]> git.wh0rd.org Git - tt-rss.git/commitdiff
properly handle invalid regular expressions supplied when testing filters, add some...
authorAndrew Dolgov <fox@madoka.volgo-balt.ru>
Tue, 21 Feb 2012 08:36:29 +0000 (12:36 +0400)
committerAndrew Dolgov <fox@madoka.volgo-balt.ru>
Tue, 21 Feb 2012 08:36:29 +0000 (12:36 +0400)
classes/pref_filters.php
include/functions.php
js/functions.js
tt-rss.css

index c66e9e810db9562026c573caf258f15c4e9da632..9b8c295ff640931dd60d85eed73a6b813ee5cf2f 100644 (file)
@@ -33,55 +33,65 @@ class Pref_Filters extends Protected_Handler {
                else
                        $feed = -4;
 
-               $feed_title = getFeedTitle($this->link, $feed);
-
-               $qfh_ret = queryFeedHeadlines($this->link, $cat_filter ? $cat_id : $feed,
-                       30, "", $cat_filter, false, false,
-                       false, "date_entered DESC", 0, $_SESSION["uid"], $filter);
-
-               $result = $qfh_ret[0];
-
-               $articles = array();
-               $found = 0;
+               $regexp_valid = preg_match('/' . $filter['reg_exp'] . '/',
+                       $filter['reg_exp']) !== FALSE;
 
                print __("Articles matching this filter:");
 
                print "<div class=\"inactiveFeedHolder\">";
                print "<table width=\"100%\" cellspacing=\"0\" id=\"prefErrorFeedList\">";
 
-               while ($line = db_fetch_assoc($result)) {
+               if ($regexp_valid) {
 
-                       $entry_timestamp = strtotime($line["updated"]);
-                       $entry_tags = get_article_tags($this->link, $line["id"], $_SESSION["uid"]);
+                       $feed_title = getFeedTitle($this->link, $feed);
 
-                       $content_preview = truncate_string(
-                               strip_tags($line["content_preview"]), 100, '...');
+                       $qfh_ret = queryFeedHeadlines($this->link, $cat_filter ? $cat_id : $feed,
+                               30, "", $cat_filter, false, false,
+                               false, "date_entered DESC", 0, $_SESSION["uid"], $filter);
 
-                       if ($line["feed_title"])
-                               $feed_title = $line["feed_title"];
+                       $result = $qfh_ret[0];
 
-                       print "<tr>";
+                       $articles = array();
+                       $found = 0;
 
-                       print "<td width='5%' align='center'><input
-                               dojoType=\"dijit.form.CheckBox\" checked=\"1\"
-                               disabled=\"1\" type=\"checkbox\"></td>";
-                       print "<td>";
+                       while ($line = db_fetch_assoc($result)) {
 
-                       print $line["title"];
-                       print "&nbsp;(";
-                       print "<b>" . $feed_title . "</b>";
-                       print "):&nbsp;";
-                       print "<span class=\"insensitive\">" . $content_preview . "</span>";
-                       print " " . mb_substr($line["date_entered"], 0, 16);
+                               $entry_timestamp = strtotime($line["updated"]);
+                               $entry_tags = get_article_tags($this->link, $line["id"], $_SESSION["uid"]);
 
-                       print "</td></tr>";
+                               $content_preview = truncate_string(
+                                       strip_tags($line["content_preview"]), 100, '...');
 
-                       $found++;
-               }
+                               if ($line["feed_title"])
+                                       $feed_title = $line["feed_title"];
+
+                               print "<tr>";
+
+                               print "<td width='5%' align='center'><input
+                                       dojoType=\"dijit.form.CheckBox\" checked=\"1\"
+                                       disabled=\"1\" type=\"checkbox\"></td>";
+                               print "<td>";
+
+                               print $line["title"];
+                               print "&nbsp;(";
+                               print "<b>" . $feed_title . "</b>";
+                               print "):&nbsp;";
+                               print "<span class=\"insensitive\">" . $content_preview . "</span>";
+                               print " " . mb_substr($line["date_entered"], 0, 16);
+
+                               print "</td></tr>";
+
+                               $found++;
+                       }
+
+                       if ($found == 0) {
+                               print "<tr><td align='center'>" .
+                                       __("No articles matching this filter has been found.") . "</td></tr>";
+                       }
+               } else {
+                       print "<tr><td align='center' class='error'>" .
+                               __("Invalid regular expression.") . "</td></tr>";
 
-               if ($found == 0) {
-                       print "<tr><td align='center'>" .
-                               __("No articles matching this filter has been found.") . "</td></tr>";
                }
 
                print "</table>";
index 25c188ee6e8df8e5b3f03cd3e361e9298a3ea1e5..dc5cbc816ae431bfe4d4ae2f668b44a684725942 100644 (file)
        function filter_to_sql($filter) {
                $query = "";
 
-               if (DB_TYPE == "pgsql")
-                       $reg_qpart = "~";
-               else
-                       $reg_qpart = "REGEXP";
+               $regexp_valid = preg_match('/' . $filter['reg_exp'] . '/',
+                       $filter['reg_exp']) !== FALSE;
 
-               switch ($filter["type"]) {
-                       case "title":
-                               $query = "LOWER(ttrss_entries.title) $reg_qpart LOWER('".
-                                       $filter['reg_exp'] . "')";
-                               break;
-                       case "content":
-                               $query = "LOWER(ttrss_entries.content) $reg_qpart LOWER('".
-                                       $filter['reg_exp'] . "')";
-                               break;
-                       case "both":
-                               $query = "LOWER(ttrss_entries.title) $reg_qpart LOWER('".
-                                       $filter['reg_exp'] . "') OR LOWER(" .
-                                       "ttrss_entries.content) $reg_qpart LOWER('" . $filter['reg_exp'] . "')";
-                               break;
-                       case "tag":
-                               $query = "LOWER(ttrss_user_entries.tag_cache) $reg_qpart LOWER('".
-                                       $filter['reg_exp'] . "')";
-                               break;
-                       case "link":
-                               $query = "LOWER(ttrss_entries.link) $reg_qpart LOWER('".
-                                       $filter['reg_exp'] . "')";
-                               break;
-                       case "date":
+               if ($regexp_valid) {
 
-                               if ($filter["filter_param"] == "before")
-                                       $cmp_qpart = "<";
-                               else
-                                       $cmp_qpart = ">=";
+                       if (DB_TYPE == "pgsql")
+                               $reg_qpart = "~";
+                       else
+                               $reg_qpart = "REGEXP";
 
-                               $timestamp = date("Y-m-d H:N:s", strtotime($filter["reg_exp"]));
-                               $query = "ttrss_entries.date_entered $cmp_qpart '$timestamp'";
-                               break;
-                       case "author":
-                               $query = "LOWER(ttrss_entries.author) $reg_qpart LOWER('".
-                                       $filter['reg_exp'] . "')";
-                               break;
-               }
+                       switch ($filter["type"]) {
+                               case "title":
+                                       $query = "LOWER(ttrss_entries.title) $reg_qpart LOWER('".
+                                               $filter['reg_exp'] . "')";
+                                       break;
+                               case "content":
+                                       $query = "LOWER(ttrss_entries.content) $reg_qpart LOWER('".
+                                               $filter['reg_exp'] . "')";
+                                       break;
+                               case "both":
+                                       $query = "LOWER(ttrss_entries.title) $reg_qpart LOWER('".
+                                               $filter['reg_exp'] . "') OR LOWER(" .
+                                               "ttrss_entries.content) $reg_qpart LOWER('" . $filter['reg_exp'] . "')";
+                                       break;
+                               case "tag":
+                                       $query = "LOWER(ttrss_user_entries.tag_cache) $reg_qpart LOWER('".
+                                               $filter['reg_exp'] . "')";
+                                       break;
+                               case "link":
+                                       $query = "LOWER(ttrss_entries.link) $reg_qpart LOWER('".
+                                               $filter['reg_exp'] . "')";
+                                       break;
+                               case "date":
 
-               if ($filter["inverse"])
-                       $query = "NOT ($query)";
+                                       if ($filter["filter_param"] == "before")
+                                               $cmp_qpart = "<";
+                                       else
+                                               $cmp_qpart = ">=";
 
-               if ($query) {
-                       if (DB_TYPE == "pgsql") {
-                               $query = " ($query) AND ttrss_entries.date_entered > NOW() - INTERVAL '14 days'";
-                       } else {
-                               $query = " ($query) AND ttrss_entries.date_entered > DATE_SUB(NOW(), INTERVAL 14 DAY)";
+                                       $timestamp = date("Y-m-d H:N:s", strtotime($filter["reg_exp"]));
+                                       $query = "ttrss_entries.date_entered $cmp_qpart '$timestamp'";
+                                       break;
+                               case "author":
+                                       $query = "LOWER(ttrss_entries.author) $reg_qpart LOWER('".
+                                               $filter['reg_exp'] . "')";
+                                       break;
                        }
-                       $query .= " AND ";
-               }
 
+                       if ($filter["inverse"])
+                               $query = "NOT ($query)";
 
-               return $query;
+                       if ($query) {
+                               if (DB_TYPE == "pgsql") {
+                                       $query = " ($query) AND ttrss_entries.date_entered > NOW() - INTERVAL '14 days'";
+                               } else {
+                                       $query = " ($query) AND ttrss_entries.date_entered > DATE_SUB(NOW(), INTERVAL 14 DAY)";
+                               }
+                               $query .= " AND ";
+                       }
+
+                       return $query;
+               } else {
+                       return false;
+               }
        }
 
        // Status codes:
index bd0d5fb731743bdb94cd123be7d44c8ad4926031..4a4602f9ed42fbe7d801e3cf6fc8d2322274fb91 100644 (file)
@@ -982,19 +982,39 @@ function quickAddFilter() {
                        test: function() {
                                if (this.validate()) {
 
-                                       if (dijit.byId("filterTestDlg"))
-                                               dijit.byId("filterTestDlg").destroyRecursive();
+                                       var query = "?op=rpc&method=verifyRegexp&reg_exp=" +
+                                               param_escape(dialog.attr('value').reg_exp);
+
+                                       notify_progress("Verifying regular expression...");
+
+                                       new Ajax.Request("backend.php", {
+                                               parameters: query,
+                                               onComplete: function(transport) {
+                                                       var reply = JSON.parse(transport.responseText);
+
+                                                       if (reply) {
+                                                               notify('');
+
+                                                               if (!reply['status']) {
+                                                                       alert("Invalid regular expression.");
+                                                                       return;
+                                                               } else {
 
-                                       tdialog = new dijit.Dialog({
-                                               id: "filterTestDlg",
-                                               title: __("Filter Test Results"),
-                                               style: "width: 600px",
-                                               href: "backend.php?savemode=test&" +
-                                                       dojo.objectToQuery(dialog.attr('value')),
-                                               });
+                                                                       if (dijit.byId("filterTestDlg"))
+                                                                               dijit.byId("filterTestDlg").destroyRecursive();
 
-                                       tdialog.show();
+                                                                       tdialog = new dijit.Dialog({
+                                                                               id: "filterTestDlg",
+                                                                               title: __("Filter Test Results"),
+                                                                               style: "width: 600px",
+                                                                               href: "backend.php?savemode=test&" +
+                                                                               dojo.objectToQuery(dialog.attr('value')),
+                                                                       });
 
+                                                                       tdialog.show();
+                                                               }
+                                                       }
+                                       }});
                                }
                        },
                        execute: function() {
@@ -1014,7 +1034,7 @@ function quickAddFilter() {
                                                                notify('');
 
                                                                if (!reply['status']) {
-                                                                       alert("Match regular expression seems to be invalid.");
+                                                                       alert("Invalid regular expression.");
                                                                        return;
                                                                } else {
                                                                        notify_progress("Saving data...", true);
index 94aa7587453beeb1326dcfebfe8f2e75698fcd57..7a0ef8bbbdccbda234a42be80c4e2dda2860d329 100644 (file)
@@ -1407,3 +1407,7 @@ a.bookmarklet {
        padding : 1em;
        color : gray;
 }
+
+td.error { 
+       color : red;
+}