$params["default_view_order_by"] = get_pref("_DEFAULT_VIEW_ORDER_BY");
$params["bw_limit"] = (int) $_SESSION["bw_limit"];
$params["label_base_index"] = (int) LABEL_BASE_INDEX;
- $params["theme"] = get_pref("USER_CSS_THEME", false, false);
+
+ $theme = get_pref( "USER_CSS_THEME", false, false);
+ $params["theme"] = theme_valid("$theme") ? $theme : "";
+
$params["plugins"] = implode(", ", PluginHost::getInstance()->get_plugin_names());
$params["php_platform"] = PHP_OS;
return array($prefixes, $hotkeys);
}
+ function check_for_update() {
+ if (defined("GIT_VERSION_TIMESTAMP")) {
+ $content = @fetch_file_contents("http://tt-rss.org/version.json");
+
+ if ($content) {
+ $content = json_decode($content, true);
+
+ if ($content && isset($content["changeset"])) {
+ if ((int)GIT_VERSION_TIMESTAMP < (int)$content["changeset"]["timestamp"] &&
+ GIT_VERSION_HEAD != $content["changeset"]["id"]) {
+
+ return $content["changeset"]["id"];
+ }
+ }
+ }
+ }
+
+ return "";
+ }
+
function make_runtime_info() {
$data = array();
$data['dep_ts'] = calculate_dep_timestamp();
$data['reload_on_ts_change'] = !defined('_NO_RELOAD_ON_TS_CHANGE');
+
+ if (CHECK_FOR_UPDATES && $_SESSION["last_version_check"] + 86400 + rand(-1000, 1000) < time()) {
+ $update_result = @check_for_update();
+
+ $data["update_result"] = $update_result;
+
+ $_SESSION["last_version_check"] = time();
+ }
+
if (file_exists(LOCK_DIRECTORY . "/update_daemon.lock")) {
$data['daemon_is_running'] = (int) file_is_locked("update_daemon.lock");
}
}
- if ($_SESSION["last_version_check"] + 86400 + rand(-1000, 1000) < time()) {
- $new_version_details = @check_for_update();
-
- $data['new_version_available'] = (int) ($new_version_details != false);
-
- $_SESSION["last_version_check"] = time();
- $_SESSION["version_data"] = $new_version_details;
- }
-
return $data;
}
else
array_push($query_keywords, "($not (published = false))");
+ } else {
+ array_push($query_keywords, "(UPPER(ttrss_entries.title) $not LIKE UPPER('%$k%')
+ OR UPPER(ttrss_entries.content) $not LIKE UPPER('%$k%'))");
+ if (!$not) array_push($search_words, $k);
+ }
+ break;
+ case "unread":
+ if ($commandpair[1]) {
+ if ($commandpair[1] == "true")
+ array_push($query_keywords, "($not (unread = true))");
+ else
+ array_push($query_keywords, "($not (unread = false))");
+
} else {
array_push($query_keywords, "(UPPER(ttrss_entries.title) $not LIKE UPPER('%$k%')
OR UPPER(ttrss_entries.content) $not LIKE UPPER('%$k%'))");
$order_by = "score DESC, date_entered DESC, updated DESC";
- if ($view_mode == "unread_first") {
- $order_by = "unread DESC, $order_by";
- }
-
if ($override_order) {
$order_by = $override_order;
}
}
+ function iframe_whitelisted($entry) {
+ $whitelist = array("youtube.com", "youtu.be", "vimeo.com");
+
+ @$src = parse_url($entry->getAttribute("src"), PHP_URL_HOST);
+
+ if ($src) {
+ foreach ($whitelist as $w) {
+ if ($src == $w || $src == "www.$w")
+ return true;
+ }
+ }
+
+ return false;
+ }
+
function sanitize($str, $force_remove_images = false, $owner = false, $site_url = false, $highlight_words = false, $article_id = false) {
if (!$owner) $owner = $_SESSION["uid"];
$cached_filename = CACHE_DIR . '/images/' . sha1($src) . '.png';
if (file_exists($cached_filename)) {
- $src = SELF_URL_PATH . '/image.php?hash=' . sha1($src);
+ $src = SELF_URL_PATH . '/public.php?op=cached_image&hash=' . sha1($src);
}
$entry->setAttribute('src', $src);
$entries = $xpath->query('//iframe');
foreach ($entries as $entry) {
- $entry->setAttribute('sandbox', 'allow-scripts');
-
+ if (!iframe_whitelisted($entry)) {
+ $entry->setAttribute('sandbox', 'allow-scripts');
+ } else {
+ if ($_SERVER['HTTPS'] == "on") {
+ $entry->setAttribute("src",
+ str_replace("http://", "https://",
+ $entry->getAttribute("src")));
+ }
+ }
}
$allowed_elements = array('a', 'address', 'audio', 'article', 'aside',
return $doc;
}
- function check_for_update() {
- if (CHECK_FOR_NEW_VERSION && $_SESSION['access_level'] >= 10) {
- $version_url = "http://tt-rss.org/version.php?ver=" . VERSION .
- "&iid=" . sha1(SELF_URL_PATH);
-
- $version_data = @fetch_file_contents($version_url);
-
- if ($version_data) {
- $version_data = json_decode($version_data, true);
- if ($version_data && $version_data['version']) {
- if (version_compare(VERSION_STATIC, $version_data['version']) == -1) {
- return $version_data;
- }
- }
- }
- }
- return false;
- }
-
function catchupArticlesById($ids, $cmode, $owner_uid = false) {
if (!$owner_uid) $owner_uid = $_SESSION["uid"];
}
function getLastArticleId() {
- $result = db_query("SELECT MAX(ref_id) AS id FROM ttrss_user_entries
- WHERE owner_uid = " . $_SESSION["uid"]);
+ $result = db_query("SELECT ref_id AS id FROM ttrss_user_entries
+ WHERE owner_uid = " . $_SESSION["uid"] . " ORDER BY ref_id DESC LIMIT 1");
if (db_num_rows($result) == 1) {
return db_fetch_result($result, 0, "id");
curl_setopt($curl, CURLOPT_PROXY, _CURL_HTTP_PROXY);
}
- if ((OPENSSL_VERSION_NUMBER >= 0x0090808f) && (OPENSSL_VERSION_NUMBER < 0x10000000)) {
- curl_setopt($curl, CURLOPT_SSLVERSION, 3);
- }
-
$html = curl_exec($curl);
$status = curl_getinfo($curl);
if($status['http_code']!=200){
- // idiot site not allowing http get
+ // idiot site not allowing http head
if($status['http_code'] == 405) {
curl_close($curl);
return geturl($url, $depth +1, false);
return LABEL_BASE_INDEX - 1 + abs($feed);
}
- function format_libxml_error($error) {
- return T_sprintf("LibXML error %s at line %d (column %d): %s",
- $error->code, $error->line, $error->column,
- $error->message);
+ function theme_valid($file) {
+ if ($file == "default.css" || $file == "night.css") return true; // needed for array_filter
+ $file = "themes/" . basename($file);
+
+ if (file_exists($file) && is_readable($file)) {
+ $fh = fopen($file, "r");
+
+ if ($fh) {
+ $header = fgets($fh);
+ fclose($fh);
+
+ return strpos($header, "supports-version:" . VERSION_STATIC) !== FALSE;
+ }
+ }
+
+ return false;
+ }
+
+ function error_json($code) {
+ require_once "errors.php";
+
+ @$message = $ERRORS[$code];
+
+ return json_encode(array("error" =>
+ array("code" => $code, "message" => $message)));
+
}
?>