<?php
class Note extends Plugin {
- private $link;
+
+ /* @var PluginHost $host */
private $host;
function about() {
}
function init($host) {
- $this->link = $host->get_link();
$this->host = $host;
$host->add_hook($host::HOOK_ARTICLE_BUTTON, $this);
}
function edit() {
- $param = db_escape_string($_REQUEST['param']);
+ $param = $_REQUEST['param'];
+
+ $sth = $this->pdo->prepare("SELECT note FROM ttrss_user_entries WHERE
+ ref_id = ? AND owner_uid = ?");
+ $sth->execute([$param, $_SESSION['uid']]);
+
+ if ($row = $sth->fetch()) {
- $result = db_query($this->link, "SELECT note FROM ttrss_user_entries WHERE
- ref_id = '$param' AND owner_uid = " . $_SESSION['uid']);
+ $note = $row['note'];
- $note = db_fetch_result($result, 0, "note");
+ print_hidden("id", "$param");
+ print_hidden("op", "pluginhandler");
+ print_hidden("method", "setNote");
+ print_hidden("plugin", "note");
- print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"id\" value=\"$param\">";
- print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"op\" value=\"pluginhandler\">";
- print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"method\" value=\"setNote\">";
- print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"plugin\" value=\"note\">";
+ print "<table width='100%'><tr><td>";
+ print "<textarea dojoType=\"dijit.form.SimpleTextarea\"
+ style='font-size : 12px; width : 98%; height: 100px;'
+ placeHolder='body#ttrssMain { font-size : 14px; };'
+ name='note'>$note</textarea>";
+ print "</td></tr></table>";
- print "<table width='100%'><tr><td>";
- print "<textarea dojoType=\"dijit.form.SimpleTextarea\"
- style='font-size : 12px; width : 100%; height: 100px;'
- placeHolder='body#ttrssMain { font-size : 14px; };'
- name='note'>$note</textarea>";
- print "</td></tr></table>";
+ }
print "<div class='dlgButtons'>";
print "<button dojoType=\"dijit.form.Button\"
}
function setNote() {
- $id = db_escape_string($_REQUEST["id"]);
- $note = trim(strip_tags(db_escape_string($_REQUEST["note"])));
+ $id = $_REQUEST["id"];
+ $note = trim(strip_tags($_REQUEST["note"]));
- db_query($this->link, "UPDATE ttrss_user_entries SET note = '$note'
- WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
+ $sth = $this->pdo->prepare("UPDATE ttrss_user_entries SET note = ?
+ WHERE ref_id = ? AND owner_uid = ?");
+ $sth->execute([$note, $id, $_SESSION['uid']]);
- $formatted_note = format_article_note($id, $note);
+ $formatted_note = Article::format_article_note($id, $note);
print json_encode(array("note" => $formatted_note,
"raw_length" => mb_strlen($note)));
}
-}
-?>
+ function api_version() {
+ return 2;
+ }
+
+}
\ No newline at end of file
git.wh0rd.org / tt-rss.git / blobdiff