From 8d505d78e3989c6c72dd7fdab82111e4d7ecdcbc Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Thu, 17 Mar 2011 19:05:28 +0300 Subject: [PATCH] make it possible to subscribe to password-protected feeds (closes #314) --- functions.php | 1344 +++++++++++++++++++++++++------------------------ 1 file changed, 683 insertions(+), 661 deletions(-) diff --git a/functions.php b/functions.php index c60cb00b..9090d8cf 100644 --- a/functions.php +++ b/functions.php @@ -19,13 +19,13 @@ /** * Return available translations names. - * + * * @access public * @return array A array of available translations. */ function get_translations() { $tr = array( - "auto" => "Detect automatically", + "auto" => "Detect automatically", "ca_CA" => "Català", "en_US" => "English", "es_ES" => "Español", @@ -47,7 +47,7 @@ require_once "lib/gettext/gettext.inc"; function startup_gettext() { - + # Get locale from Accept-Language header $lang = al2gt(array_keys(get_translations()), "text/html"); @@ -55,7 +55,7 @@ $lang = _TRANSLATION_OVERRIDE_DEFAULT; } - if ($_COOKIE["ttrss_lang"] && $_COOKIE["ttrss_lang"] != "auto") { + if ($_COOKIE["ttrss_lang"] && $_COOKIE["ttrss_lang"] != "auto") { $lang = $_COOKIE["ttrss_lang"]; } @@ -133,7 +133,7 @@ /** * Print a timestamped debug message. - * + * * @param string $msg The debug message. * @return void */ @@ -147,7 +147,7 @@ /** * Purge a feed old posts. - * + * * @param mixed $link A database connection. * @param mixed $feed_id The id of the purged feed. * @param mixed $purge_interval Olderness of purged posts. @@ -158,10 +158,10 @@ function purge_feed($link, $feed_id, $purge_interval, $debug = false) { if (!$purge_interval) $purge_interval = feed_purge_interval($link, $feed_id); - + $rows = -1; - $result = db_query($link, + $result = db_query($link, "SELECT owner_uid FROM ttrss_feeds WHERE id = '$feed_id'"); $owner_uid = false; @@ -199,41 +199,41 @@ if (preg_match("/^7\./", $pg_version) || preg_match("/^8\.0/", $pg_version)) { - $result = db_query($link, "DELETE FROM ttrss_user_entries WHERE - ttrss_entries.id = ref_id AND - marked = false AND - feed_id = '$feed_id' AND + $result = db_query($link, "DELETE FROM ttrss_user_entries WHERE + ttrss_entries.id = ref_id AND + marked = false AND + feed_id = '$feed_id' AND $query_limit ttrss_entries.date_updated < NOW() - INTERVAL '$purge_interval days'"); } else { - $result = db_query($link, "DELETE FROM ttrss_user_entries - USING ttrss_entries - WHERE ttrss_entries.id = ref_id AND - marked = false AND - feed_id = '$feed_id' AND + $result = db_query($link, "DELETE FROM ttrss_user_entries + USING ttrss_entries + WHERE ttrss_entries.id = ref_id AND + marked = false AND + feed_id = '$feed_id' AND $query_limit ttrss_entries.date_updated < NOW() - INTERVAL '$purge_interval days'"); } $rows = pg_affected_rows($result); - + } else { - + /* $result = db_query($link, "DELETE FROM ttrss_user_entries WHERE marked = false AND feed_id = '$feed_id' AND - (SELECT date_updated FROM ttrss_entries WHERE + (SELECT date_updated FROM ttrss_entries WHERE id = ref_id) < DATE_SUB(NOW(), INTERVAL $purge_interval DAY)"); */ - $result = db_query($link, "DELETE FROM ttrss_user_entries - USING ttrss_user_entries, ttrss_entries - WHERE ttrss_entries.id = ref_id AND - marked = false AND - feed_id = '$feed_id' AND + $result = db_query($link, "DELETE FROM ttrss_user_entries + USING ttrss_user_entries, ttrss_entries + WHERE ttrss_entries.id = ref_id AND + marked = false AND + feed_id = '$feed_id' AND $query_limit ttrss_entries.date_updated < DATE_SUB(NOW(), INTERVAL $purge_interval DAY)"); - + $rows = mysql_affected_rows($link); } @@ -247,7 +247,7 @@ /** * Purge old posts from old feeds. Not used anymore, purging is done after feed update. - * + * * @param mixed $link A database connection * @param boolean $do_output Set to true to enable printed output, false by default. * @param integer $limit The maximal number of removed posts. @@ -263,9 +263,9 @@ } else { $limit_qpart = ""; } - - $result = db_query($link, - "SELECT id,purge_interval,owner_uid FROM ttrss_feeds + + $result = db_query($link, + "SELECT id,purge_interval,owner_uid FROM ttrss_feeds ORDER BY $random_qpart $limit_qpart"); while ($line = db_fetch_assoc($result)) { @@ -275,12 +275,12 @@ $owner_uid = $line["owner_uid"]; if ($purge_interval == 0) { - - $tmp_result = db_query($link, + + $tmp_result = db_query($link, "SELECT value FROM ttrss_user_prefs WHERE pref_name = 'PURGE_OLD_DAYS' AND owner_uid = '$owner_uid'"); - if (db_num_rows($tmp_result) != 0) { + if (db_num_rows($tmp_result) != 0) { $purge_interval = db_fetch_result($tmp_result, 0, "value"); } } @@ -292,7 +292,7 @@ if ($purge_interval > 0 || FORCE_ARTICLE_PURGE) { purge_feed($link, $feed_id, $purge_interval, $do_output); } - } + } purge_orphans($link, $do_output); @@ -300,14 +300,14 @@ function feed_purge_interval($link, $feed_id) { - $result = db_query($link, "SELECT purge_interval, owner_uid FROM ttrss_feeds + $result = db_query($link, "SELECT purge_interval, owner_uid FROM ttrss_feeds WHERE id = '$feed_id'"); if (db_num_rows($result) == 1) { $purge_interval = db_fetch_result($result, 0, "purge_interval"); $owner_uid = db_fetch_result($result, 0, "owner_uid"); - if ($purge_interval == 0) $purge_interval = get_pref($link, + if ($purge_interval == 0) $purge_interval = get_pref($link, 'PURGE_OLD_DAYS', $owner_uid); return $purge_interval; @@ -320,8 +320,8 @@ function purge_old_posts($link) { $user_id = $_SESSION["uid"]; - - $result = db_query($link, "SELECT id,purge_interval FROM ttrss_feeds + + $result = db_query($link, "SELECT id,purge_interval FROM ttrss_feeds WHERE owner_uid = '$user_id'"); while ($line = db_fetch_assoc($result)) { @@ -334,7 +334,7 @@ if ($purge_interval > 0) { purge_feed($link, $feed_id, $purge_interval); } - } + } purge_orphans($link); } @@ -342,7 +342,7 @@ function purge_orphans($link, $do_output = false) { // purge orphaned posts in main content table - $result = db_query($link, "DELETE FROM ttrss_entries WHERE + $result = db_query($link, "DELETE FROM ttrss_entries WHERE (SELECT COUNT(int_id) FROM ttrss_user_entries WHERE ref_id = id) = 0"); if ($do_output) { @@ -370,7 +370,10 @@ } } - function fetch_file_contents($url, $type = false) { + function fetch_file_contents($url, $type = false, $login = false, $pass = false) { + $login = urlencode($login); + $pass = urlencode($pass); + if (USE_CURL) { $ch = curl_init($url); @@ -380,6 +383,11 @@ curl_setopt($ch, CURLOPT_MAXREDIRS, 20); curl_setopt($ch, CURLOPT_BINARYTRANSFER, true); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); + curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); + curl_setopt($fp, CURLOPT_HTTPAUTH, CURLAUTH_ANY); + + if ($login && $pass) + curl_setopt($ch, CURLOPT_USERPWD, "$login:$pass"); $contents = @curl_exec($ch); if ($contents === false) { @@ -387,15 +395,26 @@ return false; } + $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE); $content_type = curl_getinfo($ch, CURLINFO_CONTENT_TYPE); curl_close($ch); - if ($type && strpos($content_type, "$type") === false) { + if ($http_code != 200 || $type && strpos($content_type, "$type") === false) { return false; } return $contents; } else { + if ($login && $pass && $updated != 3) { + $url_parts = array(); + + preg_match("/(^[^:]*):\/\/(.*)/", $url, $url_parts); + + if ($url_parts[1] && $url_parts[2]) { + $url = $url_parts[1] . "://$login:$pass@" . $url_parts[2]; + } + } + return @file_get_contents($url); } @@ -405,7 +424,7 @@ * Try to determine the favicon URL for a feed. * adapted from wordpress favicon plugin by Jeff Minard (http://thecodepro.com/) * http://dev.wp-plugins.org/file/favatars/trunk/favatars.php - * + * * @param string $url A feed or page URL * @access public * @return mixed The favicon URL, or false if none was found. @@ -428,7 +447,7 @@ $favicon_url = rewrite_relative_url($url, $entry->getAttribute("href")); break; } - } + } } if (!$favicon_url) @@ -444,13 +463,13 @@ /** * Check if a link is a valid and working URL. - * + * * @param mixed $link A URL to check * @access public * @return boolean True if the URL is valid, false otherwise. */ function url_validate($link) { - + $url_parts = @parse_url($link); if ( empty( $url_parts["host"] ) ) @@ -467,15 +486,15 @@ $host = $url_parts["host"]; $port = $url_parts["port"]; - + if ( empty($port) ) $port = "80"; $socket = @fsockopen( $host, $port, $errno, $errstr, 30 ); - + if ( !$socket ) return false; - + fwrite ($socket, "HEAD ".$documentpath." HTTP/1.0\r\nHost: $host\r\n\r\n"); $http_response = fgets( $socket, 22 ); @@ -519,8 +538,8 @@ /* Update all feeds with the same URL to utilize memcache */ if ($memcache) { - $result = db_query($link, "SELECT f1.id - FROM ttrss_feeds AS f1, ttrss_feeds AS f2 + $result = db_query($link, "SELECT f1.id + FROM ttrss_feeds AS f1, ttrss_feeds AS f2 WHERE f2.feed_url = f1.feed_url AND f2.id = '$feed'"); while ($line = db_fetch_assoc($result)) { @@ -549,8 +568,8 @@ $updstart_thresh_qpart = "(ttrss_feeds.last_update_started IS NULL OR ttrss_feeds.last_update_started < NOW() - INTERVAL '120 seconds')"; } else { $updstart_thresh_qpart = "(ttrss_feeds.last_update_started IS NULL OR ttrss_feeds.last_update_started < DATE_SUB(NOW(), INTERVAL 120 SECOND))"; - } - + } + $result = db_query($link, "SELECT id,update_interval,auth_login, auth_pass,cache_images,update_method FROM ttrss_feeds WHERE id = '$feed' AND $updstart_thresh_qpart"); @@ -567,7 +586,7 @@ if (db_num_rows($result) == 0) { if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) { _debug("update_rss_feed: feed $feed NOT FOUND/SKIPPED"); - } + } return false; } @@ -644,13 +663,13 @@ if (!is_dir(SIMPLEPIE_CACHE_DIR)) { mkdir(SIMPLEPIE_CACHE_DIR); } - + $rss = new SimplePie(); $rss->set_useragent(SELF_USER_AGENT); # $rss->set_timeout(10); $rss->set_feed_url($fetch_url); $rss->set_output_encoding('UTF-8'); - + if (SIMPLEPIE_CACHE_IMAGES && $cache_images) { if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) { @@ -659,17 +678,17 @@ $rss->set_image_handler("image.php", 'i'); } - + if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) { _debug("feed update interval (sec): " . get_feed_update_interval($link, $feed)*60); } - + if (is_dir(SIMPLEPIE_CACHE_DIR)) { $rss->set_cache_location(SIMPLEPIE_CACHE_DIR); $rss->set_cache_duration(get_feed_update_interval($link, $feed) * 60); } - + $rss->init(); } @@ -730,8 +749,8 @@ if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) { _debug("update_rss_feed: registering title: $feed_title"); } - - db_query($link, "UPDATE ttrss_feeds SET + + db_query($link, "UPDATE ttrss_feeds SET title = '$feed_title' WHERE id = '$feed'"); } @@ -741,7 +760,7 @@ } if ($site_url && $orig_site_url != db_escape_string($site_url)) { - db_query($link, "UPDATE ttrss_feeds SET + db_query($link, "UPDATE ttrss_feeds SET site_url = '$site_url' WHERE id = '$feed'"); } @@ -755,7 +774,7 @@ $icon_url = substr($icon_url, 0, 250); - if ($icon_url && $orig_icon_url != $icon_url) { + if ($icon_url && $orig_icon_url != $icon_url) { if (USE_CURL || url_validate($icon_url)) { db_query($link, "UPDATE ttrss_feeds SET icon_url = '$icon_url' WHERE id = '$feed'"); } @@ -780,7 +799,7 @@ } if (!is_array($iterator)) { - /* db_query($link, "UPDATE ttrss_feeds + /* db_query($link, "UPDATE ttrss_feeds SET last_error = 'Parse error: can\'t find any articles.' WHERE id = '$feed'"); */ @@ -791,7 +810,7 @@ _debug("update_rss_feed: entry iterator is not an array, no articles?"); } - db_query($link, "UPDATE ttrss_feeds + db_query($link, "UPDATE ttrss_feeds SET last_updated = NOW(), last_error = '' WHERE id = '$feed'"); return; // no articles @@ -895,7 +914,7 @@ if (!$entry_content) $entry_content = $item["atom_content"]; if (!$entry_content) $entry_content = $item["summary"]; - if (!$entry_content || + if (!$entry_content || strlen($entry_content) < strlen($item["description"])) { $entry_content = $item["description"]; }; @@ -904,7 +923,7 @@ if (is_array($entry_content)) { $entry_content = $entry_content["encoded"]; if (!$entry_content) $entry_content = $entry_content["escaped"]; - } + } } if ($_REQUEST["xdebug"] == 2) { @@ -925,22 +944,22 @@ } } else { $entry_comments = strip_tags($item["comments"]); - + $entry_author = db_escape_string(strip_tags($item['dc']['creator'])); if ($item['author']) { - + if (is_array($item['author'])) { - + if (!$entry_author) { $entry_author = db_escape_string(strip_tags($item['author']['name'])); } - + if (!$entry_author) { $entry_author = db_escape_string(strip_tags($item['author']['email'])); } } - + if (!$entry_author) { $entry_author = db_escape_string(strip_tags($item['author'])); } @@ -952,7 +971,7 @@ $entry_guid = db_escape_string(strip_tags($entry_guid)); $entry_guid = mb_substr($entry_guid, 0, 250); - $result = db_query($link, "SELECT id FROM ttrss_entries + $result = db_query($link, "SELECT id FROM ttrss_entries WHERE guid = '$entry_guid'"); $entry_content = db_escape_string($entry_content, false); @@ -983,7 +1002,7 @@ if ($use_simplepie) { $additional_tags_src = $item->get_categories(); - + if (is_array($additional_tags_src)) { foreach ($additional_tags_src as $tobj) { array_push($additional_tags, $tobj->get_term()); @@ -1018,11 +1037,11 @@ } } } - + // parse elements - + $t_ctr = $item['dc']['subject#']; - + if ($t_ctr > 0) { array_push($additional_tags, $item['dc']['subject']); @@ -1060,7 +1079,7 @@ } # sanitize content - + $entry_content = sanitize_article_content($entry_content); $entry_title = sanitize_article_content($entry_title); @@ -1079,7 +1098,7 @@ // base post entry does not exist, create it $result = db_query($link, - "INSERT INTO ttrss_entries + "INSERT INTO ttrss_entries (title, guid, link, @@ -1093,13 +1112,13 @@ num_comments, author) VALUES - ('$entry_title', - '$entry_guid', + ('$entry_title', + '$entry_guid', '$entry_link', - '$entry_timestamp_fmt', - '$entry_content', + '$entry_timestamp_fmt', + '$entry_content', '$content_hash', - $no_orig_date, + $no_orig_date, NOW(), NOW(), '$entry_comments', @@ -1119,13 +1138,13 @@ // now it should exist, if not - bad luck then - $result = db_query($link, "SELECT + $result = db_query($link, "SELECT id,content_hash,no_orig_date,title, ".SUBSTRING_FOR_DATE."(date_updated,1,19) as date_updated, ".SUBSTRING_FOR_DATE."(updated,1,19) as updated, num_comments - FROM - ttrss_entries + FROM + ttrss_entries WHERE guid = '$entry_guid'"); $entry_ref_id = 0; @@ -1141,7 +1160,7 @@ $orig_content_hash = db_fetch_result($result, 0, "content_hash"); $orig_title = db_fetch_result($result, 0, "title"); $orig_num_comments = db_fetch_result($result, 0, "num_comments"); - $orig_date_updated = strtotime(db_fetch_result($result, + $orig_date_updated = strtotime(db_fetch_result($result, 0, "date_updated")); $ref_id = db_fetch_result($result, 0, "id"); @@ -1152,14 +1171,14 @@ // do we allow duplicate posts with same GUID in different feeds? if (get_pref($link, "ALLOW_DUPLICATE_POSTS", $owner_uid, false)) { $dupcheck_qpart = "AND (feed_id = '$feed' OR feed_id IS NULL)"; - } else { + } else { $dupcheck_qpart = ""; } /* Collect article tags here so we could filter by them: */ - $article_filters = get_article_filters($filters, $entry_title, - $entry_content, $entry_link, $entry_timestamp, $entry_author, + $article_filters = get_article_filters($filters, $entry_title, + $entry_content, $entry_link, $entry_timestamp, $entry_author, $entry_tags); if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) { @@ -1201,7 +1220,7 @@ } else { $unread = 'false'; $last_read_qpart = 'NOW()'; - } + } if (find_article_filter($article_filters, 'mark') || $score > 1000) { $marked = 'true'; @@ -1216,13 +1235,13 @@ } $result = db_query($link, - "INSERT INTO ttrss_user_entries - (ref_id, owner_uid, feed_id, unread, last_read, marked, - published, score, tag_cache, label_cache) + "INSERT INTO ttrss_user_entries + (ref_id, owner_uid, feed_id, unread, last_read, marked, + published, score, tag_cache, label_cache) VALUES ('$ref_id', '$owner_uid', '$feed', $unread, $last_read_qpart, $marked, $published, '$score', '', '')"); - $result = db_query($link, + $result = db_query($link, "SELECT int_id FROM ttrss_user_entries WHERE ref_id = '$ref_id' AND owner_uid = '$owner_uid' AND feed_id = '$feed' LIMIT 1"); @@ -1265,8 +1284,8 @@ // $post_needs_update = true; // } - // if post needs update, update it and mark all user entries - // linking to this post as updated + // if post needs update, update it and mark all user entries + // linking to this post as updated if ($post_needs_update) { if (defined('DAEMON_EXTENDED_DEBUG')) { @@ -1275,17 +1294,17 @@ // print ""; - db_query($link, "UPDATE ttrss_entries + db_query($link, "UPDATE ttrss_entries SET title = '$entry_title', content = '$entry_content', content_hash = '$content_hash', num_comments = '$num_comments' WHERE id = '$ref_id'"); if (get_pref($link, "MARK_UNREAD_ON_UPDATE", $owner_uid, false)) { - db_query($link, "UPDATE ttrss_user_entries + db_query($link, "UPDATE ttrss_user_entries SET last_read = null, unread = true WHERE ref_id = '$ref_id'"); } else { - db_query($link, "UPDATE ttrss_user_entries + db_query($link, "UPDATE ttrss_user_entries SET last_read = null WHERE ref_id = '$ref_id' AND unread = false"); } @@ -1316,7 +1335,7 @@ foreach ($encs as $e) { $e_item = array( $e->link, $e->type, $e->length); - + array_push($enclosures, $e_item); } } @@ -1411,7 +1430,7 @@ // Skip boring tags - $boring_tags = trim_array(split(",", mb_strtolower(get_pref($link, + $boring_tags = trim_array(split(",", mb_strtolower(get_pref($link, 'BLACKLISTED_TAGS', $owner_uid, ''), 'utf-8'))); $filtered_tags = array(); @@ -1423,7 +1442,7 @@ array_push($filtered_tags, $tag); } } - } + } $filtered_tags = array_unique($filtered_tags); @@ -1435,23 +1454,23 @@ // Save article tags in the database if (count($filtered_tags) > 0) { - + db_query($link, "BEGIN"); - + foreach ($filtered_tags as $tag) { $tag = sanitize_tag($tag); $tag = db_escape_string($tag); if (!tag_is_valid($tag)) continue; - - $result = db_query($link, "SELECT id FROM ttrss_tags - WHERE tag_name = '$tag' AND post_int_id = '$entry_int_id' AND + + $result = db_query($link, "SELECT id FROM ttrss_tags + WHERE tag_name = '$tag' AND post_int_id = '$entry_int_id' AND owner_uid = '$owner_uid' LIMIT 1"); if ($result && db_num_rows($result) == 0) { - - db_query($link, "INSERT INTO ttrss_tags + + db_query($link, "INSERT INTO ttrss_tags (owner_uid,tag_name,post_int_id) VALUES ('$owner_uid','$tag', '$entry_int_id')"); } @@ -1460,22 +1479,22 @@ } /* update the cache */ - + $tags_to_cache = array_unique($tags_to_cache); - + $tags_str = db_escape_string(join(",", $tags_to_cache)); - db_query($link, "UPDATE ttrss_user_entries + db_query($link, "UPDATE ttrss_user_entries SET tag_cache = '$tags_str' WHERE ref_id = '$entry_ref_id' AND owner_uid = $owner_uid"); db_query($link, "COMMIT"); - } + } if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) { _debug("update_rss_feed: article processed"); } - } + } if (!$last_updated) { if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) { @@ -1486,7 +1505,7 @@ purge_feed($link, $feed, 0); - db_query($link, "UPDATE ttrss_feeds + db_query($link, "UPDATE ttrss_feeds SET last_updated = NOW(), last_error = '' WHERE id = '$feed'"); // db_query($link, "COMMIT"); @@ -1505,8 +1524,8 @@ $error_msg = db_escape_string($error_msg); - db_query($link, - "UPDATE ttrss_feeds SET last_error = '$error_msg', + db_query($link, + "UPDATE ttrss_feeds SET last_error = '$error_msg', last_updated = NOW() WHERE id = '$feed'"); } @@ -1527,7 +1546,7 @@ $sel = "selected=\"1\""; else $sel = ""; - + print ""; } print ""; @@ -1540,7 +1559,7 @@ $sel = 'selected="selected"'; else $sel = ""; - + print ""; } @@ -1552,9 +1571,9 @@ if ($filters["title"]) { foreach ($filters["title"] as $filter) { - $reg_exp = $filter["reg_exp"]; - $inverse = $filter["inverse"]; - if ((!$inverse && @preg_match("/$reg_exp/i", $title)) || + $reg_exp = $filter["reg_exp"]; + $inverse = $filter["inverse"]; + if ((!$inverse && @preg_match("/$reg_exp/i", $title)) || ($inverse && !@preg_match("/$reg_exp/i", $title))) { array_push($matches, array($filter["action"], $filter["action_param"])); @@ -1567,17 +1586,17 @@ $reg_exp = $filter["reg_exp"]; $inverse = $filter["inverse"]; - if ((!$inverse && @preg_match("/$reg_exp/i", $content)) || + if ((!$inverse && @preg_match("/$reg_exp/i", $content)) || ($inverse && !@preg_match("/$reg_exp/i", $content))) { array_push($matches, array($filter["action"], $filter["action_param"])); - } + } } } if ($filters["both"]) { - foreach ($filters["both"] as $filter) { - $reg_exp = $filter["reg_exp"]; + foreach ($filters["both"] as $filter) { + $reg_exp = $filter["reg_exp"]; $inverse = $filter["inverse"]; if ($inverse) { @@ -1598,9 +1617,9 @@ $reg_exp = $filter["reg_exp"]; $inverse = $filter["inverse"]; - if ((!$inverse && @preg_match("/$reg_exp/i", $link)) || + if ((!$inverse && @preg_match("/$reg_exp/i", $link)) || ($inverse && !@preg_match("/$reg_exp/i", $link))) { - + array_push($matches, array($filter["action"], $filter["action_param"])); } } @@ -1630,13 +1649,13 @@ } } } - } + } if ($filters["author"]) { foreach ($filters["author"] as $filter) { - $reg_exp = $filter["reg_exp"]; - $inverse = $filter["inverse"]; - if ((!$inverse && @preg_match("/$reg_exp/i", $author)) || + $reg_exp = $filter["reg_exp"]; + $inverse = $filter["inverse"]; + if ((!$inverse && @preg_match("/$reg_exp/i", $author)) || ($inverse && !@preg_match("/$reg_exp/i", $author))) { array_push($matches, array($filter["action"], $filter["action_param"])); @@ -1652,11 +1671,11 @@ $reg_exp = $filter["reg_exp"]; $inverse = $filter["inverse"]; - if ((!$inverse && @preg_match("/$reg_exp/i", $tag_string)) || + if ((!$inverse && @preg_match("/$reg_exp/i", $tag_string)) || ($inverse && !@preg_match("/$reg_exp/i", $tag_string))) { array_push($matches, array($filter["action"], $filter["action_param"])); - } + } } } @@ -1699,7 +1718,7 @@ function print_radio($id, $default, $true_is, $values, $attributes = "") { foreach ($values as $v) { - + if ($v == $default) $sel = "checked"; else @@ -1710,8 +1729,8 @@ } else { $sel .= " value=\"0\""; } - - print " $v "; } @@ -1733,14 +1752,14 @@ db_query($link, "BEGIN"); $result = db_query($link, "SELECT pref_name,def_value FROM ttrss_prefs"); - - $u_result = db_query($link, "SELECT pref_name + + $u_result = db_query($link, "SELECT pref_name FROM ttrss_user_prefs WHERE owner_uid = '$uid' $profile_qpart"); $active_prefs = array(); while ($line = db_fetch_assoc($u_result)) { - array_push($active_prefs, $line["pref_name"]); + array_push($active_prefs, $line["pref_name"]); } while ($line = db_fetch_assoc($result)) { @@ -1749,12 +1768,12 @@ if (get_schema_version($link) < 63) { db_query($link, "INSERT INTO ttrss_user_prefs - (owner_uid,pref_name,value) VALUES + (owner_uid,pref_name,value) VALUES ('$uid', '".$line["pref_name"]."','".$line["def_value"]."')"); } else { db_query($link, "INSERT INTO ttrss_user_prefs - (owner_uid,pref_name,value, profile) VALUES + (owner_uid,pref_name,value, profile) VALUES ('$uid', '".$line["pref_name"]."','".$line["def_value"]."', $profile)"); } @@ -1767,7 +1786,7 @@ function lookup_user_id($link, $user) { - $result = db_query($link, "SELECT id FROM ttrss_users WHERE + $result = db_query($link, "SELECT id FROM ttrss_users WHERE login = '$login'"); if (db_num_rows($result) == 1) { @@ -1786,9 +1805,9 @@ header('WWW-Authenticate: Basic realm="Tiny Tiny RSS RSSGen"'); header('HTTP/1.0 401 Unauthorized'); exit; - + } else { - $auth_result = authenticate_user($link, + $auth_result = authenticate_user($link, $_SERVER["PHP_AUTH_USER"], $_SERVER["PHP_AUTH_PW"]); if (!$auth_result) { @@ -1809,7 +1828,7 @@ $pwd_hash2 = encrypt_password($password, $login); $login = db_escape_string($login); - if (defined('ALLOW_REMOTE_USER_AUTH') && ALLOW_REMOTE_USER_AUTH + if (defined('ALLOW_REMOTE_USER_AUTH') && ALLOW_REMOTE_USER_AUTH && $_SERVER["REMOTE_USER"] && $login != "admin") { $login = db_escape_string($_SERVER["REMOTE_USER"]); @@ -1826,25 +1845,25 @@ } $result = db_query($link, $query); - + if (db_num_rows($result) == 1) { $_SESSION["uid"] = db_fetch_result($result, 0, "id"); $_SESSION["name"] = db_fetch_result($result, 0, "login"); $_SESSION["access_level"] = db_fetch_result($result, 0, "access_level"); - - db_query($link, "UPDATE ttrss_users SET last_login = NOW() WHERE id = " . + + db_query($link, "UPDATE ttrss_users SET last_login = NOW() WHERE id = " . $_SESSION["uid"]); - + $_SESSION["ip_address"] = $_SERVER["REMOTE_ADDR"]; $_SESSION["pwd_hash"] = db_fetch_result($result, 0, "pwd_hash"); $_SESSION["last_version_check"] = time(); - + initialize_user_prefs($link, $_SESSION["uid"]); - + return true; } - + return false; } else { @@ -1853,9 +1872,9 @@ $_SESSION["name"] = "admin"; $_SESSION["ip_address"] = $_SERVER["REMOTE_ADDR"]; - + initialize_user_prefs($link, $_SESSION["uid"]); - + return true; } } @@ -1863,14 +1882,14 @@ function make_password($length = 8) { $password = ""; - $possible = "0123456789abcdfghjkmnpqrstvwxyzABCDFGHJKMNPQRSTVWXYZ"; - - $i = 0; - - while ($i < $length) { + $possible = "0123456789abcdfghjkmnpqrstvwxyzABCDFGHJKMNPQRSTVWXYZ"; + + $i = 0; + + while ($i < $length) { $char = substr($possible, mt_rand(0, strlen($possible)-1), 1); - - if (!strstr($password, $char)) { + + if (!strstr($password, $char)) { $password .= $char; $i++; } @@ -1880,7 +1899,7 @@ // this is called after user is created to initialize default feeds, labels // or whatever else - + // user preferences are checked on every login, not here function initialize_user($link, $uid) { @@ -1924,7 +1943,7 @@ }; if ($check_ip && strpos($_SERVER['REMOTE_ADDR'], $check_ip) !== 0) { - $_SESSION["login_error_msg"] = + $_SESSION["login_error_msg"] = __("Session failed to validate (incorrect IP)"); return false; } @@ -1934,7 +1953,7 @@ if ($_SESSION["uid"]) { - $result = db_query($link, + $result = db_query($link, "SELECT pwd_hash FROM ttrss_users WHERE id = '".$_SESSION["uid"]."'"); $pwd_hash = db_fetch_result($result, 0, "pwd_hash"); @@ -1961,7 +1980,7 @@ $login_action = $_POST["login_action"]; - # try to authenticate user if called from login form + # try to authenticate user if called from login form if ($login_action == "do_login") { $login = $_POST["login"]; $password = $_POST["password"]; @@ -2013,11 +2032,11 @@ } } else { /* bump login timestamp */ - db_query($link, "UPDATE ttrss_users SET last_login = NOW() WHERE id = " . + db_query($link, "UPDATE ttrss_users SET last_login = NOW() WHERE id = " . $_SESSION["uid"]); if ($_SESSION["language"] && SESSION_COOKIE_LIFETIME > 0) { - setcookie("ttrss_lang", $_SESSION["language"], + setcookie("ttrss_lang", $_SESSION["language"], time() + SESSION_COOKIE_LIFETIME); } } @@ -2110,7 +2129,7 @@ $time = time(); if ($t) { - print ""; if (file_exists("$t/theme.js")) { print "