "c f" => "create_filter",
+ "c s" => "collapse_sidebar",
+ "^(191)|Ctrl+/" => "help_dialog",
+ );
+
+ if (get_pref('COMBINED_DISPLAY_MODE')) {
+ $hotkeys["^(38)|Ctrl-up"] = "prev_article_noscroll";
+ $hotkeys["^(40)|Ctrl-down"] = "next_article_noscroll";
+ }
+
+ foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_HOTKEY_MAP) as $plugin) {
+ $hotkeys = $plugin->hook_hotkey_map($hotkeys);
+ }
+
+ $prefixes = array();
+
+ foreach (array_keys($hotkeys) as $hotkey) {
+ $pair = explode(" ", $hotkey, 2);
+
+ if (count($pair) > 1 && !in_array($pair[0], $prefixes)) {
+ array_push($prefixes, $pair[0]);
+ }
+ }
- return $data;
+ return array($prefixes, $hotkeys);
}
- function getCategoryTitle($cat_id) {
+ function check_for_update() {
+ if (defined("GIT_VERSION_TIMESTAMP")) {
+ $content = @fetch_file_contents(array("url" => "http://tt-rss.org/version.json", "timeout" => 5));
- if ($cat_id == -1) {
- return __("Special");
- } else if ($cat_id == -2) {
- return __("Labels");
- } else {
+ if ($content) {
+ $content = json_decode($content, true);
- $result = db_query("SELECT title FROM ttrss_feed_categories WHERE
- id = '$cat_id'");
+ if ($content && isset($content["changeset"])) {
+ if ((int)GIT_VERSION_TIMESTAMP < (int)$content["changeset"]["timestamp"] &&
+ GIT_VERSION_HEAD != $content["changeset"]["id"]) {
- if (db_num_rows($result) == 1) {
- return db_fetch_result($result, 0, "title");
- } else {
- return __("Uncategorized");
+ return $content["changeset"]["id"];
+ }
+ }
}
}
+
+ return "";
}
+ function make_runtime_info($disable_update_check = false) {
+ $data = array();
- function getCategoryCounters() {
- $ret_arr = array();
+ $pdo = Db::pdo();
- /* Labels category */
+ $sth = $pdo->prepare("SELECT MAX(id) AS mid, COUNT(*) AS nf FROM
+ ttrss_feeds WHERE owner_uid = ?");
+ $sth->execute([$_SESSION['uid']]);
+ $row = $sth->fetch();
- $cv = array("id" => -2, "kind" => "cat",
- "counter" => getCategoryUnread(-2));
+ $max_feed_id = $row['mid'];
+ $num_feeds = $row['nf'];
- array_push($ret_arr, $cv);
+ $data["max_feed_id"] = (int) $max_feed_id;
+ $data["num_feeds"] = (int) $num_feeds;
- $result = db_query("SELECT id AS cat_id, value AS unread,
- (SELECT COUNT(id) FROM ttrss_feed_categories AS c2
- WHERE c2.parent_cat = ttrss_feed_categories.id) AS num_children
- FROM ttrss_feed_categories, ttrss_cat_counters_cache
- WHERE ttrss_cat_counters_cache.feed_id = id AND
- ttrss_cat_counters_cache.owner_uid = ttrss_feed_categories.owner_uid AND
- ttrss_feed_categories.owner_uid = " . $_SESSION["uid"]);
+ $data['last_article_id'] = Article::getLastArticleId();
- while ($line = db_fetch_assoc($result)) {
- $line["cat_id"] = (int) $line["cat_id"];
+ $data['dep_ts'] = calculate_dep_timestamp();
+ $data['reload_on_ts_change'] = !defined('_NO_RELOAD_ON_TS_CHANGE');
- if ($line["num_children"] > 0) {
- $child_counter = getCategoryChildrenUnread($line["cat_id"], $_SESSION["uid"]);
- } else {
- $child_counter = 0;
- }
+ $data["labels"] = Labels::get_all_labels($_SESSION["uid"]);
- $cv = array("id" => $line["cat_id"], "kind" => "cat",
- "counter" => $line["unread"] + $child_counter);
+ if (CHECK_FOR_UPDATES && !$disable_update_check && $_SESSION["last_version_check"] + 86400 + rand(-1000, 1000) < time()) {
+ $update_result = @check_for_update();
- array_push($ret_arr, $cv);
+ $data["update_result"] = $update_result;
+
+ $_SESSION["last_version_check"] = time();
}
- /* Special case: NULL category doesn't actually exist in the DB */
+ if (file_exists(LOCK_DIRECTORY . "/update_daemon.lock")) {
- $cv = array("id" => 0, "kind" => "cat",
- "counter" => (int) ccache_find(0, $_SESSION["uid"], true));
+ $data['daemon_is_running'] = (int) file_is_locked("update_daemon.lock");
- array_push($ret_arr, $cv);
+ if (time() - $_SESSION["daemon_stamp_check"] > 30) {
- return $ret_arr;
- }
+ $stamp = (int) @file_get_contents(LOCK_DIRECTORY . "/update_daemon.stamp");
- // only accepts real cats (>= 0)
- function getCategoryChildrenUnread($cat, $owner_uid = false) {
- if (!$owner_uid) $owner_uid = $_SESSION["uid"];
+ if ($stamp) {
+ $stamp_delta = time() - $stamp;
+
+ if ($stamp_delta > 1800) {
+ $stamp_check = 0;
+ } else {
+ $stamp_check = 1;
+ $_SESSION["daemon_stamp_check"] = time();
+ }
- $result = db_query("SELECT id FROM ttrss_feed_categories WHERE parent_cat = '$cat'
- AND owner_uid = $owner_uid");
+ $data['daemon_stamp_ok'] = $stamp_check;
- $unread = 0;
+ $stamp_fmt = date("Y.m.d, G:i", $stamp);
- while ($line = db_fetch_assoc($result)) {
- $unread += getCategoryUnread($line["id"], $owner_uid);
- $unread += getCategoryChildrenUnread($line["id"], $owner_uid);
+ $data['daemon_stamp'] = $stamp_fmt;
+ }
+ }
}
- return $unread;
+ return $data;
}
- function getCategoryUnread($cat, $owner_uid = false) {
-
- if (!$owner_uid) $owner_uid = $_SESSION["uid"];
+ function search_to_sql($search, $search_language) {
- if ($cat >= 0) {
+ $keywords = str_getcsv(trim($search), " ");
+ $query_keywords = array();
+ $search_words = array();
+ $search_query_leftover = array();
- if ($cat != 0) {
- $cat_query = "cat_id = '$cat'";
- } else {
- $cat_query = "cat_id IS NULL";
- }
+ $pdo = Db::pdo();
- $result = db_query("SELECT id FROM ttrss_feeds WHERE $cat_query
- AND owner_uid = " . $owner_uid);
+ if ($search_language)
+ $search_language = $pdo->quote(mb_strtolower($search_language));
+ else
+ $search_language = $pdo->quote("english");
- $cat_feeds = array();
- while ($line = db_fetch_assoc($result)) {
- array_push($cat_feeds, "feed_id = " . $line["id"]);
+ foreach ($keywords as $k) {
+ if (strpos($k, "-") === 0) {
+ $k = substr($k, 1);
+ $not = "NOT";
+ } else {
+ $not = "";
}
- if (count($cat_feeds) == 0) return 0;
-
- $match_part = implode(" OR ", $cat_feeds);
-
- $result = db_query("SELECT COUNT(int_id) AS unread
- FROM ttrss_user_entries
- WHERE unread = true AND ($match_part)
- AND owner_uid = " . $owner_uid);
+ $commandpair = explode(":", mb_strtolower($k), 2);
- $unread = 0;
+ switch ($commandpair[0]) {
+ case "title":
+ if ($commandpair[1]) {
+ array_push($query_keywords, "($not (LOWER(ttrss_entries.title) LIKE ".
+ $pdo->quote('%' . mb_strtolower($commandpair[1]) . '%') ."))");
+ } else {
+ array_push($query_keywords, "(UPPER(ttrss_entries.title) $not LIKE UPPER('%$k%')
+ OR UPPER(ttrss_entries.content) $not LIKE UPPER(".$pdo->quote("%$k%")."))");
+ array_push($search_words, $k);
+ }
+ break;
+ case "author":
+ if ($commandpair[1]) {
+ array_push($query_keywords, "($not (LOWER(author) LIKE ".
+ $pdo->quote('%' . mb_strtolower($commandpair[1]) . '%')."))");
+ } else {
+ array_push($query_keywords, "(UPPER(ttrss_entries.title) $not LIKE UPPER('%$k%')
+ OR UPPER(ttrss_entries.content) $not LIKE UPPER(".$pdo->quote("%$k%")."))");
+ array_push($search_words, $k);
+ }
+ break;
+ case "note":
+ if ($commandpair[1]) {
+ if ($commandpair[1] == "true")
+ array_push($query_keywords, "($not (note IS NOT NULL AND note != ''))");
+ else if ($commandpair[1] == "false")
+ array_push($query_keywords, "($not (note IS NULL OR note = ''))");
+ else
+ array_push($query_keywords, "($not (LOWER(note) LIKE ".
+ $pdo->quote('%' . mb_strtolower($commandpair[1]) . '%')."))");
+ } else {
+ array_push($query_keywords, "(UPPER(ttrss_entries.title) $not LIKE UPPER(".$pdo->quote("%$k%").")
+ OR UPPER(ttrss_entries.content) $not LIKE UPPER(".$pdo->quote("%$k%")."))");
+ if (!$not) array_push($search_words, $k);
+ }
+ break;
+ case "star":
- # this needs to be rewritten
- while ($line = db_fetch_assoc($result)) {
- $unread += $line["unread"];
- }
+ if ($commandpair[1]) {
+ if ($commandpair[1] == "true")
+ array_push($query_keywords, "($not (marked = true))");
+ else
+ array_push($query_keywords, "($not (marked = false))");
+ } else {
+ array_push($query_keywords, "(UPPER(ttrss_entries.title) $not LIKE UPPER(".$pdo->quote("%$k%").")
+ OR UPPER(ttrss_entries.content) $not LIKE UPPER(".$pdo->quote("%$k%")."))");
+ if (!$not) array_push($search_words, $k);
+ }
+ break;
+ case "pub":
+ if ($commandpair[1]) {
+ if ($commandpair[1] == "true")
+ array_push($query_keywords, "($not (published = true))");
+ else
+ array_push($query_keywords, "($not (published = false))");
+
+ } else {
+ array_push($query_keywords, "(UPPER(ttrss_entries.title) $not LIKE UPPER('%$k%')
+ OR UPPER(ttrss_entries.content) $not LIKE UPPER(".$pdo->quote("%$k%")."))");
+ if (!$not) array_push($search_words, $k);
+ }
+ break;
+ case "unread":
+ if ($commandpair[1]) {
+ if ($commandpair[1] == "true")
+ array_push($query_keywords, "($not (unread = true))");
+ else
+ array_push($query_keywords, "($not (unread = false))");
+
+ } else {
+ array_push($query_keywords, "(UPPER(ttrss_entries.title) $not LIKE UPPER(".$pdo->quote("%$k%").")
+ OR UPPER(ttrss_entries.content) $not LIKE UPPER(".$pdo->quote("%$k%")."))");
+ if (!$not) array_push($search_words, $k);
+ }
+ break;
+ default:
+ if (strpos($k, "@") === 0) {
- return $unread;
- } else if ($cat == -1) {
- return getFeedUnread(-1) + getFeedUnread(-2) + getFeedUnread(-3) + getFeedUnread(0);
- } else if ($cat == -2) {
+ $user_tz_string = get_pref('USER_TIMEZONE', $_SESSION['uid']);
+ $orig_ts = strtotime(substr($k, 1));
+ $k = date("Y-m-d", convert_timestamp($orig_ts, $user_tz_string, 'UTC'));
- $result = db_query("
- SELECT COUNT(unread) AS unread FROM
- ttrss_user_entries, ttrss_user_labels2
- WHERE article_id = ref_id AND unread = true
- AND ttrss_user_entries.owner_uid = '$owner_uid'");
+ //$k = date("Y-m-d", strtotime(substr($k, 1)));
- $unread = db_fetch_result($result, 0, "unread");
+ array_push($query_keywords, "(".SUBSTRING_FOR_DATE."(updated,1,LENGTH('$k')) $not = '$k')");
+ } else {
- return $unread;
+ if (DB_TYPE == "pgsql") {
+ $k = mb_strtolower($k);
+ array_push($search_query_leftover, $not ? "!$k" : $k);
+ } else {
+ array_push($query_keywords, "(UPPER(ttrss_entries.title) $not LIKE UPPER(".$pdo->quote("%$k%").")
+ OR UPPER(ttrss_entries.content) $not LIKE UPPER(".$pdo->quote("%$k%")."))");
+ }
+ if (!$not) array_push($search_words, $k);
+ }
+ }
}
- }
- function getFeedUnread($feed, $is_cat = false) {
- return getFeedArticles($feed, $is_cat, true, $_SESSION["uid"]);
+ if (count($search_query_leftover) > 0) {
+ $search_query_leftover = $pdo->quote(implode(" & ", $search_query_leftover));
+
+ if (DB_TYPE == "pgsql") {
+ array_push($query_keywords,
+ "(tsvector_combined @@ to_tsquery($search_language, $search_query_leftover))");
+ }
+
+ }
+
+ $search_query_part = implode("AND", $query_keywords);
+
+ return array($search_query_part, $search_words);
}
- function getLabelUnread($label_id, $owner_uid = false) {
- if (!$owner_uid) $owner_uid = $_SESSION["uid"];
+ function iframe_whitelisted($entry) {
+ $whitelist = array("youtube.com", "youtu.be", "vimeo.com", "player.vimeo.com");
- $result = db_query("SELECT COUNT(ref_id) AS unread FROM ttrss_user_entries, ttrss_user_labels2
- WHERE owner_uid = '$owner_uid' AND unread = true AND label_id = '$label_id' AND article_id = ref_id");
+ @$src = parse_url($entry->getAttribute("src"), PHP_URL_HOST);
- if (db_num_rows($result) != 0) {
- return db_fetch_result($result, 0, "unread");
- } else {
- return 0;
+ if ($src) {
+ foreach ($whitelist as $w) {
+ if ($src == $w || $src == "www.$w")
+ return true;
+ }
}
+
+ return false;
}
- function getFeedArticles($feed, $is_cat = false, $unread_only = false,
- $owner_uid = false) {
+ // check for locally cached (media) URLs and rewrite to local versions
+ // this is called separately after sanitize() and plugin render article hooks to allow
+ // plugins work on original source URLs used before caching
- $n_feed = (int) $feed;
- $need_entries = false;
+ function rewrite_cached_urls($str) {
+ $charset_hack = '<head>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
+ </head>';
- if (!$owner_uid) $owner_uid = $_SESSION["uid"];
+ $res = trim($str); if (!$res) return '';
- if ($unread_only) {
- $unread_qpart = "unread = true";
- } else {
- $unread_qpart = "true";
+ $doc = new DOMDocument();
+ $doc->loadHTML($charset_hack . $res);
+ $xpath = new DOMXPath($doc);
+
+ $entries = $xpath->query('(//img[@src]|//video[@poster]|//video/source[@src]|//audio/source[@src])');
+
+ $need_saving = false;
+
+ foreach ($entries as $entry) {
+
+ if ($entry->hasAttribute('src') || $entry->hasAttribute('poster')) {
+
+ // should be already absolutized because this is called after sanitize()
+ $src = $entry->hasAttribute('poster') ? $entry->getAttribute('poster') : $entry->getAttribute('src');
+ $cached_filename = CACHE_DIR . '/images/' . sha1($src);
+
+ if (file_exists($cached_filename)) {
+
+ // this is strictly cosmetic
+ if ($entry->tagName == 'img') {
+ $suffix = ".png";
+ } else if ($entry->parentNode && $entry->parentNode->tagName == "video") {
+ $suffix = ".mp4";
+ } else if ($entry->parentNode && $entry->parentNode->tagName == "audio") {
+ $suffix = ".ogg";
+ } else {
+ $suffix = "";
+ }
+
+ $src = get_self_url_prefix() . '/public.php?op=cached_url&hash=' . sha1($src) . $suffix;
+
+ if ($entry->hasAttribute('poster'))
+ $entry->setAttribute('poster', $src);
+ else
+ $entry->setAttribute('src', $src);
+
+ $need_saving = true;
+ }
+ }
}
- if ($is_cat) {
- return getCategoryUnread($n_feed, $owner_uid);
- } else if ($n_feed == -6) {
- return 0;
- } else if ($feed != "0" && $n_feed == 0) {
+ if ($need_saving) {
+ $doc->removeChild($doc->firstChild); //remove doctype
+ $res = $doc->saveHTML();
+ }
- $feed = db_escape_string($feed);
+ return $res;
+ }
- $result = db_query("SELECT SUM((SELECT COUNT(int_id)
- FROM ttrss_user_entries,ttrss_entries WHERE int_id = post_int_id
- AND ref_id = id AND $unread_qpart)) AS count FROM ttrss_tags
- WHERE owner_uid = $owner_uid AND tag_name = '$feed'");
- return db_fetch_result($result, 0, "count");
+ function sanitize($str, $force_remove_images = false, $owner = false, $site_url = false, $highlight_words = false, $article_id = false) {
+ if (!$owner) $owner = $_SESSION["uid"];
- } else if ($n_feed == -1) {
- $match_part = "marked = true";
- } else if ($n_feed == -2) {
- $match_part = "published = true";
- } else if ($n_feed == -3) {
- $match_part = "unread = true AND score >= 0";
+ $res = trim($str); if (!$res) return '';
- $intl = get_pref("FRESH_ARTICLE_MAX_AGE", $owner_uid);
+ $charset_hack = '<head>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
+ </head>';
- if (DB_TYPE == "pgsql") {
- $match_part .= " AND date_entered > NOW() - INTERVAL '$intl hour' ";
- } else {
- $match_part .= " AND date_entered > DATE_SUB(NOW(), INTERVAL $intl HOUR) ";
+ $res = trim($res); if (!$res) return '';
+
+ libxml_use_internal_errors(true);
+
+ $doc = new DOMDocument();
+ $doc->loadHTML($charset_hack . $res);
+ $xpath = new DOMXPath($doc);
+
+ $rewrite_base_url = $site_url ? $site_url : get_self_url_prefix();
+
+ $entries = $xpath->query('(//a[@href]|//img[@src]|//video/source[@src]|//audio/source[@src])');
+
+ foreach ($entries as $entry) {
+
+ if ($entry->hasAttribute('href')) {
+ $entry->setAttribute('href',
+ rewrite_relative_url($rewrite_base_url, $entry->getAttribute('href')));
+
+ $entry->setAttribute('rel', 'noopener noreferrer');
}
- $need_entries = true;
+ if ($entry->hasAttribute('src')) {
+ $src = rewrite_relative_url($rewrite_base_url, $entry->getAttribute('src'));
- } else if ($n_feed == -4) {
- $match_part = "true";
- } else if ($n_feed >= 0) {
+ // cache stuff has gone to rewrite_cached_urls()
- if ($n_feed != 0) {
- $match_part = "feed_id = '$n_feed'";
- } else {
- $match_part = "feed_id IS NULL";
+ $entry->setAttribute('src', $src);
}
- } else if ($feed < LABEL_BASE_INDEX) {
+ if ($entry->nodeName == 'img') {
+ $entry->setAttribute('referrerpolicy', 'no-referrer');
+
+ $entry->removeAttribute('width');
+ $entry->removeAttribute('height');
+
+ if ($entry->hasAttribute('src')) {
+ $is_https_url = parse_url($entry->getAttribute('src'), PHP_URL_SCHEME) === 'https';
+
+ if (is_prefix_https() && !$is_https_url) {
+
+ if ($entry->hasAttribute('srcset')) {
+ $entry->removeAttribute('srcset');
+ }
+
+ if ($entry->hasAttribute('sizes')) {
+ $entry->removeAttribute('sizes');
+ }
+ }
+ }
+ }
+
+ if ($entry->hasAttribute('src') &&
+ ($owner && get_pref("STRIP_IMAGES", $owner)) || $force_remove_images || $_SESSION["bw_limit"]) {
+
+ $p = $doc->createElement('p');
+
+ $a = $doc->createElement('a');
+ $a->setAttribute('href', $entry->getAttribute('src'));
+
+ $a->appendChild(new DOMText($entry->getAttribute('src')));
+ $a->setAttribute('target', '_blank');
+ $a->setAttribute('rel', 'noopener noreferrer');
- $label_id = feed_to_label_id($feed);
+ $p->appendChild($a);
- return getLabelUnread($label_id, $owner_uid);
+ if ($entry->nodeName == 'source') {
+ if ($entry->parentNode && $entry->parentNode->parentNode)
+ $entry->parentNode->parentNode->replaceChild($p, $entry->parentNode);
+
+ } else if ($entry->nodeName == 'img') {
+
+ if ($entry->parentNode)
+ $entry->parentNode->replaceChild($p, $entry);
+
+ }
+ }
+
+ if (strtolower($entry->nodeName) == "a") {
+ $entry->setAttribute("target", "_blank");
+ $entry->setAttribute("rel", "noopener noreferrer");
+ }
}
- if ($match_part) {
+ $entries = $xpath->query('//iframe');
+ foreach ($entries as $entry) {
+ if (!iframe_whitelisted($entry)) {
+ $entry->setAttribute('sandbox', 'allow-scripts');
+ } else {
+ if (is_prefix_https()) {
+ $entry->setAttribute("src",
+ str_replace("http://", "https://",
+ $entry->getAttribute("src")));
+ }
+ }
+ }
- if ($need_entries) {
- $from_qpart = "ttrss_user_entries,ttrss_entries";
- $from_where = "ttrss_entries.id = ttrss_user_entries.ref_id AND";
+ $allowed_elements = array('a', 'abbr', 'address', 'acronym', 'audio', 'article', 'aside',
+ 'b', 'bdi', 'bdo', 'big', 'blockquote', 'body', 'br',
+ 'caption', 'cite', 'center', 'code', 'col', 'colgroup',
+ 'data', 'dd', 'del', 'details', 'description', 'dfn', 'div', 'dl', 'font',
+ 'dt', 'em', 'footer', 'figure', 'figcaption',
+ 'h1', 'h2', 'h3', 'h4', 'h5', 'h6', 'header', 'hr', 'html', 'i',
+ 'img', 'ins', 'kbd', 'li', 'main', 'mark', 'nav', 'noscript',
+ 'ol', 'p', 'pre', 'q', 'ruby', 'rp', 'rt', 's', 'samp', 'section',
+ 'small', 'source', 'span', 'strike', 'strong', 'sub', 'summary',
+ 'sup', 'table', 'tbody', 'td', 'tfoot', 'th', 'thead', 'time',
+ 'tr', 'track', 'tt', 'u', 'ul', 'var', 'wbr', 'video', 'xml:namespace' );
+
+ if ($_SESSION['hasSandbox']) $allowed_elements[] = 'iframe';
+
+ $disallowed_attributes = array('id', 'style', 'class');
+
+ foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_SANITIZE) as $plugin) {
+ $retval = $plugin->hook_sanitize($doc, $site_url, $allowed_elements, $disallowed_attributes, $article_id);
+ if (is_array($retval)) {
+ $doc = $retval[0];
+ $allowed_elements = $retval[1];
+ $disallowed_attributes = $retval[2];
} else {
- $from_qpart = "ttrss_user_entries";
- $from_where = "";
+ $doc = $retval;
}
+ }
- $query = "SELECT count(int_id) AS unread
- FROM $from_qpart WHERE
- $unread_qpart AND $from_where ($match_part) AND ttrss_user_entries.owner_uid = $owner_uid";
+ $doc->removeChild($doc->firstChild); //remove doctype
+ $doc = strip_harmful_tags($doc, $allowed_elements, $disallowed_attributes);
- //echo "[$feed/$query]\n";
+ if ($highlight_words) {
+ foreach ($highlight_words as $word) {
- $result = db_query($query);
+ // http://stackoverflow.com/questions/4081372/highlight-keywords-in-a-paragraph
- } else {
+ $elements = $xpath->query("//*/text()");
- $result = db_query("SELECT COUNT(post_int_id) AS unread
- FROM ttrss_tags,ttrss_user_entries,ttrss_entries
- WHERE tag_name = '$feed' AND post_int_id = int_id AND ref_id = ttrss_entries.id
- AND $unread_qpart AND ttrss_tags.owner_uid = " . $owner_uid);
- }
+ foreach ($elements as $child) {
- $unread = db_fetch_result($result, 0, "unread");
+ $fragment = $doc->createDocumentFragment();
+ $text = $child->textContent;
- return $unread;
- }
+ while (($pos = mb_stripos($text, $word)) !== false) {
+ $fragment->appendChild(new DomText(mb_substr($text, 0, $pos)));
+ $word = mb_substr($text, $pos, mb_strlen($word));
+ $highlight = $doc->createElement('span');
+ $highlight->appendChild(new DomText($word));
+ $highlight->setAttribute('class', 'highlight');
+ $fragment->appendChild($highlight);
+ $text = mb_substr($text, $pos + mb_strlen($word));
+ }
- function getGlobalUnread($user_id = false) {
+ if (!empty($text)) $fragment->appendChild(new DomText($text));
- if (!$user_id) {
- $user_id = $_SESSION["uid"];
+ $child->parentNode->replaceChild($fragment, $child);
+ }
+ }
}
- $result = db_query("SELECT SUM(value) AS c_id FROM ttrss_counters_cache
- WHERE owner_uid = '$user_id' AND feed_id > 0");
+ $res = $doc->saveHTML();
- $c_id = db_fetch_result($result, 0, "c_id");
+ /* strip everything outside of <body>...</body> */
- return $c_id;
+ $res_frag = array();
+ if (preg_match('/<body>(.*)<\/body>/is', $res, $res_frag)) {
+ return $res_frag[1];
+ } else {
+ return $res;
+ }
}
- function getGlobalCounters($global_unread = -1) {
- $ret_arr = array();
+ function strip_harmful_tags($doc, $allowed_elements, $disallowed_attributes) {
+ $xpath = new DOMXPath($doc);
+ $entries = $xpath->query('//*');
- if ($global_unread == -1) {
- $global_unread = getGlobalUnread();
- }
+ foreach ($entries as $entry) {
+ if (!in_array($entry->nodeName, $allowed_elements)) {
+ $entry->parentNode->removeChild($entry);
+ }
- $cv = array("id" => "global-unread",
- "counter" => (int) $global_unread);
+ if ($entry->hasAttributes()) {
+ $attrs_to_remove = array();
- array_push($ret_arr, $cv);
+ foreach ($entry->attributes as $attr) {
- $result = db_query("SELECT COUNT(id) AS fn FROM
- ttrss_feeds WHERE owner_uid = " . $_SESSION["uid"]);
+ if (strpos($attr->nodeName, 'on') === 0) {
+ array_push($attrs_to_remove, $attr);
+ }
- $subscribed_feeds = db_fetch_result($result, 0, "fn");
+ if (strpos($attr->nodeName, "data-") === 0) {
+ array_push($attrs_to_remove, $attr);
+ }
- $cv = array("id" => "subscribed-feeds",
- "counter" => (int) $subscribed_feeds);
+ if ($attr->nodeName == 'href' && stripos($attr->value, 'javascript:') === 0) {
+ array_push($attrs_to_remove, $attr);
+ }
- array_push($ret_arr, $cv);
+ if (in_array($attr->nodeName, $disallowed_attributes)) {
+ array_push($attrs_to_remove, $attr);
+ }
+ }
- return $ret_arr;
+ foreach ($attrs_to_remove as $attr) {
+ $entry->removeAttributeNode($attr);
+ }
+ }
+ }
+
+ return $doc;
}
- function getVirtCounters() {
+ function trim_array($array) {
+ $tmp = $array;
+ array_walk($tmp, 'trim');
+ return $tmp;
+ }
- $ret_arr = array();
+ function tag_is_valid($tag) {
+ if (!$tag || is_numeric($tag) || mb_strlen($tag) > 250)
+ return false;
- for ($i = 0; $i >= -4; $i--) {
+ return true;
+ }
- $count = getFeedUnread($i);
+ function render_login_form() {
+ header('Cache-Control: public');
- if ($i == 0 || $i == -1 || $i == -2)
- $auxctr = getFeedArticles($i, false);
- else
- $auxctr = 0;
+ require_once "login_form.php";
+ exit;
+ }
+
+ function T_sprintf() {
+ $args = func_get_args();
+ return vsprintf(__(array_shift($args)), $args);
+ }
+
+ function print_checkpoint($n, $s) {
+ $ts = microtime(true);
+ echo sprintf("<!-- CP[$n] %.4f seconds -->\n", $ts - $s);
+ return $ts;
+ }
- $cv = array("id" => $i,
- "counter" => (int) $count,
- "auxcounter" => $auxctr);
+ function sanitize_tag($tag) {
+ $tag = trim($tag);
-// if (get_pref('EXTENDED_FEEDLIST'))
-// $cv["xmsg"] = getFeedArticles($i)." ".__("total");
+ $tag = mb_strtolower($tag, 'utf-8');
- array_push($ret_arr, $cv);
+ $tag = preg_replace('/[,\'\"\+\>\<]/', "", $tag);
+
+ if (DB_TYPE == "mysql") {
+ $tag = preg_replace('/[\x{10000}-\x{10FFFF}]/u', "\xEF\xBF\xBD", $tag);
}
- $feeds = PluginHost::getInstance()->get_feeds(-1);
+ return $tag;
+ }
- if (is_array($feeds)) {
- foreach ($feeds as $feed) {
- $cv = array("id" => PluginHost::pfeed_to_feed_id($feed['id']),
- "counter" => $feed['sender']->get_unread($feed['id']));
+ function is_server_https() {
+ return (!empty($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] != 'off')) || $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https';
+ }
- if (method_exists($feed['sender'], 'get_total'))
- $cv["auxcounter"] = $feed['sender']->get_total($feed['id']);
+ function is_prefix_https() {
+ return parse_url(SELF_URL_PATH, PHP_URL_SCHEME) == 'https';
+ }
- array_push($ret_arr, $cv);
- }
+ // this returns SELF_URL_PATH sans ending slash
+ function get_self_url_prefix() {
+ if (strrpos(SELF_URL_PATH, "/") === strlen(SELF_URL_PATH)-1) {
+ return substr(SELF_URL_PATH, 0, strlen(SELF_URL_PATH)-1);
+ } else {
+ return SELF_URL_PATH;
}
-
- return $ret_arr;
}
- function getLabelCounters($descriptions = false) {
+ function encrypt_password($pass, $salt = '', $mode2 = false) {
+ if ($salt && $mode2) {
+ return "MODE2:" . hash('sha256', $salt . $pass);
+ } else if ($salt) {
+ return "SHA1X:" . sha1("$salt:$pass");
+ } else {
+ return "SHA1:" . sha1($pass);
+ }
+ } // function encrypt_password
- $ret_arr = array();
+ function load_filters($feed_id, $owner_uid) {
+ $filters = array();
- $owner_uid = $_SESSION["uid"];
+ $feed_id = (int) $feed_id;
+ $cat_id = (int)Feeds::getFeedCategory($feed_id);
- $result = db_query("SELECT id,caption,SUM(CASE WHEN u1.unread = true THEN 1 ELSE 0 END) AS unread, COUNT(u1.unread) AS total
- FROM ttrss_labels2 LEFT JOIN ttrss_user_labels2 ON
- (ttrss_labels2.id = label_id)
- LEFT JOIN ttrss_user_entries AS u1 ON u1.ref_id = article_id
- WHERE ttrss_labels2.owner_uid = $owner_uid GROUP BY ttrss_labels2.id,
- ttrss_labels2.caption");
+ if ($cat_id == 0)
+ $null_cat_qpart = "cat_id IS NULL OR";
+ else
+ $null_cat_qpart = "";
- while ($line = db_fetch_assoc($result)) {
+ $pdo = Db::pdo();
- $id = label_to_feed_id($line["id"]);
+ $sth = $pdo->prepare("SELECT * FROM ttrss_filters2 WHERE
+ owner_uid = ? AND enabled = true ORDER BY order_id, title");
+ $sth->execute([$owner_uid]);
- $cv = array("id" => $id,
- "counter" => (int) $line["unread"],
- "auxcounter" => (int) $line["total"]);
+ $check_cats = array_merge(
+ Feeds::getParentCategories($cat_id, $owner_uid),
+ [$cat_id]);
- if ($descriptions)
- $cv["description"] = $line["caption"];
+ $check_cats_str = join(",", $check_cats);
+ $check_cats_fullids = array_map(function($a) { return "CAT:$a"; }, $check_cats);
- array_push($ret_arr, $cv);
- }
+ while ($line = $sth->fetch()) {
+ $filter_id = $line["id"];
- return $ret_arr;
- }
+ $match_any_rule = sql_bool_to_bool($line["match_any_rule"]);
- function getFeedCounters($active_feed = false) {
+ $sth2 = $pdo->prepare("SELECT
+ r.reg_exp, r.inverse, r.feed_id, r.cat_id, r.cat_filter, r.match_on, t.name AS type_name
+ FROM ttrss_filters2_rules AS r,
+ ttrss_filter_types AS t
+ WHERE
+ (match_on IS NOT NULL OR
+ (($null_cat_qpart (cat_id IS NULL AND cat_filter = false) OR cat_id IN ($check_cats_str)) AND
+ (feed_id IS NULL OR feed_id = ?))) AND
+ filter_type = t.id AND filter_id = ?");
+ $sth2->execute([$feed_id, $filter_id]);
- $ret_arr = array();
+ $rules = array();
+ $actions = array();
- $query = "SELECT ttrss_feeds.id,
- ttrss_feeds.title,
- ".SUBSTRING_FOR_DATE."(ttrss_feeds.last_updated,1,19) AS last_updated,
- last_error, value AS count
- FROM ttrss_feeds, ttrss_counters_cache
- WHERE ttrss_feeds.owner_uid = ".$_SESSION["uid"]."
- AND ttrss_counters_cache.owner_uid = ttrss_feeds.owner_uid
- AND ttrss_counters_cache.feed_id = id";
+ while ($rule_line = $sth2->fetch()) {
+ # print_r($rule_line);
- $result = db_query($query);
+ if ($rule_line["match_on"]) {
+ $match_on = json_decode($rule_line["match_on"], true);
- while ($line = db_fetch_assoc($result)) {
+ if (in_array("0", $match_on) || in_array($feed_id, $match_on) || count(array_intersect($check_cats_fullids, $match_on)) > 0) {
- $id = $line["id"];
- $count = $line["count"];
- $last_error = htmlspecialchars($line["last_error"]);
+ $rule = array();
+ $rule["reg_exp"] = $rule_line["reg_exp"];
+ $rule["type"] = $rule_line["type_name"];
+ $rule["inverse"] = sql_bool_to_bool($rule_line["inverse"]);
- $last_updated = make_local_datetime($line['last_updated'], false);
+ array_push($rules, $rule);
+ } else if (!$match_any_rule) {
+ // this filter contains a rule that doesn't match to this feed/category combination
+ // thus filter has to be rejected
- $has_img = feed_has_icon($id);
+ $rules = [];
+ break;
+ }
- if (date('Y') - date('Y', strtotime($line['last_updated'])) > 2)
- $last_updated = '';
+ } else {
+
+ $rule = array();
+ $rule["reg_exp"] = $rule_line["reg_exp"];
+ $rule["type"] = $rule_line["type_name"];
+ $rule["inverse"] = sql_bool_to_bool($rule_line["inverse"]);
+
+ array_push($rules, $rule);
+ }
+ }
- $cv = array("id" => $id,
- "updated" => $last_updated,
- "counter" => (int) $count,
- "has_img" => (int) $has_img);
+ if (count($rules) > 0) {
+ $sth2 = $pdo->prepare("SELECT a.action_param,t.name AS type_name
+ FROM ttrss_filters2_actions AS a,
+ ttrss_filter_actions AS t
+ WHERE
+ action_id = t.id AND filter_id = ?");
+ $sth2->execute([$filter_id]);
- if ($last_error)
- $cv["error"] = $last_error;
+ while ($action_line = $sth2->fetch()) {
+ # print_r($action_line);
-// if (get_pref('EXTENDED_FEEDLIST'))
-// $cv["xmsg"] = getFeedArticles($id)." ".__("total");
+ $action = array();
+ $action["type"] = $action_line["type_name"];
+ $action["param"] = $action_line["action_param"];
- if ($active_feed && $id == $active_feed)
- $cv["title"] = truncate_string($line["title"], 30);
+ array_push($actions, $action);
+ }
+ }
- array_push($ret_arr, $cv);
+ $filter = array();
+ $filter["match_any_rule"] = sql_bool_to_bool($line["match_any_rule"]);
+ $filter["inverse"] = sql_bool_to_bool($line["inverse"]);
+ $filter["rules"] = $rules;
+ $filter["actions"] = $actions;
+ if (count($rules) > 0 && count($actions) > 0) {
+ array_push($filters, $filter);
+ }
}
- return $ret_arr;
+ return $filters;
}
- function get_pgsql_version() {
- $result = db_query("SELECT version() AS version");
- $version = explode(" ", db_fetch_result($result, 0, "version"));
- return $version[1];
+ function get_score_pic($score) {
+ if ($score > 100) {
+ return "score_high.png";
+ } else if ($score > 0) {
+ return "score_half_high.png";
+ } else if ($score < -100) {
+ return "score_low.png";
+ } else if ($score < 0) {
+ return "score_half_low.png";
+ } else {
+ return "score_neutral.png";
+ }
}
- /**
- * @return array (code => Status code, message => error message if available)
- *
- * 0 - OK, Feed already exists
- * 1 - OK, Feed added
- * 2 - Invalid URL
- * 3 - URL content is HTML, no feeds available
- * 4 - URL content is HTML which contains multiple feeds.
- * Here you should call extractfeedurls in rpc-backend
- * to get all possible feeds.
- * 5 - Couldn't download the URL content.
- * 6 - Content is an invalid XML.
- */
- function subscribe_to_feed($url, $cat_id = 0,
- $auth_login = '', $auth_pass = '') {
+ function init_plugins() {
+ PluginHost::getInstance()->load(PLUGINS, PluginHost::KIND_ALL);
- global $fetch_last_error;
+ return true;
+ }
- require_once "include/rssfuncs.php";
+ function add_feed_category($feed_cat, $parent_cat_id = false) {
- $url = fix_url($url);
+ if (!$feed_cat) return false;
- if (!$url || !validate_feed_url($url)) return array("code" => 2);
+ $feed_cat = mb_substr($feed_cat, 0, 250);
+ if (!$parent_cat_id) $parent_cat_id = null;
- $contents = @fetch_file_contents($url, false, $auth_login, $auth_pass);
+ $pdo = Db::pdo();
+ $tr_in_progress = false;
- if (!$contents) {
- return array("code" => 5, "message" => $fetch_last_error);
+ try {
+ $pdo->beginTransaction();
+ } catch (Exception $e) {
+ $tr_in_progress = true;
}
- foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_SUBSCRIBE_FEED) as $plugin) {
- $contents = $plugin->hook_subscribe_feed($contents, $url, $auth_login, $auth_pass);
+ $sth = $pdo->prepare("SELECT id FROM ttrss_feed_categories
+ WHERE (parent_cat = :parent OR (:parent IS NULL AND parent_cat IS NULL))
+ AND title = :title AND owner_uid = :uid");
+ $sth->execute([':parent' => $parent_cat_id, ':title' => $feed_cat, ':uid' => $_SESSION['uid']]);
+
+ if (!$sth->fetch()) {
+
+ $sth = $pdo->prepare("INSERT INTO ttrss_feed_categories (owner_uid,title,parent_cat)
+ VALUES (?, ?, ?)");
+ $sth->execute([$_SESSION['uid'], $feed_cat, $parent_cat_id]);
+
+ if (!$tr_in_progress) $pdo->commit();
+
+ return true;
}
- if (is_html($contents)) {
- $feedUrls = get_feeds_from_html($url, $contents);
+ $pdo->commit();
- if (count($feedUrls) == 0) {
- return array("code" => 3);
- } else if (count($feedUrls) > 1) {
- return array("code" => 4, "feeds" => $feedUrls);
- }
- //use feed url as new URL
- $url = key($feedUrls);
+ return false;
+ }
+
+ /**
+ * Fixes incomplete URLs by prepending "http://".
+ * Also replaces feed:// with http://, and
+ * prepends a trailing slash if the url is a domain name only.
+ *
+ * @param string $url Possibly incomplete URL
+ *
+ * @return string Fixed URL.
+ */
+ function fix_url($url) {
+
+ // support schema-less urls
+ if (strpos($url, '//') === 0) {
+ $url = 'https:' . $url;
}
- if ($cat_id == "0" || !$cat_id) {
- $cat_qpart = "NULL";
- } else {
- $cat_qpart = "'$cat_id'";
+ if (strpos($url, '://') === false) {
+ $url = 'http://' . $url;
+ } else if (substr($url, 0, 5) == 'feed:') {
+ $url = 'http:' . substr($url, 5);
}
- $result = db_query(
- "SELECT id FROM ttrss_feeds
- WHERE feed_url = '$url' AND owner_uid = ".$_SESSION["uid"]);
+ //prepend slash if the URL has no slash in it
+ // "http://www.example" -> "http://www.example/"
+ if (strpos($url, '/', strpos($url, ':') + 3) === false) {
+ $url .= '/';
+ }
- if (strlen(FEED_CRYPT_KEY) > 0) {
- require_once "crypt.php";
- $auth_pass = substr(encrypt_string($auth_pass), 0, 250);
- $auth_pass_encrypted = 'true';
- } else {
- $auth_pass_encrypted = 'false';
+ //convert IDNA hostname to punycode if possible
+ if (function_exists("idn_to_ascii")) {
+ $parts = parse_url($url);
+ if (mb_detect_encoding($parts['host']) != 'ASCII')
+ {
+ $parts['host'] = idn_to_ascii($parts['host']);
+ $url = build_url($parts);
+ }
}
- $auth_pass = db_escape_string($auth_pass);
+ if ($url != "http:///")
+ return $url;
+ else
+ return '';
+ }
- if (db_num_rows($result) == 0) {
- $result = db_query(
- "INSERT INTO ttrss_feeds
- (owner_uid,feed_url,title,cat_id, auth_login,auth_pass,update_method,auth_pass_encrypted)
- VALUES ('".$_SESSION["uid"]."', '$url',
- '[Unknown]', $cat_qpart, '$auth_login', '$auth_pass', 0, $auth_pass_encrypted)");
+ function validate_feed_url($url) {
+ $parts = parse_url($url);
- $result = db_query(
- "SELECT id FROM ttrss_feeds WHERE feed_url = '$url'
- AND owner_uid = " . $_SESSION["uid"]);
+ return ($parts['scheme'] == 'http' || $parts['scheme'] == 'feed' || $parts['scheme'] == 'https');
- $feed_id = db_fetch_result($result, 0, "id");
+ }
- if ($feed_id) {
- set_basic_feed_info($feed_id);
- }
+ /* function save_email_address($email) {
+ // FIXME: implement persistent storage of emails
+
+ if (!$_SESSION['stored_emails'])
+ $_SESSION['stored_emails'] = array();
+
+ if (!in_array($email, $_SESSION['stored_emails']))
+ array_push($_SESSION['stored_emails'], $email);
+ } */
+
+
+ function get_feed_access_key($feed_id, $is_cat, $owner_uid = false) {
- return array("code" => 1);
+ if (!$owner_uid) $owner_uid = $_SESSION["uid"];
+
+ $is_cat = bool_to_sql_bool($is_cat);
+
+ $pdo = Db::pdo();
+
+ $sth = $pdo->prepare("SELECT access_key FROM ttrss_access_keys
+ WHERE feed_id = ? AND is_cat = ?
+ AND owner_uid = ?");
+ $sth->execute([$feed_id, $is_cat, $owner_uid]);
+
+ if ($row = $sth->fetch()) {
+ return $row["access_key"];
} else {
- return array("code" => 0);
+ $key = uniqid_short();
+
+ $sth = $pdo->prepare("INSERT INTO ttrss_access_keys
+ (access_key, feed_id, is_cat, owner_uid)
+ VALUES (?, ?, ?, ?)");
+
+ $sth->execute([$key, $feed_id, $is_cat, $owner_uid]);
+
+ return $key;
+ }
+ }
+
+ function get_feeds_from_html($url, $content)
+ {
+ $url = fix_url($url);
+ $baseUrl = substr($url, 0, strrpos($url, '/') + 1);
+
+ libxml_use_internal_errors(true);
+
+ $doc = new DOMDocument();
+ $doc->loadHTML($content);
+ $xpath = new DOMXPath($doc);
+ $entries = $xpath->query('/html/head/link[@rel="alternate" and '.
+ '(contains(@type,"rss") or contains(@type,"atom"))]|/html/head/link[@rel="feed"]');
+ $feedUrls = array();
+ foreach ($entries as $entry) {
+ if ($entry->hasAttribute('href')) {
+ $title = $entry->getAttribute('title');
+ if ($title == '') {
+ $title = $entry->getAttribute('type');
+ }
+ $feedUrl = rewrite_relative_url(
+ $baseUrl, $entry->getAttribute('href')
+ );
+ $feedUrls[$feedUrl] = $title;
+ }
}
+ return $feedUrls;
}
- function print_feed_select($id, $default_id = "",
- $attributes = "", $include_all_feeds = true,
- $root_id = false, $nest_level = 0) {
+ function is_html($content) {
+ return preg_match("/<html|DOCTYPE html/i", substr($content, 0, 100)) !== 0;
+ }
+
+ function url_is_html($url, $login = false, $pass = false) {
+ return is_html(fetch_file_contents($url, false, $login, $pass));
+ }
+
+ function build_url($parts) {
+ return $parts['scheme'] . "://" . $parts['host'] . $parts['path'];
+ }
+
+ function cleanup_url_path($path) {
+ $path = str_replace("/./", "/", $path);
+ $path = str_replace("//", "/", $path);
+
+ return $path;
+ }
- if (!$root_id) {
- print "<select id=\"$id\" name=\"$id\" $attributes>";
- if ($include_all_feeds) {
- $is_selected = ("0" == $default_id) ? "selected=\"1\"" : "";
- print "<option $is_selected value=\"0\">".__('All feeds')."</option>";
+ /**
+ * Converts a (possibly) relative URL to a absolute one.
+ *
+ * @param string $url Base URL (i.e. from where the document is)
+ * @param string $rel_url Possibly relative URL in the document
+ *
+ * @return string Absolute URL
+ */
+ function rewrite_relative_url($url, $rel_url) {
+ if (strpos($rel_url, "://") !== false) {
+ return $rel_url;
+ } else if (strpos($rel_url, "//") === 0) {
+ # protocol-relative URL (rare but they exist)
+ return $rel_url;
+ } else if (preg_match("/^[a-z]+:/i", $rel_url)) {
+ # magnet:, feed:, etc
+ return $rel_url;
+ } else if (strpos($rel_url, "/") === 0) {
+ $parts = parse_url($url);
+ $parts['path'] = $rel_url;
+ $parts['path'] = cleanup_url_path($parts['path']);
+
+ return build_url($parts);
+
+ } else {
+ $parts = parse_url($url);
+ if (!isset($parts['path'])) {
+ $parts['path'] = '/';
+ }
+ $dir = $parts['path'];
+ if (substr($dir, -1) !== '/') {
+ $dir = dirname($parts['path']);
+ $dir !== '/' && $dir .= '/';
}
+ $parts['path'] = $dir . $rel_url;
+ $parts['path'] = cleanup_url_path($parts['path']);
+
+ return build_url($parts);
}
+ }
- if (get_pref('ENABLE_FEED_CATS')) {
+ function cleanup_tags($days = 14, $limit = 1000) {
- if ($root_id)
- $parent_qpart = "parent_cat = '$root_id'";
- else
- $parent_qpart = "parent_cat IS NULL";
+ $days = (int) $days;
- $result = db_query("SELECT id,title,
- (SELECT COUNT(id) FROM ttrss_feed_categories AS c2 WHERE
- c2.parent_cat = ttrss_feed_categories.id) AS num_children
- FROM ttrss_feed_categories
- WHERE owner_uid = ".$_SESSION["uid"]." AND $parent_qpart ORDER BY title");
+ if (DB_TYPE == "pgsql") {
+ $interval_query = "date_updated < NOW() - INTERVAL '$days days'";
+ } else if (DB_TYPE == "mysql") {
+ $interval_query = "date_updated < DATE_SUB(NOW(), INTERVAL $days DAY)";
+ }
- while ($line = db_fetch_assoc($result)) {
+ $tags_deleted = 0;
- for ($i = 0; $i < $nest_level; $i++)
- $line["title"] = " - " . $line["title"];
+ $pdo = Db::pdo();
- $is_selected = ("CAT:".$line["id"] == $default_id) ? "selected=\"1\"" : "";
+ while ($limit > 0) {
+ $limit_part = 500;
- printf("<option $is_selected value='CAT:%d'>%s</option>",
- $line["id"], htmlspecialchars($line["title"]));
+ $sth = $pdo->prepare("SELECT ttrss_tags.id AS id
+ FROM ttrss_tags, ttrss_user_entries, ttrss_entries
+ WHERE post_int_id = int_id AND $interval_query AND
+ ref_id = ttrss_entries.id AND tag_cache != '' LIMIT ?");
+ $sth->execute([$limit]);
- if ($line["num_children"] > 0)
- print_feed_select($id, $default_id, $attributes,
- $include_all_feeds, $line["id"], $nest_level+1);
+ $ids = array();
- $feed_result = db_query("SELECT id,title FROM ttrss_feeds
- WHERE cat_id = '".$line["id"]."' AND owner_uid = ".$_SESSION["uid"] . " ORDER BY title");
+ while ($line = $sth->fetch()) {
+ array_push($ids, $line['id']);
+ }
- while ($fline = db_fetch_assoc($feed_result)) {
- $is_selected = ($fline["id"] == $default_id) ? "selected=\"1\"" : "";
+ if (count($ids) > 0) {
+ $ids = join(",", $ids);
- $fline["title"] = " + " . $fline["title"];
+ $usth = $pdo->query("DELETE FROM ttrss_tags WHERE id IN ($ids)");
+ $tags_deleted = $usth->rowCount();
+ } else {
+ break;
+ }
- for ($i = 0; $i < $nest_level; $i++)
- $fline["title"] = " - " . $fline["title"];
+ $limit -= $limit_part;
+ }
+
+ return $tags_deleted;
+ }
- printf("<option $is_selected value='%d'>%s</option>",
- $fline["id"], htmlspecialchars($fline["title"]));
+ function print_user_stylesheet() {
+ $value = get_pref('USER_STYLESHEET');
+
+ if ($value) {
+ print "<style type=\"text/css\">";
+ print str_replace("<br/>", "\n", $value);
+ print "</style>";
+ }
+
+ }
+
+ function filter_to_sql($filter, $owner_uid) {
+ $query = array();
+
+ $pdo = Db::pdo();
+
+ if (DB_TYPE == "pgsql")
+ $reg_qpart = "~";
+ else
+ $reg_qpart = "REGEXP";
+
+ foreach ($filter["rules"] AS $rule) {
+ $rule['reg_exp'] = str_replace('/', '\/', $rule["reg_exp"]);
+ $regexp_valid = preg_match('/' . $rule['reg_exp'] . '/',
+ $rule['reg_exp']) !== FALSE;
+
+ if ($regexp_valid) {
+
+ $rule['reg_exp'] = $pdo->quote($rule['reg_exp']);
+
+ switch ($rule["type"]) {
+ case "title":
+ $qpart = "LOWER(ttrss_entries.title) $reg_qpart LOWER('".
+ $rule['reg_exp'] . "')";
+ break;
+ case "content":
+ $qpart = "LOWER(ttrss_entries.content) $reg_qpart LOWER('".
+ $rule['reg_exp'] . "')";
+ break;
+ case "both":
+ $qpart = "LOWER(ttrss_entries.title) $reg_qpart LOWER('".
+ $rule['reg_exp'] . "') OR LOWER(" .
+ "ttrss_entries.content) $reg_qpart LOWER('" . $rule['reg_exp'] . "')";
+ break;
+ case "tag":
+ $qpart = "LOWER(ttrss_user_entries.tag_cache) $reg_qpart LOWER('".
+ $rule['reg_exp'] . "')";
+ break;
+ case "link":
+ $qpart = "LOWER(ttrss_entries.link) $reg_qpart LOWER('".
+ $rule['reg_exp'] . "')";
+ break;
+ case "author":
+ $qpart = "LOWER(ttrss_entries.author) $reg_qpart LOWER('".
+ $rule['reg_exp'] . "')";
+ break;
}
- }
- if (!$root_id) {
- $default_is_cat = ($default_id == "CAT:0");
- $is_selected = $default_is_cat ? "selected=\"1\"" : "";
+ if (isset($rule['inverse'])) $qpart = "NOT ($qpart)";
- printf("<option $is_selected value='CAT:0'>%s</option>",
- __("Uncategorized"));
+ if (isset($rule["feed_id"]) && $rule["feed_id"] > 0) {
+ $qpart .= " AND feed_id = " . $pdo->quote($rule["feed_id"]);
+ }
- $feed_result = db_query("SELECT id,title FROM ttrss_feeds
- WHERE cat_id IS NULL AND owner_uid = ".$_SESSION["uid"] . " ORDER BY title");
+ if (isset($rule["cat_id"])) {
- while ($fline = db_fetch_assoc($feed_result)) {
- $is_selected = ($fline["id"] == $default_id && !$default_is_cat) ? "selected=\"1\"" : "";
+ if ($rule["cat_id"] > 0) {
+ $children = Feeds::getChildCategories($rule["cat_id"], $owner_uid);
+ array_push($children, $rule["cat_id"]);
+ $children = array_map("intval", $children);
- $fline["title"] = " + " . $fline["title"];
+ $children = join(",", $children);
- for ($i = 0; $i < $nest_level; $i++)
- $fline["title"] = " - " . $fline["title"];
+ $cat_qpart = "cat_id IN ($children)";
+ } else {
+ $cat_qpart = "cat_id IS NULL";
+ }
- printf("<option $is_selected value='%d'>%s</option>",
- $fline["id"], htmlspecialchars($fline["title"]));
+ $qpart .= " AND $cat_qpart";
}
+
+ $qpart .= " AND feed_id IS NOT NULL";
+
+ array_push($query, "($qpart)");
+
}
+ }
+ if (count($query) > 0) {
+ $fullquery = "(" . join($filter["match_any_rule"] ? "OR" : "AND", $query) . ")";
} else {
- $result = db_query("SELECT id,title FROM ttrss_feeds
- WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY title");
+ $fullquery = "(false)";
+ }
- while ($line = db_fetch_assoc($result)) {
+ if ($filter['inverse']) $fullquery = "(NOT $fullquery)";
- $is_selected = ($line["id"] == $default_id) ? "selected=\"1\"" : "";
+ return $fullquery;
+ }
- printf("<option $is_selected value='%d'>%s</option>",
- $line["id"], htmlspecialchars($line["title"]));
- }
+ if (!function_exists('gzdecode')) {
+ function gzdecode($string) { // no support for 2nd argument
+ return file_get_contents('compress.zlib://data:who/cares;base64,'.
+ base64_encode($string));
}
+ }
- if (!$root_id) {
- print "</select>";
+ function get_random_bytes($length) {
+ if (function_exists('openssl_random_pseudo_bytes')) {
+ return openssl_random_pseudo_bytes($length);
+ } else {
+ $output = "";
+
+ for ($i = 0; $i < $length; $i++)
+ $output .= chr(mt_rand(0, 255));
+
+ return $output;
}
}
- function print_feed_cat_select($id, $default_id,
- $attributes, $include_all_cats = true, $root_id = false, $nest_level = 0) {
+ function read_stdin() {
+ $fp = fopen("php://stdin", "r");
- if (!$root_id) {
- print "<select id=\"$id\" name=\"$id\" default=\"$default_id\" onchange=\"catSelectOnChange(this)\" $attributes>";
- }
+ if ($fp) {
+ $line = trim(fgets($fp));
+ fclose($fp);
+ return $line;
+ }
- if ($root_id)
- $parent_qpart = "parent_cat = '$root_id'";
- else
- $parent_qpart = "parent_cat IS NULL";
+ return null;
+ }
- $result = db_query("SELECT id,title,
- (SELECT COUNT(id) FROM ttrss_feed_categories AS c2 WHERE
- c2.parent_cat = ttrss_feed_categories.id) AS num_children
- FROM ttrss_feed_categories
- WHERE owner_uid = ".$_SESSION["uid"]." AND $parent_qpart ORDER BY title");
+ function implements_interface($class, $interface) {
+ return in_array($interface, class_implements($class));
+ }
- while ($line = db_fetch_assoc($result)) {
- if ($line["id"] == $default_id) {
- $is_selected = "selected=\"1\"";
- } else {
- $is_selected = "";
- }
+ function get_minified_js($files) {
- for ($i = 0; $i < $nest_level; $i++)
- $line["title"] = " - " . $line["title"];
+ $rv = '';
- if ($line["title"])
- printf("<option $is_selected value='%d'>%s</option>",
- $line["id"], htmlspecialchars($line["title"]));
+ foreach ($files as $js) {
+ if (!isset($_GET['debug'])) {
+ $cached_file = CACHE_DIR . "/js/".basename($js);
- if ($line["num_children"] > 0)
- print_feed_cat_select($id, $default_id, $attributes,
- $include_all_cats, $line["id"], $nest_level+1);
- }
+ if (file_exists($cached_file) && is_readable($cached_file) && filemtime($cached_file) >= filemtime("js/$js")) {
- if (!$root_id) {
- if ($include_all_cats) {
- if (db_num_rows($result) > 0) {
- print "<option disabled=\"1\">--------</option>";
- }
+ list($header, $contents) = explode("\n", file_get_contents($cached_file), 2);
- if ($default_id == 0) {
- $is_selected = "selected=\"1\"";
- } else {
- $is_selected = "";
- }
+ if ($header && $contents) {
+ list($htag, $hversion) = explode(":", $header);
- print "<option $is_selected value=\"0\">".__('Uncategorized')."</option>";
+ if ($htag == "tt-rss" && $hversion == VERSION) {
+ $rv .= $contents;
+ continue;
+ }
+ }
}
- print "</select>";
+
+ $minified = JShrink\Minifier::minify(file_get_contents("js/$js"));
+ file_put_contents($cached_file, "tt-rss:" . VERSION . "\n" . $minified);
+ $rv .= $minified;
+
+ } else {
+ $rv .= file_get_contents("js/$js"); // no cache in debug mode
}
}
- function checkbox_to_sql_bool($val) {
- return ($val == "on") ? "true" : "false";
- }
-
- function getFeedCatTitle($id) {
- if ($id == -1) {
- return __("Special");
- } else if ($id < LABEL_BASE_INDEX) {
- return __("Labels");
- } else if ($id > 0) {
- $result = db_query("SELECT ttrss_feed_categories.title
- FROM ttrss_feeds, ttrss_feed_categories WHERE ttrss_feeds.id = '$id' AND
- cat_id = ttrss_feed_categories.id");
- if (db_num_rows($result) == 1) {
- return db_fetch_result($result, 0, "title");
- } else {
- return __("Uncategorized");
+ return $rv;
+ }
+
+ function calculate_dep_timestamp() {
+ $files = array_merge(glob("js/*.js"), glob("css/*.css"));
+
+ $max_ts = -1;
+
+ foreach ($files as $file) {
+ if (filemtime($file) > $max_ts) $max_ts = filemtime($file);
+ }
+
+ return $max_ts;
+ }
+
+ function T_js_decl($s1, $s2) {
+ if ($s1 && $s2) {
+ $s1 = preg_replace("/\n/", "", $s1);
+ $s2 = preg_replace("/\n/", "", $s2);
+
+ $s1 = preg_replace("/\"/", "\\\"", $s1);
+ $s2 = preg_replace("/\"/", "\\\"", $s2);
+
+ return "T_messages[\"$s1\"] = \"$s2\";\n";
+ }
+ }
+
+ function init_js_translations() {
+
+ print 'var T_messages = new Object();
+
+ function __(msg) {
+ if (T_messages[msg]) {
+ return T_messages[msg];
+ } else {
+ return msg;
+ }
}
- } else {
- return "getFeedCatTitle($id) failed";
- }
-
- }
-
- function getFeedIcon($id) {
- switch ($id) {
- case 0:
- return "images/archive.png";
- break;
- case -1:
- return "images/star.png";
- break;
- case -2:
- return "images/feed.png";
- break;
- case -3:
- return "images/fresh.png";
- break;
- case -4:
- return "images/folder.png";
- break;
- case -6:
- return "images/time.png";
- break;
- default:
- if ($id < LABEL_BASE_INDEX) {
- return "images/label.png";
+
+ function ngettext(msg1, msg2, n) {
+ return __((parseInt(n) > 1) ? msg2 : msg1);
+ }';
+
+ $l10n = _get_reader();
+
+ for ($i = 0; $i < $l10n->total; $i++) {
+ $orig = $l10n->get_original_string($i);
+ if(strpos($orig, "\000") !== FALSE) { // Plural forms
+ $key = explode(chr(0), $orig);
+ print T_js_decl($key[0], _ngettext($key[0], $key[1], 1)); // Singular
+ print T_js_decl($key[1], _ngettext($key[0], $key[1], 2)); // Plural
} else {
- if (file_exists(ICONS_DIR . "/$id.ico"))
- return ICONS_URL . "/$id.ico";
+ $translation = __($orig);
+ print T_js_decl($orig, $translation);
}
- break;
}
+ }
- return false;
+ function get_theme_path($theme) {
+ if ($theme == "default.php")
+ return "css/default.css";
+
+ $check = "themes/$theme";
+ if (file_exists($check)) return $check;
+
+ $check = "themes.local/$theme";
+ if (file_exists($check)) return $check;
}
- function getFeedTitle($id, $cat = false) {
- if ($cat) {
- return getCategoryTitle($id);
- } else if ($id == -1) {
- return __("Starred articles");
- } else if ($id == -2) {
- return __("Published articles");
- } else if ($id == -3) {
- return __("Fresh articles");
- } else if ($id == -4) {
- return __("All articles");
- } else if ($id === 0 || $id === "0") {
- return __("Archived articles");
- } else if ($id == -6) {
- return __("Recently read");
- } else if ($id < LABEL_BASE_INDEX) {
- $label_id = feed_to_label_id($id);
- $result = db_query("SELECT caption FROM ttrss_labels2 WHERE id = '$label_id'");
- if (db_num_rows($result) == 1) {
- return db_fetch_result($result, 0, "caption");
- } else {
- return "Unknown label ($label_id)";
+ function theme_valid($theme) {
+ $bundled_themes = [ "default.php", "night.css", "compact.css" ];
+
+ if (in_array($theme, $bundled_themes)) return true;
+
+ $file = "themes/" . basename($theme);
+
+ if (!file_exists($file)) $file = "themes.local/" . basename($theme);
+
+ if (file_exists($file) && is_readable($file)) {
+ $fh = fopen($file, "r");
+
+ if ($fh) {
+ $header = fgets($fh);
+ fclose($fh);
+
+ return strpos($header, "supports-version:" . VERSION_STATIC) !== FALSE;
}
+ }
- } else if (is_numeric($id) && $id > 0) {
- $result = db_query("SELECT title FROM ttrss_feeds WHERE id = '$id'");
- if (db_num_rows($result) == 1) {
- return db_fetch_result($result, 0, "title");
- } else {
- return "Unknown feed ($id)";
+ return false;
+ }
+
+ /**
+ * @SuppressWarnings(unused)
+ */
+ function error_json($code) {
+ require_once "errors.php";
+
+ @$message = $ERRORS[$code];
+
+ return json_encode(array("error" =>
+ array("code" => $code, "message" => $message)));
+
+ }
+
+ /*function abs_to_rel_path($dir) {
+ $tmp = str_replace(dirname(__DIR__), "", $dir);
+
+ if (strlen($tmp) > 0 && substr($tmp, 0, 1) == "/") $tmp = substr($tmp, 1);
+
+ return $tmp;
+ }*/
+
+ function get_upload_error_message($code) {
+
+ $errors = array(
+ 0 => __('There is no error, the file uploaded with success'),
+ 1 => __('The uploaded file exceeds the upload_max_filesize directive in php.ini'),
+ 2 => __('The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form'),
+ 3 => __('The uploaded file was only partially uploaded'),
+ 4 => __('No file was uploaded'),
+ 6 => __('Missing a temporary folder'),
+ 7 => __('Failed to write file to disk.'),
+ 8 => __('A PHP extension stopped the file upload.'),
+ );
+
+ return $errors[$code];
+ }
+
+ function base64_img($filename) {
+ if (file_exists($filename)) {
+ $ext = pathinfo($filename, PATHINFO_EXTENSION);
+
+ return "data:image/$ext;base64," . base64_encode(file_get_contents($filename));
+ } else {
+ return "";
+ }
+ }
+
+ /* this is essentially a wrapper for readfile() which allows plugins to hook
+ output with httpd-specific "fast" implementation i.e. X-Sendfile or whatever else
+
+ hook function should return true if request was handled (or at least attempted to)
+
+ note that this can be called without user context so the plugin to handle this
+ should be loaded systemwide in config.php */
+ function send_local_file($filename) {
+ if (file_exists($filename)) {
+
+ if (is_writable($filename)) touch($filename);
+
+ $tmppluginhost = new PluginHost();
+
+ $tmppluginhost->load(PLUGINS, PluginHost::KIND_SYSTEM);
+ $tmppluginhost->load_data();
+
+ foreach ($tmppluginhost->get_hooks(PluginHost::HOOK_SEND_LOCAL_FILE) as $plugin) {
+ if ($plugin->hook_send_local_file($filename)) return true;
}
+
+ $mimetype = mime_content_type($filename);
+
+ // this is hardly ideal but 1) only media is cached in images/ and 2) seemingly only mp4
+ // video files are detected as octet-stream by mime_content_type()
+
+ if ($mimetype == "application/octet-stream")
+ $mimetype = "video/mp4";
+
+ header("Content-type: $mimetype");
+
+ $stamp = gmdate("D, d M Y H:i:s", filemtime($filename)) . " GMT";
+ header("Last-Modified: $stamp", true);
+
+ return readfile($filename);
} else {
- return $id;
+ return false;
}
}
- function uniqid_short() {
- return uniqid(base_convert(rand(), 10, 36));
+ function check_mysql_tables() {
+ $pdo = Db::pdo();
+
+ $sth = $pdo->prepare("SELECT engine, table_name FROM information_schema.tables WHERE
+ table_schema = ? AND table_name LIKE 'ttrss_%' AND engine != 'InnoDB'");
+ $sth->execute([DB_NAME]);
+
+ $bad_tables = [];
+
+ while ($line = $sth->fetch()) {
+ array_push($bad_tables, $line);
+ }
+
+ return $bad_tables;
}
- // TODO: less dumb splitting
- require_once "functions2.php";
+ function validate_field($string, $allowed, $default = "") {
+ if (in_array($string, $allowed))
+ return $string;
+ else
+ return $default;
+ }
-?>
+ function arr_qmarks($arr) {
+ return str_repeat('?,', count($arr) - 1) . '?';
+ }