]>
Commit | Line | Data |
---|---|---|
6afcbcd1 AD |
1 | <?php |
2 | class Article extends Handler_Protected { | |
3 | ||
4 | function csrf_ignore($method) { | |
1c9bda91 | 5 | $csrf_ignored = array("redirect", "editarticletags"); |
6afcbcd1 AD |
6 | |
7 | return array_search($method, $csrf_ignored) !== false; | |
8 | } | |
9 | ||
10 | function redirect() { | |
3972bf59 | 11 | $id = db_escape_string($this->link, $_REQUEST['id']); |
6afcbcd1 AD |
12 | |
13 | $result = db_query($this->link, "SELECT link FROM ttrss_entries, ttrss_user_entries | |
14 | WHERE id = '$id' AND id = ref_id AND owner_uid = '".$_SESSION['uid']."' | |
15 | LIMIT 1"); | |
16 | ||
17 | if (db_num_rows($result) == 1) { | |
18 | $article_url = db_fetch_result($result, 0, 'link'); | |
19 | $article_url = str_replace("\n", "", $article_url); | |
20 | ||
21 | header("Location: $article_url"); | |
22 | return; | |
23 | ||
24 | } else { | |
25 | print_error(__("Article not found.")); | |
26 | } | |
27 | } | |
28 | ||
29 | function view() { | |
3972bf59 AD |
30 | $id = db_escape_string($this->link, $_REQUEST["id"]); |
31 | $cids = explode(",", db_escape_string($this->link, $_REQUEST["cids"])); | |
32 | $mode = db_escape_string($this->link, $_REQUEST["mode"]); | |
33 | $omode = db_escape_string($this->link, $_REQUEST["omode"]); | |
6afcbcd1 AD |
34 | |
35 | // in prefetch mode we only output requested cids, main article | |
36 | // just gets marked as read (it already exists in client cache) | |
37 | ||
38 | $articles = array(); | |
39 | ||
40 | if ($mode == "") { | |
41 | array_push($articles, format_article($this->link, $id, false)); | |
42 | } else if ($mode == "zoom") { | |
43 | array_push($articles, format_article($this->link, $id, true, true)); | |
44 | } else if ($mode == "raw") { | |
45 | if ($_REQUEST['html']) { | |
46 | header("Content-Type: text/html"); | |
47 | print '<link rel="stylesheet" type="text/css" href="tt-rss.css"/>'; | |
48 | } | |
49 | ||
50 | $article = format_article($this->link, $id, false); | |
51 | print $article['content']; | |
52 | return; | |
53 | } | |
54 | ||
55 | $this->catchupArticleById($this->link, $id, 0); | |
56 | ||
57 | if (!$_SESSION["bw_limit"]) { | |
58 | foreach ($cids as $cid) { | |
59 | if ($cid) { | |
60 | array_push($articles, format_article($this->link, $cid, false, false)); | |
61 | } | |
62 | } | |
63 | } | |
64 | ||
65 | print json_encode($articles); | |
66 | } | |
67 | ||
68 | private function catchupArticleById($link, $id, $cmode) { | |
69 | ||
70 | if ($cmode == 0) { | |
71 | db_query($link, "UPDATE ttrss_user_entries SET | |
72 | unread = false,last_read = NOW() | |
73 | WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]); | |
74 | } else if ($cmode == 1) { | |
75 | db_query($link, "UPDATE ttrss_user_entries SET | |
76 | unread = true | |
77 | WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]); | |
78 | } else { | |
79 | db_query($link, "UPDATE ttrss_user_entries SET | |
80 | unread = NOT unread,last_read = NOW() | |
81 | WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]); | |
82 | } | |
83 | ||
84 | $feed_id = getArticleFeed($link, $id); | |
85 | ccache_update($link, $feed_id, $_SESSION["uid"]); | |
86 | } | |
87 | ||
88 | static function create_published_article($link, $title, $url, $content, $labels_str, | |
89 | $owner_uid) { | |
90 | ||
91 | $guid = sha1($url . $owner_uid); // include owner_uid to prevent global GUID clash | |
92 | $content_hash = sha1($content); | |
93 | ||
94 | if ($labels_str != "") { | |
95 | $labels = explode(",", $labels_str); | |
96 | } else { | |
97 | $labels = array(); | |
98 | } | |
99 | ||
100 | $rc = false; | |
101 | ||
102 | if (!$title) $title = $url; | |
103 | if (!$title && !$url) return false; | |
104 | ||
105 | if (filter_var($url, FILTER_VALIDATE_URL) === FALSE) return false; | |
106 | ||
107 | db_query($link, "BEGIN"); | |
108 | ||
109 | // only check for our user data here, others might have shared this with different content etc | |
110 | $result = db_query($link, "SELECT id FROM ttrss_entries, ttrss_user_entries WHERE | |
111 | link = '$url' AND ref_id = id AND owner_uid = '$owner_uid' LIMIT 1"); | |
112 | ||
113 | if (db_num_rows($result) != 0) { | |
114 | $ref_id = db_fetch_result($result, 0, "id"); | |
115 | ||
116 | $result = db_query($link, "SELECT int_id FROM ttrss_user_entries WHERE | |
117 | ref_id = '$ref_id' AND owner_uid = '$owner_uid' LIMIT 1"); | |
118 | ||
119 | if (db_num_rows($result) != 0) { | |
120 | $int_id = db_fetch_result($result, 0, "int_id"); | |
121 | ||
122 | db_query($link, "UPDATE ttrss_entries SET | |
123 | content = '$content', content_hash = '$content_hash' WHERE id = '$ref_id'"); | |
124 | ||
d2888e88 AD |
125 | db_query($link, "UPDATE ttrss_user_entries SET published = true, |
126 | last_published = NOW() WHERE | |
6afcbcd1 AD |
127 | int_id = '$int_id' AND owner_uid = '$owner_uid'"); |
128 | } else { | |
129 | ||
130 | db_query($link, "INSERT INTO ttrss_user_entries | |
d2888e88 AD |
131 | (ref_id, uuid, feed_id, orig_feed_id, owner_uid, published, tag_cache, label_cache, |
132 | last_read, note, unread, last_published) | |
6afcbcd1 | 133 | VALUES |
d2888e88 | 134 | ('$ref_id', '', NULL, NULL, $owner_uid, true, '', '', NOW(), '', false, NOW())"); |
6afcbcd1 AD |
135 | } |
136 | ||
137 | if (count($labels) != 0) { | |
138 | foreach ($labels as $label) { | |
139 | label_add_article($link, $ref_id, trim($label), $owner_uid); | |
140 | } | |
141 | } | |
142 | ||
143 | $rc = true; | |
144 | ||
145 | } else { | |
146 | $result = db_query($link, "INSERT INTO ttrss_entries | |
147 | (title, guid, link, updated, content, content_hash, date_entered, date_updated) | |
148 | VALUES | |
149 | ('$title', '$guid', '$url', NOW(), '$content', '$content_hash', NOW(), NOW())"); | |
150 | ||
151 | $result = db_query($link, "SELECT id FROM ttrss_entries WHERE guid = '$guid'"); | |
152 | ||
153 | if (db_num_rows($result) != 0) { | |
154 | $ref_id = db_fetch_result($result, 0, "id"); | |
155 | ||
156 | db_query($link, "INSERT INTO ttrss_user_entries | |
d2888e88 AD |
157 | (ref_id, uuid, feed_id, orig_feed_id, owner_uid, published, tag_cache, label_cache, |
158 | last_read, note, unread, last_published) | |
6afcbcd1 | 159 | VALUES |
d2888e88 | 160 | ('$ref_id', '', NULL, NULL, $owner_uid, true, '', '', NOW(), '', false, NOW())"); |
6afcbcd1 AD |
161 | |
162 | if (count($labels) != 0) { | |
163 | foreach ($labels as $label) { | |
164 | label_add_article($link, $ref_id, trim($label), $owner_uid); | |
165 | } | |
166 | } | |
167 | ||
168 | $rc = true; | |
169 | } | |
170 | } | |
171 | ||
172 | db_query($link, "COMMIT"); | |
173 | ||
174 | return $rc; | |
175 | } | |
176 | ||
1c9bda91 AD |
177 | function editArticleTags() { |
178 | ||
179 | print __("Tags for this article (separated by commas):")."<br>"; | |
180 | ||
181 | $param = db_escape_string($this->link, $_REQUEST['param']); | |
182 | ||
183 | $tags = get_article_tags($this->link, db_escape_string($this->link, $param)); | |
184 | ||
185 | $tags_str = join(", ", $tags); | |
186 | ||
187 | print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"id\" value=\"$param\">"; | |
188 | print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"op\" value=\"rpc\">"; | |
189 | print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"method\" value=\"setArticleTags\">"; | |
190 | ||
191 | print "<table width='100%'><tr><td>"; | |
192 | ||
193 | print "<textarea dojoType=\"dijit.form.SimpleTextarea\" rows='4' | |
194 | style='font-size : 12px; width : 100%' id=\"tags_str\" | |
195 | name='tags_str'>$tags_str</textarea> | |
196 | <div class=\"autocomplete\" id=\"tags_choices\" | |
197 | style=\"display:none\"></div>"; | |
198 | ||
199 | print "</td></tr></table>"; | |
200 | ||
201 | print "<div class='dlgButtons'>"; | |
202 | ||
203 | print "<button dojoType=\"dijit.form.Button\" | |
204 | onclick=\"dijit.byId('editTagsDlg').execute()\">".__('Save')."</button> "; | |
205 | print "<button dojoType=\"dijit.form.Button\" | |
206 | onclick=\"dijit.byId('editTagsDlg').hide()\">".__('Cancel')."</button>"; | |
207 | print "</div>"; | |
208 | ||
209 | } | |
6afcbcd1 | 210 | |
d719b062 AD |
211 | function setScore() { |
212 | $ids = db_escape_string($this->link, $_REQUEST['id']); | |
213 | $score = (int)db_escape_string($this->link, $_REQUEST['score']); | |
214 | ||
215 | db_query($this->link, "UPDATE ttrss_user_entries SET | |
216 | score = '$score' WHERE ref_id IN ($ids) AND owner_uid = " . $_SESSION["uid"]); | |
217 | ||
218 | print json_encode(array("id" => $id, | |
219 | "score_pic" => get_score_pic($score))); | |
220 | } | |
221 | ||
6afcbcd1 AD |
222 | |
223 | } |