[tt-rss.git] / classes / article.php

<?php\r
class Article extends Handler_Protected {\r
\r
	function csrf_ignore($method) {\r
		$csrf_ignored = array("redirect");\r
\r
		return array_search($method, $csrf_ignored) !== false;\r
	}\r
\r
	function redirect() {\r
		$id = db_escape_string($_REQUEST['id']);\r
\r
		$result = db_query($this->link, "SELECT link FROM ttrss_entries, ttrss_user_entries\r
						WHERE id = '$id' AND id = ref_id AND owner_uid = '".$_SESSION['uid']."'\r
						LIMIT 1");\r
\r
		if (db_num_rows($result) == 1) {\r
			$article_url = db_fetch_result($result, 0, 'link');\r
			$article_url = str_replace("\n", "", $article_url);\r
\r
			header("Location: $article_url");\r
			return;\r
\r
		} else {\r
			print_error(__("Article not found."));\r
		}\r
	}\r
\r
	function view() {\r
		$id = db_escape_string($_REQUEST["id"]);\r
		$cids = explode(",", db_escape_string($_REQUEST["cids"]));\r
		$mode = db_escape_string($_REQUEST["mode"]);\r
		$omode = db_escape_string($_REQUEST["omode"]);\r
\r
		// in prefetch mode we only output requested cids, main article\r
		// just gets marked as read (it already exists in client cache)\r
\r
		$articles = array();\r
\r
		if ($mode == "") {\r
			array_push($articles, format_article($this->link, $id, false));\r
		} else if ($mode == "zoom") {\r
			array_push($articles, format_article($this->link, $id, true, true));\r
		} else if ($mode == "raw") {\r
			if ($_REQUEST['html']) {\r
				header("Content-Type: text/html");\r
				print '<link rel="stylesheet" type="text/css" href="tt-rss.css"/>';\r
			}\r
\r
			$article = format_article($this->link, $id, false);\r
			print $article['content'];\r
			return;\r
		}\r
\r
		$this->catchupArticleById($this->link, $id, 0);\r
\r
		if (!$_SESSION["bw_limit"]) {\r
			foreach ($cids as $cid) {\r
				if ($cid) {\r
					array_push($articles, format_article($this->link, $cid, false, false));\r
				}\r
			}\r
		}\r
\r
		print json_encode($articles);\r
	}\r
\r
	private function catchupArticleById($link, $id, $cmode) {\r
\r
		if ($cmode == 0) {\r
			db_query($link, "UPDATE ttrss_user_entries SET\r
			unread = false,last_read = NOW()\r
			WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);\r
		} else if ($cmode == 1) {\r
			db_query($link, "UPDATE ttrss_user_entries SET\r
			unread = true\r
			WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);\r
		} else {\r
			db_query($link, "UPDATE ttrss_user_entries SET\r
			unread = NOT unread,last_read = NOW()\r
			WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);\r
		}\r
\r
		$feed_id = getArticleFeed($link, $id);\r
		ccache_update($link, $feed_id, $_SESSION["uid"]);\r
	}\r
\r
	static function create_published_article($link, $title, $url, $content, $labels_str,\r
			$owner_uid) {\r
\r
		$guid = sha1($url . $owner_uid); // include owner_uid to prevent global GUID clash\r
		$content_hash = sha1($content);\r
\r
		if ($labels_str != "") {\r
			$labels = explode(",", $labels_str);\r
		} else {\r
			$labels = array();\r
		}\r
\r
		$rc = false;\r
\r
		if (!$title) $title = $url;\r
		if (!$title && !$url) return false;\r
\r
		if (filter_var($url, FILTER_VALIDATE_URL) === FALSE) return false;\r
\r
		db_query($link, "BEGIN");\r
\r
		// only check for our user data here, others might have shared this with different content etc\r
		$result = db_query($link, "SELECT id FROM ttrss_entries, ttrss_user_entries WHERE\r
			link = '$url' AND ref_id = id AND owner_uid = '$owner_uid' LIMIT 1");\r
\r
		if (db_num_rows($result) != 0) {\r
			$ref_id = db_fetch_result($result, 0, "id");\r
\r
			$result = db_query($link, "SELECT int_id FROM ttrss_user_entries WHERE\r
				ref_id = '$ref_id' AND owner_uid = '$owner_uid' LIMIT 1");\r
\r
			if (db_num_rows($result) != 0) {\r
				$int_id = db_fetch_result($result, 0, "int_id");\r
\r
				db_query($link, "UPDATE ttrss_entries SET\r
					content = '$content', content_hash = '$content_hash' WHERE id = '$ref_id'");\r
\r
				db_query($link, "UPDATE ttrss_user_entries SET published = true WHERE\r
						int_id = '$int_id' AND owner_uid = '$owner_uid'");\r
			} else {\r
\r
				db_query($link, "INSERT INTO ttrss_user_entries\r
					(ref_id, uuid, feed_id, orig_feed_id, owner_uid, published, tag_cache, label_cache, last_read, note, unread)\r
					VALUES\r
					('$ref_id', '', NULL, NULL, $owner_uid, true, '', '', NOW(), '', false)");\r
			}\r
\r
			if (count($labels) != 0) {\r
				foreach ($labels as $label) {\r
					label_add_article($link, $ref_id, trim($label), $owner_uid);\r
				}\r
			}\r
\r
			$rc = true;\r
\r
		} else {\r
			$result = db_query($link, "INSERT INTO ttrss_entries\r
				(title, guid, link, updated, content, content_hash, date_entered, date_updated)\r
				VALUES\r
				('$title', '$guid', '$url', NOW(), '$content', '$content_hash', NOW(), NOW())");\r
\r
			$result = db_query($link, "SELECT id FROM ttrss_entries WHERE guid = '$guid'");\r
\r
			if (db_num_rows($result) != 0) {\r
				$ref_id = db_fetch_result($result, 0, "id");\r
\r
				db_query($link, "INSERT INTO ttrss_user_entries\r
					(ref_id, uuid, feed_id, orig_feed_id, owner_uid, published, tag_cache, label_cache, last_read, note, unread)\r
					VALUES\r
					('$ref_id', '', NULL, NULL, $owner_uid, true, '', '', NOW(), '', false)");\r
\r
				if (count($labels) != 0) {\r
					foreach ($labels as $label) {\r
						label_add_article($link, $ref_id, trim($label), $owner_uid);\r
					}\r
				}\r
\r
				$rc = true;\r
			}\r
		}\r
\r
		db_query($link, "COMMIT");\r
\r
		return $rc;\r
	}\r
\r
\r
\r
}\r
Commit	Line	Data
3f363052	1	<?php\r
369dbc19	2	class Article extends Handler_Protected {\r
611efae7	3	\r
8484ce22 AD	4	function csrf_ignore($method) {\r
	5	$csrf_ignored = array("redirect");\r
	6	\r
	7	return array_search($method, $csrf_ignored) !== false;\r
	8	}\r
	9	\r
611efae7	10	function redirect() {\r
3f363052	11	$id = db_escape_string($_REQUEST['id']);\r
611efae7	12	\r
3f363052 AD	13	$result = db_query($this->link, "SELECT link FROM ttrss_entries, ttrss_user_entries\r
	14	WHERE id = '$id' AND id = ref_id AND owner_uid = '".$_SESSION['uid']."'\r
	15	LIMIT 1");\r
611efae7	16	\r
3f363052 AD	17	if (db_num_rows($result) == 1) {\r
	18	$article_url = db_fetch_result($result, 0, 'link');\r
	19	$article_url = str_replace("\n", "", $article_url);\r
611efae7	20	\r
3f363052 AD	21	header("Location: $article_url");\r
3f363052 AD	22	return;\r
611efae7	23	\r
3f363052 AD	24	} else {\r
	25	print_error(__("Article not found."));\r
	26	}\r
	27	}\r
	28	\r
	29	function view() {\r
	30	$id = db_escape_string($_REQUEST["id"]);\r
	31	$cids = explode(",", db_escape_string($_REQUEST["cids"]));\r
	32	$mode = db_escape_string($_REQUEST["mode"]);\r
	33	$omode = db_escape_string($_REQUEST["omode"]);\r
611efae7	34	\r
3f363052 AD	35	// in prefetch mode we only output requested cids, main article\r
3f363052 AD	36	// just gets marked as read (it already exists in client cache)\r
611efae7	37	\r
3f363052	38	$articles = array();\r
611efae7	39	\r
3f363052 AD	40	if ($mode == "") {\r
	41	array_push($articles, format_article($this->link, $id, false));\r
	42	} else if ($mode == "zoom") {\r
	43	array_push($articles, format_article($this->link, $id, true, true));\r
	44	} else if ($mode == "raw") {\r
	45	if ($_REQUEST['html']) {\r
	46	header("Content-Type: text/html");\r
	47	print '<link rel="stylesheet" type="text/css" href="tt-rss.css"/>';\r
	48	}\r
611efae7	49	\r
3f363052 AD	50	$article = format_article($this->link, $id, false);\r
	51	print $article['content'];\r
	52	return;\r
	53	}\r
611efae7	54	\r
87d7e850	55	$this->catchupArticleById($this->link, $id, 0);\r
611efae7	56	\r
3f363052 AD	57	if (!$_SESSION["bw_limit"]) {\r
	58	foreach ($cids as $cid) {\r
	59	if ($cid) {\r
	60	array_push($articles, format_article($this->link, $cid, false, false));\r
	61	}\r
	62	}\r
	63	}\r
611efae7	64	\r
3f363052	65	print json_encode($articles);\r
87d7e850 AD	66	}\r
	67	\r
	68	private function catchupArticleById($link, $id, $cmode) {\r
	69	\r
	70	if ($cmode == 0) {\r
	71	db_query($link, "UPDATE ttrss_user_entries SET\r
	72	unread = false,last_read = NOW()\r
	73	WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);\r
	74	} else if ($cmode == 1) {\r
	75	db_query($link, "UPDATE ttrss_user_entries SET\r
	76	unread = true\r
	77	WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);\r
	78	} else {\r
	79	db_query($link, "UPDATE ttrss_user_entries SET\r
	80	unread = NOT unread,last_read = NOW()\r
	81	WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);\r
	82	}\r
611efae7	83	\r
87d7e850 AD	84	$feed_id = getArticleFeed($link, $id);\r
87d7e850 AD	85	ccache_update($link, $feed_id, $_SESSION["uid"]);\r
3f363052	86	}\r
611efae7	87	\r
50832719 AD	88	static function create_published_article($link, $title, $url, $content, $labels_str,\r
	89	$owner_uid) {\r
	90	\r
	91	$guid = sha1($url . $owner_uid); // include owner_uid to prevent global GUID clash\r
	92	$content_hash = sha1($content);\r
	93	\r
	94	if ($labels_str != "") {\r
	95	$labels = explode(",", $labels_str);\r
	96	} else {\r
	97	$labels = array();\r
	98	}\r
	99	\r
	100	$rc = false;\r
	101	\r
	102	if (!$title) $title = $url;\r
	103	if (!$title && !$url) return false;\r
	104	\r
	105	if (filter_var($url, FILTER_VALIDATE_URL) === FALSE) return false;\r
	106	\r
	107	db_query($link, "BEGIN");\r
	108	\r
	109	// only check for our user data here, others might have shared this with different content etc\r
	110	$result = db_query($link, "SELECT id FROM ttrss_entries, ttrss_user_entries WHERE\r
	111	link = '$url' AND ref_id = id AND owner_uid = '$owner_uid' LIMIT 1");\r
	112	\r
	113	if (db_num_rows($result) != 0) {\r
	114	$ref_id = db_fetch_result($result, 0, "id");\r
	115	\r
	116	$result = db_query($link, "SELECT int_id FROM ttrss_user_entries WHERE\r
	117	ref_id = '$ref_id' AND owner_uid = '$owner_uid' LIMIT 1");\r
	118	\r
	119	if (db_num_rows($result) != 0) {\r
	120	$int_id = db_fetch_result($result, 0, "int_id");\r
	121	\r
	122	db_query($link, "UPDATE ttrss_entries SET\r
	123	content = '$content', content_hash = '$content_hash' WHERE id = '$ref_id'");\r
	124	\r
	125	db_query($link, "UPDATE ttrss_user_entries SET published = true WHERE\r
	126	int_id = '$int_id' AND owner_uid = '$owner_uid'");\r
	127	} else {\r
	128	\r
	129	db_query($link, "INSERT INTO ttrss_user_entries\r
	130	(ref_id, uuid, feed_id, orig_feed_id, owner_uid, published, tag_cache, label_cache, last_read, note, unread)\r
	131	VALUES\r
	132	('$ref_id', '', NULL, NULL, $owner_uid, true, '', '', NOW(), '', false)");\r
	133	}\r
	134	\r
	135	if (count($labels) != 0) {\r
	136	foreach ($labels as $label) {\r
	137	label_add_article($link, $ref_id, trim($label), $owner_uid);\r
	138	}\r
	139	}\r
	140	\r
	141	$rc = true;\r
	142	\r
	143	} else {\r
	144	$result = db_query($link, "INSERT INTO ttrss_entries\r
	145	(title, guid, link, updated, content, content_hash, date_entered, date_updated)\r
	146	VALUES\r
	147	('$title', '$guid', '$url', NOW(), '$content', '$content_hash', NOW(), NOW())");\r
	148	\r
	149	$result = db_query($link, "SELECT id FROM ttrss_entries WHERE guid = '$guid'");\r
	150	\r
	151	if (db_num_rows($result) != 0) {\r
152	$ref_id = db_fetch_result($result, 0, "id");\r
153	\r
154	db_query($link, "INSERT INTO ttrss_user_entries\r
155	(ref_id, uuid, feed_id, orig_feed_id, owner_uid, published, tag_cache, label_cache, last_read, note, unread)\r
156	VALUES\r
157	('$ref_id', '', NULL, NULL, $owner_uid, true, '', '', NOW(), '', false)");\r
158	\r
159	if (count($labels) != 0) {\r
160	foreach ($labels as $label) {\r
161	label_add_article($link, $ref_id, trim($label), $owner_uid);\r
162	}\r
163	}\r
164	\r
165	$rc = true;\r
166	}\r
167	}\r
168	\r
169	db_query($link, "COMMIT");\r
170	\r
171	return $rc;\r
172	}\r
173	\r
174	\r
87d7e850	175	\r
611efae7	176	}\r