diff --git a/backend.php b/backend.php index 9fe8792f..62cd6229 100644 --- a/backend.php +++ b/backend.php @@ -16,17 +16,21 @@ $_REQUEST = array_map('stripslashes_deep', $_REQUEST); } - function __autoload($class) { - $file = "classes/".strtolower(basename($class)).".php"; - if (file_exists($file)) { - require $file; - } + $op = $_REQUEST["op"]; + @$method = $_REQUEST['subop'] ? $_REQUEST['subop'] : $_REQUEST["method"]; + + /* Public calls compatibility shim */ + + $public_calls = array("globalUpdateFeeds", "rss", "getUnread", "getProfiles", "share", + "fbexport", "logout", "pubsub"); + + if (array_search($op, $public_calls) !== false) { + header("Location: public.php?" . $_SERVER['QUERY_STRING']); + return; } - $op = $_REQUEST["op"]; - require_once "functions.php"; - if ($op != "share") require_once "sessions.php"; + require_once "sessions.php"; require_once "sanity_check.php"; require_once "config.php"; require_once "db.php"; @@ -40,17 +44,7 @@ $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME); - if (!$link) { - if (DB_TYPE == "mysql") { - print mysql_error(); - } - // PG seems to display its own errors just fine by default. - return; - } - - init_connection($link); - - $method = $_REQUEST['subop'] ? $_REQUEST['subop'] : $_REQUEST["method"]; + if (!init_connection($link)) return; header("Content-Type: text/plain; charset=utf-8"); @@ -62,15 +56,9 @@ authenticate_user($link, "admin", null); } - $public_calls = array("globalUpdateFeeds", "rss", "getUnread", "getProfiles", "share", - "fbexport", "logout", "pubsub"); + // TODO remove and handle within Handlers - if (array_search($op, $public_calls) !== false) { - - handle_public_request($link, $op); - return; - - } else if (!($_SESSION["uid"] && validate_session($link))) { + if (!($_SESSION["uid"] && validate_session($link))) { if ($op == 'pref-feeds' && $method == 'add') { header("Content-Type: text/html"); login_sequence($link); @@ -136,6 +124,13 @@ return; } + function __autoload($class) { + $file = "classes/".strtolower(basename($class)).".php"; + if (file_exists($file)) { + require $file; + } + } + $op = str_replace("-", "_", $op); if (class_exists($op)) { @@ -154,17 +149,8 @@ } } - switch($op) { // Select action according to $op value. - case "pref_instances": - require_once "modules/pref-instances.php"; - module_pref_instances($link); - break; // pref-instances - - default: - header("Content-Type: text/plain"); - print json_encode(array("error" => array("code" => 7))); - break; // fallback - } // Select action according to $op value. + header("Content-Type: text/plain"); + print json_encode(array("error" => array("code" => 7))); // We close the connection to database. db_close($link); diff --git a/classes/pref_instances.php b/classes/pref_instances.php new file mode 100644 index 00000000..893d2b6b --- /dev/null +++ b/classes/pref_instances.php @@ -0,0 +1,204 @@ +link, "DELETE FROM ttrss_linked_instances WHERE + id IN ($ids)"); + } + + function add() { + $id = db_escape_string($_REQUEST["id"]); + $access_url = db_escape_string($_REQUEST["access_url"]); + $access_key = db_escape_string($_REQUEST["access_key"]); + + db_query($this->link, "BEGIN"); + + $result = db_query($this->link, "SELECT id FROM ttrss_linked_instances + WHERE access_url = '$access_url'"); + + if (db_num_rows($result) == 0) { + db_query($this->link, "INSERT INTO ttrss_linked_instances + (access_url, access_key, last_connected, last_status_in, last_status_out) + VALUES + ('$access_url', '$access_key', '1970-01-01', -1, -1)"); + + } + + db_query($this->link, "COMMIT"); + } + + function edit() { + $id = db_escape_string($_REQUEST["id"]); + + $result = db_query($this->link, "SELECT * FROM ttrss_linked_instances WHERE + id = '$id'"); + + print ""; + print ""; + print ""; + + print "
".__("Instance")."
"; + + print "
"; + + /* URL */ + + $access_url = htmlspecialchars(db_fetch_result($result, 0, "access_url")); + + print __("URL:") . " "; + + print ""; + + print "
"; + + $access_key = htmlspecialchars(db_fetch_result($result, 0, "access_key")); + + /* Access key */ + + print __("Access key:") . " "; + + print ""; + + print "

" . __("Use one access key for both linked instances."); + + print "

"; + + print "
+
+ +
+ +
"; + + } + + function editSave() { + $id = db_escape_string($_REQUEST["id"]); + $access_url = db_escape_string($_REQUEST["access_url"]); + $access_key = db_escape_string($_REQUEST["access_key"]); + + db_query($this->link, "UPDATE ttrss_linked_instances SET + access_key = '$access_key', access_url = '$access_url', + last_connected = '1970-01-01' + WHERE id = '$id'"); + + } + + function index() { + + if (!function_exists('curl_init')) { + print "
"; + print_error("This functionality requires CURL functions. Please enable CURL in your PHP configuration (you might also want to disable open_basedir in php.ini) and reload this page."); + print "
"; + } + + print "
"; + print "
"; + + print "
"; + + $sort = db_escape_string($_REQUEST["sort"]); + + if (!$sort || $sort == "undefined") { + $sort = "access_url"; + } + + print "
". + "" . __('Select').""; + print "
"; + print "
".__('All')."
"; + print "
".__('None')."
"; + print "
"; + + print ""; + print ""; + print ""; + + print "
"; #toolbar + + $result = db_query($this->link, "SELECT *, + (SELECT COUNT(*) FROM ttrss_linked_feeds + WHERE instance_id = ttrss_linked_instances.id) AS num_feeds + FROM ttrss_linked_instances + ORDER BY $sort"); + + print "

" . __("You can connect other instances of Tiny Tiny RSS to this one to share Popular feeds. Link to this instance of Tiny Tiny RSS by using this URL:"); + + print " (display url)"; + + print "

"; + + print " + + + + + + "; + + $lnum = 0; + + while ($line = db_fetch_assoc($result)) { + $class = ($lnum % 2) ? "even" : "odd"; + + $id = $line['id']; + $this_row_id = "id=\"LIRR-$id\""; + + $line["last_connected"] = make_local_datetime($this->link, $line["last_connected"], false); + + print ""; + + print ""; + + $onclick = "onclick='editInstance($id, event)' title='".__('Click to edit')."'"; + + $access_key = mb_substr($line['access_key'], 0, 4) . '...' . + mb_substr($line['access_key'], -4); + + print ""; + print ""; + print ""; + print ""; + + print ""; + + ++$lnum; + } + + print "
 ".__('Instance URL')."".__('Access key')."".__('Last connected')."".__('Stored feeds')."
" . htmlspecialchars($line['access_url']) . "" . htmlspecialchars($access_key) . "" . htmlspecialchars($line['last_connected']) . "" . htmlspecialchars($line['num_feeds']) . "
"; + + print "

"; #pane + print "
"; #container + + } +} +?> diff --git a/classes/public_handler.php b/classes/public_handler.php new file mode 100644 index 00000000..460613e3 --- /dev/null +++ b/classes/public_handler.php @@ -0,0 +1,210 @@ +link, "SELECT id FROM ttrss_users WHERE login = '$login'"); + + if (db_num_rows($result) == 1) { + $uid = db_fetch_result($result, 0, "id"); + + print getGlobalUnread($this->link, $uid); + + if ($fresh) { + print ";"; + print getFeedArticles($this->link, -3, false, true, $uid); + } + + } else { + print "-1;User not found"; + } + + } + + function getProfiles() { + $login = db_escape_string($_REQUEST["login"]); + $password = db_escape_string($_REQUEST["password"]); + + if (authenticate_user($this->link, $login, $password)) { + $result = db_query($this->link, "SELECT * FROM ttrss_settings_profiles + WHERE owner_uid = " . $_SESSION["uid"] . " ORDER BY title"); + + print ""; + + $_SESSION = array(); + } + } + + function pubsub() { + $mode = db_escape_string($_REQUEST['hub_mode']); + $feed_id = (int) db_escape_string($_REQUEST['id']); + $feed_url = db_escape_string($_REQUEST['hub_topic']); + + if (!PUBSUBHUBBUB_ENABLED) { + header('HTTP/1.0 404 Not Found'); + echo "404 Not found"; + return; + } + + // TODO: implement hub_verifytoken checking + + $result = db_query($this->link, "SELECT feed_url FROM ttrss_feeds + WHERE id = '$feed_id'"); + + if (db_num_rows($result) != 0) { + + $check_feed_url = db_fetch_result($result, 0, "feed_url"); + + if ($check_feed_url && ($check_feed_url == $feed_url || !$feed_url)) { + if ($mode == "subscribe") { + + db_query($this->link, "UPDATE ttrss_feeds SET pubsub_state = 2 + WHERE id = '$feed_id'"); + + print $_REQUEST['hub_challenge']; + return; + + } else if ($mode == "unsubscribe") { + + db_query($this->link, "UPDATE ttrss_feeds SET pubsub_state = 0 + WHERE id = '$feed_id'"); + + print $_REQUEST['hub_challenge']; + return; + + } else if (!$mode) { + + // Received update ping, schedule feed update. + //update_rss_feed($this->link, $feed_id, true, true); + + db_query($this->link, "UPDATE ttrss_feeds SET + last_update_started = '1970-01-01', + last_updated = '1970-01-01' WHERE id = '$feed_id'"); + + } + } else { + header('HTTP/1.0 404 Not Found'); + echo "404 Not found"; + } + } else { + header('HTTP/1.0 404 Not Found'); + echo "404 Not found"; + } + + } + + function logout() { + logout_user(); + header("Location: index.php"); + } + + function fbexport() { + + $access_key = db_escape_string($_POST["key"]); + + // TODO: rate limit checking using last_connected + $result = db_query($this->link, "SELECT id FROM ttrss_linked_instances + WHERE access_key = '$access_key'"); + + if (db_num_rows($result) == 1) { + + $instance_id = db_fetch_result($result, 0, "id"); + + $result = db_query($this->link, "SELECT feed_url, site_url, title, subscribers + FROM ttrss_feedbrowser_cache ORDER BY subscribers DESC LIMIT 100"); + + $feeds = array(); + + while ($line = db_fetch_assoc($result)) { + array_push($feeds, $line); + } + + db_query($this->link, "UPDATE ttrss_linked_instances SET + last_status_in = 1 WHERE id = '$instance_id'"); + + print json_encode(array("feeds" => $feeds)); + } else { + print json_encode(array("error" => array("code" => 6))); + } + } + + function share() { + $uuid = db_escape_string($_REQUEST["key"]); + + $result = db_query($this->link, "SELECT ref_id, owner_uid FROM ttrss_user_entries WHERE + uuid = '$uuid'"); + + if (db_num_rows($result) != 0) { + header("Content-Type: text/html"); + + $id = db_fetch_result($result, 0, "ref_id"); + $owner_uid = db_fetch_result($result, 0, "owner_uid"); + + $_SESSION["uid"] = $owner_uid; + $article = format_article($this->link, $id, false, true); + $_SESSION["uid"] = ""; + + print_r($article['content']); + + } else { + print "Article not found."; + } + + } + + function rss() { + header("Content-Type: text/xml; charset=utf-8"); + + $feed = db_escape_string($_REQUEST["id"]); + $key = db_escape_string($_REQUEST["key"]); + $is_cat = $_REQUEST["is_cat"] != false; + $limit = (int)db_escape_string($_REQUEST["limit"]); + + $search = db_escape_string($_REQUEST["q"]); + $match_on = db_escape_string($_REQUEST["m"]); + $search_mode = db_escape_string($_REQUEST["smode"]); + $view_mode = db_escape_string($_REQUEST["view-mode"]); + + if (SINGLE_USER_MODE) { + authenticate_user($this->link, "admin", null); + } + + $owner_id = false; + + if ($key) { + $result = db_query($this->link, "SELECT owner_uid FROM + ttrss_access_keys WHERE access_key = '$key' AND feed_id = '$feed'"); + + if (db_num_rows($result) == 1) + $owner_id = db_fetch_result($result, 0, "owner_uid"); + } + + if ($owner_id) { + $_SESSION['uid'] = $owner_id; + + generate_syndicated_feed($this->link, 0, $feed, $is_cat, $limit, + $search, $search_mode, $match_on, $view_mode); + } else { + header('HTTP/1.1 403 Forbidden'); + } + } + + /* function globalUpdateFeeds() { + // Update all feeds needing a update. + update_daemon_common($this->link, 0, true, true); + } */ +} +?> diff --git a/db-updater.php b/db-updater.php index 9a4fdf60..63c3c647 100644 --- a/db-updater.php +++ b/db-updater.php @@ -9,7 +9,7 @@ $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME); - init_connection($link); + if (!init_connection($link)) return; login_sequence($link); $owner_uid = $_SESSION["uid"]; diff --git a/include/db.php b/include/db.php index 7a858ca7..1401c089 100644 --- a/include/db.php +++ b/include/db.php @@ -61,7 +61,7 @@ function db_query($link, $query, $die_on_error = true) { if (!$result) { $query = htmlspecialchars($query); // just in case if ($die_on_error) { - die("Query $query failed [$result]: " . pg_last_error($link)); + die("Query $query failed [$result]: " . ($link ? pg_last_error($link) : "No connection")); } } return $result; @@ -70,7 +70,7 @@ function db_query($link, $query, $die_on_error = true) { if (!$result) { $query = htmlspecialchars($query); if ($die_on_error) { - die("Query $query failed: " . mysql_error($link)); + die("Query $query failed: " . ($link ? mysql_error($link) : "No connection")); } } return $result; diff --git a/include/functions.php b/include/functions.php index 89a1d784..7bd64cc5 100644 --- a/include/functions.php +++ b/include/functions.php @@ -5835,18 +5835,24 @@ } function init_connection($link) { - if (DB_TYPE == "pgsql") { - pg_query($link, "set client_encoding = 'UTF-8'"); - pg_set_client_encoding("UNICODE"); - pg_query($link, "set datestyle = 'ISO, european'"); - pg_query($link, "set TIME ZONE 0"); - } else { - db_query($link, "SET time_zone = '+0:0'"); + if ($link) { - if (defined('MYSQL_CHARSET') && MYSQL_CHARSET) { - db_query($link, "SET NAMES " . MYSQL_CHARSET); - // db_query($link, "SET CHARACTER SET " . MYSQL_CHARSET); + if (DB_TYPE == "pgsql") { + pg_query($link, "set client_encoding = 'UTF-8'"); + pg_set_client_encoding("UNICODE"); + pg_query($link, "set datestyle = 'ISO, european'"); + pg_query($link, "set TIME ZONE 0"); + } else { + db_query($link, "SET time_zone = '+0:0'"); + + if (defined('MYSQL_CHARSET') && MYSQL_CHARSET) { + db_query($link, "SET NAMES " . MYSQL_CHARSET); + } } + return true; + } else { + print "Unable to connect to database:" . db_last_error(); + return false; } } @@ -7428,242 +7434,25 @@ } } - function handle_public_request($link, $op) { - switch ($op) { - - case "getUnread": - $login = db_escape_string($_REQUEST["login"]); - $fresh = $_REQUEST["fresh"] == "1"; - - $result = db_query($link, "SELECT id FROM ttrss_users WHERE login = '$login'"); - - if (db_num_rows($result) == 1) { - $uid = db_fetch_result($result, 0, "id"); - - print getGlobalUnread($link, $uid); - - if ($fresh) { - print ";"; - print getFeedArticles($link, -3, false, true, $uid); - } - - } else { - print "-1;User not found"; - } - - break; // getUnread - - case "getProfiles": - $login = db_escape_string($_REQUEST["login"]); - $password = db_escape_string($_REQUEST["password"]); - - if (authenticate_user($link, $login, $password)) { - $result = db_query($link, "SELECT * FROM ttrss_settings_profiles - WHERE owner_uid = " . $_SESSION["uid"] . " ORDER BY title"); - - print ""; - - $_SESSION = array(); - } - break; // getprofiles - - case "pubsub": - $mode = db_escape_string($_REQUEST['hub_mode']); - $feed_id = (int) db_escape_string($_REQUEST['id']); - $feed_url = db_escape_string($_REQUEST['hub_topic']); - - if (!PUBSUBHUBBUB_ENABLED) { - header('HTTP/1.0 404 Not Found'); - echo "404 Not found"; - return; - } - - // TODO: implement hub_verifytoken checking - - $result = db_query($link, "SELECT feed_url FROM ttrss_feeds - WHERE id = '$feed_id'"); - - if (db_num_rows($result) != 0) { - - $check_feed_url = db_fetch_result($result, 0, "feed_url"); - - if ($check_feed_url && ($check_feed_url == $feed_url || !$feed_url)) { - if ($mode == "subscribe") { - - db_query($link, "UPDATE ttrss_feeds SET pubsub_state = 2 - WHERE id = '$feed_id'"); - - print $_REQUEST['hub_challenge']; - return; - - } else if ($mode == "unsubscribe") { - - db_query($link, "UPDATE ttrss_feeds SET pubsub_state = 0 - WHERE id = '$feed_id'"); - - print $_REQUEST['hub_challenge']; - return; - - } else if (!$mode) { - - // Received update ping, schedule feed update. - //update_rss_feed($link, $feed_id, true, true); - - db_query($link, "UPDATE ttrss_feeds SET - last_update_started = '1970-01-01', - last_updated = '1970-01-01' WHERE id = '$feed_id'"); - - } - } else { - header('HTTP/1.0 404 Not Found'); - echo "404 Not found"; - } - } else { - header('HTTP/1.0 404 Not Found'); - echo "404 Not found"; - } - - break; // pubsub - - case "logout": - logout_user(); - header("Location: index.php"); - break; // logout - - case "fbexport": - - $access_key = db_escape_string($_POST["key"]); - - // TODO: rate limit checking using last_connected - $result = db_query($link, "SELECT id FROM ttrss_linked_instances - WHERE access_key = '$access_key'"); - - if (db_num_rows($result) == 1) { - - $instance_id = db_fetch_result($result, 0, "id"); - - $result = db_query($link, "SELECT feed_url, site_url, title, subscribers - FROM ttrss_feedbrowser_cache ORDER BY subscribers DESC LIMIT 100"); - - $feeds = array(); - - while ($line = db_fetch_assoc($result)) { - array_push($feeds, $line); - } - - db_query($link, "UPDATE ttrss_linked_instances SET - last_status_in = 1 WHERE id = '$instance_id'"); - - print json_encode(array("feeds" => $feeds)); - } else { - print json_encode(array("error" => array("code" => 6))); - } - break; // fbexport - - case "share": - $uuid = db_escape_string($_REQUEST["key"]); - - $result = db_query($link, "SELECT ref_id, owner_uid FROM ttrss_user_entries WHERE - uuid = '$uuid'"); - - if (db_num_rows($result) != 0) { - header("Content-Type: text/html"); - - $id = db_fetch_result($result, 0, "ref_id"); - $owner_uid = db_fetch_result($result, 0, "owner_uid"); - - $_SESSION["uid"] = $owner_uid; - $article = format_article($link, $id, false, true); - $_SESSION["uid"] = ""; - - print_r($article['content']); - - } else { - print "Article not found."; - } - - break; - - case "rss": - $feed = db_escape_string($_REQUEST["id"]); - $key = db_escape_string($_REQUEST["key"]); - $is_cat = $_REQUEST["is_cat"] != false; - $limit = (int)db_escape_string($_REQUEST["limit"]); - - $search = db_escape_string($_REQUEST["q"]); - $match_on = db_escape_string($_REQUEST["m"]); - $search_mode = db_escape_string($_REQUEST["smode"]); - $view_mode = db_escape_string($_REQUEST["view-mode"]); - - if (SINGLE_USER_MODE) { - authenticate_user($link, "admin", null); - } - - $owner_id = false; - - if ($key) { - $result = db_query($link, "SELECT owner_uid FROM - ttrss_access_keys WHERE access_key = '$key' AND feed_id = '$feed'"); - - if (db_num_rows($result) == 1) - $owner_id = db_fetch_result($result, 0, "owner_uid"); - } - - if ($owner_id) { - $_SESSION['uid'] = $owner_id; - - generate_syndicated_feed($link, 0, $feed, $is_cat, $limit, - $search, $search_mode, $match_on, $view_mode); - } else { - header('HTTP/1.1 403 Forbidden'); - } - break; // rss - - - case "globalUpdateFeeds": - // Update all feeds needing a update. - update_daemon_common($link, 0, true, true); - break; // globalUpdateFeeds - - - default: - header("Content-Type: text/plain"); - print json_encode(array("error" => array("code" => 7))); - break; // fallback - - } - } - function make_feed_browser($link, $search, $limit, $mode = 1) { - + $owner_uid = $_SESSION["uid"]; $rv = ''; - + if ($search) { $search_qpart = "AND (UPPER(feed_url) LIKE UPPER('%$search%') OR UPPER(title) LIKE UPPER('%$search%'))"; } else { $search_qpart = ""; } - + if ($mode == 1) { /* $result = db_query($link, "SELECT feed_url, subscribers FROM ttrss_feedbrowser_cache WHERE (SELECT COUNT(id) = 0 FROM ttrss_feeds AS tf WHERE tf.feed_url = ttrss_feedbrowser_cache.feed_url AND owner_uid = '$owner_uid') $search_qpart ORDER BY subscribers DESC LIMIT $limit"); */ - + $result = db_query($link, "SELECT feed_url, site_url, title, SUM(subscribers) AS subscribers FROM (SELECT feed_url, site_url, title, subscribers FROM ttrss_feedbrowser_cache UNION ALL SELECT feed_url, site_url, title, subscribers FROM ttrss_linked_feeds) AS qqq @@ -7672,7 +7461,7 @@ WHERE tf.feed_url = qqq.feed_url AND owner_uid = '$owner_uid') $search_qpart GROUP BY feed_url, site_url, title ORDER BY subscribers DESC LIMIT $limit"); - + } else if ($mode == 2) { $result = db_query($link, "SELECT *, (SELECT COUNT(*) FROM ttrss_user_entries WHERE @@ -7686,74 +7475,74 @@ owner_uid = '$owner_uid' $search_qpart ORDER BY id DESC LIMIT $limit"); } - + $feedctr = 0; - + while ($line = db_fetch_assoc($result)) { - + if ($mode == 1) { - + $feed_url = htmlspecialchars($line["feed_url"]); $site_url = htmlspecialchars($line["site_url"]); $subscribers = $line["subscribers"]; - + $check_box = ""; - + $class = ($feedctr % 2) ? "even" : "odd"; - + $site_url = " ". htmlspecialchars($line["title"]).""; - + $feed_url = ""; - + $rv .= "
  • $check_box $feed_url $site_url". " ($subscribers)
  • "; - + } else if ($mode == 2) { $feed_url = htmlspecialchars($line["feed_url"]); $site_url = htmlspecialchars($line["site_url"]); $title = htmlspecialchars($line["title"]); - + $check_box = ""; - + $class = ($feedctr % 2) ? "even" : "odd"; - + if ($line['articles_archived'] > 0) { $archived = sprintf(__("%d archived articles"), $line['articles_archived']); $archived = " ($archived)"; } else { $archived = ''; } - + $site_url = " ". htmlspecialchars($line["title"]).""; - + $feed_url = ""; - - + + $rv .= "
  • ". "$check_box $feed_url $site_url $archived
  • "; } - + ++$feedctr; } - + if ($feedctr == 0) { $rv .= "
  • ".__('No feeds found.')."

  • "; } - + return $rv; - } + ?> diff --git a/index.php b/index.php index 76b1d13c..6d0b7c64 100644 --- a/index.php +++ b/index.php @@ -16,7 +16,7 @@ $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME); - init_connection($link); + if (!init_connection($link)) return; login_sequence($link); diff --git a/opml.php b/opml.php index 32432a9a..ab71493b 100644 --- a/opml.php +++ b/opml.php @@ -10,7 +10,7 @@ $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME); - init_connection($link); + if (!init_connection($link)) return; function opml_export($link, $name, $owner_uid, $hide_private_feeds=false, $include_settings=true) { if (!$_REQUEST["debug"]) { diff --git a/prefs.php b/prefs.php index 3787a79b..40d9a35a 100644 --- a/prefs.php +++ b/prefs.php @@ -10,7 +10,7 @@ $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME); - init_connection($link); + if (!init_connection($link)) return; login_sequence($link); diff --git a/public.php b/public.php index 3b0d064b..2cec8296 100644 --- a/public.php +++ b/public.php @@ -16,10 +16,8 @@ $_REQUEST = array_map('stripslashes_deep', $_REQUEST); } - $op = $_REQUEST["op"]; - require_once "functions.php"; - if ($op != "share") require_once "sessions.php"; + require_once "sessions.php"; require_once "sanity_check.php"; require_once "config.php"; require_once "db.php"; @@ -33,30 +31,37 @@ $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME); - if (!$link) { - if (DB_TYPE == "mysql") { - print mysql_error(); - } - // PG seems to display its own errors just fine by default. - return; - } - - init_connection($link); - - $method = $_REQUEST["method"]; - $mode = $_REQUEST["mode"]; - - if ((!$op || $op == "rss" || $op == "dlg") && !$_REQUEST["noxml"]) { - header("Content-Type: application/xml; charset=utf-8"); - } else { - header("Content-Type: text/plain; charset=utf-8"); - } + if (!init_connection($link)) return; if (ENABLE_GZIP_OUTPUT) { ob_start("ob_gzhandler"); } - handle_public_request($link, $op); + function __autoload($class) { + $file = "classes/".strtolower(basename($class)).".php"; + if (file_exists($file)) { + require $file; + } + } + + $method = $_REQUEST["op"]; + + $handler = new Public_Handler($link, $_REQUEST); + + if ($handler) { + if ($handler->before()) { + if ($method && method_exists($handler, $method)) { + $handler->$method(); + } else if (method_exists($handler, 'index')) { + $handler->index(); + } + $handler->after(); + return; + } + } + + header("Content-Type: text/plain"); + print json_encode(array("error" => array("code" => 7))); // We close the connection to database. db_close($link); diff --git a/register.php b/register.php index 3694a5e7..33a6628f 100644 --- a/register.php +++ b/register.php @@ -18,7 +18,7 @@ $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME); - init_connection($link); + if (!init_connection($link)) return; if ($_REQUEST["format"] == "feed") { header("Content-Type: text/xml"); diff --git a/twitter.php b/twitter.php index 2c325140..ab9e57a4 100644 --- a/twitter.php +++ b/twitter.php @@ -11,7 +11,7 @@ $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME); - init_connection($link); + if (!init_connection($link)) return; login_sequence($link); $owner_uid = $_SESSION["uid"]; diff --git a/update.php b/update.php index e6063a9e..2fa2e2f5 100755 --- a/update.php +++ b/update.php @@ -47,14 +47,6 @@ // Create a database connection. $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME); - if (!$link) { - if (DB_TYPE == "mysql") { - print mysql_error(); - } - // PG seems to display its own errors just fine by default. - return; - } - init_connection($link); if ($op == "-feeds") { diff --git a/update_daemon2.php b/update_daemon2.php index 06271de8..27b4c35d 100755 --- a/update_daemon2.php +++ b/update_daemon2.php @@ -133,13 +133,7 @@ // It is unnecessary to start the fork loop if database is not ok. $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME); - if (!$link) { - if (DB_TYPE == "mysql") { - print mysql_error(); - } - // PG seems to display its own errors just fine by default. - return; - } + if (!init_connection($link)) return; db_close($link); @@ -190,15 +184,7 @@ $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME); - if (!$link) { - if (DB_TYPE == "mysql") { - print mysql_error(); - } - // PG seems to display its own errors just fine by default. - return; - } - - init_connection($link); + if (!init_connection($link)) return; // We disable stamp file, since it is of no use in a multiprocess update. // not really, tho for the time being -fox