/* GET["cmode"] = 0 - mark as read, 1 - as unread, 2 - toggle */
if ($subop == "catchupSelected") {
- $ids = split(",", $_GET["ids"]);
+ $ids = split(",", db_escape_string($_GET["ids"]));
$cmode = sprintf("%d", $_GET["cmode"]);
if ($subop == "markSelected") {
- $ids = split(",", $_GET["ids"]);
+ $ids = split(",", db_escape_string($_GET["ids"]));
$cmode = sprintf("%d", $_GET["cmode"]);
}
- $search = $_GET["search"];
-
- $search_mode = $_GET["smode"];
+ $search = db_escape_string($_GET["search"]);
+ $search_mode = db_escape_string($_GET["smode"]);
if ($search) {
$search_query_part = "(upper(title) LIKE upper('%$search%')
$subop = $_GET["subop"];
if ($subop == "unread") {
- $ids = split(",", $_GET["ids"]);
+ $ids = split(",", db_escape_string($_GET["ids"]));
foreach ($ids as $id) {
db_query($link, "UPDATE ttrss_user_entries SET unread = true
WHERE feed_id = '$id' AND owner_uid = ".$_SESSION["uid"]);
}
if ($subop == "read") {
- $ids = split(",", $_GET["ids"]);
+ $ids = split(",", db_escape_string($_GET["ids"]));
foreach ($ids as $id) {
db_query($link, "UPDATE ttrss_user_entries
SET unread = false,last_read = NOW() WHERE
if (!WEB_DEMO_MODE) {
- $ids = split(",", $_GET["ids"]);
+ $ids = split(",", db_escape_string($_GET["ids"]));
foreach ($ids as $id) {
db_query($link, "DELETE FROM ttrss_feeds
if (!WEB_DEMO_MODE) {
- $ids = split(",", $_GET["ids"]);
+ $ids = split(",", db_escape_string($_GET["ids"]));
foreach ($ids as $id) {
}
}
+ if ($subop == "categorize") {
+
+ if (!WEB_DEMO_MODE) {
+
+ $ids = split(",", db_escape_string($_GET["ids"]));
+
+ $cat_id = db_escape_string($_GET["cat_id"]);
+
+ if ($cat_id == 0) {
+ $cat_id_qpart = 'NULL';
+ } else {
+ $cat_id_qpart = "'$cat_id'";
+ }
+
+ db_query($link, "BEGIN");
+
+ foreach ($ids as $id) {
+
+ db_query($link, "UPDATE ttrss_feeds SET cat_id = $cat_id_qpart
+ WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
+ }
+
+ db_query($link, "COMMIT");
+ }
+
+ }
+
// print "<h3>Edit Feeds</h3>";
$result = db_query($link, "SELECT id,title,feed_url,last_error
}
- print "<p><div class=\"prefGenericAddBox\">
- <input id=\"fadd_link\" size=\"40\"> <input
- type=\"submit\" class=\"button\"
- onclick=\"javascript:addFeed()\" value=\"Add feed\"></div>";
+ $feed_search = db_escape_string($_GET["search"]);
+
+ if (array_key_exists("search", $_GET)) {
+ $_SESSION["prefs_feed_search"] = $feed_search;
+ } else {
+ $feed_search = $_SESSION["prefs_feed_search"];
+ }
+
+ print "<table width='100%' class=\"prefGenericAddBox\"
+ cellspacing='0' cellpadding='0'><tr>
+ <td>
+ <input id=\"fadd_link\"
+ onchange=\"javascript:addFeed()\"
+ size=\"40\">
+ <input type=\"submit\" class=\"button\"
+ onclick=\"javascript:addFeed()\" value=\"Add feed\">
+ </td><td align='right'>
+ <input id=\"feed_search\" size=\"20\"
+ onchange=\"javascript:updateFeedList()\"
+ value=\"$feed_search\">
+ <input type=\"submit\" class=\"button\"
+ onclick=\"javascript:updateFeedList()\" value=\"Search\">
+ </td>
+ </tr></table>";
$feeds_sort = db_escape_string($_GET["sort"]);
$_SESSION["pref_sort_feeds"] = $feeds_sort;
+ if ($feed_search) {
+ $search_qpart = "UPPER(title) LIKE UPPER('%$feed_search%') AND";
+ } else {
+ $search_qpart = "";
+ }
+
$result = db_query($link, "SELECT
id,title,feed_url,substring(last_updated,1,16) as last_updated,
update_interval,purge_interval,
(SELECT title FROM ttrss_feed_categories
WHERE id = cat_id) AS category
FROM
- ttrss_feeds WHERE owner_uid = '".$_SESSION["uid"]."'
+ ttrss_feeds
+ WHERE
+ $search_qpart owner_uid = '".$_SESSION["uid"]."'
ORDER by $feeds_sort,title");
if (db_num_rows($result) != 0) {
onclick=\"javascript:editSelectedFeed()\" value=\"Edit\">
<input type=\"submit\" class=\"button\"
onclick=\"javascript:removeSelectedFeeds()\" value=\"Remove\">";
-
+
+ if (get_pref($link, 'ENABLE_FEED_CATS')) {
+
+ print " ";
+
+ $result = db_query($link, "SELECT title,id FROM ttrss_feed_categories
+ WHERE owner_uid = ".$_SESSION["uid"]."
+ ORDER BY title");
+
+ print "<select id=\"sfeed_set_fcat\">";
+ print "<option id=\"0\">Uncategorized</option>";
+
+ if (db_num_rows($result) != 0) {
+
+ print "<option disabled>--------</option>";
+
+ while ($line = db_fetch_assoc($result)) {
+ printf("<option id='%d'>%s</option>",
+ $line["id"], $line["title"]);
+ }
+ }
+
+ print "</select>";
+
+ print " <input type=\"submit\" class=\"button\"
+ onclick=\"javascript:categorizeSelectedFeeds()\" value=\"Set category\">";
+
+ }
+
if (get_pref($link, 'ENABLE_PREFS_CATCHUP_UNCATCHUP')) {
print "
<input type=\"submit\" class=\"button\"
}
print "
- All feeds: <input type=\"submit\"
+ All feeds: <input type=\"submit\"
class=\"button\" onclick=\"gotoExportOpml()\"
value=\"Export OPML\">";
}
// print "<h3>Categories</h3>";
print "<div class=\"prefGenericAddBox\">
- <input id=\"fadd_cat\" size=\"40\"> <input
+ <input id=\"fadd_cat\"
+ onchange=\"javascript:addFeedCat()\"
+ size=\"40\">
+ <input
type=\"submit\" class=\"button\"
onclick=\"javascript:addFeedCat()\" value=\"Add category\"></div>";
if (!WEB_DEMO_MODE) {
- $ids = split(",", $_GET["ids"]);
+ $ids = split(",", db_escape_string($_GET["ids"]));
foreach ($ids as $id) {
db_query($link, "DELETE FROM ttrss_filters WHERE id = '$id'");
}
print "<div class=\"prefGenericAddBox\">
- <input id=\"fadd_regexp\" size=\"40\"> ";
+ <input id=\"fadd_regexp\" onchange=\"javascript:addFilter()\" size=\"40\"> ";
print_select("fadd_match", "Title", $filter_types);
if (!WEB_DEMO_MODE) {
- $ids = split(",", $_GET["ids"]);
+ $ids = split(",", db_escape_string($_GET["ids"]));
foreach ($ids as $id) {
db_query($link, "DELETE FROM ttrss_labels WHERE id = '$id'");
if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
- $ids = split(",", $_GET["ids"]);
+ $ids = split(",", db_escape_string($_GET["ids"]));
foreach ($ids as $id) {
db_query($link, "DELETE FROM ttrss_users WHERE id = '$id' AND id != " . $_SESSION["uid"]);
}
print "<div class=\"prefGenericAddBox\">
- <input id=\"uadd_box\" size=\"40\"> ";
+ <input id=\"uadd_box\" onchange=\"javascript:addUser()\" size=\"40\"> ";
print"<input type=\"submit\" class=\"button\"
onclick=\"javascript:addUser()\" value=\"Add user\"></div>";