[tt-rss.git] / classes / api.php

<?php

class API extends Handler {

	const API_LEVEL  = 4;

	const STATUS_OK  = 0;
	const STATUS_ERR = 1;

	private $seq;

	function before($method) {
		if (parent::before($method)) {
			header("Content-Type: text/json");

			if (!$_SESSION["uid"] && $method != "login" && $method != "isloggedin") {
				print $this->wrap(self::STATUS_ERR, array("error" => 'NOT_LOGGED_IN'));
				return false;
			}

			if ($_SESSION["uid"] && $method != "logout" && !get_pref($this->link, 'ENABLE_API_ACCESS')) {
				print $this->wrap(self::STATUS_ERR, array("error" => 'API_DISABLED'));
				return false;
			}

			$this->seq = (int) $_REQUEST['seq'];

			return true;
		}
		return false;
	}

	function wrap($status, $reply) {
		print json_encode(array("seq" => $this->seq,
			"status" => $status,
			"content" => $reply));
	}

	function getVersion() {
		$rv = array("version" => VERSION);
		print $this->wrap(self::STATUS_OK, $rv);
	}

	function getApiLevel() {
		$rv = array("level" => self::API_LEVEL);
		print $this->wrap(self::STATUS_OK, $rv);
	}

	function login() {
		$login = db_escape_string($_REQUEST["user"]);
		$password = $_REQUEST["password"];
		$password_base64 = base64_decode($_REQUEST["password"]);

		if (SINGLE_USER_MODE) $login = "admin";

		$result = db_query($this->link, "SELECT id FROM ttrss_users WHERE login = '$login'");

		if (db_num_rows($result) != 0) {
			$uid = db_fetch_result($result, 0, "id");
		} else {
			$uid = 0;
		}

		if (!$uid) {
			print $this->wrap(self::STATUS_ERR, array("error" => "LOGIN_ERROR"));
			return;
		}

		if (get_pref($this->link, "ENABLE_API_ACCESS", $uid)) {
			if (authenticate_user($this->link, $login, $password)) {               // try login with normal password
				print $this->wrap(self::STATUS_OK, array("session_id" => session_id(),
					"api_level" => self::API_LEVEL));
			} else if (authenticate_user($this->link, $login, $password_base64)) { // else try with base64_decoded password
				print $this->wrap(self::STATUS_OK,	array("session_id" => session_id(),
					"api_level" => self::API_LEVEL));
			} else {                                                         // else we are not logged in
				print $this->wrap(self::STATUS_ERR, array("error" => "LOGIN_ERROR"));
			}
		} else {
			print $this->wrap(self::STATUS_ERR, array("error" => "API_DISABLED"));
		}

	}

	function logout() {
		logout_user();
		print $this->wrap(self::STATUS_OK, array("status" => "OK"));
	}

	function isLoggedIn() {
		print $this->wrap(self::STATUS_OK, array("status" => $_SESSION["uid"] != ''));
	}

	function getUnread() {
		$feed_id = db_escape_string($_REQUEST["feed_id"]);
		$is_cat = db_escape_string($_REQUEST["is_cat"]);

		if ($feed_id) {
			print $this->wrap(self::STATUS_OK, array("unread" => getFeedUnread($this->link, $feed_id, $is_cat)));
		} else {
			print $this->wrap(self::STATUS_OK, array("unread" => getGlobalUnread($this->link)));
		}
	}

	/* Method added for ttrss-reader for Android */
	function getCounters() {
		print $this->wrap(self::STATUS_OK, getAllCounters($this->link));
	}

	function getFeeds() {
		$cat_id = db_escape_string($_REQUEST["cat_id"]);
		$unread_only = sql_bool_to_bool($_REQUEST["unread_only"]);
		$limit = (int) db_escape_string($_REQUEST["limit"]);
		$offset = (int) db_escape_string($_REQUEST["offset"]);
		$include_nested = sql_bool_to_bool($_REQUEST["include_nested"]);

		$feeds = $this->api_get_feeds($this->link, $cat_id, $unread_only, $limit, $offset, $include_nested);

		print $this->wrap(self::STATUS_OK, $feeds);
	}

	function getCategories() {
		$unread_only = sql_bool_to_bool($_REQUEST["unread_only"]);
		$enable_nested = sql_bool_to_bool($_REQUEST["enable_nested"]);

		// TODO do not return empty categories, return Uncategorized and standard virtual cats

		if ($enable_nested)
			$nested_qpart = "parent_cat IS NULL";
		else
			$nested_qpart = "true";

		$result = db_query($this->link, "SELECT
				id, title, order_id, (SELECT COUNT(id) FROM
				ttrss_feeds WHERE
				ttrss_feed_categories.id IS NOT NULL AND cat_id = ttrss_feed_categories.id) AS num_feeds
			FROM ttrss_feed_categories
			WHERE $nested_qpart AND owner_uid = " .
			$_SESSION["uid"]);

		$cats = array();

		while ($line = db_fetch_assoc($result)) {
			if ($line["num_feeds"] > 0) {
				$unread = getFeedUnread($this->link, $line["id"], true);

				if ($enable_nested)
					$unread += getCategoryChildrenUnread($this->link, $line["id"]);

				if ($unread || !$unread_only) {
					array_push($cats, array("id" => $line["id"],
						"title" => $line["title"],
						"unread" => $unread,
						"order_id" => (int) $line["order_id"],
					));
				}
			}
		}

		foreach (array(-2,-1,0) as $cat_id) {
			$unread = getFeedUnread($this->link, $cat_id, true);

			if ($unread || !$unread_only) {
				array_push($cats, array("id" => $cat_id,
					"title" => getCategoryTitle($this->link, $cat_id),
					"unread" => $unread));
			}
		}

		print $this->wrap(self::STATUS_OK, $cats);
	}

	function getHeadlines() {
		$feed_id = db_escape_string($_REQUEST["feed_id"]);
		if ($feed_id != "") {

			$limit = (int)db_escape_string($_REQUEST["limit"]);

			if (!$limit || $limit >= 60) $limit = 60;

			$offset = (int)db_escape_string($_REQUEST["skip"]);
			$filter = db_escape_string($_REQUEST["filter"]);
			$is_cat = sql_bool_to_bool($_REQUEST["is_cat"]);
			$show_excerpt = sql_bool_to_bool($_REQUEST["show_excerpt"]);
			$show_content = sql_bool_to_bool($_REQUEST["show_content"]);
			/* all_articles, unread, adaptive, marked, updated */
			$view_mode = db_escape_string($_REQUEST["view_mode"]);
			$include_attachments = sql_bool_to_bool($_REQUEST["include_attachments"]);
			$since_id = (int)db_escape_string($_REQUEST["since_id"]);
			$include_nested = sql_bool_to_bool($_REQUEST["include_nested"]);
			$sanitize_content = true;

			/* do not rely on params below */

			$search = db_escape_string($_REQUEST["search"]);
			$search_mode = db_escape_string($_REQUEST["search_mode"]);
			$match_on = db_escape_string($_REQUEST["match_on"]);

			$headlines = $this->api_get_headlines($this->link, $feed_id, $limit, $offset,
				$filter, $is_cat, $show_excerpt, $show_content, $view_mode, false,
				$include_attachments, $since_id, $search, $search_mode, $match_on,
				$include_nested, $sanitize_content);

			print $this->wrap(self::STATUS_OK, $headlines);
		} else {
			print $this->wrap(self::STATUS_ERR, array("error" => 'INCORRECT_USAGE'));
		}
	}

	function updateArticle() {
		$article_ids = array_filter(explode(",", db_escape_string($_REQUEST["article_ids"])), is_numeric);
		$mode = (int) db_escape_string($_REQUEST["mode"]);
		$data = db_escape_string($_REQUEST["data"]);
		$field_raw = (int)db_escape_string($_REQUEST["field"]);

		$field = "";
		$set_to = "";

		switch ($field_raw) {
			case 0:
				$field = "marked";
				$additional_fields = ",last_marked = NOW()";
				break;
			case 1:
				$field = "published";
				$additional_fields = ",last_published = NOW()";
				break;
			case 2:
				$field = "unread";
				$additional_fields = ",last_read = NOW()";
				break;
			case 3:
				$field = "note";
		};

		switch ($mode) {
			case 1:
				$set_to = "true";
				break;
			case 0:
				$set_to = "false";
				break;
			case 2:
				$set_to = "NOT $field";
				break;
		}

		if ($field == "note") $set_to = "'$data'";

		if ($field && $set_to && count($article_ids) > 0) {

			$article_ids = join(", ", $article_ids);

			$result = db_query($this->link, "UPDATE ttrss_user_entries SET $field = $set_to $additional_fields WHERE ref_id IN ($article_ids) AND owner_uid = " . $_SESSION["uid"]);

			$num_updated = db_affected_rows($this->link, $result);

			if ($num_updated > 0 && $field == "unread") {
				$result = db_query($this->link, "SELECT DISTINCT feed_id FROM ttrss_user_entries
					WHERE ref_id IN ($article_ids)");

				while ($line = db_fetch_assoc($result)) {
					ccache_update($this->link, $line["feed_id"], $_SESSION["uid"]);
				}
			}

			if ($num_updated > 0 && $field == "published") {
				if (PUBSUBHUBBUB_HUB) {
					$rss_link = get_self_url_prefix() .
						"/public.php?op=rss&id=-2&key=" .
						get_feed_access_key($this->link, -2, false);

					$p = new Publisher(PUBSUBHUBBUB_HUB);
					$pubsub_result = $p->publish_update($rss_link);
				}
			}

			print $this->wrap(self::STATUS_OK, array("status" => "OK",
				"updated" => $num_updated));

		} else {
			print $this->wrap(self::STATUS_ERR, array("error" => 'INCORRECT_USAGE'));
		}

	}

	function getArticle() {

		$article_id = join(",", array_filter(explode(",", db_escape_string($_REQUEST["article_id"])), is_numeric));

		$query = "SELECT id,title,link,content,cached_content,feed_id,comments,int_id,
			marked,unread,published,
			".SUBSTRING_FOR_DATE."(updated,1,16) as updated,
			author
			FROM ttrss_entries,ttrss_user_entries
			WHERE	id IN ($article_id) AND ref_id = id AND owner_uid = " .
				$_SESSION["uid"] ;

		$result = db_query($this->link, $query);

		$articles = array();

		if (db_num_rows($result) != 0) {

			while ($line = db_fetch_assoc($result)) {

				$attachments = get_article_enclosures($this->link, $line['id']);

				$article = array(
					"id" => $line["id"],
					"title" => $line["title"],
					"link" => $line["link"],
					"labels" => get_article_labels($this->link, $line['id']),
					"unread" => sql_bool_to_bool($line["unread"]),
					"marked" => sql_bool_to_bool($line["marked"]),
					"published" => sql_bool_to_bool($line["published"]),
					"comments" => $line["comments"],
					"author" => $line["author"],
					"updated" => (int) strtotime($line["updated"]),
					"content" => $line["cached_content"] != "" ? $line["cached_content"] : $line["content"],
					"feed_id" => $line["feed_id"],
					"attachments" => $attachments
				);

				array_push($articles, $article);

			}
		}

		print $this->wrap(self::STATUS_OK, $articles);

	}

	function getConfig() {
		$config = array(
			"icons_dir" => ICONS_DIR,
			"icons_url" => ICONS_URL);

		$config["daemon_is_running"] = file_is_locked("update_daemon.lock");

		$result = db_query($this->link, "SELECT COUNT(*) AS cf FROM
			ttrss_feeds WHERE owner_uid = " . $_SESSION["uid"]);

		$num_feeds = db_fetch_result($result, 0, "cf");

		$config["num_feeds"] = (int)$num_feeds;

		print $this->wrap(self::STATUS_OK, $config);
	}

	function updateFeed() {
		$feed_id = db_escape_string($_REQUEST["feed_id"]);

		update_rss_feed($this->link, $feed_id, true);

		print $this->wrap(self::STATUS_OK, array("status" => "OK"));
	}

	function catchupFeed() {
		$feed_id = db_escape_string($_REQUEST["feed_id"]);
		$is_cat = db_escape_string($_REQUEST["is_cat"]);

		catchup_feed($this->link, $feed_id, $is_cat);

		print $this->wrap(self::STATUS_OK, array("status" => "OK"));
	}

	function getPref() {
		$pref_name = db_escape_string($_REQUEST["pref_name"]);

		print $this->wrap(self::STATUS_OK, array("value" => get_pref($this->link, $pref_name)));
	}

	function getLabels() {
		//$article_ids = array_filter(explode(",", db_escape_string($_REQUEST["article_ids"])), is_numeric);

		$article_id = (int)$_REQUEST['article_id'];

		$rv = array();

		$result = db_query($this->link, "SELECT id, caption, fg_color, bg_color
			FROM ttrss_labels2
			WHERE owner_uid = '".$_SESSION['uid']."' ORDER BY caption");

		if ($article_id)
			$article_labels = get_article_labels($this->link, $article_id);
		else
			$article_labels = array();

		while ($line = db_fetch_assoc($result)) {

			$checked = false;
			foreach ($article_labels as $al) {
				if ($al[0] == $line['id']) {
					$checked = true;
					break;
				}
			}

			array_push($rv, array(
				"id" => (int)$line['id'],
				"caption" => $line['caption'],
				"fg_color" => $line['fg_color'],
				"bg_color" => $line['bg_color'],
				"checked" => $checked));
		}

		print $this->wrap(self::STATUS_OK, $rv);
	}

	function setArticleLabel() {

		$article_ids = array_filter(explode(",", db_escape_string($_REQUEST["article_ids"])), is_numeric);
		$label_id = (int) db_escape_string($_REQUEST['label_id']);
		$assign = (bool) db_escape_string($_REQUEST['assign']) == "true";

		$label = db_escape_string(label_find_caption($this->link,
			$label_id, $_SESSION["uid"]));

		$num_updated = 0;

		if ($label) {

			foreach ($article_ids as $id) {

				if ($assign)
					label_add_article($this->link, $id, $label, $_SESSION["uid"]);
				else
					label_remove_article($this->link, $id, $label, $_SESSION["uid"]);

				++$num_updated;

			}
		}

		print $this->wrap(self::STATUS_OK, array("status" => "OK",
			"updated" => $num_updated));

	}

	function index() {
		print $this->wrap(self::STATUS_ERR, array("error" => 'UNKNOWN_METHOD'));
	}

	function shareToPublished() {
		$title = db_escape_string(strip_tags($_REQUEST["title"]));
		$url = db_escape_string(strip_tags($_REQUEST["url"]));
		$content = db_escape_string(strip_tags($_REQUEST["content"]));

		if (Article::create_published_article($this->link, $title, $url, $content, "", $_SESSION["uid"])) {
			print $this->wrap(self::STATUS_OK, array("status" => 'OK'));
		} else {
			print $this->wrap(self::STATUS_ERR, array("error" => 'Publishing failed'));
		}
	}

	static function api_get_feeds($link, $cat_id, $unread_only, $limit, $offset, $include_nested = false) {

			$feeds = array();

			/* Labels */

			if ($cat_id == -4 || $cat_id == -2) {
				$counters = getLabelCounters($link, true);

				foreach (array_values($counters) as $cv) {

					$unread = $cv["counter"];

					if ($unread || !$unread_only) {

						$row = array(
								"id" => $cv["id"],
								"title" => $cv["description"],
								"unread" => $cv["counter"],
								"cat_id" => -2,
							);

						array_push($feeds, $row);
					}
				}
			}

			/* Virtual feeds */

			if ($cat_id == -4 || $cat_id == -1) {
				foreach (array(-1, -2, -3, -4, -6, 0) as $i) {
					$unread = getFeedUnread($link, $i);

					if ($unread || !$unread_only) {
						$title = getFeedTitle($link, $i);

						$row = array(
								"id" => $i,
								"title" => $title,
								"unread" => $unread,
								"cat_id" => -1,
							);
						array_push($feeds, $row);
					}

				}
			}

			/* Child cats */

			if ($include_nested && $cat_id) {
				$result = db_query($link, "SELECT
					id, title FROM ttrss_feed_categories
					WHERE parent_cat = '$cat_id' AND owner_uid = " . $_SESSION["uid"] .
				" ORDER BY id, title");

				while ($line = db_fetch_assoc($result)) {
					$unread = getFeedUnread($link, $line["id"], true) +
						getCategoryChildrenUnread($link, $line["id"]);

					if ($unread || !$unread_only) {
						$row = array(
								"id" => $line["id"],
								"title" => $line["title"],
								"unread" => $unread,
								"is_cat" => true,
							);
						array_push($feeds, $row);
					}
				}
			}

			/* Real feeds */

			if ($limit) {
				$limit_qpart = "LIMIT $limit OFFSET $offset";
			} else {
				$limit_qpart = "";
			}

			if ($cat_id == -4 || $cat_id == -3) {
				$result = db_query($link, "SELECT
					id, feed_url, cat_id, title, order_id, ".
						SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated
						FROM ttrss_feeds WHERE owner_uid = " . $_SESSION["uid"] .
						" ORDER BY cat_id, title " . $limit_qpart);
			} else {

				if ($cat_id)
					$cat_qpart = "cat_id = '$cat_id'";
				else
					$cat_qpart = "cat_id IS NULL";

				$result = db_query($link, "SELECT
					id, feed_url, cat_id, title, order_id, ".
						SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated
						FROM ttrss_feeds WHERE
						$cat_qpart AND owner_uid = " . $_SESSION["uid"] .
						" ORDER BY cat_id, title " . $limit_qpart);
			}

			while ($line = db_fetch_assoc($result)) {

				$unread = getFeedUnread($link, $line["id"]);

				$has_icon = feed_has_icon($line['id']);

				if ($unread || !$unread_only) {

					$row = array(
							"feed_url" => $line["feed_url"],
							"title" => $line["title"],
							"id" => (int)$line["id"],
							"unread" => (int)$unread,
							"has_icon" => $has_icon,
							"cat_id" => (int)$line["cat_id"],
							"last_updated" => (int) strtotime($line["last_updated"]),
							"order_id" => (int) $line["order_id"],
						);

					array_push($feeds, $row);
				}
			}

		return $feeds;
	}

	static function api_get_headlines($link, $feed_id, $limit, $offset,
				$filter, $is_cat, $show_excerpt, $show_content, $view_mode, $order,
				$include_attachments, $since_id,
				$search = "", $search_mode = "", $match_on = "",
				$include_nested = false, $sanitize_content = true) {

			$qfh_ret = queryFeedHeadlines($link, $feed_id, $limit,
				$view_mode, $is_cat, $search, $search_mode, $match_on,
				$order, $offset, 0, false, $since_id, $include_nested);

			$result = $qfh_ret[0];
			$feed_title = $qfh_ret[1];

			$headlines = array();

			while ($line = db_fetch_assoc($result)) {
				$is_updated = ($line["last_read"] == "" &&
					($line["unread"] != "t" && $line["unread"] != "1"));

				$tags = explode(",", $line["tag_cache"]);
				$labels = json_decode($line["label_cache"], true);

				//if (!$tags) $tags = get_article_tags($link, $line["id"]);
				//if (!$labels) $labels = get_article_labels($link, $line["id"]);

				$headline_row = array(
						"id" => (int)$line["id"],
						"unread" => sql_bool_to_bool($line["unread"]),
						"marked" => sql_bool_to_bool($line["marked"]),
						"published" => sql_bool_to_bool($line["published"]),
						"updated" => (int) strtotime($line["updated"]),
						"is_updated" => $is_updated,
						"title" => $line["title"],
						"link" => $line["link"],
						"feed_id" => $line["feed_id"],
						"tags" => $tags,
					);

					if ($include_attachments)
						$headline_row['attachments'] = get_article_enclosures($link,
							$line['id']);

				if ($show_excerpt) {
					$excerpt = truncate_string(strip_tags($line["content_preview"]), 100);
					$headline_row["excerpt"] = $excerpt;
				}

				if ($show_content) {

					if ($line["cached_content"] != "") {
						$line["content_preview"] =& $line["cached_content"];
					}

					if ($sanitize_content) {
						$headline_row["content"] = sanitize($link,
							$line["content_preview"],
							sql_bool_to_bool($line['hide_images']),
							false, $line["site_url"]);
					} else {
						$headline_row["content"] = $line["content_preview"];
					}
				}

				// unify label output to ease parsing
				if ($labels["no-labels"] == 1) $labels = array();

				$headline_row["labels"] = $labels;

				$headline_row["feed_title"] = $line["feed_title"];

				$headline_row["comments_count"] = (int)$line["num_comments"];
				$headline_row["comments_link"] = $line["comments"];

				$headline_row["always_display_attachments"] = sql_bool_to_bool($line["always_display_enclosures"]);

				array_push($headlines, $headline_row);
			}

			return $headlines;
	}

}

?>
Commit	Line	Data
de8260cb AD	1	<?php
	2
	3	class API extends Handler {
	4
8361e724	5	const API_LEVEL = 4;
de8260cb AD	6
	7	const STATUS_OK = 0;
	8	const STATUS_ERR = 1;
	9
	10	private $seq;
	11
	12	function before($method) {
	13	if (parent::before($method)) {
12f31782	14	header("Content-Type: text/json");
de8260cb AD	15
	16	if (!$_SESSION["uid"] && $method != "login" && $method != "isloggedin") {
	17	print $this->wrap(self::STATUS_ERR, array("error" => 'NOT_LOGGED_IN'));
	18	return false;
	19	}
	20
	21	if ($_SESSION["uid"] && $method != "logout" && !get_pref($this->link, 'ENABLE_API_ACCESS')) {
	22	print $this->wrap(self::STATUS_ERR, array("error" => 'API_DISABLED'));
	23	return false;
	24	}
	25
	26	$this->seq = (int) $_REQUEST['seq'];
	27
de8260cb AD	28	return true;
	29	}
	30	return false;
	31	}
	32
	33	function wrap($status, $reply) {
	34	print json_encode(array("seq" => $this->seq,
	35	"status" => $status,
	36	"content" => $reply));
	37	}
	38
	39	function getVersion() {
	40	$rv = array("version" => VERSION);
	41	print $this->wrap(self::STATUS_OK, $rv);
	42	}
	43
	44	function getApiLevel() {
a3b5394a	45	$rv = array("level" => self::API_LEVEL);
de8260cb AD	46	print $this->wrap(self::STATUS_OK, $rv);
	47	}
	48
	49	function login() {
	50	$login = db_escape_string($_REQUEST["user"]);
	51	$password = $_REQUEST["password"];
	52	$password_base64 = base64_decode($_REQUEST["password"]);
	53
	54	if (SINGLE_USER_MODE) $login = "admin";
	55
	56	$result = db_query($this->link, "SELECT id FROM ttrss_users WHERE login = '$login'");
	57
	58	if (db_num_rows($result) != 0) {
	59	$uid = db_fetch_result($result, 0, "id");
	60	} else {
	61	$uid = 0;
	62	}
	63
	64	if (!$uid) {
	65	print $this->wrap(self::STATUS_ERR, array("error" => "LOGIN_ERROR"));
	66	return;
	67	}
	68
	69	if (get_pref($this->link, "ENABLE_API_ACCESS", $uid)) {
	70	if (authenticate_user($this->link, $login, $password)) { // try login with normal password
5ba4ebc6 AD	71	print $this->wrap(self::STATUS_OK, array("session_id" => session_id(),
5ba4ebc6 AD	72	"api_level" => self::API_LEVEL));
de8260cb	73	} else if (authenticate_user($this->link, $login, $password_base64)) { // else try with base64_decoded password
5ba4ebc6 AD	74	print $this->wrap(self::STATUS_OK, array("session_id" => session_id(),
5ba4ebc6 AD	75	"api_level" => self::API_LEVEL));
de8260cb AD	76	} else { // else we are not logged in
	77	print $this->wrap(self::STATUS_ERR, array("error" => "LOGIN_ERROR"));
	78	}
	79	} else {
	80	print $this->wrap(self::STATUS_ERR, array("error" => "API_DISABLED"));
	81	}
	82
	83	}
	84
	85	function logout() {
	86	logout_user();
	87	print $this->wrap(self::STATUS_OK, array("status" => "OK"));
	88	}
	89
	90	function isLoggedIn() {
	91	print $this->wrap(self::STATUS_OK, array("status" => $_SESSION["uid"] != ''));
	92	}
	93
	94	function getUnread() {
	95	$feed_id = db_escape_string($_REQUEST["feed_id"]);
	96	$is_cat = db_escape_string($_REQUEST["is_cat"]);
	97
	98	if ($feed_id) {
	99	print $this->wrap(self::STATUS_OK, array("unread" => getFeedUnread($this->link, $feed_id, $is_cat)));
	100	} else {
	101	print $this->wrap(self::STATUS_OK, array("unread" => getGlobalUnread($this->link)));
	102	}
	103	}
	104
	105	/* Method added for ttrss-reader for Android */
	106	function getCounters() {
5b55e9e2	107	print $this->wrap(self::STATUS_OK, getAllCounters($this->link));
de8260cb AD	108	}
	109
	110	function getFeeds() {
	111	$cat_id = db_escape_string($_REQUEST["cat_id"]);
9955a134	112	$unread_only = sql_bool_to_bool($_REQUEST["unread_only"]);
de8260cb AD	113	$limit = (int) db_escape_string($_REQUEST["limit"]);
de8260cb AD	114	$offset = (int) db_escape_string($_REQUEST["offset"]);
9955a134	115	$include_nested = sql_bool_to_bool($_REQUEST["include_nested"]);
de8260cb	116
04f60eb7	117	$feeds = $this->api_get_feeds($this->link, $cat_id, $unread_only, $limit, $offset, $include_nested);
de8260cb AD	118
	119	print $this->wrap(self::STATUS_OK, $feeds);
	120	}
	121
	122	function getCategories() {
9955a134 AD	123	$unread_only = sql_bool_to_bool($_REQUEST["unread_only"]);
9955a134 AD	124	$enable_nested = sql_bool_to_bool($_REQUEST["enable_nested"]);
de8260cb AD	125
	126	// TODO do not return empty categories, return Uncategorized and standard virtual cats
	127
48646336 AD	128	if ($enable_nested)
	129	$nested_qpart = "parent_cat IS NULL";
	130	else
	131	$nested_qpart = "true";
	132
de8260cb	133	$result = db_query($this->link, "SELECT
d49dfa38 AD	134	id, title, order_id, (SELECT COUNT(id) FROM
	135	ttrss_feeds WHERE
	136	ttrss_feed_categories.id IS NOT NULL AND cat_id = ttrss_feed_categories.id) AS num_feeds
	137	FROM ttrss_feed_categories
48646336	138	WHERE $nested_qpart AND owner_uid = " .
de8260cb AD	139	$_SESSION["uid"]);
	140
	141	$cats = array();
	142
	143	while ($line = db_fetch_assoc($result)) {
d49dfa38 AD	144	if ($line["num_feeds"] > 0) {
	145	$unread = getFeedUnread($this->link, $line["id"], true);
	146
	147	if ($enable_nested)
	148	$unread += getCategoryChildrenUnread($this->link, $line["id"]);
	149
	150	if ($unread \|\| !$unread_only) {
	151	array_push($cats, array("id" => $line["id"],
	152	"title" => $line["title"],
	153	"unread" => $unread,
	154	"order_id" => (int) $line["order_id"],
	155	));
	156	}
de8260cb AD	157	}
	158	}
	159
	160	foreach (array(-2,-1,0) as $cat_id) {
	161	$unread = getFeedUnread($this->link, $cat_id, true);
	162
	163	if ($unread \|\| !$unread_only) {
	164	array_push($cats, array("id" => $cat_id,
	165	"title" => getCategoryTitle($this->link, $cat_id),
	166	"unread" => $unread));
	167	}
	168	}
	169
	170	print $this->wrap(self::STATUS_OK, $cats);
	171	}
	172
	173	function getHeadlines() {
	174	$feed_id = db_escape_string($_REQUEST["feed_id"]);
8aa3becc	175	if ($feed_id != "") {
de8260cb AD	176
de8260cb AD	177	$limit = (int)db_escape_string($_REQUEST["limit"]);
1a740cf6 AD	178
	179	if (!$limit \|\| $limit >= 60) $limit = 60;
	180
de8260cb AD	181	$offset = (int)db_escape_string($_REQUEST["skip"]);
de8260cb AD	182	$filter = db_escape_string($_REQUEST["filter"]);
9955a134 AD	183	$is_cat = sql_bool_to_bool($_REQUEST["is_cat"]);
	184	$show_excerpt = sql_bool_to_bool($_REQUEST["show_excerpt"]);
	185	$show_content = sql_bool_to_bool($_REQUEST["show_content"]);
de8260cb AD	186	/* all_articles, unread, adaptive, marked, updated */
de8260cb AD	187	$view_mode = db_escape_string($_REQUEST["view_mode"]);
9955a134	188	$include_attachments = sql_bool_to_bool($_REQUEST["include_attachments"]);
de8260cb	189	$since_id = (int)db_escape_string($_REQUEST["since_id"]);
9955a134	190	$include_nested = sql_bool_to_bool($_REQUEST["include_nested"]);
db9e00e3	191	$sanitize_content = true;
de8260cb	192
3e4af5b0 AD	193	/* do not rely on params below */
	194
	195	$search = db_escape_string($_REQUEST["search"]);
	196	$search_mode = db_escape_string($_REQUEST["search_mode"]);
	197	$match_on = db_escape_string($_REQUEST["match_on"]);
	198
04f60eb7	199	$headlines = $this->api_get_headlines($this->link, $feed_id, $limit, $offset,
de8260cb	200	$filter, $is_cat, $show_excerpt, $show_content, $view_mode, false,
48646336	201	$include_attachments, $since_id, $search, $search_mode, $match_on,
db9e00e3	202	$include_nested, $sanitize_content);
de8260cb AD	203
	204	print $this->wrap(self::STATUS_OK, $headlines);
	205	} else {
	206	print $this->wrap(self::STATUS_ERR, array("error" => 'INCORRECT_USAGE'));
	207	}
	208	}
	209
	210	function updateArticle() {
	211	$article_ids = array_filter(explode(",", db_escape_string($_REQUEST["article_ids"])), is_numeric);
	212	$mode = (int) db_escape_string($_REQUEST["mode"]);
	213	$data = db_escape_string($_REQUEST["data"]);
	214	$field_raw = (int)db_escape_string($_REQUEST["field"]);
	215
	216	$field = "";
	217	$set_to = "";
	218
	219	switch ($field_raw) {
	220	case 0:
	221	$field = "marked";
7873d588	222	$additional_fields = ",last_marked = NOW()";
de8260cb AD	223	break;
	224	case 1:
	225	$field = "published";
7873d588	226	$additional_fields = ",last_published = NOW()";
de8260cb AD	227	break;
	228	case 2:
	229	$field = "unread";
7873d588	230	$additional_fields = ",last_read = NOW()";
de8260cb AD	231	break;
	232	case 3:
	233	$field = "note";
	234	};
	235
	236	switch ($mode) {
	237	case 1:
	238	$set_to = "true";
	239	break;
	240	case 0:
	241	$set_to = "false";
	242	break;
	243	case 2:
	244	$set_to = "NOT $field";
	245	break;
	246	}
	247
	248	if ($field == "note") $set_to = "'$data'";
	249
	250	if ($field && $set_to && count($article_ids) > 0) {
	251
	252	$article_ids = join(", ", $article_ids);
	253
7873d588	254	$result = db_query($this->link, "UPDATE ttrss_user_entries SET $field = $set_to $additional_fields WHERE ref_id IN ($article_ids) AND owner_uid = " . $_SESSION["uid"]);
de8260cb AD	255
	256	$num_updated = db_affected_rows($this->link, $result);
	257
	258	if ($num_updated > 0 && $field == "unread") {
	259	$result = db_query($this->link, "SELECT DISTINCT feed_id FROM ttrss_user_entries
	260	WHERE ref_id IN ($article_ids)");
	261
	262	while ($line = db_fetch_assoc($result)) {
	263	ccache_update($this->link, $line["feed_id"], $_SESSION["uid"]);
	264	}
	265	}
	266
7873d588 AD	267	if ($num_updated > 0 && $field == "published") {
	268	if (PUBSUBHUBBUB_HUB) {
	269	$rss_link = get_self_url_prefix() .
	270	"/public.php?op=rss&id=-2&key=" .
	271	get_feed_access_key($this->link, -2, false);
	272
	273	$p = new Publisher(PUBSUBHUBBUB_HUB);
	274	$pubsub_result = $p->publish_update($rss_link);
	275	}
	276	}
	277
de8260cb AD	278	print $this->wrap(self::STATUS_OK, array("status" => "OK",
	279	"updated" => $num_updated));
	280
	281	} else {
	282	print $this->wrap(self::STATUS_ERR, array("error" => 'INCORRECT_USAGE'));
	283	}
	284
	285	}
	286
	287	function getArticle() {
	288
	289	$article_id = join(",", array_filter(explode(",", db_escape_string($_REQUEST["article_id"])), is_numeric));
	290
87764a50	291	$query = "SELECT id,title,link,content,cached_content,feed_id,comments,int_id,
de8260cb AD	292	marked,unread,published,
	293	".SUBSTRING_FOR_DATE."(updated,1,16) as updated,
	294	author
	295	FROM ttrss_entries,ttrss_user_entries
	296	WHERE id IN ($article_id) AND ref_id = id AND owner_uid = " .
	297	$_SESSION["uid"] ;
	298
	299	$result = db_query($this->link, $query);
	300
	301	$articles = array();
	302
	303	if (db_num_rows($result) != 0) {
	304
	305	while ($line = db_fetch_assoc($result)) {
	306
	307	$attachments = get_article_enclosures($this->link, $line['id']);
	308
	309	$article = array(
	310	"id" => $line["id"],
	311	"title" => $line["title"],
	312	"link" => $line["link"],
	313	"labels" => get_article_labels($this->link, $line['id']),
	314	"unread" => sql_bool_to_bool($line["unread"]),
	315	"marked" => sql_bool_to_bool($line["marked"]),
	316	"published" => sql_bool_to_bool($line["published"]),
	317	"comments" => $line["comments"],
	318	"author" => $line["author"],
ef3da31c	319	"updated" => (int) strtotime($line["updated"]),
87764a50	320	"content" => $line["cached_content"] != "" ? $line["cached_content"] : $line["content"],
de8260cb AD	321	"feed_id" => $line["feed_id"],
	322	"attachments" => $attachments
	323	);
	324
	325	array_push($articles, $article);
	326
	327	}
	328	}
	329
	330	print $this->wrap(self::STATUS_OK, $articles);
	331
	332	}
	333
	334	function getConfig() {
	335	$config = array(
	336	"icons_dir" => ICONS_DIR,
	337	"icons_url" => ICONS_URL);
	338
	339	$config["daemon_is_running"] = file_is_locked("update_daemon.lock");
	340
	341	$result = db_query($this->link, "SELECT COUNT(*) AS cf FROM
	342	ttrss_feeds WHERE owner_uid = " . $_SESSION["uid"]);
	343
	344	$num_feeds = db_fetch_result($result, 0, "cf");
	345
	346	$config["num_feeds"] = (int)$num_feeds;
	347
	348	print $this->wrap(self::STATUS_OK, $config);
	349	}
	350
	351	function updateFeed() {
	352	$feed_id = db_escape_string($_REQUEST["feed_id"]);
	353
	354	update_rss_feed($this->link, $feed_id, true);
	355
	356	print $this->wrap(self::STATUS_OK, array("status" => "OK"));
	357	}
	358
	359	function catchupFeed() {
	360	$feed_id = db_escape_string($_REQUEST["feed_id"]);
	361	$is_cat = db_escape_string($_REQUEST["is_cat"]);
	362
	363	catchup_feed($this->link, $feed_id, $is_cat);
	364
	365	print $this->wrap(self::STATUS_OK, array("status" => "OK"));
	366	}
	367
	368	function getPref() {
	369	$pref_name = db_escape_string($_REQUEST["pref_name"]);
	370
	371	print $this->wrap(self::STATUS_OK, array("value" => get_pref($this->link, $pref_name)));
	372	}
	373
ea1c2903 AD	374	function getLabels() {
	375	//$article_ids = array_filter(explode(",", db_escape_string($_REQUEST["article_ids"])), is_numeric);
	376
	377	$article_id = (int)$_REQUEST['article_id'];
	378
	379	$rv = array();
	380
	381	$result = db_query($this->link, "SELECT id, caption, fg_color, bg_color
	382	FROM ttrss_labels2
	383	WHERE owner_uid = '".$_SESSION['uid']."' ORDER BY caption");
	384
	385	if ($article_id)
	386	$article_labels = get_article_labels($this->link, $article_id);
	387	else
	388	$article_labels = array();
	389
	390	while ($line = db_fetch_assoc($result)) {
	391
	392	$checked = false;
	393	foreach ($article_labels as $al) {
	394	if ($al[0] == $line['id']) {
	395	$checked = true;
	396	break;
	397	}
	398	}
	399
	400	array_push($rv, array(
	401	"id" => (int)$line['id'],
	402	"caption" => $line['caption'],
	403	"fg_color" => $line['fg_color'],
	404	"bg_color" => $line['bg_color'],
	405	"checked" => $checked));
	406	}
	407
	408	print $this->wrap(self::STATUS_OK, $rv);
	409	}
	410
396bfdf9 AD	411	function setArticleLabel() {
	412
	413	$article_ids = array_filter(explode(",", db_escape_string($_REQUEST["article_ids"])), is_numeric);
	414	$label_id = (int) db_escape_string($_REQUEST['label_id']);
	415	$assign = (bool) db_escape_string($_REQUEST['assign']) == "true";
	416
	417	$label = db_escape_string(label_find_caption($this->link,
	418	$label_id, $_SESSION["uid"]));
	419
	420	$num_updated = 0;
	421
	422	if ($label) {
	423
	424	foreach ($article_ids as $id) {
	425
	426	if ($assign)
	427	label_add_article($this->link, $id, $label, $_SESSION["uid"]);
	428	else
	429	label_remove_article($this->link, $id, $label, $_SESSION["uid"]);
	430
	431	++$num_updated;
	432
	433	}
	434	}
	435
	436	print $this->wrap(self::STATUS_OK, array("status" => "OK",
	437	"updated" => $num_updated));
	438
	439	}
	440
de8260cb AD	441	function index() {
	442	print $this->wrap(self::STATUS_ERR, array("error" => 'UNKNOWN_METHOD'));
	443	}
	444
8361e724 AD	445	function shareToPublished() {
	446	$title = db_escape_string(strip_tags($_REQUEST["title"]));
	447	$url = db_escape_string(strip_tags($_REQUEST["url"]));
	448	$content = db_escape_string(strip_tags($_REQUEST["content"]));
	449
50832719	450	if (Article::create_published_article($this->link, $title, $url, $content, "", $_SESSION["uid"])) {
8361e724 AD	451	print $this->wrap(self::STATUS_OK, array("status" => 'OK'));
	452	} else {
	453	print $this->wrap(self::STATUS_ERR, array("error" => 'Publishing failed'));
	454	}
	455	}
04f60eb7 AD	456
	457	static function api_get_feeds($link, $cat_id, $unread_only, $limit, $offset, $include_nested = false) {
	458
	459	$feeds = array();
	460
	461	/* Labels */
	462
	463	if ($cat_id == -4 \|\| $cat_id == -2) {
	464	$counters = getLabelCounters($link, true);
	465
	466	foreach (array_values($counters) as $cv) {
	467
	468	$unread = $cv["counter"];
	469
	470	if ($unread \|\| !$unread_only) {
	471
	472	$row = array(
	473	"id" => $cv["id"],
	474	"title" => $cv["description"],
	475	"unread" => $cv["counter"],
	476	"cat_id" => -2,
	477	);
	478
	479	array_push($feeds, $row);
	480	}
	481	}
	482	}
	483
	484	/* Virtual feeds */
	485
	486	if ($cat_id == -4 \|\| $cat_id == -1) {
	487	foreach (array(-1, -2, -3, -4, -6, 0) as $i) {
	488	$unread = getFeedUnread($link, $i);
	489
	490	if ($unread \|\| !$unread_only) {
	491	$title = getFeedTitle($link, $i);
	492
	493	$row = array(
	494	"id" => $i,
	495	"title" => $title,
	496	"unread" => $unread,
	497	"cat_id" => -1,
	498	);
	499	array_push($feeds, $row);
	500	}
	501
	502	}
	503	}
	504
	505	/* Child cats */
	506
	507	if ($include_nested && $cat_id) {
	508	$result = db_query($link, "SELECT
	509	id, title FROM ttrss_feed_categories
	510	WHERE parent_cat = '$cat_id' AND owner_uid = " . $_SESSION["uid"] .
	511	" ORDER BY id, title");
	512
	513	while ($line = db_fetch_assoc($result)) {
	514	$unread = getFeedUnread($link, $line["id"], true) +
	515	getCategoryChildrenUnread($link, $line["id"]);
	516
	517	if ($unread \|\| !$unread_only) {
	518	$row = array(
	519	"id" => $line["id"],
520	"title" => $line["title"],
521	"unread" => $unread,
522	"is_cat" => true,
523	);
524	array_push($feeds, $row);
525	}
526	}
527	}
528
529	/* Real feeds */
530
531	if ($limit) {
532	$limit_qpart = "LIMIT $limit OFFSET $offset";
533	} else {
534	$limit_qpart = "";
535	}
536
537	if ($cat_id == -4 \|\| $cat_id == -3) {
538	$result = db_query($link, "SELECT
539	id, feed_url, cat_id, title, order_id, ".
540	SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated
541	FROM ttrss_feeds WHERE owner_uid = " . $_SESSION["uid"] .
542	" ORDER BY cat_id, title " . $limit_qpart);
543	} else {
544
545	if ($cat_id)
546	$cat_qpart = "cat_id = '$cat_id'";
547	else
548	$cat_qpart = "cat_id IS NULL";
549
550	$result = db_query($link, "SELECT
551	id, feed_url, cat_id, title, order_id, ".
552	SUBSTRING_FOR_DATE."(last_updated,1,19) AS last_updated
553	FROM ttrss_feeds WHERE
554	$cat_qpart AND owner_uid = " . $_SESSION["uid"] .
555	" ORDER BY cat_id, title " . $limit_qpart);
556	}
557
558	while ($line = db_fetch_assoc($result)) {
559
560	$unread = getFeedUnread($link, $line["id"]);
561
562	$has_icon = feed_has_icon($line['id']);
563
564	if ($unread \|\| !$unread_only) {
565
566	$row = array(
567	"feed_url" => $line["feed_url"],
568	"title" => $line["title"],
569	"id" => (int)$line["id"],
570	"unread" => (int)$unread,
571	"has_icon" => $has_icon,
572	"cat_id" => (int)$line["cat_id"],
ef3da31c	573	"last_updated" => (int) strtotime($line["last_updated"]),
04f60eb7 AD	574	"order_id" => (int) $line["order_id"],
	575	);
	576
	577	array_push($feeds, $row);
	578	}
	579	}
	580
	581	return $feeds;
	582	}
	583
	584	static function api_get_headlines($link, $feed_id, $limit, $offset,
	585	$filter, $is_cat, $show_excerpt, $show_content, $view_mode, $order,
	586	$include_attachments, $since_id,
	587	$search = "", $search_mode = "", $match_on = "",
	588	$include_nested = false, $sanitize_content = true) {
	589
	590	$qfh_ret = queryFeedHeadlines($link, $feed_id, $limit,
	591	$view_mode, $is_cat, $search, $search_mode, $match_on,
	592	$order, $offset, 0, false, $since_id, $include_nested);
	593
	594	$result = $qfh_ret[0];
	595	$feed_title = $qfh_ret[1];
	596
	597	$headlines = array();
	598
	599	while ($line = db_fetch_assoc($result)) {
	600	$is_updated = ($line["last_read"] == "" &&
	601	($line["unread"] != "t" && $line["unread"] != "1"));
	602
	603	$tags = explode(",", $line["tag_cache"]);
	604	$labels = json_decode($line["label_cache"], true);
	605
	606	//if (!$tags) $tags = get_article_tags($link, $line["id"]);
	607	//if (!$labels) $labels = get_article_labels($link, $line["id"]);
	608
	609	$headline_row = array(
	610	"id" => (int)$line["id"],
	611	"unread" => sql_bool_to_bool($line["unread"]),
	612	"marked" => sql_bool_to_bool($line["marked"]),
	613	"published" => sql_bool_to_bool($line["published"]),
ef3da31c	614	"updated" => (int) strtotime($line["updated"]),
04f60eb7 AD	615	"is_updated" => $is_updated,
	616	"title" => $line["title"],
	617	"link" => $line["link"],
	618	"feed_id" => $line["feed_id"],
	619	"tags" => $tags,
	620	);
	621
	622	if ($include_attachments)
	623	$headline_row['attachments'] = get_article_enclosures($link,
	624	$line['id']);
	625
	626	if ($show_excerpt) {
	627	$excerpt = truncate_string(strip_tags($line["content_preview"]), 100);
	628	$headline_row["excerpt"] = $excerpt;
	629	}
	630
	631	if ($show_content) {
	632
	633	if ($line["cached_content"] != "") {
	634	$line["content_preview"] =& $line["cached_content"];
	635	}
	636
	637	if ($sanitize_content) {
	638	$headline_row["content"] = sanitize($link,
bfd61d3f AD	639	$line["content_preview"],
	640	sql_bool_to_bool($line['hide_images']),
	641	false, $line["site_url"]);
04f60eb7 AD	642	} else {
	643	$headline_row["content"] = $line["content_preview"];
	644	}
	645	}
	646
	647	// unify label output to ease parsing
	648	if ($labels["no-labels"] == 1) $labels = array();
	649
	650	$headline_row["labels"] = $labels;
	651
	652	$headline_row["feed_title"] = $line["feed_title"];
	653
	654	$headline_row["comments_count"] = (int)$line["num_comments"];
	655	$headline_row["comments_link"] = $line["comments"];
	656
	657	$headline_row["always_display_attachments"] = sql_bool_to_bool($line["always_display_enclosures"]);
	658
	659	array_push($headlines, $headline_row);
	660	}
	661
	662	return $headlines;
	663	}
	664
de8260cb AD	665	}
	666
	667	?>