]> git.wh0rd.org Git - tt-rss.git/commitdiff
projects / tt-rss.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 12e55b9)
use POST parameters for frontend requests
authorAndrew Dolgov <fox@bah.org.ru>
Tue, 29 Dec 2009 15:49:27 +0000 (18:49 +0300)
committerAndrew Dolgov <fox@bah.org.ru>
Tue, 29 Dec 2009 15:49:27 +0000 (18:49 +0300)
18 files changed:
api/index.php patch | blob | history
backend.php patch | blob | history
feedlist.js patch | blob | history
functions.js patch | blob | history
functions.php patch | blob | history
manifest.json.php patch | blob | history
modules/backend-rpc.php patch | blob | history
modules/help.php patch | blob | history
modules/popup-dialog.php patch | blob | history
modules/pref-feeds.php patch | blob | history
modules/pref-filters.php patch | blob | history
modules/pref-labels.php patch | blob | history
modules/pref-prefs.php patch | blob | history
modules/pref-users.php patch | blob | history
offline.js patch | blob | history
prefs.js patch | blob | history
tt-rss.js patch | blob | history
viewfeed.js patch | blob | history

diff --git a/api/index.php b/api/index.php
index dc3d183f828aadfd602b22efbedea187efeb08cf..0e07abb4b77334142ce3411549546576f7a2663b 100644 (file)
--- a/api/index.php
+++ b/api/index.php
@@ -269,7 +269,7 @@
 
                        break;
                case "updateArticle":
-                       $article_id = (int) db_escape_string($_GET["article_id"]);
+                       $article_id = (int) db_escape_string($_REQUEST["article_id"]);
                        $mode = (int) db_escape_string($_REQUEST["mode"]);
                        $field_raw = (int)db_escape_string($_REQUEST["field"]);
 
diff --git a/backend.php b/backend.php
index b83c4ff2a78c4eedaa4c8f514434314657557fee..f6e7acc79e68d4c3335f7023e76624575a5dc9d2 100644 (file)
--- a/backend.php
+++ b/backend.php
@@ -4,7 +4,7 @@
        /* remove ill effects of magic quotes */
 
        if (get_magic_quotes_gpc()) {
-               $_GET = array_map('stripslashes', $_GET);
+               $_REQUEST = array_map('stripslashes', $_REQUEST);
                $_POST = array_map('stripslashes', $_POST);
                $_REQUEST = array_map('stripslashes', $_REQUEST);
                $_COOKIE = array_map('stripslashes', $_COOKIE);
@@ -13,7 +13,7 @@
        require_once "sessions.php";
        require_once "modules/backend-rpc.php";
 
-/*     if ($_GET["debug"]) {
+/*     if ($_REQUEST["debug"]) {
                define('DEFAULT_ERROR_LEVEL', E_ALL);
        } else {
                define('DEFAULT_ERROR_LEVEL', E_ERROR | E_WARNING | E_PARSE);
@@ -159,9 +159,9 @@
                                ob_start("ob_gzhandler");
                        }
 
-                       $tags = $_GET["tags"];
+                       $tags = $_REQUEST["tags"];
 
-                       $subop = $_GET["subop"];
+                       $subop = $_REQUEST["subop"];
 
                        switch($subop) {
                                case "catchupAll":
@@ -172,7 +172,7 @@
                                break;
 
                                case "collapse":
-                                       $cat_id = db_escape_string($_GET["cid"]);
+                                       $cat_id = db_escape_string($_REQUEST["cid"]);
                                        toggle_collapse_cat($link, $cat_id);
                                        return;
                                break;
@@ -184,7 +184,7 @@
                                break;
 
                                case "catsort":
-                                       $corder = db_escape_string($_GET["corder"]);
+                                       $corder = db_escape_string($_REQUEST["corder"]);
 
                                        $cats = split(",", $corder);
 
@@ -210,12 +210,12 @@
 
                case "view":
 
-                       $id = db_escape_string($_GET["id"]);
-                       $cids = split(",", db_escape_string($_GET["cids"]));
-                       $mode = db_escape_string($_GET["mode"]);
-                       $omode = db_escape_string($_GET["omode"]);
+                       $id = db_escape_string($_REQUEST["id"]);
+                       $cids = split(",", db_escape_string($_REQUEST["cids"]));
+                       $mode = db_escape_string($_REQUEST["mode"]);
+                       $omode = db_escape_string($_REQUEST["omode"]);
 
-                       $csync = $_GET["csync"];
+                       $csync = $_REQUEST["csync"];
 
                        print "<reply>";
 
@@ -259,20 +259,20 @@
 
                        print "<reply>";
 
-                       if ($_GET["debug"]) $timing_info = print_checkpoint("0", $timing_info);
+                       if ($_REQUEST["debug"]) $timing_info = print_checkpoint("0", $timing_info);
 
-                       $omode = db_escape_string($_GET["omode"]);
+                       $omode = db_escape_string($_REQUEST["omode"]);
 
-                       $feed = db_escape_string($_GET["feed"]);
-                       $subop = db_escape_string($_GET["subop"]);
-                       $view_mode = db_escape_string($_GET["view_mode"]);
-                       $limit = db_escape_string($_GET["limit"]);
-                       $cat_view = db_escape_string($_GET["cat"]);
-                       $next_unread_feed = db_escape_string($_GET["nuf"]);
-                       $offset = db_escape_string($_GET["skip"]);
-                       $vgroup_last_feed = db_escape_string($_GET["vgrlf"]);
-                       $csync = $_GET["csync"];
-                       $order_by = db_escape_string($_GET["order_by"]);
+                       $feed = db_escape_string($_REQUEST["feed"]);
+                       $subop = db_escape_string($_REQUEST["subop"]);
+                       $view_mode = db_escape_string($_REQUEST["view_mode"]);
+                       $limit = db_escape_string($_REQUEST["limit"]);
+                       $cat_view = db_escape_string($_REQUEST["cat"]);
+                       $next_unread_feed = db_escape_string($_REQUEST["nuf"]);
+                       $offset = db_escape_string($_REQUEST["skip"]);
+                       $vgroup_last_feed = db_escape_string($_REQUEST["vgrlf"]);
+                       $csync = $_REQUEST["csync"];
+                       $order_by = db_escape_string($_REQUEST["order_by"]);
 
                        /* Updating a label ccache means recalculating all of the caches
                         * so for performance reasons we don't do that here */
@@ -345,7 +345,7 @@
                        print "<headlines-unread value=\"$headlines_unread\"/>";
                        printf("<disable-cache value=\"%d\"/>", $disable_cache);
 
-                       if ($_GET["debug"]) $timing_info = print_checkpoint("10", $timing_info);
+                       if ($_REQUEST["debug"]) $timing_info = print_checkpoint("10", $timing_info);
 
                        if (is_array($topmost_article_ids) && !get_pref($link, 'COMBINED_DISPLAY_MODE') && !$_SESSION["bw_limit"]) {
                                print "<articles>";
@@ -355,7 +355,7 @@
                                print "</articles>";
                        }
 
-                       if ($_GET["debug"]) $timing_info = print_checkpoint("20", $timing_info);
+                       if ($_REQUEST["debug"]) $timing_info = print_checkpoint("20", $timing_info);
 
 
 //                     if (get_pref($link, "SYNC_COUNTERS") ||                         
@@ -375,7 +375,7 @@
                                }
                        }
 
-                       if ($_GET["debug"]) $timing_info = print_checkpoint("30", $timing_info);
+                       if ($_REQUEST["debug"]) $timing_info = print_checkpoint("30", $timing_info);
 
                        print_runtime_info($link);
 
@@ -432,8 +432,8 @@
                break; // pref-feed-browser
 
                case "publish":
-                       $key = db_escape_string($_GET["key"]);
-                       $limit = (int)db_escape_string($_GET["limit"]);
+                       $key = db_escape_string($_REQUEST["key"]);
+                       $limit = (int)db_escape_string($_REQUEST["limit"]);
 
                        $result = db_query($link, "SELECT login, owner_uid 
                                FROM ttrss_user_prefs, ttrss_users WHERE
@@ -453,15 +453,15 @@
                break; // publish
 
                case "rss":
-                       $feed = db_escape_string($_GET["id"]);
-                       $user = db_escape_string($_GET["user"]);
-                       $pass = db_escape_string($_GET["pass"]);
-                       $is_cat = $_GET["is_cat"] != false;
-                       $limit = (int)db_escape_string($_GET["limit"]);
+                       $feed = db_escape_string($_REQUEST["id"]);
+                       $user = db_escape_string($_REQUEST["user"]);
+                       $pass = db_escape_string($_REQUEST["pass"]);
+                       $is_cat = $_REQUEST["is_cat"] != false;
+                       $limit = (int)db_escape_string($_REQUEST["limit"]);
 
-                       $search = db_escape_string($_GET["q"]);
-                       $match_on = db_escape_string($_GET["m"]);
-                       $search_mode = db_escape_string($_GET["smode"]);
+                       $search = db_escape_string($_REQUEST["q"]);
+                       $match_on = db_escape_string($_REQUEST["m"]);
+                       $search_mode = db_escape_string($_REQUEST["smode"]);
 
                        if (SINGLE_USER_MODE) {
                                authenticate_user($link, "admin", null);
@@ -480,7 +480,7 @@
                break; // rss
 
                case "getUnread":
-                       $login = db_escape_string($_GET["login"]);
+                       $login = db_escape_string($_REQUEST["login"]);
 
                        header("Content-Type: text/plain; charset=utf-8");
 
diff --git a/feedlist.js b/feedlist.js
index f0cb73f77d3215871c0f78302cb05969a0e1247f..008f0297f1f2805ee40e84af344056166f1a9587 100644 (file)
--- a/feedlist.js
+++ b/feedlist.js
@@ -172,7 +172,7 @@ function viewfeed(feed, subop, is_cat, subop_param, skip_history, offset) {
                        toolbar_form.query.value = "";
                }
 
-               var query = "backend.php?op=viewfeed&feed=" + feed + "&" +
+               var query = "?op=viewfeed&feed=" + feed + "&" +
                        toolbar_query + "&subop=" + param_escape(subop);
 
                if ($("search_form")) {
@@ -349,7 +349,8 @@ function viewfeed(feed, subop, is_cat, subop_param, skip_history, offset) {
                                }
                        }
 
-                       new Ajax.Request(query, {
+                       new Ajax.Request("backend.php", {
+                               parameters: query,
                                onComplete: function(transport) { 
                                        headlines_callback2(transport, page_offset); 
                                } });
@@ -392,8 +393,9 @@ function toggleCollapseCat(cat) {
                Effect.toggle('FCATLIST-' + cat, 'blind', { duration: 0.5,
                        afterFinish: toggleCollapseCat_af });
 
-               new Ajax.Request("backend.php?op=feeds&subop=collapse&cid=" + 
-                       param_escape(cat));
+               new Ajax.Request("backend.php", 
+                       { parameters: "backend.php?op=feeds&subop=collapse&cid=" + 
+                               param_escape(cat) } );
 
                local_collapse_cat(cat);
 
@@ -417,12 +419,12 @@ function feedlist_dragsorted(ctr) {
 
                if (ordered_cats.length > 0) {
 
-                       var query = "backend.php?op=feeds&subop=catsort&corder=" + 
+                       var query = "?op=feeds&subop=catsort&corder=" + 
                                param_escape(ordered_cats.toString());
 
                        debug(query);
 
-                       new Ajax.Request(query);
+                       new Ajax.Request("backend.php", { parameters: query });
                }
 
        } catch (e) {
@@ -663,7 +665,7 @@ function request_counters_real() {
 
                debug("requesting counters...");
 
-               var query = "backend.php?op=rpc&subop=getAllCounters";
+               var query = "?op=rpc&subop=getAllCounters";
 
                if (tagsAreDisplayed()) {
                        query = query + "&omode=tl";
@@ -671,7 +673,8 @@ function request_counters_real() {
                        query = query + "&omode=flc";
                }
 
-               new Ajax.Request(query, {
+               new Ajax.Request("backend.php", {
+                       parameters: query,
                        onComplete: function(transport) { 
                                try {
                                        all_counters_callback2(transport, true);
diff --git a/functions.js b/functions.js
index 78569c0743abd1a6e30ecf64a6663215f2ecbd7a..3c7971558e5eecc61fcc5bc262fbb7092b689e2e 100644 (file)
--- a/functions.js
+++ b/functions.js
@@ -1319,10 +1319,11 @@ function displayDlg(id, param) {
 
        disableHotkeys();
 
-       var query = "backend.php?op=dlg&id=" +
+       var query = "?op=dlg&id=" +
                param_escape(id) + "&param=" + param_escape(param);
 
-       new Ajax.Request(query, {
+       new Ajax.Request("backend.php", {
+               parameters: query,
                onComplete: function (transport) {
                        infobox_callback2(transport);
                } });
@@ -1656,9 +1657,10 @@ function filterDlgCheckDate() {
 
                var reg_exp = form.reg_exp.value;
 
-               var query = "backend.php?op=rpc&subop=checkDate&date=" + reg_exp;
+               var query = "?op=rpc&subop=checkDate&date=" + reg_exp;
 
-               new Ajax.Request(query, {
+               new Ajax.Request("backend.php", {
+                       parameters: query,
                        onComplete: function(transport) { 
 
                                var form = document.forms["filter_add_form"];
@@ -1733,7 +1735,7 @@ function openArticleInNewWindow(id) {
        try {
                debug("openArticleInNewWindow: " + id);
 
-               var query = "backend.php?op=rpc&subop=getArticleLink&id=" + id;
+               var query = "?op=rpc&subop=getArticleLink&id=" + id;
                var wname = "ttrss_article_" + id;
 
                debug(query + " " + wname);
@@ -1742,7 +1744,8 @@ function openArticleInNewWindow(id) {
 
                if (!w) notify_error("Failed to open window for the article");
 
-               new Ajax.Request(query, {
+               new Ajax.Request("backend.php", {
+                       parameters: query,
                        onComplete: function(transport) { 
                                open_article_callback(transport); 
                        } });
@@ -1810,10 +1813,11 @@ function labelTest() {
        
                notify_progress("Loading, please wait...");
        
-               var query = "backend.php?op=pref-labels&subop=test&expr=" +
+               var query = "?op=pref-labels&subop=test&expr=" +
                        param_escape(sql_exp) + "&descr=" + param_escape(description);
        
-               new Ajax.Request(query, {
+               new Ajax.Request("backend.php", {
+                       parameters: query,
                        onComplete: function (transport) {
                                labeltest_callback(transport);
                        } });
@@ -2047,7 +2051,7 @@ function getSelectedFeedsFromBrowser() {
 function updateFeedBrowser() {
        try {
 
-               var query = "backend.php?op=rpc&subop=feedBrowser";
+               var query = "?op=rpc&subop=feedBrowser";
 
                var search = $("feed_browser_search");
                var limit = $("feed_browser_limit");
@@ -2064,7 +2068,8 @@ function updateFeedBrowser() {
 
                Element.show('feed_browser_spinner');
 
-               new Ajax.Request(query, {
+               new Ajax.Request("backend.php", {
+                       parameters: query,
                        onComplete: function(transport) { 
                                notify('');
 
@@ -2099,11 +2104,12 @@ function browseFeeds(limit) {
 
        try {
 
-               var query = "backend.php?op=pref-feeds&subop=browse";
+               var query = "?op=pref-feeds&subop=browse";
 
                notify_progress("Loading, please wait...", true);
 
-               new Ajax.Request(query, {
+               new Ajax.Request("backend.php", {
+                       parameters: query,
                        onComplete: function(transport) { 
                                infobox_callback2(transport);
                        } });
diff --git a/functions.php b/functions.php
index 1e73dcc85b3909a2b0ca77279233c136afad6f08..5657e04c95fbba3a49d25d05ae1be6880bde693a 100644 (file)
--- a/functions.php
+++ b/functions.php
@@ -1,6 +1,6 @@
 <?php
 
-/*     if ($_GET["debug"]) {
+/*     if ($_REQUEST["debug"]) {
                define('DEFAULT_ERROR_LEVEL', E_ALL);
        } else {
                define('DEFAULT_ERROR_LEVEL', E_ERROR | E_WARNING | E_PARSE);
@@ -505,11 +505,11 @@
 
        function update_rss_feed($link, $feed_url, $feed, $ignore_daemon = false) {
 
-               if (!$_GET["daemon"] && !$ignore_daemon) {
+               if (!$_REQUEST["daemon"] && !$ignore_daemon) {
                        return false;
                }
 
-               if (defined('DAEMON_EXTENDED_DEBUG') || $_GET['xdebug']) {
+               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
                        _debug("update_rss_feed: start");
                }
 
@@ -534,7 +534,7 @@
                }
 
                if (db_num_rows($result) == 0) {
-                       if (defined('DAEMON_EXTENDED_DEBUG') || $_GET['xdebug']) {
+                       if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
                                _debug("update_rss_feed: feed $feed [$feed_url] NOT FOUND/SKIPPED");
                        }               
                        return false;
@@ -560,7 +560,7 @@
                        $use_simplepie = ENABLE_SIMPLEPIE;
                }
 
-               if (defined('DAEMON_EXTENDED_DEBUG') || $_GET['xdebug']) {
+               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
                        _debug("use simplepie: $use_simplepie (feed setting: $update_method)\n");
                }
 
@@ -588,11 +588,11 @@
 
                }
 
-               if (defined('DAEMON_EXTENDED_DEBUG') || $_GET['xdebug']) {
+               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
                        _debug("update_rss_feed: fetching [$fetch_url]...");
                }
 
-               if (!defined('DAEMON_EXTENDED_DEBUG') && !$_GET['xdebug']) {
+               if (!defined('DAEMON_EXTENDED_DEBUG') && !$_REQUEST['xdebug']) {
                        error_reporting(0);
                }
 
@@ -610,14 +610,14 @@
                        $rss->set_output_encoding('UTF-8');
 
                        if (SIMPLEPIE_CACHE_IMAGES && $cache_images) {
-                               if (defined('DAEMON_EXTENDED_DEBUG') || $_GET['xdebug']) {
+                               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
                                        _debug("enabling image cache");
                                }
 
                                $rss->set_image_handler('./image.php', 'i');
                        }
 
-                       if (defined('DAEMON_EXTENDED_DEBUG') || $_GET['xdebug']) {
+                       if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
                                _debug("feed update interval (sec): " .
                                        get_feed_update_interval($link, $feed)*60);
                        }
@@ -632,7 +632,7 @@
 
 //             print_r($rss);
 
-               if (defined('DAEMON_EXTENDED_DEBUG') || $_GET['xdebug']) {
+               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
                        _debug("update_rss_feed: fetch done, parsing...");
                } else {
                        error_reporting (DEFAULT_ERROR_LEVEL);
@@ -648,7 +648,7 @@
 
                if ($fetch_ok) {
 
-                       if (defined('DAEMON_EXTENDED_DEBUG') || $_GET['xdebug']) {
+                       if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
                                _debug("update_rss_feed: processing feed data...");
                        }
 
@@ -670,7 +670,7 @@
                        }
 
                        if (get_pref($link, 'ENABLE_FEED_ICONS', $owner_uid, false)) {  
-                               if (defined('DAEMON_EXTENDED_DEBUG') || $_GET['xdebug']) {
+                               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
                                        _debug("update_rss_feed: checking favicon...");
                                }
 
@@ -685,7 +685,7 @@
                                        $feed_title = db_escape_string($rss->channel["title"]);
                                }
 
-                               if (defined('DAEMON_EXTENDED_DEBUG') || $_GET['xdebug']) {
+                               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
                                        _debug("update_rss_feed: registering title: $feed_title");
                                }
                                
@@ -716,7 +716,7 @@
                                db_query($link, "UPDATE ttrss_feeds SET icon_url = '$icon_url' WHERE id = '$feed'");
                        }
 
-                       if (defined('DAEMON_EXTENDED_DEBUG') || $_GET['xdebug']) {
+                       if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
                                _debug("update_rss_feed: loading filters...");
                        }
 
@@ -738,7 +738,7 @@
                                // clear any errors and mark feed as updated if fetched okay
                                // even if it's blank
 
-                               if (defined('DAEMON_EXTENDED_DEBUG') || $_GET['xdebug']) {
+                               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
                                        _debug("update_rss_feed: entry iterator is not an array, no articles?");
                                }
 
@@ -748,13 +748,13 @@
                                return; // no articles
                        }
 
-                       if (defined('DAEMON_EXTENDED_DEBUG') || $_GET['xdebug']) {
+                       if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
                                _debug("update_rss_feed: processing articles...");
                        }
 
                        foreach ($iterator as $item) {
 
-                               if ($_GET['xdebug'] == 2) {
+                               if ($_REQUEST['xdebug'] == 2) {
                                        print_r($item);
                                }
 
@@ -772,7 +772,7 @@
                                        if (!$entry_guid) $entry_guid = make_guid_from_title($item["title"]);
                                }
 
-                               if (defined('DAEMON_EXTENDED_DEBUG') || $_GET['xdebug']) {
+                               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
                                        _debug("update_rss_feed: guid $entry_guid");
                                }
 
@@ -802,7 +802,7 @@
 
                                $entry_timestamp_fmt = strftime("%Y/%m/%d %H:%M:%S", $entry_timestamp);
 
-                               if (defined('DAEMON_EXTENDED_DEBUG') || $_GET['xdebug']) {
+                               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
                                        _debug("update_rss_feed: date $entry_timestamp [$entry_timestamp_fmt]");
                                }
 
@@ -820,7 +820,7 @@
                                        if (!$entry_link) $entry_link = $item["link"];
                                }
 
-                               if (defined('DAEMON_EXTENDED_DEBUG') || $_GET['xdebug']) {
+                               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
                                        _debug("update_rss_feed: title $entry_title");
                                }
 
@@ -856,7 +856,7 @@
                                        } 
                                }
 
-                               if ($_GET["xdebug"] == 2) {
+                               if ($_REQUEST["xdebug"] == 2) {
                                        print "update_rss_feed: content: ";
                                        print_r(htmlspecialchars($entry_content));
                                }
@@ -934,7 +934,7 @@
                                                }
                                        }
 
-                                       if (defined('DAEMON_EXTENDED_DEBUG') || $_GET['xdebug']) {
+                                       if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
                                                _debug("update_rss_feed: category tags:");
                                                print_r($additional_tags);
                                        }
@@ -1049,7 +1049,7 @@
                                $entry_content = sanitize_article_content($entry_content);
                                $entry_title = sanitize_article_content($entry_title);
 
-                               if (defined('DAEMON_EXTENDED_DEBUG') || $_GET['xdebug']) {
+                               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
                                        _debug("update_rss_feed: done collecting data [TITLE:$entry_title]");
                                }
 
@@ -1057,7 +1057,7 @@
 
                                if (db_num_rows($result) == 0) {
 
-                                       if (defined('DAEMON_EXTENDED_DEBUG') || $_GET['xdebug']) {
+                                       if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
                                                _debug("update_rss_feed: base guid not found");
                                        }
 
@@ -1116,7 +1116,7 @@
 
                                if (db_num_rows($result) == 1) {
 
-                                       if (defined('DAEMON_EXTENDED_DEBUG') || $_GET['xdebug']) {
+                                       if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
                                                _debug("update_rss_feed: base guid found, checking for user record");
                                        }
 
@@ -1144,7 +1144,7 @@
                                        $article_filters = get_article_filters($filters, $entry_title, 
                                                        $entry_content, $entry_link, $entry_timestamp);
 
-                                       if (defined('DAEMON_EXTENDED_DEBUG') || $_GET['xdebug']) {
+                                       if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
                                                _debug("update_rss_feed: article filters: ");
                                                if (count($article_filters) != 0) {
                                                        print_r($article_filters);
@@ -1160,7 +1160,7 @@
 
                                        $score = calculate_article_score($article_filters);
 
-                                       if (defined('DAEMON_EXTENDED_DEBUG') || $_GET['xdebug']) {
+                                       if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
                                                _debug("update_rss_feed: initial score: $score");
                                        }
 
@@ -1168,14 +1168,14 @@
                                                        ref_id = '$ref_id' AND owner_uid = '$owner_uid'
                                                        $dupcheck_qpart";
 
-//                                     if ($_GET["xdebug"]) print "$query\n";
+//                                     if ($_REQUEST["xdebug"]) print "$query\n";
 
                                        $result = db_query($link, $query);
 
                                        // okay it doesn't exist - create user entry
                                        if (db_num_rows($result) == 0) {
 
-                                               if (defined('DAEMON_EXTENDED_DEBUG') || $_GET['xdebug']) {
+                                               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
                                                        _debug("update_rss_feed: user record not found, creating...");
                                                }
 
@@ -1215,7 +1215,7 @@
                                                        $entry_int_id = db_fetch_result($result, 0, "int_id");
                                                }
                                        } else {
-                                               if (defined('DAEMON_EXTENDED_DEBUG') || $_GET['xdebug']) {
+                                               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
                                                        _debug("update_rss_feed: user record FOUND");
                                                }
 
@@ -1223,7 +1223,7 @@
                                                $entry_int_id = db_fetch_result($result, 0, "int_id");
                                        }
 
-                                       if (defined('DAEMON_EXTENDED_DEBUG') || $_GET['xdebug']) {
+                                       if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
                                                _debug("update_rss_feed: RID: $entry_ref_id, IID: $entry_int_id");
                                        }
 
@@ -1278,18 +1278,18 @@
 
                                db_query($link, "COMMIT");
 
-                               if (defined('DAEMON_EXTENDED_DEBUG') || $_GET['xdebug']) {
+                               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
                                        _debug("update_rss_feed: assigning labels...");
                                }
 
                                assign_article_to_labels($link, $entry_ref_id, $article_filters,
                                        $owner_uid);
 
-                               if (defined('DAEMON_EXTENDED_DEBUG') || $_GET['xdebug']) {
+                               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
                                        _debug("update_rss_feed: looking for enclosures...");
                                }
 
-                               if (defined('DAEMON_EXTENDED_DEBUG') || $_GET['xdebug']) {
+                               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
                                        print_r($enclosures);
                                }
 
@@ -1312,7 +1312,7 @@
 
                                db_query($link, "COMMIT");
 
-                               if (defined('DAEMON_EXTENDED_DEBUG') || $_GET['xdebug']) {
+                               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
                                        _debug("update_rss_feed: looking for tags...");
                                }
 
@@ -1359,7 +1359,7 @@
 
 //                             print "<p>TAGS: "; print_r($entry_tags); print "</p>";
 
-                               if (defined('DAEMON_EXTENDED_DEBUG') || $_GET['xdebug']) {
+                               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
                                        print_r($entry_tags);
                                }
 
@@ -1391,20 +1391,20 @@
                                        db_query($link, "COMMIT");
                                } 
 
-                               if (defined('DAEMON_EXTENDED_DEBUG') || $_GET['xdebug']) {
+                               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
                                        _debug("update_rss_feed: article processed");
                                }
                        } 
 
                        if (!$last_updated) {
-                               if (defined('DAEMON_EXTENDED_DEBUG') || $_GET['xdebug']) {
+                               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
                                        _debug("update_rss_feed: new feed, catching it up...");
                                }
                                catchup_feed($link, $feed, false, $owner_uid);
                        }
 
                        if (!$hidden) {
-                               if (defined('DAEMON_EXTENDED_DEBUG') || $_GET['xdebug']) {
+                               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
                                        _debug("update_rss_feed: updating counters cache...");
                                }
 
@@ -1427,7 +1427,7 @@
                                $error_msg = mb_substr(magpie_error(), 0, 250);
                        }
 
-                       if (defined('DAEMON_EXTENDED_DEBUG') || $_GET['xdebug']) {
+                       if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
                                _debug("update_rss_feed: error fetching feed: $error_msg");
                        }
 
@@ -1442,7 +1442,7 @@
                        unset($rss);
                }
 
-               if (defined('DAEMON_EXTENDED_DEBUG') || $_GET['xdebug']) {
+               if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
                        _debug("update_rss_feed: done");
                }
 
@@ -3520,7 +3520,7 @@
                                        $query_strategy_part ORDER BY $order_by
                                        $limit_query_part $offset_query_part";
 
-                               if ($_GET["debug"]) print $query;
+                               if ($_REQUEST["debug"]) print $query;
 
                                $result = db_query($link, $query);
        
@@ -4339,7 +4339,7 @@
 
                        $result = db_query($link, $query);
 
-                       $actid = $_GET["actid"];
+                       $actid = $_REQUEST["actid"];
        
                        /* real feeds */
        
@@ -4360,7 +4360,7 @@
                                $feed_id = $line["id"];   
                                $unread = $line["unread"];
        
-                               $subop = $_GET["subop"];
+                               $subop = $_REQUEST["subop"];
 
                                if (get_pref($link, 'HEADLINES_SMART_DATE')) {
                                        $last_updated = smart_date_time(strtotime($line["last_updated_noms"]));
@@ -4931,8 +4931,8 @@
                $subop_split = split(":", $subop);
 
                if ($subop == "CatchupSelected") {
-                       $ids = split(",", db_escape_string($_GET["ids"]));
-                       $cmode = sprintf("%d", $_GET["cmode"]);
+                       $ids = split(",", db_escape_string($_REQUEST["ids"]));
+                       $cmode = sprintf("%d", $_REQUEST["cmode"]);
 
                        catchupArticlesById($link, $ids, $cmode);
                }
@@ -4991,14 +4991,14 @@
 
                /// START /////////////////////////////////////////////////////////////////////////////////
 
-               $search = db_escape_string($_GET["query"]);
+               $search = db_escape_string($_REQUEST["query"]);
 
                if ($search) { 
                        $disable_cache = true;
                }
 
-               $search_mode = db_escape_string($_GET["search_mode"]);
-               $match_on = db_escape_string($_GET["match_on"]);
+               $search_mode = db_escape_string($_REQUEST["search_mode"]);
+               $match_on = db_escape_string($_REQUEST["match_on"]);
 
                if (!$match_on) {
                        $match_on = "both";
@@ -5006,12 +5006,12 @@
 
                $real_offset = $offset * $limit;
 
-               if ($_GET["debug"]) $timing_info = print_checkpoint("H0", $timing_info);
+               if ($_REQUEST["debug"]) $timing_info = print_checkpoint("H0", $timing_info);
 
                $qfh_ret = queryFeedHeadlines($link, $feed, $limit, $view_mode, $cat_view, 
                        $search, $search_mode, $match_on, $override_order, $real_offset);
 
-               if ($_GET["debug"]) $timing_info = print_checkpoint("H1", $timing_info);
+               if ($_REQUEST["debug"]) $timing_info = print_checkpoint("H1", $timing_info);
 
                $result = $qfh_ret[0];
                $feed_title = $qfh_ret[1];
diff --git a/manifest.json.php b/manifest.json.php
index 7d3ee7259d963a1e786448beeb8754c54464bc62..066cbd0e80970a54ced766d5244522dde3e1a092 100644 (file)
--- a/manifest.json.php
+++ b/manifest.json.php
@@ -16,7 +16,8 @@
       "images/c1.png",
       "images/c2.png",
       "images/c3.png",
-      "images/c4.png",
+               "images/c4.png",
+               "images/archive.png",
       "images/cat-collapse.png",
       "images/down_arrow.png",
       "images/footer.png",
diff --git a/modules/backend-rpc.php b/modules/backend-rpc.php
index 2d1a8f90b61a7f094946ab0b560664bc08eeab3a..019368685d4738c3bd2c1f26f03cc9d1de7eba68 100644 (file)
--- a/modules/backend-rpc.php
+++ b/modules/backend-rpc.php
@@ -1,7 +1,7 @@
 <?php
        function handle_rpc_request($link) {
 
-               $subop = $_GET["subop"];
+               $subop = $_REQUEST["subop"];
 
                if ($subop == "setpref") {
                        if (WEB_DEMO_MODE) {
@@ -10,8 +10,8 @@
 
                        print "<rpc-reply>";
 
-                       $key = db_escape_string($_GET["key"]);
-                       $value = db_escape_string($_GET["value"]);
+                       $key = db_escape_string($_REQUEST["key"]);
+                       $value = db_escape_string($_REQUEST["value"]);
 
                        set_pref($link, $key, $value);
 
@@ -23,7 +23,7 @@
                }
 
                if ($subop == "getLabelCounters") {
-                       $aid = $_GET["aid"];            
+                       $aid = $_REQUEST["aid"];                
                        print "<rpc-reply>";
                        print "<counters>";
                        getLabelCounters($link);
@@ -50,7 +50,7 @@
                        print "<rpc-reply>";                    
                        print "<counters>";
 
-                       $omode = $_GET["omode"];
+                       $omode = $_REQUEST["omode"];
 
                        getAllCounters($link, $omode);
                        print "</counters>";
@@ -61,8 +61,8 @@
                }
 
                if ($subop == "mark") {
-                       $mark = $_GET["mark"];
-                       $id = db_escape_string($_GET["id"]);
+                       $mark = $_REQUEST["mark"];
+                       $id = db_escape_string($_REQUEST["id"]);
 
                        if ($mark == "1") {
                                $mark = "true";
@@ -87,7 +87,7 @@
                }
 
                if ($subop == "delete") {
-                       $ids = db_escape_string($_GET["ids"]);
+                       $ids = db_escape_string($_REQUEST["ids"]);
 
                        $result = db_query($link, "DELETE FROM ttrss_user_entries                               
                                WHERE ref_id IN ($ids) AND owner_uid = " . $_SESSION["uid"]);
@@ -103,7 +103,7 @@
                }
 
                if ($subop == "unarchive") {
-                       $ids = db_escape_string($_GET["ids"]);
+                       $ids = db_escape_string($_REQUEST["ids"]);
 
                        $result = db_query($link, "UPDATE ttrss_user_entries 
                                SET feed_id = orig_feed_id, orig_feed_id = NULL
@@ -120,7 +120,7 @@
                }
 
                if ($subop == "archive") {
-                       $ids = split(",", db_escape_string($_GET["ids"]));
+                       $ids = split(",", db_escape_string($_REQUEST["ids"]));
 
                        foreach ($ids as $id) {
                                archive_article($link, $id, $_SESSION["uid"]);
@@ -183,7 +183,7 @@
                }
 
                if ($subop == "updateFeed") {
-                       $feed_id = db_escape_string($_GET["feed"]);
+                       $feed_id = db_escape_string($_REQUEST["feed"]);
 
                        $result = db_query($link, 
                                "SELECT feed_url FROM ttrss_feeds WHERE id = '$feed_id'
@@ -205,7 +205,7 @@
 
                if ($subop == "forceUpdateAllFeeds" || $subop == "updateAllFeeds") {
        
-                       $global_unread_caller = sprintf("%d", $_GET["uctr"]);
+                       $global_unread_caller = sprintf("%d", $_REQUEST["uctr"]);
                        $global_unread = getGlobalUnread($link);
 
                        print "<rpc-reply>";
@@ -214,7 +214,7 @@
 
                        if ($global_unread_caller != $global_unread) {
 
-                               $omode = $_GET["omode"];
+                               $omode = $_REQUEST["omode"];
         
                                if (!$omode) $omode = "tflc";
 
@@ -251,7 +251,7 @@
 
                        print "<rpc-reply>";
                        print "<counters>";
-                       getAllCounters($link, $_GET["omode"]);
+                       getAllCounters($link, $_REQUEST["omode"]);
                        print "</counters>";
                        print_runtime_info($link);
                        print "</rpc-reply>";
@@ -261,14 +261,14 @@
 
                if ($subop == "markSelected") {
 
-                       $ids = split(",", db_escape_string($_GET["ids"]));
-                       $cmode = sprintf("%d", $_GET["cmode"]);
+                       $ids = split(",", db_escape_string($_REQUEST["ids"]));
+                       $cmode = sprintf("%d", $_REQUEST["cmode"]);
 
                        markArticlesById($link, $ids, $cmode);
 
                        print "<rpc-reply>";
                        print "<counters>";
-                       getAllCounters($link, $_GET["omode"]);
+                       getAllCounters($link, $_REQUEST["omode"]);
                        print "</counters>";
                        print_runtime_info($link);
                        print "</rpc-reply>";
@@ -278,14 +278,14 @@
 
                if ($subop == "publishSelected") {
 
-                       $ids = split(",", db_escape_string($_GET["ids"]));
-                       $cmode = sprintf("%d", $_GET["cmode"]);
+                       $ids = split(",", db_escape_string($_REQUEST["ids"]));
+                       $cmode = sprintf("%d", $_REQUEST["cmode"]);
 
                        publishArticlesById($link, $ids, $cmode);
 
                        print "<rpc-reply>";
                        print "<counters>";
-                       getAllCounters($link, $_GET["omode"]);
+                       getAllCounters($link, $_REQUEST["omode"]);
                        print "</counters>";
                        print_runtime_info($link);
                        print "</rpc-reply>";
@@ -301,7 +301,7 @@
                                print_runtime_info($link);
 
                                # assign client-passed params to session
-                               $_SESSION["client.userAgent"] = $_GET["ua"];
+                               $_SESSION["client.userAgent"] = $_REQUEST["ua"];
 
                        }
                        print "</rpc-reply>";
@@ -320,7 +320,7 @@
 
                if ($subop == "getArticleLink") {
 
-                       $id = db_escape_string($_GET["id"]);
+                       $id = db_escape_string($_REQUEST["id"]);
 
                        $result = db_query($link, "SELECT link FROM ttrss_entries, ttrss_user_entries
                                WHERE id = '$id' AND id = ref_id AND owner_uid = '".$_SESSION['uid']."'");
@@ -337,9 +337,9 @@
 
                if ($subop == "setArticleTags") {
 
-                       $id = db_escape_string($_GET["id"]);
+                       $id = db_escape_string($_REQUEST["id"]);
 
-                       $tags_str = db_escape_string($_GET["tags_str"]);
+                       $tags_str = db_escape_string($_REQUEST["tags_str"]);
 
                        $tags = array_unique(trim_array(split(",", $tags_str)));
 
@@ -426,8 +426,8 @@
                }
 
                if ($subop == "purge") {
-                       $ids = split(",", db_escape_string($_GET["ids"]));
-                       $days = sprintf("%d", $_GET["days"]);
+                       $ids = split(",", db_escape_string($_REQUEST["ids"]));
+                       $days = sprintf("%d", $_REQUEST["days"]);
 
                        print "<rpc-reply>";
 
diff --git a/modules/help.php b/modules/help.php
index 415870d4597a4c98d8ea900d1b6eadbe3149f1e5..64ec087bb4dd536e7eb758f51edf42c1e025a25f 100644 (file)
--- a/modules/help.php
+++ b/modules/help.php
@@ -1,7 +1,7 @@
 <?php
        function module_help($link) {
 
-               if (!$_GET["noheaders"]) {
+               if (!$_REQUEST["noheaders"]) {
                        print "<html><head>
                                <title>".__('Help')."</title>
                                <link rel=\"stylesheet\" href=\"utility.css\" type=\"text/css\">
@@ -9,7 +9,7 @@
                                </head><body>";
                }
 
-               $tid = sprintf("%d", $_GET["tid"]);
+               $tid = sprintf("%d", $_REQUEST["tid"]);
 
                if (file_exists("help/$tid.php")) {
                        include("help/$tid.php");
@@ -21,7 +21,7 @@
                        onclick=\"javascript:window.close()\" 
                        value=\"".__('Close this window')."\"></div>";
 
-               if (!$_GET["noheaders"]) { 
+               if (!$_REQUEST["noheaders"]) { 
                        print "</body></html>";
                }
        }
diff --git a/modules/popup-dialog.php b/modules/popup-dialog.php
index ab28d17466fb2c1d61e4ea87407c58662c35a475..57237823e21ab0ceadfc7ea3630535217a7a5e0b 100644 (file)
--- a/modules/popup-dialog.php
+++ b/modules/popup-dialog.php
@@ -1,7 +1,7 @@
 <?php
        function module_popup_dialog($link) {
-               $id = $_GET["id"];
-               $param = db_escape_string($_GET["param"]);
+               $id = $_REQUEST["id"];
+               $param = db_escape_string($_REQUEST["param"]);
 
                if ($id == "explainError") {
 
@@ -142,9 +142,9 @@
 
                        print "<form id='search_form'  onsubmit='return false'>";
 
-                       #$active_feed_id = db_escape_string($_GET["param"]);
+                       #$active_feed_id = db_escape_string($_REQUEST["param"]);
 
-                       $params = split(":", db_escape_string($_GET["param"]));
+                       $params = split(":", db_escape_string($_REQUEST["param"]));
 
                        $active_feed_id = sprintf("%d", $params[0]);
                        $is_cat = $params[1] == "true";
@@ -221,7 +221,7 @@
 
                if ($id == "quickAddFilter") {
 
-                       $active_feed_id = db_escape_string($_GET["param"]);
+                       $active_feed_id = db_escape_string($_REQUEST["param"]);
 
                        print "<div id=\"infoBoxTitle\">".__('Create Filter')."</div>";
                        print "<div class=\"infoBoxContents\">";
diff --git a/modules/pref-feeds.php b/modules/pref-feeds.php
index 73fbe807934be270e1c45ef99191f3c84047d503..4c9ed19a9a959ad7cdffccf5fb55337597ed1f44 100644 (file)
--- a/modules/pref-feeds.php
+++ b/modules/pref-feeds.php
@@ -15,7 +15,7 @@
                $quiet = $_REQUEST["quiet"];
 
                if ($subop == "massSubscribe") {
-                       $ids = split(",", db_escape_string($_GET["ids"]));
+                       $ids = split(",", db_escape_string($_REQUEST["ids"]));
 
                        $subscribed = array();
 
@@ -64,7 +64,7 @@
                        
                        print "<div class=\"infoBoxContents\">";
 
-                       $browser_search = db_escape_string($_GET["search"]);
+                       $browser_search = db_escape_string($_REQUEST["search"]);
 
                        //print "<p>".__("Showing top 25 registered feeds, sorted by popularity:")."</p>";
 
@@ -726,7 +726,7 @@
 
                if ($subop == "remove") {
 
-                       $ids = split(",", db_escape_string($_GET["ids"]));
+                       $ids = split(",", db_escape_string($_REQUEST["ids"]));
 
                        foreach ($ids as $id) {
                                remove_feed($link, $id, $_SESSION["uid"]);
@@ -734,12 +734,12 @@
                }
 
                if ($subop == "clear") {
-                       $id = db_escape_string($_GET["id"]);
+                       $id = db_escape_string($_REQUEST["id"]);
                        clear_feed_articles($link, $id);
                }
 
                if ($subop == "rescore") {
-                       $ids = split(",", db_escape_string($_GET["ids"]));
+                       $ids = split(",", db_escape_string($_REQUEST["ids"]));
 
                        foreach ($ids as $id) {
 
@@ -901,9 +901,9 @@
 
                        if (!WEB_DEMO_MODE) {
 
-                               $ids = split(",", db_escape_string($_GET["ids"]));
+                               $ids = split(",", db_escape_string($_REQUEST["ids"]));
 
-                               $cat_id = db_escape_string($_GET["cat_id"]);
+                               $cat_id = db_escape_string($_REQUEST["cat_id"]);
 
                                if ($cat_id == 0) {
                                        $cat_id_qpart = 'NULL';
@@ -938,7 +938,7 @@
                        if ($action == "save") {
 
                                $cat_title = db_escape_string(trim($_REQUEST["value"]));
-                               $cat_id = db_escape_string($_GET["cid"]);
+                               $cat_id = db_escape_string($_REQUEST["cid"]);
 
                                db_query($link, "BEGIN");
 
@@ -977,7 +977,7 @@
 
                                if (!WEB_DEMO_MODE) {
        
-                                       $feed_cat = db_escape_string(trim($_GET["cat"]));
+                                       $feed_cat = db_escape_string(trim($_REQUEST["cat"]));
        
                                        $result = db_query($link,
                                                "SELECT id FROM ttrss_feed_categories
@@ -1000,7 +1000,7 @@
 
                        if ($action == "remove") {
        
-                               $ids = split(",", db_escape_string($_GET["ids"]));
+                               $ids = split(",", db_escape_string($_REQUEST["ids"]));
        
                                foreach ($ids as $id) {
                                        remove_feed_category($link, $id, $_SESSION["uid"]);
@@ -1111,9 +1111,9 @@
                                __('Some feeds have update errors (click for details)')."</a>");
                }
 
-               $feed_search = db_escape_string($_GET["search"]);
+               $feed_search = db_escape_string($_REQUEST["search"]);
 
-               if (array_key_exists("search", $_GET)) {
+               if (array_key_exists("search", $_REQUEST)) {
                        $_SESSION["prefs_feed_search"] = $feed_search;
                } else {
                        $feed_search = $_SESSION["prefs_feed_search"];
@@ -1138,7 +1138,7 @@
                                onclick=\"javascript:browseFeeds()\" value=\"".__('More Feeds')."\">";
                }
 
-               $feeds_sort = db_escape_string($_GET["sort"]);
+               $feeds_sort = db_escape_string($_REQUEST["sort"]);
 
                if (!$feeds_sort || $feeds_sort == "undefined") {
                        $feeds_sort = $_SESSION["pref_sort_feeds"];                     
@@ -1171,7 +1171,7 @@
                $show_last_article_checked = "";
                $show_last_article_qpart = "";
 
-               if ($_GET["slat"] == "true") {
+               if ($_REQUEST["slat"] == "true") {
                        $show_last_article_info = true;
                        $show_last_article_checked = "checked";
                        $show_last_article_qpart = ", (SELECT ".SUBSTRING_FOR_DATE."(MAX(updated),1,16) FROM ttrss_user_entries,
diff --git a/modules/pref-filters.php b/modules/pref-filters.php
index 238ceb151d5c90dcc3069a614ec11bc5692fd5ae..a0760de4e0c6fe155e02c70d4af320882989714e 100644 (file)
--- a/modules/pref-filters.php
+++ b/modules/pref-filters.php
@@ -1,11 +1,11 @@
 <?php
        function module_pref_filters($link) {
-               $subop = $_GET["subop"];
-               $quiet = $_GET["quiet"];
+               $subop = $_REQUEST["subop"];
+               $quiet = $_REQUEST["quiet"];
 
                if ($subop == "edit") {
 
-                       $filter_id = db_escape_string($_GET["id"]);
+                       $filter_id = db_escape_string($_REQUEST["id"]);
 
                        $result = db_query($link, 
                                "SELECT * FROM ttrss_filters WHERE id = '$filter_id' AND owner_uid = " . $_SESSION["uid"]);
@@ -173,18 +173,18 @@
 
                if ($subop == "editSave") {
 
-                       $reg_exp = db_escape_string(trim($_GET["reg_exp"]));
-                       $filter_type = db_escape_string(trim($_GET["filter_type"]));
-                       $filter_id = db_escape_string($_GET["id"]);
-                       $feed_id = db_escape_string($_GET["feed_id"]);
-                       $action_id = db_escape_string($_GET["action_id"]); 
-                       $action_param = db_escape_string($_GET["action_param"]); 
-                       $action_param_label = db_escape_string($_GET["action_param_label"]); 
-                       $enabled = checkbox_to_sql_bool(db_escape_string($_GET["enabled"]));
-                       $inverse = checkbox_to_sql_bool(db_escape_string($_GET["inverse"]));
+                       $reg_exp = db_escape_string(trim($_REQUEST["reg_exp"]));
+                       $filter_type = db_escape_string(trim($_REQUEST["filter_type"]));
+                       $filter_id = db_escape_string($_REQUEST["id"]);
+                       $feed_id = db_escape_string($_REQUEST["feed_id"]);
+                       $action_id = db_escape_string($_REQUEST["action_id"]); 
+                       $action_param = db_escape_string($_REQUEST["action_param"]); 
+                       $action_param_label = db_escape_string($_REQUEST["action_param_label"]); 
+                       $enabled = checkbox_to_sql_bool(db_escape_string($_REQUEST["enabled"]));
+                       $inverse = checkbox_to_sql_bool(db_escape_string($_REQUEST["inverse"]));
 
                        # for the time being, no other filters use params anyway...
-                       $filter_param = db_escape_string($_GET["filter_date_modifier"]);
+                       $filter_param = db_escape_string($_REQUEST["filter_date_modifier"]);
 
                        if (!$feed_id) {
                                $feed_id = 'NULL';
@@ -218,7 +218,7 @@
 
                if ($subop == "remove") {
 
-                       $ids = split(",", db_escape_string($_GET["ids"]));
+                       $ids = split(",", db_escape_string($_REQUEST["ids"]));
 
                        foreach ($ids as $id) {
                                db_query($link, "DELETE FROM ttrss_filters WHERE id = '$id' AND owner_uid = ". $_SESSION["uid"]);
@@ -227,16 +227,16 @@
 
                if ($subop == "add") {
                
-                       $regexp = db_escape_string(trim($_GET["reg_exp"]));
-                       $filter_type = db_escape_string(trim($_GET["filter_type"]));
-                       $feed_id = db_escape_string($_GET["feed_id"]);
-                       $action_id = db_escape_string($_GET["action_id"]); 
-                       $action_param = db_escape_string($_GET["action_param"]); 
-                       $action_param_label = db_escape_string($_GET["action_param_label"]); 
-                       $inverse = checkbox_to_sql_bool(db_escape_string($_GET["inverse"]));
+                       $regexp = db_escape_string(trim($_REQUEST["reg_exp"]));
+                       $filter_type = db_escape_string(trim($_REQUEST["filter_type"]));
+                       $feed_id = db_escape_string($_REQUEST["feed_id"]);
+                       $action_id = db_escape_string($_REQUEST["action_id"]); 
+                       $action_param = db_escape_string($_REQUEST["action_param"]); 
+                       $action_param_label = db_escape_string($_REQUEST["action_param_label"]); 
+                       $inverse = checkbox_to_sql_bool(db_escape_string($_REQUEST["inverse"]));
 
                        # for the time being, no other filters use params anyway...
-                       $filter_param = db_escape_string($_GET["filter_date_modifier"]);
+                       $filter_param = db_escape_string($_REQUEST["filter_date_modifier"]);
 
                        if (!$regexp) return;
 
@@ -271,7 +271,7 @@
 
                set_pref($link, "_PREFS_ACTIVE_TAB", "filterConfig");
 
-               $sort = db_escape_string($_GET["sort"]);
+               $sort = db_escape_string($_REQUEST["sort"]);
 
                if (!$sort || $sort == "undefined") {
                        $sort = "reg_exp";
@@ -290,9 +290,9 @@
                }
 
 
-               $filter_search = db_escape_string($_GET["search"]);
+               $filter_search = db_escape_string($_REQUEST["search"]);
 
-               if (array_key_exists("search", $_GET)) {
+               if (array_key_exists("search", $_REQUEST)) {
                        $_SESSION["prefs_filter_search"] = $filter_search;
                } else {
                        $filter_search = $_SESSION["prefs_filter_search"];
@@ -388,7 +388,7 @@
                                $class = ($lnum % 2) ? "even" : "odd";
        
                                $filter_id = $line["id"];
-                               $edit_filter_id = $_GET["id"];
+                               $edit_filter_id = $_REQUEST["id"];
 
                                $enabled = sql_bool_to_bool($line["enabled"]);
                                $inverse = sql_bool_to_bool($line["inverse"]);
diff --git a/modules/pref-labels.php b/modules/pref-labels.php
index 02e5a2be94ce39317c253f9515b1bca43820a069..e67cb7e3bcd02d7dafff4f13f4d33e98617ccb9e 100644 (file)
--- a/modules/pref-labels.php
+++ b/modules/pref-labels.php
@@ -1,7 +1,7 @@
 <?php
        function module_pref_labels($link) {
 
-               $subop = $_GET["subop"];
+               $subop = $_REQUEST["subop"];
 
                if ($subop == "color-set") {
                        $kind = db_escape_string($_REQUEST["kind"]);
@@ -84,7 +84,7 @@
 
                if ($subop == "remove") {
 
-                       $ids = split(",", db_escape_string($_GET["ids"]));
+                       $ids = split(",", db_escape_string($_REQUEST["ids"]));
 
                        foreach ($ids as $id) {
                                label_remove($link, $id, $_SESSION["uid"]);
@@ -94,7 +94,7 @@
 
                if ($subop == "add") {
 
-                       $caption = db_escape_string($_GET["caption"]);
+                       $caption = db_escape_string($_REQUEST["caption"]);
 
                        if ($caption) {
 
@@ -109,15 +109,15 @@
 
                set_pref($link, "_PREFS_ACTIVE_TAB", "labelConfig");
 
-               $sort = db_escape_string($_GET["sort"]);
+               $sort = db_escape_string($_REQUEST["sort"]);
 
                if (!$sort || $sort == "undefined") {
                        $sort = "caption";
                }
 
-               $label_search = db_escape_string($_GET["search"]);
+               $label_search = db_escape_string($_REQUEST["search"]);
 
-               if (array_key_exists("search", $_GET)) {
+               if (array_key_exists("search", $_REQUEST)) {
                        $_SESSION["prefs_label_search"] = $label_search;
                } else {
                        $label_search = $_SESSION["prefs_label_search"];
diff --git a/modules/pref-prefs.php b/modules/pref-prefs.php
index 3cd557d977564c9eba0f2c39579f3b01240f3f24..8159f0f01282e8006d0f09eec5b8fbf593a153e7 100644 (file)
--- a/modules/pref-prefs.php
+++ b/modules/pref-prefs.php
@@ -120,7 +120,7 @@
 
                } else if ($subop == "getHelp") {
 
-                       $pref_name = db_escape_string($_GET["pn"]);
+                       $pref_name = db_escape_string($_REQUEST["pn"]);
 
                        $result = db_query($link, "SELECT help_text FROM ttrss_prefs
                                WHERE pref_name = '$pref_name'");
diff --git a/modules/pref-users.php b/modules/pref-users.php
index 7a878b18f503b78e453d140ab87818049d106109..6b4df8854e7c72157ff59d77379f97ab1709d685 100644 (file)
--- a/modules/pref-users.php
+++ b/modules/pref-users.php
@@ -12,7 +12,7 @@
 
                if ($subop == "user-details") {
 
-                       $uid = sprintf("%d", $_GET["id"]);
+                       $uid = sprintf("%d", $_REQUEST["id"]);
 
                        print "<div id=\"infoBoxTitle\">".__('User details')."</div>";
 
@@ -103,7 +103,7 @@
 
                if ($subop == "edit") {
 
-                       $id = db_escape_string($_GET["id"]);
+                       $id = db_escape_string($_REQUEST["id"]);
 
                        print "<div id=\"infoBoxTitle\">".__('User Editor')."</div>";
                        
@@ -213,7 +213,7 @@
 
                        if ($_SESSION["access_level"] >= 10) {
 
-                               $ids = split(",", db_escape_string($_GET["ids"]));
+                               $ids = split(",", db_escape_string($_REQUEST["ids"]));
 
                                foreach ($ids as $id) {
                                        if ($id != $_SESSION["uid"]) {
@@ -227,7 +227,7 @@
                
                        if ($_SESSION["access_level"] >= 10) {
 
-                               $login = db_escape_string(trim($_GET["login"]));
+                               $login = db_escape_string(trim($_REQUEST["login"]));
                                $tmp_user_pwd = make_password(8);
                                $pwd_hash = encrypt_password($tmp_user_pwd, $login);
 
@@ -266,7 +266,7 @@
 
                        if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
 
-                               $uid = db_escape_string($_GET["id"]);
+                               $uid = db_escape_string($_REQUEST["id"]);
 
                                $result = db_query($link, "SELECT login,email 
                                        FROM ttrss_users WHERE id = '$uid'");
@@ -346,9 +346,9 @@
 
                set_pref($link, "_PREFS_ACTIVE_TAB", "userConfig");
 
-               $user_search = db_escape_string($_GET["search"]);
+               $user_search = db_escape_string($_REQUEST["search"]);
 
-               if (array_key_exists("search", $_GET)) {
+               if (array_key_exists("search", $_REQUEST)) {
                        $_SESSION["prefs_user_search"] = $user_search;
                } else {
                        $user_search = $_SESSION["prefs_user_search"];
@@ -363,7 +363,7 @@
                                onclick=\"javascript:updateUsersList()\" value=\"".__('Search')."\">
                        </div>";
 
-               $sort = db_escape_string($_GET["sort"]);
+               $sort = db_escape_string($_REQUEST["sort"]);
 
                if (!$sort || $sort == "undefined") {
                        $sort = "login";
@@ -427,7 +427,7 @@
                        $class = ($lnum % 2) ? "even" : "odd";
 
                        $uid = $line["id"];
-                       $edit_uid = $_GET["id"];
+                       $edit_uid = $_REQUEST["id"];
 
                        if ($subop == "edit" && $uid != $edit_uid) {
                                $class .= "Grayed";
diff --git a/offline.js b/offline.js
index f62bd46b9b76ee52178eb2e6c6f10aef5f0647a2..2650515f149f2f80bc54479cf56e3cdc8234757e 100644 (file)
--- a/offline.js
+++ b/offline.js
@@ -854,7 +854,7 @@ function update_offline_data(stage) {
 
                if (!db || offline_mode || getInitParam("offline_enabled") != "1") return;
 
-               var query = "backend.php?op=rpc&subop=download";
+               var query = "?op=rpc&subop=download";
                
                var rs = db.execute("SELECT MAX(id), MIN(id) FROM articles");
 
@@ -877,10 +877,10 @@ function update_offline_data(stage) {
                var to_sync = prepare_local_sync_data();
 
                if (to_sync != "") {
-                       to_sync = "?sync=" + param_escape(to_sync);
+                       to_sync = "&sync=" + param_escape(to_sync);
                }
 
-               debug(query + "/" + to_sync);
+               query = query + to_sync;
 
                var pic = $("offlineModePic");
 
@@ -896,8 +896,10 @@ function update_offline_data(stage) {
 
                sync_in_progress = true;
 
-               new Ajax.Request(query, {
-                       parameters: to_sync,
+               debug(query);
+
+               new Ajax.Request("backend.php", {
+                       parameters: query,
                        onComplete: function(transport) { 
                                offline_download_parse(stage, transport);                               
                        } });
diff --git a/prefs.js b/prefs.js
index 8c0d2fbe19c9d7478fa554d3e4637b506fe34f47..20277a462793638ed21ad264e89067fd3445500a 100644 (file)
--- a/prefs.js
+++ b/prefs.js
@@ -226,12 +226,13 @@ function updateFeedList(sort_key) {
                slat_checked = slat.checked;
        }
 
-       var query = "backend.php?op=pref-feeds" +
+       var query = "?op=pref-feeds" +
                "&sort=" + param_escape(sort_key) + 
                "&slat=" + param_escape(slat_checked) +
                "&search=" + param_escape(search);
 
-       new Ajax.Request(query, {
+       new Ajax.Request("backend.php", {
+               parameters: query,
                onComplete: function(transport) { 
                        feedlist_callback2(transport); 
                } });
@@ -248,11 +249,12 @@ function updateUsersList(sort_key) {
                var search = "";
                if (user_search) { search = user_search.value; }
        
-               var query = "backend.php?op=pref-users&sort="
+               var query = "?op=pref-users&sort="
                        + param_escape(sort_key) +
                        "&search=" + param_escape(search);
        
-               new Ajax.Request(query, {
+               new Ajax.Request("backend.php", {
+                       parameters: query,
                        onComplete: function(transport) { 
                                userlist_callback2(transport); 
                        } });
@@ -280,10 +282,11 @@ function addLabel() {
                // we can be called from some other tab
                active_tab = "labelConfig";
        
-               query = "backend.php?op=pref-labels&subop=add&caption=" + 
+               query = "?op=pref-labels&subop=add&caption=" + 
                        param_escape(caption);
        
-               new Ajax.Request(query, {
+               new Ajax.Request("backend.php", {
+                       parameters: query,
                        onComplete: function(transport) {
                                        infobox_submit_callback2(transport);
                                } });
@@ -306,10 +309,11 @@ function addFeed() {
                } else {
                        notify_progress("Adding feed...");
        
-                       var query = "backend.php?op=pref-feeds&subop=add&from=tt-rss&feed_url=" +
+                       var query = "?op=pref-feeds&subop=add&from=tt-rss&feed_url=" +
                                param_escape(link.value);
        
-                       new Ajax.Request(query, {
+                       new Ajax.Request("backend.php", {
+                               parameters: query,
                                onComplete: function(transport) {
                                                feedlist_callback2(transport);
                                        } });
@@ -333,10 +337,11 @@ function addFeedCat() {
        } else {
                notify_progress("Adding feed category...");
 
-               var query = "backend.php?op=pref-feeds&subop=editCats&action=add&cat=" +
+               var query = "?op=pref-feeds&subop=editCats&action=add&cat=" +
                        param_escape(cat.value);
 
-               new Ajax.Request(query, {
+               new Ajax.Request("backend.php", {
+                       parameters: query,
                        onComplete: function(transport) {
                                        infobox_feed_cat_callback2(transport);
                                } });
@@ -363,10 +368,11 @@ function addUser() {
        
                notify_progress("Adding user...");
        
-               var query = "backend.php?op=pref-users&subop=add&login=" +
+               var query = "?op=pref-users&subop=add&login=" +
                        param_escape(login);
                                
-               new Ajax.Request(query, {
+               new Ajax.Request("backend.php", {
+                       parameters: query,
                        onComplete: function(transport) { 
                                userlist_callback2(transport); 
                        } });
@@ -389,10 +395,11 @@ function editUser(id) {
 
                disableContainerChildren("userOpToolbar", false);
 
-               var query = "backend.php?op=pref-users&subop=edit&id=" +
+               var query = "?op=pref-users&subop=edit&id=" +
                        param_escape(id);
 
-               new Ajax.Request(query, {
+               new Ajax.Request("backend.php", {
+                       parameters: query,
                        onComplete: function(transport) {
                                        infobox_callback2(transport);
                                } });
@@ -416,10 +423,11 @@ function editFilter(id) {
                selectTableRowsByIdPrefix('prefFilterList', 'FILRR-', 'FICHK-', false);
                selectTableRowById('FILRR-'+id, 'FICHK-'+id, true);
 
-               var query = "backend.php?op=pref-filters&subop=edit&id=" + 
+               var query = "?op=pref-filters&subop=edit&id=" + 
                        param_escape(id);
 
-               new Ajax.Request(query, {
+               new Ajax.Request("backend.php", {
+                       parameters: query,
                        onComplete: function(transport) {
                                        infobox_callback2(transport);
                                } });
@@ -442,10 +450,11 @@ function editFeed(feed) {
        
                disableContainerChildren("feedOpToolbar", false);
        
-               var query = "backend.php?op=pref-feeds&subop=editfeed&id=" +
+               var query = "?op=pref-feeds&subop=editfeed&id=" +
                        param_escape(feed);
        
-               new Ajax.Request(query, {
+               new Ajax.Request("backend.php", {
+                       parameters: query,
                        onComplete: function(transport) {
                                        infobox_callback2(transport);
                                } });
@@ -487,10 +496,11 @@ function removeSelectedLabels() {
                if (ok) {
                        notify_progress("Removing selected labels...");
        
-                       var query = "backend.php?op=pref-labels&subop=remove&ids="+
+                       var query = "?op=pref-labels&subop=remove&ids="+
                                param_escape(sel_rows.toString());
 
-                       new Ajax.Request(query, {
+                       new Ajax.Request("backend.php", {
+                               parameters: query,
                                onComplete: function(transport) {
                                                labellist_callback2(transport);
                                        } });
@@ -516,10 +526,11 @@ function removeSelectedUsers() {
                        if (ok) {
                                notify_progress("Removing selected users...");
                
-                               var query = "backend.php?op=pref-users&subop=remove&ids="+
+                               var query = "?op=pref-users&subop=remove&ids="+
                                        param_escape(sel_rows.toString());
        
-                               new Ajax.Request(query, {
+                               new Ajax.Request("backend.php", {
+                                       parameters: query,
                                        onComplete: function(transport) { 
                                                userlist_callback2(transport); 
                                        } });
@@ -550,10 +561,11 @@ function removeSelectedFilters() {
                        if (ok) {
                                notify_progress("Removing selected filters...");
                
-                               var query = "backend.php?op=pref-filters&subop=remove&ids="+
+                               var query = "?op=pref-filters&subop=remove&ids="+
                                        param_escape(sel_rows.toString());
        
-                               new Ajax.Request(query, {
+                               new Ajax.Request("backend.php", {
+                                               parameters: query,
                                                onComplete: function(transport) {
                                                                filterlist_callback2(transport);
                                        } });
@@ -585,10 +597,11 @@ function removeSelectedFeeds() {
        
                                notify_progress("Unsubscribing from selected feeds...");
                
-                               var query = "backend.php?op=pref-feeds&subop=remove&ids="+
+                               var query = "?op=pref-feeds&subop=remove&ids="+
                                        param_escape(sel_rows.toString());
        
-                               new Ajax.Request(query, {
+                               new Ajax.Request("backend.php", {
+                                       parameters: query,
                                        onComplete: function(transport) {
                                                        feedlist_callback2(transport);
                                                } });
@@ -643,12 +656,13 @@ function purgeSelectedFeeds() {
                if (pr != undefined) {
                        notify_progress("Purging selected feed...");
 
-                       var query = "backend.php?op=rpc&subop=purge&ids="+
+                       var query = "?op=rpc&subop=purge&ids="+
                                param_escape(sel_rows.toString()) + "&days=" + pr;
 
                        debug(query);
 
-                       new Ajax.Request(query, {
+                       new Ajax.Request("prefs.php",   {
+                               parameters: query,
                                onComplete: function(transport) {
                                        notify('');
                                } });
@@ -674,10 +688,11 @@ function removeSelectedFeedCats() {
                if (ok) {
                        notify_progress("Removing selected categories...");
        
-                       var query = "backend.php?op=pref-feeds&subop=editCats&action=remove&ids="+
+                       var query = "?op=pref-feeds&subop=editCats&action=remove&ids="+
                                param_escape(sel_rows.toString());
 
-                       new Ajax.Request(query, {
+                       new Ajax.Request("backend.php", {
+                               parameters: query,
                                onComplete: function(transport) {
                                        infobox_feed_cat_callback2(transport);
                                } });
@@ -792,13 +807,14 @@ function filterEditSave() {
 
                notify_progress("Saving filter...");
        
-               var query = "backend.php?" + Form.serialize("filter_edit_form");
+               var query = "?" + Form.serialize("filter_edit_form");
        
                closeInfoBox();
        
                $("create_filter_btn").disabled = false;
 
-               new Ajax.Request(query, {
+               new Ajax.Request("backend.php", {
+                               parameters: query,
                                onComplete: function(transport) {
                                                filterlist_callback2(transport);
                        } });
@@ -852,10 +868,11 @@ function resetSelectedUserPass() {
                
                        var id = rows[0];
                
-                       var query = "backend.php?op=pref-users&subop=resetPass&id=" +
+                       var query = "?op=pref-users&subop=resetPass&id=" +
                                param_escape(id);
        
-                       new Ajax.Request(query, {
+                       new Ajax.Request("backend.php", {
+                               parameters: query,
                                onComplete: function(transport) { 
                                        userlist_callback2(transport); 
                                } });
@@ -887,9 +904,10 @@ function selectedUserDetails() {
        
                var id = rows[0];
        
-               var query = "backend.php?op=pref-users&subop=user-details&id=" + id;
+               var query = "?op=pref-users&subop=user-details&id=" + id;
 
-               new Ajax.Request(query, {
+               new Ajax.Request("backend.php", {
+                       parameters: query,
                        onComplete: function(transport) {
                                        infobox_callback2(transport);
                                } });
@@ -954,10 +972,11 @@ function editSelectedFeeds() {
        
                notify_progress("Loading, please wait...");
        
-               var query = "backend.php?op=pref-feeds&subop=editfeeds&ids=" +
+               var query = "?op=pref-feeds&subop=editfeeds&ids=" +
                        param_escape(rows.toString());
 
-               new Ajax.Request(query, {
+               new Ajax.Request("backend.php", {
+                       parameters: query,
                        onComplete: function(transport) {
                                        infobox_callback2(transport);
                                } });
@@ -998,11 +1017,12 @@ function updateFilterList(sort_key) {
                var search = "";
                if (filter_search) { search = filter_search.value; }
        
-               var query = "backend.php?op=pref-filters&sort=" + 
+               var query = "?op=pref-filters&sort=" + 
                        param_escape(sort_key) + 
                        "&search=" + param_escape(search);
 
-               new Ajax.Request(query, {
+               new Ajax.Request("backend.php", {
+                               parameters: query,
                                onComplete: function(transport) {
                                                filterlist_callback2(transport);
                        } });
@@ -1021,11 +1041,12 @@ function updateLabelList(sort_key) {
                var search = "";
                if (label_search) { search = label_search.value; }
        
-               var query = "backend.php?op=pref-labels&sort=" + 
+               var query = "?op=pref-labels&sort=" + 
                        param_escape(sort_key) +
                        "&search=" + param_escape(search);
        
-               new Ajax.Request(query, {
+               new Ajax.Request("backend.php", {
+                       parameters: query,
                        onComplete: function(transport) {
                                labellist_callback2(transport);
                        } });
@@ -1037,9 +1058,10 @@ function updateLabelList(sort_key) {
 
 function updatePrefsList() {
 
-       var query = "backend.php?op=pref-prefs";
+       var query = "?op=pref-prefs";
 
-       new Ajax.Request(query, {
+       new Ajax.Request("backend.php", {
+               parameters: query,
                onComplete: function(transport) { 
                        prefslist_callback2(transport); 
                } });
@@ -1224,9 +1246,10 @@ function init() {
 
                loading_set_progress(30);
 
-               var query = "backend.php?op=rpc&subop=sanityCheck";
+               var query = "?op=rpc&subop=sanityCheck";
 
-               new Ajax.Request(query, {
+               new Ajax.Request("backend.php", {
+                       parameters: query,
                        onComplete: function(transport) { 
                                backend_sanity_check_callback2(transport);
                        } });
@@ -1247,10 +1270,11 @@ function categorizeSelectedFeeds() {
 
                notify_progress("Changing category of selected feeds...");
 
-               var query = "backend.php?op=pref-feeds&subop=categorize&ids="+
+               var query = "?op=pref-feeds&subop=categorize&ids="+
                        param_escape(sel_rows.toString()) + "&cat_id=" + param_escape(cat_id);
 
-               new Ajax.Request(query, {
+               new Ajax.Request("backend.php", {
+                       parameters: query,
                        onComplete: function(transport) { 
                                feedlist_callback2(transport); 
                        } });
@@ -1297,10 +1321,11 @@ function feedBrowserSubscribe() {
                if (selected.length > 0) {
                        closeInfoBox();
 
-                       var query = "backend.php?op=pref-feeds&subop=massSubscribe&ids="+
+                       var query = "?op=pref-feeds&subop=massSubscribe&ids="+
                                param_escape(selected.toString());
 
-                       new Ajax.Request(query, {
+                       new Ajax.Request("backend.php", {
+                               parameters: query,
                                onComplete: function(transport) { 
                                        feedlist_callback2(transport); 
                                } });
@@ -1609,9 +1634,10 @@ function editFeedCats() {
                        // this button is not always available, no-op if not found
                }
        
-               var query = "backend.php?op=pref-feeds&subop=editCats";
+               var query = "?op=pref-feeds&subop=editCats";
 
-               new Ajax.Request(query, {
+               new Ajax.Request("backend.php", {
+                       parameters: query,
                        onComplete: function(transport) {
                                infobox_feed_cat_callback2(transport);
                        } });
@@ -1711,9 +1737,10 @@ function pubRegenKey() {
 
                notify_progress("Trying to change address...");
 
-               var query = "backend.php?op=rpc&subop=regenPubKey";
+               var query = "?op=rpc&subop=regenPubKey";
 
-               new Ajax.Request(query, {
+               new Ajax.Request("backend.php", {
+                       parameters: query,
                        onComplete: function(transport) {
                                        replace_pubkey_callback(transport);
                                } });
@@ -1804,9 +1831,10 @@ function clearFeedArticles(feed_id) {
 
        notify_progress("Clearing feed...");
 
-       var query = "backend.php?op=pref-feeds&quiet=1&subop=clear&id=" + feed_id;
+       var query = "?op=pref-feeds&quiet=1&subop=clear&id=" + feed_id;
 
-       new Ajax.Request(query, {
+       new Ajax.Request("backend.php", {
+               parameters: query,
                onComplete: function(transport) {
                                notify('');
                        } });
@@ -1826,10 +1854,11 @@ function rescoreSelectedFeeds() {
                if (ok) {
                        notify_progress("Rescoring selected feeds...", true);
        
-                       var query = "backend.php?op=pref-feeds&subop=rescore&quiet=1&ids="+
+                       var query = "?op=pref-feeds&subop=rescore&quiet=1&ids="+
                                param_escape(sel_rows.toString());
 
-                       new Ajax.Request(query, {
+                       new Ajax.Request("backend.php", {
+                               parameters: query,
                                onComplete: function(transport) {
                                                notify_callback2(transport);
                        } });
@@ -1848,9 +1877,10 @@ function rescore_all_feeds() {
        if (ok) {
                notify_progress("Rescoring feeds...", true);
 
-               var query = "backend.php?op=pref-feeds&subop=rescoreAll&quiet=1";
+               var query = "?op=pref-feeds&subop=rescoreAll&quiet=1";
 
-               new Ajax.Request(query, {
+               new Ajax.Request("backend.php", {
+                       parameters: query,
                        onComplete: function(transport) {
                                        notify_callback2(transport);
                } });
@@ -1870,10 +1900,11 @@ function removeFilter(id, title) {
        
                        notify_progress("Removing filter...");
                
-                       var query = "backend.php?op=pref-filters&subop=remove&ids="+
+                       var query = "?op=pref-filters&subop=remove&ids="+
                                param_escape(id);
 
-                       new Ajax.Request(query, {
+                       new Ajax.Request("backend.php", {
+                               parameters: query,
                                onComplete: function(transport) {
                                                filterlist_callback2(transport);
                        } });
@@ -1900,10 +1931,11 @@ function unsubscribeFeed(id, title) {
        
                        notify_progress("Removing feed...");
                
-                       var query = "backend.php?op=pref-feeds&subop=remove&ids="+
+                       var query = "?op=pref-feeds&subop=remove&ids="+
                                param_escape(id);
        
-                       new Ajax.Request(query, {
+                       new Ajax.Request("backend.php", {
+                                       parameters: query,
                                        onComplete: function(transport) {
                                                        feedlist_callback2(transport);
                                } });
@@ -2009,10 +2041,11 @@ function labelColorReset() {
 
                if (ok) {
 
-                       var query = "backend.php?op=pref-labels&subop=color-reset&ids="+
+                       var query = "?op=pref-labels&subop=color-reset&ids="+
                                param_escape(labels.toString());
 
-                       new Ajax.Request(query, {
+                       new Ajax.Request("backend.php", {
+                               parameters: query,
                                onComplete: function(transport) {
                                                labellist_callback2(transport);
                                        } });
@@ -2036,7 +2069,7 @@ function labelColorAsk(id, kind) {
 
                if (p != null) {
 
-                       var query = "backend.php?op=pref-labels&subop=color-set&kind=" + kind +
+                       var query = "?op=pref-labels&subop=color-set&kind=" + kind +
                                "&ids="+        param_escape(id) + "&color=" + param_escape(p);
 
                        selectPrefRows('label', false);
@@ -2051,7 +2084,7 @@ function labelColorAsk(id, kind) {
                                }
                        }
 
-                       new Ajax.Request(query);
+                       new Ajax.Request("backend.php", { parameters: query });
                }
 
        } catch (e) {
@@ -2092,7 +2125,7 @@ function colorPickerHideAll() {
 function colorPickerDo(id, fg, bg) {
        try {
 
-               var query = "backend.php?op=pref-labels&subop=color-set&kind=both"+
+               var query = "?op=pref-labels&subop=color-set&kind=both"+
                        "&ids=" + param_escape(id) + "&fg=" + param_escape(fg) + 
                        "&bg=" + param_escape(bg);
 
@@ -2103,7 +2136,7 @@ function colorPickerDo(id, fg, bg) {
                        e.style.backgroundColor = bg;
                }
 
-               new Ajax.Request(query);
+               new Ajax.Request("backend.php", { parameters: query });
 
        } catch (e) {
                exception_error("colorPickerDo", e);
diff --git a/tt-rss.js b/tt-rss.js
index 86b4e564478cbbc5748722e5bbcd2f0a42e90fa6..82472729138534a40f1b52d78e100e7fd210e798 100644 (file)
--- a/tt-rss.js
+++ b/tt-rss.js
@@ -229,7 +229,8 @@ function scheduleFeedUpdate(force) {
 
        debug("REFETCH query: " + query_str);
 
-       new Ajax.Request(query_str, {
+       new Ajax.Request("backend.php", {
+               parameters: query_str,
                onComplete: function(transport) { 
                                refetch_callback2(transport); 
                        } });
@@ -266,7 +267,8 @@ function updateFeedList(silent, fetch) {
 
        debug("updateFeedList Q=" + query_str);
 
-       new Ajax.Request(query_str, {
+       new Ajax.Request("backend.php", {
+               parameters: query_str,
                onComplete: function(transport) { 
                        feedlist_callback2(transport); 
                } });
@@ -285,7 +287,8 @@ function catchupAllFeeds() {
 
                debug("catchupAllFeeds Q=" + query_str);
 
-               new Ajax.Request(query_str, {
+               new Ajax.Request("backend.php", {
+                       parameters: query_str,
                        onComplete: function(transport) { 
                                feedlist_callback2(transport); 
                        } });
@@ -401,7 +404,8 @@ function init() {
 
                loading_set_progress(30);
 
-               new Ajax.Request("backend.php?op=rpc&subop=sanityCheck" + params,       {
+               new Ajax.Request("backend.php", {
+                       parameters: "backend.php?op=rpc&subop=sanityCheck" + params,
                        onComplete: function(transport) {
                                        backend_sanity_check_callback(transport);
                                } });
@@ -677,11 +681,12 @@ function quickMenuGo(opid) {
 
                        if (confirm(__("Reset category order?"))) {
 
-                               var query = "backend.php?op=feeds&subop=catsortreset";
+                               var query = "?op=feeds&subop=catsortreset";
 
                                notify_progress("Loading, please wait...", true);
 
-                               new Ajax.Request(query, {
+                               new Ajax.Request("backend.php", {
+                                       parameters: query,
                                        onComplete: function(transport) { 
                                                window.setTimeout('updateFeedList(false, false)', 50);
                                        } });
@@ -701,9 +706,10 @@ function unsubscribeFeed(feed_id, title) {
        if (title == undefined || confirm(msg)) {
                notify_progress("Removing feed...");
 
-               var query = "backend.php?op=pref-feeds&quiet=1&subop=remove&ids=" + feed_id;
+               var query = "?op=pref-feeds&quiet=1&subop=remove&ids=" + feed_id;
 
-               new Ajax.Request(query, {
+               new Ajax.Request("backend.php", {
+                       parameters: query,
                        onComplete: function(transport) {
                                        dlg_frefresh_callback(transport, feed_id);
                                } });
@@ -840,16 +846,17 @@ function editFeedDlg(feed) {
                var query = "";
        
                if (feed > 0) {
-                       query = "backend.php?op=pref-feeds&subop=editfeed&id=" +        param_escape(feed);
+                       query = "?op=pref-feeds&subop=editfeed&id=" +   param_escape(feed);
                } else {
-                       query = "backend.php?op=pref-labels&subop=edit&id=" +   param_escape(-feed-11);
+                       query = "?op=pref-labels&subop=edit&id=" +      param_escape(-feed-11);
                }
 
                disableHotkeys();
 
                notify_progress("Loading, please wait...", true);
 
-               new Ajax.Request(query, {
+               new Ajax.Request("backend.php", {
+                       parameters: query,
                        onComplete: function(transport) { 
                                infobox_callback2(transport); 
                        } });
@@ -897,9 +904,10 @@ function clearFeedArticles(feed_id) {
 
        notify_progress("Clearing feed...");
 
-       var query = "backend.php?op=pref-feeds&quiet=1&subop=clear&id=" + feed_id;
+       var query = "?op=pref-feeds&quiet=1&subop=clear&id=" + feed_id;
 
-       new Ajax.Request(query, {
+       new Ajax.Request("backend.php", {
+               parameters: query,
                onComplete: function(transport) {
                                dlg_frefresh_callback(transport, feed_id);
                        } });
@@ -941,9 +949,9 @@ function collapse_feedlist() {
                                if (fc) fc.style.left = fl.offsetWidth + 40 + "px";
                        }
 
-                       query = "backend.php?op=rpc&subop=setpref&key=_COLLAPSED_FEEDLIST&value=false";
+                       query = "?op=rpc&subop=setpref&key=_COLLAPSED_FEEDLIST&value=false";
 
-                       new Ajax.Request(query);
+                       new Ajax.Request("backend.php", { parameters: query });
 
                } else {
                        Element.hide(fl);
@@ -965,9 +973,9 @@ function collapse_feedlist() {
 
                        }
 
-                       query = "backend.php?op=rpc&subop=setpref&key=_COLLAPSED_FEEDLIST&value=true";
+                       query = "?op=rpc&subop=setpref&key=_COLLAPSED_FEEDLIST&value=true";
 
-                       new Ajax.Request(query);
+                       new Ajax.Request("backend.php", { parameters: query });
 
                }
        } catch (e) {
@@ -991,9 +999,10 @@ function viewLimitChanged() {
                var pr = prompt(__("Assign score to article:"), score);
 
                if (pr != undefined) {
-                       var query = "backend.php?op=rpc&subop=setScore&id=" + id + "&score=" + pr;
+                       var query = "?op=rpc&subop=setScore&id=" + id + "&score=" + pr;
 
-                       new Ajax.Request(query, {
+                       new Ajax.Request("backend.php", {
+                       parameters: query,
                        onComplete: function(transport) {
                                        viewCurrentFeed();
                                } });
@@ -1024,12 +1033,13 @@ function rescoreCurrentFeed() {
        if (confirm(pr)) {
                notify_progress("Rescoring articles...");
 
-               var query = "backend.php?op=pref-feeds&subop=rescore&quiet=1&ids=" + actid;
+               var query = "?op=pref-feeds&subop=rescore&quiet=1&ids=" + actid;
 
-               new Ajax.Request(query, {
-               onComplete: function(transport) {
-                       viewCurrentFeed();
-               } });
+               new Ajax.Request("backend.php", {
+                       parameters: query,
+                       onComplete: function(transport) {
+                               viewCurrentFeed();
+                       } });
        }
 }
 
@@ -1456,12 +1466,13 @@ function addLabel() {
                                return false;
                        }
 
-                       var query = "backend.php?op=pref-labels&subop=add&caption=" + 
+                       var query = "?op=pref-labels&subop=add&caption=" + 
                                param_escape(caption);
 
                        notify_progress("Loading, please wait...", true);
 
-                       new Ajax.Request(query, {
+                       new Ajax.Request("backend.php", {
+                               parameters: query,
                                onComplete: function(transport) { 
                                        updateFeedList();
                        } });
@@ -1491,7 +1502,8 @@ function feedBrowserSubscribe() {
                        var query =  "backend.php?op=pref-feeds&subop=massSubscribe&ids="+
                                param_escape(selected.toString());
 
-                       new Ajax.Request(query, {
+                       new Ajax.Request("backend.php", {
+                               parameters: query,
                                onComplete: function(transport) { 
                                        updateFeedList();
                                } });
diff --git a/viewfeed.js b/viewfeed.js
index d7962042170a25da00bba3f1f7e118649ef8a2cd..d0c325d2d7445d79184d7987208b3c0e0033ab6f 100644 (file)
--- a/viewfeed.js
+++ b/viewfeed.js
@@ -474,7 +474,7 @@ function view(id, feed_id) {
 
                //setActiveFeedId(feed_id);
 
-               var query = "backend.php?op=view&id=" + param_escape(id) +
+               var query = "?op=view&id=" + param_escape(id) +
                        "&feed=" + param_escape(feed_id);
 
                var date = new Date();
@@ -556,7 +556,8 @@ function view(id, feed_id) {
 
                last_requested_article = id;
 
-               new Ajax.Request(query, {
+               new Ajax.Request("backend.php", {
+                       parameters: query,
                        onComplete: function(transport) { 
                                article_callback2(transport, id, feed_id); 
                        } });
@@ -614,7 +615,7 @@ function toggleMark(id, client_only, no_effects) {
 
        try {
 
-               var query = "backend.php?op=rpc&id=" + id + "&subop=mark";
+               var query = "?op=rpc&id=" + id + "&subop=mark";
        
                query = query + "&afid=" + getActiveFeedId();
        
@@ -663,7 +664,8 @@ function toggleMark(id, client_only, no_effects) {
                if (!client_only) {
                        debug(query);
 
-                       new Ajax.Request(query, {
+                       new Ajax.Request("backend.php", {
+                               parameters: query,
                                onComplete: function(transport) { 
                                        all_counters_callback2(transport); 
                                } });
@@ -679,7 +681,7 @@ function togglePub(id, client_only, no_effects, note) {
 
        try {
 
-               var query = "backend.php?op=rpc&id=" + id + "&subop=publ";
+               var query = "?op=rpc&id=" + id + "&subop=publ";
        
                query = query + "&afid=" + getActiveFeedId();
 
@@ -721,7 +723,8 @@ function togglePub(id, client_only, no_effects, note) {
                }
 
                if (!client_only) {
-                       new Ajax.Request(query, {
+                       new Ajax.Request("backend.php", {
+                               parameters: query,
                                onComplete: function(transport) { 
                                        toggle_published_callback(transport); 
                                } });
@@ -946,15 +949,13 @@ function toggleUnread(id, cmode, effect) {
 
                        if (cmode == undefined) cmode = 2;
 
-                       var query = "backend.php?op=rpc&subop=catchupSelected" +
-                               "&cmode=" + param_escape(cmode);
-
-                       var ids = "?ids=" + param_escape(id);
+                       var query = "?op=rpc&subop=catchupSelected" +
+                               "&cmode=" + param_escape(cmode) + "&ids=" + param_escape(id);
 
 //                     notify_progress("Loading, please wait...");
 
-                       new Ajax.Request(query, {
-                               parameters: ids,
+                       new Ajax.Request("backend.php", {
+                               parameters: query,
                                onComplete: function(transport) { 
                                        all_counters_callback2(transport); 
                                } });
@@ -980,14 +981,15 @@ function selectionRemoveLabel(id) {
 
 //             if (ok) {
 
-                       var query = "backend.php?op=rpc&subop=removeFromLabel&ids=" +
+                       var query = "?op=rpc&subop=removeFromLabel&ids=" +
                                param_escape(ids.toString()) + "&lid=" + param_escape(id);
 
 //                     notify_progress("Loading, please wait...");
 
                        cache_invalidate("F:" + (-11 - id));
 
-                       new Ajax.Request(query, {
+                       new Ajax.Request("backend.php", {
+                               parameters: query,
                                onComplete: function(transport) { 
                                        show_labels_in_headlines(transport);
                                        all_counters_callback2(transport);
@@ -1017,12 +1019,13 @@ function selectionAssignLabel(id) {
 
                        cache_invalidate("F:" + (-11 - id));
 
-                       var query = "backend.php?op=rpc&subop=assignToLabel&ids=" +
+                       var query = "?op=rpc&subop=assignToLabel&ids=" +
                                param_escape(ids.toString()) + "&lid=" + param_escape(id);
 
 //                     notify_progress("Loading, please wait...");
 
-                       new Ajax.Request(query, {
+                       new Ajax.Request("backend.php", {
+                               parameters: query,
                                onComplete: function(transport) { 
                                        show_labels_in_headlines(transport);
                                        all_counters_callback2(transport);
@@ -1102,15 +1105,13 @@ function selectionToggleUnread(cdm_mode, set_state, callback_func, no_error) {
                                cmode = "0";
                        }
 
-                       var query = "backend.php?op=rpc&subop=catchupSelected" +
-                               "&cmode=" + cmode;
-
-                       var ids = "?ids=" + param_escape(rows.toString()); 
+                       var query = "?op=rpc&subop=catchupSelected" +
+                               "&cmode=" + cmode + "&ids=" + param_escape(rows.toString()); 
 
                        notify_progress("Loading, please wait...");
 
-                       new Ajax.Request(query, {
-                               parameters: ids,
+                       new Ajax.Request("backend.php", {
+                               parameters: query,
                                onComplete: function(transport) { 
                                        catchup_callback2(transport, callback_func); 
                                } });
@@ -1146,7 +1147,7 @@ function selectionToggleMarked(cdm_mode) {
 
                if (rows.length > 0) {
 
-                       var query = "backend.php?op=rpc&subop=markSelected&ids=" +
+                       var query = "?op=rpc&subop=markSelected&ids=" +
                                param_escape(rows.toString()) + "&cmode=2";
 
                        query = query + "&afid=" + getActiveFeedId();
@@ -1159,7 +1160,8 @@ function selectionToggleMarked(cdm_mode) {
 
                        query = query + "&omode=lc";
 
-                       new Ajax.Request(query, {
+                       new Ajax.Request("backend.php", {
+                               parameters: query,
                                onComplete: function(transport) { 
                                        all_counters_callback2(transport); 
                                } });
@@ -1193,7 +1195,7 @@ function selectionTogglePublished(cdm_mode) {
 
                if (rows.length > 0) {
 
-                       var query = "backend.php?op=rpc&subop=publishSelected&ids=" +
+                       var query = "?op=rpc&subop=publishSelected&ids=" +
                                param_escape(rows.toString()) + "&cmode=2";
 
                        query = query + "&afid=" + getActiveFeedId();
@@ -1206,7 +1208,8 @@ function selectionTogglePublished(cdm_mode) {
 
                        query = query + "&omode=lc";
 
-                       new Ajax.Request(query, {
+                       new Ajax.Request("backend.php", {
+                               parameters: query,
                                onComplete: function(transport) { 
                                        all_counters_callback2(transport); 
                                } });
@@ -1357,11 +1360,12 @@ function deleteSelection() {
                        return;
                }
 
-               query = "backend.php?op=rpc&subop=delete&ids=" + param_escape(rows);
+               query = "?op=rpc&subop=delete&ids=" + param_escape(rows);
 
                debug(query);
 
-               new Ajax.Request(query, {
+               new Ajax.Request("backend.php", {
+                       parameters: query,
                        onComplete: function(transport) {
                                        viewCurrentFeed();
                                } });
@@ -1408,7 +1412,7 @@ function archiveSelection() {
                        return;
                }
 
-               query = "backend.php?op=rpc&subop="+op+"&ids=" + param_escape(rows);
+               query = "?op=rpc&subop="+op+"&ids=" + param_escape(rows);
 
                debug(query);
 
@@ -1416,7 +1420,8 @@ function archiveSelection() {
                        cache_invalidate(rows[i]);
                }
 
-               new Ajax.Request(query, {
+               new Ajax.Request("backend.php", {
+                       parameters: query,
                        onComplete: function(transport) {
                                        viewCurrentFeed();
                                } });
@@ -1513,11 +1518,12 @@ function editTagsSave() {
 
        var query = Form.serialize("tag_edit_form");
 
-       query = "backend.php?op=rpc&subop=setArticleTags&" + query;
+       query = "?op=rpc&subop=setArticleTags&" + query;
 
        debug(query);
 
-       new Ajax.Request(query, {
+       new Ajax.Request("backend.php", {
+               parameters: query,
                onComplete: function(transport) {
                                tag_saved_callback(transport);
                        } });
@@ -1708,13 +1714,11 @@ function cdmWatchdog() {
                                }
                        }
 
-                       var query = "backend.php?op=rpc&subop=catchupSelected" +
-                               "&cmode=0";
-
-                       var ids = "?ids=" + param_escape(ids.toString());
+                       var query = "?op=rpc&subop=catchupSelected" +
+                               "&cmode=0" + "&ids=" + param_escape(ids.toString());
 
-                       new Ajax.Request(query, {
-                               parameters: ids,
+                       new Ajax.Request("backend.php", {
+                               parameters: query,
                                onComplete: function(transport) { 
                                        all_counters_callback2(transport); 
                                } });
@@ -1972,9 +1976,11 @@ function preloadArticleUnderPointer(id) {
 
                        cids_to_request.push(id);
 
-                       var query = "backend.php?op=rpc&subop=getArticles&ids=" + 
+                       var query = "?op=rpc&subop=getArticles&ids=" + 
                                cids_to_request.toString();
-                       new Ajax.Request(query, {
+
+                       new Ajax.Request("backend.php", {
+                               parameters: query,
                                onComplete: function(transport) { 
                                        preload_article_callback(transport);
                        } });
@@ -2092,13 +2098,11 @@ function catchupRelativeToArticle(below) {
                                        e.className = e.className.replace("Unread", "");
                                }
 
-                               var query = "backend.php?op=rpc&subop=catchupSelected" +
-                                       "&cmode=0";
-
-                               var ids = "?ids=" + param_escape(ids_to_mark.toString()); 
+                               var query = "?op=rpc&subop=catchupSelected" +
+                                       "&cmode=0" + "&ids=" + param_escape(ids_to_mark.toString()); 
 
-                               new Ajax.Request(query, {
-                                       parameters: ids,
+                               new Ajax.Request("backend.php", {
+                                       parameters: query,
                                        onComplete: function(transport) { 
                                                catchup_callback2(transport); 
                                        } });
@@ -2252,11 +2256,12 @@ function zoomToArticle(id) {
 function showOriginalArticleInline(id) {
        try {
 
-               var query = "backend.php?op=rpc&subop=getArticleLink&id=" + id;
+               var query = "?op=rpc&subop=getArticleLink&id=" + id;
 
                notify_progress("Loading, please wait...", true);
 
-               new Ajax.Request(query, {
+               new Ajax.Request("backend.php", {
+                       parameters: query,
                        onComplete: function(transport) { 
 
                                if (transport.responseXML) {
web-based news feed (RSS/Atom) reader and aggregator; see https://tt-rss.org/