function emailArticle() {
- $param = db_escape_string($_REQUEST['param']);
+ $ids = explode(",", $_REQUEST['param']);
+ $ids_qmarks = arr_qmarks($ids);
require_once "lib/MiniTemplator.class.php";
$tpl = new MiniTemplator;
- $tpl_t = new MiniTemplator;
$tpl->readTemplateFromFile("templates/email_article_template.txt");
$tpl->setVariable('USER_NAME', $_SESSION["name"], true);
- $tpl->setVariable('USER_EMAIL', $user_email, true);
+ //$tpl->setVariable('USER_EMAIL', $user_email, true);
$tpl->setVariable('TTRSS_HOST', $_SERVER["HTTP_HOST"], true);
- $result = db_query("SELECT link, content, title
+ $sth = $this->pdo->prepare("SELECT DISTINCT link, content, title
FROM ttrss_user_entries, ttrss_entries WHERE id = ref_id AND
- id IN ($param) AND owner_uid = " . $_SESSION["uid"]);
+ id IN ($ids_qmarks) AND owner_uid = ?");
+ $sth->execute(array_merge($ids, [$_SESSION['uid']]));
- if (db_num_rows($result) > 1) {
+ if (count($ids) > 1) {
$subject = __("[Forwarded]") . " " . __("Multiple articles");
+ } else {
+ $subject = "";
}
- while ($line = db_fetch_assoc($result)) {
+ while ($line = $sth->fetch()) {
if (!$subject)
$subject = __("[Forwarded]") . " " . htmlspecialchars($line["title"]);
$content = "";
$tpl->generateOutputToString($content);
- $mailto_link = htmlspecialchars("mailto: ?subject=".rawurlencode($subject).
+ $mailto_link = htmlspecialchars("mailto:?subject=".rawurlencode($subject).
"&body=".rawurlencode($content));
print __("Clicking the following link to invoke your mail client:");
//return;
}
+ function api_version() {
+ return 2;
+ }
+
}
-?>