[tt-rss.git] / classes / public_handler.php

<?php
class Public_Handler extends Handler {

	private function generate_syndicated_feed($owner_uid, $feed, $is_cat,
		$limit, $search, $search_mode, $match_on, $view_mode = false) {

		require_once "lib/MiniTemplator.class.php";

		$note_style = 	"background-color : #fff7d5;
			border-width : 1px; ".
			"padding : 5px; border-style : dashed; border-color : #e7d796;".
			"margin-bottom : 1em; color : #9a8c59;";

		if (!$limit) $limit = 30;

		if (get_pref($this->link, "SORT_HEADLINES_BY_FEED_DATE", $owner_uid)) {
			$date_sort_field = "updated";
		} else {
			$date_sort_field = "date_entered";
		}

		$qfh_ret = queryFeedHeadlines($this->link, $feed,
			$limit, $view_mode, $is_cat, $search, $search_mode,
			$match_on, "$date_sort_field DESC", 0, $owner_uid);

		$result = $qfh_ret[0];
		$feed_title = htmlspecialchars($qfh_ret[1]);
		$feed_site_url = $qfh_ret[2];
		$last_error = $qfh_ret[3];

		$feed_self_url = get_self_url_prefix() .
			"/public.php?op=rss&id=-2&key=" .
			get_feed_access_key($this->link, -2, false);

		if (!$feed_site_url) $feed_site_url = get_self_url_prefix();

		$tpl = new MiniTemplator;

		$tpl->readTemplateFromFile("templates/generated_feed.txt");

		$tpl->setVariable('FEED_TITLE', $feed_title);
		$tpl->setVariable('VERSION', VERSION);
		$tpl->setVariable('FEED_URL', htmlspecialchars($feed_self_url));

		if (PUBSUBHUBBUB_HUB && $feed == -2) {
			$tpl->setVariable('HUB_URL', htmlspecialchars(PUBSUBHUBBUB_HUB));
			$tpl->addBlock('feed_hub');
		}

		$tpl->setVariable('SELF_URL', htmlspecialchars(get_self_url_prefix()));

 		while ($line = db_fetch_assoc($result)) {
			$tpl->setVariable('ARTICLE_ID', htmlspecialchars($line['link']));
			$tpl->setVariable('ARTICLE_LINK', htmlspecialchars($line['link']));
			$tpl->setVariable('ARTICLE_TITLE', htmlspecialchars($line['title']));
			$tpl->setVariable('ARTICLE_EXCERPT',
				truncate_string(strip_tags($line["content_preview"]), 100, '...'));

			$content = sanitize($this->link, $line["content_preview"], false, $owner_uid);

			if ($line['note']) {
				$content = "<div style=\"$note_style\">Article note: " . $line['note'] . "</div>" .
					$content;
			}

			$tpl->setVariable('ARTICLE_CONTENT', $content);

			$tpl->setVariable('ARTICLE_UPDATED', date('c', strtotime($line["updated"])));
			$tpl->setVariable('ARTICLE_AUTHOR', htmlspecialchars($line['author']));

			$tags = get_article_tags($this->link, $line["id"], $owner_uid);

			foreach ($tags as $tag) {
				$tpl->setVariable('ARTICLE_CATEGORY', htmlspecialchars($tag));
				$tpl->addBlock('category');
			}

			$enclosures = get_article_enclosures($this->link, $line["id"]);

			foreach ($enclosures as $e) {
				$type = htmlspecialchars($e['content_type']);
				$url = htmlspecialchars($e['content_url']);
				$length = $e['duration'];

				$tpl->setVariable('ARTICLE_ENCLOSURE_URL', $url);
				$tpl->setVariable('ARTICLE_ENCLOSURE_TYPE', $type);
				$tpl->setVariable('ARTICLE_ENCLOSURE_LENGTH', $length);

				$tpl->addBlock('enclosure');
			}

			$tpl->addBlock('entry');
		}

		$tmp = "";

		$tpl->addBlock('feed');
		$tpl->generateOutputToString($tmp);

		print $tmp;
	}

	function getUnread() {
		$login = db_escape_string($_REQUEST["login"]);
		$fresh = $_REQUEST["fresh"] == "1";

		$result = db_query($this->link, "SELECT id FROM ttrss_users WHERE login = '$login'");

		if (db_num_rows($result) == 1) {
			$uid = db_fetch_result($result, 0, "id");

			print getGlobalUnread($this->link, $uid);

			if ($fresh) {
				print ";";
				print getFeedArticles($this->link, -3, false, true, $uid);
			}

		} else {
			print "-1;User not found";
		}

	}

	function getProfiles() {
		$login = db_escape_string($_REQUEST["login"]);
		$password = db_escape_string($_REQUEST["password"]);

		if (authenticate_user($this->link, $login, $password)) {
			$result = db_query($this->link, "SELECT * FROM ttrss_settings_profiles
				WHERE owner_uid = " . $_SESSION["uid"] . " ORDER BY title");

			print "<select style='width: 100%' name='profile'>";

			print "<option value='0'>" . __("Default profile") . "</option>";

			while ($line = db_fetch_assoc($result)) {
				$id = $line["id"];
				$title = $line["title"];

				print "<option value='$id'>$title</option>";
			}

			print "</select>";

			$_SESSION = array();
		}
	}

	function pubsub() {
		$mode = db_escape_string($_REQUEST['hub_mode']);
		$feed_id = (int) db_escape_string($_REQUEST['id']);
		$feed_url = db_escape_string($_REQUEST['hub_topic']);

		if (!PUBSUBHUBBUB_ENABLED) {
			header('HTTP/1.0 404 Not Found');
			echo "404 Not found";
			return;
		}

		// TODO: implement hub_verifytoken checking

		$result = db_query($this->link, "SELECT feed_url FROM ttrss_feeds
			WHERE id = '$feed_id'");

		if (db_num_rows($result) != 0) {

			$check_feed_url = db_fetch_result($result, 0, "feed_url");

			if ($check_feed_url && ($check_feed_url == $feed_url || !$feed_url)) {
				if ($mode == "subscribe") {

					db_query($this->link, "UPDATE ttrss_feeds SET pubsub_state = 2
						WHERE id = '$feed_id'");

					print $_REQUEST['hub_challenge'];
					return;

				} else if ($mode == "unsubscribe") {

					db_query($this->link, "UPDATE ttrss_feeds SET pubsub_state = 0
						WHERE id = '$feed_id'");

					print $_REQUEST['hub_challenge'];
					return;

				} else if (!$mode) {

					// Received update ping, schedule feed update.
					//update_rss_feed($this->link, $feed_id, true, true);

					db_query($this->link, "UPDATE ttrss_feeds SET
						last_update_started = '1970-01-01',
						last_updated = '1970-01-01' WHERE id = '$feed_id'");

				}
			} else {
				header('HTTP/1.0 404 Not Found');
				echo "404 Not found";
			}
		} else {
			header('HTTP/1.0 404 Not Found');
			echo "404 Not found";
		}

	}

	function logout() {
		logout_user();
		header("Location: index.php");
	}

	function fbexport() {

		$access_key = db_escape_string($_POST["key"]);

		// TODO: rate limit checking using last_connected
		$result = db_query($this->link, "SELECT id FROM ttrss_linked_instances
			WHERE access_key = '$access_key'");

		if (db_num_rows($result) == 1) {

			$instance_id = db_fetch_result($result, 0, "id");

			$result = db_query($this->link, "SELECT feed_url, site_url, title, subscribers
				FROM ttrss_feedbrowser_cache ORDER BY subscribers DESC LIMIT 100");

			$feeds = array();

			while ($line = db_fetch_assoc($result)) {
				array_push($feeds, $line);
			}

			db_query($this->link, "UPDATE ttrss_linked_instances SET
				last_status_in = 1 WHERE id = '$instance_id'");

			print json_encode(array("feeds" => $feeds));
		} else {
			print json_encode(array("error" => array("code" => 6)));
		}
	}

	function share() {
		$uuid = db_escape_string($_REQUEST["key"]);

		$result = db_query($this->link, "SELECT ref_id, owner_uid FROM ttrss_user_entries WHERE
			uuid = '$uuid'");

		if (db_num_rows($result) != 0) {
			header("Content-Type: text/html");

			$id = db_fetch_result($result, 0, "ref_id");
			$owner_uid = db_fetch_result($result, 0, "owner_uid");

			$_SESSION["uid"] = $owner_uid;
			$article = format_article($this->link, $id, false, true);
			$_SESSION["uid"] = "";

			print_r($article['content']);

		} else {
			print "Article not found.";
		}

	}

	function rss() {
		header("Content-Type: text/xml; charset=utf-8");

		$feed = db_escape_string($_REQUEST["id"]);
		$key = db_escape_string($_REQUEST["key"]);
		$is_cat = $_REQUEST["is_cat"] != false;
		$limit = (int)db_escape_string($_REQUEST["limit"]);

		$search = db_escape_string($_REQUEST["q"]);
		$match_on = db_escape_string($_REQUEST["m"]);
		$search_mode = db_escape_string($_REQUEST["smode"]);
		$view_mode = db_escape_string($_REQUEST["view-mode"]);

		if (SINGLE_USER_MODE) {
			authenticate_user($this->link, "admin", null);
		}

		$owner_id = false;

		if ($key) {
			$result = db_query($this->link, "SELECT owner_uid FROM
				ttrss_access_keys WHERE access_key = '$key' AND feed_id = '$feed'");

			if (db_num_rows($result) == 1)
				$owner_id = db_fetch_result($result, 0, "owner_uid");
		}

		if ($owner_id) {
			$_SESSION['uid'] = $owner_id;

			$this->generate_syndicated_feed(0, $feed, $is_cat, $limit,
				$search, $search_mode, $match_on, $view_mode);
		} else {
			header('HTTP/1.1 403 Forbidden');
		}
	}

	/* function globalUpdateFeeds() {
		// Update all feeds needing a update.
		update_daemon_common($this->link, 0, true, true);
	} */
}
?>
Commit	Line	Data
5f0a3741 AD	1	<?php
	2	class Public_Handler extends Handler {
	3
79178062 AD	4	private function generate_syndicated_feed($owner_uid, $feed, $is_cat,
	5	$limit, $search, $search_mode, $match_on, $view_mode = false) {
	6
	7	require_once "lib/MiniTemplator.class.php";
	8
	9	$note_style = "background-color : #fff7d5;
	10	border-width : 1px; ".
	11	"padding : 5px; border-style : dashed; border-color : #e7d796;".
	12	"margin-bottom : 1em; color : #9a8c59;";
	13
	14	if (!$limit) $limit = 30;
	15
	16	if (get_pref($this->link, "SORT_HEADLINES_BY_FEED_DATE", $owner_uid)) {
	17	$date_sort_field = "updated";
	18	} else {
	19	$date_sort_field = "date_entered";
	20	}
	21
	22	$qfh_ret = queryFeedHeadlines($this->link, $feed,
	23	$limit, $view_mode, $is_cat, $search, $search_mode,
	24	$match_on, "$date_sort_field DESC", 0, $owner_uid);
	25
	26	$result = $qfh_ret[0];
	27	$feed_title = htmlspecialchars($qfh_ret[1]);
	28	$feed_site_url = $qfh_ret[2];
	29	$last_error = $qfh_ret[3];
	30
	31	$feed_self_url = get_self_url_prefix() .
	32	"/public.php?op=rss&id=-2&key=" .
	33	get_feed_access_key($this->link, -2, false);
	34
	35	if (!$feed_site_url) $feed_site_url = get_self_url_prefix();
	36
	37	$tpl = new MiniTemplator;
	38
	39	$tpl->readTemplateFromFile("templates/generated_feed.txt");
	40
	41	$tpl->setVariable('FEED_TITLE', $feed_title);
	42	$tpl->setVariable('VERSION', VERSION);
	43	$tpl->setVariable('FEED_URL', htmlspecialchars($feed_self_url));
	44
	45	if (PUBSUBHUBBUB_HUB && $feed == -2) {
	46	$tpl->setVariable('HUB_URL', htmlspecialchars(PUBSUBHUBBUB_HUB));
	47	$tpl->addBlock('feed_hub');
	48	}
	49
	50	$tpl->setVariable('SELF_URL', htmlspecialchars(get_self_url_prefix()));
	51
	52	while ($line = db_fetch_assoc($result)) {
	53	$tpl->setVariable('ARTICLE_ID', htmlspecialchars($line['link']));
	54	$tpl->setVariable('ARTICLE_LINK', htmlspecialchars($line['link']));
	55	$tpl->setVariable('ARTICLE_TITLE', htmlspecialchars($line['title']));
	56	$tpl->setVariable('ARTICLE_EXCERPT',
	57	truncate_string(strip_tags($line["content_preview"]), 100, '...'));
	58
	59	$content = sanitize($this->link, $line["content_preview"], false, $owner_uid);
	60
	61	if ($line['note']) {
	62	$content = "<div style=\"$note_style\">Article note: " . $line['note'] . "</div>" .
	63	$content;
	64	}
	65
	66	$tpl->setVariable('ARTICLE_CONTENT', $content);
	67
68	$tpl->setVariable('ARTICLE_UPDATED', date('c', strtotime($line["updated"])));
69	$tpl->setVariable('ARTICLE_AUTHOR', htmlspecialchars($line['author']));
70
71	$tags = get_article_tags($this->link, $line["id"], $owner_uid);
72
73	foreach ($tags as $tag) {
74	$tpl->setVariable('ARTICLE_CATEGORY', htmlspecialchars($tag));
75	$tpl->addBlock('category');
76	}
77
78	$enclosures = get_article_enclosures($this->link, $line["id"]);
79
80	foreach ($enclosures as $e) {
81	$type = htmlspecialchars($e['content_type']);
82	$url = htmlspecialchars($e['content_url']);
83	$length = $e['duration'];
84
85	$tpl->setVariable('ARTICLE_ENCLOSURE_URL', $url);
86	$tpl->setVariable('ARTICLE_ENCLOSURE_TYPE', $type);
87	$tpl->setVariable('ARTICLE_ENCLOSURE_LENGTH', $length);
88
89	$tpl->addBlock('enclosure');
90	}
91
92	$tpl->addBlock('entry');
93	}
94
95	$tmp = "";
96
97	$tpl->addBlock('feed');
98	$tpl->generateOutputToString($tmp);
99
100	print $tmp;
101	}
102
5f0a3741 AD	103	function getUnread() {
	104	$login = db_escape_string($_REQUEST["login"]);
	105	$fresh = $_REQUEST["fresh"] == "1";
	106
	107	$result = db_query($this->link, "SELECT id FROM ttrss_users WHERE login = '$login'");
	108
	109	if (db_num_rows($result) == 1) {
	110	$uid = db_fetch_result($result, 0, "id");
	111
	112	print getGlobalUnread($this->link, $uid);
	113
	114	if ($fresh) {
	115	print ";";
	116	print getFeedArticles($this->link, -3, false, true, $uid);
	117	}
	118
	119	} else {
	120	print "-1;User not found";
	121	}
	122
	123	}
	124
	125	function getProfiles() {
	126	$login = db_escape_string($_REQUEST["login"]);
	127	$password = db_escape_string($_REQUEST["password"]);
	128
	129	if (authenticate_user($this->link, $login, $password)) {
	130	$result = db_query($this->link, "SELECT * FROM ttrss_settings_profiles
	131	WHERE owner_uid = " . $_SESSION["uid"] . " ORDER BY title");
	132
	133	print "<select style='width: 100%' name='profile'>";
	134
	135	print "<option value='0'>" . __("Default profile") . "</option>";
	136
	137	while ($line = db_fetch_assoc($result)) {
	138	$id = $line["id"];
	139	$title = $line["title"];
	140
	141	print "<option value='$id'>$title</option>";
	142	}
	143
	144	print "</select>";
	145
	146	$_SESSION = array();
	147	}
	148	}
	149
	150	function pubsub() {
	151	$mode = db_escape_string($_REQUEST['hub_mode']);
	152	$feed_id = (int) db_escape_string($_REQUEST['id']);
	153	$feed_url = db_escape_string($_REQUEST['hub_topic']);
	154
	155	if (!PUBSUBHUBBUB_ENABLED) {
	156	header('HTTP/1.0 404 Not Found');
	157	echo "404 Not found";
	158	return;
	159	}
	160
	161	// TODO: implement hub_verifytoken checking
	162
	163	$result = db_query($this->link, "SELECT feed_url FROM ttrss_feeds
	164	WHERE id = '$feed_id'");
	165
	166	if (db_num_rows($result) != 0) {
167
168	$check_feed_url = db_fetch_result($result, 0, "feed_url");
169
170	if ($check_feed_url && ($check_feed_url == $feed_url \|\| !$feed_url)) {
171	if ($mode == "subscribe") {
172
173	db_query($this->link, "UPDATE ttrss_feeds SET pubsub_state = 2
174	WHERE id = '$feed_id'");
175
176	print $_REQUEST['hub_challenge'];
177	return;
178
179	} else if ($mode == "unsubscribe") {
180
181	db_query($this->link, "UPDATE ttrss_feeds SET pubsub_state = 0
182	WHERE id = '$feed_id'");
183
184	print $_REQUEST['hub_challenge'];
185	return;
186
187	} else if (!$mode) {
188
189	// Received update ping, schedule feed update.
190	//update_rss_feed($this->link, $feed_id, true, true);
191
192	db_query($this->link, "UPDATE ttrss_feeds SET
193	last_update_started = '1970-01-01',
194	last_updated = '1970-01-01' WHERE id = '$feed_id'");
195
196	}
197	} else {
198	header('HTTP/1.0 404 Not Found');
199	echo "404 Not found";
200	}
201	} else {
202	header('HTTP/1.0 404 Not Found');
203	echo "404 Not found";
204	}
205
206	}
207
208	function logout() {
209	logout_user();
210	header("Location: index.php");
211	}
212
213	function fbexport() {
214
215	$access_key = db_escape_string($_POST["key"]);
216
217	// TODO: rate limit checking using last_connected
218	$result = db_query($this->link, "SELECT id FROM ttrss_linked_instances
219	WHERE access_key = '$access_key'");
220
221	if (db_num_rows($result) == 1) {
222
223	$instance_id = db_fetch_result($result, 0, "id");
224
225	$result = db_query($this->link, "SELECT feed_url, site_url, title, subscribers
226	FROM ttrss_feedbrowser_cache ORDER BY subscribers DESC LIMIT 100");
227
228	$feeds = array();
229
230	while ($line = db_fetch_assoc($result)) {
231	array_push($feeds, $line);
232	}
233
234	db_query($this->link, "UPDATE ttrss_linked_instances SET
235	last_status_in = 1 WHERE id = '$instance_id'");
236
237	print json_encode(array("feeds" => $feeds));
238	} else {
239	print json_encode(array("error" => array("code" => 6)));
240	}
241	}
242
243	function share() {
244	$uuid = db_escape_string($_REQUEST["key"]);
245
246	$result = db_query($this->link, "SELECT ref_id, owner_uid FROM ttrss_user_entries WHERE
247	uuid = '$uuid'");
248
249	if (db_num_rows($result) != 0) {
250	header("Content-Type: text/html");
251
252	$id = db_fetch_result($result, 0, "ref_id");
253	$owner_uid = db_fetch_result($result, 0, "owner_uid");
254
255	$_SESSION["uid"] = $owner_uid;
256	$article = format_article($this->link, $id, false, true);
257	$_SESSION["uid"] = "";
258
259	print_r($article['content']);
260
261	} else {
262	print "Article not found.";
263	}
264
265	}
266
267	function rss() {
268	header("Content-Type: text/xml; charset=utf-8");
269
270	$feed = db_escape_string($_REQUEST["id"]);
271	$key = db_escape_string($_REQUEST["key"]);
272	$is_cat = $_REQUEST["is_cat"] != false;
273	$limit = (int)db_escape_string($_REQUEST["limit"]);
274
275	$search = db_escape_string($_REQUEST["q"]);
276	$match_on = db_escape_string($_REQUEST["m"]);
277	$search_mode = db_escape_string($_REQUEST["smode"]);
278	$view_mode = db_escape_string($_REQUEST["view-mode"]);
279
280	if (SINGLE_USER_MODE) {
281	authenticate_user($this->link, "admin", null);
282	}
283
284	$owner_id = false;
285
286	if ($key) {
287	$result = db_query($this->link, "SELECT owner_uid FROM
288	ttrss_access_keys WHERE access_key = '$key' AND feed_id = '$feed'");
289
290	if (db_num_rows($result) == 1)
291	$owner_id = db_fetch_result($result, 0, "owner_uid");
292	}
293
294	if ($owner_id) {
295	$_SESSION['uid'] = $owner_id;
296
79178062	297	$this->generate_syndicated_feed(0, $feed, $is_cat, $limit,
5f0a3741 AD	298	$search, $search_mode, $match_on, $view_mode);
	299	} else {
	300	header('HTTP/1.1 403 Forbidden');
	301	}
	302	}
	303
	304	/* function globalUpdateFeeds() {
	305	// Update all feeds needing a update.
	306	update_daemon_common($this->link, 0, true, true);
	307	} */
	308	}
	309	?>