implement ProtectedHandler
This commit is contained in:
parent
8e17d6636e
commit
46da73c255
10 changed files with 79 additions and 71 deletions
|
@ -1,5 +1,5 @@
|
||||||
<?php
|
<?php
|
||||||
class Article extends Handler {
|
class Article extends Protected_Handler {
|
||||||
|
|
||||||
function redirect() {
|
function redirect() {
|
||||||
$id = db_escape_string($_REQUEST['id']);
|
$id = db_escape_string($_REQUEST['id']);
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
<?php
|
<?php
|
||||||
class Dlg extends Handler {
|
class Dlg extends Protected_Handler {
|
||||||
private $param;
|
private $param;
|
||||||
|
|
||||||
function before() {
|
function before() {
|
||||||
if (parent::before()) {
|
if (parent::before()) {
|
||||||
header("Content-Type: text/xml; charset=utf-8");
|
header("Content-Type: text/xml; charset=utf-8");
|
||||||
|
@ -11,14 +11,14 @@ class Dlg extends Handler {
|
||||||
}
|
}
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
function after() {
|
function after() {
|
||||||
print "</dlg>";
|
print "</dlg>";
|
||||||
}
|
}
|
||||||
|
|
||||||
function importOpml() {
|
function importOpml() {
|
||||||
header("Content-Type: text/html"); # required for iframe
|
header("Content-Type: text/html"); # required for iframe
|
||||||
|
|
||||||
print "<div class=\"prefFeedOPMLHolder\">";
|
print "<div class=\"prefFeedOPMLHolder\">";
|
||||||
$owner_uid = $_SESSION["uid"];
|
$owner_uid = $_SESSION["uid"];
|
||||||
|
|
||||||
|
@ -534,7 +534,7 @@ class Dlg extends Handler {
|
||||||
}
|
}
|
||||||
|
|
||||||
function inactiveFeeds() {
|
function inactiveFeeds() {
|
||||||
|
|
||||||
if (DB_TYPE == "pgsql") {
|
if (DB_TYPE == "pgsql") {
|
||||||
$interval_qpart = "NOW() - INTERVAL '3 months'";
|
$interval_qpart = "NOW() - INTERVAL '3 months'";
|
||||||
} else {
|
} else {
|
||||||
|
@ -714,7 +714,7 @@ class Dlg extends Handler {
|
||||||
}
|
}
|
||||||
|
|
||||||
function printTagSelect() {
|
function printTagSelect() {
|
||||||
|
|
||||||
print "<title>" . __('Select item(s) by tags') . "</title>";
|
print "<title>" . __('Select item(s) by tags') . "</title>";
|
||||||
print "<content><![CDATA[";
|
print "<content><![CDATA[";
|
||||||
|
|
||||||
|
@ -851,7 +851,7 @@ class Dlg extends Handler {
|
||||||
}
|
}
|
||||||
|
|
||||||
function generatedFeed() {
|
function generatedFeed() {
|
||||||
|
|
||||||
print "<title>".__('View as RSS')."</title>";
|
print "<title>".__('View as RSS')."</title>";
|
||||||
print "<content><![CDATA[";
|
print "<content><![CDATA[";
|
||||||
|
|
||||||
|
@ -884,7 +884,7 @@ class Dlg extends Handler {
|
||||||
}
|
}
|
||||||
|
|
||||||
function newVersion() {
|
function newVersion() {
|
||||||
|
|
||||||
$version_data = check_for_update($this->link);
|
$version_data = check_for_update($this->link);
|
||||||
$version = $version_data['version'];
|
$version = $version_data['version'];
|
||||||
$id = $version_data['version_id'];
|
$id = $version_data['version_id'];
|
||||||
|
|
|
@ -1,11 +1,11 @@
|
||||||
<?php
|
<?php
|
||||||
class Feeds extends Handler {
|
class Feeds extends Protected_Handler {
|
||||||
|
|
||||||
function catchupAll() {
|
function catchupAll() {
|
||||||
db_query($this->link, "UPDATE ttrss_user_entries SET
|
db_query($this->link, "UPDATE ttrss_user_entries SET
|
||||||
last_read = NOW(),unread = false WHERE owner_uid = " . $_SESSION["uid"]);
|
last_read = NOW(),unread = false WHERE owner_uid = " . $_SESSION["uid"]);
|
||||||
ccache_zero_all($this->link, $_SESSION["uid"]);
|
ccache_zero_all($this->link, $_SESSION["uid"]);
|
||||||
}
|
}
|
||||||
|
|
||||||
function collapse() {
|
function collapse() {
|
||||||
$cat_id = db_escape_string($_REQUEST["cid"]);
|
$cat_id = db_escape_string($_REQUEST["cid"]);
|
||||||
|
@ -15,36 +15,36 @@ class Feeds extends Handler {
|
||||||
|
|
||||||
function index() {
|
function index() {
|
||||||
$root = (bool)$_REQUEST["root"];
|
$root = (bool)$_REQUEST["root"];
|
||||||
|
|
||||||
if (!$root) {
|
if (!$root) {
|
||||||
print json_encode(outputFeedList($this->link));
|
print json_encode(outputFeedList($this->link));
|
||||||
} else {
|
} else {
|
||||||
|
|
||||||
$feeds = outputFeedList($this->link, false);
|
$feeds = outputFeedList($this->link, false);
|
||||||
|
|
||||||
$root = array();
|
$root = array();
|
||||||
$root['id'] = 'root';
|
$root['id'] = 'root';
|
||||||
$root['name'] = __('Feeds');
|
$root['name'] = __('Feeds');
|
||||||
$root['items'] = $feeds['items'];
|
$root['items'] = $feeds['items'];
|
||||||
|
|
||||||
$fl = array();
|
$fl = array();
|
||||||
$fl['identifier'] = 'id';
|
$fl['identifier'] = 'id';
|
||||||
$fl['label'] = 'name';
|
$fl['label'] = 'name';
|
||||||
$fl['items'] = array($root);
|
$fl['items'] = array($root);
|
||||||
|
|
||||||
print json_encode($fl);
|
print json_encode($fl);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
function view() {
|
function view() {
|
||||||
$timing_info = getmicrotime();
|
$timing_info = getmicrotime();
|
||||||
|
|
||||||
$reply = array();
|
$reply = array();
|
||||||
|
|
||||||
if ($_REQUEST["debug"]) $timing_info = print_checkpoint("0", $timing_info);
|
if ($_REQUEST["debug"]) $timing_info = print_checkpoint("0", $timing_info);
|
||||||
|
|
||||||
$omode = db_escape_string($_REQUEST["omode"]);
|
$omode = db_escape_string($_REQUEST["omode"]);
|
||||||
|
|
||||||
$feed = db_escape_string($_REQUEST["feed"]);
|
$feed = db_escape_string($_REQUEST["feed"]);
|
||||||
$method = db_escape_string($_REQUEST["m"]);
|
$method = db_escape_string($_REQUEST["m"]);
|
||||||
$view_mode = db_escape_string($_REQUEST["view_mode"]);
|
$view_mode = db_escape_string($_REQUEST["view_mode"]);
|
||||||
|
@ -54,19 +54,19 @@ class Feeds extends Handler {
|
||||||
@$offset = db_escape_string($_REQUEST["skip"]);
|
@$offset = db_escape_string($_REQUEST["skip"]);
|
||||||
@$vgroup_last_feed = db_escape_string($_REQUEST["vgrlf"]);
|
@$vgroup_last_feed = db_escape_string($_REQUEST["vgrlf"]);
|
||||||
$order_by = db_escape_string($_REQUEST["order_by"]);
|
$order_by = db_escape_string($_REQUEST["order_by"]);
|
||||||
|
|
||||||
if (is_numeric($feed)) $feed = (int) $feed;
|
if (is_numeric($feed)) $feed = (int) $feed;
|
||||||
|
|
||||||
/* Feed -5 is a special case: it is used to display auxiliary information
|
/* Feed -5 is a special case: it is used to display auxiliary information
|
||||||
* when there's nothing to load - e.g. no stuff in fresh feed */
|
* when there's nothing to load - e.g. no stuff in fresh feed */
|
||||||
|
|
||||||
if ($feed == -5) {
|
if ($feed == -5) {
|
||||||
print json_encode(generate_dashboard_feed($this->link));
|
print json_encode(generate_dashboard_feed($this->link));
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
$result = false;
|
$result = false;
|
||||||
|
|
||||||
if ($feed < -10) {
|
if ($feed < -10) {
|
||||||
$label_feed = -11-$feed;
|
$label_feed = -11-$feed;
|
||||||
$result = db_query($this->link, "SELECT id FROM ttrss_labels2 WHERE
|
$result = db_query($this->link, "SELECT id FROM ttrss_labels2 WHERE
|
||||||
|
@ -78,45 +78,45 @@ class Feeds extends Handler {
|
||||||
$result = db_query($this->link, "SELECT id FROM ttrss_feed_categories WHERE
|
$result = db_query($this->link, "SELECT id FROM ttrss_feed_categories WHERE
|
||||||
id = '$feed' AND owner_uid = " . $_SESSION['uid']);
|
id = '$feed' AND owner_uid = " . $_SESSION['uid']);
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($result && db_num_rows($result) == 0) {
|
if ($result && db_num_rows($result) == 0) {
|
||||||
print json_encode(generate_error_feed($this->link, __("Feed not found.")));
|
print json_encode(generate_error_feed($this->link, __("Feed not found.")));
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Updating a label ccache means recalculating all of the caches
|
/* Updating a label ccache means recalculating all of the caches
|
||||||
* so for performance reasons we don't do that here */
|
* so for performance reasons we don't do that here */
|
||||||
|
|
||||||
if ($feed >= 0) {
|
if ($feed >= 0) {
|
||||||
ccache_update($this->link, $feed, $_SESSION["uid"], $cat_view);
|
ccache_update($this->link, $feed, $_SESSION["uid"], $cat_view);
|
||||||
}
|
}
|
||||||
|
|
||||||
set_pref($this->link, "_DEFAULT_VIEW_MODE", $view_mode);
|
set_pref($this->link, "_DEFAULT_VIEW_MODE", $view_mode);
|
||||||
set_pref($this->link, "_DEFAULT_VIEW_LIMIT", $limit);
|
set_pref($this->link, "_DEFAULT_VIEW_LIMIT", $limit);
|
||||||
set_pref($this->link, "_DEFAULT_VIEW_ORDER_BY", $order_by);
|
set_pref($this->link, "_DEFAULT_VIEW_ORDER_BY", $order_by);
|
||||||
|
|
||||||
if (!$cat_view && preg_match("/^[0-9][0-9]*$/", $feed)) {
|
if (!$cat_view && preg_match("/^[0-9][0-9]*$/", $feed)) {
|
||||||
db_query($this->link, "UPDATE ttrss_feeds SET last_viewed = NOW()
|
db_query($this->link, "UPDATE ttrss_feeds SET last_viewed = NOW()
|
||||||
WHERE id = '$feed' AND owner_uid = ".$_SESSION["uid"]);
|
WHERE id = '$feed' AND owner_uid = ".$_SESSION["uid"]);
|
||||||
}
|
}
|
||||||
|
|
||||||
$reply['headlines'] = array();
|
$reply['headlines'] = array();
|
||||||
|
|
||||||
if (!$next_unread_feed)
|
if (!$next_unread_feed)
|
||||||
$reply['headlines']['id'] = $feed;
|
$reply['headlines']['id'] = $feed;
|
||||||
else
|
else
|
||||||
$reply['headlines']['id'] = $next_unread_feed;
|
$reply['headlines']['id'] = $next_unread_feed;
|
||||||
|
|
||||||
$reply['headlines']['is_cat'] = (bool) $cat_view;
|
$reply['headlines']['is_cat'] = (bool) $cat_view;
|
||||||
|
|
||||||
$override_order = false;
|
$override_order = false;
|
||||||
|
|
||||||
if (get_pref($this->link, "SORT_HEADLINES_BY_FEED_DATE", $owner_uid)) {
|
if (get_pref($this->link, "SORT_HEADLINES_BY_FEED_DATE", $owner_uid)) {
|
||||||
$date_sort_field = "updated";
|
$date_sort_field = "updated";
|
||||||
} else {
|
} else {
|
||||||
$date_sort_field = "date_entered";
|
$date_sort_field = "date_entered";
|
||||||
}
|
}
|
||||||
|
|
||||||
switch ($order_by) {
|
switch ($order_by) {
|
||||||
case "date":
|
case "date":
|
||||||
if (get_pref($this->link, 'REVERSE_HEADLINES', $owner_uid)) {
|
if (get_pref($this->link, 'REVERSE_HEADLINES', $owner_uid)) {
|
||||||
|
@ -125,7 +125,7 @@ class Feeds extends Handler {
|
||||||
$override_order = "$date_sort_field DESC";
|
$override_order = "$date_sort_field DESC";
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case "title":
|
case "title":
|
||||||
if (get_pref($this->link, 'REVERSE_HEADLINES', $owner_uid)) {
|
if (get_pref($this->link, 'REVERSE_HEADLINES', $owner_uid)) {
|
||||||
$override_order = "title DESC, $date_sort_field";
|
$override_order = "title DESC, $date_sort_field";
|
||||||
|
@ -133,7 +133,7 @@ class Feeds extends Handler {
|
||||||
$override_order = "title, $date_sort_field DESC";
|
$override_order = "title, $date_sort_field DESC";
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case "score":
|
case "score":
|
||||||
if (get_pref($this->link, 'REVERSE_HEADLINES', $owner_uid)) {
|
if (get_pref($this->link, 'REVERSE_HEADLINES', $owner_uid)) {
|
||||||
$override_order = "score, $date_sort_field";
|
$override_order = "score, $date_sort_field";
|
||||||
|
@ -142,46 +142,46 @@ class Feeds extends Handler {
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($_REQUEST["debug"]) $timing_info = print_checkpoint("04", $timing_info);
|
if ($_REQUEST["debug"]) $timing_info = print_checkpoint("04", $timing_info);
|
||||||
|
|
||||||
$ret = format_headlines_list($this->link, $feed, $method,
|
$ret = format_headlines_list($this->link, $feed, $method,
|
||||||
$view_mode, $limit, $cat_view, $next_unread_feed, $offset,
|
$view_mode, $limit, $cat_view, $next_unread_feed, $offset,
|
||||||
$vgroup_last_feed, $override_order);
|
$vgroup_last_feed, $override_order);
|
||||||
|
|
||||||
$topmost_article_ids = $ret[0];
|
$topmost_article_ids = $ret[0];
|
||||||
$headlines_count = $ret[1];
|
$headlines_count = $ret[1];
|
||||||
$returned_feed = $ret[2];
|
$returned_feed = $ret[2];
|
||||||
$disable_cache = $ret[3];
|
$disable_cache = $ret[3];
|
||||||
$vgroup_last_feed = $ret[4];
|
$vgroup_last_feed = $ret[4];
|
||||||
|
|
||||||
$reply['headlines']['content'] =& $ret[5]['content'];
|
$reply['headlines']['content'] =& $ret[5]['content'];
|
||||||
$reply['headlines']['toolbar'] =& $ret[5]['toolbar'];
|
$reply['headlines']['toolbar'] =& $ret[5]['toolbar'];
|
||||||
|
|
||||||
if ($_REQUEST["debug"]) $timing_info = print_checkpoint("05", $timing_info);
|
if ($_REQUEST["debug"]) $timing_info = print_checkpoint("05", $timing_info);
|
||||||
|
|
||||||
$reply['headlines-info'] = array("count" => (int) $headlines_count,
|
$reply['headlines-info'] = array("count" => (int) $headlines_count,
|
||||||
"vgroup_last_feed" => $vgroup_last_feed,
|
"vgroup_last_feed" => $vgroup_last_feed,
|
||||||
"disable_cache" => (bool) $disable_cache);
|
"disable_cache" => (bool) $disable_cache);
|
||||||
|
|
||||||
if ($_REQUEST["debug"]) $timing_info = print_checkpoint("20", $timing_info);
|
if ($_REQUEST["debug"]) $timing_info = print_checkpoint("20", $timing_info);
|
||||||
|
|
||||||
if (is_array($topmost_article_ids) && !get_pref($this->link, 'COMBINED_DISPLAY_MODE') && !$_SESSION["bw_limit"]) {
|
if (is_array($topmost_article_ids) && !get_pref($this->link, 'COMBINED_DISPLAY_MODE') && !$_SESSION["bw_limit"]) {
|
||||||
$articles = array();
|
$articles = array();
|
||||||
|
|
||||||
foreach ($topmost_article_ids as $id) {
|
foreach ($topmost_article_ids as $id) {
|
||||||
array_push($articles, format_article($this->link, $id, false));
|
array_push($articles, format_article($this->link, $id, false));
|
||||||
}
|
}
|
||||||
|
|
||||||
$reply['articles'] = $articles;
|
$reply['articles'] = $articles;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($_REQUEST["debug"]) $timing_info = print_checkpoint("30", $timing_info);
|
if ($_REQUEST["debug"]) $timing_info = print_checkpoint("30", $timing_info);
|
||||||
|
|
||||||
$reply['runtime-info'] = make_runtime_info($this->link);
|
$reply['runtime-info'] = make_runtime_info($this->link);
|
||||||
|
|
||||||
print json_encode($reply);
|
print json_encode($reply);
|
||||||
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
?>
|
?>
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
<?php
|
<?php
|
||||||
class Pref_Feeds extends Handler {
|
class Pref_Feeds extends Protected_Handler {
|
||||||
function batch_edit_cbox($elem, $label = false) {
|
function batch_edit_cbox($elem, $label = false) {
|
||||||
print "<input type=\"checkbox\" title=\"".__("Check to enable field")."\"
|
print "<input type=\"checkbox\" title=\"".__("Check to enable field")."\"
|
||||||
onchange=\"dijit.byId('feedEditDlg').toggleField(this, '$elem', '$label')\">";
|
onchange=\"dijit.byId('feedEditDlg').toggleField(this, '$elem', '$label')\">";
|
||||||
|
@ -529,7 +529,7 @@ class Pref_Feeds extends Handler {
|
||||||
global $purge_intervals;
|
global $purge_intervals;
|
||||||
global $update_intervals;
|
global $update_intervals;
|
||||||
global $update_methods;
|
global $update_methods;
|
||||||
|
|
||||||
$feed_ids = db_escape_string($_REQUEST["ids"]);
|
$feed_ids = db_escape_string($_REQUEST["ids"]);
|
||||||
|
|
||||||
print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"ids\" value=\"$feed_ids\">";
|
print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"ids\" value=\"$feed_ids\">";
|
||||||
|
@ -688,13 +688,13 @@ class Pref_Feeds extends Handler {
|
||||||
function batchEditSave() {
|
function batchEditSave() {
|
||||||
return editsaveops(true);
|
return editsaveops(true);
|
||||||
}
|
}
|
||||||
|
|
||||||
function editSave() {
|
function editSave() {
|
||||||
return editsaveops(false);
|
return editsaveops(false);
|
||||||
}
|
}
|
||||||
|
|
||||||
function editsaveops($batch) {
|
function editsaveops($batch) {
|
||||||
|
|
||||||
$feed_title = db_escape_string(trim($_POST["title"]));
|
$feed_title = db_escape_string(trim($_POST["title"]));
|
||||||
$feed_link = db_escape_string(trim($_POST["feed_url"]));
|
$feed_link = db_escape_string(trim($_POST["feed_url"]));
|
||||||
$upd_intl = (int) db_escape_string($_POST["update_interval"]);
|
$upd_intl = (int) db_escape_string($_POST["update_interval"]);
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
<?php
|
<?php
|
||||||
class Pref_Filters extends Handler {
|
class Pref_Filters extends Protected_Handler {
|
||||||
|
|
||||||
function filter_test($filter_type, $reg_exp,
|
function filter_test($filter_type, $reg_exp,
|
||||||
$action_id, $action_param, $filter_param, $inverse, $feed_id) {
|
$action_id, $action_param, $filter_param, $inverse, $feed_id) {
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
<?php
|
<?php
|
||||||
class Pref_Labels extends Handler {
|
class Pref_Labels extends Protected_Handler {
|
||||||
|
|
||||||
function edit() {
|
function edit() {
|
||||||
$label_id = db_escape_string($_REQUEST['id']);
|
$label_id = db_escape_string($_REQUEST['id']);
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
<?php
|
<?php
|
||||||
class Pref_Prefs extends Handler {
|
class Pref_Prefs extends Protected_Handler {
|
||||||
|
|
||||||
function changepassword() {
|
function changepassword() {
|
||||||
|
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
<?php
|
<?php
|
||||||
class Pref_Users extends Handler {
|
class Pref_Users extends Protected_Handler {
|
||||||
|
|
||||||
function before() {
|
function before() {
|
||||||
if (parent::before()) {
|
if (parent::before()) {
|
||||||
|
|
8
classes/protected_handler.php
Normal file
8
classes/protected_handler.php
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
<?php
|
||||||
|
class Protected_Handler extends Handler {
|
||||||
|
|
||||||
|
function before() {
|
||||||
|
return parent::before() && $_SESSION['uid'];
|
||||||
|
}
|
||||||
|
}
|
||||||
|
?>
|
|
@ -1,9 +1,9 @@
|
||||||
<?php
|
<?php
|
||||||
class RPC extends Handler {
|
class RPC extends Protected_Handler {
|
||||||
|
|
||||||
function setprofile() {
|
function setprofile() {
|
||||||
$id = db_escape_string($_REQUEST["id"]);
|
$id = db_escape_string($_REQUEST["id"]);
|
||||||
|
|
||||||
$_SESSION["profile"] = $id;
|
$_SESSION["profile"] = $id;
|
||||||
$_SESSION["prefs_cache"] = array();
|
$_SESSION["prefs_cache"] = array();
|
||||||
}
|
}
|
||||||
|
@ -215,7 +215,7 @@ class RPC extends Handler {
|
||||||
|
|
||||||
if ($last_article_id != getLastArticleId($this->link)) {
|
if ($last_article_id != getLastArticleId($this->link)) {
|
||||||
$omode = $_REQUEST["omode"];
|
$omode = $_REQUEST["omode"];
|
||||||
|
|
||||||
if ($omode != "T")
|
if ($omode != "T")
|
||||||
$reply['counters'] = getAllCounters($this->link, $omode);
|
$reply['counters'] = getAllCounters($this->link, $omode);
|
||||||
else
|
else
|
||||||
|
@ -403,11 +403,11 @@ class RPC extends Handler {
|
||||||
function assigntolabel() {
|
function assigntolabel() {
|
||||||
return labelops(true);
|
return labelops(true);
|
||||||
}
|
}
|
||||||
|
|
||||||
function removefromlabel() {
|
function removefromlabel() {
|
||||||
return labelops(false);
|
return labelops(false);
|
||||||
}
|
}
|
||||||
|
|
||||||
function labelops($assign) {
|
function labelops($assign) {
|
||||||
$reply = array();
|
$reply = array();
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue