[tt-rss.git] / classes / public_handler.php

<?php
class Public_Handler extends Handler {

	function getUnread() {
		$login = db_escape_string($_REQUEST["login"]);
		$fresh = $_REQUEST["fresh"] == "1";

		$result = db_query($this->link, "SELECT id FROM ttrss_users WHERE login = '$login'");

		if (db_num_rows($result) == 1) {
			$uid = db_fetch_result($result, 0, "id");

			print getGlobalUnread($this->link, $uid);

			if ($fresh) {
				print ";";
				print getFeedArticles($this->link, -3, false, true, $uid);
			}

		} else {
			print "-1;User not found";
		}

	}

	function getProfiles() {
		$login = db_escape_string($_REQUEST["login"]);
		$password = db_escape_string($_REQUEST["password"]);

		if (authenticate_user($this->link, $login, $password)) {
			$result = db_query($this->link, "SELECT * FROM ttrss_settings_profiles
				WHERE owner_uid = " . $_SESSION["uid"] . " ORDER BY title");

			print "<select style='width: 100%' name='profile'>";

			print "<option value='0'>" . __("Default profile") . "</option>";

			while ($line = db_fetch_assoc($result)) {
				$id = $line["id"];
				$title = $line["title"];

				print "<option value='$id'>$title</option>";
			}

			print "</select>";

			$_SESSION = array();
		}
	}

	function pubsub() {
		$mode = db_escape_string($_REQUEST['hub_mode']);
		$feed_id = (int) db_escape_string($_REQUEST['id']);
		$feed_url = db_escape_string($_REQUEST['hub_topic']);

		if (!PUBSUBHUBBUB_ENABLED) {
			header('HTTP/1.0 404 Not Found');
			echo "404 Not found";
			return;
		}

		// TODO: implement hub_verifytoken checking

		$result = db_query($this->link, "SELECT feed_url FROM ttrss_feeds
			WHERE id = '$feed_id'");

		if (db_num_rows($result) != 0) {

			$check_feed_url = db_fetch_result($result, 0, "feed_url");

			if ($check_feed_url && ($check_feed_url == $feed_url || !$feed_url)) {
				if ($mode == "subscribe") {

					db_query($this->link, "UPDATE ttrss_feeds SET pubsub_state = 2
						WHERE id = '$feed_id'");

					print $_REQUEST['hub_challenge'];
					return;

				} else if ($mode == "unsubscribe") {

					db_query($this->link, "UPDATE ttrss_feeds SET pubsub_state = 0
						WHERE id = '$feed_id'");

					print $_REQUEST['hub_challenge'];
					return;

				} else if (!$mode) {

					// Received update ping, schedule feed update.
					//update_rss_feed($this->link, $feed_id, true, true);

					db_query($this->link, "UPDATE ttrss_feeds SET
						last_update_started = '1970-01-01',
						last_updated = '1970-01-01' WHERE id = '$feed_id'");

				}
			} else {
				header('HTTP/1.0 404 Not Found');
				echo "404 Not found";
			}
		} else {
			header('HTTP/1.0 404 Not Found');
			echo "404 Not found";
		}

	}

	function logout() {
		logout_user();
		header("Location: index.php");
	}

	function fbexport() {

		$access_key = db_escape_string($_POST["key"]);

		// TODO: rate limit checking using last_connected
		$result = db_query($this->link, "SELECT id FROM ttrss_linked_instances
			WHERE access_key = '$access_key'");

		if (db_num_rows($result) == 1) {

			$instance_id = db_fetch_result($result, 0, "id");

			$result = db_query($this->link, "SELECT feed_url, site_url, title, subscribers
				FROM ttrss_feedbrowser_cache ORDER BY subscribers DESC LIMIT 100");

			$feeds = array();

			while ($line = db_fetch_assoc($result)) {
				array_push($feeds, $line);
			}

			db_query($this->link, "UPDATE ttrss_linked_instances SET
				last_status_in = 1 WHERE id = '$instance_id'");

			print json_encode(array("feeds" => $feeds));
		} else {
			print json_encode(array("error" => array("code" => 6)));
		}
	}

	function share() {
		$uuid = db_escape_string($_REQUEST["key"]);

		$result = db_query($this->link, "SELECT ref_id, owner_uid FROM ttrss_user_entries WHERE
			uuid = '$uuid'");

		if (db_num_rows($result) != 0) {
			header("Content-Type: text/html");

			$id = db_fetch_result($result, 0, "ref_id");
			$owner_uid = db_fetch_result($result, 0, "owner_uid");

			$_SESSION["uid"] = $owner_uid;
			$article = format_article($this->link, $id, false, true);
			$_SESSION["uid"] = "";

			print_r($article['content']);

		} else {
			print "Article not found.";
		}

	}

	function rss() {
		header("Content-Type: text/xml; charset=utf-8");

		$feed = db_escape_string($_REQUEST["id"]);
		$key = db_escape_string($_REQUEST["key"]);
		$is_cat = $_REQUEST["is_cat"] != false;
		$limit = (int)db_escape_string($_REQUEST["limit"]);

		$search = db_escape_string($_REQUEST["q"]);
		$match_on = db_escape_string($_REQUEST["m"]);
		$search_mode = db_escape_string($_REQUEST["smode"]);
		$view_mode = db_escape_string($_REQUEST["view-mode"]);

		if (SINGLE_USER_MODE) {
			authenticate_user($this->link, "admin", null);
		}

		$owner_id = false;

		if ($key) {
			$result = db_query($this->link, "SELECT owner_uid FROM
				ttrss_access_keys WHERE access_key = '$key' AND feed_id = '$feed'");

			if (db_num_rows($result) == 1)
				$owner_id = db_fetch_result($result, 0, "owner_uid");
		}

		if ($owner_id) {
			$_SESSION['uid'] = $owner_id;

			generate_syndicated_feed($this->link, 0, $feed, $is_cat, $limit,
				$search, $search_mode, $match_on, $view_mode);
		} else {
			header('HTTP/1.1 403 Forbidden');
		}
	}

	/* function globalUpdateFeeds() {
		// Update all feeds needing a update.
		update_daemon_common($this->link, 0, true, true);
	} */
}
?>
Commit	Line	Data
5f0a3741 AD	1	<?php
	2	class Public_Handler extends Handler {
	3
	4	function getUnread() {
	5	$login = db_escape_string($_REQUEST["login"]);
	6	$fresh = $_REQUEST["fresh"] == "1";
	7
	8	$result = db_query($this->link, "SELECT id FROM ttrss_users WHERE login = '$login'");
	9
	10	if (db_num_rows($result) == 1) {
	11	$uid = db_fetch_result($result, 0, "id");
	12
	13	print getGlobalUnread($this->link, $uid);
	14
	15	if ($fresh) {
	16	print ";";
	17	print getFeedArticles($this->link, -3, false, true, $uid);
	18	}
	19
	20	} else {
	21	print "-1;User not found";
	22	}
	23
	24	}
	25
	26	function getProfiles() {
	27	$login = db_escape_string($_REQUEST["login"]);
	28	$password = db_escape_string($_REQUEST["password"]);
	29
	30	if (authenticate_user($this->link, $login, $password)) {
	31	$result = db_query($this->link, "SELECT * FROM ttrss_settings_profiles
	32	WHERE owner_uid = " . $_SESSION["uid"] . " ORDER BY title");
	33
	34	print "<select style='width: 100%' name='profile'>";
	35
	36	print "<option value='0'>" . __("Default profile") . "</option>";
	37
	38	while ($line = db_fetch_assoc($result)) {
	39	$id = $line["id"];
	40	$title = $line["title"];
	41
	42	print "<option value='$id'>$title</option>";
	43	}
	44
	45	print "</select>";
	46
	47	$_SESSION = array();
	48	}
	49	}
	50
	51	function pubsub() {
	52	$mode = db_escape_string($_REQUEST['hub_mode']);
	53	$feed_id = (int) db_escape_string($_REQUEST['id']);
	54	$feed_url = db_escape_string($_REQUEST['hub_topic']);
	55
	56	if (!PUBSUBHUBBUB_ENABLED) {
	57	header('HTTP/1.0 404 Not Found');
	58	echo "404 Not found";
	59	return;
	60	}
	61
	62	// TODO: implement hub_verifytoken checking
	63
	64	$result = db_query($this->link, "SELECT feed_url FROM ttrss_feeds
65	WHERE id = '$feed_id'");
66
67	if (db_num_rows($result) != 0) {
68
69	$check_feed_url = db_fetch_result($result, 0, "feed_url");
70
71	if ($check_feed_url && ($check_feed_url == $feed_url \|\| !$feed_url)) {
72	if ($mode == "subscribe") {
73
74	db_query($this->link, "UPDATE ttrss_feeds SET pubsub_state = 2
75	WHERE id = '$feed_id'");
76
77	print $_REQUEST['hub_challenge'];
78	return;
79
80	} else if ($mode == "unsubscribe") {
81
82	db_query($this->link, "UPDATE ttrss_feeds SET pubsub_state = 0
83	WHERE id = '$feed_id'");
84
85	print $_REQUEST['hub_challenge'];
86	return;
87
88	} else if (!$mode) {
89
90	// Received update ping, schedule feed update.
91	//update_rss_feed($this->link, $feed_id, true, true);
92
93	db_query($this->link, "UPDATE ttrss_feeds SET
94	last_update_started = '1970-01-01',
95	last_updated = '1970-01-01' WHERE id = '$feed_id'");
96
97	}
98	} else {
99	header('HTTP/1.0 404 Not Found');
100	echo "404 Not found";
101	}
102	} else {
103	header('HTTP/1.0 404 Not Found');
104	echo "404 Not found";
105	}
106
107	}
108
109	function logout() {
110	logout_user();
111	header("Location: index.php");
112	}
113
114	function fbexport() {
115
116	$access_key = db_escape_string($_POST["key"]);
117
118	// TODO: rate limit checking using last_connected
119	$result = db_query($this->link, "SELECT id FROM ttrss_linked_instances
120	WHERE access_key = '$access_key'");
121
122	if (db_num_rows($result) == 1) {
123
124	$instance_id = db_fetch_result($result, 0, "id");
125
126	$result = db_query($this->link, "SELECT feed_url, site_url, title, subscribers
127	FROM ttrss_feedbrowser_cache ORDER BY subscribers DESC LIMIT 100");
128
129	$feeds = array();
130
131	while ($line = db_fetch_assoc($result)) {
132	array_push($feeds, $line);
133	}
134
135	db_query($this->link, "UPDATE ttrss_linked_instances SET
136	last_status_in = 1 WHERE id = '$instance_id'");
137
138	print json_encode(array("feeds" => $feeds));
139	} else {
140	print json_encode(array("error" => array("code" => 6)));
141	}
142	}
143
144	function share() {
145	$uuid = db_escape_string($_REQUEST["key"]);
146
147	$result = db_query($this->link, "SELECT ref_id, owner_uid FROM ttrss_user_entries WHERE
148	uuid = '$uuid'");
149
150	if (db_num_rows($result) != 0) {
151	header("Content-Type: text/html");
152
153	$id = db_fetch_result($result, 0, "ref_id");
154	$owner_uid = db_fetch_result($result, 0, "owner_uid");
155
156	$_SESSION["uid"] = $owner_uid;
157	$article = format_article($this->link, $id, false, true);
158	$_SESSION["uid"] = "";
159
160	print_r($article['content']);
161
162	} else {
163	print "Article not found.";
164	}
165
166	}
167
168	function rss() {
169	header("Content-Type: text/xml; charset=utf-8");
170
171	$feed = db_escape_string($_REQUEST["id"]);
172	$key = db_escape_string($_REQUEST["key"]);
173	$is_cat = $_REQUEST["is_cat"] != false;
174	$limit = (int)db_escape_string($_REQUEST["limit"]);
175
176	$search = db_escape_string($_REQUEST["q"]);
177	$match_on = db_escape_string($_REQUEST["m"]);
178	$search_mode = db_escape_string($_REQUEST["smode"]);
179	$view_mode = db_escape_string($_REQUEST["view-mode"]);
180
181	if (SINGLE_USER_MODE) {
182	authenticate_user($this->link, "admin", null);
183	}
184
185	$owner_id = false;
186
187	if ($key) {
188	$result = db_query($this->link, "SELECT owner_uid FROM
189	ttrss_access_keys WHERE access_key = '$key' AND feed_id = '$feed'");
190
191	if (db_num_rows($result) == 1)
192	$owner_id = db_fetch_result($result, 0, "owner_uid");
193	}
194
195	if ($owner_id) {
196	$_SESSION['uid'] = $owner_id;
197
198	generate_syndicated_feed($this->link, 0, $feed, $is_cat, $limit,
199	$search, $search_mode, $match_on, $view_mode);
200	} else {
201	header('HTTP/1.1 403 Forbidden');
202	}
203	}
204
205	/* function globalUpdateFeeds() {
206	// Update all feeds needing a update.
207	update_daemon_common($this->link, 0, true, true);
208	} */
209	}
210	?>