[tt-rss.git] / classes / rpc.php

<?php
class RPC extends Handler_Protected {

	function csrf_ignore($method) {
		$csrf_ignored = array("sanitycheck", "completelabels");

		return array_search($method, $csrf_ignored) !== false;
	}

	function setprofile() {
		$id = db_escape_string($_REQUEST["id"]);

		$_SESSION["profile"] = $id;
		$_SESSION["prefs_cache"] = array();
	}

	function remprofiles() {
		$ids = explode(",", db_escape_string(trim($_REQUEST["ids"])));

		foreach ($ids as $id) {
			if ($_SESSION["profile"] != $id) {
				db_query($this->link, "DELETE FROM ttrss_settings_profiles WHERE id = '$id' AND
							owner_uid = " . $_SESSION["uid"]);
			}
		}
	}

	// Silent
	function addprofile() {
		$title = db_escape_string(trim($_REQUEST["title"]));
		if ($title) {
			db_query($this->link, "BEGIN");

			$result = db_query($this->link, "SELECT id FROM ttrss_settings_profiles
				WHERE title = '$title' AND owner_uid = " . $_SESSION["uid"]);

			if (db_num_rows($result) == 0) {

				db_query($this->link, "INSERT INTO ttrss_settings_profiles (title, owner_uid)
							VALUES ('$title', ".$_SESSION["uid"] .")");

				$result = db_query($this->link, "SELECT id FROM ttrss_settings_profiles WHERE
					title = '$title'");

				if (db_num_rows($result) != 0) {
					$profile_id = db_fetch_result($result, 0, "id");

					if ($profile_id) {
						initialize_user_prefs($this->link, $_SESSION["uid"], $profile_id);
					}
				}
			}

			db_query($this->link, "COMMIT");
		}
	}

	// Silent
	function saveprofile() {
		$id = db_escape_string($_REQUEST["id"]);
		$title = db_escape_string(trim($_REQUEST["value"]));

		if ($id == 0) {
			print __("Default profile");
			return;
		}

		if ($title) {
			db_query($this->link, "BEGIN");

			$result = db_query($this->link, "SELECT id FROM ttrss_settings_profiles
				WHERE title = '$title' AND owner_uid =" . $_SESSION["uid"]);

			if (db_num_rows($result) == 0) {
				db_query($this->link, "UPDATE ttrss_settings_profiles
							SET title = '$title' WHERE id = '$id' AND
							owner_uid = " . $_SESSION["uid"]);
				print $title;
			} else {
				$result = db_query($this->link, "SELECT title FROM ttrss_settings_profiles
							WHERE id = '$id' AND owner_uid =" . $_SESSION["uid"]);
				print db_fetch_result($result, 0, "title");
			}

			db_query($this->link, "COMMIT");
		}
	}

	// Silent
	function remarchive() {
		$ids = explode(",", db_escape_string($_REQUEST["ids"]));

		foreach ($ids as $id) {
			$result = db_query($this->link, "DELETE FROM ttrss_archived_feeds WHERE
		(SELECT COUNT(*) FROM ttrss_user_entries
							WHERE orig_feed_id = '$id') = 0 AND
		id = '$id' AND owner_uid = ".$_SESSION["uid"]);

			$rc = db_affected_rows($this->link, $result);
		}
	}

	function addfeed() {
		$feed = db_escape_string($_REQUEST['feed']);
		$cat = db_escape_string($_REQUEST['cat']);
		$login = db_escape_string($_REQUEST['login']);
		$pass = db_escape_string($_REQUEST['pass']);
		$need_auth = db_escape_string($_REQUEST['need_auth']) != "";

		$rc = subscribe_to_feed($this->link, $feed, $cat, $login, $pass, $need_auth);

		print json_encode(array("result" => $rc));
	}

	function togglepref() {
		$key = db_escape_string($_REQUEST["key"]);
		set_pref($this->link, $key, !get_pref($this->link, $key));
		$value = get_pref($this->link, $key);

		print json_encode(array("param" =>$key, "value" => $value));
	}

	function setpref() {
		// set_pref escapes input, so no need to double escape it here
		$key = $_REQUEST['key'];
		$value = str_replace("\n", "<br/>", $_REQUEST['value']);

		set_pref($this->link, $key, $value, $_SESSION['uid'], $key != 'USER_STYLESHEET');

		print json_encode(array("param" =>$key, "value" => $value));
	}

	function mark() {
		$mark = $_REQUEST["mark"];
		$id = db_escape_string($_REQUEST["id"]);

		if ($mark == "1") {
			$mark = "true";
		} else {
			$mark = "false";
		}

		$result = db_query($this->link, "UPDATE ttrss_user_entries SET marked = $mark
					WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);

		print json_encode(array("message" => "UPDATE_COUNTERS"));
	}

	function delete() {
		$ids = db_escape_string($_REQUEST["ids"]);

		$result = db_query($this->link, "DELETE FROM ttrss_user_entries
		WHERE ref_id IN ($ids) AND owner_uid = " . $_SESSION["uid"]);

		print json_encode(array("message" => "UPDATE_COUNTERS"));
	}

	function unarchive() {
		$ids = db_escape_string($_REQUEST["ids"]);

		$result = db_query($this->link, "UPDATE ttrss_user_entries
					SET feed_id = orig_feed_id, orig_feed_id = NULL
					WHERE ref_id IN ($ids) AND owner_uid = " . $_SESSION["uid"]);

		print json_encode(array("message" => "UPDATE_COUNTERS"));
	}

	function archive() {
		$ids = explode(",", db_escape_string($_REQUEST["ids"]));

		foreach ($ids as $id) {
			archive_article($this->link, $id, $_SESSION["uid"]);
		}

		print json_encode(array("message" => "UPDATE_COUNTERS"));
	}

	function publ() {
		$pub = $_REQUEST["pub"];
		$id = db_escape_string($_REQUEST["id"]);
		$note = trim(strip_tags(db_escape_string($_REQUEST["note"])));

		if ($pub == "1") {
			$pub = "true";
		} else {
			$pub = "false";
		}

		$result = db_query($this->link, "UPDATE ttrss_user_entries SET
			published = $pub, last_read = NOW()
			WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);

		$pubsub_result = false;

		if (PUBSUBHUBBUB_HUB) {
			$rss_link = get_self_url_prefix() .
				"/public.php?op=rss&id=-2&key=" .
				get_feed_access_key($this->link, -2, false);

			$p = new Publisher(PUBSUBHUBBUB_HUB);

			$pubsub_result = $p->publish_update($rss_link);
		}

		print json_encode(array("message" => "UPDATE_COUNTERS",
			"pubsub_result" => $pubsub_result));
	}

	function getAllCounters() {
		$last_article_id = (int) $_REQUEST["last_article_id"];

		$reply = array();

		 if ($seq) $reply['seq'] = $seq;

		 if ($last_article_id != getLastArticleId($this->link)) {
				$omode = $_REQUEST["omode"];

			if ($omode != "T")
				$reply['counters'] = getAllCounters($this->link, $omode);
			else
				$reply['counters'] = getGlobalCounters($this->link);
		 }

		 $reply['runtime-info'] = make_runtime_info($this->link);

		 print json_encode($reply);
	}

	/* GET["cmode"] = 0 - mark as read, 1 - as unread, 2 - toggle */
	function catchupSelected() {
		$ids = explode(",", db_escape_string($_REQUEST["ids"]));
		$cmode = sprintf("%d", $_REQUEST["cmode"]);

		catchupArticlesById($this->link, $ids, $cmode);

		print json_encode(array("message" => "UPDATE_COUNTERS"));
	}

	function markSelected() {
		$ids = explode(",", db_escape_string($_REQUEST["ids"]));
		$cmode = sprintf("%d", $_REQUEST["cmode"]);

		markArticlesById($this->link, $ids, $cmode);

		print json_encode(array("message" => "UPDATE_COUNTERS"));
	}

	function publishSelected() {
		$ids = explode(",", db_escape_string($_REQUEST["ids"]));
		$cmode = sprintf("%d", $_REQUEST["cmode"]);

		publishArticlesById($this->link, $ids, $cmode);

		print json_encode(array("message" => "UPDATE_COUNTERS"));
	}

	function sanityCheck() {
		$_SESSION["hasAudio"] = $_REQUEST["hasAudio"] === "true";

		$reply = array();

		$reply['error'] = sanity_check($this->link);

		if ($reply['error']['code'] == 0) {
			$reply['init-params'] = make_init_params($this->link);
			$reply['runtime-info'] = make_runtime_info($this->link);
		}

		print json_encode($reply);
	}

	function setArticleTags() {

		$id = db_escape_string($_REQUEST["id"]);

		$tags_str = db_escape_string($_REQUEST["tags_str"]);
		$tags = array_unique(trim_array(explode(",", $tags_str)));

		db_query($this->link, "BEGIN");

		$result = db_query($this->link, "SELECT int_id FROM ttrss_user_entries WHERE
				ref_id = '$id' AND owner_uid = '".$_SESSION["uid"]."' LIMIT 1");

		if (db_num_rows($result) == 1) {

			$tags_to_cache = array();

			$int_id = db_fetch_result($result, 0, "int_id");

			db_query($this->link, "DELETE FROM ttrss_tags WHERE
				post_int_id = $int_id AND owner_uid = '".$_SESSION["uid"]."'");

			foreach ($tags as $tag) {
				$tag = sanitize_tag($tag);

				if (!tag_is_valid($tag)) {
					continue;
				}

				if (preg_match("/^[0-9]*$/", $tag)) {
					continue;
				}

				//					print "<!-- $id : $int_id : $tag -->";

				if ($tag != '') {
					db_query($this->link, "INSERT INTO ttrss_tags
								(post_int_id, owner_uid, tag_name) VALUES ('$int_id', '".$_SESSION["uid"]."', '$tag')");
				}

				array_push($tags_to_cache, $tag);
			}

			/* update tag cache */

			sort($tags_to_cache);
			$tags_str = join(",", $tags_to_cache);

			db_query($this->link, "UPDATE ttrss_user_entries
				SET tag_cache = '$tags_str' WHERE ref_id = '$id'
						AND owner_uid = " . $_SESSION["uid"]);
		}

		db_query($this->link, "COMMIT");

		$tags = get_article_tags($this->link, $id);
		$tags_str = format_tags_string($tags, $id);
		$tags_str_full = join(", ", $tags);

		if (!$tags_str_full) $tags_str_full = __("no tags");

		print json_encode(array("tags_str" => array("id" => $id,
				"content" => $tags_str, "content_full" => $tags_str_full)));
	}

	function regenOPMLKey() {
		update_feed_access_key($this->link, 'OPML:Publish',
		false, $_SESSION["uid"]);

		$new_link = opml_publish_url($this->link);

		print json_encode(array("link" => $new_link));
	}

	function completeLabels() {
		$search = db_escape_string($_REQUEST["search"]);

		$result = db_query($this->link, "SELECT DISTINCT caption FROM
				ttrss_labels2
				WHERE owner_uid = '".$_SESSION["uid"]."' AND
				LOWER(caption) LIKE LOWER('$search%') ORDER BY caption
				LIMIT 5");

		print "<ul>";
		while ($line = db_fetch_assoc($result)) {
			print "<li>" . $line["caption"] . "</li>";
		}
		print "</ul>";
	}


	function completeTags() {
		$search = db_escape_string($_REQUEST["search"]);

		$result = db_query($this->link, "SELECT DISTINCT tag_name FROM ttrss_tags
				WHERE owner_uid = '".$_SESSION["uid"]."' AND
				tag_name LIKE '$search%' ORDER BY tag_name
				LIMIT 10");

		print "<ul>";
		while ($line = db_fetch_assoc($result)) {
			print "<li>" . $line["tag_name"] . "</li>";
		}
		print "</ul>";
	}

	function purge() {
		$ids = explode(",", db_escape_string($_REQUEST["ids"]));
		$days = sprintf("%d", $_REQUEST["days"]);

		foreach ($ids as $id) {

			$result = db_query($this->link, "SELECT id FROM ttrss_feeds WHERE
				id = '$id' AND owner_uid = ".$_SESSION["uid"]);

			if (db_num_rows($result) == 1) {
				purge_feed($this->link, $id, $days);
			}
		}
	}

	function getArticles() {
		$ids = explode(",", db_escape_string($_REQUEST["ids"]));
		$articles = array();

		foreach ($ids as $id) {
			if ($id) {
				array_push($articles, format_article($this->link, $id, 0, false));
			}
		}

		print json_encode($articles);
	}

	function checkDate() {
		$date = db_escape_string($_REQUEST["date"]);
		$date_parsed = strtotime($date);

		print json_encode(array("result" => (bool)$date_parsed,
			"date" => date("c", $date_parsed)));
	}

	function assigntolabel() {
		return $this->labelops(true);
	}

	function removefromlabel() {
		return $this->labelops(false);
	}

	function labelops($assign) {
		$reply = array();

		$ids = explode(",", db_escape_string($_REQUEST["ids"]));
		$label_id = db_escape_string($_REQUEST["lid"]);

		$label = db_escape_string(label_find_caption($this->link, $label_id,
		$_SESSION["uid"]));

		$reply["info-for-headlines"] = array();

		if ($label) {

			foreach ($ids as $id) {

				if ($assign)
					label_add_article($this->link, $id, $label, $_SESSION["uid"]);
				else
					label_remove_article($this->link, $id, $label, $_SESSION["uid"]);

				$labels = get_article_labels($this->link, $id, $_SESSION["uid"]);

				array_push($reply["info-for-headlines"],
				array("id" => $id, "labels" => format_article_labels($labels, $id)));

			}
		}

		$reply["message"] = "UPDATE_COUNTERS";

		print json_encode($reply);
	}

	function updateFeedBrowser() {
		$search = db_escape_string($_REQUEST["search"]);
		$limit = db_escape_string($_REQUEST["limit"]);
		$mode = (int) db_escape_string($_REQUEST["mode"]);

		print json_encode(array("content" =>
			make_feed_browser($this->link, $search, $limit, $mode),
				"mode" => $mode));
	}

	// Silent
	function massSubscribe() {

		$payload = json_decode($_REQUEST["payload"], false);
		$mode = $_REQUEST["mode"];

		if (!$payload || !is_array($payload)) return;

		if ($mode == 1) {
			foreach ($payload as $feed) {

				$title = db_escape_string($feed[0]);
				$feed_url = db_escape_string($feed[1]);

				$result = db_query($this->link, "SELECT id FROM ttrss_feeds WHERE
					feed_url = '$feed_url' AND owner_uid = " . $_SESSION["uid"]);

				if (db_num_rows($result) == 0) {
					$result = db_query($this->link, "INSERT INTO ttrss_feeds
									(owner_uid,feed_url,title,cat_id,site_url)
									VALUES ('".$_SESSION["uid"]."',
									'$feed_url', '$title', NULL, '')");
				}
			}
		} else if ($mode == 2) {
			// feed archive
			foreach ($payload as $id) {
				$result = db_query($this->link, "SELECT * FROM ttrss_archived_feeds
					WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);

				if (db_num_rows($result) != 0) {
					$site_url = db_escape_string(db_fetch_result($result, 0, "site_url"));
					$feed_url = db_escape_string(db_fetch_result($result, 0, "feed_url"));
					$title = db_escape_string(db_fetch_result($result, 0, "title"));

					$result = db_query($this->link, "SELECT id FROM ttrss_feeds WHERE
						feed_url = '$feed_url' AND owner_uid = " . $_SESSION["uid"]);

					if (db_num_rows($result) == 0) {
						$result = db_query($this->link, "INSERT INTO ttrss_feeds
										(owner_uid,feed_url,title,cat_id,site_url)
									VALUES ('$id','".$_SESSION["uid"]."',
									'$feed_url', '$title', NULL, '$site_url')");
					}
				}
			}
		}
	}

	function catchupFeed() {
		$feed_id = db_escape_string($_REQUEST['feed_id']);
		$is_cat = db_escape_string($_REQUEST['is_cat']) == "true";
		$max_id = (int) db_escape_string($_REQUEST['max_id']);

		catchup_feed($this->link, $feed_id, $is_cat, false, $max_id);

		print json_encode(array("message" => "UPDATE_COUNTERS"));
	}

	function quickAddCat() {
		$cat = db_escape_string($_REQUEST["cat"]);

		add_feed_category($this->link, $cat);

		$result = db_query($this->link, "SELECT id FROM ttrss_feed_categories WHERE
			title = '$cat' AND owner_uid = " . $_SESSION["uid"]);

		if (db_num_rows($result) == 1) {
			$id = db_fetch_result($result, 0, "id");
		} else {
			$id = 0;
		}

		print_feed_cat_select($this->link, "cat_id", $id);
	}

	function regenFeedKey() {
		$feed_id = db_escape_string($_REQUEST['id']);
		$is_cat = db_escape_string($_REQUEST['is_cat']) == "true";

		$new_key = update_feed_access_key($this->link, $feed_id, $is_cat);

		print json_encode(array("link" => $new_key));
	}

	// Silent
	function clearKeys() {
		db_query($this->link, "DELETE FROM ttrss_access_keys WHERE
			owner_uid = " . $_SESSION["uid"]);
	}

	// Silent
	function clearArticleKeys() {
		db_query($this->link, "UPDATE ttrss_user_entries SET uuid = '' WHERE
			owner_uid = " . $_SESSION["uid"]);

		return;
	}

	function verifyRegexp() {
		$reg_exp = $_REQUEST["reg_exp"];

		$status = @preg_match("/$reg_exp/i", "TEST") !== false;

		print json_encode(array("status" => $status));
	}

	/* function buttonPlugin() {
		$pclass = "button_" . basename($_REQUEST['plugin']);
		$method = $_REQUEST['plugin_method'];

		if (class_exists($pclass)) {
			$plugin = new $pclass($this->link);
			if (method_exists($plugin, $method)) {
				return $plugin->$method();
			}
		}
	} */

	function genHash() {
		$hash = sha1(uniqid(rand(), true));

		print json_encode(array("hash" => $hash));
	}

	function batchAddFeeds() {
		$cat_id = db_escape_string($_REQUEST['cat']);
		$feeds = explode("\n", db_escape_string($_REQUEST['feeds']));
		$login = db_escape_string($_REQUEST['login']);
		$pass = db_escape_string($_REQUEST['pass']);
		$need_auth = db_escape_string($_REQUEST['need_auth']) != "";

		foreach ($feeds as $feed) {
			$feed = trim($feed);

			if (validate_feed_url($feed)) {

				db_query($this->link, "BEGIN");

				if ($cat_id == "0" || !$cat_id) {
					$cat_qpart = "NULL";
				} else {
					$cat_qpart = "'$cat_id'";
				}

				$result = db_query($this->link,
					"SELECT id FROM ttrss_feeds
					WHERE feed_url = '$feed' AND owner_uid = ".$_SESSION["uid"]);

				if (db_num_rows($result) == 0) {
					$result = db_query($this->link,
						"INSERT INTO ttrss_feeds
							(owner_uid,feed_url,title,cat_id,auth_login,auth_pass,update_method)
						VALUES ('".$_SESSION["uid"]."', '$feed',
							'[Unknown]', $cat_qpart, '$login', '$pass', 0)");
				}

				db_query($this->link, "COMMIT");
			}
		}
	}

	function setScore() {
		$ids = db_escape_string($_REQUEST['id']);
		$score = (int)db_escape_string($_REQUEST['score']);

		db_query($this->link, "UPDATE ttrss_user_entries SET
			score = '$score' WHERE ref_id IN ($ids) AND owner_uid = " . $_SESSION["uid"]);

		print json_encode(array("id" => $id,
			"score_pic" => theme_image($link, get_score_pic($score))));
	}

}
?>
Commit	Line	Data
d5112468	1	<?php
369dbc19	2	class RPC extends Handler_Protected {
d5112468	3
8484ce22	4	function csrf_ignore($method) {
6c2637d9	5	$csrf_ignored = array("sanitycheck", "completelabels");
8484ce22 AD	6
	7	return array_search($method, $csrf_ignored) !== false;
	8	}
	9
d5112468 AD	10	function setprofile() {
d5112468 AD	11	$id = db_escape_string($_REQUEST["id"]);
46da73c2	12
d5112468 AD	13	$_SESSION["profile"] = $id;
	14	$_SESSION["prefs_cache"] = array();
	15	}
	16
	17	function remprofiles() {
	18	$ids = explode(",", db_escape_string(trim($_REQUEST["ids"])));
	19
	20	foreach ($ids as $id) {
	21	if ($_SESSION["profile"] != $id) {
	22	db_query($this->link, "DELETE FROM ttrss_settings_profiles WHERE id = '$id' AND
	23	owner_uid = " . $_SESSION["uid"]);
	24	}
	25	}
	26	}
	27
	28	// Silent
	29	function addprofile() {
	30	$title = db_escape_string(trim($_REQUEST["title"]));
	31	if ($title) {
	32	db_query($this->link, "BEGIN");
	33
	34	$result = db_query($this->link, "SELECT id FROM ttrss_settings_profiles
	35	WHERE title = '$title' AND owner_uid = " . $_SESSION["uid"]);
	36
	37	if (db_num_rows($result) == 0) {
	38
	39	db_query($this->link, "INSERT INTO ttrss_settings_profiles (title, owner_uid)
	40	VALUES ('$title', ".$_SESSION["uid"] .")");
	41
	42	$result = db_query($this->link, "SELECT id FROM ttrss_settings_profiles WHERE
	43	title = '$title'");
	44
	45	if (db_num_rows($result) != 0) {
	46	$profile_id = db_fetch_result($result, 0, "id");
	47
	48	if ($profile_id) {
	49	initialize_user_prefs($this->link, $_SESSION["uid"], $profile_id);
	50	}
	51	}
	52	}
	53
	54	db_query($this->link, "COMMIT");
	55	}
	56	}
	57
	58	// Silent
	59	function saveprofile() {
	60	$id = db_escape_string($_REQUEST["id"]);
	61	$title = db_escape_string(trim($_REQUEST["value"]));
	62
	63	if ($id == 0) {
	64	print __("Default profile");
	65	return;
	66	}
	67
	68	if ($title) {
	69	db_query($this->link, "BEGIN");
	70
	71	$result = db_query($this->link, "SELECT id FROM ttrss_settings_profiles
	72	WHERE title = '$title' AND owner_uid =" . $_SESSION["uid"]);
	73
	74	if (db_num_rows($result) == 0) {
	75	db_query($this->link, "UPDATE ttrss_settings_profiles
	76	SET title = '$title' WHERE id = '$id' AND
77	owner_uid = " . $_SESSION["uid"]);
78	print $title;
79	} else {
80	$result = db_query($this->link, "SELECT title FROM ttrss_settings_profiles
81	WHERE id = '$id' AND owner_uid =" . $_SESSION["uid"]);
82	print db_fetch_result($result, 0, "title");
83	}
84
85	db_query($this->link, "COMMIT");
86	}
87	}
88
89	// Silent
90	function remarchive() {
91	$ids = explode(",", db_escape_string($_REQUEST["ids"]));
92
93	foreach ($ids as $id) {
94	$result = db_query($this->link, "DELETE FROM ttrss_archived_feeds WHERE
95	(SELECT COUNT(*) FROM ttrss_user_entries
96	WHERE orig_feed_id = '$id') = 0 AND
97	id = '$id' AND owner_uid = ".$_SESSION["uid"]);
98
99	$rc = db_affected_rows($this->link, $result);
100	}
101	}
102
103	function addfeed() {
104	$feed = db_escape_string($_REQUEST['feed']);
105	$cat = db_escape_string($_REQUEST['cat']);
106	$login = db_escape_string($_REQUEST['login']);
107	$pass = db_escape_string($_REQUEST['pass']);
aa60999b	108	$need_auth = db_escape_string($_REQUEST['need_auth']) != "";
d5112468	109
aa60999b	110	$rc = subscribe_to_feed($this->link, $feed, $cat, $login, $pass, $need_auth);
d5112468 AD	111
	112	print json_encode(array("result" => $rc));
	113	}
	114
d5112468 AD	115	function togglepref() {
	116	$key = db_escape_string($_REQUEST["key"]);
	117	set_pref($this->link, $key, !get_pref($this->link, $key));
	118	$value = get_pref($this->link, $key);
	119
	120	print json_encode(array("param" =>$key, "value" => $value));
	121	}
	122
	123	function setpref() {
0380cfa9	124	// set_pref escapes input, so no need to double escape it here
74eef4fc AD	125	$key = $_REQUEST['key'];
74eef4fc AD	126	$value = str_replace("\n", "<br/>", $_REQUEST['value']);
d5112468	127
7e431502	128	set_pref($this->link, $key, $value, $_SESSION['uid'], $key != 'USER_STYLESHEET');
d5112468 AD	129
	130	print json_encode(array("param" =>$key, "value" => $value));
	131	}
	132
	133	function mark() {
	134	$mark = $_REQUEST["mark"];
	135	$id = db_escape_string($_REQUEST["id"]);
	136
	137	if ($mark == "1") {
	138	$mark = "true";
	139	} else {
	140	$mark = "false";
	141	}
	142
	143	$result = db_query($this->link, "UPDATE ttrss_user_entries SET marked = $mark
	144	WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
	145
	146	print json_encode(array("message" => "UPDATE_COUNTERS"));
	147	}
	148
	149	function delete() {
	150	$ids = db_escape_string($_REQUEST["ids"]);
	151
	152	$result = db_query($this->link, "DELETE FROM ttrss_user_entries
	153	WHERE ref_id IN ($ids) AND owner_uid = " . $_SESSION["uid"]);
	154
	155	print json_encode(array("message" => "UPDATE_COUNTERS"));
	156	}
	157
	158	function unarchive() {
	159	$ids = db_escape_string($_REQUEST["ids"]);
	160
	161	$result = db_query($this->link, "UPDATE ttrss_user_entries
	162	SET feed_id = orig_feed_id, orig_feed_id = NULL
	163	WHERE ref_id IN ($ids) AND owner_uid = " . $_SESSION["uid"]);
	164
	165	print json_encode(array("message" => "UPDATE_COUNTERS"));
	166	}
	167
	168	function archive() {
	169	$ids = explode(",", db_escape_string($_REQUEST["ids"]));
	170
	171	foreach ($ids as $id) {
	172	archive_article($this->link, $id, $_SESSION["uid"]);
	173	}
	174
	175	print json_encode(array("message" => "UPDATE_COUNTERS"));
	176	}
	177
	178	function publ() {
	179	$pub = $_REQUEST["pub"];
	180	$id = db_escape_string($_REQUEST["id"]);
	181	$note = trim(strip_tags(db_escape_string($_REQUEST["note"])));
	182
	183	if ($pub == "1") {
	184	$pub = "true";
	185	} else {
	186	$pub = "false";
	187	}
	188
	189	$result = db_query($this->link, "UPDATE ttrss_user_entries SET
46b78149	190	published = $pub, last_read = NOW()
d5112468 AD	191	WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
	192
	193	$pubsub_result = false;
	194
	195	if (PUBSUBHUBBUB_HUB) {
	196	$rss_link = get_self_url_prefix() .
	197	"/public.php?op=rss&id=-2&key=" .
	198	get_feed_access_key($this->link, -2, false);
	199
	200	$p = new Publisher(PUBSUBHUBBUB_HUB);
	201
	202	$pubsub_result = $p->publish_update($rss_link);
	203	}
	204
	205	print json_encode(array("message" => "UPDATE_COUNTERS",
	206	"pubsub_result" => $pubsub_result));
	207	}
	208
	209	function getAllCounters() {
	210	$last_article_id = (int) $_REQUEST["last_article_id"];
	211
	212	$reply = array();
	213
	214	if ($seq) $reply['seq'] = $seq;
	215
	216	if ($last_article_id != getLastArticleId($this->link)) {
	217	$omode = $_REQUEST["omode"];
46da73c2	218
d5112468 AD	219	if ($omode != "T")
	220	$reply['counters'] = getAllCounters($this->link, $omode);
	221	else
	222	$reply['counters'] = getGlobalCounters($this->link);
	223	}
	224
	225	$reply['runtime-info'] = make_runtime_info($this->link);
	226
	227	print json_encode($reply);
	228	}
	229
	230	/* GET["cmode"] = 0 - mark as read, 1 - as unread, 2 - toggle */
	231	function catchupSelected() {
	232	$ids = explode(",", db_escape_string($_REQUEST["ids"]));
	233	$cmode = sprintf("%d", $_REQUEST["cmode"]);
	234
	235	catchupArticlesById($this->link, $ids, $cmode);
	236
	237	print json_encode(array("message" => "UPDATE_COUNTERS"));
	238	}
	239
	240	function markSelected() {
	241	$ids = explode(",", db_escape_string($_REQUEST["ids"]));
	242	$cmode = sprintf("%d", $_REQUEST["cmode"]);
	243
	244	markArticlesById($this->link, $ids, $cmode);
	245
	246	print json_encode(array("message" => "UPDATE_COUNTERS"));
	247	}
	248
	249	function publishSelected() {
	250	$ids = explode(",", db_escape_string($_REQUEST["ids"]));
	251	$cmode = sprintf("%d", $_REQUEST["cmode"]);
	252
	253	publishArticlesById($this->link, $ids, $cmode);
	254
	255	print json_encode(array("message" => "UPDATE_COUNTERS"));
	256	}
	257
	258	function sanityCheck() {
	259	$_SESSION["hasAudio"] = $_REQUEST["hasAudio"] === "true";
	260
	261	$reply = array();
	262
	263	$reply['error'] = sanity_check($this->link);
	264
	265	if ($reply['error']['code'] == 0) {
	266	$reply['init-params'] = make_init_params($this->link);
	267	$reply['runtime-info'] = make_runtime_info($this->link);
	268	}
	269
	270	print json_encode($reply);
	271	}
	272
	273	function setArticleTags() {
d5112468 AD	274
	275	$id = db_escape_string($_REQUEST["id"]);
	276
	277	$tags_str = db_escape_string($_REQUEST["tags_str"]);
	278	$tags = array_unique(trim_array(explode(",", $tags_str)));
	279
	280	db_query($this->link, "BEGIN");
	281
	282	$result = db_query($this->link, "SELECT int_id FROM ttrss_user_entries WHERE
	283	ref_id = '$id' AND owner_uid = '".$_SESSION["uid"]."' LIMIT 1");
	284
	285	if (db_num_rows($result) == 1) {
	286
	287	$tags_to_cache = array();
	288
	289	$int_id = db_fetch_result($result, 0, "int_id");
	290
	291	db_query($this->link, "DELETE FROM ttrss_tags WHERE
	292	post_int_id = $int_id AND owner_uid = '".$_SESSION["uid"]."'");
	293
	294	foreach ($tags as $tag) {
	295	$tag = sanitize_tag($tag);
	296
	297	if (!tag_is_valid($tag)) {
	298	continue;
	299	}
	300
	301	if (preg_match("/^[0-9]*$/", $tag)) {
	302	continue;
	303	}
	304
	305	// print "<!-- $id : $int_id : $tag -->";
	306
	307	if ($tag != '') {
	308	db_query($this->link, "INSERT INTO ttrss_tags
	309	(post_int_id, owner_uid, tag_name) VALUES ('$int_id', '".$_SESSION["uid"]."', '$tag')");
	310	}
	311
	312	array_push($tags_to_cache, $tag);
	313	}
	314
	315	/* update tag cache */
	316
	317	sort($tags_to_cache);
	318	$tags_str = join(",", $tags_to_cache);
	319
	320	db_query($this->link, "UPDATE ttrss_user_entries
	321	SET tag_cache = '$tags_str' WHERE ref_id = '$id'
	322	AND owner_uid = " . $_SESSION["uid"]);
	323	}
	324
	325	db_query($this->link, "COMMIT");
	326
d5112468 AD	327	$tags = get_article_tags($this->link, $id);
	328	$tags_str = format_tags_string($tags, $id);
	329	$tags_str_full = join(", ", $tags);
	330
	331	if (!$tags_str_full) $tags_str_full = __("no tags");
	332
	333	print json_encode(array("tags_str" => array("id" => $id,
	334	"content" => $tags_str, "content_full" => $tags_str_full)));
	335	}
	336
	337	function regenOPMLKey() {
	338	update_feed_access_key($this->link, 'OPML:Publish',
	339	false, $_SESSION["uid"]);
	340
	341	$new_link = opml_publish_url($this->link);
	342
	343	print json_encode(array("link" => $new_link));
	344	}
	345
1b4d1a6b AD	346	function completeLabels() {
	347	$search = db_escape_string($_REQUEST["search"]);
	348
	349	$result = db_query($this->link, "SELECT DISTINCT caption FROM
	350	ttrss_labels2
	351	WHERE owner_uid = '".$_SESSION["uid"]."' AND
	352	LOWER(caption) LIKE LOWER('$search%') ORDER BY caption
	353	LIMIT 5");
	354
	355	print "<ul>";
	356	while ($line = db_fetch_assoc($result)) {
	357	print "<li>" . $line["caption"] . "</li>";
	358	}
	359	print "</ul>";
	360	}
	361
	362
d5112468 AD	363	function completeTags() {
	364	$search = db_escape_string($_REQUEST["search"]);
	365
	366	$result = db_query($this->link, "SELECT DISTINCT tag_name FROM ttrss_tags
	367	WHERE owner_uid = '".$_SESSION["uid"]."' AND
	368	tag_name LIKE '$search%' ORDER BY tag_name
	369	LIMIT 10");
	370
	371	print "<ul>";
	372	while ($line = db_fetch_assoc($result)) {
	373	print "<li>" . $line["tag_name"] . "</li>";
	374	}
	375	print "</ul>";
	376	}
	377
	378	function purge() {
	379	$ids = explode(",", db_escape_string($_REQUEST["ids"]));
	380	$days = sprintf("%d", $_REQUEST["days"]);
	381
	382	foreach ($ids as $id) {
	383
	384	$result = db_query($this->link, "SELECT id FROM ttrss_feeds WHERE
	385	id = '$id' AND owner_uid = ".$_SESSION["uid"]);
	386
	387	if (db_num_rows($result) == 1) {
	388	purge_feed($this->link, $id, $days);
	389	}
	390	}
	391	}
	392
	393	function getArticles() {
	394	$ids = explode(",", db_escape_string($_REQUEST["ids"]));
	395	$articles = array();
	396
	397	foreach ($ids as $id) {
	398	if ($id) {
	399	array_push($articles, format_article($this->link, $id, 0, false));
	400	}
	401	}
	402
	403	print json_encode($articles);
	404	}
	405
	406	function checkDate() {
	407	$date = db_escape_string($_REQUEST["date"]);
	408	$date_parsed = strtotime($date);
	409
	410	print json_encode(array("result" => (bool)$date_parsed,
	411	"date" => date("c", $date_parsed)));
	412	}
	413
	414	function assigntolabel() {
4fdb8759	415	return $this->labelops(true);
d5112468	416	}
46da73c2	417
d5112468	418	function removefromlabel() {
4fdb8759	419	return $this->labelops(false);
d5112468	420	}
46da73c2	421
d5112468 AD	422	function labelops($assign) {
	423	$reply = array();
	424
	425	$ids = explode(",", db_escape_string($_REQUEST["ids"]));
	426	$label_id = db_escape_string($_REQUEST["lid"]);
	427
	428	$label = db_escape_string(label_find_caption($this->link, $label_id,
	429	$_SESSION["uid"]));
	430
	431	$reply["info-for-headlines"] = array();
	432
	433	if ($label) {
	434
	435	foreach ($ids as $id) {
	436
	437	if ($assign)
	438	label_add_article($this->link, $id, $label, $_SESSION["uid"]);
	439	else
	440	label_remove_article($this->link, $id, $label, $_SESSION["uid"]);
	441
	442	$labels = get_article_labels($this->link, $id, $_SESSION["uid"]);
	443
	444	array_push($reply["info-for-headlines"],
	445	array("id" => $id, "labels" => format_article_labels($labels, $id)));
	446
	447	}
	448	}
	449
	450	$reply["message"] = "UPDATE_COUNTERS";
	451
	452	print json_encode($reply);
	453	}
	454
	455	function updateFeedBrowser() {
	456	$search = db_escape_string($_REQUEST["search"]);
	457	$limit = db_escape_string($_REQUEST["limit"]);
	458	$mode = (int) db_escape_string($_REQUEST["mode"]);
	459
	460	print json_encode(array("content" =>
	461	make_feed_browser($this->link, $search, $limit, $mode),
	462	"mode" => $mode));
	463	}
	464
	465	// Silent
	466	function massSubscribe() {
	467
	468	$payload = json_decode($_REQUEST["payload"], false);
	469	$mode = $_REQUEST["mode"];
	470
	471	if (!$payload \|\| !is_array($payload)) return;
	472
	473	if ($mode == 1) {
	474	foreach ($payload as $feed) {
	475
	476	$title = db_escape_string($feed[0]);
	477	$feed_url = db_escape_string($feed[1]);
	478
	479	$result = db_query($this->link, "SELECT id FROM ttrss_feeds WHERE
	480	feed_url = '$feed_url' AND owner_uid = " . $_SESSION["uid"]);
	481
	482	if (db_num_rows($result) == 0) {
	483	$result = db_query($this->link, "INSERT INTO ttrss_feeds
	484	(owner_uid,feed_url,title,cat_id,site_url)
	485	VALUES ('".$_SESSION["uid"]."',
486	'$feed_url', '$title', NULL, '')");
487	}
488	}
489	} else if ($mode == 2) {
490	// feed archive
491	foreach ($payload as $id) {
492	$result = db_query($this->link, "SELECT * FROM ttrss_archived_feeds
493	WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
494
495	if (db_num_rows($result) != 0) {
496	$site_url = db_escape_string(db_fetch_result($result, 0, "site_url"));
497	$feed_url = db_escape_string(db_fetch_result($result, 0, "feed_url"));
498	$title = db_escape_string(db_fetch_result($result, 0, "title"));
499
500	$result = db_query($this->link, "SELECT id FROM ttrss_feeds WHERE
501	feed_url = '$feed_url' AND owner_uid = " . $_SESSION["uid"]);
502
503	if (db_num_rows($result) == 0) {
504	$result = db_query($this->link, "INSERT INTO ttrss_feeds
505	(owner_uid,feed_url,title,cat_id,site_url)
506	VALUES ('$id','".$_SESSION["uid"]."',
507	'$feed_url', '$title', NULL, '$site_url')");
508	}
509	}
510	}
511	}
512	}
513
d5112468 AD	514	function catchupFeed() {
	515	$feed_id = db_escape_string($_REQUEST['feed_id']);
	516	$is_cat = db_escape_string($_REQUEST['is_cat']) == "true";
184f5195	517	$max_id = (int) db_escape_string($_REQUEST['max_id']);
d5112468	518
184f5195	519	catchup_feed($this->link, $feed_id, $is_cat, false, $max_id);
d5112468 AD	520
	521	print json_encode(array("message" => "UPDATE_COUNTERS"));
	522	}
	523
d5112468 AD	524	function quickAddCat() {
	525	$cat = db_escape_string($_REQUEST["cat"]);
	526
	527	add_feed_category($this->link, $cat);
	528
	529	$result = db_query($this->link, "SELECT id FROM ttrss_feed_categories WHERE
	530	title = '$cat' AND owner_uid = " . $_SESSION["uid"]);
	531
	532	if (db_num_rows($result) == 1) {
	533	$id = db_fetch_result($result, 0, "id");
	534	} else {
	535	$id = 0;
	536	}
	537
	538	print_feed_cat_select($this->link, "cat_id", $id);
	539	}
	540
	541	function regenFeedKey() {
	542	$feed_id = db_escape_string($_REQUEST['id']);
	543	$is_cat = db_escape_string($_REQUEST['is_cat']) == "true";
	544
	545	$new_key = update_feed_access_key($this->link, $feed_id, $is_cat);
	546
	547	print json_encode(array("link" => $new_key));
	548	}
	549
	550	// Silent
	551	function clearKeys() {
	552	db_query($this->link, "DELETE FROM ttrss_access_keys WHERE
	553	owner_uid = " . $_SESSION["uid"]);
	554	}
	555
	556	// Silent
	557	function clearArticleKeys() {
	558	db_query($this->link, "UPDATE ttrss_user_entries SET uuid = '' WHERE
	559	owner_uid = " . $_SESSION["uid"]);
	560
	561	return;
	562	}
	563
d5112468 AD	564	function verifyRegexp() {
	565	$reg_exp = $_REQUEST["reg_exp"];
	566
	567	$status = @preg_match("/$reg_exp/i", "TEST") !== false;
	568
	569	print json_encode(array("status" => $status));
	570	}
	571
19c73507	572	/* function buttonPlugin() {
369dbc19	573	$pclass = "button_" . basename($_REQUEST['plugin']);
f9ac31d6 AD	574	$method = $_REQUEST['plugin_method'];
	575
	576	if (class_exists($pclass)) {
	577	$plugin = new $pclass($this->link);
	578	if (method_exists($plugin, $method)) {
	579	return $plugin->$method();
	580	}
d5112468	581	}
19c73507	582	} */
d5112468	583
d5112468 AD	584	function genHash() {
	585	$hash = sha1(uniqid(rand(), true));
	586
	587	print json_encode(array("hash" => $hash));
	588	}
33f0fdd0 AD	589
	590	function batchAddFeeds() {
	591	$cat_id = db_escape_string($_REQUEST['cat']);
	592	$feeds = explode("\n", db_escape_string($_REQUEST['feeds']));
	593	$login = db_escape_string($_REQUEST['login']);
	594	$pass = db_escape_string($_REQUEST['pass']);
	595	$need_auth = db_escape_string($_REQUEST['need_auth']) != "";
	596
33f0fdd0 AD	597	foreach ($feeds as $feed) {
	598	$feed = trim($feed);
	599
	600	if (validate_feed_url($feed)) {
	601
	602	db_query($this->link, "BEGIN");
	603
33f0fdd0 AD	604	if ($cat_id == "0" \|\| !$cat_id) {
	605	$cat_qpart = "NULL";
	606	} else {
	607	$cat_qpart = "'$cat_id'";
	608	}
	609
	610	$result = db_query($this->link,
	611	"SELECT id FROM ttrss_feeds
	612	WHERE feed_url = '$feed' AND owner_uid = ".$_SESSION["uid"]);
	613
	614	if (db_num_rows($result) == 0) {
	615	$result = db_query($this->link,
	616	"INSERT INTO ttrss_feeds
	617	(owner_uid,feed_url,title,cat_id,auth_login,auth_pass,update_method)
	618	VALUES ('".$_SESSION["uid"]."', '$feed',
19b3992b	619	'[Unknown]', $cat_qpart, '$login', '$pass', 0)");
33f0fdd0 AD	620	}
	621
	622	db_query($this->link, "COMMIT");
	623	}
	624	}
	625	}
	626
beb6ce27	627	function setScore() {
29064218	628	$ids = db_escape_string($_REQUEST['id']);
beb6ce27 AD	629	$score = (int)db_escape_string($_REQUEST['score']);
	630
	631	db_query($this->link, "UPDATE ttrss_user_entries SET
29064218	632	score = '$score' WHERE ref_id IN ($ids) AND owner_uid = " . $_SESSION["uid"]);
beb6ce27 AD	633
	634	print json_encode(array("id" => $id,
	635	"score_pic" => theme_image($link, get_score_pic($score))));
	636	}
	637
d5112468 AD	638	}
d5112468 AD	639	?>