]> git.wh0rd.org - tt-rss.git/blame - classes/article.php
git.wh0rd.org / tt-rss.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
oops, remove useless db_escape_string() in article class (and nsfw plugin)
[tt-rss.git] / classes / article.php
CommitLineData
6afcbcd1
AD		 1<?php
2class Article extends Handler_Protected {
3
4 function csrf_ignore($method) {
1c9bda91 5 $csrf_ignored = array("redirect", "editarticletags");
6afcbcd1
AD		 6
7 return array_search($method, $csrf_ignored) !== false;
8 }
9
10 function redirect() {
e6532439 11 $id = clean($_REQUEST['id']);
187abfe7 12
c39ee272
AD		 13 $sth = $this->pdo->prepare("SELECT link FROM ttrss_entries, ttrss_user_entries
14 WHERE id = ? AND id = ref_id AND owner_uid = ?
6afcbcd1 15 LIMIT 1");
c39ee272 16 $sth->execute([$id, $_SESSION['uid']]);
6afcbcd1 17
c39ee272
AD		 18 if ($row = $sth->fetch()) {
19 $article_url = $row['link'];
6afcbcd1
AD		 20 $article_url = str_replace("\n", "", $article_url);
21
22 header("Location: $article_url");
23 return;
24
25 } else {
26 print_error(__("Article not found."));
27 }
28 }
29
30 function view() {
e6532439
AD		 31 $id = clean($_REQUEST["id"]);
32 $cids = explode(",", clean($_REQUEST["cids"]));
33 $mode = clean($_REQUEST["mode"]);
6afcbcd1
AD		 34
35 // in prefetch mode we only output requested cids, main article
36 // just gets marked as read (it already exists in client cache)
37
38 $articles = array();
39
40 if ($mode == "") {
7e5f8d9f 41 array_push($articles, $this->format_article($id, false));
6afcbcd1 42 } else if ($mode == "zoom") {
7e5f8d9f 43 array_push($articles, $this->format_article($id, true, true));
6afcbcd1 44 } else if ($mode == "raw") {
f48f292d 45 if (isset($_REQUEST['html'])) {
6afcbcd1 46 header("Content-Type: text/html");
9dd336a2 47 print '<link rel="stylesheet" type="text/css" href="css/default.css"/>';
6afcbcd1
AD		 48 }
49
7e5f8d9f 50 $article = $this->format_article($id, false, isset($_REQUEST["zoom"]));
6afcbcd1
AD		 51 print $article['content'];
52 return;
53 }
54
a42c55f0 55 $this->catchupArticleById($id, 0);
6afcbcd1
AD		 56
57 if (!$_SESSION["bw_limit"]) {
58 foreach ($cids as $cid) {
59 if ($cid) {
7e5f8d9f 60 array_push($articles, $this->format_article($cid, false, false));
6afcbcd1
AD		 61 }
62 }
63 }
64
65 print json_encode($articles);
66 }
67
a42c55f0 68 private function catchupArticleById($id, $cmode) {
6afcbcd1
AD		 69
70 if ($cmode == 0) {
c39ee272 71 $sth = $this->pdo->prepare("UPDATE ttrss_user_entries SET
6afcbcd1 72 unread = false,last_read = NOW()
c39ee272 73 WHERE ref_id = ? AND owner_uid = ?");
6afcbcd1 74 } else if ($cmode == 1) {
c39ee272 75 $sth = $this->pdo->prepare("UPDATE ttrss_user_entries SET
6afcbcd1 76 unread = true
c39ee272 77 WHERE ref_id = ? AND owner_uid = ?");
6afcbcd1 78 } else {
c39ee272 79 $sth = $this->pdo->prepare("UPDATE ttrss_user_entries SET
6afcbcd1 80 unread = NOT unread,last_read = NOW()
c39ee272 81 WHERE ref_id = ? AND owner_uid = ?");
6afcbcd1
AD		 82 }
83
c39ee272
AD		 84 $sth->execute([$id, $_SESSION['uid']]);
85
4122da02 86 $feed_id = $this->getArticleFeed($id);
2ed0d6c4 87 CCache::update($feed_id, $_SESSION["uid"]);
6afcbcd1
AD		 88 }
89
a42c55f0 90 static function create_published_article($title, $url, $content, $labels_str,
6afcbcd1
AD		 91 $owner_uid) {
92
5e3d5480 93 $guid = 'SHA1:' . sha1("ttshared:" . $url . $owner_uid); // include owner_uid to prevent global GUID clash
666cd333
AD		 94
95 if (!$content) {
96 $pluginhost = new PluginHost();
97 $pluginhost->load_all(PluginHost::KIND_ALL, $owner_uid);
7af2e795 98 $pluginhost->load_data();
666cd333
AD		 99
100 $af_readability = $pluginhost->get_plugin("Af_Readability");
101
102 if ($af_readability) {
7af2e795 103 $enable_share_anything = $pluginhost->get($af_readability, "enable_share_anything");
666cd333 104
7af2e795
AD		 105 if ($enable_share_anything) {
106 $extracted_content = $af_readability->extract_content($url);
107
2c57df75 108 if ($extracted_content) $content = $extracted_content;
7af2e795 109 }
666cd333
AD		 110 }
111 }
112
6afcbcd1
AD		 113 $content_hash = sha1($content);
114
115 if ($labels_str != "") {
116 $labels = explode(",", $labels_str);
117 } else {
118 $labels = array();
119 }
120
121 $rc = false;
122
123 if (!$title) $title = $url;
124 if (!$title && !$url) return false;
125
126 if (filter_var($url, FILTER_VALIDATE_URL) === FALSE) return false;
127
d0e73ed8 128 $pdo = Db::pdo();
3a029230 129
d0e73ed8 130 $pdo->beginTransaction();
6afcbcd1
AD		 131
132 // only check for our user data here, others might have shared this with different content etc
d0e73ed8 133 $sth = $pdo->prepare("SELECT id FROM ttrss_entries, ttrss_user_entries WHERE
c39ee272
AD		 134 guid = ? AND ref_id = id AND owner_uid = ? LIMIT 1");
135 $sth->execute([$guid, $owner_uid]);
6afcbcd1 136
c39ee272
AD		 137 if ($row = $sth->fetch()) {
138 $ref_id = $row['id'];
6afcbcd1 139
d0e73ed8 140 $sth = $pdo->prepare("SELECT int_id FROM ttrss_user_entries WHERE
c39ee272
AD		 141 ref_id = ? AND owner_uid = ? LIMIT 1");
142 $sth->execute([$ref_id, $owner_uid]);
6afcbcd1 143
c39ee272
AD		 144 if ($row = $sth->fetch()) {
145 $int_id = $row['int_id'];
6afcbcd1 146
d0e73ed8 147 $sth = $pdo->prepare("UPDATE ttrss_entries SET
c39ee272
AD		 148 content = ?, content_hash = ? WHERE id = ?");
149 $sth->execute([$content, $content_hash, $ref_id]);
6afcbcd1 150
d0e73ed8 151 $sth = $pdo->prepare("UPDATE ttrss_user_entries SET published = true,
d2888e88 152 last_published = NOW() WHERE
c39ee272
AD		 153 int_id = ? AND owner_uid = ?");
154 $sth->execute([$int_id, $owner_uid]);
155
6afcbcd1
AD		 156 } else {
157
d0e73ed8 158 $sth = $pdo->prepare("INSERT INTO ttrss_user_entries
d2888e88
AD		 159 (ref_id, uuid, feed_id, orig_feed_id, owner_uid, published, tag_cache, label_cache,
160 last_read, note, unread, last_published)
6afcbcd1 161 VALUES
c39ee272
AD		 162 (?, '', NULL, NULL, ?, true, '', '', NOW(), '', false, NOW())");
163 $sth->execute([$ref_id, $owner_uid]);
6afcbcd1
AD		 164 }
165
166 if (count($labels) != 0) {
167 foreach ($labels as $label) {
7c9b5a3f 168 Labels::add_article($ref_id, trim($label), $owner_uid);
6afcbcd1
AD		 169 }
170 }
171
172 $rc = true;
173
174 } else {
d0e73ed8 175 $sth = $pdo->prepare("INSERT INTO ttrss_entries
6afcbcd1
AD		 176 (title, guid, link, updated, content, content_hash, date_entered, date_updated)
177 VALUES
c39ee272
AD		 178 (?, ?, ?, NOW(), ?, ?, NOW(), NOW())");
179 $sth->execute([$title, $guid, $url, $content, $content_hash]);
6afcbcd1 180
d0e73ed8 181 $sth = $pdo->prepare("SELECT id FROM ttrss_entries WHERE guid = ?");
c39ee272 182 $sth->execute([$guid]);
6afcbcd1 183
c39ee272
AD		 184 if ($row = $sth->fetch()) {
185 $ref_id = $row["id"];
6afcbcd1 186
d0e73ed8 187 $sth = $pdo->prepare("INSERT INTO ttrss_user_entries
d2888e88
AD		 188 (ref_id, uuid, feed_id, orig_feed_id, owner_uid, published, tag_cache, label_cache,
189 last_read, note, unread, last_published)
6afcbcd1 190 VALUES
c39ee272
AD		 191 (?, '', NULL, NULL, ?, true, '', '', NOW(), '', false, NOW())");
192 $sth->execute([$ref_id, $owner_uid]);
6afcbcd1
AD		 193
194 if (count($labels) != 0) {
195 foreach ($labels as $label) {
7c9b5a3f 196 Labels::add_article($ref_id, trim($label), $owner_uid);
6afcbcd1
AD		 197 }
198 }
199
200 $rc = true;
201 }
202 }
203
d0e73ed8 204 $pdo->commit();
6afcbcd1
AD		 205
206 return $rc;
207 }
208
1c9bda91
AD		 209 function editArticleTags() {
210
211 print __("Tags for this article (separated by commas):")."<br>";
212
e6532439 213 $param = clean($_REQUEST['param']);
1c9bda91 214
2c57df75 215 $tags = Article::get_article_tags($param);
1c9bda91
AD		 216
217 $tags_str = join(", ", $tags);
218
328118d1
AD		 219 print_hidden("id", "$param");
220 print_hidden("op", "article");
221 print_hidden("method", "setArticleTags");
1c9bda91
AD		 222
223 print "<table width='100%'><tr><td>";
224
225 print "<textarea dojoType=\"dijit.form.SimpleTextarea\" rows='4'
8b8568e9 226 style='height : 100px; font-size : 12px; width : 98%' id=\"tags_str\"
1c9bda91
AD		 227 name='tags_str'>$tags_str</textarea>
228 <div class=\"autocomplete\" id=\"tags_choices\"
229 style=\"display:none\"></div>";
230
231 print "</td></tr></table>";
232
233 print "<div class='dlgButtons'>";
234
235 print "<button dojoType=\"dijit.form.Button\"
236 onclick=\"dijit.byId('editTagsDlg').execute()\">".__('Save')."</button> ";
237 print "<button dojoType=\"dijit.form.Button\"
238 onclick=\"dijit.byId('editTagsDlg').hide()\">".__('Cancel')."</button>";
239 print "</div>";
240
241 }
6afcbcd1 242
d719b062 243 function setScore() {
e6532439
AD		 244 $ids = explode(",", clean($_REQUEST['id']));
245 $score = (int)clean($_REQUEST['score']);
d719b062 246
c39ee272
AD		 247 $ids_qmarks = arr_qmarks($ids);
248
249 $sth = $this->pdo->prepare("UPDATE ttrss_user_entries SET
250 score = ? WHERE ref_id IN ($ids_qmarks) AND owner_uid = ?");
251
252 $sth->execute(array_merge([$score], $ids, [$_SESSION['uid']]));
d719b062 253
6f7798b6 254 print json_encode(array("id" => $ids,
a72cd54c
AD		 255 "score" => (int)$score,
256 "score_pic" => get_score_pic($score)));
257 }
258
259 function getScore() {
e6532439 260 $id = clean($_REQUEST['id']);
c39ee272
AD		 261
262 $sth = $this->pdo->prepare("SELECT score FROM ttrss_user_entries WHERE ref_id = ? AND owner_uid = ?");
263 $sth->execute([$id, $_SESSION['uid']]);
264 $row = $sth->fetch();
a72cd54c 265
c39ee272 266 $score = $row['score'];
a72cd54c
AD		 267
268 print json_encode(array("id" => $id,
269 "score" => (int)$score,
d719b062
AD		 270 "score_pic" => get_score_pic($score)));
271 }
272
6afcbcd1 273
5df8be5c
AD		 274 function setArticleTags() {
275
e6532439 276 $id = clean($_REQUEST["id"]);
5df8be5c 277
e6532439 278 $tags_str = clean($_REQUEST["tags_str"]);
5df8be5c
AD		 279 $tags = array_unique(trim_array(explode(",", $tags_str)));
280
2e46b434 281 $this->pdo->beginTransaction();
5df8be5c 282
d0e73ed8
AD		 283 $sth = $this->pdo->prepare("SELECT int_id FROM ttrss_user_entries WHERE
284 ref_id = ? AND owner_uid = ? LIMIT 1");
285 $sth->execute([$id, $_SESSION['uid']]);
5df8be5c 286
d0e73ed8 287 if ($row = $sth->fetch()) {
5df8be5c
AD		 288
289 $tags_to_cache = array();
290
d0e73ed8 291 $int_id = $row['int_id'];
5df8be5c 292
d0e73ed8
AD		 293 $sth = $this->pdo->prepare("DELETE FROM ttrss_tags WHERE
294 post_int_id = ? AND owner_uid = ?");
295 $sth->execute([$int_id, $_SESSION['uid']]);
5df8be5c
AD		 296
297 foreach ($tags as $tag) {
298 $tag = sanitize_tag($tag);
299
300 if (!tag_is_valid($tag)) {
301 continue;
302 }
303
304 if (preg_match("/^[0-9]*$/", $tag)) {
305 continue;
306 }
307
308 // print "<!-- $id : $int_id : $tag -->";
309
310 if ($tag != '') {
d0e73ed8 311 $sth = $this->pdo->prepare("INSERT INTO ttrss_tags
3a029230 312 (post_int_id, owner_uid, tag_name)
d0e73ed8
AD		 313 VALUES (?, ?, ?)");
314
315 $sth->execute([$int_id, $_SESSION['uid'], $tag]);
5df8be5c
AD		 316 }
317
318 array_push($tags_to_cache, $tag);
319 }
320
321 /* update tag cache */
322
323 sort($tags_to_cache);
324 $tags_str = join(",", $tags_to_cache);
325
d0e73ed8
AD		 326 $sth = $this->pdo->prepare("UPDATE ttrss_user_entries
327 SET tag_cache = ? WHERE ref_id = ? AND owner_uid = ?");
328 $sth->execute([$tags_str, $id, $_SESSION['uid']]);
5df8be5c
AD		 329 }
330
2e46b434 331 $this->pdo->commit();
5df8be5c 332
7e5f8d9f
AD		 333 $tags = Article::get_article_tags($id);
334 $tags_str = $this->format_tags_string($tags, $id);
5df8be5c
AD		 335 $tags_str_full = join(", ", $tags);
336
337 if (!$tags_str_full) $tags_str_full = __("no tags");
338
339 print json_encode(array("id" => (int)$id,
340 "content" => $tags_str, "content_full" => $tags_str_full));
341 }
342
c83554bd
AD		 343
344 function completeTags() {
e6532439 345 $search = clean($_REQUEST["search"]);
c83554bd 346
d0e73ed8
AD		 347 $sth = $this->pdo->prepare("SELECT DISTINCT tag_name FROM ttrss_tags
348 WHERE owner_uid = ? AND
349 tag_name LIKE ? ORDER BY tag_name
c83554bd
AD		 350 LIMIT 10");
351
d0e73ed8
AD		 352 $sth->execute([$_SESSION['uid'], "$search%"]);
353
c83554bd 354 print "<ul>";
d0e73ed8 355 while ($line = $sth->fetch()) {
c83554bd
AD		 356 print "<li>" . $line["tag_name"] . "</li>";
357 }
358 print "</ul>";
359 }
360
4b7726f0
AD		 361 function assigntolabel() {
362 return $this->labelops(true);
363 }
364
365 function removefromlabel() {
366 return $this->labelops(false);
367 }
368
369 private function labelops($assign) {
370 $reply = array();
371
e6532439
AD		 372 $ids = explode(",", clean($_REQUEST["ids"]));
373 $label_id = clean($_REQUEST["lid"]);
4b7726f0 374
ed1262d5 375 $label = Labels::find_caption($label_id, $_SESSION["uid"]);
4b7726f0
AD		 376
377 $reply["info-for-headlines"] = array();
378
379 if ($label) {
380
381 foreach ($ids as $id) {
382
383 if ($assign)
7c9b5a3f 384 Labels::add_article($id, $label, $_SESSION["uid"]);
4b7726f0 385 else
7c9b5a3f 386 Labels::remove_article($id, $label, $_SESSION["uid"]);
4b7726f0 387
4a0da0e5 388 $labels = $this->get_article_labels($id, $_SESSION["uid"]);
4b7726f0
AD		 389
390 array_push($reply["info-for-headlines"],
7e5f8d9f 391 array("id" => $id, "labels" => $this->format_article_labels($labels)));
4b7726f0
AD		 392
393 }
394 }
395
396 $reply["message"] = "UPDATE_COUNTERS";
397
398 print json_encode($reply);
399 }
400
4122da02 401 function getArticleFeed($id) {
d0e73ed8
AD		 402 $sth = $this->pdo->prepare("SELECT feed_id FROM ttrss_user_entries
403 WHERE ref_id = ? AND owner_uid = ?");
404 $sth->execute([$id, $_SESSION['uid']]);
4122da02 405
d0e73ed8
AD		 406 if ($row = $sth->fetch()) {
407 return $row["feed_id"];
4122da02
AD		 408 } else {
409 return 0;
410 }
411 }
4b7726f0 412
7e5f8d9f
AD		 413 static function format_article_enclosures($id, $always_display_enclosures,
414 $article_content, $hide_images = false) {
415
416 $result = Article::get_article_enclosures($id);
417 $rv = '';
418
419 foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_FORMAT_ENCLOSURES) as $plugin) {
420 $retval = $plugin->hook_format_enclosures($rv, $result, $id, $always_display_enclosures, $article_content, $hide_images);
421 if (is_array($retval)) {
422 $rv = $retval[0];
423 $result = $retval[1];
424 } else {
425 $rv = $retval;
426 }
427 }
428 unset($retval); // Unset to prevent breaking render if there are no HOOK_RENDER_ENCLOSURE hooks below.
429
430 if ($rv === '' && !empty($result)) {
431 $entries_html = array();
432 $entries = array();
433 $entries_inline = array();
434
435 foreach ($result as $line) {
436
437 foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_ENCLOSURE_ENTRY) as $plugin) {
438 $line = $plugin->hook_enclosure_entry($line);
439 }
440
441 $url = $line["content_url"];
442 $ctype = $line["content_type"];
443 $title = $line["title"];
444 $width = $line["width"];
445 $height = $line["height"];
446
447 if (!$ctype) $ctype = __("unknown type");
448
449 //$filename = substr($url, strrpos($url, "/")+1);
450 $filename = basename($url);
451
452 $player = format_inline_player($url, $ctype);
453
454 if ($player) array_push($entries_inline, $player);
455
456# $entry .= " <a target=\"_blank\" href=\"" . htmlspecialchars($url) . "\" rel=\"noopener noreferrer\">" .
457# $filename . " (" . $ctype . ")" . "</a>";
458
459 $entry = "<div onclick=\"openUrlPopup('".htmlspecialchars($url)."')\"
460 dojoType=\"dijit.MenuItem\">$filename ($ctype)</div>";
461
462 array_push($entries_html, $entry);
463
464 $entry = array();
465
466 $entry["type"] = $ctype;
467 $entry["filename"] = $filename;
468 $entry["url"] = $url;
469 $entry["title"] = $title;
470 $entry["width"] = $width;
471 $entry["height"] = $height;
472
473 array_push($entries, $entry);
474 }
475
476 if ($_SESSION['uid'] && !get_pref("STRIP_IMAGES") && !$_SESSION["bw_limit"]) {
477 if ($always_display_enclosures ||
478 !preg_match("/<img/i", $article_content)) {
479
480 foreach ($entries as $entry) {
481
482 foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_RENDER_ENCLOSURE) as $plugin)
483 $retval = $plugin->hook_render_enclosure($entry, $hide_images);
484
485
486 if ($retval) {
487 $rv .= $retval;
488 } else {
489
490 if (preg_match("/image/", $entry["type"])) {
491
492 if (!$hide_images) {
493 $encsize = '';
494 if ($entry['height'] > 0)
495 $encsize .= ' height="' . intval($entry['height']) . '"';
496 if ($entry['width'] > 0)
497 $encsize .= ' width="' . intval($entry['width']) . '"';
498 $rv .= "<p><img
499 alt=\"".htmlspecialchars($entry["filename"])."\"
500 src=\"" .htmlspecialchars($entry["url"]) . "\"
501 " . $encsize . " /></p>";
502 } else {
503 $rv .= "<p><a target=\"_blank\" rel=\"noopener noreferrer\"
504 href=\"".htmlspecialchars($entry["url"])."\"
505 >" .htmlspecialchars($entry["url"]) . "</a></p>";
506 }
507
508 if ($entry['title']) {
509 $rv.= "<div class=\"enclosure_title\">${entry['title']}</div>";
510 }
511 }
512 }
513 }
514 }
515 }
516
517 if (count($entries_inline) > 0) {
518 $rv .= "<hr clear='both'/>";
519 foreach ($entries_inline as $entry) { $rv .= $entry; };
520 $rv .= "<hr clear='both'/>";
521 }
522
523 $rv .= "<div class=\"attachments\" dojoType=\"dijit.form.DropDownButton\">".
524 "<span>" . __('Attachments')."</span>";
525
526 $rv .= "<div dojoType=\"dijit.Menu\" style=\"display: none;\">";
527
528 foreach ($entries as $entry) {
529 if ($entry["title"])
530 $title = " &mdash; " . truncate_string($entry["title"], 30);
531 else
532 $title = "";
533
534 if ($entry["filename"])
535 $filename = truncate_middle(htmlspecialchars($entry["filename"]), 60);
536 else
537 $filename = "";
538
539 $rv .= "<div onclick='openUrlPopup(\"".htmlspecialchars($entry["url"])."\")'
540 dojoType=\"dijit.MenuItem\">".$filename . $title."</div>";
541
542 };
543
544 $rv .= "</div>";
545 $rv .= "</div>";
546 }
547
548 return $rv;
549 }
550
551 static function format_article($id, $mark_as_read = true, $zoom_mode = false, $owner_uid = false) {
552 if (!$owner_uid) $owner_uid = $_SESSION["uid"];
553
554 $rv = array();
555
556 $rv['id'] = $id;
557
558 /* we can figure out feed_id from article id anyway, why do we
559 * pass feed_id here? let's ignore the argument :(*/
560
d0e73ed8
AD		 561 $pdo = Db::pdo();
562
563 $sth = $pdo->prepare("SELECT feed_id FROM ttrss_user_entries
564 WHERE ref_id = ?");
565 $sth->execute([$id]);
566 $row = $sth->fetch();
7e5f8d9f 567
d0e73ed8 568 $feed_id = (int) $row["feed_id"];
7e5f8d9f
AD		 569
570 $rv['feed_id'] = $feed_id;
571
572 //if (!$zoom_mode) { print "<article id='$id'><![CDATA["; };
573
574 if ($mark_as_read) {
d0e73ed8 575 $sth = $pdo->prepare("UPDATE ttrss_user_entries
7e5f8d9f 576 SET unread = false,last_read = NOW()
d0e73ed8
AD		 577 WHERE ref_id = ? AND owner_uid = ?");
578 $sth->execute([$id, $owner_uid]);
7e5f8d9f 579
2ed0d6c4 580 CCache::update($feed_id, $owner_uid);
7e5f8d9f
AD		 581 }
582
d0e73ed8 583 $sth = $pdo->prepare("SELECT id,title,link,content,feed_id,comments,int_id,lang,
7e5f8d9f
AD		 584 ".SUBSTRING_FOR_DATE."(updated,1,16) as updated,
585 (SELECT site_url FROM ttrss_feeds WHERE id = feed_id) as site_url,
586 (SELECT title FROM ttrss_feeds WHERE id = feed_id) as feed_title,
587 (SELECT hide_images FROM ttrss_feeds WHERE id = feed_id) as hide_images,
588 (SELECT always_display_enclosures FROM ttrss_feeds WHERE id = feed_id) as always_display_enclosures,
589 num_comments,
590 tag_cache,
591 author,
592 guid,
593 orig_feed_id,
594 note
595 FROM ttrss_entries,ttrss_user_entries
d0e73ed8
AD		 596 WHERE id = ? AND ref_id = id AND owner_uid = ?");
597 $sth->execute([$id, $owner_uid]);
7e5f8d9f 598
d0e73ed8 599 if ($line = $sth->fetch()) {
7e5f8d9f
AD		 600
601 $line["tags"] = Article::get_article_tags($id, $owner_uid, $line["tag_cache"]);
602 unset($line["tag_cache"]);
603
604 $line["content"] = sanitize($line["content"],
187abfe7 605 $line['hide_images'],
7e5f8d9f
AD		 606 $owner_uid, $line["site_url"], false, $line["id"]);
607
608 foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_RENDER_ARTICLE) as $p) {
609 $line = $p->hook_render_article($line);
610 }
611
2aef804f
AD		 612 $line['content'] = rewrite_cached_urls($line['content']);
613
7e5f8d9f
AD		 614 $num_comments = (int) $line["num_comments"];
615 $entry_comments = "";
616
617 if ($num_comments > 0) {
618 if ($line["comments"]) {
619 $comments_url = htmlspecialchars($line["comments"]);
620 } else {
621 $comments_url = htmlspecialchars($line["link"]);
622 }
623 $entry_comments = "<a class=\"postComments\"
624 target='_blank' rel=\"noopener noreferrer\" href=\"$comments_url\">$num_comments ".
625 _ngettext("comment", "comments", $num_comments)."</a>";
626
627 } else {
628 if ($line["comments"] && $line["link"] != $line["comments"]) {
629 $entry_comments = "<a class=\"postComments\" target='_blank' rel=\"noopener noreferrer\" href=\"".htmlspecialchars($line["comments"])."\">".__("comments")."</a>";
630 }
631 }
632
f5302247
AD		 633 $enclosures = self::get_article_enclosures($line["id"]);
634
7e5f8d9f
AD		 635 if ($zoom_mode) {
636 header("Content-Type: text/html");
f5302247
AD		 637 $rv['content'] .= "<!DOCTYPE html>
638 <html><head>
7e5f8d9f 639 <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/>
8f0a59f3 640 <title>".$line["title"]."</title>".
5e68e246 641 stylesheet_tag("css/default.css")."
7e5f8d9f 642 <link rel=\"shortcut icon\" type=\"image/png\" href=\"images/favicon.png\">
f5302247 643 <link rel=\"icon\" type=\"image/png\" sizes=\"72x72\" href=\"images/favicon-72px.png\">";
3a029230 644
f5302247
AD		 645 $rv['content'] .= "<meta property=\"og:title\" content=\"".htmlspecialchars($line["title"])."\"/>\n";
646 $rv['content'] .= "<meta property=\"og:site_name\" content=\"".htmlspecialchars($line["feed_title"])."\"/>\n";
647 $rv['content'] .= "<meta property=\"og:description\" content=\"".
648 htmlspecialchars(truncate_string(strip_tags($line["content"]), 500, "..."))."\"/>\n";
649
650 $rv['content'] .= "</head>";
651
652 $og_image = false;
653
654 foreach ($enclosures as $enc) {
655 if (strpos($enc["content_type"], "image/") !== FALSE) {
656 $og_image = $enc["content_url"];
657 break;
658 }
659 }
660
661 if (!$og_image) {
662 $tmpdoc = new DOMDocument();
663
664 if (@$tmpdoc->loadHTML(mb_substr($line["content"], 0, 131070))) {
665 $tmpxpath = new DOMXPath($tmpdoc);
666 $first_img = $tmpxpath->query("//img")->item(0);
667
668 if ($first_img) {
669 $og_image = $first_img->getAttribute("src");
670 }
671 }
672 }
673
674 if ($og_image) {
675 $rv['content'] .= "<meta property=\"og:image\" content=\"" . htmlspecialchars($og_image) . "\"/>";
676 }
7e5f8d9f 677
f5302247 678 $rv['content'] .= "<body class=\"claro ttrss_utility ttrss_zoom\">";
7e5f8d9f
AD		 679 }
680
681 $rv['content'] .= "<div class=\"postReply\" id=\"POST-$id\">";
682
683 $rv['content'] .= "<div class=\"postHeader\" id=\"POSTHDR-$id\">";
684
685 $entry_author = $line["author"];
686
687 if ($entry_author) {
688 $entry_author = __(" - ") . $entry_author;
689 }
690
691 $parsed_updated = make_local_datetime($line["updated"], true,
692 $owner_uid, true);
693
694 if (!$zoom_mode)
695 $rv['content'] .= "<div class=\"postDate\">$parsed_updated</div>";
696
697 if ($line["link"]) {
698 $rv['content'] .= "<div class='postTitle'><a target='_blank' rel='noopener noreferrer'
699 title=\"".htmlspecialchars($line['title'])."\"
700 href=\"" .
701 htmlspecialchars($line["link"]) . "\">" .
702 $line["title"] . "</a>" .
703 "<span class='author'>$entry_author</span></div>";
704 } else {
705 $rv['content'] .= "<div class='postTitle'>" . $line["title"] . "$entry_author</div>";
706 }
707
708 if ($zoom_mode) {
709 $feed_title = htmlspecialchars($line["feed_title"]);
710
711 $rv['content'] .= "<div class=\"postFeedTitle\">$feed_title</div>";
712
713 $rv['content'] .= "<div class=\"postDate\">$parsed_updated</div>";
714 }
715
716 $tags_str = Article::format_tags_string($line["tags"], $id);
717 $tags_str_full = join(", ", $line["tags"]);
718
719 if (!$tags_str_full) $tags_str_full = __("no tags");
720
721 if (!$entry_comments) $entry_comments = "&nbsp;"; # placeholder
722
723 $rv['content'] .= "<div class='postTags' style='float : right'>
724 <img src='images/tag.png'
725 class='tagsPic' alt='Tags' title='Tags'>&nbsp;";
726
727 if (!$zoom_mode) {
728 $rv['content'] .= "<span id=\"ATSTR-$id\">$tags_str</span>
729 <a title=\"".__('Edit tags for this article')."\"
730 href=\"#\" onclick=\"editArticleTags($id, $feed_id)\">(+)</a>";
731
732 $rv['content'] .= "<div dojoType=\"dijit.Tooltip\"
733 id=\"ATSTRTIP-$id\" connectId=\"ATSTR-$id\"
734 position=\"below\">$tags_str_full</div>";
735
736 foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_ARTICLE_BUTTON) as $p) {
737 $rv['content'] .= $p->hook_article_button($line);
738 }
739
740 } else {
741 $tags_str = strip_tags($tags_str);
742 $rv['content'] .= "<span id=\"ATSTR-$id\">$tags_str</span>";
743 }
744 $rv['content'] .= "</div>";
745 $rv['content'] .= "<div clear='both'>";
746
747 foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_ARTICLE_LEFT_BUTTON) as $p) {
748 $rv['content'] .= $p->hook_article_left_button($line);
749 }
750
751 $rv['content'] .= "$entry_comments</div>";
752
753 if ($line["orig_feed_id"]) {
754
d0e73ed8
AD		 755 $of_sth = $pdo->prepare("SELECT * FROM ttrss_archived_feeds
756 WHERE id = ? AND owner_uid = ?");
757 $of_sth->execute([$line["orig_feed_id"], $owner_uid]);
7e5f8d9f 758
d0e73ed8 759 if ($tmp_line = $of_sth->fetch()) {
7e5f8d9f
AD		 760
761 $rv['content'] .= "<div clear='both'>";
762 $rv['content'] .= __("Originally from:");
763
764 $rv['content'] .= "&nbsp;";
765
7e5f8d9f
AD		 766 $rv['content'] .= "<a target='_blank' rel='noopener noreferrer'
767 href=' " . htmlspecialchars($tmp_line['site_url']) . "'>" .
768 $tmp_line['title'] . "</a>";
769
770 $rv['content'] .= "&nbsp;";
771
772 $rv['content'] .= "<a target='_blank' rel='noopener noreferrer' href='" . htmlspecialchars($tmp_line['feed_url']) . "'>";
773 $rv['content'] .= "<img title='".__('Feed URL')."' class='tinyFeedIcon' src='images/pub_set.png'></a>";
774
775 $rv['content'] .= "</div>";
776 }
777 }
778
779 $rv['content'] .= "</div>";
780
781 $rv['content'] .= "<div id=\"POSTNOTE-$id\">";
782 if ($line['note']) {
783 $rv['content'] .= Article::format_article_note($id, $line['note'], !$zoom_mode);
784 }
785 $rv['content'] .= "</div>";
786
787 if (!$line['lang']) $line['lang'] = 'en';
788
789 $rv['content'] .= "<div class=\"postContent\" lang=\"".$line['lang']."\">";
790
791 $rv['content'] .= $line["content"];
792
793 if (!$zoom_mode) {
794 $rv['content'] .= Article::format_article_enclosures($id,
187abfe7 795 $line["always_display_enclosures"],
7e5f8d9f 796 $line["content"],
187abfe7 797 $line["hide_images"]);
7e5f8d9f
AD		 798 }
799
800 $rv['content'] .= "</div>";
801
802 $rv['content'] .= "</div>";
803
804 }
805
806 if ($zoom_mode) {
807 $rv['content'] .= "
808 <div class='footer'>
809 <button onclick=\"return window.close()\">".
810 __("Close this window")."</button></div>";
811 $rv['content'] .= "</body></html>";
812 }
813
e50a6479
AD		 814 foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_FORMAT_ARTICLE) as $p) {
815 $rv['content'] = $p->hook_format_article($rv['content'], $line, $zoom_mode);
816 }
817
7e5f8d9f
AD		 818 return $rv;
819
820 }
821
822 static function get_article_tags($id, $owner_uid = 0, $tag_cache = false) {
823
2c57df75 824 $a_id = $id;
7e5f8d9f
AD		 825
826 if (!$owner_uid) $owner_uid = $_SESSION["uid"];
827
d0e73ed8
AD		 828 $pdo = Db::pdo();
829
830 $sth = $pdo->prepare("SELECT DISTINCT tag_name,
3a029230 831 owner_uid as owner FROM ttrss_tags
d0e73ed8
AD		 832 WHERE post_int_id = (SELECT int_id FROM ttrss_user_entries WHERE
833 ref_id = ? AND owner_uid = ? LIMIT 1) ORDER BY tag_name");
7e5f8d9f
AD		 834
835 $tags = array();
836
837 /* check cache first */
838
839 if ($tag_cache === false) {
d0e73ed8
AD		 840 $csth = $pdo->prepare("SELECT tag_cache FROM ttrss_user_entries
841 WHERE ref_id = ? AND owner_uid = ?");
842 $csth->execute([$id, $owner_uid]);
7e5f8d9f 843
d0e73ed8 844 if ($row = $csth->fetch()) $tag_cache = $row["tag_cache"];
7e5f8d9f
AD		 845 }
846
847 if ($tag_cache) {
848 $tags = explode(",", $tag_cache);
849 } else {
850
851 /* do it the hard way */
852
d0e73ed8 853 $sth->execute([$a_id, $owner_uid]);
7e5f8d9f 854
d0e73ed8 855 while ($tmp_line = $sth->fetch()) {
7e5f8d9f
AD		 856 array_push($tags, $tmp_line["tag_name"]);
857 }
858
859 /* update the cache */
860
2c57df75 861 $tags_str = join(",", $tags);
7e5f8d9f 862
d0e73ed8
AD		 863 $sth = $pdo->prepare("UPDATE ttrss_user_entries
864 SET tag_cache = ? WHERE ref_id = ?
865 AND owner_uid = ?");
866 $sth->execute([$tags_str, $id, $owner_uid]);
7e5f8d9f
AD		 867 }
868
869 return $tags;
870 }
871
872 static function format_tags_string($tags) {
873 if (!is_array($tags) || count($tags) == 0) {
874 return __("no tags");
875 } else {
876 $maxtags = min(5, count($tags));
877 $tags_str = "";
878
879 for ($i = 0; $i < $maxtags; $i++) {
880 $tags_str .= "<a class=\"tag\" href=\"#\" onclick=\"viewfeed({feed:'".$tags[$i]."'})\">" . $tags[$i] . "</a>, ";
881 }
882
883 $tags_str = mb_substr($tags_str, 0, mb_strlen($tags_str)-2);
884
885 if (count($tags) > $maxtags)
886 $tags_str .= ", &hellip;";
887
888 return $tags_str;
889 }
890 }
891
892 static function format_article_labels($labels) {
893
894 if (!is_array($labels)) return '';
895
896 $labels_str = "";
897
898 foreach ($labels as $l) {
899 $labels_str .= sprintf("<span class='hlLabelRef'
900 style='color : %s; background-color : %s'>%s</span>",
901 $l[2], $l[3], $l[1]);
902 }
903
904 return $labels_str;
905
906 }
907
908 static function format_article_note($id, $note, $allow_edit = true) {
909
910 $str = "<div class='articleNote' onclick=\"editArticleNote($id)\">
911 <div class='noteEdit' onclick=\"editArticleNote($id)\">".
912 ($allow_edit ? __('(edit note)') : "")."</div>$note</div>";
913
914 return $str;
915 }
916
917 static function get_article_enclosures($id) {
918
d0e73ed8 919 $pdo = Db::pdo();
7e5f8d9f 920
d0e73ed8
AD		 921 $sth = $pdo->prepare("SELECT * FROM ttrss_enclosures
922 WHERE post_id = ? AND content_url != ''");
923 $sth->execute([$id]);
7e5f8d9f 924
d0e73ed8 925 $rv = array();
7e5f8d9f 926
d0e73ed8 927 while ($line = $sth->fetch()) {
7e5f8d9f 928
d0e73ed8
AD		 929 if (file_exists(CACHE_DIR . '/images/' . sha1($line["content_url"]))) {
930 $line["content_url"] = get_self_url_prefix() . '/public.php?op=cached_url&hash=' . sha1($line["content_url"]);
7e5f8d9f 931 }
d0e73ed8
AD		 932
933 array_push($rv, $line);
7e5f8d9f
AD		 934 }
935
936 return $rv;
937 }
c83554bd 938
a230bf88
AD		 939 static function purge_orphans($do_output = false) {
940
941 // purge orphaned posts in main content table
d0e73ed8 942
8e1450aa
AD		 943 if (DB_TYPE == "mysql")
944 $limit_qpart = "LIMIT 5000";
945 else
946 $limit_qpart = "";
947
d0e73ed8
AD		 948 $pdo = Db::pdo();
949 $res = $pdo->query("DELETE FROM ttrss_entries WHERE
8e1450aa 950 NOT EXISTS (SELECT ref_id FROM ttrss_user_entries WHERE ref_id = id) $limit_qpart");
a230bf88
AD		 951
952 if ($do_output) {
d0e73ed8 953 $rows = $res->rowCount();
a230bf88
AD		 954 _debug("Purged $rows orphaned posts.");
955 }
956 }
957
aeb1abed
AD		 958 static function catchupArticlesById($ids, $cmode, $owner_uid = false) {
959
960 if (!$owner_uid) $owner_uid = $_SESSION["uid"];
aeb1abed 961
d0e73ed8 962 $pdo = Db::pdo();
aeb1abed 963
d0e73ed8 964 $ids_qmarks = arr_qmarks($ids);
aeb1abed
AD		 965
966 if ($cmode == 0) {
d0e73ed8 967 $sth = $pdo->prepare("UPDATE ttrss_user_entries SET
aeb1abed 968 unread = false,last_read = NOW()
d0e73ed8 969 WHERE ref_id IN ($ids_qmarks) AND owner_uid = ?");
aeb1abed 970 } else if ($cmode == 1) {
d0e73ed8 971 $sth = $pdo->prepare("UPDATE ttrss_user_entries SET
aeb1abed 972 unread = true
d0e73ed8 973 WHERE ref_id IN ($ids_qmarks) AND owner_uid = ?");
aeb1abed 974 } else {
d0e73ed8
AD		 975 $sth = $pdo->prepare("UPDATE ttrss_user_entries SET
976 unread = NOT unread,last_read = NOW()
977 WHERE ref_id IN ($ids_qmarks) AND owner_uid = ?");
aeb1abed
AD		 978 }
979
d0e73ed8
AD		 980 $sth->execute(array_merge($ids, [$owner_uid]));
981
aeb1abed
AD		 982 /* update ccache */
983
d0e73ed8
AD		 984 $sth = $pdo->prepare("SELECT DISTINCT feed_id FROM ttrss_user_entries
985 WHERE ref_id IN ($ids_qmarks) AND owner_uid = ?");
986 $sth->execute(array_merge($ids, [$owner_uid]));
aeb1abed 987
d0e73ed8 988 while ($line = $sth->fetch()) {
2ed0d6c4 989 CCache::update($line["feed_id"], $owner_uid);
aeb1abed
AD		 990 }
991 }
992
993 static function getLastArticleId() {
d0e73ed8
AD		 994 $pdo = DB::pdo();
995
996 $sth = $pdo->prepare("SELECT ref_id AS id FROM ttrss_user_entries
997 WHERE owner_uid = ? ORDER BY ref_id DESC LIMIT 1");
998 $sth->execute([$_SESSION['uid']]);
aeb1abed 999
d0e73ed8
AD		 1000 if ($row = $sth->fetch()) {
1001 return $row['id'];
aeb1abed
AD		 1002 } else {
1003 return -1;
1004 }
1005 }
a230bf88 1006
4a0da0e5
AD		 1007 static function get_article_labels($id, $owner_uid = false) {
1008 $rv = array();
1009
1010 if (!$owner_uid) $owner_uid = $_SESSION["uid"];
1011
d0e73ed8
AD		 1012 $pdo = Db::pdo();
1013
1014 $sth = $pdo->prepare("SELECT label_cache FROM
1015 ttrss_user_entries WHERE ref_id = ? AND owner_uid = ?");
1016 $sth->execute([$id, $owner_uid]);
4a0da0e5 1017
d0e73ed8
AD		 1018 if ($row = $sth->fetch()) {
1019 $label_cache = $row["label_cache"];
4a0da0e5
AD		 1020
1021 if ($label_cache) {
e4befe6b 1022 $tmp = json_decode($label_cache, true);
4a0da0e5 1023
e4befe6b 1024 if (!$tmp || $tmp["no-labels"] == 1)
4a0da0e5
AD		 1025 return $rv;
1026 else
e4befe6b 1027 return $tmp;
4a0da0e5
AD		 1028 }
1029 }
1030
d0e73ed8 1031 $sth = $pdo->prepare("SELECT DISTINCT label_id,caption,fg_color,bg_color
4a0da0e5
AD		 1032 FROM ttrss_labels2, ttrss_user_labels2
1033 WHERE id = label_id
d0e73ed8
AD		 1034 AND article_id = ?
1035 AND owner_uid = ?
4a0da0e5 1036 ORDER BY caption");
d0e73ed8 1037 $sth->execute([$id, $owner_uid]);
4a0da0e5 1038
d0e73ed8 1039 while ($line = $sth->fetch()) {
7c9b5a3f 1040 $rk = array(Labels::label_to_feed_id($line["label_id"]),
4a0da0e5
AD		 1041 $line["caption"], $line["fg_color"],
1042 $line["bg_color"]);
1043 array_push($rv, $rk);
1044 }
1045
1046 if (count($rv) > 0)
7c9b5a3f 1047 Labels::update_cache($owner_uid, $id, $rv);
4a0da0e5 1048 else
7c9b5a3f 1049 Labels::update_cache($owner_uid, $id, array("no-labels" => 1));
4a0da0e5
AD		 1050
1051 return $rv;
1052 }
1053
6afcbcd1 1054}
web-based news feed (RSS/Atom) reader and aggregator; see https://tt-rss.org/