classes/api.php

   1 <?php
   2
   3 class API extends Handler {
   4
   5         const API_LEVEL  = 4;
   6
   7         const STATUS_OK  = 0;
   8         const STATUS_ERR = 1;
   9
  10         private $seq;
  11
  12         function before($method) {
  13                 if (parent::before($method)) {
  14                         header("Content-Type: text/plain");
  15
  16                         if (!$_SESSION["uid"] && $method != "login" && $method != "isloggedin") {
  17                                 print $this->wrap(self::STATUS_ERR, array("error" => 'NOT_LOGGED_IN'));
  18                                 return false;
  19                         }
  20
  21                         if ($_SESSION["uid"] && $method != "logout" && !get_pref($this->link, 'ENABLE_API_ACCESS')) {
  22                                 print $this->wrap(self::STATUS_ERR, array("error" => 'API_DISABLED'));
  23                                 return false;
  24                         }
  25
  26                         $this->seq = (int) $_REQUEST['seq'];
  27
  28                         return true;
  29                 }
  30                 return false;
  31         }
  32
  33         function wrap($status, $reply) {
  34                 print json_encode(array("seq" => $this->seq,
  35                         "status" => $status,
  36                         "content" => $reply));
  37         }
  38
  39         function getVersion() {
  40                 $rv = array("version" => VERSION);
  41                 print $this->wrap(self::STATUS_OK, $rv);
  42         }
  43
  44         function getApiLevel() {
  45                 $rv = array("level" => self::API_LEVEL);
  46                 print $this->wrap(self::STATUS_OK, $rv);
  47         }
  48
  49         function login() {
  50                 $login = db_escape_string($_REQUEST["user"]);
  51                 $password = $_REQUEST["password"];
  52                 $password_base64 = base64_decode($_REQUEST["password"]);
  53
  54                 if (SINGLE_USER_MODE) $login = "admin";
  55
  56                 $result = db_query($this->link, "SELECT id FROM ttrss_users WHERE login = '$login'");
  57
  58                 if (db_num_rows($result) != 0) {
  59                         $uid = db_fetch_result($result, 0, "id");
  60                 } else {
  61                         $uid = 0;
  62                 }
  63
  64                 if (!$uid) {
  65                         print $this->wrap(self::STATUS_ERR, array("error" => "LOGIN_ERROR"));
  66                         return;
  67                 }
  68
  69                 if (get_pref($this->link, "ENABLE_API_ACCESS", $uid)) {
  70                         if (authenticate_user($this->link, $login, $password)) {               // try login with normal password
  71                                 print $this->wrap(self::STATUS_OK, array("session_id" => session_id()));
  72                         } else if (authenticate_user($this->link, $login, $password_base64)) { // else try with base64_decoded password
  73                                 print $this->wrap(self::STATUS_OK,      array("session_id" => session_id()));
  74                         } else {                                                         // else we are not logged in
  75                                 print $this->wrap(self::STATUS_ERR, array("error" => "LOGIN_ERROR"));
  76                         }
  77                 } else {
  78                         print $this->wrap(self::STATUS_ERR, array("error" => "API_DISABLED"));
  79                 }
  80
  81         }
  82
  83         function logout() {
  84                 logout_user();
  85                 print $this->wrap(self::STATUS_OK, array("status" => "OK"));
  86         }
  87
  88         function isLoggedIn() {
  89                 print $this->wrap(self::STATUS_OK, array("status" => $_SESSION["uid"] != ''));
  90         }
  91
  92         function getUnread() {
  93                 $feed_id = db_escape_string($_REQUEST["feed_id"]);
  94                 $is_cat = db_escape_string($_REQUEST["is_cat"]);
  95
  96                 if ($feed_id) {
  97                         print $this->wrap(self::STATUS_OK, array("unread" => getFeedUnread($this->link, $feed_id, $is_cat)));
  98                 } else {
  99                         print $this->wrap(self::STATUS_OK, array("unread" => getGlobalUnread($this->link)));
 100                 }
 101         }
 102
 103         /* Method added for ttrss-reader for Android */
 104         function getCounters() {
 105
 106                 /* flct (flc is the default) FIXME: document */
 107                 $output_mode = db_escape_string($_REQUEST["output_mode"]);
 108
 109                 print $this->wrap(self::STATUS_OK, getAllCounters($this->link, $output_mode));
 110         }
 111
 112         function getFeeds() {
 113                 $cat_id = db_escape_string($_REQUEST["cat_id"]);
 114                 $unread_only = (bool)db_escape_string($_REQUEST["unread_only"]);
 115                 $limit = (int) db_escape_string($_REQUEST["limit"]);
 116                 $offset = (int) db_escape_string($_REQUEST["offset"]);
 117                 $include_nested = (bool)db_escape_string($_REQUEST["include_nested"]);
 118
 119                 $feeds = api_get_feeds($this->link, $cat_id, $unread_only, $limit, $offset, $include_nested);
 120
 121                 print $this->wrap(self::STATUS_OK, $feeds);
 122         }
 123
 124         function getCategories() {
 125                 $unread_only = (bool)db_escape_string($_REQUEST["unread_only"]);
 126                 $enable_nested = (bool)db_escape_string($_REQUEST["enable_nested"]);
 127
 128                 // TODO do not return empty categories, return Uncategorized and standard virtual cats
 129
 130                 if ($enable_nested)
 131                         $nested_qpart = "parent_cat IS NULL";
 132                 else
 133                         $nested_qpart = "true";
 134
 135                 $result = db_query($this->link, "SELECT
 136                                 id, title, order_id FROM ttrss_feed_categories
 137                         WHERE $nested_qpart AND owner_uid = " .
 138                         $_SESSION["uid"]);
 139
 140                 $cats = array();
 141
 142                 while ($line = db_fetch_assoc($result)) {
 143                         $unread = getFeedUnread($this->link, $line["id"], true);
 144
 145                         if ($enable_nested)
 146                                 $unread += getCategoryChildrenUnread($this->link, $line["id"]);
 147
 148                         if ($unread || !$unread_only) {
 149                                 array_push($cats, array("id" => $line["id"],
 150                                         "title" => $line["title"],
 151                                         "unread" => $unread,
 152                                         "order_id" => (int) $line["order_id"],
 153                                 ));
 154                         }
 155                 }
 156
 157                 foreach (array(-2,-1,0) as $cat_id) {
 158                         $unread = getFeedUnread($this->link, $cat_id, true);
 159
 160                         if ($unread || !$unread_only) {
 161                                 array_push($cats, array("id" => $cat_id,
 162                                         "title" => getCategoryTitle($this->link, $cat_id),
 163                                         "unread" => $unread));
 164                         }
 165                 }
 166
 167                 print $this->wrap(self::STATUS_OK, $cats);
 168         }
 169
 170         function getHeadlines() {
 171                 $feed_id = db_escape_string($_REQUEST["feed_id"]);
 172                 if ($feed_id != "") {
 173
 174                         $limit = (int)db_escape_string($_REQUEST["limit"]);
 175
 176                         if (!$limit || $limit >= 60) $limit = 60;
 177
 178                         $offset = (int)db_escape_string($_REQUEST["skip"]);
 179                         $filter = db_escape_string($_REQUEST["filter"]);
 180                         $is_cat = (bool)db_escape_string($_REQUEST["is_cat"]);
 181                         $show_excerpt = (bool)db_escape_string($_REQUEST["show_excerpt"]);
 182                         $show_content = (bool)db_escape_string($_REQUEST["show_content"]);
 183                         /* all_articles, unread, adaptive, marked, updated */
 184                         $view_mode = db_escape_string($_REQUEST["view_mode"]);
 185                         $include_attachments = (bool)db_escape_string($_REQUEST["include_attachments"]);
 186                         $since_id = (int)db_escape_string($_REQUEST["since_id"]);
 187                         $include_nested = (bool)db_escape_string($_REQUEST["include_nested"]);
 188
 189                         /* do not rely on params below */
 190
 191                         $search = db_escape_string($_REQUEST["search"]);
 192                         $search_mode = db_escape_string($_REQUEST["search_mode"]);
 193                         $match_on = db_escape_string($_REQUEST["match_on"]);
 194
 195                         $headlines = api_get_headlines($this->link, $feed_id, $limit, $offset,
 196                                 $filter, $is_cat, $show_excerpt, $show_content, $view_mode, false,
 197                                 $include_attachments, $since_id, $search, $search_mode, $match_on,
 198                                 $include_nested);
 199
 200                         print $this->wrap(self::STATUS_OK, $headlines);
 201                 } else {
 202                         print $this->wrap(self::STATUS_ERR, array("error" => 'INCORRECT_USAGE'));
 203                 }
 204         }
 205
 206         function updateArticle() {
 207                 $article_ids = array_filter(explode(",", db_escape_string($_REQUEST["article_ids"])), is_numeric);
 208                 $mode = (int) db_escape_string($_REQUEST["mode"]);
 209                 $data = db_escape_string($_REQUEST["data"]);
 210                 $field_raw = (int)db_escape_string($_REQUEST["field"]);
 211
 212                 $field = "";
 213                 $set_to = "";
 214
 215                 switch ($field_raw) {
 216                         case 0:
 217                                 $field = "marked";
 218                                 break;
 219                         case 1:
 220                                 $field = "published";
 221                                 break;
 222                         case 2:
 223                                 $field = "unread";
 224                                 break;
 225                         case 3:
 226                                 $field = "note";
 227                 };
 228
 229                 switch ($mode) {
 230                         case 1:
 231                                 $set_to = "true";
 232                                 break;
 233                         case 0:
 234                                 $set_to = "false";
 235                                 break;
 236                         case 2:
 237                                 $set_to = "NOT $field";
 238                                 break;
 239                 }
 240
 241                 if ($field == "note") $set_to = "'$data'";
 242
 243                 if ($field && $set_to && count($article_ids) > 0) {
 244
 245                         $article_ids = join(", ", $article_ids);
 246
 247                         if ($field == "unread") {
 248                                 $result = db_query($this->link, "UPDATE ttrss_user_entries SET $field = $set_to,
 249                                         last_read = NOW()
 250                                         WHERE ref_id IN ($article_ids) AND owner_uid = " . $_SESSION["uid"]);
 251                         } else {
 252                                 $result = db_query($this->link, "UPDATE ttrss_user_entries SET $field = $set_to
 253                                         WHERE ref_id IN ($article_ids) AND owner_uid = " . $_SESSION["uid"]);
 254                         }
 255
 256                         $num_updated = db_affected_rows($this->link, $result);
 257
 258                         if ($num_updated > 0 && $field == "unread") {
 259                                 $result = db_query($this->link, "SELECT DISTINCT feed_id FROM ttrss_user_entries
 260                                         WHERE ref_id IN ($article_ids)");
 261
 262                                 while ($line = db_fetch_assoc($result)) {
 263                                         ccache_update($this->link, $line["feed_id"], $_SESSION["uid"]);
 264                                 }
 265                         }
 266
 267                         print $this->wrap(self::STATUS_OK, array("status" => "OK",
 268                                 "updated" => $num_updated));
 269
 270                 } else {
 271                         print $this->wrap(self::STATUS_ERR, array("error" => 'INCORRECT_USAGE'));
 272                 }
 273
 274         }
 275
 276         function getArticle() {
 277
 278                 $article_id = join(",", array_filter(explode(",", db_escape_string($_REQUEST["article_id"])), is_numeric));
 279
 280                 $query = "SELECT id,title,link,content,feed_id,comments,int_id,
 281                         marked,unread,published,
 282                         ".SUBSTRING_FOR_DATE."(updated,1,16) as updated,
 283                         author
 284                         FROM ttrss_entries,ttrss_user_entries
 285                         WHERE   id IN ($article_id) AND ref_id = id AND owner_uid = " .
 286                                 $_SESSION["uid"] ;
 287
 288                 $result = db_query($this->link, $query);
 289
 290                 $articles = array();
 291
 292                 if (db_num_rows($result) != 0) {
 293
 294                         while ($line = db_fetch_assoc($result)) {
 295
 296                                 $attachments = get_article_enclosures($this->link, $line['id']);
 297
 298                                 $article = array(
 299                                         "id" => $line["id"],
 300                                         "title" => $line["title"],
 301                                         "link" => $line["link"],
 302                                         "labels" => get_article_labels($this->link, $line['id']),
 303                                         "unread" => sql_bool_to_bool($line["unread"]),
 304                                         "marked" => sql_bool_to_bool($line["marked"]),
 305                                         "published" => sql_bool_to_bool($line["published"]),
 306                                         "comments" => $line["comments"],
 307                                         "author" => $line["author"],
 308                                         "updated" => strtotime($line["updated"]),
 309                                         "content" => $line["content"],
 310                                         "feed_id" => $line["feed_id"],
 311                                         "attachments" => $attachments
 312                                 );
 313
 314                                 array_push($articles, $article);
 315
 316                         }
 317                 }
 318
 319                 print $this->wrap(self::STATUS_OK, $articles);
 320
 321         }
 322
 323         function getConfig() {
 324                 $config = array(
 325                         "icons_dir" => ICONS_DIR,
 326                         "icons_url" => ICONS_URL);
 327
 328                 $config["daemon_is_running"] = file_is_locked("update_daemon.lock");
 329
 330                 $result = db_query($this->link, "SELECT COUNT(*) AS cf FROM
 331                         ttrss_feeds WHERE owner_uid = " . $_SESSION["uid"]);
 332
 333                 $num_feeds = db_fetch_result($result, 0, "cf");
 334
 335                 $config["num_feeds"] = (int)$num_feeds;
 336
 337                 print $this->wrap(self::STATUS_OK, $config);
 338         }
 339
 340         function updateFeed() {
 341                 $feed_id = db_escape_string($_REQUEST["feed_id"]);
 342
 343                 update_rss_feed($this->link, $feed_id, true);
 344
 345                 print $this->wrap(self::STATUS_OK, array("status" => "OK"));
 346         }
 347
 348         function catchupFeed() {
 349                 $feed_id = db_escape_string($_REQUEST["feed_id"]);
 350                 $is_cat = db_escape_string($_REQUEST["is_cat"]);
 351
 352                 catchup_feed($this->link, $feed_id, $is_cat);
 353
 354                 print $this->wrap(self::STATUS_OK, array("status" => "OK"));
 355         }
 356
 357         function getPref() {
 358                 $pref_name = db_escape_string($_REQUEST["pref_name"]);
 359
 360                 print $this->wrap(self::STATUS_OK, array("value" => get_pref($this->link, $pref_name)));
 361         }
 362
 363         function getLabels() {
 364                 //$article_ids = array_filter(explode(",", db_escape_string($_REQUEST["article_ids"])), is_numeric);
 365
 366                 $article_id = (int)$_REQUEST['article_id'];
 367
 368                 $rv = array();
 369
 370                 $result = db_query($this->link, "SELECT id, caption, fg_color, bg_color
 371                         FROM ttrss_labels2
 372                         WHERE owner_uid = '".$_SESSION['uid']."' ORDER BY caption");
 373
 374                 if ($article_id)
 375                         $article_labels = get_article_labels($this->link, $article_id);
 376                 else
 377                         $article_labels = array();
 378
 379                 while ($line = db_fetch_assoc($result)) {
 380
 381                         $checked = false;
 382                         foreach ($article_labels as $al) {
 383                                 if ($al[0] == $line['id']) {
 384                                         $checked = true;
 385                                         break;
 386                                 }
 387                         }
 388
 389                         array_push($rv, array(
 390                                 "id" => (int)$line['id'],
 391                                 "caption" => $line['caption'],
 392                                 "fg_color" => $line['fg_color'],
 393                                 "bg_color" => $line['bg_color'],
 394                                 "checked" => $checked));
 395                 }
 396
 397                 print $this->wrap(self::STATUS_OK, $rv);
 398         }
 399
 400         function setArticleLabel() {
 401
 402                 $article_ids = array_filter(explode(",", db_escape_string($_REQUEST["article_ids"])), is_numeric);
 403                 $label_id = (int) db_escape_string($_REQUEST['label_id']);
 404                 $assign = (bool) db_escape_string($_REQUEST['assign']) == "true";
 405
 406                 $label = db_escape_string(label_find_caption($this->link,
 407                         $label_id, $_SESSION["uid"]));
 408
 409                 $num_updated = 0;
 410
 411                 if ($label) {
 412
 413                         foreach ($article_ids as $id) {
 414
 415                                 if ($assign)
 416                                         label_add_article($this->link, $id, $label, $_SESSION["uid"]);
 417                                 else
 418                                         label_remove_article($this->link, $id, $label, $_SESSION["uid"]);
 419
 420                                 ++$num_updated;
 421
 422                         }
 423                 }
 424
 425                 print $this->wrap(self::STATUS_OK, array("status" => "OK",
 426                         "updated" => $num_updated));
 427
 428         }
 429
 430         function index() {
 431                 print $this->wrap(self::STATUS_ERR, array("error" => 'UNKNOWN_METHOD'));
 432         }
 433
 434         function shareToPublished() {
 435                 $title = db_escape_string(strip_tags($_REQUEST["title"]));
 436                 $url = db_escape_string(strip_tags($_REQUEST["url"]));
 437                 $content = db_escape_string(strip_tags($_REQUEST["content"]));
 438
 439                 if (create_published_article($this->link, $title, $url, $content, $_SESSION["uid"])) {
 440                         print $this->wrap(self::STATUS_OK, array("status" => 'OK'));
 441                 } else {
 442                         print $this->wrap(self::STATUS_ERR, array("error" => 'Publishing failed'));
 443                 }
 444         }
 445 }
 446
 447 ?>