]>
Commit | Line | Data |
---|---|---|
5f0a3741 | 1 | <?php |
369dbc19 | 2 | class Handler_Public extends Handler { |
5f0a3741 | 3 | |
79178062 | 4 | private function generate_syndicated_feed($owner_uid, $feed, $is_cat, |
ca5d9be4 | 5 | $limit, $offset, $search, $search_mode, |
fcf6bfba | 6 | $view_mode = false, $format = 'atom', $order = false, $orig_guid = false) { |
79178062 AD |
7 | |
8 | require_once "lib/MiniTemplator.class.php"; | |
9 | ||
10 | $note_style = "background-color : #fff7d5; | |
11 | border-width : 1px; ". | |
12 | "padding : 5px; border-style : dashed; border-color : #e7d796;". | |
13 | "margin-bottom : 1em; color : #9a8c59;"; | |
14 | ||
2faef834 | 15 | if (!$limit) $limit = 60; |
79178062 | 16 | |
8aa01d79 | 17 | $date_sort_field = "date_entered DESC, updated DESC"; |
79178062 | 18 | |
008ebad9 | 19 | if ($feed == -2) |
7ef7dd31 | 20 | $date_sort_field = "last_published DESC"; |
feb9b2df | 21 | else if ($feed == -1) |
7ef7dd31 | 22 | $date_sort_field = "last_marked DESC"; |
008ebad9 | 23 | |
25051fb8 AD |
24 | switch ($order) { |
25 | case "title": | |
26 | $date_sort_field = "ttrss_entries.title"; | |
27 | break; | |
28 | case "date_reverse": | |
29 | $date_sort_field = "date_entered, updated"; | |
30 | break; | |
31 | case "feed_dates": | |
32 | $date_sort_field = "updated DESC"; | |
33 | break; | |
34 | } | |
35 | ||
a42c55f0 | 36 | $qfh_ret = queryFeedHeadlines($feed, |
2e35a707 AD |
37 | 1, $view_mode, $is_cat, $search, $search_mode, |
38 | $date_sort_field, $offset, $owner_uid, | |
39 | false, 0, false, true); | |
40 | ||
41 | $result = $qfh_ret[0]; | |
42 | ||
d9c85e0f AD |
43 | if ($this->dbh->num_rows($result) != 0) { |
44 | $ts = strtotime($this->dbh->fetch_result($result, 0, "date_entered")); | |
2e35a707 AD |
45 | |
46 | if (isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) && | |
d6ba77f3 | 47 | strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE']) >= $ts) { |
2e35a707 AD |
48 | header('HTTP/1.0 304 Not Modified'); |
49 | return; | |
50 | } | |
51 | ||
52 | $last_modified = gmdate("D, d M Y H:i:s", $ts) . " GMT"; | |
53 | header("Last-Modified: $last_modified", true); | |
54 | } | |
55 | ||
a42c55f0 | 56 | $qfh_ret = queryFeedHeadlines($feed, |
79178062 | 57 | $limit, $view_mode, $is_cat, $search, $search_mode, |
8aa01d79 | 58 | $date_sort_field, $offset, $owner_uid, |
6b3f228f | 59 | false, 0, false, true); |
79178062 | 60 | |
2e35a707 | 61 | |
79178062 AD |
62 | $result = $qfh_ret[0]; |
63 | $feed_title = htmlspecialchars($qfh_ret[1]); | |
64 | $feed_site_url = $qfh_ret[2]; | |
65 | $last_error = $qfh_ret[3]; | |
66 | ||
67 | $feed_self_url = get_self_url_prefix() . | |
68 | "/public.php?op=rss&id=-2&key=" . | |
a42c55f0 | 69 | get_feed_access_key(-2, false, $owner_uid); |
79178062 AD |
70 | |
71 | if (!$feed_site_url) $feed_site_url = get_self_url_prefix(); | |
72 | ||
2ebf38a9 AD |
73 | if ($format == 'atom') { |
74 | $tpl = new MiniTemplator; | |
79178062 | 75 | |
2ebf38a9 | 76 | $tpl->readTemplateFromFile("templates/generated_feed.txt"); |
79178062 | 77 | |
2ebf38a9 AD |
78 | $tpl->setVariable('FEED_TITLE', $feed_title, true); |
79 | $tpl->setVariable('VERSION', VERSION, true); | |
80 | $tpl->setVariable('FEED_URL', htmlspecialchars($feed_self_url), true); | |
79178062 | 81 | |
2ebf38a9 AD |
82 | if (PUBSUBHUBBUB_HUB && $feed == -2) { |
83 | $tpl->setVariable('HUB_URL', htmlspecialchars(PUBSUBHUBBUB_HUB), true); | |
84 | $tpl->addBlock('feed_hub'); | |
85 | } | |
79178062 | 86 | |
2ebf38a9 | 87 | $tpl->setVariable('SELF_URL', htmlspecialchars(get_self_url_prefix()), true); |
79178062 | 88 | |
d9c85e0f | 89 | while ($line = $this->dbh->fetch_assoc($result)) { |
2e35a707 | 90 | |
fcf6bfba AD |
91 | $tpl->setVariable('ARTICLE_ID', |
92 | htmlspecialchars($orig_guid ? $line['link'] : | |
93 | get_self_url_prefix() . | |
94 | "/public.php?url=" . urlencode($line['link'])), true); | |
2ebf38a9 AD |
95 | $tpl->setVariable('ARTICLE_LINK', htmlspecialchars($line['link']), true); |
96 | $tpl->setVariable('ARTICLE_TITLE', htmlspecialchars($line['title']), true); | |
97 | $tpl->setVariable('ARTICLE_EXCERPT', | |
98 | truncate_string(strip_tags($line["content_preview"]), 100, '...'), true); | |
79178062 | 99 | |
a42c55f0 | 100 | $content = sanitize($line["content_preview"], false, $owner_uid); |
79178062 | 101 | |
2ebf38a9 AD |
102 | if ($line['note']) { |
103 | $content = "<div style=\"$note_style\">Article note: " . $line['note'] . "</div>" . | |
104 | $content; | |
e9c6e27d | 105 | $tpl->setVariable('ARTICLE_NOTE', htmlspecialchars($line['note']), true); |
106 | } | |
2ebf38a9 AD |
107 | |
108 | $tpl->setVariable('ARTICLE_CONTENT', $content, true); | |
109 | ||
110 | $tpl->setVariable('ARTICLE_UPDATED_ATOM', | |
111 | date('c', strtotime($line["updated"])), true); | |
112 | $tpl->setVariable('ARTICLE_UPDATED_RFC822', | |
113 | date(DATE_RFC822, strtotime($line["updated"])), true); | |
114 | ||
115 | $tpl->setVariable('ARTICLE_AUTHOR', htmlspecialchars($line['author']), true); | |
fcf6bfba AD |
116 | |
117 | $tpl->setVariable('ARTICLE_SOURCE_LINK', htmlspecialchars($line['site_url']), true); | |
ab10707f | 118 | $tpl->setVariable('ARTICLE_SOURCE_TITLE', htmlspecialchars($line['feed_title']), true); |
2ebf38a9 | 119 | |
a42c55f0 | 120 | $tags = get_article_tags($line["id"], $owner_uid); |
2ebf38a9 AD |
121 | |
122 | foreach ($tags as $tag) { | |
123 | $tpl->setVariable('ARTICLE_CATEGORY', htmlspecialchars($tag), true); | |
124 | $tpl->addBlock('category'); | |
125 | } | |
79178062 | 126 | |
a42c55f0 | 127 | $enclosures = get_article_enclosures($line["id"]); |
79178062 | 128 | |
2ebf38a9 AD |
129 | foreach ($enclosures as $e) { |
130 | $type = htmlspecialchars($e['content_type']); | |
131 | $url = htmlspecialchars($e['content_url']); | |
132 | $length = $e['duration']; | |
9c97041d | 133 | |
2ebf38a9 AD |
134 | $tpl->setVariable('ARTICLE_ENCLOSURE_URL', $url, true); |
135 | $tpl->setVariable('ARTICLE_ENCLOSURE_TYPE', $type, true); | |
136 | $tpl->setVariable('ARTICLE_ENCLOSURE_LENGTH', $length, true); | |
79178062 | 137 | |
2ebf38a9 AD |
138 | $tpl->addBlock('enclosure'); |
139 | } | |
79178062 | 140 | |
2ebf38a9 | 141 | $tpl->addBlock('entry'); |
79178062 AD |
142 | } |
143 | ||
2ebf38a9 AD |
144 | $tmp = ""; |
145 | ||
146 | $tpl->addBlock('feed'); | |
147 | $tpl->generateOutputToString($tmp); | |
148 | ||
10bdeb4b AD |
149 | if (@!$_REQUEST["noxml"]) { |
150 | header("Content-Type: text/xml; charset=utf-8"); | |
151 | } else { | |
152 | header("Content-Type: text/plain; charset=utf-8"); | |
153 | } | |
2ebf38a9 AD |
154 | |
155 | print $tmp; | |
156 | } else if ($format == 'json') { | |
79178062 | 157 | |
2ebf38a9 | 158 | $feed = array(); |
79178062 | 159 | |
2ebf38a9 AD |
160 | $feed['title'] = $feed_title; |
161 | $feed['version'] = VERSION; | |
162 | $feed['feed_url'] = $feed_self_url; | |
79178062 | 163 | |
2ebf38a9 AD |
164 | if (PUBSUBHUBBUB_HUB && $feed == -2) { |
165 | $feed['hub_url'] = PUBSUBHUBBUB_HUB; | |
79178062 AD |
166 | } |
167 | ||
2ebf38a9 AD |
168 | $feed['self_url'] = get_self_url_prefix(); |
169 | ||
170 | $feed['articles'] = array(); | |
171 | ||
d9c85e0f | 172 | while ($line = $this->dbh->fetch_assoc($result)) { |
2ebf38a9 | 173 | $article = array(); |
79178062 | 174 | |
2ebf38a9 AD |
175 | $article['id'] = $line['link']; |
176 | $article['link'] = $line['link']; | |
177 | $article['title'] = $line['title']; | |
178 | $article['excerpt'] = truncate_string(strip_tags($line["content_preview"]), 100, '...'); | |
a42c55f0 | 179 | $article['content'] = sanitize($line["content_preview"], false, $owner_uid); |
2ebf38a9 | 180 | $article['updated'] = date('c', strtotime($line["updated"])); |
79178062 | 181 | |
2ebf38a9 AD |
182 | if ($line['note']) $article['note'] = $line['note']; |
183 | if ($article['author']) $article['author'] = $line['author']; | |
79178062 | 184 | |
a42c55f0 | 185 | $tags = get_article_tags($line["id"], $owner_uid); |
2ebf38a9 AD |
186 | |
187 | if (count($tags) > 0) { | |
188 | $article['tags'] = array(); | |
189 | ||
190 | foreach ($tags as $tag) { | |
191 | array_push($article['tags'], $tag); | |
192 | } | |
193 | } | |
194 | ||
a42c55f0 | 195 | $enclosures = get_article_enclosures($line["id"]); |
2ebf38a9 AD |
196 | |
197 | if (count($enclosures) > 0) { | |
198 | $article['enclosures'] = array(); | |
199 | ||
200 | foreach ($enclosures as $e) { | |
201 | $type = $e['content_type']; | |
202 | $url = $e['content_url']; | |
203 | $length = $e['duration']; | |
204 | ||
205 | array_push($article['enclosures'], array("url" => $url, "type" => $type, "length" => $length)); | |
206 | } | |
207 | } | |
208 | ||
209 | array_push($feed['articles'], $article); | |
210 | } | |
211 | ||
10bdeb4b | 212 | header("Content-Type: text/json; charset=utf-8"); |
2ebf38a9 AD |
213 | print json_encode($feed); |
214 | ||
215 | } else { | |
216 | header("Content-Type: text/plain; charset=utf-8"); | |
217 | print json_encode(array("error" => array("message" => "Unknown format"))); | |
218 | } | |
79178062 AD |
219 | } |
220 | ||
5f0a3741 | 221 | function getUnread() { |
d9c85e0f | 222 | $login = $this->dbh->escape_string($_REQUEST["login"]); |
5f0a3741 AD |
223 | $fresh = $_REQUEST["fresh"] == "1"; |
224 | ||
d9c85e0f | 225 | $result = $this->dbh->query("SELECT id FROM ttrss_users WHERE login = '$login'"); |
5f0a3741 | 226 | |
d9c85e0f AD |
227 | if ($this->dbh->num_rows($result) == 1) { |
228 | $uid = $this->dbh->fetch_result($result, 0, "id"); | |
5f0a3741 | 229 | |
a42c55f0 | 230 | print getGlobalUnread($uid); |
5f0a3741 AD |
231 | |
232 | if ($fresh) { | |
233 | print ";"; | |
a42c55f0 | 234 | print getFeedArticles(-3, false, true, $uid); |
5f0a3741 AD |
235 | } |
236 | ||
237 | } else { | |
238 | print "-1;User not found"; | |
239 | } | |
240 | ||
241 | } | |
242 | ||
243 | function getProfiles() { | |
d9c85e0f | 244 | $login = $this->dbh->escape_string($_REQUEST["login"]); |
5f0a3741 | 245 | |
0806d68b | 246 | $result = $this->dbh->query("SELECT ttrss_settings_profiles.* FROM ttrss_settings_profiles,ttrss_users |
97acbaf1 | 247 | WHERE ttrss_users.id = ttrss_settings_profiles.owner_uid AND login = '$login' ORDER BY title"); |
5f0a3741 | 248 | |
eeee2ccf | 249 | print "<select dojoType='dijit.form.Select' style='width : 220px; margin : 0px' name='profile'>"; |
5f0a3741 | 250 | |
97acbaf1 | 251 | print "<option value='0'>" . __("Default profile") . "</option>"; |
5f0a3741 | 252 | |
d9c85e0f | 253 | while ($line = $this->dbh->fetch_assoc($result)) { |
97acbaf1 AD |
254 | $id = $line["id"]; |
255 | $title = $line["title"]; | |
5f0a3741 | 256 | |
97acbaf1 | 257 | print "<option value='$id'>$title</option>"; |
5f0a3741 | 258 | } |
97acbaf1 AD |
259 | |
260 | print "</select>"; | |
5f0a3741 AD |
261 | } |
262 | ||
263 | function pubsub() { | |
d9c85e0f AD |
264 | $mode = $this->dbh->escape_string($_REQUEST['hub_mode']); |
265 | $feed_id = (int) $this->dbh->escape_string($_REQUEST['id']); | |
266 | $feed_url = $this->dbh->escape_string($_REQUEST['hub_topic']); | |
5f0a3741 AD |
267 | |
268 | if (!PUBSUBHUBBUB_ENABLED) { | |
269 | header('HTTP/1.0 404 Not Found'); | |
270 | echo "404 Not found"; | |
271 | return; | |
272 | } | |
273 | ||
274 | // TODO: implement hub_verifytoken checking | |
275 | ||
d9c85e0f | 276 | $result = $this->dbh->query("SELECT feed_url FROM ttrss_feeds |
5f0a3741 AD |
277 | WHERE id = '$feed_id'"); |
278 | ||
d9c85e0f | 279 | if ($this->dbh->num_rows($result) != 0) { |
5f0a3741 | 280 | |
d9c85e0f | 281 | $check_feed_url = $this->dbh->fetch_result($result, 0, "feed_url"); |
5f0a3741 AD |
282 | |
283 | if ($check_feed_url && ($check_feed_url == $feed_url || !$feed_url)) { | |
284 | if ($mode == "subscribe") { | |
285 | ||
d9c85e0f | 286 | $this->dbh->query("UPDATE ttrss_feeds SET pubsub_state = 2 |
5f0a3741 AD |
287 | WHERE id = '$feed_id'"); |
288 | ||
289 | print $_REQUEST['hub_challenge']; | |
290 | return; | |
291 | ||
292 | } else if ($mode == "unsubscribe") { | |
293 | ||
d9c85e0f | 294 | $this->dbh->query("UPDATE ttrss_feeds SET pubsub_state = 0 |
5f0a3741 AD |
295 | WHERE id = '$feed_id'"); |
296 | ||
297 | print $_REQUEST['hub_challenge']; | |
298 | return; | |
299 | ||
300 | } else if (!$mode) { | |
301 | ||
302 | // Received update ping, schedule feed update. | |
a42c55f0 | 303 | //update_rss_feed($feed_id, true, true); |
5f0a3741 | 304 | |
d9c85e0f | 305 | $this->dbh->query("UPDATE ttrss_feeds SET |
5f0a3741 AD |
306 | last_update_started = '1970-01-01', |
307 | last_updated = '1970-01-01' WHERE id = '$feed_id'"); | |
308 | ||
309 | } | |
310 | } else { | |
311 | header('HTTP/1.0 404 Not Found'); | |
312 | echo "404 Not found"; | |
313 | } | |
314 | } else { | |
315 | header('HTTP/1.0 404 Not Found'); | |
316 | echo "404 Not found"; | |
317 | } | |
318 | ||
319 | } | |
320 | ||
321 | function logout() { | |
322 | logout_user(); | |
323 | header("Location: index.php"); | |
324 | } | |
325 | ||
5f0a3741 | 326 | function share() { |
d9c85e0f | 327 | $uuid = $this->dbh->escape_string($_REQUEST["key"]); |
5f0a3741 | 328 | |
d9c85e0f | 329 | $result = $this->dbh->query("SELECT ref_id, owner_uid FROM ttrss_user_entries WHERE |
5f0a3741 AD |
330 | uuid = '$uuid'"); |
331 | ||
d9c85e0f | 332 | if ($this->dbh->num_rows($result) != 0) { |
5f0a3741 AD |
333 | header("Content-Type: text/html"); |
334 | ||
d9c85e0f AD |
335 | $id = $this->dbh->fetch_result($result, 0, "ref_id"); |
336 | $owner_uid = $this->dbh->fetch_result($result, 0, "owner_uid"); | |
5f0a3741 | 337 | |
a42c55f0 | 338 | $article = format_article($id, false, true, $owner_uid); |
5f0a3741 AD |
339 | |
340 | print_r($article['content']); | |
341 | ||
342 | } else { | |
343 | print "Article not found."; | |
344 | } | |
345 | ||
346 | } | |
347 | ||
348 | function rss() { | |
d9c85e0f AD |
349 | $feed = $this->dbh->escape_string($_REQUEST["id"]); |
350 | $key = $this->dbh->escape_string($_REQUEST["key"]); | |
356e13b1 | 351 | $is_cat = sql_bool_to_bool($_REQUEST["is_cat"]); |
d9c85e0f AD |
352 | $limit = (int)$this->dbh->escape_string($_REQUEST["limit"]); |
353 | $offset = (int)$this->dbh->escape_string($_REQUEST["offset"]); | |
5f0a3741 | 354 | |
d9c85e0f AD |
355 | $search = $this->dbh->escape_string($_REQUEST["q"]); |
356 | $search_mode = $this->dbh->escape_string($_REQUEST["smode"]); | |
357 | $view_mode = $this->dbh->escape_string($_REQUEST["view-mode"]); | |
25051fb8 | 358 | $order = $this->dbh->escape_string($_REQUEST["order"]); |
5f0a3741 | 359 | |
d9c85e0f | 360 | $format = $this->dbh->escape_string($_REQUEST['format']); |
356e13b1 | 361 | $orig_guid = !sql_bool_to_bool($_REQUEST["no_orig_guid"]); |
2ebf38a9 AD |
362 | |
363 | if (!$format) $format = 'atom'; | |
364 | ||
5f0a3741 | 365 | if (SINGLE_USER_MODE) { |
a42c55f0 | 366 | authenticate_user("admin", null); |
5f0a3741 AD |
367 | } |
368 | ||
369 | $owner_id = false; | |
370 | ||
371 | if ($key) { | |
d9c85e0f | 372 | $result = $this->dbh->query("SELECT owner_uid FROM |
5f0a3741 AD |
373 | ttrss_access_keys WHERE access_key = '$key' AND feed_id = '$feed'"); |
374 | ||
d9c85e0f AD |
375 | if ($this->dbh->num_rows($result) == 1) |
376 | $owner_id = $this->dbh->fetch_result($result, 0, "owner_uid"); | |
5f0a3741 AD |
377 | } |
378 | ||
379 | if ($owner_id) { | |
2fb947eb | 380 | $this->generate_syndicated_feed($owner_id, $feed, $is_cat, $limit, |
fcf6bfba | 381 | $offset, $search, $search_mode, $view_mode, $format, $order, $orig_guid); |
5f0a3741 AD |
382 | } else { |
383 | header('HTTP/1.1 403 Forbidden'); | |
384 | } | |
385 | } | |
386 | ||
07391e36 AD |
387 | function globalUpdateFeeds() { |
388 | include "rssfuncs.php"; | |
5f0a3741 | 389 | // Update all feeds needing a update. |
a42c55f0 | 390 | update_daemon_common(0, true, false); |
e2cf81e2 | 391 | housekeeping_common(false); |
cda55d67 | 392 | |
1ffe3391 | 393 | PluginHost::getInstance()->run_hooks(PluginHost::HOOK_UPDATE_TASK, "hook_update_task", $op); |
cda55d67 | 394 | |
07391e36 | 395 | } |
8361e724 AD |
396 | |
397 | function sharepopup() { | |
61a748f8 | 398 | if (SINGLE_USER_MODE) { |
6322ac79 | 399 | login_sequence(); |
61a748f8 AD |
400 | } |
401 | ||
8361e724 | 402 | header('Content-Type: text/html; charset=utf-8'); |
9a2aed91 AD |
403 | print "<html><head><title>Tiny Tiny RSS</title>"; |
404 | ||
5bbc4bb4 | 405 | stylesheet_tag("css/utility.css"); |
6f7798b6 RL |
406 | javascript_tag("lib/prototype.js"); |
407 | javascript_tag("lib/scriptaculous/scriptaculous.js?load=effects,dragdrop,controls"); | |
9a2aed91 AD |
408 | print "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/> |
409 | </head><body id='sharepopup'>"; | |
8361e724 AD |
410 | |
411 | $action = $_REQUEST["action"]; | |
412 | ||
413 | if ($_SESSION["uid"]) { | |
414 | ||
d493aba2 | 415 | if ($action == 'share') { |
8361e724 | 416 | |
d9c85e0f AD |
417 | $title = $this->dbh->escape_string(strip_tags($_REQUEST["title"])); |
418 | $url = $this->dbh->escape_string(strip_tags($_REQUEST["url"])); | |
419 | $content = $this->dbh->escape_string(strip_tags($_REQUEST["content"])); | |
420 | $labels = $this->dbh->escape_string(strip_tags($_REQUEST["labels"])); | |
8361e724 | 421 | |
a42c55f0 | 422 | Article::create_published_article($title, $url, $content, $labels, |
1b4d1a6b | 423 | $_SESSION["uid"]); |
8361e724 | 424 | |
d493aba2 AD |
425 | print "<script type='text/javascript'>"; |
426 | print "window.close();"; | |
427 | print "</script>"; | |
8361e724 | 428 | |
d493aba2 | 429 | } else { |
8361e724 AD |
430 | $title = htmlspecialchars($_REQUEST["title"]); |
431 | $url = htmlspecialchars($_REQUEST["url"]); | |
432 | ||
d493aba2 | 433 | ?> |
8361e724 | 434 | |
d493aba2 AD |
435 | <table height='100%' width='100%'><tr><td colspan='2'> |
436 | <h1><?php echo __("Share with Tiny Tiny RSS") ?></h1> | |
437 | </td></tr> | |
8361e724 | 438 | |
d493aba2 | 439 | <form id='share_form' name='share_form'> |
8361e724 | 440 | |
d493aba2 AD |
441 | <input type="hidden" name="op" value="sharepopup"> |
442 | <input type="hidden" name="action" value="share"> | |
8361e724 | 443 | |
22439dad | 444 | <tr><td align='right'><?php echo __("Title:") ?></td> |
d493aba2 | 445 | <td width='80%'><input name='title' value="<?php echo $title ?>"></td></tr> |
22439dad | 446 | <tr><td align='right'><?php echo __("URL:") ?></td> |
d493aba2 | 447 | <td><input name='url' value="<?php echo $url ?>"></td></tr> |
22439dad | 448 | <tr><td align='right'><?php echo __("Content:") ?></td> |
d493aba2 | 449 | <td><input name='content' value=""></td></tr> |
1b4d1a6b AD |
450 | <tr><td align='right'><?php echo __("Labels:") ?></td> |
451 | <td><input name='labels' id="labels_value" | |
452 | placeholder='Alpha, Beta, Gamma' value=""> | |
453 | </td></tr> | |
454 | ||
455 | <tr><td> | |
456 | <div class="autocomplete" id="labels_choices" | |
457 | style="display : block"></div></td></tr> | |
8361e724 | 458 | |
d493aba2 | 459 | <script type='text/javascript'>document.forms[0].title.focus();</script> |
8361e724 | 460 | |
1b4d1a6b AD |
461 | <script type='text/javascript'> |
462 | new Ajax.Autocompleter('labels_value', 'labels_choices', | |
463 | "backend.php?op=rpc&method=completeLabels", | |
464 | { tokens: ',', paramName: "search" }); | |
465 | </script> | |
466 | ||
d493aba2 AD |
467 | <tr><td colspan='2'> |
468 | <div style='float : right' class='insensitive-small'> | |
469 | <?php echo __("Shared article will appear in the Published feed.") ?> | |
470 | </div> | |
471 | <button type="submit"><?php echo __('Share') ?></button> | |
472 | <button onclick="return window.close()"><?php echo __('Cancel') ?></button> | |
473 | </div> | |
8361e724 | 474 | |
d493aba2 AD |
475 | </form> |
476 | </td></tr></table> | |
477 | </body></html> | |
478 | <?php | |
8361e724 | 479 | |
8361e724 AD |
480 | } |
481 | ||
482 | } else { | |
483 | ||
d493aba2 AD |
484 | $return = urlencode($_SERVER["REQUEST_URI"]) |
485 | ?> | |
486 | ||
487 | <form action="public.php?return=<?php echo $return ?>" | |
22439dad | 488 | method="POST" id="loginForm" name="loginForm"> |
d493aba2 AD |
489 | |
490 | <input type="hidden" name="op" value="login"> | |
491 | ||
492 | <table height='100%' width='100%'><tr><td colspan='2'> | |
22439dad | 493 | <h1><?php echo __("Not logged in") ?></h1></td></tr> |
d493aba2 AD |
494 | |
495 | <tr><td align="right"><?php echo __("Login:") ?></td> | |
496 | <td align="right"><input name="login" | |
497 | value="<?php echo $_SESSION["fake_login"] ?>"></td></tr> | |
498 | <tr><td align="right"><?php echo __("Password:") ?></td> | |
499 | <td align="right"><input type="password" name="password" | |
500 | value="<?php echo $_SESSION["fake_password"] ?>"></td></tr> | |
d493aba2 AD |
501 | <tr><td colspan='2'> |
502 | <button type="submit"> | |
503 | <?php echo __('Log in') ?></button> | |
504 | ||
505 | <button onclick="return window.close()"> | |
506 | <?php echo __('Cancel') ?></button> | |
507 | </td></tr> | |
508 | </table> | |
509 | ||
510 | </form> | |
511 | <?php | |
8361e724 AD |
512 | } |
513 | } | |
514 | ||
97acbaf1 | 515 | function login() { |
97acbaf1 AD |
516 | if (!SINGLE_USER_MODE) { |
517 | ||
d9c85e0f | 518 | $login = $this->dbh->escape_string($_POST["login"]); |
97acbaf1 | 519 | $password = $_POST["password"]; |
aadd636a | 520 | $remember_me = $_POST["remember_me"]; |
97acbaf1 | 521 | |
f231f438 AD |
522 | if ($remember_me) { |
523 | session_set_cookie_params(SESSION_COOKIE_LIFETIME); | |
524 | } else { | |
525 | session_set_cookie_params(0); | |
526 | } | |
527 | ||
aadd636a | 528 | @session_start(); |
60ed4c9a | 529 | |
a42c55f0 | 530 | if (authenticate_user($login, $password)) { |
97acbaf1 AD |
531 | $_POST["password"] = ""; |
532 | ||
b18d109f AD |
533 | if (get_schema_version() >= 120) { |
534 | $_SESSION["language"] = get_pref("USER_LANGUAGE", $_SESSION["uid"]); | |
535 | } | |
536 | ||
a42c55f0 | 537 | $_SESSION["ref_schema_version"] = get_schema_version(true); |
97acbaf1 AD |
538 | $_SESSION["bw_limit"] = !!$_POST["bw_limit"]; |
539 | ||
540 | if ($_POST["profile"]) { | |
541 | ||
d9c85e0f | 542 | $profile = $this->dbh->escape_string($_POST["profile"]); |
97acbaf1 | 543 | |
d9c85e0f | 544 | $result = $this->dbh->query("SELECT id FROM ttrss_settings_profiles |
97acbaf1 AD |
545 | WHERE id = '$profile' AND owner_uid = " . $_SESSION["uid"]); |
546 | ||
d9c85e0f | 547 | if ($this->dbh->num_rows($result) != 0) { |
97acbaf1 | 548 | $_SESSION["profile"] = $profile; |
97acbaf1 AD |
549 | } |
550 | } | |
551 | } else { | |
552 | $_SESSION["login_error_msg"] = __("Incorrect username or password"); | |
c4cab4ec | 553 | user_error("Failed login attempt from {$_SERVER['REMOTE_ADDR']}", E_USER_WARNING); |
97acbaf1 AD |
554 | } |
555 | ||
556 | if ($_REQUEST['return']) { | |
557 | header("Location: " . $_REQUEST['return']); | |
558 | } else { | |
559 | header("Location: " . SELF_URL_PATH); | |
560 | } | |
561 | } | |
562 | } | |
563 | ||
564 | function subscribe() { | |
61a748f8 | 565 | if (SINGLE_USER_MODE) { |
6322ac79 | 566 | login_sequence(); |
61a748f8 AD |
567 | } |
568 | ||
97acbaf1 AD |
569 | if ($_SESSION["uid"]) { |
570 | ||
d9c85e0f | 571 | $feed_url = $this->dbh->escape_string(trim($_REQUEST["feed_url"])); |
97acbaf1 AD |
572 | |
573 | header('Content-Type: text/html; charset=utf-8'); | |
574 | print "<html> | |
575 | <head> | |
576 | <title>Tiny Tiny RSS</title> | |
5bbc4bb4 | 577 | <link rel=\"stylesheet\" type=\"text/css\" href=\"css/utility.css\"> |
97acbaf1 AD |
578 | <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/> |
579 | </head> | |
580 | <body> | |
884d1650 | 581 | <img class=\"floatingLogo\" src=\"images/logo_small.png\" |
97acbaf1 | 582 | alt=\"Tiny Tiny RSS\"/> |
884d1650 | 583 | <h1>".__("Subscribe to feed...")."</h1><div class='content'>"; |
97acbaf1 | 584 | |
a42c55f0 | 585 | $rc = subscribe_to_feed($feed_url); |
97acbaf1 AD |
586 | |
587 | switch ($rc['code']) { | |
588 | case 0: | |
589 | print_warning(T_sprintf("Already subscribed to <b>%s</b>.", $feed_url)); | |
590 | break; | |
591 | case 1: | |
592 | print_notice(T_sprintf("Subscribed to <b>%s</b>.", $feed_url)); | |
593 | break; | |
594 | case 2: | |
595 | print_error(T_sprintf("Could not subscribe to <b>%s</b>.", $feed_url)); | |
596 | break; | |
597 | case 3: | |
598 | print_error(T_sprintf("No feeds found in <b>%s</b>.", $feed_url)); | |
599 | break; | |
600 | case 4: | |
601 | print_notice(__("Multiple feed URLs found.")); | |
759e5132 | 602 | $feed_urls = $rc["feeds"]; |
97acbaf1 AD |
603 | break; |
604 | case 5: | |
605 | print_error(T_sprintf("Could not subscribe to <b>%s</b>.<br>Can't download the Feed URL.", $feed_url)); | |
606 | break; | |
607 | } | |
608 | ||
609 | if ($feed_urls) { | |
610 | ||
611 | print "<form action=\"public.php\">"; | |
612 | print "<input type=\"hidden\" name=\"op\" value=\"subscribe\">"; | |
613 | ||
614 | print "<select name=\"feed_url\">"; | |
615 | ||
616 | foreach ($feed_urls as $url => $name) { | |
617 | $url = htmlspecialchars($url); | |
618 | $name = htmlspecialchars($name); | |
619 | ||
620 | print "<option value=\"$url\">$name</option>"; | |
621 | } | |
622 | ||
623 | print "<input type=\"submit\" value=\"".__("Subscribe to selected feed"). | |
624 | "\">"; | |
625 | ||
626 | print "</form>"; | |
627 | } | |
628 | ||
629 | $tp_uri = get_self_url_prefix() . "/prefs.php"; | |
630 | $tt_uri = get_self_url_prefix(); | |
631 | ||
632 | if ($rc['code'] <= 2){ | |
d9c85e0f | 633 | $result = $this->dbh->query("SELECT id FROM ttrss_feeds WHERE |
97acbaf1 AD |
634 | feed_url = '$feed_url' AND owner_uid = " . $_SESSION["uid"]); |
635 | ||
d9c85e0f | 636 | $feed_id = $this->dbh->fetch_result($result, 0, "id"); |
97acbaf1 AD |
637 | } else { |
638 | $feed_id = 0; | |
639 | } | |
640 | print "<p>"; | |
641 | ||
642 | if ($feed_id) { | |
643 | print "<form method=\"GET\" style='display: inline' | |
644 | action=\"$tp_uri\"> | |
645 | <input type=\"hidden\" name=\"tab\" value=\"feedConfig\"> | |
646 | <input type=\"hidden\" name=\"method\" value=\"editFeed\"> | |
647 | <input type=\"hidden\" name=\"methodparam\" value=\"$feed_id\"> | |
648 | <input type=\"submit\" value=\"".__("Edit subscription options")."\"> | |
649 | </form>"; | |
650 | } | |
651 | ||
652 | print "<form style='display: inline' method=\"GET\" action=\"$tt_uri\"> | |
653 | <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\"> | |
654 | </form></p>"; | |
655 | ||
884d1650 | 656 | print "</div></body></html>"; |
97acbaf1 AD |
657 | |
658 | } else { | |
6322ac79 | 659 | render_login_form(); |
97acbaf1 AD |
660 | } |
661 | } | |
662 | ||
663 | function subscribe2() { | |
d9c85e0f AD |
664 | $feed_url = $this->dbh->escape_string(trim($_REQUEST["feed_url"])); |
665 | $cat_id = $this->dbh->escape_string($_REQUEST["cat_id"]); | |
666 | $from = $this->dbh->escape_string($_REQUEST["from"]); | |
6f7798b6 | 667 | $feed_urls = array(); |
97acbaf1 AD |
668 | |
669 | /* only read authentication information from POST */ | |
670 | ||
d9c85e0f AD |
671 | $auth_login = $this->dbh->escape_string(trim($_POST["auth_login"])); |
672 | $auth_pass = $this->dbh->escape_string(trim($_POST["auth_pass"])); | |
97acbaf1 | 673 | |
a42c55f0 | 674 | $rc = subscribe_to_feed($feed_url, $cat_id, $auth_login, $auth_pass); |
97acbaf1 AD |
675 | |
676 | switch ($rc) { | |
677 | case 1: | |
678 | print_notice(T_sprintf("Subscribed to <b>%s</b>.", $feed_url)); | |
679 | break; | |
680 | case 2: | |
681 | print_error(T_sprintf("Could not subscribe to <b>%s</b>.", $feed_url)); | |
682 | break; | |
683 | case 3: | |
684 | print_error(T_sprintf("No feeds found in <b>%s</b>.", $feed_url)); | |
685 | break; | |
686 | case 0: | |
687 | print_warning(T_sprintf("Already subscribed to <b>%s</b>.", $feed_url)); | |
688 | break; | |
689 | case 4: | |
690 | print_notice(__("Multiple feed URLs found.")); | |
6f7798b6 RL |
691 | $contents = @fetch_file_contents($url, false, $auth_login, $auth_pass); |
692 | if (is_html($contents)) { | |
693 | $feed_urls = get_feeds_from_html($url, $contents); | |
694 | } | |
97acbaf1 AD |
695 | break; |
696 | case 5: | |
697 | print_error(T_sprintf("Could not subscribe to <b>%s</b>.<br>Can't download the Feed URL.", $feed_url)); | |
698 | break; | |
699 | } | |
700 | ||
701 | if ($feed_urls) { | |
702 | print "<form action=\"backend.php\">"; | |
703 | print "<input type=\"hidden\" name=\"op\" value=\"pref-feeds\">"; | |
704 | print "<input type=\"hidden\" name=\"quiet\" value=\"1\">"; | |
705 | print "<input type=\"hidden\" name=\"method\" value=\"add\">"; | |
706 | ||
707 | print "<select name=\"feed_url\">"; | |
708 | ||
709 | foreach ($feed_urls as $url => $name) { | |
710 | $url = htmlspecialchars($url); | |
711 | $name = htmlspecialchars($name); | |
712 | print "<option value=\"$url\">$name</option>"; | |
713 | } | |
714 | ||
715 | print "<input type=\"submit\" value=\"".__("Subscribe to selected feed")."\">"; | |
716 | print "</form>"; | |
717 | } | |
718 | ||
719 | $tp_uri = get_self_url_prefix() . "/prefs.php"; | |
720 | $tt_uri = get_self_url_prefix(); | |
721 | ||
722 | if ($rc <= 2){ | |
d9c85e0f | 723 | $result = $this->dbh->query("SELECT id FROM ttrss_feeds WHERE |
97acbaf1 AD |
724 | feed_url = '$feed_url' AND owner_uid = " . $_SESSION["uid"]); |
725 | ||
d9c85e0f | 726 | $feed_id = $this->dbh->fetch_result($result, 0, "id"); |
97acbaf1 AD |
727 | } else { |
728 | $feed_id = 0; | |
729 | } | |
730 | ||
731 | print "<p>"; | |
732 | ||
733 | if ($feed_id) { | |
734 | print "<form method=\"GET\" style='display: inline' | |
735 | action=\"$tp_uri\"> | |
736 | <input type=\"hidden\" name=\"tab\" value=\"feedConfig\"> | |
737 | <input type=\"hidden\" name=\"method\" value=\"editFeed\"> | |
738 | <input type=\"hidden\" name=\"methodparam\" value=\"$feed_id\"> | |
739 | <input type=\"submit\" value=\"".__("Edit subscription options")."\"> | |
740 | </form>"; | |
741 | } | |
742 | ||
743 | print "<form style='display: inline' method=\"GET\" action=\"$tt_uri\"> | |
744 | <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\"> | |
745 | </form></p>"; | |
746 | ||
747 | print "</body></html>"; | |
748 | } | |
749 | ||
750 | function index() { | |
751 | header("Content-Type: text/plain"); | |
752 | print json_encode(array("error" => array("code" => 7))); | |
753 | } | |
754 | ||
f43e9e97 | 755 | function forgotpass() { |
67e0cf9a AD |
756 | startup_gettext(); |
757 | ||
f43e9e97 | 758 | header('Content-Type: text/html; charset=utf-8'); |
e216d302 AD |
759 | print "<html><head><title>Tiny Tiny RSS</title>"; |
760 | ||
5bbc4bb4 | 761 | stylesheet_tag("css/utility.css"); |
6f7798b6 | 762 | javascript_tag("lib/prototype.js"); |
e216d302 AD |
763 | |
764 | print "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/> | |
765 | </head><body id='forgotpass'>"; | |
f43e9e97 | 766 | |
884d1650 | 767 | print '<div class="floatingLogo"><img src="images/logo_small.png"></div>'; |
483f15d5 | 768 | print "<h1>".__("Password recovery")."</h1>"; |
884d1650 | 769 | print "<div class='content'>"; |
f43e9e97 AD |
770 | |
771 | @$method = $_POST['method']; | |
772 | ||
773 | if (!$method) { | |
483f15d5 AD |
774 | print_notice(__("You will need to provide valid account name and email. New password will be sent on your email address.")); |
775 | ||
f43e9e97 | 776 | print "<form method='POST' action='public.php'>"; |
f43e9e97 AD |
777 | print "<input type='hidden' name='method' value='do'>"; |
778 | print "<input type='hidden' name='op' value='forgotpass'>"; | |
779 | ||
780 | print "<fieldset>"; | |
781 | print "<label>".__("Login:")."</label>"; | |
782 | print "<input type='text' name='login' value='' required>"; | |
783 | print "</fieldset>"; | |
784 | ||
785 | print "<fieldset>"; | |
786 | print "<label>".__("Email:")."</label>"; | |
787 | print "<input type='email' name='email' value='' required>"; | |
788 | print "</fieldset>"; | |
789 | ||
790 | print "<fieldset>"; | |
791 | print "<label>".__("How much is two plus two:")."</label>"; | |
792 | print "<input type='text' name='test' value='' required>"; | |
793 | print "</fieldset>"; | |
794 | ||
795 | print "<p/>"; | |
796 | print "<button type='submit'>".__("Reset password")."</button>"; | |
797 | ||
798 | print "</form>"; | |
799 | } else if ($method == 'do') { | |
800 | ||
d9c85e0f AD |
801 | $login = $this->dbh->escape_string($_POST["login"]); |
802 | $email = $this->dbh->escape_string($_POST["email"]); | |
803 | $test = $this->dbh->escape_string($_POST["test"]); | |
f43e9e97 AD |
804 | |
805 | if (($test != 4 && $test != 'four') || !$email || !$login) { | |
806 | print_error(__('Some of the required form parameters are missing or incorrect.')); | |
807 | ||
483f15d5 AD |
808 | print "<form method=\"GET\" action=\"public.php\"> |
809 | <input type=\"hidden\" name=\"op\" value=\"forgotpass\"> | |
810 | <input type=\"submit\" value=\"".__("Go back")."\"> | |
811 | </form>"; | |
f43e9e97 | 812 | |
e216d302 | 813 | } else { |
f43e9e97 | 814 | |
d9c85e0f | 815 | $result = $this->dbh->query("SELECT id FROM ttrss_users |
f43e9e97 AD |
816 | WHERE login = '$login' AND email = '$email'"); |
817 | ||
d9c85e0f AD |
818 | if ($this->dbh->num_rows($result) != 0) { |
819 | $id = $this->dbh->fetch_result($result, 0, "id"); | |
f43e9e97 | 820 | |
a42c55f0 | 821 | Pref_Users::resetUserPassword($id, false); |
f43e9e97 | 822 | |
483f15d5 AD |
823 | print "<p>"; |
824 | ||
e216d302 | 825 | print "<p>"."Completed."."</p>"; |
483f15d5 AD |
826 | |
827 | print "<form method=\"GET\" action=\"index.php\"> | |
828 | <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\"> | |
829 | </form>"; | |
f43e9e97 AD |
830 | |
831 | } else { | |
832 | print_error(__("Sorry, login and email combination not found.")); | |
483f15d5 AD |
833 | |
834 | print "<form method=\"GET\" action=\"public.php\"> | |
835 | <input type=\"hidden\" name=\"op\" value=\"forgotpass\"> | |
836 | <input type=\"submit\" value=\"".__("Go back")."\"> | |
837 | </form>"; | |
838 | ||
f43e9e97 | 839 | } |
f43e9e97 AD |
840 | } |
841 | ||
842 | } | |
843 | ||
884d1650 | 844 | print "</div>"; |
f43e9e97 AD |
845 | print "</body>"; |
846 | print "</html>"; | |
847 | ||
b4c47f7e AD |
848 | } |
849 | ||
850 | function dbupdate() { | |
67e0cf9a AD |
851 | startup_gettext(); |
852 | ||
f240d26e AD |
853 | if (!SINGLE_USER_MODE && $_SESSION["access_level"] < 10) { |
854 | $_SESSION["login_error_msg"] = __("Your access level is insufficient to run this script."); | |
6322ac79 | 855 | render_login_form(); |
f240d26e AD |
856 | exit; |
857 | } | |
858 | ||
859 | ?><html> | |
860 | <head> | |
861 | <title>Database Updater</title> | |
862 | <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/> | |
5bbc4bb4 | 863 | <link rel="stylesheet" type="text/css" href="css/utility.css"/> |
f240d26e AD |
864 | </head> |
865 | <style type="text/css"> | |
866 | span.ok { color : #009000; font-weight : bold; } | |
867 | span.err { color : #ff0000; font-weight : bold; } | |
868 | </style> | |
869 | <body> | |
870 | <script type='text/javascript'> | |
871 | function confirmOP() { | |
872 | return confirm("Update the database?"); | |
873 | } | |
874 | </script> | |
875 | ||
876 | <div class="floatingLogo"><img src="images/logo_small.png"></div> | |
877 | ||
878 | <h1><?php echo __("Database Updater") ?></h1> | |
879 | ||
880 | <div class="content"> | |
881 | ||
882 | <?php | |
883 | @$op = $_REQUEST["subop"]; | |
0630a100 | 884 | $updater = new DbUpdater(Db::get(), DB_TYPE, SCHEMA_VERSION); |
f240d26e AD |
885 | |
886 | if ($op == "performupdate") { | |
887 | if ($updater->isUpdateRequired()) { | |
888 | ||
889 | print "<h2>Performing updates</h2>"; | |
890 | ||
891 | print "<h3>Updating to schema version " . SCHEMA_VERSION . "</h3>"; | |
892 | ||
893 | print "<ul>"; | |
894 | ||
895 | for ($i = $updater->getSchemaVersion() + 1; $i <= SCHEMA_VERSION; $i++) { | |
896 | print "<li>Performing update up to version $i..."; | |
897 | ||
898 | $result = $updater->performUpdateTo($i); | |
899 | ||
900 | if (!$result) { | |
901 | print "<span class='err'>FAILED!</span></li></ul>"; | |
902 | ||
903 | print_warning("One of the updates failed. Either retry the process or perform updates manually."); | |
904 | print "<p><form method=\"GET\" action=\"index.php\"> | |
905 | <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\"> | |
906 | </form>"; | |
907 | ||
908 | break; | |
909 | } else { | |
910 | print "<span class='ok'>OK!</span></li>"; | |
911 | } | |
912 | } | |
913 | ||
914 | print "</ul>"; | |
b4c47f7e | 915 | |
f240d26e | 916 | print_notice("Your Tiny Tiny RSS database is now updated to the latest version."); |
b4c47f7e | 917 | |
f240d26e AD |
918 | print "<p><form method=\"GET\" action=\"index.php\"> |
919 | <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\"> | |
920 | </form>"; | |
921 | ||
922 | } else { | |
923 | print "<h2>Your database is up to date.</h2>"; | |
924 | ||
925 | print "<p><form method=\"GET\" action=\"index.php\"> | |
926 | <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\"> | |
927 | </form>"; | |
928 | } | |
929 | } else { | |
930 | if ($updater->isUpdateRequired()) { | |
931 | ||
932 | print "<h2>Database update required</h2>"; | |
b4c47f7e | 933 | |
f240d26e AD |
934 | print "<h3>"; |
935 | printf("Your Tiny Tiny RSS database needs update to the latest version: %d to %d.", | |
936 | $updater->getSchemaVersion(), SCHEMA_VERSION); | |
937 | print "</h3>"; | |
b4c47f7e | 938 | |
f240d26e | 939 | print_warning("Please backup your database before proceeding."); |
b4c47f7e | 940 | |
f240d26e AD |
941 | print "<form method='POST'> |
942 | <input type='hidden' name='subop' value='performupdate'> | |
943 | <input type='submit' onclick='return confirmOP()' value='".__("Perform updates")."'> | |
944 | </form>"; | |
945 | ||
946 | } else { | |
947 | ||
3c200461 | 948 | print_notice("Tiny Tiny RSS database is up to date."); |
f240d26e AD |
949 | |
950 | print "<p><form method=\"GET\" action=\"index.php\"> | |
951 | <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\"> | |
952 | </form>"; | |
953 | ||
954 | } | |
955 | } | |
956 | ?> | |
b4c47f7e | 957 | |
f240d26e AD |
958 | </div> |
959 | </body> | |
960 | </html> | |
961 | <?php | |
f43e9e97 AD |
962 | } |
963 | ||
5f0a3741 AD |
964 | } |
965 | ?> |