"; if ($subop == "editCat") { print "Edit category: - - "; + + "; } else { print " Selection: - - "; } @@ -2182,13 +2113,99 @@ $subop = $_GET["subop"]; $quiet = $_GET["quiet"]; + if ($subop == "edit") { + + $filter_id = db_escape_string($_GET["id"]); + + $result = db_query($link, + "SELECT * FROM ttrss_filters WHERE id = '$filter_id' AND owner_uid = " . $_SESSION["uid"]); + + $reg_exp = htmlspecialchars(db_unescape_string(db_fetch_result($result, 0, "reg_exp"))); + $filter_type = db_fetch_result($result, 0, "filter_type"); + $feed_id = db_fetch_result($result, 0, "feed_id"); + $action_id = db_fetch_result($result, 0, "action_id"); + + print "

"; + + print "

"; + + print ""; + print ""; + print ""; + +// print "

Note: filter will only apply to new articles.

"; + + $result = db_query($link, "SELECT id,description + FROM ttrss_filter_types ORDER BY description"); + + $filter_types = array(); + + while ($line = db_fetch_assoc($result)) { + //array_push($filter_types, $line["description"]); + $filter_types[$line["id"]] = $line["description"]; + } + + print ""; + + print " + "; + print ""; + + print ""; + + print "

Match:	"; + + print "	"; + + print_select_hash("filter_type", $filter_type, $filter_types, "class=\"iedit\""); + + print "
Feed:	"; + + print_feed_select($link, "feed_id", $feed_id); + + print "
Action:	"; + + print "

"; + + print "

"; + + print " "; + + print ""; + + print "

"; + + return; + } + + if ($subop == "editSave") { - $regexp = db_escape_string($_GET["r"]); - $match = db_escape_string($_GET["m"]); + $reg_exp = db_escape_string(trim($_GET["reg_exp"])); + $filter_type = db_escape_string(trim($_GET["filter_type"])); $filter_id = db_escape_string($_GET["id"]); - $feed_id = db_escape_string($_GET["fid"]); - $action_id = db_escape_string($_GET["aid"]); + $feed_id = db_escape_string($_GET["feed_id"]); + $action_id = db_escape_string($_GET["action_id"]); if (!$feed_id) { $feed_id = 'NULL'; @@ -2197,12 +2214,11 @@ } $result = db_query($link, "UPDATE ttrss_filters SET - reg_exp = '$regexp', - feed_id = $feed_id, - action_id = '$action_id', - filter_type = (SELECT id FROM ttrss_filter_types WHERE - description = '$match') - WHERE id = '$filter_id'"); + reg_exp = '$reg_exp', + feed_id = $feed_id, + action_id = '$action_id', + filter_type = '$filter_type' + WHERE id = '$filter_id' AND owner_uid = " . $_SESSION["uid"]); } if ($subop == "remove") { @@ -2212,7 +2228,7 @@ $ids = split(",", db_escape_string($_GET["ids"])); foreach ($ids as $id) { - db_query($link, "DELETE FROM ttrss_filters WHERE id = '$id'"); + db_query($link, "DELETE FROM ttrss_filters WHERE id = '$id' AND owner_uid = ". $_SESSION["uid"]); } } @@ -2222,10 +2238,10 @@ if (!WEB_DEMO_MODE) { - $regexp = db_escape_string(trim($_GET["regexp"])); - $match = db_escape_string(trim($_GET["match"])); - $feed_id = db_escape_string($_GET["fid"]); - $action_id = db_escape_string($_GET["aid"]); + $regexp = db_escape_string(trim($_GET["reg_exp"])); + $filter_type = db_escape_string(trim($_GET["filter_type"])); + $feed_id = db_escape_string($_GET["feed_id"]); + $action_id = db_escape_string($_GET["action_id"]); if (!$feed_id) { $feed_id = 'NULL'; @@ -2237,77 +2253,31 @@ "INSERT INTO ttrss_filters (reg_exp,filter_type,owner_uid,feed_id, action_id) VALUES - ('$regexp', (SELECT id FROM ttrss_filter_types WHERE - description = '$match'),'".$_SESSION["uid"]."', + ('$regexp', '$filter_type','".$_SESSION["uid"]."', $feed_id, '$action_id')"); } } if ($quiet) return; - print "

PLACEHOLDER

"; +// print "

PLACEHOLDER

"; - $result = db_query($link, "SELECT description + $result = db_query($link, "SELECT id,description FROM ttrss_filter_types ORDER BY description"); $filter_types = array(); while ($line = db_fetch_assoc($result)) { - array_push($filter_types, $line["description"]); - } - -/* print "

- "; - - print_select("fadd_match", "Title", $filter_types); - - print " "; - - print " Action: "; - - print " "; - -/* print " "; */ - -/* print ""; */ - print ""; -// print "

"; - $result = db_query($link, "SELECT ttrss_filters.id AS id,reg_exp, ttrss_filter_types.name AS filter_type_name, @@ -2326,15 +2296,15 @@ if (db_num_rows($result) != 0) { + print "

"; + print "

"; print " @@ -2362,93 +2332,26 @@ print ""; - $line["regexp"] = htmlspecialchars($line["reg_exp"]); + $line["reg_exp"] = htmlspecialchars(db_unescape_string($line["reg_exp"])); if (!$line["feed_title"]) $line["feed_title"] = "All feeds"; - - if (!$edit_filter_id || $subop != "edit") { - - print ""; - - print ""; - - print ""; - - print ""; - - print ""; - - } else if ($filter_id != $edit_filter_id) { - - if (!$line["description"]) $line["description"] = "[No description]"; - - print ""; - - print ""; - print ""; - print ""; - print ""; - } else { - - print ""; - - print ""; - - print ""; + print ""; - print ""; - - print ""; - $tmp_result = db_query($link, "SELECT id,description FROM ttrss_filter_actions - ORDER BY description"); - - while ($tmp_line = db_fetch_assoc($tmp_result)) { - if ($tmp_line["description"] == $line["action_description"]) { - $is_selected = "selected"; - } else { - $is_selected = ""; - } - printf("", - $tmp_line["id"], $tmp_line["description"]); - } + print ""; - print ""; - - print ""; - } + print ""; + + print ""; print ""; @@ -2460,25 +2363,19 @@ } print "
Select: - All, - None + All, + None "; print "
" . - $line["reg_exp"] . " " . - $line["feed_title"] . " " . - $line["filter_type_descr"] . " " . - $line["action_description"] . " ".$line["reg_exp"]." ".$line["feed_title"]." ".$line["filter_type_descr"]." ".$line["action_description"]." "; - print " "; - print_select("iedit_match", $line["filter_type_descr"], $filter_types); - print " "; - print " " . + $line["reg_exp"] . " " . + $line["feed_title"] . " " . + $line["filter_type_descr"] . " " . + $line["action_description"] . "
"; + + print "

"; - print "

"; + print "

"; - if ($subop == "edit") { - print "Edit filter: - - "; - - } else { - - print " + print " Selection: - - "; - } + + print "

"; } else { @@ -2501,8 +2398,8 @@ if ($subop == "test") { - $expr = $_GET["expr"]; - $descr = $_GET["descr"]; + $expr = trim($_GET["expr"]); + $descr = trim($_GET["descr"]); print "

Test label: $descr

"; @@ -2523,7 +2420,7 @@ if ($num_matches > 0) { - print "

Query returned $num_matches matches, first 5 follow:

"; + print "

Query returned $num_matches matches, showing first 15:

"; $result = db_query($link, "SELECT title, @@ -2532,11 +2429,16 @@ WHERE ($expr) AND ttrss_user_entries.ref_id = ttrss_entries.id AND owner_uid = " . $_SESSION["uid"] . " - ORDER BY date_entered DESC LIMIT 5"); + ORDER BY date_entered DESC LIMIT 15"); - print "

".$line["title"]. + $row_class = toggleEvenOdd($row_class); + + print "
".$line["title"]. " (".$line["feed_title"].")

- "; + "; print"

"; if ($subop == "edit") { print "Edit label: @@ -2708,13 +2618,12 @@ "; - } else { - + } else { print " Selection: - - "; } } else { @@ -2734,6 +2643,7 @@ print " Tiny Tiny RSS : Help + "; @@ -2772,64 +2682,36 @@ print "

"; + print "

"; + + print ""; + print ""; + print ""; + print ""; + "; if (get_pref($link, 'ENABLE_FEED_CATS')) { print ""; } - - print "

Feed URL:	-
Category:	"; - - $result = db_query($link, "SELECT title,id FROM ttrss_feed_categories - WHERE owner_uid = ".$_SESSION["uid"]." - ORDER BY title"); - - print ""; + print_feed_cat_select($link, "cat_id"); print "
-

"; - } - if ($id == "quickDelFeed") { - - $param = db_escape_string($param); - - $result = db_query($link, "SELECT title FROM ttrss_feeds WHERE id = '$param'"); - - if ($result) { + print ""; + print "

"; - $f_title = db_fetch_result($result, 0, "title"); - - print "Remove current feed ($f_title)? - + print "

"; - } else { - print "Error: Feed $param not found. + id=\"fadd_submit_btn\" disabled=\"true\" + type=\"submit\" onclick=\"javascript:qafAdd()\" value=\"Subscribe\"> "; - } + value=\"Cancel\">

"; + } if ($id == "search") { @@ -2837,105 +2719,139 @@ print "

"; print "

"; + print ""; + + print "

+ class=\"button\" onclick=\"javascript:search()\" + id=\"search_submit_btn\" disabled=\"true\" + value=\"Search\"> "; + type=\"submit\" onclick=\"javascript:searchCancel()\" + value=\"Cancel\">

"; + + print "

"; } if ($id == "quickAddFilter") { + $active_feed_id = db_escape_string($_GET["param"]); + print "

Create filter

"; print "

"; - $result = db_query($link, "SELECT description + print "

"; + + print ""; + print ""; + print ""; + +// print "

Note: filter will only apply to new articles.

"; + + $result = db_query($link, "SELECT id,description FROM ttrss_filter_types ORDER BY description"); $filter_types = array(); while ($line = db_fetch_assoc($result)) { - array_push($filter_types, $line["description"]); + //array_push($filter_types, $line["description"]); + $filter_types[$line["id"]] = $line["description"]; } print ""; - print " + "; - print ""; + print ""; print ""; - print "

Match:	"; - - print_select("fadd_match", "Title", $filter_types); + print "
Match:	"; + print "	"; + + print_select_hash("filter_type", 1, $filter_types, "class=\"iedit\""); print "
Feed:
Feed:	"; + + print_feed_select($link, "feed_id", $active_feed_id); + + print "
Action:		"; - - print "
"; - + + print "

"; + + print "

"; + print " "; + id=\"infobox_submit\" + class=\"button\" onclick=\"qaddFilter()\" + disabled=\"true\" value=\"Create\"> "; print ""; - print ""; + print "

"; + +// print ""; } @@ -3348,16 +3264,81 @@ $subop = $_GET["subop"]; + if ($subop == "edit") { + + $id = db_escape_string($_GET["id"]); + + print "

User editor

"; + + print "

"; + + print ""; + + print "

+ +

"; + + print "

"; + + return; + } + if ($subop == "editSave") { - if (!WEB_DEMO_MODE) { + if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) { - $login = db_escape_string($_GET["l"]); + $login = db_escape_string(trim($_GET["login"])); $uid = db_escape_string($_GET["id"]); - $access_level = sprintf("%d", $_GET["al"]); - $email = db_escape_string($_GET["e"]); + $access_level = sprintf("%d", $_GET["access_level"]); + $email = db_escape_string(trim($_GET["email"])); + $password = db_escape_string(trim($_GET["password"])); + + if ($password) { + $pwd_hash = 'SHA1:' . sha1($password); + $pass_query_part = "pwd_hash = '$pwd_hash', "; + print "

Changed password for user $login.

"; + } else { + $pass_query_part = ""; + } - db_query($link, "UPDATE ttrss_users SET login = '$login', + db_query($link, "UPDATE ttrss_users SET $pass_query_part login = '$login', access_level = '$access_level', email = '$email' WHERE id = '$uid'"); } @@ -3380,28 +3361,37 @@ $tmp_user_pwd = make_password(8); $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd); - db_query($link, "INSERT INTO ttrss_users - (login,pwd_hash,access_level,last_login) - VALUES ('$login', '$pwd_hash', 0, NOW())"); - - $result = db_query($link, "SELECT id FROM ttrss_users WHERE - login = '$login' AND pwd_hash = '$pwd_hash'"); - - if (db_num_rows($result) == 1) { + login = '$login'"); - $new_uid = db_fetch_result($result, 0, "id"); - - print "

Added user ".$_GET["login"]. - " with password $tmp_user_pwd.

"; - - initialize_user($link, $new_uid); + if (db_num_rows($result) == 0) { + db_query($link, "INSERT INTO ttrss_users + (login,pwd_hash,access_level,last_login) + VALUES ('$login', '$pwd_hash', 0, NOW())"); + + + $result = db_query($link, "SELECT id FROM ttrss_users WHERE + login = '$login' AND pwd_hash = '$pwd_hash'"); + + if (db_num_rows($result) == 1) { + + $new_uid = db_fetch_result($result, 0, "id"); + + print "

Added user ".$_GET["login"]. + " with password $tmp_user_pwd.

"; + + initialize_user($link, $new_uid); + + } else { + + print "

Could not create user ". + $_GET["login"]."

"; + + } } else { - - print "

Error while adding user ". - $_GET["login"].".

"; - + print "

User ". + $_GET["login"]." already exists.

"; } } } else if ($subop == "resetPass") { @@ -3445,10 +3435,13 @@ } print "

- "; + "; print"

"; + id=\"user_add_btn\" disabled=\"true\" + onclick=\"javascript:addUser()\" value=\"Create user\">

"; $result = db_query($link, "SELECT id,login,access_level,email, @@ -3457,25 +3450,22 @@ ttrss_users ORDER by login"); - print "

PLACEHOLDER

"; +// print "

PLACEHOLDER

"; print "

"; print " - - - - "; + + + "; $lnum = 0; @@ -3502,18 +3492,9 @@ $access_level_names = array(0 => "User", 10 => "Administrator"); -/* if ($uid == $_SESSION["uid"]) { - - print ""; +// if (!$edit_uid || $subop != "edit") { - print ""; - print ""; - print ""; - - } else */ if (!$edit_uid || $subop != "edit") { - - print ""; print ""; - print ""; - } else if ($uid != $edit_uid) { +/* } else if ($uid != $edit_uid) { if (!$line["email"]) $line["email"] = " "; @@ -3549,9 +3527,6 @@ print ""; -// print ""; - print ""; - } + } */ print ""; @@ -3577,29 +3552,29 @@ print "
Select: - All, - None + All, + None "; print "
Login E-mail Access Level Last login
Login Access Level Last login
".$line["login"]." ".$line["email"]." ".$line["access_level"]." " . @@ -3521,13 +3502,10 @@ if (!$line["email"]) $line["email"] = " "; - print " " . - $line["email"] . " " . $access_level_names[$line["access_level"]] . " "; print ""; print " ".$line["last_login"]."
"; - print "

"; + print "

"; - if ($subop == "edit") { +/* if ($subop == "edit") { print "Edit user: "; - } else { + } else { */ print " Selection: - - - - "; - } +// } } if ($op == "user-details") { @@ -3637,7 +3612,7 @@ $login = db_fetch_result($result, 0, "login"); - print "

$login

"; +# print "

$login

"; print ""; @@ -3647,7 +3622,7 @@ $stored_articles = db_fetch_result($result, 0, "stored_articles"); # print ""; - print ""; +# print ""; print ""; print ""; @@ -3712,113 +3687,6 @@ } - if ($op == "feed-details") { - -// $feed_id = $_GET["id"]; - - $feed_ids = split(",", db_escape_string($_GET["id"])); - - print "

Feed details

"; - print "

"; - - foreach ($feed_ids as $feed_id) { - - $result = db_query($link, - "SELECT - title,feed_url, - SUBSTRING(last_updated,1,16) as last_updated, - icon_url,site_url, - (SELECT COUNT(int_id) FROM ttrss_user_entries - WHERE feed_id = id) AS total, - (SELECT COUNT(int_id) FROM ttrss_user_entries - WHERE feed_id = id AND unread = true) AS unread, - (SELECT COUNT(int_id) FROM ttrss_user_entries - WHERE feed_id = id AND marked = true) AS marked - FROM ttrss_feeds - WHERE id = '$feed_id' AND owner_uid = ".$_SESSION["uid"]); - - if (db_num_rows($result) == 0) return; - - $title = db_unescape_string(db_fetch_result($result, 0, "title")); - $last_updated = date(get_pref($link, 'LONG_DATE_FORMAT'), - strtotime(db_fetch_result($result, 0, "last_updated"))); - $feed_url = db_fetch_result($result, 0, "feed_url"); - $icon_url = db_fetch_result($result, 0, "icon_url"); - $total = db_fetch_result($result, 0, "total"); - $unread = db_fetch_result($result, 0, "unread"); - $marked = db_fetch_result($result, 0, "marked"); - $site_url = db_fetch_result($result, 0, "site_url"); - - $result = db_query($link, "SELECT COUNT(id) AS subscribed - FROM ttrss_feeds WHERE feed_url = '$feed_url' AND private = false"); - - $subscribed = db_fetch_result($result, 0, "subscribed"); - - $icon_file = ICONS_DIR . "/$feed_id.ico"; - - if (file_exists($icon_file) && filesize($icon_file) > 0) { - $feed_icon = "

"; - } else { - $feed_icon = ""; - } - - print "

$feed_icon $title

"; - - print "

Username	$login
Access level	$access_level
Access level	$access_level
Last logged in	$last_login
Stored articles	$stored_articles

"; - - if ($site_url) { - print " - - "; - } else { - print " - "; - } - print ""; - print ""; - print ""; - print ""; - print ""; - - print "

Link	$site_url - (feed)
Feed URL	$feed_url
Last updated	$last_updated
Total articles	$total
Unread articles	$unread
Starred articles	$marked
Subscribed users	$subscribed

"; - -/* $result = db_query($link, "SELECT title, - SUBSTRING(updated,1,16) AS updated,unread - FROM ttrss_entries,ttrss_user_entries - WHERE ref_id = id AND feed_id = '$feed_id' - ORDER BY date_entered DESC LIMIT 5"); - - if (db_num_rows($result) > 0) { - - print "

Latest headlines

"; - - print "

" . $line["title"] . "

" . $line["title"]. - " (" . - date(get_pref($link, 'SHORT_DATE_FORMAT'), - strtotime($line["updated"])). - ")

"; - - } */ - } - - print "

This panel shows feeds subscribed by other users of this system, just in case you are interested in some of them too.

Select: - All, - None + All, + None "; print "
		" . $edit_title . "		$edit_title		"; + + print ""; + print ""; + print ""; + + print "

Search:	"; - - print " -
Where:	- +
Where:	"; + + print "
Match on:	"; -
+ $search_fields = array( + "title" => "Title", + "content" => "Content", + "both" => "Title or content"); + + print_select_hash("match_on", 3, $search_fields); + + print "

Login:	+
Change password:	+
E-mail:	+
Access level:	"; + print_select_hash("access_level", $access_level, $access_level_names, + $sel_disabled); + print "

Edit Categories

Categories

$login

$login

$feed_icon $title

Latest headlines

Select: - All, - None + All, + None "; print "
	Login	E-mail	Access Level	Last login
Login	Access Level	Last login
	".$line["login"]."	".$line["email"]."	".$line["access_level"]."		" . @@ -3521,13 +3502,10 @@ if (!$line["email"]) $line["email"] = " "; - print "	" . - $line["email"] . "	" . $access_level_names[$line["access_level"]] . "	"; print ""; print "	".$line["last_login"]."