2011-12-13 07:00:42 +01:00
< ? php
2013-04-02 14:20:06 +02:00
2012-08-17 12:20:55 +02:00
class Pref_Prefs extends Handler_Protected {
2011-12-13 07:00:42 +01:00
2013-04-02 14:20:06 +02:00
private $pref_help = array ();
private $pref_sections = array ();
2011-12-26 09:02:52 +01:00
function csrf_ignore ( $method ) {
2013-04-01 10:34:49 +02:00
$csrf_ignored = array ( " index " , " updateself " , " customizecss " , " editprefprofiles " );
2011-12-26 09:02:52 +01:00
return array_search ( $method , $csrf_ignored ) !== false ;
}
2013-04-19 06:40:19 +02:00
function __construct ( $args ) {
parent :: __construct ( $args );
2013-04-02 14:20:06 +02:00
$this -> pref_sections = array (
1 => __ ( 'General' ),
2 => __ ( 'Interface' ),
3 => __ ( 'Advanced' ),
4 => __ ( 'Digest' )
);
$this -> pref_help = array (
2013-04-02 14:46:08 +02:00
" ALLOW_DUPLICATE_POSTS " => array ( __ ( " Allow duplicate articles " ), " " ),
" BLACKLISTED_TAGS " => array ( __ ( " Blacklisted tags " ), __ ( " When auto-detecting tags in articles these tags will not be applied (comma-separated list). " )),
" CDM_AUTO_CATCHUP " => array ( __ ( " Automatically mark articles as read " ), __ ( " This option enables marking articles as read automatically while you scroll article list. " )),
2013-04-02 14:38:12 +02:00
" CDM_EXPANDED " => array ( __ ( " Automatically expand articles in combined mode " ), " " ),
2013-04-02 14:20:06 +02:00
" COMBINED_DISPLAY_MODE " => array ( __ ( " Combined feed display " ), __ ( " Display expanded list of feed articles, instead of separate displays for headlines and article content " )),
2013-04-02 14:38:12 +02:00
" CONFIRM_FEED_CATCHUP " => array ( __ ( " Confirm marking feed as read " ), " " ),
" DEFAULT_ARTICLE_LIMIT " => array ( __ ( " Amount of articles to display at once " ), " " ),
2013-04-09 20:28:06 +02:00
" DEFAULT_UPDATE_INTERVAL " => array ( __ ( " Default feed update interval " ), __ ( " Shortest interval at which a feed will be checked for updates regardless of update method " )),
2013-04-02 14:38:12 +02:00
" DIGEST_CATCHUP " => array ( __ ( " Mark articles in e-mail digest as read " ), " " ),
2013-04-02 14:46:08 +02:00
" DIGEST_ENABLE " => array ( __ ( " Enable e-mail digest " ), __ ( " This option enables sending daily digest of new (and unread) headlines on your configured e-mail address " )),
2013-04-02 14:20:06 +02:00
" DIGEST_PREFERRED_TIME " => array ( __ ( " Try to send digests around specified time " ), __ ( " Uses UTC timezone " )),
2013-04-02 14:46:08 +02:00
" ENABLE_API_ACCESS " => array ( __ ( " Enable API access " ), __ ( " Allows external clients to access this account through the API " )),
2013-04-02 14:38:12 +02:00
" ENABLE_FEED_CATS " => array ( __ ( " Enable feed categories " ), " " ),
" FEEDS_SORT_BY_UNREAD " => array ( __ ( " Sort feeds by unread articles count " ), " " ),
" FRESH_ARTICLE_MAX_AGE " => array ( __ ( " Maximum age of fresh articles (in hours) " ), " " ),
" HIDE_READ_FEEDS " => array ( __ ( " Hide feeds with no unread articles " ), " " ),
2013-04-02 14:46:08 +02:00
" HIDE_READ_SHOWS_SPECIAL " => array ( __ ( " Show special feeds when hiding read feeds " ), " " ),
2013-05-19 09:27:17 +02:00
" LONG_DATE_FORMAT " => array ( __ ( " Long date format " ), __ ( " The syntax used is identical to the PHP <a href='http://php.net/manual/function.date.php'>date()</a> function. " )),
2013-04-02 14:20:06 +02:00
" ON_CATCHUP_SHOW_NEXT_FEED " => array ( __ ( " On catchup show next feed " ), __ ( " Automatically open next feed with unread articles after marking one as read " )),
2013-04-02 14:38:12 +02:00
" PURGE_OLD_DAYS " => array ( __ ( " Purge articles after this number of days (0 - disables) " ), " " ),
" PURGE_UNREAD_ARTICLES " => array ( __ ( " Purge unread articles " ), " " ),
" REVERSE_HEADLINES " => array ( __ ( " Reverse headline order (oldest first) " ), " " ),
" SHORT_DATE_FORMAT " => array ( __ ( " Short date format " ), " " ),
" SHOW_CONTENT_PREVIEW " => array ( __ ( " Show content preview in headlines list " ), " " ),
2013-04-02 14:20:06 +02:00
" SORT_HEADLINES_BY_FEED_DATE " => array ( __ ( " Sort headlines by feed date " ), __ ( " Use feed-specified date to sort headlines instead of local import date. " )),
" SSL_CERT_SERIAL " => array ( __ ( " Login with an SSL certificate " ), __ ( " Click to register your SSL client certificate with tt-rss " )),
2013-04-02 14:38:12 +02:00
" STRIP_IMAGES " => array ( __ ( " Do not embed images in articles " ), " " ),
2013-04-02 14:20:06 +02:00
" STRIP_UNSAFE_TAGS " => array ( __ ( " Strip unsafe tags from articles " ), __ ( " Strip all but most common HTML tags when reading articles. " )),
" USER_STYLESHEET " => array ( __ ( " Customize stylesheet " ), __ ( " Customize CSS stylesheet to your liking " )),
2013-04-29 13:58:15 +02:00
" USER_TIMEZONE " => array ( __ ( " Time zone " ), " " ),
2013-04-02 19:41:30 +02:00
" VFEED_GROUP_BY_FEED " => array ( __ ( " Group headlines in virtual feeds " ), __ ( " Special feeds, labels, and categories are grouped by originating feeds " )),
2013-04-29 13:54:23 +02:00
" USER_LANGUAGE " => array ( __ ( " Language " )),
2013-04-29 13:58:15 +02:00
" USER_CSS_THEME " => array ( __ ( " Theme " ), __ ( " Select one of the available CSS themes " ))
2013-04-02 14:20:06 +02:00
);
}
2011-12-13 07:00:42 +01:00
function changepassword () {
2017-12-03 21:35:38 +01:00
$old_pw = clean ( $_POST [ " old_password " ]);
$new_pw = clean ( $_POST [ " new_password " ]);
$con_pw = clean ( $_POST [ " confirm_password " ]);
2011-12-13 07:00:42 +01:00
if ( $old_pw == " " ) {
2015-07-06 11:10:15 +02:00
print " ERROR: " . format_error ( " Old password cannot be blank. " );
2011-12-13 07:00:42 +01:00
return ;
}
if ( $new_pw == " " ) {
2015-07-06 11:10:15 +02:00
print " ERROR: " . format_error ( " New password cannot be blank. " );
2011-12-13 07:00:42 +01:00
return ;
}
if ( $new_pw != $con_pw ) {
2015-07-06 11:10:15 +02:00
print " ERROR: " . format_error ( " Entered passwords do not match. " );
2011-12-13 07:00:42 +01:00
return ;
}
2013-04-18 10:27:34 +02:00
$authenticator = PluginHost :: getInstance () -> get_plugin ( $_SESSION [ " auth_module " ]);
2011-12-13 07:00:42 +01:00
2012-08-16 16:21:35 +02:00
if ( method_exists ( $authenticator , " change_password " )) {
2015-07-06 11:10:15 +02:00
print format_notice ( $authenticator -> change_password ( $_SESSION [ " uid " ], $old_pw , $new_pw ));
2012-01-23 09:20:09 +01:00
} else {
2015-07-06 11:10:15 +02:00
print " ERROR: " . format_error ( " Function not supported by authentication module. " );
2012-01-23 09:20:09 +01:00
}
2011-12-13 07:00:42 +01:00
}
function saveconfig () {
2017-12-03 21:35:38 +01:00
$boolean_prefs = explode ( " , " , clean ( $_POST [ " boolean_prefs " ]));
2013-03-19 20:14:23 +01:00
foreach ( $boolean_prefs as $pref ) {
if ( ! isset ( $_POST [ $pref ])) $_POST [ $pref ] = 'false' ;
}
2013-04-04 16:15:37 +02:00
$need_reload = false ;
2011-12-13 07:00:42 +01:00
foreach ( array_keys ( $_POST ) as $pref_name ) {
2017-12-02 10:01:56 +01:00
$value = $_POST [ $pref_name ];
2011-12-13 07:00:42 +01:00
2012-01-31 12:52:33 +01:00
if ( $pref_name == 'DIGEST_PREFERRED_TIME' ) {
2013-04-17 16:34:18 +02:00
if ( get_pref ( 'DIGEST_PREFERRED_TIME' ) != $value ) {
2012-01-31 12:52:33 +01:00
2017-12-02 10:01:56 +01:00
$sth = $this -> pdo -> prepare ( " UPDATE ttrss_users SET
last_digest_sent = NULL WHERE id = ? " );
$sth -> execute ([ $_SESSION [ 'uid' ]]);
2012-01-31 12:52:33 +01:00
}
}
2013-04-29 13:54:23 +02:00
if ( $pref_name == " USER_LANGUAGE " ) {
2013-04-04 16:15:37 +02:00
if ( $_SESSION [ " language " ] != $value ) {
$need_reload = true ;
}
}
2011-12-13 07:00:42 +01:00
2013-04-29 13:54:23 +02:00
set_pref ( $pref_name , $value );
2011-12-13 07:00:42 +01:00
}
2013-04-04 16:15:37 +02:00
if ( $need_reload ) {
print " PREFS_NEED_RELOAD " ;
} else {
print __ ( " The configuration was saved. " );
}
2011-12-13 07:00:42 +01:00
}
function changeemail () {
2017-12-03 21:35:38 +01:00
$email = clean ( $_POST [ " email " ]);
$full_name = clean ( $_POST [ " full_name " ]);
2011-12-13 07:00:42 +01:00
$active_uid = $_SESSION [ " uid " ];
2017-12-02 10:01:56 +01:00
$sth = $this -> pdo -> prepare ( " UPDATE ttrss_users SET email = ?,
full_name = ? WHERE id = ? " );
$sth -> execute ([ $email , $full_name , $active_uid ]);
2011-12-13 07:00:42 +01:00
print __ ( " Your personal data has been saved. " );
return ;
}
function resetconfig () {
$_SESSION [ " prefs_op_result " ] = " reset-to-defaults " ;
2018-03-15 17:26:50 +01:00
$sth = $this -> pdo -> prepare ( " DELETE FROM ttrss_user_prefs
2018-06-20 17:27:34 +02:00
WHERE ( profile = : profile OR ( : profile IS NULL AND profile IS NULL ))
2017-12-02 10:01:56 +01:00
AND owner_uid = : uid " );
$sth -> execute ([ " :profile " => $_SESSION [ 'profile' ], " :uid " => $_SESSION [ 'uid' ]]);
2011-12-13 07:00:42 +01:00
2013-04-17 16:34:18 +02:00
initialize_user_prefs ( $_SESSION [ " uid " ], $_SESSION [ " profile " ]);
2013-04-05 05:52:50 +02:00
echo __ ( " Your preferences are now set to default values. " );
2011-12-13 07:00:42 +01:00
}
function index () {
global $access_level_names ;
2016-01-07 20:01:35 +01:00
$prefs_blacklist = array ( " ALLOW_DUPLICATE_POSTS " , " STRIP_UNSAFE_TAGS " , " REVERSE_HEADLINES " ,
2014-06-10 06:54:18 +02:00
" SORT_HEADLINES_BY_FEED_DATE " , " DEFAULT_ARTICLE_LIMIT " ,
" FEEDS_SORT_BY_UNREAD " );
2013-03-27 09:42:01 +01:00
/* "FEEDS_SORT_BY_UNREAD", "HIDE_READ_FEEDS", "REVERSE_HEADLINES" */
2011-12-13 07:00:42 +01:00
$profile_blacklist = array ( " ALLOW_DUPLICATE_POSTS " , " PURGE_OLD_DAYS " ,
" PURGE_UNREAD_ARTICLES " , " DIGEST_ENABLE " , " DIGEST_CATCHUP " ,
" BLACKLISTED_TAGS " , " ENABLE_API_ACCESS " , " UPDATE_POST_ON_CHECKSUM_CHANGE " ,
" DEFAULT_UPDATE_INTERVAL " , " USER_TIMEZONE " , " SORT_HEADLINES_BY_FEED_DATE " ,
2012-01-30 13:36:21 +01:00
" SSL_CERT_SERIAL " , " DIGEST_PREFERRED_TIME " );
2011-12-13 07:00:42 +01:00
2012-03-29 12:44:52 +02:00
$_SESSION [ " prefs_op_result " ] = " " ;
2011-12-13 07:00:42 +01:00
2012-03-29 12:44:52 +02:00
print " <div dojoType= \" dijit.layout.AccordionContainer \" region= \" center \" > " ;
print " <div dojoType= \" dijit.layout.AccordionPane \" title= \" " . __ ( 'Personal data / Authentication' ) . " \" > " ;
2011-12-13 07:00:42 +01:00
2012-03-29 12:44:52 +02:00
print " <form dojoType= \" dijit.form.Form \" id= \" changeUserdataForm \" > " ;
2011-12-13 07:00:42 +01:00
2012-03-29 12:44:52 +02:00
print " <script type= \" dojo/method \" event= \" onSubmit \" args= \" evt \" >
evt . preventDefault ();
if ( this . validate ()) {
notify_progress ( 'Saving data...' , true );
2011-12-13 07:00:42 +01:00
2012-03-29 12:44:52 +02:00
new Ajax . Request ( 'backend.php' , {
parameters : dojo . objectToQuery ( this . getValues ()),
onComplete : function ( transport ) {
notify_callback2 ( transport );
} });
2011-12-13 07:00:42 +01:00
2012-03-29 12:44:52 +02:00
}
</ script > " ;
2011-12-13 07:00:42 +01:00
2012-03-29 12:44:52 +02:00
print " <table width= \" 100% \" class= \" prefPrefsList \" > " ;
2011-12-13 07:00:42 +01:00
2012-09-03 16:33:46 +02:00
print " <h2> " . __ ( " Personal data " ) . " </h2> " ;
2017-12-02 10:01:56 +01:00
$sth = $this -> pdo -> prepare ( " SELECT email,full_name,otp_enabled,
2012-03-29 12:44:52 +02:00
access_level FROM ttrss_users
2017-12-02 10:01:56 +01:00
WHERE id = ? " );
$sth -> execute ([ $_SESSION [ " uid " ]]);
$row = $sth -> fetch ();
2011-12-13 07:00:42 +01:00
2017-12-02 10:01:56 +01:00
$email = htmlspecialchars ( $row [ " email " ]);
$full_name = htmlspecialchars ( $row [ " full_name " ]);
2017-12-03 18:46:27 +01:00
$otp_enabled = sql_bool_to_bool ( $row [ " otp_enabled " ]);
2011-12-13 07:00:42 +01:00
2012-03-29 12:44:52 +02:00
print " <tr><td width= \" 40% \" > " . __ ( 'Full name' ) . " </td> " ;
print " <td class= \" prefValue \" ><input dojoType= \" dijit.form.ValidationTextBox \" name= \" full_name \" required= \" 1 \"
value = \ " $full_name\ " ></ td ></ tr > " ;
2011-12-13 07:00:42 +01:00
2012-03-29 12:44:52 +02:00
print " <tr><td width= \" 40% \" > " . __ ( 'E-mail' ) . " </td> " ;
print " <td class= \" prefValue \" ><input dojoType= \" dijit.form.ValidationTextBox \" name= \" email \" required= \" 1 \" value= \" $email\ " ></ td ></ tr > " ;
2011-12-13 07:00:42 +01:00
2012-08-16 13:30:35 +02:00
if ( ! SINGLE_USER_MODE && ! $_SESSION [ " hide_hello " ]) {
2012-05-16 09:56:21 +02:00
2017-12-02 10:01:56 +01:00
$access_level = $row [ " access_level " ];
2012-03-29 12:44:52 +02:00
print " <tr><td width= \" 40% \" > " . __ ( 'Access level' ) . " </td> " ;
print " <td> " . $access_level_names [ $access_level ] . " </td></tr> " ;
}
2011-12-13 07:00:42 +01:00
2012-03-29 12:44:52 +02:00
print " </table> " ;
2011-12-13 07:00:42 +01:00
2017-02-10 12:36:21 +01:00
print_hidden ( " op " , " pref-prefs " );
print_hidden ( " method " , " changeemail " );
2011-12-13 07:00:42 +01:00
2017-12-11 16:48:28 +01:00
print " <p><button dojoType= \" dijit.form.Button \" type= \" submit \" class= \" btn-primary \" > " .
2012-03-29 12:44:52 +02:00
__ ( " Save data " ) . " </button> " ;
2011-12-13 07:00:42 +01:00
2012-03-29 12:44:52 +02:00
print " </form> " ;
2011-12-13 07:00:42 +01:00
2012-12-27 12:14:44 +01:00
if ( $_SESSION [ " auth_module " ]) {
2013-04-18 10:27:34 +02:00
$authenticator = PluginHost :: getInstance () -> get_plugin ( $_SESSION [ " auth_module " ]);
2012-08-16 16:21:35 +02:00
} else {
$authenticator = false ;
}
if ( $authenticator && method_exists ( $authenticator , " change_password " )) {
2011-12-13 07:00:42 +01:00
2012-09-03 16:33:46 +02:00
print " <h2> " . __ ( " Password " ) . " </h2> " ;
2015-07-06 11:10:15 +02:00
print " <div style='display : none' id='pwd_change_infobox'></div> " ;
2011-12-13 07:00:42 +01:00
print " <form dojoType= \" dijit.form.Form \" > " ;
print " <script type= \" dojo/method \" event= \" onSubmit \" args= \" evt \" >
evt . preventDefault ();
if ( this . validate ()) {
notify_progress ( 'Changing password...' , true );
new Ajax . Request ( 'backend.php' , {
parameters : dojo . objectToQuery ( this . getValues ()),
onComplete : function ( transport ) {
notify ( '' );
if ( transport . responseText . indexOf ( 'ERROR: ' ) == 0 ) {
2015-07-06 11:10:15 +02:00
$ ( 'pwd_change_infobox' ) . innerHTML =
transport . responseText . replace ( 'ERROR: ' , '' );
2011-12-13 07:00:42 +01:00
} else {
2015-07-06 11:10:15 +02:00
$ ( 'pwd_change_infobox' ) . innerHTML =
transport . responseText . replace ( 'ERROR: ' , '' );
2011-12-13 07:00:42 +01:00
var warn = $ ( 'default_pass_warning' );
if ( warn ) Element . hide ( warn );
}
2015-07-06 11:10:15 +02:00
new Effect . Appear ( 'pwd_change_infobox' );
2011-12-13 07:00:42 +01:00
}});
this . reset ();
}
</ script > " ;
2012-09-04 10:39:33 +02:00
if ( $otp_enabled ) {
2013-03-24 17:50:20 +01:00
print_notice ( __ ( " Changing your current password will disable OTP. " ));
2012-09-04 10:39:33 +02:00
}
2011-12-13 07:00:42 +01:00
print " <table width= \" 100% \" class= \" prefPrefsList \" > " ;
print " <tr><td width= \" 40% \" > " . __ ( " Old password " ) . " </td> " ;
print " <td class= \" prefValue \" ><input dojoType= \" dijit.form.ValidationTextBox \" type= \" password \" required= \" 1 \" name= \" old_password \" ></td></tr> " ;
print " <tr><td width= \" 40% \" > " . __ ( " New password " ) . " </td> " ;
print " <td class= \" prefValue \" ><input dojoType= \" dijit.form.ValidationTextBox \" type= \" password \" required= \" 1 \"
name = \ " new_password \" ></td></tr> " ;
print " <tr><td width= \" 40% \" > " . __ ( " Confirm password " ) . " </td> " ;
print " <td class= \" prefValue \" ><input dojoType= \" dijit.form.ValidationTextBox \" type= \" password \" required= \" 1 \" name= \" confirm_password \" ></td></tr> " ;
print " </table> " ;
2017-02-10 12:36:21 +01:00
print_hidden ( " op " , " pref-prefs " );
print_hidden ( " method " , " changepassword " );
2011-12-13 07:00:42 +01:00
2017-12-11 16:48:28 +01:00
print " <p><button dojoType= \" dijit.form.Button \" type= \" submit \" class= \" btn-primary \" > " .
2011-12-13 07:00:42 +01:00
__ ( " Change password " ) . " </button> " ;
print " </form> " ;
2012-12-27 12:14:44 +01:00
if ( $_SESSION [ " auth_module " ] == " auth_internal " ) {
2012-09-03 16:33:46 +02:00
print " <h2> " . __ ( " One time passwords / Authenticator " ) . " </h2> " ;
if ( $otp_enabled ) {
2013-03-24 17:50:20 +01:00
print_notice ( __ ( " One time passwords are currently enabled. Enter your current password below to disable. " ));
2012-09-04 10:39:33 +02:00
print " <form dojoType= \" dijit.form.Form \" > " ;
print " <script type= \" dojo/method \" event= \" onSubmit \" args= \" evt \" >
evt . preventDefault ();
if ( this . validate ()) {
notify_progress ( 'Disabling OTP' , true );
new Ajax . Request ( 'backend.php' , {
parameters : dojo . objectToQuery ( this . getValues ()),
onComplete : function ( transport ) {
notify ( '' );
if ( transport . responseText . indexOf ( 'ERROR: ' ) == 0 ) {
notify_error ( transport . responseText . replace ( 'ERROR: ' , '' ));
} else {
window . location . reload ();
}
}});
this . reset ();
}
</ script > " ;
print " <table width= \" 100% \" class= \" prefPrefsList \" > " ;
print " <tr><td width= \" 40% \" > " . __ ( " Enter your password " ) . " </td> " ;
print " <td class= \" prefValue \" ><input dojoType= \" dijit.form.ValidationTextBox \" type= \" password \" required= \" 1 \"
name = \ " password \" ></td></tr> " ;
print " </table> " ;
2017-02-10 12:36:21 +01:00
print_hidden ( " op " , " pref-prefs " );
print_hidden ( " method " , " otpdisable " );
2012-09-04 10:39:33 +02:00
print " <p><button dojoType= \" dijit.form.Button \" type= \" submit \" > " .
__ ( " Disable OTP " ) . " </button> " ;
print " </form> " ;
2012-09-03 16:33:46 +02:00
2013-04-29 07:20:30 +02:00
} else if ( function_exists ( " imagecreatefromstring " )) {
2012-09-03 16:33:46 +02:00
2013-05-12 10:36:25 +02:00
print_warning ( __ ( " You will need a compatible Authenticator to use this. Changing your password would automatically disable OTP. " ));
2012-09-03 16:33:46 +02:00
print " <p> " . __ ( " Scan the following code by the Authenticator application: " ) . " </p> " ;
$csrf_token = $_SESSION [ " csrf_token " ];
print " <img src= \" backend.php?op=pref-prefs&method=otpqrcode&csrf_token= $csrf_token\ " > " ;
print " <form dojoType= \" dijit.form.Form \" id= \" changeOtpForm \" > " ;
2017-02-10 12:36:21 +01:00
print_hidden ( " op " , " pref-prefs " );
print_hidden ( " method " , " otpenable " );
2012-09-03 16:33:46 +02:00
print " <script type= \" dojo/method \" event= \" onSubmit \" args= \" evt \" >
evt . preventDefault ();
if ( this . validate ()) {
notify_progress ( 'Saving data...' , true );
new Ajax . Request ( 'backend.php' , {
parameters : dojo . objectToQuery ( this . getValues ()),
onComplete : function ( transport ) {
2012-09-04 10:39:33 +02:00
notify ( '' );
2013-04-16 19:07:26 +02:00
if ( transport . responseText . indexOf ( 'ERROR:' ) == 0 ) {
notify_error ( transport . responseText . replace ( 'ERROR:' , '' ));
2012-09-04 10:39:33 +02:00
} else {
window . location . reload ();
}
2012-09-03 16:33:46 +02:00
} });
}
</ script > " ;
2012-09-04 10:39:33 +02:00
print " <table width= \" 100% \" class= \" prefPrefsList \" > " ;
print " <tr><td width= \" 40% \" > " . __ ( " Enter your password " ) . " </td> " ;
print " <td class= \" prefValue \" ><input dojoType= \" dijit.form.ValidationTextBox \" type= \" password \" required= \" 1 \"
name = \ " password \" ></td></tr> " ;
2013-04-16 19:07:26 +02:00
print " <tr><td width= \" 40% \" > " . __ ( " Enter the generated one time password " ) . " </td> " ;
print " <td class= \" prefValue \" ><input dojoType= \" dijit.form.ValidationTextBox \" autocomplete= \" off \"
required = \ " 1 \"
name = \ " otp \" ></td></tr> " ;
2012-09-04 10:39:33 +02:00
2013-04-16 19:07:26 +02:00
print " <tr><td colspan= \" 2 \" > " ;
2012-09-03 16:33:46 +02:00
2012-09-04 10:39:33 +02:00
print " </td></tr><tr><td colspan= \" 2 \" > " ;
print " </td></tr> " ;
print " </table> " ;
2017-12-11 16:48:28 +01:00
print " <p><button dojoType= \" dijit.form.Button \" type= \" submit \" class= \" btn-primary \" > " .
2012-09-04 10:39:33 +02:00
__ ( " Enable OTP " ) . " </button> " ;
2012-09-03 16:33:46 +02:00
print " </form> " ;
2013-04-29 07:20:30 +02:00
} else {
print_notice ( __ ( " PHP GD functions are required for OTP support. " ));
2012-09-03 16:33:46 +02:00
}
}
2011-12-13 07:00:42 +01:00
}
2013-04-18 10:27:34 +02:00
PluginHost :: getInstance () -> run_hooks ( PluginHost :: HOOK_PREFS_TAB_SECTION ,
2012-12-26 22:12:28 +01:00
" hook_prefs_tab_section " , " prefPrefsAuth " );
2012-03-29 12:44:52 +02:00
print " </div> " ; #pane
2011-12-13 07:00:42 +01:00
print " <div dojoType= \" dijit.layout.AccordionPane \" selected= \" true \" title= \" " . __ ( 'Preferences' ) . " \" > " ;
print " <form dojoType= \" dijit.form.Form \" id= \" changeSettingsForm \" > " ;
2013-04-04 12:53:36 +02:00
print " <script type= \" dojo/method \" event= \" onSubmit \" args= \" evt, quit \" >
if ( evt ) evt . preventDefault ();
2011-12-13 07:00:42 +01:00
if ( this . validate ()) {
console . log ( dojo . objectToQuery ( this . getValues ()));
new Ajax . Request ( 'backend.php' , {
parameters : dojo . objectToQuery ( this . getValues ()),
onComplete : function ( transport ) {
var msg = transport . responseText ;
2013-04-04 16:15:37 +02:00
if ( quit ) {
gotoMain ();
} else {
if ( msg == 'PREFS_NEED_RELOAD' ) {
window . location . reload ();
} else {
notify_info ( msg );
}
}
2011-12-13 07:00:42 +01:00
} });
}
</ script > " ;
print '<div dojoType="dijit.layout.BorderContainer" gutters="false">' ;
print '<div dojoType="dijit.layout.ContentPane" region="center" style="overflow-y : auto">' ;
if ( $_SESSION [ " profile " ]) {
2013-03-24 17:50:20 +01:00
print_notice ( __ ( " Some preferences are only available in default profile. " ));
2011-12-13 07:00:42 +01:00
}
if ( $_SESSION [ " profile " ]) {
2013-04-17 16:34:18 +02:00
initialize_user_prefs ( $_SESSION [ " uid " ], $_SESSION [ " profile " ]);
2011-12-13 07:00:42 +01:00
} else {
2013-04-17 16:34:18 +02:00
initialize_user_prefs ( $_SESSION [ " uid " ]);
2011-12-13 07:00:42 +01:00
}
2017-12-02 10:01:56 +01:00
$sth = $this -> pdo -> prepare ( " SELECT DISTINCT
2013-04-02 14:20:06 +02:00
ttrss_user_prefs . pref_name , value , type_name ,
2012-08-30 11:06:58 +02:00
ttrss_prefs_sections . order_id ,
2013-04-02 14:20:06 +02:00
def_value , section_id
2011-12-13 07:00:42 +01:00
FROM ttrss_prefs , ttrss_prefs_types , ttrss_prefs_sections , ttrss_user_prefs
WHERE type_id = ttrss_prefs_types . id AND
2017-12-02 10:01:56 +01:00
( profile = : profile OR ( : profile IS NULL AND profile IS NULL )) AND
2011-12-13 07:00:42 +01:00
section_id = ttrss_prefs_sections . id AND
ttrss_user_prefs . pref_name = ttrss_prefs . pref_name AND
2017-12-02 10:01:56 +01:00
owner_uid = : uid
2013-04-02 14:20:06 +02:00
ORDER BY ttrss_prefs_sections . order_id , pref_name " );
2017-12-02 10:01:56 +01:00
$sth -> execute ([ " :uid " => $_SESSION [ 'uid' ], " :profile " => $_SESSION [ 'profile' ]]);
2011-12-13 07:00:42 +01:00
$lnum = 0 ;
$active_section = " " ;
2013-03-19 20:14:23 +01:00
$listed_boolean_prefs = array ();
2017-12-02 10:01:56 +01:00
while ( $line = $sth -> fetch ()) {
2011-12-13 07:00:42 +01:00
if ( in_array ( $line [ " pref_name " ], $prefs_blacklist )) {
continue ;
}
2013-04-02 14:20:06 +02:00
$type_name = $line [ " type_name " ];
$pref_name = $line [ " pref_name " ];
$section_name = $this -> getSectionName ( $line [ " section_id " ]);
$value = $line [ " value " ];
$short_desc = $this -> getShortDesc ( $pref_name );
$help_text = $this -> getHelpText ( $pref_name );
if ( ! $short_desc ) continue ;
2011-12-13 07:00:42 +01:00
if ( $_SESSION [ " profile " ] && in_array ( $line [ " pref_name " ],
$profile_blacklist )) {
continue ;
}
2013-04-02 14:20:06 +02:00
if ( $active_section != $line [ " section_id " ]) {
2011-12-13 07:00:42 +01:00
if ( $active_section != " " ) {
print " </table> " ;
}
print " <table width= \" 100% \" class= \" prefPrefsList \" > " ;
2013-04-02 14:20:06 +02:00
$active_section = $line [ " section_id " ];
2011-12-13 07:00:42 +01:00
2013-04-02 14:20:06 +02:00
print " <tr><td colspan= \" 3 \" ><h3> " . $section_name . " </h3></td></tr> " ;
2011-12-13 07:00:42 +01:00
$lnum = 0 ;
}
print " <tr> " ;
2013-03-19 20:14:23 +01:00
print " <td width= \" 40% \" class= \" prefName \" id= \" $pref_name\ " > " ;
print " <label for='CB_ $pref_name '> " ;
2013-04-02 14:20:06 +02:00
print $short_desc ;
2013-03-19 20:14:23 +01:00
print " </label> " ;
2011-12-13 07:00:42 +01:00
if ( $help_text ) print " <div class= \" prefHelp \" > " . __ ( $help_text ) . " </div> " ;
print " </td> " ;
print " <td class= \" prefValue \" > " ;
2013-04-29 13:54:23 +02:00
if ( $pref_name == " USER_LANGUAGE " ) {
print_select_hash ( $pref_name , $value , get_translations (),
" style='width : 220px; margin : 0px' dojoType='dijit.form.Select' " );
} else if ( $pref_name == " USER_TIMEZONE " ) {
2011-12-13 07:00:42 +01:00
$timezones = explode ( " \n " , file_get_contents ( " lib/timezones.txt " ));
print_select ( $pref_name , $value , $timezones , 'dojoType="dijit.form.FilteringSelect"' );
} else if ( $pref_name == " USER_STYLESHEET " ) {
print " <button dojoType= \" dijit.form.Button \"
onclick = \ " customizeCSS() \" > " . __ ( 'Customize' ) . " </button> " ;
2013-03-28 18:04:29 +01:00
} else if ( $pref_name == " USER_CSS_THEME " ) {
2017-01-25 10:17:41 +01:00
$themes = array_merge ( glob ( " themes/*.php " ), glob ( " themes/*.css " ), glob ( " themes.local/*.css " ));
2015-06-05 17:08:19 +02:00
$themes = array_map ( " basename " , $themes );
$themes = array_filter ( $themes , " theme_valid " );
asort ( $themes );
2013-03-28 18:04:29 +01:00
2017-01-26 20:37:22 +01:00
if ( ! theme_valid ( $value )) $value = " default.php " ;
2013-03-28 18:04:29 +01:00
print_select ( $pref_name , $value , $themes ,
'dojoType="dijit.form.Select"' );
2011-12-13 07:00:42 +01:00
} else if ( $pref_name == " DEFAULT_UPDATE_INTERVAL " ) {
global $update_intervals_nodefault ;
print_select_hash ( $pref_name , $value , $update_intervals_nodefault ,
'dojoType="dijit.form.Select"' );
} else if ( $type_name == " bool " ) {
2013-03-19 20:14:23 +01:00
array_push ( $listed_boolean_prefs , $pref_name );
$checked = ( $value == " true " ) ? " checked= \" checked \" " : " " ;
2011-12-13 07:00:42 +01:00
if ( $pref_name == " PURGE_UNREAD_ARTICLES " && FORCE_ARTICLE_PURGE != 0 ) {
$disabled = " disabled= \" 1 \" " ;
2013-03-19 20:14:23 +01:00
$checked = " checked= \" checked \" " ;
2011-12-13 07:00:42 +01:00
} else {
$disabled = " " ;
}
2013-03-19 20:14:23 +01:00
print " <input type='checkbox' name=' $pref_name ' $checked $disabled
dojoType = 'dijit.form.CheckBox' id = 'CB_$pref_name' value = '1' > " ;
2011-12-13 07:00:42 +01:00
2013-04-02 13:32:47 +02:00
} else if ( array_search ( $pref_name , array ( 'FRESH_ARTICLE_MAX_AGE' ,
2011-12-13 07:00:42 +01:00
'PURGE_OLD_DAYS' , 'LONG_DATE_FORMAT' , 'SHORT_DATE_FORMAT' )) !== false ) {
$regexp = ( $type_name == 'integer' ) ? 'regexp="^\d*$"' : '' ;
if ( $pref_name == " PURGE_OLD_DAYS " && FORCE_ARTICLE_PURGE != 0 ) {
$disabled = " disabled= \" 1 \" " ;
$value = FORCE_ARTICLE_PURGE ;
} else {
$disabled = " " ;
}
print " <input dojoType= \" dijit.form.ValidationTextBox \"
required = \ " 1 \" $regexp $disabled
name = \ " $pref_name\ " value = \ " $value\ " > " ;
} else if ( $pref_name == " SSL_CERT_SERIAL " ) {
print " <input dojoType= \" dijit.form.ValidationTextBox \"
id = \ " SSL_CERT_SERIAL \" readonly= \" 1 \"
name = \ " $pref_name\ " value = \ " $value\ " > " ;
$cert_serial = htmlspecialchars ( get_ssl_certificate_id ());
$has_serial = ( $cert_serial ) ? " false " : " true " ;
2015-08-11 15:41:05 +02:00
print " <br/> " ;
2011-12-13 07:00:42 +01:00
print " <button dojoType= \" dijit.form.Button \" disabled= \" $has_serial\ "
onclick = \ " insertSSLserial(' $cert_serial ') \" > " .
__ ( 'Register' ) . " </button> " ;
print " <button dojoType= \" dijit.form.Button \"
onclick = \ " insertSSLserial('') \" > " .
__ ( 'Clear' ) . " </button> " ;
2012-01-31 12:26:16 +01:00
} else if ( $pref_name == 'DIGEST_PREFERRED_TIME' ) {
2012-01-30 13:34:45 +01:00
print " <input dojoType= \" dijit.form.ValidationTextBox \"
2012-01-31 12:53:46 +01:00
id = \ " $pref_name\ " regexp = \ " [012]? \ d: \ d \ d \" placeHolder= \" 12:00 \"
2012-01-30 13:34:45 +01:00
name = \ " $pref_name\ " value = \ " $value\ " >< div class = \ " insensitive \" > " .
2012-01-31 12:56:03 +01:00
T_sprintf ( " Current server time: %s (UTC) " , date ( " H:i " )) . " </div> " ;
2011-12-13 07:00:42 +01:00
} else {
$regexp = ( $type_name == 'integer' ) ? 'regexp="^\d*$"' : '' ;
print " <input dojoType= \" dijit.form.ValidationTextBox \"
$regexp
name = \ " $pref_name\ " value = \ " $value\ " > " ;
}
print " </td> " ;
print " </tr> " ;
$lnum ++ ;
}
print " </table> " ;
2013-03-19 20:14:23 +01:00
$listed_boolean_prefs = htmlspecialchars ( join ( " , " , $listed_boolean_prefs ));
2017-02-10 12:36:21 +01:00
print_hidden ( " boolean_prefs " , " $listed_boolean_prefs " );
2013-03-19 20:14:23 +01:00
2013-04-18 10:27:34 +02:00
PluginHost :: getInstance () -> run_hooks ( PluginHost :: HOOK_PREFS_TAB_SECTION ,
2012-12-26 22:12:28 +01:00
" hook_prefs_tab_section " , " prefPrefsPrefsInside " );
2011-12-13 07:00:42 +01:00
print '</div>' ; # inside pane
print '<div dojoType="dijit.layout.ContentPane" region="bottom">' ;
2017-02-10 12:36:21 +01:00
print_hidden ( " op " , " pref-prefs " );
print_hidden ( " method " , " saveconfig " );
2011-12-13 07:00:42 +01:00
2017-12-11 16:48:28 +01:00
print " <div dojoType= \" dijit.form.ComboButton \" type= \" submit \" class= \" btn-primary \" >
2013-04-04 12:53:36 +02:00
< span > " .__('Save configuration'). " </ span >
< div dojoType = \ " dijit.DropDownMenu \" >
< div dojoType = \ " dijit.MenuItem \"
onclick = \ " dijit.byId('changeSettingsForm').onSubmit(null, true) \" > " .
__ ( " Save and exit preferences " ) . " </div>
</ div >
</ div > " ;
2011-12-13 07:00:42 +01:00
print " <button dojoType= \" dijit.form.Button \" onclick= \" return editProfiles() \" > " .
__ ( 'Manage profiles' ) . " </button> " ;
2017-12-11 16:48:28 +01:00
print " <button dojoType= \" dijit.form.Button \" class= \" btn-danger \" onclick= \" return validatePrefsReset() \" > " .
2011-12-13 07:00:42 +01:00
__ ( 'Reset to defaults' ) . " </button> " ;
2012-08-30 11:06:58 +02:00
print " " ;
2013-04-18 10:27:34 +02:00
PluginHost :: getInstance () -> run_hooks ( PluginHost :: HOOK_PREFS_TAB_SECTION ,
2012-12-26 22:12:28 +01:00
" hook_prefs_tab_section " , " prefPrefsPrefsOutside " );
2012-12-24 21:45:10 +01:00
print " </form> " ;
2011-12-13 07:00:42 +01:00
print '</div>' ; # inner pane
print '</div>' ; # border container
2012-12-24 21:45:10 +01:00
print " </div> " ; #pane
print " <div dojoType= \" dijit.layout.AccordionPane \" title= \" " . __ ( 'Plugins' ) . " \" > " ;
2017-07-04 15:28:45 +02:00
print_notice ( __ ( " You will need to reload Tiny Tiny RSS for plugin changes to take effect. " ));
2012-12-24 21:45:10 +01:00
2016-01-13 16:12:31 +01:00
if ( ini_get ( " open_basedir " ) && function_exists ( " curl_init " ) && ! defined ( " NO_CURL " )) {
print_warning ( " Your PHP configuration has open_basedir restrictions enabled. Some plugins relying on CURL for functionality may not work correctly. " );
}
2012-12-24 21:45:10 +01:00
print " <form dojoType= \" dijit.form.Form \" id= \" changePluginsForm \" > " ;
print " <script type= \" dojo/method \" event= \" onSubmit \" args= \" evt \" >
evt . preventDefault ();
if ( this . validate ()) {
notify_progress ( 'Saving data...' , true );
new Ajax . Request ( 'backend.php' , {
parameters : dojo . objectToQuery ( this . getValues ()),
onComplete : function ( transport ) {
notify ( '' );
if ( confirm ( __ ( 'Selected plugins have been enabled. Reload?' ))) {
window . location . reload ();
}
} });
}
</ script > " ;
2017-02-10 12:36:21 +01:00
print_hidden ( " op " , " pref-prefs " );
print_hidden ( " method " , " setplugins " );
2012-12-24 21:45:10 +01:00
2012-12-25 09:31:07 +01:00
print " <table width='100%' class='prefPluginsList'> " ;
2012-12-24 21:45:10 +01:00
2017-07-04 15:28:45 +02:00
print " <tr><td colspan='5'><h3> " . __ ( " System plugins " ) . " </h3> " .
format_notice ( __ ( " System plugins are enabled in <strong>config.php</strong> for all users. " )) .
" </td></tr> " ;
2012-12-24 21:45:10 +01:00
print " <tr class= \" title \" >
< td width = \ " 5% \" > </td>
< td width = '10%' > " .__('Plugin'). " </ td >
< td width = '' > " .__('Description'). " </ td >
< td width = '5%' > " .__('Version'). " </ td >
< td width = '10%' > " .__('Author'). " </ td ></ tr > " ;
$system_enabled = array_map ( " trim " , explode ( " , " , PLUGINS ));
2017-06-24 13:29:07 +02:00
$user_enabled = array_map ( " trim " , explode ( " , " , get_pref ( " _ENABLED_PLUGINS " , $_SESSION [ 'uid' ])));
2012-12-24 21:45:10 +01:00
2013-05-07 09:35:10 +02:00
$tmppluginhost = new PluginHost ();
2015-10-08 16:02:32 +02:00
$tmppluginhost -> load_all ( $tmppluginhost :: KIND_ALL , $_SESSION [ " uid " ], true );
2012-12-27 16:20:12 +01:00
$tmppluginhost -> load_data ( true );
2012-12-24 21:45:10 +01:00
foreach ( $tmppluginhost -> get_plugins () as $name => $plugin ) {
2012-12-25 07:02:08 +01:00
$about = $plugin -> about ();
2012-12-24 21:45:10 +01:00
2015-08-11 22:28:41 +02:00
if ( $about [ 3 ]) {
2012-12-24 21:45:10 +01:00
if ( in_array ( $name , $system_enabled )) {
$checked = " checked='1' " ;
} else {
$checked = " " ;
}
print " <tr> " ;
print " <td align='center'><input disabled='1'
dojoType = \ " dijit.form.CheckBox \" $checked
type = \ " checkbox \" ></td> " ;
2013-07-10 11:09:12 +02:00
$plugin_icon = $checked ? " plugin.png " : " plugin_disabled.png " ;
2013-07-10 11:11:40 +02:00
print " <td><label><img src='images/ $plugin_icon ' alt=''> $name </label></td> " ;
2013-03-27 15:16:30 +01:00
print " <td> " . htmlspecialchars ( $about [ 1 ]);
if ( @ $about [ 4 ]) {
2017-02-12 11:01:36 +01:00
print " — <a target= \" _blank \" rel= \" noopener noreferrer \" class= \" visibleLink \"
2013-03-27 15:16:30 +01:00
href = \ " " . htmlspecialchars ( $about [ 4 ]) . " \" > " . __ ( " more info " ) . " </a> " ;
}
print " </td> " ;
2012-12-24 21:45:10 +01:00
print " <td> " . htmlspecialchars ( sprintf ( " %.2f " , $about [ 0 ])) . " </td> " ;
print " <td> " . htmlspecialchars ( $about [ 2 ]) . " </td> " ;
2012-12-27 16:20:12 +01:00
if ( count ( $tmppluginhost -> get_all ( $plugin )) > 0 ) {
2013-02-23 18:27:50 +01:00
if ( in_array ( $name , $system_enabled )) {
print " <td><a href='#' onclick= \" clearPluginData(' $name ') \"
class = 'visibleLink' > " .__( " Clear data " ). " </ a ></ td > " ;
}
2012-12-27 16:20:12 +01:00
}
2012-12-24 21:45:10 +01:00
print " </tr> " ;
}
}
print " <tr><td colspan='4'><h3> " . __ ( " User plugins " ) . " </h3></td></tr> " ;
print " <tr class= \" title \" >
< td width = \ " 5% \" > </td>
< td width = '10%' > " .__('Plugin'). " </ td >
< td width = '' > " .__('Description'). " </ td >
< td width = '5%' > " .__('Version'). " </ td >
< td width = '10%' > " .__('Author'). " </ td ></ tr > " ;
foreach ( $tmppluginhost -> get_plugins () as $name => $plugin ) {
2012-12-25 07:02:08 +01:00
$about = $plugin -> about ();
2012-12-24 21:45:10 +01:00
2015-08-11 22:28:41 +02:00
if ( ! $about [ 3 ]) {
2012-12-24 21:45:10 +01:00
if ( in_array ( $name , $system_enabled )) {
$checked = " checked='1' " ;
$disabled = " disabled='1' " ;
2012-12-25 09:31:07 +01:00
$rowclass = '' ;
2012-12-24 21:45:10 +01:00
} else if ( in_array ( $name , $user_enabled )) {
$checked = " checked='1' " ;
$disabled = " " ;
2012-12-25 09:31:07 +01:00
$rowclass = " Selected " ;
2012-12-24 21:45:10 +01:00
} else {
$checked = " " ;
$disabled = " " ;
2012-12-25 09:31:07 +01:00
$rowclass = '' ;
2012-12-24 21:45:10 +01:00
}
2012-12-25 09:31:07 +01:00
print " <tr class=' $rowclass '> " ;
2012-12-24 21:45:10 +01:00
2013-07-10 11:09:12 +02:00
$plugin_icon = $checked ? " plugin.png " : " plugin_disabled.png " ;
2012-12-24 21:45:10 +01:00
print " <td align='center'><input id='FPCHK- $name ' name='plugins[]' value=' $name ' onclick='toggleSelectRow2(this);'
dojoType = \ " dijit.form.CheckBox \" $checked $disabled
type = \ " checkbox \" ></td> " ;
2013-07-10 11:09:12 +02:00
print " <td><label for='FPCHK- $name '><img src='images/ $plugin_icon ' alt=''> $name </label></td> " ;
2013-03-27 15:16:30 +01:00
print " <td><label for='FPCHK- $name '> " . htmlspecialchars ( $about [ 1 ]) . " </label> " ;
if ( @ $about [ 4 ]) {
2017-02-12 11:01:36 +01:00
print " — <a target= \" _blank \" rel= \" noopener noreferrer \" class= \" visibleLink \"
2013-03-27 15:16:30 +01:00
href = \ " " . htmlspecialchars ( $about [ 4 ]) . " \" > " . __ ( " more info " ) . " </a> " ;
}
print " </td> " ;
2012-12-24 21:45:10 +01:00
print " <td> " . htmlspecialchars ( sprintf ( " %.2f " , $about [ 0 ])) . " </td> " ;
print " <td> " . htmlspecialchars ( $about [ 2 ]) . " </td> " ;
2012-12-27 16:20:12 +01:00
if ( count ( $tmppluginhost -> get_all ( $plugin )) > 0 ) {
2013-02-23 18:27:50 +01:00
if ( in_array ( $name , $system_enabled ) || in_array ( $name , $user_enabled )) {
print " <td><a href='#' onclick= \" clearPluginData(' $name ') \" class='visibleLink'> " . __ ( " Clear data " ) . " </a></td> " ;
}
2012-12-27 16:20:12 +01:00
}
2012-12-24 21:45:10 +01:00
print " </tr> " ;
}
}
print " </table> " ;
print " <p><button dojoType= \" dijit.form.Button \" type= \" submit \" > " .
__ ( " Enable selected plugins " ) . " </button></p> " ;
2011-12-13 07:00:42 +01:00
print " </form> " ;
print " </div> " ; #pane
2012-08-23 18:23:19 +02:00
2013-04-18 10:27:34 +02:00
PluginHost :: getInstance () -> run_hooks ( PluginHost :: HOOK_PREFS_TAB ,
2012-12-23 13:15:34 +01:00
" hook_prefs_tab " , " prefPrefs " );
2011-12-13 07:00:42 +01:00
print " </div> " ; #container
}
2012-08-23 18:23:19 +02:00
2012-08-30 11:06:58 +02:00
function toggleAdvanced () {
$_SESSION [ " prefs_show_advanced " ] = ! $_SESSION [ " prefs_show_advanced " ];
}
2012-09-03 16:33:46 +02:00
function otpqrcode () {
require_once " lib/phpqrcode/phpqrcode.php " ;
2017-12-02 10:01:56 +01:00
$sth = $this -> pdo -> prepare ( " SELECT login,salt,otp_enabled
2012-09-03 16:33:46 +02:00
FROM ttrss_users
2017-12-02 10:01:56 +01:00
WHERE id = ? " );
$sth -> execute ([ $_SESSION [ 'uid' ]]);
2012-09-03 16:33:46 +02:00
2017-12-02 10:01:56 +01:00
if ( $row = $sth -> fetch ()) {
2012-09-03 16:33:46 +02:00
2018-06-20 17:27:34 +02:00
$base32 = new \OTPHP\Base32 ();
2012-09-03 16:33:46 +02:00
2017-12-02 10:01:56 +01:00
$login = $row [ " login " ];
2017-12-03 18:46:27 +01:00
$otp_enabled = sql_bool_to_bool ( $row [ " otp_enabled " ]);
2014-01-18 21:29:42 +01:00
2017-12-02 10:01:56 +01:00
if ( ! $otp_enabled ) {
$secret = $base32 -> encode ( sha1 ( $row [ " salt " ]));
QRcode :: png ( " otpauth://totp/ " . urlencode ( $login ) .
" ?secret= $secret &issuer= " . urlencode ( " Tiny Tiny RSS " ));
}
2012-09-03 16:42:17 +02:00
}
2012-09-03 16:33:46 +02:00
}
2012-09-04 10:39:33 +02:00
function otpenable () {
2013-04-16 19:07:26 +02:00
2017-12-03 21:35:38 +01:00
$password = clean ( $_REQUEST [ " password " ]);
$otp = clean ( $_REQUEST [ " otp " ]);
2012-09-04 10:39:33 +02:00
2013-04-18 10:27:34 +02:00
$authenticator = PluginHost :: getInstance () -> get_plugin ( $_SESSION [ " auth_module " ]);
2012-12-27 12:14:44 +01:00
2012-09-04 10:39:33 +02:00
if ( $authenticator -> check_password ( $_SESSION [ " uid " ], $password )) {
2017-12-22 12:29:25 +01:00
$sth = $this -> pdo -> prepare ( " SELECT salt
2013-04-16 19:07:26 +02:00
FROM ttrss_users
2017-12-02 10:01:56 +01:00
WHERE id = ? " );
$sth -> execute ([ $_SESSION [ 'uid' ]]);
2013-04-16 19:07:26 +02:00
2017-12-02 10:01:56 +01:00
if ( $row = $sth -> fetch ()) {
2013-04-16 19:07:26 +02:00
2018-06-20 17:27:34 +02:00
$base32 = new \OTPHP\Base32 ();
2013-04-16 19:07:26 +02:00
2017-12-02 10:01:56 +01:00
$secret = $base32 -> encode ( sha1 ( $row [ " salt " ]));
$topt = new \OTPHP\TOTP ( $secret );
2013-04-16 19:07:26 +02:00
2017-12-02 10:01:56 +01:00
$otp_check = $topt -> now ();
2012-09-04 10:39:33 +02:00
2017-12-02 10:01:56 +01:00
if ( $otp == $otp_check ) {
2018-06-20 17:27:34 +02:00
$sth = $this -> pdo -> prepare ( " UPDATE ttrss_users
2017-12-02 10:01:56 +01:00
SET otp_enabled = true WHERE id = ? " );
$sth -> execute ([ $_SESSION [ 'uid' ]]);
print " OK " ;
} else {
print " ERROR: " . __ ( " Incorrect one time password " );
}
2012-09-04 10:39:33 +02:00
}
2017-12-02 10:01:56 +01:00
2012-09-04 10:39:33 +02:00
} else {
2013-04-16 19:07:26 +02:00
print " ERROR: " . __ ( " Incorrect password " );
2012-09-04 10:39:33 +02:00
}
2012-09-03 16:33:46 +02:00
2012-09-04 10:39:33 +02:00
}
2017-12-03 18:46:27 +01:00
static function isdefaultpassword () {
$authenticator = PluginHost :: getInstance () -> get_plugin ( $_SESSION [ " auth_module " ]);
2017-12-15 10:15:15 +01:00
if ( $authenticator &&
method_exists ( $authenticator , " check_password " ) &&
$authenticator -> check_password ( $_SESSION [ " uid " ], " password " )) {
2017-12-03 18:46:27 +01:00
return true ;
}
return false ;
}
2012-09-04 10:39:33 +02:00
function otpdisable () {
2017-12-03 21:35:38 +01:00
$password = clean ( $_REQUEST [ " password " ]);
2012-09-04 10:39:33 +02:00
2013-04-18 10:27:34 +02:00
$authenticator = PluginHost :: getInstance () -> get_plugin ( $_SESSION [ " auth_module " ]);
2012-09-04 10:39:33 +02:00
if ( $authenticator -> check_password ( $_SESSION [ " uid " ], $password )) {
2017-12-02 10:01:56 +01:00
$sth = $this -> pdo -> prepare ( " UPDATE ttrss_users SET otp_enabled = false WHERE
id = ? " );
$sth -> execute ([ $_SESSION [ 'uid' ]]);
2012-09-04 10:39:33 +02:00
print " OK " ;
} else {
print " ERROR: " . __ ( " Incorrect password " );
2012-09-03 16:33:46 +02:00
}
2012-09-04 10:39:33 +02:00
2012-09-03 16:33:46 +02:00
}
2012-12-24 21:45:10 +01:00
function setplugins () {
2017-12-03 21:35:38 +01:00
if ( is_array ( clean ( $_REQUEST [ " plugins " ])))
$plugins = join ( " , " , clean ( $_REQUEST [ " plugins " ]));
2013-02-28 06:13:00 +01:00
else
$plugins = " " ;
2012-12-24 21:45:10 +01:00
2017-06-24 13:29:07 +02:00
set_pref ( " _ENABLED_PLUGINS " , $plugins , $_SESSION [ " uid " ]);
2012-12-24 21:45:10 +01:00
}
2012-12-27 16:20:12 +01:00
function clearplugindata () {
2017-12-03 21:35:38 +01:00
$name = clean ( $_REQUEST [ " name " ]);
2012-12-27 16:20:12 +01:00
2013-04-18 10:27:34 +02:00
PluginHost :: getInstance () -> clear_data ( PluginHost :: getInstance () -> get_plugin ( $name ));
2012-12-27 16:20:12 +01:00
}
2013-04-01 10:30:34 +02:00
function customizeCSS () {
2013-04-17 16:34:18 +02:00
$value = get_pref ( " USER_STYLESHEET " );
2013-04-01 10:30:34 +02:00
$value = str_replace ( " <br/> " , " \n " , $value );
2013-05-19 19:22:01 +02:00
print_notice ( T_sprintf ( " You can override colors, fonts and layout of your currently selected theme with custom CSS declarations here. <a target= \" _blank \" class= \" visibleLink \" href= \" %s \" >This file</a> can be used as a baseline. " , " css/tt-rss.css " ));
2013-04-01 10:30:34 +02:00
2017-02-10 12:36:21 +01:00
print_hidden ( " op " , " rpc " );
print_hidden ( " method " , " setpref " );
print_hidden ( " key " , " USER_STYLESHEET " );
2013-04-01 10:30:34 +02:00
print " <table width='100%'><tr><td> " ;
print " <textarea dojoType= \" dijit.form.SimpleTextarea \"
2015-08-11 17:44:07 +02:00
style = 'font-size : 12px; width : 98%; height: 200px;'
2013-04-01 10:30:34 +02:00
placeHolder = 'body#ttrssMain { font-size : 14px; };'
name = 'value' > $value </ textarea > " ;
print " </td></tr></table> " ;
print " <div class='dlgButtons'> " ;
print " <button dojoType= \" dijit.form.Button \"
onclick = \ " dijit.byId('cssEditDlg').execute() \" > " . __ ( 'Save' ) . " </button> " ;
print " <button dojoType= \" dijit.form.Button \"
onclick = \ " dijit.byId('cssEditDlg').hide() \" > " . __ ( 'Cancel' ) . " </button> " ;
print " </div> " ;
}
2013-04-01 10:34:49 +02:00
function editPrefProfiles () {
print " <div dojoType= \" dijit.Toolbar \" > " ;
print " <div dojoType= \" dijit.form.DropDownButton \" > " .
" <span> " . __ ( 'Select' ) . " </span> " ;
print " <div dojoType= \" dijit.Menu \" style= \" display: none; \" > " ;
print " <div onclick= \" selectTableRows('prefFeedProfileList', 'all') \"
dojoType = \ " dijit.MenuItem \" > " . __ ( 'All' ) . " </div> " ;
print " <div onclick= \" selectTableRows('prefFeedProfileList', 'none') \"
dojoType = \ " dijit.MenuItem \" > " . __ ( 'None' ) . " </div> " ;
print " </div></div> " ;
print " <div style= \" float : right \" > " ;
print " <input name= \" newprofile \" dojoType= \" dijit.form.ValidationTextBox \"
required = \ " 1 \" >
< button dojoType = \ " dijit.form.Button \"
onclick = \ " dijit.byId('profileEditDlg').addProfile() \" > " .
__ ( 'Create profile' ) . " </button></div> " ;
print " </div> " ;
2017-12-02 10:01:56 +01:00
$sth = $this -> pdo -> prepare ( " SELECT title,id FROM ttrss_settings_profiles
WHERE owner_uid = ? ORDER BY title " );
$sth -> execute ([ $_SESSION [ 'uid' ]]);
2013-04-01 10:34:49 +02:00
print " <div class= \" prefProfileHolder \" > " ;
print " <form id= \" profile_edit_form \" onsubmit= \" return false \" > " ;
print " <table width= \" 100% \" class= \" prefFeedProfileList \"
cellspacing = \ " 0 \" id= \" prefFeedProfileList \" > " ;
print " <tr class= \" placeholder \" id= \" FCATR-0 \" > " ; #odd
print " <td width='5%' align='center'><input
id = 'FCATC-0'
onclick = 'toggleSelectRow2(this);'
dojoType = \ " dijit.form.CheckBox \"
type = \ " checkbox \" ></td> " ;
if ( ! $_SESSION [ " profile " ]) {
$is_active = __ ( " (active) " );
} else {
$is_active = " " ;
}
print " <td><span> " .
__ ( " Default profile " ) . " $is_active </span></td> " ;
print " </tr> " ;
$lnum = 1 ;
2017-12-02 10:01:56 +01:00
while ( $line = $sth -> fetch ()) {
2013-04-01 10:34:49 +02:00
$profile_id = $line [ " id " ];
$this_row_id = " id= \" FCATR- $profile_id\ " " ;
print " <tr class= \" placeholder \" $this_row_id > " ;
$edit_title = htmlspecialchars ( $line [ " title " ]);
print " <td width='5%' align='center'><input
onclick = 'toggleSelectRow2(this);'
id = 'FCATC-$profile_id'
dojoType = \ " dijit.form.CheckBox \"
type = \ " checkbox \" ></td> " ;
if ( $_SESSION [ " profile " ] == $line [ " id " ]) {
$is_active = __ ( " (active) " );
} else {
$is_active = " " ;
}
print " <td><span dojoType= \" dijit.InlineEditBox \"
width = \ " 300px \" autoSave= \" false \"
profile - id = \ " $profile_id\ " > " . $edit_title .
" <script type= \" dojo/method \" event= \" onChange \" args= \" item \" >
var elem = this ;
dojo . xhrPost ({
url : 'backend.php' ,
content : { op : 'rpc' , method : 'saveprofile' ,
value : this . value ,
id : this . srcNodeRef . getAttribute ( 'profile-id' )},
load : function ( response ) {
elem . attr ( 'value' , response );
}
});
</ script >
</ span > $is_active </ td > " ;
print " </tr> " ;
++ $lnum ;
}
print " </table> " ;
print " </form> " ;
print " </div> " ;
print " <div class='dlgButtons'>
< div style = 'float : left' >
< button dojoType = \ " dijit.form.Button \" onclick= \" dijit.byId('profileEditDlg').removeSelected() \" > " .
__ ( 'Remove selected profiles' ) . " </button>
< button dojoType = \ " dijit.form.Button \" onclick= \" dijit.byId('profileEditDlg').activateProfile() \" > " .
__ ( 'Activate profile' ) . " </button>
</ div > " ;
print " <button dojoType= \" dijit.form.Button \" onclick= \" dijit.byId('profileEditDlg').hide() \" > " .
__ ( 'Close this window' ) . " </button> " ;
print " </div> " ;
}
2013-04-02 14:20:06 +02:00
private function getShortDesc ( $pref_name ) {
if ( isset ( $this -> pref_help [ $pref_name ])) {
return $this -> pref_help [ $pref_name ][ 0 ];
}
return " " ;
}
2013-04-01 10:34:49 +02:00
2013-04-02 14:20:06 +02:00
private function getHelpText ( $pref_name ) {
if ( isset ( $this -> pref_help [ $pref_name ])) {
return $this -> pref_help [ $pref_name ][ 1 ];
}
return " " ;
}
private function getSectionName ( $id ) {
if ( isset ( $this -> pref_sections [ $id ])) {
return $this -> pref_sections [ $id ];
}
return " " ;
}
2017-12-14 18:02:37 +01:00
}