X-Git-Url: https://git.wh0rd.org/?a=blobdiff_plain;f=backend.php;h=c2efc73d6f0e43a63f72dcb676334e8663590482;hb=11adc49e719c87e79d9cc04c33b76351a4992a05;hp=656dcbf9c2155ee4618ddd3a4755d3702886844e;hpb=1df0f48b2147c3cbc71dc2085de76f5a4432fb6d;p=tt-rss.git diff --git a/backend.php b/backend.php index 656dcbf9..6b93d1b3 100644 --- a/backend.php +++ b/backend.php @@ -1,106 +1,118 @@ -

Error: Not logged in.

- - - "; - } - exit; + if (SINGLE_USER_MODE) { + authenticate_user($link, "admin", null); + } + + if (!($_SESSION["uid"] && validate_session($link)) && $op != "globalUpdateFeeds" && + $op != "rss" && $op != "getUnread" && $op != "getProfiles" && + $op != "fbexport" && $op != "logout" && $op != "pubsub") { + + header("Content-Type: text/plain"); + print json_encode(array("error" => array("code" => 6))); + return; } $purge_intervals = array( - 0 => _("Use default"), - -1 => _("Never purge"), - 5 => _("1 week old"), - 14 => _("2 weeks old"), - 31 => _("1 month old"), - 60 => _("2 months old"), - 90 => _("3 months old")); + 0 => __("Use default"), + -1 => __("Never purge"), + 5 => __("1 week old"), + 14 => __("2 weeks old"), + 31 => __("1 month old"), + 60 => __("2 months old"), + 90 => __("3 months old")); $update_intervals = array( - 0 => _("Use default"), - -1 => _("Disable updates"), - 30 => _("Each 30 minutes"), - 60 => _("Hourly"), - 240 => _("Each 4 hours"), - 720 => _("Each 12 hours"), - 1440 => _("Daily"), - 10080 => _("Weekly")); - + 0 => __("Default interval"), + -1 => __("Disable updates"), + 15 => __("Each 15 minutes"), + 30 => __("Each 30 minutes"), + 60 => __("Hourly"), + 240 => __("Each 4 hours"), + 720 => __("Each 12 hours"), + 1440 => __("Daily"), + 10080 => __("Weekly")); + + $update_intervals_nodefault = array( + -1 => __("Disable updates"), + 15 => __("Each 15 minutes"), + 30 => __("Each 30 minutes"), + 60 => __("Hourly"), + 240 => __("Each 4 hours"), + 720 => __("Each 12 hours"), + 1440 => __("Daily"), + 10080 => __("Weekly")); + + $update_methods = array( + 0 => __("Default"), + 1 => __("Magpie"), + 2 => __("SimplePie"), + 3 => __("Twitter OAuth")); + + if (DEFAULT_UPDATE_METHOD == "1") { + $update_methods[0] .= ' (SimplePie)'; + } else { + $update_methods[0] .= ' (Magpie)'; + } $access_level_names = array( - 0 => _("User"), - 10 => _("Administrator")); + 0 => __("User"), + 5 => __("Power User"), + 10 => __("Administrator")); require_once "modules/pref-prefs.php"; require_once "modules/popup-dialog.php"; @@ -109,769 +121,505 @@ require_once "modules/pref-filters.php"; require_once "modules/pref-labels.php"; require_once "modules/pref-users.php"; - require_once "modules/pref-feed-browser.php"; - - - if (!sanity_check($link)) { return; } + require_once "modules/pref-instances.php"; - if ($op == "rpc") { - handle_rpc_request($link); - } - - if ($op == "feeds") { - - $tags = $_GET["tags"]; - - $subop = $_GET["subop"]; - - if ($subop == "catchupAll") { - db_query($link, "UPDATE ttrss_user_entries SET - last_read = NOW(),unread = false WHERE owner_uid = " . $_SESSION["uid"]); - } - - if ($subop == "collapse") { - $cat_id = db_escape_string($_GET["cid"]); - - db_query($link, "UPDATE ttrss_feed_categories SET - collapsed = NOT collapsed WHERE id = '$cat_id' AND owner_uid = " . - $_SESSION["uid"]); - return; - } - - outputFeedList($link, $tags); + $error = sanity_check($link); + if ($error['code'] != 0 && $op != "logout") { + print json_encode(array("error" => $error)); + return; } - if ($op == "view") { - - $id = db_escape_string($_GET["id"]); - $feed_id = db_escape_string($_GET["feed"]); - - $result = db_query($link, "SELECT rtl_content FROM ttrss_feeds - WHERE id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]); - - if (db_num_rows($result) == 1) { - $rtl_content = sql_bool_to_bool(db_fetch_result($result, 0, "rtl_content")); - } else { - $rtl_content = false; - } - - if ($rtl_content) { - $rtl_tag = "dir=\"RTL\""; - $rtl_class = "RTL"; - } else { - $rtl_tag = ""; - $rtl_class = ""; - } - - $result = db_query($link, "UPDATE ttrss_user_entries - SET unread = false,last_read = NOW() - WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]); - - $result = db_query($link, "SELECT title,link,content,feed_id,comments,int_id, - SUBSTRING(updated,1,16) as updated, - (SELECT icon_url FROM ttrss_feeds WHERE id = feed_id) as icon_url, - num_comments, - author - FROM ttrss_entries,ttrss_user_entries - WHERE id = '$id' AND ref_id = id AND owner_uid = " . $_SESSION["uid"]); - - if ($result) { - - $link_target = ""; - - if (get_pref($link, 'OPEN_LINKS_IN_NEW_WINDOW')) { - $link_target = "target=\"_new\""; + switch($op) { // Select action according to $op value. + case "rpc": + // Handle remote procedure calls. + handle_rpc_request($link); + break; // rpc + + case "feeds": + $subop = $_REQUEST["subop"]; + $root = (bool)$_REQUEST["root"]; + + switch($subop) { + case "catchupAll": + db_query($link, "UPDATE ttrss_user_entries SET + last_read = NOW(),unread = false WHERE owner_uid = " . $_SESSION["uid"]); + ccache_zero_all($link, $_SESSION["uid"]); + + break; + + case "collapse": + $cat_id = db_escape_string($_REQUEST["cid"]); + $mode = (int) db_escape_string($_REQUEST['mode']); + toggle_collapse_cat($link, $cat_id, $mode); + return; + break; } - $line = db_fetch_assoc($result); - - if ($line["icon_url"]) { - $feed_icon = ""; + if (!$root) { + print json_encode(outputFeedList($link)); } else { - $feed_icon = " "; - } -/* if ($line["comments"] && $line["link"] != $line["comments"]) { - $entry_comments = "(Comments)"; - } else { - $entry_comments = ""; - } */ + $feeds = outputFeedList($link, false); - $num_comments = $line["num_comments"]; - $entry_comments = ""; + $root = array(); + $root['id'] = 'root'; + $root['name'] = __('Feeds'); + $root['items'] = $feeds['items']; - if ($num_comments > 0) { - if ($line["comments"]) { - $comments_url = $line["comments"]; - } else { - $comments_url = $line["link"]; - } - $entry_comments = "$num_comments comments"; - } else { - if ($line["comments"] && $line["link"] != $line["comments"]) { - $entry_comments = "comments"; - } + $fl = array(); + $fl['identifier'] = 'id'; + $fl['label'] = 'name'; + $fl['items'] = array($root); + + print json_encode($fl); } - print "
"; + break; // feeds - print "
"; + case "la": + $id = db_escape_string($_REQUEST['id']); - $entry_author = $line["author"]; + $result = db_query($link, "SELECT link FROM ttrss_entries, ttrss_user_entries + WHERE id = '$id' AND id = ref_id AND owner_uid = '".$_SESSION['uid']."' + LIMIT 1"); - if ($entry_author) { - $entry_author = _(" - by ") . $entry_author; - } + if (db_num_rows($result) == 1) { + $article_url = db_fetch_result($result, 0, 'link'); + $article_url = str_replace("\n", "", $article_url); - $parsed_updated = date(get_pref($link, 'LONG_DATE_FORMAT'), - strtotime($line["updated"])); - - print "
$parsed_updated
"; + header("Location: $article_url"); + return; - if ($line["link"]) { - print "
" . - $line["title"] . "$entry_author
"; } else { - print "
" . $line["title"] . "$entry_author
"; + print_error(__("Article not found.")); } + break; - $tmp_result = db_query($link, "SELECT DISTINCT tag_name FROM - ttrss_tags WHERE post_int_id = " . $line["int_id"] . " - ORDER BY tag_name"); - - $tags_str = ""; - $f_tags_str = ""; - - $num_tags = 0; - - while ($tmp_line = db_fetch_assoc($tmp_result)) { - $num_tags++; - $tag = $tmp_line["tag_name"]; - $tag_str = "$tag, "; - - if ($num_tags == 6) { - $tags_str .= "..."; - } else if ($num_tags < 6) { - $tags_str .= $tag_str; - } - $f_tags_str .= $tag_str; - } + case "view": - $tags_str = preg_replace("/, $/", "", $tags_str); - $f_tags_str = preg_replace("/, $/", "", $f_tags_str); + $id = db_escape_string($_REQUEST["id"]); + $cids = split(",", db_escape_string($_REQUEST["cids"])); + $mode = db_escape_string($_REQUEST["mode"]); + $omode = db_escape_string($_REQUEST["omode"]); - if (!$entry_comments) $entry_comments = " "; # placeholder + // in prefetch mode we only output requested cids, main article + // just gets marked as read (it already exists in client cache) - if (!$tags_str) $tags_str = ''._('no tags').''; + $articles = array(); - print "
$tags_str - (+)
-
$entry_comments
"; - - print "
"; + if ($mode == "") { + array_push($articles, format_article($link, $id, false)); + } else if ($mode == "zoom") { + array_push($articles, format_article($link, $id, false, true, true)); + } else if ($mode == "raw") { + if ($_REQUEST['html']) { + header("Content-Type: text/html"); + print ''; + } - print "
" . $feed_icon . "
"; - print "
"; - - if (db_num_rows($tmp_result) > 0) { - print "
"._('Tags:')."$f_tags_str
"; + $article = format_article($link, $id, false); + print $article['content']; + return; + } else { + catchupArticleById($link, $id, 0); } - if (get_pref($link, 'OPEN_LINKS_IN_NEW_WINDOW')) { - $line["content"] = preg_replace("/href=/i", "target=\"_new\" href=", $line["content"]); + if (!$_SESSION["bw_limit"]) { + foreach ($cids as $cid) { + if ($cid) { + array_push($articles, format_article($link, $cid, false, false)); + } + } } - $line["content"] = sanitize_rss($line["content"]); - - print $line["content"] . "
"; - - print "
"; + print json_encode($articles); - } - } + break; // view - if ($op == "viewfeed") { + case "viewfeed": - $feed = db_escape_string($_GET["feed"]); - $subop = db_escape_string($_GET["subop"]); - $view_mode = db_escape_string($_GET["view_mode"]); - $limit = db_escape_string($_GET["limit"]); - $cat_view = db_escape_string($_GET["cat"]); - $next_unread_feed = db_escape_string($_GET["nuf"]); - $offset = db_escape_string($_GET["skip"]); + $timing_info = getmicrotime(); - if (!$offset) $offset = 0; + $reply = array(); - if ($subop == "undefined") $subop = ""; + if ($_REQUEST["debug"]) $timing_info = print_checkpoint("0", $timing_info); - if ($subop == "CatchupSelected") { - $ids = split(",", db_escape_string($_GET["ids"])); - $cmode = sprintf("%d", $_GET["cmode"]); + $omode = db_escape_string($_REQUEST["omode"]); - catchupArticlesById($link, $ids, $cmode); - } + $feed = db_escape_string($_REQUEST["feed"]); + $subop = db_escape_string($_REQUEST["subop"]); + $view_mode = db_escape_string($_REQUEST["view_mode"]); + $limit = (int) get_pref($link, "DEFAULT_ARTICLE_LIMIT"); + @$cat_view = db_escape_string($_REQUEST["cat"]); + @$next_unread_feed = db_escape_string($_REQUEST["nuf"]); + @$offset = db_escape_string($_REQUEST["skip"]); + @$vgroup_last_feed = db_escape_string($_REQUEST["vgrlf"]); + $order_by = db_escape_string($_REQUEST["order_by"]); - if ($subop == "ForceUpdate" && sprintf("%d", $feed) > 0) { - update_generic_feed($link, $feed, $cat_view); - } - - if ($subop == "MarkAllRead") { - catchup_feed($link, $feed, $cat_view); - - if (get_pref($link, 'ON_CATCHUP_SHOW_NEXT_FEED')) { - if ($next_unread_feed) { - $feed = $next_unread_feed; - } - } - } + /* Feed -5 is a special case: it is used to display auxiliary information + * when there's nothing to load - e.g. no stuff in fresh feed */ - if ($feed_id > 0) { - $result = db_query($link, - "SELECT id FROM ttrss_feeds WHERE id = '$feed' LIMIT 1"); - - if (db_num_rows($result) == 0) { - print "
"._('Feed not found.')."
"; + if ($feed == -5) { + print json_encode(generate_dashboard_feed($link)); return; } - } - - if (preg_match("/^-?[0-9][0-9]*$/", $feed) != false) { - - $result = db_query($link, "SELECT rtl_content FROM ttrss_feeds - WHERE id = '$feed' AND owner_uid = " . $_SESSION["uid"]); - if (db_num_rows($result) == 1) { - $rtl_content = sql_bool_to_bool(db_fetch_result($result, 0, "rtl_content")); - } else { - $rtl_content = false; - } - - if ($rtl_content) { - $rtl_tag = "dir=\"RTL\""; - } else { - $rtl_tag = ""; + $result = false; + + if ($feed < -10) { + $label_feed = -11-$feed; + $result = db_query($link, "SELECT id FROM ttrss_labels2 WHERE + id = '$label_feed' AND owner_uid = " . $_SESSION['uid']); + } else if (!$cat_view && $feed > 0) { + $result = db_query($link, "SELECT id FROM ttrss_feeds WHERE + id = '$feed' AND owner_uid = " . $_SESSION['uid']); + } else if ($cat_view && $feed > 0) { + $result = db_query($link, "SELECT id FROM ttrss_feed_categories WHERE + id = '$feed' AND owner_uid = " . $_SESSION['uid']); } - } else { - $rtl_tag = ""; - $rtl_content = false; - } - $script_dt_add = get_script_dt_add(); - -/* print " - - - - - - "; */ - /// START ///////////////////////////////////////////////////////////////////////////////// + /* Updating a label ccache means recalculating all of the caches + * so for performance reasons we don't do that here */ - $search = db_escape_string($_GET["query"]); - $search_mode = db_escape_string($_GET["search_mode"]); - $match_on = db_escape_string($_GET["match_on"]); - - if (!$match_on) { - $match_on = "both"; - } - - $real_offset = $offset * $limit; - - $qfh_ret = queryFeedHeadlines($link, $feed, $limit, $view_mode, $cat_view, - $search, $search_mode, $match_on, false, $real_offset); - - $result = $qfh_ret[0]; - $feed_title = $qfh_ret[1]; - $feed_site_url = $qfh_ret[2]; - $last_error = $qfh_ret[3]; - - /// STOP ////////////////////////////////////////////////////////////////////////////////// - - print "
"; - - if (!$result) { - print "
"._("Could not display feed (query failed). Please check label match syntax or local configuration.")."
"; - return; - } - - print_headline_subtoolbar($link, $feed_site_url, $feed_title, false, - $rtl_content, $feed, $cat_view, $search, $match_on, $search_mode, - $offset, $limit); - - print "
"; - - if (db_num_rows($result) > 0) { - -# print "\{$offset}"; - - if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) { - print ""; + if ($feed >= 0) { + ccache_update($link, $feed, $_SESSION["uid"], $cat_view); } - $lnum = 0; - - error_reporting (DEFAULT_ERROR_LEVEL); - - $num_unread = 0; - - while ($line = db_fetch_assoc($result)) { - - $class = ($lnum % 2) ? "even" : "odd"; - - $id = $line["id"]; - $feed_id = $line["feed_id"]; - - if ($line["last_read"] == "" && - ($line["unread"] != "t" && $line["unread"] != "1")) { - - $update_pic = "\"Updated\""; - } else { - $update_pic = "\"Updated\""; - } - - if ($line["unread"] == "t" || $line["unread"] == "1") { - $class .= "Unread"; - ++$num_unread; - $is_unread = true; - } else { - $is_unread = false; - } - - if ($line["marked"] == "t" || $line["marked"] == "1") { - $marked_pic = "\"Reset"; - } else { - $marked_pic = "\"Set"; - } + set_pref($link, "_DEFAULT_VIEW_MODE", $view_mode); + set_pref($link, "_DEFAULT_VIEW_LIMIT", $limit); + set_pref($link, "_DEFAULT_VIEW_ORDER_BY", $order_by); -# $content_link = "" . -# $line["title"] . ""; - - $content_link = "" . - $line["title"] . ""; + if (!$cat_view && preg_match("/^[0-9][0-9]*$/", $feed)) { + db_query($link, "UPDATE ttrss_feeds SET last_viewed = NOW() + WHERE id = '$feed' AND owner_uid = ".$_SESSION["uid"]); + } -# $content_link = "" . -# $line["title"] . ""; + $reply['headlines'] = array(); - if (get_pref($link, 'HEADLINES_SMART_DATE')) { - $updated_fmt = smart_date_time(strtotime($line["updated"])); - } else { - $short_date = get_pref($link, 'SHORT_DATE_FORMAT'); - $updated_fmt = date($short_date, strtotime($line["updated"])); - } + if (!$next_unread_feed) + $reply['headlines']['id'] = $feed; + else + $reply['headlines']['id'] = $next_unread_feed; - if (get_pref($link, 'SHOW_CONTENT_PREVIEW')) { - $content_preview = truncate_string(strip_tags($line["content_preview"]), - 100); - } + $reply['headlines']['is_cat'] = (bool) $cat_view; - $entry_author = $line["author"]; + $override_order = false; - if ($entry_author) { - $entry_author = " - by $entry_author"; - } + if (get_pref($link, "SORT_HEADLINES_BY_FEED_DATE", $owner_uid)) { + $date_sort_field = "updated"; + } else { + $date_sort_field = "date_entered"; + } - if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) { - - print ""; - - print ""; - - print ""; - - print ""; - - if ($line["feed_title"]) { - print ""; - print ""; - } else { - print ""; - } - - print ""; - - print ""; - - } else { - - if ($is_unread) { - $add_class = "Unread"; + switch ($order_by) { + case "date": + if (get_pref($link, 'REVERSE_HEADLINES', $owner_uid)) { + $override_order = "$date_sort_field"; } else { - $add_class = ""; - } - - print "
"; - - print "
"; - - print "
$updated_fmt
"; - - print "".$line["title"].""; - - print $entry_author; - - if ($line["feed_title"]) { - print " (".$line["feed_title"].")"; + $override_order = "$date_sort_field DESC"; } + break; - print "
"; + case "title": + if (get_pref($link, 'REVERSE_HEADLINES', $owner_uid)) { + $override_order = "title DESC, $date_sort_field"; + } else { + $override_order = "title, $date_sort_field DESC"; + } + break; - print "
" . $line["content_preview"] . "

"; + case "score": + if (get_pref($link, 'REVERSE_HEADLINES', $owner_uid)) { + $override_order = "score, $date_sort_field"; + } else { + $override_order = "score DESC, $date_sort_field DESC"; + } + break; + } - print "
"; + if ($_REQUEST["debug"]) $timing_info = print_checkpoint("04", $timing_info); - print "$marked_pic"; + $ret = format_headlines_list($link, $feed, $subop, + $view_mode, $limit, $cat_view, $next_unread_feed, $offset, + $vgroup_last_feed, $override_order); - print ""; + $topmost_article_ids = $ret[0]; + $headlines_count = $ret[1]; + $returned_feed = $ret[2]; + $disable_cache = $ret[3]; + $vgroup_last_feed = $ret[4]; - $tags = get_article_tags($link, $id); + $reply['headlines']['content'] = $ret[5]; + $reply['headlines']['toolbar'] = $ret[6]; - $tags_str = ""; + if ($_REQUEST["debug"]) $timing_info = print_checkpoint("05", $timing_info); - foreach ($tags as $tag) { - $num_tags++; - $tags_str .= "$tag, "; - } + $headlines_unread = ccache_find($link, $returned_feed, $_SESSION["uid"], + $cat_view, true); - $tags_str = preg_replace("/, $/", "", $tags_str); + if ($headlines_unread == -1) { + $headlines_unread = getFeedUnread($link, $returned_feed, $cat_view); + } - if ($tags_str == "") $tags_str = "no tags"; - - print " $tags_str (+)"; + $reply['headlines-info'] = array("count" => (int) $headlines_count, + "vgroup_last_feed" => $vgroup_last_feed, + "unread" => (int) $headlines_unread, + "disable_cache" => (bool) $disable_cache); - print "
"; + if ($_REQUEST["debug"]) $timing_info = print_checkpoint("20", $timing_info); -# print "
-# Toggle unread
"; + if (is_array($topmost_article_ids) && !get_pref($link, 'COMBINED_DISPLAY_MODE') && !$_SESSION["bw_limit"]) { + $articles = array(); - print "
"; + foreach ($topmost_article_ids as $id) { + array_push($articles, format_article($link, $id, $feed, false)); + } - } - - ++$lnum; + $reply['articles'] = $articles; } - if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) { - print "
$update_pic - - $marked_pic$content_link - ". - $line["feed_title"]." "; - - print "" . - $line["title"]; - - if (get_pref($link, 'SHOW_CONTENT_PREVIEW')) { - if ($content_preview) { - print " - $content_preview"; - } - } - - print ""; - print "$updated_fmt 
"; + if ($subop) { + $reply['counters'] = getAllCounters($link, $omode, $feed); } -// print_headline_subtoolbar($link, -// "javascript:catchupPage()", "Mark page as read", true, $rtl_content); + if ($_REQUEST["debug"]) $timing_info = print_checkpoint("30", $timing_info); + $reply['runtime-info'] = make_runtime_info($link); - } else { - print "
"._('No articles found.')."
"; - } + print json_encode($reply); - print "
"; + break; // viewfeed - print "
"; - } + case "pref-feeds": + module_pref_feeds($link); + break; // pref-feeds - if ($op == "pref-feeds") { - module_pref_feeds($link); - } + case "pref-filters": + module_pref_filters($link); + break; // pref-filters - if ($op == "pref-filters") { - module_pref_filters($link); - } + case "pref-labels": + module_pref_labels($link); + break; // pref-labels - if ($op == "pref-labels") { - module_pref_labels($link); - } + case "pref-prefs": + module_pref_prefs($link); + break; // pref-prefs - if ($op == "pref-prefs") { - module_pref_prefs($link); - } + case "pref-users": + module_pref_users($link); + break; // prefs-users - if ($op == "pref-users") { - module_pref_users($link); - } + case "help": + module_help($link); + break; // help - if ($op == "help") { - module_help($link); - } + case "dlg": + module_popup_dialog($link); + break; // dlg - if ($op == "dlg") { - module_popup_dialog($link); - } + case "pref-pub-items": + module_pref_pub_items($link); + break; // pref-pub-items - // update feeds of all users, may be used anonymously - if ($op == "globalUpdateFeeds") { + case "globalUpdateFeeds": + // Update all feeds needing a update. + update_daemon_common($link, 0, true, true); + break; // globalUpdateFeeds - $result = db_query($link, "SELECT id FROM ttrss_users"); + case "pref-feed-browser": + module_pref_feed_browser($link); + break; // pref-feed-browser - while ($line = db_fetch_assoc($result)) { - $user_id = $line["id"]; -// print ""; - update_all_feeds($link, false, $user_id); - } + case "pref-instances": + module_pref_instances($link); + break; // pref-instances - print " - - "; + case "rss": + $feed = db_escape_string($_REQUEST["id"]); + $key = db_escape_string($_REQUEST["key"]); + $is_cat = $_REQUEST["is_cat"] != false; + $limit = (int)db_escape_string($_REQUEST["limit"]); - } - - if ($op == "user-details") { - - if (WEB_DEMO_MODE || $_SESSION["access_level"] < 10) { - return; - } - -/* print " - Tiny Tiny RSS : User Details - - - "; */ - - $uid = sprintf("%d", $_GET["id"]); - - print "
User details
"; - - print "
"; - - $result = db_query($link, "SELECT login, - SUBSTRING(last_login,1,16) AS last_login, - access_level, - (SELECT COUNT(int_id) FROM ttrss_user_entries - WHERE owner_uid = id) AS stored_articles - FROM ttrss_users - WHERE id = '$uid'"); - - if (db_num_rows($result) == 0) { - print "

User not found

"; - return; - } - -# print "

User Details

"; - - $login = db_fetch_result($result, 0, "login"); + $search = db_escape_string($_REQUEST["q"]); + $match_on = db_escape_string($_REQUEST["m"]); + $search_mode = db_escape_string($_REQUEST["smode"]); + $view_mode = db_escape_string($_REQUEST["view-mode"]); -# print "

$login

"; - - print ""; + if (SINGLE_USER_MODE) { + authenticate_user($link, "admin", null); + } - $last_login = date(get_pref($link, 'LONG_DATE_FORMAT'), - strtotime(db_fetch_result($result, 0, "last_login"))); - $access_level = db_fetch_result($result, 0, "access_level"); - $stored_articles = db_fetch_result($result, 0, "stored_articles"); + $owner_id = false; -# print ""; -# print ""; - print ""; - print ""; + if ($key) { + $result = db_query($link, "SELECT owner_uid FROM + ttrss_access_keys WHERE access_key = '$key' AND feed_id = '$feed'"); - $result = db_query($link, "SELECT COUNT(id) as num_feeds FROM ttrss_feeds - WHERE owner_uid = '$uid'"); + if (db_num_rows($result) == 1) + $owner_id = db_fetch_result($result, 0, "owner_uid"); + } - $num_feeds = db_fetch_result($result, 0, "num_feeds"); + if ($owner_id) { + $_SESSION['uid'] = $owner_id; - print ""; + generate_syndicated_feed($link, 0, $feed, $is_cat, $limit, + $search, $search_mode, $match_on, $view_mode); + } else { + header('HTTP/1.1 403 Forbidden'); + } + break; // rss -/* $result = db_query($link, "SELECT - SUM(LENGTH(content)+LENGTH(title)+LENGTH(link)+LENGTH(guid)) AS db_size - FROM ttrss_user_entries,ttrss_entries - WHERE owner_uid = '$uid' AND ref_id = id"); + case "getUnread": + $login = db_escape_string($_REQUEST["login"]); + $fresh = $_REQUEST["fresh"] == "1"; - $db_size = round(db_fetch_result($result, 0, "db_size") / 1024); + $result = db_query($link, "SELECT id FROM ttrss_users WHERE login = '$login'"); - print ""; */ + if (db_num_rows($result) == 1) { + $uid = db_fetch_result($result, 0, "id"); - print "
Username$login
Access level$access_level
Last logged in$last_login
Stored articles$stored_articles
Subscribed feeds count$num_feeds
Approx. used DB size$db_size KBytes
"; + print getGlobalUnread($link, $uid); - print "

Subscribed feeds

"; + if ($fresh) { + print ";"; + print getFeedArticles($link, -3, false, true, $uid); + } - $result = db_query($link, "SELECT id,title,site_url FROM ttrss_feeds - WHERE owner_uid = '$uid' ORDER BY title"); + } else { + print "-1;User not found"; + } - print "
"; + print ""; -// print ""; + $_SESSION = array(); + } + break; // getprofiles - } + case "pubsub": + $mode = db_escape_string($_REQUEST['hub_mode']); + $feed_id = db_escape_string($_REQUEST['id']); + $feed_url = db_escape_string($_REQUEST['hub_topic']); - if ($op == "pref-feed-browser") { - module_pref_feed_browser($link); - } + // TODO: implement hub_verifytoken checking - if ($op == "rss") { - $feed = db_escape_string($_GET["id"]); - $user = db_escape_string($_GET["user"]); - $pass = db_escape_string($_GET["pass"]); - $is_cat = $_GET["is_cat"] != false; + $result = db_query($link, "SELECT feed_url FROM ttrss_feeds + WHERE id = '$feed_id'"); - $search = db_escape_string($_GET["q"]); - $match_on = db_escape_string($_GET["m"]); - $search_mode = db_escape_string($_GET["smode"]); + $check_feed_url = db_fetch_result($result, 0, "feed_url"); - if (!$_SESSION["uid"] && $user && $pass) { - authenticate_user($link, $user, $pass); - } + if ($check_feed_url && ($check_feed_url == $feed_url || !$feed_url)) { + if ($mode == "subscribe") { - if ($_SESSION["uid"] || - http_authenticate_user($link)) { + db_query($link, "UPDATE ttrss_feeds SET pubsub_state = 2 + WHERE id = '$feed_id'"); - generate_syndicated_feed($link, $feed, $is_cat, - $search, $search_mode, $match_on); - } - } + print $_REQUEST['hub_challenge']; + return; - if ($op == "labelFromSearch") { - $search = db_escape_string($_GET["search"]); - $search_mode = db_escape_string($_GET["smode"]); - $match_on = db_escape_string($_GET["match"]); - $is_cat = db_escape_string($_GET["is_cat"]); - $title = db_escape_string($_GET["title"]); - $feed = sprintf("%d", $_GET["feed"]); + } else if ($mode == "unsubscribe") { - $label_qparts = array(); + db_query($link, "UPDATE ttrss_feeds SET pubsub_state = 0 + WHERE id = '$feed_id'"); - $search_expr = getSearchSql($search, $match_on); + print $_REQUEST['hub_challenge']; + return; - if ($is_cat) { - if ($feed != 0) { - $search_expr .= " AND ttrss_feeds.cat_id = $feed "; - } else { - $search_expr .= " AND ttrss_feeds.cat_id IS NULL "; - } - } else { - if ($search_mode == "all_feeds") { - // NOOP - } else if ($search_mode == "this_cat") { + } else if (!$mode) { - $tmp_result = db_query($link, "SELECT cat_id - FROM ttrss_feeds WHERE id = '$feed'"); + // Received update ping, schedule feed update. - $cat_id = db_fetch_result($tmp_result, 0, "cat_id"); + update_rss_feed($link, $feed_id, true, true); - if ($cat_id > 0) { - $search_expr .= " AND ttrss_feeds.cat_id = $cat_id "; - } else { - $search_expr .= " AND ttrss_feeds.cat_id IS NULL "; } } else { - $search_expr .= " AND ttrss_feeds.id = $feed "; + header('HTTP/1.0 404 Not Found'); } - } + break; // pubsub - $search_expr = db_escape_string($search_expr); + case "logout": + logout_user(); + header("Location: tt-rss.php"); + break; // logout - print $search_expr; + case "fbexport": - if ($title) { - $result = db_query($link, - "INSERT INTO ttrss_labels (sql_exp,description,owner_uid) - VALUES ('$search_expr', '$title', '".$_SESSION["uid"]."')"); - } - } + $access_key = db_escape_string($_POST["key"]); - if ($op == "getUnread") { - $login = db_escape_string($_GET["login"]); + // TODO: rate limit checking using last_connected + $result = db_query($link, "SELECT id FROM ttrss_linked_instances + WHERE access_key = '$access_key'"); - header("Content-Type: text/plain; charset=utf-8"); + if (db_num_rows($result) == 1) { - $result = db_query($link, "SELECT id FROM ttrss_users WHERE login = '$login'"); + $instance_id = db_fetch_result($result, 0, "id"); - if (db_num_rows($result) == 1) { - $uid = db_fetch_result($result, 0, "id"); - print getGlobalUnread($link, $uid); - } else { - print "-1;User not found"; - } + $result = db_query($link, "SELECT feed_url, site_url, title, subscribers + FROM ttrss_feedbrowser_cache ORDER BY subscribers DESC LIMIT 100"); - $print_exec_time = false; - } + $feeds = array(); - if ($op == "digestTest") { - header("Content-Type: text/plain"); - print_r(prepare_headlines_digest($link, $_SESSION["uid"])); - $print_exec_time = false; + while ($line = db_fetch_assoc($result)) { + array_push($feeds, $line); + } - } + db_query($link, "UPDATE ttrss_linked_instances SET + last_status_in = 1 WHERE id = '$instance_id'"); - if ($op == "digestSend") { - header("Content-Type: text/plain"); - send_headlines_digests($link); - $print_exec_time = false; + print json_encode(array("feeds" => $feeds)); + } else { + print json_encode(array("error" => array("code" => 6))); + } + break; // fbexport - } + default: + header("Content-Type: text/plain"); + print json_encode(array("error" => array("code" => 7))); + break; // fallback + } // Select action according to $op value. + // We close the connection to database. db_close($link); ?> - - - -