]> git.wh0rd.org Git - tt-rss.git/commitdiff
add Public_Handler
authorAndrew Dolgov <fox@madoka.volgo-balt.ru>
Tue, 13 Dec 2011 10:49:11 +0000 (14:49 +0400)
committerAndrew Dolgov <fox@madoka.volgo-balt.ru>
Tue, 13 Dec 2011 10:49:11 +0000 (14:49 +0400)
misc code cleanup

14 files changed:
backend.php
classes/pref_instances.php [new file with mode: 0644]
classes/public_handler.php [new file with mode: 0644]
db-updater.php
include/db.php
include/functions.php
index.php
opml.php
prefs.php
public.php
register.php
twitter.php
update.php
update_daemon2.php

index 9fe8792f2748508a1157dd9c19fac04514612665..62cd6229d6206ff5f06d07ec03eabe7fa89a8a89 100644 (file)
                $_REQUEST = array_map('stripslashes_deep', $_REQUEST);
        }
 
-       function __autoload($class) {
-               $file = "classes/".strtolower(basename($class)).".php";
-               if (file_exists($file)) {
-                       require $file;
-               }
-       }
-
        $op = $_REQUEST["op"];
+       @$method = $_REQUEST['subop'] ? $_REQUEST['subop'] : $_REQUEST["method"];
+
+       /* Public calls compatibility shim */
+
+       $public_calls = array("globalUpdateFeeds", "rss", "getUnread", "getProfiles", "share",
+               "fbexport", "logout", "pubsub");
+
+       if (array_search($op, $public_calls) !== false) {
+               header("Location: public.php?" . $_SERVER['QUERY_STRING']);
+               return;
+       }
 
        require_once "functions.php";
-       if ($op != "share") require_once "sessions.php";
+       require_once "sessions.php";
        require_once "sanity_check.php";
        require_once "config.php";
        require_once "db.php";
 
        $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
 
-       if (!$link) {
-               if (DB_TYPE == "mysql") {
-                       print mysql_error();
-               }
-               // PG seems to display its own errors just fine by default.
-               return;
-       }
-
-       init_connection($link);
-
-       $method = $_REQUEST['subop'] ? $_REQUEST['subop'] : $_REQUEST["method"];
+       if (!init_connection($link)) return;
 
        header("Content-Type: text/plain; charset=utf-8");
 
                authenticate_user($link, "admin", null);
        }
 
-       $public_calls = array("globalUpdateFeeds", "rss", "getUnread", "getProfiles", "share",
-               "fbexport", "logout", "pubsub");
+       // TODO remove and handle within Handlers
 
-       if (array_search($op, $public_calls) !== false) {
-
-               handle_public_request($link, $op);
-               return;
-
-       } else if (!($_SESSION["uid"] && validate_session($link))) {
+       if (!($_SESSION["uid"] && validate_session($link))) {
                if ($op == 'pref-feeds' && $method == 'add') {
                        header("Content-Type: text/html");
                        login_sequence($link);
                return;
        }
 
+       function __autoload($class) {
+               $file = "classes/".strtolower(basename($class)).".php";
+               if (file_exists($file)) {
+                       require $file;
+               }
+       }
+
        $op = str_replace("-", "_", $op);
 
        if (class_exists($op)) {
                }
        }
 
-       switch($op) { // Select action according to $op value.
-               case "pref_instances":
-                       require_once "modules/pref-instances.php";
-                       module_pref_instances($link);
-               break; // pref-instances
-
-               default:
-                       header("Content-Type: text/plain");
-                       print json_encode(array("error" => array("code" => 7)));
-               break; // fallback
-       } // Select action according to $op value.
+       header("Content-Type: text/plain");
+       print json_encode(array("error" => array("code" => 7)));
 
        // We close the connection to database.
        db_close($link);
diff --git a/classes/pref_instances.php b/classes/pref_instances.php
new file mode 100644 (file)
index 0000000..893d2b6
--- /dev/null
@@ -0,0 +1,204 @@
+<?php
+class Pref_Instances extends Protected_Handler {
+
+       function before() {
+               if (parent::before()) {
+                       if ($_SESSION["access_level"] < 10) {
+                               print __("Your access level is insufficient to open this tab.");
+                               return false;
+                       }
+                       return true;
+               }
+               return false;
+       }
+
+       function remove() {
+               $ids = db_escape_string($_REQUEST['ids']);
+
+               db_query($this->link, "DELETE FROM ttrss_linked_instances WHERE
+                       id IN ($ids)");
+       }
+
+       function add() {
+               $id = db_escape_string($_REQUEST["id"]);
+               $access_url = db_escape_string($_REQUEST["access_url"]);
+               $access_key = db_escape_string($_REQUEST["access_key"]);
+
+               db_query($this->link, "BEGIN");
+
+               $result = db_query($this->link, "SELECT id FROM ttrss_linked_instances
+                       WHERE access_url = '$access_url'");
+
+               if (db_num_rows($result) == 0) {
+                       db_query($this->link, "INSERT INTO ttrss_linked_instances
+                               (access_url, access_key, last_connected, last_status_in, last_status_out)
+                               VALUES
+                               ('$access_url', '$access_key', '1970-01-01', -1, -1)");
+
+               }
+
+               db_query($this->link, "COMMIT");
+       }
+
+       function edit() {
+               $id = db_escape_string($_REQUEST["id"]);
+
+               $result = db_query($this->link, "SELECT * FROM ttrss_linked_instances WHERE
+                       id = '$id'");
+
+               print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\"  name=\"id\" value=\"$id\">";
+               print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\"  name=\"op\" value=\"pref-instances\">";
+               print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\"  name=\"method\" value=\"editSave\">";
+
+               print "<div class=\"dlgSec\">".__("Instance")."</div>";
+
+               print "<div class=\"dlgSecCont\">";
+
+               /* URL */
+
+               $access_url = htmlspecialchars(db_fetch_result($result, 0, "access_url"));
+
+               print __("URL:") . " ";
+
+               print "<input dojoType=\"dijit.form.ValidationTextBox\" required=\"1\"
+                       placeHolder=\"".__("Instance URL")."\"
+                       regExp='^(http|https)://.*'
+                       style=\"font-size : 16px; width: 20em\" name=\"access_url\"
+                       value=\"$access_url\">";
+
+               print "<hr/>";
+
+               $access_key = htmlspecialchars(db_fetch_result($result, 0, "access_key"));
+
+               /* Access key */
+
+               print __("Access key:") . " ";
+
+               print "<input dojoType=\"dijit.form.ValidationTextBox\" required=\"1\"
+                       placeHolder=\"".__("Access key")."\" regExp='\w{40}'
+                       style=\"width: 20em\" name=\"access_key\" id=\"instance_edit_key\"
+                       value=\"$access_key\">";
+
+               print "<p class='insensitive'>" . __("Use one access key for both linked instances.");
+
+               print "</div>";
+
+               print "<div class=\"dlgButtons\">
+                       <div style='float : left'>
+                               <button dojoType=\"dijit.form.Button\"
+                                       onclick=\"return dijit.byId('instanceEditDlg').regenKey()\">".
+                                       __('Generate new key')."</button>
+                       </div>
+                       <button dojoType=\"dijit.form.Button\"
+                               onclick=\"return dijit.byId('instanceEditDlg').execute()\">".
+                               __('Save')."</button>
+                       <button dojoType=\"dijit.form.Button\"
+                               onclick=\"return dijit.byId('instanceEditDlg').hide()\"\">".
+                               __('Cancel')."</button></div>";
+
+       }
+
+       function editSave() {
+               $id = db_escape_string($_REQUEST["id"]);
+               $access_url = db_escape_string($_REQUEST["access_url"]);
+               $access_key = db_escape_string($_REQUEST["access_key"]);
+
+               db_query($this->link, "UPDATE ttrss_linked_instances SET
+                       access_key = '$access_key', access_url = '$access_url',
+                       last_connected = '1970-01-01'
+                       WHERE id = '$id'");
+
+       }
+
+       function index() {
+
+               if (!function_exists('curl_init')) {
+                       print "<div style='padding : 1em'>";
+                       print_error("This functionality requires CURL functions. Please enable CURL in your PHP configuration (you might also want to disable open_basedir in php.ini) and reload this page.");
+                       print "</div>";
+               }
+
+               print "<div id=\"pref-instance-wrap\" dojoType=\"dijit.layout.BorderContainer\" gutters=\"false\">";
+               print "<div id=\"pref-instance-header\" dojoType=\"dijit.layout.ContentPane\" region=\"top\">";
+
+               print "<div id=\"pref-instance-toolbar\" dojoType=\"dijit.Toolbar\">";
+
+               $sort = db_escape_string($_REQUEST["sort"]);
+
+               if (!$sort || $sort == "undefined") {
+                       $sort = "access_url";
+               }
+
+               print "<div dojoType=\"dijit.form.DropDownButton\">".
+                               "<span>" . __('Select')."</span>";
+               print "<div dojoType=\"dijit.Menu\" style=\"display: none;\">";
+               print "<div onclick=\"selectTableRows('prefInstanceList', 'all')\"
+                       dojoType=\"dijit.MenuItem\">".__('All')."</div>";
+               print "<div onclick=\"selectTableRows('prefInstanceList', 'none')\"
+                       dojoType=\"dijit.MenuItem\">".__('None')."</div>";
+               print "</div></div>";
+
+               print "<button dojoType=\"dijit.form.Button\" onclick=\"addInstance()\">".__('Link instance')."</button>";
+               print "<button dojoType=\"dijit.form.Button\" onclick=\"editSelectedInstance()\">".__('Edit')."</button>";
+               print "<button dojoType=\"dijit.form.Button\" onclick=\"removeSelectedInstances()\">".__('Remove')."</button>";
+
+               print "</div>"; #toolbar
+
+               $result = db_query($this->link, "SELECT *,
+                       (SELECT COUNT(*) FROM ttrss_linked_feeds
+                               WHERE instance_id = ttrss_linked_instances.id) AS num_feeds
+                       FROM ttrss_linked_instances
+                       ORDER BY $sort");
+
+               print "<p class=\"insensitive\" style='margin-left : 1em;'>" . __("You can connect other instances of Tiny Tiny RSS to this one to share Popular feeds. Link to this instance of Tiny Tiny RSS by using this URL:");
+
+               print " <a href=\"#\" onclick=\"alert('".htmlspecialchars(get_self_url_prefix())."')\">(display url)</a>";
+
+               print "<p><table width='100%' id='prefInstanceList' class='prefInstanceList' cellspacing='0'>";
+
+               print "<tr class=\"title\">
+                       <td align='center' width=\"5%\">&nbsp;</td>
+                       <td width=''><a href=\"#\" onclick=\"updateInstanceList('access_url')\">".__('Instance URL')."</a></td>
+                       <td width='20%'><a href=\"#\" onclick=\"updateInstanceList('access_key')\">".__('Access key')."</a></td>
+                       <td width='10%'><a href=\"#\" onclick=\"updateUsersList('last_connected')\">".__('Last connected')."</a></td>
+                       <td width='10%'><a href=\"#\" onclick=\"updateUsersList('num_feeds')\">".__('Stored feeds')."</a></td>
+                       </tr>";
+
+               $lnum = 0;
+
+               while ($line = db_fetch_assoc($result)) {
+                       $class = ($lnum % 2) ? "even" : "odd";
+
+                       $id = $line['id'];
+                       $this_row_id = "id=\"LIRR-$id\"";
+
+                       $line["last_connected"] = make_local_datetime($this->link, $line["last_connected"], false);
+
+                       print "<tr class=\"$class\" $this_row_id>";
+
+                       print "<td align='center'><input onclick='toggleSelectRow(this);'
+                               type=\"checkbox\" id=\"LICHK-$id\"></td>";
+
+                       $onclick = "onclick='editInstance($id, event)' title='".__('Click to edit')."'";
+
+                       $access_key = mb_substr($line['access_key'], 0, 4) . '...' .
+                               mb_substr($line['access_key'], -4);
+
+                       print "<td $onclick>" . htmlspecialchars($line['access_url']) . "</td>";
+                       print "<td $onclick>" . htmlspecialchars($access_key) . "</td>";
+                       print "<td $onclick>" . htmlspecialchars($line['last_connected']) . "</td>";
+                       print "<td $onclick>" . htmlspecialchars($line['num_feeds']) . "</td>";
+
+                       print "</tr>";
+
+                       ++$lnum;
+               }
+
+               print "</table>";
+
+               print "</div>"; #pane
+               print "</div>"; #container
+
+       }
+}
+?>
diff --git a/classes/public_handler.php b/classes/public_handler.php
new file mode 100644 (file)
index 0000000..460613e
--- /dev/null
@@ -0,0 +1,210 @@
+<?php
+class Public_Handler extends Handler {
+
+       function getUnread() {
+               $login = db_escape_string($_REQUEST["login"]);
+               $fresh = $_REQUEST["fresh"] == "1";
+
+               $result = db_query($this->link, "SELECT id FROM ttrss_users WHERE login = '$login'");
+
+               if (db_num_rows($result) == 1) {
+                       $uid = db_fetch_result($result, 0, "id");
+
+                       print getGlobalUnread($this->link, $uid);
+
+                       if ($fresh) {
+                               print ";";
+                               print getFeedArticles($this->link, -3, false, true, $uid);
+                       }
+
+               } else {
+                       print "-1;User not found";
+               }
+
+       }
+
+       function getProfiles() {
+               $login = db_escape_string($_REQUEST["login"]);
+               $password = db_escape_string($_REQUEST["password"]);
+
+               if (authenticate_user($this->link, $login, $password)) {
+                       $result = db_query($this->link, "SELECT * FROM ttrss_settings_profiles
+                               WHERE owner_uid = " . $_SESSION["uid"] . " ORDER BY title");
+
+                       print "<select style='width: 100%' name='profile'>";
+
+                       print "<option value='0'>" . __("Default profile") . "</option>";
+
+                       while ($line = db_fetch_assoc($result)) {
+                               $id = $line["id"];
+                               $title = $line["title"];
+
+                               print "<option value='$id'>$title</option>";
+                       }
+
+                       print "</select>";
+
+                       $_SESSION = array();
+               }
+       }
+
+       function pubsub() {
+               $mode = db_escape_string($_REQUEST['hub_mode']);
+               $feed_id = (int) db_escape_string($_REQUEST['id']);
+               $feed_url = db_escape_string($_REQUEST['hub_topic']);
+
+               if (!PUBSUBHUBBUB_ENABLED) {
+                       header('HTTP/1.0 404 Not Found');
+                       echo "404 Not found";
+                       return;
+               }
+
+               // TODO: implement hub_verifytoken checking
+
+               $result = db_query($this->link, "SELECT feed_url FROM ttrss_feeds
+                       WHERE id = '$feed_id'");
+
+               if (db_num_rows($result) != 0) {
+
+                       $check_feed_url = db_fetch_result($result, 0, "feed_url");
+
+                       if ($check_feed_url && ($check_feed_url == $feed_url || !$feed_url)) {
+                               if ($mode == "subscribe") {
+
+                                       db_query($this->link, "UPDATE ttrss_feeds SET pubsub_state = 2
+                                               WHERE id = '$feed_id'");
+
+                                       print $_REQUEST['hub_challenge'];
+                                       return;
+
+                               } else if ($mode == "unsubscribe") {
+
+                                       db_query($this->link, "UPDATE ttrss_feeds SET pubsub_state = 0
+                                               WHERE id = '$feed_id'");
+
+                                       print $_REQUEST['hub_challenge'];
+                                       return;
+
+                               } else if (!$mode) {
+
+                                       // Received update ping, schedule feed update.
+                                       //update_rss_feed($this->link, $feed_id, true, true);
+
+                                       db_query($this->link, "UPDATE ttrss_feeds SET
+                                               last_update_started = '1970-01-01',
+                                               last_updated = '1970-01-01' WHERE id = '$feed_id'");
+
+                               }
+                       } else {
+                               header('HTTP/1.0 404 Not Found');
+                               echo "404 Not found";
+                       }
+               } else {
+                       header('HTTP/1.0 404 Not Found');
+                       echo "404 Not found";
+               }
+
+       }
+
+       function logout() {
+               logout_user();
+               header("Location: index.php");
+       }
+
+       function fbexport() {
+
+               $access_key = db_escape_string($_POST["key"]);
+
+               // TODO: rate limit checking using last_connected
+               $result = db_query($this->link, "SELECT id FROM ttrss_linked_instances
+                       WHERE access_key = '$access_key'");
+
+               if (db_num_rows($result) == 1) {
+
+                       $instance_id = db_fetch_result($result, 0, "id");
+
+                       $result = db_query($this->link, "SELECT feed_url, site_url, title, subscribers
+                               FROM ttrss_feedbrowser_cache ORDER BY subscribers DESC LIMIT 100");
+
+                       $feeds = array();
+
+                       while ($line = db_fetch_assoc($result)) {
+                               array_push($feeds, $line);
+                       }
+
+                       db_query($this->link, "UPDATE ttrss_linked_instances SET
+                               last_status_in = 1 WHERE id = '$instance_id'");
+
+                       print json_encode(array("feeds" => $feeds));
+               } else {
+                       print json_encode(array("error" => array("code" => 6)));
+               }
+       }
+
+       function share() {
+               $uuid = db_escape_string($_REQUEST["key"]);
+
+               $result = db_query($this->link, "SELECT ref_id, owner_uid FROM ttrss_user_entries WHERE
+                       uuid = '$uuid'");
+
+               if (db_num_rows($result) != 0) {
+                       header("Content-Type: text/html");
+
+                       $id = db_fetch_result($result, 0, "ref_id");
+                       $owner_uid = db_fetch_result($result, 0, "owner_uid");
+
+                       $_SESSION["uid"] = $owner_uid;
+                       $article = format_article($this->link, $id, false, true);
+                       $_SESSION["uid"] = "";
+
+                       print_r($article['content']);
+
+               } else {
+                       print "Article not found.";
+               }
+
+       }
+
+       function rss() {
+               header("Content-Type: text/xml; charset=utf-8");
+
+               $feed = db_escape_string($_REQUEST["id"]);
+               $key = db_escape_string($_REQUEST["key"]);
+               $is_cat = $_REQUEST["is_cat"] != false;
+               $limit = (int)db_escape_string($_REQUEST["limit"]);
+
+               $search = db_escape_string($_REQUEST["q"]);
+               $match_on = db_escape_string($_REQUEST["m"]);
+               $search_mode = db_escape_string($_REQUEST["smode"]);
+               $view_mode = db_escape_string($_REQUEST["view-mode"]);
+
+               if (SINGLE_USER_MODE) {
+                       authenticate_user($this->link, "admin", null);
+               }
+
+               $owner_id = false;
+
+               if ($key) {
+                       $result = db_query($this->link, "SELECT owner_uid FROM
+                               ttrss_access_keys WHERE access_key = '$key' AND feed_id = '$feed'");
+
+                       if (db_num_rows($result) == 1)
+                               $owner_id = db_fetch_result($result, 0, "owner_uid");
+               }
+
+               if ($owner_id) {
+                       $_SESSION['uid'] = $owner_id;
+
+                       generate_syndicated_feed($this->link, 0, $feed, $is_cat, $limit,
+                               $search, $search_mode, $match_on, $view_mode);
+               } else {
+                       header('HTTP/1.1 403 Forbidden');
+               }
+       }
+
+       /* function globalUpdateFeeds() {
+               // Update all feeds needing a update.
+               update_daemon_common($this->link, 0, true, true);
+       } */
+}
+?>
index 9a4fdf604b2eb52e2c9a4ea0faa56b40ed081135..63c3c647a0f7b6e10b2ca48d8555c3b6b46700fe 100644 (file)
@@ -9,7 +9,7 @@
 
        $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
 
-       init_connection($link);
+       if (!init_connection($link)) return;
        login_sequence($link);
 
        $owner_uid = $_SESSION["uid"];
index 7a858ca70596549820f19eda763a23b3bc0a94f3..1401c089b0474e2cf4f64ee89ac2e8ebd736a1d7 100644 (file)
@@ -61,7 +61,7 @@ function db_query($link, $query, $die_on_error = true) {
                if (!$result) {
                        $query = htmlspecialchars($query); // just in case
                        if ($die_on_error) {
-                               die("Query <i>$query</i> failed [$result]: " . pg_last_error($link));
+                               die("Query <i>$query</i> failed [$result]: " . ($link ? pg_last_error($link) : "No connection"));
                        }
                }
                return $result;
@@ -70,7 +70,7 @@ function db_query($link, $query, $die_on_error = true) {
                if (!$result) {
                        $query = htmlspecialchars($query);
                        if ($die_on_error) {
-                               die("Query <i>$query</i> failed: " . mysql_error($link));
+                               die("Query <i>$query</i> failed: " . ($link ? mysql_error($link) : "No connection"));
                        }
                }
                return $result;
index 89a1d78475871d7f23d0283339448269ecef24a5..7bd64cc5b5c5d4962adb906950be455282813d0a 100644 (file)
        }
 
        function init_connection($link) {
-               if (DB_TYPE == "pgsql") {
-                       pg_query($link, "set client_encoding = 'UTF-8'");
-                       pg_set_client_encoding("UNICODE");
-                       pg_query($link, "set datestyle = 'ISO, european'");
-                       pg_query($link, "set TIME ZONE 0");
-               } else {
-                       db_query($link, "SET time_zone = '+0:0'");
+               if ($link) {
 
-                       if (defined('MYSQL_CHARSET') && MYSQL_CHARSET) {
-                               db_query($link, "SET NAMES " . MYSQL_CHARSET);
-       //                      db_query($link, "SET CHARACTER SET " . MYSQL_CHARSET);
+                       if (DB_TYPE == "pgsql") {
+                               pg_query($link, "set client_encoding = 'UTF-8'");
+                               pg_set_client_encoding("UNICODE");
+                               pg_query($link, "set datestyle = 'ISO, european'");
+                               pg_query($link, "set TIME ZONE 0");
+                       } else {
+                               db_query($link, "SET time_zone = '+0:0'");
+
+                               if (defined('MYSQL_CHARSET') && MYSQL_CHARSET) {
+                                       db_query($link, "SET NAMES " . MYSQL_CHARSET);
+                               }
                        }
+                       return true;
+               } else {
+                       print "Unable to connect to database:" . db_last_error();
+                       return false;
                }
        }
 
                }
        }
 
-       function handle_public_request($link, $op) {
-               switch ($op) {
-
-               case "getUnread":
-                       $login = db_escape_string($_REQUEST["login"]);
-                       $fresh = $_REQUEST["fresh"] == "1";
-
-                       $result = db_query($link, "SELECT id FROM ttrss_users WHERE login = '$login'");
-
-                       if (db_num_rows($result) == 1) {
-                               $uid = db_fetch_result($result, 0, "id");
-
-                               print getGlobalUnread($link, $uid);
-
-                               if ($fresh) {
-                                       print ";";
-                                       print getFeedArticles($link, -3, false, true, $uid);
-                               }
-
-                       } else {
-                               print "-1;User not found";
-                       }
-
-               break; // getUnread
-
-               case "getProfiles":
-                       $login = db_escape_string($_REQUEST["login"]);
-                       $password = db_escape_string($_REQUEST["password"]);
-
-                       if (authenticate_user($link, $login, $password)) {
-                               $result = db_query($link, "SELECT * FROM ttrss_settings_profiles
-                                       WHERE owner_uid = " . $_SESSION["uid"] . " ORDER BY title");
-
-                               print "<select style='width: 100%' name='profile'>";
-
-                               print "<option value='0'>" . __("Default profile") . "</option>";
-
-                               while ($line = db_fetch_assoc($result)) {
-                                       $id = $line["id"];
-                                       $title = $line["title"];
-
-                                       print "<option value='$id'>$title</option>";
-                               }
-
-                               print "</select>";
-
-                               $_SESSION = array();
-                       }
-               break; // getprofiles
-
-               case "pubsub":
-                       $mode = db_escape_string($_REQUEST['hub_mode']);
-                       $feed_id = (int) db_escape_string($_REQUEST['id']);
-                       $feed_url = db_escape_string($_REQUEST['hub_topic']);
-
-                       if (!PUBSUBHUBBUB_ENABLED) {
-                               header('HTTP/1.0 404 Not Found');
-                               echo "404 Not found";
-                               return;
-                       }
-
-                       // TODO: implement hub_verifytoken checking
-
-                       $result = db_query($link, "SELECT feed_url FROM ttrss_feeds
-                               WHERE id = '$feed_id'");
-
-                       if (db_num_rows($result) != 0) {
-
-                               $check_feed_url = db_fetch_result($result, 0, "feed_url");
-
-                               if ($check_feed_url && ($check_feed_url == $feed_url || !$feed_url)) {
-                                       if ($mode == "subscribe") {
-
-                                               db_query($link, "UPDATE ttrss_feeds SET pubsub_state = 2
-                                                       WHERE id = '$feed_id'");
-
-                                               print $_REQUEST['hub_challenge'];
-                                               return;
-
-                                       } else if ($mode == "unsubscribe") {
-
-                                               db_query($link, "UPDATE ttrss_feeds SET pubsub_state = 0
-                                                       WHERE id = '$feed_id'");
-
-                                               print $_REQUEST['hub_challenge'];
-                                               return;
-
-                                       } else if (!$mode) {
-
-                                               // Received update ping, schedule feed update.
-                                               //update_rss_feed($link, $feed_id, true, true);
-
-                                               db_query($link, "UPDATE ttrss_feeds SET
-                                                       last_update_started = '1970-01-01',
-                                                       last_updated = '1970-01-01' WHERE id = '$feed_id'");
-
-                                       }
-                               } else {
-                                       header('HTTP/1.0 404 Not Found');
-                                       echo "404 Not found";
-                               }
-                       } else {
-                               header('HTTP/1.0 404 Not Found');
-                               echo "404 Not found";
-                       }
-
-               break; // pubsub
-
-               case "logout":
-                       logout_user();
-                       header("Location: index.php");
-               break; // logout
-
-               case "fbexport":
-
-                       $access_key = db_escape_string($_POST["key"]);
-
-                       // TODO: rate limit checking using last_connected
-                       $result = db_query($link, "SELECT id FROM ttrss_linked_instances
-                               WHERE access_key = '$access_key'");
-
-                       if (db_num_rows($result) == 1) {
-
-                               $instance_id = db_fetch_result($result, 0, "id");
-
-                               $result = db_query($link, "SELECT feed_url, site_url, title, subscribers
-                                       FROM ttrss_feedbrowser_cache ORDER BY subscribers DESC LIMIT 100");
-
-                               $feeds = array();
-
-                               while ($line = db_fetch_assoc($result)) {
-                                       array_push($feeds, $line);
-                               }
-
-                               db_query($link, "UPDATE ttrss_linked_instances SET
-                                       last_status_in = 1 WHERE id = '$instance_id'");
-
-                               print json_encode(array("feeds" => $feeds));
-                       } else {
-                               print json_encode(array("error" => array("code" => 6)));
-                       }
-               break; // fbexport
-
-               case "share":
-                       $uuid = db_escape_string($_REQUEST["key"]);
-
-                       $result = db_query($link, "SELECT ref_id, owner_uid FROM ttrss_user_entries WHERE
-                               uuid = '$uuid'");
-
-                       if (db_num_rows($result) != 0) {
-                               header("Content-Type: text/html");
-
-                               $id = db_fetch_result($result, 0, "ref_id");
-                               $owner_uid = db_fetch_result($result, 0, "owner_uid");
-
-                               $_SESSION["uid"] = $owner_uid;
-                               $article = format_article($link, $id, false, true);
-                               $_SESSION["uid"] = "";
-
-                               print_r($article['content']);
-
-                       } else {
-                               print "Article not found.";
-                       }
-
-                       break;
-
-               case "rss":
-                       $feed = db_escape_string($_REQUEST["id"]);
-                       $key = db_escape_string($_REQUEST["key"]);
-                       $is_cat = $_REQUEST["is_cat"] != false;
-                       $limit = (int)db_escape_string($_REQUEST["limit"]);
-
-                       $search = db_escape_string($_REQUEST["q"]);
-                       $match_on = db_escape_string($_REQUEST["m"]);
-                       $search_mode = db_escape_string($_REQUEST["smode"]);
-                       $view_mode = db_escape_string($_REQUEST["view-mode"]);
-
-                       if (SINGLE_USER_MODE) {
-                               authenticate_user($link, "admin", null);
-                       }
-
-                       $owner_id = false;
-
-                       if ($key) {
-                               $result = db_query($link, "SELECT owner_uid FROM
-                                       ttrss_access_keys WHERE access_key = '$key' AND feed_id = '$feed'");
-
-                               if (db_num_rows($result) == 1)
-                                       $owner_id = db_fetch_result($result, 0, "owner_uid");
-                       }
-
-                       if ($owner_id) {
-                               $_SESSION['uid'] = $owner_id;
-
-                               generate_syndicated_feed($link, 0, $feed, $is_cat, $limit,
-                                       $search, $search_mode, $match_on, $view_mode);
-                       } else {
-                               header('HTTP/1.1 403 Forbidden');
-                       }
-               break; // rss
-
-
-               case "globalUpdateFeeds":
-                       // Update all feeds needing a update.
-                       update_daemon_common($link, 0, true, true);
-               break; // globalUpdateFeeds
-
-
-               default:
-                       header("Content-Type: text/plain");
-                       print json_encode(array("error" => array("code" => 7)));
-               break; // fallback
-
-               }
-       }
-       
        function make_feed_browser($link, $search, $limit, $mode = 1) {
-       
+
                $owner_uid = $_SESSION["uid"];
                $rv = '';
-       
+
                if ($search) {
                        $search_qpart = "AND (UPPER(feed_url) LIKE UPPER('%$search%') OR
                                                UPPER(title) LIKE UPPER('%$search%'))";
                } else {
                        $search_qpart = "";
                }
-       
+
                if ($mode == 1) {
                        /* $result = db_query($link, "SELECT feed_url, subscribers FROM
                         ttrss_feedbrowser_cache WHERE (SELECT COUNT(id) = 0 FROM ttrss_feeds AS tf
                        WHERE tf.feed_url = ttrss_feedbrowser_cache.feed_url
                        AND owner_uid = '$owner_uid') $search_qpart
                        ORDER BY subscribers DESC LIMIT $limit"); */
-       
+
                        $result = db_query($link, "SELECT feed_url, site_url, title, SUM(subscribers) AS subscribers FROM
                                                (SELECT feed_url, site_url, title, subscribers FROM ttrss_feedbrowser_cache UNION ALL
                                                        SELECT feed_url, site_url, title, subscribers FROM ttrss_linked_feeds) AS qqq
                                                                WHERE tf.feed_url = qqq.feed_url
                                                                        AND owner_uid = '$owner_uid') $search_qpart
                                                GROUP BY feed_url, site_url, title ORDER BY subscribers DESC LIMIT $limit");
-       
+
                } else if ($mode == 2) {
                        $result = db_query($link, "SELECT *,
                                                (SELECT COUNT(*) FROM ttrss_user_entries WHERE
                                                owner_uid = '$owner_uid' $search_qpart
                                                ORDER BY id DESC LIMIT $limit");
                }
-       
+
                $feedctr = 0;
-       
+
                while ($line = db_fetch_assoc($result)) {
-       
+
                        if ($mode == 1) {
-       
+
                                $feed_url = htmlspecialchars($line["feed_url"]);
                                $site_url = htmlspecialchars($line["site_url"]);
                                $subscribers = $line["subscribers"];
-       
+
                                $check_box = "<input onclick='toggleSelectListRow2(this)'
                                                        dojoType=\"dijit.form.CheckBox\"
                                                        type=\"checkbox\" \">";
-       
+
                                $class = ($feedctr % 2) ? "even" : "odd";
-       
+
                                $site_url = "<a target=\"_blank\"
                                                        href=\"$site_url\">
                                                        <span class=\"fb_feedTitle\">".
                                htmlspecialchars($line["title"])."</span></a>";
-       
+
                                $feed_url = "<a target=\"_blank\" class=\"fb_feedUrl\"
                                                        href=\"$feed_url\"><img src='images/feed-icon-12x12.png'
                                                        style='vertical-align : middle'></a>";
-       
+
                                $rv .= "<li>$check_box $feed_url $site_url".
                                                        "&nbsp;<span class='subscribers'>($subscribers)</span></li>";
-       
+
                        } else if ($mode == 2) {
                                $feed_url = htmlspecialchars($line["feed_url"]);
                                $site_url = htmlspecialchars($line["site_url"]);
                                $title = htmlspecialchars($line["title"]);
-       
+
                                $check_box = "<input onclick='toggleSelectListRow2(this)' dojoType=\"dijit.form.CheckBox\"
                                                        type=\"checkbox\">";
-       
+
                                $class = ($feedctr % 2) ? "even" : "odd";
-       
+
                                if ($line['articles_archived'] > 0) {
                                        $archived = sprintf(__("%d archived articles"), $line['articles_archived']);
                                        $archived = "&nbsp;<span class='subscribers'>($archived)</span>";
                                } else {
                                        $archived = '';
                                }
-       
+
                                $site_url = "<a target=\"_blank\"
                                                        href=\"$site_url\">
                                                        <span class=\"fb_feedTitle\">".
                                htmlspecialchars($line["title"])."</span></a>";
-       
+
                                $feed_url = "<a target=\"_blank\" class=\"fb_feedUrl\"
                                                        href=\"$feed_url\"><img src='images/feed-icon-12x12.png'
                                                        style='vertical-align : middle'></a>";
-       
-       
+
+
                                $rv .= "<li id=\"FBROW-".$line["id"]."\">".
                                                        "$check_box $feed_url $site_url $archived</li>";
                        }
-       
+
                        ++$feedctr;
                }
-       
+
                if ($feedctr == 0) {
                        $rv .= "<li style=\"text-align : center\"><p>".__('No feeds found.')."</p></li>";
                }
-       
+
                return $rv;
-       
        }
+
 ?>
index 76b1d13cfe3f9528b0c6f93de27c1a10c5720742..6d0b7c645c52d742baeda9b6c2eff3b6c4b88c16 100644 (file)
--- a/index.php
+++ b/index.php
@@ -16,7 +16,7 @@
 
        $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
 
-       init_connection($link);
+       if (!init_connection($link)) return;
 
        login_sequence($link);
 
index 32432a9a750cb610d298d2a216f9b11286e64928..ab71493b1fba3e8690a0e07839b620461ec2164d 100644 (file)
--- a/opml.php
+++ b/opml.php
@@ -10,7 +10,7 @@
 
        $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
 
-       init_connection($link);
+       if (!init_connection($link)) return;
 
        function opml_export($link, $name, $owner_uid, $hide_private_feeds=false, $include_settings=true) {
                if (!$_REQUEST["debug"]) {
index 3787a79b610dc7323572a30dd93295844e423a4f..40d9a35acc562acee122e6a46d6e442bca5ea77c 100644 (file)
--- a/prefs.php
+++ b/prefs.php
@@ -10,7 +10,7 @@
 
        $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
 
-       init_connection($link);
+       if (!init_connection($link)) return;
 
        login_sequence($link);
 
index 3b0d064b6c093ecc5c6311cc7b42ef65cd00b786..2cec82962b786a6f75b544d3b0da52520f9e5fcb 100644 (file)
                $_REQUEST = array_map('stripslashes_deep', $_REQUEST);
        }
 
-       $op = $_REQUEST["op"];
-
        require_once "functions.php";
-       if ($op != "share") require_once "sessions.php";
+       require_once "sessions.php";
        require_once "sanity_check.php";
        require_once "config.php";
        require_once "db.php";
 
        $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
 
-       if (!$link) {
-               if (DB_TYPE == "mysql") {
-                       print mysql_error();
-               }
-               // PG seems to display its own errors just fine by default.
-               return;
+       if (!init_connection($link)) return;
+
+       if (ENABLE_GZIP_OUTPUT) {
+               ob_start("ob_gzhandler");
        }
 
-       init_connection($link);
+       function __autoload($class) {
+               $file = "classes/".strtolower(basename($class)).".php";
+               if (file_exists($file)) {
+                       require $file;
+               }
+       }
 
-       $method = $_REQUEST["method"];
-       $mode = $_REQUEST["mode"];
+       $method = $_REQUEST["op"];
 
-       if ((!$op || $op == "rss" || $op == "dlg") && !$_REQUEST["noxml"]) {
-                       header("Content-Type: application/xml; charset=utf-8");
-       } else {
-                       header("Content-Type: text/plain; charset=utf-8");
-       }
+       $handler = new Public_Handler($link, $_REQUEST);
 
-       if (ENABLE_GZIP_OUTPUT) {
-               ob_start("ob_gzhandler");
+       if ($handler) {
+               if ($handler->before()) {
+                       if ($method && method_exists($handler, $method)) {
+                               $handler->$method();
+                       } else if (method_exists($handler, 'index')) {
+                               $handler->index();
+                       }
+                       $handler->after();
+                       return;
+               }
        }
 
-       handle_public_request($link, $op);
+       header("Content-Type: text/plain");
+       print json_encode(array("error" => array("code" => 7)));
 
        // We close the connection to database.
        db_close($link);
index 3694a5e75e108ccc4e38ce2dfd0c70b5b4cc327b..33a6628f41cf1a78141234bf7ced39d5f8f592fc 100644 (file)
@@ -18,7 +18,7 @@
 
        $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
 
-       init_connection($link);
+       if (!init_connection($link)) return;
 
        if ($_REQUEST["format"] == "feed") {
                header("Content-Type: text/xml");
index 2c325140bdc85b3bb3107b0fe77ec874c2514d77..ab9e57a4580840f1dd2f51e3d0cedff1379697d2 100644 (file)
@@ -11,7 +11,7 @@
 
        $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
 
-       init_connection($link);
+       if (!init_connection($link)) return;
        login_sequence($link);
 
        $owner_uid = $_SESSION["uid"];
index e6063a9e829e15b92d5641876a43377be9023535..2fa2e2f54b0ea7f3ff7a98de5394ebcee0442813 100755 (executable)
        // Create a database connection.
        $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
 
-       if (!$link) {
-               if (DB_TYPE == "mysql") {
-                       print mysql_error();
-               }
-               // PG seems to display its own errors just fine by default.
-               return;
-       }
-
        init_connection($link);
 
        if ($op == "-feeds") {
index 06271de85187dd72b635257eafe3525ce9c46a89..27b4c35d6462721f04f4aa03342475b2b162980c 100755 (executable)
        // It is unnecessary to start the fork loop if database is not ok.
        $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
 
-       if (!$link) {
-               if (DB_TYPE == "mysql") {
-                       print mysql_error();
-               }
-               // PG seems to display its own errors just fine by default.
-               return;
-       }
+       if (!init_connection($link)) return;
 
        db_close($link);
 
 
                                        $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
 
-                                       if (!$link) {
-                                               if (DB_TYPE == "mysql") {
-                                                       print mysql_error();
-                                               }
-                                               // PG seems to display its own errors just fine by default.
-                                               return;
-                                       }
-
-                                       init_connection($link);
+                                       if (!init_connection($link)) return;
 
                                        // We disable stamp file, since it is of no use in a multiprocess update.
                                        // not really, tho for the time being -fox