]>
Commit | Line | Data |
---|---|---|
5f0a3741 | 1 | <?php |
369dbc19 | 2 | class Handler_Public extends Handler { |
5f0a3741 | 3 | |
79178062 | 4 | private function generate_syndicated_feed($owner_uid, $feed, $is_cat, |
ce565216 AD |
5 | $limit, $offset, $search, $search_mode, $match_on, |
6 | $view_mode = false, $format = 'atom') { | |
79178062 AD |
7 | |
8 | require_once "lib/MiniTemplator.class.php"; | |
9 | ||
10 | $note_style = "background-color : #fff7d5; | |
11 | border-width : 1px; ". | |
12 | "padding : 5px; border-style : dashed; border-color : #e7d796;". | |
13 | "margin-bottom : 1em; color : #9a8c59;"; | |
14 | ||
c3d2cda8 | 15 | if (!$limit) $limit = 100; |
79178062 AD |
16 | |
17 | if (get_pref($this->link, "SORT_HEADLINES_BY_FEED_DATE", $owner_uid)) { | |
18 | $date_sort_field = "updated"; | |
19 | } else { | |
20 | $date_sort_field = "date_entered"; | |
21 | } | |
22 | ||
008ebad9 AD |
23 | if ($feed == -2) |
24 | $date_sort_field = "last_read"; | |
25 | ||
79178062 AD |
26 | $qfh_ret = queryFeedHeadlines($this->link, $feed, |
27 | $limit, $view_mode, $is_cat, $search, $search_mode, | |
ce565216 | 28 | $match_on, "$date_sort_field DESC", $offset, $owner_uid); |
79178062 AD |
29 | |
30 | $result = $qfh_ret[0]; | |
31 | $feed_title = htmlspecialchars($qfh_ret[1]); | |
32 | $feed_site_url = $qfh_ret[2]; | |
33 | $last_error = $qfh_ret[3]; | |
34 | ||
35 | $feed_self_url = get_self_url_prefix() . | |
36 | "/public.php?op=rss&id=-2&key=" . | |
2fb947eb | 37 | get_feed_access_key($this->link, -2, false, $owner_uid); |
79178062 AD |
38 | |
39 | if (!$feed_site_url) $feed_site_url = get_self_url_prefix(); | |
40 | ||
2ebf38a9 AD |
41 | if ($format == 'atom') { |
42 | $tpl = new MiniTemplator; | |
79178062 | 43 | |
2ebf38a9 | 44 | $tpl->readTemplateFromFile("templates/generated_feed.txt"); |
79178062 | 45 | |
2ebf38a9 AD |
46 | $tpl->setVariable('FEED_TITLE', $feed_title, true); |
47 | $tpl->setVariable('VERSION', VERSION, true); | |
48 | $tpl->setVariable('FEED_URL', htmlspecialchars($feed_self_url), true); | |
79178062 | 49 | |
2ebf38a9 AD |
50 | if (PUBSUBHUBBUB_HUB && $feed == -2) { |
51 | $tpl->setVariable('HUB_URL', htmlspecialchars(PUBSUBHUBBUB_HUB), true); | |
52 | $tpl->addBlock('feed_hub'); | |
53 | } | |
79178062 | 54 | |
2ebf38a9 | 55 | $tpl->setVariable('SELF_URL', htmlspecialchars(get_self_url_prefix()), true); |
79178062 | 56 | |
2ebf38a9 AD |
57 | while ($line = db_fetch_assoc($result)) { |
58 | $tpl->setVariable('ARTICLE_ID', htmlspecialchars($line['link']), true); | |
59 | $tpl->setVariable('ARTICLE_LINK', htmlspecialchars($line['link']), true); | |
60 | $tpl->setVariable('ARTICLE_TITLE', htmlspecialchars($line['title']), true); | |
61 | $tpl->setVariable('ARTICLE_EXCERPT', | |
62 | truncate_string(strip_tags($line["content_preview"]), 100, '...'), true); | |
79178062 | 63 | |
b3682750 | 64 | $content = sanitize($this->link, $line["content_preview"], false, $owner_uid); |
79178062 | 65 | |
2ebf38a9 AD |
66 | if ($line['note']) { |
67 | $content = "<div style=\"$note_style\">Article note: " . $line['note'] . "</div>" . | |
68 | $content; | |
69 | } | |
70 | ||
71 | $tpl->setVariable('ARTICLE_CONTENT', $content, true); | |
72 | ||
73 | $tpl->setVariable('ARTICLE_UPDATED_ATOM', | |
74 | date('c', strtotime($line["updated"])), true); | |
75 | $tpl->setVariable('ARTICLE_UPDATED_RFC822', | |
76 | date(DATE_RFC822, strtotime($line["updated"])), true); | |
77 | ||
78 | $tpl->setVariable('ARTICLE_AUTHOR', htmlspecialchars($line['author']), true); | |
79 | ||
80 | $tags = get_article_tags($this->link, $line["id"], $owner_uid); | |
81 | ||
82 | foreach ($tags as $tag) { | |
83 | $tpl->setVariable('ARTICLE_CATEGORY', htmlspecialchars($tag), true); | |
84 | $tpl->addBlock('category'); | |
85 | } | |
79178062 | 86 | |
2ebf38a9 | 87 | $enclosures = get_article_enclosures($this->link, $line["id"]); |
79178062 | 88 | |
2ebf38a9 AD |
89 | foreach ($enclosures as $e) { |
90 | $type = htmlspecialchars($e['content_type']); | |
91 | $url = htmlspecialchars($e['content_url']); | |
92 | $length = $e['duration']; | |
9c97041d | 93 | |
2ebf38a9 AD |
94 | $tpl->setVariable('ARTICLE_ENCLOSURE_URL', $url, true); |
95 | $tpl->setVariable('ARTICLE_ENCLOSURE_TYPE', $type, true); | |
96 | $tpl->setVariable('ARTICLE_ENCLOSURE_LENGTH', $length, true); | |
79178062 | 97 | |
2ebf38a9 AD |
98 | $tpl->addBlock('enclosure'); |
99 | } | |
79178062 | 100 | |
2ebf38a9 | 101 | $tpl->addBlock('entry'); |
79178062 AD |
102 | } |
103 | ||
2ebf38a9 AD |
104 | $tmp = ""; |
105 | ||
106 | $tpl->addBlock('feed'); | |
107 | $tpl->generateOutputToString($tmp); | |
108 | ||
109 | header("Content-Type: text/xml; charset=utf-8"); | |
110 | ||
111 | print $tmp; | |
112 | } else if ($format == 'json') { | |
79178062 | 113 | |
2ebf38a9 | 114 | $feed = array(); |
79178062 | 115 | |
2ebf38a9 AD |
116 | $feed['title'] = $feed_title; |
117 | $feed['version'] = VERSION; | |
118 | $feed['feed_url'] = $feed_self_url; | |
79178062 | 119 | |
2ebf38a9 AD |
120 | if (PUBSUBHUBBUB_HUB && $feed == -2) { |
121 | $feed['hub_url'] = PUBSUBHUBBUB_HUB; | |
79178062 AD |
122 | } |
123 | ||
2ebf38a9 AD |
124 | $feed['self_url'] = get_self_url_prefix(); |
125 | ||
126 | $feed['articles'] = array(); | |
127 | ||
128 | while ($line = db_fetch_assoc($result)) { | |
129 | $article = array(); | |
79178062 | 130 | |
2ebf38a9 AD |
131 | $article['id'] = $line['link']; |
132 | $article['link'] = $line['link']; | |
133 | $article['title'] = $line['title']; | |
134 | $article['excerpt'] = truncate_string(strip_tags($line["content_preview"]), 100, '...'); | |
b3682750 | 135 | $article['content'] = sanitize($this->link, $line["content_preview"], false, $owner_uid); |
2ebf38a9 | 136 | $article['updated'] = date('c', strtotime($line["updated"])); |
79178062 | 137 | |
2ebf38a9 AD |
138 | if ($line['note']) $article['note'] = $line['note']; |
139 | if ($article['author']) $article['author'] = $line['author']; | |
79178062 | 140 | |
2ebf38a9 AD |
141 | $tags = get_article_tags($this->link, $line["id"], $owner_uid); |
142 | ||
143 | if (count($tags) > 0) { | |
144 | $article['tags'] = array(); | |
145 | ||
146 | foreach ($tags as $tag) { | |
147 | array_push($article['tags'], $tag); | |
148 | } | |
149 | } | |
150 | ||
151 | $enclosures = get_article_enclosures($this->link, $line["id"]); | |
152 | ||
153 | if (count($enclosures) > 0) { | |
154 | $article['enclosures'] = array(); | |
155 | ||
156 | foreach ($enclosures as $e) { | |
157 | $type = $e['content_type']; | |
158 | $url = $e['content_url']; | |
159 | $length = $e['duration']; | |
160 | ||
161 | array_push($article['enclosures'], array("url" => $url, "type" => $type, "length" => $length)); | |
162 | } | |
163 | } | |
164 | ||
165 | array_push($feed['articles'], $article); | |
166 | } | |
167 | ||
168 | header("Content-Type: text/plain; charset=utf-8"); | |
169 | ||
170 | print json_encode($feed); | |
171 | ||
172 | } else { | |
173 | header("Content-Type: text/plain; charset=utf-8"); | |
174 | print json_encode(array("error" => array("message" => "Unknown format"))); | |
175 | } | |
79178062 AD |
176 | } |
177 | ||
5f0a3741 AD |
178 | function getUnread() { |
179 | $login = db_escape_string($_REQUEST["login"]); | |
180 | $fresh = $_REQUEST["fresh"] == "1"; | |
181 | ||
182 | $result = db_query($this->link, "SELECT id FROM ttrss_users WHERE login = '$login'"); | |
183 | ||
184 | if (db_num_rows($result) == 1) { | |
185 | $uid = db_fetch_result($result, 0, "id"); | |
186 | ||
187 | print getGlobalUnread($this->link, $uid); | |
188 | ||
189 | if ($fresh) { | |
190 | print ";"; | |
191 | print getFeedArticles($this->link, -3, false, true, $uid); | |
192 | } | |
193 | ||
194 | } else { | |
195 | print "-1;User not found"; | |
196 | } | |
197 | ||
198 | } | |
199 | ||
200 | function getProfiles() { | |
201 | $login = db_escape_string($_REQUEST["login"]); | |
5f0a3741 | 202 | |
97acbaf1 AD |
203 | $result = db_query($this->link, "SELECT * FROM ttrss_settings_profiles,ttrss_users |
204 | WHERE ttrss_users.id = ttrss_settings_profiles.owner_uid AND login = '$login' ORDER BY title"); | |
5f0a3741 | 205 | |
eeee2ccf | 206 | print "<select dojoType='dijit.form.Select' style='width : 220px; margin : 0px' name='profile'>"; |
5f0a3741 | 207 | |
97acbaf1 | 208 | print "<option value='0'>" . __("Default profile") . "</option>"; |
5f0a3741 | 209 | |
97acbaf1 AD |
210 | while ($line = db_fetch_assoc($result)) { |
211 | $id = $line["id"]; | |
212 | $title = $line["title"]; | |
5f0a3741 | 213 | |
97acbaf1 | 214 | print "<option value='$id'>$title</option>"; |
5f0a3741 | 215 | } |
97acbaf1 AD |
216 | |
217 | print "</select>"; | |
5f0a3741 AD |
218 | } |
219 | ||
220 | function pubsub() { | |
221 | $mode = db_escape_string($_REQUEST['hub_mode']); | |
222 | $feed_id = (int) db_escape_string($_REQUEST['id']); | |
223 | $feed_url = db_escape_string($_REQUEST['hub_topic']); | |
224 | ||
225 | if (!PUBSUBHUBBUB_ENABLED) { | |
226 | header('HTTP/1.0 404 Not Found'); | |
227 | echo "404 Not found"; | |
228 | return; | |
229 | } | |
230 | ||
231 | // TODO: implement hub_verifytoken checking | |
232 | ||
233 | $result = db_query($this->link, "SELECT feed_url FROM ttrss_feeds | |
234 | WHERE id = '$feed_id'"); | |
235 | ||
236 | if (db_num_rows($result) != 0) { | |
237 | ||
238 | $check_feed_url = db_fetch_result($result, 0, "feed_url"); | |
239 | ||
240 | if ($check_feed_url && ($check_feed_url == $feed_url || !$feed_url)) { | |
241 | if ($mode == "subscribe") { | |
242 | ||
243 | db_query($this->link, "UPDATE ttrss_feeds SET pubsub_state = 2 | |
244 | WHERE id = '$feed_id'"); | |
245 | ||
246 | print $_REQUEST['hub_challenge']; | |
247 | return; | |
248 | ||
249 | } else if ($mode == "unsubscribe") { | |
250 | ||
251 | db_query($this->link, "UPDATE ttrss_feeds SET pubsub_state = 0 | |
252 | WHERE id = '$feed_id'"); | |
253 | ||
254 | print $_REQUEST['hub_challenge']; | |
255 | return; | |
256 | ||
257 | } else if (!$mode) { | |
258 | ||
259 | // Received update ping, schedule feed update. | |
260 | //update_rss_feed($this->link, $feed_id, true, true); | |
261 | ||
262 | db_query($this->link, "UPDATE ttrss_feeds SET | |
263 | last_update_started = '1970-01-01', | |
264 | last_updated = '1970-01-01' WHERE id = '$feed_id'"); | |
265 | ||
266 | } | |
267 | } else { | |
268 | header('HTTP/1.0 404 Not Found'); | |
269 | echo "404 Not found"; | |
270 | } | |
271 | } else { | |
272 | header('HTTP/1.0 404 Not Found'); | |
273 | echo "404 Not found"; | |
274 | } | |
275 | ||
276 | } | |
277 | ||
278 | function logout() { | |
279 | logout_user(); | |
280 | header("Location: index.php"); | |
281 | } | |
282 | ||
283 | function fbexport() { | |
284 | ||
285 | $access_key = db_escape_string($_POST["key"]); | |
286 | ||
287 | // TODO: rate limit checking using last_connected | |
288 | $result = db_query($this->link, "SELECT id FROM ttrss_linked_instances | |
289 | WHERE access_key = '$access_key'"); | |
290 | ||
291 | if (db_num_rows($result) == 1) { | |
292 | ||
293 | $instance_id = db_fetch_result($result, 0, "id"); | |
294 | ||
295 | $result = db_query($this->link, "SELECT feed_url, site_url, title, subscribers | |
296 | FROM ttrss_feedbrowser_cache ORDER BY subscribers DESC LIMIT 100"); | |
297 | ||
298 | $feeds = array(); | |
299 | ||
300 | while ($line = db_fetch_assoc($result)) { | |
301 | array_push($feeds, $line); | |
302 | } | |
303 | ||
304 | db_query($this->link, "UPDATE ttrss_linked_instances SET | |
305 | last_status_in = 1 WHERE id = '$instance_id'"); | |
306 | ||
307 | print json_encode(array("feeds" => $feeds)); | |
308 | } else { | |
309 | print json_encode(array("error" => array("code" => 6))); | |
310 | } | |
311 | } | |
312 | ||
313 | function share() { | |
314 | $uuid = db_escape_string($_REQUEST["key"]); | |
315 | ||
316 | $result = db_query($this->link, "SELECT ref_id, owner_uid FROM ttrss_user_entries WHERE | |
317 | uuid = '$uuid'"); | |
318 | ||
319 | if (db_num_rows($result) != 0) { | |
320 | header("Content-Type: text/html"); | |
321 | ||
322 | $id = db_fetch_result($result, 0, "ref_id"); | |
323 | $owner_uid = db_fetch_result($result, 0, "owner_uid"); | |
324 | ||
64436e10 | 325 | $article = format_article($this->link, $id, false, true, $owner_uid); |
5f0a3741 AD |
326 | |
327 | print_r($article['content']); | |
328 | ||
329 | } else { | |
330 | print "Article not found."; | |
331 | } | |
332 | ||
333 | } | |
334 | ||
335 | function rss() { | |
5f0a3741 AD |
336 | $feed = db_escape_string($_REQUEST["id"]); |
337 | $key = db_escape_string($_REQUEST["key"]); | |
338 | $is_cat = $_REQUEST["is_cat"] != false; | |
339 | $limit = (int)db_escape_string($_REQUEST["limit"]); | |
ce565216 | 340 | $offset = (int)db_escape_string($_REQUEST["offset"]); |
5f0a3741 AD |
341 | |
342 | $search = db_escape_string($_REQUEST["q"]); | |
343 | $match_on = db_escape_string($_REQUEST["m"]); | |
344 | $search_mode = db_escape_string($_REQUEST["smode"]); | |
345 | $view_mode = db_escape_string($_REQUEST["view-mode"]); | |
346 | ||
2ebf38a9 AD |
347 | $format = db_escape_string($_REQUEST['format']); |
348 | ||
349 | if (!$format) $format = 'atom'; | |
350 | ||
5f0a3741 AD |
351 | if (SINGLE_USER_MODE) { |
352 | authenticate_user($this->link, "admin", null); | |
353 | } | |
354 | ||
355 | $owner_id = false; | |
356 | ||
357 | if ($key) { | |
358 | $result = db_query($this->link, "SELECT owner_uid FROM | |
359 | ttrss_access_keys WHERE access_key = '$key' AND feed_id = '$feed'"); | |
360 | ||
361 | if (db_num_rows($result) == 1) | |
362 | $owner_id = db_fetch_result($result, 0, "owner_uid"); | |
363 | } | |
364 | ||
365 | if ($owner_id) { | |
2fb947eb | 366 | $this->generate_syndicated_feed($owner_id, $feed, $is_cat, $limit, |
ce565216 | 367 | $offset, $search, $search_mode, $match_on, $view_mode, $format); |
5f0a3741 AD |
368 | } else { |
369 | header('HTTP/1.1 403 Forbidden'); | |
370 | } | |
371 | } | |
372 | ||
07391e36 AD |
373 | function globalUpdateFeeds() { |
374 | include "rssfuncs.php"; | |
5f0a3741 | 375 | // Update all feeds needing a update. |
036cd3a4 | 376 | update_daemon_common($this->link, 0, true, false); |
07391e36 | 377 | } |
8361e724 AD |
378 | |
379 | function sharepopup() { | |
380 | header('Content-Type: text/html; charset=utf-8'); | |
381 | print "<html> | |
382 | <head> | |
383 | <title>Tiny Tiny RSS</title> | |
384 | <link rel=\"stylesheet\" type=\"text/css\" href=\"utility.css\"> | |
385 | <script type=\"text/javascript\" src=\"lib/prototype.js\"></script> | |
1b4d1a6b | 386 | <script type=\"text/javascript\" src=\"lib/scriptaculous/scriptaculous.js?load=effects,dragdrop,controls\"></script> |
8361e724 AD |
387 | <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/> |
388 | </head> | |
389 | <body id='sharepopup'>"; | |
390 | ||
391 | $action = $_REQUEST["action"]; | |
392 | ||
393 | if ($_SESSION["uid"]) { | |
394 | ||
d493aba2 | 395 | if ($action == 'share') { |
8361e724 | 396 | |
d493aba2 AD |
397 | $title = db_escape_string(strip_tags($_REQUEST["title"])); |
398 | $url = db_escape_string(strip_tags($_REQUEST["url"])); | |
399 | $content = db_escape_string(strip_tags($_REQUEST["content"])); | |
1b4d1a6b | 400 | $labels = db_escape_string(strip_tags($_REQUEST["labels"])); |
8361e724 | 401 | |
1b4d1a6b AD |
402 | create_published_article($this->link, $title, $url, $content, $labels, |
403 | $_SESSION["uid"]); | |
8361e724 | 404 | |
d493aba2 AD |
405 | print "<script type='text/javascript'>"; |
406 | print "window.close();"; | |
407 | print "</script>"; | |
8361e724 | 408 | |
d493aba2 | 409 | } else { |
8361e724 AD |
410 | $title = htmlspecialchars($_REQUEST["title"]); |
411 | $url = htmlspecialchars($_REQUEST["url"]); | |
412 | ||
d493aba2 | 413 | ?> |
8361e724 | 414 | |
d493aba2 AD |
415 | <table height='100%' width='100%'><tr><td colspan='2'> |
416 | <h1><?php echo __("Share with Tiny Tiny RSS") ?></h1> | |
417 | </td></tr> | |
8361e724 | 418 | |
d493aba2 | 419 | <form id='share_form' name='share_form'> |
8361e724 | 420 | |
d493aba2 AD |
421 | <input type="hidden" name="op" value="sharepopup"> |
422 | <input type="hidden" name="action" value="share"> | |
8361e724 | 423 | |
22439dad | 424 | <tr><td align='right'><?php echo __("Title:") ?></td> |
d493aba2 | 425 | <td width='80%'><input name='title' value="<?php echo $title ?>"></td></tr> |
22439dad | 426 | <tr><td align='right'><?php echo __("URL:") ?></td> |
d493aba2 | 427 | <td><input name='url' value="<?php echo $url ?>"></td></tr> |
22439dad | 428 | <tr><td align='right'><?php echo __("Content:") ?></td> |
d493aba2 | 429 | <td><input name='content' value=""></td></tr> |
1b4d1a6b AD |
430 | <tr><td align='right'><?php echo __("Labels:") ?></td> |
431 | <td><input name='labels' id="labels_value" | |
432 | placeholder='Alpha, Beta, Gamma' value=""> | |
433 | </td></tr> | |
434 | ||
435 | <tr><td> | |
436 | <div class="autocomplete" id="labels_choices" | |
437 | style="display : block"></div></td></tr> | |
8361e724 | 438 | |
d493aba2 | 439 | <script type='text/javascript'>document.forms[0].title.focus();</script> |
8361e724 | 440 | |
1b4d1a6b AD |
441 | <script type='text/javascript'> |
442 | new Ajax.Autocompleter('labels_value', 'labels_choices', | |
443 | "backend.php?op=rpc&method=completeLabels", | |
444 | { tokens: ',', paramName: "search" }); | |
445 | </script> | |
446 | ||
d493aba2 AD |
447 | <tr><td colspan='2'> |
448 | <div style='float : right' class='insensitive-small'> | |
449 | <?php echo __("Shared article will appear in the Published feed.") ?> | |
450 | </div> | |
451 | <button type="submit"><?php echo __('Share') ?></button> | |
452 | <button onclick="return window.close()"><?php echo __('Cancel') ?></button> | |
453 | </div> | |
8361e724 | 454 | |
d493aba2 AD |
455 | </form> |
456 | </td></tr></table> | |
457 | </body></html> | |
458 | <?php | |
8361e724 | 459 | |
8361e724 AD |
460 | } |
461 | ||
462 | } else { | |
463 | ||
d493aba2 AD |
464 | $return = urlencode($_SERVER["REQUEST_URI"]) |
465 | ?> | |
466 | ||
467 | <form action="public.php?return=<?php echo $return ?>" | |
22439dad | 468 | method="POST" id="loginForm" name="loginForm"> |
d493aba2 AD |
469 | |
470 | <input type="hidden" name="op" value="login"> | |
471 | ||
472 | <table height='100%' width='100%'><tr><td colspan='2'> | |
22439dad | 473 | <h1><?php echo __("Not logged in") ?></h1></td></tr> |
d493aba2 AD |
474 | |
475 | <tr><td align="right"><?php echo __("Login:") ?></td> | |
476 | <td align="right"><input name="login" | |
477 | value="<?php echo $_SESSION["fake_login"] ?>"></td></tr> | |
478 | <tr><td align="right"><?php echo __("Password:") ?></td> | |
479 | <td align="right"><input type="password" name="password" | |
480 | value="<?php echo $_SESSION["fake_password"] ?>"></td></tr> | |
481 | <tr><td align="right"><?php echo __("Language:") ?></td> | |
482 | <td align="right"> | |
483 | <?php | |
484 | print_select_hash("language", $_COOKIE["ttrss_lang"], get_translations(), | |
485 | "style='width : 100%''"); | |
486 | ||
487 | ?> | |
488 | </td></tr> | |
489 | <tr><td colspan='2'> | |
490 | <button type="submit"> | |
491 | <?php echo __('Log in') ?></button> | |
492 | ||
493 | <button onclick="return window.close()"> | |
494 | <?php echo __('Cancel') ?></button> | |
495 | </td></tr> | |
496 | </table> | |
497 | ||
498 | </form> | |
499 | <?php | |
8361e724 AD |
500 | } |
501 | } | |
502 | ||
97acbaf1 AD |
503 | function login() { |
504 | ||
97acbaf1 AD |
505 | $_SESSION["prefs_cache"] = array(); |
506 | ||
507 | if (!SINGLE_USER_MODE) { | |
508 | ||
509 | $login = db_escape_string($_POST["login"]); | |
510 | $password = $_POST["password"]; | |
511 | $remember_me = $_POST["remember_me"]; | |
512 | ||
513 | if (authenticate_user($this->link, $login, $password)) { | |
514 | $_POST["password"] = ""; | |
515 | ||
516 | $_SESSION["language"] = $_POST["language"]; | |
517 | $_SESSION["ref_schema_version"] = get_schema_version($this->link, true); | |
518 | $_SESSION["bw_limit"] = !!$_POST["bw_limit"]; | |
519 | ||
520 | if ($_POST["profile"]) { | |
521 | ||
522 | $profile = db_escape_string($_POST["profile"]); | |
523 | ||
524 | $result = db_query($this->link, "SELECT id FROM ttrss_settings_profiles | |
525 | WHERE id = '$profile' AND owner_uid = " . $_SESSION["uid"]); | |
526 | ||
527 | if (db_num_rows($result) != 0) { | |
528 | $_SESSION["profile"] = $profile; | |
529 | $_SESSION["prefs_cache"] = array(); | |
530 | } | |
531 | } | |
532 | } else { | |
533 | $_SESSION["login_error_msg"] = __("Incorrect username or password"); | |
534 | } | |
535 | ||
536 | if ($_REQUEST['return']) { | |
537 | header("Location: " . $_REQUEST['return']); | |
538 | } else { | |
539 | header("Location: " . SELF_URL_PATH); | |
540 | } | |
541 | } | |
542 | } | |
543 | ||
544 | function subscribe() { | |
545 | if ($_SESSION["uid"]) { | |
546 | ||
547 | $feed_url = db_escape_string(trim($_REQUEST["feed_url"])); | |
548 | ||
549 | header('Content-Type: text/html; charset=utf-8'); | |
550 | print "<html> | |
551 | <head> | |
552 | <title>Tiny Tiny RSS</title> | |
553 | <link rel=\"stylesheet\" type=\"text/css\" href=\"utility.css\"> | |
554 | <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/> | |
555 | </head> | |
556 | <body> | |
557 | <img class=\"floatingLogo\" src=\"images/logo_wide.png\" | |
558 | alt=\"Tiny Tiny RSS\"/> | |
559 | <h1>".__("Subscribe to feed...")."</h1>"; | |
560 | ||
561 | $rc = subscribe_to_feed($this->link, $feed_url); | |
562 | ||
563 | switch ($rc['code']) { | |
564 | case 0: | |
565 | print_warning(T_sprintf("Already subscribed to <b>%s</b>.", $feed_url)); | |
566 | break; | |
567 | case 1: | |
568 | print_notice(T_sprintf("Subscribed to <b>%s</b>.", $feed_url)); | |
569 | break; | |
570 | case 2: | |
571 | print_error(T_sprintf("Could not subscribe to <b>%s</b>.", $feed_url)); | |
572 | break; | |
573 | case 3: | |
574 | print_error(T_sprintf("No feeds found in <b>%s</b>.", $feed_url)); | |
575 | break; | |
576 | case 4: | |
577 | print_notice(__("Multiple feed URLs found.")); | |
759e5132 | 578 | $feed_urls = $rc["feeds"]; |
97acbaf1 AD |
579 | break; |
580 | case 5: | |
581 | print_error(T_sprintf("Could not subscribe to <b>%s</b>.<br>Can't download the Feed URL.", $feed_url)); | |
582 | break; | |
583 | } | |
584 | ||
585 | if ($feed_urls) { | |
586 | ||
587 | print "<form action=\"public.php\">"; | |
588 | print "<input type=\"hidden\" name=\"op\" value=\"subscribe\">"; | |
589 | ||
590 | print "<select name=\"feed_url\">"; | |
591 | ||
592 | foreach ($feed_urls as $url => $name) { | |
593 | $url = htmlspecialchars($url); | |
594 | $name = htmlspecialchars($name); | |
595 | ||
596 | print "<option value=\"$url\">$name</option>"; | |
597 | } | |
598 | ||
599 | print "<input type=\"submit\" value=\"".__("Subscribe to selected feed"). | |
600 | "\">"; | |
601 | ||
602 | print "</form>"; | |
603 | } | |
604 | ||
605 | $tp_uri = get_self_url_prefix() . "/prefs.php"; | |
606 | $tt_uri = get_self_url_prefix(); | |
607 | ||
608 | if ($rc['code'] <= 2){ | |
609 | $result = db_query($this->link, "SELECT id FROM ttrss_feeds WHERE | |
610 | feed_url = '$feed_url' AND owner_uid = " . $_SESSION["uid"]); | |
611 | ||
612 | $feed_id = db_fetch_result($result, 0, "id"); | |
613 | } else { | |
614 | $feed_id = 0; | |
615 | } | |
616 | print "<p>"; | |
617 | ||
618 | if ($feed_id) { | |
619 | print "<form method=\"GET\" style='display: inline' | |
620 | action=\"$tp_uri\"> | |
621 | <input type=\"hidden\" name=\"tab\" value=\"feedConfig\"> | |
622 | <input type=\"hidden\" name=\"method\" value=\"editFeed\"> | |
623 | <input type=\"hidden\" name=\"methodparam\" value=\"$feed_id\"> | |
624 | <input type=\"submit\" value=\"".__("Edit subscription options")."\"> | |
625 | </form>"; | |
626 | } | |
627 | ||
628 | print "<form style='display: inline' method=\"GET\" action=\"$tt_uri\"> | |
629 | <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\"> | |
630 | </form></p>"; | |
631 | ||
632 | print "</body></html>"; | |
633 | ||
634 | } else { | |
635 | render_login_form($this->link); | |
636 | } | |
637 | } | |
638 | ||
639 | function subscribe2() { | |
640 | $feed_url = db_escape_string(trim($_REQUEST["feed_url"])); | |
641 | $cat_id = db_escape_string($_REQUEST["cat_id"]); | |
642 | $from = db_escape_string($_REQUEST["from"]); | |
643 | ||
644 | /* only read authentication information from POST */ | |
645 | ||
646 | $auth_login = db_escape_string(trim($_POST["auth_login"])); | |
647 | $auth_pass = db_escape_string(trim($_POST["auth_pass"])); | |
648 | ||
649 | $rc = subscribe_to_feed($this->link, $feed_url, $cat_id, $auth_login, $auth_pass); | |
650 | ||
651 | switch ($rc) { | |
652 | case 1: | |
653 | print_notice(T_sprintf("Subscribed to <b>%s</b>.", $feed_url)); | |
654 | break; | |
655 | case 2: | |
656 | print_error(T_sprintf("Could not subscribe to <b>%s</b>.", $feed_url)); | |
657 | break; | |
658 | case 3: | |
659 | print_error(T_sprintf("No feeds found in <b>%s</b>.", $feed_url)); | |
660 | break; | |
661 | case 0: | |
662 | print_warning(T_sprintf("Already subscribed to <b>%s</b>.", $feed_url)); | |
663 | break; | |
664 | case 4: | |
665 | print_notice(__("Multiple feed URLs found.")); | |
666 | ||
667 | $feed_urls = get_feeds_from_html($feed_url); | |
668 | break; | |
669 | case 5: | |
670 | print_error(T_sprintf("Could not subscribe to <b>%s</b>.<br>Can't download the Feed URL.", $feed_url)); | |
671 | break; | |
672 | } | |
673 | ||
674 | if ($feed_urls) { | |
675 | print "<form action=\"backend.php\">"; | |
676 | print "<input type=\"hidden\" name=\"op\" value=\"pref-feeds\">"; | |
677 | print "<input type=\"hidden\" name=\"quiet\" value=\"1\">"; | |
678 | print "<input type=\"hidden\" name=\"method\" value=\"add\">"; | |
679 | ||
680 | print "<select name=\"feed_url\">"; | |
681 | ||
682 | foreach ($feed_urls as $url => $name) { | |
683 | $url = htmlspecialchars($url); | |
684 | $name = htmlspecialchars($name); | |
685 | print "<option value=\"$url\">$name</option>"; | |
686 | } | |
687 | ||
688 | print "<input type=\"submit\" value=\"".__("Subscribe to selected feed")."\">"; | |
689 | print "</form>"; | |
690 | } | |
691 | ||
692 | $tp_uri = get_self_url_prefix() . "/prefs.php"; | |
693 | $tt_uri = get_self_url_prefix(); | |
694 | ||
695 | if ($rc <= 2){ | |
696 | $result = db_query($this->link, "SELECT id FROM ttrss_feeds WHERE | |
697 | feed_url = '$feed_url' AND owner_uid = " . $_SESSION["uid"]); | |
698 | ||
699 | $feed_id = db_fetch_result($result, 0, "id"); | |
700 | } else { | |
701 | $feed_id = 0; | |
702 | } | |
703 | ||
704 | print "<p>"; | |
705 | ||
706 | if ($feed_id) { | |
707 | print "<form method=\"GET\" style='display: inline' | |
708 | action=\"$tp_uri\"> | |
709 | <input type=\"hidden\" name=\"tab\" value=\"feedConfig\"> | |
710 | <input type=\"hidden\" name=\"method\" value=\"editFeed\"> | |
711 | <input type=\"hidden\" name=\"methodparam\" value=\"$feed_id\"> | |
712 | <input type=\"submit\" value=\"".__("Edit subscription options")."\"> | |
713 | </form>"; | |
714 | } | |
715 | ||
716 | print "<form style='display: inline' method=\"GET\" action=\"$tt_uri\"> | |
717 | <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\"> | |
718 | </form></p>"; | |
719 | ||
720 | print "</body></html>"; | |
721 | } | |
722 | ||
723 | function index() { | |
724 | header("Content-Type: text/plain"); | |
725 | print json_encode(array("error" => array("code" => 7))); | |
726 | } | |
727 | ||
5f0a3741 AD |
728 | } |
729 | ?> |