[tt-rss.git] / classes / handler / public.php

<?php
class Handler_Public extends Handler {

	private function generate_syndicated_feed($owner_uid, $feed, $is_cat,
		$limit, $search, $search_mode, $match_on, $view_mode = false) {

		require_once "lib/MiniTemplator.class.php";

		$note_style = 	"background-color : #fff7d5;
			border-width : 1px; ".
			"padding : 5px; border-style : dashed; border-color : #e7d796;".
			"margin-bottom : 1em; color : #9a8c59;";

		if (!$limit) $limit = 30;

		if (get_pref($this->link, "SORT_HEADLINES_BY_FEED_DATE", $owner_uid)) {
			$date_sort_field = "updated";
		} else {
			$date_sort_field = "date_entered";
		}

		$qfh_ret = queryFeedHeadlines($this->link, $feed,
			$limit, $view_mode, $is_cat, $search, $search_mode,
			$match_on, "$date_sort_field DESC", 0, $owner_uid);

		$result = $qfh_ret[0];
		$feed_title = htmlspecialchars($qfh_ret[1]);
		$feed_site_url = $qfh_ret[2];
		$last_error = $qfh_ret[3];

		$feed_self_url = get_self_url_prefix() .
			"/public.php?op=rss&id=-2&key=" .
			get_feed_access_key($this->link, -2, false, $owner_uid);

		if (!$feed_site_url) $feed_site_url = get_self_url_prefix();

		$tpl = new MiniTemplator;

		$tpl->readTemplateFromFile("templates/generated_feed.txt");

		$tpl->setVariable('FEED_TITLE', $feed_title, true);
		$tpl->setVariable('VERSION', VERSION, true);
		$tpl->setVariable('FEED_URL', htmlspecialchars($feed_self_url), true);

		if (PUBSUBHUBBUB_HUB && $feed == -2) {
			$tpl->setVariable('HUB_URL', htmlspecialchars(PUBSUBHUBBUB_HUB), true);
			$tpl->addBlock('feed_hub');
		}

		$tpl->setVariable('SELF_URL', htmlspecialchars(get_self_url_prefix()), true);

 		while ($line = db_fetch_assoc($result)) {
			$tpl->setVariable('ARTICLE_ID', htmlspecialchars($line['link']), true);
			$tpl->setVariable('ARTICLE_LINK', htmlspecialchars($line['link']), true);
			$tpl->setVariable('ARTICLE_TITLE', htmlspecialchars($line['title']), true);
			$tpl->setVariable('ARTICLE_EXCERPT',
				truncate_string(strip_tags($line["content_preview"]), 100, '...'), true);

			$content = sanitize($this->link, $line["content_preview"], false, $owner_uid);

			if ($line['note']) {
				$content = "<div style=\"$note_style\">Article note: " . $line['note'] . "</div>" .
					$content;
			}

			$tpl->setVariable('ARTICLE_CONTENT', $content, true);

			$tpl->setVariable('ARTICLE_UPDATED_ATOM',
				date('c', strtotime($line["updated"])), true);
			$tpl->setVariable('ARTICLE_UPDATED_RFC822',
				date(DATE_RFC822, strtotime($line["updated"])), true);

			$tpl->setVariable('ARTICLE_AUTHOR', htmlspecialchars($line['author']), true);

			$tags = get_article_tags($this->link, $line["id"], $owner_uid);

			foreach ($tags as $tag) {
				$tpl->setVariable('ARTICLE_CATEGORY', htmlspecialchars($tag), true);
				$tpl->addBlock('category');
			}

			$enclosures = get_article_enclosures($this->link, $line["id"]);

			foreach ($enclosures as $e) {
				$type = htmlspecialchars($e['content_type']);
				$url = htmlspecialchars($e['content_url']);
				$length = $e['duration'];

				$tpl->setVariable('ARTICLE_ENCLOSURE_URL', $url, true);
				$tpl->setVariable('ARTICLE_ENCLOSURE_TYPE', $type, true);
				$tpl->setVariable('ARTICLE_ENCLOSURE_LENGTH', $length, true);

				$tpl->addBlock('enclosure');
			}

			$tpl->addBlock('entry');
		}

		$tmp = "";

		$tpl->addBlock('feed');
		$tpl->generateOutputToString($tmp);

		print $tmp;
	}

	function getUnread() {
		$login = db_escape_string($_REQUEST["login"]);
		$fresh = $_REQUEST["fresh"] == "1";

		$result = db_query($this->link, "SELECT id FROM ttrss_users WHERE login = '$login'");

		if (db_num_rows($result) == 1) {
			$uid = db_fetch_result($result, 0, "id");

			print getGlobalUnread($this->link, $uid);

			if ($fresh) {
				print ";";
				print getFeedArticles($this->link, -3, false, true, $uid);
			}

		} else {
			print "-1;User not found";
		}

	}

	function getProfiles() {
		$login = db_escape_string($_REQUEST["login"]);
		$password = db_escape_string($_REQUEST["password"]);

		if (authenticate_user($this->link, $login, $password)) {
			$result = db_query($this->link, "SELECT * FROM ttrss_settings_profiles
				WHERE owner_uid = " . $_SESSION["uid"] . " ORDER BY title");

			print "<select style='width: 100%' name='profile'>";

			print "<option value='0'>" . __("Default profile") . "</option>";

			while ($line = db_fetch_assoc($result)) {
				$id = $line["id"];
				$title = $line["title"];

				print "<option value='$id'>$title</option>";
			}

			print "</select>";

			$_SESSION = array();
		}
	}

	function pubsub() {
		$mode = db_escape_string($_REQUEST['hub_mode']);
		$feed_id = (int) db_escape_string($_REQUEST['id']);
		$feed_url = db_escape_string($_REQUEST['hub_topic']);

		if (!PUBSUBHUBBUB_ENABLED) {
			header('HTTP/1.0 404 Not Found');
			echo "404 Not found";
			return;
		}

		// TODO: implement hub_verifytoken checking

		$result = db_query($this->link, "SELECT feed_url FROM ttrss_feeds
			WHERE id = '$feed_id'");

		if (db_num_rows($result) != 0) {

			$check_feed_url = db_fetch_result($result, 0, "feed_url");

			if ($check_feed_url && ($check_feed_url == $feed_url || !$feed_url)) {
				if ($mode == "subscribe") {

					db_query($this->link, "UPDATE ttrss_feeds SET pubsub_state = 2
						WHERE id = '$feed_id'");

					print $_REQUEST['hub_challenge'];
					return;

				} else if ($mode == "unsubscribe") {

					db_query($this->link, "UPDATE ttrss_feeds SET pubsub_state = 0
						WHERE id = '$feed_id'");

					print $_REQUEST['hub_challenge'];
					return;

				} else if (!$mode) {

					// Received update ping, schedule feed update.
					//update_rss_feed($this->link, $feed_id, true, true);

					db_query($this->link, "UPDATE ttrss_feeds SET
						last_update_started = '1970-01-01',
						last_updated = '1970-01-01' WHERE id = '$feed_id'");

				}
			} else {
				header('HTTP/1.0 404 Not Found');
				echo "404 Not found";
			}
		} else {
			header('HTTP/1.0 404 Not Found');
			echo "404 Not found";
		}

	}

	function logout() {
		logout_user();
		header("Location: index.php");
	}

	function fbexport() {

		$access_key = db_escape_string($_POST["key"]);

		// TODO: rate limit checking using last_connected
		$result = db_query($this->link, "SELECT id FROM ttrss_linked_instances
			WHERE access_key = '$access_key'");

		if (db_num_rows($result) == 1) {

			$instance_id = db_fetch_result($result, 0, "id");

			$result = db_query($this->link, "SELECT feed_url, site_url, title, subscribers
				FROM ttrss_feedbrowser_cache ORDER BY subscribers DESC LIMIT 100");

			$feeds = array();

			while ($line = db_fetch_assoc($result)) {
				array_push($feeds, $line);
			}

			db_query($this->link, "UPDATE ttrss_linked_instances SET
				last_status_in = 1 WHERE id = '$instance_id'");

			print json_encode(array("feeds" => $feeds));
		} else {
			print json_encode(array("error" => array("code" => 6)));
		}
	}

	function share() {
		$uuid = db_escape_string($_REQUEST["key"]);

		$result = db_query($this->link, "SELECT ref_id, owner_uid FROM ttrss_user_entries WHERE
			uuid = '$uuid'");

		if (db_num_rows($result) != 0) {
			header("Content-Type: text/html");

			$id = db_fetch_result($result, 0, "ref_id");
			$owner_uid = db_fetch_result($result, 0, "owner_uid");

			$article = format_article($this->link, $id, false, true, $owner_uid);

			print_r($article['content']);

		} else {
			print "Article not found.";
		}

	}

	function rss() {
		header("Content-Type: text/xml; charset=utf-8");

		$feed = db_escape_string($_REQUEST["id"]);
		$key = db_escape_string($_REQUEST["key"]);
		$is_cat = $_REQUEST["is_cat"] != false;
		$limit = (int)db_escape_string($_REQUEST["limit"]);

		$search = db_escape_string($_REQUEST["q"]);
		$match_on = db_escape_string($_REQUEST["m"]);
		$search_mode = db_escape_string($_REQUEST["smode"]);
		$view_mode = db_escape_string($_REQUEST["view-mode"]);

		if (SINGLE_USER_MODE) {
			authenticate_user($this->link, "admin", null);
		}

		$owner_id = false;

		if ($key) {
			$result = db_query($this->link, "SELECT owner_uid FROM
				ttrss_access_keys WHERE access_key = '$key' AND feed_id = '$feed'");

			if (db_num_rows($result) == 1)
				$owner_id = db_fetch_result($result, 0, "owner_uid");
		}

		if ($owner_id) {
			$this->generate_syndicated_feed($owner_id, $feed, $is_cat, $limit,
				$search, $search_mode, $match_on, $view_mode);
		} else {
			header('HTTP/1.1 403 Forbidden');
		}
	}

	function globalUpdateFeeds() {
		include "rssfuncs.php";
		// Update all feeds needing a update.
		update_daemon_common($this->link, 0, true, false);
	}

	function sharepopup() {
		header('Content-Type: text/html; charset=utf-8');
		print "<html>
				<head>
					<title>Tiny Tiny RSS</title>
					<link rel=\"stylesheet\" type=\"text/css\" href=\"utility.css\">
					<script type=\"text/javascript\" src=\"lib/prototype.js\"></script>
					<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/>
				</head>
				<body id='sharepopup'>";

		$action = $_REQUEST["action"];

		if ($_SESSION["uid"]) {

			if (!$action) {

				print "<table height='100%' width='100%'><tr><td colspan='2'>";
				print "<h1>".__("Share with Tiny Tiny RSS")."</h1>";
				print "</td></tr>";

				print "<form id='share_form' name='share_form'>";

				print "<input type=\"hidden\" name=\"op\" value=\"sharepopup\">";
				print "<input type=\"hidden\" name=\"action\" value=\"share\">";

				$title = htmlspecialchars($_REQUEST["title"]);
				$url = htmlspecialchars($_REQUEST["url"]);

				print "<tr><td>".__("Title:")."</td><td width='80%'><input name='title' value=\"$title\"></td></tr>";
				print "<tr><td>".__("URL:")."</td><td><input name='url' value=\"$url\"></td></tr>";
				print "<tr><td>".__("Content:")."</td><td><input name='content' value=\"\"></td></tr>";

				print "<script type='text/javascript'>";
				print "document.forms[0].title.focus();";
				print "</script>";

				print "<tr><td colspan='2'>
					<div style='float : right' class='insensitive-small'>".
					__("Shared article will appear in the Published feed.").
					"</div><button type=\"submit\">".
						__('Share')."</button>
					<button onclick=\"return window.close()\">".
						__('Cancel')."</button>
					</div>";

				print "</form>";
				print "</td></tr></table>";

				print "</body></html>";

			} else {

				$title = db_escape_string(strip_tags($_REQUEST["title"]));
				$url = db_escape_string(strip_tags($_REQUEST["url"]));
				$content = db_escape_string(strip_tags($_REQUEST["content"]));

				create_published_article($this->link, $title, $url, $content, $_SESSION["uid"]);

				print "<script type='text/javascript'>";
				print "window.close();";
				print "</script>";
			}

		} else {

			print "<table><tr><td>" . __("Not logged in.") . "</td></tr></table>";

		}
	}

}
?>
Commit	Line	Data
5f0a3741	1	<?php
369dbc19	2	class Handler_Public extends Handler {
5f0a3741	3
79178062 AD	4	private function generate_syndicated_feed($owner_uid, $feed, $is_cat,
	5	$limit, $search, $search_mode, $match_on, $view_mode = false) {
	6
	7	require_once "lib/MiniTemplator.class.php";
	8
	9	$note_style = "background-color : #fff7d5;
	10	border-width : 1px; ".
	11	"padding : 5px; border-style : dashed; border-color : #e7d796;".
	12	"margin-bottom : 1em; color : #9a8c59;";
	13
	14	if (!$limit) $limit = 30;
	15
	16	if (get_pref($this->link, "SORT_HEADLINES_BY_FEED_DATE", $owner_uid)) {
	17	$date_sort_field = "updated";
	18	} else {
	19	$date_sort_field = "date_entered";
	20	}
	21
	22	$qfh_ret = queryFeedHeadlines($this->link, $feed,
	23	$limit, $view_mode, $is_cat, $search, $search_mode,
	24	$match_on, "$date_sort_field DESC", 0, $owner_uid);
	25
	26	$result = $qfh_ret[0];
	27	$feed_title = htmlspecialchars($qfh_ret[1]);
	28	$feed_site_url = $qfh_ret[2];
	29	$last_error = $qfh_ret[3];
	30
	31	$feed_self_url = get_self_url_prefix() .
	32	"/public.php?op=rss&id=-2&key=" .
2fb947eb	33	get_feed_access_key($this->link, -2, false, $owner_uid);
79178062 AD	34
	35	if (!$feed_site_url) $feed_site_url = get_self_url_prefix();
	36
	37	$tpl = new MiniTemplator;
	38
	39	$tpl->readTemplateFromFile("templates/generated_feed.txt");
	40
9c97041d AD	41	$tpl->setVariable('FEED_TITLE', $feed_title, true);
	42	$tpl->setVariable('VERSION', VERSION, true);
	43	$tpl->setVariable('FEED_URL', htmlspecialchars($feed_self_url), true);
79178062 AD	44
79178062 AD	45	if (PUBSUBHUBBUB_HUB && $feed == -2) {
9c97041d	46	$tpl->setVariable('HUB_URL', htmlspecialchars(PUBSUBHUBBUB_HUB), true);
79178062 AD	47	$tpl->addBlock('feed_hub');
	48	}
	49
9c97041d	50	$tpl->setVariable('SELF_URL', htmlspecialchars(get_self_url_prefix()), true);
79178062 AD	51
79178062 AD	52	while ($line = db_fetch_assoc($result)) {
9c97041d AD	53	$tpl->setVariable('ARTICLE_ID', htmlspecialchars($line['link']), true);
	54	$tpl->setVariable('ARTICLE_LINK', htmlspecialchars($line['link']), true);
	55	$tpl->setVariable('ARTICLE_TITLE', htmlspecialchars($line['title']), true);
79178062	56	$tpl->setVariable('ARTICLE_EXCERPT',
9c97041d	57	truncate_string(strip_tags($line["content_preview"]), 100, '...'), true);
79178062 AD	58
	59	$content = sanitize($this->link, $line["content_preview"], false, $owner_uid);
	60
	61	if ($line['note']) {
	62	$content = "<div style=\"$note_style\">Article note: " . $line['note'] . "</div>" .
	63	$content;
	64	}
	65
9c97041d	66	$tpl->setVariable('ARTICLE_CONTENT', $content, true);
79178062	67
9c97041d AD	68	$tpl->setVariable('ARTICLE_UPDATED_ATOM',
	69	date('c', strtotime($line["updated"])), true);
	70	$tpl->setVariable('ARTICLE_UPDATED_RFC822',
	71	date(DATE_RFC822, strtotime($line["updated"])), true);
	72
	73	$tpl->setVariable('ARTICLE_AUTHOR', htmlspecialchars($line['author']), true);
79178062 AD	74
	75	$tags = get_article_tags($this->link, $line["id"], $owner_uid);
	76
	77	foreach ($tags as $tag) {
9c97041d	78	$tpl->setVariable('ARTICLE_CATEGORY', htmlspecialchars($tag), true);
79178062 AD	79	$tpl->addBlock('category');
	80	}
	81
	82	$enclosures = get_article_enclosures($this->link, $line["id"]);
	83
	84	foreach ($enclosures as $e) {
	85	$type = htmlspecialchars($e['content_type']);
	86	$url = htmlspecialchars($e['content_url']);
	87	$length = $e['duration'];
	88
9c97041d AD	89	$tpl->setVariable('ARTICLE_ENCLOSURE_URL', $url, true);
	90	$tpl->setVariable('ARTICLE_ENCLOSURE_TYPE', $type, true);
	91	$tpl->setVariable('ARTICLE_ENCLOSURE_LENGTH', $length, true);
79178062 AD	92
	93	$tpl->addBlock('enclosure');
	94	}
	95
	96	$tpl->addBlock('entry');
	97	}
	98
	99	$tmp = "";
	100
	101	$tpl->addBlock('feed');
	102	$tpl->generateOutputToString($tmp);
	103
	104	print $tmp;
	105	}
	106
5f0a3741 AD	107	function getUnread() {
	108	$login = db_escape_string($_REQUEST["login"]);
	109	$fresh = $_REQUEST["fresh"] == "1";
	110
	111	$result = db_query($this->link, "SELECT id FROM ttrss_users WHERE login = '$login'");
	112
	113	if (db_num_rows($result) == 1) {
	114	$uid = db_fetch_result($result, 0, "id");
	115
	116	print getGlobalUnread($this->link, $uid);
	117
	118	if ($fresh) {
	119	print ";";
	120	print getFeedArticles($this->link, -3, false, true, $uid);
	121	}
	122
	123	} else {
	124	print "-1;User not found";
	125	}
	126
	127	}
	128
	129	function getProfiles() {
	130	$login = db_escape_string($_REQUEST["login"]);
	131	$password = db_escape_string($_REQUEST["password"]);
	132
	133	if (authenticate_user($this->link, $login, $password)) {
	134	$result = db_query($this->link, "SELECT * FROM ttrss_settings_profiles
	135	WHERE owner_uid = " . $_SESSION["uid"] . " ORDER BY title");
	136
	137	print "<select style='width: 100%' name='profile'>";
	138
	139	print "<option value='0'>" . __("Default profile") . "</option>";
	140
	141	while ($line = db_fetch_assoc($result)) {
	142	$id = $line["id"];
	143	$title = $line["title"];
	144
	145	print "<option value='$id'>$title</option>";
	146	}
	147
	148	print "</select>";
	149
	150	$_SESSION = array();
	151	}
	152	}
	153
	154	function pubsub() {
	155	$mode = db_escape_string($_REQUEST['hub_mode']);
	156	$feed_id = (int) db_escape_string($_REQUEST['id']);
	157	$feed_url = db_escape_string($_REQUEST['hub_topic']);
	158
	159	if (!PUBSUBHUBBUB_ENABLED) {
	160	header('HTTP/1.0 404 Not Found');
	161	echo "404 Not found";
	162	return;
	163	}
	164
	165	// TODO: implement hub_verifytoken checking
	166
	167	$result = db_query($this->link, "SELECT feed_url FROM ttrss_feeds
	168	WHERE id = '$feed_id'");
	169
	170	if (db_num_rows($result) != 0) {
171
172	$check_feed_url = db_fetch_result($result, 0, "feed_url");
173
174	if ($check_feed_url && ($check_feed_url == $feed_url \|\| !$feed_url)) {
175	if ($mode == "subscribe") {
176
177	db_query($this->link, "UPDATE ttrss_feeds SET pubsub_state = 2
178	WHERE id = '$feed_id'");
179
180	print $_REQUEST['hub_challenge'];
181	return;
182
183	} else if ($mode == "unsubscribe") {
184
185	db_query($this->link, "UPDATE ttrss_feeds SET pubsub_state = 0
186	WHERE id = '$feed_id'");
187
188	print $_REQUEST['hub_challenge'];
189	return;
190
191	} else if (!$mode) {
192
193	// Received update ping, schedule feed update.
194	//update_rss_feed($this->link, $feed_id, true, true);
195
196	db_query($this->link, "UPDATE ttrss_feeds SET
197	last_update_started = '1970-01-01',
198	last_updated = '1970-01-01' WHERE id = '$feed_id'");
199
200	}
201	} else {
202	header('HTTP/1.0 404 Not Found');
203	echo "404 Not found";
204	}
205	} else {
206	header('HTTP/1.0 404 Not Found');
207	echo "404 Not found";
208	}
209
210	}
211
212	function logout() {
213	logout_user();
214	header("Location: index.php");
215	}
216
217	function fbexport() {
218
219	$access_key = db_escape_string($_POST["key"]);
220
221	// TODO: rate limit checking using last_connected
222	$result = db_query($this->link, "SELECT id FROM ttrss_linked_instances
223	WHERE access_key = '$access_key'");
224
225	if (db_num_rows($result) == 1) {
226
227	$instance_id = db_fetch_result($result, 0, "id");
228
229	$result = db_query($this->link, "SELECT feed_url, site_url, title, subscribers
230	FROM ttrss_feedbrowser_cache ORDER BY subscribers DESC LIMIT 100");
231
232	$feeds = array();
233
234	while ($line = db_fetch_assoc($result)) {
235	array_push($feeds, $line);
236	}
237
238	db_query($this->link, "UPDATE ttrss_linked_instances SET
239	last_status_in = 1 WHERE id = '$instance_id'");
240
241	print json_encode(array("feeds" => $feeds));
242	} else {
243	print json_encode(array("error" => array("code" => 6)));
244	}
245	}
246
247	function share() {
248	$uuid = db_escape_string($_REQUEST["key"]);
249
250	$result = db_query($this->link, "SELECT ref_id, owner_uid FROM ttrss_user_entries WHERE
251	uuid = '$uuid'");
252
253	if (db_num_rows($result) != 0) {
254	header("Content-Type: text/html");
255
256	$id = db_fetch_result($result, 0, "ref_id");
257	$owner_uid = db_fetch_result($result, 0, "owner_uid");
258
64436e10	259	$article = format_article($this->link, $id, false, true, $owner_uid);
5f0a3741 AD	260
	261	print_r($article['content']);
	262
	263	} else {
	264	print "Article not found.";
	265	}
	266
	267	}
	268
	269	function rss() {
	270	header("Content-Type: text/xml; charset=utf-8");
	271
	272	$feed = db_escape_string($_REQUEST["id"]);
	273	$key = db_escape_string($_REQUEST["key"]);
	274	$is_cat = $_REQUEST["is_cat"] != false;
	275	$limit = (int)db_escape_string($_REQUEST["limit"]);
	276
	277	$search = db_escape_string($_REQUEST["q"]);
	278	$match_on = db_escape_string($_REQUEST["m"]);
	279	$search_mode = db_escape_string($_REQUEST["smode"]);
	280	$view_mode = db_escape_string($_REQUEST["view-mode"]);
	281
	282	if (SINGLE_USER_MODE) {
	283	authenticate_user($this->link, "admin", null);
	284	}
	285
	286	$owner_id = false;
	287
	288	if ($key) {
	289	$result = db_query($this->link, "SELECT owner_uid FROM
	290	ttrss_access_keys WHERE access_key = '$key' AND feed_id = '$feed'");
	291
	292	if (db_num_rows($result) == 1)
	293	$owner_id = db_fetch_result($result, 0, "owner_uid");
	294	}
	295
	296	if ($owner_id) {
2fb947eb	297	$this->generate_syndicated_feed($owner_id, $feed, $is_cat, $limit,
5f0a3741 AD	298	$search, $search_mode, $match_on, $view_mode);
	299	} else {
	300	header('HTTP/1.1 403 Forbidden');
	301	}
	302	}
	303
07391e36 AD	304	function globalUpdateFeeds() {
07391e36 AD	305	include "rssfuncs.php";
5f0a3741	306	// Update all feeds needing a update.
036cd3a4	307	update_daemon_common($this->link, 0, true, false);
07391e36	308	}
8361e724 AD	309
	310	function sharepopup() {
	311	header('Content-Type: text/html; charset=utf-8');
	312	print "<html>
	313	<head>
	314	<title>Tiny Tiny RSS</title>
	315	<link rel=\"stylesheet\" type=\"text/css\" href=\"utility.css\">
	316	<script type=\"text/javascript\" src=\"lib/prototype.js\"></script>
	317	<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/>
	318	</head>
	319	<body id='sharepopup'>";
	320
	321	$action = $_REQUEST["action"];
	322
	323	if ($_SESSION["uid"]) {
	324
	325	if (!$action) {
	326
	327	print "<table height='100%' width='100%'><tr><td colspan='2'>";
50b8b503	328	print "<h1>".__("Share with Tiny Tiny RSS")."</h1>";
8361e724 AD	329	print "</td></tr>";
	330
	331	print "<form id='share_form' name='share_form'>";
	332
	333	print "<input type=\"hidden\" name=\"op\" value=\"sharepopup\">";
	334	print "<input type=\"hidden\" name=\"action\" value=\"share\">";
	335
	336	$title = htmlspecialchars($_REQUEST["title"]);
	337	$url = htmlspecialchars($_REQUEST["url"]);
	338
	339	print "<tr><td>".__("Title:")."</td><td width='80%'><input name='title' value=\"$title\"></td></tr>";
	340	print "<tr><td>".__("URL:")."</td><td><input name='url' value=\"$url\"></td></tr>";
	341	print "<tr><td>".__("Content:")."</td><td><input name='content' value=\"\"></td></tr>";
	342
	343	print "<script type='text/javascript'>";
	344	print "document.forms[0].title.focus();";
	345	print "</script>";
	346
	347	print "<tr><td colspan='2'>
50b8b503 AD	348	<div style='float : right' class='insensitive-small'>".
	349	__("Shared article will appear in the Published feed.").
	350	"</div><button type=\"submit\">".
	351	__('Share')."</button>
8361e724 AD	352	<button onclick=\"return window.close()\">".
	353	__('Cancel')."</button>
	354	</div>";
	355
	356	print "</form>";
	357	print "</td></tr></table>";
	358
	359	print "</body></html>";
	360
	361	} else {
	362
	363	$title = db_escape_string(strip_tags($_REQUEST["title"]));
	364	$url = db_escape_string(strip_tags($_REQUEST["url"]));
	365	$content = db_escape_string(strip_tags($_REQUEST["content"]));
	366
	367	create_published_article($this->link, $title, $url, $content, $_SESSION["uid"]);
	368
	369	print "<script type='text/javascript'>";
	370	print "window.close();";
	371	print "</script>";
	372	}
	373
	374	} else {
	375
	376	print "<table><tr><td>" . __("Not logged in.") . "</td></tr></table>";
	377
	378	}
	379	}
	380
5f0a3741 AD	381	}
5f0a3741 AD	382	?>