]> git.wh0rd.org - tt-rss.git/blob - classes/api.php
git.wh0rd.org / tt-rss.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
sharepopup: implement assigning labels while sharing
[tt-rss.git] / classes / api.php
1 <?php
2
3 class API extends Handler {
4
5 const API_LEVEL = 4;
6
7 const STATUS_OK = 0;
8 const STATUS_ERR = 1;
9
10 private $seq;
11
12 function before($method) {
13 if (parent::before($method)) {
14 header("Content-Type: text/plain");
15
16 if (!$_SESSION["uid"] && $method != "login" && $method != "isloggedin") {
17 print $this->wrap(self::STATUS_ERR, array("error" => 'NOT_LOGGED_IN'));
18 return false;
19 }
20
21 if ($_SESSION["uid"] && $method != "logout" && !get_pref($this->link, 'ENABLE_API_ACCESS')) {
22 print $this->wrap(self::STATUS_ERR, array("error" => 'API_DISABLED'));
23 return false;
24 }
25
26 $this->seq = (int) $_REQUEST['seq'];
27
28 return true;
29 }
30 return false;
31 }
32
33 function wrap($status, $reply) {
34 print json_encode(array("seq" => $this->seq,
35 "status" => $status,
36 "content" => $reply));
37 }
38
39 function getVersion() {
40 $rv = array("version" => VERSION);
41 print $this->wrap(self::STATUS_OK, $rv);
42 }
43
44 function getApiLevel() {
45 $rv = array("level" => self::API_LEVEL);
46 print $this->wrap(self::STATUS_OK, $rv);
47 }
48
49 function login() {
50 $login = db_escape_string($_REQUEST["user"]);
51 $password = $_REQUEST["password"];
52 $password_base64 = base64_decode($_REQUEST["password"]);
53
54 if (SINGLE_USER_MODE) $login = "admin";
55
56 $result = db_query($this->link, "SELECT id FROM ttrss_users WHERE login = '$login'");
57
58 if (db_num_rows($result) != 0) {
59 $uid = db_fetch_result($result, 0, "id");
60 } else {
61 $uid = 0;
62 }
63
64 if (!$uid) {
65 print $this->wrap(self::STATUS_ERR, array("error" => "LOGIN_ERROR"));
66 return;
67 }
68
69 if (get_pref($this->link, "ENABLE_API_ACCESS", $uid)) {
70 if (authenticate_user($this->link, $login, $password)) { // try login with normal password
71 print $this->wrap(self::STATUS_OK, array("session_id" => session_id(),
72 "api_level" => self::API_LEVEL));
73 } else if (authenticate_user($this->link, $login, $password_base64)) { // else try with base64_decoded password
74 print $this->wrap(self::STATUS_OK, array("session_id" => session_id(),
75 "api_level" => self::API_LEVEL));
76 } else { // else we are not logged in
77 print $this->wrap(self::STATUS_ERR, array("error" => "LOGIN_ERROR"));
78 }
79 } else {
80 print $this->wrap(self::STATUS_ERR, array("error" => "API_DISABLED"));
81 }
82
83 }
84
85 function logout() {
86 logout_user();
87 print $this->wrap(self::STATUS_OK, array("status" => "OK"));
88 }
89
90 function isLoggedIn() {
91 print $this->wrap(self::STATUS_OK, array("status" => $_SESSION["uid"] != ''));
92 }
93
94 function getUnread() {
95 $feed_id = db_escape_string($_REQUEST["feed_id"]);
96 $is_cat = db_escape_string($_REQUEST["is_cat"]);
97
98 if ($feed_id) {
99 print $this->wrap(self::STATUS_OK, array("unread" => getFeedUnread($this->link, $feed_id, $is_cat)));
100 } else {
101 print $this->wrap(self::STATUS_OK, array("unread" => getGlobalUnread($this->link)));
102 }
103 }
104
105 /* Method added for ttrss-reader for Android */
106 function getCounters() {
107
108 /* flct (flc is the default) FIXME: document */
109 $output_mode = db_escape_string($_REQUEST["output_mode"]);
110
111 print $this->wrap(self::STATUS_OK, getAllCounters($this->link, $output_mode));
112 }
113
114 function getFeeds() {
115 $cat_id = db_escape_string($_REQUEST["cat_id"]);
116 $unread_only = (bool)db_escape_string($_REQUEST["unread_only"]);
117 $limit = (int) db_escape_string($_REQUEST["limit"]);
118 $offset = (int) db_escape_string($_REQUEST["offset"]);
119 $include_nested = (bool)db_escape_string($_REQUEST["include_nested"]);
120
121 $feeds = api_get_feeds($this->link, $cat_id, $unread_only, $limit, $offset, $include_nested);
122
123 print $this->wrap(self::STATUS_OK, $feeds);
124 }
125
126 function getCategories() {
127 $unread_only = (bool)db_escape_string($_REQUEST["unread_only"]);
128 $enable_nested = (bool)db_escape_string($_REQUEST["enable_nested"]);
129
130 // TODO do not return empty categories, return Uncategorized and standard virtual cats
131
132 if ($enable_nested)
133 $nested_qpart = "parent_cat IS NULL";
134 else
135 $nested_qpart = "true";
136
137 $result = db_query($this->link, "SELECT
138 id, title, order_id FROM ttrss_feed_categories
139 WHERE $nested_qpart AND owner_uid = " .
140 $_SESSION["uid"]);
141
142 $cats = array();
143
144 while ($line = db_fetch_assoc($result)) {
145 $unread = getFeedUnread($this->link, $line["id"], true);
146
147 if ($enable_nested)
148 $unread += getCategoryChildrenUnread($this->link, $line["id"]);
149
150 if ($unread || !$unread_only) {
151 array_push($cats, array("id" => $line["id"],
152 "title" => $line["title"],
153 "unread" => $unread,
154 "order_id" => (int) $line["order_id"],
155 ));
156 }
157 }
158
159 foreach (array(-2,-1,0) as $cat_id) {
160 $unread = getFeedUnread($this->link, $cat_id, true);
161
162 if ($unread || !$unread_only) {
163 array_push($cats, array("id" => $cat_id,
164 "title" => getCategoryTitle($this->link, $cat_id),
165 "unread" => $unread));
166 }
167 }
168
169 print $this->wrap(self::STATUS_OK, $cats);
170 }
171
172 function getHeadlines() {
173 $feed_id = db_escape_string($_REQUEST["feed_id"]);
174 if ($feed_id != "") {
175
176 $limit = (int)db_escape_string($_REQUEST["limit"]);
177
178 if (!$limit || $limit >= 60) $limit = 60;
179
180 $offset = (int)db_escape_string($_REQUEST["skip"]);
181 $filter = db_escape_string($_REQUEST["filter"]);
182 $is_cat = (bool)db_escape_string($_REQUEST["is_cat"]);
183 $show_excerpt = (bool)db_escape_string($_REQUEST["show_excerpt"]);
184 $show_content = (bool)db_escape_string($_REQUEST["show_content"]);
185 /* all_articles, unread, adaptive, marked, updated */
186 $view_mode = db_escape_string($_REQUEST["view_mode"]);
187 $include_attachments = (bool)db_escape_string($_REQUEST["include_attachments"]);
188 $since_id = (int)db_escape_string($_REQUEST["since_id"]);
189 $include_nested = (bool)db_escape_string($_REQUEST["include_nested"]);
190 $sanitize_content = true;
191
192 /* do not rely on params below */
193
194 $search = db_escape_string($_REQUEST["search"]);
195 $search_mode = db_escape_string($_REQUEST["search_mode"]);
196 $match_on = db_escape_string($_REQUEST["match_on"]);
197
198 $headlines = api_get_headlines($this->link, $feed_id, $limit, $offset,
199 $filter, $is_cat, $show_excerpt, $show_content, $view_mode, false,
200 $include_attachments, $since_id, $search, $search_mode, $match_on,
201 $include_nested, $sanitize_content);
202
203 print $this->wrap(self::STATUS_OK, $headlines);
204 } else {
205 print $this->wrap(self::STATUS_ERR, array("error" => 'INCORRECT_USAGE'));
206 }
207 }
208
209 function updateArticle() {
210 $article_ids = array_filter(explode(",", db_escape_string($_REQUEST["article_ids"])), is_numeric);
211 $mode = (int) db_escape_string($_REQUEST["mode"]);
212 $data = db_escape_string($_REQUEST["data"]);
213 $field_raw = (int)db_escape_string($_REQUEST["field"]);
214
215 $field = "";
216 $set_to = "";
217
218 switch ($field_raw) {
219 case 0:
220 $field = "marked";
221 break;
222 case 1:
223 $field = "published";
224 break;
225 case 2:
226 $field = "unread";
227 break;
228 case 3:
229 $field = "note";
230 };
231
232 switch ($mode) {
233 case 1:
234 $set_to = "true";
235 break;
236 case 0:
237 $set_to = "false";
238 break;
239 case 2:
240 $set_to = "NOT $field";
241 break;
242 }
243
244 if ($field == "note") $set_to = "'$data'";
245
246 if ($field && $set_to && count($article_ids) > 0) {
247
248 $article_ids = join(", ", $article_ids);
249
250 if ($field == "unread") {
251 $result = db_query($this->link, "UPDATE ttrss_user_entries SET $field = $set_to,
252 last_read = NOW()
253 WHERE ref_id IN ($article_ids) AND owner_uid = " . $_SESSION["uid"]);
254 } else {
255 $result = db_query($this->link, "UPDATE ttrss_user_entries SET $field = $set_to
256 WHERE ref_id IN ($article_ids) AND owner_uid = " . $_SESSION["uid"]);
257 }
258
259 $num_updated = db_affected_rows($this->link, $result);
260
261 if ($num_updated > 0 && $field == "unread") {
262 $result = db_query($this->link, "SELECT DISTINCT feed_id FROM ttrss_user_entries
263 WHERE ref_id IN ($article_ids)");
264
265 while ($line = db_fetch_assoc($result)) {
266 ccache_update($this->link, $line["feed_id"], $_SESSION["uid"]);
267 }
268 }
269
270 print $this->wrap(self::STATUS_OK, array("status" => "OK",
271 "updated" => $num_updated));
272
273 } else {
274 print $this->wrap(self::STATUS_ERR, array("error" => 'INCORRECT_USAGE'));
275 }
276
277 }
278
279 function getArticle() {
280
281 $article_id = join(",", array_filter(explode(",", db_escape_string($_REQUEST["article_id"])), is_numeric));
282
283 $query = "SELECT id,title,link,content,feed_id,comments,int_id,
284 marked,unread,published,
285 ".SUBSTRING_FOR_DATE."(updated,1,16) as updated,
286 author
287 FROM ttrss_entries,ttrss_user_entries
288 WHERE id IN ($article_id) AND ref_id = id AND owner_uid = " .
289 $_SESSION["uid"] ;
290
291 $result = db_query($this->link, $query);
292
293 $articles = array();
294
295 if (db_num_rows($result) != 0) {
296
297 while ($line = db_fetch_assoc($result)) {
298
299 $attachments = get_article_enclosures($this->link, $line['id']);
300
301 $article = array(
302 "id" => $line["id"],
303 "title" => $line["title"],
304 "link" => $line["link"],
305 "labels" => get_article_labels($this->link, $line['id']),
306 "unread" => sql_bool_to_bool($line["unread"]),
307 "marked" => sql_bool_to_bool($line["marked"]),
308 "published" => sql_bool_to_bool($line["published"]),
309 "comments" => $line["comments"],
310 "author" => $line["author"],
311 "updated" => strtotime($line["updated"]),
312 "content" => $line["content"],
313 "feed_id" => $line["feed_id"],
314 "attachments" => $attachments
315 );
316
317 array_push($articles, $article);
318
319 }
320 }
321
322 print $this->wrap(self::STATUS_OK, $articles);
323
324 }
325
326 function getConfig() {
327 $config = array(
328 "icons_dir" => ICONS_DIR,
329 "icons_url" => ICONS_URL);
330
331 $config["daemon_is_running"] = file_is_locked("update_daemon.lock");
332
333 $result = db_query($this->link, "SELECT COUNT(*) AS cf FROM
334 ttrss_feeds WHERE owner_uid = " . $_SESSION["uid"]);
335
336 $num_feeds = db_fetch_result($result, 0, "cf");
337
338 $config["num_feeds"] = (int)$num_feeds;
339
340 print $this->wrap(self::STATUS_OK, $config);
341 }
342
343 function updateFeed() {
344 $feed_id = db_escape_string($_REQUEST["feed_id"]);
345
346 update_rss_feed($this->link, $feed_id, true);
347
348 print $this->wrap(self::STATUS_OK, array("status" => "OK"));
349 }
350
351 function catchupFeed() {
352 $feed_id = db_escape_string($_REQUEST["feed_id"]);
353 $is_cat = db_escape_string($_REQUEST["is_cat"]);
354
355 catchup_feed($this->link, $feed_id, $is_cat);
356
357 print $this->wrap(self::STATUS_OK, array("status" => "OK"));
358 }
359
360 function getPref() {
361 $pref_name = db_escape_string($_REQUEST["pref_name"]);
362
363 print $this->wrap(self::STATUS_OK, array("value" => get_pref($this->link, $pref_name)));
364 }
365
366 function getLabels() {
367 //$article_ids = array_filter(explode(",", db_escape_string($_REQUEST["article_ids"])), is_numeric);
368
369 $article_id = (int)$_REQUEST['article_id'];
370
371 $rv = array();
372
373 $result = db_query($this->link, "SELECT id, caption, fg_color, bg_color
374 FROM ttrss_labels2
375 WHERE owner_uid = '".$_SESSION['uid']."' ORDER BY caption");
376
377 if ($article_id)
378 $article_labels = get_article_labels($this->link, $article_id);
379 else
380 $article_labels = array();
381
382 while ($line = db_fetch_assoc($result)) {
383
384 $checked = false;
385 foreach ($article_labels as $al) {
386 if ($al[0] == $line['id']) {
387 $checked = true;
388 break;
389 }
390 }
391
392 array_push($rv, array(
393 "id" => (int)$line['id'],
394 "caption" => $line['caption'],
395 "fg_color" => $line['fg_color'],
396 "bg_color" => $line['bg_color'],
397 "checked" => $checked));
398 }
399
400 print $this->wrap(self::STATUS_OK, $rv);
401 }
402
403 function setArticleLabel() {
404
405 $article_ids = array_filter(explode(",", db_escape_string($_REQUEST["article_ids"])), is_numeric);
406 $label_id = (int) db_escape_string($_REQUEST['label_id']);
407 $assign = (bool) db_escape_string($_REQUEST['assign']) == "true";
408
409 $label = db_escape_string(label_find_caption($this->link,
410 $label_id, $_SESSION["uid"]));
411
412 $num_updated = 0;
413
414 if ($label) {
415
416 foreach ($article_ids as $id) {
417
418 if ($assign)
419 label_add_article($this->link, $id, $label, $_SESSION["uid"]);
420 else
421 label_remove_article($this->link, $id, $label, $_SESSION["uid"]);
422
423 ++$num_updated;
424
425 }
426 }
427
428 print $this->wrap(self::STATUS_OK, array("status" => "OK",
429 "updated" => $num_updated));
430
431 }
432
433 function index() {
434 print $this->wrap(self::STATUS_ERR, array("error" => 'UNKNOWN_METHOD'));
435 }
436
437 function shareToPublished() {
438 $title = db_escape_string(strip_tags($_REQUEST["title"]));
439 $url = db_escape_string(strip_tags($_REQUEST["url"]));
440 $content = db_escape_string(strip_tags($_REQUEST["content"]));
441
442 if (create_published_article($this->link, $title, $url, $content, "", $_SESSION["uid"])) {
443 print $this->wrap(self::STATUS_OK, array("status" => 'OK'));
444 } else {
445 print $this->wrap(self::STATUS_ERR, array("error" => 'Publishing failed'));
446 }
447 }
448 }
449
450 ?>
web-based news feed (RSS/Atom) reader and aggregator; see https://tt-rss.org/