]>
Commit | Line | Data |
---|---|---|
1 | <?php | |
2 | class Handler_Public extends Handler { | |
3 | ||
4 | private function generate_syndicated_feed($owner_uid, $feed, $is_cat, | |
5 | $limit, $offset, $search, $search_mode, | |
6 | $view_mode = false, $format = 'atom') { | |
7 | ||
8 | require_once "lib/MiniTemplator.class.php"; | |
9 | ||
10 | $note_style = "background-color : #fff7d5; | |
11 | border-width : 1px; ". | |
12 | "padding : 5px; border-style : dashed; border-color : #e7d796;". | |
13 | "margin-bottom : 1em; color : #9a8c59;"; | |
14 | ||
15 | if (!$limit) $limit = 100; | |
16 | ||
17 | if (get_pref($this->link, "SORT_HEADLINES_BY_FEED_DATE", $owner_uid)) { | |
18 | $date_sort_field = "updated"; | |
19 | } else { | |
20 | $date_sort_field = "date_entered"; | |
21 | } | |
22 | ||
23 | if ($feed == -2) | |
24 | $date_sort_field = "last_published"; | |
25 | else if ($feed == -1) | |
26 | $date_sort_field = "last_marked"; | |
27 | ||
28 | $qfh_ret = queryFeedHeadlines($this->link, $feed, | |
29 | $limit, $view_mode, $is_cat, $search, $search_mode, | |
30 | "$date_sort_field DESC", $offset, $owner_uid, | |
31 | false, 0, false, true); | |
32 | ||
33 | $result = $qfh_ret[0]; | |
34 | $feed_title = htmlspecialchars($qfh_ret[1]); | |
35 | $feed_site_url = $qfh_ret[2]; | |
36 | $last_error = $qfh_ret[3]; | |
37 | ||
38 | $feed_self_url = get_self_url_prefix() . | |
39 | "/public.php?op=rss&id=-2&key=" . | |
40 | get_feed_access_key($this->link, -2, false, $owner_uid); | |
41 | ||
42 | if (!$feed_site_url) $feed_site_url = get_self_url_prefix(); | |
43 | ||
44 | if ($format == 'atom') { | |
45 | $tpl = new MiniTemplator; | |
46 | ||
47 | $tpl->readTemplateFromFile("templates/generated_feed.txt"); | |
48 | ||
49 | $tpl->setVariable('FEED_TITLE', $feed_title, true); | |
50 | $tpl->setVariable('VERSION', VERSION, true); | |
51 | $tpl->setVariable('FEED_URL', htmlspecialchars($feed_self_url), true); | |
52 | ||
53 | if (PUBSUBHUBBUB_HUB && $feed == -2) { | |
54 | $tpl->setVariable('HUB_URL', htmlspecialchars(PUBSUBHUBBUB_HUB), true); | |
55 | $tpl->addBlock('feed_hub'); | |
56 | } | |
57 | ||
58 | $tpl->setVariable('SELF_URL', htmlspecialchars(get_self_url_prefix()), true); | |
59 | ||
60 | while ($line = db_fetch_assoc($result)) { | |
61 | $tpl->setVariable('ARTICLE_ID', htmlspecialchars($line['link']), true); | |
62 | $tpl->setVariable('ARTICLE_LINK', htmlspecialchars($line['link']), true); | |
63 | $tpl->setVariable('ARTICLE_TITLE', htmlspecialchars($line['title']), true); | |
64 | $tpl->setVariable('ARTICLE_EXCERPT', | |
65 | truncate_string(strip_tags($line["content_preview"]), 100, '...'), true); | |
66 | ||
67 | $content = sanitize($this->link, $line["content_preview"], false, $owner_uid); | |
68 | ||
69 | if ($line['note']) { | |
70 | $content = "<div style=\"$note_style\">Article note: " . $line['note'] . "</div>" . | |
71 | $content; | |
72 | } | |
73 | ||
74 | $tpl->setVariable('ARTICLE_CONTENT', $content, true); | |
75 | ||
76 | $tpl->setVariable('ARTICLE_UPDATED_ATOM', | |
77 | date('c', strtotime($line["updated"])), true); | |
78 | $tpl->setVariable('ARTICLE_UPDATED_RFC822', | |
79 | date(DATE_RFC822, strtotime($line["updated"])), true); | |
80 | ||
81 | $tpl->setVariable('ARTICLE_AUTHOR', htmlspecialchars($line['author']), true); | |
82 | ||
83 | $tags = get_article_tags($this->link, $line["id"], $owner_uid); | |
84 | ||
85 | foreach ($tags as $tag) { | |
86 | $tpl->setVariable('ARTICLE_CATEGORY', htmlspecialchars($tag), true); | |
87 | $tpl->addBlock('category'); | |
88 | } | |
89 | ||
90 | $enclosures = get_article_enclosures($this->link, $line["id"]); | |
91 | ||
92 | foreach ($enclosures as $e) { | |
93 | $type = htmlspecialchars($e['content_type']); | |
94 | $url = htmlspecialchars($e['content_url']); | |
95 | $length = $e['duration']; | |
96 | ||
97 | $tpl->setVariable('ARTICLE_ENCLOSURE_URL', $url, true); | |
98 | $tpl->setVariable('ARTICLE_ENCLOSURE_TYPE', $type, true); | |
99 | $tpl->setVariable('ARTICLE_ENCLOSURE_LENGTH', $length, true); | |
100 | ||
101 | $tpl->addBlock('enclosure'); | |
102 | } | |
103 | ||
104 | $tpl->addBlock('entry'); | |
105 | } | |
106 | ||
107 | $tmp = ""; | |
108 | ||
109 | $tpl->addBlock('feed'); | |
110 | $tpl->generateOutputToString($tmp); | |
111 | ||
112 | if (@!$_REQUEST["noxml"]) { | |
113 | header("Content-Type: text/xml; charset=utf-8"); | |
114 | } else { | |
115 | header("Content-Type: text/plain; charset=utf-8"); | |
116 | } | |
117 | ||
118 | print $tmp; | |
119 | } else if ($format == 'json') { | |
120 | ||
121 | $feed = array(); | |
122 | ||
123 | $feed['title'] = $feed_title; | |
124 | $feed['version'] = VERSION; | |
125 | $feed['feed_url'] = $feed_self_url; | |
126 | ||
127 | if (PUBSUBHUBBUB_HUB && $feed == -2) { | |
128 | $feed['hub_url'] = PUBSUBHUBBUB_HUB; | |
129 | } | |
130 | ||
131 | $feed['self_url'] = get_self_url_prefix(); | |
132 | ||
133 | $feed['articles'] = array(); | |
134 | ||
135 | while ($line = db_fetch_assoc($result)) { | |
136 | $article = array(); | |
137 | ||
138 | $article['id'] = $line['link']; | |
139 | $article['link'] = $line['link']; | |
140 | $article['title'] = $line['title']; | |
141 | $article['excerpt'] = truncate_string(strip_tags($line["content_preview"]), 100, '...'); | |
142 | $article['content'] = sanitize($this->link, $line["content_preview"], false, $owner_uid); | |
143 | $article['updated'] = date('c', strtotime($line["updated"])); | |
144 | ||
145 | if ($line['note']) $article['note'] = $line['note']; | |
146 | if ($article['author']) $article['author'] = $line['author']; | |
147 | ||
148 | $tags = get_article_tags($this->link, $line["id"], $owner_uid); | |
149 | ||
150 | if (count($tags) > 0) { | |
151 | $article['tags'] = array(); | |
152 | ||
153 | foreach ($tags as $tag) { | |
154 | array_push($article['tags'], $tag); | |
155 | } | |
156 | } | |
157 | ||
158 | $enclosures = get_article_enclosures($this->link, $line["id"]); | |
159 | ||
160 | if (count($enclosures) > 0) { | |
161 | $article['enclosures'] = array(); | |
162 | ||
163 | foreach ($enclosures as $e) { | |
164 | $type = $e['content_type']; | |
165 | $url = $e['content_url']; | |
166 | $length = $e['duration']; | |
167 | ||
168 | array_push($article['enclosures'], array("url" => $url, "type" => $type, "length" => $length)); | |
169 | } | |
170 | } | |
171 | ||
172 | array_push($feed['articles'], $article); | |
173 | } | |
174 | ||
175 | header("Content-Type: text/json; charset=utf-8"); | |
176 | print json_encode($feed); | |
177 | ||
178 | } else { | |
179 | header("Content-Type: text/plain; charset=utf-8"); | |
180 | print json_encode(array("error" => array("message" => "Unknown format"))); | |
181 | } | |
182 | } | |
183 | ||
184 | function getUnread() { | |
185 | $login = db_escape_string($this->link, $_REQUEST["login"]); | |
186 | $fresh = $_REQUEST["fresh"] == "1"; | |
187 | ||
188 | $result = db_query($this->link, "SELECT id FROM ttrss_users WHERE login = '$login'"); | |
189 | ||
190 | if (db_num_rows($result) == 1) { | |
191 | $uid = db_fetch_result($result, 0, "id"); | |
192 | ||
193 | print getGlobalUnread($this->link, $uid); | |
194 | ||
195 | if ($fresh) { | |
196 | print ";"; | |
197 | print getFeedArticles($this->link, -3, false, true, $uid); | |
198 | } | |
199 | ||
200 | } else { | |
201 | print "-1;User not found"; | |
202 | } | |
203 | ||
204 | } | |
205 | ||
206 | function getProfiles() { | |
207 | $login = db_escape_string($this->link, $_REQUEST["login"]); | |
208 | ||
209 | $result = db_query($this->link, "SELECT * FROM ttrss_settings_profiles,ttrss_users | |
210 | WHERE ttrss_users.id = ttrss_settings_profiles.owner_uid AND login = '$login' ORDER BY title"); | |
211 | ||
212 | print "<select dojoType='dijit.form.Select' style='width : 220px; margin : 0px' name='profile'>"; | |
213 | ||
214 | print "<option value='0'>" . __("Default profile") . "</option>"; | |
215 | ||
216 | while ($line = db_fetch_assoc($result)) { | |
217 | $id = $line["id"]; | |
218 | $title = $line["title"]; | |
219 | ||
220 | print "<option value='$id'>$title</option>"; | |
221 | } | |
222 | ||
223 | print "</select>"; | |
224 | } | |
225 | ||
226 | function pubsub() { | |
227 | $mode = db_escape_string($this->link, $_REQUEST['hub_mode']); | |
228 | $feed_id = (int) db_escape_string($this->link, $_REQUEST['id']); | |
229 | $feed_url = db_escape_string($this->link, $_REQUEST['hub_topic']); | |
230 | ||
231 | if (!PUBSUBHUBBUB_ENABLED) { | |
232 | header('HTTP/1.0 404 Not Found'); | |
233 | echo "404 Not found"; | |
234 | return; | |
235 | } | |
236 | ||
237 | // TODO: implement hub_verifytoken checking | |
238 | ||
239 | $result = db_query($this->link, "SELECT feed_url FROM ttrss_feeds | |
240 | WHERE id = '$feed_id'"); | |
241 | ||
242 | if (db_num_rows($result) != 0) { | |
243 | ||
244 | $check_feed_url = db_fetch_result($result, 0, "feed_url"); | |
245 | ||
246 | if ($check_feed_url && ($check_feed_url == $feed_url || !$feed_url)) { | |
247 | if ($mode == "subscribe") { | |
248 | ||
249 | db_query($this->link, "UPDATE ttrss_feeds SET pubsub_state = 2 | |
250 | WHERE id = '$feed_id'"); | |
251 | ||
252 | print $_REQUEST['hub_challenge']; | |
253 | return; | |
254 | ||
255 | } else if ($mode == "unsubscribe") { | |
256 | ||
257 | db_query($this->link, "UPDATE ttrss_feeds SET pubsub_state = 0 | |
258 | WHERE id = '$feed_id'"); | |
259 | ||
260 | print $_REQUEST['hub_challenge']; | |
261 | return; | |
262 | ||
263 | } else if (!$mode) { | |
264 | ||
265 | // Received update ping, schedule feed update. | |
266 | //update_rss_feed($this->link, $feed_id, true, true); | |
267 | ||
268 | db_query($this->link, "UPDATE ttrss_feeds SET | |
269 | last_update_started = '1970-01-01', | |
270 | last_updated = '1970-01-01' WHERE id = '$feed_id'"); | |
271 | ||
272 | } | |
273 | } else { | |
274 | header('HTTP/1.0 404 Not Found'); | |
275 | echo "404 Not found"; | |
276 | } | |
277 | } else { | |
278 | header('HTTP/1.0 404 Not Found'); | |
279 | echo "404 Not found"; | |
280 | } | |
281 | ||
282 | } | |
283 | ||
284 | function logout() { | |
285 | logout_user(); | |
286 | header("Location: index.php"); | |
287 | } | |
288 | ||
289 | function share() { | |
290 | $uuid = db_escape_string($this->link, $_REQUEST["key"]); | |
291 | ||
292 | $result = db_query($this->link, "SELECT ref_id, owner_uid FROM ttrss_user_entries WHERE | |
293 | uuid = '$uuid'"); | |
294 | ||
295 | if (db_num_rows($result) != 0) { | |
296 | header("Content-Type: text/html"); | |
297 | ||
298 | $id = db_fetch_result($result, 0, "ref_id"); | |
299 | $owner_uid = db_fetch_result($result, 0, "owner_uid"); | |
300 | ||
301 | $article = format_article($this->link, $id, false, true, $owner_uid); | |
302 | ||
303 | print_r($article['content']); | |
304 | ||
305 | } else { | |
306 | print "Article not found."; | |
307 | } | |
308 | ||
309 | } | |
310 | ||
311 | function rss() { | |
312 | $feed = db_escape_string($this->link, $_REQUEST["id"]); | |
313 | $key = db_escape_string($this->link, $_REQUEST["key"]); | |
314 | $is_cat = $_REQUEST["is_cat"] != false; | |
315 | $limit = (int)db_escape_string($this->link, $_REQUEST["limit"]); | |
316 | $offset = (int)db_escape_string($this->link, $_REQUEST["offset"]); | |
317 | ||
318 | $search = db_escape_string($this->link, $_REQUEST["q"]); | |
319 | $search_mode = db_escape_string($this->link, $_REQUEST["smode"]); | |
320 | $view_mode = db_escape_string($this->link, $_REQUEST["view-mode"]); | |
321 | ||
322 | $format = db_escape_string($this->link, $_REQUEST['format']); | |
323 | ||
324 | if (!$format) $format = 'atom'; | |
325 | ||
326 | if (SINGLE_USER_MODE) { | |
327 | authenticate_user($this->link, "admin", null); | |
328 | } | |
329 | ||
330 | $owner_id = false; | |
331 | ||
332 | if ($key) { | |
333 | $result = db_query($this->link, "SELECT owner_uid FROM | |
334 | ttrss_access_keys WHERE access_key = '$key' AND feed_id = '$feed'"); | |
335 | ||
336 | if (db_num_rows($result) == 1) | |
337 | $owner_id = db_fetch_result($result, 0, "owner_uid"); | |
338 | } | |
339 | ||
340 | if ($owner_id) { | |
341 | $this->generate_syndicated_feed($owner_id, $feed, $is_cat, $limit, | |
342 | $offset, $search, $search_mode, $view_mode, $format); | |
343 | } else { | |
344 | header('HTTP/1.1 403 Forbidden'); | |
345 | } | |
346 | } | |
347 | ||
348 | function globalUpdateFeeds() { | |
349 | include "rssfuncs.php"; | |
350 | // Update all feeds needing a update. | |
351 | update_daemon_common($this->link, 0, true, false); | |
352 | } | |
353 | ||
354 | function sharepopup() { | |
355 | if (SINGLE_USER_MODE) { | |
356 | login_sequence($this->link); | |
357 | } | |
358 | ||
359 | header('Content-Type: text/html; charset=utf-8'); | |
360 | print "<html> | |
361 | <head> | |
362 | <title>Tiny Tiny RSS</title> | |
363 | <link rel=\"stylesheet\" type=\"text/css\" href=\"utility.css\"> | |
364 | <script type=\"text/javascript\" src=\"lib/prototype.js\"></script> | |
365 | <script type=\"text/javascript\" src=\"lib/scriptaculous/scriptaculous.js?load=effects,dragdrop,controls\"></script> | |
366 | <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/> | |
367 | </head> | |
368 | <body id='sharepopup'>"; | |
369 | ||
370 | $action = $_REQUEST["action"]; | |
371 | ||
372 | if ($_SESSION["uid"]) { | |
373 | ||
374 | if ($action == 'share') { | |
375 | ||
376 | $title = db_escape_string($this->link, strip_tags($_REQUEST["title"])); | |
377 | $url = db_escape_string($this->link, strip_tags($_REQUEST["url"])); | |
378 | $content = db_escape_string($this->link, strip_tags($_REQUEST["content"])); | |
379 | $labels = db_escape_string($this->link, strip_tags($_REQUEST["labels"])); | |
380 | ||
381 | Article::create_published_article($this->link, $title, $url, $content, $labels, | |
382 | $_SESSION["uid"]); | |
383 | ||
384 | print "<script type='text/javascript'>"; | |
385 | print "window.close();"; | |
386 | print "</script>"; | |
387 | ||
388 | } else { | |
389 | $title = htmlspecialchars($_REQUEST["title"]); | |
390 | $url = htmlspecialchars($_REQUEST["url"]); | |
391 | ||
392 | ?> | |
393 | ||
394 | <table height='100%' width='100%'><tr><td colspan='2'> | |
395 | <h1><?php echo __("Share with Tiny Tiny RSS") ?></h1> | |
396 | </td></tr> | |
397 | ||
398 | <form id='share_form' name='share_form'> | |
399 | ||
400 | <input type="hidden" name="op" value="sharepopup"> | |
401 | <input type="hidden" name="action" value="share"> | |
402 | ||
403 | <tr><td align='right'><?php echo __("Title:") ?></td> | |
404 | <td width='80%'><input name='title' value="<?php echo $title ?>"></td></tr> | |
405 | <tr><td align='right'><?php echo __("URL:") ?></td> | |
406 | <td><input name='url' value="<?php echo $url ?>"></td></tr> | |
407 | <tr><td align='right'><?php echo __("Content:") ?></td> | |
408 | <td><input name='content' value=""></td></tr> | |
409 | <tr><td align='right'><?php echo __("Labels:") ?></td> | |
410 | <td><input name='labels' id="labels_value" | |
411 | placeholder='Alpha, Beta, Gamma' value=""> | |
412 | </td></tr> | |
413 | ||
414 | <tr><td> | |
415 | <div class="autocomplete" id="labels_choices" | |
416 | style="display : block"></div></td></tr> | |
417 | ||
418 | <script type='text/javascript'>document.forms[0].title.focus();</script> | |
419 | ||
420 | <script type='text/javascript'> | |
421 | new Ajax.Autocompleter('labels_value', 'labels_choices', | |
422 | "backend.php?op=rpc&method=completeLabels", | |
423 | { tokens: ',', paramName: "search" }); | |
424 | </script> | |
425 | ||
426 | <tr><td colspan='2'> | |
427 | <div style='float : right' class='insensitive-small'> | |
428 | <?php echo __("Shared article will appear in the Published feed.") ?> | |
429 | </div> | |
430 | <button type="submit"><?php echo __('Share') ?></button> | |
431 | <button onclick="return window.close()"><?php echo __('Cancel') ?></button> | |
432 | </div> | |
433 | ||
434 | </form> | |
435 | </td></tr></table> | |
436 | </body></html> | |
437 | <?php | |
438 | ||
439 | } | |
440 | ||
441 | } else { | |
442 | ||
443 | $return = urlencode($_SERVER["REQUEST_URI"]) | |
444 | ?> | |
445 | ||
446 | <form action="public.php?return=<?php echo $return ?>" | |
447 | method="POST" id="loginForm" name="loginForm"> | |
448 | ||
449 | <input type="hidden" name="op" value="login"> | |
450 | ||
451 | <table height='100%' width='100%'><tr><td colspan='2'> | |
452 | <h1><?php echo __("Not logged in") ?></h1></td></tr> | |
453 | ||
454 | <tr><td align="right"><?php echo __("Login:") ?></td> | |
455 | <td align="right"><input name="login" | |
456 | value="<?php echo $_SESSION["fake_login"] ?>"></td></tr> | |
457 | <tr><td align="right"><?php echo __("Password:") ?></td> | |
458 | <td align="right"><input type="password" name="password" | |
459 | value="<?php echo $_SESSION["fake_password"] ?>"></td></tr> | |
460 | <tr><td align="right"><?php echo __("Language:") ?></td> | |
461 | <td align="right"> | |
462 | <?php | |
463 | print_select_hash("language", $_COOKIE["ttrss_lang"], get_translations(), | |
464 | "style='width : 100%''"); | |
465 | ||
466 | ?> | |
467 | </td></tr> | |
468 | <tr><td colspan='2'> | |
469 | <button type="submit"> | |
470 | <?php echo __('Log in') ?></button> | |
471 | ||
472 | <button onclick="return window.close()"> | |
473 | <?php echo __('Cancel') ?></button> | |
474 | </td></tr> | |
475 | </table> | |
476 | ||
477 | </form> | |
478 | <?php | |
479 | } | |
480 | } | |
481 | ||
482 | function login() { | |
483 | ||
484 | @session_start(); | |
485 | ||
486 | $_SESSION["prefs_cache"] = array(); | |
487 | ||
488 | if (!SINGLE_USER_MODE) { | |
489 | ||
490 | $login = db_escape_string($this->link, $_POST["login"]); | |
491 | $password = $_POST["password"]; | |
492 | $remember_me = $_POST["remember_me"]; | |
493 | ||
494 | if (authenticate_user($this->link, $login, $password)) { | |
495 | $_POST["password"] = ""; | |
496 | ||
497 | $_SESSION["language"] = $_POST["language"]; | |
498 | $_SESSION["ref_schema_version"] = get_schema_version($this->link, true); | |
499 | $_SESSION["bw_limit"] = !!$_POST["bw_limit"]; | |
500 | ||
501 | if ($_POST["profile"]) { | |
502 | ||
503 | $profile = db_escape_string($this->link, $_POST["profile"]); | |
504 | ||
505 | $result = db_query($this->link, "SELECT id FROM ttrss_settings_profiles | |
506 | WHERE id = '$profile' AND owner_uid = " . $_SESSION["uid"]); | |
507 | ||
508 | if (db_num_rows($result) != 0) { | |
509 | $_SESSION["profile"] = $profile; | |
510 | $_SESSION["prefs_cache"] = array(); | |
511 | } | |
512 | } | |
513 | } else { | |
514 | $_SESSION["login_error_msg"] = __("Incorrect username or password"); | |
515 | } | |
516 | ||
517 | if ($_REQUEST['return']) { | |
518 | header("Location: " . $_REQUEST['return']); | |
519 | } else { | |
520 | header("Location: " . SELF_URL_PATH); | |
521 | } | |
522 | } | |
523 | } | |
524 | ||
525 | function subscribe() { | |
526 | if (SINGLE_USER_MODE) { | |
527 | login_sequence($this->link); | |
528 | } | |
529 | ||
530 | if ($_SESSION["uid"]) { | |
531 | ||
532 | $feed_url = db_escape_string($this->link, trim($_REQUEST["feed_url"])); | |
533 | ||
534 | header('Content-Type: text/html; charset=utf-8'); | |
535 | print "<html> | |
536 | <head> | |
537 | <title>Tiny Tiny RSS</title> | |
538 | <link rel=\"stylesheet\" type=\"text/css\" href=\"utility.css\"> | |
539 | <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/> | |
540 | </head> | |
541 | <body> | |
542 | <img class=\"floatingLogo\" src=\"images/logo_small.png\" | |
543 | alt=\"Tiny Tiny RSS\"/> | |
544 | <h1>".__("Subscribe to feed...")."</h1><div class='content'>"; | |
545 | ||
546 | $rc = subscribe_to_feed($this->link, $feed_url); | |
547 | ||
548 | switch ($rc['code']) { | |
549 | case 0: | |
550 | print_warning(T_sprintf("Already subscribed to <b>%s</b>.", $feed_url)); | |
551 | break; | |
552 | case 1: | |
553 | print_notice(T_sprintf("Subscribed to <b>%s</b>.", $feed_url)); | |
554 | break; | |
555 | case 2: | |
556 | print_error(T_sprintf("Could not subscribe to <b>%s</b>.", $feed_url)); | |
557 | break; | |
558 | case 3: | |
559 | print_error(T_sprintf("No feeds found in <b>%s</b>.", $feed_url)); | |
560 | break; | |
561 | case 4: | |
562 | print_notice(__("Multiple feed URLs found.")); | |
563 | $feed_urls = $rc["feeds"]; | |
564 | break; | |
565 | case 5: | |
566 | print_error(T_sprintf("Could not subscribe to <b>%s</b>.<br>Can't download the Feed URL.", $feed_url)); | |
567 | break; | |
568 | } | |
569 | ||
570 | if ($feed_urls) { | |
571 | ||
572 | print "<form action=\"public.php\">"; | |
573 | print "<input type=\"hidden\" name=\"op\" value=\"subscribe\">"; | |
574 | ||
575 | print "<select name=\"feed_url\">"; | |
576 | ||
577 | foreach ($feed_urls as $url => $name) { | |
578 | $url = htmlspecialchars($url); | |
579 | $name = htmlspecialchars($name); | |
580 | ||
581 | print "<option value=\"$url\">$name</option>"; | |
582 | } | |
583 | ||
584 | print "<input type=\"submit\" value=\"".__("Subscribe to selected feed"). | |
585 | "\">"; | |
586 | ||
587 | print "</form>"; | |
588 | } | |
589 | ||
590 | $tp_uri = get_self_url_prefix() . "/prefs.php"; | |
591 | $tt_uri = get_self_url_prefix(); | |
592 | ||
593 | if ($rc['code'] <= 2){ | |
594 | $result = db_query($this->link, "SELECT id FROM ttrss_feeds WHERE | |
595 | feed_url = '$feed_url' AND owner_uid = " . $_SESSION["uid"]); | |
596 | ||
597 | $feed_id = db_fetch_result($result, 0, "id"); | |
598 | } else { | |
599 | $feed_id = 0; | |
600 | } | |
601 | print "<p>"; | |
602 | ||
603 | if ($feed_id) { | |
604 | print "<form method=\"GET\" style='display: inline' | |
605 | action=\"$tp_uri\"> | |
606 | <input type=\"hidden\" name=\"tab\" value=\"feedConfig\"> | |
607 | <input type=\"hidden\" name=\"method\" value=\"editFeed\"> | |
608 | <input type=\"hidden\" name=\"methodparam\" value=\"$feed_id\"> | |
609 | <input type=\"submit\" value=\"".__("Edit subscription options")."\"> | |
610 | </form>"; | |
611 | } | |
612 | ||
613 | print "<form style='display: inline' method=\"GET\" action=\"$tt_uri\"> | |
614 | <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\"> | |
615 | </form></p>"; | |
616 | ||
617 | print "</div></body></html>"; | |
618 | ||
619 | } else { | |
620 | render_login_form($this->link); | |
621 | } | |
622 | } | |
623 | ||
624 | function subscribe2() { | |
625 | $feed_url = db_escape_string($this->link, trim($_REQUEST["feed_url"])); | |
626 | $cat_id = db_escape_string($this->link, $_REQUEST["cat_id"]); | |
627 | $from = db_escape_string($this->link, $_REQUEST["from"]); | |
628 | ||
629 | /* only read authentication information from POST */ | |
630 | ||
631 | $auth_login = db_escape_string($this->link, trim($_POST["auth_login"])); | |
632 | $auth_pass = db_escape_string($this->link, trim($_POST["auth_pass"])); | |
633 | ||
634 | $rc = subscribe_to_feed($this->link, $feed_url, $cat_id, $auth_login, $auth_pass); | |
635 | ||
636 | switch ($rc) { | |
637 | case 1: | |
638 | print_notice(T_sprintf("Subscribed to <b>%s</b>.", $feed_url)); | |
639 | break; | |
640 | case 2: | |
641 | print_error(T_sprintf("Could not subscribe to <b>%s</b>.", $feed_url)); | |
642 | break; | |
643 | case 3: | |
644 | print_error(T_sprintf("No feeds found in <b>%s</b>.", $feed_url)); | |
645 | break; | |
646 | case 0: | |
647 | print_warning(T_sprintf("Already subscribed to <b>%s</b>.", $feed_url)); | |
648 | break; | |
649 | case 4: | |
650 | print_notice(__("Multiple feed URLs found.")); | |
651 | ||
652 | $feed_urls = get_feeds_from_html($feed_url); | |
653 | break; | |
654 | case 5: | |
655 | print_error(T_sprintf("Could not subscribe to <b>%s</b>.<br>Can't download the Feed URL.", $feed_url)); | |
656 | break; | |
657 | } | |
658 | ||
659 | if ($feed_urls) { | |
660 | print "<form action=\"backend.php\">"; | |
661 | print "<input type=\"hidden\" name=\"op\" value=\"pref-feeds\">"; | |
662 | print "<input type=\"hidden\" name=\"quiet\" value=\"1\">"; | |
663 | print "<input type=\"hidden\" name=\"method\" value=\"add\">"; | |
664 | ||
665 | print "<select name=\"feed_url\">"; | |
666 | ||
667 | foreach ($feed_urls as $url => $name) { | |
668 | $url = htmlspecialchars($url); | |
669 | $name = htmlspecialchars($name); | |
670 | print "<option value=\"$url\">$name</option>"; | |
671 | } | |
672 | ||
673 | print "<input type=\"submit\" value=\"".__("Subscribe to selected feed")."\">"; | |
674 | print "</form>"; | |
675 | } | |
676 | ||
677 | $tp_uri = get_self_url_prefix() . "/prefs.php"; | |
678 | $tt_uri = get_self_url_prefix(); | |
679 | ||
680 | if ($rc <= 2){ | |
681 | $result = db_query($this->link, "SELECT id FROM ttrss_feeds WHERE | |
682 | feed_url = '$feed_url' AND owner_uid = " . $_SESSION["uid"]); | |
683 | ||
684 | $feed_id = db_fetch_result($result, 0, "id"); | |
685 | } else { | |
686 | $feed_id = 0; | |
687 | } | |
688 | ||
689 | print "<p>"; | |
690 | ||
691 | if ($feed_id) { | |
692 | print "<form method=\"GET\" style='display: inline' | |
693 | action=\"$tp_uri\"> | |
694 | <input type=\"hidden\" name=\"tab\" value=\"feedConfig\"> | |
695 | <input type=\"hidden\" name=\"method\" value=\"editFeed\"> | |
696 | <input type=\"hidden\" name=\"methodparam\" value=\"$feed_id\"> | |
697 | <input type=\"submit\" value=\"".__("Edit subscription options")."\"> | |
698 | </form>"; | |
699 | } | |
700 | ||
701 | print "<form style='display: inline' method=\"GET\" action=\"$tt_uri\"> | |
702 | <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\"> | |
703 | </form></p>"; | |
704 | ||
705 | print "</body></html>"; | |
706 | } | |
707 | ||
708 | function index() { | |
709 | header("Content-Type: text/plain"); | |
710 | print json_encode(array("error" => array("code" => 7))); | |
711 | } | |
712 | ||
713 | function forgotpass() { | |
714 | header('Content-Type: text/html; charset=utf-8'); | |
715 | print "<html> | |
716 | <head> | |
717 | <title>Tiny Tiny RSS</title> | |
718 | <link rel=\"stylesheet\" type=\"text/css\" href=\"utility.css\"> | |
719 | <script type=\"text/javascript\" src=\"lib/prototype.js\"></script> | |
720 | <script type=\"text/javascript\" src=\"lib/scriptaculous/scriptaculous.js?load=effects,dragdrop,controls\"></script> | |
721 | <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/> | |
722 | </head> | |
723 | <body id='forgotpass'>"; | |
724 | ||
725 | print '<div class="floatingLogo"><img src="images/logo_small.png"></div>'; | |
726 | print "<h1>".__("Reset password")."</h1>"; | |
727 | print "<div class='content'>"; | |
728 | ||
729 | print "<p>".__("You will need to provide valid account name and email. New password will be sent on your email address.")."</p>"; | |
730 | ||
731 | @$method = $_POST['method']; | |
732 | ||
733 | if (!$method) { | |
734 | $secretkey = uniqid(); | |
735 | $_SESSION["secretkey"] = $secretkey; | |
736 | ||
737 | print "<form method='POST' action='public.php'>"; | |
738 | print "<input type='hidden' name='secretkey' value='$secretkey'>"; | |
739 | print "<input type='hidden' name='method' value='do'>"; | |
740 | print "<input type='hidden' name='op' value='forgotpass'>"; | |
741 | ||
742 | print "<fieldset>"; | |
743 | print "<label>".__("Login:")."</label>"; | |
744 | print "<input type='text' name='login' value='' required>"; | |
745 | print "</fieldset>"; | |
746 | ||
747 | print "<fieldset>"; | |
748 | print "<label>".__("Email:")."</label>"; | |
749 | print "<input type='email' name='email' value='' required>"; | |
750 | print "</fieldset>"; | |
751 | ||
752 | print "<fieldset>"; | |
753 | print "<label>".__("How much is two plus two:")."</label>"; | |
754 | print "<input type='text' name='test' value='' required>"; | |
755 | print "</fieldset>"; | |
756 | ||
757 | print "<p/>"; | |
758 | print "<button type='submit'>".__("Reset password")."</button>"; | |
759 | ||
760 | print "</form>"; | |
761 | } else if ($method == 'do') { | |
762 | ||
763 | $secretkey = $_POST["secretkey"]; | |
764 | $login = db_escape_string($this->link, $_POST["login"]); | |
765 | $email = db_escape_string($this->link, $_POST["email"]); | |
766 | $test = db_escape_string($this->link, $_POST["test"]); | |
767 | ||
768 | if (($test != 4 && $test != 'four') || !$email || !$login) { | |
769 | print_error(__('Some of the required form parameters are missing or incorrect.')); | |
770 | ||
771 | print "<p><a href=\"public.php?op=forgotpass\">".__("Go back")."</a></p>"; | |
772 | ||
773 | } else if ($_SESSION["secretkey"] == $secretkey) { | |
774 | ||
775 | $result = db_query($this->link, "SELECT id FROM ttrss_users | |
776 | WHERE login = '$login' AND email = '$email'"); | |
777 | ||
778 | if (db_num_rows($result) != 0) { | |
779 | $id = db_fetch_result($result, 0, "id"); | |
780 | ||
781 | Pref_Users::resetUserPassword($this->link, $id, false); | |
782 | ||
783 | print "<p>".__("Completed.")."</p>"; | |
784 | ||
785 | } else { | |
786 | print_error(__("Sorry, login and email combination not found.")); | |
787 | print "<p><a href=\"public.php?op=forgotpass\">".__("Go back")."</a></p>"; | |
788 | } | |
789 | ||
790 | } else { | |
791 | print_error(__("Form secret key incorrect. Please enable cookies and try again.")); | |
792 | print "<p><a href=\"public.php?op=forgotpass\">".__("Go back")."</a></p>"; | |
793 | ||
794 | } | |
795 | ||
796 | } | |
797 | ||
798 | print "</div>"; | |
799 | print "</body>"; | |
800 | print "</html>"; | |
801 | ||
802 | } | |
803 | ||
804 | } | |
805 | ?> |