function module_pref_labels($link) {
if (!GLOBAL_ENABLE_LABELS) {
- print "<p>Sorry, labels have been administratively disabled for this installation. Please contact instance owner or edit configuration file to enable this functionality.</p>";
+ print __("Sorry, labels have been administratively disabled for this installation. Please contact instance owner or edit configuration file to enable this functionality.");
return;
}
$line = db_fetch_assoc($result);
- $sql_exp = htmlspecialchars(db_unescape_string($line["sql_exp"]));
- $description = htmlspecialchars(db_unescape_string($line["description"]));
+ $sql_exp = htmlspecialchars($line["sql_exp"]);
+ $description = htmlspecialchars($line["description"]);
- print "<div id=\"infoBoxTitle\">Label editor</div>";
+ print "<div id=\"infoBoxTitle\">Label Editor</div>";
print "<div class=\"infoBoxContents\">";
print "<form id=\"label_edit_form\" onsubmit='return false'>";
print "<input type=\"hidden\" name=\"id\" value=\"$label_id\">";
print "<input type=\"hidden\" name=\"subop\" value=\"editSave\">";
- print "<table width='100%'>";
+ print "<div class=\"dlgSec\">".__("Caption")."</div>";
- print "<tr><td>Caption:</td>
- <td><input onkeypress=\"return filterCR(event, labelEditSave)\"
+ print "<div class=\"dlgSecCont\">";
+
+ print "<input onkeypress=\"return filterCR(event, labelEditSave)\"
onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
onchange=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
- name=\"description\" class=\"iedit\" value=\"$description\">";
+ name=\"description\" size=\"30\" value=\"$description\">";
+ print "</div>";
- print "</td></tr>";
+ print "<div class=\"dlgSec\">".__("Match SQL")."</div>";
- print "<tr><td colspan=\"2\">
- <p>SQL Expression:</p>";
+ print "<div class=\"dlgSecCont\">";
print "<textarea onkeyup=\"toggleSubmitNotEmpty(this, 'infobox_submit')\"
- rows=\"4\" name=\"sql_exp\" class=\"iedit\">$sql_exp</textarea>";
+ rows=\"6\" name=\"sql_exp\" class=\"labelSQL\" cols=\"50\">$sql_exp</textarea>";
- print "</td></tr></table>";
+ print "</div>";
print "</form>";
print "<div style=\"display : none\" id=\"label_test_result\"></div>";
- print "<div align='right'>";
+ print "<div class=\"dlgButtons\">";
+
+ print "<div style='float : left'>";
+ print "<input type=\"submit\"
+ class=\"button\" onclick=\"return displayHelpInfobox(1)\"
+ value=\"".__('Help')."\"> ";
+ print "</div>";
$is_disabled = (strpos($_SERVER['HTTP_USER_AGENT'], 'Opera') !== FALSE) ? "disabled" : "";
if ($subop == "test") {
- $expr = db_unescape_string(trim($_GET["expr"]));
- $descr = db_unescape_string(trim($_GET["descr"]));
+ // no escaping here on purpose
+ $expr = trim($_GET["expr"]);
+ $descr = db_escape_string(trim($_GET["descr"]));
+
+ $expr = str_replace(";", "", $expr);
+
+ if (!$expr) {
+ print "<div>Error: SQL expression is blank.</div>";
+ return;
+ }
print "<div>";
error_reporting (DEFAULT_ERROR_LEVEL);
if (!$result) {
- print "<p>" . db_last_error($link) . "</p>";
+ print "<div class=\"labelTestError\">" . db_last_error($link) . "</div>";
print "</div>";
return;
}
ttrss_user_entries.ref_id = ttrss_entries.id
AND ttrss_user_entries.feed_id = ttrss_feeds.id
AND ttrss_user_entries.owner_uid = " . $_SESSION["uid"] . "
- ORDER BY date_entered DESC LIMIT 10", false);
+ ORDER BY date_entered LIMIT 10", false);
print "<ul class=\"labelTestResults\">";
if ($subop == "editSave") {
- $sql_exp = trim($_GET["sql_exp"]);
+ $sql_exp = db_escape_string(trim($_GET["sql_exp"]));
$descr = db_escape_string(trim($_GET["description"]));
$label_id = db_escape_string($_GET["id"]);
-
+
+ $sql_exp = str_replace(";", "", $sql_exp);
+
$result = db_query($link, "UPDATE ttrss_labels SET
sql_exp = '$sql_exp',
description = '$descr'
if ($subop == "add") {
- // no escaping is done here on purpose
- $sql_exp = trim($_GET["sql_exp"]);
+ $sql_exp = db_escape_string(trim($_GET["sql_exp"]));
$description = db_escape_string($_GET["description"]);
+ $sql_exp = str_replace(";", "", $sql_exp);
+
if (!$sql_exp || !$description) return;
$result = db_query($link,
$sort = "description";
}
- print "<a class='helpLinkPic' href=\"javascript:displayHelpInfobox(1)\">
- <img src='images/sign_quest.png'></a>";
+ $label_search = db_escape_string($_GET["search"]);
+
+ if (array_key_exists("search", $_GET)) {
+ $_SESSION["prefs_label_search"] = $label_search;
+ } else {
+ $label_search = $_SESSION["prefs_label_search"];
+ }
+
+ print "<div class=\"feedEditSearch\">
+ <input id=\"label_search\" size=\"20\" type=\"search\"
+ onfocus=\"javascript:disableHotkeys();\"
+ onblur=\"javascript:enableHotkeys();\"
+ onchange=\"javascript:updateLabelList()\" value=\"$label_search\">
+ <input type=\"submit\" class=\"button\"
+ onclick=\"javascript:updateLabelList()\" value=\"".__('Search')."\">
+ <p><a class='helpLinkPic' href=\"javascript:displayHelpInfobox(1)\">
+ <img src='images/sign_quest.gif'></a></p>
+ </div>";
print "<div class=\"prefGenericAddBox\">";
onclick=\"return displayDlg('quickAddLabel', false)\"
value=\"".__('Create label')."\"></div>";
+ if ($label_search) {
+ $label_search_query = "(sql_exp LIKE '%$label_search%' OR
+ description LIKE '%$label_search%') AND";
+ } else {
+ $label_search_query = "";
+ }
+
$result = db_query($link, "SELECT
id,sql_exp,description
FROM
ttrss_labels
WHERE
+ $label_search_query
owner_uid = ".$_SESSION["uid"]."
ORDER BY $sort");
print "<tr class=\"$class\" $this_row_id>";
- $line["sql_exp"] = htmlspecialchars(db_unescape_string($line["sql_exp"]));
- $line["description"] = htmlspecialchars(
- db_unescape_string($line["description"]));
+ $line["sql_exp"] = htmlspecialchars($line["sql_exp"]);
+ $line["description"] = htmlspecialchars($line["description"]);
- if (!$line["description"]) $line["description"] = "[No caption]";
+ if (!$line["description"]) $line["description"] = __("[No caption]");
+
+ $onclick = "onclick='editLabel($label_id)' title='".__('Click to edit')."'";
print "<td align='center'><input onclick='toggleSelectPrefRow(this, \"label\");'
type=\"checkbox\" id=\"LICHK-".$line["id"]."\"></td>";
- print "<td><a href=\"javascript:editLabel($label_id);\">" .
- $line["description"] . "</td>";
-
- print "<td><a href=\"javascript:editLabel($label_id);\">" .
- $line["sql_exp"] . "</td>";
+ print "<td $onclick>" . $line["description"] . "</td>";
+ print "<td $onclick>" . $line["sql_exp"] . "</td>";
print "</tr>";
++$lnum;
}
-
- if ($lnum == 0) {
- print "<tr><td colspan=\"4\" align=\"center\">".__('No labels defined.')."</td></tr>";
- }
-
+
print "</table>";
print "<p id=\"labelOpToolbar\">";
onclick=\"javascript:removeSelectedLabels()\" value=\"".__('Remove')."\">";
} else {
- print "<p>".__('No labels defined.')."</p>";
+ print "<p>";
+ if (!$label_search) {
+ print __('No labels defined.');
+ } else {
+ print __('No matching labels found.');
+ }
+ print "</p>";
+
}
}
?>