]>
Commit | Line | Data |
---|---|---|
5f0a3741 | 1 | <?php |
369dbc19 | 2 | class Handler_Public extends Handler { |
5f0a3741 | 3 | |
79178062 | 4 | private function generate_syndicated_feed($owner_uid, $feed, $is_cat, |
9090b874 | 5 | $limit, $offset, $search, |
d1e631f3 | 6 | $view_mode = false, $format = 'atom', $order = false, $orig_guid = false, $start_ts = false) { |
79178062 AD |
7 | |
8 | require_once "lib/MiniTemplator.class.php"; | |
9 | ||
10 | $note_style = "background-color : #fff7d5; | |
11 | border-width : 1px; ". | |
12 | "padding : 5px; border-style : dashed; border-color : #e7d796;". | |
13 | "margin-bottom : 1em; color : #9a8c59;"; | |
14 | ||
2faef834 | 15 | if (!$limit) $limit = 60; |
79178062 | 16 | |
8aa01d79 | 17 | $date_sort_field = "date_entered DESC, updated DESC"; |
84c53d0e | 18 | $date_check_field = "date_entered"; |
79178062 | 19 | |
84c53d0e | 20 | if ($feed == -2 && !$is_cat) { |
7ef7dd31 | 21 | $date_sort_field = "last_published DESC"; |
84c53d0e AD |
22 | $date_check_field = "last_published"; |
23 | } else if ($feed == -1 && !$is_cat) { | |
7ef7dd31 | 24 | $date_sort_field = "last_marked DESC"; |
84c53d0e AD |
25 | $date_check_field = "last_marked"; |
26 | } | |
008ebad9 | 27 | |
25051fb8 AD |
28 | switch ($order) { |
29 | case "title": | |
30 | $date_sort_field = "ttrss_entries.title"; | |
31 | break; | |
32 | case "date_reverse": | |
33 | $date_sort_field = "date_entered, updated"; | |
34 | break; | |
35 | case "feed_dates": | |
36 | $date_sort_field = "updated DESC"; | |
37 | break; | |
38 | } | |
39 | ||
f5a0fb8b | 40 | /*$qfh_ret = queryFeedHeadlines($feed, |
9090b874 | 41 | 1, $view_mode, $is_cat, $search, false, |
2e35a707 | 42 | $date_sort_field, $offset, $owner_uid, |
f5a0fb8b AD |
43 | false, 0, true, true, false, false, $start_ts);*/ |
44 | ||
45 | //function queryFeedHeadlines($feed, | |
46 | // $limit, $view_mode, $cat_view, $search, $search_mode, | |
47 | // $override_order = false, $offset = 0, $owner_uid = 0, | |
48 | // $filter = false, $since_id = 0, $include_children = false, $ignore_vfeed_group = false, $override_strategy = false, $override_vfeed = false, $start_ts = false, $check_top_id = false) { | |
49 | ||
50 | $params = array( | |
51 | "owner_uid" => $owner_uid, | |
52 | "feed" => $feed, | |
53 | "limit" => 1, | |
54 | "view_mode" => $view_mode, | |
55 | "cat_view" => $is_cat, | |
56 | "search" => $search, | |
57 | "override_order" => $date_sort_field, | |
58 | "include_children" => true, | |
59 | "ignore_vfeed_group" => true, | |
60 | "offset" => $offset, | |
61 | "start_ts" => $start_ts | |
62 | ); | |
63 | ||
64 | $qfh_ret = queryFeedHeadlines($params); | |
2e35a707 AD |
65 | |
66 | $result = $qfh_ret[0]; | |
67 | ||
d9c85e0f | 68 | if ($this->dbh->num_rows($result) != 0) { |
84c53d0e AD |
69 | |
70 | $ts = strtotime($this->dbh->fetch_result($result, 0, $date_check_field)); | |
2e35a707 AD |
71 | |
72 | if (isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) && | |
d6ba77f3 | 73 | strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE']) >= $ts) { |
2e35a707 AD |
74 | header('HTTP/1.0 304 Not Modified'); |
75 | return; | |
76 | } | |
77 | ||
78 | $last_modified = gmdate("D, d M Y H:i:s", $ts) . " GMT"; | |
79 | header("Last-Modified: $last_modified", true); | |
80 | } | |
81 | ||
f5a0fb8b | 82 | /*$qfh_ret = queryFeedHeadlines($feed, |
9090b874 | 83 | $limit, $view_mode, $is_cat, $search, false, |
8aa01d79 | 84 | $date_sort_field, $offset, $owner_uid, |
f5a0fb8b AD |
85 | false, 0, true, true, false, false, $start_ts);*/ |
86 | ||
87 | $params = array( | |
88 | "owner_uid" => $owner_uid, | |
89 | "feed" => $feed, | |
90 | "limit" => $limit, | |
91 | "view_mode" => $view_mode, | |
92 | "cat_view" => $is_cat, | |
93 | "search" => $search, | |
94 | "override_order" => $date_sort_field, | |
95 | "include_children" => true, | |
96 | "ignore_vfeed_group" => true, | |
97 | "offset" => $offset, | |
98 | "start_ts" => $start_ts | |
99 | ); | |
100 | ||
101 | $qfh_ret = queryFeedHeadlines($params); | |
2e35a707 | 102 | |
79178062 AD |
103 | $result = $qfh_ret[0]; |
104 | $feed_title = htmlspecialchars($qfh_ret[1]); | |
105 | $feed_site_url = $qfh_ret[2]; | |
4a80c57c | 106 | /* $last_error = $qfh_ret[3]; */ |
79178062 AD |
107 | |
108 | $feed_self_url = get_self_url_prefix() . | |
39119f02 JT |
109 | "/public.php?op=rss&id=$feed&key=" . |
110 | get_feed_access_key($feed, false, $owner_uid); | |
79178062 AD |
111 | |
112 | if (!$feed_site_url) $feed_site_url = get_self_url_prefix(); | |
113 | ||
2ebf38a9 AD |
114 | if ($format == 'atom') { |
115 | $tpl = new MiniTemplator; | |
79178062 | 116 | |
2ebf38a9 | 117 | $tpl->readTemplateFromFile("templates/generated_feed.txt"); |
79178062 | 118 | |
2ebf38a9 AD |
119 | $tpl->setVariable('FEED_TITLE', $feed_title, true); |
120 | $tpl->setVariable('VERSION', VERSION, true); | |
121 | $tpl->setVariable('FEED_URL', htmlspecialchars($feed_self_url), true); | |
79178062 | 122 | |
2ebf38a9 AD |
123 | if (PUBSUBHUBBUB_HUB && $feed == -2) { |
124 | $tpl->setVariable('HUB_URL', htmlspecialchars(PUBSUBHUBBUB_HUB), true); | |
125 | $tpl->addBlock('feed_hub'); | |
126 | } | |
79178062 | 127 | |
2ebf38a9 | 128 | $tpl->setVariable('SELF_URL', htmlspecialchars(get_self_url_prefix()), true); |
d9c85e0f | 129 | while ($line = $this->dbh->fetch_assoc($result)) { |
399678a1 | 130 | |
2f1a29d9 | 131 | $line["content_preview"] = sanitize(truncate_string(strip_tags($line["content"]), 100, '...')); |
bc262b67 | 132 | |
891e36f5 | 133 | foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_QUERY_HEADLINES) as $p) { |
134 | $line = $p->hook_query_headlines($line); | |
135 | } | |
2e35a707 | 136 | |
399678a1 | 137 | foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_ARTICLE_EXPORT_FEED) as $p) { |
92322838 | 138 | $line = $p->hook_article_export_feed($line, $feed, $is_cat); |
399678a1 AD |
139 | } |
140 | ||
fcf6bfba AD |
141 | $tpl->setVariable('ARTICLE_ID', |
142 | htmlspecialchars($orig_guid ? $line['link'] : | |
f75e7c64 | 143 | $this->make_article_tag_uri($line['id'], $line['date_entered'])), true); |
2ebf38a9 AD |
144 | $tpl->setVariable('ARTICLE_LINK', htmlspecialchars($line['link']), true); |
145 | $tpl->setVariable('ARTICLE_TITLE', htmlspecialchars($line['title']), true); | |
67631438 | 146 | $tpl->setVariable('ARTICLE_EXCERPT', $line["content_preview"], true); |
79178062 | 147 | |
4b19d4ac | 148 | $content = sanitize($line["content"], false, $owner_uid, |
3261dbfa | 149 | $feed_site_url, false, $line["id"]); |
79178062 | 150 | |
2ebf38a9 AD |
151 | if ($line['note']) { |
152 | $content = "<div style=\"$note_style\">Article note: " . $line['note'] . "</div>" . | |
153 | $content; | |
e9c6e27d | 154 | $tpl->setVariable('ARTICLE_NOTE', htmlspecialchars($line['note']), true); |
155 | } | |
2ebf38a9 AD |
156 | |
157 | $tpl->setVariable('ARTICLE_CONTENT', $content, true); | |
158 | ||
159 | $tpl->setVariable('ARTICLE_UPDATED_ATOM', | |
160 | date('c', strtotime($line["updated"])), true); | |
161 | $tpl->setVariable('ARTICLE_UPDATED_RFC822', | |
162 | date(DATE_RFC822, strtotime($line["updated"])), true); | |
163 | ||
164 | $tpl->setVariable('ARTICLE_AUTHOR', htmlspecialchars($line['author']), true); | |
165 | ||
4b7391de | 166 | $tpl->setVariable('ARTICLE_SOURCE_LINK', htmlspecialchars($line['site_url'] ? $line["site_url"] : get_self_url_prefix()), true); |
0ee126ee | 167 | $tpl->setVariable('ARTICLE_SOURCE_TITLE', htmlspecialchars($line['feed_title'] ? $line['feed_title'] : $feed_title), true); |
2ebf38a9 | 168 | |
7e5f8d9f | 169 | $tags = Article::get_article_tags($line["id"], $owner_uid); |
2ebf38a9 AD |
170 | |
171 | foreach ($tags as $tag) { | |
172 | $tpl->setVariable('ARTICLE_CATEGORY', htmlspecialchars($tag), true); | |
173 | $tpl->addBlock('category'); | |
174 | } | |
79178062 | 175 | |
7e5f8d9f | 176 | $enclosures = Article::get_article_enclosures($line["id"]); |
79178062 | 177 | |
2ebf38a9 AD |
178 | foreach ($enclosures as $e) { |
179 | $type = htmlspecialchars($e['content_type']); | |
180 | $url = htmlspecialchars($e['content_url']); | |
4b7391de | 181 | $length = $e['duration'] ? $e['duration'] : 1; |
9c97041d | 182 | |
2ebf38a9 AD |
183 | $tpl->setVariable('ARTICLE_ENCLOSURE_URL', $url, true); |
184 | $tpl->setVariable('ARTICLE_ENCLOSURE_TYPE', $type, true); | |
185 | $tpl->setVariable('ARTICLE_ENCLOSURE_LENGTH', $length, true); | |
79178062 | 186 | |
2ebf38a9 AD |
187 | $tpl->addBlock('enclosure'); |
188 | } | |
79178062 | 189 | |
2ebf38a9 | 190 | $tpl->addBlock('entry'); |
79178062 AD |
191 | } |
192 | ||
2ebf38a9 AD |
193 | $tmp = ""; |
194 | ||
195 | $tpl->addBlock('feed'); | |
196 | $tpl->generateOutputToString($tmp); | |
197 | ||
10bdeb4b AD |
198 | if (@!$_REQUEST["noxml"]) { |
199 | header("Content-Type: text/xml; charset=utf-8"); | |
200 | } else { | |
201 | header("Content-Type: text/plain; charset=utf-8"); | |
202 | } | |
2ebf38a9 AD |
203 | |
204 | print $tmp; | |
205 | } else if ($format == 'json') { | |
79178062 | 206 | |
2ebf38a9 | 207 | $feed = array(); |
79178062 | 208 | |
2ebf38a9 AD |
209 | $feed['title'] = $feed_title; |
210 | $feed['version'] = VERSION; | |
211 | $feed['feed_url'] = $feed_self_url; | |
79178062 | 212 | |
2ebf38a9 AD |
213 | if (PUBSUBHUBBUB_HUB && $feed == -2) { |
214 | $feed['hub_url'] = PUBSUBHUBBUB_HUB; | |
79178062 AD |
215 | } |
216 | ||
2ebf38a9 AD |
217 | $feed['self_url'] = get_self_url_prefix(); |
218 | ||
219 | $feed['articles'] = array(); | |
220 | ||
d9c85e0f | 221 | while ($line = $this->dbh->fetch_assoc($result)) { |
399678a1 | 222 | |
2f1a29d9 | 223 | $line["content_preview"] = sanitize(truncate_string(strip_tags($line["content_preview"]), 100, '...')); |
399678a1 | 224 | |
891e36f5 | 225 | foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_QUERY_HEADLINES) as $p) { |
226 | $line = $p->hook_query_headlines($line, 100); | |
227 | } | |
399678a1 AD |
228 | |
229 | foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_ARTICLE_EXPORT_FEED) as $p) { | |
92322838 | 230 | $line = $p->hook_article_export_feed($line, $feed, $is_cat); |
399678a1 AD |
231 | } |
232 | ||
2ebf38a9 | 233 | $article = array(); |
79178062 | 234 | |
2ebf38a9 AD |
235 | $article['id'] = $line['link']; |
236 | $article['link'] = $line['link']; | |
237 | $article['title'] = $line['title']; | |
67631438 | 238 | $article['excerpt'] = $line["content_preview"]; |
3261dbfa | 239 | $article['content'] = sanitize($line["content"], false, $owner_uid, $feed_site_url, false, $line["id"]); |
2ebf38a9 | 240 | $article['updated'] = date('c', strtotime($line["updated"])); |
79178062 | 241 | |
2ebf38a9 AD |
242 | if ($line['note']) $article['note'] = $line['note']; |
243 | if ($article['author']) $article['author'] = $line['author']; | |
79178062 | 244 | |
a42c55f0 | 245 | $tags = get_article_tags($line["id"], $owner_uid); |
2ebf38a9 AD |
246 | |
247 | if (count($tags) > 0) { | |
248 | $article['tags'] = array(); | |
249 | ||
250 | foreach ($tags as $tag) { | |
251 | array_push($article['tags'], $tag); | |
252 | } | |
253 | } | |
254 | ||
7e5f8d9f | 255 | $enclosures = Article::get_article_enclosures($line["id"]); |
2ebf38a9 AD |
256 | |
257 | if (count($enclosures) > 0) { | |
258 | $article['enclosures'] = array(); | |
259 | ||
260 | foreach ($enclosures as $e) { | |
261 | $type = $e['content_type']; | |
262 | $url = $e['content_url']; | |
263 | $length = $e['duration']; | |
264 | ||
265 | array_push($article['enclosures'], array("url" => $url, "type" => $type, "length" => $length)); | |
266 | } | |
267 | } | |
268 | ||
269 | array_push($feed['articles'], $article); | |
270 | } | |
271 | ||
10bdeb4b | 272 | header("Content-Type: text/json; charset=utf-8"); |
2ebf38a9 AD |
273 | print json_encode($feed); |
274 | ||
275 | } else { | |
276 | header("Content-Type: text/plain; charset=utf-8"); | |
277 | print json_encode(array("error" => array("message" => "Unknown format"))); | |
278 | } | |
79178062 AD |
279 | } |
280 | ||
5f0a3741 | 281 | function getUnread() { |
d9c85e0f | 282 | $login = $this->dbh->escape_string($_REQUEST["login"]); |
5f0a3741 AD |
283 | $fresh = $_REQUEST["fresh"] == "1"; |
284 | ||
d9c85e0f | 285 | $result = $this->dbh->query("SELECT id FROM ttrss_users WHERE login = '$login'"); |
5f0a3741 | 286 | |
d9c85e0f AD |
287 | if ($this->dbh->num_rows($result) == 1) { |
288 | $uid = $this->dbh->fetch_result($result, 0, "id"); | |
5f0a3741 | 289 | |
a42c55f0 | 290 | print getGlobalUnread($uid); |
5f0a3741 AD |
291 | |
292 | if ($fresh) { | |
293 | print ";"; | |
86a8351c | 294 | print Feeds::getFeedArticles(-3, false, true, $uid); |
5f0a3741 AD |
295 | } |
296 | ||
297 | } else { | |
298 | print "-1;User not found"; | |
299 | } | |
300 | ||
301 | } | |
302 | ||
303 | function getProfiles() { | |
d9c85e0f | 304 | $login = $this->dbh->escape_string($_REQUEST["login"]); |
5f0a3741 | 305 | |
0806d68b | 306 | $result = $this->dbh->query("SELECT ttrss_settings_profiles.* FROM ttrss_settings_profiles,ttrss_users |
97acbaf1 | 307 | WHERE ttrss_users.id = ttrss_settings_profiles.owner_uid AND login = '$login' ORDER BY title"); |
5f0a3741 | 308 | |
eeee2ccf | 309 | print "<select dojoType='dijit.form.Select' style='width : 220px; margin : 0px' name='profile'>"; |
5f0a3741 | 310 | |
97acbaf1 | 311 | print "<option value='0'>" . __("Default profile") . "</option>"; |
5f0a3741 | 312 | |
d9c85e0f | 313 | while ($line = $this->dbh->fetch_assoc($result)) { |
97acbaf1 AD |
314 | $id = $line["id"]; |
315 | $title = $line["title"]; | |
5f0a3741 | 316 | |
97acbaf1 | 317 | print "<option value='$id'>$title</option>"; |
5f0a3741 | 318 | } |
97acbaf1 AD |
319 | |
320 | print "</select>"; | |
5f0a3741 AD |
321 | } |
322 | ||
323 | function pubsub() { | |
d9c85e0f | 324 | $mode = $this->dbh->escape_string($_REQUEST['hub_mode']); |
43d790f0 AD |
325 | if (!$mode) $mode = $this->dbh->escape_string($_REQUEST['hub.mode']); |
326 | ||
d9c85e0f AD |
327 | $feed_id = (int) $this->dbh->escape_string($_REQUEST['id']); |
328 | $feed_url = $this->dbh->escape_string($_REQUEST['hub_topic']); | |
5f0a3741 | 329 | |
43d790f0 AD |
330 | if (!$feed_url) $feed_url = $this->dbh->escape_string($_REQUEST['hub.topic']); |
331 | ||
5f0a3741 AD |
332 | if (!PUBSUBHUBBUB_ENABLED) { |
333 | header('HTTP/1.0 404 Not Found'); | |
43d790f0 | 334 | echo "404 Not found (Disabled by server)"; |
5f0a3741 AD |
335 | return; |
336 | } | |
337 | ||
338 | // TODO: implement hub_verifytoken checking | |
43d790f0 AD |
339 | // TODO: store requested rel=self or whatever for verification |
340 | // (may be different from stored feed url) e.g. http://url/ or http://url | |
5f0a3741 | 341 | |
d9c85e0f | 342 | $result = $this->dbh->query("SELECT feed_url FROM ttrss_feeds |
5f0a3741 AD |
343 | WHERE id = '$feed_id'"); |
344 | ||
d9c85e0f | 345 | if ($this->dbh->num_rows($result) != 0) { |
5f0a3741 | 346 | |
d9c85e0f | 347 | $check_feed_url = $this->dbh->fetch_result($result, 0, "feed_url"); |
5f0a3741 | 348 | |
43d790f0 AD |
349 | // ignore url checking for the time being |
350 | if ($check_feed_url && (true || $check_feed_url == $feed_url || !$feed_url)) { | |
5f0a3741 AD |
351 | if ($mode == "subscribe") { |
352 | ||
d9c85e0f | 353 | $this->dbh->query("UPDATE ttrss_feeds SET pubsub_state = 2 |
5f0a3741 AD |
354 | WHERE id = '$feed_id'"); |
355 | ||
356 | print $_REQUEST['hub_challenge']; | |
357 | return; | |
358 | ||
359 | } else if ($mode == "unsubscribe") { | |
360 | ||
d9c85e0f | 361 | $this->dbh->query("UPDATE ttrss_feeds SET pubsub_state = 0 |
5f0a3741 AD |
362 | WHERE id = '$feed_id'"); |
363 | ||
364 | print $_REQUEST['hub_challenge']; | |
365 | return; | |
366 | ||
367 | } else if (!$mode) { | |
368 | ||
369 | // Received update ping, schedule feed update. | |
a42c55f0 | 370 | //update_rss_feed($feed_id, true, true); |
5f0a3741 | 371 | |
d9c85e0f | 372 | $this->dbh->query("UPDATE ttrss_feeds SET |
5f0a3741 AD |
373 | last_update_started = '1970-01-01', |
374 | last_updated = '1970-01-01' WHERE id = '$feed_id'"); | |
375 | ||
376 | } | |
377 | } else { | |
378 | header('HTTP/1.0 404 Not Found'); | |
43d790f0 | 379 | echo "404 Not found (URL check failed)"; |
5f0a3741 AD |
380 | } |
381 | } else { | |
382 | header('HTTP/1.0 404 Not Found'); | |
43d790f0 | 383 | echo "404 Not found (Feed not found)"; |
5f0a3741 AD |
384 | } |
385 | ||
386 | } | |
387 | ||
388 | function logout() { | |
389 | logout_user(); | |
390 | header("Location: index.php"); | |
391 | } | |
392 | ||
5f0a3741 | 393 | function share() { |
d9c85e0f | 394 | $uuid = $this->dbh->escape_string($_REQUEST["key"]); |
5f0a3741 | 395 | |
d9c85e0f | 396 | $result = $this->dbh->query("SELECT ref_id, owner_uid FROM ttrss_user_entries WHERE |
5f0a3741 AD |
397 | uuid = '$uuid'"); |
398 | ||
d9c85e0f | 399 | if ($this->dbh->num_rows($result) != 0) { |
5f0a3741 AD |
400 | header("Content-Type: text/html"); |
401 | ||
d9c85e0f AD |
402 | $id = $this->dbh->fetch_result($result, 0, "ref_id"); |
403 | $owner_uid = $this->dbh->fetch_result($result, 0, "owner_uid"); | |
5f0a3741 | 404 | |
7e5f8d9f | 405 | $article = Article::format_article($id, false, true, $owner_uid); |
5f0a3741 AD |
406 | |
407 | print_r($article['content']); | |
408 | ||
409 | } else { | |
410 | print "Article not found."; | |
411 | } | |
412 | ||
413 | } | |
414 | ||
415 | function rss() { | |
d9c85e0f AD |
416 | $feed = $this->dbh->escape_string($_REQUEST["id"]); |
417 | $key = $this->dbh->escape_string($_REQUEST["key"]); | |
356e13b1 | 418 | $is_cat = sql_bool_to_bool($_REQUEST["is_cat"]); |
d9c85e0f AD |
419 | $limit = (int)$this->dbh->escape_string($_REQUEST["limit"]); |
420 | $offset = (int)$this->dbh->escape_string($_REQUEST["offset"]); | |
5f0a3741 | 421 | |
d9c85e0f | 422 | $search = $this->dbh->escape_string($_REQUEST["q"]); |
d9c85e0f | 423 | $view_mode = $this->dbh->escape_string($_REQUEST["view-mode"]); |
25051fb8 | 424 | $order = $this->dbh->escape_string($_REQUEST["order"]); |
d1e631f3 | 425 | $start_ts = $this->dbh->escape_string($_REQUEST["ts"]); |
5f0a3741 | 426 | |
d9c85e0f | 427 | $format = $this->dbh->escape_string($_REQUEST['format']); |
5bcb7b61 | 428 | $orig_guid = sql_bool_to_bool($_REQUEST["orig_guid"]); |
2ebf38a9 AD |
429 | |
430 | if (!$format) $format = 'atom'; | |
431 | ||
5f0a3741 | 432 | if (SINGLE_USER_MODE) { |
a42c55f0 | 433 | authenticate_user("admin", null); |
5f0a3741 AD |
434 | } |
435 | ||
436 | $owner_id = false; | |
437 | ||
438 | if ($key) { | |
d9c85e0f | 439 | $result = $this->dbh->query("SELECT owner_uid FROM |
5f0a3741 AD |
440 | ttrss_access_keys WHERE access_key = '$key' AND feed_id = '$feed'"); |
441 | ||
d9c85e0f AD |
442 | if ($this->dbh->num_rows($result) == 1) |
443 | $owner_id = $this->dbh->fetch_result($result, 0, "owner_uid"); | |
5f0a3741 AD |
444 | } |
445 | ||
446 | if ($owner_id) { | |
2fb947eb | 447 | $this->generate_syndicated_feed($owner_id, $feed, $is_cat, $limit, |
9090b874 | 448 | $offset, $search, $view_mode, $format, $order, $orig_guid, $start_ts); |
5f0a3741 AD |
449 | } else { |
450 | header('HTTP/1.1 403 Forbidden'); | |
451 | } | |
452 | } | |
453 | ||
910592b4 | 454 | function updateTask() { |
4a80c57c | 455 | PluginHost::getInstance()->run_hooks(PluginHost::HOOK_UPDATE_TASK, "hook_update_task", false); |
910592b4 AD |
456 | } |
457 | ||
4e5ddeaf | 458 | function housekeepingTask() { |
4a80c57c | 459 | PluginHost::getInstance()->run_hooks(PluginHost::HOOK_HOUSE_KEEPING, "hook_house_keeping", false); |
4e5ddeaf AD |
460 | } |
461 | ||
07391e36 | 462 | function globalUpdateFeeds() { |
113c3dec | 463 | RPC::updaterandomfeed_real($this->dbh); |
cda55d67 | 464 | |
4a80c57c | 465 | PluginHost::getInstance()->run_hooks(PluginHost::HOOK_UPDATE_TASK, "hook_update_task", false); |
07391e36 | 466 | } |
8361e724 AD |
467 | |
468 | function sharepopup() { | |
61a748f8 | 469 | if (SINGLE_USER_MODE) { |
6322ac79 | 470 | login_sequence(); |
61a748f8 AD |
471 | } |
472 | ||
8361e724 | 473 | header('Content-Type: text/html; charset=utf-8'); |
d0ee0f52 AD |
474 | print "<html><head><title>Tiny Tiny RSS</title> |
475 | <link rel=\"shortcut icon\" type=\"image/png\" href=\"images/favicon.png\"> | |
476 | <link rel=\"icon\" type=\"image/png\" sizes=\"72x72\" href=\"images/favicon-72px.png\">"; | |
9a2aed91 | 477 | |
cdbcb277 | 478 | echo stylesheet_tag("css/utility.css"); |
6214a076 | 479 | echo stylesheet_tag("css/dijit.css"); |
cdbcb277 | 480 | echo javascript_tag("lib/prototype.js"); |
6214a076 | 481 | echo javascript_tag("lib/scriptaculous/scriptaculous.js?load=effects,controls"); |
9a2aed91 AD |
482 | print "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/> |
483 | </head><body id='sharepopup'>"; | |
8361e724 AD |
484 | |
485 | $action = $_REQUEST["action"]; | |
486 | ||
487 | if ($_SESSION["uid"]) { | |
488 | ||
d493aba2 | 489 | if ($action == 'share') { |
8361e724 | 490 | |
d9c85e0f AD |
491 | $title = $this->dbh->escape_string(strip_tags($_REQUEST["title"])); |
492 | $url = $this->dbh->escape_string(strip_tags($_REQUEST["url"])); | |
493 | $content = $this->dbh->escape_string(strip_tags($_REQUEST["content"])); | |
494 | $labels = $this->dbh->escape_string(strip_tags($_REQUEST["labels"])); | |
8361e724 | 495 | |
a42c55f0 | 496 | Article::create_published_article($title, $url, $content, $labels, |
1b4d1a6b | 497 | $_SESSION["uid"]); |
8361e724 | 498 | |
d493aba2 AD |
499 | print "<script type='text/javascript'>"; |
500 | print "window.close();"; | |
501 | print "</script>"; | |
8361e724 | 502 | |
d493aba2 | 503 | } else { |
8361e724 AD |
504 | $title = htmlspecialchars($_REQUEST["title"]); |
505 | $url = htmlspecialchars($_REQUEST["url"]); | |
506 | ||
d493aba2 | 507 | ?> |
8361e724 | 508 | |
d493aba2 AD |
509 | <table height='100%' width='100%'><tr><td colspan='2'> |
510 | <h1><?php echo __("Share with Tiny Tiny RSS") ?></h1> | |
511 | </td></tr> | |
8361e724 | 512 | |
d493aba2 | 513 | <form id='share_form' name='share_form'> |
8361e724 | 514 | |
d493aba2 AD |
515 | <input type="hidden" name="op" value="sharepopup"> |
516 | <input type="hidden" name="action" value="share"> | |
8361e724 | 517 | |
22439dad | 518 | <tr><td align='right'><?php echo __("Title:") ?></td> |
d493aba2 | 519 | <td width='80%'><input name='title' value="<?php echo $title ?>"></td></tr> |
22439dad | 520 | <tr><td align='right'><?php echo __("URL:") ?></td> |
d493aba2 | 521 | <td><input name='url' value="<?php echo $url ?>"></td></tr> |
22439dad | 522 | <tr><td align='right'><?php echo __("Content:") ?></td> |
d493aba2 | 523 | <td><input name='content' value=""></td></tr> |
1b4d1a6b AD |
524 | <tr><td align='right'><?php echo __("Labels:") ?></td> |
525 | <td><input name='labels' id="labels_value" | |
526 | placeholder='Alpha, Beta, Gamma' value=""> | |
527 | </td></tr> | |
528 | ||
529 | <tr><td> | |
530 | <div class="autocomplete" id="labels_choices" | |
531 | style="display : block"></div></td></tr> | |
8361e724 | 532 | |
d493aba2 | 533 | <script type='text/javascript'>document.forms[0].title.focus();</script> |
8361e724 | 534 | |
1b4d1a6b AD |
535 | <script type='text/javascript'> |
536 | new Ajax.Autocompleter('labels_value', 'labels_choices', | |
537 | "backend.php?op=rpc&method=completeLabels", | |
538 | { tokens: ',', paramName: "search" }); | |
539 | </script> | |
540 | ||
d493aba2 AD |
541 | <tr><td colspan='2'> |
542 | <div style='float : right' class='insensitive-small'> | |
543 | <?php echo __("Shared article will appear in the Published feed.") ?> | |
544 | </div> | |
545 | <button type="submit"><?php echo __('Share') ?></button> | |
546 | <button onclick="return window.close()"><?php echo __('Cancel') ?></button> | |
f5a0fb8b | 547 | </td> |
8361e724 | 548 | |
d493aba2 AD |
549 | </form> |
550 | </td></tr></table> | |
551 | </body></html> | |
552 | <?php | |
8361e724 | 553 | |
8361e724 AD |
554 | } |
555 | ||
556 | } else { | |
557 | ||
d493aba2 AD |
558 | $return = urlencode($_SERVER["REQUEST_URI"]) |
559 | ?> | |
560 | ||
561 | <form action="public.php?return=<?php echo $return ?>" | |
22439dad | 562 | method="POST" id="loginForm" name="loginForm"> |
d493aba2 AD |
563 | |
564 | <input type="hidden" name="op" value="login"> | |
565 | ||
566 | <table height='100%' width='100%'><tr><td colspan='2'> | |
22439dad | 567 | <h1><?php echo __("Not logged in") ?></h1></td></tr> |
d493aba2 AD |
568 | |
569 | <tr><td align="right"><?php echo __("Login:") ?></td> | |
570 | <td align="right"><input name="login" | |
571 | value="<?php echo $_SESSION["fake_login"] ?>"></td></tr> | |
572 | <tr><td align="right"><?php echo __("Password:") ?></td> | |
573 | <td align="right"><input type="password" name="password" | |
574 | value="<?php echo $_SESSION["fake_password"] ?>"></td></tr> | |
d493aba2 AD |
575 | <tr><td colspan='2'> |
576 | <button type="submit"> | |
577 | <?php echo __('Log in') ?></button> | |
578 | ||
579 | <button onclick="return window.close()"> | |
580 | <?php echo __('Cancel') ?></button> | |
581 | </td></tr> | |
582 | </table> | |
583 | ||
584 | </form> | |
585 | <?php | |
8361e724 AD |
586 | } |
587 | } | |
588 | ||
97acbaf1 | 589 | function login() { |
97acbaf1 AD |
590 | if (!SINGLE_USER_MODE) { |
591 | ||
d9c85e0f | 592 | $login = $this->dbh->escape_string($_POST["login"]); |
97acbaf1 | 593 | $password = $_POST["password"]; |
aadd636a | 594 | $remember_me = $_POST["remember_me"]; |
97acbaf1 | 595 | |
f231f438 AD |
596 | if ($remember_me) { |
597 | session_set_cookie_params(SESSION_COOKIE_LIFETIME); | |
598 | } else { | |
599 | session_set_cookie_params(0); | |
600 | } | |
601 | ||
aadd636a | 602 | @session_start(); |
60ed4c9a | 603 | |
a42c55f0 | 604 | if (authenticate_user($login, $password)) { |
97acbaf1 AD |
605 | $_POST["password"] = ""; |
606 | ||
b18d109f AD |
607 | if (get_schema_version() >= 120) { |
608 | $_SESSION["language"] = get_pref("USER_LANGUAGE", $_SESSION["uid"]); | |
609 | } | |
610 | ||
a42c55f0 | 611 | $_SESSION["ref_schema_version"] = get_schema_version(true); |
97acbaf1 AD |
612 | $_SESSION["bw_limit"] = !!$_POST["bw_limit"]; |
613 | ||
614 | if ($_POST["profile"]) { | |
615 | ||
d9c85e0f | 616 | $profile = $this->dbh->escape_string($_POST["profile"]); |
97acbaf1 | 617 | |
d9c85e0f | 618 | $result = $this->dbh->query("SELECT id FROM ttrss_settings_profiles |
97acbaf1 AD |
619 | WHERE id = '$profile' AND owner_uid = " . $_SESSION["uid"]); |
620 | ||
d9c85e0f | 621 | if ($this->dbh->num_rows($result) != 0) { |
97acbaf1 | 622 | $_SESSION["profile"] = $profile; |
97acbaf1 AD |
623 | } |
624 | } | |
625 | } else { | |
626 | $_SESSION["login_error_msg"] = __("Incorrect username or password"); | |
fd94d631 | 627 | user_error("Failed login attempt for $login from {$_SERVER['REMOTE_ADDR']}", E_USER_WARNING); |
97acbaf1 AD |
628 | } |
629 | ||
630 | if ($_REQUEST['return']) { | |
631 | header("Location: " . $_REQUEST['return']); | |
632 | } else { | |
633 | header("Location: " . SELF_URL_PATH); | |
634 | } | |
635 | } | |
636 | } | |
637 | ||
f7439d69 | 638 | /* function subtest() { |
97b7d5c0 AD |
639 | header("Content-type: text/plain; charset=utf-8"); |
640 | ||
641 | $url = $_REQUEST["url"]; | |
642 | ||
643 | print "$url\n\n"; | |
644 | ||
645 | ||
646 | print_r(get_feeds_from_html($url, fetch_file_contents($url))); | |
647 | ||
f7439d69 | 648 | } */ |
97b7d5c0 | 649 | |
97acbaf1 | 650 | function subscribe() { |
61a748f8 | 651 | if (SINGLE_USER_MODE) { |
6322ac79 | 652 | login_sequence(); |
61a748f8 AD |
653 | } |
654 | ||
97acbaf1 AD |
655 | if ($_SESSION["uid"]) { |
656 | ||
d9c85e0f | 657 | $feed_url = $this->dbh->escape_string(trim($_REQUEST["feed_url"])); |
97acbaf1 AD |
658 | |
659 | header('Content-Type: text/html; charset=utf-8'); | |
660 | print "<html> | |
661 | <head> | |
662 | <title>Tiny Tiny RSS</title> | |
5bbc4bb4 | 663 | <link rel=\"stylesheet\" type=\"text/css\" href=\"css/utility.css\"> |
97acbaf1 | 664 | <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/> |
d0ee0f52 AD |
665 | <link rel=\"shortcut icon\" type=\"image/png\" href=\"images/favicon.png\"> |
666 | <link rel=\"icon\" type=\"image/png\" sizes=\"72x72\" href=\"images/favicon-72px.png\"> | |
667 | ||
97acbaf1 AD |
668 | </head> |
669 | <body> | |
884d1650 | 670 | <img class=\"floatingLogo\" src=\"images/logo_small.png\" |
97acbaf1 | 671 | alt=\"Tiny Tiny RSS\"/> |
884d1650 | 672 | <h1>".__("Subscribe to feed...")."</h1><div class='content'>"; |
97acbaf1 | 673 | |
86a8351c | 674 | $rc = Feeds::subscribe_to_feed($feed_url); |
97acbaf1 AD |
675 | |
676 | switch ($rc['code']) { | |
677 | case 0: | |
678 | print_warning(T_sprintf("Already subscribed to <b>%s</b>.", $feed_url)); | |
679 | break; | |
680 | case 1: | |
681 | print_notice(T_sprintf("Subscribed to <b>%s</b>.", $feed_url)); | |
682 | break; | |
683 | case 2: | |
684 | print_error(T_sprintf("Could not subscribe to <b>%s</b>.", $feed_url)); | |
685 | break; | |
686 | case 3: | |
687 | print_error(T_sprintf("No feeds found in <b>%s</b>.", $feed_url)); | |
688 | break; | |
689 | case 4: | |
690 | print_notice(__("Multiple feed URLs found.")); | |
759e5132 | 691 | $feed_urls = $rc["feeds"]; |
97acbaf1 AD |
692 | break; |
693 | case 5: | |
694 | print_error(T_sprintf("Could not subscribe to <b>%s</b>.<br>Can't download the Feed URL.", $feed_url)); | |
695 | break; | |
696 | } | |
697 | ||
698 | if ($feed_urls) { | |
699 | ||
700 | print "<form action=\"public.php\">"; | |
701 | print "<input type=\"hidden\" name=\"op\" value=\"subscribe\">"; | |
702 | ||
703 | print "<select name=\"feed_url\">"; | |
704 | ||
705 | foreach ($feed_urls as $url => $name) { | |
706 | $url = htmlspecialchars($url); | |
707 | $name = htmlspecialchars($name); | |
708 | ||
709 | print "<option value=\"$url\">$name</option>"; | |
710 | } | |
711 | ||
712 | print "<input type=\"submit\" value=\"".__("Subscribe to selected feed"). | |
713 | "\">"; | |
714 | ||
715 | print "</form>"; | |
716 | } | |
717 | ||
718 | $tp_uri = get_self_url_prefix() . "/prefs.php"; | |
719 | $tt_uri = get_self_url_prefix(); | |
720 | ||
721 | if ($rc['code'] <= 2){ | |
d9c85e0f | 722 | $result = $this->dbh->query("SELECT id FROM ttrss_feeds WHERE |
97acbaf1 AD |
723 | feed_url = '$feed_url' AND owner_uid = " . $_SESSION["uid"]); |
724 | ||
d9c85e0f | 725 | $feed_id = $this->dbh->fetch_result($result, 0, "id"); |
97acbaf1 AD |
726 | } else { |
727 | $feed_id = 0; | |
728 | } | |
729 | print "<p>"; | |
730 | ||
731 | if ($feed_id) { | |
732 | print "<form method=\"GET\" style='display: inline' | |
733 | action=\"$tp_uri\"> | |
734 | <input type=\"hidden\" name=\"tab\" value=\"feedConfig\"> | |
735 | <input type=\"hidden\" name=\"method\" value=\"editFeed\"> | |
736 | <input type=\"hidden\" name=\"methodparam\" value=\"$feed_id\"> | |
737 | <input type=\"submit\" value=\"".__("Edit subscription options")."\"> | |
738 | </form>"; | |
739 | } | |
740 | ||
741 | print "<form style='display: inline' method=\"GET\" action=\"$tt_uri\"> | |
742 | <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\"> | |
743 | </form></p>"; | |
744 | ||
884d1650 | 745 | print "</div></body></html>"; |
97acbaf1 AD |
746 | |
747 | } else { | |
6322ac79 | 748 | render_login_form(); |
97acbaf1 AD |
749 | } |
750 | } | |
751 | ||
97acbaf1 AD |
752 | function index() { |
753 | header("Content-Type: text/plain"); | |
27f7b593 | 754 | print error_json(13); |
97acbaf1 AD |
755 | } |
756 | ||
f43e9e97 | 757 | function forgotpass() { |
67e0cf9a AD |
758 | startup_gettext(); |
759 | ||
5303f9a7 AD |
760 | @$hash = $_REQUEST["hash"]; |
761 | ||
f43e9e97 | 762 | header('Content-Type: text/html; charset=utf-8'); |
d0ee0f52 AD |
763 | print "<html><head><title>Tiny Tiny RSS</title> |
764 | <link rel=\"shortcut icon\" type=\"image/png\" href=\"images/favicon.png\"> | |
765 | <link rel=\"icon\" type=\"image/png\" sizes=\"72x72\" href=\"images/favicon-72px.png\">"; | |
e216d302 | 766 | |
cdbcb277 AD |
767 | echo stylesheet_tag("css/utility.css"); |
768 | echo javascript_tag("lib/prototype.js"); | |
e216d302 AD |
769 | |
770 | print "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/> | |
771 | </head><body id='forgotpass'>"; | |
f43e9e97 | 772 | |
884d1650 | 773 | print '<div class="floatingLogo"><img src="images/logo_small.png"></div>'; |
483f15d5 | 774 | print "<h1>".__("Password recovery")."</h1>"; |
884d1650 | 775 | print "<div class='content'>"; |
f43e9e97 AD |
776 | |
777 | @$method = $_POST['method']; | |
778 | ||
5303f9a7 AD |
779 | if ($hash) { |
780 | $login = $_REQUEST["login"]; | |
781 | ||
782 | if ($login) { | |
783 | $result = $this->dbh->query("SELECT id, resetpass_token FROM ttrss_users | |
784 | WHERE login = '$login'"); | |
785 | ||
786 | if ($this->dbh->num_rows($result) != 0) { | |
787 | $id = $this->dbh->fetch_result($result, 0, "id"); | |
788 | $resetpass_token_full = $this->dbh->fetch_result($result, 0, "resetpass_token"); | |
789 | list($timestamp, $resetpass_token) = explode(":", $resetpass_token_full); | |
790 | ||
791 | if ($timestamp && $resetpass_token && | |
792 | $timestamp >= time() - 15*60*60 && | |
793 | $resetpass_token == $hash) { | |
794 | ||
795 | $result = $this->dbh->query("UPDATE ttrss_users SET resetpass_token = NULL | |
796 | WHERE id = $id"); | |
797 | ||
798 | Pref_Users::resetUserPassword($id, true); | |
799 | ||
800 | print "<p>"."Completed."."</p>"; | |
801 | ||
802 | } else { | |
803 | print_error("Some of the information provided is missing or incorrect."); | |
804 | } | |
805 | } else { | |
806 | print_error("Some of the information provided is missing or incorrect."); | |
807 | } | |
808 | } else { | |
809 | print_error("Some of the information provided is missing or incorrect."); | |
810 | } | |
811 | ||
812 | print "<form method=\"GET\" action=\"index.php\"> | |
813 | <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\"> | |
814 | </form>"; | |
815 | ||
816 | } else if (!$method) { | |
817 | print_notice(__("You will need to provide valid account name and email. A password reset link will be sent to your email address.")); | |
483f15d5 | 818 | |
f43e9e97 | 819 | print "<form method='POST' action='public.php'>"; |
f43e9e97 AD |
820 | print "<input type='hidden' name='method' value='do'>"; |
821 | print "<input type='hidden' name='op' value='forgotpass'>"; | |
822 | ||
823 | print "<fieldset>"; | |
824 | print "<label>".__("Login:")."</label>"; | |
825 | print "<input type='text' name='login' value='' required>"; | |
826 | print "</fieldset>"; | |
827 | ||
828 | print "<fieldset>"; | |
829 | print "<label>".__("Email:")."</label>"; | |
830 | print "<input type='email' name='email' value='' required>"; | |
831 | print "</fieldset>"; | |
832 | ||
833 | print "<fieldset>"; | |
834 | print "<label>".__("How much is two plus two:")."</label>"; | |
835 | print "<input type='text' name='test' value='' required>"; | |
836 | print "</fieldset>"; | |
837 | ||
838 | print "<p/>"; | |
839 | print "<button type='submit'>".__("Reset password")."</button>"; | |
840 | ||
841 | print "</form>"; | |
842 | } else if ($method == 'do') { | |
843 | ||
d9c85e0f AD |
844 | $login = $this->dbh->escape_string($_POST["login"]); |
845 | $email = $this->dbh->escape_string($_POST["email"]); | |
846 | $test = $this->dbh->escape_string($_POST["test"]); | |
f43e9e97 AD |
847 | |
848 | if (($test != 4 && $test != 'four') || !$email || !$login) { | |
849 | print_error(__('Some of the required form parameters are missing or incorrect.')); | |
850 | ||
483f15d5 AD |
851 | print "<form method=\"GET\" action=\"public.php\"> |
852 | <input type=\"hidden\" name=\"op\" value=\"forgotpass\"> | |
853 | <input type=\"submit\" value=\"".__("Go back")."\"> | |
854 | </form>"; | |
f43e9e97 | 855 | |
e216d302 | 856 | } else { |
f43e9e97 | 857 | |
5303f9a7 AD |
858 | print_notice("Password reset instructions are being sent to your email address."); |
859 | ||
d9c85e0f | 860 | $result = $this->dbh->query("SELECT id FROM ttrss_users |
f43e9e97 AD |
861 | WHERE login = '$login' AND email = '$email'"); |
862 | ||
d9c85e0f AD |
863 | if ($this->dbh->num_rows($result) != 0) { |
864 | $id = $this->dbh->fetch_result($result, 0, "id"); | |
f43e9e97 | 865 | |
5303f9a7 AD |
866 | if ($id) { |
867 | $resetpass_token = sha1(get_random_bytes(128)); | |
868 | $resetpass_link = get_self_url_prefix() . "/public.php?op=forgotpass&hash=" . $resetpass_token . | |
869 | "&login=" . urlencode($login); | |
870 | ||
871 | require_once 'classes/ttrssmailer.php'; | |
872 | require_once "lib/MiniTemplator.class.php"; | |
873 | ||
874 | $tpl = new MiniTemplator; | |
875 | ||
876 | $tpl->readTemplateFromFile("templates/resetpass_link_template.txt"); | |
877 | ||
878 | $tpl->setVariable('LOGIN', $login); | |
879 | $tpl->setVariable('RESETPASS_LINK', $resetpass_link); | |
880 | ||
881 | $tpl->addBlock('message'); | |
882 | ||
883 | $message = ""; | |
f43e9e97 | 884 | |
5303f9a7 | 885 | $tpl->generateOutputToString($message); |
483f15d5 | 886 | |
5303f9a7 AD |
887 | $mail = new ttrssMailer(); |
888 | ||
889 | $rc = $mail->quickMail($email, $login, | |
890 | __("[tt-rss] Password reset request"), | |
891 | $message, false); | |
892 | ||
893 | if (!$rc) print_error($mail->ErrorInfo); | |
894 | ||
895 | $resetpass_token_full = $this->dbh->escape_string(time() . ":" . $resetpass_token); | |
896 | ||
897 | $result = $this->dbh->query("UPDATE ttrss_users | |
898 | SET resetpass_token = '$resetpass_token_full' | |
899 | WHERE login = '$login' AND email = '$email'"); | |
900 | ||
901 | //Pref_Users::resetUserPassword($id, false); | |
902 | ||
903 | print "<p>"; | |
904 | ||
905 | print "<p>"."Completed."."</p>"; | |
906 | } else { | |
907 | print_error("User ID not found."); | |
908 | } | |
483f15d5 AD |
909 | |
910 | print "<form method=\"GET\" action=\"index.php\"> | |
911 | <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\"> | |
912 | </form>"; | |
f43e9e97 AD |
913 | |
914 | } else { | |
915 | print_error(__("Sorry, login and email combination not found.")); | |
483f15d5 AD |
916 | |
917 | print "<form method=\"GET\" action=\"public.php\"> | |
918 | <input type=\"hidden\" name=\"op\" value=\"forgotpass\"> | |
919 | <input type=\"submit\" value=\"".__("Go back")."\"> | |
920 | </form>"; | |
921 | ||
f43e9e97 | 922 | } |
f43e9e97 AD |
923 | } |
924 | ||
925 | } | |
926 | ||
884d1650 | 927 | print "</div>"; |
f43e9e97 AD |
928 | print "</body>"; |
929 | print "</html>"; | |
930 | ||
b4c47f7e AD |
931 | } |
932 | ||
933 | function dbupdate() { | |
67e0cf9a AD |
934 | startup_gettext(); |
935 | ||
f240d26e AD |
936 | if (!SINGLE_USER_MODE && $_SESSION["access_level"] < 10) { |
937 | $_SESSION["login_error_msg"] = __("Your access level is insufficient to run this script."); | |
6322ac79 | 938 | render_login_form(); |
f240d26e AD |
939 | exit; |
940 | } | |
941 | ||
942 | ?><html> | |
943 | <head> | |
944 | <title>Database Updater</title> | |
945 | <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/> | |
5bbc4bb4 | 946 | <link rel="stylesheet" type="text/css" href="css/utility.css"/> |
d0ee0f52 AD |
947 | <link rel=\"shortcut icon\" type=\"image/png\" href=\"images/favicon.png\"> |
948 | <link rel=\"icon\" type=\"image/png\" sizes=\"72x72\" href=\"images/favicon-72px.png\"> | |
f240d26e AD |
949 | </head> |
950 | <style type="text/css"> | |
951 | span.ok { color : #009000; font-weight : bold; } | |
952 | span.err { color : #ff0000; font-weight : bold; } | |
953 | </style> | |
954 | <body> | |
955 | <script type='text/javascript'> | |
956 | function confirmOP() { | |
957 | return confirm("Update the database?"); | |
958 | } | |
959 | </script> | |
960 | ||
961 | <div class="floatingLogo"><img src="images/logo_small.png"></div> | |
962 | ||
963 | <h1><?php echo __("Database Updater") ?></h1> | |
964 | ||
965 | <div class="content"> | |
966 | ||
967 | <?php | |
968 | @$op = $_REQUEST["subop"]; | |
0630a100 | 969 | $updater = new DbUpdater(Db::get(), DB_TYPE, SCHEMA_VERSION); |
f240d26e AD |
970 | |
971 | if ($op == "performupdate") { | |
972 | if ($updater->isUpdateRequired()) { | |
973 | ||
974 | print "<h2>Performing updates</h2>"; | |
975 | ||
976 | print "<h3>Updating to schema version " . SCHEMA_VERSION . "</h3>"; | |
977 | ||
978 | print "<ul>"; | |
979 | ||
980 | for ($i = $updater->getSchemaVersion() + 1; $i <= SCHEMA_VERSION; $i++) { | |
981 | print "<li>Performing update up to version $i..."; | |
982 | ||
977cea14 | 983 | $result = $updater->performUpdateTo($i, true); |
f240d26e AD |
984 | |
985 | if (!$result) { | |
986 | print "<span class='err'>FAILED!</span></li></ul>"; | |
987 | ||
988 | print_warning("One of the updates failed. Either retry the process or perform updates manually."); | |
989 | print "<p><form method=\"GET\" action=\"index.php\"> | |
990 | <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\"> | |
991 | </form>"; | |
992 | ||
977cea14 | 993 | return; |
f240d26e AD |
994 | } else { |
995 | print "<span class='ok'>OK!</span></li>"; | |
996 | } | |
997 | } | |
998 | ||
999 | print "</ul>"; | |
b4c47f7e | 1000 | |
f240d26e | 1001 | print_notice("Your Tiny Tiny RSS database is now updated to the latest version."); |
b4c47f7e | 1002 | |
f240d26e AD |
1003 | print "<p><form method=\"GET\" action=\"index.php\"> |
1004 | <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\"> | |
1005 | </form>"; | |
1006 | ||
1007 | } else { | |
1008 | print "<h2>Your database is up to date.</h2>"; | |
1009 | ||
1010 | print "<p><form method=\"GET\" action=\"index.php\"> | |
1011 | <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\"> | |
1012 | </form>"; | |
1013 | } | |
1014 | } else { | |
1015 | if ($updater->isUpdateRequired()) { | |
1016 | ||
1017 | print "<h2>Database update required</h2>"; | |
b4c47f7e | 1018 | |
b8774453 AD |
1019 | print_notice("<h4>". |
1020 | sprintf("Your Tiny Tiny RSS database needs update to the latest version: %d to %d.", | |
1021 | $updater->getSchemaVersion(), SCHEMA_VERSION). | |
1022 | "</h4>"); | |
b4c47f7e | 1023 | |
f240d26e | 1024 | print_warning("Please backup your database before proceeding."); |
b4c47f7e | 1025 | |
f240d26e AD |
1026 | print "<form method='POST'> |
1027 | <input type='hidden' name='subop' value='performupdate'> | |
1028 | <input type='submit' onclick='return confirmOP()' value='".__("Perform updates")."'> | |
1029 | </form>"; | |
1030 | ||
1031 | } else { | |
1032 | ||
3c200461 | 1033 | print_notice("Tiny Tiny RSS database is up to date."); |
f240d26e AD |
1034 | |
1035 | print "<p><form method=\"GET\" action=\"index.php\"> | |
1036 | <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\"> | |
1037 | </form>"; | |
1038 | ||
1039 | } | |
1040 | } | |
1041 | ?> | |
b4c47f7e | 1042 | |
f240d26e AD |
1043 | </div> |
1044 | </body> | |
1045 | </html> | |
1046 | <?php | |
f43e9e97 AD |
1047 | } |
1048 | ||
41bead9b | 1049 | function cached_url() { |
0c6f7b31 AD |
1050 | @$hash = basename($_GET['hash']); |
1051 | ||
41bead9b AD |
1052 | // we don't need an extension to find the file, hash is a complete URL |
1053 | $hash = preg_replace("/\.[^\.]*$/", "", $hash); | |
1054 | ||
0c6f7b31 AD |
1055 | if ($hash) { |
1056 | ||
0442cbb6 | 1057 | $filename = CACHE_DIR . '/images/' . $hash; |
0c6f7b31 AD |
1058 | |
1059 | if (file_exists($filename)) { | |
38b3998b AD |
1060 | header("Content-Disposition: inline; filename=\"$hash\""); |
1061 | $mimetype = mime_content_type($filename); | |
0442cbb6 | 1062 | |
0c6f7b31 AD |
1063 | /* See if we can use X-Sendfile */ |
1064 | $xsendfile = false; | |
1065 | if (function_exists('apache_get_modules') && | |
1066 | array_search('mod_xsendfile', apache_get_modules())) | |
1067 | $xsendfile = true; | |
1068 | ||
1069 | if ($xsendfile) { | |
1070 | header("X-Sendfile: $filename"); | |
38b3998b AD |
1071 | header("Content-type: $mimetype"); |
1072 | header('Content-Disposition: inline; filename="' . basename($filename) . '"'); | |
0c6f7b31 | 1073 | } else { |
38b3998b | 1074 | header("Content-type: $mimetype"); |
0c6f7b31 AD |
1075 | $stamp = gmdate("D, d M Y H:i:s", filemtime($filename)). " GMT"; |
1076 | header("Last-Modified: $stamp", true); | |
1077 | readfile($filename); | |
1078 | } | |
1079 | } else { | |
1080 | header($_SERVER["SERVER_PROTOCOL"]." 404 Not Found"); | |
1081 | echo "File not found."; | |
1082 | } | |
1083 | } | |
1084 | } | |
1085 | ||
f75e7c64 | 1086 | private function make_article_tag_uri($id, $timestamp) { |
4b7391de AD |
1087 | |
1088 | $timestamp = date("Y-m-d", strtotime($timestamp)); | |
1089 | ||
1090 | return "tag:" . parse_url(get_self_url_prefix(), PHP_URL_HOST) . ",$timestamp:/$id"; | |
1091 | } | |
4daaf234 AD |
1092 | |
1093 | // this should be used very carefully because this endpoint is exposed to unauthenticated users | |
1094 | // plugin data is not loaded because there's no user context and owner_uid/session may or may not be available | |
1095 | // in general, don't do anything user-related in here and do not modify $_SESSION | |
1096 | public function pluginhandler() { | |
1097 | $host = new PluginHost(); | |
1098 | ||
1099 | $plugin = basename($_REQUEST["plugin"]); | |
1100 | $method = $_REQUEST["pmethod"]; | |
1101 | ||
1102 | $host->load($plugin, PluginHost::KIND_USER, 0); | |
1103 | $host->load_data(); | |
1104 | ||
1105 | $pclass = $host->get_plugin($plugin); | |
1106 | ||
1107 | if ($pclass) { | |
1108 | if (method_exists($pclass, $method)) { | |
1109 | if ($pclass->is_public_method($method)) { | |
1110 | $pclass->$method(); | |
1111 | } else { | |
1112 | header("Content-Type: text/json"); | |
1113 | print error_json(6); | |
1114 | } | |
1115 | } else { | |
1116 | header("Content-Type: text/json"); | |
1117 | print error_json(13); | |
1118 | } | |
1119 | } else { | |
1120 | header("Content-Type: text/json"); | |
1121 | print error_json(14); | |
1122 | } | |
1123 | } | |
5f0a3741 | 1124 | } |
4daaf234 | 1125 | ?> |