[tt-rss.git] / classes / api.php

<?php

class API extends Handler {

	const API_LEVEL  = 4;

	const STATUS_OK  = 0;
	const STATUS_ERR = 1;

	private $seq;

	function before($method) {
		if (parent::before($method)) {
			header("Content-Type: text/json");

			if (!$_SESSION["uid"] && $method != "login" && $method != "isloggedin") {
				print $this->wrap(self::STATUS_ERR, array("error" => 'NOT_LOGGED_IN'));
				return false;
			}

			if ($_SESSION["uid"] && $method != "logout" && !get_pref($this->link, 'ENABLE_API_ACCESS')) {
				print $this->wrap(self::STATUS_ERR, array("error" => 'API_DISABLED'));
				return false;
			}

			$this->seq = (int) $_REQUEST['seq'];

			return true;
		}
		return false;
	}

	function wrap($status, $reply) {
		print json_encode(array("seq" => $this->seq,
			"status" => $status,
			"content" => $reply));
	}

	function getVersion() {
		$rv = array("version" => VERSION);
		print $this->wrap(self::STATUS_OK, $rv);
	}

	function getApiLevel() {
		$rv = array("level" => self::API_LEVEL);
		print $this->wrap(self::STATUS_OK, $rv);
	}

	function login() {
		$login = db_escape_string($_REQUEST["user"]);
		$password = $_REQUEST["password"];
		$password_base64 = base64_decode($_REQUEST["password"]);

		if (SINGLE_USER_MODE) $login = "admin";

		$result = db_query($this->link, "SELECT id FROM ttrss_users WHERE login = '$login'");

		if (db_num_rows($result) != 0) {
			$uid = db_fetch_result($result, 0, "id");
		} else {
			$uid = 0;
		}

		if (!$uid) {
			print $this->wrap(self::STATUS_ERR, array("error" => "LOGIN_ERROR"));
			return;
		}

		if (get_pref($this->link, "ENABLE_API_ACCESS", $uid)) {
			if (authenticate_user($this->link, $login, $password)) {               // try login with normal password
				print $this->wrap(self::STATUS_OK, array("session_id" => session_id(),
					"api_level" => self::API_LEVEL));
			} else if (authenticate_user($this->link, $login, $password_base64)) { // else try with base64_decoded password
				print $this->wrap(self::STATUS_OK,	array("session_id" => session_id(),
					"api_level" => self::API_LEVEL));
			} else {                                                         // else we are not logged in
				print $this->wrap(self::STATUS_ERR, array("error" => "LOGIN_ERROR"));
			}
		} else {
			print $this->wrap(self::STATUS_ERR, array("error" => "API_DISABLED"));
		}

	}

	function logout() {
		logout_user();
		print $this->wrap(self::STATUS_OK, array("status" => "OK"));
	}

	function isLoggedIn() {
		print $this->wrap(self::STATUS_OK, array("status" => $_SESSION["uid"] != ''));
	}

	function getUnread() {
		$feed_id = db_escape_string($_REQUEST["feed_id"]);
		$is_cat = db_escape_string($_REQUEST["is_cat"]);

		if ($feed_id) {
			print $this->wrap(self::STATUS_OK, array("unread" => getFeedUnread($this->link, $feed_id, $is_cat)));
		} else {
			print $this->wrap(self::STATUS_OK, array("unread" => getGlobalUnread($this->link)));
		}
	}

	/* Method added for ttrss-reader for Android */
	function getCounters() {
		print $this->wrap(self::STATUS_OK, getAllCounters($this->link));
	}

	function getFeeds() {
		$cat_id = db_escape_string($_REQUEST["cat_id"]);
		$unread_only = (bool)db_escape_string($_REQUEST["unread_only"]);
		$limit = (int) db_escape_string($_REQUEST["limit"]);
		$offset = (int) db_escape_string($_REQUEST["offset"]);
		$include_nested = (bool)db_escape_string($_REQUEST["include_nested"]);

		$feeds = $this->api_get_feeds($this->link, $cat_id, $unread_only, $limit, $offset, $include_nested);

		print $this->wrap(self::STATUS_OK, $feeds);
	}

	function getCategories() {
		$unread_only = (bool)db_escape_string($_REQUEST["unread_only"]);
		$enable_nested = (bool)db_escape_string($_REQUEST["enable_nested"]);

		// TODO do not return empty categories, return Uncategorized and standard virtual cats

		if ($enable_nested)
			$nested_qpart = "parent_cat IS NULL";
		else
			$nested_qpart = "true";

		$result = db_query($this->link, "SELECT
				id, title, order_id FROM ttrss_feed_categories
			WHERE $nested_qpart AND owner_uid = " .
			$_SESSION["uid"]);

		$cats = array();

		while ($line = db_fetch_assoc($result)) {
			$unread = getFeedUnread($this->link, $line["id"], true);

			if ($enable_nested)
				$unread += getCategoryChildrenUnread($this->link, $line["id"]);

			if ($unread || !$unread_only) {
				array_push($cats, array("id" => $line["id"],
					"title" => $line["title"],
					"unread" => $unread,
					"order_id" => (int) $line["order_id"],
				));
			}
		}

		foreach (array(-2,-1,0) as $cat_id) {
			$unread = getFeedUnread($this->link, $cat_id, true);

			if ($unread || !$unread_only) {
				array_push($cats, array("id" => $cat_id,
					"title" => getCategoryTitle($this->link, $cat_id),
					"unread" => $unread));
			}
		}

		print $this->wrap(self::STATUS_OK, $cats);
	}

	function getHeadlines() {
		$feed_id = db_escape_string($_REQUEST["feed_id"]);
		if ($feed_id != "") {

			$limit = (int)db_escape_string($_REQUEST["limit"]);

			if (!$limit || $limit >= 60) $limit = 60;

			$offset = (int)db_escape_string($_REQUEST["skip"]);
			$filter = db_escape_string($_REQUEST["filter"]);
			$is_cat = (bool)db_escape_string($_REQUEST["is_cat"]);
			$show_excerpt = (bool)db_escape_string($_REQUEST["show_excerpt"]);
			$show_content = (bool)db_escape_string($_REQUEST["show_content"]);
			/* all_articles, unread, adaptive, marked, updated */
			$view_mode = db_escape_string($_REQUEST["view_mode"]);
			$include_attachments = (bool)db_escape_string($_REQUEST["include_attachments"]);
			$since_id = (int)db_escape_string($_REQUEST["since_id"]);
			$include_nested = (bool)db_escape_string($_REQUEST["include_nested"]);
			$sanitize_content = true;

			/* do not rely on params below */

			$search = db_escape_string($_REQUEST["search"]);
			$search_mode = db_escape_string($_REQUEST["search_mode"]);
			$match_on = db_escape_string($_REQUEST["match_on"]);

			$headlines = $this->api_get_headlines($this->link, $feed_id, $limit, $offset,
				$filter, $is_cat, $show_excerpt, $show_content, $view_mode, false,
				$include_attachments, $since_id, $search, $search_mode, $match_on,
				$include_nested, $sanitize_content);

			print $this->wrap(self::STATUS_OK, $headlines);
		} else {
			print $this->wrap(self::STATUS_ERR, array("error" => 'INCORRECT_USAGE'));
		}
	}

	function updateArticle() {
		$article_ids = array_filter(explode(",", db_escape_string($_REQUEST["article_ids"])), is_numeric);
		$mode = (int) db_escape_string($_REQUEST["mode"]);
		$data = db_escape_string($_REQUEST["data"]);
		$field_raw = (int)db_escape_string($_REQUEST["field"]);

		$field = "";
		$set_to = "";

		switch ($field_raw) {
			case 0:
				$field = "marked";
				break;
			case 1:
				$field = "published";
				break;
			case 2:
				$field = "unread";
				break;
			case 3:
				$field = "note";
		};

		switch ($mode) {
			case 1:
				$set_to = "true";
				break;
			case 0:
				$set_to = "false";
				break;
			case 2:
				$set_to = "NOT $field";
				break;
		}

		if ($field == "note") $set_to = "'$data'";

		if ($field && $set_to && count($article_ids) > 0) {

			$article_ids = join(", ", $article_ids);

			if ($field == "unread") {
				$result = db_query($this->link, "UPDATE ttrss_user_entries SET $field = $set_to,
					last_read = NOW()
					WHERE ref_id IN ($article_ids) AND owner_uid = " . $_SESSION["uid"]);
			} else {
				$result = db_query($this->link, "UPDATE ttrss_user_entries SET $field = $set_to
					WHERE ref_id IN ($article_ids) AND owner_uid = " . $_SESSION["uid"]);
			}

			$num_updated = db_affected_rows($this->link, $result);

			if ($num_updated > 0 && $field == "unread") {
				$result = db_query($this->link, "SELECT DISTINCT feed_id FROM ttrss_user_entries
					WHERE ref_id IN ($article_ids)");

				while ($line = db_fetch_assoc($result)) {
					ccache_update($this->link, $line["feed_id"], $_SESSION["uid"]);
				}
			}

			print $this->wrap(self::STATUS_OK, array("status" => "OK",
				"updated" => $num_updated));

		} else {
			print $this->wrap(self::STATUS_ERR, array("error" => 'INCORRECT_USAGE'));
		}

	}

	function getArticle() {

		$article_id = join(",", array_filter(explode(",", db_escape_string($_REQUEST["article_id"])), is_numeric));

		$query = "SELECT id,title,link,content,cached_content,feed_id,comments,int_id,
			marked,unread,published,
			".SUBSTRING_FOR_DATE."(updated,1,16) as updated,
			author
			FROM ttrss_entries,ttrss_user_entries
			WHERE	id IN ($article_id) AND ref_id = id AND owner_uid = " .
				$_SESSION["uid"] ;

		$result = db_query($this->link, $query);

		$articles = array();

		if (db_num_rows($result) != 0) {

			while ($line = db_fetch_assoc($result)) {

				$attachments = get_article_enclosures($this->link, $line['id']);

				$article = array(
					"id" => $line["id"],
					"title" => $line["title"],
					"link" => $line["link"],
					"labels" => get_article_labels($this->link, $line['id']),
					"unread" => sql_bool_to_bool($line["unread"]),
					"marked" => sql_bool_to_bool($line["marked"]),
					"published" => sql_bool_to_bool($line["published"]),
					"comments" => $line["comments"],
					"author" => $line["author"],
					"updated" => strtotime($line["updated"]),
					"content" => $line["cached_content"] != "" ? $line["cached_content"] : $line["content"],
					"feed_id" => $line["feed_id"],
					"attachments" => $attachments
				);

				array_push($articles, $article);

			}
		}

		print $this->wrap(self::STATUS_OK, $articles);

	}

	function getConfig() {
		$config = array(
			"icons_dir" => ICONS_DIR,
			"icons_url" => ICONS_URL);

		$config["daemon_is_running"] = file_is_locked("update_daemon.lock");

		$result = db_query($this->link, "SELECT COUNT(*) AS cf FROM
			ttrss_feeds WHERE owner_uid = " . $_SESSION["uid"]);

		$num_feeds = db_fetch_result($result, 0, "cf");

		$config["num_feeds"] = (int)$num_feeds;

		print $this->wrap(self::STATUS_OK, $config);
	}

	function updateFeed() {
		$feed_id = db_escape_string($_REQUEST["feed_id"]);

		update_rss_feed($this->link, $feed_id, true);

		print $this->wrap(self::STATUS_OK, array("status" => "OK"));
	}

	function catchupFeed() {
		$feed_id = db_escape_string($_REQUEST["feed_id"]);
		$is_cat = db_escape_string($_REQUEST["is_cat"]);

		catchup_feed($this->link, $feed_id, $is_cat);

		print $this->wrap(self::STATUS_OK, array("status" => "OK"));
	}

	function getPref() {
		$pref_name = db_escape_string($_REQUEST["pref_name"]);

		print $this->wrap(self::STATUS_OK, array("value" => get_pref($this->link, $pref_name)));
	}

	function getLabels() {
		//$article_ids = array_filter(explode(",", db_escape_string($_REQUEST["article_ids"])), is_numeric);

		$article_id = (int)$_REQUEST['article_id'];

		$rv = array();

		$result = db_query($this->link, "SELECT id, caption, fg_color, bg_color
			FROM ttrss_labels2
			WHERE owner_uid = '".$_SESSION['uid']."' ORDER BY caption");

		if ($article_id)
			$article_labels = get_article_labels($this->link, $article_id);
		else
			$article_labels = array();

		while ($line = db_fetch_assoc($result)) {

			$checked = false;
			foreach ($article_labels as $al) {
				if ($al[0] == $line['id']) {
					$checked = true;
					break;
				}
			}

			array_push($rv, array(
				"id" => (int)$line['id'],
				"caption" => $line['caption'],
				"fg_color" => $line['fg_color'],
				"bg_color" => $line['bg_color'],
				"checked" => $checked));
		}

		print $this->wrap(self::STATUS_OK, $rv);
	}

	function setArticleLabel() {

		$article_ids = array_filter(explode(",", db_escape_string($_REQUEST["article_ids"])), is_numeric);
		$label_id = (int) db_escape_string($_REQUEST['label_id']);
		$assign = (bool) db_escape_string($_REQUEST['assign']) == "true";

		$label = db_escape_string(label_find_caption($this->link,
			$label_id, $_SESSION["uid"]));

		$num_updated = 0;

		if ($label) {

			foreach ($article_ids as $id) {

				if ($assign)
					label_add_article($this->link, $id, $label, $_SESSION["uid"]);
				else
					label_remove_article($this->link, $id, $label, $_SESSION["uid"]);

				++$num_updated;

			}
		}

		print $this->wrap(self::STATUS_OK, array("status" => "OK",
			"updated" => $num_updated));

	}

	function index() {
		print $this->wrap(self::STATUS_ERR, array("error" => 'UNKNOWN_METHOD'));
	}

	function shareToPublished() {
		$title = db_escape_string(strip_tags($_REQUEST["title"]));
		$url = db_escape_string(strip_tags($_REQUEST["url"]));
		$content = db_escape_string(strip_tags($_REQUEST["content"]));

		if (Article::create_published_article($this->link, $title, $url, $content, "", $_SESSION["uid"])) {
			print $this->wrap(self::STATUS_OK, array("status" => 'OK'));
		} else {
			print $this->wrap(self::STATUS_ERR, array("error" => 'Publishing failed'));
		}
	}

	static function api_get_feeds($link, $cat_id, $unread_only, $limit, $offset, $include_nested = false) {

			$feeds = array();

			/* Labels */

			if ($cat_id == -4 || $cat_id == -2) {
				$counters = getLabelCounters($link, true);

				foreach (array_values($counters) as $cv) {

					$unread = $cv["counter"];

					if ($unread || !$unread_only) {

						$row = array(
								"id" => $cv["id"],
								"title" => $cv["description"],
								"unread" => $cv["counter"],
								"cat_id" => -2,
							);

						array_push($feeds, $row);
					}
				}
			}

			/* Virtual feeds */

			if ($cat_id == -4 || $cat_id == -1) {
				foreach (array(-1, -2, -3, -4, -6, 0) as $i) {
					$unread = getFeedUnread($link, $i);

					if ($unread || !$unread_only) {
						$title = getFeedTitle($link, $i);

						$row = array(
								"id" => $i,
								"title" => $title,
								"unread" => $unread,
								"cat_id" => -1,
							);
						array_push($feeds, $row);
					}

				}
			}

			/* Child cats */

			if ($include_nested && $cat_id) {
				$result = db_query($link, "SELECT
					id, title FROM ttrss_feed_categories
					WHERE parent_cat = '$cat_id' AND owner_uid = " . $_SESSION["uid"] .
				" ORDER BY id, title");

				while ($line = db_fetch_assoc($result)) {
					$unread = getFeedUnread($link, $line["id"], true) +
						getCategoryChildrenUnread($link, $line["id"]);

					if ($unread || !$unread_only) {
						$row = array(
								"id" => $line["id"],
								"title" => $line["title"],
								"unread" => $unread,
								"is_cat" => true,
							);
						array_push($feeds, $row);
					}
				}
			}

			/* Real feeds */

			if ($limit) {
				$limit_qpart = "LIMIT $limit OFFSET $offset";
			} else {
				$limit_qpart = "";
			}

			if ($cat_id == -4 || $cat_id == -3) {
				$result = db_query($link, "SELECT
					id, feed_url, cat_id, title, order_id, ".
						SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated
						FROM ttrss_feeds WHERE owner_uid = " . $_SESSION["uid"] .
						" ORDER BY cat_id, title " . $limit_qpart);
			} else {

				if ($cat_id)
					$cat_qpart = "cat_id = '$cat_id'";
				else
					$cat_qpart = "cat_id IS NULL";

				$result = db_query($link, "SELECT
					id, feed_url, cat_id, title, order_id, ".
						SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated
						FROM ttrss_feeds WHERE
						$cat_qpart AND owner_uid = " . $_SESSION["uid"] .
						" ORDER BY cat_id, title " . $limit_qpart);
			}

			while ($line = db_fetch_assoc($result)) {

				$unread = getFeedUnread($link, $line["id"]);

				$has_icon = feed_has_icon($line['id']);

				if ($unread || !$unread_only) {

					$row = array(
							"feed_url" => $line["feed_url"],
							"title" => $line["title"],
							"id" => (int)$line["id"],
							"unread" => (int)$unread,
							"has_icon" => $has_icon,
							"cat_id" => (int)$line["cat_id"],
							"last_updated" => strtotime($line["last_updated"]),
							"order_id" => (int) $line["order_id"],
						);

					array_push($feeds, $row);
				}
			}

		return $feeds;
	}

	static function api_get_headlines($link, $feed_id, $limit, $offset,
				$filter, $is_cat, $show_excerpt, $show_content, $view_mode, $order,
				$include_attachments, $since_id,
				$search = "", $search_mode = "", $match_on = "",
				$include_nested = false, $sanitize_content = true) {

			$qfh_ret = queryFeedHeadlines($link, $feed_id, $limit,
				$view_mode, $is_cat, $search, $search_mode, $match_on,
				$order, $offset, 0, false, $since_id, $include_nested);

			$result = $qfh_ret[0];
			$feed_title = $qfh_ret[1];

			$headlines = array();

			while ($line = db_fetch_assoc($result)) {
				$is_updated = ($line["last_read"] == "" &&
					($line["unread"] != "t" && $line["unread"] != "1"));

				$tags = explode(",", $line["tag_cache"]);
				$labels = json_decode($line["label_cache"], true);

				//if (!$tags) $tags = get_article_tags($link, $line["id"]);
				//if (!$labels) $labels = get_article_labels($link, $line["id"]);

				$headline_row = array(
						"id" => (int)$line["id"],
						"unread" => sql_bool_to_bool($line["unread"]),
						"marked" => sql_bool_to_bool($line["marked"]),
						"published" => sql_bool_to_bool($line["published"]),
						"updated" => strtotime($line["updated"]),
						"is_updated" => $is_updated,
						"title" => $line["title"],
						"link" => $line["link"],
						"feed_id" => $line["feed_id"],
						"tags" => $tags,
					);

					if ($include_attachments)
						$headline_row['attachments'] = get_article_enclosures($link,
							$line['id']);

				if ($show_excerpt) {
					$excerpt = truncate_string(strip_tags($line["content_preview"]), 100);
					$headline_row["excerpt"] = $excerpt;
				}

				if ($show_content) {

					if ($line["cached_content"] != "") {
						$line["content_preview"] =& $line["cached_content"];
					}

					if ($sanitize_content) {
						$headline_row["content"] = sanitize($link,
							$line["content_preview"], false, false, $line["site_url"]);
					} else {
						$headline_row["content"] = $line["content_preview"];
					}
				}

				// unify label output to ease parsing
				if ($labels["no-labels"] == 1) $labels = array();

				$headline_row["labels"] = $labels;

				$headline_row["feed_title"] = $line["feed_title"];

				$headline_row["comments_count"] = (int)$line["num_comments"];
				$headline_row["comments_link"] = $line["comments"];

				$headline_row["always_display_attachments"] = sql_bool_to_bool($line["always_display_enclosures"]);

				array_push($headlines, $headline_row);
			}

			return $headlines;
	}

}

?>
Commit	Line	Data
de8260cb AD	1	<?php
	2
	3	class API extends Handler {
	4
8361e724	5	const API_LEVEL = 4;
de8260cb AD	6
	7	const STATUS_OK = 0;
	8	const STATUS_ERR = 1;
	9
	10	private $seq;
	11
	12	function before($method) {
	13	if (parent::before($method)) {
12f31782	14	header("Content-Type: text/json");
de8260cb AD	15
	16	if (!$_SESSION["uid"] && $method != "login" && $method != "isloggedin") {
	17	print $this->wrap(self::STATUS_ERR, array("error" => 'NOT_LOGGED_IN'));
	18	return false;
	19	}
	20
	21	if ($_SESSION["uid"] && $method != "logout" && !get_pref($this->link, 'ENABLE_API_ACCESS')) {
	22	print $this->wrap(self::STATUS_ERR, array("error" => 'API_DISABLED'));
	23	return false;
	24	}
	25
	26	$this->seq = (int) $_REQUEST['seq'];
	27
de8260cb AD	28	return true;
	29	}
	30	return false;
	31	}
	32
	33	function wrap($status, $reply) {
	34	print json_encode(array("seq" => $this->seq,
	35	"status" => $status,
	36	"content" => $reply));
	37	}
	38
	39	function getVersion() {
	40	$rv = array("version" => VERSION);
	41	print $this->wrap(self::STATUS_OK, $rv);
	42	}
	43
	44	function getApiLevel() {
a3b5394a	45	$rv = array("level" => self::API_LEVEL);
de8260cb AD	46	print $this->wrap(self::STATUS_OK, $rv);
	47	}
	48
	49	function login() {
	50	$login = db_escape_string($_REQUEST["user"]);
	51	$password = $_REQUEST["password"];
	52	$password_base64 = base64_decode($_REQUEST["password"]);
	53
	54	if (SINGLE_USER_MODE) $login = "admin";
	55
	56	$result = db_query($this->link, "SELECT id FROM ttrss_users WHERE login = '$login'");
	57
	58	if (db_num_rows($result) != 0) {
	59	$uid = db_fetch_result($result, 0, "id");
	60	} else {
	61	$uid = 0;
	62	}
	63
	64	if (!$uid) {
	65	print $this->wrap(self::STATUS_ERR, array("error" => "LOGIN_ERROR"));
	66	return;
	67	}
	68
	69	if (get_pref($this->link, "ENABLE_API_ACCESS", $uid)) {
	70	if (authenticate_user($this->link, $login, $password)) { // try login with normal password
5ba4ebc6 AD	71	print $this->wrap(self::STATUS_OK, array("session_id" => session_id(),
5ba4ebc6 AD	72	"api_level" => self::API_LEVEL));
de8260cb	73	} else if (authenticate_user($this->link, $login, $password_base64)) { // else try with base64_decoded password
5ba4ebc6 AD	74	print $this->wrap(self::STATUS_OK, array("session_id" => session_id(),
5ba4ebc6 AD	75	"api_level" => self::API_LEVEL));
de8260cb AD	76	} else { // else we are not logged in
	77	print $this->wrap(self::STATUS_ERR, array("error" => "LOGIN_ERROR"));
	78	}
	79	} else {
	80	print $this->wrap(self::STATUS_ERR, array("error" => "API_DISABLED"));
	81	}
	82
	83	}
	84
	85	function logout() {
	86	logout_user();
	87	print $this->wrap(self::STATUS_OK, array("status" => "OK"));
	88	}
	89
	90	function isLoggedIn() {
	91	print $this->wrap(self::STATUS_OK, array("status" => $_SESSION["uid"] != ''));
	92	}
	93
	94	function getUnread() {
	95	$feed_id = db_escape_string($_REQUEST["feed_id"]);
	96	$is_cat = db_escape_string($_REQUEST["is_cat"]);
	97
	98	if ($feed_id) {
	99	print $this->wrap(self::STATUS_OK, array("unread" => getFeedUnread($this->link, $feed_id, $is_cat)));
	100	} else {
	101	print $this->wrap(self::STATUS_OK, array("unread" => getGlobalUnread($this->link)));
	102	}
	103	}
	104
	105	/* Method added for ttrss-reader for Android */
	106	function getCounters() {
5b55e9e2	107	print $this->wrap(self::STATUS_OK, getAllCounters($this->link));
de8260cb AD	108	}
	109
	110	function getFeeds() {
	111	$cat_id = db_escape_string($_REQUEST["cat_id"]);
	112	$unread_only = (bool)db_escape_string($_REQUEST["unread_only"]);
	113	$limit = (int) db_escape_string($_REQUEST["limit"]);
	114	$offset = (int) db_escape_string($_REQUEST["offset"]);
48646336	115	$include_nested = (bool)db_escape_string($_REQUEST["include_nested"]);
de8260cb	116
04f60eb7	117	$feeds = $this->api_get_feeds($this->link, $cat_id, $unread_only, $limit, $offset, $include_nested);
de8260cb AD	118
	119	print $this->wrap(self::STATUS_OK, $feeds);
	120	}
	121
	122	function getCategories() {
	123	$unread_only = (bool)db_escape_string($_REQUEST["unread_only"]);
48646336	124	$enable_nested = (bool)db_escape_string($_REQUEST["enable_nested"]);
de8260cb AD	125
	126	// TODO do not return empty categories, return Uncategorized and standard virtual cats
	127
48646336 AD	128	if ($enable_nested)
	129	$nested_qpart = "parent_cat IS NULL";
	130	else
	131	$nested_qpart = "true";
	132
de8260cb	133	$result = db_query($this->link, "SELECT
b11e9943	134	id, title, order_id FROM ttrss_feed_categories
48646336	135	WHERE $nested_qpart AND owner_uid = " .
de8260cb AD	136	$_SESSION["uid"]);
	137
	138	$cats = array();
	139
	140	while ($line = db_fetch_assoc($result)) {
	141	$unread = getFeedUnread($this->link, $line["id"], true);
	142
48646336 AD	143	if ($enable_nested)
	144	$unread += getCategoryChildrenUnread($this->link, $line["id"]);
	145
de8260cb AD	146	if ($unread \|\| !$unread_only) {
	147	array_push($cats, array("id" => $line["id"],
	148	"title" => $line["title"],
b11e9943 AD	149	"unread" => $unread,
	150	"order_id" => (int) $line["order_id"],
	151	));
de8260cb AD	152	}
	153	}
	154
	155	foreach (array(-2,-1,0) as $cat_id) {
	156	$unread = getFeedUnread($this->link, $cat_id, true);
	157
	158	if ($unread \|\| !$unread_only) {
	159	array_push($cats, array("id" => $cat_id,
	160	"title" => getCategoryTitle($this->link, $cat_id),
	161	"unread" => $unread));
	162	}
	163	}
	164
	165	print $this->wrap(self::STATUS_OK, $cats);
	166	}
	167
	168	function getHeadlines() {
	169	$feed_id = db_escape_string($_REQUEST["feed_id"]);
8aa3becc	170	if ($feed_id != "") {
de8260cb AD	171
de8260cb AD	172	$limit = (int)db_escape_string($_REQUEST["limit"]);
1a740cf6 AD	173
	174	if (!$limit \|\| $limit >= 60) $limit = 60;
	175
de8260cb AD	176	$offset = (int)db_escape_string($_REQUEST["skip"]);
	177	$filter = db_escape_string($_REQUEST["filter"]);
	178	$is_cat = (bool)db_escape_string($_REQUEST["is_cat"]);
	179	$show_excerpt = (bool)db_escape_string($_REQUEST["show_excerpt"]);
	180	$show_content = (bool)db_escape_string($_REQUEST["show_content"]);
	181	/* all_articles, unread, adaptive, marked, updated */
	182	$view_mode = db_escape_string($_REQUEST["view_mode"]);
	183	$include_attachments = (bool)db_escape_string($_REQUEST["include_attachments"]);
	184	$since_id = (int)db_escape_string($_REQUEST["since_id"]);
48646336	185	$include_nested = (bool)db_escape_string($_REQUEST["include_nested"]);
db9e00e3	186	$sanitize_content = true;
de8260cb	187
3e4af5b0 AD	188	/* do not rely on params below */
	189
	190	$search = db_escape_string($_REQUEST["search"]);
	191	$search_mode = db_escape_string($_REQUEST["search_mode"]);
	192	$match_on = db_escape_string($_REQUEST["match_on"]);
	193
04f60eb7	194	$headlines = $this->api_get_headlines($this->link, $feed_id, $limit, $offset,
de8260cb	195	$filter, $is_cat, $show_excerpt, $show_content, $view_mode, false,
48646336	196	$include_attachments, $since_id, $search, $search_mode, $match_on,
db9e00e3	197	$include_nested, $sanitize_content);
de8260cb AD	198
	199	print $this->wrap(self::STATUS_OK, $headlines);
	200	} else {
	201	print $this->wrap(self::STATUS_ERR, array("error" => 'INCORRECT_USAGE'));
	202	}
	203	}
	204
	205	function updateArticle() {
	206	$article_ids = array_filter(explode(",", db_escape_string($_REQUEST["article_ids"])), is_numeric);
	207	$mode = (int) db_escape_string($_REQUEST["mode"]);
	208	$data = db_escape_string($_REQUEST["data"]);
	209	$field_raw = (int)db_escape_string($_REQUEST["field"]);
	210
	211	$field = "";
	212	$set_to = "";
	213
	214	switch ($field_raw) {
	215	case 0:
	216	$field = "marked";
	217	break;
	218	case 1:
	219	$field = "published";
	220	break;
	221	case 2:
	222	$field = "unread";
	223	break;
	224	case 3:
	225	$field = "note";
	226	};
	227
	228	switch ($mode) {
	229	case 1:
	230	$set_to = "true";
	231	break;
	232	case 0:
	233	$set_to = "false";
	234	break;
	235	case 2:
	236	$set_to = "NOT $field";
	237	break;
	238	}
	239
	240	if ($field == "note") $set_to = "'$data'";
	241
	242	if ($field && $set_to && count($article_ids) > 0) {
	243
	244	$article_ids = join(", ", $article_ids);
	245
	246	if ($field == "unread") {
	247	$result = db_query($this->link, "UPDATE ttrss_user_entries SET $field = $set_to,
	248	last_read = NOW()
	249	WHERE ref_id IN ($article_ids) AND owner_uid = " . $_SESSION["uid"]);
	250	} else {
	251	$result = db_query($this->link, "UPDATE ttrss_user_entries SET $field = $set_to
	252	WHERE ref_id IN ($article_ids) AND owner_uid = " . $_SESSION["uid"]);
	253	}
	254
	255	$num_updated = db_affected_rows($this->link, $result);
	256
	257	if ($num_updated > 0 && $field == "unread") {
	258	$result = db_query($this->link, "SELECT DISTINCT feed_id FROM ttrss_user_entries
	259	WHERE ref_id IN ($article_ids)");
	260
	261	while ($line = db_fetch_assoc($result)) {
262	ccache_update($this->link, $line["feed_id"], $_SESSION["uid"]);
263	}
264	}
265
266	print $this->wrap(self::STATUS_OK, array("status" => "OK",
267	"updated" => $num_updated));
268
269	} else {
270	print $this->wrap(self::STATUS_ERR, array("error" => 'INCORRECT_USAGE'));
271	}
272
273	}
274
275	function getArticle() {
276
277	$article_id = join(",", array_filter(explode(",", db_escape_string($_REQUEST["article_id"])), is_numeric));
278
87764a50	279	$query = "SELECT id,title,link,content,cached_content,feed_id,comments,int_id,
de8260cb AD	280	marked,unread,published,
	281	".SUBSTRING_FOR_DATE."(updated,1,16) as updated,
	282	author
	283	FROM ttrss_entries,ttrss_user_entries
	284	WHERE id IN ($article_id) AND ref_id = id AND owner_uid = " .
	285	$_SESSION["uid"] ;
	286
	287	$result = db_query($this->link, $query);
	288
	289	$articles = array();
	290
	291	if (db_num_rows($result) != 0) {
	292
	293	while ($line = db_fetch_assoc($result)) {
	294
	295	$attachments = get_article_enclosures($this->link, $line['id']);
	296
	297	$article = array(
	298	"id" => $line["id"],
	299	"title" => $line["title"],
	300	"link" => $line["link"],
	301	"labels" => get_article_labels($this->link, $line['id']),
	302	"unread" => sql_bool_to_bool($line["unread"]),
	303	"marked" => sql_bool_to_bool($line["marked"]),
	304	"published" => sql_bool_to_bool($line["published"]),
	305	"comments" => $line["comments"],
	306	"author" => $line["author"],
	307	"updated" => strtotime($line["updated"]),
87764a50	308	"content" => $line["cached_content"] != "" ? $line["cached_content"] : $line["content"],
de8260cb AD	309	"feed_id" => $line["feed_id"],
	310	"attachments" => $attachments
	311	);
	312
	313	array_push($articles, $article);
	314
	315	}
	316	}
	317
	318	print $this->wrap(self::STATUS_OK, $articles);
	319
	320	}
	321
	322	function getConfig() {
	323	$config = array(
	324	"icons_dir" => ICONS_DIR,
	325	"icons_url" => ICONS_URL);
	326
	327	$config["daemon_is_running"] = file_is_locked("update_daemon.lock");
	328
	329	$result = db_query($this->link, "SELECT COUNT(*) AS cf FROM
	330	ttrss_feeds WHERE owner_uid = " . $_SESSION["uid"]);
	331
	332	$num_feeds = db_fetch_result($result, 0, "cf");
	333
	334	$config["num_feeds"] = (int)$num_feeds;
	335
	336	print $this->wrap(self::STATUS_OK, $config);
	337	}
	338
	339	function updateFeed() {
	340	$feed_id = db_escape_string($_REQUEST["feed_id"]);
	341
	342	update_rss_feed($this->link, $feed_id, true);
	343
	344	print $this->wrap(self::STATUS_OK, array("status" => "OK"));
	345	}
	346
	347	function catchupFeed() {
	348	$feed_id = db_escape_string($_REQUEST["feed_id"]);
	349	$is_cat = db_escape_string($_REQUEST["is_cat"]);
	350
	351	catchup_feed($this->link, $feed_id, $is_cat);
	352
	353	print $this->wrap(self::STATUS_OK, array("status" => "OK"));
	354	}
	355
	356	function getPref() {
	357	$pref_name = db_escape_string($_REQUEST["pref_name"]);
	358
	359	print $this->wrap(self::STATUS_OK, array("value" => get_pref($this->link, $pref_name)));
	360	}
	361
ea1c2903 AD	362	function getLabels() {
	363	//$article_ids = array_filter(explode(",", db_escape_string($_REQUEST["article_ids"])), is_numeric);
	364
	365	$article_id = (int)$_REQUEST['article_id'];
	366
	367	$rv = array();
	368
	369	$result = db_query($this->link, "SELECT id, caption, fg_color, bg_color
	370	FROM ttrss_labels2
	371	WHERE owner_uid = '".$_SESSION['uid']."' ORDER BY caption");
	372
	373	if ($article_id)
	374	$article_labels = get_article_labels($this->link, $article_id);
	375	else
	376	$article_labels = array();
	377
	378	while ($line = db_fetch_assoc($result)) {
	379
	380	$checked = false;
	381	foreach ($article_labels as $al) {
	382	if ($al[0] == $line['id']) {
	383	$checked = true;
	384	break;
	385	}
	386	}
	387
	388	array_push($rv, array(
	389	"id" => (int)$line['id'],
	390	"caption" => $line['caption'],
	391	"fg_color" => $line['fg_color'],
	392	"bg_color" => $line['bg_color'],
	393	"checked" => $checked));
	394	}
	395
	396	print $this->wrap(self::STATUS_OK, $rv);
	397	}
	398
396bfdf9 AD	399	function setArticleLabel() {
	400
	401	$article_ids = array_filter(explode(",", db_escape_string($_REQUEST["article_ids"])), is_numeric);
	402	$label_id = (int) db_escape_string($_REQUEST['label_id']);
	403	$assign = (bool) db_escape_string($_REQUEST['assign']) == "true";
	404
	405	$label = db_escape_string(label_find_caption($this->link,
	406	$label_id, $_SESSION["uid"]));
	407
	408	$num_updated = 0;
	409
	410	if ($label) {
	411
	412	foreach ($article_ids as $id) {
	413
	414	if ($assign)
	415	label_add_article($this->link, $id, $label, $_SESSION["uid"]);
	416	else
	417	label_remove_article($this->link, $id, $label, $_SESSION["uid"]);
	418
	419	++$num_updated;
	420
	421	}
	422	}
	423
	424	print $this->wrap(self::STATUS_OK, array("status" => "OK",
	425	"updated" => $num_updated));
	426
	427	}
	428
de8260cb AD	429	function index() {
	430	print $this->wrap(self::STATUS_ERR, array("error" => 'UNKNOWN_METHOD'));
	431	}
	432
8361e724 AD	433	function shareToPublished() {
	434	$title = db_escape_string(strip_tags($_REQUEST["title"]));
	435	$url = db_escape_string(strip_tags($_REQUEST["url"]));
	436	$content = db_escape_string(strip_tags($_REQUEST["content"]));
	437
50832719	438	if (Article::create_published_article($this->link, $title, $url, $content, "", $_SESSION["uid"])) {
8361e724 AD	439	print $this->wrap(self::STATUS_OK, array("status" => 'OK'));
	440	} else {
	441	print $this->wrap(self::STATUS_ERR, array("error" => 'Publishing failed'));
	442	}
	443	}
04f60eb7 AD	444
	445	static function api_get_feeds($link, $cat_id, $unread_only, $limit, $offset, $include_nested = false) {
	446
	447	$feeds = array();
	448
	449	/* Labels */
	450
	451	if ($cat_id == -4 \|\| $cat_id == -2) {
	452	$counters = getLabelCounters($link, true);
	453
	454	foreach (array_values($counters) as $cv) {
	455
	456	$unread = $cv["counter"];
	457
	458	if ($unread \|\| !$unread_only) {
	459
	460	$row = array(
	461	"id" => $cv["id"],
	462	"title" => $cv["description"],
	463	"unread" => $cv["counter"],
	464	"cat_id" => -2,
	465	);
	466
	467	array_push($feeds, $row);
	468	}
	469	}
	470	}
	471
	472	/* Virtual feeds */
	473
	474	if ($cat_id == -4 \|\| $cat_id == -1) {
	475	foreach (array(-1, -2, -3, -4, -6, 0) as $i) {
	476	$unread = getFeedUnread($link, $i);
	477
	478	if ($unread \|\| !$unread_only) {
	479	$title = getFeedTitle($link, $i);
	480
	481	$row = array(
	482	"id" => $i,
	483	"title" => $title,
	484	"unread" => $unread,
	485	"cat_id" => -1,
	486	);
	487	array_push($feeds, $row);
	488	}
	489
	490	}
	491	}
	492
	493	/* Child cats */
	494
	495	if ($include_nested && $cat_id) {
	496	$result = db_query($link, "SELECT
	497	id, title FROM ttrss_feed_categories
	498	WHERE parent_cat = '$cat_id' AND owner_uid = " . $_SESSION["uid"] .
	499	" ORDER BY id, title");
	500
	501	while ($line = db_fetch_assoc($result)) {
	502	$unread = getFeedUnread($link, $line["id"], true) +
	503	getCategoryChildrenUnread($link, $line["id"]);
	504
	505	if ($unread \|\| !$unread_only) {
	506	$row = array(
	507	"id" => $line["id"],
508	"title" => $line["title"],
509	"unread" => $unread,
510	"is_cat" => true,
511	);
512	array_push($feeds, $row);
513	}
514	}
515	}
516
517	/* Real feeds */
518
519	if ($limit) {
520	$limit_qpart = "LIMIT $limit OFFSET $offset";
521	} else {
522	$limit_qpart = "";
523	}
524
525	if ($cat_id == -4 \|\| $cat_id == -3) {
526	$result = db_query($link, "SELECT
527	id, feed_url, cat_id, title, order_id, ".
528	SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated
529	FROM ttrss_feeds WHERE owner_uid = " . $_SESSION["uid"] .
530	" ORDER BY cat_id, title " . $limit_qpart);
531	} else {
532
533	if ($cat_id)
534	$cat_qpart = "cat_id = '$cat_id'";
535	else
536	$cat_qpart = "cat_id IS NULL";
537
538	$result = db_query($link, "SELECT
539	id, feed_url, cat_id, title, order_id, ".
540	SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated
541	FROM ttrss_feeds WHERE
542	$cat_qpart AND owner_uid = " . $_SESSION["uid"] .
543	" ORDER BY cat_id, title " . $limit_qpart);
544	}
545
546	while ($line = db_fetch_assoc($result)) {
547
548	$unread = getFeedUnread($link, $line["id"]);
549
550	$has_icon = feed_has_icon($line['id']);
551
552	if ($unread \|\| !$unread_only) {
553
554	$row = array(
555	"feed_url" => $line["feed_url"],
556	"title" => $line["title"],
557	"id" => (int)$line["id"],
558	"unread" => (int)$unread,
559	"has_icon" => $has_icon,
560	"cat_id" => (int)$line["cat_id"],
561	"last_updated" => strtotime($line["last_updated"]),
562	"order_id" => (int) $line["order_id"],
563	);
564
565	array_push($feeds, $row);
566	}
567	}
568
569	return $feeds;
570	}
571
572	static function api_get_headlines($link, $feed_id, $limit, $offset,
573	$filter, $is_cat, $show_excerpt, $show_content, $view_mode, $order,
574	$include_attachments, $since_id,
575	$search = "", $search_mode = "", $match_on = "",
576	$include_nested = false, $sanitize_content = true) {
577
578	$qfh_ret = queryFeedHeadlines($link, $feed_id, $limit,
579	$view_mode, $is_cat, $search, $search_mode, $match_on,
580	$order, $offset, 0, false, $since_id, $include_nested);
581
582	$result = $qfh_ret[0];
583	$feed_title = $qfh_ret[1];
584
585	$headlines = array();
586
587	while ($line = db_fetch_assoc($result)) {
588	$is_updated = ($line["last_read"] == "" &&
589	($line["unread"] != "t" && $line["unread"] != "1"));
590
591	$tags = explode(",", $line["tag_cache"]);
592	$labels = json_decode($line["label_cache"], true);
593
594	//if (!$tags) $tags = get_article_tags($link, $line["id"]);
595	//if (!$labels) $labels = get_article_labels($link, $line["id"]);
596
597	$headline_row = array(
598	"id" => (int)$line["id"],
599	"unread" => sql_bool_to_bool($line["unread"]),
600	"marked" => sql_bool_to_bool($line["marked"]),
601	"published" => sql_bool_to_bool($line["published"]),
602	"updated" => strtotime($line["updated"]),
603	"is_updated" => $is_updated,
604	"title" => $line["title"],
605	"link" => $line["link"],
606	"feed_id" => $line["feed_id"],
607	"tags" => $tags,
608	);
609
610	if ($include_attachments)
611	$headline_row['attachments'] = get_article_enclosures($link,
612	$line['id']);
613
614	if ($show_excerpt) {
615	$excerpt = truncate_string(strip_tags($line["content_preview"]), 100);
616	$headline_row["excerpt"] = $excerpt;
617	}
618
619	if ($show_content) {
620
621	if ($line["cached_content"] != "") {
622	$line["content_preview"] =& $line["cached_content"];
623	}
624
625	if ($sanitize_content) {
626	$headline_row["content"] = sanitize($link,
627	$line["content_preview"], false, false, $line["site_url"]);
628	} else {
629	$headline_row["content"] = $line["content_preview"];
630	}
631	}
632
633	// unify label output to ease parsing
634	if ($labels["no-labels"] == 1) $labels = array();
635
636	$headline_row["labels"] = $labels;
637
638	$headline_row["feed_title"] = $line["feed_title"];
639
640	$headline_row["comments_count"] = (int)$line["num_comments"];
641	$headline_row["comments_link"] = $line["comments"];
642
643	$headline_row["always_display_attachments"] = sql_bool_to_bool($line["always_display_enclosures"]);
644
645	array_push($headlines, $headline_row);
646	}
647
648	return $headlines;
649	}
650
de8260cb AD	651	}
	652
	653	?>