[tt-rss.git] / classes / handler / public.php

<?php
class Handler_Public extends Handler {

	private function generate_syndicated_feed($owner_uid, $feed, $is_cat,
		$limit, $search, $search_mode, $match_on, $view_mode = false, $format = 'atom') {

		require_once "lib/MiniTemplator.class.php";

		$note_style = 	"background-color : #fff7d5;
			border-width : 1px; ".
			"padding : 5px; border-style : dashed; border-color : #e7d796;".
			"margin-bottom : 1em; color : #9a8c59;";

		if (!$limit) $limit = 100;

		if (get_pref($this->link, "SORT_HEADLINES_BY_FEED_DATE", $owner_uid)) {
			$date_sort_field = "updated";
		} else {
			$date_sort_field = "date_entered";
		}

		$qfh_ret = queryFeedHeadlines($this->link, $feed,
			$limit, $view_mode, $is_cat, $search, $search_mode,
			$match_on, "$date_sort_field DESC", 0, $owner_uid);

		$result = $qfh_ret[0];
		$feed_title = htmlspecialchars($qfh_ret[1]);
		$feed_site_url = $qfh_ret[2];
		$last_error = $qfh_ret[3];

		$feed_self_url = get_self_url_prefix() .
			"/public.php?op=rss&id=-2&key=" .
			get_feed_access_key($this->link, -2, false, $owner_uid);

		if (!$feed_site_url) $feed_site_url = get_self_url_prefix();

		if ($format == 'atom') {
			$tpl = new MiniTemplator;

			$tpl->readTemplateFromFile("templates/generated_feed.txt");

			$tpl->setVariable('FEED_TITLE', $feed_title, true);
			$tpl->setVariable('VERSION', VERSION, true);
			$tpl->setVariable('FEED_URL', htmlspecialchars($feed_self_url), true);

			if (PUBSUBHUBBUB_HUB && $feed == -2) {
				$tpl->setVariable('HUB_URL', htmlspecialchars(PUBSUBHUBBUB_HUB), true);
				$tpl->addBlock('feed_hub');
			}

			$tpl->setVariable('SELF_URL', htmlspecialchars(get_self_url_prefix()), true);

	 		while ($line = db_fetch_assoc($result)) {
				$tpl->setVariable('ARTICLE_ID', htmlspecialchars($line['link']), true);
				$tpl->setVariable('ARTICLE_LINK', htmlspecialchars($line['link']), true);
				$tpl->setVariable('ARTICLE_TITLE', htmlspecialchars($line['title']), true);
				$tpl->setVariable('ARTICLE_EXCERPT',
					truncate_string(strip_tags($line["content_preview"]), 100, '...'), true);

				$content = sanitize($this->link, $line["content_preview"], false, $owner_uid);

				if ($line['note']) {
					$content = "<div style=\"$note_style\">Article note: " . $line['note'] . "</div>" .
						$content;
				}

				$tpl->setVariable('ARTICLE_CONTENT', $content, true);

				$tpl->setVariable('ARTICLE_UPDATED_ATOM',
					date('c', strtotime($line["updated"])), true);
				$tpl->setVariable('ARTICLE_UPDATED_RFC822',
					date(DATE_RFC822, strtotime($line["updated"])), true);

				$tpl->setVariable('ARTICLE_AUTHOR', htmlspecialchars($line['author']), true);

				$tags = get_article_tags($this->link, $line["id"], $owner_uid);

				foreach ($tags as $tag) {
					$tpl->setVariable('ARTICLE_CATEGORY', htmlspecialchars($tag), true);
					$tpl->addBlock('category');
				}

				$enclosures = get_article_enclosures($this->link, $line["id"]);

				foreach ($enclosures as $e) {
					$type = htmlspecialchars($e['content_type']);
					$url = htmlspecialchars($e['content_url']);
					$length = $e['duration'];

					$tpl->setVariable('ARTICLE_ENCLOSURE_URL', $url, true);
					$tpl->setVariable('ARTICLE_ENCLOSURE_TYPE', $type, true);
					$tpl->setVariable('ARTICLE_ENCLOSURE_LENGTH', $length, true);

					$tpl->addBlock('enclosure');
				}

				$tpl->addBlock('entry');
			}

			$tmp = "";

			$tpl->addBlock('feed');
			$tpl->generateOutputToString($tmp);

			header("Content-Type: text/xml; charset=utf-8");

			print $tmp;
		} else if ($format == 'json') {

			$feed = array();

			$feed['title'] = $feed_title;
			$feed['version'] = VERSION;
			$feed['feed_url'] = $feed_self_url;

			if (PUBSUBHUBBUB_HUB && $feed == -2) {
				$feed['hub_url'] = PUBSUBHUBBUB_HUB;
			}

			$feed['self_url'] = get_self_url_prefix();

			$feed['articles'] = array();

			while ($line = db_fetch_assoc($result)) {
				$article = array();

				$article['id'] = $line['link'];
				$article['link']	= $line['link'];
				$article['title'] = $line['title'];
				$article['excerpt'] = truncate_string(strip_tags($line["content_preview"]), 100, '...');
				$article['content'] = sanitize($this->link, $line["content_preview"], false, $owner_uid);
				$article['updated'] = date('c', strtotime($line["updated"]));

				if ($line['note']) $article['note'] = $line['note'];
				if ($article['author']) $article['author'] = $line['author'];

				$tags = get_article_tags($this->link, $line["id"], $owner_uid);

				if (count($tags) > 0) {
					$article['tags'] = array();

					foreach ($tags as $tag) {
						array_push($article['tags'], $tag);
					}
				}

				$enclosures = get_article_enclosures($this->link, $line["id"]);

				if (count($enclosures) > 0) {
					$article['enclosures'] = array();

					foreach ($enclosures as $e) {
						$type = $e['content_type'];
						$url = $e['content_url'];
						$length = $e['duration'];

						array_push($article['enclosures'], array("url" => $url, "type" => $type, "length" => $length));
					}
				}

				array_push($feed['articles'], $article);
			}

			header("Content-Type: text/plain; charset=utf-8");

			print json_encode($feed);

		} else {
			header("Content-Type: text/plain; charset=utf-8");
			print json_encode(array("error" => array("message" => "Unknown format")));
		}
	}

	function getUnread() {
		$login = db_escape_string($_REQUEST["login"]);
		$fresh = $_REQUEST["fresh"] == "1";

		$result = db_query($this->link, "SELECT id FROM ttrss_users WHERE login = '$login'");

		if (db_num_rows($result) == 1) {
			$uid = db_fetch_result($result, 0, "id");

			print getGlobalUnread($this->link, $uid);

			if ($fresh) {
				print ";";
				print getFeedArticles($this->link, -3, false, true, $uid);
			}

		} else {
			print "-1;User not found";
		}

	}

	function getProfiles() {
		$login = db_escape_string($_REQUEST["login"]);
		$password = db_escape_string($_REQUEST["password"]);

		if (authenticate_user($this->link, $login, $password)) {
			$result = db_query($this->link, "SELECT * FROM ttrss_settings_profiles
				WHERE owner_uid = " . $_SESSION["uid"] . " ORDER BY title");

			print "<select style='width: 100%' name='profile'>";

			print "<option value='0'>" . __("Default profile") . "</option>";

			while ($line = db_fetch_assoc($result)) {
				$id = $line["id"];
				$title = $line["title"];

				print "<option value='$id'>$title</option>";
			}

			print "</select>";

			$_SESSION = array();
		}
	}

	function pubsub() {
		$mode = db_escape_string($_REQUEST['hub_mode']);
		$feed_id = (int) db_escape_string($_REQUEST['id']);
		$feed_url = db_escape_string($_REQUEST['hub_topic']);

		if (!PUBSUBHUBBUB_ENABLED) {
			header('HTTP/1.0 404 Not Found');
			echo "404 Not found";
			return;
		}

		// TODO: implement hub_verifytoken checking

		$result = db_query($this->link, "SELECT feed_url FROM ttrss_feeds
			WHERE id = '$feed_id'");

		if (db_num_rows($result) != 0) {

			$check_feed_url = db_fetch_result($result, 0, "feed_url");

			if ($check_feed_url && ($check_feed_url == $feed_url || !$feed_url)) {
				if ($mode == "subscribe") {

					db_query($this->link, "UPDATE ttrss_feeds SET pubsub_state = 2
						WHERE id = '$feed_id'");

					print $_REQUEST['hub_challenge'];
					return;

				} else if ($mode == "unsubscribe") {

					db_query($this->link, "UPDATE ttrss_feeds SET pubsub_state = 0
						WHERE id = '$feed_id'");

					print $_REQUEST['hub_challenge'];
					return;

				} else if (!$mode) {

					// Received update ping, schedule feed update.
					//update_rss_feed($this->link, $feed_id, true, true);

					db_query($this->link, "UPDATE ttrss_feeds SET
						last_update_started = '1970-01-01',
						last_updated = '1970-01-01' WHERE id = '$feed_id'");

				}
			} else {
				header('HTTP/1.0 404 Not Found');
				echo "404 Not found";
			}
		} else {
			header('HTTP/1.0 404 Not Found');
			echo "404 Not found";
		}

	}

	function logout() {
		logout_user();
		header("Location: index.php");
	}

	function fbexport() {

		$access_key = db_escape_string($_POST["key"]);

		// TODO: rate limit checking using last_connected
		$result = db_query($this->link, "SELECT id FROM ttrss_linked_instances
			WHERE access_key = '$access_key'");

		if (db_num_rows($result) == 1) {

			$instance_id = db_fetch_result($result, 0, "id");

			$result = db_query($this->link, "SELECT feed_url, site_url, title, subscribers
				FROM ttrss_feedbrowser_cache ORDER BY subscribers DESC LIMIT 100");

			$feeds = array();

			while ($line = db_fetch_assoc($result)) {
				array_push($feeds, $line);
			}

			db_query($this->link, "UPDATE ttrss_linked_instances SET
				last_status_in = 1 WHERE id = '$instance_id'");

			print json_encode(array("feeds" => $feeds));
		} else {
			print json_encode(array("error" => array("code" => 6)));
		}
	}

	function share() {
		$uuid = db_escape_string($_REQUEST["key"]);

		$result = db_query($this->link, "SELECT ref_id, owner_uid FROM ttrss_user_entries WHERE
			uuid = '$uuid'");

		if (db_num_rows($result) != 0) {
			header("Content-Type: text/html");

			$id = db_fetch_result($result, 0, "ref_id");
			$owner_uid = db_fetch_result($result, 0, "owner_uid");

			$article = format_article($this->link, $id, false, true, $owner_uid);

			print_r($article['content']);

		} else {
			print "Article not found.";
		}

	}

	function rss() {
		$feed = db_escape_string($_REQUEST["id"]);
		$key = db_escape_string($_REQUEST["key"]);
		$is_cat = $_REQUEST["is_cat"] != false;
		$limit = (int)db_escape_string($_REQUEST["limit"]);

		$search = db_escape_string($_REQUEST["q"]);
		$match_on = db_escape_string($_REQUEST["m"]);
		$search_mode = db_escape_string($_REQUEST["smode"]);
		$view_mode = db_escape_string($_REQUEST["view-mode"]);

		$format = db_escape_string($_REQUEST['format']);

		if (!$format) $format = 'atom';

		if (SINGLE_USER_MODE) {
			authenticate_user($this->link, "admin", null);
		}

		$owner_id = false;

		if ($key) {
			$result = db_query($this->link, "SELECT owner_uid FROM
				ttrss_access_keys WHERE access_key = '$key' AND feed_id = '$feed'");

			if (db_num_rows($result) == 1)
				$owner_id = db_fetch_result($result, 0, "owner_uid");
		}

		if ($owner_id) {
			$this->generate_syndicated_feed($owner_id, $feed, $is_cat, $limit,
				$search, $search_mode, $match_on, $view_mode, $format);
		} else {
			header('HTTP/1.1 403 Forbidden');
		}
	}

	function globalUpdateFeeds() {
		include "rssfuncs.php";
		// Update all feeds needing a update.
		update_daemon_common($this->link, 0, true, false);
	}

	function sharepopup() {
		header('Content-Type: text/html; charset=utf-8');
		print "<html>
				<head>
					<title>Tiny Tiny RSS</title>
					<link rel=\"stylesheet\" type=\"text/css\" href=\"utility.css\">
					<script type=\"text/javascript\" src=\"lib/prototype.js\"></script>
					<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/>
				</head>
				<body id='sharepopup'>";

		$action = $_REQUEST["action"];

		if ($_SESSION["uid"]) {

			if (!$action) {

				print "<table height='100%' width='100%'><tr><td colspan='2'>";
				print "<h1>".__("Share with Tiny Tiny RSS")."</h1>";
				print "</td></tr>";

				print "<form id='share_form' name='share_form'>";

				print "<input type=\"hidden\" name=\"op\" value=\"sharepopup\">";
				print "<input type=\"hidden\" name=\"action\" value=\"share\">";

				$title = htmlspecialchars($_REQUEST["title"]);
				$url = htmlspecialchars($_REQUEST["url"]);

				print "<tr><td>".__("Title:")."</td><td width='80%'><input name='title' value=\"$title\"></td></tr>";
				print "<tr><td>".__("URL:")."</td><td><input name='url' value=\"$url\"></td></tr>";
				print "<tr><td>".__("Content:")."</td><td><input name='content' value=\"\"></td></tr>";

				print "<script type='text/javascript'>";
				print "document.forms[0].title.focus();";
				print "</script>";

				print "<tr><td colspan='2'>
					<div style='float : right' class='insensitive-small'>".
					__("Shared article will appear in the Published feed.").
					"</div><button type=\"submit\">".
						__('Share')."</button>
					<button onclick=\"return window.close()\">".
						__('Cancel')."</button>
					</div>";

				print "</form>";
				print "</td></tr></table>";

				print "</body></html>";

			} else {

				$title = db_escape_string(strip_tags($_REQUEST["title"]));
				$url = db_escape_string(strip_tags($_REQUEST["url"]));
				$content = db_escape_string(strip_tags($_REQUEST["content"]));

				create_published_article($this->link, $title, $url, $content, $_SESSION["uid"]);

				print "<script type='text/javascript'>";
				print "window.close();";
				print "</script>";
			}

		} else {

			print "<table><tr><td>" . __("Not logged in.") . "</td></tr></table>";

		}
	}

}
?>
Commit	Line	Data
5f0a3741	1	<?php
369dbc19	2	class Handler_Public extends Handler {
5f0a3741	3
79178062	4	private function generate_syndicated_feed($owner_uid, $feed, $is_cat,
2ebf38a9	5	$limit, $search, $search_mode, $match_on, $view_mode = false, $format = 'atom') {
79178062 AD	6
	7	require_once "lib/MiniTemplator.class.php";
	8
	9	$note_style = "background-color : #fff7d5;
	10	border-width : 1px; ".
	11	"padding : 5px; border-style : dashed; border-color : #e7d796;".
	12	"margin-bottom : 1em; color : #9a8c59;";
	13
c3d2cda8	14	if (!$limit) $limit = 100;
79178062 AD	15
	16	if (get_pref($this->link, "SORT_HEADLINES_BY_FEED_DATE", $owner_uid)) {
	17	$date_sort_field = "updated";
	18	} else {
	19	$date_sort_field = "date_entered";
	20	}
	21
	22	$qfh_ret = queryFeedHeadlines($this->link, $feed,
	23	$limit, $view_mode, $is_cat, $search, $search_mode,
	24	$match_on, "$date_sort_field DESC", 0, $owner_uid);
	25
	26	$result = $qfh_ret[0];
	27	$feed_title = htmlspecialchars($qfh_ret[1]);
	28	$feed_site_url = $qfh_ret[2];
	29	$last_error = $qfh_ret[3];
	30
	31	$feed_self_url = get_self_url_prefix() .
	32	"/public.php?op=rss&id=-2&key=" .
2fb947eb	33	get_feed_access_key($this->link, -2, false, $owner_uid);
79178062 AD	34
	35	if (!$feed_site_url) $feed_site_url = get_self_url_prefix();
	36
2ebf38a9 AD	37	if ($format == 'atom') {
2ebf38a9 AD	38	$tpl = new MiniTemplator;
79178062	39
2ebf38a9	40	$tpl->readTemplateFromFile("templates/generated_feed.txt");
79178062	41
2ebf38a9 AD	42	$tpl->setVariable('FEED_TITLE', $feed_title, true);
	43	$tpl->setVariable('VERSION', VERSION, true);
	44	$tpl->setVariable('FEED_URL', htmlspecialchars($feed_self_url), true);
79178062	45
2ebf38a9 AD	46	if (PUBSUBHUBBUB_HUB && $feed == -2) {
	47	$tpl->setVariable('HUB_URL', htmlspecialchars(PUBSUBHUBBUB_HUB), true);
	48	$tpl->addBlock('feed_hub');
	49	}
79178062	50
2ebf38a9	51	$tpl->setVariable('SELF_URL', htmlspecialchars(get_self_url_prefix()), true);
79178062	52
2ebf38a9 AD	53	while ($line = db_fetch_assoc($result)) {
	54	$tpl->setVariable('ARTICLE_ID', htmlspecialchars($line['link']), true);
	55	$tpl->setVariable('ARTICLE_LINK', htmlspecialchars($line['link']), true);
	56	$tpl->setVariable('ARTICLE_TITLE', htmlspecialchars($line['title']), true);
	57	$tpl->setVariable('ARTICLE_EXCERPT',
	58	truncate_string(strip_tags($line["content_preview"]), 100, '...'), true);
79178062	59
2ebf38a9	60	$content = sanitize($this->link, $line["content_preview"], false, $owner_uid);
79178062	61
2ebf38a9 AD	62	if ($line['note']) {
	63	$content = "<div style=\"$note_style\">Article note: " . $line['note'] . "</div>" .
	64	$content;
	65	}
	66
	67	$tpl->setVariable('ARTICLE_CONTENT', $content, true);
	68
	69	$tpl->setVariable('ARTICLE_UPDATED_ATOM',
	70	date('c', strtotime($line["updated"])), true);
	71	$tpl->setVariable('ARTICLE_UPDATED_RFC822',
	72	date(DATE_RFC822, strtotime($line["updated"])), true);
	73
	74	$tpl->setVariable('ARTICLE_AUTHOR', htmlspecialchars($line['author']), true);
	75
	76	$tags = get_article_tags($this->link, $line["id"], $owner_uid);
	77
	78	foreach ($tags as $tag) {
	79	$tpl->setVariable('ARTICLE_CATEGORY', htmlspecialchars($tag), true);
	80	$tpl->addBlock('category');
	81	}
79178062	82
2ebf38a9	83	$enclosures = get_article_enclosures($this->link, $line["id"]);
79178062	84
2ebf38a9 AD	85	foreach ($enclosures as $e) {
	86	$type = htmlspecialchars($e['content_type']);
	87	$url = htmlspecialchars($e['content_url']);
	88	$length = $e['duration'];
9c97041d	89
2ebf38a9 AD	90	$tpl->setVariable('ARTICLE_ENCLOSURE_URL', $url, true);
	91	$tpl->setVariable('ARTICLE_ENCLOSURE_TYPE', $type, true);
	92	$tpl->setVariable('ARTICLE_ENCLOSURE_LENGTH', $length, true);
79178062	93
2ebf38a9 AD	94	$tpl->addBlock('enclosure');
2ebf38a9 AD	95	}
79178062	96
2ebf38a9	97	$tpl->addBlock('entry');
79178062 AD	98	}
79178062 AD	99
2ebf38a9 AD	100	$tmp = "";
	101
	102	$tpl->addBlock('feed');
	103	$tpl->generateOutputToString($tmp);
	104
	105	header("Content-Type: text/xml; charset=utf-8");
	106
	107	print $tmp;
	108	} else if ($format == 'json') {
79178062	109
2ebf38a9	110	$feed = array();
79178062	111
2ebf38a9 AD	112	$feed['title'] = $feed_title;
	113	$feed['version'] = VERSION;
	114	$feed['feed_url'] = $feed_self_url;
79178062	115
2ebf38a9 AD	116	if (PUBSUBHUBBUB_HUB && $feed == -2) {
2ebf38a9 AD	117	$feed['hub_url'] = PUBSUBHUBBUB_HUB;
79178062 AD	118	}
79178062 AD	119
2ebf38a9 AD	120	$feed['self_url'] = get_self_url_prefix();
	121
	122	$feed['articles'] = array();
	123
	124	while ($line = db_fetch_assoc($result)) {
	125	$article = array();
79178062	126
2ebf38a9 AD	127	$article['id'] = $line['link'];
	128	$article['link'] = $line['link'];
	129	$article['title'] = $line['title'];
	130	$article['excerpt'] = truncate_string(strip_tags($line["content_preview"]), 100, '...');
	131	$article['content'] = sanitize($this->link, $line["content_preview"], false, $owner_uid);
	132	$article['updated'] = date('c', strtotime($line["updated"]));
79178062	133
2ebf38a9 AD	134	if ($line['note']) $article['note'] = $line['note'];
2ebf38a9 AD	135	if ($article['author']) $article['author'] = $line['author'];
79178062	136
2ebf38a9 AD	137	$tags = get_article_tags($this->link, $line["id"], $owner_uid);
	138
	139	if (count($tags) > 0) {
	140	$article['tags'] = array();
	141
	142	foreach ($tags as $tag) {
	143	array_push($article['tags'], $tag);
	144	}
	145	}
	146
	147	$enclosures = get_article_enclosures($this->link, $line["id"]);
	148
	149	if (count($enclosures) > 0) {
	150	$article['enclosures'] = array();
	151
	152	foreach ($enclosures as $e) {
	153	$type = $e['content_type'];
	154	$url = $e['content_url'];
	155	$length = $e['duration'];
	156
	157	array_push($article['enclosures'], array("url" => $url, "type" => $type, "length" => $length));
	158	}
	159	}
	160
	161	array_push($feed['articles'], $article);
	162	}
	163
	164	header("Content-Type: text/plain; charset=utf-8");
	165
	166	print json_encode($feed);
	167
	168	} else {
	169	header("Content-Type: text/plain; charset=utf-8");
	170	print json_encode(array("error" => array("message" => "Unknown format")));
	171	}
79178062 AD	172	}
79178062 AD	173
5f0a3741 AD	174	function getUnread() {
	175	$login = db_escape_string($_REQUEST["login"]);
	176	$fresh = $_REQUEST["fresh"] == "1";
	177
	178	$result = db_query($this->link, "SELECT id FROM ttrss_users WHERE login = '$login'");
	179
	180	if (db_num_rows($result) == 1) {
	181	$uid = db_fetch_result($result, 0, "id");
	182
	183	print getGlobalUnread($this->link, $uid);
	184
	185	if ($fresh) {
	186	print ";";
	187	print getFeedArticles($this->link, -3, false, true, $uid);
	188	}
	189
	190	} else {
	191	print "-1;User not found";
	192	}
	193
	194	}
	195
	196	function getProfiles() {
	197	$login = db_escape_string($_REQUEST["login"]);
	198	$password = db_escape_string($_REQUEST["password"]);
	199
	200	if (authenticate_user($this->link, $login, $password)) {
	201	$result = db_query($this->link, "SELECT * FROM ttrss_settings_profiles
	202	WHERE owner_uid = " . $_SESSION["uid"] . " ORDER BY title");
	203
	204	print "<select style='width: 100%' name='profile'>";
	205
	206	print "<option value='0'>" . __("Default profile") . "</option>";
	207
	208	while ($line = db_fetch_assoc($result)) {
	209	$id = $line["id"];
	210	$title = $line["title"];
	211
	212	print "<option value='$id'>$title</option>";
	213	}
	214
	215	print "</select>";
	216
	217	$_SESSION = array();
	218	}
	219	}
	220
	221	function pubsub() {
	222	$mode = db_escape_string($_REQUEST['hub_mode']);
	223	$feed_id = (int) db_escape_string($_REQUEST['id']);
	224	$feed_url = db_escape_string($_REQUEST['hub_topic']);
	225
	226	if (!PUBSUBHUBBUB_ENABLED) {
	227	header('HTTP/1.0 404 Not Found');
	228	echo "404 Not found";
	229	return;
	230	}
	231
	232	// TODO: implement hub_verifytoken checking
	233
	234	$result = db_query($this->link, "SELECT feed_url FROM ttrss_feeds
	235	WHERE id = '$feed_id'");
	236
	237	if (db_num_rows($result) != 0) {
238
239	$check_feed_url = db_fetch_result($result, 0, "feed_url");
240
241	if ($check_feed_url && ($check_feed_url == $feed_url \|\| !$feed_url)) {
242	if ($mode == "subscribe") {
243
244	db_query($this->link, "UPDATE ttrss_feeds SET pubsub_state = 2
245	WHERE id = '$feed_id'");
246
247	print $_REQUEST['hub_challenge'];
248	return;
249
250	} else if ($mode == "unsubscribe") {
251
252	db_query($this->link, "UPDATE ttrss_feeds SET pubsub_state = 0
253	WHERE id = '$feed_id'");
254
255	print $_REQUEST['hub_challenge'];
256	return;
257
258	} else if (!$mode) {
259
260	// Received update ping, schedule feed update.
261	//update_rss_feed($this->link, $feed_id, true, true);
262
263	db_query($this->link, "UPDATE ttrss_feeds SET
264	last_update_started = '1970-01-01',
265	last_updated = '1970-01-01' WHERE id = '$feed_id'");
266
267	}
268	} else {
269	header('HTTP/1.0 404 Not Found');
270	echo "404 Not found";
271	}
272	} else {
273	header('HTTP/1.0 404 Not Found');
274	echo "404 Not found";
275	}
276
277	}
278
279	function logout() {
280	logout_user();
281	header("Location: index.php");
282	}
283
284	function fbexport() {
285
286	$access_key = db_escape_string($_POST["key"]);
287
288	// TODO: rate limit checking using last_connected
289	$result = db_query($this->link, "SELECT id FROM ttrss_linked_instances
290	WHERE access_key = '$access_key'");
291
292	if (db_num_rows($result) == 1) {
293
294	$instance_id = db_fetch_result($result, 0, "id");
295
296	$result = db_query($this->link, "SELECT feed_url, site_url, title, subscribers
297	FROM ttrss_feedbrowser_cache ORDER BY subscribers DESC LIMIT 100");
298
299	$feeds = array();
300
301	while ($line = db_fetch_assoc($result)) {
302	array_push($feeds, $line);
303	}
304
305	db_query($this->link, "UPDATE ttrss_linked_instances SET
306	last_status_in = 1 WHERE id = '$instance_id'");
307
308	print json_encode(array("feeds" => $feeds));
309	} else {
310	print json_encode(array("error" => array("code" => 6)));
311	}
312	}
313
314	function share() {
315	$uuid = db_escape_string($_REQUEST["key"]);
316
317	$result = db_query($this->link, "SELECT ref_id, owner_uid FROM ttrss_user_entries WHERE
318	uuid = '$uuid'");
319
320	if (db_num_rows($result) != 0) {
321	header("Content-Type: text/html");
322
323	$id = db_fetch_result($result, 0, "ref_id");
324	$owner_uid = db_fetch_result($result, 0, "owner_uid");
325
64436e10	326	$article = format_article($this->link, $id, false, true, $owner_uid);
5f0a3741 AD	327
	328	print_r($article['content']);
	329
	330	} else {
	331	print "Article not found.";
	332	}
	333
	334	}
	335
	336	function rss() {
5f0a3741 AD	337	$feed = db_escape_string($_REQUEST["id"]);
	338	$key = db_escape_string($_REQUEST["key"]);
	339	$is_cat = $_REQUEST["is_cat"] != false;
	340	$limit = (int)db_escape_string($_REQUEST["limit"]);
	341
	342	$search = db_escape_string($_REQUEST["q"]);
	343	$match_on = db_escape_string($_REQUEST["m"]);
	344	$search_mode = db_escape_string($_REQUEST["smode"]);
	345	$view_mode = db_escape_string($_REQUEST["view-mode"]);
	346
2ebf38a9 AD	347	$format = db_escape_string($_REQUEST['format']);
	348
	349	if (!$format) $format = 'atom';
	350
5f0a3741 AD	351	if (SINGLE_USER_MODE) {
	352	authenticate_user($this->link, "admin", null);
	353	}
	354
	355	$owner_id = false;
	356
	357	if ($key) {
	358	$result = db_query($this->link, "SELECT owner_uid FROM
	359	ttrss_access_keys WHERE access_key = '$key' AND feed_id = '$feed'");
	360
	361	if (db_num_rows($result) == 1)
	362	$owner_id = db_fetch_result($result, 0, "owner_uid");
	363	}
	364
	365	if ($owner_id) {
2fb947eb	366	$this->generate_syndicated_feed($owner_id, $feed, $is_cat, $limit,
2ebf38a9	367	$search, $search_mode, $match_on, $view_mode, $format);
5f0a3741 AD	368	} else {
	369	header('HTTP/1.1 403 Forbidden');
	370	}
	371	}
	372
07391e36 AD	373	function globalUpdateFeeds() {
07391e36 AD	374	include "rssfuncs.php";
5f0a3741	375	// Update all feeds needing a update.
036cd3a4	376	update_daemon_common($this->link, 0, true, false);
07391e36	377	}
8361e724 AD	378
	379	function sharepopup() {
	380	header('Content-Type: text/html; charset=utf-8');
	381	print "<html>
	382	<head>
	383	<title>Tiny Tiny RSS</title>
	384	<link rel=\"stylesheet\" type=\"text/css\" href=\"utility.css\">
	385	<script type=\"text/javascript\" src=\"lib/prototype.js\"></script>
	386	<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/>
	387	</head>
	388	<body id='sharepopup'>";
	389
	390	$action = $_REQUEST["action"];
	391
	392	if ($_SESSION["uid"]) {
	393
	394	if (!$action) {
	395
	396	print "<table height='100%' width='100%'><tr><td colspan='2'>";
50b8b503	397	print "<h1>".__("Share with Tiny Tiny RSS")."</h1>";
8361e724 AD	398	print "</td></tr>";
	399
	400	print "<form id='share_form' name='share_form'>";
	401
	402	print "<input type=\"hidden\" name=\"op\" value=\"sharepopup\">";
	403	print "<input type=\"hidden\" name=\"action\" value=\"share\">";
	404
	405	$title = htmlspecialchars($_REQUEST["title"]);
	406	$url = htmlspecialchars($_REQUEST["url"]);
	407
	408	print "<tr><td>".__("Title:")."</td><td width='80%'><input name='title' value=\"$title\"></td></tr>";
	409	print "<tr><td>".__("URL:")."</td><td><input name='url' value=\"$url\"></td></tr>";
	410	print "<tr><td>".__("Content:")."</td><td><input name='content' value=\"\"></td></tr>";
	411
	412	print "<script type='text/javascript'>";
	413	print "document.forms[0].title.focus();";
	414	print "</script>";
	415
	416	print "<tr><td colspan='2'>
50b8b503 AD	417	<div style='float : right' class='insensitive-small'>".
	418	__("Shared article will appear in the Published feed.").
	419	"</div><button type=\"submit\">".
	420	__('Share')."</button>
8361e724 AD	421	<button onclick=\"return window.close()\">".
	422	__('Cancel')."</button>
	423	</div>";
	424
	425	print "</form>";
	426	print "</td></tr></table>";
	427
	428	print "</body></html>";
	429
	430	} else {
	431
	432	$title = db_escape_string(strip_tags($_REQUEST["title"]));
	433	$url = db_escape_string(strip_tags($_REQUEST["url"]));
	434	$content = db_escape_string(strip_tags($_REQUEST["content"]));
	435
	436	create_published_article($this->link, $title, $url, $content, $_SESSION["uid"]);
	437
	438	print "<script type='text/javascript'>";
	439	print "window.close();";
	440	print "</script>";
	441	}
	442
	443	} else {
	444
	445	print "<table><tr><td>" . __("Not logged in.") . "</td></tr></table>";
	446
	447	}
	448	}
	449
5f0a3741 AD	450	}
5f0a3741 AD	451	?>