backend.php

   1 <?
   2         require_once "sessions.php";
   3
   4         header("Cache-Control: no-cache, must-revalidate");
   5         header("Pragma: no-cache");
   6         header("Expires: -1");
   7
   8 /*      if ($_GET["debug"]) {
   9                 define('DEFAULT_ERROR_LEVEL', E_ALL);
  10         } else {
  11                 define('DEFAULT_ERROR_LEVEL', E_ERROR | E_WARNING | E_PARSE);
  12         }
  13
  14         error_reporting(DEFAULT_ERROR_LEVEL); */
  15
  16         $op = $_REQUEST["op"];
  17
  18         define('SCHEMA_VERSION', 7);
  19
  20         require_once "sanity_check.php";
  21         require_once "config.php";
  22
  23         $err_msg = check_configuration_variables();
  24
  25         if ($err_msg) {
  26                 print "Fatal error: $err_msg";
  27                 exit;
  28         }
  29
  30         if ((!$op || $op == "rpc" || $op == "globalUpdateFeeds") && !$_REQUEST["noxml"]) {
  31                 header("Content-Type: application/xml");
  32         }
  33
  34         if (!$_SESSION["uid"] && $op != "globalUpdateFeeds") {
  35
  36                 if ($op == "rpc") {
  37                         print "<error error-code=\"6\"/>";
  38                 } else {
  39                         print "
  40                         <html><body>
  41                                 <p>Error: Not logged in.</p>
  42                                 <script type=\"text/javascript\">
  43                                         if (parent.window != 'undefined') {
  44                                                 parent.window.location = \"login.php\";
  45                                         } else {
  46                                                 window.location = \"login.php\";
  47                                         }
  48                                 </script>
  49                         </body></html>
  50                         ";
  51                 }
  52                 exit;
  53         }
  54
  55         if (!$op) {
  56                 print "<error error-code=\"7\"/>";
  57                 exit;
  58         }
  59
  60         require_once "db.php";
  61         require_once "db-prefs.php";
  62         require_once "functions.php";
  63         require_once "magpierss/rss_fetch.inc";
  64
  65         $purge_intervals = array(
  66                 0  => "Default",
  67                 -1 => "Never purge",
  68                 5  => "1 week",
  69                 14 => "2 weeks",
  70                 31 => "1 month",
  71                 60 => "2 months",
  72                 90 => "3 months");
  73
  74         $update_intervals = array(
  75                 0   => "Default",
  76                 -1  => "Disable updates",
  77                 30  => "30 minutes",
  78                 60  => "1 hour",
  79                 240 => "4 hours",
  80                 720 => "12 hours",
  81                 1440 => "Daily",
  82                 10080 => "Weekly");
  83
  84         $script_started = getmicrotime();
  85
  86         $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
  87
  88         if (!$link) {
  89                 if (DB_TYPE == "mysql") {
  90                         print mysql_error();
  91                 }
  92                 // PG seems to display its own errors just fine by default.
  93                 return;
  94         }
  95
  96         if (DB_TYPE == "pgsql") {
  97                 pg_query("set client_encoding = 'utf-8'");
  98         }
  99
 100         if ($_SESSION["uid"]) {
 101                 if (get_pref($link, "HIDE_READ_FEEDS") == "true") {
 102                         setcookie("ttrss_vf_hreadf", 1);
 103                 } else {
 104                         setcookie("ttrss_vf_hreadf", 0);
 105                 }
 106
 107                 setcookie('ttrss_vf_refresh', FEEDS_FRAME_REFRESH);
 108                 setcookie('ttrss_vf_daemon', ENABLE_UPDATE_DAEMON);
 109         }
 110
 111         $fetch = $_GET["fetch"];
 112
 113 //      setcookie("ttrss_icons_url", ICONS_URL);
 114
 115         if (!sanity_check($link)) { return; }
 116
 117         function outputFeedList($link, $tags = false) {
 118
 119                 print "<html><head>
 120                         <title>Tiny Tiny RSS : Feedlist</title>
 121                         <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">";
 122
 123                 $user_theme = $_SESSION["theme"];
 124                 if ($user_theme) {
 125                         print "<link rel=\"stylesheet\" type=\"text/css\"
 126                                 href=\"themes/$user_theme/theme.css\">";
 127                 }
 128
 129                 if (get_pref($link, 'USE_COMPACT_STYLESHEET')) {
 130                         print "<link rel=\"stylesheet\" type=\"text/css\"
 131                                 href=\"tt-rss_compact.css\"/>";
 132                 } else {
 133                         print "<link title=\"Compact Stylesheet\" rel=\"alternate stylesheet\"
 134                                         type=\"text/css\" href=\"tt-rss_compact.css\"/>";
 135                 }
 136
 137                 print "<script type=\"text/javascript\" src=\"functions.js\"></script>
 138                         <script type=\"text/javascript\" src=\"feedlist.js\"></script>
 139                         <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
 140                         <!--[if gte IE 5.5000]>
 141                         <script type=\"text/javascript\" src=\"pngfix.js\"></script>
 142                         <link rel=\"stylesheet\" type=\"text/css\" href=\"tt-rss-ie.css\">
 143                         <![endif]-->
 144                         </head><body>
 145                         <script type=\"text/javascript\">
 146                                 if (document.addEventListener) {
 147                                         document.addEventListener(\"DOMContentLoaded\", init, null);
 148                                 }
 149                                 window.onload = init;
 150                         </script>";
 151
 152                 print "<ul class=\"feedList\" id=\"feedList\">\n";
 153
 154                 $owner_uid = $_SESSION["uid"];
 155
 156                 if (!$tags) {
 157
 158                         /* virtual feeds */
 159
 160                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 161                                 print "<li class=\"feedCat\">Special</li>";
 162                                 print "<li id=\"feedCatHolder\"><ul class=\"feedCatList\">";
 163                         }
 164
 165                         $result = db_query($link, "SELECT count(id) as num_starred
 166                                 FROM ttrss_entries,ttrss_user_entries
 167                                 WHERE marked = true AND
 168                                 ttrss_user_entries.ref_id = ttrss_entries.id AND
 169                                 unread = true AND owner_uid = '$owner_uid'");
 170                         $num_starred = db_fetch_result($result, 0, "num_starred");
 171
 172                         $class = "virt";
 173
 174                         if ($num_starred > 0) $class .= "Unread";
 175
 176                         printFeedEntry(-1, $class, "Starred articles", $num_starred,
 177                                 "images/mark_set.png", $link);
 178
 179                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 180                                 print "</ul>\n";
 181                         }
 182
 183                         if (GLOBAL_ENABLE_LABELS && get_pref($link, 'ENABLE_LABELS')) {
 184
 185                                 $result = db_query($link, "SELECT id,sql_exp,description FROM
 186                                         ttrss_labels WHERE owner_uid = '$owner_uid' ORDER by description");
 187
 188                                 if (db_num_rows($result) > 0) {
 189                                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 190                                                 print "<li class=\"feedCat\">Labels</li>";
 191                                                 print "<li id=\"feedCatHolder\"><ul class=\"feedCatList\">";
 192                                         } else {
 193                                                 print "<li><hr></li>";
 194                                         }
 195                                 }
 196
 197                                 while ($line = db_fetch_assoc($result)) {
 198
 199                                         error_reporting (0);
 200
 201                                         $tmp_result = db_query($link, "SELECT count(id) as count
 202                                                 FROM ttrss_entries,ttrss_user_entries
 203                                                 WHERE (" . $line["sql_exp"] . ") AND unread = true AND
 204                                                 ttrss_user_entries.ref_id = ttrss_entries.id
 205                                                 AND owner_uid = '$owner_uid'");
 206
 207                                         $count = db_fetch_result($tmp_result, 0, "count");
 208
 209                                         $class = "label";
 210
 211                                         if ($count > 0) {
 212                                                 $class .= "Unread";
 213                                         }
 214
 215                                         error_reporting (DEFAULT_ERROR_LEVEL);
 216
 217                                         printFeedEntry(-$line["id"]-11,
 218                                                 $class, $line["description"], $count, "images/label.png", $link);
 219
 220                                 }
 221
 222                                 if (db_num_rows($result) > 0) {
 223                                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 224                                                 print "</ul>";
 225                                         }
 226                                 }
 227
 228                         }
 229
 230 //                      if (!get_pref($link, 'ENABLE_FEED_CATS')) {
 231                                 print "<li><hr></li>";
 232 //                      }
 233
 234                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 235                                 $order_by_qpart = "category,title";
 236                         } else {
 237                                 $order_by_qpart = "title";
 238                         }
 239
 240                         $result = db_query($link, "SELECT ttrss_feeds.*,
 241                                 (SELECT COUNT(id) FROM ttrss_entries,ttrss_user_entries
 242                                         WHERE feed_id = ttrss_feeds.id AND
 243                                         ttrss_user_entries.ref_id = ttrss_entries.id AND
 244                                         owner_uid = '$owner_uid') AS total,
 245                                 (SELECT COUNT(id) FROM ttrss_entries,ttrss_user_entries
 246                                         WHERE feed_id = ttrss_feeds.id AND unread = true
 247                                                 AND ttrss_user_entries.ref_id = ttrss_entries.id
 248                                                 AND owner_uid = '$owner_uid') as unread,
 249                                 cat_id,last_error,
 250                                 ttrss_feed_categories.title AS category,
 251                                 ttrss_feed_categories.collapsed
 252                                 FROM ttrss_feeds LEFT JOIN ttrss_feed_categories
 253                                         ON (ttrss_feed_categories.id = cat_id)
 254                                 WHERE
 255                                         ttrss_feeds.owner_uid = '$owner_uid' AND parent_feed IS NULL
 256                                 ORDER BY $order_by_qpart");
 257
 258                         $actid = $_GET["actid"];
 259
 260                         /* real feeds */
 261
 262                         $lnum = 0;
 263
 264                         $total_unread = 0;
 265
 266                         $category = "";
 267
 268                         while ($line = db_fetch_assoc($result)) {
 269
 270                                 $feed = db_unescape_string($line["title"]);
 271                                 $feed_id = $line["id"];
 272
 273                                 $subop = $_GET["subop"];
 274
 275                                 $total = $line["total"];
 276                                 $unread = $line["unread"];
 277
 278                                 $rtl_content = sql_bool_to_bool($line["rtl_content"]);
 279
 280                                 if ($rtl_content) {
 281                                         $rtl_tag = "dir=\"RTL\"";
 282                                 } else {
 283                                         $rtl_tag = "";
 284                                 }
 285
 286                                 $tmp_result = db_query($link,
 287                                         "SELECT id,COUNT(unread) AS unread
 288                                         FROM ttrss_feeds LEFT JOIN ttrss_user_entries
 289                                                 ON (ttrss_feeds.id = ttrss_user_entries.feed_id)
 290                                         WHERE parent_feed = '$feed_id' AND unread = true
 291                                         GROUP BY ttrss_feeds.id");
 292
 293                                 if (db_num_rows($tmp_result) > 0) {
 294                                         while ($l = db_fetch_assoc($tmp_result)) {
 295                                                 $unread += $l["unread"];
 296                                         }
 297                                 }
 298
 299                                 $cat_id = $line["cat_id"];
 300
 301                                 $tmp_category = $line["category"];
 302
 303                                 if (!$tmp_category) {
 304                                         $tmp_category = "Uncategorized";
 305                                 }
 306
 307         //                      $class = ($lnum % 2) ? "even" : "odd";
 308
 309                                 if ($line["last_error"]) {
 310                                         $class = "error";
 311                                 } else {
 312                                         $class = "feed";
 313                                 }
 314
 315                                 if ($unread > 0) $class .= "Unread";
 316
 317                                 if ($actid == $feed_id) {
 318                                         $class .= "Selected";
 319                                 }
 320
 321                                 $total_unread += $unread;
 322
 323                                 if ($category != $tmp_category && get_pref($link, 'ENABLE_FEED_CATS')) {
 324
 325                                         if ($category) {
 326                                                 print "</ul></li>";
 327                                         }
 328
 329                                         $category = $tmp_category;
 330
 331                                         $collapsed = $line["collapsed"];
 332
 333                                         // workaround for NULL category
 334                                         if ($category == "Uncategorized") {
 335                                                 if ($_COOKIE["ttrss_vf_uclps"] == 1) {
 336                                                         $collapsed = "t";
 337                                                 }
 338                                         }
 339
 340                                         if ($collapsed == "t" || $collapsed == "1") {
 341                                                 $holder_class = "invisible";
 342                                                 $ellipsis = "...";
 343                                         } else {
 344                                                 $holder_class = "";
 345                                                 $ellipsis = "";
 346                                         }
 347
 348                                         if ($cat_id) {
 349                                                 $cat_id_qpart = "cat_id = '$cat_id'";
 350                                         } else {
 351                                                 $cat_id_qpart = "cat_id IS NULL";
 352                                         }
 353
 354                                         $tmp_result = db_query($link, "SELECT count(int_id) AS unread
 355                                                 FROM ttrss_user_entries,ttrss_feeds WHERE
 356                                                         unread = true AND
 357                                                         feed_id = ttrss_feeds.id AND $cat_id_qpart AND
 358                                                         ttrss_user_entries.owner_uid = " . $_SESSION["uid"]);
 359
 360                                         $cat_unread = db_fetch_result($tmp_result, 0, "unread");
 361
 362                                         $cat_id = sprintf("%d", $cat_id);
 363
 364                                         print "<li class=\"feedCat\" id=\"FCAT-$cat_id\">
 365                                                 <a href=\"javascript:toggleCollapseCat($cat_id)\">$tmp_category</a>
 366                                                         <a href=\"javascript:viewCategory($cat_id)\" id=\"FCAP-$cat_id\">
 367                                                         <span id=\"FCATCTR-$cat_id\"
 368                                                         class=\"$catctr_class\">($cat_unread unread)$ellipsis</span></a></li>";
 369
 370                                         // !!! NO SPACE before <ul...feedCatList - breaks firstChild DOM function
 371                                         // -> keyboard navigation, etc.
 372                                         print "<li id=\"feedCatHolder\" class=\"$holder_class\"><ul class=\"feedCatList\" id=\"FCATLIST-$cat_id\">";
 373                                 }
 374
 375                                 printFeedEntry($feed_id, $class, $feed, $unread,
 376                                         "icons/$feed_id.ico", $link, $rtl_content);
 377
 378                                 ++$lnum;
 379                         }
 380
 381                 } else {
 382
 383                         // tags
 384
 385 /*                      $result = db_query($link, "SELECT tag_name,count(ttrss_entries.id) AS count
 386                                 FROM ttrss_tags,ttrss_entries,ttrss_user_entries WHERE
 387                                 post_int_id = ttrss_user_entries.int_id AND
 388                                 unread = true AND ref_id = ttrss_entries.id
 389                                 AND ttrss_tags.owner_uid = '$owner_uid' GROUP BY tag_name
 390                         UNION
 391                                 select tag_name,0 as count FROM ttrss_tags WHERE owner_uid = '$owner_uid'
 392                         ORDER BY tag_name"); */
 393
 394                         $result = db_query($link, "SELECT tag_name,SUM((SELECT COUNT(int_id)
 395                                 FROM ttrss_user_entries WHERE int_id = post_int_id
 396                                         AND unread = true)) AS count FROM ttrss_tags
 397                                 WHERE owner_uid = 2 GROUP BY tag_name ORDER BY tag_name");
 398
 399                         $tags = array();
 400
 401                         while ($line = db_fetch_assoc($result)) {
 402                                 $tags[$line["tag_name"]] += $line["count"];
 403                         }
 404
 405                         foreach (array_keys($tags) as $tag) {
 406
 407                                 $unread = $tags[$tag];
 408
 409                                 $class = "tag";
 410
 411                                 if ($unread > 0) {
 412                                         $class .= "Unread";
 413                                 }
 414
 415                                 printFeedEntry($tag, $class, $tag, $unread, "images/tag.png", $link);
 416
 417                         }
 418
 419                 }
 420
 421                 if (db_num_rows($result) == 0) {
 422                         if ($tags) {
 423                                 $what = "tags";
 424                         } else {
 425                                 $what = "feeds";
 426                         }
 427                         print "<li>No $what to display.</li>";
 428                 }
 429
 430                 print "</ul>";
 431
 432                 print '
 433                         <script type="text/javascript">
 434                                 /* for IE */
 435                                 function statechange() {
 436                                         if (document.readyState == "interactive") init();
 437                                 }
 438
 439                                 if (document.readyState) {
 440                                         if (document.readyState == "interactive" || document.readyState == "complete") {
 441                                                 init();
 442                                         } else {
 443                                                 document.onreadystatechange = statechange;
 444                                         }
 445                                 }
 446                         </script></body></html>';
 447         }
 448
 449
 450         if ($op == "rpc") {
 451
 452                 $subop = $_GET["subop"];
 453
 454                 if ($subop == "setpref") {
 455                         if (WEB_DEMO_MODE) {
 456                                 return;
 457                         }
 458
 459                         print "<rpc-reply>";
 460
 461                         $key = db_escape_string($_GET["key"]);
 462                         $value = db_escape_string($_GET["value"]);
 463
 464                         set_pref($link, $key, $value);
 465
 466                         print "<param-set key=\"$key\" value=\"$value\"/>";
 467
 468                         print "</rpc-reply>";
 469
 470                 }
 471
 472                 if ($subop == "getLabelCounters") {
 473                         $aid = $_GET["aid"];
 474                         print "<rpc-reply>";
 475                         getLabelCounters($link);
 476                         if ($aid) {
 477                                 getFeedCounter($link, $aid);
 478                         }
 479                         print "</rpc-reply>";
 480                 }
 481
 482                 if ($subop == "getFeedCounters") {
 483                         print "<rpc-reply>";
 484                         getFeedCounters($link);
 485                         print "</rpc-reply>";
 486                 }
 487
 488                 if ($subop == "getAllCounters") {
 489                         print "<rpc-reply>";
 490                         getAllCounters($link);
 491                         print "</rpc-reply>";
 492                 }
 493
 494                 if ($subop == "mark") {
 495                         $mark = $_GET["mark"];
 496                         $id = db_escape_string($_GET["id"]);
 497
 498                         if ($mark == "1") {
 499                                 $mark = "true";
 500                         } else {
 501                                 $mark = "false";
 502                         }
 503
 504                         // FIXME this needs collision testing
 505
 506                         $result = db_query($link, "UPDATE ttrss_user_entries SET marked = $mark
 507                                 WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 508                 }
 509
 510                 if ($subop == "updateFeed") {
 511                         $feed_id = db_escape_string($_GET["feed"]);
 512
 513                         $result = db_query($link,
 514                                 "SELECT feed_url FROM ttrss_feeds WHERE id = '$feed_id'
 515                                         AND owner_uid = " . $_SESSION["uid"]);
 516
 517                         if (db_num_rows($result) > 0) {
 518                                 $feed_url = db_fetch_result($result, 0, "feed_url");
 519                                 update_rss_feed($link, $feed_url, $feed_id);
 520                         }
 521
 522                         print "<rpc-reply>";
 523                         getFeedCounter($link, $feed_id);
 524                         print "</rpc-reply>";
 525
 526                         return;
 527                 }
 528
 529                 if ($subop == "forceUpdateAllFeeds" || $subop == "updateAllFeeds") {
 530
 531                         if (ENABLE_UPDATE_DAEMON) {
 532
 533                                 if ($subop == "forceUpdateAllFeeds") {
 534
 535                                         $result = db_query($link, "SELECT count(id) AS cid FROM
 536                                                 ttrss_scheduled_updates WHERE feed_id IS NULL AND
 537                                                         owner_uid = " . $_SESSION["uid"]);
 538
 539                                         $cid = db_fetch_result($result, 0, "cid");
 540
 541 #                                       print "<rpc-reply>";
 542
 543                                         if ($cid == 0) {
 544
 545                                                 db_query($link, "INSERT INTO ttrss_scheduled_updates
 546                                                         (owner_uid, feed_id, entered) VALUES
 547                                                         (".$_SESSION["uid"].", NULL, NOW())");
 548
 549 //                                              print "<!-- ScheduledOK -->";
 550
 551                                         } else {
 552 //                                              print "<!-- RequestAlreadyInQueue -->";
 553                                         }
 554
 555 #                                       print "</rpc-reply>";
 556                                 }
 557
 558                         } else {
 559                                 update_all_feeds($link, $subop == "forceUpdateAllFeeds");
 560                         }
 561
 562                         $global_unread_caller = sprintf("%d", $_GET["uctr"]);
 563                         $global_unread = getGlobalUnread($link);
 564
 565                         print "<rpc-reply>";
 566
 567                         if ($global_unread_caller != $global_unread) {
 568
 569                                 $omode = $_GET["omode"];
 570
 571                                 if (!$omode) $omode = "tflc";
 572
 573                                 if (strchr($omode, "l")) getLabelCounters($link);
 574                                 if (strchr($omode, "f")) getFeedCounters($link);
 575                                 if (strchr($omode, "t")) getTagCounters($link);
 576                                 if (strchr($omode, "c")) {
 577                                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
 578                                                 getCategoryCounters($link);
 579                                         }
 580                                 }
 581                         }
 582
 583                         getGlobalCounters($link, $global_unread);
 584
 585                         print "</rpc-reply>";
 586
 587                 }
 588
 589                 /* GET["cmode"] = 0 - mark as read, 1 - as unread, 2 - toggle */
 590                 if ($subop == "catchupSelected") {
 591
 592                         $ids = split(",", db_escape_string($_GET["ids"]));
 593
 594                         $cmode = sprintf("%d", $_GET["cmode"]);
 595
 596                         foreach ($ids as $id) {
 597
 598                                 if ($cmode == 0) {
 599                                         db_query($link, "UPDATE ttrss_user_entries SET
 600                                         unread = false,last_read = NOW()
 601                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 602                                 } else if ($cmode == 1) {
 603                                         db_query($link, "UPDATE ttrss_user_entries SET
 604                                         unread = true
 605                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 606                                 } else {
 607                                         db_query($link, "UPDATE ttrss_user_entries SET
 608                                         unread = NOT unread,last_read = NOW()
 609                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 610                                 }
 611                         }
 612                         print "<rpc-reply>";
 613                         getAllCounters($link);
 614                         print "</rpc-reply>";
 615                 }
 616
 617                 if ($subop == "markSelected") {
 618
 619                         $ids = split(",", db_escape_string($_GET["ids"]));
 620
 621                         $cmode = sprintf("%d", $_GET["cmode"]);
 622
 623                         foreach ($ids as $id) {
 624
 625                                 if ($cmode == 0) {
 626                                         db_query($link, "UPDATE ttrss_user_entries SET
 627                                         marked = false
 628                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 629                                 } else if ($cmode == 1) {
 630                                         db_query($link, "UPDATE ttrss_user_entries SET
 631                                         marked = true
 632                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 633                                 } else {
 634                                         db_query($link, "UPDATE ttrss_user_entries SET
 635                                         marked = NOT marked
 636                                         WHERE ref_id = '$id' AND owner_uid = " . $_SESSION["uid"]);
 637                                 }
 638                         }
 639                         print "<rpc-reply>";
 640                         getAllCounters($link);
 641                         print "</rpc-reply>";
 642                 }
 643
 644                 if ($subop == "sanityCheck") {
 645                         if (sanity_check($link)) {
 646                                 print "<error error-code=\"0\"/>";
 647                         }
 648                 }
 649
 650                 if ($subop == "globalPurge") {
 651
 652                         print "<rpc-reply>";
 653                         global_purge_old_posts($link, true);
 654                         print "</rpc-reply>";
 655
 656                 }
 657
 658         }
 659
 660         if ($op == "feeds") {
 661
 662                 $tags = $_GET["tags"];
 663
 664                 $subop = $_GET["subop"];
 665
 666                 if ($subop == "catchupAll") {
 667                         db_query($link, "UPDATE ttrss_user_entries SET
 668                                 last_read = NOW(),unread = false WHERE owner_uid = " . $_SESSION["uid"]);
 669                 }
 670
 671                 if ($subop == "collapse") {
 672                         $cat_id = db_escape_string($_GET["cid"]);
 673
 674                         db_query($link, "UPDATE ttrss_feed_categories SET
 675                                 collapsed = NOT collapsed WHERE id = '$cat_id' AND owner_uid = " .
 676                                 $_SESSION["uid"]);
 677                         return;
 678                 }
 679
 680                 outputFeedList($link, $tags);
 681
 682         }
 683
 684         if ($op == "view") {
 685
 686                 $id = db_escape_string($_GET["id"]);
 687                 $feed_id = db_escape_string($_GET["feed"]);
 688
 689                 $result = db_query($link, "SELECT rtl_content FROM ttrss_feeds
 690                         WHERE id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]);
 691
 692                 if (db_num_rows($result) == 1) {
 693                         $rtl_content = sql_bool_to_bool(db_fetch_result($result, 0, "rtl_content"));
 694                 } else {
 695                         $rtl_content = false;
 696                 }
 697
 698                 if ($rtl_content) {
 699                         $rtl_tag = "dir=\"RTL\"";
 700                         $rtl_class = "RTL";
 701                 } else {
 702                         $rtl_tag = "";
 703                         $rtl_class = "";
 704                 }
 705
 706                 $result = db_query($link, "UPDATE ttrss_user_entries
 707                         SET unread = false,last_read = NOW()
 708                         WHERE ref_id = '$id' AND feed_id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]);
 709
 710                 $result = db_query($link, "SELECT title,link,content,feed_id,comments,int_id,
 711                         SUBSTRING(updated,1,16) as updated,
 712                         (SELECT icon_url FROM ttrss_feeds WHERE id = feed_id) as icon_url,
 713                         num_comments,
 714                         author
 715                         FROM ttrss_entries,ttrss_user_entries
 716                         WHERE   id = '$id' AND ref_id = id");
 717
 718                 print "<html><head>
 719                         <title>Tiny Tiny RSS : Article $id</title>
 720                         <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">";
 721
 722                 $user_theme = $_SESSION["theme"];
 723                 if ($user_theme) {
 724                         print "<link rel=\"stylesheet\" type=\"text/css\"
 725                                 href=\"themes/$user_theme/theme.css\">";
 726                 }
 727
 728                 if (get_pref($link, 'USE_COMPACT_STYLESHEET')) {
 729                         print "<link rel=\"stylesheet\" type=\"text/css\"
 730                                 href=\"tt-rss_compact.css\"/>";
 731                 } else {
 732                         print "<link title=\"Compact Stylesheet\" rel=\"alternate stylesheet\"
 733                                         type=\"text/css\" href=\"tt-rss_compact.css\"/>";
 734                 }
 735
 736                 print "<script type=\"text/javascript\" src=\"functions.js\"></script>
 737                         <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
 738                         </head><body $rtl_tag>";
 739
 740                 if ($result) {
 741
 742                         $line = db_fetch_assoc($result);
 743
 744                         if ($line["icon_url"]) {
 745                                 $feed_icon = "<img class=\"feedIcon\" src=\"" . $line["icon_url"] . "\">";
 746                         } else {
 747                                 $feed_icon = "&nbsp;";
 748                         }
 749
 750 /*                      if ($line["comments"] && $line["link"] != $line["comments"]) {
 751                                 $entry_comments = "(<a href=\"".$line["comments"]."\">Comments</a>)";
 752                         } else {
 753                                 $entry_comments = "";
 754                         } */
 755
 756                         $num_comments = $line["num_comments"];
 757                         $entry_comments = "";
 758
 759                         if ($num_comments > 0) {
 760                                 if ($line["comments"]) {
 761                                         $comments_url = $line["comments"];
 762                                 } else {
 763                                         $comments_url = $line["link"];
 764                                 }
 765                                 $entry_comments = "<a href=\"$comments_url\">$num_comments comments</a>";
 766                         } else {
 767                                 if ($line["comments"] && $line["link"] != $line["comments"]) {
 768                                         $entry_comments = "<a href=\"".$line["comments"]."\">comments</a>";
 769                                 }
 770                         }
 771
 772                         print "<div class=\"postReply\">";
 773
 774                         print "<div class=\"postHeader\"><table width=\"100%\">";
 775
 776                         $entry_author = $line["author"];
 777
 778                         if ($entry_author) {
 779                                 $entry_author = " - by $entry_author";
 780                         }
 781
 782                         print "<tr><td><a href=\"" . $line["link"] . "\">" . $line["title"] .
 783                                 "</a>$entry_author</td>";
 784
 785                         $parsed_updated = date(get_pref($link, 'LONG_DATE_FORMAT'),
 786                                 strtotime($line["updated"]));
 787
 788                         print "<td class=\"postDate$rtl_class\">$parsed_updated</td>";
 789
 790                         print "</tr>";
 791
 792                         $tmp_result = db_query($link, "SELECT DISTINCT tag_name FROM
 793                                 ttrss_tags WHERE post_int_id = " . $line["int_id"] . "
 794                                 ORDER BY tag_name");
 795
 796                         $tags_str = "";
 797                         $f_tags_str = "";
 798
 799                         $num_tags = 0;
 800
 801                         while ($tmp_line = db_fetch_assoc($tmp_result)) {
 802                                 $num_tags++;
 803                                 $tag = $tmp_line["tag_name"];
 804                                 $tag_str = "<a href=\"javascript:parent.viewfeed('$tag')\">$tag</a>, ";
 805
 806                                 if ($num_tags == 5) {
 807                                         $tags_str .= "<a href=\"javascript:showBlockElement('allEntryTags')\">...</a>";
 808                                 } else if ($num_tags < 5) {
 809                                         $tags_str .= $tag_str;
 810                                 }
 811                                 $f_tags_str .= $tag_str;
 812                         }
 813
 814                         $tags_str = preg_replace("/, $/", "", $tags_str);
 815                         $f_tags_str = preg_replace("/, $/", "", $f_tags_str);
 816
 817 //                      $truncated_link = truncate_string($line["link"], 60);
 818
 819                         if ($tags_str || $entry_comments) {
 820                                 print "<tr><td width='50%'>
 821                                         $entry_comments</td>
 822                                         <td align=\"right\">$tags_str</td></tr>";
 823                         }
 824
 825                         print "</table></div>";
 826
 827                         print "<div class=\"postIcon\">" . $feed_icon . "</div>";
 828                         print "<div class=\"postContent\">";
 829
 830                         if (db_num_rows($tmp_result) > 5) {
 831                                 print "<div id=\"allEntryTags\">Tags: $f_tags_str</div>";
 832                         }
 833
 834                         if (get_pref($link, 'OPEN_LINKS_IN_NEW_WINDOW')) {
 835                                 $line["content"] = preg_replace("/href=/i", "target=\"_new\" href=", $line["content"]);
 836                         }
 837
 838                         print $line["content"] . "</div>";
 839
 840                         print "</div>";
 841
 842                         print "<script type=\"text/javascript\">
 843                                 update_all_counters('$feed_id');
 844                         </script>";
 845                 }
 846
 847                 print "</body></html>";
 848         }
 849
 850         if ($op == "viewfeed") {
 851
 852                 $feed = db_escape_string($_GET["feed"]);
 853                 $skip = db_escape_string($_GET["skip"]);
 854                 $subop = db_escape_string($_GET["subop"]);
 855                 $view_mode = db_escape_string($_GET["view"]);
 856                 $limit = db_escape_string($_GET["limit"]);
 857                 $cat_view = db_escape_string($_GET["cat"]);
 858
 859                 if (!$skip) $skip = 0;
 860
 861                 if ($subop == "undefined") $subop = "";
 862
 863                 print "<html><head>
 864                         <title>Tiny Tiny RSS : Feed $feed</title>
 865                         <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">";
 866
 867                 $user_theme = $_SESSION["theme"];
 868                 if ($user_theme) {
 869                         print "<link rel=\"stylesheet\" type=\"text/css\"
 870                                 href=\"themes/$user_theme/theme.css\">";
 871                 }
 872
 873                 if (get_pref($link, 'USE_COMPACT_STYLESHEET')) {
 874                         print "<link rel=\"stylesheet\"
 875                                         type=\"text/css\" href=\"tt-rss_compact.css\"/>";
 876
 877                 } else {
 878                         print "<link title=\"Compact Stylesheet\" rel=\"alternate stylesheet\"
 879                                         type=\"text/css\" href=\"tt-rss_compact.css\"/>";
 880                 }
 881
 882                 if (preg_match("/^-?[0-9][0-9]*$/", $feed) != false) {
 883
 884                         $result = db_query($link, "SELECT rtl_content FROM ttrss_feeds
 885                                 WHERE id = '$feed' AND owner_uid = " . $_SESSION["uid"]);
 886
 887                         if (db_num_rows($result) == 1) {
 888                                 $rtl_content = sql_bool_to_bool(db_fetch_result($result, 0, "rtl_content"));
 889                         } else {
 890                                 $rtl_content = false;
 891                         }
 892
 893                         if ($rtl_content) {
 894                                 $rtl_tag = "dir=\"RTL\"";
 895                         } else {
 896                                 $rtl_tag = "";
 897                         }
 898                 } else {
 899                         $rtl_tag = "";
 900                         $rtl_content = false;
 901                 }
 902
 903                 print "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
 904                         <script type=\"text/javascript\" src=\"functions.js\"></script>
 905                         <script type=\"text/javascript\" src=\"viewfeed.js\"></script>
 906                         <!--[if gte IE 5.5000]>
 907                         <script type=\"text/javascript\" src=\"pngfix.js\"></script>
 908                         <link rel=\"stylesheet\" type=\"text/css\" href=\"tt-rss-ie.css\">
 909                         <![endif]-->
 910                         </head><body $rtl_tag>
 911                         <script type=\"text/javascript\">
 912                         if (document.addEventListener) {
 913                                 document.addEventListener(\"DOMContentLoaded\", init, null);
 914                         }
 915                         window.onload = init;
 916                         </script>";
 917
 918                 if ($subop == "ForceUpdate" && sprintf("%d", $feed) > 0) {
 919                         update_generic_feed($link, $feed, $cat_view);
 920                 }
 921
 922                 if ($subop == "MarkAllRead")  {
 923                         catchup_feed($link, $feed, $cat_view);
 924                 }
 925
 926                 $search = db_escape_string($_GET["search"]);
 927                 $search_mode = db_escape_string($_GET["smode"]);
 928
 929                 if ($search) {
 930                         $search_query_part = "(upper(ttrss_entries.title) LIKE upper('%$search%')
 931                                 OR ttrss_entries.content LIKE '%$search%') AND";
 932                 } else {
 933                         $search_query_part = "";
 934                 }
 935
 936                 $view_query_part = "";
 937
 938                 if ($view_mode == "Adaptive") {
 939                         if ($search) {
 940                                 $view_query_part = " ";
 941                         } else if ($feed != -1) {
 942                                 $unread = getFeedUnread($link, $feed);
 943                                 if ($unread > 0) {
 944                                         $view_query_part = " unread = true AND ";
 945                                 }
 946                         }
 947                 }
 948
 949                 if ($view_mode == "Starred") {
 950                         $view_query_part = " marked = true AND ";
 951                 }
 952
 953                 if ($view_mode == "Unread") {
 954                         $view_query_part = " unread = true AND ";
 955                 }
 956
 957                 if ($limit && $limit != "All") {
 958                         $limit_query_part = "LIMIT " . $limit;
 959                 }
 960
 961                 $vfeed_query_part = "";
 962
 963                 // override query strategy and enable feed display when searching globally
 964                 if ($search && $search_mode == "All feeds") {
 965                         $query_strategy_part = "ttrss_entries.id > 0";
 966                         $vfeed_query_part = "ttrss_feeds.title AS feed_title,";
 967                 } else if (preg_match("/^-?[0-9][0-9]*$/", $feed) == false) {
 968                         $query_strategy_part = "ttrss_entries.id > 0";
 969                         $vfeed_query_part = "(SELECT title FROM ttrss_feeds WHERE
 970                                 id = feed_id) as feed_title,";
 971                 } else if ($feed >= 0 && $search && $search_mode == "This category") {
 972
 973                         $vfeed_query_part = "ttrss_feeds.title AS feed_title,";
 974
 975                         $tmp_result = db_query($link, "SELECT id
 976                                 FROM ttrss_feeds WHERE cat_id =
 977                                         (SELECT cat_id FROM ttrss_feeds WHERE id = '$feed') AND id != '$feed'");
 978
 979                         $cat_siblings = array();
 980
 981                         if (db_num_rows($tmp_result) > 0) {
 982                                 while ($p = db_fetch_assoc($tmp_result)) {
 983                                         array_push($cat_siblings, "feed_id = " . $p["id"]);
 984                                 }
 985
 986                                 $query_strategy_part = sprintf("(feed_id = %d OR %s)",
 987                                         $feed, implode(" OR ", $cat_siblings));
 988
 989                         } else {
 990                                 $query_strategy_part = "ttrss_entries.id > 0";
 991                         }
 992
 993                 } else if ($feed >= 0) {
 994
 995                         if ($cat_view) {
 996
 997                                 if ($feed > 0) {
 998                                         $query_strategy_part = "cat_id = '$feed'";
 999                                 } else {
1000                                         $query_strategy_part = "cat_id IS NULL";
1001                                 }
1002
1003                                 $vfeed_query_part = "ttrss_feeds.title AS feed_title,";
1004
1005                         } else {
1006                                 $tmp_result = db_query($link, "SELECT id
1007                                         FROM ttrss_feeds WHERE parent_feed = '$feed'
1008                                         ORDER BY cat_id,title");
1009
1010                                 $parent_ids = array();
1011
1012                                 if (db_num_rows($tmp_result) > 0) {
1013                                         while ($p = db_fetch_assoc($tmp_result)) {
1014                                                 array_push($parent_ids, "feed_id = " . $p["id"]);
1015                                         }
1016
1017                                         $query_strategy_part = sprintf("(feed_id = %d OR %s)",
1018                                                 $feed, implode(" OR ", $parent_ids));
1019
1020                                         $vfeed_query_part = "ttrss_feeds.title AS feed_title,";
1021                                 } else {
1022                                         $query_strategy_part = "feed_id = '$feed'";
1023                                 }
1024                         }
1025                 } else if ($feed == -1) { // starred virtual feed
1026                         $query_strategy_part = "marked = true";
1027                         $vfeed_query_part = "ttrss_feeds.title AS feed_title,";
1028                 } else if ($feed <= -10) { // labels
1029                         $label_id = -$feed - 11;
1030
1031                         $tmp_result = db_query($link, "SELECT sql_exp FROM ttrss_labels
1032                                 WHERE id = '$label_id'");
1033
1034                         $query_strategy_part = db_fetch_result($tmp_result, 0, "sql_exp");
1035
1036                         $vfeed_query_part = "ttrss_feeds.title AS feed_title,";
1037                 } else {
1038                         $query_strategy_part = "id > 0"; // dumb
1039                 }
1040
1041                 $order_by = "updated DESC";
1042
1043 //              if ($feed < -10) {
1044 //                      $order_by = "feed_id,updated DESC";
1045 //              }
1046
1047                 $feed_title = "";
1048
1049                 if ($search && $search_mode == "All feeds") {
1050                         $feed_title = "Global search results ($search)";
1051                 } else if ($search && preg_match('/^-?[0-9][0-9]*$/', $feed) == false) {
1052                         $feed_title = "Feed search results ($search, $feed)";
1053                 } else if (preg_match('/^-?[0-9][0-9]*$/', $feed) == false) {
1054                         $feed_title = $feed;
1055                 } else if (preg_match('/^-?[0-9][0-9]*$/', $feed) != false && $feed >= 0) {
1056
1057                         if ($cat_view) {
1058
1059                                 if ($feed != 0) {
1060                                         $result = db_query($link, "SELECT title FROM ttrss_feed_categories
1061                                                 WHERE id = '$feed' AND owner_uid = " . $_SESSION["uid"]);
1062                                         $feed_title = db_fetch_result($result, 0, "title");
1063                                 } else {
1064                                         $feed_title = "Uncategorized";
1065                                 }
1066                         } else {
1067
1068                                 $result = db_query($link, "SELECT title,site_url,last_error FROM ttrss_feeds
1069                                         WHERE id = '$feed' AND owner_uid = " . $_SESSION["uid"]);
1070
1071                                 $feed_title = db_fetch_result($result, 0, "title");
1072                                 $feed_site_url = db_fetch_result($result, 0, "site_url");
1073                                 $last_error = db_fetch_result($result, 0, "last_error");
1074
1075                         }
1076
1077                 } else if ($feed == -1) {
1078                         $feed_title = "Starred articles";
1079                 } else if ($feed < -10) {
1080                         $label_id = -$feed - 11;
1081                         $result = db_query($link, "SELECT description FROM ttrss_labels
1082                                 WHERE id = '$label_id'");
1083                         $feed_title = db_fetch_result($result, 0, "description");
1084                 } else {
1085                         $feed_title = "?";
1086                 }
1087
1088                 if ($feed < -10) error_reporting (0);
1089
1090                 print "<div id=\"headlinesContainer\">";
1091
1092                 if (preg_match("/^-?[0-9][0-9]*$/", $feed) != false) {
1093
1094                         if ($feed >= 0) {
1095                                 $feed_kind = "Feeds";
1096                         } else {
1097                                 $feed_kind = "Labels";
1098                         }
1099
1100 //                      if (!$vfeed_query_part) {
1101                         $content_query_part = "content as content_preview,";
1102 //                      } else {
1103 //                              $content_query_part = "";
1104 //                      }
1105
1106                         $query = "SELECT
1107                                         ttrss_entries.id,ttrss_entries.title,
1108                                         SUBSTRING(updated,1,16) as updated,
1109                                         unread,feed_id,marked,link,last_read,
1110                                         SUBSTRING(last_read,1,19) as last_read_noms,
1111                                         $vfeed_query_part
1112                                         $content_query_part
1113                                         SUBSTRING(updated,1,19) as updated_noms
1114                                 FROM
1115                                         ttrss_entries,ttrss_user_entries,ttrss_feeds
1116                                 WHERE
1117                                 ttrss_user_entries.feed_id = ttrss_feeds.id AND
1118                                 ttrss_user_entries.ref_id = ttrss_entries.id AND
1119                                 ttrss_user_entries.owner_uid = '".$_SESSION["uid"]."' AND
1120                                 $search_query_part
1121                                 $view_query_part
1122                                 $query_strategy_part ORDER BY $order_by
1123                                 $limit_query_part";
1124
1125                         $result = db_query($link, $query);
1126
1127                         if ($_GET["debug"]) print $query;
1128
1129                 } else {
1130                         // browsing by tag
1131
1132                         $feed_kind = "Tags";
1133
1134                         $result = db_query($link, "SELECT
1135                                 ttrss_entries.id as id,title,
1136                                 SUBSTRING(updated,1,16) as updated,
1137                                 unread,feed_id,
1138                                 marked,link,last_read,
1139                                 SUBSTRING(last_read,1,19) as last_read_noms,
1140                                 $vfeed_query_part
1141                                 $content_query_part
1142                                 SUBSTRING(updated,1,19) as updated_noms
1143                                 FROM
1144                                         ttrss_entries,ttrss_user_entries,ttrss_tags
1145                                 WHERE
1146                                         ref_id = ttrss_entries.id AND
1147                                         ttrss_user_entries.owner_uid = '".$_SESSION["uid"]."' AND
1148                                         post_int_id = int_id AND tag_name = '$feed' AND
1149                                         $view_query_part
1150                                         $search_query_part
1151                                         $query_strategy_part ORDER BY $order_by
1152                                 $limit_query_part");
1153                 }
1154
1155                 if (!$result) {
1156                         print "<div align='center'>
1157                                 Could not display feed (query failed). Please check label match syntax or local configuration.</div>";
1158                         return;
1159                 }
1160
1161                 function print_headline_subtoolbar($link, $feed_site_url, $feed_title,
1162                                                 $bottom = false, $rtl_content = false) {
1163
1164                         if (!$bottom) {
1165                                 $class = "headlinesSubToolbar";
1166                                 $tid = "headlineActionsTop";
1167                         } else {
1168                                 $class = "invisible";
1169                                 $tid = "headlineActionsBottom";
1170                         }
1171
1172                         print "<table class=\"$class\" id=\"$tid\"
1173                                 width=\"100%\" cellspacing=\"0\" cellpadding=\"0\"><tr>";
1174
1175                         if ($rtl_content) {
1176                                 $rtl_cpart = "RTL";
1177                         } else {
1178                                 $rtl_cpart = "";
1179                         }
1180
1181                         if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
1182
1183                                 print "<td class=\"headlineActions$rtl_cpart\">
1184                                         Select:
1185                                                                 <a href='#' onclick=\"javascript:selectTableRowsByIdPrefix('headlinesList', 'RROW-', 'RCHK-', true, '', true)\">All</a>,
1186                                                                 <a href='#' onclick=\"javascript:selectTableRowsByIdPrefix('headlinesList', 'RROW-', 'RCHK-', true, 'Unread', true)\">Unread</a>,
1187                                                                 <a href='#' onclick=\"javascript:selectTableRowsByIdPrefix('headlinesList', 'RROW-', 'RCHK-', false)\">None</a>
1188                                                 &nbsp;&nbsp;
1189                                                 Toggle: <a href='#' onclick=\"javascript:selectionToggleUnread()\">Unread</a>,
1190                                                                 <a href='#' onclick=\"javascript:selectionToggleMarked()\">Starred</a>";
1191                                 print "</td>";
1192
1193                         } else {
1194
1195                                 print "<td class=\"headlineActions$rtl_cpart\">
1196                                         Select:
1197                                                                 <a href=\"#\" onclick=\"javascript:cdmSelectArticles('all')\">All</a>,
1198                                                                 <a href=\"#\" onclick=\"javascript:cdmSelectArticles('unread')\">Unread</a>,
1199                                                                 <a href=\"#\" onclick=\"javascript:cdmSelectArticles('none')\">None</a>
1200                                                 &nbsp;&nbsp;
1201                                                 Toggle: <a href=\"#\" onclick=\"javascript:selectionToggleUnread(true)\">Unread</a>,
1202                                                                 <a href=\"#\" onclick=\"javascript:selectionToggleMarked(true)\">Starred</a>";
1203
1204                                 print "</td>";
1205
1206                         }
1207
1208                         print "<td class=\"headlineTitle$rtl_cpart\">";
1209
1210                         if ($feed_site_url) {
1211                                 if (!$bottom) {
1212                                         $target = "target=\"_blank\"";
1213                                 }
1214                                 print "<a $target href=\"$feed_site_url\">$feed_title</a>";
1215                         } else {
1216                                 print $feed_title;
1217                         }
1218
1219                         print "</td>";
1220                         print "</tr></table>";
1221
1222                 }
1223
1224                 if (db_num_rows($result) > 0) {
1225
1226                         print_headline_subtoolbar($link, $feed_site_url, $feed_title, false,
1227                                 $rtl_content);
1228
1229                         if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
1230                                 print "<table class=\"headlinesList\" id=\"headlinesList\"
1231                                         cellspacing=\"0\" width=\"100%\">";
1232                         }
1233
1234                         $lnum = 0;
1235
1236                         error_reporting (DEFAULT_ERROR_LEVEL);
1237
1238                         $num_unread = 0;
1239
1240                         while ($line = db_fetch_assoc($result)) {
1241
1242                                 $class = ($lnum % 2) ? "even" : "odd";
1243
1244                                 $id = $line["id"];
1245                                 $feed_id = $line["feed_id"];
1246
1247                                 if ($line["last_read"] == "" &&
1248                                                 ($line["unread"] != "t" && $line["unread"] != "1")) {
1249
1250                                         $update_pic = "<img id='FUPDPIC-$id' src=\"images/updated.png\"
1251                                                 alt=\"Updated\">";
1252                                 } else {
1253                                         $update_pic = "<img id='FUPDPIC-$id' src=\"images/blank_icon.gif\"
1254                                                 alt=\"Updated\">";
1255                                 }
1256
1257                                 if ($line["unread"] == "t" || $line["unread"] == "1") {
1258                                         $class .= "Unread";
1259                                         ++$num_unread;
1260                                         $is_unread = true;
1261                                 } else {
1262                                         $is_unread = false;
1263                                 }
1264
1265                                 if ($line["marked"] == "t" || $line["marked"] == "1") {
1266                                         $marked_pic = "<img id=\"FMARKPIC-$id\" src=\"images/mark_set.png\"
1267                                                 alt=\"Reset mark\" onclick='javascript:toggleMark($id)'>";
1268                                 } else {
1269                                         $marked_pic = "<img id=\"FMARKPIC-$id\" src=\"images/mark_unset.png\"
1270                                                 alt=\"Set mark\" onclick='javascript:toggleMark($id)'>";
1271                                 }
1272
1273                                 $content_link = "<a href=\"javascript:view($id,$feed_id);\">" .
1274                                         $line["title"] . "</a>";
1275
1276                                 if (get_pref($link, 'HEADLINES_SMART_DATE')) {
1277                                         $updated_fmt = smart_date_time(strtotime($line["updated"]));
1278                                 } else {
1279                                         $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
1280                                         $updated_fmt = date($short_date, strtotime($line["updated"]));
1281                                 }
1282
1283                                 if (get_pref($link, 'SHOW_CONTENT_PREVIEW')) {
1284                                         $content_preview = truncate_string(strip_tags($line["content_preview"]),
1285                                                 100);
1286                                 }
1287
1288                                 if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
1289
1290                                         print "<tr class='$class' id='RROW-$id'>";
1291
1292                                         print "<td class='hlUpdatePic'>$update_pic</td>";
1293
1294                                         print "<td class='hlSelectRow'>
1295                                                 <input type=\"checkbox\" onclick=\"toggleSelectRow(this)\"
1296                                                         class=\"feedCheckBox\" id=\"RCHK-$id\">
1297                                                 </td>";
1298
1299                                         print "<td class='hlMarkedPic'>$marked_pic</td>";
1300
1301                                         if ($line["feed_title"]) {
1302                                                 print "<td class='hlContent'>$content_link</td>";
1303                                                 print "<td class='hlFeed'>
1304                                                         <a href='javascript:viewfeed($feed_id)'>".
1305                                                                 $line["feed_title"]."</a>&nbsp;</td>";
1306                                         } else {
1307                                                 print "<td class='hlContent' valign='middle'>";
1308
1309                                                 print "<a href=\"javascript:view($id,$feed_id);\">" .
1310                                                         $line["title"];
1311
1312                                                 if (get_pref($link, 'SHOW_CONTENT_PREVIEW') && !$rtl_tag) {
1313                                                         if ($content_preview) {
1314                                                                 print "<span class=\"contentPreview\"> - $content_preview</span>";
1315                                                         }
1316                                                 }
1317
1318                                                 print "</a>";
1319                                                 print "</td>";
1320                                         }
1321
1322                                         print "<td class=\"hlUpdated\"><nobr>$updated_fmt&nbsp;</nobr></td>";
1323
1324                                         print "</tr>";
1325
1326                                 } else {
1327
1328                                         if ($is_unread) {
1329                                                 $add_class = "Unread";
1330                                         } else {
1331                                                 $add_class = "";
1332                                         }
1333
1334                                         print "<div class=\"cdmArticle$add_class\" id=\"RROW-$id\">";
1335
1336                                         print "<div class=\"cdmHeader\">";
1337
1338                                         print "<div style=\"float : right\">$updated_fmt</div>";
1339
1340                                         print "<a target=\"new\" href=\"".$line["link"]."\">".$line["title"]."</a>";
1341
1342                                         if ($line["feed_title"]) {
1343                                                 print "&nbsp;(<a href='javascript:viewfeed($feed_id)'>".$line["feed_title"]."</a>)";
1344                                         }
1345
1346                                         print "</div>";
1347
1348                                         print "<div class=\"cdmContent\">" . $line["content_preview"] . "</div>";
1349
1350                                         print "<div style=\"float : right\">$marked_pic</div>
1351                                                 <div class=\"cdmFooter\">
1352                                                         <input type=\"checkbox\" onclick=\"toggleSelectRowById(this,
1353                                                         'RROW-$id')\" class=\"feedCheckBox\" id=\"RCHK-$id\"></div>";
1354
1355                                         print "</div>";
1356
1357                                 }
1358
1359                                 ++$lnum;
1360                         }
1361
1362                         if (!get_pref($link, 'COMBINED_DISPLAY_MODE')) {
1363                                 print "</table>";
1364                         }
1365
1366                         print_headline_subtoolbar($link,
1367                                 "javascript:catchupPage()", "Mark page as read", true, $rtl_content);
1368
1369
1370                 } else {
1371                         print "<div width='100%' align='center'>No articles found.</div>";
1372                 }
1373
1374                 print "</div>";
1375
1376                 print "<script type=\"text/javascript\">
1377                         document.onkeydown = hotkey_handler;
1378                         // if (parent.daemon_enabled) parent.updateTitle('$feed_title');
1379                         update_all_counters('$feed');
1380                 </script>";
1381
1382                 print '
1383                         <script type="text/javascript">
1384                                 /* for IE */
1385                                 function statechange() {
1386                                         if (document.readyState == "interactive") init();
1387                                 }
1388
1389                                 if (document.readyState) {
1390                                         if (document.readyState == "interactive" || document.readyState == "complete") {
1391                                                 init();
1392                                         } else {
1393                                                 document.onreadystatechange = statechange;
1394                                         }
1395                                 }
1396                         </script>';
1397
1398                 print "</body></html>";
1399         }
1400
1401         if ($op == "pref-rpc") {
1402
1403                 $subop = $_GET["subop"];
1404
1405                 if ($subop == "unread") {
1406                         $ids = split(",", db_escape_string($_GET["ids"]));
1407                         foreach ($ids as $id) {
1408                                 db_query($link, "UPDATE ttrss_user_entries SET unread = true
1409                                         WHERE feed_id = '$id' AND owner_uid = ".$_SESSION["uid"]);
1410                         }
1411
1412                         print "Marked selected feeds as unread.";
1413                 }
1414
1415                 if ($subop == "read") {
1416                         $ids = split(",", db_escape_string($_GET["ids"]));
1417                         foreach ($ids as $id) {
1418                                 db_query($link, "UPDATE ttrss_user_entries
1419                                         SET unread = false,last_read = NOW() WHERE
1420                                                 feed_id = '$id' AND owner_uid = ".$_SESSION["uid"]);
1421                         }
1422
1423                         print "Marked selected feeds as read.";
1424
1425                 }
1426
1427         }
1428
1429         if ($op == "pref-feeds") {
1430
1431                 $subop = $_REQUEST["subop"];
1432                 $quiet = $_REQUEST["quiet"];
1433
1434                 if ($subop == "massSubscribe") {
1435                         $ids = split(",", db_escape_string($_GET["ids"]));
1436
1437                         $subscribed = array();
1438
1439                         foreach ($ids as $id) {
1440                                 $result = db_query($link, "SELECT feed_url,title FROM ttrss_feeds
1441                                         WHERE id = '$id'");
1442
1443                                 $feed_url = db_fetch_result($result, 0, "feed_url");
1444                                 $title = db_fetch_result($result, 0, "title");
1445
1446                                 $result = db_query($link, "SELECT id FROM ttrss_feeds WHERE
1447                                         feed_url = '$feed_url' AND owner_uid = " . $_SESSION["uid"]);
1448
1449                                 if (db_num_rows($result) == 0) {
1450                                         $result = db_query($link,
1451                                                 "INSERT INTO ttrss_feeds (owner_uid,feed_url,title,cat_id)
1452                                                 VALUES ('".$_SESSION["uid"]."', '$feed_url', '$title', NULL)");
1453
1454                                         array_push($subscribed, $title);
1455                                 }
1456                         }
1457
1458                         if (count($subscribed) > 0) {
1459                                 print "<div class=\"notice\">";
1460                                 print "<b>Subscribed to feeds:</b>";
1461                                 print "<ul class=\"nomarks\">";
1462                                 foreach ($subscribed as $title) {
1463                                         print "<li>$title</li>";
1464                                 }
1465                                 print "</ul>";
1466                                 print "</div>";
1467                         }
1468                 }
1469
1470                 if ($subop == "browse") {
1471
1472                         if (!ENABLE_FEED_BROWSER) {
1473                                 print "Feed browser is administratively disabled.";
1474                                 return;
1475                         }
1476
1477                         print "<div class=\"infoBoxContents\">";
1478
1479                         print "<h1>Feed browser</h1>";
1480
1481                         print "<p>Showing top 50 registered feeds, sorted by popularity:</p>";
1482
1483                         $result = db_query($link, "SELECT feed_url,count(id) AS subscribers
1484                                 FROM ttrss_feeds
1485                                 WHERE auth_login = '' AND auth_pass = '' AND private = false
1486                                 GROUP BY feed_url ORDER BY subscribers DESC LIMIT 50");
1487
1488                         print "<ul class='browseFeedList' id='browseFeedList'>";
1489
1490                         $feedctr = 0;
1491
1492                         while ($line = db_fetch_assoc($result)) {
1493                                 $feed_url = $line["feed_url"];
1494                                 $subscribers = $line["subscribers"];
1495
1496                                 $sub_result = db_query($link, "SELECT id
1497                                         FROM ttrss_feeds WHERE feed_url = '$feed_url' AND owner_uid =" .
1498                                         $_SESSION["uid"]);
1499
1500                                 if (db_num_rows($sub_result) > 0) {
1501                                         continue; // already subscribed
1502                                 }
1503
1504                                 $det_result = db_query($link, "SELECT site_url,title,id
1505                                         FROM ttrss_feeds WHERE feed_url = '$feed_url' LIMIT 1");
1506
1507                                 $details = db_fetch_assoc($det_result);
1508
1509                                 $icon_file = ICONS_DIR . "/" . $details["id"] . ".ico";
1510
1511                                 if (file_exists($icon_file) && filesize($icon_file) > 0) {
1512                                                 $feed_icon = "<img class=\"tinyFeedIcon\"       src=\"" . ICONS_URL .
1513                                                         "/".$details["id"].".ico\">";
1514                                 } else {
1515                                         $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
1516                                 }
1517
1518                                 $check_box = "<input onclick='toggleSelectListRow(this)' class='feedBrowseCB'
1519                                         type=\"checkbox\" id=\"FBCHK-" . $details["id"] . "\">";
1520
1521                                 $class = ($feedctr % 2) ? "even" : "odd";
1522
1523                                 print "<li class='$class' id=\"FBROW-".$details["id"]."\">$check_box".
1524                                         "$feed_icon " . db_unescape_string($details["title"]) .
1525                                         "&nbsp;<span class='subscribers'>($subscribers)</span></li>";
1526
1527                                         ++$feedctr;
1528                         }
1529
1530                         if ($feedctr == 0) {
1531                                 print "<li>No feeds found to subscribe.</li>";
1532                         }
1533
1534                         print "</ul>";
1535
1536                         print "<div align='center'>
1537                                 <input type=\"submit\" class=\"button\"
1538                                 onclick=\"feedBrowserSubscribe()\" value=\"Subscribe\">
1539                                 <input type='submit' class='button'
1540                                 onclick=\"closeInfoBox()\" value=\"Cancel\"></div>";
1541
1542                         print "</div>";
1543                         return;
1544                 }
1545
1546                 if ($subop == "editfeed") {
1547                         $feed_id = db_escape_string($_GET["id"]);
1548
1549                         $result = db_query($link,
1550                                 "SELECT * FROM ttrss_feeds WHERE id = '$feed_id' AND
1551                                         owner_uid = " . $_SESSION["uid"]);
1552
1553                         $title = htmlspecialchars(db_unescape_string(db_fetch_result($result,
1554                                 0, "title")));
1555
1556                         print "<div class=\"infoBoxContents\">";
1557
1558                         $icon_file = ICONS_DIR . "/$feed_id.ico";
1559
1560                         if (file_exists($icon_file) && filesize($icon_file) > 0) {
1561                                         $feed_icon = "<img width=\"16\" height=\"16\"
1562                                                 src=\"" . ICONS_URL . "/$feed_id.ico\">";
1563                         } else {
1564                                 $feed_icon = "";
1565                         }
1566
1567                         print "<h1>$feed_icon $title</h1>";
1568
1569                         print "<table width='100%'>";
1570
1571                         $row_class = "odd";
1572
1573                         print "<tr class='$row_class'><td>Title:</td>";
1574                         print "<td><input id=\"iedit_title\" value=\"$title\"></td></tr>";
1575
1576                         $feed_url = db_fetch_result($result, 0, "feed_url");
1577                         $feed_url = htmlspecialchars(db_unescape_string(db_fetch_result($result,
1578                                 0, "feed_url")));
1579                         $row_class = toggleEvenOdd($row_class);
1580
1581                         print "<tr class='$row_class'><td>Feed URL:</td>";
1582                         print "<td><input id=\"iedit_link\" value=\"$feed_url\"></td></tr>";
1583
1584                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
1585
1586                                 $cat_id = db_fetch_result($result, 0, "cat_id");
1587
1588                                 $row_class = toggleEvenOdd($row_class);
1589
1590                                 print "<tr class='$row_class'><td>Category:</td>";
1591                                 print "<td>";
1592                                 print "<select id=\"iedit_fcat\">";
1593                                 print "<option id=\"0\">Uncategorized</option>";
1594
1595                                 $tmp_result = db_query($link, "SELECT id,title FROM ttrss_feed_categories
1596                                         WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY title");
1597
1598                                 if (db_num_rows($tmp_result) > 0) {
1599                                         print "<option disabled>--------</option>";
1600                                 }
1601
1602                                 while ($tmp_line = db_fetch_assoc($tmp_result)) {
1603                                         if ($tmp_line["id"] == $cat_id) {
1604                                                 $is_selected = "selected";
1605                                         } else {
1606                                                 $is_selected = "";
1607                                         }
1608                                         printf("<option $is_selected id='%d'>%s</option>",
1609                                                 $tmp_line["id"], $tmp_line["title"]);
1610                                 }
1611
1612                                 print "</select></td>";
1613                                 print "</td></tr>";
1614
1615                         }
1616
1617                         $update_interval = db_fetch_result($result, 0, "update_interval");
1618                         $row_class = toggleEvenOdd($row_class);
1619
1620                         print "<tr class='$row_class'><td>Update Interval:</td>";
1621 //                      print "<td><input id=\"iedit_updintl\"
1622 //                              value=\"$update_interval\"></td></tr>";
1623
1624                         print "<td>";
1625
1626                         print "<select id=\"iedit_updintl\">";
1627
1628                         foreach (array_keys($update_intervals) as $i) {
1629
1630                                 if ($i == $update_interval) {
1631                                         $selected = "selected";
1632                                 } else {
1633                                         $selected = "";
1634                                 }
1635                                 print "<option $selected id=\"$i\">" . $update_intervals[$i] . "</option>";
1636                         }
1637
1638                         print "</select>";
1639
1640                         print "</td>";
1641
1642                         $row_class = toggleEvenOdd($row_class);
1643                         print "<tr class='$row_class'><td>Link to:</td>";
1644
1645                         $tmp_result = db_query($link, "SELECT COUNT(id) AS count
1646                                 FROM ttrss_feeds WHERE parent_feed = '$feed_id'");
1647
1648                         $linked_count = db_fetch_result($tmp_result, 0, "count");
1649
1650                         $parent_feed = db_fetch_result($result, 0, "parent_feed");
1651
1652                         if ($linked_count > 0) {
1653                                 $disabled = "disabled";
1654                         }
1655
1656                         print "<select $disabled  id=\"iedit_parent_feed\">";
1657
1658                         print "<option id=\"0\">Not linked</option>";
1659
1660                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
1661                                 if ($cat_id) {
1662                                         $cat_qpart = "AND cat_id = '$cat_id'";
1663                                 } else {
1664                                         $cat_qpart = "AND cat_id IS NULL";
1665                                 }
1666                         }
1667
1668                         $tmp_result = db_query($link, "SELECT id,title FROM ttrss_feeds
1669                                 WHERE id != '$feed_id' AND owner_uid = ".$_SESSION["uid"]."
1670                                         $cat_qpart ORDER BY title");
1671
1672                                 if (db_num_rows($tmp_result) > 0) {
1673                                         print "<option disabled>--------</option>";
1674                                 }
1675
1676                                 while ($tmp_line = db_fetch_assoc($tmp_result)) {
1677                                         if ($tmp_line["id"] == $parent_feed) {
1678                                                 $is_selected = "selected";
1679                                         } else {
1680                                                 $is_selected = "";
1681                                         }
1682                                         printf("<option $is_selected id='%d'>%s</option>",
1683                                                 $tmp_line["id"], $tmp_line["title"]);
1684                                 }
1685
1686                                 print "</select></td>";
1687                                 print "</td></tr>";
1688
1689                         $purge_interval = db_fetch_result($result, 0, "purge_interval");
1690                         $row_class = toggleEvenOdd($row_class);
1691
1692                         print "<tr class='$row_class'><td>Purge Days:</td>";
1693 //                      print "<td><input id=\"iedit_purgintl\"
1694 //                              value=\"$purge_interval\"></td></tr>";
1695
1696                         print "<td>";
1697
1698                         print "<select id=\"iedit_purgintl\">";
1699
1700                         foreach (array_keys($purge_intervals) as $i) {
1701
1702                                 if ($i == $purge_interval) {
1703                                         $selected = "selected";
1704                                 } else {
1705                                         $selected = "";
1706                                 }
1707                                 print "<option $selected id=\"$i\">" . $purge_intervals[$i] . "</option>";
1708                         }
1709
1710                         print "</select>";
1711
1712                         print "</td>";
1713
1714 //                      print "<tr><td colspan=\"2\"><b>Authentication</b></td></tr>";
1715
1716                         $row_class = toggleEvenOdd($row_class);
1717                         $auth_login = db_fetch_result($result, 0, "auth_login");
1718
1719                         print "<tr class='$row_class'><td>Login:</td>";
1720                         print "<td><input id=\"iedit_login\"
1721                                 value=\"$auth_login\"></td></tr>";
1722
1723                         $row_class = toggleEvenOdd($row_class);
1724                         $auth_pass = db_fetch_result($result, 0, "auth_pass");
1725
1726                         print "<tr class='$row_class'><td>Password:</td>";
1727                         print "<td><input type=\"password\" id=\"iedit_pass\"
1728                                 value=\"$auth_pass\"></td></tr>";
1729
1730                         $row_class = toggleEvenOdd($row_class);
1731                         $private = sql_bool_to_bool(db_fetch_result($result, 0, "private"));
1732
1733                         if ($private) {
1734                                 $checked = "checked";
1735                         } else {
1736                                 $checked = "";
1737                         }
1738
1739                         print "<tr class='$row_class'><td valign='top'>Options:</td>";
1740                         print "<td><input type=\"checkbox\" id=\"iedit_private\"
1741                                 $checked><label for=\"iedit_private\">Hide from feed browser</label>";
1742
1743                         $rtl_content = sql_bool_to_bool(db_fetch_result($result, 0, "rtl_content"));
1744
1745                         if ($rtl_content) {
1746                                 $checked = "checked";
1747                         } else {
1748                                 $checked = "";
1749                         }
1750
1751                         print "<br><input type=\"checkbox\" id=\"iedit_rtl\"
1752                                 $checked><label for=\"iedit_rtl\">Right-to-left content</label>";
1753
1754                         print "</td></tr>";
1755
1756                         print "</table>";
1757                         print "</div>";
1758
1759                         print "<div align='center'>
1760                                 <input type=\"submit\" class=\"button\"
1761                                 onclick=\"feedEditSave()\" value=\"Save\">
1762                                 <input type='submit' class='button'
1763                                 onclick=\"feedEditCancel()\" value=\"Cancel\"></div>";
1764                         return;
1765                 }
1766
1767                 if ($subop == "editSave") {
1768                         $feed_title = db_escape_string($_POST["t"]);
1769                         $feed_link = db_escape_string($_POST["l"]);
1770                         $upd_intl = db_escape_string($_POST["ui"]);
1771                         $purge_intl = db_escape_string($_POST["pi"]);
1772                         $feed_id = db_escape_string($_POST["id"]);
1773                         $cat_id = db_escape_string($_POST["catid"]);
1774                         $auth_login = db_escape_string($_POST["login"]);
1775                         $auth_pass = db_escape_string($_POST["pass"]);
1776                         $parent_feed = db_escape_string($_POST["pfeed"]);
1777                         $private = db_escape_string($_POST["is_pvt"]);
1778                         $rtl_content = db_escape_string($_POST["is_rtl"]);
1779
1780                         if (strtoupper($upd_intl) == "DEFAULT")
1781                                 $upd_intl = 0;
1782
1783                         if (strtoupper($upd_intl) == "DISABLED")
1784                                 $upd_intl = -1;
1785
1786                         if (strtoupper($purge_intl) == "DEFAULT")
1787                                 $purge_intl = 0;
1788
1789                         if (strtoupper($purge_intl) == "DISABLED")
1790                                 $purge_intl = -1;
1791
1792                         if ($cat_id != 0) {
1793                                 $category_qpart = "cat_id = '$cat_id'";
1794                         } else {
1795                                 $category_qpart = 'cat_id = NULL';
1796                         }
1797
1798                         if ($parent_feed != 0) {
1799                                 $parent_qpart = "parent_feed = '$parent_feed'";
1800                         } else {
1801                                 $parent_qpart = 'parent_feed = NULL';
1802                         }
1803
1804                         $result = db_query($link, "UPDATE ttrss_feeds SET
1805                                 $category_qpart,
1806                                 $parent_qpart,
1807                                 title = '$feed_title', feed_url = '$feed_link',
1808                                 update_interval = '$upd_intl',
1809                                 purge_interval = '$purge_intl',
1810                                 auth_login = '$auth_login',
1811                                 auth_pass = '$auth_pass',
1812                                 private = $private,
1813                                 rtl_content = $rtl_content
1814                                 WHERE id = '$feed_id' AND owner_uid = " . $_SESSION["uid"]);
1815                 }
1816
1817                 if ($subop == "saveCat") {
1818                         $cat_title = db_escape_string($_GET["title"]);
1819                         $cat_id = db_escape_string($_GET["id"]);
1820
1821                         $result = db_query($link, "UPDATE ttrss_feed_categories SET
1822                                 title = '$cat_title' WHERE id = '$cat_id' AND owner_uid = ".$_SESSION["uid"]);
1823
1824                 }
1825
1826                 if ($subop == "remove") {
1827
1828                         if (!WEB_DEMO_MODE) {
1829
1830                                 $ids = split(",", db_escape_string($_GET["ids"]));
1831
1832                                 foreach ($ids as $id) {
1833                                         db_query($link, "DELETE FROM ttrss_feeds
1834                                                 WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
1835
1836                                         $icons_dir = ICONS_DIR;
1837
1838                                         if (file_exists($icons_dir . "/$id.ico")) {
1839                                                 unlink($icons_dir . "/$id.ico");
1840                                         }
1841                                 }
1842                         }
1843                 }
1844
1845                 if ($subop == "add") {
1846
1847                         if (!WEB_DEMO_MODE) {
1848
1849                                 $feed_link = db_escape_string(trim($_GET["link"]));
1850                                 $cat_id = db_escape_string($_GET["cid"]);
1851
1852                                 if ($cat_id == "0" || !$cat_id) {
1853                                         $cat_qpart = "NULL";
1854                                 } else {
1855                                         $cat_qpart = "'$cat_id'";
1856                                 }
1857
1858                                 $result = db_query($link,
1859                                         "SELECT id FROM ttrss_feeds
1860                                         WHERE feed_url = '$feed_link' AND owner_uid = ".$_SESSION["uid"]);
1861
1862                                 if (db_num_rows($result) == 0) {
1863
1864                                         $result = db_query($link,
1865                                                 "INSERT INTO ttrss_feeds (owner_uid,feed_url,title,cat_id)
1866                                                 VALUES ('".$_SESSION["uid"]."', '$feed_link',
1867                                                 '[Unknown]', $cat_qpart)");
1868
1869                                         $result = db_query($link,
1870                                                 "SELECT id FROM ttrss_feeds WHERE feed_url = '$feed_link'
1871                                                 AND owner_uid = " . $_SESSION["uid"]);
1872
1873                                         $feed_id = db_fetch_result($result, 0, "id");
1874
1875                                         if ($feed_id) {
1876                                                 update_rss_feed($link, $feed_link, $feed_id, true);
1877                                         }
1878                                 } else {
1879
1880                                         print "<div class=\"warning\">
1881                                                 Feed <b>$feed_link</b> already exists in the database.
1882                                         </div>";
1883                                 }
1884                         }
1885                 }
1886
1887                 if ($subop == "addCat") {
1888
1889                         if (!WEB_DEMO_MODE) {
1890
1891                                 $feed_cat = db_escape_string(trim($_GET["cat"]));
1892
1893                                 $result = db_query($link,
1894                                         "SELECT id FROM ttrss_feed_categories
1895                                         WHERE title = '$feed_cat' AND owner_uid = ".$_SESSION["uid"]);
1896
1897                                 if (db_num_rows($result) == 0) {
1898
1899                                         $result = db_query($link,
1900                                                 "INSERT INTO ttrss_feed_categories (owner_uid,title)
1901                                                 VALUES ('".$_SESSION["uid"]."', '$feed_cat')");
1902
1903                                 } else {
1904
1905                                         print "<div class=\"warning\">
1906                                                 Category <b>$feed_cat</b> already exists in the database.
1907                                         </div>";
1908                                 }
1909
1910
1911                         }
1912                 }
1913
1914                 if ($subop == "removeCats") {
1915
1916                         if (!WEB_DEMO_MODE) {
1917
1918                                 $ids = split(",", db_escape_string($_GET["ids"]));
1919
1920                                 foreach ($ids as $id) {
1921
1922                                         db_query($link, "BEGIN");
1923
1924                                         $result = db_query($link,
1925                                                 "SELECT count(id) as num_feeds FROM ttrss_feeds
1926                                                         WHERE cat_id = '$id'");
1927
1928                                         $num_feeds = db_fetch_result($result, 0, "num_feeds");
1929
1930                                         if ($num_feeds == 0) {
1931                                                 db_query($link, "DELETE FROM ttrss_feed_categories
1932                                                         WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
1933                                         } else {
1934
1935                                                 print "<div class=\"warning\">
1936                                                         Unable to delete non empty feed categories.</div>";
1937
1938                                         }
1939
1940                                         db_query($link, "COMMIT");
1941                                 }
1942                         }
1943                 }
1944
1945                 if ($subop == "categorize") {
1946
1947                         if (!WEB_DEMO_MODE) {
1948
1949                                 $ids = split(",", db_escape_string($_GET["ids"]));
1950
1951                                 $cat_id = db_escape_string($_GET["cat_id"]);
1952
1953                                 if ($cat_id == 0) {
1954                                         $cat_id_qpart = 'NULL';
1955                                 } else {
1956                                         $cat_id_qpart = "'$cat_id'";
1957                                 }
1958
1959                                 db_query($link, "BEGIN");
1960
1961                                 foreach ($ids as $id) {
1962
1963                                         db_query($link, "UPDATE ttrss_feeds SET cat_id = $cat_id_qpart
1964                                                 WHERE id = '$id' AND owner_uid = " . $_SESSION["uid"]);
1965                                 }
1966
1967                                 db_query($link, "COMMIT");
1968                         }
1969
1970                 }
1971
1972                 if ($quiet) return;
1973
1974 //              print "<h3>Edit Feeds</h3>";
1975
1976                 $result = db_query($link, "SELECT id,title,feed_url,last_error
1977                         FROM ttrss_feeds WHERE last_error != '' AND owner_uid = ".$_SESSION["uid"]);
1978
1979                 if (db_num_rows($result) > 0) {
1980
1981                         print "<div class=\"warning\">";
1982
1983 //                      print"<img class=\"closeButton\"
1984 //                              onclick=\"javascript:hideParentElement(this);\" src=\"images/close.png\">";
1985
1986                         print "<a href=\"javascript:showBlockElement('feedUpdateErrors')\">
1987                                 <b>Feeds with update errors</b> (click to expand)</a>";
1988
1989                         print "<ul id=\"feedUpdateErrors\" class=\"nomarks\">";
1990
1991                         while ($line = db_fetch_assoc($result)) {
1992                                 print "<li>" . $line["title"] . " (" . $line["feed_url"] . "): " .
1993                                         $line["last_error"];
1994                         }
1995
1996                         print "</ul>";
1997                         print "</div>";
1998
1999                 }
2000
2001                 $feed_search = db_escape_string($_GET["search"]);
2002
2003                 if (array_key_exists("search", $_GET)) {
2004                         $_SESSION["prefs_feed_search"] = $feed_search;
2005                 } else {
2006                         $feed_search = $_SESSION["prefs_feed_search"];
2007                 }
2008
2009                 print "<table width='100%' class=\"prefGenericAddBox\"
2010                         cellspacing='0' cellpadding='0'><tr>
2011                         <td>
2012                                 <input id=\"fadd_link\"
2013                                 onchange=\"javascript:addFeed()\"
2014                                 size=\"40\">
2015                                 <input type=\"submit\" class=\"button\"
2016                                 onclick=\"javascript:addFeed()\" value=\"Add feed\">";
2017
2018                 if (ENABLE_FEED_BROWSER) {
2019                         print "&nbsp;(<a href='javascript:browseFeeds()'>Top 50</a>)";
2020                 }
2021
2022                 print "</td><td align='right'>
2023                                 <input id=\"feed_search\" size=\"20\"
2024                                 onchange=\"javascript:updateFeedList()\"
2025                                 value=\"$feed_search\">
2026                                 <input type=\"submit\" class=\"button\"
2027                                 onclick=\"javascript:updateFeedList()\" value=\"Search\">
2028                         </td>
2029                         </tr></table>";
2030
2031                 $feeds_sort = db_escape_string($_GET["sort"]);
2032
2033                 if (!$feeds_sort || $feeds_sort == "undefined") {
2034                         $feeds_sort = $_SESSION["pref_sort_feeds"];
2035                         if (!$feeds_sort) $feeds_sort = "title";
2036                 }
2037
2038                 $_SESSION["pref_sort_feeds"] = $feeds_sort;
2039
2040                 if ($feed_search) {
2041                         $search_qpart = "(UPPER(F1.title) LIKE UPPER('%$feed_search%') OR
2042                                 UPPER(F1.feed_url) LIKE UPPER('%$feed_search%')) AND";
2043                 } else {
2044                         $search_qpart = "";
2045                 }
2046
2047                 $result = db_query($link, "SELECT
2048                                 F1.id,
2049                                 F1.title,
2050                                 F1.feed_url,
2051                                 substring(F1.last_updated,1,16) AS last_updated,
2052                                 F1.parent_feed,
2053                                 F1.update_interval,
2054                                 F1.purge_interval,
2055                                 F1.cat_id,
2056                                 F2.title AS parent_title,
2057                                 C1.title AS category
2058                         FROM
2059                                 ttrss_feeds AS F1
2060                                 LEFT JOIN ttrss_feeds AS F2
2061                                         ON (F1.parent_feed = F2.id)
2062                                 LEFT JOIN ttrss_feed_categories AS C1
2063                                         ON (F1.cat_id = C1.id)
2064                         WHERE
2065                                 $search_qpart F1.owner_uid = '".$_SESSION["uid"]."'
2066                         ORDER by category,$feeds_sort,title");
2067
2068                 if (db_num_rows($result) != 0) {
2069
2070                         print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
2071
2072                         print "<p><table width=\"100%\" cellspacing=\"0\"
2073                                 class=\"prefFeedList\" id=\"prefFeedList\">";
2074                         print "<tr><td class=\"selectPrompt\" colspan=\"8\">
2075                                 Select:
2076                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFeedList',
2077                                                 'FEEDR-', 'FRCHK-', true)\">All</a>,
2078                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFeedList',
2079                                                 'FEEDR-', 'FRCHK-', false)\">None</a>
2080                                 </td</tr>";
2081
2082                         if (!get_pref($link, 'ENABLE_FEED_CATS')) {
2083                                 print "<tr class=\"title\">
2084                                         <td width='5%' align='center'>&nbsp;</td>
2085                                         <td width='30%'><a href=\"javascript:updateFeedList('title')\">Title</a></td>
2086                                         <td width='30%'><a href=\"javascript:updateFeedList('feed_url')\">Feed</a></td>
2087                                         <td width='15%'><a href=\"javascript:updateFeedList('update_interval')\">Update Interval</a></td>
2088                                         <td width='15%'><a href=\"javascript:updateFeedList('purge_interval')\">Purge Interval</a></td></tr>";
2089                         }
2090
2091                         $lnum = 0;
2092
2093                         $cur_cat_id = -1;
2094
2095                         while ($line = db_fetch_assoc($result)) {
2096
2097                                 $feed_id = $line["id"];
2098                                 $cat_id = $line["cat_id"];
2099
2100                                 $edit_title = htmlspecialchars(db_unescape_string($line["title"]));
2101                                 $edit_link = htmlspecialchars(db_unescape_string($line["feed_url"]));
2102                                 $edit_cat = htmlspecialchars(db_unescape_string($line["category"]));
2103
2104 //                              if ($line["update_interval"] == "0") $line["update_interval"] = "Default";
2105 //                              if ($line["update_interval"] == "-1") $line["update_interval"] = "Disabled";
2106 //                              if ($line["purge_interval"] == "0") $line["purge_interval"] = "Default";
2107 //                              if ($line["purge_interval"] < 0)        $line["purge_interval"] = "Disabled";
2108
2109                                 if (!$edit_cat) $edit_cat = "Uncategorized";
2110
2111                                 if (get_pref($link, 'ENABLE_FEED_CATS') && $cur_cat_id != $cat_id) {
2112                                         $lnum = 0;
2113
2114                                         print "<tr><td colspan=\"6\" class=\"feedEditCat\">$edit_cat</td></tr>";
2115
2116                                         print "<tr class=\"title\">
2117                                                 <td width='5%' align='center'>&nbsp;</td>
2118                                                 <td width='30%'><a href=\"javascript:updateFeedList('title')\">Title</a></td>
2119                                                 <td width='30%'><a href=\"javascript:updateFeedList('feed_url')\">Feed</a></td>
2120                                                 <td width='15%'><a href=\"javascript:updateFeedList('update_interval')\">Update Interval</a></td>
2121                                                 <td width='15%'><a href=\"javascript:updateFeedList('purge_interval')\">Purge Interval</a></td></tr>";
2122
2123                                         $cur_cat_id = $cat_id;
2124                                 }
2125
2126                                 $class = ($lnum % 2) ? "even" : "odd";
2127                                 $this_row_id = "id=\"FEEDR-$feed_id\"";
2128
2129                                 print "<tr class=\"$class\" $this_row_id>";
2130
2131                                 $icon_file = ICONS_DIR . "/$feed_id.ico";
2132
2133                                 if (file_exists($icon_file) && filesize($icon_file) > 0) {
2134                                                 $feed_icon = "<img class=\"tinyFeedIcon\"       src=\"" . ICONS_URL . "/$feed_id.ico\">";
2135                                 } else {
2136                                         $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
2137                                 }
2138 //                              print "<td class='feedIcon'>$feed_icon</td>";
2139
2140                                 print "<td class='feedSelect'><input onclick='toggleSelectRow(this);'
2141                                 type=\"checkbox\" id=\"FRCHK-".$line["id"]."\"></td>";
2142
2143                                 $edit_title = truncate_string($edit_title, 40);
2144                                 $edit_link = truncate_string($edit_link, 60);
2145
2146                                 $parent_title = $line["parent_title"];
2147                                 if ($parent_title) {
2148                                         $parent_title = "<span class='groupPrompt'>(linked to
2149                                                 $parent_title)</span>";
2150                                 }
2151
2152                                 print "<td><a href=\"javascript:editFeed($feed_id);\">" .
2153                                         "$feed_icon $edit_title $parent_title" . "</a></td>";
2154
2155                                 print "<td><a href=\"javascript:editFeed($feed_id);\">" .
2156                                         $edit_link . "</a></td>";
2157
2158 /*                              if (get_pref($link, 'ENABLE_FEED_CATS')) {
2159                                         print "<td><a href=\"javascript:editFeed($feed_id);\">" .
2160                                                 $edit_cat . "</a></td>";
2161                                 } */
2162
2163                                 print "<td><a href=\"javascript:editFeed($feed_id);\">" .
2164                                         $update_intervals[$line["update_interval"]] . "</a></td>";
2165
2166                                 print "<td><a href=\"javascript:editFeed($feed_id);\">" .
2167                                         $purge_intervals[$line["purge_interval"]] . "</a></td>";
2168
2169                                 print "</tr>";
2170
2171                                 ++$lnum;
2172                         }
2173
2174                         print "</table>";
2175
2176                         print "<p>";
2177
2178                         if ($subop == "edit") {
2179                                 print "Edit feed:&nbsp;
2180                                         <input type=\"submit\" class=\"button\"
2181                                                 onclick=\"javascript:feedEditCancel()\" value=\"Cancel\">
2182                                         <input type=\"submit\" class=\"button\"
2183                                                 onclick=\"javascript:feedEditSave()\" value=\"Save\">";
2184                         } else {
2185
2186                                 print "
2187                                         Selection:&nbsp;
2188                                 <input type=\"submit\" class=\"button\"
2189                                         onclick=\"javascript:selectedFeedDetails()\" value=\"Details\">
2190                                 <input type=\"submit\" class=\"button\"
2191                                         onclick=\"javascript:editSelectedFeed()\" value=\"Edit\">
2192                                 <input type=\"submit\" class=\"button\"
2193                                         onclick=\"javascript:removeSelectedFeeds()\" value=\"Remove\">";
2194
2195                                 if (get_pref($link, 'ENABLE_FEED_CATS')) {
2196
2197                                         print "&nbsp;&nbsp;";
2198
2199                                         $result = db_query($link, "SELECT title,id FROM ttrss_feed_categories
2200                                                 WHERE owner_uid = ".$_SESSION["uid"]."
2201                                                 ORDER BY title");
2202
2203                                         print "<select id=\"sfeed_set_fcat\">";
2204                                         print "<option id=\"0\">Uncategorized</option>";
2205
2206                                         if (db_num_rows($result) != 0) {
2207
2208                                                 print "<option disabled>--------</option>";
2209
2210                                                 while ($line = db_fetch_assoc($result)) {
2211                                                         printf("<option id='%d'>%s</option>",
2212                                                                 $line["id"], $line["title"]);
2213                                                 }
2214                                         }
2215
2216                                         print "</select>";
2217
2218                                         print " <input type=\"submit\" class=\"button\"
2219                                         onclick=\"javascript:categorizeSelectedFeeds()\" value=\"Set category\">";
2220
2221                                 }
2222
2223                                 if (get_pref($link, 'ENABLE_PREFS_CATCHUP_UNCATCHUP')) {
2224                                         print "
2225                                         <input type=\"submit\" class=\"button\"
2226                                                 onclick=\"javascript:readSelectedFeeds(true)\" value=\"Mark as read\">
2227                                         <input type=\"submit\" class=\"button\"
2228                                                 onclick=\"javascript:readSelectedFeeds(false)\"
2229                                                 value=\"Mark as unread\">&nbsp;";
2230                                 }
2231
2232                                 print "
2233                                         &nbsp;All feeds: <input type=\"submit\"
2234                                                         class=\"button\" onclick=\"gotoExportOpml()\"
2235                                                         value=\"Export OPML\">";
2236                                 }
2237                 } else {
2238
2239                         print "<p>No feeds defined.</p>";
2240
2241                 }
2242
2243                 if (get_pref($link, 'ENABLE_FEED_CATS')) {
2244
2245                         print "<h3>Edit Categories</h3>";
2246
2247         //              print "<h3>Categories</h3>";
2248
2249                         print "<div class=\"prefGenericAddBox\">
2250                                 <input id=\"fadd_cat\"
2251                                         onchange=\"javascript:addFeedCat()\"
2252                                         size=\"40\">&nbsp;
2253                                 <input
2254                                         type=\"submit\" class=\"button\"
2255                                         onclick=\"javascript:addFeedCat()\" value=\"Add category\"></div>";
2256
2257                         $result = db_query($link, "SELECT title,id FROM ttrss_feed_categories
2258                                 WHERE owner_uid = ".$_SESSION["uid"]."
2259                                 ORDER BY title");
2260
2261                         if (db_num_rows($result) != 0) {
2262
2263                                 print "<p><table width=\"100%\" class=\"prefFeedCatList\"
2264                                         cellspacing=\"0\" id=\"prefFeedCatList\">";
2265
2266                                 print "<tr><td class=\"selectPrompt\" colspan=\"8\">
2267                                 Select:
2268                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFeedCatList',
2269                                                 'FCATR-', 'FCCHK-', true)\">All</a>,
2270                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFeedCatList',
2271                                                 'FCATR-', 'FCCHK-', false)\">None</a>
2272                                 </td</tr>";
2273
2274                                 print "<tr class=\"title\">
2275                                                         <td width=\"5%\"></td><td width=\"80%\">Title</td>
2276                                                 </tr>";
2277
2278                                 $lnum = 0;
2279
2280                                 while ($line = db_fetch_assoc($result)) {
2281
2282                                         $class = ($lnum % 2) ? "even" : "odd";
2283
2284                                         $cat_id = $line["id"];
2285
2286                                         $edit_cat_id = $_GET["id"];
2287
2288                                         if ($subop == "editCat" && $cat_id != $edit_cat_id) {
2289                                                 $class .= "Grayed";
2290                                                 $this_row_id = "";
2291                                         } else {
2292                                                 $this_row_id = "id=\"FCATR-$cat_id\"";
2293                                         }
2294
2295                                         print "<tr class=\"$class\" $this_row_id>";
2296
2297                                         $edit_title = htmlspecialchars(db_unescape_string($line["title"]));
2298
2299                                         if (!$edit_cat_id || $subop != "editCat") {
2300
2301                                                 print "<td align='center'><input onclick='toggleSelectRow(this);'
2302                                                 type=\"checkbox\" id=\"FCCHK-".$line["id"]."\"></td>";
2303
2304                                                 print "<td><a href=\"javascript:editFeedCat($cat_id);\">" .
2305                                                         $edit_title . "</a></td>";
2306
2307                                         } else if ($cat_id != $edit_cat_id) {
2308
2309                                                 print "<td><input disabled=\"true\" type=\"checkbox\"
2310                                                         id=\"FRCHK-".$line["id"]."\"></td>";
2311
2312                                                 print "<td>$edit_title</td>";
2313
2314                                         } else {
2315
2316                                                 print "<td><input disabled=\"true\" type=\"checkbox\" checked></td>";
2317
2318                                                 print "<td><input id=\"iedit_title\" value=\"$edit_title\"></td>";
2319
2320                                         }
2321
2322                                         print "</tr>";
2323
2324                                         ++$lnum;
2325                                 }
2326
2327                                 print "</table>";
2328
2329                                 print "<p>";
2330
2331                                 if ($subop == "editCat") {
2332                                         print "Edit category:&nbsp;
2333                                                 <input type=\"submit\" class=\"button\"
2334                                                         onclick=\"javascript:feedCatEditCancel()\" value=\"Cancel\">
2335                                                 <input type=\"submit\" class=\"button\"
2336                                                         onclick=\"javascript:feedCatEditSave()\" value=\"Save\">";
2337                                         } else {
2338
2339                                         print "
2340                                                 Selection:&nbsp;
2341                                         <input type=\"submit\" class=\"button\"
2342                                                 onclick=\"javascript:editSelectedFeedCat()\" value=\"Edit\">
2343                                         <input type=\"submit\" class=\"button\"
2344                                                 onclick=\"javascript:removeSelectedFeedCats()\" value=\"Remove\">";
2345
2346                                 }
2347
2348                         } else {
2349                                 print "<p>No feed categories defined.</p>";
2350                         }
2351                 }
2352
2353                 print "<h3>Import OPML</h3>
2354                 <form   enctype=\"multipart/form-data\" method=\"POST\" action=\"opml.php\">
2355                         File: <input id=\"opml_file\" name=\"opml_file\" type=\"file\">&nbsp;
2356                         <input class=\"button\" name=\"op\" onclick=\"return validateOpmlImport();\"
2357                                 type=\"submit\" value=\"Import\">
2358                         </form>";
2359
2360         }
2361
2362         if ($op == "pref-filters") {
2363
2364                 $subop = $_GET["subop"];
2365                 $quiet = $_GET["quiet"];
2366
2367                 if ($subop == "editSave") {
2368
2369                         $regexp = db_escape_string($_GET["r"]);
2370                         $descr = db_escape_string($_GET["d"]);
2371                         $match = db_escape_string($_GET["m"]);
2372                         $filter_id = db_escape_string($_GET["id"]);
2373                         $feed_id = db_escape_string($_GET["fid"]);
2374                         $action_id = db_escape_string($_GET["aid"]);
2375
2376                         if (!$feed_id) {
2377                                 $feed_id = 'NULL';
2378                         } else {
2379                                 $feed_id = sprintf("'%s'", db_escape_string($feed_id));
2380                         }
2381
2382                         $result = db_query($link, "UPDATE ttrss_filters SET
2383                                 reg_exp = '$regexp',
2384                                 description = '$descr',
2385                                 feed_id = $feed_id,
2386                                 action_id = '$action_id',
2387                                 filter_type = (SELECT id FROM ttrss_filter_types WHERE
2388                                         description = '$match')
2389                                 WHERE id = '$filter_id'");
2390                 }
2391
2392                 if ($subop == "remove") {
2393
2394                         if (!WEB_DEMO_MODE) {
2395
2396                                 $ids = split(",", db_escape_string($_GET["ids"]));
2397
2398                                 foreach ($ids as $id) {
2399                                         db_query($link, "DELETE FROM ttrss_filters WHERE id = '$id'");
2400
2401                                 }
2402                         }
2403                 }
2404
2405                 if ($subop == "add") {
2406
2407                         if (!WEB_DEMO_MODE) {
2408
2409                                 $regexp = db_escape_string(trim($_GET["regexp"]));
2410                                 $match = db_escape_string(trim($_GET["match"]));
2411                                 $feed_id = db_escape_string($_GET["fid"]);
2412                                 $action_id = db_escape_string($_GET["aid"]);
2413
2414                                 if (!$feed_id) {
2415                                         $feed_id = 'NULL';
2416                                 } else {
2417                                         $feed_id = sprintf("'%s'", db_escape_string($feed_id));
2418                                 }
2419
2420                                 $result = db_query($link,
2421                                         "INSERT INTO ttrss_filters (reg_exp,filter_type,owner_uid,feed_id,
2422                                                 action_id)
2423                                         VALUES
2424                                                 ('$regexp', (SELECT id FROM ttrss_filter_types WHERE
2425                                                         description = '$match'),'".$_SESSION["uid"]."',
2426                                                         $feed_id, '$action_id')");
2427                         }
2428                 }
2429
2430                 if ($quiet) return;
2431
2432                 $result = db_query($link, "SELECT description
2433                         FROM ttrss_filter_types ORDER BY description");
2434
2435                 $filter_types = array();
2436
2437                 while ($line = db_fetch_assoc($result)) {
2438                         array_push($filter_types, $line["description"]);
2439                 }
2440
2441                 print "<div class=\"prefGenericAddBox\">
2442                 <input id=\"fadd_regexp\" size=\"40\">&nbsp;";
2443
2444                 print_select("fadd_match", "Title", $filter_types);
2445
2446                 print "&nbsp;<select id=\"fadd_feed\">";
2447
2448                 print "<option selected id=\"0\">All feeds</option>";
2449
2450                 $result = db_query($link, "SELECT id,title FROM ttrss_feeds
2451                         WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY title");
2452
2453                 if (db_num_rows($result) > 0) {
2454                         print "<option disabled>--------</option>";
2455                 }
2456
2457                 while ($line = db_fetch_assoc($result)) {
2458                         printf("<option id='%d'>%s</option>", $line["id"], $line["title"]);
2459                 }
2460
2461                 print "</select>&nbsp;";
2462
2463                 print "&nbsp;Action: ";
2464
2465                 print "<select id=\"fadd_action\">";
2466
2467                 $result = db_query($link, "SELECT id,description FROM ttrss_filter_actions
2468                         ORDER BY name");
2469
2470                 while ($line = db_fetch_assoc($result)) {
2471                         printf("<option id='%d'>%s</option>", $line["id"], $line["description"]);
2472                 }
2473
2474                 print "</select>&nbsp;";
2475
2476 /*              print "<input type=\"submit\"
2477                         class=\"button\" onclick=\"javascript:testFilter()\"
2478                         value=\"Test filter\"> "; */
2479
2480                 print "<input type=\"submit\"
2481                         class=\"button\" onclick=\"javascript:addFilter()\"
2482                         value=\"Add filter\">";
2483
2484                 print "</div>";
2485
2486                 $result = db_query($link, "SELECT
2487                                 ttrss_filters.id AS id,reg_exp,
2488                                 ttrss_filters.description AS description,
2489                                 ttrss_filter_types.name AS filter_type_name,
2490                                 ttrss_filter_types.description AS filter_type_descr,
2491                                 feed_id,
2492                                 ttrss_filter_actions.description AS action_description,
2493                                 ttrss_feeds.title AS feed_title
2494                         FROM
2495                                 ttrss_filter_types,ttrss_filter_actions,ttrss_filters LEFT JOIN
2496                                         ttrss_feeds ON (ttrss_filters.feed_id = ttrss_feeds.id)
2497                         WHERE
2498                                 filter_type = ttrss_filter_types.id AND
2499                                 ttrss_filter_actions.id = action_id AND
2500                                 ttrss_filters.owner_uid = ".$_SESSION["uid"]."
2501                         ORDER by reg_exp");
2502
2503                 if (db_num_rows($result) != 0) {
2504
2505                         print "<p><table width=\"100%\" cellspacing=\"0\" class=\"prefFilterList\"
2506                                 id=\"prefFilterList\">";
2507
2508                         print "<tr><td class=\"selectPrompt\" colspan=\"8\">
2509                                 Select:
2510                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFilterList',
2511                                                 'FILRR-', 'FICHK-', true)\">All</a>,
2512                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefFilterList',
2513                                                 'FILRR-', 'FICHK-', false)\">None</a>
2514                                 </td</tr>";
2515
2516                         print "<tr class=\"title\">
2517                                                 <td align='center' width=\"5%\">&nbsp;</td>
2518                                                 <td width=\"20%\">Filter expression</td>
2519                                                 <td width=\"20%\">Feed</td>
2520                                                 <td width=\"15%\">Match</td>
2521                                                 <td width=\"15%\">Action</td>
2522                                                 <td width=\"30%\">Description</td></tr>";
2523
2524                         $lnum = 0;
2525
2526                         while ($line = db_fetch_assoc($result)) {
2527
2528                                 $class = ($lnum % 2) ? "even" : "odd";
2529
2530                                 $filter_id = $line["id"];
2531                                 $edit_filter_id = $_GET["id"];
2532
2533                                 if ($subop == "edit" && $filter_id != $edit_filter_id) {
2534                                         $class .= "Grayed";
2535                                         $this_row_id = "";
2536                                 } else {
2537                                         $this_row_id = "id=\"FILRR-$filter_id\"";
2538                                 }
2539
2540                                 print "<tr class=\"$class\" $this_row_id>";
2541
2542                                 $line["regexp"] = htmlspecialchars($line["reg_exp"]);
2543                                 $line["description"] = htmlspecialchars($line["description"]);
2544
2545                                 if (!$line["feed_title"]) $line["feed_title"] = "All feeds";
2546
2547                                 if (!$edit_filter_id || $subop != "edit") {
2548
2549                                         if (!$line["description"]) $line["description"] = "[No description]";
2550
2551                                         print "<td align='center'><input onclick='toggleSelectRow(this);'
2552                                         type=\"checkbox\" id=\"FICHK-".$line["id"]."\"></td>";
2553
2554                                         print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2555                                                 $line["reg_exp"] . "</td>";
2556
2557                                         print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2558                                                 $line["feed_title"] . "</td>";
2559
2560                                         print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2561                                                 $line["filter_type_descr"] . "</td>";
2562
2563                                         print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2564                                                 $line["action_description"] . "</td>";
2565
2566                                         print "<td><a href=\"javascript:editFilter($filter_id);\">" .
2567                                                 $line["description"] . "</td>";
2568
2569                                 } else if ($filter_id != $edit_filter_id) {
2570
2571                                         if (!$line["description"]) $line["description"] = "[No description]";
2572
2573                                         print "<td><input disabled=\"true\" type=\"checkbox\"
2574                                                 id=\"FICHK-".$line["id"]."\"></td>";
2575
2576                                         print "<td>".$line["reg_exp"]."</td>";
2577                                         print "<td>".$line["feed_title"]."</td>";
2578                                         print "<td>".$line["filter_type_descr"]."</td>";
2579                                         print "<td>".$line["action_description"]."</td>";
2580                                         print "<td>".$line["description"]."</td>";
2581
2582                                 } else {
2583
2584                                         print "<td><input disabled=\"true\" type=\"checkbox\" checked></td>";
2585
2586                                         print "<td><input id=\"iedit_regexp\" value=\"".$line["reg_exp"].
2587                                                 "\"></td>";
2588
2589                                         print "<td>";
2590                                         print "<select id=\"iedit_feed\">";
2591                                         print "<option id=\"0\">All feeds</option>";
2592
2593                                         $tmp_result = db_query($link, "SELECT id,title FROM ttrss_feeds
2594                                                 WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY title");
2595
2596                                         if (db_num_rows($tmp_result) > 0) {
2597                                                 print "<option disabled>--------</option>";
2598                                         }
2599
2600                                         while ($tmp_line = db_fetch_assoc($tmp_result)) {
2601                                                 if ($tmp_line["id"] == $line["feed_id"]) {
2602                                                         $is_selected = "selected";
2603                                                 } else {
2604                                                         $is_selected = "";
2605                                                 }
2606                                                 printf("<option $is_selected id='%d'>%s</option>",
2607                                                         $tmp_line["id"], $tmp_line["title"]);
2608                                         }
2609
2610                                         print "</select></td>";
2611
2612                                         print "<td>";
2613                                         print_select("iedit_match", $line["filter_type_descr"], $filter_types);
2614                                         print "</td>";
2615
2616                                         print "<td>";
2617                                         print "<select id=\"iedit_filter_action\">";
2618
2619                                         $tmp_result = db_query($link, "SELECT id,description FROM ttrss_filter_actions
2620                                                 ORDER BY description");
2621
2622                                         while ($tmp_line = db_fetch_assoc($tmp_result)) {
2623                                                 if ($tmp_line["description"] == $line["action_description"]) {
2624                                                         $is_selected = "selected";
2625                                                 } else {
2626                                                         $is_selected = "";
2627                                                 }
2628                                                 printf("<option $is_selected id='%d'>%s</option>",
2629                                                         $tmp_line["id"], $tmp_line["description"]);
2630                                         }
2631
2632                                         print "</select></td>";
2633
2634
2635                                         print "<td><input id=\"iedit_descr\" value=\"".$line["description"].
2636                                                 "\"></td>";
2637
2638                                         print "</td>";
2639                                 }
2640
2641                                 print "</tr>";
2642
2643                                 ++$lnum;
2644                         }
2645
2646                         if ($lnum == 0) {
2647                                 print "<tr><td colspan=\"4\" align=\"center\">No filters defined.</td></tr>";
2648                         }
2649
2650                         print "</table>";
2651
2652                         print "<p>";
2653
2654                         if ($subop == "edit") {
2655                                 print "Edit filter:
2656                                         <input type=\"submit\" class=\"button\"
2657                                                 onclick=\"javascript:filterEditSave()\" value=\"Save\">
2658                                         <input type=\"submit\" class=\"button\"
2659                                                 onclick=\"javascript:filterEditCancel()\" value=\"Cancel\">";
2660
2661                         } else {
2662
2663                                 print "
2664                                         Selection:
2665                                 <input type=\"submit\" class=\"button\"
2666                                         onclick=\"javascript:editSelectedFilter()\" value=\"Edit\">
2667                                 <input type=\"submit\" class=\"button\"
2668                                         onclick=\"javascript:removeSelectedFilters()\" value=\"Remove\">";
2669                         }
2670
2671                 } else {
2672
2673                         print "<p>No filters defined.</p>";
2674
2675                 }
2676         }
2677
2678         // We need to accept raw SQL data in label queries, so not everything is escaped
2679         // here, this is by design. If you don't like the whole idea, disable labels
2680         // altogether with GLOBAL_ENABLE_LABELS = false
2681
2682         if ($op == "pref-labels") {
2683
2684                 if (!GLOBAL_ENABLE_LABELS) {
2685                         return;
2686                 }
2687
2688                 $subop = $_GET["subop"];
2689
2690                 if ($subop == "test") {
2691
2692                         $expr = $_GET["expr"];
2693                         $descr = $_GET["descr"];
2694
2695                         print "<div class='infoBoxContents'>";
2696
2697                         print "<h1>Label &laquo;$descr&raquo;</h1>";
2698
2699 //                      print "<p><b>Expression</b>: $expr</p>";
2700
2701                         $result = db_query($link,
2702                                 "SELECT count(id) AS num_matches
2703                                         FROM ttrss_entries,ttrss_user_entries
2704                                         WHERE ($expr) AND
2705                                                 ttrss_user_entries.ref_id = ttrss_entries.id AND
2706                                                 owner_uid = " . $_SESSION["uid"]);
2707
2708                         $num_matches = db_fetch_result($result, 0, "num_matches");;
2709
2710                         if ($num_matches > 0) {
2711
2712                                 print "<p>Query returned <b>$num_matches</b> matches, first 5 follow:</p>";
2713
2714                                 $result = db_query($link,
2715                                         "SELECT title,
2716                                                 (SELECT title FROM ttrss_feeds WHERE id = feed_id) AS feed_title
2717                                         FROM ttrss_entries,ttrss_user_entries
2718                                                         WHERE ($expr) AND
2719                                                         ttrss_user_entries.ref_id = ttrss_entries.id
2720                                                         AND owner_uid = " . $_SESSION["uid"] . "
2721                                                         ORDER BY date_entered DESC LIMIT 5");
2722
2723                                 print "<ul class=\"nomarks\">";
2724                                 while ($line = db_fetch_assoc($result)) {
2725                                         print "<li>".$line["title"].
2726                                                 " <span class=\"insensitive\">(".$line["feed_title"].")</span></li>";
2727                                 }
2728                                 print "</ul>";
2729
2730                         } else {
2731                                 print "<p>Query didn't return any matches.</p>";
2732                         }
2733
2734                         print "</div>";
2735
2736                         print "<div align='center'>
2737                                 <input type='submit' class='button'
2738                                 onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
2739                         return;
2740                 }
2741
2742                 if ($subop == "editSave") {
2743
2744                         $sql_exp = $_GET["s"];
2745                         $descr = $_GET["d"];
2746                         $label_id = db_escape_string($_GET["id"]);
2747
2748 //                      print "$sql_exp : $descr : $label_id";
2749
2750                         $result = db_query($link, "UPDATE ttrss_labels SET
2751                                 sql_exp = '$sql_exp',
2752                                 description = '$descr'
2753                                 WHERE id = '$label_id'");
2754                 }
2755
2756                 if ($subop == "remove") {
2757
2758                         if (!WEB_DEMO_MODE) {
2759
2760                                 $ids = split(",", db_escape_string($_GET["ids"]));
2761
2762                                 foreach ($ids as $id) {
2763                                         db_query($link, "DELETE FROM ttrss_labels WHERE id = '$id'");
2764
2765                                 }
2766                         }
2767                 }
2768
2769                 if ($subop == "add") {
2770
2771                         if (!WEB_DEMO_MODE) {
2772
2773                                 // no escaping is done here on purpose
2774                                 $exp = trim($_GET["exp"]);
2775
2776                                 $result = db_query($link,
2777                                         "INSERT INTO ttrss_labels (sql_exp,description,owner_uid)
2778                                                 VALUES ('$exp', '$exp', '".$_SESSION["uid"]."')");
2779                         }
2780                 }
2781
2782                 print "<div class=\"prefGenericAddBox\">
2783                         <input size=\"40\" id=\"ladd_expr\">&nbsp;";
2784
2785                 print"<input type=\"submit\" class=\"button\"
2786                         onclick=\"javascript:addLabel()\" value=\"Add label\"></div>";
2787
2788                 $result = db_query($link, "SELECT
2789                                 id,sql_exp,description
2790                         FROM
2791                                 ttrss_labels
2792                         WHERE
2793                                 owner_uid = ".$_SESSION["uid"]."
2794                         ORDER by description");
2795
2796                 print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
2797
2798                 if (db_num_rows($result) != 0) {
2799
2800                         print "<p><table width=\"100%\" cellspacing=\"0\"
2801                                 class=\"prefLabelList\" id=\"prefLabelList\">";
2802
2803                         print "<tr><td class=\"selectPrompt\" colspan=\"8\">
2804                                 Select:
2805                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefLabelList',
2806                                                 'LILRR-', 'LICHK-', true)\">All</a>,
2807                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefLabelList',
2808                                                 'LILRR-', 'LICHK-', false)\">None</a>
2809                                 </td</tr>";
2810
2811                         print "<tr class=\"title\">
2812                                                 <td align='center' width=\"5%\">&nbsp;</td>
2813                                                 <td width=\"40%\">SQL expression
2814                                                 <a class=\"helpLink\" href=\"javascript:displayHelpInfobox(1)\">(?)</a>
2815                                                 </td>
2816                                                 <td width=\"40%\">Caption</td></tr>";
2817
2818                         $lnum = 0;
2819
2820                         while ($line = db_fetch_assoc($result)) {
2821
2822                                 $class = ($lnum % 2) ? "even" : "odd";
2823
2824                                 $label_id = $line["id"];
2825                                 $edit_label_id = $_GET["id"];
2826
2827                                 if ($subop == "edit" && $label_id != $edit_label_id) {
2828                                         $class .= "Grayed";
2829                                         $this_row_id = "";
2830                                 } else {
2831                                         $this_row_id = "id=\"LILRR-$label_id\"";
2832                                 }
2833
2834                                 print "<tr class=\"$class\" $this_row_id>";
2835
2836                                 $line["sql_exp"] = htmlspecialchars($line["sql_exp"]);
2837                                 $line["description"] = htmlspecialchars($line["description"]);
2838
2839                                 if (!$edit_label_id || $subop != "edit") {
2840
2841                                         if (!$line["description"]) $line["description"] = "[No caption]";
2842
2843                                         print "<td align='center'><input onclick='toggleSelectRow(this);'
2844                                         type=\"checkbox\" id=\"LICHK-".$line["id"]."\"></td>";
2845
2846                                         print "<td><a href=\"javascript:editLabel($label_id);\">" .
2847                                                 $line["sql_exp"] . "</td>";
2848
2849                                         print "<td><a href=\"javascript:editLabel($label_id);\">" .
2850                                                 $line["description"] . "</td>";
2851
2852                                 } else if ($label_id != $edit_label_id) {
2853
2854                                         if (!$line["description"]) $line["description"] = "[No description]";
2855
2856                                         print "<td><input disabled=\"true\" type=\"checkbox\"
2857                                                 id=\"LICHK-".$line["id"]."\"></td>";
2858
2859                                         print "<td>".$line["sql_exp"]."</td>";
2860                                         print "<td>".$line["description"]."</td>";
2861
2862                                 } else {
2863
2864                                         print "<td><input disabled=\"true\" type=\"checkbox\" checked></td>";
2865
2866                                         print "<td><input id=\"iedit_expr\" value=\"".$line["sql_exp"].
2867                                                 "\"></td>";
2868
2869                                         print "<td><input id=\"iedit_descr\" value=\"".$line["description"].
2870                                                 "\"></td>";
2871
2872                                 }
2873
2874
2875                                 print "</tr>";
2876
2877                                 ++$lnum;
2878                         }
2879
2880                         if ($lnum == 0) {
2881                                 print "<tr><td colspan=\"4\" align=\"center\">No labels defined.</td></tr>";
2882                         }
2883
2884                         print "</table>";
2885
2886                         print "<p>";
2887
2888                         if ($subop == "edit") {
2889                                 print "Edit label:
2890                                         <input type=\"submit\" class=\"button\"
2891                                                 onclick=\"javascript:labelTest()\" value=\"Test\">
2892                                         <input type=\"submit\" class=\"button\"
2893                                                 onclick=\"javascript:labelEditSave()\" value=\"Save\">
2894                                         <input type=\"submit\" class=\"button\"
2895                                                 onclick=\"javascript:labelEditCancel()\" value=\"Cancel\">";
2896
2897                         } else {
2898
2899                                 print "
2900                                         Selection:
2901                                 <input type=\"submit\" class=\"button\"
2902                                         onclick=\"javascript:editSelectedLabel()\" value=\"Edit\">
2903                                 <input type=\"submit\" class=\"button\"
2904                                         onclick=\"javascript:removeSelectedLabels()\" value=\"Remove\">";
2905                         }
2906                 } else {
2907                         print "<p>No labels defined.</p>";
2908                 }
2909         }
2910
2911         if ($op == "error") {
2912                 print "<div width=\"100%\" align='center'>";
2913                 $msg = $_GET["msg"];
2914                 print $msg;
2915                 print "</div>";
2916         }
2917
2918         if ($op == "help") {
2919                 if (!$_GET["noheaders"]) {
2920                         print "<html><head>
2921                                 <title>Tiny Tiny RSS : Help</title>
2922                                 <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">
2923                                 <script type=\"text/javascript\" src=\"functions.js\"></script>
2924                                 <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
2925                                 </head><body>";
2926                 }
2927
2928                 $tid = sprintf("%d", $_GET["tid"]);
2929
2930                 print "<div class='infoBoxContents'>";
2931
2932                 if (file_exists("help/$tid.php")) {
2933                         include("help/$tid.php");
2934                 } else {
2935                         print "<p>Help topic not found.</p>";
2936                 }
2937
2938                 print "</div>";
2939
2940                 print "<div align='center'>
2941                         <input type='submit' class='button'
2942                         onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
2943
2944                 if (!$_GET["noheaders"]) {
2945                         print "</body></html>";
2946                 }
2947
2948         }
2949
2950         if ($op == "dlg") {
2951                 $id = $_GET["id"];
2952                 $param = $_GET["param"];
2953
2954                 if ($id == "quickAddFeed") {
2955                         print "
2956                         Feed URL: <input
2957                         onblur=\"javascript:enableHotkeys()\" onfocus=\"javascript:disableHotkeys()\"
2958                         id=\"qafInput\">";
2959
2960                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
2961                                 $result = db_query($link, "SELECT title,id FROM ttrss_feed_categories
2962                                         WHERE owner_uid = ".$_SESSION["uid"]."
2963                                         ORDER BY title");
2964
2965                                 print " <select id=\"qafCat\">";
2966                                 print "<option id=\"0\">Uncategorized</option>";
2967
2968                                 if (db_num_rows($result) != 0) {
2969
2970                                         print "<option disabled>--------</option>";
2971
2972                                         while ($line = db_fetch_assoc($result)) {
2973                                                 printf("<option id='%d'>%s</option>",
2974                                                         $line["id"], $line["title"]);
2975                                         }
2976                                 }
2977
2978                                 print "</select>";
2979                         }
2980
2981                         print "&nbsp;<input class=\"button\"
2982                                 type=\"submit\" onclick=\"javascript:qafAdd()\" value=\"Add feed\">
2983                         <input class=\"button\"
2984                                 type=\"submit\" onclick=\"javascript:closeDlg()\"
2985                                 value=\"Cancel\">";
2986                 }
2987
2988                 if ($id == "quickDelFeed") {
2989
2990                         $param = db_escape_string($param);
2991
2992                         $result = db_query($link, "SELECT title FROM ttrss_feeds WHERE id = '$param'");
2993
2994                         if ($result) {
2995
2996                                 $f_title = db_fetch_result($result, 0, "title");
2997
2998                                 print "Remove current feed (<b>$f_title</b>)?&nbsp;
2999                                 <input class=\"button\"
3000                                         type=\"submit\" onclick=\"javascript:qfdDelete($param)\" value=\"Remove\">
3001                                 <input class=\"button\"
3002                                         type=\"submit\" onclick=\"javascript:closeDlg()\"
3003                                         value=\"Cancel\">";
3004                         } else {
3005                                 print "Error: Feed $param not found.&nbsp;
3006                                 <input class=\"button\"
3007                                         type=\"submit\" onclick=\"javascript:closeDlg()\"
3008                                         value=\"Cancel\">";
3009                         }
3010                 }
3011
3012                 if ($id == "search") {
3013
3014                         $active_feed_id = db_escape_string($_GET["param"]);
3015
3016                         print "<input id=\"searchbox\" class=\"extSearch\"
3017                         onblur=\"javascript:enableHotkeys()\" onfocus=\"javascript:disableHotkeys()\"
3018                         onchange=\"javascript:search()\">
3019                         <select id=\"searchmodebox\">
3020                                 <option selected>All feeds</option>";
3021
3022                         if ($active_feed_id) {
3023                                 print "<option>This feed</option>";
3024                         } else {
3025                                 print "<option disabled>This feed</option>";
3026                         }
3027
3028                         if (get_pref($link, 'ENABLE_FEED_CATS')) {
3029                                 print "<option>This category</option>";
3030                         }
3031
3032                         print "</select>
3033                         <input type=\"submit\"
3034                                 class=\"button\" onclick=\"javascript:search()\" value=\"Search\">
3035                         <input class=\"button\"
3036                                 type=\"submit\" onclick=\"javascript:closeDlg()\"
3037                                 value=\"Close\">";
3038
3039                 }
3040
3041                 if ($id == "quickAddFilter") {
3042
3043                         $result = db_query($link, "SELECT description
3044                                 FROM ttrss_filter_types ORDER BY description");
3045
3046                         $filter_types = array();
3047
3048                         while ($line = db_fetch_assoc($result)) {
3049                                 array_push($filter_types, $line["description"]);
3050                         }
3051
3052                         print "<table>";
3053
3054                         print "<tr><td>Match:</td><td><input id=\"fadd_regexp\" size=\"40\">&nbsp;";
3055
3056                         print_select("fadd_match", "Title", $filter_types);
3057
3058                         print "</td></tr>";
3059                         print "<tr><td>Feed:</td><td><select id=\"fadd_feed\">";
3060
3061                         print "<option selected id=\"0\">All feeds</option>";
3062
3063                         $result = db_query($link, "SELECT id,title FROM ttrss_feeds
3064                                 WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY title");
3065
3066                         if (db_num_rows($result) > 0) {
3067                                 print "<option disabled>--------</option>";
3068                         }
3069
3070                         while ($line = db_fetch_assoc($result)) {
3071                                 if ($param == $line["id"]) {
3072                                         $selected = "selected";
3073                                 } else {
3074                                         $selected = "";
3075                                 }
3076                                 printf("<option id='%d' %s>%s</option>", $line["id"], $selected, $line["title"]);
3077                         }
3078
3079                         print "</select></td></tr>";
3080
3081                         print "<tr><td>Action:</td>";
3082
3083                         print "<td><select id=\"fadd_action\">";
3084
3085                         $result = db_query($link, "SELECT id,description FROM ttrss_filter_actions
3086                                 ORDER BY name");
3087
3088                         while ($line = db_fetch_assoc($result)) {
3089                                 printf("<option id='%d'>%s</option>", $line["id"], $line["description"]);
3090                         }
3091
3092                         print "</select>";
3093
3094                         print "</td></tr><tr><td colspan=\"2\" align=\"right\">";
3095
3096                         print "<input type=\"submit\"
3097                                 class=\"button\" onclick=\"javascript:qaddFilter()\"
3098                                 value=\"Add filter\"> ";
3099
3100                         print "<input class=\"button\"
3101                                 type=\"submit\" onclick=\"javascript:closeDlg()\"
3102                                 value=\"Close\">";
3103
3104                         print "</td></tr></table>";
3105                 }
3106         }
3107
3108         // update feeds of all users, may be used anonymously
3109         if ($op == "globalUpdateFeeds") {
3110
3111                 $result = db_query($link, "SELECT id FROM ttrss_users");
3112
3113                 while ($line = db_fetch_assoc($result)) {
3114                         $user_id = $line["id"];
3115 //                      print "<!-- updating feeds of uid $user_id -->";
3116                         update_all_feeds($link, false, $user_id);
3117                 }
3118
3119                 print "<rpc-reply>
3120                         <message msg=\"All feeds updated\"/>
3121                 </rpc-reply>";
3122
3123         }
3124
3125         if ($op == "pref-prefs") {
3126
3127                 $subop = $_REQUEST["subop"];
3128
3129                 if ($subop == "Save configuration") {
3130
3131                         if (WEB_DEMO_MODE) {
3132                                 header("Location: prefs.php");
3133                                 return;
3134                         }
3135
3136                         $_SESSION["prefs_op_result"] = "save-config";
3137
3138                         $_SESSION["prefs_cache"] = false;
3139
3140                         foreach (array_keys($_POST) as $pref_name) {
3141
3142                                 $pref_name = db_escape_string($pref_name);
3143                                 $value = db_escape_string($_POST[$pref_name]);
3144
3145                                 $result = db_query($link, "SELECT type_name
3146                                         FROM ttrss_prefs,ttrss_prefs_types
3147                                         WHERE pref_name = '$pref_name' AND type_id = ttrss_prefs_types.id");
3148
3149                                 if (db_num_rows($result) > 0) {
3150
3151                                         $type_name = db_fetch_result($result, 0, "type_name");
3152
3153 //                                      print "$pref_name : $type_name : $value<br>";
3154
3155                                         if ($type_name == "bool") {
3156                                                 if ($value == "1") {
3157                                                         $value = "true";
3158                                                 } else {
3159                                                         $value = "false";
3160                                                 }
3161                                         } else if ($type_name == "integer") {
3162                                                 $value = sprintf("%d", $value);
3163                                         }
3164
3165 //                                      print "$pref_name : $type_name : $value<br>";
3166
3167                                         db_query($link, "UPDATE ttrss_user_prefs SET value = '$value'
3168                                                 WHERE pref_name = '$pref_name' AND owner_uid = ".$_SESSION["uid"]);
3169
3170                                 }
3171
3172                                 header("Location: prefs.php");
3173
3174                         }
3175
3176                 } else if ($subop == "getHelp") {
3177
3178                         $pref_name = db_escape_string($_GET["pn"]);
3179
3180                         $result = db_query($link, "SELECT help_text FROM ttrss_prefs
3181                                 WHERE pref_name = '$pref_name'");
3182
3183                         if (db_num_rows($result) > 0) {
3184                                 $help_text = db_fetch_result($result, 0, "help_text");
3185                                 print $help_text;
3186                         } else {
3187                                 print "Unknown option: $pref_name";
3188                         }
3189
3190                 } else if ($subop == "Change e-mail") {
3191
3192                         if (WEB_DEMO_MODE) {
3193                                 header("Location: prefs.php");
3194                                 return;
3195                         }
3196
3197                         $email = db_escape_string($_GET["email"]);
3198                         $active_uid = $_SESSION["uid"];
3199
3200                         if ($email) {
3201                                 db_query($link, "UPDATE ttrss_users SET email = '$email'
3202                                                 WHERE id = '$active_uid'");
3203                         }
3204
3205                         header("Location: prefs.php");
3206
3207                 } else if ($subop == "Change password") {
3208
3209                         if (WEB_DEMO_MODE) {
3210                                 header("Location: prefs.php");
3211                                 return;
3212                         }
3213
3214                         $old_pw = $_POST["OLD_PASSWORD"];
3215                         $new_pw = $_POST["OLD_PASSWORD"];
3216
3217                         $old_pw_hash = 'SHA1:' . sha1($_POST["OLD_PASSWORD"]);
3218                         $new_pw_hash = 'SHA1:' . sha1($_POST["NEW_PASSWORD"]);
3219
3220                         $active_uid = $_SESSION["uid"];
3221
3222                         if ($old_pw && $new_pw) {
3223
3224                                 $login = db_escape_string($_SERVER['PHP_AUTH_USER']);
3225
3226                                 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
3227                                         id = '$active_uid' AND (pwd_hash = '$old_pw' OR
3228                                                 pwd_hash = '$old_pw_hash')");
3229
3230                                 if (db_num_rows($result) == 1) {
3231                                         db_query($link, "UPDATE ttrss_users SET pwd_hash = '$new_pw_hash'
3232                                                 WHERE id = '$active_uid'");
3233
3234                                         $_SESSION["pwd_change_result"] = "ok";
3235                                 } else {
3236                                         $_SESSION["pwd_change_result"] = "failed";
3237                                 }
3238                         }
3239
3240                         header("Location: prefs.php");
3241
3242                 } else if ($subop == "Reset to defaults") {
3243
3244                         if (WEB_DEMO_MODE) {
3245                                 header("Location: prefs.php");
3246                                 return;
3247                         }
3248
3249                         $_SESSION["prefs_op_result"] = "reset-to-defaults";
3250
3251                         if (DB_TYPE == "pgsql") {
3252                                 db_query($link,"UPDATE ttrss_user_prefs
3253                                         SET value = ttrss_prefs.def_value
3254                                         WHERE owner_uid = '".$_SESSION["uid"]."' AND
3255                                         ttrss_prefs.pref_name = ttrss_user_prefs.pref_name");
3256                         } else {
3257                                 db_query($link, "DELETE FROM ttrss_user_prefs
3258                                         WHERE owner_uid = ".$_SESSION["uid"]);
3259                                 initialize_user_prefs($link, $_SESSION["uid"]);
3260                         }
3261
3262                         header("Location: prefs.php");
3263
3264                 } else if ($subop == "Change theme") {
3265
3266                         $theme = db_escape_string($_POST["theme"]);
3267
3268                         if ($theme == "Default") {
3269                                 $theme_qpart = 'NULL';
3270                         } else {
3271                                 $theme_qpart = "'$theme'";
3272                         }
3273
3274                         $result = db_query($link, "SELECT id,theme_path FROM ttrss_themes
3275                                 WHERE theme_name = '$theme'");
3276
3277                         if (db_num_rows($result) == 1) {
3278                                 $theme_id = db_fetch_result($result, 0, "id");
3279                                 $theme_path = db_fetch_result($result, 0, "theme_path");
3280                         } else {
3281                                 $theme_id = "NULL";
3282                                 $theme_path = "";
3283                         }
3284
3285                         db_query($link, "UPDATE ttrss_users SET
3286                                 theme_id = $theme_id WHERE id = " . $_SESSION["uid"]);
3287
3288                         $_SESSION["theme"] = $theme_path;
3289
3290                         header("Location: prefs.php");
3291
3292                 } else {
3293
3294                         if (!SINGLE_USER_MODE) {
3295
3296                                 $result = db_query($link, "SELECT id,email FROM ttrss_users
3297                                         WHERE id = ".$_SESSION["uid"]." AND (pwd_hash = 'password' OR
3298                                                 pwd_hash = 'SHA1:".sha1("password")."')");
3299
3300                                 if (db_num_rows($result) != 0) {
3301                                         print "<div class=\"warning\">
3302                                                 Your password is at default value, please change it.
3303                                         </div>";
3304                                 }
3305
3306                                 if ($_SESSION["pwd_change_result"] == "failed") {
3307                                         print "<div class=\"warning\">
3308                                                         There was an error while changing your password.
3309                                                 </div>";
3310                                 }
3311
3312                                 if ($_SESSION["pwd_change_result"] == "ok") {
3313                                         print "<div class=\"notice\">
3314                                                         Password changed successfully.
3315                                                 </div>";
3316                                 }
3317
3318                                 $_SESSION["pwd_change_result"] = "";
3319
3320                                 if ($_SESSION["prefs_op_result"] == "reset-to-defaults") {
3321                                         print "<div class=\"notice\">
3322                                                         Your configuration was reset to defaults.
3323                                                 </div>";
3324                                 }
3325
3326                                 if ($_SESSION["prefs_op_result"] == "save-config") {
3327                                         print "<div class=\"notice\">
3328                                                         Your configuration was saved successfully.
3329                                                 </div>";
3330                                 }
3331
3332                                 $_SESSION["prefs_op_result"] = "";
3333
3334                                 print "<form action=\"backend.php\" method=\"GET\">";
3335
3336                                 print "<table width=\"100%\" class=\"prefPrefsList\">";
3337                                 print "<tr><td colspan='3'><h3>Personal data</h3></tr></td>";
3338
3339                                 $result = db_query($link, "SELECT email FROM ttrss_users
3340                                         WHERE id = ".$_SESSION["uid"]);
3341
3342                                 $email = db_fetch_result($result, 0, "email");
3343
3344                                 print "<tr><td width=\"40%\">E-mail</td>";
3345                                 print "<td><input class=\"editbox\" name=\"email\"
3346                                         value=\"$email\"></td></tr>";
3347
3348                                 print "</table>";
3349
3350                                 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
3351
3352                                 print "<p><input class=\"button\" type=\"submit\"
3353                                         value=\"Change e-mail\" name=\"subop\">";
3354
3355                                 print "</form>";
3356
3357                                 print "<form action=\"backend.php\" method=\"POST\">";
3358
3359                                 print "<table width=\"100%\" class=\"prefPrefsList\">";
3360                                 print "<tr><td colspan='3'><h3>Authentication</h3></tr></td>";
3361
3362                                 print "<tr><td width=\"40%\">Old password</td>";
3363                                 print "<td><input class=\"editbox\" type=\"password\"
3364                                         name=\"OLD_PASSWORD\"></td></tr>";
3365
3366                                 print "<tr><td width=\"40%\">New password</td>";
3367
3368                                 print "<td><input class=\"editbox\" type=\"password\"
3369                                         name=\"NEW_PASSWORD\"></td></tr>";
3370
3371                                 print "</table>";
3372
3373                                 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
3374
3375                                 print "<p><input class=\"button\" type=\"submit\"
3376                                         value=\"Change password\" name=\"subop\">";
3377
3378                                 print "</form>";
3379
3380                         }
3381
3382                         $result = db_query($link, "SELECT
3383                                 theme_id FROM ttrss_users WHERE id = " . $_SESSION["uid"]);
3384
3385                         $user_theme_id = db_fetch_result($result, 0, "theme_id");
3386
3387                         $result = db_query($link, "SELECT
3388                                 id,theme_name FROM ttrss_themes ORDER BY theme_name");
3389
3390                         if (db_num_rows($result) > 0) {
3391
3392                                 print "<form action=\"backend.php\" method=\"POST\">";
3393                                 print "<table width=\"100%\" class=\"prefPrefsList\">";
3394                                 print "<tr><td colspan='3'><h3>Themes</h3></tr></td>";
3395                                 print "<tr><td width=\"40%\">Select theme</td>";
3396                                 print "<td><select name=\"theme\">";
3397                                 print "<option>Default</option>";
3398                                 print "<option disabled>--------</option>";
3399
3400                                 while ($line = db_fetch_assoc($result)) {
3401                                         if ($line["id"] == $user_theme_id) {
3402                                                 $selected = "selected";
3403                                         } else {
3404                                                 $selected = "";
3405                                         }
3406                                         print "<option $selected>" . $line["theme_name"] . "</option>";
3407                                 }
3408                                 print "</select></td></tr>";
3409                                 print "</table>";
3410                                 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
3411                                 print "<p><input class=\"button\" type=\"submit\"
3412                                         value=\"Change theme\" name=\"subop\">";
3413                                 print "</form>";
3414                         }
3415
3416                         $result = db_query($link, "SELECT
3417                                 ttrss_user_prefs.pref_name,short_desc,help_text,value,type_name,
3418                                 section_name,def_value
3419                                 FROM ttrss_prefs,ttrss_prefs_types,ttrss_prefs_sections,ttrss_user_prefs
3420                                 WHERE type_id = ttrss_prefs_types.id AND
3421                                         section_id = ttrss_prefs_sections.id AND
3422                                         ttrss_user_prefs.pref_name = ttrss_prefs.pref_name AND
3423                                         owner_uid = ".$_SESSION["uid"]."
3424                                 ORDER BY section_id,short_desc");
3425
3426                         print "<form action=\"backend.php\" method=\"POST\">";
3427
3428                         $lnum = 0;
3429
3430                         $active_section = "";
3431
3432                         while ($line = db_fetch_assoc($result)) {
3433
3434                                 if ($active_section != $line["section_name"]) {
3435
3436                                         if ($active_section != "") {
3437                                                 print "</table>";
3438                                         }
3439
3440                                         print "<p><table width=\"100%\" class=\"prefPrefsList\">";
3441
3442                                         $active_section = $line["section_name"];
3443
3444                                         print "<tr><td colspan=\"3\"><h3>$active_section</h3></td></tr>";
3445 //                                      print "<tr class=\"title\">
3446 //                                              <td width=\"25%\">Option</td><td>Value</td></tr>";
3447
3448                                         $lnum = 0;
3449                                 }
3450
3451 //                              $class = ($lnum % 2) ? "even" : "odd";
3452
3453                                 print "<tr>";
3454
3455                                 $type_name = $line["type_name"];
3456                                 $pref_name = $line["pref_name"];
3457                                 $value = $line["value"];
3458                                 $def_value = $line["def_value"];
3459                                 $help_text = $line["help_text"];
3460
3461                                 print "<td width=\"40%\" id=\"$pref_name\">" . $line["short_desc"];
3462
3463                                 if ($help_text) print "<div class=\"prefHelp\">$help_text</div>";
3464
3465                                 print "</td>";
3466
3467                                 print "<td>";
3468
3469                                 if ($type_name == "bool") {
3470 //                                      print_select($pref_name, $value, array("true", "false"));
3471
3472                                         if ($value == "true") {
3473                                                 $value = "Yes";
3474                                         } else {
3475                                                 $value = "No";
3476                                         }
3477
3478                                         print_radio($pref_name, $value, array("Yes", "No"));
3479
3480                                 } else {
3481                                         print "<input class=\"editbox\" name=\"$pref_name\" value=\"$value\">";
3482                                 }
3483
3484                                 print "</td>";
3485
3486                                 print "</tr>";
3487
3488                                 $lnum++;
3489                         }
3490
3491                         print "</table>";
3492
3493                         print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
3494
3495                         print "<p><input class=\"button\" type=\"submit\"
3496                                 name=\"subop\" value=\"Save configuration\">";
3497
3498                         print "&nbsp;<input class=\"button\" type=\"submit\"
3499                                 name=\"subop\" onclick=\"return validatePrefsReset()\"
3500                                 value=\"Reset to defaults\"></p>";
3501
3502                         print "</form>";
3503
3504                 }
3505
3506         }
3507
3508         if ($op == "pref-users") {
3509
3510                 $subop = $_GET["subop"];
3511
3512                 if ($subop == "editSave") {
3513
3514                         if (!WEB_DEMO_MODE) {
3515
3516                                 $login = db_escape_string($_GET["l"]);
3517                                 $uid = db_escape_string($_GET["id"]);
3518                                 $access_level = sprintf("%d", $_GET["al"]);
3519                                 $email = db_escape_string($_GET["e"]);
3520
3521                                 db_query($link, "UPDATE ttrss_users SET login = '$login',
3522                                         access_level = '$access_level', email = '$email' WHERE id = '$uid'");
3523
3524                         }
3525                 } else if ($subop == "remove") {
3526
3527                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3528
3529                                 $ids = split(",", db_escape_string($_GET["ids"]));
3530
3531                                 foreach ($ids as $id) {
3532                                         db_query($link, "DELETE FROM ttrss_users WHERE id = '$id' AND id != " . $_SESSION["uid"]);
3533
3534                                 }
3535                         }
3536                 } else if ($subop == "add") {
3537
3538                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3539
3540                                 $login = db_escape_string(trim($_GET["login"]));
3541                                 $tmp_user_pwd = make_password(8);
3542                                 $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd);
3543
3544                                 db_query($link, "INSERT INTO ttrss_users
3545                                         (login,pwd_hash,access_level,last_login)
3546                                         VALUES ('$login', '$pwd_hash', 0, NOW())");
3547
3548
3549                                 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
3550                                         login = '$login' AND pwd_hash = '$pwd_hash'");
3551
3552                                 if (db_num_rows($result) == 1) {
3553
3554                                         $new_uid = db_fetch_result($result, 0, "id");
3555
3556                                         print "<div class=\"notice\">Added user <b>".$_GET["login"].
3557                                                 "</b> with password <b>$tmp_user_pwd</b>.</div>";
3558
3559                                         initialize_user($link, $new_uid);
3560
3561                                 } else {
3562
3563                                         print "<div class=\"warning\">Error while adding user <b>".
3564                                         $_GET["login"].".</b></div>";
3565
3566                                 }
3567                         }
3568                 } else if ($subop == "resetPass") {
3569
3570                         if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
3571
3572                                 $uid = db_escape_string($_GET["id"]);
3573
3574                                 $result = db_query($link, "SELECT login,email
3575                                         FROM ttrss_users WHERE id = '$uid'");
3576
3577                                 $login = db_fetch_result($result, 0, "login");
3578                                 $email = db_fetch_result($result, 0, "email");
3579                                 $tmp_user_pwd = make_password(8);
3580                                 $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd);
3581
3582                                 db_query($link, "UPDATE ttrss_users SET pwd_hash = '$pwd_hash'
3583                                         WHERE id = '$uid'");
3584
3585                                 print "<div class=\"notice\">Changed password of
3586                                         user <b>$login</b> to <b>$tmp_user_pwd</b>.";
3587
3588                                 if (MAIL_RESET_PASS && $email) {
3589                                         print " Notifying <b>$email</b>.";
3590
3591                                         mail("$login <$email>", "Password reset notification",
3592                                                 "Hi, $login.\n".
3593                                                 "\n".
3594                                                 "Your password for this TT-RSS installation was reset by".
3595                                                         " an administrator.\n".
3596                                                 "\n".
3597                                                 "Your new password is $tmp_user_pwd, please remember".
3598                                                         " it for later reference.\n".
3599                                                 "\n".
3600                                                 "Sincerely, TT-RSS Mail Daemon.", "From: " . MAIL_FROM);
3601                                 }
3602
3603                                 print "</div>";
3604
3605                         }
3606                 }
3607
3608                 print "<div class=\"prefGenericAddBox\">
3609                         <input id=\"uadd_box\" onchange=\"javascript:addUser()\" size=\"40\">&nbsp;";
3610
3611                 print"<input type=\"submit\" class=\"button\"
3612                         onclick=\"javascript:addUser()\" value=\"Add user\"></div>";
3613
3614                 $result = db_query($link, "SELECT
3615                                 id,login,access_level,email,
3616                                 SUBSTRING(last_login,1,16) as last_login
3617                         FROM
3618                                 ttrss_users
3619                         ORDER by login");
3620
3621                 print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
3622
3623                 print "<p><table width=\"100%\" cellspacing=\"0\"
3624                         class=\"prefUserList\" id=\"prefUserList\">";
3625
3626                 print "<tr><td class=\"selectPrompt\" colspan=\"8\">
3627                                 Select:
3628                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefUserList',
3629                                                 'UMRR-', 'UMCHK-', true)\">All</a>,
3630                                         <a href=\"javascript:selectTableRowsByIdPrefix('prefUserList',
3631                                                 'UMRR-', 'UMCHK-', false)\">None</a>
3632                                 </td</tr>";
3633
3634                 print "<tr class=\"title\">
3635                                         <td align='center' width=\"5%\">&nbsp;</td>
3636                                         <td width='20%'>Username</td>
3637                                         <td width='20%'>E-mail</td>
3638                                         <td width='20%'>Access Level</td>
3639                                         <td width='20%'>Last login</td></tr>";
3640
3641                 $lnum = 0;
3642
3643                 while ($line = db_fetch_assoc($result)) {
3644
3645                         $class = ($lnum % 2) ? "even" : "odd";
3646
3647                         $uid = $line["id"];
3648                         $edit_uid = $_GET["id"];
3649
3650                         if ($subop == "edit" && $uid != $edit_uid) {
3651                                 $class .= "Grayed";
3652                                 $this_row_id = "";
3653                         } else {
3654                                 $this_row_id = "id=\"UMRR-$uid\"";
3655                         }
3656
3657                         print "<tr class=\"$class\" $this_row_id>";
3658
3659                         $line["login"] = htmlspecialchars($line["login"]);
3660
3661                         $line["last_login"] = date(get_pref($link, 'SHORT_DATE_FORMAT'),
3662                                 strtotime($line["last_login"]));
3663
3664                         $access_level_names = array(0 => "User", 10 => "Administrator");
3665
3666 /*                      if ($uid == $_SESSION["uid"]) {
3667
3668                                 print "<td align='center'><input disabled=\"true\" type=\"checkbox\"
3669                                         id=\"UMCHK-".$line["id"]."\"></td>";
3670
3671                                 print "<td>".$line["login"]."</td>";
3672                                 print "<td>".$line["email"]."</td>";
3673                                 print "<td>".$line["access_level"]."</td>";
3674
3675                         } else */ if (!$edit_uid || $subop != "edit") {
3676
3677                                 print "<td align='center'><input onclick='toggleSelectRow(this);'
3678                                 type=\"checkbox\" id=\"UMCHK-$uid\"></td>";
3679
3680                                 print "<td><a href=\"javascript:editUser($uid);\">" .
3681                                         $line["login"] . "</td>";
3682
3683                                 print "<td><a href=\"javascript:editUser($uid);\">" .
3684                                         $line["email"] . "</td>";
3685
3686                                 print "<td><a href=\"javascript:editUser($uid);\">" .
3687                                         $access_level_names[$line["access_level"]] . "</td>";
3688
3689                         } else if ($uid != $edit_uid) {
3690
3691                                 print "<td align='center'><input disabled=\"true\" type=\"checkbox\"
3692                                         id=\"UMCHK-".$line["id"]."\"></td>";
3693
3694                                 print "<td>".$line["login"]."</td>";
3695                                 print "<td>".$line["email"]."</td>";
3696                                 print "<td>".$access_level_names[$line["access_level"]]."</td>";
3697
3698                         } else {
3699
3700                                 print "<td align='center'>
3701                                         <input disabled=\"true\" type=\"checkbox\" checked></td>";
3702
3703                                 print "<td><input id=\"iedit_ulogin\" value=\"".$line["login"].
3704                                         "\"></td>";
3705
3706                                 print "<td><input id=\"iedit_email\" value=\"".$line["email"].
3707                                         "\"></td>";
3708
3709 //                              print "<td><input id=\"iedit_ulevel\" value=\"".$line["access_level"].
3710 //                                      "\"></td>";
3711
3712                                 print "<td>";
3713                                 print "<select id=\"iedit_ulevel\">";
3714                                 foreach (array_keys($access_level_names) as $al) {
3715                                         if ($al == $line["access_level"]) {
3716                                                 $selected = "selected";
3717                                         } else {
3718                                                 $selected = "";
3719                                         }
3720                                         print "<option $selected id=\"$al\">" .
3721                                                 $access_level_names[$al] . "</option>";
3722                                 }
3723                                 print "</select>";
3724                                 print "</td>";
3725
3726                         }
3727
3728                         print "<td>".$line["last_login"]."</td>";
3729
3730                         print "</tr>";
3731
3732                         ++$lnum;
3733                 }
3734
3735                 print "</table>";
3736
3737                 print "<p>";
3738
3739                 if ($subop == "edit") {
3740                         print "Edit user:
3741                                 <input type=\"submit\" class=\"button\"
3742                                         onclick=\"javascript:userEditSave()\" value=\"Save\">
3743                                 <input type=\"submit\" class=\"button\"
3744                                         onclick=\"javascript:userEditCancel()\" value=\"Cancel\">";
3745
3746                 } else {
3747
3748                         print "
3749                                 Selection:
3750                         <input type=\"submit\" class=\"button\"
3751                                 onclick=\"javascript:selectedUserDetails()\" value=\"User details\">
3752                         <input type=\"submit\" class=\"button\"
3753                                 onclick=\"javascript:editSelectedUser()\" value=\"Edit\">
3754                         <input type=\"submit\" class=\"button\"
3755                                 onclick=\"javascript:removeSelectedUsers()\" value=\"Remove\">
3756                         <input type=\"submit\" class=\"button\"
3757                                 onclick=\"javascript:resetSelectedUserPass()\" value=\"Reset password\">";
3758
3759                 }
3760         }
3761
3762         if ($op == "user-details") {
3763
3764                 if (WEB_DEMO_MODE || $_SESSION["access_level"] < 10) {
3765                         return;
3766                 }
3767
3768 /*              print "<html><head>
3769                         <title>Tiny Tiny RSS : User Details</title>
3770                         <link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">
3771                         <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
3772                         </head><body>"; */
3773
3774                 $uid = sprintf("%d", $_GET["id"]);
3775
3776                 print "<div class='infoBoxContents'>";
3777
3778                 $result = db_query($link, "SELECT login,
3779                         SUBSTRING(last_login,1,16) AS last_login,
3780                         access_level,
3781                         (SELECT COUNT(int_id) FROM ttrss_user_entries
3782                                 WHERE owner_uid = id) AS stored_articles
3783                         FROM ttrss_users
3784                         WHERE id = '$uid'");
3785
3786                 if (db_num_rows($result) == 0) {
3787                         print "<h1>User not found</h1>";
3788                         return;
3789                 }
3790
3791                 print "<h1>User Details</h1>";
3792
3793                 print "<table width='100%'>";
3794
3795                 $login = db_fetch_result($result, 0, "login");
3796                 $last_login = date(get_pref($link, 'LONG_DATE_FORMAT'),
3797                         strtotime(db_fetch_result($result, 0, "last_login")));
3798                 $access_level = db_fetch_result($result, 0, "access_level");
3799                 $stored_articles = db_fetch_result($result, 0, "stored_articles");
3800
3801                 print "<tr><td>Username</td><td>$login</td></tr>";
3802                 print "<tr><td>Access level</td><td>$access_level</td></tr>";
3803                 print "<tr><td>Last logged in</td><td>$last_login</td></tr>";
3804                 print "<tr><td>Stored articles</td><td>$stored_articles</td></tr>";
3805
3806                 $result = db_query($link, "SELECT COUNT(id) as num_feeds FROM ttrss_feeds
3807                         WHERE owner_uid = '$uid'");
3808
3809                 $num_feeds = db_fetch_result($result, 0, "num_feeds");
3810
3811                 print "<tr><td>Subscribed feeds count</td><td>$num_feeds</td></tr>";
3812
3813 /*              $result = db_query($link, "SELECT
3814                         SUM(LENGTH(content)+LENGTH(title)+LENGTH(link)+LENGTH(guid)) AS db_size
3815                         FROM ttrss_user_entries,ttrss_entries
3816                                 WHERE owner_uid = '$uid' AND ref_id = id");
3817
3818                 $db_size = round(db_fetch_result($result, 0, "db_size") / 1024);
3819
3820                 print "<tr><td>Approx. used DB size</td><td>$db_size KBytes</td></tr>";  */
3821
3822                 print "</table>";
3823
3824                 print "<h1>Subscribed feeds</h1>";
3825
3826                 $result = db_query($link, "SELECT id,title,site_url FROM ttrss_feeds
3827                         WHERE owner_uid = '$uid' ORDER BY title");
3828
3829                 print "<ul class=\"userFeedList\">";
3830
3831                 while ($line = db_fetch_assoc($result)) {
3832
3833                         $icon_file = ICONS_URL."/".$line["id"].".ico";
3834
3835                         if (file_exists($icon_file) && filesize($icon_file) > 0) {
3836                                 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"$icon_file\">";
3837                         } else {
3838                                 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
3839                         }
3840
3841                         print "<li>$feed_icon&nbsp;<a href=\"".$line["site_url"]."\">".$line["title"]."</a></li>";
3842                 }
3843
3844                 if (db_num_rows($result) < $num_feeds) {
3845                          // FIXME - add link to show ALL subscribed feeds here somewhere
3846                         print "<li><img
3847                                 class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">&nbsp;...</li>";
3848                 }
3849
3850                 print "</ul>";
3851
3852                 print "</div>";
3853
3854                 print "<div align='center'>
3855                         <input type='submit' class='button'
3856                         onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
3857
3858 //              print "</body></html>";
3859
3860         }
3861
3862         if ($op == "feed-details") {
3863
3864 //              $feed_id = $_GET["id"];
3865
3866                 $feed_ids = split(",", db_escape_string($_GET["id"]));
3867
3868                 print "<div class=\"infoBoxContents\">";
3869
3870                 foreach ($feed_ids as $feed_id) {
3871
3872                         $result = db_query($link,
3873                                 "SELECT
3874                                         title,feed_url,
3875                                         SUBSTRING(last_updated,1,16) as last_updated,
3876                                         icon_url,site_url,
3877                                         (SELECT COUNT(int_id) FROM ttrss_user_entries
3878                                                 WHERE feed_id = id) AS total,
3879                                         (SELECT COUNT(int_id) FROM ttrss_user_entries
3880                                                 WHERE feed_id = id AND unread = true) AS unread,
3881                                         (SELECT COUNT(int_id) FROM ttrss_user_entries
3882                                                 WHERE feed_id = id AND marked = true) AS marked
3883                                 FROM ttrss_feeds
3884                                 WHERE id = '$feed_id' AND owner_uid = ".$_SESSION["uid"]);
3885
3886                         if (db_num_rows($result) == 0) return;
3887
3888                         $title = db_unescape_string(db_fetch_result($result, 0, "title"));
3889                         $last_updated = date(get_pref($link, 'LONG_DATE_FORMAT'),
3890                                 strtotime(db_fetch_result($result, 0, "last_updated")));
3891                         $feed_url = db_fetch_result($result, 0, "feed_url");
3892                         $icon_url = db_fetch_result($result, 0, "icon_url");
3893                         $total = db_fetch_result($result, 0, "total");
3894                         $unread = db_fetch_result($result, 0, "unread");
3895                         $marked = db_fetch_result($result, 0, "marked");
3896                         $site_url = db_fetch_result($result, 0, "site_url");
3897
3898                         $result = db_query($link, "SELECT COUNT(id) AS subscribed
3899                                                 FROM ttrss_feeds WHERE feed_url = '$feed_url' AND private = false");
3900
3901                         $subscribed = db_fetch_result($result, 0, "subscribed");
3902
3903                         $icon_file = ICONS_DIR . "/$feed_id.ico";
3904
3905                         if (file_exists($icon_file) && filesize($icon_file) > 0) {
3906                                         $feed_icon = "<img width=\"16\" height=\"16\"
3907                                                 src=\"" . ICONS_URL . "/$feed_id.ico\">";
3908                         } else {
3909                                 $feed_icon = "";
3910                         }
3911
3912                         print "<h1>$feed_icon $title</h1>";
3913
3914                         print "<table width='100%'>";
3915
3916                         if ($site_url) {
3917                                 print "<tr><td width='30%'>Link</td>
3918                                         <td><a href=\"$site_url\">$site_url</a>
3919                                         <a href=\"$feed_url\">(feed)</a></td>
3920                                         </td></tr>";
3921                         } else {
3922                                 print "<tr><td width='30%'>Feed URL</td>
3923                                         <td><a href=\"$feed_url\">$feed_url</a></td></tr>";
3924                         }
3925                         print "<tr><td>Last updated</td><td>$last_updated</td></tr>";
3926                         print "<tr><td>Total articles</td><td>$total</td></tr>";
3927                         print "<tr><td>Unread articles</td><td>$unread</td></tr>";
3928                         print "<tr><td>Starred articles</td><td>$marked</td></tr>";
3929                         print "<tr><td>Subscribed users</td><td>$subscribed</td></tr>";
3930
3931                         print "</table>";
3932
3933 /*                      $result = db_query($link, "SELECT title,
3934                                 SUBSTRING(updated,1,16) AS updated,unread
3935                                 FROM ttrss_entries,ttrss_user_entries
3936                                 WHERE ref_id = id AND feed_id = '$feed_id'
3937                                 ORDER BY date_entered DESC LIMIT 5");
3938
3939                         if (db_num_rows($result) > 0) {
3940
3941                                 print "<h1>Latest headlines</h1>";
3942
3943                                 print "<ul class=\"nomarks\">";
3944
3945                                 while ($line = db_fetch_assoc($result)) {
3946                                         if ($line["unread"] == "t" || $line["unread"] == "1") {
3947                                                 $line["title"] = "<b>" . $line["title"] . "</b>";
3948                                         }
3949                                         print "<li>" . $line["title"].
3950                                         "&nbsp;<span class=\"insensitive\">(" .
3951                                                 date(get_pref($link, 'SHORT_DATE_FORMAT'),
3952                                                         strtotime($line["updated"])).
3953                                         ")</span></li>";
3954                                 }
3955
3956                                 print "</ul>";
3957
3958                         } */
3959                 }
3960
3961                 print "</div>";
3962
3963                 print "<div align='center'>
3964                         <input type='submit' class='button'
3965                         onclick=\"closeInfoBox()\" value=\"Close this window\"></div>";
3966         }
3967
3968         if ($op == "pref-feed-browser") {
3969
3970                 if (!ENABLE_FEED_BROWSER) {
3971                         print "Feed browser is administratively disabled.";
3972                         return;
3973                 }
3974
3975                 $subop = $_REQUEST["subop"];
3976
3977                 if ($subop == "details") {
3978                         $id = db_escape_string($_GET["id"]);
3979
3980                         print "<div class=\"browserFeedInfo\">";
3981                         print "<b>Feed information:</b>";
3982                         print "<div class=\"detailsPart\">";
3983
3984                         $result = db_query($link, "SELECT
3985                                         feed_url,site_url,
3986                                         SUBSTRING(last_updated,1,19) AS last_updated
3987                                 FROM ttrss_feeds WHERE id = '$id'");
3988
3989                         $feed_url = db_fetch_result($result, 0, "feed_url");
3990                         $site_url = db_fetch_result($result, 0, "site_url");
3991                         $last_updated = db_fetch_result($result, 0, "last_updated");
3992
3993                         if (get_pref($link, 'HEADLINES_SMART_DATE')) {
3994                                 $last_updated = smart_date_time(strtotime($last_updated));
3995                         } else {
3996                                 $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
3997                                 $last_updated = date($short_date, strtotime($last_updated));
3998                         }
3999
4000                         print "Site: <a href='$site_url'>$site_url</a> ".
4001                                 "(<a href='$feed_url'>feed</a>), ".
4002                                 "Last updated: $last_updated";
4003
4004                         print "</div>";
4005
4006                         $result = db_query($link, "SELECT
4007                                         ttrss_entries.title,
4008                                         content,
4009                                         substring(date_entered,1,19) as date_entered,
4010                                         substring(updated,1,19) as updated
4011                                 FROM ttrss_entries,ttrss_user_entries
4012                                 WHERE   ttrss_entries.id = ref_id AND feed_id = '$id'
4013                                 ORDER BY updated DESC LIMIT 5");
4014
4015                         if (db_num_rows($result) > 0) {
4016
4017                                 print "<b>Last headlines:</b><br>";
4018
4019                                 print "<div class=\"detailsPart\">";
4020                                 print "<ul class=\"compact\">";
4021                                 while ($line = db_fetch_assoc($result)) {
4022
4023                                         if (get_pref($link, 'HEADLINES_SMART_DATE')) {
4024                                                 $entry_dt = smart_date_time(strtotime($line["updated"]));
4025                                         } else {
4026                                                 $short_date = get_pref($link, 'SHORT_DATE_FORMAT');
4027                                                 $entry_dt = date($short_date, strtotime($line["updated"]));
4028                                         }
4029
4030                                         print "<li>" . $line["title"] .
4031                                                 "&nbsp;<span class=\"insensitive\">($entry_dt)</span></li>";
4032                                 }
4033                                 print "</ul></div>";
4034                         }
4035
4036                         print "</div>";
4037
4038                         return;
4039                 }
4040
4041                 $result = db_query($link, "SELECT feed_url,count(id) AS subscribers
4042                         FROM ttrss_feeds
4043                         WHERE auth_login = '' AND auth_pass = '' AND private = false
4044                         GROUP BY feed_url ORDER BY subscribers DESC LIMIT 100");
4045
4046                 print "<ul class='nomarks' id='browseBigFeedList'>";
4047
4048                 $feedctr = 0;
4049
4050                 while ($line = db_fetch_assoc($result)) {
4051                         $feed_url = $line["feed_url"];
4052                         $subscribers = $line["subscribers"];
4053
4054                         $sub_result = db_query($link, "SELECT id
4055                                 FROM ttrss_feeds WHERE feed_url = '$feed_url' AND owner_uid =" .
4056                                 $_SESSION["uid"]);
4057
4058                         if (db_num_rows($sub_result) > 0) {
4059                                 continue; // already subscribed
4060                         }
4061
4062                         $det_result = db_query($link, "SELECT site_url,title,id
4063                                 FROM ttrss_feeds WHERE feed_url = '$feed_url' LIMIT 1");
4064
4065                         $details = db_fetch_assoc($det_result);
4066
4067                         $icon_file = ICONS_DIR . "/" . $details["id"] . ".ico";
4068
4069                         if (file_exists($icon_file) && filesize($icon_file) > 0) {
4070                                         $feed_icon = "<img class=\"tinyFeedIcon\"       src=\"" . ICONS_URL .
4071                                                 "/".$details["id"].".ico\">";
4072                         } else {
4073                                 $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
4074                         }
4075
4076                         $check_box = "<input onclick='toggleSelectListRow(this)' class='feedBrowseCB'
4077                                 type=\"checkbox\" id=\"FBCHK-" . $details["id"] . "\">";
4078
4079                         $class = ($feedctr % 2) ? "even" : "odd";
4080
4081                         print "<li class='$class' id=\"FBROW-".$details["id"]."\">$check_box".
4082                                 "$feed_icon ";
4083
4084                         print "<a href=\"javascript:browserToggleExpand('".$details["id"]."')\">" .
4085                                 $details["title"] ."</a>&nbsp;" .
4086                                 "<span class='subscribers'>($subscribers)</span>";
4087
4088                         print "<div class=\"browserDetails\" id=\"BRDET-" . $details["id"] . "\">";
4089                         print "</div>";
4090
4091                         print "</li>";
4092
4093                                 ++$feedctr;
4094                 }
4095
4096                 if ($feedctr == 0) {
4097                         print "<li>No feeds found to subscribe.</li>";
4098                 }
4099
4100                 print "</ul>";
4101
4102                 print "<p>Selection:
4103                         <input type='submit' class='button' onclick=\"feedBrowserSubscribe()\"
4104                         value=\"Subscribe\"></p>";
4105
4106                 print "</div>";
4107
4108         }
4109
4110         function check_configuration_variables() {
4111                 if (!defined('SESSION_EXPIRE_TIME')) {
4112                         return "SESSION_EXPIRE_TIME is undefined";
4113                 }
4114
4115                 if (SESSION_EXPIRE_TIME < 60) {
4116                         return "SESSION_EXPIRE_TIME is too low (less than 60)";
4117                 }
4118
4119                 return false;
4120         }
4121
4122         db_close($link);
4123 ?>
4124
4125 <!-- <?= sprintf("Backend execution time: %.4f seconds", getmicrotime() - $script_started) ?> -->
4126