]> git.wh0rd.org - tt-rss.git/blame - backend.php
git.wh0rd.org / tt-rss.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
block doublequotes in tags
[tt-rss.git] / backend.php
CommitLineData
1d3a17c7 1<?php
d65981e2
AD		 2 error_reporting(E_ERROR | E_WARNING | E_PARSE);
3
36bfab86 4 require_once "sessions.php";
c339343b 5 require_once "modules/backend-rpc.php";
dc56b3b7 6
894ebcf5 7/* if ($_GET["debug"]) {
cce28758
AD		 8 define('DEFAULT_ERROR_LEVEL', E_ALL);
9 } else {
10 define('DEFAULT_ERROR_LEVEL', E_ERROR | E_WARNING | E_PARSE);
11 }
894ebcf5
AD		 12
13 error_reporting(DEFAULT_ERROR_LEVEL); */
cce28758 14
657770a0
AD		 15 require_once "sanity_check.php";
16 require_once "config.php";
af106b0e
AD		 17
18 require_once "db.php";
19 require_once "db-prefs.php";
20 require_once "functions.php";
657770a0 21
dc56b3b7 22 no_cache_incantation();
8d039718
AD		 23
24 if (ENABLE_TRANSLATIONS == true) {
25 startup_gettext();
26 }
dc56b3b7 27
7f0acba7
AD		 28 $script_started = getmicrotime();
29
30 $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
31
32 if (!$link) {
33 if (DB_TYPE == "mysql") {
34 print mysql_error();
35 }
36 // PG seems to display its own errors just fine by default.
37 return;
38 }
39
40 if (DB_TYPE == "pgsql") {
41 pg_query("set client_encoding = 'UTF-8'");
42 pg_set_client_encoding("UNICODE");
43 }
44
45 $op = $_REQUEST["op"];
46
c339343b 47 $print_exec_time = false;
7e3634d9 48
3de0261a
AD		 49 if ((!$op || $op == "rpc" || $op == "rss" || $op == "view" ||
50 $op == "digestSend" || $op == "viewfeed" ||
18664970 51 $op == "globalUpdateFeeds") && !$_REQUEST["noxml"]) {
6002818b
AD		 52 header("Content-Type: application/xml; charset=utf-8");
53 } else {
54 header("Content-Type: text/html; charset=utf-8");
262bd8ea
AD		 55 }
56
f3acc32e
AD		 57 if (!$op) {
58 header("Content-Type: application/xml");
59 print_error_xml(7); exit;
60 }
42c32916 61
7f0acba7
AD		 62 if (!($_SESSION["uid"] && validate_session($link)) && $op != "globalUpdateFeeds"
63 && $op != "rss" && $op != "getUnread") {
262bd8ea 64
a2770077 65 if ($op == "rpc") {
af106b0e 66 print_error_xml(6); die;
04269460
AD		 67 } else {
68 print "
69 <html><body>
70 <p>Error: Not logged in.</p>
71 <script type=\"text/javascript\">
72 if (parent.window != 'undefined') {
01a87dff 73 parent.window.location = \"tt-rss.php\";
04269460 74 } else {
01a87dff 75 window.location = \"tt-rss.php\";
04269460
AD		 76 }
77 </script>
78 </body></html>
79 ";
262bd8ea
AD		 80 }
81 exit;
82 }
1c7f75ed 83
ad815c71 84 $purge_intervals = array(
d1db26aa
AD		 85 0 => __("Use default"),
86 -1 => __("Never purge"),
87 5 => __("1 week old"),
88 14 => __("2 weeks old"),
89 31 => __("1 month old"),
90 60 => __("2 months old"),
91 90 => __("3 months old"));
ad815c71
AD		 92
93 $update_intervals = array(
d1db26aa
AD		 94 0 => __("Use default"),
95 -1 => __("Disable updates"),
96 30 => __("Each 30 minutes"),
97 60 => __("Hourly"),
98 240 => __("Each 4 hours"),
99 720 => __("Each 12 hours"),
100 1440 => __("Daily"),
101 10080 => __("Weekly"));
ad815c71 102
d20f3544 103
3c5783b7 104 $access_level_names = array(
d1db26aa
AD		 105 0 => __("User"),
106 10 => __("Administrator"));
3c5783b7 107
f27d955a 108 require_once "modules/pref-prefs.php";
ef8be8ea
AD		 109 require_once "modules/popup-dialog.php";
110 require_once "modules/help.php";
111 require_once "modules/pref-feeds.php";
112 require_once "modules/pref-filters.php";
113 require_once "modules/pref-labels.php";
114 require_once "modules/pref-users.php";
c339343b 115 require_once "modules/pref-feed-browser.php";
ef8be8ea 116
7ec2a838 117
b2804af7 118 if (!sanity_check($link)) { return; }
023fe037 119
c3b81db0 120 if ($op == "rpc") {
01b3e191 121 handle_rpc_request($link);
c3b81db0
AD		 122 }
123
124 if ($op == "feeds") {
125
8143ae1f
AD		 126 $tags = $_GET["tags"];
127
c3b81db0
AD		 128 $subop = $_GET["subop"];
129
130 if ($subop == "catchupAll") {
b018b49b 131 db_query($link, "UPDATE ttrss_user_entries SET
6d15e1ef 132 last_read = NOW(),unread = false WHERE owner_uid = " . $_SESSION["uid"]);
c3b81db0
AD		 133 }
134
fe14aeb8
AD		 135 if ($subop == "collapse") {
136 $cat_id = db_escape_string($_GET["cid"]);
280ee9a3 137
fe14aeb8
AD		 138 db_query($link, "UPDATE ttrss_feed_categories SET
139 collapsed = NOT collapsed WHERE id = '$cat_id' AND owner_uid = " .
140 $_SESSION["uid"]);
141 return;
142 }
143
8143ae1f 144 outputFeedList($link, $tags);
c3b81db0 145
1cd17194
AD		 146 }
147
e097e8be
AD		 148 if ($op == "view") {
149
150 $id = db_escape_string($_GET["id"]);
151 $feed_id = db_escape_string($_GET["feed"]);
152 $cids = split(",", db_escape_string($_GET["cids"]));
153 $mode = db_escape_string($_GET["mode"]);
5a94a953 154 $omode = db_escape_string($_GET["omode"]);
e097e8be
AD		 155
156 print "<reply>";
157
158 // in prefetch mode we only output requested cids, main article
159 // just gets marked as read (it already exists in client cache)
160
addb5836 161 if ($mode == "") {
e097e8be 162 outputArticleXML($link, $id, $feed_id);
53761dda 163 } else {
e097e8be
AD		 164 catchupArticleById($link, $id, 0);
165 }
166
167 foreach ($cids as $cid) {
168 if ($cid) {
169 outputArticleXML($link, $cid, $feed_id, false);
170 }
171 }
172
addb5836
AD		 173 if ($mode != "prefetch_old") {
174 print "<counters>";
175 getAllCounters($link, $omode);
176 print "</counters>";
177 }
5a94a953 178
e097e8be 179 print "</reply>";
1cd17194
AD		 180 }
181
182 if ($op == "viewfeed") {
183
46921916
AD		 184 $print_exec_time = true;
185 $timing_info = getmicrotime();
186
3de0261a
AD		 187 print "<reply>";
188
46921916
AD		 189 if ($_GET["debug"]) $timing_info = print_checkpoint("0", $timing_info);
190
3de0261a
AD		 191 $omode = db_escape_string($_GET["omode"]);
192
3c81ae1a 193 $feed = db_escape_string($_GET["feed"]);
3c81ae1a 194 $subop = db_escape_string($_GET["subop"]);
86b682ce 195 $view_mode = db_escape_string($_GET["view_mode"]);
3c81ae1a
AD		 196 $limit = db_escape_string($_GET["limit"]);
197 $cat_view = db_escape_string($_GET["cat"]);
e0998414 198 $next_unread_feed = db_escape_string($_GET["nuf"]);
203de776
AD		 199 $offset = db_escape_string($_GET["skip"]);
200
40496720
AD		 201 set_pref($link, "_DEFAULT_VIEW_MODE", $view_mode);
202 set_pref($link, "_DEFAULT_VIEW_LIMIT", $limit);
203
3de0261a 204 print "<headlines id=\"$feed\"><![CDATA[";
c50e2b30 205
961f4c73
AD		 206 $topmost_article_ids = outputHeadlinesList($link, $feed, $subop,
207 $view_mode, $limit, $cat_view, $next_unread_feed, $offset);
d76a3b03 208
3de0261a 209 print "]]></headlines>";
98bea1b1 210
46921916
AD		 211 if ($_GET["debug"]) $timing_info = print_checkpoint("10", $timing_info);
212
a8f8e30f 213 if (is_array($topmost_article_ids) && !get_pref($link, 'COMBINED_DISPLAY_MODE')) {
961f4c73
AD		 214 print "<articles>";
215 foreach ($topmost_article_ids as $id) {
216 outputArticleXML($link, $id, $feed, false);
217 }
218 print "</articles>";
219 }
220
46921916
AD		 221 if ($_GET["debug"]) $timing_info = print_checkpoint("20", $timing_info);
222
3de0261a
AD		 223 print "<counters>";
224 getAllCounters($link, $omode);
225 print "</counters>";
98bea1b1 226
46921916
AD		 227 if ($_GET["debug"]) $timing_info = print_checkpoint("30", $timing_info);
228
3de0261a 229 print "</reply>";
1cd17194
AD		 230 }
231
0e091d38 232 if ($op == "pref-feeds") {
ef8be8ea
AD		 233 module_pref_feeds($link);
234 }
a7f22b70 235
ef8be8ea
AD		 236 if ($op == "pref-filters") {
237 module_pref_filters($link);
238 }
a0476535 239
ef8be8ea
AD		 240 if ($op == "pref-labels") {
241 module_pref_labels($link);
242 }
d0000401 243
f27d955a
AD		 244 if ($op == "pref-prefs") {
245 module_pref_prefs($link);
246 }
247
248 if ($op == "pref-users") {
249 module_pref_users($link);
ef8be8ea 250 }
a0476535 251
ef8be8ea
AD		 252 if ($op == "help") {
253 module_help($link);
254 }
a0476535 255
ef8be8ea
AD		 256 if ($op == "dlg") {
257 module_popup_dialog($link);
258 }
a7f22b70 259
ef8be8ea
AD		 260 // update feeds of all users, may be used anonymously
261 if ($op == "globalUpdateFeeds") {
a7f22b70 262
ef8be8ea 263 $result = db_query($link, "SELECT id FROM ttrss_users");
a0476535 264
ef8be8ea
AD		 265 while ($line = db_fetch_assoc($result)) {
266 $user_id = $line["id"];
267// print "<!-- updating feeds of uid $user_id -->";
268 update_all_feeds($link, false, $user_id);
269 }
e2f728be 270
ef8be8ea
AD		 271 print "<rpc-reply>
272 <message msg=\"All feeds updated\"/>
273 </rpc-reply>";
e5d758e3 274
ef8be8ea 275 }
f9cb39ac 276
ef8be8ea 277 if ($op == "user-details") {
0af33e87 278
ef8be8ea
AD		 279 if (WEB_DEMO_MODE || $_SESSION["access_level"] < 10) {
280 return;
281 }
282
283/* print "<html><head>
284 <title>Tiny Tiny RSS : User Details</title>
285 <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">
286 <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
287 </head><body>"; */
0af33e87 288
ef8be8ea 289 $uid = sprintf("%d", $_GET["id"]);
dc932d0a 290
ef8be8ea 291 print "<div id=\"infoBoxTitle\">User details</div>";
dc932d0a 292
ef8be8ea 293 print "<div class='infoBoxContents'>";
f9cb39ac 294
ef8be8ea
AD		 295 $result = db_query($link, "SELECT login,
296 SUBSTRING(last_login,1,16) AS last_login,
297 access_level,
298 (SELECT COUNT(int_id) FROM ttrss_user_entries
299 WHERE owner_uid = id) AS stored_articles
300 FROM ttrss_users
301 WHERE id = '$uid'");
f9cb39ac 302
ef8be8ea
AD		 303 if (db_num_rows($result) == 0) {
304 print "<h1>User not found</h1>";
305 return;
306 }
307
308# print "<h1>User Details</h1>";
f9cb39ac 309
ef8be8ea 310 $login = db_fetch_result($result, 0, "login");
b92e6209 311
ef8be8ea 312# print "<h1>$login</h1>";
dc932d0a 313
ef8be8ea 314 print "<table width='100%'>";
dc932d0a 315
ef8be8ea
AD		 316 $last_login = date(get_pref($link, 'LONG_DATE_FORMAT'),
317 strtotime(db_fetch_result($result, 0, "last_login")));
318 $access_level = db_fetch_result($result, 0, "access_level");
319 $stored_articles = db_fetch_result($result, 0, "stored_articles");
f9cb39ac 320
ef8be8ea
AD		 321# print "<tr><td>Username</td><td>$login</td></tr>";
322# print "<tr><td>Access level</td><td>$access_level</td></tr>";
323 print "<tr><td>Last logged in</td><td>$last_login</td></tr>";
324 print "<tr><td>Stored articles</td><td>$stored_articles</td></tr>";
f9cb39ac 325
ef8be8ea
AD		 326 $result = db_query($link, "SELECT COUNT(id) as num_feeds FROM ttrss_feeds
327 WHERE owner_uid = '$uid'");
f9cb39ac 328
ef8be8ea 329 $num_feeds = db_fetch_result($result, 0, "num_feeds");
f9cb39ac 330
ef8be8ea 331 print "<tr><td>Subscribed feeds count</td><td>$num_feeds</td></tr>";
0ea4fb50 332
ef8be8ea
AD		 333/* $result = db_query($link, "SELECT
334 SUM(LENGTH(content)+LENGTH(title)+LENGTH(link)+LENGTH(guid)) AS db_size
335 FROM ttrss_user_entries,ttrss_entries
336 WHERE owner_uid = '$uid' AND ref_id = id");
0ea4fb50 337
ef8be8ea 338 $db_size = round(db_fetch_result($result, 0, "db_size") / 1024);
0ea4fb50 339
ef8be8ea 340 print "<tr><td>Approx. used DB size</td><td>$db_size KBytes</td></tr>"; */
e5d758e3 341
ef8be8ea 342 print "</table>";
e5d758e3 343
ef8be8ea 344 print "<h1>Subscribed feeds</h1>";
e5d758e3 345
ef8be8ea
AD		 346 $result = db_query($link, "SELECT id,title,site_url FROM ttrss_feeds
347 WHERE owner_uid = '$uid' ORDER BY title");
0ea4fb50 348
ef8be8ea 349 print "<ul class=\"userFeedList\">";
0ea4fb50 350
ef8be8ea 351 $row_class = "odd";
0ea4fb50 352
ef8be8ea 353 while ($line = db_fetch_assoc($result)) {
0ea4fb50 354
ef8be8ea 355 $icon_file = ICONS_URL."/".$line["id"].".ico";
ad815c71 356
ef8be8ea
AD		 357 if (file_exists($icon_file) && filesize($icon_file) > 0) {
358 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"$icon_file\">";
359 } else {
360 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
361 }
0ea4fb50 362
ef8be8ea 363 print "<li class=\"$row_class\">$feed_icon&nbsp;<a href=\"".$line["site_url"]."\">".$line["title"]."</a></li>";
0ea4fb50 364
ef8be8ea 365 $row_class = toggleEvenOdd($row_class);
0ea4fb50 366
ef8be8ea 367 }
a283b8d1 368
ef8be8ea
AD		 369 if (db_num_rows($result) < $num_feeds) {
370 // FIXME - add link to show ALL subscribed feeds here somewhere
371 print "<li><img
372 class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">&nbsp;...</li>";
373 }
374
375 print "</ul>";
a283b8d1 376
ef8be8ea 377 print "</div>";
0ea4fb50 378
ef8be8ea
AD		 379 print "<div align='center'>
380 <input type='submit' class='button'
381 onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
0ea4fb50 382
ef8be8ea 383// print "</body></html>";
0ea4fb50 384
ef8be8ea 385 }
ad815c71 386
ef8be8ea 387 if ($op == "pref-feed-browser") {
f27d955a 388 module_pref_feed_browser($link);
c6232e43
AD		 389 }
390
18664970
AD		 391 if ($op == "rss") {
392 $feed = db_escape_string($_GET["id"]);
393 $user = db_escape_string($_GET["user"]);
394 $pass = db_escape_string($_GET["pass"]);
395 $is_cat = $_GET["is_cat"] != false;
396
e1eb2147
AD		 397 $search = db_escape_string($_GET["q"]);
398 $match_on = db_escape_string($_GET["m"]);
399 $search_mode = db_escape_string($_GET["smode"]);
400
18664970
AD		 401 if (!$_SESSION["uid"] && $user && $pass) {
402 authenticate_user($link, $user, $pass);
403 }
404
405 if ($_SESSION["uid"] ||
406 http_authenticate_user($link)) {
407
e1eb2147
AD		 408 generate_syndicated_feed($link, $feed, $is_cat,
409 $search, $search_mode, $match_on);
18664970
AD		 410 }
411 }
412
88040f57
AD		 413 if ($op == "labelFromSearch") {
414 $search = db_escape_string($_GET["search"]);
415 $search_mode = db_escape_string($_GET["smode"]);
416 $match_on = db_escape_string($_GET["match"]);
417 $is_cat = db_escape_string($_GET["is_cat"]);
418 $title = db_escape_string($_GET["title"]);
419 $feed = sprintf("%d", $_GET["feed"]);
420
421 $label_qparts = array();
422
423 $search_expr = getSearchSql($search, $match_on);
424
425 if ($is_cat) {
426 if ($feed != 0) {
427 $search_expr .= " AND ttrss_feeds.cat_id = $feed ";
428 } else {
429 $search_expr .= " AND ttrss_feeds.cat_id IS NULL ";
430 }
431 } else {
432 if ($search_mode == "all_feeds") {
433 // NOOP
434 } else if ($search_mode == "this_cat") {
435
436 $tmp_result = db_query($link, "SELECT cat_id
437 FROM ttrss_feeds WHERE id = '$feed'");
438
439 $cat_id = db_fetch_result($tmp_result, 0, "cat_id");
440
441 if ($cat_id > 0) {
442 $search_expr .= " AND ttrss_feeds.cat_id = $cat_id ";
443 } else {
444 $search_expr .= " AND ttrss_feeds.cat_id IS NULL ";
445 }
446 } else {
447 $search_expr .= " AND ttrss_feeds.id = $feed ";
448 }
449
450 }
451
452 $search_expr = db_escape_string($search_expr);
453
454 print $search_expr;
455
456 if ($title) {
457 $result = db_query($link,
458 "INSERT INTO ttrss_labels (sql_exp,description,owner_uid)
459 VALUES ('$search_expr', '$title', '".$_SESSION["uid"]."')");
460 }
461 }
462
f3acc32e
AD		 463 if ($op == "getUnread") {
464 $login = db_escape_string($_GET["login"]);
465
7e3634d9 466 header("Content-Type: text/plain; charset=utf-8");
f3acc32e
AD		 467
468 $result = db_query($link, "SELECT id FROM ttrss_users WHERE login = '$login'");
469
470 if (db_num_rows($result) == 1) {
471 $uid = db_fetch_result($result, 0, "id");
472 print getGlobalUnread($link, $uid);
473 } else {
0599d09e 474 print "-1;User not found";
f3acc32e 475 }
7e3634d9
AD		 476
477 $print_exec_time = false;
478 }
479
480 if ($op == "digestTest") {
481 header("Content-Type: text/plain");
9cd7c995
AD		 482 print_r(prepare_headlines_digest($link, $_SESSION["uid"]));
483 $print_exec_time = false;
484
485 }
448b0abd 486
9cd7c995
AD		 487 if ($op == "digestSend") {
488 header("Content-Type: text/plain");
489 send_headlines_digests($link);
7e3634d9
AD		 490 $print_exec_time = false;
491
f3acc32e
AD		 492 }
493
4b3dff6e 494 db_close($link);
1cd17194 495?>
406d9489 496
7e3634d9 497<?php if ($print_exec_time) { ?>
1d3a17c7 498<!-- <?php echo sprintf("Backend execution time: %.4f seconds", getmicrotime() - $script_started) ?> -->
f3acc32e 499<?php } ?>
web-based news feed (RSS/Atom) reader and aggregator; see https://tt-rss.org/