$favicon_url = get_favicon_url($site_url);
if ($favicon_url) {
- $contents = fetch_file_contents($favicon_url, "image");
+ // Limiting to "image" type misses those served with text/plain
+ $contents = fetch_file_contents($favicon_url); // , "image");
+
+ if ($contents) {
+ // Crude image type matching.
+ // Patterns gleaned from the file(1) source code.
+ if (preg_match('/^\x00\x00\x01\x00/', $contents)) {
+ // 0 string \000\000\001\000 MS Windows icon resource
+ //error_log("check_feed_favicon: favicon_url=$favicon_url isa MS Windows icon resource");
+ }
+ elseif (preg_match('/^GIF8/', $contents)) {
+ // 0 string GIF8 GIF image data
+ //error_log("check_feed_favicon: favicon_url=$favicon_url isa GIF image");
+ }
+ elseif (preg_match('/^\x89PNG\x0d\x0a\x1a\x0a/', $contents)) {
+ // 0 string \x89PNG\x0d\x0a\x1a\x0a PNG image data
+ //error_log("check_feed_favicon: favicon_url=$favicon_url isa PNG image");
+ }
+ elseif (preg_match('/^\xff\xd8/', $contents)) {
+ // 0 beshort 0xffd8 JPEG image data
+ //error_log("check_feed_favicon: favicon_url=$favicon_url isa JPG image");
+ }
+ else {
+ //error_log("check_feed_favicon: favicon_url=$favicon_url isa UNKNOWN type");
+ $contents = "";
+ }
+ }
if ($contents) {
$fp = @fopen($icon_file, "w");
$_SESSION["uid"] = 1;
$_SESSION["name"] = "admin";
+ $_SESSION["access_level"] = 10;
+
+ if (!$_SESSION["csrf_token"]) {
+ $_SESSION["csrf_token"] = sha1(uniqid(rand(), true));
+ }
$_SESSION["ip_address"] = $_SERVER["REMOTE_ADDR"];
}
}
- function catchup_feed($link, $feed, $cat_view, $owner_uid = false) {
+ function catchup_feed($link, $feed, $cat_view, $owner_uid = false, $max_id = false) {
if (!$owner_uid) $owner_uid = $_SESSION['uid'];
//if (preg_match("/^-?[0-9][0-9]*$/", $feed) != false) {
+ $ref_check_qpart = ($max_id &&
+ !get_pref($link, 'REVERSE_HEADLINES')) ? "ref_id <= '$max_id'" : "true";
+
if (is_numeric($feed)) {
if ($cat_view) {
db_query($link, "UPDATE ttrss_user_entries
SET unread = false,last_read = NOW()
- WHERE feed_id = '$tmp_feed' AND owner_uid = $owner_uid");
+ WHERE feed_id = '$tmp_feed'
+ AND $ref_check_qpart
+ AND owner_uid = $owner_uid");
}
} else if ($feed == -2) {
db_query($link, "UPDATE ttrss_user_entries
SET unread = false,last_read = NOW() WHERE (SELECT COUNT(*)
FROM ttrss_user_labels2 WHERE article_id = ref_id) > 0
- AND unread = true AND owner_uid = $owner_uid");
+ AND $ref_check_qpart
+ AND unread = true AND owner_uid = $owner_uid");
}
} else if ($feed > 0) {
db_query($link, "UPDATE ttrss_user_entries
SET unread = false,last_read = NOW()
- WHERE feed_id = '$feed' AND owner_uid = $owner_uid");
+ WHERE feed_id = '$feed'
+ AND $ref_check_qpart
+ AND owner_uid = $owner_uid");
} else if ($feed < 0 && $feed > -10) { // special, like starred
if ($feed == -1) {
db_query($link, "UPDATE ttrss_user_entries
SET unread = false,last_read = NOW()
- WHERE marked = true AND owner_uid = $owner_uid");
+ WHERE marked = true
+ AND $ref_check_qpart
+ AND owner_uid = $owner_uid");
}
if ($feed == -2) {
db_query($link, "UPDATE ttrss_user_entries
SET unread = false,last_read = NOW()
- WHERE published = true AND owner_uid = $owner_uid");
+ WHERE published = true
+ AND $ref_check_qpart
+ AND owner_uid = $owner_uid");
}
if ($feed == -3) {
if ($feed == -4) {
db_query($link, "UPDATE ttrss_user_entries
SET unread = false,last_read = NOW()
- WHERE owner_uid = $owner_uid");
+ WHERE $ref_check_qpart AND owner_uid = $owner_uid");
}
} else if ($feed < -10) { // label
db_query($link, "UPDATE ttrss_user_entries, ttrss_user_labels2
SET unread = false, last_read = NOW()
WHERE label_id = '$label_id' AND unread = true
+ AND $ref_check_qpart
AND owner_uid = '$owner_uid' AND ref_id = article_id");
}
while ($line = db_fetch_assoc($result)) {
db_query($link, "UPDATE ttrss_user_entries SET
unread = false, last_read = NOW()
- WHERE int_id = " . $line["post_int_id"]);
+ WHERE $ref_check_qpart AND int_id = " . $line["post_int_id"]);
}
db_query($link, "COMMIT");
}
} else if ($feed == 0 && !$cat_view) { // archive virtual feed
$query_strategy_part = "feed_id IS NULL";
} else if ($feed == 0 && $cat_view) { // uncategorized
- $query_strategy_part = "cat_id IS NULL";
+ $query_strategy_part = "cat_id IS NULL AND feed_id IS NOT NULL";
$vfeed_query_part = "ttrss_feeds.title AS feed_title,";
} else if ($feed == -1) { // starred virtual feed
$query_strategy_part = "marked = true";
if ($tag_cache === false) {
$result = db_query($link, "SELECT tag_cache FROM ttrss_user_entries
- WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
+ WHERE ref_id = '$id' AND owner_uid = $owner_uid");
$tag_cache = db_fetch_result($result, 0, "tag_cache");
}
db_query($link, "UPDATE ttrss_user_entries
SET tag_cache = '$tags_str' WHERE ref_id = '$id'
- AND owner_uid = " . $_SESSION["uid"]);
+ AND owner_uid = $owner_uid");
}
if ($memcache) $memcache->add($obj_id, $tags, 0, 3600);
return $entry;
}
- function format_article($link, $id, $mark_as_read = true, $zoom_mode = false) {
+ function format_article($link, $id, $mark_as_read = true, $zoom_mode = false, $owner_uid = false) {
+
+ if (!$owner_uid) $owner_uid = $_SESSION["uid"];
$rv = array();
//if (!$zoom_mode) { print "<article id='$id'><![CDATA["; };
$result = db_query($link, "SELECT rtl_content, always_display_enclosures FROM ttrss_feeds
- WHERE id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]);
+ WHERE id = '$feed_id' AND owner_uid = $owner_uid");
if (db_num_rows($result) == 1) {
$rtl_content = sql_bool_to_bool(db_fetch_result($result, 0, "rtl_content"));
if ($mark_as_read) {
$result = db_query($link, "UPDATE ttrss_user_entries
SET unread = false,last_read = NOW()
- WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
+ WHERE ref_id = '$id' AND owner_uid = $owner_uid");
- ccache_update($link, $feed_id, $_SESSION["uid"]);
+ ccache_update($link, $feed_id, $owner_uid);
}
$result = db_query($link, "SELECT title,link,content,feed_id,comments,int_id,
orig_feed_id,
note
FROM ttrss_entries,ttrss_user_entries
- WHERE id = '$id' AND ref_id = id AND owner_uid = " . $_SESSION["uid"]);
+ WHERE id = '$id' AND ref_id = id AND owner_uid = $owner_uid");
if ($result) {
$rv['content'] .= "<div id=\"PTITLE-$id\" style=\"display : none\">" .
truncate_string(strip_tags($line['title']), 15) . "</div>";
+ $rv['content'] .= "<div id=\"PTITLE-FULL-$id\" style=\"display : none\">" .
+ strip_tags($line['title']) . "</div>";
+
$rv['content'] .= "<div class=\"postReply\" id=\"POST-$id\">";
$rv['content'] .= "<div onclick=\"return postClicked(event, $id)\"
}
$parsed_updated = make_local_datetime($link, $line["updated"], true,
- false, true);
+ $owner_uid, true);
$rv['content'] .= "<div class=\"postDate$rtl_class\">$parsed_updated</div>";
if ($line["link"]) {
- $rv['content'] .= "<div clear='both'><a target='_blank'
+ $rv['content'] .= "<div class='postTitle' clear='both'><a target='_blank'
title=\"".htmlspecialchars($line['title'])."\"
href=\"" .
$line["link"] . "\">" .
truncate_string($line["title"], 100) .
"<span class='author'>$entry_author</span></a></div>";
} else {
- $rv['content'] .= "<div clear='both'>" . $line["title"] . "$entry_author</div>";
+ $rv['content'] .= "<div class='postTitle' clear='both'>" . $line["title"] . "$entry_author</div>";
}
$tag_cache = $line["tag_cache"];
if (!$tag_cache)
- $tags = get_article_tags($link, $id);
+ $tags = get_article_tags($link, $id, $owner_uid);
else
$tags = explode(",", $tag_cache);
if (!$entry_comments) $entry_comments = " "; # placeholder
- $rv['content'] .= "<div style='float : right'>
+ $rv['content'] .= "<div class='postTags' style='float : right'>
<img src='".theme_image($link, 'images/tag.png')."'
class='tagsPic' alt='Tags' title='Tags'> ";
$rv['content'] .= "<div class=\"postContent\">";
- $article_content = sanitize($link, $line["content"], false, false,
+ $article_content = sanitize($link, $line["content"], false, $owner_uid,
$feed_site_url);
$rv['content'] .= $article_content;
if ($cat_id == -4 || $cat_id == -3) {
$result = db_query($link, "SELECT
- id, feed_url, cat_id, title, ".
+ id, feed_url, cat_id, title, order_id, ".
SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated
FROM ttrss_feeds WHERE owner_uid = " . $_SESSION["uid"] .
" ORDER BY cat_id, title " . $limit_qpart);
$cat_qpart = "cat_id IS NULL";
$result = db_query($link, "SELECT
- id, feed_url, cat_id, title, ".
+ id, feed_url, cat_id, title, order_id, ".
SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated
FROM ttrss_feeds WHERE
$cat_qpart AND owner_uid = " . $_SESSION["uid"] .
"unread" => (int)$unread,
"has_icon" => $has_icon,
"cat_id" => (int)$line["cat_id"],
- "last_updated" => strtotime($line["last_updated"])
+ "last_updated" => strtotime($line["last_updated"]),
+ "order_id" => (int) $line["order_id"],
);
array_push($feeds, $row);
$headline_row["labels"] = $labels;
+ $headline_row["feed_title"] = $line["feed_title"];
+
array_push($headlines, $headline_row);
}
* @return string Absolute URL
*/
function rewrite_relative_url($url, $rel_url) {
- if (strpos($rel_url, "://") !== false) {
+ if (strpos($rel_url, "magnet:") === 0) {
+ return $rel_url;
+ } else if (strpos($rel_url, "://") !== false) {
return $rel_url;
} else if (strpos($rel_url, "/") === 0)
{